diff options
author | Randall Spangler <rspangler@chromium.org> | 2014-12-02 10:55:52 -0800 |
---|---|---|
committer | chrome-internal-fetch <chrome-internal-fetch@google.com> | 2014-12-04 04:01:35 +0000 |
commit | c86f0415a0dd1ddea4497e18813a2dd00dd0e3f4 (patch) | |
tree | 23770d5eb6b6fd92e4b93404eaf025415cac2cb6 | |
parent | aaaff86467823e0d3d29c383402275eeae481256 (diff) | |
download | vboot-c86f0415a0dd1ddea4497e18813a2dd00dd0e3f4.tar.gz |
vboot2: Clean up signing data for unit tests
Signing is now simple enough (thanks to full utility lib support for
vboot2 data structs) that we don't need the vb2_convert_structs module
anymore. Also, use the utility lib function to create a firmware
preamble, rather than duplicating that code in the fwlib unit tests.
BUG=chromium:423882
BRANCH=none
TEST=VBOOT2=1 make runtests, and build firmware for veyron_pinky
Change-Id: I1db402a08621f79274d2a69095aebc3e84f4328d
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/232755
-rw-r--r-- | Makefile | 5 | ||||
-rw-r--r-- | tests/vb2_api2_tests.c | 10 | ||||
-rw-r--r-- | tests/vb2_common2_tests.c | 1 | ||||
-rw-r--r-- | tests/vb2_common_tests.c | 118 | ||||
-rw-r--r-- | tests/vb2_convert_structs.c | 31 | ||||
-rw-r--r-- | tests/vb2_convert_structs.h | 24 |
6 files changed, 48 insertions, 141 deletions
@@ -583,11 +583,6 @@ TESTLIB_SRCS = \ tests/timer_utils.c \ tests/crc32_test.c -ifneq (${VBOOT2},) -TESTLIB_SRCS += \ - tests/vb2_convert_structs.c -endif - TESTLIB_OBJS = ${TESTLIB_SRCS:%.c=${BUILD}/%.o} TEST_OBJS += ${TESTLIB_OBJS} diff --git a/tests/vb2_api2_tests.c b/tests/vb2_api2_tests.c index b6db1850..cc1e12af 100644 --- a/tests/vb2_api2_tests.c +++ b/tests/vb2_api2_tests.c @@ -15,10 +15,10 @@ #include "2rsa.h" #include "2secdata.h" +#include "host_key2.h" #include "host_signature2.h" #include "test_common.h" -#include "vb2_convert_structs.h" /* Common context for tests */ static uint8_t workbuf[VB2_WORKBUF_RECOMMENDED_SIZE] @@ -52,6 +52,7 @@ enum reset_type { static void reset_common_data(enum reset_type t) { + const struct vb2_private_key *hash_key; struct vb2_fw_preamble2 *pre; struct vb2_signature2 *sig; uint32_t sig_offset; @@ -75,6 +76,8 @@ static void reset_common_data(enum reset_type t) retval_vb2_load_fw_keyblock = VB2_SUCCESS; retval_vb2_load_fw_preamble = VB2_SUCCESS; + vb2_private_key_hash(&hash_key, mock_hash_alg); + sd->workbuf_preamble_offset = ctx.workbuf_used; pre = (struct vb2_fw_preamble2 *) (ctx.workbuf + sd->workbuf_preamble_offset); @@ -82,9 +85,8 @@ static void reset_common_data(enum reset_type t) pre->hash_offset = sig_offset = sizeof(*pre); for (i = 0; i < 3; i++) { - sig = vb2_create_hash_sig(mock_body, - mock_body_size - 16 * i, - mock_hash_alg); + vb2_sign_data(&sig, mock_body, mock_body_size - 16 * i, + hash_key, NULL); memcpy(&sig->guid, test_guid + i, sizeof(sig->guid)); memcpy((uint8_t *)pre + sig_offset, sig, sig->c.total_size); sig_offset += sig->c.total_size; diff --git a/tests/vb2_common2_tests.c b/tests/vb2_common2_tests.c index 7666a604..519d7f93 100644 --- a/tests/vb2_common2_tests.c +++ b/tests/vb2_common2_tests.c @@ -17,7 +17,6 @@ #include "host_common.h" #include "host_key2.h" #include "host_signature2.h" -#include "vb2_convert_structs.h" #include "vboot_common.h" #include "test_common.h" diff --git a/tests/vb2_common_tests.c b/tests/vb2_common_tests.c index 89c8307d..d520f1c6 100644 --- a/tests/vb2_common_tests.c +++ b/tests/vb2_common_tests.c @@ -8,15 +8,17 @@ #include "2sysincludes.h" #include "2common.h" #include "2rsa.h" +#include "host_fw_preamble2.h" #include "host_key2.h" #include "host_keyblock2.h" #include "host_signature2.h" -#include "vb2_convert_structs.h" #include "vboot_struct.h" /* For old struct sizes */ #include "test_common.h" static const uint8_t test_data[] = "This is some test data to sign."; +static const uint8_t test_data2[] = "Some more test data"; +static const uint8_t test_data3[] = "Even more test data"; /** * Test memory compare functions @@ -460,18 +462,22 @@ static void test_sig_size(void) static void test_verify_hash(void) { struct