Gitiles
Code Review Sign In
android-review.linaro.org / platform / external / vboot_reference / c86f0415a0dd1ddea4497e18813a2dd00dd0e3f4 / . / tests / vb2_common2_tests.c
blob: 519d7f932924d2c20ead814c9ad53d8cf03361f0 [file] [log] [blame]
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]1/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Tests for firmware image library.
6 */
7
8#include <stdint.h>
9#include <stdio.h>
10#include <string.h>
11
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]12#include "2sysincludes.h"
13#include "2common.h"
14#include "2rsa.h"
15
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]16#include "file_keys.h"
17#include "host_common.h"
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]18#include "host_key2.h"
19#include "host_signature2.h"
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]20#include "vboot_common.h"
21#include "test_common.h"
22
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]23
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]24static const uint8_t test_data[] = "This is some test data to sign.";
25static const uint32_t test_size = sizeof(test_data);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]26
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]27static void test_unpack_key(const struct vb2_packed_key *key1)
28{
29 struct vb2_public_key pubk;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]30
31 /*
32 * Key data follows the header for a newly allocated key, so we can
33 * calculate the buffer size by looking at how far the key data goes.
34 */
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]35 uint32_t size = key1->key_offset + key1->key_size;
36 uint8_t *buf = malloc(size);
37 struct vb2_packed_key *key = (struct vb2_packed_key *)buf;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]38
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]39 memcpy(key, key1, size);
40 TEST_SUCC(vb2_unpack_key(&pubk, buf, size), "vb2_unpack_key() ok");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]41
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]42 TEST_EQ(pubk.sig_alg, vb2_crypto_to_signature(key->algorithm),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]43 "vb2_unpack_key() sig_alg");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]44 TEST_EQ(pubk.hash_alg, vb2_crypto_to_hash(key->algorithm),
Randall Spangler4eef8122014-10-23 10:07:54 -0700[diff] [blame]45 "vb2_unpack_key() hash_alg");
46
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]47
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]48 memcpy(key, key1, size);
49 key->algorithm = VB2_ALG_COUNT;
50 TEST_EQ(vb2_unpack_key(&pubk, buf, size),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]51 VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]52 "vb2_unpack_key() invalid algorithm");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]53
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]54 memcpy(key, key1, size);
55 key->key_size--;
56 TEST_EQ(vb2_unpack_key(&pubk, buf, size),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]57 VB2_ERROR_UNPACK_KEY_SIZE,
58 "vb2_unpack_key() invalid size");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]59
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]60 memcpy(key, key1, size);
61 key->key_offset++;
62 TEST_EQ(vb2_unpack_key(&pubk, buf, size + 1),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]63 VB2_ERROR_UNPACK_KEY_ALIGN,
64 "vb2_unpack_key() unaligned data");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]65
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]66 memcpy(key, key1, size);
67 *(uint32_t *)(buf + key->key_offset) /= 2;
68 TEST_EQ(vb2_unpack_key(&pubk, buf, size),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]69 VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
70 "vb2_unpack_key() invalid key array size");
71
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]72 memcpy(key, key1, size);
73 TEST_EQ(vb2_unpack_key(&pubk, buf, size - 1),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]74 VB2_ERROR_INSIDE_DATA_OUTSIDE,
75 "vb2_unpack_key() buffer too small");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]76
77 free(key);
78}
79
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]80static void test_unpack_key2(const struct vb2_packed_key *key1,
81 const struct vb2_packed_key2 *key)
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]82{
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]83 struct vb2_public_key pubk;
84 struct vb2_packed_key2 *key2;
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]85 uint32_t size = key->c.total_size;
86
87 /* Make a copy of the key for testing */
88 key2 = (struct vb2_packed_key2 *)malloc(size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]89
90 /* Should be able to handle a vboot1-style key binary as well */
91 TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1,
92 key1->key_offset + key1->key_size),
93 "vb2_unpack_key2() passthru");
94
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]95 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]96 TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
97 "vb2_unpack_key2() ok");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]98
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]99 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]100 key2->key_offset += 4;
101 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
Randall Spangler6b5b8f62014-10-31 15:18:48 -0700[diff] [blame]102 VB2_ERROR_COMMON_MEMBER_SIZE,
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]103 "vb2_unpack_key2() buffer too small");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]104
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]105 memcpy(key2, key, size);
Randall Spangler6f7f5df2014-10-31 11:47:52 -0700[diff] [blame]106 key2->c.fixed_size += size;
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]107 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
Randall Spangler6b5b8f62014-10-31 15:18:48 -0700[diff] [blame]108 VB2_ERROR_COMMON_FIXED_SIZE,
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]109 "vb2_unpack_key2() buffer too small for desc");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]110
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]111 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]112 key2->c.desc_size = 0;
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]113 TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
114 "vb2_unpack_key2() no desc");
115 TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]116
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]117 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]118 key2->c.magic++;
119 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
120 VB2_ERROR_INSIDE_DATA_OUTSIDE,
121 "vb2_unpack_key2() bad magic");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]122
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]123 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]124 key2->c.struct_version_major++;
125 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
126 VB2_ERROR_UNPACK_KEY_STRUCT_VERSION,
127 "vb2_unpack_key2() bad major version");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]128
129 /*
130 * Minor version changes are ok. Note that this test assumes that the
131 * source key struct version is the highest actually known to the
132 * reader. If the reader does know about minor version + 1 and that
133 * adds fields, this test will likely fail. But at that point, we
134 * should have already added a test for minor version compatibility to
135 * handle both old and new struct versions, so someone will have
136 * noticed this comment.
