1108d991c678f80c99967bd07035de7418c81a072Randall Spangler/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. 2108d991c678f80c99967bd07035de7418c81a072Randall Spangler * Use of this source code is governed by a BSD-style license that can be 3108d991c678f80c99967bd07035de7418c81a072Randall Spangler * found in the LICENSE file. 4108d991c678f80c99967bd07035de7418c81a072Randall Spangler * 5108d991c678f80c99967bd07035de7418c81a072Randall Spangler * Tests for firmware image library. 6108d991c678f80c99967bd07035de7418c81a072Randall Spangler */ 7108d991c678f80c99967bd07035de7418c81a072Randall Spangler 8108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include <stdint.h> 9108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include <stdio.h> 10108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include <string.h> 11108d991c678f80c99967bd07035de7418c81a072Randall Spangler 12108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "2sysincludes.h" 13108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "2common.h" 14108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "2rsa.h" 15108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "vb2_common.h" 16108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "host_common.h" 17108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "host_key2.h" 18108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "host_signature2.h" 19108d991c678f80c99967bd07035de7418c81a072Randall Spangler#include "test_common.h" 20108d991c678f80c99967bd07035de7418c81a072Randall Spangler 21108d991c678f80c99967bd07035de7418c81a072Randall Spangler 22108d991c678f80c99967bd07035de7418c81a072Randall Spanglerstatic const uint8_t test_data[] = "This is some test data to sign."; 23108d991c678f80c99967bd07035de7418c81a072Randall Spanglerstatic const uint32_t test_size = sizeof(test_data); 24108d991c678f80c99967bd07035de7418c81a072Randall Spangler 25308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spanglerstatic void test_unpack_key(const struct vb2_packed_key *key) 26108d991c678f80c99967bd07035de7418c81a072Randall Spangler{ 27108d991c678f80c99967bd07035de7418c81a072Randall Spangler struct vb2_public_key pubk; 28308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler struct vb2_packed_key *key2; 29108d991c678f80c99967bd07035de7418c81a072Randall Spangler uint32_t size = key->c.total_size; 30108d991c678f80c99967bd07035de7418c81a072Randall Spangler 31108d991c678f80c99967bd07035de7418c81a072Randall Spangler /* Make a copy of the key for testing */ 32308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler key2 = (struct vb2_packed_key *)malloc(size); 33108d991c678f80c99967bd07035de7418c81a072Randall Spangler 34108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 35308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 36308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() ok"); 37108d991c678f80c99967bd07035de7418c81a072Randall Spangler 38108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 39108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->key_offset += 4; 40308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 41108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_COMMON_MEMBER_SIZE, 42308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() buffer too small"); 43108d991c678f80c99967bd07035de7418c81a072Randall Spangler 44108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 45108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->c.fixed_size += size; 46308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 47108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_COMMON_FIXED_SIZE, 48308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() buffer too small for desc"); 49108d991c678f80c99967bd07035de7418c81a072Randall Spangler 50108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 51108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->c.desc_size = 0; 52308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 53308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() no desc"); 54108d991c678f80c99967bd07035de7418c81a072Randall Spangler TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string"); 55108d991c678f80c99967bd07035de7418c81a072Randall Spangler 56108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 57108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->c.magic++; 58308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 59108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_UNPACK_KEY_MAGIC, 60308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() bad magic"); 61108d991c678f80c99967bd07035de7418c81a072Randall Spangler 62108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 63108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->c.struct_version_major++; 64308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 65108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_UNPACK_KEY_STRUCT_VERSION, 66308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() bad major version"); 