vboot2: Clean up signing data for unit tests

Signing is now simple enough (thanks to full utility lib support for
vboot2 data structs) that we don't need the vb2_convert_structs module
anymore.  Also, use the utility lib function to create a firmware
preamble, rather than duplicating that code in the fwlib unit tests.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests, and build firmware for veyron_pinky

Change-Id: I1db402a08621f79274d2a69095aebc3e84f4328d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232755

6 files changed, 48 insertions, 141 deletions

diff --git a/Makefile b/Makefile
index ebe62143..a1689367 100644
--- a/Makefile
+++ b/Makefile
@@ -583,11 +583,6 @@ TESTLIB_SRCS = \
 	tests/timer_utils.c \
 	tests/crc32_test.c
 
-ifneq (${VBOOT2},)
-TESTLIB_SRCS += \
-	tests/vb2_convert_structs.c
-endif
-
 TESTLIB_OBJS = ${TESTLIB_SRCS:%.c=${BUILD}/%.o}
 TEST_OBJS += ${TESTLIB_OBJS}
 
diff --git a/tests/vb2_api2_tests.c b/tests/vb2_api2_tests.c
index b6db1850..cc1e12af 100644
--- a/tests/vb2_api2_tests.c
+++ b/tests/vb2_api2_tests.c
@@ -15,10 +15,10 @@
 #include "2rsa.h"
 #include "2secdata.h"
 
+#include "host_key2.h"
 #include "host_signature2.h"
 
 #include "test_common.h"
-#include "vb2_convert_structs.h"
 
 /* Common context for tests */
 static uint8_t workbuf[VB2_WORKBUF_RECOMMENDED_SIZE]
@@ -52,6 +52,7 @@ enum reset_type {
 
 static void reset_common_data(enum reset_type t)
 {
+	const struct vb2_private_key *hash_key;
 	struct vb2_fw_preamble2 *pre;
 	struct vb2_signature2 *sig;
 	uint32_t sig_offset;
@@ -75,6 +76,8 @@ static void reset_common_data(enum reset_type t)
 	retval_vb2_load_fw_keyblock = VB2_SUCCESS;
 	retval_vb2_load_fw_preamble = VB2_SUCCESS;
 
+	vb2_private_key_hash(&hash_key, mock_hash_alg);
+
 	sd->workbuf_preamble_offset = ctx.workbuf_used;
 	pre = (struct vb2_fw_preamble2 *)
 		(ctx.workbuf + sd->workbuf_preamble_offset);
@@ -82,9 +85,8 @@ static void reset_common_data(enum reset_type t)
 	pre->hash_offset = sig_offset = sizeof(*pre);
 
 	for (i = 0; i < 3; i++) {
-		sig = vb2_create_hash_sig(mock_body,
-					  mock_body_size - 16 * i,
-					  mock_hash_alg);
+		vb2_sign_data(&sig, mock_body, mock_body_size - 16 * i,
+			      hash_key, NULL);
 		memcpy(&sig->guid, test_guid + i, sizeof(sig->guid));
 		memcpy((uint8_t *)pre + sig_offset, sig, sig->c.total_size);
 		sig_offset += sig->c.total_size;
diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c
index 7666a604..519d7f93 100644
--- a/tests/vb2_common2_tests.c
+++ b/tests/vb2_common2_tests.c
@@ -17,7 +17,6 @@
 #include "host_common.h"
 #include "host_key2.h"
 #include "host_signature2.h"
-#include "vb2_convert_structs.h"
 #include "vboot_common.h"
 #include "test_common.h"
 
diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c
index 89c8307d..d520f1c6 100644
--- a/tests/vb2_common_tests.c
+++ b/tests/vb2_common_tests.c
@@ -8,15 +8,17 @@
 #include "2sysincludes.h"
 #include "2common.h"
 #include "2rsa.h"
+#include "host_fw_preamble2.h"
 #include "host_key2.h"
 #include "host_keyblock2.h"
 #include "host_signature2.h"
-#include "vb2_convert_structs.h"
 #include "vboot_struct.h"  /* For old struct sizes */
 
 #include "test_common.h"
 
 static const uint8_t test_data[] = "This is some test data to sign.";
+static const uint8_t test_data2[] = "Some more test data";
+static const uint8_t test_data3[] = "Even more test data";
 
 /**
  * Test memory compare functions
@@ -460,18 +462,22 @@ static void test_sig_size(void)
 static void test_verify_hash(void)
 {
 	struct vb2_signature2 *sig;
+	const struct vb2_private_key *prik;
 	struct vb2_public_key pubk;
 	uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
 	struct vb2_workbuf wb;
 
 	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
 
+	TEST_SUCC(vb2_private_key_hash(&prik, VB2_HASH_SHA256),
+		  "create private hash key");
 	TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256),
 		  "create hash key");
 
