From 7c3ae42e045935728a63a6d592ecf6c5bdbd005a Mon Sep 17 00:00:00 2001
From: Randall Spangler <rspangler@chromium.org>
Date: Wed, 11 May 2016 13:50:18 -0700
Subject: vboot: Convert vboot1 SHA calls to use vboot2

This change replaces all calls to the old vboot1 SHA library with their
vboot2 equivalents.

This is the first in a long series of changes to move the core vboot kernel
verification into vb2, and the control/display loop out to depthcharge.

BUG=chromium:611535
BRANCH=none
TEST=make runtests; build samus firmware and boot it

Change-Id: I31986eb766176c0e39a192c5ce15730471c3cf94
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/344342
Tested-by: Daisuke Nojiri <dnojiri@chromium.org>
Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
---
 tests/rsa_utility_tests.c    |  6 ----
 tests/sha_benchmark.c        | 74 +++++++++++++++++++-------------------------
 tests/sha_test_vectors.h     |  8 ++---
 tests/vboot_common2_tests.c  | 17 ++++++----
 tests/vboot_common3_tests.c  | 14 +++++----
 tests/vboot_firmware_tests.c | 32 ++++++++++++-------
 tests/vboot_kernel_tests.c   | 17 ++++++----
 7 files changed, 86 insertions(+), 82 deletions(-)

(limited to 'tests')

diff --git a/tests/rsa_utility_tests.c b/tests/rsa_utility_tests.c
index 47c483b2..7beeed68 100644
--- a/tests/rsa_utility_tests.c
+++ b/tests/rsa_utility_tests.c
@@ -20,12 +20,6 @@
 /* Data for mock functions */
 static int mock_rsaverify_retval;
 
-/* Mock functions */
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm) {
-  /* Just need to return something; it's only passed to the mock RSAVerify() */
-  return VbExMalloc(4);
-}
-
 int RSAVerify(const RSAPublicKey *key,
               const uint8_t* sig,
               const uint32_t sig_len,
diff --git a/tests/sha_benchmark.c b/tests/sha_benchmark.c
index 2193b781..49ff829f 100644
--- a/tests/sha_benchmark.c
+++ b/tests/sha_benchmark.c
@@ -7,52 +7,42 @@
 #include <stdio.h>
 #include <stdlib.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
+
 #include "cryptolib.h"
 #include "host_common.h"
 #include "timer_utils.h"
 
