--- /dev/null
+/** @file\r
+ Unit tests of the implementation of SecureBootVariableLib.\r
+\r
+ Copyright (C) Microsoft Corporation.\r
+ SPDX-License-Identifier: BSD-2-Clause-Patent\r
+\r
+**/\r
+\r
+#include <stdio.h>\r
+#include <string.h>\r
+#include <stdarg.h>\r
+#include <stddef.h>\r
+#include <setjmp.h>\r
+#include <cmocka.h>\r
+\r
+#include <Uefi.h>\r
+#include <UefiSecureBoot.h>\r
+#include <Guid/GlobalVariable.h>\r
+#include <Guid/AuthenticatedVariableFormat.h>\r
+#include <Guid/ImageAuthentication.h>\r
+\r
+#include <Library/BaseLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/MemoryAllocationLib.h>\r
+\r
+#include <Library/UnitTestLib.h>\r
+#include <Library/SecureBootVariableLib.h>\r
+\r
+#define UNIT_TEST_APP_NAME "SecureBootVariableLib Unit Tests"\r
+#define UNIT_TEST_APP_VERSION "1.0"\r
+#define VAR_AUTH_DESC_SIZE OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)\r
+\r
+extern EFI_TIME mMaxTimestamp;\r
+extern EFI_TIME mDefaultPayloadTimestamp;\r
+\r
+/**\r
+ Sets the value of a variable.\r
+\r
+ @param[in] VariableName A Null-terminated string that is the name of the vendor's variable.\r
+ Each VariableName is unique for each VendorGuid. VariableName must\r
+ contain 1 or more characters. If VariableName is an empty string,\r
+ then EFI_INVALID_PARAMETER is returned.\r
+ @param[in] VendorGuid A unique identifier for the vendor.\r
+ @param[in] Attributes Attributes bitmask to set for the variable.\r
+ @param[in] DataSize The size in bytes of the Data buffer. Unless the EFI_VARIABLE_APPEND_WRITE or\r
+ EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute is set, a size of zero\r
+ causes the variable to be deleted. When the EFI_VARIABLE_APPEND_WRITE attribute is\r
+ set, then a SetVariable() call with a DataSize of zero will not cause any change to\r
+ the variable value (the timestamp associated with the variable may be updated however\r
+ even if no new data value is provided,see the description of the\r
+ EFI_VARIABLE_AUTHENTICATION_2 descriptor below. In this case the DataSize will not\r
+ be zero since the EFI_VARIABLE_AUTHENTICATION_2 descriptor will be populated).\r
+ @param[in] Data The contents for the variable.\r
+\r
+ @retval EFI_SUCCESS The firmware has successfully stored the variable and its data as\r
+ defined by the Attributes.\r
+ @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits, name, and GUID was supplied, or the\r
+ DataSize exceeds the maximum allowed.\r
+ @retval EFI_INVALID_PARAMETER VariableName is an empty string.\r
+ @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the variable and its data.\r
+ @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error.\r
+ @retval EFI_WRITE_PROTECTED The variable in question is read-only.\r
+ @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.\r
+ @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACESS being set,\r
+ but the AuthInfo does NOT pass the validation check carried out by the firmware.\r
+\r
+ @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.\r
+\r
+**/\r
+STATIC\r
+EFI_STATUS\r
+EFIAPI\r
+MockSetVariable (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN UINT32 Attributes,\r
+ IN UINTN DataSize,\r
+ IN VOID *Data\r
+ )\r
+{\r
+ DEBUG ((\r
+ DEBUG_INFO,\r
+ "%a %s %g %x %x %p\n",\r
+ __FUNCTION__,\r
+ VariableName,\r
+ VendorGuid,\r
+ Attributes,\r
+ DataSize,\r
+ Data\r
+ ));\r
+ check_expected_ptr (VariableName);\r
+ check_expected_ptr (VendorGuid);\r
+ check_expected_ptr (Attributes);\r
+ check_expected (DataSize);\r
+ check_expected (Data);\r
+\r
+ return (EFI_STATUS)mock ();\r
+}\r
+\r
+/**\r
+ Returns the value of a variable.\r
+\r
+ @param[in] VariableName A Null-terminated string that is the name of the vendor's\r
+ variable.\r
+ @param[in] VendorGuid A unique identifier for the vendor.\r
+ @param[out] Attributes If not NULL, a pointer to the memory location to return the\r
+ attributes bitmask for the variable.\r
+ @param[in, out] DataSize On input, the size in bytes of the return Data buffer.\r
+ On output the size of data returned in Data.\r
+ @param[out] Data The buffer to return the contents of the variable. May be NULL\r
+ with a zero DataSize in order to determine the size buffer needed.\r
+\r
+ @retval EFI_SUCCESS The function completed successfully.\r
+ @retval EFI_NOT_FOUND The variable was not found.\r
+ @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result.\r
+ @retval EFI_INVALID_PARAMETER VariableName is NULL.\r
