]>
Commit | Line | Data |
---|---|---|
8f0f381f | 1 | #!/usr/bin/env bash |
e46a2b66 SB |
2 | |
3 | # For the license, see the LICENSE file in the root directory. | |
4 | ||
313cf75c SB |
5 | ROOT=${abs_top_builddir:-$(dirname "$0")/..} |
6 | TESTDIR=${abs_top_testdir:=$(dirname "$0")} | |
7 | ||
660ec542 | 8 | SWTPM_CERT=${SWTPM_CERT:-${ROOT}/src/swtpm_cert/swtpm_cert} |
e46a2b66 SB |
9 | |
10 | cert=$(mktemp) | |
b35eb9fc | 11 | pwdfile=$(mktemp) |
e46a2b66 SB |
12 | |
13 | trap "cleanup" SIGTERM EXIT | |
14 | ||
15 | ||
16 | function cleanup() | |
17 | { | |
b35eb9fc | 18 | rm -f "${cert}" "${pwdfile}" |
e46a2b66 SB |
19 | } |
20 | ||
cf56d345 SB |
21 | function check_cert_size() |
22 | { | |
23 | local cert="$1" | |
24 | local exp="$2" | |
25 | ||
26 | # Unfortunately different GnuTLS versions may create certs of different | |
27 | # sizes; deactivate this test for now | |
28 | return | |
29 | ||
30 | local size=$(stat -c%s ${cert} 2>/dev/null) | |
31 | if [ $size -ne $exp ]; then | |
32 | echo "Warning: Certificate file has unexpected size." | |
33 | echo " Expected: $exp; found: $size" | |
34 | fi | |
35 | } | |
36 | ||
b35eb9fc SB |
37 | VARNAME=password ${SWTPM_CERT} \ |
38 | --signkey ${TESTDIR}/data/signkey-encrypted.pem \ | |
39 | --signkey-pwd env:VARNAME \ | |
313cf75c | 40 | --issuercert ${TESTDIR}/data/issuercert.pem \ |
e46a2b66 SB |
41 | --out-cert ${cert} \ |
42 | --modulus 'b9dda830729de58f9f5bed2b3b9394ad4ec5afb9c390b89a3337250cbc575cfc8f31f7ffd3f05f4155076f7d1605381cd281b7f147b801154e4f89ee529fe36eae50f79561850e5b63037edaacbb390ea3fcd037e674fb179e3c5afe31214d78a756ca44cc6cf25421b51420ede548310c92b08a513ccc62fd0ef45dcf6546f6e865be6a661d045d1c47b60b428d11dc97cb9f35ee7c385bb20320934b015f8014e8fb19851c2af307e1e64648c142175e40b60615dc494fdb09ea5d5a6f3273b65a241e3cf30cc449b9fb3f900d1ed4be967b32b16f95a1d732dbfa143eaa1c2017556117f70faee5d77f836705d05405361ad5871a32161fa5a1234cfab497' \ | |
43 | --days 3650 \ | |
44 | --pem \ | |
68baacd7 SB |
45 | --tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 1.2 \ |
46 | --tpm-spec-family 1.2 --tpm-spec-revision 123 --tpm-spec-level 321 | |
e46a2b66 | 47 | |
d7fc0469 SB |
48 | if [ $? -ne 0 ]; then |
49 | echo "Error: ${SWTPM_CERT} returned error code." | |
50 | exit 1 | |
51 | fi | |
52 | ||
e46a2b66 | 53 | #expecting size to be constant |
cf56d345 | 54 | check_cert_size "${cert}" 1224 |
e46a2b66 SB |
55 | |
56 | # truncate result file | |
57 | echo -n > ${cert} | |
58 | echo "Test 1: OK" | |
59 | ||
60 | ${SWTPM_CERT} \ | |
b35eb9fc SB |
61 | --signkey ${TESTDIR}/data/signkey-encrypted.pem \ |
62 | --signkey-pwd file:<(echo -en "password") \ | |
313cf75c | 63 | --issuercert ${TESTDIR}/data/issuercert.pem \ |
e46a2b66 SB |
64 | --out-cert ${cert} \ |
65 | --modulus 'b9dda830729de58f9f5bed2b3b9394ad4ec5afb9c390b89a3337250cbc575cfc8f31f7ffd3f05f4155076f7d1605381cd281b7f147b801154e4f89ee529fe36eae50f79561850e5b63037edaacbb390ea3fcd037e674fb179e3c5afe31214d78a756ca44cc6cf25421b51420ede548310c92b08a513ccc62fd0ef45dcf6546f6e865be6a661d045d1c47b60b428d11dc97cb9f35ee7c385bb20320934b015f8014e8fb19851c2af307e1e64648c142175e40b60615dc494fdb09ea5d5a6f3273b65a241e3cf30cc449b9fb3f900d1ed4be967b32b16f95a1d732dbfa143eaa1c2017556117f70faee5d77f836705d05405361ad5871a32161fa5a1234cfab497' \ | |
