Home Explore Help
Sign In
seokj
/
vboot
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: a609478d1a
Branches Tags
vboot
/
tests
/
futility
/
test_show_kernel.sh

test_show_kernel.sh 2.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. #!/bin/bash -eux
    2. 

  2. # Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
    3. 

  3. # Use of this source code is governed by a BSD-style license that can be
    4. 

  4. # found in the LICENSE file.
    5. 

  5. 

  6. me=${0##*/}
    7. 

  7. TMP="$me.tmp"
    8. 

  8. 

  9. # Work in scratch directory
    10. 

  10. cd "$OUTDIR"
    11. 

  11. 

  12. DEVKEYS=${SRCDIR}/tests/devkeys
    13. 

  13. TESTKEYS=${SRCDIR}/tests/testkeys
    14. 

  14. 

  15. echo 'Creating test kernel'
    16. 

  16. 

  17. # Dummy kernel data
    18. 

  18. echo "hi there" > ${TMP}.config.txt
    19. 

  19. dd if=/dev/urandom bs=16384 count=1 of=${TMP}.bootloader.bin
    20. 

  20. dd if=/dev/urandom bs=32768 count=1 of=${TMP}.kernel.bin
    21. 

  21. 

  22. # Pack kernel data key using original vboot utilities.
    23. 

  23. ${FUTILITY} vbutil_key --pack ${TMP}.datakey.test \
    24. 

  24.     --key ${TESTKEYS}/key_rsa2048.keyb --algorithm 4
    25. 

  25. 

  26. # Keyblock with kernel data key is signed by kernel subkey
    27. 

  27. # Flags=5 means dev=0 rec=0
    28. 

  28. ${FUTILITY} vbutil_keyblock --pack ${TMP}.keyblock.test \
    29. 

  29.     --datapubkey ${TMP}.datakey.test \
    30. 

  30.     --flags 5 \
    31. 

  31.     --signprivate ${DEVKEYS}/kernel_subkey.vbprivk
    32. 

  32. 

  33. # Kernel preamble is signed with the kernel data key
    34. 

  34. ${FUTILITY} vbutil_kernel \
    35. 

  35.     --pack ${TMP}.kernel.test \
    36. 

  36.     --keyblock ${TMP}.keyblock.test \
    37. 

  37.     --signprivate ${TESTKEYS}/key_rsa2048.sha256.vbprivk \
    38. 

  38.     --version 1 \
    39. 

  39.     --arch arm \
    40. 

  40.     --vmlinuz ${TMP}.kernel.bin \
    41. 

  41.     --bootloader ${TMP}.bootloader.bin \
    42. 

  42.     --config ${TMP}.config.txt
    43. 

  43. 

  44. echo 'Verifying test kernel'
    45. 

  45. 

  46. # Verify the kernel
    47. 

  47. ${FUTILITY} show ${TMP}.kernel.test \
    48. 

  48.     --publickey ${DEVKEYS}/kernel_subkey.vbpubk \
    49. 

  49.   | egrep 'Signature.*valid'
    50. 

  50. 

  51. echo 'Test kernel blob looks good'
    52. 

  52. 

  53. # Mess up the padding, make sure it fails.
    54. 

  54. rc=0
    55. 

  55. ${FUTILITY} show ${TMP}.kernel.test \
    56. 

  56.     --pad 0x100 \
    57. 

  57.     --publickey ${DEVKEYS}/kernel_subkey.vbpubk \
    58. 

  58.   || rc=$?
    59. 

  59. [ $rc -ne 0 ]
    60. 

  60. [ $rc -lt 128 ]
    61. 

  61. 

  62. echo 'Invalid args are invalid'
    63. 

  63. 

  64. # Look waaaaaay off the end of the file, make sure it fails.
    65. 

  65. rc=0
    66. 

  66. ${FUTILITY} show ${TMP}.kernel.test \
    67. 

  67.     --pad 0x100000 \
    68. 

  68.     --publickey ${DEVKEYS}/kernel_subkey.vbpubk \
    69. 

  69.   || rc=$?
    70. 

  70. [ $rc -ne 0 ]
    71. 

  71. [ $rc -lt 128 ]
    72. 

  72. 

  73. echo 'Really invalid args are still invalid'
    74. 

  74. 

  75. # cleanup
    76. 

  76. rm -rf ${TMP}*
    77. 

  77. exit 0
    78. 

  78.