From fc73f087653ee67193a9f2b897433db2cd532f8c Mon Sep 17 00:00:00 2001 From: Randall Spangler Date: Fri, 21 Nov 2014 15:33:07 -0800 Subject: vboot2: Use new hostlib functions in unit tests This removes the hacky conversion from old-style packed keys and signatures, which existed only because at the time we didn't have the ability in hostlib to create new-format key and signature structs directly. BUG=chromium:423882 BRANCH=none TEST=VBOOT2=1 make runtests Change-Id: Id7cb3dfce740f2546464a4caae2629af864d7b45 Signed-off-by: Randall Spangler Reviewed-on: https://chromium-review.googlesource.com/231543 --- host/lib/host_key2.c | 8 +- host/lib/include/host_key2.h | 2 + tests/vb2_common2_tests.c | 179 ++++++++++++++++++++++--------------------- tests/vb2_convert_structs.c | 101 ------------------------ tests/vb2_convert_structs.h | 36 --------- 5 files changed, 94 insertions(+), 232 deletions(-) diff --git a/host/lib/host_key2.c b/host/lib/host_key2.c index 8f761f65..065be234 100644 --- a/host/lib/host_key2.c +++ b/host/lib/host_key2.c @@ -198,8 +198,7 @@ int vb2_private_key_write(const struct vb2_private_key *key, memcpy(&pkey.guid, &key->guid, sizeof(pkey.guid)); - if (key->desc) - pkey.c.desc_size = roundup32(strlen(key->desc) + 1); + pkey.c.desc_size = vb2_desc_size(key->desc); if (key->sig_alg != VB2_SIG_NONE) { /* Pack RSA key */ @@ -437,10 +436,7 @@ int vb2_public_key_pack(struct vb2_packed_key2 **key_ptr, /* Calculate sizes and offsets */ key.c.fixed_size = sizeof(key); - - if (pubk->desc && *pubk->desc) - key.c.desc_size = roundup32(strlen(pubk->desc) + 1); - + key.c.desc_size = vb2_desc_size(pubk->desc); key.key_offset = key.c.fixed_size + key.c.desc_size; if (pubk->sig_alg != VB2_SIG_NONE) { diff --git a/host/lib/include/host_key2.h b/host/lib/include/host_key2.h index 813ae60f..96dab3e4 100644 --- a/host/lib/include/host_key2.h +++ b/host/lib/include/host_key2.h @@ -10,6 +10,8 @@ #include "2struct.h" +struct vb2_public_key; + /* Private key data, in-memory format for use in signing calls. */ struct vb2_private_key { struct rsa_st *rsa_private_key; /* Private key data */ diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c index 8c8f6430..7666a604 100644 --- a/tests/vb2_common2_tests.c +++ b/tests/vb2_common2_tests.c @@ -9,14 +9,18 @@ #include #include +#include "2sysincludes.h" +#include "2common.h" +#include "2rsa.h" + #include "file_keys.h" #include "host_common.h" +#include "host_key2.h" +#include "host_signature2.h" #include "vb2_convert_structs.h" #include "vboot_common.h" #include "test_common.h" -#include "2common.h" -#include "2rsa.h" static const uint8_t test_data[] = "This is some test data to sign."; static const uint32_t test_size = sizeof(test_data); @@ -74,56 +78,54 @@ static void test_unpack_key(const struct vb2_packed_key *key1) free(key); } -static void test_unpack_key2(const struct vb2_packed_key *key1) +static void test_unpack_key2(const struct vb2_packed_key *key1, + const struct vb2_packed_key2 *key) { struct vb2_public_key pubk; struct vb2_packed_key2 *key2; - uint32_t size; + uint32_t size = key->c.total_size; + + /* Make a copy of the key for testing */ + key2 = (struct vb2_packed_key2 *)malloc(size); /* Should be able to handle a vboot1-style key binary as well */ TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1, key1->key_offset + key1->key_size), "vb2_unpack_key2() passthru"); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), "vb2_unpack_key2() ok"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->key_offset += 4; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_COMMON_MEMBER_SIZE, "vb2_unpack_key2() buffer too small"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.fixed_size += size; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_COMMON_FIXED_SIZE, "vb2_unpack_key2() buffer too small for desc"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.desc_size = 0; TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), "vb2_unpack_key2() no desc"); TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.magic++; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_INSIDE_DATA_OUTSIDE, "vb2_unpack_key2() bad magic"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.struct_version_major++; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_STRUCT_VERSION, "vb2_unpack_key2() bad major version"); - free(key2); /* * Minor version changes are ok. Note that this test assumes that the @@ -134,49 +136,45 @@ static void test_unpack_key2(const struct vb2_packed_key *key1) * handle both old and new struct versions, so someone will have * noticed