scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-27 19:53:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Rewrite gen_fuzz_test_cases.sh script to use new signing utilities.

Browse Source 
TEST=Generated images verify successfully using right keys.

Review URL: http://codereview.chromium.org/2836036
This commit is contained in:
Gaurav Shah
2010-06-29 19:46:11 -07:00
parent c4a011a725
commit 0ec7078d5b
1 changed files with 54 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
tests/gen_fuzz_test_cases.sh
View File

@@ -11,50 +11,72 @@
# Use a different directory for fuzzing test cases. # Use a different directory for fuzzing test cases.
TESTCASE_DIR=${SCRIPT_DIR}/fuzz_testcases TESTCASE_DIR=${SCRIPT_DIR}/fuzz_testcases
TEST_FILE=${TESTCASE_DIR}/testfile TEST_IMAGE_FILE=${TESTCASE_DIR}/testimage
TEST_FILE_SIZE=500000 TEST_IMAGE_SIZE=500000
TEST_BOOTLOADER_FILE=${TESTCASE_DIR}/testbootloader
TEST_BOOTLOADER_SIZE=50000
TEST_CONFIG_FILE=${TESTCASE_DIR}/testconfig
# Config size must < 4096
TEST_CONFIG_SIZE=3000
# Generate public key signatures and digest on an input file for
# various combinations of message digest algorithms and RSA key sizes.
function generate_fuzzing_images { function generate_fuzzing_images {
echo "Generating key blocks..."
# Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware
# signing key.
${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/firmware.keyblock \
--datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
--signprivate ${TESTKEY_DIR}/key_rsa8192.pem \
--algorithm 11
# Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512
# kernel signing key.
${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/kernel.keyblock \
--datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
--signprivate ${TESTKEY_DIR}/key_rsa4096.pem \
--flags 15 \
--algorithm 8
echo "Generating signed firmware test image..." echo "Generating signed firmware test image..."
# Generate a test verified boot firmware image and copy root public key. ${UTIL_DIR}/vbutil_firmware \
${UTIL_DIR}/firmware_utility --generate \ --vblock ${TESTCASE_DIR}/firmware.vblock \
--in $1 \ --keyblock ${TESTCASE_DIR}/firmware.keyblock\
--root_key ${TESTKEY_DIR}/key_rsa8192.pem \ --signprivate ${TESTKEY_DIR}/key_rsa4096.pem \
--firmware_sign_key ${TESTKEY_DIR}/key_rsa4096.pem \ --version 1 \
--firmware_sign_key_pub ${TESTKEY_DIR}/key_rsa4096.keyb \ --fv $1 \
--firmware_sign_algorithm 8 \ --kernelkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk
--firmware_key_version 1 \ # TODO(gauravsh): ALso test with (optional) flags.
--firmware_version 1 \ cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk
--out ${TESTCASE_DIR}/firmware.signed
cp ${TESTKEY_DIR}/key_rsa8192.keyb ${TESTCASE_DIR}/root_key.keyb
echo "Generating signed kernel test image..." echo "Generating signed kernel test image..."
# Generate a test verified boot kernel image and copy firmware public key. ${UTIL_DIR}/vbutil_kernel \
${UTIL_DIR}/kernel_utility --generate \ --pack ${TESTCASE_DIR}/kernel.vblock.image \
--firmware_key ${TESTKEY_DIR}/key_rsa4096.pem \ --keyblock ${TESTCASE_DIR}/kernel.keyblock \
--kernel_key ${TESTKEY_DIR}/key_rsa1024.pem \ --signprivate ${TESTKEY_DIR}/key_rsa4096.pem \
--kernel_key_pub ${TESTKEY_DIR}/key_rsa1024.keyb \ --version 1 \
--firmware_sign_algorithm 8 \ --vmlinuz ${TEST_IMAGE_FILE} \
--kernel_sign_algorithm 2 \ --bootloader ${TEST_BOOTLOADER_FILE} \
--kernel_key_version 1 \ --config ${TEST_CONFIG_FILE}
--kernel_version 1 \ # TODO(gauravsh): Also test with (optional) padding.
--vmlinuz /dev/null \ cp ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
--config /dev/null \ ${TESTCASE_DIR}/firmware_key.vbpubk
--bootloader ${TEST_FILE} \
--out ${TESTCASE_DIR}/kernel.signed
cp ${TESTKEY_DIR}/key_rsa4096.keyb ${TESTCASE_DIR}/firmware_key.keyb
} }
function pre_work { function pre_work {
# Generate a file to serve as random bytes for firmware/kernel contents. # Generate a file to serve as random bytes for firmware/kernel contents.
# NOTE: The kernel and config file can't really be random, but the bootloader # NOTE: The kernel and config file can't really be random, but the bootloader
# can. That's probably close enough. # can. That's probably close enough.
echo "Generating test file..." echo "Generating test image file..."
dd if=/dev/urandom of=${TEST_FILE} bs=${TEST_FILE_SIZE} count=1 dd if=/dev/urandom of=${TEST_IMAGE_FILE} bs=${TEST_IMAGE_SIZE} count=1
echo "Generating test bootloader file..."
# TODO(gauravsh): Use a valid bootloader here?
dd if=/dev/urandom of=${TEST_BOOTLOADER_FILE} bs=${TEST_BOOTLOADER_SIZE} \
count=1
echo "Generating test config file..."
# TODO(gauravsh): Use a valid config file here?
dd if=/dev/urandom of=${TEST_CONFIG_FILE} bs=${TEST_CONFIG_SIZE} count=1
} }
mkdir -p ${TESTCASE_DIR} mkdir -p ${TESTCASE_DIR}
pre_work pre_work
check_test_keys check_test_keys
generate_fuzzing_images ${TEST_FILE} generate_fuzzing_images ${TEST_IMAGE_FILE}