| /* Copyright (c) 2014 The Chromium OS Authors. All rights reserved. |
| * Use of this source code is governed by a BSD-style license that can be |
| * found in the LICENSE file. |
| * |
| * Tests for firmware image library. |
| */ |
| |
| #include <stdio.h> |
| |
| #include "2rsa.h" |
| #include "2sysincludes.h" |
| #include "file_keys.h" |
| #include "host_common.h" |
| #include "host_keyblock.h" |
| #include "host_key.h" |
| #include "host_signature.h" |
| #include "test_common.h" |
| #include "vb2_common.h" |
| |
| static void resign_keyblock(struct vb2_keyblock *h, |
| const struct vb2_private_key *key) |
| { |
| struct vb2_signature *sig = |
| vb2_calculate_signature((const uint8_t *)h, |
| h->keyblock_signature.data_size, key); |
| |
| vb2_copy_signature(&h->keyblock_signature, sig); |
| free(sig); |
| } |
| |
| static void test_check_keyblock(const struct vb2_public_key *public_key, |
| const struct vb2_private_key *private_key, |
| const struct vb2_packed_key *data_key) |
| { |
| struct vb2_keyblock *hdr; |
| struct vb2_keyblock *h; |
| struct vb2_signature *sig; |
| uint32_t hsize; |
| |
| hdr = vb2_create_keyblock(data_key, private_key, 0x1234); |
| TEST_NEQ((size_t)hdr, 0, "vb2_verify_keyblock() prerequisites"); |
| if (!hdr) |
| return; |
| hsize = hdr->keyblock_size; |
| h = (struct vb2_keyblock *)malloc(hsize + 2048); |
| sig = &h->keyblock_signature; |
| |
| memcpy(h, hdr, hsize); |
| TEST_SUCC(vb2_check_keyblock(h, hsize, sig), |
| "vb2_check_keyblock() ok"); |
| |
| memcpy(h, hdr, hsize); |
| TEST_EQ(vb2_check_keyblock(h, hsize - 1, sig), |
| VB2_ERROR_KEYBLOCK_SIZE, "vb2_check_keyblock() size--"); |
| |
| /* Buffer is allowed to be bigger than keyblock */ |
| memcpy(h, hdr, hsize); |
| TEST_SUCC(vb2_check_keyblock(h, hsize + 1, sig), |
| "vb2_check_keyblock() size++"); |
| |
| memcpy(h, hdr, hsize); |
| h->magic[0] &= 0x12; |
| TEST_EQ(vb2_check_keyblock(h, hsize, sig), |
| VB2_ERROR_KEYBLOCK_MAGIC, "vb2_check_keyblock() magic"); |
| |
| /* Care about major version but not minor */ |
| memcpy(h, hdr, hsize); |
| h->header_version_major++; |
| resign_keyblock(h, private_key); |
| TEST_EQ(vb2_check_keyblock(h, hsize, sig), |
| VB2_ERROR_KEYBLOCK_HEADER_VERSION, |
| "vb2_check_keyblock() major++"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_major--; |
| resign_keyblock(h, private_key); |
| TEST_EQ(vb2_check_keyblock(h, hsize, sig), |
| VB2_ERROR_KEYBLOCK_HEADER_VERSION, |
| "vb2_check_keyblock() major--"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_minor++; |
| resign_keyblock(h, private_key); |
| TEST_SUCC(vb2_check_keyblock(h, hsize, sig), |
| "vb2_check_keyblock() minor++"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_minor--; |
| resign_keyblock(h, private_key); |
| TEST_SUCC(vb2_check_keyblock(h, hsize, sig), |
| "vb2_check_keyblock() minor--"); |
| |
| /* Check signature */ |
| memcpy(h, hdr, hsize); |
| h->keyblock_signature.sig_offset = hsize; |
| resign_keyblock(h, private_key); |
| TEST_EQ(vb2_check_keyblock(h, hsize, sig), |
| VB2_ERROR_KEYBLOCK_SIG_OUTSIDE, |
| "vb2_check_keyblock() sig off end"); |
| |
| memcpy(h, hdr, hsize); |
| h->keyblock_signature.data_size = h->keyblock_size + 1; |
| TEST_EQ(vb2_check_keyblock(h, hsize, sig), |
| VB2_ERROR_KEYBLOCK_SIGNED_TOO_MUCH, |
