summaryrefslogtreecommitdiff
path: root/tests/vb2_rsa_utility_tests.c
blob: 63307b1ac3257f52d8fbcf0921f2bc7b3907a327 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 */


#include <stdint.h>
#include <stdio.h>

#include "2sysincludes.h"

#include "2common.h"
#include "2rsa.h"
#include "file_keys.h"
#include "rsa_padding_test.h"
#include "test_common.h"
#include "utility.h"
#include "vboot_api.h"

/*
 * Internal functions from 2rsa.c that have error conditions we can't trigger
 * from the public APIs.  These include checks for bad algorithms where the
 * next call level up already checks for bad algorithms, etc.
 *
 * These functions aren't in 2rsa.h because they're not part of the public
 * APIs.
 */
int vb2_mont_ge(const struct vb2_public_key *key, uint32_t *a);
int vb2_check_padding(const uint8_t *sig, const struct vb2_public_key *key);

/**
 * Test RSA utility funcs
 */
static void test_utils(void)
{
	uint8_t sig[RSA1024NUMBYTES];
	struct vb2_public_key kbad = {.sig_alg = VB2_SIG_INVALID,
				      .hash_alg = VB2_HASH_INVALID};

	/* Verify old and new algorithm count constants match */
	TEST_EQ(VB2_ALG_COUNT, VB2_ALG_COUNT, "Algorithm counts");

	/* Crypto algorithm to sig algorithm mapping */
	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA1024_SHA1),
		VB2_SIG_RSA1024, "Crypto map to RSA1024");
	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA2048_SHA256),
		VB2_SIG_RSA2048, "Crypto map to RSA2048");
	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA4096_SHA256),
		VB2_SIG_RSA4096, "Crypto map to RSA4096");
	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_RSA8192_SHA512),
		VB2_SIG_RSA8192, "Crypto map to RSA8192");
	TEST_EQ(vb2_crypto_to_signature(VB2_ALG_COUNT),
		VB2_SIG_INVALID, "Crypto map to invalid");

	/* Sig size */
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA1024), RSA1024NUMBYTES,
		"Sig size RSA1024");
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA2048), RSA2048NUMBYTES,
		"Sig size RSA2048");
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA4096), RSA4096NUMBYTES,
		"Sig size RSA4096");
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA8192), RSA8192NUMBYTES,
		"Sig size RSA8192");
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA2048_EXP3), RSA2048NUMBYTES,
		"Sig size RSA2048_EXP3");
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_RSA3072_EXP3), RSA3072NUMBYTES,
		"Sig size RSA3072_EXP3");
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_INVALID), 0,
		"Sig size invalid algorithm");
	TEST_EQ(vb2_rsa_sig_size(VB2_SIG_NONE), 0,
		"Sig size no signing algorithm");

	/* Packed key size */
	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA1024),
		RSA1024NUMBYTES * 2 + sizeof(uint32_t) * 2,
		"Packed key size VB2_SIG_RSA1024");
	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA2048),
		RSA2048NUMBYTES * 2 + sizeof(uint32_t) * 2,
		"Packed key size VB2_SIG_RSA2048");
	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA4096),
		RSA4096NUMBYTES * 2 + sizeof(uint32_t) * 2,
		"Packed key size VB2_SIG_RSA4096");
	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA8192),
		RSA8192NUMBYTES * 2 + sizeof(uint32_t) * 2,
		"Packed key size VB2_SIG_RSA8192");
	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA2048_EXP3),
		RSA2048NUMBYTES * 2 + sizeof(uint32_t) * 2,
		"Packed key size VB2_SIG_RSA2048_EXP3");
	TEST_EQ(vb2_packed_key_size(VB2_SIG_RSA3072_EXP3),
		RSA3072NUMBYTES * 2 + sizeof(uint32_t) * 2,
		"Packed key size VB2_SIG_RSA3072_EXP3");
	TEST_EQ(vb2_packed_key_size(VB2_SIG_INVALID), 0,
		"Packed key size invalid algorithm");
	TEST_EQ(vb2_packed_key_size(VB2_SIG_NONE), 0,
		"Packed key size no signing algorithm");

	/* Test padding check with bad algorithm */
	memcpy(sig, signatures[0], sizeof(sig));
	TEST_EQ(vb2_check_padding(sig, &kbad),
		VB2_ERROR_RSA_PADDING_SIZE,
		"vb2_check_padding() bad padding algorithm/size");

	/* Test safe memcmp */
	TEST_EQ(vb2_safe_memcmp("foo", "foo", 3), 0, "vb2_safe_memcmp() good");
	TEST_NEQ(vb2_safe_memcmp("foo", "bar", 3), 0, "vb2_safe_memcmp() bad");
	TEST_EQ(vb2_safe_memcmp("foo", "bar", 0), 0, "vb2_safe_memcmp() zero");

	/* Test Montgomery >= */
	{
		uint32_t n[4] = {4, 4, 4, 4};
		uint32_t a[4] = {4, 4, 4, 4};
		struct vb2_public_key k = {
			.arrsize = 4,
			.n = n,
		};
		TEST_EQ(vb2_mont_ge(&k, a), 1, "mont_ge equal");

		a[2] = 3;
		TEST_EQ(vb2_mont_ge(&k, a), 0, "mont_ge less");

		a[1] = 5;
		TEST_EQ(vb2_mont_ge(&k, a), 0, "mont_ge greater");
	}
}

int main(int argc, char* argv[])
{
	/* Run tests */
	test_utils();

	return gTestSuccess ? 0 : 255;
}
View Lorry Controller Status