test: Move create_rsa_pair() out of test_vboot_base()

At present test_fdt_add_pubkey() relies on the vboot test having already
run, since its makes use of the files that test produces.

This means that the tests cannot run in parallel (make pcheck).

As a first step to resolving this, move the required common code out to
a standalone function.

Signed-off-by: Simon Glass <sjg@chromium.org>

test/py/tests/test_vboot.py

@@ -65,6 +65,36 @@ def dtc(dts, ubman, dtc_args, datadir, tmpdir, dtb):
     utils.run_and_log(ubman, 'dtc %s %s%s -O dtb '
                       '-o %s%s' % (dtc_args, datadir, dts, tmpdir, dtb))
 
+
+def create_rsa_pair(ubman, name, sha_algo, tmpdir):
+    """Generate a new RSA key paid and certificate
+
+    Args:
+        ubman (ConsoleBase): U-Boot console
+        name (str): Name of the key (e.g. 'dev')
+        sha_algo (str): SHA algorithm to use, e.g. 'sha256'
+        tmpdir (str): Temporary directory to use for openssl
+    """
+    public_exponent = 65537
+
+    if sha_algo == 'sha384':
+        rsa_keygen_bits = 3072
+    else:
+        rsa_keygen_bits = 2048
+
+    utils.run_and_log(
+        ubman,
+        f'openssl genpkey -algorithm RSA -out {tmpdir}{name}.key '
+        f'-pkeyopt rsa_keygen_bits:{rsa_keygen_bits} '
+        f'-pkeyopt rsa_keygen_pubexp:{public_exponent}')
+
+    # Create a certificate containing the public key
+    utils.run_and_log(
+        ubman,
+        f'openssl req -batch -new -x509 -key {tmpdir}{name}.key '
+        f'-out {tmpdir}{name}.crt')
+
+
 def make_fit(its, ubman, mkimage, dtc_args, datadir, fit):
     """Make a new FIT from the .its source file.
 
@@ -265,28 +295,6 @@ def test_vboot_base(ubman, name, sha_algo, padding, sign_options, required,
             handle.seek(offset)
             handle.write(struct.pack(">I", value))
 
-    def create_rsa_pair(name):
-        """Generate a new RSA key paid and certificate
-
-        Args:
-            name: Name of of the key (e.g. 'dev')
-        """
-        public_exponent = 65537
-
-        if sha_algo == "sha384":
-            rsa_keygen_bits = 3072
-        else:
-            rsa_keygen_bits = 2048
-
-        utils.run_and_log(ubman, 'openssl genpkey -algorithm RSA -out %s%s.key '
-                     '-pkeyopt rsa_keygen_bits:%d '
-                     '-pkeyopt rsa_keygen_pubexp:%d' %
-                     (tmpdir, name, rsa_keygen_bits, public_exponent))
-
-        # Create a certificate containing the public key
-        utils.run_and_log(ubman, 'openssl req -batch -new -x509 -key %s%s.key '
-                          '-out %s%s.crt' % (tmpdir, name, tmpdir, name))
-
     def test_with_algo(sha_algo, padding, sign_options):
         """Test verified boot with the given hash algorithm.
 
@@ -520,8 +528,8 @@ def test_vboot_base(ubman, name, sha_algo, padding, sign_options, required,
     dtb = '%ssandbox-u-boot.dtb' % tmpdir
     sig_node = '/configurations/conf-1/signature'
 
-    create_rsa_pair('dev')
-    create_rsa_pair('prod')
+    create_rsa_pair(ubman, 'dev', sha_algo, tmpdir)
+    create_rsa_pair(ubman, 'prod', sha_algo, tmpdir)
 
     # Create a number kernel image with zeroes
     with open('%stest-kernel.bin' % tmpdir, 'wb') as fd: