diff options
Diffstat (limited to 'pkg/merkletree')
| -rw-r--r-- | pkg/merkletree/BUILD | 10 | ||||
| -rw-r--r-- | pkg/merkletree/merkletree.go | 142 | ||||
| -rw-r--r-- | pkg/merkletree/merkletree_test.go | 1254 |
3 files changed, 1039 insertions, 367 deletions
diff --git a/pkg/merkletree/BUILD b/pkg/merkletree/BUILD index a8fcb2e19..501a9ef21 100644 --- a/pkg/merkletree/BUILD +++ b/pkg/merkletree/BUILD @@ -6,12 +6,18 @@ go_library( name = "merkletree", srcs = ["merkletree.go"], visibility = ["//pkg/sentry:internal"], - deps = ["//pkg/usermem"], + deps = [ + "//pkg/abi/linux", + "//pkg/usermem", + ], ) go_test( name = "merkletree_test", srcs = ["merkletree_test.go"], library = ":merkletree", - deps = ["//pkg/usermem"], + deps = [ + "//pkg/abi/linux", + "//pkg/usermem", + ], ) diff --git a/pkg/merkletree/merkletree.go b/pkg/merkletree/merkletree.go index d8227b8bd..aea7dde38 100644 --- a/pkg/merkletree/merkletree.go +++ b/pkg/merkletree/merkletree.go @@ -18,21 +18,33 @@ package merkletree import ( "bytes" "crypto/sha256" + "crypto/sha512" + "encoding/gob" "fmt" "io" + "gvisor.dev/gvisor/pkg/abi/linux" "gvisor.dev/gvisor/pkg/usermem" ) const ( // sha256DigestSize specifies the digest size of a SHA256 hash. sha256DigestSize = 32 + // sha512DigestSize specifies the digest size of a SHA512 hash. + sha512DigestSize = 64 ) // DigestSize returns the size (in bytes) of a digest. -// TODO(b/156980949): Allow config other hash methods (SHA384/SHA512). -func DigestSize() int { - return sha256DigestSize +// TODO(b/156980949): Allow config SHA384. +func DigestSize(hashAlgorithm int) int { + switch hashAlgorithm { + case linux.FS_VERITY_HASH_ALG_SHA256: + return sha256DigestSize + case linux.FS_VERITY_HASH_ALG_SHA512: + return sha512DigestSize + default: + return -1 + } } // Layout defines the scale of a Merkle tree. @@ -51,11 +63,19 @@ type Layout struct { // InitLayout initializes and returns a new Layout object describing the structure // of a tree. dataSize specifies the size of input data in bytes. -func InitLayout(dataSize int64, dataAndTreeInSameFile bool) Layout { +func InitLayout(dataSize int64, hashAlgorithms int, dataAndTreeInSameFile bool) (Layout, error) { layout := Layout{ blockSize: usermem.PageSize, - // TODO(b/156980949): Allow config other hash methods (SHA384/SHA512). - digestSize: sha256DigestSize, + } + + // TODO(b/156980949): Allow config SHA384. + switch hashAlgorithms { + case linux.FS_VERITY_HASH_ALG_SHA256: + layout.digestSize = sha256DigestSize + case linux.FS_VERITY_HASH_ALG_SHA512: + layout.digestSize = sha512DigestSize + default: + return Layout{}, fmt.Errorf("unexpected hash algorithms") } // treeStart is the offset (in bytes) of the first level of the tree in @@ -88,7 +108,7 @@ func InitLayout(dataSize int64, dataAndTreeInSameFile bool) Layout { } layout.levelOffset = append(layout.levelOffset, treeStart+offset*layout.blockSize) - return layout + return layout, nil } // hashesPerBlock() returns the number of digests in each block. For example, @@ -128,23 +148,49 @@ func (layout Layout) blockOffset(level int, index int64) int64 { // meatadata. type VerityDescriptor struct { Name string + FileSize int64 Mode uint32 UID uint32 GID uint32 + Children map[string]struct{} RootHash []byte } func (d *VerityDescriptor) String() string { - return fmt.Sprintf("Name: %s, Mode: %d, UID: %d, GID: %d, RootHash: %v", d.Name, d.Mode, d.UID, d.GID, d.RootHash) + b := new(bytes.Buffer) + e := gob.NewEncoder(b) + e.Encode(d.Children) + return fmt.Sprintf("Name: %s, Size: %d, Mode: %d, UID: %d, GID: %d, Children: %v, RootHash: %v", d.Name, d.FileSize, d.Mode, d.UID, d.GID, b.Bytes(), d.RootHash) } // verify generates a hash from d, and compares it with expected. -func (d *VerityDescriptor) verify(expected []byte) error { - h := sha256.Sum256([]byte(d.String())) +func (d *VerityDescriptor) verify(expected []byte, hashAlgorithms int) error { + h, err := hashData([]byte(d.String()), hashAlgorithms) + if err != nil { + return err + } if !bytes.Equal(h[:], expected) { return fmt.Errorf("unexpected root hash") } return nil + +} + +// hashData hashes data and returns the result hash based on the hash +// algorithms. +func hashData(data []byte, hashAlgorithms int) ([]byte, error) { + var digest []byte + switch hashAlgorithms { + case linux.FS_VERITY_HASH_ALG_SHA256: + digestArray := sha256.Sum256(data) + digest = digestArray[:] + case linux.FS_VERITY_HASH_ALG_SHA512: + digestArray := sha512.Sum512(data) + digest = digestArray[:] + default: + return nil, fmt.Errorf("unexpected hash algorithms") + } + return digest, nil } // GenerateParams contains the parameters used to generate a Merkle tree. @@ -161,6 +207,11 @@ type GenerateParams struct { UID uint32 // GID is the group ID of the target file. GID uint32 + // Children is a map of children names for a directory. It should be + // empty for a regular file. + Children map[string]struct{} + // HashAlgorithms is the algorithms used to hash data. + HashAlgorithms int // TreeReader is a reader for the Merkle tree. TreeReader io.ReaderAt // TreeWriter is a writer for the Merkle tree. @@ -176,7 +227,10 @@ type GenerateParams struct { // Generate returns a hash of a VerityDescriptor, which contains the file // metadata and the hash from file content. func Generate(params *GenerateParams) ([]byte, error) { - layout := InitLayout(params.Size, params.DataAndTreeInSameFile) + layout, err := InitLayout(params.Size, params.HashAlgorithms, params.DataAndTreeInSameFile) + if err != nil { + return nil, err + } numBlocks := (params.Size + layout.blockSize - 1) / layout.blockSize @@ -218,10 +272,13 @@ func