diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-12-03 12:29:37 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-04 09:46:43 +0000 |
commit | 6f1b82ac14f341d9733d6e95d518b3ee352002ef (patch) | |
tree | 0d37f86365c8324416e42f1ce5cd3969de54a178 /tests | |
parent | fe2714923b986bc461b692d45c1b5eb1b469ddc4 (diff) | |
download | vboot-6f1b82ac14f341d9733d6e95d518b3ee352002ef.tar.gz |
vboot2: Move old struct handling to lib20/
This is part 4 of a series of changes to rearrange the vboot2 library
so that it's possible to start using the new-style data structs. This
change moves knowledge of the old vboot1 data structs into lib20; 2lib
now contains only code which is common to both vboot2.x libraries
(that is, code which is data structure version agnostic).
No functional changes; just rearranging code and tests.
BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
And compile firmware for veyron_pinky
CQ-DEPEND=CL:233051
Change-Id: I8f9e67157575e5be14952ef4809c3dfafd92596d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233021
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/vb20_api_tests.c | 346 | ||||
-rw-r--r-- | tests/vb20_common2_tests.c (renamed from tests/vb2_common2_tests.c) | 2 | ||||
-rw-r--r-- | tests/vb20_common3_tests.c (renamed from tests/vb2_common3_tests.c) | 2 | ||||
-rw-r--r-- | tests/vb20_common_tests.c | 174 | ||||
-rw-r--r-- | tests/vb20_misc_tests.c (renamed from tests/vb2_misc2_tests.c) | 2 | ||||
-rw-r--r-- | tests/vb20_rsa_padding_tests.c (renamed from tests/vb2_rsa_padding_tests.c) | 2 | ||||
-rw-r--r-- | tests/vb21_api_tests.c | 36 | ||||
-rw-r--r-- | tests/vb21_misc_tests.c | 4 | ||||
-rw-r--r-- | tests/vb2_api_tests.c | 283 | ||||
-rw-r--r-- | tests/vb2_common_tests.c | 160 | ||||
-rwxr-xr-x | tests/vb2_rsa_tests.sh | 2 |
11 files changed, 562 insertions, 451 deletions
diff --git a/tests/vb20_api_tests.c b/tests/vb20_api_tests.c new file mode 100644 index 00000000..a7be957f --- /dev/null +++ b/tests/vb20_api_tests.c @@ -0,0 +1,346 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Tests for misc library + */ + +#include <stdio.h> + +#include "2sysincludes.h" +#include "2api.h" +#include "2misc.h" +#include "2nvstorage.h" +#include "2rsa.h" +#include "2secdata.h" +#include "vb2_common.h" +#include "test_common.h" + +/* Common context for tests */ +static uint8_t workbuf[VB2_WORKBUF_RECOMMENDED_SIZE] + __attribute__ ((aligned (16))); +static struct vb2_context cc; +static struct vb2_shared_data *sd; + +const char mock_body[320] = "Mock body"; +const int mock_body_size = sizeof(mock_body); +const int mock_algorithm = VB2_ALG_RSA2048_SHA256; +const int mock_hash_alg = VB2_HASH_SHA256; +const int mock_sig_size = 64; + +/* Mocked function data */ + +static int retval_vb2_load_fw_keyblock; +static int retval_vb2_load_fw_preamble; +static int retval_vb2_digest_finalize; +static int retval_vb2_verify_digest; + +/* Type of test to reset for */ +enum reset_type { + FOR_MISC, + FOR_EXTEND_HASH, + FOR_CHECK_HASH, +}; + +static void reset_common_data(enum reset_type t) +{ + struct vb2_fw_preamble *pre; + struct vb2_packed_key *k; + + memset(workbuf, 0xaa, sizeof(workbuf)); + + memset(&cc, 0, sizeof(cc)); + cc.workbuf = workbuf; + cc.workbuf_size = sizeof(workbuf); + + vb2_init_context(&cc); + sd = vb2_get_sd(&cc); + + vb2_nv_init(&cc); + + vb2_secdata_create(&cc); + vb2_secdata_init(&cc); + + retval_vb2_load_fw_keyblock = VB2_SUCCESS; + retval_vb2_load_fw_preamble = VB2_SUCCESS; + retval_vb2_digest_finalize = VB2_SUCCESS; + retval_vb2_verify_digest = VB2_SUCCESS; + + sd->workbuf_preamble_offset = cc.workbuf_used; + sd->workbuf_preamble_size = sizeof(*pre); + cc.workbuf_used = sd->workbuf_preamble_offset + + sd->workbuf_preamble_size; + pre = (struct vb2_fw_preamble *) + (cc.workbuf + sd->workbuf_preamble_offset); + pre->body_signature.data_size = mock_body_size; + pre->body_signature.sig_size = mock_sig_size; + + sd->workbuf_data_key_offset = cc.workbuf_used; + sd->workbuf_data_key_size = sizeof(*k) + 8; + cc.workbuf_used = sd->workbuf_data_key_offset + + sd->workbuf_data_key_size; + k = (struct vb2_packed_key *) + (cc.workbuf + sd->workbuf_data_key_offset); + k->algorithm = mock_algorithm; + + if (t == FOR_EXTEND_HASH || t == FOR_CHECK_HASH) + vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL); + + if (t == FOR_CHECK_HASH) + vb2api_extend_hash(&cc, mock_body, mock_body_size); +}; + +/* Mocked functions */ + +int vb2_load_fw_keyblock(struct vb2_context *ctx) +{ + return retval_vb2_load_fw_keyblock; +} + +int vb2_load_fw_preamble(struct vb2_context *ctx) +{ + return retval_vb2_load_fw_preamble; +} + +int vb2_unpack_key(struct vb2_public_key *key, + const uint8_t *buf, + uint32_t size) +{ + struct vb2_packed_key *k = (struct vb2_packed_key *)buf; + + if (size != sizeof(*k) + 8) + return