TianoCore EDK2 master
Loading...
Searching...
No Matches
SecureBootVariableLibUnitTest.c
Go to the documentation of this file.
1
9#include <stdio.h>
10#include <string.h>
11#include <stdarg.h>
12#include <stddef.h>
13#include <setjmp.h>
14#include <cmocka.h>
15
16#include <Uefi.h>
17#include <UefiSecureBoot.h>
18#include <Guid/GlobalVariable.h>
19#include <Guid/AuthenticatedVariableFormat.h>
20#include <Guid/ImageAuthentication.h>
21
22#include <Library/BaseLib.h>
23#include <Library/BaseMemoryLib.h>
24#include <Library/DebugLib.h>
25#include <Library/MemoryAllocationLib.h>
26
27#include <Library/UnitTestLib.h>
28#include <Library/SecureBootVariableLib.h>
29
30#define UNIT_TEST_APP_NAME "SecureBootVariableLib Unit Tests"
31#define UNIT_TEST_APP_VERSION "1.0"
32#define VAR_AUTH_DESC_SIZE OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)
33
34extern EFI_TIME mMaxTimestamp;
35extern EFI_TIME mDefaultPayloadTimestamp;
36
71STATIC
72EFI_STATUS
73EFIAPI
74MockSetVariable (
75 IN CHAR16 *VariableName,
76 IN EFI_GUID *VendorGuid,
77 IN UINT32 Attributes,
78 IN UINTN DataSize,
79 IN VOID *Data
80 )
81{
82 DEBUG ((
83 DEBUG_INFO,
84 "%a %s %g %x %x %p\n",
85 __func__,
86 VariableName,
87 VendorGuid,
88 Attributes,
89 DataSize,
90 Data
91 ));
92 check_expected_ptr (VariableName);
93 check_expected_ptr (VendorGuid);
94 check_expected_ptr (Attributes);
95 check_expected (DataSize);
96 check_expected (Data);
97
98 return (EFI_STATUS)mock ();
99}
100
125STATIC
126EFI_STATUS
127EFIAPI
128MockGetVariable (
129 IN CHAR16 *VariableName,
130 IN EFI_GUID *VendorGuid,
131 OUT UINT32 *Attributes OPTIONAL,
132 IN OUT UINTN *DataSize,
133 OUT VOID *Data OPTIONAL
134 )
135{
136 UINTN TargetSize;
137 BOOLEAN Exist;
138
139 DEBUG ((
140 DEBUG_INFO,
141 "%a %s %g %p %x %p\n",
142 __func__,
143 VariableName,
144 VendorGuid,
145 Attributes,
146 *DataSize,
147 Data
148 ));
149 assert_non_null (DataSize);
150 check_expected_ptr (VariableName);
151 check_expected_ptr (VendorGuid);
152 check_expected (*DataSize);
153
154 Exist = (BOOLEAN)mock ();
155
156 if (!Exist) {
157 return EFI_NOT_FOUND;
158 }
159
160 TargetSize = (UINTN)mock ();
161 if (TargetSize > *DataSize) {
162 *DataSize = TargetSize;
163 return EFI_BUFFER_TOO_SMALL;
164 } else {
165 assert_non_null (Data);
166 CopyMem (Data, (VOID *)(UINTN)mock (), TargetSize);
167 }
168
169 return EFI_SUCCESS;
170}
171
175EFI_RUNTIME_SERVICES gMockRuntime = {
176 {
177 EFI_RUNTIME_SERVICES_SIGNATURE, // Signature
178 EFI_RUNTIME_SERVICES_REVISION, // Revision
179 sizeof (EFI_RUNTIME_SERVICES), // HeaderSize
180 0, // CRC32
181 0 // Reserved
182 },
183 NULL, // GetTime
184 NULL, // SetTime
185 NULL, // GetWakeupTime
186 NULL, // SetWakeupTime
187 NULL, // SetVirtualAddressMap
188 NULL, // ConvertPointer
189 MockGetVariable, // GetVariable
190 NULL, // GetNextVariableName
191 MockSetVariable, // SetVariable
192 NULL, // GetNextHighMonotonicCount
193 NULL, // ResetSystem
194 NULL, // UpdateCapsule
195 NULL, // QueryCapsuleCapabilities
196 NULL // QueryVariableInfo
197};
198
214UNIT_TEST_STATUS
215EFIAPI
216SetSecureBootModeShouldSetVar (
217 IN UNIT_TEST_CONTEXT Context
218 )
219{
220 UINT8 SecureBootMode;
221 EFI_STATUS Status;
222
223 SecureBootMode = 0xAB; // Any random magic number...
224 expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));
225 expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);
226 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);
227 expect_value (MockSetVariable, DataSize, sizeof (SecureBootMode));
228 expect_memory (MockSetVariable, Data, &SecureBootMode, sizeof (SecureBootMode));
229
230 will_return (MockSetVariable, EFI_SUCCESS);
231
232 Status = SetSecureBootMode (SecureBootMode);
233
234 UT_ASSERT_NOT_EFI_ERROR (Status);
235
236 return UNIT_TEST_PASSED;
237}
238
254UNIT_TEST_STATUS
255EFIAPI
256GetSetupModeShouldGetVar (
257 IN UNIT_TEST_CONTEXT Context
258 )
259{
260 EFI_STATUS Status;
261 UINT8 TargetMode;
262 UINT8 SetupMode;
263
264 TargetMode = 0xAB; // Any random magic number...
265 expect_memory (MockGetVariable, VariableName, EFI_SETUP_MODE_NAME, sizeof (EFI_SETUP_MODE_NAME));
266 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
267 expect_value (MockGetVariable, *DataSize, sizeof (SetupMode));
268
269 will_return (MockGetVariable, TRUE);
270 will_return (MockGetVariable, sizeof (SetupMode));
271 will_return (MockGetVariable, &TargetMode);
272
273 Status = GetSetupMode (&SetupMode);
274
275 UT_ASSERT_NOT_EFI_ERROR (Status);
276 UT_ASSERT_EQUAL (SetupMode, TargetMode);
277
278 return UNIT_TEST_PASSED;
279}
280
296UNIT_TEST_STATUS
297EFIAPI
298IsSecureBootEnableShouldGetVar (
299 IN UNIT_TEST_CONTEXT Context
300 )
301{
302 BOOLEAN Enabled;
303 UINT8 TargetMode;
304
305 TargetMode = SECURE_BOOT_MODE_ENABLE;
306 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
307 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
308 expect_value (MockGetVariable, *DataSize, 0);
309
310 will_return (MockGetVariable, TRUE);
311 will_return (MockGetVariable, sizeof (TargetMode));
312
313 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
314 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
315 expect_value (MockGetVariable, *DataSize, sizeof (TargetMode));
316
317 will_return (MockGetVariable, TRUE);
318 will_return (MockGetVariable, sizeof (TargetMode));
319 will_return (MockGetVariable, &TargetMode);
320
321 Enabled = IsSecureBootEnabled ();
322
323 UT_ASSERT_EQUAL (Enabled, SECURE_BOOT_MODE_ENABLE);
324
325 return UNIT_TEST_PASSED;
326}
327
343UNIT_TEST_STATUS
344EFIAPI
345SecureBootCreateDataFromInputSimple (
346 IN UNIT_TEST_CONTEXT Context
347 )
348{
349 EFI_SIGNATURE_LIST *SigList = NULL;
350 EFI_SIGNATURE_DATA *SigData = NULL;
351 UINTN SigListSize = 0;
352 EFI_STATUS Status;
353 UINT8 TestData[] = { 0 };
354 SECURE_BOOT_CERTIFICATE_INFO KeyInfo;
355
356 KeyInfo.Data = TestData;
357 KeyInfo.DataSize = sizeof (TestData);
358
359 Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 1, &KeyInfo);
360
361 UT_ASSERT_NOT_EFI_ERROR (Status);
362
363 UT_ASSERT_NOT_NULL (SigList);
364 UT_ASSERT_TRUE (CompareGuid (&SigList->SignatureType, &gEfiCertX509Guid));
365 UT_ASSERT_EQUAL (SigList->SignatureSize, sizeof (EFI_SIGNATURE_DATA) - 1 + sizeof (TestData));
366 UT_ASSERT_EQUAL (SigList->SignatureHeaderSize, 0);
367 UT_ASSERT_EQUAL (SigList->SignatureListSize, sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + sizeof (TestData));
368 UT_ASSERT_EQUAL (SigList->SignatureListSize, SigListSize);
369
370 SigData = (EFI_SIGNATURE_DATA *)((UINTN)SigList + sizeof (EFI_SIGNATURE_LIST));
371 UT_ASSERT_TRUE (CompareGuid (&SigData->SignatureOwner, &gEfiGlobalVariableGuid));
372 UT_ASSERT_MEM_EQUAL (SigData->SignatureData, TestData, sizeof (TestData));
373
374 return UNIT_TEST_PASSED;
375}
376
392UNIT_TEST_STATUS
393EFIAPI
394SecureBootCreateDataFromInputNull (
395 IN UNIT_TEST_CONTEXT Context
396 )
397{
398 EFI_SIGNATURE_LIST *SigList = NULL;
399 UINTN SigListSize = 0;
400 EFI_STATUS Status;
401 SECURE_BOOT_CERTIFICATE_INFO KeyInfo = {
402 .Data = NULL,
403 .DataSize = 0
404 };
405
406 Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 0, NULL);
407 UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
408
409 Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 1, &KeyInfo);
410 UT_ASSERT_STATUS_EQUAL (Status, EFI_NOT_FOUND);
411
412 return UNIT_TEST_PASSED;
413}
414
430UNIT_TEST_STATUS
431EFIAPI
432SecureBootCreateDataFromInputMultiple (
433 IN UNIT_TEST_CONTEXT Context
434 )
435{
436 EFI_SIGNATURE_LIST *SigList = NULL;
437 EFI_SIGNATURE_DATA *SigData = NULL;
438 UINTN SigListSize = 0;
439 UINTN TotalSize = 0;
440 UINTN Index = 0;
441 UINT8 TestData1[] = { 0 };
442 UINT8 TestData2[] = { 1, 2 };
443 EFI_STATUS Status;
444 SECURE_BOOT_CERTIFICATE_INFO KeyInfo[2];
445
446 KeyInfo[0].Data = TestData1;
447 KeyInfo[0].DataSize = sizeof (TestData1);
448 KeyInfo[1].Data = TestData2;
449 KeyInfo[1].DataSize = sizeof (TestData2);
450
451 Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 2, KeyInfo);
452 UT_ASSERT_NOT_EFI_ERROR (Status);
453
454 UT_ASSERT_NOT_NULL (SigList);
455
456 for (Index = 0; Index < 2; Index++) {
457 UT_ASSERT_TRUE (SigListSize > TotalSize);
458
459 UT_ASSERT_TRUE (CompareGuid (&SigList->SignatureType, &gEfiCertX509Guid));
460 UT_ASSERT_EQUAL (SigList->SignatureSize, sizeof (EFI_SIGNATURE_DATA) - 1 + KeyInfo[Index].DataSize);
461 UT_ASSERT_EQUAL (SigList->SignatureHeaderSize, 0);
462 UT_ASSERT_EQUAL (SigList->SignatureListSize, sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + KeyInfo[Index].DataSize);
463
464 SigData = (EFI_SIGNATURE_DATA *)((UINTN)SigList + sizeof (EFI_SIGNATURE_LIST));
465 UT_ASSERT_TRUE (CompareGuid (&SigData->SignatureOwner, &gEfiGlobalVariableGuid));
466 UT_ASSERT_MEM_EQUAL (SigData->SignatureData, KeyInfo[Index].Data, KeyInfo[Index].DataSize);
467 TotalSize = TotalSize + SigList->SignatureListSize;
468 SigList = (EFI_SIGNATURE_LIST *)((UINTN)SigList + SigList->SignatureListSize);
469 }
470
471 UT_ASSERT_EQUAL (SigListSize, TotalSize);
472
473 return UNIT_TEST_PASSED;
474}
475
491UNIT_TEST_STATUS
492EFIAPI
493CreateTimeBasedPayloadShouldPopulateDescriptor (
494 IN UNIT_TEST_CONTEXT Context
495 )
496{
497 UINT8 Data[] = { 2 };
498 UINTN DataSize = sizeof (Data);
499 UINT8 *CheckData;
500 EFI_VARIABLE_AUTHENTICATION_2 *VarAuth;
501 EFI_STATUS Status;
502 EFI_TIME Time = {
503 .Year = 2012,
504 .Month = 3,
505 .Day = 4,
506 .Hour = 5,
507 .Minute = 6,
508 .Second = 7,
509 .Pad1 = 0,
510 .Nanosecond = 8910,
511 .TimeZone = 1112,
512 .Pad2 = 0
513 };
514
