Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2218046/?format=api
{ "id": 2218046, "url": "http://patchwork.ozlabs.org/api/patches/2218046/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20260331100047.34618-8-philippe.reynes@softathome.com/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260331100047.34618-8-philippe.reynes@softathome.com>", "list_archive_url": null, "date": "2026-03-31T10:00:39", "name": "[v3,07/15] test: py: vboot: prepare integration test for ecdsa", "commit_ref": null, "pull_url": null, "state": "changes-requested", "archived": false, "hash": "5c793ec5c33aa546f8fed56d6ecbd9c0cc89ecb0", "submitter": { "id": 74351, "url": "http://patchwork.ozlabs.org/api/people/74351/?format=api", "name": "Philippe Reynes", "email": "philippe.reynes@softathome.com" }, "delegate": { "id": 161313, "url": "http://patchwork.ozlabs.org/api/users/161313/?format=api", "username": "raymo200915", "first_name": "Raymond", "last_name": "Mao", "email": "raymondmaoca@gmail.com" }, "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20260331100047.34618-8-philippe.reynes@softathome.com/mbox/", "series": [ { "id": 498164, "url": "http://patchwork.ozlabs.org/api/series/498164/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=498164", "date": "2026-03-31T10:00:34", "name": "add software ecdsa support", "version": 3, "mbox": "http://patchwork.ozlabs.org/series/498164/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2218046/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2218046/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.a=rsa-sha256 header.s=selector1-softathome1-onmicrosoft-com\n header.b=r6WqOJRC;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.b=\"r6WqOJRC\";\n\tdkim-atps=neutral", "phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=philippe.reynes@softathome.com" ], "Received": [ "from phobos.denx.de (phobos.denx.de\n [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4flNw96zcXz1y1q\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 31 Mar 2026 21:02:49 +1100 (AEDT)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id A8E2D8407E;\n\tTue, 31 Mar 2026 12:01:11 +0200 (CEST)", "by phobos.denx.de (Postfix, from userid 109)\n id 351DD84113; Tue, 31 Mar 2026 12:01:04 +0200 (CEST)", "from PA5P264CU001.outbound.protection.outlook.com\n (mail-francecentralazlp170100000.outbound.protection.outlook.com\n [IPv6:2a01:111:f403:c20a::])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 73A7284073\n for <u-boot@lists.denx.de>; Tue, 31 Mar 2026 12:00:56 +0200 (CEST)", "from PAZP264CA0175.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:236::34)\n by MR0P264MB5493.FRAP264.PROD.OUTLOOK.COM (2603:10a6:501:4a::16) with\n Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9769.15; Tue, 31 Mar\n 2026 10:00:53 +0000", "from PA1PEPF000CC3FB.FRAP264.PROD.OUTLOOK.COM\n (2603:10a6:102:236:cafe::c3) by PAZP264CA0175.outlook.office365.com\n (2603:10a6:102:236::34) with Microsoft SMTP Server (version=TLS1_3,\n cipher=TLS_AES_256_GCM_SHA384) id 15.20.9745.28 via Frontend Transport; Tue,\n 31 Mar 2026 10:00:27 +0000", "from proxy.softathome.com (149.6.166.170) by\n PA1PEPF000CC3FB.mail.protection.outlook.com (10.167.242.6) with Microsoft\n SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9745.21\n via Frontend Transport; Tue, 31 Mar 2026 10:00:53 +0000", "from sah1lpt726.home (unknown [192.168.72.39])\n by proxy.softathome.com (Postfix) with ESMTPSA id E849120934;\n Tue, 31 Mar 2026 12:00:52 +0200 (CEST)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_PASS,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2", "ARC-Seal": "i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;\n b=fdIGAGpAO04iCvB2gMjLOP9HogAuE4Fsg+cemkRGEz4+BwbKLmeewE94SnAZ6n10B5dva2UF1PMBBPuZxlRtbljdkVWDf0cWgx9pQ9ODPPA92ZvUZkUmYPvO9AaKoYp1RSNf/gAw6kfV8wOeQMvzDZg2EontxO1/lnnGLDj4sfUm5T904hKm0Ls0sOkRRjZaNWJO2j1KpyS1/gzAru9MxPBtZrqRgg/XuuXgHLH0CERBwRI0mz0vEMYeDKuzuNIGYxEtUe2Vq5DlA1ZP9Q+w4KU3M5tVDz7MxWjyVzKeS/D5LB1DeD3xM7iYMLBq/mNQhjqnHtGiDSTMmAZqEIH6pw==", "ARC-Message-Signature": "i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;\n s=arcselector10001;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;\n bh=n1I3WOCmBPo+tApm5ioJ1dSBuBP9JceNEX9G6bvcayU=;\n b=fGEP85jG0vmx2XQGkRiiycLXG1BbPQJKcaWCQxxfsbuRjgKqpIicbwSFKRTxJPSueain2mFCGzLABx1+mYkJ4nEl3ZfIfvW0s+tnq9ZPz12TqxIqbLrGSkevcsUcxAH9xvl4dd3hcXb/mXImlRkG7YYL8dBiP3rdN+HZ2iT0bmBRDK46uEcOW+x/70+OliJFCzJh7Orc2j2LBTNN/rFeh+FMBoTzs2VWao8Cw0TpSdrOiKOxaVG9aa1fXZXB1jFYIPwl6q+Y9HsyRbZp3HmPh9Z1OFv5hUzqDZnqOZl2tIMxT6wI3vtHsQNaSFeA5gWYLSQYBlTYbxusCqAWl+6zzw==", "ARC-Authentication-Results": "i=1; mx.microsoft.com 1; spf=pass (sender ip is\n 149.6.166.170) smtp.rcpttodomain=canonical.com smtp.mailfrom=softathome.com;\n dmarc=bestguesspass action=none header.from=softathome.com; dkim=none\n (message not signed); arc=none (0)", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=softathome1.onmicrosoft.com; s=selector1-softathome1-onmicrosoft-com;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\n bh=n1I3WOCmBPo+tApm5ioJ1dSBuBP9JceNEX9G6bvcayU=;\n b=r6WqOJRCkC+83GGrWgql3+1JKww4iG5UawiI2kitfSIOoiQgqT9vmZvxee96FqodP1nXYhweCaPuXwvbcOg9qXFiCBMVXhXnLU9vuXH30FOdtwP9IIzocuvarXErnpxRC+0gW5vr5R8mBeAL/0xq8ZmPAZ+8x2qc2FnzC22+vUWqi8umA0IcmcbhUaWg6ID8DrkIuuwzMepxi+GgUs5jpyFmthYYbOjEG40hYcWeVMgFu2037XjRcmtYiHlwCeyBN1bddCoYlRxZNnrA8jbBfLu0qP43dRcYztgi0IQ/zkijrJS8cb92ATALh35WLsWPL5es848EdvABZq0t2/lU9Q==", "X-MS-Exchange-Authentication-Results": "spf=pass (sender IP is 149.6.166.170)\n smtp.mailfrom=softathome.com; dkim=none (message not signed)\n header.d=none;dmarc=bestguesspass action=none header.from=softathome.com;", "Received-SPF": "Pass (protection.outlook.com: domain of softathome.com\n designates 149.6.166.170 as permitted sender)\n receiver=protection.outlook.com; client-ip=149.6.166.170;\n helo=proxy.softathome.com; pr=C", "From": "Philippe Reynes <philippe.reynes@softathome.com>", "To": "marko.makela@iki.fi, jonny.green@keytechinc.com, raymondmaoca@gmail.com,\n trini@konsulko.com, simon.glass@canonical.com", "Cc": "u-boot@lists.denx.de,\n\tPhilippe Reynes <philippe.reynes@softathome.com>", "Subject": "[PATCH v3 07/15] test: py: vboot: prepare integration test for ecdsa", "Date": "Tue, 31 Mar 2026 12:00:39 +0200", "Message-ID": "<20260331100047.34618-8-philippe.reynes@softathome.com>", "X-Mailer": "git-send-email 2.43.0", "In-Reply-To": "<20260331100047.34618-1-philippe.reynes@softathome.com>", "References": "<20260331100047.34618-1-philippe.reynes@softathome.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-EOPAttributedMessage": "0", "X-MS-PublicTrafficType": "Email", "X-MS-TrafficTypeDiagnostic": "PA1PEPF000CC3FB:EE_|MR0P264MB5493:EE_", "Content-Type": "text/plain", "X-MS-Office365-Filtering-Correlation-Id": "caadab2d-2e08-4154-11d7-08de8f0c6512", "X-MS-Exchange-SenderADCheck": "1", "X-MS-Exchange-AntiSpam-Relay": "0", "X-Microsoft-Antispam": "BCL:0;\n ARA:13230040|1800799024|82310400026|36860700016|376014|18002099003|22082099003|56012099003;", "X-Microsoft-Antispam-Message-Info": "\n