137 */
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]138 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]139 key2->c.struct_version_minor++;
140 TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
141 "vb2_unpack_key2() minor version change ok");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]142
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]143 memcpy(key2, key, size);
Randall Spangler6300a642014-11-01 15:55:26 -0700[diff] [blame]144 key2->sig_alg = VB2_SIG_INVALID;
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]145 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
146 VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
147 "vb2_unpack_key2() bad sig algorithm");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]148
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]149 memcpy(key2, key, size);
Randall Spangler6300a642014-11-01 15:55:26 -0700[diff] [blame]150 key2->hash_alg = VB2_HASH_INVALID;
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]151 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
152 VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
153 "vb2_unpack_key2() bad hash algorithm");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]154
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]155 memcpy(key2, key, size);
Randall Spangler6b5b8f62014-10-31 15:18:48 -0700[diff] [blame]156 key2->key_size -= 4;
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]157 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
158 VB2_ERROR_UNPACK_KEY_SIZE,
159 "vb2_unpack_key2() invalid size");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]160
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]161 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]162 key2->key_offset--;
163 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
Randall Spangler6b5b8f62014-10-31 15:18:48 -0700[diff] [blame]164 VB2_ERROR_COMMON_MEMBER_UNALIGNED,
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]165 "vb2_unpack_key2() unaligned data");
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]166
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]167 memcpy(key2, key, size);
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]168 *(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2;
169 TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
170 VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
171 "vb2_unpack_key2() invalid key array size");
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]172
Randall Spanglerd274a2e2014-10-23 17:38:18 -0700[diff] [blame]173 free(key2);
174}
175
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]176static void test_verify_data(const struct vb2_packed_key *key1,
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]177 const struct vb2_signature *sig)
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]178{
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]179 uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
180 struct vb2_workbuf wb;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]181
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]182 uint32_t pubkey_size = key1->key_offset + key1->key_size;
183 struct vb2_public_key pubk, pubk_orig;
184 uint32_t sig_total_size = sig->sig_offset + sig->sig_size;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]185 struct vb2_signature *sig2;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]186
187 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
188
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]189 /* Allocate signature copy for tests */
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]190 sig2 = (struct vb2_signature *)malloc(sig_total_size);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]191
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]192 TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key1, pubkey_size),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]193 0, "vb2_verify_data() unpack key");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]194 pubk_orig = pubk;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]195
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]196 memcpy(sig2, sig, sig_total_size);
197 pubk.sig_alg = VB2_SIG_INVALID;
198 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]199 0, "vb2_verify_data() bad sig alg");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]200 pubk.sig_alg = pubk_orig.sig_alg;
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]201
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]202 memcpy(sig2, sig, sig_total_size);
203 pubk.hash_alg = VB2_HASH_INVALID;
204 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]205 0, "vb2_verify_data() bad hash alg");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]206 pubk.hash_alg = pubk_orig.hash_alg;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]207
208 vb2_workbuf_init(&wb, workbuf, 4);
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]209 memcpy(sig2, sig, sig_total_size);
210 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]211 0, "vb2_verify_data() workbuf too small");
212 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
213
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]214 memcpy(sig2, sig, sig_total_size);
215 TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]216 0, "vb2_verify_data() ok");
217
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]218 memcpy(sig2, sig, sig_total_size);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]219 sig2->sig_size -= 16;
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]220 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]221 0, "vb2_verify_data() wrong sig size");
222
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]223 memcpy(sig2, sig, sig_total_size);
224 TEST_NEQ(vb2_verify_data(test_data, test_size - 1, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]225 0, "vb2_verify_data() input buffer too small");
226
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]227 memcpy(sig2, sig, sig_total_size);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]228 vb2_signature_data(sig2)[0] ^= 0x5A;
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]229 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]230 0, "vb2_verify_data() wrong sig");