67108d991c678f80c99967bd07035de7418c81a072Randall Spangler 68108d991c678f80c99967bd07035de7418c81a072Randall Spangler /* 69108d991c678f80c99967bd07035de7418c81a072Randall Spangler * Minor version changes are ok. Note that this test assumes that the 70108d991c678f80c99967bd07035de7418c81a072Randall Spangler * source key struct version is the highest actually known to the 71108d991c678f80c99967bd07035de7418c81a072Randall Spangler * reader. If the reader does know about minor version + 1 and that 72108d991c678f80c99967bd07035de7418c81a072Randall Spangler * adds fields, this test will likely fail. But at that point, we 73108d991c678f80c99967bd07035de7418c81a072Randall Spangler * should have already added a test for minor version compatibility to 74108d991c678f80c99967bd07035de7418c81a072Randall Spangler * handle both old and new struct versions, so someone will have 75108d991c678f80c99967bd07035de7418c81a072Randall Spangler * noticed this comment. 76108d991c678f80c99967bd07035de7418c81a072Randall Spangler */ 77108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 78108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->c.struct_version_minor++; 79308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_SUCC(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 80308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() minor version change ok"); 81108d991c678f80c99967bd07035de7418c81a072Randall Spangler 82108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 83108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->sig_alg = VB2_SIG_INVALID; 84308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 85108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM, 86308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() bad sig algorithm"); 87108d991c678f80c99967bd07035de7418c81a072Randall Spangler 88108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 89108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->hash_alg = VB2_HASH_INVALID; 90308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 91108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM, 92308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() bad hash algorithm"); 93108d991c678f80c99967bd07035de7418c81a072Randall Spangler 94108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 95108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->key_size -= 4; 96308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 97108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_UNPACK_KEY_SIZE, 98308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() invalid size"); 99108d991c678f80c99967bd07035de7418c81a072Randall Spangler 100108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 101108d991c678f80c99967bd07035de7418c81a072Randall Spangler key2->key_offset--; 102308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 103108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_COMMON_MEMBER_UNALIGNED, 104308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() unaligned data"); 105108d991c678f80c99967bd07035de7418c81a072Randall Spangler 106108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(key2, key, size); 107108d991c678f80c99967bd07035de7418c81a072Randall Spangler *(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2; 108308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_unpack_key(&pubk, (uint8_t *)key2, size), 109108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_UNPACK_KEY_ARRAY_SIZE, 110308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_unpack_key() invalid key array size"); 111108d991c678f80c99967bd07035de7418c81a072Randall Spangler 112108d991c678f80c99967bd07035de7418c81a072Randall Spangler free(key2); 113108d991c678f80c99967bd07035de7418c81a072Randall Spangler} 114108d991c678f80c99967bd07035de7418c81a072Randall Spangler 115308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spanglerstatic void test_verify_signature(const struct vb2_signature *sig) 116108d991c678f80c99967bd07035de7418c81a072Randall Spangler{ 117308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler struct vb2_signature *sig2; 118108d991c678f80c99967bd07035de7418c81a072Randall Spangler uint8_t *buf2; 119108d991c678f80c99967bd07035de7418c81a072Randall Spangler uint32_t size; 120108d991c678f80c99967bd07035de7418c81a072Randall Spangler 121108d991c678f80c99967bd07035de7418c81a072Randall Spangler /* Make a copy of the signature */ 122108d991c678f80c99967bd07035de7418c81a072Randall Spangler size = sig->c.total_size; 123108d991c678f80c99967bd07035de7418c81a072Randall Spangler buf2 = malloc(size); 124308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler sig2 = (struct vb2_signature *)buf2; 125108d991c678f80c99967bd07035de7418c81a072Randall Spangler 126108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 127308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_SUCC(vb2_verify_signature(sig2, size), "verify_sig ok"); 128308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler sig2->c.magic = VB2_MAGIC_PACKED_KEY; 