mirror of
https://github.com/Telecominfraproject/OpenCellular.git
synced 2025-11-24 10:14:55 +00:00
vboot2: Get rid of extra '2' at end of new struct names
Now that lib20 and lib21 are distinct, they can have overlapping
struct names. This will be cleaner in the long run, since vboot 2.0
(lib20) is just a temporary stepping stone to vboot 2.1 (lib21). It
would be a shame to need to carry around the overhead of that extra
digit forever.
No functional changes, just a lot of renaming.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky
Change-Id: I25f348fd31e32d08ca576836dfdd1278828765a1
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233183
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This commit is contained in:
Randall Spangler
committed by
chrome-internal-fetch
chrome-internal-fetch
parent
6f1b82ac14
commit
308d254092
@@ -296,11 +296,6 @@ int vb2api_fw_phase2(struct vb2_context *ctx);
|
|||||||
*/
|
*/
|
||||||
int vb2api_fw_phase3(struct vb2_context *ctx);
|
int vb2api_fw_phase3(struct vb2_context *ctx);
|
||||||
|
|
||||||
/**
|
|
||||||
* Same, but for new-style structs.
|
|
||||||
*/
|
|
||||||
int vb2api_fw_phase3_2(struct vb2_context *ctx);
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initialize hashing data for the specified tag.
|
* Initialize hashing data for the specified tag.
|
||||||
*
|
*
|
||||||
@@ -341,11 +336,6 @@ int vb2api_extend_hash(struct vb2_context *ctx,
|
|||||||
*/
|
*/
|
||||||
int vb2api_check_hash(struct vb2_context *ctx);
|
int vb2api_check_hash(struct vb2_context *ctx);
|
||||||
|
|
||||||
/**
|
|
||||||
* Same, but for new-style structs.
|
|
||||||
*/
|
|
||||||
int vb2api_check_hash2(struct vb2_context *ctx);
|
|
||||||
|
|
||||||
/*****************************************************************************/
|
/*****************************************************************************/
|
||||||
/* APIs provided by the caller to verified boot */
|
/* APIs provided by the caller to verified boot */
|
||||||
|
|
||||||
|
|||||||
@@ -165,31 +165,19 @@ uint32_t vb2_sig_size(enum vb2_signature_algorithm sig_alg,
|
|||||||
*/
|
*/
|
||||||
const struct vb2_guid *vb2_hash_guid(enum vb2_hash_algorithm hash_alg);
|
const struct vb2_guid *vb2_hash_guid(enum vb2_hash_algorithm hash_alg);
|
||||||
|
|
||||||
/*
|
/* Size of work buffer sufficient for vb2_verify_digest() worst case. */
|
||||||
* Size of work buffer sufficient for vb2_verify_digest() or
|
|
||||||
* vb2_verify_digest2() worst case.
|
|
||||||
*/
|
|
||||||
#define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES
|
#define VB2_VERIFY_DIGEST_WORKBUF_BYTES VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES
|
||||||
|
|
||||||
/*
|
/* Size of work buffer sufficient for vb2_verify_data() worst case. */
|
||||||
* Size of work buffer sufficient for vb2_verify_data() or vb2_verify_data2()
|
|
||||||
* worst case.
|
|
||||||
*/
|
|
||||||
#define VB2_VERIFY_DATA_WORKBUF_BYTES \
|
#define VB2_VERIFY_DATA_WORKBUF_BYTES \
|
||||||
(VB2_SHA512_DIGEST_SIZE + \
|
(VB2_SHA512_DIGEST_SIZE + \
|
||||||
VB2_MAX(VB2_VERIFY_DIGEST_WORKBUF_BYTES, \
|
VB2_MAX(VB2_VERIFY_DIGEST_WORKBUF_BYTES, \
|
||||||
sizeof(struct vb2_digest_context)))
|
sizeof(struct vb2_digest_context)))
|
||||||
|
|
||||||
/*
|
/* Size of work buffer sufficient for vb2_verify_keyblock() worst case. */
|
||||||
* Size of work buffer sufficient for vb2_verify_keyblock() or
|
|
||||||
* vb2_verify_keyblock2() worst case.
|
|
||||||
*/
|
|
||||||
#define VB2_KEY_BLOCK_VERIFY_WORKBUF_BYTES VB2_VERIFY_DATA_WORKBUF_BYTES
|
#define VB2_KEY_BLOCK_VERIFY_WORKBUF_BYTES VB2_VERIFY_DATA_WORKBUF_BYTES
|
||||||
|
|
||||||
/*
|
/* Size of work buffer sufficient for vb2_verify_fw_preamble() worst case. */
|
||||||
* Size of work buffer sufficient for vb2_verify_fw_preamble() or
|
|
||||||
* vb2_verify_fw_preamble2() worst case.
|
|
||||||
*/
|
|
||||||
#define VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES VB2_VERIFY_DATA_WORKBUF_BYTES
|
#define VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES VB2_VERIFY_DATA_WORKBUF_BYTES
|
||||||
|
|
||||||
#endif /* VBOOT_REFERENCE_VBOOT_2COMMON_H_ */
|
#endif /* VBOOT_REFERENCE_VBOOT_2COMMON_H_ */
|
||||||
|
|||||||
@@ -26,7 +26,7 @@ static __inline struct vb2_shared_data *vb2_get_sd(struct vb2_context *ctx) {
|
|||||||
/**
|
/**
|
||||||
* Validate gbb signature (the magic number)
|
* Validate gbb signature (the magic number)
|
||||||
*
|
*
|
||||||
* @param sig pointer to the signature bytes to validate
|
* @param sig Pointer to the signature bytes to validate
|
||||||
* @return VB2_SUCCESS if valid or VB2_ERROR_GBB_MAGIC otherwise.
|
* @return VB2_SUCCESS if valid or VB2_ERROR_GBB_MAGIC otherwise.
|
||||||
*/
|
*/
|
||||||
int vb2_validate_gbb_signature(uint8_t *sig);
|
int vb2_validate_gbb_signature(uint8_t *sig);
|
||||||
@@ -131,11 +131,6 @@ int vb2_select_fw_slot(struct vb2_context *ctx);
|
|||||||
*/
|
*/
|
||||||
int vb2_load_fw_keyblock(struct vb2_context *ctx);
|
int vb2_load_fw_keyblock(struct vb2_context *ctx);
|
||||||
|
|
||||||
/**
|
|
||||||
* (same, for new-style structs)
|
|
||||||
*/
|
|
||||||
int vb2_load_fw_keyblock2(struct vb2_context *ctx);
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Verify the firmware preamble using the data subkey from the keyblock.
|
* Verify the firmware preamble using the data subkey from the keyblock.
|
||||||
*
|
*
|
||||||
@@ -146,9 +141,4 @@ int vb2_load_fw_keyblock2(struct vb2_context *ctx);
|
|||||||
*/
|
*/
|
||||||
int vb2_load_fw_preamble(struct vb2_context *ctx);
|
int vb2_load_fw_preamble(struct vb2_context *ctx);
|
||||||
|
|
||||||
/**
|
|
||||||
* (same, for new-style structs)
|
|
||||||
*/
|
|
||||||
int vb2_load_fw_preamble2(struct vb2_context *ctx);
|
|
||||||
|
|
||||||
#endif /* VBOOT_REFERENCE_VBOOT_2MISC_H_ */
|
#endif /* VBOOT_REFERENCE_VBOOT_2MISC_H_ */
|
||||||
|
|||||||
@@ -226,7 +226,7 @@ enum vb2_return_code {
|
|||||||
/* Key algorithm doesn't match signature algorithm */
|
/* Key algorithm doesn't match signature algorithm */
|
||||||
VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
|
VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
|
||||||
|
|
||||||
/* Bad magic number in vb2_unpack_key2() */
|
/* Bad magic number in vb2_unpack_key() */
|
||||||
VB2_ERROR_UNPACK_KEY_MAGIC,
|
VB2_ERROR_UNPACK_KEY_MAGIC,
|
||||||
|
|
||||||
/**********************************************************************
|
/**********************************************************************
|
||||||
@@ -362,10 +362,10 @@ enum vb2_return_code {
|
|||||||
VB2_ERROR_FW_PREAMBLE2_WORKBUF,
|
VB2_ERROR_FW_PREAMBLE2_WORKBUF,
|
||||||
|
|
||||||
/* Firmware version out of range in vb2_load_fw_preamble() */
|
/* Firmware version out of range in vb2_load_fw_preamble() */
|
||||||
VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE,
|
VB2_ERROR_FW_PREAMBLE_VERSION_RANGE,
|
||||||
|
|
||||||
/* Firmware version rollback in vb2_load_fw_preamble() */
|
/* Firmware version rollback in vb2_load_fw_preamble() */
|
||||||
VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK,
|
VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK,
|
||||||
|
|
||||||
/* Not enough space in work buffer for resource object */
|
/* Not enough space in work buffer for resource object */
|
||||||
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
||||||
|
|||||||
@@ -160,7 +160,7 @@ struct vb2_shared_data {
|
|||||||
/*
|
/*
|
||||||
* Current tag we're hashing
|
* Current tag we're hashing
|
||||||
*
|
*
|
||||||
* For new structs, this is the offset of the vb2_signature2 struct
|
* For new structs, this is the offset of the vb2_signature struct
|
||||||
* in the work buffer.
|
* in the work buffer.
|
||||||
*
|
*
|
||||||
* TODO: rename to workbuf_hash_sig_offset when vboot1 structs are
|
* TODO: rename to workbuf_hash_sig_offset when vboot1 structs are
|
||||||
|
|||||||
@@ -194,12 +194,12 @@ int vb2_load_fw_preamble(struct vb2_context *ctx)
|
|||||||
* version.
|
* version.
|
||||||
*/
|
*/
|
||||||
if (pre->firmware_version > 0xffff)
|
if (pre->firmware_version > 0xffff)
|
||||||
return VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE;
|
return VB2_ERROR_FW_PREAMBLE_VERSION_RANGE;
|
||||||
|
|
||||||
/* Combine with the key version from vb2_load_fw_keyblock() */
|
/* Combine with the key version from vb2_load_fw_keyblock() */
|
||||||
sd->fw_version |= pre->firmware_version;
|
sd->fw_version |= pre->firmware_version;
|
||||||
if (sd->fw_version < sec_version)
|
if (sd->fw_version < sec_version)
|
||||||
return VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK;
|
return VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If this is a newer version than in secure storage, and we
|
* If this is a newer version than in secure storage, and we
|
||||||
|
|||||||
@@ -16,19 +16,19 @@
|
|||||||
#include "2rsa.h"
|
#include "2rsa.h"
|
||||||
#include "vb2_common.h"
|
#include "vb2_common.h"
|
||||||
|
|
||||||
int vb2api_fw_phase3_2(struct vb2_context *ctx)
|
int vb2api_fw_phase3(struct vb2_context *ctx)
|
||||||
{
|
{
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
/* Verify firmware keyblock */
|
/* Verify firmware keyblock */
|
||||||
rv = vb2_load_fw_keyblock2(ctx);
|
rv = vb2_load_fw_keyblock(ctx);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
|
vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
|
||||||
return rv;
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Verify firmware preamble */
|
/* Verify firmware preamble */
|
||||||
rv = vb2_load_fw_preamble2(ctx);
|
rv = vb2_load_fw_preamble(ctx);
|
||||||
if (rv) {
|
if (rv) {
|
||||||
vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
|
vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
|
||||||
return rv;
|
return rv;
|
||||||
@@ -42,8 +42,8 @@ int vb2api_init_hash2(struct vb2_context *ctx,
|
|||||||
uint32_t *size)
|
uint32_t *size)
|
||||||
{
|
{
|
||||||
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
||||||
const struct vb2_fw_preamble2 *pre;
|
const struct vb2_fw_preamble *pre;
|
||||||
const struct vb2_signature2 *sig = NULL;
|
const struct vb2_signature *sig = NULL;
|
||||||
struct vb2_digest_context *dc;
|
struct vb2_digest_context *dc;
|
||||||
struct vb2_workbuf wb;
|
struct vb2_workbuf wb;
|
||||||
uint32_t hash_offset;
|
uint32_t hash_offset;
|
||||||
@@ -54,13 +54,13 @@ int vb2api_init_hash2(struct vb2_context *ctx,
|
|||||||
/* Get preamble pointer */
|
/* Get preamble pointer */
|
||||||
if (!sd->workbuf_preamble_size)
|
if (!sd->workbuf_preamble_size)
|
||||||
return VB2_ERROR_API_INIT_HASH_PREAMBLE;
|
return VB2_ERROR_API_INIT_HASH_PREAMBLE;
|
||||||
pre = (const struct vb2_fw_preamble2 *)
|
pre = (const struct vb2_fw_preamble *)
|
||||||
(ctx->workbuf + sd->workbuf_preamble_offset);
|
(ctx->workbuf + sd->workbuf_preamble_offset);
|
||||||
|
|
||||||
/* Find the matching signature */
|
/* Find the matching signature */
|
||||||
hash_offset = pre->hash_offset;
|
hash_offset = pre->hash_offset;
|
||||||
for (i = 0; i < pre->hash_count; i++) {
|
for (i = 0; i < pre->hash_count; i++) {
|
||||||
sig = (const struct vb2_signature2 *)
|
sig = (const struct vb2_signature *)
|
||||||
((uint8_t *)pre + hash_offset);
|
((uint8_t *)pre + hash_offset);
|
||||||
|
|
||||||
if (!memcmp(guid, &sig->guid, sizeof(*guid)))
|
if (!memcmp(guid, &sig->guid, sizeof(*guid)))
|
||||||
@@ -96,7 +96,7 @@ int vb2api_init_hash2(struct vb2_context *ctx,
|
|||||||
return vb2_digest_init(dc, sig->hash_alg);
|
return vb2_digest_init(dc, sig->hash_alg);
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2api_check_hash2(struct vb2_context *ctx)
|
int vb2api_check_hash(struct vb2_context *ctx)
|
||||||
{
|
{
|
||||||
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
||||||
struct vb2_digest_context *dc = (struct vb2_digest_context *)
|
struct vb2_digest_context *dc = (struct vb2_digest_context *)
|
||||||
@@ -106,7 +106,7 @@ int vb2api_check_hash2(struct vb2_context *ctx)
|
|||||||
uint8_t *digest;
|
uint8_t *digest;
|
||||||
uint32_t digest_size = vb2_digest_size(dc->hash_alg);
|
uint32_t digest_size = vb2_digest_size(dc->hash_alg);
|
||||||
|
|
||||||
const struct vb2_signature2 *sig;
|
const struct vb2_signature *sig;
|
||||||
|
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
@@ -115,7 +115,7 @@ int vb2api_check_hash2(struct vb2_context *ctx)
|
|||||||
/* Get signature pointer */
|
/* Get signature pointer */
|
||||||
if (!sd->hash_tag)
|
if (!sd->hash_tag)
|
||||||
return VB2_ERROR_API_CHECK_HASH_TAG;
|
return VB2_ERROR_API_CHECK_HASH_TAG;
|
||||||
sig = (const struct vb2_signature2 *)(ctx->workbuf + sd->hash_tag);
|
sig = (const struct vb2_signature *)(ctx->workbuf + sd->hash_tag);
|
||||||
|
|
||||||
/* Must have initialized hash digest work area */
|
/* Must have initialized hash digest work area */
|
||||||
if (!sd->workbuf_hash_size)
|
if (!sd->workbuf_hash_size)
|
||||||
|
|||||||
@@ -173,15 +173,14 @@ const struct vb2_guid *vb2_hash_guid(enum vb2_hash_algorithm hash_alg)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_verify_signature2(const struct vb2_signature2 *sig,
|
int vb2_verify_signature(const struct vb2_signature *sig, uint32_t size)
|
||||||
uint32_t size)
|
|
||||||
{
|
{
|
||||||
uint32_t min_offset = 0;
|
uint32_t min_offset = 0;
|
||||||
uint32_t expect_sig_size;
|
uint32_t expect_sig_size;
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
/* Check magic number */
|
/* Check magic number */
|
||||||
if (sig->c.magic != VB2_MAGIC_SIGNATURE2)
|
if (sig->c.magic != VB2_MAGIC_SIGNATURE)
|
||||||
return VB2_ERROR_SIG_MAGIC;
|
return VB2_ERROR_SIG_MAGIC;
|
||||||
|
|
||||||
/* Make sure common header is good */
|
/* Make sure common header is good */
|
||||||
@@ -194,7 +193,7 @@ int vb2_verify_signature2(const struct vb2_signature2 *sig,
|
|||||||
* that's compatible across readers matching the major version, and we
|
* that's compatible across readers matching the major version, and we
|
||||||
* haven't added any new fields.
|
* haven't added any new fields.
|
||||||
*/
|
*/
|
||||||
if (sig->c.struct_version_major != VB2_SIGNATURE2_VERSION_MAJOR)
|
if (sig->c.struct_version_major != VB2_SIGNATURE_VERSION_MAJOR)
|
||||||
return VB2_ERROR_SIG_VERSION;
|
return VB2_ERROR_SIG_VERSION;
|
||||||
|
|
||||||
/* Make sure header is big enough for signature */
|
/* Make sure header is big enough for signature */
|
||||||
@@ -220,15 +219,15 @@ int vb2_verify_signature2(const struct vb2_signature2 *sig,
|
|||||||
/**
|
/**
|
||||||
* Return the signature data for a signature
|
* Return the signature data for a signature
|
||||||
*/
|
*/
|
||||||
static uint8_t *vb2_signature2_data(struct vb2_signature2 *sig)
|
static uint8_t *vb2_signature_data(struct vb2_signature *sig)
|
||||||
{
|
{
|
||||||
return (uint8_t *)sig + sig->sig_offset;
|
return (uint8_t *)sig + sig->sig_offset;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_verify_digest2(const struct vb2_public_key *key,
|
int vb2_verify_digest(const struct vb2_public_key *key,
|
||||||
struct vb2_signature2 *sig,
|
struct vb2_signature *sig,
|
||||||
const uint8_t *digest,
|
const uint8_t *digest,
|
||||||
const struct vb2_workbuf *wb)
|
const struct vb2_workbuf *wb)
|
||||||
{
|
{
|
||||||
uint32_t key_sig_size = vb2_sig_size(key->sig_alg, key->hash_alg);
|
uint32_t key_sig_size = vb2_sig_size(key->sig_alg, key->hash_alg);
|
||||||
|
|
||||||
@@ -245,7 +244,7 @@ int vb2_verify_digest2(const struct vb2_public_key *key,
|
|||||||
|
|
||||||
if (key->sig_alg == VB2_SIG_NONE) {
|
if (key->sig_alg == VB2_SIG_NONE) {
|
||||||
/* Bare hash */
|
/* Bare hash */
|
||||||
if (vb2_safe_memcmp(vb2_signature2_data(sig),
|
if (vb2_safe_memcmp(vb2_signature_data(sig),
|
||||||
digest, key_sig_size))
|
digest, key_sig_size))
|
||||||
return VB2_ERROR_VDATA_VERIFY_DIGEST;
|
return VB2_ERROR_VDATA_VERIFY_DIGEST;
|
||||||
|
|
||||||
@@ -253,16 +252,16 @@ int vb2_verify_digest2(const struct vb2_public_key *key,
|
|||||||
} else {
|
} else {
|
||||||
/* RSA-signed digest */
|
/* RSA-signed digest */
|
||||||
return vb2_rsa_verify_digest(key,
|
return vb2_rsa_verify_digest(key,
|
||||||
vb2_signature2_data(sig),
|
vb2_signature_data(sig),
|
||||||
digest, wb);
|
digest, wb);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_verify_data2(const void *data,
|
int vb2_verify_data(const void *data,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
struct vb2_signature2 *sig,
|
struct vb2_signature *sig,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb)
|
const struct vb2_workbuf *wb)
|
||||||
{
|
{
|
||||||
struct vb2_workbuf wblocal = *wb;
|
struct vb2_workbuf wblocal = *wb;
|
||||||
struct vb2_digest_context *dc;
|
struct vb2_digest_context *dc;
|
||||||
@@ -303,19 +302,19 @@ int vb2_verify_data2(const void *data,
|
|||||||
|
|
||||||
vb2_workbuf_free(&wblocal, sizeof(*dc));
|
vb2_workbuf_free(&wblocal, sizeof(*dc));
|
||||||
|
|
||||||
return vb2_verify_digest2(key, sig, digest, &wblocal);
|
return vb2_verify_digest(key, sig, digest, &wblocal);
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
int vb2_verify_keyblock(struct vb2_keyblock *block,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb)
|
const struct vb2_workbuf *wb)
|
||||||
{
|
{
|
||||||
uint32_t min_offset = 0, sig_offset;
|
uint32_t min_offset = 0, sig_offset;
|
||||||
int rv, i;
|
int rv, i;
|
||||||
|
|
||||||
/* Check magic number */
|
/* Check magic number */
|
||||||
if (block->c.magic != VB2_MAGIC_KEYBLOCK2)
|
if (block->c.magic != VB2_MAGIC_KEYBLOCK)
|
||||||
return VB2_ERROR_KEYBLOCK_MAGIC;
|
return VB2_ERROR_KEYBLOCK_MAGIC;
|
||||||
|
|
||||||
/* Make sure common header is good */
|
/* Make sure common header is good */
|
||||||
@@ -328,7 +327,7 @@ int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
|||||||
* that's compatible across readers matching the major version, and we
|
* that's compatible across readers matching the major version, and we
|
||||||
* haven't added any new fields.
