From 66e5517513e35eee2f29560cb4967acfb88c4ea4 Mon Sep 17 00:00:00 2001
From: Jessica Castelino <jessica.castelino@windriver.com>
Date: Thu, 3 Mar 2022 18:45:12 -0500
Subject: [PATCH] Firmware audit fix for root key and key revocation images

The root key and revocation device image bitstream types report
the firmware sync status as "unknown" due to incorrect
attribute names. This commit fixes the problem.

Tests:
1)Subcloud1 is updated with unsigned image where
--bitstream-id is used. Subcloud1 is expected to be in-sync
after re-homing.
2)Subcloud2 is updated with root_public_program_ssl.bin where
--key-signature is used  (but this image is not allowed to
update second time, so update failed as expected.) Subcloud2 is
expected to be out-of-sync after re-homing.
3)Subcloud3 is only configured with a label that doesn't match
to any image, so it should still be in-sync after re-homing.
4)Subcloud4 is updated with ssl_csk1_cancel.bin where
--revoke-key-id is used. Subcloud4 is expected to be in-sync
after re-homing.

Change-Id: I1a95474d417f292e226454cf2b8c1d6448101274
Signed-off-by: Jessica Castelino <jessica.castelino@windriver.com>
Closes-Bug: 1952444
---
 distributedcloud/dcmanager/audit/firmware_audit.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/distributedcloud/dcmanager/audit/firmware_audit.py b/distributedcloud/dcmanager/audit/firmware_audit.py
index 4ecdae063..62f2a26ab 100644
--- a/distributedcloud/dcmanager/audit/firmware_audit.py
+++ b/distributedcloud/dcmanager/audit/firmware_audit.py
@@ -143,13 +143,13 @@ class FirmwareAudit(object):
                            subcloud_image,
                            system_controller_image):
         if ((system_controller_image.bitstream_type == consts.BITSTREAM_TYPE_ROOT_KEY and
-             system_controller_image.root_key == subcloud_image.root_key) or
+             system_controller_image.key_signature == subcloud_image.key_signature) or
             (system_controller_image.bitstream_type == consts.BITSTREAM_TYPE_FUNCTIONAL and
              system_controller_image.bitstream_id == subcloud_image.bitstream_id and
              system_controller_image.bmc == subcloud_image.bmc and
              system_controller_image.retimer_included == subcloud_image.retimer_included) or
             (system_controller_image.bitstream_type == consts.BITSTREAM_TYPE_KEY_REVOCATION and
-             system_controller_image.revoked_key_ids == subcloud_image.revoked_key_ids)):
+             system_controller_image.revoke_key_id == subcloud_image.revoke_key_id)):
                 return True
         return False