[U-Boot,v4,6/6] test: add rsa_verify() unit test

Message ID	20191121001121.21854-7-takahiro.akashi@linaro.org
State	Changes Requested
Delegated to:	Tom Rini
Headers	show Return-Path: <u-boot-bounces@lists.denx.de> From: AKASHI Takahiro <takahiro.akashi@linaro.org> To: trini@konsulko.com, sjg@chromium.org, xypron.glpk@gmx.de, agraf@csgraf.de Date: Thu, 21 Nov 2019 09:11:21 +0900 Message-Id: <20191121001121.21854-7-takahiro.akashi@linaro.org> In-Reply-To: <20191121001121.21854-1-takahiro.akashi@linaro.org> References: <20191121001121.21854-1-takahiro.akashi@linaro.org> MIME-Version: 1.0 Cc: u-boot@lists.denx.de, mail@patrick-wildt.de Subject: [U-Boot] [PATCH v4 6/6] test: add rsa_verify() unit test Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
Series	rsa: extend rsa_verify() for UEFI secure boot \| expand [U-Boot,v4,0/6] rsa: extend rsa_verify() for UEFI secure boot [U-Boot,v4,1/6] lib: rsa: decouple rsa from FIT image verification [U-Boot,v4,2/6] rsa: add CONFIG_RSA_VERIFY_WITH_PKEY config [U-Boot,v4,3/6] include: image.h: add key info to image_sign_info [U-Boot,v4,4/6] lib: rsa: generate additional parameters for public key [U-Boot,v4,5/6] lib: rsa: add rsa_verify_with_pkey() [U-Boot,v4,6/6] test: add rsa_verify() unit test

AKASHI Takahiro Nov. 21, 2019, 12:11 a.m. UTC

In this patch, a very simple test is added to verify that rsa_verify()
using rsa_verify_with_pkey() work correctly.

To keep the code simple, all the test data, either public key and
verified binary data, are embedded in the source.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
---
 test/Kconfig      |  12 +++
 test/lib/Makefile |   1 +
 test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 219 insertions(+)
 create mode 100644 test/lib/rsa.c

Heinrich Schuchardt Jan. 8, 2020, 5:43 p.m. UTC | #1

On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> In this patch, a very simple test is added to verify that rsa_verify()
> using rsa_verify_with_pkey() work correctly.
>
> To keep the code simple, all the test data, either public key and
> verified binary data, are embedded in the source.
>
> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> ---
>   test/Kconfig      |  12 +++
>   test/lib/Makefile |   1 +
>   test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
>   3 files changed, 219 insertions(+)
>   create mode 100644 test/lib/rsa.c
>
> diff --git a/test/Kconfig b/test/Kconfig
> index cb7954041eda..64d76c3b20a5 100644
> --- a/test/Kconfig
> +++ b/test/Kconfig
> @@ -28,6 +28,18 @@ config UT_LIB_ASN1
>   	  Enables a test which exercises asn1 compiler and decoder function
>   	  via various parsers.
>
> +config UT_LIB_RSA
> +	bool "Unit test for rsa_verify() function"
> +	imply RSA
> +	imply ASYMMETRIC_KEY_TYPE
> +	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> +	imply RSA_PUBLIC_KEY_PARSER
> +	imply RSA_VERIFY_WITH_PKEY

This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
executed otherwise.

Best regards

Heinrich

> +	default y
> +	help
> +	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
> +	  only, at the 'ut lib' command.
> +
>   endif
>
>   config UT_TIME
> diff --git a/test/lib/Makefile b/test/lib/Makefile
> index 72d2ec74b5f4..2bf6ef3935bb 100644
> --- a/test/lib/Makefile
> +++ b/test/lib/Makefile
> @@ -8,3 +8,4 @@ obj-y += lmb.o
>   obj-y += string.o
>   obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
>   obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> +obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> diff --git a/test/lib/rsa.c b/test/lib/rsa.c
> new file mode 100644
> index 000000000000..44f8ade226f4
> --- /dev/null
> +++ b/test/lib/rsa.c
> @@ -0,0 +1,206 @@
> +// SPDX-License-Identifier: GPL-2.0+
> +/*
> + * Copyright (c) 2019 Linaro Limited
> + * Author: AKASHI Takahiro
> + *
> + * Unit test for rsa_verify() function
> + */
> +
> +#include <common.h>
> +#include <command.h>
> +#include <image.h>
> +#include <test/lib.h>
> +#include <test/test.h>
> +#include <test/ut.h>
> +#include <u-boot/rsa.h>
> +
> +#ifdef CONFIG_RSA_VERIFY_WITH_PKEY

Please, remove this ifdef. Simply do not build this module if
CONFIG_RSA_VERIFY_WITH_PKEY is not defined.

> +/*
> + * openssl genrsa 2048 -out private.pem
> + * openssl rsa -in private.pem -pubout -outform der -out public.der
> + * dd if=public.der of=public.raw bs=24 skip=1
> + */
> +static unsigned char public_key[] = {
> +	0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xca, 0x25, 0x23,
> +	0xe0, 0x0a, 0x4d, 0x8f, 0x56, 0xfc, 0xc9, 0x06, 0x4c, 0xcc, 0x94, 0x43,
> +	0xe0, 0x56, 0x44, 0x6e, 0x37, 0x54, 0x87, 0x12, 0x84, 0xf9, 0x07, 0x4f,
> +	0xe4, 0x23, 0x40, 0xc3, 0x43, 0x84, 0x37, 0x86, 0xd3, 0x9d, 0x95, 0x1c,
> +	0xe4, 0x8a, 0x66, 0x02, 0x09, 0xe2, 0x3d, 0xce, 0x2c, 0xc6, 0x02, 0x6a,
> +	0xd4, 0x65, 0x61, 0xff, 0x85, 0x6f, 0x88, 0x63, 0xba, 0x31, 0x62, 0x1e,
> +	0xb7, 0x95, 0xe9, 0x08, 0x3c, 0xe9, 0x35, 0xde, 0xfd, 0x65, 0x92, 0xb8,
> +	0x9e, 0x71, 0xa4, 0xcd, 0x47, 0xfd, 0x04, 0x26, 0xb9, 0x78, 0xbf, 0x05,
> +	0x0d, 0xfc, 0x00, 0x84, 0x08, 0xfc, 0xc4, 0x4b, 0xea, 0xf5, 0x97, 0x68,
> +	0x0d, 0x97, 0xd7, 0xff, 0x4f, 0x92, 0x82, 0xd7, 0xbb, 0xef, 0xb7, 0x67,
> +	0x8e, 0x72, 0x54, 0xe8, 0xc5, 0x9e, 0xfd, 0xd8, 0x38, 0xe9, 0xbe, 0x19,
> +	0x37, 0x5b, 0x36, 0x8b, 0xbf, 0x49, 0xa1, 0x59, 0x3a, 0x9d, 0xad, 0x92,
> +	0x08, 0x0b, 0xe3, 0xa4, 0xa4, 0x7d, 0xd3, 0x70, 0xc0, 0xb8, 0xfb, 0xc7,
> +	0xda, 0xd3, 0x19, 0x86, 0x37, 0x9a, 0xcd, 0xab, 0x30, 0x96, 0xab, 0xa4,
> +	0xa2, 0x31, 0xa0, 0x38, 0xfb, 0xbf, 0x85, 0xd3, 0x24, 0x39, 0xed, 0xbf,
> +	0xe1, 0x31, 0xed, 0x6c, 0x39, 0xc1, 0xe5, 0x05, 0x2e, 0x12, 0x30, 0x36,
> +	0x73, 0x5d, 0x62, 0xf3, 0x82, 0xaf, 0x38, 0xc8, 0xca, 0xfa, 0xa1, 0x99,
> +	0x57, 0x3c, 0xe1, 0xc1, 0x7b, 0x05, 0x0b, 0xcc, 0x2e, 0xa9, 0x10, 0xc8,
> +	0x68, 0xbd, 0x27, 0xb6, 0x19, 0x9c, 0xd2, 0xad, 0xb3, 0x1f, 0xca, 0x35,
> +	0x6e, 0x84, 0x23, 0xa1, 0xe9, 0xa4, 0x4c, 0xab, 0x19, 0x09, 0x79, 0x6e,
> +	0x3c, 0x7b, 0x74, 0xfc, 0x33, 0x05, 0xcf, 0xa4, 0x2e, 0xeb, 0x55, 0x60,
> +	0x05, 0xc7, 0xcf, 0x3f, 0x92, 0xac, 0x2d, 0x69, 0x0b, 0x19, 0x16, 0x79,
> +	0x75, 0x02, 0x03, 0x01, 0x00, 0x01
> +};
> +
> +static unsigned int public_key_len = 270;
> +
> +/*
> + * dd if=/dev/urandom of=data.raw bs=512 count=1
> + */
> +static unsigned char data_raw[] = {
> +	0x3e, 0x48, 0x6e, 0xef, 0x83, 0xd1, 0x4c, 0xfd, 0x92, 0x47, 0x92, 0xd7,
> +	0xf6, 0x16, 0x25, 0x0a, 0xdf, 0xe2, 0xb6, 0x6c, 0xe7, 0xe0, 0x55, 0xb2,
> +	0x70, 0x66, 0xf0, 0xe5, 0xdc, 0xaf, 0xd3, 0x2e, 0xc1, 0x3e, 0x5c, 0x4b,
> +	0xb5, 0xa7, 0x23, 0x1f, 0x2c, 0xce, 0xf8, 0x83, 0x00, 0x6d, 0xeb, 0xdd,
> +	0x19, 0x71, 0x13, 0xb4, 0xae, 0x5c, 0xa8, 0xae, 0x52, 0xc8, 0xe1, 0x77,
> +	0x9e, 0x98, 0x75, 0xbc, 0xef, 0x36, 0x9f, 0x0c, 0x14, 0xed, 0x1a, 0x0a,
> +	0x4f, 0x6c, 0xa4, 0xb1, 0xbb, 0x0e, 0x43, 0x93, 0x12, 0xfc, 0x2e, 0x82,
> +	0x93, 0x4e, 0xcb, 0xa2, 0xcd, 0x59, 0x3f, 0xc5, 0x11, 0x38, 0x3a, 0x88,
> +	0xc3, 0xcf, 0xf9, 0x61, 0xa8, 0x9e, 0x96, 0xb6, 0xbf, 0xa6, 0x5b, 0x0d,
> +	0xd9, 0xbd, 0x05, 0x4c, 0xbe, 0xed, 0x86, 0xca, 0x10, 0x63, 0x72, 0x75,
> +	0x4b, 0xbd, 0x86, 0x42, 0x30, 0x9d, 0x54, 0x4e, 0x12, 0xda, 0xf4, 0xb4,
> +	0xfd, 0xd9, 0x54, 0x95, 0x8f, 0x83, 0xc2, 0x63, 0x44, 0xdd, 0x96, 0x1a,
> +	0xd0, 0x7c, 0xcf, 0xcb, 0x16, 0xd6, 0xff, 0xa3, 0xbb, 0xeb, 0x24, 0x06,
> +	0xbf, 0x81, 0xd0, 0x29, 0x76, 0x19, 0x66, 0x84, 0xfc, 0x49, 0xde, 0x7b,
> +	0x5d, 0xd2, 0x27, 0x58, 0x21, 0x7b, 0xff, 0x4d, 0x64, 0xf3, 0x89, 0xe3,
> +	0xea, 0xb6, 0x54, 0x4e, 0xb1, 0x62, 0x52, 0x89, 0xe3, 0x22, 0xf2, 0x26,
> +	0x3e, 0x4f, 0x43, 0x58, 0x78, 0x91, 0x55, 0xbc, 0x1e, 0xd6, 0x97, 0xfc,
> +	0x0b, 0x85, 0x4c, 0x92, 0x9c, 0xbf, 0xc4, 0xb1, 0x62, 0x93, 0x27, 0xa9,
> +	0xb2, 0xf4, 0xb4, 0x7a, 0xfb, 0x56, 0xe5, 0x8f, 0xe1, 0x94, 0x4d, 0xfd,
> +	0xe4, 0x72, 0x8d, 0xa9, 0x71, 0x65, 0xcb, 0x2e, 0x6d, 0x39, 0xd5, 0x95,
> +	0xe7, 0x3f, 0xab, 0xaa, 0x7a, 0x74, 0x84, 0x25, 0x4b, 0x42, 0x1e, 0xd3,
> +	0x86, 0xca, 0x47, 0x4a, 0xf0, 0x24, 0x81, 0x24, 0xb0, 0xe1, 0xbb, 0x6c,
> +	0x3f, 0x2a, 0xa0, 0xb8, 0xeb, 0xd6, 0x01, 0xce, 0x63, 0x51, 0xe1, 0x81,
> +	0xd2, 0x32, 0x43, 0x56, 0x44, 0x4a, 0x6b, 0x51, 0x24, 0xa2, 0xc7, 0x39,
> +	0x7c, 0x54, 0xda, 0xf8, 0xd4, 0x93, 0x7c, 0x8e, 0x4e, 0x9d, 0x15, 0x08,
> +	0xce, 0x27, 0xd8, 0x28, 0xb0, 0x5b, 0x75, 0x32, 0x43, 0xe8, 0xd6, 0xbf,
> +	0x12, 0xd5, 0xc5, 0x12, 0x8e, 0xeb, 0x77, 0x8f, 0x00, 0xde, 0x45, 0x1e,
> +	0xdd, 0xf3, 0xef, 0x43, 0x99, 0x79, 0x86, 0xea, 0x01, 0xce, 0xf2, 0x4d,
> +	0xa0, 0xfe, 0x5a, 0x55, 0xc0, 0x1f, 0xce, 0xe8, 0xbe, 0xc2, 0x66, 0xdb,
> +	0xcb, 0x3f, 0xa5, 0x48, 0xa1, 0xe2, 0x49, 0xa1, 0x29, 0x65, 0x5b, 0x62,
> +	0x39, 0xcc, 0xef, 0xbe, 0x86, 0xb7, 0xe3, 0x44, 0x67, 0x04, 0x04, 0xb1,
> +	0xec, 0xd8, 0xb2, 0xb2, 0x38, 0xbc, 0x10, 0xea, 0x7a, 0x0e, 0xa4, 0xa4,
> +	0xcb, 0x21, 0xd9, 0xc7, 0xb4, 0x0b, 0xb8, 0x39, 0xb4, 0x07, 0x53, 0x3f,
> +	0xb9, 0x55, 0x55, 0xa1, 0x6f, 0x11, 0x49, 0xc0, 0x94, 0x77, 0xaf, 0x76,
> +	0x97, 0x7f, 0x31, 0x08, 0xdd, 0x72, 0x48, 0x72, 0xf8, 0x11, 0x4f, 0x69,
> +	0x10, 0xef, 0x23, 0x06, 0xf3, 0x34, 0xac, 0xee, 0x97, 0x89, 0x41, 0x1c,
> +	0x36, 0x38, 0xb1, 0x80, 0x96, 0x7a, 0x9e, 0x72, 0xab, 0x25, 0xeb, 0xce,
> +	0x7b, 0xb8, 0x5d, 0xc8, 0xef, 0xa4, 0x73, 0xa1, 0xa6, 0x8f, 0x01, 0x54,
> +	0xce, 0x58, 0x19, 0xe5, 0x7e, 0xfa, 0x77, 0x08, 0x9d, 0x53, 0xc1, 0xcc,
> +	0x08, 0xe8, 0x1d, 0xe0, 0x82, 0x5e, 0xe1, 0xe6, 0xbd, 0xbb, 0x59, 0x7e,
> +	0x12, 0x9c, 0x39, 0x60, 0x23, 0xf7, 0xbe, 0x0a, 0x7c, 0x48, 0x12, 0xa0,
> +	0x84, 0x04, 0x3f, 0xa1, 0x6e, 0x92, 0xcd, 0xa0, 0xac, 0xee, 0x0b, 0xbc,
> +	0x18, 0x30, 0x28, 0xbd, 0xf5, 0xfa, 0x3a, 0x35
> +};
> +
> +static unsigned int data_raw_len = 512;
> +
> +/*
> + * openssl dgst -sha256 -sign private.key -out data.enc data.raw
> + */
> +unsigned char data_enc[] = {
> +	0xa7, 0x4a, 0x12, 0x8f, 0xee, 0x65, 0x4b, 0xcd, 0x88, 0xca, 0x4d, 0xed,
> +	0xe3, 0x04, 0xe7, 0x7c, 0x59, 0xbf, 0x2f, 0xad, 0x95, 0x73, 0x5b, 0x2c,
> +	0x4e, 0xb5, 0xda, 0x5e, 0x3a, 0x6d, 0xb4, 0xc5, 0x84, 0x0c, 0xd2, 0x4a,
> +	0x62, 0x0d, 0x5f, 0xba, 0x10, 0xee, 0xb1, 0x2a, 0xe1, 0xfe, 0x50, 0x18,
> +	0x97, 0xcc, 0xea, 0x26, 0x62, 0x33, 0x5a, 0x1d, 0x51, 0x38, 0x52, 0x89,
> +	0x4d, 0xa7, 0x18, 0xff, 0xa6, 0xc8, 0xd4, 0x7a, 0xc0, 0xa6, 0x22, 0xdf,
> +	0x41, 0x89, 0x93, 0x9b, 0xe7, 0x9e, 0xc1, 0xc8, 0x80, 0xda, 0x1a, 0x3f,
> +	0xa4, 0x7a, 0xd0, 0x07, 0xcb, 0x5c, 0xa4, 0x75, 0x12, 0x54, 0x78, 0x67,
> +	0xbf, 0xe6, 0xae, 0x1e, 0x56, 0x33, 0x9e, 0xe0, 0x6e, 0x33, 0xa7, 0x58,
> +	0xb0, 0x47, 0x49, 0xa8, 0x37, 0xdb, 0x82, 0x4b, 0xbd, 0x32, 0x9c, 0xdc,
> +	0xf4, 0x67, 0x17, 0x24, 0x55, 0xfd, 0x83, 0x1e, 0xc8, 0xb4, 0x5c, 0xf9,
> +	0x15, 0x6c, 0x5e, 0xaa, 0x72, 0x03, 0x9e, 0x7c, 0x17, 0xf5, 0x7c, 0x37,
> +	0x96, 0x00, 0xb0, 0xd8, 0xaa, 0x05, 0xfa, 0xaa, 0xa1, 0x78, 0x77, 0xd5,
> +	0x09, 0xdd, 0x05, 0xc7, 0xe2, 0x9f, 0x68, 0xc7, 0xf8, 0xfb, 0x0b, 0x6f,
> +	0x18, 0x1e, 0xcc, 0x93, 0xd3, 0x3f, 0xc9, 0x26, 0x29, 0x64, 0xe7, 0x15,
> +	0xdc, 0xb8, 0x19, 0x10, 0x24, 0x55, 0x55, 0x3b, 0x79, 0xa1, 0x65, 0x12,
> +	0xe0, 0x0b, 0x88, 0x44, 0x4c, 0xea, 0x85, 0x5a, 0x6b, 0x2d, 0x45, 0x6e,
> +	0xe7, 0x83, 0x6f, 0x3a, 0xaa, 0x1e, 0xf1, 0x9c, 0x8f, 0xdc, 0xb9, 0x37,
> +	0xa2, 0x15, 0x61, 0x93, 0x06, 0x23, 0xf5, 0xfe, 0xf0, 0xf8, 0x2b, 0xf7,
> +	0xc0, 0x68, 0x67, 0xf6, 0x4e, 0x08, 0x0d, 0x0d, 0x08, 0xbe, 0xfb, 0x2c,
> +	0x4c, 0xe7, 0xd7, 0x1a, 0xad, 0xd9, 0x98, 0xa1, 0x8d, 0x94, 0x1c, 0xd1,
> +	0x89, 0x06, 0xc9, 0x3a
> +};
> +
> +static unsigned int data_enc_len = 256;
> +
> +/**
> + * lib_rsa_verify_valid() - unit test for rsa_verify()
> + *
> + * Test rsa_verify() with valid hash
> + *
> + * @uts:	unit test state
> + * Return:	0 = success, 1 = failure
> + */
> +static int lib_rsa_verify_valid(struct unit_test_state *uts)
> +{
> +	struct image_sign_info info;
> +	struct image_region reg;
> +	int ret;
> +
> +	memset(&info, '\0', sizeof(info));
> +	info.name = "sha256,rsa2048";
> +	info.padding = image_get_padding_algo("pkcs-1.5");
> +	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> +	info.crypto = image_get_crypto_algo(info.name);
> +
> +	info.key = public_key;
> +	info.keylen = public_key_len;
> +
> +	reg.data = data_raw;
> +	reg.size = data_raw_len;
> +	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> +	ut_assertf(ret == 0, "verification unexpectedly failed (%d)\n", ret);
> +
> +	return CMD_RET_SUCCESS;
> +}
> +
> +LIB_TEST(lib_rsa_verify_valid, 0);
> +
> +/**
> + * lib_rsa_verify_invalid() - unit test for rsa_verify()
> + *
> + * Test rsa_verify() with invalid hash
> + *
> + * @uts:	unit test state
> + * Return:	0 = success, 1 = failure
> + */
> +static int lib_rsa_verify_invalid(struct unit_test_state *uts)
> +{
> +	struct image_sign_info info;
> +	struct image_region reg;
> +	unsigned char ctmp;
> +	int ret;
> +
> +	memset(&info, '\0', sizeof(info));
> +	info.name = "sha256,rsa2048";
> +	info.padding = image_get_padding_algo("pkcs-1.5");
> +	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> +	info.crypto = image_get_crypto_algo(info.name);
> +
> +	info.key = public_key;
> +	info.keylen = public_key_len;
> +
> +	/* randomly corrupt enc'ed data */
> +	ctmp = data_enc[data_enc_len - 10];
> +	data_enc[data_enc_len - 10] = 0x12;
> +
> +	reg.data = data_raw;
> +	reg.size = data_raw_len;
> +	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> +
> +	/* revert a change */
> +	data_enc[data_enc_len - 10] = ctmp;
> +
> +	ut_assertf(ret != 0, "verification unexpectedly succeeded\n");
> +
> +	return CMD_RET_SUCCESS;
> +}
> +
> +LIB_TEST(lib_rsa_verify_invalid, 0);
> +#endif /* RSA_VERIFY_WITH_PKEY */
>

Heinrich Schuchardt Jan. 8, 2020, 10:25 p.m. UTC | #2

On 1/8/20 6:43 PM, Heinrich Schuchardt wrote:
>
>
> On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
>> In this patch, a very simple test is added to verify that rsa_verify()
>> using rsa_verify_with_pkey() work correctly.
>>
>> To keep the code simple, all the test data, either public key and
>> verified binary data, are embedded in the source.
>>
>> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
>> ---
>>   test/Kconfig      |  12 +++
>>   test/lib/Makefile |   1 +
>>   test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
>>   3 files changed, 219 insertions(+)
>>   create mode 100644 test/lib/rsa.c
>>
>> diff --git a/test/Kconfig b/test/Kconfig
>> index cb7954041eda..64d76c3b20a5 100644
>> --- a/test/Kconfig
>> +++ b/test/Kconfig
>> @@ -28,6 +28,18 @@ config UT_LIB_ASN1
>>         Enables a test which exercises asn1 compiler and decoder function
>>         via various parsers.
>>
>> +config UT_LIB_RSA
>> +    bool "Unit test for rsa_verify() function"
>> +    imply RSA
>> +    imply ASYMMETRIC_KEY_TYPE
>> +    imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>> +    imply RSA_PUBLIC_KEY_PARSER
>> +    imply RSA_VERIFY_WITH_PKEY
>
> This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
> executed otherwise.

