tests: Fix code to pass shellcheck with some errors disabled
Fix the test cases to pass shellcheck with some of the errors
disable.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
diff --git a/Makefile.am b/Makefile.am
index 25c3068..5dcbedc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -27,4 +27,7 @@
@cd src/selinux && $(MAKE) $(AM_MAKEFLAGS) $@
endif
-.PHONY: selinux-install selinux-uninstall
+syntax-check:
+ @cd tests && $(MAKE) syntax-check
+
+.PHONY: selinux-install selinux-uninstall syntax-check
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 9dd5d4d..773ba1e 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -107,9 +107,16 @@
endif
-EXTRA_DIST=$(TESTS) \
- swtpm_setup.conf \
+TEST_UTILS = \
common \
+ load_vtpm_proxy \
+ test_common \
+ test_cuse
+
+EXTRA_DIST = \
+ $(TESTS) \
+ $(TEST_UTILS) \
+ swtpm_setup.conf \
create_certs.sh \
data/ecpubek.pem \
data/ecprivek.pem \
@@ -157,7 +164,6 @@
data/tpm2state4/tpm2-00.permall \
data/tpm2state5/signature.bin \
data/tpm2state5/tpm2-00.permall \
- load_vtpm_proxy \
patches/0001-Deactivate-test-cases-accessing-rootcerts.txt.patch \
patches/0002-Implement-powerup-for-swtpm.patch \
patches/0003-Set-CRYPTOLIBRARY-to-openssl.patch \
@@ -170,8 +176,6 @@
patches/libtpm.patch \
softhsm_setup \
test_clientfds.py \
- test_common \
- test_cuse \
test_setdatafd.py \
test_swtpm_cert \
_test_encrypted_state \
@@ -231,4 +235,18 @@
echo "*** Using SWTPM_CERT=$$SWTPM_CERT"; \
fi
+.PHONY: syntax-check
+syntax-check:
+# SC2001: See if you can use ${variable//search/replace} instead.
+# SC2009: Consider using pgrep instead of grepping ps output.
+# Sc2010: Don't use ls | grep. Use a glob or a for loop with a condition to allow non-alphanumeric filenames.
+# SC2115: Use "${var:?}" to ensure this never expands to /*.
+# SC2126: Consider using grep -c instead of grep | wc
+# SC2143: Use grep -q instead of comparing output with [ -n .. ].
+# SC2148: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
+# SC2164: Use cd ... || exit in case cd fails.
+# SC2181: Check exit code directly with e.g. if mycmd;, not indirectly with $?.
+ shellcheck -e SC2001,SC2009,SC2010,SC2115,SC2126,SC2143,SC2148,SC2164,SC2181 \
+ $(TESTS) $(TEST_UTILS) $(filter _test_%,$(EXTRA_DIST))
+
check: check-am check-display
diff --git a/tests/_test_encrypted_state b/tests/_test_encrypted_state
index 81a73a1..c695fe5 100755
--- a/tests/_test_encrypted_state
+++ b/tests/_test_encrypted_state
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-encrypted-state"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
KEY=1234567890abcdef1234567890abcdef
@@ -20,65 +20,65 @@
keyfile=${TPM_PATH}/keyfile
logfile=${TPM_PATH}/logfile
binkeyfile=${TPM_PATH}/binkeyfile
-echo "$KEY" > ${keyfile}
-echo -en "$BINKEY" > ${binkeyfile}
+echo "$KEY" > "${keyfile}"
+echo -en "$BINKEY" > "${binkeyfile}"
function cleanup()
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} \
- --key file=$keyfile,mode=aes-cbc,format=hex,remove \
- --log file=$logfile
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "file=$keyfile,mode=aes-cbc,format=hex,remove" \
+ --log "file=$logfile"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if wait_file_gone ${keyfile} 4; then
+if wait_file_gone "${keyfile}" 4; then
echo "Error: Keyfile $keyfile was not removed by ${SWTPM_INTERFACE} tpm."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -87,16 +87,16 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -106,86 +106,86 @@
fi
# Save the volatile state
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Saving the volatile state failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g | cut -d":" -f2)
+tmp=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -g | cut -d":" -f2)
if [ $? -ne 0 ]; then
echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if [ "$tmp" != " 0x1" ]; then
echo "Error: Unexpected configuration flags: $tmp; expected 0x1."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Start the TPM again; have the keyfile removed
-run_swtpm ${SWTPM_INTERFACE} \
- --key file=$binkeyfile,mode=aes-cbc,format=binary,remove \
- --log file=$logfile
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "file=$binkeyfile,mode=aes-cbc,format=binary,remove" \
+ --log "file=$logfile"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error (2): ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if wait_file_gone ${binkeyfile} 4; then
+if wait_file_gone "${binkeyfile}" 4; then
echo "Error: Keyfile $binkeyfile was not removed by ${SWTPM_INTERFACE} tpm."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -195,40 +195,40 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Saving the volatile state failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -239,25 +239,25 @@
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
diff --git a/tests/_test_getcap b/tests/_test_getcap
index b262ecf..23aa710 100755
--- a/tests/_test_getcap
+++ b/tests/_test_getcap
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-getcap"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
@@ -19,21 +19,21 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -41,26 +41,26 @@
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Get the capabilities flags from the TPM
-act=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -c)
+act=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -c)
if [ $? -ne 0 ]; then
echo "Error: Could not get the capability flags of the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after getting capabilities."
exit 1
@@ -72,7 +72,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -83,7 +83,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_hashing b/tests/_test_hashing
index c3c4b12..b8879d5 100755
--- a/tests/_test_hashing
+++ b/tests/_test_hashing
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-hashing"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
@@ -19,43 +19,43 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -65,7 +65,7 @@
fi
# Check the TPM Established bit before the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established flag."
exit 1
@@ -78,14 +78,14 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -95,7 +95,7 @@
fi
# Check the TPM Established bit after the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established flag."
exit 1
@@ -109,14 +109,14 @@
fi
# Reset the establishment bit via locality 3
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 3
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 3
if [ $? -ne -0 ]; then
echo "Error: Could not set locality 3"
exit 1
fi
# \x40 or \x0B seems to confuse 'normal' echo
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0A\x40\x00\x00\x0B')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0A\x40\x00\x00\x0B')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Could not reset the establishment bit"
@@ -126,7 +126,7 @@
fi
# Check the TPM Established bit after the reset
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established flag."
exit 1
@@ -140,7 +140,7 @@
fi
# back to locality 0
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 0
if [ $? -ne 0 ]; then
echo "Error: Could not set locality 0."
exit 1
@@ -148,10 +148,10 @@
# Read from a file
dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \
- run_swtpm_ioctl ${SWTPM_INTERFACE} -h -
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -h -
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 d8 0e 7a 7b 3c 37 88 7d b4 c2 88 08 1d a7 53 f6 4b 11 3a 9c'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -160,7 +160,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -171,7 +171,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_hashing2 b/tests/_test_hashing2
index 1c2c576..ae1e217 100755
--- a/tests/_test_hashing2
+++ b/tests/_test_hashing2
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-hashing2"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
@@ -19,30 +19,30 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
exit 1
@@ -50,14 +50,14 @@
sleep 0.5
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -67,7 +67,7 @@
fi
# Check the TPM Established bit before the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -80,14 +80,14 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -97,7 +97,7 @@
fi
# Check the TPM Established bit after the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -111,7 +111,7 @@
fi
# Reset the establishment bit; we switch to locality 0 and reset via locality 3
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 0
if [ $? -ne 0 ]; then
echo "Error: Could not set locality 0"
exit 1
@@ -119,7 +119,7 @@
for ((l = 0; l <= 2; l++)); do
# Resetting via locality 2 must fail
- ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -r $l 2>&1)"
+ ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -r "$l" 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: Could reset the establishment bit via locality $l"
exit 1
@@ -136,13 +136,13 @@
# We expect the same results for the TPM_ResetEstablishment command
for ((l = 0; l <= 2; l++)); do
# Set locality
- run_swtpm_ioctl ${SWTPM_INTERFACE} -l $l
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -l "$l"
if [ $? -ne 0 ]; then
echo "Error: Could not choose locality $l"
exit 1
fi
# Have to use external echo command
- RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b')
+ RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b')
exp=' 00 c4 00 00 00 0a 00 00 00 3d'
if [ "$RES" != "$exp" ]; then
echo "Error: Could reset TPM establishment bit in locality $l using command"
@@ -153,13 +153,13 @@
done
# Resetting via locality 3 must work
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 3
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 3
if [ $? -ne 0 ]; then
echo "Error: Could not reset the establishment bit via locality 3"
exit 1
fi
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0a\x40\x00\x00\x0b')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Could reset TPM establishment bit in locality 3 using command"
@@ -169,7 +169,7 @@
fi
# Check the TPM Established bit after the reset
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
exp='tpmEstablished is 0'
if [ "$RES" != "$exp" ]; then
echo "Error (3): TPM Established flag has wrong value."
@@ -180,10 +180,10 @@
# Read from a file
dd if=/dev/zero bs=1024 count=1024 2>/dev/null |\
- run_swtpm_ioctl ${SWTPM_INTERFACE} -h -
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -h -
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 d8 0e 7a 7b 3c 37 88 7d b4 c2 88 08 1d a7 53 f6 4b 11 3a 9c'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -192,7 +192,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -203,7 +203,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_init b/tests/_test_init
index edda5d4..2b5c366 100755
--- a/tests/_test_init
+++ b/tests/_test_init
@@ -20,47 +20,47 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
if has_seccomp_support "${SWTPM_EXE}"; then
SWTPM_TEST_SECCOMP_OPT="--seccomp action=none"
fi
-run_swtpm ${SWTPM_INTERFACE} \
- --tpmstate dir=$TPM_PATH \
- --pid file=$PID_FILE
+run_swtpm "${SWTPM_INTERFACE}" \
+ --tpmstate "dir=$TPM_PATH" \
+ --pid "file=$PID_FILE"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
-if wait_for_file ${PID_FILE} 4; then
+if wait_for_file "${PID_FILE}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
exit 1
fi
-PIDF="$(cat $PID_FILE)"
+PIDF="$(cat "$PID_FILE")"
if [ "$PIDF" != "${SWTPM_PID}" ]; then
echo "Error: ${SWTPM_INTERFACE} TPM wrote pid $PIDF, but found ${SWTPM_PID}."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -68,7 +68,7 @@
sleep 0.5
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
@@ -78,7 +78,7 @@
# works if the TPM runs as non-root
if [ "$(id -u)" != "0" ]; then
chmod 000 "${STATE_FILE}"
- run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -eq 0 ]; then
echo "Error: Unexpected initialization success of the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -86,7 +86,7 @@
sleep 0.5
- kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+ kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
exit 1
@@ -94,7 +94,7 @@
chmod 644 "${STATE_FILE}"
# Init the TPM again; now with state file accessible again
- run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -102,7 +102,7 @@
sleep 0.5
- kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+ kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
@@ -115,7 +115,7 @@
fi
# Shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -126,7 +126,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_locality b/tests/_test_locality
index e0295a5..ed71cf0 100755
--- a/tests/_test_locality
+++ b/tests/_test_locality
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-locality"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
@@ -19,64 +19,64 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Set locality 4 on the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 4
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 4
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 4."
exit 1
fi
# Set illegal locality 5 on the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 5
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 5
if [ $? -eq 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM accepted locality 5."
exit 1
fi
# Set locality 0 on the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 0
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 0."
exit 1
fi
# In locality 2 we can reset PCR 20
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 2
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 2
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 2."
exit 1
@@ -84,7 +84,7 @@
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -94,7 +94,7 @@
fi
# Reset PCR 20
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Could not reset PCR 20 in locality 2"
@@ -104,7 +104,7 @@
fi
# Shut down TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -115,7 +115,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_migration_key b/tests/_test_migration_key
index 8f7faaa..10481d2 100755
--- a/tests/_test_migration_key
+++ b/tests/_test_migration_key
@@ -22,7 +22,7 @@
echo "Could not create temporary file."
exit 1
fi
-echo -n "$MIGRATION_PASSWORD" > $migpwdfile
+echo -n "$MIGRATION_PASSWORD" > "$migpwdfile"
volatilestatefile="$(mktemp)"
if [ -z "$volatilestatefile" ]; then
@@ -38,46 +38,46 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $migpwdfile $volatilestatefile $tpmstatedir
+ rm -rf "$migpwdfile" "$volatilestatefile" "$tpmstatedir"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
# make a backup of the volatile state
-export TPM_PATH=$tpmstatedir
-cp ${TESTDIR}/data/tpmstate1/* $TPM_PATH
+TPM_PATH=$tpmstatedir
+cp "${TESTDIR}"/data/tpmstate1/* "$TPM_PATH"
-run_swtpm ${SWTPM_INTERFACE} \
- --migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --migration-key "pwdfile=$migpwdfile,remove=false,kdf=sha512"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Read PCR 10
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -87,7 +87,7 @@
fi
# Assert physical presence
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
@@ -104,7 +104,7 @@
tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
tmp+='\x00\x00\x00\x00\x00'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" $tmp)
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
@@ -114,26 +114,26 @@
fi
# Save the volatile state into a file
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $volatilestatefile
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save volatile "$volatilestatefile"
if [ $? -ne 0 ]; then
echo "Error: Could not save the volatile state to ${volatilestatefile}."
exit 1
fi
-if [ ! -r $volatilestatefile ]; then
+if [ ! -r "$volatilestatefile" ]; then
echo "Error: Volatile state file $volatilestatefile does not exist."
exit 1
fi
#ls -l $volatilestatefile
-size=$(get_filesize $volatilestatefile)
+size=$(get_filesize "$volatilestatefile")
expsize=1324
-if [ $size -ne $expsize ]; then
+if [ "$size" -ne "$expsize" ]; then
echo "Error: Unexpected size of volatile state file."
echo " Expected file with size of $expsize, found $size bytes."
exit 1
fi
-tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g | cut -d":" -f2)
+tmp=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -g | cut -d":" -f2)
if [ $? -ne 0 ]; then
echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -146,17 +146,17 @@
# Shut the TPM down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
echo "Test 1: Ok"
# Start the vTPM again and load the encrypted volatile state into it
-run_swtpm ${SWTPM_INTERFACE} \
- --migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --migration-key "pwdfile=$migpwdfile,remove=false,kdf=sha512"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -165,21 +165,21 @@
# Do NOT init the TPM now; first load volatile state
# load the encrypted volatile state into it
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$volatilestatefile"
if [ $? -ne 0 ]; then
echo "Error: Could not load encrypted volatile state into TPM."
exit 1
fi
# Now init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
exit 1
fi
# Read PCR 10
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -190,7 +190,7 @@
# Shut the TPM down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -201,11 +201,11 @@
# Start the vTPM again and load the encrypted volatile state into it
# This time we make this fail since we don't provide the migration key
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -216,7 +216,7 @@
# load the encrypted volatile state into it
# This will not work; the TPM writes the data into the volatile state file
# and validates it
-ERR=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile 2>&1)
+ERR=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$volatilestatefile" 2>&1)
if [ $? -eq 0 ]; then
echo "Error: Could load encrypted volatile state into TPM."
exit 1
@@ -229,7 +229,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -240,33 +240,33 @@
# In this test we now feed it an encrypted volatile state
# Start the vTPM again and load the encrypted volatile state into it
-run_swtpm ${SWTPM_INTERFACE} \
- --migration-key pwdfile=$migpwdfile,remove=true,kdf=sha512
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --migration-key "pwdfile=$migpwdfile,remove=true,kdf=sha512"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# load the encrypted volatile state into it
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $VOLATILESTATE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$VOLATILESTATE"
if [ $? -ne 0 ]; then
echo "Error: Could not load encrypted volatile state into TPM."
exit 1
fi
# Now init the TPM; this must work
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Read PCR 10
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -277,7 +277,7 @@
# Shut the TPM down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
diff --git a/tests/_test_print_capabilities b/tests/_test_print_capabilities
index 56dbffa..fe50661 100755
--- a/tests/_test_print_capabilities
+++ b/tests/_test_print_capabilities
@@ -8,10 +8,10 @@
PATH=$ROOT/src/swtpm:$PATH
-[ "${SWTPM_IFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_IFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-msg="$(${SWTPM_EXE} ${SWTPM_IFACE} --print-capabilities 2>&1)"
+msg="$(${SWTPM_EXE} "${SWTPM_IFACE}" --print-capabilities 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-capabilities"
echo "${msg}"
@@ -54,7 +54,7 @@
echo "Test 2: OK"
# SWTPM_CERT may be run by valgrind
-if [ -x "$(type -P $(echo "${SWTPM_CERT}" | cut -d" " -f1) )" ]; then
+if [ -x "$(type -P "$(echo "${SWTPM_CERT}" | cut -d" " -f1)" )" ]; then
msg="$(${SWTPM_CERT} --print-capabilities 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-capabilities to ${SWTPM_CERT}"
diff --git a/tests/_test_print_states b/tests/_test_print_states
index 46afe91..05a07b3 100755
--- a/tests/_test_print_states
+++ b/tests/_test_print_states
@@ -8,20 +8,20 @@
PATH=$ROOT/src/swtpm:$PATH
-[ "${SWTPM_IFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_IFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
trap "cleanup" SIGTERM EXIT
function cleanup()
{
- rm -rf ${workdir}
+ rm -rf "${workdir}"
}
# Test 1: No states
workdir="$(mktemp -d)" || exit 1
-msg="$(${SWTPM_EXE} ${SWTPM_IFACE} --print-states --tpmstate dir=${workdir} 2>&1)"
+msg="$(${SWTPM_EXE} "${SWTPM_IFACE}" --print-states --tpmstate "dir=${workdir}" 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-states"
@@ -46,9 +46,9 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/tpm-00.permall"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
-msg="$(${SWTPM_EXE} ${SWTPM_IFACE} --print-states --tpmstate dir=${workdir} 2>&1)"
+msg="$(${SWTPM_EXE} "${SWTPM_IFACE}" --print-states --tpmstate "dir=${workdir}" 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-states"
diff --git a/tests/_test_resume_volatile b/tests/_test_resume_volatile
index 16a392f..69c7a12 100755
--- a/tests/_test_resume_volatile
+++ b/tests/_test_resume_volatile
@@ -23,46 +23,47 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $tpmstatedir
+ rm -rf "$tpmstatedir"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-export TPM_PATH=$tpmstatedir
+TPM_PATH=$tpmstatedir
+VOLATILE_STATE_FILE="$TPM_PATH/tpm-00.volatilestate"
# copy all the state files
-cp ${TESTDIR}/data/tpmstate1/* ${TPM_PATH}
+cp "${TESTDIR}"/data/tpmstate1/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Read PCR 10 (extend -ix 10 -ic test)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -72,52 +73,52 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
echo "Test 1: Ok"
# 2nd test: with encrypted state
# copy all the state files
-cp ${TESTDIR}/data/tpmstate2/* ${TPM_PATH}
+cp "${TESTDIR}"/data/tpmstate2/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE} \
- --key pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Read PCR 10 (extend -ix 10 -ic test)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -127,18 +128,18 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -148,34 +149,34 @@
# 3rd test: with encrypted state using aes-256-cbc
# copy all the state files
-cp ${TESTDIR}/data/tpmstate2b/* ${TPM_PATH}
+cp "${TESTDIR}"/data/tpmstate2b/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE} \
- --key pwdfile=${TESTDIR}/data/tpmstate2b/pwdfile.txt,mode=aes-256-cbc
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "pwdfile=${TESTDIR}/data/tpmstate2b/pwdfile.txt,mode=aes-256-cbc"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Read PCR 10
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -185,18 +186,18 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
diff --git a/tests/_test_save_load_encrypted_state b/tests/_test_save_load_encrypted_state
index d4237f6..a096c24 100755
--- a/tests/_test_save_load_encrypted_state
+++ b/tests/_test_save_load_encrypted_state
@@ -8,7 +8,7 @@
VTPM_NAME="${VTPM_NAME:-vtpm-test-save-load-encrypted-state}"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
KEY=1234567890abcdef1234567890abcdef
@@ -20,60 +20,60 @@
keyfile="$(mktemp)" || exit 1
logfile="$(mktemp)" || exit 1
-echo "$KEY" > $keyfile
+echo "$KEY" > "$keyfile"
function cleanup()
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -f $keyfile $logfile
- rm -rf $TPM_PATH
+ rm -f "$keyfile" "$logfile"
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-exec 101<$keyfile
-run_swtpm ${SWTPM_INTERFACE} \
+exec 101<"$keyfile"
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--key fd=101,mode=aes-cbc,format=hex \
- --log file=$logfile
+ --log "file=$logfile"
exec 101>&-
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -82,16 +82,16 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Could not hash the data."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -101,7 +101,7 @@
fi
# Assert physical presence
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
@@ -118,7 +118,7 @@
tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
tmp+='\x00\x00\x00\x00\x00'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" $tmp)
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
@@ -127,32 +127,32 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
+if [ ! -r "$MY_PERMANENT_STATE_FILE" ]; then
echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write volatile state file $MY_PERMANENT_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
+if [ ! -r "$MY_VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved volatile state."
@@ -161,40 +161,40 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# we will use our own volatile state
-rm -f $VOLATILE_STATE_FILE $STATE_FILE
+rm -f "$VOLATILE_STATE_FILE" "$STATE_FILE"
# Stop the TPM; this will not shut it down
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
if [ $? -ne 0 ]; then
echo "Error (2): Could not stop the ${SWTPM_INTERFACE} TPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error (2): ${SWTPM_INTERFACE} TPM is not running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# load state into the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load permanent state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load volatile state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded volatile state."
@@ -203,24 +203,24 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "TPM Init failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -230,39 +230,39 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -271,18 +271,18 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -298,28 +298,28 @@
echo "sha1(volatile) : $sha1_volatile"
echo "sha1(permanent): $sha1_permanent"
-exec 101<$keyfile
-run_swtpm ${SWTPM_INTERFACE} \
+exec 101<"$keyfile"
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--key pwdfd=101 \
- --log file=$logfile
+ --log "file=$logfile"
exec 101>&-
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -i 2>&1)"
+ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -i 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization should have failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
exp="TPM result from PTM_INIT: 0x21"
@@ -330,11 +330,11 @@
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -349,18 +349,18 @@
fi
# shut it down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -376,28 +376,28 @@
echo "sha1(permanent): $sha1_permanent"
# we need a 256bit key
-echo "${KEY}${KEY}" > $keyfile
+echo "${KEY}${KEY}" > "$keyfile"
-run_swtpm ${SWTPM_INTERFACE} \
- --key pwdfile=$keyfile,mode=aes-256-cbc \
- --log file=$logfile
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "pwdfile=$keyfile,mode=aes-256-cbc" \
+ --log "file=$logfile"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -i 2>&1)"
+ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -i 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization should have failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
exp="TPM result from PTM_INIT: 0x28"
@@ -408,11 +408,11 @@
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -429,25 +429,25 @@
echo "Test 3: Ok"
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
diff --git a/tests/_test_save_load_state b/tests/_test_save_load_state
index 69ac93f..f168d31 100755
--- a/tests/_test_save_load_state
+++ b/tests/_test_save_load_state
@@ -8,7 +8,7 @@
VTPM_NAME="${VTPM_NAME:-vtpm-test-save-load-state}"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
MY_VOLATILE_STATE_FILE=$TPM_PATH/my.volatilestate
@@ -20,7 +20,7 @@
LINEAR_STATE_FILE=$TPM_PATH/linear-state
BACKEND_PARAM=""
-if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then
+if [ "${SWTPM_TEST_LINEAR_FILE:-0}" -ne 0 ]; then
BACKEND_PARAM="--tpmstate backend-uri=file://$LINEAR_STATE_FILE"
fi
@@ -30,52 +30,52 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -f $logfile
- rm -rf $TPM_PATH
+ rm -f "$logfile"
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} \
- ${BACKEND_PARAM} \
- --log file=$logfile
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ ${BACKEND_PARAM:+${BACKEND_PARAM}} \
+ --log "file=$logfile"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -84,16 +84,16 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -103,7 +103,7 @@
fi
# Assert physical presence
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
@@ -120,7 +120,7 @@
tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
tmp+='\x00\x00\x00\x00\x00'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" $tmp)
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
@@ -130,7 +130,7 @@
fi
# Send SaveState command
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0a\x00\x00\x00\x98')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0a\x00\x00\x00\x98')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_SaveState()"
@@ -139,47 +139,47 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
+if [ ! -r "$MY_PERMANENT_STATE_FILE" ]; then
echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write volatile state file $MY_VOLATILE_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
+if [ ! -r "$MY_VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved volatile state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save savestate $MY_SAVESTATE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save savestate "$MY_SAVESTATE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write savestate state file $MY_SAVESTATE_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_SAVESTATE_STATE_FILE ]; then
+if [ ! -r "$MY_SAVESTATE_STATE_FILE" ]; then
echo "Error: Savestate state file $MY_SAVESTATE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved savestate state."
@@ -188,50 +188,50 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# we will use our own volatile state
-rm -f $VOLATILE_STATE_FILE $STATE_FILE
+rm -f "$VOLATILE_STATE_FILE" "$STATE_FILE"
# Stop the TPM; this will not shut it down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
if [ $? -ne 0 ]; then
echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error (2): ${SWTPM_INTERFACE} TPM is not running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# load state into the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load permanent state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load volatile state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded volatile state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load savestate $MY_SAVESTATE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load savestate "$MY_SAVESTATE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load savestate state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded savestate state."
@@ -240,24 +240,24 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "TPM Init failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -267,40 +267,40 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ${SWTPM_TEST_LINEAR_FILE:-0} -eq 0 ] && [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ "${SWTPM_TEST_LINEAR_FILE:-0}" -eq 0 ] && [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -311,33 +311,33 @@
# Final shut down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then
- if [ ! -e $LINEAR_STATE_FILE ]; then
+if [ "${SWTPM_TEST_LINEAR_FILE:-0}" -ne 0 ]; then
+ if [ ! -e "$LINEAR_STATE_FILE" ]; then
echo "Error: TPM state file $LINEAR_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
else
- if [ ! -e $STATE_FILE ]; then
+ if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
fi
diff --git a/tests/_test_setbuffersize b/tests/_test_setbuffersize
index 6d15758..c786ae5 100755
--- a/tests/_test_setbuffersize
+++ b/tests/_test_setbuffersize
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-setbuffersize"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
@@ -20,61 +20,61 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Check the buffer size
-run_swtpm_ioctl ${SWTPM_INTERFACE} -b 0 > ${OUTFILE}
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -b 0 > "${OUTFILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not get the buffersize of the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-cat ${OUTFILE}
+cat "${OUTFILE}"
-if [ -z "$(grep "TPM buffersize" ${OUTFILE} | grep 4096)" ]; then
+if [ -z "$(grep "TPM buffersize" "${OUTFILE}" | grep 4096)" ]; then
echo "Error: The TPM buffersize of the ${SWTPM_INTERFACE} TPM is not 4096."
exit 1
fi
# set the buffer size
-run_swtpm_ioctl ${SWTPM_INTERFACE} -b 4000 > ${OUTFILE}
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -b 4000 > "${OUTFILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not set the buffersize of the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-cat ${OUTFILE}
+cat "${OUTFILE}"
-if [ -z "$(grep "TPM buffersize" ${OUTFILE} | grep 4000)" ]; then
+if [ -z "$(grep "TPM buffersize" "${OUTFILE}" | grep 4000)" ]; then
echo "Error: The TPM buffersize of the ${SWTPM_INTERFACE} TPM is not 4000."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Set the buffer size -- should fail
-ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -b 4096 2>&1)"
+ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -b 4096 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: Could set the buffersize while the ${SWTPM_INTERFACE} TPM is running."
exit 1
@@ -87,13 +87,13 @@
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -104,7 +104,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_swtpm_bios b/tests/_test_swtpm_bios
index df86b25..f566329 100755
--- a/tests/_test_swtpm_bios
+++ b/tests/_test_swtpm_bios
@@ -21,41 +21,41 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpmstate dir=$TPM_PATH --pid file=$PID_FILE
+run_swtpm "${SWTPM_INTERFACE}" --tpmstate "dir=$TPM_PATH" --pid "file=$PID_FILE"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
-if wait_for_file ${PID_FILE} 4; then
+if wait_for_file "${PID_FILE}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
exit 1
fi
-PIDF="$(cat $PID_FILE)"
+PIDF="$(cat "$PID_FILE")"
if [ "$PIDF" != "${SWTPM_PID}" ]; then
echo "Error: ${SWTPM_INTERFACE} TPM wrote pid $PIDF, but found ${SWTPM_PID}."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -63,35 +63,35 @@
sleep 0.5
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} -o 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" -o 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n --cs 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" -n --cs 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not self-test the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" -n -u 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not give up physical presence on the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# will NOT work -- we get error output in $res
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" -n -u 2>&1)
ret=$?
if [ $ret -eq 0 ] || [ -z "$res" ]; then
echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM."
@@ -119,21 +119,21 @@
# RESET TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} --cs -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" --cs -u 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# will NOT work -- we get error output in $res
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} -n -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" -n -u 2>&1)
ret=$?
if [ $ret -eq 0 ] || [ -z "$res" ]; then
echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM."
@@ -145,7 +145,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -156,7 +156,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_avoid_da_lockout b/tests/_test_tpm2_avoid_da_lockout
index da59226..2607b5f 100755
--- a/tests/_test_tpm2_avoid_da_lockout
+++ b/tests/_test_tpm2_avoid_da_lockout
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-avoid-da-lockout"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
LOG_FILE=$TPM_PATH/tpm-00.log
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
@@ -17,23 +17,23 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
-source ${TESTDIR}/test_common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
+source "${TESTDIR}/test_common"
-run_swtpm ${SWTPM_INTERFACE} \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--tpm2 \
- --log file=$LOG_FILE,level=20 \
+ --log "file=$LOG_FILE,level=20" \
--flags not-need-init,startup-clear
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -41,7 +41,7 @@
# Define password-protected NV space with DA attribute set: tssnvdefinespace -ha 01000000 -hi o -pwdn test -sz 1 -at da
cmd='\x80\x02\x00\x00\x00\x31\x00\x00\x01\x2a\x40\x00\x00\x01\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00\x00\x04\x74\x65\x73\x74\x00\x0e\x01\x00\x00\x00\x00\x0b\x00\x04\x00\x04\x00\x00\x00\x01'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${cmd})
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_DefineSpace"
@@ -52,7 +52,7 @@
# Write to NV space without password: tssnvwrite -ha 01000000 -ic A
cmd='\x80\x02\x00\x00\x00\x24\x00\x00\x01\x37\x01\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00\x00\x01\x41\x00\x00'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${cmd})
exp=' 80 01 00 00 00 0a 00 00 09 22'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_Write"
@@ -63,7 +63,7 @@
# The TPM_PT_LOCKOUT_COUNTER must be 0 now: tssgetcapability -cap 6 -pr 0x20e -pc 1
cmd='\x80\x01\x00\x00\x00\x16\x00\x00\x01\x7a\x00\x00\x00\x06\x00\x00\x02\x0e\x00\x00\x00\x01'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${cmd})
exp=' 80 01 00 00 00 1b 00 00 00 00 01 00 00 00 06 00 00 00 01 00 00 02 0e 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_GetCapability(TPM_PT_LOCKOUT_COUNTER)"
@@ -73,7 +73,7 @@
fi
# Abruptly init the TPM: swtpm will internally send TPM2_Shutdown()
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -81,7 +81,7 @@
# send TPM2_Startup(SU_CLEAR)
cmd='\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${cmd})
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_CLEAR)"
@@ -93,7 +93,7 @@
# The TPM_PT_LOCKOUT_COUNTER must still be '0' now: tssgetcapability -cap 6 -pr 0x20e -pc 1
# Without swtpm sending TPM2_Shutdown, it would be '1' now
cmd='\x80\x01\x00\x00\x00\x16\x00\x00\x01\x7a\x00\x00\x00\x06\x00\x00\x02\x0e\x00\x00\x00\x01'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${cmd})
exp=' 80 01 00 00 00 1b 00 00 00 00 01 00 00 00 06 00 00 00 01 00 00 02 0e 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_GetCapability(TPM_PT_LOCKOUT_COUNTER)"
@@ -104,7 +104,7 @@
# Again write to NV space without password: tssnvwrite -ha 01000000 -ic A
cmd='\x80\x02\x00\x00\x00\x24\x00\x00\x01\x37\x01\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00\x00\x01\x41\x00\x00'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${cmd})
exp=' 80 01 00 00 00 0a 00 00 09 22'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_Write"
@@ -114,7 +114,7 @@
fi
# CMD_STOP: swtpm will internally send TPM2_Shutdown()
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -125,12 +125,12 @@
exit 1
fi
-run_swtpm ${SWTPM_INTERFACE} \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--tpm2 \
- --log file=$LOG_FILE,level=20 \
+ --log "file=$LOG_FILE,level=20" \
--flags not-need-init,startup-clear
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -139,7 +139,7 @@
# The TPM_PT_LOCKOUT_COUNTER must still be '0' now: tssgetcapability -cap 6 -pr 0x20e -pc 1
# Without swtpm sending TPM2_Shutdown, it would be '2' now
cmd='\x80\x01\x00\x00\x00\x16\x00\x00\x01\x7a\x00\x00\x00\x06\x00\x00\x02\x0e\x00\x00\x00\x01'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${cmd})
exp=' 80 01 00 00 00 1b 00 00 00 00 01 00 00 00 06 00 00 00 01 00 00 02 0e 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_GetCapability(TPM_PT_LOCKOUT_COUNTER)"
@@ -148,7 +148,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
diff --git a/tests/_test_tpm2_derived_keys b/tests/_test_tpm2_derived_keys
index 6954f95..6811fd6 100755
--- a/tests/_test_tpm2_derived_keys
+++ b/tests/_test_tpm2_derived_keys
@@ -23,24 +23,24 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $tpmstatedir
+ rm -rf "$tpmstatedir"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-export TPM_PATH=$tpmstatedir
+TPM_PATH=$tpmstatedir
# copy all the state files
-cp ${TESTDIR}/data/tpm2state1/* ${TPM_PATH}
+cp "${TESTDIR}"/data/tpm2state1/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -63,14 +63,14 @@
local RES tmp
if [ "$reset" != "0" ]; then
- run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not send TPM_INIT"
return 1
fi
fi
if [ "$startup" != "0" ]; then
- RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+ RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
tmp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$tmp" ]; then
echo "Error: Did not get expected response from TPM2_Startup"
@@ -80,7 +80,7 @@
fi
fi
- RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${cmd})
+ RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" "${cmd}")
if [ "$RES" == "$allowed_error" ]; then
echo "Skip: Encountered allowed error response ($allowed_error)"
elif [ "$RES" != "$exp" ]; then
@@ -249,7 +249,7 @@
case "$(uname -s)" in
Linux)
# Only 64bit apps will link with libs in /lib64/ dirs
- if [ -n "$(grep -E "\/lib64\/" /proc/${SWTPM_PID}/maps)" ] && \
+ if [ -n "$(grep -E "\/lib64\/" "/proc/${SWTPM_PID}/maps")" ] && \
[ -n "$(lscpu | grep "Little Endian")" ]; then
tx_cmd 1 0 "$test1_cmd" "$test1_exp" "" || exit 1 && echo "Test 1: OK"
tx_cmd 1 1 "$test2_cmd" "$test2_exp" "" || exit 1 && echo "Test 2: OK"
@@ -267,21 +267,21 @@
esac
# Get revision of TPM 2.0 implementation; we need >= 155 for subsequent tests
-revision=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 1 |
+revision=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" --info 1 |
sed 's/.*,"revision":\([^\}]*\).*/\1/')
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
-if [ $revision -lt 155 ]; then
+if [ "$revision" -lt 155 ]; then
echo "Skipping next tests since libtpms implements TPM 2.0 revision $revision, but need >= 155"
exit 0
fi
@@ -294,11 +294,11 @@
# copy all the state files; the files need libtpms (0.8.0) with
# TPM 2.0 revsion 155; there the seeds are setup so that the fixed
# RSA key generation algorithm is used
-cp -f ${TESTDIR}/data/tpm2state4/* ${TPM_PATH}
+cp -f "${TESTDIR}"/data/tpm2state4/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -318,13 +318,13 @@
tx_cmd 1 1 "$test5_cmd1" "$test5_exp1" "" || exit 1
tx_cmd 0 0 "$test5_cmd2" "$test5_exp2" "" || exit 1 && echo "Test 5: OK"
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
diff --git a/tests/_test_tpm2_encrypted_state b/tests/_test_tpm2_encrypted_state
index 9ef22d7..38939bd 100755
--- a/tests/_test_tpm2_encrypted_state
+++ b/tests/_test_tpm2_encrypted_state
@@ -8,7 +8,7 @@
VTPM_NAME=${VTPM_NAME:-vtpm-test-tpm2-encrypted-state}
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
KEY=1234567890abcdef1234567890abcdef
@@ -20,66 +20,66 @@
keyfile=${TPM_PATH}/keyfile
logfile=${TPM_PATH}/logfile
binkeyfile=${TPM_PATH}/binkeyfile
-echo "$KEY" > ${keyfile}
-echo -en "$BINKEY" > ${binkeyfile}
+echo "$KEY" > "${keyfile}"
+echo -en "$BINKEY" > "${binkeyfile}"
function cleanup()
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} \
- --key file=$keyfile,mode=aes-cbc,format=hex,remove \
- --log file=$logfile \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "file=$keyfile,mode=aes-cbc,format=hex,remove" \
+ --log "file=$logfile" \
--tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if wait_file_gone ${keyfile} 4; then
+if wait_file_gone "${keyfile}" 4; then
echo "Error: Keyfile $keyfile was not removed by ${SWTPM_INTERFACE} tpm."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
@@ -88,16 +88,16 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -107,87 +107,87 @@
fi
# Save the volatile state
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Saving the volatile state failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g | cut -d":" -f2)
+tmp=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -g | cut -d":" -f2)
if [ $? -ne 0 ]; then
echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if [ "$tmp" != " 0x1" ]; then
echo "Error: Unexpected configuration flags: $tmp; expected 0x1."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Start the TPM again; have the keyfile removed
-run_swtpm ${SWTPM_INTERFACE} \
- --key file=$binkeyfile,mode=aes-cbc,format=binary,remove \
- --log file=$logfile \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "file=$binkeyfile,mode=aes-cbc,format=binary,remove" \
+ --log "file=$logfile" \
--tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error (2): ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if wait_file_gone ${binkeyfile} 4; then
+if wait_file_gone "${binkeyfile}" 4; then
echo "Error: Keyfile $binkeyfile was not removed by ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -197,40 +197,40 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Saving the volatile state failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -241,25 +241,25 @@
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
diff --git a/tests/_test_tpm2_file_permissions b/tests/_test_tpm2_file_permissions
index c4fd2e5..2b96c0d 100644
--- a/tests/_test_tpm2_file_permissions
+++ b/tests/_test_tpm2_file_permissions
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-file-permissions"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=${TPM_PATH}/tpm2-00.permall
VOLATILE_STATE_FILE=${TPM_PATH}/tpm2-00.volatilestate
PIDFILE=${TPM_PATH}/swtpm.pid
@@ -27,8 +27,8 @@
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
cat <<_EOF_ > "${SWTPM_SETUP_CONF}"
create_certs_tool=unused
@@ -67,7 +67,7 @@
chown "${TESTUSER}:${TESTGROUP}" "${TPM_PATH}"/*
# Test-execute the swtpm program as $TESTUSER
-tmp=$(su -m "${TESTUSER}" -c "LD_LIBRARY_PATH="${SWTPM_LD_LIBRARY_PATH}" "${MY_SWTPM_EXE}" --help 2>&1")
+tmp=$(su -m "${TESTUSER}" -c "LD_LIBRARY_PATH=\"${SWTPM_LD_LIBRARY_PATH}\" \"${MY_SWTPM_EXE}\" --help 2>&1")
if [ $? -ne 0 ]; then
echo "Could not run '${MY_SWTPM_EXE}' as ${TESTUSER}. Skipping swtpm_setup tests."
