scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-11-24 02:05:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Install and use futility when running tests

Browse Source 
As we build features into futility, the standalone executables disappear.
Tests that invoke those executables will need to invoke futility instead.

BUG=chromium:224734
BRANCH=ToT
TEST=make runtests

Signed-off-by: Bill Richardson <wfrichar@chromium.org>
Change-Id: I75230f6901aab8d978fa5d12505c243e1c90c938
Reviewed-on: https://chromium-review.googlesource.com/207926
Reviewed-by: Randall Spangler <rspangler@chromium.org>
This commit is contained in:
Bill Richardson
2014-07-14 15:05:54 -07:00
committed by chrome-internal-fetch
parent 0f6679e858
commit 3e3790d008
12 changed files with 47 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
Makefile
View File

@@ -695,6 +695,10 @@ clean:
.PHONY: install .PHONY: install
install: cgpt_install utils_install signing_install futil_install install: cgpt_install utils_install signing_install futil_install
.PHONY: install_for_test
install_for_test: override DESTDIR = ${TEST_INSTALL_DIR}
install_for_test: install
# Don't delete intermediate object files # Don't delete intermediate object files
.SECONDARY: .SECONDARY:
@@ -1069,7 +1073,7 @@ test_targets:: runtestscripts
endif endif
.PHONY: test_setup .PHONY: test_setup
test_setup:: cgpt utils futil tests test_setup:: cgpt utils futil tests install_for_test
# Qemu setup for cross-compiled tests. Need to copy qemu binary into the # Qemu setup for cross-compiled tests. Need to copy qemu binary into the
# sysroot. # sysroot.
@@ -1163,9 +1167,8 @@ run2tests: test_setup
${RUNTEST} ${BUILD_RUN}/tests/vb2_sha_tests ${RUNTEST} ${BUILD_RUN}/tests/vb2_sha_tests
.PHONY: runfutiltests .PHONY: runfutiltests
runfutiltests: override DESTDIR = ${TEST_INSTALL_DIR} runfutiltests: test_setup
runfutiltests: test_setup install tests/futility/run_test_scripts.sh ${TEST_INSTALL_DIR}
tests/futility/run_test_scripts.sh ${DESTDIR}
${RUNTEST} ${BUILD_RUN}/tests/futility/test_not_really ${RUNTEST} ${BUILD_RUN}/tests/futility/test_not_really
# Run long tests, including all permutations of encryption keys (instead of # Run long tests, including all permutations of encryption keys (instead of

2
tests/common.sh
View File

@@ -9,7 +9,7 @@ SCRIPT_DIR=$(dirname $(readlink -f "$0"))
ROOT_DIR="$(dirname ${SCRIPT_DIR})" ROOT_DIR="$(dirname ${SCRIPT_DIR})"
BUILD_DIR="${BUILD}" BUILD_DIR="${BUILD}"
UTIL_DIR="${BUILD_DIR}/utility" BIN_DIR="${BUILD_DIR}/install_for_test"
TEST_DIR="${BUILD_DIR}/tests" TEST_DIR="${BUILD_DIR}/tests"
TESTKEY_DIR=${SCRIPT_DIR}/testkeys TESTKEY_DIR=${SCRIPT_DIR}/testkeys
TESTCASE_DIR=${SCRIPT_DIR}/testcases TESTCASE_DIR=${SCRIPT_DIR}/testcases

8
tests/gen_fuzz_test_cases.sh
View File

@@ -26,19 +26,19 @@ function generate_fuzzing_images {
echo "Generating key blocks..." echo "Generating key blocks..."
# Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware # Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware
# signing key. # signing key.
${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/firmware.keyblock \ ${BIN_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/firmware.keyblock \
--datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
--signprivate ${TESTKEY_DIR}/key_rsa8192.sha1.vbprivk --signprivate ${TESTKEY_DIR}/key_rsa8192.sha1.vbprivk
# Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512 # Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512
# kernel signing key. # kernel signing key.
${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/kernel.keyblock \ ${BIN_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/kernel.keyblock \
--datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
--signprivate ${TESTKEY_DIR}/key_rsa4096.sha1.vbprivk \ --signprivate ${TESTKEY_DIR}/key_rsa4096.sha1.vbprivk \
--flags 15 --flags 15
echo "Generating signed firmware test image..." echo "Generating signed firmware test image..."
${UTIL_DIR}/vbutil_firmware \ ${BIN_DIR}/vbutil_firmware \
--vblock ${TESTCASE_DIR}/firmware.vblock \ --vblock ${TESTCASE_DIR}/firmware.vblock \
--keyblock ${TESTCASE_DIR}/firmware.keyblock\ --keyblock ${TESTCASE_DIR}/firmware.keyblock\
--signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \
@@ -49,7 +49,7 @@ function generate_fuzzing_images {
cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk
echo "Generating signed kernel test image..." echo "Generating signed kernel test image..."
${UTIL_DIR}/vbutil_kernel \ ${BIN_DIR}/vbutil_kernel \
--pack ${TESTCASE_DIR}/kernel.vblock.image \ --pack ${TESTCASE_DIR}/kernel.vblock.image \
--keyblock ${TESTCASE_DIR}/kernel.keyblock \ --keyblock ${TESTCASE_DIR}/kernel.keyblock \
--signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \

2
tests/gen_test_cases.sh
View File

@@ -23,7 +23,7 @@ function generate_test_signatures {
do do
openssl dgst -${hashalgo} -binary ${TEST_FILE} > \ openssl dgst -${hashalgo} -binary ${TEST_FILE} > \
${TEST_FILE}.${hashalgo}.digest ${TEST_FILE}.${hashalgo}.digest
${UTIL_DIR}/signature_digest_utility $algorithmcounter \ ${BIN_DIR}/signature_digest_utility $algorithmcounter \
${TEST_FILE} | openssl rsautl \ ${TEST_FILE} | openssl rsautl \
-sign -pkcs -inkey ${TESTKEY_DIR}/key_rsa${keylen}.pem \ -sign -pkcs -inkey ${TESTKEY_DIR}/key_rsa${keylen}.pem \
> ${TEST_FILE}.rsa${keylen}_${hashalgo}.sig > ${TEST_FILE}.rsa${keylen}_${hashalgo}.sig

6
tests/gen_test_keys.sh
View File

@@ -30,7 +30,7 @@ function generate_keys {
-out ${key_base}.crt -out ${key_base}.crt
# Generate pre-processed key for use by RSA signature verification code. # Generate pre-processed key for use by RSA signature verification code.
${UTIL_DIR}/dumpRSAPublicKey -cert ${key_base}.crt \ ${BIN_DIR}/dumpRSAPublicKey -cert ${key_base}.crt \
> ${key_base}.keyb > ${key_base}.keyb
alg_index=0 alg_index=0
@@ -38,14 +38,14 @@ function generate_keys {
do do
alg=$((${key_index} * 3 + ${alg_index})) alg=$((${key_index} * 3 + ${alg_index}))
# wrap the public key # wrap the public key
${UTIL_DIR}/vbutil_key \ ${BIN_DIR}/vbutil_key \
--pack "${key_base}.sha${sha_type}.vbpubk" \ --pack "${key_base}.sha${sha_type}.vbpubk" \
--key "${key_base}.keyb" \ --key "${key_base}.keyb" \
--version 1 \ --version 1 \
--algorithm ${alg} --algorithm ${alg}
# wrap the private key # wrap the private key
${UTIL_DIR}/vbutil_key \ ${BIN_DIR}/vbutil_key \
--pack "${key_base}.sha${sha_type}.vbprivk" \ --pack "${key_base}.sha${sha_type}.vbprivk" \
--key "${key_base}.pem" \ --key "${key_base}.pem" \
--algorithm ${alg} --algorithm ${alg}

2
tests/gen_test_vbpubks.sh
View File

@@ -15,7 +15,7 @@ function generate_vpubks {
do do
for hashalgo in ${hash_algos[@]} for hashalgo in ${hash_algos[@]}
do do
${UTIL_DIR}/vbutil_key --pack \ ${BIN_DIR}/vbutil_key --pack \
--in ${TESTKEY_DIR}/key_rsa${keylen}.keyb \ --in ${TESTKEY_DIR}/key_rsa${keylen}.keyb \
--out ${TESTKEY_DIR}/key_rsa${keylen}.${hashalgo}.vbpubk \ --out ${TESTKEY_DIR}/key_rsa${keylen}.${hashalgo}.vbpubk \
--version 1 \ --version 1 \

6
tests/run_preamble_tests.sh
View File

@@ -41,7 +41,7 @@ for d in $algs; do
fi fi
: $(( tests++ )) : $(( tests++ ))
echo -n "${what} fw_${d}_${r}.vblock with root_${rr}.vbpubk ... " echo -n "${what} fw_${d}_${r}.vblock with root_${rr}.vbpubk ... "
"${UTIL_DIR}/vbutil_firmware" --verify "${V2DIR}/fw_${d}_${r}.vblock" \ "${BIN_DIR}/vbutil_firmware" --verify "${V2DIR}/fw_${d}_${r}.vblock" \
--signpubkey "${DATADIR}/root_${rr}.vbpubk" \ --signpubkey "${DATADIR}/root_${rr}.vbpubk" \
--fv "${DATADIR}/FWDATA" >/dev/null 2>&1 --fv "${DATADIR}/FWDATA" >/dev/null 2>&1
if [ "$?" "$cmp" 0 ]; then if [ "$?" "$cmp" 0 ]; then
@@ -68,7 +68,7 @@ for d in $algs; do
fi fi
: $(( tests++ )) : $(( tests++ ))
echo -n "${what} kern_${d}_${r}.vblock with root_${rr}.vbpubk ... " echo -n "${what} kern_${d}_${r}.vblock with root_${rr}.vbpubk ... "
"${UTIL_DIR}/vbutil_kernel" --verify "${V2DIR}/kern_${d}_${r}.vblock" \ "${BIN_DIR}/vbutil_kernel" --verify "${V2DIR}/kern_${d}_${r}.vblock" \
--signpubkey "${DATADIR}/root_${rr}.vbpubk" >/dev/null 2>&1 --signpubkey "${DATADIR}/root_${rr}.vbpubk" >/dev/null 2>&1
if [ "$?" "$cmp" 0 ]; then if [ "$?" "$cmp" 0 ]; then
echo -e "${COL_RED}FAILED${COL_STOP}" echo -e "${COL_RED}FAILED${COL_STOP}"
@@ -86,7 +86,7 @@ for d in $algs; do
for r in $algs; do for r in $algs; do
: $(( tests++ )) : $(( tests++ ))
echo -n "verify kern_${d}_${r}.vblock with hash only ... " echo -n "verify kern_${d}_${r}.vblock with hash only ... "
"${UTIL_DIR}/vbutil_kernel" \ "${BIN_DIR}/vbutil_kernel" \
--verify "${V2DIR}/kern_${d}_${r}.vblock" >/dev/null 2>&1 --verify "${V2DIR}/kern_${d}_${r}.vblock" >/dev/null 2>&1
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
echo -e "${COL_RED}FAILED${COL_STOP}" echo -e "${COL_RED}FAILED${COL_STOP}"

2
tests/run_rsa_tests.sh
View File

@@ -21,7 +21,7 @@ function test_signatures {
for hashalgo in ${hash_algos[@]} for hashalgo in ${hash_algos[@]}
do do
echo -e "For ${COL_YELLOW}RSA-$keylen and $hashalgo${COL_STOP}:" echo -e "For ${COL_YELLOW}RSA-$keylen and $hashalgo${COL_STOP}:"
${UTIL_DIR}/verify_data $algorithmcounter \ ${BIN_DIR}/verify_data $algorithmcounter \
${TESTKEY_DIR}/key_rsa${keylen}.keyb \ ${TESTKEY_DIR}/key_rsa${keylen}.keyb \
${TEST_FILE}.rsa${keylen}_${hashalgo}.sig \ ${TEST_FILE}.rsa${keylen}_${hashalgo}.sig \
${TEST_FILE} ${TEST_FILE}

18
tests/run_vbutil_kernel_arg_tests.sh
View File

@@ -44,7 +44,7 @@ while [ "$k" -lt "${#KERN_VALS[*]}" ]; do
while [ "$b" -lt "${#BOOT_VALS[*]}" ]; do while [ "$b" -lt "${#BOOT_VALS[*]}" ]; do
echo -n "pack kern_${k}_${b}.vblock ... " echo -n "pack kern_${k}_${b}.vblock ... "
: $(( tests++ )) : $(( tests++ ))
"${UTIL_DIR}/vbutil_kernel" --pack "${TMPDIR}/kern_${k}_${b}.vblock" \ "${BIN_DIR}/vbutil_kernel" --pack "${TMPDIR}/kern_${k}_${b}.vblock" \
--keyblock "${KEYBLOCK}" \ --keyblock "${KEYBLOCK}" \
--signprivate "${SIGNPRIVATE}" \ --signprivate "${SIGNPRIVATE}" \
--version 1 \ --version 1 \
@@ -68,7 +68,7 @@ for v in ${TMPDIR}/kern_*.vblock; do
: $(( tests++ )) : $(( tests++ ))
vv=$(basename "$v") vv=$(basename "$v")
echo -n "verify $vv ... " echo -n "verify $vv ... "
"${UTIL_DIR}/vbutil_kernel" --verify "$v" >/dev/null "${BIN_DIR}/vbutil_kernel" --verify "$v" >/dev/null
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
echo -e "${COL_RED}FAILED${COL_STOP}" echo -e "${COL_RED}FAILED${COL_STOP}"
: $(( errs++ )) : $(( errs++ ))
@@ -77,7 +77,7 @@ for v in ${TMPDIR}/kern_*.vblock; do
fi fi
: $(( tests++ )) : $(( tests++ ))
echo -n "verify $vv signed ... " echo -n "verify $vv signed ... "
"${UTIL_DIR}/vbutil_kernel" --verify "$v" \ "${BIN_DIR}/vbutil_kernel" --verify "$v" \
--signpubkey "${SIGNPUBLIC}" >/dev/null --signpubkey "${SIGNPUBLIC}" >/dev/null
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
echo -e "${COL_RED}FAILED${COL_STOP}" echo -e "${COL_RED}FAILED${COL_STOP}"
@@ -99,7 +99,7 @@ USB_SIGNPRIVATE="${DEVKEYS}/recovery_kernel_data_key.vbprivk"
USB_SIGNPUBKEY="${DEVKEYS}/recovery_key.vbpubk" USB_SIGNPUBKEY="${DEVKEYS}/recovery_key.vbpubk"
echo -n "pack USB kernel ... " echo -n "pack USB kernel ... "
: $(( tests++ )) : $(( tests++ ))
"${UTIL_DIR}/vbutil_kernel" \ "${BIN_DIR}/vbutil_kernel" \
--pack "${USB_KERN}" \ --pack "${USB_KERN}" \
--keyblock "${USB_KEYBLOCK}" \ --keyblock "${USB_KEYBLOCK}" \
--signprivate "${USB_SIGNPRIVATE}" \ --signprivate "${USB_SIGNPRIVATE}" \
@@ -118,7 +118,7 @@ fi
# And verify it. # And verify it.
echo -n "verify USB kernel ... " echo -n "verify USB kernel ... "
: $(( tests++ )) : $(( tests++ ))
"${UTIL_DIR}/vbutil_kernel" \ "${BIN_DIR}/vbutil_kernel" \
--verify "${USB_KERN}" \ --verify "${USB_KERN}" \
--signpubkey "${USB_SIGNPUBKEY}" >/dev/null --signpubkey "${USB_SIGNPUBKEY}" >/dev/null
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
@@ -138,7 +138,7 @@ SSD_SIGNPRIVATE="${DEVKEYS}/kernel_data_key.vbprivk"
SSD_SIGNPUBKEY="${DEVKEYS}/kernel_subkey.vbpubk" SSD_SIGNPUBKEY="${DEVKEYS}/kernel_subkey.vbpubk"
echo -n "repack to SSD kernel ... " echo -n "repack to SSD kernel ... "
: $(( tests++ )) : $(( tests++ ))
"${UTIL_DIR}/vbutil_kernel" \ "${BIN_DIR}/vbutil_kernel" \
--repack "${SSD_KERN}" \ --repack "${SSD_KERN}" \
--vblockonly \ --vblockonly \
--keyblock "${SSD_KEYBLOCK}" \ --keyblock "${SSD_KEYBLOCK}" \
@@ -158,7 +158,7 @@ dd if="${USB_KERN}" bs=65536 skip=1 >> $tempfile 2>/dev/null
echo -n "verify SSD kernel ... " echo -n "verify SSD kernel ... "
: $(( tests++ )) : $(( tests++ ))
"${UTIL_DIR}/vbutil_kernel" \ "${BIN_DIR}/vbutil_kernel" \
--verify "$tempfile" \ --verify "$tempfile" \
--signpubkey "${SSD_SIGNPUBKEY}" >/dev/null --signpubkey "${SSD_SIGNPUBKEY}" >/dev/null
if [ "$?" -ne 0 ]; then if [ "$?" -ne 0 ]; then
@@ -170,7 +170,7 @@ fi
# Finally make sure that the kernel command line stays good. # Finally make sure that the kernel command line stays good.
orig=$(cat "${CONFIG}" | tr '\012' ' ') orig=$(cat "${CONFIG}" | tr '\012' ' ')
packed=$("${UTIL_DIR}/dump_kernel_config" "${USB_KERN}") packed=$("${BIN_DIR}/dump_kernel_config" "${USB_KERN}")
echo -n "check USB kernel config ..." echo -n "check USB kernel config ..."
: $(( tests++ )) : $(( tests++ ))
if [ "$orig" != "$packed" ]; then if [ "$orig" != "$packed" ]; then
@@ -180,7 +180,7 @@ else
echo -e "${COL_GREEN}PASSED${COL_STOP}" echo -e "${COL_GREEN}PASSED${COL_STOP}"
fi fi
repacked=$("${UTIL_DIR}/dump_kernel_config" "${tempfile}") repacked=$("${BIN_DIR}/dump_kernel_config" "${tempfile}")
echo -n "check SSD kernel config ..." echo -n "check SSD kernel config ..."
: $(( tests++ )) : $(( tests++ ))
if [ "$orig" != "$packed" ]; then if [ "$orig" != "$packed" ]; then

