vbatts/sbsigntools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

tests: Add a few simple tests

Browse source 
Add a few tests for the sign, verify, attach and detach code. These
require some additional infrastructure to create a sample PE/COFF
executable, plus a key & cert for testing.

Signed-off-by: Jeremy Kerr <jeremy.kerr@canonical.com>
This commit is contained in:
Jeremy Kerr 2012-06-13 14:23:26 +08:00
parent 0c5de30566
commit b05afccde0
9 changed files with 158 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Makefile.am
View file

@ -29,4 +29,4 @@ $(top_builddir)/docs/%.1: $(srcdir)/docs/%.1.in $(top_builddir)/%
$(MKDIR_P) $(@D) $(MKDIR_P) $(@D)
$(HELP2MAN) --no-info -i $< -o $@ $(top_builddir)/$* $(HELP2MAN) --no-info -i $< -o $@ $(top_builddir)/$*
SUBDIRS = lib/ccan SUBDIRS = lib/ccan . tests

6
configure.ac
View file

@ -7,12 +7,16 @@ AC_PREREQ(2.60)
AC_CONFIG_HEADERS(config.h) AC_CONFIG_HEADERS(config.h)
AC_CONFIG_SRCDIR(sbsign.c) AC_CONFIG_SRCDIR(sbsign.c)
AM_PROG_AS
AC_PROG_CC AC_PROG_CC
AM_PROG_CC_C_O AM_PROG_CC_C_O
AC_PROG_CPP AC_PROG_CPP
AC_PROG_RANLIB AC_PROG_RANLIB
AC_PROG_MKDIR_P AC_PROG_MKDIR_P
AC_CHECK_TOOL(OBJCOPY, [objcopy])
AC_CHECK_TOOL(STRIP, [strip])
if test $cross_compiling = no; then if test $cross_compiling = no; then
AM_MISSING_PROG(HELP2MAN, help2man) AM_MISSING_PROG(HELP2MAN, help2man)
else else
@ -51,5 +55,5 @@ PKG_CHECK_MODULES(libcrypto, libcrypto,
[], [],
AC_MSG_ERROR([libcrypto (from the OpenSSL package) is required])) AC_MSG_ERROR([libcrypto (from the OpenSSL package) is required]))
AC_CONFIG_FILES([Makefile lib/ccan/Makefile]) AC_CONFIG_FILES([Makefile lib/ccan/Makefile tests/Makefile])
AC_OUTPUT AC_OUTPUT

43
tests/Makefile.am Normal file
View file

@ -0,0 +1,43 @@
test_key = private-key.rsa
test_cert = public-cert.pem
test_image = test.pecoff
check_PROGRAMS = test.pecoff
check_DATA = $(test_key) $(test_cert)
check_SCRIPTS = common.sh
test_image_arch = x86-64
test_lds = $(srcdir)/test.lds
test_pecoff_SOURCES =
test.pecoff: test.elf
$(OBJCOPY) -j .text -j .sdata -j .data \
-j .dynamic -j .dynsym -j .rel \
-j .rela -j .reloc \
--target=efi-app-$(test_image_arch) $^ $@
$(STRIP) $@
test.elf: LDFLAGS = -nostdlib -T $(test_lds) -m64
test.elf: test.$(OBJEXT) $(test_lds)
$(LINK) $<
.INTERMEDIATE: test.elf
test.$(OBJEXT): ASFLAGS = -m64
test.$(OBJEXT): $(srcdir)/test.S
$(AS) -o $@ $^
$(test_key): Makefile
openssl genrsa -out $@ 2048
$(test_cert): $(test_key) Makefile
openssl req -x509 -sha256 -subj '/' -new -key $< -out $@
TESTS = sign-verify.sh \
sign-verify-detached.sh \
sign-attach-verify.sh
EXTRA_DIST = $(test_lds) test.S $(TESTS) $(check_SCRIPTS)
CLEANFILES = $(test_key) $(test_cert) $(test_image)

12
tests/common.sh Normal file
View file

@ -0,0 +1,12 @@
basedir=..
testdir="$basedir/tests"
bindir="$basedir"
sbsign=$bindir/sbsign
sbverify=$bindir/sbverify
sbattach=$bindir/sbattach
key="$testdir/private-key.rsa"
cert="$testdir/public-cert.pem"
image="$testdir/test.pecoff"

12
tests/sign-attach-verify.sh Executable file
View file

@ -0,0 +1,12 @@
#!/bin/bash -e
. "$srcdir/common.sh"
sig=test.sig
signed=test.signed
trap 'rm -f "$sig" "$signed"' EXIT
"$sbsign" --cert "$cert" --key "$key" --detached --output $sig "$image"
"$sbattach" --attach $sig $signed
"$sbverify" --cert "$cert" "$signed"

10
tests/sign-verify-detached.sh Executable file
View file

@ -0,0 +1,10 @@
#!/bin/bash -e
. "$srcdir/common.sh"
sig=test.sig
trap 'rm -f "$sig"' EXIT
"$sbsign" --cert "$cert" --key "$key" --detached --output $sig "$image"
"$sbverify" --cert "$cert" --detached $sig "$image"

6
tests/sign-verify.sh Executable file
View file

@ -0,0 +1,6 @@
#!/bin/bash -e
. "$srcdir/common.sh"
"$sbsign" --cert "$cert" --key "$key" --output test.signed "$image"
"$sbverify" --cert "$cert" test.signed

9
tests/test.S Normal file
View file

@ -0,0 +1,9 @@
.text
.globl _start
_start:
nop
.data
data:
.long 0x0

60
tests/test.lds Normal file
View file

@ -0,0 +1,60 @@
/* Same as elf_x86_64_fbsd_efi.lds, except for OUTPUT_FORMAT below - KEEP IN SYNC */
OUTPUT_FORMAT("elf64-x86-64", "elf64-x86-64", "elf64-x86-64")
OUTPUT_ARCH(i386:x86-64)
ENTRY(_start)
SECTIONS
{
. = 0;
ImageBase = .;
.hash : { *(.hash) } /* this MUST come first! */
. = ALIGN(4096);
.eh_frame :
{
*(.eh_frame)
}
. = ALIGN(4096);
.text :
{
*(.text)
}
. = ALIGN(4096);
.reloc :
{
*(.reloc)
}
. = ALIGN(4096);
.data :
{
*(.rodata*)
*(.got.plt)
*(.got)
*(.data*)
*(.sdata)
/* the EFI loader doesn't seem to like a .bss section, so we stick
it all into .data: */
*(.sbss)
*(.scommon)
*(.dynbss)
*(.bss)
*(COMMON)
*(.rel.local)
}
. = ALIGN(4096);
.dynamic : { *(.dynamic) }
. = ALIGN(4096);
.rela :
{
*(.rela.data*)
*(.rela.got)
*(.rela.stab)
}
. = ALIGN(4096);
.dynsym : { *(.dynsym) }
. = ALIGN(4096);
.dynstr : { *(.dynstr) }
. = ALIGN(4096);
.ignored.reloc :
{
*(.rela.reloc)
}
}