diff options
| author | Bill Richardson <wfrichar@chromium.org> | 2010-08-09 17:50:14 -0700 |
|---|---|---|
| committer | Bill Richardson <wfrichar@chromium.org> | 2010-08-09 17:50:14 -0700 |
| commit | 4f36ef336036e01b0bd2b395dd55e15db0267266 (patch) | |
| tree | 4b21ee0d91f3858584908a51efce3ff0569225f2 /tests/run_vbutil_tests.sh | |
| parent | cbaf69658146279a557283f757f39ab8157f7391 (diff) | |
| download | vboot-4f36ef336036e01b0bd2b395dd55e15db0267266.tar.gz | |
Changes to allow user-signed kernels to be generated.
Make vbutil_keyblock handle unsigned blocks. Also enable --unpack option and
add tests for it.
Modify vbutil_kernel to allow unsigned keyblocks, correct usage message,
and fix the --debug option which was somehow disabled.
Update load_kernel_test to accept /dev/null for the public key, to test
non-signed kernel keyblocks.
Review URL: http://codereview.chromium.org/3124004
Diffstat (limited to 'tests/run_vbutil_tests.sh')
| -rwxr-xr-x | tests/run_vbutil_tests.sh | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/tests/run_vbutil_tests.sh b/tests/run_vbutil_tests.sh index abbd17b7..b8811305 100755 --- a/tests/run_vbutil_tests.sh +++ b/tests/run_vbutil_tests.sh @@ -68,13 +68,25 @@ ${datahashalgo}${COL_STOP}" keyblockfile+="${data_algorithmcounter}.keyblock" rm -f ${keyblockfile} - # Wrap + # Wrap private key ${UTIL_DIR}/vbutil_key \ --pack ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbprivk \ --key ${TESTKEY_DIR}/key_rsa${signing_keylen}.pem \ --algorithm $signing_algorithmcounter if [ $? -ne 0 ] then + echo -e "${COL_RED}Wrap vbprivk${COL_STOP}" + return_code=255 + fi + + # Wrap public key + ${UTIL_DIR}/vbutil_key \ + --pack ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbpubk \ + --key ${TESTKEY_DIR}/key_rsa${signing_keylen}.keyb \ + --algorithm $signing_algorithmcounter + if [ $? -ne 0 ] + then + echo -e "${COL_RED}Wrap vbpubk${COL_STOP}" return_code=255 fi @@ -86,17 +98,30 @@ ${datahashalgo}${COL_STOP}" ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbprivk if [ $? -ne 0 ] then + echo -e "${COL_RED}Pack${COL_STOP}" return_code=255 fi # Unpack ${UTIL_DIR}/vbutil_keyblock --unpack ${keyblockfile} \ + --datapubkey \ + ${TESTKEY_SCRATCH_DIR}/key_alg${data_algorithmcounter}.vbpubk2 \ --signpubkey \ - ${TESTKEY_SCRATCH_DIR}/key_alg${signing_algorithmcounter}.vbpubk - # TODO: check data key against the packed one? + ${TESTKEY_SCRATCH_DIR}/key_alg${algorithmcounter}.vbpubk if [ $? -ne 0 ] then + echo -e "${COL_RED}Unpack${COL_STOP}" + return_code=255 + fi + + # Check + if ! cmp -s \ + ${TESTKEY_SCRATCH_DIR}/key_alg${data_algorithmcounter}.vbpubk \ + ${TESTKEY_SCRATCH_DIR}/key_alg${data_algorithmcounter}.vbpubk2 + then + echo -e "${COL_RED}Check${COL_STOP}" return_code=255 + exit 1 fi let data_algorithmcounter=data_algorithmcounter+1 |