Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-08-25 06:55:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
test_savecontext
swtpm/tests/test_tpm2_ibmtss2
Stefan Berger 8abf473257 tests: Remove RSA 3072 tests only if libtpms not show RSA 3072 support 
Check the libtpms capabilities via 'swtpm_ioctl -i 4' to see whether
libtpms supports RSA 3072 bit keys. Only if this is not the case
deactivate all RSA 3072 bit key tests.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2020-05-04 18:12:24 -04:00

149 lines
3.2 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
if [ ${SWTPM_TEST_EXPENSIVE:-0} -eq 0 ]; then
exit 77
fi
ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SWTPM_SERVER_PORT=65426
SWTPM_SERVER_NAME=127.0.0.1
SWTPM_CTRL_PORT=65427
SWTPM_INTERFACE=socket+socket
function cleanup() {
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
kill_quiet -9 $pid
fi
if [ -n ${WORKDIR} ]; then
rm -rf ${WORKDIR}
fi
}
trap "cleanup" EXIT
source ${TESTDIR}/common
WORKDIR=$(mktemp -d)
REGLOG=${WORKDIR}/reglog
SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm ${SWTPM_INTERFACE} \
--tpm2 \
--tpmstate dir=${WORKDIR} \
--flags not-need-init
pushd ${WORKDIR} &>/dev/null
git clone https://git.code.sf.net/p/ibmtpm20tss/tss ibmtpm20tss-tss
pushd ibmtpm20tss-tss &>/dev/null
git checkout tags/v1.4.0
if [ $? -ne 0 ]; then
echo "'Git checkout' failed."
exit 1
fi
# A v1.4.0 bug work-around:
pushd utils/regtests &>/dev/null
# We cannot run the EK certificate tests since rootcerts.txt points to
# files we do not have
sed -i "133s/./\#\0/" testcredential.sh
sed -i "134s/./\#\0/" testcredential.sh
sed -i "135s/./\#\0/" testcredential.sh
popd &>/dev/null
autoreconf --force --install
unset CFLAGS LDFLAGS LIBS
./configure --disable-tpm-1.2
make -j4
pushd utils
sed -i 's/export CRYPTOLIBRARY.*/export CRYPTOLIBRARY=openssl/' reg.sh
# Adjust test suite to TPM 2.0 revision libtpms is implementing
revision=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 1 |
sed 's/.*,"revision":\([^\}]*\).*/\1/')
echo "Libtpms implements TPM 2.0 revision ${revision}."
if [ $revision -lt 155 ]; then
echo "Removing revision 155 test cases."
for t in regtests/testattest155.sh regtests/testx509.sh
do
rm "${t}"
touch "${t}"
chmod 777 "${t}"
done
fi
rsa3072=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 4 |
sed -n 's/.*"RSAKeySizes":\[\([0-9,]*\)\].*/\1/p' |
grep 3072)
if [ -z "$rsa3072" ]; then
pushd regtests &>/dev/null
echo "Modifying test cases related to RSA 3072 keys."
# We do not support 3072 bit RSA keys at this point, so eliminate all 3072
# RSA key tests
for f in initkeys.sh testrsa.sh testsign.sh; do
sed -i "s| 3072||" "${f}"
done
sed -i "s| \"-rsa 3072\"||" testsalt.sh
popd &>/dev/null
else
echo "swptm/libtpms support RSA 3072 bit keys"
fi
export TPM_SERVER_NAME=127.0.0.1
export TPM_INTERFACE_TYPE=socsim
export TPM_COMMAND_PORT=${SWTPM_SERVER_PORT}
export TPM_PLATFORM_PORT=${SWTPM_CTRL_PORT}
export SWTPM_IOCTL
cat <<_EOF_ > powerup
#!/usr/bin/env bash
\${SWTPM_IOCTL} -i --tcp \${TPM_SERVER_NAME}:\${TPM_PLATFORM_PORT}
exit \$?
_EOF_
chmod 755 powerup
./startup
if [ $? -ne 0 ]; then
echo "Startup of TPM2 failed"
exit 1
fi
./reg.sh -a 2>&1 | tee ${REGLOG}
ret=0
if [ -n "$(grep -E "^ ERROR:" ${REGLOG})" ]; then
echo "There were test failures running the IBM TSS 2 tests"
grep -E "^ ERROR:" ${REGLOG} -B2 -A2
ret=1
fi
# Shut down
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
ret=1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
ret=1
fi
popd &>/dev/null
popd &>/dev/null
popd &>/dev/null
[ $ret -eq 0 ] && echo "OK"
exit $ret
Reference in New Issue View Git Blame Copy Permalink