Generate(params *GenerateParams) ([]byte, error) { return nil, err } // Hash the bytes in buf. - digest := sha256.Sum256(buf) + digest, err := hashData(buf, params.HashAlgorithms) + if err != nil { + return nil, err + } if level == layout.rootLevel() { - root = digest[:] + root = digest } // Write the generated hash to the end of the tree file. @@ -241,13 +298,14 @@ func Generate(params *GenerateParams) ([]byte, error) { } descriptor := VerityDescriptor{ Name: params.Name, + FileSize: params.Size, Mode: params.Mode, UID: params.UID, GID: params.GID, + Children: params.Children, RootHash: root, } - ret := sha256.Sum256([]byte(descriptor.String())) - return ret[:], nil + return hashData([]byte(descriptor.String()), params.HashAlgorithms) } // VerifyParams contains the params used to verify a portion of a file against @@ -269,6 +327,11 @@ type VerifyParams struct { UID uint32 // GID is the group ID of the target file. GID uint32 + // Children is a map of children names for a directory. It should be + // empty for a regular file. + Children map[string]struct{} + // HashAlgorithms is the algorithms used to hash data. + HashAlgorithms int // ReadOffset is the offset of the data range to be verified. ReadOffset int64 // ReadSize is the size of the data range to be verified. @@ -287,18 +350,24 @@ type VerifyParams struct { // For verifyMetadata, params.data is not needed. It only accesses params.tree // for the raw root hash. func verifyMetadata(params *VerifyParams, layout *Layout) error { - root := make([]byte, layout.digestSize) - if _, err := params.Tree.ReadAt(root, layout.blockOffset(layout.rootLevel(), 0 /* index */)); err != nil { - return fmt.Errorf("failed to read root hash: %w", err) + var root []byte + // Only read the root hash if we expect that the Merkle tree file is non-empty. + if params.Size != 0 { + root = make([]byte, layout.digestSize) + if _, err := params.Tree.ReadAt(root, layout.blockOffset(layout.rootLevel(), 0 /* index */)); err != nil { + return fmt.Errorf("failed to read root hash: %w", err) + } } descriptor := VerityDescriptor{ Name: params.Name, + FileSize: params.Size, Mode: params.Mode, UID: params.UID, GID: params.GID, + Children: params.Children, RootHash: root, } - return descriptor.verify(params.Expected) + return descriptor.verify(params.Expected, params.HashAlgorithms) } // Verify verifies the content read from data with offset. The content is @@ -313,7 +382,10 @@ func Verify(params *VerifyParams) (int64, error) { if params.ReadSize < 0 { return 0, fmt.Errorf("unexpected read size: %d", params.ReadSize) } - layout := InitLayout(int64(params.Size), params.DataAndTreeInSameFile) + layout, err := InitLayout(int64(params.Size), params.HashAlgorithms, params.DataAndTreeInSameFile) + if err != nil { + return 0, err + } if params.ReadSize == 0 { return 0, verifyMetadata(params, &layout) } @@ -349,12 +421,14 @@ func Verify(params *VerifyParams) (int64, error) { } } descriptor := VerityDescriptor{ - Name: params.Name, - Mode: params.Mode, - UID: params.UID, - GID: params.GID, + Name: params.Name, + FileSize: params.Size, + Mode: params.Mode, + UID: params.UID, + GID: params.GID, + Children: params.Children, } - if err := verifyBlock(params.Tree, &descriptor, &layout, buf, i, params.Expected); err != nil { + if err := verifyBlock(params.Tree, &descriptor, &layout, buf, i, params.HashAlgorithms, params.Expected); err != nil { return 0, err } @@ -395,7 +469,7 @@ func Verify(params *VerifyParams) (int64, error) { // fails if the calculated hash from block is different from any level of // hashes stored in tree. And the final root hash is compared with // expected. -func verifyBlock(tree io.ReaderAt, descriptor *VerityDescriptor, layout *Layout, dataBlock []byte, blockIndex int64, expected []byte) error { +func verifyBlock(tree io.ReaderAt, descriptor *VerityDescriptor, layout *Layout, dataBlock []byte, blockIndex int64, hashAlgorithms int, expected []byte) error { if len(dataBlock) != int(layout.blockSize) { return fmt.Errorf("incorrect block size") } @@ -406,8 +480,11 @@ func verifyBlock(tree io.ReaderAt, descriptor *VerityDescriptor, layout *Layout, for level := 0; level < layout.numLevels(); level++ { // Calculate hash. if level == 0 { - digestArray := sha256.Sum256(dataBlock) - digest = digestArray[:] + h, err := hashData(dataBlock, hashAlgorithms) + if err != nil { + return err + } + digest = h } else { // Read a block in previous level that contains the // hash we just generated, and generate a next level @@ -415,8 +492,11 @@ func verifyBlock(tree io.ReaderAt, descriptor *VerityDescriptor, layout *Layout, if _, err := tree.ReadAt(treeBlock, layout.blockOffset(level-1, blockIndex)); err != nil { return err } - digestArray := sha256.Sum256(treeBlock) - digest = digestArray[:] + h, err := hashData(treeBlock, hashAlgorithms) + if err != nil { + return err + } + digest = h } // Read the digest for the current block and store in @@ -434,5 +514,5 @@ func verifyBlock(tree io.ReaderAt, descriptor *VerityDescriptor, layout *Layout, // Verification for the tree succeeded. Now hash the descriptor with // the root hash and compare it with expected. descriptor.RootHash = digest - return descriptor.verify(expected) + return descriptor.verify(expected, hashAlgorithms) } diff --git a/pkg/merkletree/merkletree_test.go b/pkg/merkletree/merkletree_test.go index e1350ebda..66ddf09e6 100644 --- a/pkg/merkletree/merkletree_test.go +++ b/pkg/merkletree/merkletree_test.go @@ -16,60 +16,134 @@ package merkletree import ( "bytes" + "errors" "fmt" "io" "math/rand" "testing" "time" + "gvisor.dev/gvisor/pkg/abi/linux" "gvisor.dev/gvisor/pkg/usermem" ) func