| OLD | NEW |
|---|
| 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
| 3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
| 4 * | 4 * |
| 5 * Tests for firmware image library. | 5 * Tests for firmware image library. |
| 6 */ | 6 */ |
| 7 | 7 |
| 8 #include <stdio.h> | 8 #include <stdio.h> |
| 9 #include <stdlib.h> | 9 #include <stdlib.h> |
| 10 | 10 |
| (...skipping 13 matching lines...) Expand all Loading... |
| 24 return 0; | 24 return 0; |
| 25 } | 25 } |
| 26 } | 26 } |
| 27 | 27 |
| 28 FirmwareImage* GenerateTestFirmwareImage(int algorithm, | 28 FirmwareImage* GenerateTestFirmwareImage(int algorithm, |
| 29 uint8_t* sign_key, | 29 uint8_t* sign_key, |
| 30 int key_version, | 30 int key_version, |
| 31 int firmware_version, | 31 int firmware_version, |
| 32 int firmware_len) { | 32 int firmware_len) { |
| 33 FirmwareImage* image = FirmwareImageNew(); | 33 FirmwareImage* image = FirmwareImageNew(); |
| 34 uint8_t* header_hash; | 34 uint8_t* header_checksum; |
| 35 DigestContext ctx; | 35 DigestContext ctx; |
| 36 | 36 |
| 37 Memcpy(image->magic, FIRMWARE_MAGIC, FIRMWARE_MAGIC_SIZE); | 37 Memcpy(image->magic, FIRMWARE_MAGIC, FIRMWARE_MAGIC_SIZE); |
| 38 image->sign_algorithm = algorithm; | 38 image->sign_algorithm = algorithm; |
| 39 image->sign_key = (uint8_t*) Malloc( | 39 image->sign_key = (uint8_t*) Malloc( |
| 40 RSAProcessedKeySize(image->sign_algorithm)); | 40 RSAProcessedKeySize(image->sign_algorithm)); |
| 41 Memcpy(image->sign_key, sign_key, RSAProcessedKeySize(image->sign_algorithm)); | 41 Memcpy(image->sign_key, sign_key, RSAProcessedKeySize(image->sign_algorithm)); |
| 42 image->key_version = key_version; | 42 image->key_version = key_version; |
| 43 | 43 |
| 44 /* Calculate SHA-512 digest on header and populate header_hash. */ | 44 /* Update correct header length. */ |
| 45 image->header_len = (sizeof(image->header_len) + |
| 46 sizeof(image->sign_algorithm) + |
| 47 RSAProcessedKeySize(image->sign_algorithm) + |
| 48 sizeof(image->key_version) + |
| 49 sizeof(image->header_checksum)); |
| 50 |
| 51 /* Calculate SHA-512 digest on header and populate header_checksum. */ |
| 45 DigestInit(&ctx, ROOT_SIGNATURE_ALGORITHM); | 52 DigestInit(&ctx, ROOT_SIGNATURE_ALGORITHM); |
| 46 DigestUpdate(&ctx, (uint8_t*) &image->header_len, | 53 DigestUpdate(&ctx, (uint8_t*) &image->header_len, |
| 47 sizeof(image->header_len)); | 54 sizeof(image->header_len)); |
| 48 DigestUpdate(&ctx, (uint8_t*) &image->sign_algorithm, | 55 DigestUpdate(&ctx, (uint8_t*) &image->sign_algorithm, |
| 49 sizeof(image->sign_algorithm)); | 56 sizeof(image->sign_algorithm)); |
| 50 DigestUpdate(&ctx, image->sign_key, | 57 DigestUpdate(&ctx, image->sign_key, |
| 51 RSAProcessedKeySize(image->sign_algorithm)); | 58 RSAProcessedKeySize(image->sign_algorithm)); |
| 52 DigestUpdate(&ctx, (uint8_t*) &image->key_version, | 59 DigestUpdate(&ctx, (uint8_t*) &image->key_version, |
| 53 sizeof(image->key_version)); | 60 sizeof(image->key_version)); |
| 54 header_hash = DigestFinal(&ctx); | 61 header_checksum = DigestFinal(&ctx); |
| 55 Memcpy(image->header_hash, header_hash, SHA512_DIGEST_SIZE); | 62 Memcpy(image->header_checksum, header_checksum, SHA512_DIGEST_SIZE); |
| 56 Free(header_hash); | 63 Free(header_checksum); |
| 57 | 64 |
| 58 /* Update correct header length. */ | |
| 59 image->header_len = (sizeof(image->header_len) + | |
| 60 sizeof(image->sign_algorithm) + | |
| 61 RSAProcessedKeySize(image->sign_algorithm) + | |
