Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2026-02-04 12:41:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tests: Pass --verify-profile=medium to certtool if supported

Browse Source 
certtool emits the following message if --verify-profile is not
passed:

Note that no verification profile was selected. In the future the medium profile will be enabled by default.
Use --verify-profile low to apply the default verification of NORMAL priority string.

Pass the --verify-profile option if certtool supports it (since ~3.6.12).

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This commit is contained in:
Stefan Berger 2022-11-02 10:21:52 -04:00 committed by Stefan Berger
parent a2abd3b67d
commit 22e975dc05
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
tests/test_tpm2_swtpm_localca
View File

@ -24,6 +24,10 @@ PATH=${TOPBUILD}/src/swtpm_cert:$PATH
source ${TESTDIR}/common
if [ -n "$(${CERTTOOL} --help | grep -E "\-\-verify-profile")" ]; then
verify_profile="--verify-profile=medium"
fi
trap "cleanup" SIGTERM EXIT
function cleanup()
@ -125,6 +129,7 @@ do
${CERTTOOL} \
--verify \
${verify_profile} \
--load-ca-certificate "${ISSUERCERT}" \
--infile "${workdir}/ek.pem"
if [ $? -ne 0 ]; then

5
tests/test_tpm2_swtpm_localca_pkcs11.test
View File

@ -35,6 +35,10 @@ PATH=${TOPBUILD}/src/swtpm_cert:$PATH
source ${TESTDIR}/common
if [ -n "$(${CERTTOOL} --help | grep -E "\-\-verify-profile")" ]; then
verify_profile="--verify-profile=medium"
fi
trap "cleanup" SIGTERM EXIT
function cleanup()
@ -214,6 +218,7 @@ do
GNUTLS_PIN=${PIN} ${CERTTOOL} \
--verify \
${verify_profile} \
--load-ca-certificate ${ISSUERCERT} \
--infile ${workdir}/ek.pem
if [ $? -ne 0 ]; then