129308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_MAGIC, 130108d991c678f80c99967bd07035de7418c81a072Randall Spangler "verify_sig magic"); 131108d991c678f80c99967bd07035de7418c81a072Randall Spangler 132108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 133108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->c.total_size += 4; 134308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE, 135108d991c678f80c99967bd07035de7418c81a072Randall Spangler "verify_sig common header"); 136108d991c678f80c99967bd07035de7418c81a072Randall Spangler 137108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 138108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->c.struct_version_minor++; 139308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_SUCC(vb2_verify_signature(sig2, size), "verify_sig minor ver"); 140108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->c.struct_version_major++; 141308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_VERSION, 142108d991c678f80c99967bd07035de7418c81a072Randall Spangler "verify_sig major ver"); 143108d991c678f80c99967bd07035de7418c81a072Randall Spangler 144108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 145108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->c.fixed_size -= 4; 146108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->c.desc_size += 4; 147308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_HEADER_SIZE, 148108d991c678f80c99967bd07035de7418c81a072Randall Spangler "verify_sig header size"); 149108d991c678f80c99967bd07035de7418c81a072Randall Spangler 150108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 151108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->sig_size += 4; 152308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE, 153108d991c678f80c99967bd07035de7418c81a072Randall Spangler "verify_sig sig size"); 154108d991c678f80c99967bd07035de7418c81a072Randall Spangler 155108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 156108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->sig_alg = VB2_SIG_INVALID; 157308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_ALGORITHM, 158108d991c678f80c99967bd07035de7418c81a072Randall Spangler "verify_sig sig alg"); 159108d991c678f80c99967bd07035de7418c81a072Randall Spangler 160108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 161108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ? 162108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_SIG_RSA1024 : VB2_SIG_NONE); 163308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_signature(sig2, size), VB2_ERROR_SIG_SIZE, 164108d991c678f80c99967bd07035de7418c81a072Randall Spangler "verify_sig sig size"); 165108d991c678f80c99967bd07035de7418c81a072Randall Spangler 166108d991c678f80c99967bd07035de7418c81a072Randall Spangler free(buf2); 167108d991c678f80c99967bd07035de7418c81a072Randall Spangler} 168108d991c678f80c99967bd07035de7418c81a072Randall Spangler 169308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spanglerstatic void test_verify_data(const struct vb2_public_key *pubk_orig, 170308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler const struct vb2_signature *sig) 171108d991c678f80c99967bd07035de7418c81a072Randall Spangler{ 17273e5eb38821d693244f841ce4f0a14546e5b6361Bill Richardson uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES] 17373e5eb38821d693244f841ce4f0a14546e5b6361Bill Richardson __attribute__ ((aligned (VB2_WORKBUF_ALIGN))); 174108d991c678f80c99967bd07035de7418c81a072Randall Spangler struct vb2_workbuf wb; 175108d991c678f80c99967bd07035de7418c81a072Randall Spangler 176108d991c678f80c99967bd07035de7418c81a072Randall Spangler struct vb2_public_key pubk; 177308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler struct vb2_signature *sig2; 178108d991c678f80c99967bd07035de7418c81a072Randall Spangler uint8_t *buf2; 179108d991c678f80c99967bd07035de7418c81a072Randall Spangler uint32_t size; 180108d991c678f80c99967bd07035de7418c81a072Randall Spangler 181108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); 182108d991c678f80c99967bd07035de7418c81a072Randall Spangler 183108d991c678f80c99967bd07035de7418c81a072Randall Spangler pubk = *pubk_orig; 184108d991c678f80c99967bd07035de7418c81a072Randall Spangler 185108d991c678f80c99967bd07035de7418c81a072Randall Spangler /* Allocate signature copy for tests */ 186108d991c678f80c99967bd07035de7418c81a072Randall Spangler size = sig->c.total_size; 187108d991c678f80c99967bd07035de7418c81a072Randall Spangler buf2 = malloc(size); 188308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler sig2 = (struct vb2_signature *)buf2; 189108d991c678f80c99967bd07035de7418c81a072Randall Spangler 190108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 191108d991c678f80c99967bd07035de7418c81a072Randall Spangler pubk.sig_alg = VB2_SIG_INVALID; 192308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), 193308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler VB2_ERROR_VDATA_ALGORITHM, "vb2_verify_data() bad sig alg"); 194108d991c678f80c99967bd07035de7418c81a072Randall