diff mbox series

[v2,13/14] test: vboot: Move key creation into a function

Message ID 20200318174408.77473-14-sjg@chromium.org
State Accepted
Commit da76ed2795f2679ff0fa3c43f2b906157ec7c0b0
Headers show
Series vboot: Fix forged-configuration vulnerability | expand

Commit Message

Simon Glass March 18, 2020, 5:44 p.m. UTC
This code is repeated so move it into a function with a parameter.

Signed-off-by: Simon Glass <sjg at chromium.org>
---

Changes in v2: None

 test/py/tests/test_vboot.py | 39 +++++++++++++++++--------------------
 1 file changed, 18 insertions(+), 21 deletions(-)
diff mbox series

Patch

diff --git a/test/py/tests/test_vboot.py b/test/py/tests/test_vboot.py
index 0b8bd9ac0b..91305a4f0f 100644
--- a/test/py/tests/test_vboot.py
+++ b/test/py/tests/test_vboot.py
@@ -138,6 +138,22 @@  def test_vboot(u_boot_console, sha_algo, padding, required):
             handle.write(struct.pack(">I", size))
         return struct.unpack(">I", total_size)[0]
 
+    def create_rsa_pair(name):
+        """Generate a new RSA key paid and certificate
+
+        Args:
+            name: Name of of the key (e.g. 'dev')
+        """
+        public_exponent = 65537
+        util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %s%s.key '
+                     '-pkeyopt rsa_keygen_bits:2048 '
+                     '-pkeyopt rsa_keygen_pubexp:%d' %
+                     (tmpdir, name, public_exponent))
+
+        # Create a certificate containing the public key
+        util.run_and_log(cons, 'openssl req -batch -new -x509 -key %s%s.key '
+                         '-out %s%s.crt' % (tmpdir, name, tmpdir, name))
+
     def test_with_algo(sha_algo, padding):
         """Test verified boot with the given hash algorithm.
 
@@ -268,27 +284,8 @@  def test_vboot(u_boot_console, sha_algo, padding, required):
     dtb = '%ssandbox-u-boot.dtb' % tmpdir
     sig_node = '/configurations/conf-1/signature'
 
-    # Create an RSA key pair
-    public_exponent = 65537
-    util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sdev.key '
-                     '-pkeyopt rsa_keygen_bits:2048 '
-                     '-pkeyopt rsa_keygen_pubexp:%d' %
-                     (tmpdir, public_exponent))
-
-    # Create a certificate containing the public key
-    util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sdev.key -out '
-                     '%sdev.crt' % (tmpdir, tmpdir))
-
-    # Create an RSA key pair (prod)
-    public_exponent = 65537
-    util.run_and_log(cons, 'openssl genpkey -algorithm RSA -out %sprod.key '
-                     '-pkeyopt rsa_keygen_bits:2048 '
-                     '-pkeyopt rsa_keygen_pubexp:%d' %
-                     (tmpdir, public_exponent))
-
-    # Create a certificate containing the public key (prod)
-    util.run_and_log(cons, 'openssl req -batch -new -x509 -key %sprod.key -out '
-                     '%sprod.crt' % (tmpdir, tmpdir))
+    create_rsa_pair('dev')
+    create_rsa_pair('prod')
 
     # Create a number kernel image with zeroes
     with open('%stest-kernel.bin' % tmpdir, 'w') as fd: