Stefan Berger [Thu, 30 Apr 2020 05:41:13 +0000 (01:41 -0400)]
swtpm_setup: Create RSA 2048 and ECC NIST P256 keys and certs
Following "TCG PC Client Platform TPM Profile Specification for
TPM 2.0, version 1.04, Rev 37" create and RSA and an ECC NIST P256
key now. We will upgrade the ECC NIST key to P384 in the next
step.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Wed, 29 Apr 2020 20:58:00 +0000 (16:58 -0400)]
swtpm_setup: Pass the ECC curve id and hash alg. into functions
Pass the ECC curve id and hash algorithm and the ECC_NONCE to the
function creating the ECC keys rather than hard coding them. Rename
the functions that create the NIST_P256 ECC keys to have _nist_p256
suffix in the name.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Sat, 25 Apr 2020 16:07:22 +0000 (12:07 -0400)]
tests: Pass -pc 80 to tssgetcapability to see all 65 handles
tssgetcapability only retrieves a maximum of 64 handles by default.
However, there are 65 persisted keys. Pass -pc 80 to the command to
see all 65 Handles.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 23 Apr 2020 00:55:15 +0000 (20:55 -0400)]
tests: Add test case for loading of an NVRAM completely full with keys
Add a test case that fills up the NVRAM area with as many persisted keys
as possible and then fills up the rest with an NVRAM index so that all
space is occupied. We have to be able to load this state again into the
NVRAM once the OBJECT's size increases due to RSA keys size increase,
which must have us increase the total size of NVRAM in libtpm's TPM profile.
The state in tests/data/tpm2state5/tpm2-00.permall was created using
libtpms 0.6.0, where only 2048 bit keys were supported and total NVRAM size
was 128kb. This state file should never be changed and always be loadable
into a current libtpms. In its USER NVRAM it holds 64 persisted 2048 bit
keys and an NVRAM index with 236 bytes. For this to stay the reference
NVRAM, we need to make sure that it fits exactly to the byte.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Fri, 24 Apr 2020 15:17:54 +0000 (11:17 -0400)]
tests: Repeat download of TPM 1.2 test suite with random wait intervals
Sometimes the download of the TPM 1.2 test suite from sourceforge
fails. So retry up to 3 times and wait a random seconds in the interval
of [3..10] before retrying.
Check the hash of the file we downloaded to make sure we get what we
expected.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
It's not necessary anymore to #include <seccomp.h> from the main programs.
Once removed, it also fixes the build on SuSE where seccomp.h is in
seccomp/seccomp.h and we didn't use the LIBSECCOMP_CFLAGS for swtpm.c etc.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Tue, 30 Oct 2018 02:02:06 +0000 (22:02 -0400)]
samples: Extend script to create a CA using a TPM 2 for signing
Extend the script that creates a CA that uses a TPM 2 for signing.
For this we have to create tokens using the TPM 2 pkcs11 module's
tpm2_ptool and can then use the p11tool for creating keys.
Add a test case that requires a running tpm2-abrmd and tpm2_ptool.
Eventually the test case should (try to) start its own tpm2-abrmd
and talk to swtpm directly but the tcti module to do that isn't
available as a package, yet.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Sun, 12 Apr 2020 00:19:12 +0000 (20:19 -0400)]
swtpm: Address cygwin compilation warning
Compilation on cygwin reports the following issue:
In file included from key.c:43:
key.c: In function ‘key_stream_to_bin’:
key.c:135:26: error: array subscript has type ‘char’ [-Werror=char-subscripts]
135 | !isspace(input[digits]) &&
| ~~~~~^~~~~~~~
key.c:143:40: error: array subscript has type ‘char’ [-Werror=char-subscripts]
143 | if (input[digits] && !isspace(input[digits]))
| ~~~~~^~~~~~~~
Address the issue using an explicit cast of char to int.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 9 Apr 2020 22:54:37 +0000 (18:54 -0400)]
tests: Modify test to create 2 orderly indices
Modify the test_tpm2_save_load_state_3 to create 2 orderly NVRAM indices
in the first two locations. Those indices will be cleared by a reset
of the TPM and therefore cannot be read once the TPM 2 restarts after
the reset. This also provides better test coverage.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 9 Apr 2020 16:50:03 +0000 (12:50 -0400)]
tests: Change localhost to 127.0.0.1 or explicityly set 127.0.0.1
To make the test cases work on Travis on Bionic replace all occurrences of
localhost with 127.0.0.1. The only affected client tools seem to be those
related to the TPM 1.2 and the IBM TSS2. For some reason the API used
there cannot resolve localhost to 127.0.0.1.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 9 Apr 2020 22:18:00 +0000 (18:18 -0400)]
swtpm_setup: Explicitly set TCSD_TCP_DEVICE_HOSTNAME=127.0.0.1
To make swtpm_setup.sh work on Travis on Bionic we need to
explicitly set TCSD_TCP_DEVICE_HOSTAME=127.0.0.1 since lookup
of localhost (with the API the tcsd is using) does not work.
