diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-11-21 15:33:07 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-01 20:30:41 +0000 |
commit | fc73f087653ee67193a9f2b897433db2cd532f8c (patch) | |
tree | 52057d47f6a9ed162202d8d5353293355cbb4383 /tests/vb2_common2_tests.c | |
parent | 91852e7f58d50a031bcb5c02e68473cefb10ebb0 (diff) | |
download | vboot-fc73f087653ee67193a9f2b897433db2cd532f8c.tar.gz |
vboot2: Use new hostlib functions in unit tests
This removes the hacky conversion from old-style packed keys and
signatures, which existed only because at the time we didn't have the
ability in hostlib to create new-format key and signature structs
directly.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests
Change-Id: Id7cb3dfce740f2546464a4caae2629af864d7b45
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/231543
Diffstat (limited to 'tests/vb2_common2_tests.c')
-rw-r--r-- | tests/vb2_common2_tests.c | 179 |
1 files changed, 90 insertions, 89 deletions
diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c index 8c8f6430..7666a604 100644 --- a/tests/vb2_common2_tests.c +++ b/tests/vb2_common2_tests.c @@ -9,14 +9,18 @@ #include <stdio.h> #include <string.h> +#include "2sysincludes.h" +#include "2common.h" +#include "2rsa.h" + #include "file_keys.h" #include "host_common.h" +#include "host_key2.h" +#include "host_signature2.h" #include "vb2_convert_structs.h" #include "vboot_common.h" #include "test_common.h" -#include "2common.h" -#include "2rsa.h" static const uint8_t test_data[] = "This is some test data to sign."; static const uint32_t test_size = sizeof(test_data); @@ -74,56 +78,54 @@ static void test_unpack_key(const struct vb2_packed_key *key1) free(key); } -static void test_unpack_key2(const struct vb2_packed_key *key1) +static void test_unpack_key2(const struct vb2_packed_key *key1, + const struct vb2_packed_key2 *key) { struct vb2_public_key pubk; struct vb2_packed_key2 *key2; - uint32_t size; + uint32_t size = key->c.total_size; + + /* Make a copy of the key for testing */ + key2 = (struct vb2_packed_key2 *)malloc(size); /* Should be able to handle a vboot1-style key binary as well */ TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1, key1->key_offset + key1->key_size), "vb2_unpack_key2() passthru"); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), "vb2_unpack_key2() ok"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->key_offset += 4; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_COMMON_MEMBER_SIZE, "vb2_unpack_key2() buffer too small"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.fixed_size += size; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_COMMON_FIXED_SIZE, "vb2_unpack_key2() buffer too small for desc"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.desc_size = 0; TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), "vb2_unpack_key2() no desc"); TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.magic++; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_INSIDE_DATA_OUTSIDE, "vb2_unpack_key2() bad magic"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.struct_version_major++; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_STRUCT_VERSION, "vb2_unpack_key2() bad major version"); - free(key2); /* * Minor version changes are ok. Note that this test assumes that the @@ -134,49 +136,45 @@ static void test_unpack_key2(const struct vb2_packed_key *key1) * handle both old and new struct versions, so someone will have * noticed this comment. */ - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.struct_version_minor++; TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), "vb2_unpack_key2() minor version change ok"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->sig_alg = VB2_SIG_INVALID; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM, "vb2_unpack_key2() bad sig algorithm"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->hash_alg = VB2_HASH_INVALID; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM, "vb2_unpack_key2() bad hash algorithm"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->key_size -= 4; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_SIZE, "vb2_unpack_key2() invalid size"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->key_offset--; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_COMMON_MEMBER_UNALIGNED, "vb2_unpack_key2() unaligned data"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); *(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_ARRAY_SIZE, "vb2_unpack_key2() invalid key array size"); + free(key2); } -static void test_verify_data(struct vb2_packed_key *key1, +static void test_verify_data(const struct vb2_packed_key *key1, const struct vb2_signature *sig) { uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]; @@ -235,134 +233,114 @@ static void test_verify_data(struct vb2_packed_key *key1, free(sig2); } -static void test_verify_signature(const struct vb2_packed_key *key1, - const struct vb2_signature *sig1) +static void test_verify_signature2(const struct vb2_signature2 *sig) { - struct vb2_public_key pubk; - struct vb2_packed_key2 *key2; struct vb2_signature2 *sig2; - uint8_t *buf2good, *buf2; + uint8_t *buf2; uint32_t size; - /* Unpack and convert the public key */ - TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1, - key1->key_offset + key1->key_size), - "verify_sig vb2_unpack_key2() passthru"); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); - TEST_PTR_NEQ(key2, 0, "verify_sig convert pub key"); - - buf2good = (uint8_t *) - vb2_convert_signature2(sig1, "test desc", key2, &size); + /* Make a copy of the signature */ + size = sig->c.total_size; buf2 = malloc(size); sig2 = (struct vb2_signature2 *)buf2; - memcpy(buf2, buf2good, size); - TEST_PTR_NEQ(sig1, 0, "verify_sig convert signature"); + memcpy(buf2, sig, size); TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig ok"); sig2->c.magic = VB2_MAGIC_PACKED_KEY2; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_MAGIC, "verify_sig