1 /* Copyright 2014 The ChromiumOS Authors
2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file.
4 *
5 * Tests for firmware image library.
6 */
7
8 #include <stdint.h>
9 #include <stdio.h>
10 #include <string.h>
11
12 #include "2common.h"
13 #include "2rsa.h"
14 #include "2sysincludes.h"
15 #include "common/tests.h"
16 #include "host_common.h"
17 #include "host_common21.h"
18 #include "host_key21.h"
19 #include "host_signature21.h"
20 #include "util_misc.h"
21
22 static const uint8_t test_data[] = "This is some test data to sign.";
23 static const uint32_t test_size = sizeof(test_data);
24
test_unpack_key(const struct vb21_packed_key * key)25 static void test_unpack_key(const struct vb21_packed_key *key)
26 {
27 struct vb2_public_key pubk;
28 struct vb21_packed_key *key2;
29 uint32_t size = key->c.total_size;
30
31 /* Make a copy of the key for testing */
32 key2 = (struct vb21_packed_key *)malloc(size);
33
34 memcpy(key2, key, size);
35 TEST_SUCC(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
36 "vb21_unpack_key() ok");
37
38 memcpy(key2, key, size);
39 key2->key_offset += 4;
40 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
41 VB2_ERROR_COMMON_MEMBER_SIZE,
42 "vb21_unpack_key() buffer too small");
43
44 memcpy(key2, key, size);
45 key2->c.fixed_size += size;
46 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
47 VB2_ERROR_COMMON_FIXED_SIZE,
48 "vb21_unpack_key() buffer too small for desc");
49
50 memcpy(key2, key, size);
51 key2->c.desc_size = 0;
52 TEST_SUCC(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
53 "vb21_unpack_key() no desc");
54 TEST_EQ(strcmp(pubk.desc, ""), 0, " empty desc string");
55
56 memcpy(key2, key, size);
57 key2->c.magic++;
58 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
59 VB2_ERROR_UNPACK_KEY_MAGIC,
60 "vb21_unpack_key() bad magic");
61
62 memcpy(key2, key, size);
63 key2->c.struct_version_major++;
64 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
65 VB2_ERROR_UNPACK_KEY_STRUCT_VERSION,
66 "vb21_unpack_key() bad major version");
67
68 /*
69 * Minor version changes are ok. Note that this test assumes that the
70 * source key struct version is the highest actually known to the
71 * reader. If the reader does know about minor version + 1 and that
72 * adds fields, this test will likely fail. But at that point, we
73 * should have already added a test for minor version compatibility to
74 * handle both old and new struct versions, so someone will have
75 * noticed this comment.
76 */
77 memcpy(key2, key, size);
78 key2->c.struct_version_minor++;
79 TEST_SUCC(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
80 "vb21_unpack_key() minor version change ok");
81
82 memcpy(key2, key, size);
83 key2->sig_alg = VB2_SIG_INVALID;
84 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
85 VB2_ERROR_UNPACK_KEY_SIG_ALGORITHM,
86 "vb21_unpack_key() bad sig algorithm");
87
88 memcpy(key2, key, size);
89 key2->hash_alg = VB2_HASH_INVALID;
90 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
91 VB2_ERROR_UNPACK_KEY_HASH_ALGORITHM,
92 "vb21_unpack_key() bad hash algorithm");
93
94 memcpy(key2, key, size);
95 key2->key_size -= 4;
96 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
97 VB2_ERROR_UNPACK_KEY_SIZE,
98 "vb21_unpack_key() invalid size");
99
100 memcpy(key2, key, size);
101 key2->key_offset--;
102 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
103 VB2_ERROR_COMMON_MEMBER_UNALIGNED,
104 "vb21_unpack_key() unaligned data");
105
106 memcpy(key2, key, size);
107 *(uint32_t *)((uint8_t *)key2 + key2->key_offset) /= 2;
108 TEST_EQ(vb21_unpack_key(&pubk, (uint8_t *)key2, size),
109 VB2_ERROR_UNPACK_KEY_ARRAY_SIZE,
110 "vb21_unpack_key() invalid key array size");
111
112 free(key2);
113 }
114
