[ima-evm-utils,2/2] tests: add test to verify EVM portable and immutable signatures

Commit Message

Mimi Zohar Dec. 8, 2020, 1:36 p.m. UTC

Now that evmctl supports verifying EVM portable and immutable signatures,
add the test.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 tests/sign_verify.test | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

Patch

diff --git a/tests/sign_verify.test b/tests/sign_verify.test
index 288e1330184e..d1ae17b58aa1 100755
--- a/tests/sign_verify.test
+++ b/tests/sign_verify.test
@@ -328,9 +328,14 @@  try_different_sigs() {
     expect_fail check_verify TYPE=ima
   fi
 
-  # Test --portable
-  expect_pass check_sign OPTS="$OPTS --portable" PREFIX=0x05
-  # Cannot be verified for now, until that support is added to evmctl
+  # Test --portable (only supported for V2 signatures)
+  if expect_pass check_sign OPTS="$OPTS --portable --imahash" PREFIX=0x05; then
+     if [[ "$OPTS" =~ --rsa ]]; then
+        expect_fail check_verify
+     else
+        expect_pass check_verify
+     fi
+  fi
 
   # Test -i (immutable)
   expect_pass check_sign OPTS="$OPTS -i" PREFIX=0x0303