futility: Use only vboot 2.0 APIs for keyblocks
[vboot.git] / tests / vb20_common3_tests.c
1 /* Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Tests for firmware image library.
6  */
7
8 #include <stdio.h>
9
10 #include "2sysincludes.h"
11 #include "2rsa.h"
12
13 #include "file_keys.h"
14 #include "host_common.h"
15 #include "host_key.h"
16 #include "host_keyblock.h"
17 #include "host_signature.h"
18 #include "vb2_common.h"
19 #include "vboot_common.h"
20 #include "test_common.h"
21
22 static void resign_keyblock(struct vb2_keyblock *h,
23                             const struct vb2_private_key *key)
24 {
25         struct vb2_signature *sig =
26                 vb2_calculate_signature((const uint8_t *)h,
27                                         h->keyblock_signature.data_size, key);
28
29         vb2_copy_signature(&h->keyblock_signature, sig);
30         free(sig);
31 }
32
33 static void test_check_keyblock(const struct vb2_public_key *public_key,
34                                 const struct vb2_private_key *private_key,
35                                 const struct vb2_packed_key *data_key)
36 {
37         struct vb2_keyblock *hdr;
38         struct vb2_keyblock *h;
39         struct vb2_signature *sig;
40         uint32_t hsize;
41
42         hdr = vb2_create_keyblock(data_key, private_key, 0x1234);
43         TEST_NEQ((size_t)hdr, 0, "vb2_verify_keyblock() prerequisites");
44         if (!hdr)
45                 return;
46         hsize = hdr->keyblock_size;
47         h = (struct vb2_keyblock *)malloc(hsize + 2048);
48         sig = &h->keyblock_signature;
49
50         Memcpy(h, hdr, hsize);
51         TEST_SUCC(vb2_check_keyblock(h, hsize, sig),
52                   "vb2_check_keyblock() ok");
53
54         Memcpy(h, hdr, hsize);
55         TEST_EQ(vb2_check_keyblock(h, hsize - 1, sig),
56                 VB2_ERROR_KEYBLOCK_SIZE, "vb2_check_keyblock() size--");
57
58         /* Buffer is allowed to be bigger than keyblock */
59         Memcpy(h, hdr, hsize);
60         TEST_SUCC(vb2_check_keyblock(h, hsize + 1, sig),
61                   "vb2_check_keyblock() size++");
62
63         Memcpy(h, hdr, hsize);
64         h->magic[0] &= 0x12;
65         TEST_EQ(vb2_check_keyblock(h, hsize, sig),
66                 VB2_ERROR_KEYBLOCK_MAGIC, "vb2_check_keyblock() magic");
67
68         /* Care about major version but not minor */
69         Memcpy(h, hdr, hsize);
70         h->header_version_major++;
71         resign_keyblock(h, private_key);
72         TEST_EQ(vb2_check_keyblock(h, hsize, sig),
73                 VB2_ERROR_KEYBLOCK_HEADER_VERSION,
74                 "vb2_check_keyblock() major++");
75
76         Memcpy(h, hdr, hsize);
77         h->header_version_major--;
78         resign_keyblock(h, private_key);
79         TEST_EQ(vb2_check_keyblock(h, hsize, sig),
80                 VB2_ERROR_KEYBLOCK_HEADER_VERSION,
81                 "vb2_check_keyblock() major--");
82
83         Memcpy(h, hdr, hsize);
84         h->header_version_minor++;
85         resign_keyblock(h, private_key);
86         TEST_SUCC(vb2_check_keyblock(h, hsize, sig),
87                   "vb2_check_keyblock() minor++");
88
89         Memcpy(h, hdr, hsize);
90         h->header_version_minor--;
91         resign_keyblock(h, private_key);
92         TEST_SUCC(vb2_check_keyblock(h, hsize, sig),
93                   "vb2_check_keyblock() minor--");
94
95         /* Check signature */
96         Memcpy(h, hdr, hsize);
97         h->keyblock_signature.sig_offset = hsize;
98         resign_keyblock(h, private_key);
99         TEST_EQ(vb2_check_keyblock(h, hsize, sig),
100                 VB2_ERROR_KEYBLOCK_SIG_OUTSIDE,