echo "Error: ${tmp}"
@@ -77,21 +77,21 @@
logsize=$(get_filesize "${LOGFILE}")
-run_swtpm ${SWTPM_INTERFACE} \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--pid "file=${PIDFILE}" \
--log "file=${LOGFILE},level=20" \
--runas "${TESTUSER}" \
--tpm2 \
--key "pwdfile=${PWDFILE},kdf=sha512"
-kill -0 ${SWTPM_PID}
+kill -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -106,14 +106,14 @@
# There should be a log file now owned by the ${TESTUSER}
# Since the CUSE TPM must be started as root root ownership is allowed for log and pid file
if [ "${SWTPM_INTERFACE}" != "cuse" ]; then
- fileowner="$(get_fileowner_names ${LOGFILE})"
+ fileowner="$(get_fileowner_names "${LOGFILE}")"
if [ "${fileowner}" != "${TESTUSER} ${TESTGROUP}" ]; then
echo "File ownership for logfile is wrong."
echo "Expected: ${TESTUSER} ${TESTGROUP}"
echo "Actual : ${fileowner}"
fi
- fileowner="$(get_fileowner_names ${PIDFILE})"
+ fileowner="$(get_fileowner_names "${PIDFILE}")"
if [ "${fileowner}" != "${TESTUSER} ${TESTGROUP}" ]; then
echo "File ownership for pidfile is wrong."
echo "Expected: ${TESTUSER} ${TESTGROUP}"
@@ -122,11 +122,11 @@
fi
# The log file must have grown
-if [ -z "$(grep "TestTest" ${LOGFILE})" ]; then
+if [ -z "$(grep "TestTest" "${LOGFILE}")" ]; then
echo "Error: First line 'TestTest' missing in logfile."
exit 1
fi
-if [ $(get_filesize ${LOGFILE}) -le ${logsize} ]; then
+if [ "$(get_filesize "${LOGFILE}")" -le "${logsize}" ]; then
echo "Error: Log file did not grow!"
exit 1
fi
@@ -140,7 +140,7 @@
fi
# Read PCR 10 (from pcrextend -ha 10 -ic test)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 16 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 f6 85 98 e5 86 8d e6 8b 97 29 99 60 f2 71 7d 17 67 89 a4 2f 9a ae a8 c7 b7 aa 79 a8 62 56 c1 de'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -149,20 +149,20 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
if [ -f "${PIDFILE}" ]; then
echo "Error: PID file should have been removed."
- ls -l ${TPM_PATH}
+ ls -l "${TPM_PATH}"
exit 1
fi
@@ -206,11 +206,11 @@
echo "Error: State file was not changed."
exit 1
fi
-if [ -z "$(grep "TestTest" ${LOGFILE})" ]; then
+if [ -z "$(grep "TestTest" "${LOGFILE}")" ]; then
echo "Error: First line 'TestTest' missing in logfile."
exit 1
fi
-if [ $(get_filesize "${LOGFILE}") -le ${logsize} ]; then
+if [ "$(get_filesize "${LOGFILE}")" -le "${logsize}" ]; then
echo "Error: ${SWTPM_SETUP} did not append to existing log."
exit 1
fi
@@ -243,7 +243,7 @@
echo "Error: State file was not changed."
exit 1
fi
-if [ $(get_filesize "${LOGFILE}") -le ${logsize} ]; then
+if [ "$(get_filesize "${LOGFILE}")" -le "${logsize}" ]; then
echo "Error: ${SWTPM_SETUP} did not append to existing log."
exit 1
fi
diff --git a/tests/_test_tpm2_getcap b/tests/_test_tpm2_getcap
index 4b47ed9..c4cc7ac 100755
--- a/tests/_test_tpm2_getcap
+++ b/tests/_test_tpm2_getcap
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-getcap"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,48 +19,48 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Get the capabilities flags from the TPM
-act=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -c)
+act=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -c)
if [ $? -ne 0 ]; then
echo "Error: Could not get the capability flags of the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after getting capabilities."
exit 1
@@ -72,7 +72,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -83,7 +83,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_hashing b/tests/_test_tpm2_hashing
index 2904e65..2984db7 100755
--- a/tests/_test_tpm2_hashing
+++ b/tests/_test_tpm2_hashing
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-hashing"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -20,43 +20,43 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Startup the TPM2
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
@@ -66,7 +66,7 @@
fi
# Check the TPM Established bit before the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e )
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e )
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -80,7 +80,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: The hash command failed."
exit 1
@@ -88,10 +88,10 @@
# Read PCR 17
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE}'\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
# disregard the update counter using a regex comparison
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
-if [[ "$RES" =~ "$exp" ]]; then
+if ! [[ $RES =~ ^${exp}$ ]]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
echo "expected: $exp"
echo "received: $RES"
@@ -99,7 +99,7 @@
fi
# Check the TPM Established bit after the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -115,14 +115,14 @@
# Reset the establishment bit is not possible via a command
# So we do it directly here in locality 3
-run_swtpm_ioctl ${SWTPM_INTERFACE} -r 3
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -r 3
if [ $? -ne -0 ]; then
echo "Error: Could not reset establishment bit in locality 3"
exit 1
fi
# Check the TPM Established bit after the reset
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -137,39 +137,39 @@
fi
# back to locality 0
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 0
if [ $? -ne 0 ]; then
echo "Error: Could not set the locality to 0."
exit 1
fi
# Read from a file
dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \
- run_swtpm_ioctl ${SWTPM_INTERFACE} -h -
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -h -
# Read PCR 17
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
# disregard the update counter using a regex comparison
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 27 7e de f1 02 56 46 5d 8e 71 65 38 3f d3 63 c9 8a be 89 e2 90 2e 4d 3a 2b 3a 30 80 2f 28 af 19'
-if [[ "$RES" =~ "$exp" ]]; then
+if ! [[ $RES =~ ^${exp}$ ]]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
echo "expected: $exp"
echo "received: $RES"
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_hashing2 b/tests/_test_tpm2_hashing2
index 5a47d0f..a6d3acd 100755
--- a/tests/_test_tpm2_hashing2
+++ b/tests/_test_tpm2_hashing2
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-hashing2"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,43 +19,43 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
@@ -65,7 +65,7 @@
fi
# Check the TPM Established bit before the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -79,7 +79,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: The hash command failed."
exit 1
@@ -87,10 +87,10 @@
# Read PCR 17
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
# disregard the update counter using a regex comparison
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
-if [[ "$RES" =~ "$exp" ]]; then
+if ! [[ $RES =~ ^${exp}$ ]]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
echo "expected: $exp"
echo "received: $RES"
@@ -98,7 +98,7 @@
fi
# Check the TPM Established bit after the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -113,7 +113,7 @@
fi
# Reset the establishment bit; we switch to locality 0 and reset via locality 3
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 0
if [ $? -ne 0 ]; then
echo "Error: Could not set locality 0"
exit 1
@@ -121,7 +121,7 @@
for ((l = 0; l <= 2; l++)); do
# Resetting via locality 2 must fail
- ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -r $l 2>&1)"
+ ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -r "$l" 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: Could reset the establishment bit via locality $l"
exit 1
@@ -136,14 +136,14 @@
done
# Resetting via locality 3 must work
-run_swtpm_ioctl ${SWTPM_INTERFACE} -r 3
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -r 3
if [ $? -ne 0 ]; then
echo "Error: Could not reset the establishment bit via locality 3"
exit 1
fi
# Check the TPM Established bit after the reset
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -159,21 +159,21 @@
# Read from a file
dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \
- run_swtpm_ioctl ${SWTPM_INTERFACE} -h -
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -h -
# Read PCR 17
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
# disregard the update counter using a regex comparison
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 27 7e de f1 02 56 46 5d 8e 71 65 38 3f d3 63 c9 8a be 89 e2 90 2e 4d 3a 2b 3a 30 80 2f 28 af 19'
-if [[ "$RES" =~ "$exp" ]]; then
+if ! [[ $RES =~ ^${exp}$ ]]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
echo "expected: $exp"
echo "received: $RES"
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -181,13 +181,13 @@
sleep 0.5
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -eq 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_hashing3 b/tests/_test_tpm2_hashing3
index f079339..bbfb55e 100755
--- a/tests/_test_tpm2_hashing3
+++ b/tests/_test_tpm2_hashing3
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-hashing3"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,36 +19,36 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
@@ -57,7 +57,7 @@
# We do NOT need to startup the TPM; Hashing will affect PCR 0
# Check the TPM Established bit before the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -72,14 +72,14 @@
fi
# Hash
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: The hash command failed."
exit 1
fi
# Startup the TPM2
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0C\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0C\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -90,7 +90,7 @@
# Read PCR 0
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x01\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x01\x00\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 14 00 00 00 01 00 0b 03 01 00 00 00 00 00 01 00 20 34 0a 23 3f ac 4c a0 14 98 6e 45 dd 95 ec 77 6a 7a 3f 86 a2 10 74 f4 3a 43 90 c5 b8 c3 ab ea f4'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(0)"
@@ -100,7 +100,7 @@
fi
# Check the TPM Established bit after the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -114,7 +114,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
diff --git a/tests/_test_tpm2_init b/tests/_test_tpm2_init
index be35b5b..e296aa5 100755
--- a/tests/_test_tpm2_init
+++ b/tests/_test_tpm2_init
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-init"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,40 +19,40 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
if has_seccomp_support "${SWTPM_EXE}"; then
SWTPM_TEST_SECCOMP_OPT="--seccomp action=none"
fi
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
@@ -62,7 +62,7 @@
# works if the TPM runs as non-rootchmod 000 "${STATE_FILE}"
if [ "$(id -u)" != "0" ]; then
chmod 000 "${STATE_FILE}"
- run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -eq 0 ]; then
echo "Error: Unexpected initialization success of the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -70,7 +70,7 @@
sleep 0.5
- kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+ kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
exit 1
@@ -78,7 +78,7 @@
chmod 664 "${STATE_FILE}"
# Init the TPM again; now with state file accessible again
- run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -86,7 +86,7 @@
sleep 0.5
- kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+ kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
@@ -99,7 +99,7 @@
fi
# Shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -110,7 +110,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_locality b/tests/_test_tpm2_locality
index 24dbcc9..55cc0d9 100755
--- a/tests/_test_tpm2_locality
+++ b/tests/_test_tpm2_locality
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-locality"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,64 +19,64 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Set locality 4 on the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 4
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 4
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 4."
exit 1
fi
# Set illegal locality 5 on the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 5
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 5
if [ $? -eq 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM accepted locality 5."
exit 1
fi
# Set locality 0 on the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 0
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 0."
exit 1
fi
# In locality 2 we can reset PCR 20
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 2
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 2
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 2."
exit 1
@@ -84,14 +84,14 @@
# Need to set locality 0 or 3 for TPM2_Startup to work...
# TPM_Startup for TPM 1.2 worked in all localities
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 3
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 3
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 3."
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
@@ -101,14 +101,14 @@
fi
# In locality 2 we can reset PCR 20
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 2
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 2
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 2."
exit 1
fi
# Reset PCR 20
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x02\x00\x00\x00\x1b\x00\x00\x01\x3d\x00\x00\x00\x14\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x02\x00\x00\x00\x1b\x00\x00\x01\x3d\x00\x00\x00\x14\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00')
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Could not reset PCR 20 in locality 2"
@@ -118,14 +118,14 @@
fi
# In locality 1 we can NOT reset PCR 20
-run_swtpm_ioctl ${SWTPM_INTERFACE} -l 1
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -l 1
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not accept locality 1."
exit 1
fi
# Reset PCR 20
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x02\x00\x00\x00\x1b\x00\x00\x01\x3d\x00\x00\x00\x14\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x02\x00\x00\x00\x1b\x00\x00\x01\x3d\x00\x00\x00\x14\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 09 07'
if [ "$RES" != "$exp" ]; then
echo "Error: Could reset PCR 20 in locality 1"
@@ -135,7 +135,7 @@
fi
# Shut down TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -146,7 +146,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_migration_key b/tests/_test_tpm2_migration_key
index a5fea00..428b5ad 100755
--- a/tests/_test_tpm2_migration_key
+++ b/tests/_test_tpm2_migration_key
@@ -16,9 +16,9 @@
{
pid=$SWTPM_PID
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $migpwdfile $volatilestatefile $tpmstatedir $logfile
+ rm -rf "$migpwdfile" "$volatilestatefile" "$tpmstatedir" "$logfile"
}
trap "cleanup" EXIT
@@ -34,7 +34,7 @@
echo "Could not create temporary file."
exit 1
fi
-echo -n "$MIGRATION_PASSWORD" > $migpwdfile
+echo -n "$MIGRATION_PASSWORD" > "$migpwdfile"
volatilestatefile="$(mktemp)"
if [ -z "$volatilestatefile" ]; then
@@ -46,18 +46,18 @@
SWTPM_CMD_UNIX_PATH=${tpmstatedir}/unix-cmd.sock
SWTPM_CTRL_UNIX_PATH=${tpmstatedir}/unix-ctrl.sock
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
# make a backup of the volatile state
-export TPM_PATH=$tpmstatedir
-cp ${TESTDIR}/data/tpm2state1/* $TPM_PATH
+TPM_PATH=$tpmstatedir
+cp "${TESTDIR}"/data/tpm2state1/* "$TPM_PATH"
-rm -f ${logfile}
-run_swtpm ${SWTPM_INTERFACE} \
- --log file=${logfile} \
+rm -f "${logfile}"
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --log "file=${logfile}" \
--tpm2 \
- --migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512
+ --migration-key "pwdfile=$migpwdfile,remove=false,kdf=sha512"
kill_quiet -0 $SWTPM_PID
if [ $? -ne 0 ]; then
@@ -66,7 +66,7 @@
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
exit 1
@@ -89,17 +89,17 @@
fi
# Save the volatile state into a file
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $volatilestatefile
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save volatile "$volatilestatefile"
if [ $? -ne 0 ]; then
echo "Error: Could not save the volatile state to ${volatilestatefile}."
exit 1
fi
-if [ ! -r $volatilestatefile ]; then
+if [ ! -r "$volatilestatefile" ]; then
echo "Error: Volatile state file $volatilestatefile does not exist."
exit 1
fi
-size=$(get_filesize $volatilestatefile)
+size=$(get_filesize "$volatilestatefile")
expsize="^([5689][0-9]{3})$"
if ! [[ $size =~ $expsize ]]; then
echo "Error: Unexpected size of volatile state file."
@@ -107,7 +107,7 @@
exit 1
fi
-tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g | cut -d":" -f2)
+tmp=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -g | cut -d":" -f2)
if [ $? -ne 0 ]; then
echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -120,16 +120,16 @@
# Shut the TPM down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
echo "Test 1: Ok"
# Start the vTPM again and load the encrypted volatile state into it
-rm -f ${logfile}
-run_swtpm ${SWTPM_INTERFACE} \
- --log file=${logfile} \
+rm -f "${logfile}"
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --log "file=${logfile}" \
--tpm2 \
- --migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512
+ --migration-key "pwdfile=$migpwdfile,remove=false,kdf=sha512"
display_processes_by_name "$SWTPM"
@@ -139,21 +139,21 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
# Do NOT init the TPM now; first load volatile state
# load the encrypted volatile state into it
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$volatilestatefile"
if [ $? -ne 0 ]; then
echo "Error: Could not load encrypted volatile state into TPM."
echo "swtpm logfile: "
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Now init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
exit 1
@@ -171,7 +171,7 @@
# Shut the TPM down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -181,9 +181,9 @@
# Start the vTPM again and load the encrypted volatile state into it
# This time we make this fail since we don't provide the migration key
-rm -f ${logfile}
-run_swtpm ${SWTPM_INTERFACE} \
- --log file=${logfile} \
+rm -f "${logfile}"
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --log "file=${logfile}" \
--tpm2
display_processes_by_name "$SWTPM"
@@ -196,15 +196,15 @@
# Do NOT init the TPM now; first load volatile state
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
# load the encrypted volatile state into it
# This will not work; the TPM writes the data into the volatile state file
# and validates it
-ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile 2>&1)"
+ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$volatilestatefile" 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: Could load encrypted volatile state into TPM."
- cat $logfile
+ cat "$logfile"
exit 1
fi
exp="TPM result from PTM_SET_STATEBLOB: 0xd"
@@ -215,45 +215,45 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-rm -f ${TPM_PATH}/tpm2-00.volatilestate
+rm -f "${TPM_PATH}/tpm2-00.volatilestate"
echo "Test 3: Ok"
# In this test we now feed it an encrypted volatile state
# Start the vTPM again and load the encrypted volatile state into it
-rm -f ${logfile}
-run_swtpm ${SWTPM_INTERFACE} \
- --log file=${logfile} \
+rm -f "${logfile}"
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --log "file=${logfile}" \
--tpm2 \
- --migration-key pwdfile=$migpwdfile,remove=true,kdf=sha512
+ --migration-key "pwdfile=$migpwdfile,remove=true,kdf=sha512"
display_processes_by_name "$SWTPM"
kill_quiet -0 $SWTPM_PID
if [ $? -ne 0 ]; then
echo "Error: TPM did not start."
- cat $logfile
+ cat "$logfile"
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
# load the encrypted volatile state into it
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $VOLATILESTATE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$VOLATILESTATE"
if [ $? -ne 0 ]; then
echo "Error: Could not load encrypted volatile state into TPM."
exit 1
fi
# Now init the TPM; this must work
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -271,7 +271,7 @@
# Shut the TPM down
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
diff --git a/tests/_test_tpm2_print_capabilities b/tests/_test_tpm2_print_capabilities
index 63144eb..a7ead67 100755
--- a/tests/_test_tpm2_print_capabilities
+++ b/tests/_test_tpm2_print_capabilities
@@ -8,10 +8,10 @@
PATH=$ROOT/src/swtpm:$PATH
-[ "${SWTPM_IFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_IFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-msg="$(${SWTPM_EXE} ${SWTPM_IFACE} --tpm2 --print-capabilities 2>&1)"
+msg="$(${SWTPM_EXE} "${SWTPM_IFACE}" --tpm2 --print-capabilities 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-capabilities"
echo "${msg}"
@@ -55,7 +55,7 @@
echo "Test 2: OK"
# SWTPM_CERT may be run by valgrind
-if [ -x "$(type -P $(echo "${SWTPM_CERT}" | cut -d" " -f1) )" ]; then
+if [ -x "$(type -P "$(echo "${SWTPM_CERT}" | cut -d" " -f1)" )" ]; then
msg="$(${SWTPM_CERT} --tpm2 --print-capabilities 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-capabilities to ${SWTPM_CERT}"
diff --git a/tests/_test_tpm2_print_states b/tests/_test_tpm2_print_states
index f8195cc..2e64f7e 100755
--- a/tests/_test_tpm2_print_states
+++ b/tests/_test_tpm2_print_states
@@ -8,8 +8,8 @@
PATH=$ROOT/src/swtpm:$PATH
-[ "${SWTPM_IFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_IFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
trap "cleanup" SIGTERM EXIT
@@ -21,7 +21,7 @@
# Test 1: No states
workdir="$(mktemp -d)" || exit 1
-msg="$(${SWTPM_EXE} ${SWTPM_IFACE} --print-states --tpm2 --tpmstate dir=${workdir} 2>&1)"
+msg="$(${SWTPM_EXE} "${SWTPM_IFACE}" --print-states --tpm2 --tpmstate "dir=${workdir}" 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-states"
@@ -46,9 +46,9 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/tpm2-00.permall"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
-msg="$(${SWTPM_EXE} ${SWTPM_IFACE} --print-states --tpm2 --tpmstate dir=${workdir} 2>&1)"
+msg="$(${SWTPM_EXE} "${SWTPM_IFACE}" --print-states --tpm2 --tpmstate "dir=${workdir}" 2>&1)"
if [ $? -ne 0 ]; then
echo "Error: Could not pass --print-states"
diff --git a/tests/_test_tpm2_probe b/tests/_test_tpm2_probe
index 6e4a0e3..c7c0306 100755
--- a/tests/_test_tpm2_probe
+++ b/tests/_test_tpm2_probe
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-probe"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,30 +19,30 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
if [ "${SWTPM_INTERFACE}" != "cuse" ]; then
- run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
if [ $? -ne 0 ]; then
echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM"
exit 1
@@ -51,7 +51,7 @@
# Before TPM_INIT: Read PCR 17 -- this gives a fatal error
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 0a 00 00 01 01'
if [ "$RES" != "$exp" ]; then
echo "Error: Before TPM_INIT: Did not get expected result from TPM_PCRRead(17)"
@@ -61,14 +61,14 @@
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Read PCR 17 -- this should give TPM_INVALID_POSTINIT
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 0a 00 00 01 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_PCRRead(17)"
@@ -82,7 +82,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
diff --git a/tests/_test_tpm2_resume_volatile b/tests/_test_tpm2_resume_volatile
index 348053e..b47f16d 100755
--- a/tests/_test_tpm2_resume_volatile
+++ b/tests/_test_tpm2_resume_volatile
@@ -23,46 +23,47 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $tpmstatedir
+ rm -rf "$tpmstatedir"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-export TPM_PATH=$tpmstatedir
+TPM_PATH=$tpmstatedir
+VOLATILE_STATE_FILE="$TPM_PATH/tpm2-00.volatilestate"
# copy all the state files
-cp ${TESTDIR}/data/tpm2state1/* ${TPM_PATH}
+cp "${TESTDIR}"/data/tpm2state1/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the CUSE TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM not running anymore after INIT."
exit 1
fi
# Read PCR 10 (from pcrextend -ha 10 -ic test)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 16 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 f6 85 98 e5 86 8d e6 8b 97 29 99 60 f2 71 7d 17 67 89 a4 2f 9a ae a8 c7 b7 aa 79 a8 62 56 c1 de'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -72,52 +73,52 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the CUSE TPM write the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
echo "Test 1: Ok"
# 2nd test: with encrypted state
# copy all the state files
-cp ${TESTDIR}/data/tpm2state2/* ${TPM_PATH}
+cp "${TESTDIR}"/data/tpm2state2/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE} \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--tpm2 \
- --key pwdfile=${TESTDIR}/data/tpm2state2/pwdfile.txt,kdf=sha512
+ --key "pwdfile=${TESTDIR}/data/tpm2state2/pwdfile.txt,kdf=sha512"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM initialization failed."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM not running anymore after INIT."
exit 1
fi
# Read PCR 10 (from pcrextend -ha 10 -ic test)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 16 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 f6 85 98 e5 86 8d e6 8b 97 29 99 60 f2 71 7d 17 67 89 a4 2f 9a ae a8 c7 b7 aa 79 a8 62 56 c1 de'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -127,18 +128,18 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the CUSE TPM write the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the CUSE TPM."
exit 1
@@ -148,35 +149,35 @@
# 3rd test: with encrypted state using aes-256-cbc
# copy all the state files
-cp ${TESTDIR}/data/tpm2state2b/* ${TPM_PATH}
+cp "${TESTDIR}"/data/tpm2state2b/* "${TPM_PATH}"
-run_swtpm ${SWTPM_INTERFACE} \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--tpm2 \
- --key pwdfile=${TESTDIR}/data/tpm2state2b/pwdfile.txt,mode=aes-256-cbc
+ --key "pwdfile=${TESTDIR}/data/tpm2state2b/pwdfile.txt,mode=aes-256-cbc"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM initialization failed."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: CUSE TPM not running anymore after INIT."
exit 1
fi
# Read PCR 10 (from pcrextend -ha 10 -ic test)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 16 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 f6 85 98 e5 86 8d e6 8b 97 29 99 60 f2 71 7d 17 67 89 a4 2f 9a ae a8 c7 b7 aa 79 a8 62 56 c1 de'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -186,18 +187,18 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the CUSE TPM write the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the CUSE TPM."
exit 1
diff --git a/tests/_test_tpm2_save_load_encrypted_state b/tests/_test_tpm2_save_load_encrypted_state
index cefdc2f..e0fe2aa 100755
--- a/tests/_test_tpm2_save_load_encrypted_state
+++ b/tests/_test_tpm2_save_load_encrypted_state
@@ -8,7 +8,7 @@
VTPM_NAME="${VTPM_NAME:-vtpm-test-tpm2-save-load-encrypted-state}"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
KEY=1234567890abcdef1234567890abcdef
@@ -20,59 +20,59 @@
keyfile="$(mktemp)" || exit 1
logfile="$(mktemp)" || exit 1
-echo "$KEY" > $keyfile
+echo "$KEY" > "$keyfile"
function cleanup()
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -f $keyfile $logfile
- rm -rf $TPM_PATH
+ rm -f "$keyfile" "$logfile"
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} \
- --key file=$keyfile,mode=aes-cbc,format=hex \
- --log file=$logfile \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "file=$keyfile,mode=aes-cbc,format=hex" \
+ --log "file=$logfile" \
--tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Startup the TPM (SU_CLEAR)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
@@ -81,16 +81,16 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Could not hash the data."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM2_PCRRead(17)"
@@ -99,32 +99,32 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
+if [ ! -r "$MY_PERMANENT_STATE_FILE" ]; then
echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write volatile state file $MY_PERMANENT_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
+if [ ! -r "$MY_VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved volatile state."
@@ -133,34 +133,34 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# we will use our own volatile state
-rm -f $VOLATILE_STATE_FILE $STATE_FILE
+rm -f "$VOLATILE_STATE_FILE" "$STATE_FILE"
# Stop the TPM; this will not shut it down
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error (2): ${SWTPM_INTERFACE} TPM is not running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# load state into the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load permanent state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load volatile state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded volatile state."
@@ -169,24 +169,24 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "TPM Init failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM2_PCRRead(17)"
@@ -196,39 +196,39 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM write the volatile state to a file."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -237,18 +237,18 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -264,27 +264,27 @@
echo "sha1(volatile) : $sha1_volatile"
echo "sha1(permanent): $sha1_permanent"
-run_swtpm ${SWTPM_INTERFACE} \
- --key pwdfile=$keyfile \
- --log file=$logfile \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "pwdfile=$keyfile" \
+ --log "file=$logfile" \
--tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -i 2>&1)"
+ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -i 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization should have failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
exp="TPM result from PTM_INIT: 0x101"
@@ -295,11 +295,11 @@
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -313,18 +313,18 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -343,36 +343,36 @@
echo "sha1(permanent): $sha1_permanent"
# we need a 256bit key
-echo "${KEY}${KEY}" > $keyfile
+echo "${KEY}${KEY}" > "$keyfile"
-run_swtpm ${SWTPM_INTERFACE} \
- --key pwdfile=$keyfile,mode=aes-256-cbc \
- --log file=$logfile \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --key "pwdfile=$keyfile,mode=aes-256-cbc" \
+ --log "file=$logfile" \
--tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -eq 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM initialization should have failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if ! wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after failed INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -389,25 +389,25 @@
echo "Test 3: Ok"
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
diff --git a/tests/_test_tpm2_save_load_state b/tests/_test_tpm2_save_load_state
index 0eb5d63..434435d 100755
--- a/tests/_test_tpm2_save_load_state
+++ b/tests/_test_tpm2_save_load_state
@@ -8,7 +8,7 @@
VTPM_NAME="${VTPM_NAME:-vtpm-tpm2-test-save-load-state}"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
MY_VOLATILE_STATE_FILE=$TPM_PATH/my.volatilestate
@@ -23,52 +23,52 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -f $logfile
- rm -rf $TPM_PATH
+ rm -f "$logfile"
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} \
- --log file=$logfile,level=20 \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --log "file=$logfile,level=20" \
--tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(ST_Clear)"
@@ -77,17 +77,17 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read PCR 17
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -96,32 +96,32 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
+if [ ! -r "$MY_PERMANENT_STATE_FILE" ]; then
echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write volatile state file $MY_VOLATILE_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
+if [ ! -r "$MY_VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved volatile state."
@@ -130,40 +130,40 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# we will use our own volatile state
-rm -f $VOLATILE_STATE_FILE $STATE_FILE
+rm -f "$VOLATILE_STATE_FILE" "$STATE_FILE"
# Stop the TPM; this will not shut it down
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
if [ $? -ne 0 ]; then
echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error (2): ${SWTPM_INTERFACE} TPM is not running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# load state into the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load permanent state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load volatile state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded volatile state."
@@ -172,24 +172,24 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "TPM Init failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -199,40 +199,40 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (3) Did not get expected result from TPM_PCRRead(17)"
@@ -242,25 +242,25 @@
fi
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
diff --git a/tests/_test_tpm2_save_load_state_da_timeout b/tests/_test_tpm2_save_load_state_da_timeout
index 074f68d..5e3cbe4 100755
--- a/tests/_test_tpm2_save_load_state_da_timeout
+++ b/tests/_test_tpm2_save_load_state_da_timeout
@@ -9,7 +9,7 @@
VTPM_NAME="${VTPM_NAME:-vtpm-tpm2-test-save-load-state-da-timeout}"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
MY_VOLATILE_STATE_FILE=$TPM_PATH/my.volatilestate
@@ -24,52 +24,52 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -f $logfile
- rm -rf $TPM_PATH
+ rm -f "$logfile"
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} \
- --log file=$logfile,level=20 \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
+ --log "file=$logfile,level=20" \
--tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(ST_Clear)"
@@ -79,7 +79,7 @@
fi
# Create an NVRAM location: nvdefinespace -hi o -ha 01000000 -pwdn nnn -sz 16 -at da
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x02\x00\x00\x00\x30\x00\x00\x01\x2a\x40\x00\x00\x01\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00\x00\x03\x6e\x6e\x6e\x00\x0e\x01\x00\x00\x00\x00\x0b\x00\x04\x00\x04\x00\x00\x00\x10')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x02\x00\x00\x00\x30\x00\x00\x01\x2a\x40\x00\x00\x01\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00\x00\x03\x6e\x6e\x6e\x00\x0e\x01\x00\x00\x00\x00\x0b\x00\x04\x00\x04\x00\x00\x00\x10')
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_DefineSpace()"
@@ -97,9 +97,9 @@
# Write some data into the NVRAM area: nvwrite -ha 01000000 -ic test -pwdn nnn
# Due to -at da being used on TPM2_NV_DefineSpace, the first time the command will request a retry
for ((i = 0; i < 2; i++)); do
- RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${NVWRITE_GOOD})
+ RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${NVWRITE_GOOD})
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
- if [ $i -eq 1 ] && [ "$RES" != "$exp" ]; then
+ if [ "$i" -eq 1 ] && [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_Write()"
echo "expected: $exp"
echo "received: $RES"
@@ -108,7 +108,7 @@
done
# Set the dictionary attack parameters: dictionaryattackparameters -lr 6 -nrt 6
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x02\x00\x00\x00\x27\x00\x00\x01\x3a\x40\x00\x00\x0a\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x06\x00\x00\x00\x06')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x02\x00\x00\x00\x27\x00\x00\x01\x3a\x40\x00\x00\x0a\x00\x00\x00\x09\x40\x00\x00\x09\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x06\x00\x00\x00\x06')
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result fron TPM2_DictionaryAttackParameters()"
@@ -120,7 +120,7 @@
timenow=$(date +%s)
timeout=$((timenow + 6))
# Send TPM2_NV_Write with wrong password
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${NVWRITE_BAD})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${NVWRITE_BAD})
exp=' 80 01 00 00 00 0a 00 00 09 8e'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_Write() with bad password"
@@ -135,36 +135,36 @@
while :; do
timenow=$(date +%s)
echo "Writing with good password failed due to lockout until $timeout - now is $timenow."
- RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${NVWRITE_GOOD})
+ RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${NVWRITE_GOOD})
exp=' 80 01 00 00 00 0a 00 00 09 21'
# busy systems may run the above at >= $timeout and get an unexpected result; check time again
timenow=$(date +%s)
- if [ "$RES" != "$exp" ] && [ $timenow -lt $timeout ]; then
+ if [ "$RES" != "$exp" ] && [ "$timenow" -lt "$timeout" ]; then
echo "Error: Did not get expected failure from TPM2_NV_Write() with good password. Lockout should be enabled."
echo "expected: $exp"
echo "received: $RES"
exit 1
fi
- [ $timenow -ge $timeout ] && break
+ [ "$timenow" -ge "$timeout" ] && break
sleep 1
done
while :; do
sleep 1
timenow=$(date +%s)
- [ $timenow -gt $timerecovery ] && break
+ [ "$timenow" -gt "$timerecovery" ] && break
done
timenow_after=$(date +%s)
echo "Time is now ${timenow_after} -- trying with good password should work now."
# Now writing with the good password must work again
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${NVWRITE_GOOD})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${NVWRITE_GOOD})
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_Write() with good password"
echo "expected: $exp"
echo "received: $RES"
# OS X special check
- if [ $timenow_after -lt $timenow ]; then
+ if [ "$timenow_after" -lt "$timenow" ]; then
echo "Time went backwards..."
exit 77
fi
@@ -174,7 +174,7 @@
timenow=$(date +%s)
timeout=$((timenow + 6))
# Again cause lockout: Send TPM2_NV_Write with wrong password
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${NVWRITE_BAD})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${NVWRITE_BAD})
exp=' 80 01 00 00 00 0a 00 00 09 8e'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_Write() with bad password"
@@ -186,71 +186,71 @@
timerecovery=$((timenow + 6))
# Save the state and restore it and then try to poll again
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write permanent state file $MY_PERMANENT_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_PERMANENT_STATE_FILE ]; then
+if [ ! -r "$MY_PERMANENT_STATE_FILE" ]; then
echo "Error: Permanent state file $MY_PERMANENT_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --save volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Error: Could not write volatile state file $MY_VOLATILE_STATE_FILE."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -r $MY_VOLATILE_STATE_FILE ]; then
+if [ ! -r "$MY_VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $MY_VOLATILE_STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Saved volatile state."