TestLayout(t *testing.T) { testCases := []struct { + name string dataSize int64 + hashAlgorithms int dataAndTreeInSameFile bool + expectedDigestSize int64 expectedLevelOffset []int64 }{ { + name: "SmallSizeSHA256SeparateFile", dataSize: 100, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, dataAndTreeInSameFile: false, + expectedDigestSize: 32, expectedLevelOffset: []int64{0}, }, { + name: "SmallSizeSHA512SeparateFile", dataSize: 100, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + expectedDigestSize: 64, + expectedLevelOffset: []int64{0}, + }, + { + name: "SmallSizeSHA256SameFile", + dataSize: 100, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, dataAndTreeInSameFile: true, + expectedDigestSize: 32, expectedLevelOffset: []int64{usermem.PageSize}, }, { + name: "SmallSizeSHA512SameFile", + dataSize: 100, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + expectedDigestSize: 64, + expectedLevelOffset: []int64{usermem.PageSize}, + }, + { + name: "MiddleSizeSHA256SeparateFile", dataSize: 1000000, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, dataAndTreeInSameFile: false, + expectedDigestSize: 32, expectedLevelOffset: []int64{0, 2 * usermem.PageSize, 3 * usermem.PageSize}, }, { + name: "MiddleSizeSHA512SeparateFile", + dataSize: 1000000, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + expectedDigestSize: 64, + expectedLevelOffset: []int64{0, 4 * usermem.PageSize, 5 * usermem.PageSize}, + }, + { + name: "MiddleSizeSHA256SameFile", dataSize: 1000000, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, dataAndTreeInSameFile: true, + expectedDigestSize: 32, expectedLevelOffset: []int64{245 * usermem.PageSize, 247 * usermem.PageSize, 248 * usermem.PageSize}, }, { + name: "MiddleSizeSHA512SameFile", + dataSize: 1000000, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + expectedDigestSize: 64, + expectedLevelOffset: []int64{245 * usermem.PageSize, 249 * usermem.PageSize, 250 * usermem.PageSize}, + }, + { + name: "LargeSizeSHA256SeparateFile", dataSize: 4096 * int64(usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, dataAndTreeInSameFile: false, + expectedDigestSize: 32, expectedLevelOffset: []int64{0, 32 * usermem.PageSize, 33 * usermem.PageSize}, }, { + name: "LargeSizeSHA512SeparateFile", dataSize: 4096 * int64(usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + expectedDigestSize: 64, + expectedLevelOffset: []int64{0, 64 * usermem.PageSize, 65 * usermem.PageSize}, + }, + { + name: "LargeSizeSHA256SameFile", + dataSize: 4096 * int64(usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, dataAndTreeInSameFile: true, + expectedDigestSize: 32, expectedLevelOffset: []int64{4096 * usermem.PageSize, 4128 * usermem.PageSize, 4129 * usermem.PageSize}, }, + { + name: "LargeSizeSHA512SameFile", + dataSize: 4096 * int64(usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + expectedDigestSize: 64, + expectedLevelOffset: []int64{4096 * usermem.PageSize, 4160 * usermem.PageSize, 4161 * usermem.PageSize}, + }, } for _, tc := range testCases { - t.Run(fmt.Sprintf("%d", tc.dataSize), func(t *testing.T) { - l := InitLayout(tc.dataSize, tc.dataAndTreeInSameFile) + t.Run(tc.name, func(t *testing.T) { + l, err := InitLayout(tc.dataSize, tc.hashAlgorithms, tc.dataAndTreeInSameFile) + if err != nil { + t.Fatalf("Failed to InitLayout: %v", err) + } if l.blockSize != int64(usermem.PageSize) { t.Errorf("Got blockSize %d, want %d", l.blockSize, usermem.PageSize) } - if l.digestSize != sha256DigestSize { + if l.digestSize != tc.expectedDigestSize { t.Errorf("Got digestSize %d, want %d", l.digestSize, sha256DigestSize) } if l.numLevels() != len(tc.expectedLevelOffset) { @@ -118,404 +192,916 @@ func TestGenerate(t *testing.T) { // The input data has size dataSize. It starts with the data in startWith, // and all other bytes are zeroes. testCases := []struct { - data []byte - expectedHash []byte + name string + data []byte + hashAlgorithms int + dataAndTreeInSameFile bool + expectedHash []byte }{ { - data: bytes.Repeat([]byte{0}, usermem.PageSize), - expectedHash: []byte{64, 253, 58, 72, 192, 131, 82, 184, 193, 33, 108, 142, 43, 46, 179, 134, 244, 21, 29, 190, 14, 39, 66, 129, 6, 46, 200, 211, 30, 247, 191, 252}, + name: "OnePageZeroesSHA256SeparateFile", + data: bytes.Repeat([]byte{0}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + expectedHash: []byte{42, 197, 191, 52, 206, 122, 93, 34, 198, 125, 100, 154, 171, 177, 94, 14, 49, 40, 76, 157, 122, 58, 78, 6, 163, 248, 30, 238, 16, 190, 173, 175}, + }, + { + name: "OnePageZeroesSHA256SameFile", + data: bytes.Repeat([]byte{0}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + expectedHash: []byte{42, 197, 191, 52, 206, 122, 93, 34, 198, 125, 100, 154, 171, 177, 94, 14, 49, 40, 76, 157, 122, 58, 78, 6, 163, 248, 30, 238, 16, 190, 173, 175}, + }, + { + name: "OnePageZeroesSHA512SeparateFile", + data: bytes.Repeat([]byte{0}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + expectedHash: []byte{87, 131, 150, 74, 0, 218, 117, 114, 34, 23, 212, 16, 122, 97, 124, 172, 41, 46, 107, 150, 33, 46, 56, 39, 5, 246, 215, 187, 140, 83, 35, 63, 111, 74, 155, 241, 161, 214, 92, 141, 232, 125, 99, 71, 168, 102, 82, 20, 229, 249, 248, 28, 29, 238, 199, 223, 173, 180, 179, 46, 241, 240, 237, 74}, + }, + { + name: "OnePageZeroesSHA512SameFile", + data: bytes.Repeat([]byte{0}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + expectedHash: []byte{87, 131, 150, 74, 0, 218, 117, 114, 34, 23, 212, 16, 122, 97, 124, 172, 41, 46, 107, 150, 33, 46, 56, 39, 5, 246, 215, 187, 140, 83, 35, 63, 111, 74, 155, 241, 161, 214, 92, 141, 232, 125, 99, 71, 168, 