Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2224488/?format=api
{ "id": 2224488, "url": "http://patchwork.ozlabs.org/api/patches/2224488/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20260417130204.49896-8-philippe.reynes@softathome.com/", "project": { "id": 18, "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api", "name": "U-Boot", "link_name": "uboot", "list_id": "u-boot.lists.denx.de", "list_email": "u-boot@lists.denx.de", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260417130204.49896-8-philippe.reynes@softathome.com>", "list_archive_url": null, "date": "2026-04-17T13:01:57", "name": "[v4,07/14] test: py: vboot: prepare integration test for ecdsa", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": false, "hash": "5c793ec5c33aa546f8fed56d6ecbd9c0cc89ecb0", "submitter": { "id": 74351, "url": "http://patchwork.ozlabs.org/api/people/74351/?format=api", "name": "Philippe Reynes", "email": "philippe.reynes@softathome.com" }, "delegate": { "id": 161313, "url": "http://patchwork.ozlabs.org/api/users/161313/?format=api", "username": "raymo200915", "first_name": "Raymond", "last_name": "Mao", "email": "raymondmaoca@gmail.com" }, "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20260417130204.49896-8-philippe.reynes@softathome.com/mbox/", "series": [ { "id": 500332, "url": "http://patchwork.ozlabs.org/api/series/500332/?format=api", "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=500332", "date": "2026-04-17T13:02:04", "name": "add software ecdsa support", "version": 4, "mbox": "http://patchwork.ozlabs.org/series/500332/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2224488/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2224488/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<u-boot-bounces@lists.denx.de>", "X-Original-To": "incoming@patchwork.ozlabs.org", "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.a=rsa-sha256 header.s=selector1-softathome1-onmicrosoft-com\n header.b=k+DDadeS;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)", "phobos.denx.de;\n dmarc=none (p=none dis=none) header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de", "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=softathome1.onmicrosoft.com header.i=@softathome1.onmicrosoft.com\n header.b=\"k+DDadeS\";\n\tdkim-atps=neutral", "phobos.denx.de; dmarc=none (p=none dis=none)\n header.from=softathome.com", "phobos.denx.de;\n spf=pass smtp.mailfrom=philippe.reynes@softathome.com" ], "Received": [ "from phobos.denx.de (phobos.denx.de\n [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fxw7k4Y0Vz1yCv\n\tfor <incoming@patchwork.ozlabs.org>; Fri, 17 Apr 2026 23:04:18 +1000 (AEST)", "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 9AB91843A4;\n\tFri, 17 Apr 2026 15:02:23 +0200 (CEST)", "by phobos.denx.de (Postfix, from userid 109)\n id 54F9C842ED; Fri, 17 Apr 2026 15:02:21 +0200 (CEST)", "from PA5P264CU001.outbound.protection.outlook.com\n (mail-francecentralazlp170100000.outbound.protection.outlook.com\n [IPv6:2a01:111:f403:c20a::])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 57E2E84320\n for <u-boot@lists.denx.de>; Fri, 17 Apr 2026 15:02:18 +0200 (CEST)", "from PR1P264CA0047.FRAP264.PROD.OUTLOOK.COM (2603:10a6:102:2cb::8)\n by MRZP264MB1752.FRAP264.PROD.OUTLOOK.COM (2603:10a6:501:8::13) with\n Microsoft SMTP Server (version=TLS1_2,\n cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9818.25; Fri, 17 Apr\n 2026 