diff options
Diffstat (limited to 'tests/vb2_api_tests.c')
-rw-r--r-- | tests/vb2_api_tests.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c index 3a32d4b7..c5e45097 100644 --- a/tests/vb2_api_tests.c +++ b/tests/vb2_api_tests.c @@ -81,6 +81,7 @@ static void reset_common_data(enum reset_type t) vb2api_secdata_firmware_create(ctx); vb2api_secdata_kernel_create(ctx); + vb2_secdata_kernel_init(ctx); force_dev_mode = 0; retval_vb2_fw_init_gbb = VB2_SUCCESS; @@ -260,10 +261,13 @@ uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg) return mock_sig_size; } +static struct vb2_public_key last_used_key; + vb2_error_t vb2_rsa_verify_digest(const struct vb2_public_key *key, uint8_t *sig, const uint8_t *digest, const struct vb2_workbuf *wb) { + memcpy(&last_used_key, key, sizeof(struct vb2_public_key)); return retval_vb2_verify_digest; } @@ -736,6 +740,28 @@ static void check_hash_tests(void) TEST_SUCC(memcmp(digest_result, &digest_value, sizeof(digest_value)), "check digest value"); + /* Test hwcrypto conditions */ + reset_common_data(FOR_CHECK_HASH); + TEST_SUCC(vb2api_check_hash(ctx), "check hash good"); + TEST_EQ(last_used_key.allow_hwcrypto, 0, + "hwcrypto is forbidden by TPM flag"); + + ctx->flags |= VB2_CONTEXT_RECOVERY_MODE; + TEST_SUCC(vb2api_check_hash(ctx), "check hash good"); + TEST_EQ(last_used_key.allow_hwcrypto, 0, + "hwcrypto is forbidden by TPM flag on recovery mode"); + + vb2_secdata_kernel_set(ctx, VB2_SECDATA_KERNEL_FLAGS, + VB2_SECDATA_KERNEL_FLAG_HWCRYPTO_ALLOWED); + + TEST_SUCC(vb2api_check_hash(ctx), "check hash good"); + TEST_EQ(last_used_key.allow_hwcrypto, 0, + "hwcrypto is forbidden on recovery mode"); + + ctx->flags &= ~VB2_CONTEXT_RECOVERY_MODE; + TEST_SUCC(vb2api_check_hash(ctx), "check hash good"); + TEST_EQ(last_used_key.allow_hwcrypto, 1, "hwcrypto is allowed"); + reset_common_data(FOR_CHECK_HASH); TEST_EQ(vb2api_check_hash_get_digest(ctx, digest_result, digest_result_size - 1), |