| #!/bin/bash |
| |
| # For the license, see the LICENSE file in the root directory. |
| #set -x |
| |
| ROOT=${abs_top_builddir:-$(pwd)/..} |
| TESTDIR=${abs_top_testdir:-$(dirname "$0")} |
| |
| PATH=$ROOT/src/swtpm:$PATH |
| |
| [ "${SWTPM_IFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse" |
| source "${TESTDIR}/common" |
| |
| if ! msg="$(${SWTPM_EXE} "${SWTPM_IFACE}" --tpm2 --print-capabilities 2>&1)"; then |
| echo "Error: Could not pass --print-capabilities" |
| echo "${msg}" |
| exit 1 |
| fi |
| |
| if has_seccomp_support "${SWTPM_EXE}"; then |
| seccomp='"cmdarg-seccomp", ' |
| fi |
| if [ "${SWTPM_IFACE}" != "cuse" ]; then |
| noncuse='"tpm-send-command-header", ' |
| fi |
| |
| # The rsa key size reporting is variable, so use a regex |
| exp='\{ "type": "swtpm", '\ |
| '"features": \[( "tpm-1.2",)? "tpm-2.0", '${noncuse}'"flags-opt-startup", '\ |
| '"flags-opt-disable-auto-shutdown", "ctrl-opt-terminate", '${seccomp}'"cmdarg-key-fd", '\ |
| '"cmdarg-pwd-fd", "cmdarg-print-states", "cmdarg-chroot", "cmdarg-migration", '\ |
| '"nvram-backend-dir", "nvram-backend-file"'\ |
| '(, "rsa-keysize-1024")?(, "rsa-keysize-2048")?(, "rsa-keysize-3072")? \], '\ |
| '"version": "[^"]*" \}' |
| if ! [[ ${msg} =~ ${exp} ]]; then |
| echo "Unexpected response from ${SWTPM_IFACE} TPM to --print-capabilities:" |
| echo "Actual : ${msg}" |
| echo "Expected : ${exp}" |
| exit 1 |
| fi |
| |
| echo "Test 1: OK" |
| |
| if ! msg="$(${SWTPM_SETUP} --tpm2 --print-capabilities 2>&1)"; then |
| echo "Error: Could not pass --print-capabilities" |
| echo "${msg}" |
| exit 1 |
| fi |
| |
| # The are some variable parameters at the end, use regex |
| exp='\{ "type": "swtpm_setup", '\ |
| '"features": \[( "tpm-1.2",)? "tpm-2.0", "cmdarg-keyfile-fd", "cmdarg-pwdfile-fd", '\ |
| '"tpm12-not-need-root", "cmdarg-write-ek-cert-files", "cmdarg-create-config-files", '\ |
| '"cmdarg-reconfigure-pcr-banks"(, "tpm2-rsa-keysize-2048")?(, "tpm2-rsa-keysize-3072")?'\ |
| ' \], '\ |
| '"version": "[^"]*" \}' |
| if ! [[ ${msg} =~ ${exp} ]]; then |
| echo "Unexpected response from ${SWTPM_SETUP} to --print-capabilities:" |
| echo "Actual : ${msg}" |
| echo "Expected : ${exp}" |
| exit 1 |
| fi |
| |
| echo "Test 2: OK" |
| |
| # SWTPM_CERT may be run by valgrind |
| if [ -x "$(type -P "$(echo "${SWTPM_CERT}" | cut -d" " -f1)" )" ]; then |
| if ! msg="$(${SWTPM_CERT} --tpm2 --print-capabilities 2>&1)"; then |
| echo "Error: Could not pass --print-capabilities to ${SWTPM_CERT}" |
| echo "${msg}" |
| exit 1 |
| fi |
| |
| exp='\{ "type": "swtpm_cert", "features": \[ "cmdarg-signkey-pwd", "cmdarg-parentkey-pwd" \], "version": "[^"]*" \}' |
| if ! [[ "${msg}" =~ ${exp} ]]; then |
| echo "Unexpected response from ${SWTPM_CERT} to --print-capabilities:" |
| echo "Actual : ${msg}" |
| echo "Expected : ${exp}" |
| exit 1 |
| fi |
| |
| echo "Test 3: OK" |
| else |
| echo "Test 3: SKIP -- ${SWTPM_CERT} not found or not an executable" |
| fi |
| |
| exit 0 |