Propagate use of uint64_t to more functions that may need to deal with arbitrary length data.
This CL fixes some functions to use uint64_t that I missed the first time around. It ended up requiring some minor changes to how some of the helper functions work (StatefulMemcpy*()).
Also adds new tests to make sure that reference code can verify/process big firmware and kernel images.
BUG=670
TEST=Adds some new, old ones still pass.
Review URL: http://codereview.chromium.org/1519008
diff --git a/tests/Makefile b/tests/Makefile
index 585327a..3645e7d 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -12,7 +12,9 @@
UTIL_LIBS = $(TOP)/utils/file_keys.o $(TOP)/utils/signature_digest.o
LIBS = $(IMAGE_LIBS) $(UTIL_LIBS) -lcrypto $(BASE_LIBS)
-tests: firmware_image_tests \
+tests: big_firmware_tests \
+ big_kernel_tests \
+ firmware_image_tests \
firmware_rollback_tests \
firmware_splicing_tests \
firmware_verify_benchmark \
@@ -27,6 +29,12 @@
verify_firmware_fuzz_driver \
verify_kernel_fuzz_driver
+big_firmware_tests: big_firmware_tests.c rollback_index_mock.c test_common.c
+ $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(LIBS)
+
+big_kernel_tests: big_kernel_tests.c rollback_index_mock.c test_common.c
+ $(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(LIBS)
+
firmware_image_tests: firmware_image_tests.c rollback_index_mock.c test_common.c
$(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(LIBS)
@@ -79,7 +87,9 @@
$(CC) $(CFLAGS) $(INCLUDES) $^ -o $@ $(LIBS)
clean:
- rm -f firmware_image_tests \
+ rm -f big_firmware_tests \
+ big_kernel_tests \
+ firmware_image_tests \
firmware_rollback_tests \
firmware_splicing_tests \
firmware_verify_benchmark \
diff --git a/tests/big_firmware_tests.c b/tests/big_firmware_tests.c
new file mode 100644
index 0000000..4079add
--- /dev/null
+++ b/tests/big_firmware_tests.c
@@ -0,0 +1,74 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Tests if firmware image library deals with very large firmware. This
+ * is a quick and dirty test for detecting integer overflow issues.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "file_keys.h"
+#include "firmware_image.h"
+#include "rsa_utility.h"
+#include "test_common.h"
+#include "utility.h"
+
+/* Choose a firmware size greater than the range of 32-bits unsigned. */
+#define BIG_FIRMWARE_SIZE ((uint64_t) 0x100000000)
+
+#define ROOT_KEY_BASE_NAME "testkeys/key_rsa8192"
+#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa1024"
+
+const char* kRootKeyPublicFile = ROOT_KEY_BASE_NAME ".keyb";
+const char* kRootKeyFile = ROOT_KEY_BASE_NAME ".pem";
+const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
+const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
+
+int BigFirmwareTest(void) {
+ int error_code = 0;
+ uint64_t len;
+ uint8_t* firmware_blob = NULL;
+ RSAPublicKey* root_key = RSAPublicKeyFromFile(kRootKeyPublicFile);
+ uint8_t* root_key_blob = BufferFromFile(kRootKeyPublicFile, &len);
+ uint8_t* firmware_sign_key_buf= BufferFromFile(kFirmwareKeyPublicFile, &len);
+ fprintf(stderr, "Generating Big FirmwareImage...");
+ FirmwareImage* image =
+ GenerateTestFirmwareImage(0, /* RSA1024/SHA1 */
+ firmware_sign_key_buf,
+ 1, /* Firmware Key Version. */
+ 1, /* Firmware Version */
+ BIG_FIRMWARE_SIZE,
+ kRootKeyFile,
+ kFirmwareKeyFile,
+ 'F'); /* Firmware data fill. */
+ if (!root_key || !root_key_blob || !firmware_sign_key_buf || !image) {
+ error_code = 1;
+ goto cleanup;
+ }
+ fprintf(stderr, "Done.\n");
+ TEST_EQ(VerifyFirmwareImage(root_key, image),
