blob: 13d605b2495ef401e5d2c52def3c251def914c95 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
#!/bin/bash
# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Generate test cases for use for the RSA verify benchmark.
set -e
# Load common constants and variables.
. "$(dirname "$0")/common.sh"
# Use a different directory for fuzzing test cases.
TESTKEY_DIR=${TESTKEY_DIR:-$(realpath ${SCRIPT_DIR}/../tests/testkeys)}
TESTCASE_DIR=${BUILD_DIR}/fuzz_testcases
TEST_IMAGE_FILE=${TESTCASE_DIR}/testimage
TEST_IMAGE_SIZE=500000
TEST_BOOTLOADER_FILE=${TESTCASE_DIR}/testbootloader
TEST_BOOTLOADER_SIZE=50000
TEST_CONFIG_FILE=${TESTCASE_DIR}/testconfig
# Config size must < 4096
TEST_CONFIG_SIZE=3000
function generate_fuzzing_images {
echo "Generating key blocks..."
# Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware
# signing key.
${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/firmware.keyblock \
--datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
--signprivate ${TESTKEY_DIR}/key_rsa8192.sha1.vbprivk
# Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512
# kernel signing key.
${UTIL_DIR}/vbutil_keyblock --pack ${TESTCASE_DIR}/kernel.keyblock \
--datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
--signprivate ${TESTKEY_DIR}/key_rsa4096.sha1.vbprivk \
--flags 15
echo "Generating signed firmware test image..."
${UTIL_DIR}/vbutil_firmware \
--vblock ${TESTCASE_DIR}/firmware.vblock \
--keyblock ${TESTCASE_DIR}/firmware.keyblock\
--signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \
--version 1 \
--fv $1 \
--kernelkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk
# TODO(gauravsh): ALso test with (optional) flags.
cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk
echo "Generating signed kernel test image..."
${UTIL_DIR}/vbutil_kernel \
--pack ${TESTCASE_DIR}/kernel.vblock.image \
--keyblock ${TESTCASE_DIR}/kernel.keyblock \
--signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \
--version 1 \
--vmlinuz ${TEST_IMAGE_FILE} \
--bootloader ${TEST_BOOTLOADER_FILE} \
--config ${TEST_CONFIG_FILE}
# TODO(gauravsh): Also test with (optional) padding.
cp ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
${TESTCASE_DIR}/firmware_key.vbpubk
}
function pre_work {
# Generate a file to serve as random bytes for firmware/kernel contents.
# NOTE: The kernel and config file can't really be random, but the bootloader
# can. That's probably close enough.
echo "Generating test image file..."
dd if=/dev/urandom of=${TEST_IMAGE_FILE} bs=${TEST_IMAGE_SIZE} count=1
echo "Generating test bootloader file..."
# TODO(gauravsh): Use a valid bootloader here?
dd if=/dev/urandom of=${TEST_BOOTLOADER_FILE} bs=${TEST_BOOTLOADER_SIZE} \
count=1
echo "Generating test config file..."
# TODO(gauravsh): Use a valid config file here?
dd if=/dev/urandom of=${TEST_CONFIG_FILE} bs=${TEST_CONFIG_SIZE} count=1
}
mkdir -p ${TESTCASE_DIR}
pre_work
check_test_keys
generate_fuzzing_images ${TEST_IMAGE_FILE}
|