|
* haven't added any new fields.
|
||||||
*/
|
*/
|
||||||
if (block->c.struct_version_major != VB2_KEYBLOCK2_VERSION_MAJOR)
|
if (block->c.struct_version_major != VB2_KEYBLOCK_VERSION_MAJOR)
|
||||||
return VB2_ERROR_KEYBLOCK_HEADER_VERSION;
|
return VB2_ERROR_KEYBLOCK_HEADER_VERSION;
|
||||||
|
|
||||||
/* Make sure header is big enough */
|
/* Make sure header is big enough */
|
||||||
@@ -343,7 +342,7 @@ int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
|||||||
/* Loop over signatures */
|
/* Loop over signatures */
|
||||||
sig_offset = block->sig_offset;
|
sig_offset = block->sig_offset;
|
||||||
for (i = 0; i < block->sig_count; i++, sig_offset = min_offset) {
|
for (i = 0; i < block->sig_count; i++, sig_offset = min_offset) {
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
|
|
||||||
/* Make sure signature is inside keyblock */
|
/* Make sure signature is inside keyblock */
|
||||||
rv = vb2_verify_common_subobject(block, &min_offset,
|
rv = vb2_verify_common_subobject(block, &min_offset,
|
||||||
@@ -351,11 +350,11 @@ int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
|||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
sig = (struct vb2_signature2 *)((uint8_t *)block + sig_offset);
|
sig = (struct vb2_signature *)((uint8_t *)block + sig_offset);
|
||||||
|
|
||||||
/* Verify the signature integrity */
|
/* Verify the signature integrity */
|
||||||
rv = vb2_verify_signature2(sig,
|
rv = vb2_verify_signature(sig,
|
||||||
block->c.total_size - sig_offset);
|
block->c.total_size - sig_offset);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
@@ -367,24 +366,24 @@ int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
|||||||
if (sig->data_size != block->sig_offset)
|
if (sig->data_size != block->sig_offset)
|
||||||
return VB2_ERROR_KEYBLOCK_SIGNED_SIZE;
|
return VB2_ERROR_KEYBLOCK_SIGNED_SIZE;
|
||||||
|
|
||||||
return vb2_verify_data2(block, block->sig_offset, sig, key, wb);
|
return vb2_verify_data(block, block->sig_offset, sig, key, wb);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If we're still here, no signature matched the key GUID */
|
/* If we're still here, no signature matched the key GUID */
|
||||||
return VB2_ERROR_KEYBLOCK_SIG_GUID;
|
return VB2_ERROR_KEYBLOCK_SIG_GUID;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble,
|
int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb)
|
const struct vb2_workbuf *wb)
|
||||||
{
|
{
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
uint32_t min_offset = 0, hash_offset;
|
uint32_t min_offset = 0, hash_offset;
|
||||||
int rv, i;
|
int rv, i;
|
||||||
|
|
||||||
/* Check magic number */
|
/* Check magic number */
|
||||||
if (preamble->c.magic != VB2_MAGIC_FW_PREAMBLE2)
|
if (preamble->c.magic != VB2_MAGIC_FW_PREAMBLE)
|
||||||
return VB2_ERROR_PREAMBLE_MAGIC;
|
return VB2_ERROR_PREAMBLE_MAGIC;
|
||||||
|
|
||||||
/* Make sure common header is good */
|
/* Make sure common header is good */
|
||||||
@@ -397,7 +396,7 @@ int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble,
|
|||||||
* that's compatible across readers matching the major version, and we
|
* that's compatible across readers matching the major version, and we
|
||||||
* haven't added any new fields.
|
* haven't added any new fields.
|
||||||
*/
|
*/
|
||||||
if (preamble->c.struct_version_major != VB2_FW_PREAMBLE2_VERSION_MAJOR)
|
if (preamble->c.struct_version_major != VB2_FW_PREAMBLE_VERSION_MAJOR)
|
||||||
return VB2_ERROR_PREAMBLE_HEADER_VERSION;
|
return VB2_ERROR_PREAMBLE_HEADER_VERSION;
|
||||||
|
|
||||||
/* Make sure header is big enough */
|
/* Make sure header is big enough */
|
||||||
@@ -413,11 +412,11 @@ int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble,
|
|||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
sig = (struct vb2_signature2 *)
|
sig = (struct vb2_signature *)
|
||||||
((uint8_t *)preamble + hash_offset);
|
((uint8_t *)preamble + hash_offset);
|
||||||
|
|
||||||
/* Verify the signature integrity */
|
/* Verify the signature integrity */
|
||||||
rv = vb2_verify_signature2(
|
rv = vb2_verify_signature(
|
||||||
sig, preamble->c.total_size - hash_offset);
|
sig, preamble->c.total_size - hash_offset);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
@@ -434,10 +433,10 @@ int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble,
|
|||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
/* Verify preamble signature */
|
/* Verify preamble signature */
|
||||||
sig = (struct vb2_signature2 *)((uint8_t *)preamble +
|
sig = (struct vb2_signature *)((uint8_t *)preamble +
|
||||||
preamble->sig_offset);
|
preamble->sig_offset);
|
||||||
|
|
||||||
rv = vb2_verify_data2(preamble, preamble->sig_offset, sig, key, wb);
|
rv = vb2_verify_data(preamble, preamble->sig_offset, sig, key, wb);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
|
|||||||
@@ -8,10 +8,8 @@
|
|||||||
#ifndef VBOOT_REFERENCE_VB2_COMMON_H_
|
#ifndef VBOOT_REFERENCE_VB2_COMMON_H_
|
||||||
#define VBOOT_REFERENCE_VB2_COMMON_H_
|
#define VBOOT_REFERENCE_VB2_COMMON_H_
|
||||||
|
|
||||||
#include "2api.h"
|
|
||||||
#include "2common.h"
|
#include "2common.h"
|
||||||
#include "2return_codes.h"
|
#include "2return_codes.h"
|
||||||
#include "2sha.h"
|
|
||||||
#include "2struct.h"
|
#include "2struct.h"
|
||||||
#include "vb2_struct.h"
|
#include "vb2_struct.h"
|
||||||
|
|
||||||
@@ -87,23 +85,23 @@ int vb2_verify_common_subobject(const void *parent,
|
|||||||
* @param size Size of buffer in bytes
|
* @param size Size of buffer in bytes
|
||||||
* @return VB2_SUCCESS, or non-zero error code if error.
|
* @return VB2_SUCCESS, or non-zero error code if error.
|
||||||
*/
|
*/
|
||||||
int vb2_unpack_key2(struct vb2_public_key *key,
|
int vb2_unpack_key(struct vb2_public_key *key,
|
||||||
const uint8_t *buf,
|
const uint8_t *buf,
|
||||||
uint32_t size);
|
uint32_t size);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Unpack the RSA data fields for a public key
|
* Unpack the RSA data fields for a public key
|
||||||
*
|
*
|
||||||
* This is called by vb2_unpack_key2() to extract the arrays from a packed key.
|
* This is called by vb2_unpack_key() to extract the arrays from a packed key.
|
||||||
* These elements of *key will point inside the key_data buffer.
|
* These elements of *key will point inside the key_data buffer.
|
||||||
*
|
*
|
||||||
* @param key Destination key for RSA data fields
|
* @param key Destination key for RSA data fields
|
||||||
* @param key_data Packed key data (from inside a packed key buffer)
|
* @param key_data Packed key data (from inside a packed key buffer)
|
||||||
* @param key_size Size of packed key data in bytes
|
* @param key_size Size of packed key data in bytes
|
||||||
*/
|
*/
|
||||||
int vb2_unpack_key2_data(struct vb2_public_key *key,
|
int vb2_unpack_key_data(struct vb2_public_key *key,
|
||||||
const uint8_t *key_data,
|
const uint8_t *key_data,
|
||||||
uint32_t key_size);
|
uint32_t key_size);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Verify the integrity of a signature struct
|
* Verify the integrity of a signature struct
|
||||||
@@ -111,8 +109,8 @@ int vb2_unpack_key2_data(struct vb2_public_key *key,
|
|||||||
* @param size Size of buffer containing signature struct
|
* @param size Size of buffer containing signature struct
|
||||||
* @return VB2_SUCCESS, or non-zero if error.
|
* @return VB2_SUCCESS, or non-zero if error.
|
||||||
*/
|
*/
|
||||||
int vb2_verify_signature2(const struct vb2_signature2 *sig,
|
int vb2_verify_signature(const struct vb2_signature *sig,
|
||||||
uint32_t size);
|
uint32_t size);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Verify a signature against an expected hash digest.
|
* Verify a signature against an expected hash digest.
|
||||||
@@ -123,10 +121,10 @@ int vb2_verify_signature2(const struct vb2_signature2 *sig,
|
|||||||
* @param wb Work buffer
|
* @param wb Work buffer
|
||||||
* @return VB2_SUCCESS, or non-zero if error.
|
* @return VB2_SUCCESS, or non-zero if error.
|
||||||
*/
|
*/
|
||||||
int vb2_verify_digest2(const struct vb2_public_key *key,
|
int vb2_verify_digest(const struct vb2_public_key *key,
|
||||||
struct vb2_signature2 *sig,
|
struct vb2_signature *sig,
|
||||||
const uint8_t *digest,
|
const uint8_t *digest,
|
||||||
const struct vb2_workbuf *wb);
|
const struct vb2_workbuf *wb);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Verify data matches signature.
|
* Verify data matches signature.
|
||||||
@@ -139,11 +137,11 @@ int vb2_verify_digest2(const struct vb2_public_key *key,
|
|||||||
* @param wb Work buffer
|
* @param wb Work buffer
|
||||||
* @return VB2_SUCCESS, or non-zero error code if error.
|
* @return VB2_SUCCESS, or non-zero error code if error.
|
||||||
*/
|
*/
|
||||||
int vb2_verify_data2(const void *data,
|
int vb2_verify_data(const void *data,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
struct vb2_signature2 *sig,
|
struct vb2_signature *sig,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb);
|
const struct vb2_workbuf *wb);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check the sanity of a key block using a public key.
|
* Check the sanity of a key block using a public key.
|
||||||
@@ -157,10 +155,10 @@ int vb2_verify_data2(const void *data,
|
|||||||
* @param wb Work buffer
|
* @param wb Work buffer
|
||||||
* @return VB2_SUCCESS, or non-zero error code if error.
|
* @return VB2_SUCCESS, or non-zero error code if error.
|
||||||
*/
|
*/
|
||||||
int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
int vb2_verify_keyblock(struct vb2_keyblock *block,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb);
|
const struct vb2_workbuf *wb);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Check the sanity of a firmware preamble using a public key.
|
* Check the sanity of a firmware preamble using a public key.
|
||||||
@@ -173,9 +171,9 @@ int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
|||||||
* @param wb Work buffer
|
* @param wb Work buffer
|
||||||
* @return VB2_SUCCESS, or non-zero error code if error.
|
* @return VB2_SUCCESS, or non-zero error code if error.
|
||||||
*/
|
*/
|
||||||
int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble,
|
int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb);
|
const struct vb2_workbuf *wb);
|
||||||
|
|
||||||
#endif /* VBOOT_REFERENCE_VB2_COMMON_H_ */
|
#endif /* VBOOT_REFERENCE_VB2_COMMON_H_ */
|
||||||
|
|||||||
@@ -23,23 +23,23 @@
|
|||||||
* structs as invalid.
|
* structs as invalid.
|
||||||
*/
|
*/
|
||||||
enum vb2_struct_common_magic {
|
enum vb2_struct_common_magic {
|
||||||
/* "Vb2B" = vb2_keyblock2.c.magic */
|
/* "Vb2B" = vb2_keyblock.c.magic */
|
||||||
VB2_MAGIC_KEYBLOCK2 = 0x42326256,
|
VB2_MAGIC_KEYBLOCK = 0x42326256,
|
||||||
|
|
||||||
/* "Vb2F" = vb2_fw_preamble.c.magic */
|
/* "Vb2F" = vb2_fw_preamble.c.magic */
|
||||||
VB2_MAGIC_FW_PREAMBLE2 = 0x46326256,
|
VB2_MAGIC_FW_PREAMBLE = 0x46326256,
|
||||||
|
|
||||||
/* "Vb2I" = vb2_packed_private_key2.c.magic */
|
/* "Vb2I" = vb2_packed_private_key.c.magic */
|
||||||
VB2_MAGIC_PACKED_PRIVATE_KEY2 = 0x49326256,
|
VB2_MAGIC_PACKED_PRIVATE_KEY = 0x49326256,
|
||||||
|
|
||||||
/* "Vb2K" = vb2_kernel_preamble.c.magic */
|
/* "Vb2K" = vb2_kernel_preamble.c.magic */
|
||||||
VB2_MAGIC_KERNEL_PREAMBLE2 = 0x4b326256,
|
VB2_MAGIC_KERNEL_PREAMBLE = 0x4b326256,
|
||||||
|
|
||||||
/* "Vb2P" = vb2_packed_key2.c.magic */
|
/* "Vb2P" = vb2_packed_key.c.magic */
|
||||||
VB2_MAGIC_PACKED_KEY2 = 0x50326256,
|
VB2_MAGIC_PACKED_KEY = 0x50326256,
|
||||||
|
|
||||||
/* "Vb2S" = vb2_signature.c.magic */
|
/* "Vb2S" = vb2_signature.c.magic */
|
||||||
VB2_MAGIC_SIGNATURE2 = 0x53326256,
|
VB2_MAGIC_SIGNATURE = 0x53326256,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
@@ -102,19 +102,19 @@ struct vb2_struct_common {
|
|||||||
|
|
||||||
#define EXPECTED_VB2_STRUCT_COMMON_SIZE 20
|
#define EXPECTED_VB2_STRUCT_COMMON_SIZE 20
|
||||||
|
|
||||||
/* Current version of vb2_packed_key2 struct */
|
/* Current version of vb2_packed_key struct */
|
||||||
#define VB2_PACKED_KEY2_VERSION_MAJOR 3
|
#define VB2_PACKED_KEY_VERSION_MAJOR 3
|
||||||
#define VB2_PACKED_KEY2_VERSION_MINOR 0
|
#define VB2_PACKED_KEY_VERSION_MINOR 0
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Packed public key data, version 2
|
* Packed public key data
|
||||||
*
|
*
|
||||||
* The key data must be arranged like this:
|
* The key data must be arranged like this:
|
||||||
* 1) vb2_packed_key2 header struct h
|
* 1) vb2_packed_key header struct h
|
||||||
* 2) Key description (pointed to by h.c.fixed_size)
|
* 2) Key description (pointed to by h.c.fixed_size)
|
||||||
* 3) Key data key (pointed to by h.key_offset)
|
* 3) Key data key (pointed to by h.key_offset)
|
||||||
*/
|
*/
|
||||||
struct vb2_packed_key2 {
|
struct vb2_packed_key {
|
||||||
/* Common header fields */
|
/* Common header fields */
|
||||||
struct vb2_struct_common c;
|
struct vb2_struct_common c;
|
||||||
|
|
||||||
@@ -141,22 +141,22 @@ struct vb2_packed_key2 {
|
|||||||
struct vb2_guid guid;
|
struct vb2_guid guid;
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
#define EXPECTED_VB2_PACKED_KEY2_SIZE \
|
#define EXPECTED_VB2_PACKED_KEY_SIZE \
|
||||||
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16)
|
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16)
|
||||||
|
|
||||||
/* Current version of vb2_packed_private_key2 struct */
|
/* Current version of vb2_packed_private_key struct */
|
||||||
#define VB2_PACKED_PRIVATE_KEY2_VERSION_MAJOR 3
|
#define VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR 3
|
||||||
#define VB2_PACKED_PRIVATE_KEY2_VERSION_MINOR 0
|
#define VB2_PACKED_PRIVATE_KEY_VERSION_MINOR 0
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Packed private key data, version 2
|
* Packed private key data
|
||||||
*
|
*
|
||||||
* The key data must be arranged like this:
|
* The key data must be arranged like this:
|
||||||
* 1) vb2_packed_private_key2 header struct h
|
* 1) vb2_packed_private_key header struct h
|
||||||
* 2) Key description (pointed to by h.c.fixed_size)
|
* 2) Key description (pointed to by h.c.fixed_size)
|
||||||
* 3) Key data key (pointed to by h.key_offset)
|
* 3) Key data key (pointed to by h.key_offset)
|
||||||
*/
|
*/
|
||||||
struct vb2_packed_private_key2 {
|
struct vb2_packed_private_key {
|
||||||
/* Common header fields */
|
/* Common header fields */
|
||||||
struct vb2_struct_common c;
|
struct vb2_struct_common c;
|
||||||
|
|
||||||
@@ -180,22 +180,22 @@ struct vb2_packed_private_key2 {
|
|||||||
struct vb2_guid guid;
|
struct vb2_guid guid;
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
#define EXPECTED_VB2_PACKED_PRIVATE_KEY2_SIZE \
|
#define EXPECTED_VB2_PACKED_PRIVATE_KEY_SIZE \
|
||||||
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 12)
|
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 12)
|
||||||
|
|
||||||
/* Current version of vb2_signature2 struct */
|
/* Current version of vb2_signature struct */
|
||||||
#define VB2_SIGNATURE2_VERSION_MAJOR 3
|
#define VB2_SIGNATURE_VERSION_MAJOR 3
|
||||||
#define VB2_SIGNATURE2_VERSION_MINOR 0
|
#define VB2_SIGNATURE_VERSION_MINOR 0
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Signature data, version 2
|
* Signature data
|
||||||
*
|
*
|
||||||
* The signature data must be arranged like this:
|
* The signature data must be arranged like this:
|
||||||
* 1) vb2_signature2 header struct h
|
* 1) vb2_signature header struct h
|
||||||
* 2) Signature description (pointed to by h.c.fixed_size)
|
* 2) Signature description (pointed to by h.c.fixed_size)
|
||||||
* 3) Signature data (pointed to by h.sig_offset)
|
* 3) Signature data (pointed to by h.sig_offset)
|
||||||
*/
|
*/
|
||||||
struct vb2_signature2 {
|
struct vb2_signature {
|
||||||
/* Common header fields */
|
/* Common header fields */
|
||||||
struct vb2_struct_common c;
|
struct vb2_struct_common c;
|
||||||
|
|
||||||
@@ -228,20 +228,20 @@ struct vb2_signature2 {
|
|||||||
struct vb2_guid guid;
|
struct vb2_guid guid;
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
#define EXPECTED_VB2_SIGNATURE2_SIZE \
|
#define EXPECTED_VB2_SIGNATURE_SIZE \
|
||||||
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16)
|
(EXPECTED_VB2_STRUCT_COMMON_SIZE + EXPECTED_GUID_SIZE + 16)
|
||||||
|
|
||||||
|
|
||||||
/* Current version of vb2_keyblock2 struct */
|
/* Current version of vb2_keyblock struct */
|
||||||
#define VB2_KEYBLOCK2_VERSION_MAJOR 3
|
#define VB2_KEYBLOCK_VERSION_MAJOR 3
|
||||||
#define VB2_KEYBLOCK2_VERSION_MINOR 0
|
#define VB2_KEYBLOCK_VERSION_MINOR 0
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Key block. This contains a signed, versioned key for use in the next stage
|
* Key block. This contains a signed, versioned key for use in the next stage
|
||||||
* of verified boot.
