Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-22 10:30:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
stable-0.9
swtpm/tests/test_tpm2_swtpm_cert_ecc
Stefan Berger 5704342aa8 tests: Fix shellcheck issue SC2181 by if cmd; ... 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2023-01-27 11:58:54 -05:00

137 lines
3.4 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
# For the license, see the LICENSE file in the root directory.
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SWTPM_CERT=${SWTPM_CERT:-${ROOT}/src/swtpm_cert/swtpm_cert}
cert="$(mktemp)" || exit 1
trap "cleanup" SIGTERM EXIT
function cleanup()
{
rm -f "${cert}"
}
function check_cert_size()
{
local cert="$1"
local exp="$2"
local size
# Unfortunately different GnuTLS versions may create certs of different
# sizes; deactivate this test for now
return
size=$(stat -c%s "${cert}" 2>/dev/null)
if [ "$size" -ne "$exp" ]; then
echo "Warning: Certificate file has unexpected size."
echo " Expected: $exp; found: $size"
fi
}
if ! ${SWTPM_CERT} \
--tpm2 \
--signkey "${TESTDIR}/data/signkey.pem" \
--issuercert "${TESTDIR}/data/issuercert.pem" \
--out-cert "${cert}" \
--ecc-x 61eaf811ea582656ca2a835dd1b9cd63eb196d7ff62711d6e9b8f85e580a47ca \
--ecc-y a51efdc71fd6c791a24a75beb50526aa81b44cc598e65b2d5e116084aea4cb5b \
--days 3650 \
--pem \
--tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 2.0 \
--tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0; then
echo "Error: ${SWTPM_CERT} returned error code."
exit 1
fi
#expecting size to be constant
check_cert_size "{$cert}" 948
#certtool --certificate-info --infile "${cert}"
#openssl x509 -in "${cert}" -text
# truncate result file
echo -n > "${cert}"
echo "Test 1: OK"
if ! ${SWTPM_CERT} \
--tpm2 \
--signkey "${TESTDIR}/data/signkey.pem" \
--issuercert "${TESTDIR}/data/issuercert.pem" \
--out-cert "${cert}" \
--ecc-x 61eaf811ea582656ca2a835dd1b9cd63eb196d7ff62711d6e9b8f85e580a47ca \
--ecc-y a51efdc71fd6c791a24a75beb50526aa81b44cc598e65b2d5e116084aea4cb5b \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
--tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 1.2 \
--tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0; then
echo "Error: ${SWTPM_CERT} returned error code."
exit 1
fi
#expecting size to be constant
check_cert_size "{$cert}" 1025
# truncate result file
echo -n > "${cert}"
echo "Test 2: OK"
if ! ${SWTPM_CERT} \
--tpm2 \
--signkey "${TESTDIR}/data/signkey.pem" \
--issuercert "${TESTDIR}/data/issuercert.pem" \
--out-cert "${cert}" \
--pubkey "${TESTDIR}/data/ecpubek.pem" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
--tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 1.2 \
--tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0; then
echo "Error: ${SWTPM_CERT} returned error code."
exit 1
fi
#expecting size to be constant
check_cert_size "{$cert}" 1025
# truncate result file
#certtool --certificate-info --infile ${cert}
echo -n > "${cert}"
echo "Test 3: OK"
###################### Platform Certificate #####################
if ! ${SWTPM_CERT} \
--tpm2 \
--type platform \
--signkey "${TESTDIR}/data/signkey.pem" \
--issuercert "${TESTDIR}/data/issuercert.pem" \
--pubkey "${TESTDIR}/data/ecpubek.pem" \
--out-cert "${cert}" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
--tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 1.2 \
--platform-manufacturer Fedora \
--platform-model QEMU \
--platform-version 2.1; then
echo "Error: ${SWTPM_CERT} returned error code."
exit 1
fi
#expecting size to be constant
check_cert_size "{$cert}" 1070
# truncate result file
#certtool --certificate-info --infile ${cert}
echo -n > "${cert}"
echo "Test 4: OK"
Reference in New Issue View Git Blame Copy Permalink