Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/1.2/patches/2225960/?format=api
{ "id": 2225960, "url": "http://patchwork.ozlabs.org/api/1.2/patches/2225960/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20260421210954.1170437-8-philippe.reynes@softathome.com/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/1.2/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260421210954.1170437-8-philippe.reynes@softathome.com>", "list_archive_url": null, "date": "2026-04-21T21:09:46", "name": "[v5,07/15] test: py: vboot: prepare integration test for ecdsa", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "5c793ec5c33aa546f8fed56d6ecbd9c0cc89ecb0", "submitter": { "id": 74351, "url": "http://patchwork.ozlabs.org/api/1.2/people/74351/?format=api", "name": "Philippe Reynes", "email": "philippe.reynes@softathome.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20260421210954.1170437-8-philippe.reynes@softathome.com/mbox/", "series": [ { "id": 500895, "url": "http://patchwork.ozlabs.org/api/1.2/series/500895/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=500895", "date": "2026-04-21T21:09:51", "name": "add software ecdsa support", "version": 5, "mbox": "http://patchwork.ozlabs.org/series/500895/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2225960/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2225960/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.a=rsa-sha256 header.s=selector1-softathome1-onmicrosoft-com\n header.b=n5NP7cEo;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.b=\"n5NP7cEo\";\n\tdkim-atps=neutral", "phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=philippe.reynes@softathome.com" ], "Received": [ "from phobos.denx.de (phobos.denx.de\n [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g0Zmv428Xz1yGs\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 22 Apr 2026 07:12:15 +1000 (AEST)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 8823B842A4;\n\tTue, 21 Apr 2026 23:10:30 +0200 (CEST)", "by phobos.denx.de (Postfix, from userid 109)\n id CB839841C8; Tue, 21 Apr 2026 23:10:22 +0200 (CEST)", "from MRZP264CU002.outbound.protection.outlook.com\n (mail-francesouthazlp170100001.outbound.protection.outlook.com\n [IPv6:2a01:111:f403:c207::1])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 4317284324\n for <u-boot@lists.denx.de>; Tue, 21 Apr 2026 23:10:03 +0200 (CEST)", "from PA7P264CA0357.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:37c::22)\n by MR1PPFBA7438BF2.FRAP264.PROD.OUTLOOK.COM (2603:10a6:508:1::685)\n with Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9846.18; Tue, 21 Apr\n 2026 21:09:57 +0000", "from PA1PEPF000CC3FB.FRAP264.PROD.OUTLOOK.COM\n (2603:10a6:102:37c:cafe::e) by PA7P264CA0357.outlook.office365.com\n (2603:10a6:102:37c::22) with Microsoft SMTP Server (version=TLS1_3,\n cipher=TLS_AES_256_GCM_SHA384) id 15.20.9791.48 via Frontend Transport; Tue,\n 21 Apr 2026 21:09:57 +0000", "from proxy.softathome.com (149.6.166.170) by\n PA1PEPF000CC3FB.mail.protection.outlook.com (10.167.242.6) with Microsoft\n SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9846.18\n via Frontend Transport; Tue, 21 Apr 2026 21:09:57 +0000", "from sah1lpt726.softathome.com (unknown [192.168.72.32])\n by proxy.softathome.com (Postfix) with ESMTPSA id 6DF7820EC3;\n Tue, 21 Apr 2026 23:09:57 +0200 (CEST)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_PASS,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2", "ARC-Seal": "i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;\n