3 # For the license, see the LICENSE file in the root directory.
5 ROOT
=${abs_top_builddir:-$(dirname "$0")/..}
6 TESTDIR
=${abs_top_testdir:-$(dirname "$0")}
8 SWTPM_CERT
=${SWTPM_CERT:-${ROOT}/src/swtpm_cert/swtpm_cert}
10 cert
="$(mktemp)" ||
exit 1
12 trap "cleanup" SIGTERM EXIT
20 function check_cert_size
()
25 # Unfortunately different GnuTLS versions may create certs of different
26 # sizes; deactivate this test for now
29 local size
=$
(stat
-c%s
${cert} 2>/dev
/null
)
30 if [ $size -ne $exp ]; then
31 echo "Warning: Certificate file has unexpected size."
32 echo " Expected: $exp; found: $size"
38 --signkey ${TESTDIR}/data
/signkey.pem \
39 --issuercert ${TESTDIR}/data
/issuercert.pem \
41 --ecc-x 61eaf811ea582656ca2a835dd1b9cd63eb196d7ff62711d6e9b8f85e580a47ca \
42 --ecc-y a51efdc71fd6c791a24a75beb50526aa81b44cc598e65b2d5e116084aea4cb5b \
45 --tpm-manufacturer IBM
--tpm-model swtpm-libtpms
--tpm-version 2.0 \
46 --tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0
49 echo "Error: ${SWTPM_CERT} returned error code."
53 #expecting size to be constant
54 check_cert_size
"{$cert}" 948
56 #certtool --certificate-info --infile ${cert}
57 #openssl x509 -in ${cert} -text
59 # truncate result file
65 --signkey ${TESTDIR}/data
/signkey.pem \
66 --issuercert ${TESTDIR}/data
/issuercert.pem \
68 --ecc-x 61eaf811ea582656ca2a835dd1b9cd63eb196d7ff62711d6e9b8f85e580a47ca \
69 --ecc-y a51efdc71fd6c791a24a75beb50526aa81b44cc598e65b2d5e116084aea4cb5b \
71 --subject "OU=foo,L=NewYork,ST=NY,C=US" \
73 --tpm-manufacturer IBM
--tpm-model swtpm-libtpms
--tpm-version 1.2 \
74 --tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0
77 echo "Error: ${SWTPM_CERT} returned error code."
81 #expecting size to be constant
82 check_cert_size
"{$cert}" 1025
84 # truncate result file
90 --signkey ${TESTDIR}/data
/signkey.pem \
91 --issuercert ${TESTDIR}/data
/issuercert.pem \
93 --pubkey ${TESTDIR}/data
/ecpubek.pem \
95 --subject "OU=foo,L=NewYork,ST=NY,C=US" \
97 --tpm-manufacturer IBM
--tpm-model swtpm-libtpms
--tpm-version 1.2 \
98 --tpm-spec-family 2.0 --tpm-spec-revision 146 --tpm-spec-level 0
100 if [ $?
-ne 0 ]; then
101 echo "Error: ${SWTPM_CERT} returned error code."
105 #expecting size to be constant
106 check_cert_size
"{$cert}" 1025
108 # truncate result file
109 #certtool --certificate-info --infile ${cert}
114 ###################### Platform Certificate #####################
119 --signkey ${TESTDIR}/data
/signkey.pem \
120 --issuercert ${TESTDIR}/data
/issuercert.pem \
121 --pubkey ${TESTDIR}/data
/ecpubek.pem \
124 --subject "OU=foo,L=NewYork,ST=NY,C=US" \
126 --tpm-manufacturer IBM
--tpm-model swtpm-libtpms
--tpm-version 1.2 \
127 --platform-manufacturer Fedora \
128 --platform-model QEMU \
129 --platform-version 2.1
131 if [ $?
-ne 0 ]; then
132 echo "Error: ${SWTPM_CERT} returned error code."
136 #expecting size to be constant
137 check_cert_size
"{$cert}" 1070
139 # truncate result file
140 #certtool --certificate-info --infile ${cert}