|
* of verified boot.
|
||||||
*
|
*
|
||||||
* The key block data must be arranged like this:
|
* The key block data must be arranged like this:
|
||||||
* 1) vb2_keyblock2 header struct h
|
* 1) vb2_keyblock header struct h
|
||||||
* 2) Keyblock description (pointed to by h.c.fixed_size)
|
* 2) Keyblock description (pointed to by h.c.fixed_size)
|
||||||
* 3) Data key (pointed to by h.data_key_offset)
|
* 3) Data key (pointed to by h.data_key_offset)
|
||||||
* 4) Signatures (first signature pointed to by h.sig_offset)
|
* 4) Signatures (first signature pointed to by h.sig_offset)
|
||||||
@@ -249,7 +249,7 @@ struct vb2_signature2 {
|
|||||||
* The signatures from 4) must cover all the data from 1), 2), 3). That is,
|
* The signatures from 4) must cover all the data from 1), 2), 3). That is,
|
||||||
* signatures must sign all data up to sig_offset.
|
* signatures must sign all data up to sig_offset.
|
||||||
*/
|
*/
|
||||||
struct vb2_keyblock2 {
|
struct vb2_keyblock {
|
||||||
/* Common header fields */
|
/* Common header fields */
|
||||||
struct vb2_struct_common c;
|
struct vb2_struct_common c;
|
||||||
|
|
||||||
@@ -257,7 +257,7 @@ struct vb2_keyblock2 {
|
|||||||
uint32_t flags;
|
uint32_t flags;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Offset of key (struct vb2_packed_key2) to use in next stage of
|
* Offset of key (struct vb2_packed_key) to use in next stage of
|
||||||
* verification, from start of the keyblock.
|
* verification, from start of the keyblock.
|
||||||
*/
|
*/
|
||||||
uint32_t key_offset;
|
uint32_t key_offset;
|
||||||
@@ -266,7 +266,7 @@ struct vb2_keyblock2 {
|
|||||||
uint32_t sig_count;
|
uint32_t sig_count;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Offset of the first signature (struct vb2_signature2) from the start
|
* Offset of the first signature (struct vb2_signature) from the start
|
||||||
* of the keyblock.
|
* of the keyblock.
|
||||||
*
|
*
|
||||||
* Signatures sign the contents of this struct and the data pointed to
|
* Signatures sign the contents of this struct and the data pointed to
|
||||||
@@ -284,25 +284,25 @@ struct vb2_keyblock2 {
|
|||||||
uint32_t sig_offset;
|
uint32_t sig_offset;
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
#define EXPECTED_VB2_KEYBLOCK2_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16)
|
#define EXPECTED_VB2_KEYBLOCK_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 16)
|
||||||
|
|
||||||
|
|
||||||
/* Current version of vb2_fw_preamble2 struct */
|
/* Current version of vb2_fw_preamble struct */
|
||||||
#define VB2_FW_PREAMBLE2_VERSION_MAJOR 3
|
#define VB2_FW_PREAMBLE_VERSION_MAJOR 3
|
||||||
#define VB2_FW_PREAMBLE2_VERSION_MINOR 0
|
#define VB2_FW_PREAMBLE_VERSION_MINOR 0
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Firmware preamble
|
* Firmware preamble
|
||||||
*
|
*
|
||||||
* The preamble data must be arranged like this:
|
* The preamble data must be arranged like this:
|
||||||
* 1) vb2_fw_preamble2 header struct h
|
* 1) vb2_fw_preamble header struct h
|
||||||
* 2) Preamble description (pointed to by h.c.fixed_size)
|
* 2) Preamble description (pointed to by h.c.fixed_size)
|
||||||
* 3) Hashes (pointed to by h.hash_offset)
|
* 3) Hashes (pointed to by h.hash_offset)
|
||||||
* 4) Signature (pointed to by h.sig_offset)
|
* 4) Signature (pointed to by h.sig_offset)
|
||||||
*
|
*
|
||||||
* The signature 4) must cover all the data from 1), 2), 3).
|
* The signature 4) must cover all the data from 1), 2), 3).
|
||||||
*/
|
*/
|
||||||
struct vb2_fw_preamble2 {
|
struct vb2_fw_preamble {
|
||||||
/* Common header fields */
|
/* Common header fields */
|
||||||
struct vb2_struct_common c;
|
struct vb2_struct_common c;
|
||||||
|
|
||||||
@@ -310,13 +310,13 @@ struct vb2_fw_preamble2 {
|
|||||||
uint32_t flags;
|
uint32_t flags;
|
||||||
|
|
||||||
/* Firmware version */
|
/* Firmware version */
|
||||||
uint32_t firmware_version;
|
uint32_t fw_version;
|
||||||
|
|
||||||
/* Offset of signature (struct vb2_signature2) for this preamble */
|
/* Offset of signature (struct vb2_signature) for this preamble */
|
||||||
uint32_t sig_offset;
|
uint32_t sig_offset;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The preamble contains a list of hashes (struct vb2_signature2) for
|
* The preamble contains a list of hashes (struct vb2_signature) for
|
||||||
* the various firmware components. These have sig_alg=VB2_SIG_NONE,
|
* the various firmware components. These have sig_alg=VB2_SIG_NONE,
|
||||||
* and the GUID for each hash identifies the component being hashed.
|
* and the GUID for each hash identifies the component being hashed.
|
||||||
* The calling firmware is responsible for knowing where to find those
|
* The calling firmware is responsible for knowing where to find those
|
||||||
@@ -331,6 +331,6 @@ struct vb2_fw_preamble2 {
|
|||||||
uint32_t hash_offset;
|
uint32_t hash_offset;
|
||||||
} __attribute__((packed));
|
} __attribute__((packed));
|
||||||
|
|
||||||
#define EXPECTED_VB2_FW_PREAMBLE2_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 20)
|
#define EXPECTED_VB2_FW_PREAMBLE_SIZE (EXPECTED_VB2_STRUCT_COMMON_SIZE + 20)
|
||||||
|
|
||||||
#endif /* VBOOT_REFERENCE_VB2_STRUCT_H_ */
|
#endif /* VBOOT_REFERENCE_VB2_STRUCT_H_ */
|
||||||
|
|||||||
@@ -62,16 +62,16 @@ int vb2_read_resource_object(struct vb2_context *ctx,
|
|||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_load_fw_keyblock2(struct vb2_context *ctx)
|
int vb2_load_fw_keyblock(struct vb2_context *ctx)
|
||||||
{
|
{
|
||||||
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
||||||
struct vb2_workbuf wb;
|
struct vb2_workbuf wb;
|
||||||
|
|
||||||
uint8_t *key_data;
|
uint8_t *key_data;
|
||||||
uint32_t key_size;
|
uint32_t key_size;
|
||||||
struct vb2_packed_key2 *packed_key;
|
struct vb2_packed_key *packed_key;
|
||||||
struct vb2_public_key root_key;
|
struct vb2_public_key root_key;
|
||||||
struct vb2_keyblock2 *kb;
|
struct vb2_keyblock *kb;
|
||||||
|
|
||||||
uint32_t sec_version;
|
uint32_t sec_version;
|
||||||
int rv;
|
int rv;
|
||||||
@@ -90,7 +90,7 @@ int vb2_load_fw_keyblock2(struct vb2_context *ctx)
|
|||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
/* Unpack the root key */
|
/* Unpack the root key */
|
||||||
rv = vb2_unpack_key2(&root_key, key_data, key_size);
|
rv = vb2_unpack_key(&root_key, key_data, key_size);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
@@ -104,7 +104,7 @@ int vb2_load_fw_keyblock2(struct vb2_context *ctx)
|
|||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
/* Verify the keyblock */
|
/* Verify the keyblock */
|
||||||
rv = vb2_verify_keyblock2(kb, kb->c.total_size, &root_key, &wb);
|
rv = vb2_verify_keyblock(kb, kb->c.total_size, &root_key, &wb);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
@@ -116,7 +116,7 @@ int vb2_load_fw_keyblock2(struct vb2_context *ctx)
|
|||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
packed_key = (struct vb2_packed_key2 *)((uint8_t *)kb + kb->key_offset);
|
packed_key = (struct vb2_packed_key *)((uint8_t *)kb + kb->key_offset);
|
||||||
|
|
||||||
/* Key version is the upper 16 bits of the composite firmware version */
|
/* Key version is the upper 16 bits of the composite firmware version */
|
||||||
if (packed_key->key_version > 0xffff)
|
if (packed_key->key_version > 0xffff)
|
||||||
@@ -137,7 +137,7 @@ int vb2_load_fw_keyblock2(struct vb2_context *ctx)
|
|||||||
* paranoid.
|
* paranoid.
|
||||||
*/
|
*/
|
||||||
memmove(key_data, packed_key, packed_key->c.total_size);
|
memmove(key_data, packed_key, packed_key->c.total_size);
|
||||||
packed_key = (struct vb2_packed_key2 *)key_data;
|
packed_key = (struct vb2_packed_key *)key_data;
|
||||||
|
|
||||||
/* Save the packed key offset and size */
|
/* Save the packed key offset and size */
|
||||||
sd->workbuf_data_key_offset = vb2_offset_of(ctx->workbuf, key_data);
|
sd->workbuf_data_key_offset = vb2_offset_of(ctx->workbuf, key_data);
|
||||||
@@ -150,7 +150,7 @@ int vb2_load_fw_keyblock2(struct vb2_context *ctx)
|
|||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_load_fw_preamble2(struct vb2_context *ctx)
|
int vb2_load_fw_preamble(struct vb2_context *ctx)
|
||||||
{
|
{
|
||||||
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
struct vb2_shared_data *sd = vb2_get_sd(ctx);
|
||||||
struct vb2_workbuf wb;
|
struct vb2_workbuf wb;
|
||||||
@@ -160,7 +160,7 @@ int vb2_load_fw_preamble2(struct vb2_context *ctx)
|
|||||||
struct vb2_public_key data_key;
|
struct vb2_public_key data_key;
|
||||||
|
|
||||||
/* Preamble goes in the next unused chunk of work buffer */
|
/* Preamble goes in the next unused chunk of work buffer */
|
||||||
struct vb2_fw_preamble2 *pre;
|
struct vb2_fw_preamble *pre;
|
||||||
|
|
||||||
uint32_t sec_version;
|
uint32_t sec_version;
|
||||||
int rv;
|
int rv;
|
||||||
@@ -171,7 +171,7 @@ int vb2_load_fw_preamble2(struct vb2_context *ctx)
|
|||||||
if (!sd->workbuf_data_key_size)
|
if (!sd->workbuf_data_key_size)
|
||||||
return VB2_ERROR_FW_PREAMBLE2_DATA_KEY;
|
return VB2_ERROR_FW_PREAMBLE2_DATA_KEY;
|
||||||
|
|
||||||
rv = vb2_unpack_key2(&data_key, key_data, key_size);
|
rv = vb2_unpack_key(&data_key, key_data, key_size);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
@@ -185,13 +185,13 @@ int vb2_load_fw_preamble2(struct vb2_context *ctx)
|
|||||||
/* Work buffer now contains the data subkey data and the preamble */
|
/* Work buffer now contains the data subkey data and the preamble */
|
||||||
|
|
||||||
/* Verify the preamble */
|
/* Verify the preamble */
|
||||||
rv = vb2_verify_fw_preamble2(pre, pre->c.total_size, &data_key, &wb);
|
rv = vb2_verify_fw_preamble(pre, pre->c.total_size, &data_key, &wb);
|
||||||
if (rv)
|
if (rv)
|
||||||
return rv;
|
return rv;
|
||||||
|
|
||||||
/* Move the preamble down now that the data key is no longer used */
|
/* Move the preamble down now that the data key is no longer used */
|
||||||
memmove(key_data, pre, pre->c.total_size);
|
memmove(key_data, pre, pre->c.total_size);
|
||||||
pre = (struct vb2_fw_preamble2 *)key_data;
|
pre = (struct vb2_fw_preamble *)key_data;
|
||||||
|
|
||||||
/* Data key is now gone */
|
/* Data key is now gone */
|
||||||
sd->workbuf_data_key_offset = sd->workbuf_data_key_size = 0;
|
sd->workbuf_data_key_offset = sd->workbuf_data_key_size = 0;
|
||||||
@@ -205,13 +205,13 @@ int vb2_load_fw_preamble2(struct vb2_context *ctx)
|
|||||||
* Firmware version is the lower 16 bits of the composite firmware
|
* Firmware version is the lower 16 bits of the composite firmware
|
||||||
* version.
|
* version.
|
||||||
*/
|
*/
|
||||||
if (pre->firmware_version > 0xffff)
|
if (pre->fw_version > 0xffff)
|
||||||
return VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE;
|
return VB2_ERROR_FW_PREAMBLE_VERSION_RANGE;
|
||||||
|
|
||||||
/* Combine with the key version from vb2_load_fw_keyblock() */
|
/* Combine with the key version from vb2_load_fw_keyblock() */
|
||||||
sd->fw_version |= pre->firmware_version;
|
sd->fw_version |= pre->fw_version;
|
||||||
if (sd->fw_version < sec_version)
|
if (sd->fw_version < sec_version)
|
||||||
return VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK;
|
return VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If this is a newer version than in secure storage, and we
|
* If this is a newer version than in secure storage, and we
|
||||||
|
|||||||
@@ -10,7 +10,7 @@
|
|||||||
#include "2rsa.h"
|
#include "2rsa.h"
|
||||||
#include "vb2_common.h"
|
#include "vb2_common.h"
|
||||||
|
|
||||||
int vb2_unpack_key2_data(struct vb2_public_key *key,
|
int vb2_unpack_key_data(struct vb2_public_key *key,
|
||||||
const uint8_t *key_data,
|
const uint8_t *key_data,
|
||||||
uint32_t key_size)
|
uint32_t key_size)
|
||||||
{
|
{
|
||||||
@@ -42,18 +42,18 @@ int vb2_unpack_key2_data(struct vb2_public_key *key,
|
|||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_unpack_key2(struct vb2_public_key *key,
|
int vb2_unpack_key(struct vb2_public_key *key,
|
||||||
const uint8_t *buf,
|
const uint8_t *buf,
|
||||||
uint32_t size)
|
uint32_t size)
|
||||||
{
|
{
|
||||||
const struct vb2_packed_key2 *pkey =
|
const struct vb2_packed_key *pkey =
|
||||||
(const struct vb2_packed_key2 *)buf;
|
(const struct vb2_packed_key *)buf;
|
||||||
uint32_t sig_size;
|
uint32_t sig_size;
|
||||||
uint32_t min_offset = 0;
|
uint32_t min_offset = 0;
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
/* Check magic number */
|
/* Check magic number */
|
||||||
if (pkey->c.magic != VB2_MAGIC_PACKED_KEY2)
|
if (pkey->c.magic != VB2_MAGIC_PACKED_KEY)
|
||||||
return VB2_ERROR_UNPACK_KEY_MAGIC;
|
return VB2_ERROR_UNPACK_KEY_MAGIC;
|
||||||
|
|
||||||
rv = vb2_verify_common_header(buf, size);
|
rv = vb2_verify_common_header(buf, size);
|
||||||
@@ -71,7 +71,7 @@ int vb2_unpack_key2(struct vb2_public_key *key,
|
|||||||
* that's compatible across readers matching the major version, and we
|
* that's compatible across readers matching the major version, and we
|
||||||
* haven't added any new fields.
|
* haven't added any new fields.
|
||||||
*/
|
*/
|
||||||
if (pkey->c.struct_version_major != VB2_PACKED_KEY2_VERSION_MAJOR)
|
if (pkey->c.struct_version_major != VB2_PACKED_KEY_VERSION_MAJOR)
|
||||||
return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
|
return VB2_ERROR_UNPACK_KEY_STRUCT_VERSION;
|
||||||
|
|
||||||
/* Copy key algorithms */
|
/* Copy key algorithms */
|
||||||
@@ -84,7 +84,7 @@ int vb2_unpack_key2(struct vb2_public_key *key,
|
|||||||
sig_size = vb2_rsa_sig_size(key->sig_alg);
|
sig_size = vb2_rsa_sig_size(key->sig_alg);
|
||||||
if (!sig_size)
|
if (!sig_size)
|
||||||
return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
|
return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
|
||||||
rv = vb2_unpack_key2_data(
|
rv = vb2_unpack_key_data(
|
||||||
key,
|
key,
|
||||||
(const uint8_t *)pkey + pkey->key_offset,
|
(const uint8_t *)pkey + pkey->key_offset,
|
||||||
pkey->key_size);
|
pkey->key_size);
|
||||||
|
|||||||
@@ -16,22 +16,22 @@
|
|||||||
#include "host_signature2.h"
|
#include "host_signature2.h"
|
||||||
#include "vb2_common.h"
|
#include "vb2_common.h"
|
||||||
|
|
||||||
int vb2_fw_preamble_create(struct vb2_fw_preamble2 **fp_ptr,
|
int vb2_fw_preamble_create(struct vb2_fw_preamble **fp_ptr,
|
||||||
const struct vb2_private_key *signing_key,
|
const struct vb2_private_key *signing_key,
|
||||||
const struct vb2_signature2 **hash_list,
|
const struct vb2_signature **hash_list,
|
||||||
uint32_t hash_count,
|
uint32_t hash_count,
|
||||||
uint32_t fw_version,
|
uint32_t fw_version,
|
||||||
uint32_t flags,
|
uint32_t flags,
|
||||||
const char *desc)
|
const char *desc)
|
||||||
{
|
{
|
||||||
struct vb2_fw_preamble2 fp = {
|
struct vb2_fw_preamble fp = {
|
||||||
.c.magic = VB2_MAGIC_FW_PREAMBLE2,
|
.c.magic = VB2_MAGIC_FW_PREAMBLE,
|
||||||
.c.struct_version_major = VB2_FW_PREAMBLE2_VERSION_MAJOR,
|
.c.struct_version_major = VB2_FW_PREAMBLE_VERSION_MAJOR,
|
||||||
.c.struct_version_minor = VB2_FW_PREAMBLE2_VERSION_MAJOR,
|
.c.struct_version_minor = VB2_FW_PREAMBLE_VERSION_MAJOR,
|
||||||
.c.fixed_size = sizeof(fp),
|
.c.fixed_size = sizeof(fp),
|
||||||
.c.desc_size = vb2_desc_size(desc),
|
.c.desc_size = vb2_desc_size(desc),
|
||||||
.flags = flags,
|
.flags = flags,
|
||||||
.firmware_version = fw_version,
|
.fw_version = fw_version,
|
||||||
.hash_count = hash_count,
|
.hash_count = hash_count,
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -77,6 +77,6 @@ int vb2_fw_preamble_create(struct vb2_fw_preamble2 **fp_ptr,
|
|||||||
return VB2_FW_PREAMBLE_CREATE_SIGN;
|
return VB2_FW_PREAMBLE_CREATE_SIGN;
|
||||||
}
|
}
|
||||||
|
|
||||||
*fp_ptr = (struct vb2_fw_preamble2 *)buf;
|
*fp_ptr = (struct vb2_fw_preamble *)buf;
|
||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -38,8 +38,8 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr,
|
|||||||
const uint8_t *buf,
|
const uint8_t *buf,
|
||||||
uint32_t size)
|
uint32_t size)
|
||||||
{
|
{
|
||||||
const struct vb2_packed_private_key2 *pkey =
|
const struct vb2_packed_private_key *pkey =
|
||||||
(const struct vb2_packed_private_key2 *)buf;
|
(const struct vb2_packed_private_key *)buf;
|
||||||
struct vb2_private_key *key;
|
struct vb2_private_key *key;
|
||||||
const unsigned char *start;
|
const unsigned char *start;
|
||||||
uint32_t min_offset = 0;
|
uint32_t min_offset = 0;
|
||||||
@@ -51,7 +51,7 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr,
|
|||||||
*
|
*
|
||||||
* TODO: If it doesn't match, pass through to the old packed key format.