When on qemu_arm64_defconfig I select all of the above mentioned configs
I get a build error:

aarch64-linux-gnu-ld.bfd: common/built-in.o:(.data.checksum_algos+0x10):
undefined reference to `sha1_der_prefix'
aarch64-linux-gnu-ld.bfd: common/built-in.o:(.data.checksum_algos+0x30):
undefined reference to `sha256_der_prefix'

Best regards

Heinrich

>
> Best regards
>
> Heinrich
>
>> +    default y
>> +    help
>> +      Enables rsa_verify() test, currently rsa_verify_with_pkey only()
>> +      only, at the 'ut lib' command.
>> +
>>   endif
>>
>>   config UT_TIME
>> diff --git a/test/lib/Makefile b/test/lib/Makefile
>> index 72d2ec74b5f4..2bf6ef3935bb 100644
>> --- a/test/lib/Makefile
>> +++ b/test/lib/Makefile
>> @@ -8,3 +8,4 @@ obj-y += lmb.o
>>   obj-y += string.o
>>   obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
>>   obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
>> +obj-$(CONFIG_UT_LIB_RSA) += rsa.o
>> diff --git a/test/lib/rsa.c b/test/lib/rsa.c
>> new file mode 100644
>> index 000000000000..44f8ade226f4
>> --- /dev/null
>> +++ b/test/lib/rsa.c
>> @@ -0,0 +1,206 @@
>> +// SPDX-License-Identifier: GPL-2.0+
>> +/*
>> + * Copyright (c) 2019 Linaro Limited
>> + * Author: AKASHI Takahiro
>> + *
>> + * Unit test for rsa_verify() function
>> + */
>> +
>> +#include <common.h>
>> +#include <command.h>
>> +#include <image.h>
>> +#include <test/lib.h>
>> +#include <test/test.h>
>> +#include <test/ut.h>
>> +#include <u-boot/rsa.h>
>> +
>> +#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
>
> Please, remove this ifdef. Simply do not build this module if
> CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
>
>> +/*
>> + * openssl genrsa 2048 -out private.pem
>> + * openssl rsa -in private.pem -pubout -outform der -out public.der
>> + * dd if=public.der of=public.raw bs=24 skip=1
>> + */
>> +static unsigned char public_key[] = {
>> +    0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xca, 0x25,
>> 0x23,
>> +    0xe0, 0x0a, 0x4d, 0x8f, 0x56, 0xfc, 0xc9, 0x06, 0x4c, 0xcc, 0x94,
>> 0x43,
>> +    0xe0, 0x56, 0x44, 0x6e, 0x37, 0x54, 0x87, 0x12, 0x84, 0xf9, 0x07,
>> 0x4f,
>> +    0xe4, 0x23, 0x40, 0xc3, 0x43, 0x84, 0x37, 0x86, 0xd3, 0x9d, 0x95,
>> 0x1c,
>> +    0xe4, 0x8a, 0x66, 0x02, 0x09, 0xe2, 0x3d, 0xce, 0x2c, 0xc6, 0x02,
>> 0x6a,
>> +    0xd4, 0x65, 0x61, 0xff, 0x85, 0x6f, 0x88, 0x63, 0xba, 0x31, 0x62,
>> 0x1e,
>> +    0xb7, 0x95, 0xe9, 0x08, 0x3c, 0xe9, 0x35, 0xde, 0xfd, 0x65, 0x92,
>> 0xb8,
>> +    0x9e, 0x71, 0xa4, 0xcd, 0x47, 0xfd, 0x04, 0x26, 0xb9, 0x78, 0xbf,
>> 0x05,
>> +    0x0d, 0xfc, 0x00, 0x84, 0x08, 0xfc, 0xc4, 0x4b, 0xea, 0xf5, 0x97,
>> 0x68,
>> +    0x0d, 0x97, 0xd7, 0xff, 0x4f, 0x92, 0x82, 0xd7, 0xbb, 0xef, 0xb7,
>> 0x67,
>> +    0x8e, 0x72, 0x54, 0xe8, 0xc5, 0x9e, 0xfd, 0xd8, 0x38, 0xe9, 0xbe,
>> 0x19,
>> +    0x37, 0x5b, 0x36, 0x8b, 0xbf, 0x49, 0xa1, 0x59, 0x3a, 0x9d, 0xad,
>> 0x92,
>> +    0x08, 0x0b, 0xe3, 0xa4, 0xa4, 0x7d, 0xd3, 0x70, 0xc0, 0xb8, 0xfb,
>> 0xc7,
>> +    0xda, 0xd3, 0x19, 0x86, 0x37, 0x9a, 0xcd, 0xab, 0x30, 0x96, 0xab,
>> 0xa4,
>> +    0xa2, 0x31, 0xa0, 0x38, 0xfb, 0xbf, 0x85, 0xd3, 0x24, 0x39, 0xed,
>> 0xbf,
>> +    0xe1, 0x31, 0xed, 0x6c, 0x39, 0xc1, 0xe5, 0x05, 0x2e, 0x12, 0x30,
>> 0x36,
>> +    0x73, 0x5d, 0x62, 0xf3, 0x82, 0xaf, 0x38, 0xc8, 0xca, 0xfa, 0xa1,
>> 0x99,
>> +    0x57, 0x3c, 0xe1, 0xc1, 0x7b, 0x05, 0x0b, 0xcc, 0x2e, 0xa9, 0x10,
>> 0xc8,
>> +    0x68, 0xbd, 0x27, 0xb6, 0x19, 0x9c, 0xd2, 0xad, 0xb3, 0x1f, 0xca,
>> 0x35,
>> +    0x6e, 0x84, 0x23, 0xa1, 0xe9, 0xa4, 0x4c, 0xab, 0x19, 0x09, 0x79,
>> 0x6e,
>> +    0x3c, 0x7b, 0x74, 0xfc, 0x33, 0x05, 0xcf, 0xa4, 0x2e, 0xeb, 0x55,
>> 0x60,
>> +    0x05, 0xc7, 0xcf, 0x3f, 0x92, 0xac, 0x2d, 0x69, 0x0b, 0x19, 0x16,
>> 0x79,
>> +    0x75, 0x02, 0x03, 0x01, 0x00, 0x01
>> +};
>> +
>> +static unsigned int public_key_len = 270;
>> +
>> +/*
>> + * dd if=/dev/urandom of=data.raw bs=512 count=1
>> + */
>> +static unsigned char data_raw[] = {
>> +    0x3e, 0x48, 0x6e, 0xef, 0x83, 0xd1, 0x4c, 0xfd, 0x92, 0x47, 0x92,
>> 0xd7,
>> +    0xf6, 0x16, 0x25, 0x0a, 0xdf, 0xe2, 0xb6, 0x6c, 0xe7, 0xe0, 0x55,
>> 0xb2,
>> +    0x70, 0x66, 0xf0, 0xe5, 0xdc, 0xaf, 0xd3, 0x2e, 0xc1, 0x3e, 0x5c,
>> 0x4b,
>> +    0xb5, 0xa7, 0x23, 0x1f, 0x2c, 0xce, 0xf8, 0x83, 0x00, 0x6d, 0xeb,
>> 0xdd,
>> +    0x19, 0x71, 0x13, 0xb4, 0xae, 0x5c, 0xa8, 0xae, 0x52, 0xc8, 0xe1,
>> 0x77,
>> +    0x9e, 0x98, 0x75, 0xbc, 0xef, 0x36, 0x9f, 0x0c, 0x14, 0xed, 0x1a,
>> 0x0a,
>> +    0x4f, 0x6c, 0xa4, 0xb1, 0xbb, 0x0e, 0x43, 0x93, 0x12, 0xfc, 0x2e,
>> 0x82,
>> +    0x93, 0x4e, 0xcb, 0xa2, 0xcd, 0x59, 0x3f, 0xc5, 0x11, 0x38, 0x3a,
>> 0x88,
>> +    0xc3, 0xcf, 0xf9, 0x61, 0xa8, 0x9e, 0x96, 0xb6, 0xbf, 0xa6, 0x5b,
>> 0x0d,
>> +    0xd9, 0xbd, 0x05, 0x4c, 0xbe, 0xed, 0x86, 0xca, 0x10, 0x63, 0x72,
>> 0x75,
>> +    0x4b, 0xbd, 0x86, 0x42, 0x30, 0x9d, 0x54, 0x4e, 0x12, 0xda, 0xf4,
>> 0xb4,
>> +    0xfd, 0xd9, 0x54, 0x95, 0x8f, 0x83, 0xc2, 0x63, 0x44, 0xdd, 0x96,
>> 0x1a,
>> +    0xd0, 0x7c, 0xcf, 0xcb, 0x16, 0xd6, 0xff, 0xa3, 0xbb, 0xeb, 0x24,
>> 0x06,
>> +    0xbf, 0x81, 0xd0, 0x29, 0x76, 0x19, 0x66, 0x84, 0xfc, 0x49, 0xde,
>> 0x7b,
>> +    0x5d, 0xd2, 0x27, 0x58, 0x21, 0x7b, 0xff, 0x4d, 0x64, 0xf3, 0x89,
>> 0xe3,
>> +    0xea, 0xb6, 0x54, 0x4e, 0xb1, 0x62, 0x52, 0x89, 0xe3, 0x22, 0xf2,
>> 0x26,
>> +    0x3e, 0x4f, 0x43, 0x58, 0x78, 0x91, 0x55, 0xbc, 0x1e, 0xd6, 0x97,
>> 0xfc,
>> +    0x0b, 0x85, 0x4c, 0x92, 0x9c, 0xbf, 0xc4, 0xb1, 0x62, 0x93, 0x27,
>> 0xa9,
>> +    0xb2, 0xf4, 0xb4, 0x7a, 0xfb, 0x56, 0xe5, 0x8f, 0xe1, 0x94, 0x4d,
>> 0xfd,
>> +    0xe4, 0x72, 0x8d, 0xa9, 0x71, 0x65, 0xcb, 0x2e, 0x6d, 0x39, 0xd5,
>> 0x95,
>> +    0xe7, 0x3f, 0xab, 0xaa, 0x7a, 0x74, 0x84, 0x25, 0x4b, 0x42, 0x1e,
>> 0xd3,
>> +    0x86, 0xca, 0x47, 0x4a, 0xf0, 0x24, 0x81, 0x24, 0xb0, 0xe1, 0xbb,
>> 0x6c,
>> +    0x3f, 0x2a, 0xa0, 0xb8, 0xeb, 0xd6, 0x01, 0xce, 0x63, 0x51, 0xe1,
>> 0x81,
>> +    0xd2, 0x32, 0x43, 0x56, 0x44, 0x4a, 0x6b, 0x51, 0x24, 0xa2, 0xc7,
>> 0x39,
>> +    0x7c, 0x54, 0xda, 0xf8, 0xd4, 0x93, 0x7c, 0x8e, 0x4e, 0x9d, 0x15,
>> 0x08,
>> +    0xce, 0x27, 0xd8, 0x28, 0xb0, 0x5b, 0x75, 0x32, 0x43, 0xe8, 0xd6,
>> 0xbf,
>> +    0x12, 0xd5, 0xc5, 0x12, 0x8e, 0xeb, 0x77, 0x8f, 0x00, 0xde, 0x45,
>> 0x1e,
>> +    0xdd, 0xf3, 0xef, 0x43, 0x99, 0x79, 0x86, 0xea, 0x01, 0xce, 0xf2,
>> 0x4d,
>> +    0xa0, 0xfe, 0x5a, 0x55, 0xc0, 0x1f, 0xce, 0xe8, 0xbe, 0xc2, 0x66,
>> 0xdb,
>> +    0xcb, 0x3f, 0xa5, 0x48, 0xa1, 0xe2, 0x49, 0xa1, 0x29, 0x65, 0x5b,
>> 0x62,
>> +    0x39, 0xcc, 0xef, 0xbe, 0x86, 0xb7, 0xe3, 0x44, 0x67, 0x04, 0x04,
>> 0xb1,
>> +    0xec, 0xd8, 0xb2, 0xb2, 0x38, 0xbc, 0x10, 0xea, 0x7a, 0x0e, 0xa4,
>> 0xa4,
>> +    0xcb, 0x21, 0xd9, 0xc7, 0xb4, 0x0b, 0xb8, 0x39, 0xb4, 0x07, 0x53,
>> 0x3f,
>> +    0xb9, 0x55, 0x55, 0xa1, 0x6f, 0x11, 0x49, 0xc0, 0x94, 0x77, 0xaf,
>> 0x76,
>> +    0x97, 0x7f, 0x31, 0x08, 0xdd, 0x72, 0x48, 0x72, 0xf8, 0x11, 0x4f,
>> 0x69,
>> +    0x10, 0xef, 0x23, 0x06, 0xf3, 0x34, 0xac, 0xee, 0x97, 0x89, 0x41,
>> 0x1c,
>> +    0x36, 0x38, 0xb1, 0x80, 0x96, 0x7a, 0x9e, 0x72, 0xab, 0x25, 0xeb,
>> 0xce,
>> +    0x7b, 0xb8, 0x5d, 0xc8, 0xef, 0xa4, 0x73, 0xa1, 0xa6, 0x8f, 0x01,
>> 0x54,
>> +    0xce, 0x58, 0x19, 0xe5, 0x7e, 0xfa, 0x77, 0x08, 0x9d, 0x53, 0xc1,
>> 0xcc,
>> +    0x08, 0xe8, 0x1d, 0xe0, 0x82, 0x5e, 0xe1, 0xe6, 0xbd, 0xbb, 0x59,
>> 0x7e,
>> +    0x12, 0x9c, 0x39, 0x60, 0x23, 0xf7, 0xbe, 0x0a, 0x7c, 0x48, 0x12,
>> 0xa0,
>> +    0x84, 0x04, 0x3f, 0xa1, 0x6e, 0x92, 0xcd, 0xa0, 0xac, 0xee, 0x0b,
>> 0xbc,
>> +    0x18, 0x30, 0x28, 0xbd, 0xf5, 0xfa, 0x3a, 0x35
>> +};
>> +
>> +static unsigned int data_raw_len = 512;
>> +
>> +/*
>> + * openssl dgst -sha256 -sign private.key -out data.enc data.raw
>> + */
>> +unsigned char data_enc[] = {
>> +    0xa7, 0x4a, 0x12, 0x8f, 0xee, 0x65, 0x4b, 0xcd, 0x88, 0xca, 0x4d,
>> 0xed,
>> +    0xe3, 0x04, 0xe7, 0x7c, 0x59, 0xbf, 0x2f, 0xad, 0x95, 0x73, 0x5b,
>> 0x2c,
>> +    0x4e, 0xb5, 0xda, 0x5e, 0x3a, 0x6d, 0xb4, 0xc5, 0x84, 0x0c, 0xd2,
>> 0x4a,
>> +    0x62, 0x0d, 0x5f, 0xba, 0x10, 0xee, 0xb1, 0x2a, 0xe1, 0xfe, 0x50,
>> 0x18,
>> +    0x97, 0xcc, 0xea, 0x26, 0x62, 0x33, 0x5a, 0x1d, 0x51, 0x38, 0x52,
>> 0x89,
>> +    0x4d, 0xa7, 0x18, 0xff, 0xa6, 0xc8, 0xd4, 0x7a, 0xc0, 0xa6, 0x22,
>> 0xdf,
>> +    0x41, 0x89, 0x93, 0x9b, 0xe7, 0x9e, 0xc1, 0xc8, 0x80, 0xda, 0x1a,
>> 0x3f,
>> +    0xa4, 0x7a, 0xd0, 0x07, 0xcb, 0x5c, 0xa4, 0x75, 0x12, 0x54, 0x78,
>> 0x67,
>> +    0xbf, 0xe6, 0xae, 0x1e, 0x56, 0x33, 0x9e, 0xe0, 0x6e, 0x33, 0xa7,
>> 0x58,
>> +    0xb0, 0x47, 0x49, 0xa8, 0x37, 0xdb, 0x82, 0x4b, 0xbd, 0x32, 0x9c,
>> 0xdc,
>> +    0xf4, 0x67, 0x17, 0x24, 0x55, 0xfd, 0x83, 0x1e, 0xc8, 0xb4, 0x5c,
>> 0xf9,
>> +    0x15, 0x6c, 0x5e, 0xaa, 0x72, 0x03, 0x9e, 0x7c, 0x17, 0xf5, 0x7c,
>> 0x37,
>> +    0x96, 0x00, 0xb0, 0xd8, 0xaa, 0x05, 0xfa, 0xaa, 0xa1, 0x78, 0x77,
>> 0xd5,
>> +    0x09, 0xdd, 0x05, 0xc7, 0xe2, 0x9f, 0x68, 0xc7, 0xf8, 0xfb, 0x0b,
>> 0x6f,
>> +    0x18, 0x1e, 0xcc, 0x93, 0xd3, 0x3f, 0xc9, 0x26, 0x29, 0x64, 0xe7,
>> 0x15,
>> +    0xdc, 0xb8, 0x19, 0x10, 0x24, 0x55, 0x55, 0x3b, 0x79, 0xa1, 0x65,
>> 0x12,
>> +    0xe0, 0x0b, 0x88, 0x44, 0x4c, 0xea, 0x85, 0x5a, 0x6b, 0x2d, 0x45,
>> 0x6e,
>> +    0xe7, 0x83, 0x6f, 0x3a, 0xaa, 0x1e, 0xf1, 0x9c, 0x8f, 0xdc, 0xb9,
>> 0x37,
>> +    0xa2, 0x15, 0x61, 0x93, 0x06, 0x23, 0xf5, 0xfe, 0xf0, 0xf8, 0x2b,
>> 0xf7,
>> +    0xc0, 0x68, 0x67, 0xf6, 0x4e, 0x08, 0x0d, 0x0d, 0x08, 0xbe, 0xfb,
>> 0x2c,
>> +    0x4c, 0xe7, 0xd7, 0x1a, 0xad, 0xd9, 0x98, 0xa1, 0x8d, 0x94, 0x1c,
>> 0xd1,
>> +    0x89, 0x06, 0xc9, 0x3a
>> +};
>> +
>> +static unsigned int data_enc_len = 256;
>> +
>> +/**
>> + * lib_rsa_verify_valid() - unit test for rsa_verify()
>> + *
>> + * Test rsa_verify() with valid hash
>> + *
>> + * @uts:    unit test state
>> + * Return:    0 = success, 1 = failure
>> + */
>> +static int lib_rsa_verify_valid(struct unit_test_state *uts)
>> +{
>> +    struct image_sign_info info;
>> +    struct image_region reg;
>> +    int ret;
>> +
>> +    memset(&info, '\0', sizeof(info));
>> +    info.name = "sha256,rsa2048";
>> +    info.padding = image_get_padding_algo("pkcs-1.5");
>> +    info.checksum = image_get_checksum_algo("sha256,rsa2048");
>> +    info.crypto = image_get_crypto_algo(info.name);
>> +
>> +    info.key = public_key;
>> +    info.keylen = public_key_len;
>> +
>> +    reg.data = data_raw;
>> +    reg.size = data_raw_len;
>> +    ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
>> +    ut_assertf(ret == 0, "verification unexpectedly failed (%d)\n",
>> ret);
>> +
>> +    return CMD_RET_SUCCESS;
>> +}
>> +
>> +LIB_TEST(lib_rsa_verify_valid, 0);
>> +
>> +/**
>> + * lib_rsa_verify_invalid() - unit test for rsa_verify()
>> + *
>> + * Test rsa_verify() with invalid hash
>> + *
>> + * @uts:    unit test state
>> + * Return:    0 = success, 1 = failure
>> + */
>> +static int lib_rsa_verify_invalid(struct unit_test_state *uts)
>> +{
>> +    struct image_sign_info info;
>> +    struct image_region reg;
>> +    unsigned char ctmp;
>> +    int ret;
>> +
>> +    memset(&info, '\0', sizeof(info));
>> +    info.name = "sha256,rsa2048";
>> +    info.padding = image_get_padding_algo("pkcs-1.5");
>> +    info.checksum = image_get_checksum_algo("sha256,rsa2048");
>> +    info.crypto = image_get_crypto_algo(info.name);
>> +
>> +    info.key = public_key;
>> +    info.keylen = public_key_len;
>> +
>> +    /* randomly corrupt enc'ed data */
>> +    ctmp = data_enc[data_enc_len - 10];
>> +    data_enc[data_enc_len - 10] = 0x12;
>> +
>> +    reg.data = data_raw;
>> +    reg.size = data_raw_len;
>> +    ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
>> +
>> +    /* revert a change */
>> +    data_enc[data_enc_len - 10] = ctmp;
>> +
>> +    ut_assertf(ret != 0, "verification unexpectedly succeeded\n");
>> +
>> +    return CMD_RET_SUCCESS;
>> +}
>> +
>> +LIB_TEST(lib_rsa_verify_invalid, 0);
>> +#endif /* RSA_VERIFY_WITH_PKEY */
>>
>

AKASHI Takahiro Jan. 14, 2020, 7:33 a.m. UTC | #3

On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
> 
> 
> On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> >In this patch, a very simple test is added to verify that rsa_verify()
> >using rsa_verify_with_pkey() work correctly.
> >
> >To keep the code simple, all the test data, either public key and
> >verified binary data, are embedded in the source.
> >
> >Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> >---
> >  test/Kconfig      |  12 +++
> >  test/lib/Makefile |   1 +
> >  test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
> >  3 files changed, 219 insertions(+)
> >  create mode 100644 test/lib/rsa.c
> >
> >diff --git a/test/Kconfig b/test/Kconfig
> >index cb7954041eda..64d76c3b20a5 100644
> >--- a/test/Kconfig
> >+++ b/test/Kconfig
> >@@ -28,6 +28,18 @@ config UT_LIB_ASN1
> >  	  Enables a test which exercises asn1 compiler and decoder function
> >  	  via various parsers.
> >
> >+config UT_LIB_RSA
> >+	bool "Unit test for rsa_verify() function"
> >+	imply RSA
> >+	imply ASYMMETRIC_KEY_TYPE
> >+	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> >+	imply RSA_PUBLIC_KEY_PARSER
> >+	imply RSA_VERIFY_WITH_PKEY
> 
> This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
> executed otherwise.

See below.

> Best regards
> 
> Heinrich
> 
> >+	default y
> >+	help
> >+	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
> >+	  only, at the 'ut lib' command.
> >+
> >  endif
> >
> >  config UT_TIME
> >diff --git a/test/lib/Makefile b/test/lib/Makefile
> >index 72d2ec74b5f4..2bf6ef3935bb 100644
> >--- a/test/lib/Makefile
> >+++ b/test/lib/Makefile
> >@@ -8,3 +8,4 @@ obj-y += lmb.o
> >  obj-y += string.o
> >  obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
> >  obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> >+obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> >diff --git a/test/lib/rsa.c b/test/lib/rsa.c
> >new file mode 100644
> >index 000000000000..44f8ade226f4
> >--- /dev/null
> >+++ b/test/lib/rsa.c
> >@@ -0,0 +1,206 @@
> >+// SPDX-License-Identifier: GPL-2.0+
> >+/*
> >+ * Copyright (c) 2019 Linaro Limited
> >+ * Author: AKASHI Takahiro
> >+ *
> >+ * Unit test for rsa_verify() function
> >+ */
> >+
> >+#include <common.h>
> >+#include <command.h>
> >+#include <image.h>
> >+#include <test/lib.h>
> >+#include <test/test.h>
> >+#include <test/ut.h>
> >+#include <u-boot/rsa.h>
> >+
> >+#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
> 
> Please, remove this ifdef. Simply do not build this module if
> CONFIG_RSA_VERIFY_WITH_PKEY is not defined.