515 CheckData = AllocateCopyPool (DataSize, Data);
516 Status = CreateTimeBasedPayload (&DataSize, &CheckData, &Time);
517 UT_ASSERT_NOT_EFI_ERROR (Status);
518
519 // This is result that we did not pack this structure...
520 // we cannot even use the sizeof (EFI_VARIABLE_AUTHENTICATION_2) - 1,
521 // because the structure is not at the end of this structure, but partially
522 // inside it...
523 UT_ASSERT_EQUAL (DataSize, VAR_AUTH_DESC_SIZE + sizeof (Data));
524 UT_ASSERT_NOT_NULL (CheckData);
525
526 VarAuth = (EFI_VARIABLE_AUTHENTICATION_2 *)CheckData;
527 UT_ASSERT_MEM_EQUAL (&(VarAuth->TimeStamp), &Time, sizeof (EFI_TIME));
528
529 UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.dwLength, OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));
530 UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.wRevision, 0x0200);
531 UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.wCertificateType, WIN_CERT_TYPE_EFI_GUID);
532 UT_ASSERT_TRUE (CompareGuid (&VarAuth->AuthInfo.CertType, &gEfiCertPkcs7Guid));
533
534 UT_ASSERT_MEM_EQUAL (VarAuth->AuthInfo.CertData, Data, sizeof (Data));
535
536 return UNIT_TEST_PASSED;
537}
538
554UNIT_TEST_STATUS
555EFIAPI
556CreateTimeBasedPayloadShouldCheckInput (
557 IN UNIT_TEST_CONTEXT Context
558 )
559{
560 UINTN DataSize = 0;
561 UINT8 *Data = NULL;
562 EFI_TIME Time;
563 EFI_STATUS Status;
564
565 Status = CreateTimeBasedPayload (NULL, &Data, &Time);
566 UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
567
568 Status = CreateTimeBasedPayload (&DataSize, NULL, &Time);
569 UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
570
571 Status = CreateTimeBasedPayload (&DataSize, &Data, NULL);
572 UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);
573
574 return UNIT_TEST_PASSED;
575}
576
592UNIT_TEST_STATUS
593EFIAPI
594DeleteDbShouldDelete (
595 IN UNIT_TEST_CONTEXT Context
596 )
597{
598 EFI_STATUS Status;
599 UINT8 Dummy = 3;
600 UINT8 *Payload = NULL;
601 UINTN PayloadSize = 0;
602
603 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
604 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
605 expect_value (MockGetVariable, *DataSize, 0);
606
607 will_return (MockGetVariable, TRUE);
608 will_return (MockGetVariable, sizeof (Dummy));
609
610 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
611 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
612 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
613
614 will_return (MockGetVariable, TRUE);
615 will_return (MockGetVariable, sizeof (Dummy));
616 will_return (MockGetVariable, &Dummy);
617
618 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);
619 UT_ASSERT_NOT_EFI_ERROR (Status);
620 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);
621
622 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
623 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
624 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
625 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
626 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
627
628 will_return (MockSetVariable, EFI_SUCCESS);
629
630 Status = DeleteDb ();
631 UT_ASSERT_NOT_EFI_ERROR (Status);
632
633 return UNIT_TEST_PASSED;
634}
635
651UNIT_TEST_STATUS
652EFIAPI
653DeleteDbxShouldDelete (
654 IN UNIT_TEST_CONTEXT Context
655 )
656{
657 EFI_STATUS Status;
658 UINT8 Dummy = 3;
659 UINT8 *Payload = NULL;
660 UINTN PayloadSize = 0;
661
662 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
663 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
664 expect_value (MockGetVariable, *DataSize, 0);
665
666 will_return (MockGetVariable, TRUE);
667 will_return (MockGetVariable, sizeof (Dummy));
668
669 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
670 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
671 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
672
673 will_return (MockGetVariable, TRUE);
674 will_return (MockGetVariable, sizeof (Dummy));
675 will_return (MockGetVariable, &Dummy);
676
677 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);
678 UT_ASSERT_NOT_EFI_ERROR (Status);
679 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);
680
681 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
682 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
683 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
684 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
685 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
686
687 will_return (MockSetVariable, EFI_SUCCESS);
688
689 Status = DeleteDbx ();
690 UT_ASSERT_NOT_EFI_ERROR (Status);
691
692 return UNIT_TEST_PASSED;
693}
694
710UNIT_TEST_STATUS
711EFIAPI
712DeleteDbtShouldDelete (
713 IN UNIT_TEST_CONTEXT Context
714 )
715{
716 EFI_STATUS Status;
717 UINT8 Dummy = 3;
718 UINT8 *Payload = NULL;
719 UINTN PayloadSize = 0;
720
721 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
722 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
723 expect_value (MockGetVariable, *DataSize, 0);
724
725 will_return (MockGetVariable, TRUE);
726 will_return (MockGetVariable, sizeof (Dummy));
727
728 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
729 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
730 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
731
732 will_return (MockGetVariable, TRUE);
733 will_return (MockGetVariable, sizeof (Dummy));
734 will_return (MockGetVariable, &Dummy);
735
736 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);
737 UT_ASSERT_NOT_EFI_ERROR (Status);
738 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);
739
740 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
741 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
742 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
743 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
744 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
745
746 will_return (MockSetVariable, EFI_SUCCESS);
747
748 Status = DeleteDbt ();
749 UT_ASSERT_NOT_EFI_ERROR (Status);
750
751 return UNIT_TEST_PASSED;
752}
753
769UNIT_TEST_STATUS
770EFIAPI
771DeleteKEKShouldDelete (
772 IN UNIT_TEST_CONTEXT Context
773 )
774{
775 EFI_STATUS Status;
776 UINT8 Dummy = 3;
777 UINT8 *Payload = NULL;
778 UINTN PayloadSize = 0;
779
780 expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
781 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
782 expect_value (MockGetVariable, *DataSize, 0);
783
784 will_return (MockGetVariable, TRUE);
785 will_return (MockGetVariable, sizeof (Dummy));
786
787 expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
788 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
789 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
790
791 will_return (MockGetVariable, TRUE);
792 will_return (MockGetVariable, sizeof (Dummy));
793 will_return (MockGetVariable, &Dummy);
794
795 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);
796 UT_ASSERT_NOT_EFI_ERROR (Status);
797 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);
798
799 expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
800 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
801 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
802 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
803 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
804
805 will_return (MockSetVariable, EFI_SUCCESS);
806
807 Status = DeleteKEK ();
808 UT_ASSERT_NOT_EFI_ERROR (Status);
809
810 return UNIT_TEST_PASSED;
811}
812
828UNIT_TEST_STATUS
829EFIAPI
830DeletePKShouldDelete (
831 IN UNIT_TEST_CONTEXT Context
832 )
833{
834 EFI_STATUS Status;
835 UINT8 Dummy = 3;
836 UINT8 *Payload = NULL;
837 UINTN PayloadSize = 0;
838 UINT8 BootMode = CUSTOM_SECURE_BOOT_MODE;
839
840 expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));
841 expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);
842 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);
843 expect_value (MockSetVariable, DataSize, sizeof (BootMode));
844 expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));
845
846 will_return (MockSetVariable, EFI_SUCCESS);
847
848 expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
849 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
850 expect_value (MockGetVariable, *DataSize, 0);
851
852 will_return (MockGetVariable, TRUE);
853 will_return (MockGetVariable, sizeof (Dummy));
854
855 expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
856 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
857 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
858
859 will_return (MockGetVariable, TRUE);
860 will_return (MockGetVariable, sizeof (Dummy));
861 will_return (MockGetVariable, &Dummy);
862
863 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);
864 UT_ASSERT_NOT_EFI_ERROR (Status);
865 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);
866
867 expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
868 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
869 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
870 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
871 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
872
873 will_return (MockSetVariable, EFI_SUCCESS);
874
875 Status = DeletePlatformKey ();
876 UT_ASSERT_NOT_EFI_ERROR (Status);
877
878 return UNIT_TEST_PASSED;
879}
880
896UNIT_TEST_STATUS
897EFIAPI
898DeleteSecureBootVariablesShouldDelete (
899 IN UNIT_TEST_CONTEXT Context
900 )
901{
902 EFI_STATUS Status;
903 UINT8 Dummy = 3;
904 UINT8 *Payload = NULL;
905 UINTN PayloadSize = 0;
906 UINT8 BootMode = CUSTOM_SECURE_BOOT_MODE;
907
908 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);
909 UT_ASSERT_NOT_EFI_ERROR (Status);