13:02:10 +0000", "from PA3PEPF000089B9.FRAP264.PROD.OUTLOOK.COM\n (2603:10a6:102:2cb:cafe::52) by PR1P264CA0047.outlook.office365.com\n (2603:10a6:102:2cb::8) with Microsoft SMTP Server (version=TLS1_3,\n cipher=TLS_AES_256_GCM_SHA384) id 15.20.9769.52 via Frontend Transport; Fri,\n 17 Apr 2026 13:02:10 +0000", "from proxy.softathome.com (149.6.166.170) by\n PA3PEPF000089B9.mail.protection.outlook.com (10.167.242.21) with Microsoft\n SMTP Server (version=TLS1_3, cipher=TLS_AES_256_GCM_SHA384) id 15.20.9769.17\n via Frontend Transport; Fri, 17 Apr 2026 13:02:10 +0000", "from sah1lpt726.home (unknown [192.168.72.39])\n by proxy.softathome.com (Postfix) with ESMTPSA id 2061220ED9;\n Fri, 17 Apr 2026 15:02:10 +0200 (CEST)" ], "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de", "X-Spam-Level": "", "X-Spam-Status": "No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,RCVD_IN_DNSWL_BLOCKED,SPF_HELO_PASS,SPF_PASS autolearn=ham\n autolearn_force=no version=3.4.2", "ARC-Seal": "i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;\n b=AQfX3+jMc+Wp5IF5BzwfGDCdEwdqlgF84gZAPzBiw9Mv5VtfcbW6A1xc/BvceyO8Yt/3High1aR1BoAw8aDG53D+blzvlV5LpBr2YHvHQ+nA68Z/99wTVMSdxMmlgISI89XEhqdtjpeoERr3hoAqFzm6wvaboxdRyVgC+kVyMrT8bJrCMuLEQa0y3mt3L3TeymvmeNY6LerIkfTgt39SDif09tKYFe1eQdgaAZBoy2Y5sQ0/ra5+cbDDVeEAxpD0/EEsJz+B+fZFnt9y7BPrO/pR49cySF4x9q/ideIWohYqz3P6/wpeEQ7iX2mvfmCJlqst7OsgcuMqVmGzmNoTOw==", "ARC-Message-Signature": "i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;\n s=arcselector10001;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;\n bh=DLPIIjt9Qva5Q645iFfhCiy7EW2/P+qz+kQCpwOn73M=;\n b=NxsZn9cSFDLujwT6tMryi6XyEy7A7Scc9vsYVGJMpRAjCueVA5RDRKTCUKQ8yhHw2a6/+bxtebJTT3aV1UDZAwQEIodIp9HbFpMHiAHrKOjexKr4Ao1r/HCWWeo0M30LBVJitJwKar/trOYHyBpZlWxlkKS6LfqUpfvkpbq690oxrfWeO0Av/AY1tqEUHAtzbcD8+LkLZMzHpHIH4FI/7Jwl4zH0ojJaQ9/aYiyi0DKdfkrjOF4Y1kv7cVyC89u4leJJnXT0+BR4HZ/DzVjuOGS66fe6HaZgfMDz2tCbz5agaS276FuqvXmyFVyS/CknkfD8DGLihHlOm30ON11y7Q==", "ARC-Authentication-Results": "i=1; mx.microsoft.com 1; spf=pass (sender ip is\n 149.6.166.170) smtp.rcpttodomain=canonical.com smtp.mailfrom=softathome.com;\n dmarc=bestguesspass action=none header.from=softathome.com; dkim=none\n (message not signed); arc=none (0)", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=softathome1.onmicrosoft.com; s=selector1-softathome1-onmicrosoft-com;\n h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;\n bh=DLPIIjt9Qva5Q645iFfhCiy7EW2/P+qz+kQCpwOn73M=;\n b=k+DDadeSlMpCnQuUcNfbNrZKBvN1elWUynaUIUWy3yViCiumCtffCNUhu3fScPgQgqYQe7uh8rNa8ZG6vXN5qVC6EQgx2aW+52I9yr8hGrixlC38TuEXRVqCXNTNDM+JEBGIsd8e4viZLnxRdfjIIsz3078ASGwcasFAd47AXUxRqVVuQ6kiEw0X+9Thbrz1ifmIDSO62F4YzKxeZTE7Ih0NNEAnEq9cXa6YgknUfdhu0YNSdiXI21Gt1fJ9472DprUFe25gCUhHYZ/x/UExpJtdr0ABIfScoxFb0oGuIyxBjy7jafd+SAVyfdUp5XcvQTyOBKvIkbj1KqguJoZekg==", "X-MS-Exchange-Authentication-Results": "spf=pass (sender IP is 149.6.166.170)\n smtp.mailfrom=softathome.com; dkim=none (message not signed)\n header.d=none;dmarc=bestguesspass action=none header.from=softathome.com;", "Received-SPF": "Pass (protection.outlook.com: domain of softathome.com\n designates 149.6.166.170 as permitted sender)\n receiver=protection.outlook.com; client-ip=149.6.166.170;\n helo=proxy.softathome.com; pr=C", "From": "Philippe Reynes <philippe.reynes@softathome.com>", "To": "marko.makela@iki.fi, jonny.green@keytechinc.com, raymondmaoca@gmail.com,\n trini@konsulko.com, simon.glass@canonical.com", "Cc": "u-boot@lists.denx.de, Philippe Reynes <philippe.reynes@softathome.com>,\n Simon Glass <sjg@chromium.org>", "Subject": "[PATCH v4 07/14] test: py: vboot: prepare integration test for ecdsa", "Date": "Fri, 17 Apr 2026 15:01:57 +0200", "Message-ID": "<20260417130204.49896-8-philippe.reynes@softathome.com>", "X-Mailer": "git-send-email 2.43.0", "In-Reply-To": "<20260417130204.49896-1-philippe.reynes@softathome.com>", "References": "<20260417130204.49896-1-philippe.reynes@softathome.