scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2025-12-24 16:57:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

Convert common tests from shell scripts to running directly

Browse Source 
So they can run under qemu.

Also, mount /proc and /dev before running qemu in the chroot.

BUG=chromium-os:37916
BRANCH=none
TEST=manual

make runtests
sudo FEATURES=test emerge vboot_reference
FEATURES=test emerge-daisy vboot_reference
FEATURES=test emerge-link vboot_reference

Change-Id: I940ce370bd149621e666250b07cf9219f9e22bac
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/41786
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
This commit is contained in:
Randall Spangler
2013-01-22 15:34:07 -08:00
committed by ChromeBot
parent eecc18fc95
commit e061a25654
4 changed files with 364 additions and 236 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
Makefile
View File

@@ -36,8 +36,8 @@
# changed or appended. They must be defined before being used anywhere.
# we should only run pwd once, not every time we refer to ${BUILD}.
_whereami := $(shell pwd)
BUILD ?= $(_whereami)/build
SRCDIR := $(shell pwd)
BUILD ?= $(SRCDIR)/build
export BUILD
# Target for 'make install'
@@ -152,21 +152,21 @@ endif
ifeq (${QEMU_ARCH},)
# Path to build output for running tests is same as for building
BUILD_RUN = ${BUILD}
SRC_RUN = ${SRCDIR}
else
$(info Using qemu for testing.)
# Path to build output for running tests is different in the chroot
BUILD_RUN = $(subst ${SYSROOT},,${BUILD})
SRC_RUN = $(subst ${SYSROOT},,${SRCDIR})
QEMU_BIN = qemu-${QEMU_ARCH}
QEMU_OPTS = -drop-ld-preload \
-E LD_LIBRARY_PATH=/lib64:/lib:/usr/lib64:/usr/lib \
-E HOME=${HOME} \
-E BUILD=${BUILD_RUN}
QEMU_CMD = sudo chroot ${SYSROOT} ${BUILD_RUN}/${QEMU_BIN} ${QEMU_OPTS} --
RUNTEST = ${QEMU_CMD}
QEMU_RUN = ${BUILD_RUN}/${QEMU_BIN}
export QEMU_RUN
RUNTEST = tests/test_using_qemu.sh
endif
export BUILD_RUN
# Some things only compile inside the Chromium OS chroot.
# TODO: Those things should be in their own repo, not part of vboot_reference
@@ -465,6 +465,8 @@ TEST_NAMES += ${TLCL_TEST_NAMES}
TEST_BINS = $(addprefix ${BUILD}/tests/,${TEST_NAMES})
ALL_DEPS += $(addsuffix .d,${TEST_BINS})
# Directory containing test keys
TEST_KEYS = ${SRC_RUN}/tests/testkeys
# ----------------------------------------------------------------------------
# TODO: why not make this include *all* the cgpt files, and simply have
@@ -930,7 +932,6 @@ runtestscripts: test_setup genfuzztestcases
tests/run_cgpt_tests.sh ${BUILD_RUN}/cgpt/cgpt
tests/run_preamble_tests.sh
tests/run_rsa_tests.sh
tests/run_vboot_common_tests.sh
tests/run_vbutil_kernel_arg_tests.sh
tests/run_vbutil_tests.sh
@@ -947,6 +948,9 @@ runmisctests: test_setup
${RUNTEST} ${BUILD_RUN}/tests/vboot_api_init_tests
${RUNTEST} ${BUILD_RUN}/tests/vboot_api_firmware_tests
${RUNTEST} ${BUILD_RUN}/tests/vboot_audio_tests
${RUNTEST} ${BUILD_RUN}/tests/vboot_common_tests
${RUNTEST} ${BUILD_RUN}/tests/vboot_common2_tests ${TEST_KEYS}
${RUNTEST} ${BUILD_RUN}/tests/vboot_common3_tests ${TEST_KEYS}
${RUNTEST} ${BUILD_RUN}/tests/vboot_firmware_tests
.PHONY: runfutiltests
@@ -959,8 +963,9 @@ runfutiltests: test_setup install
# Not run by automated build.
.PHONY: runlongtests
runlongtests: test_setup genkeys genfuzztestcases
${RUNTEST} ${BUILD_RUN}/tests/vboot_common2_tests ${TEST_KEYS} --all
${RUNTEST} ${BUILD_RUN}/tests/vboot_common3_tests ${TEST_KEYS} --all
tests/run_preamble_tests.sh --all
tests/run_vboot_common_tests.sh --all
tests/run_vboot_ec_tests.sh
tests/run_vbutil_tests.sh --all

