diff options
Diffstat (limited to 'tests/vb20_rsa_padding_tests.c')
-rw-r--r-- | tests/vb20_rsa_padding_tests.c | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/tests/vb20_rsa_padding_tests.c b/tests/vb20_rsa_padding_tests.c new file mode 100644 index 00000000..e9789e90 --- /dev/null +++ b/tests/vb20_rsa_padding_tests.c @@ -0,0 +1,156 @@ +/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. + * Use of this source code is governed by a BSD-style license that can be + * found in the LICENSE file. + */ + + +#include <stdint.h> +#include <stdio.h> + +#include "cryptolib.h" +#include "file_keys.h" +#include "rsa_padding_test.h" +#include "test_common.h" +#include "utility.h" + +#include "2sysincludes.h" +#include "2rsa.h" +#include "vb2_common.h" + +/** + * Convert an old-style RSA public key struct to a new one. + * + * The new one does not allocate memory, so you must keep the old one around + * until you're done with the new one. + * + * @param k2 Destination new key + * @param key Source old key + */ +void vb2_public_key_to_vb2(struct vb2_public_key *k2, + const struct RSAPublicKey *key) +{ + k2->arrsize = key->len; + k2->n0inv = key->n0inv; + k2->n = key->n; + k2->rr = key->rr; + k2->sig_alg = vb2_crypto_to_signature(key->algorithm); + k2->hash_alg = vb2_crypto_to_hash(key->algorithm); +} + +/** + * Test valid and invalid signatures. + */ +static void test_signatures(const struct vb2_public_key *key) +{ + uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]; + uint8_t sig[RSA1024NUMBYTES]; + struct vb2_workbuf wb; + int unexpected_success; + int i; + + vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); + + /* The first test signature is valid. */ + Memcpy(sig, signatures[0], sizeof(sig)); + TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), + "RSA Padding Test valid sig"); + + /* All other signatures should fail verification. */ + unexpected_success = 0; + for (i = 1; i < sizeof(signatures) / sizeof(signatures[0]); i++) { + Memcpy(sig, signatures[i], sizeof(sig)); + if (!vb2_rsa_verify_digest(key, sig, + test_message_sha1_hash, &wb)) { + fprintf(stderr, + "RSA Padding Test vector %d FAILED!\n", i); + unexpected_success++; + } + } + TEST_EQ(unexpected_success, 0, "RSA Padding Test invalid sigs"); +} + + +/** + * Test other error conditions in vb2_rsa_verify_digest(). + */ +static void test_verify_digest(struct vb2_public_key *key) { + uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]; + uint8_t sig[RSA1024NUMBYTES]; + struct vb2_workbuf wb; + enum vb2_signature_algorithm orig_key_alg = key->sig_alg; + + vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); + + Memcpy(sig, signatures[0], sizeof(sig)); + TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), + "vb2_rsa_verify_digest() good"); + + Memcpy(sig, signatures[0], sizeof(sig)); + vb2_workbuf_init(&wb, workbuf, sizeof(sig) * 3 - 1); + TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), + VB2_ERROR_RSA_VERIFY_WORKBUF, + "vb2_rsa_verify_digest() small workbuf"); + vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); + + key->sig_alg = VB2_SIG_INVALID; + Memcpy(sig, signatures[0], sizeof(sig)); + TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), + VB2_ERROR_RSA_VERIFY_ALGORITHM, + "vb2_rsa_verify_digest() bad key alg"); + key->sig_alg = orig_key_alg; + + key->arrsize *= 2; + Memcpy(sig, signatures[0], sizeof(sig)); + TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), + VB2_ERROR_RSA_VERIFY_SIG_LEN, + "vb2_rsa_verify_digest() bad sig len"); + key->arrsize /= 2; + + /* Corrupt the signature near start and end */ + Memcpy(sig, signatures[0], sizeof(sig)); + sig[3] ^= 0x42; + TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), + VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig"); + + Memcpy(sig, signatures[0], sizeof(sig)); + sig[RSA1024NUMBYTES - 3] ^= 0x56; + TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb), + VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig end"); +} + +int main(int argc, char *argv[]) +{ + int error = 0; + RSAPublicKey *key; + struct vb2_public_key k2; + + /* Read test key */ + if (argc != 2) { + fprintf(stderr, "Usage: %s <test public key>\n", argv[0]); + return 1; + } + key = RSAPublicKeyFromFile(argv[1]); + + if (!key) { + fprintf(stderr, "Couldn't read RSA public key for the test.\n"); + return 1; + } + + // TODO: why is test key algorithm wrong? + key->algorithm = 0; + + /* Convert test key to Vb2 format */ + vb2_public_key_to_vb2(&k2, key); + + /* Run tests */ + test_signatures(&k2); + test_verify_digest(&k2); + + /* Clean up and exit */ + RSAPublicKeyFree(key); + + if (!gTestSuccess) + error = 255; + + return error; +} |