vboot_reference: add in the VbootCrypto tests into vboot_reference git repo

Change-Id: I7a46dc2ea475c72703ff5bc1f88fbb021cb24c92

Review URL: http://codereview.chromium.org/3143029

autotest/firmware_VbootCrypto/control

@@ -0,0 +1,42 @@
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+AUTHOR = "ChromeOS Team"
+NAME = "firmware_VbootCrypto"
+PURPOSE = """
+Verifies Firmware Verified Boot Reference Implementation, its components, and
+crypto performance.
+"""
+CRITERIA = """
+This test is a benchmark.
+
+Errors in any of the following tests will cause a failure:
+  - _sha_test()
+  - _rsa_test()
+  - _image_verification_test()
+  - _rollback_tests()
+  - _splicing_tests()
+"""
+TIME = "LONG"
+TEST_CATEGORY = "Functional"
+TEST_CLASS = "firmware"
+TEST_TYPE = "client"
+
+DOC = """
+This test implements various RSA and SHA by creating and verifying various
+keys and hashes. It will generate public key signatures using sha1, sha256,
+and sha512 algorithms with key lengths of 1024, 2048, 4096, and 8192. RSA
+padding tests will then be run to verify them. Tests are also run to verify
+the correctness of firmware and kernel image verification.
+"""
+
+test_suites = [
+    'crypto',  # RSA Signature Verification and SHA* Correctness.
+    'verification',  # Firmware and Kernel Image Verification.
+    'benchmarks',  # Crypto and Image Verification benchmarks.
+    'rollback',  # Firmware/Kernel Rollback Prevention.
+    'splicing',  # Image Splicing Attack.
+]
+for suite in test_suites:
+  job.run_test('firmware_VbootCrypto', suite=suite, tag=suite)

autotest/firmware_VbootCrypto/firmware_VbootCrypto.py

@@ -0,0 +1,190 @@
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import os
+
+from autotest_lib.client.bin import test, utils
+from autotest_lib.client.common_lib import error
+
+class firmware_VbootCrypto(test.test):
+    """
+    Tests for correctness of verified boot reference crypto implementation.
+    """
+    version = 1
+    preserve_srcdir = True
+
+    # TODO(gauravsh): Disable this autotest until we have a way
+    # of running these in a 64-bit environment (since for x86, this
+    # code is run in 64-bit mode.
+    #
+    # This issue is tracked as Issue 3792 on the Chromium OS Bug Tracker.
+    # http://code.google.com/p/chromium-os/issues/detail?id=3792
+    def setup_Disabled(self):
+        os.chdir(self.srcdir)
+        utils.make('clean all')
+
+
+    # Parses the [result] and output the key-value pairs.
+    def __output_result_keyvals(self, results):
+        for keyval in results.splitlines():
+            if keyval.strip().startswith('#'):
+                continue
+            key, val = keyval.split(':')
+            self.keyvals[key.strip()] = float(val)
+
+
+    def __generate_test_cases(self):
+        gen_test_case_cmd = os.path.join(self.srcdir, "tests",
+                                         "gen_test_cases.sh")
+        return_code = utils.system(gen_test_case_cmd, ignore_status = True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("Couldn't generate test cases")
+        return True
+
+
+    def __sha_test(self):
+        sha_test_cmd = os.path.join(self.srcdir, "tests", "sha_tests")
+        return_code = utils.system(sha_test_cmd, ignore_status=True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("SHA Test Error")
+        return True
+
+
+    def __rsa_test(self):
+        os.chdir(self.srcdir)
+        rsa_test_cmd = os.path.join(self.srcdir, "tests",
+                                    "run_rsa_tests.sh")
+        return_code = utils.system(rsa_test_cmd, ignore_status=True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("RSA Test Error")
+        return True
+
+
+    def __image_verification_test(self):
+        image_verification_cmd = "cd %s && ./run_image_verification_tests.sh" \
+                                 % os.path.join(self.srcdir, "tests")
+        return_code = utils.system(image_verification_cmd,
+                                   ignore_status=True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("Image Verification Test Error")
+        return True
+
+
+    def __sha_benchmark(self):
+        sha_benchmark_cmd = os.path.join(self.srcdir, "tests",
+                                         "sha_benchmark")
+        self.results = utils.system_output(sha_benchmark_cmd,
+                                           retain_output=True)
+        self.__output_result_keyvals(self.results)
+
+
+    def __rsa_benchmark(self):
+        rsa_benchmark_cmd = "cd %s && ./rsa_verify_benchmark" % \
+                            os.path.join(self.srcdir, "tests")
+        self.results = utils.system_output(rsa_benchmark_cmd,
+                                           retain_output=True)
+        self.__output_result_keyvals(self.results)
+
+
+    def __verify_image_benchmark(self):
+        firmware_benchmark_cmd = "cd %s && ./firmware_verify_benchmark" % \
+                                 os.path.join(self.srcdir, "tests")
+        kernel_benchmark_cmd = "cd %s && ./kernel_verify_benchmark" % \
+                                 os.path.join(self.srcdir, "tests")
+        self.results = utils.system_output(firmware_benchmark_cmd,
+                                           retain_output=True)
+        self.__output_result_keyvals(self.results)
+        self.results = utils.system_output(kernel_benchmark_cmd,
+                                           retain_output=True)
+        self.__output_result_keyvals(self.results)
+
+
+    def __rollback_tests(self):
+        firmware_rollback_test_cmd = "cd %s && ./firmware_rollback_tests" % \
+                                     os.path.join(self.srcdir, "tests")
+        kernel_rollback_test_cmd = "cd %s && ./kernel_rollback_tests" % \
+                                     os.path.join(self.srcdir, "tests")
+        return_code = utils.system(firmware_rollback_test_cmd,
+                                   ignore_status=True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("Firmware Rollback Test Error")
+
+        return_code = utils.system(kernel_rollback_test_cmd,
+                                   ignore_status=True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("KernelRollback Test Error")
+        return True
+
+
+    def __splicing_tests(self):
+        firmware_splicing_test_cmd = "cd %s && ./firmware_splicing_tests" % \
+                                     os.path.join(self.srcdir, "tests")
+        kernel_splicing_test_cmd = "cd %s && ./kernel_splicing_tests" % \
+                                     os.path.join(self.srcdir, "tests")
+        return_code = utils.system(firmware_splicing_test_cmd,
+                                   ignore_status=True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("Firmware Splicing Test Error")
+
+        return_code = utils.system(kernel_splicing_test_cmd,
+                                   ignore_status=True)
+        if return_code == 255:
+            return False
+        if return_code == 1:
+            raise error.TestError("Kernel Splicing Test Error")
+        return True
+
+
+    def run_crypto(self):
+        success = self.__sha_test()
+        if not success:
+            raise error.TestFail("SHA Test Failed")
+        success = self.__rsa_test()
+        if not success:
+            raise error.TestFail("RSA Test Failed")
+
+
+    def run_verification(self):
+        success = self.__image_verification_test()
+        if not success:
+            raise error.TestFail("Image Verification Test Failed")
+
+
+    def run_benchmarks(self):
+        self.keyvals = {}
+        self.__sha_benchmark()
+        self.__rsa_benchmark()
+        self.__verify_image_benchmark()
+        self.write_perf_keyval(self.keyvals)
+
+
+    def run_rollback(self):
+        success = self.__rollback_tests()
+        if not success:
+            raise error.TestFail("Rollback Tests Failed")
+
+
+    def run_splicing(self):
+        success = self.__splicing_tests()
+        if not success:
+            raise error.TestFail("Splicing Tests Failed")
+
+
+    def run_once(self, suite='crypto'):
+        self.__generate_test_cases()
+        getattr(self, 'run_' + suite)()

