diff options
| author | Gaurav Shah <gauravsh@chromium.org> | 2010-03-19 16:19:09 -0700 |
|---|---|---|
| committer | Gaurav Shah <gauravsh@chromium.org> | 2010-03-19 16:19:09 -0700 |
| commit | 445925fe0f11280c585879247eada43de32090ca (patch) | |
| tree | 99038ddd0545394f0f473080e363a7d903839a00 /tests | |
| parent | 528a2c113e76b795ec907b4c3412ef3ef1630783 (diff) | |
| download | vboot-445925fe0f11280c585879247eada43de32090ca.tar.gz | |
Vboot Reference: Spring cleaning of test scripts.
Moved duplicated code to "common.sh". Make directory detection more robust.
Review URL: http://codereview.chromium.org/1101004
Diffstat (limited to 'tests')
| -rwxr-xr-x | tests/common.sh | 39 | ||||
| -rwxr-xr-x | tests/gen_fuzz_test_cases.sh | 34 | ||||
| -rwxr-xr-x | tests/gen_test_cases.sh | 50 | ||||
| -rwxr-xr-x | tests/gen_test_keys.sh | 23 | ||||
| -rwxr-xr-x | tests/run_image_verification_tests.sh | 44 | ||||
| -rwxr-xr-x | tests/run_rsa_tests.sh | 74 |
6 files changed, 101 insertions, 163 deletions
diff --git a/tests/common.sh b/tests/common.sh new file mode 100755 index 00000000..82fdb850 --- /dev/null +++ b/tests/common.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +# Copyright (c) 2010 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +# Determine script directory. +if [[ $0 == '/'* ]]; +then + SCRIPT_DIR="`dirname $0`" +elif [[ $0 == './'* ]]; +then + SCRIPT_DIR="`pwd`" +else + SCRIPT_DIR="`pwd`"/"`dirname $0`" +fi + +UTIL_DIR=`dirname ${SCRIPT_DIR}`/utils +TEST_DIR=${SCRIPT_DIR} +TESTKEY_DIR=${SCRIPT_DIR}/testkeys +TESTCASE_DIR=${SCRIPT_DIR}/testcases + +# Color output encodings. +COL_RED='\E[31;1m' +COL_GREEN='\E[32;1m' +COL_YELLOW='\E[33;1m' +COL_BLUE='\E[34;1m' +COL_STOP='\E[0;m' + +hash_algos=( sha1 sha256 sha512 ) +key_lengths=( 1024 2048 4096 8192 ) + +function check_test_keys { + if [ ! -d ${TESTKEY_DIR} ] + then + echo "You must run gen_test_keys.sh to generate test keys first." + exit 1 + fi +} diff --git a/tests/gen_fuzz_test_cases.sh b/tests/gen_fuzz_test_cases.sh index fc97f4b1..7f75a311 100755 --- a/tests/gen_fuzz_test_cases.sh +++ b/tests/gen_fuzz_test_cases.sh @@ -6,14 +6,13 @@ # Generate test cases for use for the RSA verify benchmark. -TESTCASE_DIR=fuzz_testcases -TESTKEY_DIR=testkeys -UTIL_DIR=../utils/ -TEST_FILE=test_file -TEST_FILE_SIZE=1000000 +# Load common constants and variables. +. "$(dirname "$0")/common.sh" -hash_algos=( sha1 sha256 sha512 ) -key_lengths=( 1024 2048 4096 8192 ) +# Use a different directory for fuzzing test cases. +TESTCASE_DIR=${SCRIPT_DIR}/fuzz_testcases +TEST_FILE=${TESTCASE_DIR}/testfile +TEST_FILE_SIZE=500000 # Generate public key signatures and digest on an input file for # various combinations of message digest algorithms and RSA key sizes. @@ -47,22 +46,11 @@ function generate_fuzzing_images { } function pre_work { - # Generate a file with random bytes for signature tests. + # Generate a file to serve as random bytes for firmware/kernel contents. echo "Generating test file..." - dd if=/dev/urandom of=${TESTCASE_DIR}/${TEST_FILE} bs=${TEST_FILE_SIZE} \ - count=1 + dd if=/dev/urandom of=${TEST_FILE} bs=${TEST_FILE_SIZE} count=1 } - -if [ ! -d ${TESTKEY_DIR} ] -then - echo "You must run gen_test_keys.sh to generate test keys first." - exit 1 -fi - -if [ ! -d ${TESTCASE_DIR} ] -then - mkdir ${TESTCASE_DIR} -fi - +mkdir -p ${TESTCASE_DIR} pre_work -generate_fuzzing_images ${TESTCASE_DIR}/$TEST_FILE +check_test_keys +generate_fuzzing_images ${TEST_FILE} diff --git a/tests/gen_test_cases.sh b/tests/gen_test_cases.sh index b15921d6..bad7e334 100755 --- a/tests/gen_test_cases.sh +++ b/tests/gen_test_cases.sh @@ -6,49 +6,39 @@ # Generate test cases for use for the RSA verify benchmark. -KEY_DIR=testkeys -TESTCASE_DIR=testcases -UTIL_DIR=../utils/ -TEST_FILE=test_file -TEST_FILE_SIZE=1000000 +# Load common constants and variables. +. "$(dirname "$0")/common.sh" -hash_algos=( sha1 sha256 sha512 ) -key_lengths=( 1024 2048 4096 8192 ) +TEST_FILE=${TESTCASE_DIR}/test_file +TEST_FILE_SIZE=1000000 -# Generate public key signatures and digest on an input file for -# various combinations of message digest algorithms and RSA key sizes. +# Generate public key signatures on an input file for various combinations +# of message digest algorithms and RSA key sizes. function generate_test_signatures { + echo "Generating test signatures..." algorithmcounter=0 for keylen in ${key_lengths[@]} do for hashalgo in ${hash_algos[@]} do - openssl dgst -${hashalgo} -binary -out $1.${hashalgo}.digest $1 - ${UTIL_DIR}/signature_digest $algorithmcounter $1 | openssl rsautl -sign \ - -pkcs -inkey ${KEY_DIR}/key_rsa${keylen}.pem \ - > $1.rsa${keylen}_${hashalgo}.sig + openssl dgst -${hashalgo} -binary ${TEST_FILE} > \ + ${TEST_FILE}.${hashalgo}.digest + ${UTIL_DIR}/signature_digest_utility $algorithmcounter \ + ${TEST_FILE} | openssl rsautl \ + -sign -pkcs -inkey ${TESTKEY_DIR}/key_rsa${keylen}.pem \ + > ${TEST_FILE}.rsa${keylen}_${hashalgo}.sig let algorithmcounter=algorithmcounter+1 done done } -function pre_work { - # Generate a file with random bytes for signature tests. +# Generate a file with random bytes for signature tests. +function generate_test_file { echo "Generating test file..." - dd if=/dev/urandom of=${TESTCASE_DIR}/${TEST_FILE} bs=${TEST_FILE_SIZE} count=1 + dd if=/dev/urandom of=${TEST_FILE} bs=${TEST_FILE_SIZE} count=1 } -if [ ! -d "$KEY_DIR" ] -then - echo "You must run gen_test_cases.sh to generate test keys first." - exit 1 -fi - -if [ ! -d "$TESTCASE_DIR" ] -then - mkdir "$TESTCASE_DIR" -fi - -pre_work -echo "Generating test signatures..." -generate_test_signatures ${TESTCASE_DIR}/$TEST_FILE +mkdir -p ${TESTCASE_DIR} +check_test_keys +generate_test_file +generate_test_signatures diff --git a/tests/gen_test_keys.sh b/tests/gen_test_keys.sh index 2a8fe83e..bb39fb28 100755 --- a/tests/gen_test_keys.sh +++ b/tests/gen_test_keys.sh @@ -3,30 +3,25 @@ # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. - +# # Generate test keys for use by the tests. -KEY_DIR=testkeys -key_lengths=( 