Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2026-02-05 05:59:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
5211d89dfb
swtpm/tests/test_tpm2_parameters
Stefan Berger 08da93a96f swtpm_setup: Implement support for ECC keys 
Implement support in swtpm_setup.sh so that the TPM's primary key
can be an ECC key.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2018-08-07 12:19:46 -04:00

88 lines
3.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# For the license, see the LICENSE file in the root directory.
DIR=$(dirname "$0")
ROOT=${DIR}/..
PARAMETERS=(
""
"--createek"
"--createek --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display"
"--createek --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --keyfile ${DIR}/data/keyfile.txt"
"--createek --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --pwdfile ${DIR}/data/pwdfile.txt"
"--createek --allow-signing"
"--createek --allow-signing --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display"
"--createek --allow-signing --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --keyfile ${DIR}/data/keyfile.txt"
"--createek --allow-signing --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --pwdfile ${DIR}/data/pwdfile.txt"
"--ecc --createek"
"--ecc --createek --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display"
"--ecc --createek --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --keyfile ${DIR}/data/keyfile.txt"
"--ecc --createek --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --pwdfile ${DIR}/data/pwdfile.txt"
"--ecc --createek --allow-signing"
"--ecc --createek --allow-signing --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display"
"--ecc --createek --allow-signing --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --keyfile ${DIR}/data/keyfile.txt"
"--ecc --createek --allow-signing --create-ek-cert --create-platform-cert --config ${DIR}/swtpm_setup.conf --vmid test --display --pwdfile ${DIR}/data/pwdfile.txt"
)
# produced file size is always the same with TPM2
if [ "$(id -u)" -ne 0 ]; then
echo "Need to be root to run this test."
exit 77
fi
SWTPM=swtpm
SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
TPMDIR=$(mktemp -d)
SWTPM_SETUP_CONF=$ROOT/etc/swtpm_setup.conf
SWTPM_IOCTL=$ROOT/src/swtpm_ioctl/swtpm_ioctl
# filesystem privileges require to run swtpm_setup as root during test
TPMAUTHORING="$ROOT/src/swtpm_setup/swtpm_setup --tpm2 --config ${SWTPM_SETUP_CONF} --runas root"
PATH=${PWD}/${ROOT}/src/swtpm_bios:$PATH
PATH=${PWD}/${ROOT}/src/swtpm_setup:$PATH
source ${DIR}/test_config
trap "cleanup" SIGTERM EXIT
function cleanup()
{
if [ -n "$TPMDIR" ]; then
rm -rf $TPMDIR
fi
}
chown $TSS_USER:$TSS_GROUP $TPMDIR 2>/dev/null
if [ $? -ne 0 ]; then
echo "Could not change ownership of $TPMDIR to $TSS_USER:$TSS_GROUP." \
"You need to be root."
exit 1
fi
# swtpm_setup.conf points to the local create_certs.sh
# For create_certs.sh to be found (with out full path)
# add this directory to the PATH
PATH=$PATH:$DIR
for (( i=0; i<${#PARAMETERS[*]}; i++)); do
rm -rf $TPMDIR/*
echo -n "Test $i: "
$TPMAUTHORING \
--tpm-state $TPMDIR \
--tpm "$SWTPM_EXE socket" \
--swtpm_ioctl "$SWTPM_IOCTL" \
${PARAMETERS[$i]} 2>&1 >/dev/null
if [ $? -ne 0 ]; then
echo "ERROR: Test with parameters '${PARAMETERS[$i]}' failed."
exit 1
elif [ ! -f $TPMDIR/tpm2-00.permall ]; then
echo "ERROR: Test with parameters '${PARAMETERS[$i]}' did not
produce file $TPMDIR/tpm2-00.permall."
exit 1
fi
echo "SUCCESS with parameters '${PARAMETERS[$i]}'."
done
Reference in New Issue View Git Blame Copy Permalink