recipes-selftest: add images for use in secureboot selftests

This patch adds two image recipes and several keys for use in secureboot selftests. One image is an unsigned comboapp with a startup.nsh file calling bootx64.efi. The other is a comboapp image signed with the refkit keys by default. These are the same keys enrolled in the ovmf firmware. Also included is another set of keys to sign the image with that do not match the ovmf firmware's enrolled keys. Signed-off-by: California Sullivan <california.l.sullivan@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
author: California Sullivan <california.l.sullivan@intel.com> 2017-08-28 15:19:00 -0700
committer: Saul Wold <sgw@linux.intel.com> 2017-08-30 14:25:25 -0700
commit: 7549a93e9985da8453e683265ad0c65694765be0 (patch)
tree: 5c22d4d44c9a49186eaed7904745fbb98d3cee9b /common
parent: 7465f7fc99d11f469382bacae514ccfc5006dbe1 (diff)
download: meta-intel-7549a93e9985da8453e683265ad0c65694765be0.tar.gz
6 files changed, 118 insertions, 0 deletions
diff --git a/common/recipes-selftest/images/files/incorrect.crt b/common/recipes-selftest/images/files/incorrect.crt
new file mode 100644
index 00000000..3a2411ab
--- /dev/null
+++ b/common/recipes-selftest/images/files/incorrect.crt
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDCTCCAfGgAwIBAgIJAIYXAHv3cQNjMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
+BAMMEFRlc3QgWW9jdG8gdGhpbmcwHhcNMTcwMTI1MjI1MjI3WhcNMTgwMTI1MjI1
+MjI3WjAbMRkwFwYDVQQDDBBUZXN0IFlvY3RvIHRoaW5nMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAukI2ioMeL8qaXxMtryonAT51w+Zre0wB8bDBPuXD
+SwDVXNWfiKKTfCVEkLEUnsUEd7jiKswCT5orTwCD7aQK0mTrkAWEi8hEI3MkNoeh
+T51gkuTfv7A/HgPkhhlU4UQqipI6XoLf7o7PUV33ZfB43//iKY2kLBdsFvs4ALWE
+31hLOkCFb+nqMnfZxq7DgvBwIdxJdLQvaskpDMfkna+zE3QWqkH5v55atW8Bunwk
+/6q5kqNhyrjZb4i0BqJ5AHFUEQzlDcjpyFVUtR14r0IxjBFMHZXrx4uLe7KvGf/4
+GqpqeFOPqxMsfC5ILJJ7nvwFViqftGgtWg/12bKMTB5saQIDAQABo1AwTjAdBgNV
+HQ4EFgQURA8KbgpiGfS2+7MT0H5AvpxeYLowHwYDVR0jBBgwFoAURA8KbgpiGfS2
+7MT0H5AvpxeYLowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAK9n+
+9T+hlM2kEpsUgtyihEJbGHzbw+Pj11b0ICntCVuPKewtBMveYp8lejrQwMFNGRMt
+ZQe1LFb9HcLeM3MLUz9Lm4BJIjkey3Jfq1AskROYk/bJnFIJIx6P3U9gBa20P46X
