vboot2: Add host lib function to create a vb2-style keyblock

Also add vb2_common_desc() helper function to return the description
for an object starting with a common struct header.

And use the new host lib function to create the keyblock for verifying
the firmware lib.

Add tests for everything new.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: I1fadb3e249e771a692cc69b23620c6ddd46a48ac
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231721
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

11 files changed, 313 insertions, 77 deletions

diff --git a/Makefile b/Makefile
index dbd89253..310eeb0f 100644
--- a/Makefile
+++ b/Makefile
@@ -377,6 +377,7 @@ UTILLIB_SRCS = \
 ifneq (${VBOOT2},)
 UTILLIB_SRCS += \
 	host/lib/host_key2.c \
+	host/lib/host_keyblock2.c \
 	host/lib/host_misc2.c \
 	host/lib/host_signature2.c \
 
@@ -639,6 +640,7 @@ TEST_NAMES += \
 	tests/vb2_common2_tests \
 	tests/vb2_common3_tests \
 	tests/vb2_host_key_tests \
+	tests/vb2_host_keyblock_tests \
 	tests/vb2_host_misc_tests \
 	tests/vb2_host_sig_tests \
 	tests/vb2_misc_tests \
@@ -999,6 +1001,7 @@ ${BUILD}/tests/vb2_common_tests: LDLIBS += ${CRYPTO_LIBS}
 ${BUILD}/tests/vb2_common2_tests: LDLIBS += ${CRYPTO_LIBS}
 ${BUILD}/tests/vb2_common3_tests: LDLIBS += ${CRYPTO_LIBS}
 ${BUILD}/tests/vb2_host_key_tests: LDLIBS += ${CRYPTO_LIBS}
+${BUILD}/tests/vb2_host_keyblock_tests: LDLIBS += ${CRYPTO_LIBS}
 ${BUILD}/tests/vb2_host_sig_tests: LDLIBS += ${CRYPTO_LIBS}
 ${BUILD}/tests/vboot_common2_tests: LDLIBS += ${CRYPTO_LIBS}
 ${BUILD}/tests/vboot_common3_tests: LDLIBS += ${CRYPTO_LIBS}
@@ -1180,6 +1183,7 @@ run2tests: test_setup
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_common2_tests ${TEST_KEYS}
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_common3_tests ${TEST_KEYS}
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_host_key_tests ${TEST_KEYS}
+	${RUNTEST} ${BUILD_RUN}/tests/vb2_host_keyblock_tests ${TEST_KEYS}
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_host_misc_tests
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_host_sig_tests ${TEST_KEYS}
 	${RUNTEST} ${BUILD_RUN}/tests/vb2_misc_tests
diff --git a/firmware/2lib/2common2.c b/firmware/2lib/2common2.c
index 099f7c1f..a5ebc70c 100644
--- a/firmware/2lib/2common2.c
+++ b/firmware/2lib/2common2.c
@@ -10,6 +10,13 @@
 #include "2rsa.h"
 #include "2sha.h"
 
+const char *vb2_common_desc(const void *buf)
+{
+	const struct vb2_struct_common *c = buf;
+
+	return c->desc_size ? (const char *)c + c->fixed_size : "";
+}
+
 int vb2_verify_common_header(const void *parent, uint32_t parent_size)
 {
 	const struct vb2_struct_common *c = parent;
@@ -42,8 +49,7 @@ int vb2_verify_common_header(const void *parent, uint32_t parent_size)
 			return VB2_ERROR_COMMON_DESC_SIZE;
 
 		/* Description must be null-terminated */
-		const uint8_t *desc = (const uint8_t *)c + c->fixed_size;
-		if (desc[c->desc_size - 1] != 0)
+		if (vb2_common_desc(c)[c->desc_size - 1] != 0)
 			return VB2_ERROR_COMMON_DESC_TERMINATOR;
 	}
 
diff --git a/firmware/2lib/2packed_key2.c b/firmware/2lib/2packed_key2.c
index a67664bb..4019213b 100644
--- a/firmware/2lib/2packed_key2.c
+++ b/firmware/2lib/2packed_key2.c
@@ -99,11 +99,7 @@ int vb2_unpack_key2(struct vb2_public_key *key,
 	}
 