 	/* Create the signature */
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data), pubk.hash_alg);
-	TEST_PTR_NEQ(sig, NULL, "create hash sig");
+	TEST_SUCC(vb2_sign_data(&sig, test_data, sizeof(test_data),
+				prik, NULL),
+		  "create hash sig");
 
 	TEST_SUCC(vb2_verify_data2(test_data, sizeof(test_data),
 				   sig, &pubk, &wb),
@@ -559,7 +565,7 @@ static void test_verify_keyblock(void)
 	memcpy(buf, buf2, buf_size);
 	kbuf->c.struct_version_minor++;
 	/* That changes the signature, so resign the keyblock */
-	sig = vb2_create_hash_sig(buf, kbuf->sig_offset, VB2_HASH_SHA256);
+	vb2_sign_data(&sig, buf, kbuf->sig_offset, prik[0], NULL);
 	memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size);
 	free(sig);
 	TEST_SUCC(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb),
@@ -615,11 +621,13 @@ static void test_verify_keyblock(void)
 static void test_verify_fw_preamble(void)
 {
 	const char desc[16] = "test preamble";
+	const struct vb2_private_key *prikhash;
+	struct vb2_signature2 *hashes[3];
 	struct vb2_public_key pubk;
 	struct vb2_signature2 *sig;
 	struct vb2_fw_preamble2 *pre;
 	uint32_t buf_size;
-	uint8_t *buf, *buf2, *bnext;
+	uint8_t *buf, *buf2;
 
 	uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES];
 	struct vb2_workbuf wb;
@@ -633,70 +641,28 @@ static void test_verify_fw_preamble(void)
 	 */
 	TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256),
 		  "create hash key");
-
-	struct vb2_fw_preamble2 fp = {
-		.c.magic = VB2_MAGIC_FW_PREAMBLE2,
-		.c.struct_version_major = VB2_FW_PREAMBLE2_VERSION_MAJOR,
-		.c.struct_version_minor = VB2_FW_PREAMBLE2_VERSION_MAJOR,
-		.c.fixed_size = sizeof(fp),
-		.c.desc_size = sizeof(desc),
-		.flags = 0,
-		.hash_count = 3,
-	};
-
-	fp.hash_offset = fp.c.fixed_size + fp.c.desc_size;
-
-	/* Create some hashes so we can calculate their sizes */
-	fp.c.total_size = fp.hash_offset;
-
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data),
-				  VB2_HASH_SHA512);
-	fp.c.total_size += sig->c.total_size;
-	free(sig);
-
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data),
-				  VB2_HASH_SHA256);
-	fp.c.total_size += 2 * sig->c.total_size;
-
-	/* Preamble signature goes after that */
-	fp.sig_offset = fp.c.total_size;
-	fp.c.total_size += sig->c.total_size;
-	free(sig);
-
-	/* Now that the total size is known, create the real preamble */
-	buf_size = fp.c.total_size;
-	buf = calloc(1, buf_size);
-	memcpy(buf, &fp, sizeof(fp));
-	memcpy(buf + fp.c.fixed_size, desc, sizeof(desc));
-
-	/* And copy in the component hashes (use parts of test data) */
-	bnext = buf + fp.hash_offset;
-
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data),
-				  VB2_HASH_SHA256);
-	memset(&sig->guid, 0x01, sizeof(sig->guid));
-	memcpy(bnext, sig, sig->c.total_size);
-	bnext += sig->c.total_size;
-	free(sig);
-
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data),
-				  VB2_HASH_SHA512);
-	memset(&sig->guid, 0x03, sizeof(sig->guid));
-	memcpy(bnext, sig, sig->c.total_size);
-	bnext += sig->c.total_size;
-	free(sig);
-
-	sig = vb2_create_hash_sig(test_data, sizeof(test_data) - 4,
-				  VB2_HASH_SHA256);
-	memset(&sig->guid, 0x02, sizeof(sig->guid));
-	memcpy(bnext, sig, sig->c.total_size);
-	bnext += sig->c.total_size;
-	free(sig);
-
-	/* Now sign the preamble */
-	sig = vb2_create_hash_sig(buf, fp.sig_offset, VB2_HASH_SHA256);
-	memcpy(buf + fp.sig_offset, sig, sig->c.total_size);
-	free(sig);
+	TEST_SUCC(vb2_private_key_hash(&prikhash, VB2_HASH_SHA256),
+			  "Create private hash key");
+
+	/* Create some signatures */
+	TEST_SUCC(vb2_sign_data(hashes + 0, test_data, sizeof(test_data),
+				prikhash, "Hash 1"),
+		  "Hash 1");
+	TEST_SUCC(vb2_sign_data(hashes + 1, test_data2, sizeof(test_data2),
+				prikhash, "Hash 2"),
+		  "Hash 2");
+	TEST_SUCC(vb2_sign_data(hashes + 2, test_data3, sizeof(test_data3),
+				prikhash, "Hash 3"),
+			  "Hash 3");
+
+	/* Test good preamble */
+	TEST_SUCC(vb2_fw_preamble_create(&pre, prikhash,
+					 (const struct vb2_signature2 **)hashes,
+					 3, 0x1234, 0x5678, desc),
+		  "Create preamble good");
+
+	buf = (uint8_t *)pre;
+	buf_size = pre->c.total_size;
 
