summaryrefslogtreecommitdiff
path: root/tests/kernel_image_tests.c
diff options
context:
space:
mode:
authorGaurav Shah <gauravsh@chromium.org>2010-03-25 13:04:45 -0700
committerGaurav Shah <gauravsh@chromium.org>2010-03-25 13:04:45 -0700
commit3199eed3d37fa028c1a5e32d6b61aea00d35bc0c (patch)
treec6b889a514d282dcd26b0e9ae98c5917acb45f28 /tests/kernel_image_tests.c
parent785397136260359e47de94b16881fbab06a96b36 (diff)
downloadvboot-3199eed3d37fa028c1a5e32d6b61aea00d35bc0c.tar.gz
Move test utility functions to a common place.
Also removes the dev_mode flag from Firmware Image verification as key signature for the firmware should be checked whether or not dev mode is enabled. BUG=670 TEST=All tests still pass. Merge remote branch 'refs/remotes/origin/master' into fixtests Fix tests, remove dev mode. Move common code. Review URL: http://codereview.chromium.org/1280002
Diffstat (limited to 'tests/kernel_image_tests.c')
-rw-r--r--tests/kernel_image_tests.c179
1 files changed, 49 insertions, 130 deletions
diff --git a/tests/kernel_image_tests.c b/tests/kernel_image_tests.c
index d958c0fa..a5650115 100644
--- a/tests/kernel_image_tests.c
+++ b/tests/kernel_image_tests.c
@@ -11,143 +11,70 @@
#include "file_keys.h"
#include "kernel_image.h"
#include "rsa_utility.h"
+#include "test_common.h"
#include "utility.h"
-/* ANSI Color coding sequences. */
-#define COL_GREEN "\e[1;32m"
-#define COL_RED "\e[0;31m"
-#define COL_STOP "\e[m"
-
-int TEST_EQ(int result, int expected_result, char* testname) {
- if (result == expected_result) {
- fprintf(stderr, "%s Test " COL_GREEN " PASSED\n" COL_STOP, testname);
- return 1;
- }
- else {
- fprintf(stderr, "%s Test " COL_RED " FAILED\n" COL_STOP, testname);
- return 0;
- }
-}
-
-KernelImage* GenerateTestKernelImage(int firmware_sign_algorithm,
- int kernel_sign_algorithm,
- uint8_t* kernel_sign_key,
- int kernel_key_version,
- int kernel_version,
- int kernel_len) {
- KernelImage* image = KernelImageNew();
-
- Memcpy(image->magic, KERNEL_MAGIC, KERNEL_MAGIC_SIZE);
- image->header_version = 1;
- image->firmware_sign_algorithm = firmware_sign_algorithm;
- image->kernel_sign_algorithm = kernel_sign_algorithm;
- image->kernel_key_version = kernel_key_version;
- image->kernel_sign_key = (uint8_t*) Malloc(
- RSAProcessedKeySize(image->kernel_sign_algorithm));
- Memcpy(image->kernel_sign_key, kernel_sign_key,
- RSAProcessedKeySize(image->kernel_sign_algorithm));
-
- /* Update correct header length. */
- image->header_len = GetKernelHeaderLen(image);
-
- /* Calculate SHA-512 digest on header and populate header_checksum. */
- CalculateKernelHeaderChecksum(image, image->header_checksum);
-
- /* Populate kernel options and data with dummy data. */
- image->kernel_version = kernel_version;
- image->options.version[0] = 1;
- image->options.version[1] = 0;
- Memset(image->options.cmd_line, 0, sizeof(image->options.cmd_line));
- image->options.kernel_len = kernel_len;
- image->options.kernel_load_addr = 0;
- image->options.kernel_entry_addr = 0;
- image->kernel_key_signature = image->kernel_signature = NULL;
- image->kernel_data = Malloc(kernel_len);
- Memset(image->kernel_data, 'F', kernel_len);
-
- return image;
-}
-
#define DEV_MODE_ENABLED 1
#define DEV_MODE_DISABLED 0
/* Normal Kernel Blob Verification Tests. */
-int VerifyKernelTest(uint8_t* kernel_blob, uint8_t* firmware_key_blob) {
- int success = 1;
- if (!TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal Kernel Blob Verification (Dev Mode)"))
- success = 0;
-
- if (!TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, DEV_MODE_DISABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal Kernel Blob Verification (Trusted)"))
- success = 0;
- return success;
+void VerifyKernelTest(uint8_t* kernel_blob, uint8_t* firmware_key_blob) {
+ TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, DEV_MODE_ENABLED),
+ VERIFY_KERNEL_SUCCESS,
+ "Normal Kernel Blob Verification (Dev Mode)");
+
+ TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, DEV_MODE_DISABLED),
+ VERIFY_KERNEL_SUCCESS,
+ "Normal Kernel Blob Verification (Trusted)");
}
/* Normal KernelImage Verification Tests. */
-int VerifyKernelImageTest(KernelImage* image,
+void VerifyKernelImageTest(KernelImage* image,
RSAPublicKey* firmware_key) {
- int success = 1;
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal KernelImage Verification (Dev Mode)"))
- success = 0;
-
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_SUCCESS,
