[PATCH 12/15] test: py: add signature to TLV integration tests
Ahmad Fatoum
a.fatoum at pengutronix.de
Wed Oct 22 04:12:22 PDT 2025
On 10/22/25 1:08 PM, Jonas Rebmann wrote:
> Hi,
>
> On 2025-10-22 12:04, Ahmad Fatoum wrote:
>> Hi,
>>
>> On 10/14/25 1:03 PM, Jonas Rebmann wrote:
>>> Add TLV signature to TLV integration tests:
>>> - Signed TLV using development RSA key
>>> - Modify payload and fix CRC for a "tampered" tlv
>>> - Include both cases in generator and tlv-command tests.
>>>
>>> Use the keys selected by CRYPTO_BUILTIN_DEVELOPMENT_KEYS for all TLV
>>> testing. Consequentially add the matching private keys from the public
>>> repository at [1].
>>>
>>> [1]: https://git.pengutronix.de/cgit/ptx-code-signing-dev/
>>>
>>> Signed-off-by: Jonas Rebmann <jre at pengutronix.de>
>>> ---
>>> crypto/fit-4096-development.key | 51 ++++++++++
>>> crypto/fit-ecdsa-development.key | 5 +
>>
>> Move this into test/?
>
> I chose to move the keys in with their certificates:
> crypto/fit-4096-development.crt
> crypto/fit-ecdsa-development.crt
>
> Should I separate them, or move the certificates too (and adjust all
> references such as for CONFIG_CRYPTO_PUBLIC_KEYS)?
I am not sure crypto/ is the best place for this, but given that you
aren't introducing them there, just leave it in crypto/ for now.
I think it would be best to combine crt and key into a single pem file
and adjust the Makefile, so we don't have loose files.
Cheers,
Ahmad
>
> Regards,
> Jonas
>
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
More information about the barebox
mailing list