test_verify_signature(const struct vb21_signature * sig)115 static void test_verify_signature(const struct vb21_signature *sig)
116 {
117 struct vb21_signature *sig2;
118 uint8_t *buf2;
119 uint32_t size;
120
121 /* Make a copy of the signature */
122 size = sig->c.total_size;
123 buf2 = malloc(size);
124 sig2 = (struct vb21_signature *)buf2;
125
126 memcpy(buf2, sig, size);
127 TEST_SUCC(vb21_verify_signature(sig2, size), "verify_sig ok");
128 sig2->c.magic = VB21_MAGIC_PACKED_KEY;
129 TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_MAGIC,
130 "verify_sig magic");
131
132 memcpy(buf2, sig, size);
133 sig2->c.total_size += 4;
134 TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_COMMON_TOTAL_SIZE,
135 "verify_sig common header");
136
137 memcpy(buf2, sig, size);
138 sig2->c.struct_version_minor++;
139 TEST_SUCC(vb21_verify_signature(sig2, size), "verify_sig minor ver");
140 sig2->c.struct_version_major++;
141 TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_VERSION,
142 "verify_sig major ver");
143
144 memcpy(buf2, sig, size);
145 sig2->c.fixed_size -= 4;
146 sig2->c.desc_size += 4;
147 TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_HEADER_SIZE,
148 "verify_sig header size");
149
150 memcpy(buf2, sig, size);
151 sig2->sig_size += 4;
152 TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_COMMON_MEMBER_SIZE,
153 "verify_sig sig size");
154
155 memcpy(buf2, sig, size);
156 sig2->sig_alg = VB2_SIG_INVALID;
157 TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_ALGORITHM,
158 "verify_sig sig alg");
159
160 memcpy(buf2, sig, size);
161 sig2->sig_alg = (sig2->sig_alg == VB2_SIG_NONE ?
162 VB2_SIG_RSA1024 : VB2_SIG_NONE);
163 TEST_EQ(vb21_verify_signature(sig2, size), VB2_ERROR_SIG_SIZE,
164 "verify_sig sig size");
165
166 free(buf2);
167 }
168
test_verify_data(const struct vb2_public_key * pubk_orig,const struct vb21_signature * sig)169 static void test_verify_data(const struct vb2_public_key *pubk_orig,
170 const struct vb21_signature *sig)
171 {
172 uint8_t workbuf[VB2_VERIFY_DATA_WORKBUF_BYTES]
173 __attribute__((aligned(VB2_WORKBUF_ALIGN)));
174 struct vb2_workbuf wb;
175
176 struct vb2_public_key pubk;
177 struct vb21_signature *sig2;
178 uint8_t *buf2;
179 uint32_t size;
180
181 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
182
183 pubk = *pubk_orig;
184
185 /* Allocate signature copy for tests */
186 size = sig->c.total_size;
187 buf2 = malloc(size);
188 sig2 = (struct vb21_signature *)buf2;
189
190 memcpy(buf2, sig, size);
191 pubk.sig_alg = VB2_SIG_INVALID;
192 TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
193 VB2_ERROR_VDATA_ALGORITHM, "vb21_verify_data() bad sig alg");
194 pubk = *pubk_orig;
195
196 memcpy(buf2, sig, size);
197 pubk.hash_alg = VB2_HASH_INVALID;
198 TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
199 VB2_ERROR_VDATA_DIGEST_SIZE,
200 "vb21_verify_data() bad hash alg");
201 pubk = *pubk_orig;
202
203 vb2_workbuf_init(&wb, workbuf, 4);
204 memcpy(buf2, sig, size);
205 TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
206 VB2_ERROR_VDATA_WORKBUF_DIGEST,
207 "vb21_verify_data() workbuf too small");
208 vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
209
210 memcpy(buf2, sig, size);
211 TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
212 0, "vb21_verify_data() ok");
213
214 memcpy(buf2, sig, size);
215 sig2->sig_size -= 16;
216 TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
217 VB2_ERROR_VDATA_SIG_SIZE, "vb21_verify_data() wrong sig size");
218
219 memcpy(buf2, sig, size);
220 TEST_EQ(vb21_verify_data(test_data, test_size - 1, sig2, &pubk, &wb),
221 VB2_ERROR_VDATA_SIZE, "vb21_verify_data() wrong data size");
222
223 memcpy(buf2, sig, size);
224 sig2->hash_alg = (sig2->hash_alg == VB2_HASH_SHA1 ?
