193d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. 293d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell * Use of this source code is governed by a BSD-style license that can be 393d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell * found in the LICENSE file. 493d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell * 593d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell * Tests for firmware 2common.c 693d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell */ 793d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell 893d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "2sysincludes.h" 993d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "2common.h" 1093d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "2rsa.h" 1193d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "vb2_common.h" 1293d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "host_fw_preamble2.h" 1393d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "host_key2.h" 1493d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "host_keyblock2.h" 1593d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "host_signature2.h" 1693d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell 1793d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell#include "test_common.h" 1893d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell 1993d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwellstatic const uint8_t test_data[] = "This is some test data to sign."; 2093d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwellstatic const uint8_t test_data2[] = "Some more test data"; 2193d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwellstatic const uint8_t test_data3[] = "Even more test data"; 2293d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell 2393d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell/* 2493d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell * Test struct packing for vboot_struct.h structs which are passed between 2593d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell * firmware and OS, or passed between different phases of firmware. 2693d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell */ 2793d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwellstatic void test_struct_packing(void) 2893d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell{ 2993d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell /* Test new struct sizes */ 3093d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell TEST_EQ(EXPECTED_GUID_SIZE, 3193d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell sizeof(struct vb2_guid), 3293d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell "sizeof(vb2_guid)"); 3393d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell TEST_EQ(EXPECTED_VB2_STRUCT_COMMON_SIZE, 34d42b7d5f8d5eef73c89c2362beab94647ce12281Vinson Lee sizeof(struct vb2_struct_common), 356acd63a4980951727939c0dd545a0324965b3834José Fonseca "sizeof(vb2_struct_common)"); 3693d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE, 3793d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell sizeof(struct vb2_packed_key), 38cae640eae63544211710a2848e23f6d1d74f827fBrian "sizeof(vb2_packed_key)"); 392b2f761e2b0dc160793be2f48e811d2d455e1e22Brian TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE, 4080c78472ad43f4288c9ef5076074ba9d31a39885Keith Whitwell sizeof(struct vb2_signature), 410a14e9f09fc1cf9d5c277bb239f349203d3bed79Brian Paul "sizeof(vb2_signature)"); 4293d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE, 432b2f761e2b0dc160793be2f48e811d2d455e1e22Brian sizeof(struct vb2_keyblock), 4493d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell "sizeof(vb2_keyblock)"); 