diff options
Diffstat (limited to 'libstb/secvar/test/secvar-test-edk2-compat.c')
-rw-r--r-- | libstb/secvar/test/secvar-test-edk2-compat.c | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/libstb/secvar/test/secvar-test-edk2-compat.c b/libstb/secvar/test/secvar-test-edk2-compat.c index f230542..b087e5e 100644 --- a/libstb/secvar/test/secvar-test-edk2-compat.c +++ b/libstb/secvar/test/secvar-test-edk2-compat.c @@ -13,6 +13,7 @@ #include "./data/invalidkek.h" #include "./data/malformedkek.h" #include "./data/trimmedKEK.h" +#include "./data/KEKeslcorrupt.h" #include "./data/db.h" #include "./data/dbsigneddata.h" #include "./data/OldTSKEK.h" @@ -273,6 +274,23 @@ int run_test() ASSERT(0 == tmp->data_size); free(data); + /* KEK with corrupted ESL SignatureSize */ + printf("KEK with corrupt ESL SignatureSize\n"); + tmp = new_secvar("KEK", 4, KEKeslcorrupt_auth, KEKeslcorrupt_auth_len, 0); + ASSERT(0 == edk2_compat_validate(tmp)); + list_add_tail(&update_bank, &tmp->link); + ASSERT(1 == list_length(&update_bank)); + + rc = edk2_compat_process(&variable_bank, &update_bank); + /* If we don't catch the error, we get OPAL_NO_MEM instead */ + ASSERT(OPAL_PARAMETER == rc); + ASSERT(5 == list_length(&variable_bank)); + ASSERT(0 == list_length(&update_bank)); + tmp = find_secvar("KEK", 4, &variable_bank); + ASSERT(NULL != tmp); + ASSERT(0 == tmp->data_size); + + /* Add valid KEK, .process(), succeeds. */ printf("Add KEK"); tmp = new_secvar("KEK", 4, KEK_auth, KEK_auth_len, 0); |