Home | History | Annotate | Download | only in futility 
      1 #!/bin/bash -eux
      2 # Copyright (c) 2014 The Chromium OS Authors. All rights reserved.
      3 # Use of this source code is governed by a BSD-style license that can be
      4 # found in the LICENSE file.
      5 
      6 me=${0##*/}
      7 TMP="$me.tmp"
      8 
      9 # Work in scratch directory
     10 cd "$OUTDIR"
     11 
     12 DEVKEYS=${SRCDIR}/tests/devkeys
     13 TESTKEYS=${SRCDIR}/tests/testkeys
     14 
     15 echo 'Creating test kernel'
     16 
     17 # Dummy kernel data
     18 echo "hi there" > ${TMP}.config.txt
     19 dd if=/dev/urandom bs=16384 count=1 of=${TMP}.bootloader.bin
     20 dd if=/dev/urandom bs=32768 count=1 of=${TMP}.kernel.bin
     21 
     22 # Pack kernel data key using original vboot utilities.
     23 ${FUTILITY} vbutil_key --pack ${TMP}.datakey.test \
     24     --key ${TESTKEYS}/key_rsa2048.keyb --algorithm 4
     25 
     26 # Keyblock with kernel data key is signed by kernel subkey
     27 # Flags=5 means dev=0 rec=0
     28 ${FUTILITY} vbutil_keyblock --pack ${TMP}.keyblock.test \
     29     --datapubkey ${TMP}.datakey.test \
     30     --flags 5 \
     31     --signprivate ${DEVKEYS}/kernel_subkey.vbprivk
     32 
     33 # Kernel preamble is signed with the kernel data key
     34 ${FUTILITY} vbutil_kernel \
     35     --pack ${TMP}.kernel.test \
     36     --keyblock ${TMP}.keyblock.test \
     37     --signprivate ${TESTKEYS}/key_rsa2048.sha256.vbprivk \
     38     --version 1 \
     39     --arch arm \
     40     --vmlinuz ${TMP}.kernel.bin \
     41     --bootloader ${TMP}.bootloader.bin \
     42     --config ${TMP}.config.txt
     43 
     44 echo 'Verifying test kernel'
     45 
     46 # Verify the kernel
     47 ${FUTILITY} show ${TMP}.kernel.test \
     48     --publickey ${DEVKEYS}/kernel_subkey.vbpubk \
     49   | egrep 'Signature.*valid'
     50 
     51 echo 'Test kernel blob looks good'
     52 
     53 # Mess up the padding, make sure it fails.
     54 rc=0
     55 ${FUTILITY} show ${TMP}.kernel.test \
     56     --pad 0x100 \
     57     --publickey ${DEVKEYS}/kernel_subkey.vbpubk \
     58   || rc=$?
     59 [ $rc -ne 0 ]
     60 [ $rc -lt 128 ]
     61 
     62 echo 'Invalid args are invalid'
     63 
     64 # Look waaaaaay off the end of the file, make sure it fails.
     65 rc=0
     66 ${FUTILITY} show ${TMP}.kernel.test \
     67     --pad 0x100000 \
     68     --publickey ${DEVKEYS}/kernel_subkey.vbpubk \
     69   || rc=$?
     70 [ $rc -ne 0 ]
     71 [ $rc -lt 128 ]
     72 
     73 echo 'Really invalid args are still invalid'
     74 
     75 # cleanup
     76 rm -rf ${TMP}*
     77 exit 0
     78