[swtpm.git] / tests / test_tpm2_ibmtss2

#!/usr/bin/env bash

if [ ${SWTPM_TEST_EXPENSIVE:-0} -eq 0 ]; then
	exit 77
fi

ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
ABSTESTDIR=$(cd ${TESTDIR} &>/dev/null;echo ${PWD})

PATCHESDIR=${ABSTESTDIR}/patches

SWTPM_SERVER_PORT=65426
SWTPM_SERVER_NAME=127.0.0.1
SWTPM_CTRL_PORT=65427
SWTPM_INTERFACE=socket+socket

function cleanup() {
	pid=${SWTPM_PID}
	if [ -n "$pid" ]; then
		kill_quiet -9 $pid
	fi
	if [ -n ${WORKDIR} ]; then
		rm -rf ${WORKDIR}
	fi
}

trap "cleanup" EXIT

source ${TESTDIR}/common
WORKDIR=$(mktemp -d)

REGLOG=${WORKDIR}/reglog

SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm ${SWTPM_INTERFACE} \
	--tpm2 \
	--tpmstate dir=${WORKDIR} \
	--flags not-need-init

pushd ${WORKDIR} &>/dev/null

git clone https://git.code.sf.net/p/ibmtpm20tss/tss ibmtpm20tss-tss

pushd ibmtpm20tss-tss &>/dev/null

git checkout tags/v1.6.0
if [ $? -ne 0 ]; then
	echo "'Git checkout' failed."
	exit 1
fi

# A v1.6.0 bug work-around:
# We cannot run the EK certificate tests since rootcerts.txt points to
# files we do not have
git am < ${PATCHESDIR}/0001-Deactivate-test-cases-accessing-rootcerts.txt.patch

# Implement 'powerup' for swtpm
git am < ${PATCHESDIR}/0002-Implement-powerup-for-swtpm.patch

# set CRYPTOLIBRARY=openssl
git am < ${PATCHESDIR}/0003-Set-CRYPTOLIBRARY-to-openssl.patch

# Store volatile state at every step
git am < ${PATCHESDIR}/0004-Store-volatile-state-at-every-step.patch

# Disable 'Events' test
git am < ${PATCHESDIR}/0005-Disable-tests-related-to-events.patch

rsa3072=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 4 |
          sed -n 's/.*"RSAKeySizes":\[\([0-9,]*\)\].*/\1/p' |
          grep 3072)
if [ -z "$rsa3072" ]; then
	echo "Modifying test cases related to RSA 3072 keys."
	git am < ${PATCHESDIR}/0006-Disable-testing-with-RSA-3072.patch
else
	echo "swtpm/libtpms support RSA 3072 bit keys"
fi

# Adjust test suite to TPM 2.0 revision libtpms is implementing
revision=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 1 |
           sed 's/.*,"revision":\([^\}]*\).*/\1/')
echo "Libtpms implements TPM 2.0 revision ${revision}."
if [ $revision -lt 155 ]; then
	echo "Removing revision 155 and later test cases."
	git am < ${PATCHESDIR}/0007-Disable-rev155-test-cases.patch
	git am < ${PATCHESDIR}/0008-Disable-x509-test-cases.patch
	git am < ${PATCHESDIR}/0009-Disable-getcapability-TPM_CAP_ACT.patch
fi

autoreconf --force --install
unset CFLAGS LDFLAGS LIBS
./configure --disable-tpm-1.2
make -j4

pushd utils

export TPM_SERVER_NAME=127.0.0.1
export TPM_INTERFACE_TYPE=socsim
export TPM_COMMAND_PORT=${SWTPM_SERVER_PORT}
export TPM_PLATFORM_PORT=${SWTPM_CTRL_PORT}

export SWTPM_IOCTL

./startup
if [ $? -ne 0 ]; then
	echo "Startup of TPM2 failed"
	exit 1
fi

./reg.sh -a 2>&1 | tee ${REGLOG}

ret=0

if [ -n "$(grep -E "^ ERROR:" ${REGLOG})" ]; then
	echo "There were test failures running the IBM TSS 2 tests"
	grep -E "^ ERROR:" ${REGLOG} -B2 -A2
	ret=1
fi

# Shut down
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	ret=1
fi

if wait_process_gone ${SWTPM_PID} 4; then
	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
	ret=1
fi

popd &>/dev/null
popd &>/dev/null
popd &>/dev/null

[ $ret -eq 0 ] && echo "OK"