225 VB2_HASH_SHA256 : VB2_HASH_SHA1);
226 TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
227 VB2_ERROR_VDATA_ALGORITHM_MISMATCH,
228 "vb21_verify_data() alg mismatch");
229
230
231 memcpy(buf2, sig, size);
232 buf2[sig2->sig_offset] ^= 0x5A;
233 TEST_EQ(vb21_verify_data(test_data, test_size, sig2, &pubk, &wb),
234 VB2_ERROR_RSA_PADDING, "vb21_verify_data() wrong sig");
235
236 free(buf2);
237 }
238
test_algorithm(int key_algorithm,const char * keys_dir)239 static int test_algorithm(int key_algorithm, const char *keys_dir)
240 {
241 char filename[1024];
242
243 enum vb2_signature_algorithm sig_alg =
244 vb2_crypto_to_signature(key_algorithm);
245 enum vb2_hash_algorithm hash_alg = vb2_crypto_to_hash(key_algorithm);
246
247 struct vb2_private_key *prik = NULL;
248 struct vb21_signature *sig2 = NULL;
249 struct vb2_public_key *pubk;
250 uint8_t *pubk_buf = 0;
251 uint8_t *keyb_data = 0;
252 uint32_t keyb_size;
253 struct vb21_packed_key *key2 = NULL;
254
255 printf("***Testing algorithm: %s\n",
256 vb2_get_crypto_algorithm_name(key_algorithm));
257
258 snprintf(filename, sizeof(filename), "%s/key_%s.pem",
259 keys_dir,
260 vb2_get_crypto_algorithm_file(key_algorithm));
261 TEST_SUCC(vb2_private_key_read_pem(&prik, filename),
262 "Read private key");
263 prik->hash_alg = hash_alg;
264 prik->sig_alg = sig_alg;
265 vb2_private_key_set_desc(prik, "private key");
266
267
268 /* Create the public key */
269 TEST_SUCC(vb2_public_key_alloc(&pubk, sig_alg), "Allocate public key");
270 /* Extract the keyb blob */
271 TEST_SUCC(vb_keyb_from_rsa(prik->rsa_private_key,
272 &keyb_data, &keyb_size),
273 "Extract public key");
274
275 /*
276 * Copy the keyb blob to the public key's buffer, because that's
277 * where vb2_unpack_key_data() and vb2_public_key_pack() expect
278 * to find it.
279 */
280 pubk_buf = vb2_public_key_packed_data(pubk);
281 memcpy(pubk_buf, keyb_data, keyb_size);
282
283 /* Fill in the internal struct pointers */
284 TEST_SUCC(vb2_unpack_key_data(pubk, pubk_buf, keyb_size),
285 "unpack public key blob");
286
287 pubk->hash_alg = hash_alg;
288 vb2_public_key_set_desc(pubk, "public key");
289 TEST_SUCC(vb21_public_key_pack(&key2, pubk), "Pack public key");
290
291 /* Calculate good signatures */
292 TEST_SUCC(vb21_sign_data(&sig2, test_data, test_size, prik, ""),
293 "Make test signature");
294
295 test_unpack_key(key2);
296 test_verify_data(pubk, sig2);
297 test_verify_signature(sig2);
298
299 free(keyb_data);
300 free(key2);
301 free(sig2);
302 vb2_free_private_key(prik);
303 vb2_public_key_free(pubk);
304
305 return 0;
306 }
307
308 /* Test only the algorithms we use */
309 const int key_algs[] = {
310 VB2_ALG_RSA2048_SHA256,
311 VB2_ALG_RSA4096_SHA256,
312 VB2_ALG_RSA8192_SHA512,
313 };
314
main(int argc,char * argv[])315 int main(int argc, char *argv[]) {
316
317 if (argc == 2) {
318 int i;
319
320 for (i = 0; i < ARRAY_SIZE(key_algs); i++) {
321 if (test_algorithm(key_algs[i], argv[1]))
322 return 1;
323 }
324
325 } else if (argc == 3 && !strcasecmp(argv[2], "--all")) {
326 /* Test all the algorithms */
327 int alg;
328
329 for (alg = 0; alg < VB2_ALG_COUNT; alg++) {
330 if (test_algorithm(alg, argv[1]))
331 return 1;
332 }
333
334 } else {
335 fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]);
336 return -1;
337 }
338
339 return gTestSuccess ? 0 : 255;
340 }
341