summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorJoel Kitching <kitching@google.com>2019-07-22 10:23:06 +0800
committerCommit Bot <commit-bot@chromium.org>2019-07-24 06:53:40 +0000
commit34abb32ed2e48ccad95320c37fb001df8e3442fd (patch)
treef545be6d773fc5b8b0c1a1a65b506117b36ce6c3 /tests
parent38f135e83e1d213fde64ac32bd366339f32f29fa (diff)
downloadvboot-34abb32ed2e48ccad95320c37fb001df8e3442fd.tar.gz
vboot: remove Boot Descriptor Block (BDB) library and utilities
Remove unused BDB code, previously created for a cancelled SoC project. BUG=b:124141368, chromium:986177 TEST=make clean && make runtests BRANCH=none Change-Id: I91faf97d9850f8afb816fa324ad9a4d9f3842888 Signed-off-by: Joel Kitching <kitching@google.com> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/1710336 Tested-by: Joel Kitching <kitching@chromium.org> Reviewed-by: Joel Kitching <kitching@chromium.org> Commit-Queue: Joel Kitching <kitching@chromium.org>
Diffstat (limited to 'tests')
-rw-r--r--tests/bdb_nvm_test.c60
-rw-r--r--tests/bdb_sprw_test.c684
-rw-r--r--tests/bdb_test.c504
-rw-r--r--tests/futility/data/bdb.binbin3716 -> 0 bytes
-rwxr-xr-xtests/futility/run_test_scripts.sh1
-rwxr-xr-xtests/futility/test_bdb.sh100
-rw-r--r--tests/futility/test_file_types.c1
-rwxr-xr-xtests/futility/test_file_types.sh1
-rw-r--r--tests/testdata/bdbkey_digest.bin1
-rw-r--r--tests/testkeys/bdbkey.crt33
-rw-r--r--tests/testkeys/bdbkey.keybbin1032 -> 0 bytes
-rw-r--r--tests/testkeys/bdbkey.pem51
12 files changed, 0 insertions, 1436 deletions
diff --git a/tests/bdb_nvm_test.c b/tests/bdb_nvm_test.c
deleted file mode 100644
index d69391c0..00000000
--- a/tests/bdb_nvm_test.c
+++ /dev/null
@@ -1,60 +0,0 @@
-/* Copyright 2015 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Unit tests NVM
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "bdb_api.h"
-#include "test_common.h"
-
-static void test_nvmrw(void)
-{
- struct vba_context ctx;
- uint32_t val;
-
- memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw));
-
- TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_UPDATE_COUNT, 1), NULL);
- TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_UPDATE_COUNT, &val), NULL);
- TEST_EQ(val, 1, NULL);
-
- TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_MIN_KERNEL_DATA_KEY_VERSION, 1),
- NULL);
- TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_MIN_KERNEL_DATA_KEY_VERSION, &val),
- NULL);
- TEST_EQ(val, 1, NULL);
-
- TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_MIN_KERNEL_VERSION, 1), NULL);
- TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_MIN_KERNEL_VERSION, &val), NULL);
- TEST_EQ(val, 1, NULL);
-
- TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_BUC_TYPE, 1), NULL);
- TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_BUC_TYPE, &val), NULL);
- TEST_EQ(val, 1, NULL);
-
- TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_FLAG_BUC_PRESENT, 1), NULL);
- TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_FLAG_BUC_PRESENT, &val), NULL);
- TEST_TRUE(val, NULL);
-
- TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_FLAG_DFM_DISABLE, 1), NULL);
- TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_FLAG_DFM_DISABLE, &val), NULL);
- TEST_TRUE(val, NULL);
-
- TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_FLAG_DOSM, 1), NULL);
- TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_FLAG_DOSM, &val), NULL);
- TEST_TRUE(val, NULL);
-}
-
-int main(int argc, char *argv[])
-{
- printf("Running BDB NVM tests...\n");
-
- test_nvmrw();
-
- return gTestSuccess ? 0 : 255;
-}
diff --git a/tests/bdb_sprw_test.c b/tests/bdb_sprw_test.c
deleted file mode 100644
index 8395275c..00000000
--- a/tests/bdb_sprw_test.c
+++ /dev/null
@@ -1,684 +0,0 @@
-/* Copyright 2015 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Unit tests
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <openssl/aes.h>
-
-#include "2sha.h"
-#include "2hmac.h"
-#include "bdb.h"
-#include "bdb_api.h"
-#include "bdb_struct.h"
-#include "host.h"
-#include "test_common.h"
-#include "vboot_register.h"
-#include "secrets.h"
-
-static struct bdb_header *bdb, *bdb0, *bdb1;
-static uint32_t vboot_register;
-static uint32_t vboot_register_persist;
-static char slot_selected;
-static uint8_t aprw_digest[BDB_SHA256_DIGEST_SIZE];
-static uint8_t reset_count;
-
-/* NVM-RW image in storage (e.g. EEPROM) */
-static uint8_t nvmrw1[NVM_RW_MAX_STRUCT_SIZE];
-static uint8_t nvmrw2[NVM_RW_MAX_STRUCT_SIZE];
-
-static struct bdb_secrets secrets = {
- .nvm_wp = {0x00, },
- .nvm_rw = {0x00, },
- .bdb = {0x00, },
- .boot_verified = {0x00, },
- .boot_path = {0x00, },
- .buc = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
- 0xff, 0xff},
-};
-
-static int vbe_write_nvm_failure = 0;
-
-static struct bdb_header *create_bdb(const char *key_dir,
- struct bdb_hash *hash, int num_hashes)
-{
- struct bdb_header *b;
- uint8_t oem_area_0[32] = "Some OEM area.";
- uint8_t oem_area_1[64] = "Some other OEM area.";
- char filename[1024];
-
- struct bdb_create_params p = {
- .bdb_load_address = 0x11223344,
- .oem_area_0 = oem_area_0,
- .oem_area_0_size = sizeof(oem_area_0),
- .oem_area_1 = oem_area_1,
- .oem_area_1_size = sizeof(oem_area_1),
- .header_sig_description = (char *)"The header sig",
- .data_sig_description = (char *)"The data sig",
- .data_description = (char *)"Test BDB data",
- .data_version = 3,
- .hash = hash,
- .num_hashes = num_hashes,
- };
-
- uint8_t bdbkey_digest[BDB_SHA256_DIGEST_SIZE];
-
- /* Load keys */
- snprintf(filename, sizeof(filename), "%s/bdbkey.keyb", key_dir);
- p.bdbkey = bdb_create_key(filename, 100, "BDB key");
- snprintf(filename, sizeof(filename), "%s/datakey.keyb", key_dir);
- p.datakey = bdb_create_key(filename, 200, "datakey");
- snprintf(filename, sizeof(filename), "%s/bdbkey.pem", key_dir);
- p.private_bdbkey = read_pem(filename);
- snprintf(filename, sizeof(filename), "%s/datakey.pem", key_dir);
- p.private_datakey = read_pem(filename);
- if (!p.bdbkey || !p.datakey || !p.private_bdbkey || !p.private_datakey) {
- fprintf(stderr, "Unable to load test keys\n");
- exit(2);
- }
-
- vb2_digest_buffer((uint8_t *)p.bdbkey, p.bdbkey->struct_size,
- VB2_HASH_SHA256,
- bdbkey_digest, BDB_SHA256_DIGEST_SIZE);
-
- b = bdb_create(&p);
- if (!b) {
- fprintf(stderr, "Unable to create test BDB\n");
- exit(2);
- }
-
- /* Free keys and buffers */
- free(p.bdbkey);
- free(p.datakey);
- RSA_free(p.private_bdbkey);
- RSA_free(p.private_datakey);
-
- return b;
-}
-
-static void calculate_aprw_digest(const struct bdb_hash *hash, uint8_t *digest)
-{
- /* Locate AP-RW */
- /* Calculate digest as loading AP-RW */
- memcpy(digest, aprw_digest, sizeof(aprw_digest));
-}
-
-static void verstage_main(void)
-{
- struct vba_context ctx;
- const struct bdb_hash *hash;
- uint8_t digest[BDB_SHA256_DIGEST_SIZE];
- int rv;
-
- rv = vba_bdb_init(&ctx);
- if (rv) {
- fprintf(stderr, "Initializing context failed for (%d)\n", rv);
- vba_bdb_fail(&ctx);
- /* This return is needed for unit test. vba_bdb_fail calls
- * vbe_reset, which calls verstage_main. If verstage_main
- * successfully returns, we return here as well. */
- return;
- }
- fprintf(stderr, "Initialized context. Trying slot %c\n",
- ctx.slot ? 'B' : 'A');
-
- /* 1. Locate BDB */
-
- /* 2. Get bdb_hash structure for AP-RW */
- hash = bdb_get_hash_by_type(bdb, BDB_DATA_AP_RW);
- fprintf(stderr, "Got hash of AP-RW\n");
-