101                 "vb2_check_keyblock() sig off end");
102
103         Memcpy(h, hdr, hsize);
104         h->keyblock_signature.data_size = h->keyblock_size + 1;
105         TEST_EQ(vb2_check_keyblock(h, hsize, sig),
106                 VB2_ERROR_KEYBLOCK_SIGNED_TOO_MUCH,
107                 "vb2_check_keyblock() sig data past end of block");
108
109         /* Check that we signed header and data key */
110         Memcpy(h, hdr, hsize);
111         h->keyblock_signature.data_size = 4;
112         h->data_key.key_offset = 0;
113         h->data_key.key_size = 0;
114         resign_keyblock(h, private_key);
115         TEST_EQ(vb2_check_keyblock(h, hsize, sig),
116                 VB2_ERROR_KEYBLOCK_SIGNED_TOO_LITTLE,
117                 "vb2_check_keyblock() didn't sign header");
118
119         Memcpy(h, hdr, hsize);
120         h->data_key.key_offset = hsize;
121         resign_keyblock(h, private_key);
122         TEST_EQ(vb2_check_keyblock(h, hsize, sig),
123                 VB2_ERROR_KEYBLOCK_DATA_KEY_OUTSIDE,
124                 "vb2_check_keyblock() data key off end");
125
126         /* Corner cases for error checking */
127         TEST_EQ(vb2_check_keyblock(NULL, 4, sig),
128                 VB2_ERROR_KEYBLOCK_TOO_SMALL_FOR_HEADER,
129                 "vb2_check_keyblock size too small");
130
131         /*
132          * TODO: verify parser can support a bigger header (i.e., one where
133          * data_key.key_offset is bigger than expected).
134          */
135
136         free(h);
137         free(hdr);
138 }
139
140 static void test_verify_keyblock(const struct vb2_public_key *public_key,
141                                 const struct vb2_private_key *private_key,
142                                 const struct vb2_packed_key *data_key)
143 {
144         uint8_t workbuf[VB2_KEY_BLOCK_VERIFY_WORKBUF_BYTES]
145                 __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
146         struct vb2_workbuf wb;
147         struct vb2_keyblock *hdr;
148         struct vb2_keyblock *h;
149         uint32_t hsize;
150
151         vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
152
153         hdr = vb2_create_keyblock(data_key, private_key, 0x1234);
154         TEST_NEQ((size_t)hdr, 0, "vb2_verify_keyblock() prerequisites");
155         if (!hdr)
156                 return;
157         hsize = hdr->keyblock_size;
158         h = (struct vb2_keyblock *)malloc(hsize + 2048);
159
160         Memcpy(h, hdr, hsize);
161         TEST_SUCC(vb2_verify_keyblock(h, hsize, public_key, &wb),
162                   "vb2_verify_keyblock() ok using key");
163
164         /* Failures in keyblock check also cause verify to fail */
165         Memcpy(h, hdr, hsize);
166         TEST_EQ(vb2_verify_keyblock(h, hsize - 1, public_key, &wb),
167                 VB2_ERROR_KEYBLOCK_SIZE, "vb2_verify_keyblock() check");
168
169         /* Check signature */
170         Memcpy(h, hdr, hsize);
171         h->keyblock_signature.sig_size--;
172         resign_keyblock(h, private_key);
173         TEST_EQ(vb2_verify_keyblock(h, hsize, public_key, &wb),
174                 VB2_ERROR_KEYBLOCK_SIG_INVALID,
175                 "vb2_verify_keyblock() sig too small");
176
177         Memcpy(h, hdr, hsize);
178         ((uint8_t *)vb2_packed_key_data(&h->data_key))[0] ^= 0x34;
179         TEST_EQ(vb2_verify_keyblock(h, hsize, public_key, &wb),
180                 VB2_ERROR_KEYBLOCK_SIG_INVALID,
181                 "vb2_verify_keyblock() sig mismatch");
182
183         /*
184          * TODO: verify parser can support a bigger header (i.e., one where
185          * data_key.key_offset is bigger than expected).