+LH3g6yub1HR7KZC9nfBsak3FPoJR/SYTJs0HsMeL4878+2IbETA4BL0kbKW48FFW
+jF4f6don0eiaF8b4KkfbWKrCaEm+LMxbyBEQ6fIb1cmGY8A9A5houjmgi6YWSkoi
+SLpOC9TZ2R51fO9rRsv7XwLK0V9o9YaEYPBg6V/TeJl5nxAZBeVTKVTQbBGZY+l2
+nzN0pKsl7RXLf3SRYA==
+-----END CERTIFICATE-----
diff --git a/common/recipes-selftest/images/files/incorrect.key b/common/recipes-selftest/images/files/incorrect.key
new file mode 100644
index 00000000..d05475b6
--- /dev/null
+++ b/common/recipes-selftest/images/files/incorrect.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAukI2ioMeL8qaXxMtryonAT51w+Zre0wB8bDBPuXDSwDVXNWf
+iKKTfCVEkLEUnsUEd7jiKswCT5orTwCD7aQK0mTrkAWEi8hEI3MkNoehT51gkuTf
+v7A/HgPkhhlU4UQqipI6XoLf7o7PUV33ZfB43//iKY2kLBdsFvs4ALWE31hLOkCF
+b+nqMnfZxq7DgvBwIdxJdLQvaskpDMfkna+zE3QWqkH5v55atW8Bunwk/6q5kqNh
+yrjZb4i0BqJ5AHFUEQzlDcjpyFVUtR14r0IxjBFMHZXrx4uLe7KvGf/4GqpqeFOP
+qxMsfC5ILJJ7nvwFViqftGgtWg/12bKMTB5saQIDAQABAoIBAQCEtAox86s9N6d2
+164z3998Zmj3UyL+7K9x6JI2YvMabBSYGOeaLOLRj6fjQxdC63H8brBM958p4di7
+Z82XMco4Dok6yoOeJ+hMLYv+gfGvTJxy7DhyVXsSwok99axg9vUsV3TYw3wSdpNF
+EKLkcUldpu0W2ADBHUr4sLI85xctHH3Kt0sNDzhgADFa5rDYACXTKHtFOhEqBIwN
+FmbuRQirnErUkI3Pczgl2Xy1MlaozH9CB+bLAb5q2FYu4DKgjl4UorC+w2HV41KH
+XoL7L36XXqLRHBfEAwOWb8yro+TK8T7gW7aagTI1wgsbbQkjQmOHxclmJACdMOiJ
+DjPeR0GBAoGBAO7i2eaEoKa9QlKokN+93uOJD/F6DBi6jF0vGOqWlF8AVTj3kGL3
+X8fY/avrSlg7hKZWdei+Q5PyZViKxqmHjq781ZisKck52Tqz4s7ylqRXSgStinZr
+UqrkShCqZ3g1W91gIeVPQz0/b+gBskoHzQ5WQHfV5v9S1PaxjzcYtCrRAoGBAMea
+LcA2jjuEjqxa5v5fh8ygcHasJMRKJxW1OCKiQ94DjjzPsdVqZ1sJZChLW/N3nxe7
+wHlNJmsGbJ2w1zD5+qkkPjLq5Q4B5KAd62NNrWaEHFdEc/PPkn4xP7Zkfuu5K+m2
+7z/MF4ibvVh9PvD3HY8FWKEtkqB4rfD8AoUOVd4ZAoGAXxXAsfa8k2Hl0kzyTXyg
+CWV3CSERS46FbFngyw9gw2e4hFJWEG5ym3ONlS60iuY16JelmxyQfYUQPewPI0+n
+xZMx2fE9OLFj+++6KbF5sLRl6/K/mF8jqo3vxS5uvPRQOo+XLlUcaHalrm1ub/Um
+87v1MT3dEmgACKmoXb/hhuECgYAZluiapePiOYJZEmZe4jx0vXTtofAswhz0qYEC
+3663vdj0buQrqjKJ91BB4jdtpT5eOpHYe02blv1B0jQkcUfze1QGDxtCineXF37g
+Aktiwzkm7v22mjv7tbCnX4buDZVVp0BQ+4dg2iaSO6xgFC5T8amFMGSF8jLKnGRu
+ToIvsQKBgADBTse2vnI85NRsYq48ztQuIU2zlGXIAcoPSvGb8Vhty/joc0jWcI5P
+raGXBARbuVlcEapK3mDRfO0CQjDaTPK4EYYJwGp8k33Hkkcbgs4kfm308jRsclMr
+YeMwQsYyOv45x4iPCwrqZEhpPDvACBi7DB6QvZ0++vJbobTt1jyi
+-----END RSA PRIVATE KEY-----