+ @retval EFI_INVALID_PARAMETER VendorGuid is NULL.\r
+ @retval EFI_INVALID_PARAMETER DataSize is NULL.\r
+ @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data is NULL.\r
+ @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error.\r
+ @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due to an authentication failure.\r
+\r
+**/\r
+STATIC\r
+EFI_STATUS\r
+EFIAPI\r
+MockGetVariable (\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ OUT UINT32 *Attributes OPTIONAL,\r
+ IN OUT UINTN *DataSize,\r
+ OUT VOID *Data OPTIONAL\r
+ )\r
+{\r
+ UINTN TargetSize;\r
+ BOOLEAN Exist;\r
+\r
+ DEBUG ((\r
+ DEBUG_INFO,\r
+ "%a %s %g %p %x %p\n",\r
+ __FUNCTION__,\r
+ VariableName,\r
+ VendorGuid,\r
+ Attributes,\r
+ *DataSize,\r
+ Data\r
+ ));\r
+ assert_non_null (DataSize);\r
+ check_expected_ptr (VariableName);\r
+ check_expected_ptr (VendorGuid);\r
+ check_expected (*DataSize);\r
+\r
+ Exist = (BOOLEAN)mock ();\r
+\r
+ if (!Exist) {\r
+ return EFI_NOT_FOUND;\r
+ }\r
+\r
+ TargetSize = (UINTN)mock ();\r
+ if (TargetSize > *DataSize) {\r
+ *DataSize = TargetSize;\r
+ return EFI_BUFFER_TOO_SMALL;\r
+ } else {\r
+ assert_non_null (Data);\r
+ CopyMem (Data, (VOID *)mock (), TargetSize);\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+///\r
+/// Mock version of the UEFI Runtime Services Table\r
+///\r
+EFI_RUNTIME_SERVICES gMockRuntime = {\r
+ {\r
+ EFI_RUNTIME_SERVICES_SIGNATURE, // Signature\r
+ EFI_RUNTIME_SERVICES_REVISION, // Revision\r
+ sizeof (EFI_RUNTIME_SERVICES), // HeaderSize\r
+ 0, // CRC32\r
+ 0 // Reserved\r
+ },\r
+ NULL, // GetTime\r
+ NULL, // SetTime\r
+ NULL, // GetWakeupTime\r
+ NULL, // SetWakeupTime\r
+ NULL, // SetVirtualAddressMap\r
+ NULL, // ConvertPointer\r
+ MockGetVariable, // GetVariable\r
+ NULL, // GetNextVariableName\r
+ MockSetVariable, // SetVariable\r
+ NULL, // GetNextHighMonotonicCount\r
+ NULL, // ResetSystem\r
+ NULL, // UpdateCapsule\r
+ NULL, // QueryCapsuleCapabilities\r
+ NULL // QueryVariableInfo\r
+};\r
+\r
+/**\r
+ Unit test for SetSecureBootMode () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootModeShouldSetVar (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ UINT8 SecureBootMode;\r
+ EFI_STATUS Status;\r
+\r
+ SecureBootMode = 0xAB; // Any random magic number...\r
+ expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, sizeof (SecureBootMode));\r
+ expect_memory (MockSetVariable, Data, &SecureBootMode, sizeof (SecureBootMode));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = SetSecureBootMode (SecureBootMode);\r
+\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for GetSetupMode () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+GetSetupModeShouldGetVar (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 TargetMode;\r
+ UINT8 SetupMode;\r
+\r
+ TargetMode = 0xAB; // Any random magic number...\r
+ expect_memory (MockGetVariable, VariableName, EFI_SETUP_MODE_NAME, sizeof (EFI_SETUP_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (SetupMode));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (SetupMode));\r
+ will_return (MockGetVariable, &TargetMode);\r
+\r
+ Status = GetSetupMode (&SetupMode);\r
+\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (SetupMode, TargetMode);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for GetSetupMode () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+IsSecureBootEnableShouldGetVar (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ BOOLEAN Enabled;\r
+ UINT8 TargetMode;\r
+\r
+ TargetMode = SECURE_BOOT_MODE_ENABLE;\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (TargetMode));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (TargetMode));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (TargetMode));\r
+ will_return (MockGetVariable, &TargetMode);\r
+\r
+ Enabled = IsSecureBootEnabled ();\r
+\r
+ UT_ASSERT_EQUAL (Enabled, SECURE_BOOT_MODE_ENABLE);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SecureBootCreateDataFromInput () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SecureBootCreateDataFromInputSimple (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_SIGNATURE_LIST *SigList = NULL;\r
+ EFI_SIGNATURE_DATA *SigData = NULL;\r
+ UINTN SigListSize = 0;\r
+ EFI_STATUS Status;\r
+ UINT8 TestData[] = { 0 };\r
+ SECURE_BOOT_CERTIFICATE_INFO KeyInfo = {\r
+ .Data = TestData,\r
+ .DataSize = sizeof (TestData)\r
+ };\r
+\r
+ Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 1, &KeyInfo);\r