102, 82, 20, 229, 249, 248, 28, 29, 238, 199, 223, 173, 180, 179, 46, 241, 240, 237, 74}, + }, + { + name: "MultiplePageZeroesSHA256SeparateFile", + data: bytes.Repeat([]byte{0}, 128*usermem.PageSize+1), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + expectedHash: []byte{115, 151, 35, 147, 223, 91, 17, 6, 162, 145, 237, 81, 88, 53, 120, 49, 128, 70, 188, 28, 254, 241, 19, 233, 30, 243, 71, 225, 57, 58, 61, 38}, + }, + { + name: "MultiplePageZeroesSHA256SameFile", + data: bytes.Repeat([]byte{0}, 128*usermem.PageSize+1), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + expectedHash: []byte{115, 151, 35, 147, 223, 91, 17, 6, 162, 145, 237, 81, 88, 53, 120, 49, 128, 70, 188, 28, 254, 241, 19, 233, 30, 243, 71, 225, 57, 58, 61, 38}, + }, + { + name: "MultiplePageZeroesSHA512SeparateFile", + data: bytes.Repeat([]byte{0}, 128*usermem.PageSize+1), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + expectedHash: []byte{41, 94, 205, 97, 254, 226, 171, 69, 76, 102, 197, 47, 113, 53, 24, 244, 103, 131, 83, 73, 87, 212, 247, 140, 32, 144, 211, 158, 25, 131, 194, 57, 21, 224, 128, 119, 69, 100, 45, 50, 157, 54, 46, 214, 152, 179, 59, 78, 28, 48, 146, 160, 204, 48, 27, 90, 152, 193, 167, 45, 150, 67, 66, 217}, + }, + { + name: "MultiplePageZeroesSHA512SameFile", + data: bytes.Repeat([]byte{0}, 128*usermem.PageSize+1), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + expectedHash: []byte{41, 94, 205, 97, 254, 226, 171, 69, 76, 102, 197, 47, 113, 53, 24, 244, 103, 131, 83, 73, 87, 212, 247, 140, 32, 144, 211, 158, 25, 131, 194, 57, 21, 224, 128, 119, 69, 100, 45, 50, 157, 54, 46, 214, 152, 179, 59, 78, 28, 48, 146, 160, 204, 48, 27, 90, 152, 193, 167, 45, 150, 67, 66, 217}, + }, + { + name: "SingleASHA256SeparateFile", + data: []byte{'a'}, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + expectedHash: []byte{52, 159, 140, 206, 140, 138, 231, 140, 94, 14, 252, 66, 175, 128, 191, 14, 52, 215, 190, 184, 165, 50, 182, 224, 42, 156, 145, 0, 1, 15, 187, 85}, + }, + { + name: "SingleASHA256SameFile", + data: []byte{'a'}, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + expectedHash: []byte{52, 159, 140, 206, 140, 138, 231, 140, 94, 14, 252, 66, 175, 128, 191, 14, 52, 215, 190, 184, 165, 50, 182, 224, 42, 156, 145, 0, 1, 15, 187, 85}, + }, + { + name: "SingleASHA512SeparateFile", + data: []byte{'a'}, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + expectedHash: []byte{232, 90, 223, 95, 60, 151, 149, 172, 174, 58, 206, 97, 189, 103, 6, 202, 67, 248, 1, 189, 243, 51, 250, 42, 5, 89, 195, 9, 50, 74, 39, 169, 114, 228, 109, 225, 128, 210, 63, 94, 18, 133, 58, 48, 225, 100, 176, 55, 87, 60, 235, 224, 143, 41, 15, 253, 94, 28, 251, 233, 99, 207, 152, 108}, + }, + { + name: "SingleASHA512SameFile", + data: []byte{'a'}, + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + expectedHash: []byte{232, 90, 223, 95, 60, 151, 149, 172, 174, 58, 206, 97, 189, 103, 6, 202, 67, 248, 1, 189, 243, 51, 250, 42, 5, 89, 195, 9, 50, 74, 39, 169, 114, 228, 109, 225, 128, 210, 63, 94, 18, 133, 58, 48, 225, 100, 176, 55, 87, 60, 235, 224, 143, 41, 15, 253, 94, 28, 251, 233, 99, 207, 152, 108}, + }, + { + name: "OnePageASHA256SeparateFile", + data: bytes.Repeat([]byte{'a'}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + expectedHash: []byte{157, 60, 139, 54, 248, 39, 187, 77, 31, 107, 241, 26, 240, 49, 83, 159, 182, 60, 128, 85, 121, 204, 15, 249, 44, 248, 127, 134, 58, 220, 41, 185}, }, { - data: bytes.Repeat([]byte{0}, 128*usermem.PageSize+1), - expectedHash: []byte{182, 223, 218, 62, 65, 185, 160, 219, 93, 119, 186, 88, 205, 32, 122, 231, 173, 72, 78, 76, 65, 57, 177, 146, 159, 39, 44, 123, 230, 156, 97, 26}, + name: "OnePageASHA256SameFile", + data: bytes.Repeat([]byte{'a'}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + expectedHash: []byte{157, 60, 139, 54, 248, 39, 187, 77, 31, 107, 241, 26, 240, 49, 83, 159, 182, 60, 128, 85, 121, 204, 15, 249, 44, 248, 127, 134, 58, 220, 41, 185}, }, { - data: []byte{'a'}, - expectedHash: []byte{28, 201, 8, 36, 150, 178, 111, 5, 193, 212, 129, 205, 206, 124, 211, 90, 224, 142, 81, 183, 72, 165, 243, 240, 242, 241, 76, 127, 101, 61, 63, 11}, + name: "OnePageASHA512SeparateFile", + data: bytes.Repeat([]byte{'a'}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + expectedHash: []byte{116, 22, 252, 100, 32, 241, 254, 228, 167, 228, 110, 146, 156, 189, 6, 30, 27, 127, 94, 181, 15, 98, 173, 60, 34, 102, 92, 174, 181, 80, 205, 90, 88, 12, 125, 194, 148, 175, 184, 168, 37, 66, 127, 194, 19, 132, 93, 147, 168, 217, 227, 131, 100, 25, 213, 255, 132, 60, 196, 217, 24, 158, 1, 50}, }, { - data: bytes.Repeat([]byte{'a'}, usermem.PageSize), - expectedHash: []byte{106, 58, 160, 152, 41, 68, 38, 108, 245, 74, 177, 84, 64, 193, 19, 176, 249, 86, 27, 193, 85, 164, 99, 240, 79, 104, 148, 222, 76, 46, 191, 79}, + name: "OnePageASHA512SameFile", + data: bytes.Repeat([]byte{'a'}, usermem.PageSize), + hashAlgorithms: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + expectedHash: []byte{116, 22, 252, 100, 32, 241, 254, 228, 167, 228, 110, 146, 156, 189, 6, 30, 27, 127, 94, 181, 15, 98, 173, 60, 34, 102, 92, 174, 181, 80, 205, 90, 88, 12, 125, 194, 148, 175, 184, 168, 37, 66, 127, 194, 19, 132, 93, 147, 168, 217, 227, 131, 100, 25, 213, 255, 132, 60, 196, 217, 24, 158, 1, 50}, }, } for _, tc := range testCases { - t.Run(fmt.Sprintf("%d:%v", len(tc.data), tc.data[0]), func(t *testing.T) { - for _, dataAndTreeInSameFile := range []bool{false, true} { - var tree bytesReadWriter - params := GenerateParams{ - Size: int64(len(tc.data)), - Name: defaultName, - Mode: defaultMode, - UID: defaultUID, - GID: defaultGID, - TreeReader: &tree, - TreeWriter: &tree, - DataAndTreeInSameFile: dataAndTreeInSameFile, - } - if dataAndTreeInSameFile { - tree.Write(tc.data) - params.File = &tree - } else { - params.File = &bytesReadWriter{ - bytes: tc.data, - } - } - hash, err := Generate(¶ms) - if err != nil { - t.Fatalf("Got err: %v, want nil", err) + t.Run(fmt.Sprintf(tc.name), func(t *testing.T) { + var tree bytesReadWriter + params := GenerateParams{ + Size: int64(len(tc.data)), + Name: defaultName, + Mode: defaultMode, + UID: defaultUID, + GID: defaultGID, + Children: make(map[string]struct{}), + HashAlgorithms: tc.hashAlgorithms, + TreeReader: &tree, + TreeWriter: &tree, + DataAndTreeInSameFile: tc.dataAndTreeInSameFile, + } + if tc.dataAndTreeInSameFile { + tree.Write(tc.data) + params.File = &tree + } else { + params.File = &bytesReadWriter{ + bytes: tc.data, } + } + hash, err := Generate(¶ms) + if err != nil { + t.Fatalf("Got err: %v, want nil", err) + } + if !bytes.Equal(hash, tc.expectedHash) { + t.Errorf("Got hash: %v, want %v", hash, tc.expectedHash) + } + }) + } +} - if !bytes.Equal(hash, tc.expectedHash) { - t.Errorf("Got hash: %v, want %v", hash, tc.expectedHash) - } +// prepareVerify generates test data and corresponding Merkle tree, and returns +// the prepared VerifyParams. +// The test data has size dataSize. The data is hashed with hashAlgorithms. The +// portion to be verified ranges from verifyStart with verifySize. +func prepareVerify(t *testing.T, dataSize int64, hashAlgorithm int, dataAndTreeInSameFile bool, verifyStart int64, verifySize int64, out io.Writer) ([]byte, VerifyParams) { + t.Helper() + data := make([]byte, dataSize) + // Generate random bytes in data. + rand.Read(data) + + var tree bytesReadWriter + genParams := GenerateParams{ + Size: int64(len(data)), + Name: defaultName, + Mode: defaultMode, + UID: defaultUID, + GID: defaultGID, + Children: make(map[string]struct{}), + HashAlgorithms: hashAlgorithm, + TreeReader: &tree, + TreeWriter: &tree, + DataAndTreeInSameFile: dataAndTreeInSameFile, + } + if dataAndTreeInSameFile { + tree.Write(data) + genParams.File = &tree + } else { + genParams.File = &bytesReadWriter{ + bytes: data, + } + } + hash, err := Generate(&genParams) + if err != nil { + t.Fatalf("could not generate Merkle tree:%v", err) + } + + return data, VerifyParams{ + Out: out, + File: bytes.NewReader(data), + Tree: &tree, + Size: dataSize, + Name: defaultName, + Mode: defaultMode, + UID: defaultUID, + GID: defaultGID, + Children: make(map[string]struct{}), + HashAlgorithms: hashAlgorithm, + ReadOffset: verifyStart, + ReadSize: verifySize, + Expected: hash, + DataAndTreeInSameFile: dataAndTreeInSameFile, + } +} + +func TestVerifyInvalidRange(t *testing.T) { + testCases := []struct { + name string + verifyStart int64 + verifySize int64 + }{ + // Verify range starts outside data range. + { + name: "StartOutsideRange", + verifyStart: usermem.PageSize, + verifySize: 1, + }, + // Verify range ends outside data range. + { + name: "EndOutsideRange", + verifyStart: 0, + verifySize: 2 * usermem.PageSize, + }, + // Verify range with negative size. + { + name: "NegativeSize", + verifyStart: 1, + verifySize: -1, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, linux.FS_VERITY_HASH_ALG_SHA256, false /* dataAndTreeInSameFile */, tc.verifyStart, tc.verifySize, &buf) + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") + } + }) + } +} + +func TestVerifyUnmodifiedMetadata(t *testing.T) { + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, tc.hashAlgorithm, tc.dataAndTreeInSameFile, 0 /* verifyStart */, 0 /* verifySize */, &buf) + if _, err := Verify(¶ms); !errors.Is(err, nil) { + t.Errorf("Verification failed when expected to succeed: %v", err) + } + }) + } +} + +func TestVerifyModifiedName(t *testing.T) { + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, tc.hashAlgorithm, tc.dataAndTreeInSameFile, 0 /* verifyStart */, 0 /* verifySize */, &buf) + params.Name += "abc" + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") + } + }) + } +} + +func TestVerifyModifiedSize(t *testing.T) { + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, tc.hashAlgorithm, tc.dataAndTreeInSameFile, 0 /* verifyStart */, 0 /* verifySize */, &buf) + params.Size-- + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") + } + }) + } +} + +func TestVerifyModifiedMode(t *testing.T) { + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, tc.hashAlgorithm, tc.dataAndTreeInSameFile, 0 /* verifyStart */, 0 /* verifySize */, &buf) + params.Mode++ + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") + } + }) + } +} + +func TestVerifyModifiedUID(t *testing.T) { + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, tc.hashAlgorithm, tc.dataAndTreeInSameFile, 0 /* verifyStart */, 0 /* verifySize */, &buf) + params.UID++ + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") + } + }) + } +} + +func TestVerifyModifiedGID(t *testing.T) { + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, tc.hashAlgorithm, tc.dataAndTreeInSameFile, 0 /* verifyStart */, 0 /* verifySize */, &buf) + params.GID++ + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") + } + }) + } +} + +func TestVerifyModifiedChildren(t *testing.T) { + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + var buf bytes.Buffer + _, params := prepareVerify(t, usermem.PageSize /* dataSize */, tc.hashAlgorithm, tc.dataAndTreeInSameFile, 0 /* verifyStart */, 0 /* verifySize */, &buf) + params.Children["abc"] = struct{}{} + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") } }) } } -func TestVerify(t *testing.T) { - // The input data has size