v811_spc009/external/vboot_reference/tests/vb20_rsa_padding_tests.c

/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 */


#include <stdint.h>
#include <stdio.h>

#include "cryptolib.h"
#include "file_keys.h"
#include "rsa_padding_test.h"
#include "test_common.h"
#include "utility.h"

#include "2sysincludes.h"
#include "2rsa.h"
#include "vb2_common.h"

/**
 * Convert an old-style RSA public key struct to a new one.
 *
 * The new one does not allocate memory, so you must keep the old one around
 * until you're done with the new one.
 *
 * @param k2		Destination new key
 * @param key		Source old key
 */
void vb2_public_key_to_vb2(struct vb2_public_key *k2,
			   const struct RSAPublicKey *key)
{
	k2->arrsize = key->len;
	k2->n0inv = key->n0inv;
	k2->n = key->n;
	k2->rr = key->rr;
	k2->sig_alg = vb2_crypto_to_signature(key->algorithm);
	k2->hash_alg = vb2_crypto_to_hash(key->algorithm);
}

/**
 * Test valid and invalid signatures.
 */
static void test_signatures(const struct vb2_public_key *key)
{
	uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
		 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
	uint8_t sig[RSA1024NUMBYTES];
	struct vb2_workbuf wb;
	int unexpected_success;
	int i;

	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));

	/* The first test signature is valid. */
	Memcpy(sig, signatures[0], sizeof(sig));
	TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
		  "RSA Padding Test valid sig");

	/* All other signatures should fail verification. */
	unexpected_success = 0;
	for (i = 1; i < sizeof(signatures) / sizeof(signatures[0]); i++) {
		Memcpy(sig, signatures[i], sizeof(sig));
		if (!vb2_rsa_verify_digest(key, sig,
					   test_message_sha1_hash, &wb)) {
			fprintf(stderr,
				"RSA Padding Test vector %d FAILED!\n", i);
			unexpected_success++;
		}
	}
	TEST_EQ(unexpected_success, 0, "RSA Padding Test invalid sigs");
}


/**
 * Test other error conditions in vb2_rsa_verify_digest().
 */
static void test_verify_digest(struct vb2_public_key *key) {
	uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]
		 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
	uint8_t sig[RSA1024NUMBYTES];
	struct vb2_workbuf wb;
	enum vb2_signature_algorithm orig_key_alg = key->sig_alg;

	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));

	Memcpy(sig, signatures[0], sizeof(sig));
	TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
		  "vb2_rsa_verify_digest() good");

	Memcpy(sig, signatures[0], sizeof(sig));
	vb2_workbuf_init(&wb, workbuf, sizeof(sig) * 3 - 1);
	TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
		VB2_ERROR_RSA_VERIFY_WORKBUF,
		"vb2_rsa_verify_digest() small workbuf");
	vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));

	key->sig_alg = VB2_SIG_INVALID;
	Memcpy(sig, signatures[0], sizeof(sig));
	TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
		VB2_ERROR_RSA_VERIFY_ALGORITHM,
		"vb2_rsa_verify_digest() bad key alg");
	key->sig_alg = orig_key_alg;

	key->arrsize *= 2;
	Memcpy(sig, signatures[0], sizeof(sig));
	TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
		VB2_ERROR_RSA_VERIFY_SIG_LEN,
		"vb2_rsa_verify_digest() bad sig len");
	key->arrsize /= 2;

	/* Corrupt the signature near start and end */
	Memcpy(sig, signatures[0], sizeof(sig));
	sig[3] ^= 0x42;
	TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
		VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig");

	Memcpy(sig, signatures[0], sizeof(sig));
	sig[RSA1024NUMBYTES - 3] ^= 0x56;
	TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),
		VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig end");
}

int main(int argc, char *argv[])
{
	int error = 0;
	RSAPublicKey *key;
	struct vb2_public_key k2;

	/* Read test key */
	if (argc != 2) {
		fprintf(stderr, "Usage: %s <test public key>\n", argv[0]);
		return 1;
	}
	key = RSAPublicKeyFromFile(argv[1]);

	if (!key) {
		fprintf(stderr, "Couldn't read RSA public key for the test.\n");
		return 1;
	}

	// TODO: why is test key algorithm wrong?
	key->algorithm = 0;

	/* Convert test key to Vb2 format */
	vb2_public_key_to_vb2(&k2, key);

	/* Run tests */
	test_signatures(&k2);
	test_verify_digest(&k2);

	/* Clean up and exit */
	RSAPublicKeyFree(key);

	if (!gTestSuccess)
		error = 255;

	return error;
}
v811_spc009_project 4 months ago			`/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.`
			`* Use of this source code is governed by a BSD-style license that can be`
			`* found in the LICENSE file.`
			`*/`


			`#include <stdint.h>`
			`#include <stdio.h>`

			`#include "cryptolib.h"`
			`#include "file_keys.h"`
			`#include "rsa_padding_test.h"`
			`#include "test_common.h"`
			`#include "utility.h"`

