[PATCH v7 03/11] sandbox: capsule: Add keys and certificates needed for capsule update testing

Sughosh Ganu sughosh.ganu at linaro.org
Sat Aug 5 19:50:13 CEST 2023


hi Simon,

On Sat, 5 Aug 2023 at 20:34, Simon Glass <sjg at chromium.org> wrote:
>
> Hi Sughosh,
>
> On Sat, 5 Aug 2023 at 05:35, Sughosh Ganu <sughosh.ganu at linaro.org> wrote:
> >
> > Add the private keys and public key certificates which are to be used
> > for capsule authentication while testing the EFI capsule update
> > functionality. There are two pairs of private and public keys. The
> > SIGNER.{key,crt} pair will be used for signing capsules, whilst the
> > SIGNER2.{key,crt} pair is to be used as malicious keys for testing
> > authentication failure cases. The SIGNER.crt is also converted to an
> > EFI Signature List(ESL) file, SIGNER.esl, which is embedded in the
> > platform's device-tree for capsule authentication.
> >
> > Signed-off-by: Sughosh Ganu <sughosh.ganu at linaro.org>
> > ---
> > Changes since V6:
> > * New patch that puts the keys and cert files under board/sandbox/
> >   directory as suggested Simon Glass.
> >
> >  board/sandbox/SIGNER.crt  |  19 +++++++++++++++++++
> >  board/sandbox/SIGNER.esl  | Bin 0 -> 831 bytes
> >  board/sandbox/SIGNER.key  |  28 ++++++++++++++++++++++++++++
> >  board/sandbox/SIGNER2.crt |  19 +++++++++++++++++++
> >  board/sandbox/SIGNER2.key |  28 ++++++++++++++++++++++++++++
> >  5 files changed, 94 insertions(+)
> >  create mode 100644 board/sandbox/SIGNER.crt
> >  create mode 100644 board/sandbox/SIGNER.esl
> >  create mode 100644 board/sandbox/SIGNER.key
> >  create mode 100644 board/sandbox/SIGNER2.crt
> >  create mode 100644 board/sandbox/SIGNER2.key
>
> Can we call these good.* and bad.* so it is clear what they are for?
> Also, please avoid capital letters in filenames.

I was using the same nomenclature that was being used currently by the
efi capsule update tests. But I guess I can change this.

-sughosh


More information about the U-Boot mailing list