1 files changed, 22 insertions, 59 deletions

diff --git a/src/usr/secureboot/base/test/secureromtest.H b/src/usr/secureboot/base/test/secureromtest.H
index c66c4b62a..9de9aaa80 100644
--- a/src/usr/secureboot/base/test/secureromtest.H
+++ b/src/usr/secureboot/base/test/secureromtest.H
@@ -5,7 +5,9 @@
 /*                                                                        */
 /* OpenPOWER HostBoot Project                                             */
 /*                                                                        */
-/* COPYRIGHT International Business Machines Corp. 2013,2014              */
+/* Contributors Listed Below - COPYRIGHT 2013,2016                        */
+/* [+] International Business Machines Corp.                              */
+/*                                                                        */
 /*                                                                        */
 /* Licensed under the Apache License, Version 2.0 (the "License");        */
 /* you may not use this file except in compliance with the License.       */
@@ -41,7 +43,6 @@ extern trace_desc_t* g_trac_secure;
 //#define TRACUCOMP(args...)  TRACFCOMP(args)
 #define TRACUCOMP(args...)
 
-
 /**********************************************************************/
 /*  UTILITY FUNCTIONS                                                 */
 /*  -- note: these functions do not commit error logs                 */
@@ -56,18 +57,25 @@ errlHndl_t loadSignedFile( const char * i_signedFile_name,
 void unloadSignedFile( void * & io_signedFile_pageAddr,
                        size_t & io_signedFile_size     );
 
-
-// @todo RTC:34080 - In future key hash will come from HW, but
-// Get the software keys that match the signed container
-void useSwKeyHash(sha2_hash_t * o_sw_key_hash);
+// secureboot_signed_container was generated using this hw hash key. If another
+// key is in pibmem, this test will always fail.
+const uint64_t hw_hash_key[] =
+{
+    0x40d487ff7380ed6a,
+    0xd54775d5795fea0d,
+    0xe2f541fea9db06b8,
+    0x466a42a320e65f75,
+    0xb48665460017d907,
+    0x515dc2a5f9fc5095,
+    0x4d6ee0c9b67d219d,
+    0xfb7085351d01d6d1
+};
 
 
 /**********************************************************************/
 /*  End of UTILITY FUNCTIONS                                          */
 /**********************************************************************/
 
-
-
 class SecureROMTest : public CxxTest::TestSuite
 {
   public:
@@ -82,11 +90,11 @@ class SecureROMTest : public CxxTest::TestSuite
         errlHndl_t  l_errl  =   NULL;
 
         /*******************************************************************/
-        /* Load "test_signed_container" from PNOR to use for verification  */
+        /* Load "secureboot_signed_container" from PNOR to use for verification  */
         /*******************************************************************/
 
         // Signed file variables
-        const char * signedFile_name =   "test_signed_container";
+        const char * signedFile_name =   "secureboot_signed_container";
         void *  signedFile_pageAddr  =   NULL;
         size_t  signedFile_size      =   0;
 
@@ -106,14 +114,6 @@ class SecureROMTest : public CxxTest::TestSuite
                   "signedFile info: addr = %p, size=0x%x",
                   signedFile_pageAddr, signedFile_size);
 
-
-
-        /*******************************************************************/
-        /* @todo RTC:34080 - In future key hash will come from HW, but     */
-        /*  for now, create and initialize a local SecureROM class and     */
-        /*  and then override the hash key variable to use the SW Key Hash */
-        /*  for the test_signed_container                                  */
-        /*******************************************************************/
         SecureROM l_sRom;
 
         // Call initializeSecureROM()
@@ -126,9 +126,8 @@ class SecureROMTest : public CxxTest::TestSuite
             return;
         }
 
-        // Use Utility Function to load software keys into iv_hash_key
-        useSwKeyHash( & l_sRom.iv_hash_key);
-
+        // Set hw hash key
+        memcpy (& l_sRom.iv_hash_key, &hw_hash_key, sizeof(sha2_hash_t));
 