 	/* Key description */
-	if (pkey->c.desc_size)
-		key->desc = (const char *)&(pkey->c) + pkey->c.fixed_size;
-	else
-		key->desc = "";
-
+	key->desc = vb2_common_desc(pkey);
 	key->version = pkey->key_version;
 	key->guid = &pkey->guid;
 
diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h
index a0c82d3c..1ea3f9e2 100644
--- a/firmware/2lib/include/2common.h
+++ b/firmware/2lib/include/2common.h
@@ -184,6 +184,16 @@ int vb2_verify_member_inside(const void *parent, size_t parent_size,
 			     size_t member_data_size);
 
 /**
+ * Return the description of an object starting with a vb2_struct_common header.
+ *
+ * Does not sanity-check the buffer; merely returns the pointer.
+ *
+ * @param buf		Pointer to common object
+ * @return A pointer to description or an empty string if none.
+ */
+const char *vb2_common_desc(const void *buf);
+
+/**
  * Verify the common struct header is fully contained in its parent data
  *
  * Also verifies the description is either zero-length or null-terminated.
diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h
index 8f5a5c51..7a59925a 100644
--- a/firmware/2lib/include/2return_codes.h
+++ b/firmware/2lib/include/2return_codes.h
@@ -600,6 +600,23 @@ enum vb2_return_code {
 	VB2_SIGN_OBJECT_OVERFLOW,
 
         /**********************************************************************
+	 * Errors generated by host library keyblock functions
+	 */
+	VB2_ERROR_HOST_KEYBLOCK = VB2_ERROR_HOST_BASE + 0x040000,
+
+	/* Unable to determine signature sizes for vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_SIG_SIZE,
+
+	/* Unable to pack data key for vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_DATA_KEY,
+
+	/* Unable to allocate buffer in vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_ALLOC,
+
+	/* Unable to sign keyblock in vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_SIGN,
+
+        /**********************************************************************
 	 * Highest non-zero error generated inside vboot library.  Note that
 	 * error codes passed through vboot when it calls external APIs may
 	 * still be outside this range.
diff --git a/host/lib/host_keyblock2.c b/host/lib/host_keyblock2.c
new file mode 100644
index 00000000..9394cf6a
--- /dev/null
+++ b/host/lib/host_keyblock2.c
@@ -0,0 +1,76 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host functions for keyblocks
+ */
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+#include "host_common.h"
+#include "host_key2.h"
+#include "host_keyblock2.h"
+#include "host_misc.h"
+#include "host_signature2.h"
+
+int vb2_keyblock_create(struct vb2_keyblock2 **kb_ptr,
+			const struct vb2_public_key *data_key,
+			const struct vb2_private_key **signing_keys,
+			uint32_t signing_key_count,
+			uint32_t flags,
+			const char *desc)
+{
+	struct vb2_keyblock2 kb = {
+		.c.magic = VB2_MAGIC_KEYBLOCK2,
+		.c.struct_version_major = VB2_KEYBLOCK2_VERSION_MAJOR,
+		.c.struct_version_minor = VB2_KEYBLOCK2_VERSION_MAJOR,
+		.c.fixed_size = sizeof(kb),
+		.flags = flags,
+		.sig_count = signing_key_count,
+	};
+
+	struct vb2_packed_key2 *key = NULL;
+	uint32_t sig_size;
+	uint8_t *buf;
+
+	*kb_ptr = NULL;
+
+	/* Determine component sizes */
+	if (!desc)
+		desc = data_key->desc;
+	kb.c.desc_size = vb2_desc_size(desc);
+	kb.key_offset = kb.c.fixed_size + kb.c.desc_size;
+
+	if (vb2_sig_size_for_keys(&sig_size, signing_keys, signing_key_count))
+		return VB2_KEYBLOCK_CREATE_SIG_SIZE;
+
+	if (vb2_public_key_pack(&key, data_key))
+		return VB2_KEYBLOCK_CREATE_DATA_KEY;
+
+	kb.sig_offset = kb.key_offset + key->c.total_size;
+	kb.c.total_size = kb.sig_offset + sig_size;
+
+	/* Allocate buffer and copy header and data key */
+	buf = malloc(kb.c.total_size);
+	if (!buf) {
+		free(key);
+		return VB2_KEYBLOCK_CREATE_ALLOC;
+	}
+
+	memcpy(buf, &kb, sizeof(kb));
+	if (kb.c.desc_size)
+		strcpy((char *)buf + kb.c.fixed_size, desc);
+	memcpy(buf + kb.key_offset, key, key->c.total_size);
+	free(key);
+
+	/* Sign the keyblock */
+	if (vb2_sign_object_multiple(buf, kb.sig_offset, signing_keys,
+				     signing_key_count)) {
+		free(buf);
+		return VB2_KEYBLOCK_CREATE_SIGN;
+	}
+
+	*kb_ptr = (struct vb2_keyblock2 *)buf;
+	return VB2_SUCCESS;
+}
diff --git a/host/lib/include/host_keyblock2.h b/host/lib/include/host_keyblock2.h
new file mode 100644
index 00000000..5b05ab1f
--- /dev/null
+++ b/host/lib/include/host_keyblock2.h
@@ -0,0 +1,36 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Host-side functions for verified boot key structures
+ */
+
+#ifndef VBOOT_REFERENCE_HOST_KEYBLOCK2_H_
+#define VBOOT_REFERENCE_HOST_KEYBLOCK2_H_
+
+#include "2struct.h"
+
+struct vb2_private_key;
+struct vb2_public_key;
+
+/**
+ * Create and sign a keyblock.
+ *
+ * @param kb_ptr	On success, points to a newly allocated keyblock buffer.
+ *			Caller is responsible for calling free() on this.
+ * @param data_key	Data key to contain inside keyblock.
+ * @param signing_keys	List of keys to sign the keyblock with.
+ * @param signing_key_count	Number of keys in signing_keys.
+ * @param flags		Flags for keyblock.
+ * @param desc		Description for keyblock.  If NULL, description will be
+ *			taken from the data key.
+ * @return VB2_SUCCESS, or non-zero error code if failure.
+ */
+int vb2_keyblock_create(struct vb2_keyblock2 **kb_ptr,
+			const struct vb2_public_key *data_key,
+			const struct vb2_private_key **signing_keys,
+			uint32_t signing_key_count,
+			uint32_t flags,
+			const char *desc);
+
+#endif  /* VBOOT_REFERENCE_HOST_KEYBLOCK2_H_ */
diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c
index 29adfe84..199b1e05 100644
--- a/tests/vb2_common_tests.c
+++ b/tests/vb2_common_tests.c
@@ -9,6 +9,7 @@
 #include "2common.h"
 #include "2rsa.h"
 #include "host_key2.h"
+#include "host_keyblock2.h"
 #include "host_signature2.h"
 #include "vb2_convert_structs.h"
 #include "vboot_struct.h"  /* For old struct sizes */
@@ -297,19 +298,24 @@ static void test_common_header_functions(void)
 	uint8_t cbufgood[sizeof(cbuf)];
 	struct vb2_struct_common *c = (struct vb2_struct_common *)cbuf;
 	struct vb2_struct_common *c2;
+	const char test_desc[32] = "test desc";
 	uint32_t desc_end, m;
 
