| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Tests for checking firmware rollback-prevention logic. | 5 * Tests for checking firmware rollback-prevention logic. |
| 6 */ | 6 */ |
| 7 | 7 |
| 8 #include <stdio.h> | 8 #include <stdio.h> |
| 9 #include <stdlib.h> | 9 #include <stdlib.h> |
| 10 | 10 |
| 11 #include "cryptolib.h" | 11 #include "cryptolib.h" |
| 12 #include "file_keys.h" | 12 #include "file_keys.h" |
| 13 #include "firmware_image.h" | 13 #include "firmware_image.h" |
| 14 #include "utility.h" | 14 #include "utility.h" |
| 15 #include "rollback_index.h" | 15 #include "rollback_index.h" |
| 16 #include "test_common.h" | 16 #include "test_common.h" |
| 17 | 17 |
| 18 const char* kRootKeyPublicFile = "testkeys/key_rsa8192.keyb"; | 18 const char* kRootKeyPublicFile = "testkeys/key_rsa8192.keyb"; |
| 19 uint8_t kValidFirmwareData[1] = { 'F' }; |
| 20 uint8_t kCorruptFirmwareData[1] = { 'X' }; |
| 19 | 21 |
| 20 /* Tests that check for correctness of the VerifyFirmwareDriver_f() logic | 22 /* Tests that check for correctness of the VerifyFirmwareDriver_f() logic |
| 21 * and rollback prevention. */ | 23 * and rollback prevention. */ |
| 22 void VerifyFirmwareDriverTest(void) { | 24 void VerifyFirmwareDriverTest(void) { |
| 23 uint8_t* valid_firmwareA = NULL; | 25 uint8_t* verification_blobA = NULL; |
| 24 uint8_t* valid_firmwareB = NULL; | 26 uint8_t* verification_blobB = NULL; |
| 25 uint8_t* corrupt_firmwareA = NULL; | |
| 26 uint8_t* corrupt_firmwareB = NULL; | |
| 27 uint64_t len; | 27 uint64_t len; |
| 28 uint8_t* root_key_pub = BufferFromFile(kRootKeyPublicFile, &len); | 28 uint8_t* root_key_pub = BufferFromFile(kRootKeyPublicFile, &len); |
| 29 | 29 |
| 30 /* Initialize rollback index state. */ | 30 /* Initialize rollback index state. */ |
| 31 g_firmware_key_version = 1; | 31 g_firmware_key_version = 1; |
| 32 g_firmware_version = 1; | 32 g_firmware_version = 1; |
| 33 | 33 |
| 34 valid_firmwareA = GenerateRollbackTestFirmwareBlob(1, 1, 0); | 34 verification_blobA = GenerateRollbackTestVerificationBlob(1, 1); |
| 35 valid_firmwareB = GenerateRollbackTestFirmwareBlob(1, 1, 0); | 35 verification_blobB = GenerateRollbackTestVerificationBlob(1, 1); |
| 36 corrupt_firmwareA = GenerateRollbackTestFirmwareBlob(1, 1, 1); | |
| 37 corrupt_firmwareB = GenerateRollbackTestFirmwareBlob(1, 1, 1); | |
| 38 | 36 |
| 39 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, | 37 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, |
| 40 valid_firmwareA, valid_firmwareB), | 38 verification_blobA, |
| 39 kValidFirmwareData, |
| 40 verification_blobB, |
| 41 kValidFirmwareData), |
| 41 BOOT_FIRMWARE_A_CONTINUE, | 42 BOOT_FIRMWARE_A_CONTINUE, |
| 42 "Firmware A (Valid with current version), " | 43 "Firmware A (Valid with current version), " |
| 43 "Firmware B (Valid with current version)"); | 44 "Firmware B (Valid with current version)"); |
| 44 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, | 45 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, |
| 45 corrupt_firmwareA, valid_firmwareB), | 46 verification_blobA, |
| 47 kCorruptFirmwareData, |
| 48 verification_blobB, |
| 49 kValidFirmwareData), |
| 46 BOOT_FIRMWARE_B_CONTINUE, | 50 BOOT_FIRMWARE_B_CONTINUE, |
| 47 "Firmware A (Corrupt with current version), " | 51 "Firmware A (Corrupt with current version), " |
| 48 "FirmwareB (Valid with current version)"); | 52 "Firmware B (Valid with current version)"); |
| 49 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, | 53 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, |
| 50 valid_firmwareA, corrupt_firmwareB), | 54 verification_blobA, |
| 55 kValidFirmwareData, |
| 56 verification_blobB, |
| 57 kCorruptFirmwareData), |
| 51 BOOT_FIRMWARE_A_CONTINUE, | 58 BOOT_FIRMWARE_A_CONTINUE, |
| 52 "Firmware A (Valid with current version), " | 59 "Firmware A (Valid with current version), " |
| 53 "FirmwareB (Corrupt with current version)"); | 60 "Firmware B (Corrupt with current version)"); |
| 54 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, | 61 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, |
| 55 corrupt_firmwareA, corrupt_firmwareB), | 62 verification_blobA, |
| 63 kCorruptFirmwareData, |
| 64 verification_blobB, |
| 65 kCorruptFirmwareData), |
| 56 BOOT_FIRMWARE_RECOVERY_CONTINUE, | 66 BOOT_FIRMWARE_RECOVERY_CONTINUE, |
| 57 "Firmware A (Corrupt with current version), " | 67 "Firmware A (Corrupt with current version), " |
| 58 "FirmwareB (Corrupt with current version"); | 68 "Firmware B (Corrupt with current version"); |
| 59 g_firmware_key_version = 2; | 69 g_firmware_key_version = 2; |
| 60 g_firmware_version = 2; | 70 g_firmware_version = 2; |
| 61 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, valid_firmwareA, valid_firmwareB)
, | 71 TEST_EQ(VerifyFirmwareDriver_f(root_key_pub, |
| 72 verification_blobA, |
| 73 kValidFirmwareData, |
| 74 verification_blobB, |
| 75 kValidFirmwareData), |
| 62 BOOT_FIRMWARE_RECOVERY_CONTINUE, | 76 BOOT_FIRMWARE_RECOVERY_CONTINUE, |
| 63 "Firmware A (Valid with old version), " | 77 "Firmware A (Valid with old version), " |
| 64 "Old Firmware B (Valid with old version)"); | 78 "Old Firmware B (Valid with old version)"); |
| 65 | 79 |
| 66 Free(root_key_pub); | 80 Free(root_key_pub); |
| 67 Free(valid_firmwareA); | 81 Free(verification_blobA); |
| 68 Free(valid_firmwareB); | 82 Free(verification_blobB); |
| 69 Free(corrupt_firmwareA); | |
| 70 Free(corrupt_firmwareB); | |
| 71 } | 83 } |
| 72 | 84 |
| 73 int main(int argc, char* argv[]) { | 85 int main(int argc, char* argv[]) { |
| 74 int error_code = 0; | 86 int error_code = 0; |
| 75 VerifyFirmwareDriverTest(); | 87 VerifyFirmwareDriverTest(); |
| 76 if (!gTestSuccess) | 88 if (!gTestSuccess) |
| 77 error_code = 255; | 89 error_code = 255; |
| 78 return error_code; | 90 return error_code; |
| 79 } | 91 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1578035:
Change VerifyFirmware() to take separate pointers to firmware verification header and firmware data. (Closed)
