[PATCH v7 03/11] sandbox: capsule: Add keys and certificates needed for capsule update testing

Simon Glass sjg at chromium.org
Sat Aug 5 17:03:48 CEST 2023


Hi Sughosh,

On Sat, 5 Aug 2023 at 05:35, Sughosh Ganu <sughosh.ganu at linaro.org> wrote:
>
> Add the private keys and public key certificates which are to be used
> for capsule authentication while testing the EFI capsule update
> functionality. There are two pairs of private and public keys. The
> SIGNER.{key,crt} pair will be used for signing capsules, whilst the
> SIGNER2.{key,crt} pair is to be used as malicious keys for testing
> authentication failure cases. The SIGNER.crt is also converted to an
> EFI Signature List(ESL) file, SIGNER.esl, which is embedded in the
> platform's device-tree for capsule authentication.
>
> Signed-off-by: Sughosh Ganu <sughosh.ganu at linaro.org>
> ---
> Changes since V6:
> * New patch that puts the keys and cert files under board/sandbox/
>   directory as suggested Simon Glass.
>
>  board/sandbox/SIGNER.crt  |  19 +++++++++++++++++++
>  board/sandbox/SIGNER.esl  | Bin 0 -> 831 bytes
>  board/sandbox/SIGNER.key  |  28 ++++++++++++++++++++++++++++
>  board/sandbox/SIGNER2.crt |  19 +++++++++++++++++++
>  board/sandbox/SIGNER2.key |  28 ++++++++++++++++++++++++++++
>  5 files changed, 94 insertions(+)
>  create mode 100644 board/sandbox/SIGNER.crt
>  create mode 100644 board/sandbox/SIGNER.esl
>  create mode 100644 board/sandbox/SIGNER.key
>  create mode 100644 board/sandbox/SIGNER2.crt
>  create mode 100644 board/sandbox/SIGNER2.key

Can we call these good.* and bad.* so it is clear what they are for?
Also, please avoid capital letters in filenames.

Regards,
Simon


More information about the U-Boot mailing list