16
tests/run_vbutil_tests.sh
View File

@@ -18,7 +18,7 @@ function test_vbutil_key_single {
echo -e "For signing key ${COL_YELLOW}RSA-$keylen/$hashalgo${COL_STOP}:" echo -e "For signing key ${COL_YELLOW}RSA-$keylen/$hashalgo${COL_STOP}:"
# Pack the key # Pack the key
${UTIL_DIR}/vbutil_key \ ${BIN_DIR}/vbutil_key \
--pack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbpubk \ --pack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbpubk \
--key ${TESTKEY_DIR}/key_rsa${keylen}.keyb \ --key ${TESTKEY_DIR}/key_rsa${keylen}.keyb \
--version 1 \ --version 1 \
@@ -30,7 +30,7 @@ function test_vbutil_key_single {
# Unpack the key # Unpack the key
# TODO: should verify we get the same key back out? # TODO: should verify we get the same key back out?
${UTIL_DIR}/vbutil_key \ ${BIN_DIR}/vbutil_key \
--unpack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbpubk --unpack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbpubk
if [ $? -ne 0 ] if [ $? -ne 0 ]
then then
@@ -75,7 +75,7 @@ ${datahashalgo}${COL_STOP}"
rm -f ${keyblockfile} rm -f ${keyblockfile}
# Wrap private key # Wrap private key
${UTIL_DIR}/vbutil_key \ ${BIN_DIR}/vbutil_key \
--pack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbprivk \ --pack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbprivk \
--key ${TESTKEY_DIR}/key_rsa${signing_keylen}.pem \ --key ${TESTKEY_DIR}/key_rsa${signing_keylen}.pem \
--algorithm $signing_algonum --algorithm $signing_algonum
@@ -86,7 +86,7 @@ ${datahashalgo}${COL_STOP}"
fi fi
# Wrap public key # Wrap public key
${UTIL_DIR}/vbutil_key \ ${BIN_DIR}/vbutil_key \
--pack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbpubk \ --pack ${TESTKEY_SCRATCH_DIR}/key_alg${algonum}.vbpubk \
--key ${TESTKEY_DIR}/key_rsa${signing_keylen}.keyb \ --key ${TESTKEY_DIR}/key_rsa${signing_keylen}.keyb \
--algorithm $signing_algonum --algorithm $signing_algonum
@@ -97,7 +97,7 @@ ${datahashalgo}${COL_STOP}"
fi fi
# Pack # Pack
${UTIL_DIR}/vbutil_keyblock --pack ${keyblockfile} \ ${BIN_DIR}/vbutil_keyblock --pack ${keyblockfile} \
--datapubkey \ --datapubkey \
${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk \ ${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk \
--signprivate \ --signprivate \
@@ -109,7 +109,7 @@ ${datahashalgo}${COL_STOP}"
fi fi
# Unpack # Unpack
${UTIL_DIR}/vbutil_keyblock --unpack ${keyblockfile} \ ${BIN_DIR}/vbutil_keyblock --unpack ${keyblockfile} \
--datapubkey \ --datapubkey \
${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk2 \ ${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk2 \
--signpubkey \ --signpubkey \
@@ -134,7 +134,7 @@ ${datahashalgo}${COL_STOP}"
external signer.${COL_STOP}" external signer.${COL_STOP}"
# Pack using external signer # Pack using external signer
# Pack # Pack
${UTIL_DIR}/vbutil_keyblock --pack ${keyblockfile} \ ${BIN_DIR}/vbutil_keyblock --pack ${keyblockfile} \
--datapubkey \ --datapubkey \
${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk \ ${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk \
--signprivate_pem \ --signprivate_pem \
@@ -149,7 +149,7 @@ external signer.${COL_STOP}"
fi fi
# Unpack # Unpack
${UTIL_DIR}/vbutil_keyblock --unpack ${keyblockfile} \ ${BIN_DIR}/vbutil_keyblock --unpack ${keyblockfile} \
--datapubkey \ --datapubkey \
${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk2 \ ${TESTKEY_SCRATCH_DIR}/key_alg${data_algonum}.vbpubk2 \
--signpubkey \ --signpubkey \