|
* TODO: If it doesn't match, pass through to the old packed key format.
|
||||||
*/
|
*/
|
||||||
if (pkey->c.magic != VB2_MAGIC_PACKED_PRIVATE_KEY2)
|
if (pkey->c.magic != VB2_MAGIC_PACKED_PRIVATE_KEY)
|
||||||
return VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC;
|
return VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC;
|
||||||
|
|
||||||
if (vb2_verify_common_header(buf, size))
|
if (vb2_verify_common_header(buf, size))
|
||||||
@@ -68,7 +68,7 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr,
|
|||||||
* haven't added any new fields.
|
* haven't added any new fields.
|
||||||
*/
|
*/
|
||||||
if (pkey->c.struct_version_major !=
|
if (pkey->c.struct_version_major !=
|
||||||
VB2_PACKED_PRIVATE_KEY2_VERSION_MAJOR)
|
VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR)
|
||||||
return VB2_ERROR_UNPACK_PRIVATE_KEY_STRUCT_VERSION;
|
return VB2_ERROR_UNPACK_PRIVATE_KEY_STRUCT_VERSION;
|
||||||
|
|
||||||
/* Allocate the new key */
|
/* Allocate the new key */
|
||||||
@@ -179,10 +179,10 @@ int vb2_private_key_set_desc(struct vb2_private_key *key, const char *desc)
|
|||||||
int vb2_private_key_write(const struct vb2_private_key *key,
|
int vb2_private_key_write(const struct vb2_private_key *key,
|
||||||
const char *filename)
|
const char *filename)
|
||||||
{
|
{
|
||||||
struct vb2_packed_private_key2 pkey = {
|
struct vb2_packed_private_key pkey = {
|
||||||
.c.magic = VB2_MAGIC_PACKED_PRIVATE_KEY2,
|
.c.magic = VB2_MAGIC_PACKED_PRIVATE_KEY,
|
||||||
.c.struct_version_major = VB2_PACKED_PRIVATE_KEY2_VERSION_MAJOR,
|
.c.struct_version_major = VB2_PACKED_PRIVATE_KEY_VERSION_MAJOR,
|
||||||
.c.struct_version_minor = VB2_PACKED_PRIVATE_KEY2_VERSION_MINOR,
|
.c.struct_version_minor = VB2_PACKED_PRIVATE_KEY_VERSION_MINOR,
|
||||||
.c.fixed_size = sizeof(pkey),
|
.c.fixed_size = sizeof(pkey),
|
||||||
.sig_alg = key->sig_alg,
|
.sig_alg = key->sig_alg,
|
||||||
.hash_alg = key->hash_alg,
|
.hash_alg = key->hash_alg,
|
||||||
@@ -369,7 +369,7 @@ int vb2_public_key_read_keyb(struct vb2_public_key **key_ptr,
|
|||||||
memcpy(key_buf, key_data, key_size);
|
memcpy(key_buf, key_data, key_size);
|
||||||
free(key_data);
|
free(key_data);
|
||||||
|
|
||||||
if (vb2_unpack_key2_data(key, key_buf, key_size)) {
|
if (vb2_unpack_key_data(key, key_buf, key_size)) {
|
||||||
vb2_public_key_free(key);
|
vb2_public_key_free(key);
|
||||||
return VB2_ERROR_READ_KEYB_UNPACK;
|
return VB2_ERROR_READ_KEYB_UNPACK;
|
||||||
}
|
}
|
||||||
@@ -395,8 +395,8 @@ int vb2_public_key_set_desc(struct vb2_public_key *key, const char *desc)
|
|||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_packed_key2_read(struct vb2_packed_key2 **key_ptr,
|
int vb2_packed_key_read(struct vb2_packed_key **key_ptr,
|
||||||
const char *filename)
|
const char *filename)
|
||||||
{
|
{
|
||||||
struct vb2_public_key key;
|
struct vb2_public_key key;
|
||||||
uint8_t *buf;
|
uint8_t *buf;
|
||||||
@@ -408,21 +408,21 @@ int vb2_packed_key2_read(struct vb2_packed_key2 **key_ptr,
|
|||||||
return VB2_ERROR_READ_PACKED_KEY_DATA;
|
return VB2_ERROR_READ_PACKED_KEY_DATA;
|
||||||
|
|
||||||
/* Sanity check: make sure key unpacks properly */
|
/* Sanity check: make sure key unpacks properly */
|
||||||
if (vb2_unpack_key2(&key, buf, size))
|
if (vb2_unpack_key(&key, buf, size))
|
||||||
return VB2_ERROR_READ_PACKED_KEY;
|
return VB2_ERROR_READ_PACKED_KEY;
|
||||||
|
|
||||||
*key_ptr = (struct vb2_packed_key2 *)buf;
|
*key_ptr = (struct vb2_packed_key *)buf;
|
||||||
|
|
||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_public_key_pack(struct vb2_packed_key2 **key_ptr,
|
int vb2_public_key_pack(struct vb2_packed_key **key_ptr,
|
||||||
const struct vb2_public_key *pubk)
|
const struct vb2_public_key *pubk)
|
||||||
{
|
{
|
||||||
struct vb2_packed_key2 key = {
|
struct vb2_packed_key key = {
|
||||||
.c.magic = VB2_MAGIC_PACKED_KEY2,
|
.c.magic = VB2_MAGIC_PACKED_KEY,
|
||||||
.c.struct_version_major = VB2_PACKED_KEY2_VERSION_MAJOR,
|
.c.struct_version_major = VB2_PACKED_KEY_VERSION_MAJOR,
|
||||||
.c.struct_version_minor = VB2_PACKED_KEY2_VERSION_MINOR,
|
.c.struct_version_minor = VB2_PACKED_KEY_VERSION_MINOR,
|
||||||
};
|
};
|
||||||
uint8_t *buf;
|
uint8_t *buf;
|
||||||
uint32_t *buf32;
|
uint32_t *buf32;
|
||||||
@@ -470,7 +470,7 @@ int vb2_public_key_pack(struct vb2_packed_key2 **key_ptr,
|
|||||||
pubk->arrsize * sizeof(uint32_t));
|
pubk->arrsize * sizeof(uint32_t));
|
||||||
}
|
}
|
||||||
|
|
||||||
*key_ptr = (struct vb2_packed_key2 *)buf;
|
*key_ptr = (struct vb2_packed_key *)buf;
|
||||||
|
|
||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -15,23 +15,23 @@
|
|||||||
#include "host_misc.h"
|
#include "host_misc.h"
|
||||||
#include "host_signature2.h"
|
#include "host_signature2.h"
|
||||||
|
|
||||||
int vb2_keyblock_create(struct vb2_keyblock2 **kb_ptr,
|
int vb2_keyblock_create(struct vb2_keyblock **kb_ptr,
|
||||||
const struct vb2_public_key *data_key,
|
const struct vb2_public_key *data_key,
|
||||||
const struct vb2_private_key **signing_keys,
|
const struct vb2_private_key **signing_keys,
|
||||||
uint32_t signing_key_count,
|
uint32_t signing_key_count,
|
||||||
uint32_t flags,
|
uint32_t flags,
|
||||||
const char *desc)
|
const char *desc)
|
||||||
{
|
{
|
||||||
struct vb2_keyblock2 kb = {
|
struct vb2_keyblock kb = {
|
||||||
.c.magic = VB2_MAGIC_KEYBLOCK2,
|
.c.magic = VB2_MAGIC_KEYBLOCK,
|
||||||
.c.struct_version_major = VB2_KEYBLOCK2_VERSION_MAJOR,
|
.c.struct_version_major = VB2_KEYBLOCK_VERSION_MAJOR,
|
||||||
.c.struct_version_minor = VB2_KEYBLOCK2_VERSION_MAJOR,
|
.c.struct_version_minor = VB2_KEYBLOCK_VERSION_MAJOR,
|
||||||
.c.fixed_size = sizeof(kb),
|
.c.fixed_size = sizeof(kb),
|
||||||
.flags = flags,
|
.flags = flags,
|
||||||
.sig_count = signing_key_count,
|
.sig_count = signing_key_count,
|
||||||
};
|
};
|
||||||
|
|
||||||
struct vb2_packed_key2 *key = NULL;
|
struct vb2_packed_key *key = NULL;
|
||||||
uint32_t sig_size;
|
uint32_t sig_size;
|
||||||
uint8_t *buf;
|
uint8_t *buf;
|
||||||
|
|
||||||
@@ -72,6 +72,6 @@ int vb2_keyblock_create(struct vb2_keyblock2 **kb_ptr,
|
|||||||
return VB2_KEYBLOCK_CREATE_SIGN;
|
return VB2_KEYBLOCK_CREATE_SIGN;
|
||||||
}
|
}
|
||||||
|
|
||||||
*kb_ptr = (struct vb2_keyblock2 *)buf;
|
*kb_ptr = (struct vb2_keyblock *)buf;
|
||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -79,16 +79,16 @@ static int vb2_digest_info(enum vb2_hash_algorithm hash_alg,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_sign_data(struct vb2_signature2 **sig_ptr,
|
int vb2_sign_data(struct vb2_signature **sig_ptr,
|
||||||
const uint8_t *data,
|
const uint8_t *data,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_private_key *key,
|
const struct vb2_private_key *key,
|
||||||
const char *desc)
|
const char *desc)
|
||||||
{
|
{
|
||||||
struct vb2_signature2 s = {
|
struct vb2_signature s = {
|
||||||
.c.magic = VB2_MAGIC_SIGNATURE2,
|
.c.magic = VB2_MAGIC_SIGNATURE,
|
||||||
.c.struct_version_major = VB2_SIGNATURE2_VERSION_MAJOR,
|
.c.struct_version_major = VB2_SIGNATURE_VERSION_MAJOR,
|
||||||
.c.struct_version_minor = VB2_SIGNATURE2_VERSION_MINOR,
|
.c.struct_version_minor = VB2_SIGNATURE_VERSION_MINOR,
|
||||||
.c.fixed_size = sizeof(s),
|
.c.fixed_size = sizeof(s),
|
||||||
.sig_alg = key->sig_alg,
|
.sig_alg = key->sig_alg,
|
||||||
.hash_alg = key->hash_alg,
|
.hash_alg = key->hash_alg,
|
||||||
@@ -179,7 +179,7 @@ int vb2_sign_data(struct vb2_signature2 **sig_ptr,
|
|||||||
}
|
}
|
||||||
|
|
||||||
free(sig_digest);
|
free(sig_digest);
|
||||||
*sig_ptr = (struct vb2_signature2 *)buf;
|
*sig_ptr = (struct vb2_signature *)buf;
|
||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -192,7 +192,7 @@ int vb2_sig_size_for_key(uint32_t *size_ptr,
|
|||||||
if (!size)
|
if (!size)
|
||||||
return VB2_ERROR_SIG_SIZE_FOR_KEY;
|
return VB2_ERROR_SIG_SIZE_FOR_KEY;
|
||||||
|
|
||||||
size += sizeof(struct vb2_signature2);
|
size += sizeof(struct vb2_signature);
|
||||||
size += vb2_desc_size(desc ? desc : key->desc);
|
size += vb2_desc_size(desc ? desc : key->desc);
|
||||||
|
|
||||||
*size_ptr = size;
|
*size_ptr = size;
|
||||||
@@ -225,7 +225,7 @@ int vb2_sign_object(uint8_t *buf,
|
|||||||
const char *desc)
|
const char *desc)
|
||||||
{
|
{
|
||||||
struct vb2_struct_common *c = (struct vb2_struct_common *)buf;
|
struct vb2_struct_common *c = (struct vb2_struct_common *)buf;
|
||||||
struct vb2_signature2 *sig = NULL;
|
struct vb2_signature *sig = NULL;
|
||||||
int rv;
|
int rv;
|
||||||
|
|
||||||
rv = vb2_sign_data(&sig, buf, sig_offset, key, desc);
|
rv = vb2_sign_data(&sig, buf, sig_offset, key, desc);
|
||||||
@@ -253,7 +253,7 @@ int vb2_sign_object_multiple(uint8_t *buf,
|
|||||||
int rv, i;
|
int rv, i;
|
||||||
|
|
||||||
for (i = 0; i < key_count; i++) {
|
for (i = 0; i < key_count; i++) {
|
||||||
struct vb2_signature2 *sig = NULL;
|
struct vb2_signature *sig = NULL;
|
||||||
|
|
||||||
rv = vb2_sign_data(&sig, buf, sig_offset, key_list[i], NULL);
|
rv = vb2_sign_data(&sig, buf, sig_offset, key_list[i], NULL);
|
||||||
if (rv)
|
if (rv)
|
||||||
|
|||||||
@@ -25,9 +25,9 @@ struct vb2_private_key;
|
|||||||
* @param desc Description for preamble, or NULL if none
|
* @param desc Description for preamble, or NULL if none
|
||||||
* @return VB2_SUCCESS, or non-zero error code if failure.
|
* @return VB2_SUCCESS, or non-zero error code if failure.
|
||||||
*/
|
*/
|
||||||
int vb2_fw_preamble_create(struct vb2_fw_preamble2 **fp_ptr,
|
int vb2_fw_preamble_create(struct vb2_fw_preamble **fp_ptr,
|
||||||
const struct vb2_private_key *signing_key,
|
const struct vb2_private_key *signing_key,
|
||||||
const struct vb2_signature2 **hash_list,
|
const struct vb2_signature **hash_list,
|
||||||
uint32_t hash_count,
|
uint32_t hash_count,
|
||||||
uint32_t fw_version,
|
uint32_t fw_version,
|
||||||
uint32_t flags,
|
uint32_t flags,
|
||||||
|
|||||||
@@ -29,7 +29,7 @@ struct vb2_private_key {
|
|||||||
void vb2_private_key_free(struct vb2_private_key *key);
|
void vb2_private_key_free(struct vb2_private_key *key);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Unpack a private key from vb2_packed_private_key2 format.
|
* Unpack a private key from vb2_packed_private_key format.
|
||||||
*
|
*
|
||||||
* @param key_ptr Destination for newly allocated key; this must be
|
* @param key_ptr Destination for newly allocated key; this must be
|
||||||
* freed with vb2_private_key_free().
|
* freed with vb2_private_key_free().
|
||||||
@@ -42,7 +42,7 @@ int vb2_private_key_unpack(struct vb2_private_key **key_ptr,
|
|||||||
uint32_t size);
|
uint32_t size);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Read a private key from vb2_packed_private_key2 format.
|
* Read a private key from vb2_packed_private_key format.
|
||||||
*
|
*
|
||||||
* @param key_ptr Destination for newly allocated key; this must be
|
* @param key_ptr Destination for newly allocated key; this must be
|
||||||
* freed with vb2_private_key_free().
|
* freed with vb2_private_key_free().
|
||||||
@@ -76,7 +76,7 @@ int vb2_private_key_read_pem(struct vb2_private_key **key_ptr,
|
|||||||
int vb2_private_key_set_desc(struct vb2_private_key *key, const char *desc);
|
int vb2_private_key_set_desc(struct vb2_private_key *key, const char *desc);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Write a private key to vb2_packed_private_key2 format.
|
* Write a private key to vb2_packed_private_key format.
|
||||||
*
|
*
|
||||||
* @param key Key to write
|
* @param key Key to write
|
||||||
* @param filename File to write key data to.
|
* @param filename File to write key data to.
|
||||||
@@ -101,7 +101,7 @@ int vb2_private_key_hash(const struct vb2_private_key **key_ptr,
|
|||||||
*
|
*
|
||||||
* Note that this should ONLY be called for public keys allocated via one
|
* Note that this should ONLY be called for public keys allocated via one
|
||||||
* of those functions; public keys created or filled in other ways (such as
|
* of those functions; public keys created or filled in other ways (such as
|
||||||
* vb2_unpack_key2()) do not allocate memory for sub-fields in the same way.
|
* vb2_unpack_key()) do not allocate memory for sub-fields in the same way.
|
||||||
*
|
*
|
||||||
* @param key Key to free
|
* @param key Key to free
|
||||||
*/
|
*/
|
||||||
@@ -133,17 +133,17 @@ int vb2_public_key_read_keyb(struct vb2_public_key **key_ptr,
|
|||||||
int vb2_public_key_set_desc(struct vb2_public_key *key, const char *desc);
|
int vb2_public_key_set_desc(struct vb2_public_key *key, const char *desc);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Read a public key in vb2_packed_key2 format.
|
* Read a public key in vb2_packed_key format.
|
||||||
*
|
*
|
||||||
* @param key_ptr On success, points to the newly allocated key buffer.
|
* @param key_ptr On success, points to the newly allocated key buffer.
|
||||||
* Caller is responsible for calling free() on this.
|
* Caller is responsible for calling free() on this.
|
||||||
* @return VB2_SUCCESS, or non-zero if error.
|
* @return VB2_SUCCESS, or non-zero if error.
|
||||||
*/
|
*/
|
||||||
int vb2_packed_key2_read(struct vb2_packed_key2 **key_ptr,
|
int vb2_packed_key_read(struct vb2_packed_key **key_ptr,
|
||||||
const char *filename);
|
const char *filename);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pack a public key into vb2_packed_key2 format.
|
* Pack a public key into vb2_packed_key format.
|
||||||
*
|
*
|
||||||
* @param pubk Public key to pack
|
* @param pubk Public key to pack
|
||||||
* @param key_ptr On success, points to a newly allocated packed key
|
* @param key_ptr On success, points to a newly allocated packed key
|
||||||
@@ -151,7 +151,7 @@ int vb2_packed_key2_read(struct vb2_packed_key2 **key_ptr,
|
|||||||
* this.
|
* this.
|
||||||
* @return VB2_SUCCESS, or non-zero if error.
|
* @return VB2_SUCCESS, or non-zero if error.
|
||||||
*/
|
*/
|
||||||
int vb2_public_key_pack(struct vb2_packed_key2 **key_ptr,
|
int vb2_public_key_pack(struct vb2_packed_key **key_ptr,
|
||||||
const struct vb2_public_key *pubk);
|
const struct vb2_public_key *pubk);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@@ -26,7 +26,7 @@ struct vb2_public_key;
|
|||||||
* taken from the data key.
|
* taken from the data key.
|
||||||
* @return VB2_SUCCESS, or non-zero error code if failure.
|
* @return VB2_SUCCESS, or non-zero error code if failure.
|
||||||
*/
|
*/
|
||||||
int vb2_keyblock_create(struct vb2_keyblock2 **kb_ptr,
|
int vb2_keyblock_create(struct vb2_keyblock **kb_ptr,
|
||||||
const struct vb2_public_key *data_key,
|
const struct vb2_public_key *data_key,
|
||||||
const struct vb2_private_key **signing_keys,
|
const struct vb2_private_key **signing_keys,
|
||||||
uint32_t signing_key_count,
|
uint32_t signing_key_count,
|
||||||
|
|||||||
@@ -24,7 +24,7 @@ struct vb2_private_key;
|
|||||||
* key description will be used.
|
* key description will be used.
|
||||||
* @return VB2_SUCCESS, or non-zero error code on failure.
|
* @return VB2_SUCCESS, or non-zero error code on failure.
|
||||||
*/
|
*/
|
||||||
int vb2_sign_data(struct vb2_signature2 **sig_ptr,
|
int vb2_sign_data(struct vb2_signature **sig_ptr,
|
||||||
const uint8_t *data,
|
const uint8_t *data,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_private_key *key,
|
const struct vb2_private_key *key,
|
||||||
|
|||||||
@@ -333,13 +333,13 @@ static void verify_preamble_tests(void)
|
|||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->firmware_version = 0x10000;
|
pre->firmware_version = 0x10000;
|
||||||
TEST_EQ(vb2_load_fw_preamble(&cc),
|
TEST_EQ(vb2_load_fw_preamble(&cc),
|
||||||
VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE,
|
VB2_ERROR_FW_PREAMBLE_VERSION_RANGE,
|
||||||
"preamble version range");
|
"preamble version range");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->firmware_version = 1;
|
pre->firmware_version = 1;
|
||||||
TEST_EQ(vb2_load_fw_preamble(&cc),
|
TEST_EQ(vb2_load_fw_preamble(&cc),
|
||||||
VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK,
|
VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK,
|
||||||
"preamble version rollback");
|
"preamble version rollback");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
|
|||||||
@@ -54,8 +54,8 @@ enum reset_type {
|
|||||||
static void reset_common_data(enum reset_type t)
|
static void reset_common_data(enum reset_type t)
|
||||||
{
|
{
|
||||||
const struct vb2_private_key *hash_key;
|
const struct vb2_private_key *hash_key;
|
||||||
struct vb2_fw_preamble2 *pre;
|
struct vb2_fw_preamble *pre;
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
uint32_t sig_offset;
|
uint32_t sig_offset;
|
||||||
|
|
||||||
int i;
|
int i;
|
||||||
@@ -80,7 +80,7 @@ static void reset_common_data(enum reset_type t)
|
|||||||
vb2_private_key_hash(&hash_key, mock_hash_alg);
|
vb2_private_key_hash(&hash_key, mock_hash_alg);
|
||||||
|
|
||||||
sd->workbuf_preamble_offset = ctx.workbuf_used;
|
sd->workbuf_preamble_offset = ctx.workbuf_used;
|
||||||
pre = (struct vb2_fw_preamble2 *)
|
pre = (struct vb2_fw_preamble *)
|
||||||
(ctx.workbuf + sd->workbuf_preamble_offset);
|
(ctx.workbuf + sd->workbuf_preamble_offset);
|
||||||
pre->hash_count = 3;
|
pre->hash_count = 3;
|
||||||
pre->hash_offset = sig_offset = sizeof(*pre);
|
pre->hash_offset = sig_offset = sizeof(*pre);
|
||||||
@@ -108,12 +108,12 @@ static void reset_common_data(enum reset_type t)
|
|||||||
|
|
||||||
/* Mocked functions */
|
/* Mocked functions */
|
||||||
|
|
||||||
int vb2_load_fw_keyblock2(struct vb2_context *ctx)
|
int vb2_load_fw_keyblock(struct vb2_context *ctx)
|
||||||
{
|
{
|
||||||
return retval_vb2_load_fw_keyblock;
|
return retval_vb2_load_fw_keyblock;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_load_fw_preamble2(struct vb2_context *ctx)
|
int vb2_load_fw_preamble(struct vb2_context *ctx)
|
||||||
{
|
{
|
||||||
return retval_vb2_load_fw_preamble;
|
return retval_vb2_load_fw_preamble;
|
||||||
}
|
}
|
||||||
@@ -123,32 +123,32 @@ int vb2_load_fw_preamble2(struct vb2_context *ctx)
|
|||||||
static void phase3_tests(void)
|
static void phase3_tests(void)
|
||||||
{
|
{
|
||||||
reset_common_data(FOR_MISC);
|
reset_common_data(FOR_MISC);
|
||||||
TEST_SUCC(vb2api_fw_phase3_2(&ctx), "phase3 good");
|
TEST_SUCC(vb2api_fw_phase3(&ctx), "phase3 good");
|
||||||
|
|
||||||
reset_common_data(FOR_MISC);
|
reset_common_data(FOR_MISC);
|
||||||
retval_vb2_load_fw_keyblock = VB2_ERROR_MOCK;
|
retval_vb2_load_fw_keyblock = VB2_ERROR_MOCK;
|
||||||
TEST_EQ(vb2api_fw_phase3_2(&ctx), VB2_ERROR_MOCK, "phase3 keyblock");
|
TEST_EQ(vb2api_fw_phase3(&ctx), VB2_ERROR_MOCK, "phase3 keyblock");
|
||||||
TEST_EQ(vb2_nv_get(&ctx, VB2_NV_RECOVERY_REQUEST),
|
TEST_EQ(vb2_nv_get(&ctx, VB2_NV_RECOVERY_REQUEST),
|
||||||
VB2_RECOVERY_RO_INVALID_RW, " recovery reason");
|
VB2_RECOVERY_RO_INVALID_RW, " recovery reason");
|
||||||
|
|
||||||
reset_common_data(FOR_MISC);
|
reset_common_data(FOR_MISC);
|
||||||
retval_vb2_load_fw_preamble = VB2_ERROR_MOCK;
|
retval_vb2_load_fw_preamble = VB2_ERROR_MOCK;
|
||||||
TEST_EQ(vb2api_fw_phase3_2(&ctx), VB2_ERROR_MOCK, "phase3 keyblock");
|
TEST_EQ(vb2api_fw_phase3(&ctx), VB2_ERROR_MOCK, "phase3 keyblock");
|
||||||
TEST_EQ(vb2_nv_get(&ctx, VB2_NV_RECOVERY_REQUEST),
|
TEST_EQ(vb2_nv_get(&ctx, VB2_NV_RECOVERY_REQUEST),
|
||||||
VB2_RECOVERY_RO_INVALID_RW, " recovery reason");
|
VB2_RECOVERY_RO_INVALID_RW, " recovery reason");
|
||||||
}
|
}
|
||||||
|
|
||||||
static void init_hash_tests(void)
|
static void init_hash_tests(void)
|
||||||
{
|
{
|
||||||
struct vb2_fw_preamble2 *pre;
|
struct vb2_fw_preamble *pre;
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
int wb_used_before;
|
int wb_used_before;
|
||||||
uint32_t size;
|
uint32_t size;
|
||||||
|
|
||||||
reset_common_data(FOR_MISC);
|
reset_common_data(FOR_MISC);
|
||||||
pre = (struct vb2_fw_preamble2 *)
|
pre = (struct vb2_fw_preamble *)
|
||||||
(ctx.workbuf + sd->workbuf_preamble_offset);
|
(ctx.workbuf + sd->workbuf_preamble_offset);
|
||||||
sig = (struct vb2_signature2 *)((uint8_t *)pre + pre->hash_offset);
|
sig = (struct vb2_signature *)((uint8_t *)pre + pre->hash_offset);
|
||||||
|
|
||||||
wb_used_before = ctx.workbuf_used;
|
wb_used_before = ctx.workbuf_used;
|
||||||
TEST_SUCC(vb2api_init_hash2(&ctx, test_guid, &size),
|
TEST_SUCC(vb2api_init_hash2(&ctx, test_guid, &size),
|
||||||
@@ -233,48 +233,48 @@ static void extend_hash_tests(void)
|
|||||||
|
|
||||||
static void check_hash_tests(void)
|
static void check_hash_tests(void)
|
||||||
{
|
{
|
||||||
struct vb2_fw_preamble2 *pre;
|
struct vb2_fw_preamble *pre;
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
struct vb2_digest_context *dc;
|
struct vb2_digest_context *dc;
|
||||||
|
|
||||||
reset_common_data(FOR_CHECK_HASH);
|
reset_common_data(FOR_CHECK_HASH);
|
||||||
pre = (struct vb2_fw_preamble2 *)
|
pre = (struct vb2_fw_preamble *)
|
||||||
(ctx.workbuf + sd->workbuf_preamble_offset);
|
(ctx.workbuf + sd->workbuf_preamble_offset);
|
||||||
sig = (struct vb2_signature2 *)((uint8_t *)pre + pre->hash_offset);
|
sig = (struct vb2_signature *)((uint8_t *)pre + pre->hash_offset);
|
||||||
dc = (struct vb2_digest_context *)
|
dc = (struct vb2_digest_context *)
|
||||||
(ctx.workbuf + sd->workbuf_hash_offset);
|
(ctx.workbuf + sd->workbuf_hash_offset);
|
||||||
|
|
||||||
TEST_SUCC(vb2api_check_hash2(&ctx), "check hash good");
|
TEST_SUCC(vb2api_check_hash(&ctx), "check hash good");
|
||||||
|
|
||||||
reset_common_data(FOR_CHECK_HASH);
|
reset_common_data(FOR_CHECK_HASH);
|
||||||
sd->hash_tag = 0;
|
sd->hash_tag = 0;
|
||||||
TEST_EQ(vb2api_check_hash2(&ctx),
|
TEST_EQ(vb2api_check_hash(&ctx),
|
||||||
VB2_ERROR_API_CHECK_HASH_TAG, "check hash tag");
|
VB2_ERROR_API_CHECK_HASH_TAG, "check hash tag");
|
||||||
|
|
||||||
reset_common_data(FOR_CHECK_HASH);
|
reset_common_data(FOR_CHECK_HASH);
|
||||||
sd->workbuf_hash_size = 0;
|
sd->workbuf_hash_size = 0;
|
||||||
TEST_EQ(vb2api_check_hash2(&ctx),
|
TEST_EQ(vb2api_check_hash(&ctx),
|
||||||
VB2_ERROR_API_CHECK_HASH_WORKBUF, "check hash no workbuf");
|
VB2_ERROR_API_CHECK_HASH_WORKBUF, "check hash no workbuf");
|
||||||
|
|
||||||
reset_common_data(FOR_CHECK_HASH);
|
reset_common_data(FOR_CHECK_HASH);
|
||||||
sd->hash_remaining_size = 1;
|
sd->hash_remaining_size = 1;
|
||||||
TEST_EQ(vb2api_check_hash2(&ctx),
|
TEST_EQ(vb2api_check_hash(&ctx),
|
||||||
VB2_ERROR_API_CHECK_HASH_SIZE, "check hash size");
|
VB2_ERROR_API_CHECK_HASH_SIZE, "check hash size");
|
||||||
|
|
||||||
reset_common_data(FOR_CHECK_HASH);
|
reset_common_data(FOR_CHECK_HASH);
|
||||||
ctx.workbuf_used = ctx.workbuf_size;
|
ctx.workbuf_used = ctx.workbuf_size;
|
||||||
TEST_EQ(vb2api_check_hash2(&ctx),
|
TEST_EQ(vb2api_check_hash(&ctx),
|
||||||
VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST, "check hash workbuf");
|
VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST, "check hash workbuf");
|
||||||
|
|
||||||
reset_common_data(FOR_CHECK_HASH);
|
reset_common_data(FOR_CHECK_HASH);
|
||||||
dc->hash_alg = VB2_HASH_INVALID;
|
dc->hash_alg = VB2_HASH_INVALID;
|
||||||
*((uint8_t *)sig + sig->sig_offset) ^= 0x55;
|
*((uint8_t *)sig + sig->sig_offset) ^= 0x55;
|
||||||
TEST_EQ(vb2api_check_hash2(&ctx),
|
TEST_EQ(vb2api_check_hash(&ctx),
|
||||||
VB2_ERROR_SHA_FINALIZE_ALGORITHM, "check hash finalize");
|
VB2_ERROR_SHA_FINALIZE_ALGORITHM, "check hash finalize");
|
||||||
|
|
||||||
reset_common_data(FOR_CHECK_HASH);
|
reset_common_data(FOR_CHECK_HASH);
|
||||||
*((uint8_t *)sig + sig->sig_offset) ^= 0x55;
|
*((uint8_t *)sig + sig->sig_offset) ^= 0x55;
|
||||||
TEST_EQ(vb2api_check_hash2(&ctx),
|
TEST_EQ(vb2api_check_hash(&ctx),
|
||||||
VB2_ERROR_API_CHECK_HASH_SIG, "check hash sig");
|
VB2_ERROR_API_CHECK_HASH_SIG, "check hash sig");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -22,48 +22,48 @@
|
|||||||
static const uint8_t test_data[] = "This is some test data to sign.";
|
static const uint8_t test_data[] = "This is some test data to sign.";
|
||||||
static const uint32_t test_size = sizeof(test_data);
|
static const uint32_t test_size = sizeof(test_data);
|
||||||
|
|
||||||
static void test_unpack_key2(const struct vb2_packed_key2 *key)
|
static void test_unpack_key(const struct vb2_packed_key *key)
|
||||||
{
|
{
|
||||||
struct vb2_public_key pubk;
|
struct vb2_public_key pubk;
|
||||||
struct vb2_packed_key2 *key2;
|
struct vb2_packed_key *key2;
|
||||||
uint32_t size = key->c.total_size;
|
uint32_t size = key->c.total_size;
|
||||||
|
|
||||||
/* Make a copy of the key for testing */
|
/* Make a copy of the key for testing */
|
||||||
key2 = (struct vb2_packed_key2 *)malloc(size);
|
key2 = (struct vb2_packed_key *)malloc(size);
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
"vb2_unpack_key2() ok");
|
"vb2_unpack_key() ok");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->key_offset += 4;
|
key2->key_offset += 4;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_COMMON_MEMBER_SIZE,
|
VB2_ERROR_COMMON_MEMBER_SIZE,
|
||||||
"vb2_unpack_key2() buffer too small");
|
"vb2_unpack_key() buffer too small");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->c.fixed_size += size;
|
key2->c.fixed_size += size;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_COMMON_FIXED_SIZE,
|
VB2_ERROR_COMMON_FIXED_SIZE,
|
||||||
"vb2_unpack_key2() buffer too small for desc");
|
"vb2_unpack_key() buffer too small for desc");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->c.desc_size = 0;
|
key2->c.desc_size = 0;
|
||||||
TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
"vb2_unpack_key2() no desc");
|
"vb2_unpack_key() no desc");
|
||||||
TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string");
|
TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->c.magic++;
|
key2->c.magic++;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_UNPACK_KEY_MAGIC,
|
VB2_ERROR_UNPACK_KEY_MAGIC,
|
||||||
"vb2_unpack_key2() bad magic");
|
"vb2_unpack_key() bad magic");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->c.struct_version_major++;
|
key2->c.struct_version_major++;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_UNPACK_KEY_STRUCT_VERSION,
|
VB2_ERROR_UNPACK_KEY_STRUCT_VERSION,
|
||||||
"vb2_unpack_key2() bad major version");
|
"vb2_unpack_key() bad major version");
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Minor version changes are ok. Note that this test assumes that the
|
* Minor version changes are ok. Note that this test assumes that the
|
||||||
@@ -76,104 +76,104 @@ static void test_unpack_key2(const struct vb2_packed_key2 *key)
|
|||||||
*/
|
*/
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->c.struct_version_minor++;
|
key2->c.struct_version_minor++;
|
||||||
TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
"vb2_unpack_key2() minor version change ok");
|
"vb2_unpack_key() minor version change ok");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->sig_alg = VB2_SIG_INVALID;
|
key2->sig_alg = VB2_SIG_INVALID;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
|
VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
|
||||||
"vb2_unpack_key2() bad sig algorithm");
|
"vb2_unpack_key() bad sig algorithm");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->hash_alg = VB2_HASH_INVALID;
|
key2->hash_alg = VB2_HASH_INVALID;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
|
VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
|
||||||
"vb2_unpack_key2() bad hash algorithm");
|
"vb2_unpack_key() bad hash algorithm");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->key_size -= 4;
|
key2->key_size -= 4;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_UNPACK_KEY_SIZE,
|
VB2_ERROR_UNPACK_KEY_SIZE,
|
||||||
"vb2_unpack_key2() invalid size");
|
"vb2_unpack_key() invalid size");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
key2->key_offset--;
|
key2->key_offset--;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_COMMON_MEMBER_UNALIGNED,
|
VB2_ERROR_COMMON_MEMBER_UNALIGNED,
|
||||||
"vb2_unpack_key2() unaligned data");
|
"vb2_unpack_key() unaligned data");
|
||||||
|
|
||||||
memcpy(key2, key, size);
|
memcpy(key2, key, size);
|
||||||
*(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2;
|
*(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2;
|
||||||
TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
|
TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size),
|
||||||
VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
|
VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
|
||||||
"vb2_unpack_key2() invalid key array size");
|
"vb2_unpack_key() invalid key array size");
|
||||||
|
|
||||||
free(key2);
|
free(key2);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_verify_signature2(const struct vb2_signature2 *sig)
|
static void test_verify_signature(const struct vb2_signature *sig)
|
||||||
{
|
{
|
||||||
struct vb2_signature2 *sig2;
|
struct vb2_signature *sig2;
|
||||||
uint8_t *buf2;
|
uint8_t *buf2;
|
||||||
uint32_t size;
|
uint32_t size;
|
||||||
|
|
||||||
/* Make a copy of the signature */
|
/* Make a copy of the signature */
|
||||||
size = sig->c.total_size;
|
size = sig->c.total_size;
|
||||||
buf2 = malloc(size);
|
buf2 = malloc(size);
|
||||||
sig2 = (struct vb2_signature2 *)buf2;
|
sig2 = (struct vb2_signature *)buf2;
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig ok");
|
TEST_SUCC(vb2_verify_signature(sig2, size), "verify_sig ok");
|
||||||
sig2->c.magic = VB2_MAGIC_PACKED_KEY2;
|
sig2->c.magic = VB2_MAGIC_PACKED_KEY;
|
||||||
TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_MAGIC,
|
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_MAGIC,
|
||||||
"verify_sig magic");
|
"verify_sig magic");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->c.total_size += 4;
|
sig2->c.total_size += 4;
|
||||||
TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE,
|
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE,
|
||||||
"verify_sig common header");
|
"verify_sig common header");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->c.struct_version_minor++;
|
sig2->c.struct_version_minor++;
|
||||||
TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig minor ver");
|
TEST_SUCC(vb2_verify_signature(sig2, size), "verify_sig minor ver");
|
||||||
sig2->c.struct_version_major++;
|
sig2->c.struct_version_major++;
|
||||||
TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_VERSION,
|
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_VERSION,
|
||||||
"verify_sig major ver");
|
"verify_sig major ver");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->c.fixed_size -= 4;
|
sig2->c.fixed_size -= 4;
|
||||||
sig2->c.desc_size += 4;
|
sig2->c.desc_size += 4;
|
||||||
TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_HEADER_SIZE,
|
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_HEADER_SIZE,
|
||||||
"verify_sig header size");
|
"verify_sig header size");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->sig_size += 4;
|
sig2->sig_size += 4;
|
||||||
TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE,
|
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE,
|
||||||
"verify_sig sig size");
|
"verify_sig sig size");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->sig_alg = VB2_SIG_INVALID;
|
sig2->sig_alg = VB2_SIG_INVALID;
|
||||||
TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_ALGORITHM,
|
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_ALGORITHM,
|
||||||
"verify_sig sig alg");
|
"verify_sig sig alg");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ?
|
sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ?