4593d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE, 467e02303497237cde958c28608477d0c355a8038bMarek Olšák sizeof(struct vb2_fw_preamble), 474abe1eb980ed76d2b2d3383eaab520d0aa2ae6f4Michel Dänzer "sizeof(vb2_fw_preamble)"); 4893d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell} 492b2f761e2b0dc160793be2f48e811d2d455e1e22Brian 502b2f761e2b0dc160793be2f48e811d2d455e1e22Brian/** 512b2f761e2b0dc160793be2f48e811d2d455e1e22Brian * Common header functions 525e345a653b0adc59487d786050abd01d4cb8b4caBrian */ 535e345a653b0adc59487d786050abd01d4cb8b4caBrianstatic void test_common_header_functions(void) 547e02303497237cde958c28608477d0c355a8038bMarek Olšák{ 55d6c3e6d8f34fc39dcbe9395c3a5953af726443f1Brian Paul uint8_t cbuf[sizeof(struct vb2_struct_common) + 128]; 56d6c3e6d8f34fc39dcbe9395c3a5953af726443f1Brian Paul uint8_t cbufgood[sizeof(cbuf)]; 5799695f58fde6d364f2310d97303768782a1e537dBrian Paul struct vb2_struct_common *c = (struct vb2_struct_common *)cbuf; 58d6c3e6d8f34fc39dcbe9395c3a5953af726443f1Brian Paul struct vb2_struct_common *c2; 59d6c3e6d8f34fc39dcbe9395c3a5953af726443f1Brian Paul const char test_desc[32] = "test desc"; 60d6c3e6d8f34fc39dcbe9395c3a5953af726443f1Brian Paul uint32_t desc_end, m; 6153bd9796a1395e4acde884ff55cb7ee18586595aZack Rusin 62c9ed86a96483063f3d6789ed16645a3dca77d726Keith Whitwell c->total_size = sizeof(cbuf); 632b2f761e2b0dc160793be2f48e811d2d455e1e22Brian c->fixed_size = sizeof(*c); 647e02303497237cde958c28608477d0c355a8038bMarek Olšák c->desc_size = sizeof(test_desc); 657e02303497237cde958c28608477d0c355a8038bMarek Olšák memcpy(cbuf + c->fixed_size, test_desc, sizeof(test_desc)); 667e02303497237cde958c28608477d0c355a8038bMarek Olšák desc_end = c->fixed_size + c->desc_size; 677e02303497237cde958c28608477d0c355a8038bMarek Olšák 687e02303497237cde958c28608477d0c355a8038bMarek Olšák c2 = (struct vb2_struct_common *)(cbuf + desc_end); 697e02303497237cde958c28608477d0c355a8038bMarek Olšák c2->total_size = c->total_size - desc_end; 707e02303497237cde958c28608477d0c355a8038bMarek Olšák c2->fixed_size = sizeof(*c2); 717e02303497237cde958c28608477d0c355a8038bMarek Olšák c2->desc_size = 0; 727e02303497237cde958c28608477d0c355a8038bMarek Olšák 737e02303497237cde958c28608477d0c355a8038bMarek Olšák /* Description helper */ 747e02303497237cde958c28608477d0c355a8038bMarek Olšák TEST_EQ(0, strcmp(vb2_common_desc(c), test_desc), "vb2_common_desc()"); 757e02303497237cde958c28608477d0c355a8038bMarek Olšák TEST_EQ(0, strcmp(vb2_common_desc(c2), ""), "vb2_common_desc() empty"); 767e02303497237cde958c28608477d0c355a8038bMarek Olšák 777e02303497237cde958c28608477d0c355a8038bMarek Olšák TEST_SUCC(vb2_verify_common_header(cbuf, sizeof(cbuf)), 787e02303497237cde958c28608477d0c355a8038bMarek Olšák "vb2_verify_common_header() good"); 797e02303497237cde958c28608477d0c355a8038bMarek Olšák memcpy(cbufgood, cbuf, sizeof(cbufgood)); 807e02303497237cde958c28608477d0c355a8038bMarek Olšák 817e02303497237cde958c28608477d0c355a8038bMarek Olšák memcpy(cbuf, cbufgood, sizeof(cbuf)); 827e02303497237cde958c28608477d0c355a8038bMarek Olšák c->total_size += 4; 837e02303497237cde958c28608477d0c355a8038bMarek Olšák TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 847e02303497237cde958c28608477d0c355a8038bMarek Olšák VB2_ERROR_COMMON_TOTAL_SIZE, 854abe1eb980ed76d2b2d3383eaab520d0aa2ae6f4Michel Dänzer "vb2_verify_common_header() total size"); 86d671cf460f99693ded1eccc6b32816d430098725José Fonseca 87d671cf460f99693ded1eccc6b32816d430098725José Fonseca memcpy(cbuf, cbufgood, sizeof(cbuf)); 88d671cf460f99693ded1eccc6b32816d430098725José Fonseca c->fixed_size = c->total_size + 4; 89d671cf460f99693ded1eccc6b32816d430098725José Fonseca TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 