ci(rotpk): add a boot test for ROTPK hash in trusted registers
Added a fixed ROTPK (SHA256 hash of the 2K ROTPK) to the model
to cover the test where the ROTPK is stored in registers
(ARM_ROTPK_LOCATION=regs), simulating the production use case.
Change-Id: I428b469efeedf56f9dd78a543445bb243b71f315
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
diff --git a/model/base-aemva-common.sh b/model/base-aemva-common.sh
index fb8ca3c..d47162e 100644
--- a/model/base-aemva-common.sh
+++ b/model/base-aemva-common.sh
@@ -134,6 +134,9 @@
# FEAT_LS64_V, FEAT_LS64_ACCDATA)
reset_var accelerator_support_level
+# ROTPK in trusted register space
+reset_var has_rotpk_in_regs
+
source "$ci_root/model/fvp_common.sh"
#------------ Common configuration --------------
@@ -172,6 +175,14 @@
${etm_plugin+--plugin=$etm_plugin_path}
EOF
+# Store the fixed ROTPK hash in registers
+# Note: This is the SHA256 hash of the RSA 2K development public key used in TF-A
+if [ "$has_rotpk_in_regs" = "1" ]; then
+ cat <<EOF >>"$model_param_file"
+-C bp.trusted_key_storage.public_key="0982f3b0 3ad89712 47727a37 7332ec1b e23292e9 5ef65949 464a4a8b da9a22d8"
+EOF
+fi
+
# TFTF Reboot/Shutdown tests
if [ "$retain_flash" = "1" ]; then
cat <<EOF >>"$model_param_file"