[thirdparty/u-boot.git] / test / py / tests / test_vboot.py

# SPDX-License-Identifier:	GPL-2.0+
# Copyright (c) 2016, Google Inc.
#
# U-Boot Verified Boot Test

"""
This tests verified boot in the following ways:

For image verification:
- Create FIT (unsigned) with mkimage
- Check that verification shows that no keys are verified
- Sign image
- Check that verification shows that a key is now verified

For configuration verification:
- Corrupt signature and check for failure
- Create FIT (with unsigned configuration) with mkimage
- Check that image verification works
- Sign the FIT and mark the key as 'required' for verification
- Check that image verification works
- Corrupt the signature
- Check that image verification no-longer works

Tests run with both SHA1 and SHA256 hashing.
"""

import pytest
import sys
import u_boot_utils as util

@pytest.mark.boardspec('sandbox')
@pytest.mark.buildconfigspec('fit_signature')
@pytest.mark.requiredtool('dtc')
@pytest.mark.requiredtool('fdtget')
@pytest.mark.requiredtool('fdtput')
@pytest.mark.requiredtool('openssl')
def test_vboot(u_boot_console):
    """Test verified boot signing with mkimage and verification with 'bootm'.

    This works using sandbox only as it needs to update the device tree used
    by U-Boot to hold public keys from the signing process.

    The SHA1 and SHA256 tests are combined into a single test since the
    key-generation process is quite slow and we want to avoid doing it twice.
    """
    def dtc(dts):
        """Run the device tree compiler to compile a .dts file

        The output file will be the same as the input file but with a .dtb
        extension.

        Args:
            dts: Device tree file to compile.
        """
        dtb = dts.replace('.dts', '.dtb')
        util.run_and_log(cons, 'dtc %s %s%s -O dtb '
                         '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))

    def run_bootm(sha_algo, test_type, expect_string, boots):
        """Run a 'bootm' command U-Boot.

        This always starts a fresh U-Boot instance since the device tree may
        contain a new public key.

        Args:
            test_type: A string identifying the test type.
            expect_string: A string which is expected in the output.
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
            boots: A boolean that is True if Linux should boot and False if
                    we are expected to not boot
        """
        cons.restart_uboot()
        with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)):
            output = cons.run_command_list(
                ['sb load hostfs - 100 %stest.fit' % tmpdir,
                'fdt addr 100',
                'bootm 100'])
        assert(expect_string in ''.join(output))
        if boots:
            assert('sandbox: continuing, as we cannot run' in ''.join(output))

    def make_fit(its):
        """Make a new FIT from the .its source file.

        This runs 'mkimage -f' to create a new FIT.

        Args:
            its: Filename containing .its source.
        """
        util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f',
                                '%s%s' % (datadir, its), fit])

    def sign_fit(sha_algo):
        """Sign the FIT

        Signs the FIT and writes the signature into it. It also writes the
        public key into the dtb.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        cons.log.action('%s: Sign images' % sha_algo)
        util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb,
                                '-r', fit])

    def test_with_algo(sha_algo):
        """Test verified boot with the given hash algorithm.

        This is the main part of the test code. The same procedure is followed
        for both hashing algorithms.

        Args:
            sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
                    use.
        """
        # Compile our device tree files for kernel and U-Boot. These are
        # regenerated here since mkimage will modify them (by adding a
        # public key) below.
        dtc('sandbox-kernel.dts')
        dtc('sandbox-u-boot.dts')

        # Build the FIT, but don't sign anything yet
        cons.log.action('%s: Test FIT with signed images' % sha_algo)
        make_fit('sign-images-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned images', 'dev-', True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed images', 'dev+', True)

        # Create a fresh .dtb without the public keys
        dtc('sandbox-u-boot.dts')

        cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
        make_fit('sign-configs-%s.its' % sha_algo)
        run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)

        # Sign images with our dev keys
        sign_fit(sha_algo)
        run_bootm(sha_algo, 'signed config', 'dev+', True)

        cons.log.action('%s: Check signed config on the host' % sha_algo)

        util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir,
                                '-k', dtb])