- "Normal KernelImage Verification (Trusted)"))
- success = 0;
- return success;
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
+ VERIFY_KERNEL_SUCCESS,
+ "Normal KernelImage Verification (Dev Mode)");
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
+ VERIFY_KERNEL_SUCCESS,
+ "Normal KernelImage Verification (Trusted)");
}
/* Tampered KernelImage Verification Tests. */
-int VerifyKernelImageTamperTest(KernelImage* image,
- RSAPublicKey* firmware_key) {
- int success = 1;
- fprintf(stderr, "[[Tampering with kernel config....]]\n");
+void VerifyKernelImageTamperTest(KernelImage* image,
+ RSAPublicKey* firmware_key) {
image->options.kernel_load_addr = 0xFFFF;
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED,
- "KernelImage Config Tamper Verification (Dev Mode)"))
- success = 0;
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED,
- "KernelImage Config Tamper Verification (Trusted)"))
- success = 0;
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
+ VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED,
+ "KernelImage Config Tamper Verification (Dev Mode)");
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
+ VERIFY_KERNEL_CONFIG_SIGNATURE_FAILED,
+ "KernelImage Config Tamper Verification (Trusted)");
image->options.kernel_load_addr = 0;
image->kernel_data[0] = 'T';
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SIGNATURE_FAILED,
- "KernelImage Tamper Verification (Dev Mode)"))
- success = 0;
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_SIGNATURE_FAILED,
- "KernelImage Tamper Verification (Trusted)"))
- success = 0;
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
+ VERIFY_KERNEL_SIGNATURE_FAILED,
+ "KernelImage Tamper Verification (Dev Mode)");
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
+ VERIFY_KERNEL_SIGNATURE_FAILED,
+ "KernelImage Tamper Verification (Trusted)");
image->kernel_data[0] = 'F';
-
- fprintf(stderr, "[[Tampering with kernel key signature...]]\n");
image->kernel_key_signature[0] = 0xFF;
image->kernel_key_signature[1] = 0x00;
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
- VERIFY_KERNEL_SUCCESS,
- "KernelImage Key Signature Tamper Verification (Dev Mode)"))
- success = 0;
- if (!TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
- VERIFY_KERNEL_KEY_SIGNATURE_FAILED,
- "KernelImage Key Signature Tamper Verification (Trusted)"))
- success = 0;
-
- return success;
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_ENABLED),
+ VERIFY_KERNEL_SUCCESS,
+ "KernelImage Key Signature Tamper Verification (Dev Mode)");
+ TEST_EQ(VerifyKernelImage(firmware_key, image, DEV_MODE_DISABLED),
+ VERIFY_KERNEL_KEY_SIGNATURE_FAILED,
+ "KernelImage Key Signature Tamper Verification (Trusted)");
}
int main(int argc, char* argv[]) {
uint64_t len;
+ const char* firmware_key_file = NULL;
+ const char* kernel_key_file = NULL;
uint8_t* kernel_sign_key_buf = NULL;
uint8_t* firmware_key_blob = NULL;
uint8_t* kernel_blob = NULL;
@@ -171,6 +98,9 @@ int main(int argc, char* argv[]) {
firmware_key = RSAPublicKeyFromFile(argv[4]);
firmware_key_blob = BufferFromFile(argv[4], &len);
kernel_sign_key_buf = BufferFromFile(argv[6], &len);
+ firmware_key_file = argv[3];
+ kernel_key_file = argv[5];
+
if (!firmware_key || !kernel_sign_key_buf || !kernel_sign_key_buf) {
error_code = 1;
goto failure;
@@ -181,35 +111,24 @@ int main(int argc, char* argv[]) {
kernel_sign_key_buf,
1, /* Kernel Key Version */
1, /* Kernel Version */
- 1000); /* Kernel Size */
+ 1000, /* Kernel Size */
+ firmware_key_file,
+ kernel_key_file);
if (!image) {
error_code = 1;
goto failure;
}
- /* Generate and populate signatures. */
- if (!AddKernelKeySignature(image, argv[3])) {
- fprintf(stderr, "Couldn't create key signature.\n");
- error_code = 1;
- goto failure;
- }
-
- if (!AddKernelSignature(image, argv[5])) {
- fprintf(stderr, "Couldn't create kernel option and kernel signature.\n");
- error_code = 1;
- goto failure;
- }
-
kernel_blob = GetKernelBlob(image, &kernel_blob_len);
/* Test Kernel blob verify operations. */
- if (!VerifyKernelTest(kernel_blob, firmware_key_blob))
- error_code = 255;
+ VerifyKernelTest(kernel_blob, firmware_key_blob);
/* Test KernelImage verify operations. */
- if (!VerifyKernelImageTest(image, firmware_key))
- error_code = 255;
- if (!VerifyKernelImageTamperTest(image, firmware_key))
+ VerifyKernelImageTest(image, firmware_key);
+ VerifyKernelImageTamperTest(image, firmware_key);
+
+ if (!gTestSuccess)
error_code = 255;
failure:
View Lorry Controller Status