diff --git a/common/recipes-selftest/images/files/refkit-db.crt b/common/recipes-selftest/images/files/refkit-db.crt
new file mode 100644
index 00000000..22ad6a89
--- /dev/null
+++ b/common/recipes-selftest/images/files/refkit-db.crt
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC+zCCAeOgAwIBAgIJANT2SMJoGZGsMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
+BAMMCXJlZmtpdC1kYjAeFw0xNzA0MjAxMjA2MzJaFw0xODA0MjAxMjA2MzJaMBQx
+EjAQBgNVBAMMCXJlZmtpdC1kYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALQcIqYiAVfN8U+vcuPZAYBQVe8CXuuZNct/Knn/tT7sXZIGMCDnla2khC4/
+tdG3Umo6ON5SfaPCx3+Y6jRY6PWDU5sZlzWZibRJpjUT3bJZUhYEwgxvOVHJWWV
+OYlfAvHFBhdYygn99h7Fl9qjThpIvs+WJwRLt21ntlAYBHNR0mot3zur8i2V16i4
+qDChq4uSK2A+OuWGQHHBPy0ukOfW7MzCC3mDcW32o6lMzUaB3O/sUb6BKvF4c0Hb
+VM58zqLjkE9FGvk9iPwO7dNpIkz6CmnRSMCqqTqzjxA6dqgMej3Yec4clmL0Bu5H
+6OBpka7qNM/aqLQ5XvN60IhIR2kCAwEAAaNQME4wHQYDVR0OBBYEFGhgESWFFHgb
+Gp9GEuYh5O/7O6rdMB8GA1UdIwQYMBaAFGhgESWFFHgbGp9GEuYh5O/7O6rdMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAI/ShHxDR8pr/YeD0O910yBS
+cxiqMnH7pfTJEaNoTbed5tlGJNzHwjv5sJj87jRuEJs9RG4zCRG4KdYtBs9nj5aF
+nWNyv2RfDePJYxlx1H1MnHdG2iCXbbzdwh/zQDge58xVBXK6JE+zipMMMGDan281
+9vuwH7MA3cSmvOI3waPv2aGG+eukpUU4/06HSkHPbml+l74tIryNoBohj0tykAFc
+uqWcLdclJPz/XFgURjAJfFVkgwu5388l7uz3y9vRW5OTyIoQRriwNRxsDY8Dao8b
+NmjzU4k2WyGA3uOSUpSXnUmJfT7eKVG6Efe6Afer6sGnLqNNZf1AcfHiP2woy9M=
+-----END CERTIFICATE-----
diff --git a/common/recipes-selftest/images/files/refkit-db.key b/common/recipes-selftest/images/files/refkit-db.key
new file mode 100644
index 00000000..4b54587e
--- /dev/null
+++ b/common/recipes-selftest/images/files/refkit-db.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC0HCKmIgFXzfFP
+r3Lj2QGAUFXvAl7rmTXLfyp5/7U+7F2SBjAg55WtpIQuP/rXRt1JqOjjeUn2jwsd
+/mOo0WOj1g1ObGZc1mYm0SaY1E92yWVIWBMIMbzlRyVllTmJXwLxxQYXWMoJ/fYe
+xZfao04aSL7PlicES7dtZ7ZQGARzUdJqLd87q/ItldeouKgwoauLkitgPjrlhkBx
+wT8tLpDn1uzMwgt5g3Ft9qOpTM1Ggdzv7FG+gSrxeHNB21TOfM6i45BPRRr5PYj8
+Du3TaSJM+gpp0UjAqqk6s48QOnaoDHo92HnOHJZi9AbuR+jgaZGu6jTP2qi0OV7z
+etCISEdpAgMBAAECggEAbtXplKbUgL4hQ9JKN2Cxhc7qMv0YgI92BVaqQw1S8ffu
+1Q+tynH5MDRPi06gBJ59SvkA6AsZsvrv8nM7zQWd9ZKh+aLHk1X04upOgDoW9JiX
+FV/txlslTUrs/ohIMfsgCrweNXvUSTXZobIi8s8QHyipE4HpXMFjjZYHIV7GTlgA
