1#!/bin/bash 2# 3# A test suite for recovery's package signature verifier. Run in a 4# client where you have done envsetup, lunch, etc. 5# 6# TODO: find some way to get this run regularly along with the rest of 7# the tests. 8 9EMULATOR_PORT=5580 10DATA_DIR=$ANDROID_BUILD_TOP/bootable/recovery/testdata 11 12WORK_DIR=/data/local/tmp 13 14# set to 0 to use a device instead 15USE_EMULATOR=0 16 17# ------------------------ 18 19if [ "$USE_EMULATOR" == 1 ]; then 20 emulator -wipe-data -noaudio -no-window -port $EMULATOR_PORT & 21 pid_emulator=$! 22 ADB="adb -s emulator-$EMULATOR_PORT " 23else 24 ADB="adb -d " 25fi 26 27echo "waiting to connect to device" 28$ADB wait-for-device 29 30# run a command on the device; exit with the exit status of the device 31# command. 32run_command() { 33 $ADB shell "$@" \; echo \$? | awk '{if (b) {print a}; a=$0; b=1} END {exit a}' 34} 35 36testname() { 37 echo 38 echo "::: testing $1 :::" 39 testname="$1" 40} 41 42fail() { 43 echo 44 echo FAIL: $testname 45 echo 46 [ "$open_pid" == "" ] || kill $open_pid 47 [ "$pid_emulator" == "" ] || kill $pid_emulator 48 exit 1 49} 50 51 52cleanup() { 53 # not necessary if we're about to kill the emulator, but nice for 54 # running on real devices or already-running emulators. 55 run_command rm $WORK_DIR/verifier_test 56 run_command rm $WORK_DIR/package.zip 57 58 [ "$pid_emulator" == "" ] || kill $pid_emulator 59} 60 61$ADB push $ANDROID_PRODUCT_OUT/system/bin/verifier_test \ 62 $WORK_DIR/verifier_test 63 64expect_succeed() { 65 testname "$1 (should succeed)" 66 $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip 67 shift 68 run_command $WORK_DIR/verifier_test "$@" $WORK_DIR/package.zip || fail 69} 70 71expect_fail() { 72 testname "$1 (should fail)" 73 $ADB push $DATA_DIR/$1 $WORK_DIR/package.zip 74 shift 75 run_command $WORK_DIR/verifier_test "$@" $WORK_DIR/package.zip && fail 76} 77 78# not signed at all 79expect_fail unsigned.zip 80# signed in the pre-donut way 81expect_fail jarsigned.zip 82 83# success cases 84expect_succeed otasigned.zip -e3 85expect_succeed otasigned_f4.zip -f4 86expect_succeed otasigned_sha256.zip -e3 -sha256 87expect_succeed otasigned_f4_sha256.zip -f4 -sha256 88expect_succeed otasigned_ecdsa_sha256.zip -ec -sha256 89 90# success with multiple keys 91expect_succeed otasigned.zip -f4 -e3 92expect_succeed otasigned_f4.zip -ec -f4 93expect_succeed otasigned_sha256.zip -ec -e3 -e3 -sha256 94expect_succeed otasigned_f4_sha256.zip -ec -sha256 -e3 -f4 -sha256 95expect_succeed otasigned_ecdsa_sha256.zip -f4 -sha256 -e3 -ec -sha256 96 97# verified against different key 98expect_fail otasigned.zip -f4 99expect_fail otasigned_f4.zip -e3 100expect_fail otasigned_ecdsa_sha256.zip -e3 -sha256 101 102# verified against right key but wrong hash algorithm 103expect_fail otasigned.zip -e3 -sha256 104expect_fail otasigned_f4.zip -f4 -sha256 105expect_fail otasigned_sha256.zip 106expect_fail otasigned_f4_sha256.zip -f4 107expect_fail otasigned_ecdsa_sha256.zip 108 109# various other cases 110expect_fail random.zip 111expect_fail fake-eocd.zip 112expect_fail alter-metadata.zip 113expect_fail alter-footer.zip 114 115# --------------- cleanup ---------------------- 116 117cleanup 118 119echo 120echo PASS 121echo 122