40
tests/test_using_qemu.sh Executable file
View File

@@ -0,0 +1,40 @@
#!/bin/bash
#
# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
# Script to run a test under qemu
#
# Usage:
# test_using_qemu.sh (command line to run)
#
# Required environment variables:
# BUILD_RUN - path to build directory inside chroot
# HOME - home directory inside chroot
# QEMU_RUN - path to QEMU binary inside chroot
# SYSROOT - path to root for target platform, outside chroot
set -e
# Set up mounts
sudo mkdir -p "${SYSROOT}/proc" "${SYSROOT}/dev"
sudo mount --bind /proc "${SYSROOT}/proc"
sudo mount --bind /dev "${SYSROOT}/dev"
# Don't exit on error, so we can capture the error code
set +e
sudo chroot ${SYSROOT} ${QEMU_RUN} -drop-ld-preload \
-E LD_LIBRARY_PATH=/lib64:/lib:/usr/lib64:/usr/lib \
-E HOME=${HOME} \
-E BUILD=${BUILD_RUN} \
-- $*
exit_code=$?
set -e
# Clean up mounts
sudo umount -l "${SYSROOT}/proc"
sudo umount -l "${SYSROOT}/dev"
# Pass through exit code from command
exit $exit_code

391
tests/vboot_common2_tests.c
View File

@@ -1,4 +1,4 @@
/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "cryptolib.h"
#include "file_keys.h"
@@ -14,231 +15,261 @@
#include "test_common.h"
#include "vboot_common.h"
static void VerifyPublicKeyToRSA(const VbPublicKey *orig_key)
{
RSAPublicKey *rsa;
VbPublicKey *key = PublicKeyAlloc(orig_key->key_size, 0, 0);
static void VerifyPublicKeyToRSA(const VbPublicKey* orig_key) {
PublicKeyCopy(key, orig_key);
key->algorithm = kNumAlgorithms;
TEST_EQ((size_t)PublicKeyToRSA(key), 0,
"PublicKeyToRSA() invalid algorithm");
RSAPublicKey *rsa;
VbPublicKey *key = PublicKeyAlloc(orig_key->key_size, 0, 0);
PublicKeyCopy(key, orig_key);
key->key_size -= 1;
TEST_EQ((size_t)PublicKeyToRSA(key), 0,
"PublicKeyToRSA() invalid size");
PublicKeyCopy(key, orig_key);
key->algorithm = kNumAlgorithms;
TEST_EQ((size_t)PublicKeyToRSA(key), 0,
"PublicKeyToRSA() invalid algorithm");
PublicKeyCopy(key, orig_key);
key->key_size -= 1;
TEST_EQ((size_t)PublicKeyToRSA(key), 0,
"PublicKeyToRSA() invalid size");
rsa = PublicKeyToRSA(orig_key);
TEST_NEQ((size_t)rsa, 0, "PublicKeyToRSA() ok");
if (rsa) {
TEST_EQ((int)rsa->algorithm, (int)key->algorithm,
"PublicKeyToRSA() algorithm");
RSAPublicKeyFree(rsa);
}
rsa = PublicKeyToRSA(orig_key);
TEST_NEQ((size_t)rsa, 0, "PublicKeyToRSA() ok");
if (rsa) {
TEST_EQ((int)rsa->algorithm, (int)key->algorithm,
"PublicKeyToRSA() algorithm");
RSAPublicKeyFree(rsa);
}
}
static void VerifyDataTest(const VbPublicKey *public_key,
const VbPrivateKey *private_key)
{
const uint8_t test_data[] = "This is some test data to sign.";
const uint64_t test_size = sizeof(test_data);
VbSignature *sig;
RSAPublicKey *rsa;
static void VerifyDataTest(const VbPublicKey* public_key,
const VbPrivateKey* private_key) {
sig = CalculateSignature(test_data, test_size, private_key);
TEST_PTR_NEQ(sig, 0, "VerifyData() calculate signature");
const uint8_t test_data[] = "This is some test data to sign.";
const uint64_t test_size = sizeof(test_data);
VbSignature* sig;
RSAPublicKey* rsa;
rsa = PublicKeyToRSA(public_key);
TEST_PTR_NEQ(rsa, 0, "VerifyData() calculate rsa");
sig = CalculateSignature(test_data, test_size, private_key);
rsa = PublicKeyToRSA(public_key);
TEST_NEQ(sig && rsa, 0, "VerifyData() prerequisites");
if (!sig || !rsa)
return;
if (!sig || !rsa)
return;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 0, "VerifyData() ok");
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 0,
"VerifyData() ok");
sig->sig_size -= 16;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 1,
"VerifyData() wrong sig size");
sig->sig_size += 16;
sig->sig_size -= 16;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 1,
"VerifyData() wrong sig size");
sig->sig_size += 16;
TEST_EQ(VerifyData(test_data, test_size - 1, sig, rsa), 1,
"VerifyData() input buffer too small");
TEST_EQ(VerifyData(test_data, test_size - 1, sig, rsa), 1,
"VerifyData() input buffer too small");
GetSignatureData(sig)[0] ^= 0x5A;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 1,
"VerifyData() wrong sig");
GetSignatureData(sig)[0] ^= 0x5A;
TEST_EQ(VerifyData(test_data, test_size, sig, rsa), 1,
"VerifyData() wrong sig");
RSAPublicKeyFree(rsa);
free(sig);
RSAPublicKeyFree(rsa);
free(sig);
}
static void VerifyDigestTest(const VbPublicKey *public_key,
const VbPrivateKey *private_key)
{
const uint8_t test_data[] = "This is some other test data to sign.";
VbSignature *sig;
RSAPublicKey *rsa;
uint8_t *digest;
static void VerifyDigestTest(const VbPublicKey* public_key,
const VbPrivateKey* private_key) {
sig = CalculateSignature(test_data, sizeof(test_data), private_key);
rsa = PublicKeyToRSA(public_key);
digest = DigestBuf(test_data, sizeof(test_data),
(int)public_key->algorithm);
TEST_NEQ(sig && rsa && digest, 0, "VerifyData() prerequisites");
if (!sig || !rsa || !digest)
return;
const uint8_t test_data[] = "This is some other test data to sign.";
VbSignature* sig;
RSAPublicKey* rsa;
uint8_t* digest;
TEST_EQ(VerifyDigest(digest, sig, rsa), 0, "VerifyDigest() ok");
sig = CalculateSignature(test_data, sizeof(test_data), private_key);
rsa = PublicKeyToRSA(public_key);
digest = DigestBuf(test_data, sizeof(test_data), (int)public_key->algorithm);
TEST_NEQ(sig && rsa && digest, 0, "VerifyData() prerequisites");
if (!sig || !rsa || !digest)
return;
GetSignatureData(sig)[0] ^= 0x5A;
TEST_EQ(VerifyDigest(digest, sig, rsa), 1, "VerifyDigest() wrong sig");
TEST_EQ(VerifyDigest(digest, sig, rsa), 0, "VerifyDigest() ok");
GetSignatureData(sig)[0] ^= 0x5A;
TEST_EQ(VerifyDigest(digest, sig, rsa), 1, "VerifyDigest() wrong sig");
RSAPublicKeyFree(rsa);
free(sig);
free(digest);
RSAPublicKeyFree(rsa);
free(sig);
free(digest);
}
static void ReSignKernelPreamble(VbKernelPreambleHeader *h,
const VbPrivateKey *key) {
VbSignature *sig = CalculateSignature((const uint8_t*)h,
h->preamble_signature.data_size, key);
const VbPrivateKey *key)
{
VbSignature *sig = CalculateSignature((const uint8_t *)h,
h->preamble_signature.data_size, key);
SignatureCopy(&h->preamble_signature, sig);
free(sig);
SignatureCopy(&h->preamble_signature, sig);
free(sig);
}
static void VerifyKernelPreambleTest(const VbPublicKey *public_key,
const VbPrivateKey *private_key)
{
VbKernelPreambleHeader *hdr;
VbKernelPreambleHeader *h;
RSAPublicKey *rsa;
unsigned hsize;
static void VerifyKernelPreambleTest(const VbPublicKey* public_key,
const VbPrivateKey* private_key) {
/* Create a dummy signature */
VbSignature *body_sig = SignatureAlloc(56, 78);
VbKernelPreambleHeader *hdr;
VbKernelPreambleHeader *h;
RSAPublicKey* rsa;
unsigned hsize;
rsa = PublicKeyToRSA(public_key);
hdr = CreateKernelPreamble(0x1234, 0x100000, 0x300000, 0x4000, body_sig,