That is why I added this #ifdef here to avoid a build error.
I think it is a good idea to make test code as generic as possible
to easily add more test cases.

I believe that the original RSA helper functions (w/o WITH_PKEY)
should also be exercised in a unit test. Otherwise, the code
will only be exercised indirectly through FIT image verification
and such a situation will contradict what Tom (or Heinrich?) demanded
against my RSA patch.

-Takahiro Akashi

> >+/*
> >+ * openssl genrsa 2048 -out private.pem
> >+ * openssl rsa -in private.pem -pubout -outform der -out public.der
> >+ * dd if=public.der of=public.raw bs=24 skip=1
> >+ */
> >+static unsigned char public_key[] = {
> >+	0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xca, 0x25, 0x23,
> >+	0xe0, 0x0a, 0x4d, 0x8f, 0x56, 0xfc, 0xc9, 0x06, 0x4c, 0xcc, 0x94, 0x43,
> >+	0xe0, 0x56, 0x44, 0x6e, 0x37, 0x54, 0x87, 0x12, 0x84, 0xf9, 0x07, 0x4f,
> >+	0xe4, 0x23, 0x40, 0xc3, 0x43, 0x84, 0x37, 0x86, 0xd3, 0x9d, 0x95, 0x1c,
> >+	0xe4, 0x8a, 0x66, 0x02, 0x09, 0xe2, 0x3d, 0xce, 0x2c, 0xc6, 0x02, 0x6a,
> >+	0xd4, 0x65, 0x61, 0xff, 0x85, 0x6f, 0x88, 0x63, 0xba, 0x31, 0x62, 0x1e,
> >+	0xb7, 0x95, 0xe9, 0x08, 0x3c, 0xe9, 0x35, 0xde, 0xfd, 0x65, 0x92, 0xb8,
> >+	0x9e, 0x71, 0xa4, 0xcd, 0x47, 0xfd, 0x04, 0x26, 0xb9, 0x78, 0xbf, 0x05,
> >+	0x0d, 0xfc, 0x00, 0x84, 0x08, 0xfc, 0xc4, 0x4b, 0xea, 0xf5, 0x97, 0x68,
> >+	0x0d, 0x97, 0xd7, 0xff, 0x4f, 0x92, 0x82, 0xd7, 0xbb, 0xef, 0xb7, 0x67,
> >+	0x8e, 0x72, 0x54, 0xe8, 0xc5, 0x9e, 0xfd, 0xd8, 0x38, 0xe9, 0xbe, 0x19,
> >+	0x37, 0x5b, 0x36, 0x8b, 0xbf, 0x49, 0xa1, 0x59, 0x3a, 0x9d, 0xad, 0x92,
> >+	0x08, 0x0b, 0xe3, 0xa4, 0xa4, 0x7d, 0xd3, 0x70, 0xc0, 0xb8, 0xfb, 0xc7,
> >+	0xda, 0xd3, 0x19, 0x86, 0x37, 0x9a, 0xcd, 0xab, 0x30, 0x96, 0xab, 0xa4,
> >+	0xa2, 0x31, 0xa0, 0x38, 0xfb, 0xbf, 0x85, 0xd3, 0x24, 0x39, 0xed, 0xbf,
> >+	0xe1, 0x31, 0xed, 0x6c, 0x39, 0xc1, 0xe5, 0x05, 0x2e, 0x12, 0x30, 0x36,
> >+	0x73, 0x5d, 0x62, 0xf3, 0x82, 0xaf, 0x38, 0xc8, 0xca, 0xfa, 0xa1, 0x99,
> >+	0x57, 0x3c, 0xe1, 0xc1, 0x7b, 0x05, 0x0b, 0xcc, 0x2e, 0xa9, 0x10, 0xc8,
> >+	0x68, 0xbd, 0x27, 0xb6, 0x19, 0x9c, 0xd2, 0xad, 0xb3, 0x1f, 0xca, 0x35,
> >+	0x6e, 0x84, 0x23, 0xa1, 0xe9, 0xa4, 0x4c, 0xab, 0x19, 0x09, 0x79, 0x6e,
> >+	0x3c, 0x7b, 0x74, 0xfc, 0x33, 0x05, 0xcf, 0xa4, 0x2e, 0xeb, 0x55, 0x60,
> >+	0x05, 0xc7, 0xcf, 0x3f, 0x92, 0xac, 0x2d, 0x69, 0x0b, 0x19, 0x16, 0x79,
> >+	0x75, 0x02, 0x03, 0x01, 0x00, 0x01
> >+};
> >+
> >+static unsigned int public_key_len = 270;
> >+
> >+/*
> >+ * dd if=/dev/urandom of=data.raw bs=512 count=1
> >+ */
> >+static unsigned char data_raw[] = {
> >+	0x3e, 0x48, 0x6e, 0xef, 0x83, 0xd1, 0x4c, 0xfd, 0x92, 0x47, 0x92, 0xd7,
> >+	0xf6, 0x16, 0x25, 0x0a, 0xdf, 0xe2, 0xb6, 0x6c, 0xe7, 0xe0, 0x55, 0xb2,
> >+	0x70, 0x66, 0xf0, 0xe5, 0xdc, 0xaf, 0xd3, 0x2e, 0xc1, 0x3e, 0x5c, 0x4b,
> >+	0xb5, 0xa7, 0x23, 0x1f, 0x2c, 0xce, 0xf8, 0x83, 0x00, 0x6d, 0xeb, 0xdd,
> >+	0x19, 0x71, 0x13, 0xb4, 0xae, 0x5c, 0xa8, 0xae, 0x52, 0xc8, 0xe1, 0x77,
> >+	0x9e, 0x98, 0x75, 0xbc, 0xef, 0x36, 0x9f, 0x0c, 0x14, 0xed, 0x1a, 0x0a,
> >+	0x4f, 0x6c, 0xa4, 0xb1, 0xbb, 0x0e, 0x43, 0x93, 0x12, 0xfc, 0x2e, 0x82,
> >+	0x93, 0x4e, 0xcb, 0xa2, 0xcd, 0x59, 0x3f, 0xc5, 0x11, 0x38, 0x3a, 0x88,
> >+	0xc3, 0xcf, 0xf9, 0x61, 0xa8, 0x9e, 0x96, 0xb6, 0xbf, 0xa6, 0x5b, 0x0d,
> >+	0xd9, 0xbd, 0x05, 0x4c, 0xbe, 0xed, 0x86, 0xca, 0x10, 0x63, 0x72, 0x75,
> >+	0x4b, 0xbd, 0x86, 0x42, 0x30, 0x9d, 0x54, 0x4e, 0x12, 0xda, 0xf4, 0xb4,
> >+	0xfd, 0xd9, 0x54, 0x95, 0x8f, 0x83, 0xc2, 0x63, 0x44, 0xdd, 0x96, 0x1a,
> >+	0xd0, 0x7c, 0xcf, 0xcb, 0x16, 0xd6, 0xff, 0xa3, 0xbb, 0xeb, 0x24, 0x06,
> >+	0xbf, 0x81, 0xd0, 0x29, 0x76, 0x19, 0x66, 0x84, 0xfc, 0x49, 0xde, 0x7b,
> >+	0x5d, 0xd2, 0x27, 0x58, 0x21, 0x7b, 0xff, 0x4d, 0x64, 0xf3, 0x89, 0xe3,
> >+	0xea, 0xb6, 0x54, 0x4e, 0xb1, 0x62, 0x52, 0x89, 0xe3, 0x22, 0xf2, 0x26,
> >+	0x3e, 0x4f, 0x43, 0x58, 0x78, 0x91, 0x55, 0xbc, 0x1e, 0xd6, 0x97, 0xfc,
> >+	0x0b, 0x85, 0x4c, 0x92, 0x9c, 0xbf, 0xc4, 0xb1, 0x62, 0x93, 0x27, 0xa9,
> >+	0xb2, 0xf4, 0xb4, 0x7a, 0xfb, 0x56, 0xe5, 0x8f, 0xe1, 0x94, 0x4d, 0xfd,
> >+	0xe4, 0x72, 0x8d, 0xa9, 0x71, 0x65, 0xcb, 0x2e, 0x6d, 0x39, 0xd5, 0x95,
> >+	0xe7, 0x3f, 0xab, 0xaa, 0x7a, 0x74, 0x84, 0x25, 0x4b, 0x42, 0x1e, 0xd3,
> >+	0x86, 0xca, 0x47, 0x4a, 0xf0, 0x24, 0x81, 0x24, 0xb0, 0xe1, 0xbb, 0x6c,
> >+	0x3f, 0x2a, 0xa0, 0xb8, 0xeb, 0xd6, 0x01, 0xce, 0x63, 0x51, 0xe1, 0x81,
> >+	0xd2, 0x32, 0x43, 0x56, 0x44, 0x4a, 0x6b, 0x51, 0x24, 0xa2, 0xc7, 0x39,
> >+	0x7c, 0x54, 0xda, 0xf8, 0xd4, 0x93, 0x7c, 0x8e, 0x4e, 0x9d, 0x15, 0x08,
> >+	0xce, 0x27, 0xd8, 0x28, 0xb0, 0x5b, 0x75, 0x32, 0x43, 0xe8, 0xd6, 0xbf,
> >+	0x12, 0xd5, 0xc5, 0x12, 0x8e, 0xeb, 0x77, 0x8f, 0x00, 0xde, 0x45, 0x1e,
> >+	0xdd, 0xf3, 0xef, 0x43, 0x99, 0x79, 0x86, 0xea, 0x01, 0xce, 0xf2, 0x4d,
> >+	0xa0, 0xfe, 0x5a, 0x55, 0xc0, 0x1f, 0xce, 0xe8, 0xbe, 0xc2, 0x66, 0xdb,
> >+	0xcb, 0x3f, 0xa5, 0x48, 0xa1, 0xe2, 0x49, 0xa1, 0x29, 0x65, 0x5b, 0x62,
> >+	0x39, 0xcc, 0xef, 0xbe, 0x86, 0xb7, 0xe3, 0x44, 0x67, 0x04, 0x04, 0xb1,
> >+	0xec, 0xd8, 0xb2, 0xb2, 0x38, 0xbc, 0x10, 0xea, 0x7a, 0x0e, 0xa4, 0xa4,
> >+	0xcb, 0x21, 0xd9, 0xc7, 0xb4, 0x0b, 0xb8, 0x39, 0xb4, 0x07, 0x53, 0x3f,
> >+	0xb9, 0x55, 0x55, 0xa1, 0x6f, 0x11, 0x49, 0xc0, 0x94, 0x77, 0xaf, 0x76,
> >+	0x97, 0x7f, 0x31, 0x08, 0xdd, 0x72, 0x48, 0x72, 0xf8, 0x11, 0x4f, 0x69,
> >+	0x10, 0xef, 0x23, 0x06, 0xf3, 0x34, 0xac, 0xee, 0x97, 0x89, 0x41, 0x1c,
> >+	0x36, 0x38, 0xb1, 0x80, 0x96, 0x7a, 0x9e, 0x72, 0xab, 0x25, 0xeb, 0xce,
> >+	0x7b, 0xb8, 0x5d, 0xc8, 0xef, 0xa4, 0x73, 0xa1, 0xa6, 0x8f, 0x01, 0x54,
> >+	0xce, 0x58, 0x19, 0xe5, 0x7e, 0xfa, 0x77, 0x08, 0x9d, 0x53, 0xc1, 0xcc,
> >+	0x08, 0xe8, 0x1d, 0xe0, 0x82, 0x5e, 0xe1, 0xe6, 0xbd, 0xbb, 0x59, 0x7e,
> >+	0x12, 0x9c, 0x39, 0x60, 0x23, 0xf7, 0xbe, 0x0a, 0x7c, 0x48, 0x12, 0xa0,
> >+	0x84, 0x04, 0x3f, 0xa1, 0x6e, 0x92, 0xcd, 0xa0, 0xac, 0xee, 0x0b, 0xbc,
> >+	0x18, 0x30, 0x28, 0xbd, 0xf5, 0xfa, 0x3a, 0x35
> >+};
> >+
> >+static unsigned int data_raw_len = 512;
> >+
> >+/*
> >+ * openssl dgst -sha256 -sign private.key -out data.enc data.raw
> >+ */
> >+unsigned char data_enc[] = {
> >+	0xa7, 0x4a, 0x12, 0x8f, 0xee, 0x65, 0x4b, 0xcd, 0x88, 0xca, 0x4d, 0xed,
> >+	0xe3, 0x04, 0xe7, 0x7c, 0x59, 0xbf, 0x2f, 0xad, 0x95, 0x73, 0x5b, 0x2c,
> >+	0x4e, 0xb5, 0xda, 0x5e, 0x3a, 0x6d, 0xb4, 0xc5, 0x84, 0x0c, 0xd2, 0x4a,
> >+	0x62, 0x0d, 0x5f, 0xba, 0x10, 0xee, 0xb1, 0x2a, 0xe1, 0xfe, 0x50, 0x18,
> >+	0x97, 0xcc, 0xea, 0x26, 0x62, 0x33, 0x5a, 0x1d, 0x51, 0x38, 0x52, 0x89,
> >+	0x4d, 0xa7, 0x18, 0xff, 0xa6, 0xc8, 0xd4, 0x7a, 0xc0, 0xa6, 0x22, 0xdf,
> >+	0x41, 0x89, 0x93, 0x9b, 0xe7, 0x9e, 0xc1, 0xc8, 0x80, 0xda, 0x1a, 0x3f,
> >+	0xa4, 0x7a, 0xd0, 0x07, 0xcb, 0x5c, 0xa4, 0x75, 0x12, 0x54, 0x78, 0x67,
> >+	0xbf, 0xe6, 0xae, 0x1e, 0x56, 0x33, 0x9e, 0xe0, 0x6e, 0x33, 0xa7, 0x58,
> >+	0xb0, 0x47, 0x49, 0xa8, 0x37, 0xdb, 0x82, 0x4b, 0xbd, 0x32, 0x9c, 0xdc,
> >+	0xf4, 0x67, 0x17, 0x24, 0x55, 0xfd, 0x83, 0x1e, 0xc8, 0xb4, 0x5c, 0xf9,
> >+	0x15, 0x6c, 0x5e, 0xaa, 0x72, 0x03, 0x9e, 0x7c, 0x17, 0xf5, 0x7c, 0x37,
> >+	0x96, 0x00, 0xb0, 0xd8, 0xaa, 0x05, 0xfa, 0xaa, 0xa1, 0x78, 0x77, 0xd5,
> >+	0x09, 0xdd, 0x05, 0xc7, 0xe2, 0x9f, 0x68, 0xc7, 0xf8, 0xfb, 0x0b, 0x6f,
> >+	0x18, 0x1e, 0xcc, 0x93, 0xd3, 0x3f, 0xc9, 0x26, 0x29, 0x64, 0xe7, 0x15,
> >+	0xdc, 0xb8, 0x19, 0x10, 0x24, 0x55, 0x55, 0x3b, 0x79, 0xa1, 0x65, 0x12,
> >+	0xe0, 0x0b, 0x88, 0x44, 0x4c, 0xea, 0x85, 0x5a, 0x6b, 0x2d, 0x45, 0x6e,
> >+	0xe7, 0x83, 0x6f, 0x3a, 0xaa, 0x1e, 0xf1, 0x9c, 0x8f, 0xdc, 0xb9, 0x37,
> >+	0xa2, 0x15, 0x61, 0x93, 0x06, 0x23, 0xf5, 0xfe, 0xf0, 0xf8, 0x2b, 0xf7,
> >+	0xc0, 0x68, 0x67, 0xf6, 0x4e, 0x08, 0x0d, 0x0d, 0x08, 0xbe, 0xfb, 0x2c,
> >+	0x4c, 0xe7, 0xd7, 0x1a, 0xad, 0xd9, 0x98, 0xa1, 0x8d, 0x94, 0x1c, 0xd1,
> >+	0x89, 0x06, 0xc9, 0x3a
> >+};
> >+
> >+static unsigned int data_enc_len = 256;
> >+
> >+/**
> >+ * lib_rsa_verify_valid() - unit test for rsa_verify()
> >+ *
> >+ * Test rsa_verify() with valid hash
> >+ *
> >+ * @uts:	unit test state
> >+ * Return:	0 = success, 1 = failure
> >+ */
> >+static int lib_rsa_verify_valid(struct unit_test_state *uts)
> >+{
> >+	struct image_sign_info info;
> >+	struct image_region reg;
> >+	int ret;
> >+
> >+	memset(&info, '\0', sizeof(info));
> >+	info.name = "sha256,rsa2048";
> >+	info.padding = image_get_padding_algo("pkcs-1.5");
> >+	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> >+	info.crypto = image_get_crypto_algo(info.name);
> >+
> >+	info.key = public_key;
> >+	info.keylen = public_key_len;
> >+
> >+	reg.data = data_raw;
> >+	reg.size = data_raw_len;
> >+	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> >+	ut_assertf(ret == 0, "verification unexpectedly failed (%d)\n", ret);
> >+
> >+	return CMD_RET_SUCCESS;
> >+}
> >+
> >+LIB_TEST(lib_rsa_verify_valid, 0);
> >+
> >+/**
> >+ * lib_rsa_verify_invalid() - unit test for rsa_verify()
> >+ *
> >+ * Test rsa_verify() with invalid hash
> >+ *
> >+ * @uts:	unit test state
> >+ * Return:	0 = success, 1 = failure
> >+ */
> >+static int lib_rsa_verify_invalid(struct unit_test_state *uts)
> >+{
> >+	struct image_sign_info info;
> >+	struct image_region reg;
> >+	unsigned char ctmp;
> >+	int ret;
> >+
> >+	memset(&info, '\0', sizeof(info));
> >+	info.name = "sha256,rsa2048";
> >+	info.padding = image_get_padding_algo("pkcs-1.5");
> >+	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> >+	info.crypto = image_get_crypto_algo(info.name);
> >+
> >+	info.key = public_key;
> >+	info.keylen = public_key_len;
> >+
> >+	/* randomly corrupt enc'ed data */
> >+	ctmp = data_enc[data_enc_len - 10];
> >+	data_enc[data_enc_len - 10] = 0x12;
> >+
> >+	reg.data = data_raw;
> >+	reg.size = data_raw_len;
> >+	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> >+
> >+	/* revert a change */
> >+	data_enc[data_enc_len - 10] = ctmp;
> >+
> >+	ut_assertf(ret != 0, "verification unexpectedly succeeded\n");
> >+
> >+	return CMD_RET_SUCCESS;
> >+}
> >+
> >+LIB_TEST(lib_rsa_verify_invalid, 0);
> >+#endif /* RSA_VERIFY_WITH_PKEY */
> >

Heinrich Schuchardt Jan. 14, 2020, 12:04 p.m. UTC | #4

On 1/14/20 8:33 AM, AKASHI Takahiro wrote:
> On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
>>
>>
>> On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
>>> In this patch, a very simple test is added to verify that rsa_verify()
>>> using rsa_verify_with_pkey() work correctly.
>>>
>>> To keep the code simple, all the test data, either public key and
>>> verified binary data, are embedded in the source.
>>>
>>> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
>>> ---
>>>   test/Kconfig      |  12 +++
>>>   test/lib/Makefile |   1 +
>>>   test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
>>>   3 files changed, 219 insertions(+)
>>>   create mode 100644 test/lib/rsa.c
>>>
>>> diff --git a/test/Kconfig b/test/Kconfig
>>> index cb7954041eda..64d76c3b20a5 100644
>>> --- a/test/Kconfig
>>> +++ b/test/Kconfig
>>> @@ -28,6 +28,18 @@ config UT_LIB_ASN1
>>>   	  Enables a test which exercises asn1 compiler and decoder function
>>>   	  via various parsers.
>>>
>>> +config UT_LIB_RSA
>>> +	bool "Unit test for rsa_verify() function"
>>> +	imply RSA
>>> +	imply ASYMMETRIC_KEY_TYPE
>>> +	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>>> +	imply RSA_PUBLIC_KEY_PARSER
>>> +	imply RSA_VERIFY_WITH_PKEY
>>
>> This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
>> executed otherwise.
>
> See below.
>
>> Best regards
>>
>> Heinrich
>>
>>> +	default y
>>> +	help
>>> +	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
>>> +	  only, at the 'ut lib' command.
>>> +
>>>   endif
>>>
>>>   config UT_TIME
>>> diff --git a/test/lib/Makefile b/test/lib/Makefile
>>> index 72d2ec74b5f4..2bf6ef3935bb 100644
>>> --- a/test/lib/Makefile
>>> +++ b/test/lib/Makefile
>>> @@ -8,3 +8,4 @@ obj-y += lmb.o
>>>   obj-y += string.o
>>>   obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
>>>   obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
>>> +obj-$(CONFIG_UT_LIB_RSA) += rsa.o
>>> diff --git a/test/lib/rsa.c b/test/lib/rsa.c
>>> new file mode 100644
>>> index 000000000000..44f8ade226f4
>>> --- /dev/null
>>> +++ b/test/lib/rsa.c
>>> @@ -0,0 +1,206 @@
>>> +// SPDX-License-Identifier: GPL-2.0+
>>> +/*
>>> + * Copyright (c) 2019 Linaro Limited
>>> + * Author: AKASHI Takahiro
>>> + *
>>> + * Unit test for rsa_verify() function
>>> + */
>>> +
>>> +#include <common.h>
>>> +#include <command.h>
>>> +#include <image.h>
>>> +#include <test/lib.h>
>>> +#include <test/test.h>
>>> +#include <test/ut.h>
>>> +#include <u-boot/rsa.h>
>>> +
>>> +#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
>>
>> Please, remove this ifdef. Simply do not build this module if
>> CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
>
> That is why I added this #ifdef here to avoid a build error.
> I think it is a good idea to make test code as generic as possible
> to easily add more test cases.

It is preferable to move configuration dependencies to the Makefile.

You can create a new C file if you have tests needing a different
configuration.

test/lib/rsa_verify.c might be a better name for the file.

In test/Kconfig, please, replace

config UT_LIB_RSA
         bool "Unit test for rsa_verify() function"
         imply RSA

by

config UT_LIB_RSA
         bool "Unit test for rsa_verify() function"
	default y
         depends on RSA

We run all unit tests in Gitlab CI. This requires default=y.

'imply' gives you no guarantee that RSA is selected. See the build
errors I reported for your other patches in the series.