| 62 sizeof(image->key_version) + | |
| 63 sizeof(image->header_hash)); | |
| 64 | 65 |
| 65 /* Populate firmware and preamble with dummy data. */ | 66 /* Populate firmware and preamble with dummy data. */ |
| 66 image->firmware_version = firmware_version; | 67 image->firmware_version = firmware_version; |
| 67 image->firmware_len = firmware_len; | 68 image->firmware_len = firmware_len; |
| 68 image->preamble_signature = image->firmware_signature = NULL; | 69 image->preamble_signature = image->firmware_signature = NULL; |
| 69 Memset(image->preamble, 'P', FIRMWARE_PREAMBLE_SIZE); | 70 Memset(image->preamble, 'P', FIRMWARE_PREAMBLE_SIZE); |
| 70 image->firmware_data = Malloc(image->firmware_len); | 71 image->firmware_data = Malloc(image->firmware_len); |
| 71 Memset(image->firmware_data, 'F', image->firmware_len); | 72 Memset(image->firmware_data, 'F', image->firmware_len); |
| 72 | 73 |
| 73 return image; | 74 return image; |
| 74 } | 75 } |
| 75 | 76 |
| 76 #define DEV_MODE_ENABLED 1 | 77 #define DEV_MODE_ENABLED 1 |
| 77 #define DEV_MODE_DISABLED 0 | 78 #define DEV_MODE_DISABLED 0 |
| 78 | 79 |
| 79 /* Normal Firmware Verification Tests. */ | 80 /* Normal Firmware Blob Verification Tests. */ |
| 80 int VerifyFirmwareTest(FirmwareImage* image, RSAPublicKey* root_key) { | 81 int VerifyFirmwareTest(uint8_t* firmware_blob, uint8_t* root_key_blob) { |
| 81 int success = 1; | 82 int success = 1; |
| 82 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_ENABLED), | 83 if (!TEST_EQ(VerifyFirmware(root_key_blob, firmware_blob, DEV_MODE_ENABLED), |
| 83 VERIFY_SUCCESS, | 84 VERIFY_FIRMWARE_SUCCESS, |
| 84 "Normal Verification (Dev Mode)")) | 85 "Normal Firmware Blob Verification (Dev Mode)")) |
| 85 success = 0; | 86 success = 0; |
| 86 | 87 |
| 87 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_DISABLED), | 88 if (!TEST_EQ(VerifyFirmware(root_key_blob, firmware_blob, DEV_MODE_DISABLED), |
| 88 VERIFY_SUCCESS, | 89 VERIFY_FIRMWARE_SUCCESS, |
| 89 "Normal Verification (Trusted)")) | 90 "Normal Firmware Blob Verification (Trusted)")) |
| 90 success = 0; | 91 success = 0; |
| 91 return success; | 92 return success; |
| 92 } | 93 } |
| 93 | 94 |
| 94 /* Tampered Firmware Verification Tests. */ | 95 |
| 95 int VerifyFirmwareTamperTest(FirmwareImage* image, RSAPublicKey* root_key) { | 96 /* Normal FirmwareImage Verification Tests. */ |
| 97 int VerifyFirmwareImageTest(FirmwareImage* image, |
| 98 RSAPublicKey* root_key) { |
| 96 int success = 1; | 99 int success = 1; |
| 97 fprintf(stderr, "Tampering with firmware preamble....\n"); | 100 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_ENABLED), |
| 98 image->firmware_version = 0; | 101 VERIFY_FIRMWARE_SUCCESS, |
| 99 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_ENABLED), | 102 "Normal FirmwareImage Verification (Dev Mode)")) |
| 100 VERIFY_PREAMBLE_SIGNATURE_FAILED, | |
| 101 "Firmware Preamble Tamper Verification (Dev Mode)")) | |
| 102 success = 0; | 103 success = 0; |
| 103 | 104 |
| 104 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_DISABLED), | 105 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_DISABLED), |
| 105 VERIFY_PREAMBLE_SIGNATURE_FAILED, | 106 VERIFY_FIRMWARE_SUCCESS, |
| 106 "Firmware Preamble Tamper Verification (Trusted)")) | 107 "Normal FirmwareImage Verification (Trusted)")) |
| 108 success = 0; |
| 109 return success; |
| 110 } |
| 111 |
| 112 /* Tampered FirmwareImage Verification Tests. */ |
| 113 int VerifyFirmwareImageTamperTest(FirmwareImage* image, |
