OLD | NEW |
1 #!/bin/bash | 1 #!/bin/bash |
2 | 2 |
3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
4 # Use of this source code is governed by a BSD-style license that can be | 4 # Use of this source code is governed by a BSD-style license that can be |
5 # found in the LICENSE file. | 5 # found in the LICENSE file. |
6 | 6 |
7 # Generate test cases for use for the RSA verify benchmark. | 7 # Generate test cases for use for the RSA verify benchmark. |
8 | 8 |
| 9 set -e |
| 10 |
9 # Load common constants and variables. | 11 # Load common constants and variables. |
10 . "$(dirname "$0")/common.sh" | 12 . "$(dirname "$0")/common.sh" |
11 | 13 |
12 # Use a different directory for fuzzing test cases. | 14 # Use a different directory for fuzzing test cases. |
13 TESTCASE_DIR=${SCRIPT_DIR}/fuzz_testcases | 15 TESTKEY_DIR=${TESTKEY_DIR:-$(realpath ${SCRIPT_DIR}/../tests/testkeys)} |
| 16 TESTCASE_DIR="$(realpath ${SCRIPT_DIR}/../build)"/fuzz_testcases |
14 TEST_IMAGE_FILE=${TESTCASE_DIR}/testimage | 17 TEST_IMAGE_FILE=${TESTCASE_DIR}/testimage |
15 TEST_IMAGE_SIZE=500000 | 18 TEST_IMAGE_SIZE=500000 |
16 TEST_BOOTLOADER_FILE=${TESTCASE_DIR}/testbootloader | 19 TEST_BOOTLOADER_FILE=${TESTCASE_DIR}/testbootloader |
17 TEST_BOOTLOADER_SIZE=50000 | 20 TEST_BOOTLOADER_SIZE=50000 |
18 TEST_CONFIG_FILE=${TESTCASE_DIR}/testconfig | 21 TEST_CONFIG_FILE=${TESTCASE_DIR}/testconfig |
19 # Config size must < 4096 | 22 # Config size must < 4096 |
20 TEST_CONFIG_SIZE=3000 | 23 TEST_CONFIG_SIZE=3000 |
21 | 24 |
22 function generate_fuzzing_images { | 25 function generate_fuzzing_images { |
23 echo "Generating key blocks..." | 26 echo "Generating key blocks..." |
24 # Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware | 27 # Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware |
25 # signing key. | 28 # signing key. |
26 ${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/firmware.keyblock \ | 29 ${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/firmware.keyblock \ |
27 --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ | 30 --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ |
28 --signprivate ${TESTKEY_DIR}/key_rsa8192.pem \ | 31 --signprivate ${TESTKEY_DIR}/key_rsa8192.sha1.vbprivk |
29 --algorithm 11 | |
30 | 32 |
31 # Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512 | 33 # Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512 |
32 # kernel signing key. | 34 # kernel signing key. |
33 ${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/kernel.keyblock \ | 35 ${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/kernel.keyblock \ |
34 --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ | 36 --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ |
35 --signprivate ${TESTKEY_DIR}/key_rsa4096.pem \ | 37 --signprivate ${TESTKEY_DIR}/key_rsa4096.sha1.vbprivk \ |
36 --flags 15 \ | 38 --flags 15 |
37 --algorithm 8 | 39 |
38 | |
39 echo "Generating signed firmware test image..." | 40 echo "Generating signed firmware test image..." |
40 ${UTIL_DIR}/vbutil_firmware \ | 41 ${UTIL_DIR}/vbutil_firmware \ |
41 --vblock ${TESTCASE_DIR}/firmware.vblock \ | 42 --vblock ${TESTCASE_DIR}/firmware.vblock \ |
42 --keyblock ${TESTCASE_DIR}/firmware.keyblock\ | 43 --keyblock ${TESTCASE_DIR}/firmware.keyblock\ |
