vboot2: move vb2_safe_memcmp() from rsa to common

This will be needed by other algorithms, so should not live inside the
rsa module.  Also added explicit unit tests for it.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: I92c8c6484964a93d755ac2ee93b57511794540e9
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/224111
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

4 files changed, 45 insertions, 32 deletions

diff --git a/firmware/2lib/2common.c b/firmware/2lib/2common.c
index 4058a2f3..686aa002 100644
--- a/firmware/2lib/2common.c
+++ b/firmware/2lib/2common.c
@@ -11,6 +11,25 @@
 #include "2rsa.h"
 #include "2sha.h"
 
+int vb2_safe_memcmp(const void *s1, const void *s2, size_t size)
+{
+	const unsigned char *us1 = s1;
+	const unsigned char *us2 = s2;
+	int result = 0;
+
+	if (0 == size)
+		return 0;
+
+	/*
+	 * Code snippet without data-dependent branch due to Nate Lawson
+	 * (nate@root.org) of Root Labs.
+	 */
+	while (size--)
+		result |= *us1++ ^ *us2++;
+
+	return result != 0;
+}
+
 int vb2_align(uint8_t **ptr, uint32_t *size, uint32_t align, uint32_t want_size)
 {
 	uintptr_t p = (uintptr_t)*ptr;
diff --git a/firmware/2lib/2rsa.c b/firmware/2lib/2rsa.c
index 47ef1799..c4c9420a 100644
--- a/firmware/2lib/2rsa.c
+++ b/firmware/2lib/2rsa.c
@@ -139,38 +139,6 @@ static void modpowF4(const struct vb2_public_key *key, uint8_t *inout,
 	}
 }
 
-/**
- * Safer memcmp() for use in crypto.
- *
- * Compares the buffers to see if they are equal.  Time taken to perform
- * the comparison is dependent only on the size, not the relationship of
- * the match between the buffers.  Note that unlike memcmp(), this only
- * indicates inequality, not which buffer is lesser.
- *
- * @param s1		First buffer
- * @param s2		Second buffer
- * @param size		Number of bytes to compare
- * @return 0 if match or size=0, non-zero if at least one byte mismatched.
- */
-int vb2_safe_memcmp(const void *s1, const void *s2, size_t size)
-{
-	const unsigned char *us1 = s1;
-	const unsigned char *us2 = s2;
-	int result = 0;
-
-	if (0 == size)
-		return 0;
-
-	/*
-	 * Code snippet without data-dependent branch due to Nate Lawson
-	 * (nate@root.org) of Root Labs.
-	 */
-	while (size--)
-		result |= *us1++ ^ *us2++;
-
-	return result != 0;
-}
-
 uint32_t vb2_rsa_sig_size(uint32_t algorithm)
 {
 	switch (algorithm) {
diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h
index 10ecf808..52c98af9 100644
--- a/firmware/2lib/include/2common.h
+++ b/firmware/2lib/include/2common.h
@@ -101,6 +101,21 @@ void vb2_workbuf_free(struct vb2_workbuf *wb, uint32_t size);
 #define vb_aligned(ptr, align) (!(((uintptr_t)(ptr)) & ((align) - 1)))
 
 /**
+ * Safer memcmp() for use in crypto.
+ *
+ * Compares the buffers to see if they are equal.  Time taken to perform
+ * the comparison is dependent only on the size, not the relationship of
+ * the match between the buffers.  Note that unlike memcmp(), this only
+ * indicates inequality, not which buffer is lesser.
+ *
+ * @param s1		First buffer
+ * @param s2		Second buffer
+ * @param size		Number of bytes to compare
+ * @return 0 if match or size=0, non-zero if at least one byte mismatched.
+ */
+int vb2_safe_memcmp(const void *s1, const void *s2, size_t size);
+
+/**
  * Align a buffer and check its size.
  *
  * @param **ptr		Pointer to pointer to align
diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c
index e476edf1..a9f414f8 100644
--- a/tests/vb2_common_tests.c
+++ b/tests/vb2_common_tests.c
@@ -11,6 +11,16 @@
 #include "test_common.h"
 
 /**
+ * Test memory compare functions
+ */
+static void test_memcmp(void)
+{
+	TEST_EQ(vb2_safe_memcmp("foo", "foo", 3), 0, "memcmp equal");
+	TEST_NEQ(vb2_safe_memcmp("foo1", "foo2", 4), 0, "memcmp different");
+	TEST_EQ(vb2_safe_memcmp("foo1", "foo2", 0), 0, "memcmp 0-size");
+}
+
+/**
  * Test alignment functions
  */
 static void test_align(void)
@@ -230,6 +240,7 @@ static void test_helper_functions(void)
 
 int main(int argc, char* argv[])
 {
+	test_memcmp();
 	test_align();
 	test_workbuf();
 	test_struct_packing();