+ VERIFY_FIRMWARE_SUCCESS,
+ "Big FirmwareImage Verification");
+ firmware_blob = GetFirmwareBlob(image, &len);
+ TEST_EQ(VerifyFirmware(root_key_blob, firmware_blob),
+ VERIFY_FIRMWARE_SUCCESS,
+ "Big Firmware Blob Verification");
+
+ cleanup:
+ Free(firmware_blob);
+ FirmwareImageFree(image);
+ Free(firmware_sign_key_buf);
+ RSAPublicKeyFree(root_key);
+ return error_code;
+}
+
+int main(int argc, char* argv[1])
+{
+ int error_code = 0;
+ error_code = BigFirmwareTest();
+ if (!gTestSuccess)
+ error_code = 255;
+ return error_code;
+}
diff --git a/tests/big_kernel_tests.c b/tests/big_kernel_tests.c
new file mode 100644
index 0000000..81943ba
--- /dev/null
+++ b/tests/big_kernel_tests.c
@@ -0,0 +1,76 @@
+/* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Tests if firmware image library deals with very large firmware. This
+ * is a quick and dirty test for detecting integer overflow issues.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "file_keys.h"
+#include "kernel_image.h"
+#include "rsa_utility.h"
+#include "test_common.h"
+#include "utility.h"
+
+/* Choose a kernel size greater than the range of 32-bits unsigned. */
+#define BIG_KERNEL_SIZE ((uint64_t) 0x100000000)
+
+#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa2048"
+#define KERNEL_KEY_BASE_NAME "testkeys/key_rsa1024"
+
+const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
+const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
+const char* kKernelKeyPublicFile = KERNEL_KEY_BASE_NAME ".keyb";
+const char* kKernelKeyFile = KERNEL_KEY_BASE_NAME ".pem";
+
+int BigKernelTest() {
+ int error_code = 0;
+ uint64_t len;
+ uint8_t* kernel_blob = NULL;
+ RSAPublicKey* firmware_key = RSAPublicKeyFromFile(kFirmwareKeyPublicFile);
+ uint8_t* firmware_key_blob = BufferFromFile(kFirmwareKeyPublicFile, &len);
+ uint8_t* kernel_sign_key_buf = BufferFromFile(kKernelKeyPublicFile, &len);
+ fprintf(stderr, "Generating Big KernelImage...");
+ KernelImage* image =
+ GenerateTestKernelImage(3, /* RSA2048/SHA1 */
+ 0, /* RSA1024/SHA1 */
+ kernel_sign_key_buf,
+ 1, /* Kernel Key Version. */
+ 1, /* Kernel Version */
+ BIG_KERNEL_SIZE,
+ kFirmwareKeyFile,
+ kKernelKeyFile,
+ 'K'); /* Kernel Data Fill. */
+ if (!firmware_key || !firmware_key_blob || !kernel_sign_key_buf || !image) {
+ error_code = 1;
+ goto cleanup;
+ }
+ fprintf(stderr, "Done.\n");
+ TEST_EQ(VerifyKernelImage(firmware_key, image, 0),
+ VERIFY_FIRMWARE_SUCCESS,
+ "Big KernelImage Verification");
+ kernel_blob = GetKernelBlob(image, &len);
+ TEST_EQ(VerifyKernel(firmware_key_blob, kernel_blob, 0),
+ VERIFY_FIRMWARE_SUCCESS,
+ "Big Kernel Blob Verification");
+
+cleanup:
+ Free(kernel_blob);
+ KernelImageFree(image);
+ Free(kernel_sign_key_buf);
+ Free(firmware_key_blob);
+ RSAPublicKeyFree(firmware_key);
+ return error_code;
+}
+
+int main(int argc, char* argv[1])
+{
+ int error_code = 0;
+ error_code = BigKernelTest();
+ if (!gTestSuccess)
+ error_code = 255;
+ return error_code;
+}
diff --git a/tests/firmware_rollback_tests.c b/tests/firmware_rollback_tests.c
index e36c003..9973ec7 100644
--- a/tests/firmware_rollback_tests.c
+++ b/tests/firmware_rollback_tests.c
@@ -15,6 +15,8 @@
#include "rollback_index.h"
#include "test_common.h"
+const char* kRootKeyPublicFile = "testkeys/key_rsa8192.keyb";
+
/* Tests that check for correctness of the VerifyFirmwareDriver_f() logic
* and rollback prevention. */
void VerifyFirmwareDriverTest(void) {
@@ -23,8 +25,7 @@
uint8_t* corrupt_firmwareA = NULL;
uint8_t* corrupt_firmwareB = NULL;
uint64_t len;
