Use 'swtpm --help | grep cuse' to determine whether CUSE interface
is supported and CUSE related tests need to run. Make sure that
SWTPM_EXE is available when test_cuse is sourced.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
SWTPM was set to 'swtpm' and only for uninstalled tests. Remove it and
replace its usage with 'swtpm' everywhere.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Move swtpm_open_cmddev call into swtpm_cmd_tx since the latter function is
always called in a subshell that previously inherited the file descriptor
opened by the test cases. Remove swtpm_cmd_tx from nearly all test cases
and also remove closing of file descriptor 100 via 'exec 100>&-' from test
cases since this is not necessary anymore.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Some tests are expected to fail. Capture the error output and test it
against epected error output. This also makes the test output less
noisy.
Also remove some other output noise.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Call a function display_processes_by_name that displays all processes
if needed. The function is quiet, though.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Use pbkdf2 as the default kdf and sha512 for the existing
test case. Do away with file limit of 32 bytes. This may
break backwards compatibility for some but better to do this
before a release...
Switch the existing test cases to use kdf=sha512 on the command
line where necessary to that the state for these test cases
does not need to be recreated.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Pass the top_builddir and top_srcdir via TESTS_ENVIRONMENT
variable in Makefile.am.
Use TESTDIR for the path to the test directory and replace
previously used DIR in all occurences.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Whenever we encrypt the data we generate a new random IV and append a
tlv block with the IV to the byte stream. We mark the IV with different
tags depending on whether they are for the migration data or the (TPM)
data directly. All IVs are part of the HMAC and are added to it after
the data blob.
Adjust test cases that now return larger sizes of data. A constant
checksum over the data cannot be expected anymore, thus we have to remove
the verification of the checksum over the returned state (IV changes
every time).
The size of the blobs grow by 22 bytes, 6 for the tlv header, 16 bytes
for the IV (128 bit AES key).
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Prepend tag-length-value (tlv) headers in front of all data being stored in
the byte stream following the header. This lets us uniquely identify plain
data (= TPM state), encrypted data (= encrytped TPM state), migration data
(which is wrapped plain or encrytped TPM state), and an HMAC block to
validate the plain data.
We keep support for version 1 for reading the data but convert them to
version 2 when writing them out. This way we loose backwards compatibility
(downgrading of swtpm is not possible), but it allows us to extend the state
in the future by adding addition blocks with tlv headers.
Version 1 of the encryption was prepending the hash on the plaintext data
then encrypting all of it. This method is not so good. In version 2 we now
use Encrypt-then-MAC (EtM) where we encrypt the data and then calculate an
HMAC on the encrypted data.
Files written by the swtpm didn't have a header before. Now they also get a
header. This means that the state written into files and the state retrieved
using the API (swtpm_ioctl --save) have the same format, but still differ
in so far as the API wraps the data in a tlv header for migration, which the
files written out as state would never get.
Adapt a couple of test cases show file sizes and hashes have changed now.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Rather than writing to files directly and having to validate the state in
those files using TPMLIB_ValidatetState(), we now use the new
TPMLIB_SetState() call to set the TPM's state blobs. The advantage of this
call is that it doesn't overwrite state files and ends up leaving state in
files that the TPM cannot use. Instead, it validates the state immediately
when the blob is set and returns an error in case the state cannot be
accepted.
We need to adapt one test case that now gets a failure earlier than before.
Before the TPM_INIT failed, now setting the encrypted blob fails because it
cannot be decrypted and thus cannot be accepted by the TPM.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Loading an invalid state blobs now fails ealier since libtpms is
called to check whether it can accept the blob.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
OpenBSD uses different tools for sha1 and file size calculations,
so we wrap them in functions and check which one to call by using
uname -s.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Refactor the tests so that they all run on socket interfaces as well.
Use socket ports in the range of 65400-65499 for TPM 1.2 tests.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
