1*8617a60dSAndroid Build Coastguard Worker#!/bin/bash -u 2*8617a60dSAndroid Build Coastguard Worker# 3*8617a60dSAndroid Build Coastguard Worker# Copyright 2012 The ChromiumOS Authors 4*8617a60dSAndroid Build Coastguard Worker# Use of this source code is governed by a BSD-style license that can be 5*8617a60dSAndroid Build Coastguard Worker# found in the LICENSE file. 6*8617a60dSAndroid Build Coastguard Worker# 7*8617a60dSAndroid Build Coastguard Worker# This tests that vblocks using pre-3.0 versions of vb2_fw_preamble 8*8617a60dSAndroid Build Coastguard Worker# and vb2_kernel_preamble will still verify (or not) correctly. We 9*8617a60dSAndroid Build Coastguard Worker# need to keep the old versions around to make sure that we can still 10*8617a60dSAndroid Build Coastguard Worker# sign images in the ways that existing devices can validate. 11*8617a60dSAndroid Build Coastguard Worker 12*8617a60dSAndroid Build Coastguard Worker# Load common constants and variables for tests. 13*8617a60dSAndroid Build Coastguard Worker. "$(dirname "$0")/common.sh" 14*8617a60dSAndroid Build Coastguard Worker 15*8617a60dSAndroid Build Coastguard Workerif [ "${1:---some}" == "--all" ] ; then 16*8617a60dSAndroid Build Coastguard Worker # all algs 17*8617a60dSAndroid Build Coastguard Worker algs="0 1 2 3 4 5 6 7 8 9 10 11" 18*8617a60dSAndroid Build Coastguard Workerelse 19*8617a60dSAndroid Build Coastguard Worker # just the algs we use 20*8617a60dSAndroid Build Coastguard Worker algs="4 7 11" 21*8617a60dSAndroid Build Coastguard Workerfi 22*8617a60dSAndroid Build Coastguard Worker 23*8617a60dSAndroid Build Coastguard Worker# output directories 24*8617a60dSAndroid Build Coastguard WorkerPREAMBLE_DIR="${SCRIPT_DIR}/preamble_tests" 25*8617a60dSAndroid Build Coastguard WorkerDATADIR="${PREAMBLE_DIR}/data" 26*8617a60dSAndroid Build Coastguard WorkerV2DIR="${PREAMBLE_DIR}/preamble_v2x" 27*8617a60dSAndroid Build Coastguard Worker 28*8617a60dSAndroid Build Coastguard Workertests=0 29*8617a60dSAndroid Build Coastguard Workererrs=0 30*8617a60dSAndroid Build Coastguard Worker 31*8617a60dSAndroid Build Coastguard Worker# Check the firmware results 32*8617a60dSAndroid Build Coastguard Workerfor d in $algs; do 33*8617a60dSAndroid Build Coastguard Worker for r in $algs; do 34*8617a60dSAndroid Build Coastguard Worker for rr in $algs; do 35*8617a60dSAndroid Build Coastguard Worker if [ "$r" = "$rr" ]; then 36*8617a60dSAndroid Build Coastguard Worker what="verify" 37*8617a60dSAndroid Build Coastguard Worker else 38*8617a60dSAndroid Build Coastguard Worker what="reject" 39*8617a60dSAndroid Build Coastguard Worker fi 40*8617a60dSAndroid Build Coastguard Worker : $(( tests++ )) 41*8617a60dSAndroid Build Coastguard Worker echo -n "${what} fw_${d}_${r}.vblock with root_${rr}.vbpubk ... " 42*8617a60dSAndroid Build Coastguard Worker "${FUTILITY}" verify --type fw_pre \ 43*8617a60dSAndroid Build Coastguard Worker --publickey "${DATADIR}/root_${rr}.vbpubk" \ 44*8617a60dSAndroid Build Coastguard Worker --fv "${DATADIR}/FWDATA" \ 45*8617a60dSAndroid Build Coastguard Worker "${V2DIR}/fw_${d}_${r}.vblock" >/dev/null 2>&1 46*8617a60dSAndroid Build Coastguard Worker if [[ ( $? != 0 && $what == "verify" ) || \ 47*8617a60dSAndroid Build Coastguard Worker ( $? == 0 && $what == "reject" ) ]] 48*8617a60dSAndroid Build Coastguard Worker then 49*8617a60dSAndroid Build Coastguard Worker echo -e "${COL_RED}FAILED${COL_STOP}" 50*8617a60dSAndroid Build Coastguard Worker : $(( errs++ )) 51*8617a60dSAndroid Build Coastguard Worker else 52*8617a60dSAndroid Build Coastguard Worker echo -e "${COL_GREEN}PASSED${COL_STOP}" 53*8617a60dSAndroid Build Coastguard Worker fi 54*8617a60dSAndroid Build Coastguard Worker done 55*8617a60dSAndroid Build Coastguard Worker done 56*8617a60dSAndroid Build Coastguard Workerdone 57*8617a60dSAndroid Build Coastguard Worker 58*8617a60dSAndroid Build Coastguard Worker 59*8617a60dSAndroid Build Coastguard Worker# Check the kernel results 60*8617a60dSAndroid Build Coastguard Workerfor d in $algs; do 61*8617a60dSAndroid Build Coastguard Worker for r in $algs; do 62*8617a60dSAndroid Build Coastguard Worker for rr in $algs; do 63*8617a60dSAndroid Build Coastguard Worker if [ "$r" = "$rr" ]; then 64*8617a60dSAndroid Build Coastguard Worker what="verify" 65*8617a60dSAndroid Build Coastguard Worker else 66*8617a60dSAndroid Build Coastguard Worker what="reject" 67*8617a60dSAndroid Build Coastguard Worker fi 68*8617a60dSAndroid Build Coastguard Worker : $(( tests++ )) 69*8617a60dSAndroid Build Coastguard Worker echo -n "${what} kern_${d}_${r}.vblock with root_${rr}.vbpubk ... " 70*8617a60dSAndroid Build Coastguard Worker "${FUTILITY}" verify --type kernel \ 71*8617a60dSAndroid Build Coastguard Worker --publickey "${DATADIR}/root_${rr}.vbpubk" \ 72*8617a60dSAndroid Build Coastguard Worker "${V2DIR}/kern_${d}_${r}.vblock" >/dev/null 2>&1 73*8617a60dSAndroid Build Coastguard Worker if [[ ( $? != 0 && $what == "verify" ) || \ 74*8617a60dSAndroid Build Coastguard Worker ( $? == 0 && $what == "reject" ) ]] 75*8617a60dSAndroid Build Coastguard Worker then 76*8617a60dSAndroid Build Coastguard Worker echo -e "${COL_RED}FAILED${COL_STOP}" 77*8617a60dSAndroid Build Coastguard Worker : $(( errs++ )) 78*8617a60dSAndroid Build Coastguard Worker else 79*8617a60dSAndroid Build Coastguard Worker echo -e "${COL_GREEN}PASSED${COL_STOP}" 80*8617a60dSAndroid Build Coastguard Worker fi 81*8617a60dSAndroid Build Coastguard Worker done 82*8617a60dSAndroid Build Coastguard Worker done 83*8617a60dSAndroid Build Coastguard Workerdone 84*8617a60dSAndroid Build Coastguard Worker 85*8617a60dSAndroid Build Coastguard Worker 86*8617a60dSAndroid Build Coastguard Worker# Check the kernel results 87*8617a60dSAndroid Build Coastguard Workerfor d in $algs; do 88*8617a60dSAndroid Build Coastguard Worker for r in $algs; do 89*8617a60dSAndroid Build Coastguard Worker : $(( tests++ )) 90*8617a60dSAndroid Build Coastguard Worker echo -n "verify kern_${d}_${r}.vblock with hash only ... " 91*8617a60dSAndroid Build Coastguard Worker if ! "${FUTILITY}" vbutil_kernel \ 92*8617a60dSAndroid Build Coastguard Worker --verify "${V2DIR}/kern_${d}_${r}.vblock" >/dev/null 2>&1 93*8617a60dSAndroid Build Coastguard Worker then 94*8617a60dSAndroid Build Coastguard Worker echo -e "${COL_RED}FAILED${COL_STOP}" 95*8617a60dSAndroid Build Coastguard Worker : $(( errs++ )) 96*8617a60dSAndroid Build Coastguard Worker else 97*8617a60dSAndroid Build Coastguard Worker echo -e "${COL_GREEN}PASSED${COL_STOP}" 98*8617a60dSAndroid Build Coastguard Worker fi 99*8617a60dSAndroid Build Coastguard Worker done 100*8617a60dSAndroid Build Coastguard Workerdone 101*8617a60dSAndroid Build Coastguard Worker 102*8617a60dSAndroid Build Coastguard Worker 103*8617a60dSAndroid Build Coastguard Worker# Summary 104*8617a60dSAndroid Build Coastguard WorkerME=$(basename "$0") 105*8617a60dSAndroid Build Coastguard Workerif [ "$errs" -ne 0 ]; then 106*8617a60dSAndroid Build Coastguard Worker echo -e "${COL_RED}${ME}: ${errs}/${tests} tests failed${COL_STOP}" 107*8617a60dSAndroid Build Coastguard Worker exit 1 108*8617a60dSAndroid Build Coastguard Workerfi 109*8617a60dSAndroid Build Coastguard Workerhappy "${ME}: All ${tests} tests passed" 110*8617a60dSAndroid Build Coastguard Workerexit 0 111