| "vb2_check_keyblock() sig data past end of block"); |
| |
| /* Check that we signed header and data key */ |
| memcpy(h, hdr, hsize); |
| h->keyblock_signature.data_size = 4; |
| h->data_key.key_offset = 0; |
| h->data_key.key_size = 0; |
| resign_keyblock(h, private_key); |
| TEST_EQ(vb2_check_keyblock(h, hsize, sig), |
| VB2_ERROR_KEYBLOCK_SIGNED_TOO_LITTLE, |
| "vb2_check_keyblock() didn't sign header"); |
| |
| memcpy(h, hdr, hsize); |
| h->data_key.key_offset = hsize; |
| resign_keyblock(h, private_key); |
| TEST_EQ(vb2_check_keyblock(h, hsize, sig), |
| VB2_ERROR_KEYBLOCK_DATA_KEY_OUTSIDE, |
| "vb2_check_keyblock() data key off end"); |
| |
| /* Corner cases for error checking */ |
| TEST_EQ(vb2_check_keyblock(NULL, 4, sig), |
| VB2_ERROR_KEYBLOCK_TOO_SMALL_FOR_HEADER, |
| "vb2_check_keyblock size too small"); |
| |
| /* |
| * TODO: verify parser can support a bigger header (i.e., one where |
| * data_key.key_offset is bigger than expected). |
| */ |
| |
| free(h); |
| free(hdr); |
| } |
| |
| static void test_verify_keyblock(const struct vb2_public_key *public_key, |
| const struct vb2_private_key *private_key, |
| const struct vb2_packed_key *data_key) |
| { |
| uint8_t workbuf[VB2_KEYBLOCK_VERIFY_WORKBUF_BYTES] |
| __attribute__((aligned(VB2_WORKBUF_ALIGN))); |
| struct vb2_workbuf wb; |
| struct vb2_keyblock *hdr; |
| struct vb2_keyblock *h; |
| uint32_t hsize; |
| |
| vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); |
| |
| hdr = vb2_create_keyblock(data_key, private_key, 0x1234); |
| TEST_NEQ((size_t)hdr, 0, "vb2_verify_keyblock() prerequisites"); |
| if (!hdr) |
| return; |
| hsize = hdr->keyblock_size; |
| h = (struct vb2_keyblock *)malloc(hsize + 2048); |
| |
| memcpy(h, hdr, hsize); |
| TEST_SUCC(vb2_verify_keyblock(h, hsize, public_key, &wb), |
| "vb2_verify_keyblock() ok using key"); |
| |
| /* Failures in keyblock check also cause verify to fail */ |
| memcpy(h, hdr, hsize); |
| TEST_EQ(vb2_verify_keyblock(h, hsize - 1, public_key, &wb), |
| VB2_ERROR_KEYBLOCK_SIZE, "vb2_verify_keyblock() check"); |
| |
| /* Check signature */ |
| memcpy(h, hdr, hsize); |
| h->keyblock_signature.sig_size--; |
| resign_keyblock(h, private_key); |
| TEST_EQ(vb2_verify_keyblock(h, hsize, public_key, &wb), |
| VB2_ERROR_KEYBLOCK_SIG_INVALID, |
| "vb2_verify_keyblock() sig too small"); |
| |
| memcpy(h, hdr, hsize); |
| ((uint8_t *)vb2_packed_key_data_mutable(&h->data_key))[0] ^= 0x34; |
| TEST_EQ(vb2_verify_keyblock(h, hsize, public_key, &wb), |
| VB2_ERROR_KEYBLOCK_SIG_INVALID, |
| "vb2_verify_keyblock() sig mismatch"); |
| |
| /* |
| * TODO: verify parser can support a bigger header (i.e., one where |
| * data_key.key_offset is bigger than expected). |
| */ |
| |
| free(h); |
| free(hdr); |
| } |
| |
| static void resign_fw_preamble(struct vb2_fw_preamble *h, |
| struct vb2_private_key *key) |
| { |
| struct vb2_signature *sig = vb2_calculate_signature( |
| (const uint8_t *)h, h->preamble_signature.data_size, key); |
| |
| vb2_copy_signature(&h->preamble_signature, sig); |
| free(sig); |
| } |
| |
| static void test_verify_fw_preamble(struct vb2_packed_key *public_key, |
| struct vb2_private_key *private_key, |
| struct vb2_packed_key *kernel_subkey) |
| { |
| struct vb2_fw_preamble *hdr; |
| struct vb2_fw_preamble *h; |
| struct vb2_public_key rsa; |
| uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES] |
| __attribute__((aligned(VB2_WORKBUF_ALIGN))); |
| struct vb2_workbuf wb; |
| uint32_t hsize; |
| |
| vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); |
| |
| /* Create a dummy signature */ |
| struct vb2_signature *body_sig = vb2_alloc_signature(56, 78); |
| |
| TEST_SUCC(vb2_unpack_key(&rsa, public_key), |
| "vb2_verify_fw_preamble() prereq key"); |
| |
| hdr = vb2_create_fw_preamble(0x1234, kernel_subkey, body_sig, |
| private_key, 0x5678); |
| TEST_PTR_NEQ(hdr, NULL, |
| "vb2_verify_fw_preamble() prereq test preamble"); |
| if (!hdr) { |
| free(body_sig); |
| return; |
| } |
| |
| hsize = (uint32_t) hdr->preamble_size; |
| h = (struct vb2_fw_preamble *)malloc(hsize + 16384); |
| |
| memcpy(h, hdr, hsize); |
| TEST_SUCC(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| "vb2_verify_fw_preamble() ok using key"); |
| |
| memcpy(h, hdr, hsize); |
| TEST_EQ(vb2_verify_fw_preamble(h, 4, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER, |
| "vb2_verify_fw_preamble() size tiny"); |
| |
| memcpy(h, hdr, hsize); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize - 1, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIZE, |
| "vb2_verify_fw_preamble() size--"); |
| |
| /* Buffer is allowed to be bigger than preamble */ |
| memcpy(h, hdr, hsize); |
| TEST_SUCC(vb2_verify_fw_preamble(h, hsize + 1, &rsa, &wb), |
| "vb2_verify_fw_preamble() size++"); |
| |
| /* Care about major version but not minor */ |
| memcpy(h, hdr, hsize); |
| h->header_version_major++; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_HEADER_VERSION |
| , "vb2_verify_fw_preamble() major++"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_major--; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_HEADER_VERSION, |
| "vb2_verify_fw_preamble() major--"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_minor++; |
| resign_fw_preamble(h, private_key); |
| TEST_SUCC(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| "vb2_verify_fw_preamble() minor++"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_minor--; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_HEADER_OLD, |
| "vb2_verify_fw_preamble() 2.0 not supported"); |
| |
| /* Check signature */ |
| memcpy(h, hdr, hsize); |
| h->preamble_signature.sig_offset = hsize; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIG_OUTSIDE, |
| "vb2_verify_fw_preamble() sig off end"); |
| |
| memcpy(h, hdr, hsize); |
| h->preamble_signature.sig_size--; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIG_INVALID, |
| "vb2_verify_fw_preamble() sig too small"); |
| |
| memcpy(h, hdr, hsize); |
| ((uint8_t *)vb2_packed_key_data_mutable(&h->kernel_subkey))[0] ^= 0x34; |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIG_INVALID, |
| "vb2_verify_fw_preamble() sig mismatch"); |
| |
| /* Check that we signed header, kernel subkey, and body sig */ |
| memcpy(h, hdr, hsize); |
| h->preamble_signature.data_size = 4; |
| h->kernel_subkey.key_offset = 0; |
| h->kernel_subkey.key_size = 0; |
| h->body_signature.sig_offset = 0; |
| h->body_signature.sig_size = 0; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIGNED_TOO_LITTLE, |
| "vb2_verify_fw_preamble() didn't sign header"); |
| |
| memcpy(h, hdr, hsize); |
