At present with unified builds the firmware updater has logic like this:

- get model (from SKU ID)
- if that model indicates that the signature ID needs to come from VPD, read it from there
- else use the signature ID from master config

There are tests for this in pack_firmware_functest.py but:

1. We should validate that the signature ID in VPD matches a whitelabel tag (or model) in the master config. At present it just blows up if it cannot find the rootkey file.

2. We still would like to have the overall test which incorporates the signer, firmware packer and firmware updater all together. The functional tests fakes the signer and fakes out the various tools used by the firmware updater. It's a great compromise, but does not do everything a manual test would.

There was a bug for #2 somewhere, but I cannot find it. It might have been closed because it was such a lot of work and we currently have no signer tests.