vboot2: Add host lib function to create a vb2-style keyblock

Also add vb2_common_desc() helper function to return the description
for an object starting with a common struct header.

And use the new host lib function to create the keyblock for verifying
the firmware lib.

Add tests for everything new.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: I1fadb3e249e771a692cc69b23620c6ddd46a48ac
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231721
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

4 files changed, 36 insertions, 7 deletions

diff --git a/firmware/2lib/2common2.c b/firmware/2lib/2common2.c
index 099f7c1f..a5ebc70c 100644
--- a/firmware/2lib/2common2.c
+++ b/firmware/2lib/2common2.c
@@ -10,6 +10,13 @@
 #include "2rsa.h"
 #include "2sha.h"
 
+const char *vb2_common_desc(const void *buf)
+{
+	const struct vb2_struct_common *c = buf;
+
+	return c->desc_size ? (const char *)c + c->fixed_size : "";
+}
+
 int vb2_verify_common_header(const void *parent, uint32_t parent_size)
 {
 	const struct vb2_struct_common *c = parent;
@@ -42,8 +49,7 @@ int vb2_verify_common_header(const void *parent, uint32_t parent_size)
 			return VB2_ERROR_COMMON_DESC_SIZE;
 
 		/* Description must be null-terminated */
-		const uint8_t *desc = (const uint8_t *)c + c->fixed_size;
-		if (desc[c->desc_size - 1] != 0)
+		if (vb2_common_desc(c)[c->desc_size - 1] != 0)
 			return VB2_ERROR_COMMON_DESC_TERMINATOR;
 	}
 
diff --git a/firmware/2lib/2packed_key2.c b/firmware/2lib/2packed_key2.c
index a67664bb..4019213b 100644
--- a/firmware/2lib/2packed_key2.c
+++ b/firmware/2lib/2packed_key2.c
@@ -99,11 +99,7 @@ int vb2_unpack_key2(struct vb2_public_key *key,
 	}
 
 	/* Key description */
-	if (pkey->c.desc_size)
-		key->desc = (const char *)&(pkey->c) + pkey->c.fixed_size;
-	else
-		key->desc = "";
-
+	key->desc = vb2_common_desc(pkey);
 	key->version = pkey->key_version;
 	key->guid = &pkey->guid;
 
diff --git a/firmware/2lib/include/2common.h b/firmware/2lib/include/2common.h
index a0c82d3c..1ea3f9e2 100644
--- a/firmware/2lib/include/2common.h
+++ b/firmware/2lib/include/2common.h
@@ -184,6 +184,16 @@ int vb2_verify_member_inside(const void *parent, size_t parent_size,
 			     size_t member_data_size);
 
 /**
+ * Return the description of an object starting with a vb2_struct_common header.
+ *
+ * Does not sanity-check the buffer; merely returns the pointer.
+ *
+ * @param buf		Pointer to common object
+ * @return A pointer to description or an empty string if none.
+ */
+const char *vb2_common_desc(const void *buf);
+
+/**
  * Verify the common struct header is fully contained in its parent data
  *
  * Also verifies the description is either zero-length or null-terminated.
diff --git a/firmware/2lib/include/2return_codes.h b/firmware/2lib/include/2return_codes.h
index 8f5a5c51..7a59925a 100644
--- a/firmware/2lib/include/2return_codes.h
+++ b/firmware/2lib/include/2return_codes.h
@@ -600,6 +600,23 @@ enum vb2_return_code {
 	VB2_SIGN_OBJECT_OVERFLOW,
 
         /**********************************************************************
+	 * Errors generated by host library keyblock functions
+	 */
+	VB2_ERROR_HOST_KEYBLOCK = VB2_ERROR_HOST_BASE + 0x040000,
+
+	/* Unable to determine signature sizes for vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_SIG_SIZE,
+
+	/* Unable to pack data key for vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_DATA_KEY,
+
+	/* Unable to allocate buffer in vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_ALLOC,
+
+	/* Unable to sign keyblock in vb2_create_keyblock() */
+	VB2_KEYBLOCK_CREATE_SIGN,
+
+        /**********************************************************************
 	 * Highest non-zero error generated inside vboot library.  Note that
 	 * error codes passed through vboot when it calls external APIs may
 	 * still be outside this range.