Support certifying the boot.img in a boot-img.tar.gz

The current glob() pattern will only certify boot-*.img
in an archive. Changing this to boot*.img to make it certify
a boot.img as well.

Bug: 223288963
Test: atest --host certify_bootimg_test

Change-Id: I7e97fd8ddaa02b628b58aedee2e8be3c8c863605
diff --git a/gki/certify_bootimg.py b/gki/certify_bootimg.py
index 2c3d80e..68a042e 100755
--- a/gki/certify_bootimg.py
+++ b/gki/certify_bootimg.py
@@ -273,7 +273,7 @@
         if os.path.exists(gki_info_file):
             load_gki_info_file(gki_info_file, extra_args, extra_footer_args)
 
-        for boot_img in glob.glob(os.path.join(unpack_dir, 'boot-*.img')):
+        for boot_img in glob.glob(os.path.join(unpack_dir, 'boot*.img')):
             print(f'Certifying {os.path.basename(boot_img)} ...')
             certify_bootimg(boot_img=boot_img, output_img=boot_img,
                             algorithm=algorithm, key=key, extra_args=extra_args,
diff --git a/gki/certify_bootimg_test.py b/gki/certify_bootimg_test.py
index 779c46f..ec5f505 100644
--- a/gki/certify_bootimg_test.py
+++ b/gki/certify_bootimg_test.py
@@ -82,8 +82,8 @@
           e.g., 'zip', 'tar', or 'gztar', etc.
         boot_img_info: a list of (boot_image_name, kernel_size,
           partition_size) tuples. e.g.,
-          [('boot-1.0.img', 4096, 4 * 1024),
-           ('boot-2.0.img', 8192, 8 * 1024)].
+          [('boot.img', 4096, 4 * 1024),
+           ('boot-lz4.img', 8192, 8 * 1024)].
         gki_info: the file content to be written into 'gki-info.txt' in the
           created archive.
 
@@ -186,18 +186,18 @@
 def extract_boot_archive_with_signatures(boot_img_archive, output_dir):
     """Extracts boot images and signatures of a boot images archive.
 
-    Suppose there are two boot images in |boot_img_archive|: boot-1.0.img
-    and boot-2.0.img. This function then extracts each boot-*.img and
+    Suppose there are two boot images in |boot_img_archive|: boot.img
+    and boot-lz4.img. This function then extracts each boot*.img and
     their signatures as:
-      - |output_dir|/boot-1.0.img
-      - |output_dir|/boot-2.0.img
-      - |output_dir|/boot-1.0/boot_signature1
-      - |output_dir|/boot-1.0/boot_signature2
-      - |output_dir|/boot-2.0/boot_signature1
-      - |output_dir|/boot-2.0/boot_signature2
+      - |output_dir|/boot.img
+      - |output_dir|/boot-lz4.img
+      - |output_dir|/boot/boot_signature1
+      - |output_dir|/boot/boot_signature2
+      - |output_dir|/boot-lz4/boot_signature1
+      - |output_dir|/boot-lz4/boot_signature2
     """
     shutil.unpack_archive(boot_img_archive, output_dir)
-    for boot_img in glob.glob(os.path.join(output_dir, 'boot-*.img')):
+    for boot_img in glob.glob(os.path.join(output_dir, 'boot*.img')):
         img_name = os.path.splitext(os.path.basename(boot_img))[0]
         signature_output_dir = os.path.join(output_dir, img_name)
         os.mkdir(signature_output_dir, 0o777)
@@ -316,7 +316,7 @@
             "    Prop: com.android.build.boot.security_patch -> '2022-05-05'\n"
         )
 
-        self._EXPECTED_AVB_FOOTER_BOOT_1_0 = (          # pylint: disable=C0103
+        self._EXPECTED_AVB_FOOTER_BOOT = (              # pylint: disable=C0103
             'Footer version:           1.0\n'
             'Image size:               131072 bytes\n'
             'Original image size:      28672 bytes\n'
@@ -339,8 +339,8 @@
             '      Partition Name:        boot\n'
             '      Salt:                  a11ba11b\n'
             '      Digest:                '
-            '634e60e08f5b83842c70fa0efa05de87'
-            '643cd75357f06eff9acc3d1f93e26795\n'
+            'b93084707ba2367120e19547f17f1073'
+            '4c7ad8e56008ec2159d5f01b950335ad\n'
             '      Flags:                 0\n'
             "    Prop: avb -> 'nice'\n"
             "    Prop: avb_space -> 'nice to meet you'\n"
@@ -348,7 +348,7 @@
             "    Prop: com.android.build.boot.security_patch -> '2022-05-05'\n"
         )
 
-        self._EXPECTED_AVB_FOOTER_BOOT_2_0 = (          # pylint: disable=C0103
+        self._EXPECTED_AVB_FOOTER_BOOT_LZ4 = (          # pylint: disable=C0103
             'Footer version:           1.0\n'
             'Image size:               262144 bytes\n'
             'Original image size:      36864 bytes\n'
@@ -371,8 +371,8 @@
             '      Partition Name:        boot\n'
             '      Salt:                  a11ba11b\n'
             '      Digest:                '
-            'f9bb362d8d0e6559f9f8f42eeaf4da9f'
-            '0fca6093de74ac406f76719fd0b20102\n'
+            '6b3f583f1bc5fbc284102e0185d02c6b'
+            '294f675c95b9337e89ea1e6b743af2ab\n'
             '      Flags:                 0\n'
             "    Prop: avb -> 'nice'\n"
             "    Prop: avb_space -> 'nice to meet you'\n"
@@ -380,7 +380,7 @@
             "    Prop: com.android.build.boot.security_patch -> '2022-05-05'\n"
         )
 
-        self._EXPECTED_AVB_FOOTER_BOOT_3_0 = (          # pylint: disable=C0103
+        self._EXPECTED_AVB_FOOTER_BOOT_GZ = (           # pylint: disable=C0103
             'Footer version:           1.0\n'
             'Image size:               131072 bytes\n'
             'Original image size:      28672 bytes\n'
@@ -403,8 +403,8 @@
             '      Partition Name:        boot\n'
             '      Salt:                  a11ba11b\n'
             '      Digest:                '
-            'fb0326a78b3794c79fad414d10f8d69a'
-            '86a0da49e5320bd5b4fc09272cb2cad9\n'
+            'd2098d507e039afc6b4d7ec3de129a8d'
+            'd0e0cf889c9181ebee65ce2fb25de3f5\n'
             '      Flags:                 0\n'
             "    Prop: avb -> 'nice'\n"
             "    Prop: avb_space -> 'nice to meet you'\n"
@@ -576,7 +576,7 @@
             "    Prop: GKI_INFO -> 'added here'\n"
         )
 
-        self._EXPECTED_BOOT_1_0_SIGNATURE1_RSA4096 = (   # pylint: disable=C0103
+        self._EXPECTED_BOOT_SIGNATURE1_RSA4096 = (       # pylint: disable=C0103
             'Minimum libavb version:   1.0\n'
             'Header Block:             256 bytes\n'
             'Authentication Block:     576 bytes\n'
@@ -595,8 +595,8 @@
             '      Partition Name:        boot\n'           # boot
             '      Salt:                  d00df00d\n'
             '      Digest:                '
-            '88465e463bffb9f7dfc0c1f46d01bcf3'
-            '15f7693e19bd188a0ca1feca2ed7b9df\n'
+            '30208b4d0a6d16db47fc13c9527bfe81'
+            'a168d3b3940325d1ca8d3439792bfe18\n'
             '      Flags:                 0\n'
             "    Prop: gki -> 'nice'\n"
             "    Prop: space -> 'nice to meet you'\n"
@@ -607,7 +607,7 @@
             "    Prop: SPACE -> 'nice to meet you'\n"
         )
 
-        self._EXPECTED_BOOT_1_0_SIGNATURE2_RSA4096 = (   # pylint: disable=C0103
+        self._EXPECTED_BOOT_SIGNATURE2_RSA4096 = (       # pylint: disable=C0103
             'Minimum libavb version:   1.0\n'
             'Header Block:             256 bytes\n'
             'Authentication Block:     576 bytes\n'
@@ -626,8 +626,8 @@
             '      Partition Name:        generic_kernel\n' # generic_kernel
             '      Salt:                  d00df00d\n'
             '      Digest:                '
-            '14ac8d0d233e57a317acd05cd458f2bb'
-            'cc78725ef9f66c1b38e90697fb09d943\n'
+            'd4c8847e7d9900a98f77e1f0b5272854'
+            '7bf9c1e428fea500d419275f72ec5bd6\n'
             '      Flags:                 0\n'
             "    Prop: gki -> 'nice'\n"
             "    Prop: space -> 'nice to meet you'\n"
@@ -638,7 +638,7 @@
             "    Prop: SPACE -> 'nice to meet you'\n"
         )
 