Best regards

Heinrich

>
> I believe that the original RSA helper functions (w/o WITH_PKEY)
> should also be exercised in a unit test. Otherwise, the code
> will only be exercised indirectly through FIT image verification
> and such a situation will contradict what Tom (or Heinrich?) demanded
> against my RSA patch.
>
> -Takahiro Akashi
>
>>> +/*
>>> + * openssl genrsa 2048 -out private.pem
>>> + * openssl rsa -in private.pem -pubout -outform der -out public.der
>>> + * dd if=public.der of=public.raw bs=24 skip=1
>>> + */
>>> +static unsigned char public_key[] = {
>>> +	0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xca, 0x25, 0x23,
>>> +	0xe0, 0x0a, 0x4d, 0x8f, 0x56, 0xfc, 0xc9, 0x06, 0x4c, 0xcc, 0x94, 0x43,
>>> +	0xe0, 0x56, 0x44, 0x6e, 0x37, 0x54, 0x87, 0x12, 0x84, 0xf9, 0x07, 0x4f,
>>> +	0xe4, 0x23, 0x40, 0xc3, 0x43, 0x84, 0x37, 0x86, 0xd3, 0x9d, 0x95, 0x1c,
>>> +	0xe4, 0x8a, 0x66, 0x02, 0x09, 0xe2, 0x3d, 0xce, 0x2c, 0xc6, 0x02, 0x6a,
>>> +	0xd4, 0x65, 0x61, 0xff, 0x85, 0x6f, 0x88, 0x63, 0xba, 0x31, 0x62, 0x1e,
>>> +	0xb7, 0x95, 0xe9, 0x08, 0x3c, 0xe9, 0x35, 0xde, 0xfd, 0x65, 0x92, 0xb8,
>>> +	0x9e, 0x71, 0xa4, 0xcd, 0x47, 0xfd, 0x04, 0x26, 0xb9, 0x78, 0xbf, 0x05,
>>> +	0x0d, 0xfc, 0x00, 0x84, 0x08, 0xfc, 0xc4, 0x4b, 0xea, 0xf5, 0x97, 0x68,
>>> +	0x0d, 0x97, 0xd7, 0xff, 0x4f, 0x92, 0x82, 0xd7, 0xbb, 0xef, 0xb7, 0x67,
>>> +	0x8e, 0x72, 0x54, 0xe8, 0xc5, 0x9e, 0xfd, 0xd8, 0x38, 0xe9, 0xbe, 0x19,
>>> +	0x37, 0x5b, 0x36, 0x8b, 0xbf, 0x49, 0xa1, 0x59, 0x3a, 0x9d, 0xad, 0x92,
>>> +	0x08, 0x0b, 0xe3, 0xa4, 0xa4, 0x7d, 0xd3, 0x70, 0xc0, 0xb8, 0xfb, 0xc7,
>>> +	0xda, 0xd3, 0x19, 0x86, 0x37, 0x9a, 0xcd, 0xab, 0x30, 0x96, 0xab, 0xa4,
>>> +	0xa2, 0x31, 0xa0, 0x38, 0xfb, 0xbf, 0x85, 0xd3, 0x24, 0x39, 0xed, 0xbf,
>>> +	0xe1, 0x31, 0xed, 0x6c, 0x39, 0xc1, 0xe5, 0x05, 0x2e, 0x12, 0x30, 0x36,
>>> +	0x73, 0x5d, 0x62, 0xf3, 0x82, 0xaf, 0x38, 0xc8, 0xca, 0xfa, 0xa1, 0x99,
>>> +	0x57, 0x3c, 0xe1, 0xc1, 0x7b, 0x05, 0x0b, 0xcc, 0x2e, 0xa9, 0x10, 0xc8,
>>> +	0x68, 0xbd, 0x27, 0xb6, 0x19, 0x9c, 0xd2, 0xad, 0xb3, 0x1f, 0xca, 0x35,
>>> +	0x6e, 0x84, 0x23, 0xa1, 0xe9, 0xa4, 0x4c, 0xab, 0x19, 0x09, 0x79, 0x6e,
>>> +	0x3c, 0x7b, 0x74, 0xfc, 0x33, 0x05, 0xcf, 0xa4, 0x2e, 0xeb, 0x55, 0x60,
>>> +	0x05, 0xc7, 0xcf, 0x3f, 0x92, 0xac, 0x2d, 0x69, 0x0b, 0x19, 0x16, 0x79,
>>> +	0x75, 0x02, 0x03, 0x01, 0x00, 0x01
>>> +};
>>> +
>>> +static unsigned int public_key_len = 270;
>>> +
>>> +/*
>>> + * dd if=/dev/urandom of=data.raw bs=512 count=1
>>> + */
>>> +static unsigned char data_raw[] = {
>>> +	0x3e, 0x48, 0x6e, 0xef, 0x83, 0xd1, 0x4c, 0xfd, 0x92, 0x47, 0x92, 0xd7,
>>> +	0xf6, 0x16, 0x25, 0x0a, 0xdf, 0xe2, 0xb6, 0x6c, 0xe7, 0xe0, 0x55, 0xb2,
>>> +	0x70, 0x66, 0xf0, 0xe5, 0xdc, 0xaf, 0xd3, 0x2e, 0xc1, 0x3e, 0x5c, 0x4b,
>>> +	0xb5, 0xa7, 0x23, 0x1f, 0x2c, 0xce, 0xf8, 0x83, 0x00, 0x6d, 0xeb, 0xdd,
>>> +	0x19, 0x71, 0x13, 0xb4, 0xae, 0x5c, 0xa8, 0xae, 0x52, 0xc8, 0xe1, 0x77,
>>> +	0x9e, 0x98, 0x75, 0xbc, 0xef, 0x36, 0x9f, 0x0c, 0x14, 0xed, 0x1a, 0x0a,
>>> +	0x4f, 0x6c, 0xa4, 0xb1, 0xbb, 0x0e, 0x43, 0x93, 0x12, 0xfc, 0x2e, 0x82,
>>> +	0x93, 0x4e, 0xcb, 0xa2, 0xcd, 0x59, 0x3f, 0xc5, 0x11, 0x38, 0x3a, 0x88,
>>> +	0xc3, 0xcf, 0xf9, 0x61, 0xa8, 0x9e, 0x96, 0xb6, 0xbf, 0xa6, 0x5b, 0x0d,
>>> +	0xd9, 0xbd, 0x05, 0x4c, 0xbe, 0xed, 0x86, 0xca, 0x10, 0x63, 0x72, 0x75,
>>> +	0x4b, 0xbd, 0x86, 0x42, 0x30, 0x9d, 0x54, 0x4e, 0x12, 0xda, 0xf4, 0xb4,
>>> +	0xfd, 0xd9, 0x54, 0x95, 0x8f, 0x83, 0xc2, 0x63, 0x44, 0xdd, 0x96, 0x1a,
>>> +	0xd0, 0x7c, 0xcf, 0xcb, 0x16, 0xd6, 0xff, 0xa3, 0xbb, 0xeb, 0x24, 0x06,
>>> +	0xbf, 0x81, 0xd0, 0x29, 0x76, 0x19, 0x66, 0x84, 0xfc, 0x49, 0xde, 0x7b,
>>> +	0x5d, 0xd2, 0x27, 0x58, 0x21, 0x7b, 0xff, 0x4d, 0x64, 0xf3, 0x89, 0xe3,
>>> +	0xea, 0xb6, 0x54, 0x4e, 0xb1, 0x62, 0x52, 0x89, 0xe3, 0x22, 0xf2, 0x26,
>>> +	0x3e, 0x4f, 0x43, 0x58, 0x78, 0x91, 0x55, 0xbc, 0x1e, 0xd6, 0x97, 0xfc,
>>> +	0x0b, 0x85, 0x4c, 0x92, 0x9c, 0xbf, 0xc4, 0xb1, 0x62, 0x93, 0x27, 0xa9,
>>> +	0xb2, 0xf4, 0xb4, 0x7a, 0xfb, 0x56, 0xe5, 0x8f, 0xe1, 0x94, 0x4d, 0xfd,
>>> +	0xe4, 0x72, 0x8d, 0xa9, 0x71, 0x65, 0xcb, 0x2e, 0x6d, 0x39, 0xd5, 0x95,
>>> +	0xe7, 0x3f, 0xab, 0xaa, 0x7a, 0x74, 0x84, 0x25, 0x4b, 0x42, 0x1e, 0xd3,
>>> +	0x86, 0xca, 0x47, 0x4a, 0xf0, 0x24, 0x81, 0x24, 0xb0, 0xe1, 0xbb, 0x6c,
>>> +	0x3f, 0x2a, 0xa0, 0xb8, 0xeb, 0xd6, 0x01, 0xce, 0x63, 0x51, 0xe1, 0x81,
>>> +	0xd2, 0x32, 0x43, 0x56, 0x44, 0x4a, 0x6b, 0x51, 0x24, 0xa2, 0xc7, 0x39,
>>> +	0x7c, 0x54, 0xda, 0xf8, 0xd4, 0x93, 0x7c, 0x8e, 0x4e, 0x9d, 0x15, 0x08,
>>> +	0xce, 0x27, 0xd8, 0x28, 0xb0, 0x5b, 0x75, 0x32, 0x43, 0xe8, 0xd6, 0xbf,
>>> +	0x12, 0xd5, 0xc5, 0x12, 0x8e, 0xeb, 0x77, 0x8f, 0x00, 0xde, 0x45, 0x1e,
>>> +	0xdd, 0xf3, 0xef, 0x43, 0x99, 0x79, 0x86, 0xea, 0x01, 0xce, 0xf2, 0x4d,
>>> +	0xa0, 0xfe, 0x5a, 0x55, 0xc0, 0x1f, 0xce, 0xe8, 0xbe, 0xc2, 0x66, 0xdb,
>>> +	0xcb, 0x3f, 0xa5, 0x48, 0xa1, 0xe2, 0x49, 0xa1, 0x29, 0x65, 0x5b, 0x62,
>>> +	0x39, 0xcc, 0xef, 0xbe, 0x86, 0xb7, 0xe3, 0x44, 0x67, 0x04, 0x04, 0xb1,
>>> +	0xec, 0xd8, 0xb2, 0xb2, 0x38, 0xbc, 0x10, 0xea, 0x7a, 0x0e, 0xa4, 0xa4,
>>> +	0xcb, 0x21, 0xd9, 0xc7, 0xb4, 0x0b, 0xb8, 0x39, 0xb4, 0x07, 0x53, 0x3f,
>>> +	0xb9, 0x55, 0x55, 0xa1, 0x6f, 0x11, 0x49, 0xc0, 0x94, 0x77, 0xaf, 0x76,
>>> +	0x97, 0x7f, 0x31, 0x08, 0xdd, 0x72, 0x48, 0x72, 0xf8, 0x11, 0x4f, 0x69,
>>> +	0x10, 0xef, 0x23, 0x06, 0xf3, 0x34, 0xac, 0xee, 0x97, 0x89, 0x41, 0x1c,
>>> +	0x36, 0x38, 0xb1, 0x80, 0x96, 0x7a, 0x9e, 0x72, 0xab, 0x25, 0xeb, 0xce,
>>> +	0x7b, 0xb8, 0x5d, 0xc8, 0xef, 0xa4, 0x73, 0xa1, 0xa6, 0x8f, 0x01, 0x54,
>>> +	0xce, 0x58, 0x19, 0xe5, 0x7e, 0xfa, 0x77, 0x08, 0x9d, 0x53, 0xc1, 0xcc,
>>> +	0x08, 0xe8, 0x1d, 0xe0, 0x82, 0x5e, 0xe1, 0xe6, 0xbd, 0xbb, 0x59, 0x7e,
>>> +	0x12, 0x9c, 0x39, 0x60, 0x23, 0xf7, 0xbe, 0x0a, 0x7c, 0x48, 0x12, 0xa0,
>>> +	0x84, 0x04, 0x3f, 0xa1, 0x6e, 0x92, 0xcd, 0xa0, 0xac, 0xee, 0x0b, 0xbc,
>>> +	0x18, 0x30, 0x28, 0xbd, 0xf5, 0xfa, 0x3a, 0x35
>>> +};
>>> +
>>> +static unsigned int data_raw_len = 512;
>>> +
>>> +/*
>>> + * openssl dgst -sha256 -sign private.key -out data.enc data.raw
>>> + */
>>> +unsigned char data_enc[] = {
>>> +	0xa7, 0x4a, 0x12, 0x8f, 0xee, 0x65, 0x4b, 0xcd, 0x88, 0xca, 0x4d, 0xed,
>>> +	0xe3, 0x04, 0xe7, 0x7c, 0x59, 0xbf, 0x2f, 0xad, 0x95, 0x73, 0x5b, 0x2c,
>>> +	0x4e, 0xb5, 0xda, 0x5e, 0x3a, 0x6d, 0xb4, 0xc5, 0x84, 0x0c, 0xd2, 0x4a,
>>> +	0x62, 0x0d, 0x5f, 0xba, 0x10, 0xee, 0xb1, 0x2a, 0xe1, 0xfe, 0x50, 0x18,
>>> +	0x97, 0xcc, 0xea, 0x26, 0x62, 0x33, 0x5a, 0x1d, 0x51, 0x38, 0x52, 0x89,
>>> +	0x4d, 0xa7, 0x18, 0xff, 0xa6, 0xc8, 0xd4, 0x7a, 0xc0, 0xa6, 0x22, 0xdf,
>>> +	0x41, 0x89, 0x93, 0x9b, 0xe7, 0x9e, 0xc1, 0xc8, 0x80, 0xda, 0x1a, 0x3f,
>>> +	0xa4, 0x7a, 0xd0, 0x07, 0xcb, 0x5c, 0xa4, 0x75, 0x12, 0x54, 0x78, 0x67,
>>> +	0xbf, 0xe6, 0xae, 0x1e, 0x56, 0x33, 0x9e, 0xe0, 0x6e, 0x33, 0xa7, 0x58,
>>> +	0xb0, 0x47, 0x49, 0xa8, 0x37, 0xdb, 0x82, 0x4b, 0xbd, 0x32, 0x9c, 0xdc,
>>> +	0xf4, 0x67, 0x17, 0x24, 0x55, 0xfd, 0x83, 0x1e, 0xc8, 0xb4, 0x5c, 0xf9,
>>> +	0x15, 0x6c, 0x5e, 0xaa, 0x72, 0x03, 0x9e, 0x7c, 0x17, 0xf5, 0x7c, 0x37,
>>> +	0x96, 0x00, 0xb0, 0xd8, 0xaa, 0x05, 0xfa, 0xaa, 0xa1, 0x78, 0x77, 0xd5,
>>> +	0x09, 0xdd, 0x05, 0xc7, 0xe2, 0x9f, 0x68, 0xc7, 0xf8, 0xfb, 0x0b, 0x6f,
>>> +	0x18, 0x1e, 0xcc, 0x93, 0xd3, 0x3f, 0xc9, 0x26, 0x29, 0x64, 0xe7, 0x15,
>>> +	0xdc, 0xb8, 0x19, 0x10, 0x24, 0x55, 0x55, 0x3b, 0x79, 0xa1, 0x65, 0x12,
>>> +	0xe0, 0x0b, 0x88, 0x44, 0x4c, 0xea, 0x85, 0x5a, 0x6b, 0x2d, 0x45, 0x6e,
>>> +	0xe7, 0x83, 0x6f, 0x3a, 0xaa, 0x1e, 0xf1, 0x9c, 0x8f, 0xdc, 0xb9, 0x37,
>>> +	0xa2, 0x15, 0x61, 0x93, 0x06, 0x23, 0xf5, 0xfe, 0xf0, 0xf8, 0x2b, 0xf7,
>>> +	0xc0, 0x68, 0x67, 0xf6, 0x4e, 0x08, 0x0d, 0x0d, 0x08, 0xbe, 0xfb, 0x2c,
>>> +	0x4c, 0xe7, 0xd7, 0x1a, 0xad, 0xd9, 0x98, 0xa1, 0x8d, 0x94, 0x1c, 0xd1,
>>> +	0x89, 0x06, 0xc9, 0x3a
>>> +};
>>> +
>>> +static unsigned int data_enc_len = 256;
>>> +
>>> +/**
>>> + * lib_rsa_verify_valid() - unit test for rsa_verify()
>>> + *
>>> + * Test rsa_verify() with valid hash
>>> + *
>>> + * @uts:	unit test state
>>> + * Return:	0 = success, 1 = failure
>>> + */
>>> +static int lib_rsa_verify_valid(struct unit_test_state *uts)
>>> +{
>>> +	struct image_sign_info info;
>>> +	struct image_region reg;
>>> +	int ret;
>>> +
>>> +	memset(&info, '\0', sizeof(info));
>>> +	info.name = "sha256,rsa2048";
>>> +	info.padding = image_get_padding_algo("pkcs-1.5");
>>> +	info.checksum = image_get_checksum_algo("sha256,rsa2048");
>>> +	info.crypto = image_get_crypto_algo(info.name);
>>> +
>>> +	info.key = public_key;
>>> +	info.keylen = public_key_len;
>>> +
>>> +	reg.data = data_raw;
>>> +	reg.size = data_raw_len;
>>> +	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
>>> +	ut_assertf(ret == 0, "verification unexpectedly failed (%d)\n", ret);
>>> +
>>> +	return CMD_RET_SUCCESS;
>>> +}
>>> +
>>> +LIB_TEST(lib_rsa_verify_valid, 0);
>>> +
>>> +/**
>>> + * lib_rsa_verify_invalid() - unit test for rsa_verify()
>>> + *
>>> + * Test rsa_verify() with invalid hash
>>> + *
>>> + * @uts:	unit test state
>>> + * Return:	0 = success, 1 = failure
>>> + */
>>> +static int lib_rsa_verify_invalid(struct unit_test_state *uts)
>>> +{
>>> +	struct image_sign_info info;
>>> +	struct image_region reg;
>>> +	unsigned char ctmp;
>>> +	int ret;
>>> +
>>> +	memset(&info, '\0', sizeof(info));
>>> +	info.name = "sha256,rsa2048";
>>> +	info.padding = image_get_padding_algo("pkcs-1.5");
>>> +	info.checksum = image_get_checksum_algo("sha256,rsa2048");
>>> +	info.crypto = image_get_crypto_algo(info.name);
>>> +
>>> +	info.key = public_key;
>>> +	info.keylen = public_key_len;
>>> +
>>> +	/* randomly corrupt enc'ed data */
>>> +	ctmp = data_enc[data_enc_len - 10];
>>> +	data_enc[data_enc_len - 10] = 0x12;
>>> +
>>> +	reg.data = data_raw;
>>> +	reg.size = data_raw_len;
>>> +	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
>>> +
>>> +	/* revert a change */
>>> +	data_enc[data_enc_len - 10] = ctmp;
>>> +
>>> +	ut_assertf(ret != 0, "verification unexpectedly succeeded\n");
>>> +
>>> +	return CMD_RET_SUCCESS;
>>> +}
>>> +
>>> +LIB_TEST(lib_rsa_verify_invalid, 0);
>>> +#endif /* RSA_VERIFY_WITH_PKEY */
>>>
>

AKASHI Takahiro Jan. 17, 2020, 1:53 a.m. UTC | #5

On Tue, Jan 14, 2020 at 01:04:58PM +0100, Heinrich Schuchardt wrote:
> On 1/14/20 8:33 AM, AKASHI Takahiro wrote:
> >On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
> >>
> >>
> >>On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> >>>In this patch, a very simple test is added to verify that rsa_verify()
> >>>using rsa_verify_with_pkey() work correctly.
> >>>
> >>>To keep the code simple, all the test data, either public key and
> >>>verified binary data, are embedded in the source.
> >>>
> >>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> >>>---
> >>>  test/Kconfig      |  12 +++
> >>>  test/lib/Makefile |   1 +
> >>>  test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
> >>>  3 files changed, 219 insertions(+)
> >>>  create mode 100644 test/lib/rsa.c
> >>>
> >>>diff --git a/test/Kconfig b/test/Kconfig
> >>>index cb7954041eda..64d76c3b20a5 100644
> >>>--- a/test/Kconfig
> >>>+++ b/test/Kconfig
> >>>@@ -28,6 +28,18 @@ config UT_LIB_ASN1
> >>>  	  Enables a test which exercises asn1 compiler and decoder function
> >>>  	  via various parsers.
> >>>
> >>>+config UT_LIB_RSA
> >>>+	bool "Unit test for rsa_verify() function"
> >>>+	imply RSA
> >>>+	imply ASYMMETRIC_KEY_TYPE
> >>>+	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> >>>+	imply RSA_PUBLIC_KEY_PARSER
> >>>+	imply RSA_VERIFY_WITH_PKEY
> >>
> >>This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
> >>executed otherwise.
> >
> >See below.
> >
> >>Best regards
> >>
> >>Heinrich
> >>
> >>>+	default y
> >>>+	help
> >>>+	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
> >>>+	  only, at the 'ut lib' command.
> >>>+
> >>>  endif
> >>>
> >>>  config UT_TIME
> >>>diff --git a/test/lib/Makefile b/test/lib/Makefile
> >>>index 72d2ec74b5f4..2bf6ef3935bb 100644
> >>>--- a/test/lib/Makefile
> >>>+++ b/test/lib/Makefile
> >>>@@ -8,3 +8,4 @@ obj-y += lmb.o
> >>>  obj-y += string.o
> >>>  obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
> >>>  obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> >>>+obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> >>>diff --git a/test/lib/rsa.c b/test/lib/rsa.c
> >>>new file mode 100644
> >>>index 000000000000..44f8ade226f4
> >>>--- /dev/null
> >>>+++ b/test/lib/rsa.c
> >>>@@ -0,0 +1,206 @@
> >>>+// SPDX-License-Identifier: GPL-2.0+
> >>>+/*
> >>>+ * Copyright (c) 2019 Linaro Limited
> >>>+ * Author: AKASHI Takahiro
> >>>+ *
> >>>+ * Unit test for rsa_verify() function
> >>>+ */
> >>>+
> >>>+#include <common.h>
> >>>+#include <command.h>
> >>>+#include <image.h>
> >>>+#include <test/lib.h>
> >>>+#include <test/test.h>
> >>>+#include <test/ut.h>
> >>>+#include <u-boot/rsa.h>
> >>>+
> >>>+#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
> >>
> >>Please, remove this ifdef. Simply do not build this module if
> >>CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
> >
> >That is why I added this #ifdef here to avoid a build error.
> >I think it is a good idea to make test code as generic as possible
> >to easily add more test cases.
> 
> It is preferable to move configuration dependencies to the Makefile.
> 
> You can create a new C file if you have tests needing a different
> configuration.
> 
> test/lib/rsa_verify.c might be a better name for the file.
> 
> In test/Kconfig, please, replace
> 
> config UT_LIB_RSA
>         bool "Unit test for rsa_verify() function"
>         imply RSA
> 
> by
> 
> config UT_LIB_RSA
>         bool "Unit test for rsa_verify() function"
> 	default y
>         depends on RSA

Initially in my development code, I did the exact same thing,
but I didn't adopt this approach.

If we follow your proposal, UT_LIB_RSA won't be selected
unless RSA is enabled.
So UT_LIB_RSA won't be executed under most existing configurations
in the current CI.  This was not what I wanted.

What I wanted here is that, if UT (and UT_LIB) is selected, all
the configurations needed for enabling all the test cases be
also selected *automatically*.

I think that this is what Tom implied in his comment.

