vboot2: Move and rename functions

Move packed key functions to their own file, in preparation for
introducing support for vb2_packed_key2.

Rename the awfully-named vb2_verify_fw_preamble2() function to
vb2_load_fw_premable(), since the new structs actually have a
vb2_fw_preamble2 struct and that would be very confusing.

Rename vb2_verify_fw_keyblock() to vb2_load_fw_keyblock(), so it
matches.

No functional changes, just renaming.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: Ia914e48e6c5814ab3205b999ceda1aa2452206ff
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225458
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

Makefile

@@ -285,6 +285,7 @@ FWLIB2_SRCS = \
 	firmware/2lib/2crc8.c \
 	firmware/2lib/2misc.c \
 	firmware/2lib/2nvstorage.c \
+	firmware/2lib/2packed_key.c \
 	firmware/2lib/2rsa.c \
 	firmware/2lib/2secdata.c \
 	firmware/2lib/2sha1.c \

firmware/2lib/2api.c

@@ -110,14 +110,14 @@ int vb2api_fw_phase3(struct vb2_context *ctx)
 	int rv;
 
 	/* Verify firmware keyblock */
-	rv = vb2_verify_fw_keyblock(ctx);
+	rv = vb2_load_fw_keyblock(ctx);
 	if (rv) {
 		vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
 		return rv;
 	}
 
 	/* Verify firmware preamble */
-	rv = vb2_verify_fw_preamble2(ctx);
+	rv = vb2_load_fw_preamble(ctx);
 	if (rv) {
 		vb2_fail(ctx, VB2_RECOVERY_RO_INVALID_RW, rv);
 		return rv;

firmware/2lib/2common.c

@@ -110,11 +110,6 @@ void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size)
 	wb->size += size;
 }
 
-const uint8_t *vb2_packed_key_data(const struct vb2_packed_key *key)
-{
-	return (const uint8_t *)key + key->key_offset;
-}
-
 uint8_t *vb2_signature_data(struct vb2_signature *sig)
 {
 	return (uint8_t *)sig + sig->sig_offset;
@@ -168,68 +163,6 @@ int vb2_verify_signature_inside(const void *parent,
 					sig->sig_offset, sig->sig_size);
 }
 
-int vb2_verify_packed_key_inside(const void *parent,
-				 uint32_t parent_size,
-				 const struct vb2_packed_key *key)
-{
-	return vb2_verify_member_inside(parent, parent_size,
-					key, sizeof(*key),
-					key->key_offset, key->key_size);
-}
-
-int vb2_unpack_key(struct vb2_public_key *key,
-		   const uint8_t *buf,
-		   uint32_t size)
-{
-	const struct vb2_packed_key *packed_key =
-		(const struct vb2_packed_key *)buf;
-	const uint32_t *buf32;
-	uint32_t expected_key_size;
-	int rv;
-
-	/* Make sure passed buffer is big enough for the packed key */
-	rv = vb2_verify_packed_key_inside(buf, size, packed_key);
-	if (rv)
-		return rv;
-
-	/* Unpack key algorithm */
-	key->sig_alg = vb2_crypto_to_signature(packed_key->algorithm);
-	if (key->sig_alg == VB2_SIG_INVALID) {
-		VB2_DEBUG("Unsupported signature algorithm.\n");
-		return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
-	}
-
-	key->hash_alg = vb2_crypto_to_hash(packed_key->algorithm);
-	if (key->hash_alg == VB2_HASH_INVALID) {
-		VB2_DEBUG("Unsupported hash algorithm.\n");
-		return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
-	}
-
-	expected_key_size = vb2_packed_key_size(key->sig_alg);
-	if (!expected_key_size || expected_key_size != packed_key->key_size) {
-		VB2_DEBUG("Wrong key size for algorithm\n");
-		return VB2_ERROR_UNPACK_KEY_SIZE;
-	}
-
-	/* Make sure source buffer is 32-bit aligned */
-	buf32 = (const uint32_t *)vb2_packed_key_data(packed_key);
-	if (!vb_aligned(buf32, sizeof(uint32_t)))
-		return VB2_ERROR_UNPACK_KEY_ALIGN;
-
-	/* Sanity check key array size */
-	key->arrsize = buf32[0];
-	if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg))
-		return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
-
-	key->n0inv = buf32[1];
-
-	/* Arrays point inside the key data */
-	key->n = buf32 + 2;
-	key->rr = buf32 + 2 + key->arrsize;
-
-	return VB2_SUCCESS;
-}
-
 int vb2_verify_digest(const struct vb2_public_key *key,
 		      struct vb2_signature *sig,
 		      const uint8_t *digest,

firmware/2lib/2misc.c

@@ -365,7 +365,7 @@ int vb2_select_fw_slot(struct vb2_context *ctx)
 	return VB2_SUCCESS;
 }
 
-int vb2_verify_fw_keyblock(struct vb2_context *ctx)
+int vb2_load_fw_keyblock(struct vb2_context *ctx)
 {
 	struct vb2_shared_data *sd = vb2_get_sd(ctx);
 	struct vb2_workbuf wb;
@@ -478,9 +478,7 @@ int vb2_verify_fw_keyblock(struct vb2_context *ctx)
 	return VB2_SUCCESS;
 }
 
-// TODO: Terrible that this and the low-level verification want to have the
-// same function name.  Pick a better name...
-int vb2_verify_fw_preamble2(struct vb2_context *ctx)
+int vb2_load_fw_preamble(struct vb2_context *ctx)
 {
 	struct vb2_shared_data *sd = vb2_get_sd(ctx);
 	struct vb2_workbuf wb;
@@ -549,7 +547,7 @@ int vb2_verify_fw_preamble2(struct vb2_context *ctx)
 	if (pre->firmware_version > 0xffff)
 		return VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE;
 
-	/* Combine with the key version from vb2_verify_fw_keyblock() */
+	/* Combine with the key version from vb2_load_fw_keyblock() */
 	sd->fw_version |= pre->firmware_version;
 	if (sd->fw_version < sec_version)
 		return VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK;

firmware/2lib/2packed_key.c

@@ -0,0 +1,77 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Key unpacking functions
+ */
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+
+const uint8_t *vb2_packed_key_data(const struct vb2_packed_key *key)
+{
+	return (const uint8_t *)key + key->key_offset;
+}
+
+int vb2_verify_packed_key_inside(const void *parent,
+				 uint32_t parent_size,
+				 const struct vb2_packed_key *key)
+{
+	return vb2_verify_member_inside(parent, parent_size,
+					key, sizeof(*key),
+					key->key_offset, key->key_size);
+}
+
+int vb2_unpack_key(struct vb2_public_key *key,
+		   const uint8_t *buf,
+		   uint32_t size)
+{
+	const struct vb2_packed_key *packed_key =
+		(const struct vb2_packed_key *)buf;
+	const uint32_t *buf32;
+	uint32_t expected_key_size;
+	int rv;
+
+	/* Make sure passed buffer is big enough for the packed key */
+	rv = vb2_verify_packed_key_inside(buf, size, packed_key);
+	if (rv)
+		return rv;
+
+	/* Unpack key algorithm */
+	key->sig_alg = vb2_crypto_to_signature(packed_key->algorithm);
+	if (key->sig_alg == VB2_SIG_INVALID) {
+		VB2_DEBUG("Unsupported signature algorithm.\n");
+		return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
+	}
+
+	key->hash_alg = vb2_crypto_to_hash(packed_key->algorithm);
+	if (key->hash_alg == VB2_HASH_INVALID) {
+		VB2_DEBUG("Unsupported hash algorithm.\n");
+		return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
+	}
+
+	expected_key_size = vb2_packed_key_size(key->sig_alg);
+	if (!expected_key_size || expected_key_size != packed_key->key_size) {
+		VB2_DEBUG("Wrong key size for algorithm\n");
+		return VB2_ERROR_UNPACK_KEY_SIZE;
+	}
+
+	/* Make sure source buffer is 32-bit aligned */
+	buf32 = (const uint32_t *)vb2_packed_key_data(packed_key);
+	if (!vb_aligned(buf32, sizeof(uint32_t)))
+		return VB2_ERROR_UNPACK_KEY_ALIGN;
+
+	/* Sanity check key array size */
+	key->arrsize = buf32[0];
+	if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg))
+		return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE;
+
+	key->n0inv = buf32[1];
+
+	/* Arrays point inside the key data */
+	key->n = buf32 + 2;
+	key->rr = buf32 + 2 + key->arrsize;
+
+	return VB2_SUCCESS;
+}

firmware/2lib/include/2misc.h

@@ -128,7 +128,7 @@ int vb2_select_fw_slot(struct vb2_context *ctx);
  * @param ctx		Vboot context
  * @return VB2_SUCCESS, or error code on error.
  */
-int vb2_verify_fw_keyblock(struct vb2_context *ctx);
+int vb2_load_fw_keyblock(struct vb2_context *ctx);
 
 /**
  * Verify the firmware preamble using the data subkey from the keyblock.
@@ -138,6 +138,6 @@ int vb2_verify_fw_keyblock(struct vb2_context *ctx);
  * @param ctx		Vboot context
  * @return VB2_SUCCESS, or error code on error.
  */
-int vb2_verify_fw_preamble2(struct vb2_context *ctx);
+int vb2_load_fw_preamble(struct vb2_context *ctx);
 
 #endif  /* VBOOT_REFERENCE_VBOOT_2MISC_H_ */

firmware/2lib/include/2return_codes.h

@@ -263,34 +263,34 @@ enum vb2_return_code {
 	/* Header size too small in vb2_read_gbb_header() */
 	VB2_ERROR_GBB_HEADER_SIZE,
 
-	/* Work buffer too small for root key in vb2_verify_fw_keyblock() */
+	/* Work buffer too small for root key in vb2_load_fw_keyblock() */
 	VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY,
 
-	/* Work buffer too small for header in vb2_verify_fw_keyblock() */
+	/* Work buffer too small for header in vb2_load_fw_keyblock() */
 	VB2_ERROR_FW_KEYBLOCK_WORKBUF_HEADER,
 
-	/* Work buffer too small for keyblock in vb2_verify_fw_keyblock() */
+	/* Work buffer too small for keyblock in vb2_load_fw_keyblock() */
 	VB2_ERROR_FW_KEYBLOCK_WORKBUF,
 
-	/* Keyblock version out of range in vb2_verify_fw_keyblock() */
+	/* Keyblock version out of range in vb2_load_fw_keyblock() */
 	VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE,
 
-	/* Keyblock version rollback in vb2_verify_fw_keyblock() */
+	/* Keyblock version rollback in vb2_load_fw_keyblock() */
 	VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK,
 
-	/* Missing firmware data key in vb2_verify_fw_preamble2() */
+	/* Missing firmware data key in vb2_load_fw_preamble() */
 	VB2_ERROR_FW_PREAMBLE2_DATA_KEY,
 
-	/* Work buffer too small for header in vb2_verify_fw_preamble2() */
+	/* Work buffer too small for header in vb2_load_fw_preamble() */
 	VB2_ERROR_FW_PREAMBLE2_WORKBUF_HEADER,
 
-	/* Work buffer too small for preamble in vb2_verify_fw_preamble2() */
+	/* Work buffer too small for preamble in vb2_load_fw_preamble() */
 	VB2_ERROR_FW_PREAMBLE2_WORKBUF,
 
-	/* Firmware version out of range in vb2_verify_fw_preamble2() */
+	/* Firmware version out of range in vb2_load_fw_preamble() */
 	VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE,
 
-	/* Firmware version rollback in vb2_verify_fw_preamble2() */
+	/* Firmware version rollback in vb2_load_fw_preamble() */
 	VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK,
 
         /**********************************************************************

tests/vb2_api_tests.c

@@ -35,8 +35,8 @@ static int retval_vb2_fw_parse_gbb;
 static int retval_vb2_check_dev_switch;
 static int retval_vb2_check_tpm_clear;
 static int retval_vb2_select_fw_slot;
-static int retval_vb2_verify_fw_keyblock;
-static int retval_vb2_verify_fw_preamble2;
+static int retval_vb2_load_fw_keyblock;
+static int retval_vb2_load_fw_preamble;
 static int retval_vb2_digest_finalize;
 static int retval_vb2_verify_digest;
 
@@ -70,8 +70,8 @@ static void reset_common_data(enum reset_type t)
 	retval_vb2_check_dev_switch = VB2_SUCCESS;
 	retval_vb2_check_tpm_clear = VB2_SUCCESS;
 	retval_vb2_select_fw_slot = VB2_SUCCESS;
-	retval_vb2_verify_fw_keyblock = VB2_SUCCESS;
-	retval_vb2_verify_fw_preamble2 = VB2_SUCCESS;
+	retval_vb2_load_fw_keyblock = VB2_SUCCESS;
+	retval_vb2_load_fw_preamble = VB2_SUCCESS;
 	retval_vb2_digest_finalize = VB2_SUCCESS;
 	retval_vb2_verify_digest = VB2_SUCCESS;
 
@@ -121,14 +121,14 @@ int vb2_select_fw_slot(struct vb2_context *ctx)
 	return retval_vb2_select_fw_slot;
 }
 
-int vb2_verify_fw_keyblock(struct vb2_context *ctx)
+int vb2_load_fw_keyblock(struct vb2_context *ctx)
 {
-	return retval_vb2_verify_fw_keyblock;
+	return retval_vb2_load_fw_keyblock;
 }
 
-int vb2_verify_fw_preamble2(struct vb2_context *ctx)
+int vb2_load_fw_preamble(struct vb2_context *ctx)
 {
-	return retval_vb2_verify_fw_preamble2;
+	return retval_vb2_load_fw_preamble;
 }
 
 int vb2_unpack_key(struct vb2_public_key *key,
@@ -268,13 +268,13 @@ static void phase3_tests(void)
 	TEST_SUCC(vb2api_fw_phase3(&cc), "phase3 good");
 
 	reset_common_data(FOR_MISC);
-	retval_vb2_verify_fw_keyblock = VB2_ERROR_MOCK;
+	retval_vb2_load_fw_keyblock = VB2_ERROR_MOCK;
 	TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock");
 	TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST),
 		VB2_RECOVERY_RO_INVALID_RW, "  recovery reason");
 
 	reset_common_data(FOR_MISC);
-	retval_vb2_verify_fw_preamble2 = VB2_ERROR_MOCK;
+	retval_vb2_load_fw_preamble = VB2_ERROR_MOCK;
 	TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock");
 	TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST),
 		VB2_RECOVERY_RO_INVALID_RW, "  recovery reason");

tests/vb2_misc2_tests.c

@@ -107,7 +107,7 @@ static void reset_common_data(enum reset_type t)
 
 	/* If verifying preamble, verify keyblock first to set up data key */
 	if (t == FOR_PREAMBLE)
-		vb2_verify_fw_keyblock(&cc);
+		vb2_load_fw_keyblock(&cc);
 };
 
 /* Mocked functions */
@@ -178,7 +178,7 @@ static void verify_keyblock_tests(void)
 	/* Test successful call */
 	reset_common_data(FOR_KEYBLOCK);
 	wb_used_before = cc.workbuf_used;
-	TEST_SUCC(vb2_verify_fw_keyblock(&cc), "keyblock verify");
+	TEST_SUCC(vb2_load_fw_keyblock(&cc), "keyblock verify");
 	TEST_EQ(sd->fw_version, 0x20000, "keyblock version");
 	TEST_EQ(sd->vblock_preamble_offset, sizeof(mock_vblock.k),
 		"preamble offset");
@@ -207,62 +207,62 @@ static void verify_keyblock_tests(void)
 	/* Test failures */
 	reset_common_data(FOR_KEYBLOCK);
 	cc.workbuf_used = cc.workbuf_size - sd->gbb_rootkey_size + 8;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_FW_KEYBLOCK_WORKBUF_ROOT_KEY,
 		"keyblock not enough workbuf for root key");
 
 	reset_common_data(FOR_KEYBLOCK);
 	sd->gbb_rootkey_size = sizeof(mock_gbb);
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_EX_READ_RESOURCE_SIZE,
 		"keyblock read root key");
 
 	reset_common_data(FOR_KEYBLOCK);
 	mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
 		"keyblock unpack root key");
 
 	reset_common_data(FOR_KEYBLOCK);
 	cc.workbuf_used = cc.workbuf_size - sd->gbb_rootkey_size - 8;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_FW_KEYBLOCK_WORKBUF_HEADER,
 		"keyblock not enough workbuf for header");
 
 	reset_common_data(FOR_KEYBLOCK);
 	mock_read_res_fail_on_call = 2;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_EX_READ_RESOURCE_INDEX,
 		"keyblock read keyblock header");
 
 	reset_common_data(FOR_KEYBLOCK);
 	cc.workbuf_used = cc.workbuf_size - sd->gbb_rootkey_size
 		- sizeof(struct vb2_keyblock);
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_FW_KEYBLOCK_WORKBUF,
 		"keyblock not enough workbuf for entire keyblock");
 
 	reset_common_data(FOR_KEYBLOCK);
 	kb->keyblock_size = sizeof(mock_vblock) + 1;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_EX_READ_RESOURCE_SIZE,
 		"keyblock read keyblock");
 
 	reset_common_data(FOR_KEYBLOCK);
 	mock_verify_keyblock_retval = VB2_ERROR_KEYBLOCK_MAGIC;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_KEYBLOCK_MAGIC,
 		"keyblock verify keyblock");
 
 	reset_common_data(FOR_KEYBLOCK);
 	kb->data_key.key_version = 0x10000;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_FW_KEYBLOCK_VERSION_RANGE,
 		"keyblock version range");
 
 	reset_common_data(FOR_KEYBLOCK);
 	kb->data_key.key_version = 1;
-	TEST_EQ(vb2_verify_fw_keyblock(&cc),
+	TEST_EQ(vb2_load_fw_keyblock(&cc),
 		VB2_ERROR_FW_KEYBLOCK_VERSION_ROLLBACK,
 		"keyblock rollback");
 }
@@ -276,7 +276,7 @@ static void verify_preamble_tests(void)
 	/* Test successful call */
 	reset_common_data(FOR_PREAMBLE);
 	wb_used_before = cc.workbuf_used;
-	TEST_SUCC(vb2_verify_fw_preamble2(&cc), "preamble good");
+	TEST_SUCC(vb2_load_fw_preamble(&cc), "preamble good");
 	TEST_EQ(sd->fw_version, 0x20002, "combined version");
 	TEST_EQ(sd->workbuf_preamble_offset,
 		(wb_used_before + (VB2_WORKBUF_ALIGN - 1)) &
@@ -290,61 +290,61 @@ static void verify_preamble_tests(void)
 	/* Expected failures */
 	reset_common_data(FOR_PREAMBLE);
 	sd->workbuf_data_key_size = 0;
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_FW_PREAMBLE2_DATA_KEY,
 		"preamble no data key");
 
 	reset_common_data(FOR_PREAMBLE);
 	mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
 		"preamble unpack data key");
 
 	reset_common_data(FOR_PREAMBLE);
 	cc.workbuf_used = cc.workbuf_size - sizeof(struct vb2_fw_preamble) + 8;
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_FW_PREAMBLE2_WORKBUF_HEADER,
 		"preamble not enough workbuf for header");
 
 	reset_common_data(FOR_PREAMBLE);
 	sd->vblock_preamble_offset = sizeof(mock_vblock);
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_EX_READ_RESOURCE_SIZE,
 		"preamble read header");
 
 	reset_common_data(FOR_PREAMBLE);
 	cc.workbuf_used = cc.workbuf_size - sizeof(mock_vblock.p) + 8;
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_FW_PREAMBLE2_WORKBUF,
 		"preamble not enough workbuf");
 
 	reset_common_data(FOR_PREAMBLE);
 	pre->preamble_size = sizeof(mock_vblock);
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_EX_READ_RESOURCE_SIZE,
 		"preamble read full");
 
 	reset_common_data(FOR_PREAMBLE);
 	mock_verify_preamble_retval = VB2_ERROR_PREAMBLE_SIG_INVALID;
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_PREAMBLE_SIG_INVALID,
 		"preamble verify");
 
 	reset_common_data(FOR_PREAMBLE);
 	pre->firmware_version = 0x10000;
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_FW_PREAMBLE2_VERSION_RANGE,
 		"preamble version range");
 
 	reset_common_data(FOR_PREAMBLE);
 	pre->firmware_version = 1;
-	TEST_EQ(vb2_verify_fw_preamble2(&cc),
+	TEST_EQ(vb2_load_fw_preamble(&cc),
 		VB2_ERROR_FW_PREAMBLE2_VERSION_ROLLBACK,
 		"preamble version rollback");
 
 	reset_common_data(FOR_PREAMBLE);
 	pre->firmware_version = 3;
-	TEST_SUCC(vb2_verify_fw_preamble2(&cc),
+	TEST_SUCC(vb2_load_fw_preamble(&cc),
 		  "preamble version roll forward");
 	vb2_secdata_get(&cc, VB2_SECDATA_VERSIONS, &v);
 	TEST_EQ(v, 0x20003, "roll forward");
@@ -353,7 +353,7 @@ static void verify_preamble_tests(void)
 	reset_common_data(FOR_PREAMBLE);
 	pre->firmware_version = 3;
 	sd->last_fw_result = VB2_FW_RESULT_UNKNOWN;
-	TEST_SUCC(vb2_verify_fw_preamble2(&cc),
+	TEST_SUCC(vb2_load_fw_preamble(&cc),
 		  "preamble version no roll forward 1");
 	vb2_secdata_get(&cc, VB2_SECDATA_VERSIONS, &v);
 	TEST_EQ(v, 0x20002, "no roll forward");
@@ -362,7 +362,7 @@ static void verify_preamble_tests(void)
 	reset_common_data(FOR_PREAMBLE);
 	pre->firmware_version = 3;
 	sd->last_fw_slot = 1;
-	TEST_SUCC(vb2_verify_fw_preamble2(&cc),
+	TEST_SUCC(vb2_load_fw_preamble(&cc),
 		  "preamble version no roll forward 2");
 	vb2_secdata_get(&cc, VB2_SECDATA_VERSIONS, &v);
 	TEST_EQ(v, 0x20002, "no roll forward");