1#!/bin/bash
2
3#
4# Copyright (C) 2016 The Android Open Source Project
5#
6# Permission is hereby granted, free of charge, to any person
7# obtaining a copy of this software and associated documentation
8# files (the "Software"), to deal in the Software without
9# restriction, including without limitation the rights to use, copy,
10# modify, merge, publish, distribute, sublicense, and/or sell copies
11# of the Software, and to permit persons to whom the Software is
12# furnished to do so, subject to the following conditions:
13#
14# The above copyright notice and this permission notice shall be
15# included in all copies or substantial portions of the Software.
16#
17# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
18# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
19# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
20# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
21# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
22# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
23# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24# SOFTWARE.
25#
26
27# This shell-script generates ATX test data in the working directory.
28# An avbtool executable is assumed to reside in the parent directory
29# of this script.
30#
31# The *atx* test data in the test/data/ directory was generated with
32# this script. It is consistent with the expectations of avbtool unit
33# tests and ATX unit tests. This script exists as a record of how the
34# data was generated and as a convenience if it ever needs to be
35# generated again.
36#
37# Typical usage:
38#
39#  $ cd test/data; ../avb_atx_generate_test_data
40
41set -e
42
43TMP_FILE=$(mktemp /tmp/atx_generator.XXXXXXXXXX)
44trap "rm -f '${TMP_FILE}'" EXIT
45
46AVBTOOL=$(dirname "$0")/../avbtool
47
48echo AVBTOOL = ${AVBTOOL}
49
50# Get a zero product ID.
51echo 00000000000000000000000000000000 | xxd -r -p - atx_product_id.bin
52
53# Generate key pairs.
54if [ ! -f testkey_atx_prk.pem ]; then
55  openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -outform PEM \
56    -out testkey_atx_prk.pem
57fi
58if [ ! -f testkey_atx_pik.pem ]; then
59  openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -outform PEM \
60    -out testkey_atx_pik.pem
61fi
62if [ ! -f testkey_atx_psk.pem ]; then
63  openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -outform PEM \
64    -out testkey_atx_psk.pem
65fi
66
67# Construct permanent attributes.
68${AVBTOOL} make_atx_permanent_attributes --output=atx_permanent_attributes.bin \
69  --product_id=atx_product_id.bin --root_authority_key=testkey_atx_prk.pem
70
71# Construct a PIK certificate.
72echo -n "fake PIK subject" > ${TMP_FILE}
73${AVBTOOL} make_atx_certificate --output=atx_pik_certificate.bin \
74  --subject=${TMP_FILE} --subject_key=testkey_atx_pik.pem \
75  --subject_is_intermediate_authority --subject_key_version 42 \
76  --authority_key=testkey_atx_prk.pem
77
78# Construct a PSK certificate.
79${AVBTOOL} make_atx_certificate --output=atx_psk_certificate.bin \
80  --subject=atx_product_id.bin --subject_key=testkey_atx_psk.pem \
81  --subject_key_version 42 --authority_key=testkey_atx_pik.pem
82
83# Construct metadata.
84${AVBTOOL} make_atx_metadata --output=atx_metadata.bin \
85  --intermediate_key_certificate=atx_pik_certificate.bin \
86  --product_key_certificate=atx_psk_certificate.bin
87
88