 	/* Make a copy of the buffer, so we can mangle it for tests */
 	buf2 = malloc(buf_size);
@@ -729,7 +695,7 @@ static void test_verify_fw_preamble(void)
 	memcpy(buf, buf2, buf_size);
 	pre->c.struct_version_minor++;
 	/* That changes the signature, so resign the fw_preamble */
-	sig = vb2_create_hash_sig(buf, fp.sig_offset, VB2_HASH_SHA256);
+	vb2_sign_data(&sig, buf, pre->sig_offset, prikhash, NULL);
 	memcpy(buf + pre->sig_offset, sig, sig->c.total_size);
 	free(sig);
 	TEST_SUCC(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
@@ -743,14 +709,14 @@ static void test_verify_fw_preamble(void)
 		"vb2_verify_fw_preamble2() header size");
 
 	memcpy(buf, buf2, buf_size);
-	sig = (struct vb2_signature2 *)(buf + fp.hash_offset);
-	sig->c.total_size += fp.c.total_size;
+	sig = (struct vb2_signature2 *)(buf + pre->hash_offset);
+	sig->c.total_size += pre->c.total_size;
 	TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
 		VB2_ERROR_COMMON_TOTAL_SIZE,
 		"vb2_verify_fw_preamble2() hash size");
 
 	memcpy(buf, buf2, buf_size);
-	sig = (struct vb2_signature2 *)(buf + fp.hash_offset);
+	sig = (struct vb2_signature2 *)(buf + pre->hash_offset);
 	sig->sig_size /= 2;
 	TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
 		VB2_ERROR_SIG_SIZE,
@@ -763,15 +729,15 @@ static void test_verify_fw_preamble(void)
 		"vb2_verify_fw_preamble2() hash count");
 
 	memcpy(buf, buf2, buf_size);
-	sig = (struct vb2_signature2 *)(buf + fp.sig_offset);
+	sig = (struct vb2_signature2 *)(buf + pre->sig_offset);
 	sig->c.total_size += 4;
 	TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
 		VB2_ERROR_COMMON_TOTAL_SIZE,
 		"vb2_verify_fw_preamble2() sig inside");
 
 	memcpy(buf, buf2, buf_size);
-	sig = (struct vb2_signature2 *)(buf + fp.sig_offset);
-	buf[fp.sig_offset + sig->sig_offset]++;
+	sig = (struct vb2_signature2 *)(buf + pre->sig_offset);
+	buf[pre->sig_offset + sig->sig_offset]++;
 	TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb),
 		VB2_ERROR_VDATA_VERIFY_DIGEST,
 		"vb2_verify_fw_preamble2() sig corrupt");
diff --git a/tests/vb2_convert_structs.c b/tests/vb2_convert_structs.c
deleted file mode 100644
index 99d2a429..00000000
--- a/tests/vb2_convert_structs.c
+++ /dev/null
@@ -1,31 +0,0 @@
-/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- * Convert structs from vboot1 data format to new vboot2 structs
- */
-
-#include "2sysincludes.h"
-#include "2common.h"
-#include "host_common.h"
-#include "host_key2.h"
-#include "host_signature2.h"
-#include "vb2_convert_structs.h"
-
-#include "test_common.h"
-
-struct vb2_signature2 *vb2_create_hash_sig(const uint8_t *data,
-					   uint32_t size,
-					   enum vb2_hash_algorithm hash_alg)
-{
-	const struct vb2_private_key *key;
-	struct vb2_signature2 *sig;
-
-	if (vb2_private_key_hash(&key, hash_alg))
-		return NULL;
-
-	if (vb2_sign_data(&sig, data, size, key, NULL))
-		return NULL;
-
-	return sig;
-}
diff --git a/tests/vb2_convert_structs.h b/tests/vb2_convert_structs.h
deleted file mode 100644
index ca7fcec5..00000000
--- a/tests/vb2_convert_structs.h
+++ /dev/null
@@ -1,24 +0,0 @@
-/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
- * Use of this source code is governed by a BSD-style license that can be
- * found in the LICENSE file.
- *
- */
-
-#ifndef VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_
-#define VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_
-
-#include "2struct.h"
-
-/**
- * Create an unsigned hash signature of the data.
- *
- * @param data		Data to sign
- * @param size		Size of data in bytes
- * @return a newly-allocated signature, which the caller must free, or NULL if
- *	   error.
- */
-struct vb2_signature2 *vb2_create_hash_sig(const uint8_t *data,
-					   uint32_t size,
-					   enum vb2_hash_algorithm hash_alg);
-
-#endif  /* VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_ */