186          */
187
188         free(h);
189         free(hdr);
190 }
191
192 static void resign_fw_preamble(struct vb2_fw_preamble *h,
193                                struct vb2_private_key *key)
194 {
195         struct vb2_signature *sig = vb2_calculate_signature(
196                 (const uint8_t *)h, h->preamble_signature.data_size, key);
197
198         vb2_copy_signature(&h->preamble_signature, sig);
199         free(sig);
200 }
201
202 static void test_verify_fw_preamble(const VbPublicKey *public_key,
203                                     struct vb2_private_key *private_key,
204                                     struct vb2_packed_key *kernel_subkey)
205 {
206         struct vb2_fw_preamble *hdr;
207         struct vb2_fw_preamble *h;
208         struct vb2_public_key rsa;
209         uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES]
210                  __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
211         struct vb2_workbuf wb;
212         uint32_t hsize;
213
214         vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
215
216         /* Create a dummy signature */
217         struct vb2_signature *body_sig = vb2_alloc_signature(56, 78);
218
219         TEST_SUCC(vb2_unpack_key(&rsa, (uint8_t *)public_key,
220                                  public_key->key_offset + public_key->key_size),
221                   "vb2_verify_fw_preamble() prereq key");
222
223         hdr = vb2_create_fw_preamble(0x1234, kernel_subkey, body_sig,
224                                      private_key, 0x5678);
225         TEST_PTR_NEQ(hdr, NULL,
226                      "vb2_verify_fw_preamble() prereq test preamble");
227         if (!hdr)
228                 return;
229         hsize = (uint32_t) hdr->preamble_size;
230         h = (struct vb2_fw_preamble *)malloc(hsize + 16384);
231
232         Memcpy(h, hdr, hsize);
233         TEST_SUCC(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
234                   "vb2_verify_fw_preamble() ok using key");
235
236         Memcpy(h, hdr, hsize);
237         TEST_EQ(vb2_verify_fw_preamble(h, 4, &rsa, &wb),
238                 VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER,
239                 "vb2_verify_fw_preamble() size tiny");
240
241         Memcpy(h, hdr, hsize);
242         TEST_EQ(vb2_verify_fw_preamble(h, hsize - 1, &rsa, &wb),
243                 VB2_ERROR_PREAMBLE_SIZE,
244                 "vb2_verify_fw_preamble() size--");
245
246         /* Buffer is allowed to be bigger than preamble */
247         Memcpy(h, hdr, hsize);
248         TEST_SUCC(vb2_verify_fw_preamble(h, hsize + 1, &rsa, &wb),
249                   "vb2_verify_fw_preamble() size++");
250
251         /* Care about major version but not minor */
252         Memcpy(h, hdr, hsize);
253         h->header_version_major++;
254         resign_fw_preamble(h, private_key);
255         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
256                 VB2_ERROR_PREAMBLE_HEADER_VERSION
257                 , "vb2_verify_fw_preamble() major++");
258
259         Memcpy(h, hdr, hsize);
260         h->header_version_major--;
261         resign_fw_preamble(h, private_key);
262         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
263                 VB2_ERROR_PREAMBLE_HEADER_VERSION,
264                 "vb2_verify_fw_preamble() major--");
265
266         Memcpy(h, hdr, hsize);
267         h->header_version_minor++;
268         resign_fw_preamble(h, private_key);