         /*******************************************************************/
         /* Call verify function                                            */
@@ -147,9 +146,8 @@ class SecureROMTest : public CxxTest::TestSuite
             return;
         }
 
-
         /*******************************************************************/
-        /* Unload "test_signed_container" from memory                      */
+        /* Unload "secureboot_signed_container" from memory                      */
         /*******************************************************************/
         if ( signedFile_pageAddr != NULL   )
         {
@@ -157,17 +155,14 @@ class SecureROMTest : public CxxTest::TestSuite
         }
 
         TRACFCOMP(g_trac_secure,EXIT_MRK"SecureROMTest::test_verify");
-
     };
-
 };
 
-
 /**********************************************************************/
 /*  UTILITY FUNCTIONS                                                 */
 /**********************************************************************/
 
-// Moved test_signed_container from PNOR to paged-in memory
+// Moved secureboot_signed_container from PNOR to paged-in memory
 errlHndl_t loadSignedFile( const char * i_signedFile_name,
                                 void * & o_signedFile_pageAddr,
                                 size_t & o_signedFile_size     )
@@ -176,7 +171,6 @@ errlHndl_t loadSignedFile( const char * i_signedFile_name,
         errlHndl_t  l_errl  =   NULL;
         const char * l_signedFile_virtAddr  =   NULL;
 
-
         /*******************************************************************/
         /* Load file from PNOR to use for verification                     */
         /*******************************************************************/
@@ -203,7 +197,6 @@ errlHndl_t loadSignedFile( const char * i_signedFile_name,
             return l_errl;
         }
 
-
         // Request contiguous memory block to copy in file
         size_t l_num_pages = ALIGN_PAGE(o_signedFile_size)/PAGESIZE;
         bool l_isUserspace = true;
@@ -226,7 +219,6 @@ errlHndl_t loadSignedFile( const char * i_signedFile_name,
 void unloadSignedFile( void * & io_signedFile_pageAddr,
                        size_t & io_signedFile_size     )
 {
-
         // Determine number of pages to be freed
         size_t l_num_pages = ALIGN_PAGE(io_signedFile_size)/PAGESIZE;
 
@@ -239,35 +231,6 @@ void unloadSignedFile( void * & io_signedFile_pageAddr,
         TRACUCOMP(g_trac_secure, "unloadSignedFile()> "
                   "Info: sF_pA=%p, size=0x%x (pages=%d)",
                   io_signedFile_pageAddr, io_signedFile_size, l_num_pages);
-
 }
 
-
-// @todo RTC:34080 - In future key hash will come from HW, but
-// Get the software keys that match the signed container
-void useSwKeyHash(sha2_hash_t * o_sw_key_hash)
-{
-
-
-    /* On HW hw_key_hash will be pulled from SBE's SEEPROM or PIB Memory */
-
-    /* For simics/testing, we're hardcoding the value from Dale        */
-    /*  Peterson here, which I've stored here:                         */
-    /* /gsa/rchgsa-h1/00/baiocchi/HB/Story_Notes/Story_64764/          */
-    /*     Secure_ROM_Files/HB_SW_Files/hdwkeyHash                     */
-
-    /* Dale's files' hw-hash-key */
-    uint64_t l_hdwkeyHash[] = { 0x6c8206fa4f551088, 0xc8c23af693ed242d,
-                                0x96824dac71bccf07, 0x73abb342d4bb932f,
-                                0x9a9a8d72fbf28202, 0xd89fa8fad5658959,
-                                0xc89ccf0d0205b8ca, 0x2071ba27e18ae0f8
-                              };
-
-    // Copy l_hdwkeyHash into sha2_hash_t
-    memcpy (o_sw_key_hash, &l_hdwkeyHash, sizeof(sha2_hash_t));
-
-    return;
-}
-
-
 #endif