Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / vboot_reference / refs/heads/rel/p/fp2/21.01.0-rel / . / tests / vb20_common2_tests.c
blob: e5463e2814feac23baf6e0b3a85fe4d862679209 [file] [log] [blame]
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]1/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Tests for firmware image library.
6 */
7
8#include <stdint.h>
9#include <stdio.h>
10#include <string.h>
11
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]12#include "2sysincludes.h"
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]13#include "2rsa.h"
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]14#include "file_keys.h"
15#include "host_common.h"
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800[diff] [blame]16#include "vb2_common.h"
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]17#include "vboot_common.h"
18#include "test_common.h"
19
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]20
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]21static const uint8_t test_data[] = "This is some test data to sign.";
22static const uint32_t test_size = sizeof(test_data);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]23
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]24static void test_unpack_key(const struct vb2_packed_key *key1)
25{
26 struct vb2_public_key pubk;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]27
28 /*
29 * Key data follows the header for a newly allocated key, so we can
30 * calculate the buffer size by looking at how far the key data goes.
31 */
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]32 uint32_t size = key1->key_offset + key1->key_size;
33 uint8_t *buf = malloc(size);
34 struct vb2_packed_key *key = (struct vb2_packed_key *)buf;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]35
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]36 memcpy(key, key1, size);
37 TEST_SUCC(vb2_unpack_key(&pubk, buf, size), "vb2_unpack_key() ok");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]38
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]39 TEST_EQ(pubk.sig_alg, vb2_crypto_to_signature(key->algorithm),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]40 "vb2_unpack_key() sig_alg");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]41 TEST_EQ(pubk.hash_alg, vb2_crypto_to_hash(key->algorithm),
Randall Spangler4eef8122014-10-23 10:07:54 -0700[diff] [blame]42 "vb2_unpack_key() hash_alg");
43
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]44
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]45 memcpy(key, key1, size);
46 key->algorithm = VB2_ALG_COUNT;
47 TEST_EQ(vb2_unpack_key(&pubk, buf, size),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]48 VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]49 "vb2_unpack_key() invalid algorithm");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]50
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]51 memcpy(key, key1, size);
52 key->key_size--;
53 TEST_EQ(vb2_unpack_key(&pubk, buf, size),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]54 VB2_ERROR_UNPACK_KEY_SIZE,
55 "vb2_unpack_key() invalid size");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]56
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]57 memcpy(key, key1, size);
58 key->key_offset++;
59 TEST_EQ(vb2_unpack_key(&pubk, buf, size + 1),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]60 VB2_ERROR_UNPACK_KEY_ALIGN,
61 "vb2_unpack_key() unaligned data");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]62
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]63 memcpy(key, key1, size);
64 *(uint32_t *)(buf + key->key_offset) /= 2;
65 TEST_EQ(vb2_unpack_key(&pubk, buf, size),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]66 VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
67 "vb2_unpack_key() invalid key array size");
68
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]69 memcpy(key, key1, size);
70 TEST_EQ(vb2_unpack_key(&pubk, buf, size - 1),
Randall Spangler224f5ac2014-06-06 09:42:30 -0700[diff] [blame]71 VB2_ERROR_INSIDE_DATA_OUTSIDE,
72 "vb2_unpack_key() buffer too small");
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]73
74 free(key);
75}
76
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]77static void test_verify_data(const struct vb2_packed_key *key1,
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]78 const struct vb2_signature *sig)
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]79{
Bill Richardson73e5eb32015-01-26 12:18:25 -0800[diff] [blame]80 uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
81 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]82 struct vb2_workbuf wb;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]83
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]84 uint32_t pubkey_size = key1->key_offset + key1->key_size;
85 struct vb2_public_key pubk, pubk_orig;
86 uint32_t sig_total_size = sig->sig_offset + sig->sig_size;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]87 struct vb2_signature *sig2;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]88
89 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
90
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]91 /* Allocate signature copy for tests */
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]92 sig2 = (struct vb2_signature *)malloc(sig_total_size);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]93
