Skip to content

Commit

Permalink
acceptance-tests: add tests for signer common name check
Browse files Browse the repository at this point in the history 
Add tests to verify signers common name check implementation.

Signed-off-by: Denis Osterland <Denis.Osterland@diehl.com>
Tested-by: Stefano Babic <sbabic@denx.de>
Acked-by: Stefano Babic <sbabic@denx.de>
  • Loading branch information
@OsterlaD @sbabic
OsterlaD authored and sbabic committed Nov 16, 2018
1 parent b72c0a4 commit 1f2c6ec
Showing 1 changed file with 34 additions and 1 deletion.
35 changes: 34 additions & 1 deletion scripts/acceptance-tests/CheckImage.mk
View file
Expand Up @@ -18,7 +18,7 @@
#
# test commands for --check command-line option
#
SWU_CHECK_BASE = ./swupdate -l 5 -c $(if $(CONFIG_SIGNED_IMAGES),-k $(obj)/cacert.pem)
SWU_CHECK_BASE = ./swupdate -l 5 -c $(if $(CONFIG_SIGNED_IMAGES),-k $(obj)/cacert.pem) $(if $(strip $(filter %.cfg, $^)), -f $(filter %.cfg, $^))
SWU_CHECK = $(SWU_CHECK_BASE) $(if $(CONFIG_HW_COMPATIBILITY),-H test:1) $(if $(strip $(filter-out FORCE,$<)),-i $<) $(if $(strip $(KBUILD_VERBOSE:0=)),,>/dev/null 2>&1)

quiet_cmd_swu_check_assert_false = RUN $@
Expand Down Expand Up @@ -53,6 +53,8 @@ tests-$(CONFIG_LIBCONFIG) += ValidImageTest
tests-y += InvOptsNoImg
tests-$(CONFIG_MONGOOSE) += InvOptsCheckWithWeb
tests-$(CONFIG_SURICATTA) += InvOptsCheckWithSur
tests-$(CONFIG_SIGNED_IMAGES) += InvSigNameCheck
tests-$(CONFIG_SIGNED_IMAGES) += ValidSigNameCheck

#
# file not found test
Expand Down Expand Up @@ -180,3 +182,34 @@ $(obj)/signer.pem $(obj)/cacert.pem:
%/sw-description.sig :: %/sw-description $(obj)/signer.pem
$(call cmd,sign_desc)


#
# invalid signer name
#
PHONY += InvSigNameCheck
InvSigNameCheck: $(obj)/ValidImage.swu $(obj)/InvSigNameCheck.cfg FORCE $(if $(CONFIG_SIGNED_IMAGES), $(obj)/cacert.pem)
$(call cmd,swu_check_assert_false)

clean-files += InvSigNameCheck.cfg
$(obj)/InvSigNameCheck.cfg:
$(Q)printf "\
globals: {\n\
forced-signer-name = \"shall be different\";\n\
};\n\
" > $@

#
# valid signer name
#
PHONY += ValidSigNameCheck
ValidSigNameCheck: $(obj)/ValidImage.swu $(obj)/ValidSigNameCheck.cfg FORCE $(if $(CONFIG_SIGNED_IMAGES), $(obj)/cacert.pem)
$(call cmd,swu_check_assert_true)

clean-files += ValidSigNameCheck.cfg
$(obj)/ValidSigNameCheck.cfg:
$(Q)printf "\
globals: {\n\
forced-signer-name = \"OpenSSL test S/MIME signer 1\";\n\
};\n\
" > $@

0 comments on commit 1f2c6ec

Please sign in to comment.