VB2_ERROR_UNPACK_KEY_SIZE; + + key->sig_alg = vb2_crypto_to_signature(k->algorithm); + key->hash_alg = vb2_crypto_to_hash(k->algorithm); + + return VB2_SUCCESS; +} + +int vb2_digest_init(struct vb2_digest_context *dc, + enum vb2_hash_algorithm hash_alg) +{ + if (hash_alg != mock_hash_alg) + return VB2_ERROR_SHA_INIT_ALGORITHM; + + dc->hash_alg = hash_alg; + + return VB2_SUCCESS; +} + +int vb2_digest_extend(struct vb2_digest_context *dc, + const uint8_t *buf, + uint32_t size) +{ + if (dc->hash_alg != mock_hash_alg) + return VB2_ERROR_SHA_EXTEND_ALGORITHM; + + return VB2_SUCCESS; +} + +int vb2_digest_finalize(struct vb2_digest_context *dc, + uint8_t *digest, + uint32_t digest_size) +{ + return retval_vb2_digest_finalize; +} + +uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg) +{ + return mock_sig_size; +} + +int vb2_rsa_verify_digest(const struct vb2_public_key *key, + uint8_t *sig, + const uint8_t *digest, + const struct vb2_workbuf *wb) +{ + return retval_vb2_verify_digest; +} + +/* Tests */ + +static void phase3_tests(void) +{ + reset_common_data(FOR_MISC); + TEST_SUCC(vb2api_fw_phase3(&cc), "phase3 good"); + + reset_common_data(FOR_MISC); + retval_vb2_load_fw_keyblock = VB2_ERROR_MOCK; + TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock"); + TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST), + VB2_RECOVERY_RO_INVALID_RW, " recovery reason"); + + reset_common_data(FOR_MISC); + retval_vb2_load_fw_preamble = VB2_ERROR_MOCK; + TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock"); + TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST), + VB2_RECOVERY_RO_INVALID_RW, " recovery reason"); +} + +static void init_hash_tests(void) +{ + struct vb2_packed_key *k; + int wb_used_before; + uint32_t size; + + /* For now, all we support is body signature hash */ + reset_common_data(FOR_MISC); + wb_used_before = cc.workbuf_used; + TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), + "init hash good"); + TEST_EQ(sd->workbuf_hash_offset, + (wb_used_before + (VB2_WORKBUF_ALIGN - 1)) & + ~(VB2_WORKBUF_ALIGN - 1), + "hash context offset"); + TEST_EQ(sd->workbuf_hash_size, sizeof(struct vb2_digest_context), + "hash context size"); + TEST_EQ(cc.workbuf_used, + sd->workbuf_hash_offset + sd->workbuf_hash_size, + "hash uses workbuf"); + TEST_EQ(sd->hash_tag, VB2_HASH_TAG_FW_BODY, "hash tag"); + TEST_EQ(sd->hash_remaining_size, mock_body_size, "hash remaining"); + + wb_used_before = cc.workbuf_used; + TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL), + "init hash again"); + TEST_EQ(cc.workbuf_used, wb_used_before, "init hash reuses context"); + + reset_common_data(FOR_MISC); + TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_INVALID, &size), + VB2_ERROR_API_INIT_HASH_TAG, "init hash invalid tag"); + + reset_common_data(FOR_MISC); + sd->workbuf_preamble_size = 0; + TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), + VB2_ERROR_API_INIT_HASH_PREAMBLE, "init hash preamble"); + + reset_common_data(FOR_MISC); + TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY + 1, &size), + VB2_ERROR_API_INIT_HASH_TAG, "init hash unknown tag"); + + reset_common_data(FOR_MISC); + cc.workbuf_used = + cc.workbuf_size - sizeof(struct vb2_digest_context) + 8; + TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), + VB2_ERROR_API_INIT_HASH_WORKBUF, "init hash workbuf"); + + reset_common_data(FOR_MISC); + sd->workbuf_data_key_size = 0; + TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), + VB2_ERROR_API_INIT_HASH_DATA_KEY, "init hash data key"); + + reset_common_data(FOR_MISC); + sd->workbuf_data_key_size--; + TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), + VB2_ERROR_UNPACK_KEY_SIZE, "init hash data key size"); + + reset_common_data(FOR_MISC); + k = (struct vb2_packed_key *)(cc.workbuf + sd->workbuf_data_key_offset); + k->algorithm--; + TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), + VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm"); +} + +static void extend_hash_tests(void) +{ + struct vb2_digest_context *dc; + + reset_common_data(FOR_EXTEND_HASH); + TEST_SUCC(vb2api_extend_hash(&cc, mock_body, 32), + "hash extend good"); + TEST_EQ(sd->hash_remaining_size, mock_body_size - 32, + "hash extend remaining"); + TEST_SUCC(vb2api_extend_hash(&cc, mock_body, mock_body_size - 32), + "hash extend again"); + TEST_EQ(sd->hash_remaining_size, 0, "hash extend remaining 2"); + + reset_common_data(FOR_EXTEND_HASH); + sd->workbuf_hash_size = 0; + TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size), + VB2_ERROR_API_EXTEND_HASH_WORKBUF, "hash extend no workbuf"); + + reset_common_data(FOR_EXTEND_HASH); + TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size + 1), + VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend too much"); + + reset_common_data(FOR_EXTEND_HASH); + TEST_EQ(vb2api_extend_hash(&cc, mock_body, 0), + VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend empty"); + + reset_common_data(FOR_EXTEND_HASH); + dc = (struct vb2_digest_context *) + (cc.workbuf + sd->workbuf_hash_offset); + dc->hash_alg = mock_hash_alg + 1; + TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size), + VB2_ERROR_SHA_EXTEND_ALGORITHM, "hash extend fail"); +} + +static void check_hash_tests(void) +{ + struct vb2_fw_preamble *pre; + + reset_common_data(FOR_CHECK_HASH); + TEST_SUCC(vb2api_check_hash(&cc), "check hash good"); + + reset_common_data(FOR_CHECK_HASH); + sd->workbuf_preamble_size = 0; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_API_CHECK_HASH_PREAMBLE, "check hash preamble"); + + reset_common_data(FOR_CHECK_HASH); + sd->workbuf_hash_size = 0; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_API_CHECK_HASH_WORKBUF, "check hash no workbuf"); + + reset_common_data(FOR_CHECK_HASH); + sd->hash_remaining_size = 1; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_API_CHECK_HASH_SIZE, "check hash size"); + + reset_common_data(FOR_CHECK_HASH); + cc.workbuf_used = cc.workbuf_size; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST, "check hash workbuf"); + + reset_common_data(FOR_CHECK_HASH); + retval_vb2_digest_finalize = VB2_ERROR_MOCK; + TEST_EQ(vb2api_check_hash(&cc), VB2_ERROR_MOCK, "check hash finalize"); + + reset_common_data(FOR_CHECK_HASH); + sd->hash_tag = VB2_HASH_TAG_INVALID; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_API_CHECK_HASH_TAG, "check hash tag"); + + reset_common_data(FOR_CHECK_HASH); + sd->workbuf_data_key_size = 0; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_API_CHECK_HASH_DATA_KEY, "check hash data key"); + + reset_common_data(FOR_CHECK_HASH); + sd->workbuf_data_key_size--; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_UNPACK_KEY_SIZE, "check hash data key size"); + + reset_common_data(FOR_CHECK_HASH); + pre = (struct vb2_fw_preamble *) + (cc.workbuf + sd->workbuf_preamble_offset); + pre->body_signature.sig_size++; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_VDATA_SIG_SIZE, "check hash sig size"); + + reset_common_data(FOR_CHECK_HASH); + retval_vb2_digest_finalize = VB2_ERROR_RSA_VERIFY_DIGEST; + TEST_EQ(vb2api_check_hash(&cc), + VB2_ERROR_RSA_VERIFY_DIGEST, "check hash finalize"); +} + +int main(int argc, char* argv[]) +{ + phase3_tests(); + init_hash_tests(); + extend_hash_tests(); + check_hash_tests(); + + return gTestSuccess ? 0 : 255; +} diff --git a/tests/vb2_common2_tests.c b/tests/vb20_common2_tests.c index ec9ef183..75e05249 100644 --- a/tests/vb2_common2_tests.c +++ b/tests/vb20_common2_tests.c @@ -10,10 +10,10 @@ #include <string.h> #include "2sysincludes.h" -#include "2common.h" #include "2rsa.h" #include "file_keys.h" #include "host_common.h" +#include "vb2_common.h" #include "vboot_common.h" #include "test_common.h" diff --git a/tests/vb2_common3_tests.c b/tests/vb20_common3_tests.c index 61484fb5..365c7700 100644 --- a/tests/vb2_common3_tests.c +++ b/tests/vb20_common3_tests.c @@ -8,7 +8,6 @@ #include <stdio.h> #include "2sysincludes.h" -#include "2common.h" #include "2rsa.h" #include "file_keys.h" @@ -16,6 +15,7 @@ #include "host_key.h" #include "host_keyblock.h" #include "host_signature.h" +#include "vb2_common.h" #include "vboot_common.h" #include "test_common.h" diff --git a/tests/vb20_common_tests.c b/tests/vb20_common_tests.c new file mode 100644 index 00000000..4f4d6813 --- /dev/null +++ b/tests/vb20_common_tests.c @@ -0,0 +1,174 @@ +/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + * + * Tests for firmware 2common.c + */ + +#include "2sysincludes.h" +#include "vb2_common.h" +#include "vboot_struct.h" /* For old struct sizes */ +#include "test_common.h" + +/* + * Test struct packing for vboot_struct.h structs which are passed between + * firmware and OS, or passed between different phases of firmware. + */ +static void test_struct_packing(void) +{ + /* Test vboot2 versions of vboot1 structs */ + TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE, + sizeof(struct vb2_packed_key), + "sizeof(vb2_packed_key)"); + TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE, + sizeof(struct vb2_signature), + "sizeof(vb2_signature)"); + TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE, + sizeof(struct vb2_keyblock), + "sizeof(vb2_keyblock)"); + TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE, + sizeof(struct vb2_fw_preamble), + "sizeof(vb2_fw_preamble)"); + TEST_EQ(EXPECTED_VB2_GBB_HEADER_SIZE, + sizeof(struct vb2_gbb_header), + "sizeof(vb2_gbb_header)"); + + /* And make sure they're the same as their vboot1 equivalents */ + TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE, + EXPECTED_VBPUBLICKEY_SIZE, + "vboot1->2 packed key sizes same"); + TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE, + EXPECTED_VBSIGNATURE_SIZE, + "vboot1->2 