# we will use our own volatile state
-rm -f $VOLATILE_STATE_FILE $STATE_FILE
+rm -f "$VOLATILE_STATE_FILE" "$STATE_FILE"
# Stop the TPM; this will not shut it down
-run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
if [ $? -ne 0 ]; then
echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error (2): ${SWTPM_INTERFACE} TPM is not running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# load state into the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load permanent $MY_PERMANENT_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load permanent "$MY_PERMANENT_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load permanent state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded permanent state."
-run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $MY_VOLATILE_STATE_FILE
+run_swtpm_ioctl "${SWTPM_INTERFACE}" --load volatile "$MY_VOLATILE_STATE_FILE"
if [ $? -ne 0 ]; then
echo "Could not load volatile state into vTPM"
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
echo "Loaded volatile state."
@@ -259,19 +259,19 @@
#sha1sum $(dirname $MY_VOLATILE_STATE_FILE)/*
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "TPM Init failed."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
@@ -280,36 +280,36 @@
while :; do
timenow=$(date +%s)
echo "Writing with good password failed due to lockout until $timeout - now is $timenow."
- RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${NVWRITE_GOOD})
+ RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${NVWRITE_GOOD})
exp=' 80 01 00 00 00 0a 00 00 09 21'
# busy systems may run the above at >= $timeout and get an unexpected result; check time again
timenow=$(date +%s)
- if [ "$RES" != "$exp" ] && [ $timenow -lt $timeout ]; then
+ if [ "$RES" != "$exp" ] && [ "$timenow" -lt "$timeout" ]; then
echo "Error: Did not get expected failure from TPM2_NV_Write() with good password. Lockout should be enabled."
echo "expected: $exp"
echo "received: $RES"
exit 1
fi
- [ $timenow -ge $timeout ] && break
+ [ "$timenow" -ge "$timeout" ] && break
sleep 1
done
while :; do
sleep 1
timenow=$(date +%s)
- [ $timenow -gt $timerecovery ] && break
+ [ "$timenow" -gt "$timerecovery" ] && break
done
timenow_after=$(date +%s)
echo "Time is now $timenow_after -- trying with good password should work now."
# Now writing with the good password must work again
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} ${NVWRITE_GOOD})
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" ${NVWRITE_GOOD})
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_NV_Write() with good password"
echo "expected: $exp"
echo "received: $RES"
# OS X special check
- if [ $timenow_after -lt $timenow ]; then
+ if [ "$timenow_after" -lt "$timenow" ]; then
echo "Time went backwards..."
exit 77
fi
@@ -317,25 +317,25 @@
fi
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
if wait_process_gone ${SWTPM_PID} 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
echo "TPM Logfile:"
- cat $logfile
+ cat "$logfile"
exit 1
fi
diff --git a/tests/_test_tpm2_save_load_state_locking b/tests/_test_tpm2_save_load_state_locking
index d91ce02..b71b8b6 100755
--- a/tests/_test_tpm2_save_load_state_locking
+++ b/tests/_test_tpm2_save_load_state_locking
@@ -8,7 +8,7 @@
VTPM_NAME="${VTPM_NAME:-vtpm-tpm2-test-save-load-state-locking}"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE="$TPM_PATH/tpm2-00.permall"
VOLATILE_STATE_FILE="$TPM_PATH/tpm2-00.volatilestate"
MY_VOLATILE_STATE_FILE="$TPM_PATH/my.volatilestate"
@@ -31,7 +31,7 @@
[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
source "${TESTDIR}/common"
-run_swtpm "${SWTPM_INTERFACE}" \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--migration release-lock-outgoing \
--tpm2
@@ -155,7 +155,7 @@
# Restart swtpm
rm -f "$VOLATILE_STATE_FILE" "$STATE_FILE"
-run_swtpm "${SWTPM_INTERFACE}" \
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" \
--migration incoming,release-lock-outgoing \
--tpm2
diff --git a/tests/_test_tpm2_savestate b/tests/_test_tpm2_savestate
index f54868d..5fa066d 100755
--- a/tests/_test_tpm2_savestate
+++ b/tests/_test_tpm2_savestate
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-savestate"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,43 +19,43 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Startup the TPM2
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
@@ -70,7 +70,7 @@
req+='\x0b\x68\x65\x6c\x6c\x6f\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
req+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
req+='\x00'
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $req)
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" $req)
exp=' 80 02 00 00 00 13 00 00 00 00 00 00 00 00 00 00 01 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_PCR_Extend(10)"
@@ -81,7 +81,7 @@
# Read PCR 10
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 15 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 c3 ba a5 62 69 08 26 72 c3 db 3d 11 0a 10 74 a1 a7 a6 ea 43 e8 82 16 1a af 4b ea a6 83 17 e4 b8'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM2_PCRRead(10)"
@@ -91,7 +91,7 @@
fi
# Shutdown(SU_STATE)
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x45\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x45\x00\x01')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM2_Shutdown(SU_STATE)"
@@ -101,14 +101,14 @@
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Startup(SU_STATE) the TPM2
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x01')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_State)"
@@ -119,7 +119,7 @@
# Read PCR 10
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x04\x00')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 19 00 00 00 01 00 0b 03 00 04 00 00 00 00 01 00 20 c3 ba a5 62 69 08 26 72 c3 db 3d 11 0a 10 74 a1 a7 a6 ea 43 e8 82 16 1a af 4b ea a6 83 17 e4 b8'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM2_PCR_Read(10)"
@@ -128,7 +128,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -139,7 +139,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_setbuffersize b/tests/_test_tpm2_setbuffersize
index 3153e74..85a2aef 100755
--- a/tests/_test_tpm2_setbuffersize
+++ b/tests/_test_tpm2_setbuffersize
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-setbuffersize"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
OUTFILE=$TPM_PATH/output
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
@@ -20,67 +20,67 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Check the buffer size
-run_swtpm_ioctl ${SWTPM_INTERFACE} -b 0 > ${OUTFILE}
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -b 0 > "${OUTFILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not get the buffersize of the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-cat ${OUTFILE}
+cat "${OUTFILE}"
-if [ -z "$(grep "TPM buffersize" ${OUTFILE} | grep 4096)" ]; then
+if [ -z "$(grep "TPM buffersize" "${OUTFILE}" | grep 4096)" ]; then
echo "Error: The TPM buffersize of the ${SWTPM_INTERFACE} TPM is not 4096."
exit 1
fi
# set the buffer size -- it's not going to change but command must not fail
-run_swtpm_ioctl ${SWTPM_INTERFACE} -b 4000 > ${OUTFILE}
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -b 4000 > "${OUTFILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not set the buffersize of the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-cat ${OUTFILE}
+cat "${OUTFILE}"
-if [ -z "$(grep "TPM buffersize" ${OUTFILE} | grep 4000)" ]; then
+if [ -z "$(grep "TPM buffersize" "${OUTFILE}" | grep 4000)" ]; then
echo "Error: Could not set the buffersize of the ${SWTPM_INTERFACE} TPM to 4000."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Set the buffer size -- should fail
-ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -b 4096 2>&1)"
+ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -b 4096 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: Could set the buffersize while the ${SWTPM_INTERFACE} TPM is running."
exit 1
@@ -94,7 +94,7 @@
fi
# Startup the TPM2
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
@@ -104,7 +104,7 @@
fi
# Read the Buffer sizes; we want to see '4000' (0xfa0) in the buffer sizes now
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x16\x00\x00\x01\x7a\x00\x00\x00\x06\x00\x00\x01\x1e\x00\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x16\x00\x00\x01\x7a\x00\x00\x00\x06\x00\x00\x01\x1e\x00\x00\x00\x02')
exp=' 80 01 00 00 00 23 00 00 00 00 01 00 00 00 06 00 00 00 02 00 00 01 1e 00 00 0f a0 00 00 01 1f 00 00 0f a0'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM2_GetCapability()"
@@ -113,18 +113,18 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_swtpm_bios b/tests/_test_tpm2_swtpm_bios
index dbe9318..913e7b3 100755
--- a/tests/_test_tpm2_swtpm_bios
+++ b/tests/_test_tpm2_swtpm_bios
@@ -20,74 +20,74 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2 --tpmstate dir=$TPM_PATH --pid file=$PID_FILE
+run_swtpm "${SWTPM_INTERFACE}" --tpm2 --tpmstate "dir=$TPM_PATH" --pid "file=$PID_FILE"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
-if wait_for_file ${PID_FILE} 4; then
+if wait_for_file "${PID_FILE}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
exit 1
fi
-PIDF="$(cat $PID_FILE)"
+PIDF="$(cat "$PID_FILE")"
if [ "$PIDF" != "${SWTPM_PID}" ]; then
echo "Error: ${SWTPM_INTERFACE} TPM wrote pid $PIDF, but found ${SWTPM_PID}."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if ! wait_process_gone ${SWTPM_PID} 4; then
+if ! wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} --tpm2 -o 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" --tpm2 -o 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} --tpm2 -n --cs 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" --tpm2 -n --cs 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not self-test the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} --tpm2 -n -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" --tpm2 -n -u 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not give up physical presence on the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# will NOT work -- we get error output in $res
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} --tpm2 -n -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" --tpm2 -n -u 2>&1)
ret=$?
if [ $ret -eq 0 ] || [ -z "$res" ]; then
echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM."
@@ -116,21 +116,21 @@
# RESET TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# must work
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} --tpm2 --cs -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" --tpm2 --cs -u 2>&1)
if [ $? -ne 0 ] || [ -n "$res" ]; then
echo "Error: Could not startup the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# will NOT work -- we get error output in $res
-res=$(run_swtpm_bios ${SWTPM_INTERFACE} --tpm2 -n -u 2>&1)
+res=$(run_swtpm_bios "${SWTPM_INTERFACE}" --tpm2 -n -u 2>&1)
ret=$?
if [ $ret -eq 0 ] || [ -z "$res" ]; then
echo "Error: Could give up physical presence on the ${SWTPM_INTERFACE} TPM."
@@ -142,18 +142,18 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_volatilestate b/tests/_test_tpm2_volatilestate
index e7cc0b7..47ac582 100755
--- a/tests/_test_tpm2_volatilestate
+++ b/tests/_test_tpm2_volatilestate
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-volatilestate"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_CMD_UNIX_PATH=$TPM_PATH/unix-cmd.sock
@@ -19,43 +19,43 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(SU_Clear)"
@@ -64,7 +64,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
exit 1
@@ -72,7 +72,7 @@
# Read PCR 17
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -82,7 +82,7 @@
fi
# Check the TPM Established bit after the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
exp='tpmEstablished is 1'
if [ "$RES" != "$exp" ]; then
echo "Error (2): TPM Established flag has wrong value."
@@ -92,50 +92,50 @@
fi
# Save the volatile state
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Start the TPM again
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
exit 1
fi
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -145,7 +145,7 @@
fi
# Check that the TPM Established bit is still set
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
exp='tpmEstablished is 1'
if [ "$RES" != "$exp" ]; then
echo "Error (2): TPM Established flag has wrong value."
@@ -155,32 +155,32 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
exit 1
fi
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 18 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [ "$RES" != "$exp" ]; then
echo "Error: (3) Did not get expected result from TPM_PCRRead(17)"
@@ -190,7 +190,7 @@
fi
# Check that the TPM Established bit is still set
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -204,7 +204,7 @@
fi
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -215,7 +215,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm2_wrongorder b/tests/_test_tpm2_wrongorder
index 6e171a5..a003606 100755
--- a/tests/_test_tpm2_wrongorder
+++ b/tests/_test_tpm2_wrongorder
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm2-wrongorder"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,23 +19,23 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
@@ -44,15 +44,15 @@
# Get the established bit before the TPM has been initialized
# This should not work
-if [ ${SWTPM_INTERFACE} != "cuse" ]; then
- run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+if [ "${SWTPM_INTERFACE}" != "cuse" ]; then
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
if [ $? -ne 0 ]; then
echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM."
exit 1
fi
fi
-ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e 2>&1)"
+ERR="$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e 2>&1)"
if [ $? -eq 0 ]; then
echo "Error: Could get established bit from ${SWTPM_INTERFACE} TPM before init."
exit 1
@@ -65,7 +65,7 @@
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM must have crashed."
exit 1
@@ -73,7 +73,7 @@
# Read PCR 17
# length CC count hashalg sz
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
exp=' 80 01 00 00 00 0a 00 00 01 01'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_PCRRead(17)"
@@ -82,26 +82,26 @@
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM must have crashed."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -112,7 +112,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_tpm_probe b/tests/_test_tpm_probe
index 0081611..17a88f6 100755
--- a/tests/_test_tpm_probe
+++ b/tests/_test_tpm_probe
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-tpm-probe"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
@@ -19,19 +19,19 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == "cuse" ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
@@ -42,7 +42,7 @@
fi
# Before TPM_INIT: Read PCR 17 -- this gives a TPM_FAIL
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 0a 00 00 00 09'
if [ "$RES" != "$exp" ]; then
echo "Error: Before TPM_INIT: Did not get expected result from TPM_PCRRead(17)"
@@ -52,10 +52,10 @@
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
# Read PCR 17 -- this should give TPM_INVALID_POSTINIT
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 0a 00 00 00 26'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_PCRRead(17)"
@@ -69,7 +69,7 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
diff --git a/tests/_test_volatilestate b/tests/_test_volatilestate
index a45ddf8..c796155 100755
--- a/tests/_test_volatilestate
+++ b/tests/_test_volatilestate
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-volatilestate"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
@@ -19,43 +19,43 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
# Startup the TPM
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -64,14 +64,14 @@
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -h 1234
if [ $? -ne 0 ]; then
echo "Error: Hash command did not work."
exit 1
fi
# Read PCR 17
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -81,7 +81,7 @@
fi
# Check the TPM Established bit after the hashing
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
exp='tpmEstablished is 1'
if [ "$RES" != "$exp" ]; then
echo "Error (2): TPM Established flag has wrong value."
@@ -91,50 +91,50 @@
fi
# Save the volatile state
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Shut the TPM down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Start the TPM again
-run_swtpm ${SWTPM_INTERFACE}
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -144,7 +144,7 @@
fi
# Check that the TPM Established bit is still set
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
exp='tpmEstablished is 1'
if [ "$RES" != "$exp" ]; then
echo "Error (2): TPM Established flag has wrong value."
@@ -154,32 +154,32 @@
fi
# Save the volatile state again
-run_swtpm_ioctl ${SWTPM_INTERFACE} -v
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -v
if [ $? -ne 0 ]; then
echo "Error: Could not have the ${SWTPM_INTERFACE} TPM store the volatile state to a file."
exit 1
fi
-if [ ! -r $VOLATILE_STATE_FILE ]; then
+if [ ! -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE does not exist."
exit 1
fi
# Send a new TPM_Init
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
# Volatile state must have been removed by TPM now
-if [ -r $VOLATILE_STATE_FILE ]; then
+if [ -r "$VOLATILE_STATE_FILE" ]; then
echo "Error: Volatile state file $VOLATILE_STATE_FILE still exists."
exit 1
fi
# Read the PCR again ...
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 1e 00 00 00 00 97 e9 76 e4 f2 2c d6 d2 4a fd 21 20 85 ad 7a 86 64 7f 2a e5'
if [ "$RES" != "$exp" ]; then
echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
@@ -189,7 +189,7 @@
fi
# Check that the TPM Established bit is still set
-RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
+RES=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" -e)
if [ $? -ne 0 ]; then
echo "Error: Could not get the TPM Established flag from the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -203,7 +203,7 @@
fi
# Final shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -214,7 +214,7 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/_test_wrongorder b/tests/_test_wrongorder
index 34b4aa8..2444e74 100755
--- a/tests/_test_wrongorder
+++ b/tests/_test_wrongorder
@@ -8,7 +8,7 @@
VTPM_NAME="vtpm-test-wrongorder"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm-00.permall
LOG_FILE=$TPM_PATH/tpm-00.log
VOLATILE_STATE_FILE=$TPM_PATH/tpm-00.volatilestate
@@ -20,31 +20,31 @@
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
-source ${TESTDIR}/common
-source ${TESTDIR}/test_common
+[ "${SWTPM_INTERFACE}" == cuse ] && source "${TESTDIR}/test_cuse"
+source "${TESTDIR}/common"
+source "${TESTDIR}/test_common"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
-run_swtpm ${SWTPM_INTERFACE} --log file=$LOG_FILE,level=20
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --log "file=$LOG_FILE,level=20"
display_processes_by_name "$SWTPM"
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
if [ "${SWTPM_INTERFACE}" != "cuse" ]; then
- run_swtpm_ioctl ${SWTPM_INTERFACE} --stop
+ run_swtpm_ioctl "${SWTPM_INTERFACE}" --stop
if [ $? -ne 0 ]; then
echo "Error: Could not stop the ${SWTPM_INTERFACE} TPM"
exit 1
@@ -54,20 +54,20 @@
# Get the established bit before the TPM has been initialized
# This should not work
-run_swtpm_ioctl ${SWTPM_INTERFACE} -e
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -e
if [ $? -eq 0 ]; then
echo "Error: Could get established bit from ${SWTPM_INTERFACE} TPM before init."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM must have crashed."
exit 1
fi
# Read PCR 17 -- this should give a fatal error response
-RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
+RES=$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')
exp=' 00 c4 00 00 00 0a 00 00 00 09'
if [ "$RES" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_PCRRead(17)"
@@ -76,26 +76,26 @@
exit 1
fi
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM must have crashed."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
fi
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
@@ -106,13 +106,13 @@
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
-check_logfile_patterns_level_20 $LOG_FILE
-rm -f $LOG_FILE
+check_logfile_patterns_level_20 "$LOG_FILE"
+rm -f "$LOG_FILE"
echo "OK"
diff --git a/tests/common b/tests/common
index e3caebc..7b93eed 100644
--- a/tests/common
+++ b/tests/common
@@ -13,6 +13,7 @@
*)
CERTTOOL=certtool;;
esac
+export CERTTOOL
# Note: Do not use file descriptors above 127 due to OpenBSD.
@@ -40,7 +41,7 @@
local loops=$((timeout * 10)) loop
for ((loop=0; loop<loops; loop++)); do
- [ -f "${filename}" ] && [ $(get_filesize ${filename}) != 0 ] && {
+ [ -f "${filename}" ] && [ "$(get_filesize "${filename}")" != 0 ] && {
return 1
}
sleep 0.1
@@ -78,7 +79,7 @@
local loops=$((timeout * 10)) loop
for ((loop=0; loop<loops; loop++)); do
- kill_quiet -0 ${pid} || return 1
+ kill_quiet -0 "${pid}" || return 1
sleep 0.1
done
return 0
@@ -170,7 +171,7 @@
local loops=$((timeout * 10)) loop
for ((loop=0; loop<loops; loop++)); do
- (exec 127<>/dev/tcp/${host}/${port}) &>/dev/null
+ (exec 127<>"/dev/tcp/${host}/${port}") &>/dev/null
[ $? -eq 0 ] && return 1
sleep 0.1
done
@@ -191,7 +192,7 @@
local loops=$((timeout * 10)) loop
for ((loop=0; loop<loops; loop++)); do
- (exec 127<>/dev/tcp/${host}/${port}) &>/dev/null
+ (exec 127<>"/dev/tcp/${host}/${port}") &>/dev/null
[ $? -eq 0 ] || return 1
sleep 0.1
done
@@ -209,7 +210,9 @@
local timeout=$3
local loops=$((timeout * 10)) loop
- local NETSTAT=$(type -P netstat)
+ local NETSTAT
+
+ NETSTAT=$(type -P netstat)
for ((loop = 0; loop < loops; loop++)); do
if [ -n "$NETSTAT" ]; then
@@ -241,8 +244,9 @@
local pid=$2
local timeout=$3
- local loops=$((timeout * 10)) loop
- local NETSTAT=$(type -P netstat)
+ local loops=$((timeout * 10)) loop NETSTAT
+
+ NETSTAT=$(type -P netstat)
for ((loop = 0; loop < loops; loop++)); do
if [ -n "$NETSTAT" ]; then
@@ -277,7 +281,7 @@
echo "SWTPM_DEV_NAME not defined"
exit 1
}
- ${SWTPM_IOCTL} $@ ${SWTPM_DEV_NAME}
+ ${SWTPM_IOCTL} "$@" "${SWTPM_DEV_NAME}"
return $?
;;
socket+socket|unix+socket)
@@ -290,8 +294,8 @@
exit 1
}
${SWTPM_IOCTL} \
- --tcp ${SWTPM_SERVER_NAME}:${SWTPM_CTRL_PORT} \
- $@
+ --tcp "${SWTPM_SERVER_NAME}:${SWTPM_CTRL_PORT}" \
+ "$@"
return $?
;;
socket+unix|unix+unix)
@@ -300,8 +304,8 @@
exit 1
}
${SWTPM_IOCTL} \
- --unix ${SWTPM_CTRL_UNIX_PATH} \
- $@
+ --unix "${SWTPM_CTRL_UNIX_PATH}" \
+ "$@"
return $?
;;
esac
@@ -328,19 +332,20 @@
exit 1
}
- if wait_chardev_gone ${SWTPM_DEV_NAME} 2; then
+ if wait_chardev_gone "${SWTPM_DEV_NAME}" 2; then
echo "${SWTPM_DEV_NAME} is still there and may be used."
exit 1
fi
- ${SWTPM_EXE} cuse "$@" ${SWTPM_TEST_SECCOMP_OPT} \
- -n ${SWTPM_DEV_NAME##*/}
+ ${SWTPM_EXE} cuse "$@" \
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} \
+ -n "${SWTPM_DEV_NAME##*/}"
rc=$?
if [ $rc -ne 0 ]; then
echo "Could not run ${SWTPM_EXE} using ${iface}"
exit 1
fi
- if wait_for_chardev ${SWTPM_DEV_NAME} 2; then
+ if wait_for_chardev "${SWTPM_DEV_NAME}" 2; then
echo "$SWTPM_DEV_NAME did not appear"
exit 1
fi
@@ -372,9 +377,9 @@
fi
${SWTPM_EXE} socket "$@" \
- ${SWTPM_TEST_SECCOMP_OPT} \
- --server type=tcp,port=${SWTPM_SERVER_PORT}${swtpm_server_disconnect} \
- --ctrl type=tcp,port=${SWTPM_CTRL_PORT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} \
+ --server "type=tcp,port=${SWTPM_SERVER_PORT}${swtpm_server_disconnect}" \
+ --ctrl "type=tcp,port=${SWTPM_CTRL_PORT}" &
rc=$?
if [ $rc -ne 0 ]; then
echo "Could not run ${SWTPM_EXE} using ${iface}"
@@ -383,12 +388,12 @@
SWTPM_PID=$!
if wait_for_serversocket "${SWTPM_SERVER_PORT}" 127.0.0.1 2; then
echo "Server did not open port ${SWTPM_SERVER_PORT}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
if wait_for_serversocket "${SWTPM_CTRL_PORT}" 127.0.0.1 1; then
echo "Server did not open port ${SWTPM_CTRL_PORT}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
return 0
@@ -413,9 +418,9 @@
fi
${SWTPM_EXE} socket "$@" \
- ${SWTPM_TEST_SECCOMP_OPT} \
- --server type=tcp,port=${SWTPM_SERVER_PORT}${swtpm_server_disconnect} \
- --ctrl type=unixio,path=${SWTPM_CTRL_UNIX_PATH} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} \
+ --server "type=tcp,port=${SWTPM_SERVER_PORT}${swtpm_server_disconnect}" \
+ --ctrl "type=unixio,path=${SWTPM_CTRL_UNIX_PATH}" &
rc=$?
if [ $rc -ne 0 ]; then
echo "Could not run ${SWTPM_EXE} using ${iface}"
@@ -425,12 +430,12 @@
SWTPM_PID=$!
if wait_for_serversocket "${SWTPM_SERVER_PORT}" 127.0.0.1 2; then
echo "Server did not open port ${SWTPM_SERVER_PORT}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
- if wait_for_socketfile ${SWTPM_CTRL_UNIX_PATH} 1; then
+ if wait_for_socketfile "${SWTPM_CTRL_UNIX_PATH}" 1; then
echo "Server did not create UnixIO socket ${SWTPM_CTRL_UNIX_PATH}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
return 0
@@ -455,23 +460,23 @@
fi
${SWTPM_EXE} socket "$@" \
- ${SWTPM_TEST_SECCOMP_OPT} \
- --server type=unixio,path=${SWTPM_CMD_UNIX_PATH} \
- --ctrl type=tcp,port=${SWTPM_CTRL_PORT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} \
+ --server "type=unixio,path=${SWTPM_CMD_UNIX_PATH}" \
+ --ctrl "type=tcp,port=${SWTPM_CTRL_PORT}" &
rc=$?
if [ $rc -ne 0 ]; then
echo "Could not run ${SWTPM_EXE} using ${iface}"
exit 1
fi
SWTPM_PID=$!
- if wait_for_socketfile ${SWTPM_CMD_UNIX_PATH} 2; then
+ if wait_for_socketfile "${SWTPM_CMD_UNIX_PATH}" 2; then
echo "Server did not create UnixIO socket ${SWTPM_CMD_UNIX_PATH}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
if wait_for_serversocket "${SWTPM_CTRL_PORT}" 127.0.0.1 1; then
echo "Server did not open port ${SWTPM_CTRL_PORT}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
return 0
@@ -496,23 +501,23 @@
fi
${SWTPM_EXE} socket "$@" \
- ${SWTPM_TEST_SECCOMP_OPT} \
- --server type=unixio,path=${SWTPM_CMD_UNIX_PATH} \
- --ctrl type=unixio,path=${SWTPM_CTRL_UNIX_PATH} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} \
+ --server "type=unixio,path=${SWTPM_CMD_UNIX_PATH}" \
+ --ctrl "type=unixio,path=${SWTPM_CTRL_UNIX_PATH}" &
rc=$?
if [ $rc -ne 0 ]; then
echo "Could not run ${SWTPM_EXE} using ${iface}"
exit 1
fi
SWTPM_PID=$!
- if wait_for_socketfile ${SWTPM_CMD_UNIX_PATH} 2; then
+ if wait_for_socketfile "${SWTPM_CMD_UNIX_PATH}" 2; then
echo "Server did not create UnixIO socket ${SWTPM_CMD_UNIX_PATH}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
- if wait_for_socketfile ${SWTPM_CTRL_UNIX_PATH} 1; then
+ if wait_for_socketfile "${SWTPM_CTRL_UNIX_PATH}" 1; then
echo "Server did not create UnixIO socket ${SWTPM_CTRL_UNIX_PATH}"
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
exit 1
fi
return 0
@@ -540,7 +545,7 @@
exit 1
}
exec 100>&-
- exec 100<>${SWTPM_DEV_NAME}
+ exec 100<>"${SWTPM_DEV_NAME}"
return $?
;;
socket+socket|socket+unix)
@@ -554,7 +559,7 @@
}
# Must first close on OS/X
exec 100>&-
- exec 100<>/dev/tcp/${SWTPM_SERVER_NAME}/${SWTPM_SERVER_PORT}
+ exec 100<>"/dev/tcp/${SWTPM_SERVER_NAME}/${SWTPM_SERVER_PORT}"
return $?
;;
unix+socket|unix+unix)
@@ -571,7 +576,7 @@
function swtpm_cmd_tx()
{
local iface=$1
- local cmd_path resp_path
+ local cmd_path
cmd_path=$(mktemp)
@@ -579,8 +584,8 @@
case "${iface}" in
cuse)
- echo -en "$2" > ${cmd_path}
- cat ${cmd_path} >&100
+ echo -en "$2" > "${cmd_path}"
+ cat "${cmd_path}" >&100
cat <&100 | \
od -t x1 -A n | \
tr -s ' ' | \
@@ -588,28 +593,28 @@
sed 's/ $//g'
;;
socket+socket|socket+unix)
- echo -en "$2" > ${cmd_path}
- cat ${cmd_path} >&100
+ echo -en "$2" > "${cmd_path}"
+ cat "${cmd_path}" >&100
cat <&100 | od -t x1 -A n | \
tr -s ' ' | \
tr -d '\n' | \
sed 's/ $//g'
;;
unix+socket|unix+unix)
- echo -en "$2" > ${cmd_path}
+ echo -en "$2" > "${cmd_path}"
socat -x -t50 \
- FILE:${cmd_path},rdonly \
- UNIX-CLIENT:${SWTPM_CMD_UNIX_PATH} 2>&1 | \
+ "FILE:${cmd_path},rdonly" \
+ "UNIX-CLIENT:${SWTPM_CMD_UNIX_PATH}" 2>&1 | \
sed -n '/^ /p' | \
tail -n1
;;
*)
echo "swtpm_opendev: unsupported interface $iface"
- rm -f ${cmd_path}
+ rm -f "${cmd_path}"
exit 1
esac
- rm -f ${cmd_path}
+ rm -f "${cmd_path}"
}
# Transmit a control command on fd 101
@@ -618,7 +623,8 @@
function swtpm_ctrl_tx()
{
local iface=$1
- local ctrl_path resp_path
+
+ local ctrl_path
case "${iface}" in
socket+socket|unix+socket)
@@ -627,13 +633,13 @@
;;
socket+unix|unix+unix)
ctrl_path=$(mktemp)
- echo -en "$2" > ${ctrl_path}
+ echo -en "$2" > "${ctrl_path}"
socat -x -t50 \
- FILE:${ctrl_path},rdonly \
- UNIX-CLIENT:${SWTPM_CTRL_UNIX_PATH} 2>&1 | \
+ "FILE:${ctrl_path},rdonly" \
+ "UNIX-CLIENT:${SWTPM_CTRL_UNIX_PATH}" 2>&1 | \
sed -n '/^ /p' | \
tail -n1
- rm -f ${ctrl_path}
+ rm -f "${ctrl_path}"
;;
*)
echo "swtpm_opendev: unsupported interface $iface"
@@ -658,7 +664,7 @@
echo "SWTPM_DEV_NAME not defined"
exit 1
}
- ${SWTPM_BIOS} --tpm-device ${SWTPM_DEV_NAME} $@
+ ${SWTPM_BIOS} --tpm-device "${SWTPM_DEV_NAME}" "$@"
return $?
;;
unix+unix|unix+socket)
@@ -666,7 +672,7 @@
echo "SWTPM_CMD_UNIX_PATH not defined"
exit 1
}
- ${SWTPM_BIOS} --unix ${SWTPM_CMD_UNIX_PATH} $@
+ ${SWTPM_BIOS} --unix "${SWTPM_CMD_UNIX_PATH}" "$@"
return $?
;;
socket+unix|socket+socket)
@@ -674,7 +680,7 @@
echo "SWTPM_SERVER_PORT not defined"
exit 1
}
- ${SWTPM_BIOS} --tcp ${SWTPM_SERVER_NAME}:${SWTPM_SERVER_PORT} $@
+ ${SWTPM_BIOS} --tcp "${SWTPM_SERVER_NAME}:${SWTPM_SERVER_PORT}" "$@"
return $?
;;
*)
@@ -764,7 +770,7 @@
{
local name="$1"
- if [ 1 -eq 0 ]; then
+ if false; then
ps aux | grep "${name}" | grep -v grep
fi
}
@@ -778,8 +784,9 @@
{
local swtpm_exe="$1"
- local tmp=$(${swtpm_exe} socket --help | grep -E "\-\-seccomp")
+ local tmp
+ tmp=$(${swtpm_exe} socket --help | grep -E "\-\-seccomp")
[ -n "${tmp}" ] && return 0
return 1
}
@@ -814,10 +821,10 @@
return 0
fi
- tmp=$(grep -E "^Seccomp" /proc/${swtpm_pid}/status |
+ tmp=$(grep -E "^Seccomp" "/proc/${swtpm_pid}/status" |
cut -d":" -f2 |
tr -d '\t')
- if [ "${tmp}" != ${profile} ]; then
+ if [ "${tmp}" != "${profile}" ]; then
echo "Process ${swtpm_pid} has wrong seccomp profile type"
echo "Expected: ${profile}"
echo "Actual : ${tmp}"
@@ -833,17 +840,20 @@
{
local pid="$1"
local pidfile="$2"
- local rpid="$(cat $pidfile)"
+
+ local rpid
+
+ rpid="$(cat "$pidfile")"
if [ -z "$rpid" ]; then
sleep 0.1
- rpid="$(cat $pidfile)"
+ rpid="$(cat "$pidfile")"
fi
if [ "$pid" != "$rpid" ]; then
echo "Error: pid file contains unexpected PID value."
echo "expected: $pid"
- echo "actual : $(cat $pidfile)"
+ echo "actual : $(cat "${pidfile}")"
exit 1
fi
}
@@ -853,7 +863,9 @@
{
local swtpm_exe="$1"
- local res=$(${swtpm_exe} socket --print-capabilities | grep '"tpm-1.2"')
+ local res
+
+ res=$(${swtpm_exe} socket --print-capabilities | grep '"tpm-1.2"')
if [ -z "${res}" ]; then
echo "${swtpm_exe} does not provide a TPM 1.2"
exit 77
@@ -865,7 +877,9 @@
{
local swtpm_exe="$1"
- local res=$(${swtpm_exe} socket --print-capabilities | grep '"tpm-2.0"')
+ local res
+
+ res=$(${swtpm_exe} socket --print-capabilities | grep '"tpm-2.0"')
if [ -z "${res}" ]; then
echo "${swtpm_exe} does not provide a TPM 2.0"
exit 77
@@ -877,8 +891,10 @@
{
local swtpm_exe="$1"
- local res=$(${swtpm_exe} chardev --help 2>&1 |
- grep "Unsupported TPM interface")
+ local res
+
+ res=$(${swtpm_exe} chardev --help 2>&1 |
+ grep "Unsupported TPM interface")
if [ -z "${res}" ]; then
return 0
fi
@@ -938,7 +954,7 @@
if [ -d "/proc/${pid}/fd" ]; then
if [ -n "$(ls -l "/proc/${pid}/fd" | grep -E "\.lock\$")" ]; then
echo "Error: swtpm must not have storage locked"
- ls -l /proc/${1}/fd
+ ls -l "/proc/${pid}/fd"
exit 1
fi
elif [ -n "$(type -P lsof)" ]; then
@@ -961,13 +977,13 @@
if [ -d "/proc/${pid}/fd" ]; then
if [ -z "$(ls -l "/proc/${pid}/fd" | grep -E "\.lock\$")" ]; then
echo "Error: swtpm must have storage locked"
- ls -l /proc/${1}/fd
+ ls -l "/proc/${pid}/fd"
exit 1
fi
elif [ -n "$(type -P lsof)" ]; then
if [ -z "$(lsof -p "${pid}" | grep -e "\.lock\$")" ]; then
echo "Error: swtpm must have storage locked"
- ls -l /proc/${1}/fd
+ lsof -p "${pid}"
exit 1
fi
else
diff --git a/tests/test_commandline b/tests/test_commandline
index f894e7a..f3c9f6c 100755
--- a/tests/test_commandline
+++ b/tests/test_commandline
@@ -2,6 +2,8 @@
# For the license, see the LICENSE file in the root directory.
+# shellcheck disable=SC2097,SC2098
+
if [ "$(uname -s)" != "Linux" ]; then
# Due to netstat
echo "This test only runs only Linux."
