diff options
author | Randall Spangler <rspangler@chromium.org> | 2016-06-21 15:23:32 -0700 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2016-08-10 15:30:33 -0700 |
commit | 939cc3a5c25a3333fadafc7fc341d7e320f72fab (patch) | |
tree | bd7197c8950f44440459fc50531037d50719d3b7 /tests | |
parent | 814aaf09ceecddb16a01e1cbe0df4299b83b5699 (diff) | |
download | vboot-939cc3a5c25a3333fadafc7fc341d7e320f72fab.tar.gz |
futility: Use only vboot 2.0 APIs for keyblocks
This refactors futility and the host library to use only vboot 2.0 APIs
to create and verify keyblocks.
BUG=chromium:611535
BRANCH=none
TEST=make runtests
Change-Id: Ia3cc1e24971b94f01bcb4890c8666a3af6f84841
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/356129
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/vb20_common3_tests.c | 69 | ||||
-rw-r--r-- | tests/vboot_common3_tests.c | 19 |
2 files changed, 44 insertions, 44 deletions
diff --git a/tests/vb20_common3_tests.c b/tests/vb20_common3_tests.c index 6de4b8a0..e1199d84 100644 --- a/tests/vb20_common3_tests.c +++ b/tests/vb20_common3_tests.c @@ -19,33 +19,27 @@ #include "vboot_common.h" #include "test_common.h" -static void resign_keyblock(struct vb2_keyblock *h, const VbPrivateKey *key) +static void resign_keyblock(struct vb2_keyblock *h, + const struct vb2_private_key *key) { - VbSignature *sig = - CalculateSignature((const uint8_t *)h, - h->keyblock_signature.data_size, key); + struct vb2_signature *sig = + vb2_calculate_signature((const uint8_t *)h, + h->keyblock_signature.data_size, key); - SignatureCopy((VbSignature *)&h->keyblock_signature, sig); + vb2_copy_signature(&h->keyblock_signature, sig); free(sig); } -static void test_check_keyblock(const VbPublicKey *public_key, - const VbPrivateKey *private_key, - const VbPublicKey *data_key) +static void test_check_keyblock(const struct vb2_public_key *public_key, + const struct vb2_private_key *private_key, + const struct vb2_packed_key *data_key) { - struct vb2_public_key key; struct vb2_keyblock *hdr; struct vb2_keyblock *h; struct vb2_signature *sig; uint32_t hsize; - /* Unpack public key */ - TEST_SUCC(vb2_unpack_key(&key, (uint8_t *)public_key, - public_key->key_offset + public_key->key_size), - "vb2_verify_keyblock public key"); - - hdr = (struct vb2_keyblock *) - KeyBlockCreate(data_key, private_key, 0x1234); + hdr = vb2_create_keyblock(data_key, private_key, 0x1234); TEST_NEQ((size_t)hdr, 0, "vb2_verify_keyblock() prerequisites"); if (!hdr) return; @@ -143,27 +137,20 @@ static void test_check_keyblock(const VbPublicKey *public_key, free(hdr); } -static void test_verify_keyblock(const VbPublicKey *public_key, - const VbPrivateKey *private_key, - const VbPublicKey *data_key) +static void test_verify_keyblock(const struct vb2_public_key *public_key, + const struct vb2_private_key *private_key, + const struct vb2_packed_key *data_key) { uint8_t workbuf[VB2_KEY_BLOCK_VERIFY_WORKBUF_BYTES] __attribute__ ((aligned (VB2_WORKBUF_ALIGN))); struct vb2_workbuf wb; - struct vb2_public_key key; struct vb2_keyblock *hdr; struct vb2_keyblock *h; uint32_t hsize; vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); - /* Unpack public key */ - TEST_SUCC(vb2_unpack_key(&key, (uint8_t *)public_key, - public_key->key_offset + public_key->key_size), - "vb2_verify_keyblock public key"); - - hdr = (struct vb2_keyblock *) - KeyBlockCreate(data_key, private_key, 0x1234); + hdr = vb2_create_keyblock(data_key, private_key, 0x1234); TEST_NEQ((size_t)hdr, 0, "vb2_verify_keyblock() prerequisites"); if (!hdr) return; @@ -171,25 +158,25 @@ static void test_verify_keyblock(const VbPublicKey *public_key, h = (struct vb2_keyblock *)malloc(hsize + 2048); Memcpy(h, hdr, hsize); - TEST_SUCC(vb2_verify_keyblock(h, hsize, &key, &wb), + TEST_SUCC(vb2_verify_keyblock(h, hsize, public_key, &wb), "vb2_verify_keyblock() ok using key"); /* Failures