diff options
Diffstat (limited to 'tests/vb2_firmware_tests.sh')
-rwxr-xr-x | tests/vb2_firmware_tests.sh | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/tests/vb2_firmware_tests.sh b/tests/vb2_firmware_tests.sh new file mode 100755 index 00000000..39c4dd97 --- /dev/null +++ b/tests/vb2_firmware_tests.sh @@ -0,0 +1,57 @@ +#!/bin/bash + +# Copyright (c) 2014 The Chromium OS Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. +# +# End-to-end test for vboot2 firmware verification + +# Load common constants and variables. +. "$(dirname "$0")/common.sh" + +set -e + +echo 'Creating test firmware' + +# Run tests in a dedicated directory for easy cleanup or debugging. +DIR="${TEST_DIR}/vb2fw_test_dir" +[ -d "$DIR" ] || mkdir -p "$DIR" +echo "Testing vb2_verify_fw in $DIR" +cd "$DIR" + +# Dummy firmware body +echo 'This is a test firmware body. This is only a test. Lalalalala' \ + > body.test + +# Pack keys using original vboot utilities +${UTIL_DIR}/vbutil_key --pack rootkey.test \ + --key ${TESTKEY_DIR}/key_rsa8192.keyb --algorithm 11 +${UTIL_DIR}/vbutil_key --pack fwsubkey.test \ + --key ${TESTKEY_DIR}/key_rsa4096.keyb --algorithm 7 +${UTIL_DIR}/vbutil_key --pack kernkey.test \ + --key ${TESTKEY_DIR}/key_rsa2048.keyb --algorithm 4 + +# Create a GBB with the root key +${UTIL_DIR}/gbb_utility -c 128,2400,0,0 gbb.test +${UTIL_DIR}/gbb_utility gbb.test -s --hwid='Test GBB' --rootkey=rootkey.test + +# Keyblock with firmware subkey is signed by root key +${UTIL_DIR}/vbutil_keyblock --pack keyblock.test \ + --datapubkey fwsubkey.test \ + --signprivate ${TESTKEY_DIR}/key_rsa8192.sha512.vbprivk + +# Firmware preamble is signed with the firmware subkey +${UTIL_DIR}/vbutil_firmware \ + --vblock vblock.test \ + --keyblock keyblock.test \ + --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \ + --fv body.test \ + --version 1 \ + --kernelkey kernkey.test + +echo 'Verifying test firmware using vb2_verify_fw' + +# Verify the firmware using vboot2 utility +${UTIL_DIR}/vb2_verify_fw gbb.test vblock.test body.test + +happy 'vb2_verify_fw succeeded' |