xref: /aosp_15_r20/external/avb/test/avb_vbmeta_image_unittest.cc (revision d289c2ba6de359471b23d594623b906876bc48a0) 
1*d289c2baSAndroid Build Coastguard Worker /*
2*d289c2baSAndroid Build Coastguard Worker  * Copyright (C) 2016 The Android Open Source Project
3*d289c2baSAndroid Build Coastguard Worker  *
4*d289c2baSAndroid Build Coastguard Worker  * Permission is hereby granted, free of charge, to any person
5*d289c2baSAndroid Build Coastguard Worker  * obtaining a copy of this software and associated documentation
6*d289c2baSAndroid Build Coastguard Worker  * files (the "Software"), to deal in the Software without
7*d289c2baSAndroid Build Coastguard Worker  * restriction, including without limitation the rights to use, copy,
8*d289c2baSAndroid Build Coastguard Worker  * modify, merge, publish, distribute, sublicense, and/or sell copies
9*d289c2baSAndroid Build Coastguard Worker  * of the Software, and to permit persons to whom the Software is
10*d289c2baSAndroid Build Coastguard Worker  * furnished to do so, subject to the following conditions:
11*d289c2baSAndroid Build Coastguard Worker  *
12*d289c2baSAndroid Build Coastguard Worker  * The above copyright notice and this permission notice shall be
13*d289c2baSAndroid Build Coastguard Worker  * included in all copies or substantial portions of the Software.
14*d289c2baSAndroid Build Coastguard Worker  *
15*d289c2baSAndroid Build Coastguard Worker  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16*d289c2baSAndroid Build Coastguard Worker  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17*d289c2baSAndroid Build Coastguard Worker  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18*d289c2baSAndroid Build Coastguard Worker  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19*d289c2baSAndroid Build Coastguard Worker  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20*d289c2baSAndroid Build Coastguard Worker  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21*d289c2baSAndroid Build Coastguard Worker  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22*d289c2baSAndroid Build Coastguard Worker  * SOFTWARE.
23*d289c2baSAndroid Build Coastguard Worker  */
24*d289c2baSAndroid Build Coastguard Worker 
25*d289c2baSAndroid Build Coastguard Worker #include <base/files/file_util.h>
26*d289c2baSAndroid Build Coastguard Worker #include <base/strings/string_util.h>
27*d289c2baSAndroid Build Coastguard Worker #include <endian.h>
28*d289c2baSAndroid Build Coastguard Worker #include <inttypes.h>
29*d289c2baSAndroid Build Coastguard Worker #include <libavb/libavb.h>
30*d289c2baSAndroid Build Coastguard Worker #include <string.h>
31*d289c2baSAndroid Build Coastguard Worker 
32*d289c2baSAndroid Build Coastguard Worker #include <iostream>
33*d289c2baSAndroid Build Coastguard Worker 
34*d289c2baSAndroid Build Coastguard Worker #include "avb_unittest_util.h"
35*d289c2baSAndroid Build Coastguard Worker 
36*d289c2baSAndroid Build Coastguard Worker namespace avb {
37*d289c2baSAndroid Build Coastguard Worker 
38*d289c2baSAndroid Build Coastguard Worker class VerifyTest : public BaseAvbToolTest {
39*d289c2baSAndroid Build Coastguard Worker  public:
VerifyTest()40*d289c2baSAndroid Build Coastguard Worker   VerifyTest() {}
41*d289c2baSAndroid Build Coastguard Worker 
42*d289c2baSAndroid Build Coastguard Worker  protected:
43*d289c2baSAndroid Build Coastguard Worker   // Helper function for ModificationDetection test. Modifies
44*d289c2baSAndroid Build Coastguard Worker   // boot_image_ in a number of places in the sub-array at |offset| of
45*d289c2baSAndroid Build Coastguard Worker   // size |length| and checks that avb_vbmeta_image_verify() returns
46*d289c2baSAndroid Build Coastguard Worker   // |expected_result|.