@@ -12,22 +14,22 @@
TESTDIR=${abs_top_testdir:=$(dirname "$0")}
# need SWTPM to be set
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
TPMDIR="$(mktemp -d)" || exit 1
PID_FILE=$TPMDIR/${SWTPM}.pid
LOG_FILE=$TPMDIR/${SWTPM}.log
-source ${TESTDIR}/test_common
+source "${TESTDIR}/test_common"
trap "cleanup" SIGTERM EXIT
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
@@ -39,15 +41,15 @@
# Test 1: test port and directory command line parameters; use log level 20
FILEMODE=641
-exec 100<>$LOG_FILE
+exec 100<>"$LOG_FILE"
$SWTPM_EXE socket \
-p $PORT \
- --tpmstate dir=$TPMDIR,mode=$FILEMODE \
- --pid file=$PID_FILE \
+ --tpmstate "dir=$TPMDIR,mode=$FILEMODE" \
+ --pid "file=$PID_FILE" \
--log fd=100,level=20 \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
exec 100>&-
@@ -62,12 +64,12 @@
exit 1
fi
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
${SWTPM_BIOS} &>/dev/null
if [ $? -ne 0 ]; then
@@ -75,7 +77,7 @@
exit 1
fi
-filemode=$(get_filemode ${TPMDIR}/tpm-00.permall)
+filemode=$(get_filemode "${TPMDIR}/tpm-00.permall")
if [ "$filemode" != "$FILEMODE" ]; then
echo "Filemode bits are wrong"
echo "Expected: $FILEMODE"
@@ -83,14 +85,14 @@
exit 1
fi
-check_logfile_patterns_level_20 $LOG_FILE
-rm -f $LOG_FILE
+check_logfile_patterns_level_20 "$LOG_FILE"
+rm -f "$LOG_FILE"
kill_quiet -SIGTERM $PID &>/dev/null
-wait_process_gone $PID 2
+wait_process_gone "$PID" 2
exec 20<&1-; exec 21<&2-
-kill_quiet -0 $PID &>/dev/null
+kill_quiet -0 "$PID" &>/dev/null
RES=$?
exec 1<&20-; exec 2<&21-
@@ -110,9 +112,9 @@
$SWTPM_EXE socket \
--flags not-need-init \
-p $PORT \
- --tpmstate dir=$TPMDIR \
+ --tpmstate "dir=$TPMDIR" \
-t \
- ${SWTPM_TEST_SECCOMP_OPT} &>/dev/null &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &>/dev/null &
PID=$!
if wait_port_open $PORT $PID 4; then
@@ -164,13 +166,13 @@
# Test 3: test --fd= and --ctrl type=unxio,clientfd=
# The python script execs swtpm with client sockets
exec 20<&1-; exec 21<&2-
-LOG=$(PID_FILE=$TPMDIR/swtpm.pid SWTPM_EXE=$SWTPM_EXE TPMDIR=$TPMDIR exec $TESTDIR/test_clientfds.py)
+LOG=$(PID_FILE="$TPMDIR/swtpm.pid" SWTPM_EXE=$SWTPM_EXE TPMDIR=$TPMDIR exec "$TESTDIR/test_clientfds.py")
RES=$?
exec 1<&20-; exec 2<&21-
if [ $RES -ne 0 ]; then
- echo "Test 3 failed: $LOG"
- exit 1
+ echo "Test 3 failed: $LOG"
+ exit 1
fi
echo "Test 3 passed"
@@ -182,11 +184,11 @@
FILEMODE=641
$SWTPM_EXE socket \
- -p $PORT \
- --tpmstate backend-uri=dir://$TPMDIR,mode=$FILEMODE \
- --pid file=$PID_FILE \
+ -p "$PORT" \
+ --tpmstate "backend-uri=dir://$TPMDIR,mode=$FILEMODE" \
+ --pid "file=$PID_FILE" \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
if wait_port_open $PORT $PID 4; then
@@ -194,18 +196,18 @@
exit 1
fi
-kill_quiet -0 $PID
+kill_quiet -0 "$PID"
if [ $? -ne 0 ]; then
echo "Test 4 failed: TPM process not running"
exit 1
fi
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: ${SWTPM_INTERFACE} TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
${SWTPM_BIOS} &>/dev/null
if [ $? -ne 0 ]; then
@@ -213,7 +215,7 @@
exit 1
fi
-filemode=$(get_filemode ${TPMDIR}/tpm-00.permall)
+filemode=$(get_filemode "${TPMDIR}/tpm-00.permall")
if [ "$filemode" != "$FILEMODE" ]; then
echo "Filemode bits are wrong"
echo "Expected: $FILEMODE"
diff --git a/tests/test_common b/tests/test_common
index be9f4b2..2ea0861 100644
--- a/tests/test_common
+++ b/tests/test_common
@@ -1,4 +1,5 @@
+# shellcheck disable=SC2043
# For the license, see the LICENSE file in the root directory.
function wait_for_file()
@@ -29,8 +30,8 @@
"^ [[:print:]]+$" \
; do
shift
- ctr=$(grep -E "${pattern}" $logfile | wc -l)
- if [ $ctr -eq 0 ]; then
+ ctr=$(grep -E "${pattern}" "$logfile" | wc -l)
+ if [ "$ctr" -eq 0 ]; then
echo "Counted $ctr occurrences of pattern '${pattern}' in logfile; expected at least 1"
exit 1
fi
@@ -47,8 +48,8 @@
"^[[:print:]]+$" \
; do
shift
- ctr=$(grep -E "${pattern}" $logfile | wc -l)
- if [ $ctr -lt $minocc ]; then
+ ctr=$(grep -E "${pattern}" "$logfile" | wc -l)
+ if [ "$ctr" -lt "$minocc" ]; then
echo "Counted $ctr occurrences of pattern '${pattern}' in logfile; expected at least $minocc"
exit 1
fi
diff --git a/tests/test_ctrlchannel b/tests/test_ctrlchannel
index 40e0bc8..1906b47 100755
--- a/tests/test_ctrlchannel
+++ b/tests/test_ctrlchannel
@@ -2,6 +2,8 @@
# For the license, see the LICENSE file in the root directory.
+# shellcheck disable=SC2035,SC2061
+
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
@@ -12,32 +14,32 @@
CMD_PATH=$TPMDIR/cmd
RESP_PATH=$TPMDIR/resp
-source ${TESTDIR}/test_common
+source "${TESTDIR}/test_common"
trap "cleanup" SIGTERM EXIT
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
SWTPM_INTERFACE=socket+unix
SWTPM_SERVER_PORT=65430
SWTPM_SERVER_NAME=localhost
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
# Test 1: test the control channel on the socket tpm
# OS X would not allow nobody to access the $TPMDIR easily; skip it
-if [ $(id -u) -eq 0 ] && [ "$(uname -s)" != "Darwin" ]; then
+if [ "$(id -u)" -eq 0 ] && [ "$(uname -s)" != "Darwin" ]; then
FOWNER=",uid=nobody,gid=$(id -Gn nobody | cut -d" " -f1)"
FILEOWNER="$(id -u nobody) $(id -G nobody | cut -d" " -f1)"
RUNAS="--runas nobody"
- chown nobody $TPMDIR
+ chown nobody "$TPMDIR"
if [ $? -ne 0 ]; then
echo "Error: Could not change ownership of $TPMDIR"
exit 1
@@ -69,7 +71,7 @@
case $(uname -s) in
Linux|CYGWIN_NT-|Darwin)
PIDPARAM="fd=101"
- exec 101<>$PID_FILE
+ exec 101<>"$PID_FILE"
;;
*)
PIDPARAM="file=$PID_FILE"
@@ -78,18 +80,18 @@
$SWTPM_EXE socket \
--fd 100 \
- --tpmstate dir=$TPMDIR \
- --pid $PIDPARAM \
- --ctrl type=unixio,path=$SWTPM_CTRL_UNIX_PATH,mode=${FILEMODE}${FOWNER} \
- --log file=$LOG_FILE,level=20 \
- $RUNAS \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "$PIDPARAM" \
+ --ctrl "type=unixio,path=$SWTPM_CTRL_UNIX_PATH,mode=${FILEMODE}${FOWNER}" \
+ --log "file=$LOG_FILE,level=20" \
+ ${RUNAS:+${RUNAS}} \
--daemon \
- ${SWTPM_TEST_SECCOMP_OPT}
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}}
exec 100>&-
exec 101>&-
-if [ ! -f $PID_FILE ]; then
+if [ ! -f "$PID_FILE" ]; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
@@ -97,7 +99,7 @@
PID=$(cat "$PID_FILE")
# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x01')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x01')"
if [[ "$(uname -s)" =~ (Linux|OpenBSD|FreeBSD|NetBSD|Darwin|DragonFly) ]]; then
exp=" 00 00 00 00 00 01 7f ff"
else
@@ -110,7 +112,7 @@
exit 1
fi
-filemode=$(get_filemode $SWTPM_CTRL_UNIX_PATH)
+filemode=$(get_filemode "$SWTPM_CTRL_UNIX_PATH")
if [ "$filemode" != "$FILEMODE" ]; then
echo "Filemode bits are wrong"
echo "Expected: $FILEMODE"
@@ -118,7 +120,7 @@
exit 1
fi
-fileowner=$(get_fileowner $SWTPM_CTRL_UNIX_PATH)
+fileowner=$(get_fileowner "$SWTPM_CTRL_UNIX_PATH")
if [ -n "$FILEOWNER" ] && [ "$fileowner" != "$FILEOWNER" ]; then
echo "File ownership is wrong"
echo "Expected: $FILEOWNER"
@@ -127,7 +129,7 @@
fi
# Send TPM_Init to the TPM: CMD_INIT = 0x00 00 00 02 + flags
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x02\x00\x00\x00\x00')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x02\x00\x00\x00\x00')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_INIT:"
@@ -137,7 +139,7 @@
fi
# Send unknown command to the TPM
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\xff\xff')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\xff\xff')"
exp=" 00 00 00 0a"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from sending unsupported command:"
@@ -147,7 +149,7 @@
fi
# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0a')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0a')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_STORE_VOLATILE:"
@@ -156,13 +158,13 @@
exit 1
fi
-if [ ! -r $TPMDIR/tpm-00.volatilestate ]; then
+if [ ! -r "$TPMDIR/tpm-00.volatilestate" ]; then
echo "Error: Socket TPM: Did not write volatile state file"
exit 1
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0e')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0e')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_STOP:"
@@ -172,7 +174,7 @@
fi
# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0f')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0f')"
exp=" 00 00 00 00 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_GET_CONFIG:"
@@ -183,12 +185,12 @@
# To enable coverage of the above running as non-root we change the .gcda
# files' ownership with this small hack
-if [ $(id -u) -eq 0 ] && [ "$(uname -s)" != "Darwin" ]; then
- find $ROOT -name *.gcda -exec chown nobody {} \;
+if [ "$(id -u)" -eq 0 ] && [ "$(uname -s)" != "Darwin" ]; then
+ find "$ROOT" -name *.gcda -exec chown nobody {} \;
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x03')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_SHUTDOWN:"
@@ -197,18 +199,18 @@
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
-check_logfile_patterns_level_20 $LOG_FILE
-rm -f $LOG_FILE
+check_logfile_patterns_level_20 "$LOG_FILE"
+rm -f "$LOG_FILE"
echo "OK"
@@ -217,24 +219,24 @@
# There are a few more tests here that require sending commands to the TPM
# use a pseudo terminal
-run_swtpm ${SWTPM_INTERFACE} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --log file=$LOG_FILE \
+run_swtpm "${SWTPM_INTERFACE}" \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --log "file=$LOG_FILE" \
--flags startup-clear \
- $RUNAS
+ ${RUNAS:+${RUNAS}}
PID=$SWTPM_PID
-if wait_for_file ${PID_FILE} 4; then
+if wait_for_file "${PID_FILE}" 4; then
echo "Error: Socket TPM did not write pidfile."
- cat $LOG_FILE
+ cat "$LOG_FILE"
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x01')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x01')"
if [[ "$(uname -s)" =~ (Linux|OpenBSD|FreeBSD|NetBSD|Darwin|DragonFly) ]]; then
exp=" 00 00 00 00 00 01 7f ff"
else
@@ -248,7 +250,7 @@
fi
# Send unknown command to the TPM
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\xff\xff')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\xff\xff')"
exp=" 00 00 00 0a"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending unsupported command:"
@@ -258,7 +260,7 @@
fi
# Startup the TPM; we use --flags startup-clear, so expect this to fail with error 0x26 (INVALID POST INIT)
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0C\x00\x00\x00\x99\x00\x01')"
exp=' 00 c4 00 00 00 0a 00 00 00 26'
if [ "$res" != "$exp" ]; then
echo "Error: Did not get expected result from TPM_Startup(ST_Clear)"
@@ -268,7 +270,7 @@
fi
# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0a')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0a')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_STORE_VOLATILE:"
@@ -277,13 +279,13 @@
exit 1
fi
-if [ ! -r $TPMDIR/tpm-00.volatilestate ]; then
+if [ ! -r "$TPMDIR/tpm-00.volatilestate" ]; then
echo "Error: Socket TPM: Did not write volatile state file"
exit 1
fi
# 1. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x04')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x04')"
exp=" 00 00 00 00 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
@@ -293,7 +295,7 @@
fi
# 2. Send command to start HASH : CMD_HASH_START = 00 00 00 06
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x06')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x06')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending CMD_HASH_START command:"
@@ -304,12 +306,12 @@
# 2.1. Send command to hash data : CMD_HASH_DATA = 00 00 00 07 uint32(length) data
# We send 0x100 null bytes
-echo -en '\x00\x00\x00\x07\x00\x00\x20\x00' > $CMD_PATH
-dd if=/dev/zero count=$((0x2000)) bs=1 >> $CMD_PATH 2>/dev/null
-socat -x -t10 FILE:$CMD_PATH,rdonly UNIX-CONNECT:$SWTPM_CTRL_UNIX_PATH 2>&1 | \
+echo -en '\x00\x00\x00\x07\x00\x00\x20\x00' > "$CMD_PATH"
+dd if=/dev/zero count=$((0x2000)) bs=1 >> "$CMD_PATH" 2>/dev/null
+socat -x -t10 "FILE:$CMD_PATH,rdonly" "UNIX-CONNECT:$SWTPM_CTRL_UNIX_PATH" 2>&1 | \
sed -n '/^ /p' | \
- tail -n1 > $RESP_PATH
-res="$(cat $RESP_PATH)"
+ tail -n1 > "$RESP_PATH"
+res="$(cat "$RESP_PATH")"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending CMD_HASH_DATA command:"
@@ -319,7 +321,7 @@
fi
# 3. Send command to end HASH : CMD_HASH_END = 00 00 00 08
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x08')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x08')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending CMD_HASH_END command:"
@@ -329,7 +331,7 @@
fi
# 4. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x04')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x04')"
exp=" 00 00 00 00 01 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
@@ -339,7 +341,7 @@
fi
# 5. Send command to reset TPM established flag: CMD_RESET_TPMESTABLISHED = 00 00 00 0b 03
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0b\x03')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0b\x03')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
@@ -349,7 +351,7 @@
fi
# 6. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x04')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x04')"
exp=" 00 00 00 00 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from sending CMD_GET_TPMESTABLISHED command:"
@@ -359,7 +361,7 @@
fi
# Read PCR 17
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')"
exp=' 00 c4 00 00 00 1e 00 00 00 00 c4 e1 e1 c9 81 c0 cd b1 e0 43 df 97 20 72 f9 5d a9 ff 06 ff'
if [ "$res" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -370,7 +372,7 @@
# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
# cmd | flags | type | offset |
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00')"
# result | flags | totlength | length |
exp=" 00 00 00 00 00 00 00 00 00 00 04 e5 00 00 04 e5"
if [ "${res:0:48}" != "$exp" ]; then
@@ -381,7 +383,7 @@
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0e')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0e')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_STOP:"
@@ -391,7 +393,7 @@
fi
# Read PCR 17 -- should fail now
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x11')"
exp=' 00 c4 00 00 00 0a 00 00 00 09'
if [ "$res" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
@@ -401,7 +403,7 @@
fi
# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0f')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0f')"
exp=" 00 00 00 00 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_GET_CONFIG:"
@@ -411,7 +413,7 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x03')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_SHUTDOWN:"
@@ -420,44 +422,44 @@
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: Socket TPM should not be running anymore."
exit 1
fi
# Expecting to see an error message for the unknown command
-check_logfile_patterns_level_1 $LOG_FILE 1
-rm -f $LOG_FILE
+check_logfile_patterns_level_1 "$LOG_FILE" 1
+rm -f "$LOG_FILE"
echo "OK"
# Test 3: test the control channel on the socket tpm: resume encrypted state
# copy all the state files
-cp ${TESTDIR}/data/tpmstate2/* ${TPMDIR}
+cp "${TESTDIR}"/data/tpmstate2/* "${TPMDIR}"
-run_swtpm ${SWTPM_INTERFACE} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --key pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512 \
- --log file=$LOG_FILE,level=20 \
+run_swtpm "${SWTPM_INTERFACE}" \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --key "pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512" \
+ --log "file=$LOG_FILE,level=20" \
--flags not-need-init
PID=$SWTPM_PID
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Read PCR 10
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$res" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -468,7 +470,7 @@
# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
# cmd | flags | type | offset |
-vstate="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00')"
+vstate="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0c\x00\x00\x00\x00\x00\x00\x00\x02\x00\x00\x00\x00')"
# result | flags | totlength | length |
exp=" 00 00 00 00 00 00 00 02 00 00 05 22 00 00 05 22"
if [ "${vstate:0:48}" != "$exp" ]; then
@@ -479,7 +481,7 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x03')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_SHUTDOWN:"
@@ -488,41 +490,41 @@
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: Socket TPM should not be running anymore."
exit 1
fi
-check_logfile_patterns_level_20 $LOG_FILE
-rm -f $LOG_FILE
+check_logfile_patterns_level_20 "$LOG_FILE"
+rm -f "$LOG_FILE"
echo "OK"
# remove volatile state
-rm -f $TPMDIR/*.volatilestate
+rm -f "$TPMDIR"/*.volatilestate
-run_swtpm ${SWTPM_INTERFACE} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --key pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512 \
- --log file=$LOG_FILE \
+run_swtpm "${SWTPM_INTERFACE}" \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --key "pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512" \
+ --log "file=$LOG_FILE" \
--flags not-need-init
PID=$SWTPM_PID
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Read PCR 10 -- this should fail now
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
exp=' 00 c4 00 00 00 0a 00 00 00 26'
if [ "$res" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -532,7 +534,7 @@
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0e')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0e')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_STOP:"
@@ -547,7 +549,7 @@
size=$((${#vstate} / 3))
size=$(printf "%08x" $size | sed 's/\([0-9a-f]\{2\}\)/\\x\1/g')
vstate=$(echo "${vstate}" | sed 's/ /\\x/g')
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} "\x00\x00\x00\x0d\x00\x00\x00\x02\x00\x00\x00\x02${size}${vstate}")"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" "\x00\x00\x00\x0d\x00\x00\x00\x02\x00\x00\x00\x02${size}${vstate}")"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_SET_STATEBLOB:"
@@ -557,7 +559,7 @@
fi
# Send init command to the TPM: CMD_INIT = 00 00 00 02
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x02\x00\x00\x00\x00')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x02\x00\x00\x00\x00')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_INIT:"
@@ -567,7 +569,7 @@
fi
# Read PCR 10 -- has to return same result as before
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')"
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$res" != "$exp" ]; then
echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
@@ -577,7 +579,7 @@
fi
# Reset PCR 20 while in locality 0 -- should not work
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')"
exp=' 00 c4 00 00 00 0a 00 00 00 33'
if [ "$res" != "$exp" ]; then
echo "Error: Trying to reset PCR 20 in locality 0 returned unexpected result"
@@ -588,7 +590,7 @@
# In locality 2 we can reset PCR 20
# Set the localoty on the TPM: CMD_SET_LOCALITY = 00 00 00 05 <locality>
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x05\x02')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x05\x02')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_SET_LOCALITY:"
@@ -598,7 +600,7 @@
fi
# Reset PCR 20 while in locality 2 -- has to work
-res="$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')"
+res="$(swtpm_cmd_tx "${SWTPM_INTERFACE}" '\x00\xC1\x00\x00\x00\x0F\x00\x00\x00\xC8\x00\x03\x00\x00\x10')"
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$res" != "$exp" ]; then
echo "Error: Could not reset PCR 20 in locality 2"
@@ -608,7 +610,7 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x03')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_SHUTDOWN:"
@@ -617,19 +619,19 @@
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: Socket TPM should not be running anymore."
exit 1
fi
# (Currently) expecting to see nothing in the log file
-check_logfile_patterns_level_1 $LOG_FILE 0
-rm -f $LOG_FILE
+check_logfile_patterns_level_1 "$LOG_FILE" 0
+rm -f "$LOG_FILE"
echo "OK"
diff --git a/tests/test_ctrlchannel2 b/tests/test_ctrlchannel2
index 43c2b11..2a84720 100755
--- a/tests/test_ctrlchannel2
+++ b/tests/test_ctrlchannel2
@@ -11,11 +11,9 @@
TPMDIR="$(mktemp -d)" || exit 1
PID_FILE=$TPMDIR/${SWTPM}.pid
SOCK_PATH=$TPMDIR/sock
-CMD_PATH=$TPMDIR/cmd
-RESP_PATH=$TPMDIR/resp
VOLATILESTATE=$TPMDIR/volatile
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_chardev "${SWTPM_EXE}"
skip_test_no_tpm12 "${SWTPM_EXE}"
@@ -23,9 +21,9 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
@@ -35,13 +33,13 @@
exec 100<>/dev/ptmx
$SWTPM_EXE chardev \
--fd 100 \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
--daemon \
- ${SWTPM_TEST_SECCOMP_OPT}
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}}
-if [ ! -f $PID_FILE ]; then
+if [ ! -f "$PID_FILE" ]; then
echo "Error: Chardev TPM did not write pidfile."
exit 1
fi
@@ -49,7 +47,7 @@
PID=$(cat "$PID_FILE")
# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -c 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -c 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CAPABILITY failed: $act"
exit 1
@@ -62,33 +60,33 @@
fi
# Send TPM_Init to the TPM: CMD_INIT = 0x00 00 00 02 + flags
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -v 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -v 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STORE_VOLATILE failed: $act"
exit 1
fi
-if [ ! -r $TPMDIR/tpm-00.volatilestate ]; then
+if [ ! -r "$TPMDIR/tpm-00.volatilestate" ]; then
echo "Error: Socket TPM: Did not write volatile state file"
exit 1
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --stop 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --stop 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STOP failed: $act"
exit 1
fi
# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -g 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -g 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CONFIG failed: $act"
exit 1
@@ -101,18 +99,18 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
@@ -134,21 +132,21 @@
# use a pseudo terminal
$SWTPM_EXE socket \
--server port=65431,disconnect=true,bindaddr=$BINDADDR \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -c 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -c 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CAPABILITY failed: $act"
exit 1
@@ -161,7 +159,7 @@
fi
# Send TPM_Init to the TPM: CMD_INIT = 0x00 00 00 02 + flags
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
@@ -175,19 +173,19 @@
fi
# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -v 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -v 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STORE_VOLATILE failed: $act"
exit 1
fi
-if [ ! -r $TPMDIR/tpm-00.volatilestate ]; then
+if [ ! -r "$TPMDIR/tpm-00.volatilestate" ]; then
echo "Error: Socket TPM: Did not write volatile state file"
exit 1
fi
# 1. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -e 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -e 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_TPMESTABLISHED failed: $act"
exit 1
@@ -204,14 +202,14 @@
while [ ${#data} -lt $((0x2000)) ]; do
data="${data}${data}"
done
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -h $data 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -h $data 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL data hashing failed: $act"
exit 1
fi
# 3. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -e 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -e 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_TPMESTABLISHED failed: $act"
exit 1
@@ -224,14 +222,14 @@
fi
# 4. Send command to reset TPM established flag: CMD_RESET_TPMESTABLISHED = 00 00 00 0b 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -r 3 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -r 3 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_RESET_TPMESTABLISHED failed: $act"
exit 1
fi
# 5. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -e 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -e 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_TPMESTABLISHED failed: $act"
exit 1
@@ -256,14 +254,14 @@
fi
# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --save volatile $VOLATILESTATE 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --save volatile "$VOLATILESTATE" 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_STATEBLOB failed: $act"
exit 1
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --stop 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --stop 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STOP failed: $act"
exit 1
@@ -282,7 +280,7 @@
fi
# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -g 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -g 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CONFIG failed: $act"
exit 1
@@ -295,18 +293,18 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: Socket TPM should not be running anymore."
exit 1
fi
@@ -316,24 +314,24 @@
# Test 3: test the control channel on the socket tpm: resume encrypted state
# copy all the state files
-cp ${TESTDIR}/data/tpmstate2/* ${TPMDIR}
+cp "${TESTDIR}/data/tpmstate2/"* "${TPMDIR}"
$SWTPM_EXE socket \
--server port=65431,disconnect=true \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --key pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --key "pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512" \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Read PCR 10
exec 100<>/dev/tcp/localhost/65431
@@ -348,49 +346,49 @@
fi
# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
-rm -f $VOLATILESTATE
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --save volatile $VOLATILESTATE 2>&1)
+rm -f "$VOLATILESTATE"
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --save volatile "$VOLATILESTATE" 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_STATEBLOB failed: $act"
exit 1
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: Socket TPM should not be running anymore."
exit 1
fi
# remove volatile state
-rm -f $TPMDIR/*.volatilestate
+rm -f "$TPMDIR"/*.volatilestate
$SWTPM_EXE socket \
--server port=65431,disconnect=true \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --key pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --key "pwdfile=${TESTDIR}/data/tpmstate2/pwdfile.txt,kdf=sha512" \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Read PCR 10 -- this should fail now
exec 100<>/dev/tcp/localhost/65431
@@ -405,22 +403,22 @@
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --stop 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --stop 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STOP failed: $act"
exit 1
fi
# Send the volatile state to the TPM (while it is stopped)
-$SWTPM_IOCTL --unix $SOCK_PATH --load volatile $VOLATILESTATE
-#act=$($SWTPM_IOCTL --unix $SOCK_PATH --load volatile $VOLATILESTATE 2>&1)
+$SWTPM_IOCTL --unix "$SOCK_PATH" --load volatile "$VOLATILESTATE"
+#act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --load volatile "$VOLATILESTATE" 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SET_STATEBLOB failed: $act"
exit 1
fi
# Send init command to the TPM: CMD_INIT = 00 00 00 02
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
@@ -453,7 +451,7 @@
# In locality 2 we can reset PCR 20
# Set the locality on the TPM: CMD_SET_LOCALITY = 00 00 00 05 <locality>
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -l 2 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -l 2 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SET_LOCALITY failed: $act"
exit 1
@@ -472,18 +470,18 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: Socket TPM should not be running anymore."
exit 1
fi
diff --git a/tests/test_ctrlchannel3 b/tests/test_ctrlchannel3
index 5a5115b..9cbf348 100755
--- a/tests/test_ctrlchannel3
+++ b/tests/test_ctrlchannel3
@@ -43,7 +43,7 @@
-t \
--pid "file=${PID_FILE}" \
--log "file=${LOG_FILE},level=20" \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
@@ -74,7 +74,7 @@
--server "type=tcp,port=${SWTPM_SERVER_PORT}" \
--tpmstate "dir=${TPMDIR}" \
--pid "file=${PID_FILE}" \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
@@ -109,7 +109,7 @@
--server "type=tcp,port=${SWTPM_SERVER_PORT}" \
--tpmstate "dir=${TPMDIR}" \
--pid "file=${PID_FILE}" \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
diff --git a/tests/test_ctrlchannel4 b/tests/test_ctrlchannel4
index f699923..ac649ef 100755
--- a/tests/test_ctrlchannel4
+++ b/tests/test_ctrlchannel4
@@ -10,20 +10,20 @@
PID_FILE=$TPMDIR/swtpm.pid
LOG_FILE=$TPMDIR/swtpm.log
-source ${TESTDIR}/test_common
+source "${TESTDIR}/test_common"
trap "cleanup" SIGTERM EXIT
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
SWTPM_INTERFACE=socket+unix
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_chardev "${SWTPM_EXE}"
skip_test_no_tpm12 "${SWTPM_EXE}"
@@ -32,23 +32,23 @@
exec 100<>/dev/ptmx
$SWTPM_EXE chardev \
--fd 100 \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SWTPM_CTRL_UNIX_PATH \
- --log file=$LOG_FILE,level=20 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SWTPM_CTRL_UNIX_PATH" \
+ --log "file=$LOG_FILE,level=20" \
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
exec 100>&-
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Chardev TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x01')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x01')"
exp=" 00 00 00 00 00 01 7f ff"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_GET_CAPABILITY:"
@@ -58,7 +58,7 @@
fi
# Send TPM_Init to the TPM: CMD_INIT = 0x00 00 00 02 + flags
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x02\x00\x00\x00\x00')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x02\x00\x00\x00\x00')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_INIT:"
@@ -68,7 +68,7 @@
fi
# Send unknown command to the TPM
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\xff\xff')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\xff\xff')"
exp=" 00 00 00 0a"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from sending unsupported command:"
@@ -78,7 +78,7 @@
fi
# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0a')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0a')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_STORE_VOLATILE:"
@@ -87,13 +87,13 @@
exit 1
fi
-if [ ! -r $TPMDIR/tpm-00.volatilestate ]; then
+if [ ! -r "$TPMDIR/tpm-00.volatilestate" ]; then
echo "Error: Socket TPM: Did not write volatile state file"
exit 1
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0e')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0e')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_STOP:"
@@ -103,7 +103,7 @@
fi
# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x0f')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x0f')"
exp=" 00 00 00 00 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Socket TPM: Unexpected response from CMD_GET_CONFIG:"
@@ -113,7 +113,7 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-res="$(swtpm_ctrl_tx ${SWTPM_INTERFACE} '\x00\x00\x00\x03')"
+res="$(swtpm_ctrl_tx "${SWTPM_INTERFACE}" '\x00\x00\x00\x03')"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_SHUTDOWN:"
@@ -122,17 +122,17 @@
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-check_logfile_patterns_level_20 $LOG_FILE
-rm -f $LOG_FILE
+check_logfile_patterns_level_20 "$LOG_FILE"
+rm -f "$LOG_FILE"
echo "OK"
diff --git a/tests/test_cuse b/tests/test_cuse
index 5258274..daadd5e 100644
--- a/tests/test_cuse
+++ b/tests/test_cuse
@@ -12,7 +12,7 @@
fi
if [ -z "$(grep -E '#[[:blank:]]*define[[:blank:]]+WITH_CUSE[[:blank:]]+1[[:blank:]]*$' \
- ${PWD}/../config.h)" ]; then
+ "${PWD}/../config.h")" ]; then
echo "Skipping test: swtpm was not compiled with CUSE interface"
exit 77
fi
diff --git a/tests/test_encrypted_state b/tests/test_encrypted_state
index 998c4a0..656c5ae 100755
--- a/tests/test_encrypted_state
+++ b/tests/test_encrypted_state
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_getcap b/tests/test_getcap
index 7ea5509..0b4546a 100755
--- a/tests/test_getcap
+++ b/tests/test_getcap
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_hashing b/tests/test_hashing
index 4a9f14c..286c4e1 100755
--- a/tests/test_hashing
+++ b/tests/test_hashing
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_hashing2 b/tests/test_hashing2
index 103d744..3a538bb 100755
--- a/tests/test_hashing2
+++ b/tests/test_hashing2
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_init b/tests/test_init
index ca372fb..95c8d7c 100755
--- a/tests/test_init
+++ b/tests/test_init
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_locality b/tests/test_locality
index 75f3fde..4c88991 100755
--- a/tests/test_locality
+++ b/tests/test_locality
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_migration_key b/tests/test_migration_key
index 53cebd1..2e7384f 100755
--- a/tests/test_migration_key
+++ b/tests/test_migration_key
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_parameters b/tests/test_parameters
index 7c105c7..4619d58 100755
--- a/tests/test_parameters
+++ b/tests/test_parameters
@@ -34,8 +34,8 @@
)
# Open read-only file descriptors referenced in test cases
-exec 100<${TESTDIR}/data/keyfile256bit.txt
-exec 101<${TESTDIR}/data/pwdfile.txt
+exec 100<"${TESTDIR}/data/keyfile256bit.txt"
+exec 101<"${TESTDIR}/data/pwdfile.txt"
FILESIZES=(
1185
@@ -62,7 +62,7 @@
1820
)
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
SWTPM=swtpm
@@ -77,7 +77,7 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
}
# swtpm_setup.conf points to the local create_certs.sh
@@ -86,48 +86,48 @@
PATH=$PATH:$PWD
for (( i=0; i<${#PARAMETERS[*]}; i++)); do
- rm -rf $TPMDIR/*
+ rm -rf "$TPMDIR"/*
echo -n "Test $i: "
+ params=${PARAMETERS[$i]}
$TPMAUTHORING \
- --tpm-state $TPMDIR \
+ --tpm-state "$TPMDIR" \
--tpm "$SWTPM_EXE socket ${SWTPM_TEST_SECCOMP_OPT}" \
- ${PARAMETERS[$i]} 2>&1 >/dev/null
+ ${params:+${params}} &>/dev/null
if [ $? -ne 0 ]; then
- echo "ERROR: Test with parameters '${PARAMETERS[$i]}' failed."
+ echo "ERROR: Test with parameters '${params}' failed."
exit 1
- elif [ ! -f $TPMDIR/tpm-00.permall ]; then
- echo "ERROR: Test with parameters '${PARAMETERS[$i]}' did not
+ elif [ ! -f "$TPMDIR/tpm-00.permall" ]; then
+ echo "ERROR: Test with parameters '${params}' did not
produce file $TPMDIR/tpm-00.permall."
exit 1
fi
- FILESIZE=$(get_filesize $TPMDIR/tpm-00.permall)
- if [ ${FILESIZE} -ne ${FILESIZES[$i]} ]; then
+ FILESIZE=$(get_filesize "$TPMDIR/tpm-00.permall")
+ if [ "${FILESIZE}" -ne "${FILESIZES[$i]}" ]; then
echo "ERROR: Unexpected file size of $FILESIZE, "\
- "expected ${FILESIZES[$i]}. Parameters: ${PARAMETERS[$i]}"
+ "expected ${FILESIZES[$i]}. Parameters: ${params}"
exit 1
fi
# Make sure the state is encrypted when a key was given.
# We expect sequences of 4 0-bytes in unencrypted state
# and no such sequences in encrypted state.
- nullseq="$(cat $TPMDIR/tpm-00.permall | \
- od -t x1 -A n | tr -d '\n' | tr -s ' ' |
+ nullseq="$(od -t x1 -A n < "$TPMDIR/tpm-00.permall" | tr -d '\n' | tr -s ' ' |
grep "00 00 00 00")"
- if [[ "${PARAMETERS[$i]}" =~ (keyfile|pwdfile) ]]; then
+ if [[ "$params}" =~ (keyfile|pwdfile) ]]; then
if [ -n "${nullseq}" ]; then
echo "ERROR: State file is not encrypted with" \
- "parameters '${PARAMETERS[$i]}'"
+ "parameters '${params}'"
fi
else
if [ -z "${nullseq}" ]; then
echo "ERROR: State must not be encrypted with" \
- "parameters '${PARAMETERS[$i]}'"
+ "parameters '${params}'"
fi
fi
- echo "SUCCESS with parameters '${PARAMETERS[$i]}'."
+ echo "SUCCESS with parameters '${params}'."
done
exec 100>&-
diff --git a/tests/test_print_capabilities b/tests/test_print_capabilities
index 2ce3282..b46aeec 100755
--- a/tests/test_print_capabilities
+++ b/tests/test_print_capabilities
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_print_states b/tests/test_print_states
index 8fc965e..6dc025a 100755
--- a/tests/test_print_states
+++ b/tests/test_print_states
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_resume_volatile b/tests/test_resume_volatile
index cb8bb81..a17d2f8 100755
--- a/tests/test_resume_volatile
+++ b/tests/test_resume_volatile
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_samples_create_tpmca b/tests/test_samples_create_tpmca
index 3ccc6f5..04bcb44 100755
--- a/tests/test_samples_create_tpmca
+++ b/tests/test_samples_create_tpmca
@@ -3,6 +3,8 @@
# For the license, see the LICENSE file in the root directory.
+# shellcheck disable=SC1091
+
if [ "$(id -u)" -ne 0 ]; then
echo "Need to be root to run this test."
exit 77
@@ -20,7 +22,7 @@
PATH=$ROOT/src/swtpm:$PATH
-source ${abs_top_builddir:-$(dirname "$0")/..}/tests/test_config
+source "${abs_top_builddir:-$(dirname "$0")/..}/tests/test_config"
SWTPM_SETUP=${ROOT}/src/swtpm_setup/swtpm_setup
SWTPM_CREATE_TPMCA=${SRCDIR}/samples/swtpm-create-tpmca
@@ -62,19 +64,19 @@
function cleanup()
{
if [ -n "${TCSD_PID}" ]; then
- kill_quiet -15 ${TCSD_PID}
+ kill_quiet -15 "${TCSD_PID}"
fi
if [ -n "${SWTPM_PID}" ]; then
- kill_quiet -9 ${SWTPM_PID}
+ kill_quiet -9 "${SWTPM_PID}"
fi
if [ -n "${BASH_PID}" ]; then
- kill_quiet -9 ${BASH_PID}
+ kill_quiet -9 "${BASH_PID}"
fi
rm -rf "${workdir}"
}
trap "cleanup" SIGTERM EXIT
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
PATH=${ROOT}/src/swtpm_bios:${ROOT}/src/swtpm_cert:${PATH}
@@ -114,18 +116,18 @@
--config "${workdir}/swtpm_setup.conf" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}" \
--take-ownership \
- ${params} >/dev/null
+ ${params:+${params}} >/dev/null
if [ $? -ne 0 ]; then
echo "Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
echo "Successfully took ownership of TPM and set owner and SRK passwords."