- uint8_t* root_key_pub = BufferFromFile("testkeys/key_rsa8192.keyb",
- &len);
+ uint8_t* root_key_pub = BufferFromFile(kRootKeyPublicFile, &len);
/* Initialize rollback index state. */
g_firmware_key_version = 1;
diff --git a/tests/firmware_splicing_tests.c b/tests/firmware_splicing_tests.c
index 519e2a1..c71b8b4 100644
--- a/tests/firmware_splicing_tests.c
+++ b/tests/firmware_splicing_tests.c
@@ -15,6 +15,14 @@
#include "test_common.h"
#include "utility.h"
+#define ROOT_KEY_BASE_NAME "testkeys/key_rsa8192"
+#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa1024"
+
+const char* kRootKeyPublicFile = ROOT_KEY_BASE_NAME ".keyb";
+const char* kRootKeyFile = ROOT_KEY_BASE_NAME ".pem";
+const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
+const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
+
void VerifyFirmwareSplicingTest()
{
uint64_t len;
@@ -22,26 +30,25 @@
FirmwareImage* image2 = NULL;
uint8_t* firmware_blob = NULL;
uint8_t* firmware_sign_key_buf = NULL;
- RSAPublicKey* root_key = RSAPublicKeyFromFile("testkeys/key_rsa8192.keyb");
- uint8_t* root_key_blob = BufferFromFile("testkeys/key_rsa8192.keyb",
- &len);
- firmware_sign_key_buf= BufferFromFile("testkeys/key_rsa1024.keyb", &len);
+ RSAPublicKey* root_key = RSAPublicKeyFromFile(kRootKeyPublicFile);
+ uint8_t* root_key_blob = BufferFromFile(kRootKeyPublicFile, &len);
+ firmware_sign_key_buf= BufferFromFile(kFirmwareKeyPublicFile, &len);
image1 = GenerateTestFirmwareImage(0, /* RSA1024/SHA1 */
firmware_sign_key_buf,
1, /* Firmware Key Version. */
1, /* Firmware Version */
1000,
- "testkeys/key_rsa8192.pem",
- "testkeys/key_rsa1024.pem",
- (uint8_t) 'F'); /* Firmware data fill. */
+ kRootKeyFile,
+ kFirmwareKeyFile,
+ 'F'); /* Firmware data fill. */
image2 = GenerateTestFirmwareImage(0, /* RSA1024/SHA1 */
firmware_sign_key_buf,
1, /* Firmware Key Version. */
2, /* Firmware Version */
1000,
- "testkeys/key_rsa8192.pem",
- "testkeys/key_rsa1024.pem",
- (uint8_t) 'G'); /* Firmware data fill. */
+ kRootKeyFile,
+ kFirmwareKeyFile,
+ 'G'); /* Different Firmware data fill. */
/* Verify that the originals verify. */
TEST_EQ(VerifyFirmwareImage(root_key, image1),
VERIFY_FIRMWARE_SUCCESS,
diff --git a/tests/kernel_rollback_tests.c b/tests/kernel_rollback_tests.c
index c956300..eafbaaa 100644
--- a/tests/kernel_rollback_tests.c
+++ b/tests/kernel_rollback_tests.c
@@ -15,12 +15,14 @@
#include "test_common.h"
#include "utility.h"
+const char* kFirmwareKeyPublicFile = "testkeys/key_rsa1024.keyb";
+
/* Tests that check for correctness of the VerifyFirmwareDriver_f() logic
* and rollback prevention. */
void VerifyKernelDriverTest(void) {
uint64_t len;
- uint8_t* firmware_key_pub = BufferFromFile("testkeys/key_rsa1024.keyb",
- &len);
+ uint8_t* firmware_key_pub = BufferFromFile(kFirmwareKeyPublicFile, &len);
+
/* Initialize kernel blobs, including their associated parition
* table attributed. */
kernel_entry valid_kernelA = {
diff --git a/tests/kernel_splicing_tests.c b/tests/kernel_splicing_tests.c
index bdd3101..da29eb1 100644
--- a/tests/kernel_splicing_tests.c
+++ b/tests/kernel_splicing_tests.c
@@ -15,6 +15,14 @@
#include "test_common.h"
#include "utility.h"
+#define FIRMWARE_KEY_BASE_NAME "testkeys/key_rsa2048"
+#define KERNEL_KEY_BASE_NAME "testkeys/key_rsa1024"
+
+const char* kFirmwareKeyPublicFile = FIRMWARE_KEY_BASE_NAME ".keyb";
+const char* kFirmwareKeyFile = FIRMWARE_KEY_BASE_NAME ".pem";
+const char* kKernelKeyPublicFile = KERNEL_KEY_BASE_NAME ".keyb";
+const char* kKernelKeyFile = KERNEL_KEY_BASE_NAME ".pem";