90d671cf460f99693ded1eccc6b32816d430098725José Fonseca VB2_ERROR_COMMON_FIXED_SIZE, 91d671cf460f99693ded1eccc6b32816d430098725José Fonseca "vb2_verify_common_header() fixed size"); 92b43c182f19c6291c88420fa12714f952c2b461fbKeith Whitwell 93d671cf460f99693ded1eccc6b32816d430098725José Fonseca memcpy(cbuf, cbufgood, sizeof(cbuf)); 94b43c182f19c6291c88420fa12714f952c2b461fbKeith Whitwell c->desc_size = c->total_size - c->fixed_size + 4; 95d671cf460f99693ded1eccc6b32816d430098725José Fonseca TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 96d671cf460f99693ded1eccc6b32816d430098725José Fonseca VB2_ERROR_COMMON_DESC_SIZE, 97d671cf460f99693ded1eccc6b32816d430098725José Fonseca "vb2_verify_common_header() desc size"); 98bddf275db44695e3850c4b62b8f4b77d93299ae9Marek Olšák 994abe1eb980ed76d2b2d3383eaab520d0aa2ae6f4Michel Dänzer memcpy(cbuf, cbufgood, sizeof(cbuf)); 100bddf275db44695e3850c4b62b8f4b77d93299ae9Marek Olšák c->total_size--; 10193d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 10293d5cfd8b7c641c5656aed38ad2f9559e09502f0Keith Whitwell VB2_ERROR_COMMON_TOTAL_UNALIGNED, 1037e02303497237cde958c28608477d0c355a8038bMarek Olšák "vb2_verify_common_header() total unaligned"); 1047e02303497237cde958c28608477d0c355a8038bMarek Olšák 1057e02303497237cde958c28608477d0c355a8038bMarek Olšák memcpy(cbuf, cbufgood, sizeof(cbuf)); 1067e02303497237cde958c28608477d0c355a8038bMarek Olšák c->fixed_size++; 1077e02303497237cde958c28608477d0c355a8038bMarek Olšák TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 1087e02303497237cde958c28608477d0c355a8038bMarek Olšák VB2_ERROR_COMMON_FIXED_UNALIGNED, 1097e02303497237cde958c28608477d0c355a8038bMarek Olšák "vb2_verify_common_header() fixed unaligned"); 11053e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 11153e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca memcpy(cbuf, cbufgood, sizeof(cbuf)); 11253e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca c->desc_size--; 11353e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 11453e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_DESC_UNALIGNED, 11553e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_header() desc unaligned"); 11653e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 11753e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca memcpy(cbuf, cbufgood, sizeof(cbuf)); 11853e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca c->desc_size = -4; 11953e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 12053e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_DESC_WRAPS, 12153e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_header() desc wraps"); 12253e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 1234c7001462607e6e99e474d6271dd481d3f8f201cRoland Scheidegger memcpy(cbuf, cbufgood, sizeof(cbuf)); 12453e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca cbuf[desc_end - 1] = 1; 12553e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(vb2_verify_common_header(cbuf, sizeof(cbuf)), 12653e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_DESC_TERMINATOR, 12753e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_header() desc not terminated"); 12853e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 12953e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca /* Member checking function */ 13053e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca memcpy(cbuf, cbufgood, sizeof(cbuf)); 13125485f4b69447514ab8b595aced90c75606a99bdMarek Olšák m = 0; 13253e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_SUCC(vb2_verify_common_member(cbuf, &m, c->total_size - 8, 4), 13325485f4b69447514ab8b595aced90c75606a99bdMarek Olšák "vb2_verify_common_member()"); 13425485f4b69447514ab8b595aced90c75606a99bdMarek Olšák