diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/bdb_nvm_test.c | 60 | ||||
-rw-r--r-- | tests/bdb_sprw_test.c | 684 | ||||
-rw-r--r-- | tests/bdb_test.c | 504 | ||||
-rw-r--r-- | tests/futility/data/bdb.bin | bin | 3716 -> 0 bytes | |||
-rwxr-xr-x | tests/futility/run_test_scripts.sh | 1 | ||||
-rwxr-xr-x | tests/futility/test_bdb.sh | 100 | ||||
-rw-r--r-- | tests/futility/test_file_types.c | 1 | ||||
-rwxr-xr-x | tests/futility/test_file_types.sh | 1 | ||||
-rw-r--r-- | tests/testdata/bdbkey_digest.bin | 1 | ||||
-rw-r--r-- | tests/testkeys/bdbkey.crt | 33 | ||||
-rw-r--r-- | tests/testkeys/bdbkey.keyb | bin | 1032 -> 0 bytes | |||
-rw-r--r-- | tests/testkeys/bdbkey.pem | 51 |
12 files changed, 0 insertions, 1436 deletions
diff --git a/tests/bdb_nvm_test.c b/tests/bdb_nvm_test.c deleted file mode 100644 index d69391c0..00000000 --- a/tests/bdb_nvm_test.c +++ /dev/null @@ -1,60 +0,0 @@ -/* Copyright 2015 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Unit tests NVM - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include "bdb_api.h" -#include "test_common.h" - -static void test_nvmrw(void) -{ - struct vba_context ctx; - uint32_t val; - - memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw)); - - TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_UPDATE_COUNT, 1), NULL); - TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_UPDATE_COUNT, &val), NULL); - TEST_EQ(val, 1, NULL); - - TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_MIN_KERNEL_DATA_KEY_VERSION, 1), - NULL); - TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_MIN_KERNEL_DATA_KEY_VERSION, &val), - NULL); - TEST_EQ(val, 1, NULL); - - TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_MIN_KERNEL_VERSION, 1), NULL); - TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_MIN_KERNEL_VERSION, &val), NULL); - TEST_EQ(val, 1, NULL); - - TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_BUC_TYPE, 1), NULL); - TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_BUC_TYPE, &val), NULL); - TEST_EQ(val, 1, NULL); - - TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_FLAG_BUC_PRESENT, 1), NULL); - TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_FLAG_BUC_PRESENT, &val), NULL); - TEST_TRUE(val, NULL); - - TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_FLAG_DFM_DISABLE, 1), NULL); - TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_FLAG_DFM_DISABLE, &val), NULL); - TEST_TRUE(val, NULL); - - TEST_SUCC(nvmrw_set(&ctx, NVMRW_VAR_FLAG_DOSM, 1), NULL); - TEST_SUCC(nvmrw_get(&ctx, NVMRW_VAR_FLAG_DOSM, &val), NULL); - TEST_TRUE(val, NULL); -} - -int main(int argc, char *argv[]) -{ - printf("Running BDB NVM tests...\n"); - - test_nvmrw(); - - return gTestSuccess ? 0 : 255; -} diff --git a/tests/bdb_sprw_test.c b/tests/bdb_sprw_test.c deleted file mode 100644 index 8395275c..00000000 --- a/tests/bdb_sprw_test.c +++ /dev/null @@ -1,684 +0,0 @@ -/* Copyright 2015 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Unit tests - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <openssl/aes.h> - -#include "2sha.h" -#include "2hmac.h" -#include "bdb.h" -#include "bdb_api.h" -#include "bdb_struct.h" -#include "host.h" -#include "test_common.h" -#include "vboot_register.h" -#include "secrets.h" - -static struct bdb_header *bdb, *bdb0, *bdb1; -static uint32_t vboot_register; -static uint32_t vboot_register_persist; -static char slot_selected; -static uint8_t aprw_digest[BDB_SHA256_DIGEST_SIZE]; -static uint8_t reset_count; - -/* NVM-RW image in storage (e.g. EEPROM) */ -static uint8_t nvmrw1[NVM_RW_MAX_STRUCT_SIZE]; -static uint8_t nvmrw2[NVM_RW_MAX_STRUCT_SIZE]; - -static struct bdb_secrets secrets = { - .nvm_wp = {0x00, }, - .nvm_rw = {0x00, }, - .bdb = {0x00, }, - .boot_verified = {0x00, }, - .boot_path = {0x00, }, - .buc = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff}, -}; - -static int vbe_write_nvm_failure = 0; - -static struct bdb_header *create_bdb(const char *key_dir, - struct bdb_hash *hash, int num_hashes) -{ - struct bdb_header *b; - uint8_t oem_area_0[32] = "Some OEM area."; - uint8_t oem_area_1[64] = "Some other OEM area."; - char filename[1024]; - - struct bdb_create_params p = { - .bdb_load_address = 0x11223344, - .oem_area_0 = oem_area_0, - .oem_area_0_size = sizeof(oem_area_0), - .oem_area_1 = oem_area_1, - .oem_area_1_size = sizeof(oem_area_1), - .header_sig_description = (char *)"The header sig", - .data_sig_description = (char *)"The data sig", - .data_description = (char *)"Test BDB data", - .data_version = 3, - .hash = hash, - .num_hashes = num_hashes, - }; - - uint8_t bdbkey_digest[BDB_SHA256_DIGEST_SIZE]; - - /* Load keys */ - snprintf(filename, sizeof(filename), "%s/bdbkey.keyb", key_dir); - p.bdbkey = bdb_create_key(filename, 100, "BDB key"); - snprintf(filename, sizeof(filename), "%s/datakey.keyb", key_dir); - p.datakey = bdb_create_key(filename, 200, "datakey"); - snprintf(filename, sizeof(filename), "%s/bdbkey.pem", key_dir); - p.private_bdbkey = read_pem(filename); - snprintf(filename, sizeof(filename), "%s/datakey.pem", key_dir); - p.private_datakey = read_pem(filename); - if (!p.bdbkey || !p.datakey || !p.private_bdbkey || !p.private_datakey) { - fprintf(stderr, "Unable to load test keys\n"); - exit(2); - } - - vb2_digest_buffer((uint8_t *)p.bdbkey, p.bdbkey->struct_size, - VB2_HASH_SHA256, - bdbkey_digest, BDB_SHA256_DIGEST_SIZE); - - b = bdb_create(&p); - if (!b) { - fprintf(stderr, "Unable to create test BDB\n"); - exit(2); - } - - /* Free keys and buffers */ - free(p.bdbkey); - free(p.datakey); - RSA_free(p.private_bdbkey); - RSA_free(p.private_datakey); - - return b; -} - -static void calculate_aprw_digest(const struct bdb_hash *hash, uint8_t *digest) -{ - /* Locate AP-RW */ - /* Calculate digest as loading AP-RW */ - memcpy(digest, aprw_digest, sizeof(aprw_digest)); -} - -static void verstage_main(void) -{ - struct vba_context ctx; - const struct bdb_hash *hash; - uint8_t digest[BDB_SHA256_DIGEST_SIZE]; - int rv; - - rv = vba_bdb_init(&ctx); - if (rv) { - fprintf(stderr, "Initializing context failed for (%d)\n", rv); - vba_bdb_fail(&ctx); - /* This return is needed for unit test. vba_bdb_fail calls - * vbe_reset, which calls verstage_main. If verstage_main - * successfully returns, we return here as well. */ - return; - } - fprintf(stderr, "Initialized context. Trying slot %c\n", - ctx.slot ? 