diff options
Diffstat (limited to 'test/py/tests')
| -rw-r--r-- | test/py/tests/test_vboot.py | 12 | ||||
| -rw-r--r-- | test/py/tests/vboot/sign-configs-sha384.its | 45 | ||||
| -rw-r--r-- | test/py/tests/vboot/sign-images-sha384.its | 42 |
3 files changed, 97 insertions, 2 deletions
diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py index 095e00cce36..b080d482af9 100644 --- a/test/py/tests/test_vboot.py +++ b/test/py/tests/test_vboot.py @@ -45,6 +45,8 @@ TESTDATA = [ ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False, False], ['sha256-pss-required', 'sha256', '-pss', None, True, False], ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', True, True], + ['sha384-basic', 'sha384', '', None, False, False], + ['sha384-pad', 'sha384', '', '-E -p 0x10000', False, False], ] @pytest.mark.boardspec('sandbox') @@ -180,10 +182,16 @@ def test_vboot(u_boot_console, name, sha_algo, padding, sign_options, required, name: Name of of the key (e.g. 'dev') """ public_exponent = 65537 + + if sha_algo == "sha384": + rsa_keygen_bits = 3072 + else: + rsa_keygen_bits = 2048 + util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %s%s.key ' - '-pkeyopt rsa_keygen_bits:2048 ' + '-pkeyopt rsa_keygen_bits:%d ' '-pkeyopt rsa_keygen_pubexp:%d' % - (tmpdir, name, public_exponent)) + (tmpdir, name, rsa_keygen_bits, public_exponent)) # Create a certificate containing the public key util.run_and_log(cons, 'openssl req -batch -new -x509 -key %s%s.key ' diff --git a/test/py/tests/vboot/sign-configs-sha384.its b/test/py/tests/vboot/sign-configs-sha384.its new file mode 100644 index 00000000000..2869401991e --- /dev/null +++ b/test/py/tests/vboot/sign-configs-sha384.its @@ -0,0 +1,45 @@ +/dts-v1/; + +/ { + description = "Chrome OS kernel image with one or more FDT blobs"; + #address-cells = <1>; + + images { + kernel { + data = /incbin/("test-kernel.bin"); + type = "kernel_noload"; + arch = "sandbox"; + os = "linux"; + compression = "none"; + load = <0x4>; + entry = <0x8>; + kernel-version = <1>; + hash-1 { + algo = "sha384"; + }; + }; + fdt-1 { + description = "snow"; + data = /incbin/("sandbox-kernel.dtb"); + type = "flat_dt"; + arch = "sandbox"; + compression = "none"; + fdt-version = <1>; + hash-1 { + algo = "sha384"; + }; + }; + }; + configurations { + default = "conf-1"; + conf-1 { + kernel = "kernel"; + fdt = "fdt-1"; + signature { + algo = "sha384,rsa3072"; + key-name-hint = "dev"; + sign-images = "fdt", "kernel"; + }; + }; + }; +}; diff --git a/test/py/tests/vboot/sign-images-sha384.its b/test/py/tests/vboot/sign-images-sha384.its new file mode 100644 index 00000000000..be1a9a653c7 --- /dev/null +++ b/test/py/tests/vboot/sign-images-sha384.its @@ -0,0 +1,42 @@ +/dts-v1/; + +/ { + description = "Chrome OS kernel image with one or more FDT blobs"; + #address-cells = <1>; + + images { + kernel { + data = /incbin/("test-kernel.bin"); + type = "kernel_noload"; + arch = "sandbox"; + os = "linux"; + compression = "none"; + load = <0x4>; + entry = <0x8>; + kernel-version = <1>; + signature { + algo = "sha384,rsa3072"; + key-name-hint = "dev"; + }; + }; + fdt-1 { + description = "snow"; + data = /incbin/("sandbox-kernel.dtb"); + type = "flat_dt"; + arch = "sandbox"; + compression = "none"; + fdt-version = <1>; + signature { + algo = "sha384,rsa3072"; + key-name-hint = "dev"; + }; + }; + }; + configurations { + default = "conf-1"; + conf-1 { + kernel = "kernel"; + fdt = "fdt-1"; + }; + }; +}; |