in keyblock check also cause verify to fail */ Memcpy(h, hdr, hsize); - TEST_EQ(vb2_verify_keyblock(h, hsize - 1, &key, &wb), + TEST_EQ(vb2_verify_keyblock(h, hsize - 1, public_key, &wb), VB2_ERROR_KEYBLOCK_SIZE, "vb2_verify_keyblock() check"); /* Check signature */ Memcpy(h, hdr, hsize); h->keyblock_signature.sig_size--; resign_keyblock(h, private_key); - TEST_EQ(vb2_verify_keyblock(h, hsize, &key, &wb), + TEST_EQ(vb2_verify_keyblock(h, hsize, public_key, &wb), VB2_ERROR_KEYBLOCK_SIG_INVALID, "vb2_verify_keyblock() sig too small"); Memcpy(h, hdr, hsize); ((uint8_t *)vb2_packed_key_data(&h->data_key))[0] ^= 0x34; - TEST_EQ(vb2_verify_keyblock(h, hsize, &key, &wb), + TEST_EQ(vb2_verify_keyblock(h, hsize, public_key, &wb), VB2_ERROR_KEYBLOCK_SIG_INVALID, "vb2_verify_keyblock() sig mismatch"); @@ -568,10 +555,22 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm, return 1; } - test_check_keyblock(signing_public_key, signing_private_key, - data_public_key); - test_verify_keyblock(signing_public_key, signing_private_key, - data_public_key); + /* Unpack public key */ + struct vb2_public_key signing_public_key2; + if (VB2_SUCCESS != + vb2_unpack_key(&signing_public_key2, + (uint8_t *)signing_public_key, + signing_public_key->key_offset + + signing_public_key->key_size)) { + fprintf(stderr, "Error unpacking signing_public_key: %s\n", + filename); + return 1; + } + + test_check_keyblock(&signing_public_key2, signing_private_key2, + (struct vb2_packed_key *)data_public_key); + test_verify_keyblock(&signing_public_key2, signing_private_key2, + (struct vb2_packed_key *)data_public_key); test_verify_fw_preamble(signing_public_key, signing_private_key2, (struct vb2_packed_key *)data_public_key); test_verify_kernel_preamble(signing_public_key, signing_private_key); diff --git a/tests/vboot_common3_tests.c b/tests/vboot_common3_tests.c index 1eba971c..b68c3dc5 100644 --- a/tests/vboot_common3_tests.c +++ b/tests/vboot_common3_tests.c @@ -30,14 +30,17 @@ static void ReChecksumKeyBlock(VbKeyBlockHeader *h) } static void KeyBlockVerifyTest(const VbPublicKey *public_key, - const VbPrivateKey *private_key, - const VbPublicKey *data_key) + const struct vb2_private_key *private_key, + const struct vb2_packed_key *data_key) { VbKeyBlockHeader *hdr; VbKeyBlockHeader *h; unsigned hsize; - hdr = KeyBlockCreate(data_key, private_key, 0x1234); + hdr = (VbKeyBlockHeader *) + vb2_create_keyblock((struct vb2_packed_key *)data_key, + private_key, + 0x1234); TEST_NEQ((size_t)hdr, 0, "KeyBlockVerify() prerequisites"); if (!hdr) return; @@ -162,9 +165,7 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm, int signing_rsa_len = siglen_map[signing_key_algorithm] * 8; int data_rsa_len = siglen_map[data_key_algorithm] * 8; - VbPrivateKey *signing_private_key = NULL; VbPublicKey *signing_public_key = NULL; - VbPublicKey *data_public_key = NULL; printf("***Testing signing algorithm: %s\n", algo_strings[signing_key_algorithm]); @@ -172,8 +173,8 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm, algo_strings[data_key_algorithm]); sprintf(filename, "%s/key_rsa%d.pem", keys_dir, signing_rsa_len); - signing_private_key = PrivateKeyReadPem(filename, - signing_key_algorithm); + struct vb2_private_key *signing_private_key = + vb2_read_private_key_pem(filename, signing_key_algorithm); if (!signing_private_key) { fprintf(stderr, "Error reading signing_private_key: %s\n", filename); @@ -190,8 +191,8 @@ int test_permutation(int signing_key_algorithm, int data_key_algorithm, } sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, data_rsa_len); - data_public_key = PublicKeyReadKeyb(filename, - data_key_algorithm, 1); + struct vb2_packed_key *data_public_key = (struct vb2_packed_key *) + PublicKeyReadKeyb(filename, data_key_algorithm, 1); if (!data_public_key) { fprintf(stderr, "Error reading data_public_key: %s\n", filename); |