vboot2: Move old struct handling to lib20/

This is part 4 of a series of changes to rearrange the vboot2 library
so that it's possible to start using the new-style data structs.  This
change moves knowledge of the old vboot1 data structs into lib20; 2lib
now contains only code which is common to both vboot2.x libraries
(that is, code which is data structure version agnostic).

No functional changes; just rearranging code and tests.

BUG=chromium:423882
BRANCH=none
TEST=make runtests && VBOOT2=1 make runtests (works with/withoug VBOOT2 flag)
     And compile firmware for veyron_pinky
CQ-DEPEND=CL:233051

Change-Id: I8f9e67157575e5be14952ef4809c3dfafd92596d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/233021
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

11 files changed, 562 insertions, 451 deletions

diff --git a/tests/vb20_api_tests.c b/tests/vb20_api_tests.c
new file mode 100644
index 00000000..a7be957f
--- /dev/null
+++ b/tests/vb20_api_tests.c
@@ -0,0 +1,346 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Tests for misc library
+ */
+
+#include <stdio.h>
+
+#include "2sysincludes.h"
+#include "2api.h"
+#include "2misc.h"
+#include "2nvstorage.h"
+#include "2rsa.h"
+#include "2secdata.h"
+#include "vb2_common.h"
+#include "test_common.h"
+
+/* Common context for tests */
+static uint8_t workbuf[VB2_WORKBUF_RECOMMENDED_SIZE]
+	__attribute__ ((aligned (16)));
+static struct vb2_context cc;
+static struct vb2_shared_data *sd;
+
+const char mock_body[320] = "Mock body";
+const int mock_body_size = sizeof(mock_body);
+const int mock_algorithm = VB2_ALG_RSA2048_SHA256;
+const int mock_hash_alg = VB2_HASH_SHA256;
+const int mock_sig_size = 64;
+
+/* Mocked function data */
+
+static int retval_vb2_load_fw_keyblock;
+static int retval_vb2_load_fw_preamble;
+static int retval_vb2_digest_finalize;
+static int retval_vb2_verify_digest;
+
+/* Type of test to reset for */
+enum reset_type {
+	FOR_MISC,
+	FOR_EXTEND_HASH,
+	FOR_CHECK_HASH,
+};
+
+static void reset_common_data(enum reset_type t)
+{
+	struct vb2_fw_preamble *pre;
+	struct vb2_packed_key *k;
+
+	memset(workbuf, 0xaa, sizeof(workbuf));
+
+	memset(&cc, 0, sizeof(cc));
+	cc.workbuf = workbuf;
+	cc.workbuf_size = sizeof(workbuf);
+
+	vb2_init_context(&cc);
+	sd = vb2_get_sd(&cc);
+
+	vb2_nv_init(&cc);
+
+	vb2_secdata_create(&cc);
+	vb2_secdata_init(&cc);
+
+	retval_vb2_load_fw_keyblock = VB2_SUCCESS;
+	retval_vb2_load_fw_preamble = VB2_SUCCESS;
+	retval_vb2_digest_finalize = VB2_SUCCESS;
+	retval_vb2_verify_digest = VB2_SUCCESS;
+
+	sd->workbuf_preamble_offset = cc.workbuf_used;
+	sd->workbuf_preamble_size = sizeof(*pre);
+	cc.workbuf_used = sd->workbuf_preamble_offset
+		+ sd->workbuf_preamble_size;
+	pre = (struct vb2_fw_preamble *)
+		(cc.workbuf + sd->workbuf_preamble_offset);
+	pre->body_signature.data_size = mock_body_size;
+	pre->body_signature.sig_size = mock_sig_size;
+
+	sd->workbuf_data_key_offset = cc.workbuf_used;
+	sd->workbuf_data_key_size = sizeof(*k) + 8;
+	cc.workbuf_used = sd->workbuf_data_key_offset +
+		sd->workbuf_data_key_size;
+	k = (struct vb2_packed_key *)
+		(cc.workbuf + sd->workbuf_data_key_offset);
+	k->algorithm = mock_algorithm;
+
+	if (t == FOR_EXTEND_HASH || t == FOR_CHECK_HASH)
+		vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL);
+
+	if (t == FOR_CHECK_HASH)
+		vb2api_extend_hash(&cc, mock_body, mock_body_size);
+};
+
+/* Mocked functions */
+
+int vb2_load_fw_keyblock(struct vb2_context *ctx)
+{
+	return retval_vb2_load_fw_keyblock;
+}
+
+int vb2_load_fw_preamble(struct vb2_context *ctx)
+{
+	return retval_vb2_load_fw_preamble;
+}
+
+int vb2_unpack_key(struct vb2_public_key *key,
+		   const uint8_t *buf,
+		   uint32_t size)
+{
+	struct vb2_packed_key *k = (struct vb2_packed_key *)buf;
+
+	if (size != sizeof(*k) + 8)
+		return VB2_ERROR_UNPACK_KEY_SIZE;
+
+	key->sig_alg = vb2_crypto_to_signature(k->algorithm);
+	key->hash_alg = vb2_crypto_to_hash(k->algorithm);
+
+	return VB2_SUCCESS;
+}
+
+int vb2_digest_init(struct vb2_digest_context *dc,
+		    enum vb2_hash_algorithm hash_alg)
+{
+	if (hash_alg != mock_hash_alg)
+		return VB2_ERROR_SHA_INIT_ALGORITHM;
+
+	dc->hash_alg = hash_alg;
+
+	return VB2_SUCCESS;
+}
+
+int vb2_digest_extend(struct vb2_digest_context *dc,
+		      const uint8_t *buf,
+		      uint32_t size)
+{
+	if (dc->hash_alg != mock_hash_alg)
+		return VB2_ERROR_SHA_EXTEND_ALGORITHM;
+
+	return VB2_SUCCESS;
+}
+
+int vb2_digest_finalize(struct vb2_digest_context *dc,
+			uint8_t *digest,
+			uint32_t digest_size)
+{
+	return retval_vb2_digest_finalize;
+}
+
+uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg)
+{
+	return mock_sig_size;
+}
+
+int vb2_rsa_verify_digest(const struct vb2_public_key *key,
+			  uint8_t *sig,
+			  const uint8_t *digest,
+			  const struct vb2_workbuf *wb)
+{
+	return retval_vb2_verify_digest;
+}
+
+/* Tests */
+
+static void phase3_tests(void)
+{
+	reset_common_data(FOR_MISC);
+	TEST_SUCC(vb2api_fw_phase3(&cc), "phase3 good");
+
+	reset_common_data(FOR_MISC);
+	retval_vb2_load_fw_keyblock = VB2_ERROR_MOCK;
+	TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock");
+	TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST),
+		VB2_RECOVERY_RO_INVALID_RW, "  recovery reason");
+
+	reset_common_data(FOR_MISC);
+	retval_vb2_load_fw_preamble = VB2_ERROR_MOCK;
+	TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock");
+	TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST),
+		VB2_RECOVERY_RO_INVALID_RW, "  recovery reason");
+}
+
+static void init_hash_tests(void)
+{
+	struct vb2_packed_key *k;
+	int wb_used_before;
+	uint32_t size;
+
+	/* For now, all we support is body signature hash */
+	reset_common_data(FOR_MISC);
+	wb_used_before = cc.workbuf_used;
+	TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
+		  "init hash good");
+	TEST_EQ(sd->workbuf_hash_offset,
+		(wb_used_before + (VB2_WORKBUF_ALIGN - 1)) &
+		~(VB2_WORKBUF_ALIGN - 1),
+		"hash context offset");
+	TEST_EQ(sd->workbuf_hash_size, sizeof(struct vb2_digest_context),
+		"hash context size");
+	TEST_EQ(cc.workbuf_used,
+		sd->workbuf_hash_offset + sd->workbuf_hash_size,
+		"hash uses workbuf");
+	TEST_EQ(sd->hash_tag, VB2_HASH_TAG_FW_BODY, "hash tag");
+	TEST_EQ(sd->hash_remaining_size, mock_body_size, "hash remaining");
+
+	wb_used_before = cc.workbuf_used;
+	TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL),
+		  "init hash again");
+	TEST_EQ(cc.workbuf_used, wb_used_before, "init hash reuses context");
+
+	reset_common_data(FOR_MISC);
+	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_INVALID, &size),
+		VB2_ERROR_API_INIT_HASH_TAG, "init hash invalid tag");
+
+	reset_common_data(FOR_MISC);
+	sd->workbuf_preamble_size = 0;
+	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
+		VB2_ERROR_API_INIT_HASH_PREAMBLE, "init hash preamble");
+
+	reset_common_data(FOR_MISC);
+	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY + 1, &size),
+		VB2_ERROR_API_INIT_HASH_TAG, "init hash unknown tag");
+
+	reset_common_data(FOR_MISC);
+	cc.workbuf_used =
+		cc.workbuf_size - sizeof(struct vb2_digest_context) + 8;
+	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
+		VB2_ERROR_API_INIT_HASH_WORKBUF, "init hash workbuf");
+
+	reset_common_data(FOR_MISC);
+	sd->workbuf_data_key_size = 0;
+	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
+		VB2_ERROR_API_INIT_HASH_DATA_KEY, "init hash data key");
+
+	reset_common_data(FOR_MISC);
+	sd->workbuf_data_key_size--;
+	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
+		VB2_ERROR_UNPACK_KEY_SIZE, "init hash data key size");
+
+	reset_common_data(FOR_MISC);
+	k = (struct vb2_packed_key *)(cc.workbuf + sd->workbuf_data_key_offset);
+	k->algorithm--;
+	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
+		VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm");
+}
+
+static void extend_hash_tests(void)
+{
+	struct vb2_digest_context *dc;
+
+	reset_common_data(FOR_EXTEND_HASH);
+	TEST_SUCC(vb2api_extend_hash(&cc, mock_body, 32),
+		"hash extend good");
+	TEST_EQ(sd->hash_remaining_size, mock_body_size - 32,
+		"hash extend remaining");
+	TEST_SUCC(vb2api_extend_hash(&cc, mock_body, mock_body_size - 32),
+		"hash extend again");
+	TEST_EQ(sd->hash_remaining_size, 0, "hash extend remaining 2");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	sd->workbuf_hash_size = 0;
+	TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size),
+		VB2_ERROR_API_EXTEND_HASH_WORKBUF, "hash extend no workbuf");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size + 1),
+		VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend too much");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	TEST_EQ(vb2api_extend_hash(&cc, mock_body, 0),
+		VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend empty");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	dc = (struct vb2_digest_context *)
+		(cc.workbuf + sd->workbuf_hash_offset);
+	dc->hash_alg = mock_hash_alg + 1;
+	TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size),
+		VB2_ERROR_SHA_EXTEND_ALGORITHM, "hash extend fail");
+}
+
+static void check_hash_tests(void)
+{
+	struct vb2_fw_preamble *pre;
+
+	reset_common_data(FOR_CHECK_HASH);
+	TEST_SUCC(vb2api_check_hash(&cc), "check hash good");
+
+	reset_common_data(FOR_CHECK_HASH);
+	sd->workbuf_preamble_size = 0;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_API_CHECK_HASH_PREAMBLE, "check hash preamble");
+
+	reset_common_data(FOR_CHECK_HASH);
+	sd->workbuf_hash_size = 0;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_API_CHECK_HASH_WORKBUF, "check hash no workbuf");
+
+	reset_common_data(FOR_CHECK_HASH);
+	sd->hash_remaining_size = 1;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_API_CHECK_HASH_SIZE, "check hash size");
+
+	reset_common_data(FOR_CHECK_HASH);
+	cc.workbuf_used = cc.workbuf_size;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST, "check hash workbuf");
+
+	reset_common_data(FOR_CHECK_HASH);
+	retval_vb2_digest_finalize = VB2_ERROR_MOCK;
+	TEST_EQ(vb2api_check_hash(&cc),	VB2_ERROR_MOCK, "check hash finalize");
+
+	reset_common_data(FOR_CHECK_HASH);
+	sd->hash_tag = VB2_HASH_TAG_INVALID;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_API_CHECK_HASH_TAG, "check hash tag");
+
+	reset_common_data(FOR_CHECK_HASH);
+	sd->workbuf_data_key_size = 0;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_API_CHECK_HASH_DATA_KEY, "check hash data key");
+
+	reset_common_data(FOR_CHECK_HASH);
+	sd->workbuf_data_key_size--;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_UNPACK_KEY_SIZE, "check hash data key size");
+
+	reset_common_data(FOR_CHECK_HASH);
+	pre = (struct vb2_fw_preamble *)
+		(cc.workbuf + sd->workbuf_preamble_offset);
+	pre->body_signature.sig_size++;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_VDATA_SIG_SIZE, "check hash sig size");
+
+	reset_common_data(FOR_CHECK_HASH);
+	retval_vb2_digest_finalize = VB2_ERROR_RSA_VERIFY_DIGEST;
+	TEST_EQ(vb2api_check_hash(&cc),
+		VB2_ERROR_RSA_VERIFY_DIGEST, "check hash finalize");
+}
+
+int main(int argc, char* argv[])
+{
+	phase3_tests();
+	init_hash_tests();
+	extend_hash_tests();
+	check_hash_tests();
+
+	return gTestSuccess ? 0 : 255;
+}
diff --git a/tests/vb2_common2_tests.c b/tests/vb20_common2_tests.c
index ec9ef183..75e05249 100644
--- a/tests/vb2_common2_tests.c
+++ b/tests/vb20_common2_tests.c
@@ -10,10 +10,10 @@
 #include <string.h>
 
