blob: 658f8dd53388a48706a0c3b5f21c15baa8d51325 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
#!/bin/bash
# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# Run verified boot firmware and kernel verification tests.
# Load common constants and variables.
. "$(dirname "$0")/common.sh"
return_code=0
function test_vboot_common {
${TEST_DIR}/vboot_common_tests
if [ $? -ne 0 ]
then
return_code=255
fi
}
# Test a single key+hash algorithm
function test_vboot_common2_single {
local algonum=$1
local keylen=$2
local hashalgo=$3
echo -e "For signing key ${COL_YELLOW}RSA-$keylen/$hashalgo${COL_STOP}:"
echo ${TEST_DIR}/vboot_common2_tests $algonum \
${TESTKEY_DIR}/key_rsa${keylen}.pem \
${TESTKEY_DIR}/key_rsa${keylen}.keyb
${TEST_DIR}/vboot_common2_tests $algonum \
${TESTKEY_DIR}/key_rsa${keylen}.pem \
${TESTKEY_DIR}/key_rsa${keylen}.keyb
if [ $? -ne 0 ]
then
return_code=255
fi
}
# Test all key+hash algorithms
function test_vboot_common2_all {
algorithmcounter=0
for keylen in ${key_lengths[@]}
do
for hashalgo in ${hash_algos[@]}
do
test_vboot_common2_single $algorithmcounter $keylen $hashalgo
let algorithmcounter=algorithmcounter+1
done
done
}
# Test only the algorithms we actually use
function test_vboot_common2 {
test_vboot_common2_single 4 2048 sha256
test_vboot_common2_single 7 4096 sha256
test_vboot_common2_single 11 8192 sha512
}
# Test a single block algorithm + data algorithm
function test_vboot_common3_single {
local signing_algonum=$1
local signing_keylen=$2
local signing_hashalgo=$3
local data_algonum=$4
local data_keylen=$5
local data_hashalgo=$6
echo -e "For ${COL_YELLOW}signing algorithm \
RSA-${signing_keylen}/${signing_hashalgo}${COL_STOP} \
and ${COL_YELLOW}data signing algorithm RSA-${data_keylen}/\
${data_hashalgo}${COL_STOP}"
${TEST_DIR}/vboot_common3_tests \
$signing_algonum $data_algonum \
${TESTKEY_DIR}/key_rsa${signing_keylen}.pem \
${TESTKEY_DIR}/key_rsa${signing_keylen}.keyb \
${TESTKEY_DIR}/key_rsa${data_keylen}.pem \
${TESTKEY_DIR}/key_rsa${data_keylen}.keyb
if [ $? -ne 0 ]
then
return_code=255
fi
}
# Test all combinations of key block signing algorithm and data signing
# algorithm
function test_vboot_common3_all {
signing_algorithmcounter=0
data_algorithmcounter=0
for signing_keylen in ${key_lengths[@]}
do
for signing_hashalgo in ${hash_algos[@]}
do
let data_algorithmcounter=0
for data_keylen in ${key_lengths[@]}
do
for data_hashalgo in ${hash_algos[@]}
do
test_vboot_common3_single \
$signing_algorithmcounter $signing_keylen $signing_hashalgo \
$data_algorithmcounter $data_keylen $data_hashalgo
let data_algorithmcounter=data_algorithmcounter+1
done
done
let signing_algorithmcounter=signing_algorithmcounter+1
done
done
}
# Test only the combinations of key block signing algorithm and data signing
# algorithm that we actually use
function test_vboot_common3 {
test_vboot_common3_single 7 4096 sha256 4 2048 sha256
test_vboot_common3_single 11 8192 sha512 4 2048 sha256
test_vboot_common3_single 11 8192 sha512 7 4096 sha256
}
check_test_keys
echo
echo "Testing vboot_common tests which don't depend on keys..."
test_vboot_common
echo
echo "Testing vboot_common tests which depend on one key..."
if [ "$1" == "--all" ] ; then
test_vboot_common2_all
else
test_vboot_common2
fi
echo
echo "Testing vboot_common tests which depend on two keys..."
if [ "$1" == "--all" ] ; then
test_vboot_common3_all
else
test_vboot_common3
fi
exit $return_code
|
