Create vbutil_ec tool for signing EC firmware.

This just adds the vbutil_ec tool (and a simple test of the library
functions related to it).

BUG=chrome-os-partner:7459, chromium-os:27142
TEST=manual

  make
  make runtests

Change-Id: I2a2c4e7cfb8ac6ce2229c5de4252a5cc89321fa5
Reviewed-on: https://gerrit.chromium.org/gerrit/21868
Commit-Ready: Bill Richardson <wfrichar@chromium.org>
Tested-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Stefan Reinauer <reinauer@google.com>
Reviewed-by: Vadim Bendebury <vbendeb@chromium.org>

9 files changed, 182 insertions, 1 deletions

diff --git a/tests/Makefile b/tests/Makefile
index f7f0cba6..9df9a696 100644
--- a/tests/Makefile
+++ b/tests/Makefile
@@ -40,6 +40,7 @@ TEST_NAMES = cgptlib_test \
 	     vboot_common_tests \
 	     vboot_common2_tests \
 	     vboot_common3_tests \
+	     vboot_ec_tests \
 	     vboot_firmware_tests \
 	     vboot_nvstorage_test \
 	     vboot_api_devmode_tests \
@@ -150,6 +151,7 @@ runcryptotests:
 	${BUILD_ROOT}/rsa_utility_tests
 	${BUILD_ROOT}/sha_tests
 	./run_vboot_common_tests.sh
+	./run_vboot_ec_tests.sh
 
 # Run other misc tests
 runmisctests:
diff --git a/tests/devkeys/ec.keyblock b/tests/devkeys/ec.keyblock
new file mode 100644
index 00000000..6b088f32
--- /dev/null
+++ b/tests/devkeys/ec.keyblock
diff --git a/tests/devkeys/ec_data_key.vbprivk b/tests/devkeys/ec_data_key.vbprivk
new file mode 100644
index 00000000..9f194ce9
--- /dev/null
+++ b/tests/devkeys/ec_data_key.vbprivk
diff --git a/tests/devkeys/ec_data_key.vbpubk b/tests/devkeys/ec_data_key.vbpubk
new file mode 100644
index 00000000..5804dfd6
--- /dev/null
+++ b/tests/devkeys/ec_data_key.vbpubk
diff --git a/tests/devkeys/ec_root_key.vbprivk b/tests/devkeys/ec_root_key.vbprivk
new file mode 100644
index 00000000..49144720
--- /dev/null
+++ b/tests/devkeys/ec_root_key.vbprivk
diff --git a/tests/devkeys/ec_root_key.vbpubk b/tests/devkeys/ec_root_key.vbpubk
new file mode 100644
index 00000000..76c26f94
--- /dev/null
+++ b/tests/devkeys/ec_root_key.vbpubk
diff --git a/tests/run_vboot_common_tests.sh b/tests/run_vboot_common_tests.sh
index 6295f404..9d4373f7 100755
--- a/tests/run_vboot_common_tests.sh
+++ b/tests/run_vboot_common_tests.sh
@@ -4,7 +4,7 @@
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
-# Run verified boot firmware and kernel verification tests. 
+# Run verified boot firmware and kernel verification tests.
 