+\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ UT_ASSERT_NOT_NULL (SigList);\r
+ UT_ASSERT_TRUE (CompareGuid (&SigList->SignatureType, &gEfiCertX509Guid));\r
+ UT_ASSERT_EQUAL (SigList->SignatureSize, sizeof (EFI_SIGNATURE_DATA) - 1 + sizeof (TestData));\r
+ UT_ASSERT_EQUAL (SigList->SignatureHeaderSize, 0);\r
+ UT_ASSERT_EQUAL (SigList->SignatureListSize, sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + sizeof (TestData));\r
+ UT_ASSERT_EQUAL (SigList->SignatureListSize, SigListSize);\r
+\r
+ SigData = (EFI_SIGNATURE_DATA *)((UINTN)SigList + sizeof (EFI_SIGNATURE_LIST));\r
+ UT_ASSERT_TRUE (CompareGuid (&SigData->SignatureOwner, &gEfiGlobalVariableGuid));\r
+ UT_ASSERT_MEM_EQUAL (SigData->SignatureData, TestData, sizeof (TestData));\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SecureBootCreateDataFromInput () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SecureBootCreateDataFromInputNull (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_SIGNATURE_LIST *SigList = NULL;\r
+ UINTN SigListSize = 0;\r
+ EFI_STATUS Status;\r
+ SECURE_BOOT_CERTIFICATE_INFO KeyInfo = {\r
+ .Data = NULL,\r
+ .DataSize = 0\r
+ };\r
+\r
+ Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 0, NULL);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);\r
+\r
+ Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 1, &KeyInfo);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_NOT_FOUND);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SecureBootCreateDataFromInput () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SecureBootCreateDataFromInputMultiple (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_SIGNATURE_LIST *SigList = NULL;\r
+ EFI_SIGNATURE_DATA *SigData = NULL;\r
+ UINTN SigListSize = 0;\r
+ UINTN TotalSize = 0;\r
+ UINTN Index = 0;\r
+ UINT8 TestData1[] = { 0 };\r
+ UINT8 TestData2[] = { 1, 2 };\r
+ EFI_STATUS Status;\r
+ SECURE_BOOT_CERTIFICATE_INFO KeyInfo[2] = {\r
+ {\r
+ .Data = TestData1,\r
+ .DataSize = sizeof (TestData1)\r
+ },\r
+ {\r
+ .Data = TestData2,\r
+ .DataSize = sizeof (TestData2)\r
+ }\r
+ };\r
+\r
+ Status = SecureBootCreateDataFromInput (&SigListSize, &SigList, 2, KeyInfo);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ UT_ASSERT_NOT_NULL (SigList);\r
+\r
+ for (Index = 0; Index < 2; Index++) {\r
+ UT_ASSERT_TRUE (SigListSize > TotalSize);\r
+\r
+ UT_ASSERT_TRUE (CompareGuid (&SigList->SignatureType, &gEfiCertX509Guid));\r
+ UT_ASSERT_EQUAL (SigList->SignatureSize, sizeof (EFI_SIGNATURE_DATA) - 1 + KeyInfo[Index].DataSize);\r
+ UT_ASSERT_EQUAL (SigList->SignatureHeaderSize, 0);\r
+ UT_ASSERT_EQUAL (SigList->SignatureListSize, sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + KeyInfo[Index].DataSize);\r
+\r
+ SigData = (EFI_SIGNATURE_DATA *)((UINTN)SigList + sizeof (EFI_SIGNATURE_LIST));\r
+ UT_ASSERT_TRUE (CompareGuid (&SigData->SignatureOwner, &gEfiGlobalVariableGuid));\r
+ UT_ASSERT_MEM_EQUAL (SigData->SignatureData, KeyInfo[Index].Data, KeyInfo[Index].DataSize);\r
+ TotalSize = TotalSize + SigList->SignatureListSize;\r
+ SigList = (EFI_SIGNATURE_LIST *)((UINTN)SigList + SigList->SignatureListSize);\r
+ }\r
+\r
+ UT_ASSERT_EQUAL (SigListSize, TotalSize);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for CreateTimeBasedPayload () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+CreateTimeBasedPayloadShouldPopulateDescriptor (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ UINT8 Data[] = { 2 };\r
+ UINTN DataSize = sizeof (Data);\r
+ UINT8 *CheckData;\r
+ EFI_VARIABLE_AUTHENTICATION_2 *VarAuth;\r
+ EFI_STATUS Status;\r
+ EFI_TIME Time = {\r
+ .Year = 2012,\r
+ .Month = 3,\r
+ .Day = 4,\r
+ .Hour = 5,\r
+ .Minute = 6,\r
+ .Second = 7,\r
+ .Pad1 = 0,\r
+ .Nanosecond = 8910,\r
+ .TimeZone = 1112,\r
+ .Pad2 = 0\r
+ };\r
+\r
+ CheckData = AllocateCopyPool (DataSize, Data);\r
+ Status = CreateTimeBasedPayload (&DataSize, &CheckData, &Time);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ // This is result that we did not pack this structure...\r
+ // we cannot even use the sizeof (EFI_VARIABLE_AUTHENTICATION_2) - 1,\r
+ // because the structure is not at the end of this structure, but partially\r
+ // inside it...\r
+ UT_ASSERT_EQUAL (DataSize, VAR_AUTH_DESC_SIZE + sizeof (Data));\r
+ UT_ASSERT_NOT_NULL (CheckData);\r
+\r
+ VarAuth = (EFI_VARIABLE_AUTHENTICATION_2 *)CheckData;\r
+ UT_ASSERT_MEM_EQUAL (&(VarAuth->TimeStamp), &Time, sizeof (EFI_TIME));\r
+\r
+ UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.dwLength, OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));\r
+ UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.wRevision, 0x0200);\r
+ UT_ASSERT_EQUAL (VarAuth->AuthInfo.Hdr.wCertificateType, WIN_CERT_TYPE_EFI_GUID);\r
+ UT_ASSERT_TRUE (CompareGuid (&VarAuth->AuthInfo.CertType, &gEfiCertPkcs7Guid));\r
+\r
+ UT_ASSERT_MEM_EQUAL (VarAuth->AuthInfo.CertData, Data, sizeof (Data));\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for CreateTimeBasedPayload () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+CreateTimeBasedPayloadShouldCheckInput (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ UINTN DataSize = 0;\r
+ UINT8 *Data = NULL;\r
+ EFI_TIME Time;\r
+ EFI_STATUS Status;\r
+\r
+ Status = CreateTimeBasedPayload (NULL, &Data, &Time);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);\r
+\r
+ Status = CreateTimeBasedPayload (&DataSize, NULL, &Time);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);\r
+\r
+ Status = CreateTimeBasedPayload (&DataSize, &Data, NULL);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_INVALID_PARAMETER);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteDb () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeleteDbShouldDelete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 Dummy = 3;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = 0;\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = DeleteDb ();\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteDbx () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeleteDbxShouldDelete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 Dummy = 3;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = 0;\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = DeleteDbx ();\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteDbt () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeleteDbtShouldDelete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 Dummy = 3;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = 0;\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = DeleteDbt ();\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteKEK () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeleteKEKShouldDelete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 Dummy = 3;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = 0;\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = DeleteKEK ();\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeletePlatformKey () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeletePKShouldDelete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 Dummy = 3;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = 0;\r
+ UINT8 BootMode = CUSTOM_SECURE_BOOT_MODE;\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, sizeof (BootMode));\r
+ expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = DeletePlatformKey ();\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeleteSecureBootVariablesShouldDelete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 Dummy = 3;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = 0;\r
+ UINT8 BootMode = CUSTOM_SECURE_BOOT_MODE;\r
+\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mMaxTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (DisablePKProtection, EFI_SUCCESS);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, sizeof (BootMode));\r
+ expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (Dummy));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (Dummy));\r
+ will_return (MockGetVariable, &Dummy);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE);\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE);\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = DeleteSecureBootVariables ();\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeleteSecureBootVariablesShouldCheckProtection (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+\r
+ will_return (DisablePKProtection, EFI_SECURITY_VIOLATION);\r
+\r
+ Status = DeleteSecureBootVariables ();\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_ABORTED);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+DeleteSecureBootVariablesShouldProceedWithNotFound (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 BootMode = CUSTOM_SECURE_BOOT_MODE;\r
+\r
