vboot2: use enum signature algorithm

This changes the internals of vboot2 to use the enumerated type for
signature algorithm.  The conversion from crypto algorithm is done
only when unpacking the key.  This is preparation for the vboot2 data
types, which separate signature and hash algorithms into their own
fields.

There is no external change in the calling API to vboot, and no change
to the external data structures.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: I2e176d186d88cc7541644e001e720b4aee456be0
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225209

5 files changed, 67 insertions, 43 deletions

diff --git a/tests/vb2_api_tests.c b/tests/vb2_api_tests.c
index 49b59b25..23e2d5e6 100644
--- a/tests/vb2_api_tests.c
+++ b/tests/vb2_api_tests.c
@@ -140,7 +140,7 @@ int vb2_unpack_key(struct vb2_public_key *key,
 	if (size != sizeof(*k) + 8)
 		return VB2_ERROR_UNPACK_KEY_SIZE;
 
-	key->algorithm = k->algorithm;
+	key->sig_alg = vb2_crypto_to_signature(k->algorithm);
 	key->hash_alg = vb2_crypto_to_hash(k->algorithm);
 
 	return VB2_SUCCESS;
@@ -174,7 +174,7 @@ int vb2_digest_finalize(struct vb2_digest_context *dc,
 	return retval_vb2_digest_finalize;
 }
 
-uint32_t vb2_rsa_sig_size(uint32_t algorithm)
+uint32_t vb2_rsa_sig_size(enum vb2_signature_algorithm sig_alg)
 {
 	return mock_sig_size;
 }
diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c
index 2afa9f9e..4b3a34e6 100644
--- a/tests/vb2_common2_tests.c
+++ b/tests/vb2_common2_tests.c
@@ -35,7 +35,8 @@ static void test_unpack_key(const VbPublicKey *orig_key)
 	PublicKeyCopy(key, orig_key);
 	TEST_SUCC(vb2_unpack_key(&rsa, buf, size), "vb2_unpack_key() ok");
 
-	TEST_EQ(rsa.algorithm, key2->algorithm, "vb2_unpack_key() algorithm");
+	TEST_EQ(rsa.sig_alg, vb2_crypto_to_signature(key2->algorithm),
+		"vb2_unpack_key() sig_alg");
 	TEST_EQ(rsa.hash_alg, vb2_crypto_to_hash(key2->algorithm),
 		"vb2_unpack_key() hash_alg");
 
@@ -43,7 +44,7 @@ static void test_unpack_key(const VbPublicKey *orig_key)
 	PublicKeyCopy(key, orig_key);
 	key2->algorithm = VB2_ALG_COUNT;
 	TEST_EQ(vb2_unpack_key(&rsa, buf, size),
-		VB2_ERROR_UNPACK_KEY_ALGORITHM,
+		VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
 		"vb2_unpack_key() invalid algorithm");
 
 	PublicKeyCopy(key, orig_key);
@@ -83,9 +84,8 @@ static void test_verify_data(const VbPublicKey *public_key,
 	struct vb2_workbuf wb;
 	VbSignature *sig;
 
-	struct vb2_public_key rsa;
+	struct vb2_public_key rsa, rsa_orig;
 	struct vb2_signature *sig2;
-
 	struct vb2_packed_key *public_key2;
 
 	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
@@ -106,13 +106,19 @@ static void test_verify_data(const VbPublicKey *public_key,
 
 	TEST_EQ(vb2_unpack_key(&rsa, (uint8_t *)public_key2, pubkey_size),
 		0, "vb2_verify_data() unpack key");
+	rsa_orig = rsa;
+
+	memcpy(sig2, sig, sizeof(VbSignature) + sig->sig_size);
+	rsa.sig_alg = VB2_SIG_INVALID;
+	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &rsa, &wb),
+		 0, "vb2_verify_data() bad sig alg");
+	rsa.sig_alg = rsa_orig.sig_alg;
 
 	memcpy(sig2, sig, sizeof(VbSignature) + sig->sig_size);
-	rsa.algorithm += VB2_ALG_COUNT;
-	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &rsa,
-				 &wb),
-		 0, "vb2_verify_data() bad key");
-	rsa.algorithm -= VB2_ALG_COUNT;
+	rsa.hash_alg = VB2_HASH_INVALID;
+	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &rsa, &wb),
+		 0, "vb2_verify_data() bad hash alg");
+	rsa.hash_alg = rsa_orig.hash_alg;
 
