diff options
| author | Randall Spangler <rspangler@chromium.org> | 2014-10-23 09:48:20 -0700 |
|---|---|---|
| committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-10-28 20:39:31 +0000 |
| commit | c8c2f023a4914a498c11b855210ef05d4e035d41 (patch) | |
| tree | ec36ec0f2c163c5503e4a36da0618d9627a373a0 | |
| parent | 4eef812d68f64cc501d795131d95f8a2f27223b1 (diff) | |
| download | vboot-c8c2f023a4914a498c11b855210ef05d4e035d41.tar.gz | |
vboot2: use enum signature algorithm
This changes the internals of vboot2 to use the enumerated type for
signature algorithm. The conversion from crypto algorithm is done
only when unpacking the key. This is preparation for the vboot2 data
types, which separate signature and hash algorithms into their own
fields.
There is no external change in the calling API to vboot, and no change
to the external data structures.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: I2e176d186d88cc7541644e001e720b4aee456be0
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225209
| -rw-r--r-- | firmware/2lib/2common.c | 24 | ||||
| -rw-r--r-- | firmware/2lib/2rsa.c | 101 | ||||
| -rw-r--r-- | firmware/2lib/include/2return_codes.h | 7 | ||||
| -rw-r--r-- | firmware/2lib/include/2rsa.h | 31 | ||||
| -rw-r--r-- | tests/vb2_api_tests.c | 4 | ||||
| -rw-r--r-- | tests/vb2_common2_tests.c | 24 | ||||
| -rw-r--r-- | tests/vb2_misc2_tests.c | 8 | ||||
| -rw-r--r-- | tests/vb2_rsa_padding_tests.c | 7 | ||||
| -rw-r--r-- | tests/vb2_rsa_utility_tests.c | 67 |
9 files changed, 166 insertions, 107 deletions
diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c index 0da3a611..f1707969 100644 --- a/firmware/2lib/2common.c +++ b/firmware/2lib/2common.c @@ -192,12 +192,12 @@ int vb2_unpack_key(struct vb2_public_key *key, if (rv) return rv; - /* Check key algorithm */ - if (packed_key->algorithm >= VB2_ALG_COUNT) { - VB2_DEBUG("Invalid algorithm.\n"); - return VB2_ERROR_UNPACK_KEY_ALGORITHM; + /* Unpack key algorithm */ + key->sig_alg = vb2_crypto_to_signature(packed_key->algorithm); + if (key->sig_alg == VB2_SIG_INVALID) { + VB2_DEBUG("Unsupported signature algorithm.\n"); + return VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM; } - key->algorithm = packed_key->algorithm; key->hash_alg = vb2_crypto_to_hash(packed_key->algorithm); if (key->hash_alg == VB2_HASH_INVALID) { @@ -205,7 +205,7 @@ int vb2_unpack_key(struct vb2_public_key *key, return VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; } - expected_key_size = vb2_packed_key_size(packed_key->algorithm); + expected_key_size = vb2_packed_key_size(key->sig_alg); if (!expected_key_size || expected_key_size != packed_key->key_size) { VB2_DEBUG("Wrong key size for algorithm\n"); return VB2_ERROR_UNPACK_KEY_SIZE; @@ -218,8 +218,7 @@ int vb2_unpack_key(struct vb2_public_key *key, /* Sanity check key array size */ key->arrsize = buf32[0]; - if (key->arrsize * sizeof(uint32_t) != - vb2_rsa_sig_size(packed_key->algorithm)) + if (key->arrsize * sizeof(uint32_t) != vb2_rsa_sig_size(key->sig_alg)) return VB2_ERROR_UNPACK_KEY_ARRAY_SIZE; key->n0inv = buf32[1]; @@ -238,11 +237,11 @@ int vb2_verify_digest(const struct vb2_public_key *key, { uint8_t *sig_data = vb2_signature_data(sig); - if (sig->sig_size != vb2_rsa_sig_size(key->algorithm)) { + if (sig->sig_size != vb2_rsa_sig_size(key->sig_alg)) { VB2_DEBUG("Wrong data signature size for algorithm, " "sig_size=%d, expected %d for algorithm %d.