TEST_EQ(m, c->total_size - 4, " new minimum"); 13553e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 13653e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca m = desc_end; 13753e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_SUCC(vb2_verify_common_member(cbuf, &m, desc_end, 4), 13853e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_member() good offset"); 13953e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(m, desc_end + 4, " new minimum"); 14053e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 14125485f4b69447514ab8b595aced90c75606a99bdMarek Olšák m = 0; 1427e02303497237cde958c28608477d0c355a8038bMarek Olšák TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 8, -4), 14353e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_MEMBER_WRAPS, 14453e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_member() wraps"); 14553e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 14653e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca m = 0; 14753e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 7, 4), 14853e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_MEMBER_UNALIGNED, 14953e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_member() offset unaligned"); 15053e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 15153e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca m = 0; 15253e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 8, 5), 15353e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_MEMBER_UNALIGNED, 1547e02303497237cde958c28608477d0c355a8038bMarek Olšák "vb2_verify_common_member() size unaligned"); 15553e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 15653e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca m = 0; 15753e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(vb2_verify_common_member(cbuf, &m, desc_end - 4, 4), 15853e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_MEMBER_OVERLAP, 15953e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_member() overlap"); 16053e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 161bfe88e69988b3d3bdff0b9f6051d0428e1315653Marek Olšák m = desc_end + 4; 162b39bccbd4ed71e9585da4cf5acf7b887b2e90899Marek Olšák TEST_EQ(vb2_verify_common_member(cbuf, &m, desc_end, 4), 16353e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_MEMBER_OVERLAP, 16453e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_member() overlap 2"); 16553e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca 16653e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca m = 0; 16753e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(vb2_verify_common_member(cbuf, &m, c->total_size - 4, 8), 16853e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca VB2_ERROR_COMMON_MEMBER_SIZE, 16953e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_member() size"); 1707e02303497237cde958c28608477d0c355a8038bMarek Olšák 17153e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca /* Subobject checking */ 17253e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca m = 0; 17353e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_SUCC(vb2_verify_common_subobject(cbuf, &m, desc_end), 17453e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca "vb2_verify_common_subobject() good offset"); 17553e94bd4adb218c5974c522389c3bcf40f3fa7e8José Fonseca TEST_EQ(m, sizeof(cbuf), " new minimum"); 176 177 m = desc_end + 4; 178 TEST_EQ(vb2_verify_common_subobject(cbuf, &m, desc_end), 179 VB2_ERROR_COMMON_MEMBER_OVERLAP, 180 "vb2_verify_common_subobject() overlap"); 181 182 m = 0; 183 c2->total_size += 4; 184 TEST_EQ(vb2_verify_common_subobject(cbuf, &m, desc_end), 185 VB2_ERROR_COMMON_TOTAL_SIZE, 186 "vb2_verify_common_subobject() size"); 187} 188 189/** 190 * Signature size 