47*d289c2baSAndroid Build Coastguard Worker   bool test_modification(AvbVBMetaVerifyResult expected_result,
48*d289c2baSAndroid Build Coastguard Worker                          size_t offset,
49*d289c2baSAndroid Build Coastguard Worker                          size_t length);
50*d289c2baSAndroid Build Coastguard Worker };
51*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,BootImageStructSize)52*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, BootImageStructSize) {
53*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(256UL, sizeof(AvbVBMetaImageHeader));
54*d289c2baSAndroid Build Coastguard Worker }
55*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckSHA256RSA2048)56*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckSHA256RSA2048) {
57*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
58*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
59*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
60*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
61*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
62*d289c2baSAndroid Build Coastguard Worker }
63*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckSHA256RSA4096)64*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckSHA256RSA4096) {
65*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
66*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA4096", 0, "test/data/testkey_rsa4096.pem");
67*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
68*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
69*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
70*d289c2baSAndroid Build Coastguard Worker }
71*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckSHA256RSA8192)72*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckSHA256RSA8192) {
73*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
74*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA8192", 0, "test/data/testkey_rsa8192.pem");
75*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
76*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
77*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
78*d289c2baSAndroid Build Coastguard Worker }
79*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckSHA512RSA2048)80*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckSHA512RSA2048) {
81*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
82*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA512_RSA2048", 0, "test/data/testkey_rsa2048.pem");
83*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
84*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
85*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
86*d289c2baSAndroid Build Coastguard Worker }
87*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckSHA512RSA4096)88*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckSHA512RSA4096) {
89*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
90*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA512_RSA4096", 0, "test/data/testkey_rsa4096.pem");
91*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
92*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
93*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
94*d289c2baSAndroid Build Coastguard Worker }
95*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckSHA512RSA8192)96*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckSHA512RSA8192) {
97*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
98*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA512_RSA8192", 0, "test/data/testkey_rsa8192.pem");
99*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
100*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
101*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
102*d289c2baSAndroid Build Coastguard Worker }
103*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckUnsigned)104*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckUnsigned) {
105*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage("vbmeta.img", "", 0, "");
106*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK_NOT_SIGNED,
107*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
108*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
109*d289c2baSAndroid Build Coastguard Worker }
110*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,CheckBiggerLength)111*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, CheckBiggerLength) {
112*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
113*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
114*d289c2baSAndroid Build Coastguard Worker   // Check that it's OK if we pass a bigger length than what the
115*d289c2baSAndroid Build Coastguard Worker   // header indicates.
116*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
117*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
118*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size() + 8192, NULL, NULL));
119*d289c2baSAndroid Build Coastguard Worker }
120*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,BadMagic)121*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, BadMagic) {
122*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
123*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
124*d289c2baSAndroid Build Coastguard Worker   vbmeta_image_[0] = 'Z';
125*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
126*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
127*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
128*d289c2baSAndroid Build Coastguard Worker }
129*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,MajorVersionCheck)130*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, MajorVersionCheck) {
131*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
132*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
133*d289c2baSAndroid Build Coastguard Worker 
134*d289c2baSAndroid Build Coastguard Worker   // Bail if it's a different major version.
135*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
136*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
137*d289c2baSAndroid Build Coastguard Worker   h->required_libavb_version_major = htobe32(1 + AVB_VERSION_MAJOR);
138*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_UNSUPPORTED_VERSION,
139*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
140*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
141*d289c2baSAndroid Build Coastguard Worker }
142*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,MinorVersionCheck)143*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, MinorVersionCheck) {
144*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage("vbmeta.img", "", 0, "");
145*d289c2baSAndroid Build Coastguard Worker 
146*d289c2baSAndroid Build Coastguard Worker   // Bail if required_libavb_version_minor exceeds our libavb version.
147*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
148*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
149*d289c2baSAndroid Build Coastguard Worker   h->required_libavb_version_minor = htobe32(1 + AVB_VERSION_MINOR);
150*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_UNSUPPORTED_VERSION,
151*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
152*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
153*d289c2baSAndroid Build Coastguard Worker }
154*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,NulTerminatedReleaseString)155*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, NulTerminatedReleaseString) {
156*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage("vbmeta.img", "", 0, "");
157*d289c2baSAndroid Build Coastguard Worker 
158*d289c2baSAndroid Build Coastguard Worker   // Bail if |release_string| isn't NUL-terminated.
159*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
160*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
161*d289c2baSAndroid Build Coastguard Worker   for (size_t n = 0; n < AVB_RELEASE_STRING_SIZE; n++) {
162*d289c2baSAndroid Build Coastguard Worker     h->release_string[n] = 'a';
163*d289c2baSAndroid Build Coastguard Worker   }
164*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
165*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
166*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
167*d289c2baSAndroid Build Coastguard Worker }
168*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,BlockSizesAddUpToLessThanLength)169*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, BlockSizesAddUpToLessThanLength) {
170*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
171*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
172*d289c2baSAndroid Build Coastguard Worker 
173*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
174*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
175*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader backup = *h;
176*d289c2baSAndroid Build Coastguard Worker 
177*d289c2baSAndroid Build Coastguard Worker   // Check that the sum of the two block lengths is less than passed
178*d289c2baSAndroid Build Coastguard Worker   // in size. Use a size that's a multiple of 64 to avoid failure on
179*d289c2baSAndroid Build Coastguard Worker   // earlier check.
180*d289c2baSAndroid Build Coastguard Worker   uint64_t size = vbmeta_image_.size() & (~0x3f);
181*d289c2baSAndroid Build Coastguard Worker 
182*d289c2baSAndroid Build Coastguard Worker   h->authentication_data_block_size = htobe64(size);
183*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
184*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
185*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
186*d289c2baSAndroid Build Coastguard Worker   *h = backup;
187*d289c2baSAndroid Build Coastguard Worker 
188*d289c2baSAndroid Build Coastguard Worker   h->auxiliary_data_block_size = htobe64(size);
189*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
190*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
191*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
192*d289c2baSAndroid Build Coastguard Worker   *h = backup;
193*d289c2baSAndroid Build Coastguard Worker 
194*d289c2baSAndroid Build Coastguard Worker   // Overflow checks - choose overflow candidate so it's a multiple of
195*d289c2baSAndroid Build Coastguard Worker   // 64 otherwise we'll fail on an earlier check.
196*d289c2baSAndroid Build Coastguard Worker   size = 0xffffffffffffffc0UL;
197*d289c2baSAndroid Build Coastguard Worker 
198*d289c2baSAndroid Build Coastguard Worker   h->authentication_data_block_size = htobe64(size);
199*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
200*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
201*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
202*d289c2baSAndroid Build Coastguard Worker   *h = backup;
203*d289c2baSAndroid Build Coastguard Worker 
204*d289c2baSAndroid Build Coastguard Worker   h->auxiliary_data_block_size = htobe64(size);
205*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
206*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
207*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
208*d289c2baSAndroid Build Coastguard Worker   *h = backup;
209*d289c2baSAndroid Build Coastguard Worker 
210*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
211*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
212*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
213*d289c2baSAndroid Build Coastguard Worker }
214*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,BlockSizesMultipleOf64)215*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, BlockSizesMultipleOf64) {
216*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
217*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
218*d289c2baSAndroid Build Coastguard Worker 
219*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
220*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
221*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader backup = *h;
222*d289c2baSAndroid Build Coastguard Worker 
223*d289c2baSAndroid Build Coastguard Worker   h->authentication_data_block_size =
224*d289c2baSAndroid Build Coastguard Worker       htobe32(be32toh(h->authentication_data_block_size) - 32);
225*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
226*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
227*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size() - 32, NULL, NULL));
228*d289c2baSAndroid Build Coastguard Worker   *h = backup;
229*d289c2baSAndroid Build Coastguard Worker 
230*d289c2baSAndroid Build Coastguard Worker   h->auxiliary_data_block_size =
231*d289c2baSAndroid Build Coastguard Worker       htobe32(be32toh(h->auxiliary_data_block_size) - 32);
232*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
233*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
234*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size() - 32, NULL, NULL));
235*d289c2baSAndroid Build Coastguard Worker   *h = backup;
236*d289c2baSAndroid Build Coastguard Worker 
237*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
238*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
239*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
240*d289c2baSAndroid Build Coastguard Worker }
241*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,HashOutOfBounds)242*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, HashOutOfBounds) {
243*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
244*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
245*d289c2baSAndroid Build Coastguard Worker 
246*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
247*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
248*d289c2baSAndroid Build Coastguard Worker 
249*d289c2baSAndroid Build Coastguard Worker   // Check we catch when hash data goes out of bounds.