910 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);
911
912 will_return (DisablePKProtection, EFI_SUCCESS);
913
914 expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));
915 expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);
916 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);
917 expect_value (MockSetVariable, DataSize, sizeof (BootMode));
918 expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));
919
920 will_return (MockSetVariable, EFI_SUCCESS);
921
922 expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
923 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
924 expect_value (MockGetVariable, *DataSize, 0);
925
926 will_return (MockGetVariable, TRUE);
927 will_return (MockGetVariable, sizeof (Dummy));
928
929 expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
930 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
931 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
932
933 will_return (MockGetVariable, TRUE);
934 will_return (MockGetVariable, sizeof (Dummy));
935 will_return (MockGetVariable, &Dummy);
936
937 expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
938 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
939 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
940 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
941 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
942
943 will_return (MockSetVariable, EFI_SUCCESS);
944
945 expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
946 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
947 expect_value (MockGetVariable, *DataSize, 0);
948
949 will_return (MockGetVariable, TRUE);
950 will_return (MockGetVariable, sizeof (Dummy));
951
952 expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
953 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
954 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
955
956 will_return (MockGetVariable, TRUE);
957 will_return (MockGetVariable, sizeof (Dummy));
958 will_return (MockGetVariable, &Dummy);
959
960 expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
961 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
962 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
963 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
964 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
965
966 will_return (MockSetVariable, EFI_SUCCESS);
967
968 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
969 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
970 expect_value (MockGetVariable, *DataSize, 0);
971
972 will_return (MockGetVariable, TRUE);
973 will_return (MockGetVariable, sizeof (Dummy));
974
975 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
976 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
977 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
978
979 will_return (MockGetVariable, TRUE);
980 will_return (MockGetVariable, sizeof (Dummy));
981 will_return (MockGetVariable, &Dummy);
982
983 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
984 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
985 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
986 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
987 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
988
989 will_return (MockSetVariable, EFI_SUCCESS);
990
991 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
992 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
993 expect_value (MockGetVariable, *DataSize, 0);
994
995 will_return (MockGetVariable, TRUE);
996 will_return (MockGetVariable, sizeof (Dummy));
997
998 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
999 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1000 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
1001
1002 will_return (MockGetVariable, TRUE);
1003 will_return (MockGetVariable, sizeof (Dummy));
1004 will_return (MockGetVariable, &Dummy);
1005
1006 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1007 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1008 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1009 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
1010 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
1011
1012 will_return (MockSetVariable, EFI_SUCCESS);
1013
1014 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1015 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1016 expect_value (MockGetVariable, *DataSize, 0);
1017
1018 will_return (MockGetVariable, TRUE);
1019 will_return (MockGetVariable, sizeof (Dummy));
1020
1021 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1022 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1023 expect_value (MockGetVariable, *DataSize, sizeof (Dummy));
1024
1025 will_return (MockGetVariable, TRUE);
1026 will_return (MockGetVariable, sizeof (Dummy));
1027 will_return (MockGetVariable, &Dummy);
1028
1029 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1030 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1031 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1032 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);
1033 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);
1034
1035 will_return (MockSetVariable, EFI_SUCCESS);
1036
1037 Status = DeleteSecureBootVariables ();
1038 UT_ASSERT_NOT_EFI_ERROR (Status);
1039
1040 return UNIT_TEST_PASSED;
1041}
1042
1058UNIT_TEST_STATUS
1059EFIAPI
1060DeleteSecureBootVariablesShouldCheckProtection (
1061 IN UNIT_TEST_CONTEXT Context
1062 )
1063{
1064 EFI_STATUS Status;
1065
1066 will_return (DisablePKProtection, EFI_SECURITY_VIOLATION);
1067
1068 Status = DeleteSecureBootVariables ();
1069 UT_ASSERT_STATUS_EQUAL (Status, EFI_ABORTED);
1070
1071 return UNIT_TEST_PASSED;
1072}
1073
1089UNIT_TEST_STATUS
1090EFIAPI
1091DeleteSecureBootVariablesShouldProceedWithNotFound (
1092 IN UNIT_TEST_CONTEXT Context
1093 )
1094{
1095 EFI_STATUS Status;
1096 UINT8 BootMode = CUSTOM_SECURE_BOOT_MODE;
1097
1098 will_return (DisablePKProtection, EFI_SUCCESS);
1099
1100 expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));
1101 expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);
1102 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);
1103 expect_value (MockSetVariable, DataSize, sizeof (BootMode));
1104 expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));
1105
1106 will_return (MockSetVariable, EFI_SUCCESS);
1107
1108 expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
1109 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1110 expect_value (MockGetVariable, *DataSize, 0);
1111
1112 will_return (MockGetVariable, FALSE);
1113
1114 expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
1115 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1116 expect_value (MockGetVariable, *DataSize, 0);
1117
1118 will_return (MockGetVariable, FALSE);
1119
1120 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
1121 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1122 expect_value (MockGetVariable, *DataSize, 0);
1123
1124 will_return (MockGetVariable, FALSE);
1125
1126 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1127 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1128 expect_value (MockGetVariable, *DataSize, 0);
1129
1130 will_return (MockGetVariable, FALSE);
1131
1132 expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1133 expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1134 expect_value (MockGetVariable, *DataSize, 0);
1135
1136 will_return (MockGetVariable, FALSE);
1137
1138 Status = DeleteSecureBootVariables ();
1139 UT_ASSERT_NOT_EFI_ERROR (Status);
1140
1141 return UNIT_TEST_PASSED;
1142}
1143
1159UNIT_TEST_STATUS
1160EFIAPI
1161EnrollFromInputShouldComplete (
1162 IN UNIT_TEST_CONTEXT Context
1163 )
1164{
1165 EFI_STATUS Status;
1166 UINT8 Dummy = 3;
1167 UINT8 *Payload = NULL;
1168 UINTN PayloadSize = sizeof (Dummy);
1169
1170 Payload = AllocateCopyPool (sizeof (Dummy), &Dummy);
1171 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1172 UT_ASSERT_NOT_EFI_ERROR (Status);
1173 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (Dummy));
1174
1175 expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
1176 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1177 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1178 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Dummy));
1179 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (Dummy));
1180
1181 will_return (MockSetVariable, EFI_SUCCESS);
1182
1183 Status = EnrollFromInput (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, sizeof (Dummy), &Dummy);
1184 UT_ASSERT_NOT_EFI_ERROR (Status);
1185
1186 return UNIT_TEST_PASSED;
1187}
1188
1204UNIT_TEST_STATUS
1205EFIAPI
1206SetSecureBootVariablesShouldComplete (
1207 IN UNIT_TEST_CONTEXT Context
1208 )
1209{
1210 EFI_STATUS Status;
1211 UINT8 DbDummy = 0xDE;
1212 UINT8 DbtDummy = 0xAD;
1213 UINT8 DbxDummy = 0xBE;
1214 UINT8 KekDummy = 0xEF;
1215 UINT8 PkDummy = 0xFE;
1216 UINT8 *Payload = NULL;
1217 UINTN PayloadSize = sizeof (DbDummy);
1218 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1219
1220 PayloadInfo.DbPtr = &DbDummy;
1221 PayloadInfo.DbSize = sizeof (DbDummy);
1222 PayloadInfo.DbxPtr = &DbxDummy;
1223 PayloadInfo.DbxSize = sizeof (DbxDummy);
1224 PayloadInfo.DbtPtr = &DbtDummy;
1225 PayloadInfo.DbtSize = sizeof (DbtDummy);
1226 PayloadInfo.KekPtr = &KekDummy;
1227 PayloadInfo.KekSize = sizeof (KekDummy);
1228 PayloadInfo.PkPtr = &PkDummy;
1229 PayloadInfo.PkSize = sizeof (PkDummy);
1230 PayloadInfo.SecureBootKeyName = L"Food";
1231
1232 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1233 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1234 expect_value (MockGetVariable, *DataSize, 0);
1235
1236 will_return (MockGetVariable, FALSE);
1237
1238 Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);
1239 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1240 UT_ASSERT_NOT_EFI_ERROR (Status);
1241 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1242
1243 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1244 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1245 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1246 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1247 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1248
1249 will_return (MockSetVariable, EFI_SUCCESS);
1250
1251 CopyMem (Payload, &DbDummy, sizeof (DbDummy));
1252 PayloadSize = sizeof (DbDummy);
1253 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1254 UT_ASSERT_NOT_EFI_ERROR (Status);
1255 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1256
1257 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
1258 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1259 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1260 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1261 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1262
1263 will_return (MockSetVariable, EFI_SUCCESS);
1264
1265 CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));
1266 PayloadSize = sizeof (DbtDummy);
1267 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1268 UT_ASSERT_NOT_EFI_ERROR (Status);
1269 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1270
1271 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1272 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1273 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1274 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1275 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1276
1277 will_return (MockSetVariable, EFI_SUCCESS);
1278
1279 CopyMem (Payload, &KekDummy, sizeof (KekDummy));
1280 PayloadSize = sizeof (KekDummy);
1281 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1282 UT_ASSERT_NOT_EFI_ERROR (Status);
1283 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1284
1285 expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
1286 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1287 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1288 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1289 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1290
1291 will_return (MockSetVariable, EFI_SUCCESS);
1292
1293 CopyMem (Payload, &PkDummy, sizeof (PkDummy));
1294 PayloadSize = sizeof (PkDummy);
1295 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1296 UT_ASSERT_NOT_EFI_ERROR (Status);
1297 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1298
1299 expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
1300 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1301 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1302 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1303 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1304
1305 will_return (MockSetVariable, EFI_SUCCESS);
1306
1307 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1308 UT_ASSERT_NOT_EFI_ERROR (Status);
1309
1310 return UNIT_TEST_PASSED;
1311}
1312
1328UNIT_TEST_STATUS
1329EFIAPI
1330SetSecureBootVariablesShouldStopWhenSecure (
1331 IN UNIT_TEST_CONTEXT Context
1332 )
1333{
1334 EFI_STATUS Status;
1335 UINT8 TargetMode = SECURE_BOOT_MODE_ENABLE;
1336 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1337
1338 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1339 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1340 expect_value (MockGetVariable, *DataSize, 0);
1341
1342 will_return (MockGetVariable, TRUE);
1343 will_return (MockGetVariable, sizeof (TargetMode));
1344
1345 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1346 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1347 expect_value (MockGetVariable, *DataSize, sizeof (TargetMode));
1348
1349 will_return (MockGetVariable, TRUE);
1350 will_return (MockGetVariable, sizeof (TargetMode));
1351 will_return (MockGetVariable, &TargetMode);
1352
1353 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1354 UT_ASSERT_STATUS_EQUAL (Status, EFI_ABORTED);
1355
1356 return UNIT_TEST_PASSED;
1357}
1358
1374UNIT_TEST_STATUS
1375EFIAPI
1376SetSecureBootVariablesShouldStopFailDBX (
1377 IN UNIT_TEST_CONTEXT Context
1378 )
1379{
1380 EFI_STATUS Status;
1381 UINT8 DbxDummy = 0xBE;
1382 UINT8 *Payload = NULL;
1383 UINTN PayloadSize = sizeof (DbxDummy);
1384 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1385
1386 PayloadInfo.DbxPtr = &DbxDummy;
1387 PayloadInfo.DbxSize = sizeof (DbxDummy);
1388 PayloadInfo.SecureBootKeyName = L"Fail DBX";
1389
1390 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1391 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1392 expect_value (MockGetVariable, *DataSize, 0);
1393
1394 will_return (MockGetVariable, FALSE);
1395
1396 Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);
1397 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1398 UT_ASSERT_NOT_EFI_ERROR (Status);
1399 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1400
1401 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1402 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1403 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1404 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1405 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1406
1407 will_return (MockSetVariable, EFI_WRITE_PROTECTED);
1408
1409 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1410 UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED);
1411
1412 return UNIT_TEST_PASSED;
1413}
1414
1430UNIT_TEST_STATUS
1431EFIAPI
1432SetSecureBootVariablesShouldStopFailDB (
1433 IN UNIT_TEST_CONTEXT Context
1434 )
1435{
1436 EFI_STATUS Status;
1437 UINT8 DbDummy = 0xDE;
1438 UINT8 DbxDummy = 0xBE;
1439 UINT8 *Payload = NULL;
1440 UINTN PayloadSize = sizeof (DbDummy);
1441 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1442
1443 PayloadInfo.DbPtr = &DbDummy;
1444 PayloadInfo.DbSize = sizeof (DbDummy);
1445 PayloadInfo.DbxPtr = &DbxDummy;
1446 PayloadInfo.DbxSize = sizeof (DbxDummy);
1447 PayloadInfo.SecureBootKeyName = L"Fail DB";
1448
1449 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1450 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1451 expect_value (MockGetVariable, *DataSize, 0);
1452
1453 will_return (MockGetVariable, FALSE);
1454
1455 Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);
1456 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1457 UT_ASSERT_NOT_EFI_ERROR (Status);
1458 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1459
1460 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1461 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1462 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1463 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1464 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1465
1466 will_return (MockSetVariable, EFI_SUCCESS);
1467
1468 CopyMem (Payload, &DbDummy, sizeof (DbDummy));
1469 PayloadSize = sizeof (DbDummy);
1470 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1471 UT_ASSERT_NOT_EFI_ERROR (Status);
1472 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1473
1474 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
1475 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1476 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1477 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1478 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1479
1480 will_return (MockSetVariable, EFI_WRITE_PROTECTED);
1481
1482 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1483 UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED);
1484
1485 return UNIT_TEST_PASSED;
1486}
1487
1503UNIT_TEST_STATUS
1504EFIAPI
1505SetSecureBootVariablesShouldStopFailDBT (
1506 IN UNIT_TEST_CONTEXT Context
1507 )
1508{
1509 EFI_STATUS Status;
1510 UINT8 DbDummy = 0xDE;
1511 UINT8 DbtDummy = 0xAD;
1512 UINT8 DbxDummy = 0xBE;
1513 UINT8 *Payload = NULL;
1514 UINTN PayloadSize = sizeof (DbDummy);
1515 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1516
1517 PayloadInfo.DbPtr = &DbDummy;
1518 PayloadInfo.DbSize = sizeof (DbDummy);
1519 PayloadInfo.DbxPtr = &DbxDummy;
1520 PayloadInfo.DbxSize = sizeof (DbxDummy);
1521 PayloadInfo.DbtPtr = &DbtDummy;
1522 PayloadInfo.DbtSize = sizeof (DbtDummy);
1523 PayloadInfo.SecureBootKeyName = L"Fail DBT";
1524
1525 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1526 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1527 expect_value (MockGetVariable, *DataSize, 0);
1528
1529 will_return (MockGetVariable, FALSE);
1530
1531 Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);
1532 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1533 UT_ASSERT_NOT_EFI_ERROR (Status);
1534 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1535
1536 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1537 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1538 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1539 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1540 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1541
1542 will_return (MockSetVariable, EFI_SUCCESS);
1543
1544 CopyMem (Payload, &DbDummy, sizeof (DbDummy));
1545 PayloadSize = sizeof (DbDummy);
1546 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1547 UT_ASSERT_NOT_EFI_ERROR (Status);
1548 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1549