231
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]232 free(sig2);
233}
234
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]235static void test_verify_signature2(const struct vb2_signature2 *sig)
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]236{
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]237 struct vb2_signature2 *sig2;
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]238 uint8_t *buf2;
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]239 uint32_t size;
240
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]241 /* Make a copy of the signature */
242 size = sig->c.total_size;
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]243 buf2 = malloc(size);
244 sig2 = (struct vb2_signature2 *)buf2;
245
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]246 memcpy(buf2, sig, size);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]247 TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig ok");
248 sig2->c.magic = VB2_MAGIC_PACKED_KEY2;
249 TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_MAGIC,
250 "verify_sig magic");
251
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]252 memcpy(buf2, sig, size);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]253 sig2->c.total_size += 4;
254 TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE,
255 "verify_sig common header");
256
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]257 memcpy(buf2, sig, size);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]258 sig2->c.struct_version_minor++;
259 TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig minor ver");
260 sig2->c.struct_version_major++;
261 TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_VERSION,
262 "verify_sig major ver");
263
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]264 memcpy(buf2, sig, size);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]265 sig2->c.fixed_size -= 4;
266 sig2->c.desc_size += 4;
267 TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_HEADER_SIZE,
268 "verify_sig header size");
269
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]270 memcpy(buf2, sig, size);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]271 sig2->sig_size += 4;
272 TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE,
273 "verify_sig sig size");
274
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]275 memcpy(buf2, sig, size);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]276 sig2->sig_alg = VB2_SIG_INVALID;
277 TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_ALGORITHM,
278 "verify_sig sig alg");
279
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]280 memcpy(buf2, sig, size);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]281 sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ?
282 VB2_SIG_RSA1024 : VB2_SIG_NONE);
283 TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_SIZE,
284 "verify_sig sig size");
285
286 free(buf2);
Randall Spanglerc0ce70b2014-10-31 11:19:14 -0700[diff] [blame]287}
288
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]289static void test_verify_data2(const struct vb2_public_key *pubk_orig,
290 const struct vb2_signature2 *sig)
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]291{
292 uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
293 struct vb2_workbuf wb;
294
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]295 struct vb2_public_key pubk;
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]296 struct vb2_signature2 *sig2;
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]297 uint8_t *buf2;
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]298 uint32_t size;
299
300 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
301
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]302 pubk = *pubk_orig;
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]303
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]304 /* Allocate signature copy for tests */
305 size = sig->c.total_size;
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]306 buf2 = malloc(size);
307 sig2 = (struct vb2_signature2 *)buf2;
308
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]309 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]310 pubk.sig_alg = VB2_SIG_INVALID;
311 TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
312 VB2_ERROR_VDATA_ALGORITHM, "vb2_verify_data2() bad sig alg");
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]313 pubk = *pubk_orig;
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]314
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]315 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]316 pubk.hash_alg = VB2_HASH_INVALID;
317 TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
318 VB2_ERROR_VDATA_DIGEST_SIZE,
319 "vb2_verify_data2() bad hash alg");
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]320 pubk = *pubk_orig;
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]321
322 vb2_workbuf_init(&wb, workbuf, 4);
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]323 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]324 TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
325 VB2_ERROR_VDATA_WORKBUF_DIGEST,
326 "vb2_verify_data2() workbuf too small");
327 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
328
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]329 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]330 TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
331 0, "vb2_verify_data2() ok");
332
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]333 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]334 sig2->sig_size -= 16;
335 TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
336 VB2_ERROR_VDATA_SIG_SIZE, "vb2_verify_data2() wrong sig size");
337
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]338 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]339 TEST_EQ(vb2_verify_data2(test_data, test_size - 1, sig2, &pubk, &wb),
340 VB2_ERROR_VDATA_SIZE, "vb2_verify_data2() wrong data size");
341
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]342 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]343 sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ?