 #include "2sysincludes.h"
-#include "2common.h"
 #include "2rsa.h"
 #include "file_keys.h"
 #include "host_common.h"
+#include "vb2_common.h"
 #include "vboot_common.h"
 #include "test_common.h"
 
diff --git a/tests/vb2_common3_tests.c b/tests/vb20_common3_tests.c
index 61484fb5..365c7700 100644
--- a/tests/vb2_common3_tests.c
+++ b/tests/vb20_common3_tests.c
@@ -8,7 +8,6 @@
 #include <stdio.h>
 
 #include "2sysincludes.h"
-#include "2common.h"
 #include "2rsa.h"
 
 #include "file_keys.h"
@@ -16,6 +15,7 @@
 #include "host_key.h"
 #include "host_keyblock.h"
 #include "host_signature.h"
+#include "vb2_common.h"
 #include "vboot_common.h"
 #include "test_common.h"
 
diff --git a/tests/vb20_common_tests.c b/tests/vb20_common_tests.c
new file mode 100644
index 00000000..4f4d6813
--- /dev/null
+++ b/tests/vb20_common_tests.c
@@ -0,0 +1,174 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Tests for firmware 2common.c
+ */
+
+#include "2sysincludes.h"
+#include "vb2_common.h"
+#include "vboot_struct.h"  /* For old struct sizes */
+#include "test_common.h"
+
+/*
+ * Test struct packing for vboot_struct.h structs which are passed between
+ * firmware and OS, or passed between different phases of firmware.
+ */
+static void test_struct_packing(void)
+{
+	/* Test vboot2 versions of vboot1 structs */
+	TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
+		sizeof(struct vb2_packed_key),
+		"sizeof(vb2_packed_key)");
+	TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE,
+		sizeof(struct vb2_signature),
+		"sizeof(vb2_signature)");
+	TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE,
+		sizeof(struct vb2_keyblock),
+		"sizeof(vb2_keyblock)");
+	TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE,
+		sizeof(struct vb2_fw_preamble),
+		"sizeof(vb2_fw_preamble)");
+	TEST_EQ(EXPECTED_VB2_GBB_HEADER_SIZE,
+		sizeof(struct vb2_gbb_header),
+		"sizeof(vb2_gbb_header)");
+
+	/* And make sure they're the same as their vboot1 equivalents */
+	TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
+		EXPECTED_VBPUBLICKEY_SIZE,
+		"vboot1->2 packed key sizes same");
+	TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE,
+		EXPECTED_VBSIGNATURE_SIZE,
+		"vboot1->2 signature sizes same");
+	TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE,
+		EXPECTED_VBKEYBLOCKHEADER_SIZE,
+		"vboot1->2 keyblock sizes same");
+	TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE,
+		EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE,
+		"vboot1->2 firmware preamble sizes same");
+}
+
+/**
+ * Helper functions not dependent on specific key sizes
+ */
+static void test_helper_functions(void)
+{
+	{
+		uint8_t *p = (uint8_t *)test_helper_functions;
+		TEST_EQ((int)vb2_offset_of(p, p), 0, "vb2_offset_of() equal");
+		TEST_EQ((int)vb2_offset_of(p, p+10), 10,
+			"vb2_offset_of() positive");
+	}
+
+	{
+		struct vb2_packed_key k = {.key_offset = sizeof(k)};
+		TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)),
+			sizeof(k), "vb2_packed_key_data() adjacent");
+	}
+
+	{
+		struct vb2_packed_key k = {.key_offset = 123};
+		TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)), 123,
+			"vb2_packed_key_data() spaced");
+	}
+
+	{
+		struct vb2_signature s = {.sig_offset = sizeof(s)};
+		TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)),
+			sizeof(s), "vb2_signature_data() adjacent");
+	}
+
+	{
+		struct vb2_signature s = {.sig_offset = 123};
+		TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)), 123,
+			"vb2_signature_data() spaced");
+	}
+
+	{
+		uint8_t *p = (uint8_t *)test_helper_functions;
+		TEST_SUCC(vb2_verify_member_inside(p, 20, p, 6, 11, 3),
+			  "MemberInside ok 1");
+		TEST_SUCC(vb2_verify_member_inside(p, 20, p+4, 4, 8, 4),
+			  "MemberInside ok 2");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p-4, 4, 8, 4),
+			VB2_ERROR_INSIDE_MEMBER_OUTSIDE,
+			"MemberInside member before parent");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p+20, 4, 8, 4),
+			VB2_ERROR_INSIDE_MEMBER_OUTSIDE,
+			"MemberInside member after parent");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p, 21, 0, 0),
+			VB2_ERROR_INSIDE_MEMBER_OUTSIDE,
+			"MemberInside member too big");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 21, 0),
+			VB2_ERROR_INSIDE_DATA_OUTSIDE,
+			"MemberInside data after parent");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, SIZE_MAX, 0),
+			VB2_ERROR_INSIDE_DATA_OUTSIDE,
+			"MemberInside data before parent");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, 17),
+			VB2_ERROR_INSIDE_DATA_OUTSIDE,
+			"MemberInside data too big");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p, 8, 4, 8),