0, private_key);
TEST_NEQ(hdr && rsa, 0, "VerifyKernelPreamble() prerequisites");
if (!hdr)
return;
hsize = (unsigned) hdr->preamble_size;
h = (VbKernelPreambleHeader *)malloc(hsize + 16384);
/* Create a dummy signature */
VbSignature *body_sig = SignatureAlloc(56, 78);
TEST_EQ(VerifyKernelPreamble(hdr, hsize, rsa), 0,
"VerifyKernelPreamble() ok using key");
TEST_NEQ(VerifyKernelPreamble(hdr, hsize - 1, rsa), 0,
"VerifyKernelPreamble() size--");
TEST_EQ(VerifyKernelPreamble(hdr, hsize + 1, rsa), 0,
"VerifyKernelPreamble() size++");
rsa = PublicKeyToRSA(public_key);
hdr = CreateKernelPreamble(0x1234, 0x100000, 0x300000, 0x4000, body_sig,
0, private_key);
TEST_NEQ(hdr && rsa, 0, "VerifyKernelPreamble() prerequisites");
if (!hdr)
return;
hsize = (unsigned) hdr->preamble_size;
h = (VbKernelPreambleHeader*)malloc(hsize + 16384);
/* Care about major version but not minor */
Memcpy(h, hdr, hsize);
h->header_version_major++;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() major++");
TEST_EQ(VerifyKernelPreamble(hdr, hsize, rsa), 0,
"VerifyKernelPreamble() ok using key");
TEST_NEQ(VerifyKernelPreamble(hdr, hsize - 1, rsa), 0,
"VerifyKernelPreamble() size--");
TEST_EQ(VerifyKernelPreamble(hdr, hsize + 1, rsa), 0,
"VerifyKernelPreamble() size++");
Memcpy(h, hdr, hsize);
h->header_version_major--;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() major--");
/* Care about major version but not minor */
Memcpy(h, hdr, hsize);
h->header_version_major++;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() major++");
Memcpy(h, hdr, hsize);
h->header_version_minor++;
ReSignKernelPreamble(h, private_key);
TEST_EQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() minor++");
Memcpy(h, hdr, hsize);
h->header_version_major--;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() major--");
Memcpy(h, hdr, hsize);
h->header_version_minor--;
ReSignKernelPreamble(h, private_key);
TEST_EQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() minor--");
Memcpy(h, hdr, hsize);
h->header_version_minor++;
ReSignKernelPreamble(h, private_key);
TEST_EQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() minor++");
/* Check signature */
Memcpy(h, hdr, hsize);
h->preamble_signature.sig_offset = hsize;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() sig off end");
Memcpy(h, hdr, hsize);
h->header_version_minor--;
ReSignKernelPreamble(h, private_key);
TEST_EQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() minor--");
Memcpy(h, hdr, hsize);
h->preamble_signature.sig_size--;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() sig too small");
/* Check signature */
Memcpy(h, hdr, hsize);
h->preamble_signature.sig_offset = hsize;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() sig off end");
Memcpy(h, hdr, hsize);
GetSignatureData(&h->body_signature)[0] ^= 0x34;
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() sig mismatch");
Memcpy(h, hdr, hsize);
h->preamble_signature.sig_size--;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() sig too small");
/* Check that we signed header and body sig */
Memcpy(h, hdr, hsize);
h->preamble_signature.data_size = 4;
h->body_signature.sig_offset = 0;
h->body_signature.sig_size = 0;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() didn't sign header");
Memcpy(h, hdr, hsize);