magic"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->c.total_size += 4; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE, "verify_sig common header"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->c.struct_version_minor++; TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig minor ver"); sig2->c.struct_version_major++; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_VERSION, "verify_sig major ver"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->c.fixed_size -= 4; sig2->c.desc_size += 4; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_HEADER_SIZE, "verify_sig header size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_size += 4; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE, "verify_sig sig size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_alg = VB2_SIG_INVALID; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_ALGORITHM, "verify_sig sig alg"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ? VB2_SIG_RSA1024 : VB2_SIG_NONE); TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_SIZE, "verify_sig sig size"); free(buf2); - free(buf2good); - free(key2); } -static void test_verify_data2(struct vb2_packed_key *key1, - const struct vb2_signature *sig1) +static void test_verify_data2(const struct vb2_public_key *pubk_orig, + const struct vb2_signature2 *sig) { uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]; struct vb2_workbuf wb; - struct vb2_public_key pubk, pubk_orig; - struct vb2_packed_key2 *key2; + struct vb2_public_key pubk; struct vb2_signature2 *sig2; - uint8_t *buf2good, *buf2; + uint8_t *buf2; uint32_t size; vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); - /* Unpack and convert the public key */ - key2 = vb2_convert_packed_key2(key1, "Test key", &size); - TEST_PTR_NEQ(key2, 0, "verify_data convert pub key"); - TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), - "verify_data2 unpack key"); - pubk_orig = pubk; + pubk = *pubk_orig; - /* Convert signature and allocate copy for tests */ - buf2good = (uint8_t *) - vb2_convert_signature2(sig1, "test desc", key2, &size); + /* Allocate signature copy for tests */ + size = sig->c.total_size; buf2 = malloc(size); sig2 = (struct vb2_signature2 *)buf2; - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); pubk.sig_alg = VB2_SIG_INVALID; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_ALGORITHM, "vb2_verify_data2() bad sig alg"); - pubk.sig_alg = pubk_orig.sig_alg; + pubk = *pubk_orig; - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); pubk.hash_alg = VB2_HASH_INVALID; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_DIGEST_SIZE, "vb2_verify_data2() bad hash alg"); - pubk.hash_alg = pubk_orig.hash_alg; + pubk = *pubk_orig; vb2_workbuf_init(&wb, workbuf, 4); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_WORKBUF_DIGEST, "vb2_verify_data2() workbuf too small"); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), 0, "vb2_verify_data2() ok"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_size -= 16; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_SIG_SIZE, "vb2_verify_data2() wrong sig size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); TEST_EQ(vb2_verify_data2(test_data, test_size - 1, sig2, &pubk, &wb), VB2_ERROR_VDATA_SIZE, "vb2_verify_data2() wrong data size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ? VB2_HASH_SHA256 : VB2_HASH_SHA1); TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), @@ -370,13 +348,12 @@ static void test_verify_data2(struct vb2_packed_key *key1, "vb2_verify_data2() alg mismatch"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); buf2[sig2->sig_offset] ^= 0x5A; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_RSA_PADDING, "vb2_verify_data2() wrong sig"); free(buf2); - free(buf2good); } int test_algorithm(int key_algorithm, const char *keys_dir) @@ -384,10 +361,17 @@ int test_algorithm(int key_algorithm, const char *keys_dir) char filename[1024]; int rsa_len = siglen_map[key_algorithm] * 8; - VbPrivateKey *private_key = NULL; + enum vb2_signature_algorithm sig_alg = + vb2_crypto_to_signature(key_algorithm); + enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm); + VbPrivateKey *private_key = NULL; + struct vb2_private_key *prik = NULL; struct vb2_signature *sig = NULL; + struct vb2_signature2 *sig2 = NULL; + struct vb2_public_key *pubk = NULL; struct vb2_packed_key *key1; + struct vb2_packed_key2 *key2 = NULL; printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]); @@ -398,6 +382,12 @@ int test_algorithm(int key_algorithm, const char *keys_dir) return 1; } + TEST_SUCC(vb2_private_key_read_pem(&prik, filename), + "Read private key"); + prik->hash_alg = hash_alg; + prik->sig_alg = sig_alg; + vb2_private_key_set_desc(prik, "private key"); + sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, rsa_len); key1 = (struct vb2_packed_key *) PublicKeyReadKeyb(filename, key_algorithm, 1); @@ -406,25 +396,36 @@ int test_algorithm(int key_algorithm, const char *keys_dir) return 1; } - /* Calculate good signature */ + TEST_SUCC(vb2_public_key_read_keyb(&pubk, filename), + "Read public key"); + pubk->hash_alg = hash_alg; + vb2_public_key_set_desc(pubk, "public key"); + TEST_SUCC(vb2_public_key_pack(&key2, pubk), "Pack public key"); + + /* Calculate good signatures */ sig = (struct vb2_signature *) CalculateSignature(test_data, sizeof(test_data), private_key); TEST_PTR_NEQ(sig, 0, "Calculate signature"); if (!sig) return 1; + TEST_SUCC(vb2_sign_data(&sig2, test_data, test_size, prik, ""), + "Make test signature"); + test_unpack_key(key1); - test_unpack_key2(key1); test_verify_data(key1, sig); - test_verify_data2(key1, sig); - test_verify_signature(key1, sig); - - if (key1) - free(key1); - if (private_key) - free(private_key); - if (sig) - free(sig); + + test_unpack_key2(key1, key2); + test_verify_data2(pubk, sig2); + test_verify_signature2(sig2); + + free(key1); + free(key2); + free(private_key); + free(sig); + free(sig2); + vb2_private_key_free(prik); + vb2_public_key_free(pubk); return 0; } |