1# Copyright (c) 2013 The Chromium OS Authors. All rights reserved. 2# Use of this source code is governed by a BSD-style license that can be 3# found in the LICENSE file. 4 5from autotest_lib.client.common_lib import utils 6 7AUTHOR = "Chromium OS" 8NAME = "autoupdate_CatchBadSignatures" 9TIME = "MEDIUM" 10TEST_CATEGORY = "Functional" 11TEST_CLASS = "platform" 12TEST_TYPE = "server" 13JOB_RETRIES = 2 14# TODO(jorgelo): move this to bvt-cq after crbug.com/427384 is fixed. 15ATTRIBUTES = "suite:bvt-perbuild" 16BUG_TEMPLATE = { 17 'cc': ['chromeos-installer-alerts@google.com'], 18 'components': ['Internals>Installer'], 19} 20 21DOC = """ 22This is a test to verify that update_engine correctly checks 23signatures in the metadata hash and the update payload itself. This is 24achieved by feeding updates to update_engine where the private key 25used to make the signature, intentionally does not match with the 26public key used for verification. 27 28To run locally, you need to choose a devserver and a DUT that can reach each 29other. You cannot use a devserver on your workstation because it will not be 30accessible from any DUTs (due to SNAX). 31 32So lock a DUT that is not in use by the lab. 33Next, look up the dev_server_common.ini.erb (in repo chromeos_admin) for 34dev_server & restricted_subnet fields to pick a devserver in the same 35subnet with the testing DUT. 36 37Test that they can ping each other. 38 39You tell the test which devserver you want to use in this file: 40 src/third_party/autotest/files/shadow_config.ini 41 42by adding these lines: 43 44 [CROS] 45 dev_server = http://<hostname of devserver>:<port> 46 47With this in place, you can now run the test: 48 49 $ test_that <DUT_IP> autoupdate_CatchBadSignatures -b ${BOARD} 50 51""" 52 53def run_test(machine): 54 """Execute a test configuration on a given machine.""" 55 host = hosts.create_host(machine) 56 job.run_test("autoupdate_CatchBadSignatures", host=host) 57 58# Invoke parallel tests. 59parallel_simple(run_test, machines) 60