def test_core1_enableSecureBoot_enbaleDevMode_singleCert_ImageSignCertIsNotCA(
self, bl):
security_boot.security_boot(
bl,
self.core,
self.originalImage,
certChainLength=1, # One self-signed certificate
isImageSigningCertCA=False, # The signing certificate is not CA.
secureBootEnable=True, # Enable secure boot
devModeEnable=True, # Enable secure boot developement mode
rootCertTableEntryIndex=-1)
def test_core1_enableSecureBoot_enbaleDevMode_multipleCert_ImageSignCertIsCA(
self, bl):
security_boot.security_boot(
bl,
self.core,
self.originalImage,
certChainLength=
2, # Self-signed root CA certificate, followed by image signing certificate which is signed by root certificate.
isImageSigningCertCA=False, # The signing certificate is CA.
secureBootEnable=True, # Enable secure boot
devModeEnable=False, # Disable secure boot developement mode
rootCertTableEntryIndex=-1)
def test_core1_secure_boot_revoke_root_cert_table_entry3(self, bl):
security_boot.security_boot(
bl,
self.core,
self.originalImage,
certChainLength=4,
isImageSigningCertCA=False, # The signing certificate is not CA.
secureBootEnable=True, # Enable secure boot
devModeEnable=
False, # Disable secure boot developement mode
rootCertTableEntryIndex=3 # rootCertTableEntryIndex = 3
)