b=kFk7P3qglc8CUDHvTnFD5zFYMvVTxhhl6x4RL8ousKLSlAgwjKTEfBMi7zSj/Jx2iA8XAtoMcuSlADPlKNIYajExz23YK3XVwKPFE0RSbzEZBWzTsoAvtm33nvKhTKZj/inM5TCuVZIgzKUok8WMcI6DGLEm5DTAa34wyvoEs8eT6E2gF5EmEuigPZk94xrU4R8k4GZ0zU3mbh8fmjr4e84cAhBWADHpPYJzqjOXVp38hl8imZmPmMlLlkcWWuSg4ZrSslJJs0sROScqsKhIGKqrOzVURHTzcdhQajeWKrPSKqRVMRTHQOkmPKxvjCwyaIRO7UV0ysGqutKU5UZv6w==", "ARC-Message-Signature": "i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;\n s=arcselector10001;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;\n bh=ICxU6Pp3B3I5f73Ba2YBfHOou2+OLymfOSCLTx0eLLA=;\n b=h/0GrFiFEtkTcaSLfCLhlffBHafZida/1dZxHfJRMfLSHA1ciPODxoUZZnmValwapcW0t/1tj5t2wmxdWmNMRuksMpzrR6FOFyLAErdfQOxJT2n0zRGFczvGlNw+VqgccSbtH73EvjG26r2Zs01qfOnaTe5fB6wGSC+sTHvebENmMXhJZPYmxafd+RR92rkyB/CYCtMKavNeRr16Yrt+83o6FidvIdkTBf4HwKAF96p+AQSLt0JTKMm1F3V3l5FC17uVIT+RtLgYlHpncUvm0NiQn3Et0eK+9FE2pkYy4CAf/WC3DJ99kjXOav+nhlVgVhJc9KU93JYN7rm5bS0qAA==", "ARC-Authentication-Results": "i=1; mx.microsoft.com 1; spf=pass (sender ip is\n 149.6.166.170) smtp.rcpttodomain=canonical.com smtp.mailfrom=softathome.com;\n dmarc=bestguesspass action=none header.from=softathome.com; dkim=none\n (message not signed); arc=none (0)", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=softathome1.onmicrosoft.com; s=selector1-softathome1-onmicrosoft-com;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\n bh=ICxU6Pp3B3I5f73Ba2YBfHOou2+OLymfOSCLTx0eLLA=;\n b=n5NP7cEoRdoKFS2n6MSqBylnJxNSOxXqDgRPYAdeOlrMpJrAkIVEn8ssXHKt3LpfUC9nJxQPPd+/TqfFrQYZCHsluwLsi2naPCXD6qIvbZ57j8xoULuD0xVgDYFJfrE7q4I3Aplhoyn9xGfmZZlcGDWTnTnEDVzD9cQsgfF3l+wJSuHkD5a84mVkCLQm9n9t/3bwmqUivi04aiSS/mdnqzeYC0VgC7khhFS2Avt56RyRf5z7JFrje8q6KJ5FXKUIPmoOWOxG9zInsUxNgwZ1R/mQb44Ft9vXbvS2JPrjE92GNq71VDUKR4OUKJ3twlVewQyC9dg6JpTiTJz46NS8Xw==", "X-MS-Exchange-Authentication-Results": "spf=pass (sender IP is 149.6.166.170)\n smtp.mailfrom=softathome.com; dkim=none (message not signed)\n header.d=none;dmarc=bestguesspass action=none header.from=softathome.com;", "Received-SPF": "Pass (protection.outlook.com: domain of softathome.com\n designates 149.6.166.170 as permitted sender)\n receiver=protection.outlook.com; client-ip=149.6.166.170;\n helo=proxy.softathome.com; pr=C", "From": "Philippe Reynes <philippe.reynes@softathome.com>", "To": "marko.makela@iki.fi, jonny.green@keytechinc.com, raymondmaoca@gmail.com,\n trini@konsulko.com, simon.glass@canonical.com", "Cc": "u-boot@lists.denx.de, Philippe Reynes <philippe.reynes@softathome.com>,\n Simon Glass <sjg@chromium.org>", "Subject": "[PATCH v5 07/15] test: py: vboot: prepare integration test for ecdsa", "Date": "Tue, 21 Apr 2026 23:09:46 +0200", "Message-ID": "<20260421210954.1170437-8-philippe.reynes@softathome.com>", "X-Mailer": "git-send-email 2.43.0", "In-Reply-To": "<20260421210954.1170437-1-philippe.reynes@softathome.com>", "References": "<20260421210954.1170437-1-philippe.reynes@softathome.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-EOPAttributedMessage": "0", "X-MS-PublicTrafficType": "Email", "X-MS-TrafficTypeDiagnostic": "PA1PEPF000CC3FB:EE_|MR1PPFBA7438BF2:EE_", "Content-Type": "text/plain", "X-MS-Office365-Filtering-Correlation-Id": "dae93b79-2773-4c4b-9193-08de9fea57be", "X-MS-Exchange-SenderADCheck": "1", "X-MS-Exchange-AntiSpam-Relay": "0", "X-Microsoft-Antispam": "BCL:0;\n ARA:13230040|1800799024|36860700016|376014|82310400026|22082099003|18002099003|56012099003;", "X-Microsoft-Antispam-Message-Info": "\n