- /* 3. Load & calculate digest of AP-RW */
- calculate_aprw_digest(hash, digest);
- fprintf(stderr, "Calculated digest\n");
-
- /* 4. Compare digests */
- if (memcmp(hash->digest, digest, BDB_SHA256_DIGEST_SIZE)) {
- fprintf(stderr, "Digests do not match\n");
- vba_bdb_fail(&ctx);
- /* This return is needed for unit test. vba_bdb_fail calls
- * vbe_reset, which calls verstage_main. If verstage_main
- * successfully returns, we return here as well. */
- return;
- }
-
- /* 5. Record selected slot. This depends on the firmware */
- slot_selected = ctx.slot ? 'B' : 'A';
- fprintf(stderr, "Selected AP-RW in slot %c\n", slot_selected);
-
- /* X. This should be done upon AP-RW's request after everything is
- * successful. We do it here for the unit test. */
- vba_bdb_finalize(&ctx);
-}
-
-uint32_t vbe_get_vboot_register(enum vboot_register type)
-{
- switch (type) {
- case VBOOT_REGISTER:
- return vboot_register;
- case VBOOT_REGISTER_PERSIST:
- return vboot_register_persist;
- default:
- fprintf(stderr, "Invalid vboot register type (%d)\n", type);
- exit(2);
- }
-}
-
-void vbe_set_vboot_register(enum vboot_register type, uint32_t val)
-{
- switch (type) {
- case VBOOT_REGISTER:
- vboot_register = val;
- break;
- case VBOOT_REGISTER_PERSIST:
- vboot_register_persist = val;
- break;
- default:
- fprintf(stderr, "Invalid vboot register type (%d)\n", type);
- exit(2);
- }
-}
-
-void vbe_reset(void)
-{
- uint32_t val = vbe_get_vboot_register(VBOOT_REGISTER_PERSIST);
-
- fprintf(stderr, "Booting ...\n");
-
- if (++reset_count > 5) {
- fprintf(stderr, "Reset counter exceeded maximum value\n");
- exit(2);
- }
-
- /* Emulate warm reset */
- vboot_register = 0;
- if (val & VBOOT_REGISTER_RECOVERY_REQUEST) {
- fprintf(stderr, "Recovery requested\n");
- return;
- }
- /* Selected by SP-RO */
- bdb = (val & VBOOT_REGISTER_TRY_SECONDARY_BDB) ? bdb1 : bdb0;
- verstage_main();
-}
-
-static void test_verify_aprw(const char *key_dir)
-{
- struct bdb_hash hash0 = {
- .offset = 0x28000,
- .size = 0x20000,
- .partition = 1,
- .type = BDB_DATA_AP_RW,
- .load_address = 0x200000,
- .digest = {0x11, 0x11, 0x11, 0x11},
- };
- struct bdb_hash hash1 = {
- .offset = 0x28000,
- .size = 0x20000,
- .partition = 1,
- .type = BDB_DATA_AP_RW,
- .load_address = 0x200000,
- .digest = {0x22, 0x22, 0x22, 0x22},
- };
-
- bdb0 = create_bdb(key_dir, &hash0, 1);
- bdb1 = create_bdb(key_dir, &hash1, 1);
- memset(aprw_digest, 0, BDB_SHA256_DIGEST_SIZE);
-
- /* (slotA, slotB) = (good, bad) */
- reset_count = 0;
- vboot_register_persist = 0;
- slot_selected = 'X';
- memcpy(aprw_digest, hash0.digest, 4);
- vbe_reset();
- TEST_EQ(reset_count, 1, NULL);
- TEST_EQ(slot_selected, 'A', NULL);
- TEST_FALSE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_PRIMARY,
- NULL);
- TEST_FALSE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_SECONDARY,
- NULL);
-
- /* (slotA, slotB) = (bad, good) */
- reset_count = 0;
- vboot_register_persist = 0;
- slot_selected = 'X';
- memcpy(aprw_digest, hash1.digest, 4);
- vbe_reset();
- TEST_EQ(reset_count, 3, NULL);
- TEST_EQ(slot_selected, 'B', NULL);
- TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_PRIMARY,
- NULL);
- TEST_FALSE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_SECONDARY,
- NULL);
-
- /* (slotA, slotB) = (bad, bad) */
- reset_count = 0;
- vboot_register_persist = 0;
- slot_selected = 'X';
- memset(aprw_digest, 0, BDB_SHA256_DIGEST_SIZE);
- vbe_reset();
- TEST_EQ(reset_count, 5, NULL);
- TEST_EQ(slot_selected, 'X', NULL);
- TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_PRIMARY,
- NULL);
- TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_SECONDARY,
- NULL);
- TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_RECOVERY_REQUEST,
- NULL);
-
- /* Clean up */
- free(bdb0);
- free(bdb1);
-}
-
-int vbe_read_nvm(enum nvm_type type, uint8_t *buf, uint32_t size)
-{
- /* Read NVM-RW contents (from EEPROM for example) */
- switch (type) {
- case NVM_TYPE_RW_PRIMARY:
- if (sizeof(nvmrw1) < size)
- return -1;
- memcpy(buf, nvmrw1, size);
- break;
- case NVM_TYPE_RW_SECONDARY:
- if (sizeof(nvmrw2) < size)
- return -1;
- memcpy(buf, nvmrw2, size);
- break;
- default:
- return -1;
- }
- return 0;
-}
-
-int vbe_write_nvm(enum nvm_type type, void *buf, uint32_t size)
-{
- if (vbe_write_nvm_failure > 0) {
- fprintf(stderr, "Failed to write NVM (type=%d failure=%d)\n",
- type, vbe_write_nvm_failure);
- vbe_write_nvm_failure--;
- return -1;
- }
-
- /* Write NVM-RW contents (to EEPROM for example) */
- switch (type) {
- case NVM_TYPE_RW_PRIMARY:
- memcpy(nvmrw1, buf, size);
- break;
- case NVM_TYPE_RW_SECONDARY:
- memcpy(nvmrw2, buf, size);
- break;
- default:
- return -1;
- }
- return 0;
-}
-
-static void install_nvm(enum nvm_type type,
- uint32_t min_kernel_data_key_version,
- uint32_t min_kernel_version,
- uint32_t update_count)
-{
- struct nvmrw nvm = {
- .struct_magic = NVM_RW_MAGIC,
- .struct_major_version = NVM_HEADER_VERSION_MAJOR,
- .struct_minor_version = NVM_HEADER_VERSION_MINOR,
- .struct_size = sizeof(struct nvmrw),
- .min_kernel_data_key_version = min_kernel_data_key_version,
- .min_kernel_version = min_kernel_version,
- .update_count = update_count,
- };
-
- /* Compute HMAC */
- hmac(VB2_HASH_SHA256, secrets.nvm_rw, BDB_SECRET_SIZE,
- &nvm, nvm.struct_size - sizeof(nvm.hmac),
- nvm.hmac, sizeof(nvm.hmac));
-
- /* Install NVM-RWs (in EEPROM for example) */
- switch (type) {
- case NVM_TYPE_RW_PRIMARY:
- memset(nvmrw1, 0, sizeof(nvmrw1));
- memcpy(nvmrw1, &nvm, sizeof(nvm));
- break;
- case NVM_TYPE_RW_SECONDARY:
- memset(nvmrw2, 0, sizeof(nvmrw2));
- memcpy(nvmrw2, &nvm, sizeof(nvm));
- break;
- default:
- fprintf(stderr, "Unsupported NVM type (%d)\n", type);
- exit(2);
- return;
- }
-}
-
-static void test_nvm_read(void)
-{
- struct vba_context ctx = {
- .bdb = NULL,
- .secrets = &secrets,
- };
- struct nvmrw *nvm;
- uint8_t nvmrw1_copy[NVM_RW_MAX_STRUCT_SIZE];
- uint8_t nvmrw2_copy[NVM_RW_MAX_STRUCT_SIZE];
-
- install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0);
- install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0);
- memcpy(nvmrw1_copy, nvmrw1, sizeof(nvmrw1));
- memcpy(nvmrw2_copy, nvmrw2, sizeof(nvmrw2));
-
- /* Test nvm_read: both good -> pick primary, no sync */
- memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw));
- TEST_SUCC(nvmrw_read(&ctx), NULL);
- TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw1, sizeof(*nvm)), NULL);
- TEST_SUCC(memcmp(nvmrw1, nvmrw1_copy, sizeof(nvmrw1)), NULL);
- TEST_SUCC(memcmp(nvmrw2, nvmrw2_copy, sizeof(nvmrw2)), NULL);
-
- /* Test nvm_read: primary bad -> pick secondary */
- install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0);
- install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0);
- memcpy(nvmrw2_copy, nvmrw2, sizeof(*nvm));
- nvm = (struct nvmrw *)nvmrw1;
- nvm->hmac[0] ^= 0xff;
- memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw));
- TEST_SUCC(nvmrw_read(&ctx), NULL);
- TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw2, sizeof(*nvm)), NULL);
- TEST_SUCC(memcmp(nvmrw1, nvmrw2_copy, sizeof(nvmrw2)), NULL);
- TEST_SUCC(memcmp(nvmrw2, nvmrw2_copy, sizeof(nvmrw2)), NULL);
-
- /* Test nvm_read: secondary bad -> pick primary */
- install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0);
- install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0);
- memcpy(nvmrw1_copy, nvmrw1, sizeof(*nvm));
- nvm = (struct nvmrw *)nvmrw2;
- nvm->hmac[0] ^= 0xff;
- memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw));
- TEST_SUCC(nvmrw_read(&ctx), NULL);
- TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw1, sizeof(*nvm)), NULL);
- TEST_SUCC(memcmp(nvmrw1, nvmrw1_copy, sizeof(nvmrw1)), NULL);
- TEST_SUCC(memcmp(nvmrw2, nvmrw1_copy, sizeof(nvmrw1)), NULL);
-
- /* Test nvm_read: both bad */
- nvm = (struct nvmrw *)nvmrw1;
- nvm->hmac[0] ^= 0xff;
- nvm = (struct nvmrw *)nvmrw2;
- nvm->hmac[0] ^= 0xff;
- memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw));
- TEST_EQ(nvmrw_read(&ctx), BDB_ERROR_NVM_RW_INVALID_HMAC, NULL);
-
- /* Test update count: secondary new -> pick secondary */
- install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0);
- install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 1);
- memcpy(nvmrw2_copy, nvmrw2, sizeof(*nvm));
- memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw));
- TEST_SUCC(nvmrw_read(&ctx), NULL);
- TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw2, sizeof(*nvm)), NULL);
- TEST_SUCC(memcmp(nvmrw1, nvmrw2_copy, sizeof(nvmrw1)), NULL);
- TEST_SUCC(memcmp(nvmrw2, nvmrw2_copy, sizeof(nvmrw2)), NULL);
-
- /* Test old reader -> minor version downgrade */
- install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0);
- install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 1);
- memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw));
- nvm = (struct nvmrw *)nvmrw1;
- nvm->struct_minor_version++;
- nvm->struct_size++;
- TEST_SUCC(nvmrw_read(&ctx), NULL);
- TEST_EQ(ctx.nvmrw.struct_minor_version, NVM_HEADER_VERSION_MINOR, NULL);
- TEST_EQ(ctx.nvmrw.struct_size, sizeof(*nvm), NULL);
-}
-
-static void verify_nvm_write(struct vba_context *ctx,
- int expected_result)
-{
- struct nvmrw *nvmrw;
- struct nvmrw *nvm = &ctx->nvmrw;
-
- TEST_EQ(nvmrw_write(ctx, NVM_TYPE_RW_PRIMARY), expected_result, NULL);
-
- if (expected_result != BDB_SUCCESS)
- return;
-
- nvmrw = (struct nvmrw *)nvmrw1;
- TEST_EQ(nvmrw->min_kernel_data_key_version,
- nvm->min_kernel_data_key_version, NULL);
- TEST_EQ(nvmrw->min_kernel_version, nvm->min_kernel_version, NULL);
- TEST_EQ(nvmrw->update_count, nvm->update_count, NULL);
-}
-
-static void test_nvm_write(void)
-{
- struct vba_context ctx = {
- .bdb = NULL,
- .secrets = &secrets,
- };
- struct nvmrw nvm = {
- .struct_magic = NVM_RW_MAGIC,
- .struct_major_version = NVM_HEADER_VERSION_MAJOR,
- .struct_minor_version = NVM_HEADER_VERSION_MINOR,
- .struct_size = sizeof(struct nvmrw),
- .min_kernel_data_key_version = 1,
- .min_kernel_version = 2,
- .update_count = 3,
- };
-
- /* Test normal case */
- memcpy(&ctx.nvmrw, &nvm, sizeof(nvm));
- vbe_write_nvm_failure = 0;
- verify_nvm_write(&ctx, BDB_SUCCESS);
-
- /* Test write failure: once */
- memcpy(&ctx.nvmrw, &nvm, sizeof(nvm));
- vbe_write_nvm_failure = 1;
- verify_nvm_write(&ctx, BDB_SUCCESS);
-
- /* Test write failure: twice */
- memcpy(&ctx.nvmrw, &nvm, sizeof(nvm));
- vbe_write_nvm_failure = 2;
- verify_nvm_write(&ctx, BDB_ERROR_NVM_WRITE);
-
- /* Test invalid struct magic */
- memcpy(&ctx.nvmrw, &nvm, sizeof(nvm));
- ctx.nvmrw.struct_magic ^= 0xff;
- verify_nvm_write(&ctx, BDB_ERROR_NVM_RW_MAGIC);
-
- /* Test struct size too small */
- memcpy(&ctx.nvmrw, &nvm, sizeof(nvm));
- ctx.nvmrw.struct_size = NVM_RW_MIN_STRUCT_SIZE - 1;
- verify_nvm_write(&ctx, BDB_ERROR_NVM_STRUCT_SIZE);
-
- /* Test struct size too large */
- memcpy(&ctx.nvmrw, &nvm, sizeof(nvm));
- ctx.nvmrw.struct_size = NVM_RW_MAX_STRUCT_SIZE + 1;
- verify_nvm_write(&ctx, BDB_ERROR_NVM_STRUCT_SIZE);
-
- /* Test invalid struct version */
- memcpy(&ctx.nvmrw, &nvm, sizeof(nvm));
- ctx.nvmrw.struct_major_version = NVM_HEADER_VERSION_MAJOR - 1;
- verify_nvm_write(&ctx, BDB_ERROR_NVM_STRUCT_VERSION);
-
- vbe_write_nvm_failure = 0;
-}
-
-static void verify_kernel_version(uint32_t min_kernel_data_key_version,
- uint32_t new_kernel_data_key_version,
- uint32_t min_kernel_version,
- uint32_t new_kernel_version,
- int expected_result)
-{
- struct vba_context ctx = {
- .bdb = NULL,
- .secrets = &secrets,
- };
- struct nvmrw *nvm = (struct nvmrw *)nvmrw1;
- uint32_t expected_kernel_data_key_version = min_kernel_data_key_version;
- uint32_t expected_kernel_version = min_kernel_version;
- int should_update = 0;
-
- if (min_kernel_data_key_version < new_kernel_data_key_version) {
- expected_kernel_data_key_version = new_kernel_data_key_version;
- should_update = 1;
- }
- if (min_kernel_version < new_kernel_version) {
- expected_kernel_version = new_kernel_version;
- should_update = 1;
- }
-
- install_nvm(NVM_TYPE_RW_PRIMARY, min_kernel_data_key_version,
- min_kernel_version, 0);
- install_nvm(NVM_TYPE_RW_SECONDARY, 0, 0, 0);
-
- TEST_EQ(vba_update_kernel_version(&ctx, new_kernel_data_key_version,
- new_kernel_version),
- expected_result, NULL);
-
- if (expected_result != BDB_SUCCESS)
- return;
-
- /* Check data key version */
- TEST_EQ(nvm->min_kernel_data_key_version,
- expected_kernel_data_key_version, NULL);
- /* Check kernel version */
- TEST_EQ(nvm->min_kernel_version, expected_kernel_version, NULL);
- /* Check update_count */
- TEST_EQ(nvm->update_count, 0 + should_update, NULL);
- /* Check sync if update is expected */
- if (should_update)
- TEST_SUCC(memcmp(nvmrw2, nvmrw1, sizeof(nvmrw1)), NULL);
-}
-
-static void test_update_kernel_version(void)
-{
- /* Test update: data key version */
- verify_kernel_version(0, 1, 0, 0, BDB_SUCCESS);
- /* Test update: kernel version */
- verify_kernel_version(0, 0, 0, 1, BDB_SUCCESS);
- /* Test no update: data key version */
- verify_kernel_version(1, 0, 0, 0, BDB_SUCCESS);
- /* Test no update: kernel version */
- verify_kernel_version(0, 0, 1, 0, BDB_SUCCESS);
-}
-
-int vbe_aes256_encrypt(const uint8_t *msg, uint32_t len, const uint8_t *key,
- uint8_t *out)
-{
- int i;
-
- for (i = 0; i < len; i++)
- out[i] = msg[i] ^ key[i % 256/8];
-
- return BDB_SUCCESS;
-}
-
-int vbe_aes256_decrypt(const uint8_t *msg, uint32_t len, const uint8_t *key,
- uint8_t *out)
-{
- int i;
-
- for (i = 0; i < len; i++)
- out[i] = msg[i] ^ key[i % 256/8];
-
- return BDB_SUCCESS;
-}
-
-static void test_update_buc(void)
-{
- uint8_t new_buc[BUC_ENC_DIGEST_SIZE];
- uint8_t enc_buc[BUC_ENC_DIGEST_SIZE];
- struct nvmrw *nvm = (struct nvmrw *)nvmrw1;
- struct vba_context ctx = {
- .bdb = NULL,
- .secrets = &secrets,
- };
-
- install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0);
- install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0);
-
- TEST_SUCC(vba_update_buc(&ctx, new_buc), NULL);
- vbe_aes256_encrypt(new_buc, sizeof(new_buc), ctx.secrets->buc,
- enc_buc);
- TEST_SUCC(memcmp(nvm->buc_enc_digest, enc_buc, sizeof(new_buc)), NULL);
-}
-
-static void test_derive_secrets(void)
-{
- uint8_t test_key[sizeof(struct bdb_key) + BDB_RSA4096_KEY_DATA_SIZE];
- struct bdb_key *key = (struct bdb_key *)test_key;
- struct vba_context ctx = {
- .bdb = NULL,
- .secrets = &secrets,
- };
- const struct bdb_secrets expected = {
- .bdb = {
- 0x75, 0xb6, 0x24, 0xaa, 0x72, 0x50, 0xf9, 0x33,
- 0x59, 0x45, 0x8d, 0xbf, 0xfa, 0x42, 0xc4, 0xb7,
- 0x1b, 0xff, 0xc6, 0x02, 0x02, 0x35, 0xc5, 0x1a,
- 0x6c, 0xdc, 0x3a, 0x63, 0xfb, 0x8b, 0xac, 0x53},
- .boot_verified = {
- 0x40, 0xf3, 0x9b, 0xdc, 0xf6, 0xb4, 0xe8, 0xdf,
- 0x48, 0xc4, 0xfe, 0x02, 0xdd, 0x34, 0x06, 0xd9,
- 0xed, 0xd9, 0x55, 0x79, 0xf4, 0x48, 0x58, 0xbf,
