diff options
author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2023-03-17 11:56:11 -0400 |
---|---|---|
committer | James Bottomley <James.Bottomley@HansenPartnership.com> | 2023-03-22 22:59:44 -0400 |
commit | e718104c9aaf79c192cccd6f2cdfd56875145797 (patch) | |
tree | 2b8abc36c724e0c10f77133ad2a0a309c4e61cb4 | |
parent | 184d8dda5c317536ab40ec90b008849c23c67246 (diff) | |
download | openssl_tpm2_engine-e718104c9aaf79c192cccd6f2cdfd56875145797.tar.gz |
tests: add provider tests
Gate tests on openssl3, but re-run all the engine tests (except the
dynamic engine one) using the provider.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
-rw-r--r-- | Makefile.am | 1 | ||||
-rw-r--r-- | configure.ac | 1 | ||||
-rw-r--r-- | tests/provider/Makefile.am | 60 | ||||
-rw-r--r-- | tests/provider/openssl.cnf | 22 |
4 files changed, 84 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am index 87ed76c..0e6450c 100644 --- a/Makefile.am +++ b/Makefile.am @@ -7,3 +7,4 @@ SUBDIRS += src/tools SUBDIRS += src/opensslmissing SUBDIRS += src/provider SUBDIRS += tests/engine +SUBDIRS += tests/provider diff --git a/configure.ac b/configure.ac index c3e0291..69c2a38 100644 --- a/configure.ac +++ b/configure.ac @@ -167,6 +167,7 @@ AC_SUBST(testtpm) AC_OUTPUT([Makefile tests/engine/Makefile + tests/provider/Makefile doc/Makefile src/libcommon/Makefile src/opensslmissing/Makefile diff --git a/tests/provider/Makefile.am b/tests/provider/Makefile.am new file mode 100644 index 0000000..5b54580 --- /dev/null +++ b/tests/provider/Makefile.am @@ -0,0 +1,60 @@ +if HAVE_OPENSSL3 + +TESTS = ../fail_connect.sh +TESTS += ../start_sw_tpm.sh +if HAVE_IBM_TSS +TESTS += ../check_tpm_directory.sh +endif +TESTS += ../check_curves.sh \ + ../create_tpm_key.sh \ + ../create_tpm_key_auth.sh \ + ../check_auth.sh \ + ../wrap_tpm_key.sh \ + ../check_wrap_auth.sh \ + ../check_old_keys.sh \ + ../check_der.sh \ + ../create_ecc.sh \ + ../create_nonopenssl_ecc.sh \ + ../wrap_ecc.sh \ + ../wrap_generic_ecc.sh \ + ../wrap_pkcs12.sh \ + ../derive_ecc.sh \ + ../create_non_tpm_keys.sh \ + ../da_check.sh \ + ../test_nv_key.sh \ + ../check_enhanced_auth.sh \ + ../check_counter_timer.sh \ + ../check_importable.sh \ + ../check_rsa_oaep_pss.sh \ + ../restricted_parent.sh \ + ../seal_unseal.sh \ + ../check_signed_policies.sh \ + ../stop_sw_tpm.sh + +fail_connect.sh: tpm_server_found + +tpm_server_found: + @if [ -z "$(testtpm)" ]; then echo "ERROR: Can't run tests, no tpm server is found"; exit 1; fi + +AM_TESTS_ENVIRONMENT = TPM_INTERFACE_TYPE=socsim; export TPM_INTERFACE_TYPE; \ + srcdir=$(abs_srcdir); export srcdir; \ + bindir=$(abs_srcdir)/../../src/tools; export bindir; \ + testdir=$(abs_srcdir)/..; export testdir; \ + OPENSSL_CONF=$(abs_srcdir)/openssl.cnf; export OPENSSL_CONF; \ + TPMSERVER=$(TPMSERVER); export TPMSERVER; \ + TSSTYPE=@TSSTYPE@; export TSSTYPE; \ + SWTPM=$(SWTPM); export SWTPM; \ + SWTPM_IOCTL=$(SWTPM_IOCTL); export SWTPM_IOCTL; \ + ENGINE="-provider default -provider-path $(abs_srcdir)/../../src/provider/.libs -provider libtpm2"; export ENGINE; \ + INFORM=""; export INFORM; \ + KEYFORM=""; export KEYFORM; \ + CAKEYFORM=""; export CAKEYFORM; + +endif + +TEST_EXTENSIONS = .sh + +CLEANFILES = key*.tpm key*.pub key*.priv tmp.* NVChip h*.bin key*.der seal.* fifo tss2.* +clean-local: + rm -fr testdir + diff --git a/tests/provider/openssl.cnf b/tests/provider/openssl.cnf new file mode 100644 index 0000000..276ed09 --- /dev/null +++ b/tests/provider/openssl.cnf @@ -0,0 +1,22 @@ +HOME = . +RANDFILE = $ENV::HOME/.rnd +openssl_conf = openssl_init +SRKPIN = +NVPREFIX = //nvkey: + +[req] +distinguished_name = req_distinguished_name + +[req_distinguished_name] +commonName = Common Name +commonName_max = 64 + +[openssl_init] +providers = providers_section + +[providers_section] +libtpm2 = libtpm2_section + +[libtpm2_section] +PIN = $ENV::SRKPIN +NVPREFIX = $ENV::NVPREFIX |