| Age | Commit message (Collapse) | Author |
|---|
|
Adding a test for command decrypt and response encrypt session flags that are
set in Esys are actually propagated to the TPM command's session flags, if
the command allows this. Using TPM2_CreatePrimary as a candidate.
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Don't build tcti_default unit test when fuzzing in enabled.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
uriparser was completely removed in e394cffe3add7874299b9571e0b5140b4dc51dfe.
Signed-off-by: Jonas Witschel <diabonas@gmx.de>
|
|
* The original test did check optional policy commands. Since it cannot be
expected that the three optional commands are all implemented on a
physical TPM the test case was split.
* If the related command is not implemented only this test case will be skipped.
* Also the related doxygen files are updated.
Signed-off-by: Juergen Repp <Juergen.Repp@sit.fraunhofer.de>
|
|
Signed-off-by: Philip Tricca <philip.b.tricca@intel.com>
|
|
autotools does not like variables to end on _LDFLAGS and spits out
warnings. So we rename the variable.
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Add a simple test for StirRandom to increase code coverage.
It does only check whether the command itself works and returns success
for suitable input data.
Signed-off-by: Peter Huewe <peterhuewe@gmx.de>
|
|
ESYSFLAGS was actually never set. Probably leftover
from an earlier version.
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
The default tcti parameters must be ignored for
the esys unit tests.
Fixes: #1016
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
Several error cases of the crypto backends, which are not covered by the integration tests,
are tested.
Signed-off-by: Juergen Repp <Juergen.Repp@sit.fraunhofer.de>
|
|
* The two new integration tests were added to the mandatory tests.
* The test clockset was moved from optional to mandatory tests.
* Doxygen comments were updated.
* Also some minor formatting fixes were added.
Signed-off-by: Juergen Repp <Juergen.Repp@sit.fraunhofer.de>
|
|
* To enable tests with a physical TPM the configure options:
--with-ptpm=[device]
--with-ptpmtests=[test cases]
were added. To compile the integration tests --enable-integration has
to be used. The test cases are a comma separated list of:
mandatory, optional and destructive. The default is mandatory.
To avoid parallel usage of the TPM the tests should be executed with:
make check-ptpm
or with:
make check -j 1.
The compiled integration tests for a simulator test can be used for
tests with a physical TPM without re-compilation.
* A second int_log compiler script was added to execute these tests.
* Split policy regression tests into two parts. Optional commands are
moved to the test policy-regression-opt.
* The test policy-ticket will return success if the PolicyTicket command
is not available, but all other commands in this tests were
successful.
* Exponent 0 will be used in the ESAPI integration tests.
Exponent 65537 for RSA keys is optional in TPM spec while exponent
is mandatory:
A TPM compatible with this specification and supporting RSA shall
support two primes and an exponent of zero. Support for other values
is optional. (Spec Part2 12.2.3.5 TPMS_RSA_PARMS).
* The check whether optional commands are available are adapted for the
usage with a resource manager TPM.
Signed-off-by: Juergen Repp <Juergen.Repp@sit.fraunhofer.de>
|
|
All of the other LDFLAGS in the build were fixed up to use ESYSLDFLAGS
instead of the linker flags for the crypto library directly. This was
probably just an oversight.
Signed-off-by: Philip Tricca <philip.b.tricca@intel.com>
|
|
* The crypto backend can be selected with the option
--with-crypto={ossl,gcrypt}.The default is gcrypt.
* Only the crypto provider independent code will remain in esys_crypto.{c,h}
The provider dependent code can be found in:
esys_crypto_{ossl,cgrypt}.{c,h}
* The provider dependent source files are removed from the lists
generated in the bootstrap script and are added explicitly
to the makefile variables in Makefile.am
Signed-off-by: Juergen Repp <Juergen.Repp@sit.fraunhofer.de>
|
|
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
The long name causes build problems:
ccache: error: Failed to create temporary file for
test/integration/test_integration_sapi_create_primary_rsa_2048_aes_128_cfb_int-sapi-create-primary-rsa-2048-aes-128-cfb.int.o: File name too long
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
Bill recently integrated the tools integration tests into the test
harness and his approach assumes that the `tpm_server` binary is on the
PATH. This simplifies a few thing and generally it's just cleaner than
requiring the caller to pass the full path to the executable at
configure time.
This patch removes the --with-simulatorbin configure option replacing it
with the --enable-integration option instead. This option takes no
parameters but it does check that the 'tpm_server' binary is on the
callers path. Additionally this patch consolidates the multiple AC_IF
checks for the definition of the associated variable. The corresponding
option to the int-log-compiler.sh script is removed as well.
Signed-off-by: Philip Tricca <philip.b.tricca@intel.com>
|
|
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Add a test for ECC-encrypted sessionSalt parameters
in StartAuthSession.
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
This removes our use of liburiparser with a custom key / value pair
parser. The parser is implemented in the key-value-parse module under
the util directory. The parser is designed to extract a series of key
/ value pairs where each key and value are separated by the '='
character and each pair is separated by the ',' character. The parser
is composed of three parts:
1) The 'parse_key_value' function is used to extract key /value pairs
separated by the '=' character. This function modifies the string by
using the 'strok_r' function to extract the key and value. A reference
to each is then returned to the caller using the key_value_t structure.
2) The 'parse_key_value_string' function is used to extract each key /
value pair parsing the provided string on the ',' character using the
same method as the 'parse_key_value' function. Each string containing a
key / value pair is then passed to the 'parse_key_value' function to
extract the individual components.
3) Finally the 'parse_key_value_string' function is passed a function
pointer conforming to the 'KeyValueFunc' type. This function is invoked
for each key / value pair extracted and is passed a reference to the
key_value_t structure from the previous step. It is also passed a void
pointer to some caller provided data structure which allows the callback
to do something with the key / value pairs. For the purposes of the
mssim TCTI we simply identify valid / invalid keys and store their
values in a data structure.
Once the parser is done extracting data from the provided string the
mssim TCTI will either return an error indicating the configuration
string was invalid, or continue initializing the TCTI based on the
provided data. If a NULL configuration string is provided defaults are
used.
Additionally this commit:
1) Removes the check for liburiparser from the autoconf file.
2) Updates the .travis.yml file to no longer install liburiparser as a
build dependency.
3) Adds unit tests for the functions described above.
4) Updates existing tests and test infrastructure to use configuration
strings in the new format.
5) Updates the man page for the Tss2_Tcti_Mssim_Init fucntion to
describe the new configuration string format.
6) Updates the default configuration string to use 'localhost' instead
of a raw IPv4 address to make the library friendly to platforms that
only support IPv6.
Signed-off-by: Philip Tricca <philip.b.tricca@intel.com>
|
|
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
|
|
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Add tests for TR_FromTPMPublic and TR_GetName
for persistent key objects
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Add tests for TR_FromTPMPublic and TR_GetName
for NV objects
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Many of the policy commands work similarly.
Here we test them using a trial session.
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
