exit 77
fi
+if [ -z "$(type openssl)" ]; then
+ echo "Openssl command line tool is required."
+ exit 1
+fi
+
ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}
+ABSTESTDIR=$(cd ${TESTDIR} &>/dev/null;echo ${PWD})
+
+PATCHESDIR=${ABSTESTDIR}/patches
SWTPM_SERVER_PORT=65426
SWTPM_SERVER_NAME=127.0.0.1
trap "cleanup" EXIT
source ${TESTDIR}/common
-WORKDIR=$(mktemp -d)
+skip_test_no_tpm20 "${SWTPM_EXE}"
+
+WORKDIR="$(mktemp -d)" || exit 1
REGLOG=${WORKDIR}/reglog
pushd ibmtpm20tss-tss &>/dev/null
-git checkout tags/v1.4.0
+git checkout tags/v1.6.0
if [ $? -ne 0 ]; then
echo "'Git checkout' failed."
exit 1
fi
-# A v1.4.0 bug work-around:
-pushd utils/regtests &>/dev/null
+# To be able to apply the patches we need to to set some variables
+# for user that don't have this set up properly
+git config --local user.name test
+git config --local user.email test@test.test
+
+# A v1.6.0 bug work-around:
# We cannot run the EK certificate tests since rootcerts.txt points to
# files we do not have
-sed -i "133s/./\#\0/" testcredential.sh
-sed -i "134s/./\#\0/" testcredential.sh
-sed -i "135s/./\#\0/" testcredential.sh
-popd &>/dev/null
+git am < ${PATCHESDIR}/0001-Deactivate-test-cases-accessing-rootcerts.txt.patch
-autoreconf --force --install
-unset CFLAGS LDFLAGS LIBS
-./configure --disable-tpm-1.2
-make -j4
+# Implement 'powerup' for swtpm
+git am < ${PATCHESDIR}/0002-Implement-powerup-for-swtpm.patch
-pushd utils
+# set CRYPTOLIBRARY=openssl
+git am < ${PATCHESDIR}/0003-Set-CRYPTOLIBRARY-to-openssl.patch
+
+# Store and restore volatile state at every step
+git am < ${PATCHESDIR}/0004-Store-and-restore-volatile-state-at-every-step.patch
-sed -i 's/export CRYPTOLIBRARY.*/export CRYPTOLIBRARY=openssl/' reg.sh
+# Disable 'Events' test
+git am < ${PATCHESDIR}/0005-Disable-tests-related-to-events.patch
+
+rsa3072=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 4 |
+ sed -n 's/.*"RSAKeySizes":\[\([0-9,]*\)\].*/\1/p' |
+ grep 3072)
+if [ -z "$rsa3072" ]; then
+ echo "Modifying test cases related to RSA 3072 keys."
+ git am < ${PATCHESDIR}/0006-Disable-testing-with-RSA-3072.patch
+else
+ echo "swtpm/libtpms support RSA 3072 bit keys"
+fi
# Adjust test suite to TPM 2.0 revision libtpms is implementing
revision=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --info 1 |
sed 's/.*,"revision":\([^\}]*\).*/\1/')
echo "Libtpms implements TPM 2.0 revision ${revision}."
if [ $revision -lt 155 ]; then
- echo "Removing revision 155 test cases."
- for t in regtests/testattest155.sh regtests/testx509.sh
- do
- rm "${t}"
- touch "${t}"
- chmod 777 "${t}"
- done
+ echo "Removing revision 155 and later test cases."
+ git am < ${PATCHESDIR}/0007-Disable-rev155-test-cases.patch
+ git am < ${PATCHESDIR}/0008-Disable-x509-test-cases.patch
+ git am < ${PATCHESDIR}/0009-Disable-getcapability-TPM_CAP_ACT.patch
fi
-# libtpms may at some revision start supporting RSA 3072 keys...
-if [ $revision -gt 0 ]; then
- pushd regtests &>/dev/null
-
- echo "Modifying test cases related to RSA 3072 keys."
- # We do not support 3072 bit RSA keys at this point, so eliminate all 3072
- # RSA key tests
- for f in initkeys.sh testrsa.sh testsign.sh; do
- sed -i "s| 3072||" "${f}"
- done
+if [ -n "$(openssl version | grep -E "^OpenSSL 3")" ]; then
+ git am < ${PATCHESDIR}/0010-Adjust-test-cases-for-OpenSSL-3.patch
+fi
- sed -i "s| \"-rsa 3072\"||" testsalt.sh
+autoreconf --force --install
+unset CFLAGS LDFLAGS LIBS
+./configure --disable-tpm-1.2
+make -j4
- popd &>/dev/null
-fi
+pushd utils
export TPM_SERVER_NAME=127.0.0.1
export TPM_INTERFACE_TYPE=socsim
export SWTPM_IOCTL
-cat <<_EOF_ > powerup
-#!/usr/bin/env bash
-\${SWTPM_IOCTL} -i --tcp \${TPM_SERVER_NAME}:\${TPM_PLATFORM_PORT}
-exit \$?
-_EOF_
-chmod 755 powerup
-
./startup
if [ $? -ne 0 ]; then
echo "Startup of TPM2 failed"
[ $ret -eq 0 ] && echo "OK"
-exit $ret
\ No newline at end of file
+exit $ret