43 --signprivate ${TESTKEY_DIR}/key_rsa4096.pem \ | 44 --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ |
44 --version 1 \ | 45 --version 1 \ |
45 --fv $1 \ | 46 --fv $1 \ |
46 --kernelkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk | 47 --kernelkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk |
47 # TODO(gauravsh): ALso test with (optional) flags. | 48 # TODO(gauravsh): ALso test with (optional) flags. |
48 cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk | 49 cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk |
49 | 50 |
50 echo "Generating signed kernel test image..." | 51 echo "Generating signed kernel test image..." |
51 ${UTIL_DIR}/vbutil_kernel \ | 52 ${UTIL_DIR}/vbutil_kernel \ |
52 --pack ${TESTCASE_DIR}/kernel.vblock.image \ | 53 --pack ${TESTCASE_DIR}/kernel.vblock.image \ |
53 --keyblock ${TESTCASE_DIR}/kernel.keyblock \ | 54 --keyblock ${TESTCASE_DIR}/kernel.keyblock \ |
54 --signprivate ${TESTKEY_DIR}/key_rsa4096.pem \ | 55 --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ |
55 --version 1 \ | 56 --version 1 \ |
56 --vmlinuz ${TEST_IMAGE_FILE} \ | 57 --vmlinuz ${TEST_IMAGE_FILE} \ |
57 --bootloader ${TEST_BOOTLOADER_FILE} \ | 58 --bootloader ${TEST_BOOTLOADER_FILE} \ |
58 --config ${TEST_CONFIG_FILE} | 59 --config ${TEST_CONFIG_FILE} |
59 # TODO(gauravsh): Also test with (optional) padding. | 60 # TODO(gauravsh): Also test with (optional) padding. |
60 cp ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ | 61 cp ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \ |
61 ${TESTCASE_DIR}/firmware_key.vbpubk | 62 ${TESTCASE_DIR}/firmware_key.vbpubk |
62 } | 63 } |
63 | 64 |
64 function pre_work { | 65 function pre_work { |
65 # Generate a file to serve as random bytes for firmware/kernel contents. | 66 # Generate a file to serve as random bytes for firmware/kernel contents. |
66 # NOTE: The kernel and config file can't really be random, but the bootloader | 67 # NOTE: The kernel and config file can't really be random, but the bootloader |
67 # can. That's probably close enough. | 68 # can. That's probably close enough. |
68 echo "Generating test image file..." | 69 echo "Generating test image file..." |
69 dd if=/dev/urandom of=${TEST_IMAGE_FILE} bs=${TEST_IMAGE_SIZE} count=1 | 70 dd if=/dev/urandom of=${TEST_IMAGE_FILE} bs=${TEST_IMAGE_SIZE} count=1 |
70 echo "Generating test bootloader file..." | 71 echo "Generating test bootloader file..." |
71 # TODO(gauravsh): Use a valid bootloader here? | 72 # TODO(gauravsh): Use a valid bootloader here? |
72 dd if=/dev/urandom of=${TEST_BOOTLOADER_FILE} bs=${TEST_BOOTLOADER_SIZE} \ | 73 dd if=/dev/urandom of=${TEST_BOOTLOADER_FILE} bs=${TEST_BOOTLOADER_SIZE} \ |
73 count=1 | 74 count=1 |
74 echo "Generating test config file..." | 75 echo "Generating test config file..." |
75 # TODO(gauravsh): Use a valid config file here? | 76 # TODO(gauravsh): Use a valid config file here? |
76 dd if=/dev/urandom of=${TEST_CONFIG_FILE} bs=${TEST_CONFIG_SIZE} count=1 | 77 dd if=/dev/urandom of=${TEST_CONFIG_FILE} bs=${TEST_CONFIG_SIZE} count=1 |
77 } | 78 } |
78 | 79 |
79 mkdir -p ${TESTCASE_DIR} | 80 mkdir -p ${TESTCASE_DIR} |
80 pre_work | 81 pre_work |
81 check_test_keys | 82 check_test_keys |
82 generate_fuzzing_images ${TEST_IMAGE_FILE} | 83 generate_fuzzing_images ${TEST_IMAGE_FILE} |
| 84 |
OLD | NEW |