rk3588-game
/
android13
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
android13/external/avb/test/avb_atx_generate_test_data

106 lines
4.0 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
#
# Copyright (C) 2016 The Android Open Source Project
#
# Permission is hereby granted, free of charge, to any person
# obtaining a copy of this software and associated documentation
# files (the "Software"), to deal in the Software without
# restriction, including without limitation the rights to use, copy,
# modify, merge, publish, distribute, sublicense, and/or sell copies
# of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be
# included in all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
# This shell-script generates ATX test data in the working directory.
# An avbtool executable is assumed to reside in the parent directory
# of this script.
#
# The *atx* test data in the test/data/ directory was generated with
# this script. It is consistent with the expectations of avbtool unit
# tests and ATX unit tests. This script exists as a record of how the
# data was generated and as a convenience if it ever needs to be
# generated again.
#
# Typical usage:
#
# $ cd test/data; ../avb_atx_generate_test_data
set -e
TMP_FILE=$(mktemp /tmp/atx_generator.XXXXXXXXXX)
trap "rm -f '${TMP_FILE}'" EXIT
AVBTOOL=$(dirname "$0")/../avbtool
echo AVBTOOL = ${AVBTOOL}
# Get a zero product ID.
echo 00000000000000000000000000000000 | xxd -r -p - atx_product_id.bin
# Generate key pairs.
if [ ! -f testkey_atx_prk.pem ]; then
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -outform PEM \
-out testkey_atx_prk.pem
fi
if [ ! -f testkey_atx_pik.pem ]; then
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -outform PEM \
-out testkey_atx_pik.pem
fi
if [ ! -f testkey_atx_psk.pem ]; then
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -outform PEM \
-out testkey_atx_psk.pem
fi
if [ ! -f testkey_atx_puk.pem ]; then
openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:4096 -outform PEM \
-out testkey_atx_puk.pem
fi
# Construct permanent attributes.
${AVBTOOL} make_atx_permanent_attributes --output=atx_permanent_attributes.bin \
--product_id=atx_product_id.bin --root_authority_key=testkey_atx_prk.pem
# Construct a PIK certificate.
echo -n "fake PIK subject" > ${TMP_FILE}
${AVBTOOL} make_atx_certificate --output=atx_pik_certificate.bin \
--subject=${TMP_FILE} --subject_key=testkey_atx_pik.pem \
--subject_is_intermediate_authority --subject_key_version 42 \
--authority_key=testkey_atx_prk.pem
# Construct a PSK certificate.
${AVBTOOL} make_atx_certificate --output=atx_psk_certificate.bin \
--subject=atx_product_id.bin --subject_key=testkey_atx_psk.pem \
--subject_key_version 42 --authority_key=testkey_atx_pik.pem
# Construct metadata.
${AVBTOOL} make_atx_metadata --output=atx_metadata.bin \
--intermediate_key_certificate=atx_pik_certificate.bin \
--product_key_certificate=atx_psk_certificate.bin
# Generate a random unlock challenge.
head -c 16 /dev/urandom > atx_unlock_challenge.bin
# Construct a PUK certificate.
${AVBTOOL} make_atx_certificate --output=atx_puk_certificate.bin \
--subject=atx_product_id.bin --subject_key=testkey_atx_puk.pem \
--usage=com.google.android.things.vboot.unlock --subject_key_version 42 \
--authority_key=testkey_atx_pik.pem
# Construct an unlock credential.
${AVBTOOL} make_atx_unlock_credential --output=atx_unlock_credential.bin \
--intermediate_key_certificate=atx_pik_certificate.bin \
--unlock_key_certificate=atx_puk_certificate.bin \
--challenge=atx_unlock_challenge.bin --unlock_key=testkey_atx_puk.pem
Reference in New Issue View Git Blame Copy Permalink