\n", - sig->sig_size, vb2_rsa_sig_size(key->algorithm), - key->algorithm); + sig->sig_size, vb2_rsa_sig_size(key->sig_alg), + key->sig_alg); return VB2_ERROR_VDATA_SIG_SIZE; } @@ -261,9 +260,6 @@ int vb2_verify_data(const uint8_t *data, uint32_t digest_size; int rv; - if (key->algorithm >= VB2_ALG_COUNT) - return VB2_ERROR_VDATA_ALGORITHM; - if (sig->data_size > size) { VB2_DEBUG("Data buffer smaller than length of signed data.\n"); return VB2_ERROR_VDATA_NOT_ENOUGH_DATA; diff --git a/firmware/2lib/2rsa.c b/firmware/2lib/2rsa.c index 15951c5d..37c5cf51 100644 --- a/firmware/2lib/2rsa.c +++ b/firmware/2lib/2rsa.c @@ -139,33 +139,58 @@ static void modpowF4(const struct vb2_public_key *key, uint8_t *inout, } } -uint32_t vb2_rsa_sig_size(uint32_t algorithm) + +static const uint8_t crypto_to_sig[] = { + VB2_SIG_RSA1024, + VB2_SIG_RSA1024, + VB2_SIG_RSA1024, + VB2_SIG_RSA2048, + VB2_SIG_RSA2048, + VB2_SIG_RSA2048, + VB2_SIG_RSA4096, + VB2_SIG_RSA4096, + VB2_SIG_RSA4096, + VB2_SIG_RSA8192, + VB2_SIG_RSA8192, + VB2_SIG_RSA8192, +}; + +/** + * Convert vb2_crypto_algorithm to vb2_signature_algorithm. + * + * @param algorithm Crypto algorithm (vb2_crypto_algorithm) + * + * @return The signature algorithm for that crypto algorithm, or + * VB2_SIG_INVALID if the crypto algorithm or its corresponding signature + * algorithm is invalid or not supported. + */ +enum vb2_signature_algorithm vb2_crypto_to_signature(uint32_t algorithm) +{ + if (algorithm < ARRAY_SIZE(crypto_to_sig)) + return crypto_to_sig[algorithm]; + else + return VB2_SIG_INVALID; +} + +uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg) { - switch (algorithm) { - case VB2_ALG_RSA1024_SHA1: - case VB2_ALG_RSA1024_SHA256: - case VB2_ALG_RSA1024_SHA512: + switch (sig_alg) { + case VB2_SIG_RSA1024: return 1024 / 8; - case VB2_ALG_RSA2048_SHA1: - case VB2_ALG_RSA2048_SHA256: - case VB2_ALG_RSA2048_SHA512: + case VB2_SIG_RSA2048: return 2048 / 8; - case VB2_ALG_RSA4096_SHA1: - case VB2_ALG_RSA4096_SHA256: - case VB2_ALG_RSA4096_SHA512: + case VB2_SIG_RSA4096: return 4096 / 8; - case VB2_ALG_RSA8192_SHA1: - case VB2_ALG_RSA8192_SHA256: - case VB2_ALG_RSA8192_SHA512: + case VB2_SIG_RSA8192: return 8192 / 8; default: return 0; } } -uint32_t vb2_packed_key_size(uint32_t algorithm) +uint32_t vb2_packed_key_size(enum vb2_signature_algorithm sig_alg) { - uint32_t sig_size = vb2_rsa_sig_size(algorithm); + uint32_t sig_size = vb2_rsa_sig_size(sig_alg); if (!sig_size) return 0; @@ -215,26 +240,21 @@ static const uint8_t sha512_tail[] = { 0x05,0x00,0x04,0x40 }; -/** - * Check pkcs 1.5 padding bytes - * - * @param sig Signature to verify - * @param algorithm Key algorithm - * @return VB2_SUCCESS, or non-zero if error. - */ -int vb2_check_padding(uint8_t *sig, int algorithm) +int vb2_check_padding(const uint8_t *sig, const struct vb2_public_key *key) { /* Determine padding to use depending on the signature type */ - uint32_t hash_alg = vb2_crypto_to_hash(algorithm); - uint32_t pad_size = vb2_rsa_sig_size(algorithm) - - vb2_digest_size(hash_alg); + uint32_t sig_size = vb2_rsa_sig_size(key->sig_alg); + uint32_t hash_size = vb2_digest_size(key->hash_alg); + uint32_t pad_size = sig_size - hash_size; const uint8_t *tail; uint32_t tail_size; int result = 0; - int i; - switch (hash_alg) { + if (!sig_size || !hash_size || hash_size > sig_size) + return VB2_ERROR_RSA_PADDING_SIZE; + + switch (key->hash_alg) { case VB2_HASH_SHA1: tail = sha1_tail; tail_size = sizeof(sha1_tail); @@ -276,20 +296,22 @@ int vb2_rsa_verify_digest(const struct vb2_public_key *key, struct vb2_workbuf wblocal = *wb; uint32_t *workbuf32; uint32_t key_bytes; + int sig_size; int pad_size; int rv; if (!key || !sig || !digest) return VB2_ERROR_RSA_VERIFY_PARAM; - if (key->algorithm > VB2_ALG_RSA8192_SHA512) { + sig_size = vb2_rsa_sig_size(key->sig_alg); + if (!sig_size) { VB2_DEBUG("Invalid signature type!