Nk9fyxr02Pa+GQsRYKiWPMa3sAsXGz3NP3wmkAWRWUyEPTaBtYsA3/t+Ecedjzn8figWJ+21YbIlod/yMUlXrkYzi3xhMp2EOXeXwoWJBavajboTXRJmMIMNRrj8i2TAhC2P0Ek3s3ZZ0Ze3qMef1sukYe7cN3P9Wq2LAIOLPu5jAlfMivA9karI0wneDZQt6INGZfI/IHdzKrRcsHnfM+aF6LHWwFy5GUlCof+zGB/jfSZXcRD+WxcOzZ9NQ2tE9bQp2kq/QHcLHxZXzMe1WS7SvXQa/vHOY2GYZebhNrtRl/T5iWRpQOEVLwBUFeKM6w1Xv6fRlWGEPeVMWhfYyP1/9/XbYdPA6x262axs3yIA7RbmPlrmgEe9m8j0UTU8H/uk47tHEOjaPpxoDXOQvUQcpLmMLCYVRQJHgHVNWG7qbwcszEgg+jggEiOq3DKFZ7CnvcbCicbRSCza6OxIXpQBzzwkwPSr/myK/n/l9n0mqwyR7END+6sFTISN4qqbWoPcodd/MTRY/GUYv3uOWqvno8BZN1UYUaQVPPb1MAovppG1HsQaTwYQyixvFODyUzG69N5DjWT9z1VY5x2nV3OVFOpr+WypdKjwtRGqgGjayACTrEhA/XGR7G9ywA4egecBvltRNSIvpMsXF75exazpV+9RirSaPJMS3tNt8nxufVt84CWY5k7WsC06v4VBc9kgOSBHrs0BJtFWnz13DzSmEbfeA3Ta18+t6oDDZACiKHNGSrtd5Mk2cA9NMj51mqbjiXWgTjHpHng0yWkeNQ==", "X-Forefront-Antispam-Report": "CIP:149.6.166.170; CTRY:FR; LANG:en; SCL:1; SRV:;\n IPV:CAL; SFV:NSPM; H:proxy.softathome.com; PTR:InfoDomainNonexistent;\n CAT:NONE;\n SFS:(13230040)(1800799024)(36860700016)(376014)(82310400026)(22082099003)(18002099003)(56012099003);\n DIR:OUT; SFP:1101;", "X-MS-Exchange-AntiSpam-MessageData-ChunkCount": "1", "X-MS-Exchange-AntiSpam-MessageData-0": "\n tz7xBhB83rbDQmt8k+qATiA3vZvC6h9FnHdSfWGhccRHXmdGOF40fLJ+w/W4ZZNtaTOGnP+AWR9NNn68lAcFnf6LmH1IkQlqSQcZPdgfgWpGBz8nvHAwco+any12HtCLbd+sPDBr1URc7MsT+EZXilXmbs0KiEzPoTnpX2kk+FsA8y5TfMKu1PcgoBf4ne2KIQDj/6NVNIeUVMxFmB8o1ivvqttzwCilH5gnZZd8gqdOxGojAl+OBCYLrL7UOQxwD2bQIoemb236XR0BE0TwNrBBTHmgpCo1vTLC1fcLQd7FqyyuX63CLqdg6D2i/IO6mZHGucjZEiZ4ZRVios0wkvTFzxSnNfGuMH3KRXuivJw2oByhEG5g9wRCCXT00ZD8CclpJPzTkMBF4UuioJbdTaoeO289WYaB65PsW9CXyElXkModdPuBie5LNU9Re+2E", "X-OriginatorOrg": "softathome.com", "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "21 Apr 2026 21:09:57.6008 (UTC)", "X-MS-Exchange-CrossTenant-Network-Message-Id": "\n dae93b79-2773-4c4b-9193-08de9fea57be", "X-MS-Exchange-CrossTenant-Id": "aa10e044-e405-4c10-8353-36b4d0cce511", "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "\n TenantId=aa10e044-e405-4c10-8353-36b4d0cce511; Ip=[149.6.166.170];\n Helo=[proxy.softathome.com]", "X-MS-Exchange-CrossTenant-AuthSource": "PA1PEPF000CC3FB.FRAP264.PROD.OUTLOOK.COM", "X-MS-Exchange-CrossTenant-AuthAs": "Anonymous", "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem", "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "MR1PPFBA7438BF2", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "The vboot tests only consider rsa algo for signature.\nTo prepare the integration of ecdsa test, the signature\nalgo is now explicit.\n\nReviewed-by: Simon Glass <simon.glass@canonical.com>\nReviewed-by: Simon Glass <sjg@chromium.org>\nSigned-off-by: Philippe Reynes <philippe.reynes@softathome.com>\n---\nv2:\n- initial version\nv3:\n- no change\nv4:\n- no change\nv5:\n- no change\n\n test/py/tests/test_fit_ecdsa.py | 2 +-\n test/py/tests/test_vboot.py | 99 ++++++++++---------\n ....its => sign-configs-sha1-rsa2048-pss.its} | 0\n ...sha1.its => sign-configs-sha1-rsa2048.its} | 0\n ... sign-configs-sha256-rsa2048-pss-prod.its} | 0\n ...ts => sign-configs-sha256-rsa2048-pss.its} | 0\n ...56.its => sign-configs-sha256-rsa2048.its} | 0\n ...84.its => sign-configs-sha384-rsa3072.its} | 0\n ...s.its => sign-images-sha1-rsa2048-pss.its} | 0\n ...-sha1.its => sign-images-sha1-rsa2048.its} | 0\n ...its => sign-images-sha256-rsa2048-pss.its} | 0\n ...256.its => sign-images-sha256-rsa2048.its} | 0\n ...384.its => sign-images-sha384-rsa3072.its} | 0\n 13 files changed, 51 insertions(+), 50 deletions(-)\n rename test/py/tests/vboot/{sign-configs-sha1-pss.its => sign-configs-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha1.its => sign-configs-sha1-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss-prod.its => sign-configs-sha256-rsa2048-pss-prod.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss.its => sign-configs-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256.its => sign-configs-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha384.its => sign-configs-sha384-rsa3072.