250*d289c2baSAndroid Build Coastguard Worker   h->hash_offset = htobe64(4);
251*d289c2baSAndroid Build Coastguard Worker   h->hash_size = htobe64(be64toh(h->authentication_data_block_size));
252*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
253*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
254*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
255*d289c2baSAndroid Build Coastguard Worker 
256*d289c2baSAndroid Build Coastguard Worker   // Overflow checks.
257*d289c2baSAndroid Build Coastguard Worker   h->hash_offset = htobe64(4);
258*d289c2baSAndroid Build Coastguard Worker   h->hash_size = htobe64(0xfffffffffffffffeUL);
259*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
260*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
261*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
262*d289c2baSAndroid Build Coastguard Worker }
263*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,SignatureOutOfBounds)264*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, SignatureOutOfBounds) {
265*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
266*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
267*d289c2baSAndroid Build Coastguard Worker 
268*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
269*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
270*d289c2baSAndroid Build Coastguard Worker 
271*d289c2baSAndroid Build Coastguard Worker   // Check we catch when signature data goes out of bounds.
272*d289c2baSAndroid Build Coastguard Worker   h->signature_offset = htobe64(4);
273*d289c2baSAndroid Build Coastguard Worker   h->signature_size = htobe64(be64toh(h->authentication_data_block_size));
274*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
275*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
276*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
277*d289c2baSAndroid Build Coastguard Worker 
278*d289c2baSAndroid Build Coastguard Worker   // Overflow checks.
279*d289c2baSAndroid Build Coastguard Worker   h->signature_offset = htobe64(4);
280*d289c2baSAndroid Build Coastguard Worker   h->signature_size = htobe64(0xfffffffffffffffeUL);
281*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
282*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
283*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
284*d289c2baSAndroid Build Coastguard Worker }
285*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,PublicKeyOutOfBounds)286*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, PublicKeyOutOfBounds) {
287*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
288*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
289*d289c2baSAndroid Build Coastguard Worker 
290*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
291*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
292*d289c2baSAndroid Build Coastguard Worker 
293*d289c2baSAndroid Build Coastguard Worker   // Check we catch when public key data goes out of bounds.
294*d289c2baSAndroid Build Coastguard Worker   h->public_key_offset = htobe64(4);
295*d289c2baSAndroid Build Coastguard Worker   h->public_key_size = htobe64(be64toh(h->auxiliary_data_block_size));
296*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
297*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
298*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
299*d289c2baSAndroid Build Coastguard Worker 
300*d289c2baSAndroid Build Coastguard Worker   // Overflow checks.
301*d289c2baSAndroid Build Coastguard Worker   h->public_key_offset = htobe64(4);
302*d289c2baSAndroid Build Coastguard Worker   h->public_key_size = htobe64(0xfffffffffffffffeUL);
303*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
304*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
305*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
306*d289c2baSAndroid Build Coastguard Worker }
307*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,PublicKeyMetadataOutOfBounds)308*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, PublicKeyMetadataOutOfBounds) {
309*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
310*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
311*d289c2baSAndroid Build Coastguard Worker 
312*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
313*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
314*d289c2baSAndroid Build Coastguard Worker 
315*d289c2baSAndroid Build Coastguard Worker   // Check we catch when public key metadata data goes out of bounds.
316*d289c2baSAndroid Build Coastguard Worker   h->public_key_metadata_offset = htobe64(4);
317*d289c2baSAndroid Build Coastguard Worker   h->public_key_metadata_size = htobe64(be64toh(h->auxiliary_data_block_size));
318*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
319*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
320*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
321*d289c2baSAndroid Build Coastguard Worker 
322*d289c2baSAndroid Build Coastguard Worker   // Overflow checks.
323*d289c2baSAndroid Build Coastguard Worker   h->public_key_metadata_offset = htobe64(4);
324*d289c2baSAndroid Build Coastguard Worker   h->public_key_metadata_size = htobe64(0xfffffffffffffffeUL);
325*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
326*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
327*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
328*d289c2baSAndroid Build Coastguard Worker }
329*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,InvalidAlgorithmField)330*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, InvalidAlgorithmField) {
331*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
332*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
333*d289c2baSAndroid Build Coastguard Worker 
334*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
335*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
336*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader backup = *h;
337*d289c2baSAndroid Build Coastguard Worker 
338*d289c2baSAndroid Build Coastguard Worker   // Check we bail on unknown algorithm.
