diff --git a/tools/binman/etype/pre_load.py b/tools/binman/etype/pre_load.py index bd3545bffc..2e4c72359f 100644 --- a/tools/binman/etype/pre_load.py +++ b/tools/binman/etype/pre_load.py @@ -81,7 +81,8 @@ class Entry_pre_load(Entry_collection): def ReadNode(self): super().ReadNode() - self.key_path, = self.GetEntryArgsOrProps([EntryArg('pre-load-key-path', str)]) + self.key_path, = self.GetEntryArgsOrProps( + [EntryArg('pre-load-key-path', str)]) if self.key_path is None: self.key_path = '' @@ -98,8 +99,7 @@ class Entry_pre_load(Entry_collection): self.Raise(sign_name + " is not supported") # Read the key - with open(key_name, 'rb') as pem: - key = RSA.import_key(pem.read()) + key = RSA.import_key(tools.read_file(key_name)) # Check if the key has the expected size if key.size_in_bytes() != RSAS[sign_name]: diff --git a/tools/binman/ftest.py b/tools/binman/ftest.py index 3e8091e832..376af9fa08 100644 --- a/tools/binman/ftest.py +++ b/tools/binman/ftest.py @@ -5647,41 +5647,61 @@ fdt fdtmap Extract the devicetree blob from the fdtmap def testPreLoad(self): """Test an image with a pre-load header""" entry_args = { - 'pre-load-key-path': '.', + 'pre-load-key-path': os.path.join(self._binman_dir, 'test'), } - data, _, _, _ = self._DoReadFileDtb('230_pre_load.dts', - entry_args=entry_args) - self.assertEqual(PRE_LOAD_MAGIC, data[:len(PRE_LOAD_MAGIC)]) - self.assertEqual(PRE_LOAD_VERSION, data[4:4 + len(PRE_LOAD_VERSION)]) - self.assertEqual(PRE_LOAD_HDR_SIZE, data[8:8 + len(PRE_LOAD_HDR_SIZE)]) - data = self._DoReadFile('230_pre_load.dts') + data = self._DoReadFileDtb( + '230_pre_load.dts', entry_args=entry_args, + extra_indirs=[os.path.join(self._binman_dir, 'test')])[0] self.assertEqual(PRE_LOAD_MAGIC, data[:len(PRE_LOAD_MAGIC)]) self.assertEqual(PRE_LOAD_VERSION, data[4:4 + len(PRE_LOAD_VERSION)]) self.assertEqual(PRE_LOAD_HDR_SIZE, data[8:8 + len(PRE_LOAD_HDR_SIZE)]) + def testPreLoadNoKey(self): + """Test an image with a pre-load heade0r with missing key""" + with self.assertRaises(FileNotFoundError) as exc: + self._DoReadFile('230_pre_load.dts') + self.assertIn("No such file or directory: 'dev.key'", + str(exc.exception)) + def testPreLoadPkcs(self): """Test an image with a pre-load header with padding pkcs""" - data = self._DoReadFile('231_pre_load_pkcs.dts') + entry_args = { + 'pre-load-key-path': os.path.join(self._binman_dir, 'test'), + } + data = self._DoReadFileDtb('231_pre_load_pkcs.dts', + entry_args=entry_args)[0] self.assertEqual(PRE_LOAD_MAGIC, data[:len(PRE_LOAD_MAGIC)]) self.assertEqual(PRE_LOAD_VERSION, data[4:4 + len(PRE_LOAD_VERSION)]) self.assertEqual(PRE_LOAD_HDR_SIZE, data[8:8 + len(PRE_LOAD_HDR_SIZE)]) def testPreLoadPss(self): """Test an image with a pre-load header with padding pss""" - data = self._DoReadFile('232_pre_load_pss.dts') + entry_args = { + 'pre-load-key-path': os.path.join(self._binman_dir, 'test'), + } + data = self._DoReadFileDtb('232_pre_load_pss.dts', + entry_args=entry_args)[0] self.assertEqual(PRE_LOAD_MAGIC, data[:len(PRE_LOAD_MAGIC)]) self.assertEqual(PRE_LOAD_VERSION, data[4:4 + len(PRE_LOAD_VERSION)]) self.assertEqual(PRE_LOAD_HDR_SIZE, data[8:8 + len(PRE_LOAD_HDR_SIZE)]) def testPreLoadInvalidPadding(self): """Test an image with a pre-load header with an invalid padding""" + entry_args = { + 'pre-load-key-path': os.path.join(self._binman_dir, 'test'), + } with self.assertRaises(ValueError) as e: - data = self._DoReadFile('233_pre_load_invalid_padding.dts') + self._DoReadFileDtb('233_pre_load_invalid_padding.dts', + entry_args=entry_args) def testPreLoadInvalidSha(self): """Test an image with a pre-load header with an invalid hash""" + entry_args = { + 'pre-load-key-path': os.path.join(self._binman_dir, 'test'), + } with self.assertRaises(ValueError) as e: - data = self._DoReadFile('234_pre_load_invalid_sha.dts') + self._DoReadFileDtb('234_pre_load_invalid_sha.dts', + entry_args=entry_args) def