exit $ret
Commit	Line	Data
03c7fe45 SB	1	#!/usr/bin/env bash
	2
	3	if [ ${SWTPM_TEST_EXPENSIVE:-0} -eq 0 ]; then
	4	exit 77
	5	fi
	6
	7	ROOT=${abs_top_builddir:-$(pwd)/..}
	8	TESTDIR=${abs_top_testdir:-$(dirname "$0")}
605e823f	9	ABSTESTDIR=$(cd ${TESTDIR} &>/dev/null;echo ${PWD})
03c7fe45	10
e78c9db2 SB	11	PATCHESDIR=${ABSTESTDIR}/patches
e78c9db2 SB	12
03c7fe45	13	SWTPM_SERVER_PORT=65426
3e7555c4	14	SWTPM_SERVER_NAME=127.0.0.1
03c7fe45 SB	15	SWTPM_CTRL_PORT=65427
	16	SWTPM_INTERFACE=socket+socket
	17
	18	function cleanup() {
	19	pid=${SWTPM_PID}
	20	if [ -n "$pid" ]; then
	21	kill_quiet -9 $pid
	22	fi
	23	if [ -n ${WORKDIR} ]; then
	24	rm -rf ${WORKDIR}
	25	fi
	26	}
	27
	28	trap "cleanup" EXIT
	29
	30	source ${TESTDIR}/common
	31	WORKDIR=$(mktemp -d)
	32
	33	REGLOG=${WORKDIR}/reglog
	34
	35	SWTPM_SERVER_NO_DISCONNECT="1" run_swtpm ${SWTPM_INTERFACE} \
	36	--tpm2 \
	37	--tpmstate dir=${WORKDIR} \
	38	--flags not-need-init
	39
	40	pushd ${WORKDIR} &>/dev/null
	41
	42	git clone https://git.code.sf.net/p/ibmtpm20tss/tss ibmtpm20tss-tss
	43
4ba6012c	44	pushd ibmtpm20tss-tss &>/dev/null
03c7fe45	45
4d4d24fb	46	git checkout tags/v1.6.0
03c7fe45 SB	47	if [ $? -ne 0 ]; then
	48	echo "'Git checkout' failed."
	49	exit 1
	50	fi
	51
4d4d24fb	52	# A v1.6.0 bug work-around:
8415d39d SB	53	# We cannot run the EK certificate tests since rootcerts.txt points to
8415d39d SB	54	# files we do not have
e78c9db2	55	git am < ${PATCHESDIR}/0001-Deactivate-test-cases-accessing-rootcerts.txt.patch
8415d39d	56
e78c9db2 SB	57	# Implement 'powerup' for swtpm
e78c9db2 SB	58	git am < ${PATCHESDIR}/0002-Implement-powerup-for-swtpm.patch
4ba6012c	59
e78c9db2 SB	60	# set CRYPTOLIBRARY=openssl
	61	git am < ${PATCHESDIR}/0003-Set-CRYPTOLIBRARY-to-openssl.patch
	62
	63	# Store volatile state at every step
	64	git am < ${PATCHESDIR}/0004-Store-volatile-state-at-every-step.patch
	65
	66	# Disable 'Events' test
	67	git am < ${PATCHESDIR}/0005-Disable-tests-related-to-events.patch
8dc2415d	68
605e823f SB	69	rsa3072=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 4 \|
	70	sed -n 's/."RSAKeySizes":\[\([0-9,]\)\].*/\1/p' \|
	71	grep 3072)
	72	if [ -z "$rsa3072" ]; then
	73	echo "Modifying test cases related to RSA 3072 keys."
e78c9db2	74	git am < ${PATCHESDIR}/0006-Disable-testing-with-RSA-3072.patch
605e823f	75	else
468f7e61	76	echo "swtpm/libtpms support RSA 3072 bit keys"
605e823f SB	77	fi
605e823f SB	78
8dc2415d SB	79	# Adjust test suite to TPM 2.0 revision libtpms is implementing
	80	revision=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 1 \|
	81	sed 's/.,"revision":\([^\}]\).*/\1/')
	82	echo "Libtpms implements TPM 2.0 revision ${revision}."
	83	if [ $revision -lt 155 ]; then
e78c9db2 SB	84	echo "Removing revision 155 and later test cases."
	85	git am < ${PATCHESDIR}/0007-Disable-rev155-test-cases.patch
	86	git am < ${PATCHESDIR}/0008-Disable-x509-test-cases.patch
	87	git am < ${PATCHESDIR}/0009-Disable-getcapability-TPM_CAP_ACT.patch
8dc2415d SB	88	fi
8dc2415d SB	89
e78c9db2 SB	90	autoreconf --force --install
	91	unset CFLAGS LDFLAGS LIBS
	92	./configure --disable-tpm-1.2
	93	make -j4
	94
	95	pushd utils
	96
3e7555c4	97	export TPM_SERVER_NAME=127.0.0.1
a1c9aedd	98	export TPM_INTERFACE_TYPE=socsim
03c7fe45 SB	99	export TPM_COMMAND_PORT=${SWTPM_SERVER_PORT}
	100	export TPM_PLATFORM_PORT=${SWTPM_CTRL_PORT}
	101
	102	export SWTPM_IOCTL
	103
03c7fe45 SB	104	./startup
	105	if [ $? -ne 0 ]; then
	106	echo "Startup of TPM2 failed"
	107	exit 1
	108	fi
	109
	110	./reg.sh -a 2>&1 \| tee ${REGLOG}
	111
	112	ret=0
	113
	114	if [ -n "$(grep -E "^ ERROR:" ${REGLOG})" ]; then
	115	echo "There were test failures running the IBM TSS 2 tests"
	116	grep -E "^ ERROR:" ${REGLOG} -B2 -A2
	117	ret=1
	118	fi
	119
	120	# Shut down
	121	run_swtpm_ioctl ${SWTPM_INTERFACE} -s
	122	if [ $? -ne 0 ]; then
	123	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	124	ret=1
	125	fi
	126
	127	if wait_process_gone ${SWTPM_PID} 4; then
	128	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
	129	ret=1
	130	fi
	131
4ba6012c	132	popd &>/dev/null
03c7fe45 SB	133	popd &>/dev/null
	134	popd &>/dev/null
	135
	136	[ $ret -eq 0 ] && echo "OK"
	137
	138	exit $ret