 	vb2_workbuf_init(&wb, workbuf, 4);
 	memcpy(sig2, sig, sizeof(VbSignature) + sig->sig_size);
diff --git a/tests/vb2_misc2_tests.c b/tests/vb2_misc2_tests.c
index 14526f70..05a379ee 100644
--- a/tests/vb2_misc2_tests.c
+++ b/tests/vb2_misc2_tests.c
@@ -218,9 +218,9 @@ static void verify_keyblock_tests(void)
 		"keyblock read root key");
 
 	reset_common_data(FOR_KEYBLOCK);
-	mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_ALGORITHM;
+	mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM;
 	TEST_EQ(vb2_verify_fw_keyblock(&cc),
-		VB2_ERROR_UNPACK_KEY_ALGORITHM,
+		VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
 		"keyblock unpack root key");
 
 	reset_common_data(FOR_KEYBLOCK);
@@ -295,9 +295,9 @@ static void verify_preamble_tests(void)
 		"preamble no data key");
 
 	reset_common_data(FOR_PREAMBLE);
-	mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_ALGORITHM;
+	mock_unpack_key_retval = VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM;
 	TEST_EQ(vb2_verify_fw_preamble2(&cc),
-		VB2_ERROR_UNPACK_KEY_ALGORITHM,
+		VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
 		"preamble unpack data key");
 
 	reset_common_data(FOR_PREAMBLE);
diff --git a/tests/vb2_rsa_padding_tests.c b/tests/vb2_rsa_padding_tests.c
index 3dd33162..8c9e80b6 100644
--- a/tests/vb2_rsa_padding_tests.c
+++ b/tests/vb2_rsa_padding_tests.c
@@ -33,7 +33,7 @@ void vb2_public_key_to_vb2(struct vb2_public_key *k2,
 	k2->n0inv = key->n0inv;
 	k2->n = key->n;
 	k2->rr = key->rr;
-	k2->algorithm = key->algorithm;
+	k2->sig_alg = vb2_crypto_to_signature(key->algorithm);
 	k2->hash_alg = vb2_crypto_to_hash(key->algorithm);
 }
 
@@ -77,6 +77,7 @@ static void test_verify_digest(struct vb2_public_key *key) {
 	uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES];
 	uint8_t sig[RSA1024NUMBYTES];
 	struct vb2_workbuf wb;
+	enum vb2_signature_algorithm orig_key_alg = key->sig_alg;
 
 	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
 
@@ -91,12 +92,12 @@ static void test_verify_digest(struct vb2_public_key *key) {
 		"vb2_rsa_verify_digest() small workbuf");
 	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
 
-	key->algorithm += VB2_ALG_COUNT;
+	key->sig_alg = VB2_SIG_INVALID;
 	Memcpy(sig, signatures[0], sizeof(sig));
 	TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
 		VB2_ERROR_RSA_VERIFY_ALGORITHM,
 		"vb2_rsa_verify_digest() bad key alg");
-	key->algorithm -= VB2_ALG_COUNT;
+	key->sig_alg = orig_key_alg;
 
 	key->arrsize *= 2;
 	Memcpy(sig, signatures[0], sizeof(sig));
diff --git a/tests/vb2_rsa_utility_tests.c b/tests/vb2_rsa_utility_tests.c
index 2a74f35e..1293d50f 100644
--- a/tests/vb2_rsa_utility_tests.c
+++ b/tests/vb2_rsa_utility_tests.c
@@ -28,52 +28,69 @@
  * APIs.
  */
 int vb2_mont_ge(const struct vb2_public_key *key, uint32_t *a);
-int vb2_check_padding(uint8_t *sig, int algorithm);
-int vb2_safe_memcmp(const void *s1, const void *s2, size_t size);
+int vb2_check_padding(const uint8_t *sig, const struct vb2_public_key *key);
 
 /**
  * Test RSA utility funcs
  */
 static void test_utils(void)
 {
+	uint8_t sig[RSA1024NUMBYTES];
+	struct vb2_public_key kbad = {.sig_alg = VB2_SIG_INVALID,
+				      .hash_alg = VB2_HASH_INVALID};
+
 	/* Verify old and new algorithm count constants match */
 	TEST_EQ(kNumAlgorithms, VB2_ALG_COUNT, "Algorithm counts");
 