 	c->total_size = sizeof(cbuf);
 	c->fixed_size = sizeof(*c);
-	c->desc_size = 32;
+	c->desc_size = sizeof(test_desc);
+	memcpy(cbuf + c->fixed_size, test_desc, sizeof(test_desc));
 	desc_end = c->fixed_size + c->desc_size;
-	cbuf[desc_end - 1] = 0;
 
 	c2 = (struct vb2_struct_common *)(cbuf + desc_end);
 	c2->total_size = c->total_size - desc_end;
 	c2->fixed_size = sizeof(*c2);
 	c2->desc_size = 0;
 
+	/* Description helper */
+	TEST_EQ(0, strcmp(vb2_common_desc(c), test_desc), "vb2_common_desc()");
+	TEST_EQ(0, strcmp(vb2_common_desc(c2), ""), "vb2_common_desc() empty");
+
 	TEST_SUCC(vb2_verify_common_header(cbuf, sizeof(cbuf)),
 		  "vb2_verify_common_header() good");
 	memcpy(cbufgood, cbuf, sizeof(cbufgood));
@@ -484,11 +490,12 @@ static void test_verify_hash(void)
 static void test_verify_keyblock(void)
 {
 	const char desc[16] = "test keyblock";
-	struct vb2_public_key pubk, pubk2, pubk_not_present;
+	const struct vb2_private_key *prik[2];
+	struct vb2_public_key pubk, pubk2, pubk3;
 	struct vb2_signature2 *sig;
 	struct vb2_keyblock2 *kbuf;
 	uint32_t buf_size;
-	uint8_t *buf, *buf2, *bnext;
+	uint8_t *buf, *buf2;
 
 	uint8_t workbuf[VB2_KEY_BLOCK_VERIFY_WORKBUF_BYTES];
 	struct vb2_workbuf wb;
@@ -497,68 +504,20 @@ static void test_verify_keyblock(void)
 		  "create hash key 1");
 	TEST_SUCC(vb2_public_key_hash(&pubk2, VB2_HASH_SHA512),
 		  "create hash key 2");
-	TEST_SUCC(vb2_public_key_hash(&pubk_not_present, VB2_HASH_SHA1),
+	TEST_SUCC(vb2_public_key_hash(&pubk3, VB2_HASH_SHA1),
 		  "create hash key 3");
 