It doesn't negatively affect any other use case, so no problem
setting it.
Also replace localhost in the bash tcp device path with 127.0.0.1.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Tue, 7 Apr 2020 19:30:25 +0000 (15:30 -0400)]
tests: Better detect a 32 bit TPM for the TPM2 derived keys test
The simplest way to detect whether SWTPM_EXE is a 64 bit application on
Linux is to check whether it links against any library in a */lib64/*
directory and only if this is the case we run a particular test case for
which we know what keys 64 bit TPMs are producing given a pre-created
state.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Fri, 6 Mar 2020 15:16:33 +0000 (10:16 -0500)]
swtpm: Fix vtpm proxy case without startup flags
'swtpm chardev --vptm-proxy' currently requires a '--flag startup-xyz'
to be passed since otherwise the need_init_cmd variable would not be
set to false and swtpm would terminate after sending the startup
command. To maintain backwards compatibility we have to always
set the need_init_cmd variable to false for the --vtpm-proxy case
and must not require a startup flag to be passed.
Roll back one of the test case to not use the startup flag.
Stefan Berger [Fri, 7 Feb 2020 15:32:04 +0000 (10:32 -0500)]
tests: Adjust tests to use new startup options
Adjust the vtpm proxy test case and others to make use of the new
startup options. Make sure that subsequent Startups sent to the
TPM fail with the expected error code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Fri, 7 Feb 2020 15:19:33 +0000 (10:19 -0500)]
swtpm: Enable sending startup commands before processing commands
The vtpm proxy device requires that the TPM be 'Startup' otherwise it
fails sending the first command to it and will send the 'Startup'
(SU_CLEAR/TPM_ST_CLEAR) itself while adding a log entry. We want to
avoid the kernel log entry.
Add options to the existing --flags option that allows one to start
up the TPM 1.2 or TPM 2.0 with the startup types 'clear', 'state'
and 'deactivate' (TPM 1.2 only). Extend the --print-capabilities to
advertise the availability of these options with the string
'flags-opt-startup'.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Sun, 26 Jan 2020 03:31:08 +0000 (22:31 -0500)]
swtpm_cert: Allow passing signing key and parent key via new option
Allow passing signing key and parent key via files and file descriptors
and environment variables. Adapt a test case to exercise this new
functionality.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Fri, 24 Jan 2020 14:12:33 +0000 (09:12 -0500)]
swtpm_setup: Enable spaces in paths and other variables
This patch addresses several issues found with shellcheck. In particular
it now enables variables with spaces in them, such as file paths that
contain spaces.
Adjust one of the accompanying test cases to use spaces in the path.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Fri, 24 Jan 2020 14:11:33 +0000 (09:11 -0500)]
samples: Protect variables with quotes and address shellcheck issues
Protect variables with quotes so that pathnames with spaces are now
supported.
Adjust the accompanying test case to make use of spaces in file paths.
Address several issues found by shellcheck. Some of them are false
positives especially when it comes to protecting variables passed
to a commaned in an 'eval' line. They must not be protected, otherwise
they are not passed correctly.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Fri, 17 Jan 2020 21:08:45 +0000 (16:08 -0500)]
swtpm_setup: Do not fail on future PCR banks' hashes
swtpm_setup will fail once libtpms starts supporting other PCR
hash banks than sha1, sha256, sha384, sha512, and sm3-256. So,
this patch allows to choose active PCR banks of the SHA3 series.
Further, unknown hash banks will not fail the tool anymore when
it tries to determine which hash banks are supported by the TPM
since it will then add the hex number of the hash algorithm to
the collection of supported hashes.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Wed, 15 Jan 2020 01:29:49 +0000 (20:29 -0500)]
tests: Allow seccomp override w/ SWTPM_TEST_SECCOMP_OPT env var
The Ubuntu (PPA) build system executes the build on an environment that
has problems with seccomp profiles. It does not allow us to run the test
suite with swtpm applying its seccomp profile since it fails with a
'bad system call' error. To work around this we introduce the env. variable
SWTPM_TEST_SECCOMP_OPT that we can set to "--seccomp action=none" to avoid
having swtpm apply it seccomp profile.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 9 Jan 2020 23:42:57 +0000 (18:42 -0500)]
tests: Wait for PID file rather than reading it right away
Wait for the PID file to appear rather than reading it right away.
This addresses an issue when runnin the test suite under valgrind
(make -j $(nproc) check).