+	/* Crypto algorithm to sig algorithm mapping */
+	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA1024_SHA1),
+		VB2_SIG_RSA1024, "Crypto map to RSA1024");
+	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA2048_SHA256),
+		VB2_SIG_RSA2048, "Crypto map to RSA2048");
+	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA4096_SHA256),
+		VB2_SIG_RSA4096, "Crypto map to RSA4096");
+	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA8192_SHA512),
+		VB2_SIG_RSA8192, "Crypto map to RSA8192");
+	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_COUNT),
+		VB2_SIG_INVALID, "Crypto map to invalid");
+
 	/* Sig size */
-	TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA1024_SHA1), RSA1024NUMBYTES,
-		"Sig size VB2_ALG_RSA1024_SHA1");
-	TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA2048_SHA1), RSA2048NUMBYTES,
-		"Sig size VB2_ALG_RSA2048_SHA1");
-	TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA4096_SHA256), RSA4096NUMBYTES,
-		"Sig size VB2_ALG_RSA4096_SHA256");
-	TEST_EQ(vb2_rsa_sig_size(VB2_ALG_RSA8192_SHA512), RSA8192NUMBYTES,
-		"Sig size VB2_ALG_RSA8192_SHA512");
-	TEST_EQ(vb2_rsa_sig_size(VB2_ALG_COUNT), 0,
+	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA1024), RSA1024NUMBYTES,
+		"Sig size RSA1024");
+	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA2048), RSA2048NUMBYTES,
+		"Sig size RSA2048");
+	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA4096), RSA4096NUMBYTES,
+		"Sig size RSA4096");
+	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA8192), RSA8192NUMBYTES,
+		"Sig size RSA8192");
+	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_INVALID), 0,
 		"Sig size invalid algorithm");
+	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_NONE), 0,
+		"Sig size no signing algorithm");
 
 	/* Packed key size */
-	TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA1024_SHA1),
+	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA1024),
 		RSA1024NUMBYTES * 2 + sizeof(uint32_t) * 2,
-		"Packed key size VB2_ALG_RSA1024_SHA1");
-	TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA2048_SHA1),
+		"Packed key size VB2_SIG_RSA1024");
+	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA2048),
 		RSA2048NUMBYTES * 2 + sizeof(uint32_t) * 2,
-		"Packed key size VB2_ALG_RSA2048_SHA1");
-	TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA4096_SHA256),
+		"Packed key size VB2_SIG_RSA2048");
+	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA4096),
 		RSA4096NUMBYTES * 2 + sizeof(uint32_t) * 2,
-		"Packed key size VB2_ALG_RSA4096_SHA256");
-	TEST_EQ(vb2_packed_key_size(VB2_ALG_RSA8192_SHA512),
+		"Packed key size VB2_SIG_RSA4096");
+	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA8192),
 		RSA8192NUMBYTES * 2 + sizeof(uint32_t) * 2,
-		"Packed key size VB2_ALG_RSA8192_SHA512");
-	TEST_EQ(vb2_packed_key_size(VB2_ALG_COUNT), 0,
+		"Packed key size VB2_SIG_RSA8192");
+	TEST_EQ(vb2_packed_key_size(VB2_SIG_INVALID), 0,
 		"Packed key size invalid algorithm");
-
-	uint8_t sig[RSA1024NUMBYTES];
+	TEST_EQ(vb2_packed_key_size(VB2_SIG_NONE), 0,
+		"Packed key size no signing algorithm");
 
 	/* Test padding check with bad algorithm */
 	Memcpy(sig, signatures[0], sizeof(sig));
-	TEST_EQ(vb2_check_padding(sig, VB2_ALG_COUNT),
-		VB2_ERROR_RSA_PADDING_ALGORITHM,
-		"vb2_check_padding() bad alg");
+	TEST_EQ(vb2_check_padding(sig, &kbad),
+		VB2_ERROR_RSA_PADDING_SIZE,
+		"vb2_check_padding() bad padding algorithm/size");
 
 	/* Test safe memcmp */
 	TEST_EQ(vb2_safe_memcmp("foo", "foo", 3), 0, "vb2_safe_memcmp() good");