vboot2: Add vb2_unpack_key2() and unit testsfactory-rambi-6420.B

This unpacks new-style packed keys.

For now, it can also handle old-style packed keys by passing them to
the old unpacking function.  Once we've switched over to new-style
keys in the signing scripts, we'll remove the old format to save code
size.

Also added is a test library which converts from old to new struct
formats.  That should eventually get absorbed into futility, and the
test keys directory should have both old and new format packed keys in
it.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: I0fe31f124781d1ea1efedab65dcd6130bfca18dd
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/225490
Reviewed-by: Bill Richardson <wfrichar@chromium.org>

3 files changed, 202 insertions, 0 deletions

diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c
index 4b3a34e6..f58d2a35 100644
--- a/tests/vb2_common2_tests.c
+++ b/tests/vb2_common2_tests.c
@@ -11,6 +11,7 @@
 
 #include "file_keys.h"
 #include "host_common.h"
+#include "vb2_convert_structs.h"
 #include "vboot_common.h"
 #include "test_common.h"
 
@@ -75,6 +76,113 @@ static void test_unpack_key(const VbPublicKey *orig_key)
 	free(key);
 }
 
+static void test_unpack_key2(const VbPublicKey *orig_key)
+{
+	/* vb2_packed_key and VbPublicKey are bit-identical */
+	const struct vb2_packed_key *key1 =
+		(const struct vb2_packed_key *)orig_key;
+
+	struct vb2_public_key pubk;
+	struct vb2_packed_key2 *key2;
+	uint32_t size;
+
+	/* Should be able to handle a vboot1-style key binary as well */
+	TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1,
+				  key1->key_offset + key1->key_size),
+		  "vb2_unpack_key2() passthru");
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		  "vb2_unpack_key2() ok");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->key_offset += 4;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_INSIDE_DATA_OUTSIDE,
+		"vb2_unpack_key2() buffer too small");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->c.desc_offset += size;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_INSIDE_DATA_OUTSIDE,
+		"vb2_unpack_key2() buffer too small for desc");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->c.desc_size = 0;
+	key2->c.desc_offset = 0;
+	TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		  "vb2_unpack_key2() no desc");
+	TEST_EQ(strcmp(pubk.desc, ""), 0, "  empty desc string");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->c.magic++;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_INSIDE_DATA_OUTSIDE,
+		"vb2_unpack_key2() bad magic");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->c.struct_version_major++;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_UNPACK_KEY_STRUCT_VERSION,
+		"vb2_unpack_key2() bad major version");
+	free(key2);
+
+	/*
+	 * Minor version changes are ok.  Note that this test assumes that the
+	 * source key struct version is the highest actually known to the
+	 * reader.  If the reader does know about minor version + 1 and that
+	 * adds fields, this test will likely fail.  But at that point, we
+	 * should have already added a test for minor version compatibility to
+	 * handle both old and new struct versions, so someone will have
+	 * noticed this comment.
+	 */
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->c.struct_version_minor++;
+	TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		  "vb2_unpack_key2() minor version change ok");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->sig_algorithm = VB2_SIG_INVALID;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
+		"vb2_unpack_key2() bad sig algorithm");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->hash_algorithm = VB2_HASH_INVALID;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
+		"vb2_unpack_key2() bad hash algorithm");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->key_size--;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_UNPACK_KEY_SIZE,
+		"vb2_unpack_key2() invalid size");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	key2->key_offset--;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_UNPACK_KEY_ALIGN,
+		"vb2_unpack_key2() unaligned data");
+	free(key2);
+
+	key2 = vb2_convert_packed_key2(key1, "Test key", &size);
+	*(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2;
+	TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size),
+		VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
+		"vb2_unpack_key2() invalid key array size");
+	free(key2);
+}
+
 static void test_verify_data(const VbPublicKey *public_key,
 			     const VbPrivateKey *private_key)
 {
@@ -173,6 +281,7 @@ int test_algorithm(int key_algorithm, const char *keys_dir)
 	}
 
 	test_unpack_key(public_key);
+	test_unpack_key2(public_key);
 	test_verify_data(public_key, private_key);
 
 	if (public_key)
diff --git a/tests/vb2_convert_structs.c b/tests/vb2_convert_structs.c
new file mode 100644
index 00000000..fe74f85f
--- /dev/null
+++ b/tests/vb2_convert_structs.c
@@ -0,0 +1,57 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Convert structs from vboot1 data format to new vboot2 structs
+ */
+
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2rsa.h"
+#include "vb2_convert_structs.h"
+#include "vboot_struct.h"  /* For old struct sizes */
+
+#include "test_common.h"
+
+struct vb2_packed_key2 *vb2_convert_packed_key2(
+				const struct vb2_packed_key *key,
+				const char *desc, uint32_t *out_size)
+{
+	struct vb2_packed_key2 k2 = {
+		.c.magic = VB2_MAGIC_PACKED_KEY2,
+		.c.struct_version_major = VB2_PACKED_KEY2_VERSION_MAJOR,
+		.c.struct_version_minor = VB2_PACKED_KEY2_VERSION_MINOR,
+	};
+	uint8_t *kbuf;
+
+	/* Calculate description size */
+	k2.c.desc_offset = sizeof(k2);
+	k2.c.desc_size = roundup32(strlen(desc) + 1);
+
+	/* Copy/initialize fields */
+	k2.key_offset = k2.c.desc_offset + k2.c.desc_size;
+	k2.key_size = key->key_size;
+	k2.key_version = key->key_version;
+	k2.sig_algorithm = vb2_crypto_to_signature(key->algorithm);
+	k2.hash_algorithm = vb2_crypto_to_hash(key->algorithm);
+	/* TODO: fill in a non-zero GUID */
+
+	/* Allocate the new buffer */
+	*out_size = k2.key_offset + k2.key_size;
+	kbuf = malloc(*out_size);
+	memset(kbuf, 0, *out_size);
+
+	/* Copy data into the buffer */
+	memcpy(kbuf, &k2, sizeof(k2));
+
+	/* strcpy() is safe because we allocated above based on strlen() */
+	strcpy((char *)(kbuf + k2.c.desc_offset), desc);
+	kbuf[k2.c.desc_offset + k2.c.desc_size - 1] = 0;
+
+	memcpy(kbuf + k2.key_offset,
+	       (const uint8_t *)key + key->key_offset,
+	       key->key_size);
+
+	/* Return the newly allocated buffer */
+	return (struct vb2_packed_key2 *)kbuf;
+}
diff --git a/tests/vb2_convert_structs.h b/tests/vb2_convert_structs.h
new file mode 100644
index 00000000..dcf15831
--- /dev/null
+++ b/tests/vb2_convert_structs.h
@@ -0,0 +1,36 @@
+/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ */
+
+#ifndef VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_
+#define VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_
+
+#include "2struct.h"
+
+/**
+ * Round up a size to a multiple of 32 bits (4 bytes).
+ */
+static __inline const uint32_t roundup32(uint32_t v)
+{
+	return (v + 3) & ~3;
+}
+
+/**
+ * Convert a packed key from vboot data format to vboot2 data format.
+ *
+ * Intended for use by unit tests.  Does NOT validate the original struct
+ * contents, just copies them.
+ *
+ * @param key		Packed key in vboot1 format
+ * @param desc		Description of packed key
+ * @param out_size	Size of the newly allocated buffer
+ * @return a newly allocated buffer with the converted key.  Caller is
+ * responsible for freeing this buffer.
+ */
+struct vb2_packed_key2 *vb2_convert_packed_key2(
+				const struct vb2_packed_key *key,
+				const char *desc, uint32_t *out_size);
+
+#endif  /* VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_ */