| 114 RSAPublicKey* root_key) { |
| 115 int success = 1; |
| 116 fprintf(stderr, "[[Tampering with firmware preamble....]]\n"); |
| 117 image->firmware_version = 0; |
| 118 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_ENABLED), |
| 119 VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED, |
| 120 "FirmwareImage Preamble Tamper Verification (Dev Mode)")) |
| 121 success = 0; |
| 122 |
| 123 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_DISABLED), |
| 124 VERIFY_FIRMWARE_PREAMBLE_SIGNATURE_FAILED, |
| 125 "FirmwareImage Preamble Tamper Verification (Trusted)")) |
| 107 success = 0; | 126 success = 0; |
| 108 image->firmware_version = 1; | 127 image->firmware_version = 1; |
| 109 | 128 |
| 110 image->firmware_data[0] = 'T'; | 129 image->firmware_data[0] = 'T'; |
| 111 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_ENABLED), | 130 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_ENABLED), |
| 112 VERIFY_FIRMWARE_SIGNATURE_FAILED, | 131 VERIFY_FIRMWARE_SIGNATURE_FAILED, |
| 113 "Firmware Tamper Verification (Dev Mode)")) | 132 "FirmwareImage Tamper Verification (Dev Mode)")) |
| 114 success = 0; | 133 success = 0; |
| 115 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_DISABLED), | 134 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_DISABLED), |
| 116 VERIFY_FIRMWARE_SIGNATURE_FAILED, | 135 VERIFY_FIRMWARE_SIGNATURE_FAILED, |
| 117 "Firmware Tamper Verification (Trusted)")) | 136 "FirmwareImage Tamper Verification (Trusted)")) |
| 118 success = 0; | 137 success = 0; |
| 119 image->firmware_data[0] = 'F'; | 138 image->firmware_data[0] = 'F'; |
| 120 | 139 |
| 121 | 140 |
| 122 fprintf(stderr, "Tampering with root key signature...\n"); | 141 fprintf(stderr, "[[Tampering with root key signature...]]\n"); |
| 123 image->key_signature[0] = 0xFF; | 142 image->key_signature[0] = 0xFF; |
| 124 image->key_signature[1] = 0x00; | 143 image->key_signature[1] = 0x00; |
| 125 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_ENABLED), | 144 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_ENABLED), |
| 126 VERIFY_SUCCESS, | 145 VERIFY_FIRMWARE_SUCCESS, |
| 127 "Root Signature Tamper Verification (Dev Mode)")) | 146 "FirmwareImage Root Signature Tamper Verification (Dev Mode)")) |
| 128 success = 0; | 147 success = 0; |
| 129 if (!TEST_EQ(VerifyFirmware(root_key, image, DEV_MODE_DISABLED), | 148 if (!TEST_EQ(VerifyFirmwareImage(root_key, image, DEV_MODE_DISABLED), |
| 130 VERIFY_ROOT_SIGNATURE_FAILED, | 149 VERIFY_FIRMWARE_ROOT_SIGNATURE_FAILED, |
| 131 "Root Signature Tamper Verification (Trusted)")) | 150 "FirmwareImage Root Signature Tamper Verification (Trusted)")) |
| 132 success = 0; | 151 success = 0; |
| 133 | 152 |
| 134 return success; | 153 return success; |
| 135 } | 154 } |
| 136 | 155 |
| 137 int main(int argc, char* argv[]) { | 156 int main(int argc, char* argv[]) { |
| 138 int len; | 157 int len; |
| 139 uint8_t* sign_key_buf = NULL; | 158 uint8_t* sign_key_buf = NULL; |
| 159 uint8_t* root_key_blob = NULL; |
| 160 uint8_t* firmware_blob = NULL; |
| 140 FirmwareImage* image = NULL; | 161 FirmwareImage* image = NULL; |
| 141 RSAPublicKey* root_key = NULL; | 162 RSAPublicKey* root_key = NULL; |
| 142 int error_code = 1; | 163 int error_code = 1; |
| 164 char* tmp_firmwareblob_file = ".tmpFirmwareBlob"; |
| 143 | 165 |
| 144 if(argc != 6) { | 166 if(argc != 6) { |
| 145 fprintf(stderr, "Usage: %s <algorithm> <root key> <processed root pubkey>" | 167 fprintf(stderr, "Usage: %s <algorithm> <root key> <processed root pubkey>" |
| 146 " <signing key> <processed signing key>\n", argv[0]); | 168 " <signing key> <processed signing key>\n", argv[0]); |
| 147 return -1; | 169 return -1; |
| 148 } | 170 } |
| 149 | 171 |
| 150 /* Read verification keys and create a test image. */ | 172 /* Read verification keys and create a test image. */ |
| 151 root_key = RSAPublicKeyFromFile(argv[3]); | 173 root_key = RSAPublicKeyFromFile(argv[3]); |
| 174 root_key_blob = BufferFromFile(argv[3], &len); |
| 152 sign_key_buf = BufferFromFile(argv[5], &len); | 175 sign_key_buf = BufferFromFile(argv[5], &len); |
| 153 image = GenerateTestFirmwareImage(atoi(argv[1]), sign_key_buf, 1, | 176 image = GenerateTestFirmwareImage(atoi(argv[1]), sign_key_buf, 1, |
| 154 1, 1000); | 177 1, 1000); |
| 155 | 178 |
| 156 if (!root_key || !sign_key_buf || !image) { | 179 if (!root_key || !sign_key_buf || !image) { |
| 157 error_code = 1; | 180 error_code = 1; |
| 158 goto failure; | 181 goto failure; |
| 159 } | 182 } |
| 160 | 183 |
| 161 /* Generate and populate signatures. */ | 184 /* Generate and populate signatures. */ |
| 162 if (!AddKeySignature(image, argv[2])) { | 185 if (!AddKeySignature(image, argv[2])) { |
| 163 fprintf(stderr, "Couldn't create key signature.\n"); | 186 fprintf(stderr, "Couldn't create key signature.\n"); |
| 164 error_code = 1; | 187 error_code = 1; |
| 165 goto failure; | 188 goto failure; |
| 166 } | 189 } |
| 167 | 190 |
| 168 if (!AddFirmwareSignature(image, argv[4], image->sign_algorithm)) { | 191 if (!AddFirmwareSignature(image, argv[4], image->sign_algorithm)) { |
| 169 fprintf(stderr, "Couldn't create firmware and preamble signature.\n"); | 192 fprintf(stderr, "Couldn't create firmware and preamble signature.\n"); |
| 170 error_code = 1; | 193 error_code = 1; |
| 171 goto failure; | 194 goto failure; |
| 172 } | 195 } |
| 173 | 196 |
| 174 if (!VerifyFirmwareTest(image, root_key)) | 197 |
| 198 /* Generate a firmware binary blob from image. |
| 199 * |
| 200 * TODO(gauravsh): There should be a function to directly generate a binary |
| 201 * blob buffer from a FirmwareImage instead of indirectly writing to a file |
| 202 * and reading it into a buffer. |
| 203 */ |
| 204 if (!WriteFirmwareImage(tmp_firmwareblob_file, image)) { |
| 205 fprintf(stderr, "Couldn't create a temporary firmware blob file.\n"); |
| 206 error_code = 1; |
| 207 goto failure; |
| 208 } |
| 209 firmware_blob = BufferFromFile(tmp_firmwareblob_file, &len); |
| 210 |
| 211 /* Test Firmware blob verify operations. */ |
| 212 if (!VerifyFirmwareTest(firmware_blob, root_key_blob)) |
| 175 error_code = 255; | 213 error_code = 255; |
| 176 if (!VerifyFirmwareTamperTest(image, root_key)) | 214 |
| 215 /* Test FirmwareImage verify operations. */ |
| 216 if (!VerifyFirmwareImageTest(image, root_key)) |
| 217 error_code = 255; |
| 218 if (!VerifyFirmwareImageTamperTest(image, root_key)) |
| 177 error_code = 255; | 219 error_code = 255; |
| 178 | 220 |
| 179 failure: | 221 failure: |
| 222 Free(firmware_blob); |
| 223 Free(image); |
| 224 Free(sign_key_buf); |
| 225 Free(root_key_blob); |
| 180 Free(root_key); | 226 Free(root_key); |
| 181 Free(sign_key_buf); | |
| 182 Free(image); | |
| 183 | 227 |
| 184 return error_code; | 228 return error_code; |
| 185 } | 229 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 650105:
Vboot Reference: Add the "real" reference firmware verification function (VerifyFirmware). (Closed)
