Merge pull request #1742 from kairoaraujo/issue#1713/test_fast-forwar…

…d_recovery_targets test targets fast-forward attack recovery
theupdateframework · Jan 7, 2022 · d8591e7 · d8591e7
2 parents 4917a5c + 5b4a47a
commit d8591e7
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/tests/test_updater_top_level_update.py b/tests/test_updater_top_level_update.py
@@ -540,6 +540,41 @@ def test_compute_metafile_hashes_length(self) -> None:
         self._assert_version_equals(Timestamp.type, 3)
         self._assert_version_equals(Snapshot.type, 3)
 
+    def test_new_targets_fast_forward_recovery(self) -> None:
+        """Test targets fast-forward recovery using key rotation.
+
+        The targets recovery is made by issuing new Snapshot keys, by following
+        steps:
+            - Remove the snapshot key
+            - Create and add a new key for snapshot
+            - Bump and publish root
+            - Rollback the target version
+        """
+        # attacker updates to a higher version
+        self.sim.targets.version = 99999
+        self.sim.update_snapshot()
+
+        # client refreshes the metadata and see the new targets version
+        self._run_refresh()
+        self._assert_version_equals(Targets.type, 99999)
+
+        # repo add new snapshot keys and recovers the targets version
+        self.sim.root.roles[Snapshot.type].keyids.clear()
+        self.sim.signers[Snapshot.type].clear()
+        snapshot_key, snapshot_signer = self.sim.create_key()
+        self.sim.root.add_key(Snapshot.type, snapshot_key)
+        self.sim.add_signer(Snapshot.type, snapshot_signer)
+
+        self.sim.root.version += 1
+        self.sim.publish_root()
+
+        self.sim.targets.version = 1
+        self.sim.update_snapshot()
+
+        # client refreshes the metadata version and see initial targets version
+        self._run_refresh()
+        self._assert_version_equals(Targets.type, 1)
+
 
 if __name__ == "__main__":
     if "--dump" in sys.argv: