X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=test%2Fpy%2Ftests%2Ftest_vboot.py;h=e9cbd57fbab7c1ac3fa943328a566ef45080f059;hb=1703fbefd9183fffd76f4744a73f5ca9daef6313;hp=6e62820743fe03b63c3c4ce8a1885587b04e53c1;hpb=cbe7706ab8aab06c18edaa9b120371f9c8012728;p=u-boot diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py index 6e62820743..e9cbd57fba 100644 --- a/test/py/tests/test_vboot.py +++ b/test/py/tests/test_vboot.py @@ -1,6 +1,5 @@ -# Copyright (c) 2016, Google Inc. -# # SPDX-License-Identifier: GPL-2.0+ +# Copyright (c) 2016, Google Inc. # # U-Boot Verified Boot Test @@ -27,10 +26,15 @@ Tests run with both SHA1 and SHA256 hashing. import pytest import sys +import struct import u_boot_utils as util @pytest.mark.boardspec('sandbox') @pytest.mark.buildconfigspec('fit_signature') +@pytest.mark.requiredtool('dtc') +@pytest.mark.requiredtool('fdtget') +@pytest.mark.requiredtool('fdtput') +@pytest.mark.requiredtool('openssl') def test_vboot(u_boot_console): """Test verified boot signing with mkimage and verification with 'bootm'. @@ -102,6 +106,26 @@ def test_vboot(u_boot_console): util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb, '-r', fit]) + def replace_fit_totalsize(size): + """Replace FIT header's totalsize with something greater. + + The totalsize must be less than or equal to FIT_SIGNATURE_MAX_SIZE. + If the size is greater, the signature verification should return false. + + Args: + size: The new totalsize of the header + + Returns: + prev_size: The previous totalsize read from the header + """ + total_size = 0 + with open(fit, 'r+b') as handle: + handle.seek(4) + total_size = handle.read(4) + handle.seek(4) + handle.write(struct.pack(">I", size)) + return struct.unpack(">I", total_size)[0] + def test_with_algo(sha_algo): """Test verified boot with the given hash algorithm. @@ -143,6 +167,18 @@ def test_vboot(u_boot_console): util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir, '-k', dtb]) + # Replace header bytes + bcfg = u_boot_console.config.buildconfig + max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0) + existing_size = replace_fit_totalsize(max_size + 1) + run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False) + cons.log.action('%s: Check overflowed FIT header totalsize' % sha_algo) + + # Replace with existing header bytes + replace_fit_totalsize(existing_size) + run_bootm(sha_algo, 'signed config', 'dev+', True) + cons.log.action('%s: Check default FIT header totalsize' % sha_algo) + # Increment the first byte of the signature, which should cause failure sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' % (fit, sig_node)) @@ -174,8 +210,8 @@ def test_vboot(u_boot_console): public_exponent = 65537 util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key ' '-pkeyopt rsa_keygen_bits:2048 ' - '-pkeyopt rsa_keygen_pubexp:%d ' - '2>/dev/null' % (tmpdir, public_exponent)) + '-pkeyopt rsa_keygen_pubexp:%d' % + (tmpdir, public_exponent)) # Create a certificate containing the public key util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out '