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-EOPAttributedMessage": "0", "X-MS-PublicTrafficType": "Email", "X-MS-TrafficTypeDiagnostic": "PA3PEPF000089B9:EE_|MRZP264MB1752:EE_", "Content-Type": "text/plain", "X-MS-Office365-Filtering-Correlation-Id": "79945d9e-88c3-442a-8cb7-08de9c81897d", "X-MS-Exchange-SenderADCheck": "1", "X-MS-Exchange-AntiSpam-Relay": "0", "X-Microsoft-Antispam": "BCL:0;\n ARA:13230040|1800799024|82310400026|36860700016|376014|18002099003|22082099003|56012099003;", "X-Microsoft-Antispam-Message-Info": "\n KUxFFKs1ETYEhEQgZNYcGIzTZ5u4XsHDOrjDV/fGSgbfxfO6xdaUmO0jlXm+08Z2SGBStqMg7jwMa4q4foHVeru9hVqUGDO0s4mF7WQ5my/GkRpVQLGuVNOSv0OU8ula/PJsIIkOYFKit8ciuSQoxBZSKX5LkSKy82c5TPnsuStyQ99wOPdozqW9xYHzzQtVIkvjuAiuc+WRZhjviVFmwvC6yQz2nLFKxsHeCWuh6HyLCq/H6g5diit60LUTLvGt+c+k4aI3+JafuXoJRwFhTWkv+6YLQaXu9aSAjJtgQmpEjOQsOgXXet2RIlZTTC6uEg8SyVBIFmg5CHOpUu1cU8TQB0UfkqU8AXAknFJwOsWBglw4YDYF7FCF0QH593ODWicxFOE1pcxUg4SNYV2TNrwJ/4YSkvL05Bf13JZorZXSjCJfD12ZzW7IGsySFhG2lpGPPKcHdc/W/8rr0hNGF1r7l6+w/L5uI9RxPf608VUPdN8sCwte0JMr8SExQd8oSVDVDq9eVM4BOkrc9izN+Wwhk7Otn/NBVKX8x1zltmOLeg5s5Mw8A2TUeO7EcG6shh4sJfUUGy0wmpfUZkBrBmld/rG0qQMrEO2We5rnGfn+HczfaWrzHZrSCadBtDjIqzprOardkHUJrCHyhapx1EItvBwa3aZMpI7Bo/2xGep7gHhVlYWYvNYerNgWPs3vhB+lE6xcZuzuUyX9Apm+Sgyxyiw7nZhkaa48k2sOiEniMQw16G0I6rAjh+gcl49yvnnoo3vVe5LfnKS17FrYBQ==", "X-Forefront-Antispam-Report": "CIP:149.6.166.170; CTRY:FR; LANG:en; SCL:1; SRV:;\n IPV:CAL; SFV:NSPM; H:proxy.softathome.com; PTR:InfoDomainNonexistent;\n CAT:NONE;\n SFS:(13230040)(1800799024)(82310400026)(36860700016)(376014)(18002099003)(22082099003)(56012099003);\n DIR:OUT; SFP:1101;", "X-MS-Exchange-AntiSpam-MessageData-ChunkCount": "1", "X-MS-Exchange-AntiSpam-MessageData-0": "\n +gF8PVd+pBKxOC1KKnSZSn6dZu0t+kNGHAyq3+392XEnWedspQYjo3ajrgjoTAR+Rpm/IXX27vUfVZlTU53cD65BIpn39r7wYLYgBpVklBGaeU4PLu5vDs4Z4Uf7VnXkMrqxxXTU+aPIL+FReZO2Ube5Rr3SoS6gBxcIJWkDulJCIWahWKs3E4NKbjbrCYtrnlSQcWvL36WNqtO3uwLouBNeZDWvcT9AxMzHTXtp59sUzNbIJxTpIOW33pipuEAzabqFtThdmDivPXgzw1iGz2b/pI8hy9Jos1f4dUtLjIYfVb1rBo6/fA8avJQ5vpFHi+FSH1ShqZhkMz0ZRb19Tk53yvH/7vAxOE+dlBY/bah6ka0i8cL9C++aqyc+Y61P9hhqaXib/d7OO8Js9x8sotnzzJYsxSnsxvfwyLtue2g8b/zed2Evbh+QqZrQYFUg", "X-OriginatorOrg": "softathome.com", "X-MS-Exchange-CrossTenant-OriginalArrivalTime": "17 Apr 2026 13:02:10.4116 (UTC)", "X-MS-Exchange-CrossTenant-Network-Message-Id": "\n 79945d9e-88c3-442a-8cb7-08de9c81897d", "X-MS-Exchange-CrossTenant-Id": "aa10e044-e405-4c10-8353-36b4d0cce511", "X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp": "\n TenantId=aa10e044-e405-4c10-8353-36b4d0cce511; Ip=[149.6.166.170];\n Helo=[proxy.softathome.com]", "X-MS-Exchange-CrossTenant-AuthSource": "PA3PEPF000089B9.FRAP264.PROD.OUTLOOK.COM", "X-MS-Exchange-CrossTenant-AuthAs": "Anonymous", "X-MS-Exchange-CrossTenant-FromEntityHeader": "HybridOnPrem", "X-MS-Exchange-Transport-CrossTenantHeadersStamped": "MRZP264MB1752", "X-BeenThere": "u-boot@lists.denx.de", "X-Mailman-Version": "2.1.39", "Precedence": "list", "List-Id": "U-Boot