-#define NUM_HASH_ALGORITHMS 3
 #define TEST_BUFFER_SIZE 4000000
 
-/* Table of hash function pointers and their description. */
-typedef uint8_t* (*Hashptr) (const uint8_t*, uint64_t, uint8_t*);
-typedef struct HashFxTable {
-  Hashptr hash;
-  char* description;
-} HashFxTable;
-
-HashFxTable hash_functions[NUM_HASH_ALGORITHMS] = {
-  {internal_SHA1, "sha1"},
-  {internal_SHA256, "sha256"},
-  {internal_SHA512, "sha512"}
-};
-
-int main(int argc, char* argv[]) {
-  int i;
-  double speed;
-  uint32_t msecs;
-  uint8_t* buffer = (uint8_t*) malloc(TEST_BUFFER_SIZE);
-  uint8_t* digest = (uint8_t*) malloc(SHA512_DIGEST_SIZE); /* Maximum size of
-                                                            * the digest. */
-  ClockTimerState ct;
-
-  /* Iterate through all the hash functions. */
-  for(i = 0; i < NUM_HASH_ALGORITHMS; i++) {
-    StartTimer(&ct);
-    hash_functions[i].hash(buffer, TEST_BUFFER_SIZE, digest);
-    StopTimer(&ct);
-
-    msecs = GetDurationMsecs(&ct);
-    speed = ((TEST_BUFFER_SIZE / 10e6)
-             / (msecs / 10e3)); /* Mbytes/sec */
-
-    fprintf(stderr, "# %s Time taken = %u ms, Speed = %f Mbytes/sec\n",
-            hash_functions[i].description, msecs, speed);
-    fprintf(stdout, "mbytes_per_sec_%s:%f\n",
-            hash_functions[i].description, speed);
-  }
-
-  free(digest);
-  free(buffer);
-  return 0;
+int main(int argc, char *argv[]) {
+	int i;
+	double speed;
+	uint32_t msecs;
+	uint8_t *buffer = malloc(TEST_BUFFER_SIZE);
+	uint8_t digest[VB2_MAX_DIGEST_SIZE];
+	ClockTimerState ct;
+
+	/* Iterate through all the hash functions. */
+	for(i = VB2_HASH_SHA1; i < VB2_HASH_ALG_COUNT; i++) {
+		StartTimer(&ct);
+		vb2_digest_buffer(buffer, TEST_BUFFER_SIZE, i,
+				  digest, sizeof(digest));
+		StopTimer(&ct);
+
+		msecs = GetDurationMsecs(&ct);
+		speed = ((TEST_BUFFER_SIZE / 10e6)
+			 / (msecs / 10e3)); /* Mbytes/sec */
+
+		fprintf(stderr,
+			"# %s Time taken = %u ms, Speed = %f Mbytes/sec\n",
+			vb2_get_hash_algorithm_name(i), msecs, speed);
+		fprintf(stdout, "mbytes_per_sec_%s:%f\n",
+			vb2_get_hash_algorithm_name(i), speed);
+	}
+
+	free(buffer);
+	return 0;
 }
diff --git a/tests/sha_test_vectors.h b/tests/sha_test_vectors.h
index c75e9165..310f5703 100644
--- a/tests/sha_test_vectors.h
+++ b/tests/sha_test_vectors.h
@@ -8,8 +8,6 @@
 #ifndef VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
 #define VBOOT_REFERENCE_SHA_TEST_VECTORS_H_
 
-#include "cryptolib.h"
-
 char* oneblock_msg = "abc";
 char* multiblock_msg1 = "abcdbcdecdefdefgefghfghighijhijkijkl"
     "jklmklmnlmnomnopnopq";
@@ -18,7 +16,7 @@ char* multiblock_msg2= "abcdefghbcdefghicdefghijdefghijkefghi"
     "qrsmnopqrstnopqrstu";
 char* long_msg;
 
-uint8_t sha1_results[][SHA1_DIGEST_SIZE] = {
+uint8_t sha1_results[][VB2_SHA1_DIGEST_SIZE] = {
   {
     0xa9,0x99,0x3e,0x36,0x47,0x06,0x81,0x6a,
     0xba,0x3e,0x25,0x71,0x78,0x50,0xc2,0x6c,
@@ -36,7 +34,7 @@ uint8_t sha1_results[][SHA1_DIGEST_SIZE] = {
   }
 };
 
-uint8_t sha256_results[][SHA256_DIGEST_SIZE] = {
+uint8_t sha256_results[][VB2_SHA256_DIGEST_SIZE] = {
   {
     0xba,0x78,0x16,0xbf,0x8f,0x01,0xcf,0xea,
     0x41,0x41,0x40,0xde,0x5d,0xae,0x22,0x23,
@@ -57,7 +55,7 @@ uint8_t sha256_results[][SHA256_DIGEST_SIZE] = {
   }
 };
 
-uint8_t sha512_results[][SHA512_DIGEST_SIZE] = {
+uint8_t sha512_results[][VB2_SHA512_DIGEST_SIZE] = {
   {
     0xdd,0xaf,0x35,0xa1,0x93,0x61,0x7a,0xba,
     0xcc,0x41,0x73,0x49,0xae,0x20,0x41,0x31,
diff --git a/tests/vboot_common2_tests.c b/tests/vboot_common2_tests.c
index 40953117..8f662d38 100644
--- a/tests/vboot_common2_tests.c
+++ b/tests/vboot_common2_tests.c
@@ -10,6 +10,9 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "host_common.h"
@@ -82,14 +85,17 @@ static void VerifyDigestTest(const VbPublicKey *public_key,
 	const uint8_t test_data[] = "This is some other test data to sign.";
 	VbSignature *sig;
 	RSAPublicKey *rsa;
-	uint8_t *digest;
+	uint8_t digest[VB2_MAX_DIGEST_SIZE];
 
