| Bill Richardson | d355d9b | 2012-03-07 13:44:25 -0800 | [diff] [blame] | 1 | #!/bin/bash -u |
| 2 | # |
| 3 | # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| 4 | # Use of this source code is governed by a BSD-style license that can be |
| 5 | # found in the LICENSE file. |
| 6 | # |
| 7 | # This tests that vblocks using pre-3.0 versions of VbFirmwarePreambleHeader |
| 8 | # and VbKernelPreambleHeader will still verify (or not) correctly. We need to |
| 9 | # keep the old versions around to make sure that we can still sign images in |
| 10 | # the ways that existing devices can validate. |
| 11 | |
| 12 | # Load common constants and variables for tests. |
| 13 | . "$(dirname "$0")/common.sh" |
| 14 | |
| 15 | # all algs |
| 16 | algs="0 1 2 3 4 5 6 7 8 9 10 11" |
| 17 | |
| 18 | # output directories |
| 19 | PREAMBLE_DIR="${SCRIPT_DIR}/preamble_tests" |
| 20 | DATADIR="${PREAMBLE_DIR}/data" |
| 21 | V2DIR="${PREAMBLE_DIR}/preamble_v2x" |
| 22 | |
| 23 | tests=0 |
| 24 | errs=0 |
| 25 | |
| 26 | # Check the firmware results |
| 27 | for d in $algs; do |
| 28 | for r in $algs; do |
| 29 | for rr in $algs; do |
| 30 | if [ "$r" = "$rr" ]; then |
| 31 | what="verify" |
| 32 | cmp="-ne" |
| 33 | else |
| 34 | what="reject" |
| 35 | cmp="-eq" |
| 36 | fi |
| 37 | : $(( tests++ )) |
| 38 | echo -n "${what} fw_${d}_${r}.vblock with root_${rr}.vbpubk ... " |
| 39 | "${UTIL_DIR}/vbutil_firmware" --verify "${V2DIR}/fw_${d}_${r}.vblock" \ |
| 40 | --signpubkey "${DATADIR}/root_${rr}.vbpubk" \ |
| 41 | --fv "${DATADIR}/FWDATA" >/dev/null 2>&1 |
| 42 | if [ "$?" "$cmp" 0 ]; then |
| 43 | echo -e "${COL_RED}FAILED${COL_STOP}" |
| 44 | : $(( errs++ )) |
| 45 | else |
| 46 | echo -e "${COL_GREEN}PASSED${COL_STOP}" |
| 47 | fi |
| 48 | done |
| 49 | done |
| 50 | done |
| 51 | |
| 52 | |
| 53 | # Check the kernel results |
| 54 | for d in $algs; do |
| 55 | for r in $algs; do |
| 56 | for rr in $algs; do |
| 57 | if [ "$r" = "$rr" ]; then |
| 58 | what="verify" |
| 59 | cmp="-ne" |
| 60 | else |
| 61 | what="reject" |
| 62 | cmp="-eq" |
| 63 | fi |
| 64 | : $(( tests++ )) |
| 65 | echo -n "${what} kern_${d}_${r}.vblock with root_${rr}.vbpubk ... " |
| 66 | "${UTIL_DIR}/vbutil_kernel" --verify "${V2DIR}/kern_${d}_${r}.vblock" \ |
| 67 | --signpubkey "${DATADIR}/root_${rr}.vbpubk" >/dev/null 2>&1 |
| 68 | if [ "$?" "$cmp" 0 ]; then |
| 69 | echo -e "${COL_RED}FAILED${COL_STOP}" |
| 70 | : $(( errs++ )) |
| 71 | else |
| 72 | echo -e "${COL_GREEN}PASSED${COL_STOP}" |
| 73 | fi |
| 74 | done |
| 75 | done |
| 76 | done |
| 77 | |
| 78 | |
| 79 | # Check the kernel results |
| 80 | for d in $algs; do |
| 81 | for r in $algs; do |
| 82 | : $(( tests++ )) |
| 83 | echo -n "verify kern_${d}_${r}.vblock with hash only ... " |
| 84 | "${UTIL_DIR}/vbutil_kernel" \ |
| 85 | --verify "${V2DIR}/kern_${d}_${r}.vblock" >/dev/null 2>&1 |
| 86 | if [ "$?" -ne 0 ]; then |
| 87 | echo -e "${COL_RED}FAILED${COL_STOP}" |
| 88 | : $(( errs++ )) |
| 89 | else |
| 90 | echo -e "${COL_GREEN}PASSED${COL_STOP}" |
| 91 | fi |
| 92 | done |
| 93 | done |
| 94 | |
| 95 | |
| 96 | # Summary |
| 97 | ME=$(basename "$0") |
| 98 | if [ "$errs" -ne 0 ]; then |
| 99 | echo -e "${COL_RED}${ME}: ${errs}/${tests} tests failed${COL_STOP}" |
| 100 | exit 1 |
| 101 | fi |
| 102 | happy "${ME}: All ${tests} tests passed" |
| 103 | exit 0 |