'B' : 'A'); - - /* 1. Locate BDB */ - - /* 2. Get bdb_hash structure for AP-RW */ - hash = bdb_get_hash_by_type(bdb, BDB_DATA_AP_RW); - fprintf(stderr, "Got hash of AP-RW\n"); - - /* 3. Load & calculate digest of AP-RW */ - calculate_aprw_digest(hash, digest); - fprintf(stderr, "Calculated digest\n"); - - /* 4. Compare digests */ - if (memcmp(hash->digest, digest, BDB_SHA256_DIGEST_SIZE)) { - fprintf(stderr, "Digests do not match\n"); - vba_bdb_fail(&ctx); - /* This return is needed for unit test. vba_bdb_fail calls - * vbe_reset, which calls verstage_main. If verstage_main - * successfully returns, we return here as well. */ - return; - } - - /* 5. Record selected slot. This depends on the firmware */ - slot_selected = ctx.slot ? 'B' : 'A'; - fprintf(stderr, "Selected AP-RW in slot %c\n", slot_selected); - - /* X. This should be done upon AP-RW's request after everything is - * successful. We do it here for the unit test. */ - vba_bdb_finalize(&ctx); -} - -uint32_t vbe_get_vboot_register(enum vboot_register type) -{ - switch (type) { - case VBOOT_REGISTER: - return vboot_register; - case VBOOT_REGISTER_PERSIST: - return vboot_register_persist; - default: - fprintf(stderr, "Invalid vboot register type (%d)\n", type); - exit(2); - } -} - -void vbe_set_vboot_register(enum vboot_register type, uint32_t val) -{ - switch (type) { - case VBOOT_REGISTER: - vboot_register = val; - break; - case VBOOT_REGISTER_PERSIST: - vboot_register_persist = val; - break; - default: - fprintf(stderr, "Invalid vboot register type (%d)\n", type); - exit(2); - } -} - -void vbe_reset(void) -{ - uint32_t val = vbe_get_vboot_register(VBOOT_REGISTER_PERSIST); - - fprintf(stderr, "Booting ...\n"); - - if (++reset_count > 5) { - fprintf(stderr, "Reset counter exceeded maximum value\n"); - exit(2); - } - - /* Emulate warm reset */ - vboot_register = 0; - if (val & VBOOT_REGISTER_RECOVERY_REQUEST) { - fprintf(stderr, "Recovery requested\n"); - return; - } - /* Selected by SP-RO */ - bdb = (val & VBOOT_REGISTER_TRY_SECONDARY_BDB) ? bdb1 : bdb0; - verstage_main(); -} - -static void test_verify_aprw(const char *key_dir) -{ - struct bdb_hash hash0 = { - .offset = 0x28000, - .size = 0x20000, - .partition = 1, - .type = BDB_DATA_AP_RW, - .load_address = 0x200000, - .digest = {0x11, 0x11, 0x11, 0x11}, - }; - struct bdb_hash hash1 = { - .offset = 0x28000, - .size = 0x20000, - .partition = 1, - .type = BDB_DATA_AP_RW, - .load_address = 0x200000, - .digest = {0x22, 0x22, 0x22, 0x22}, - }; - - bdb0 = create_bdb(key_dir, &hash0, 1); - bdb1 = create_bdb(key_dir, &hash1, 1); - memset(aprw_digest, 0, BDB_SHA256_DIGEST_SIZE); - - /* (slotA, slotB) = (good, bad) */ - reset_count = 0; - vboot_register_persist = 0; - slot_selected = 'X'; - memcpy(aprw_digest, hash0.digest, 4); - vbe_reset(); - TEST_EQ(reset_count, 1, NULL); - TEST_EQ(slot_selected, 'A', NULL); - TEST_FALSE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_PRIMARY, - NULL); - TEST_FALSE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_SECONDARY, - NULL); - - /* (slotA, slotB) = (bad, good) */ - reset_count = 0; - vboot_register_persist = 0; - slot_selected = 'X'; - memcpy(aprw_digest, hash1.digest, 4); - vbe_reset(); - TEST_EQ(reset_count, 3, NULL); - TEST_EQ(slot_selected, 'B', NULL); - TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_PRIMARY, - NULL); - TEST_FALSE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_SECONDARY, - NULL); - - /* (slotA, slotB) = (bad, bad) */ - reset_count = 0; - vboot_register_persist = 0; - slot_selected = 'X'; - memset(aprw_digest, 0, BDB_SHA256_DIGEST_SIZE); - vbe_reset(); - TEST_EQ(reset_count, 5, NULL); - TEST_EQ(slot_selected, 'X', NULL); - TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_PRIMARY, - NULL); - TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_FAILED_RW_SECONDARY, - NULL); - TEST_TRUE(vboot_register_persist & VBOOT_REGISTER_RECOVERY_REQUEST, - NULL); - - /* Clean up */ - free(bdb0); - free(bdb1); -} - -int vbe_read_nvm(enum nvm_type type, uint8_t *buf, uint32_t size) -{ - /* Read NVM-RW contents (from EEPROM for example) */ - switch (type) { - case NVM_TYPE_RW_PRIMARY: - if (sizeof(nvmrw1) < size) - return -1; - memcpy(buf, nvmrw1, size); - break; - case NVM_TYPE_RW_SECONDARY: - if (sizeof(nvmrw2) < size) - return -1; - memcpy(buf, nvmrw2, size); - break; - default: - return -1; - } - return 0; -} - -int vbe_write_nvm(enum nvm_type type, void *buf, uint32_t size) -{ - if (vbe_write_nvm_failure > 0) { - fprintf(stderr, "Failed to write NVM (type=%d failure=%d)\n", - type, vbe_write_nvm_failure); - vbe_write_nvm_failure--; - return -1; - } - - /* Write NVM-RW contents (to EEPROM for example) */ - switch (type) { - case NVM_TYPE_RW_PRIMARY: - memcpy(nvmrw1, buf, size); - break; - case NVM_TYPE_RW_SECONDARY: - memcpy(nvmrw2, buf, size); - break; - default: - return -1; - } - return 0; -} - -static void install_nvm(enum nvm_type type, - uint32_t min_kernel_data_key_version, - uint32_t min_kernel_version, - uint32_t update_count) -{ - struct nvmrw nvm = { - .struct_magic = NVM_RW_MAGIC, - .struct_major_version = NVM_HEADER_VERSION_MAJOR, - .struct_minor_version = NVM_HEADER_VERSION_MINOR, - .struct_size = sizeof(struct nvmrw), - .min_kernel_data_key_version = min_kernel_data_key_version, - .min_kernel_version = min_kernel_version, - .update_count = update_count, - }; - - /* Compute HMAC */ - hmac(VB2_HASH_SHA256, secrets.nvm_rw, BDB_SECRET_SIZE, - &nvm, nvm.struct_size - sizeof(nvm.hmac), - nvm.hmac, sizeof(nvm.hmac)); - - /* Install NVM-RWs (in EEPROM for example) */ - switch (type) { - case NVM_TYPE_RW_PRIMARY: - memset(nvmrw1, 0, sizeof(nvmrw1)); - memcpy(nvmrw1, &nvm, sizeof(nvm)); - break; - case NVM_TYPE_RW_SECONDARY: - memset(nvmrw2, 0, sizeof(nvmrw2)); - memcpy(nvmrw2, &nvm, sizeof(nvm)); - break; - default: - fprintf(stderr, "Unsupported NVM type (%d)\n", type); - exit(2); - return; - } -} - -static void test_nvm_read(void) -{ - struct vba_context ctx = { - .bdb = NULL, - .secrets = &secrets, - }; - struct nvmrw *nvm; - uint8_t