autotest/firmware_VbootCrypto/src/Makefile

@@ -0,0 +1,55 @@
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+VBOOT_REFERENCE_DIR = ../../..
+BUILD_TEST_DIR = vboot_reference
+# Test Binaries.
+TEST_BINS = \
+	common.sh \
+	firmware_image_tests \
+	firmware_rollback_tests \
+	firmware_splicing_tests \
+	firmware_verify_benchmark \
+	gen_test_cases.sh \
+	kernel_image_tests \
+	kernel_rollback_tests \
+	kernel_splicing_tests \
+	kernel_verify_benchmark \
+	rsa_padding_test \
+	rsa_verify_benchmark \
+	run_image_verification_tests.sh \
+	run_rsa_tests.sh \
+	sha_benchmark \
+	sha_tests \
+	testcases \
+	testkeys
+
+# Utility Binaries.
+UTIL_BINS = verify_data signature_digest_utility
+
+all: 
+        # Copy test sources into a temporary directory for building.
+	rm -rf $(BUILD_TEST_DIR)
+	# only copy stuff that's not us
+	sh -c \
+	'for dir in $(VBOOT_REFERENCE_DIR)/*; do \
+		[ "$${dir}" != "$(VBOOT_REFERENCE_DIR)/autotest" ] && cp -r $${dir} .; \
+	done'
+        # Always build from scratch.
+	$(MAKE) -C $(BUILD_TEST_DIR) clean all
+        # Move test binaries for use by the tests.
+	mkdir -p tests
+	set -e; for i in $(TEST_BINS); do \
+	  mv $(BUILD_TEST_DIR)/tests/$$i tests/ ;\
+	done
+        # Move utility binaries used by the tests.
+	mkdir -p utility
+	set -e; for i in $(UTIL_BINS); do \
+	  mv $(BUILD_TEST_DIR)/utility/$$i utility/ ;\
+	done
+        # Delete sources.
+	rm -rf $(BUILD_TEST_DIR)
+
+clean:
+	rm -rf utility/ tests/