339*d289c2baSAndroid Build Coastguard Worker   h->algorithm_type = htobe32(_AVB_ALGORITHM_NUM_TYPES);
340*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
341*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
342*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
343*d289c2baSAndroid Build Coastguard Worker   *h = backup;
344*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
345*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
346*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
347*d289c2baSAndroid Build Coastguard Worker }
348*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,PublicKeyBlockTooSmall)349*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, PublicKeyBlockTooSmall) {
350*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
351*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
352*d289c2baSAndroid Build Coastguard Worker 
353*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader* h =
354*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data());
355*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader backup = *h;
356*d289c2baSAndroid Build Coastguard Worker 
357*d289c2baSAndroid Build Coastguard Worker   // Check we bail if the auxiliary data block is too small.
358*d289c2baSAndroid Build Coastguard Worker   uint64_t change = be64toh(h->auxiliary_data_block_size) - 64;
359*d289c2baSAndroid Build Coastguard Worker   h->auxiliary_data_block_size = htobe64(change);
360*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(
361*d289c2baSAndroid Build Coastguard Worker       AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
362*d289c2baSAndroid Build Coastguard Worker       avb_vbmeta_image_verify(
363*d289c2baSAndroid Build Coastguard Worker           vbmeta_image_.data(), vbmeta_image_.size() - change, NULL, NULL));
364*d289c2baSAndroid Build Coastguard Worker   *h = backup;
365*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
366*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
367*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
368*d289c2baSAndroid Build Coastguard Worker }
369*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,VbmetaImageSmallerThanMagic)370*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, VbmetaImageSmallerThanMagic) {
371*d289c2baSAndroid Build Coastguard Worker   uint8_t vbmeta_onebyte[1] = {0};
372*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_INVALID_VBMETA_HEADER,
373*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
374*d289c2baSAndroid Build Coastguard Worker                 vbmeta_onebyte, 1, NULL, NULL));
375*d289c2baSAndroid Build Coastguard Worker }
376*d289c2baSAndroid Build Coastguard Worker 
test_modification(AvbVBMetaVerifyResult expected_result,size_t offset,size_t length)377*d289c2baSAndroid Build Coastguard Worker bool VerifyTest::test_modification(AvbVBMetaVerifyResult expected_result,
378*d289c2baSAndroid Build Coastguard Worker                                    size_t offset,
379*d289c2baSAndroid Build Coastguard Worker                                    size_t length) {
380*d289c2baSAndroid Build Coastguard Worker   uint8_t* d = reinterpret_cast<uint8_t*>(vbmeta_image_.data());
381*d289c2baSAndroid Build Coastguard Worker   const int kNumCheckpoints = 16;
382*d289c2baSAndroid Build Coastguard Worker 
383*d289c2baSAndroid Build Coastguard Worker   // Test |kNumCheckpoints| modifications in the start, middle, and
384*d289c2baSAndroid Build Coastguard Worker   // end of given sub-array.
385*d289c2baSAndroid Build Coastguard Worker   for (int n = 0; n <= kNumCheckpoints; n++) {
386*d289c2baSAndroid Build Coastguard Worker     size_t o = std::min(length * n / kNumCheckpoints, length - 1) + offset;
387*d289c2baSAndroid Build Coastguard Worker     d[o] ^= 0x80;
388*d289c2baSAndroid Build Coastguard Worker     AvbVBMetaVerifyResult result = avb_vbmeta_image_verify(
389*d289c2baSAndroid Build Coastguard Worker         vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL);
390*d289c2baSAndroid Build Coastguard Worker     d[o] ^= 0x80;
391*d289c2baSAndroid Build Coastguard Worker     if (result != expected_result) {
392*d289c2baSAndroid Build Coastguard Worker       return false;
393*d289c2baSAndroid Build Coastguard Worker     }
394*d289c2baSAndroid Build Coastguard Worker   }
395*d289c2baSAndroid Build Coastguard Worker 