dataSize. The portion to be verified ranges from - // verifyStart with verifySize. A bit is flipped in outOfRangeByteIndex to - // confirm that modifications outside the verification range does not cause - // issue. And a bit is flipped in modifyByte to confirm that - // modifications in the verification range is caught during verification. +func TestModifyOutsideVerifyRange(t *testing.T) { testCases := []struct { - dataSize int64 + name string + // The byte with index modifyByte is modified. + modifyByte int64 + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "BeforeRangeSHA256SeparateFile", + modifyByte: 4*usermem.PageSize - 1, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "BeforeRangeSHA512SeparateFile", + modifyByte: 4*usermem.PageSize - 1, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "BeforeRangeSHA256SameFile", + modifyByte: 4*usermem.PageSize - 1, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "BeforeRangeSHA512SameFile", + modifyByte: 4*usermem.PageSize - 1, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + { + name: "AfterRangeSHA256SeparateFile", + modifyByte: 5 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "AfterRangeSHA512SeparateFile", + modifyByte: 5 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "AfterRangeSHA256SameFile", + modifyByte: 5 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "AfterRangeSHA256SameFile", + modifyByte: 5 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + dataSize := int64(8 * usermem.PageSize) + verifyStart := int64(4 * usermem.PageSize) + verifySize := int64(usermem.PageSize) + var buf bytes.Buffer + // Modified byte is outside verify range. Verify should succeed. + data, params := prepareVerify(t, dataSize, tc.hashAlgorithm, tc.dataAndTreeInSameFile, verifyStart, verifySize, &buf) + // Flip a bit in data and checks Verify results. + data[tc.modifyByte] ^= 1 + n, err := Verify(¶ms) + if !errors.Is(err, nil) { + t.Errorf("Verification failed when expected to succeed: %v", err) + } + if n != verifySize { + t.Errorf("Got Verify output size %d, want %d", n, verifySize) + } + if int64(buf.Len()) != verifySize { + t.Errorf("Got Verify output buf size %d, want %d,", buf.Len(), verifySize) + } + if !bytes.Equal(data[verifyStart:verifyStart+verifySize], buf.Bytes()) { + t.Errorf("Incorrect output buf from Verify") + } + }) + } +} + +func TestModifyInsideVerifyRange(t *testing.T) { + testCases := []struct { + name string verifyStart int64 verifySize int64 - // A byte in input data is modified during the test. If the - // modified byte falls in verification range, Verify should - // fail, otherwise Verify should still succeed. - modifyByte int64 - modifyName bool - modifyMode bool - modifyUID bool - modifyGID bool - shouldSucceed bool + // The byte with index modifyByte is modified. + modifyByte int64 + hashAlgorithm int + dataAndTreeInSameFile bool }{ - // Verify range start outside the data range should fail. - { - dataSize: usermem.PageSize, - verifyStart: usermem.PageSize, - verifySize: 1, - modifyByte: 0, - shouldSucceed: false, - }, - // Verifying range is valid if it starts inside data and ends - // outside data range, in that case start to the end of data is - // verified. - { - dataSize: usermem.PageSize, - verifyStart: 0, - verifySize: 2 * usermem.PageSize, - modifyByte: 0, - shouldSucceed: false, - }, - // Invalid verify range (negative size) should fail. - { - dataSize: usermem.PageSize, - verifyStart: 1, - verifySize: -1, - modifyByte: 0, - shouldSucceed: false, - }, - // 0 verify size should only verify metadata. - { - dataSize: usermem.PageSize, - verifyStart: 0, - verifySize: 0, - modifyByte: 0, - shouldSucceed: true, - }, - // Modified name should fail verification. - { - dataSize: usermem.PageSize, - verifyStart: 0, - verifySize: 0, - modifyByte: 0, - modifyName: true, - shouldSucceed: false, - }, - // Modified mode should fail verification. - { - dataSize: usermem.PageSize, - verifyStart: 0, - verifySize: 0, - modifyByte: 0, - modifyMode: true, - shouldSucceed: false, - }, - // Modified UID should fail verification. - { - dataSize: usermem.PageSize, - verifyStart: 0, - verifySize: 0, - modifyByte: 0, - modifyUID: true, - shouldSucceed: false, - }, - // Modified GID should fail verification. - { - dataSize: usermem.PageSize, - verifyStart: 0, - verifySize: 0, - modifyByte: 0, - modifyGID: true, - shouldSucceed: false, - }, - // The test cases below use a block-aligned verify range. + // Test a block-aligned verify range. // Modifying a byte in the verified range should cause verify // to fail. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4 * usermem.PageSize, - verifySize: usermem.PageSize, - modifyByte: 4 * usermem.PageSize, - shouldSucceed: false, + name: "BlockAlignedRangeSHA256SeparateFile", + verifyStart: 4 * usermem.PageSize, + verifySize: usermem.PageSize, + modifyByte: 4 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, }, - // Modifying a byte before the verified range should not cause - // verify to fail. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4 * usermem.PageSize, - verifySize: usermem.PageSize, - modifyByte: 4*usermem.PageSize - 1, - shouldSucceed: true, + name: "BlockAlignedRangeSHA512SeparateFile", + verifyStart: 4 * usermem.PageSize, + verifySize: usermem.PageSize, + modifyByte: 4 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "BlockAlignedRangeSHA256SameFile", + verifyStart: 4 * usermem.PageSize, + verifySize: usermem.PageSize, + modifyByte: 4 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, }, - // Modifying a byte after the verified range should not cause - // verify to fail. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4 * usermem.PageSize, - verifySize: usermem.PageSize, - modifyByte: 5 * usermem.PageSize, - shouldSucceed: true, + name: "BlockAlignedRangeSHA512SameFile", + verifyStart: 4 * usermem.PageSize, + verifySize: usermem.PageSize, + modifyByte: 4 * usermem.PageSize, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, }, // The tests below use a non-block-aligned verify range. // Modifying a byte at strat of verify range should cause // verify to fail. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4*usermem.PageSize + 123, - verifySize: 2 * usermem.PageSize, - modifyByte: 4*usermem.PageSize + 123, - shouldSucceed: false, + name: "ModifyStartSHA256SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyStartSHA512SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyStartSHA256SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "ModifyStartSHA512SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, }, // Modifying a byte at the end of verify range should cause // verify to fail. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4*usermem.PageSize + 123, - verifySize: 2 * usermem.PageSize, - modifyByte: 6*usermem.PageSize + 123, - shouldSucceed: false, + name: "ModifyEndSHA256SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyEndSHA512SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyEndSHA256SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "ModifyEndSHA512SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, }, // Modifying a byte in the middle verified block should cause // verify to fail. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4*usermem.PageSize + 123, - verifySize: 2 * usermem.PageSize, - modifyByte: 5*usermem.PageSize + 123, - shouldSucceed: false, + name: "ModifyMiddleSHA256SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 5*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyMiddleSHA512SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 5*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyMiddleSHA256SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 5*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "ModifyMiddleSHA512SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 5*usermem.PageSize + 123, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, }, // Modifying a byte in the first block in the verified range // should cause verify to fail, even the modified bit itself is // out of verify range. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4*usermem.PageSize + 123, - verifySize: 2 * usermem.PageSize, - modifyByte: 4*usermem.PageSize + 122, - shouldSucceed: false, + name: "ModifyFirstBlockSHA256SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 122, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyFirstBlockSHA512SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 122, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyFirstBlockSHA256SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 122, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "ModifyFirstBlockSHA512SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 4*usermem.PageSize + 122, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, }, // Modifying a byte in the last block in the verified range // should cause verify to fail, even the modified bit itself is // out of verify range. { - dataSize: 8 * usermem.PageSize, - verifyStart: 4*usermem.PageSize + 123, - verifySize: 2 * usermem.PageSize, - modifyByte: 6*usermem.PageSize + 124, - shouldSucceed: false, + name: "ModifyLastBlockSHA256SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 124, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyLastBlockSHA512SeparateFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 124, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "ModifyLastBlockSHA256SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 124, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "ModifyLastBlockSHA512SameFile", + verifyStart: 4*usermem.PageSize + 123, + verifySize: 2 * usermem.PageSize, + modifyByte: 6*usermem.PageSize + 124, + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, }, } - for _, tc := range testCases { - t.Run(fmt.Sprintf("%d", tc.modifyByte), func(t *testing.T) { - data := make([]byte, tc.dataSize) - // Generate random bytes in data. - rand.Read(data) - - for _, dataAndTreeInSameFile := range []bool{false, true} { - var tree bytesReadWriter - genParams := GenerateParams{ - Size: int64(len(data)), - Name: defaultName, - Mode: defaultMode, - UID: defaultUID, - GID: defaultGID, - TreeReader: &tree, - TreeWriter: &tree, - DataAndTreeInSameFile: dataAndTreeInSameFile, - } - if dataAndTreeInSameFile { - tree.Write(data) - genParams.File = &tree - } else { - genParams.File = &bytesReadWriter{ - bytes: data, - } - } - hash, err := Generate(&genParams) - if err != nil { - t.Fatalf("Generate failed: %v", err) - } - - // Flip a bit in data and checks Verify results. - var buf bytes.Buffer - data[tc.modifyByte] ^= 1 - verifyParams := VerifyParams{ - Out: &buf, - File: bytes.NewReader(data), - Tree: &tree, - Size: tc.dataSize, - Name: defaultName, - Mode: defaultMode, - UID: defaultUID, - GID: defaultGID, - ReadOffset: tc.verifyStart, - ReadSize: tc.verifySize, - Expected: hash, - DataAndTreeInSameFile: dataAndTreeInSameFile, - } - if tc.modifyName { - verifyParams.Name = defaultName + "abc" - } - if tc.modifyMode { - verifyParams.Mode = defaultMode + 1 - } - if tc.modifyUID { - verifyParams.UID = defaultUID + 1 - } - if tc.modifyGID { - verifyParams.GID = defaultGID + 1 - } - if tc.shouldSucceed { - n, err := Verify(&verifyParams) - if err != nil && err != io.EOF { - t.Errorf("Verification failed when expected to succeed: %v", err) - } - if n != tc.verifySize { - t.Errorf("Got Verify output size %d, want %d", n, tc.verifySize) - } - if int64(buf.Len()) != tc.verifySize { - t.Errorf("Got Verify output buf size %d, want %d,", buf.Len(), tc.verifySize) - } - if !bytes.Equal(data[tc.verifyStart:tc.verifyStart+tc.verifySize], buf.Bytes()) { - t.Errorf("Incorrect output buf from Verify") - } - } else { - if _, err := Verify(&verifyParams); err == nil { - t.Errorf("Verification succeeded when expected to fail") - } - } + t.Run(tc.name, func(t *testing.T) { + dataSize := int64(8 * usermem.PageSize) + var buf bytes.Buffer + data, params := prepareVerify(t, dataSize, tc.hashAlgorithm, tc.dataAndTreeInSameFile, tc.verifyStart, tc.verifySize, &buf) + // Flip a bit in data and checks Verify results. + data[tc.modifyByte] ^= 1 + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Errorf("Verification succeeded when expected to fail") } }) } } func TestVerifyRandom(t *testing.T) { - rand.Seed(time.Now().UnixNano()) - // Use a random dataSize. Minimum size 2 so that we can pick a random - // portion from it. - dataSize := rand.Int63n(200*usermem.PageSize) + 2 - data := make([]byte, dataSize) - // Generate random bytes in data. - rand.Read(data) - - for _, dataAndTreeInSameFile := range []bool{false, true} { - var tree bytesReadWriter - genParams := GenerateParams{ - Size: int64(len(data)), - Name: defaultName, - Mode: defaultMode, - UID: defaultUID, - GID: defaultGID, - TreeReader: &tree, - TreeWriter: &tree, - DataAndTreeInSameFile: dataAndTreeInSameFile, - } - - if dataAndTreeInSameFile { - tree.Write(data) - genParams.File = &tree - } else { - genParams.File = &bytesReadWriter{ - bytes: data, - } - } - hash, err := Generate(&genParams) - if err != nil { - t.Fatalf("Generate failed: %v", err) - } + testCases := []struct { + name string + hashAlgorithm int + dataAndTreeInSameFile bool + }{ + { + name: "SHA256SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: false, + }, + { + name: "SHA512SeparateFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: false, + }, + { + name: "SHA256SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA256, + dataAndTreeInSameFile: true, + }, + { + name: "SHA512SameFile", + hashAlgorithm: linux.FS_VERITY_HASH_ALG_SHA512, + dataAndTreeInSameFile: true, + }, + } + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + rand.Seed(time.Now().UnixNano()) + // Use a random dataSize. Minimum size 2 so that we can pick a random + // portion from it. + dataSize := rand.Int63n(200*usermem.PageSize) + 2 - // Pick a random portion of data. - start := rand.Int63n(dataSize - 1) - size := rand.Int63n(dataSize) + 1 + // Pick a random portion of data. + start := rand.Int63n(dataSize - 1) + size := rand.Int63n(dataSize) + 1 - var buf bytes.Buffer - verifyParams := VerifyParams{ - Out: &buf, - File: bytes.NewReader(data), - Tree: &tree, - Size: dataSize, - Name: defaultName, - Mode: defaultMode, - UID: defaultUID, - GID: defaultGID, - ReadOffset: start, - ReadSize: size, - Expected: hash, - DataAndTreeInSameFile: dataAndTreeInSameFile, - } + var buf bytes.Buffer + data, params := prepareVerify(t, dataSize, tc.hashAlgorithm, tc.dataAndTreeInSameFile, start, size, &buf) - // Checks that the random portion of data from the original data is - // verified successfully. - n, err := Verify(&verifyParams) - if err != nil && err != io.EOF { - t.Errorf("Verification failed for correct data: %v", err) - } - if size > dataSize-start { - size = dataSize - start - } - if n != size { - t.Errorf("Got Verify output size %d, want %d", n, size) - } - if int64(buf.Len()) != size { - t.Errorf("Got Verify output buf size %d, want %d", buf.Len(), size) - } - if !bytes.Equal(data[start:start+size], buf.Bytes()) { - t.Errorf("Incorrect output buf from Verify") - } + // Checks that the random portion of data from the original data is + // verified successfully. + n, err := Verify(¶ms) + if err != nil && err != io.EOF { + t.Errorf("Verification failed for correct data: %v", err) + } + if size > dataSize-start { + size = dataSize - start + } + if n != size { + t.Errorf("Got Verify output size %d, want %d", n, size) + } + if int64(buf.Len()) != size { + t.Errorf("Got Verify output buf size %d, want %d", buf.Len(), size) + } + if !bytes.Equal(data[start:start+size], buf.Bytes()) { + t.Errorf("Incorrect output buf from Verify") + } - // Verify that modified metadata should fail verification. - buf.Reset() - verifyParams.Name = defaultName + "abc" - if _, err := Verify(&verifyParams); err == nil { - t.Error("Verify succeeded for modified metadata, expect failure") - } + // Verify that modified metadata should fail verification. + buf.Reset() + params.Name = defaultName + "abc" + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Error("Verify succeeded for modified metadata, expect failure") + } - // Flip a random bit in randPortion, and check that verification fails. - buf.Reset() - randBytePos := rand.Int63n(size) - data[start+randBytePos] ^= 1 - verifyParams.File = bytes.NewReader(data) - verifyParams.Name = defaultName + // Flip a random bit in randPortion, and check that verification fails. + buf.Reset() + randBytePos := rand.Int63n(size) + data[start+randBytePos] ^= 1 + params.File = bytes.NewReader(data) + params.Name = defaultName - if _, err := Verify(&verifyParams); err == nil { - t.Error("Verification succeeded for modified data, expect failure") - } + if _, err := Verify(¶ms); errors.Is(err, nil) { + t.Error("Verification succeeded for modified data, expect failure") + } + }) } } |