M7350/bootable/bootloader/lk/app/tests/kauth_test.c

/*
 * Copyright (c) 2014-2015, The Linux Foundation. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 *     * Redistributions of source code must retain the above copyright
 *       notice, this list of conditions and the following disclaimer.
 *     * Redistributions in binary form must reproduce the above
 *       copyright notice, this list of conditions and the following
 *       disclaimer in the documentation and/or other materials provided
 *       with the distribution.
 *     * Neither the name of The Linux Foundation, Inc. nor the names of its
 *       contributors may be used to endorse or promote products derived
 *       from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 * IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include <app/kauth_test.h>
#include <crypto_hash.h>
#include <partition_parser.h>
#include <arch/defines.h>
#include <debug.h>
#include <stdlib.h>
#include <string.h>
#if VERIFIED_BOOT
#include <boot_verifier.h>
#endif
/* The test assumes the image and its signature to be verified
 * are flashed in the system and userdata partitions respectively.
 * The test reads the images and validates the decrypted signature
 * with the hash of the image. Customers can modify the partition names
 * and image size to custom values as per their requirements.
 */

void kauth_test(const char *arg, void *data, unsigned sz)
{
	int ret = 0;
#if VERIFIED_BOOT
	int i;
	int vboot_ret[12];
	int vboot_expected[12] = {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
	const char *image = "Test Input File";
	unsigned int image_len = strlen(image);
	KEYSTORE *ks = boot_gerity_get_oem_keystore();
	bool test_pass = true;
#else
	unsigned long long ptn = 0;
	int index = INVALID_PTN;
	unsigned char *image = NULL;
	unsigned char *signature = NULL;
	uint32_t page_size = mmc_page_size();
#endif
#if !VERIFIED_BOOT
#if IMAGE_VERIF_ALGO_SHA1
	uint32_t auth_algo = CRYPTO_AUTH_ALG_SHA1;
#else
	uint32_t auth_algo = CRYPTO_AUTH_ALG_SHA256;
#endif
#endif

#if !VERIFIED_BOOT
	index = partition_get_index("system");
	ptn = partition_get_offset(index);

	if(!ptn)
	{
		dprintf(CRITICAL, "partition system not found\n");
		return;
	}

	image = (unsigned char*) memalign(CACHE_LINE, ROUNDUP(IMAGE_SIZE, CACHE_LINE));

	ASSERT(image);

	if(mmc_read(ptn, (unsigned int*) image, IMAGE_SIZE))
	{
		dprintf(CRITICAL,"mmc_read system failed\n");
		goto err;
	}
	signature = (unsigned char*) memalign(CACHE_LINE, ROUNDUP(page_size, CACHE_LINE));

	ASSERT(signature);

	index = partition_get_index("userdata");
	ptn = partition_get_offset(index);

	if(!ptn)
	{
		dprintf(CRITICAL,"partition userdata not found\n");
		goto err;
	}

	if(mmc_read(ptn, (unsigned int*) signature, page_size))
	{
		dprintf(CRITICAL,"mmc_read signature failed\n");
		goto err;
	}
#endif

	dprintf(INFO, "kauth_test: Authenticating boot image (%d): start\n", IMAGE_SIZE);

#if VERIFIED_BOOT
	for (i = 0; i < 12; i++)
	{
		ret = boot_verify_compare_sha256((unsigned char *)image, image_len, vboot_signatures[i], ks->mykeybag->mykey->key_material);
		vboot_ret[i] = ret;
	}
	for (i = 0; i < 12; i++)
	{
		if (vboot_ret[i] != vboot_expected[i])
			test_pass = false;
			ret = i;
	}

	if (test_pass)
		dprintf(INFO, "Kauth_test: PASS for all usecases\n");
	else
		dprintf(INFO, "Kauth_test failed for : %s\n", vboot_signatures_str[ret]);
#else
	ret = image_verify(image, signature, IMAGE_SIZE, auth_algo);
	dprintf(INFO, "kauth_test: Authenticating boot image: done return value = %d\n", ret);
#endif

#if !VERIFIED_BOOT
err:
	if(image)
		free(image);
	if(signature)
		free(signature);
#endif
}
M7350v5_en_gpl 2024-09-09 08:57:42 +00:00			`/*`
			`* Copyright (c) 2014-2015, The Linux Foundation. All rights reserved.`
			`*`
			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted provided that the following conditions are`
			`* met:`
			`* * Redistributions of source code must retain the above copyright`
			`* notice, this list of conditions and the following disclaimer.`
			`* * Redistributions in binary form must reproduce the above`
			`* copyright notice, this list of conditions and the following`
			`* disclaimer in the documentation and/or other materials provided`
			`* with the distribution.`
			`* * Neither the name of The Linux Foundation, Inc. nor the names of its`
			`* contributors may be used to endorse or promote products derived`
			`* from this software without specific prior written permission.`
			`*`
			`* THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED`
			`* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF`
			`* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT`
			`* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS`
			`* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR`
			`* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF`
			`* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR`
			`* BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,`
			`* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE`
			`* OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN`
			`* IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`
			`*/`