396*d289c2baSAndroid Build Coastguard Worker   return true;
397*d289c2baSAndroid Build Coastguard Worker }
398*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,ModificationDetection)399*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, ModificationDetection) {
400*d289c2baSAndroid Build Coastguard Worker   GenerateVBMetaImage(
401*d289c2baSAndroid Build Coastguard Worker       "vbmeta.img", "SHA256_RSA2048", 0, "test/data/testkey_rsa2048.pem");
402*d289c2baSAndroid Build Coastguard Worker 
403*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(AVB_VBMETA_VERIFY_RESULT_OK,
404*d289c2baSAndroid Build Coastguard Worker             avb_vbmeta_image_verify(
405*d289c2baSAndroid Build Coastguard Worker                 vbmeta_image_.data(), vbmeta_image_.size(), NULL, NULL));
406*d289c2baSAndroid Build Coastguard Worker 
407*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader h;
408*d289c2baSAndroid Build Coastguard Worker   avb_vbmeta_image_header_to_host_byte_order(
409*d289c2baSAndroid Build Coastguard Worker       reinterpret_cast<AvbVBMetaImageHeader*>(vbmeta_image_.data()), &h);
410*d289c2baSAndroid Build Coastguard Worker 
411*d289c2baSAndroid Build Coastguard Worker   size_t header_block_offset = 0;
412*d289c2baSAndroid Build Coastguard Worker   size_t authentication_block_offset =
413*d289c2baSAndroid Build Coastguard Worker       header_block_offset + sizeof(AvbVBMetaImageHeader);
414*d289c2baSAndroid Build Coastguard Worker   size_t auxiliary_block_offset =
415*d289c2baSAndroid Build Coastguard Worker       authentication_block_offset + h.authentication_data_block_size;
416*d289c2baSAndroid Build Coastguard Worker 
417*d289c2baSAndroid Build Coastguard Worker   // Ensure we detect modification of the header data block. Do this
418*d289c2baSAndroid Build Coastguard Worker   // in a field that's not validated so INVALID_VBMETA_HEADER
419*d289c2baSAndroid Build Coastguard Worker   // isn't returned.
420*d289c2baSAndroid Build Coastguard Worker   EXPECT_TRUE(test_modification(
421*d289c2baSAndroid Build Coastguard Worker       AVB_VBMETA_VERIFY_RESULT_HASH_MISMATCH,
422*d289c2baSAndroid Build Coastguard Worker       offsetof(AvbVBMetaImageHeader, reserved),
423*d289c2baSAndroid Build Coastguard Worker       sizeof(AvbVBMetaImageHeader) - offsetof(AvbVBMetaImageHeader, reserved)));
424*d289c2baSAndroid Build Coastguard Worker   // Also check the |reserved| field.
425*d289c2baSAndroid Build Coastguard Worker   EXPECT_TRUE(test_modification(AVB_VBMETA_VERIFY_RESULT_HASH_MISMATCH,
426*d289c2baSAndroid Build Coastguard Worker                                 offsetof(AvbVBMetaImageHeader, reserved),
427*d289c2baSAndroid Build Coastguard Worker                                 sizeof(AvbVBMetaImageHeader().reserved)));
428*d289c2baSAndroid Build Coastguard Worker 
429*d289c2baSAndroid Build Coastguard Worker   // Ensure we detect modifications in the auxiliary data block.
430*d289c2baSAndroid Build Coastguard Worker   EXPECT_TRUE(test_modification(AVB_VBMETA_VERIFY_RESULT_HASH_MISMATCH,
431*d289c2baSAndroid Build Coastguard Worker                                 auxiliary_block_offset,
432*d289c2baSAndroid Build Coastguard Worker                                 h.auxiliary_data_block_size));
433*d289c2baSAndroid Build Coastguard Worker 
434*d289c2baSAndroid Build Coastguard Worker   // Modifications in the hash part of the Authentication data block
435*d289c2baSAndroid Build Coastguard Worker   // should also yield HASH_MISMATCH. This is because the hash check
436*d289c2baSAndroid Build Coastguard Worker   // compares the calculated hash against the stored hash.
437*d289c2baSAndroid Build Coastguard Worker   EXPECT_TRUE(test_modification(AVB_VBMETA_VERIFY_RESULT_HASH_MISMATCH,
438*d289c2baSAndroid Build Coastguard Worker                                 authentication_block_offset + h.hash_offset,
439*d289c2baSAndroid Build Coastguard Worker                                 h.hash_size));
440*d289c2baSAndroid Build Coastguard Worker 
441*d289c2baSAndroid Build Coastguard Worker   // Modifications in the signature part of the Authentication data
442*d289c2baSAndroid Build Coastguard Worker   // block, should not cause a hash mismatch ... but will cause a
443*d289c2baSAndroid Build Coastguard Worker   // signature mismatch.