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1-pss.its => sign-images-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1.its => sign-images-sha1-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256-pss.its => sign-images-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256.its => sign-images-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha384.its => sign-images-sha384-rsa3072.its} (100%)", "diff": "diff --git a/test/py/tests/test_fit_ecdsa.py b/test/py/tests/test_fit_ecdsa.py\nindex 3e816d68eb6..e59390374af 100644\n--- a/test/py/tests/test_fit_ecdsa.py\n+++ b/test/py/tests/test_fit_ecdsa.py\n@@ -102,7 +102,7 @@ def test_fit_ecdsa(ubman):\n with open(key_file, 'w') as f:\n f.write(key.export_key(format='PEM'))\n \n- assemble_fit_image(fit_file, f'{datadir}/sign-images-sha256.its', tempdir)\n+ assemble_fit_image(fit_file, f'{datadir}/sign-images-sha256-rsa2048.its', tempdir)\n \n fit = SignableFitImage(ubman, fit_file)\n nodes = fit.find_signable_image_nodes()\ndiff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py\nindex 55518bed07e..496d314c649 100644\n--- a/test/py/tests/test_vboot.py\n+++ b/test/py/tests/test_vboot.py\n@@ -84,21 +84,21 @@ def make_fit(its, ubman, mkimage, dtc_args, datadir, fit):\n # Only run the full suite on a few combinations, since it doesn't add any more\n # test coverage.\n TESTDATA_IN = [\n- ['sha1-basic', 'sha1', '', None, False, True, False, False],\n- ['sha1-pad', 'sha1', '', '-E -p 0x10000', False, False, False, False],\n- ['sha1-pss', 'sha1', '-pss', None, False, False, False, False],\n- ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False, False, False, False],\n- ['sha256-basic', 'sha256', '', None, False, False, False, False],\n- ['sha256-pad', 'sha256', '', '-E -p 0x10000', False, False, False, False],\n- ['sha256-pss', 'sha256', '-pss', None, False, False, False, False],\n- ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False, False, False, False],\n- ['sha256-pss-required', 'sha256', '-pss', None, True, False, False, False],\n- ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', True, True, False, False],\n- ['sha384-basic', 'sha384', '', None, False, False, False, False],\n- ['sha384-pad', 'sha384', '', '-E -p 0x10000', False, False, False, False],\n- ['algo-arg', 'algo-arg', '', '-o sha256,rsa2048', False, False, True, False],\n- ['sha256-global-sign', 'sha256', '', '', False, False, False, True],\n- ['sha256-global-sign-pss', 'sha256', '-pss', '', False, False, False, True],\n+ ['sha1-basic', 'sha1', '-rsa2048', '', None, False, True, False, False],\n+ ['sha1-pad', 'sha1', '-rsa2048', '', '-E -p 0x10000', False, False, False, False],\n+ ['sha1-pss', 'sha1', '-rsa2048', '-pss', None, False, False, False, False],\n+ ['sha1-pss-pad', 'sha1', '-rsa2048', '-pss', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-basic', 'sha256', '-rsa2048', '', None, False, False, False, False],\n+ ['sha256-pad', 'sha256', '-rsa2048', '', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-pss', 'sha256', '-rsa2048', '-pss', None, False, False, False, False],\n+ ['sha256-pss-pad', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-pss-required', 'sha256', '-rsa2048', '-pss', None, True, False, False, False],\n+ ['sha256-pss-pad-required', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', True, True, False, False],\n+ ['sha384-basic', 'sha384', '-rsa3072', '', None, False, False, False, False],\n+ ['sha384-pad', 'sha384', '-rsa3072', '', '-E -p 0x10000', False, False, False, False],\n+ ['algo-arg', 'algo-arg', '', '', '-o sha256,rsa2048', False, False, True, False],\n+ ['sha256-global-sign', 'sha256', '-rsa2048', '', '', False, False, False, True],\n+ ['sha256-global-sign-pss', 'sha256', '-rsa2048', '-pss', '', False, False, False, True],\n ]\n \n # Mark all but the first test as slow, so they are not run with '-k not slow'\n@@ -111,9 +111,9 @@ TESTDATA += [pytest.param(*v, marks=pytest.mark.slow) for v in TESTDATA_IN[1:]]\n @pytest.mark.requiredtool('fdtget')\n @pytest.mark.requiredtool('fdtput')\n @pytest.mark.requiredtool('openssl')\n-@pytest.mark.parametrize(\"name,sha_algo,padding,sign_options,required,full_test,algo_arg,global_sign\",\n+@pytest.mark.parametrize(\"name,sha_algo,sig_algo,padding,sign_options,required,full_test,algo_arg,global_sign\",\n TESTDATA)\n-def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n+def test_vboot(ubman, name, sha_algo, sig_algo, padding, sign_options, required,\n full_test, algo_arg, global_sign):\n \"\"\"Test verified boot signing with mkimage and verification with 'bootm'.\n \n@@ -287,7 +287,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n utils.run_and_log(ubman, 'openssl req -batch -new -x509 -key %s%s.key '\n '-out %s%s.crt' % (tmpdir, name, tmpdir, name))\n \n- def test_with_algo(sha_algo, padding, sign_options):\n+ def test_with_algo(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test verified boot with the given hash algorithm.\n \n This is the main part of the test code. The same procedure is followed\n@@ -308,7 +308,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT, but don't sign anything yet\n ubman.log.action('%s: Test FIT with signed images' % sha_algo)\n- make_fit('sign-images-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-images-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n run_bootm(sha_algo, 'unsigned images', ' - OK' if algo_arg else 'dev-', True)\n \n # Sign images with our dev keys\n@@ -319,7 +319,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n dtc('sandbox-u-boot.dts', ubman, dtc_args, datadir, tmpdir, dtb)\n \n ubman.log.action('%s: Test FIT with signed configuration' % sha_algo)\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n run_bootm(sha_algo, 'unsigned config', '%s+ OK' % ('sha256' if algo_arg else sha_algo), True)\n \n # Sign images with our dev keys\n@@ -383,7 +383,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n run_bootm(sha_algo, 'evil clone', 'Bad Data Hash', False, efit)\n \n # Create a new properly signed fit and replace header bytes\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n bcfg = ubman.config.buildconfig\n max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0)\n@@ -415,7 +415,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n ubman, [fit_check_sign, '-f', fit, '-k', dtb],\n 1, 'Failed to verify required signature')\n \n- def test_required_key(sha_algo, padding, sign_options):\n+ def test_required_key(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test verified boot with the given hash algorithm.\n \n This function tests if U-Boot rejects an image when a required key isn't\n@@ -437,12 +437,12 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT with prod key (keys required) and sign it. This puts the\n # signature into sandbox-u-boot.dtb, marked 'required'\n- make_fit('sign-configs-%s%s-prod.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s-prod.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n \n # Build the FIT with dev key (keys NOT required). This adds the\n # signature into sandbox-u-boot.dtb, NOT marked 'required'.