- 0x32, 0x55, 0xba, 0x21, 0xca, 0xcc, 0x8c, 0xd1},
- .boot_path = {
- 0xfb, 0x58, 0x89, 0x58, 0x2f, 0x54, 0xa2, 0xf7,
- 0x96, 0x5b, 0x69, 0x77, 0x9b, 0x67, 0x80, 0x39,
- 0x7a, 0xd4, 0xc5, 0x3b, 0xcf, 0x95, 0x3f, 0xec,
- 0x28, 0x49, 0x55, 0x49, 0x38, 0x27, 0x5d, 0x3c},
- .buc = {
- 0x63, 0xa5, 0x30, 0xd7, 0xca, 0xe1, 0x3e, 0x2e,
- 0x72, 0x7e, 0x29, 0xc9, 0x37, 0x66, 0x6a, 0x63,
- 0x91, 0xd4, 0x8e, 0x8b, 0xbc, 0x1a, 0x7a, 0xcf,
- 0xc3, 0x19, 0xa0, 0x87, 0xfc, 0x4d, 0xe1, 0xe8},
- };
-
- memset(test_key, 0, sizeof(test_key));
- key->struct_magic = BDB_KEY_MAGIC;
- key->struct_major_version = BDB_KEY_VERSION_MAJOR;
- key->struct_minor_version = BDB_KEY_VERSION_MINOR;
- key->struct_size = sizeof(test_key);
- key->hash_alg = BDB_HASH_ALG_SHA256;
- key->sig_alg = BDB_SIG_ALG_RSA4096;
- key->key_version = 1;
-
- TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BDB, NULL,
- test_key, sizeof(test_key)), NULL);
- TEST_SUCC(memcmp(ctx.secrets->bdb, expected.bdb, BDB_SECRET_SIZE),
- NULL);
-
- TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BOOT_VERIFIED, NULL,
- NULL, 0), NULL);
- TEST_SUCC(memcmp(ctx.secrets->boot_verified, expected.boot_verified,
- BDB_SECRET_SIZE), NULL);
-
- TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BOOT_PATH, NULL,
- test_key, sizeof(test_key)), NULL);
- TEST_SUCC(memcmp(ctx.secrets->boot_path, expected.boot_path,
- BDB_SECRET_SIZE), NULL);
-
- TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BUC, NULL, NULL, 0),
- NULL);
- TEST_SUCC(memcmp(ctx.secrets->buc, expected.buc,
- BDB_SECRET_SIZE), NULL);
-}
-
-int main(int argc, char *argv[])
-{
- if (argc != 2) {
- fprintf(stderr, "Usage: %s <keys_dir>", argv[0]);
- return -1;
- }
- printf("Running BDB SP-RW tests...\n");
-
- test_verify_aprw(argv[1]);
- test_nvm_read();
- test_nvm_write();
- test_update_kernel_version();
- test_update_buc();
- test_derive_secrets();
-
- return gTestSuccess ? 0 : 255;
-}
diff --git a/tests/bdb_test.c b/tests/bdb_test.c
deleted file mode 100644
index 693d6191..00000000
--- a/tests/bdb_test.c
+++ /dev/null
@@ -1,504 +0,0 @@
-/* Copyright 2015 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Unit tests
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "2sha.h"
-#include "bdb.h"
-#include "host.h"
-#include "test_common.h"
-
-static void check_header_tests(void)
-{
- struct bdb_header sgood = {
- .struct_magic = BDB_HEADER_MAGIC,
- .struct_major_version = BDB_HEADER_VERSION_MAJOR,
- .struct_minor_version = BDB_HEADER_VERSION_MINOR,
- .struct_size = sizeof(struct bdb_header),
- .bdb_load_address = -1,
- .bdb_size = 1024,
- .signed_size = 512,
- .oem_area_0_size = 256,
- };
- const size_t ssize = sgood.struct_size;
- struct bdb_header s;
-
- s = sgood;
- TEST_EQ_S(bdb_check_header(&s, ssize), BDB_SUCCESS);
- TEST_EQ_S(bdb_check_header(&s, ssize - 1), BDB_ERROR_BUF_SIZE);
-
- s = sgood;
- s.struct_size++;
- TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_BUF_SIZE);
-
- s = sgood;
- s.struct_size--;
- TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_STRUCT_SIZE);
-
- s = sgood;
- s.struct_magic++;
- TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_STRUCT_MAGIC);
-
- s = sgood;
- s.struct_major_version++;
- TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_STRUCT_VERSION);
-
- s = sgood;
- s.oem_area_0_size++;
- TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_OEM_AREA_SIZE);
-
- s = sgood;
- s.bdb_size = ssize - 1;
- TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_BDB_SIZE);
-}
-
-static void check_key_tests(void)
-{
- struct bdb_key sgood = {
- .struct_magic = BDB_KEY_MAGIC,
- .struct_major_version = BDB_KEY_VERSION_MAJOR,
- .struct_minor_version = BDB_KEY_VERSION_MINOR,
- .struct_size = (sizeof(struct bdb_key) +
- BDB_RSA4096_KEY_DATA_SIZE),
- .hash_alg = BDB_HASH_ALG_SHA256,
- .sig_alg = BDB_SIG_ALG_RSA4096,
- .key_version = 1,
- .description = "Test key",
- };
- const size_t ssize = sgood.struct_size;
- struct bdb_key s;
-
- s = sgood;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_SUCCESS);
- TEST_EQ_S(bdb_check_key(&s, ssize - 1), BDB_ERROR_BUF_SIZE);
-
- s = sgood;
- s.struct_size++;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_BUF_SIZE);
-
- s = sgood;
- s.struct_size--;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_STRUCT_SIZE);
-
- s = sgood;
- s.struct_magic++;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_STRUCT_MAGIC);
-
- s = sgood;
- s.struct_major_version++;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_STRUCT_VERSION);
-
- /* Description must contain a null */
- s = sgood;
- memset(s.description, 'x', sizeof(s.description));
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_DESCRIPTION);
-
- /* Data AFTER the null is explicitly allowed, though */
- s = sgood;
- s.description[100] = 'x';
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_SUCCESS);
-
- /* Limited algorithm choices at present */
- s = sgood;
- s.hash_alg = BDB_HASH_ALG_INVALID;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_HASH_ALG);
-
- /* This works because ECDSA521 signatures are smaller than RSA4096 */
- s = sgood;
- s.sig_alg = BDB_SIG_ALG_ECSDSA521;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_SUCCESS);
-
- s = sgood;
- s.sig_alg = BDB_SIG_ALG_INVALID;
- TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_SIG_ALG);
-}
-
-static void check_sig_tests(void)
-{
- struct bdb_sig sgood = {
- .struct_magic = BDB_SIG_MAGIC,
- .struct_major_version = BDB_SIG_VERSION_MAJOR,
- .struct_minor_version = BDB_SIG_VERSION_MINOR,
- .struct_size = sizeof(struct bdb_sig) + BDB_RSA4096_SIG_SIZE,
- .hash_alg = BDB_HASH_ALG_SHA256,
- .sig_alg = BDB_SIG_ALG_RSA4096,
- .signed_size = 123,
- .description = "Test sig",
- };
- const size_t ssize = sgood.struct_size;
- struct bdb_sig s;
-
- s = sgood;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_SUCCESS);
- TEST_EQ_S(bdb_check_sig(&s, ssize - 1), BDB_ERROR_BUF_SIZE);
-
- s = sgood;
- s.struct_size++;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_BUF_SIZE);
-
- s = sgood;
- s.struct_size--;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_STRUCT_SIZE);
-
- s = sgood;
- s.struct_magic++;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_STRUCT_MAGIC);
-
- s = sgood;
- s.struct_major_version++;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_STRUCT_VERSION);
-
- /* Description must contain a null */
- s = sgood;
- memset(s.description, 'x', sizeof(s.description));
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_DESCRIPTION);
-
- /* Data AFTER the null is explicitly allowed, though */
- s = sgood;
- s.description[100] = 'x';
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_SUCCESS);
-
- /* Limited algorithm choices at present */
- s = sgood;
- s.hash_alg = BDB_HASH_ALG_INVALID;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_HASH_ALG);
-
- /* This works because ECDSA521 signatures are smaller than RSA4096 */
- s = sgood;
- s.sig_alg = BDB_SIG_ALG_ECSDSA521;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_SUCCESS);
-
- s = sgood;
- s.sig_alg = BDB_SIG_ALG_INVALID;
- TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_SIG_ALG);
-}
-
-static void check_data_tests(void)
-{
- struct bdb_data sgood = {
- .struct_magic = BDB_DATA_MAGIC,
- .struct_major_version = BDB_DATA_VERSION_MAJOR,
- .struct_minor_version = BDB_DATA_VERSION_MINOR,
- .struct_size = sizeof(struct bdb_data),
- .data_version = 1,
