| Bill Richardson | d355d9b | 2012-03-07 13:44:25 -0800 | [diff] [blame] | 1 | #!/bin/bash -u |
| 2 | # |
| 3 | # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| 4 | # Use of this source code is governed by a BSD-style license that can be |
| 5 | # found in the LICENSE file. |
| 6 | # |
| 7 | # This tests that vblocks using pre-3.0 versions of VbFirmwarePreambleHeader |
| 8 | # and VbKernelPreambleHeader will still verify (or not) correctly. We need to |
| 9 | # keep the old versions around to make sure that we can still sign images in |
| 10 | # the ways that existing devices can validate. |
| 11 | |
| 12 | # Load common constants and variables for tests. |
| 13 | . "$(dirname "$0")/common.sh" |
| 14 | |
| Randall Spangler | e8cfa31 | 2013-01-02 16:49:38 -0800 | [diff] [blame^] | 15 | if [ "${1:---some}" == "--all" ] ; then |
| 16 | # all algs |
| 17 | algs="0 1 2 3 4 5 6 7 8 9 10 11" |
| 18 | else |
| 19 | # just the algs we use |
| 20 | algs="4 7 11" |
| 21 | fi |
| Bill Richardson | d355d9b | 2012-03-07 13:44:25 -0800 | [diff] [blame] | 22 | |
| 23 | # output directories |
| 24 | PREAMBLE_DIR="${SCRIPT_DIR}/preamble_tests" |
| 25 | DATADIR="${PREAMBLE_DIR}/data" |
| 26 | V2DIR="${PREAMBLE_DIR}/preamble_v2x" |
| 27 | |
| 28 | tests=0 |
| 29 | errs=0 |
| 30 | |
| 31 | # Check the firmware results |
| 32 | for d in $algs; do |
| 33 | for r in $algs; do |
| 34 | for rr in $algs; do |
| 35 | if [ "$r" = "$rr" ]; then |
| 36 | what="verify" |
| 37 | cmp="-ne" |
| 38 | else |
| 39 | what="reject" |
| 40 | cmp="-eq" |
| 41 | fi |
| 42 | : $(( tests++ )) |
| 43 | echo -n "${what} fw_${d}_${r}.vblock with root_${rr}.vbpubk ... " |
| 44 | "${UTIL_DIR}/vbutil_firmware" --verify "${V2DIR}/fw_${d}_${r}.vblock" \ |
| 45 | --signpubkey "${DATADIR}/root_${rr}.vbpubk" \ |
| 46 | --fv "${DATADIR}/FWDATA" >/dev/null 2>&1 |
| 47 | if [ "$?" "$cmp" 0 ]; then |
| 48 | echo -e "${COL_RED}FAILED${COL_STOP}" |
| 49 | : $(( errs++ )) |
| 50 | else |
| 51 | echo -e "${COL_GREEN}PASSED${COL_STOP}" |
| 52 | fi |
| 53 | done |
| 54 | done |
| 55 | done |
| 56 | |
| 57 | |
| 58 | # Check the kernel results |
| 59 | for d in $algs; do |
| 60 | for r in $algs; do |
| 61 | for rr in $algs; do |
| 62 | if [ "$r" = "$rr" ]; then |
| 63 | what="verify" |
| 64 | cmp="-ne" |
| 65 | else |
| 66 | what="reject" |
| 67 | cmp="-eq" |
| 68 | fi |
| 69 | : $(( tests++ )) |
| 70 | echo -n "${what} kern_${d}_${r}.vblock with root_${rr}.vbpubk ... " |
| 71 | "${UTIL_DIR}/vbutil_kernel" --verify "${V2DIR}/kern_${d}_${r}.vblock" \ |
| 72 | --signpubkey "${DATADIR}/root_${rr}.vbpubk" >/dev/null 2>&1 |
| 73 | if [ "$?" "$cmp" 0 ]; then |
| 74 | echo -e "${COL_RED}FAILED${COL_STOP}" |
| 75 | : $(( errs++ )) |
| 76 | else |
| 77 | echo -e "${COL_GREEN}PASSED${COL_STOP}" |
| 78 | fi |
| 79 | done |
| 80 | done |
| 81 | done |
| 82 | |
| 83 | |
| 84 | # Check the kernel results |
| 85 | for d in $algs; do |
| 86 | for r in $algs; do |
| 87 | : $(( tests++ )) |
| 88 | echo -n "verify kern_${d}_${r}.vblock with hash only ... " |
| 89 | "${UTIL_DIR}/vbutil_kernel" \ |
| 90 | --verify "${V2DIR}/kern_${d}_${r}.vblock" >/dev/null 2>&1 |
| 91 | if [ "$?" -ne 0 ]; then |
| 92 | echo -e "${COL_RED}FAILED${COL_STOP}" |
| 93 | : $(( errs++ )) |
| 94 | else |
| 95 | echo -e "${COL_GREEN}PASSED${COL_STOP}" |
| 96 | fi |
| 97 | done |
| 98 | done |
| 99 | |
| 100 | |
| 101 | # Summary |
| 102 | ME=$(basename "$0") |
| 103 | if [ "$errs" -ne 0 ]; then |
| 104 | echo -e "${COL_RED}${ME}: ${errs}/${tests} tests failed${COL_STOP}" |
| 105 | exit 1 |
| 106 | fi |
| 107 | happy "${ME}: All ${tests} tests passed" |
| 108 | exit 0 |