344 VB2_HASH_SHA256 : VB2_HASH_SHA1);
345 TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
346 VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
347 "vb2_verify_data2() alg mismatch");
348
349
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]350 memcpy(buf2, sig, size);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]351 buf2[sig2->sig_offset] ^= 0x5A;
352 TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb),
353 VB2_ERROR_RSA_PADDING, "vb2_verify_data2() wrong sig");
354
355 free(buf2);
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]356}
357
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]358int test_algorithm(int key_algorithm, const char *keys_dir)
359{
360 char filename[1024];
361 int rsa_len = siglen_map[key_algorithm] * 8;
362
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]363 enum vb2_signature_algorithm sig_alg =
364 vb2_crypto_to_signature(key_algorithm);
365 enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm);
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]366
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]367 VbPrivateKey *private_key = NULL;
368 struct vb2_private_key *prik = NULL;
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]369 struct vb2_signature *sig = NULL;
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]370 struct vb2_signature2 *sig2 = NULL;
371 struct vb2_public_key *pubk = NULL;
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]372 struct vb2_packed_key *key1;
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]373 struct vb2_packed_key2 *key2 = NULL;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]374
375 printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
376
377 sprintf(filename, "%s/key_rsa%d.pem", keys_dir, rsa_len);
378 private_key = PrivateKeyReadPem(filename, key_algorithm);
379 if (!private_key) {
380 fprintf(stderr, "Error reading private_key: %s\n", filename);
381 return 1;
382 }
383
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]384 TEST_SUCC(vb2_private_key_read_pem(&prik, filename),
385 "Read private key");
386 prik->hash_alg = hash_alg;
387 prik->sig_alg = sig_alg;
388 vb2_private_key_set_desc(prik, "private key");
389
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]390 sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, rsa_len);
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]391 key1 = (struct vb2_packed_key *)
392 PublicKeyReadKeyb(filename, key_algorithm, 1);
393 if (!key1) {
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]394 fprintf(stderr, "Error reading public_key: %s\n", filename);
395 return 1;
396 }
397
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]398 TEST_SUCC(vb2_public_key_read_keyb(&pubk, filename),
399 "Read public key");
400 pubk->hash_alg = hash_alg;
401 vb2_public_key_set_desc(pubk, "public key");
402 TEST_SUCC(vb2_public_key_pack(&key2, pubk), "Pack public key");
403
404 /* Calculate good signatures */
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]405 sig = (struct vb2_signature *)
406 CalculateSignature(test_data, sizeof(test_data), private_key);
407 TEST_PTR_NEQ(sig, 0, "Calculate signature");
408 if (!sig)
409 return 1;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]410
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]411 TEST_SUCC(vb2_sign_data(&sig2, test_data, test_size, prik, ""),
412 "Make test signature");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]413
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]414 test_unpack_key(key1);
415 test_verify_data(key1, sig);
416
417 test_unpack_key2(key1, key2);
418 test_verify_data2(pubk, sig2);
419 test_verify_signature2(sig2);
420
421 free(key1);
422 free(key2);
423 free(private_key);
424 free(sig);
425 free(sig2);
426 vb2_private_key_free(prik);
427 vb2_public_key_free(pubk);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]428
429 return 0;
430}
431
432/* Test only the algorithms we use */
433const int key_algs[] = {
434 VB2_ALG_RSA2048_SHA256,
435 VB2_ALG_RSA4096_SHA256,
436 VB2_ALG_RSA8192_SHA512,
437};
438
439int main(int argc, char *argv[]) {
440
441 if (argc == 2) {
442 int i;
443
444 for (i = 0; i < ARRAY_SIZE(key_algs); i++) {
445 if (test_algorithm(key_algs[i], argv[1]))
446 return 1;
447 }
448
449 } else if (argc == 3 && !strcasecmp(argv[2], "--all")) {
450 /* Test all the algorithms */
451 int alg;
452
453 for (alg = 0; alg < kNumAlgorithms; alg++) {
454 if (test_algorithm(alg, argv[1]))
455 return 1;
456 }
457
458 } else {
459 fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]);
460 return -1;
461 }
462
463 return gTestSuccess ? 0 : 255;
464}