- .oem_area_1_size = 256,
- .num_hashes = 3,
- .hash_entry_size = sizeof(struct bdb_hash),
- .signed_size = 2048,
- .description = "Test data",
- };
- const size_t ssize = sgood.signed_size;
- struct bdb_data s;
-
- s = sgood;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_SUCCESS);
- TEST_EQ_S(bdb_check_data(&s, ssize - 1), BDB_ERROR_BUF_SIZE);
-
- s = sgood;
- s.struct_size--;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_STRUCT_SIZE);
-
- s = sgood;
- s.struct_magic++;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_STRUCT_MAGIC);
-
- s = sgood;
- s.struct_major_version++;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_STRUCT_VERSION);
-
- /* Description must contain a null */
- s = sgood;
- memset(s.description, 'x', sizeof(s.description));
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_DESCRIPTION);
-
- /* Data AFTER the null is explicitly allowed, though */
- s = sgood;
- s.description[100] = 'x';
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_SUCCESS);
-
- s = sgood;
- s.hash_entry_size--;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_HASH_ENTRY_SIZE);
-
- s = sgood;
- s.oem_area_1_size++;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_OEM_AREA_SIZE);
-
- /* Check exact size needed */
- s = sgood;
- s.signed_size = sizeof(s) + s.num_hashes * sizeof(struct bdb_hash) +
- s.oem_area_1_size;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_SUCCESS);
- s.signed_size--;
- TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_SIGNED_SIZE);
-
- /*
- * TODO: Verify wraparound check works. That can only be tested on a
- * platform where size_t is uint32_t, because otherwise a 32-bit
- * oem_area_1_size can't cause wraparound.
- */
-}
-
-/**
- * Test bdb_verify() and bdb_create()
- */
-static void check_bdb_verify(const char *key_dir)
-{
- uint8_t oem_area_0[32] = "Some OEM area.";
- uint8_t oem_area_1[64] = "Some other OEM area.";
- char filename[1024];
-
- struct bdb_hash hash[2] = {
- {
- .offset = 0x10000,
- .size = 0x18000,
- .partition = 1,
- .type = BDB_DATA_SP_RW,
- .load_address = 0x100000,
- .digest = {0x11, 0x11, 0x11, 0x10},
- },
- {
- .offset = 0x28000,
- .size = 0x20000,
- .partition = 1,
- .type = BDB_DATA_AP_RW,
- .load_address = 0x200000,
- .digest = {0x22, 0x22, 0x22, 0x20},
- },
- };
-
- struct bdb_create_params p = {
- .bdb_load_address = 0x11223344,
- .oem_area_0 = oem_area_0,
- .oem_area_0_size = sizeof(oem_area_0),
- .oem_area_1 = oem_area_1,
- .oem_area_1_size = sizeof(oem_area_1),
- .header_sig_description = (char *)"The header sig",
- .data_sig_description = (char *)"The data sig",
- .data_description = (char *)"Test BDB data",
- .data_version = 3,
- .hash = hash,
- .num_hashes = 2,
- };
-
- uint8_t bdbkey_digest[BDB_SHA256_DIGEST_SIZE];
- struct bdb_header *hgood, *h;
- size_t hsize;
-
- /* Load keys */
- snprintf(filename, sizeof(filename), "%s/bdbkey.keyb", key_dir);
- p.bdbkey = bdb_create_key(filename, 100, "BDB key");
- snprintf(filename, sizeof(filename), "%s/datakey.keyb", key_dir);
- p.datakey = bdb_create_key(filename, 200, "datakey");
- snprintf(filename, sizeof(filename), "%s/bdbkey.pem", key_dir);
- p.private_bdbkey = read_pem(filename);
- snprintf(filename, sizeof(filename), "%s/datakey.pem", key_dir);
- p.private_datakey = read_pem(filename);
- if (!p.bdbkey || !p.datakey || !p.private_bdbkey || !p.private_datakey) {
- fprintf(stderr, "Unable to load test keys\n");
- exit(2);
- }
-
- vb2_digest_buffer((uint8_t *)p.bdbkey, p.bdbkey->struct_size,
- VB2_HASH_SHA256,
- bdbkey_digest, BDB_SHA256_DIGEST_SIZE);
-
- /* Create the test BDB */
- hgood = bdb_create(&p);
- if (!hgood) {
- fprintf(stderr, "Unable to create test BDB\n");
- exit(2);
- }
- hsize = hgood->bdb_size;
-
- /* Allocate a copy we can mangle */
- h = calloc(hsize, 1);
-
- /* As created, it should pass */
- memcpy(h, hgood, hsize);
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_SUCCESS);
-
- /* It can accept a NULL pointer as bdb_key_digest */
- memcpy(h, hgood, hsize);
- TEST_EQ_S(bdb_verify(h, hsize, NULL), BDB_GOOD_OTHER_THAN_KEY);
-
- /* Mangle each component in turn */
- memcpy(h, hgood, hsize);
- h->struct_magic++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_key *)bdb_get_bdbkey(h))->struct_magic++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_BDBKEY);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_key *)bdb_get_bdbkey(h))->key_version++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_GOOD_OTHER_THAN_KEY);
-
- memcpy(h, hgood, hsize);
- h->oem_area_0_size += hsize;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_OEM_AREA_0);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_key *)bdb_get_datakey(h))->struct_magic++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATAKEY);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_key *)bdb_get_datakey(h))->struct_size += 4;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_BDB_SIGNED_SIZE);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_sig *)bdb_get_header_sig(h))->struct_magic++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_sig *)bdb_get_header_sig(h))->signed_size--;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_sig *)bdb_get_header_sig(h))->sig_data[0] ^= 0x42;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG);
-
- /* Also make sure the header sig really covers all the fields */
- memcpy(h, hgood, hsize);
- ((struct bdb_key *)bdb_get_datakey(h))->key_version++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG);
-
- memcpy(h, hgood, hsize);
- ((uint8_t *)bdb_get_oem_area_0(h))[0] ^= 0x42;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG);
-
- memcpy(h, hgood, hsize);
- ((uint8_t *)bdb_get_oem_area_0(h))[p.oem_area_0_size - 1] ^= 0x24;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG);
-
- /* Check data header */
- memcpy(h, hgood, hsize);
- ((struct bdb_data *)bdb_get_data(h))->struct_magic++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_sig *)bdb_get_data_sig(h))->struct_magic++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest),
- BDB_ERROR_DATA_CHECK_SIG);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_sig *)bdb_get_data_sig(h))->signed_size--;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest),
- BDB_ERROR_DATA_SIGNED_SIZE);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_sig *)bdb_get_data_sig(h))->sig_data[0] ^= 0x42;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG);
-
- /* Also make sure the data sig really covers all the fields */
- memcpy(h, hgood, hsize);
- ((struct bdb_data *)bdb_get_data(h))->data_version--;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG);
-
- memcpy(h, hgood, hsize);
- ((uint8_t *)bdb_get_oem_area_1(h))[0] ^= 0x42;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG);
-
- memcpy(h, hgood, hsize);
- ((uint8_t *)bdb_get_oem_area_1(h))[p.oem_area_1_size - 1] ^= 0x24;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_hash *)bdb_get_hash_by_type(h, BDB_DATA_SP_RW))->offset++;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG);
-
- memcpy(h, hgood, hsize);
- ((struct bdb_hash *)bdb_get_hash_by_type(h, BDB_DATA_AP_RW))
- ->digest[0] ^= 0x96;
- TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG);
-
- /*
- * This is also a convenient place to test that all the parameters we
- * fed into bdb_create() also worked. That also tests all the
- * bdb_get_*() functions.