Thanks,
-Takahiro Akashi


> We run all unit tests in Gitlab CI. This requires default=y.
> 
> 'imply' gives you no guarantee that RSA is selected. See the build
> errors I reported for your other patches in the series.
> 
> Best regards
> 
> Heinrich
> 
> >
> >I believe that the original RSA helper functions (w/o WITH_PKEY)
> >should also be exercised in a unit test. Otherwise, the code
> >will only be exercised indirectly through FIT image verification
> >and such a situation will contradict what Tom (or Heinrich?) demanded
> >against my RSA patch.
> >
> >-Takahiro Akashi
> >
> >>>+/*
> >>>+ * openssl genrsa 2048 -out private.pem
> >>>+ * openssl rsa -in private.pem -pubout -outform der -out public.der
> >>>+ * dd if=public.der of=public.raw bs=24 skip=1
> >>>+ */
> >>>+static unsigned char public_key[] = {
> >>>+	0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xca, 0x25, 0x23,
> >>>+	0xe0, 0x0a, 0x4d, 0x8f, 0x56, 0xfc, 0xc9, 0x06, 0x4c, 0xcc, 0x94, 0x43,
> >>>+	0xe0, 0x56, 0x44, 0x6e, 0x37, 0x54, 0x87, 0x12, 0x84, 0xf9, 0x07, 0x4f,
> >>>+	0xe4, 0x23, 0x40, 0xc3, 0x43, 0x84, 0x37, 0x86, 0xd3, 0x9d, 0x95, 0x1c,
> >>>+	0xe4, 0x8a, 0x66, 0x02, 0x09, 0xe2, 0x3d, 0xce, 0x2c, 0xc6, 0x02, 0x6a,
> >>>+	0xd4, 0x65, 0x61, 0xff, 0x85, 0x6f, 0x88, 0x63, 0xba, 0x31, 0x62, 0x1e,
> >>>+	0xb7, 0x95, 0xe9, 0x08, 0x3c, 0xe9, 0x35, 0xde, 0xfd, 0x65, 0x92, 0xb8,
> >>>+	0x9e, 0x71, 0xa4, 0xcd, 0x47, 0xfd, 0x04, 0x26, 0xb9, 0x78, 0xbf, 0x05,
> >>>+	0x0d, 0xfc, 0x00, 0x84, 0x08, 0xfc, 0xc4, 0x4b, 0xea, 0xf5, 0x97, 0x68,
> >>>+	0x0d, 0x97, 0xd7, 0xff, 0x4f, 0x92, 0x82, 0xd7, 0xbb, 0xef, 0xb7, 0x67,
> >>>+	0x8e, 0x72, 0x54, 0xe8, 0xc5, 0x9e, 0xfd, 0xd8, 0x38, 0xe9, 0xbe, 0x19,
> >>>+	0x37, 0x5b, 0x36, 0x8b, 0xbf, 0x49, 0xa1, 0x59, 0x3a, 0x9d, 0xad, 0x92,
> >>>+	0x08, 0x0b, 0xe3, 0xa4, 0xa4, 0x7d, 0xd3, 0x70, 0xc0, 0xb8, 0xfb, 0xc7,
> >>>+	0xda, 0xd3, 0x19, 0x86, 0x37, 0x9a, 0xcd, 0xab, 0x30, 0x96, 0xab, 0xa4,
> >>>+	0xa2, 0x31, 0xa0, 0x38, 0xfb, 0xbf, 0x85, 0xd3, 0x24, 0x39, 0xed, 0xbf,
> >>>+	0xe1, 0x31, 0xed, 0x6c, 0x39, 0xc1, 0xe5, 0x05, 0x2e, 0x12, 0x30, 0x36,
> >>>+	0x73, 0x5d, 0x62, 0xf3, 0x82, 0xaf, 0x38, 0xc8, 0xca, 0xfa, 0xa1, 0x99,
> >>>+	0x57, 0x3c, 0xe1, 0xc1, 0x7b, 0x05, 0x0b, 0xcc, 0x2e, 0xa9, 0x10, 0xc8,
> >>>+	0x68, 0xbd, 0x27, 0xb6, 0x19, 0x9c, 0xd2, 0xad, 0xb3, 0x1f, 0xca, 0x35,
> >>>+	0x6e, 0x84, 0x23, 0xa1, 0xe9, 0xa4, 0x4c, 0xab, 0x19, 0x09, 0x79, 0x6e,
> >>>+	0x3c, 0x7b, 0x74, 0xfc, 0x33, 0x05, 0xcf, 0xa4, 0x2e, 0xeb, 0x55, 0x60,
> >>>+	0x05, 0xc7, 0xcf, 0x3f, 0x92, 0xac, 0x2d, 0x69, 0x0b, 0x19, 0x16, 0x79,
> >>>+	0x75, 0x02, 0x03, 0x01, 0x00, 0x01
> >>>+};
> >>>+
> >>>+static unsigned int public_key_len = 270;
> >>>+
> >>>+/*
> >>>+ * dd if=/dev/urandom of=data.raw bs=512 count=1
> >>>+ */
> >>>+static unsigned char data_raw[] = {
> >>>+	0x3e, 0x48, 0x6e, 0xef, 0x83, 0xd1, 0x4c, 0xfd, 0x92, 0x47, 0x92, 0xd7,
> >>>+	0xf6, 0x16, 0x25, 0x0a, 0xdf, 0xe2, 0xb6, 0x6c, 0xe7, 0xe0, 0x55, 0xb2,
> >>>+	0x70, 0x66, 0xf0, 0xe5, 0xdc, 0xaf, 0xd3, 0x2e, 0xc1, 0x3e, 0x5c, 0x4b,
> >>>+	0xb5, 0xa7, 0x23, 0x1f, 0x2c, 0xce, 0xf8, 0x83, 0x00, 0x6d, 0xeb, 0xdd,
> >>>+	0x19, 0x71, 0x13, 0xb4, 0xae, 0x5c, 0xa8, 0xae, 0x52, 0xc8, 0xe1, 0x77,
> >>>+	0x9e, 0x98, 0x75, 0xbc, 0xef, 0x36, 0x9f, 0x0c, 0x14, 0xed, 0x1a, 0x0a,
> >>>+	0x4f, 0x6c, 0xa4, 0xb1, 0xbb, 0x0e, 0x43, 0x93, 0x12, 0xfc, 0x2e, 0x82,
> >>>+	0x93, 0x4e, 0xcb, 0xa2, 0xcd, 0x59, 0x3f, 0xc5, 0x11, 0x38, 0x3a, 0x88,
> >>>+	0xc3, 0xcf, 0xf9, 0x61, 0xa8, 0x9e, 0x96, 0xb6, 0xbf, 0xa6, 0x5b, 0x0d,
> >>>+	0xd9, 0xbd, 0x05, 0x4c, 0xbe, 0xed, 0x86, 0xca, 0x10, 0x63, 0x72, 0x75,
> >>>+	0x4b, 0xbd, 0x86, 0x42, 0x30, 0x9d, 0x54, 0x4e, 0x12, 0xda, 0xf4, 0xb4,
> >>>+	0xfd, 0xd9, 0x54, 0x95, 0x8f, 0x83, 0xc2, 0x63, 0x44, 0xdd, 0x96, 0x1a,
> >>>+	0xd0, 0x7c, 0xcf, 0xcb, 0x16, 0xd6, 0xff, 0xa3, 0xbb, 0xeb, 0x24, 0x06,
> >>>+	0xbf, 0x81, 0xd0, 0x29, 0x76, 0x19, 0x66, 0x84, 0xfc, 0x49, 0xde, 0x7b,
> >>>+	0x5d, 0xd2, 0x27, 0x58, 0x21, 0x7b, 0xff, 0x4d, 0x64, 0xf3, 0x89, 0xe3,
> >>>+	0xea, 0xb6, 0x54, 0x4e, 0xb1, 0x62, 0x52, 0x89, 0xe3, 0x22, 0xf2, 0x26,
> >>>+	0x3e, 0x4f, 0x43, 0x58, 0x78, 0x91, 0x55, 0xbc, 0x1e, 0xd6, 0x97, 0xfc,
> >>>+	0x0b, 0x85, 0x4c, 0x92, 0x9c, 0xbf, 0xc4, 0xb1, 0x62, 0x93, 0x27, 0xa9,
> >>>+	0xb2, 0xf4, 0xb4, 0x7a, 0xfb, 0x56, 0xe5, 0x8f, 0xe1, 0x94, 0x4d, 0xfd,
> >>>+	0xe4, 0x72, 0x8d, 0xa9, 0x71, 0x65, 0xcb, 0x2e, 0x6d, 0x39, 0xd5, 0x95,
> >>>+	0xe7, 0x3f, 0xab, 0xaa, 0x7a, 0x74, 0x84, 0x25, 0x4b, 0x42, 0x1e, 0xd3,
> >>>+	0x86, 0xca, 0x47, 0x4a, 0xf0, 0x24, 0x81, 0x24, 0xb0, 0xe1, 0xbb, 0x6c,
> >>>+	0x3f, 0x2a, 0xa0, 0xb8, 0xeb, 0xd6, 0x01, 0xce, 0x63, 0x51, 0xe1, 0x81,
> >>>+	0xd2, 0x32, 0x43, 0x56, 0x44, 0x4a, 0x6b, 0x51, 0x24, 0xa2, 0xc7, 0x39,
> >>>+	0x7c, 0x54, 0xda, 0xf8, 0xd4, 0x93, 0x7c, 0x8e, 0x4e, 0x9d, 0x15, 0x08,
> >>>+	0xce, 0x27, 0xd8, 0x28, 0xb0, 0x5b, 0x75, 0x32, 0x43, 0xe8, 0xd6, 0xbf,
> >>>+	0x12, 0xd5, 0xc5, 0x12, 0x8e, 0xeb, 0x77, 0x8f, 0x00, 0xde, 0x45, 0x1e,
> >>>+	0xdd, 0xf3, 0xef, 0x43, 0x99, 0x79, 0x86, 0xea, 0x01, 0xce, 0xf2, 0x4d,
> >>>+	0xa0, 0xfe, 0x5a, 0x55, 0xc0, 0x1f, 0xce, 0xe8, 0xbe, 0xc2, 0x66, 0xdb,
> >>>+	0xcb, 0x3f, 0xa5, 0x48, 0xa1, 0xe2, 0x49, 0xa1, 0x29, 0x65, 0x5b, 0x62,
> >>>+	0x39, 0xcc, 0xef, 0xbe, 0x86, 0xb7, 0xe3, 0x44, 0x67, 0x04, 0x04, 0xb1,
> >>>+	0xec, 0xd8, 0xb2, 0xb2, 0x38, 0xbc, 0x10, 0xea, 0x7a, 0x0e, 0xa4, 0xa4,
> >>>+	0xcb, 0x21, 0xd9, 0xc7, 0xb4, 0x0b, 0xb8, 0x39, 0xb4, 0x07, 0x53, 0x3f,
> >>>+	0xb9, 0x55, 0x55, 0xa1, 0x6f, 0x11, 0x49, 0xc0, 0x94, 0x77, 0xaf, 0x76,
> >>>+	0x97, 0x7f, 0x31, 0x08, 0xdd, 0x72, 0x48, 0x72, 0xf8, 0x11, 0x4f, 0x69,
> >>>+	0x10, 0xef, 0x23, 0x06, 0xf3, 0x34, 0xac, 0xee, 0x97, 0x89, 0x41, 0x1c,
> >>>+	0x36, 0x38, 0xb1, 0x80, 0x96, 0x7a, 0x9e, 0x72, 0xab, 0x25, 0xeb, 0xce,
> >>>+	0x7b, 0xb8, 0x5d, 0xc8, 0xef, 0xa4, 0x73, 0xa1, 0xa6, 0x8f, 0x01, 0x54,
> >>>+	0xce, 0x58, 0x19, 0xe5, 0x7e, 0xfa, 0x77, 0x08, 0x9d, 0x53, 0xc1, 0xcc,
> >>>+	0x08, 0xe8, 0x1d, 0xe0, 0x82, 0x5e, 0xe1, 0xe6, 0xbd, 0xbb, 0x59, 0x7e,
> >>>+	0x12, 0x9c, 0x39, 0x60, 0x23, 0xf7, 0xbe, 0x0a, 0x7c, 0x48, 0x12, 0xa0,
> >>>+	0x84, 0x04, 0x3f, 0xa1, 0x6e, 0x92, 0xcd, 0xa0, 0xac, 0xee, 0x0b, 0xbc,
> >>>+	0x18, 0x30, 0x28, 0xbd, 0xf5, 0xfa, 0x3a, 0x35
> >>>+};
> >>>+
> >>>+static unsigned int data_raw_len = 512;
> >>>+
> >>>+/*
> >>>+ * openssl dgst -sha256 -sign private.key -out data.enc data.raw
> >>>+ */
> >>>+unsigned char data_enc[] = {
> >>>+	0xa7, 0x4a, 0x12, 0x8f, 0xee, 0x65, 0x4b, 0xcd, 0x88, 0xca, 0x4d, 0xed,
> >>>+	0xe3, 0x04, 0xe7, 0x7c, 0x59, 0xbf, 0x2f, 0xad, 0x95, 0x73, 0x5b, 0x2c,
> >>>+	0x4e, 0xb5, 0xda, 0x5e, 0x3a, 0x6d, 0xb4, 0xc5, 0x84, 0x0c, 0xd2, 0x4a,
> >>>+	0x62, 0x0d, 0x5f, 0xba, 0x10, 0xee, 0xb1, 0x2a, 0xe1, 0xfe, 0x50, 0x18,
> >>>+	0x97, 0xcc, 0xea, 0x26, 0x62, 0x33, 0x5a, 0x1d, 0x51, 0x38, 0x52, 0x89,
> >>>+	0x4d, 0xa7, 0x18, 0xff, 0xa6, 0xc8, 0xd4, 0x7a, 0xc0, 0xa6, 0x22, 0xdf,
> >>>+	0x41, 0x89, 0x93, 0x9b, 0xe7, 0x9e, 0xc1, 0xc8, 0x80, 0xda, 0x1a, 0x3f,
> >>>+	0xa4, 0x7a, 0xd0, 0x07, 0xcb, 0x5c, 0xa4, 0x75, 0x12, 0x54, 0x78, 0x67,
> >>>+	0xbf, 0xe6, 0xae, 0x1e, 0x56, 0x33, 0x9e, 0xe0, 0x6e, 0x33, 0xa7, 0x58,
> >>>+	0xb0, 0x47, 0x49, 0xa8, 0x37, 0xdb, 0x82, 0x4b, 0xbd, 0x32, 0x9c, 0xdc,
> >>>+	0xf4, 0x67, 0x17, 0x24, 0x55, 0xfd, 0x83, 0x1e, 0xc8, 0xb4, 0x5c, 0xf9,
> >>>+	0x15, 0x6c, 0x5e, 0xaa, 0x72, 0x03, 0x9e, 0x7c, 0x17, 0xf5, 0x7c, 0x37,
> >>>+	0x96, 0x00, 0xb0, 0xd8, 0xaa, 0x05, 0xfa, 0xaa, 0xa1, 0x78, 0x77, 0xd5,
> >>>+	0x09, 0xdd, 0x05, 0xc7, 0xe2, 0x9f, 0x68, 0xc7, 0xf8, 0xfb, 0x0b, 0x6f,
> >>>+	0x18, 0x1e, 0xcc, 0x93, 0xd3, 0x3f, 0xc9, 0x26, 0x29, 0x64, 0xe7, 0x15,
> >>>+	0xdc, 0xb8, 0x19, 0x10, 0x24, 0x55, 0x55, 0x3b, 0x79, 0xa1, 0x65, 0x12,
> >>>+	0xe0, 0x0b, 0x88, 0x44, 0x4c, 0xea, 0x85, 0x5a, 0x6b, 0x2d, 0x45, 0x6e,
> >>>+	0xe7, 0x83, 0x6f, 0x3a, 0xaa, 0x1e, 0xf1, 0x9c, 0x8f, 0xdc, 0xb9, 0x37,
> >>>+	0xa2, 0x15, 0x61, 0x93, 0x06, 0x23, 0xf5, 0xfe, 0xf0, 0xf8, 0x2b, 0xf7,
> >>>+	0xc0, 0x68, 0x67, 0xf6, 0x4e, 0x08, 0x0d, 0x0d, 0x08, 0xbe, 0xfb, 0x2c,
> >>>+	0x4c, 0xe7, 0xd7, 0x1a, 0xad, 0xd9, 0x98, 0xa1, 0x8d, 0x94, 0x1c, 0xd1,
> >>>+	0x89, 0x06, 0xc9, 0x3a
> >>>+};
> >>>+
> >>>+static unsigned int data_enc_len = 256;
> >>>+
> >>>+/**
> >>>+ * lib_rsa_verify_valid() - unit test for rsa_verify()
> >>>+ *
> >>>+ * Test rsa_verify() with valid hash
> >>>+ *
> >>>+ * @uts:	unit test state
> >>>+ * Return:	0 = success, 1 = failure
> >>>+ */
> >>>+static int lib_rsa_verify_valid(struct unit_test_state *uts)
> >>>+{
> >>>+	struct image_sign_info info;
> >>>+	struct image_region reg;
> >>>+	int ret;
> >>>+
> >>>+	memset(&info, '\0', sizeof(info));
> >>>+	info.name = "sha256,rsa2048";
> >>>+	info.padding = image_get_padding_algo("pkcs-1.5");
> >>>+	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> >>>+	info.crypto = image_get_crypto_algo(info.name);
> >>>+
> >>>+	info.key = public_key;
> >>>+	info.keylen = public_key_len;
> >>>+
> >>>+	reg.data = data_raw;
> >>>+	reg.size = data_raw_len;
> >>>+	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> >>>+	ut_assertf(ret == 0, "verification unexpectedly failed (%d)\n", ret);
> >>>+
> >>>+	return CMD_RET_SUCCESS;
> >>>+}
> >>>+
> >>>+LIB_TEST(lib_rsa_verify_valid, 0);
> >>>+
> >>>+/**
> >>>+ * lib_rsa_verify_invalid() - unit test for rsa_verify()
> >>>+ *
> >>>+ * Test rsa_verify() with invalid hash
> >>>+ *
> >>>+ * @uts:	unit test state
> >>>+ * Return:	0 = success, 1 = failure
> >>>+ */
> >>>+static int lib_rsa_verify_invalid(struct unit_test_state *uts)
> >>>+{
> >>>+	struct image_sign_info info;
> >>>+	struct image_region reg;
> >>>+	unsigned char ctmp;
> >>>+	int ret;
> >>>+
> >>>+	memset(&info, '\0', sizeof(info));
> >>>+	info.name = "sha256,rsa2048";
> >>>+	info.padding = image_get_padding_algo("pkcs-1.5");
> >>>+	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> >>>+	info.crypto = image_get_crypto_algo(info.name);
> >>>+
> >>>+	info.key = public_key;
> >>>+	info.keylen = public_key_len;
> >>>+
> >>>+	/* randomly corrupt enc'ed data */
> >>>+	ctmp = data_enc[data_enc_len - 10];
> >>>+	data_enc[data_enc_len - 10] = 0x12;
> >>>+
> >>>+	reg.data = data_raw;
> >>>+	reg.size = data_raw_len;
> >>>+	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> >>>+
> >>>+	/* revert a change */
> >>>+	data_enc[data_enc_len - 10] = ctmp;
> >>>+
> >>>+	ut_assertf(ret != 0, "verification unexpectedly succeeded\n");
> >>>+
> >>>+	return CMD_RET_SUCCESS;
> >>>+}
> >>>+
> >>>+LIB_TEST(lib_rsa_verify_invalid, 0);
> >>>+#endif /* RSA_VERIFY_WITH_PKEY */
> >>>
> >
>

Heinrich Schuchardt Jan. 17, 2020, 5:26 a.m. UTC | #6

On 1/17/20 2:53 AM, AKASHI Takahiro wrote:
> On Tue, Jan 14, 2020 at 01:04:58PM +0100, Heinrich Schuchardt wrote:
>> On 1/14/20 8:33 AM, AKASHI Takahiro wrote:
>>> On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
>>>>
>>>>
>>>> On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
>>>>> In this patch, a very simple test is added to verify that rsa_verify()
>>>>> using rsa_verify_with_pkey() work correctly.
>>>>>
>>>>> To keep the code simple, all the test data, either public key and
>>>>> verified binary data, are embedded in the source.
>>>>>
>>>>> Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
>>>>> ---
>>>>>   test/Kconfig      |  12 +++
>>>>>   test/lib/Makefile |   1 +
>>>>>   test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
>>>>>   3 files changed, 219 insertions(+)
>>>>>   create mode 100644 test/lib/rsa.c
>>>>>
>>>>> diff --git a/test/Kconfig b/test/Kconfig
>>>>> index cb7954041eda..64d76c3b20a5 100644
>>>>> --- a/test/Kconfig
>>>>> +++ b/test/Kconfig
>>>>> @@ -28,6 +28,18 @@ config UT_LIB_ASN1
>>>>>   	  Enables a test which exercises asn1 compiler and decoder function
>>>>>   	  via various parsers.
>>>>>
>>>>> +config UT_LIB_RSA
>>>>> +	bool "Unit test for rsa_verify() function"
>>>>> +	imply RSA
>>>>> +	imply ASYMMETRIC_KEY_TYPE
>>>>> +	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
>>>>> +	imply RSA_PUBLIC_KEY_PARSER
>>>>> +	imply RSA_VERIFY_WITH_PKEY
>>>>
>>>> This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
>>>> executed otherwise.
>>>
>>> See below.
>>>
>>>> Best regards
>>>>
>>>> Heinrich
>>>>
>>>>> +	default y
>>>>> +	help
>>>>> +	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
>>>>> +	  only, at the 'ut lib' command.
>>>>> +
>>>>>   endif
>>>>>
>>>>>   config UT_TIME
>>>>> diff --git a/test/lib/Makefile b/test/lib/Makefile
>>>>> index 72d2ec74b5f4..2bf6ef3935bb 100644
>>>>> --- a/test/lib/Makefile
>>>>> +++ b/test/lib/Makefile
>>>>> @@ -8,3 +8,4 @@ obj-y += lmb.o
>>>>>   obj-y += string.o
>>>>>   obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
>>>>>   obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
>>>>> +obj-$(CONFIG_UT_LIB_RSA) += rsa.o
>>>>> diff --git a/test/lib/rsa.c b/test/lib/rsa.c
>>>>> new file mode 100644
>>>>> index 000000000000..44f8ade226f4
>>>>> --- /dev/null
>>>>> +++ b/test/lib/rsa.c
>>>>> @@ -0,0 +1,206 @@
>>>>> +// SPDX-License-Identifier: GPL-2.0+
>>>>> +/*
>>>>> + * Copyright (c) 2019 Linaro Limited
>>>>> + * Author: AKASHI Takahiro
>>>>> + *
>>>>> + * Unit test for rsa_verify() function
>>>>> + */
>>>>> +
>>>>> +#include <common.h>
>>>>> +#include <command.h>
>>>>> +#include <image.h>
>>>>> +#include <test/lib.h>
>>>>> +#include <test/test.h>
>>>>> +#include <test/ut.h>
>>>>> +#include <u-boot/rsa.h>
>>>>> +
>>>>> +#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
>>>>
>>>> Please, remove this ifdef. Simply do not build this module if
>>>> CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
>>>
>>> That is why I added this #ifdef here to avoid a build error.
>>> I think it is a good idea to make test code as generic as possible
>>> to easily add more test cases.
>>
>> It is preferable to move configuration dependencies to the Makefile.
>>
>> You can create a new C file if you have tests needing a different
>> configuration.
>>
>> test/lib/rsa_verify.c might be a better name for the file.
>>
>> In test/Kconfig, please, replace
>>
>> config UT_LIB_RSA
>>          bool "Unit test for rsa_verify() function"
>>          imply RSA
>>
>> by
>>
>> config UT_LIB_RSA
>>          bool "Unit test for rsa_verify() function"
>> 	default y
>>          depends on RSA
>
> Initially in my development code, I did the exact same thing,
> but I didn't adopt this approach.
>
> If we follow your proposal, UT_LIB_RSA won't be selected
> unless RSA is enabled.
> So UT_LIB_RSA won't be executed under most existing configurations
> in the current CI.  This was not what I wanted.
>
> What I wanted here is that, if UT (and UT_LIB) is selected, all
> the configurations needed for enabling all the test cases be
> also selected *automatically*.