 	sig = CalculateSignature(test_data, sizeof(test_data), private_key);
 	rsa = PublicKeyToRSA(public_key);
-	digest = DigestBuf(test_data, sizeof(test_data),
-			   (int)public_key->algorithm);
-	TEST_NEQ(sig && rsa && digest, 0, "VerifyData() prerequisites");
-	if (!sig || !rsa || !digest)
+	TEST_SUCC(vb2_digest_buffer(test_data, sizeof(test_data),
+				    vb2_crypto_to_hash(public_key->algorithm),
+				    digest, sizeof(digest)),
+		  "VerifyData() digest");
+
+	TEST_NEQ(sig && rsa, 0, "VerifyData() prerequisites");
+	if (!sig || !rsa)
 		return;
 
 	TEST_EQ(VerifyDigest(digest, sig, rsa), 0, "VerifyDigest() ok");
@@ -102,7 +108,6 @@ static void VerifyDigestTest(const VbPublicKey *public_key,
 
 	RSAPublicKeyFree(rsa);
 	free(sig);
-	VbExFree(digest);
 }
 
 static void ReSignKernelPreamble(VbKernelPreambleHeader *h,
diff --git a/tests/vboot_common3_tests.c b/tests/vboot_common3_tests.c
index b5c0cc93..7ae7eb27 100644
--- a/tests/vboot_common3_tests.c
+++ b/tests/vboot_common3_tests.c
@@ -10,6 +10,9 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "cryptolib.h"
 #include "file_keys.h"
 #include "host_common.h"
@@ -19,12 +22,11 @@
 
 static void ReChecksumKeyBlock(VbKeyBlockHeader *h)
 {
-	uint8_t *newchk = DigestBuf((const uint8_t *)h,
-				    h->key_block_checksum.data_size,
-				    SHA512_DIGEST_ALGORITHM);
-	Memcpy(GetSignatureData(&h->key_block_checksum), newchk,
-	       SHA512_DIGEST_SIZE);
-	VbExFree(newchk);
+	vb2_digest_buffer((const uint8_t *)h,
+			  h->key_block_checksum.data_size,
+			  VB2_HASH_SHA512,
+			  GetSignatureData(&h->key_block_checksum),
+			  VB2_SHA512_DIGEST_SIZE);
 }
 
 static void KeyBlockVerifyTest(const VbPublicKey *public_key,
diff --git a/tests/vboot_firmware_tests.c b/tests/vboot_firmware_tests.c
index f83d970f..97782951 100644
--- a/tests/vboot_firmware_tests.c
+++ b/tests/vboot_firmware_tests.c
@@ -10,6 +10,10 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+
+#include "2common.h"
+#include "2sha.h"
 #include "gbb_header.h"
 #include "host_common.h"
 #include "load_firmware_fw.h"
@@ -30,7 +34,6 @@ static uint8_t gbb_data[sizeof(GoogleBinaryBlockHeader) + 2048];
 static GoogleBinaryBlockHeader* gbb = (GoogleBinaryBlockHeader*)gbb_data;
 static RSAPublicKey data_key;
 static uint32_t digest_size;
-static uint8_t* digest_returned;
 static uint8_t* digest_expect_ptr;
 static int hash_fw_index;
 
@@ -95,7 +98,6 @@ static void ResetMocks(void) {
   Memset(&data_key, 0, sizeof(data_key));
 
   digest_size = 1234;
-  digest_returned = NULL;
   digest_expect_ptr = NULL;
   hash_fw_index = -1;
 }
@@ -144,18 +146,27 @@ void RSAPublicKeyFree(RSAPublicKey* key) {
   data_key.len--;
 }
 