\n"); return VB2_ERROR_RSA_VERIFY_ALGORITHM; } /* Signature length should be same as key length */ key_bytes = key->arrsize * sizeof(uint32_t); - if (key_bytes != vb2_rsa_sig_size(key->algorithm)) { + if (key_bytes != sig_size) { VB2_DEBUG("Signature is of incorrect length!\n"); return VB2_ERROR_RSA_VERIFY_SIG_LEN; } @@ -302,9 +324,13 @@ int vb2_rsa_verify_digest(const struct vb2_public_key *key, vb2_workbuf_free(&wblocal, 3 * key_bytes); - /* Check padding */ - rv = vb2_check_padding(sig, key->algorithm); - if (rv) + /* + * Check padding. Only fail immediately if the padding size is bad. + * Otherwise, continue on to check the digest to reduce the risk of + * timing based attacks. + */ + rv = vb2_check_padding(sig, key); + if (rv == VB2_ERROR_RSA_PADDING_SIZE) return rv; /* @@ -312,12 +338,11 @@ int vb2_rsa_verify_digest(const struct vb2_public_key *key, * use vb2_safe_memcmp() just to be on the safe side. (That's also why * we don't return before this check if the padding check failed.) */ - pad_size = vb2_rsa_sig_size(key->algorithm) - - vb2_digest_size(key->hash_alg); - + pad_size = sig_size - vb2_digest_size(key->hash_alg); if (vb2_safe_memcmp(sig + pad_size, digest, key_bytes - pad_size)) { VB2_DEBUG("Digest check failed!\n"); - rv = VB2_ERROR_RSA_VERIFY_DIGEST; + if (!rv) + rv = VB2_ERROR_RSA_VERIFY_DIGEST; } return rv; diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h index 4070f007..9f41b8b8 100644 --- a/firmware/2lib/include/2return_codes.h +++ b/firmware/2lib/include/2return_codes.h @@ -71,6 +71,9 @@ enum vb2_return_code { /* Digest mismatch in vb2_verify_digest() */ VB2_ERROR_RSA_VERIFY_DIGEST, + /* Bad size calculation in vb2_check_padding() */ + VB2_ERROR_RSA_PADDING_SIZE, + /********************************************************************** * NV storage errors */ @@ -128,8 +131,8 @@ enum vb2_return_code { /* Member data outside parent in vb2_verify_member_inside() */ VB2_ERROR_INSIDE_DATA_OUTSIDE, - /* Bad algorithm in vb2_unpack_key() */ - VB2_ERROR_UNPACK_KEY_ALGORITHM, + /* Unsupported signature algorithm in vb2_unpack_key() */ + VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM, /* Bad key size in vb2_unpack_key() */ VB2_ERROR_UNPACK_KEY_SIZE, diff --git a/firmware/2lib/include/2rsa.h b/firmware/2lib/include/2rsa.h index 5409ce31..8e21cd4d 100644 --- a/firmware/2lib/include/2rsa.h +++ b/firmware/2lib/include/2rsa.h @@ -17,34 +17,45 @@ struct vb2_public_key { uint32_t n0inv; /* -1 / n[0] mod 2^32 */ const uint32_t *n; /* Modulus as little endian array */ const uint32_t *rr; /* R^2 as little endian array */ - uint32_t algorithm; /* Algorithm to use when verifying with the key */ - enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ + enum vb2_signature_algorithm sig_alg; /* Signature algorithm */ + enum vb2_hash_algorithm hash_alg; /* Hash algorithm */ }; /** + * Convert vb2_crypto_algorithm to vb2_signature_algorithm. + * + * @param algorithm Crypto algorithm (vb2_crypto_algorithm) + * + * @return The signature algorithm for that crypto algorithm, or + * VB2_SIG_INVALID if the crypto algorithm or its corresponding signature + * algorithm is invalid or not supported. + */ +enum vb2_signature_algorithm vb2_crypto_to_signature(uint32_t algorithm); + +/** * Return the size of a RSA signature * - * @param algorithm Key algorithm (enum