| #!/usr/bin/env bash |
| |
| if [ ${SWTPM_TEST_EXPENSIVE:-0} -eq 0 ]; then |
| exit 77 |
| fi |
| |
| ROOT=${abs_top_builddir:-$(pwd)/..} |
| TESTDIR=${abs_top_testdir:-$(dirname "$0")} |
| ABSTESTDIR=$(cd ${TESTDIR} &>/dev/null;echo ${PWD}) |
| |
| SWTPM_SERVER_PORT=65426 |
| SWTPM_SERVER_NAME=127.0.0.1 |
| SWTPM_CTRL_PORT=65427 |
| SWTPM_INTERFACE=socket+socket |
| |
| function cleanup() { |
| pid=${SWTPM_PID} |
| if [ -n "$pid" ]; then |
| kill_quiet -9 $pid |
| fi |
| if [ -n ${WORKDIR} ]; then |
| rm -rf ${WORKDIR} |
| fi |
| } |
| |
| trap "cleanup" EXIT |
| |
| source ${TESTDIR}/common |
| WORKDIR=$(mktemp -d) |
| |
| REGLOG=${WORKDIR}/reglog |
| |
| SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm ${SWTPM_INTERFACE} \ |
| --tpm2 \ |
| --tpmstate dir=${WORKDIR} \ |
| --flags not-need-init |
| |
| pushd ${WORKDIR} &>/dev/null |
| |
| git clone https://git.code.sf.net/p/ibmtpm20tss/tss ibmtpm20tss-tss |
| |
| pushd ibmtpm20tss-tss &>/dev/null |
| |
| git checkout tags/v1.5.0 |
| if [ $? -ne 0 ]; then |
| echo "'Git checkout' failed." |
| exit 1 |
| fi |
| |
| # A v1.5.0 bug work-around: |
| pushd utils/regtests &>/dev/null |
| # We cannot run the EK certificate tests since rootcerts.txt points to |
| # files we do not have |
| for line in 305 306 307 407 408 409 545 546 547; do |
| sed -i "${line}s/./\#\0/" testcredential.sh |
| done |
| |
| sed -i 's/pass:rrrr 2048/pass:rrrr ${BITS}/' testrsa.sh |
| popd &>/dev/null |
| |
| autoreconf --force --install |
| unset CFLAGS LDFLAGS LIBS |
| ./configure --disable-tpm-1.2 |
| make -j4 |
| |
| pushd utils |
| |
| rsa3072=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 4 | |
| sed -n 's/.*"RSAKeySizes":\[\([0-9,]*\)\].*/\1/p' | |
| grep 3072) |
| if [ -z "$rsa3072" ]; then |
| echo "Modifying test cases related to RSA 3072 keys." |
| |
| patch -p2 < "${ABSTESTDIR}/patches/ibmtss2_1.5_rsa2048only.patch" |
| if [ $? -ne 0 ]; then |
| echo "Patching of testsuite failed" |
| exit 1 |
| fi |
| else |
| echo "swptm/libtpms support RSA 3072 bit keys" |
| fi |
| |
| sed -i 's/export CRYPTOLIBRARY.*/export CRYPTOLIBRARY=openssl/' reg.sh |
| |
| # Adjust test suite to TPM 2.0 revision libtpms is implementing |
| revision=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 1 | |
| sed 's/.*,"revision":\([^\}]*\).*/\1/') |
| echo "Libtpms implements TPM 2.0 revision ${revision}." |
| if [ $revision -lt 155 ]; then |
| echo "Removing revision 155 test cases." |
| for t in regtests/testattest155.sh regtests/testx509.sh |
| do |
| rm "${t}" |
| touch "${t}" |
| chmod 777 "${t}" |
| done |
| fi |
| |
| export TPM_SERVER_NAME=127.0.0.1 |
| export TPM_INTERFACE_TYPE=socsim |
| export TPM_COMMAND_PORT=${SWTPM_SERVER_PORT} |
| export TPM_PLATFORM_PORT=${SWTPM_CTRL_PORT} |
| |
| export SWTPM_IOCTL |
| |
| cat <<_EOF_ > powerup |
| #!/usr/bin/env bash |
| \${SWTPM_IOCTL} -i --tcp \${TPM_SERVER_NAME}:\${TPM_PLATFORM_PORT} |
| exit \$? |
| _EOF_ |
| chmod 755 powerup |
| |
| ./startup |
| if [ $? -ne 0 ]; then |
| echo "Startup of TPM2 failed" |
| exit 1 |
| fi |
| |
| ./reg.sh -a 2>&1 | tee ${REGLOG} |
| |
| ret=0 |
| |
| if [ -n "$(grep -E "^ ERROR:" ${REGLOG})" ]; then |
| echo "There were test failures running the IBM TSS 2 tests" |
| grep -E "^ ERROR:" ${REGLOG} -B2 -A2 |
| ret=1 |
| fi |
| |
| # Shut down |
| run_swtpm_ioctl ${SWTPM_INTERFACE} -s |
| if [ $? -ne 0 ]; then |
| echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM." |
| ret=1 |
| fi |
| |
| if wait_process_gone ${SWTPM_PID} 4; then |
| echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore." |
| ret=1 |
| fi |
| |
| popd &>/dev/null |
| popd &>/dev/null |
| popd &>/dev/null |
| |
| [ $ret -eq 0 ] && echo "OK" |
| |
| exit $ret |