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 9 Jan 2020 21:48:30 +0000 (16:48 -0500)]
swtpm_setup: Use 1st part of SWTPM_EXE/SWTPM_IOCTL to determine executable
Search for the SWTPM_EXE / SWTPM_IOCTL executable using 'type -P' to
determine whether it is an executable rather than assuming a full path
is given on which we can check -x.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 9 Jan 2020 21:36:35 +0000 (16:36 -0500)]
tests: delay reading of pidfile if found empty
Delay the reading of the PID file if it is found to be empty.
This can happend if swtpm is run by valgrind.
Also, use the passed parameters rather than the global ones to check
the PID file contents against the expected pid. So far this worked
because PID and PID_FILE were variables used by every caller.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 9 Jan 2020 19:57:01 +0000 (14:57 -0500)]
tests: Adjust timeouts for running executables with valgrind
When running the TPM 1.2 vtpm_proxy test cases by launching the
swtpm with valgrind it may take a long time for the log to be
written and the device to appear. This is due to the self test
of the TPM 1.2 taking a while. So we need to move the reading
of the device into a loop and set the timeout of the loop to 10s
so that it passed under these circumstances.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Wed, 8 Jan 2020 19:52:20 +0000 (14:52 -0500)]
swtpm_setup: Keep reserved range of file descriptors for swtpm_setup.sh
swtpm_setup.sh uses file descriptor 100 for 'exec 100 <> ...'.
So we have to make sure that the file descriptor inherited from
the caller of swtpm_setup does not overlap with a reserved range
to be used by swtpm_setup.sh, which we declare to be [100..109].
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Tue, 7 Jan 2020 15:51:49 +0000 (10:51 -0500)]
swtpm: Add --print-capabilities to help screen of 'swtpm chardev'
The --print-capabilities is missing in the 'swtpm chardev' help screen
but the code is there to interpret the command line flag. This patch
adds the missing lines to the help screen.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 26 Dec 2019 04:38:51 +0000 (23:38 -0500)]
tests: Fix key derivation TDES test cases to actually create TDES keys
The byte stream contained the TDES identifier at the wrong position,
so no TDES key was created. This patch fixes this but needs an update
to libtpms since some unmarshalling/marshaling code related to TDES
was missing there as well.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Tue, 18 Jun 2019 20:23:12 +0000 (16:23 -0400)]
tests: Add test cases for new CrytpAdjustPrimeCandidate algo
Extend the existing key derivation test case for TPM 2 with test cases
that use a newer TPM 2 state where we now exercise the new
CryptAdjustPrimeCandidate algorithm that produces the same results on
big and little enidan 32 bit and 64 bit machines. This newer algorithm
is available in libtpms with revision 155 of the TPM 2 code.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Sat, 21 Dec 2019 00:06:06 +0000 (19:06 -0500)]
tests: Have IBM TSS2 test case use tags/v1.3.0 of the TPM 2.0 TSS repo
Use v1.3.0 of the IBM TSS 2.0 repo.
Depending on the revision that libtpms implements, some test cases have to be
replaced with empty files.
The test suite now works with the libtpms stable-0.6.0 and stable-0.7.0
branches. A patch fixing an NV PIN issue needed to be applied to those
branches.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Mon, 18 Nov 2019 12:00:36 +0000 (07:00 -0500)]
tests: Protect variable with executable with quotes
The test_print_capability is failing if SWTPM_EXE is for example
holding more than one parameter like 'valgrind ... /bin/swtpm' since the
variable was not protected with quotes. This patch fixes this.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Tue, 22 Oct 2019 15:06:32 +0000 (11:06 -0400)]
swtpm_cert: Use gnutls_x509_crt_get_subject_key_id API call for subj keyId
Use the gnutls_x509_crt_get_subject_key_id() API call to get the subject
key ID of the signer's certificate rather than gnutls_x509_crt_get_key_id().
The latter returns the same result most of the time but there are instances
when this is not the case and the returned result is wrong.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Thu, 8 Aug 2019 10:47:24 +0000 (06:47 -0400)]
tests: Skip seccomp check if env. sets up seccomp profile
If the test environment is running in a seccomp profile do not check
that the seccomp profile of the swtpm process runs with the action
provided in --seccomp action=... since the environment may override
this.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Tue, 23 Jul 2019 12:09:11 +0000 (08:09 -0400)]
swtpm: Use writev_full rather than writev; fixes --vtpm-proxy EIO error
We have to use writev_full() when --vtpm-proxy is used since writev()
does not seem to work and we get an EIO error. writev_full() uses write(),
so we can use it.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Stefan Berger [Sat, 13 Jul 2019 20:54:59 +0000 (16:54 -0400)]
Travis: Only clone libtpms if libtpms dir does not exist
Only build the libtpms dir if it doesn't exist. When we do a Coverity
scan build it looks like we are now running the script afterwards as
well and this creates a build failure due to the 2nd clone.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>