• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1#!/bin/bash
2
3# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
4# Use of this source code is governed by a BSD-style license that can be
5# found in the LICENSE file.
6
7# Generate test cases for use for the RSA verify benchmark.
8
9set -e
10
11# Load common constants and variables.
12. "$(dirname "$0")/common.sh"
13
14# Use a different directory for fuzzing test cases.
15TESTKEY_DIR=${TESTKEY_DIR:-$(realpath  ${SCRIPT_DIR}/../tests/testkeys)}
16TESTCASE_DIR=${BUILD_DIR}/fuzz_testcases
17TEST_IMAGE_FILE=${TESTCASE_DIR}/testimage
18TEST_IMAGE_SIZE=500000
19TEST_BOOTLOADER_FILE=${TESTCASE_DIR}/testbootloader
20TEST_BOOTLOADER_SIZE=50000
21TEST_CONFIG_FILE=${TESTCASE_DIR}/testconfig
22# Config size must < 4096
23TEST_CONFIG_SIZE=3000
24
25function generate_fuzzing_images {
26  echo "Generating key blocks..."
27  # Firmware key block - RSA8192/SHA512 root key, RSA4096/SHA512 firmware
28  # signing key.
29  ${FUTILITY} vbutil_keyblock \
30    --pack ${TESTCASE_DIR}/firmware.keyblock \
31    --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
32    --signprivate ${TESTKEY_DIR}/key_rsa8192.sha1.vbprivk
33
34  # Kernel key block - RSA4096/SHA512 kernel signing subkey, RSA4096/SHA512
35  # kernel signing key.
36  ${FUTILITY} vbutil_keyblock \
37    --pack ${TESTCASE_DIR}/kernel.keyblock \
38    --datapubkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
39    --signprivate ${TESTKEY_DIR}/key_rsa4096.sha1.vbprivk \
40    --flags 15
41
42  echo "Generating signed firmware test image..."
43  ${FUTILITY} vbutil_firmware \
44    --vblock ${TESTCASE_DIR}/firmware.vblock \
45    --keyblock ${TESTCASE_DIR}/firmware.keyblock\
46    --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \
47    --version 1 \
48    --fv  $1 \
49    --kernelkey ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk
50  # TODO(gauravsh): ALso test with (optional) flags.
51  cp ${TESTKEY_DIR}/key_rsa8192.sha512.vbpubk ${TESTCASE_DIR}/root_key.vbpubk
52
53  echo "Generating signed kernel test image..."
54  ${FUTILITY} vbutil_kernel \
55    --pack ${TESTCASE_DIR}/kernel.vblock.image \
56    --keyblock ${TESTCASE_DIR}/kernel.keyblock \
57    --signprivate ${TESTKEY_DIR}/key_rsa4096.sha256.vbprivk \
58    --version 1 \
59    --vmlinuz ${TEST_IMAGE_FILE} \
60    --bootloader ${TEST_BOOTLOADER_FILE} \
61    --config ${TEST_CONFIG_FILE}
62  # TODO(gauravsh): Also test with (optional) padding.
63  cp ${TESTKEY_DIR}/key_rsa4096.sha512.vbpubk \
64    ${TESTCASE_DIR}/firmware_key.vbpubk
65}
66
67function pre_work {
68  # Generate a file to serve as random bytes for firmware/kernel contents.
69  # NOTE: The kernel and config file can't really be random, but the bootloader
70  # can. That's probably close enough.
71  echo "Generating test image file..."
72  dd if=/dev/urandom of=${TEST_IMAGE_FILE} bs=${TEST_IMAGE_SIZE} count=1
73  echo "Generating test bootloader file..."
74  # TODO(gauravsh): Use a valid bootloader here?
75  dd if=/dev/urandom of=${TEST_BOOTLOADER_FILE} bs=${TEST_BOOTLOADER_SIZE} \
76    count=1
77  echo "Generating test config file..."
78  # TODO(gauravsh): Use a valid config file here?
79  dd if=/dev/urandom of=${TEST_CONFIG_FILE} bs=${TEST_CONFIG_SIZE} count=1
80}
81
82mkdir -p ${TESTCASE_DIR}
83pre_work
84check_test_keys
85generate_fuzzing_images ${TEST_IMAGE_FILE}
86
87