GJ1ksDdw88H9ubccpIUjQ8Am9NRb9pSiIaQ6c9Y10+9Z6NNuQ/NgxMWKYdEcv35t3DABEH5KIcn8yUgkmGeaMC+x1Fuas1sEKS0psFXze8IYJRsSXVoppGAcRU6v1RO3GBnseYwIof5SJqyjl6m+qu2rtSDCji/HY1zd+8/6jE4PIMrhJve9BUX+8BSg+sPyPWA3j4E1TM8/+xzIytHcnrk6WdSf7mc25iTBoIUiA9JQzMSTF2GrYZklM6fJnfCApefe0K0pJYYuLWCTL8XXEi0tA/ggdnAheL+WjxDkZxcg3lIGDPiiMo/BsTchvQeQOR8nT0i3Ywy5bleZ2wgA4dCKYPN6RxLKymoYQzRTEgx+W1pA3WI1BNbfH1iLBFjUc3vjJIISd/l0eneYbO94GhAlpkOy9T7CwoBX3DejnEUcqQnyt9Fbc0zvfNsAnvOQ9+AaEYDmqaEshqkeBabxPC49vhnVez12BZXVPGWs7WvwCi/xNf74BU3F8n5v2EVb42of4bsSwAYM+9lQ1TWceRd+dTjv5Wv/AWPpD0kDELuDLlY7sKuhLE85FRupMgygiz1zb0PfNoV82MSLysTN6fpPlsdivPJH3CKqGN73KYANMVl/GzRVh5iWeoPvyCg4o09jCPA3QgbaR9VTeKgwf9Azqgj4pvckfBR74SI1nVE+7OyEpou3VSowEjjXTjW0D/gT2B792iDTuScQ451ArtSkU4sJudmgddnAfUUb7XqikpIRiZUuzHkRCMv7QbnpZiG9Vpz+/ps+VRKcWlb01w==", "X-Forefront-Antispam-Report": "CIP:149.6.166.170; CTRY:FR; LANG:en; SCL:1; SRV:;\n IPV:CAL; SFV:NSPM; H:proxy.softathome.com; PTR:InfoDomainNonexistent;\n CAT:NONE;\n SFS:(13230040)(1800799024)(82310400026)(36860700016)(376014)(18002099003)(22082099003)(56012099003);\n DIR:OUT; SFP:1101;", "X-MS-Exchange-AntiSpam-MessageData-ChunkCount": "1", "X-MS-Exchange-AntiSpam-MessageData-0": "\n BN3t/YfI0v1XFsCQmf2dfMP4lcH7CxxQMaamzexjU1q5bODaelyHRLEi2WxJrxI/BuU/ENRvWvcQJaerGVEiEoM6nBLOkvDy3vRBUJMx7cABk7rIy/9q/abQIOA/tp47tSG6Uh+vbUAa8f1FjrLTKoOY+2z//2SuWFOU9ZSze2IDEuUmUzaanIx8cv98IxOkvrKyFZAB6SCS3xoeNUfpDJfbwLEVtxIfJfrv1LXBel0TzWTzwcmwbuGjDDypEKjz2/xe0NpIRlqeqhDgPn8tbWlNo11bs8Q/Gb72H2TRHICyKuQQisePVi2msM3AS7eI7O54PKnWYyPMYJ3K1UowQiWrMFZbY5CIaRrvKQCB8VfSHjZ5JVWxaOo1e09F/+amuN2V/aXsRdBbbJCrW2YFJKBwmKYXNrmHzZGCngpM7WjI8+KMLCF8NC34PvzM4Nm1", "X-OriginatorOrg": "softathome.com", "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "31 Mar 2026 10:00:53.1156 (UTC)", "X-MS-Exchange-CrossTenant-Network-Message-Id": "\n caadab2d-2e08-4154-11d7-08de8f0c6512", "X-MS-Exchange-CrossTenant-Id": "aa10e044-e405-4c10-8353-36b4d0cce511", "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "\n TenantId=aa10e044-e405-4c10-8353-36b4d0cce511; Ip=[149.6.166.170];\n Helo=[proxy.softathome.com]", "X-MS-Exchange-CrossTenant-AuthSource": "PA1PEPF000CC3FB.FRAP264.PROD.OUTLOOK.COM", "X-MS-Exchange-CrossTenant-AuthAs": "Anonymous", "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem", "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "MR0P264MB5493", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "The vboot tests only consider rsa algo for signature.\nTo prepare the integration of ecdsa test, the signature\nalgo is now explicit.\n\nReviewed-by: Simon Glass <simon.glass@canonical.com>\nSigned-off-by: Philippe Reynes <philippe.reynes@softathome.com>\n---\nv2:\n- initial version\nv3:\n- no change\n\n test/py/tests/test_fit_ecdsa.py | 2 +-\n test/py/tests/test_vboot.py | 99 ++++++++++---------\n ....its => sign-configs-sha1-rsa2048-pss.its} | 0\n ...sha1.its => sign-configs-sha1-rsa2048.its} | 0\n ... sign-configs-sha256-rsa2048-pss-prod.its} | 0\n ...ts => sign-configs-sha256-rsa2048-pss.its} | 0\n ...56.its => sign-configs-sha256-rsa2048.its} | 0\n ...84.its => sign-configs-sha384-rsa3072.its} | 0\n ...s.its => sign-images-sha1-rsa2048-pss.its} | 0\n ...-sha1.its => sign-images-sha1-rsa2048.its} | 0\n ...its => sign-images-sha256-rsa2048-pss.its} | 0\n ...256.its => sign-images-sha256-rsa2048.its} | 0\n ...384.its => sign-images-sha384-rsa3072.its} | 0\n 13 files changed, 51 insertions(+), 50 deletions(-)\n rename test/py/tests/vboot/{sign-configs-sha1-pss.its => sign-configs-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha1.its => sign-configs-sha1-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss-prod.its => sign-configs-sha256-rsa2048-pss-prod.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss.its => sign-configs-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256.its => sign-configs-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha384.its => sign-configs-sha384-rsa3072.