1 #!/bin/bash 2 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 4 # Use of this source code is governed by a BSD-style license that can be 5 # found in the LICENSE file. 6 7 # Generate test cases for use for the RSA verify benchmark. 8 9 set -e 10 11 # Load common constants and variables. 12 . "$(dirname "$0")/common.sh" 13 14 # Use a different directory for fuzzing test cases. 15 TESTKEY_DIR=${TESTKEY_DIR:-$(realpath ${SCRIPT_DIR}/../tests/testkeys)} 16 TESTCASE_DIR=${BUILD_DIR}/fuzz_testcases 17 TEST_IMAGE_FILE=${TESTCASE_DIR}/testimage 18 TEST_IMAGE_SIZE=500000 19 TEST_BOOTLOADER_FILE=${TESTCASE_DIR}/testbootloader 20 TEST_BOOTLOADER_SIZE=50000 21 TEST_CONFIG_FILE=${TESTCASE_DIR}/testconfig 22 # Config size must < 4096 23 TEST_CONFIG_SIZE=3000 24 25 function generate_fuzzing_images { 26 echo "Generating key blocks..." 27 # Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware 28 # signing key. 29 ${FUTILITY} vbutil_keyblock \ 30 --pack ${TESTCASE_DIR}/firmware.keyblock \ 31 --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ 32 --signprivate ${TESTKEY_DIR}/key_rsa8192.sha1.vbprivk 33 34 # Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512 35 # kernel signing key. 36 ${FUTILITY} vbutil_keyblock \ 37 --pack ${TESTCASE_DIR}/kernel.keyblock \ 38 --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ 39 --signprivate ${TESTKEY_DIR}/key_rsa4096.sha1.vbprivk \ 40 --flags 15 41 42 echo "Generating signed firmware test image..." 43 ${FUTILITY} vbutil_firmware \ 44 --vblock ${TESTCASE_DIR}/firmware.vblock \ 45 --keyblock ${TESTCASE_DIR}/firmware.keyblock\ 46 --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ 47 --version 1 \ 48 --fv $1 \ 49 --kernelkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk 50 # TODO(gauravsh): ALso test with (optional) flags. 51 cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk 52 53 echo "Generating signed kernel test image..." 54 ${FUTILITY} vbutil_kernel \ 55 --pack ${TESTCASE_DIR}/kernel.vblock.image \ 56 --keyblock ${TESTCASE_DIR}/kernel.keyblock \ 57 --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ 58 --version 1 \ 59 --vmlinuz ${TEST_IMAGE_FILE} \ 60 --bootloader ${TEST_BOOTLOADER_FILE} \ 61 --config ${TEST_CONFIG_FILE} 62 # TODO(gauravsh): Also test with (optional) padding. 63 cp ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ 64 ${TESTCASE_DIR}/firmware_key.vbpubk 65 } 66 67 function pre_work { 68 # Generate a file to serve as random bytes for firmware/kernel contents. 69 # NOTE: The kernel and config file can't really be random, but the bootloader 70 # can. That's probably close enough. 71 echo "Generating test image file..." 72 dd if=/dev/urandom of=${TEST_IMAGE_FILE} bs=${TEST_IMAGE_SIZE} count=1 73 echo "Generating test bootloader file..." 74 # TODO(gauravsh): Use a valid bootloader here? 75 dd if=/dev/urandom of=${TEST_BOOTLOADER_FILE} bs=${TEST_BOOTLOADER_SIZE} \ 76 count=1 77 echo "Generating test config file..." 78 # TODO(gauravsh): Use a valid config file here? 79 dd if=/dev/urandom of=${TEST_CONFIG_FILE} bs=${TEST_CONFIG_SIZE} count=1 80 } 81 82 mkdir -p ${TESTCASE_DIR} 83 pre_work 84 check_test_keys 85 generate_fuzzing_images ${TEST_IMAGE_FILE} 86 87
