mirror of
https://github.com/stefanberger/swtpm.git
synced 2025-08-22 19:04:35 +00:00
2b60723766
Implement the option --create-config-files to create config files for swtpm_setup and swtpm-localca for a user account. The files will be created under the $XDG_CONFIG_HOME or $HOME/.config directories. This option supports optional arguments 'overwrite' to allow overwriting existing config files as well as the optional argument 'root' to create config files under root's home directory. Both options can be passed by separating them with a ','. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
79 lines
2.3 KiB
Bash
Executable File
79 lines
2.3 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# For the license, see the LICENSE file in the root directory.
|
|
#set -x
|
|
|
|
ROOT=${abs_top_builddir:-$(pwd)/..}
|
|
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
|
|
|
|
PATH=$ROOT/src/swtpm:$PATH
|
|
|
|
[ "${SWTPM_IFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
|
|
source ${TESTDIR}/common
|
|
|
|
msg="$(${SWTPM_EXE} ${SWTPM_IFACE} --print-capabilities 2>&1)"
|
|
if [ $? -ne 0 ]; then
|
|
echo "Error: Could not pass --print-capabilities"
|
|
echo "${msg}"
|
|
exit 1
|
|
fi
|
|
|
|
if has_seccomp_support "${SWTPM_EXE}"; then
|
|
seccomp='"cmdarg-seccomp", '
|
|
fi
|
|
if [ "${SWTPM_IFACE}" != "cuse" ]; then
|
|
noncuse='"tpm-send-command-header", "flags-opt-startup", '
|
|
fi
|
|
|
|
exp='\{ "type": "swtpm", "features": \[ "tpm-1.2",( "tpm-2.0",)? '${noncuse}${seccomp}'"cmdarg-key-fd", "cmdarg-pwd-fd", "cmdarg-print-states", "nvram-backend-dir", "nvram-backend-file" \], "version": "[^"]*" \}'
|
|
if ! [[ ${msg} =~ ${exp} ]]; then
|
|
echo "Unexpected response from ${SWTPM_IFACE} TPM to --print-capabilities:"
|
|
echo "Actual : ${msg}"
|
|
echo "Expected : ${exp}"
|
|
exit 1
|
|
fi
|
|
|
|
echo "Test 1: OK"
|
|
|
|
msg="$(${SWTPM_SETUP} --print-capabilities 2>&1)"
|
|
if [ $? -ne 0 ]; then
|
|
echo "Error: Could not pass --print-capabilities"
|
|
echo "${msg}"
|
|
exit 1
|
|
fi
|
|
|
|
# The are some variable parameters at the end, use regex
|
|
exp='\{ "type": "swtpm_setup", "features": \[ "tpm-1.2",( "tpm-2.0",)? "cmdarg-keyfile-fd", "cmdarg-pwdfile-fd", "tpm12-not-need-root", "cmdarg-write-ek-cert-files", "cmdarg-create-config-files"(, "tpm2-rsa-keysize-2048")?(, "tpm2-rsa-keysize-3072")? \], "version": "[^"]*" \}'
|
|
if ! [[ ${msg} =~ ${exp} ]]; then
|
|
echo "Unexpected response from ${SWTPM_SETUP} to --print-capabilities:"
|
|
echo "Actual : ${msg}"
|
|
echo "Expected : ${exp}"
|
|
exit 1
|
|
fi
|
|
|
|
echo "Test 2: OK"
|
|
|
|
# SWTPM_CERT may be run by valgrind
|
|
if [ -x "$(type -P $(echo "${SWTPM_CERT}" | cut -d" " -f1) )" ]; then
|
|
msg="$(${SWTPM_CERT} --print-capabilities 2>&1)"
|
|
if [ $? -ne 0 ]; then
|
|
echo "Error: Could not pass --print-capabilities to ${SWTPM_CERT}"
|
|
echo "${msg}"
|
|
exit 1
|
|
fi
|
|
|
|
exp='\{ "type": "swtpm_cert", "features": \[ "cmdarg-signkey-pwd", "cmdarg-parentkey-pwd" \], "version": "[^"]*" \}'
|
|
if ! [[ "${msg}" =~ ${exp} ]]; then
|
|
echo "Unexpected response from ${SWTPM_CERT} to --print-capabilities:"
|
|
echo "Actual : ${msg}"
|
|
echo "Expected : ${exp}"
|
|
exit 1
|
|
fi
|
|
|
|
echo "Test 3: OK"
|
|
else
|
|
echo "Test 3: SKIP -- ${SWTPM_CERT} not found or not an executable"
|
|
fi
|
|
|
|
exit 0
|