        # Increment the first byte of the signature, which should cause failure
        sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' %
                               (fit, sig_node))
        byte_list = sig.split()
        byte = int(byte_list[0], 16)
        byte_list[0] = '%x' % (byte + 1)
        sig = ' '.join(byte_list)
        util.run_and_log(cons, 'fdtput -t bx %s %s value %s' %
                         (fit, sig_node, sig))

        run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False)

        cons.log.action('%s: Check bad config on the host' % sha_algo)
        util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit,
                '-k', dtb], 1, 'Failed to verify required signature')

    cons = u_boot_console
    tmpdir = cons.config.result_dir + '/'
    tmp = tmpdir + 'vboot.tmp'
    datadir = cons.config.source_dir + '/test/py/tests/vboot/'
    fit = '%stest.fit' % tmpdir
    mkimage = cons.config.build_dir + '/tools/mkimage'
    fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign'
    dtc_args = '-I dts -O dtb -i %s' % tmpdir
    dtb = '%ssandbox-u-boot.dtb' % tmpdir
    sig_node = '/configurations/conf@1/signature@1'

    # Create an RSA key pair
    public_exponent = 65537
    util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key '
                     '-pkeyopt rsa_keygen_bits:2048 '
                     '-pkeyopt rsa_keygen_pubexp:%d '
                     '2>/dev/null'  % (tmpdir, public_exponent))

    # Create a certificate containing the public key
    util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out '
                     '%sdev.crt' % (tmpdir, tmpdir))

    # Create a number kernel image with zeroes
    with open('%stest-kernel.bin' % tmpdir, 'w') as fd:
        fd.write(5000 * chr(0))