discussion <u-boot.lists.denx.de>", "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>", "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>", "List-Post": "<mailto:u-boot@lists.denx.de>", "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>", "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>", "Errors-To": "u-boot-bounces@lists.denx.de", "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>", "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de", "X-Virus-Status": "Clean" }, "content": "The vboot tests only consider rsa algo for signature.\nTo prepare the integration of ecdsa test, the signature\nalgo is now explicit.\n\nReviewed-by: Simon Glass <simon.glass@canonical.com>\nReviewed-by: Simon Glass <sjg@chromium.org>\nSigned-off-by: Philippe Reynes <philippe.reynes@softathome.com>\n---\nv2:\n- initial version\nv3:\n- no change\nv4:\n- no change\n\n test/py/tests/test_fit_ecdsa.py | 2 +-\n test/py/tests/test_vboot.py | 99 ++++++++++---------\n ....its => sign-configs-sha1-rsa2048-pss.its} | 0\n ...sha1.its => sign-configs-sha1-rsa2048.its} | 0\n ... sign-configs-sha256-rsa2048-pss-prod.its} | 0\n ...ts => sign-configs-sha256-rsa2048-pss.its} | 0\n ...56.its => sign-configs-sha256-rsa2048.its} | 0\n ...84.its => sign-configs-sha384-rsa3072.its} | 0\n ...s.its => sign-images-sha1-rsa2048-pss.its} | 0\n ...-sha1.its => sign-images-sha1-rsa2048.its} | 0\n ...its => sign-images-sha256-rsa2048-pss.its} | 0\n ...256.its => sign-images-sha256-rsa2048.its} | 0\n ...384.its => sign-images-sha384-rsa3072.its} | 0\n 13 files changed, 51 insertions(+), 50 deletions(-)\n rename test/py/tests/vboot/{sign-configs-sha1-pss.its => sign-configs-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha1.its => sign-configs-sha1-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss-prod.its => sign-configs-sha256-rsa2048-pss-prod.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256-pss.its => sign-configs-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha256.its => sign-configs-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-configs-sha384.its => sign-configs-sha384-rsa3072.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1-pss.its => sign-images-sha1-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha1.its => sign-images-sha1-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256-pss.its => sign-images-sha256-rsa2048-pss.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha256.its => sign-images-sha256-rsa2048.its} (100%)\n rename test/py/tests/vboot/{sign-images-sha384.its => sign-images-sha384-rsa3072.its} (100%)", "diff": "diff --git a/test/py/tests/test_fit_ecdsa.py b/test/py/tests/test_fit_ecdsa.py\nindex 3e816d68eb6..e59390374af 100644\n--- a/test/py/tests/test_fit_ecdsa.py\n+++ b/test/py/tests/test_fit_ecdsa.py\n@@ -102,7 +102,7 @@ def test_fit_ecdsa(ubman):\n with open(key_file, 'w') as f:\n f.write(key.export_key(format='PEM'))\n \n- assemble_fit_image(fit_file, f'{datadir}/sign-images-sha256.its', tempdir)\n+ assemble_fit_image(fit_file, f'{datadir}/sign-images-sha256-rsa2048.its', tempdir)\n \n fit = SignableFitImage(ubman, fit_file)\n nodes = fit.find_signable_image_nodes()\ndiff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py\nindex 55518bed07e..496d314c649 100644\n--- a/test/py/tests/test_vboot.py\n+++ b/test/py/tests/test_vboot.py\n@@ -84,21 +84,21 @@ def make_fit(its, ubman, mkimage, dtc_args, datadir, fit):\n # Only run the full suite on a few combinations, since it doesn't add any more\n # test coverage.\n TESTDATA_IN = [\n- ['sha1-basic', 'sha1', '', None, False, True, False, False],\n- ['sha1-pad', 'sha1', '', '-E -p 0x10000', False, False, False, False],\n- ['sha1-pss', 'sha1', '-pss', None, False, False, False, False],\n- ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False, False, False, False],\n- ['sha256-basic', 'sha256', '', None, False, False, False, False],\n- ['sha256-pad', 'sha256', '', '-E -p 0x10000', False, False, False, False],\n- ['sha256-pss', 'sha256', '-pss', None, False, False, False, False],\n- ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False, False, False, False],\n- ['sha256-pss-required', 'sha256', '-pss', None, True, False, False, False],\n- ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', True, True, False, False],\n- ['sha384-basic', 'sha384', '', None, False, False, False, False],\n- ['sha384-pad', 'sha384', '', '-E -p 0x10000', False, False, False, False],\n- ['algo-arg', 'algo-arg', '', '-o sha256,rsa2048', False, False, True, False],\n- ['sha256-global-sign', 'sha256', '', '', False, False, False, True],\n- ['sha256-global-sign-pss', 'sha256', '-pss', '', False, False, False, True],\n+ ['sha1-basic', 'sha1', '-rsa2048', '', None, False, True, False, False],\n+ ['sha1-pad', 'sha1', '-rsa2048', '', '-E -p 0x10000', False, False, False, False],\n+ ['sha1-pss', 'sha1', '-rsa2048', '-pss', None, False, False, False, False],\n+ ['sha1-pss-pad', 'sha1', '-rsa2048', '-pss', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-basic', 'sha256', '-rsa2048', '', None, False, False, False, False],\n+ ['sha256-pad', 'sha256', '-rsa2048', '', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-pss', 'sha256', '-rsa2048', '-pss', None, False, False, False, False],\n+ ['sha256-pss-pad', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', False, False, False, False],\n+ ['sha256-pss-required', 'sha256', '-rsa2048', '-pss', None, True, False, False, False],\n+ ['sha256-pss-pad-required', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', True, True, False, False],\n+ ['sha384-basic', 'sha384', '-rsa3072', '', None, False, False, False, False],\n+ ['sha384-pad', 'sha384', '-rsa3072', '', '-E -p 0x10000', False, False, False, False],\n+ ['algo-arg', 'algo-arg', '', '', '-o sha256,rsa2048', False, False, True, False],\n+ ['sha256-global-sign', 'sha256', '-rsa2048', '', '', False, False, False, True],\n+ ['sha256-global-sign-pss', 'sha256', '-rsa2048', '-pss', '', False, False, False, True],\n ]\n \n # Mark all but the first test as slow, so they are not run with '-k not slow'\n@@ -111,9 +111,9 @@ TESTDATA += [pytest.param(*v, marks=pytest.mark.slow) for v in TESTDATA_IN[1:]]\n @pytest.mark.requiredtool('fdtget')\n @pytest.mark.requiredtool('fdtput')\n @pytest.mark.requiredtool('openssl')\n-@pytest.mark.parametrize(\"name,sha_algo,padding,sign_options,required,full_test,algo_arg,global_sign\",\n+@pytest.mark.parametrize(\"name,sha_algo,sig_algo,padding,sign_options,required,full_test,algo_arg,global_sign\",\n TESTDATA)\n-def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n+def test_vboot(ubman, name, sha_algo, sig_algo, padding, sign_options, required,\n full_test, algo_arg, global_sign):\n \"\"\"Test verified boot signing with mkimage and verification with 'bootm'.