+
void VerifyKernelSplicingTest()
{
uint64_t len;
@@ -22,29 +30,27 @@
KernelImage* image2 = NULL;
uint8_t* kernel_blob = NULL;
uint8_t* kernel_sign_key_buf = NULL;
- RSAPublicKey* firmware_key =
- RSAPublicKeyFromFile("testkeys/key_rsa2048.keyb");
- uint8_t* firmware_key_blob = BufferFromFile("testkeys/key_rsa2048.keyb",
- &len);
- kernel_sign_key_buf= BufferFromFile("testkeys/key_rsa1024.keyb", &len);
+ RSAPublicKey* firmware_key = RSAPublicKeyFromFile(kFirmwareKeyPublicFile);
+ uint8_t* firmware_key_blob = BufferFromFile(kFirmwareKeyPublicFile, &len);
+ kernel_sign_key_buf= BufferFromFile(kKernelKeyPublicFile, &len);
image1 = GenerateTestKernelImage(3, /* RSA2048/SHA1 */
0, /* RSA1024/SHA1 */
kernel_sign_key_buf,
1, /* Kernel Key Version. */
1, /* Kernel Version */
1000, /* Kernel Size. */
- "testkeys/key_rsa2048.pem",
- "testkeys/key_rsa1024.pem",
- (uint8_t) 'K'); /* Kernel data fill. */
+ kFirmwareKeyFile,
+ kKernelKeyFile,
+ 'K'); /* Kernel data fill. */
image2 = GenerateTestKernelImage(3, /* RSA2058/SHA1 */
0, /* RSA1024/SHA1 */
kernel_sign_key_buf,
1, /* Kernel Key Version. */
2, /* Kernel Version */
1000, /* Kernel Size */
- "testkeys/key_rsa2048.pem",
- "testkeys/key_rsa1024.pem",
- (uint8_t) 'K'); /* Kernel data fill. */
+ kFirmwareKeyFile,
+ kKernelKeyFile,
+ 'L'); /* Different Kernel data fill. */
/* Make sure the originals verify. */
TEST_EQ(VerifyKernelImage(firmware_key, image1, 0),
VERIFY_KERNEL_SUCCESS,
diff --git a/tests/test_common.c b/tests/test_common.c
index 929e91f..b57f6ed 100644
--- a/tests/test_common.c
+++ b/tests/test_common.c
@@ -37,7 +37,7 @@
const uint8_t* firmware_sign_key,
int firmware_key_version,
int firmware_version,
- int firmware_len,
+ uint64_t firmware_len,
const char* root_key_file,
const char* firmware_key_file,
uint8_t firmware_data_fill_char) {
@@ -84,7 +84,7 @@
const uint8_t* firmware_sign_key,
int firmware_key_version,
int firmware_version,
- int firmware_len,
+ uint64_t firmware_len,
const char* root_key_file,
const char* firmware_key_file) {
FirmwareImage* image = NULL;
@@ -142,7 +142,7 @@
const uint8_t* kernel_sign_key,
int kernel_key_version,
int kernel_version,
- int kernel_len,
+ uint64_t kernel_len,
const char* firmware_key_file,
const char* kernel_key_file,
uint8_t kernel_data_fill_char) {
@@ -197,7 +197,7 @@
const uint8_t* kernel_sign_key,
int kernel_key_version,
int kernel_version,
- int kernel_len,
+ uint64_t kernel_len,
const char* firmware_key_file,
const char* kernel_key_file) {
KernelImage* image = NULL;
diff --git a/tests/test_common.h b/tests/test_common.h
index 15746b5..6fed1b4 100644
--- a/tests/test_common.h
+++ b/tests/test_common.h
@@ -22,7 +22,7 @@
const uint8_t* firmware_sign_key,
int firmware_key_version,
int firmware_version,
- int firmware_len,
+ uint64_t firmware_len,
const char* root_key_file,
const char* firmware_key_file,
uint8_t firmware_data_fill_char);
@@ -30,7 +30,7 @@
const uint8_t* firmware_sign_key,
int firmware_key_version,
int firmware_version,
- int firmware_len,
+ uint64_t firmware_len,
const char* root_key_file,
const char* firmware_key_file);
@@ -40,7 +40,7 @@
const uint8_t* kernel_sign_key,
int kernel_key_version,
int kernel_version,
- int kernel_len,
+ uint64_t kernel_len,
const char* firmware_key_file,
const char* kernel_key_file,
uint8_t kernel_data_fill_char);
@@ -50,7 +50,7 @@
const uint8_t* kernel_sign_key,
int kernel_key_version,
int kernel_version,
- int kernel_len,
+ uint64_t kernel_len,
const char* firmware_key_file,
const char* kernel_key_file);