- run_swtpm ${SWTPM_INTERFACE} \
+ run_swtpm "${SWTPM_INTERFACE}" \
--flags not-need-init \
--tpmstate "dir=${workdir}"
@@ -154,14 +156,14 @@
# After the changes:
# - root:tss 0640 for TSS_USER=tss and TSS_GROUP=tss
while :; do
- chown ${TSS_USER}:${TSS_GROUP} "${TCSD_CONF}"
+ chown "${TSS_USER}:${TSS_GROUP}" "${TCSD_CONF}"
if [ "${TSS_USER}" == "${TSS_GROUP}" ]; then
chmod 0600 "${TCSD_CONF}"
else
chmod 0640 "${TCSD_CONF}"
fi
- bash -c "TCSD_USE_TCP_DEVICE=1 TCSD_TCP_DEVICE_PORT=${SWTPM_SERVER_PORT} tcsd -c "${TCSD_CONF}" -e -f &>/dev/null & echo \$! > "${TCSD_PIDFILE}"; wait" &
+ bash -c "TCSD_USE_TCP_DEVICE=1 TCSD_TCP_DEVICE_PORT=${SWTPM_SERVER_PORT} tcsd -c \"${TCSD_CONF}\" -e -f &>/dev/null & echo \$! > \"${TCSD_PIDFILE}\"; wait" &
BASH_PID=$!
if wait_for_file "${TCSD_PIDFILE}" 3; then
@@ -224,14 +226,14 @@
${params}; do
if [ -n "${regex}" ] && \
[ -z "$(grep -E "${regex}" "${SWTPM_LOCALCA_CONF}")" ]; then
- echo "Error: Could not find regex '${line}' in CA config file."
+ echo "Error: Could not find regex '${regex}' in CA config file."
cat "${SWTPM_LOCALCA_CONF}"
exit 1
fi
done
params=""
- if [ ${vtpm_is_tpm2} -ne 0 ]; then
+ if [ "${vtpm_is_tpm2}" -ne 0 ]; then
params="--tpm2"
skip=0
else
@@ -257,7 +259,7 @@
exit 1
fi
# cert was for example 541 bytes long
- if [ $(get_filesize "${workdir}/ek.cert") -lt 500 ]; then
+ if [ "$(get_filesize "${workdir}/ek.cert")" -lt 500 ]; then
echo "Error: The certificate's size is dubious"
ls -l "${workdir}/ek.cert"
exit 1
@@ -273,7 +275,7 @@
'^[[:space:]]+Certificate Authority \(CA\): FALSE$'
'^[[:space:]]+Unknown extension 2.5.29.9 \(not critical\):$'
'^[[:space:]]+Hexdump: 3019301706056781050210310e300c0c03322e3002010002020092$')
- if [ ${vtpm_is_tpm2} -ne 0 ]; then
+ if [ "${vtpm_is_tpm2}" -ne 0 ]; then
# TPM 2.0; due to ecc: Key agreement
regexs+=('^[[:space:]]+Key agreement\.$'
'^[[:space:]]+Signature Algorithm: RSA-SHA256$')
diff --git a/tests/test_save_load_encrypted_state b/tests/test_save_load_encrypted_state
index 13ca8ad..d7f3168 100755
--- a/tests/test_save_load_encrypted_state
+++ b/tests/test_save_load_encrypted_state
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_save_load_state b/tests/test_save_load_state
index 249c4b1..60ac13d 100755
--- a/tests/test_save_load_state
+++ b/tests/test_save_load_state
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_setbuffersize b/tests/test_setbuffersize
index 83bf682..aa7131c 100755
--- a/tests/test_setbuffersize
+++ b/tests/test_setbuffersize
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_swtpm_bios b/tests/test_swtpm_bios
index 4842948..ee631d6 100755
--- a/tests/test_swtpm_bios
+++ b/tests/test_swtpm_bios
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_swtpm_cert b/tests/test_swtpm_cert
index aef6cfb..5d1f38b 100755
--- a/tests/test_swtpm_cert
+++ b/tests/test_swtpm_cert
@@ -22,22 +22,24 @@
local cert="$1"
local exp="$2"
+ local size
+
# Unfortunately different GnuTLS versions may create certs of different
# sizes; deactivate this test for now
return
- local size=$(stat -c%s ${cert} 2>/dev/null)
- if [ $size -ne $exp ]; then
+ size=$(stat -c%s "${cert}" 2>/dev/null)
+ if [ "$size" -ne "$exp" ]; then
echo "Warning: Certificate file has unexpected size."
echo " Expected: $exp; found: $size"
fi
}
VARNAME=password ${SWTPM_CERT} \
- --signkey ${TESTDIR}/data/signkey-encrypted.pem \
+ --signkey "${TESTDIR}/data/signkey-encrypted.pem" \
--signkey-pwd env:VARNAME \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
--modulus 'b9dda830729de58f9f5bed2b3b9394ad4ec5afb9c390b89a3337250cbc575cfc8f31f7ffd3f05f4155076f7d1605381cd281b7f147b801154e4f89ee529fe36eae50f79561850e5b63037edaacbb390ea3fcd037e674fb179e3c5afe31214d78a756ca44cc6cf25421b51420ede548310c92b08a513ccc62fd0ef45dcf6546f6e865be6a661d045d1c47b60b428d11dc97cb9f35ee7c385bb20320934b015f8014e8fb19851c2af307e1e64648c142175e40b60615dc494fdb09ea5d5a6f3273b65a241e3cf30cc449b9fb3f900d1ed4be967b32b16f95a1d732dbfa143eaa1c2017556117f70faee5d77f836705d05405361ad5871a32161fa5a1234cfab497' \
--days 3650 \
--pem \
@@ -53,14 +55,14 @@
check_cert_size "${cert}" 1224
# truncate result file
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 1: OK"
${SWTPM_CERT} \
- --signkey ${TESTDIR}/data/signkey-encrypted.pem \
+ --signkey "${TESTDIR}/data/signkey-encrypted.pem" \
--signkey-pwd file:<(echo -en "password") \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
--modulus 'b9dda830729de58f9f5bed2b3b9394ad4ec5afb9c390b89a3337250cbc575cfc8f31f7ffd3f05f4155076f7d1605381cd281b7f147b801154e4f89ee529fe36eae50f79561850e5b63037edaacbb390ea3fcd037e674fb179e3c5afe31214d78a756ca44cc6cf25421b51420ede548310c92b08a513ccc62fd0ef45dcf6546f6e865be6a661d045d1c47b60b428d11dc97cb9f35ee7c385bb20320934b015f8014e8fb19851c2af307e1e64648c142175e40b60615dc494fdb09ea5d5a6f3273b65a241e3cf30cc449b9fb3f900d1ed4be967b32b16f95a1d732dbfa143eaa1c2017556117f70faee5d77f836705d05405361ad5871a32161fa5a1234cfab497' \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
@@ -77,15 +79,15 @@
check_cert_size "${cert}" 1302
# truncate result file
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 2: OK"
${SWTPM_CERT} \
- --signkey ${TESTDIR}/data/signkey-encrypted.pem \
+ --signkey "${TESTDIR}/data/signkey-encrypted.pem" \
--signkey-pwd pass:password \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
- --pubkey ${TESTDIR}/data/pubek.pem \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
+ --pubkey "${TESTDIR}/data/pubek.pem" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
@@ -102,21 +104,21 @@
# truncate result file
#certtool --certificate-info --infile ${cert}
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 3: OK"
###################### Platform Certificate #####################
-echo -en "password" > ${pwdfile}
-exec 100<${pwdfile}
+echo -en "password" > "${pwdfile}"
+exec 100<"${pwdfile}"
${SWTPM_CERT} \
--type platform \
- --signkey ${TESTDIR}/data/signkey-encrypted.pem \
+ --signkey "${TESTDIR}/data/signkey-encrypted.pem" \
--signkey-pwd fd:100 \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --pubkey ${TESTDIR}/data/pubek.pem \
- --out-cert ${cert} \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --pubkey "${TESTDIR}/data/pubek.pem" \
+ --out-cert "${cert}" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
@@ -135,5 +137,5 @@
# truncate result file
#certtool --certificate-info --infile ${cert}
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 4: OK"
diff --git a/tests/test_swtpm_setup_create_cert b/tests/test_swtpm_setup_create_cert
index 2c445c1..c48b0e2 100755
--- a/tests/test_swtpm_setup_create_cert
+++ b/tests/test_swtpm_setup_create_cert
@@ -4,9 +4,8 @@
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
-SRCDIR=${abs_top_srcdir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
SWTPM_LOCALCA=${ROOT}/src/swtpm_localca/swtpm_localca
@@ -23,7 +22,7 @@
function cleanup()
{
- rm -rf ${workdir}
+ rm -rf "${workdir}"
}
# We want swtpm_cert to use the local CA and see that the
@@ -31,14 +30,14 @@
# self-signed certificate; use ${WORKDIR} in the config files
# to test env variable resolution
-cat <<_EOF_ > ${workdir}/swtpm-localca.conf
+cat <<_EOF_ > "${workdir}/swtpm-localca.conf"
statedir=\${WORKDIR}
signingkey = \${WORKDIR}/signingkey.pem
issuercert = \${WORKDIR}/issuercert.pem
certserial = \${WORKDIR}/certserial
_EOF_
-cat <<_EOF_ > ${workdir}/swtpm-localca.options
+cat <<_EOF_ > "${workdir}/swtpm-localca.options"
--tpm-manufacturer IBM
--tpm-model swtpm-libtpms
--tpm-version 1.2
@@ -47,7 +46,7 @@
--platform-model QEMU
_EOF_
-cat <<_EOF_ > ${workdir}/swtpm_setup.conf
+cat <<_EOF_ > "${workdir}/swtpm_setup.conf"
create_certs_tool=${SWTPM_LOCALCA}
create_certs_tool_config=\${WORKDIR}/swtpm-localca.conf
create_certs_tool_options=\${WORKDIR}/swtpm-localca.options
@@ -62,44 +61,44 @@
# we need to create at least one cert: --create-ek-cert
WORKDIR=${workdir} \
$SWTPM_SETUP \
- --tpm-state ${workdir} \
+ --tpm-state "${workdir}" \
--create-ek-cert \
- --config ${workdir}/swtpm_setup.conf \
- --logfile ${workdir}/logfile \
+ --config "${workdir}/swtpm_setup.conf" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}" \
--write-ek-cert-files "${workdir}"
if [ $? -ne 0 ]; then
echo "Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
if [ ! -r "${SIGNINGKEY}" ]; then
echo "Error: Signingkey file ${SIGNINGKEY} was not created."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
if [ ! -r "${ISSUERCERT}" ]; then
echo "Error: Issuer cert file ${ISSUERCERT} was not created."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
if [ ! -r "${CERTSERIAL}" ]; then
echo "Error: Cert serial number file ${CERTSERIAL} was not created."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
-if [ -z "$(grep "ENCRYPTED PRIVATE KEY" ${workdir}/swtpm-localca-rootca-privkey.pem)" ]; then
+if [ -z "$(grep "ENCRYPTED PRIVATE KEY" "${workdir}/swtpm-localca-rootca-privkey.pem")" ]; then
echo "Error: Root CA's private key should be encrypted"
- cat ${workdir}/swtpm-localca-rootca-privkey.pem
+ cat "${workdir}/swtpm-localca-rootca-privkey.pem"
exit 1
fi
diff --git a/tests/test_swtpm_setup_file_backend b/tests/test_swtpm_setup_file_backend
index 1056d49..bc46b8f 100755
--- a/tests/test_swtpm_setup_file_backend
+++ b/tests/test_swtpm_setup_file_backend
@@ -6,7 +6,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SRCDIR=${abs_top_srcdir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
SWTPM_SETUP_CONF=$SRCDIR/samples/swtpm_setup.conf
@@ -18,7 +18,7 @@
function cleanup()
{
- rm -rf ${workdir} ${state_save_dir}
+ rm -rf "${workdir}" "${state_save_dir}"
}
# Test 1: no dummy file, create new state
@@ -29,14 +29,14 @@
$SWTPM_SETUP \
--not-overwrite \
--tpm-state "file://${statefile}" \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 0 ]; then
echo "Test 1 failed: Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
@@ -45,64 +45,64 @@
# copy out and reuse the valid state from test 1 as dummy, as file backend will
# not detect files without at least a valid header - but append some garbage at
# the end to distinguish it from newly created states
-cp ${statefile} ${state_save}
-echo "GARBAGE" >> ${state_save}
+cp "${statefile}" "${state_save}"
+echo "GARBAGE" >> "${state_save}"
-rm -rf ${workdir}
+rm -rf "${workdir}"
# Test 2: --overwrite with dummy state file
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/swtpm-test.state"
-cp ${state_save} ${statefile}
+cp "${state_save}" "${statefile}"
$SWTPM_SETUP \
--overwrite \
--tpm-state "file://${statefile}" \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 0 ]; then
echo "Test 2 failed: Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
if cmp -s "${statefile}" "${state_save}"; then
echo "Test 2 failed: Error: The state file was not overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
echo "Test 2 passed"
-rm -rf ${workdir}
+rm -rf "${workdir}"
# Test 3: neither "--overwrite" nor "--not-overwrite" with dummy state file
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/swtpm-test.state"
-cp ${state_save} ${statefile}
+cp "${state_save}" "${statefile}"
$SWTPM_SETUP \
--tpm-state "file://${statefile}" \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 1 ]; then
echo "Test 3 failed: Error: $SWTPM_SETUP did not exit with exit code 1."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
if ! cmp -s "${statefile}" "${state_save}"; then
echo "Test 3 failed: Error: The state file was unexpectedly overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
diff --git a/tests/test_swtpm_setup_misc b/tests/test_swtpm_setup_misc
index f8d7ef1..31d1762 100755
--- a/tests/test_swtpm_setup_misc
+++ b/tests/test_swtpm_setup_misc
@@ -9,15 +9,14 @@
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
-SRCDIR=${abs_top_srcdir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
trap "cleanup" SIGTERM EXIT
function cleanup()
{
- rm -rf ${workdir}
+ rm -rf "${workdir}"
}
workdir="$(mktemp -d)" || exit 1
@@ -33,7 +32,7 @@
fi
for f in ${FILES}; do
if ! [ -f "${workdir}/${f}" ]; then
- echo "Error: File ${workedir}/${f} was not created"
+ echo "Error: File ${workdir}/${f} was not created"
exit 1
fi
done
@@ -64,7 +63,7 @@
fi
for f in ${FILES}; do
if ! [ -f "${workdir}/${f}" ]; then
- echo "Error: File ${workedir}/${f} was not created"
+ echo "Error: File ${workdir}/${f} was not created"
exit 1
fi
done
diff --git a/tests/test_swtpm_setup_overwrite b/tests/test_swtpm_setup_overwrite
index e457587..a9f47fc 100755
--- a/tests/test_swtpm_setup_overwrite
+++ b/tests/test_swtpm_setup_overwrite
@@ -6,7 +6,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SRCDIR=${abs_top_srcdir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
STATEBASENAME="tpm-00.permall"
@@ -16,7 +16,7 @@
function cleanup()
{
- rm -rf ${workdir}
+ rm -rf "${workdir}"
}
# Test 1: --not-overwrite with dummy state file
@@ -24,26 +24,26 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/${STATEBASENAME}"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
$SWTPM_SETUP \
--not-overwrite \
- --tpm-state ${workdir} \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --tpm-state "${workdir}" \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 0 ]; then
echo "Test 1 failed: Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
-if [ -z "$(grep ${dummydata} ${statefile})" ]; then
+if [ -z "$(grep "${dummydata}" "${statefile}")" ]; then
echo "Test 1 failed: Error: The state file was unexpectedly overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
@@ -55,26 +55,26 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/${STATEBASENAME}"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
$SWTPM_SETUP \
--overwrite \
- --tpm-state ${workdir} \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --tpm-state "${workdir}" \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 0 ]; then
echo "Test 2 failed: Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
-if [ -n "$(grep ${dummydata} ${statefile})" ]; then
+if [ -n "$(grep "${dummydata}" "${statefile}")" ]; then
echo "Test 2 failed: Error: The state file was not overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
@@ -86,25 +86,25 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/${STATEBASENAME}"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
$SWTPM_SETUP \
- --tpm-state ${workdir} \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --tpm-state "${workdir}" \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 1 ]; then
echo "Test 3 failed: Error: $SWTPM_SETUP did not exit with exit code 1."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
-if [ -z "$(grep ${dummydata} ${statefile})" ]; then
+if [ -z "$(grep "${dummydata}" "${statefile}")" ]; then
echo "Test 3 failed: Error: The state file was unexpectedly overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
diff --git a/tests/test_tpm12 b/tests/test_tpm12
index cd3d15c..dabfd80 100755
--- a/tests/test_tpm12
+++ b/tests/test_tpm12
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
-if [ ${SWTPM_TEST_EXPENSIVE:-0} -eq 0 ]; then
+if [ "${SWTPM_TEST_EXPENSIVE:-0}" -eq 0 ]; then
exit 77
fi
@@ -9,13 +9,13 @@
function cleanup() {
if [ -n "${SWTPM_PID}" ]; then
- kill -9 ${SWTPM_PID}
+ kill -9 "${SWTPM_PID}"
fi
if [ -n "${SWTPM1_PID}" ]; then
- kill -9 ${SWTPM1_PID}
+ kill -9 "${SWTPM1_PID}"
fi
- if [ -n ${WORKDIR} ]; then
- rm -rf ${WORKDIR}
+ if [ -n "${WORKDIR}" ]; then
+ rm -rf "${WORKDIR}"
fi
# clean up after (interrupted) test suite
rm -f /tmp/.key-*-0 /tmp/.delegation-0 /tmp/.transdigest-*-0
@@ -23,7 +23,7 @@
trap "cleanup" EXIT
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
WORKDIR="$(mktemp -d)" || exit 1
@@ -42,9 +42,9 @@
SWTPM_SERVER_NAME=${TPM_SERVER_NAME}
SWTPM_CTRL_PORT=65441
-mkdir -p ${WORKDIR}/tpm12.1
-SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm ${SWTPM_INTERFACE} \
- --tpmstate dir=${WORKDIR}/tpm12.1 \
+mkdir -p "${WORKDIR}/tpm12.1"
+SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm "${SWTPM_INTERFACE}" \
+ --tpmstate "dir=${WORKDIR}/tpm12.1" \
--flags not-need-init
SWTPM1_PID=${SWTPM_PID}
@@ -53,12 +53,12 @@
SWTPM_SERVER_NAME=${SLAVE_TPM_SERVER}
SWTPM_CTRL_PORT=65443
-mkdir -p ${WORKDIR}/tpm12.2
-SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm ${SWTPM_INTERFACE} \
- --tpmstate dir=${WORKDIR}/tpm12.2 \
+mkdir -p "${WORKDIR}/tpm12.2"
+SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm "${SWTPM_INTERFACE}" \
+ --tpmstate "dir=${WORKDIR}/tpm12.2" \
--flags not-need-init
-pushd ${WORKDIR} &>/dev/null
+pushd "${WORKDIR}" &>/dev/null
for ((i = 0; i < 3; i++)); do
curl -sJOL https://sourceforge.net/projects/ibmswtpm/files/tpm4769tar.gz/download
@@ -69,7 +69,7 @@
sleep $((3 + (RANDOM & 7)))
done
hash=$(get_sha1_file tpm4769tar.gz)
-if [ $hash != ca99a3ccd3e41cdd9983086a9b944023b6049bbc ]; then
+if [ "$hash" != ca99a3ccd3e41cdd9983086a9b944023b6049bbc ]; then
echo "Error: Downloaded file does not have expected hash."
echo "Actual: $hash"
exit 1
@@ -78,7 +78,7 @@
pushd libtpm &>/dev/null
-patch -p0 < ${TESTDIR}/patches/libtpm.patch
+patch -p0 < "${TESTDIR}/patches/libtpm.patch"
if [ $? -ne 0 ]; then
echo "Error: Patching failed."
exit 1
@@ -86,7 +86,7 @@
./autogen
LIBS="" CFLAGS="-g -O2 -DOPENSSL_SUPPRESS_DEPRECATED=1" ./configure
-make -j$(nproc)
+make -j "$(nproc)"
pushd utils &>/dev/null
@@ -127,21 +127,21 @@
TPM_TRANSPORT=1
fi
- timeout 40 ./test_console.sh \
- --non-interactive ${tst} >> ${TESTLOG} </dev/null
+ TPM_AUDITING=${TPM_AUDITING} TPM_TRANSPORT=${TPM_TRANSPORT} timeout 40 ./test_console.sh \
+ --non-interactive "${tst}" >> "${TESTLOG}" </dev/null
# Ignore all errors that occurred in test 1
- if [ $tst != "1" ] && [ -n "$(grep "ERROR" ${TESTLOG})" ]; then
+ if [ $tst != "1" ] && [ -n "$(grep "ERROR" "${TESTLOG}")" ]; then
echo "Error occurred!"
- cat ${TESTLOG}
+ cat "${TESTLOG}"
exit 1
fi
done
$SWTPM_IOCTL --tcp :65441 -s
-wait_process_gone ${SWTPM1_PID} 4
+wait_process_gone "${SWTPM1_PID}" 4
$SWTPM_IOCTL --tcp :65443 -s
-wait_process_gone ${SWTPM_PID} 4
+wait_process_gone "${SWTPM_PID}" 4
popd &>/dev/null
popd &>/dev/null
diff --git a/tests/test_tpm2_avoid_da_lockout b/tests/test_tpm2_avoid_da_lockout
index ea1fabd..643f586 100755
--- a/tests/test_tpm2_avoid_da_lockout
+++ b/tests/test_tpm2_avoid_da_lockout
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_chroot_chardev b/tests/test_tpm2_chroot_chardev
index faab321..dc3280c 100755
--- a/tests/test_tpm2_chroot_chardev
+++ b/tests/test_tpm2_chroot_chardev
@@ -20,8 +20,8 @@
SWTPM_EXE=${SWTPM_EXE:-$ROOT/src/swtpm/$SWTPM}
PID_FILE=/${SWTPM}.pid
-source ${TESTDIR}/common
-source ${TESTDIR}/test_common
+source "${TESTDIR}/common"
+source "${TESTDIR}/test_common"
skip_test_no_chardev "${SWTPM_EXE}"
skip_test_no_tpm20 "${SWTPM_EXE}"
@@ -29,42 +29,42 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
for OPTION in --chroot -R; do
TPMDIR="$(mktemp -d)" || exit 1
- mkdir $TPMDIR/dev
- mknod -m 0666 $TPMDIR/dev/urandom c 1 9
+ mkdir "$TPMDIR/dev"
+ mknod -m 0666 "$TPMDIR/dev/urandom" c 1 9
# use a pseudo terminal
exec 100<>/dev/ptmx
$SWTPM_EXE chardev \
--fd 100 \
- "$OPTION" $TPMDIR \
+ "$OPTION" "$TPMDIR" \
--tpmstate dir=/ \
- --pid file=$PID_FILE \
+ --pid "file=$PID_FILE" \
--tpm2 \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
- if wait_for_file $TPMDIR/$PID_FILE 3; then
+ if wait_for_file "$TPMDIR/$PID_FILE" 3; then
echo "Error: Chardev TPM did not write pidfile."
exit 1
fi
- validate_pidfile $PID $TPMDIR/$PID_FILE
+ validate_pidfile "$PID" "$TPMDIR/$PID_FILE"
- if [ "$(readlink /proc/$PID/root)" != $TPMDIR ]; then
+ if [ "$(readlink /proc/$PID/root)" != "$TPMDIR" ]; then
echo "Test 1 failed: Unexpected chroot dir"
exit 1
fi
- if [ ! -f ${TPMDIR}/tpm2-00.permall ]; then
+ if [ ! -f "${TPMDIR}/tpm2-00.permall" ]; then
echo "Missing state file"
exit 1
fi
diff --git a/tests/test_tpm2_chroot_cuse b/tests/test_tpm2_chroot_cuse
index 1d057dd..0af1362 100755
--- a/tests/test_tpm2_chroot_cuse
+++ b/tests/test_tpm2_chroot_cuse
@@ -27,9 +27,9 @@
VTPM_NAME="vtpm-test-chroot"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-source ${TESTDIR}/common
-source ${TESTDIR}/test_common
-source ${TESTDIR}/test_cuse
+source "${TESTDIR}/common"
+source "${TESTDIR}/test_common"
+source "${TESTDIR}/test_cuse"
skip_test_no_tpm20 "${SWTPM_EXE}"
@@ -37,9 +37,9 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
@@ -47,7 +47,7 @@
TPMDIR="$(mktemp -d)" || exit 1
# CUSE TPM will only work if the filesystem does not have 'nodev' option
- mnt=$(df $TPMDIR | tail -n 1 | gawk '{print $1" "$6}')
+ mnt=$(df "$TPMDIR" | tail -n 1 | gawk '{print $1" "$6}')
if [ -z "${mnt}" ]; then
echo " Error: Could not determine filesystem and mount point of $TPMDIR"
exit 1
@@ -60,20 +60,20 @@
exit 77
fi
- mkdir $TPMDIR/dev
- mknod -m 0666 $TPMDIR/dev/urandom c 1 9
- mknod -m 0666 $TPMDIR/dev/cuse c 10 203
+ mkdir "$TPMDIR/dev"
+ mknod -m 0666 "$TPMDIR/dev/urandom" c 1 9
+ mknod -m 0666 "$TPMDIR/dev/cuse" c 10 203
$SWTPM_EXE cuse \
-n "$SWTPM_DEV_NAME" \
- "$OPTION" $TPMDIR \
+ "$OPTION" "$TPMDIR" \
--tpmstate dir=/ \
- --pid file=$PID_FILE \
+ --pid "file=$PID_FILE" \
--tpm2 \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &>/dev/null &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &>/dev/null &
- if wait_for_file $TPMDIR/$PID_FILE 3; then
+ if wait_for_file "$TPMDIR/$PID_FILE" 3; then
echo "Error: CUSE TPM did not write pidfile."
exit 1
fi
@@ -84,14 +84,14 @@
grep -v grep |
gawk '{print $2}')
- validate_pidfile $PID $TPMDIR/$PID_FILE
+ validate_pidfile "$PID" "$TPMDIR/$PID_FILE"
- if [ "$(readlink /proc/$PID/root)" != $TPMDIR ]; then
+ if [ "$(readlink "/proc/$PID/root")" != "$TPMDIR" ]; then
echo "Test 1 failed: Unexpected chroot dir"
exit 1
fi
- if [ ! -f ${TPMDIR}/tpm2-00.permall ]; then
+ if [ ! -f "${TPMDIR}/tpm2-00.permall" ]; then
echo "Missing state file"
exit 1
fi
diff --git a/tests/test_tpm2_chroot_socket b/tests/test_tpm2_chroot_socket
index 3109b08..adc9a1f 100755
--- a/tests/test_tpm2_chroot_socket
+++ b/tests/test_tpm2_chroot_socket
@@ -20,8 +20,8 @@
SWTPM_EXE=${SWTPM_EXE:-$ROOT/src/swtpm/$SWTPM}
PID_FILE=/${SWTPM}.pid
-source ${TESTDIR}/common
-source ${TESTDIR}/test_common
+source "${TESTDIR}/common"
+source "${TESTDIR}/test_common"
skip_test_no_chardev "${SWTPM_EXE}"
skip_test_no_tpm20 "${SWTPM_EXE}"
@@ -29,9 +29,9 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
@@ -43,32 +43,32 @@
for OPTION in --chroot -R; do
TPMDIR="$(mktemp -d)" || exit 1
- mkdir $TPMDIR/dev
- mknod -m 0666 $TPMDIR/dev/urandom c 1 9
+ mkdir "$TPMDIR/dev"
+ mknod -m 0666 "$TPMDIR/dev/urandom" c 1 9
$SWTPM_EXE socket \
-p $PORT \
- "$OPTION" $TPMDIR \
+ "$OPTION" "$TPMDIR" \
--tpmstate dir=/ \
- --pid file=$PID_FILE \
+ --pid "file=$PID_FILE" \
--tpm2 \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &>/dev/null &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &>/dev/null &
PID=$!
- if wait_for_file $TPMDIR/$PID_FILE 3; then
+ if wait_for_file "$TPMDIR/$PID_FILE" 3; then
echo "Error: socket TPM did not write pidfile."
exit 1
fi
- validate_pidfile $PID $TPMDIR/$PID_FILE
+ validate_pidfile "$PID" "$TPMDIR/$PID_FILE"
- if [ "$(readlink /proc/$PID/root)" != $TPMDIR ]; then
+ if [ "$(readlink /proc/$PID/root)" != "$TPMDIR" ]; then
echo "Test 1 failed: Unexpected chroot dir"
exit 1
fi
- if [ ! -f ${TPMDIR}/tpm2-00.permall ]; then
+ if [ ! -f "${TPMDIR}/tpm2-00.permall" ]; then
echo "Missing state file"
exit 1
fi
diff --git a/tests/test_tpm2_ctrlchannel2 b/tests/test_tpm2_ctrlchannel2
index 13f92c6..f6e75c9 100755
--- a/tests/test_tpm2_ctrlchannel2
+++ b/tests/test_tpm2_ctrlchannel2
@@ -11,13 +11,11 @@
TPMDIR="$(mktemp -d)" || exit 1
PID_FILE=$TPMDIR/${SWTPM}.pid
SOCK_PATH=$TPMDIR/sock
-CMD_PATH=$TPMDIR/cmd
-RESP_PATH=$TPMDIR/resp
LOGFILE=$TPMDIR/logfile
VOLATILESTATE=$TPMDIR/volatile
-source ${TESTDIR}/common
-source ${TESTDIR}/test_common
+source "${TESTDIR}/common"
+source "${TESTDIR}/test_common"
skip_test_no_chardev "${SWTPM_EXE}"
skip_test_no_tpm20 "${SWTPM_EXE}"
@@ -25,14 +23,14 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
# Test 1: test the control channel on the chardev tpm
-if [ $(id -u) -eq 0 ]; then
+if [ "$(id -u)" -eq 0 ]; then
FOWNER=",uid=$(id -u nobody),gid=$(id -G nobody | cut -d" " -f1)"
FILEOWNER="$(id -u nobody) $(id -G nobody | cut -d" " -f1)"
fi
@@ -50,28 +48,28 @@
exec 100<>/dev/ptmx
$SWTPM_EXE chardev \
--fd 100 \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH,mode=${FILEMODE}${FOWNER} \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH,mode=${FILEMODE}${FOWNER}" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Chardev TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -c 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -c 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CAPABILITY failed: $act"
exit 1
fi
-filemode=$(get_filemode $SOCK_PATH)
+filemode=$(get_filemode "$SOCK_PATH")
if [ "$filemode" != "$FILEMODE" ]; then
echo "Filemode bits are wrong"
echo "Expected: $FILEMODE"
@@ -79,7 +77,7 @@
exit 1
fi
-fileowner=$(get_fileowner $SOCK_PATH)
+fileowner=$(get_fileowner "$SOCK_PATH")
if [ -n "$FILEOWNER" ] && [ "$fileowner" != "$FILEOWNER" ]; then
echo "File ownership is wrong"
echo "Expected: $FILEOWNER"
@@ -94,33 +92,33 @@
fi
# Send TPM_Init to the TPM: CMD_INIT = 0x00 00 00 02 + flags
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -v 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -v 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STORE_VOLATILE failed: $act"
exit 1
fi
-if [ ! -r $TPMDIR/tpm2-00.volatilestate ]; then
+if [ ! -r "$TPMDIR/tpm2-00.volatilestate" ]; then
echo "Error: Socket TPM: Did not write volatile state file"
exit 1
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --stop 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --stop 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STOP failed: $act"
exit 1
fi
# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -g 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -g 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CONFIG failed: $act"
exit 1
@@ -133,18 +131,18 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
@@ -158,26 +156,26 @@
# use a pseudo terminal
$SWTPM_EXE socket \
--server port=65532,disconnect=true \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
--flags startup-clear \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
exec 100<>/dev/tcp/localhost/65532
# Get the capability bits: CMD_GET_CAPABILITY = 0x00 00 00 01
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -c 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -c 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CAPABILITY failed: $act"
exit 1
@@ -201,19 +199,19 @@
fi
# Save the volatile state: CMD_STORE_VOLATILE = 0x00 00 00 0a
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -v 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -v 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STORE_VOLATILE failed: $act"
exit 1
fi
-if [ ! -r $TPMDIR/tpm2-00.volatilestate ]; then
+if [ ! -r "$TPMDIR/tpm2-00.volatilestate" ]; then
echo "Error: Socket TPM: Did not write volatile state file"
exit 1
fi
# 1. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -e 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -e 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_TPMESTABLISHED failed: $act"
exit 1
@@ -230,14 +228,14 @@
while [ ${#data} -lt $((0x2000)) ]; do
data="${data}${data}"
done
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -h $data 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -h $data 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL data hashing failed: $act"
exit 1
fi
# 3. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -e 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -e 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_TPMESTABLISHED failed: $act"
exit 1
@@ -250,14 +248,14 @@
fi
# 4. Send command to reset TPM established flag: CMD_RESET_TPMESTABLISHED = 00 00 00 0b 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -r 3 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -r 3 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_RESET_TPMESTABLISHED failed: $act"
exit 1
fi
# 5. Send command to get TPM established flag: CMD_GET_TPMESTABLISHED = 00 00 00 04
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -e 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -e 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_TPMESTABLISHED failed: $act"
exit 1
@@ -283,14 +281,14 @@
fi
# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --save volatile $VOLATILESTATE 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --save volatile "$VOLATILESTATE" 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_STATEBLOB failed: $act"
exit 1
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --stop 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --stop 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STOP failed: $act"
exit 1
@@ -310,7 +308,7 @@
fi
# Send get config command to the TPM: CMD_GET_CONFIG = 00 00 00 0f
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -g 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -g 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_CONFIG failed: $act"
exit 1
@@ -323,18 +321,18 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
@@ -344,25 +342,25 @@
# Test 3: test the control channel on the socket tpm: resume encrypted state
# copy all the state files
-cp ${TESTDIR}/data/tpm2state2/* ${TPMDIR}
+cp "${TESTDIR}/data/tpm2state2/"* "${TPMDIR}"
$SWTPM_EXE socket \
--server port=65532,disconnect=true \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --key pwdfile=${TESTDIR}/data/tpm2state2/pwdfile.txt,kdf=sha512 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --key "pwdfile=${TESTDIR}/data/tpm2state2/pwdfile.txt,kdf=sha512" \
--tpm2 \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Read PCR 10
exec 100<>/dev/tcp/localhost/65532
@@ -378,50 +376,50 @@
fi
# Get the volatile state of the TPM: CMD_GET_STATEBLOB = 00 00 00 0c
-rm -f $VOLATILESTATE
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --save volatile $VOLATILESTATE 2>&1)
+rm -f "$VOLATILESTATE"
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --save volatile "$VOLATILESTATE" 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_GET_STATEBLOB failed: $act"
exit 1
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
-if [ -f $PID_FILE ]; then
+if [ -f "$PID_FILE" ]; then
echo "Error: Socket TPM should have removed the PID file."
exit 1
fi
# remove volatile state
-rm -f $TPMDIR/*.volatilestate
+rm -f "$TPMDIR"/*.volatilestate
$SWTPM_EXE socket \
--server port=65532,disconnect=true \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --key pwdfile=${TESTDIR}/data/tpm2state2/pwdfile.txt,kdf=sha512 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --key "pwdfile=${TESTDIR}/data/tpm2state2/pwdfile.txt,kdf=sha512" \
--tpm2 \
--flags not-need-init \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
PID=$!