nvmrw1_copy[NVM_RW_MAX_STRUCT_SIZE]; - uint8_t nvmrw2_copy[NVM_RW_MAX_STRUCT_SIZE]; - - install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0); - install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0); - memcpy(nvmrw1_copy, nvmrw1, sizeof(nvmrw1)); - memcpy(nvmrw2_copy, nvmrw2, sizeof(nvmrw2)); - - /* Test nvm_read: both good -> pick primary, no sync */ - memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw)); - TEST_SUCC(nvmrw_read(&ctx), NULL); - TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw1, sizeof(*nvm)), NULL); - TEST_SUCC(memcmp(nvmrw1, nvmrw1_copy, sizeof(nvmrw1)), NULL); - TEST_SUCC(memcmp(nvmrw2, nvmrw2_copy, sizeof(nvmrw2)), NULL); - - /* Test nvm_read: primary bad -> pick secondary */ - install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0); - install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0); - memcpy(nvmrw2_copy, nvmrw2, sizeof(*nvm)); - nvm = (struct nvmrw *)nvmrw1; - nvm->hmac[0] ^= 0xff; - memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw)); - TEST_SUCC(nvmrw_read(&ctx), NULL); - TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw2, sizeof(*nvm)), NULL); - TEST_SUCC(memcmp(nvmrw1, nvmrw2_copy, sizeof(nvmrw2)), NULL); - TEST_SUCC(memcmp(nvmrw2, nvmrw2_copy, sizeof(nvmrw2)), NULL); - - /* Test nvm_read: secondary bad -> pick primary */ - install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0); - install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0); - memcpy(nvmrw1_copy, nvmrw1, sizeof(*nvm)); - nvm = (struct nvmrw *)nvmrw2; - nvm->hmac[0] ^= 0xff; - memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw)); - TEST_SUCC(nvmrw_read(&ctx), NULL); - TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw1, sizeof(*nvm)), NULL); - TEST_SUCC(memcmp(nvmrw1, nvmrw1_copy, sizeof(nvmrw1)), NULL); - TEST_SUCC(memcmp(nvmrw2, nvmrw1_copy, sizeof(nvmrw1)), NULL); - - /* Test nvm_read: both bad */ - nvm = (struct nvmrw *)nvmrw1; - nvm->hmac[0] ^= 0xff; - nvm = (struct nvmrw *)nvmrw2; - nvm->hmac[0] ^= 0xff; - memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw)); - TEST_EQ(nvmrw_read(&ctx), BDB_ERROR_NVM_RW_INVALID_HMAC, NULL); - - /* Test update count: secondary new -> pick secondary */ - install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0); - install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 1); - memcpy(nvmrw2_copy, nvmrw2, sizeof(*nvm)); - memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw)); - TEST_SUCC(nvmrw_read(&ctx), NULL); - TEST_SUCC(memcmp(&ctx.nvmrw, nvmrw2, sizeof(*nvm)), NULL); - TEST_SUCC(memcmp(nvmrw1, nvmrw2_copy, sizeof(nvmrw1)), NULL); - TEST_SUCC(memcmp(nvmrw2, nvmrw2_copy, sizeof(nvmrw2)), NULL); - - /* Test old reader -> minor version downgrade */ - install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0); - install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 1); - memset(&ctx.nvmrw, 0, sizeof(ctx.nvmrw)); - nvm = (struct nvmrw *)nvmrw1; - nvm->struct_minor_version++; - nvm->struct_size++; - TEST_SUCC(nvmrw_read(&ctx), NULL); - TEST_EQ(ctx.nvmrw.struct_minor_version, NVM_HEADER_VERSION_MINOR, NULL); - TEST_EQ(ctx.nvmrw.struct_size, sizeof(*nvm), NULL); -} - -static void verify_nvm_write(struct vba_context *ctx, - int expected_result) -{ - struct nvmrw *nvmrw; - struct nvmrw *nvm = &ctx->nvmrw; - - TEST_EQ(nvmrw_write(ctx, NVM_TYPE_RW_PRIMARY), expected_result, NULL); - - if (expected_result != BDB_SUCCESS) - return; - - nvmrw = (struct nvmrw *)nvmrw1; - TEST_EQ(nvmrw->min_kernel_data_key_version, - nvm->min_kernel_data_key_version, NULL); - TEST_EQ(nvmrw->min_kernel_version, nvm->min_kernel_version, NULL); - TEST_EQ(nvmrw->update_count, nvm->update_count, NULL); -} - -static void test_nvm_write(void) -{ - struct vba_context ctx = { - .bdb = NULL, - .secrets = &secrets, - }; - struct nvmrw nvm = { - .struct_magic = NVM_RW_MAGIC, - .struct_major_version = NVM_HEADER_VERSION_MAJOR, - .struct_minor_version = NVM_HEADER_VERSION_MINOR, - .struct_size = sizeof(struct nvmrw), - .min_kernel_data_key_version = 1, - .min_kernel_version = 2, - .update_count = 3, - }; - - /* Test normal case */ - memcpy(&ctx.nvmrw, &nvm, sizeof(nvm)); - vbe_write_nvm_failure = 0; - verify_nvm_write(&ctx, BDB_SUCCESS); - - /* Test write failure: once */ - memcpy(&ctx.nvmrw, &nvm, sizeof(nvm)); - vbe_write_nvm_failure = 1; - verify_nvm_write(&ctx, BDB_SUCCESS); - - /* Test write failure: twice */ - memcpy(&ctx.nvmrw, &nvm, sizeof(nvm)); - vbe_write_nvm_failure = 2; - verify_nvm_write(&ctx, BDB_ERROR_NVM_WRITE); - - /* Test invalid struct magic */ - memcpy(&ctx.nvmrw, &nvm, sizeof(nvm)); - ctx.nvmrw.struct_magic ^= 0xff; - verify_nvm_write(&ctx, BDB_ERROR_NVM_RW_MAGIC); - - /* Test struct size too small */ - memcpy(&ctx.nvmrw, &nvm, sizeof(nvm)); - ctx.nvmrw.struct_size = NVM_RW_MIN_STRUCT_SIZE - 1; - verify_nvm_write(&ctx, BDB_ERROR_NVM_STRUCT_SIZE); - - /* Test struct size too large */ - memcpy(&ctx.nvmrw, &nvm, sizeof(nvm)); - ctx.nvmrw.struct_size = NVM_RW_MAX_STRUCT_SIZE + 1; - verify_nvm_write(&ctx, BDB_ERROR_NVM_STRUCT_SIZE); - - /* Test invalid struct version */ - memcpy(&ctx.nvmrw, &nvm, sizeof(nvm)); - ctx.nvmrw.struct_major_version = NVM_HEADER_VERSION_MAJOR - 1; - verify_nvm_write(&ctx, BDB_ERROR_NVM_STRUCT_VERSION); - - vbe_write_nvm_failure = 0; -} - -static void verify_kernel_version(uint32_t min_kernel_data_key_version, - uint32_t new_kernel_data_key_version, - uint32_t min_kernel_version, - uint32_t new_kernel_version, - int expected_result) -{ - struct vba_context ctx = { - .bdb = NULL, - .secrets = &secrets, - }; - struct nvmrw *nvm = (struct nvmrw *)nvmrw1; - uint32_t expected_kernel_data_key_version = min_kernel_data_key_version; - uint32_t expected_kernel_version = min_kernel_version; - int should_update = 0; - - if (min_kernel_data_key_version < new_kernel_data_key_version) { - expected_kernel_data_key_version = new_kernel_data_key_version; - should_update = 1; - } - if (min_kernel_version < new_kernel_version) { - expected_kernel_version = new_kernel_version; - should_update = 1; - } - - install_nvm(NVM_TYPE_RW_PRIMARY, min_kernel_data_key_version, - min_kernel_version, 0); - install_nvm(NVM_TYPE_RW_SECONDARY, 0, 0, 