+PRgGu3NygbWfR8hcx5JtzVz/jka7FFFSbk/pMr0TeJHXP55VfqWLeeSBQmWwooj2
+QcRfqMXgLKgu6uEggaP5HMcfTuWgWNhbke/596CgsUtQ5Gg64Q6v7cKcPy0/lgn1
+PnvfT9uhgEFDLNFkSBxV3ImrNYo73Nqmbp3w5tK9SQKBgQDs/HW7pNnB0LD51qok
+pkX0SBvyKxDT1QuU4z0FY9GT7OKOg8Xa0ZGyErt+ZbyFiyUGF5Axc3rJ3DyGslgu
+5O+AqcpCQOlOyovGQ6ST9x/gEeVcRnZn1MV4vMxwaOSXtY7u0IGyaDlFn1QWHWCN
+imv8OR6YuhivwBIXGzJ16oEqDwKBgQDCj3ls7tlPrLvUQIh8gfjCoInU8fRAqtAe
+Ab/OximLsKQPKLDma6xd+X2Fk8Dowdb88GNT99x3VZjHqVJM9URDkiOGKAXA/rBp
+jAXhnQwahT8YCzOUHqDYNMMQrXHvbiHqLodGrrO2WjYNmH69prQAk8WYAIwl+hdx
+BS70LGLPBwKBgQDU9RinAkBcFjiyieBjBreeCJ50Q5bfhHbf2EOhcE2IbDo6bteB
+Bwmxx3uM3cdHCf6/NrVweqFAfBQ3xlPP8BH4wJrsZoBBOWnZRDfEbzHJnMtK3FbS
+fzTkhmQAL4Ibgh9rIxspQtcUZVSees+k4VqgUIPaIoDEjgizktEJfS2MqQKBgQDA
+rOFtVaRz2PYyHq6LzxMRe3bEIdDn8cEk1kqjdW9TXV07feqiZmNOtXLvRAG4/63u
+1Akp8L6ul2Az6qUMfaBa4nC3vQ7lr9P40qhIZATGhsqS/xTXTPWw55999qZsnL6N
+cgKZpw1mOzRohmqNWnfMUotOGsywF1n7nUyAlyxLJQKBgElTaNTFYF3MbGfhl1He
+fnDXlf8OCOK1i5oIzMLqverb2UN/qp6p0b3SAtcw5cUXcaPlajHrfYgacF/0Qyua
+Cerey9GLEdJ7saDWhz0GyJ8yyEXy8CVs0svVaLPWI0s2B7/obzP9+gTb/WE9qZqu
+bNoVEpJ/wZhk+IL4+KPmqphu
+-----END PRIVATE KEY-----
diff --git a/common/recipes-selftest/images/secureboot-selftest-image-signed.bb b/common/recipes-selftest/images/secureboot-selftest-image-signed.bb
new file mode 100644
index 00000000..3ce11f32
--- /dev/null
+++ b/common/recipes-selftest/images/secureboot-selftest-image-signed.bb
@@ -0,0 +1,6 @@
+require secureboot-selftest-image-unsigned.bb
+IMAGE_FEATURES += "secureboot"
+SECURE_BOOT_SIGNING_KEY ?= "${THISDIR}/files/refkit-db.key"
+SECURE_BOOT_SIGNING_CERT ?= "${THISDIR}/files/refkit-db.crt"
diff --git a/common/recipes-selftest/images/secureboot-selftest-image-unsigned.bb b/common/recipes-selftest/images/secureboot-selftest-image-unsigned.bb
new file mode 100644
index 00000000..e03e7b47
--- /dev/null
+++ b/common/recipes-selftest/images/secureboot-selftest-image-unsigned.bb
@@ -0,0 +1,20 @@
+require recipes-core/images/core-image-minimal.bb
+DEPENDS_remove = "grub-efi"
+inherit uefi-comboapp
+WKS_FILE = "generic-bootdisk.wks.in"
+do_uefiapp_deploy_append() {
+    for i in ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.boot*.efi; do
+        target=`basename $i`