\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit_norequire(sha_algo, sign_options)\n \n # So now sandbox-u-boot.dtb two signatures, for the prod and dev keys.\n@@ -454,7 +454,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT with dev key (keys required) and sign it. This puts the\n # signature into sandbox-u-boot.dtb, marked 'required'.\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n \n # Set the required-mode policy to \"any\".\n@@ -534,8 +534,9 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n dtb = '%ssandbox-u-boot.dtb' % tmpdir\n sig_node = '/configurations/conf-1/signature'\n \n- create_rsa_pair('dev')\n- create_rsa_pair('prod')\n+ if sig_algo == \"-rsa2048\" or sig_algo == \"-rsa3072\" or sig_algo == \"\":\n+ create_rsa_pair('dev')\n+ create_rsa_pair('prod')\n \n # Create a number kernel image with zeroes\n with open('%stest-kernel.bin' % tmpdir, 'wb') as fd:\n@@ -554,9 +555,9 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n if global_sign:\n test_global_sign(sha_algo, padding, sign_options)\n elif required:\n- test_required_key(sha_algo, padding, sign_options)\n+ test_required_key(sha_algo, sig_algo, padding, sign_options)\n else:\n- test_with_algo(sha_algo, padding, sign_options)\n+ test_with_algo(sha_algo, sig_algo, padding, sign_options)\n finally:\n # Go back to the original U-Boot with the correct dtb.\n ubman.config.dtb = old_dtb\n@@ -564,21 +565,21 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n \n TESTDATA_IN = [\n- ['sha1-basic', 'sha1', '', None, False],\n- ['sha1-pad', 'sha1', '', '-E -p 0x10000', False],\n- ['sha1-pss', 'sha1', '-pss', None, False],\n- ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False],\n- ['sha256-basic', 'sha256', '', None, False],\n- ['sha256-pad', 'sha256', '', '-E -p 0x10000', False],\n- ['sha256-pss', 'sha256', '-pss', None, False],\n- ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False],\n- ['sha256-pss-required', 'sha256', '-pss', None, False],\n- ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', False],\n- ['sha384-basic', 'sha384', '', None, False],\n- ['sha384-pad', 'sha384', '', '-E -p 0x10000', False],\n- ['algo-arg', 'algo-arg', '', '-o sha256,rsa2048', True],\n- ['sha256-global-sign', 'sha256', '', '', False],\n- ['sha256-global-sign-pss', 'sha256', '-pss', '', False],\n+ ['sha1-basic', 'sha1', '-rsa2048', '', None, False],\n+ ['sha1-pad', 'sha1', '-rsa2048', '', '-E -p 0x10000', False],\n+ ['sha1-pss', 'sha1', '-rsa2048', '-pss', None, False],\n+ ['sha1-pss-pad', 'sha1', '-rsa2048', '-pss', '-E -p 0x10000', False],\n+ ['sha256-basic', 'sha256', '-rsa2048', '', None, False],\n+ ['sha256-pad', 'sha256', '-rsa2048', '', '-E -p 0x10000', False],\n+ ['sha256-pss', 'sha256', '-rsa2048', '-pss', None, False],\n+ ['sha256-pss-pad', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', False],\n+ ['sha256-pss-required', 'sha256', '-rsa2048', '-pss', None, False],\n+ ['sha256-pss-pad-required', 'sha256', '-rsa2048' , '-pss', '-E -p 0x10000', False],\n+ ['sha384-basic', 'sha384', '-rsa3072', '', None, False],\n+ ['sha384-pad', 'sha384', '-rsa3072', '', '-E -p 0x10000', False],\n+ ['algo-arg', 'algo-arg', '', '', '-o sha256,rsa2048', True],\n+ ['sha256-global-sign', 'sha256', '-rsa2048', '', '', False],\n+ ['sha256-global-sign-pss', 'sha256', '-rsa2048', '-pss', '', False],\n ]\n \n # Mark all but the first test as slow, so they are not run with '-k not slow'\n@@ -589,8 +590,8 @@ TESTDATA += [pytest.param(*v, marks=pytest.mark.slow) for v in TESTDATA_IN[1:]]\n @pytest.mark.buildconfigspec('fit_signature')\n @pytest.mark.requiredtool('dtc')\n @pytest.mark.requiredtool('openssl')\n-@pytest.mark.parametrize(\"name,sha_algo,padding,sign_options,algo_arg\", TESTDATA)\n-def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n+@pytest.mark.parametrize(\"name,sha_algo,sig_algo,padding,sign_options,algo_arg\", TESTDATA)\n+def test_fdt_add_pubkey(ubman, name, sha_algo, sig_algo, padding, sign_options, algo_arg):\n \"\"\"Test fdt_add_pubkey utility with bunch of different algo options.