diff options
| author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2019-12-29 11:31:12 -0800 |
|---|---|---|
| committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2019-12-29 11:31:12 -0800 |
| commit | 366b9280b5652fbbfe89577f1a5c9dbf396c2e4a (patch) | |
| tree | c96ee867c9727a6c6772e84773a47a187d12b779 | |
| parent | 65b8f4a2da3b56f2079955b457e1616442e454e7 (diff) | |
| download | openssl_tpm2_engine-366b9280b5652fbbfe89577f1a5c9dbf396c2e4a.tar.gz | |
load_tpm2_key: add a test for loading importable keys
Now that the file and key loading is done in common code, test that
loading of importable keys actually works.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
| -rwxr-xr-x | tests/check_importable.sh | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/tests/check_importable.sh b/tests/check_importable.sh index 36ebe01..9725872 100755 --- a/tests/check_importable.sh +++ b/tests/check_importable.sh @@ -12,6 +12,12 @@ ${bindir}/create_tpm2_key --import srk.pub --wrap key.priv -a -k passw0rd key.tp openssl req -new -x509 -subj '/CN=test/' -key key.tpm -passin pass:passw0rd -engine tpm2 -keyform engine -out tmp.crt || exit 1 openssl verify -CAfile tmp.crt -check_ss_sig tmp.crt || exit 1 +# Check the loadability of an importable key +NV=81000201 +${bindir}/load_tpm2_key key.tpm ${NV} || exit 1 +openssl req -new -x509 -subj '/CN=test/' -key //nvkey:${NV} -passin pass:passw0rd -engine tpm2 -keyform engine -out tmp.crt || exit 1 +openssl verify -CAfile tmp.crt -check_ss_sig tmp.crt || exit 1 + #check an RSA key with a cert and policy openssl genrsa 2048 > key.priv || exit 1 ${bindir}/create_tpm2_key --import srk.pub --wrap key.priv -a -k passw0rd -c policies/policy_authvalue.txt key.tpm || exit 1 |