| h->kernel_subkey.key_offset = hsize; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_KERNEL_SUBKEY_OUTSIDE, |
| "vb2_verify_fw_preamble() kernel subkey off end"); |
| |
| memcpy(h, hdr, hsize); |
| h->body_signature.sig_offset = hsize; |
| resign_fw_preamble(h, private_key); |
| TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_BODY_SIG_OUTSIDE, |
| "vb2_verify_fw_preamble() body sig off end"); |
| |
| /* TODO: verify with extra padding at end of header. */ |
| |
| free(h); |
| free(hdr); |
| free(body_sig); |
| } |
| |
| static void resign_kernel_preamble(struct vb2_kernel_preamble *h, |
| const struct vb2_private_key *key) |
| { |
| struct vb2_signature *sig = vb2_calculate_signature( |
| (const uint8_t *)h, h->preamble_signature.data_size, key); |
| |
| vb2_copy_signature(&h->preamble_signature, sig); |
| free(sig); |
| } |
| |
| static void test_verify_kernel_preamble( |
| const struct vb2_packed_key *public_key, |
| const struct vb2_private_key *private_key) |
| { |
| struct vb2_public_key rsa; |
| // TODO: how many workbuf bytes? |
| uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES] |
| __attribute__((aligned(VB2_WORKBUF_ALIGN))); |
| struct vb2_workbuf wb; |
| uint32_t hsize; |
| |
| vb2_workbuf_init(&wb, workbuf, sizeof(workbuf)); |
| |
| /* Create a dummy signature */ |
| struct vb2_signature *body_sig = vb2_alloc_signature(56, 0x214000); |
| |
| TEST_SUCC(vb2_unpack_key(&rsa, public_key), |
| "vb2_verify_kernel_preamble() prereq key"); |
| |
| struct vb2_kernel_preamble *hdr = |
| vb2_create_kernel_preamble(0x1234, 0x100000, 0x300000, 0x4000, |
| body_sig, 0x304000, 0x10000, 0, 0, |
| private_key); |
| TEST_PTR_NEQ(hdr, NULL, |
| "vb2_verify_kernel_preamble() prereq test preamble"); |
| if (!hdr) { |
| free(body_sig); |
| return; |
| } |
| |
| hsize = (uint32_t) hdr->preamble_size; |
| struct vb2_kernel_preamble *h = |
| (struct vb2_kernel_preamble *)malloc(hsize + 16384); |
| |
| memcpy(h, hdr, hsize); |
| TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| "vb2_verify_kernel_preamble() ok using key"); |
| |
| memcpy(h, hdr, hsize); |
| TEST_EQ(vb2_verify_kernel_preamble(h, 4, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER, |
| "vb2_verify_kernel_preamble() size tiny"); |
| |
| memcpy(h, hdr, hsize); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize - 1, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIZE, |
| "vb2_verify_kernel_preamble() size--"); |
| |
| /* Buffer is allowed to be bigger than preamble */ |
| memcpy(h, hdr, hsize); |
| TEST_SUCC(vb2_verify_kernel_preamble(h, hsize + 1, &rsa, &wb), |
| "vb2_verify_kernel_preamble() size++"); |
| |
| /* Care about major version but not minor */ |
| memcpy(h, hdr, hsize); |
| h->header_version_major++; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_HEADER_VERSION |
| , "vb2_verify_kernel_preamble() major++"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_major--; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_HEADER_VERSION, |
| "vb2_verify_kernel_preamble() major--"); |
| |
| memcpy(h, hdr, hsize); |
| h->header_version_minor++; |
| resign_kernel_preamble(h, private_key); |
| TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| "vb2_verify_kernel_preamble() minor++"); |
| |
| /* Check signature */ |
| memcpy(h, hdr, hsize); |
| h->preamble_signature.sig_offset = hsize; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIG_OUTSIDE, |
| "vb2_verify_kernel_preamble() sig off end"); |
| |
| memcpy(h, hdr, hsize); |
| h->preamble_signature.sig_size--; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIG_INVALID, |
| "vb2_verify_kernel_preamble() sig too small"); |
| |
| memcpy(h, hdr, hsize); |
| h->flags++; |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIG_INVALID, |
| "vb2_verify_kernel_preamble() sig mismatch"); |
| |
| /* Check that we signed header and body sig */ |
| memcpy(h, hdr, hsize); |
| h->preamble_signature.data_size = 4; |
| h->body_signature.sig_offset = 0; |
| h->body_signature.sig_size = 0; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_SIGNED_TOO_LITTLE, |
| "vb2_verify_kernel_preamble() didn't sign header"); |
| |
| memcpy(h, hdr, hsize); |
| h->body_signature.sig_offset = hsize; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_BODY_SIG_OUTSIDE, |
| "vb2_verify_kernel_preamble() body sig off end"); |
| |
| /* Check bootloader inside signed body */ |
| memcpy(h, hdr, hsize); |
| h->bootloader_address = h->body_load_address - 1; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_BOOTLOADER_OUTSIDE, |
| "vb2_verify_kernel_preamble() bootloader before body"); |
| |
| memcpy(h, hdr, hsize); |
| h->bootloader_address = h->body_load_address + |
| h->body_signature.data_size + 1; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_BOOTLOADER_OUTSIDE, |
| "vb2_verify_kernel_preamble() bootloader off end of body"); |
| |
| memcpy(h, hdr, hsize); |
| h->bootloader_address = h->body_load_address + |
| h->body_signature.data_size + 1; |
| h->bootloader_size = 0; |
| resign_kernel_preamble(h, private_key); |
| TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| "vb2_verify_kernel_preamble() no bootloader"); |
| |
| /* Check vmlinuz inside signed body */ |
| memcpy(h, hdr, hsize); |
| h->vmlinuz_header_address = h->body_load_address - 1; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_VMLINUZ_HEADER_OUTSIDE, |
| "vb2_verify_kernel_preamble() vmlinuz_header before body"); |
| |
| memcpy(h, hdr, hsize); |
| h->vmlinuz_header_address = h->body_load_address + |
| h->body_signature.data_size + 1; |
| resign_kernel_preamble(h, private_key); |
| TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| VB2_ERROR_PREAMBLE_VMLINUZ_HEADER_OUTSIDE, |
| "vb2_verify_kernel_preamble() vmlinuz_header off end of body"); |
| |
| memcpy(h, hdr, hsize); |
| h->vmlinuz_header_address = h->body_load_address + |
| h->body_signature.data_size + 1; |
| h->vmlinuz_header_size = 0; |
| resign_kernel_preamble(h, private_key); |
| TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb), |
| "vb2_verify_kernel_preamble() no vmlinuz_header"); |
| |
| /* TODO: verify with extra padding at end of header. */ |
| |
| free(h); |
| free(hdr); |
| free(body_sig); |
| } |
| |
| static int test_permutation(int signing_key_algorithm, int data_key_algorithm, |
| const char *keys_dir) |
| { |
| char filename[1024]; |
| int retval = 1; |
| |
| struct vb2_private_key *signing_private_key = NULL; |
| struct vb2_packed_key *signing_public_key = NULL; |
| struct vb2_packed_key *data_public_key = NULL; |
| |
| printf("***Testing signing algorithm: %s\n", |
| vb2_get_crypto_algorithm_name(signing_key_algorithm)); |
| printf("***With data key algorithm: %s\n", |
