Home | History | Annotate | Download | only in tests 
      1 #!/bin/bash -u
      2 #
      3 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
      4 # Use of this source code is governed by a BSD-style license that can be
      5 # found in the LICENSE file.
      6 #
      7 # This tests that vblocks using pre-3.0 versions of VbFirmwarePreambleHeader
      8 # and VbKernelPreambleHeader will still verify (or not) correctly. We need to
      9 # keep the old versions around to make sure that we can still sign images in
     10 # the ways that existing devices can validate.
     11 
     12 # Load common constants and variables for tests.
     13 . "$(dirname "$0")/common.sh"
     14 
     15 if [ "${1:---some}" == "--all" ] ; then
     16     # all algs
     17     algs="0 1 2 3 4 5 6 7 8 9 10 11"
     18 else
     19     # just the algs we use
     20     algs="4 7 11"
     21 fi
     22 
     23 # output directories
     24 PREAMBLE_DIR="${SCRIPT_DIR}/preamble_tests"
     25 DATADIR="${PREAMBLE_DIR}/data"
     26 V2DIR="${PREAMBLE_DIR}/preamble_v2x"
     27 
     28 tests=0
     29 errs=0
     30 
     31 # Check the firmware results
     32 for d in $algs; do
     33   for r in $algs; do
     34     for rr in $algs; do
     35       if [ "$r" = "$rr" ]; then
     36         what="verify"
     37         cmp="-ne"
     38       else
     39         what="reject"
     40         cmp="-eq"
     41       fi
     42       : $(( tests++ ))
     43       echo -n "${what} fw_${d}_${r}.vblock with root_${rr}.vbpubk ... "
     44       "${FUTILITY}" vbutil_firmware \
     45         --verify "${V2DIR}/fw_${d}_${r}.vblock" \
     46         --signpubkey "${DATADIR}/root_${rr}.vbpubk" \
     47         --fv "${DATADIR}/FWDATA" >/dev/null 2>&1
     48       if [ "$?" "$cmp" 0 ]; then
     49         echo -e "${COL_RED}FAILED${COL_STOP}"
     50         : $(( errs++ ))
     51       else
     52         echo -e "${COL_GREEN}PASSED${COL_STOP}"
     53       fi
     54     done
     55   done
     56 done
     57 
     58 
     59 # Check the kernel results
     60 for d in $algs; do
     61   for r in $algs; do
     62     for rr in $algs; do
     63       if [ "$r" = "$rr" ]; then
     64         what="verify"
     65         cmp="-ne"
     66       else
     67         what="reject"
     68         cmp="-eq"
     69       fi
     70       : $(( tests++ ))
     71       echo -n "${what} kern_${d}_${r}.vblock with root_${rr}.vbpubk ... "
     72       "${FUTILITY}" vbutil_kernel \
     73         --verify "${V2DIR}/kern_${d}_${r}.vblock" \
     74         --signpubkey "${DATADIR}/root_${rr}.vbpubk" >/dev/null 2>&1
     75       if [ "$?" "$cmp" 0 ]; then
     76         echo -e "${COL_RED}FAILED${COL_STOP}"
     77         : $(( errs++ ))
     78       else
     79         echo -e "${COL_GREEN}PASSED${COL_STOP}"
     80       fi
     81     done
     82   done
     83 done
     84 
     85 
     86 # Check the kernel results
     87 for d in $algs; do
     88   for r in $algs; do
     89       : $(( tests++ ))
     90       echo -n "verify kern_${d}_${r}.vblock with hash only ... "
     91       "${FUTILITY}" vbutil_kernel \
     92           --verify "${V2DIR}/kern_${d}_${r}.vblock" >/dev/null 2>&1
     93       if [ "$?" -ne 0 ]; then
     94         echo -e "${COL_RED}FAILED${COL_STOP}"
     95         : $(( errs++ ))
     96       else
     97         echo -e "${COL_GREEN}PASSED${COL_STOP}"
     98       fi
     99   done
    100 done
    101 
    102 
    103 # Summary
    104 ME=$(basename "$0")
    105 if [ "$errs" -ne 0 ]; then
    106   echo -e "${COL_RED}${ME}: ${errs}/${tests} tests failed${COL_STOP}"
    107   exit 1
    108 fi
    109 happy "${ME}: All ${tests} tests passed"
    110 exit 0
    111