tests: add provider tests

Gate tests on openssl3, but re-run all the engine tests (except the
dynamic engine one) using the provider.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>

4 files changed, 84 insertions, 0 deletions

diff --git a/Makefile.am b/Makefile.am
index 87ed76c..0e6450c 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -7,3 +7,4 @@ SUBDIRS += src/tools
 SUBDIRS += src/opensslmissing
 SUBDIRS += src/provider
 SUBDIRS += tests/engine
+SUBDIRS += tests/provider
diff --git a/configure.ac b/configure.ac
index c3e0291..69c2a38 100644
--- a/configure.ac
+++ b/configure.ac
@@ -167,6 +167,7 @@ AC_SUBST(testtpm)
 
 AC_OUTPUT([Makefile
 	   tests/engine/Makefile
+	   tests/provider/Makefile
 	   doc/Makefile
 	   src/libcommon/Makefile
 	   src/opensslmissing/Makefile
diff --git a/tests/provider/Makefile.am b/tests/provider/Makefile.am
new file mode 100644
index 0000000..5b54580
--- /dev/null
+++ b/tests/provider/Makefile.am
@@ -0,0 +1,60 @@
+if HAVE_OPENSSL3
+
+TESTS = ../fail_connect.sh
+TESTS += ../start_sw_tpm.sh
+if HAVE_IBM_TSS
+TESTS += ../check_tpm_directory.sh
+endif
+TESTS += ../check_curves.sh \
+	../create_tpm_key.sh \
+	../create_tpm_key_auth.sh \
+	../check_auth.sh \
+	../wrap_tpm_key.sh \
+	../check_wrap_auth.sh \
+	../check_old_keys.sh \
+	../check_der.sh \
+	../create_ecc.sh \
+	../create_nonopenssl_ecc.sh \
+	../wrap_ecc.sh \
+	../wrap_generic_ecc.sh \
+	../wrap_pkcs12.sh \
+	../derive_ecc.sh \
+	../create_non_tpm_keys.sh \
+	../da_check.sh \
+	../test_nv_key.sh \
+	../check_enhanced_auth.sh \
+	../check_counter_timer.sh \
+	../check_importable.sh \
+	../check_rsa_oaep_pss.sh \
+	../restricted_parent.sh \
+	../seal_unseal.sh \
+	../check_signed_policies.sh \
+	../stop_sw_tpm.sh
+
+fail_connect.sh: tpm_server_found
+
+tpm_server_found:
+	@if [ -z "$(testtpm)" ]; then echo "ERROR: Can't run tests, no tpm server is found"; exit 1; fi
+
+AM_TESTS_ENVIRONMENT = TPM_INTERFACE_TYPE=socsim; export TPM_INTERFACE_TYPE; \
+	srcdir=$(abs_srcdir); export srcdir; \
+	bindir=$(abs_srcdir)/../../src/tools; export bindir; \
+	testdir=$(abs_srcdir)/..; export testdir; \
+	OPENSSL_CONF=$(abs_srcdir)/openssl.cnf; export OPENSSL_CONF; \
+	TPMSERVER=$(TPMSERVER); export TPMSERVER; \
+	TSSTYPE=@TSSTYPE@; export TSSTYPE; \
+	SWTPM=$(SWTPM); export SWTPM; \
+	SWTPM_IOCTL=$(SWTPM_IOCTL); export SWTPM_IOCTL; \
+	ENGINE="-provider default -provider-path $(abs_srcdir)/../../src/provider/.libs -provider libtpm2"; export ENGINE; \
+	INFORM=""; export INFORM; \
+	KEYFORM=""; export KEYFORM; \
+	CAKEYFORM=""; export CAKEYFORM;
+
+endif
+
+TEST_EXTENSIONS = .sh
+
+CLEANFILES = key*.tpm key*.pub key*.priv tmp.* NVChip h*.bin key*.der seal.* fifo tss2.*
+clean-local:
+	rm -fr testdir
+
diff --git a/tests/provider/openssl.cnf b/tests/provider/openssl.cnf
new file mode 100644
index 0000000..276ed09
--- /dev/null
+++ b/tests/provider/openssl.cnf
@@ -0,0 +1,22 @@
+HOME		= .
+RANDFILE	= $ENV::HOME/.rnd
+openssl_conf	= openssl_init
+SRKPIN		=
+NVPREFIX	= //nvkey:
+
+[req]
+distinguished_name = req_distinguished_name
+
+[req_distinguished_name]
+commonName	= Common Name
+commonName_max	= 64
+
+[openssl_init]
+providers	= providers_section
+
+[providers_section]
+libtpm2		= libtpm2_section
+
+[libtpm2_section]
+PIN		= $ENV::SRKPIN
+NVPREFIX	= $ENV::NVPREFIX