269         TEST_SUCC(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
270                   "vb2_verify_fw_preamble() minor++");
271
272         Memcpy(h, hdr, hsize);
273         h->header_version_minor--;
274         resign_fw_preamble(h, private_key);
275         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
276                 VB2_ERROR_PREAMBLE_HEADER_OLD,
277                 "vb2_verify_fw_preamble() 2.0 not supported");
278
279         /* Check signature */
280         Memcpy(h, hdr, hsize);
281         h->preamble_signature.sig_offset = hsize;
282         resign_fw_preamble(h, private_key);
283         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
284                 VB2_ERROR_PREAMBLE_SIG_OUTSIDE,
285                 "vb2_verify_fw_preamble() sig off end");
286
287         Memcpy(h, hdr, hsize);
288         h->preamble_signature.sig_size--;
289         resign_fw_preamble(h, private_key);
290         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
291                 VB2_ERROR_PREAMBLE_SIG_INVALID,
292                 "vb2_verify_fw_preamble() sig too small");
293
294         Memcpy(h, hdr, hsize);
295         ((uint8_t *)vb2_packed_key_data(&h->kernel_subkey))[0] ^= 0x34;
296         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
297                 VB2_ERROR_PREAMBLE_SIG_INVALID,
298                 "vb2_verify_fw_preamble() sig mismatch");
299
300         /* Check that we signed header, kernel subkey, and body sig */
301         Memcpy(h, hdr, hsize);
302         h->preamble_signature.data_size = 4;
303         h->kernel_subkey.key_offset = 0;
304         h->kernel_subkey.key_size = 0;
305         h->body_signature.sig_offset = 0;
306         h->body_signature.sig_size = 0;
307         resign_fw_preamble(h, private_key);
308         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
309                 VB2_ERROR_PREAMBLE_SIGNED_TOO_LITTLE,
310                 "vb2_verify_fw_preamble() didn't sign header");
311
312         Memcpy(h, hdr, hsize);
313         h->kernel_subkey.key_offset = hsize;
314         resign_fw_preamble(h, private_key);
315         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
316                 VB2_ERROR_PREAMBLE_KERNEL_SUBKEY_OUTSIDE,
317                 "vb2_verify_fw_preamble() kernel subkey off end");
318
319         Memcpy(h, hdr, hsize);
320         h->body_signature.sig_offset = hsize;
321         resign_fw_preamble(h, private_key);
322         TEST_EQ(vb2_verify_fw_preamble(h, hsize, &rsa, &wb),
323                 VB2_ERROR_PREAMBLE_BODY_SIG_OUTSIDE,
324                 "vb2_verify_fw_preamble() body sig off end");
325
326         /* TODO: verify with extra padding at end of header. */
327
328         free(h);
329         free(hdr);
330 }
331
332 static void resign_kernel_preamble(struct vb2_kernel_preamble *h,
333                                    const VbPrivateKey *key)
334 {
335         VbSignature *sig = CalculateSignature(
336                 (const uint8_t *)h, h->preamble_signature.data_size, key);
337
338         SignatureCopy((VbSignature *)&h->preamble_signature, sig);
339         free(sig);
340 }
341
342 static void test_verify_kernel_preamble(const VbPublicKey *public_key,
343                                         const VbPrivateKey *private_key)
344 {
345         struct vb2_kernel_preamble *hdr;
346         struct vb2_kernel_preamble *h;
347         struct vb2_public_key rsa;
348         // TODO: how many workbuf bytes?