191 */ 192static void test_sig_size(void) 193{ 194 TEST_EQ(vb2_sig_size(VB2_SIG_INVALID, VB2_HASH_SHA256), 0, 195 "vb2_sig_size() sig invalid"); 196 197 TEST_EQ(vb2_sig_size(VB2_SIG_RSA2048, VB2_HASH_INVALID), 0, 198 "vb2_sig_size() hash invalid"); 199 200 TEST_EQ(vb2_sig_size(VB2_SIG_RSA2048, VB2_HASH_SHA256), 2048 / 8, 201 "vb2_sig_size() RSA2048"); 202 TEST_EQ(vb2_sig_size(VB2_SIG_RSA4096, VB2_HASH_SHA256), 4096 / 8, 203 "vb2_sig_size() RSA4096"); 204 TEST_EQ(vb2_sig_size(VB2_SIG_RSA8192, VB2_HASH_SHA512), 8192 / 8, 205 "vb2_sig_size() RSA8192"); 206 207 TEST_EQ(vb2_sig_size(VB2_SIG_NONE, VB2_HASH_SHA1), 208 VB2_SHA1_DIGEST_SIZE, "vb2_sig_size() SHA1"); 209 TEST_EQ(vb2_sig_size(VB2_SIG_NONE, VB2_HASH_SHA256), 210 VB2_SHA256_DIGEST_SIZE, "vb2_sig_size() SHA256"); 211 TEST_EQ(vb2_sig_size(VB2_SIG_NONE, VB2_HASH_SHA512), 212 VB2_SHA512_DIGEST_SIZE, "vb2_sig_size() SHA512"); 213} 214 215/** 216 * Verify data on bare hash 217 */ 218static void test_verify_hash(void) 219{ 220 struct vb2_signature *sig; 221 const struct vb2_private_key *prik; 222 struct vb2_public_key pubk; 223 uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES] 224 __attribute__ ((aligned (VB2_WORKBUF_ALIGN))); 225 struct vb2_workbuf wb; 226 227 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); 228 229 TEST_SUCC(vb2_private_key_hash(&prik, VB2_HASH_SHA256), 230 "create private hash key"); 231 TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256), 232 "create hash key"); 233 234 /* Create the signature */ 235 TEST_SUCC(vb2_sign_data(&sig, test_data, sizeof(test_data), prik, NULL), 236 "create hash sig"); 237 238 TEST_SUCC(vb2_verify_data(test_data, sizeof(test_data), 239 sig, &pubk, &wb), 240 "vb2_verify_data() hash ok"); 241 242 *((uint8_t *)sig + sig->sig_offset) ^= 0xab; 243 TEST_EQ(vb2_verify_data(test_data, sizeof(test_data), sig, &pubk, &wb), 244 VB2_ERROR_VDATA_VERIFY_DIGEST, "vb2_verify_data() hash bad"); 245 246 free(sig); 247} 248 249/** 250 * Verify keyblock 251 */ 252static void test_verify_keyblock(void) 253{ 254 const char desc[16] = "test keyblock"; 255 const struct vb2_private_key *prik[2]; 256 struct vb2_public_key pubk, pubk2, pubk3; 257 struct vb2_signature *sig; 258 struct vb2_keyblock *kbuf; 259 uint32_t buf_size; 260 uint8_t *buf, *buf2; 261 262 uint8_t workbuf[VB2_KEY_BLOCK_VERIFY_WORKBUF_BYTES] 263 __attribute__ ((aligned (VB2_WORKBUF_ALIGN))); 264 struct vb2_workbuf wb; 265 266 TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256), 267 "create hash key 1"); 268 TEST_SUCC(vb2_public_key_hash(&pubk2, VB2_HASH_SHA512), 269 "create hash key 2"); 270 TEST_SUCC(vb2_public_key_hash(&pubk3, VB2_HASH_SHA1), 271 "create hash key 3"); 272 273 TEST_SUCC(vb2_private_key_hash(prik + 0, VB2_HASH_SHA256), 274 "create private key 1"); 275 TEST_SUCC(vb2_private_key_hash(prik + 1, VB2_HASH_SHA512), 276 "create private key 2"); 277 278 /* Create the test keyblock */ 279 TEST_SUCC(vb2_keyblock_create(&kbuf, &pubk3, prik, 2, 0x4321, desc), 280 "create keyblock"); 281 282 buf = (uint8_t *)kbuf; 283 buf_size = kbuf->c.total_size; 284 285 /* Make a copy of the buffer, so we can mangle it for tests */ 286 buf2 = malloc(buf_size); 287 memcpy(buf2, buf, buf_size); 288 289 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); 290 kbuf = (struct vb2_keyblock *)buf; 291 292 TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 293 "vb2_verify_keyblock()"); 294 295 memcpy(buf, buf2, buf_size); 296 TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk2, &wb), 297 "vb2_verify_keyblock() key 2"); 298 299 memcpy(buf, buf2, buf_size); 300 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk3, &wb), 301 VB2_ERROR_KEYBLOCK_SIG_GUID, 302 "vb2_verify_keyblock() key not present"); 303 304 