\n \n@@ -287,7 +287,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n utils.run_and_log(ubman, 'openssl req -batch -new -x509 -key %s%s.key '\n '-out %s%s.crt' % (tmpdir, name, tmpdir, name))\n \n- def test_with_algo(sha_algo, padding, sign_options):\n+ def test_with_algo(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test verified boot with the given hash algorithm.\n \n This is the main part of the test code. The same procedure is followed\n@@ -308,7 +308,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT, but don't sign anything yet\n ubman.log.action('%s: Test FIT with signed images' % sha_algo)\n- make_fit('sign-images-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-images-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n run_bootm(sha_algo, 'unsigned images', ' - OK' if algo_arg else 'dev-', True)\n \n # Sign images with our dev keys\n@@ -319,7 +319,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n dtc('sandbox-u-boot.dts', ubman, dtc_args, datadir, tmpdir, dtb)\n \n ubman.log.action('%s: Test FIT with signed configuration' % sha_algo)\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n run_bootm(sha_algo, 'unsigned config', '%s+ OK' % ('sha256' if algo_arg else sha_algo), True)\n \n # Sign images with our dev keys\n@@ -383,7 +383,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n run_bootm(sha_algo, 'evil clone', 'Bad Data Hash', False, efit)\n \n # Create a new properly signed fit and replace header bytes\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n bcfg = ubman.config.buildconfig\n max_size = int(bcfg.get('config_fit_signature_max_size', 0x10000000), 0)\n@@ -415,7 +415,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n ubman, [fit_check_sign, '-f', fit, '-k', dtb],\n 1, 'Failed to verify required signature')\n \n- def test_required_key(sha_algo, padding, sign_options):\n+ def test_required_key(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test verified boot with the given hash algorithm.\n \n This function tests if U-Boot rejects an image when a required key isn't\n@@ -437,12 +437,12 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT with prod key (keys required) and sign it. This puts the\n # signature into sandbox-u-boot.dtb, marked 'required'\n- make_fit('sign-configs-%s%s-prod.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s-prod.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n \n # Build the FIT with dev key (keys NOT required). This adds the\n # signature into sandbox-u-boot.dtb, NOT marked 'required'.\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit_norequire(sha_algo, sign_options)\n \n # So now sandbox-u-boot.dtb two signatures, for the prod and dev keys.\n@@ -454,7 +454,7 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n # Build the FIT with dev key (keys required) and sign it. This puts the\n # signature into sandbox-u-boot.dtb, marked 'required'.\n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n sign_fit(sha_algo, sign_options)\n \n # Set the required-mode policy to \"any\".\n@@ -534,8 +534,9 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n dtb = '%ssandbox-u-boot.dtb' % tmpdir\n sig_node = '/configurations/conf-1/signature'\n \n- create_rsa_pair('dev')\n- create_rsa_pair('prod')\n+ if sig_algo == \"-rsa2048\" or sig_algo == \"-rsa3072\" or sig_algo == \"\":\n+ create_rsa_pair('dev')\n+ create_rsa_pair('prod')\n \n # Create a number kernel image with zeroes\n with open('%stest-kernel.bin' % tmpdir, 'wb') as fd:\n@@ -554,9 +555,9 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n if global_sign:\n test_global_sign(sha_algo, padding, sign_options)\n elif required:\n- test_required_key(sha_algo, padding, sign_options)\n+ test_required_key(sha_algo, sig_algo, padding, sign_options)\n else:\n- test_with_algo(sha_algo, padding, sign_options)\n+ test_with_algo(sha_algo, sig_algo, padding, sign_options)\n finally:\n # Go back to the original U-Boot with the correct dtb.\n ubman.config.dtb = old_dtb\n@@ -564,21 +565,21 @@ def test_vboot(ubman, name, sha_algo, padding, sign_options, required,\n \n \n TESTDATA_IN = [\n- ['sha1-basic', 'sha1', '', None, False],\n- ['sha1-pad', 'sha1', '', '-E -p 0x10000', False],\n- ['sha1-pss', 'sha1', '-pss', None, False],\n- ['sha1-pss-pad', 'sha1', '-pss', '-E -p 0x10000', False],\n- ['sha256-basic', 'sha256', '', None, False],\n- ['sha256-pad', 'sha256', '', '-E -p 0x10000', False],\n- ['sha256-pss', 'sha256', '-pss', None, False],\n- ['sha256-pss-pad', 'sha256', '-pss', '-E -p 0x10000', False],\n- ['sha256-pss-required', 'sha256', '-pss', None, False],\n- ['sha256-pss-pad-required', 'sha256', '-pss', '-E -p 0x10000', False],\n- ['sha384-basic', 'sha384', '', None, False],\n- ['sha384-pad', 'sha384', '', '-E -p 0x10000', False],\n- ['algo-arg', 'algo-arg', '', '-o sha256,rsa2048', True],\n- ['sha256-global-sign', 'sha256', '', '', False],\n- ['sha256-global-sign-pss', 'sha256', '-pss', '', False],\n+ ['sha1-basic', 'sha1', '-rsa2048', '', None, False],\n+ ['sha1-pad', 'sha1', '-rsa2048', '', '-E -p 0x10000', False],\n+ ['sha1-pss', 'sha1', '-rsa2048', '-pss', None, False],\n+ ['sha1-pss-pad', 'sha1', '-rsa2048', '-pss', '-E -p 0x10000', False],\n+ ['sha256-basic', 'sha256', '-rsa2048', '', None, False],\n+ ['sha256-pad', 'sha256', '-rsa2048', '', '-E -p 0x10000', False],\n+ ['sha256-pss', 'sha256', '-rsa2048', '-pss', None, False],\n+ ['sha256-pss-pad', 'sha256', '-rsa2048', '-pss', '-E -p 0x10000', False],\n+ ['sha256-pss-required', 'sha256', '-rsa2048', '-pss', None, False],\n+ ['sha256-pss-pad-required', 'sha256', '-rsa2048' , '-pss', '-E -p 0x10000', False],\n+ ['sha384-basic', 'sha384', '-rsa3072', '', None, False],\n+ ['sha384-pad', 'sha384', '-rsa3072', '', '-E -p 0x10000', False],\n+ ['algo-arg', 'algo-arg', '', '', '-o sha256,rsa2048', True],\n+ ['sha256-global-sign', 'sha256', '-rsa2048', '', '', False],\n+ ['sha256-global-sign-pss', 'sha256', '-rsa2048', '-pss', '', False],\n ]\n \n # Mark all but the first test as slow, so they are not run with '-k not slow'\n@@ -589,8 +590,8 @@ TESTDATA += [pytest.param(*v, marks=pytest.mark.slow) for v in TESTDATA_IN[1:]]\n @pytest.mark.buildconfigspec('fit_signature')\n @pytest.mark.requiredtool('dtc')\n @pytest.mark.requiredtool('openssl')\n-@pytest.mark.parametrize(\"name,sha_algo,padding,sign_options,algo_arg\", TESTDATA)\n-def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n+@pytest.mark.parametrize(\"name,sha_algo,sig_algo,padding,sign_options,algo_arg\", TESTDATA)\n+def test_fdt_add_pubkey(ubman, name, sha_algo, sig_algo, padding, sign_options, algo_arg):\n \"\"\"Test fdt_add_pubkey utility with bunch of different algo options.\"\"\"\n \n def sign_fit(sha_algo, options):\n@@ -609,7 +610,7 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n ubman.log.action('%s: Sign images' % sha_algo)\n utils.run_and_log(ubman, args)\n \n- def test_add_pubkey(sha_algo, padding, sign_options):\n+ def test_add_pubkey(sha_algo, sig_algo, padding, sign_options):\n \"\"\"Test fdt_add_pubkey utility with given hash algorithm and padding.