1550 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
1551 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1552 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1553 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1554 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1555
1556 will_return (MockSetVariable, EFI_SUCCESS);
1557
1558 CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));
1559 PayloadSize = sizeof (DbtDummy);
1560 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1561 UT_ASSERT_NOT_EFI_ERROR (Status);
1562 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1563
1564 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1565 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1566 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1567 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1568 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1569
1570 will_return (MockSetVariable, EFI_ACCESS_DENIED);
1571
1572 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1573 UT_ASSERT_STATUS_EQUAL (Status, EFI_ACCESS_DENIED);
1574
1575 return UNIT_TEST_PASSED;
1576}
1577
1593UNIT_TEST_STATUS
1594EFIAPI
1595SetSecureBootVariablesShouldStopFailKEK (
1596 IN UNIT_TEST_CONTEXT Context
1597 )
1598{
1599 EFI_STATUS Status;
1600 UINT8 DbDummy = 0xDE;
1601 UINT8 DbtDummy = 0xAD;
1602 UINT8 DbxDummy = 0xBE;
1603 UINT8 KekDummy = 0xEF;
1604 UINT8 PkDummy = 0xFE;
1605 UINT8 *Payload = NULL;
1606 UINTN PayloadSize = sizeof (DbDummy);
1607 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1608
1609 PayloadInfo.DbPtr = &DbDummy;
1610 PayloadInfo.DbSize = sizeof (DbDummy);
1611 PayloadInfo.DbxPtr = &DbxDummy;
1612 PayloadInfo.DbxSize = sizeof (DbxDummy);
1613 PayloadInfo.DbtPtr = &DbtDummy;
1614 PayloadInfo.DbtSize = sizeof (DbtDummy);
1615 PayloadInfo.KekPtr = &KekDummy;
1616 PayloadInfo.KekSize = sizeof (KekDummy);
1617 PayloadInfo.PkPtr = &PkDummy;
1618 PayloadInfo.PkSize = sizeof (PkDummy);
1619 PayloadInfo.SecureBootKeyName = L"Food";
1620
1621 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1622 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1623 expect_value (MockGetVariable, *DataSize, 0);
1624
1625 will_return (MockGetVariable, FALSE);
1626
1627 Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);
1628 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1629 UT_ASSERT_NOT_EFI_ERROR (Status);
1630 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1631
1632 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1633 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1634 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1635 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1636 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1637
1638 will_return (MockSetVariable, EFI_SUCCESS);
1639
1640 CopyMem (Payload, &DbDummy, sizeof (DbDummy));
1641 PayloadSize = sizeof (DbDummy);
1642 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1643 UT_ASSERT_NOT_EFI_ERROR (Status);
1644 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1645
1646 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
1647 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1648 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1649 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1650 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1651
1652 will_return (MockSetVariable, EFI_SUCCESS);
1653
1654 CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));
1655 PayloadSize = sizeof (DbtDummy);
1656 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1657 UT_ASSERT_NOT_EFI_ERROR (Status);
1658 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1659
1660 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1661 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1662 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1663 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1664 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1665
1666 will_return (MockSetVariable, EFI_SUCCESS);
1667
1668 CopyMem (Payload, &KekDummy, sizeof (KekDummy));
1669 PayloadSize = sizeof (KekDummy);
1670 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1671 UT_ASSERT_NOT_EFI_ERROR (Status);
1672 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1673
1674 expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
1675 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1676 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1677 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1678 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1679
1680 will_return (MockSetVariable, EFI_DEVICE_ERROR);
1681
1682 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1683 UT_ASSERT_STATUS_EQUAL (Status, EFI_DEVICE_ERROR);
1684
1685 return UNIT_TEST_PASSED;
1686}
1687
1703UNIT_TEST_STATUS
1704EFIAPI
1705SetSecureBootVariablesShouldStopFailPK (
1706 IN UNIT_TEST_CONTEXT Context
1707 )
1708{
1709 EFI_STATUS Status;
1710 UINT8 DbDummy = 0xDE;
1711 UINT8 DbtDummy = 0xAD;
1712 UINT8 DbxDummy = 0xBE;
1713 UINT8 KekDummy = 0xEF;
1714 UINT8 PkDummy = 0xFE;
1715 UINT8 *Payload = NULL;
1716 UINTN PayloadSize = sizeof (DbDummy);
1717 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1718
1719 PayloadInfo.DbPtr = &DbDummy;
1720 PayloadInfo.DbSize = sizeof (DbDummy);
1721 PayloadInfo.DbxPtr = &DbxDummy;
1722 PayloadInfo.DbxSize = sizeof (DbxDummy);
1723 PayloadInfo.DbtPtr = &DbtDummy;
1724 PayloadInfo.DbtSize = sizeof (DbtDummy);
1725 PayloadInfo.KekPtr = &KekDummy;
1726 PayloadInfo.KekSize = sizeof (KekDummy);
1727 PayloadInfo.PkPtr = &PkDummy;
1728 PayloadInfo.PkSize = sizeof (PkDummy);
1729 PayloadInfo.SecureBootKeyName = L"Food";
1730
1731 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1732 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1733 expect_value (MockGetVariable, *DataSize, 0);
1734
1735 will_return (MockGetVariable, FALSE);
1736
1737 Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);
1738 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1739 UT_ASSERT_NOT_EFI_ERROR (Status);
1740 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1741
1742 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1743 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1744 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1745 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1746 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1747
1748 will_return (MockSetVariable, EFI_SUCCESS);
1749
1750 CopyMem (Payload, &DbDummy, sizeof (DbDummy));
1751 PayloadSize = sizeof (DbDummy);
1752 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1753 UT_ASSERT_NOT_EFI_ERROR (Status);
1754 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1755
1756 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
1757 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1758 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1759 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1760 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1761
1762 will_return (MockSetVariable, EFI_SUCCESS);
1763
1764 CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));
1765 PayloadSize = sizeof (DbtDummy);
1766 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1767 UT_ASSERT_NOT_EFI_ERROR (Status);
1768 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1769
1770 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));
1771 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1772 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1773 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1774 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));
1775
1776 will_return (MockSetVariable, EFI_SUCCESS);
1777
1778 CopyMem (Payload, &KekDummy, sizeof (KekDummy));
1779 PayloadSize = sizeof (KekDummy);
1780 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1781 UT_ASSERT_NOT_EFI_ERROR (Status);
1782 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1783
1784 expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
1785 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1786 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1787 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1788 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1789
1790 will_return (MockSetVariable, EFI_SUCCESS);
1791
1792 CopyMem (Payload, &PkDummy, sizeof (PkDummy));
1793 PayloadSize = sizeof (PkDummy);
1794 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1795 UT_ASSERT_NOT_EFI_ERROR (Status);
1796 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1797
1798 expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
1799 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1800 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1801 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1802 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1803
1804 will_return (MockSetVariable, EFI_INVALID_PARAMETER);
1805
1806 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1807 UT_ASSERT_STATUS_EQUAL (Status, EFI_SECURITY_VIOLATION);
1808
1809 return UNIT_TEST_PASSED;
1810}
1811
1827UNIT_TEST_STATUS
1828EFIAPI
1829SetSecureBootVariablesDBTOptional (
1830 IN UNIT_TEST_CONTEXT Context
1831 )
1832{
1833 EFI_STATUS Status;
1834 UINT8 DbDummy = 0xDE;
1835 UINT8 DbxDummy = 0xBE;
1836 UINT8 KekDummy = 0xEF;
1837 UINT8 PkDummy = 0xFE;
1838 UINT8 *Payload = NULL;
1839 UINTN PayloadSize = sizeof (DbDummy);
1840 SECURE_BOOT_PAYLOAD_INFO PayloadInfo;
1841
1842 PayloadInfo.DbPtr = &DbDummy;
1843 PayloadInfo.DbSize = sizeof (DbDummy);
1844 PayloadInfo.DbxPtr = &DbxDummy;
