Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-22 19:04:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
stable-0.3.0
swtpm/tests/test_tpm2_swtpm_setup_create_cert
Stefan Berger f9547ddc2c swtpm_setup: Enable spaces in paths and other variables 
This patch addresses several issues found with shellcheck. In particular
it now enables variables with spaces in them, such as file paths that
contain spaces.

Adjust one of the accompanying test cases to use spaces in the path.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2020-01-27 09:16:16 -05:00

139 lines
3.3 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
# For the license, see the LICENSE file in the root directory.
TOPBUILD=${abs_top_builddir:-$(dirname "$0")/..}
TOPSRC=${abs_top_srcdir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SWTPM_SETUP=${TOPBUILD}/src/swtpm_setup/swtpm_setup
SWTPM_LOCALCA=${TOPSRC}/samples/swtpm-localca
SWTPM=${TOPBUILD}/src/swtpm/swtpm
SWTPM_IOCTL=${TOPBUILD}/src/swtpm_ioctl/swtpm_ioctl
workdir=$(mktemp -d "/tmp/path with spaces.XXXXXX")
SIGNINGKEY=${workdir}/signingkey.pem
ISSUERCERT=${workdir}/issuercert.pem
CERTSERIAL=${workdir}/certserial
PATH=${TOPBUILD}/src/swtpm_bios:$PATH
trap "cleanup" SIGTERM EXIT
function cleanup()
{
rm -rf "${workdir}"
}
# Quirk for Cygwin
if [[ "$(uname -s)" =~ ^CYGWIN ]]; then
# quirk for CYGWIN where the swtpm_setup executable in is .libs/
cp ${SWTPM_SETUP}.sh $(dirname ${SWTPM_SETUP})/.libs
fi
# We want swtpm_cert to use the local CA and see that the
# local CA script automatically creates a signingkey and
# self-signed certificate
cat <<_EOF_ > "${workdir}/swtpm-localca.conf"
statedir=${workdir}
signingkey = ${SIGNINGKEY}
issuercert = ${ISSUERCERT}
certserial = ${CERTSERIAL}
_EOF_
cat <<_EOF_ > "${workdir}/swtpm-localca.options"
--tpm-manufacturer IBM
--tpm-model swtpm-libtpms
--tpm-version 2
--platform-manufacturer "Fedora XYZ"
--platform-version 2.1
--platform-model "QEMU A.B"
_EOF_
cat <<_EOF_ > "${workdir}/swtpm_setup.conf"
create_certs_tool=${SWTPM_LOCALCA}
create_certs_tool_config=${workdir}/swtpm-localca.conf
create_certs_tool_options=${workdir}/swtpm-localca.options
_EOF_
# We need to adapt the PATH so the correct swtpm_cert is picked
export PATH=${TOPBUILD}/src/swtpm_cert:${PATH}
# we need to create at least one cert: --create-ek-cert
$SWTPM_SETUP \
--tpm2 \
--allow-signing \
--tpm-state "${workdir}" \
--create-ek-cert \
--create-platform-cert \
--config "${workdir}/swtpm_setup.conf" \
--logfile "${workdir}/logfile" \
--tpm "${SWTPM} socket ${SWTPM_TEST_SECCOMP_OPT}" \
--swtpm_ioctl "${SWTPM_IOCTL}"
if [ $? -ne 0 ]; then
echo "Error: Could not run $SWTPM_SETUP."
echo "Logfile output:"
cat "${workdir}/logfile"
exit 1
fi
if [ ! -r "${SIGNINGKEY}" ]; then
echo "Error: Signingkey file ${SIGNINGKEY} was not created."
exit 1
fi
if [ ! -r "${ISSUERCERT}" ]; then
echo "Error: Issuer cert file ${ISSUERCERT} was not created."
exit 1
fi
if [ ! -r "${CERTSERIAL}" ]; then
echo "Error: Cert serial number file ${CERTSERIAL} was not created."
exit 1
fi
echo "Test 1: OK"
rm -rf ${SIGNINGKEY} ${ISSUERCERT} ${CERTSERIAL}
# we need to create at least one cert: --create-ek-cert
$SWTPM_SETUP \
--tpm2 \
--ecc \
--tpm-state "${workdir}" \
--create-ek-cert \
--config "${workdir}/swtpm_setup.conf" \
--logfile "${workdir}/logfile" \
--tpm "${SWTPM} socket ${SWTPM_TEST_SECCOMP_OPT}" \
--swtpm_ioctl "${SWTPM_IOCTL}" \
--overwrite
if [ $? -ne 0 ]; then
echo "Error: Could not run $SWTPM_SETUP."
echo "Logfile output:"
cat "${workdir}/logfile"
exit 1
fi
if [ ! -r "${SIGNINGKEY}" ]; then
echo "Error: Signingkey file ${SIGNINGKEY} was not created."
exit 1
fi
if [ ! -r "${ISSUERCERT}" ]; then
echo "Error: Issuer cert file ${ISSUERCERT} was not created."
exit 1
fi
if [ ! -r "${CERTSERIAL}" ]; then
echo "Error: Cert serial number file ${CERTSERIAL} was not created."
exit 1
fi
echo "Test 2: OK"
exit 0
Reference in New Issue View Git Blame Copy Permalink