-        self._EXPECTED_BOOT_2_0_SIGNATURE1_RSA4096 = (   # pylint: disable=C0103
+        self._EXPECTED_BOOT_LZ4_SIGNATURE1_RSA4096 = (   # pylint: disable=C0103
             'Minimum libavb version:   1.0\n'
             'Header Block:             256 bytes\n'
             'Authentication Block:     576 bytes\n'
@@ -657,8 +657,8 @@
             '      Partition Name:        boot\n'           # boot
             '      Salt:                  d00df00d\n'
             '      Digest:                '
-            '3e6a9854a9d2350a7071083bc3f37376'
-            '37573fd87b1c72b146cb4870ac6af36f\n'
+            '9d3a0670a9fd3de66e940117ef97700f'
+            'ed5fd1c6fb90798fd3873af45fc91cb4\n'
             '      Flags:                 0\n'
             "    Prop: gki -> 'nice'\n"
             "    Prop: space -> 'nice to meet you'\n"
@@ -669,7 +669,7 @@
             "    Prop: SPACE -> 'nice to meet you'\n"
         )
 
-        self._EXPECTED_BOOT_2_0_SIGNATURE2_RSA4096 = (   # pylint: disable=C0103
+        self._EXPECTED_BOOT_LZ4_SIGNATURE2_RSA4096 = (   # pylint: disable=C0103
             'Minimum libavb version:   1.0\n'
             'Header Block:             256 bytes\n'
             'Authentication Block:     576 bytes\n'
@@ -688,8 +688,8 @@
             '      Partition Name:        generic_kernel\n' # generic_kernel
             '      Salt:                  d00df00d\n'
             '      Digest:                '
-            '92fb8443cd284b67a4cbf5ce00348b50'
-            '1c657e0aedf4e2181c92ad7fc8b5224f\n'
+            '7d109e3dccca9e30e04249162d07e58c'
+            '62fdf269804b35857b956fba339b2679\n'
             '      Flags:                 0\n'
             "    Prop: gki -> 'nice'\n"
             "    Prop: space -> 'nice to meet you'\n"
@@ -700,7 +700,7 @@
             "    Prop: SPACE -> 'nice to meet you'\n"
         )
 
-        self._EXPECTED_BOOT_3_0_SIGNATURE1_RSA4096 = (   # pylint: disable=C0103
+        self._EXPECTED_BOOT_GZ_SIGNATURE1_RSA4096 = (    # pylint: disable=C0103
             'Minimum libavb version:   1.0\n'
             'Header Block:             256 bytes\n'
             'Authentication Block:     576 bytes\n'
@@ -719,14 +719,14 @@
             '      Partition Name:        boot\n'           # boot
             '      Salt:                  d00df00d\n'
             '      Digest:                '
-            '9b9cd845a367d7fc9b61d6ac02b0e7c9'
-            'dc3d3b219abf60dd6e19359f0353c917\n'
+            '6fcddc6167ae3c2037b424d35c3ef107'
+            'f586510dbb2d652d7c08b88e6ea52fc6\n'
             '      Flags:                 0\n'
             "    Prop: gki -> 'nice'\n"
             "    Prop: space -> 'nice to meet you'\n"
         )
 
-        self._EXPECTED_BOOT_3_0_SIGNATURE2_RSA4096 = (   # pylint: disable=C0103
+        self._EXPECTED_BOOT_GZ_SIGNATURE2_RSA4096 = (    # pylint: disable=C0103
             'Minimum libavb version:   1.0\n'
             'Header Block:             256 bytes\n'
             'Authentication Block:     576 bytes\n'
@@ -745,8 +745,8 @@
             '      Partition Name:        generic_kernel\n' # generic_kernel
             '      Salt:                  d00df00d\n'
             '      Digest:                '
-            '0cd7d331ed9b32dcd92f00e2cac75595'
-            '52199170afe788a8fcf1954f9ea072d0\n'
+            '7a6a43eb4048b783346fb6d039103647'
+            '6c4313146da521467af282dff1838d0e\n'
             '      Flags:                 0\n'
             "    Prop: gki -> 'nice'\n"
             "    Prop: space -> 'nice to meet you'\n"
@@ -999,8 +999,8 @@
                 boot_img_archive_name,
                 'gztar',
                 # A list of (boot_img_name, kernel_size, partition_size).
-                [('boot-1.0.img', 8 * 1024, 128 * 1024),
-                 ('boot-2.0.img', 16 * 1024, 256 * 1024)],
+                [('boot.img', 8 * 1024, 128 * 1024),
+                 ('boot-lz4.img', 16 * 1024, 256 * 1024)],
                 gki_info)
 
             # Certify the boot image archive, with a RSA4096 key.
@@ -1023,31 +1023,31 @@
                                                  temp_out_dir)
 
             # Checks an AVB footer exists and the image size remains.
-            boot_1_img = os.path.join(temp_out_dir, 'boot-1.0.img')
-            self.assertTrue(has_avb_footer(boot_1_img))
-            self.assertEqual(os.path.getsize(boot_1_img), 128 * 1024)
+            boot_img = os.path.join(temp_out_dir, 'boot.img')
+            self.assertTrue(has_avb_footer(boot_img))
+            self.assertEqual(os.path.getsize(boot_img), 128 * 1024)
 