testPreLoadInvalidAlgo(self): """Test an image with a pre-load header with an invalid algo""" @@ -5690,8 +5710,12 @@ fdt fdtmap Extract the devicetree blob from the fdtmap def testPreLoadInvalidKey(self): """Test an image with a pre-load header with an invalid key""" + entry_args = { + 'pre-load-key-path': os.path.join(self._binman_dir, 'test'), + } with self.assertRaises(ValueError) as e: - data = self._DoReadFile('236_pre_load_invalid_key.dts') + data = self._DoReadFileDtb('236_pre_load_invalid_key.dts', + entry_args=entry_args) def _CheckSafeUniqueNames(self, *images): """Check all entries of given images for unsafe unique names""" diff --git a/tools/binman/test/230_pre_load.dts b/tools/binman/test/230_pre_load.dts index c0c24729f8..e6d9ef40c6 100644 --- a/tools/binman/test/230_pre_load.dts +++ b/tools/binman/test/230_pre_load.dts @@ -10,7 +10,7 @@ pre-load { content = <&image>; algo-name = "sha256,rsa2048"; - key-name = "tools/binman/test/230_dev.key"; + key-name = "dev.key"; header-size = <4096>; version = <0x11223344>; }; diff --git a/tools/binman/test/231_pre_load_pkcs.dts b/tools/binman/test/231_pre_load_pkcs.dts index 530638c56b..66268cdb21 100644 --- a/tools/binman/test/231_pre_load_pkcs.dts +++ b/tools/binman/test/231_pre_load_pkcs.dts @@ -11,7 +11,7 @@ content = <&image>; algo-name = "sha256,rsa2048"; padding-name = "pkcs-1.5"; - key-name = "tools/binman/test/230_dev.key"; + key-name = "dev.key"; header-size = <4096>; version = <0x11223344>; }; diff --git a/tools/binman/test/232_pre_load_pss.dts b/tools/binman/test/232_pre_load_pss.dts index 371e0fdb40..3008d3f464 100644 --- a/tools/binman/test/232_pre_load_pss.dts +++ b/tools/binman/test/232_pre_load_pss.dts @@ -11,7 +11,7 @@ content = <&image>; algo-name = "sha256,rsa2048"; padding-name = "pss"; - key-name = "tools/binman/test/230_dev.key"; + key-name = "dev.key"; header-size = <4096>; version = <0x11223344>; }; diff --git a/tools/binman/test/233_pre_load_invalid_padding.dts b/tools/binman/test/233_pre_load_invalid_padding.dts index 9cb4cb570b..bbe2d1ba86 100644 --- a/tools/binman/test/233_pre_load_invalid_padding.dts +++ b/tools/binman/test/233_pre_load_invalid_padding.dts @@ -11,7 +11,7 @@ content = <&image>; algo-name = "sha256,rsa2048"; padding-name = "padding"; - key-name = "tools/binman/test/230_dev.key"; + key-name = "dev.key"; header-size = <4096>; version = <1>; }; diff --git a/tools/binman/test/234_pre_load_invalid_sha.dts b/tools/binman/test/234_pre_load_invalid_sha.dts index 8ded98df53..29afd2e37e 100644 --- a/tools/binman/test/234_pre_load_invalid_sha.dts +++ b/tools/binman/test/234_pre_load_invalid_sha.dts @@ -11,7 +11,7 @@ content = <&image>; algo-name = "sha2560,rsa2048"; padding-name = "pkcs-1.5"; - key-name = "tools/binman/test/230_dev.key"; + key-name = "dev.key"; header-size = <4096>; version = <1>; }; diff --git a/tools/binman/test/235_pre_load_invalid_algo.dts b/tools/binman/test/235_pre_load_invalid_algo.dts index 145286caa3..d6f6dd20cd 100644 --- a/tools/binman/test/235_pre_load_invalid_algo.dts +++ b/tools/binman/test/235_pre_load_invalid_algo.dts @@ -11,7 +11,7 @@ content = <&image>; algo-name = "sha256,rsa20480"; padding-name = "pkcs-1.5"; - key-name = "tools/binman/test/230_dev.key"; + key-name = "dev.key"; header-size = <4096>; version = <1>; }; diff --git a/tools/binman/test/236_pre_load_invalid_key.dts b/tools/binman/test/236_pre_load_invalid_key.dts index df858c3a28..f93bc9792c 100644 --- a/tools/binman/test/236_pre_load_invalid_key.dts +++ b/tools/binman/test/236_pre_load_invalid_key.dts @@ -11,7 +11,7 @@ content = <&image>; algo-name = "sha256,rsa4096"; padding-name = "pkcs-1.5"; - key-name = "tools/binman/test/230_dev.key"; + key-name = "dev.key"; header-size = <4096>; version = <1>; }; diff --git a/tools/binman/test/230_dev.key b/tools/binman/test/dev.key similarity index 100% rename from tools/binman/test/230_dev.key rename to tools/binman/test/dev.key