+ will_return (DisablePKProtection, EFI_SUCCESS);\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_CUSTOM_MODE_NAME, sizeof (EFI_CUSTOM_MODE_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiCustomModeEnableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, sizeof (BootMode));\r
+ expect_memory (MockSetVariable, Data, &BootMode, sizeof (BootMode));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Status = DeleteSecureBootVariables ();\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for DeleteSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+EnrollFromInputShouldComplete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 Dummy = 3;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (Dummy);\r
+\r
+ Payload = AllocateCopyPool (sizeof (Dummy), &Dummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (Dummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (Dummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (Dummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = EnrollFromInput (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, sizeof (Dummy), &Dummy);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesShouldComplete (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 DbDummy = 0xDE;\r
+ UINT8 DbtDummy = 0xAD;\r
+ UINT8 DbxDummy = 0xBE;\r
+ UINT8 KekDummy = 0xEF;\r
+ UINT8 PkDummy = 0xFE;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (DbDummy);\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo = {\r
+ .DbPtr = &DbDummy,\r
+ .DbSize = sizeof (DbDummy),\r
+ .DbxPtr = &DbxDummy,\r
+ .DbxSize = sizeof (DbxDummy),\r
+ .DbtPtr = &DbtDummy,\r
+ .DbtSize = sizeof (DbtDummy),\r
+ .KekPtr = &KekDummy,\r
+ .KekSize = sizeof (KekDummy),\r
+ .PkPtr = &PkDummy,\r
+ .PkSize = sizeof (PkDummy),\r
+ .SecureBootKeyName = L"Food"\r
+ };\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbDummy, sizeof (DbDummy));\r
+ PayloadSize = sizeof (DbDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));\r
+ PayloadSize = sizeof (DbtDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &KekDummy, sizeof (KekDummy));\r
+ PayloadSize = sizeof (KekDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &PkDummy, sizeof (PkDummy));\r
+ PayloadSize = sizeof (PkDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesShouldStopWhenSecure (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 TargetMode = SECURE_BOOT_MODE_ENABLE;\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo;\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (TargetMode));\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, sizeof (TargetMode));\r
+\r
+ will_return (MockGetVariable, TRUE);\r
+ will_return (MockGetVariable, sizeof (TargetMode));\r
+ will_return (MockGetVariable, &TargetMode);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_ABORTED);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesShouldStopFailDBX (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 DbxDummy = 0xBE;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (DbxDummy);\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo = {\r
+ .DbxPtr = &DbxDummy,\r
+ .DbxSize = sizeof (DbxDummy),\r
+ .SecureBootKeyName = L"Fail DBX"\r
+ };\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ will_return (MockSetVariable, EFI_WRITE_PROTECTED);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesShouldStopFailDB (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 DbDummy = 0xDE;\r
+ UINT8 DbxDummy = 0xBE;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (DbDummy);\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo = {\r
+ .DbPtr = &DbDummy,\r
+ .DbSize = sizeof (DbDummy),\r
+ .DbxPtr = &DbxDummy,\r
+ .DbxSize = sizeof (DbxDummy),\r
+ .SecureBootKeyName = L"Fail DB"\r
+ };\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbDummy, sizeof (DbDummy));\r
+ PayloadSize = sizeof (DbDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ will_return (MockSetVariable, EFI_WRITE_PROTECTED);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_WRITE_PROTECTED);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesShouldStopFailDBT (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 DbDummy = 0xDE;\r
+ UINT8 DbtDummy = 0xAD;\r
+ UINT8 DbxDummy = 0xBE;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (DbDummy);\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo = {\r
+ .DbPtr = &DbDummy,\r
+ .DbSize = sizeof (DbDummy),\r
+ .DbxPtr = &DbxDummy,\r
+ .DbxSize = sizeof (DbxDummy),\r
+ .DbtPtr = &DbtDummy,\r
+ .DbtSize = sizeof (DbtDummy),\r
+ .SecureBootKeyName = L"Fail DBT"\r
