Hi Patrick,
On Mon, 2021-07-05 at 17:49 +0200, Patrick Uiterwijk wrote:
> This adds a test with a small program that calls the sign_hash API, to
> ensure that that codepath works.
>
> Signed-off-by: Patrick Uiterwijk <patrick@xxxxxxxxxxxxxx>
> Reviewed-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
Somehow I missed that running the test without this patch the summary
"SKIP" info matches the "skipped" messages, but running with the patch
there's a discrepancy.
$ ./sign_verify.test &> /tmp/sign_verify.log
$ tail -5 /tmp/sign_verify.log
evmctl ima_sign failed properly with (1)
EVP_get_digestbyname(md_gost12_512) failed
errno: No such file or directory (2)
PASS: 127 SKIP: 20 FAIL: 0
$ grep "skipped" /tmp/sign_verify.log | wc -l
20
$ tail -5 /tmp/sign_verify.log-api
evmctl ima_sign: no detached signature md_gost12_512.txt~.sig
rm: cannot remove 'md_gost12_512.txt~': No such file or directory
PASS: 175 SKIP: 32 FAIL: 0
$ grep "skipped" /tmp/sign_verify.log-api | wc -l
30
> diff --git a/tests/sign_verify.apitest.c b/tests/sign_verify.apitest.c
> new file mode 100644
> index 0000000..3fcd043
> --- /dev/null
> +++ b/tests/sign_verify.apitest.c
> @@ -0,0 +1,55 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * sign_verify.apitest: Test program for verifying sign_hash
> + *
> + * Copyright (C) 2021 Patrick Uiterwijk <patrick@xxxxxxxxxxxxxx>
> + * Copyright (C) 2013,2014 Samsung Electronics
> + * Copyright (C) 2011,2012,2013 Intel Corporation
> + * Copyright (C) 2011 Nokia Corporation
> + */
As this is a new file and test, the copyrights other than your own are
unnecessary.
> +
> +#include <assert.h>
> +#include <stdio.h>
> +#include <string.h>
> +#include <sys/types.h>
> +#include <sys/xattr.h>
> +
> +#include "../src/imaevm.h"
> +#include "../src/utils.h"
> +
> +int main(int argc, char **argv)
> +{
> + unsigned char hash[MAX_DIGEST_SIZE];
> + unsigned char sig[MAX_SIGNATURE_SIZE];
> + int len, err;
> + char *file = argv[1];
> + char *key = argv[2];
> + char *algo = argv[3];
> + char *digest = argv[4];
> +
How about testing 'argc' before continuing?
> + len = strlen(digest) / 2;
> + if (hex2bin(hash, digest, len) != 0) {
> + fprintf(stderr, "Error during hex2bin\n");
> + return 1;
> + }
> +
> + len = sign_hash(algo, hash, len, key, NULL, sig + 1);
> + if (len <= 1) {
> + fprintf(stderr, "Error signing\n");
> + return 1;
> + }
> +
> + /* add header */
> + len++;
> + sig[0] = EVM_IMA_XATTR_DIGSIG;
> +
> + bin2file(file, "sig", sig, len);
> +
> + err = lsetxattr(file, "user.ima", sig, len, 0);
> + if (err < 0) {
> + log_err("setxattr failed: %s\n", file);
> + return 1;
> + }
> +
> + return 0;
> +}
> diff --git a/tests/sign_verify.test b/tests/sign_verify.test
> index 3d7aa51..6f92801 100755
> --- a/tests/sign_verify.test
> +++ b/tests/sign_verify.test
> @@ -125,12 +127,14 @@ _evmctl_sign() {
> # Run and test {ima_,}sign operation
> check_sign() {
> # Arguments are passed via global vars:
> - # TYPE (ima or evm),
> + # TYPE (ima, ima_api or evm),
Similarly TYPE should be updated in verify_sign as well.
thanks,
Mimi
> # KEY,
> # ALG (hash algo),
> # PREFIX (signature header prefix in hex),
> # OPTS (additional options for evmctl),
> # FILE (working file to sign).
> + [ "$TYPE" = ima_api ] && [[ "$OPTS" =~ --rsa ]] && return "$SKIP"
> +
> local "$@"
> local KEY=${KEY%.*}.key
> local FILE=${FILE:-$ALG.txt}
> @@ -268,6 +272,20 @@ sign_verify() {
> # Multiple files and some don't verify
> expect_fail check_verify FILE="/dev/null $file"
>
> + setfattr -x user.ima "$FILE"
> + rm "$FILE.sig"
> + fi
> +
> + TYPE=ima_api
> + if expect_pass check_sign; then
> +
> + # Normal verify with proper key should pass
> + expect_pass check_verify
> + expect_pass check_verify OPTS="--sigfile"
> +
> + # Multiple files and some don't verify
> + expect_fail check_verify FILE="/dev/null $file"
> +
> rm "$FILE.sig"
> fi
>