0); - - TEST_EQ(vba_update_kernel_version(&ctx, new_kernel_data_key_version, - new_kernel_version), - expected_result, NULL); - - if (expected_result != BDB_SUCCESS) - return; - - /* Check data key version */ - TEST_EQ(nvm->min_kernel_data_key_version, - expected_kernel_data_key_version, NULL); - /* Check kernel version */ - TEST_EQ(nvm->min_kernel_version, expected_kernel_version, NULL); - /* Check update_count */ - TEST_EQ(nvm->update_count, 0 + should_update, NULL); - /* Check sync if update is expected */ - if (should_update) - TEST_SUCC(memcmp(nvmrw2, nvmrw1, sizeof(nvmrw1)), NULL); -} - -static void test_update_kernel_version(void) -{ - /* Test update: data key version */ - verify_kernel_version(0, 1, 0, 0, BDB_SUCCESS); - /* Test update: kernel version */ - verify_kernel_version(0, 0, 0, 1, BDB_SUCCESS); - /* Test no update: data key version */ - verify_kernel_version(1, 0, 0, 0, BDB_SUCCESS); - /* Test no update: kernel version */ - verify_kernel_version(0, 0, 1, 0, BDB_SUCCESS); -} - -int vbe_aes256_encrypt(const uint8_t *msg, uint32_t len, const uint8_t *key, - uint8_t *out) -{ - int i; - - for (i = 0; i < len; i++) - out[i] = msg[i] ^ key[i % 256/8]; - - return BDB_SUCCESS; -} - -int vbe_aes256_decrypt(const uint8_t *msg, uint32_t len, const uint8_t *key, - uint8_t *out) -{ - int i; - - for (i = 0; i < len; i++) - out[i] = msg[i] ^ key[i % 256/8]; - - return BDB_SUCCESS; -} - -static void test_update_buc(void) -{ - uint8_t new_buc[BUC_ENC_DIGEST_SIZE]; - uint8_t enc_buc[BUC_ENC_DIGEST_SIZE]; - struct nvmrw *nvm = (struct nvmrw *)nvmrw1; - struct vba_context ctx = { - .bdb = NULL, - .secrets = &secrets, - }; - - install_nvm(NVM_TYPE_RW_PRIMARY, 0, 1, 0); - install_nvm(NVM_TYPE_RW_SECONDARY, 1, 0, 0); - - TEST_SUCC(vba_update_buc(&ctx, new_buc), NULL); - vbe_aes256_encrypt(new_buc, sizeof(new_buc), ctx.secrets->buc, - enc_buc); - TEST_SUCC(memcmp(nvm->buc_enc_digest, enc_buc, sizeof(new_buc)), NULL); -} - -static void test_derive_secrets(void) -{ - uint8_t test_key[sizeof(struct bdb_key) + BDB_RSA4096_KEY_DATA_SIZE]; - struct bdb_key *key = (struct bdb_key *)test_key; - struct vba_context ctx = { - .bdb = NULL, - .secrets = &secrets, - }; - const struct bdb_secrets expected = { - .bdb = { - 0x75, 0xb6, 0x24, 0xaa, 0x72, 0x50, 0xf9, 0x33, - 0x59, 0x45, 0x8d, 0xbf, 0xfa, 0x42, 0xc4, 0xb7, - 0x1b, 0xff, 0xc6, 0x02, 0x02, 0x35, 0xc5, 0x1a, - 0x6c, 0xdc, 0x3a, 0x63, 0xfb, 0x8b, 0xac, 0x53}, - .boot_verified = { - 0x40, 0xf3, 0x9b, 0xdc, 0xf6, 0xb4, 0xe8, 0xdf, - 0x48, 0xc4, 0xfe, 0x02, 0xdd, 0x34, 0x06, 0xd9, - 0xed, 0xd9, 0x55, 0x79, 0xf4, 0x48, 0x58, 0xbf, - 0x32, 0x55, 0xba, 0x21, 0xca, 0xcc, 0x8c, 0xd1}, - .boot_path = { - 0xfb, 0x58, 0x89, 0x58, 0x2f, 0x54, 0xa2, 0xf7, - 0x96, 0x5b, 0x69, 0x77, 0x9b, 0x67, 0x80, 0x39, - 0x7a, 0xd4, 0xc5, 0x3b, 0xcf, 0x95, 0x3f, 0xec, - 0x28, 0x49, 0x55, 0x49, 0x38, 0x27, 0x5d, 0x3c}, - .buc = { - 0x63, 0xa5, 0x30, 0xd7, 0xca, 0xe1, 0x3e, 0x2e, - 0x72, 0x7e, 0x29, 0xc9, 0x37, 0x66, 0x6a, 0x63, - 0x91, 0xd4, 0x8e, 0x8b, 0xbc, 0x1a, 0x7a, 0xcf, - 0xc3, 0x19, 0xa0, 0x87, 0xfc, 0x4d, 0xe1, 0xe8}, - }; - - memset(test_key, 0, sizeof(test_key)); - key->struct_magic = BDB_KEY_MAGIC; - key->struct_major_version = BDB_KEY_VERSION_MAJOR; - key->struct_minor_version = BDB_KEY_VERSION_MINOR; - key->struct_size = sizeof(test_key); - key->hash_alg = BDB_HASH_ALG_SHA256; - key->sig_alg = BDB_SIG_ALG_RSA4096; - key->key_version = 1; - - TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BDB, NULL, - test_key, sizeof(test_key)), NULL); - TEST_SUCC(memcmp(ctx.secrets->bdb, expected.bdb, BDB_SECRET_SIZE), - NULL); - - TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BOOT_VERIFIED, NULL, - NULL, 0), NULL); - TEST_SUCC(memcmp(ctx.secrets->boot_verified, expected.boot_verified, - BDB_SECRET_SIZE), NULL); - - TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BOOT_PATH, NULL, - test_key, sizeof(test_key)), NULL); - TEST_SUCC(memcmp(ctx.secrets->boot_path, expected.boot_path, - BDB_SECRET_SIZE), NULL); - - TEST_SUCC(vba_derive_secret(&ctx, BDB_SECRET_TYPE_BUC, NULL, NULL, 0), - NULL); - TEST_SUCC(memcmp(ctx.secrets->buc, expected.buc, - BDB_SECRET_SIZE), NULL); -} - -int main(int argc, char *argv[]) -{ - if (argc != 2) { - fprintf(stderr, "Usage: %s <keys_dir>", argv[0]); - return -1; - } - printf("Running BDB SP-RW tests...\n"); - - test_verify_aprw(argv[1]); - test_nvm_read(); - test_nvm_write(); - test_update_kernel_version(); - test_update_buc(); - test_derive_secrets(); - - return gTestSuccess ? 0 : 255; -} diff --git a/tests/bdb_test.c b/tests/bdb_test.c deleted file mode 100644 index 693d6191..00000000 --- a/tests/bdb_test.c +++ /dev/null @@ -1,504 +0,0 @@ -/* Copyright 2015 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Unit tests - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> - -#include "2sha.h" -#include "bdb.h" -#include "host.h" -#include "test_common.h" - -static void check_header_tests(void) -{ - struct bdb_header sgood = { - .struct_magic = BDB_HEADER_MAGIC, - .struct_major_version = BDB_HEADER_VERSION_MAJOR, - .struct_minor_version = BDB_HEADER_VERSION_MINOR, - .struct_size = sizeof(struct bdb_header), - .bdb_load_address = -1, - .bdb_size = 1024, - .signed_size = 512, - .oem_area_0_size = 256, - }; - const size_t ssize = sgood.struct_size; - struct bdb_header s; - - s = sgood; - TEST_EQ_S(bdb_check_header(&s, ssize), BDB_SUCCESS); - TEST_EQ_S(bdb_check_header(&s, ssize - 1), BDB_ERROR_BUF_SIZE); - - s = sgood; - s.struct_size++; - TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_BUF_SIZE); - - s = sgood; - s.struct_size--; - TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_STRUCT_SIZE); - - s = sgood; - s.struct_magic++; - TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_STRUCT_MAGIC); - - s = sgood; - s.struct_major_version++; - TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_STRUCT_VERSION); - - s = sgood; - s.oem_area_0_size++; - TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_OEM_AREA_SIZE); - - s = sgood; - s.bdb_size = ssize - 1; - TEST_EQ_S(bdb_check_header(&s, ssize), BDB_ERROR_BDB_SIZE); -} - -static void check_key_tests(void) -{ - struct bdb_key sgood = { - .struct_magic = BDB_KEY_MAGIC, - .struct_major_version = BDB_KEY_VERSION_MAJOR, - .struct_minor_version = BDB_KEY_VERSION_MINOR, - .struct_size = (sizeof(struct bdb_key) + - BDB_RSA4096_KEY_DATA_SIZE), - .hash_alg = BDB_HASH_ALG_SHA256, - .sig_alg = BDB_SIG_ALG_RSA4096, - .key_version = 1, - .description = "Test key", - }; - const size_t ssize = sgood.struct_size; - struct bdb_key s; - - s = sgood; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_SUCCESS); - TEST_EQ_S(bdb_check_key(&s, ssize - 1), BDB_ERROR_BUF_SIZE); - - s = sgood; - s.struct_size++; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_BUF_SIZE); - - s = sgood; - s.struct_size--; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_STRUCT_SIZE); - - s = sgood; - s.struct_magic++; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_STRUCT_MAGIC); - - s = sgood; - s.struct_major_version++; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_STRUCT_VERSION); - - /* Description must contain a null */ - s = sgood; - memset(s.description, 'x', sizeof(s.description)); - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_DESCRIPTION); - - /* Data AFTER the null is explicitly allowed, though */ - s = sgood; - s.description[100] = 'x'; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_SUCCESS); - - /* Limited algorithm choices at present */ - s = sgood; - s.hash_alg = BDB_HASH_ALG_INVALID; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_HASH_ALG); - - /* This works because ECDSA521 signatures are smaller than RSA4096 */ - s = sgood; - s.sig_alg = BDB_SIG_ALG_ECSDSA521; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_SUCCESS); - - s = sgood; - s.sig_alg = BDB_SIG_ALG_INVALID; - TEST_EQ_S(bdb_check_key(&s, ssize), BDB_ERROR_SIG_ALG); -} - -static void check_sig_tests(void) -{ - struct bdb_sig sgood = { - .struct_magic = BDB_SIG_MAGIC, - .struct_major_version = BDB_SIG_VERSION_MAJOR, - .struct_minor_version = BDB_SIG_VERSION_MINOR, - .struct_size = sizeof(struct bdb_sig) + BDB_RSA4096_SIG_SIZE, - .hash_alg = BDB_HASH_ALG_SHA256, - .sig_alg = BDB_SIG_ALG_RSA4096, - .signed_size = 123, - .description = "Test sig", - }; - const size_t ssize = sgood.struct_size; - struct bdb_sig s; - - s = sgood; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_SUCCESS); - TEST_EQ_S(bdb_check_sig(&s, ssize - 1), BDB_ERROR_BUF_SIZE); - - s = sgood; - s.struct_size++; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_BUF_SIZE); - - s = sgood; - s.struct_size--; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_STRUCT_SIZE); - - s = sgood; - s.struct_magic++; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_STRUCT_MAGIC); - - s = sgood; - s.struct_major_version++; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_STRUCT_VERSION); - - /* Description must contain a null */ - s = sgood; - memset(s.description, 'x', sizeof(s.description)); - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_DESCRIPTION); - - /* Data AFTER the null is explicitly allowed, though */ - s = sgood; - s.description[100] = 'x'; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_SUCCESS); - - /* Limited algorithm choices at present */ - s = sgood; - s.hash_alg = BDB_HASH_ALG_INVALID; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_HASH_ALG); - - /* This works because ECDSA521 signatures are smaller than RSA4096 */ - s = sgood; - s.sig_alg = BDB_SIG_ALG_ECSDSA521; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_SUCCESS); - - s = sgood; - s.sig_alg = BDB_SIG_ALG_INVALID; - TEST_EQ_S(bdb_check_sig(&s, ssize), BDB_ERROR_SIG_ALG); -} - -static void check_data_tests(void) -{ - struct bdb_data sgood = { - .struct_magic = BDB_DATA_MAGIC, - .struct_major_version = BDB_DATA_VERSION_MAJOR, - .struct_minor_version = BDB_DATA_VERSION_MINOR, - .struct_size = sizeof(struct bdb_data), - .data_version = 1, - .oem_area_1_size = 256, - .num_hashes = 3, - .hash_entry_size = sizeof(struct bdb_hash), - .signed_size = 2048, - .description = "Test data", - }; - const size_t ssize = sgood.signed_size; - struct bdb_data s; - - s = sgood; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_SUCCESS); - TEST_EQ_S(bdb_check_data(&s, ssize - 1), BDB_ERROR_BUF_SIZE); - - s = sgood; - s.struct_size--; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_STRUCT_SIZE); - - s = sgood; - s.struct_magic++; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_STRUCT_MAGIC); - - s = sgood; - s.struct_major_version++; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_STRUCT_VERSION); - - /* Description must contain a null */ - s = sgood; - memset(s.description, 'x', sizeof(s.description)); - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_DESCRIPTION); - - /* Data AFTER the null is explicitly allowed, though */ - s = sgood; - s.description[100] = 'x'; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_SUCCESS); - - s = sgood; - s.hash_entry_size--; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_HASH_ENTRY_SIZE); - - s = sgood; - s.oem_area_1_size++; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_OEM_AREA_SIZE); - - /* Check exact size needed */ - s = sgood; - s.signed_size = sizeof(s) + s.num_hashes * sizeof(struct bdb_hash) + - s.oem_area_1_size; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_SUCCESS); - s.signed_size--; - TEST_EQ_S(bdb_check_data(&s, ssize), BDB_ERROR_SIGNED_SIZE); - - /* - * TODO: Verify wraparound check works. That can only be tested on a - * platform where size_t is uint32_t, because otherwise a 32-bit - * oem_area_1_size can't cause wraparound. - */ -} - -/** - * Test bdb_verify() and bdb_create() - */ -static void check_bdb_verify(const char *key_dir) -{ - uint8_t oem_area_0[32] = "Some OEM area."; - uint8_t oem_area_1[64] = "Some other OEM area."; - char filename[1024]; - - struct bdb_hash hash[2] = { - { - .offset = 0x10000, - .size = 0x18000, - .partition = 1, - .type = BDB_DATA_SP_RW, - .load_address = 0x100000, - .digest = {0x11, 0x11, 0x11, 0x10}, - }, - { - .offset = 0x28000, - .size = 0x20000, - .partition = 1, - .type = BDB_DATA_AP_RW, - .load_address = 0x200000, - .digest = {0x22, 0x22, 0x22, 0x20}, - }, - }; - - struct bdb_create_params p = { - .bdb_load_address = 0x11223344, - .oem_area_0 = oem_area_0, - .oem_area_0_size = sizeof(oem_area_0), - .oem_area_1 = oem_area_1, - .oem_area_1_size = sizeof(oem_area_1), - .header_sig_description = (char *)"The header sig", - .data_sig_description = (char *)"The data sig", - .data_description = (char *)"Test BDB data", - .data_version = 3, - .hash = hash, - .num_hashes = 2, - }; - - uint8_t bdbkey_digest[BDB_SHA256_DIGEST_SIZE]; - struct bdb_header *hgood, *h; - size_t hsize; - - /* Load keys */ - snprintf(filename, sizeof(filename), "%s/bdbkey.keyb", key_dir); - p.bdbkey = bdb_create_key(filename, 100, "BDB key"); - snprintf(filename, sizeof(filename), "%s/datakey.keyb", key_dir); - p.datakey = bdb_create_key(filename, 200, "datakey"); - snprintf(filename, sizeof(filename), "%s/bdbkey.pem", key_dir); - p.private_bdbkey = read_pem(filename); - snprintf(filename, sizeof(filename), "%s/datakey.pem", key_dir); - p.private_datakey = read_pem(filename); - if (!p.bdbkey || !p.datakey || !p.private_bdbkey || !p.private_datakey) { - fprintf(stderr, "Unable to load test keys\n"); - exit(2); - } - - vb2_digest_buffer((uint8_t *)p.bdbkey, p.bdbkey->struct_size, - VB2_HASH_SHA256, - bdbkey_digest, BDB_SHA256_DIGEST_SIZE); - - /* Create the test BDB */ - hgood = bdb_create(&p); - if (!hgood) { - fprintf(stderr, "Unable to create test BDB\n"); - exit(2); - } - hsize = hgood->bdb_size; - - /* Allocate a copy we can mangle */ - h = calloc(hsize, 1); - - /* As created, it should pass */ - memcpy(h, hgood, hsize); - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_SUCCESS); - - /* It can accept a NULL pointer as bdb_key_digest */ - memcpy(h, hgood, hsize); - TEST_EQ_S(bdb_verify(h, hsize, NULL), BDB_GOOD_OTHER_THAN_KEY); - - /* Mangle each component in turn */ - memcpy(h, hgood, hsize); - h->struct_magic++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER); - - memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_bdbkey(h))->struct_magic++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_BDBKEY); - - memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_bdbkey(h))->key_version++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_GOOD_OTHER_THAN_KEY); - - memcpy(h, hgood, hsize); - h->oem_area_0_size += hsize; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_OEM_AREA_0); - - memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_datakey(h))->struct_magic++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATAKEY); - - memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_datakey(h))->struct_size += 4; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_BDB_SIGNED_SIZE); - - memcpy(h, hgood, hsize); - ((struct bdb_sig *)bdb_get_header_sig(h))->struct_magic++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG); - - memcpy(h, hgood, hsize); - ((struct bdb_sig *)bdb_get_header_sig(h))->signed_size--; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG); - - memcpy(h, hgood, hsize); - ((struct bdb_sig *)bdb_get_header_sig(h))->sig_data[0] ^= 0x42; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG); - - /* Also make sure the header sig really covers all the fields */ - memcpy(h, hgood, hsize); - ((struct bdb_key *)bdb_get_datakey(h))->key_version++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG); - - memcpy(h, hgood, hsize); - ((uint8_t *)bdb_get_oem_area_0(h))[0] ^= 0x42; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG); - - memcpy(h, hgood, hsize); - ((uint8_t *)bdb_get_oem_area_0(h))[p.oem_area_0_size - 1] ^= 0x24; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_HEADER_SIG); - - /* Check data header */ - memcpy(h, hgood, hsize); - ((struct bdb_data *)bdb_get_data(h))->struct_magic++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA); - - memcpy(h, hgood, hsize); - ((struct bdb_sig *)bdb_get_data_sig(h))->struct_magic++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), - BDB_ERROR_DATA_CHECK_SIG); - - memcpy(h, hgood, hsize); - ((struct bdb_sig *)bdb_get_data_sig(h))->signed_size--; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), - BDB_ERROR_DATA_SIGNED_SIZE); - - memcpy(h, hgood, hsize); - ((struct bdb_sig *)bdb_get_data_sig(h))->sig_data[0] ^= 0x42; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG); - - /* Also make sure the data sig really covers all the fields */ - memcpy(h, hgood, hsize); - ((struct bdb_data *)bdb_get_data(h))->data_version--; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG); - - memcpy(h, hgood, hsize); - ((uint8_t *)bdb_get_oem_area_1(h))[0] ^= 0x42; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG); - - memcpy(h, hgood, hsize); - ((uint8_t *)bdb_get_oem_area_1(h))[p.oem_area_1_size - 1] ^= 0x24; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG); - - memcpy(h, hgood, hsize); - ((struct bdb_hash *)bdb_get_hash_by_type(h, BDB_DATA_SP_RW))->offset++; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG); - - memcpy(h, hgood, hsize); - ((struct bdb_hash *)bdb_get_hash_by_type(h, BDB_DATA_AP_RW)) - ->digest[0] ^= 0x96; - TEST_EQ_S(bdb_verify(h, hsize, bdbkey_digest), BDB_ERROR_DATA_SIG); - - /* - * This is also a convenient place to test that all the parameters we - * fed into bdb_create() also worked. That also tests all the - * bdb_get_*() functions. - */ - memcpy(h, hgood, hsize); - TEST_EQ_S(h->bdb_load_address, p.bdb_load_address); - - TEST_EQ_S(strcmp(bdb_get_bdbkey(h)->description, p.bdbkey->description), - 0); - TEST_EQ_S(bdb_get_bdbkey(h)->key_version, p.bdbkey->key_version); - - TEST_EQ_S(h->oem_area_0_size, p.oem_area_0_size); - TEST_EQ_S(memcmp(bdb_get_oem_area_0(h), oem_area_0, sizeof(oem_area_0)), - 0); - - TEST_EQ_S(strcmp(bdb_get_datakey(h)->description, p.datakey->description), - 0); - TEST_EQ_S(bdb_get_datakey(h)->key_version, p.datakey->key_version); - - TEST_EQ_S(strcmp(bdb_get_header_sig(h)->description, - p.header_sig_description), 0); - - TEST_EQ_S(strcmp(bdb_get_data(h)->description, p.data_description), 0); - TEST_EQ_S(bdb_get_data(h)->data_version, p.data_version); - TEST_EQ_S(bdb_get_data(h)->num_hashes, p.num_hashes); - - TEST_EQ_S(bdb_get_data(h)->oem_area_1_size, p.oem_area_1_size); - TEST_EQ_S(memcmp(bdb_get_oem_area_1(h), oem_area_1, sizeof(oem_area_1)), - 0); - - TEST_EQ_S(strcmp(bdb_get_data_sig(h)->description, - p.data_sig_description), 0); - - /* Test getting hash entries */ - memcpy(h, hgood, hsize); - TEST_EQ_S(bdb_get_hash_by_type(h, BDB_DATA_SP_RW) - ->offset, hash[0].offset); - TEST_EQ_S(bdb_get_hash_by_index(h, 0) - ->offset, hash[0].offset); - TEST_EQ_S(bdb_get_hash_by_type(h, BDB_DATA_AP_RW) - ->offset, hash[1].offset); - TEST_EQ_S(bdb_get_hash_by_index(h, 1) - ->offset, hash[1].offset); - /* And a non-existent one */ - TEST_PTR_EQ(bdb_get_hash_by_type(h, BDB_DATA_MCU), NULL, NULL); - TEST_PTR_EQ(bdb_get_hash_by_index(h, 2), NULL, NULL); - - /* - * TODO: Verify wraparound checks works. That can only be tested on a - * platform where size_t is uint32_t, because otherwise a 32-bit - * oem_area_1_size can't cause wraparound. - */ - - /* Free keys and buffers */ - free(p.bdbkey); - free(p.datakey); - RSA_free(p.private_bdbkey); - RSA_free(p.private_datakey); - free(hgood); - free(h); -} - -/*****************************************************************************/ - -int main(int argc, char *argv[]) -{ - if (argc != 2) { - fprintf(stderr, "Usage: %s <keys_dir>", argv[0]); - return -1; - } - printf("Running BDB tests...\n"); - - check_header_tests(); - check_key_tests(); - check_sig_tests(); - check_data_tests(); - check_bdb_verify(argv[1]); - - printf("All tests passed!\n"); - - return gTestSuccess ? 0 : 255; -} diff --git a/tests/futility/data/bdb.bin b/tests/futility/data/bdb.bin Binary files differdeleted file mode 100644 index 1fe84463..00000000 --- a/tests/futility/data/bdb.bin +++ /dev/null diff --git a/tests/futility/run_test_scripts.sh b/tests/futility/run_test_scripts.sh index 7171b483..8ccbab6e 100755 --- a/tests/futility/run_test_scripts.sh +++ b/tests/futility/run_test_scripts.sh @@ -40,7 +40,6 @@ export OUTDIR # These are the scripts to run. Binaries are invoked directly by the Makefile. TESTS=" -${SCRIPTDIR}/test_bdb.sh ${SCRIPTDIR}/test_create.sh ${SCRIPTDIR}/test_dump_fmap.sh ${SCRIPTDIR}/test_gbb_utility.sh diff --git a/tests/futility/test_bdb.sh b/tests/futility/test_bdb.sh deleted file mode 100755 index 0f0c0249..00000000 --- a/tests/futility/test_bdb.sh +++ /dev/null @@ -1,100 +0,0 @@ -#!/bin/bash -eux -# Copyright 2015 The Chromium OS Authors. All rights reserved. -# Use of this source code is governed by a BSD-style license that can be -# found in the LICENSE file. - -me=${0##*/} -TMP="$me.tmp" - -# Work in scratch directory -cd "$OUTDIR" -BDB_FILE=bdb.bin - -TESTKEY_DIR=${SRCDIR}/tests/testkeys -TESTDATA_DIR=${SRCDIR}/tests/testdata - -BDBKEY_PUB=${TESTKEY_DIR}/bdbkey.keyb -BDBKEY_PRI=${TESTKEY_DIR}/bdbkey.pem -DATAKEY_PUB=${TESTKEY_DIR}/datakey.keyb -DATAKEY_PRI=${TESTKEY_DIR}/datakey.pem -BDBKEY_DIGEST=${TESTDATA_DIR}/bdbkey_digest.bin -DATAKEY_DIGEST=${TESTDATA_DIR}/datakey_digest.bin -DATA_FILE=${TESTDATA_DIR}/sp-rw.bin - -declare -i num_hash - -# Verify a BDB -# -# $1: Key digest file -# $2: Any remaining option passed to futility bdb --verify -verify() { - local key_digest=${1:-${BDBKEY_DIGEST}} - local extra_option=${2:-} - ${FUTILITY} bdb --verify ${BDB_FILE} --key_digest ${key_digest} \ - ${extra_option} -} - -get_num_hash() { - printf "%d" \ - $(${FUTILITY} show ${BDB_FILE} \ - | grep '# of Hashes' | cut -d':' -f 2) -} - -# Tests field matches a specified value in a BDB -# e.g. check_field 'Data Version:' 2 returns error if the data version isn't 2. -check_field() { - # Find the field - x=$(${FUTILITY} show ${BDB_FILE} | grep "${1}") - [ "${x}" ] || return 1 - # Remove the field name - x=${x##*:} - [ "${x}" ] || return 1 - # Remove the leading and trailing spaces - x=${x//[[:blank:]]/} - [ "${x}" == "${2}" ] || return 1 -} - -# Demonstrate bdb --create can create a valid BDB -load_address=0x60061ec0de -${FUTILITY} bdb --create ${BDB_FILE} \ - --bdbkey_pri ${BDBKEY_PRI} --bdbkey_pub ${BDBKEY_PUB} \ - --datakey_pub ${DATAKEY_PUB} --datakey_pri ${DATAKEY_PRI} \ - --load_address ${load_address} -verify -check_field "Load Address:" ${load_address} - -# Demonstrate bdb --add can add a new hash -num_hash=$(get_num_hash) -${FUTILITY} bdb --add ${BDB_FILE} \ - --data ${DATA_FILE} --partition 1 --type 2 --offset 3 --load_address 4 -# Use futility show command to verify the hash is added -num_hash+=1 -[ $(get_num_hash) -eq $num_hash ] -# TODO: verify partition, type, offset, and load_address - -# Demonstrate futility bdb --resign can resign the BDB -data_version=2 -${FUTILITY} bdb --resign ${BDB_FILE} --datakey_pri ${DATAKEY_PRI} \ - --data_version $data_version -verify -check_field "Data Version:" $data_version - -# Demonstrate futility bdb --resign can resign with a new data key -# Note resigning with a new data key requires a private BDB key as well -${FUTILITY} bdb --resign ${BDB_FILE} \ - --bdbkey_pri ${BDBKEY_PRI} \ - --datakey_pri ${BDBKEY_PRI} --datakey_pub ${BDBKEY_PUB} -verify - -# Demonstrate futility bdb --resign can resign with a new BDB key -${FUTILITY} bdb --resign ${BDB_FILE} \ - --bdbkey_pri ${DATAKEY_PRI} --bdbkey_pub ${DATAKEY_PUB} -verify ${DATAKEY_DIGEST} - -# Demonstrate futility bdb --verify can return success when key digest doesn't -# match but --ignore_key_digest is specified. -verify ${BDBKEY_DIGEST} --ignore_key_digest - -# cleanup -rm -rf ${TMP}* -exit 0 diff --git a/tests/futility/test_file_types.c b/tests/futility/test_file_types.c index c77802bd..9999223d 100644 --- a/tests/futility/test_file_types.c +++ b/tests/futility/test_file_types.c @@ -37,7 +37,6 @@ static struct { {FILE_TYPE_VB2_PRIVKEY, "tests/futility/data/sample.vbprik2"}, {FILE_TYPE_PEM, "tests/testkeys/key_rsa2048.pem"}, {FILE_TYPE_USBPD1, "tests/futility/data/zinger_mp_image.bin"}, - {FILE_TYPE_BDB, "tests/futility/data/bdb.bin"}, {FILE_TYPE_RWSIG, }, /* need a test for this */ }; BUILD_ASSERT(ARRAY_SIZE(test_case) == NUM_FILE_TYPES); diff --git a/tests/futility/test_file_types.sh b/tests/futility/test_file_types.sh index b0248a94..4b7a9fb6 100755 --- a/tests/futility/test_file_types.sh +++ b/tests/futility/test_file_types.sh @@ -44,7 +44,6 @@ test_case "pubkey21" "tests/futility/data/sample.vbpubk2" test_case "prikey21" "tests/futility/data/sample.vbprik2" test_case "pem" "tests/testkeys/key_rsa2048.pem" test_case "pem" "tests/testkeys/key_rsa8192.pub.pem" -test_case "bdb" "tests/futility/data/bdb.bin" # Expect failure here. fail_case "/Sir/Not/Appearing/In/This/Film" diff --git a/tests/testdata/bdbkey_digest.bin b/tests/testdata/bdbkey_digest.bin deleted file mode 100644 index 47d4e68a..00000000 --- a/tests/testdata/bdbkey_digest.bin +++ /dev/null @@ -1 +0,0 @@ -ljVN"Isv}k͊b