    try:
        # We need to use our own device tree file. Remember to restore it
        # afterwards.
        old_dtb = cons.config.dtb
        cons.config.dtb = dtb
        test_with_algo('sha1')
        test_with_algo('sha256')
    finally:
        # Go back to the original U-Boot with the correct dtb.
        cons.config.dtb = old_dtb
        cons.restart_uboot()
Commit	Line	Data
8729d582	1	# SPDX-License-Identifier: GPL-2.0+
83d290c5	2	# Copyright (c) 2016, Google Inc.
8729d582 SG	3	#
	4	# U-Boot Verified Boot Test
	5
	6	"""
	7	This tests verified boot in the following ways:
	8
	9	For image verification:
	10	- Create FIT (unsigned) with mkimage
	11	- Check that verification shows that no keys are verified
	12	- Sign image
	13	- Check that verification shows that a key is now verified
	14
	15	For configuration verification:
	16	- Corrupt signature and check for failure
	17	- Create FIT (with unsigned configuration) with mkimage
72f52268	18	- Check that image verification works
8729d582 SG	19	- Sign the FIT and mark the key as 'required' for verification
	20	- Check that image verification works
	21	- Corrupt the signature
	22	- Check that image verification no-longer works
	23
	24	Tests run with both SHA1 and SHA256 hashing.
	25	"""
	26
	27	import pytest
	28	import sys
	29	import u_boot_utils as util
	30
04a4786c	31	@pytest.mark.boardspec('sandbox')
8729d582	32	@pytest.mark.buildconfigspec('fit_signature')
2d26bf6c SW	33	@pytest.mark.requiredtool('dtc')
	34	@pytest.mark.requiredtool('fdtget')
	35	@pytest.mark.requiredtool('fdtput')
	36	@pytest.mark.requiredtool('openssl')
8729d582 SG	37	def test_vboot(u_boot_console):
	38	"""Test verified boot signing with mkimage and verification with 'bootm'.
	39
	40	This works using sandbox only as it needs to update the device tree used
	41	by U-Boot to hold public keys from the signing process.
	42
	43	The SHA1 and SHA256 tests are combined into a single test since the
	44	key-generation process is quite slow and we want to avoid doing it twice.
	45	"""
	46	def dtc(dts):
72f52268	47	"""Run the device tree compiler to compile a .dts file
8729d582 SG	48
	49	The output file will be the same as the input file but with a .dtb
	50	extension.
	51
	52	Args:
	53	dts: Device tree file to compile.
	54	"""
	55	dtb = dts.replace('.dts', '.dtb')
ec70f8a9 SG	56	util.run_and_log(cons, 'dtc %s %s%s -O dtb '
ec70f8a9 SG	57	'-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))
8729d582	58
de4be9ec	59	def run_bootm(sha_algo, test_type, expect_string, boots):
8729d582 SG	60	"""Run a 'bootm' command U-Boot.
	61
	62	This always starts a fresh U-Boot instance since the device tree may
	63	contain a new public key.
	64
	65	Args:
ac9a23cf SG	66	test_type: A string identifying the test type.
	67	expect_string: A string which is expected in the output.
	68	sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
	69	use.
de4be9ec TR	70	boots: A boolean that is True if Linux should boot and False if
de4be9ec TR	71	we are expected to not boot
8729d582	72	"""
27c087d5	73	cons.restart_uboot()
851271a7 SG	74	with cons.log.section('Verified boot %s %s' % (sha_algo, test_type)):
	75	output = cons.run_command_list(
	76	['sb load hostfs - 100 %stest.fit' % tmpdir,
	77	'fdt addr 100',
	78	'bootm 100'])
f6d34651	79	assert(expect_string in ''.join(output))
de4be9ec TR	80	if boots:
de4be9ec TR	81	assert('sandbox: continuing, as we cannot run' in ''.join(output))
8729d582 SG	82
8729d582 SG	83	def make_fit(its):
72f52268	84	"""Make a new FIT from the .its source file.
8729d582 SG	85
	86	This runs 'mkimage -f' to create a new FIT.
	87
	88	Args:
72f52268	89	its: Filename containing .its source.
8729d582 SG	90	"""
	91	util.run_and_log(cons, [mkimage, '-D', dtc_args, '-f',
	92	'%s%s' % (datadir, its), fit])
	93
ac9a23cf	94	def sign_fit(sha_algo):
8729d582 SG	95	"""Sign the FIT
	96
	97	Signs the FIT and writes the signature into it. It also writes the
	98	public key into the dtb.
ac9a23cf SG	99
	100	Args:
	101	sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
	102	use.
8729d582	103	"""
ac9a23cf	104	cons.log.action('%s: Sign images' % sha_algo)