66 | --days 3650 \ | |
67 | --subject "OU=foo,L=NewYork,ST=NY,C=US" \ | |
68 | --pem \ | |
68baacd7 SB |
69 | --tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 1.2 \ |
70 | --tpm-spec-family 1.2 --tpm-spec-revision 123 --tpm-spec-level 321 | |
e46a2b66 | 71 | |
d7fc0469 SB |
72 | if [ $? -ne 0 ]; then |
73 | echo "Error: ${SWTPM_CERT} returned error code." | |
74 | exit 1 | |
75 | fi | |
76 | ||
e46a2b66 | 77 | #expecting size to be constant |
cf56d345 | 78 | check_cert_size "${cert}" 1302 |
e46a2b66 SB |
79 | |
80 | # truncate result file | |
81 | echo -n > ${cert} | |
82 | echo "Test 2: OK" | |
83 | ||
84 | ${SWTPM_CERT} \ | |
b35eb9fc SB |
85 | --signkey ${TESTDIR}/data/signkey-encrypted.pem \ |
86 | --signkey-pwd pass:password \ | |
313cf75c | 87 | --issuercert ${TESTDIR}/data/issuercert.pem \ |
e46a2b66 | 88 | --out-cert ${cert} \ |
313cf75c | 89 | --pubkey ${TESTDIR}/data/pubek.pem \ |
e46a2b66 SB |
90 | --days 3650 \ |
91 | --subject "OU=foo,L=NewYork,ST=NY,C=US" \ | |
92 | --pem \ | |
68baacd7 SB |
93 | --tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 1.2 \ |
94 | --tpm-spec-family 1.2 --tpm-spec-revision 123 --tpm-spec-level 321 | |
e46a2b66 | 95 | |
d7fc0469 SB |
96 | if [ $? -ne 0 ]; then |
97 | echo "Error: ${SWTPM_CERT} returned error code." | |
98 | exit 1 | |
99 | fi | |
100 | ||
e46a2b66 | 101 | #expecting size to be constant |
cf56d345 | 102 | check_cert_size "${cert}" 1367 |
e46a2b66 SB |
103 | |
104 | # truncate result file | |
105 | #certtool --certificate-info --infile ${cert} | |
106 | echo -n > ${cert} | |
107 | echo "Test 3: OK" | |
108 | ||
109 | ||
110 | ###################### Platform Certificate ##################### | |
111 | ||
b35eb9fc SB |
112 | echo -en "password" > ${pwdfile} |
113 | exec 100<${pwdfile} | |
e46a2b66 SB |
114 | ${SWTPM_CERT} \ |
115 | --type platform \ | |
b35eb9fc SB |
116 | --signkey ${TESTDIR}/data/signkey-encrypted.pem \ |
117 | --signkey-pwd fd:100 \ | |
313cf75c SB |
118 | --issuercert ${TESTDIR}/data/issuercert.pem \ |
119 | --pubkey ${TESTDIR}/data/pubek.pem \ | |
e46a2b66 SB |
120 | --out-cert ${cert} \ |
121 | --days 3650 \ | |
122 | --subject "OU=foo,L=NewYork,ST=NY,C=US" \ | |
123 | --pem \ | |
124 | --tpm-manufacturer IBM --tpm-model swtpm-libtpms --tpm-version 1.2 \ | |
125 | --platform-manufacturer Fedora \ | |
126 | --platform-model QEMU \ | |
127 | --platform-version 2.1 | |
128 | ||
d7fc0469 SB |
129 | if [ $? -ne 0 ]; then |
130 | echo "Error: ${SWTPM_CERT} returned error code." | |
131 | exit 1 | |
132 | fi | |
133 | ||
e46a2b66 | 134 | #expecting size to be constant |
cf56d345 | 135 | check_cert_size "${cert}" 1411 |
e46a2b66 SB |
136 | |
137 | # truncate result file | |
138 | #certtool --certificate-info --infile ${cert} | |
139 | echo -n > ${cert} | |
140 | echo "Test 4: OK" |