diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-12-02 15:55:56 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-04 04:02:13 +0000 |
commit | 108d991c678f80c99967bd07035de7418c81a072 (patch) | |
tree | 2183720db7886371be5d05f53c47bf26a8527c62 /tests/vb21_host_sig_tests.c | |
parent | 7aef90c14d9dc770b4e16876faf8bf6b9942ff2e (diff) | |
download | vboot-108d991c678f80c99967bd07035de7418c81a072.tar.gz |
vboot2: Move knowledge of vboot 2.1 data structures inside lib21/
Code which compiles against fwlib2 no longer knows or cares about the
new data structures. This should shrink fwlib2 a bit. This is part 3
of 4 changes which split vboot 2.0 struct handling (old vboot1
structs) from vboot 2.1 struct handling (new style structs).
No functional changes; just shuffling around code.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky.
Change-Id: Ibccd7d1974e07f38b90c19c924ef3b1ffcb77d62
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233020
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'tests/vb21_host_sig_tests.c')
-rw-r--r-- | tests/vb21_host_sig_tests.c | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/tests/vb21_host_sig_tests.c b/tests/vb21_host_sig_tests.c new file mode 100644 index 00000000..5c1176ab --- /dev/null +++ b/tests/vb21_host_sig_tests.c @@ -0,0 +1,196 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Tests for host library vboot2 key functions + */ + +#include <stdio.h> +#include <unistd.h> + +#include "2sysincludes.h" +#include "2common.h" +#include "2rsa.h" +#include "vb2_common.h" +#include "host_common.h" +#include "host_key2.h" +#include "host_signature2.h" +#include "test_common.h" + +/* Test only the algorithms we use */ +struct alg_combo { + const char *name; + enum vb2_signature_algorithm sig_alg; + enum vb2_hash_algorithm hash_alg; +}; + +static const struct alg_combo test_algs[] = { + {"RSA2048/SHA-256", VB2_SIG_RSA2048, VB2_HASH_SHA256}, + {"RSA4096/SHA-256", VB2_SIG_RSA4096, VB2_HASH_SHA256}, + {"RSA8192/SHA-512", VB2_SIG_RSA8192, VB2_HASH_SHA512}, +}; + +const struct vb2_guid test_guid = {.raw = {0xaa}}; +const char *test_desc = "The test key"; +const char *test_sig_desc = "The test signature"; +const uint8_t test_data[] = "Some test data"; +const uint32_t test_size = sizeof(test_data); + +static void sig_tests(const struct alg_combo *combo, + const char *pemfile, + const char *keybfile) +{ + struct vb2_private_key *prik, prik2; + const struct vb2_private_key *prihash, *priks[2]; + struct vb2_public_key *pubk, pubhash; + struct vb2_signature2 *sig, *sig2; + uint32_t size; + + uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]; + struct vb2_workbuf wb; + + uint8_t *buf; + uint32_t bufsize; + struct vb2_struct_common *c; + uint32_t c_sig_offs; + + vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); + + /* Create test keys */ + /* TODO: should read these from .vbprik2, .vbpubk2 files */ + TEST_SUCC(vb2_private_key_read_pem(&prik, pemfile), "Read private key"); + prik->guid = test_guid; + prik->hash_alg = combo->hash_alg; + prik->sig_alg = combo->sig_alg; + vb2_private_key_set_desc(prik, test_desc); + + TEST_SUCC(vb2_public_key_read_keyb(&pubk, keybfile), "Read pub key"); + pubk->guid = &test_guid; + pubk->hash_alg = combo->hash_alg; + vb2_public_key_set_desc(pubk, test_desc); + + TEST_SUCC(vb2_private_key_hash(&prihash, combo->hash_alg), + "Private hash key"); + TEST_SUCC(vb2_public_key_hash(&pubhash, combo->hash_alg), + "Public hash key"); + + priks[0] = prik; + priks[1] = prihash; + + /* Sign test data */ + TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, NULL), + "Sign