-	/*
-	 * Test packed key only needs to initialize the fields used by keyblock
-	 * verification.
-	 */
-	const struct vb2_packed_key2 pkey = {
-		.c.fixed_size = sizeof(pkey),
-		.c.desc_size = 0,
-		.c.total_size = sizeof(pkey)
-	};
-
-	struct vb2_keyblock2 kb = {
-		.c.magic = VB2_MAGIC_KEYBLOCK2,
-		.c.struct_version_major = VB2_KEYBLOCK2_VERSION_MAJOR,
-		.c.struct_version_minor = VB2_KEYBLOCK2_VERSION_MAJOR,
-		.c.fixed_size = sizeof(kb),
-		.c.desc_size = sizeof(desc),
-		.flags = 0,
-		.sig_count = 2,
-	};
-
-	kb.key_offset = kb.c.fixed_size + kb.c.desc_size;
-	kb.sig_offset = kb.key_offset + pkey.c.total_size;
-
-	/*
-	 * Sign some dummy data with the right algorithms and descritions, to
-	 * determine signature sizes.
-	 */
-	kb.c.total_size = kb.sig_offset;
+	TEST_SUCC(vb2_private_key_hash(prik + 0, VB2_HASH_SHA256),
+		  "create private key 1");
+	TEST_SUCC(vb2_private_key_hash(prik + 1, VB2_HASH_SHA512),
+		  "create private key 2");
 
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data),
-				  VB2_HASH_SHA256);
-	kb.c.total_size += sig->c.total_size;
-	free(sig);
+	/* Create the test keyblock */
+	TEST_SUCC(vb2_keyblock_create(&kbuf, &pubk3, prik, 2, 0x4321, desc),
+		  "create keyblock");
 
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data),
-				  VB2_HASH_SHA512);
-	kb.c.total_size += sig->c.total_size;
-	free(sig);
-
-	/* Now that the keyblock size is known, create the real keyblock */
-	buf_size = kb.c.total_size;
-	buf = malloc(buf_size);
-	memset(buf, 0, buf_size);
-	memcpy(buf, &kb, sizeof(kb));
-	memcpy(buf + kb.c.fixed_size, desc, sizeof(desc));
-	memcpy(buf + kb.key_offset, &pkey, pkey.c.total_size);
-
-	/* And copy in the signatures */
-	bnext = buf + kb.sig_offset;
-
-	sig = vb2_create_hash_sig(buf, kb.sig_offset, VB2_HASH_SHA256);
-	memcpy(bnext, sig, sig->c.total_size);
-	bnext += sig->c.total_size;
-	free(sig);
-
-	sig = vb2_create_hash_sig(buf, kb.sig_offset, VB2_HASH_SHA512);
-	memcpy(bnext, sig, sig->c.total_size);
-	bnext += sig->c.total_size;
-	free(sig);
+	buf = (uint8_t *)kbuf;
+	buf_size = kbuf->c.total_size;
 
 	/* Make a copy of the buffer, so we can mangle it for tests */
 	buf2 = malloc(buf_size);
@@ -575,7 +534,7 @@ static void test_verify_keyblock(void)
 		  "vb2_verify_keyblock2() key 2");
 
 	memcpy(buf, buf2, buf_size);
-	TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk_not_present, &wb),
+	TEST_EQ(vb2_verify_keyblock2(kbuf, buf_size, &pubk3, &wb),
 		VB2_ERROR_KEYBLOCK_SIG_GUID,
 		"vb2_verify_keyblock2() key not present");
 