-void DigestInit(DigestContext* ctx, int sig_algorithm) {
-  digest_size = 0;
+int vb2_digest_init(struct vb2_digest_context *dc,
+		    enum vb2_hash_algorithm hash_alg)
+{
+	digest_size = 0;
+	return VB2_SUCCESS;
 }
 
-void DigestUpdate(DigestContext* ctx, const uint8_t* data, uint32_t len) {
-  TEST_PTR_EQ(data, digest_expect_ptr, "  Digesting expected data");
-  digest_size += len;
+int vb2_digest_extend(struct vb2_digest_context *dc,
+		      const uint8_t *buf,
+		      uint32_t size)
+{
+	TEST_PTR_EQ(buf, digest_expect_ptr, "  Digesting expected data");
+	digest_size += size;
+	return VB2_SUCCESS;
 }
 
-uint8_t* DigestFinal(DigestContext* ctx) {
-  digest_returned = (uint8_t*)VbExMalloc(4);
-  return digest_returned;
+int vb2_digest_finalize(struct vb2_digest_context *dc,
+			uint8_t *digest,
+			uint32_t digest_size)
+{
+	return VB2_SUCCESS;
 }
 
 VbError_t VbExHashFirmwareBody(VbCommonParams* cparams,
@@ -185,7 +196,6 @@ VbError_t VbExHashFirmwareBody(VbCommonParams* cparams,
 
 int VerifyDigest(const uint8_t* digest, const VbSignature *sig,
                  const RSAPublicKey* key) {
-  TEST_PTR_EQ(digest, digest_returned, "Verifying expected digest");
   TEST_PTR_EQ(key, &data_key, "Verifying using data key");
   TEST_PTR_EQ(sig, &mpreamble[hash_fw_index].body_signature, "Verifying sig");
   /* Mocked function uses sig size as return value for verifying digest */
diff --git a/tests/vboot_kernel_tests.c b/tests/vboot_kernel_tests.c
index 16cf1a9f..5818db26 100644
--- a/tests/vboot_kernel_tests.c
+++ b/tests/vboot_kernel_tests.c
@@ -10,6 +10,9 @@
 #include <stdlib.h>
 #include <string.h>
 
+#include "2sysincludes.h"
+#include "2common.h"
+#include "2sha.h"
 #include "cgptlib.h"
 #include "cgptlib_internal.h"
 #include "crc32.h"
@@ -71,7 +74,7 @@ static GptHeader *mock_gpt_primary =
 	(GptHeader*)&mock_disk[MOCK_SECTOR_SIZE * 1];
 static GptHeader *mock_gpt_secondary =
 	(GptHeader*)&mock_disk[MOCK_SECTOR_SIZE * (MOCK_SECTOR_COUNT - 1)];
-static uint8_t mock_digest[SHA256_DIGEST_SIZE] = {12, 34, 56, 78};
+static uint8_t mock_digest[VB2_SHA256_DIGEST_SIZE] = {12, 34, 56, 78};
 
 /**
  * Prepare a valid GPT header that will pass CheckHeader() tests
@@ -293,12 +296,14 @@ int VerifyData(const uint8_t *data, uint64_t size, const VbSignature *sig,
 	return VBERROR_SUCCESS;
 }
 
-uint8_t* DigestBuf(const uint8_t* buf, uint64_t len, int sig_algorithm)
+int vb2_digest_buffer(const uint8_t *buf,
+		      uint32_t size,
+		      enum vb2_hash_algorithm hash_alg,
+		      uint8_t *digest,
+		      uint32_t digest_size)
 {
-	uint8_t *d = VbExMalloc(sizeof(mock_digest));
-
-	memcpy(d, mock_digest, sizeof(mock_digest));
-	return d;
+	Memcpy(digest, mock_digest, sizeof(mock_digest));
+	return VB2_SUCCESS;
 }
 
 /**
-- 
cgit v1.2.1