+			VB2_ERROR_INSIDE_DATA_OVERLAP,
+			"MemberInside data overlaps member");
+		TEST_EQ(vb2_verify_member_inside(p, -8, p, 12, 0, 0),
+			VB2_ERROR_INSIDE_PARENT_WRAPS,
+			"MemberInside wraparound 1");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p, -8, 0, 0),
+			VB2_ERROR_INSIDE_MEMBER_WRAPS,
+			"MemberInside wraparound 2");
+		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, -12),
+			VB2_ERROR_INSIDE_DATA_WRAPS,
+			"MemberInside wraparound 3");
+	}
+
+	{
+		struct vb2_packed_key k = {.key_offset = sizeof(k),
+					   .key_size = 128};
+		TEST_SUCC(vb2_verify_packed_key_inside(&k, sizeof(k)+128, &k),
+			  "PublicKeyInside ok 1");
+		TEST_SUCC(vb2_verify_packed_key_inside(&k - 1,
+						       2*sizeof(k)+128, &k),
+			  "PublicKeyInside ok 2");
+		TEST_EQ(vb2_verify_packed_key_inside(&k, 128, &k),
+			VB2_ERROR_INSIDE_DATA_OUTSIDE,
+			"PublicKeyInside key too big");
+	}
+
+	{
+		struct vb2_packed_key k = {.key_offset = 100,
+					   .key_size = 4};
+		TEST_EQ(vb2_verify_packed_key_inside(&k, 99, &k),
+			VB2_ERROR_INSIDE_DATA_OUTSIDE,
+			"PublicKeyInside offset too big");
+	}
+
+	{
+		struct vb2_signature s = {.sig_offset = sizeof(s),
+					  .sig_size = 128};
+		TEST_SUCC(vb2_verify_signature_inside(&s, sizeof(s)+128, &s),
+			"SignatureInside ok 1");
+		TEST_SUCC(vb2_verify_signature_inside(&s - 1,
+						      2*sizeof(s)+128, &s),
+			  "SignatureInside ok 2");
+		TEST_EQ(vb2_verify_signature_inside(&s, 128, &s),
+			VB2_ERROR_INSIDE_DATA_OUTSIDE,
+			"SignatureInside sig too big");
+	}
+
+	{
+		struct vb2_signature s = {.sig_offset = 100,
+					  .sig_size = 4};
+		TEST_EQ(vb2_verify_signature_inside(&s, 99, &s),
+			VB2_ERROR_INSIDE_DATA_OUTSIDE,
+			"SignatureInside offset too big");
+	}
+}
+
+int main(int argc, char* argv[])
+{
+	test_struct_packing();
+	test_helper_functions();
+
+	return gTestSuccess ? 0 : 255;
+}
diff --git a/tests/vb2_misc2_tests.c b/tests/vb20_misc_tests.c
index 796d8e6a..aa602ac9 100644
--- a/tests/vb2_misc2_tests.c
+++ b/tests/vb20_misc_tests.c
@@ -13,7 +13,7 @@
 #include "2misc.h"
 #include "2nvstorage.h"
 #include "2secdata.h"
-
+#include "vb2_common.h"
 #include "test_common.h"
 
 /* Common context for tests */
diff --git a/tests/vb2_rsa_padding_tests.c b/tests/vb20_rsa_padding_tests.c
index 8c9e80b6..e9789e90 100644
--- a/tests/vb2_rsa_padding_tests.c
+++ b/tests/vb20_rsa_padding_tests.c
@@ -14,8 +14,8 @@
 #include "utility.h"
 
 #include "2sysincludes.h"
-#include "2common.h"
 #include "2rsa.h"
+#include "vb2_common.h"
 
 /**
  * Convert an old-style RSA public key struct to a new one.
diff --git a/tests/vb21_api_tests.c b/tests/vb21_api_tests.c
index 052d89b6..52ca0d9e 100644
--- a/tests/vb21_api_tests.c
+++ b/tests/vb21_api_tests.c
@@ -30,7 +30,6 @@ static struct vb2_shared_data *sd;
 
 static const uint8_t mock_body[320] = "Mock body";
 static const int mock_body_size = sizeof(mock_body);
-static const int mock_algorithm = VB2_ALG_RSA2048_SHA256;
 static const int mock_hash_alg = VB2_HASH_SHA256;
 static int mock_sig_size;
 
@@ -198,6 +197,40 @@ static void init_hash_tests(void)
 		VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm");
 }
 
+static void extend_hash_tests(void)
+{
+	struct vb2_digest_context *dc;
+
+	reset_common_data(FOR_EXTEND_HASH);
+	TEST_SUCC(vb2api_extend_hash(&ctx, mock_body, 32),
+		"hash extend good");
+	TEST_EQ(sd->hash_remaining_size, mock_body_size - 32,
+		"hash extend remaining");
+	TEST_SUCC(vb2api_extend_hash(&ctx, mock_body, mock_body_size - 32),
+		"hash extend again");
+	TEST_EQ(sd->hash_remaining_size, 0, "hash extend remaining 2");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	sd->workbuf_hash_size = 0;
+	TEST_EQ(vb2api_extend_hash(&ctx, mock_body, mock_body_size),
+		VB2_ERROR_API_EXTEND_HASH_WORKBUF, "hash extend no workbuf");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	TEST_EQ(vb2api_extend_hash(&ctx, mock_body, mock_body_size + 1),
+		VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend too much");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	TEST_EQ(vb2api_extend_hash(&ctx, mock_body, 0),
+		VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend empty");
+
+	reset_common_data(FOR_EXTEND_HASH);
+	dc = (struct vb2_digest_context *)
+		(ctx.workbuf + sd->workbuf_hash_offset);
+	dc->hash_alg = VB2_HASH_INVALID;
+	TEST_EQ(vb2api_extend_hash(&ctx, mock_body, mock_body_size),
+		VB2_ERROR_SHA_EXTEND_ALGORITHM, "hash extend fail");
+}
+
 static void check_hash_tests(void)
 {
 	struct vb2_fw_preamble2 *pre;
@@ -249,6 +282,7 @@ int main(int argc, char* argv[])
 {
 	phase3_tests();
 	init_hash_tests();
+	extend_hash_tests();
 	check_hash_tests();
 