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Socket TPM did not write pidfile."
exit 1
fi
-validate_pidfile $PID $PID_FILE
+validate_pidfile "$PID" "$PID_FILE"
# Read PCR 10 -- this should fail now
exec 100<>/dev/tcp/localhost/65532
@@ -437,21 +435,21 @@
fi
# Send stop command to the TPM: CMD_STOP = 00 00 00 0e
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --stop 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --stop 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STOP failed: $act"
exit 1
fi
# Send the volatile state to the TPM (while it is stopped)
-act=$($SWTPM_IOCTL --unix $SOCK_PATH --load volatile $VOLATILESTATE 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" --load volatile "$VOLATILESTATE" 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SET_STATEBLOB failed: $act"
exit 1
fi
# Send init command to the TPM: CMD_INIT = 00 00 00 02
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
@@ -484,7 +482,7 @@
# In locality 2 we can reset PCR 20
# Set the locality on the TPM: CMD_SET_LOCALITY = 00 00 00 05 <locality>
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -l 2 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -l 2 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SET_LOCALITY failed: $act"
exit 1
@@ -503,18 +501,18 @@
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
diff --git a/tests/test_tpm2_ctrlchannel3 b/tests/test_tpm2_ctrlchannel3
index 577ccbf..6ddab29 100755
--- a/tests/test_tpm2_ctrlchannel3
+++ b/tests/test_tpm2_ctrlchannel3
@@ -44,7 +44,7 @@
-t \
--pid "file=${PID_FILE}" \
--log "file=${LOG_FILE},level=20" \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
@@ -76,7 +76,7 @@
--server "type=tcp,port=${SWTPM_SERVER_PORT}" \
--tpmstate "dir=${TPMDIR}" \
--pid "file=${PID_FILE}" \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
@@ -112,7 +112,7 @@
--server "type=tcp,port=${SWTPM_SERVER_PORT}" \
--tpmstate "dir=${TPMDIR}" \
--pid "file=${PID_FILE}" \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
SWTPM_PID=$!
if wait_for_file "${PID_FILE}" 3; then
diff --git a/tests/test_tpm2_derived_keys b/tests/test_tpm2_derived_keys
index e8afa24..c99ae5a 100755
--- a/tests/test_tpm2_derived_keys
+++ b/tests/test_tpm2_derived_keys
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_encrypted_state b/tests/test_tpm2_encrypted_state
index 55663a1..91f07b0 100755
--- a/tests/test_tpm2_encrypted_state
+++ b/tests/test_tpm2_encrypted_state
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_file_permissions b/tests/test_tpm2_file_permissions
index 3596b4c..0a72602 100755
--- a/tests/test_tpm2_file_permissions
+++ b/tests/test_tpm2_file_permissions
@@ -7,21 +7,22 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_linked_with_asan "${SWTPM_EXE}"
# Determine a test user and group
id -u nobody &>/dev/null && export TESTUSER=nobody
-export TESTGROUP="$(getent group $(id -g "${TESTUSER}") | cut -d':' -f1)"
+TESTGROUP="$(getent group "$(id -g "${TESTUSER}")" | cut -d':' -f1)"
if [ -z "${TESTUSER}" ] || [ -z "${TESTGROUP}" ]; then
echo "Could not find suitable user/group for testing with."
exit 77
fi
+export TESTGROUP
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_getcap b/tests/test_tpm2_getcap
index 07a3573..7251dbf 100755
--- a/tests/test_tpm2_getcap
+++ b/tests/test_tpm2_getcap
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_hashing b/tests/test_tpm2_hashing
index 24ea946..e35c8b2 100755
--- a/tests/test_tpm2_hashing
+++ b/tests/test_tpm2_hashing
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_hashing2 b/tests/test_tpm2_hashing2
index 7120ba9..b6cdd04 100755
--- a/tests/test_tpm2_hashing2
+++ b/tests/test_tpm2_hashing2
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_hashing3 b/tests/test_tpm2_hashing3
index 747e26e..e9c31ec 100755
--- a/tests/test_tpm2_hashing3
+++ b/tests/test_tpm2_hashing3
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_ibmtss2 b/tests/test_tpm2_ibmtss2
index 6caf4fc..335d2bc 100755
--- a/tests/test_tpm2_ibmtss2
+++ b/tests/test_tpm2_ibmtss2
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
-if [ ${SWTPM_TEST_EXPENSIVE:-0} -eq 0 ]; then
+if [ "${SWTPM_TEST_EXPENSIVE:-0}" -eq 0 ]; then
exit 77
fi
@@ -11,7 +11,7 @@
ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
-ABSTESTDIR=$(cd ${TESTDIR} &>/dev/null;echo ${PWD})
+ABSTESTDIR=$(cd "${TESTDIR}" &>/dev/null;echo "${PWD}")
PATCHESDIR=${ABSTESTDIR}/patches
@@ -23,28 +23,28 @@
function cleanup() {
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- if [ -n ${WORKDIR} ]; then
- rm -rf ${WORKDIR}
+ if [ -n "${WORKDIR}" ]; then
+ rm -rf "${WORKDIR}"
fi
}
trap "cleanup" EXIT
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
WORKDIR="$(mktemp -d)" || exit 1
REGLOG=${WORKDIR}/reglog
-SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm ${SWTPM_INTERFACE} \
+SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm "${SWTPM_INTERFACE}" \
--tpm2 \
- --tpmstate dir=${WORKDIR} \
+ --tpmstate "dir=${WORKDIR}" \
--flags not-need-init
-pushd ${WORKDIR} &>/dev/null
+pushd "${WORKDIR}" &>/dev/null
git clone https://git.code.sf.net/p/ibmtpm20tss/tss ibmtpm20tss-tss
@@ -64,43 +64,43 @@
# A v1.6.0 bug work-around:
# We cannot run the EK certificate tests since rootcerts.txt points to
# files we do not have
-git am < ${PATCHESDIR}/0001-Deactivate-test-cases-accessing-rootcerts.txt.patch
+git am < "${PATCHESDIR}/0001-Deactivate-test-cases-accessing-rootcerts.txt.patch"
# Implement 'powerup' for swtpm
-git am < ${PATCHESDIR}/0002-Implement-powerup-for-swtpm.patch
+git am < "${PATCHESDIR}/0002-Implement-powerup-for-swtpm.patch"
# set CRYPTOLIBRARY=openssl
-git am < ${PATCHESDIR}/0003-Set-CRYPTOLIBRARY-to-openssl.patch
+git am < "${PATCHESDIR}/0003-Set-CRYPTOLIBRARY-to-openssl.patch"
# Store and restore volatile state at every step
-git am < ${PATCHESDIR}/0004-Store-and-restore-volatile-state-at-every-step.patch
+git am < "${PATCHESDIR}/0004-Store-and-restore-volatile-state-at-every-step.patch"
# Disable 'Events' test
-git am < ${PATCHESDIR}/0005-Disable-tests-related-to-events.patch
+git am < "${PATCHESDIR}/0005-Disable-tests-related-to-events.patch"
-rsa3072=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 4 |
+rsa3072=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" --info 4 |
sed -n 's/.*"RSAKeySizes":\[\([0-9,]*\)\].*/\1/p' |
grep 3072)
if [ -z "$rsa3072" ]; then
echo "Modifying test cases related to RSA 3072 keys."
- git am < ${PATCHESDIR}/0006-Disable-testing-with-RSA-3072.patch
+ git am < "${PATCHESDIR}/0006-Disable-testing-with-RSA-3072.patch"
else
echo "swtpm/libtpms support RSA 3072 bit keys"
fi
# Adjust test suite to TPM 2.0 revision libtpms is implementing
-revision=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 1 |
+revision=$(run_swtpm_ioctl "${SWTPM_INTERFACE}" --info 1 |
sed 's/.*,"revision":\([^\}]*\).*/\1/')
echo "Libtpms implements TPM 2.0 revision ${revision}."
-if [ $revision -lt 155 ]; then
+if [ "$revision" -lt 155 ]; then
echo "Removing revision 155 and later test cases."
- git am < ${PATCHESDIR}/0007-Disable-rev155-test-cases.patch
- git am < ${PATCHESDIR}/0008-Disable-x509-test-cases.patch
- git am < ${PATCHESDIR}/0009-Disable-getcapability-TPM_CAP_ACT.patch
+ git am < "${PATCHESDIR}/0007-Disable-rev155-test-cases.patch"
+ git am < "${PATCHESDIR}/0008-Disable-x509-test-cases.patch"
+ git am < "${PATCHESDIR}/0009-Disable-getcapability-TPM_CAP_ACT.patch"
fi
if [ -n "$(openssl version | grep -E "^OpenSSL 3")" ]; then
- git am < ${PATCHESDIR}/0010-Adjust-test-cases-for-OpenSSL-3.patch
+ git am < "${PATCHESDIR}/0010-Adjust-test-cases-for-OpenSSL-3.patch"
fi
autoreconf --force --install
@@ -123,24 +123,24 @@
exit 1
fi
-./reg.sh -a 2>&1 | tee ${REGLOG}
+./reg.sh -a 2>&1 | tee "${REGLOG}"
ret=0
-if [ -n "$(grep -E "^ ERROR:" ${REGLOG})" ]; then
+if [ -n "$(grep -E "^ ERROR:" "${REGLOG}")" ]; then
echo "There were test failures running the IBM TSS 2 tests"
- grep -E "^ ERROR:" ${REGLOG} -B2 -A2
+ grep -E "^ ERROR:" "${REGLOG}" -B2 -A2
ret=1
fi
# Shut down
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
ret=1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
ret=1
fi
diff --git a/tests/test_tpm2_init b/tests/test_tpm2_init
index 7f37c50..7cb9a1e 100755
--- a/tests/test_tpm2_init
+++ b/tests/test_tpm2_init
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_locality b/tests/test_tpm2_locality
index 957543d..048af8a 100755
--- a/tests/test_tpm2_locality
+++ b/tests/test_tpm2_locality
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_migration_key b/tests/test_tpm2_migration_key
index 97f1261..8bf95a8 100755
--- a/tests/test_tpm2_migration_key
+++ b/tests/test_tpm2_migration_key
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_parameters b/tests/test_tpm2_parameters
index 4e94004..f6aa10c 100755
--- a/tests/test_tpm2_parameters
+++ b/tests/test_tpm2_parameters
@@ -2,16 +2,18 @@
# For the license, see the LICENSE file in the root directory.
+# shellcheck disable=SC1091
+
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
SRCDIR=${abs_top_srcdir:-$(dirname "$0")/..}
PATH=$ROOT/src/swtpm:$PATH
-source ${abs_top_builddir:-$(dirname "$0")/..}/tests/test_config
+source "${abs_top_builddir:-$(dirname "$0")/..}/tests/test_config"
PARAMETERS=(
""
@@ -57,8 +59,8 @@
)
# Open read-only file descriptors referenced in test cases
-exec 100<${TESTDIR}/data/keyfile256bit.txt
-exec 101<${TESTDIR}/data/pwdfile.txt
+exec 100<"${TESTDIR}/data/keyfile256bit.txt"
+exec 101<"${TESTDIR}/data/pwdfile.txt"
# produced file size is always the same with TPM2
@@ -75,7 +77,7 @@
function cleanup()
{
if [ -n "$TPMDIR" ]; then
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
fi
}
@@ -89,18 +91,19 @@
PATH=$PATH:$TESTDIR
for (( i=0; i<${#PARAMETERS[*]}; i++)); do
- rm -rf $TPMDIR/*
+ rm -rf "$TPMDIR"/*
echo -n "Test $i: "
+ params=${PARAMETERS[$i]}
$TPMAUTHORING \
- --tpm-state $TPMDIR \
+ --tpm-state "$TPMDIR" \
--tpm "$SWTPM_EXE socket ${SWTPM_TEST_SECCOMP_OPT}" \
- ${PARAMETERS[$i]} 2>&1 >/dev/null
+ ${params:+${params}} &>/dev/null
if [ $? -ne 0 ]; then
- echo "ERROR: Test with parameters '${PARAMETERS[$i]}' failed."
+ echo "ERROR: Test with parameters '${params}' failed."
exit 1
- elif [ ! -f $TPMDIR/tpm2-00.permall ]; then
- echo "ERROR: Test with parameters '${PARAMETERS[$i]}' did not
+ elif [ ! -f "$TPMDIR/tpm2-00.permall" ]; then
+ echo "ERROR: Test with parameters '${params}' did not
produce file $TPMDIR/tpm2-00.permall."
exit 1
fi
@@ -108,22 +111,21 @@
# Make sure the state is encrypted when a key was given.
# We expect sequences of 4 0-bytes in unencrypted state
# and no such sequences in encrypted state.
- nullseq="$(cat $TPMDIR/tpm2-00.permall | \
- od -t x1 -A n | tr -d '\n' | tr -s ' ' |
+ nullseq="$(od -t x1 -A n < "$TPMDIR/tpm2-00.permall" | tr -d '\n' | tr -s ' ' |
grep "00 00 00 00")"
- if [[ "${PARAMETERS[$i]}" =~ (keyfile|pwdfile) ]]; then
+ if [[ "${params}" =~ (keyfile|pwdfile) ]]; then
if [ -n "${nullseq}" ]; then
echo "ERROR: State file is not encrypted with" \
- "parameters '${PARAMETERS[$i]}'"
+ "parameters '${params}'"
fi
else
if [ -z "${nullseq}" ]; then
echo "ERROR: State must not be encrypted with" \
- "parameters '${PARAMETERS[$i]}'"
+ "parameters '${params}'"
fi
fi
- echo "SUCCESS with parameters '${PARAMETERS[$i]}'."
+ echo "SUCCESS with parameters '${params}'."
done
exec 100>&-
diff --git a/tests/test_tpm2_partial_reads b/tests/test_tpm2_partial_reads
index 4a5a8b3..51a27c6 100755
--- a/tests/test_tpm2_partial_reads
+++ b/tests/test_tpm2_partial_reads
@@ -3,7 +3,7 @@
# For the license, see the LICENSE file in the root directory.
# set -x
-cd $(dirname "$0")
+cd "$(dirname "$0")"
ROOT=${abs_top_builddir:-$(pwd)/..}
@@ -11,16 +11,17 @@
VTPM_NAME="vtpm-test-tpm2-partial-reads"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
-export TPM_PATH="$(mktemp -d)" || exit 1
+TPM_PATH="$(mktemp -d)" || exit 1
CMD_PATH="${TPM_PATH}/cmd"
+STATE_FILE="$TPM_PATH/tpm2-00.permall"
function cleanup()
{
pid=${SWTPM_PID}
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
function swtpm_read_n_bytes_fd100()
@@ -36,22 +37,22 @@
source common
skip_test_no_tpm20 "${SWTPM_EXE}"
-run_swtpm ${SWTPM_INTERFACE} --tpm2
+TPM_PATH=$TPM_PATH run_swtpm "${SWTPM_INTERFACE}" --tpm2
-kill_quiet -0 ${SWTPM_PID}
+kill_quiet -0 "${SWTPM_PID}"
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM did not start."
exit 1
fi
# Init the TPM
-run_swtpm_ioctl ${SWTPM_INTERFACE} -i
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -i
if [ $? -ne 0 ]; then
echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-kill_quiet -0 ${SWTPM_PID} 2>/dev/null
+kill_quiet -0 "${SWTPM_PID}" 2>/dev/null
if [ $? -ne 0 ]; then
echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
exit 1
@@ -60,7 +61,7 @@
# Prepare the TPM2_Startup
echo -en '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00' > "${CMD_PATH}"
-swtpm_open_cmddev ${SWTPM_INTERFACE} 100
+swtpm_open_cmddev "${SWTPM_INTERFACE}" 100
# Startup the TPM2
cat "${CMD_PATH}" >&100
@@ -129,18 +130,18 @@
fi
exec 100>&-
-run_swtpm_ioctl ${SWTPM_INTERFACE} -s
+run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
if [ $? -ne 0 ]; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
-if wait_process_gone ${SWTPM_PID} 4; then
+if wait_process_gone "${SWTPM_PID}" 4; then
echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
diff --git a/tests/test_tpm2_print_capabilities b/tests/test_tpm2_print_capabilities
index 4d662ca..fa739ae 100755
--- a/tests/test_tpm2_print_capabilities
+++ b/tests/test_tpm2_print_capabilities
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_print_states b/tests/test_tpm2_print_states
index 398fe77..2d73923 100755
--- a/tests/test_tpm2_print_states
+++ b/tests/test_tpm2_print_states
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_probe b/tests/test_tpm2_probe
index bae9424..9c9ae6f 100755
--- a/tests/test_tpm2_probe
+++ b/tests/test_tpm2_probe
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_resume_volatile b/tests/test_tpm2_resume_volatile
index 4a71e91..8cf23a0 100755
--- a/tests/test_tpm2_resume_volatile
+++ b/tests/test_tpm2_resume_volatile
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_samples_create_tpmca.test b/tests/test_tpm2_samples_create_tpmca.test
index 372b371..8dd58cf 100755
--- a/tests/test_tpm2_samples_create_tpmca.test
+++ b/tests/test_tpm2_samples_create_tpmca.test
@@ -65,25 +65,25 @@
function cleanup()
{
if [ -n "${PID}" ]; then
- echo "y" | tpm2_ptool destroy ${PID} &>/dev/null
+ echo "y" | tpm2_ptool destroy "${PID}" &>/dev/null
fi
if [ -n "${TPM2_ABRMD_PID}" ]; then
- kill_quiet -9 ${TPM2_ABRMD_PID}
+ kill_quiet -9 "${TPM2_ABRMD_PID}"
fi
if [ -n "${SWTPM_PID}" ]; then
- kill_quiet -9 ${SWTPM_PID}
+ kill_quiet -9 "${SWTPM_PID}"
fi
if [ -n "${BASH_PID}" ]; then
- kill_quiet -9 ${BASH_PID}
+ kill_quiet -9 "${BASH_PID}"
fi
if [ -n "${NCAT_PID}" ]; then
- kill_quiet -9 ${NCAT_PID}
+ kill_quiet -9 "${NCAT_PID}"
fi
rm -rf "${workdir}"
}
trap "cleanup" SIGTERM EXIT
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
PATH=${ROOT}/src/swtpm_bios:${ROOT}/src/swtpm_cert:${PATH}
@@ -102,22 +102,20 @@
create_certs_tool_options=/dev/null
_EOF_
- $SWTPM_SETUP \
+ if ! ${SWTPM_SETUP} \
--tpm-state "${workdir}" \
--logfile "${workdir}/logfile" \
--config "${workdir}/swtpm_setup.conf" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}" \
--swtpm_ioctl "${SWTPM_IOCTL}" \
- --tpm2 > /dev/null
-
- if [ $? -ne 0 ]; then
+ --tpm2 > /dev/null; then
echo "Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
- SWTPM_SERVER_NO_DISCONNECT=1 run_swtpm ${SWTPM_INTERFACE} \
+ SWTPM_SERVER_NO_DISCONNECT=1 run_swtpm "${SWTPM_INTERFACE}" \
--tpm2 \
--flags not-need-init \
--tpmstate "dir=${workdir}" \
@@ -130,13 +128,12 @@
exit 1
fi
NCAT_PID=$!
- kill_quiet -0 ${NCAT_PID}
- if [ $? -ne 0 ]; then
+ if ! kill_quiet -0 ${NCAT_PID}; then
echo "ncat must have terminated"
exit 1
fi
- bash -c "tpm2-abrmd --tcti=mssim:host=127.0.0.1,port=${SWTPM_SERVER_PORT} --allow-root & echo \$! > "${TPM2_ABRMD_PIDFILE}"; wait" &
+ bash -c "tpm2-abrmd --tcti=mssim:host=127.0.0.1,port=${SWTPM_SERVER_PORT} --allow-root & echo \$! > \"${TPM2_ABRMD_PIDFILE}\"; wait" &
BASH_PID=$!
if wait_for_file "${TPM2_ABRMD_PIDFILE}" 3; then
@@ -145,14 +142,12 @@
fi
TPM2_ABRMD_PID=$(cat "${TPM2_ABRMD_PIDFILE}")
- kill_quiet -0 "${TPM2_ABRMD_PID}"
- if [ $? -ne 0 ]; then
+ if ! kill_quiet -0 "${TPM2_ABRMD_PID}"; then
echo "Error: tpm2-abrmd with pid ${TPM2_ABRMD_PID} must have terminated"
exit 1
fi
- tmp="$(tpm2_ptool init 2>&1)"
- if [ $? -ne 0 ]; then
+ if ! tmp="$(tpm2_ptool init 2>&1)"; then
echo "tpm2_ptool init failed:"
echo "${tmp}"
exit 1
@@ -164,15 +159,13 @@
exit 1
fi
- tmp="$(SWTPM_PKCS11_PIN="mypin 123" SWTPM_PKCS11_SO_PIN="123" ${SWTPM_CREATE_TPMCA} \
+ if ! tmp="$(SWTPM_PKCS11_PIN="mypin 123" SWTPM_PKCS11_SO_PIN="123" ${SWTPM_CREATE_TPMCA} \
--dir "${SWTPM_LOCALCA_DIR}" \
--overwrite \
--outfile "${SWTPM_LOCALCA_CONF}" \
--group tss \
--tpm2 \
- --pid "${PID}" 2>&1)"
-
- if [ $? -ne 0 ]; then
+ --pid "${PID}" 2>&1)"; then
echo "Error: Could not create TPM CA"
echo "${tmp}"
exit 1
@@ -197,14 +190,14 @@
"^SWTPM_PKCS11_PIN = mypin 123"; do
if [ -n "${regex}" ] && \
[ -z "$(grep -E "${regex}" "${SWTPM_LOCALCA_CONF}")" ]; then
- echo "Error: Could not find regex '${line}' in CA config file."
+ echo "Error: Could not find regex '${regex}' in CA config file."
cat "${SWTPM_LOCALCA_CONF}"
exit 1
fi
done
params=""
- if [ ${vtpm_is_tpm2} -ne 0 ]; then
+ if [ "${vtpm_is_tpm2}" -ne 0 ]; then
params="--tpm2"
skip=0
else
@@ -212,7 +205,7 @@
fi
# make sure we can actually sign with this new certificate
- ${SWTPM_LOCALCA} \
+ if ! ${SWTPM_LOCALCA} \
--type ek \
--ek x=739192d8f1004283957a7b1568d610b41c637ccc114aadcac4908c20456468fa,y=59f63ac06f8011f6fdd1460c6bc8e3e0a2d090d4fc188c7e04870e06795ce8ae \
--dir "${workdir}" --vmid test \
@@ -220,8 +213,7 @@
--tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 00 \
--tpm-model swtpm --tpm-version 20170101 --tpm-manufacturer IBM \
--configfile "${SWTPM_LOCALCA_CONF}" \
- --optsfile /dev/null
- if [ $? -ne 0 ]; then
+ --optsfile /dev/null; then
echo "Error: The CA could not sign with the new certificate"
exit 1
fi
@@ -230,7 +222,7 @@
exit 1
fi
# cert was for example 541 bytes long
- if [ $(get_filesize "${workdir}/ek.cert") -lt 500 ]; then
+ if [ "$(get_filesize "${workdir}/ek.cert")" -lt 500 ]; then
echo "Error: The certificate's size is dubious"
ls -l "${workdir}/ek.cert"
exit 1
@@ -246,7 +238,7 @@
'^[[:space:]]+Certificate Authority \(CA\): FALSE$'
'^[[:space:]]+Unknown extension 2.5.29.9 \(not critical\):$'
'^[[:space:]]+Hexdump: 3019301706056781050210310e300c0c03322e3002010002020092$')
- if [ ${vtpm_is_tpm2} -ne 0 ]; then
+ if [ "${vtpm_is_tpm2}" -ne 0 ]; then
# TPM 2.0; due to ecc: Key agreement
regexs+=('^[[:space:]]+Key agreement\.$'
'^[[:space:]]+Signature Algorithm: RSA-SHA256$')
@@ -272,8 +264,7 @@
NCAT_PID=""
# Shut down TPM
- run_swtpm_ioctl "${SWTPM_INTERFACE}" -s
- if [ $? -ne 0 ]; then
+ if ! run_swtpm_ioctl "${SWTPM_INTERFACE}" -s; then
echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
exit 1
fi
diff --git a/tests/test_tpm2_save_load_encrypted_state b/tests/test_tpm2_save_load_encrypted_state
index beaa593..d7b3d9e 100755
--- a/tests/test_tpm2_save_load_encrypted_state
+++ b/tests/test_tpm2_save_load_encrypted_state
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_save_load_state b/tests/test_tpm2_save_load_state
index 2e96ea7..9b361d9 100755
--- a/tests/test_tpm2_save_load_state
+++ b/tests/test_tpm2_save_load_state
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_save_load_state_2 b/tests/test_tpm2_save_load_state_2
index 26b1705..0eecab8 100755
--- a/tests/test_tpm2_save_load_state_2
+++ b/tests/test_tpm2_save_load_state_2
@@ -3,7 +3,7 @@
# For the license, see the LICENSE file in the root directory.
#set -x
-if [ ${SWTPM_TEST_IBMTSS2:-0} -eq 0 ]; then
+if [ "${SWTPM_TEST_IBMTSS2:-0}" -eq 0 ]; then
echo "SWTPM_TEST_IBMTSS2 must be set to run this test."
exit 77
fi
@@ -17,7 +17,7 @@
echo "Could not find TPM2 tools (e.g., (tss)startup, (tss)nvdefinespace) in PATH."
exit 77
fi
-TOOLSPATH=$(dirname $(type -P ${PREFIX}startup))
+TOOLSPATH=$(dirname "$(type -P "${PREFIX}startup")")
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
@@ -28,8 +28,6 @@
TPMDIR="$(mktemp -d)" || exit 1
PID_FILE=$TPMDIR/${SWTPM}.pid
SOCK_PATH=$TPMDIR/sock
-CMD_PATH=$TPMDIR/cmd
-RESP_PATH=$TPMDIR/resp
LOGFILE=$TPMDIR/logfile
TMPFILE=$TPMDIR/tmpfile
BINFILE=$TPMDIR/binfile
@@ -37,13 +35,13 @@
STATEFILE=${STATEFILE:-$TPMDIR/state}
STORE_PARAM="dir=$TPMDIR"
-if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then
+if [ "${SWTPM_TEST_LINEAR_FILE:-0}" -ne 0 ]; then
echo "Testing with linear file backend ($STATEFILE)"
STORE_PARAM="backend-uri=file://$STATEFILE"
fi
-source ${TESTDIR}/test_common
-source ${TESTDIR}/common
+source "${TESTDIR}/test_common"
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
@@ -51,11 +49,11 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
# remove files from tss tools
rm -f h01*.bin nvp*.bin
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
@@ -71,31 +69,31 @@
local i sz
- if [ $create -eq 1 ]; then
+ if [ "$create" -eq 1 ]; then
# Fill up the NVRAM space with RSA 2048 keys;
# exactly 65 have to fit
- ${TOOLSPATH}/${PREFIX}createprimary -hi o -si > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}createprimary" -hi o -si > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: createprimary failed."
exit 1
fi
- if [ -z "$(grep 80000000 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000000 "$TMPFILE")" ]; then
echo "Error: createprimary did not result in expected handle 80000000"
exit 1
fi
for ((i = 0x81000000; i < 0x81000100; i++)); do
- ${TOOLSPATH}/${PREFIX}evictcontrol \
+ "${TOOLSPATH}/${PREFIX}evictcontrol" \
-hi o \
-ho 80000000 \
- -hp $(printf "%x" $i) &>$TMPFILE || break
+ -hp "$(printf "%x" "$i")" &>"$TMPFILE" || break
done
- ${TOOLSPATH}/${PREFIX}getcapability -cap 1 -pr 81000000 -pc 80 > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}getcapability" -cap 1 -pr 81000000 -pc 80 > "$TMPFILE"
# We need know we need to see '65 Handles' for state created with
# libtpms-0.6.0 and 128kb NVRAM size
- grep -i "65 Handles" $TMPFILE
+ grep -i "65 Handles" "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: Did not find '65 Handles' keyword in output"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
@@ -103,26 +101,26 @@
# we now have to find;
# for reference: libtpms v0.6.0 allowed 236 bytes
for ((sz = 0; ; sz++)); do
- ${TOOLSPATH}/${PREFIX}nvdefinespace \
+ "${TOOLSPATH}/${PREFIX}nvdefinespace" \
-hi o \
-ha 01000000 \
- -sz ${sz} > ${TMPFILE} || break
+ -sz "${sz}" > "${TMPFILE}" || break
# this worked, so lets remove it and try the next size
#echo "NVRAM space of size $sz could be created"
- ${TOOLSPATH}/${PREFIX}nvundefinespace \
+ "${TOOLSPATH}/${PREFIX}nvundefinespace" \
-hi o \
- -ha 01000000 > ${TMPFILE}
+ -ha 01000000 > "${TMPFILE}"
done
- if [ $sz -gt 0 ]; then
+ if [ "$sz" -gt 0 ]; then
sz=$((sz - 1))
echo "Creating final space of size ${sz}"
- ${TOOLSPATH}/${PREFIX}nvdefinespace \
+ "${TOOLSPATH}/${PREFIX}nvdefinespace" \
-hi o \
-ha 01000000 \
- -sz ${sz} > ${TMPFILE}
+ -sz ${sz} > "${TMPFILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not create final NVRAM space."
- cat ${TMPFILE}
+ cat "${TMPFILE}"
exit 1
fi
fi
@@ -139,38 +137,38 @@
echo "The NVRAM index is exactly of the right size (236 bytes)."
fi
- echo -n "123" > $BINFILE
- ${TOOLSPATH}/${PREFIX}sign \
+ echo -n "123" > "$BINFILE"
+ "${TOOLSPATH}/${PREFIX}sign" \
-hk 81000000 \
- -if ${BINFILE} \
- -os ${SIGFILE} > $TMPFILE
+ -if "${BINFILE}" \
+ -os "${SIGFILE}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: Could not create signature."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
fi
- if [ $check -eq 1 ]; then
- ${TOOLSPATH}/${PREFIX}getcapability -cap 1 -pr 81000000 -pc 80 > $TMPFILE
+ if [ "$check" -eq 1 ]; then
+ "${TOOLSPATH}/${PREFIX}getcapability" -cap 1 -pr 81000000 -pc 80 > "$TMPFILE"
# We need know we need to see '65 Handles' for state created with
# libtpms-0.6.0 and 128kb NVRAM size
- grep -i "65 Handles" $TMPFILE
+ grep -i "65 Handles" "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: Did not find '65 Handles' keyword in output"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
printf "Verifying signature with all the persisted keys\n"
- echo -n "123" > $BINFILE
+ echo -n "123" > "$BINFILE"
for ((i = 0x81000000; i < 0x81000040; i++)); do
- ${TOOLSPATH}/${PREFIX}verifysignature \
- -hk $(printf "%x" $i) \
- -is ${SIGFILE} \
- -if ${BINFILE} > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}verifysignature" \
+ -hk "$(printf "%x" "$i")" \
+ -is "${SIGFILE}" \
+ -if "${BINFILE}" > "$TMPFILE"
if [ $? -ne 0 ]; then
- echo "Verifying signature failed for handle $(printf "%x" $i)."
+ echo "Verifying signature failed for handle $(printf "%x" "$i")."
exit 1
fi
done
@@ -185,29 +183,29 @@
export TPM_SESSION_ENCKEY="807e2bfe898ddaed8fa6310e716a24dc" # for sessions
$SWTPM_EXE socket \
- --server port=${TPM_COMMAND_PORT} \
- --tpmstate $STORE_PARAM \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --server "port=${TPM_COMMAND_PORT}" \
+ --tpmstate "$STORE_PARAM" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (1) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
exit 1
@@ -216,18 +214,18 @@
fillup_nvram 1 1
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: swtpm did not shut down"
exit 1
fi
-echo "============================" >> $LOGFILE
+echo "============================" >> "$LOGFILE"
echo "TPM was shut down"
@@ -239,113 +237,113 @@
# Run TPM2 with the created state and verify it's the same
$SWTPM_EXE socket \
- --server port=${TPM_COMMAND_PORT} \
- --tpmstate $STORE_PARAM \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --server "port=${TPM_COMMAND_PORT}" \
+ --tpmstate "$STORE_PARAM" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (2) Socket TPM did not write pidfile."
exit 1
fi
echo "TPM re-started"
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
fillup_nvram 0 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-echo "============================" >> $LOGFILE
+echo "============================" >> "$LOGFILE"
echo "TPM was shut down"
#################################################################
# Run TPM2 with previously saved state and verify it's the same
-if [ ${SWTPM_TEST_LINEAR_FILE:-0} -ne 0 ]; then
+if [ "${SWTPM_TEST_LINEAR_FILE:-0}" -ne 0 ]; then
echo "Test 1 OK (skipped last with linear file)"
exit 0
fi
-rm -f $TPMDIR/*
-cp -f ${TESTDIR}/data/tpm2state5/tpm2-00.permall $TPMDIR/tpm2-00.permall
-cp ${TESTDIR}/data/tpm2state5/signature.bin $SIGFILE
+rm -f "$TPMDIR"/*
+cp -f "${TESTDIR}/data/tpm2state5/tpm2-00.permall" "$TPMDIR/tpm2-00.permall"
+cp "${TESTDIR}/data/tpm2state5/signature.bin" "$SIGFILE"
$SWTPM_EXE socket \
- --server port=${TPM_COMMAND_PORT} \
- --tpmstate $STORE_PARAM \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --server "port=${TPM_COMMAND_PORT}" \
+ --tpmstate "$STORE_PARAM" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
echo "TPM started with previously generated state"
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
fillup_nvram 0 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
diff --git a/tests/test_tpm2_save_load_state_2_block b/tests/test_tpm2_save_load_state_2_block
index 3e2b543..b596c85 100755
--- a/tests/test_tpm2_save_load_state_2_block
+++ b/tests/test_tpm2_save_load_state_2_block
@@ -17,9 +17,9 @@
trap "cleanup" SIGTERM EXIT
function cleanup()
{
- rm -rf $STATEDIR
+ rm -rf "$STATEDIR"
if [ -n "$STATEFILE" ]; then
- losetup -d $STATEFILE
+ losetup -d "$STATEFILE"
fi
}
@@ -41,11 +41,11 @@
# allocate 4 MiB file
fallocate --posix -l $((4 * 1024 * 1024)) "$STATEIMG"
# and loop mount it
-STATEFILE=$(losetup --show -f $STATEIMG)
+STATEFILE=$(losetup --show -f "$STATEIMG")
export SWTPM_TEST_LINEAR_FILE=1
export TPM_COMMAND_PORT=65462
export STATEFILE
# don't exec so cleanup will remove the loop device
-$(dirname $0)/test_tpm2_save_load_state_2
+"$(dirname "$0")/test_tpm2_save_load_state_2"
diff --git a/tests/test_tpm2_save_load_state_2_linear b/tests/test_tpm2_save_load_state_2_linear
index 23e085e..ce02205 100755
--- a/tests/test_tpm2_save_load_state_2_linear
+++ b/tests/test_tpm2_save_load_state_2_linear
@@ -2,4 +2,4 @@
export SWTPM_TEST_LINEAR_FILE=1
export TPM_COMMAND_PORT=65461
-exec $(dirname $0)/test_tpm2_save_load_state_2
+exec "$(dirname "$0")/test_tpm2_save_load_state_2"
diff --git a/tests/test_tpm2_save_load_state_3 b/tests/test_tpm2_save_load_state_3
index 42ba8d6..637f902 100755
--- a/tests/test_tpm2_save_load_state_3
+++ b/tests/test_tpm2_save_load_state_3
@@ -3,7 +3,7 @@
# For the license, see the LICENSE file in the root directory.
#set -x
-if [ ${SWTPM_TEST_IBMTSS2:-0} -eq 0 ]; then
+if [ "${SWTPM_TEST_IBMTSS2:-0}" -eq 0 ]; then
echo "SWTPM_TEST_IBMTSS2 must be set to run this test."
exit 77
fi
@@ -17,7 +17,7 @@
echo "Could not find TPM2 tools (e.g., (tss)startup, (tss)nvdefinespace) in PATH."
exit 77
fi
-TOOLSPATH=$(dirname $(type -P ${PREFIX}startup))
+TOOLSPATH=$(dirname "$(type -P ${PREFIX}startup)")
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
@@ -28,10 +28,7 @@
TPMDIR="$(mktemp -d)" || exit 1
PID_FILE=$TPMDIR/${SWTPM}.pid
SOCK_PATH=$TPMDIR/sock
-CMD_PATH=$TPMDIR/cmd
-RESP_PATH=$TPMDIR/resp
LOGFILE=$TPMDIR/logfile
-VOLATILESTATE=$TPMDIR/volatile
TMPFILE=$TPMDIR/tmpfile
BINFILE=$TPMDIR/binfile
SIGFILE=$TPMDIR/sigfile
@@ -44,8 +41,8 @@
HKEYPRIV=${TESTDIR}/data/tpm2state3/hkey.priv
HKEYPUB=${TESTDIR}/data/tpm2state3/hkey.pub
-source ${TESTDIR}/test_common
-source ${TESTDIR}/common
+source "${TESTDIR}/test_common"
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
@@ -53,11 +50,11 @@
function cleanup()
{
- rm -rf $TPMDIR
+ rm -rf "$TPMDIR"
# remove files from tss tools
rm -f h01*.bin nvp*.bin
if [ -n "$PID" ]; then
- kill_quiet -SIGTERM $PID 2>/dev/null
+ kill_quiet -SIGTERM "$PID" 2>/dev/null
fi
}
@@ -68,31 +65,31 @@
local i res rc act exp ody
- if [ $create -eq 1 ]; then
+ if [ "$create" -eq 1 ]; then
# the 1st and 2nd spaces are 'orderly' and will be cleared by reset
ody="+at ody"
for ((i=0; i < 10; i++)); do
- printf "Creating NVRAM location 01%06x\n" $i
+ printf "Creating NVRAM location 01%06x\n" "$i"
# the '+at wd' allows us to only write once
- ${TOOLSPATH}/${PREFIX}nvdefinespace \
- -ha $(printf "01%06x" $i) \
+ "${TOOLSPATH}/${PREFIX}nvdefinespace" \
+ -ha "$(printf "01%06x" "$i")" \
-sz $((100 + i * 10)) \
-pwdn nnn \
+at wst \
+at wd \
- $ody \
+ ${ody:+${ody}} \
-hi o >/dev/null
if [ $? -ne 0 ]; then
echo "Error: nvdefinespace failed for i = $i."
exit 1
fi
- if [ $i -eq 1 ]; then
+ if [ "$i" -eq 1 ]; then
ody=""
fi
- ${TOOLSPATH}/${PREFIX}nvwrite \
- -ha $(printf "01%06x" $i) \
+ "${TOOLSPATH}/${PREFIX}nvwrite" \
+ -ha "$(printf "01%06x" "$i")" \
-ic "Hello TPM2" \
-pwdn nnn
if [ $? -ne 0 ]; then
@@ -100,8 +97,8 @@
exit 1
fi
- ${TOOLSPATH}/${PREFIX}nvwritelock \
- -ha $(printf "01%06x" $i) \
+ "${TOOLSPATH}/${PREFIX}nvwritelock" \
+ -ha "$(printf "01%06x" "$i")" \
-pwdn nnn
if [ $? -ne 0 ]; then
echo "Error: nwritelock failed for i = $i."