+        target=`echo $target | sed -e 's/${IMAGE_LINK_NAME}.//'`
+        cat > ${IMAGE_ROOTFS}/boot/startup.nsh << EOF
+$target
+reset
+EOF
+    break
+    done
+}
author	California Sullivan <california.l.sullivan@intel.com>	2017-08-28 15:19:00 -0700
committer	Saul Wold <sgw@linux.intel.com>	2017-08-30 14:25:25 -0700
commit	7549a93e9985da8453e683265ad0c65694765be0 (patch)
tree	5c22d4d44c9a49186eaed7904745fbb98d3cee9b /common
parent	7465f7fc99d11f469382bacae514ccfc5006dbe1 (diff)
download	meta-intel-7549a93e9985da8453e683265ad0c65694765be0.tar.gz

diff --git a/common/recipes-selftest/images/files/incorrect.crt b/common/recipes-selftest/images/files/incorrect.crt new file mode 100644 index 00000000..3a2411ab --- /dev/null +++ b/common/recipes-selftest/images/files/incorrect.crt
@@ -0,0 +1,19 @@
	1	-----BEGIN CERTIFICATE-----
	2	MIIDCTCCAfGgAwIBAgIJAIYXAHv3cQNjMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
	3	BAMMEFRlc3QgWW9jdG8gdGhpbmcwHhcNMTcwMTI1MjI1MjI3WhcNMTgwMTI1MjI1
	4	MjI3WjAbMRkwFwYDVQQDDBBUZXN0IFlvY3RvIHRoaW5nMIIBIjANBgkqhkiG9w0B
	5	AQEFAAOCAQ8AMIIBCgKCAQEAukI2ioMeL8qaXxMtryonAT51w+Zre0wB8bDBPuXD
	6	SwDVXNWfiKKTfCVEkLEUnsUEd7jiKswCT5orTwCD7aQK0mTrkAWEi8hEI3MkNoeh
	7	T51gkuTfv7A/HgPkhhlU4UQqipI6XoLf7o7PUV33ZfB43//iKY2kLBdsFvs4ALWE
	8	31hLOkCFb+nqMnfZxq7DgvBwIdxJdLQvaskpDMfkna+zE3QWqkH5v55atW8Bunwk
	9	/6q5kqNhyrjZb4i0BqJ5AHFUEQzlDcjpyFVUtR14r0IxjBFMHZXrx4uLe7KvGf/4
	10	GqpqeFOPqxMsfC5ILJJ7nvwFViqftGgtWg/12bKMTB5saQIDAQABo1AwTjAdBgNV
	11	HQ4EFgQURA8KbgpiGfS2+7MT0H5AvpxeYLowHwYDVR0jBBgwFoAURA8KbgpiGfS2
	12	+7MT0H5AvpxeYLowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAK9n+
	13	9T+hlM2kEpsUgtyihEJbGHzbw+Pj11b0ICntCVuPKewtBMveYp8lejrQwMFNGRMt
	14	ZQe1LFb9HcLeM3MLUz9Lm4BJIjkey3Jfq1AskROYk/bJnFIJIx6P3U9gBa20P46X
	15	LH3g6yub1HR7KZC9nfBsak3FPoJR/SYTJs0HsMeL4878+2IbETA4BL0kbKW48FFW
	16	jF4f6don0eiaF8b4KkfbWKrCaEm+LMxbyBEQ6fIb1cmGY8A9A5houjmgi6YWSkoi
	17	SLpOC9TZ2R51fO9rRsv7XwLK0V9o9YaEYPBg6V/TeJl5nxAZBeVTKVTQbBGZY+l2
	18	nzN0pKsl7RXLf3SRYA==
	19	-----END CERTIFICATE-----


diff --git a/common/recipes-selftest/images/files/incorrect.key b/common/recipes-selftest/images/files/incorrect.key new file mode 100644 index 00000000..d05475b6 --- /dev/null +++ b/common/recipes-selftest/images/files/incorrect.key