memcpy(buf, buf2, buf_size); 305 kbuf->c.magic = VB2_MAGIC_PACKED_KEY; 306 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 307 VB2_ERROR_KEYBLOCK_MAGIC, 308 "vb2_verify_keyblock() magic"); 309 310 memcpy(buf, buf2, buf_size); 311 kbuf->c.fixed_size++; 312 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 313 VB2_ERROR_COMMON_FIXED_UNALIGNED, 314 "vb2_verify_keyblock() header"); 315 316 memcpy(buf, buf2, buf_size); 317 kbuf->c.struct_version_major++; 318 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 319 VB2_ERROR_KEYBLOCK_HEADER_VERSION, 320 "vb2_verify_keyblock() major version"); 321 322 memcpy(buf, buf2, buf_size); 323 kbuf->c.struct_version_minor++; 324 /* That changes the signature, so resign the keyblock */ 325 vb2_sign_data(&sig, buf, kbuf->sig_offset, prik[0], NULL); 326 memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size); 327 free(sig); 328 TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 329 "vb2_verify_keyblock() minor version"); 330 331 memcpy(buf, buf2, buf_size); 332 kbuf->c.fixed_size -= 4; 333 kbuf->c.desc_size += 4; 334 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 335 VB2_ERROR_KEYBLOCK_SIZE, 336 "vb2_verify_keyblock() header size"); 337 338 memcpy(buf, buf2, buf_size); 339 kbuf->key_offset = kbuf->c.total_size - 4; 340 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 341 VB2_ERROR_COMMON_MEMBER_SIZE, 342 "vb2_verify_keyblock() data key outside"); 343 344 memcpy(buf, buf2, buf_size); 345 sig = (struct vb2_signature *)(buf + kbuf->sig_offset); 346 sig->data_size--; 347 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 348 VB2_ERROR_KEYBLOCK_SIGNED_SIZE, 349 "vb2_verify_keyblock() signed wrong size"); 350 351 memcpy(buf, buf2, buf_size); 352 sig = (struct vb2_signature *)(buf + kbuf->sig_offset); 353 sig->c.total_size = kbuf->c.total_size - 4; 354 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 355 VB2_ERROR_COMMON_TOTAL_SIZE, 356 "vb2_verify_keyblock() key outside keyblock"); 357 358 memcpy(buf, buf2, buf_size); 359 sig = (struct vb2_signature *)(buf + kbuf->sig_offset); 360 sig->c.struct_version_major++; 361 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 362 VB2_ERROR_SIG_VERSION, 363 "vb2_verify_keyblock() corrupt key"); 364 365 memcpy(buf, buf2, buf_size); 366 kbuf->c.struct_version_minor++; 367 TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb), 368 VB2_ERROR_VDATA_VERIFY_DIGEST, 369 "vb2_verify_keyblock() corrupt"); 370 371 free(buf); 372 free(buf2); 373} 374 375/** 376 * Verify firmware preamble 377 */ 378static void test_verify_fw_preamble(void) 379{ 380 const char desc[16] = "test preamble"; 381 const struct vb2_private_key *prikhash; 382 struct vb2_signature *hashes[3]; 383 struct vb2_public_key pubk; 384 struct vb2_signature *sig; 385 struct vb2_fw_preamble *pre; 386 uint32_t buf_size; 387 uint8_t *buf, *buf2; 388 389 uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES] 390 __attribute__ ((aligned (VB2_WORKBUF_ALIGN))); 391 struct vb2_workbuf wb; 392 393 /* 394 * Preambles will usually be signed with a real key not a bare hash, 395 * but the call to vb2_verify_data() inside the preamble check is the 396 * same (and its functionality is verified separately), and using a 397 * bare hash here saves us from needing to have a private key to do 398 * this test. 399 */ 400 TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256), 401 "create hash key"); 402 TEST_SUCC(vb2_private_key_hash(&prikhash, VB2_HASH_SHA256), 403 "Create private hash key"); 404 405 /* Create some signatures */ 406 TEST_SUCC(vb2_sign_data(hashes + 0, test_data, sizeof(test_data), 407 prikhash, "Hash 1"), 408 "Hash 1"); 409 TEST_SUCC(vb2_sign_data(hashes + 1, test_data2, sizeof(test_data2), 410 