			`#include <app/kauth_test.h>`
			`#include <crypto_hash.h>`
			`#include <partition_parser.h>`
			`#include <arch/defines.h>`
			`#include <debug.h>`
			`#include <stdlib.h>`
			`#include <string.h>`
			`#if VERIFIED_BOOT`
			`#include <boot_verifier.h>`
			`#endif`
			`/* The test assumes the image and its signature to be verified`
			`* are flashed in the system and userdata partitions respectively.`
			`* The test reads the images and validates the decrypted signature`
			`* with the hash of the image. Customers can modify the partition names`
			`* and image size to custom values as per their requirements.`
			`*/`

			`void kauth_test(const char arg, void data, unsigned sz)`
			`{`
			`int ret = 0;`
			`#if VERIFIED_BOOT`
			`int i;`
			`int vboot_ret[12];`
			`int vboot_expected[12] = {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};`
			`const char *image = "Test Input File";`
			`unsigned int image_len = strlen(image);`
			`KEYSTORE *ks = boot_gerity_get_oem_keystore();`
			`bool test_pass = true;`
			`#else`
			`unsigned long long ptn = 0;`
			`int index = INVALID_PTN;`
			`unsigned char *image = NULL;`
			`unsigned char *signature = NULL;`
			`uint32_t page_size = mmc_page_size();`
			`#endif`
			`#if !VERIFIED_BOOT`
			`#if IMAGE_VERIF_ALGO_SHA1`
			`uint32_t auth_algo = CRYPTO_AUTH_ALG_SHA1;`
			`#else`
			`uint32_t auth_algo = CRYPTO_AUTH_ALG_SHA256;`
			`#endif`
			`#endif`

			`#if !VERIFIED_BOOT`
			`index = partition_get_index("system");`
			`ptn = partition_get_offset(index);`

			`if(!ptn)`
			`{`
			`dprintf(CRITICAL, "partition system not found\n");`
			`return;`
			`}`

			`image = (unsigned char*) memalign(CACHE_LINE, ROUNDUP(IMAGE_SIZE, CACHE_LINE));`

			`ASSERT(image);`

			`if(mmc_read(ptn, (unsigned int*) image, IMAGE_SIZE))`
			`{`
			`dprintf(CRITICAL,"mmc_read system failed\n");`
			`goto err;`
			`}`
			`signature = (unsigned char*) memalign(CACHE_LINE, ROUNDUP(page_size, CACHE_LINE));`

			`ASSERT(signature);`

			`index = partition_get_index("userdata");`
			`ptn = partition_get_offset(index);`

			`if(!ptn)`
			`{`
			`dprintf(CRITICAL,"partition userdata not found\n");`
			`goto err;`
			`}`

			`if(mmc_read(ptn, (unsigned int*) signature, page_size))`
			`{`
			`dprintf(CRITICAL,"mmc_read signature failed\n");`
			`goto err;`
			`}`
			`#endif`

			`dprintf(INFO, "kauth_test: Authenticating boot image (%d): start\n", IMAGE_SIZE);`

			`#if VERIFIED_BOOT`
			`for (i = 0; i < 12; i++)`
			`{`
			`ret = boot_verify_compare_sha256((unsigned char *)image, image_len, vboot_signatures[i], ks->mykeybag->mykey->key_material);`
			`vboot_ret[i] = ret;`
			`}`
			`for (i = 0; i < 12; i++)`
			`{`
			`if (vboot_ret[i] != vboot_expected[i])`
			`test_pass = false;`
			`ret = i;`
			`}`

			`if (test_pass)`
			`dprintf(INFO, "Kauth_test: PASS for all usecases\n");`
			`else`
			`dprintf(INFO, "Kauth_test failed for : %s\n", vboot_signatures_str[ret]);`
			`#else`
			`ret = image_verify(image, signature, IMAGE_SIZE, auth_algo);`
			`dprintf(INFO, "kauth_test: Authenticating boot image: done return value = %d\n", ret);`
			`#endif`

			`#if !VERIFIED_BOOT`
			`err:`
			`if(image)`
			`free(image);`
			`if(signature)`
			`free(signature);`
			`#endif`
			`}`