Spangler pubk = *pubk_orig; 195108d991c678f80c99967bd07035de7418c81a072Randall Spangler 196108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 197108d991c678f80c99967bd07035de7418c81a072Randall Spangler pubk.hash_alg = VB2_HASH_INVALID; 198308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), 199108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_VDATA_DIGEST_SIZE, 200308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_verify_data() bad hash alg"); 201108d991c678f80c99967bd07035de7418c81a072Randall Spangler pubk = *pubk_orig; 202108d991c678f80c99967bd07035de7418c81a072Randall Spangler 203108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_workbuf_init(&wb, workbuf, 4); 204108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 205308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), 206108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_VDATA_WORKBUF_DIGEST, 207308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_verify_data() workbuf too small"); 208108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); 209108d991c678f80c99967bd07035de7418c81a072Randall Spangler 210108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 211308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), 212308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler 0, "vb2_verify_data() ok"); 213108d991c678f80c99967bd07035de7418c81a072Randall Spangler 214108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 215108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->sig_size -= 16; 216308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), 217308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler VB2_ERROR_VDATA_SIG_SIZE, "vb2_verify_data() wrong sig size"); 218108d991c678f80c99967bd07035de7418c81a072Randall Spangler 219108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 220308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size - 1, sig2, &pubk, &wb), 221308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler VB2_ERROR_VDATA_SIZE, "vb2_verify_data() wrong data size"); 222108d991c678f80c99967bd07035de7418c81a072Randall Spangler 223108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 224108d991c678f80c99967bd07035de7418c81a072Randall Spangler sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ? 225108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_HASH_SHA256 : VB2_HASH_SHA1); 226308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), 227108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ERROR_VDATA_ALGORITHM_MISMATCH, 228308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler "vb2_verify_data() alg mismatch"); 229108d991c678f80c99967bd07035de7418c81a072Randall Spangler 230108d991c678f80c99967bd07035de7418c81a072Randall Spangler 231108d991c678f80c99967bd07035de7418c81a072Randall Spangler memcpy(buf2, sig, size); 232108d991c678f80c99967bd07035de7418c81a072Randall Spangler buf2[sig2->sig_offset] ^= 0x5A; 233308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler TEST_EQ(vb2_verify_data(test_data, test_size, sig2, &pubk, &wb), 234308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler VB2_ERROR_RSA_PADDING, "vb2_verify_data() wrong sig"); 235108d991c678f80c99967bd07035de7418c81a072Randall Spangler 236108d991c678f80c99967bd07035de7418c81a072Randall Spangler free(buf2); 237108d991c678f80c99967bd07035de7418c81a072Randall Spangler} 238108d991c678f80c99967bd07035de7418c81a072Randall Spangler 239108d991c678f80c99967bd07035de7418c81a072Randall Spanglerint test_algorithm(int key_algorithm, const char *keys_dir) 240108d991c678f80c99967bd07035de7418c81a072Randall Spangler{ 241108d991c678f80c99967bd07035de7418c81a072Randall Spangler char filename[1024]; 242108d991c678f80c99967bd07035de7418c81a072Randall Spangler int rsa_len = siglen_map[key_algorithm] * 8; 243108d991c678f80c99967bd07035de7418c81a072Randall Spangler 244108d991c678f80c99967bd07035de7418c81a072Randall Spangler enum vb2_signature_algorithm sig_alg = 245108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_crypto_to_signature(key_algorithm); 246108d991c678f80c99967bd07035de7418c81a072Randall Spangler enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm); 247108d991c678f80c99967bd07035de7418c81a072Randall Spangler 248108d991c678f80c99967bd07035de7418c81a072Randall Spangler struct vb2_private_key *prik = NULL; 249308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler struct vb2_signature *sig2 = NULL; 250108d991c678f80c99967bd07035de7418c81a072Randall Spangler struct vb2_public_key *pubk = NULL; 251308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler struct vb2_packed_key *key2 = NULL; 252108d991c678f80c99967bd07035de7418c81a072Randall Spangler 253108d991c678f80c99967bd07035de7418c81a072Randall Spangler printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]); 254108d991c678f80c99967bd07035de7418c81a072Randall Spangler 255108d991c678f80c99967bd07035de7418c81a072Randall Spangler sprintf(filename, "%s/key_rsa%d.pem", keys_dir, rsa_len); 256108d991c678f80c99967bd07035de7418c81a072Randall Spangler TEST_SUCC(vb2_private_key_read_pem(&prik, filename), 257108d991c678f80c99967bd07035de7418c81a072Randall Spangler "Read private key"); 258108d991c678f80c99967bd07035de7418c81a072Randall Spangler prik->hash_alg = hash_alg; 259108d991c678f80c99967bd07035de7418c81a072Randall Spangler prik->sig_alg = sig_alg; 260108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_private_key_set_desc(prik, "private key"); 261108d991c678f80c99967bd07035de7418c81a072Randall Spangler 262108d991c678f80c99967bd07035de7418c81a072Randall Spangler sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, rsa_len); 263108d991c678f80c99967bd07035de7418c81a072Randall Spangler TEST_SUCC(vb2_public_key_read_keyb(&pubk, filename), 264108d991c678f80c99967bd07035de7418c81a072Randall Spangler "Read public key"); 265108d991c678f80c99967bd07035de7418c81a072Randall Spangler pubk->hash_alg = hash_alg; 266108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_public_key_set_desc(pubk, "public key"); 267108d991c678f80c99967bd07035de7418c81a072Randall Spangler TEST_SUCC(vb2_public_key_pack(&key2, pubk), "Pack public key"); 268108d991c678f80c99967bd07035de7418c81a072Randall Spangler 269108d991c678f80c99967bd07035de7418c81a072Randall Spangler /* Calculate good signatures */ 270108d991c678f80c99967bd07035de7418c81a072Randall Spangler TEST_SUCC(vb2_sign_data(&sig2, test_data, test_size, prik, ""), 271108d991c678f80c99967bd07035de7418c81a072Randall Spangler "Make test signature"); 272108d991c678f80c99967bd07035de7418c81a072Randall Spangler 273308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler test_unpack_key(key2); 274308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler test_verify_data(pubk, sig2); 275308d2540929cd95e2a565be95ce0b1d45d2fbed2Randall Spangler test_verify_signature(sig2); 276108d991c678f80c99967bd07035de7418c81a072Randall Spangler 277108d991c678f80c99967bd07035de7418c81a072Randall Spangler free(key2); 278108d991c678f80c99967bd07035de7418c81a072Randall Spangler free(sig2); 279108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_private_key_free(prik); 280108d991c678f80c99967bd07035de7418c81a072Randall Spangler vb2_public_key_free(pubk); 281108d991c678f80c99967bd07035de7418c81a072Randall Spangler 282108d991c678f80c99967bd07035de7418c81a072Randall Spangler return 0; 283108d991c678f80c99967bd07035de7418c81a072Randall Spangler} 284108d991c678f80c99967bd07035de7418c81a072Randall Spangler 285108d991c678f80c99967bd07035de7418c81a072Randall Spangler/* Test only the algorithms we use */ 286108d991c678f80c99967bd07035de7418c81a072Randall Spanglerconst int key_algs[] = { 287108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ALG_RSA2048_SHA256, 288108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ALG_RSA4096_SHA256, 289108d991c678f80c99967bd07035de7418c81a072Randall Spangler VB2_ALG_RSA8192_SHA512, 290108d991c678f80c99967bd07035de7418c81a072Randall Spangler}; 291108d991c678f80c99967bd07035de7418c81a072Randall Spangler 292108d991c678f80c99967bd07035de7418c81a072Randall Spanglerint main(int argc, char *argv[]) { 293108d991c678f80c99967bd07035de7418c81a072Randall Spangler 294108d991c678f80c99967bd07035de7418c81a072Randall Spangler if (argc == 2) { 295108d991c678f80c99967bd07035de7418c81a072Randall Spangler int i; 296108d991c678f80c99967bd07035de7418c81a072Randall Spangler 297108d991c678f80c99967bd07035de7418c81a072Randall Spangler for (i = 0; i < ARRAY_SIZE(key_algs); i++) { 298108d991c678f80c99967bd07035de7418c81a072Randall Spangler if (test_algorithm(key_algs[i], argv[1])) 299108d991c678f80c99967bd07035de7418c81a072Randall Spangler return 1; 300108d991c678f80c99967bd07035de7418c81a072Randall Spangler } 301108d991c678f80c99967bd07035de7418c81a072Randall Spangler 302108d991c678f80c99967bd07035de7418c81a072Randall Spangler } else if (argc == 3 && !strcasecmp(argv[2], "--all")) { 303108d991c678f80c99967bd07035de7418c81a072Randall Spangler /* Test all the algorithms */ 304108d991c678f80c99967bd07035de7418c81a072Randall Spangler int alg; 305108d991c678f80c99967bd07035de7418c81a072Randall Spangler 306108d991c678f80c99967bd07035de7418c81a072Randall Spangler for (alg = 0; alg < kNumAlgorithms; alg++) { 307108d991c678f80c99967bd07035de7418c81a072Randall Spangler if (test_algorithm(alg, argv[1])) 308108d991c678f80c99967bd07035de7418c81a072Randall Spangler return 1; 309108d991c678f80c99967bd07035de7418c81a072Randall Spangler } 310108d991c678f80c99967bd07035de7418c81a072Randall Spangler 311108d991c678f80c99967bd07035de7418c81a072Randall Spangler } else { 312108d991c678f80c99967bd07035de7418c81a072Randall Spangler fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]); 313108d991c678f80c99967bd07035de7418c81a072Randall Spangler return -1; 314108d991c678f80c99967bd07035de7418c81a072Randall Spangler } 315108d991c678f80c99967bd07035de7418c81a072Randall Spangler 316108d991c678f80c99967bd07035de7418c81a072Randall Spangler return gTestSuccess ? 0 : 255; 317108d991c678f80c99967bd07035de7418c81a072Randall Spangler} 318