From: AKASHI Takahiro Date: Tue, 5 Jul 2022 05:48:15 +0000 (+0900) Subject: test/py: efi_secboot: add a test for a forged signed image X-Git-Url: http://git.dujemihanovic.xyz/?a=commitdiff_plain;h=8fb9dbdea716ab764c7a3c544569f903cbfdd744;p=u-boot.git test/py: efi_secboot: add a test for a forged signed image In this test case, a image binary, helloworld.efi.signed, is willfully modified to print a corrupted message while the signature itself is unchanged. This binary must be rejected under secure boot mode. Signed-off-by: AKASHI Takahiro --- diff --git a/test/py/tests/test_efi_secboot/conftest.py b/test/py/tests/test_efi_secboot/conftest.py index 8a53dabe54..db6b8d301f 100644 --- a/test/py/tests/test_efi_secboot/conftest.py +++ b/test/py/tests/test_efi_secboot/conftest.py @@ -105,6 +105,9 @@ def efi_boot_env(request, u_boot_config): # Sign already-signed image with another key check_call('cd %s; sbsign --key db1.key --cert db1.crt --output helloworld.efi.signed_2sigs helloworld.efi.signed' % mnt_point, shell=True) + # Create a corrupted signed image + check_call('cd %s; sh %s/test/py/tests/test_efi_secboot/forge_image.sh helloworld.efi.signed helloworld_forged.efi.signed' + % (mnt_point, u_boot_config.source_dir), shell=True) # Digest image check_call('cd %s; %shash-to-efi-sig-list helloworld.efi db_hello.hash; %ssign-efi-sig-list -t "2020-04-07" -c KEK.crt -k KEK.key db db_hello.hash db_hello.auth' % (mnt_point, EFITOOLS_PATH, EFITOOLS_PATH), diff --git a/test/py/tests/test_efi_secboot/forge_image.sh b/test/py/tests/test_efi_secboot/forge_image.sh new file mode 100644 index 0000000000..2465d10fa7 --- /dev/null +++ b/test/py/tests/test_efi_secboot/forge_image.sh @@ -0,0 +1,5 @@ +# SPDX-License-Identifier: GPL-2.0-or-later +#!/bin/sh + +replace_exp="s/H\0e\0l\0l\0o\0/h\0E\0L\0L\0O\0/g" +perl -p -e ${replace_exp} < $1 > $2 diff --git a/test/py/tests/test_efi_secboot/test_signed.py b/test/py/tests/test_efi_secboot/test_signed.py index 30b3fa4e70..ca52e853d8 100644 --- a/test/py/tests/test_efi_secboot/test_signed.py +++ b/test/py/tests/test_efi_secboot/test_signed.py @@ -334,3 +334,38 @@ class TestEfiSignedImage(object): 'efidebug test bootmgr']) assert '\'HELLO\' failed' in ''.join(output) assert 'efi_start_image() returned: 26' in ''.join(output) + + def test_efi_signed_image_auth8(self, u_boot_console, efi_boot_env): + """ + Test Case 8 - Secure boot is in force, + Same as Test Case 2 but the image binary to be loaded + was willfully modified (forged) + Must be rejected. + """ + u_boot_console.restart_uboot() + disk_img = efi_boot_env + with u_boot_console.log.section('Test Case 8a'): + # Test Case 8a, Secure boot is not yet forced + output = u_boot_console.run_command_list([ + 'host bind 0 %s' % disk_img, + 'efidebug boot add -b 1 HELLO1 host 0:1 /helloworld_forged.efi.signed -s ""', + 'efidebug boot next 1', + 'efidebug test bootmgr']) + assert('hELLO, world!' in ''.join(output)) + + with u_boot_console.log.section('Test Case 8b'): + # Test Case 8b, Install signature database and verify the image + output = u_boot_console.run_command_list([ + 'fatload host 0:1 4000000 db.auth', + 'setenv -e -nv -bs -rt -at -i 4000000:$filesize db', + 'fatload host 0:1 4000000 KEK.auth', + 'setenv -e -nv -bs -rt -at -i 4000000:$filesize KEK', + 'fatload host 0:1 4000000 PK.auth', + 'setenv -e -nv -bs -rt -at -i 4000000:$filesize PK']) + assert 'Failed to set EFI variable' not in ''.join(output) + output = u_boot_console.run_command_list([ + 'efidebug boot next 1', + 'efidebug test bootmgr']) + assert(not 'hELLO, world!' in ''.join(output)) + assert('\'HELLO1\' failed' in ''.join(output)) + assert('efi_start_image() returned: 26' in ''.join(output))