@@ -600,7 +559,7 @@ static void test_verify_keyblock(void)
 	memcpy(buf, buf2, buf_size);
 	kbuf->c.struct_version_minor++;
 	/* That changes the signature, so resign the keyblock */
-	sig = vb2_create_hash_sig(buf, kb.sig_offset, VB2_HASH_SHA256);
+	sig = vb2_create_hash_sig(buf, kbuf->sig_offset, VB2_HASH_SHA256);
 	memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size);
 	free(sig);
 	TEST_SUCC(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
diff --git a/tests/vb2_host_key_tests.c b/tests/vb2_host_key_tests.c
index 15e0b377..5780691a 100644
--- a/tests/vb2_host_key_tests.c
+++ b/tests/vb2_host_key_tests.c
@@ -224,8 +224,7 @@ static void public_key_tests(const struct alg_combo *combo,
 	TEST_EQ(pkey->key_version, key->version, "  version");
 	TEST_EQ(memcmp(&pkey->guid, key->guid, sizeof(pkey->guid)), 0,
 		"  guid");
-	TEST_EQ(strcmp((char *)pkey + pkey->c.fixed_size, key->desc), 0,
-		"  desc");
+	TEST_EQ(strcmp(vb2_common_desc(pkey), key->desc), 0, "  desc");
 	TEST_SUCC(vb2_unpack_key2(&k2, (uint8_t *)pkey, pkey->c.total_size),
 		  "Unpack public key");
 	TEST_EQ(key->arrsize, k2.arrsize, "  arrsize");
diff --git a/tests/vb2_host_keyblock_tests.c b/tests/vb2_host_keyblock_tests.c
new file mode 100644
index 00000000..c30f3702
--- /dev/null
+++ b/tests/vb2_host_keyblock_tests.c
@@ -0,0 +1,135 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Tests for host library vboot2 keyblock functions
+ */
+
+#include <stdio.h>
+#include <unistd.h>
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+#include "host_common.h"
+#include "host_key2.h"
+#include "host_keyblock2.h"
+
+#include "test_common.h"
+
+static void keyblock_tests(const char *keys_dir)
+{
+	struct vb2_public_key *pubk2048, *pubk4096, *pubk8192, pubkhash;
+	struct vb2_private_key *prik4096, *prik8192;
+	struct vb2_packed_key2 *pak, *pakgood;
+	struct vb2_keyblock2 *kb;
+	const struct vb2_private_key *prikhash;
+	const struct vb2_private_key *prik[2];
+	char fname[1024];
+	const char test_desc[] = "Test keyblock";
+
+	uint8_t workbuf[VB2_KEY_BLOCK_VERIFY_WORKBUF_BYTES];
+	struct vb2_workbuf wb;
+
+	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
+
+	/* Read keys */
+	sprintf(fname, "%s/key_rsa2048.keyb", keys_dir);
+	TEST_SUCC(vb2_public_key_read_keyb(&pubk2048, fname),
+					   "Read public key 2");
+	vb2_public_key_set_desc(pubk2048, "Test RSA2048 public key");
+	pubk2048->hash_alg = VB2_HASH_SHA256;
+
+	sprintf(fname, "%s/key_rsa4096.keyb", keys_dir);
+	TEST_SUCC(vb2_public_key_read_keyb(&pubk4096, fname),
+					   "Read public key 1");
+	vb2_public_key_set_desc(pubk4096, "Test RSA4096 public key");
+	pubk4096->hash_alg = VB2_HASH_SHA256;
+
+	sprintf(fname, "%s/key_rsa8192.keyb", keys_dir);
+	TEST_SUCC(vb2_public_key_read_keyb(&pubk8192, fname),
+					   "Read public key 2");
+	vb2_public_key_set_desc(pubk8192, "Test RSA8192 public key");
+	pubk8192->hash_alg = VB2_HASH_SHA512;
+
+	sprintf(fname, "%s/key_rsa4096.pem", keys_dir);
+	TEST_SUCC(vb2_private_key_read_pem(&prik4096, fname),
+		  "Read private key 2");
+	vb2_private_key_set_desc(prik4096, "Test RSA4096 private key");
+	prik4096->sig_alg = VB2_SIG_RSA4096;
+	prik4096->hash_alg = VB2_HASH_SHA256;
+
+	sprintf(fname, "%s/key_rsa8192.pem", keys_dir);
+	TEST_SUCC(vb2_private_key_read_pem(&prik8192, fname),
+		  "Read private key 1");
