1#!/bin/bash -eux
2# Copyright 2014 The Chromium OS Authors. All rights reserved.
3# Use of this source code is governed by a BSD-style license that can be
4# found in the LICENSE file.
5
6me=${0##*/}
7TMP="$me.tmp"
8
9# Work in scratch directory
10cd "$OUTDIR"
11
12# some stuff we'll need
13DEVKEYS=${SRCDIR}/tests/devkeys
14
15# The show command exits with 0 if the data is consistent.
16# The verify command exits with 0 only if all the data is verified.
17
18####  keyblock
19
20${FUTILITY} show ${DEVKEYS}/firmware.keyblock
21
22if ${FUTILITY} verify ${DEVKEYS}/firmware.keyblock ; then false; fi
23
24${FUTILITY} verify ${DEVKEYS}/firmware.keyblock \
25  --publickey ${DEVKEYS}/root_key.vbpubk
26
27
28#### firmware vblock
29
30# Get some bits to look at
31${FUTILITY} dump_fmap -x ${SCRIPTDIR}/data/bios_peppy_mp.bin \
32  GBB:${TMP}.gbb VBLOCK_A:${TMP}.vblock_a FW_MAIN_A:${TMP}.fw_main_a
33${FUTILITY} gbb_utility -g -k ${TMP}.rootkey ${TMP}.gbb
34
35
36${FUTILITY} show ${TMP}.vblock_a
37
38${FUTILITY} show ${TMP}.vblock_a --publickey ${TMP}.rootkey
39
40${FUTILITY} show ${TMP}.vblock_a \
41  --publickey ${TMP}.rootkey \
42  --fv ${TMP}.fw_main_a
43
44if ${FUTILITY} verify ${TMP}.vblock_a ; then false ; fi
45
46if ${FUTILITY} verify ${TMP}.vblock_a \
47  --publickey ${TMP}.rootkey ; then false ; fi
48
49${FUTILITY} verify ${TMP}.vblock_a \
50  --publickey ${TMP}.rootkey \
51  --fv ${TMP}.fw_main_a
52
53
54#### kernel partition
55
56${FUTILITY} show ${SCRIPTDIR}/data/rec_kernel_part.bin
57
58${FUTILITY} show ${SCRIPTDIR}/data/rec_kernel_part.bin \
59  --publickey ${DEVKEYS}/kernel_subkey.vbpubk
60
61${FUTILITY} show ${SCRIPTDIR}/data/rec_kernel_part.bin \
62  --publickey ${DEVKEYS}/recovery_key.vbpubk
63
64if ${FUTILITY} verify ${SCRIPTDIR}/data/rec_kernel_part.bin ; then false ; fi
65
66if ${FUTILITY} verify ${SCRIPTDIR}/data/rec_kernel_part.bin \
67  --publickey ${DEVKEYS}/kernel_subkey.vbpubk ; then false ; fi
68
69${FUTILITY} verify ${SCRIPTDIR}/data/rec_kernel_part.bin \
70  --publickey ${DEVKEYS}/recovery_key.vbpubk
71
72
73# cleanup
74rm -rf ${TMP}*
75exit 0
76