github.com/bugraaydogar/snapd@v0.0.0-20210315170335-8c70bb858939/daemon/api_system_recovery_keys_test.go

github.com/bugraaydogar/snapd@v0.0.0-20210315170335-8c70bb858939/daemon/api_system_recovery_keys_test.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  
     3  /*
     4   * Copyright (C) 2020 Canonical Ltd
     5   *
     6   * This program is free software: you can redistribute it and/or modify
     7   * it under the terms of the GNU General Public License version 3 as
     8   * published by the Free Software Foundation.
     9   *
    10   * This program is distributed in the hope that it will be useful,
    11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13   * GNU General Public License for more details.
    14   *
    15   * You should have received a copy of the GNU General Public License
    16   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17   *
    18   */
    19  
    20  package daemon_test
    21  
    22  import (
    23  	"encoding/hex"
    24  	"io/ioutil"
    25  	"net/http"
    26  	"net/http/httptest"
    27  	"os"
    28  	"path/filepath"
    29  
    30  	. "gopkg.in/check.v1"
    31  
    32  	"github.com/snapcore/snapd/client"
    33  	"github.com/snapcore/snapd/daemon"
    34  	"github.com/snapcore/snapd/dirs"
    35  	"github.com/snapcore/snapd/secboot"
    36  )
    37  
    38  var _ = Suite(&recoveryKeysSuite{})
    39  
    40  type recoveryKeysSuite struct {
    41  	apiBaseSuite
    42  }
    43  
    44  func mockSystemRecoveryKeys(c *C) {
    45  	// same inputs/outputs as secboot:crypt_test.go in this test
    46  	rkeystr, err := hex.DecodeString("e1f01302c5d43726a9b85b4a8d9c7f6e")
    47  	c.Assert(err, IsNil)
    48  	rkeyPath := filepath.Join(dirs.SnapFDEDir, "recovery.key")
    49  	err = os.MkdirAll(filepath.Dir(rkeyPath), 0755)
    50  	c.Assert(err, IsNil)
    51  	err = ioutil.WriteFile(rkeyPath, []byte(rkeystr), 0644)
    52  	c.Assert(err, IsNil)
    53  
    54  	skeystr := "1234567890123456"
    55  	c.Assert(err, IsNil)
    56  	skeyPath := filepath.Join(dirs.SnapFDEDir, "reinstall.key")
    57  	err = ioutil.WriteFile(skeyPath, []byte(skeystr), 0644)
    58  	c.Assert(err, IsNil)
    59  }
    60  
    61  func (s *recoveryKeysSuite) TestSystemGetRecoveryKeysAsRootHappy(c *C) {
    62  	if (secboot.RecoveryKey{}).String() == "not-implemented" {
    63  		c.Skip("needs working secboot recovery key")
    64  	}
    65  
    66  	s.daemon(c)
    67  	mockSystemRecoveryKeys(c)
    68  
    69  	req, err := http.NewRequest("GET", "/v2/system-recovery-keys", nil)
    70  	c.Assert(err, IsNil)
    71  
    72  	rsp := s.req(c, req, nil).(*daemon.Resp)
    73  	c.Assert(rsp.Status, Equals, 200)
    74  	srk := rsp.Result.(*client.SystemRecoveryKeysResponse)
    75  	c.Assert(srk, DeepEquals, &client.SystemRecoveryKeysResponse{
    76  		RecoveryKey:  "61665-00531-54469-09783-47273-19035-40077-28287",
    77  		ReinstallKey: "12849-13363-13877-14391-12345-12849-13363-13877",
    78  	})
    79  }
    80  
    81  func (s *recoveryKeysSuite) TestSystemGetRecoveryAsUserErrors(c *C) {
    82  	s.daemon(c)
    83  	mockSystemRecoveryKeys(c)
    84  
    85  	req, err := http.NewRequest("GET", "/v2/system-recovery-keys", nil)
    86  	c.Assert(err, IsNil)
    87  
    88  	req.RemoteAddr = "pid=100;uid=1000;socket=;"
    89  	rec := httptest.NewRecorder()
    90  	s.serveHTTP(c, rec, req)
    91  	c.Assert(rec.Code, Equals, 401)
    92  }