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]94 TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key1, pubkey_size),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]95 0, "vb2_verify_data() unpack key");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]96 pubk_orig = pubk;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]97
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]98 memcpy(sig2, sig, sig_total_size);
99 pubk.sig_alg = VB2_SIG_INVALID;
100 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]101 0, "vb2_verify_data() bad sig alg");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]102 pubk.sig_alg = pubk_orig.sig_alg;
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]103
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]104 memcpy(sig2, sig, sig_total_size);
105 pubk.hash_alg = VB2_HASH_INVALID;
106 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]107 0, "vb2_verify_data() bad hash alg");
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]108 pubk.hash_alg = pubk_orig.hash_alg;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]109
110 vb2_workbuf_init(&wb, workbuf, 4);
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]111 memcpy(sig2, sig, sig_total_size);
112 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]113 0, "vb2_verify_data() workbuf too small");
114 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
115
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]116 memcpy(sig2, sig, sig_total_size);
117 TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]118 0, "vb2_verify_data() ok");
119
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]120 memcpy(sig2, sig, sig_total_size);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]121 sig2->sig_size -= 16;
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]122 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]123 0, "vb2_verify_data() wrong sig size");
124
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]125 memcpy(sig2, sig, sig_total_size);
126 TEST_NEQ(vb2_verify_data(test_data, test_size - 1, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]127 0, "vb2_verify_data() input buffer too small");
128
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]129 memcpy(sig2, sig, sig_total_size);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]130 vb2_signature_data(sig2)[0] ^= 0x5A;
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]131 TEST_NEQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb),
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]132 0, "vb2_verify_data() wrong sig");
133
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]134 free(sig2);
135}
136
Randall Spanglerb885c3b2014-11-01 17:56:46 -0700[diff] [blame]137
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]138int test_algorithm(int key_algorithm, const char *keys_dir)
139{
140 char filename[1024];
141 int rsa_len = siglen_map[key_algorithm] * 8;
142
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]143 VbPrivateKey *private_key = NULL;
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]144 struct vb2_signature *sig = NULL;
145 struct vb2_packed_key *key1;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]146
147 printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
148
149 sprintf(filename, "%s/key_rsa%d.pem", keys_dir, rsa_len);
150 private_key = PrivateKeyReadPem(filename, key_algorithm);
151 if (!private_key) {
152 fprintf(stderr, "Error reading private_key: %s\n", filename);
153 return 1;
154 }
155
156 sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, rsa_len);
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]157 key1 = (struct vb2_packed_key *)
158 PublicKeyReadKeyb(filename, key_algorithm, 1);
159 if (!key1) {
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]160 fprintf(stderr, "Error reading public_key: %s\n", filename);
161 return 1;
162 }
163
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]164 /* Calculate good signatures */
Randall Spangler3c6ec762014-11-01 17:49:08 -0700[diff] [blame]165 sig = (struct vb2_signature *)
166 CalculateSignature(test_data, sizeof(test_data), private_key);
167 TEST_PTR_NEQ(sig, 0, "Calculate signature");
168 if (!sig)
169 return 1;
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]170
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]171 test_unpack_key(key1);
172 test_verify_data(key1, sig);
173
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]174 free(key1);
Randall Spanglerfc73f082014-11-21 15:33:07 -0800[diff] [blame]175 free(private_key);
176 free(sig);
Randall Spangler7141d732014-05-15 15:34:54 -0700[diff] [blame]177
178 return 0;
179}
180
181/* Test only the algorithms we use */
182const int key_algs[] = {
183 VB2_ALG_RSA2048_SHA256,
184 VB2_ALG_RSA4096_SHA256,
185 VB2_ALG_RSA8192_SHA512,
186};
187
188int main(int argc, char *argv[]) {
189
190 if (argc == 2) {
191 int i;
192
193 for (i = 0; i < ARRAY_SIZE(key_algs); i++) {
194 if (test_algorithm(key_algs[i], argv[1]))
195 return 1;
196 }
197
198 } else if (argc == 3 && !strcasecmp(argv[2], "--all")) {
199 /* Test all the algorithms */
200 int alg;
201
202 for (alg = 0; alg < kNumAlgorithms; alg++) {
203 if (test_algorithm(alg, argv[1]))
204 return 1;
205 }
206
207 } else {
208 fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]);
209 return -1;
210 }
211
212 return gTestSuccess ? 0 : 255;
213}