|
||||||
VB2_SIG_RSA1024 : VB2_SIG_NONE);
|
VB2_SIG_RSA1024 : VB2_SIG_NONE);
|
||||||
TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_SIZE,
|
TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_SIZE,
|
||||||
"verify_sig sig size");
|
"verify_sig sig size");
|
||||||
|
|
||||||
free(buf2);
|
free(buf2);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_verify_data2(const struct vb2_public_key *pubk_orig,
|
static void test_verify_data(const struct vb2_public_key *pubk_orig,
|
||||||
const struct vb2_signature2 *sig)
|
const struct vb2_signature *sig)
|
||||||
{
|
{
|
||||||
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
|
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
|
||||||
struct vb2_workbuf wb;
|
struct vb2_workbuf wb;
|
||||||
|
|
||||||
struct vb2_public_key pubk;
|
struct vb2_public_key pubk;
|
||||||
struct vb2_signature2 *sig2;
|
struct vb2_signature *sig2;
|
||||||
uint8_t *buf2;
|
uint8_t *buf2;
|
||||||
uint32_t size;
|
uint32_t size;
|
||||||
|
|
||||||
@@ -184,53 +184,53 @@ static void test_verify_data2(const struct vb2_public_key *pubk_orig,
|
|||||||
/* Allocate signature copy for tests */
|
/* Allocate signature copy for tests */
|
||||||
size = sig->c.total_size;
|
size = sig->c.total_size;
|
||||||
buf2 = malloc(size);
|
buf2 = malloc(size);
|
||||||
sig2 = (struct vb2_signature2 *)buf2;
|
sig2 = (struct vb2_signature *)buf2;
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
pubk.sig_alg = VB2_SIG_INVALID;
|
pubk.sig_alg = VB2_SIG_INVALID;
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_ALGORITHM, "vb2_verify_data2() bad sig alg");
|
VB2_ERROR_VDATA_ALGORITHM, "vb2_verify_data() bad sig alg");
|
||||||
pubk = *pubk_orig;
|
pubk = *pubk_orig;
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
pubk.hash_alg = VB2_HASH_INVALID;
|
pubk.hash_alg = VB2_HASH_INVALID;
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_DIGEST_SIZE,
|
VB2_ERROR_VDATA_DIGEST_SIZE,
|
||||||
"vb2_verify_data2() bad hash alg");
|
"vb2_verify_data() bad hash alg");
|
||||||
pubk = *pubk_orig;
|
pubk = *pubk_orig;
|
||||||
|
|
||||||
vb2_workbuf_init(&wb, workbuf, 4);
|
vb2_workbuf_init(&wb, workbuf, 4);
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_WORKBUF_DIGEST,
|
VB2_ERROR_VDATA_WORKBUF_DIGEST,
|
||||||
"vb2_verify_data2() workbuf too small");
|
"vb2_verify_data() workbuf too small");
|
||||||
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
|
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
|
||||||
0, "vb2_verify_data2() ok");
|
0, "vb2_verify_data() ok");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->sig_size -= 16;
|
sig2->sig_size -= 16;
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_SIG_SIZE, "vb2_verify_data2() wrong sig size");
|
VB2_ERROR_VDATA_SIG_SIZE, "vb2_verify_data() wrong sig size");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size - 1, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size - 1, sig2, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_SIZE, "vb2_verify_data2() wrong data size");
|
VB2_ERROR_VDATA_SIZE, "vb2_verify_data() wrong data size");
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ?
|
sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ?
|
||||||
VB2_HASH_SHA256 : VB2_HASH_SHA1);
|
VB2_HASH_SHA256 : VB2_HASH_SHA1);
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
|
VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
|
||||||
"vb2_verify_data2() alg mismatch");
|
"vb2_verify_data() alg mismatch");
|
||||||
|
|
||||||
|
|
||||||
memcpy(buf2, sig, size);
|
memcpy(buf2, sig, size);
|
||||||
buf2[sig2->sig_offset] ^= 0x5A;
|
buf2[sig2->sig_offset] ^= 0x5A;
|
||||||
TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
|
||||||
VB2_ERROR_RSA_PADDING, "vb2_verify_data2() wrong sig");
|
VB2_ERROR_RSA_PADDING, "vb2_verify_data() wrong sig");
|
||||||
|
|
||||||
free(buf2);
|
free(buf2);
|
||||||
}
|
}
|
||||||
@@ -245,9 +245,9 @@ int test_algorithm(int key_algorithm, const char *keys_dir)
|
|||||||
enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm);
|
enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm);
|
||||||
|
|
||||||
struct vb2_private_key *prik = NULL;
|
struct vb2_private_key *prik = NULL;
|
||||||
struct vb2_signature2 *sig2 = NULL;
|
struct vb2_signature *sig2 = NULL;
|
||||||
struct vb2_public_key *pubk = NULL;
|
struct vb2_public_key *pubk = NULL;
|
||||||
struct vb2_packed_key2 *key2 = NULL;
|
struct vb2_packed_key *key2 = NULL;
|
||||||
|
|
||||||
printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
|
printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
|
||||||
|
|
||||||
@@ -269,9 +269,9 @@ int test_algorithm(int key_algorithm, const char *keys_dir)
|
|||||||
TEST_SUCC(vb2_sign_data(&sig2, test_data, test_size, prik, ""),
|
TEST_SUCC(vb2_sign_data(&sig2, test_data, test_size, prik, ""),
|
||||||
"Make test signature");
|
"Make test signature");
|
||||||
|
|
||||||
test_unpack_key2(key2);
|
test_unpack_key(key2);
|
||||||
test_verify_data2(pubk, sig2);
|
test_verify_data(pubk, sig2);
|
||||||
test_verify_signature2(sig2);
|
test_verify_signature(sig2);
|
||||||
|
|
||||||
free(key2);
|
free(key2);
|
||||||
free(sig2);
|
free(sig2);
|
||||||
|
|||||||
@@ -33,18 +33,18 @@ static void test_struct_packing(void)
|
|||||||
TEST_EQ(EXPECTED_VB2_STRUCT_COMMON_SIZE,
|
TEST_EQ(EXPECTED_VB2_STRUCT_COMMON_SIZE,
|
||||||
sizeof(struct vb2_struct_common),
|
sizeof(struct vb2_struct_common),
|
||||||
"sizeof(vb2_struct_common)");
|
"sizeof(vb2_struct_common)");
|
||||||
TEST_EQ(EXPECTED_VB2_PACKED_KEY2_SIZE,
|
TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
|
||||||
sizeof(struct vb2_packed_key2),
|
sizeof(struct vb2_packed_key),
|
||||||
"sizeof(vb2_packed_key2)");
|
"sizeof(vb2_packed_key)");
|
||||||
TEST_EQ(EXPECTED_VB2_SIGNATURE2_SIZE,
|
TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE,
|
||||||
sizeof(struct vb2_signature2),
|
sizeof(struct vb2_signature),
|
||||||
"sizeof(vb2_signature2)");
|
"sizeof(vb2_signature)");
|
||||||
TEST_EQ(EXPECTED_VB2_KEYBLOCK2_SIZE,
|
TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE,
|
||||||
sizeof(struct vb2_keyblock2),
|
sizeof(struct vb2_keyblock),
|
||||||
"sizeof(vb2_keyblock2)");
|
"sizeof(vb2_keyblock)");
|
||||||
TEST_EQ(EXPECTED_VB2_FW_PREAMBLE2_SIZE,
|
TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE,
|
||||||
sizeof(struct vb2_fw_preamble2),
|
sizeof(struct vb2_fw_preamble),
|
||||||
"sizeof(vb2_fw_preamble2)");
|
"sizeof(vb2_fw_preamble)");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -217,7 +217,7 @@ static void test_sig_size(void)
|
|||||||
*/
|
*/
|
||||||
static void test_verify_hash(void)
|
static void test_verify_hash(void)
|
||||||
{
|
{
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
const struct vb2_private_key *prik;
|
const struct vb2_private_key *prik;
|
||||||
struct vb2_public_key pubk;
|
struct vb2_public_key pubk;
|
||||||
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
|
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
|
||||||
@@ -231,17 +231,16 @@ static void test_verify_hash(void)
|
|||||||
"create hash key");
|
"create hash key");
|
||||||
|
|
||||||
/* Create the signature */
|
/* Create the signature */
|
||||||
TEST_SUCC(vb2_sign_data(&sig, test_data, sizeof(test_data),
|
TEST_SUCC(vb2_sign_data(&sig, test_data, sizeof(test_data), prik, NULL),
|
||||||
prik, NULL),
|
|
||||||
"create hash sig");
|
"create hash sig");
|
||||||
|
|
||||||
TEST_SUCC(vb2_verify_data2(test_data, sizeof(test_data),
|
TEST_SUCC(vb2_verify_data(test_data, sizeof(test_data),
|
||||||
sig, &pubk, &wb),
|
sig, &pubk, &wb),
|
||||||
"vb2_verify_data2() hash ok");
|
"vb2_verify_data() hash ok");
|
||||||
|
|
||||||
*((uint8_t *)sig + sig->sig_offset) ^= 0xab;
|
*((uint8_t *)sig + sig->sig_offset) ^= 0xab;
|
||||||
TEST_EQ(vb2_verify_data2(test_data, sizeof(test_data), sig, &pubk, &wb),
|
TEST_EQ(vb2_verify_data(test_data, sizeof(test_data), sig, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_VERIFY_DIGEST, "vb2_verify_data2() hash bad");
|
VB2_ERROR_VDATA_VERIFY_DIGEST, "vb2_verify_data() hash bad");
|
||||||
|
|
||||||
free(sig);
|
free(sig);
|
||||||
}
|
}
|
||||||
@@ -254,8 +253,8 @@ static void test_verify_keyblock(void)
|
|||||||
const char desc[16] = "test keyblock";
|
const char desc[16] = "test keyblock";
|
||||||
const struct vb2_private_key *prik[2];
|
const struct vb2_private_key *prik[2];
|
||||||
struct vb2_public_key pubk, pubk2, pubk3;
|
struct vb2_public_key pubk, pubk2, pubk3;
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
struct vb2_keyblock2 *kbuf;
|
struct vb2_keyblock *kbuf;
|
||||||
uint32_t buf_size;
|
uint32_t buf_size;
|
||||||
uint8_t *buf, *buf2;
|
uint8_t *buf, *buf2;
|
||||||
|
|
||||||
@@ -286,37 +285,37 @@ static void test_verify_keyblock(void)
|
|||||||
memcpy(buf2, buf, buf_size);
|
memcpy(buf2, buf, buf_size);
|
||||||
|
|
||||||
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
|
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
|
||||||
kbuf = (struct vb2_keyblock2 *)buf;
|
kbuf = (struct vb2_keyblock *)buf;
|
||||||
|
|
||||||
TEST_SUCC(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
"vb2_verify_keyblock2()");
|
"vb2_verify_keyblock()");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
TEST_SUCC(vb2_verify_keyblock2(kbuf, buf_size, &pubk2, &wb),
|
TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk2, &wb),
|
||||||
"vb2_verify_keyblock2() key 2");
|
"vb2_verify_keyblock() key 2");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk3, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk3, &wb),
|
||||||
VB2_ERROR_KEYBLOCK_SIG_GUID,
|
VB2_ERROR_KEYBLOCK_SIG_GUID,
|
||||||
"vb2_verify_keyblock2() key not present");
|
"vb2_verify_keyblock() key not present");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
kbuf->c.magic = VB2_MAGIC_PACKED_KEY2;
|
kbuf->c.magic = VB2_MAGIC_PACKED_KEY;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_KEYBLOCK_MAGIC,
|
VB2_ERROR_KEYBLOCK_MAGIC,
|
||||||
"vb2_verify_keyblock2() magic");
|
"vb2_verify_keyblock() magic");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
kbuf->c.fixed_size++;
|
kbuf->c.fixed_size++;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_COMMON_FIXED_UNALIGNED,
|
VB2_ERROR_COMMON_FIXED_UNALIGNED,
|
||||||
"vb2_verify_keyblock2() header");
|
"vb2_verify_keyblock() header");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
kbuf->c.struct_version_major++;
|
kbuf->c.struct_version_major++;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_KEYBLOCK_HEADER_VERSION,
|
VB2_ERROR_KEYBLOCK_HEADER_VERSION,
|
||||||
"vb2_verify_keyblock2() major version");
|
"vb2_verify_keyblock() major version");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
kbuf->c.struct_version_minor++;
|
kbuf->c.struct_version_minor++;
|
||||||
@@ -324,48 +323,48 @@ static void test_verify_keyblock(void)
|
|||||||
vb2_sign_data(&sig, buf, kbuf->sig_offset, prik[0], NULL);
|
vb2_sign_data(&sig, buf, kbuf->sig_offset, prik[0], NULL);
|
||||||
memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size);
|
memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size);
|
||||||
free(sig);
|
free(sig);
|
||||||
TEST_SUCC(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_SUCC(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
"vb2_verify_keyblock2() minor version");
|
"vb2_verify_keyblock() minor version");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
kbuf->c.fixed_size -= 4;
|
kbuf->c.fixed_size -= 4;
|
||||||
kbuf->c.desc_size += 4;
|
kbuf->c.desc_size += 4;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_KEYBLOCK_SIZE,
|
VB2_ERROR_KEYBLOCK_SIZE,
|
||||||
"vb2_verify_keyblock2() header size");
|
"vb2_verify_keyblock() header size");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
kbuf->key_offset = kbuf->c.total_size - 4;
|
kbuf->key_offset = kbuf->c.total_size - 4;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_COMMON_MEMBER_SIZE,
|
VB2_ERROR_COMMON_MEMBER_SIZE,
|
||||||
"vb2_verify_keyblock2() data key outside");
|
"vb2_verify_keyblock() data key outside");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
sig = (struct vb2_signature2 *)(buf + kbuf->sig_offset);
|
sig = (struct vb2_signature *)(buf + kbuf->sig_offset);
|
||||||
sig->data_size--;
|
sig->data_size--;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_KEYBLOCK_SIGNED_SIZE,
|
VB2_ERROR_KEYBLOCK_SIGNED_SIZE,
|
||||||
"vb2_verify_keyblock2() signed wrong size");
|
"vb2_verify_keyblock() signed wrong size");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
sig = (struct vb2_signature2 *)(buf + kbuf->sig_offset);
|
sig = (struct vb2_signature *)(buf + kbuf->sig_offset);
|
||||||
sig->c.total_size = kbuf->c.total_size - 4;
|
sig->c.total_size = kbuf->c.total_size - 4;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_COMMON_TOTAL_SIZE,
|
VB2_ERROR_COMMON_TOTAL_SIZE,
|
||||||
"vb2_verify_keyblock2() key outside keyblock");
|
"vb2_verify_keyblock() key outside keyblock");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
sig = (struct vb2_signature2 *)(buf + kbuf->sig_offset);
|
sig = (struct vb2_signature *)(buf + kbuf->sig_offset);
|
||||||
sig->c.struct_version_major++;
|
sig->c.struct_version_major++;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_SIG_VERSION,
|
VB2_ERROR_SIG_VERSION,
|
||||||
"vb2_verify_keyblock2() corrupt key");
|
"vb2_verify_keyblock() corrupt key");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
kbuf->c.struct_version_minor++;
|
kbuf->c.struct_version_minor++;
|
||||||
TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_keyblock(kbuf, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_VERIFY_DIGEST,
|
VB2_ERROR_VDATA_VERIFY_DIGEST,
|
||||||
"vb2_verify_keyblock2() corrupt");
|
"vb2_verify_keyblock() corrupt");
|
||||||
|
|
||||||
free(buf);
|
free(buf);
|
||||||
free(buf2);
|
free(buf2);
|
||||||
@@ -378,10 +377,10 @@ static void test_verify_fw_preamble(void)
|
|||||||
{
|
{
|
||||||
const char desc[16] = "test preamble";
|
const char desc[16] = "test preamble";
|
||||||
const struct vb2_private_key *prikhash;
|
const struct vb2_private_key *prikhash;
|
||||||
struct vb2_signature2 *hashes[3];
|
struct vb2_signature *hashes[3];
|
||||||
struct vb2_public_key pubk;
|
struct vb2_public_key pubk;
|
||||||
struct vb2_signature2 *sig;
|
struct vb2_signature *sig;
|
||||||
struct vb2_fw_preamble2 *pre;
|
struct vb2_fw_preamble *pre;
|
||||||
uint32_t buf_size;
|
uint32_t buf_size;
|
||||||
uint8_t *buf, *buf2;
|
uint8_t *buf, *buf2;
|
||||||
|
|
||||||
@@ -390,7 +389,7 @@ static void test_verify_fw_preamble(void)
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
* Preambles will usually be signed with a real key not a bare hash,
|
* Preambles will usually be signed with a real key not a bare hash,
|
||||||
* but the call to vb2_verify_data2() inside the preamble check is the
|
* but the call to vb2_verify_data() inside the preamble check is the
|
||||||
* same (and its functionality is verified separately), and using a
|
* same (and its functionality is verified separately), and using a
|
||||||
* bare hash here saves us from needing to have a private key to do
|
* bare hash here saves us from needing to have a private key to do
|
||||||
* this test.
|
* this test.