| vb2_get_crypto_algorithm_name(data_key_algorithm)); |
| |
| snprintf(filename, sizeof(filename), "%s/key_%s.pem", |
| keys_dir, |
| vb2_get_crypto_algorithm_file(signing_key_algorithm)); |
| signing_private_key = |
| vb2_read_private_key_pem(filename, signing_key_algorithm); |
| if (!signing_private_key) { |
| fprintf(stderr, "Error reading signing_private_key: %s\n", |
| filename); |
| goto cleanup_permutation; |
| } |
| |
| snprintf(filename, sizeof(filename), "%s/key_%s.keyb", |
| keys_dir, |
| vb2_get_crypto_algorithm_file(signing_key_algorithm)); |
| signing_public_key = |
| vb2_read_packed_keyb(filename, signing_key_algorithm, 1); |
| if (!signing_public_key) { |
| fprintf(stderr, "Error reading signing_public_key: %s\n", |
| filename); |
| goto cleanup_permutation; |
| } |
| |
| snprintf(filename, sizeof(filename), "%s/key_%s.keyb", |
| keys_dir, |
| vb2_get_crypto_algorithm_file(data_key_algorithm)); |
| data_public_key = |
| vb2_read_packed_keyb(filename, data_key_algorithm, 1); |
| if (!data_public_key) { |
| fprintf(stderr, "Error reading data_public_key: %s\n", |
| filename); |
| goto cleanup_permutation; |
| } |
| |
| /* Unpack public key */ |
| struct vb2_public_key signing_public_key2; |
| if (VB2_SUCCESS != |
| vb2_unpack_key_buffer(&signing_public_key2, |
| (uint8_t *)signing_public_key, |
| signing_public_key->key_offset + |
| signing_public_key->key_size)) { |
| fprintf(stderr, "Error unpacking signing_public_key: %s\n", |
| filename); |
| goto cleanup_permutation; |
| } |
| |
| test_check_keyblock(&signing_public_key2, signing_private_key, |
| data_public_key); |
| test_verify_keyblock(&signing_public_key2, signing_private_key, |
| data_public_key); |
| test_verify_fw_preamble(signing_public_key, signing_private_key, |
| data_public_key); |
| test_verify_kernel_preamble(signing_public_key, signing_private_key); |
| |
| retval = 0; |
| |
| cleanup_permutation: |
| if (signing_public_key) |
| free(signing_public_key); |
| if (signing_private_key) |
| free(signing_private_key); |
| if (data_public_key) |
| free(data_public_key); |
| |
| return retval; |
| } |
| |
| struct test_perm |
| { |
| int signing_algorithm; |
| int data_key_algorithm; |
| }; |
| |
| /* Permutations of signing and data key algorithms in active use */ |
| const struct test_perm test_perms[] = { |
| {VB2_ALG_RSA4096_SHA256, VB2_ALG_RSA2048_SHA256}, |
| {VB2_ALG_RSA8192_SHA512, VB2_ALG_RSA2048_SHA256}, |
| {VB2_ALG_RSA8192_SHA512, VB2_ALG_RSA4096_SHA256}, |
| }; |
| |
| int main(int argc, char *argv[]) |
| { |
| if (argc == 2) { |
| /* Test only the algorithms we use */ |
| int i; |
| |
| for (i = 0; i < ARRAY_SIZE(test_perms); i++) { |
| if (test_permutation(test_perms[i].signing_algorithm, |
| test_perms[i].data_key_algorithm, |
| argv[1])) |
| return 1; |
| } |
| |
| } else if (argc == 3 && !strcasecmp(argv[2], "--all")) { |
| /* Test all the algorithms */ |
| int sign_alg, data_alg; |
| |
| for (sign_alg = 0; sign_alg < VB2_ALG_COUNT; sign_alg++) { |
| for (data_alg = 0; data_alg < VB2_ALG_COUNT; |
| data_alg++) { |
| if (test_permutation(sign_alg, data_alg, |
| argv[1])) |
| return 1; |
| } |
| } |
| } else { |
| fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]); |
| return -1; |
| } |
| |
| return gTestSuccess ? 0 : 255; |
| } |