16
tests/vb2_firmware_tests.sh
View File

@@ -24,24 +24,24 @@ echo 'This is a test firmware body. This is only a test. Lalalalala' \
> body.test > body.test
# Pack keys using original vboot utilities # Pack keys using original vboot utilities
${UTIL_DIR}/vbutil_key --pack rootkey.test \ ${BIN_DIR}/vbutil_key --pack rootkey.test \
--key ${TESTKEY_DIR}/key_rsa8192.keyb --algorithm 11 --key ${TESTKEY_DIR}/key_rsa8192.keyb --algorithm 11
${UTIL_DIR}/vbutil_key --pack fwsubkey.test \ ${BIN_DIR}/vbutil_key --pack fwsubkey.test \
--key ${TESTKEY_DIR}/key_rsa4096.keyb --algorithm 7 --key ${TESTKEY_DIR}/key_rsa4096.keyb --algorithm 7
${UTIL_DIR}/vbutil_key --pack kernkey.test \ ${BIN_DIR}/vbutil_key --pack kernkey.test \
--key ${TESTKEY_DIR}/key_rsa2048.keyb --algorithm 4 --key ${TESTKEY_DIR}/key_rsa2048.keyb --algorithm 4
# Create a GBB with the root key # Create a GBB with the root key
${UTIL_DIR}/gbb_utility -c 128,2400,0,0 gbb.test ${BIN_DIR}/gbb_utility -c 128,2400,0,0 gbb.test
${UTIL_DIR}/gbb_utility gbb.test -s --hwid='Test GBB' --rootkey=rootkey.test ${BIN_DIR}/gbb_utility gbb.test -s --hwid='Test GBB' --rootkey=rootkey.test
# Keyblock with firmware subkey is signed by root key # Keyblock with firmware subkey is signed by root key
${UTIL_DIR}/vbutil_keyblock --pack keyblock.test \ ${BIN_DIR}/vbutil_keyblock --pack keyblock.test \
--datapubkey fwsubkey.test \ --datapubkey fwsubkey.test \
--signprivate ${TESTKEY_DIR}/key_rsa8192.sha512.vbprivk --signprivate ${TESTKEY_DIR}/key_rsa8192.sha512.vbprivk
# Firmware preamble is signed with the firmware subkey # Firmware preamble is signed with the firmware subkey
${UTIL_DIR}/vbutil_firmware \ ${BIN_DIR}/vbutil_firmware \
--vblock vblock.test \ --vblock vblock.test \
--keyblock keyblock.test \ --keyblock keyblock.test \
--signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \
@@ -52,6 +52,6 @@ ${UTIL_DIR}/vbutil_firmware \
echo 'Verifying test firmware using vb2_verify_fw' echo 'Verifying test firmware using vb2_verify_fw'
# Verify the firmware using vboot2 utility # Verify the firmware using vboot2 utility
${UTIL_DIR}/vb2_verify_fw gbb.test vblock.test body.test ${BIN_DIR}/vb2_verify_fw gbb.test vblock.test body.test
happy 'vb2_verify_fw succeeded' happy 'vb2_verify_fw succeeded'

2
tests/vb2_rsa_tests.sh
View File

@@ -21,7 +21,7 @@ function test_signatures {
for hashalgo in ${hash_algos[@]} for hashalgo in ${hash_algos[@]}
do do
echo -e "For ${COL_YELLOW}RSA-$keylen and $hashalgo${COL_STOP}:" echo -e "For ${COL_YELLOW}RSA-$keylen and $hashalgo${COL_STOP}:"
${UTIL_DIR}/verify_data $algorithmcounter \ ${BIN_DIR}/verify_data $algorithmcounter \
${TESTKEY_DIR}/key_rsa${keylen}.keyb \ ${TESTKEY_DIR}/key_rsa${keylen}.keyb \
${TEST_FILE}.rsa${keylen}_${hashalgo}.sig \ ${TEST_FILE}.rsa${keylen}_${hashalgo}.sig \
${TEST_FILE} ${TEST_FILE}