8729d582 SG	105	util.run_and_log(cons, [mkimage, '-F', '-k', tmpdir, '-K', dtb,
	106	'-r', fit])
	107
ac9a23cf	108	def test_with_algo(sha_algo):
72f52268	109	"""Test verified boot with the given hash algorithm.
8729d582 SG	110
	111	This is the main part of the test code. The same procedure is followed
	112	for both hashing algorithms.
	113
	114	Args:
ac9a23cf SG	115	sha_algo: Either 'sha1' or 'sha256', to select the algorithm to
ac9a23cf SG	116	use.
8729d582	117	"""
bcbd0c8f SG	118	# Compile our device tree files for kernel and U-Boot. These are
	119	# regenerated here since mkimage will modify them (by adding a
	120	# public key) below.
8729d582 SG	121	dtc('sandbox-kernel.dts')
	122	dtc('sandbox-u-boot.dts')
	123
	124	# Build the FIT, but don't sign anything yet
ac9a23cf SG	125	cons.log.action('%s: Test FIT with signed images' % sha_algo)
ac9a23cf SG	126	make_fit('sign-images-%s.its' % sha_algo)
de4be9ec	127	run_bootm(sha_algo, 'unsigned images', 'dev-', True)
8729d582 SG	128
8729d582 SG	129	# Sign images with our dev keys
ac9a23cf	130	sign_fit(sha_algo)
de4be9ec	131	run_bootm(sha_algo, 'signed images', 'dev+', True)
8729d582 SG	132
	133	# Create a fresh .dtb without the public keys
	134	dtc('sandbox-u-boot.dts')
	135
ac9a23cf SG	136	cons.log.action('%s: Test FIT with signed configuration' % sha_algo)
ac9a23cf SG	137	make_fit('sign-configs-%s.its' % sha_algo)
de4be9ec	138	run_bootm(sha_algo, 'unsigned config', '%s+ OK' % sha_algo, True)
8729d582 SG	139
8729d582 SG	140	# Sign images with our dev keys
ac9a23cf	141	sign_fit(sha_algo)
de4be9ec	142	run_bootm(sha_algo, 'signed config', 'dev+', True)
8729d582	143
ac9a23cf	144	cons.log.action('%s: Check signed config on the host' % sha_algo)
8729d582 SG	145
	146	util.run_and_log(cons, [fit_check_sign, '-f', fit, '-k', tmpdir,
	147	'-k', dtb])
	148
	149	# Increment the first byte of the signature, which should cause failure
ec70f8a9 SG	150	sig = util.run_and_log(cons, 'fdtget -t bx %s %s value' %
ec70f8a9 SG	151	(fit, sig_node))
8729d582 SG	152	byte_list = sig.split()
8729d582 SG	153	byte = int(byte_list[0], 16)
bcbd0c8f	154	byte_list[0] = '%x' % (byte + 1)
8729d582	155	sig = ' '.join(byte_list)
ec70f8a9 SG	156	util.run_and_log(cons, 'fdtput -t bx %s %s value %s' %
ec70f8a9 SG	157	(fit, sig_node, sig))
8729d582	158
de4be9ec	159	run_bootm(sha_algo, 'Signed config with bad hash', 'Bad Data Hash', False)
8729d582	160
ac9a23cf	161	cons.log.action('%s: Check bad config on the host' % sha_algo)
8729d582 SG	162	util.run_and_log_expect_exception(cons, [fit_check_sign, '-f', fit,
	163	'-k', dtb], 1, 'Failed to verify required signature')
	164
	165	cons = u_boot_console
	166	tmpdir = cons.config.result_dir + '/'
	167	tmp = tmpdir + 'vboot.tmp'
c9ba60c4	168	datadir = cons.config.source_dir + '/test/py/tests/vboot/'
8729d582 SG	169	fit = '%stest.fit' % tmpdir
	170	mkimage = cons.config.build_dir + '/tools/mkimage'
	171	fit_check_sign = cons.config.build_dir + '/tools/fit_check_sign'
	172	dtc_args = '-I dts -O dtb -i %s' % tmpdir
	173	dtb = '%ssandbox-u-boot.dtb' % tmpdir
	174	sig_node = '/configurations/conf@1/signature@1'
	175
	176	# Create an RSA key pair
	177	public_exponent = 65537
ec70f8a9 SG	178	util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key '
	179	'-pkeyopt rsa_keygen_bits:2048 '
	180	'-pkeyopt rsa_keygen_pubexp:%d '
	181	'2>/dev/null' % (tmpdir, public_exponent))
8729d582 SG	182
8729d582 SG	183	# Create a certificate containing the public key
ec70f8a9 SG	184	util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out '
ec70f8a9 SG	185	'%sdev.crt' % (tmpdir, tmpdir))
8729d582 SG	186
	187	# Create a number kernel image with zeroes
	188	with open('%stest-kernel.bin' % tmpdir, 'w') as fd:
	189	fd.write(5000 * chr(0))
	190
	191	try:
	192	# We need to use our own device tree file. Remember to restore it
	193	# afterwards.
	194	old_dtb = cons.config.dtb
	195	cons.config.dtb = dtb
	196	test_with_algo('sha1')
	197	test_with_algo('sha256')
	198	finally:
27c087d5	199	# Go back to the original U-Boot with the correct dtb.
8729d582	200	cons.config.dtb = old_dtb
27c087d5	201	cons.restart_uboot()