-            boot_2_img = os.path.join(temp_out_dir, 'boot-2.0.img')
-            self.assertTrue(has_avb_footer(boot_2_img))
-            self.assertEqual(os.path.getsize(boot_2_img), 256 * 1024)
+            boot_lz4_img = os.path.join(temp_out_dir, 'boot-lz4.img')
+            self.assertTrue(has_avb_footer(boot_lz4_img))
+            self.assertEqual(os.path.getsize(boot_lz4_img), 256 * 1024)
 
             # Checks the content in the AVB footer.
             self._test_boot_signatures(
                 temp_out_dir,
-                {'boot-1.0.img': self._EXPECTED_AVB_FOOTER_BOOT_1_0,
-                 'boot-2.0.img': self._EXPECTED_AVB_FOOTER_BOOT_2_0})
+                {'boot.img': self._EXPECTED_AVB_FOOTER_BOOT,
+                 'boot-lz4.img': self._EXPECTED_AVB_FOOTER_BOOT_LZ4})
 
             # Checks the content in the GKI certificate.
             self._test_boot_signatures(
                 temp_out_dir,
-                {'boot-1.0/boot_signature1':
-                    self._EXPECTED_BOOT_1_0_SIGNATURE1_RSA4096,
-                 'boot-1.0/boot_signature2':
-                    self._EXPECTED_BOOT_1_0_SIGNATURE2_RSA4096,
-                 'boot-2.0/boot_signature1':
-                    self._EXPECTED_BOOT_2_0_SIGNATURE1_RSA4096,
-                 'boot-2.0/boot_signature2':
-                    self._EXPECTED_BOOT_2_0_SIGNATURE2_RSA4096})
+                {'boot/boot_signature1':
+                    self._EXPECTED_BOOT_SIGNATURE1_RSA4096,
+                 'boot/boot_signature2':
+                    self._EXPECTED_BOOT_SIGNATURE2_RSA4096,
+                 'boot-lz4/boot_signature1':
+                    self._EXPECTED_BOOT_LZ4_SIGNATURE1_RSA4096,
+                 'boot-lz4/boot_signature2':
+                    self._EXPECTED_BOOT_LZ4_SIGNATURE2_RSA4096})
 
     def test_certify_bootimg_archive_without_gki_info(self):
         """Tests certify_bootimg for a boot images archive."""
@@ -1060,7 +1060,7 @@
                 boot_img_archive_name,
                 'zip',
                 # A list of (boot_img_name, kernel_size, partition_size).
-                [('boot-3.0.img', 8 * 1024, 128 * 1024)],
+                [('boot-gz.img', 8 * 1024, 128 * 1024)],
                 gki_info=None)
             # Certify the boot image archive, with a RSA4096 key.
             boot_certified_img_archive = os.path.join(
@@ -1084,7 +1084,7 @@
                 boot_img_archive_name,
                 'tar',
                 # A list of (boot_img_name, kernel_size, partition_size).
-                [('boot-3.0.img', 8 * 1024, 128 * 1024)],
+                [('boot-gz.img', 8 * 1024, 128 * 1024)],
                 gki_info='a=b\n'
                          'c=d\n')
             # Certify the boot image archive, with a RSA4096 key.
@@ -1107,22 +1107,22 @@
                                                  temp_out_dir)
 
             # Checks an AVB footer exists and the image size remains.
-            boot_3_img = os.path.join(temp_out_dir, 'boot-3.0.img')
+            boot_3_img = os.path.join(temp_out_dir, 'boot-gz.img')
             self.assertTrue(has_avb_footer(boot_3_img))
             self.assertEqual(os.path.getsize(boot_3_img), 128 * 1024)
 
             # Checks the content in the AVB footer.
             self._test_boot_signatures(
                 temp_out_dir,
-                {'boot-3.0.img': self._EXPECTED_AVB_FOOTER_BOOT_3_0})
+                {'boot-gz.img': self._EXPECTED_AVB_FOOTER_BOOT_GZ})
 
             # Checks the content in the GKI certificate.
             self._test_boot_signatures(
                 temp_out_dir,
-                {'boot-3.0/boot_signature1':
-                    self._EXPECTED_BOOT_3_0_SIGNATURE1_RSA4096,
-                 'boot-3.0/boot_signature2':
-                    self._EXPECTED_BOOT_3_0_SIGNATURE2_RSA4096})
+                {'boot-gz/boot_signature1':
+                    self._EXPECTED_BOOT_GZ_SIGNATURE1_RSA4096,
+                 'boot-gz/boot_signature2':
+                    self._EXPECTED_BOOT_GZ_SIGNATURE2_RSA4096})
 
 
 # I don't know how, but we need both the logger configuration and verbosity