As now u-boot supports pre-load header with ecdsa, we add some tests to vboot with ecdsa pre-load header.
Signed-off-by: Philippe Reynes <[email protected]> --- v3: - initial version test/py/tests/test_vboot.py | 3 +++ .../tests/vboot/sandbox-binman-ecdsa256.dts | 24 +++++++++++++++++ .../tests/vboot/sandbox-binman-ecdsa384.dts | 24 +++++++++++++++++ .../tests/vboot/sandbox-binman-ecdsa521.dts | 24 +++++++++++++++++ .../vboot/sandbox-u-boot-global-ecdsa256.dts | 27 +++++++++++++++++++ .../vboot/sandbox-u-boot-global-ecdsa384.dts | 27 +++++++++++++++++++ .../vboot/sandbox-u-boot-global-ecdsa521.dts | 27 +++++++++++++++++++ 7 files changed, 156 insertions(+) create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa256.dts create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa384.dts create mode 100644 test/py/tests/vboot/sandbox-binman-ecdsa521.dts create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa256.dts create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa384.dts create mode 100644 test/py/tests/vboot/sandbox-u-boot-global-ecdsa521.dts diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py index 22865f653c5..e0366e06ddb 100644 --- a/test/py/tests/test_vboot.py +++ b/test/py/tests/test_vboot.py @@ -102,6 +102,9 @@ TESTDATA_IN = [ ['algo-arg', 'algo-arg', '', '', '-o sha256,rsa2048', False, False, True, False], ['sha256-global-sign', 'sha256', '-rsa2048', '', '', False, False, False, True], ['sha256-global-sign-pss', 'sha256', '-rsa2048', '-pss', '', False, False, False, True], + ['sha256-global-sign-ecdsa256', 'sha256', '-ecdsa256', '', '', False, False, False, True], + ['sha256-global-sign-ecdsa384', 'sha256', '-ecdsa384', '', '', False, False, False, True], + ['sha256-global-sign-ecdsa521', 'sha256', '-ecdsa521', '', '', False, False, False, True], ] # Mark all but the first test as slow, so they are not run with '-k not slow' diff --git a/test/py/tests/vboot/sandbox-binman-ecdsa256.dts b/test/py/tests/vboot/sandbox-binman-ecdsa256.dts new file mode 100644 index 00000000000..0e84b81078b --- /dev/null +++ b/test/py/tests/vboot/sandbox-binman-ecdsa256.dts @@ -0,0 +1,24 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + filename = "sandbox.img"; + + pre-load { + content = <&image>; + algo-name = "sha256,ecdsa256"; + key-name = "dev.pem"; + header-size = <4096>; + version = <1>; + }; + + image: blob-ext { + filename = "test.fit"; + }; + }; +}; diff --git a/test/py/tests/vboot/sandbox-binman-ecdsa384.dts b/test/py/tests/vboot/sandbox-binman-ecdsa384.dts new file mode 100644 index 00000000000..56faf67fe57 --- /dev/null +++ b/test/py/tests/vboot/sandbox-binman-ecdsa384.dts @@ -0,0 +1,24 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + filename = "sandbox.img"; + + pre-load { + content = <&image>; + algo-name = "sha256,ecdsa384"; + key-name = "dev.pem"; + header-size = <4096>; + version = <1>; + }; + + image: blob-ext { + filename = "test.fit"; + }; + }; +}; diff --git a/test/py/tests/vboot/sandbox-binman-ecdsa521.dts b/test/py/tests/vboot/sandbox-binman-ecdsa521.dts new file mode 100644 index 00000000000..8e2fc3de31d --- /dev/null +++ b/test/py/tests/vboot/sandbox-binman-ecdsa521.dts @@ -0,0 +1,24 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + #address-cells = <1>; + #size-cells = <1>; + + binman { + filename = "sandbox.img"; + + pre-load { + content = <&image>; + algo-name = "sha256,ecdsa521"; + key-name = "dev.pem"; + header-size = <4096>; + version = <1>; + }; + + image: blob-ext { + filename = "test.fit"; + }; + }; +}; diff --git a/test/py/tests/vboot/sandbox-u-boot-global-ecdsa256.dts b/test/py/tests/vboot/sandbox-u-boot-global-ecdsa256.dts new file mode 100644 index 00000000000..f15ada3987c --- /dev/null +++ b/test/py/tests/vboot/sandbox-u-boot-global-ecdsa256.dts @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + model = "Sandbox Verified Boot Test"; + compatible = "sandbox"; + + binman { + }; + + reset@0 { + compatible = "sandbox,reset"; + }; + + image { + pre-load { + sig { + algo-name = "sha256,ecdsa256"; + signature-size = <64>; + mandatory = "yes"; + + key-name = "dev"; + }; + }; + }; +}; diff --git a/test/py/tests/vboot/sandbox-u-boot-global-ecdsa384.dts b/test/py/tests/vboot/sandbox-u-boot-global-ecdsa384.dts new file mode 100644 index 00000000000..24540ace249 --- /dev/null +++ b/test/py/tests/vboot/sandbox-u-boot-global-ecdsa384.dts @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + model = "Sandbox Verified Boot Test"; + compatible = "sandbox"; + + binman { + }; + + reset@0 { + compatible = "sandbox,reset"; + }; + + image { + pre-load { + sig { + algo-name = "sha256,ecdsa384"; + signature-size = <96>; + mandatory = "yes"; + + key-name = "dev"; + }; + }; + }; +}; diff --git a/test/py/tests/vboot/sandbox-u-boot-global-ecdsa521.dts b/test/py/tests/vboot/sandbox-u-boot-global-ecdsa521.dts new file mode 100644 index 00000000000..72fa3b2c790 --- /dev/null +++ b/test/py/tests/vboot/sandbox-u-boot-global-ecdsa521.dts @@ -0,0 +1,27 @@ +// SPDX-License-Identifier: GPL-2.0+ + +/dts-v1/; + +/ { + model = "Sandbox Verified Boot Test"; + compatible = "sandbox"; + + binman { + }; + + reset@0 { + compatible = "sandbox,reset"; + }; + + image { + pre-load { + sig { + algo-name = "sha256,ecdsa521"; + signature-size = <132>; + mandatory = "yes"; + + key-name = "dev"; + }; + }; + }; +}; -- 2.43.0
