mirror of https://github.com/wolfSSL/wolfTPM.git
More fixes for no filesystem.
parent
2a5e74113b
commit
1603cfdaaf
|
@ -200,7 +200,7 @@ jobs:
|
||||||
./configure --enable-swtpm
|
./configure --enable-swtpm
|
||||||
make
|
make
|
||||||
make check
|
make check
|
||||||
WOLFSSL_PATH=./wolfssl ./examples/run_examples.sh
|
WOLFSSL_PATH=./wolfssl NO_FILESYSTEM=1 ./examples/run_examples.sh
|
||||||
|
|
||||||
# capture logs on failure
|
# capture logs on failure
|
||||||
- name: Upload failure logs
|
- name: Upload failure logs
|
||||||
|
|
|
@ -290,6 +290,8 @@ static int PKCS7_SignVerify(WOLFTPM2_DEV* dev, int tpmDevId,
|
||||||
rc = -1; goto exit;
|
rc = -1; goto exit;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
#else
|
||||||
|
(void)outFile;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Test verify with TPM */
|
/* Test verify with TPM */
|
||||||
|
|
|
@ -10,6 +10,9 @@ fi
|
||||||
if [ -z "$WOLFCRYPT_ENABLE" ]; then
|
if [ -z "$WOLFCRYPT_ENABLE" ]; then
|
||||||
WOLFCRYPT_ENABLE=1
|
WOLFCRYPT_ENABLE=1
|
||||||
fi
|
fi
|
||||||
|
if [ -z "$NO_FILESYSTEM" ]; then
|
||||||
|
NO_FILESYSTEM=0
|
||||||
|
fi
|
||||||
if [ -z "$WOLFCRYPT_DEFAULT" ]; then
|
if [ -z "$WOLFCRYPT_DEFAULT" ]; then
|
||||||
WOLFCRYPT_DEFAULT=0
|
WOLFCRYPT_DEFAULT=0
|
||||||
fi
|
fi
|
||||||
|
@ -250,7 +253,8 @@ fi
|
||||||
|
|
||||||
# NV Tests
|
# NV Tests
|
||||||
echo -e "NV Tests"
|
echo -e "NV Tests"
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
if [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
|
if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
||||||
./examples/nvram/store -xor >> run.out 2>&1
|
./examples/nvram/store -xor >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv store param enc xorfailed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "nv store param enc xorfailed! $RESULT" && exit 1
|
||||||
|
@ -266,14 +270,14 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv read param enc aes failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "nv read param enc aes failed! $RESULT" && exit 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
./examples/nvram/store -priv >> run.out 2>&1
|
./examples/nvram/store -priv >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv store priv only failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "nv store priv only failed! $RESULT" && exit 1
|
||||||
./examples/nvram/read -priv >> run.out 2>&1
|
./examples/nvram/read -priv >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv read priv only failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "nv read priv only failed! $RESULT" && exit 1
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
||||||
./examples/nvram/store -priv -xor >> run.out 2>&1
|
./examples/nvram/store -priv -xor >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv store priv only param enc xor failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "nv store priv only param enc xor failed! $RESULT" && exit 1
|
||||||
|
@ -289,13 +293,14 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv read priv only param enc aes failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "nv read priv only param enc aes failed! $RESULT" && exit 1
|
||||||
fi
|
fi
|
||||||
|
fi
|
||||||
|
./examples/nvram/store -pub >> run.out 2>&1
|
||||||
|
RESULT=$?
|
||||||
|
[ $RESULT -ne 0 ] && echo -e "nv store pub only failed! $RESULT" && exit 1
|
||||||
|
./examples/nvram/read -pub >> run.out 2>&1
|
||||||
|
RESULT=$?
|
||||||
|
[ $RESULT -ne 0 ] && echo -e "nv read pub only failed! $RESULT" && exit 1
|
||||||
fi
|
fi
|
||||||
./examples/nvram/store -pub >> run.out 2>&1
|
|
||||||
RESULT=$?
|
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv store pub only failed! $RESULT" && exit 1
|
|
||||||
./examples/nvram/read -pub >> run.out 2>&1
|
|
||||||
RESULT=$?
|
|
||||||
[ $RESULT -ne 0 ] && echo -e "nv read pub only failed! $RESULT" && exit 1
|
|
||||||
|
|
||||||
./examples/nvram/policy_nv >> run.out 2>&1
|
./examples/nvram/policy_nv >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
|
@ -313,7 +318,7 @@ RESULT=$?