1845 PayloadInfo.DbxSize = sizeof (DbxDummy);
1846 PayloadInfo.DbtPtr = NULL;
1847 PayloadInfo.DbtSize = 0;
1848 PayloadInfo.KekPtr = &KekDummy;
1849 PayloadInfo.KekSize = sizeof (KekDummy);
1850 PayloadInfo.PkPtr = &PkDummy;
1851 PayloadInfo.PkSize = sizeof (PkDummy);
1852 PayloadInfo.SecureBootKeyName = L"Food";
1853
1854 expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));
1855 expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1856 expect_value (MockGetVariable, *DataSize, 0);
1857
1858 will_return (MockGetVariable, FALSE);
1859
1860 Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);
1861 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1862 UT_ASSERT_NOT_EFI_ERROR (Status);
1863 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1864
1865 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));
1866 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1867 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1868 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1869 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));
1870
1871 will_return (MockSetVariable, EFI_SUCCESS);
1872
1873 CopyMem (Payload, &DbDummy, sizeof (DbDummy));
1874 PayloadSize = sizeof (DbDummy);
1875 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1876 UT_ASSERT_NOT_EFI_ERROR (Status);
1877 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1878
1879 expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));
1880 expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);
1881 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1882 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1883 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));
1884
1885 will_return (MockSetVariable, EFI_SUCCESS);
1886
1887 CopyMem (Payload, &KekDummy, sizeof (KekDummy));
1888 PayloadSize = sizeof (KekDummy);
1889 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1890 UT_ASSERT_NOT_EFI_ERROR (Status);
1891 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1892
1893 expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));
1894 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1895 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1896 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1897 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));
1898
1899 will_return (MockSetVariable, EFI_SUCCESS);
1900
1901 CopyMem (Payload, &PkDummy, sizeof (PkDummy));
1902 PayloadSize = sizeof (PkDummy);
1903 Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);
1904 UT_ASSERT_NOT_EFI_ERROR (Status);
1905 UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1906
1907 expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));
1908 expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);
1909 expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);
1910 expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1911 expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));
1912
1913 will_return (MockSetVariable, EFI_SUCCESS);
1914
1915 Status = SetSecureBootVariablesToDefault (&PayloadInfo);
1916 UT_ASSERT_NOT_EFI_ERROR (Status);
1917
1918 return UNIT_TEST_PASSED;
1919}
1920
1929STATIC
1930EFI_STATUS
1931EFIAPI
1932UnitTestingEntry (
1933 VOID
1934 )
1935{
1936 EFI_STATUS Status;
1937 UNIT_TEST_FRAMEWORK_HANDLE Framework;
1938 UNIT_TEST_SUITE_HANDLE SecureBootVarMiscTests;
1939 UNIT_TEST_SUITE_HANDLE SecureBootVarDeleteTests;
1940 UNIT_TEST_SUITE_HANDLE SecureBootVarEnrollTests;
1941
1942 Framework = NULL;
1943
1944 DEBUG ((DEBUG_INFO, "%a v%a\n", UNIT_TEST_APP_NAME, UNIT_TEST_APP_VERSION));
1945
1946 //
1947 // Start setting up the test framework for running the tests.
1948 //
1949 Status = InitUnitTestFramework (&Framework, UNIT_TEST_APP_NAME, gEfiCallerBaseName, UNIT_TEST_APP_VERSION);
1950 if (EFI_ERROR (Status)) {
1951 DEBUG ((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status = %r\n", Status));
1952 goto EXIT;
1953 }
1954
1955 //
1956 // Populate the SecureBootVariableLib Unit Test Suite.
1957 //
1958 Status = CreateUnitTestSuite (&SecureBootVarMiscTests, Framework, "SecureBootVariableLib Miscellaneous Tests", "SecureBootVariableLib.Miscellaneous", NULL, NULL);
1959 if (EFI_ERROR (Status)) {
1960 DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVariableLib\n"));
1961 Status = EFI_OUT_OF_RESOURCES;
1962 goto EXIT;
1963 }
1964
1965 Status = CreateUnitTestSuite (&SecureBootVarDeleteTests, Framework, "SecureBootVariableLib Deletion Tests", "SecureBootVariableLib.Deletion", NULL, NULL);
1966 if (EFI_ERROR (Status)) {
1967 DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVariableLib\n"));
1968 Status = EFI_OUT_OF_RESOURCES;
1969 goto EXIT;
1970 }
1971
1972 Status = CreateUnitTestSuite (&SecureBootVarEnrollTests, Framework, "SecureBootVariableLib Enrollment Tests", "SecureBootVariableLib.Enrollment", NULL, NULL);
1973 if (EFI_ERROR (Status)) {
1974 DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVariableLib\n"));
1975 Status = EFI_OUT_OF_RESOURCES;
1976 goto EXIT;
1977 }
1978
1979 //
1980 // --------------Suite-----------Description--------------Name----------Function--------Pre---Post-------------------Context-----------
1981 //
1982 AddTestCase (SecureBootVarMiscTests, "SetSecureBootMode should propagate to set variable", "SetSecureBootMode", SetSecureBootModeShouldSetVar, NULL, NULL, NULL);
1983 AddTestCase (SecureBootVarMiscTests, "GetSetupMode should propagate to get variable", "GetSetupMode", GetSetupModeShouldGetVar, NULL, NULL, NULL);
1984 AddTestCase (SecureBootVarMiscTests, "IsSecureBootEnabled should propagate to get variable", "IsSecureBootEnabled", IsSecureBootEnableShouldGetVar, NULL, NULL, NULL);
1985 AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with one input cert", "SecureBootCreateDataFromInput One Cert", SecureBootCreateDataFromInputSimple, NULL, NULL, NULL);
1986 AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with no input cert", "SecureBootCreateDataFromInput No Cert", SecureBootCreateDataFromInputNull, NULL, NULL, NULL);
1987 AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with multiple input cert", "SecureBootCreateDataFromInput No Cert", SecureBootCreateDataFromInputMultiple, NULL, NULL, NULL);
1988 AddTestCase (SecureBootVarMiscTests, "CreateTimeBasedPayload should populate descriptor data", "CreateTimeBasedPayload Normal", CreateTimeBasedPayloadShouldPopulateDescriptor, NULL, NULL, NULL);
1989 AddTestCase (SecureBootVarMiscTests, "CreateTimeBasedPayload should fail on NULL inputs", "CreateTimeBasedPayload NULL", CreateTimeBasedPayloadShouldCheckInput, NULL, NULL, NULL);
1990
1991 AddTestCase (SecureBootVarDeleteTests, "DeleteDb should delete DB with auth info", "DeleteDb", DeleteDbShouldDelete, NULL, NULL, NULL);
1992 AddTestCase (SecureBootVarDeleteTests, "DeleteDbx should delete DBX with auth info", "DeleteDbx", DeleteDbxShouldDelete, NULL, NULL, NULL);
1993 AddTestCase (SecureBootVarDeleteTests, "DeleteDbt should delete DBT with auth info", "DeleteDbt", DeleteDbtShouldDelete, NULL, NULL, NULL);
1994 AddTestCase (SecureBootVarDeleteTests, "DeleteKEK should delete KEK with auth info", "DeleteKEK", DeleteKEKShouldDelete, NULL, NULL, NULL);
1995 AddTestCase (SecureBootVarDeleteTests, "DeletePlatformKey should delete PK with auth info", "DeletePlatformKey", DeletePKShouldDelete, NULL, NULL, NULL);
1996 AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should delete properly", "DeleteSecureBootVariables Normal", DeleteSecureBootVariablesShouldDelete, NULL, NULL, NULL);
1997 AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should fail if protection disable fails", "DeleteSecureBootVariables Fail", DeleteSecureBootVariablesShouldCheckProtection, NULL, NULL, NULL);
1998 AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should continue if any variable is not found", "DeleteSecureBootVariables Proceed", DeleteSecureBootVariablesShouldProceedWithNotFound, NULL, NULL, NULL);
1999
2000 AddTestCase (SecureBootVarEnrollTests, "EnrollFromInput should supply with authenticated payload", "EnrollFromInput Normal", EnrollFromInputShouldComplete, NULL, NULL, NULL);
2001 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should complete", "SetSecureBootVariablesToDefault Normal", SetSecureBootVariablesShouldComplete, NULL, NULL, NULL);
2002 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when already enabled", "SetSecureBootVariablesToDefault Already Started", SetSecureBootVariablesShouldStopWhenSecure, NULL, NULL, NULL);
2003 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when DB failed", "SetSecureBootVariablesToDefault Fails DB", SetSecureBootVariablesShouldStopFailDB, NULL, NULL, NULL);
2004 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when DBT failed", "SetSecureBootVariablesToDefault Fails DBT", SetSecureBootVariablesShouldStopFailDBT, NULL, NULL, NULL);
2005 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when DBX failed", "SetSecureBootVariablesToDefault Fails DBX", SetSecureBootVariablesShouldStopFailDBX, NULL, NULL, NULL);
2006 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when KEK failed", "SetSecureBootVariablesToDefault Fails KEK", SetSecureBootVariablesShouldStopFailKEK, NULL, NULL, NULL);
2007 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when PK failed", "SetSecureBootVariablesToDefault Fails PK", SetSecureBootVariablesShouldStopFailPK, NULL, NULL, NULL);
2008 AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should only be optional", "SetSecureBootVariablesToDefault DBT Optional", SetSecureBootVariablesDBTOptional, NULL, NULL, NULL);
2009
2010 //
2011 // Execute the tests.
