Home Explore Help
Sign In
seokj
/
vboot
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: a609478d1a
Branches Tags
vboot
/
tests
/
vb20_common2_tests.c

vb20_common2_tests.c 6.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229 
  1. /* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
    2. 

  2.  * Use of this source code is governed by a BSD-style license that can be
    3. 

  3.  * found in the LICENSE file.
    4. 

  4.  *
    5. 

  5.  * Tests for firmware image library.
    6. 

  6.  */
    7. 

  7. 

  8. #include <stdint.h>
    9. 

  9. #include <stdio.h>
    10. 

  10. #include <string.h>
    11. 

  11. 

  12. #include "2sysincludes.h"
    13. 

  13. #include "2rsa.h"
    14. 

  14. #include "file_keys.h"
    15. 

  15. #include "host_common.h"
    16. 

  16. #include "host_key2.h"
    17. 

  17. #include "vb2_common.h"
    18. 

  18. #include "vboot_common.h"
    19. 

  19. #include "test_common.h"
    20. 

  20. 

  21. 

  22. static const uint8_t test_data[] = "This is some test data to sign.";
    23. 

  23. static const uint32_t test_size = sizeof(test_data);
    24. 

  24. 

  25. static void test_unpack_key(const struct vb2_packed_key *key1)
    26. 

  26. {
    27. 

  27. 	struct vb2_public_key pubk;
    28. 

  28. 

  29. 	/*
    30. 

  30. 	 * Key data follows the header for a newly allocated key, so we can
    31. 

  31. 	 * calculate the buffer size by looking at how far the key data goes.
    32. 

  32. 	 */
    33. 

  33. 	uint32_t size = key1->key_offset + key1->key_size;
    34. 

  34. 	uint8_t *buf = malloc(size);
    35. 

  35. 	struct vb2_packed_key *key = (struct vb2_packed_key *)buf;
    36. 

  36. 

  37. 	memcpy(key, key1, size);
    38. 

  38. 	TEST_SUCC(vb2_unpack_key_buffer(&pubk, buf, size),
    39. 

  39. 		  "vb2_unpack_key_buffer() ok");
    40. 

  40. 

  41. 	TEST_EQ(pubk.sig_alg, vb2_crypto_to_signature(key->algorithm),
    42. 

  42. 		"vb2_unpack_key_buffer() sig_alg");
    43. 

  43. 	TEST_EQ(pubk.hash_alg, vb2_crypto_to_hash(key->algorithm),
    44. 

  44. 		"vb2_unpack_key_buffer() hash_alg");
    45. 

  45. 

  46. 

  47. 	memcpy(key, key1, size);
    48. 

  48. 	key->algorithm = VB2_ALG_COUNT;
    49. 

  49. 	TEST_EQ(vb2_unpack_key_buffer(&pubk, buf, size),
    50. 

  50. 		VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
    51. 

  51. 		"vb2_unpack_key_buffer() invalid algorithm");
    52. 

  52. 

  53. 	memcpy(key, key1, size);
    54. 

  54. 	key->key_size--;
    55. 

  55. 	TEST_EQ(vb2_unpack_key_buffer(&pubk, buf, size),
    56. 

  56. 		VB2_ERROR_UNPACK_KEY_SIZE,
    57. 

  57. 		"vb2_unpack_key_buffer() invalid size");
    58. 

  58. 

  59. 	memcpy(key, key1, size);
    60. 

  60. 	key->key_offset++;
    61. 

  61. 	TEST_EQ(vb2_unpack_key_buffer(&pubk, buf, size + 1),
    62. 

  62. 		VB2_ERROR_UNPACK_KEY_ALIGN,
    63. 

  63. 		"vb2_unpack_key_buffer() unaligned data");
    64. 

  64. 

  65. 	memcpy(key, key1, size);
    66. 

  66. 	*(uint32_t *)(buf + key->key_offset) /= 2;
    67. 

  67. 	TEST_EQ(vb2_unpack_key_buffer(&pubk, buf, size),
    68. 

  68. 		VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
    69. 

  69. 		"vb2_unpack_key_buffer() invalid key array size");
    70. 

