#!/bin/bash -eux
# Copyright 2015 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.

me=${0##*/}
TMP="$me.tmp"

# Work in scratch directory
cd "$OUTDIR"

# The signed input images are signed with dev keys. We resign the unsigned
# images with the same keypair, to make sure that we're producing identical
# binaries.

DATADIR="${SCRIPTDIR}/data"
TESTS="dingdong hoho minimuffin zinger"

set -o pipefail

count=0
for test in $TESTS; do

    : $(( count++ ))
    echo -n "$count " 1>&3

    pemfile=${DATADIR}/${test}.pem
    infile=${DATADIR}/${test}.unsigned
    goodfile=${DATADIR}/${test}.signed
    outfile=${TMP}.${test}.new

    # Signing the whole thing with futility should produce identical results
    ${FUTILITY} sign --type usbpd1 --pem ${pemfile} ${infile} ${outfile}
    cmp ${goodfile} ${outfile}

    # Now try signing just the RW part
    size=$(stat -c '%s' ${infile})
    half=$(( size / 2 ))

    newin=${TMP}.${test}.rw_in
    dd if=${infile} bs=${half} count=1 skip=1 of=${newin}
    newgood=${TMP}.${test}.rw_ok
    dd if=${goodfile} bs=${half} count=1 skip=1 of=${newgood}
    newout=${TMP}.${test}.rw_out

    # Sign the RW part alone
    ${FUTILITY} sign --type usbpd1 --pem ${pemfile} \
        --ro_size 0 \
        ${newin} ${newout}
    cmp ${newgood} ${newout}

done

# cleanup
rm -rf ${TMP}*
exit 0