 # Load common constants and variables.
 . "$(dirname "$0")/common.sh"
diff --git a/tests/run_vboot_ec_tests.sh b/tests/run_vboot_ec_tests.sh
new file mode 100755
index 00000000..b5b0e7b1
--- /dev/null
+++ b/tests/run_vboot_ec_tests.sh
@@ -0,0 +1,19 @@
+#!/bin/bash -eu
+
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+# Run verified boot firmware and kernel verification tests.
+
+# Load common constants and variables.
+. "$(dirname "$0")/common.sh"
+
+check_test_keys
+
+for priv in ${TESTKEY_DIR}/*.vbprivk; do
+  root=$(basename ${i%.vbprivk})
+  pub="${priv%.vbprivk}.vbpubk"
+  echo "Trying $root ..."
+  ${TEST_DIR}/vboot_ec_tests "$priv" "$pub"
+done
diff --git a/tests/vboot_ec_tests.c b/tests/vboot_ec_tests.c
new file mode 100644
index 00000000..831565fc
--- /dev/null
+++ b/tests/vboot_ec_tests.c
@@ -0,0 +1,160 @@
+/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ *
+ * Tests for EC firmware vboot stuff.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "cryptolib.h"
+#include "file_keys.h"
+#include "host_common.h"
+#include "test_common.h"
+#include "vboot_common.h"
+
+static void ReSignECPreamble(VbECPreambleHeader* h,
+                                   const VbPrivateKey* key) {
+  VbSignature *sig = CalculateSignature((const uint8_t*)h,
+                                        h->preamble_signature.data_size, key);
+
+  SignatureCopy(&h->preamble_signature, sig);
+  free(sig);
+}
+
+
+static void VerifyECPreambleTest(const VbPublicKey* public_key,
+                                 const VbPrivateKey* private_key) {
+  VbECPreambleHeader* hdr;
+  VbECPreambleHeader* h;
+  RSAPublicKey* rsa;
+  unsigned hsize;
+
+  /* Create a dummy signature */
+  VbSignature* body_sig = SignatureAlloc(56, 78);
+
+  rsa = PublicKeyToRSA(public_key);
+  hdr = CreateECPreamble(0x1234, body_sig, private_key,
+                         0x5678, "Foo bar");
+  TEST_NEQ(hdr && rsa, 0, "VerifyECPreamble() prerequisites");
+  if (!hdr)
+    return;
+
+  hsize = (unsigned) hdr->preamble_size;
+  h = (VbECPreambleHeader*)malloc(hsize + 16384);
+
+  TEST_EQ(VerifyECPreamble(hdr, hsize, rsa), 0,
+          "VerifyECPreamble() ok using key");
+  TEST_NEQ(VerifyECPreamble(hdr, hsize - 1, rsa), 0,
+           "VerifyECPreamble() size--");
+  TEST_EQ(VerifyECPreamble(hdr, hsize + 1, rsa), 0,
+           "VerifyECPreamble() size++");
+
+  TEST_EQ(hdr->firmware_version, 0x1234,
+          "VerifyECPreamble() firmware version");
+  TEST_EQ(hdr->flags, 0x5678,
+          "VerifyECPreamble() flags");
+  TEST_EQ(strncmp(hdr->name, "Foo bar", sizeof(hdr->name)), 0,
+          "VerifyECPreamble() name");
+
+  /* Care about major version but not minor */
+  Memcpy(h, hdr, hsize);
+  h->header_version_major++;
+  ReSignECPreamble(h, private_key);
+  TEST_NEQ(VerifyECPreamble(h, hsize, rsa), 0,
+           "VerifyECPreamble() major++");
+
+  Memcpy(h, hdr, hsize);
+  h->header_version_major--;
+  ReSignECPreamble(h, private_key);
+  TEST_NEQ(VerifyECPreamble(h, hsize, rsa), 0,
+           "VerifyECPreamble() major--");
+
+  Memcpy(h, hdr, hsize);
+  h->header_version_minor++;
+  ReSignECPreamble(h, private_key);
+  TEST_EQ(VerifyECPreamble(h, hsize, rsa), 0,
+          "VerifyECPreamble() minor++");
+
+  Memcpy(h, hdr, hsize);
+  h->header_version_minor--;
+  ReSignECPreamble(h, private_key);
+  TEST_EQ(VerifyECPreamble(h, hsize, rsa), 0,
+          "VerifyECPreamble() minor--");
+
+  /* Check signature */
+  Memcpy(h, hdr, hsize);
+  h->preamble_signature.sig_offset = hsize;
+  ReSignECPreamble(h, private_key);
+  TEST_NEQ(VerifyECPreamble(h, hsize, rsa), 0,
+           "VerifyECPreamble() sig off end");
+
+  Memcpy(h, hdr, hsize);
+  h->preamble_signature.sig_size--;
+  ReSignECPreamble(h, private_key);
+  TEST_NEQ(VerifyECPreamble(h, hsize, rsa), 0,
+           "VerifyECPreamble() sig too small");
+
+  Memcpy(h, hdr, hsize);
+  GetSignatureData(&h->body_digest)[0] ^= 0x34;
+  TEST_NEQ(VerifyECPreamble(h, hsize, rsa), 0,
+           "VerifyECPreamble() sig mismatch");
+
+  /* Check that we signed header and body sig */
+  Memcpy(h, hdr, hsize);
+  h->preamble_signature.data_size = 4;
+  h->body_digest.sig_offset = 0;
+  h->body_digest.sig_size = 0;
+  ReSignECPreamble(h, private_key);
+  TEST_NEQ(VerifyECPreamble(h, hsize, rsa), 0,
+           "VerifyECPreamble() didn't sign header");
+
+  Memcpy(h, hdr, hsize);
+  h->body_digest.sig_offset = hsize;
+  ReSignECPreamble(h, private_key);
+  TEST_NEQ(VerifyECPreamble(h, hsize, rsa), 0,
+           "VerifyECPreamble() body sig off end");
+
+  /* TODO: verify with extra padding at end of header. */
+
+  free(h);
+  RSAPublicKeyFree(rsa);
+  free(hdr);
+}
+
+
+int main(int argc, char* argv[]) {
+  VbPrivateKey* signing_private_key = NULL;
+  VbPublicKey* signing_public_key = NULL;
+
+  int error_code = 0;
+
+  if(argc != 3) {
+    fprintf(stderr, "Usage: %s <signing privkey> <signing pubkey>", argv[0]);
+    return -1;
+  }
+
+  signing_private_key = PrivateKeyRead(argv[1]);
+  if (!signing_private_key) {
+    fprintf(stderr, "Error reading signing_private_key\n");
+    return 1;
+  }
+
+  signing_public_key = PublicKeyRead(argv[2]);
+  if (!signing_public_key) {
+    fprintf(stderr, "Error reading signing_public_key\n");
+    return 1;
+  }
+
+  VerifyECPreambleTest(signing_public_key, signing_private_key);
+
+
+  if (signing_public_key)
+    free(signing_public_key);
+  if (signing_private_key)
+    free(signing_private_key);
+
+  return error_code;
+}