  70. 

  71. 	memcpy(key, key1, size);
    72. 

  72. 	TEST_EQ(vb2_unpack_key_buffer(&pubk, buf, size - 1),
    73. 

  73. 		VB2_ERROR_INSIDE_DATA_OUTSIDE,
    74. 

  74. 		"vb2_unpack_key_buffer() buffer too small");
    75. 

  75. 

  76. 	free(key);
    77. 

  77. 

  78. 	TEST_EQ(vb2_unpack_key(&pubk, NULL),
    79. 

  79. 		VB2_ERROR_UNPACK_KEY_BUFFER,
    80. 

  80. 		"vb2_unpack_key_() buffer NULL");
    81. 

  81. }
    82. 

  82. 

  83. static void test_verify_data(const struct vb2_packed_key *key1,
    84. 

  84. 			     const struct vb2_signature *sig)
    85. 

  85. {
    86. 

  86. 	uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
    87. 

  87. 		 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
    88. 

  88. 	struct vb2_workbuf wb;
    89. 

  89. 

  90. 	struct vb2_public_key pubk, pubk_orig;
    91. 

  91. 	uint32_t sig_total_size = sig->sig_offset + sig->sig_size;
    92. 

  92. 	struct vb2_signature *sig2;
    93. 

  93. 

  94. 	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
    95. 

  95. 

  96. 	/* Allocate signature copy for tests */
    97. 

  97. 	sig2 = (struct vb2_signature *)malloc(sig_total_size);
    98. 

  98. 

  99. 	TEST_SUCC(vb2_unpack_key(&pubk, key1), "vb2_verify_data() unpack key");
    100. 

  100. 	pubk_orig = pubk;
    101. 

  101. 

  102. 	memcpy(sig2, sig, sig_total_size);
    103. 

  103. 	pubk.sig_alg = VB2_SIG_INVALID;
    104. 

  104. 	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
    105. 

  105. 		 0, "vb2_verify_data() bad sig alg");
    106. 

  106. 	pubk.sig_alg = pubk_orig.sig_alg;
    107. 

  107. 

  108. 	memcpy(sig2, sig, sig_total_size);
    109. 

  109. 	pubk.hash_alg = VB2_HASH_INVALID;
    110. 

  110. 	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
    111. 

  111. 		 0, "vb2_verify_data() bad hash alg");
    112. 

  112. 	pubk.hash_alg = pubk_orig.hash_alg;
    113. 

  113. 

  114. 	vb2_workbuf_init(&wb, workbuf, 4);
    115. 

  115. 	memcpy(sig2, sig, sig_total_size);
    116. 

  116. 	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
    117. 

  117. 		 0, "vb2_verify_data() workbuf too small");
    118. 

  118. 	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
    119. 

  119. 

  120. 	memcpy(sig2, sig, sig_total_size);
    121. 

  121. 	TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
    122. 

  122. 		0, "vb2_verify_data() ok");
    123. 

  123. 

  124. 	memcpy(sig2, sig, sig_total_size);
    125. 

  125. 	sig2->sig_size -= 16;
    126. 

  126. 	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
    127. 

  127. 		 0, "vb2_verify_data() wrong sig size");
    128. 

  128. 

  129. 	memcpy(sig2, sig, sig_total_size);
    130. 

  130. 	TEST_NEQ(vb2_verify_data(test_data, test_size - 1, sig2, &pubk, &wb),
    131. 

  131. 		 0, "vb2_verify_data() input buffer too small");
    132. 

  132. 

  133. 	memcpy(sig2, sig, sig_total_size);
    134. 

  134. 	vb2_signature_data(sig2)[0] ^= 0x5A;
    135. 

  135. 	TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
    136. 

  136. 		 0, "vb2_verify_data() wrong sig");
    137. 

  137. 

  138. 	free(sig2);
    139. 

  139. }
    140. 

  140. 

  141. 

  142. int test_algorithm(int key_algorithm, const char *keys_dir)
    143. 

  143. {
    144. 

  144. 	char filename[1024];
    145. 

  145. 	int rsa_bits = 8 * vb2_rsa_sig_size(
    146. 