What I want is that if I run 'make menuconfig' and select CONFIG_UT
manually I end up with a configuration that compiles and that does what
I have configured.

Just try:

make wandboard_config
make menuconfig
# set CONFIG_UT=y
# set CONFIG_UT_LIB_RSA=y

This results in

CONFIG_RSA=n

because 'imply RSA' does not switch on CONFIG_RSA in this case.

You end up with a configuration where the test is selected in .config
but cannot be executed.

Please, change your patches such that it is guaranteed that if a test is
activated in the configuration it is executed by the 'ut all' command.

Best regards

Heinrich

>
> I think that this is what Tom implied in his comment.
>
> Thanks,
> -Takahiro Akashi
>
>
>> We run all unit tests in Gitlab CI. This requires default=y.
>>
>> 'imply' gives you no guarantee that RSA is selected. See the build
>> errors I reported for your other patches in the series.
>>
>> Best regards
>>
>> Heinrich
>>
>>>
>>> I believe that the original RSA helper functions (w/o WITH_PKEY)
>>> should also be exercised in a unit test. Otherwise, the code
>>> will only be exercised indirectly through FIT image verification
>>> and such a situation will contradict what Tom (or Heinrich?) demanded
>>> against my RSA patch.
>>>
>>> -Takahiro Akashi
>>>
>>>>> +/*
>>>>> + * openssl genrsa 2048 -out private.pem
>>>>> + * openssl rsa -in private.pem -pubout -outform der -out public.der
>>>>> + * dd if=public.der of=public.raw bs=24 skip=1
>>>>> + */
>>>>> +static unsigned char public_key[] = {
>>>>> +	0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xca, 0x25, 0x23,
>>>>> +	0xe0, 0x0a, 0x4d, 0x8f, 0x56, 0xfc, 0xc9, 0x06, 0x4c, 0xcc, 0x94, 0x43,
>>>>> +	0xe0, 0x56, 0x44, 0x6e, 0x37, 0x54, 0x87, 0x12, 0x84, 0xf9, 0x07, 0x4f,
>>>>> +	0xe4, 0x23, 0x40, 0xc3, 0x43, 0x84, 0x37, 0x86, 0xd3, 0x9d, 0x95, 0x1c,
>>>>> +	0xe4, 0x8a, 0x66, 0x02, 0x09, 0xe2, 0x3d, 0xce, 0x2c, 0xc6, 0x02, 0x6a,
>>>>> +	0xd4, 0x65, 0x61, 0xff, 0x85, 0x6f, 0x88, 0x63, 0xba, 0x31, 0x62, 0x1e,
>>>>> +	0xb7, 0x95, 0xe9, 0x08, 0x3c, 0xe9, 0x35, 0xde, 0xfd, 0x65, 0x92, 0xb8,
>>>>> +	0x9e, 0x71, 0xa4, 0xcd, 0x47, 0xfd, 0x04, 0x26, 0xb9, 0x78, 0xbf, 0x05,
>>>>> +	0x0d, 0xfc, 0x00, 0x84, 0x08, 0xfc, 0xc4, 0x4b, 0xea, 0xf5, 0x97, 0x68,
>>>>> +	0x0d, 0x97, 0xd7, 0xff, 0x4f, 0x92, 0x82, 0xd7, 0xbb, 0xef, 0xb7, 0x67,
>>>>> +	0x8e, 0x72, 0x54, 0xe8, 0xc5, 0x9e, 0xfd, 0xd8, 0x38, 0xe9, 0xbe, 0x19,
>>>>> +	0x37, 0x5b, 0x36, 0x8b, 0xbf, 0x49, 0xa1, 0x59, 0x3a, 0x9d, 0xad, 0x92,
>>>>> +	0x08, 0x0b, 0xe3, 0xa4, 0xa4, 0x7d, 0xd3, 0x70, 0xc0, 0xb8, 0xfb, 0xc7,
>>>>> +	0xda, 0xd3, 0x19, 0x86, 0x37, 0x9a, 0xcd, 0xab, 0x30, 0x96, 0xab, 0xa4,
>>>>> +	0xa2, 0x31, 0xa0, 0x38, 0xfb, 0xbf, 0x85, 0xd3, 0x24, 0x39, 0xed, 0xbf,
>>>>> +	0xe1, 0x31, 0xed, 0x6c, 0x39, 0xc1, 0xe5, 0x05, 0x2e, 0x12, 0x30, 0x36,
>>>>> +	0x73, 0x5d, 0x62, 0xf3, 0x82, 0xaf, 0x38, 0xc8, 0xca, 0xfa, 0xa1, 0x99,
>>>>> +	0x57, 0x3c, 0xe1, 0xc1, 0x7b, 0x05, 0x0b, 0xcc, 0x2e, 0xa9, 0x10, 0xc8,
>>>>> +	0x68, 0xbd, 0x27, 0xb6, 0x19, 0x9c, 0xd2, 0xad, 0xb3, 0x1f, 0xca, 0x35,
>>>>> +	0x6e, 0x84, 0x23, 0xa1, 0xe9, 0xa4, 0x4c, 0xab, 0x19, 0x09, 0x79, 0x6e,
>>>>> +	0x3c, 0x7b, 0x74, 0xfc, 0x33, 0x05, 0xcf, 0xa4, 0x2e, 0xeb, 0x55, 0x60,
>>>>> +	0x05, 0xc7, 0xcf, 0x3f, 0x92, 0xac, 0x2d, 0x69, 0x0b, 0x19, 0x16, 0x79,
>>>>> +	0x75, 0x02, 0x03, 0x01, 0x00, 0x01
>>>>> +};
>>>>> +
>>>>> +static unsigned int public_key_len = 270;
>>>>> +
>>>>> +/*
>>>>> + * dd if=/dev/urandom of=data.raw bs=512 count=1
>>>>> + */
>>>>> +static unsigned char data_raw[] = {
>>>>> +	0x3e, 0x48, 0x6e, 0xef, 0x83, 0xd1, 0x4c, 0xfd, 0x92, 0x47, 0x92, 0xd7,
>>>>> +	0xf6, 0x16, 0x25, 0x0a, 0xdf, 0xe2, 0xb6, 0x6c, 0xe7, 0xe0, 0x55, 0xb2,
>>>>> +	0x70, 0x66, 0xf0, 0xe5, 0xdc, 0xaf, 0xd3, 0x2e, 0xc1, 0x3e, 0x5c, 0x4b,
>>>>> +	0xb5, 0xa7, 0x23, 0x1f, 0x2c, 0xce, 0xf8, 0x83, 0x00, 0x6d, 0xeb, 0xdd,
>>>>> +	0x19, 0x71, 0x13, 0xb4, 0xae, 0x5c, 0xa8, 0xae, 0x52, 0xc8, 0xe1, 0x77,
>>>>> +	0x9e, 0x98, 0x75, 0xbc, 0xef, 0x36, 0x9f, 0x0c, 0x14, 0xed, 0x1a, 0x0a,
>>>>> +	0x4f, 0x6c, 0xa4, 0xb1, 0xbb, 0x0e, 0x43, 0x93, 0x12, 0xfc, 0x2e, 0x82,
>>>>> +	0x93, 0x4e, 0xcb, 0xa2, 0xcd, 0x59, 0x3f, 0xc5, 0x11, 0x38, 0x3a, 0x88,
>>>>> +	0xc3, 0xcf, 0xf9, 0x61, 0xa8, 0x9e, 0x96, 0xb6, 0xbf, 0xa6, 0x5b, 0x0d,
>>>>> +	0xd9, 0xbd, 0x05, 0x4c, 0xbe, 0xed, 0x86, 0xca, 0x10, 0x63, 0x72, 0x75,
>>>>> +	0x4b, 0xbd, 0x86, 0x42, 0x30, 0x9d, 0x54, 0x4e, 0x12, 0xda, 0xf4, 0xb4,
>>>>> +	0xfd, 0xd9, 0x54, 0x95, 0x8f, 0x83, 0xc2, 0x63, 0x44, 0xdd, 0x96, 0x1a,
>>>>> +	0xd0, 0x7c, 0xcf, 0xcb, 0x16, 0xd6, 0xff, 0xa3, 0xbb, 0xeb, 0x24, 0x06,
>>>>> +	0xbf, 0x81, 0xd0, 0x29, 0x76, 0x19, 0x66, 0x84, 0xfc, 0x49, 0xde, 0x7b,
>>>>> +	0x5d, 0xd2, 0x27, 0x58, 0x21, 0x7b, 0xff, 0x4d, 0x64, 0xf3, 0x89, 0xe3,
>>>>> +	0xea, 0xb6, 0x54, 0x4e, 0xb1, 0x62, 0x52, 0x89, 0xe3, 0x22, 0xf2, 0x26,
>>>>> +	0x3e, 0x4f, 0x43, 0x58, 0x78, 0x91, 0x55, 0xbc, 0x1e, 0xd6, 0x97, 0xfc,
>>>>> +	0x0b, 0x85, 0x4c, 0x92, 0x9c, 0xbf, 0xc4, 0xb1, 0x62, 0x93, 0x27, 0xa9,
>>>>> +	0xb2, 0xf4, 0xb4, 0x7a, 0xfb, 0x56, 0xe5, 0x8f, 0xe1, 0x94, 0x4d, 0xfd,
>>>>> +	0xe4, 0x72, 0x8d, 0xa9, 0x71, 0x65, 0xcb, 0x2e, 0x6d, 0x39, 0xd5, 0x95,
>>>>> +	0xe7, 0x3f, 0xab, 0xaa, 0x7a, 0x74, 0x84, 0x25, 0x4b, 0x42, 0x1e, 0xd3,
>>>>> +	0x86, 0xca, 0x47, 0x4a, 0xf0, 0x24, 0x81, 0x24, 0xb0, 0xe1, 0xbb, 0x6c,
>>>>> +	0x3f, 0x2a, 0xa0, 0xb8, 0xeb, 0xd6, 0x01, 0xce, 0x63, 0x51, 0xe1, 0x81,
>>>>> +	0xd2, 0x32, 0x43, 0x56, 0x44, 0x4a, 0x6b, 0x51, 0x24, 0xa2, 0xc7, 0x39,
>>>>> +	0x7c, 0x54, 0xda, 0xf8, 0xd4, 0x93, 0x7c, 0x8e, 0x4e, 0x9d, 0x15, 0x08,
>>>>> +	0xce, 0x27, 0xd8, 0x28, 0xb0, 0x5b, 0x75, 0x32, 0x43, 0xe8, 0xd6, 0xbf,
>>>>> +	0x12, 0xd5, 0xc5, 0x12, 0x8e, 0xeb, 0x77, 0x8f, 0x00, 0xde, 0x45, 0x1e,
>>>>> +	0xdd, 0xf3, 0xef, 0x43, 0x99, 0x79, 0x86, 0xea, 0x01, 0xce, 0xf2, 0x4d,
>>>>> +	0xa0, 0xfe, 0x5a, 0x55, 0xc0, 0x1f, 0xce, 0xe8, 0xbe, 0xc2, 0x66, 0xdb,
>>>>> +	0xcb, 0x3f, 0xa5, 0x48, 0xa1, 0xe2, 0x49, 0xa1, 0x29, 0x65, 0x5b, 0x62,
>>>>> +	0x39, 0xcc, 0xef, 0xbe, 0x86, 0xb7, 0xe3, 0x44, 0x67, 0x04, 0x04, 0xb1,
>>>>> +	0xec, 0xd8, 0xb2, 0xb2, 0x38, 0xbc, 0x10, 0xea, 0x7a, 0x0e, 0xa4, 0xa4,
>>>>> +	0xcb, 0x21, 0xd9, 0xc7, 0xb4, 0x0b, 0xb8, 0x39, 0xb4, 0x07, 0x53, 0x3f,
>>>>> +	0xb9, 0x55, 0x55, 0xa1, 0x6f, 0x11, 0x49, 0xc0, 0x94, 0x77, 0xaf, 0x76,
>>>>> +	0x97, 0x7f, 0x31, 0x08, 0xdd, 0x72, 0x48, 0x72, 0xf8, 0x11, 0x4f, 0x69,
>>>>> +	0x10, 0xef, 0x23, 0x06, 0xf3, 0x34, 0xac, 0xee, 0x97, 0x89, 0x41, 0x1c,
>>>>> +	0x36, 0x38, 0xb1, 0x80, 0x96, 0x7a, 0x9e, 0x72, 0xab, 0x25, 0xeb, 0xce,
>>>>> +	0x7b, 0xb8, 0x5d, 0xc8, 0xef, 0xa4, 0x73, 0xa1, 0xa6, 0x8f, 0x01, 0x54,
>>>>> +	0xce, 0x58, 0x19, 0xe5, 0x7e, 0xfa, 0x77, 0x08, 0x9d, 0x53, 0xc1, 0xcc,
>>>>> +	0x08, 0xe8, 0x1d, 0xe0, 0x82, 0x5e, 0xe1, 0xe6, 0xbd, 0xbb, 0x59, 0x7e,
>>>>> +	0x12, 0x9c, 0x39, 0x60, 0x23, 0xf7, 0xbe, 0x0a, 0x7c, 0x48, 0x12, 0xa0,
>>>>> +	0x84, 0x04, 0x3f, 0xa1, 0x6e, 0x92, 0xcd, 0xa0, 0xac, 0xee, 0x0b, 0xbc,
>>>>> +	0x18, 0x30, 0x28, 0xbd, 0xf5, 0xfa, 0x3a, 0x35
>>>>> +};
>>>>> +
>>>>> +static unsigned int data_raw_len = 512;
>>>>> +
>>>>> +/*
>>>>> + * openssl dgst -sha256 -sign private.key -out data.enc data.raw
>>>>> + */
>>>>> +unsigned char data_enc[] = {
>>>>> +	0xa7, 0x4a, 0x12, 0x8f, 0xee, 0x65, 0x4b, 0xcd, 0x88, 0xca, 0x4d, 0xed,
>>>>> +	0xe3, 0x04, 0xe7, 0x7c, 0x59, 0xbf, 0x2f, 0xad, 0x95, 0x73, 0x5b, 0x2c,
>>>>> +	0x4e, 0xb5, 0xda, 0x5e, 0x3a, 0x6d, 0xb4, 0xc5, 0x84, 0x0c, 0xd2, 0x4a,
>>>>> +	0x62, 0x0d, 0x5f, 0xba, 0x10, 0xee, 0xb1, 0x2a, 0xe1, 0xfe, 0x50, 0x18,
>>>>> +	0x97, 0xcc, 0xea, 0x26, 0x62, 0x33, 0x5a, 0x1d, 0x51, 0x38, 0x52, 0x89,
>>>>> +	0x4d, 0xa7, 0x18, 0xff, 0xa6, 0xc8, 0xd4, 0x7a, 0xc0, 0xa6, 0x22, 0xdf,
>>>>> +	0x41, 0x89, 0x93, 0x9b, 0xe7, 0x9e, 0xc1, 0xc8, 0x80, 0xda, 0x1a, 0x3f,
>>>>> +	0xa4, 0x7a, 0xd0, 0x07, 0xcb, 0x5c, 0xa4, 0x75, 0x12, 0x54, 0x78, 0x67,
>>>>> +	0xbf, 0xe6, 0xae, 0x1e, 0x56, 0x33, 0x9e, 0xe0, 0x6e, 0x33, 0xa7, 0x58,
>>>>> +	0xb0, 0x47, 0x49, 0xa8, 0x37, 0xdb, 0x82, 0x4b, 0xbd, 0x32, 0x9c, 0xdc,
>>>>> +	0xf4, 0x67, 0x17, 0x24, 0x55, 0xfd, 0x83, 0x1e, 0xc8, 0xb4, 0x5c, 0xf9,
>>>>> +	0x15, 0x6c, 0x5e, 0xaa, 0x72, 0x03, 0x9e, 0x7c, 0x17, 0xf5, 0x7c, 0x37,
>>>>> +	0x96, 0x00, 0xb0, 0xd8, 0xaa, 0x05, 0xfa, 0xaa, 0xa1, 0x78, 0x77, 0xd5,
>>>>> +	0x09, 0xdd, 0x05, 0xc7, 0xe2, 0x9f, 0x68, 0xc7, 0xf8, 0xfb, 0x0b, 0x6f,
>>>>> +	0x18, 0x1e, 0xcc, 0x93, 0xd3, 0x3f, 0xc9, 0x26, 0x29, 0x64, 0xe7, 0x15,
>>>>> +	0xdc, 0xb8, 0x19, 0x10, 0x24, 0x55, 0x55, 0x3b, 0x79, 0xa1, 0x65, 0x12,
>>>>> +	0xe0, 0x0b, 0x88, 0x44, 0x4c, 0xea, 0x85, 0x5a, 0x6b, 0x2d, 0x45, 0x6e,
>>>>> +	0xe7, 0x83, 0x6f, 0x3a, 0xaa, 0x1e, 0xf1, 0x9c, 0x8f, 0xdc, 0xb9, 0x37,
>>>>> +	0xa2, 0x15, 0x61, 0x93, 0x06, 0x23, 0xf5, 0xfe, 0xf0, 0xf8, 0x2b, 0xf7,
>>>>> +	0xc0, 0x68, 0x67, 0xf6, 0x4e, 0x08, 0x0d, 0x0d, 0x08, 0xbe, 0xfb, 0x2c,
>>>>> +	0x4c, 0xe7, 0xd7, 0x1a, 0xad, 0xd9, 0x98, 0xa1, 0x8d, 0x94, 0x1c, 0xd1,
>>>>> +	0x89, 0x06, 0xc9, 0x3a
>>>>> +};
>>>>> +
>>>>> +static unsigned int data_enc_len = 256;
>>>>> +
>>>>> +/**
>>>>> + * lib_rsa_verify_valid() - unit test for rsa_verify()
>>>>> + *
>>>>> + * Test rsa_verify() with valid hash
>>>>> + *
>>>>> + * @uts:	unit test state
>>>>> + * Return:	0 = success, 1 = failure
>>>>> + */
>>>>> +static int lib_rsa_verify_valid(struct unit_test_state *uts)
>>>>> +{
>>>>> +	struct image_sign_info info;
>>>>> +	struct image_region reg;
>>>>> +	int ret;
>>>>> +
>>>>> +	memset(&info, '\0', sizeof(info));
>>>>> +	info.name = "sha256,rsa2048";
>>>>> +	info.padding = image_get_padding_algo("pkcs-1.5");
>>>>> +	info.checksum = image_get_checksum_algo("sha256,rsa2048");
>>>>> +	info.crypto = image_get_crypto_algo(info.name);
>>>>> +
>>>>> +	info.key = public_key;
>>>>> +	info.keylen = public_key_len;
>>>>> +
>>>>> +	reg.data = data_raw;
>>>>> +	reg.size = data_raw_len;
>>>>> +	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
>>>>> +	ut_assertf(ret == 0, "verification unexpectedly failed (%d)\n", ret);
>>>>> +
>>>>> +	return CMD_RET_SUCCESS;
>>>>> +}
>>>>> +
>>>>> +LIB_TEST(lib_rsa_verify_valid, 0);
>>>>> +
>>>>> +/**
>>>>> + * lib_rsa_verify_invalid() - unit test for rsa_verify()
>>>>> + *
>>>>> + * Test rsa_verify() with invalid hash
>>>>> + *
>>>>> + * @uts:	unit test state
>>>>> + * Return:	0 = success, 1 = failure
>>>>> + */
>>>>> +static int lib_rsa_verify_invalid(struct unit_test_state *uts)
>>>>> +{
>>>>> +	struct image_sign_info info;
>>>>> +	struct image_region reg;
>>>>> +	unsigned char ctmp;
>>>>> +	int ret;
>>>>> +
>>>>> +	memset(&info, '\0', sizeof(info));
>>>>> +	info.name = "sha256,rsa2048";
>>>>> +	info.padding = image_get_padding_algo("pkcs-1.5");
>>>>> +	info.checksum = image_get_checksum_algo("sha256,rsa2048");
>>>>> +	info.crypto = image_get_crypto_algo(info.name);
>>>>> +
>>>>> +	info.key = public_key;
>>>>> +	info.keylen = public_key_len;
>>>>> +
>>>>> +	/* randomly corrupt enc'ed data */
>>>>> +	ctmp = data_enc[data_enc_len - 10];
>>>>> +	data_enc[data_enc_len - 10] = 0x12;
>>>>> +
>>>>> +	reg.data = data_raw;
>>>>> +	reg.size = data_raw_len;
>>>>> +	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
>>>>> +
>>>>> +	/* revert a change */
>>>>> +	data_enc[data_enc_len - 10] = ctmp;
>>>>> +
>>>>> +	ut_assertf(ret != 0, "verification unexpectedly succeeded\n");
>>>>> +
>>>>> +	return CMD_RET_SUCCESS;
>>>>> +}
>>>>> +
>>>>> +LIB_TEST(lib_rsa_verify_invalid, 0);
>>>>> +#endif /* RSA_VERIFY_WITH_PKEY */
>>>>>
>>>
>>
>

AKASHI Takahiro Jan. 21, 2020, 5:48 a.m. UTC | #7

On Fri, Jan 17, 2020 at 06:26:34AM +0100, Heinrich Schuchardt wrote:
> On 1/17/20 2:53 AM, AKASHI Takahiro wrote:
> >On Tue, Jan 14, 2020 at 01:04:58PM +0100, Heinrich Schuchardt wrote:
> >>On 1/14/20 8:33 AM, AKASHI Takahiro wrote:
> >>>On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
> >>>>
> >>>>
> >>>>On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> >>>>>In this patch, a very simple test is added to verify that rsa_verify()
> >>>>>using rsa_verify_with_pkey() work correctly.
> >>>>>
> >>>>>To keep the code simple, all the test data, either public key and
> >>>>>verified binary data, are embedded in the source.
> >>>>>
> >>>>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> >>>>>---
> >>>>>  test/Kconfig      |  12 +++
> >>>>>  test/lib/Makefile |   1 +
> >>>>>  test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
> >>>>>  3 files changed, 219 insertions(+)
> >>>>>  create mode 100644 test/lib/rsa.c
> >>>>>
> >>>>>diff --git a/test/Kconfig b/test/Kconfig
> >>>>>index cb7954041eda..64d76c3b20a5 100644
> >>>>>--- a/test/Kconfig
> >>>>>+++ b/test/Kconfig
> >>>>>@@ -28,6 +28,18 @@ config UT_LIB_ASN1
> >>>>>  	  Enables a test which exercises asn1 compiler and decoder function
> >>>>>  	  via various parsers.
> >>>>>
> >>>>>+config UT_LIB_RSA
> >>>>>+	bool "Unit test for rsa_verify() function"
> >>>>>+	imply RSA
> >>>>>+	imply ASYMMETRIC_KEY_TYPE
> >>>>>+	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> >>>>>+	imply RSA_PUBLIC_KEY_PARSER
> >>>>>+	imply RSA_VERIFY_WITH_PKEY
> >>>>
> >>>>This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
> >>>>executed otherwise.
> >>>
> >>>See below.
> >>>
> >>>>Best regards
> >>>>
> >>>>Heinrich
> >>>>
> >>>>>+	default y
> >>>>>+	help
> >>>>>+	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
> >>>>>+	  only, at the 'ut lib' command.
> >>>>>+
> >>>>>  endif
> >>>>>
> >>>>>  config UT_TIME
> >>>>>diff --git a/test/lib/Makefile b/test/lib/Makefile
> >>>>>index 72d2ec74b5f4..2bf6ef3935bb 100644
> >>>>>--- a/test/lib/Makefile
> >>>>>+++ b/test/lib/Makefile
> >>>>>@@ -8,3 +8,4 @@ obj-y += lmb.o
> >>>>>  obj-y += string.o
> >>>>>  obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
> >>>>>  obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> >>>>>+obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> >>>>>diff --git a/test/lib/rsa.c b/test/lib/rsa.c
> >>>>>new file mode 100644
> >>>>>index 000000000000..44f8ade226f4
> >>>>>--- /dev/null
> >>>>>+++ b/test/lib/rsa.c
> >>>>>@@ -0,0 +1,206 @@
> >>>>>+// SPDX-License-Identifier: GPL-2.0+
> >>>>>+/*
> >>>>>+ * Copyright (c) 2019 Linaro Limited
> >>>>>+ * Author: AKASHI Takahiro
> >>>>>+ *
> >>>>>+ * Unit test for rsa_verify() function
> >>>>>+ */
> >>>>>+
> >>>>>+#include <common.h>
> >>>>>+#include <command.h>
> >>>>>+#include <image.h>
> >>>>>+#include <test/lib.h>
> >>>>>+#include <test/test.h>
> >>>>>+#include <test/ut.h>
> >>>>>+#include <u-boot/rsa.h>
> >>>>>+
> >>>>>+#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
> >>>>
> >>>>Please, remove this ifdef. Simply do not build this module if
> >>>>CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
> >>>
> >>>That is why I added this #ifdef here to avoid a build error.
> >>>I think it is a good idea to make test code as generic as possible
> >>>to easily add more test cases.
> >>
> >>It is preferable to move configuration dependencies to the Makefile.
> >>
> >>You can create a new C file if you have tests needing a different
> >>configuration.
> >>
> >>test/lib/rsa_verify.c might be a better name for the file.
> >>
> >>In test/Kconfig, please, replace
> >>
> >>config UT_LIB_RSA
> >>         bool "Unit test for rsa_verify() function"
> >>         imply RSA
> >>
> >>by
> >>
> >>config UT_LIB_RSA
> >>         bool "Unit test for rsa_verify() function"
> >>	default y
> >>         depends on RSA
> >
> >Initially in my development code, I did the exact same thing,
> >but I didn't adopt this approach.
> >
> >If we follow your proposal, UT_LIB_RSA won't be selected
> >unless RSA is enabled.
> >So UT_LIB_RSA won't be executed under most existing configurations
> >in the current CI.  This was not what I wanted.
> >
> >What I wanted here is that, if UT (and UT_LIB) is selected, all
> >the configurations needed for enabling all the test cases be
> >also selected *automatically*.
> 
> What I want is that if I run 'make menuconfig' and select CONFIG_UT
> manually I end up with a configuration that compiles and that does what
> I have configured.