signature sizes same"); + TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE, + EXPECTED_VBKEYBLOCKHEADER_SIZE, + "vboot1->2 keyblock sizes same"); + TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE, + EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE, + "vboot1->2 firmware preamble sizes same"); +} + +/** + * Helper functions not dependent on specific key sizes + */ +static void test_helper_functions(void) +{ + { + uint8_t *p = (uint8_t *)test_helper_functions; + TEST_EQ((int)vb2_offset_of(p, p), 0, "vb2_offset_of() equal"); + TEST_EQ((int)vb2_offset_of(p, p+10), 10, + "vb2_offset_of() positive"); + } + + { + struct vb2_packed_key k = {.key_offset = sizeof(k)}; + TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)), + sizeof(k), "vb2_packed_key_data() adjacent"); + } + + { + struct vb2_packed_key k = {.key_offset = 123}; + TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)), 123, + "vb2_packed_key_data() spaced"); + } + + { + struct vb2_signature s = {.sig_offset = sizeof(s)}; + TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)), + sizeof(s), "vb2_signature_data() adjacent"); + } + + { + struct vb2_signature s = {.sig_offset = 123}; + TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)), 123, + "vb2_signature_data() spaced"); + } + + { + uint8_t *p = (uint8_t *)test_helper_functions; + TEST_SUCC(vb2_verify_member_inside(p, 20, p, 6, 11, 3), + "MemberInside ok 1"); + TEST_SUCC(vb2_verify_member_inside(p, 20, p+4, 4, 8, 4), + "MemberInside ok 2"); + TEST_EQ(vb2_verify_member_inside(p, 20, p-4, 4, 8, 4), + VB2_ERROR_INSIDE_MEMBER_OUTSIDE, + "MemberInside member before parent"); + TEST_EQ(vb2_verify_member_inside(p, 20, p+20, 4, 8, 4), + VB2_ERROR_INSIDE_MEMBER_OUTSIDE, + "MemberInside member after parent"); + TEST_EQ(vb2_verify_member_inside(p, 20, p, 21, 0, 0), + VB2_ERROR_INSIDE_MEMBER_OUTSIDE, + "MemberInside member too big"); + TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 21, 0), + VB2_ERROR_INSIDE_DATA_OUTSIDE, + "MemberInside data after parent"); + TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, SIZE_MAX, 0), + VB2_ERROR_INSIDE_DATA_OUTSIDE, + "MemberInside data before parent"); + TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, 17), + VB2_ERROR_INSIDE_DATA_OUTSIDE, + "MemberInside data too big"); + TEST_EQ(vb2_verify_member_inside(p, 20, p, 8, 4, 8), + VB2_ERROR_INSIDE_DATA_OVERLAP, + "MemberInside data overlaps member"); + TEST_EQ(vb2_verify_member_inside(p, -8, p, 12, 0, 0), + VB2_ERROR_INSIDE_PARENT_WRAPS, + "MemberInside wraparound 1"); + TEST_EQ(vb2_verify_member_inside(p, 20, p, -8, 0, 0), + VB2_ERROR_INSIDE_MEMBER_WRAPS, + "MemberInside wraparound 2"); + TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, -12), + VB2_ERROR_INSIDE_DATA_WRAPS, + "MemberInside wraparound 3"); + } + + { + struct vb2_packed_key k = {.key_offset = sizeof(k), + .key_size = 128}; + TEST_SUCC(vb2_verify_packed_key_inside(&k, sizeof(k)+128, &k), + "PublicKeyInside ok 1"); + TEST_SUCC(vb2_verify_packed_key_inside(&k - 1, + 2*sizeof(k)+128, &k), + "PublicKeyInside ok 2"); + TEST_EQ(vb2_verify_packed_key_inside(&k, 128, &k), + VB2_ERROR_INSIDE_DATA_OUTSIDE, + "PublicKeyInside key too big"); + } + + { + struct vb2_packed_key k = {.key_offset = 100, + .key_size = 4}; + TEST_EQ(vb2_verify_packed_key_inside(&k, 99, &k), + VB2_ERROR_INSIDE_DATA_OUTSIDE, + "PublicKeyInside offset too big"); + } + + { + struct vb2_signature s = {.sig_offset = sizeof(s), + .sig_size = 128}; + TEST_SUCC(vb2_verify_signature_inside(&s, sizeof(s)+128, &s), + "SignatureInside ok 1"); + TEST_SUCC(vb2_verify_signature_inside(&s - 1, + 2*sizeof(s)+128, &s), + "SignatureInside ok 2"); + TEST_EQ(vb2_verify_signature_inside(&s, 128, &s), + VB2_ERROR_INSIDE_DATA_OUTSIDE, + "SignatureInside sig too big"); + } + + { + struct vb2_signature s = {.sig_offset = 100, + .sig_size = 4}; + TEST_EQ(vb2_verify_signature_inside(&s, 99, &s), + VB2_ERROR_INSIDE_DATA_OUTSIDE, + "SignatureInside offset too big"); + } +} + +int main(int argc, char* argv[]) +{ + test_struct_packing(); + test_helper_functions(); + + return gTestSuccess ? 