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "keygen ecc test for csr failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "keygen ecc test for csr failed! $RESULT" && exit 1
|
||||||
|
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ] && [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
./examples/csr/csr -cert >> run.out 2>&1
|
./examples/csr/csr -cert >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "cert self-signed failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "cert self-signed failed! $RESULT" && exit 1
|
||||||
|
@ -332,7 +337,7 @@ fi
|
||||||
|
|
||||||
# PKCS7 Tests
|
# PKCS7 Tests
|
||||||
echo -e "PKCS7 tests"
|
echo -e "PKCS7 tests"
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ] && [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
./examples/pkcs7/pkcs7 >> run.out 2>&1
|
./examples/pkcs7/pkcs7 >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "pkcs7 failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "pkcs7 failed! $RESULT" && exit 1
|
||||||
|
@ -387,7 +392,7 @@ run_tpm_tls_server() { # Usage: run_tpm_tls_server [ecc/rsa] [tpmargs] [tlsversi
|
||||||
popd >> run.out 2>&1
|
popd >> run.out 2>&1
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ] && [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
if [ $WOLFCRYPT_RSA -eq 1 ]; then
|
if [ $WOLFCRYPT_RSA -eq 1 ]; then
|
||||||
# TLS client/server RSA TLS v1.2 and v1.2 Crypto callbacks
|
# TLS client/server RSA TLS v1.2 and v1.2 Crypto callbacks
|
||||||
run_tpm_tls_client "rsa" "" "3"
|
run_tpm_tls_client "rsa" "" "3"
|
||||||
|
@ -464,7 +469,7 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
||||||
[ $RESULT -ne 0 ] && echo -e "signed_timestamp ecc param enc failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "signed_timestamp ecc param enc failed! $RESULT" && exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
./examples/keygen/keygen keyblob.bin -rsa >> run.out 2>&1
|
./examples/keygen/keygen keyblob.bin -rsa >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "keygen rsa failed! $RESULT" && exit 1
|
||||||
|
@ -550,7 +555,7 @@ fi
|
||||||
|
|
||||||
# Secure Boot ROT
|
# Secure Boot ROT
|
||||||
echo -e "Secure Boot ROT (Root of Trust) test"
|
echo -e "Secure Boot ROT (Root of Trust) test"
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ] && [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
./examples/boot/secure_rot -nvindex=0x1400200 -authstr=test -write=./certs/example-ecc256-key-pub.der >> run.out 2>&1
|
./examples/boot/secure_rot -nvindex=0x1400200 -authstr=test -write=./certs/example-ecc256-key-pub.der >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "secure rot write ecc256! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "secure rot write ecc256! $RESULT" && exit 1
|
||||||
|
@ -586,16 +591,17 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Seal/Unseal (PCR Policy)
|
# Seal/Unseal (PCR Policy)
|
||||||
echo -e "Seal/Unseal (PCR policy)"
|
if [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
./examples/seal/seal sealedkeyblob.bin mySecretMessage >> run.out 2>&1
|
echo -e "Seal/Unseal (PCR policy)"
|
||||||
RESULT=$?
|
./examples/seal/seal sealedkeyblob.bin mySecretMessage >> run.out 2>&1
|
||||||
[ $RESULT -ne 0 ] && echo -e "seal failed! $RESULT" && exit 1
|
RESULT=$?
|
||||||
./examples/seal/unseal message.raw sealedkeyblob.bin >> run.out 2>&1
|
[ $RESULT -ne 0 ] && echo -e "seal failed! $RESULT" && exit 1
|
||||||
RESULT=$?
|
./examples/seal/unseal message.raw sealedkeyblob.bin >> run.out 2>&1
|
||||||
[ $RESULT -ne 0 ] && echo -e "unseal failed! $RESULT" && exit 1
|
RESULT=$?
|
||||||
rm -f sealedkeyblob.bin
|
[ $RESULT -ne 0 ] && echo -e "unseal failed! $RESULT" && exit 1
|
||||||
|
rm -f sealedkeyblob.bin
|
||||||
|
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_RSA -eq 1 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_RSA -eq 1 ]; then
|
||||||
./examples/seal/seal sealedkeyblob.bin mySecretMessage -xor >> run.out 2>&1
|
./examples/seal/seal sealedkeyblob.bin mySecretMessage -xor >> run.out 2>&1
|
||||||
RESULT=$?
|
RESULT=$?
|
||||||
[ $RESULT -ne 0 ] && echo -e "seal xor failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "seal xor failed! $RESULT" && exit 1
|
||||||
|
@ -612,11 +618,12 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_RSA -eq 1 ]; then
|
||||||
[ $RESULT -ne 0 ] && echo -e "unseal aes failed! $RESULT" && exit 1
|
[ $RESULT -ne 0 ] && echo -e "unseal aes failed! $RESULT" && exit 1
|
||||||
fi
|
fi
|
||||||
rm -f sealedkeyblob.bin
|
rm -f sealedkeyblob.bin
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Seal/Unseal (Policy auth)
|
# Seal/Unseal (Policy auth)
|
||||||
echo -e "Seal/Unseal (Policy auth)"
|
echo -e "Seal/Unseal (Policy auth)"
|
||||||
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ]; then
|
if [ $WOLFCRYPT_ENABLE -eq 1 ] && [ $WOLFCRYPT_DEFAULT -eq 0 ] && [ $NO_FILESYSTEM -eq 0 ]; then
|
||||||
# Extend "aaa" to test PCR 16
|
# Extend "aaa" to test PCR 16
|
||||||
echo aaa > aaa.bin
|
echo aaa > aaa.bin
|
||||||
./examples/pcr/reset 16 >> run.out 2>&1
|
./examples/pcr/reset 16 >> run.out 2>&1
|
||||||
|
|
|
@ -244,6 +244,7 @@ exit:
|
||||||
#else
|
#else
|
||||||
(void)filename;
|
(void)filename;
|
||||||
(void)key;
|
(void)key;
|
||||||
|
rc = NOT_COMPILED_IN;
|
||||||
#endif /* !NO_FILESYSTEM && !NO_WRITE_TEMP_FILES */
|
#endif /* !NO_FILESYSTEM && !NO_WRITE_TEMP_FILES */
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue