Changes to libtpms will require that the volatile state files
during this test may be larger than 9000 bytes.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This patch fixes the following issue:
$ ./src/swtpm/swtpm chardev --print-capabilities --tpm2
swtpm: Error: Missing character device or file descriptor
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Due to recent changes in tcsd, it doesn't accept 'tss:tss 0600' anymore
for the tcsd config file but we need to use 'root:tss 0640' for it.
So far only Fedora seems to be affected. It now depends on whether tcsd
has been patched what ownership is required. So we try first the old
configuration and then the new one.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Apply the password for the signing key and parent key when creating a
platform certificate. The bug was introduced in commit 961bb827
"samples: Use new pwd format option for secretly passing passwords"
Extend a test case to ensure that the passwords are always used.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Switch over to the new python implementation of swtpm_setup. We need to
also adjust test cases that involved the tcsd that otherwise fail for
various reasons. For in-place testing we need to adjust the PYTHONPATH
and PATH so that swtpm_setup.py can be found and so that swtpm_setup.py
then finds swtpm if it is not explicitly passed as parameter.
Adjust the man page for swtpm_setup to reflect the changes.
We now can run swtpm_setup as any user. However, libvirt still runs it
as tss:tss (for example), which is then creating the signing key as tss:tss
as well. Ideally libvirt would run it as tss:root or any other combination
since the tss group may be used for user wanting to access /dev/tpmrm0 for
example. We at least change the directory ownership of /var/lib/swtpm-localca
to tss:root and keep the world out of this directory.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Modify the pkcs11 related test case to set the environment variable for
softhsm_setup to use the temporary directory for config file and state
of softhsm. Also set the SOFTHSM2_CONF environment variable since
certtool also uses the pkcs11 module which in turn will look for its
config file.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Use softhsm's SOFTHSM2_CONF environment variable to set the directory
where the configration file is located so that we can now use a temporary
directory for the location of the directory. Use the environment variable
SOFTHSM_SETUP_CONFIGDIR to set the directory where softhsm_setup can
setup its temporary environment for the config file and state of softhsm.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Slow systems, like Cygwin, need so much time from taking the time to sending
the command that we need to take the current time again to check whether the
success is valid. Previously the test may have failed since the old time that
was taken did not allow the success to be valid.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The OpenBSD implementation of 'od -tx1' prints two spaces between
hexbytes, thus the grep for "00 00 00 00" fails and we report an
invalid error. This patch fixes this by squeezing the two consecutive
spaces.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
We have occasional test failures on Travis running tests on OS X where
time seems to be going backwards in the dictionary attack timeout test.
This patch tries to detect that the time went backwards and skip the
test once a failure would have been detected.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Extend the swtpm-localca test with odd vmid string to ensure
that they go into the certificate unmodified.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Have the tpm2_ptool use a store in the temporary directory so that
with every test we have a clean environment.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Assign the unique port 65452/65354 to test_tpm2_save_load_state to
avoid conflict with test_tpm_probe also using
SWTPM_SERVER_PORT=65526
SWTPM_CTRL_PORT=65527
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Assign the unique ports 65450/65451 to test_tpm2_sample_create_tpmca
to avoid clashes with test_samples_create_tpmca that is using
SWTPM_SERVER_PORT=65434
SWTPM_CTRL_PORT=65435
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Assign unique ports 65448/65449 to test_tpm2_setbuffersize to avoid clash
with test_samples_create_tpmca using TCSD_LISTEN_PORT=65436.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The generated sample keys started with 00010203, thus leaving the upper
15 bits of the key as '0', which in turn causes gnutls to think that the
key is only 2033 bit long, thus rejecting certificate verification once
the min-verification-profile is set to 'medium' in gnutls's config file
in /etc/crypto-policies/back-ends/gnutls.config.
We now create sample keys starting with 800102, which sets the highest bit.
This fixes test errors on Fedora Rawhide due to the change in the
min-verification-profile setting in gnutls.config.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The OpenBSD implementation of 'od -tx1' prints two spaces between
hexbytes, thus the grep for "00 00 00 00" fails and we report an
invalid error. This patch fixes this by squeezing the two consecutive
spaces.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Upgrade to use the IBM TSS2 tests from v1.5.0.
Add a patch that eliminates all testing of 3072 bit RSA keys in case
libtpms does not support such keys. This test also passes with libtpms
0.6.0 and 0.7.0.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
libtpms version 0.6.3, 0.7.3, and master have a change to the TPM 2 code
that affects the pcrUpdateCounter, which now returns a smaller value than
before.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The first part of the derived key test only works fine on 64 bit
little endian machines. Skip big endian machines.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Extend the --print-capabilities option to also report supported RSA
key sizes. Only the TPM 2 may support anything else than 2048 bit RSA
keys, so we only consult 'swtpm socket --tpm2 --print-capabilities'
and grep for 2048 and 3072 key sizes and report them.
If nothing is found, nothing is reported, as before, and 2048 bit RSA
keys should be assumed.
'swtpm_setup --tpm2 --print-capabilities' may now show the following:
{
"type": "swtpm_setup",
"features": [
"cmdarg-keyfile-fd",
"cmdarg-pwdfile-fd",
"tpm2-rsa-keysize-2048",
"tpm2-rsa-keysize-3072"
]
}
Also adjust a test case to use a regular expression for matching
against an expected string that may nor may not have rsa-keysize
verbs.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Check the libtpms capabilities via 'swtpm_ioctl -i 4' to see whether
libtpms supports RSA 3072 bit keys. Only if this is not the case
deactivate all RSA 3072 bit key tests.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Construct RSA key size capability strings from libtpms TPMLIB_GetInfo()
string so that we can easily show which RSA key sizes are supported by
the TPM 2 implementation. If none are advertised, 1024 & 2048 can be
assumed to be supported.
'swtpm socket --tpm2 --print-capabilities' may now print the following:
{
"type": "swtpm",
"features": [
"tpm-send-command-header",
"flags-opt-startup",
"cmdarg-seccomp",
"cmdarg-key-fd",
"cmdarg-pwd-fd",
"no-tpm12-tools",
"rsa-keysize-1024",
"rsa-keysize-2048",
"rsa-keysize-3072"
]
}
We need to adapt the related test case to use a regular expression since
the rsa-keysize-xyz strings may or may not be there depending on libtpms
version.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
If the host is missing tcsd (trousers) or the tpm-tools, swtpm_setup
will now report the 'no-tpm12-tools' verb like this:
> swtpm_setup --print-capabilities | jq
{
"type": "swtpm_setup",
"features": [
"cmdarg-keyfile-fd",
"cmdarg-pwdfile-fd",
"no-tpm12-tools"
]
}
The only TPM 1.2 setup parameter that requires interaction with
the TPM 1.2 that can be pass is then '--createek'.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
tssgetcapability only retrieves a maximum of 64 handles by default.
However, there are 65 persisted keys. Pass -pc 80 to the command to
see all 65 Handles.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add a test case that fills up the NVRAM area with as many persisted keys
as possible and then fills up the rest with an NVRAM index so that all
space is occupied. We have to be able to load this state again into the
NVRAM once the OBJECT's size increases due to RSA keys size increase,
which must have us increase the total size of NVRAM in libtpm's TPM profile.
The state in tests/data/tpm2state5/tpm2-00.permall was created using
libtpms 0.6.0, where only 2048 bit keys were supported and total NVRAM size
was 128kb. This state file should never be changed and always be loadable
into a current libtpms. In its USER NVRAM it holds 64 persisted 2048 bit
keys and an NVRAM index with 236 bytes. For this to stay the reference
NVRAM, we need to make sure that it fits exactly to the byte.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Sometimes the download of the TPM 1.2 test suite from sourceforge
fails. So retry up to 3 times and wait a random seconds in the interval
of [3..10] before retrying.
Check the hash of the file we downloaded to make sure we get what we
expected.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add a test case testing the returned value from
swtpm <iface> --tpm2 --print-capabilities
along with those return from swtpm_setup.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Extend the script that creates a CA that uses a TPM 2 for signing.
For this we have to create tokens using the TPM 2 pkcs11 module's
tpm2_ptool and can then use the p11tool for creating keys.
Add a test case that requires a running tpm2-abrmd and tpm2_ptool.
Eventually the test case should (try to) start its own tpm2-abrmd
and talk to swtpm directly but the tcti module to do that isn't
available as a package, yet.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Create orderly NVRAM indices and then clear the TPM 2 so that NvDeleteRam()
gets executed and we get better code coverage.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Modify the test_tpm2_save_load_state_3 to create 2 orderly NVRAM indices
in the first two locations. Those indices will be cleared by a reset
of the TPM and therefore cannot be read once the TPM 2 restarts after
the reset. This also provides better test coverage.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The IBM TSS2 is available starting with Bionic. Use it there
to extend the test coverage of the code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
To make the test cases work on Travis on Bionic replace all occurrences of
localhost with 127.0.0.1. The only affected client tools seem to be those
related to the TPM 1.2 and the IBM TSS2. For some reason the API used
there cannot resolve localhost to 127.0.0.1.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The simplest way to detect whether SWTPM_EXE is a 64 bit application on
Linux is to check whether it links against any library in a */lib64/*
directory and only if this is the case we run a particular test case for
which we know what keys 64 bit TPMs are producing given a pre-created
state.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Upgrade to use the IBM TSS2 tests from v1.4.0 but eliminate all testing
with 3072 bit RSA keys.
This test also passes with libtpms 0.6.0 and 0.7.0.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
'swtpm chardev --vptm-proxy' currently requires a '--flag startup-xyz'
to be passed since otherwise the need_init_cmd variable would not be
set to false and swtpm would terminate after sending the startup
command. To maintain backwards compatibility we have to always
set the need_init_cmd variable to false for the --vtpm-proxy case
and must not require a startup flag to be passed.
Roll back one of the test case to not use the startup flag.
Fixes: e6bc4bdf0 ('swtpm: Enable sending startup commands ...')
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
libtpms may not support TDES, so we have to skip test case 4 in
case we encounter an allowed error message.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Adjust the vtpm proxy test case and others to make use of the new
startup options. Make sure that subsequent Startups sent to the
TPM fail with the expected error code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Give swtpm more time to close the port. This became an issue when running
the tests and all executables are valgrind'ed.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Add support for the --print-capabilities option to display newly
added capabilities. Adpat the man page and related test case.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Allow passing signing key and parent key via files and file descriptors
and environment variables. Adapt a test case to exercise this new
functionality.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Address several issues reported by shellcheck and protect
variables with quotes so we now can have filenames with spaces.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
This patch addresses several issues found with shellcheck. In particular
it now enables variables with spaces in them, such as file paths that
contain spaces.
Adjust one of the accompanying test cases to use spaces in the path.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Protect variables with quotes so that pathnames with spaces are now
supported.
Adjust the accompanying test case to make use of spaces in file paths.
Address several issues found by shellcheck. Some of them are false
positives especially when it comes to protecting variables passed
to a commaned in an 'eval' line. They must not be protected, otherwise
they are not passed correctly.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