GetSignatureData(&h->body_signature)[0] ^= 0x34;
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() sig mismatch");
Memcpy(h, hdr, hsize);
h->body_signature.sig_offset = hsize;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() body sig off end");
/* Check that we signed header and body sig */
Memcpy(h, hdr, hsize);
h->preamble_signature.data_size = 4;
h->body_signature.sig_offset = 0;
h->body_signature.sig_size = 0;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() didn't sign header");
/* TODO: verify parser can support a bigger header. */
Memcpy(h, hdr, hsize);
h->body_signature.sig_offset = hsize;
ReSignKernelPreamble(h, private_key);
TEST_NEQ(VerifyKernelPreamble(h, hsize, rsa), 0,
"VerifyKernelPreamble() body sig off end");
/* TODO: verify parser can support a bigger header. */
free(h);
RSAPublicKeyFree(rsa);
free(hdr);
free(h);
RSAPublicKeyFree(rsa);
free(hdr);
}
int test_algorithm(int key_algorithm, const char *keys_dir)
{
char filename[1024];
int rsa_len = siglen_map[key_algorithm] * 8;
int main(int argc, char* argv[]) {
VbPrivateKey* private_key = NULL;
VbPublicKey* public_key = NULL;
int key_algorithm;
VbPrivateKey *private_key = NULL;
VbPublicKey *public_key = NULL;
int error_code = 0;
printf("***Testing algorithm: %s\n", algo_strings[key_algorithm]);
if(argc != 4) {
fprintf(stderr, "Usage: %s <key_algorithm> <key> <processed pubkey>"
" <signing key> <processed signing key>\n", argv[0]);
return -1;
}
sprintf(filename, "%s/key_rsa%d.pem", keys_dir, rsa_len);
private_key = PrivateKeyReadPem(filename, key_algorithm);
if (!private_key) {
fprintf(stderr, "Error reading private_key: %s\n", filename);
return 1;
}
/* Read verification keys and create a test image. */
key_algorithm = atoi(argv[1]);
sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, rsa_len);
public_key = PublicKeyReadKeyb(filename, key_algorithm, 1);
if (!public_key) {
fprintf(stderr, "Error reading public_key: %s\n", filename);
return 1;
}
private_key = PrivateKeyReadPem(argv[2], key_algorithm);
if (!private_key) {
fprintf(stderr, "Error reading private_key");
return 1;
}
VerifyPublicKeyToRSA(public_key);
VerifyDataTest(public_key, private_key);
VerifyDigestTest(public_key, private_key);
VerifyKernelPreambleTest(public_key, private_key);
public_key = PublicKeyReadKeyb(argv[3], key_algorithm, 1);
if (!public_key) {
fprintf(stderr, "Error reading public_key");
return 1;
}
if (public_key)
free(public_key);
if (private_key)
free(private_key);
VerifyPublicKeyToRSA(public_key);
VerifyDataTest(public_key, private_key);
VerifyDigestTest(public_key, private_key);
VerifyKernelPreambleTest(public_key, private_key);
if (public_key)
free(public_key);
if (private_key)
free(private_key);
return error_code;
return 0;
}
/*
* Test only the algorithms we use:
* 4 (rsa2048 sha256)
* 7 (rsa4096 sha256)
* 11 (rsa8192 sha512)
*/
const int key_algs[] = {4, 7, 11};
int main(int argc, char *argv[]) {
if (argc == 2) {
int i;
for (i = 0; i < ARRAY_SIZE(key_algs); i++) {
if (test_algorithm(key_algs[i], argv[1]))
return 1;
}
} else if (argc == 3 && !strcasecmp(argv[2], "--all")) {
/* Test all the algorithms */
int alg;
for (alg = 0; alg < kNumAlgorithms; alg++) {
if (test_algorithm(alg, argv[1]))
return 1;
}
} else {
fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]);
return -1;
}
return gTestSuccess ? 0 : 255;
}