1024 2048 4096 8192 ) -UTIL_DIR=../utils/ +# Load common constants and variables. +. "$(dirname "$0")/common.sh" # Generate RSA test keys of various lengths. function generate_keys { for i in ${key_lengths[@]} do - openssl genrsa -F4 -out ${KEY_DIR}/key_rsa$i.pem $i + openssl genrsa -F4 -out ${TESTKEY_DIR}/key_rsa$i.pem $i # Generate self-signed certificate from key. - openssl req -batch -new -x509 -key ${KEY_DIR}/key_rsa$i.pem \ - -out ${KEY_DIR}/key_rsa$i.crt + openssl req -batch -new -x509 -key ${TESTKEY_DIR}/key_rsa$i.pem \ + -out ${TESTKEY_DIR}/key_rsa$i.crt # Generate pre-processed key for use by RSA signature verification code. - ${UTIL_DIR}/dumpRSAPublicKey ${KEY_DIR}/key_rsa$i.crt \ - > ${KEY_DIR}/key_rsa$i.keyb + ${UTIL_DIR}/dumpRSAPublicKey ${TESTKEY_DIR}/key_rsa$i.crt \ + > ${TESTKEY_DIR}/key_rsa$i.keyb done } -if [ ! -d "$KEY_DIR" ] -then - mkdir "$KEY_DIR" -fi - +mkdir -p ${TESTKEY_DIR} generate_keys diff --git a/tests/run_image_verification_tests.sh b/tests/run_image_verification_tests.sh index 19feae23..3eba26ee 100755 --- a/tests/run_image_verification_tests.sh +++ b/tests/run_image_verification_tests.sh @@ -6,17 +6,10 @@ # Run verified boot firmware and kernel verification tests. -return_code=0 -hash_algos=( sha1 sha256 sha512 ) -key_lengths=( 1024 2048 4096 8192 ) -TEST_FILE=test_file -TEST_FILE_SIZE=1000000 +# Load common constants and variables. +. "$(dirname "$0")/common.sh" -COL_RED='\E[31;1m' -COL_GREEN='\E[32;1m' -COL_YELLOW='\E[33;1m' -COL_BLUE='\E[34;1m' -COL_STOP='\E[0;m' +return_code=0 function test_firmware_verification { algorithmcounter=0 @@ -26,10 +19,10 @@ function test_firmware_verification { do echo -e "For Root key ${COL_YELLOW}RSA-$keylen/$hashalgo${COL_STOP}:" cd ${UTIL_DIR} && ${TEST_DIR}/firmware_image_tests $algorithmcounter \ - ${TEST_DIR}/testkeys/key_rsa8192.pem \ - ${TEST_DIR}/testkeys/key_rsa8192.keyb \ - ${TEST_DIR}/testkeys/key_rsa${keylen}.pem \ - ${TEST_DIR}/testkeys/key_rsa${keylen}.keyb + ${TESTKEY_DIR}/key_rsa8192.pem \ + ${TESTKEY_DIR}/key_rsa8192.keyb \ + ${TESTKEY_DIR}/key_rsa${keylen}.pem \ + ${TESTKEY_DIR}/key_rsa${keylen}.keyb if [ $? -ne 0 ] then return_code=255 @@ -59,10 +52,10 @@ and ${COL_YELLOW}Kernel signing algorithm RSA-${kernel_keylen}/\ ${kernel_hashalgo}${COL_STOP}" cd ${UTIL_DIR} && ${TEST_DIR}/kernel_image_tests \ $firmware_algorithmcounter $kernel_algorithmcounter \ - ${TEST_DIR}/testkeys/key_rsa${firmware_keylen}.pem \ - ${TEST_DIR}/testkeys/key_rsa${firmware_keylen}.keyb \ - ${TEST_DIR}/testkeys/key_rsa${kernel_keylen}.pem \ - ${TEST_DIR}/testkeys/key_rsa${kernel_keylen}.keyb + ${TESTKEY_DIR}/key_rsa${firmware_keylen}.pem \ + ${TESTKEY_DIR}/key_rsa${firmware_keylen}.keyb \ + ${TESTKEY_DIR}/key_rsa${kernel_keylen}.pem \ + ${TESTKEY_DIR}/key_rsa${kernel_keylen}.keyb if [ $? -ne 0 ] then return_code=255 @@ -75,20 +68,7 @@ ${kernel_hashalgo}${COL_STOP}" done } -# Determine script directory. -if [[ $0 == '/'* ]]; -then - SCRIPT_DIR="`dirname $0`" -elif [[ $0 == './'* ]]; -then - SCRIPT_DIR="`pwd`" -else - SCRIPT_DIR="`pwd`"/"`dirname $0`" -fi -UTIL_DIR=`dirname ${SCRIPT_DIR}`/utils -KEY_DIR=${SCRIPT_DIR}/testkeys -TEST_DIR=${SCRIPT_DIR}/ - +check_test_keys echo echo "Testing high-level firmware image verification..." test_firmware_verification diff --git a/tests/run_rsa_tests.sh b/tests/run_rsa_tests.sh index 2439c329..a296d13c 100755 --- a/tests/run_rsa_tests.sh +++ b/tests/run_rsa_tests.sh @@ -3,36 +3,14 @@ # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. # Use of this source code is governed by a BSD-style license that can be # found in the LICENSE file. - +# # Run tests for RSA Signature verification. -return_code=0 -hash_algos=( sha1 sha256 sha512 ) -key_lengths=( 1024 2048 4096 8192 ) -TEST_FILE=test_file -TEST_FILE_SIZE=1000000 - -COL_RED='\E[31;1m' -COL_GREEN='\E[32;1m' -COL_YELLOW='\E[33;1m' -COL_BLUE='\E[34;1m' -COL_STOP='\E[0;m' +# Load common constants and variables. +. "$(dirname "$0")/common.sh" -# Generate public key signatures on an input file for various combinations -# of message digest algorithms and RSA key sizes. -function generate_signatures { - algorithmcounter=0 - for keylen in ${key_lengths[@]} - do - for hashalgo in ${hash_algos[@]} - do - ${UTIL_DIR}/signature_digest_utility $algorithmcounter $1 | openssl \ - rsautl -sign -pkcs -inkey ${KEY_DIR}/key_rsa${keylen}.pem \ - > $1.rsa${keylen}\_${hashalgo}.sig - let algorithmcounter=algorithmcounter+1 - done - done -} +return_code=0 +TEST_FILE=${TESTCASE_DIR}/test_file function test_signatures { algorithmcounter=0 @@ -42,8 +20,9 @@ function test_signatures { do echo -e "For ${COL_YELLOW}RSA-$keylen and $hashalgo${COL_STOP}:" ${UTIL_DIR}/verify_data $algorithmcounter \ - ${KEY_DIR}/key_rsa${keylen}.keyb \ - ${TEST_FILE}.rsa${keylen}_${hashalgo}.sig ${TEST_FILE} + ${TESTKEY_DIR}/key_rsa${keylen}.keyb \ + ${TEST_FILE}.rsa${keylen}_${hashalgo}.sig \ + ${TEST_FILE} if [ $? -ne 0 ] then return_code=255 @@ -52,45 +31,12 @@ function test_signatures { done done echo -e "Peforming ${COL_YELLOW}PKCS #1 v1.5 Padding Tests${COL_STOP}..." - ${TEST_DIR}/rsa_padding_test ${TEST_DIR}/testkeys/rsa_padding_test_pubkey.keyb -} - -function pre_work { - # Generate a file with random bytes for signature tests. - echo "Generating test file..." - dd if=/dev/urandom of=${TEST_FILE} bs=${TEST_FILE_SIZE} count=1 - echo "Generating signatures..." - generate_signatures $TEST_FILE + ${TEST_DIR}/rsa_padding_test ${TESTKEY_DIR}/rsa_padding_test_pubkey.keyb } -function cleanup { - rm ${SCRIPT_DIR}/${TEST_FILE} ${SCRIPT_DIR}/${TEST_FILE}.*.sig -} - -# Determine script directory. -if [[ $0 == '/'* ]]; -then - SCRIPT_DIR="`dirname $0`" -elif [[ $0 == './'* ]]; -then - SCRIPT_DIR="`pwd`" -else - SCRIPT_DIR="`pwd`"/"`dirname $0`" -fi -UTIL_DIR=`dirname ${SCRIPT_DIR}`/utils -KEY_DIR=${SCRIPT_DIR}/testkeys -TEST_DIR=${SCRIPT_DIR}/ - -echo "Generating test cases..." -pre_work - -echo +check_test_keys echo "Testing signature verification..." test_signatures -echo -echo "Cleaning up..." -cleanup - exit $return_code |