diff options
| author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2018-02-08 19:26:28 -0800 |
|---|---|---|
| committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2018-02-08 19:42:13 -0800 |
| commit | ae4b8d3c7ca130bb7962954f72ed3a3d97c91fdc (patch) | |
| tree | ba4a24d5a199eed933c55dfe34c09d9f0cd9d9f4 | |
| parent | 7eb529cd013b9c77c962a51e60a4a8502d3eb7c3 (diff) | |
| download | openssl_tpm2_engine-ae4b8d3c7ca130bb7962954f72ed3a3d97c91fdc.tar.gz | |
tests: add prefix change to test_nv_key.sh
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
| -rw-r--r-- | tests/openssl.cnf | 2 | ||||
| -rwxr-xr-x | tests/test_nv_key.sh | 15 |
2 files changed, 15 insertions, 2 deletions
diff --git a/tests/openssl.cnf b/tests/openssl.cnf index 48495a4..22a9332 100644 --- a/tests/openssl.cnf +++ b/tests/openssl.cnf @@ -2,6 +2,7 @@ HOME = . RANDFILE = $ENV::HOME/.rnd openssl_conf = openssl_init SRKPIN = +NVPREFIX = //nvkey: [req] distinguished_name = req_distinguished_name @@ -20,3 +21,4 @@ tpm2 = tpm2_section dynamic_path = $ENV::srcdir/../.libs/libtpm2.so init = 1 PIN = $ENV::SRKPIN +NVPREFIX = $ENV::NVPREFIX diff --git a/tests/test_nv_key.sh b/tests/test_nv_key.sh index 8be0633..298284c 100755 --- a/tests/test_nv_key.sh +++ b/tests/test_nv_key.sh @@ -34,15 +34,26 @@ echo "This is an internal key message" | openssl rsautl -sign -passin pass:${aut openssl rsautl -verify -in tmp.msg -inkey key1.pub -pubin || exit 1 tssevictcontrol -hi o -hp ${nvkey} -ho ${nvkey} -# and finally password plus DA implications +# password plus DA implications tsscreate -rsa -gp -hp 81000001 -pwdk ${auth} -da -opr key.tpmpriv -opu key.tpmpub || exit 1 key=$(tssload -hp 81000001 -ipu key.tpmpub -ipr key.tpmpriv|sed 's/Handle //') || exit 1 tssevictcontrol -hi o -ho ${key} -hp ${nvkey} || exit 1 tssflushcontext -ha ${key} - openssl rsa -engine tpm2 -inform engine -passin pass:${auth} -in //nvkey:${nvkey} -pubout -out key1.pub || exit 1 echo "This is an internal key message" | openssl rsautl -sign -passin pass:${auth} -engine tpm2 -engine tpm2 -keyform engine -inkey //nvkey:${nvkey} -out tmp.msg || exit 1 openssl rsautl -verify -in tmp.msg -inkey key1.pub -pubin || exit 1 tssevictcontrol -hi o -hp ${nvkey} -ho ${nvkey} +# try with a different nvprefix +tsscreate -rsa -gp -hp 81000001 -opr key.tpmpriv -opu key.tpmpub || exit 1 +key=$(tssload -hp 81000001 -ipu key.tpmpub -ipr key.tpmpriv|sed 's/Handle //') || exit 1 +tssevictcontrol -hi o -ho ${key} -hp ${nvkey} || exit 1 +tssflushcontext -ha ${key} + +openssl rsa -engine tpm2 -inform engine -passin pass:${auth} -in //nvkey:${nvkey} -pubout -out key1.pub || exit 1 +export NVPREFIX="wibble:" +echo "This is an internal key message" | openssl rsautl -sign -passin pass:${auth} -engine tpm2 -engine tpm2 -keyform engine -inkey ${NVPREFIX}${nvkey} -out tmp.msg || exit 1 +openssl rsautl -verify -in tmp.msg -inkey key1.pub -pubin || exit 1 +tssevictcontrol -hi o -hp ${nvkey} -ho ${nvkey} + exit 0 |