vb2_crypto_algorithm) - * @return The size of the signature, or 0 if error. + * @param sig_alg Signature algorithm + * @return The size of the signature in bytes, or 0 if error. */ -uint32_t vb2_rsa_sig_size(uint32_t algorithm); +uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg); /** * Return the size of a pre-processed RSA public key. * - * @param algorithm Key algorithm (enum vb2_crypto_algorithm) - * @return The size of the preprocessed key, or 0 if error. + * @param sig_alg Signature algorithm + * @return The size of the preprocessed key in bytes, or 0 if error. */ -uint32_t vb2_packed_key_size(uint32_t algorithm); +uint32_t vb2_packed_key_size(enum vb2_signature_algorithm sig_alg); /** * Check pkcs 1.5 padding bytes * * @param sig Signature to verify - * @param algorithm Key algorithm (enum vb2_crypto_algorithm) + * @param key Key to take signature and hash algorithms from * @return VB2_SUCCESS, or non-zero if error. */ -int vb2_check_padding(uint8_t *sig, int algorithm); +int vb2_check_padding(const uint8_t *sig, const struct vb2_public_key *key); /* Size of work buffer sufficient for vb2_rsa_verify_digest() worst case */ #define VB2_VERIFY_RSA_DIGEST_WORKBUF_BYTES (3 * 1024) diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c index 49b59b25..23e2d5e6 100644 --- a/tests/vb2_api_tests.c +++ b/tests/vb2_api_tests.c @@ -140,7 +140,7 @@ int vb2_unpack_key(struct vb2_public_key *key, if (size != sizeof(*k) + 8) return VB2_ERROR_UNPACK_KEY_SIZE; - key->algorithm = k->algorithm; + key->sig_alg = vb2_crypto_to_signature(k->algorithm); key->hash_alg = vb2_crypto_to_hash(k->algorithm); return VB2_SUCCESS; @@ -174,7 +174,7 @@ int vb2_digest_finalize(struct vb2_digest_context *dc, return retval_vb2_digest_finalize; } -uint32_t vb2_rsa_sig_size(uint32_t algorithm) +uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg) { return mock_sig_size; } diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c index 2afa9f9e..4b3a34e6 100644 --- a/tests/vb2_common2_tests.c +++ b/tests/vb2_common2_tests.c @@ -35,7 +35,8 @@ static void test_unpack_key(const VbPublicKey *orig_key) PublicKeyCopy(key, orig_key); TEST_SUCC(vb2_unpack_key(&rsa, buf, size), "vb2_unpack_key() ok"); - TEST_EQ(rsa.algorithm, key2->algorithm, "vb2_unpack_key() algorithm"); + TEST_EQ(rsa.sig_alg, vb2_crypto_to_signature(key2->algorithm), + "vb2_unpack_key() sig_alg"); TEST_EQ(rsa.hash_alg, vb2_crypto_to_hash(key2->algorithm), "vb2_unpack_key() hash_alg"); @@ -43,7 +44,7 @@ static void test_unpack_key(const VbPublicKey *orig_key) PublicKeyCopy(key, orig_key); key2->algorithm = VB2_ALG_COUNT; TEST_EQ(vb2_unpack_key(&rsa, buf, size), - VB2_ERROR_UNPACK_KEY_ALGORITHM, + VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM, "vb2_unpack_key() invalid algorithm"); PublicKeyCopy(key, orig_key); @@ -83,9 +84,8 @@ static void test_verify_data(const VbPublicKey *public_key, struct vb2_workbuf wb; VbSignature *sig; - struct vb2_public_key rsa; + struct vb2_public_key rsa, rsa_orig; struct vb2_signature *sig2; - struct vb2_packed_key *public_key2; vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); @@ -106,13 +106,19 @@ static void test_verify_data(const VbPublicKey *public_key, TEST_EQ(vb2_unpack_key(&rsa, (uint8_t *)public_key2, pubkey_size), 0, "vb2_verify_data() unpack key"); + rsa_orig = rsa; + + memcpy(sig2, sig, sizeof(VbSignature) + sig->sig_size); + rsa.sig_alg = VB2_SIG_INVALID; + TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &rsa, &wb), + 0, "vb2_verify_data() bad sig alg"); + rsa.sig_alg = rsa_orig.sig_alg; memcpy(sig2, sig, sizeof(VbSignature) + sig->sig_size); - rsa.algorithm += VB2_ALG_COUNT; - TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &rsa, - &wb), - 0, "vb2_verify_data() bad key"); - rsa.algorithm -= VB2_ALG_COUNT; + rsa.hash_alg = VB2_HASH_INVALID; + TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &rsa, &wb), + 0, "vb2_verify_data() bad hash alg"); + rsa.hash_alg = rsa_orig.hash_alg; vb2_workbuf_init(&wb, workbuf, 4); memcpy(sig2, sig, sizeof(VbSignature) + sig->sig_size); diff --git a/tests/vb2_misc2_tests.c b/tests/vb2_misc2_tests.c index 14526f70..05a379ee 100644 --- a/tests/vb2_misc2_tests.c +++ b/tests/vb2_misc2_tests.c @@ -218,9 +218,9 @@ static void verify_keyblock_tests(void) "keyblock read root key"); reset_common_data(FOR_KEYBLOCK); - mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_ALGORITHM; + mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM; TEST_EQ(vb2_verify_fw_keyblock(&cc), - VB2_ERROR_UNPACK_KEY_ALGORITHM, + VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM, "keyblock unpack root key"); reset_common_data(FOR_KEYBLOCK); @@ -295,9 +295,9 @@ static void verify_preamble_tests(void) "preamble no data key"); reset_common_data(FOR_PREAMBLE); - mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_ALGORITHM; + mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM; TEST_EQ(vb2_verify_fw_preamble2(&cc), - VB2_ERROR_UNPACK_KEY_ALGORITHM, + VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM, "preamble unpack data key"); reset_common_data(FOR_PREAMBLE); diff --git a/tests/vb2_rsa_padding_tests.c b/tests/vb2_rsa_padding_tests.c index 3dd33162..8c9e80b6 100644 --- a/tests/vb2_rsa_padding_tests.c +++ b/tests/vb2_rsa_padding_tests.c @@ -33,7 +33,7 @@ void vb2_public_key_to_vb2(struct vb2_public_key *k2, k2->n0inv = key->n0inv; k2->n = key->n; k2->rr = key->rr; - k2->algorithm = key->algorithm; + k2->sig_alg = vb2_crypto_to_signature(key->algorithm); k2->hash_alg = vb2_crypto_to_hash(key->algorithm); } @@ -77,6 +77,7 @@ static void test_verify_digest(struct vb2_public_key *key) { uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]; uint8_t sig[RSA1024NUMBYTES]; struct vb2_workbuf wb; + enum vb2_signature_algorithm orig_key_alg = key->sig_alg; vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); @@ -91,12 +92,12 @@ static void test_verify_digest(struct vb2_public_key *key) { "vb2_rsa_verify_digest() small workbuf"); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); - key->algorithm += VB2_ALG_COUNT; + key->sig_alg = VB2_SIG_INVALID; Memcpy(sig, signatures[0], sizeof(sig)); TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), VB2_ERROR_RSA_VERIFY_ALGORITHM, "vb2_rsa_verify_digest() bad key alg"); - key->algorithm -= VB2_ALG_COUNT; + key->sig_alg = orig_key_alg; key->arrsize *= 2; Memcpy(sig, signatures[0], sizeof(sig)); diff --git a/tests/vb2_rsa_utility_tests.c b/tests/vb2_rsa_utility_tests.c index 2a74f35e..1293d50f 100644 --- a/tests/vb2_rsa_utility_tests.c +++ b/tests/vb2_rsa_utility_tests.c @@ -28,52 +28,69 @@ * APIs. */ int vb2_mont_ge(const struct vb2_public_key *key, uint32_t *a); -int vb2_check_padding(uint8_t *sig, int algorithm); -int vb2_safe_memcmp(const void *s1, const void *s2, size_t size); +int vb2_check_padding(const uint8_t *sig, const struct vb2_public_key *key); /** * Test RSA utility funcs */ static void test_utils(void) { + uint8_t sig[RSA1024NUMBYTES]; + struct vb2_public_key kbad = {.sig_alg = VB2_SIG_INVALID, + .hash_alg = VB2_HASH_INVALID}; + /* Verify old and new algorithm count constants match */ TEST_EQ(kNumAlgorithms, VB2_ALG_COUNT, "Algorithm counts"); + /* Crypto algorithm to sig algorithm mapping */ + TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA1024_SHA1), + VB2_SIG_RSA1024, "Crypto map to RSA1024"); + TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA2048_SHA256), + VB2_SIG_RSA2048, "Crypto map to RSA2048"); + TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA4096_SHA256), + VB2_SIG_RSA4096, "Crypto map to RSA4096"); + TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA8192_SHA512), + VB2_SIG_RSA8192, "Crypto map to RSA8192"); + TEST_EQ(vb2_crypto_to_signature(VB2_ALG_COUNT), + VB2_SIG_INVALID, "Crypto map to invalid"); + /* Sig size */ - TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA1024_SHA1), RSA1024NUMBYTES, - "Sig size VB2_ALG_RSA1024_SHA1"); - TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA2048_SHA1), RSA2048NUMBYTES, - "Sig size VB2_ALG_RSA2048_SHA1"); - TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA4096_SHA256), RSA4096NUMBYTES, - "Sig size VB2_ALG_RSA4096_SHA256"); - TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA8192_SHA512), RSA8192NUMBYTES, - "Sig size VB2_ALG_RSA8192_SHA512"); - TEST_EQ(vb2_rsa_sig_size(VB2_ALG_COUNT), 0, + TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA1024), RSA1024NUMBYTES, + "Sig size RSA1024"); + TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA2048), RSA2048NUMBYTES, + "Sig size RSA2048"); + TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA4096), RSA4096NUMBYTES, + "Sig size RSA4096"); + TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA8192), RSA8192NUMBYTES, + "Sig size RSA8192"); + TEST_EQ(vb2_rsa_sig_size(VB2_SIG_INVALID), 0, "Sig size invalid algorithm"); + TEST_EQ(vb2_rsa_sig_size(VB2_SIG_NONE), 0, + "Sig size no signing algorithm"); /* Packed key size */ - TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA1024_SHA1), + TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA1024), RSA1024NUMBYTES * 2 + sizeof(uint32_t) * 2, - "Packed key size VB2_ALG_RSA1024_SHA1"); - TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA2048_SHA1), + "Packed key size VB2_SIG_RSA1024"); + TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA2048), RSA2048NUMBYTES * 2 + sizeof(uint32_t) * 2, - "Packed key size VB2_ALG_RSA2048_SHA1"); - TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA4096_SHA256), + "Packed key size VB2_SIG_RSA2048"); + TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA4096), RSA4096NUMBYTES * 2 + sizeof(uint32_t) * 2, - "Packed key size VB2_ALG_RSA4096_SHA256"); - TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA8192_SHA512), + "Packed key size VB2_SIG_RSA4096"); + TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA8192), RSA8192NUMBYTES * 2 + sizeof(uint32_t) * 2, - "Packed key size VB2_ALG_RSA8192_SHA512"); - TEST_EQ(vb2_packed_key_size(VB2_ALG_COUNT), 0, + "Packed key size VB2_SIG_RSA8192"); + TEST_EQ(vb2_packed_key_size(VB2_SIG_INVALID), 0, "Packed key size invalid algorithm"); - - uint8_t sig[RSA1024NUMBYTES]; + TEST_EQ(vb2_packed_key_size(VB2_SIG_NONE), 0, + "Packed key size no signing algorithm"); /* Test padding check with bad algorithm */ Memcpy(sig, signatures[0], sizeof(sig)); - TEST_EQ(vb2_check_padding(sig, VB2_ALG_COUNT), - VB2_ERROR_RSA_PADDING_ALGORITHM, - "vb2_check_padding() bad alg"); + TEST_EQ(vb2_check_padding(sig, &kbad), + VB2_ERROR_RSA_PADDING_SIZE, + "vb2_check_padding() bad padding algorithm/size"); /* Test safe memcmp */ TEST_EQ(vb2_safe_memcmp("foo", "foo", 3), 0, "vb2_safe_memcmp() good"); |