 	return gTestSuccess ? 0 : 255;
diff --git a/tests/vb21_misc_tests.c b/tests/vb21_misc_tests.c
index 9f6489fc..03b8e4fb 100644
--- a/tests/vb21_misc_tests.c
+++ b/tests/vb21_misc_tests.c
@@ -245,7 +245,7 @@ static void load_keyblock_tests(void)
 
 	reset_common_data(FOR_KEYBLOCK);
 	ctx.workbuf_used = ctx.workbuf_size - sd->gbb_rootkey_size
-		- sizeof(struct vb2_keyblock);
+		- sizeof(struct vb2_keyblock2);
 	TEST_EQ(vb2_load_fw_keyblock2(&ctx),
 		VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
 		"keyblock not enough workbuf for entire keyblock");
@@ -310,7 +310,7 @@ static void load_preamble_tests(void)
 
 	reset_common_data(FOR_PREAMBLE);
 	ctx.workbuf_used = ctx.workbuf_size
-		- sizeof(struct vb2_fw_preamble) + 8;
+		- sizeof(struct vb2_fw_preamble2) + 8;
 	TEST_EQ(vb2_load_fw_preamble2(&ctx),
 		VB2_ERROR_READ_RESOURCE_OBJECT_BUF,
 		"preamble not enough workbuf for header");
diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c
index a7893012..ddbd8164 100644
--- a/tests/vb2_api_tests.c
+++ b/tests/vb2_api_tests.c
@@ -14,7 +14,6 @@
 #include "2nvstorage.h"
 #include "2rsa.h"
 #include "2secdata.h"
-
 #include "test_common.h"
 
 /* Common context for tests */
@@ -27,7 +26,6 @@ const char mock_body[320] = "Mock body";
 const int mock_body_size = sizeof(mock_body);
 const int mock_algorithm = VB2_ALG_RSA2048_SHA256;
 const int mock_hash_alg = VB2_HASH_SHA256;
-const int mock_sig_size = 64;
 
 /* Mocked function data */
 
@@ -35,23 +33,14 @@ static int retval_vb2_fw_parse_gbb;
 static int retval_vb2_check_dev_switch;
 static int retval_vb2_check_tpm_clear;
 static int retval_vb2_select_fw_slot;
-static int retval_vb2_load_fw_keyblock;
-static int retval_vb2_load_fw_preamble;
-static int retval_vb2_digest_finalize;
-static int retval_vb2_verify_digest;
 
 /* Type of test to reset for */
 enum reset_type {
 	FOR_MISC,
-	FOR_EXTEND_HASH,
-	FOR_CHECK_HASH,
 };
 
 static void reset_common_data(enum reset_type t)
 {
-	struct vb2_fw_preamble *pre;
-	struct vb2_packed_key *k;
-
 	memset(workbuf, 0xaa, sizeof(workbuf));
 
 	memset(&cc, 0, sizeof(cc));
@@ -70,33 +59,6 @@ static void reset_common_data(enum reset_type t)
 	retval_vb2_check_dev_switch = VB2_SUCCESS;
 	retval_vb2_check_tpm_clear = VB2_SUCCESS;
 	retval_vb2_select_fw_slot = VB2_SUCCESS;
-	retval_vb2_load_fw_keyblock = VB2_SUCCESS;
-	retval_vb2_load_fw_preamble = VB2_SUCCESS;
-	retval_vb2_digest_finalize = VB2_SUCCESS;
-	retval_vb2_verify_digest = VB2_SUCCESS;
-
-	sd->workbuf_preamble_offset = cc.workbuf_used;
-	sd->workbuf_preamble_size = sizeof(*pre);
-	cc.workbuf_used = sd->workbuf_preamble_offset
-		+ sd->workbuf_preamble_size;
-	pre = (struct vb2_fw_preamble *)
-		(cc.workbuf + sd->workbuf_preamble_offset);
-	pre->body_signature.data_size = mock_body_size;
-	pre->body_signature.sig_size = mock_sig_size;
-
-	sd->workbuf_data_key_offset = cc.workbuf_used;
-	sd->workbuf_data_key_size = sizeof(*k) + 8;
-	cc.workbuf_used = sd->workbuf_data_key_offset +
-		sd->workbuf_data_key_size;
-	k = (struct vb2_packed_key *)
-		(cc.workbuf + sd->workbuf_data_key_offset);
-	k->algorithm = mock_algorithm;
-
-	if (t == FOR_EXTEND_HASH || t == FOR_CHECK_HASH)
-		vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL);
-
-	if (t == FOR_CHECK_HASH)
-		vb2api_extend_hash(&cc, mock_body, mock_body_size);
 };
 
 /* Mocked functions */
@@ -121,72 +83,6 @@ int vb2_select_fw_slot(struct vb2_context *ctx)
 	return retval_vb2_select_fw_slot;
 }
 