- */
- memcpy(h, hgood, hsize);
- TEST_EQ_S(h->bdb_load_address, p.bdb_load_address);
-
- TEST_EQ_S(strcmp(bdb_get_bdbkey(h)->description, p.bdbkey->description),
- 0);
- TEST_EQ_S(bdb_get_bdbkey(h)->key_version, p.bdbkey->key_version);
-
- TEST_EQ_S(h->oem_area_0_size, p.oem_area_0_size);
- TEST_EQ_S(memcmp(bdb_get_oem_area_0(h), oem_area_0, sizeof(oem_area_0)),
- 0);
-
- TEST_EQ_S(strcmp(bdb_get_datakey(h)->description, p.datakey->description),
- 0);
- TEST_EQ_S(bdb_get_datakey(h)->key_version, p.datakey->key_version);
-
- TEST_EQ_S(strcmp(bdb_get_header_sig(h)->description,
- p.header_sig_description), 0);
-
- TEST_EQ_S(strcmp(bdb_get_data(h)->description, p.data_description), 0);
- TEST_EQ_S(bdb_get_data(h)->data_version, p.data_version);
- TEST_EQ_S(bdb_get_data(h)->num_hashes, p.num_hashes);
-
- TEST_EQ_S(bdb_get_data(h)->oem_area_1_size, p.oem_area_1_size);
- TEST_EQ_S(memcmp(bdb_get_oem_area_1(h), oem_area_1, sizeof(oem_area_1)),
- 0);
-
- TEST_EQ_S(strcmp(bdb_get_data_sig(h)->description,
- p.data_sig_description), 0);
-
- /* Test getting hash entries */
- memcpy(h, hgood, hsize);
- TEST_EQ_S(bdb_get_hash_by_type(h, BDB_DATA_SP_RW)
- ->offset, hash[0].offset);
- TEST_EQ_S(bdb_get_hash_by_index(h, 0)
- ->offset, hash[0].offset);
- TEST_EQ_S(bdb_get_hash_by_type(h, BDB_DATA_AP_RW)
- ->offset, hash[1].offset);
- TEST_EQ_S(bdb_get_hash_by_index(h, 1)
- ->offset, hash[1].offset);
- /* And a non-existent one */
- TEST_PTR_EQ(bdb_get_hash_by_type(h, BDB_DATA_MCU), NULL, NULL);
- TEST_PTR_EQ(bdb_get_hash_by_index(h, 2), NULL, NULL);
-
- /*
- * TODO: Verify wraparound checks works. That can only be tested on a
- * platform where size_t is uint32_t, because otherwise a 32-bit
- * oem_area_1_size can't cause wraparound.
- */
-
- /* Free keys and buffers */
- free(p.bdbkey);
- free(p.datakey);
- RSA_free(p.private_bdbkey);
- RSA_free(p.private_datakey);
- free(hgood);
- free(h);
-}
-
-/*****************************************************************************/
-
-int main(int argc, char *argv[])
-{
- if (argc != 2) {
- fprintf(stderr, "Usage: %s <keys_dir>", argv[0]);
- return -1;
- }
- printf("Running BDB tests...\n");
-
- check_header_tests();
- check_key_tests();
- check_sig_tests();
- check_data_tests();
- check_bdb_verify(argv[1]);
-
- printf("All tests passed!\n");
-
- return gTestSuccess ? 0 : 255;
-}
diff --git a/tests/futility/data/bdb.bin b/tests/futility/data/bdb.bin
deleted file mode 100644
index 1fe84463..00000000
--- a/tests/futility/data/bdb.bin
+++ /dev/null
Binary files differ
diff --git a/tests/futility/run_test_scripts.sh b/tests/futility/run_test_scripts.sh
index 7171b483..8ccbab6e 100755
--- a/tests/futility/run_test_scripts.sh
+++ b/tests/futility/run_test_scripts.sh
@@ -40,7 +40,6 @@ export OUTDIR
# These are the scripts to run. Binaries are invoked directly by the Makefile.
TESTS="
-${SCRIPTDIR}/test_bdb.sh
${SCRIPTDIR}/test_create.sh
${SCRIPTDIR}/test_dump_fmap.sh
${SCRIPTDIR}/test_gbb_utility.sh
diff --git a/tests/futility/test_bdb.sh b/tests/futility/test_bdb.sh
deleted file mode 100755
index 0f0c0249..00000000
--- a/tests/futility/test_bdb.sh
+++ /dev/null
@@ -1,100 +0,0 @@
-#!/bin/bash -eux
-# Copyright 2015 The Chromium OS Authors. All rights reserved.
-# Use of this source code is governed by a BSD-style license that can be
-# found in the LICENSE file.
-
-me=${0##*/}
-TMP="$me.tmp"
-
-# Work in scratch directory
-cd "$OUTDIR"
-BDB_FILE=bdb.bin
-
-TESTKEY_DIR=${SRCDIR}/tests/testkeys
-TESTDATA_DIR=${SRCDIR}/tests/testdata
-
-BDBKEY_PUB=${TESTKEY_DIR}/bdbkey.keyb
-BDBKEY_PRI=${TESTKEY_DIR}/bdbkey.pem
-DATAKEY_PUB=${TESTKEY_DIR}/datakey.keyb
-DATAKEY_PRI=${TESTKEY_DIR}/datakey.pem
-BDBKEY_DIGEST=${TESTDATA_DIR}/bdbkey_digest.bin
-DATAKEY_DIGEST=${TESTDATA_DIR}/datakey_digest.bin
-DATA_FILE=${TESTDATA_DIR}/sp-rw.bin
-
-declare -i num_hash
-
-# Verify a BDB
-#
-# $1: Key digest file
-# $2: Any remaining option passed to futility bdb --verify
-verify() {
- local key_digest=${1:-${BDBKEY_DIGEST}}
- local extra_option=${2:-}
- ${FUTILITY} bdb --verify ${BDB_FILE} --key_digest ${key_digest} \
- ${extra_option}
-}
-
-get_num_hash() {
- printf "%d" \
- $(${FUTILITY} show ${BDB_FILE} \
- | grep '# of Hashes' | cut -d':' -f 2)
-}
-
-# Tests field matches a specified value in a BDB
-# e.g. check_field 'Data Version:' 2 returns error if the data version isn't 2.