349         uint8_t workbuf[VB2_VERIFY_FIRMWARE_PREAMBLE_WORKBUF_BYTES]
350                  __attribute__ ((aligned (VB2_WORKBUF_ALIGN)));
351         struct vb2_workbuf wb;
352         uint32_t hsize;
353
354         vb2_workbuf_init(&wb, workbuf, sizeof(workbuf));
355
356         /* Create a dummy signature */
357         struct vb2_signature *body_sig = vb2_alloc_signature(56, 0x214000);
358
359         TEST_SUCC(vb2_unpack_key(&rsa, (uint8_t *)public_key,
360                                  public_key->key_offset + public_key->key_size),
361                   "vb2_verify_kernel_preamble() prereq key");
362
363         hdr = (struct vb2_kernel_preamble *)
364                 CreateKernelPreamble(0x1234, 0x100000, 0x300000, 0x4000,
365                                      (VbSignature *)body_sig,
366                                      0x304000, 0x10000, 0, 0,
367                                      private_key);
368         TEST_PTR_NEQ(hdr, NULL,
369                      "vb2_verify_kernel_preamble() prereq test preamble");
370         if (!hdr)
371                 return;
372         hsize = (uint32_t) hdr->preamble_size;
373         h = (struct vb2_kernel_preamble *)malloc(hsize + 16384);
374
375         Memcpy(h, hdr, hsize);
376         TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
377                   "vb2_verify_kernel_preamble() ok using key");
378
379         Memcpy(h, hdr, hsize);
380         TEST_EQ(vb2_verify_kernel_preamble(h, 4, &rsa, &wb),
381                 VB2_ERROR_PREAMBLE_TOO_SMALL_FOR_HEADER,
382                 "vb2_verify_kernel_preamble() size tiny");
383
384         Memcpy(h, hdr, hsize);
385         TEST_EQ(vb2_verify_kernel_preamble(h, hsize - 1, &rsa, &wb),
386                 VB2_ERROR_PREAMBLE_SIZE,
387                 "vb2_verify_kernel_preamble() size--");
388
389         /* Buffer is allowed to be bigger than preamble */
390         Memcpy(h, hdr, hsize);
391         TEST_SUCC(vb2_verify_kernel_preamble(h, hsize + 1, &rsa, &wb),
392                   "vb2_verify_kernel_preamble() size++");
393
394         /* Care about major version but not minor */
395         Memcpy(h, hdr, hsize);
396         h->header_version_major++;
397         resign_kernel_preamble(h, private_key);
398         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
399                 VB2_ERROR_PREAMBLE_HEADER_VERSION
400                 , "vb2_verify_kernel_preamble() major++");
401
402         Memcpy(h, hdr, hsize);
403         h->header_version_major--;
404         resign_kernel_preamble(h, private_key);
405         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
406                 VB2_ERROR_PREAMBLE_HEADER_VERSION,
407                 "vb2_verify_kernel_preamble() major--");
408
409         Memcpy(h, hdr, hsize);
410         h->header_version_minor++;
411         resign_kernel_preamble(h, private_key);
412         TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
413                   "vb2_verify_kernel_preamble() minor++");
414
415         /* Check signature */
416         Memcpy(h, hdr, hsize);
417         h->preamble_signature.sig_offset = hsize;
418         resign_kernel_preamble(h, private_key);
419         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
420                 VB2_ERROR_PREAMBLE_SIG_OUTSIDE,
421                 "vb2_verify_kernel_preamble() sig off end");
422
423         Memcpy(h, hdr, hsize);
424         h->preamble_signature.sig_size--;
425         resign_kernel_preamble(h, private_key);
426         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
427                 VB2_ERROR_PREAMBLE_SIG_INVALID,
428                 "vb2_verify_kernel_preamble() sig too small");
429
430         Memcpy(h, hdr, hsize);
431         h->flags++;
432         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
433                 VB2_ERROR_PREAMBLE_SIG_INVALID,
434                 "vb2_verify_kernel_preamble() sig mismatch");
435
436         /* Check that we signed header and body sig */
437         Memcpy(h, hdr, hsize);
438         h->preamble_signature.data_size = 4;
439         h->body_signature.sig_offset = 0;
440         h->body_signature.sig_size = 0;
441         resign_kernel_preamble(h, private_key);
442         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