-int vb2_load_fw_keyblock(struct vb2_context *ctx)
-{
-	return retval_vb2_load_fw_keyblock;
-}
-
-int vb2_load_fw_preamble(struct vb2_context *ctx)
-{
-	return retval_vb2_load_fw_preamble;
-}
-
-int vb2_unpack_key(struct vb2_public_key *key,
-		   const uint8_t *buf,
-		   uint32_t size)
-{
-	struct vb2_packed_key *k = (struct vb2_packed_key *)buf;
-
-	if (size != sizeof(*k) + 8)
-		return VB2_ERROR_UNPACK_KEY_SIZE;
-
-	key->sig_alg = vb2_crypto_to_signature(k->algorithm);
-	key->hash_alg = vb2_crypto_to_hash(k->algorithm);
-
-	return VB2_SUCCESS;
-}
-
-int vb2_digest_init(struct vb2_digest_context *dc,
-		    enum vb2_hash_algorithm hash_alg)
-{
-	if (hash_alg != mock_hash_alg)
-		return VB2_ERROR_SHA_INIT_ALGORITHM;
-
-	dc->hash_alg = hash_alg;
-
-	return VB2_SUCCESS;
-}
-
-int vb2_digest_extend(struct vb2_digest_context *dc,
-		      const uint8_t *buf,
-		      uint32_t size)
-{
-	if (dc->hash_alg != mock_hash_alg)
-		return VB2_ERROR_SHA_EXTEND_ALGORITHM;
-
-	return VB2_SUCCESS;
-}
-
-int vb2_digest_finalize(struct vb2_digest_context *dc,
-			uint8_t *digest,
-			uint32_t digest_size)
-{
-	return retval_vb2_digest_finalize;
-}
-
-uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg)
-{
-	return mock_sig_size;
-}
-
-int vb2_rsa_verify_digest(const struct vb2_public_key *key,
-			  uint8_t *sig,
-			  const uint8_t *digest,
-			  const struct vb2_workbuf *wb)
-{
-	return retval_vb2_verify_digest;
-}
-
 /* Tests */
 
 static void misc_tests(void)
@@ -270,190 +166,11 @@ static void phase2_tests(void)
 		VB2_RECOVERY_FW_SLOT, "  recovery reason");
 }
 
-static void phase3_tests(void)
-{
-	reset_common_data(FOR_MISC);
-	TEST_SUCC(vb2api_fw_phase3(&cc), "phase3 good");
-
-	reset_common_data(FOR_MISC);
-	retval_vb2_load_fw_keyblock = VB2_ERROR_MOCK;
-	TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock");
-	TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST),
-		VB2_RECOVERY_RO_INVALID_RW, "  recovery reason");
-
-	reset_common_data(FOR_MISC);
-	retval_vb2_load_fw_preamble = VB2_ERROR_MOCK;
-	TEST_EQ(vb2api_fw_phase3(&cc), VB2_ERROR_MOCK, "phase3 keyblock");
-	TEST_EQ(vb2_nv_get(&cc, VB2_NV_RECOVERY_REQUEST),
-		VB2_RECOVERY_RO_INVALID_RW, "  recovery reason");
-}
-
-static void init_hash_tests(void)
-{
-	struct vb2_packed_key *k;
-	int wb_used_before;
-	uint32_t size;
-
-	/* For now, all we support is body signature hash */
-	reset_common_data(FOR_MISC);
-	wb_used_before = cc.workbuf_used;
-	TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
-		  "init hash good");
-	TEST_EQ(sd->workbuf_hash_offset,
-		(wb_used_before + (VB2_WORKBUF_ALIGN - 1)) &
-		~(VB2_WORKBUF_ALIGN - 1),
-		"hash context offset");
-	TEST_EQ(sd->workbuf_hash_size, sizeof(struct vb2_digest_context),
-		"hash context size");
-	TEST_EQ(cc.workbuf_used,
-		sd->workbuf_hash_offset + sd->workbuf_hash_size,
-		"hash uses workbuf");
-	TEST_EQ(sd->hash_tag, VB2_HASH_TAG_FW_BODY, "hash tag");
-	TEST_EQ(sd->hash_remaining_size, mock_body_size, "hash remaining");
-
-	wb_used_before = cc.workbuf_used;
-	TEST_SUCC(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, NULL),
-		  "init hash again");
-	TEST_EQ(cc.workbuf_used, wb_used_before, "init hash reuses context");
-
-	reset_common_data(FOR_MISC);
-	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_INVALID, &size),
-		VB2_ERROR_API_INIT_HASH_TAG, "init hash invalid tag");
-
-	reset_common_data(FOR_MISC);
-	sd->workbuf_preamble_size = 0;
-	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
-		VB2_ERROR_API_INIT_HASH_PREAMBLE, "init hash preamble");
-
-	reset_common_data(FOR_MISC);
-	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY + 1, &size),
-		VB2_ERROR_API_INIT_HASH_TAG, "init hash unknown tag");
-
-	reset_common_data(FOR_MISC);
-	cc.workbuf_used =
-		cc.workbuf_size - sizeof(struct vb2_digest_context) + 8;
-	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
-		VB2_ERROR_API_INIT_HASH_WORKBUF, "init hash workbuf");
-
-	reset_common_data(FOR_MISC);
-	sd->workbuf_data_key_size = 0;
-	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
-		VB2_ERROR_API_INIT_HASH_DATA_KEY, "init hash data key");
-
-	reset_common_data(FOR_MISC);
-	sd->workbuf_data_key_size--;
-	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
-		VB2_ERROR_UNPACK_KEY_SIZE, "init hash data key size");
-
-	reset_common_data(FOR_MISC);
-	k = (struct vb2_packed_key *)(cc.workbuf + sd->workbuf_data_key_offset);
-	k->algorithm--;
-	TEST_EQ(vb2api_init_hash(&cc, VB2_HASH_TAG_FW_BODY, &size),
-		VB2_ERROR_SHA_INIT_ALGORITHM, "init hash algorithm");
-}
-
-static void extend_hash_tests(void)
-{
-	struct vb2_digest_context *dc;
-
-	reset_common_data(FOR_EXTEND_HASH);
-	TEST_SUCC(vb2api_extend_hash(&cc, mock_body, 32),
-		"hash extend good");
-	TEST_EQ(sd->hash_remaining_size, mock_body_size - 32,
-		"hash extend remaining");
-	TEST_SUCC(vb2api_extend_hash(&cc, mock_body, mock_body_size - 32),
-		"hash extend again");
-	TEST_EQ(sd->hash_remaining_size, 0, "hash extend remaining 2");
-
-	reset_common_data(FOR_EXTEND_HASH);
-	sd->workbuf_hash_size = 0;
-	TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size),
-		VB2_ERROR_API_EXTEND_HASH_WORKBUF, "hash extend no workbuf");
-
-	reset_common_data(FOR_EXTEND_HASH);
-	TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size + 1),
-		VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend too much");
-
-	reset_common_data(FOR_EXTEND_HASH);
-	TEST_EQ(vb2api_extend_hash(&cc, mock_body, 0),
-		VB2_ERROR_API_EXTEND_HASH_SIZE, "hash extend empty");
-
-	reset_common_data(FOR_EXTEND_HASH);
-	dc = (struct vb2_digest_context *)
-		(cc.workbuf + sd->workbuf_hash_offset);
-	dc->hash_alg = mock_hash_alg + 1;
-	TEST_EQ(vb2api_extend_hash(&cc, mock_body, mock_body_size),
-		VB2_ERROR_SHA_EXTEND_ALGORITHM, "hash extend fail");
-}
-
-static void check_hash_tests(void)
-{
-	struct vb2_fw_preamble *pre;
-
-	reset_common_data(FOR_CHECK_HASH);
-	TEST_SUCC(vb2api_check_hash(&cc), "check hash good");
-
-	reset_common_data(FOR_CHECK_HASH);
-	sd->workbuf_preamble_size = 0;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_API_CHECK_HASH_PREAMBLE, "check hash preamble");
-
-	reset_common_data(FOR_CHECK_HASH);
-	sd->workbuf_hash_size = 0;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_API_CHECK_HASH_WORKBUF, "check hash no workbuf");
-
-	reset_common_data(FOR_CHECK_HASH);
-	sd->hash_remaining_size = 1;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_API_CHECK_HASH_SIZE, "check hash size");
-
-	reset_common_data(FOR_CHECK_HASH);
-	cc.workbuf_used = cc.workbuf_size;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_API_CHECK_HASH_WORKBUF_DIGEST, "check hash workbuf");
-
-	reset_common_data(FOR_CHECK_HASH);
-	retval_vb2_digest_finalize = VB2_ERROR_MOCK;
-	TEST_EQ(vb2api_check_hash(&cc),	VB2_ERROR_MOCK, "check hash finalize");
-
-	reset_common_data(FOR_CHECK_HASH);
-	sd->hash_tag = VB2_HASH_TAG_INVALID;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_API_CHECK_HASH_TAG, "check hash tag");
-
-	reset_common_data(FOR_CHECK_HASH);
-	sd->workbuf_data_key_size = 0;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_API_CHECK_HASH_DATA_KEY, "check hash data key");
-
-	reset_common_data(FOR_CHECK_HASH);
-	sd->workbuf_data_key_size--;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_UNPACK_KEY_SIZE, "check hash data key size");
-
-	reset_common_data(FOR_CHECK_HASH);
-	pre = (struct vb2_fw_preamble *)
-		(cc.workbuf + sd->workbuf_preamble_offset);
-	pre->body_signature.sig_size++;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_VDATA_SIG_SIZE, "check hash sig size");
-
-	reset_common_data(FOR_CHECK_HASH);
-	retval_vb2_digest_finalize = VB2_ERROR_RSA_VERIFY_DIGEST;
-	TEST_EQ(vb2api_check_hash(&cc),
-		VB2_ERROR_RSA_VERIFY_DIGEST, "check hash finalize");
-}
-
 int main(int argc, char* argv[])
 {
 	misc_tests();
 	phase1_tests();
 	phase2_tests();
-	phase3_tests();
-	init_hash_tests();
-	extend_hash_tests();
-	check_hash_tests();
 