@@ -111,7 +108,7 @@
# Create a counter space
echo "Creating NVRAM location 01000010 for counter"
- ${TOOLSPATH}/${PREFIX}nvdefinespace \
+ "${TOOLSPATH}/${PREFIX}nvdefinespace" \
-hi o \
-ha 01000010 \
-pwdn nnn \
@@ -122,7 +119,7 @@
fi
echo "Incrementing the counter at location 01000010"
- ${TOOLSPATH}/${PREFIX}nvincrement \
+ "${TOOLSPATH}/${PREFIX}nvincrement" \
-ha 01000010 \
-pwdn nnn >/dev/null
if [ $? -ne 0 ]; then
@@ -131,56 +128,55 @@
fi
fi
- if [ $check -eq 1 ]; then
+ if [ "$check" -eq 1 ]; then
local last=0
- if [ $create -eq 0 ]; then
+ if [ "$create" -eq 0 ]; then
last=2
fi
# The orderly indices must not be readable UNLESS they were just
# created. In the latter case we skip this first loop here.
for ((i=0; i < last; i++)); do
- printf "Checking orderly NVRAM location 01%06x after reset\n" $i
- ${TOOLSPATH}/${PREFIX}nvread \
- -ha $(printf "01%06x" $i) \
+ printf "Checking orderly NVRAM location 01%06x after reset\n" "$i"
+ "${TOOLSPATH}/${PREFIX}nvread" \
+ -ha "$(printf "01%06x" "$i")" \
-pwdn nnn \
- -sz 10 > $TMPFILE
+ -sz 10 > "$TMPFILE"
if [ $? -eq 0 ]; then
echo "Error: nvread succeeded for orderly NVRAM index; i = $i"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
done
# test the non-orderly indices OR orderly we just created above
for ((i=last; i < 10; i++)); do
- printf "Checking NVRAM location 01%06x\n" $i
- ${TOOLSPATH}/${PREFIX}nvread \
- -ha $(printf "01%06x" $i) \
+ printf "Checking NVRAM location 01%06x\n" "$i"
+ "${TOOLSPATH}/${PREFIX}nvread" \
+ -ha "$(printf "01%06x" "$i")" \
-pwdn nnn \
- -sz 10 > $TMPFILE
+ -sz 10 > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: nvread failed for i = $i"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
# we want one line with xdigits and spaces
- res=$(cat $TMPFILE | \
- grep -E "^[ [:xdigit:]]+$" |
+ res=$(grep -E "^[ [:xdigit:]]+$" < "$TMPFILE" |
wc -l)
- if [ $res -ne 1 ]; then
+ if [ "$res" -ne 1 ]; then
echo "Error: nvread did not show expected results"
- cat $TMPFILE
+ cat "$TMPFILE"
fi
- ${TOOLSPATH}/${PREFIX}nvwrite \
- -ha $(printf "01%06x" $i) \
+ "${TOOLSPATH}/${PREFIX}nvwrite" \
+ -ha "$(printf "01%06x" "$i")" \
-ic "Hello TPM2" \
- -pwdn nnn > $TMPFILE
+ -pwdn nnn > "$TMPFILE"
rc=$?
- if [ $rc -eq 0 ]; then
+ if [ "$rc" -eq 0 ]; then
echo "Error: nwrite succeeded for i = $i."
exit 1
fi
@@ -188,18 +184,18 @@
# Read the counter
echo "Checking counter value at location 01000010"
- ${TOOLSPATH}/${PREFIX}nvread \
+ "${TOOLSPATH}/${PREFIX}nvread" \
-ha 01000010 \
-pwdn nnn \
-sz 8 \
- -of $BINFILE > $TMPFILE
+ -of "$BINFILE" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: nvread of counter failed."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
exp=' 00 00 00 00 00 00 00 01'
- act="$(od -t x1 -A n < $BINFILE)"
+ act="$(od -t x1 -A n < "$BINFILE")"
if [ "$act" != "$exp" ]; then
echo "Error: Counter has unexpected value."
echo " expected: $exp"
@@ -218,51 +214,51 @@
local i res rc
- if [ $create -eq 1 ]; then
+ if [ "$create" -eq 1 ]; then
# Create a permanent primary key that we expecte
# to again see after the TPM has been restarted
- ${TOOLSPATH}/${PREFIX}createprimary -hi o -si > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}createprimary" -hi o -si > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: createprimary failed."
exit 1
fi
- if [ -z "$(grep 80000000 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000000 "$TMPFILE")" ]; then
echo "Error: createprimary did not result in expected handle 80000000"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}evictcontrol -ho 80000000 -hp 81000000 -hi o
+ "${TOOLSPATH}/${PREFIX}evictcontrol" -ho 80000000 -hp 81000000 -hi o
if [ $? -ne 0 ]; then
echo "Error: evictcontrol did not work"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}flushcontext -ha 80000000
+ "${TOOLSPATH}/${PREFIX}flushcontext" -ha 80000000
- echo -n "123" > $BINFILE
- ${TOOLSPATH}/${PREFIX}sign -hk 81000000 -if ${BINFILE} -os ${SIGFILE} > $TMPFILE
+ echo -n "123" > "$BINFILE"
+ "${TOOLSPATH}/${PREFIX}sign" -hk 81000000 -if "${BINFILE}" -os "${SIGFILE}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: Could not create signature."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
fi
- if [ $check -eq 1 ]; then
+ if [ "$check" -eq 1 ]; then
printf "Checking availability of key with perm. handle 0x81000000\n"
- ${TOOLSPATH}/${PREFIX}getcapability -cap 1 -pr 0x81000000 >$TMPFILE
- if [ -z "$(grep 81000000 $TMPFILE)" ]; then
+ "${TOOLSPATH}/${PREFIX}getcapability" -cap 1 -pr 0x81000000 >"$TMPFILE"
+ if [ -z "$(grep 81000000 "$TMPFILE")" ]; then
echo "Could not find key with permanent handle 0x81000000"
exit 1
fi
printf "Verifying signature with this key\n"
- echo -n "123" > $BINFILE
- if [ $previousstate -eq 0 ]; then
- ${TOOLSPATH}/${PREFIX}verifysignature -hk 81000000 \
- -is ${SIGFILE} \
- -if ${BINFILE} > $TMPFILE
+ echo -n "123" > "$BINFILE"
+ if [ "$previousstate" -eq 0 ]; then
+ "${TOOLSPATH}/${PREFIX}verifysignature" -hk 81000000 \
+ -is "${SIGFILE}" \
+ -if "${BINFILE}" > "$TMPFILE"
else
- ${TOOLSPATH}/${PREFIX}verifysignature -hk 81000000 \
- -is ${TESTDIR}/data/tpm2state3/signature.bin \
- -if ${BINFILE} > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}verifysignature" -hk 81000000 \
+ -is "${TESTDIR}/data/tpm2state3/signature.bin" \
+ -if "${BINFILE}" > "$TMPFILE"
fi
if [ $? -ne 0 ]; then
echo "Verifying signature failed."
@@ -280,44 +276,44 @@
local i res rc ha
- if [ -z "$($TOOLSPATH/${PREFIX}pcrallocate | grep sha512)" ]; then
+ if [ -z "$("$TOOLSPATH/${PREFIX}pcrallocate" | grep sha512)" ]; then
echo " Skipping PCR Allocate test since it does not support sha512"
return 0
fi
- if [ $create -eq 1 ]; then
+ if [ "$create" -eq 1 ]; then
echo "Allocating SHA256 PCR bank"
- ${TOOLSPATH}/${PREFIX}pcrallocate -sha512 +sha256
+ "${TOOLSPATH}/${PREFIX}pcrallocate" -sha512 +sha256
for ((ha = 0; ha < 24; ha++)); do
- ${TOOLSPATH}/${PREFIX}pcrread -ha ${ha} -halg sha512 > $TMPFILE
- if [ -z "$(grep "^count 1.*$" $TMPFILE)" ]; then
+ "${TOOLSPATH}/${PREFIX}pcrread" -ha "${ha}" -halg sha512 > "$TMPFILE"
+ if [ -z "$(grep "^count 1.*$" "$TMPFILE")" ]; then
echo "Error: PCR ${ha} in SHA512 bank should be available for read before reboot"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}pcrread -ha ${ha} -halg sha256 > $TMPFILE
- if [ -z "$(grep "^count 1.*$" $TMPFILE)" ]; then
+ "${TOOLSPATH}/${PREFIX}pcrread" -ha "${ha}" -halg sha256 > "$TMPFILE"
+ if [ -z "$(grep "^count 1.*$" "$TMPFILE")" ]; then
echo "Error: PCR ${ha} in SHA256 bank should be available for read before reboot"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
done
fi
- if [ $check -eq 1 ]; then
+ if [ "$check" -eq 1 ]; then
echo "Checking the PCR Allocation"
for ((ha = 0; ha < 24; ha++)); do
- ${TOOLSPATH}/${PREFIX}pcrread -ha ${ha} -halg sha512 > $TMPFILE
- if [ -z "$(grep "^count 0.*$" $TMPFILE)" ]; then
+ "${TOOLSPATH}/${PREFIX}pcrread" -ha "${ha}" -halg sha512 > "$TMPFILE"
+ if [ -z "$(grep "^count 0.*$" "$TMPFILE")" ]; then
echo "Error: PCR ${ha} in SHA512 bank should be unavailable for read after reboot"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}pcrread -ha ${ha} -halg sha256 > $TMPFILE
- if [ -z "$(grep "^count 1.*$" $TMPFILE)" ]; then
+ "${TOOLSPATH}/${PREFIX}pcrread" -ha "${ha}" -halg sha256 > "$TMPFILE"
+ if [ -z "$(grep "^count 1.*$" "$TMPFILE")" ]; then
echo "Error: PCR ${ha} in SHA256 bank should be available for read after reboot"
exit 1
fi
@@ -332,47 +328,47 @@
local hi pwdn pwda
- if [ $create -eq 1 ]; then
+ if [ "$create" -eq 1 ]; then
echo "Setting hierarchy passwords"
# Change the hierarchy password; the 'p' hierarchy has
# no effect on permanent RAM, so we won't test that
for hi in "l" "e" "o"; do
pwdn="${hi}${hi}${hi}"
- ${TOOLSPATH}/${PREFIX}hierarchychangeauth \
- -hi ${hi} \
- -pwdn ${pwdn} > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}hierarchychangeauth" \
+ -hi "${hi}" \
+ -pwdn "${pwdn}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: hierarchychangeauth failed to set password."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
done
fi
- if [ $check -eq 1 ]; then
+ if [ "$check" -eq 1 ]; then
echo "Checking previously set hierarchy passwords"
for hi in "l" "e" "o"; do
pwda="${hi}${hi}${hi}"
pwdn="new-${pwda}"
- ${TOOLSPATH}/${PREFIX}hierarchychangeauth \
- -hi ${hi} \
- -pwda ${pwda} \
- -pwdn ${pwdn} > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}hierarchychangeauth" \
+ -hi "${hi}" \
+ -pwda "${pwda}" \
+ -pwdn "${pwdn}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: hierarchychangeauth failed to change password."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
# change back
- ${TOOLSPATH}/${PREFIX}hierarchychangeauth \
- -hi ${hi} \
- -pwda ${pwdn} \
- -pwdn ${pwda} > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}hierarchychangeauth" \
+ -hi "${hi}" \
+ -pwda "${pwdn}" \
+ -pwdn "${pwda}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: hierarchychangeauth failed to change back password."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
done
@@ -384,23 +380,23 @@
local create="$1"
local check="$2"
- local res tmpfile
+ local res
- if [ $create -eq 1 ]; then
- echo -n "123" > ${TMP2FILE}
+ if [ "$create" -eq 1 ]; then
+ echo -n "123" > "${TMP2FILE}"
echo "Starting a sha1 sequence"
- res="$(${TOOLSPATH}/${PREFIX}hashsequencestart -halg sha1)"
+ res="$("${TOOLSPATH}/${PREFIX}hashsequencestart" -halg sha1)"
if [ $? -ne 0 ]; then
echo "Error: Could not start hash sequence."
exit 1
fi
- SHA1_SEQUENCE_HANDLE="$(echo $res | cut -d " " -f3)"
+ SHA1_SEQUENCE_HANDLE="$(echo "$res" | cut -d " " -f3)"
echo "sha1 sequence handle: $SHA1_SEQUENCE_HANDLE"
- ${TOOLSPATH}/${PREFIX}sequenceupdate \
- -hs ${SHA1_SEQUENCE_HANDLE} \
- -if ${TMP2FILE}
+ "${TOOLSPATH}/${PREFIX}sequenceupdate" \
+ -hs "${SHA1_SEQUENCE_HANDLE}" \
+ -if "${TMP2FILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not updated the sha1 sequence."
exit 1
@@ -408,17 +404,17 @@
echo "Updated sha1 sequence."
echo "Starting a sha256 sequence"
- res="$(${TOOLSPATH}/${PREFIX}hashsequencestart -halg sha256)"
+ res="$("${TOOLSPATH}/${PREFIX}hashsequencestart" -halg sha256)"
if [ $? -ne 0 ]; then
echo "Error: Could not start sha256 sequence."
exit 1
fi
- SHA256_SEQUENCE_HANDLE="$(echo $res | cut -d " " -f3)"
+ SHA256_SEQUENCE_HANDLE="$(echo "$res" | cut -d " " -f3)"
echo "sha256 sequence handle: $SHA256_SEQUENCE_HANDLE"
- ${TOOLSPATH}/${PREFIX}sequenceupdate \
- -hs ${SHA256_SEQUENCE_HANDLE} \
- -if ${TMP2FILE}
+ "${TOOLSPATH}/${PREFIX}sequenceupdate" \
+ -hs "${SHA256_SEQUENCE_HANDLE}" \
+ -if "${TMP2FILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not updated the hash sequence."
exit 1
@@ -426,17 +422,17 @@
echo "Updated sha256 sequence."
echo "Starting a sha384 sequence"
- res="$(${TOOLSPATH}/${PREFIX}hashsequencestart -halg sha384)"
+ res="$("${TOOLSPATH}/${PREFIX}hashsequencestart" -halg sha384)"
if [ $? -ne 0 ]; then
echo "Error: Could not start sha384 sequence."
exit 1
fi
- SHA384_SEQUENCE_HANDLE="$(echo $res | cut -d " " -f3)"
+ SHA384_SEQUENCE_HANDLE="$(echo "$res" | cut -d " " -f3)"
echo "sha384 sequence handle: $SHA384_SEQUENCE_HANDLE"
- ${TOOLSPATH}/${PREFIX}sequenceupdate \
- -hs ${SHA384_SEQUENCE_HANDLE} \
- -if ${TMP2FILE}
+ "${TOOLSPATH}/${PREFIX}sequenceupdate" \
+ -hs "${SHA384_SEQUENCE_HANDLE}" \
+ -if "${TMP2FILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not updated the hash sequence."
exit 1
@@ -444,14 +440,14 @@
echo "Updated sha384 sequence."
fi
- if [ $check -eq 1 ]; then
- echo -n "456" > ${TMP2FILE}
+ if [ "$check" -eq 1 ]; then
+ echo -n "456" > "${TMP2FILE}"
echo "Completing previously started sha1 sequence"
- touch $TPMDIR/h${SHA1_SEQUENCE_HANDLE}.bin
- res=$(${TOOLSPATH}/${PREFIX}sequencecomplete \
- -hs ${SHA1_SEQUENCE_HANDLE} \
- -if ${TMP2FILE} -v |
+ touch "$TPMDIR/h${SHA1_SEQUENCE_HANDLE}.bin"
+ res=$("${TOOLSPATH}/${PREFIX}sequencecomplete" \
+ -hs "${SHA1_SEQUENCE_HANDLE}" \
+ -if "${TMP2FILE}" -v |
tail -n 4 |
grep " 7c 4a 8d ")
if [ -z "$res" ]; then
@@ -460,10 +456,10 @@
fi
echo "Completing previously started sha256 sequence"
- touch $TPMDIR/h${SHA256_SEQUENCE_HANDLE}.bin
- res=$(${TOOLSPATH}/${PREFIX}sequencecomplete \
- -hs ${SHA256_SEQUENCE_HANDLE} \
- -if ${TMP2FILE} -v |
+ touch "$TPMDIR/h${SHA256_SEQUENCE_HANDLE}.bin"
+ res=$("${TOOLSPATH}/${PREFIX}sequencecomplete" \
+ -hs "${SHA256_SEQUENCE_HANDLE}" \
+ -if "${TMP2FILE}" -v |
tail -n 4 |
grep " 8d 96 9e ")
if [ -z "$res" ]; then
@@ -472,10 +468,10 @@
fi
echo "Completing previously started sha384 sequence"
- touch $TPMDIR/h${SHA384_SEQUENCE_HANDLE}.bin
- res=$(${TOOLSPATH}/${PREFIX}sequencecomplete \
- -hs ${SHA384_SEQUENCE_HANDLE} \
- -if ${TMP2FILE} -v |
+ touch "$TPMDIR/h${SHA384_SEQUENCE_HANDLE}.bin"
+ res=$("${TOOLSPATH}/${PREFIX}sequencecomplete" \
+ -hs "${SHA384_SEQUENCE_HANDLE}" \
+ -if "${TMP2FILE}" -v |
tail -n 4 |
grep " 0a 98 9e ")
if [ -z "$res" ]; then
@@ -495,45 +491,45 @@
local i res rc
- if [ $create -eq 1 ]; then
+ if [ "$create" -eq 1 ]; then
# Create a permanent primary key that we expecte
# to again see after the TPM has been restarted
- ${TOOLSPATH}/${PREFIX}createprimary -hi o -st > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}createprimary" -hi o -st > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: createprimary for creating storage key failed."
exit 1
fi
- if [ -z "$(grep 80000000 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000000 "$TMPFILE")" ]; then
echo "Error: createprimary did not result in expected handle 80000000"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}evictcontrol -ho 80000000 -hp 81000000 -hi o
+ "${TOOLSPATH}/${PREFIX}evictcontrol" -ho 80000000 -hp 81000000 -hi o
if [ $? -ne 0 ]; then
echo "Error: evictcontrol did not work"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}flushcontext -ha 80000000
+ "${TOOLSPATH}/${PREFIX}flushcontext" -ha 80000000
- ${TOOLSPATH}/${PREFIX}startauthsession -se h -bi 81000000 > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}startauthsession" -se h -bi 81000000 > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: Could not start an auth session."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
- AUTHSESSION_HANDLE=$(cat $TMPFILE | sed 's/Handle//')
+ AUTHSESSION_HANDLE=$(sed 's/Handle//' "$TMPFILE")
if [ -z "${AUTHSESSION_HANDLE}" ]; then
echo "Error: Could not get auth session handle."
exit 1
fi
fi
- if [ $check -eq 1 ]; then
+ if [ "$check" -eq 1 ]; then
echo "Using auth session ${AUTHSESSION_HANDLE} to create a key."
- ${TOOLSPATH}/${PREFIX}create \
+ "${TOOLSPATH}/${PREFIX}create" \
-hp 81000000 \
-st \
- -se0 ${AUTHSESSION_HANDLE} 1
+ -se0 "${AUTHSESSION_HANDLE}" 1
if [ $? -ne 0 ]; then
echo "Error: Could not create key using authsession"
exit 1
@@ -552,50 +548,50 @@
local i res rc
- if [ $create -eq 1 ]; then
- ${TOOLSPATH}/${PREFIX}createprimary -hi o -st > $TMPFILE
+ if [ "$create" -eq 1 ]; then
+ "${TOOLSPATH}/${PREFIX}createprimary" -hi o -st > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: createprimary failed."
exit 1
fi
- if [ -z "$(grep 80000000 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000000 "$TMPFILE")" ]; then
echo "Error: createprimary did not result in expected handle 80000000"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}create -hp 80000000 -kh \
- -opr ${HKEYPRIV} -opu ${HKEYPUB} > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}create" -hp 80000000 -kh \
+ -opr "${HKEYPRIV}" -opu "${HKEYPUB}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: could not create key for HMAC"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}load -hp 80000000 \
- -ipr ${HKEYPRIV} -ipu ${HKEYPUB} -v > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}load" -hp 80000000 \
+ -ipr "${HKEYPRIV}" -ipu "${HKEYPUB}" -v > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: could not load key for HMAC"
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
- if [ -z "$(grep 80000001 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000001 "$TMPFILE")" ]; then
echo "Error: load did not result in expected handle 80000001"
exit 1
fi
- ${TOOLSPATH}/${PREFIX}hmacstart -hk 80000001 > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}hmacstart" -hk 80000001 > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: could not start HMAC sequence"
exit 1
fi
- if [ -z "$(grep 80000002 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000002 "$TMPFILE")" ]; then
echo "Error: load did not result in expected handle 80000002"
exit 1
fi
- echo -n "123" > ${TMP2FILE}
- ${TOOLSPATH}/${PREFIX}sequenceupdate \
+ echo -n "123" > "${TMP2FILE}"
+ "${TOOLSPATH}/${PREFIX}sequenceupdate" \
-hs 80000002 \
- -if ${TMP2FILE}
+ -if "${TMP2FILE}"
if [ $? -ne 0 ]; then
echo "Error: Could not updated the HMAC sequence."
exit 1
@@ -603,18 +599,18 @@
echo "Updated HMAC sequence."
fi
- if [ $check -eq 1 ]; then
- echo -n "456" > ${TMP2FILE}
+ if [ "$check" -eq 1 ]; then
+ echo -n "456" > "${TMP2FILE}"
echo "Completing previously started HMAC sequence"
- touch $TPMDIR/h80000002.bin
- ${TOOLSPATH}/${PREFIX}sequencecomplete \
+ touch "$TPMDIR/h80000002.bin"
+ "${TOOLSPATH}/${PREFIX}sequencecomplete" \
-hs 80000002 \
- -if ${TMP2FILE} -v |
- tail -n 4 > ${TMPFILE}
- if [ -z "$(grep " 6e 40 33 1a " ${TMPFILE})" ]; then
+ -if "${TMP2FILE}" -v |
+ tail -n 4 > "${TMPFILE}"
+ if [ -z "$(grep " 6e 40 33 1a " "${TMPFILE}")" ]; then
echo "Error: Did not get expected result from completing HMAC sequence."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
fi
@@ -630,70 +626,70 @@
local i res rc
- if [ $create -eq 1 ]; then
+ if [ "$create" -eq 1 ]; then
# Create a permanent primary key that we expecte
# to again see after the TPM has been restarted
- ${TOOLSPATH}/${PREFIX}createprimary -hi o -si > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}createprimary" -hi o -si > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: createprimary failed."
exit 1
fi
- if [ -z "$(grep 80000000 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000000 "$TMPFILE")" ]; then
echo "Error: createprimary did not result in expected handle 80000000"
exit 1
fi
- echo -n "123" > $BINFILE
- ${TOOLSPATH}/${PREFIX}sign -hk 80000000 -if ${BINFILE} -os ${SIGFILE} > $TMPFILE
+ echo -n "123" > "$BINFILE"
+ "${TOOLSPATH}/${PREFIX}sign" -hk 80000000 -if "${BINFILE}" -os "${SIGFILE}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: Could not create signature."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
printf "Verifying signature with this key (create phase)\n"
- ${TOOLSPATH}/${PREFIX}verifysignature -hk 80000000 \
- -is ${SIGFILE} \
- -if ${BINFILE} > $TMPFILE
+ "${TOOLSPATH}/${PREFIX}verifysignature" -hk 80000000 \
+ -is "${SIGFILE}" \
+ -if "${BINFILE}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Verifying signature failed."
exit 1
fi
fi
- if [ $check -eq 1 ]; then
+ if [ "$check" -eq 1 ]; then
local sigfile=${SIGFILE} hash1 hash2
- if [ $previousstate -ne 0 ]; then
+ if [ "$previousstate" -ne 0 ]; then
sigfile=${TESTDIR}/data/tpm2state3d/signature2.bin
fi
printf "Checking availability of key with handle 0x80000000\n"
- ${TOOLSPATH}/${PREFIX}getcapability -cap 1 -pr 0x80000000 >$TMPFILE
- if [ -z "$(grep 80000000 $TMPFILE)" ]; then
+ "${TOOLSPATH}/${PREFIX}getcapability" -cap 1 -pr 0x80000000 > "$TMPFILE"
+ if [ -z "$(grep 80000000 "$TMPFILE")" ]; then
echo "Could not find key with handle 0x80000000"
exit 1
fi
printf "Verifying signature with this key (check phase)\n"
- echo -n "123" > $BINFILE
- ${TOOLSPATH}/${PREFIX}verifysignature -hk 80000000 \
- -is ${sigfile} \
- -if ${BINFILE} > $TMPFILE
+ echo -n "123" > "$BINFILE"
+ "${TOOLSPATH}/${PREFIX}verifysignature" -hk 80000000 \
+ -is "${sigfile}" \
+ -if "${BINFILE}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Verifying signature failed."
exit 1
fi
- if [ $previousstate -eq 0 ]; then
- ${TOOLSPATH}/${PREFIX}sign -hk 80000000 -if ${BINFILE} -os ${SIGFILE2} > $TMPFILE
+ if [ "$previousstate" -eq 0 ]; then
+ "${TOOLSPATH}/${PREFIX}sign" -hk 80000000 -if "${BINFILE}" -os "${SIGFILE2}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: Could not create signature."
- cat $TMPFILE
+ cat "$TMPFILE"
exit 1
fi
- hash1=$(get_sha1_file ${SIGFILE})
- hash2=$(get_sha1_file ${SIGFILE2})
+ hash1=$(get_sha1_file "${SIGFILE}")
+ hash2=$(get_sha1_file "${SIGFILE2}")
if [ "${hash1}" != "${hash2}" ]; then
echo "Error: hashes of signatures are different. Loaded key may be different."
exit 1
@@ -709,33 +705,33 @@
local create="$1"
local check="$2"
- if [ $create -eq 1 ]; then
- ${CERTTOOL} --generate-privkey --bits 2048 --outfile ${PRIVKEY} &>/dev/null
- ${CERTTOOL} --pubkey-info --load-privkey ${PRIVKEY} > ${PUBKEY}
- $TOOLSPATH/${PREFIX}loadexternal -hi o -ipem ${PUBKEY} > $TMPFILE
+ if [ "$create" -eq 1 ]; then
+ ${CERTTOOL} --generate-privkey --bits 2048 --outfile "${PRIVKEY}" &>/dev/null
+ ${CERTTOOL} --pubkey-info --load-privkey "${PRIVKEY}" > "${PUBKEY}"
+ "$TOOLSPATH/${PREFIX}loadexternal" -hi o -ipem "${PUBKEY}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: loadexternal failed."
exit 1
fi
- if [ -z "$(grep 80000001 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000001 "$TMPFILE")" ]; then
echo "Error: loadexternal did not result in expected handle 80000001"
exit 1
fi
fi
- if [ $check -eq 1 ]; then
- $TOOLSPATH/${PREFIX}contextsave -ha 80000001 -of ${PUBKEYCONTEXT}
+ if [ "$check" -eq 1 ]; then
+ "$TOOLSPATH/${PREFIX}contextsave" -ha 80000001 -of "${PUBKEYCONTEXT}"
if [ $? -ne 0 ]; then
echo "Error: contextsave on loaded public key failed."
exit 1
fi
- $TOOLSPATH/${PREFIX}flushcontext -ha 80000001
- $TOOLSPATH/${PREFIX}contextload -if ${PUBKEYCONTEXT} > $TMPFILE
+ "$TOOLSPATH/${PREFIX}flushcontext" -ha 80000001
+ "$TOOLSPATH/${PREFIX}contextload" -if "${PUBKEYCONTEXT}" > "$TMPFILE"
if [ $? -ne 0 ]; then
echo "Error: contextload on context of public key failed."
exit 1
fi
- if [ -z "$(grep 80000001 $TMPFILE)" ]; then
+ if [ -z "$(grep 80000001 "$TMPFILE")" ]; then
echo "Error: contextload did not result in expected handle 80000001"
exit 1
fi
@@ -751,28 +747,28 @@
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (1) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
exit 1
@@ -783,21 +779,21 @@
test_pcr_allocation 1 0 # can only check after reboot
test_hierarchy 1 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-echo "============================" >> $LOGFILE
+echo "============================" >> "$LOGFILE"
echo "TPM was shut down"
@@ -810,33 +806,33 @@
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (2) Socket TPM did not write pidfile."
exit 1
fi
echo "TPM re-started"
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
@@ -845,59 +841,59 @@
test_pcr_allocation 0 1
test_hierarchy 0 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
fi
-echo "============================" >> $LOGFILE
+echo "============================" >> "$LOGFILE"
echo "TPM was shut down"
#################################################################
# Run TPM2 with previously saved state and verify it's the same
-rm -f $TPMDIR/*
-cp -f ${TESTDIR}/data/tpm2state3/tpm2-00.permall $TPMDIR/tpm2-00.permall
+rm -f "$TPMDIR/"*
+cp -f "${TESTDIR}/data/tpm2state3/tpm2-00.permall" "$TPMDIR/tpm2-00.permall"
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
echo "TPM started with previously generated state"
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
@@ -906,15 +902,15 @@
test_pcr_allocation 0 1
test_hierarchy 0 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -928,56 +924,56 @@
#
#
-rm -f ${TPMDIR}/*
+rm -f "${TPMDIR}"/*
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
test_session 1 1
test_hash_context 1 0
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -v 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -v 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STORE_VOLATILE failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -994,24 +990,24 @@
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
- cat $LOGFILE
+ cat "$LOGFILE"
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
@@ -1019,15 +1015,15 @@
test_hash_context 0 1
test_session 0 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -1037,34 +1033,34 @@
# Run TPM2 with previously saved (volatile) state and verify it's
# working as well
-cp -f ${TESTDIR}/data/tpm2state3b/tpm2-00.permall $TPMDIR/tpm2-00.permall
-cp -f ${TESTDIR}/data/tpm2state3b/tpm2-00.volatilestate $TPMDIR/tpm2-00.volatilestate
-cp -f ${TESTDIR}/data/tpm2state3b/h02000000.bin $TPMDIR/h02000000.bin
-cp -f ${TESTDIR}/data/tpm2state3b/h81000000.bin $TPMDIR/h81000000.bin
+cp -f "${TESTDIR}/data/tpm2state3b/tpm2-00.permall" "$TPMDIR/tpm2-00.permall"
+cp -f "${TESTDIR}/data/tpm2state3b/tpm2-00.volatilestate" "$TPMDIR/tpm2-00.volatilestate"
+cp -f "${TESTDIR}/data/tpm2state3b/h02000000.bin" "$TPMDIR/h02000000.bin"
+cp -f "${TESTDIR}/data/tpm2state3b/h81000000.bin" "$TPMDIR/h81000000.bin"
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
echo "TPM started with previously generated state"
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
- tail -n 10 $LOGFILE
+ tail -n 10 "$LOGFILE"
exit 1
fi
@@ -1072,7 +1068,7 @@
test_session 0 1
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -1086,56 +1082,56 @@
#
#
-rm -f ${TPMDIR}/*
+rm -f "${TPMDIR}"/*
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# we only run this to generate the AES key which is different every time...
# test_hmac_context 1 0
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -v 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -v 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STORE_VOLATILE failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -1152,24 +1148,24 @@
#ls -l $TPMDIR
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
- cat $LOGFILE
+ cat "$LOGFILE"
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
@@ -1179,15 +1175,15 @@
# be different every time
# test_hmac_context 0 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -1197,29 +1193,29 @@
# Run TPM2 with previously saved (volatile) state and verify it's
# working as well
-cp -f ${TESTDIR}/data/tpm2state3c/tpm2-00.volatilestate $TPMDIR/tpm2-00.volatilestate
-cp -f ${TESTDIR}/data/tpm2state3c/tpm2-00.permall $TPMDIR/tpm2-00.permall
+cp -f "${TESTDIR}/data/tpm2state3c/tpm2-00.volatilestate" "$TPMDIR/tpm2-00.volatilestate"
+cp -f "${TESTDIR}/data/tpm2state3c/tpm2-00.permall" "$TPMDIR/tpm2-00.permall"
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
echo "TPM started with previously generated state"
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
@@ -1228,7 +1224,7 @@
test_hmac_context 0 1
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -1243,56 +1239,56 @@
#
#
-rm -f ${TPMDIR}/*
+rm -f "${TPMDIR}"/*
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}startup -c
+"${TOOLSPATH}/${PREFIX}startup" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_startup clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
test_primary_volatile_load 1 0 0
test_external_key 1 1
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -v 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -v 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_STORE_VOLATILE failed: $act"
exit 1
fi
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -1310,24 +1306,24 @@
#ls -l $TPMDIR
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
- cat $LOGFILE
+ cat "$LOGFILE"
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
fi
@@ -1335,15 +1331,15 @@
test_primary_volatile_load 0 1 0
test_external_key 0 1
-${TOOLSPATH}/${PREFIX}shutdown -c
+"${TOOLSPATH}/${PREFIX}shutdown" -c
if [ $? -ne 0 ]; then
echo "Error: tpm_shutdown clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
@@ -1353,29 +1349,29 @@
# Run TPM2 with previously saved (volatile) state and verify it's
# working as well
-cp -f ${TESTDIR}/data/tpm2state3d/tpm2-00.permall $TPMDIR/tpm2-00.permall
-cp -f ${TESTDIR}/data/tpm2state3d/tpm2-00.volatilestate $TPMDIR/tpm2-00.volatilestate
+cp -f "${TESTDIR}/data/tpm2state3d/tpm2-00.permall" "$TPMDIR/tpm2-00.permall"
+cp -f "${TESTDIR}/data/tpm2state3d/tpm2-00.volatilestate" "$TPMDIR/tpm2-00.volatilestate"
$SWTPM_EXE socket \
--server port=${TPM_COMMAND_PORT} \
- --tpmstate dir=$TPMDIR \
- --pid file=$PID_FILE \
- --ctrl type=unixio,path=$SOCK_PATH \
- --log file=$LOGFILE,level=20 \
+ --tpmstate "dir=$TPMDIR" \
+ --pid "file=$PID_FILE" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ --log "file=$LOGFILE,level=20" \
--tpm2 \
- ${SWTPM_TEST_SECCOMP_OPT} &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} &
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: (3) Socket TPM did not write pidfile."
exit 1
fi
echo "TPM started with previously generated state"
-PID="$(cat $PID_FILE)"
+PID="$(cat "$PID_FILE")"
# Send TPM_Init
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -i 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -i 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_INIT failed: $act"
exit 1
@@ -1386,15 +1382,15 @@
# Create the orderly nv indices and have them cleared (for coverage)
test_nvram_state 1 1
-${TOOLSPATH}/${PREFIX}clear -hi p
+"${TOOLSPATH}/${PREFIX}clear" -hi p
if [ $? -ne 0 ]; then
echo "Error: clear failed."