			`#include "2sysincludes.h"`
			`#include "2rsa.h"`
			`#include "vb2_common.h"`

			`/**`
			`* Convert an old-style RSA public key struct to a new one.`
			`*`
			`* The new one does not allocate memory, so you must keep the old one around`
			`* until you're done with the new one.`
			`*`
			`* @param k2 Destination new key`
			`* @param key Source old key`
			`*/`
			`void vb2_public_key_to_vb2(struct vb2_public_key *k2,`
			`const struct RSAPublicKey *key)`
			`{`
			`k2->arrsize = key->len;`
			`k2->n0inv = key->n0inv;`
			`k2->n = key->n;`
			`k2->rr = key->rr;`
			`k2->sig_alg = vb2_crypto_to_signature(key->algorithm);`
			`k2->hash_alg = vb2_crypto_to_hash(key->algorithm);`
			`}`

			`/**`
			`* Test valid and invalid signatures.`
			`*/`
			`static void test_signatures(const struct vb2_public_key *key)`
			`{`
			`uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]`
			`__attribute__ ((aligned (VB2_WORKBUF_ALIGN)));`
			`uint8_t sig[RSA1024NUMBYTES];`
			`struct vb2_workbuf wb;`
			`int unexpected_success;`
			`int i;`

			`vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));`

			`/* The first test signature is valid. */`
			`Memcpy(sig, signatures[0], sizeof(sig));`
			`TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),`
			`"RSA Padding Test valid sig");`

			`/* All other signatures should fail verification. */`
			`unexpected_success = 0;`
			`for (i = 1; i < sizeof(signatures) / sizeof(signatures[0]); i++) {`
			`Memcpy(sig, signatures[i], sizeof(sig));`
			`if (!vb2_rsa_verify_digest(key, sig,`
			`test_message_sha1_hash, &wb)) {`
			`fprintf(stderr,`
			`"RSA Padding Test vector %d FAILED!\n", i);`
			`unexpected_success++;`
			`}`
			`}`
			`TEST_EQ(unexpected_success, 0, "RSA Padding Test invalid sigs");`
			`}`


			`/**`
			`* Test other error conditions in vb2_rsa_verify_digest().`
			`*/`
			`static void test_verify_digest(struct vb2_public_key *key) {`
			`uint8_t workbuf[VB2_VERIFY_DIGEST_WORKBUF_BYTES]`
			`__attribute__ ((aligned (VB2_WORKBUF_ALIGN)));`
			`uint8_t sig[RSA1024NUMBYTES];`
			`struct vb2_workbuf wb;`
			`enum vb2_signature_algorithm orig_key_alg = key->sig_alg;`

			`vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));`

			`Memcpy(sig, signatures[0], sizeof(sig));`
			`TEST_SUCC(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),`
			`"vb2_rsa_verify_digest() good");`

			`Memcpy(sig, signatures[0], sizeof(sig));`
			`vb2_workbuf_init(&wb, workbuf, sizeof(sig) * 3 - 1);`
			`TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),`
			`VB2_ERROR_RSA_VERIFY_WORKBUF,`
			`"vb2_rsa_verify_digest() small workbuf");`
			`vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));`

			`key->sig_alg = VB2_SIG_INVALID;`
			`Memcpy(sig, signatures[0], sizeof(sig));`
			`TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),`
			`VB2_ERROR_RSA_VERIFY_ALGORITHM,`
			`"vb2_rsa_verify_digest() bad key alg");`
			`key->sig_alg = orig_key_alg;`

			`key->arrsize *= 2;`
			`Memcpy(sig, signatures[0], sizeof(sig));`
			`TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),`
			`VB2_ERROR_RSA_VERIFY_SIG_LEN,`
			`"vb2_rsa_verify_digest() bad sig len");`
			`key->arrsize /= 2;`

			`/* Corrupt the signature near start and end */`
			`Memcpy(sig, signatures[0], sizeof(sig));`
			`sig[3] ^= 0x42;`
			`TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),`
			`VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig");`

			`Memcpy(sig, signatures[0], sizeof(sig));`
			`sig[RSA1024NUMBYTES - 3] ^= 0x56;`
			`TEST_EQ(vb2_rsa_verify_digest(key, sig, test_message_sha1_hash, &wb),`
			`VB2_ERROR_RSA_PADDING, "vb2_rsa_verify_digest() bad sig end");`
			`}`

			`int main(int argc, char *argv[])`
			`{`
			`int error = 0;`
			`RSAPublicKey *key;`
			`struct vb2_public_key k2;`

			`/* Read test key */`
			`if (argc != 2) {`
			`fprintf(stderr, "Usage: %s <test public key>\n", argv[0]);`
			`return 1;`
			`}`
			`key = RSAPublicKeyFromFile(argv[1]);`

			`if (!key) {`
			`fprintf(stderr, "Couldn't read RSA public key for the test.\n");`
			`return 1;`
			`}`

			`// TODO: why is test key algorithm wrong?`
			`key->algorithm = 0;`

			`/* Convert test key to Vb2 format */`
			`vb2_public_key_to_vb2(&k2, key);`

			`/* Run tests */`
			`test_signatures(&k2);`
			`test_verify_digest(&k2);`

			`/* Clean up and exit */`
			`RSAPublicKeyFree(key);`

			`if (!gTestSuccess)`
			`error = 255;`

			`return error;`
			`}`