colin/u-boot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

binman: Add tests for etype encrypted

Browse Source 
Add tests to reach 100% code coverage for the added etype encrypted.

Signed-off-by: Christian Taedcke <christian.taedcke@weidmueller.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Christian Taedcke
2023-07-17 09:05:54 +02:00
committed by Simon Glass
parent dcd3d76b7b
commit 289e6007cf
6 changed files with 163 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
tools/binman/ftest.py
View File

@@ -94,6 +94,8 @@ ROCKCHIP_TPL_DATA = b'rockchip-tpl'
TEST_FDT1_DATA = b'fdt1' TEST_FDT1_DATA = b'fdt1'
TEST_FDT2_DATA = b'test-fdt2' TEST_FDT2_DATA = b'test-fdt2'
ENV_DATA = b'var1=1\nvar2="2"' ENV_DATA = b'var1=1\nvar2="2"'
ENCRYPTED_IV_DATA = b'123456'
ENCRYPTED_KEY_DATA = b'abcde'
PRE_LOAD_MAGIC = b'UBSH' PRE_LOAD_MAGIC = b'UBSH'
PRE_LOAD_VERSION = 0x11223344.to_bytes(4, 'big') PRE_LOAD_VERSION = 0x11223344.to_bytes(4, 'big')
PRE_LOAD_HDR_SIZE = 0x00001000.to_bytes(4, 'big') PRE_LOAD_HDR_SIZE = 0x00001000.to_bytes(4, 'big')
@@ -232,6 +234,10 @@ class TestFunctional(unittest.TestCase):
# Newer OP_TEE file in v1 binary format # Newer OP_TEE file in v1 binary format
cls.make_tee_bin('tee.bin') cls.make_tee_bin('tee.bin')
# test files for encrypted tests
TestFunctional._MakeInputFile('encrypted-file.iv', ENCRYPTED_IV_DATA)
TestFunctional._MakeInputFile('encrypted-file.key', ENCRYPTED_KEY_DATA)
cls.comp_bintools = {} cls.comp_bintools = {}
for name in COMP_BINTOOLS: for name in COMP_BINTOOLS:
cls.comp_bintools[name] = bintool.Bintool.create(name) cls.comp_bintools[name] = bintool.Bintool.create(name)
@@ -6995,5 +7001,58 @@ fdt fdtmap Extract the devicetree blob from the fdtmap
entry_args=entry_args)[0] entry_args=entry_args)[0]
self.assertGreater(len(data), len(TI_UNSECURE_DATA)) self.assertGreater(len(data), len(TI_UNSECURE_DATA))
def testEncryptedNoAlgo(self):
"""Test encrypted node with missing required properties"""
with self.assertRaises(ValueError) as e:
self._DoReadFileDtb('301_encrypted_no_algo.dts')
self.assertIn(
"Node '/binman/fit/images/u-boot/encrypted': 'encrypted' entry is missing properties: algo iv-filename",
str(e.exception))
def testEncryptedInvalidIvfile(self):
"""Test encrypted node with invalid iv file"""
with self.assertRaises(ValueError) as e:
self._DoReadFileDtb('302_encrypted_invalid_iv_file.dts')
self.assertIn("Filename 'invalid-iv-file' not found in input path",
str(e.exception))
def testEncryptedMissingKey(self):
"""Test encrypted node with missing key properties"""
with self.assertRaises(ValueError) as e:
self._DoReadFileDtb('303_encrypted_missing_key.dts')
self.assertIn(
"Node '/binman/fit/images/u-boot/encrypted': Provide either 'key-filename' or 'key-source'",
str(e.exception))
def testEncryptedKeySource(self):
"""Test encrypted node with key-source property"""
data = self._DoReadFileDtb('304_encrypted_key_source.dts')[0]
dtb = fdt.Fdt.FromData(data)
dtb.Scan()
node = dtb.GetNode('/images/u-boot/cipher')
self.assertEqual('algo-name', node.props['algo'].value)
self.assertEqual('key-source-value', node.props['key-source'].value)
self.assertEqual(ENCRYPTED_IV_DATA,
tools.to_bytes(''.join(node.props['iv'].value)))
self.assertNotIn('key', node.props)
def testEncryptedKeyFile(self):
"""Test encrypted node with key-filename property"""
data = self._DoReadFileDtb('305_encrypted_key_file.dts')[0]
dtb = fdt.Fdt.FromData(data)
dtb.Scan()
node = dtb.GetNode('/images/u-boot/cipher')
self.assertEqual('algo-name', node.props['algo'].value)
self.assertEqual(ENCRYPTED_IV_DATA,
tools.to_bytes(''.join(node.props['iv'].value)))
self.assertEqual(ENCRYPTED_KEY_DATA,
tools.to_bytes(''.join(node.props['key'].value)))
self.assertNotIn('key-source', node.props)
if __name__ == "__main__": if __name__ == "__main__":
unittest.main() unittest.main()

15
tools/binman/test/301_encrypted_no_algo.dts Normal file
View File

@@ -0,0 +1,15 @@
// SPDX-License-Identifier: GPL-2.0+
/dts-v1/;
/ {
binman {
fit {
images {
u-boot {
encrypted {
};
};
};
};
};
};

18
tools/binman/test/302_encrypted_invalid_iv_file.dts Normal file
View File

@@ -0,0 +1,18 @@
// SPDX-License-Identifier: GPL-2.0+
/dts-v1/;
/ {
binman {
fit {
images {
u-boot {
encrypted {
algo = "some-algo";
key-source = "key";
iv-filename = "invalid-iv-file";
};
};
};
};
};
};

23
tools/binman/test/303_encrypted_missing_key.dts Normal file
View File

@@ -0,0 +1,23 @@
// SPDX-License-Identifier: GPL-2.0+
/dts-v1/;
/ {
#address-cells = <1>;
#size-cells = <1>;
binman {
fit {
description = "test desc";
images {
u-boot {
encrypted {
algo = "algo-name";
iv-filename = "encrypted-file.iv";
};
};
};
};
};
};

24
tools/binman/test/304_encrypted_key_source.dts Normal file
View File

@@ -0,0 +1,24 @@
// SPDX-License-Identifier: GPL-2.0+
/dts-v1/;
/ {
#address-cells = <1>;
#size-cells = <1>;
binman {
fit {
description = "test desc";
images {
u-boot {
encrypted {
algo = "algo-name";
key-source = "key-source-value";
iv-filename = "encrypted-file.iv";
};
};
};
};
};
};

24
tools/binman/test/305_encrypted_key_file.dts Normal file
View File

@@ -0,0 +1,24 @@
// SPDX-License-Identifier: GPL-2.0+
/dts-v1/;
/ {
#address-cells = <1>;
#size-cells = <1>;
binman {
fit {
description = "test desc";
images {
u-boot {
encrypted {
algo = "algo-name";
iv-filename = "encrypted-file.iv";
key-filename = "encrypted-file.key";
};
};
};
};
};
};