+ };\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbDummy, sizeof (DbDummy));\r
+ PayloadSize = sizeof (DbDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));\r
+ PayloadSize = sizeof (DbtDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ will_return (MockSetVariable, EFI_ACCESS_DENIED);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_ACCESS_DENIED);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesShouldStopFailKEK (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 DbDummy = 0xDE;\r
+ UINT8 DbtDummy = 0xAD;\r
+ UINT8 DbxDummy = 0xBE;\r
+ UINT8 KekDummy = 0xEF;\r
+ UINT8 PkDummy = 0xFE;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (DbDummy);\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo = {\r
+ .DbPtr = &DbDummy,\r
+ .DbSize = sizeof (DbDummy),\r
+ .DbxPtr = &DbxDummy,\r
+ .DbxSize = sizeof (DbxDummy),\r
+ .DbtPtr = &DbtDummy,\r
+ .DbtSize = sizeof (DbtDummy),\r
+ .KekPtr = &KekDummy,\r
+ .KekSize = sizeof (KekDummy),\r
+ .PkPtr = &PkDummy,\r
+ .PkSize = sizeof (PkDummy),\r
+ .SecureBootKeyName = L"Food"\r
+ };\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbDummy, sizeof (DbDummy));\r
+ PayloadSize = sizeof (DbDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));\r
+ PayloadSize = sizeof (DbtDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &KekDummy, sizeof (KekDummy));\r
+ PayloadSize = sizeof (KekDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ will_return (MockSetVariable, EFI_DEVICE_ERROR);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_DEVICE_ERROR);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesShouldStopFailPK (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 DbDummy = 0xDE;\r
+ UINT8 DbtDummy = 0xAD;\r
+ UINT8 DbxDummy = 0xBE;\r
+ UINT8 KekDummy = 0xEF;\r
+ UINT8 PkDummy = 0xFE;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (DbDummy);\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo = {\r
+ .DbPtr = &DbDummy,\r
+ .DbSize = sizeof (DbDummy),\r
+ .DbxPtr = &DbxDummy,\r
+ .DbxSize = sizeof (DbxDummy),\r
+ .DbtPtr = &DbtDummy,\r
+ .DbtSize = sizeof (DbtDummy),\r
+ .KekPtr = &KekDummy,\r
+ .KekSize = sizeof (KekDummy),\r
+ .PkPtr = &PkDummy,\r
+ .PkSize = sizeof (PkDummy),\r
+ .SecureBootKeyName = L"Food"\r
+ };\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbDummy, sizeof (DbDummy));\r
+ PayloadSize = sizeof (DbDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbtDummy, sizeof (DbtDummy));\r
+ PayloadSize = sizeof (DbtDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE2, sizeof (EFI_IMAGE_SECURITY_DATABASE2));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbtDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &KekDummy, sizeof (KekDummy));\r
+ PayloadSize = sizeof (KekDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &PkDummy, sizeof (PkDummy));\r
+ PayloadSize = sizeof (PkDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+\r
+ will_return (MockSetVariable, EFI_INVALID_PARAMETER);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_STATUS_EQUAL (Status, EFI_SECURITY_VIOLATION);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Unit test for SetDefaultSecureBootVariables () API of the SecureBootVariableLib.\r
+\r
+ @param[in] Context [Optional] An optional parameter that enables:\r
+ 1) test-case reuse with varied parameters and\r
+ 2) test-case re-entry for Target tests that need a\r
+ reboot. This parameter is a VOID* and it is the\r
+ responsibility of the test author to ensure that the\r
+ contents are well understood by all test cases that may\r
+ consume it.\r
+\r
+ @retval UNIT_TEST_PASSED The Unit test has completed and the test\r
+ case was successful.\r
+ @retval UNIT_TEST_ERROR_TEST_FAILED A test case assertion has failed.\r
+**/\r
+UNIT_TEST_STATUS\r
+EFIAPI\r
+SetSecureBootVariablesDBTOptional (\r
+ IN UNIT_TEST_CONTEXT Context\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UINT8 DbDummy = 0xDE;\r
+ UINT8 DbxDummy = 0xBE;\r
+ UINT8 KekDummy = 0xEF;\r
+ UINT8 PkDummy = 0xFE;\r
+ UINT8 *Payload = NULL;\r
+ UINTN PayloadSize = sizeof (DbDummy);\r
+ SECURE_BOOT_PAYLOAD_INFO PayloadInfo = {\r
+ .DbPtr = &DbDummy,\r
+ .DbSize = sizeof (DbDummy),\r
+ .DbxPtr = &DbxDummy,\r
+ .DbxSize = sizeof (DbxDummy),\r
+ .DbtPtr = NULL,\r
+ .DbtSize = 0,\r
+ .KekPtr = &KekDummy,\r
+ .KekSize = sizeof (KekDummy),\r
+ .PkPtr = &PkDummy,\r
+ .PkSize = sizeof (PkDummy),\r
+ .SecureBootKeyName = L"Food"\r
+ };\r
+\r
+ expect_memory (MockGetVariable, VariableName, EFI_SECURE_BOOT_MODE_NAME, sizeof (EFI_SECURE_BOOT_MODE_NAME));\r
+ expect_value (MockGetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockGetVariable, *DataSize, 0);\r
+\r
+ will_return (MockGetVariable, FALSE);\r
+\r
+ Payload = AllocateCopyPool (sizeof (DbxDummy), &DbxDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE1, sizeof (EFI_IMAGE_SECURITY_DATABASE1));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbxDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &DbDummy, sizeof (DbDummy));\r
+ PayloadSize = sizeof (DbDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_IMAGE_SECURITY_DATABASE, sizeof (EFI_IMAGE_SECURITY_DATABASE));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiImageSecurityDatabaseGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (DbDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &KekDummy, sizeof (KekDummy));\r
+ PayloadSize = sizeof (KekDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_KEY_EXCHANGE_KEY_NAME, sizeof (EFI_KEY_EXCHANGE_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (KekDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ CopyMem (Payload, &PkDummy, sizeof (PkDummy));\r
+ PayloadSize = sizeof (PkDummy);\r
+ Status = CreateTimeBasedPayload (&PayloadSize, &Payload, &mDefaultPayloadTimestamp);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+ UT_ASSERT_EQUAL (PayloadSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+\r
+ expect_memory (MockSetVariable, VariableName, EFI_PLATFORM_KEY_NAME, sizeof (EFI_PLATFORM_KEY_NAME));\r
+ expect_value (MockSetVariable, VendorGuid, &gEfiGlobalVariableGuid);\r
+ expect_value (MockSetVariable, Attributes, EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS);\r
+ expect_value (MockSetVariable, DataSize, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+ expect_memory (MockSetVariable, Data, Payload, VAR_AUTH_DESC_SIZE + sizeof (PkDummy));\r
+\r
+ will_return (MockSetVariable, EFI_SUCCESS);\r
+\r
+ Status = SetSecureBootVariablesToDefault (&PayloadInfo);\r
+ UT_ASSERT_NOT_EFI_ERROR (Status);\r
+\r
+ return UNIT_TEST_PASSED;\r
+}\r
+\r
+/**\r
+ Initialze the unit test framework, suite, and unit tests for the\r
+ SecureBootVariableLib and run the SecureBootVariableLib unit test.\r
+\r
+ @retval EFI_SUCCESS All test cases were dispatched.\r
+ @retval EFI_OUT_OF_RESOURCES There are not enough resources available to\r
+ initialize the unit tests.\r
+**/\r
+STATIC\r
+EFI_STATUS\r
+EFIAPI\r
+UnitTestingEntry (\r
+ VOID\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ UNIT_TEST_FRAMEWORK_HANDLE Framework;\r
+ UNIT_TEST_SUITE_HANDLE SecureBootVarMiscTests;\r
+ UNIT_TEST_SUITE_HANDLE SecureBootVarDeleteTests;\r
+ UNIT_TEST_SUITE_HANDLE SecureBootVarEnrollTests;\r
+\r
+ Framework = NULL;\r
+\r
+ DEBUG ((DEBUG_INFO, "%a v%a\n", UNIT_TEST_APP_NAME, UNIT_TEST_APP_VERSION));\r
+\r
+ //\r
+ // Start setting up the test framework for running the tests.\r
+ //\r
+ Status = InitUnitTestFramework (&Framework, UNIT_TEST_APP_NAME, gEfiCallerBaseName, UNIT_TEST_APP_VERSION);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status = %r\n", Status));\r
+ goto EXIT;\r
+ }\r
+\r
+ //\r
+ // Populate the SecureBootVariableLib Unit Test Suite.\r
+ //\r
+ Status = CreateUnitTestSuite (&SecureBootVarMiscTests, Framework, "SecureBootVariableLib Miscellaneous Tests", "SecureBootVariableLib.Miscellaneous", NULL, NULL);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVariableLib\n"));\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
+ Status = CreateUnitTestSuite (&SecureBootVarDeleteTests, Framework, "SecureBootVariableLib Deletion Tests", "SecureBootVariableLib.Deletion", NULL, NULL);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVariableLib\n"));\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
+ Status = CreateUnitTestSuite (&SecureBootVarEnrollTests, Framework, "SecureBootVariableLib Enrollment Tests", "SecureBootVariableLib.Enrollment", NULL, NULL);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG ((DEBUG_ERROR, "Failed in CreateUnitTestSuite for SecureBootVariableLib\n"));\r
+ Status = EFI_OUT_OF_RESOURCES;\r
+ goto EXIT;\r
+ }\r
+\r
+ //\r
+ // --------------Suite-----------Description--------------Name----------Function--------Pre---Post-------------------Context-----------\r
+ //\r
