ci(signer-id): add a test case for signer-id
Added a test to verify that the signer-id of the images is not zero.
Signer-id is a hash of the key that eventually passes down to RSS, along
with the measurement of the image that this key signs.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ibd8f2eda2570c9ba7f1fbe22b643cf46e569d205
diff --git a/expect-lava/signer-id.exp b/expect-lava/signer-id.exp
new file mode 100644
index 0000000..d63dfb0
--- /dev/null
+++ b/expect-lava/signer-id.exp
@@ -0,0 +1,12 @@
+#
+# Copyright (c) 2023 Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# Expect script for Trusted Firmware Test Framework
+#
+
+# Wait for BL31 boots and then expect/signer-id.exp
+# after LAVA job execution will do the job of checking
+# signer-id is non-zero
+source $ci_root/expect-lava/trusted-firmware.inc
diff --git a/expect/signer-id.exp b/expect/signer-id.exp
new file mode 100644
index 0000000..4afd848
--- /dev/null
+++ b/expect/signer-id.exp
@@ -0,0 +1,60 @@
+#
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+# Expect script for Linux/Buildroot using Measured Boot & fTPM
+#
+
+source [file join [file dirname [info script]] utils.inc]
+
+set uart_log_file [get_param uart_log_file]
+#Open file to read line by line
+set fh [open $uart_log_file r]
+set signer_id "signer_id"
+set signer_id_0_15 "- signer_id (\\s|\\w)*:(?!(\\s00){16})(\\s(\[0-9a-f\]){2}){16}"
+set signer_id_frag "(\\s|\\w)*:(\\s|\\w)*:(?!(\\s00){16})(\\s(\[0-9a-f\]){2}){16}"
+set non_zero_val 0
+set signer_id_detect 0
+set version_string "- version (\\s|\\w)*:"
+
+#Open file to read line by line
+set uart_log_file [get_param uart_log_file]
+set fh [open $uart_log_file r]
+
+# Loop to read and process line by line
+while {[gets $fh line] != -1} {
+
+ if {[regexp $signer_id $line]} {
+ incr signer_id_detect
+ }
+
+ if {[regexp $signer_id_0_15 $line] && $signer_id_detect == 1} {
+ send "signer_id(0:15) is non-zero\n"
+ incr non_zero_val
+ continue
+ }
+
+ if {[regexp $signer_id_frag $line] && $signer_id_detect == 1} {
+ send "signer_id fragment is non-zero\n"
+ incr non_zero_val
+ continue
+ }
+
+ if {[regexp $version_string $line]} {
+ if {$non_zero_val eq 0} {
+ send "either value is zero\n"
+ exit_uart -1
+ } else {
+ send "either value is non-zero\n"
+ set non_zero_val 0
+ }
+ set signer_id_detect 0
+ }
+
+ if {[string match "*Booting BL31*" $line]} {
+ send "Stop. BL31 booting"
+ }
+}
+
+close $fh
diff --git a/group/tf-l3-boot-tests-misc/fvp-tbb-tc2-mb:fvp-linux.tc-fip.tc-tc.signer-tc2-debug b/group/tf-l3-boot-tests-misc/fvp-tbb-tc2-mb:fvp-linux.tc-fip.tc-tc.signer-tc2-debug
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/group/tf-l3-boot-tests-misc/fvp-tbb-tc2-mb:fvp-linux.tc-fip.tc-tc.signer-tc2-debug
diff --git a/run_config/fvp-tc.signer b/run_config/fvp-tc.signer
new file mode 100644
index 0000000..fb0e1fa
--- /dev/null
+++ b/run_config/fvp-tc.signer
@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+#
+# Copyright (c) 2023, Arm Limited. All rights reserved.
+#
+# SPDX-License-Identifier: BSD-3-Clause
+#
+
+generate_lava_job() {
+ uart="1" timeout="60" port="5003" file="signer-id.exp" set_primary="1" \
+ track_expect
+}