Proxmox-Port/swtpm
1
0
Fork 0
mirror of https://github.com/stefanberger/swtpm.git synced 2025-12-29 17:20:34 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
857daa32b9
swtpm/tests/test_parameters
Stefan Berger b902468900 swtpm: integrity protect the encrypt TPM state 
Integrity protect the TPM state when it is written in entrypted form.
libtpms state (for TPM1.2) is also integrity protecting the blobs, but
we better determine the integrity of the decrypted data on the layer
above it.
2015-05-19 16:35:08 -04:00

110 lines
2.6 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# For the license, see the LICENSE file in the root directory.
DIR=$(dirname "$0")
ROOT=${DIR}/..
PARAMETERS=(
""
"--createek"
"--take-ownership"
"--createek --lock-nvram"
"--take-ownership --lock-nvram"
"--lock-nvram"
"--take-ownership --ownerpass OOO"
"--take-ownership --srkpass SSS"
"--take-ownership --ownerpass OO --srkpass SS"
"--take-ownership --lock-nvram --display"
"--display"
"--lock-nvram --display"
"--take-ownership --srk-well-known"
"--take-ownership --owner-well-known"
"--take-ownership --srk-well-known --owner-well-known"
"--createek --create-ek-cert --create-platform-cert --lock-nvram --config ${DIR}/swtpm_setup.conf --vmid test --display"
"--createek --create-ek-cert --create-platform-cert --lock-nvram --config ${DIR}/swtpm_setup.conf --vmid test --display --keyfile ${DIR}/data/keyfile.txt"
"--createek --create-ek-cert --create-platform-cert --lock-nvram --config ${DIR}/swtpm_setup.conf --vmid test --display --pwdfile ${DIR}/data/pwdfile.txt"
)
FILESIZES=(
1169
1589
2050
1589
2050
1169
2050
2050
2050
2050
1169
1169
2050
2050
2050
1705
1744
1744
)
if [ "$(id -u)" -ne 0 ]; then
echo "Need to be root to run this test."
exit 77
fi
SWTPM=swtpm
SWTPM_EXE=$ROOT/src/swtpm/$SWTPM
TCSD=`type -P tcsd`
TPMDIR=`mktemp -d`
SWTPM_SETUP_CONF=$ROOT/etc/swtpm_setup.conf
# filesystem privileges require to run swtpm_setup as root during test
TPMAUTHORING="$ROOT/src/swtpm_setup/swtpm_setup --config ${SWTPM_SETUP_CONF} --runas root"
PATH=${PWD}/${ROOT}/src/swtpm_bios:$PATH
PATH=${PWD}/${ROOT}/src/swtpm_setup:$PATH
trap "cleanup" SIGTERM EXIT
if test "$TCSD" = ""; then
echo "TCSD executable 'tcsd' was not found in path."
exit 1
fi
function cleanup()
{
rm -rf $TPMDIR
}
chown tss:tss $TPMDIR 2>/dev/null
if [ $? -ne 0 ]; then
echo "Could not change ownership of $TPMDIR to tss:tss." \
"You need to be root."
exit 1
fi
for (( i=0; i<${#PARAMETERS[*]}; i++)); do
rm -rf $TPMDIR/*
echo -n "Test $i: "
$TPMAUTHORING \
--tpm-state $TPMDIR \
--tpm "$SWTPM_EXE socket" \
${PARAMETERS[$i]} 2>&1 >/dev/null
if [ $? -ne 0 ]; then
echo "ERROR: Test with parameters '${PARAMETERS[$i]}' failed."
exit 1
elif [ ! -f $TPMDIR/tpm-00.permall ]; then
echo "ERROR: Test with parameters '${PARAMETERS[$i]}' did not
produce file $TPMDIR/tpm-00.permall."
exit 1
fi
FILESIZE=`stat -c%s $TPMDIR/tpm-00.permall`
if [ ${FILESIZE} -ne ${FILESIZES[$i]} ]; then
echo "ERROR: Unexpected file size of $FILESIZE, "\
"expected ${FILESIZES[$i]}. Parameters: ${PARAMETERS[$i]}"
exit 1
fi
echo "SUCCESS with parameters '${PARAMETERS[$i]}'."
done
Reference in New Issue View Git Blame Copy Permalink