Hmm, that is what I intend to do here, but the code doesn't work
as I expected. It works only if CONFIG_UT_LIB_RSA is on in *defconfig.

So I have no option other than changing reverse dependencies as follows,
    CONFIG_UT_LIB_RSA
      select IMAGE_SIGN_INFO
      select RSA
      imply RSA_VERIFY_WITH_PKEY

Using 'select' is still safe as CONFIG_RSA has no dependency.
(Please note we can still use 'imply' for VERIFY_WITH_PKEY here.)

Tom, do you agree to this change?

Thanks,
-Takahiro Akashi

> Just try:
> 
> make wandboard_config
> make menuconfig
> # set CONFIG_UT=y
> # set CONFIG_UT_LIB_RSA=y
> 
> This results in
> 
> CONFIG_RSA=n
> 
> because 'imply RSA' does not switch on CONFIG_RSA in this case.
> 
> You end up with a configuration where the test is selected in .config
> but cannot be executed.
> 
> Please, change your patches such that it is guaranteed that if a test is
> activated in the configuration it is executed by the 'ut all' command.
> 
> Best regards
> 
> Heinrich
> 
> >
> >I think that this is what Tom implied in his comment.
> >
> >Thanks,
> >-Takahiro Akashi
> >
> >
> >>We run all unit tests in Gitlab CI. This requires default=y.
> >>
> >>'imply' gives you no guarantee that RSA is selected. See the build
> >>errors I reported for your other patches in the series.
> >>
> >>Best regards
> >>
> >>Heinrich
> >>
> >>>
> >>>I believe that the original RSA helper functions (w/o WITH_PKEY)
> >>>should also be exercised in a unit test. Otherwise, the code
> >>>will only be exercised indirectly through FIT image verification
> >>>and such a situation will contradict what Tom (or Heinrich?) demanded
> >>>against my RSA patch.
> >>>
> >>>-Takahiro Akashi
> >>>
> >>>>>+/*
> >>>>>+ * openssl genrsa 2048 -out private.pem
> >>>>>+ * openssl rsa -in private.pem -pubout -outform der -out public.der
> >>>>>+ * dd if=public.der of=public.raw bs=24 skip=1
> >>>>>+ */
> >>>>>+static unsigned char public_key[] = {
> >>>>>+	0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xca, 0x25, 0x23,
> >>>>>+	0xe0, 0x0a, 0x4d, 0x8f, 0x56, 0xfc, 0xc9, 0x06, 0x4c, 0xcc, 0x94, 0x43,
> >>>>>+	0xe0, 0x56, 0x44, 0x6e, 0x37, 0x54, 0x87, 0x12, 0x84, 0xf9, 0x07, 0x4f,
> >>>>>+	0xe4, 0x23, 0x40, 0xc3, 0x43, 0x84, 0x37, 0x86, 0xd3, 0x9d, 0x95, 0x1c,
> >>>>>+	0xe4, 0x8a, 0x66, 0x02, 0x09, 0xe2, 0x3d, 0xce, 0x2c, 0xc6, 0x02, 0x6a,
> >>>>>+	0xd4, 0x65, 0x61, 0xff, 0x85, 0x6f, 0x88, 0x63, 0xba, 0x31, 0x62, 0x1e,
> >>>>>+	0xb7, 0x95, 0xe9, 0x08, 0x3c, 0xe9, 0x35, 0xde, 0xfd, 0x65, 0x92, 0xb8,
> >>>>>+	0x9e, 0x71, 0xa4, 0xcd, 0x47, 0xfd, 0x04, 0x26, 0xb9, 0x78, 0xbf, 0x05,
> >>>>>+	0x0d, 0xfc, 0x00, 0x84, 0x08, 0xfc, 0xc4, 0x4b, 0xea, 0xf5, 0x97, 0x68,
> >>>>>+	0x0d, 0x97, 0xd7, 0xff, 0x4f, 0x92, 0x82, 0xd7, 0xbb, 0xef, 0xb7, 0x67,
> >>>>>+	0x8e, 0x72, 0x54, 0xe8, 0xc5, 0x9e, 0xfd, 0xd8, 0x38, 0xe9, 0xbe, 0x19,
> >>>>>+	0x37, 0x5b, 0x36, 0x8b, 0xbf, 0x49, 0xa1, 0x59, 0x3a, 0x9d, 0xad, 0x92,
> >>>>>+	0x08, 0x0b, 0xe3, 0xa4, 0xa4, 0x7d, 0xd3, 0x70, 0xc0, 0xb8, 0xfb, 0xc7,
> >>>>>+	0xda, 0xd3, 0x19, 0x86, 0x37, 0x9a, 0xcd, 0xab, 0x30, 0x96, 0xab, 0xa4,
> >>>>>+	0xa2, 0x31, 0xa0, 0x38, 0xfb, 0xbf, 0x85, 0xd3, 0x24, 0x39, 0xed, 0xbf,
> >>>>>+	0xe1, 0x31, 0xed, 0x6c, 0x39, 0xc1, 0xe5, 0x05, 0x2e, 0x12, 0x30, 0x36,
> >>>>>+	0x73, 0x5d, 0x62, 0xf3, 0x82, 0xaf, 0x38, 0xc8, 0xca, 0xfa, 0xa1, 0x99,
> >>>>>+	0x57, 0x3c, 0xe1, 0xc1, 0x7b, 0x05, 0x0b, 0xcc, 0x2e, 0xa9, 0x10, 0xc8,
> >>>>>+	0x68, 0xbd, 0x27, 0xb6, 0x19, 0x9c, 0xd2, 0xad, 0xb3, 0x1f, 0xca, 0x35,
> >>>>>+	0x6e, 0x84, 0x23, 0xa1, 0xe9, 0xa4, 0x4c, 0xab, 0x19, 0x09, 0x79, 0x6e,
> >>>>>+	0x3c, 0x7b, 0x74, 0xfc, 0x33, 0x05, 0xcf, 0xa4, 0x2e, 0xeb, 0x55, 0x60,
> >>>>>+	0x05, 0xc7, 0xcf, 0x3f, 0x92, 0xac, 0x2d, 0x69, 0x0b, 0x19, 0x16, 0x79,
> >>>>>+	0x75, 0x02, 0x03, 0x01, 0x00, 0x01
> >>>>>+};
> >>>>>+
> >>>>>+static unsigned int public_key_len = 270;
> >>>>>+
> >>>>>+/*
> >>>>>+ * dd if=/dev/urandom of=data.raw bs=512 count=1
> >>>>>+ */
> >>>>>+static unsigned char data_raw[] = {
> >>>>>+	0x3e, 0x48, 0x6e, 0xef, 0x83, 0xd1, 0x4c, 0xfd, 0x92, 0x47, 0x92, 0xd7,
> >>>>>+	0xf6, 0x16, 0x25, 0x0a, 0xdf, 0xe2, 0xb6, 0x6c, 0xe7, 0xe0, 0x55, 0xb2,
> >>>>>+	0x70, 0x66, 0xf0, 0xe5, 0xdc, 0xaf, 0xd3, 0x2e, 0xc1, 0x3e, 0x5c, 0x4b,
> >>>>>+	0xb5, 0xa7, 0x23, 0x1f, 0x2c, 0xce, 0xf8, 0x83, 0x00, 0x6d, 0xeb, 0xdd,
> >>>>>+	0x19, 0x71, 0x13, 0xb4, 0xae, 0x5c, 0xa8, 0xae, 0x52, 0xc8, 0xe1, 0x77,
> >>>>>+	0x9e, 0x98, 0x75, 0xbc, 0xef, 0x36, 0x9f, 0x0c, 0x14, 0xed, 0x1a, 0x0a,
> >>>>>+	0x4f, 0x6c, 0xa4, 0xb1, 0xbb, 0x0e, 0x43, 0x93, 0x12, 0xfc, 0x2e, 0x82,
> >>>>>+	0x93, 0x4e, 0xcb, 0xa2, 0xcd, 0x59, 0x3f, 0xc5, 0x11, 0x38, 0x3a, 0x88,
> >>>>>+	0xc3, 0xcf, 0xf9, 0x61, 0xa8, 0x9e, 0x96, 0xb6, 0xbf, 0xa6, 0x5b, 0x0d,
> >>>>>+	0xd9, 0xbd, 0x05, 0x4c, 0xbe, 0xed, 0x86, 0xca, 0x10, 0x63, 0x72, 0x75,
> >>>>>+	0x4b, 0xbd, 0x86, 0x42, 0x30, 0x9d, 0x54, 0x4e, 0x12, 0xda, 0xf4, 0xb4,
> >>>>>+	0xfd, 0xd9, 0x54, 0x95, 0x8f, 0x83, 0xc2, 0x63, 0x44, 0xdd, 0x96, 0x1a,
> >>>>>+	0xd0, 0x7c, 0xcf, 0xcb, 0x16, 0xd6, 0xff, 0xa3, 0xbb, 0xeb, 0x24, 0x06,
> >>>>>+	0xbf, 0x81, 0xd0, 0x29, 0x76, 0x19, 0x66, 0x84, 0xfc, 0x49, 0xde, 0x7b,
> >>>>>+	0x5d, 0xd2, 0x27, 0x58, 0x21, 0x7b, 0xff, 0x4d, 0x64, 0xf3, 0x89, 0xe3,
> >>>>>+	0xea, 0xb6, 0x54, 0x4e, 0xb1, 0x62, 0x52, 0x89, 0xe3, 0x22, 0xf2, 0x26,
> >>>>>+	0x3e, 0x4f, 0x43, 0x58, 0x78, 0x91, 0x55, 0xbc, 0x1e, 0xd6, 0x97, 0xfc,
> >>>>>+	0x0b, 0x85, 0x4c, 0x92, 0x9c, 0xbf, 0xc4, 0xb1, 0x62, 0x93, 0x27, 0xa9,
> >>>>>+	0xb2, 0xf4, 0xb4, 0x7a, 0xfb, 0x56, 0xe5, 0x8f, 0xe1, 0x94, 0x4d, 0xfd,
> >>>>>+	0xe4, 0x72, 0x8d, 0xa9, 0x71, 0x65, 0xcb, 0x2e, 0x6d, 0x39, 0xd5, 0x95,
> >>>>>+	0xe7, 0x3f, 0xab, 0xaa, 0x7a, 0x74, 0x84, 0x25, 0x4b, 0x42, 0x1e, 0xd3,
> >>>>>+	0x86, 0xca, 0x47, 0x4a, 0xf0, 0x24, 0x81, 0x24, 0xb0, 0xe1, 0xbb, 0x6c,
> >>>>>+	0x3f, 0x2a, 0xa0, 0xb8, 0xeb, 0xd6, 0x01, 0xce, 0x63, 0x51, 0xe1, 0x81,
> >>>>>+	0xd2, 0x32, 0x43, 0x56, 0x44, 0x4a, 0x6b, 0x51, 0x24, 0xa2, 0xc7, 0x39,
> >>>>>+	0x7c, 0x54, 0xda, 0xf8, 0xd4, 0x93, 0x7c, 0x8e, 0x4e, 0x9d, 0x15, 0x08,
> >>>>>+	0xce, 0x27, 0xd8, 0x28, 0xb0, 0x5b, 0x75, 0x32, 0x43, 0xe8, 0xd6, 0xbf,
> >>>>>+	0x12, 0xd5, 0xc5, 0x12, 0x8e, 0xeb, 0x77, 0x8f, 0x00, 0xde, 0x45, 0x1e,
> >>>>>+	0xdd, 0xf3, 0xef, 0x43, 0x99, 0x79, 0x86, 0xea, 0x01, 0xce, 0xf2, 0x4d,
> >>>>>+	0xa0, 0xfe, 0x5a, 0x55, 0xc0, 0x1f, 0xce, 0xe8, 0xbe, 0xc2, 0x66, 0xdb,
> >>>>>+	0xcb, 0x3f, 0xa5, 0x48, 0xa1, 0xe2, 0x49, 0xa1, 0x29, 0x65, 0x5b, 0x62,
> >>>>>+	0x39, 0xcc, 0xef, 0xbe, 0x86, 0xb7, 0xe3, 0x44, 0x67, 0x04, 0x04, 0xb1,
> >>>>>+	0xec, 0xd8, 0xb2, 0xb2, 0x38, 0xbc, 0x10, 0xea, 0x7a, 0x0e, 0xa4, 0xa4,
> >>>>>+	0xcb, 0x21, 0xd9, 0xc7, 0xb4, 0x0b, 0xb8, 0x39, 0xb4, 0x07, 0x53, 0x3f,
> >>>>>+	0xb9, 0x55, 0x55, 0xa1, 0x6f, 0x11, 0x49, 0xc0, 0x94, 0x77, 0xaf, 0x76,
> >>>>>+	0x97, 0x7f, 0x31, 0x08, 0xdd, 0x72, 0x48, 0x72, 0xf8, 0x11, 0x4f, 0x69,
> >>>>>+	0x10, 0xef, 0x23, 0x06, 0xf3, 0x34, 0xac, 0xee, 0x97, 0x89, 0x41, 0x1c,
> >>>>>+	0x36, 0x38, 0xb1, 0x80, 0x96, 0x7a, 0x9e, 0x72, 0xab, 0x25, 0xeb, 0xce,
> >>>>>+	0x7b, 0xb8, 0x5d, 0xc8, 0xef, 0xa4, 0x73, 0xa1, 0xa6, 0x8f, 0x01, 0x54,
> >>>>>+	0xce, 0x58, 0x19, 0xe5, 0x7e, 0xfa, 0x77, 0x08, 0x9d, 0x53, 0xc1, 0xcc,
> >>>>>+	0x08, 0xe8, 0x1d, 0xe0, 0x82, 0x5e, 0xe1, 0xe6, 0xbd, 0xbb, 0x59, 0x7e,
> >>>>>+	0x12, 0x9c, 0x39, 0x60, 0x23, 0xf7, 0xbe, 0x0a, 0x7c, 0x48, 0x12, 0xa0,
> >>>>>+	0x84, 0x04, 0x3f, 0xa1, 0x6e, 0x92, 0xcd, 0xa0, 0xac, 0xee, 0x0b, 0xbc,
> >>>>>+	0x18, 0x30, 0x28, 0xbd, 0xf5, 0xfa, 0x3a, 0x35
> >>>>>+};
> >>>>>+
> >>>>>+static unsigned int data_raw_len = 512;
> >>>>>+
> >>>>>+/*
> >>>>>+ * openssl dgst -sha256 -sign private.key -out data.enc data.raw
> >>>>>+ */
> >>>>>+unsigned char data_enc[] = {
> >>>>>+	0xa7, 0x4a, 0x12, 0x8f, 0xee, 0x65, 0x4b, 0xcd, 0x88, 0xca, 0x4d, 0xed,
> >>>>>+	0xe3, 0x04, 0xe7, 0x7c, 0x59, 0xbf, 0x2f, 0xad, 0x95, 0x73, 0x5b, 0x2c,
> >>>>>+	0x4e, 0xb5, 0xda, 0x5e, 0x3a, 0x6d, 0xb4, 0xc5, 0x84, 0x0c, 0xd2, 0x4a,
> >>>>>+	0x62, 0x0d, 0x5f, 0xba, 0x10, 0xee, 0xb1, 0x2a, 0xe1, 0xfe, 0x50, 0x18,
> >>>>>+	0x97, 0xcc, 0xea, 0x26, 0x62, 0x33, 0x5a, 0x1d, 0x51, 0x38, 0x52, 0x89,
> >>>>>+	0x4d, 0xa7, 0x18, 0xff, 0xa6, 0xc8, 0xd4, 0x7a, 0xc0, 0xa6, 0x22, 0xdf,
> >>>>>+	0x41, 0x89, 0x93, 0x9b, 0xe7, 0x9e, 0xc1, 0xc8, 0x80, 0xda, 0x1a, 0x3f,
> >>>>>+	0xa4, 0x7a, 0xd0, 0x07, 0xcb, 0x5c, 0xa4, 0x75, 0x12, 0x54, 0x78, 0x67,
> >>>>>+	0xbf, 0xe6, 0xae, 0x1e, 0x56, 0x33, 0x9e, 0xe0, 0x6e, 0x33, 0xa7, 0x58,
> >>>>>+	0xb0, 0x47, 0x49, 0xa8, 0x37, 0xdb, 0x82, 0x4b, 0xbd, 0x32, 0x9c, 0xdc,
> >>>>>+	0xf4, 0x67, 0x17, 0x24, 0x55, 0xfd, 0x83, 0x1e, 0xc8, 0xb4, 0x5c, 0xf9,
> >>>>>+	0x15, 0x6c, 0x5e, 0xaa, 0x72, 0x03, 0x9e, 0x7c, 0x17, 0xf5, 0x7c, 0x37,
> >>>>>+	0x96, 0x00, 0xb0, 0xd8, 0xaa, 0x05, 0xfa, 0xaa, 0xa1, 0x78, 0x77, 0xd5,
> >>>>>+	0x09, 0xdd, 0x05, 0xc7, 0xe2, 0x9f, 0x68, 0xc7, 0xf8, 0xfb, 0x0b, 0x6f,
> >>>>>+	0x18, 0x1e, 0xcc, 0x93, 0xd3, 0x3f, 0xc9, 0x26, 0x29, 0x64, 0xe7, 0x15,
> >>>>>+	0xdc, 0xb8, 0x19, 0x10, 0x24, 0x55, 0x55, 0x3b, 0x79, 0xa1, 0x65, 0x12,
> >>>>>+	0xe0, 0x0b, 0x88, 0x44, 0x4c, 0xea, 0x85, 0x5a, 0x6b, 0x2d, 0x45, 0x6e,
> >>>>>+	0xe7, 0x83, 0x6f, 0x3a, 0xaa, 0x1e, 0xf1, 0x9c, 0x8f, 0xdc, 0xb9, 0x37,
> >>>>>+	0xa2, 0x15, 0x61, 0x93, 0x06, 0x23, 0xf5, 0xfe, 0xf0, 0xf8, 0x2b, 0xf7,
> >>>>>+	0xc0, 0x68, 0x67, 0xf6, 0x4e, 0x08, 0x0d, 0x0d, 0x08, 0xbe, 0xfb, 0x2c,
> >>>>>+	0x4c, 0xe7, 0xd7, 0x1a, 0xad, 0xd9, 0x98, 0xa1, 0x8d, 0x94, 0x1c, 0xd1,
> >>>>>+	0x89, 0x06, 0xc9, 0x3a
> >>>>>+};
> >>>>>+
> >>>>>+static unsigned int data_enc_len = 256;
> >>>>>+
> >>>>>+/**
> >>>>>+ * lib_rsa_verify_valid() - unit test for rsa_verify()
> >>>>>+ *
> >>>>>+ * Test rsa_verify() with valid hash
> >>>>>+ *
> >>>>>+ * @uts:	unit test state
> >>>>>+ * Return:	0 = success, 1 = failure
> >>>>>+ */
> >>>>>+static int lib_rsa_verify_valid(struct unit_test_state *uts)
> >>>>>+{
> >>>>>+	struct image_sign_info info;
> >>>>>+	struct image_region reg;
> >>>>>+	int ret;
> >>>>>+
> >>>>>+	memset(&info, '\0', sizeof(info));
> >>>>>+	info.name = "sha256,rsa2048";
> >>>>>+	info.padding = image_get_padding_algo("pkcs-1.5");
> >>>>>+	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> >>>>>+	info.crypto = image_get_crypto_algo(info.name);
> >>>>>+
> >>>>>+	info.key = public_key;
> >>>>>+	info.keylen = public_key_len;
> >>>>>+
> >>>>>+	reg.data = data_raw;
> >>>>>+	reg.size = data_raw_len;
> >>>>>+	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> >>>>>+	ut_assertf(ret == 0, "verification unexpectedly failed (%d)\n", ret);
> >>>>>+
> >>>>>+	return CMD_RET_SUCCESS;
> >>>>>+}
> >>>>>+
> >>>>>+LIB_TEST(lib_rsa_verify_valid, 0);
> >>>>>+
> >>>>>+/**
> >>>>>+ * lib_rsa_verify_invalid() - unit test for rsa_verify()
> >>>>>+ *
> >>>>>+ * Test rsa_verify() with invalid hash
> >>>>>+ *
> >>>>>+ * @uts:	unit test state
> >>>>>+ * Return:	0 = success, 1 = failure
> >>>>>+ */
> >>>>>+static int lib_rsa_verify_invalid(struct unit_test_state *uts)
> >>>>>+{
> >>>>>+	struct image_sign_info info;
> >>>>>+	struct image_region reg;
> >>>>>+	unsigned char ctmp;
> >>>>>+	int ret;
> >>>>>+
> >>>>>+	memset(&info, '\0', sizeof(info));
> >>>>>+	info.name = "sha256,rsa2048";
> >>>>>+	info.padding = image_get_padding_algo("pkcs-1.5");
> >>>>>+	info.checksum = image_get_checksum_algo("sha256,rsa2048");
> >>>>>+	info.crypto = image_get_crypto_algo(info.name);
> >>>>>+
> >>>>>+	info.key = public_key;
> >>>>>+	info.keylen = public_key_len;
> >>>>>+
> >>>>>+	/* randomly corrupt enc'ed data */
> >>>>>+	ctmp = data_enc[data_enc_len - 10];
> >>>>>+	data_enc[data_enc_len - 10] = 0x12;
> >>>>>+
> >>>>>+	reg.data = data_raw;
> >>>>>+	reg.size = data_raw_len;
> >>>>>+	ret = rsa_verify(&info, &reg, 1, data_enc, data_enc_len);
> >>>>>+
> >>>>>+	/* revert a change */
> >>>>>+	data_enc[data_enc_len - 10] = ctmp;
> >>>>>+
> >>>>>+	ut_assertf(ret != 0, "verification unexpectedly succeeded\n");
> >>>>>+
> >>>>>+	return CMD_RET_SUCCESS;
> >>>>>+}
> >>>>>+
> >>>>>+LIB_TEST(lib_rsa_verify_invalid, 0);
> >>>>>+#endif /* RSA_VERIFY_WITH_PKEY */
> >>>>>
> >>>
> >>
> >
>