\n \n This function tests if fdt_add_pubkey utility may add public keys into dtb.\n@@ -632,7 +633,7 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n 'rsa3072' if sha_algo == 'sha384' else 'rsa2048'),\n '-k', tmpdir, '-n', 'dev', '-r', 'conf', dtb])\n \n- make_fit('sign-configs-%s%s.its' % (sha_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n+ make_fit('sign-configs-%s%s%s.its' % (sha_algo, sig_algo, padding), ubman, mkimage, dtc_args, datadir, fit)\n \n # Sign images with our dev keys\n sign_fit(sha_algo, sign_options)\n@@ -654,4 +655,4 @@ def test_fdt_add_pubkey(ubman, name, sha_algo, padding, sign_options, algo_arg):\n \n # keys created in test_vboot test\n \n- test_add_pubkey(sha_algo, padding, sign_options)\n+ test_add_pubkey(sha_algo, sig_algo, padding, sign_options)\ndiff --git a/test/py/tests/vboot/sign-configs-sha1-pss.its b/test/py/tests/vboot/sign-configs-sha1-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha1-pss.its\nrename to test/py/tests/vboot/sign-configs-sha1-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha1.its b/test/py/tests/vboot/sign-configs-sha1-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha1.its\nrename to test/py/tests/vboot/sign-configs-sha1-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256-pss-prod.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048-pss-prod.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256-pss-prod.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048-pss-prod.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256-pss.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256-pss.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha256.its b/test/py/tests/vboot/sign-configs-sha256-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha256.its\nrename to test/py/tests/vboot/sign-configs-sha256-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-configs-sha384.its b/test/py/tests/vboot/sign-configs-sha384-rsa3072.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-configs-sha384.its\nrename to test/py/tests/vboot/sign-configs-sha384-rsa3072.its\ndiff --git a/test/py/tests/vboot/sign-images-sha1-pss.its b/test/py/tests/vboot/sign-images-sha1-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha1-pss.its\nrename to test/py/tests/vboot/sign-images-sha1-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-images-sha1.its b/test/py/tests/vboot/sign-images-sha1-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha1.its\nrename to test/py/tests/vboot/sign-images-sha1-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-images-sha256-pss.its b/test/py/tests/vboot/sign-images-sha256-rsa2048-pss.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha256-pss.its\nrename to test/py/tests/vboot/sign-images-sha256-rsa2048-pss.its\ndiff --git a/test/py/tests/vboot/sign-images-sha256.its b/test/py/tests/vboot/sign-images-sha256-rsa2048.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha256.its\nrename to test/py/tests/vboot/sign-images-sha256-rsa2048.its\ndiff --git a/test/py/tests/vboot/sign-images-sha384.its b/test/py/tests/vboot/sign-images-sha384-rsa3072.its\nsimilarity index 100%\nrename from test/py/tests/vboot/sign-images-sha384.its\nrename to test/py/tests/vboot/sign-images-sha384-rsa3072.its\n", "prefixes": [ "v4", "07/14" ] }