1 # SPDX-License-Identifier: GPL-2.0+
2 # Copyright (c) 2016, Google Inc.
4 # U-Boot Verified Boot Test
7 This tests verified boot in the following ways:
9 For image verification:
10 - Create FIT (unsigned) with mkimage
11 - Check that verification shows that no keys are verified
13 - Check that verification shows that a key is now verified
15 For configuration verification:
16 - Corrupt signature and check for failure
17 - Create FIT (with unsigned configuration) with mkimage
18 - Check that image verification works
19 - Sign the FIT and mark the key as 'required' for verification
20 - Check that image verification works
21 - Corrupt the signature
22 - Check that image verification no-longer works
24 Tests run with both SHA1 and SHA256 hashing.
30 import u_boot_utils as util
32 @pytest.mark.boardspec('sandbox')
33 @pytest.mark.buildconfigspec('fit_signature')
34 @pytest.mark.requiredtool('dtc')
35 @pytest.mark.requiredtool('fdtget')
36 @pytest.mark.requiredtool('fdtput')
37 @pytest.mark.requiredtool('openssl')
38 def test_vboot(u_boot_console):
39 """Test verified boot signing with mkimage and verification with 'bootm'.
41 This works using sandbox only as it needs to update the device tree used
42 by U-Boot to hold public keys from the signing process.
44 The SHA1 and SHA256 tests are combined into a single test since the
45 key-generation process is quite slow and we want to avoid doing it twice.
48 """Run the device tree compiler to compile a .dts file
50 The output file will be the same as the input file but with a .dtb
54 dts: Device tree file to compile.
56 dtb = dts.replace('.dts', '.dtb')
57 util.run_and_log(cons, 'dtc %s %s%s -O dtb '
58 '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))
60 def run_bootm(sha_algo, test_type, expect_string, boots):
61 """Run a 'bootm' command U-Boot.
63 This always starts a fresh U-Boot instance since the device tree may
64 contain a new public key.
67 test_type: A string identifying the test type.
68 expect_string: A string which is expected in the output.
69 sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
71 boots: A boolean that is True if Linux should boot and False if
72 we are expected to not boot
75 with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)):
76 output = cons.run_command_list(
77 ['host load hostfs - 100 %stest.fit' % tmpdir,
80 assert(expect_string in ''.join(output))
82 assert('sandbox: continuing, as we cannot run' in ''.join(output))
85 """Make a new FIT from the .its source file.
87 This runs 'mkimage -f' to create a new FIT.
90 its: Filename containing .its source.
92 util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f',
93 '%s%s' % (datadir, its), fit])
95 def sign_fit(sha_algo):
98 Signs the FIT and writes the signature into it. It also writes the
99 public key into the dtb.
102 sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
105 cons.log.action('%s: Sign images' % sha_algo)
106 util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb,
109 def replace_fit_totalsize(size):
110 """Replace FIT header's totalsize with something greater.
112 The totalsize must be less than or equal to FIT_SIGNATURE_MAX_SIZE.
113 If the size is greater, the signature verification should return false.
116 size: The new totalsize of the header
119 prev_size: The previous totalsize read from the header
122 with open(fit, 'r+b') as handle:
124 total_size = handle.read(4)
126 handle.write(struct.pack(">I", size))
127 return struct.unpack(">I", total_size)[0]
129 def test_with_algo(sha_algo, padding):
130 """Test verified boot with the given hash algorithm.
132 This is the main part of the test code. The same procedure is followed
133 for both hashing algorithms.
136 sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
139 # Compile our device tree files for kernel and U-Boot. These are
140 # regenerated here since mkimage will modify them (by adding a
142 dtc('sandbox-kernel.dts')
143 dtc('sandbox-u-boot.dts')
145 # Build the FIT, but don't sign anything yet
146 cons.log.action('%s: Test FIT with signed images' % sha_algo)
147 make_fit('sign-images-%s%s.its' % (sha_algo , padding))
148 run_bootm(sha_algo, 'unsigned images', 'dev-', True)
150 # Sign images with our dev keys
152 run_bootm(sha_algo, 'signed images', 'dev+', True)
154 # Create a fresh .dtb without the public keys
155 dtc('sandbox-u-boot.dts')
157 cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
158 make_fit('sign-configs-%s%s.its' % (sha_algo , padding))
159 run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)
161 # Sign images with our dev keys
163 run_bootm(sha_algo, 'signed config', 'dev+', True)
165 cons.log.action('%s: Check signed config on the host' % sha_algo)
167 util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir,
170 # Replace header bytes
171 bcfg = u_boot_console.config.buildconfig
172 max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0)
173 existing_size = replace_fit_totalsize(max_size + 1)
174 run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False)
175 cons.log.action('%s: Check overflowed FIT header totalsize' % sha_algo)
177 # Replace with existing header bytes
178 replace_fit_totalsize(existing_size)
179 run_bootm(sha_algo, 'signed config', 'dev+', True)
180 cons.log.action('%s: Check default FIT header totalsize' % sha_algo)
182 # Increment the first byte of the signature, which should cause failure
183 sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' %
185 byte_list = sig.split()
186 byte = int(byte_list[0], 16)
187 byte_list[0] = '%x' % (byte + 1)
188 sig = ' '.join(byte_list)
189 util.run_and_log(cons, 'fdtput -t bx %s %s value %s' %
190 (fit, sig_node, sig))
192 run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False)
194 cons.log.action('%s: Check bad config on the host' % sha_algo)
195 util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit,
196 '-k', dtb], 1, 'Failed to verify required signature')
198 cons = u_boot_console
199 tmpdir = cons.config.result_dir + '/'
200 tmp = tmpdir + 'vboot.tmp'
201 datadir = cons.config.source_dir + '/test/py/tests/vboot/'
202 fit = '%stest.fit' % tmpdir
203 mkimage = cons.config.build_dir + '/tools/mkimage'
204 fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign'
205 dtc_args = '-I dts -O dtb -i %s' % tmpdir
206 dtb = '%ssandbox-u-boot.dtb' % tmpdir
207 sig_node = '/configurations/conf-1/signature'
209 # Create an RSA key pair
210 public_exponent = 65537
211 util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key '
212 '-pkeyopt rsa_keygen_bits:2048 '
213 '-pkeyopt rsa_keygen_pubexp:%d' %
214 (tmpdir, public_exponent))
216 # Create a certificate containing the public key
217 util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out '
218 '%sdev.crt' % (tmpdir, tmpdir))
220 # Create a number kernel image with zeroes
221 with open('%stest-kernel.bin' % tmpdir, 'w') as fd:
222 fd.write(5000 * chr(0))
225 # We need to use our own device tree file. Remember to restore it
227 old_dtb = cons.config.dtb
228 cons.config.dtb = dtb
229 test_with_algo('sha1','')
230 test_with_algo('sha1','-pss')
231 test_with_algo('sha256','')
232 test_with_algo('sha256','-pss')
234 # Go back to the original U-Boot with the correct dtb.
235 cons.config.dtb = old_dtb