- cat $LOGFILE
+ cat "$LOGFILE"
exit 1
fi
# Send Shutdown
-act=$($SWTPM_IOCTL --unix $SOCK_PATH -s 2>&1)
+act=$($SWTPM_IOCTL --unix "$SOCK_PATH" -s 2>&1)
if [ $? -ne 0 ]; then
echo "Error: $SWTPM_IOCTL CMD_SHUTDOWN failed: $act"
exit 1
diff --git a/tests/test_tpm2_save_load_state_da_timeout b/tests/test_tpm2_save_load_state_da_timeout
index ee68d5d..dd63a07 100755
--- a/tests/test_tpm2_save_load_state_da_timeout
+++ b/tests/test_tpm2_save_load_state_da_timeout
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_save_load_state_locking b/tests/test_tpm2_save_load_state_locking
index bab2336..65752f1 100755
--- a/tests/test_tpm2_save_load_state_locking
+++ b/tests/test_tpm2_save_load_state_locking
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
if [ ! -d /proc/$$/fd ] && [ -z "$(type -P lsof)" ]; then
diff --git a/tests/test_tpm2_savestate b/tests/test_tpm2_savestate
index fccd67c..b4ef125 100755
--- a/tests/test_tpm2_savestate
+++ b/tests/test_tpm2_savestate
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_setbuffersize b/tests/test_tpm2_setbuffersize
index 9cbc188..921886d 100755
--- a/tests/test_tpm2_setbuffersize
+++ b/tests/test_tpm2_setbuffersize
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_swtpm_bios b/tests/test_tpm2_swtpm_bios
index 8295737..4206cd7 100755
--- a/tests/test_tpm2_swtpm_bios
+++ b/tests/test_tpm2_swtpm_bios
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_swtpm_cert b/tests/test_tpm2_swtpm_cert
index 4319cc8..5e4aacc 100755
--- a/tests/test_tpm2_swtpm_cert
+++ b/tests/test_tpm2_swtpm_cert
@@ -14,7 +14,7 @@
function cleanup()
{
- rm -f ${cert}
+ rm -f "${cert}"
}
function check_cert_size()
@@ -22,12 +22,14 @@
local cert="$1"
local exp="$2"
+ local size
+
# Unfortunately different GnuTLS versions may create certs of different
# sizes; deactivate this test for now
return
- local size=$(stat -c%s ${cert} 2>/dev/null)
- if [ $size -ne $exp ]; then
+ size=$(stat -c%s "${cert}" 2>/dev/null)
+ if [ "$size" -ne "$exp" ]; then
echo "Warning: Certificate file has unexpected size."
echo " Expected: $exp; found: $size"
fi
@@ -36,9 +38,9 @@
${SWTPM_CERT} \
--tpm2 \
--allow-signing \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
--modulus 'b9dda830729de58f9f5bed2b3b9394ad4ec5afb9c390b89a3337250cbc575cfc8f31f7ffd3f05f4155076f7d1605381cd281b7f147b801154e4f89ee529fe36eae50f79561850e5b63037edaacbb390ea3fcd037e674fb179e3c5afe31214d78a756ca44cc6cf25421b51420ede548310c92b08a513ccc62fd0ef45dcf6546f6e865be6a661d045d1c47b60b428d11dc97cb9f35ee7c385bb20320934b015f8014e8fb19851c2af307e1e64648c142175e40b60615dc494fdb09ea5d5a6f3273b65a241e3cf30cc449b9fb3f900d1ed4be967b32b16f95a1d732dbfa143eaa1c2017556117f70faee5d77f836705d05405361ad5871a32161fa5a1234cfab497' \
--days 3650 \
--pem \
@@ -54,14 +56,14 @@
check_cert_size "${cert}" 1224
# truncate result file
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 1: OK"
${SWTPM_CERT} \
--tpm2 \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
--modulus 'b9dda830729de58f9f5bed2b3b9394ad4ec5afb9c390b89a3337250cbc575cfc8f31f7ffd3f05f4155076f7d1605381cd281b7f147b801154e4f89ee529fe36eae50f79561850e5b63037edaacbb390ea3fcd037e674fb179e3c5afe31214d78a756ca44cc6cf25421b51420ede548310c92b08a513ccc62fd0ef45dcf6546f6e865be6a661d045d1c47b60b428d11dc97cb9f35ee7c385bb20320934b015f8014e8fb19851c2af307e1e64648c142175e40b60615dc494fdb09ea5d5a6f3273b65a241e3cf30cc449b9fb3f900d1ed4be967b32b16f95a1d732dbfa143eaa1c2017556117f70faee5d77f836705d05405361ad5871a32161fa5a1234cfab497' \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
@@ -78,15 +80,15 @@
check_cert_size "${cert}" 1302
# truncate result file
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 2: OK"
${SWTPM_CERT} \
--tpm2 \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
- --pubkey ${TESTDIR}/data/pubek.pem \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
+ --pubkey "${TESTDIR}/data/pubek.pem" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
@@ -103,7 +105,7 @@
# truncate result file
#certtool --certificate-info --infile ${cert}
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 3: OK"
@@ -112,10 +114,10 @@
${SWTPM_CERT} \
--tpm2 \
--type platform \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --pubkey ${TESTDIR}/data/pubek.pem \
- --out-cert ${cert} \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --pubkey "${TESTDIR}/data/pubek.pem" \
+ --out-cert "${cert}" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
@@ -134,5 +136,5 @@
# truncate result file
#certtool --certificate-info --infile ${cert}
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 4: OK"
diff --git a/tests/test_tpm2_swtpm_cert_ecc b/tests/test_tpm2_swtpm_cert_ecc
index 79a0488..c74cebf 100755
--- a/tests/test_tpm2_swtpm_cert_ecc
+++ b/tests/test_tpm2_swtpm_cert_ecc
@@ -14,7 +14,7 @@
function cleanup()
{
- rm -f ${cert}
+ rm -f "${cert}"
}
function check_cert_size()
@@ -22,12 +22,14 @@
local cert="$1"
local exp="$2"
+ local size
+
# Unfortunately different GnuTLS versions may create certs of different
# sizes; deactivate this test for now
return
- local size=$(stat -c%s ${cert} 2>/dev/null)
- if [ $size -ne $exp ]; then
+ size=$(stat -c%s "${cert}" 2>/dev/null)
+ if [ "$size" -ne "$exp" ]; then
echo "Warning: Certificate file has unexpected size."
echo " Expected: $exp; found: $size"
fi
@@ -35,9 +37,9 @@
${SWTPM_CERT} \
--tpm2 \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
--ecc-x 61eaf811ea582656ca2a835dd1b9cd63eb196d7ff62711d6e9b8f85e580a47ca \
--ecc-y a51efdc71fd6c791a24a75beb50526aa81b44cc598e65b2d5e116084aea4cb5b \
--days 3650 \
@@ -53,18 +55,18 @@
#expecting size to be constant
check_cert_size "{$cert}" 948
-#certtool --certificate-info --infile ${cert}
-#openssl x509 -in ${cert} -text
+#certtool --certificate-info --infile "${cert}"
+#openssl x509 -in "${cert}" -text
# truncate result file
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 1: OK"
${SWTPM_CERT} \
--tpm2 \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
--ecc-x 61eaf811ea582656ca2a835dd1b9cd63eb196d7ff62711d6e9b8f85e580a47ca \
--ecc-y a51efdc71fd6c791a24a75beb50526aa81b44cc598e65b2d5e116084aea4cb5b \
--days 3650 \
@@ -82,15 +84,15 @@
check_cert_size "{$cert}" 1025
# truncate result file
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 2: OK"
${SWTPM_CERT} \
--tpm2 \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --out-cert ${cert} \
- --pubkey ${TESTDIR}/data/ecpubek.pem \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --out-cert "${cert}" \
+ --pubkey "${TESTDIR}/data/ecpubek.pem" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
@@ -107,7 +109,7 @@
# truncate result file
#certtool --certificate-info --infile ${cert}
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 3: OK"
@@ -116,10 +118,10 @@
${SWTPM_CERT} \
--tpm2 \
--type platform \
- --signkey ${TESTDIR}/data/signkey.pem \
- --issuercert ${TESTDIR}/data/issuercert.pem \
- --pubkey ${TESTDIR}/data/ecpubek.pem \
- --out-cert ${cert} \
+ --signkey "${TESTDIR}/data/signkey.pem" \
+ --issuercert "${TESTDIR}/data/issuercert.pem" \
+ --pubkey "${TESTDIR}/data/ecpubek.pem" \
+ --out-cert "${cert}" \
--days 3650 \
--subject "OU=foo,L=NewYork,ST=NY,C=US" \
--pem \
@@ -138,5 +140,5 @@
# truncate result file
#certtool --certificate-info --infile ${cert}
-echo -n > ${cert}
+echo -n > "${cert}"
echo "Test 4: OK"
diff --git a/tests/test_tpm2_swtpm_localca b/tests/test_tpm2_swtpm_localca
index b6ff56a..506cd76 100755
--- a/tests/test_tpm2_swtpm_localca
+++ b/tests/test_tpm2_swtpm_localca
@@ -4,7 +4,6 @@
#set -x
TOPBUILD=${abs_top_builddir:-$(dirname "$0")/..}
-TOPSRC=${abs_top_srcdir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SWTPM_LOCALCA=${TOPBUILD}/src/swtpm_localca/swtpm_localca
@@ -13,7 +12,7 @@
ek="80" # 2048 bit key must have highest bit set
for ((i = 1; i < 256; i++)); do
- ek="${ek}$(printf "%02x" $i)"
+ ek="${ek}$(printf "%02x" "$i")"
done
SIGNINGKEY=${workdir}/signingkey.pem
@@ -22,7 +21,7 @@
PATH=${TOPBUILD}/src/swtpm_cert:$PATH
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
if [ -n "$(${CERTTOOL} --help | grep -E "\-\-verify-profile")" ]; then
verify_profile="--verify-profile=medium"
@@ -60,8 +59,8 @@
"--decryption|Key encipherment" \
"|Key encipherment";
do
- params=$(echo ${testparams} | cut -d"|" -f1)
- usage=$(echo ${testparams} | cut -d"|" -f2)
+ params=$(echo "${testparams}" | cut -d"|" -f1)
+ usage=$(echo "${testparams}" | cut -d"|" -f2)
${SWTPM_LOCALCA} \
--type ek \
@@ -72,7 +71,7 @@
--configfile "${workdir}/swtpm-localca.conf" \
--optsfile "${workdir}/swtpm-localca.options" \
--tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0 \
- ${params}
+ ${params:+${params}}
if [ $? -ne 0 ]; then
echo "Error: Test with parameters '$params' failed."
exit 1
@@ -108,7 +107,7 @@
IFS=","
for u in $usage; do
- echo $u
+ echo "$u"
if [ -z "$(${CERTTOOL} -i \
--inder --infile "${workdir}/ek.cert" | \
grep "Key Usage" -A2 | \
@@ -146,14 +145,14 @@
#A few tests with odd vm Ids
for vmid in \
- 's p a c e|s p a c e' \
- '$(ls)>foo|$(ls)\>foo' \
- '`ls`&; #12|`ls`&\; #12' \
- 'foo>&1<&2;$(ls)|foo\>&1\<&2\;$(ls)' \
+ "s p a c e|s p a c e" \
+ "\$(ls)>foo|\$(ls)\>foo" \
+ "\`ls\`&; #12|\`ls\`&\; #12" \
+ "foo>&1<&2;\$(ls)|foo\>&1\<&2\;\$(ls)" \
"'*|'*" \
'"*|\"*' \
- ':$$|:$$' \
- '${t}[]|${t}[]';
+ ":\$\$|:\$\$" \
+ "\${t}[]|\${t}[]";
do
in=$(echo "$vmid" | cut -d"|" -f1)
exp=$(echo "$vmid" | cut -d"|" -f2)
@@ -167,7 +166,7 @@
--configfile "${workdir}/swtpm-localca.conf" \
--optsfile "${workdir}/swtpm-localca.options" \
--tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0 \
- ${params} &>/dev/null
+ ${params:+${params}} &>/dev/null
if [ $? -ne 0 ]; then
echo "Error: Test with parameters '$params' failed."
exit 1
diff --git a/tests/test_tpm2_swtpm_localca_pkcs11.test b/tests/test_tpm2_swtpm_localca_pkcs11.test
index f5f7f0c..17b6955 100755
--- a/tests/test_tpm2_swtpm_localca_pkcs11.test
+++ b/tests/test_tpm2_swtpm_localca_pkcs11.test
@@ -4,7 +4,6 @@
#set -x
TOPBUILD=${abs_top_builddir:-$(dirname "$0")/..}
-TOPSRC=${abs_top_srcdir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SWTPM_LOCALCA=${TOPBUILD}/src/swtpm_localca/swtpm_localca
@@ -24,16 +23,15 @@
ek="80" # 2048 bit key must have highest bit set
for ((i = 1; i < 256; i++)); do
- ek="${ek}$(printf "%02x" $i)"
+ ek="${ek}$(printf "%02x" "$i")"
done
-SIGNINGKEY=${workdir}/signingkey.pem
-ISSUERCERT=${workdir}/issuercert.pem
-CERTSERIAL=${workdir}/certserial
+ISSUERCERT="${workdir}/issuercert.pem"
+CERTSERIAL="${workdir}/certserial"
-PATH=${TOPBUILD}/src/swtpm_cert:$PATH
+PATH="${TOPBUILD}/src/swtpm_cert:$PATH"
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
if [ -n "$(${CERTTOOL} --help | grep -E "\-\-verify-profile")" ]; then
verify_profile="--verify-profile=medium"
@@ -43,8 +41,8 @@
function cleanup()
{
- rm -rf ${workdir}
- ${TESTDIR}/softhsm_setup teardown
+ rm -rf "${workdir}"
+ "${TESTDIR}/softhsm_setup" teardown
}
skip_test_linked_with_asan "${SWTPM_LOCALCA}"
@@ -53,35 +51,34 @@
export PIN="abcdef"
# Generate the PKCS11 token and key; it uses env. variable 'PIN'
-msg=$(${TESTDIR}/softhsm_setup setup 2>&1)
+msg=$("${TESTDIR}/softhsm_setup" setup 2>&1)
if [ $? -ne 0 ]; then
echo -e "Could not setup softhsm:\n${msg}"
echo "softhsm needs to be v2.3.0 or greater and pkcs11 correctly configured"
exit 77
fi
-pkcs11uri=$(echo ${msg} | sed -n 's|^keyuri: \(.*\)|\1|p')
+pkcs11uri=$(echo "${msg}" | sed -n 's|^keyuri: \(.*\)|\1|p')
# Now we need to create the root CA ...
-template=${workdir}/template
+template="${workdir}/template"
-cakey=${workdir}/swtpm-localca-rootca-privkey.pem
-cacert=${workdir}/swtpm-localca-rootca-cert.pem
+cakey="${workdir}/swtpm-localca-rootca-privkey.pem"
+cacert="${workdir}/swtpm-localca-rootca-cert.pem"
# first the private key
msg=$(${CERTTOOL} \
--generate-privkey \
- --outfile ${cakey} \
- ${passparam} \
+ --outfile "${cakey}" \
2>&1)
if [ $? -ne 0 ]; then
echo "Could not create root-CA key ${cakey}."
echo "${msg}"
exit 1
fi
-chmod 640 ${cakey}
+chmod 640 "${cakey}"
# now the self-signed certificate
-cat <<_EOF_ >${template}
+cat <<_EOF_ > "${template}"
cn=swtpm-localca-rootca
ca
cert_signing_key
@@ -90,9 +87,9 @@
msg=$(${CERTTOOL} \
--generate-self-signed \
- --template ${template} \
- --outfile ${cacert} \
- --load-privkey ${cakey} \
+ --template "${template}" \
+ --outfile "${cacert}" \
+ --load-privkey "${cakey}" \
2>&1)
if [ $? -ne 0 ]; then
echo "Could not create root CA."
@@ -102,19 +99,19 @@
# And now create the intermediate CA with the pkcs11 URI key
-pubkey=${workdir}/swtpm-localca-interm-pubkey.pem
+pubkey="${workdir}/swtpm-localca-interm-pubkey.pem"
msg=$(GNUTLS_PIN=${PIN} ${CERTTOOL} \
- --load-privkey ${pkcs11uri} \
+ --load-privkey "${pkcs11uri}" \
--pubkey-info \
- --outfile ${pubkey})
+ --outfile "${pubkey}")
if [ $? -ne 0 ]; then
echo "Could not get public key for pkcs11 uri key ($pkcs11uri}."
echo "${msg}"
exit 1
fi
-cat <<_EOF_ > ${template}
+cat <<_EOF_ > "${template}"
cn=swtpm-localca
ca
cert_signing_key
@@ -123,12 +120,12 @@
msg=$(GNUTLS_PIN=${PIN} ${CERTTOOL} \
--generate-certificate \
- --template ${template} \
- --outfile ${ISSUERCERT} \
- --load-ca-privkey ${cakey} \
- --load-ca-certificate ${cacert} \
- --load-privkey ${pkcs11uri} \
- --load-pubkey ${pubkey} \
+ --template "${template}" \
+ --outfile "${ISSUERCERT}" \
+ --load-ca-privkey "${cakey}" \
+ --load-ca-certificate "${cacert}" \
+ --load-privkey "${pkcs11uri}" \
+ --load-pubkey "${pubkey}" \
2>&1)
if [ $? -ne 0 ]; then
echo "Could not create intermediate CA"
@@ -136,18 +133,18 @@
exit 1
fi
-echo -n 1 > ${CERTSERIAL}
+echo -n 1 > "${CERTSERIAL}"
# Now we can create the config files
-cat <<_EOF_ > ${workdir}/swtpm-localca.conf
+cat <<_EOF_ > "${workdir}/swtpm-localca.conf"
statedir = ${workdir}
-signingkey = $(echo ${pkcs11uri} | sed 's|;|\\;|g')
+signingkey = $(echo "${pkcs11uri}" | sed 's|;|\\;|g')
issuercert = ${ISSUERCERT}
certserial = ${CERTSERIAL}
SWTPM_PKCS11_PIN = ${PIN}
_EOF_
-cat <<_EOF_ > ${workdir}/swtpm-localca.options
+cat <<_EOF_ > "${workdir}/swtpm-localca.options"
--tpm-manufacturer IBM
--tpm-model swtpm-libtpms
--tpm-version 2
@@ -164,19 +161,19 @@
"--decryption|Key encipherment" \
"|Key encipherment";
do
- params=$(echo ${testparams} | cut -d"|" -f1)
- usage=$(echo ${testparams} | cut -d"|" -f2)
+ params=$(echo "${testparams}" | cut -d"|" -f1)
+ usage=$(echo "${testparams}" | cut -d"|" -f2)
msg=$(${SWTPM_LOCALCA} \
--type ek \
- --ek ${ek} \
- --dir ${workdir} \
+ --ek "${ek}" \
+ --dir "${workdir}" \
--vmid test \
--tpm2 \
- --configfile ${workdir}/swtpm-localca.conf \
- --optsfile ${workdir}/swtpm-localca.options \
+ --configfile "${workdir}/swtpm-localca.conf" \
+ --optsfile "${workdir}/swtpm-localca.options" \
--tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0 \
- ${params} 2>&1)
+ ${params:+${params}} 2>&1)
if [ $? -ne 0 ]; then
echo "Error: Test with parameters '$params' failed."
echo "${msg}"
@@ -188,7 +185,7 @@
exit 1
fi
- if [ ! -r ${workdir}/ek.cert ]; then
+ if [ ! -r "${workdir}/ek.cert" ]; then
echo "${msg}"
echo "Error: ${workdir}/ek.cert was not created."
exit 1
@@ -199,7 +196,7 @@
for u in $usage; do
if [ -z "$(${CERTTOOL} -i \
- --inder --infile ${workdir}/ek.cert | \
+ --inder --infile "${workdir}/ek.cert" | \
grep "Key Usage" -A2 | \
grep "$u")" ]; then
echo "Error: Could not find key usage $u in key created " \
@@ -213,14 +210,14 @@
${CERTTOOL} \
-i \
- --inder --infile ${workdir}/ek.cert \
- --outfile ${workdir}/ek.pem
+ --inder --infile "${workdir}/ek.cert" \
+ --outfile "${workdir}/ek.pem"
GNUTLS_PIN=${PIN} ${CERTTOOL} \
--verify \
${verify_profile} \
- --load-ca-certificate ${ISSUERCERT} \
- --infile ${workdir}/ek.pem
+ --load-ca-certificate "${ISSUERCERT}" \
+ --infile "${workdir}/ek.pem"
if [ $? -ne 0 ]; then
echo "Error: Could not verify certificate chain."
exit 1
diff --git a/tests/test_tpm2_swtpm_setup_create_cert b/tests/test_tpm2_swtpm_setup_create_cert
index 1582b54..898bd4e 100755
--- a/tests/test_tpm2_swtpm_setup_create_cert
+++ b/tests/test_tpm2_swtpm_setup_create_cert
@@ -3,11 +3,10 @@
# For the license, see the LICENSE file in the root directory.
TOPBUILD=${abs_top_builddir:-$(dirname "$0")/..}
-TOPSRC=${abs_top_srcdir:-$(dirname "$0")/..}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
SWTPM_LOCALCA=${TOPBUILD}/src/swtpm_localca/swtpm_localca
@@ -66,10 +65,10 @@
keysizes+=" 3072"
fi
-for keysize in $(echo $keysizes); do
+for keysize in ${keysizes}; do
echo "Testing with RSA keysize $keysize"
# we need to create at least one cert: --create-ek-cert
- $SWTPM_SETUP \
+ if ! ${SWTPM_SETUP} \
--tpm2 \
--allow-signing \
--tpm-state "${workdir}" \
@@ -78,11 +77,10 @@
--config "${workdir}/swtpm_setup.conf" \
--logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}" \
- --rsa-keysize ${keysize} \
+ --rsa-keysize "${keysize}" \
--overwrite \
- --write-ek-cert-files "${USER_CERTSDIR}"
-
- if [ $? -ne 0 ]; then
+ --write-ek-cert-files "${USER_CERTSDIR}";
+ then
echo "Error: Could not run $SWTPM_SETUP."
echo "Logfile output:"
cat "${workdir}/logfile"
@@ -117,7 +115,7 @@
exit 1
fi
- rm -rf "${SIGNINGKEY}" "${ISSUERCERT}" "${CERTSERIAL}" ${USER_CERTSDIR}/ek-*.crt
+ rm -rf "${SIGNINGKEY}" "${ISSUERCERT}" "${CERTSERIAL}" "${USER_CERTSDIR}"/ek-*.crt
done
echo "Test 1: OK"
@@ -131,13 +129,15 @@
# since activating the PCR banks changes a few bits in the permanent
# state, also when the state is not encrypted.
local PERMALL_FILE="${workdir}/tpm2-00.permall"
- local permall_size=$(get_filesize "${PERMALL_FILE}")
+ local permall_hash permall_size newhash newsize
+
+ permall_size=$(get_filesize "${PERMALL_FILE}")
for pcrbanks in "sha256" "sha256,sha384" "sha256,sha384,sha512"; do
# hash must change between before and after
permall_hash=$(get_sha1_file "${PERMALL_FILE}")
- $SWTPM_SETUP \
+ if ! ${SWTPM_SETUP} \
--tpm2 \
--tpm-state "${workdir}" \
--config "${workdir}/swtpm_setup.conf" \
@@ -145,24 +145,24 @@
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}" \
--pcr-banks "${pcrbanks}" \
--reconfigure \
- ${pwdfile:+--pwdfile "${pwdfile}"}
- if [ $? -ne 0 ]; then
+ ${pwdfile:+--pwdfile "${pwdfile}"};
+ then
echo "Error: Could not run $SWTPM_SETUP --reconfigure."
echo "Logfile output:"
cat "${workdir}/logfile"
exit 1
fi
- local newhash=$(get_sha1_file "${PERMALL_FILE}")
+ newhash=$(get_sha1_file "${PERMALL_FILE}")
if [ "${newhash}" = "${permall_hash}" ]; then
echo "Error: The hash of the permanent state did not change."
exit 1
fi
- local newsize=$(get_filesize "${PERMALL_FILE}")
+ newsize=$(get_filesize "${PERMALL_FILE}")
if [ "${newsize}" != "${permall_size}" ]; then
echo "Error: The size of the permanent state file changed."
- echo "Actual : ${tmp}"
+ echo "Actual : ${newsize}"
echo "Expected: ${permall_size}"
fi
echo "Filesize: ${newsize}; hash: ${newhash}; pwdfile: ${pwdfile}"
@@ -176,7 +176,7 @@
rm -f "${workdir}/logfile"
for pwdfile in "" "${PWDFILE}"; do
- $SWTPM_SETUP \
+ if ! ${SWTPM_SETUP} \
--tpm2 \
--ecc \
--tpm-state "${workdir}" \
@@ -187,9 +187,7 @@
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}" \
--overwrite \
--write-ek-cert-files "${workdir}" \
- ${pwdfile:+--pwdfile "${pwdfile}"}
-
- if [ $? -ne 0 ]; then
+ ${pwdfile:+--pwdfile "${pwdfile}"}; then
echo "Error: Could not run $SWTPM_SETUP."
echo "Logfile output:"
cat "${workdir}/logfile"
diff --git a/tests/test_tpm2_swtpm_setup_overwrite b/tests/test_tpm2_swtpm_setup_overwrite
index eac7e4d..0efd649 100755
--- a/tests/test_tpm2_swtpm_setup_overwrite
+++ b/tests/test_tpm2_swtpm_setup_overwrite
@@ -6,7 +6,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
SRCDIR=${abs_top_srcdir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
STATEBASENAME="tpm2-00.permall"
@@ -16,7 +16,7 @@
function cleanup()
{
- rm -rf ${workdir}
+ rm -rf "${workdir}"
}
# Test 1: --not-overwrite with dummy state file
@@ -24,27 +24,27 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/${STATEBASENAME}"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
$SWTPM_SETUP \
--tpm2 \
--not-overwrite \
- --tpm-state ${workdir} \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --tpm-state "${workdir}" \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 0 ]; then
echo "Test 1 failed: Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
-if [ -z "$(grep ${dummydata} ${statefile})" ]; then
+if [ -z "$(grep "${dummydata}" "${statefile}")" ]; then
echo "Test 1 failed: Error: The state file was unexpectedly overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
@@ -56,27 +56,27 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/${STATEBASENAME}"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
$SWTPM_SETUP \
--tpm2 \
--overwrite \
- --tpm-state ${workdir} \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --tpm-state "${workdir}" \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 0 ]; then
echo "Test 2 failed: Error: Could not run $SWTPM_SETUP."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
-if [ -n "$(grep ${dummydata} ${statefile})" ]; then
+if [ -n "$(grep "${dummydata}" "${statefile}")" ]; then
echo "Test 2 failed: Error: The state file was not overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
@@ -88,26 +88,26 @@
workdir="$(mktemp -d)" || exit 1
statefile="${workdir}/${STATEBASENAME}"
dummydata="DUMMY"
-echo $dummydata > ${statefile}
+echo "$dummydata" > "${statefile}"
$SWTPM_SETUP \
--tpm2 \
- --tpm-state ${workdir} \
- --config ${SWTPM_SETUP_CONF} \
- --logfile ${workdir}/logfile \
+ --tpm-state "${workdir}" \
+ --config "${SWTPM_SETUP_CONF}" \
+ --logfile "${workdir}/logfile" \
--tpm "${SWTPM_EXE} socket ${SWTPM_TEST_SECCOMP_OPT}"
if [ $? -ne 1 ]; then
echo "Test 3 failed: Error: $SWTPM_SETUP did not exit with exit code 1."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
-if [ -z "$(grep ${dummydata} ${statefile})" ]; then
+if [ -z "$(grep "${dummydata}" "${statefile}")" ]; then
echo "Test 3 failed: Error: The state file was unexpectedly overwritten."
echo "Setup Logfile:"
- cat ${workdir}/logfile
+ cat "${workdir}/logfile"
exit 1
fi
diff --git a/tests/test_tpm2_volatilestate b/tests/test_tpm2_volatilestate
index 706302f..dd134ef 100755
--- a/tests/test_tpm2_volatilestate
+++ b/tests/test_tpm2_volatilestate
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm2_vtpm_proxy b/tests/test_tpm2_vtpm_proxy
index b80e5c4..40256fe 100755
--- a/tests/test_tpm2_vtpm_proxy
+++ b/tests/test_tpm2_vtpm_proxy
@@ -26,39 +26,39 @@
{
pid=$(ps aux | grep $SWTPM | grep -E " file=${PID_FILE}\$" | gawk '{print $2}')
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
-source ${TESTDIR}/load_vtpm_proxy
+source "${TESTDIR}/load_vtpm_proxy"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
$SWTPM_EXE chardev \
--tpm2 \
--vtpm-proxy \
- --tpmstate dir=$TPM_PATH \
- --ctrl type=unixio,path=$SOCK_PATH \
+ --tpmstate "dir=$TPM_PATH" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
--flags startup-clear \
- ${SWTPM_TEST_SECCOMP_OPT} \
- --pid file=$PID_FILE &>$LOGFILE &
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} \
+ --pid "file=$PID_FILE" &>"$LOGFILE" &
sleep 0.5
PID=$(ps aux | grep $SWTPM | grep -E " file=${PID_FILE}\$" | gawk '{print $2}')
display_processes_by_name "$SWTPM"
-kill_quiet -0 $PID
+kill_quiet -0 "$PID"
if [ $? -ne 0 ]; then
echo "Error: Chardev TPM did not start."
exit 1
fi
-TPM_DEVICE=$(sed -n 's,.*\(/dev/tpm[0-9]\+\).*,\1,p' $LOGFILE)
+TPM_DEVICE=$(sed -n 's,.*\(/dev/tpm[0-9]\+\).*,\1,p' "$LOGFILE")
echo "Using ${TPM_DEVICE}."
# Wait for chardev to appear
@@ -72,7 +72,7 @@
fi
# Open access to the TPM
-exec 100<>$TPM_DEVICE
+exec 100<>"$TPM_DEVICE"
if [ $? -ne 0 ]; then
echo "Error: Could not open $TPM_DEVICE"
exit 1
@@ -92,23 +92,23 @@
exec 100>&-
-kill_quiet -0 $PID
+kill_quiet -0 "$PID"
if [ $? -ne 0 ]; then
echo "Error: Chardev TPM must have crashed."
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-echo -en '\x00\x00\x00\x03' > $CMD_PATH
-socat -x -t10 FILE:$CMD_PATH,rdonly UNIX-CONNECT:$SOCK_PATH 2>&1 | \
+echo -en '\x00\x00\x00\x03' > "$CMD_PATH"
+socat -x -t10 "FILE:$CMD_PATH,rdonly" "UNIX-CONNECT:$SOCK_PATH" 2>&1 | \
sed -n '/^ /p' | \
- tail -n1 > $RESP_PATH
-res="$(cat $RESP_PATH)"
+ tail -n1 > "$RESP_PATH"
+res="$(cat "$RESP_PATH")"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_SHUTDOWN:"
@@ -117,12 +117,12 @@
exit 1
fi
-if wait_process_gone ${PID} 1; then
+if wait_process_gone "${PID}" 1; then
echo "Error: TPM should not be running anymore."
exit 1
fi
-if [ -f $PID_FILE ]; then
+if [ -f "$PID_FILE" ]; then
echo "Error: TPM should have removed the PID file."
exit 1
fi
diff --git a/tests/test_tpm2_wrongorder b/tests/test_tpm2_wrongorder
index f879d82..a3dad69 100755
--- a/tests/test_tpm2_wrongorder
+++ b/tests/test_tpm2_wrongorder
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm20 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_tpm_probe b/tests/test_tpm_probe
index de7ddaa..0528ba8 100755
--- a/tests/test_tpm_probe
+++ b/tests/test_tpm_probe
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_volatilestate b/tests/test_volatilestate
index e10bcfd..29fe26d 100755
--- a/tests/test_volatilestate
+++ b/tests/test_volatilestate
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"
diff --git a/tests/test_vtpm_proxy b/tests/test_vtpm_proxy
index e13b641..dfdc297 100755
--- a/tests/test_vtpm_proxy
+++ b/tests/test_vtpm_proxy
@@ -26,37 +26,37 @@
{
pid=$(ps aux | grep $SWTPM | grep -E " file=${PID_FILE}\$" | gawk '{print $2}')
if [ -n "$pid" ]; then
- kill_quiet -9 $pid
+ kill_quiet -9 "$pid"
fi
- rm -rf $TPM_PATH
+ rm -rf "$TPM_PATH"
}
trap "cleanup" EXIT
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
-source ${TESTDIR}/load_vtpm_proxy
+source "${TESTDIR}/load_vtpm_proxy"
-rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
+rm -f "$STATE_FILE" "$VOLATILE_STATE_FILE" 2>/dev/null
$SWTPM_EXE chardev --vtpm-proxy \
- --tpmstate dir=$TPM_PATH \
- --ctrl type=unixio,path=$SOCK_PATH \
- ${SWTPM_TEST_SECCOMP_OPT} \
- --pid file=$PID_FILE &>$LOGFILE &
+ --tpmstate "dir=$TPM_PATH" \
+ --ctrl "type=unixio,path=$SOCK_PATH" \
+ ${SWTPM_TEST_SECCOMP_OPT:+${SWTPM_TEST_SECCOMP_OPT}} \
+ --pid "file=$PID_FILE" &>"$LOGFILE" &
sleep 0.5
PID=$(ps aux | grep $SWTPM | grep -E " file=${PID_FILE}\$" | gawk '{print $2}')
display_processes_by_name "$SWTPM"
-kill_quiet -0 $PID
+kill_quiet -0 "$PID"
if [ $? -ne 0 ]; then
echo "Error: Chardev TPM did not start."
exit 1
fi
-if wait_for_file $PID_FILE 3; then
+if wait_for_file "$PID_FILE" 3; then
echo "Error: Chardev TPM did not write pidfile."
exit 1
fi
@@ -65,7 +65,7 @@
# with valgrind
for ((i = 0; i < 200; i ++)); do
if [ -z "${TPM_DEVICE}" ]; then
- TPM_DEVICE=$(sed -n 's,.*\(/dev/tpm[0-9]\+\).*,\1,p' $LOGFILE)
+ TPM_DEVICE=$(sed -n 's,.*\(/dev/tpm[0-9]\+\).*,\1,p' "$LOGFILE")
if [ -n "${TPM_DEVICE}" ]; then
echo "Using ${TPM_DEVICE}."
fi
@@ -81,7 +81,7 @@
fi
# Open access to the TPM
-exec 100<>$TPM_DEVICE
+exec 100<>"$TPM_DEVICE"
if [ $? -ne 0 ]; then
echo "Error: Could not open $TPM_DEVICE"
exit 1
@@ -101,23 +101,23 @@
exec 100>&-
-kill_quiet -0 $PID
+kill_quiet -0 "$PID"
if [ $? -ne 0 ]; then
echo "Error: Chardev TPM must have crashed."
exit 1
fi
-if [ ! -e $STATE_FILE ]; then
+if [ ! -e "$STATE_FILE" ]; then
echo "Error: TPM state file $STATE_FILE does not exist."
exit 1
fi
# Send shutdown command to the TPM: CMD_SHUTDOWN = 00 00 00 03
-echo -en '\x00\x00\x00\x03' > $CMD_PATH
-socat -x -t10 FILE:$CMD_PATH,rdonly UNIX-CONNECT:$SOCK_PATH 2>&1 | \
+echo -en '\x00\x00\x00\x03' > "$CMD_PATH"
+socat -x -t10 "FILE:$CMD_PATH,rdonly" "UNIX-CONNECT:$SOCK_PATH" 2>&1 | \
sed -n '/^ /p' | \
- tail -n1 > $RESP_PATH
-res="$(cat $RESP_PATH)"
+ tail -n1 > "$RESP_PATH"
+res="$(cat "$RESP_PATH")"
exp=" 00 00 00 00"
if [ "$res" != "$exp" ]; then
echo "Error: Unexpected response from CMD_SHUTDOWN:"
@@ -126,12 +126,12 @@
exit 1
fi
-if wait_file_gone $PID_FILE 2; then
+if wait_file_gone "$PID_FILE" 2; then
echo "Error: TPM should have removed PID file by now."
exit 1
fi
-if wait_process_gone ${PID} 4; then
+if wait_process_gone "${PID}" 4; then
echo "Error: TPM should not be running anymore."
exit 1
fi
diff --git a/tests/test_wrongorder b/tests/test_wrongorder
index cc6498b..f53998f 100755
--- a/tests/test_wrongorder
+++ b/tests/test_wrongorder
@@ -2,7 +2,7 @@
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ROOT=${abs_top_builddir:-$(dirname "$0")/..}
-source ${TESTDIR}/common
+source "${TESTDIR}/common"
skip_test_no_tpm12 "${SWTPM_EXE}"
cd "$(dirname "$0")"