Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / vboot_reference / refs/heads/rel/p/fp2/21.01.0-rel / . / tests / vb20_rsa_padding_tests.c
blob: 3bbebcf60f112b6ba6f7b95fce481af97e0ae564 [file] [log] [blame]
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]1/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 */
5
6
7#include <stdint.h>
8#include <stdio.h>
9
10#include "cryptolib.h"
11#include "file_keys.h"
12#include "rsa_padding_test.h"
13#include "test_common.h"
14#include "utility.h"
15
16#include "2sysincludes.h"
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]17#include "2rsa.h"
Randall Spangler6f1b82a2014-12-03 12:29:37 -0800[diff] [blame]18#include "vb2_common.h"
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]19
20/**
21 * Convert an old-style RSA public key struct to a new one.
22 *
23 * The new one does not allocate memory, so you must keep the old one around
24 * until you're done with the new one.
25 *
26 * @param k2 Destination new key
27 * @param key Source old key
28 */
29void vb2_public_key_to_vb2(struct vb2_public_key *k2,
30 const struct RSAPublicKey *key)
31{
32 k2->arrsize = key->len;
33 k2->n0inv = key->n0inv;
34 k2->n = key->n;
35 k2->rr = key->rr;
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]36 k2->sig_alg = vb2_crypto_to_signature(key->algorithm);
Randall Spangler4eef8122014-10-23 10:07:54 -0700[diff] [blame]37 k2->hash_alg = vb2_crypto_to_hash(key->algorithm);
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]38}
39
40/**
41 * Test valid and invalid signatures.
42 */
43static void test_signatures(const struct vb2_public_key *key)
44{
Bill Richardson73e5eb32015-01-26 12:18:25 -0800[diff] [blame]45 uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
46 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]47 uint8_t sig[RSA1024NUMBYTES];
48 struct vb2_workbuf wb;
49 int unexpected_success;
50 int i;
51
52 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
53
54 /* The first test signature is valid. */
55 Memcpy(sig, signatures[0], sizeof(sig));
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]56 TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
Randall Spanglerb9be5362014-06-05 13:32:11 -0700[diff] [blame]57 "RSA Padding Test valid sig");
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]58
59 /* All other signatures should fail verification. */
60 unexpected_success = 0;
61 for (i = 1; i < sizeof(signatures) / sizeof(signatures[0]); i++) {
62 Memcpy(sig, signatures[i], sizeof(sig));
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]63 if (!vb2_rsa_verify_digest(key, sig,
64 test_message_sha1_hash, &wb)) {
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]65 fprintf(stderr,
66 "RSA Padding Test vector %d FAILED!\n", i);
67 unexpected_success++;
68 }
69 }
70 TEST_EQ(unexpected_success, 0, "RSA Padding Test invalid sigs");
71}
72
73
74/**
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]75 * Test other error conditions in vb2_rsa_verify_digest().
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]76 */
77static void test_verify_digest(struct vb2_public_key *key) {
Bill Richardson73e5eb32015-01-26 12:18:25 -0800[diff] [blame]78 uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
79 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]80 uint8_t sig[RSA1024NUMBYTES];
81 struct vb2_workbuf wb;
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]82 enum vb2_signature_algorithm orig_key_alg = key->sig_alg;
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]83
84 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
85
86 Memcpy(sig, signatures[0], sizeof(sig));
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]87 TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
88 "vb2_rsa_verify_digest() good");
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]89
90 Memcpy(sig, signatures[0], sizeof(sig));
91 vb2_workbuf_init(&wb, workbuf, sizeof(sig) * 3 - 1);
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]92 TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
Randall Spanglerb9be5362014-06-05 13:32:11 -0700[diff] [blame]93 VB2_ERROR_RSA_VERIFY_WORKBUF,
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]94 "vb2_rsa_verify_digest() small workbuf");
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]95 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
96
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]97 key->sig_alg = VB2_SIG_INVALID;
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]98 Memcpy(sig, signatures[0], sizeof(sig));
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]99 TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
Randall Spanglerb9be5362014-06-05 13:32:11 -0700[diff] [blame]100 VB2_ERROR_RSA_VERIFY_ALGORITHM,
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]101 "vb2_rsa_verify_digest() bad key alg");
Randall Spanglerc8c2f022014-10-23 09:48:20 -0700[diff] [blame]102 key->sig_alg = orig_key_alg;
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]103
104 key->arrsize *= 2;
105 Memcpy(sig, signatures[0], sizeof(sig));
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]106 TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
Randall Spanglerb9be5362014-06-05 13:32:11 -0700[diff] [blame]107 VB2_ERROR_RSA_VERIFY_SIG_LEN,
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]108 "vb2_rsa_verify_digest() bad sig len");
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]109 key->arrsize /= 2;
110
111 /* Corrupt the signature near start and end */
112 Memcpy(sig, signatures[0], sizeof(sig));
113 sig[3] ^= 0x42;
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]114 TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
115 VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig");
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]116
117 Memcpy(sig, signatures[0], sizeof(sig));
118 sig[RSA1024NUMBYTES - 3] ^= 0x56;
Randall Spangler95047542014-10-17 16:41:46 -0700[diff] [blame]119 TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
120 VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig end");
Randall Spanglere166d042014-05-13 09:24:52 -0700[diff] [blame]121}
122
123int main(int argc, char *argv[])
124{
125 int error = 0;
126 RSAPublicKey *key;
127 struct vb2_public_key k2;
128
129 /* Read test key */
130 if (argc != 2) {
131 fprintf(stderr, "Usage: %s <test public key>\n", argv[0]);
132 return 1;
133 }
134 key = RSAPublicKeyFromFile(argv[1]);
135
136 if (!key) {
137 fprintf(stderr, "Couldn't read RSA public key for the test.\n");
138 return 1;
139 }
140
141 // TODO: why is test key algorithm wrong?
142 key->algorithm = 0;
143
144 /* Convert test key to Vb2 format */
145 vb2_public_key_to_vb2(&k2, key);
146
147 /* Run tests */
148 test_signatures(&k2);
149 test_verify_digest(&k2);
150
151 /* Clean up and exit */
152 RSAPublicKeyFree(key);
153
154 if (!gTestSuccess)
155 error = 255;
156
157 return error;
158}