443                 VB2_ERROR_PREAMBLE_SIGNED_TOO_LITTLE,
444                 "vb2_verify_kernel_preamble() didn't sign header");
445
446         Memcpy(h, hdr, hsize);
447         h->body_signature.sig_offset = hsize;
448         resign_kernel_preamble(h, private_key);
449         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
450                 VB2_ERROR_PREAMBLE_BODY_SIG_OUTSIDE,
451                 "vb2_verify_kernel_preamble() body sig off end");
452
453         /* Check bootloader inside signed body */
454         Memcpy(h, hdr, hsize);
455         h->bootloader_address = h->body_load_address - 1;
456         resign_kernel_preamble(h, private_key);
457         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
458                 VB2_ERROR_PREAMBLE_BOOTLOADER_OUTSIDE,
459                 "vb2_verify_kernel_preamble() bootloader before body");
460
461         Memcpy(h, hdr, hsize);
462         h->bootloader_address = h->body_load_address +
463                 h->body_signature.data_size + 1;
464         resign_kernel_preamble(h, private_key);
465         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
466                 VB2_ERROR_PREAMBLE_BOOTLOADER_OUTSIDE,
467                 "vb2_verify_kernel_preamble() bootloader off end of body");
468
469         Memcpy(h, hdr, hsize);
470         h->bootloader_address = h->body_load_address +
471                 h->body_signature.data_size + 1;
472         h->bootloader_size = 0;
473         resign_kernel_preamble(h, private_key);
474         TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
475                   "vb2_verify_kernel_preamble() no bootloader");
476
477         /* Check vmlinuz inside signed body */
478         Memcpy(h, hdr, hsize);
479         h->vmlinuz_header_address = h->body_load_address - 1;
480         resign_kernel_preamble(h, private_key);
481         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
482                 VB2_ERROR_PREAMBLE_VMLINUZ_HEADER_OUTSIDE,
483                 "vb2_verify_kernel_preamble() vmlinuz_header before body");
484
485         Memcpy(h, hdr, hsize);
486         h->vmlinuz_header_address = h->body_load_address +
487                 h->body_signature.data_size + 1;
488         resign_kernel_preamble(h, private_key);
489         TEST_EQ(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
490                 VB2_ERROR_PREAMBLE_VMLINUZ_HEADER_OUTSIDE,
491                 "vb2_verify_kernel_preamble() vmlinuz_header off end of body");
492
493         Memcpy(h, hdr, hsize);
494         h->vmlinuz_header_address = h->body_load_address +
495                 h->body_signature.data_size + 1;
496         h->vmlinuz_header_size = 0;
497         resign_kernel_preamble(h, private_key);
498         TEST_SUCC(vb2_verify_kernel_preamble(h, hsize, &rsa, &wb),
499                   "vb2_verify_kernel_preamble() no vmlinuz_header");
500
501         /* TODO: verify with extra padding at end of header. */
502
503         free(h);
504         free(hdr);
505 }
506
507 int test_permutation(int signing_key_algorithm, int data_key_algorithm,
508                      const char *keys_dir)
509 {
510         char filename[1024];
511         int signing_rsa_len = siglen_map[signing_key_algorithm] * 8;
512         int data_rsa_len = siglen_map[data_key_algorithm] * 8;
513
514         VbPrivateKey *signing_private_key = NULL;
515         VbPublicKey *signing_public_key = NULL;
516         VbPublicKey *data_public_key = NULL;
517
518         printf("***Testing signing algorithm: %s\n",
519                algo_strings[signing_key_algorithm]);
520         printf("***With data key algorithm: %s\n",
521                algo_strings[data_key_algorithm]);
522
523         sprintf(filename, "%s/key_rsa%d.pem", keys_dir, signing_rsa_len);
524         signing_private_key = PrivateKeyReadPem(filename,
525                                                 signing_key_algorithm);
526         if (!signing_private_key) {
527                 fprintf(stderr, "Error reading signing_private_key: %s\n",
528                         filename);
529                 return 1;
530         }
531
532         struct vb2_private_key *signing_private_key2 =
533                 vb2_read_private_key_pem(filename, signing_key_algorithm);
