diff options
author | Nicolas Boichat <drinkcat@google.com> | 2017-02-08 12:44:42 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-02-11 04:21:57 -0800 |
commit | f3101060309281da2095744ca77a84e3d9703755 (patch) | |
tree | 0c4853fc7c9a8680b2ca58aa3d44006998478d32 /tests | |
parent | 3ac811d4a580449c7a389264975d5fce44cd1d78 (diff) | |
download | vboot-f3101060309281da2095744ca77a84e3d9703755.tar.gz |
tests: Add simple test for rwsig images
This tests that futility can correctly create and verify rwsig images.
Note that we do not test RSA 8192, as the signature is longer than
1024 bytes, and the test logic would need to be changed.
BRANCH=none
BUG=chromium:684354
TEST=make runfutiltests
Change-Id: I690e59fe8fa3e273dd81176211c58e1677fa720f
Reviewed-on: https://chromium-review.googlesource.com/438950
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
Diffstat (limited to 'tests')
-rwxr-xr-x | tests/futility/run_test_scripts.sh | 1 | ||||
-rwxr-xr-x | tests/futility/test_show_rwsig.sh | 46 |
2 files changed, 47 insertions, 0 deletions
diff --git a/tests/futility/run_test_scripts.sh b/tests/futility/run_test_scripts.sh index fe19f15b..b817c430 100755 --- a/tests/futility/run_test_scripts.sh +++ b/tests/futility/run_test_scripts.sh @@ -48,6 +48,7 @@ ${SCRIPTDIR}/test_load_fmap.sh ${SCRIPTDIR}/test_main.sh ${SCRIPTDIR}/test_show_contents.sh ${SCRIPTDIR}/test_show_kernel.sh +${SCRIPTDIR}/test_show_rwsig.sh ${SCRIPTDIR}/test_show_vs_verify.sh ${SCRIPTDIR}/test_show_usbpd1.sh ${SCRIPTDIR}/test_sign_firmware.sh diff --git a/tests/futility/test_show_rwsig.sh b/tests/futility/test_show_rwsig.sh new file mode 100755 index 00000000..7ff25571 --- /dev/null +++ b/tests/futility/test_show_rwsig.sh @@ -0,0 +1,46 @@ +#!/bin/bash -eux +# Copyright 2017 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +me=${0##*/} +TMP="$me.tmp" + +# Work in scratch directory +cd "$OUTDIR" + +DATADIR="${SCRIPTDIR}/data" +TESTKEYS=${SRCDIR}/tests/testkeys + +# Do not test 8192 as the signature length is > 1024 bytes +SIGS="1024 2048 4096" +HASHES="SHA1 SHA256 SHA512" + +set -o pipefail + +for s in $SIGS; do + echo -n "$s " 1>&3 + + for h in $HASHES; do + pemfile=${TESTKEYS}/key_rsa${s}.pem + outfile=${TMP}.${s}_${h}.new + infile=${DATADIR}/random_noise.bin + outkeys=${TMP}.${s}_${h} + outsig=${TMP}.${s}_${h}.signature + + ${FUTILITY} create --desc "Test key" --hash_alg ${h} \ + ${pemfile} ${outkeys} + + ${FUTILITY} sign --type rwsig --prikey ${outkeys}.vbprik2 \ + ${infile} ${outsig} + dd if=/dev/zero bs=$((4096 + 1024)) count=1 of=${outfile} + dd if=${infile} of=${outfile} conv=notrunc + dd if=${outsig} of=${outfile} bs=4096 seek=1 conv=notrunc + + ${FUTILITY} show --type rwsig --pubkey ${outkeys}.vbpubk2 ${outfile} + done +done + +# cleanup +rm -rf ${TMP}* +exit 0 |