@@ -0,0 +1,27 @@
	1	-----BEGIN RSA PRIVATE KEY-----
	2	MIIEowIBAAKCAQEAukI2ioMeL8qaXxMtryonAT51w+Zre0wB8bDBPuXDSwDVXNWf
	3	iKKTfCVEkLEUnsUEd7jiKswCT5orTwCD7aQK0mTrkAWEi8hEI3MkNoehT51gkuTf
	4	v7A/HgPkhhlU4UQqipI6XoLf7o7PUV33ZfB43//iKY2kLBdsFvs4ALWE31hLOkCF
	5	b+nqMnfZxq7DgvBwIdxJdLQvaskpDMfkna+zE3QWqkH5v55atW8Bunwk/6q5kqNh
	6	yrjZb4i0BqJ5AHFUEQzlDcjpyFVUtR14r0IxjBFMHZXrx4uLe7KvGf/4GqpqeFOP
	7	qxMsfC5ILJJ7nvwFViqftGgtWg/12bKMTB5saQIDAQABAoIBAQCEtAox86s9N6d2
	8	164z3998Zmj3UyL+7K9x6JI2YvMabBSYGOeaLOLRj6fjQxdC63H8brBM958p4di7
	9	Z82XMco4Dok6yoOeJ+hMLYv+gfGvTJxy7DhyVXsSwok99axg9vUsV3TYw3wSdpNF
	10	EKLkcUldpu0W2ADBHUr4sLI85xctHH3Kt0sNDzhgADFa5rDYACXTKHtFOhEqBIwN
	11	FmbuRQirnErUkI3Pczgl2Xy1MlaozH9CB+bLAb5q2FYu4DKgjl4UorC+w2HV41KH
	12	XoL7L36XXqLRHBfEAwOWb8yro+TK8T7gW7aagTI1wgsbbQkjQmOHxclmJACdMOiJ
	13	DjPeR0GBAoGBAO7i2eaEoKa9QlKokN+93uOJD/F6DBi6jF0vGOqWlF8AVTj3kGL3
	14	X8fY/avrSlg7hKZWdei+Q5PyZViKxqmHjq781ZisKck52Tqz4s7ylqRXSgStinZr
	15	UqrkShCqZ3g1W91gIeVPQz0/b+gBskoHzQ5WQHfV5v9S1PaxjzcYtCrRAoGBAMea
	16	LcA2jjuEjqxa5v5fh8ygcHasJMRKJxW1OCKiQ94DjjzPsdVqZ1sJZChLW/N3nxe7
	17	wHlNJmsGbJ2w1zD5+qkkPjLq5Q4B5KAd62NNrWaEHFdEc/PPkn4xP7Zkfuu5K+m2
	18	7z/MF4ibvVh9PvD3HY8FWKEtkqB4rfD8AoUOVd4ZAoGAXxXAsfa8k2Hl0kzyTXyg
	19	CWV3CSERS46FbFngyw9gw2e4hFJWEG5ym3ONlS60iuY16JelmxyQfYUQPewPI0+n
	20	xZMx2fE9OLFj+++6KbF5sLRl6/K/mF8jqo3vxS5uvPRQOo+XLlUcaHalrm1ub/Um
	21	87v1MT3dEmgACKmoXb/hhuECgYAZluiapePiOYJZEmZe4jx0vXTtofAswhz0qYEC
	22	3663vdj0buQrqjKJ91BB4jdtpT5eOpHYe02blv1B0jQkcUfze1QGDxtCineXF37g
	23	Aktiwzkm7v22mjv7tbCnX4buDZVVp0BQ+4dg2iaSO6xgFC5T8amFMGSF8jLKnGRu
	24	ToIvsQKBgADBTse2vnI85NRsYq48ztQuIU2zlGXIAcoPSvGb8Vhty/joc0jWcI5P
	25	raGXBARbuVlcEapK3mDRfO0CQjDaTPK4EYYJwGp8k33Hkkcbgs4kfm308jRsclMr
	26	YeMwQsYyOv45x4iPCwrqZEhpPDvACBi7DB6QvZ0++vJbobTt1jyi
	27	-----END RSA PRIVATE KEY-----


diff --git a/common/recipes-selftest/images/files/refkit-db.crt b/common/recipes-selftest/images/files/refkit-db.crt new file mode 100644 index 00000000..22ad6a89 --- /dev/null +++ b/common/recipes-selftest/images/files/refkit-db.crt
@@ -0,0 +1,18 @@
	1	-----BEGIN CERTIFICATE-----
	2	MIIC+zCCAeOgAwIBAgIJANT2SMJoGZGsMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV
	3	BAMMCXJlZmtpdC1kYjAeFw0xNzA0MjAxMjA2MzJaFw0xODA0MjAxMjA2MzJaMBQx
	4	EjAQBgNVBAMMCXJlZmtpdC1kYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
	5	ggEBALQcIqYiAVfN8U+vcuPZAYBQVe8CXuuZNct/Knn/tT7sXZIGMCDnla2khC4/
	6	+tdG3Umo6ON5SfaPCx3+Y6jRY6PWDU5sZlzWZibRJpjUT3bJZUhYEwgxvOVHJWWV
	7	OYlfAvHFBhdYygn99h7Fl9qjThpIvs+WJwRLt21ntlAYBHNR0mot3zur8i2V16i4
	8	qDChq4uSK2A+OuWGQHHBPy0ukOfW7MzCC3mDcW32o6lMzUaB3O/sUb6BKvF4c0Hb
	9	VM58zqLjkE9FGvk9iPwO7dNpIkz6CmnRSMCqqTqzjxA6dqgMej3Yec4clmL0Bu5H
	10	6OBpka7qNM/aqLQ5XvN60IhIR2kCAwEAAaNQME4wHQYDVR0OBBYEFGhgESWFFHgb
	11	Gp9GEuYh5O/7O6rdMB8GA1UdIwQYMBaAFGhgESWFFHgbGp9GEuYh5O/7O6rdMAwG
	12	A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAI/ShHxDR8pr/YeD0O910yBS
	13	cxiqMnH7pfTJEaNoTbed5tlGJNzHwjv5sJj87jRuEJs9RG4zCRG4KdYtBs9nj5aF
	14	nWNyv2RfDePJYxlx1H1MnHdG2iCXbbzdwh/zQDge58xVBXK6JE+zipMMMGDan281
	15	9vuwH7MA3cSmvOI3waPv2aGG+eukpUU4/06HSkHPbml+l74tIryNoBohj0tykAFc
	16	uqWcLdclJPz/XFgURjAJfFVkgwu5388l7uz3y9vRW5OTyIoQRriwNRxsDY8Dao8b
	17	NmjzU4k2WyGA3uOSUpSXnUmJfT7eKVG6Efe6Afer6sGnLqNNZf1AcfHiP2woy9M=
	18	-----END CERTIFICATE-----


diff --git a/common/recipes-selftest/images/files/refkit-db.key b/common/recipes-selftest/images/files/refkit-db.key new file mode 100644 index 00000000..4b54587e --- /dev/null +++ b/common/recipes-selftest/images/files/refkit-db.key
@@ -0,0 +1,28 @@
	1	-----BEGIN PRIVATE KEY-----
	2	MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC0HCKmIgFXzfFP
	3	r3Lj2QGAUFXvAl7rmTXLfyp5/7U+7F2SBjAg55WtpIQuP/rXRt1JqOjjeUn2jwsd
	4	/mOo0WOj1g1ObGZc1mYm0SaY1E92yWVIWBMIMbzlRyVllTmJXwLxxQYXWMoJ/fYe
	5	xZfao04aSL7PlicES7dtZ7ZQGARzUdJqLd87q/ItldeouKgwoauLkitgPjrlhkBx
	6	wT8tLpDn1uzMwgt5g3Ft9qOpTM1Ggdzv7FG+gSrxeHNB21TOfM6i45BPRRr5PYj8
	7	Du3TaSJM+gpp0UjAqqk6s48QOnaoDHo92HnOHJZi9AbuR+jgaZGu6jTP2qi0OV7z
	8	etCISEdpAgMBAAECggEAbtXplKbUgL4hQ9JKN2Cxhc7qMv0YgI92BVaqQw1S8ffu
	9	1Q+tynH5MDRPi06gBJ59SvkA6AsZsvrv8nM7zQWd9ZKh+aLHk1X04upOgDoW9JiX
	10	FV/txlslTUrs/ohIMfsgCrweNXvUSTXZobIi8s8QHyipE4HpXMFjjZYHIV7GTlgA
	11	PRgGu3NygbWfR8hcx5JtzVz/jka7FFFSbk/pMr0TeJHXP55VfqWLeeSBQmWwooj2
	12	QcRfqMXgLKgu6uEggaP5HMcfTuWgWNhbke/596CgsUtQ5Gg64Q6v7cKcPy0/lgn1
	13	PnvfT9uhgEFDLNFkSBxV3ImrNYo73Nqmbp3w5tK9SQKBgQDs/HW7pNnB0LD51qok