vb2_signature2 *sig; + const struct vb2_private_key *prik; struct vb2_public_key pubk; uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]; struct vb2_workbuf wb; vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); + TEST_SUCC(vb2_private_key_hash(&prik, VB2_HASH_SHA256), + "create private hash key"); TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256), "create hash key"); /* Create the signature */ - sig = vb2_create_hash_sig(test_data, sizeof(test_data), pubk.hash_alg); - TEST_PTR_NEQ(sig, NULL, "create hash sig"); + TEST_SUCC(vb2_sign_data(&sig, test_data, sizeof(test_data), + prik, NULL), + "create hash sig"); TEST_SUCC(vb2_verify_data2(test_data, sizeof(test_data), sig, &pubk, &wb), @@ -559,7 +565,7 @@ static void test_verify_keyblock(void) memcpy(buf, buf2, buf_size); kbuf->c.struct_version_minor++; /* That changes the signature, so resign the keyblock */ - sig = vb2_create_hash_sig(buf, kbuf->sig_offset, VB2_HASH_SHA256); + vb2_sign_data(&sig, buf, kbuf->sig_offset, prik[0], NULL); memcpy(buf + kbuf->sig_offset, sig, sig->c.total_size); free(sig); TEST_SUCC(vb2_verify_keyblock2(kbuf, buf_size, &pubk, &wb), @@ -615,11 +621,13 @@ static void test_verify_keyblock(void) static void test_verify_fw_preamble(void) { const char desc[16] = "test preamble"; + const struct vb2_private_key *prikhash; + struct vb2_signature2 *hashes[3]; struct vb2_public_key pubk; struct vb2_signature2 *sig; struct vb2_fw_preamble2 *pre; uint32_t buf_size; - uint8_t *buf, *buf2, *bnext; + uint8_t *buf, *buf2; uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES]; struct vb2_workbuf wb; @@ -633,70 +641,28 @@ static void test_verify_fw_preamble(void) */ TEST_SUCC(vb2_public_key_hash(&pubk, VB2_HASH_SHA256), "create hash key"); - - struct vb2_fw_preamble2 fp = { - .c.magic = VB2_MAGIC_FW_PREAMBLE2, - .c.struct_version_major = VB2_FW_PREAMBLE2_VERSION_MAJOR, - .c.struct_version_minor = VB2_FW_PREAMBLE2_VERSION_MAJOR, - .c.fixed_size = sizeof(fp), - .c.desc_size = sizeof(desc), - .flags = 0, - .hash_count = 3, - }; - - fp.hash_offset = fp.c.fixed_size + fp.c.desc_size; - - /* Create some hashes so we can calculate their sizes */ - fp.c.total_size = fp.hash_offset; - - sig = vb2_create_hash_sig(test_data, sizeof(test_data), - VB2_HASH_SHA512); - fp.c.total_size += sig->c.total_size; - free(sig); - - sig = vb2_create_hash_sig(test_data, sizeof(test_data), - VB2_HASH_SHA256); - fp.c.total_size += 2 * sig->c.total_size; - - /* Preamble signature goes after that */ - fp.sig_offset = fp.c.total_size; - fp.c.total_size += sig->c.total_size; - free(sig); - - /* Now that the total size is known, create the real preamble */ - buf_size = fp.c.total_size; - buf = calloc(1, buf_size); - memcpy(buf, &fp, sizeof(fp)); - memcpy(buf + fp.c.fixed_size, desc, sizeof(desc)); - - /* And copy in the component hashes (use parts of test data) */ - bnext = buf + fp.hash_offset; - - sig = vb2_create_hash_sig(test_data, sizeof(test_data), - VB2_HASH_SHA256); - memset(&sig->guid, 0x01, sizeof(sig->guid)); - memcpy(bnext, sig, sig->c.total_size); - bnext += sig->c.total_size; - free(sig); - - sig = vb2_create_hash_sig(test_data, sizeof(test_data), - VB2_HASH_SHA512); - memset(&sig->guid, 0x03, sizeof(sig->guid)); - memcpy(bnext, sig, sig->c.total_size); - bnext += sig->c.total_size; - free(sig); - - sig = vb2_create_hash_sig(test_data, sizeof(test_data) - 4, - VB2_HASH_SHA256); - memset(&sig->guid, 0x02, sizeof(sig->guid)); - memcpy(bnext, sig, sig->c.total_size); - bnext += sig->c.total_size; - free(sig); - - /* Now sign the preamble */ - sig = vb2_create_hash_sig(buf, fp.sig_offset, VB2_HASH_SHA256); - memcpy(buf + fp.sig_offset, sig, sig->c.total_size); - free(sig); + TEST_SUCC(vb2_private_key_hash(&prikhash, VB2_HASH_SHA256), + "Create private hash key"); + + /* Create some signatures */ + TEST_SUCC(vb2_sign_data(hashes + 0, test_data, sizeof(test_data), + prikhash, "Hash 1"), + "Hash 1"); + TEST_SUCC(vb2_sign_data(hashes + 1, test_data2, sizeof(test_data2), + prikhash, "Hash 2"), + "Hash 2"); + TEST_SUCC(vb2_sign_data(hashes + 2, test_data3, sizeof(test_data3), + prikhash, "Hash 3"), + "Hash 3"); + + /* Test good preamble */ + TEST_SUCC(vb2_fw_preamble_create(&pre, prikhash, + (const struct vb2_signature2 **)hashes, + 3, 0x1234, 0x5678, desc), + "Create preamble good"); + + buf = (uint8_t *)pre; + buf_size = pre->c.total_size; /* Make a copy of the buffer, so we can mangle it for tests */ buf2 = malloc(buf_size); @@ -729,7 +695,7 @@ static void test_verify_fw_preamble(void) memcpy(buf, buf2, buf_size); pre->c.struct_version_minor++; /* That changes the signature, so resign the fw_preamble */ - sig = vb2_create_hash_sig(buf, fp.sig_offset, VB2_HASH_SHA256); + vb2_sign_data(&sig, buf, pre->sig_offset, prikhash, NULL); memcpy(buf + pre->sig_offset, sig, sig->c.total_size); free(sig); TEST_SUCC(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb), @@ -743,14 +709,14 @@ static void test_verify_fw_preamble(void) "vb2_verify_fw_preamble2() header size"); memcpy(buf, buf2, buf_size); - sig = (struct vb2_signature2 *)(buf + fp.hash_offset); - sig->c.total_size += fp.c.total_size; + sig = (struct vb2_signature2 *)(buf + pre->hash_offset); + sig->c.total_size += pre->c.total_size; TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb), VB2_ERROR_COMMON_TOTAL_SIZE, "vb2_verify_fw_preamble2() hash size"); memcpy(buf, buf2, buf_size); - sig = (struct vb2_signature2 *)(buf + fp.hash_offset); + sig = (struct vb2_signature2 *)(buf + pre->hash_offset); sig->sig_size /= 2; TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb), VB2_ERROR_SIG_SIZE, @@ -763,15 +729,15 @@ static void test_verify_fw_preamble(void) "vb2_verify_fw_preamble2() hash count"); memcpy(buf, buf2, buf_size); - sig = (struct vb2_signature2 *)(buf + fp.sig_offset); + sig = (struct vb2_signature2 *)(buf + pre->sig_offset); sig->c.total_size += 4; TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb), VB2_ERROR_COMMON_TOTAL_SIZE, "vb2_verify_fw_preamble2() sig inside"); memcpy(buf, buf2, buf_size); - sig = (struct vb2_signature2 *)(buf + fp.sig_offset); - buf[fp.sig_offset + sig->sig_offset]++; + sig = (struct vb2_signature2 *)(buf + pre->sig_offset); + buf[pre->sig_offset + sig->sig_offset]++; TEST_EQ(vb2_verify_fw_preamble2(pre, buf_size, &pubk, &wb), VB2_ERROR_VDATA_VERIFY_DIGEST, "vb2_verify_fw_preamble2() sig corrupt"); diff --git a/tests/vb2_convert_structs.c b/tests/vb2_convert_structs.c deleted file mode 100644 index 99d2a429..00000000 --- a/tests/vb2_convert_structs.c +++ /dev/null @@ -1,31 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - * Convert structs from vboot1 data format to new vboot2 structs - */ - -#include "2sysincludes.h" -#include "2common.h" -#include "host_common.h" -#include "host_key2.h" -#include "host_signature2.h" -#include "vb2_convert_structs.h" - -#include "test_common.h" - -struct vb2_signature2 *vb2_create_hash_sig(const uint8_t *data, - uint32_t size, - enum vb2_hash_algorithm hash_alg) -{ - const struct vb2_private_key *key; - struct vb2_signature2 *sig; - - if (vb2_private_key_hash(&key, hash_alg)) - return NULL; - - if (vb2_sign_data(&sig, data, size, key, NULL)) - return NULL; - - return sig; -} diff --git a/tests/vb2_convert_structs.h b/tests/vb2_convert_structs.h deleted file mode 100644 index ca7fcec5..00000000 --- a/tests/vb2_convert_structs.h +++ /dev/null @@ -1,24 +0,0 @@ -/* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. - * Use of this source code is governed by a BSD-style license that can be - * found in the LICENSE file. - * - */ - -#ifndef VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_ -#define VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_ - -#include "2struct.h" - -/** - * Create an unsigned hash signature of the data. - * - * @param data Data to sign - * @param size Size of data in bytes - * @return a newly-allocated signature, which the caller must free, or NULL if - * error. - */ -struct vb2_signature2 *vb2_create_hash_sig(const uint8_t *data, - uint32_t size, - enum vb2_hash_algorithm hash_alg); - -#endif /* VBOOT_REFERENCE_VB2_CONVERT_STRUCTS_H_ */ |