summaryrefslogtreecommitdiff
path: root/tests/vb20_misc_tests.c
diff options
context:
space:
mode:
Diffstat (limited to 'tests/vb20_misc_tests.c')
-rw-r--r--tests/vb20_misc_tests.c55
1 files changed, 55 insertions, 0 deletions
diff --git a/tests/vb20_misc_tests.c b/tests/vb20_misc_tests.c
index 73fae538..fdab37e3 100644
--- a/tests/vb20_misc_tests.c
+++ b/tests/vb20_misc_tests.c
@@ -76,6 +76,9 @@ static void reset_common_data(enum reset_type t)
vb2api_secdata_firmware_create(ctx);
vb2_secdata_firmware_init(ctx);
+ vb2api_secdata_kernel_create(ctx);
+ vb2_secdata_kernel_init(ctx);
+
mock_read_res_fail_on_call = 0;
mock_unpack_key_retval = VB2_SUCCESS;
mock_verify_keyblock_retval = VB2_SUCCESS;
@@ -156,10 +159,13 @@ vb2_error_t vb2_unpack_key_buffer(struct vb2_public_key *key,
return mock_unpack_key_retval;
}
+static struct vb2_public_key last_used_key;
+
vb2_error_t vb2_verify_keyblock(struct vb2_keyblock *block, uint32_t size,
const struct vb2_public_key *key,
const struct vb2_workbuf *wb)
{
+ memcpy(&last_used_key, key, sizeof(struct vb2_public_key));
return mock_verify_keyblock_retval;
}
@@ -168,6 +174,7 @@ vb2_error_t vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
const struct vb2_public_key *key,
const struct vb2_workbuf *wb)
{
+ memcpy(&last_used_key, key, sizeof(struct vb2_public_key));
return mock_verify_preamble_retval;
}
@@ -208,6 +215,29 @@ static void verify_keyblock_tests(void)
sd->data_key_size),
"workbuf used after");
+ /* Test hwcrypto conditions */
+ reset_common_data(FOR_KEYBLOCK);
+
+ TEST_SUCC(vb2_load_fw_keyblock(ctx), "keyblock verify");
+ TEST_EQ(last_used_key.allow_hwcrypto, 0,
+ "hwcrypto is forbidden by TPM flag");
+
+ ctx->flags |= VB2_CONTEXT_RECOVERY_MODE;
+ TEST_SUCC(vb2_load_fw_keyblock(ctx), "keyblock verify");
+ TEST_EQ(last_used_key.allow_hwcrypto, 0,
+ "hwcrypto is forbidden by TPM flag on recovery mode");
+
+ vb2_secdata_kernel_set(ctx, VB2_SECDATA_KERNEL_FLAGS,
+ VB2_SECDATA_KERNEL_FLAG_HWCRYPTO_ALLOWED);
+
+ TEST_SUCC(vb2_load_fw_keyblock(ctx), "keyblock verify");
+ TEST_EQ(last_used_key.allow_hwcrypto, 0,
+ "hwcrypto is forbidden on recovery mode");
+
+ ctx->flags &= ~VB2_CONTEXT_RECOVERY_MODE;
+ TEST_SUCC(vb2_load_fw_keyblock(ctx), "keyblock verify");
+ TEST_EQ(last_used_key.allow_hwcrypto, 1, "hwcrypto is allowed");
+
/* Test failures */
reset_common_data(FOR_KEYBLOCK);
sd->workbuf_used = sd->workbuf_size + VB2_WORKBUF_ALIGN -
@@ -298,6 +328,31 @@ static void verify_preamble_tests(void)
sd->preamble_size),
"workbuf used");
+ /* Test hwcrypto conditions */
+ reset_common_data(FOR_PREAMBLE);
+
+ TEST_SUCC(vb2_load_fw_preamble(ctx), "preamble good");
+ TEST_EQ(last_used_key.allow_hwcrypto, 0,
+ "hwcrypto is forbidden by TPM flag");
+
+ ctx->flags |= VB2_CONTEXT_RECOVERY_MODE;
+ TEST_SUCC(vb2_load_fw_preamble(ctx), "preamble good");
+ TEST_EQ(last_used_key.allow_hwcrypto, 0,
+ "hwcrypto is forbidden by TPM flag on recovery mode");
+
+ vb2_secdata_kernel_set(ctx, VB2_SECDATA_KERNEL_FLAGS,
+ VB2_SECDATA_KERNEL_FLAG_HWCRYPTO_ALLOWED);
+
+ TEST_SUCC(vb2_load_fw_preamble(ctx), "preamble good");
+ TEST_EQ(last_used_key.allow_hwcrypto, 0,
+ "hwcrypto is forbidden on recovery mode");
+
+ ctx->flags &= ~VB2_CONTEXT_RECOVERY_MODE;
+ TEST_SUCC(vb2_load_fw_preamble(ctx), "preamble good");
+ TEST_EQ(last_used_key.allow_hwcrypto, 1,
+ "hwcrypto is allowed");
+
+
/* Expected failures */
reset_common_data(FOR_PREAMBLE);
sd->data_key_size = 0;
View Lorry Controller Status