From b885c3bd3d35284af81a83c3f23be4f02ddfbf47 Mon Sep 17 00:00:00 2001
From: Randall Spangler <rspangler@chromium.org>
Date: Sat, 1 Nov 2014 17:56:46 -0700
Subject: vboot2: add support for verify data / digest using new signature
 struct

This adds the vb2_signature2 equivalents of vb2_verify_digest() and
vb2_verify_data(), including support for bare hash signatures.

BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests

Change-Id: I372c9e5f0be926a833e4ca8f84665cfb05907481
Reviewed-on: https://chromium-review.googlesource.com/226950
Tested-by: Randall Spangler <rspangler@chromium.org>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Commit-Queue: Randall Spangler <rspangler@chromium.org>
---
 tests/vb2_common_tests.c | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

(limited to 'tests/vb2_common_tests.c')

diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c
index d7f0762c..c1d229c6 100644
--- a/tests/vb2_common_tests.c
+++ b/tests/vb2_common_tests.c
@@ -7,6 +7,8 @@
 
 #include "2sysincludes.h"
 #include "2common.h"
+#include "2rsa.h"
+#include "vb2_convert_structs.h"
 #include "vboot_struct.h"  /* For old struct sizes */
 
 #include "test_common.h"
@@ -445,6 +447,38 @@ static void test_sig_size(void)
 		VB2_SHA512_DIGEST_SIZE, "vb2_sig_size() SHA512");
 }
 
+/**
+ * Verify data on bare hash
+ */
+static void test_verify_hash(void)
+{
+	static const uint8_t test_data[] = "This is some test data to sign.";
+	struct vb2_signature2 *sig;
+	struct vb2_public_key pubk = {
+		.sig_alg = VB2_SIG_NONE,
+		.hash_alg = VB2_HASH_SHA256,
+		.guid = vb2_hash_guid(VB2_HASH_SHA256)
+	};
+	uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES];
+	struct vb2_workbuf wb;
+
+	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
+
+	/* Create the signature */
+	sig = vb2_create_hash_sig(test_data, sizeof(test_data), pubk.hash_alg);
+	TEST_PTR_NEQ(sig, NULL, "create hash sig");
+
+	TEST_SUCC(vb2_verify_data2(test_data, sizeof(test_data),
+				   sig, &pubk, &wb),
+		  "vb2_verify_data2() hash ok");
+
+	*((uint8_t *)sig + sig->sig_offset) ^= 0xab;
+	TEST_EQ(vb2_verify_data2(test_data, sizeof(test_data), sig, &pubk, &wb),
+		VB2_ERROR_VDATA_VERIFY_DIGEST, "vb2_verify_data2() hash bad");
+
+	free(sig);
+}
+
 int main(int argc, char* argv[])
 {
 	test_memcmp();
@@ -454,6 +488,7 @@ int main(int argc, char* argv[])
 	test_helper_functions();
 	test_common_header_functions();
 	test_sig_size();
+	test_verify_hash();
 
 	return gTestSuccess ? 0 : 255;
 }
-- 
cgit v1.2.1