+	vb2_private_key_set_desc(prik8192, "Test RSA8192 private key");
+	prik8192->sig_alg = VB2_SIG_RSA8192;
+	prik8192->hash_alg = VB2_HASH_SHA512;
+
+	TEST_SUCC(vb2_private_key_hash(&prikhash, VB2_HASH_SHA512),
+		  "Create private hash key");
+
+	TEST_SUCC(vb2_public_key_hash(&pubkhash, VB2_HASH_SHA512),
+		  "Create public hash key");
+
+	TEST_SUCC(vb2_public_key_pack(&pakgood, pubk2048), "Test packed key");
+
+	/* Sign a keyblock with one key */
+	prik[0] = prik4096;
+	TEST_SUCC(vb2_keyblock_create(&kb, pubk2048, prik, 1, 0x1234, NULL),
+		  "Keyblock single");
+	TEST_PTR_NEQ(kb, NULL, "  kb_ptr");
+	TEST_SUCC(vb2_verify_keyblock2(kb, kb->c.total_size, pubk4096, &wb),
+		  "  verify");
+	TEST_EQ(strcmp(vb2_common_desc(kb), pubk2048->desc), 0,	"  desc");
+	TEST_EQ(kb->flags, 0x1234, "  flags");
+
+	pak = (struct vb2_packed_key2 *)((uint8_t *)kb + kb->key_offset);
+	TEST_EQ(0, memcmp(pak, pakgood, pakgood->c.total_size), "  data key");
+	free(kb);
+
+	/* Sign a keyblock with two keys */
+	prik[0] = prik8192;
+	prik[1] = prikhash;
+	TEST_SUCC(vb2_keyblock_create(&kb, pubk4096, prik, 2, 0, test_desc),
+		  "Keyblock multiple");
+	TEST_SUCC(vb2_verify_keyblock2(kb, kb->c.total_size, pubk8192, &wb),
+		  "  verify 1");
+	TEST_SUCC(vb2_verify_keyblock2(kb, kb->c.total_size, &pubkhash, &wb),
+		  "  verify 2");
+	TEST_EQ(strcmp(vb2_common_desc(kb), test_desc), 0,	"  desc");
+	TEST_EQ(kb->flags, 0, "  flags");
+	free(kb);
+
+	/* Test errors */
+	prik[0] = prik8192;
+	prik8192->hash_alg = VB2_HASH_INVALID;
+	TEST_EQ(vb2_keyblock_create(&kb, pubk4096, prik, 1, 0, NULL),
+		VB2_KEYBLOCK_CREATE_SIG_SIZE, "Keyblock bad sig size");
+	TEST_PTR_EQ(kb, NULL, "  kb_ptr");
+
+	prik[0] = prik4096;
+	pubk4096->sig_alg = VB2_SIG_INVALID;
+	TEST_EQ(vb2_keyblock_create(&kb, pubk4096, prik, 1, 0, NULL),
+		VB2_KEYBLOCK_CREATE_DATA_KEY, "Keyblock bad data key");
+
+	/* Free keys */
+	free(pakgood);
+	vb2_public_key_free(pubk2048);
+	vb2_public_key_free(pubk4096);
+	vb2_public_key_free(pubk8192);
+	vb2_private_key_free(prik4096);
+	vb2_private_key_free(prik8192);
+}
+
+int main(int argc, char *argv[]) {
+
+	if (argc == 2) {
+		keyblock_tests(argv[1]);
+	} else {
+		fprintf(stderr, "Usage: %s <keys_dir>", argv[0]);
+		return -1;
+	}
+
+	return gTestSuccess ? 0 : 255;
+}
diff --git a/tests/vb2_host_sig_tests.c b/tests/vb2_host_sig_tests.c
index a2793bc9..76e128c9 100644
--- a/tests/vb2_host_sig_tests.c
+++ b/tests/vb2_host_sig_tests.c
@@ -80,8 +80,7 @@ static void sig_tests(const struct alg_combo *combo,
 	TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, NULL),
 		  "Sign good");
 	TEST_PTR_NEQ(sig, NULL, "  sig_ptr");
-	TEST_EQ(0, strcmp((char *)sig + sig->c.fixed_size, test_desc),
-		"  desc");
+	TEST_EQ(0, strcmp(vb2_common_desc(sig), test_desc), "  desc");
 	TEST_EQ(0, memcmp(&sig->guid, &test_guid, sizeof(test_guid)), "  guid");
 	TEST_EQ(sig->data_size, test_size, "  data_size");
 	TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size");
@@ -93,8 +92,7 @@ static void sig_tests(const struct alg_combo *combo,
 	TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik,
 				test_sig_desc),
 		  "Sign with desc");
-	TEST_EQ(0, strcmp((char *)sig + sig->c.fixed_size, test_sig_desc),
-		"  desc");
+	TEST_EQ(0, strcmp(vb2_common_desc(sig),	test_sig_desc), "  desc");
 	free(sig);
 
 	TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, ""),