publish
3.25 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
#!/bin/sh
certsgen=$ROOT/usr/sbin/certsgen
pubrom=$ROOT/usr/sbin/pubrom
tickrom=$ROOT/usr/sbin/tickrom
bbcert=$ROOT/usr/sbin/bbcert
bootdir=$BBROOT/sw/bbplayer/bbapps/boot
tmpfile=_cmd$$
tmpfile2=_cert$$
numchains=2
cpserver=CP00000001
cpca=CPCA00000001
xserver=XS00000001
xca=XSCA00000001
if [[ -n $BBCERT ]]; then
bbtarget="-c $BBCERT"
else
echo "WARNING: no BBCERT defined. Test apps will not be ticketed."
exit 0;
fi
if [[ -z $SKIP_CERT_GEN ]]; then
echo "$ROOT/usr/host_data/root.key" > $tmpfile
echo "$numchains" >> $tmpfile
echo "$cpserver $cpca" >> $tmpfile
echo "$xserver $xca" >> $tmpfile
$certsgen $tmpfile
rm -f $tmpfile
fi
# publish testapp itself
$pubrom -E -S $cpserver.key -R 0xffffffff -r 0xffffffff -t sktest_launch rom 0x00020000
$tickrom -S $xserver.key $bbtarget 0x00020000 ticket.sys
#
# publish test cases
#
# cmd signed by xs chain
$pubrom -E -S $xserver.key -R 0xffffffff -r 0xffffffff -t xs_signs_cmd rom 0x00020001
$tickrom -S $xserver.key $bbtarget 0x00020001 ticket.sys
# ticket signed by cp chain
$pubrom -E -S $cpserver.key -R 0xffffffff -r 0xffffffff -t cp_signs_tik rom 0x00020002
$tickrom -S $cpserver.key $bbtarget 0x00020002 ticket.sys
# bad bbid
cp $BBCERT $tmpfile2
$bbcert -B $tmpfile2
$pubrom -E -S $cpserver.key -R 0xffffffff -r 0xffffffff -t bad_bbid rom 0x00020003
$tickrom -S $xserver.key -c $tmpfile2 0x00020003 ticket.sys
rm -f $tmpfile2
# app hash bad (actually published ok, but allows testapp to alter bytes
# via fs calls)
$pubrom -E -S $cpserver.key -R 0xffffffff -r 0xffffffff -t set_hash_bad rom2 0x00020004
$tickrom -S $xserver.key $bbtarget 0x00020004 ticket.sys
# sysapp bundled correctly (sanity check)
echo $bootdir/bundleBootapp -n -C cert.sys -S $cpserver.key $bootdir/sysapp/rom sysapp.aes sysapp.tik
$bootdir/bundleBootapp -n -C cert.sys -S $cpserver.key $bootdir/sysapp/rom sysapp.aes sysapp.tik
# sysapp ticket bundle with cmd signed by xs chain
echo $bootdir/bundleBootapp -n -C cert.sys -S $xserver.key $bootdir/sysapp/rom sysapp_xs.aes sysapp_xs.tik
$bootdir/bundleBootapp -n -C cert.sys -S $xserver.key $bootdir/sysapp/rom sysapp_xs.aes sysapp_xs.tik
# sysapp ticket bundle with sig error in cmd
echo $bootdir/bundleBootapp -n -T -C cert.sys -S $cpserver.key $bootdir/sysapp/rom sysapp_sig.aes sysapp_sig.tik
$bootdir/bundleBootapp -n -T -C cert.sys -S $cpserver.key $bootdir/sysapp/rom sysapp_sig.aes sysapp_sig.tik
# sysapp ticket bundle with error in content hash (the final pair is
# sysapp_hash.aes and sysapp_hash.tik)
cp -f $bootdir/sysapp/rom __romgood
echo "good" >> __romgood
echo $bootdir/bundleBootapp -n -C cert.sys -S $cpserver.key __romgood sysapp_hash.aes sysapp_hash.tik
$bootdir/bundleBootapp -n -C cert.sys -S $cpserver.key __romgood sysapp_hash.aes sysapp_hash.tik
cp -f $bootdir/sysapp/rom __rombad
echo "bad" >> __rombad
echo $bootdir/bundleBootapp -n -C cert.sys -S $cpserver.key __rombad sysapp_hash.aes sysapp_hash.tik.junk
$bootdir/bundleBootapp -n -C cert.sys -S $cpserver.key __rombad sysapp_hash.aes sysapp_hash.tik.junk
rm -f sysapp_hash.tik.junk __rombad __romgood
#
# add usbmon for convenience
#
if [[ -n $ADD_USBMON ]]; then
pubrom -S $cpserver.key -t usbmon ../../usbmon/rom usbmon
tickrom -S $xserver.key $bbtarget usbmon ticket.sys
fi