	14	pkX0SBvyKxDT1QuU4z0FY9GT7OKOg8Xa0ZGyErt+ZbyFiyUGF5Axc3rJ3DyGslgu
	15	5O+AqcpCQOlOyovGQ6ST9x/gEeVcRnZn1MV4vMxwaOSXtY7u0IGyaDlFn1QWHWCN
	16	imv8OR6YuhivwBIXGzJ16oEqDwKBgQDCj3ls7tlPrLvUQIh8gfjCoInU8fRAqtAe
	17	Ab/OximLsKQPKLDma6xd+X2Fk8Dowdb88GNT99x3VZjHqVJM9URDkiOGKAXA/rBp
	18	jAXhnQwahT8YCzOUHqDYNMMQrXHvbiHqLodGrrO2WjYNmH69prQAk8WYAIwl+hdx
	19	BS70LGLPBwKBgQDU9RinAkBcFjiyieBjBreeCJ50Q5bfhHbf2EOhcE2IbDo6bteB
	20	Bwmxx3uM3cdHCf6/NrVweqFAfBQ3xlPP8BH4wJrsZoBBOWnZRDfEbzHJnMtK3FbS
	21	fzTkhmQAL4Ibgh9rIxspQtcUZVSees+k4VqgUIPaIoDEjgizktEJfS2MqQKBgQDA
	22	rOFtVaRz2PYyHq6LzxMRe3bEIdDn8cEk1kqjdW9TXV07feqiZmNOtXLvRAG4/63u
	23	1Akp8L6ul2Az6qUMfaBa4nC3vQ7lr9P40qhIZATGhsqS/xTXTPWw55999qZsnL6N
	24	cgKZpw1mOzRohmqNWnfMUotOGsywF1n7nUyAlyxLJQKBgElTaNTFYF3MbGfhl1He
	25	fnDXlf8OCOK1i5oIzMLqverb2UN/qp6p0b3SAtcw5cUXcaPlajHrfYgacF/0Qyua
	26	Cerey9GLEdJ7saDWhz0GyJ8yyEXy8CVs0svVaLPWI0s2B7/obzP9+gTb/WE9qZqu
	27	bNoVEpJ/wZhk+IL4+KPmqphu
	28	-----END PRIVATE KEY-----


diff --git a/common/recipes-selftest/images/secureboot-selftest-image-signed.bb b/common/recipes-selftest/images/secureboot-selftest-image-signed.bb new file mode 100644 index 00000000..3ce11f32 --- /dev/null +++ b/common/recipes-selftest/images/secureboot-selftest-image-signed.bb
@@ -0,0 +1,6 @@
	1	require secureboot-selftest-image-unsigned.bb
	2
	3	IMAGE_FEATURES += "secureboot"
	4
	5	SECURE_BOOT_SIGNING_KEY ?= "${THISDIR}/files/refkit-db.key"
	6	SECURE_BOOT_SIGNING_CERT ?= "${THISDIR}/files/refkit-db.crt"


diff --git a/common/recipes-selftest/images/secureboot-selftest-image-unsigned.bb b/common/recipes-selftest/images/secureboot-selftest-image-unsigned.bb new file mode 100644 index 00000000..e03e7b47 --- /dev/null +++ b/common/recipes-selftest/images/secureboot-selftest-image-unsigned.bb
@@ -0,0 +1,20 @@
	1	require recipes-core/images/core-image-minimal.bb
	2
	3	DEPENDS_remove = "grub-efi"
	4
	5	inherit uefi-comboapp
	6
	7	WKS_FILE = "generic-bootdisk.wks.in"
	8
	9	do_uefiapp_deploy_append() {
	10	for i in ${DEPLOY_DIR_IMAGE}/${IMAGE_LINK_NAME}.boot*.efi; do
	11	target=`basename $i`
	12	target=`echo $target \| sed -e 's/${IMAGE_LINK_NAME}.//'`
	13
	14	cat > ${IMAGE_ROOTFS}/boot/startup.nsh << EOF
	15	$target
	16	reset
	17	EOF
	18	break
	19	done
	20	}