summaryrefslogtreecommitdiff
path: root/test/vboot.c
diff options
context:
space:
mode:
authorDaisuke Nojiri <dnojiri@chromium.org>2017-07-07 09:49:36 -0700
committerchrome-bot <chrome-bot@chromium.org>2017-07-13 19:45:57 -0700
commit4ec4975d90713b58557beca7ed2a94745d7476e3 (patch)
treeb6f5cf7601f271944de4793cfd2392b5954659e5 /test/vboot.c
parent7630636a0fe8ceb2dbba2b175564a17900d175cf (diff)
downloadchrome-ec-4ec4975d90713b58557beca7ed2a94745d7476e3.tar.gz
vboot: Move common code under common/vboot
This patch moves the code which can be shared with other data verification schemes (e.g. RWSIG) under common/vboot. It also adds unit tests for it. BUG=b:38462249 BRANCH=none TEST=make run-vboot. Verify verification succeeds on Fizz. Change-Id: Icab4d96dd2c154a12b01c41ebe9b46286b4b590e Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/563463 Reviewed-by: Randall Spangler <rspangler@chromium.org>
Diffstat (limited to 'test/vboot.c')
-rw-r--r--test/vboot.c142
1 files changed, 142 insertions, 0 deletions
diff --git a/test/vboot.c b/test/vboot.c
new file mode 100644
index 0000000000..3d4be10308
--- /dev/null
+++ b/test/vboot.c
@@ -0,0 +1,142 @@
+/* Copyright 2017 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Test vboot
+ */
+
+#include <stdlib.h>
+#include "common.h"
+#include "rsa.h"
+#include "test_util.h"
+#include "vboot.h"
+#include "rsa2048-3.h"
+#include "rwsig.h"
+
+struct vboot_key {
+ struct vb21_packed_key vb21_key;
+ struct rsa_public_key key_data;
+};
+
+struct vboot_sig {
+ struct vb21_signature vb21_sig;
+ uint8_t sig_data[RSANUMBYTES];
+};
+
+static void reset_data(struct vboot_key *k, struct vboot_sig *s)
+{
+ k->vb21_key.c.magic = VB21_MAGIC_PACKED_KEY;
+ k->vb21_key.key_offset = sizeof(struct vb21_packed_key);
+ k->vb21_key.key_size = sizeof(rsa_data);
+ memcpy(&k->key_data, rsa_data, sizeof(rsa_data));
+
+ s->vb21_sig.c.magic = VB21_MAGIC_SIGNATURE;
+ s->vb21_sig.sig_size = RSANUMBYTES;
+ s->vb21_sig.sig_offset = sizeof(struct vb21_signature);
+ s->vb21_sig.sig_alg = k->vb21_key.sig_alg;
+ s->vb21_sig.hash_alg = k->vb21_key.hash_alg;
+ s->vb21_sig.data_size = CONFIG_RW_SIZE - CONFIG_RW_SIG_SIZE - 32;
+ memcpy(s->sig_data, sig, sizeof(s->sig_data));
+}
+
+static int test_vboot(void)
+{
+ struct vboot_key k;
+ struct vboot_sig s;
+ uint8_t data[CONFIG_RW_SIZE];
+ int len;
+ int err;
+
+ /* Success */
+ reset_data(&k, &s);
+ memset(data, 0xff, CONFIG_RW_SIZE);
+ err = vb21_is_packed_key_valid(&k.vb21_key);
+ TEST_ASSERT(err == EC_SUCCESS);
+ err = vb21_is_signature_valid(&s.vb21_sig, &k.vb21_key);
+ TEST_ASSERT(err == EC_SUCCESS);
+ len = s.vb21_sig.data_size;
+ err = vboot_is_padding_valid(data, len,
+ CONFIG_RW_SIZE - CONFIG_RW_SIG_SIZE);
+ TEST_ASSERT(err == EC_SUCCESS);
+
+ /* Invalid magic */
+ reset_data(&k, &s);
+ k.vb21_key.c.magic = VB21_MAGIC_SIGNATURE;
+ err = vb21_is_packed_key_valid(&k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Invalid key size */
+ reset_data(&k, &s);
+ k.vb21_key.key_size--;
+ err = vb21_is_packed_key_valid(&k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Invalid magic */
+ reset_data(&k, &s);
+ s.vb21_sig.c.magic = VB21_MAGIC_PACKED_KEY;
+ err = vb21_is_signature_valid(&s.vb21_sig, &k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Invalid sig size */
+ reset_data(&k, &s);
+ s.vb21_sig.sig_size--;
+ err = vb21_is_signature_valid(&s.vb21_sig, &k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Sig algorithm mismatch */
+ reset_data(&k, &s);
+ s.vb21_sig.sig_alg++;
+ err = vb21_is_signature_valid(&s.vb21_sig, &k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Hash algorithm mismatch */
+ reset_data(&k, &s);
+ s.vb21_sig.hash_alg++;
+ err = vb21_is_signature_valid(&s.vb21_sig, &k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Invalid sig_offset */
+ reset_data(&k, &s);
+ s.vb21_sig.sig_offset--;
+ err = vb21_is_signature_valid(&s.vb21_sig, &k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Invalid data size */
+ reset_data(&k, &s);
+ s.vb21_sig.data_size = CONFIG_RW_SIZE;
+ err = vb21_is_signature_valid(&s.vb21_sig, &k.vb21_key);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Invalid padding */
+ reset_data(&k, &s);
+ len = s.vb21_sig.data_size;
+ data[len] = 0;
+ err = vboot_is_padding_valid(data, len,
+ CONFIG_RW_SIZE - CONFIG_RW_SIG_SIZE);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Invalid padding size */
+ reset_data(&k, &s);
+ len = s.vb21_sig.data_size + 1;
+ err = vboot_is_padding_valid(data, len,
+ CONFIG_RW_SIZE - CONFIG_RW_SIG_SIZE);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ /* Padding size is too large */
+ reset_data(&k, &s);
+ len = s.vb21_sig.data_size + 64;
+ err = vboot_is_padding_valid(data, len,
+ CONFIG_RW_SIZE - CONFIG_RW_SIG_SIZE);
+ TEST_ASSERT(err == EC_ERROR_INVAL);
+
+ return EC_SUCCESS;
+}
+
+void run_test(void)
+{
+ test_reset();
+
+ RUN_TEST(test_vboot);
+
+ test_print_result();
+}