1 /* 2 * Copyright (C) 2021 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.fsverity; 18 19 import static com.google.common.truth.Truth.assertThat; 20 import static com.google.common.truth.Truth.assertWithMessage; 21 22 import static org.junit.Assume.assumeTrue; 23 24 import com.android.tradefed.device.DeviceNotAvailableException; 25 import com.android.tradefed.device.ITestDevice; 26 import com.android.tradefed.log.LogUtil; 27 import com.android.tradefed.testtype.junit4.BaseHostJUnit4Test; 28 import com.android.tradefed.util.CommandResult; 29 import com.android.tradefed.util.CommandStatus; 30 31 import org.junit.rules.ExternalResource; 32 33 public final class AddFsVerityCertRule extends ExternalResource { 34 35 private static final String APK_VERITY_STANDARD_MODE = "2"; 36 37 private final BaseHostJUnit4Test mHost; 38 private final String mCertPath; 39 private String mKeyId; 40 AddFsVerityCertRule(BaseHostJUnit4Test host, String certPath)41 public AddFsVerityCertRule(BaseHostJUnit4Test host, String certPath) { 42 mHost = host; 43 mCertPath = certPath; 44 } 45 46 @Override before()47 protected void before() throws Throwable { 48 ITestDevice device = mHost.getDevice(); 49 String apkVerityMode = device.getProperty("ro.apk_verity.mode"); 50 assumeTrue(device.getLaunchApiLevel() >= 30 51 || APK_VERITY_STANDARD_MODE.equals(apkVerityMode)); 52 53 String keyId = executeCommand( 54 "mini-keyctl padd asymmetric fsv_test .fs-verity < " + mCertPath).trim(); 55 assertThat(keyId).matches("^\\d+$"); 56 mKeyId = keyId; 57 } 58 59 @Override after()60 protected void after() { 61 if (mKeyId == null) return; 62 try { 63 executeCommand("mini-keyctl unlink " + mKeyId + " .fs-verity"); 64 } catch (DeviceNotAvailableException e) { 65 LogUtil.CLog.e(e); 66 } 67 mKeyId = null; 68 } 69 executeCommand(String cmd)70 private String executeCommand(String cmd) throws DeviceNotAvailableException { 71 CommandResult result = mHost.getDevice().executeShellV2Command(cmd); 72 assertWithMessage("`" + cmd + "` failed: " + result.getStderr()) 73 .that(result.getStatus()) 74 .isEqualTo(CommandStatus.SUCCESS); 75 return result.getStdout(); 76 } 77 } 78