Tom Rini Jan. 21, 2020, 3:40 p.m. UTC | #8

On Tue, Jan 21, 2020 at 02:48:52PM +0900, AKASHI Takahiro wrote:
> On Fri, Jan 17, 2020 at 06:26:34AM +0100, Heinrich Schuchardt wrote:
> > On 1/17/20 2:53 AM, AKASHI Takahiro wrote:
> > >On Tue, Jan 14, 2020 at 01:04:58PM +0100, Heinrich Schuchardt wrote:
> > >>On 1/14/20 8:33 AM, AKASHI Takahiro wrote:
> > >>>On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
> > >>>>
> > >>>>
> > >>>>On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> > >>>>>In this patch, a very simple test is added to verify that rsa_verify()
> > >>>>>using rsa_verify_with_pkey() work correctly.
> > >>>>>
> > >>>>>To keep the code simple, all the test data, either public key and
> > >>>>>verified binary data, are embedded in the source.
> > >>>>>
> > >>>>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> > >>>>>---
> > >>>>>  test/Kconfig      |  12 +++
> > >>>>>  test/lib/Makefile |   1 +
> > >>>>>  test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
> > >>>>>  3 files changed, 219 insertions(+)
> > >>>>>  create mode 100644 test/lib/rsa.c
> > >>>>>
> > >>>>>diff --git a/test/Kconfig b/test/Kconfig
> > >>>>>index cb7954041eda..64d76c3b20a5 100644
> > >>>>>--- a/test/Kconfig
> > >>>>>+++ b/test/Kconfig
> > >>>>>@@ -28,6 +28,18 @@ config UT_LIB_ASN1
> > >>>>>  	  Enables a test which exercises asn1 compiler and decoder function
> > >>>>>  	  via various parsers.
> > >>>>>
> > >>>>>+config UT_LIB_RSA
> > >>>>>+	bool "Unit test for rsa_verify() function"
> > >>>>>+	imply RSA
> > >>>>>+	imply ASYMMETRIC_KEY_TYPE
> > >>>>>+	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> > >>>>>+	imply RSA_PUBLIC_KEY_PARSER
> > >>>>>+	imply RSA_VERIFY_WITH_PKEY
> > >>>>
> > >>>>This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
> > >>>>executed otherwise.
> > >>>
> > >>>See below.
> > >>>
> > >>>>Best regards
> > >>>>
> > >>>>Heinrich
> > >>>>
> > >>>>>+	default y
> > >>>>>+	help
> > >>>>>+	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
> > >>>>>+	  only, at the 'ut lib' command.
> > >>>>>+
> > >>>>>  endif
> > >>>>>
> > >>>>>  config UT_TIME
> > >>>>>diff --git a/test/lib/Makefile b/test/lib/Makefile
> > >>>>>index 72d2ec74b5f4..2bf6ef3935bb 100644
> > >>>>>--- a/test/lib/Makefile
> > >>>>>+++ b/test/lib/Makefile
> > >>>>>@@ -8,3 +8,4 @@ obj-y += lmb.o
> > >>>>>  obj-y += string.o
> > >>>>>  obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
> > >>>>>  obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> > >>>>>+obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> > >>>>>diff --git a/test/lib/rsa.c b/test/lib/rsa.c
> > >>>>>new file mode 100644
> > >>>>>index 000000000000..44f8ade226f4
> > >>>>>--- /dev/null
> > >>>>>+++ b/test/lib/rsa.c
> > >>>>>@@ -0,0 +1,206 @@
> > >>>>>+// SPDX-License-Identifier: GPL-2.0+
> > >>>>>+/*
> > >>>>>+ * Copyright (c) 2019 Linaro Limited
> > >>>>>+ * Author: AKASHI Takahiro
> > >>>>>+ *
> > >>>>>+ * Unit test for rsa_verify() function
> > >>>>>+ */
> > >>>>>+
> > >>>>>+#include <common.h>
> > >>>>>+#include <command.h>
> > >>>>>+#include <image.h>
> > >>>>>+#include <test/lib.h>
> > >>>>>+#include <test/test.h>
> > >>>>>+#include <test/ut.h>
> > >>>>>+#include <u-boot/rsa.h>
> > >>>>>+
> > >>>>>+#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
> > >>>>
> > >>>>Please, remove this ifdef. Simply do not build this module if
> > >>>>CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
> > >>>
> > >>>That is why I added this #ifdef here to avoid a build error.
> > >>>I think it is a good idea to make test code as generic as possible
> > >>>to easily add more test cases.
> > >>
> > >>It is preferable to move configuration dependencies to the Makefile.
> > >>
> > >>You can create a new C file if you have tests needing a different
> > >>configuration.
> > >>
> > >>test/lib/rsa_verify.c might be a better name for the file.
> > >>
> > >>In test/Kconfig, please, replace
> > >>
> > >>config UT_LIB_RSA
> > >>         bool "Unit test for rsa_verify() function"
> > >>         imply RSA
> > >>
> > >>by
> > >>
> > >>config UT_LIB_RSA
> > >>         bool "Unit test for rsa_verify() function"
> > >>	default y
> > >>         depends on RSA
> > >
> > >Initially in my development code, I did the exact same thing,
> > >but I didn't adopt this approach.
> > >
> > >If we follow your proposal, UT_LIB_RSA won't be selected
> > >unless RSA is enabled.
> > >So UT_LIB_RSA won't be executed under most existing configurations
> > >in the current CI.  This was not what I wanted.
> > >
> > >What I wanted here is that, if UT (and UT_LIB) is selected, all
> > >the configurations needed for enabling all the test cases be
> > >also selected *automatically*.
> > 
> > What I want is that if I run 'make menuconfig' and select CONFIG_UT
> > manually I end up with a configuration that compiles and that does what
> > I have configured.
> 
> Hmm, that is what I intend to do here, but the code doesn't work
> as I expected. It works only if CONFIG_UT_LIB_RSA is on in *defconfig.
> 
> So I have no option other than changing reverse dependencies as follows,
>     CONFIG_UT_LIB_RSA
>       select IMAGE_SIGN_INFO
>       select RSA
>       imply RSA_VERIFY_WITH_PKEY
> 
> Using 'select' is still safe as CONFIG_RSA has no dependency.
> (Please note we can still use 'imply' for VERIFY_WITH_PKEY here.)
> 
> Tom, do you agree to this change?

OK, my fault for not spotting it before.  Using imply (as we do today on
UT_LIB_ASN1) is wrong.  All of the tests should "depends on" what they
need in order to function.  Thanks!

AKASHI Takahiro Jan. 22, 2020, 12:22 a.m. UTC | #9

On Tue, Jan 21, 2020 at 10:40:23AM -0500, Tom Rini wrote:
> On Tue, Jan 21, 2020 at 02:48:52PM +0900, AKASHI Takahiro wrote:
> > On Fri, Jan 17, 2020 at 06:26:34AM +0100, Heinrich Schuchardt wrote:
> > > On 1/17/20 2:53 AM, AKASHI Takahiro wrote:
> > > >On Tue, Jan 14, 2020 at 01:04:58PM +0100, Heinrich Schuchardt wrote:
> > > >>On 1/14/20 8:33 AM, AKASHI Takahiro wrote:
> > > >>>On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
> > > >>>>
> > > >>>>
> > > >>>>On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> > > >>>>>In this patch, a very simple test is added to verify that rsa_verify()
> > > >>>>>using rsa_verify_with_pkey() work correctly.
> > > >>>>>
> > > >>>>>To keep the code simple, all the test data, either public key and
> > > >>>>>verified binary data, are embedded in the source.
> > > >>>>>
> > > >>>>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> > > >>>>>---
> > > >>>>>  test/Kconfig      |  12 +++
> > > >>>>>  test/lib/Makefile |   1 +
> > > >>>>>  test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
> > > >>>>>  3 files changed, 219 insertions(+)
> > > >>>>>  create mode 100644 test/lib/rsa.c
> > > >>>>>
> > > >>>>>diff --git a/test/Kconfig b/test/Kconfig
> > > >>>>>index cb7954041eda..64d76c3b20a5 100644
> > > >>>>>--- a/test/Kconfig
> > > >>>>>+++ b/test/Kconfig
> > > >>>>>@@ -28,6 +28,18 @@ config UT_LIB_ASN1
> > > >>>>>  	  Enables a test which exercises asn1 compiler and decoder function
> > > >>>>>  	  via various parsers.
> > > >>>>>
> > > >>>>>+config UT_LIB_RSA
> > > >>>>>+	bool "Unit test for rsa_verify() function"
> > > >>>>>+	imply RSA
> > > >>>>>+	imply ASYMMETRIC_KEY_TYPE
> > > >>>>>+	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> > > >>>>>+	imply RSA_PUBLIC_KEY_PARSER
> > > >>>>>+	imply RSA_VERIFY_WITH_PKEY
> > > >>>>
> > > >>>>This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
> > > >>>>executed otherwise.
> > > >>>
> > > >>>See below.
> > > >>>
> > > >>>>Best regards
> > > >>>>
> > > >>>>Heinrich
> > > >>>>
> > > >>>>>+	default y
> > > >>>>>+	help
> > > >>>>>+	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
> > > >>>>>+	  only, at the 'ut lib' command.
> > > >>>>>+
> > > >>>>>  endif
> > > >>>>>
> > > >>>>>  config UT_TIME
> > > >>>>>diff --git a/test/lib/Makefile b/test/lib/Makefile
> > > >>>>>index 72d2ec74b5f4..2bf6ef3935bb 100644
> > > >>>>>--- a/test/lib/Makefile
> > > >>>>>+++ b/test/lib/Makefile
> > > >>>>>@@ -8,3 +8,4 @@ obj-y += lmb.o
> > > >>>>>  obj-y += string.o
> > > >>>>>  obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
> > > >>>>>  obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> > > >>>>>+obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> > > >>>>>diff --git a/test/lib/rsa.c b/test/lib/rsa.c
> > > >>>>>new file mode 100644
> > > >>>>>index 000000000000..44f8ade226f4
> > > >>>>>--- /dev/null
> > > >>>>>+++ b/test/lib/rsa.c
> > > >>>>>@@ -0,0 +1,206 @@
> > > >>>>>+// SPDX-License-Identifier: GPL-2.0+
> > > >>>>>+/*
> > > >>>>>+ * Copyright (c) 2019 Linaro Limited
> > > >>>>>+ * Author: AKASHI Takahiro
> > > >>>>>+ *
> > > >>>>>+ * Unit test for rsa_verify() function
> > > >>>>>+ */
> > > >>>>>+
> > > >>>>>+#include <common.h>
> > > >>>>>+#include <command.h>
> > > >>>>>+#include <image.h>
> > > >>>>>+#include <test/lib.h>
> > > >>>>>+#include <test/test.h>
> > > >>>>>+#include <test/ut.h>
> > > >>>>>+#include <u-boot/rsa.h>
> > > >>>>>+
> > > >>>>>+#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
> > > >>>>
> > > >>>>Please, remove this ifdef. Simply do not build this module if
> > > >>>>CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
> > > >>>
> > > >>>That is why I added this #ifdef here to avoid a build error.
> > > >>>I think it is a good idea to make test code as generic as possible
> > > >>>to easily add more test cases.
> > > >>
> > > >>It is preferable to move configuration dependencies to the Makefile.
> > > >>
> > > >>You can create a new C file if you have tests needing a different
> > > >>configuration.
> > > >>
> > > >>test/lib/rsa_verify.c might be a better name for the file.
> > > >>
> > > >>In test/Kconfig, please, replace
> > > >>
> > > >>config UT_LIB_RSA
> > > >>         bool "Unit test for rsa_verify() function"
> > > >>         imply RSA
> > > >>
> > > >>by
> > > >>
> > > >>config UT_LIB_RSA
> > > >>         bool "Unit test for rsa_verify() function"
> > > >>	default y
> > > >>         depends on RSA
> > > >
> > > >Initially in my development code, I did the exact same thing,
> > > >but I didn't adopt this approach.
> > > >
> > > >If we follow your proposal, UT_LIB_RSA won't be selected
> > > >unless RSA is enabled.
> > > >So UT_LIB_RSA won't be executed under most existing configurations
> > > >in the current CI.  This was not what I wanted.
> > > >
> > > >What I wanted here is that, if UT (and UT_LIB) is selected, all
> > > >the configurations needed for enabling all the test cases be
> > > >also selected *automatically*.
> > > 
> > > What I want is that if I run 'make menuconfig' and select CONFIG_UT
> > > manually I end up with a configuration that compiles and that does what
> > > I have configured.
> > 
> > Hmm, that is what I intend to do here, but the code doesn't work
> > as I expected. It works only if CONFIG_UT_LIB_RSA is on in *defconfig.
> > 
> > So I have no option other than changing reverse dependencies as follows,
> >     CONFIG_UT_LIB_RSA
> >       select IMAGE_SIGN_INFO
> >       select RSA
> >       imply RSA_VERIFY_WITH_PKEY
> > 
> > Using 'select' is still safe as CONFIG_RSA has no dependency.
> > (Please note we can still use 'imply' for VERIFY_WITH_PKEY here.)
> > 
> > Tom, do you agree to this change?
> 
> OK, my fault for not spotting it before.  Using imply (as we do today on
> UT_LIB_ASN1) is wrong.  All of the tests should "depends on" what they
> need in order to function.  Thanks!

I know that using "depends on" is an obvious solution here, but
in that case, we won't run those tests automatically in CI unless
the dependency targets, like CONFIG_RSA, are explicitly or
implicitly enabled by *defconfig.

Is that OK for you?

-Takahiro Akashi

> -- 
> Tom

Tom Rini Jan. 22, 2020, 12:26 a.m. UTC | #10

On Wed, Jan 22, 2020 at 09:22:42AM +0900, AKASHI Takahiro wrote:
> On Tue, Jan 21, 2020 at 10:40:23AM -0500, Tom Rini wrote:
> > On Tue, Jan 21, 2020 at 02:48:52PM +0900, AKASHI Takahiro wrote:
> > > On Fri, Jan 17, 2020 at 06:26:34AM +0100, Heinrich Schuchardt wrote:
> > > > On 1/17/20 2:53 AM, AKASHI Takahiro wrote:
> > > > >On Tue, Jan 14, 2020 at 01:04:58PM +0100, Heinrich Schuchardt wrote:
> > > > >>On 1/14/20 8:33 AM, AKASHI Takahiro wrote:
> > > > >>>On Wed, Jan 08, 2020 at 06:43:51PM +0100, Heinrich Schuchardt wrote:
> > > > >>>>
> > > > >>>>
> > > > >>>>On 11/21/19 1:11 AM, AKASHI Takahiro wrote:
> > > > >>>>>In this patch, a very simple test is added to verify that rsa_verify()
> > > > >>>>>using rsa_verify_with_pkey() work correctly.
> > > > >>>>>
> > > > >>>>>To keep the code simple, all the test data, either public key and
> > > > >>>>>verified binary data, are embedded in the source.
> > > > >>>>>
> > > > >>>>>Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
> > > > >>>>>---
> > > > >>>>>  test/Kconfig      |  12 +++
> > > > >>>>>  test/lib/Makefile |   1 +
> > > > >>>>>  test/lib/rsa.c    | 206 ++++++++++++++++++++++++++++++++++++++++++++++
> > > > >>>>>  3 files changed, 219 insertions(+)
> > > > >>>>>  create mode 100644 test/lib/rsa.c
> > > > >>>>>
> > > > >>>>>diff --git a/test/Kconfig b/test/Kconfig
> > > > >>>>>index cb7954041eda..64d76c3b20a5 100644
> > > > >>>>>--- a/test/Kconfig
> > > > >>>>>+++ b/test/Kconfig
> > > > >>>>>@@ -28,6 +28,18 @@ config UT_LIB_ASN1
> > > > >>>>>  	  Enables a test which exercises asn1 compiler and decoder function
> > > > >>>>>  	  via various parsers.
> > > > >>>>>
> > > > >>>>>+config UT_LIB_RSA
> > > > >>>>>+	bool "Unit test for rsa_verify() function"
> > > > >>>>>+	imply RSA
> > > > >>>>>+	imply ASYMMETRIC_KEY_TYPE
> > > > >>>>>+	imply ASYMMETRIC_PUBLIC_KEY_SUBTYPE
> > > > >>>>>+	imply RSA_PUBLIC_KEY_PARSER
> > > > >>>>>+	imply RSA_VERIFY_WITH_PKEY
> > > > >>>>
> > > > >>>>This test should depend on RSA_VERIFY_WITH_PKEY because is cannot be
> > > > >>>>executed otherwise.
> > > > >>>
> > > > >>>See below.
> > > > >>>
> > > > >>>>Best regards
> > > > >>>>
> > > > >>>>Heinrich
> > > > >>>>
> > > > >>>>>+	default y
> > > > >>>>>+	help
> > > > >>>>>+	  Enables rsa_verify() test, currently rsa_verify_with_pkey only()
> > > > >>>>>+	  only, at the 'ut lib' command.
> > > > >>>>>+
> > > > >>>>>  endif
> > > > >>>>>
> > > > >>>>>  config UT_TIME
> > > > >>>>>diff --git a/test/lib/Makefile b/test/lib/Makefile
> > > > >>>>>index 72d2ec74b5f4..2bf6ef3935bb 100644
> > > > >>>>>--- a/test/lib/Makefile
> > > > >>>>>+++ b/test/lib/Makefile
> > > > >>>>>@@ -8,3 +8,4 @@ obj-y += lmb.o
> > > > >>>>>  obj-y += string.o
> > > > >>>>>  obj-$(CONFIG_ERRNO_STR) += test_errno_str.o
> > > > >>>>>  obj-$(CONFIG_UT_LIB_ASN1) += asn1.o
> > > > >>>>>+obj-$(CONFIG_UT_LIB_RSA) += rsa.o
> > > > >>>>>diff --git a/test/lib/rsa.c b/test/lib/rsa.c
> > > > >>>>>new file mode 100644
> > > > >>>>>index 000000000000..44f8ade226f4
> > > > >>>>>--- /dev/null
> > > > >>>>>+++ b/test/lib/rsa.c
> > > > >>>>>@@ -0,0 +1,206 @@
> > > > >>>>>+// SPDX-License-Identifier: GPL-2.0+
> > > > >>>>>+/*
> > > > >>>>>+ * Copyright (c) 2019 Linaro Limited
> > > > >>>>>+ * Author: AKASHI Takahiro
> > > > >>>>>+ *
> > > > >>>>>+ * Unit test for rsa_verify() function
> > > > >>>>>+ */
> > > > >>>>>+
> > > > >>>>>+#include <common.h>
> > > > >>>>>+#include <command.h>
> > > > >>>>>+#include <image.h>
> > > > >>>>>+#include <test/lib.h>
> > > > >>>>>+#include <test/test.h>
> > > > >>>>>+#include <test/ut.h>
> > > > >>>>>+#include <u-boot/rsa.h>
> > > > >>>>>+
> > > > >>>>>+#ifdef CONFIG_RSA_VERIFY_WITH_PKEY
> > > > >>>>
> > > > >>>>Please, remove this ifdef. Simply do not build this module if
> > > > >>>>CONFIG_RSA_VERIFY_WITH_PKEY is not defined.
> > > > >>>
> > > > >>>That is why I added this #ifdef here to avoid a build error.
> > > > >>>I think it is a good idea to make test code as generic as possible
> > > > >>>to easily add more test cases.
> > > > >>
> > > > >>It is preferable to move configuration dependencies to the Makefile.
> > > > >>
> > > > >>You can create a new C file if you have tests needing a different
> > > > >>configuration.
> > > > >>
> > > > >>test/lib/rsa_verify.c might be a better name for the file.
> > > > >>
> > > > >>In test/Kconfig, please, replace
> > > > >>
> > > > >>config UT_LIB_RSA
> > > > >>         bool "Unit test for rsa_verify() function"
> > > > >>         imply RSA
> > > > >>
> > > > >>by
> > > > >>
> > > > >>config UT_LIB_RSA
> > > > >>         bool "Unit test for rsa_verify() function"
> > > > >>	default y
> > > > >>         depends on RSA
> > > > >
> > > > >Initially in my development code, I did the exact same thing,
> > > > >but I didn't adopt this approach.
> > > > >
> > > > >If we follow your proposal, UT_LIB_RSA won't be selected
> > > > >unless RSA is enabled.
> > > > >So UT_LIB_RSA won't be executed under most existing configurations
> > > > >in the current CI.  This was not what I wanted.
> > > > >
> > > > >What I wanted here is that, if UT (and UT_LIB) is selected, all
> > > > >the configurations needed for enabling all the test cases be
> > > > >also selected *automatically*.
> > > > 
> > > > What I want is that if I run 'make menuconfig' and select CONFIG_UT
> > > > manually I end up with a configuration that compiles and that does what
> > > > I have configured.
> > > 
> > > Hmm, that is what I intend to do here, but the code doesn't work
> > > as I expected. It works only if CONFIG_UT_LIB_RSA is on in *defconfig.
> > > 
> > > So I have no option other than changing reverse dependencies as follows,
> > >     CONFIG_UT_LIB_RSA
> > >       select IMAGE_SIGN_INFO
> > >       select RSA
> > >       imply RSA_VERIFY_WITH_PKEY
> > > 
> > > Using 'select' is still safe as CONFIG_RSA has no dependency.
> > > (Please note we can still use 'imply' for VERIFY_WITH_PKEY here.)
> > > 
> > > Tom, do you agree to this change?
> > 
> > OK, my fault for not spotting it before.  Using imply (as we do today on
> > UT_LIB_ASN1) is wrong.  All of the tests should "depends on" what they
> > need in order to function.  Thanks!
> 
> I know that using "depends on" is an obvious solution here, but
> in that case, we won't run those tests automatically in CI unless
> the dependency targets, like CONFIG_RSA, are explicitly or
> implicitly enabled by *defconfig.
> 
> Is that OK for you?

Yes, I expect them to be enabled in sandbox and relevant qemu targets to
get broad testing here as that is part of the reason for those targets.
In fact, sandbox should always be a priority to build-support, that is
also where we get Coverity scans run.

[U-Boot,v4,6/6] test: add rsa_verify() unit test

Commit Message

Comments

Patch