From 110c8a196b61db086fbe69fdfedc982de4e3fc50 Mon Sep 17 00:00:00 2001 From: Vladimir Diaz Date: Mon, 6 Apr 2015 20:05:41 -0400 Subject: [PATCH] Improve code coverage for updater.py --- tests/test_repository_lib.py | 2 - tests/test_updater.py | 83 ++++++++++++++++++++++++++++++++++-- tuf/pycrypto_keys.py | 4 +- 3 files changed, 81 insertions(+), 8 deletions(-) diff --git a/tests/test_repository_lib.py b/tests/test_repository_lib.py index e754d70e..6e0e0ce6 100755 --- a/tests/test_repository_lib.py +++ b/tests/test_repository_lib.py @@ -681,8 +681,6 @@ def test_sign_metadata(self): self.assertRaises(tuf.FormatError, repo_lib.sign_metadata, root_metadata, root_keyids, 3) - # Test for a key that does not contain the private portion. - def test_write_metadata_file(self): diff --git a/tests/test_updater.py b/tests/test_updater.py index 1e2de0ef..682ee6a7 100755 --- a/tests/test_updater.py +++ b/tests/test_updater.py @@ -457,12 +457,9 @@ def test_2__import_delegations(self): # one of the roles loaded from parent role's 'delegations'. - - - def test_2__fileinfo_has_changed(self): # Verify that the method returns 'False' if file info was not changed. root_filepath = os.path.join(self.client_metadata_current, 'root.json') @@ -875,6 +872,39 @@ def test_5_targets_of_role(self): + def test_6_refresh_tagets_metadata_chain(self): + # NOTE: This function does not refresh the role specified in the argument, + # only its parent roles. + + # Remove the metadata of the delegated roles. + os.remove(os.path.join(self.client_metadata_current, 'targets.json')) + os.remove(os.path.join(self.client_metadata_current, 'targets', 'role1.json')) + + # Test: normal case. + metadata_list = \ + self.repository_updater.refresh_targets_metadata_chain('targets') + + """ + print(repr(metadata_list)) + self.assertEqual(len(metadata_list), 0) + self.assertTrue('targets' in metadata_list) + + # Verify that the expected role files were downloaded and installed. + os.path.exists(os.path.join(self.client_metadata_current, 'targets.json')) + + self.assertTrue('targets' in self.repository_updater.metadata['current']) + self.assertFalse('targets/role1' in self.repository_updater.metadata['current']) + """ + # Test: Invalid arguments. + # refresh_targets_metadata_chain() expects a string rolename. + self.assertRaises(tuf.FormatError, + self.repository_updater.refresh_targets_metadata_chain, + 8) + self.assertRaises(tuf.RepositoryError, + self.repository_updater.refresh_targets_metadata_chain, + 'unknown_rolename') + + def test_6_target(self): # Setup @@ -983,6 +1013,7 @@ def test_6_download_target(self): target_fileinfo = self.repository_updater.target(target_filepath) self.repository_updater.download_target(target_fileinfo, destination_directory) + download_filepath = \ os.path.join(destination_directory, target_filepath.lstrip('/')) self.assertTrue(os.path.exists(download_filepath)) @@ -994,6 +1025,11 @@ def test_6_download_target(self): if 'custom' in target_fileinfo['fileinfo']: download_targetfileinfo['custom'] = target_fileinfo['fileinfo']['custom'] self.assertEqual(target_fileinfo['fileinfo'], download_targetfileinfo) + + # Test when consistent snapshots is set. + self.repository_updater.consistent_snapshots = True + self.repository_updater.download_target(target_fileinfo, + destination_directory) # Test: Invalid arguments. self.assertRaises(tuf.FormatError, self.repository_updater.download_target, @@ -1183,11 +1219,50 @@ def test_9__get_target_hash(self): self.assertEqual(self.repository_updater._get_target_hash(filepath), target_hash) # Test for improperly formatted argument. - self.assertRaises(tuf.FormatError, tuf.util.get_target_hash, 8) + #self.assertRaises(tuf.FormatError, self.repository_updater._get_target_hash, 8) + def test_10__hard_check_file_length(self): + # Test for exception if file object is not equal to trusted file length. + temp_file_object = tuf.util.TempFile() + temp_file_object.write('X') + temp_file_object.seek(0) + self.assertRaises(tuf.DownloadLengthMismatchError, + self.repository_updater._hard_check_file_length, + temp_file_object, 10) + + + + + + def test_10__soft_check_file_length(self): + # Test for exception if file object is not equal to trusted file length. + temp_file_object = tuf.util.TempFile() + temp_file_object.write('XXX') + temp_file_object.seek(0) + self.assertRaises(tuf.DownloadLengthMismatchError, + self.repository_updater._soft_check_file_length, + temp_file_object, 1) + + + + def test_10__targets_of_role(self): + # Test for non-existent role. + self.assertRaises(tuf.UnknownRoleError, + self.repository_updater._targets_of_role, + 'non-existent-role') + + # Test for role that hasn't been loaded yet. + del self.repository_updater.metadata['current']['targets'] + self.assertEqual(len(self.repository_updater._targets_of_role('targets')), + 0) + + + + + def _load_role_keys(keystore_directory): diff --git a/tuf/pycrypto_keys.py b/tuf/pycrypto_keys.py index b61fd9d6..85521376 100755 --- a/tuf/pycrypto_keys.py +++ b/tuf/pycrypto_keys.py @@ -304,13 +304,13 @@ def create_rsa_signature(private_key, data): pkcs1_pss_signer = Crypto.Signature.PKCS1_PSS.new(rsa_key_object) signature = pkcs1_pss_signer.sign(sha256_object) - except ValueError: + except ValueError: #pragma: no cover raise tuf.CryptoError('The RSA key too small for given hash algorithm.') except TypeError: raise tuf.CryptoError('Missing required RSA private key.') - except IndexError: + except IndexError: # pragma: no cover message = 'An RSA signature cannot be generated: ' + str(e) raise tuf.CryptoError(message)