prikhash, "Hash 2"), 411 "Hash 2"); 412 TEST_SUCC(vb2_sign_data(hashes + 2, test_data3, sizeof(test_data3), 413 prikhash, "Hash 3"), 414 "Hash 3"); 415 416 /* Test good preamble */ 417 TEST_SUCC(vb2_fw_preamble_create(&pre, prikhash, 418 (const struct vb2_signature **)hashes, 419 3, 0x1234, 0x5678, desc), 420 "Create preamble good"); 421 422 buf = (uint8_t *)pre; 423 buf_size = pre->c.total_size; 424 425 /* Make a copy of the buffer, so we can mangle it for tests */ 426 buf2 = malloc(buf_size); 427 memcpy(buf2, buf, buf_size); 428 429 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); 430 pre = (struct vb2_fw_preamble *)buf; 431 432 TEST_SUCC(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 433 "vb2_verify_fw_preamble()"); 434 435 memcpy(buf, buf2, buf_size); 436 pre->c.magic = VB2_MAGIC_PACKED_KEY; 437 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 438 VB2_ERROR_PREAMBLE_MAGIC, 439 "vb2_verify_fw_preamble() magic"); 440 441 memcpy(buf, buf2, buf_size); 442 pre->c.fixed_size++; 443 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 444 VB2_ERROR_COMMON_FIXED_UNALIGNED, 445 "vb2_verify_fw_preamble() header"); 446 447 memcpy(buf, buf2, buf_size); 448 pre->c.struct_version_major++; 449 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 450 VB2_ERROR_PREAMBLE_HEADER_VERSION, 451 "vb2_verify_fw_preamble() major version"); 452 453 memcpy(buf, buf2, buf_size); 454 pre->c.struct_version_minor++; 455 /* That changes the signature, so resign the fw_preamble */ 456 vb2_sign_data(&sig, buf, pre->sig_offset, prikhash, NULL); 457 memcpy(buf + pre->sig_offset, sig, sig->c.total_size); 458 free(sig); 459 TEST_SUCC(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 460 "vb2_verify_fw_preamble() minor version"); 461 462 memcpy(buf, buf2, buf_size); 463 pre->c.fixed_size -= 4; 464 pre->c.desc_size += 4; 465 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 466 VB2_ERROR_PREAMBLE_SIZE, 467 "vb2_verify_fw_preamble() header size"); 468 469 memcpy(buf, buf2, buf_size); 470 sig = (struct vb2_signature *)(buf + pre->hash_offset); 471 sig->c.total_size += pre->c.total_size; 472 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 473 VB2_ERROR_COMMON_TOTAL_SIZE, 474 "vb2_verify_fw_preamble() hash size"); 475 476 memcpy(buf, buf2, buf_size); 477 sig = (struct vb2_signature *)(buf + pre->hash_offset); 478 sig->sig_size /= 2; 479 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 480 VB2_ERROR_SIG_SIZE, 481 "vb2_verify_fw_preamble() hash integrity"); 482 483 memcpy(buf, buf2, buf_size); 484 pre->hash_count++; 485 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 486 VB2_ERROR_COMMON_MEMBER_OVERLAP, 487 "vb2_verify_fw_preamble() hash count"); 488 489 memcpy(buf, buf2, buf_size); 490 sig = (struct vb2_signature *)(buf + pre->sig_offset); 491 sig->c.total_size += 4; 492 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 493 VB2_ERROR_COMMON_TOTAL_SIZE, 494 "vb2_verify_fw_preamble() sig inside"); 495 496 memcpy(buf, buf2, buf_size); 497 sig = (struct vb2_signature *)(buf + pre->sig_offset); 498 buf[pre->sig_offset + sig->sig_offset]++; 499 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 500 VB2_ERROR_VDATA_VERIFY_DIGEST, 501 "vb2_verify_fw_preamble() sig corrupt"); 502 503 memcpy(buf, buf2, buf_size); 504 pre->flags++; 505 TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb), 506 VB2_ERROR_VDATA_VERIFY_DIGEST, 507 "vb2_verify_fw_preamble() preamble corrupt"); 508 509 free(buf); 510 free(buf2); 511} 512 513int main(int argc, char* argv[]) 514{ 515 test_struct_packing(); 516 test_common_header_functions(); 517 test_sig_size(); 518 test_verify_hash(); 519 test_verify_keyblock(); 520 test_verify_fw_preamble(); 521 522 return gTestSuccess ? 0 : 255; 523} 524