good"); + TEST_PTR_NEQ(sig, NULL, " sig_ptr"); + TEST_EQ(0, strcmp(vb2_common_desc(sig), test_desc), " desc"); + TEST_EQ(0, memcmp(&sig->guid, &test_guid, sizeof(test_guid)), " guid"); + TEST_EQ(sig->data_size, test_size, " data_size"); + TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size"); + TEST_EQ(size, sig->c.total_size, " size"); + TEST_SUCC(vb2_verify_data2(test_data, test_size, sig, pubk, &wb), + "Verify good"); + free(sig); + + TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, + test_sig_desc), + "Sign with desc"); + TEST_EQ(0, strcmp(vb2_common_desc(sig), test_sig_desc), " desc"); + free(sig); + + TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prik, ""), + "Sign with no desc"); + TEST_EQ(sig->c.desc_size, 0, " desc"); + TEST_SUCC(vb2_sig_size_for_key(&size, prik, ""), "Sig size"); + TEST_EQ(size, sig->c.total_size, " size"); + free(sig); + + TEST_SUCC(vb2_sign_data(&sig, test_data, test_size, prihash, NULL), + "Sign with hash"); + TEST_SUCC(vb2_verify_data2(test_data, test_size, sig, &pubhash, &wb), + "Verify with hash"); + free(sig); + + prik2 = *prik; + prik2.sig_alg = VB2_SIG_INVALID; + TEST_EQ(vb2_sign_data(&sig, test_data, test_size, &prik2, NULL), + VB2_SIGN_DATA_SIG_SIZE, "Sign bad sig alg"); + + /* Sign an object with a little (24 bytes) data */ + c_sig_offs = sizeof(*c) + 24; + TEST_SUCC(vb2_sig_size_for_key(&size, prik, NULL), "Sig size"); + bufsize = c_sig_offs + size; + buf = calloc(1, bufsize); + memset(buf + sizeof(*c), 0x12, 24); + c = (struct vb2_struct_common *)buf; + c->total_size = bufsize; + + TEST_SUCC(vb2_sign_object(buf, c_sig_offs, prik, NULL), "Sign object"); + sig = (struct vb2_signature2 *)(buf + c_sig_offs); + TEST_SUCC(vb2_verify_data2(buf, c_sig_offs, sig, pubk, &wb), + "Verify object"); + + TEST_EQ(vb2_sign_object(buf, c_sig_offs + 4, prik, NULL), + VB2_SIGN_OBJECT_OVERFLOW, "Sign object overflow"); + free(buf); + + /* Multiply sign an object */ + TEST_SUCC(vb2_sig_size_for_keys(&size, priks, 2), "Sigs size"); + bufsize = c_sig_offs + size; + buf = calloc(1, bufsize); + memset(buf + sizeof(*c), 0x12, 24); + c = (struct vb2_struct_common *)buf; + c->total_size = bufsize; + + TEST_SUCC(vb2_sign_object_multiple(buf, c_sig_offs, priks, 2), + "Sign multiple"); + sig = (struct vb2_signature2 *)(buf + c_sig_offs); + TEST_SUCC(vb2_verify_data2(buf, c_sig_offs, sig, pubk, &wb), + "Verify object with sig 1"); + sig2 = (struct vb2_signature2 *)(buf + c_sig_offs + sig->c.total_size); + TEST_SUCC(vb2_verify_data2(buf, c_sig_offs, sig2, &pubhash, &wb), + "Verify object with sig 2"); + + c->total_size -= 4; + TEST_EQ(vb2_sign_object_multiple(buf, c_sig_offs, priks, 2), + VB2_SIGN_OBJECT_OVERFLOW, "Sign multple overflow"); + + TEST_EQ(size, sig->c.total_size + sig2->c.total_size, + "Sigs size total"); + + free(buf); + + vb2_private_key_free(prik); + vb2_public_key_free(pubk); +} + +static int test_algorithm(const struct alg_combo *combo, const char *keys_dir) +{ + int rsa_bits = vb2_rsa_sig_size(combo->sig_alg) * 8; + char pemfile[1024]; + char keybfile[1024]; + + printf("***Testing algorithm: %s\n", combo->name); + + sprintf(pemfile, "%s/key_rsa%d.pem", keys_dir, rsa_bits); + sprintf(keybfile, "%s/key_rsa%d.keyb", keys_dir, rsa_bits); + + sig_tests(combo, pemfile, keybfile); + + return 0; +} + +int main(int argc, char *argv[]) { + + if (argc == 2) { + int i; + + for (i = 0; i < ARRAY_SIZE(test_algs); i++) { + if (test_algorithm(test_algs + i, argv[1])) + return 1; + } + } else { + fprintf(stderr, "Usage: %s <keys_dir>", argv[0]); + return -1; + } + + return gTestSuccess ? 0 : 255; +} |