|
||||||
@@ -413,7 +412,7 @@ static void test_verify_fw_preamble(void)
|
|||||||
|
|
||||||
/* Test good preamble */
|
/* Test good preamble */
|
||||||
TEST_SUCC(vb2_fw_preamble_create(&pre, prikhash,
|
TEST_SUCC(vb2_fw_preamble_create(&pre, prikhash,
|
||||||
(const struct vb2_signature2 **)hashes,
|
(const struct vb2_signature **)hashes,
|
||||||
3, 0x1234, 0x5678, desc),
|
3, 0x1234, 0x5678, desc),
|
||||||
"Create preamble good");
|
"Create preamble good");
|
||||||
|
|
||||||
@@ -425,28 +424,28 @@ static void test_verify_fw_preamble(void)
|
|||||||
memcpy(buf2, buf, buf_size);
|
memcpy(buf2, buf, buf_size);
|
||||||
|
|
||||||
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
|
vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
|
||||||
pre = (struct vb2_fw_preamble2 *)buf;
|
pre = (struct vb2_fw_preamble *)buf;
|
||||||
|
|
||||||
TEST_SUCC(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_SUCC(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
"vb2_verify_fw_preamble2()");
|
"vb2_verify_fw_preamble()");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
pre->c.magic = VB2_MAGIC_PACKED_KEY2;
|
pre->c.magic = VB2_MAGIC_PACKED_KEY;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_PREAMBLE_MAGIC,
|
VB2_ERROR_PREAMBLE_MAGIC,
|
||||||
"vb2_verify_fw_preamble2() magic");
|
"vb2_verify_fw_preamble() magic");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
pre->c.fixed_size++;
|
pre->c.fixed_size++;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_COMMON_FIXED_UNALIGNED,
|
VB2_ERROR_COMMON_FIXED_UNALIGNED,
|
||||||
"vb2_verify_fw_preamble2() header");
|
"vb2_verify_fw_preamble() header");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
pre->c.struct_version_major++;
|
pre->c.struct_version_major++;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_PREAMBLE_HEADER_VERSION,
|
VB2_ERROR_PREAMBLE_HEADER_VERSION,
|
||||||
"vb2_verify_fw_preamble2() major version");
|
"vb2_verify_fw_preamble() major version");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
pre->c.struct_version_minor++;
|
pre->c.struct_version_minor++;
|
||||||
@@ -454,55 +453,55 @@ static void test_verify_fw_preamble(void)
|
|||||||
vb2_sign_data(&sig, buf, pre->sig_offset, prikhash, NULL);
|
vb2_sign_data(&sig, buf, pre->sig_offset, prikhash, NULL);
|
||||||
memcpy(buf + pre->sig_offset, sig, sig->c.total_size);
|
memcpy(buf + pre->sig_offset, sig, sig->c.total_size);
|
||||||
free(sig);
|
free(sig);
|
||||||
TEST_SUCC(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_SUCC(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
"vb2_verify_fw_preamble2() minor version");
|
"vb2_verify_fw_preamble() minor version");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
pre->c.fixed_size -= 4;
|
pre->c.fixed_size -= 4;
|
||||||
pre->c.desc_size += 4;
|
pre->c.desc_size += 4;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_PREAMBLE_SIZE,
|
VB2_ERROR_PREAMBLE_SIZE,
|
||||||
"vb2_verify_fw_preamble2() header size");
|
"vb2_verify_fw_preamble() header size");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
sig = (struct vb2_signature2 *)(buf + pre->hash_offset);
|
sig = (struct vb2_signature *)(buf + pre->hash_offset);
|
||||||
sig->c.total_size += pre->c.total_size;
|
sig->c.total_size += pre->c.total_size;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_COMMON_TOTAL_SIZE,
|
VB2_ERROR_COMMON_TOTAL_SIZE,
|
||||||
"vb2_verify_fw_preamble2() hash size");
|
"vb2_verify_fw_preamble() hash size");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
sig = (struct vb2_signature2 *)(buf + pre->hash_offset);
|
sig = (struct vb2_signature *)(buf + pre->hash_offset);
|
||||||
sig->sig_size /= 2;
|
sig->sig_size /= 2;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_SIG_SIZE,
|
VB2_ERROR_SIG_SIZE,
|
||||||
"vb2_verify_fw_preamble2() hash integrity");
|
"vb2_verify_fw_preamble() hash integrity");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
pre->hash_count++;
|
pre->hash_count++;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_COMMON_MEMBER_OVERLAP,
|
VB2_ERROR_COMMON_MEMBER_OVERLAP,
|
||||||
"vb2_verify_fw_preamble2() hash count");
|
"vb2_verify_fw_preamble() hash count");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
sig = (struct vb2_signature2 *)(buf + pre->sig_offset);
|
sig = (struct vb2_signature *)(buf + pre->sig_offset);
|
||||||
sig->c.total_size += 4;
|
sig->c.total_size += 4;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_COMMON_TOTAL_SIZE,
|
VB2_ERROR_COMMON_TOTAL_SIZE,
|
||||||
"vb2_verify_fw_preamble2() sig inside");
|
"vb2_verify_fw_preamble() sig inside");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
sig = (struct vb2_signature2 *)(buf + pre->sig_offset);
|
sig = (struct vb2_signature *)(buf + pre->sig_offset);
|
||||||
buf[pre->sig_offset + sig->sig_offset]++;
|
buf[pre->sig_offset + sig->sig_offset]++;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_VERIFY_DIGEST,
|
VB2_ERROR_VDATA_VERIFY_DIGEST,
|
||||||
"vb2_verify_fw_preamble2() sig corrupt");
|
"vb2_verify_fw_preamble() sig corrupt");
|
||||||
|
|
||||||
memcpy(buf, buf2, buf_size);
|
memcpy(buf, buf2, buf_size);
|
||||||
pre->flags++;
|
pre->flags++;
|
||||||
TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
|
TEST_EQ(vb2_verify_fw_preamble(pre, buf_size, &pubk, &wb),
|
||||||
VB2_ERROR_VDATA_VERIFY_DIGEST,
|
VB2_ERROR_VDATA_VERIFY_DIGEST,
|
||||||
"vb2_verify_fw_preamble2() preamble corrupt");
|
"vb2_verify_fw_preamble() preamble corrupt");
|
||||||
|
|
||||||
free(buf);
|
free(buf);
|
||||||
free(buf2);
|
free(buf2);
|
||||||
|
|||||||
@@ -29,9 +29,9 @@ static void preamble_tests(const char *keys_dir)
|
|||||||
{
|
{
|
||||||
struct vb2_private_key *prik4096;
|
struct vb2_private_key *prik4096;
|
||||||
struct vb2_public_key *pubk4096;
|
struct vb2_public_key *pubk4096;
|
||||||
struct vb2_fw_preamble2 *fp;
|
struct vb2_fw_preamble *fp;
|
||||||
const struct vb2_private_key *prikhash;
|
const struct vb2_private_key *prikhash;
|
||||||
struct vb2_signature2 *hashes[3];
|
struct vb2_signature *hashes[3];
|
||||||
char fname[1024];
|
char fname[1024];
|
||||||
const char test_desc[] = "Test fw preamble";
|
const char test_desc[] = "Test fw preamble";
|
||||||
const uint32_t test_version = 2061;
|
const uint32_t test_version = 2061;
|
||||||
@@ -74,15 +74,15 @@ static void preamble_tests(const char *keys_dir)
|
|||||||
|
|
||||||
/* Test good preamble */
|
/* Test good preamble */
|
||||||
TEST_SUCC(vb2_fw_preamble_create(&fp, prik4096,
|
TEST_SUCC(vb2_fw_preamble_create(&fp, prik4096,
|
||||||
(const struct vb2_signature2 **)hashes,
|
(const struct vb2_signature **)hashes,
|
||||||
3, test_version, test_flags,
|
3, test_version, test_flags,
|
||||||
test_desc),
|
test_desc),
|
||||||
"Create preamble good");
|
"Create preamble good");
|
||||||
TEST_PTR_NEQ(fp, NULL, " fp_ptr");
|
TEST_PTR_NEQ(fp, NULL, " fp_ptr");
|
||||||
TEST_SUCC(vb2_verify_fw_preamble2(fp, fp->c.total_size, pubk4096, &wb),
|
TEST_SUCC(vb2_verify_fw_preamble(fp, fp->c.total_size, pubk4096, &wb),
|
||||||
"Verify preamble good");
|
"Verify preamble good");
|
||||||
TEST_EQ(strcmp(vb2_common_desc(fp), test_desc), 0, " desc");
|
TEST_EQ(strcmp(vb2_common_desc(fp), test_desc), 0, " desc");
|
||||||
TEST_EQ(fp->firmware_version, test_version, " firmware_version");
|
TEST_EQ(fp->fw_version, test_version, " fw_version");
|
||||||
TEST_EQ(fp->flags, test_flags, " flags");
|
TEST_EQ(fp->flags, test_flags, " flags");
|
||||||
TEST_EQ(fp->hash_count, 3, " hash_count");
|
TEST_EQ(fp->hash_count, 3, " hash_count");
|
||||||
|
|
||||||
@@ -98,7 +98,7 @@ static void preamble_tests(const char *keys_dir)
|
|||||||
/* Test errors */
|
/* Test errors */
|
||||||
prik4096->hash_alg = VB2_HASH_INVALID;
|
prik4096->hash_alg = VB2_HASH_INVALID;
|
||||||
TEST_EQ(vb2_fw_preamble_create(&fp, prik4096,
|
TEST_EQ(vb2_fw_preamble_create(&fp, prik4096,
|
||||||
(const struct vb2_signature2 **)hashes,
|
(const struct vb2_signature **)hashes,
|
||||||
3, test_version, test_flags,
|
3, test_version, test_flags,
|
||||||
test_desc),
|
test_desc),
|
||||||
VB2_FW_PREAMBLE_CREATE_SIG_SIZE,
|
VB2_FW_PREAMBLE_CREATE_SIG_SIZE,
|
||||||
|
|||||||
@@ -35,7 +35,7 @@ static void private_key_tests(const struct alg_combo *combo,
|
|||||||
{
|
{
|
||||||
struct vb2_private_key *key, *k2;
|
struct vb2_private_key *key, *k2;
|
||||||
const struct vb2_private_key *ckey;
|
const struct vb2_private_key *ckey;
|
||||||
struct vb2_packed_private_key2 *pkey;
|
struct vb2_packed_private_key *pkey;
|
||||||
const char *testfile = "test.vbprik2";
|
const char *testfile = "test.vbprik2";
|
||||||
const char *notapem = "not_a_pem";
|
const char *notapem = "not_a_pem";
|
||||||
const char *testdesc = "test desc";
|
const char *testdesc = "test desc";
|
||||||
@@ -91,7 +91,7 @@ static void private_key_tests(const struct alg_combo *combo,
|
|||||||
vb2_private_key_free(k2);
|
vb2_private_key_free(k2);
|
||||||
|
|
||||||
TEST_SUCC(vb2_read_file(testfile, &buf, &bufsize), "Read key raw");
|
TEST_SUCC(vb2_read_file(testfile, &buf, &bufsize), "Read key raw");
|
||||||
pkey = (struct vb2_packed_private_key2 *)buf;
|
pkey = (struct vb2_packed_private_key *)buf;
|
||||||
|
|
||||||
/* Make a backup of the good buffer so we can mangle it */
|
/* Make a backup of the good buffer so we can mangle it */
|
||||||
buf2 = malloc(bufsize);
|
buf2 = malloc(bufsize);
|
||||||
@@ -102,7 +102,7 @@ static void private_key_tests(const struct alg_combo *combo,
|
|||||||
vb2_private_key_free(k2);
|
vb2_private_key_free(k2);
|
||||||
|
|
||||||
memcpy(buf, buf2, bufsize);
|
memcpy(buf, buf2, bufsize);
|
||||||
pkey->c.magic = VB2_MAGIC_PACKED_KEY2;
|
pkey->c.magic = VB2_MAGIC_PACKED_KEY;
|
||||||
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize),
|
TEST_EQ(vb2_private_key_unpack(&k2, buf, bufsize),
|
||||||
VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC,
|
VB2_ERROR_UNPACK_PRIVATE_KEY_MAGIC,
|
||||||
"Unpack private key bad magic");
|
"Unpack private key bad magic");
|
||||||
@@ -169,7 +169,7 @@ static void public_key_tests(const struct alg_combo *combo,
|
|||||||
const char *keybfile)
|
const char *keybfile)
|
||||||
{
|
{
|
||||||
struct vb2_public_key *key, k2;
|
struct vb2_public_key *key, k2;
|
||||||
struct vb2_packed_key2 *pkey;
|
struct vb2_packed_key *pkey;
|
||||||
const char *testfile = "test.vbpubk2";
|
const char *testfile = "test.vbpubk2";
|
||||||
const char *testdesc = "test desc";
|
const char *testdesc = "test desc";
|
||||||
const struct vb2_guid test_guid = {.raw = {0xbb}};
|
const struct vb2_guid test_guid = {.raw = {0xbb}};
|
||||||
@@ -225,7 +225,7 @@ static void public_key_tests(const struct alg_combo *combo,
|
|||||||
TEST_EQ(memcmp(&pkey->guid, key->guid, sizeof(pkey->guid)), 0,
|
TEST_EQ(memcmp(&pkey->guid, key->guid, sizeof(pkey->guid)), 0,
|
||||||
" guid");
|
" guid");
|
||||||
TEST_EQ(strcmp(vb2_common_desc(pkey), key->desc), 0, " desc");
|
TEST_EQ(strcmp(vb2_common_desc(pkey), key->desc), 0, " desc");
|
||||||
TEST_SUCC(vb2_unpack_key2(&k2, (uint8_t *)pkey, pkey->c.total_size),
|
TEST_SUCC(vb2_unpack_key(&k2, (uint8_t *)pkey, pkey->c.total_size),
|
||||||
"Unpack public key");
|
"Unpack public key");
|
||||||
TEST_EQ(key->arrsize, k2.arrsize, " arrsize");
|
TEST_EQ(key->arrsize, k2.arrsize, " arrsize");
|
||||||
TEST_EQ(key->n0inv, k2.n0inv, " n0inv");
|
TEST_EQ(key->n0inv, k2.n0inv, " n0inv");
|
||||||
@@ -237,7 +237,7 @@ static void public_key_tests(const struct alg_combo *combo,
|
|||||||
TEST_SUCC(vb2_write_object(testfile, pkey), "Write packed key");
|
TEST_SUCC(vb2_write_object(testfile, pkey), "Write packed key");
|
||||||
free(pkey);
|
free(pkey);
|
||||||
|
|
||||||
TEST_SUCC(vb2_packed_key2_read(&pkey, testfile), "Read packed key");
|
TEST_SUCC(vb2_packed_key_read(&pkey, testfile), "Read packed key");
|
||||||
TEST_PTR_NEQ(pkey, NULL, " key_ptr");
|
TEST_PTR_NEQ(pkey, NULL, " key_ptr");
|
||||||
unlink(testfile);
|
unlink(testfile);
|
||||||
|
|
||||||
@@ -245,12 +245,12 @@ static void public_key_tests(const struct alg_combo *combo,
|
|||||||
TEST_SUCC(vb2_write_object(testfile, pkey), "Write bad packed key");
|
TEST_SUCC(vb2_write_object(testfile, pkey), "Write bad packed key");
|
||||||
free(pkey);
|
free(pkey);
|
||||||
|
|
||||||
TEST_EQ(vb2_packed_key2_read(&pkey, testfile),
|
TEST_EQ(vb2_packed_key_read(&pkey, testfile),
|
||||||
VB2_ERROR_READ_PACKED_KEY, "Read bad packed key");
|
VB2_ERROR_READ_PACKED_KEY, "Read bad packed key");
|
||||||
TEST_PTR_EQ(pkey, NULL, " key_ptr");
|
TEST_PTR_EQ(pkey, NULL, " key_ptr");
|
||||||
unlink(testfile);
|
unlink(testfile);
|
||||||
|
|
||||||
TEST_EQ(vb2_packed_key2_read(&pkey, testfile),
|
TEST_EQ(vb2_packed_key_read(&pkey, testfile),
|
||||||
VB2_ERROR_READ_PACKED_KEY_DATA, "Read missing packed key");
|
VB2_ERROR_READ_PACKED_KEY_DATA, "Read missing packed key");
|
||||||
|
|
||||||
key->sig_alg = VB2_SIG_INVALID;
|
key->sig_alg = VB2_SIG_INVALID;
|
||||||
@@ -271,7 +271,7 @@ static void public_key_tests(const struct alg_combo *combo,
|
|||||||
|
|
||||||
TEST_SUCC(vb2_public_key_pack(&pkey, &k2), "Pack public hash key");
|
TEST_SUCC(vb2_public_key_pack(&pkey, &k2), "Pack public hash key");
|
||||||
TEST_PTR_NEQ(pkey, NULL, " key_ptr");
|
TEST_PTR_NEQ(pkey, NULL, " key_ptr");
|
||||||
TEST_SUCC(vb2_unpack_key2(&k2, (uint8_t *)pkey, pkey->c.total_size),
|
TEST_SUCC(vb2_unpack_key(&k2, (uint8_t *)pkey, pkey->c.total_size),
|
||||||
"Unpack public hash key");
|
"Unpack public hash key");
|
||||||
free(pkey);
|
free(pkey);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -22,8 +22,8 @@ static void keyblock_tests(const char *keys_dir)
|
|||||||
{
|
{
|
||||||
struct vb2_public_key *pubk2048, *pubk4096, *pubk8192, pubkhash;
|
struct vb2_public_key *pubk2048, *pubk4096, *pubk8192, pubkhash;
|
||||||
struct vb2_private_key *prik4096, *prik8192;
|
struct vb2_private_key *prik4096, *prik8192;
|
||||||
struct vb2_packed_key2 *pak, *pakgood;
|
struct vb2_packed_key *pak, *pakgood;
|
||||||
struct vb2_keyblock2 *kb;
|
struct vb2_keyblock *kb;
|
||||||
const struct vb2_private_key *prikhash;
|
const struct vb2_private_key *prikhash;
|
||||||
const struct vb2_private_key *prik[2];
|
const struct vb2_private_key *prik[2];
|
||||||
char fname[1024];
|
char fname[1024];
|
||||||
@@ -80,12 +80,12 @@ static void keyblock_tests(const char *keys_dir)
|
|||||||
TEST_SUCC(vb2_keyblock_create(&kb, pubk2048, prik, 1, 0x1234, NULL),
|
TEST_SUCC(vb2_keyblock_create(&kb, pubk2048, prik, 1, 0x1234, NULL),
|
||||||
"Keyblock single");
|
"Keyblock single");
|
||||||
TEST_PTR_NEQ(kb, NULL, " kb_ptr");
|
TEST_PTR_NEQ(kb, NULL, " kb_ptr");
|
||||||
TEST_SUCC(vb2_verify_keyblock2(kb, kb->c.total_size, pubk4096, &wb),
|
TEST_SUCC(vb2_verify_keyblock(kb, kb->c.total_size, pubk4096, &wb),
|
||||||
" verify");
|
" verify");
|
||||||
TEST_EQ(strcmp(vb2_common_desc(kb), pubk2048->desc), 0, " desc");
|
TEST_EQ(strcmp(vb2_common_desc(kb), pubk2048->desc), 0, " desc");
|
||||||
TEST_EQ(kb->flags, 0x1234, " flags");
|
TEST_EQ(kb->flags, 0x1234, " flags");
|
||||||
|
|
||||||
pak = (struct vb2_packed_key2 *)((uint8_t *)kb + kb->key_offset);
|
pak = (struct vb2_packed_key *)((uint8_t *)kb + kb->key_offset);
|
||||||
TEST_EQ(0, memcmp(pak, pakgood, pakgood->c.total_size), " data key");
|
TEST_EQ(0, memcmp(pak, pakgood, pakgood->c.total_size), " data key");
|
||||||
free(kb);
|
free(kb);
|
||||||
|
|
||||||
@@ -94,9 +94,9 @@ static void keyblock_tests(const char *keys_dir)
|
|||||||
prik[1] = prikhash;
|
prik[1] = prikhash;
|
||||||
TEST_SUCC(vb2_keyblock_create(&kb, pubk4096, prik, 2, 0, test_desc),
|
TEST_SUCC(vb2_keyblock_create(&kb, pubk4096, prik, 2, 0, test_desc),
|
||||||
"Keyblock multiple");
|
"Keyblock multiple");
|
||||||
TEST_SUCC(vb2_verify_keyblock2(kb, kb->c.total_size, pubk8192, &wb),
|
TEST_SUCC(vb2_verify_keyblock(kb, kb->c.total_size, pubk8192, &wb),
|
||||||
" verify 1");
|
" verify 1");
|
||||||
TEST_SUCC(vb2_verify_keyblock2(kb, kb->c.total_size, &pubkhash, &wb),
|
TEST_SUCC(vb2_verify_keyblock(kb, kb->c.total_size, &pubkhash, &wb),
|
||||||
" verify 2");
|
" verify 2");
|
||||||
TEST_EQ(strcmp(vb2_common_desc(kb), test_desc), 0, " desc");
|
TEST_EQ(strcmp(vb2_common_desc(kb), test_desc), 0, " desc");
|
||||||
TEST_EQ(kb->flags, 0, " flags");
|
TEST_EQ(kb->flags, 0, " flags");
|
||||||
|
|||||||
@@ -43,7 +43,7 @@ static void sig_tests(const struct alg_combo *combo,
|
|||||||
struct vb2_private_key *prik, prik2;
|
struct vb2_private_key *prik, prik2;
|
||||||
const struct vb2_private_key *prihash, *priks[2];
|
const struct vb2_private_key *prihash, *priks[2];
|
||||||
struct vb2_public_key *pubk, pubhash;
|
struct vb2_public_key *pubk, pubhash;
|
||||||
struct vb2_signature2 *sig, *sig2;
|
struct vb2_signature *sig, *sig2;
|
||||||
uint32_t size;
|
uint32_t size;
|
||||||
|
|
||||||
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
|
uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
|
||||||
@@ -86,7 +86,7 @@ static void sig_tests(const struct alg_combo *combo,
|
|||||||
TEST_EQ(sig->data_size, test_size, " data_size");
|
TEST_EQ(sig->data_size, test_size, " data_size");
|
||||||
TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size");
|
TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size");
|
||||||
TEST_EQ(size, sig->c.total_size, " size");
|
TEST_EQ(size, sig->c.total_size, " size");
|
||||||
TEST_SUCC(vb2_verify_data2(test_data, test_size, sig, pubk, &wb),
|
TEST_SUCC(vb2_verify_data(test_data, test_size, sig, pubk, &wb),
|
||||||
"Verify good");
|
"Verify good");
|
||||||
free(sig);
|
free(sig);
|
||||||
|
|
||||||
@@ -105,7 +105,7 @@ static void sig_tests(const struct alg_combo *combo,
|
|||||||
|
|
||||||
TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prihash, NULL),
|
TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prihash, NULL),
|
||||||
"Sign with hash");
|
"Sign with hash");
|
||||||
TEST_SUCC(vb2_verify_data2(test_data, test_size, sig, &pubhash, &wb),
|
TEST_SUCC(vb2_verify_data(test_data, test_size, sig, &pubhash, &wb),
|
||||||
"Verify with hash");
|
"Verify with hash");
|
||||||
free(sig);
|
free(sig);
|
||||||
|
|
||||||
@@ -124,8 +124,8 @@ static void sig_tests(const struct alg_combo *combo,
|
|||||||
c->total_size = bufsize;
|
c->total_size = bufsize;
|
||||||
|
|
||||||
TEST_SUCC(vb2_sign_object(buf, c_sig_offs, prik, NULL), "Sign object");
|
TEST_SUCC(vb2_sign_object(buf, c_sig_offs, prik, NULL), "Sign object");
|
||||||
sig = (struct vb2_signature2 *)(buf + c_sig_offs);
|
sig = (struct vb2_signature *)(buf + c_sig_offs);
|
||||||
TEST_SUCC(vb2_verify_data2(buf, c_sig_offs, sig, pubk, &wb),
|
TEST_SUCC(vb2_verify_data(buf, c_sig_offs, sig, pubk, &wb),
|
||||||
"Verify object");
|
"Verify object");
|
||||||
|
|
||||||
TEST_EQ(vb2_sign_object(buf, c_sig_offs + 4, prik, NULL),
|
TEST_EQ(vb2_sign_object(buf, c_sig_offs + 4, prik, NULL),
|
||||||
@@ -142,11 +142,11 @@ static void sig_tests(const struct alg_combo *combo,
|
|||||||
|
|
||||||
TEST_SUCC(vb2_sign_object_multiple(buf, c_sig_offs, priks, 2),
|
TEST_SUCC(vb2_sign_object_multiple(buf, c_sig_offs, priks, 2),
|
||||||
"Sign multiple");
|
"Sign multiple");
|
||||||
sig = (struct vb2_signature2 *)(buf + c_sig_offs);
|
sig = (struct vb2_signature *)(buf + c_sig_offs);
|
||||||
TEST_SUCC(vb2_verify_data2(buf, c_sig_offs, sig, pubk, &wb),
|
TEST_SUCC(vb2_verify_data(buf, c_sig_offs, sig, pubk, &wb),
|
||||||
"Verify object with sig 1");
|
"Verify object with sig 1");
|
||||||
sig2 = (struct vb2_signature2 *)(buf + c_sig_offs + sig->c.total_size);
|
sig2 = (struct vb2_signature *)(buf + c_sig_offs + sig->c.total_size);
|
||||||
TEST_SUCC(vb2_verify_data2(buf, c_sig_offs, sig2, &pubhash, &wb),
|
TEST_SUCC(vb2_verify_data(buf, c_sig_offs, sig2, &pubhash, &wb),
|
||||||
"Verify object with sig 2");
|
"Verify object with sig 2");
|
||||||
|
|
||||||
c->total_size -= 4;
|
c->total_size -= 4;
|
||||||
|
|||||||
@@ -28,21 +28,21 @@ static struct vb2_shared_data *sd;
|
|||||||
|
|
||||||
static struct {
|
static struct {
|
||||||
struct vb2_gbb_header h;
|
struct vb2_gbb_header h;
|
||||||
struct vb2_packed_key2 rootkey;
|
struct vb2_packed_key rootkey;
|
||||||
char rootkey_data[32];
|
char rootkey_data[32];
|
||||||
} mock_gbb;
|
} mock_gbb;
|
||||||
|
|
||||||
static struct {
|
static struct {
|
||||||
/* Keyblock */
|
/* Keyblock */
|
||||||
struct {
|
struct {
|
||||||
struct vb2_keyblock2 kb;
|
struct vb2_keyblock kb;
|
||||||
struct vb2_packed_key2 data_key;
|
struct vb2_packed_key data_key;
|
||||||
char data_key_data[16];
|
char data_key_data[16];
|
||||||
uint8_t kbdata[128];
|
uint8_t kbdata[128];
|
||||||
} k;
|
} k;
|
||||||
/* Preamble follows keyblock */
|
/* Preamble follows keyblock */
|
||||||
struct {
|
struct {
|
||||||
struct vb2_fw_preamble2 pre;
|
struct vb2_fw_preamble pre;
|
||||||
uint8_t predata[128];
|
uint8_t predata[128];
|
||||||
} p;
|
} p;
|
||||||
} mock_vblock;
|
} mock_vblock;
|
||||||
@@ -60,9 +60,9 @@ enum reset_type {
|
|||||||
|
|
||||||
static void reset_common_data(enum reset_type t)
|
static void reset_common_data(enum reset_type t)
|
||||||
{
|
{
|
||||||
struct vb2_keyblock2 *kb = &mock_vblock.k.kb;
|
struct vb2_keyblock *kb = &mock_vblock.k.kb;
|
||||||
struct vb2_packed_key2 *dk = &mock_vblock.k.data_key;
|
struct vb2_packed_key *dk = &mock_vblock.k.data_key;
|
||||||
struct vb2_fw_preamble2 *pre = &mock_vblock.p.pre;
|
struct vb2_fw_preamble *pre = &mock_vblock.p.pre;
|
||||||
|
|
||||||
memset(workbuf, 0xaa, sizeof(workbuf));
|
memset(workbuf, 0xaa, sizeof(workbuf));
|
||||||
|
|
||||||
@@ -109,11 +109,11 @@ static void reset_common_data(enum reset_type t)
|
|||||||
strcpy(mock_vblock.k.data_key_data, "data key data!!");
|
strcpy(mock_vblock.k.data_key_data, "data key data!!");
|
||||||
|
|
||||||
pre->c.total_size = sizeof(mock_vblock.p);
|
pre->c.total_size = sizeof(mock_vblock.p);
|
||||||
pre->firmware_version = 2;
|
pre->fw_version = 2;
|
||||||
|
|
||||||
/* If verifying preamble, verify keyblock first to set up data key */
|
/* If verifying preamble, verify keyblock first to set up data key */
|
||||||
if (t == FOR_PREAMBLE)
|
if (t == FOR_PREAMBLE)
|
||||||
vb2_load_fw_keyblock2(&ctx);
|
vb2_load_fw_keyblock(&ctx);
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Mocked functions */
|
/* Mocked functions */
|
||||||
@@ -150,14 +150,14 @@ int vb2ex_read_resource(struct vb2_context *ctx,
|
|||||||
return VB2_SUCCESS;
|
return VB2_SUCCESS;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_unpack_key2(struct vb2_public_key *key,
|
int vb2_unpack_key(struct vb2_public_key *key,
|
||||||
const uint8_t *buf,
|
const uint8_t *buf,
|
||||||
uint32_t size)
|
uint32_t size)
|
||||||
{
|
{
|
||||||
return mock_unpack_key_retval;
|
return mock_unpack_key_retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
int vb2_verify_keyblock(struct vb2_keyblock *block,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb)
|
const struct vb2_workbuf *wb)
|
||||||
@@ -165,7 +165,7 @@ int vb2_verify_keyblock2(struct vb2_keyblock2 *block,
|
|||||||
return mock_verify_keyblock_retval;
|
return mock_verify_keyblock_retval;
|
||||||
}
|
}
|
||||||
|
|
||||||
int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble,
|
int vb2_verify_fw_preamble(struct vb2_fw_preamble *preamble,
|
||||||
uint32_t size,
|
uint32_t size,
|
||||||
const struct vb2_public_key *key,
|
const struct vb2_public_key *key,
|
||||||
const struct vb2_workbuf *wb)
|
const struct vb2_workbuf *wb)
|
||||||
@@ -177,15 +177,15 @@ int vb2_verify_fw_preamble2(struct vb2_fw_preamble2 *preamble,
|
|||||||
|
|
||||||
static void load_keyblock_tests(void)
|
static void load_keyblock_tests(void)
|
||||||
{
|
{
|
||||||
struct vb2_keyblock2 *kb = &mock_vblock.k.kb;
|
struct vb2_keyblock *kb = &mock_vblock.k.kb;
|
||||||
struct vb2_packed_key2 *dk = &mock_vblock.k.data_key;
|
struct vb2_packed_key *dk = &mock_vblock.k.data_key;
|
||||||
struct vb2_packed_key2 *k;
|
struct vb2_packed_key *k;
|
||||||
int wb_used_before;
|
int wb_used_before;
|
||||||
|
|
||||||
/* Test successful call */
|
/* Test successful call */
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
wb_used_before = ctx.workbuf_used;
|
wb_used_before = ctx.workbuf_used;
|
||||||
TEST_SUCC(vb2_load_fw_keyblock2(&ctx), "keyblock verify");
|
TEST_SUCC(vb2_load_fw_keyblock(&ctx), "keyblock verify");
|
||||||
TEST_EQ(sd->fw_version, 0x20000, "keyblock version");
|
TEST_EQ(sd->fw_version, 0x20000, "keyblock version");
|
||||||
TEST_EQ(sd->vblock_preamble_offset, sizeof(mock_vblock.k),
|
TEST_EQ(sd->vblock_preamble_offset, sizeof(mock_vblock.k),
|
||||||
"preamble offset");
|
"preamble offset");
|
||||||
@@ -198,8 +198,8 @@ static void load_keyblock_tests(void)
|
|||||||
"workbuf used");
|
"workbuf used");
|
||||||
|
|
||||||
/* Make sure data key was properly saved */
|
/* Make sure data key was properly saved */
|
||||||
k = (struct vb2_packed_key2 *)(ctx.workbuf +
|
k = (struct vb2_packed_key *)(ctx.workbuf +
|
||||||
sd->workbuf_data_key_offset);
|
sd->workbuf_data_key_offset);
|
||||||
TEST_EQ(k->sig_alg, VB2_SIG_RSA4096, "data key algorithm");
|
TEST_EQ(k->sig_alg, VB2_SIG_RSA4096, "data key algorithm");
|
||||||
TEST_EQ(k->key_version, 2, "data key version");
|
TEST_EQ(k->key_version, 2, "data key version");
|
||||||
TEST_EQ(k->key_size, sizeof(mock_vblock.k.data_key_data),
|
TEST_EQ(k->key_size, sizeof(mock_vblock.k.data_key_data),
|
||||||
@@ -215,76 +215,76 @@ static void load_keyblock_tests(void)
|
|||||||
/* Test failures */
|
/* Test failures */
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size + 8;
|
ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size + 8;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY,
|
VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY,
|
||||||
"keyblock not enough workbuf for root key");
|
"keyblock not enough workbuf for root key");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
sd->gbb_rootkey_size = sizeof(mock_gbb);
|
sd->gbb_rootkey_size = sizeof(mock_gbb);
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
||||||
"keyblock read root key");
|
"keyblock read root key");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
|
mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
|
VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
|
||||||
"keyblock unpack root key");
|
"keyblock unpack root key");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size - 8;
|
ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size - 8;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
||||||
"keyblock not enough workbuf for header");
|
"keyblock not enough workbuf for header");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
mock_read_res_fail_on_call = 2;
|
mock_read_res_fail_on_call = 2;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_EX_READ_RESOURCE_INDEX,
|
VB2_ERROR_EX_READ_RESOURCE_INDEX,
|
||||||
"keyblock read keyblock header");
|
"keyblock read keyblock header");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size
|
ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size
|
||||||
- sizeof(struct vb2_keyblock2);
|
- sizeof(struct vb2_keyblock);
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
||||||
"keyblock not enough workbuf for entire keyblock");
|
"keyblock not enough workbuf for entire keyblock");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
kb->c.total_size = sizeof(mock_vblock) + 1;
|
kb->c.total_size = sizeof(mock_vblock) + 1;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
||||||
"keyblock read keyblock");
|
"keyblock read keyblock");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
mock_verify_keyblock_retval = VB2_ERROR_KEYBLOCK_MAGIC;
|
mock_verify_keyblock_retval = VB2_ERROR_KEYBLOCK_MAGIC;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_KEYBLOCK_MAGIC,
|
VB2_ERROR_KEYBLOCK_MAGIC,
|
||||||
"keyblock verify keyblock");
|
"keyblock verify keyblock");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
dk->key_version = 0x10000;
|
dk->key_version = 0x10000;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE,
|
VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE,
|
||||||
"keyblock version range");
|
"keyblock version range");
|
||||||
|
|
||||||
reset_common_data(FOR_KEYBLOCK);
|
reset_common_data(FOR_KEYBLOCK);
|
||||||
dk->key_version = 1;
|
dk->key_version = 1;
|
||||||
TEST_EQ(vb2_load_fw_keyblock2(&ctx),
|
TEST_EQ(vb2_load_fw_keyblock(&ctx),
|
||||||
VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK,
|
VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK,
|
||||||
"keyblock rollback");
|
"keyblock rollback");
|
||||||
}
|
}
|
||||||
|
|
||||||
static void load_preamble_tests(void)
|
static void load_preamble_tests(void)
|
||||||
{
|
{
|
||||||
struct vb2_fw_preamble2 *pre = &mock_vblock.p.pre;
|
struct vb2_fw_preamble *pre = &mock_vblock.p.pre;
|
||||||
int data_key_offset_before;
|
int data_key_offset_before;
|
||||||
uint32_t v;
|
uint32_t v;
|
||||||
|
|
||||||
/* Test successful call */
|
/* Test successful call */
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
data_key_offset_before = sd->workbuf_data_key_offset;
|
data_key_offset_before = sd->workbuf_data_key_offset;
|
||||||
TEST_SUCC(vb2_load_fw_preamble2(&ctx), "preamble good");
|
TEST_SUCC(vb2_load_fw_preamble(&ctx), "preamble good");
|
||||||
TEST_EQ(sd->fw_version, 0x20002, "combined version");
|
TEST_EQ(sd->fw_version, 0x20002, "combined version");
|
||||||
TEST_EQ(sd->workbuf_preamble_offset, data_key_offset_before,
|
TEST_EQ(sd->workbuf_preamble_offset, data_key_offset_before,
|
||||||
"preamble offset");
|
"preamble offset");
|
||||||
@@ -298,80 +298,80 @@ static void load_preamble_tests(void)
|
|||||||
/* Expected failures */
|
/* Expected failures */
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
sd->workbuf_data_key_size = 0;
|
sd->workbuf_data_key_size = 0;
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_FW_PREAMBLE2_DATA_KEY,
|
VB2_ERROR_FW_PREAMBLE2_DATA_KEY,
|
||||||
"preamble no data key");
|
"preamble no data key");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
|
mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
|
VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
|
||||||
"preamble unpack data key");
|
"preamble unpack data key");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
ctx.workbuf_used = ctx.workbuf_size
|
ctx.workbuf_used = ctx.workbuf_size
|
||||||
- sizeof(struct vb2_fw_preamble2) + 8;
|
- sizeof(struct vb2_fw_preamble) + 8;
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
||||||
"preamble not enough workbuf for header");
|
"preamble not enough workbuf for header");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
sd->vblock_preamble_offset = sizeof(mock_vblock);
|
sd->vblock_preamble_offset = sizeof(mock_vblock);
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
||||||
"preamble read header");
|
"preamble read header");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
ctx.workbuf_used = ctx.workbuf_size - sizeof(mock_vblock.p) + 8;
|
ctx.workbuf_used = ctx.workbuf_size - sizeof(mock_vblock.p) + 8;
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
|
||||||
"preamble not enough workbuf");
|
"preamble not enough workbuf");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->c.total_size = sizeof(mock_vblock);
|
pre->c.total_size = sizeof(mock_vblock);
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
VB2_ERROR_EX_READ_RESOURCE_SIZE,
|
||||||
"preamble read full");
|
"preamble read full");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
mock_verify_preamble_retval = VB2_ERROR_PREAMBLE_SIG_INVALID;
|
mock_verify_preamble_retval = VB2_ERROR_PREAMBLE_SIG_INVALID;
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_PREAMBLE_SIG_INVALID,
|
VB2_ERROR_PREAMBLE_SIG_INVALID,
|
||||||
"preamble verify");
|
"preamble verify");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->firmware_version = 0x10000;
|
pre->fw_version = 0x10000;
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE,
|
VB2_ERROR_FW_PREAMBLE_VERSION_RANGE,
|
||||||
"preamble version range");
|
"preamble version range");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->firmware_version = 1;
|
pre->fw_version = 1;
|
||||||
TEST_EQ(vb2_load_fw_preamble2(&ctx),
|
TEST_EQ(vb2_load_fw_preamble(&ctx),
|
||||||
VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK,
|
VB2_ERROR_FW_PREAMBLE_VERSION_ROLLBACK,
|
||||||
"preamble version rollback");
|
"preamble version rollback");
|
||||||
|
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->firmware_version = 3;
|
pre->fw_version = 3;
|
||||||
TEST_SUCC(vb2_load_fw_preamble2(&ctx),
|
TEST_SUCC(vb2_load_fw_preamble(&ctx),
|
||||||
"preamble version roll forward");
|
"preamble version roll forward");
|
||||||
vb2_secdata_get(&ctx, VB2_SECDATA_VERSIONS, &v);
|
vb2_secdata_get(&ctx, VB2_SECDATA_VERSIONS, &v);
|
||||||
TEST_EQ(v, 0x20003, "roll forward");
|
TEST_EQ(v, 0x20003, "roll forward");
|
||||||
|
|
||||||
/* Newer version without result success doesn't roll forward */
|
/* Newer version without result success doesn't roll forward */
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->firmware_version = 3;
|
pre->fw_version = 3;
|
||||||
sd->last_fw_result = VB2_FW_RESULT_UNKNOWN;
|
sd->last_fw_result = VB2_FW_RESULT_UNKNOWN;
|
||||||
TEST_SUCC(vb2_load_fw_preamble2(&ctx),
|
TEST_SUCC(vb2_load_fw_preamble(&ctx),
|
||||||
"preamble version no roll forward 1");
|
"preamble version no roll forward 1");
|
||||||
vb2_secdata_get(&ctx, VB2_SECDATA_VERSIONS, &v);
|
vb2_secdata_get(&ctx, VB2_SECDATA_VERSIONS, &v);
|
||||||
TEST_EQ(v, 0x20002, "no roll forward");
|
TEST_EQ(v, 0x20002, "no roll forward");
|
||||||
|
|
||||||
/* Newer version with success but for other slot doesn't roll forward */
|
/* Newer version with success but for other slot doesn't roll forward */
|
||||||
reset_common_data(FOR_PREAMBLE);
|
reset_common_data(FOR_PREAMBLE);
|
||||||
pre->firmware_version = 3;
|
pre->fw_version = 3;
|
||||||
sd->last_fw_slot = 1;
|
sd->last_fw_slot = 1;
|
||||||
TEST_SUCC(vb2_load_fw_preamble2(&ctx),
|
TEST_SUCC(vb2_load_fw_preamble(&ctx),
|
||||||
"preamble version no roll forward 2");
|
"preamble version no roll forward 2");
|
||||||
vb2_secdata_get(&ctx, VB2_SECDATA_VERSIONS, &v);
|
vb2_secdata_get(&ctx, VB2_SECDATA_VERSIONS, &v);
|
||||||
TEST_EQ(v, 0x20002, "no roll forward");
|
TEST_EQ(v, 0x20002, "no roll forward");
|
||||||
|
|||||||
Reference in New Issue
Block a user