2012 //
2013 Status = RunAllTestSuites (Framework);
2014
2015EXIT:
2016 if (Framework) {
2017 FreeUnitTestFramework (Framework);
2018 }
2019
2020 return Status;
2021}
2022
2026int
2027main (
2028 int argc,
2029 char *argv[]
2030 )
2031{
2032 return UnitTestingEntry ();
2033}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
EFI_CUSTOM_MODE_NAME
#define EFI_CUSTOM_MODE_NAME
Definition: AuthenticatedVariableFormat.h:51
CopyMem
VOID *EFIAPI CopyMem(OUT VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CopyMemWrapper.c:41
CompareGuid
BOOLEAN EFIAPI CompareGuid(IN CONST GUID *Guid1, IN CONST GUID *Guid2)
Definition: MemLibGuid.c:73
main
int main()
=== TEST ENGINE ================================================================================
Definition: DxePrmContextBufferLibUnitTest.c:491
AllocateCopyPool
VOID *EFIAPI AllocateCopyPool(IN UINTN AllocationSize, IN CONST VOID *Buffer)
Definition: MemoryAllocationLib.c:590
EFI_SETUP_MODE_NAME
#define EFI_SETUP_MODE_NAME
Definition: GlobalVariable.h:121
EFI_KEY_EXCHANGE_KEY_NAME
#define EFI_KEY_EXCHANGE_KEY_NAME
Definition: GlobalVariable.h:126
EFI_PLATFORM_KEY_NAME
#define EFI_PLATFORM_KEY_NAME
Definition: GlobalVariable.h:131
EFI_SECURE_BOOT_MODE_NAME
#define EFI_SECURE_BOOT_MODE_NAME
Definition: GlobalVariable.h:143
EFI_IMAGE_SECURITY_DATABASE2
#define EFI_IMAGE_SECURITY_DATABASE2
Definition: ImageAuthentication.h:36
EFI_IMAGE_SECURITY_DATABASE1
#define EFI_IMAGE_SECURITY_DATABASE1
Definition: ImageAuthentication.h:31
EFI_IMAGE_SECURITY_DATABASE
#define EFI_IMAGE_SECURITY_DATABASE
Definition: ImageAuthentication.h:26
NULL
#define NULL
Definition: Base.h:319
STATIC
#define STATIC
Definition: Base.h:264
TRUE
#define TRUE
Definition: Base.h:301
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
OFFSET_OF
#define OFFSET_OF(TYPE, Field)
Definition: Base.h:758
OUT
#define OUT
Definition: Base.h:284
DEBUG
#define DEBUG(Expression)
Definition: DebugLib.h:434
CreateTimeBasedPayload
EFI_STATUS CreateTimeBasedPayload(IN OUT UINTN *DataSize, IN OUT UINT8 **Data)
Definition: PlatVarCleanupLib.c:345
DisablePKProtection
EFI_STATUS EFIAPI DisablePKProtection(VOID)
Definition: PlatformPKProtectionLibVarPolicy.c:29
SetSecureBootMode
EFI_STATUS EFIAPI SetSecureBootMode(IN UINT8 SecureBootMode)
Definition: SecureBootVariableLib.c:391
IsSecureBootEnabled
BOOLEAN EFIAPI IsSecureBootEnabled(VOID)
Definition: SecureBootVariableLib.c:444
GetSetupMode
EFI_STATUS EFIAPI GetSetupMode(OUT UINT8 *SetupMode)
Definition: SecureBootVariableLib.c:413
SecureBootCreateDataFromInput
EFI_STATUS EFIAPI SecureBootCreateDataFromInput(OUT UINTN *SigListsSize, OUT EFI_SIGNATURE_LIST **SigListOut, IN UINTN KeyInfoCount, IN CONST SECURE_BOOT_CERTIFICATE_INFO *KeyInfo)
Definition: SecureBootVariableLib.c:169
DeleteDbx
EFI_STATUS EFIAPI DeleteDbx(VOID)
Definition: SecureBootVariableLib.c:505
SetSecureBootVariablesToDefault
EFI_STATUS EFIAPI SetSecureBootVariablesToDefault(IN CONST SECURE_BOOT_PAYLOAD_INFO *SecureBootPayload)
Definition: SecureBootVariableLib.c:790
DeletePlatformKey
EFI_STATUS EFIAPI DeletePlatformKey(VOID)
Definition: SecureBootVariableLib.c:574
DeleteDb
EFI_STATUS EFIAPI DeleteDb(VOID)
Definition: SecureBootVariableLib.c:482
DeleteKEK
EFI_STATUS EFIAPI DeleteKEK(VOID)
Definition: SecureBootVariableLib.c:551
DeleteDbt
EFI_STATUS EFIAPI DeleteDbt(VOID)
Definition: SecureBootVariableLib.c:528
DeleteSecureBootVariables
EFI_STATUS EFIAPI DeleteSecureBootVariables(VOID)
Definition: SecureBootVariableLib.c:600
EnrollFromInput
EFI_STATUS EFIAPI EnrollFromInput(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINTN DataSize, IN VOID *Data)
Definition: SecureBootVariableLib.c:693
MockGetVariable
STATIC EFI_STATUS EFIAPI MockGetVariable(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, OUT UINT32 *Attributes OPTIONAL, IN OUT UINTN *DataSize, OUT VOID *Data OPTIONAL)
Definition: SecureBootVariableLibUnitTest.c:128
DeleteKEKShouldDelete
UNIT_TEST_STATUS EFIAPI DeleteKEKShouldDelete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:771
SetSecureBootVariablesShouldStopFailDBT
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesShouldStopFailDBT(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1505
CreateTimeBasedPayloadShouldCheckInput
UNIT_TEST_STATUS EFIAPI CreateTimeBasedPayloadShouldCheckInput(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:556
DeleteDbShouldDelete
UNIT_TEST_STATUS EFIAPI DeleteDbShouldDelete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:594
IsSecureBootEnableShouldGetVar
UNIT_TEST_STATUS EFIAPI IsSecureBootEnableShouldGetVar(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:298
MockSetVariable
STATIC EFI_STATUS EFIAPI MockSetVariable(IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINT32 Attributes, IN UINTN DataSize, IN VOID *Data)
Definition: SecureBootVariableLibUnitTest.c:74
SetSecureBootVariablesShouldStopWhenSecure
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesShouldStopWhenSecure(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1330
gMockRuntime
EFI_RUNTIME_SERVICES gMockRuntime
Definition: SecureBootVariableLibUnitTest.c:175
DeleteSecureBootVariablesShouldProceedWithNotFound
UNIT_TEST_STATUS EFIAPI DeleteSecureBootVariablesShouldProceedWithNotFound(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1091
DeleteSecureBootVariablesShouldCheckProtection
UNIT_TEST_STATUS EFIAPI DeleteSecureBootVariablesShouldCheckProtection(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1060
CreateTimeBasedPayloadShouldPopulateDescriptor
UNIT_TEST_STATUS EFIAPI CreateTimeBasedPayloadShouldPopulateDescriptor(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:493
EnrollFromInputShouldComplete
UNIT_TEST_STATUS EFIAPI EnrollFromInputShouldComplete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1161
DeleteSecureBootVariablesShouldDelete
UNIT_TEST_STATUS EFIAPI DeleteSecureBootVariablesShouldDelete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:898
DeleteDbtShouldDelete
UNIT_TEST_STATUS EFIAPI DeleteDbtShouldDelete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:712
SetSecureBootVariablesShouldStopFailDB
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesShouldStopFailDB(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1432
SetSecureBootVariablesShouldStopFailKEK
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesShouldStopFailKEK(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1595
DeleteDbxShouldDelete
UNIT_TEST_STATUS EFIAPI DeleteDbxShouldDelete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:653
SecureBootCreateDataFromInputNull
UNIT_TEST_STATUS EFIAPI SecureBootCreateDataFromInputNull(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:394
SecureBootCreateDataFromInputSimple
UNIT_TEST_STATUS EFIAPI SecureBootCreateDataFromInputSimple(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:345
SecureBootCreateDataFromInputMultiple
UNIT_TEST_STATUS EFIAPI SecureBootCreateDataFromInputMultiple(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:432
SetSecureBootVariablesShouldComplete
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesShouldComplete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1206
UnitTestingEntry
STATIC EFI_STATUS EFIAPI UnitTestingEntry(VOID)
Definition: SecureBootVariableLibUnitTest.c:1932
SetSecureBootModeShouldSetVar
UNIT_TEST_STATUS EFIAPI SetSecureBootModeShouldSetVar(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:216
DeletePKShouldDelete
UNIT_TEST_STATUS EFIAPI DeletePKShouldDelete(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:830
SetSecureBootVariablesDBTOptional
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesDBTOptional(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1829
SetSecureBootVariablesShouldStopFailPK
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesShouldStopFailPK(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1705
GetSetupModeShouldGetVar
UNIT_TEST_STATUS EFIAPI GetSetupModeShouldGetVar(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:256
SetSecureBootVariablesShouldStopFailDBX
UNIT_TEST_STATUS EFIAPI SetSecureBootVariablesShouldStopFailDBX(IN UNIT_TEST_CONTEXT Context)
Definition: SecureBootVariableLibUnitTest.c:1376
EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29
EFI_SUCCESS
#define EFI_SUCCESS
Definition: UefiBaseType.h:112
EFI_VARIABLE_NON_VOLATILE
#define EFI_VARIABLE_NON_VOLATILE
Definition: UefiMultiPhase.h:15
EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
#define EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
Definition: UefiMultiPhase.h:26
RunAllTestSuites
EFI_STATUS EFIAPI RunAllTestSuites(IN UNIT_TEST_FRAMEWORK_HANDLE FrameworkHandle)
Definition: RunTests.c:145
UT_ASSERT_NOT_NULL
#define UT_ASSERT_NOT_NULL(Pointer)
Definition: UnitTestLib.h:439
UNIT_TEST_CONTEXT
VOID * UNIT_TEST_CONTEXT
Definition: UnitTestLib.h:54
UT_ASSERT_MEM_EQUAL
#define UT_ASSERT_MEM_EQUAL(BufferA, BufferB, Length)
Definition: UnitTestLib.h:389
UT_ASSERT_TRUE
#define UT_ASSERT_TRUE(Expression)
Definition: UnitTestLib.h:350
UT_ASSERT_EQUAL
#define UT_ASSERT_EQUAL(ValueA, ValueB)
Definition: UnitTestLib.h:375
UT_ASSERT_STATUS_EQUAL
#define UT_ASSERT_STATUS_EQUAL(Status, Expected)
Definition: UnitTestLib.h:427
CreateUnitTestSuite
EFI_STATUS EFIAPI CreateUnitTestSuite(OUT UNIT_TEST_SUITE_HANDLE *SuiteHandle, IN UNIT_TEST_FRAMEWORK_HANDLE FrameworkHandle, IN CHAR8 *Title, IN CHAR8 *Name, IN UNIT_TEST_SUITE_SETUP Setup OPTIONAL, IN UNIT_TEST_SUITE_TEARDOWN Teardown OPTIONAL)
Definition: UnitTestLib.c:326
FreeUnitTestFramework
EFI_STATUS EFIAPI FreeUnitTestFramework(IN UNIT_TEST_FRAMEWORK_HANDLE FrameworkHandle)
Definition: UnitTestLib.c:150
AddTestCase
EFI_STATUS EFIAPI AddTestCase(IN UNIT_TEST_SUITE_HANDLE SuiteHandle, IN CHAR8 *Description, IN CHAR8 *Name, IN UNIT_TEST_FUNCTION Function, IN UNIT_TEST_PREREQUISITE Prerequisite OPTIONAL, IN UNIT_TEST_CLEANUP CleanUp OPTIONAL, IN UNIT_TEST_CONTEXT Context OPTIONAL)
Definition: UnitTestLib.c:426
InitUnitTestFramework
EFI_STATUS EFIAPI InitUnitTestFramework(OUT UNIT_TEST_FRAMEWORK_HANDLE *FrameworkHandle, IN CHAR8 *Title, IN CHAR8 *ShortTitle, IN CHAR8 *VersionString)
Definition: UnitTestLib.c:204
UNIT_TEST_STATUS
UINT32 UNIT_TEST_STATUS
Definition: UnitTestLib.h:16
UT_ASSERT_NOT_EFI_ERROR
#define UT_ASSERT_NOT_EFI_ERROR(Status)
Definition: UnitTestLib.h:414
EFI_RUNTIME_SERVICES
Definition: UefiSpec.h:1864
EFI_SIGNATURE_DATA
Definition: ImageAuthentication.h:55
EFI_SIGNATURE_DATA::SignatureOwner
EFI_GUID SignatureOwner
Definition: ImageAuthentication.h:59
EFI_SIGNATURE_DATA::SignatureData
UINT8 SignatureData[1]
Definition: ImageAuthentication.h:63
EFI_SIGNATURE_LIST
Definition: ImageAuthentication.h:66
EFI_SIGNATURE_LIST::SignatureHeaderSize
UINT32 SignatureHeaderSize
Definition: ImageAuthentication.h:78
EFI_SIGNATURE_LIST::SignatureType
EFI_GUID SignatureType
Definition: ImageAuthentication.h:70
EFI_SIGNATURE_LIST::SignatureListSize
UINT32 SignatureListSize
Definition: ImageAuthentication.h:74
EFI_SIGNATURE_LIST::SignatureSize
UINT32 SignatureSize
Definition: ImageAuthentication.h:82
EFI_TIME
Definition: UefiBaseType.h:68
EFI_VARIABLE_AUTHENTICATION_2
Definition: UefiMultiPhase.h:236
EFI_VARIABLE_AUTHENTICATION_2::TimeStamp
EFI_TIME TimeStamp
Definition: UefiMultiPhase.h:241
EFI_VARIABLE_AUTHENTICATION_2::AuthInfo
WIN_CERTIFICATE_UEFI_GUID AuthInfo
Definition: UefiMultiPhase.h:245
GUID
Definition: Base.h:213
SECURE_BOOT_CERTIFICATE_INFO
Definition: UefiSecureBoot.h:19
SECURE_BOOT_PAYLOAD_INFO
Definition: UefiSecureBoot.h:36
WIN_CERTIFICATE_UEFI_GUID
Definition: WinCertificate.h:67
WIN_CERTIFICATE_UEFI_GUID::CertData
UINT8 CertData[1]
Definition: WinCertificate.h:84
WIN_CERTIFICATE_UEFI_GUID::Hdr
WIN_CERTIFICATE Hdr
Definition: WinCertificate.h:72
WIN_CERTIFICATE_UEFI_GUID::CertType
EFI_GUID CertType
Definition: WinCertificate.h:77
WIN_CERTIFICATE::wRevision
UINT16 wRevision
Definition: WinCertificate.h:34
WIN_CERTIFICATE::dwLength
UINT32 dwLength
Definition: WinCertificate.h:29
WIN_CERTIFICATE::wCertificateType
UINT16 wCertificateType
Definition: WinCertificate.h:40