0 : 255; +} diff --git a/tests/vb2_misc2_tests.c b/tests/vb20_misc_tests.c index 796d8e6a..aa602ac9 100644 --- a/tests/vb2_misc2_tests.c +++ b/tests/vb20_misc_tests.c @@ -13,7 +13,7 @@ #include "2misc.h" #include "2nvstorage.h" #include "2secdata.h" - +#include "vb2_common.h" #include "test_common.h" /* Common context for tests */ diff --git a/tests/vb2_rsa_padding_tests.c b/tests/vb20_rsa_padding_tests.c index 8c9e80b6..e9789e90 100644 --- a/tests/vb2_rsa_padding_tests.c +++ b/tests/vb20_rsa_padding_tests.c @@ -14,8 +14,8 @@ #include "utility.h" #include "2sysincludes.h" -#include "2common.h" #include "2rsa.h" +#include "vb2_common.h" /** * Convert an old-style RSA public key struct to a new one. diff --git a/tests/vb21_api_tests.c b/tests/vb21_api_tests.c index 052d89b6..52ca0d9e 100644 --- a/tests/vb21_api_tests.c +++ b/tests/vb21_api_tests.c @@ -30,7 +30,6 @@ static struct vb2_shared_data *sd; static const uint8_t mock_body[320] = "Mock body"; static const int mock_body_size = sizeof(mock_body); -static const int mock_algorithm = VB2_ALG_RSA2048_SHA256; static const int mock_hash_alg = VB2_HASH_SHA256; static int mock_sig_size; @@ -198,6 +197,40 @@ static void init_hash_tests(void) VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm"); } +static void extend_hash_tests(void) +{ + struct vb2_digest_context *dc; + + reset_common_data(FOR_EXTEND_HASH); + TEST_SUCC(vb2api_extend_hash(&ctx, mock_body, 32), + "hash extend good"); + TEST_EQ(sd->hash_remaining_size, mock_body_size - 32, + "hash extend remaining"); + TEST_SUCC(vb2api_extend_hash(&ctx, mock_body, mock_body_size - 32), + "hash extend again"); + TEST_EQ(sd->hash_remaining_size, 0, "hash extend remaining 2"); + + reset_common_data(FOR_EXTEND_HASH); + sd->workbuf_hash_size = 0; + TEST_EQ(vb2api_extend_hash(&ctx, mock_body, mock_body_size), + VB2_ERROR_API_EXTEND_HASH_WORKBUF, "hash extend no workbuf"); + + reset_common_data(FOR_EXTEND_HASH); + TEST_EQ(vb2api_extend_hash(&ctx, mock_body, mock_body_size + 1), + VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend too much"); + + reset_common_data(FOR_EXTEND_HASH); + TEST_EQ(vb2api_extend_hash(&ctx, mock_body, 0), + VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend empty"); + + reset_common_data(FOR_EXTEND_HASH); + dc = (struct vb2_digest_context *) + (ctx.workbuf + sd->workbuf_hash_offset); + dc->hash_alg = VB2_HASH_INVALID; + TEST_EQ(vb2api_extend_hash(&ctx, mock_body, mock_body_size), + VB2_ERROR_SHA_EXTEND_ALGORITHM, "hash extend fail"); +} + static void check_hash_tests(void) { struct vb2_fw_preamble2 *pre; @@ -249,6 +282,7 @@ int main(int argc, char* argv[]) { phase3_tests(); init_hash_tests(); + extend_hash_tests(); check_hash_tests(); return gTestSuccess ? 0 : 255; diff --git a/tests/vb21_misc_tests.c b/tests/vb21_misc_tests.c index 9f6489fc..03b8e4fb 100644 --- a/tests/vb21_misc_tests.c +++ b/tests/vb21_misc_tests.c @@ -245,7 +245,7 @@ static void load_keyblock_tests(void) reset_common_data(FOR_KEYBLOCK); ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size - - sizeof(struct vb2_keyblock); + - sizeof(struct vb2_keyblock2); TEST_EQ(vb2_load_fw_keyblock2(&ctx), VB2_ERROR_READ_RESOURCE_OBJECT_BUF, "keyblock not enough workbuf for entire keyblock"); @@ -310,7 +310,7 @@ static void load_preamble_tests(void) reset_common_data(FOR_PREAMBLE); ctx.workbuf_used = ctx.workbuf_size - - sizeof(struct vb2_fw_preamble) + 8; + - sizeof(struct vb2_fw_preamble2) + 8; TEST_EQ(vb2_load_fw_preamble2(&ctx), VB2_ERROR_READ_RESOURCE_OBJECT_BUF, "preamble not enough workbuf for header"); diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c index a7893012..ddbd8164 100644 --- a/tests/vb2_api_tests.c +++ b/tests/vb2_api_tests.c @@ -14,7 +14,6 @@ #include "2nvstorage.h" #include "2rsa.h" #include "2secdata.h" - #include "test_common.h" /* Common context for tests */ @@ -27,7 +26,6 @@ const char mock_body[320] = "Mock body"; const int mock_body_size = sizeof(mock_body); const int mock_algorithm = VB2_ALG_RSA2048_SHA256; const int mock_hash_alg = VB2_HASH_SHA256; -const int mock_sig_size = 64; /* Mocked function data */ @@ -35,23 +33,14 @@ static int retval_vb2_fw_parse_gbb; static int retval_vb2_check_dev_switch; static int retval_vb2_check_tpm_clear; static int retval_vb2_select_fw_slot; -static int retval_vb2_load_fw_keyblock; -static int retval_vb2_load_fw_preamble; -static int retval_vb2_digest_finalize; -static int retval_vb2_verify_digest; /* Type of test to reset for */ enum reset_type { FOR_MISC, - FOR_EXTEND_HASH, - FOR_CHECK_HASH, }; static void reset_common_data(enum reset_type t) { - struct vb2_fw_preamble *pre; - struct vb2_packed_key *k; - memset(workbuf, 0xaa, sizeof(workbuf)); memset(&cc, 0, sizeof(cc)); @@ -70,33 +59,6 @@ static void reset_common_data(enum reset_type t) retval_vb2_check_dev_switch = VB2_SUCCESS; retval_vb2_check_tpm_clear = VB2_SUCCESS; retval_vb2_select_fw_slot = VB2_SUCCESS; - retval_vb2_load_fw_keyblock = VB2_SUCCESS; - retval_vb2_load_fw_preamble = VB2_SUCCESS; - retval_vb2_digest_finalize = VB2_SUCCESS; - retval_vb2_verify_digest = VB2_SUCCESS; - - sd->workbuf_preamble_offset = cc.workbuf_used; - sd->workbuf_preamble_size = sizeof(*pre); - cc.workbuf_used = sd->workbuf_preamble_offset - + sd->workbuf_preamble_size; - pre = (struct vb2_fw_preamble *) - (cc.workbuf + sd->workbuf_preamble_offset); - pre->body_signature.data_size = mock_body_size; - pre->body_signature.sig_size = mock_sig_size; - - sd->workbuf_data_key_offset = cc.workbuf_used; - sd->workbuf_data_key_size = sizeof(*k) + 8; - cc.workbuf_used = sd->workbuf_data_key_offset + - sd->workbuf_data_key_size; - k = (struct vb2_packed_key *) - (cc.workbuf + sd->workbuf_data_key_offset); - k->algorithm = mock_algorithm; - - if (t == FOR_EXTEND_HASH || t == FOR_CHECK_HASH) - vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL); - - if (t == FOR_CHECK_HASH) - vb2api_extend_hash(&cc, mock_body, mock_body_size); }; /* Mocked functions */ @@ -121,72 +83,6 @@ int vb2_select_fw_slot(struct vb2_context *ctx) return retval_vb2_select_fw_slot; } -int vb2_load_fw_keyblock(struct vb2_context *ctx) -{ - return retval_vb2_load_fw_keyblock; -} - -int vb2_load_fw_preamble(struct vb2_context *ctx) -{ - return retval_vb2_load_fw_preamble; -} - -int vb2_unpack_key(struct vb2_public_key *key, - const uint8_t *buf, - uint32_t size) -{ - struct vb2_packed_key *k = (struct vb2_packed_key *)buf; - - if (size != sizeof(*k) + 8) - return VB2_ERROR_UNPACK_KEY_SIZE; - - key->sig_alg = vb2_crypto_to_signature(k->algorithm); - key->hash_alg = vb2_crypto_to_hash(k->algorithm); - - return VB2_SUCCESS; -} - -int vb2_digest_init(struct vb2_digest_context *dc, - enum vb2_hash_algorithm hash_alg) -{ - if (hash_alg != mock_hash_alg) - return VB2_ERROR_SHA_INIT_ALGORITHM; - - dc->hash_alg = hash_alg; - - return VB2_SUCCESS; -} - -int vb2_digest_extend(struct vb2_digest_context *dc, - const uint8_t *buf, - uint32_t size) -{ - if (dc->hash_alg != mock_hash_alg) - return VB2_ERROR_SHA_EXTEND_ALGORITHM; - - return VB2_SUCCESS; -} - -int vb2_digest_finalize(struct vb2_digest_context *dc, - uint8_t *digest, - uint32_t digest_size) -{ - return retval_vb2_digest_finalize; -} - -uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg) -{ - return mock_sig_size; -} - -int vb2_rsa_verify_digest(const struct vb2_public_key *key, - uint8_t *sig, - const uint8_t *digest, - const struct vb2_workbuf *wb) -{ - return retval_vb2_verify_digest; -} - /* Tests */ static void misc_tests(void) @@ -270,190 +166,11 @@ static void phase2_tests(void) VB2_RECOVERY_FW_SLOT, " recovery reason"); } -static void phase3_tests(void) -{ - reset_common_data(FOR_MISC); - TEST_SUCC(vb2api_fw_phase3(&cc), "phase3 good"); - - reset_common_data(FOR_MISC); - retval_vb2_load_fw_keyblock = VB2_ERROR_MOCK; - TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock"); - TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST), - VB2_RECOVERY_RO_INVALID_RW, " recovery reason"); - - reset_common_data(FOR_MISC); - retval_vb2_load_fw_preamble = VB2_ERROR_MOCK; - TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock"); - TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST), - VB2_RECOVERY_RO_INVALID_RW, " recovery reason"); -} - -static void init_hash_tests(void) -{ - struct vb2_packed_key *k; - int wb_used_before; - uint32_t size; - - /* For now, all we support is body signature hash */ - reset_common_data(FOR_MISC); - wb_used_before = cc.workbuf_used; - TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), - "init hash good"); - TEST_EQ(sd->workbuf_hash_offset, - (wb_used_before + (VB2_WORKBUF_ALIGN - 1)) & - ~(VB2_WORKBUF_ALIGN - 1), - "hash context offset"); - TEST_EQ(sd->workbuf_hash_size, sizeof(struct vb2_digest_context), - "hash context size"); - TEST_EQ(cc.workbuf_used, - sd->workbuf_hash_offset + sd->workbuf_hash_size, - "hash uses workbuf"); - TEST_EQ(sd->hash_tag, VB2_HASH_TAG_FW_BODY, "hash tag"); - TEST_EQ(sd->hash_remaining_size, mock_body_size, "hash remaining"); - - wb_used_before = cc.workbuf_used; - TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL), - "init hash again"); - TEST_EQ(cc.workbuf_used, wb_used_before, "init hash reuses context"); - - reset_common_data(FOR_MISC); - TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_INVALID, &size), - VB2_ERROR_API_INIT_HASH_TAG, "init hash invalid tag"); - - reset_common_data(FOR_MISC); - sd->workbuf_preamble_size = 0; - TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), - VB2_ERROR_API_INIT_HASH_PREAMBLE, "init hash preamble"); - - reset_common_data(FOR_MISC); - TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY + 1, &size), - VB2_ERROR_API_INIT_HASH_TAG, "init hash unknown tag"); - - reset_common_data(FOR_MISC); - cc.workbuf_used = - cc.workbuf_size - sizeof(struct vb2_digest_context) + 8; - TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), - VB2_ERROR_API_INIT_HASH_WORKBUF, "init hash workbuf"); - - reset_common_data(FOR_MISC); - sd->workbuf_data_key_size = 0; - TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), - VB2_ERROR_API_INIT_HASH_DATA_KEY, "init hash data key"); - - reset_common_data(FOR_MISC); - sd->workbuf_data_key_size--; - TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), - VB2_ERROR_UNPACK_KEY_SIZE, "init hash data key size"); - - reset_common_data(FOR_MISC); - k = (struct vb2_packed_key *)(cc.workbuf + sd->workbuf_data_key_offset); - k->algorithm--; - TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size), - VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm"); -} - -static void extend_hash_tests(void) -{ - struct vb2_digest_context *dc; - - reset_common_data(FOR_EXTEND_HASH); - TEST_SUCC(vb2api_extend_hash(&cc, mock_body, 32), - "hash extend good"); - TEST_EQ(sd->hash_remaining_size, mock_body_size - 32, - "hash extend remaining"); - TEST_SUCC(vb2api_extend_hash(&cc, mock_body, mock_body_size - 32), - "hash extend again"); - TEST_EQ(sd->hash_remaining_size, 0, "hash extend remaining 2"); - - reset_common_data(FOR_EXTEND_HASH); - sd->workbuf_hash_size = 0; - TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size), - VB2_ERROR_API_EXTEND_HASH_WORKBUF, "hash extend no workbuf"); - - reset_common_data(FOR_EXTEND_HASH); - TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size + 1), - VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend too much"); - - reset_common_data(FOR_EXTEND_HASH); - TEST_EQ(vb2api_extend_hash(&cc, mock_body, 0), - VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend empty"); - - reset_common_data(FOR_EXTEND_HASH); - dc = (struct vb2_digest_context *) - (cc.workbuf + sd->workbuf_hash_offset); - dc->hash_alg = mock_hash_alg + 1; - TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size), - VB2_ERROR_SHA_EXTEND_ALGORITHM, "hash extend fail"); -} - -static void check_hash_tests(void) -{ - struct vb2_fw_preamble *pre; - - reset_common_data(FOR_CHECK_HASH); - TEST_SUCC(vb2api_check_hash(&cc), "check hash good"); - - reset_common_data(FOR_CHECK_HASH); - sd->workbuf_preamble_size = 0; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_API_CHECK_HASH_PREAMBLE, "check hash preamble"); - - reset_common_data(FOR_CHECK_HASH); - sd->workbuf_hash_size = 0; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_API_CHECK_HASH_WORKBUF, "check hash no workbuf"); - - reset_common_data(FOR_CHECK_HASH); - sd->hash_remaining_size = 1; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_API_CHECK_HASH_SIZE, "check hash size"); - - reset_common_data(FOR_CHECK_HASH); - cc.workbuf_used = cc.workbuf_size; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST, "check hash workbuf"); - - reset_common_data(FOR_CHECK_HASH); - retval_vb2_digest_finalize = VB2_ERROR_MOCK; - TEST_EQ(vb2api_check_hash(&cc), VB2_ERROR_MOCK, "check hash finalize"); - - reset_common_data(FOR_CHECK_HASH); - sd->hash_tag = VB2_HASH_TAG_INVALID; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_API_CHECK_HASH_TAG, "check hash tag"); - - reset_common_data(FOR_CHECK_HASH); - sd->workbuf_data_key_size = 0; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_API_CHECK_HASH_DATA_KEY, "check hash data key"); - - reset_common_data(FOR_CHECK_HASH); - sd->workbuf_data_key_size--; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_UNPACK_KEY_SIZE, "check hash data key size"); - - reset_common_data(FOR_CHECK_HASH); - pre = (struct vb2_fw_preamble *) - (cc.workbuf + sd->workbuf_preamble_offset); - pre->body_signature.sig_size++; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_VDATA_SIG_SIZE, "check hash sig size"); - - reset_common_data(FOR_CHECK_HASH); - retval_vb2_digest_finalize = VB2_ERROR_RSA_VERIFY_DIGEST; - TEST_EQ(vb2api_check_hash(&cc), - VB2_ERROR_RSA_VERIFY_DIGEST, "check hash finalize"); -} - int main(int argc, char* argv[]) { misc_tests(); phase1_tests(); phase2_tests(); - phase3_tests(); - init_hash_tests(); - extend_hash_tests(); - check_hash_tests(); return gTestSuccess ? 0 : 255; } diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c index f8502957..4c033fbd 100644 --- a/tests/vb2_common_tests.c +++ b/tests/vb2_common_tests.c @@ -7,9 +7,6 @@ #include "2sysincludes.h" #include "2common.h" -#include "2rsa.h" -#include "vboot_struct.h" /* For old struct sizes */ - #include "test_common.h" /** @@ -108,168 +105,11 @@ static void test_workbuf(void) TEST_EQ(wb.size, 8, " size"); } -/* - * Test struct packing for vboot_struct.h structs which are passed between - * firmware and OS, or passed between different phases of firmware. - */ -static void test_struct_packing(void) -{ - /* Test vboot2 versions of vboot1 structs */ - TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE, - sizeof(struct vb2_packed_key), - "sizeof(vb2_packed_key)"); - TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE, - sizeof(struct vb2_signature), - "sizeof(vb2_signature)"); - TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE, - sizeof(struct vb2_keyblock), - "sizeof(vb2_keyblock)"); - TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE, - sizeof(struct vb2_fw_preamble), - "sizeof(vb2_fw_preamble)"); - TEST_EQ(EXPECTED_VB2_GBB_HEADER_SIZE, - sizeof(struct vb2_gbb_header), - "sizeof(vb2_gbb_header)"); - - /* And make sure they're the same as their vboot1 equivalents */ - TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE, - EXPECTED_VBPUBLICKEY_SIZE, - "vboot1->2 packed key sizes same"); - TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE, - EXPECTED_VBSIGNATURE_SIZE, - "vboot1->2 signature sizes same"); - TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE, - EXPECTED_VBKEYBLOCKHEADER_SIZE, - "vboot1->2 keyblock sizes same"); - TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE, - EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE, - "vboot1->2 firmware preamble sizes same"); -} - -/** - * Helper functions not dependent on specific key sizes - */ -static void test_helper_functions(void) -{ - { - uint8_t *p = (uint8_t *)test_helper_functions; - TEST_EQ((int)vb2_offset_of(p, p), 0, "vb2_offset_of() equal"); - TEST_EQ((int)vb2_offset_of(p, p+10), 10, - "vb2_offset_of() positive"); - } - - { - struct vb2_packed_key k = {.key_offset = sizeof(k)}; - TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)), - sizeof(k), "vb2_packed_key_data() adjacent"); - } - - { - struct vb2_packed_key k = {.key_offset = 123}; - TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)), 123, - "vb2_packed_key_data() spaced"); - } - - { - struct vb2_signature s = {.sig_offset = sizeof(s)}; - TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)), - sizeof(s), "vb2_signature_data() adjacent"); - } - - { - struct vb2_signature s = {.sig_offset = 123}; - TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)), 123, - "vb2_signature_data() spaced"); - } - - { - uint8_t *p = (uint8_t *)test_helper_functions; - TEST_SUCC(vb2_verify_member_inside(p, 20, p, 6, 11, 3), - "MemberInside ok 1"); - TEST_SUCC(vb2_verify_member_inside(p, 20, p+4, 4, 8, 4), - "MemberInside ok 2"); - TEST_EQ(vb2_verify_member_inside(p, 20, p-4, 4, 8, 4), - VB2_ERROR_INSIDE_MEMBER_OUTSIDE, - "MemberInside member before parent"); - TEST_EQ(vb2_verify_member_inside(p, 20, p+20, 4, 8, 4), - VB2_ERROR_INSIDE_MEMBER_OUTSIDE, - "MemberInside member after parent"); - TEST_EQ(vb2_verify_member_inside(p, 20, p, 21, 0, 0), - VB2_ERROR_INSIDE_MEMBER_OUTSIDE, - "MemberInside member too big"); - TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 21, 0), - VB2_ERROR_INSIDE_DATA_OUTSIDE, - "MemberInside data after parent"); - TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, SIZE_MAX, 0), - VB2_ERROR_INSIDE_DATA_OUTSIDE, - "MemberInside data before parent"); - TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, 17), - VB2_ERROR_INSIDE_DATA_OUTSIDE, - "MemberInside data too big"); - TEST_EQ(vb2_verify_member_inside(p, 20, p, 8, 4, 8), - VB2_ERROR_INSIDE_DATA_OVERLAP, - "MemberInside data overlaps member"); - TEST_EQ(vb2_verify_member_inside(p, -8, p, 12, 0, 0), - VB2_ERROR_INSIDE_PARENT_WRAPS, - "MemberInside wraparound 1"); - TEST_EQ(vb2_verify_member_inside(p, 20, p, -8, 0, 0), - VB2_ERROR_INSIDE_MEMBER_WRAPS, - "MemberInside wraparound 2"); - TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, -12), - VB2_ERROR_INSIDE_DATA_WRAPS, - "MemberInside wraparound 3"); - } - - { - struct vb2_packed_key k = {.key_offset = sizeof(k), - .key_size = 128}; - TEST_SUCC(vb2_verify_packed_key_inside(&k, sizeof(k)+128, &k), - "PublicKeyInside ok 1"); - TEST_SUCC(vb2_verify_packed_key_inside(&k - 1, - 2*sizeof(k)+128, &k), - "PublicKeyInside ok 2"); - TEST_EQ(vb2_verify_packed_key_inside(&k, 128, &k), - VB2_ERROR_INSIDE_DATA_OUTSIDE, - "PublicKeyInside key too big"); - } - - { - struct vb2_packed_key k = {.key_offset = 100, - .key_size = 4}; - TEST_EQ(vb2_verify_packed_key_inside(&k, 99, &k), - VB2_ERROR_INSIDE_DATA_OUTSIDE, - "PublicKeyInside offset too big"); - } - - { - struct vb2_signature s = {.sig_offset = sizeof(s), - .sig_size = 128}; - TEST_SUCC(vb2_verify_signature_inside(&s, sizeof(s)+128, &s), - "SignatureInside ok 1"); - TEST_SUCC(vb2_verify_signature_inside(&s - 1, - 2*sizeof(s)+128, &s), - "SignatureInside ok 2"); - TEST_EQ(vb2_verify_signature_inside(&s, 128, &s), - VB2_ERROR_INSIDE_DATA_OUTSIDE, - "SignatureInside sig too big"); - } - - { - struct vb2_signature s = {.sig_offset = 100, - .sig_size = 4}; - TEST_EQ(vb2_verify_signature_inside(&s, 99, &s), - VB2_ERROR_INSIDE_DATA_OUTSIDE, - "SignatureInside offset too big"); - } -} - int main(int argc, char* argv[]) { test_memcmp(); test_align(); test_workbuf(); - test_struct_packing(); - test_helper_functions(); return gTestSuccess ? 0 : 255; } diff --git a/tests/vb2_rsa_tests.sh b/tests/vb2_rsa_tests.sh index ff570d01..903d38da 100755 --- a/tests/vb2_rsa_tests.sh +++ b/tests/vb2_rsa_tests.sh @@ -33,7 +33,7 @@ function test_signatures { done done echo -e "Peforming ${COL_YELLOW}PKCS #1 v1.5 Padding Tests${COL_STOP}..." - ${TEST_DIR}/vb2_rsa_padding_tests ${TESTKEY_DIR}/rsa_padding_test_pubkey.keyb + ${TEST_DIR}/vb20_rsa_padding_tests ${TESTKEY_DIR}/rsa_padding_test_pubkey.keyb } check_test_keys |