github.com/hugh712/snapd@v0.0.0-20200910133618-1a99902bd583/secboot/export_test.go

github.com/hugh712/snapd@v0.0.0-20200910133618-1a99902bd583/secboot/export_test.go (about)

     1  // -*- Mode: Go; indent-tabs-mode: t -*-
     2  // +build !nosecboot
     3  
     4  /*
     5   * Copyright (C) 2020 Canonical Ltd
     6   *
     7   * This program is free software: you can redistribute it and/or modify
     8   * it under the terms of the GNU General Public License version 3 as
     9   * published by the Free Software Foundation.
    10   *
    11   * This program is distributed in the hope that it will be useful,
    12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
    13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14   * GNU General Public License for more details.
    15   *
    16   * You should have received a copy of the GNU General Public License
    17   * along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18   *
    19   */
    20  
    21  package secboot
    22  
    23  import (
    24  	"io"
    25  
    26  	sb "github.com/snapcore/secboot"
    27  
    28  	"github.com/snapcore/snapd/asserts"
    29  )
    30  
    31  var (
    32  	EFIImageFromBootFile = efiImageFromBootFile
    33  )
    34  
    35  func MockSbConnectToDefaultTPM(f func() (*sb.TPMConnection, error)) (restore func()) {
    36  	old := sbConnectToDefaultTPM
    37  	sbConnectToDefaultTPM = f
    38  	return func() {
    39  		sbConnectToDefaultTPM = old
    40  	}
    41  }
    42  
    43  func MockSbProvisionTPM(f func(tpm *sb.TPMConnection, mode sb.ProvisionMode, newLockoutAuth []byte) error) (restore func()) {
    44  	old := sbProvisionTPM
    45  	sbProvisionTPM = f
    46  	return func() {
    47  		sbProvisionTPM = old
    48  	}
    49  }
    50  
    51  func MockSbAddEFISecureBootPolicyProfile(f func(profile *sb.PCRProtectionProfile, params *sb.EFISecureBootPolicyProfileParams) error) (restore func()) {
    52  	old := sbAddEFISecureBootPolicyProfile
    53  	sbAddEFISecureBootPolicyProfile = f
    54  	return func() {
    55  		sbAddEFISecureBootPolicyProfile = old
    56  	}
    57  }
    58  
    59  func MockSbAddSystemdEFIStubProfile(f func(profile *sb.PCRProtectionProfile, params *sb.SystemdEFIStubProfileParams) error) (restore func()) {
    60  	old := sbAddSystemdEFIStubProfile
    61  	sbAddSystemdEFIStubProfile = f
    62  	return func() {
    63  		sbAddSystemdEFIStubProfile = old
    64  	}
    65  }
    66  
    67  func MockSbAddSnapModelProfile(f func(profile *sb.PCRProtectionProfile, params *sb.SnapModelProfileParams) error) (restore func()) {
    68  	old := sbAddSnapModelProfile
    69  	sbAddSnapModelProfile = f
    70  	return func() {
    71  		sbAddSnapModelProfile = old
    72  	}
    73  }
    74  
    75  func MockSbSealKeyToTPM(f func(tpm *sb.TPMConnection, key []byte, keyPath, policyUpdatePath string, params *sb.KeyCreationParams) error) (restore func()) {
    76  	old := sbSealKeyToTPM
    77  	sbSealKeyToTPM = f
    78  	return func() {
    79  		sbSealKeyToTPM = old
    80  	}
    81  }
    82  
    83  func MockSbLockAccessToSealedKeys(f func(tpm *sb.TPMConnection) error) (restore func()) {
    84  	old := sbLockAccessToSealedKeys
    85  	sbLockAccessToSealedKeys = f
    86  	return func() {
    87  		sbLockAccessToSealedKeys = old
    88  	}
    89  }
    90  
    91  func MockSbActivateVolumeWithRecoveryKey(f func(volumeName, sourceDevicePath string,
    92  	keyReader io.Reader, options *sb.ActivateWithRecoveryKeyOptions) error) (restore func()) {
    93  	old := sbActivateVolumeWithRecoveryKey
    94  	sbActivateVolumeWithRecoveryKey = f
    95  	return func() {
    96  		sbActivateVolumeWithRecoveryKey = old
    97  	}
    98  }
    99  
   100  func MockSbActivateVolumeWithTPMSealedKey(f func(tpm *sb.TPMConnection, volumeName, sourceDevicePath, keyPath string,
   101  	pinReader io.Reader, options *sb.ActivateWithTPMSealedKeyOptions) (bool, error)) (restore func()) {
   102  	old := sbActivateVolumeWithTPMSealedKey
   103  	sbActivateVolumeWithTPMSealedKey = f
   104  	return func() {
   105  		sbActivateVolumeWithTPMSealedKey = old
   106  	}
   107  }
   108  
   109  func MockSbMeasureSnapSystemEpochToTPM(f func(tpm *sb.TPMConnection, pcrIndex int) error) (restore func()) {
   110  	old := sbMeasureSnapSystemEpochToTPM
   111  	sbMeasureSnapSystemEpochToTPM = f
   112  	return func() {
   113  		sbMeasureSnapSystemEpochToTPM = old
   114  	}
   115  }
   116  
   117  func MockSbMeasureSnapModelToTPM(f func(tpm *sb.TPMConnection, pcrIndex int, model *asserts.Model) error) (restore func()) {
   118  	old := sbMeasureSnapModelToTPM
   119  	sbMeasureSnapModelToTPM = f
   120  	return func() {
   121  		sbMeasureSnapModelToTPM = old
   122  	}
   123  }
   124  
   125  func MockRandomKernelUUID(f func() string) (restore func()) {
   126  	old := randutilRandomKernelUUID
   127  	randutilRandomKernelUUID = f
   128  	return func() {
   129  		randutilRandomKernelUUID = old
   130  	}
   131  }
   132  
   133  func MockSbInitializeLUKS2Container(f func(devicePath, label string, key []byte) error) (restore func()) {
   134  	old := sbInitializeLUKS2Container
   135  	sbInitializeLUKS2Container = f
   136  	return func() {
   137  		sbInitializeLUKS2Container = old
   138  	}
   139  }
   140  
   141  func MockSbAddRecoveryKeyToLUKS2Container(f func(devicePath string, key []byte, recoveryKey [16]byte) error) (restore func()) {
   142  	old := sbAddRecoveryKeyToLUKS2Container
   143  	sbAddRecoveryKeyToLUKS2Container = f
   144  	return func() {
   145  		sbAddRecoveryKeyToLUKS2Container = old
   146  	}
   147  }
   148  
   149  func MockIsTPMEnabled(f func(tpm *sb.TPMConnection) bool) (restore func()) {
   150  	old := isTPMEnabled
   151  	isTPMEnabled = f
   152  	return func() {
   153  		isTPMEnabled = old
   154  	}
   155  }