  146. 			vb2_crypto_to_signature(key_algorithm));
    147. 

  147. 

  148. 	struct vb2_private_key *private_key = NULL;
    149. 

  149. 	struct vb2_signature *sig = NULL;
    150. 

  150. 	struct vb2_packed_key *key1 = NULL;
    151. 

  151. 

  152. 	int retval = 1;
    153. 

  153. 

  154. 	printf("***Testing algorithm: %s\n",
    155. 

  155. 	       vb2_get_crypto_algorithm_name(key_algorithm));
    156. 

  156. 

  157. 	snprintf(filename, sizeof(filename),
    158. 

  158. 		 "%s/key_rsa%d.pem", keys_dir, rsa_bits);
    159. 

  159. 	private_key = vb2_read_private_key_pem(filename, key_algorithm);
    160. 

  160. 	if (!private_key) {
    161. 

  161. 		fprintf(stderr, "Error reading private_key: %s\n", filename);
    162. 

  162. 		goto cleanup_algorithm;
    163. 

  163. 	}
    164. 

  164. 

  165. 	snprintf(filename, sizeof(filename),
    166. 

  166. 		 "%s/key_rsa%d.keyb", keys_dir, rsa_bits);
    167. 

  167. 	key1 = vb2_read_packed_keyb(filename, key_algorithm, 1);
    168. 

  168. 	if (!key1) {
    169. 

  169. 		fprintf(stderr, "Error reading public_key: %s\n", filename);
    170. 

  170. 		goto cleanup_algorithm;
    171. 

  171. 	}
    172. 

  172. 

  173. 	/* Calculate good signatures */
    174. 

  174. 	sig = vb2_calculate_signature(test_data, sizeof(test_data),
    175. 

  175. 				      private_key);
    176. 

  176. 	TEST_PTR_NEQ(sig, 0, "Calculate signature");
    177. 

  177. 	if (!sig)
    178. 

  178. 		goto cleanup_algorithm;
    179. 

  179. 

  180. 	test_unpack_key(key1);
    181. 

  181. 	test_verify_data(key1, sig);
    182. 

  182. 

  183. 	retval = 0;
    184. 

  184. 

  185. cleanup_algorithm:
    186. 

  186. 	if (key1)
    187. 

  187. 		free(key1);
    188. 

  188. 	if (private_key)
    189. 

  189. 		free(private_key);
    190. 

  190. 	if (sig)
    191. 

  191. 		free(sig);
    192. 

  192. 

  193. 	return retval;
    194. 

  194. }
    195. 

  195. 

  196. /* Test only the algorithms we use */
    197. 

  197. const int key_algs[] = {
    198. 

  198. 	VB2_ALG_RSA2048_SHA256,
    199. 

  199. 	VB2_ALG_RSA4096_SHA256,
    200. 

  200. 	VB2_ALG_RSA8192_SHA512,
    201. 

  201. };
    202. 

  202. 

  203. int main(int argc, char *argv[]) {
    204. 

  204. 

  205. 	if (argc == 2) {
    206. 

  206. 		int i;
    207. 

  207. 

  208. 		for (i = 0; i < ARRAY_SIZE(key_algs); i++) {
    209. 

  209. 			if (test_algorithm(key_algs[i], argv[1]))
    210. 

  210. 				return 1;
    211. 

  211. 		}
    212. 

  212. 

  213. 	} else if (argc == 3 && !strcasecmp(argv[2], "--all")) {
    214. 

  214. 		/* Test all the algorithms */
    215. 

  215. 		int alg;
    216. 

  216. 

  217. 		for (alg = 0; alg < VB2_ALG_COUNT; alg++) {
    218. 

  218. 			if (test_algorithm(alg, argv[1]))
    219. 

  219. 				return 1;
    220. 

  220. 		}
    221. 

  221. 

  222. 	} else {
    223. 

  223. 		fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]);
    224. 

  224. 		return -1;
    225. 

  225. 	}
    226. 

  226. 

  227. 	return gTestSuccess ? 0 : 255;
    228. 

  228. }
    229. 

  229.