\"\"\"\n \n def sign_fit(sha_algo, options):\n@@ -609,7 +610,7 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n ubman.log.action('%s: Sign images' % sha_algo)\n utils.run_and_log(ubman, args)\n \n- def test_add_pubkey(sha_algo, padding, sign_options):\n+ def test_add_pubkey(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test fdt_add_pubkey utility with given hash algorithm and padding.\n \n This function tests if fdt_add_pubkey utility may add public keys into dtb.\n@@ -632,7 +633,7 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n 'rsa3072' if sha_algo == 'sha384' else 'rsa2048'),\n '-k', tmpdir, '-n', 'dev', '-r', 'conf', dtb])\n \n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n \n # Sign images with our dev keys\n sign_fit(sha_algo, sign_options)\n@@ -654,4 +655,4 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n \n # keys created in test_vboot test\n \n- test_add_pubkey(sha_algo, padding, sign_options)\n+ test_add_pubkey(sha_algo, sig_algo, padding, sign_options)\ndiff --git a/test/py/tests/vboot/sign-configs-sha1-pss.its b/test/py/tests/vboot/sign-configs-sha1-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha1-pss.its\nrename to test/py/tests/vboot/sign-configs-sha1-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha1.its b/test/py/tests/vboot/sign-configs-sha1-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha1.its\nrename to test/py/tests/vboot/sign-configs-sha1-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256-pss-prod.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048-pss-prod.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256-pss-prod.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048-pss-prod.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256-pss.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256-pss.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha384.its b/test/py/tests/vboot/sign-configs-sha384-rsa3072.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha384.its\nrename to test/py/tests/vboot/sign-configs-sha384-rsa3072.its\ndiff --git a/test/py/tests/vboot/sign-images-sha1-pss.its b/test/py/tests/vboot/sign-images-sha1-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha1-pss.its\nrename to test/py/tests/vboot/sign-images-sha1-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-images-sha1.its b/test/py/tests/vboot/sign-images-sha1-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha1.its\nrename to test/py/tests/vboot/sign-images-sha1-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-images-sha256-pss.its b/test/py/tests/vboot/sign-images-sha256-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha256-pss.its\nrename to test/py/tests/vboot/sign-images-sha256-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-images-sha256.its b/test/py/tests/vboot/sign-images-sha256-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha256.its\nrename to test/py/tests/vboot/sign-images-sha256-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-images-sha384.its b/test/py/tests/vboot/sign-images-sha384-rsa3072.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha384.its\nrename to test/py/tests/vboot/sign-images-sha384-rsa3072.its\n", "prefixes": [ "v5", "07/15" ] }