 	return gTestSuccess ? 0 : 255;
 }
diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c
index f8502957..4c033fbd 100644
--- a/tests/vb2_common_tests.c
+++ b/tests/vb2_common_tests.c
@@ -7,9 +7,6 @@
 
 #include "2sysincludes.h"
 #include "2common.h"
-#include "2rsa.h"
-#include "vboot_struct.h"  /* For old struct sizes */
-
 #include "test_common.h"
 
 /**
@@ -108,168 +105,11 @@ static void test_workbuf(void)
 	TEST_EQ(wb.size, 8, "  size");
 }
 
-/*
- * Test struct packing for vboot_struct.h structs which are passed between
- * firmware and OS, or passed between different phases of firmware.
- */
-static void test_struct_packing(void)
-{
-	/* Test vboot2 versions of vboot1 structs */
-	TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
-		sizeof(struct vb2_packed_key),
-		"sizeof(vb2_packed_key)");
-	TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE,
-		sizeof(struct vb2_signature),
-		"sizeof(vb2_signature)");
-	TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE,
-		sizeof(struct vb2_keyblock),
-		"sizeof(vb2_keyblock)");
-	TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE,
-		sizeof(struct vb2_fw_preamble),
-		"sizeof(vb2_fw_preamble)");
-	TEST_EQ(EXPECTED_VB2_GBB_HEADER_SIZE,
-		sizeof(struct vb2_gbb_header),
-		"sizeof(vb2_gbb_header)");
-
-	/* And make sure they're the same as their vboot1 equivalents */
-	TEST_EQ(EXPECTED_VB2_PACKED_KEY_SIZE,
-		EXPECTED_VBPUBLICKEY_SIZE,
-		"vboot1->2 packed key sizes same");
-	TEST_EQ(EXPECTED_VB2_SIGNATURE_SIZE,
-		EXPECTED_VBSIGNATURE_SIZE,
-		"vboot1->2 signature sizes same");
-	TEST_EQ(EXPECTED_VB2_KEYBLOCK_SIZE,
-		EXPECTED_VBKEYBLOCKHEADER_SIZE,
-		"vboot1->2 keyblock sizes same");
-	TEST_EQ(EXPECTED_VB2_FW_PREAMBLE_SIZE,
-		EXPECTED_VBFIRMWAREPREAMBLEHEADER2_1_SIZE,
-		"vboot1->2 firmware preamble sizes same");
-}
-
-/**
- * Helper functions not dependent on specific key sizes
- */
-static void test_helper_functions(void)
-{
-	{
-		uint8_t *p = (uint8_t *)test_helper_functions;
-		TEST_EQ((int)vb2_offset_of(p, p), 0, "vb2_offset_of() equal");
-		TEST_EQ((int)vb2_offset_of(p, p+10), 10,
-			"vb2_offset_of() positive");
-	}
-
-	{
-		struct vb2_packed_key k = {.key_offset = sizeof(k)};
-		TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)),
-			sizeof(k), "vb2_packed_key_data() adjacent");
-	}
-
-	{
-		struct vb2_packed_key k = {.key_offset = 123};
-		TEST_EQ((int)vb2_offset_of(&k, vb2_packed_key_data(&k)), 123,
-			"vb2_packed_key_data() spaced");
-	}
-
-	{
-		struct vb2_signature s = {.sig_offset = sizeof(s)};
-		TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)),
-			sizeof(s), "vb2_signature_data() adjacent");
-	}
-
-	{
-		struct vb2_signature s = {.sig_offset = 123};
-		TEST_EQ((int)vb2_offset_of(&s, vb2_signature_data(&s)), 123,
-			"vb2_signature_data() spaced");
-	}
-
-	{
-		uint8_t *p = (uint8_t *)test_helper_functions;
-		TEST_SUCC(vb2_verify_member_inside(p, 20, p, 6, 11, 3),
-			  "MemberInside ok 1");
-		TEST_SUCC(vb2_verify_member_inside(p, 20, p+4, 4, 8, 4),
-			  "MemberInside ok 2");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p-4, 4, 8, 4),
-			VB2_ERROR_INSIDE_MEMBER_OUTSIDE,
-			"MemberInside member before parent");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p+20, 4, 8, 4),
-			VB2_ERROR_INSIDE_MEMBER_OUTSIDE,
-			"MemberInside member after parent");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p, 21, 0, 0),
-			VB2_ERROR_INSIDE_MEMBER_OUTSIDE,
-			"MemberInside member too big");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 21, 0),
-			VB2_ERROR_INSIDE_DATA_OUTSIDE,
-			"MemberInside data after parent");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, SIZE_MAX, 0),
-			VB2_ERROR_INSIDE_DATA_OUTSIDE,
-			"MemberInside data before parent");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, 17),
-			VB2_ERROR_INSIDE_DATA_OUTSIDE,
-			"MemberInside data too big");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p, 8, 4, 8),
-			VB2_ERROR_INSIDE_DATA_OVERLAP,
-			"MemberInside data overlaps member");
-		TEST_EQ(vb2_verify_member_inside(p, -8, p, 12, 0, 0),
-			VB2_ERROR_INSIDE_PARENT_WRAPS,
-			"MemberInside wraparound 1");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p, -8, 0, 0),
-			VB2_ERROR_INSIDE_MEMBER_WRAPS,
-			"MemberInside wraparound 2");
-		TEST_EQ(vb2_verify_member_inside(p, 20, p, 4, 4, -12),
-			VB2_ERROR_INSIDE_DATA_WRAPS,
-			"MemberInside wraparound 3");
-	}
-
-	{
-		struct vb2_packed_key k = {.key_offset = sizeof(k),
-					   .key_size = 128};
-		TEST_SUCC(vb2_verify_packed_key_inside(&k, sizeof(k)+128, &k),
-			  "PublicKeyInside ok 1");
-		TEST_SUCC(vb2_verify_packed_key_inside(&k - 1,
-						       2*sizeof(k)+128, &k),
-			  "PublicKeyInside ok 2");
-		TEST_EQ(vb2_verify_packed_key_inside(&k, 128, &k),
-			VB2_ERROR_INSIDE_DATA_OUTSIDE,
-			"PublicKeyInside key too big");
-	}
-
-	{
-		struct vb2_packed_key k = {.key_offset = 100,
-					   .key_size = 4};
-		TEST_EQ(vb2_verify_packed_key_inside(&k, 99, &k),
-			VB2_ERROR_INSIDE_DATA_OUTSIDE,
-			"PublicKeyInside offset too big");
-	}
-
-	{
-		struct vb2_signature s = {.sig_offset = sizeof(s),
-					  .sig_size = 128};
-		TEST_SUCC(vb2_verify_signature_inside(&s, sizeof(s)+128, &s),
-			"SignatureInside ok 1");
-		TEST_SUCC(vb2_verify_signature_inside(&s - 1,
-						      2*sizeof(s)+128, &s),
-			  "SignatureInside ok 2");
-		TEST_EQ(vb2_verify_signature_inside(&s, 128, &s),
-			VB2_ERROR_INSIDE_DATA_OUTSIDE,
-			"SignatureInside sig too big");
-	}
-
-	{
-		struct vb2_signature s = {.sig_offset = 100,
-					  .sig_size = 4};
-		TEST_EQ(vb2_verify_signature_inside(&s, 99, &s),
-			VB2_ERROR_INSIDE_DATA_OUTSIDE,
-			"SignatureInside offset too big");
-	}
-}
-
 int main(int argc, char* argv[])
 {
 	test_memcmp();
 	test_align();
 	test_workbuf();
-	test_struct_packing();
-	test_helper_functions();
 
 	return gTestSuccess ? 0 : 255;
 }
diff --git a/tests/vb2_rsa_tests.sh b/tests/vb2_rsa_tests.sh
index ff570d01..903d38da 100755
--- a/tests/vb2_rsa_tests.sh
+++ b/tests/vb2_rsa_tests.sh
@@ -33,7 +33,7 @@ function test_signatures {
     done
   done
   echo -e "Peforming ${COL_YELLOW}PKCS #1 v1.5 Padding Tests${COL_STOP}..."
-  ${TEST_DIR}/vb2_rsa_padding_tests ${TESTKEY_DIR}/rsa_padding_test_pubkey.keyb
+  ${TEST_DIR}/vb20_rsa_padding_tests ${TESTKEY_DIR}/rsa_padding_test_pubkey.keyb
 }
 
 check_test_keys