this comment. */ - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->c.struct_version_minor++; TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), "vb2_unpack_key2() minor version change ok"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->sig_alg = VB2_SIG_INVALID; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM, "vb2_unpack_key2() bad sig algorithm"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->hash_alg = VB2_HASH_INVALID; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM, "vb2_unpack_key2() bad hash algorithm"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->key_size -= 4; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_SIZE, "vb2_unpack_key2() invalid size"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); key2->key_offset--; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_COMMON_MEMBER_UNALIGNED, "vb2_unpack_key2() unaligned data"); - free(key2); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); + memcpy(key2, key, size); *(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2; TEST_EQ(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), VB2_ERROR_UNPACK_KEY_ARRAY_SIZE, "vb2_unpack_key2() invalid key array size"); + free(key2); } -static void test_verify_data(struct vb2_packed_key *key1, +static void test_verify_data(const struct vb2_packed_key *key1, const struct vb2_signature *sig) { uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]; @@ -235,134 +233,114 @@ static void test_verify_data(struct vb2_packed_key *key1, free(sig2); } -static void test_verify_signature(const struct vb2_packed_key *key1, - const struct vb2_signature *sig1) +static void test_verify_signature2(const struct vb2_signature2 *sig) { - struct vb2_public_key pubk; - struct vb2_packed_key2 *key2; struct vb2_signature2 *sig2; - uint8_t *buf2good, *buf2; + uint8_t *buf2; uint32_t size; - /* Unpack and convert the public key */ - TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key1, - key1->key_offset + key1->key_size), - "verify_sig vb2_unpack_key2() passthru"); - key2 = vb2_convert_packed_key2(key1, "Test key", &size); - TEST_PTR_NEQ(key2, 0, "verify_sig convert pub key"); - - buf2good = (uint8_t *) - vb2_convert_signature2(sig1, "test desc", key2, &size); + /* Make a copy of the signature */ + size = sig->c.total_size; buf2 = malloc(size); sig2 = (struct vb2_signature2 *)buf2; - memcpy(buf2, buf2good, size); - TEST_PTR_NEQ(sig1, 0, "verify_sig convert signature"); + memcpy(buf2, sig, size); TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig ok"); sig2->c.magic = VB2_MAGIC_PACKED_KEY2; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_MAGIC, "verify_sig magic"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->c.total_size += 4; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE, "verify_sig common header"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->c.struct_version_minor++; TEST_SUCC(vb2_verify_signature2(sig2, size), "verify_sig minor ver"); sig2->c.struct_version_major++; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_VERSION, "verify_sig major ver"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->c.fixed_size -= 4; sig2->c.desc_size += 4; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_HEADER_SIZE, "verify_sig header size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_size += 4; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE, "verify_sig sig size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_alg = VB2_SIG_INVALID; TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_ALGORITHM, "verify_sig sig alg"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ? VB2_SIG_RSA1024 : VB2_SIG_NONE); TEST_EQ(vb2_verify_signature2(sig2, size), VB2_ERROR_SIG_SIZE, "verify_sig sig size"); free(buf2); - free(buf2good); - free(key2); } -static void test_verify_data2(struct vb2_packed_key *key1, - const struct vb2_signature *sig1) +static void test_verify_data2(const struct vb2_public_key *pubk_orig, + const struct vb2_signature2 *sig) { uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]; struct vb2_workbuf wb; - struct vb2_public_key pubk, pubk_orig; - struct vb2_packed_key2 *key2; + struct vb2_public_key pubk; struct vb2_signature2 *sig2; - uint8_t *buf2good, *buf2; + uint8_t *buf2; uint32_t size; vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); - /* Unpack and convert the public key */ - key2 = vb2_convert_packed_key2(key1, "Test key", &size); - TEST_PTR_NEQ(key2, 0, "verify_data convert pub key"); - TEST_SUCC(vb2_unpack_key2(&pubk, (uint8_t *)key2, size), - "verify_data2 unpack key"); - pubk_orig = pubk; + pubk = *pubk_orig; - /* Convert signature and allocate copy for tests */ - buf2good = (uint8_t *) - vb2_convert_signature2(sig1, "test desc", key2, &size); + /* Allocate signature copy for tests */ + size = sig->c.total_size; buf2 = malloc(size); sig2 = (struct vb2_signature2 *)buf2; - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); pubk.sig_alg = VB2_SIG_INVALID; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_ALGORITHM, "vb2_verify_data2() bad sig alg"); - pubk.sig_alg = pubk_orig.sig_alg; + pubk = *pubk_orig; - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); pubk.hash_alg = VB2_HASH_INVALID; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_DIGEST_SIZE, "vb2_verify_data2() bad hash alg"); - pubk.hash_alg = pubk_orig.hash_alg; + pubk = *pubk_orig; vb2_workbuf_init(&wb, workbuf, 4); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_WORKBUF_DIGEST, "vb2_verify_data2() workbuf too small"); vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), 0, "vb2_verify_data2() ok"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->sig_size -= 16; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_VDATA_SIG_SIZE, "vb2_verify_data2() wrong sig size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); TEST_EQ(vb2_verify_data2(test_data, test_size - 1, sig2, &pubk, &wb), VB2_ERROR_VDATA_SIZE, "vb2_verify_data2() wrong data size"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ? VB2_HASH_SHA256 : VB2_HASH_SHA1); TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), @@ -370,13 +348,12 @@ static void test_verify_data2(struct vb2_packed_key *key1, "vb2_verify_data2() alg mismatch"); - memcpy(buf2, buf2good, size); + memcpy(buf2, sig, size); buf2[sig2->sig_offset] ^= 0x5A; TEST_EQ(vb2_verify_data2(test_data, test_size, sig2, &pubk, &wb), VB2_ERROR_RSA_PADDING, "vb2_verify_data2() wrong sig"); free(buf2); - free(buf2good); } int test_algorithm(int key_algorithm, const char *keys_dir) @@ -384,10 +361,17 @@ int test_algorithm(int key_algorithm, const char *keys_dir) char filename[1024]; int rsa_len = siglen_map[key_algorithm] * 8; - VbPrivateKey *private_key = NULL; + enum vb2_signature_algorithm sig_alg = + vb2_crypto_to_signature(key_algorithm); + enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm); + VbPrivateKey *private_key = NULL; + struct vb2_private_key *prik = NULL; struct vb2_signature *sig = NULL; + struct vb2_signature2 *sig2 = NULL; + struct vb2_public_key *pubk = NULL; struct vb2_packed_key *key1; + struct vb2_packed_key2 *key2 = NULL; printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]); @@ -398,6 +382,12 @@ int test_algorithm(int key_algorithm, const char *keys_dir) return 1; } + TEST_SUCC(vb2_private_key_read_pem(&prik, filename), + "Read private key"); + prik->hash_alg = hash_alg; + prik->sig_alg = sig_alg; + vb2_private_key_set_desc(prik, "private key"); + sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, rsa_len); key1 = (struct vb2_packed_key *) PublicKeyReadKeyb(filename, key_algorithm, 1); @@ -406,25 +396,36 @@ int test_algorithm(int key_algorithm, const char *keys_dir) return 1; } - /* Calculate good signature */ + TEST_SUCC(vb2_public_key_read_keyb(&pubk, filename), + "Read public key"); + pubk->hash_alg = hash_alg; + vb2_public_key_set_desc(pubk, "public key"); + TEST_SUCC(vb2_public_key_pack(&key2, pubk), "Pack public key"); + + /* Calculate good signatures */ sig = (struct vb2_signature *) CalculateSignature(test_data, sizeof(test_data), private_key); TEST_PTR_NEQ(sig, 0, "Calculate signature"); if (!sig) return 1; + TEST_SUCC(vb2_sign_data(&sig2, test_data, test_size, prik, ""), + "Make test signature"); + test_unpack_key(key1); - test_unpack_key2(key1); test_verify_data(key1, sig); - test_verify_data2(key1, sig); - test_verify_signature(key1, sig); - - if (key1) - free(key1); - if (private_key) - free(private_key); - if (sig) - free(sig); + + test_unpack_key2(key1, key2); + test_verify_data2(pubk, sig2); + test_verify_signature2(sig2); + + free(key1); + free(key2); + free(private_key); + free(sig); + free(sig2); + vb2_private_key_free(prik); + vb2_public_key_free(pubk); return 0; } diff --git a/tests/vb2_convert_structs.c b/tests/vb2_convert_structs.c index 68cb326d..99d2a429 100644 --- a/tests/vb2_convert_structs.c +++ b/tests/vb2_convert_structs.c @@ -7,114 +7,13 @@ #include "2sysincludes.h" #include "2common.h" -#include "2rsa.h" #include "host_common.h" #include "host_key2.h" -#include "host_misc.h" #include "host_signature2.h" #include "vb2_convert_structs.h" -#include "vboot_struct.h" /* For old struct sizes */ #include "test_common.h" -struct vb2_packed_key2 *vb2_convert_packed_key2( - const struct vb2_packed_key *key, - const char *desc, uint32_t *out_size) -{ - struct vb2_packed_key2 k2 = { - .c.magic = VB2_MAGIC_PACKED_KEY2, - .c.struct_version_major = VB2_PACKED_KEY2_VERSION_MAJOR, - .c.struct_version_minor = VB2_PACKED_KEY2_VERSION_MINOR, - }; - uint8_t *kbuf; - - /* Calculate sizes and offsets */ - k2.c.fixed_size = sizeof(k2); - k2.c.desc_size = roundup32(strlen(desc) + 1); - k2.key_offset = k2.c.fixed_size + k2.c.desc_size; - k2.key_size = key->key_size; - k2.c.total_size = k2.key_offset + k2.key_size; - - /* Copy/initialize fields */ - k2.key_version = key->key_version; - k2.sig_alg = vb2_crypto_to_signature(key->algorithm); - k2.hash_alg = vb2_crypto_to_hash(key->algorithm); - /* TODO: fill in a non-zero GUID */ - - /* Allocate the new buffer */ - *out_size = k2.c.total_size; - kbuf = malloc(*out_size); - memset(kbuf, 0, *out_size); - - /* Copy data into the buffer */ - memcpy(kbuf, &k2, sizeof(k2)); - - /* strcpy() is safe because we allocated above based on strlen() */ - strcpy((char *)(kbuf + k2.c.fixed_size), desc); - kbuf[k2.c.fixed_size + k2.c.desc_size - 1] = 0; - - memcpy(kbuf + k2.key_offset, - (const uint8_t *)key + key->key_offset, - key->key_size); - - /* Return the newly allocated buffer */ - return (struct vb2_packed_key2 *)kbuf; -} - -struct vb2_signature2 *vb2_convert_signature2( - const struct vb2_signature *sig, - const char *desc, - const struct vb2_packed_key2 *key, - uint32_t *out_size) -{ - struct vb2_signature2 s2 = { - .c.magic = VB2_MAGIC_SIGNATURE2, - .c.struct_version_major = VB2_SIGNATURE2_VERSION_MAJOR, - .c.struct_version_minor = VB2_SIGNATURE2_VERSION_MINOR, - }; - uint8_t *buf; - - /* Calculate description size */ - s2.c.fixed_size = sizeof(s2); - s2.c.desc_size = roundup32(strlen(desc) + 1); - - /* Copy/initialize fields */ - s2.sig_offset = s2.c.fixed_size + s2.c.desc_size; - s2.sig_size = sig->sig_size; - s2.c.total_size = s2.sig_offset + s2.sig_size; - s2.data_size = sig->data_size; - - /* Copy fields from key if present */ - if (key) { - s2.sig_alg = key->sig_alg; - s2.hash_alg = key->hash_alg; - memcpy(&s2.guid, &key->guid, GUID_SIZE); - } else { - s2.sig_alg = VB2_SIG_INVALID; - s2.hash_alg = VB2_HASH_INVALID; - memset(&s2.guid, 0, GUID_SIZE); - } - - /* Allocate the new buffer */ - *out_size = s2.sig_offset + s2.sig_size; - buf = malloc(*out_size); - memset(buf, 0, *out_size); - - /* Copy data into the buffer */ - memcpy(buf, &s2, sizeof(s2)); - - /* strcpy() is safe because we allocated above based on strlen() */ - strcpy((char *)(buf + s2.c.fixed_size), desc); - buf[s2.c.fixed_size + s2.c.desc_size - 1] = 0; - - memcpy(buf + s2.sig_offset, - (const uint8_t *)sig + sig->sig_offset, - sig->sig_size); - - /* Return the newly allocated buffer */ - return (struct vb2_signature2 *)buf; -} - struct vb2_signature2 *vb2_create_hash_sig(const uint8_t *data, uint32_t size, enum vb2_hash_algorithm hash_alg) diff --git a/tests/vb2_convert_structs.h b/tests/vb2_convert_structs.h index 0ba1ca3a..ca7fcec5 100644 --- a/tests/vb2_convert_structs.h +++ b/tests/vb2_convert_structs.h @@ -9,42 +9,6 @@ #include "2struct.h" -/** - * Convert a packed key from vboot data format to vboot2 data format. - * - * Intended for use by unit tests. Does NOT validate the original struct - * contents, just copies them. - * - * @param key Packed key in vboot1 format - * @param desc Description of packed key - * @param out_size Destination for size of the newly allocated buffer - * @return a newly allocated buffer with the converted key. Caller is - * responsible for freeing this buffer. - */ -struct vb2_packed_key2 *vb2_convert_packed_key2( - const struct vb2_packed_key *key, - const char *desc, uint32_t *out_size); - -/** - * Convert a signature from vboot data format to vboot2 data format. - * - * Intended for use by unit tests. Does NOT validate the original struct - * contents, just copies them. - * - * @param sig Signature in vboot1 format - * @param desc Description of signature - * @param key Key to take algorithms and GUID from. If NULL, those - * fields are left uninitialized. - * @param out_size Destination for size of the newly allocated buffer - * @return a newly allocated buffer with the converted signature. Caller is - * responsible for freeing this buffer. - */ -struct vb2_signature2 *vb2_convert_signature2( - const struct vb2_signature *sig, - const char *desc, - const struct vb2_packed_key2 *key, - uint32_t *out_size); - /** * Create an unsigned hash signature of the data. * -- cgit v1.2.1