+ AddTestCase (SecureBootVarMiscTests, "SetSecureBootMode should propagate to set variable", "SetSecureBootMode", SetSecureBootModeShouldSetVar, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarMiscTests, "GetSetupMode should propagate to get variable", "GetSetupMode", GetSetupModeShouldGetVar, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarMiscTests, "IsSecureBootEnabled should propagate to get variable", "IsSecureBootEnabled", IsSecureBootEnableShouldGetVar, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with one input cert", "SecureBootCreateDataFromInput One Cert", SecureBootCreateDataFromInputSimple, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with no input cert", "SecureBootCreateDataFromInput No Cert", SecureBootCreateDataFromInputNull, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarMiscTests, "SecureBootCreateDataFromInput with multiple input cert", "SecureBootCreateDataFromInput No Cert", SecureBootCreateDataFromInputMultiple, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarMiscTests, "CreateTimeBasedPayload should populate descriptor data", "CreateTimeBasedPayload Normal", CreateTimeBasedPayloadShouldPopulateDescriptor, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarMiscTests, "CreateTimeBasedPayload should fail on NULL inputs", "CreateTimeBasedPayload NULL", CreateTimeBasedPayloadShouldCheckInput, NULL, NULL, NULL);\r
+\r
+ AddTestCase (SecureBootVarDeleteTests, "DeleteDb should delete DB with auth info", "DeleteDb", DeleteDbShouldDelete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarDeleteTests, "DeleteDbx should delete DBX with auth info", "DeleteDbx", DeleteDbxShouldDelete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarDeleteTests, "DeleteDbt should delete DBT with auth info", "DeleteDbt", DeleteDbtShouldDelete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarDeleteTests, "DeleteKEK should delete KEK with auth info", "DeleteKEK", DeleteKEKShouldDelete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarDeleteTests, "DeletePlatformKey should delete PK with auth info", "DeletePlatformKey", DeletePKShouldDelete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should delete properly", "DeleteSecureBootVariables Normal", DeleteSecureBootVariablesShouldDelete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should fail if protection disable fails", "DeleteSecureBootVariables Fail", DeleteSecureBootVariablesShouldCheckProtection, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarDeleteTests, "DeleteSecureBootVariables should continue if any variable is not found", "DeleteSecureBootVariables Proceed", DeleteSecureBootVariablesShouldProceedWithNotFound, NULL, NULL, NULL);\r
+\r
+ AddTestCase (SecureBootVarEnrollTests, "EnrollFromInput should supply with authenticated payload", "EnrollFromInput Normal", EnrollFromInputShouldComplete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should complete", "SetSecureBootVariablesToDefault Normal", SetSecureBootVariablesShouldComplete, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when already enabled", "SetSecureBootVariablesToDefault Already Started", SetSecureBootVariablesShouldStopWhenSecure, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when DB failed", "SetSecureBootVariablesToDefault Fails DB", SetSecureBootVariablesShouldStopFailDB, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when DBT failed", "SetSecureBootVariablesToDefault Fails DBT", SetSecureBootVariablesShouldStopFailDBT, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when DBX failed", "SetSecureBootVariablesToDefault Fails DBX", SetSecureBootVariablesShouldStopFailDBX, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when KEK failed", "SetSecureBootVariablesToDefault Fails KEK", SetSecureBootVariablesShouldStopFailKEK, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should stop when PK failed", "SetSecureBootVariablesToDefault Fails PK", SetSecureBootVariablesShouldStopFailPK, NULL, NULL, NULL);\r
+ AddTestCase (SecureBootVarEnrollTests, "SetSecureBootVariablesToDefault should only be optional", "SetSecureBootVariablesToDefault DBT Optional", SetSecureBootVariablesDBTOptional, NULL, NULL, NULL);\r
+\r
+ //\r
+ // Execute the tests.\r
+ //\r
+ Status = RunAllTestSuites (Framework);\r
+\r
+EXIT:\r
+ if (Framework) {\r
+ FreeUnitTestFramework (Framework);\r
+ }\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ Standard POSIX C entry point for host based unit test execution.\r
+**/\r
+int\r
+main (\r
+ int argc,\r
+ char *argv[]\r
+ )\r
+{\r
+ return UnitTestingEntry ();\r
+}\r