444*d289c2baSAndroid Build Coastguard Worker   EXPECT_TRUE(
445*d289c2baSAndroid Build Coastguard Worker       test_modification(AVB_VBMETA_VERIFY_RESULT_SIGNATURE_MISMATCH,
446*d289c2baSAndroid Build Coastguard Worker                         authentication_block_offset + h.signature_offset,
447*d289c2baSAndroid Build Coastguard Worker                         h.signature_size));
448*d289c2baSAndroid Build Coastguard Worker 
449*d289c2baSAndroid Build Coastguard Worker   // Mofications outside the hash and signature parts of the
450*d289c2baSAndroid Build Coastguard Worker   // Authentication data block are not detected. This is because it's
451*d289c2baSAndroid Build Coastguard Worker   // not part of the hash calculation.
452*d289c2baSAndroid Build Coastguard Worker   uint64_t offset = h.signature_offset + h.signature_size;
453*d289c2baSAndroid Build Coastguard Worker   ASSERT_LT(h.hash_offset, h.signature_offset);
454*d289c2baSAndroid Build Coastguard Worker   ASSERT_LT(offset + 1, h.authentication_data_block_size);
455*d289c2baSAndroid Build Coastguard Worker   EXPECT_TRUE(test_modification(AVB_VBMETA_VERIFY_RESULT_OK,
456*d289c2baSAndroid Build Coastguard Worker                                 authentication_block_offset + offset,
457*d289c2baSAndroid Build Coastguard Worker                                 h.authentication_data_block_size - offset));
458*d289c2baSAndroid Build Coastguard Worker }
459*d289c2baSAndroid Build Coastguard Worker 
TEST_F(VerifyTest,VBMetaHeaderByteswap)460*d289c2baSAndroid Build Coastguard Worker TEST_F(VerifyTest, VBMetaHeaderByteswap) {
461*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader h;
462*d289c2baSAndroid Build Coastguard Worker   AvbVBMetaImageHeader s;
463*d289c2baSAndroid Build Coastguard Worker   uint32_t n32;
464*d289c2baSAndroid Build Coastguard Worker   uint64_t n64;
465*d289c2baSAndroid Build Coastguard Worker 
466*d289c2baSAndroid Build Coastguard Worker   n32 = 0x11223344;
467*d289c2baSAndroid Build Coastguard Worker   n64 = 0x1122334455667788;
468*d289c2baSAndroid Build Coastguard Worker 
469*d289c2baSAndroid Build Coastguard Worker   h.required_libavb_version_major = htobe32(n32);
470*d289c2baSAndroid Build Coastguard Worker   n32++;
471*d289c2baSAndroid Build Coastguard Worker   h.required_libavb_version_minor = htobe32(n32);
472*d289c2baSAndroid Build Coastguard Worker   n32++;
473*d289c2baSAndroid Build Coastguard Worker   h.authentication_data_block_size = htobe64(n64);
474*d289c2baSAndroid Build Coastguard Worker   n64++;
475*d289c2baSAndroid Build Coastguard Worker   h.auxiliary_data_block_size = htobe64(n64);
476*d289c2baSAndroid Build Coastguard Worker   n64++;
477*d289c2baSAndroid Build Coastguard Worker   h.algorithm_type = htobe32(n32);
478*d289c2baSAndroid Build Coastguard Worker   n32++;
479*d289c2baSAndroid Build Coastguard Worker   h.hash_offset = htobe64(n64);
480*d289c2baSAndroid Build Coastguard Worker   n64++;
481*d289c2baSAndroid Build Coastguard Worker   h.hash_size = htobe64(n64);
482*d289c2baSAndroid Build Coastguard Worker   n64++;
483*d289c2baSAndroid Build Coastguard Worker   h.signature_offset = htobe64(n64);
484*d289c2baSAndroid Build Coastguard Worker   n64++;
485*d289c2baSAndroid Build Coastguard Worker   h.signature_size = htobe64(n64);
486*d289c2baSAndroid Build Coastguard Worker   n64++;
487*d289c2baSAndroid Build Coastguard Worker   h.public_key_offset = htobe64(n64);
488*d289c2baSAndroid Build Coastguard Worker   n64++;
489*d289c2baSAndroid Build Coastguard Worker   h.public_key_size = htobe64(n64);
490*d289c2baSAndroid Build Coastguard Worker   n64++;
491*d289c2baSAndroid Build Coastguard Worker   h.public_key_metadata_offset = htobe64(n64);
492*d289c2baSAndroid Build Coastguard Worker   n64++;
493*d289c2baSAndroid Build Coastguard Worker   h.public_key_metadata_size = htobe64(n64);
494*d289c2baSAndroid Build Coastguard Worker   n64++;
495*d289c2baSAndroid Build Coastguard Worker   h.descriptors_offset = htobe64(n64);
496*d289c2baSAndroid Build Coastguard Worker   n64++;
497*d289c2baSAndroid Build Coastguard Worker   h.descriptors_size = htobe64(n64);
498*d289c2baSAndroid Build Coastguard Worker   n64++;
499*d289c2baSAndroid Build Coastguard Worker   h.rollback_index = htobe64(n64);
500*d289c2baSAndroid Build Coastguard Worker   n64++;
501*d289c2baSAndroid Build Coastguard Worker   h.flags = htobe32(n32);
502*d289c2baSAndroid Build Coastguard Worker   n32++;
503*d289c2baSAndroid Build Coastguard Worker 
504*d289c2baSAndroid Build Coastguard Worker   avb_vbmeta_image_header_to_host_byte_order(&h, &s);
505*d289c2baSAndroid Build Coastguard Worker 
506*d289c2baSAndroid Build Coastguard Worker   n32 = 0x11223344;
507*d289c2baSAndroid Build Coastguard Worker   n64 = 0x1122334455667788;
508*d289c2baSAndroid Build Coastguard Worker 
509*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n32, s.required_libavb_version_major);
510*d289c2baSAndroid Build Coastguard Worker   n32++;
511*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n32, s.required_libavb_version_minor);
512*d289c2baSAndroid Build Coastguard Worker   n32++;
513*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.authentication_data_block_size);
514*d289c2baSAndroid Build Coastguard Worker   n64++;
515*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.auxiliary_data_block_size);
516*d289c2baSAndroid Build Coastguard Worker   n64++;
517*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n32, s.algorithm_type);
518*d289c2baSAndroid Build Coastguard Worker   n32++;
519*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.hash_offset);
520*d289c2baSAndroid Build Coastguard Worker   n64++;
521*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.hash_size);
522*d289c2baSAndroid Build Coastguard Worker   n64++;
523*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.signature_offset);
524*d289c2baSAndroid Build Coastguard Worker   n64++;
525*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.signature_size);
526*d289c2baSAndroid Build Coastguard Worker   n64++;
527*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.public_key_offset);
528*d289c2baSAndroid Build Coastguard Worker   n64++;
529*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.public_key_size);
530*d289c2baSAndroid Build Coastguard Worker   n64++;
531*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.public_key_metadata_offset);
532*d289c2baSAndroid Build Coastguard Worker   n64++;
533*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.public_key_metadata_size);
534*d289c2baSAndroid Build Coastguard Worker   n64++;
535*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.descriptors_offset);
536*d289c2baSAndroid Build Coastguard Worker   n64++;
537*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.descriptors_size);
538*d289c2baSAndroid Build Coastguard Worker   n64++;
539*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n64, s.rollback_index);
540*d289c2baSAndroid Build Coastguard Worker   n64++;
541*d289c2baSAndroid Build Coastguard Worker   EXPECT_EQ(n32, s.flags);
542*d289c2baSAndroid Build Coastguard Worker   n32++;
543*d289c2baSAndroid Build Coastguard Worker 
544*d289c2baSAndroid Build Coastguard Worker   // If new fields are added, the following will fail. This is to
545*d289c2baSAndroid Build Coastguard Worker   // remind that byteswapping code (in avb_util.c) and unittests for
546*d289c2baSAndroid Build Coastguard Worker   // this should be updated.
547*d289c2baSAndroid Build Coastguard Worker   static_assert(offsetof(AvbVBMetaImageHeader, reserved) == 176,
548*d289c2baSAndroid Build Coastguard Worker                 "Remember to unittest byteswapping of newly added fields");
549*d289c2baSAndroid Build Coastguard Worker }
550*d289c2baSAndroid Build Coastguard Worker 
551*d289c2baSAndroid Build Coastguard Worker }  // namespace avb
552