-check_field() {
- # Find the field
- x=$(${FUTILITY} show ${BDB_FILE} | grep "${1}")
- [ "${x}" ] || return 1
- # Remove the field name
- x=${x##*:}
- [ "${x}" ] || return 1
- # Remove the leading and trailing spaces
- x=${x//[[:blank:]]/}
- [ "${x}" == "${2}" ] || return 1
-}
-
-# Demonstrate bdb --create can create a valid BDB
-load_address=0x60061ec0de
-${FUTILITY} bdb --create ${BDB_FILE} \
- --bdbkey_pri ${BDBKEY_PRI} --bdbkey_pub ${BDBKEY_PUB} \
- --datakey_pub ${DATAKEY_PUB} --datakey_pri ${DATAKEY_PRI} \
- --load_address ${load_address}
-verify
-check_field "Load Address:" ${load_address}
-
-# Demonstrate bdb --add can add a new hash
-num_hash=$(get_num_hash)
-${FUTILITY} bdb --add ${BDB_FILE} \
- --data ${DATA_FILE} --partition 1 --type 2 --offset 3 --load_address 4
-# Use futility show command to verify the hash is added
-num_hash+=1
-[ $(get_num_hash) -eq $num_hash ]
-# TODO: verify partition, type, offset, and load_address
-
-# Demonstrate futility bdb --resign can resign the BDB
-data_version=2
-${FUTILITY} bdb --resign ${BDB_FILE} --datakey_pri ${DATAKEY_PRI} \
- --data_version $data_version
-verify
-check_field "Data Version:" $data_version
-
-# Demonstrate futility bdb --resign can resign with a new data key
-# Note resigning with a new data key requires a private BDB key as well
-${FUTILITY} bdb --resign ${BDB_FILE} \
- --bdbkey_pri ${BDBKEY_PRI} \
- --datakey_pri ${BDBKEY_PRI} --datakey_pub ${BDBKEY_PUB}
-verify
-
-# Demonstrate futility bdb --resign can resign with a new BDB key
-${FUTILITY} bdb --resign ${BDB_FILE} \
- --bdbkey_pri ${DATAKEY_PRI} --bdbkey_pub ${DATAKEY_PUB}
-verify ${DATAKEY_DIGEST}
-
-# Demonstrate futility bdb --verify can return success when key digest doesn't
-# match but --ignore_key_digest is specified.
-verify ${BDBKEY_DIGEST} --ignore_key_digest
-
-# cleanup
-rm -rf ${TMP}*
-exit 0
diff --git a/tests/futility/test_file_types.c b/tests/futility/test_file_types.c
index c77802bd..9999223d 100644
--- a/tests/futility/test_file_types.c
+++ b/tests/futility/test_file_types.c
@@ -37,7 +37,6 @@ static struct {
{FILE_TYPE_VB2_PRIVKEY, "tests/futility/data/sample.vbprik2"},
{FILE_TYPE_PEM, "tests/testkeys/key_rsa2048.pem"},
{FILE_TYPE_USBPD1, "tests/futility/data/zinger_mp_image.bin"},
- {FILE_TYPE_BDB, "tests/futility/data/bdb.bin"},
{FILE_TYPE_RWSIG, }, /* need a test for this */
};
BUILD_ASSERT(ARRAY_SIZE(test_case) == NUM_FILE_TYPES);
diff --git a/tests/futility/test_file_types.sh b/tests/futility/test_file_types.sh
index b0248a94..4b7a9fb6 100755
--- a/tests/futility/test_file_types.sh
+++ b/tests/futility/test_file_types.sh
@@ -44,7 +44,6 @@ test_case "pubkey21" "tests/futility/data/sample.vbpubk2"
test_case "prikey21" "tests/futility/data/sample.vbprik2"
test_case "pem" "tests/testkeys/key_rsa2048.pem"
test_case "pem" "tests/testkeys/key_rsa8192.pub.pem"
-test_case "bdb" "tests/futility/data/bdb.bin"
# Expect failure here.
fail_case "/Sir/Not/Appearing/In/This/Film"
diff --git a/tests/testdata/bdbkey_digest.bin b/tests/testdata/bdbkey_digest.bin
deleted file mode 100644
index 47d4e68a..00000000
--- a/tests/testdata/bdbkey_digest.bin
+++ /dev/null
@@ -1 +0,0 @@
-ljVN"Isv}k͊b 'T \ No newline at end of file
diff --git a/tests/testkeys/bdbkey.crt b/tests/testkeys/bdbkey.crt
deleted file mode 100644
index 383216a3..00000000
--- a/tests/testkeys/bdbkey.crt
+++ /dev/null
@@ -1,33 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIFtTCCA52gAwIBAgIJANitnQKymb5VMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
-BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQwHhcNMTAwOTI5MTgxNjM4WhcNMTAxMDI5MTgxNjM4WjBF
-MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
-ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
-CgKCAgEAm5v71oqFynujT4FVq5lKaYxpmKfXdeBNKDmLzgu7fXLUKaEqTGEDsseE
-5qyaaP+dmTnQKfne7G31zgf46//YEl+u5Gt/S4oAgYyvs3rjymzD5kVOLEAzgrIX
-AwyhDFARRzAFWos43hypunHGvu4fDBAzZ3zGVulhjgAzD/gNjToVYCP7bj6kTaDx
-1u9siCKdYN09vGwSUt9WuV+yort7kns/B8ArVxt3bFSjsAxuWel/dJyLwCMQ9XAx
-dgWpg3RBUsK/KgekQybPLrhLYJn1AeOApwzJ4HoJSqU/1jCEaGrKA/KtCRXiurZz
-6lBi7sElsigjBvEZH0iCmmRgH3Oi/cbpHIs1C6YHvCCbO90ntwgtDf0+2WJtFtbG
-t5Do3CXri0tcsXBWqISSK3VzzjHH691BVwLuoBvF1XICMEjmq9aJ+MdbEe4E+GU8
-TV9NnRnuYyOUoxeisyXiArUUI9+1qL6pIgulTlY2Ch51QZY5n2aYY97PtosNotbS
-ylMrLvWXGiiQWxux12eOnB3c/3wNYWey8Km4cmOhEOYz7hLz2r1uIoC/SzM5wLnn
-TEQmaiUDNV9R3Gj3E3xkpTq3UNSSPsV7k8lInMtWqzps6aTvBw1k6i6CUvWbEZqm
-t/0bimQHOEdg3OrJjQpwTKSp4ouSyVu0IphDwy1yjKCfNWKRzrUCAwEAAaOBpzCB
-pDAdBgNVHQ4EFgQUyBKBgFg+vONV1sbup7QtFa7DR78wdQYDVR0jBG4wbIAUyBKB
-gFg+vONV1sbup7QtFa7DR7+hSaRHMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpT
-b21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGSCCQDY
-rZ0Cspm+VTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQA0wtlLEAKR
-ctB41x/V10SMFIg5eLbDrUKQQT33BddrhFu0blc7U5jgXjqTYS80xIlOC0hXtN7D
-Z478st3NAxjtvBKxNMWB9Ppz6+15UENnXNGLElhRPaeAbxBs7zVB64b8fY69EJRe
-JOJNp6+c4WJsHWzxrmfHD0Wx18pJ877ThRi/ZH0QP2TjPc0gZT4szP1taoOJ7SXy
-gO10WfPoF1GgI/VXhPLnk2zXpTlFdp+qyKOtDFxOOK/cVKdXAxDDDO9DAw6cvrEn
-mPS2Zml9HI25/CrE00y+k4w7bqzNeGNzhSGPBvq5Yqnefc1dJSdDQZ3XLG9Fis4a
-nVfuSTvP1MUrFEGEvuxRcA0rWPwQtYSHHs8ZnpT6eayTPcpDvWSihe4xUywirXTT
-kbWgeABGQGaoAnFJYhjqBROGdVb4V3vbsjbCi8k2r4IIcqOzp6OIJxha2LvkZ+iu
-f+OlMVAO/C1LbRsVQkfJp7NxEt6PVewQV5Kgnwlf+x7Q2tUfZfdpLd/EMtojv3BD
-Ewx5X2yHGXcYZG/C1kNzyGTfg97/+55mtNlkTmo8elcPxlpnEuMXEv4JthnRy90x
-ZLflcR9q0pOiV+n//KyQvfjH99JmRtVJGG8xlDEtRbJWjFQD/uSEBxeS0T6INrza
-0WTaiIOZB1vMPe6CDYDWDzrFdQrD6HoWDQ==
------END CERTIFICATE-----
diff --git a/tests/testkeys/bdbkey.keyb b/tests/testkeys/bdbkey.keyb
deleted file mode 100644
index 515aaa98..00000000
--- a/tests/testkeys/bdbkey.keyb
+++ /dev/null
Binary files differ
diff --git a/tests/testkeys/bdbkey.pem b/tests/testkeys/bdbkey.pem
deleted file mode 100644
index 204b440f..00000000
--- a/tests/testkeys/bdbkey.pem
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJKQIBAAKCAgEAm5v71oqFynujT4FVq5lKaYxpmKfXdeBNKDmLzgu7fXLUKaEq
-TGEDsseE5qyaaP+dmTnQKfne7G31zgf46//YEl+u5Gt/S4oAgYyvs3rjymzD5kVO
-LEAzgrIXAwyhDFARRzAFWos43hypunHGvu4fDBAzZ3zGVulhjgAzD/gNjToVYCP7
-bj6kTaDx1u9siCKdYN09vGwSUt9WuV+yort7kns/B8ArVxt3bFSjsAxuWel/dJyL
-wCMQ9XAxdgWpg3RBUsK/KgekQybPLrhLYJn1AeOApwzJ4HoJSqU/1jCEaGrKA/Kt
-CRXiurZz6lBi7sElsigjBvEZH0iCmmRgH3Oi/cbpHIs1C6YHvCCbO90ntwgtDf0+
-2WJtFtbGt5Do3CXri0tcsXBWqISSK3VzzjHH691BVwLuoBvF1XICMEjmq9aJ+Mdb
-Ee4E+GU8TV9NnRnuYyOUoxeisyXiArUUI9+1qL6pIgulTlY2Ch51QZY5n2aYY97P
-tosNotbSylMrLvWXGiiQWxux12eOnB3c/3wNYWey8Km4cmOhEOYz7hLz2r1uIoC/
-SzM5wLnnTEQmaiUDNV9R3Gj3E3xkpTq3UNSSPsV7k8lInMtWqzps6aTvBw1k6i6C
-UvWbEZqmt/0bimQHOEdg3OrJjQpwTKSp4ouSyVu0IphDwy1yjKCfNWKRzrUCAwEA
-AQKCAgEAlbfvBu0g7UEoUEbQdtp2jjdbIlXbKL83fYxgx07ihkEFgUhfuj1doZX2
-eTt5Fa1bpSHK95hCtJjX9/QTvH3dF1CYpY4IXFXbRspmAvoqUYl0swnbvRfId+eB
-3J06Fu6ysRuzCvsJLCvH4mu2Hd5eYOz1iIy1CMpj4oyulJ7F6ywHhQkZ0WjUDRzd
-kz+p3RHw+lHkJHaW6sWYW6OH7KsWqkmKy5pKGPWEYebN14UeZ8QRrdExZRxYJM5d
-yICKKMCiWU6nP3k6wqGElh8b50Y6RibukcvsMN86MWftk9f6jbyxwjqr4iH8lEkY
-HkpZ5f5QlqmnifZPhZnujz4kfh50oteC2QPQ0hrNYCDG75wuiNX/vINVfrKG0ddg
-iQDFqyQyQirxCGQgy7Wto08KAzKt146ST28N+kdF/kY14ou5f5+GlWQJcnqdHd2p
-R25MueXUsY3I63dULR6k02Y6M7Tzo39lYe0LV82+G0A3iGpI+eM7xw/sQDNb2sQs
-jCcz7XPrfTomrVJaW1FkM8vM6eWhuhAyDFP+unz0aMnKrkUrarh4t9QpriiCjm3E
-HV2Hc7t/Do/w+B3rywKy3PE2yO49eGz20um0JqWcAbGDZY2vDnyV+/xibxqaIZUo
-saI/btlyvCv00812momkX/qWwS+1GHvyYYcpIg0XQbZY1TvEi8ECggEBAM6LTfVu
-MKNwW/QdZ6pxKl/Oy8zlb1o8HET5hKCdhoMvpwlvpO2qSvlCxH3VZTmcXIXd+Mkd
-e4OZrzeMLVxMd64xP10k2ui/O2/8G38xmpMGqZihc+LnY6JgajujfAQHljOgrAJL
-xzO2Gk4oWX72oA6jqP8LZkRp/9acTWqBTKs6MOdrfn6I3k0urBB29+jcbqFAfgMx
-hfcTKAOHYmg/SeEZDvKP6fRDJGMGXqJ4TaBXjsnhNGCjGmuCqJhxxIGCI/AVK10B
-CjEboo9vACzNE1/JMxH8aT5up7e+7R/WoiJ5e3jlvSKmcO7KiR27JVsAlZeIddKd
-LzG9KKZ8Yla0U3MCggEBAMDefKVTqSPaG7cmAQGtXrbBDLdCWIaT08v+kMw/drlq
-NqLD+1ct098iFwRtKaYPERPKqNtxfJdkUMqWELBWV2Sq4Fi+JVXjGOUctP7Atd2x
-6NJ9xHqQKQwKUv0/9jN5Oie9sFvsLwPAJNOJej1BrmvPZvc0CoMyOjkmxEhYu3qG
-i26ZTSZSCTrbE8eAL0EJdH0gB7Ryuks8O+jEF7eXuZLZyN3AromISJtmLVlMFZ7m
-+0sQnZQqwNF+BIrOgO+3R61jjNzCJbFo7frvRIlDSnrbmWp6sYns1cjhZiKCnO78
-RgDiaJcuceqsalgBZi8/Fmam2IPeqhvTNg+5alCuWzcCggEAXFjglFmeGZVFJ9J1
-5TkPzyJw8L2smdXCdfxyFjYYTFNkBc4LGdBIEUaPAAwHZEjK/XePoqwx61cthlKA
-fYIbCKEwSX8O+X13H8zCpo4RJKeX8IxPeiYm4BTnqp6f9lVGDPNLtQMYn8BN5qAX
-07KFQcZe6xm3seMK5nOgEXyaQPyVnQLs3bpoWm4BtKLcmRrlw+dH8DmWQjAoddt0
-XlPdvm0rx7wcyH+0pynT6iSL4KMFTrIIbyS9zU/v/ajwSU9crh1o8/5hBi/q8OKa
-W22dufgFg4ctryJejsMo1lFq0KssT5O4iuOMHtgjkk14mEWcnNIAjBiHX1/J6xY2
-Cbo6jQKCAQBtvmt4e1kz8Ehy92n9NVQ+cyy0HklXEkiiu9BSmA4LRPefuBqNKaN0
-ROaJ+z+GoO4br+ZTL4kwb8FU9Py8CfUib+TGOjPuYhFpVONcTfVuF2yeUTf6cYsZ
-sco1Fi8WbPV9ZX8zXvoFjVCnGYP31SbVa6dwJCmTK4JbwMZRUEQlXOd74Dk5A9cC
-qWPg0fyRajrhc9dOgzWj17tTIDlKm0fZ2phkLd5inayK2CIXvKZUy6PTu7medJFQ
-4v7cqNJPFJ/xdkLR3psqDsXTUlBSNnrr24a5QuVA0QV4j2DZZC6+Acgneqz+0Uu6
-t66vMuSdH620bV2n84wh1xXc7qkjDYMTAoIBAQC6DsTyBGNNI0/DGwAsae5Zri8w
-T/SOER7Tc/PCgQyFUNsJJc/OmSy66PPiH2HzqLjl6/jeiJP++oCnfO6pNTq1Fjz4
-Le2iS1szlcuJ9QLdtn2LTqORzdQVpka42X+o+NqJEdzkZb/N6eBA4PPQdTxHIiu1
-WGBpDc5vGkpuzLm9SVCw/4SD84z+Nhs0pqOvwWhmQWCtl28fgqU4LMeOX1Wz5P8E
-IledlgbCZh2KwXuv3BJdkawuwrSPsahnZmoJapx2dE+FkNl4equaBwImfLf5Qifj
-IhIN5GueO9k/D2/7/XvW2qJ3Vy0z0xMMNiTVYufVpbh77Kn2ebKfROlkzMEU
------END RSA PRIVATE KEY-----
View Lorry Controller Status