'T
\ No newline at end of file diff --git a/tests/testkeys/bdbkey.crt b/tests/testkeys/bdbkey.crt deleted file mode 100644 index 383216a3..00000000 --- a/tests/testkeys/bdbkey.crt +++ /dev/null @@ -1,33 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIFtTCCA52gAwIBAgIJANitnQKymb5VMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV -BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX -aWRnaXRzIFB0eSBMdGQwHhcNMTAwOTI5MTgxNjM4WhcNMTAxMDI5MTgxNjM4WjBF -MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 -ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC -CgKCAgEAm5v71oqFynujT4FVq5lKaYxpmKfXdeBNKDmLzgu7fXLUKaEqTGEDsseE -5qyaaP+dmTnQKfne7G31zgf46//YEl+u5Gt/S4oAgYyvs3rjymzD5kVOLEAzgrIX -AwyhDFARRzAFWos43hypunHGvu4fDBAzZ3zGVulhjgAzD/gNjToVYCP7bj6kTaDx -1u9siCKdYN09vGwSUt9WuV+yort7kns/B8ArVxt3bFSjsAxuWel/dJyLwCMQ9XAx -dgWpg3RBUsK/KgekQybPLrhLYJn1AeOApwzJ4HoJSqU/1jCEaGrKA/KtCRXiurZz -6lBi7sElsigjBvEZH0iCmmRgH3Oi/cbpHIs1C6YHvCCbO90ntwgtDf0+2WJtFtbG -t5Do3CXri0tcsXBWqISSK3VzzjHH691BVwLuoBvF1XICMEjmq9aJ+MdbEe4E+GU8 -TV9NnRnuYyOUoxeisyXiArUUI9+1qL6pIgulTlY2Ch51QZY5n2aYY97PtosNotbS -ylMrLvWXGiiQWxux12eOnB3c/3wNYWey8Km4cmOhEOYz7hLz2r1uIoC/SzM5wLnn -TEQmaiUDNV9R3Gj3E3xkpTq3UNSSPsV7k8lInMtWqzps6aTvBw1k6i6CUvWbEZqm -t/0bimQHOEdg3OrJjQpwTKSp4ouSyVu0IphDwy1yjKCfNWKRzrUCAwEAAaOBpzCB -pDAdBgNVHQ4EFgQUyBKBgFg+vONV1sbup7QtFa7DR78wdQYDVR0jBG4wbIAUyBKB -gFg+vONV1sbup7QtFa7DR7+hSaRHMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpT -b21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGSCCQDY -rZ0Cspm+VTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQA0wtlLEAKR -ctB41x/V10SMFIg5eLbDrUKQQT33BddrhFu0blc7U5jgXjqTYS80xIlOC0hXtN7D -Z478st3NAxjtvBKxNMWB9Ppz6+15UENnXNGLElhRPaeAbxBs7zVB64b8fY69EJRe -JOJNp6+c4WJsHWzxrmfHD0Wx18pJ877ThRi/ZH0QP2TjPc0gZT4szP1taoOJ7SXy -gO10WfPoF1GgI/VXhPLnk2zXpTlFdp+qyKOtDFxOOK/cVKdXAxDDDO9DAw6cvrEn -mPS2Zml9HI25/CrE00y+k4w7bqzNeGNzhSGPBvq5Yqnefc1dJSdDQZ3XLG9Fis4a -nVfuSTvP1MUrFEGEvuxRcA0rWPwQtYSHHs8ZnpT6eayTPcpDvWSihe4xUywirXTT -kbWgeABGQGaoAnFJYhjqBROGdVb4V3vbsjbCi8k2r4IIcqOzp6OIJxha2LvkZ+iu -f+OlMVAO/C1LbRsVQkfJp7NxEt6PVewQV5Kgnwlf+x7Q2tUfZfdpLd/EMtojv3BD -Ewx5X2yHGXcYZG/C1kNzyGTfg97/+55mtNlkTmo8elcPxlpnEuMXEv4JthnRy90x -ZLflcR9q0pOiV+n//KyQvfjH99JmRtVJGG8xlDEtRbJWjFQD/uSEBxeS0T6INrza -0WTaiIOZB1vMPe6CDYDWDzrFdQrD6HoWDQ== ------END CERTIFICATE----- diff --git a/tests/testkeys/bdbkey.keyb b/tests/testkeys/bdbkey.keyb Binary files differdeleted file mode 100644 index 515aaa98..00000000 --- a/tests/testkeys/bdbkey.keyb +++ /dev/null diff --git a/tests/testkeys/bdbkey.pem b/tests/testkeys/bdbkey.pem deleted file mode 100644 index 204b440f..00000000 --- a/tests/testkeys/bdbkey.pem +++ /dev/null @@ -1,51 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIJKQIBAAKCAgEAm5v71oqFynujT4FVq5lKaYxpmKfXdeBNKDmLzgu7fXLUKaEq -TGEDsseE5qyaaP+dmTnQKfne7G31zgf46//YEl+u5Gt/S4oAgYyvs3rjymzD5kVO -LEAzgrIXAwyhDFARRzAFWos43hypunHGvu4fDBAzZ3zGVulhjgAzD/gNjToVYCP7 -bj6kTaDx1u9siCKdYN09vGwSUt9WuV+yort7kns/B8ArVxt3bFSjsAxuWel/dJyL -wCMQ9XAxdgWpg3RBUsK/KgekQybPLrhLYJn1AeOApwzJ4HoJSqU/1jCEaGrKA/Kt -CRXiurZz6lBi7sElsigjBvEZH0iCmmRgH3Oi/cbpHIs1C6YHvCCbO90ntwgtDf0+ -2WJtFtbGt5Do3CXri0tcsXBWqISSK3VzzjHH691BVwLuoBvF1XICMEjmq9aJ+Mdb -Ee4E+GU8TV9NnRnuYyOUoxeisyXiArUUI9+1qL6pIgulTlY2Ch51QZY5n2aYY97P -tosNotbSylMrLvWXGiiQWxux12eOnB3c/3wNYWey8Km4cmOhEOYz7hLz2r1uIoC/ -SzM5wLnnTEQmaiUDNV9R3Gj3E3xkpTq3UNSSPsV7k8lInMtWqzps6aTvBw1k6i6C -UvWbEZqmt/0bimQHOEdg3OrJjQpwTKSp4ouSyVu0IphDwy1yjKCfNWKRzrUCAwEA -AQKCAgEAlbfvBu0g7UEoUEbQdtp2jjdbIlXbKL83fYxgx07ihkEFgUhfuj1doZX2 -eTt5Fa1bpSHK95hCtJjX9/QTvH3dF1CYpY4IXFXbRspmAvoqUYl0swnbvRfId+eB -3J06Fu6ysRuzCvsJLCvH4mu2Hd5eYOz1iIy1CMpj4oyulJ7F6ywHhQkZ0WjUDRzd -kz+p3RHw+lHkJHaW6sWYW6OH7KsWqkmKy5pKGPWEYebN14UeZ8QRrdExZRxYJM5d -yICKKMCiWU6nP3k6wqGElh8b50Y6RibukcvsMN86MWftk9f6jbyxwjqr4iH8lEkY -HkpZ5f5QlqmnifZPhZnujz4kfh50oteC2QPQ0hrNYCDG75wuiNX/vINVfrKG0ddg -iQDFqyQyQirxCGQgy7Wto08KAzKt146ST28N+kdF/kY14ou5f5+GlWQJcnqdHd2p -R25MueXUsY3I63dULR6k02Y6M7Tzo39lYe0LV82+G0A3iGpI+eM7xw/sQDNb2sQs -jCcz7XPrfTomrVJaW1FkM8vM6eWhuhAyDFP+unz0aMnKrkUrarh4t9QpriiCjm3E -HV2Hc7t/Do/w+B3rywKy3PE2yO49eGz20um0JqWcAbGDZY2vDnyV+/xibxqaIZUo -saI/btlyvCv00812momkX/qWwS+1GHvyYYcpIg0XQbZY1TvEi8ECggEBAM6LTfVu -MKNwW/QdZ6pxKl/Oy8zlb1o8HET5hKCdhoMvpwlvpO2qSvlCxH3VZTmcXIXd+Mkd -e4OZrzeMLVxMd64xP10k2ui/O2/8G38xmpMGqZihc+LnY6JgajujfAQHljOgrAJL -xzO2Gk4oWX72oA6jqP8LZkRp/9acTWqBTKs6MOdrfn6I3k0urBB29+jcbqFAfgMx -hfcTKAOHYmg/SeEZDvKP6fRDJGMGXqJ4TaBXjsnhNGCjGmuCqJhxxIGCI/AVK10B -CjEboo9vACzNE1/JMxH8aT5up7e+7R/WoiJ5e3jlvSKmcO7KiR27JVsAlZeIddKd -LzG9KKZ8Yla0U3MCggEBAMDefKVTqSPaG7cmAQGtXrbBDLdCWIaT08v+kMw/drlq -NqLD+1ct098iFwRtKaYPERPKqNtxfJdkUMqWELBWV2Sq4Fi+JVXjGOUctP7Atd2x -6NJ9xHqQKQwKUv0/9jN5Oie9sFvsLwPAJNOJej1BrmvPZvc0CoMyOjkmxEhYu3qG -i26ZTSZSCTrbE8eAL0EJdH0gB7Ryuks8O+jEF7eXuZLZyN3AromISJtmLVlMFZ7m -+0sQnZQqwNF+BIrOgO+3R61jjNzCJbFo7frvRIlDSnrbmWp6sYns1cjhZiKCnO78 -RgDiaJcuceqsalgBZi8/Fmam2IPeqhvTNg+5alCuWzcCggEAXFjglFmeGZVFJ9J1 -5TkPzyJw8L2smdXCdfxyFjYYTFNkBc4LGdBIEUaPAAwHZEjK/XePoqwx61cthlKA -fYIbCKEwSX8O+X13H8zCpo4RJKeX8IxPeiYm4BTnqp6f9lVGDPNLtQMYn8BN5qAX -07KFQcZe6xm3seMK5nOgEXyaQPyVnQLs3bpoWm4BtKLcmRrlw+dH8DmWQjAoddt0 -XlPdvm0rx7wcyH+0pynT6iSL4KMFTrIIbyS9zU/v/ajwSU9crh1o8/5hBi/q8OKa -W22dufgFg4ctryJejsMo1lFq0KssT5O4iuOMHtgjkk14mEWcnNIAjBiHX1/J6xY2 -Cbo6jQKCAQBtvmt4e1kz8Ehy92n9NVQ+cyy0HklXEkiiu9BSmA4LRPefuBqNKaN0 -ROaJ+z+GoO4br+ZTL4kwb8FU9Py8CfUib+TGOjPuYhFpVONcTfVuF2yeUTf6cYsZ -sco1Fi8WbPV9ZX8zXvoFjVCnGYP31SbVa6dwJCmTK4JbwMZRUEQlXOd74Dk5A9cC -qWPg0fyRajrhc9dOgzWj17tTIDlKm0fZ2phkLd5inayK2CIXvKZUy6PTu7medJFQ -4v7cqNJPFJ/xdkLR3psqDsXTUlBSNnrr24a5QuVA0QV4j2DZZC6+Acgneqz+0Uu6 -t66vMuSdH620bV2n84wh1xXc7qkjDYMTAoIBAQC6DsTyBGNNI0/DGwAsae5Zri8w -T/SOER7Tc/PCgQyFUNsJJc/OmSy66PPiH2HzqLjl6/jeiJP++oCnfO6pNTq1Fjz4 -Le2iS1szlcuJ9QLdtn2LTqORzdQVpka42X+o+NqJEdzkZb/N6eBA4PPQdTxHIiu1 -WGBpDc5vGkpuzLm9SVCw/4SD84z+Nhs0pqOvwWhmQWCtl28fgqU4LMeOX1Wz5P8E -IledlgbCZh2KwXuv3BJdkawuwrSPsahnZmoJapx2dE+FkNl4equaBwImfLf5Qifj -IhIN5GueO9k/D2/7/XvW2qJ3Vy0z0xMMNiTVYufVpbh77Kn2ebKfROlkzMEU ------END RSA PRIVATE KEY----- |