142
tests/vboot_common3_tests.c
View File

@@ -1,4 +1,4 @@
/* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
/* Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*
@@ -7,6 +7,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "cryptolib.h"
#include "file_keys.h"
@@ -254,56 +255,107 @@ static void VerifyFirmwarePreambleTest(const VbPublicKey* public_key,
free(hdr);
}
int test_permutation(int signing_key_algorithm, int data_key_algorithm,
const char *keys_dir)
{
char filename[1024];
int signing_rsa_len = siglen_map[signing_key_algorithm] * 8;;
int data_rsa_len = siglen_map[data_key_algorithm] * 8;;
int main(int argc, char* argv[]) {
VbPrivateKey* signing_private_key = NULL;
VbPublicKey* signing_public_key = NULL;
int signing_key_algorithm;
VbPrivateKey* signing_private_key = NULL;
VbPublicKey* signing_public_key = NULL;
VbPublicKey* data_public_key = NULL;
VbPublicKey* data_public_key = NULL;
int data_key_algorithm;
printf("***Testing signing algorithm: %s\n",
algo_strings[signing_key_algorithm]);
printf("***With data key algorithm: %s\n",
algo_strings[data_key_algorithm]);
int error_code = 0;
sprintf(filename, "%s/key_rsa%d.pem", keys_dir, signing_rsa_len);
signing_private_key = PrivateKeyReadPem(filename,
signing_key_algorithm);
if (!signing_private_key) {
fprintf(stderr, "Error reading signing_private_key: %s\n",
filename);
return 1;
}
if(argc != 7) {
fprintf(stderr, "Usage: %s <signing_key_algorithm> <data_key_algorithm>"
" <signing key> <processed signing pubkey>"
" <data key> <processed data pubkey>\n", argv[0]);
return -1;
}
sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, signing_rsa_len);
signing_public_key = PublicKeyReadKeyb(filename,
signing_key_algorithm, 1);
if (!signing_public_key) {
fprintf(stderr, "Error reading signing_public_key: %s\n",
filename);
return 1;
}
/* Read verification keys and create a test image. */
signing_key_algorithm = atoi(argv[1]);
data_key_algorithm = atoi(argv[2]);
sprintf(filename, "%s/key_rsa%d.keyb", keys_dir, data_rsa_len);
data_public_key = PublicKeyReadKeyb(filename,
data_key_algorithm, 1);
if (!data_public_key) {
fprintf(stderr, "Error reading data_public_key: %s\n",
filename);
return 1;
}
signing_private_key = PrivateKeyReadPem(argv[3], signing_key_algorithm);
if (!signing_private_key) {
fprintf(stderr, "Error reading signing_private_key");
return 1;
}
KeyBlockVerifyTest(signing_public_key, signing_private_key,
data_public_key);
VerifyFirmwarePreambleTest(signing_public_key, signing_private_key,
data_public_key);
signing_public_key = PublicKeyReadKeyb(argv[4], signing_key_algorithm, 1);
if (!signing_public_key) {
fprintf(stderr, "Error reading signing_public_key");
return 1;
}
if (signing_public_key)
free(signing_public_key);
if (signing_private_key)
free(signing_private_key);
if (data_public_key)
free(data_public_key);
data_public_key = PublicKeyReadKeyb(argv[6], data_key_algorithm, 1);
if (!data_public_key) {
fprintf(stderr, "Error reading data_public_key");
return 1;
}
KeyBlockVerifyTest(signing_public_key, signing_private_key, data_public_key);
VerifyFirmwarePreambleTest(signing_public_key, signing_private_key,
data_public_key);
if (signing_public_key)
free(signing_public_key);
if (signing_private_key)
free(signing_private_key);
if (data_public_key)
free(data_public_key);
return error_code;
return 0;
}
struct test_perm
{
int signing_algorithm;
int data_key_algorithm;
};
/*
* Permutations of signing and data key algorithms in active use:
* 7 (rsa4096 sha256) - 4 (rsa2048 sha256)
* 11 (rsa8192 sha512) - 4 (rsa2048 sha256)
* 11 (rsa8192 sha512) - 7 (rsa4096 sha256)
*/
const struct test_perm test_perms[] = {{7, 4}, {11, 4}, {11, 7}};
int main(int argc, char* argv[])
{
if (argc == 2) {
/* Test only the algorithms we use */
int i;
for (i = 0; i < ARRAY_SIZE(test_perms); i++) {
if (test_permutation(test_perms[i].signing_algorithm,
test_perms[i].data_key_algorithm,
argv[1]))
return 1;
}
} else if (argc == 3 && !strcasecmp(argv[2], "--all")) {
/* Test all the algorithms */
int sign_alg, data_alg;
for (sign_alg = 0; sign_alg < kNumAlgorithms; sign_alg++) {
for (data_alg = 0; data_alg < kNumAlgorithms;
data_alg++) {
if (test_permutation(sign_alg, data_alg,
argv[1]))
return 1;
}
}
} else {
fprintf(stderr, "Usage: %s <keys_dir> [--all]", argv[0]);
return -1;
}
return gTestSuccess ? 0 : 255;
}