534         if (!signing_private_key2) {
535                 fprintf(stderr, "Error reading signing_private_key: %s\n",
536                         filename);
537                 return 1;
538         }
539
540         sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, signing_rsa_len);
541         signing_public_key = PublicKeyReadKeyb(filename,
542                                                signing_key_algorithm, 1);
543         if (!signing_public_key) {
544                 fprintf(stderr, "Error reading signing_public_key: %s\n",
545                         filename);
546                 return 1;
547         }
548
549         sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, data_rsa_len);
550         data_public_key = PublicKeyReadKeyb(filename,
551                                             data_key_algorithm, 1);
552         if (!data_public_key) {
553                 fprintf(stderr, "Error reading data_public_key: %s\n",
554                         filename);
555                 return 1;
556         }
557
558         /* Unpack public key */
559         struct vb2_public_key signing_public_key2;
560         if (VB2_SUCCESS !=
561             vb2_unpack_key(&signing_public_key2,
562                            (uint8_t *)signing_public_key,
563                            signing_public_key->key_offset +
564                            signing_public_key->key_size)) {
565                 fprintf(stderr, "Error unpacking signing_public_key: %s\n",
566                         filename);
567                 return 1;
568         }
569
570         test_check_keyblock(&signing_public_key2, signing_private_key2,
571                             (struct vb2_packed_key *)data_public_key);
572         test_verify_keyblock(&signing_public_key2, signing_private_key2,
573                              (struct vb2_packed_key *)data_public_key);
574         test_verify_fw_preamble(signing_public_key, signing_private_key2,
575                                 (struct vb2_packed_key *)data_public_key);
576         test_verify_kernel_preamble(signing_public_key, signing_private_key);
577
578         if (signing_public_key)
579                 free(signing_public_key);
580         if (signing_private_key)
581                 free(signing_private_key);
582         if (signing_private_key2)
583                 free(signing_private_key2);
584         if (data_public_key)
585                 free(data_public_key);
586
587         return 0;
588 }
589
590 struct test_perm
591 {
592         int signing_algorithm;
593         int data_key_algorithm;
594 };
595
596 /* Permutations of signing and data key algorithms in active use */
597 const struct test_perm test_perms[] = {
598         {VB2_ALG_RSA4096_SHA256, VB2_ALG_RSA2048_SHA256},
599         {VB2_ALG_RSA8192_SHA512, VB2_ALG_RSA2048_SHA256},
600         {VB2_ALG_RSA8192_SHA512, VB2_ALG_RSA4096_SHA256},
601 };
602
603 int main(int argc, char *argv[])
604 {
605         if (argc == 2) {
606                 /* Test only the algorithms we use */
607                 int i;
608
609                 for (i = 0; i < ARRAY_SIZE(test_perms); i++) {
610                         if (test_permutation(test_perms[i].signing_algorithm,
611                                              test_perms[i].data_key_algorithm,
612                                              argv[1]))
613                                 return 1;
614                 }
615
616         } else if (argc == 3 && !strcasecmp(argv[2], "--all")) {
617                 /* Test all the algorithms */
618                 int sign_alg, data_alg;
619
620                 for (sign_alg = 0; sign_alg < VB2_ALG_COUNT; sign_alg++) {
621                         for (data_alg = 0; data_alg < VB2_ALG_COUNT;
622                              data_alg++) {
623                                 if (test_permutation(sign_alg, data_alg,
624                                                      argv[1]))
625                                         return 1;
626                         }
627                 }
628         } else {
629                 fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]);
630                 return -1;
631         }
632
633         return gTestSuccess ? 0 : 255;
634 }