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1-pss.its => sign-images-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1.its => sign-images-sha1-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256-pss.its => sign-images-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256.its => sign-images-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha384.its => sign-images-sha384-rsa3072.its} (100%)", "diff": "diff --git a/test/py/tests/test_fit_ecdsa.py b/test/py/tests/test_fit_ecdsa.py\nindex 3e816d68eb6..e59390374af 100644\n--- a/test/py/tests/test_fit_ecdsa.py\n+++ b/test/py/tests/test_fit_ecdsa.py\n@@ -102,7 +102,7 @@ def test_fit_ecdsa(ubman):\n with open(key_file, 'w') as f:\n f.write(key.export_key(format='PEM'))\n \n- assemble_fit_image(fit_file, f'{datadir}/sign-images-sha256.its', tempdir)\n+ assemble_fit_image(fit_file, f'{datadir}/sign-images-sha256-rsa2048.its', tempdir)\n \n fit = SignableFitImage(ubman, fit_file)\n nodes = fit.find_signable_image_nodes()\ndiff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py\nindex 55518bed07e..496d314c649 100644\n--- a/test/py/tests/test_vboot.py\n+++ b/test/py/tests/test_vboot.py\n@@ -84,21 +84,21 @@ def make_fit(its, ubman, mkimage, dtc_args, datadir, fit):\n # Only run the full suite on a few combinations, since it doesn't add any more\n # test coverage.\n TESTDATA_IN = [\n- ['sha1-basic', 'sha1', '', None, False, True, False, False],\n- ['sha1-pad', 'sha1', '', '-E -p 0x10000', False, False, False, False],\n- ['sha1-pss', 'sha1', '-pss', None, False, False, False, False],\n- ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False, False, False, False],\n- ['sha256-basic', 'sha256', '', None, False, False, False, False],\n- ['sha256-pad', 'sha256', '', '-E -p 0x10000', False, False, False, False],\n- ['sha256-pss', 'sha256', '-pss', None, False, False, False, False],\n- ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False, False, False, False],\n- ['sha256-pss-required', 'sha256', '-pss', None, True, False, False, False],\n- ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', True, True, False, False],\n- ['sha384-basic', 'sha384', '', None, False, False, False, False],\n- ['sha384-pad', 'sha384', '', '-E -p 0x10000', False, False, False, False],\n- ['algo-arg', 'algo-arg', '', '-o sha256,rsa2048', False, False, True, False],\n- ['sha256-global-sign', 'sha256', '', '', False, False, False, True],\n- ['sha256-global-sign-pss', 'sha256', '-pss', '', False, False, False, True],\n+ ['sha1-basic', 'sha1', '-rsa2048', '', None, False, True, False, False],\n+ ['sha1-pad', 'sha1', '-rsa2048', '', '-E -p 0x10000', False, False, False, False],\n+ ['sha1-pss', 'sha1', '-rsa2048', '-pss', None, False, False, False, False],\n+ ['sha1-pss-pad', 'sha1', '-rsa2048', '-pss', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-basic', 'sha256', '-rsa2048', '', None, False, False, False, False],\n+ ['sha256-pad', 'sha256', '-rsa2048', '', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-pss', 'sha256', '-rsa2048', '-pss', None, False, False, False, False],\n+ ['sha256-pss-pad', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-pss-required', 'sha256', '-rsa2048', '-pss', None, True, False, False, False],\n+ ['sha256-pss-pad-required', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', True, True, False, False],\n+ ['sha384-basic', 'sha384', '-rsa3072', '', None, False, False, False, False],\n+ ['sha384-pad', 'sha384', '-rsa3072', '', '-E -p 0x10000', False, False, False, False],\n+ ['algo-arg', 'algo-arg', '', '', '-o sha256,rsa2048', False, False, True, False],\n+ ['sha256-global-sign', 'sha256', '-rsa2048', '', '', False, False, False, True],\n+ ['sha256-global-sign-pss', 'sha256', '-rsa2048', '-pss', '', False, False, False, True],\n ]\n \n # Mark all but the first test as slow, so they are not run with '-k not slow'\n@@ -111,9 +111,9 @@ TESTDATA += [pytest.param(*v, marks=pytest.mark.slow) for v in TESTDATA_IN[1:]]\n @pytest.mark.requiredtool('fdtget')\n @pytest.mark.requiredtool('fdtput')\n @pytest.mark.requiredtool('openssl')\n-@pytest.mark.parametrize(\"name,sha_algo,padding,sign_options,required,full_test,algo_arg,global_sign\",\n+@pytest.mark.parametrize(\"name,sha_algo,sig_algo,padding,sign_options,required,full_test,algo_arg,global_sign\",\n TESTDATA)\n-def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n+def test_vboot(ubman, name, sha_algo, sig_algo, padding, sign_options, required,\n full_test, algo_arg, global_sign):\n \"\"\"Test verified boot signing with mkimage and verification with 'bootm'.\n \n@@ -287,7 +287,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n utils.run_and_log(ubman, 'openssl req -batch -new -x509 -key %s%s.key '\n '-out %s%s.crt' % (tmpdir, name, tmpdir, name))\n \n- def test_with_algo(sha_algo, padding, sign_options):\n+ def test_with_algo(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test verified boot with the given hash algorithm.\n \n This is the main part of the test code. The same procedure is followed\n@@ -308,7 +308,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT, but don't sign anything yet\n ubman.log.action('%s: Test FIT with signed images' % sha_algo)\n- make_fit('sign-images-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-images-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n run_bootm(sha_algo, 'unsigned images', ' - OK' if algo_arg else 'dev-', True)\n \n # Sign images with our dev keys\n@@ -319,7 +319,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n dtc('sandbox-u-boot.dts', ubman, dtc_args, datadir, tmpdir, dtb)\n \n ubman.log.action('%s: Test FIT with signed configuration' % sha_algo)\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n run_bootm(sha_algo, 'unsigned config', '%s+ OK' % ('sha256' if algo_arg else sha_algo), True)\n \n # Sign images with our dev keys\n@@ -383,7 +383,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n run_bootm(sha_algo, 'evil clone', 'Bad Data Hash', False, efit)\n \n # Create a new properly signed fit and replace header bytes\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n bcfg = ubman.config.buildconfig\n max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0)\n@@ -415,7 +415,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n ubman, [fit_check_sign, '-f', fit, '-k', dtb],\n 1, 'Failed to verify required signature')\n \n- def test_required_key(sha_algo, padding, sign_options):\n+ def test_required_key(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test verified boot with the given hash algorithm.\n \n This function tests if U-Boot rejects an image when a required key isn't\n@@ -437,12 +437,12 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT with prod key (keys required) and sign it. This puts the\n # signature into sandbox-u-boot.dtb, marked 'required'\n- make_fit('sign-configs-%s%s-prod.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s-prod.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n \n # Build the FIT with dev key (keys NOT required). This adds the\n # signature into sandbox-u-boot.dtb, NOT marked 'required'.\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit_norequire(sha_algo, sign_options)\n \n # So now sandbox-u-boot.dtb two signatures, for the prod and dev keys.\n@@ -454,7 +454,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT with dev key (keys required) and sign it. This puts the\n # signature into sandbox-u-boot.dtb, marked 'required'.\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n \n # Set the required-mode policy to \"any\".\n@@ -534,8 +534,9 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n dtb = '%ssandbox-u-boot.dtb' % tmpdir\n sig_node = '/configurations/conf-1/signature'\n \n- create_rsa_pair('dev')\n- create_rsa_pair('prod')\n+ if sig_algo == \"-rsa2048\" or sig_algo == \"-rsa3072\" or sig_algo == \"\":\n+ create_rsa_pair('dev')\n+ create_rsa_pair('prod')\n \n # Create a number kernel image with zeroes\n with open('%stest-kernel.bin' % tmpdir, 'wb') as fd:\n@@ -554,9 +555,9 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n if global_sign:\n test_global_sign(sha_algo, padding, sign_options)\n elif required:\n- test_required_key(sha_algo, padding, sign_options)\n+ test_required_key(sha_algo, sig_algo, padding, sign_options)\n else:\n- test_with_algo(sha_algo, padding, sign_options)\n+ test_with_algo(sha_algo, sig_algo, padding, sign_options)\n finally:\n # Go back to the original U-Boot with the correct dtb.\n ubman.config.dtb = old_dtb\n@@ -564,21 +565,21 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n \n TESTDATA_IN = [\n- ['sha1-basic', 'sha1', '', None, False],\n- ['sha1-pad', 'sha1', '', '-E -p 0x10000', False],\n- ['sha1-pss', 'sha1', '-pss', None, False],\n- ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False],\n- ['sha256-basic', 'sha256', '', None, False],\n- ['sha256-pad', 'sha256', '', '-E -p 0x10000', False],\n- ['sha256-pss', 'sha256', '-pss', None, False],\n- ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False],\n- ['sha256-pss-required', 'sha256', '-pss', None, False],\n- ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', False],\n- ['sha384-basic', 'sha384', '', None, False],\n- ['sha384-pad', 'sha384', '', '-E -p 0x10000', False],\n- ['algo-arg', 'algo-arg', '', '-o sha256,rsa2048', True],\n- ['sha256-global-sign', 'sha256', '', '', False],\n- ['sha256-global-sign-pss', 'sha256', '-pss', '', False],\n+ ['sha1-basic', 'sha1', '-rsa2048', '', None, False],\n+ ['sha1-pad', 'sha1', '-rsa2048', '', '-E -p 0x10000', False],\n+ ['sha1-pss', 'sha1', '-rsa2048', '-pss', None, False],\n+ ['sha1-pss-pad', 'sha1', '-rsa2048', '-pss', '-E -p 0x10000', False],\n+ ['sha256-basic', 'sha256', '-rsa2048', '', None, False],\n+ ['sha256-pad', 'sha256', '-rsa2048', '', '-E -p 0x10000', False],\n+ ['sha256-pss', 'sha256', '-rsa2048', '-pss', None, False],\n+ ['sha256-pss-pad', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', False],\n+ ['sha256-pss-required', 'sha256', '-rsa2048', '-pss', None, False],\n+ ['sha256-pss-pad-required', 'sha256', '-rsa2048' , '-pss', '-E -p 0x10000', False],\n+ ['sha384-basic', 'sha384', '-rsa3072', '', None, False],\n+ ['sha384-pad', 'sha384', '-rsa3072', '', '-E -p 0x10000', False],\n+ ['algo-arg', 'algo-arg', '', '', '-o sha256,rsa2048', True],\n+ ['sha256-global-sign', 'sha256', '-rsa2048', '', '', False],\n+ ['sha256-global-sign-pss', 'sha256', '-rsa2048', '-pss', '', False],\n ]\n \n # Mark all but the first test as slow, so they are not run with '-k not slow'\n@@ -589,8 +590,8 @@ TESTDATA += [pytest.param(*v, marks=pytest.mark.slow) for v in TESTDATA_IN[1:]]\n @pytest.mark.buildconfigspec('fit_signature')\n @pytest.mark.requiredtool('dtc')\n @pytest.mark.requiredtool('openssl')\n-@pytest.mark.parametrize(\"name,sha_algo,padding,sign_options,algo_arg\", TESTDATA)\n-def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n+@pytest.mark.parametrize(\"name,sha_algo,sig_algo,padding,sign_options,algo_arg\", TESTDATA)\n+def test_fdt_add_pubkey(ubman, name, sha_algo, sig_algo, padding, sign_options, algo_arg):\n \"\"\"Test fdt_add_pubkey utility with bunch of different algo options.\"\"\"\n \n def sign_fit(sha_algo, options):\n@@ -609,7 +610,7 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n ubman.log.action('%s: Sign images' % sha_algo)\n utils.run_and_log(ubman, args)\n \n- def test_add_pubkey(sha_algo, padding, sign_options):\n+ def test_add_pubkey(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test fdt_add_pubkey utility with given hash algorithm and padding.\n \n This function tests if fdt_add_pubkey utility may add public keys into dtb.\n@@ -632,7 +633,7 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n 'rsa3072' if sha_algo == 'sha384' else 'rsa2048'),\n '-k', tmpdir, '-n', 'dev', '-r', 'conf', dtb])\n \n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n \n # Sign images with our dev keys\n sign_fit(sha_algo, sign_options)\n@@ -654,4 +655,4 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n \n # keys created in test_vboot test\n \n- test_add_pubkey(sha_algo, padding, sign_options)\n+ test_add_pubkey(sha_algo, sig_algo, padding, sign_options)\ndiff --git a/test/py/tests/vboot/sign-configs-sha1-pss.its b/test/py/tests/vboot/sign-configs-sha1-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha1-pss.its\nrename to test/py/tests/vboot/sign-configs-sha1-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha1.its b/test/py/tests/vboot/sign-configs-sha1-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha1.its\nrename to test/py/tests/vboot/sign-configs-sha1-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256-pss-prod.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048-pss-prod.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256-pss-prod.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048-pss-prod.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256-pss.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256-pss.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha384.its b/test/py/tests/vboot/sign-configs-sha384-rsa3072.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha384.its\nrename to test/py/tests/vboot/sign-configs-sha384-rsa3072.its\ndiff --git a/test/py/tests/vboot/sign-images-sha1-pss.its b/test/py/tests/vboot/sign-images-sha1-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha1-pss.its\nrename to test/py/tests/vboot/sign-images-sha1-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-images-sha1.its b/test/py/tests/vboot/sign-images-sha1-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha1.its\nrename to test/py/tests/vboot/sign-images-sha1-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-images-sha256-pss.its b/test/py/tests/vboot/sign-images-sha256-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha256-pss.its\nrename to test/py/tests/vboot/sign-images-sha256-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-images-sha256.its b/test/py/tests/vboot/sign-images-sha256-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha256.its\nrename to test/py/tests/vboot/sign-images-sha256-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-images-sha384.its b/test/py/tests/vboot/sign-images-sha384-rsa3072.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha384.its\nrename to test/py/tests/vboot/sign-images-sha384-rsa3072.its\n", "prefixes": [ "v3", "07/15" ] }