ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-20 13:33:13 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity
75b02a18e3
HIRS/.ci/system-tests/tests/aca_policy_tests.sh
5B96790E3664F40075A67E6ADF737EDB15B4408DBC91A81228B31537B0CE3E26 7c99b81b10
supplychainvalidationsummary will look up rims by ID (#805) 
* Lookup here needed summary id from device object

* Portal linkage issue

* CertificatesUsed not working properly with RIM

* Maybe need to link to base rim

* Rim test 1 needed hw file

* Working on CI

* Connecting new tpm2_common

* Edited the way scripts called in docker exec

* TPM for reset each test

* Defining efi paths in CI env file

* Forgot to close while loops

* Connecting default test files

* Variable was wrong [no ci]

* Added ACA tests using uploaded artifacts

* Trying to chmod rim_setup.sh

* rim_setup chmod issues

* Added aca tests 9 and 10 to workflow

* Added cases 9 and 10 for aca policy tests

* Exit test scripts with error if one test fails

* Attempt to solve uploaded rim linkup

* Try only setting tagId if not null

* updateSupportRimInfo was not setting associated rim on base

* Attempt alternate lookup of rim by device name

* Trouble with event log archived

* Used wrong variable

* Fix spotbugs

* Try again

* Change SupplyChainValidation.message size to MAX_MESSAGE_LENGTH
2024-07-22 06:03:09 -04:00

116 lines
3.8 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
#########################################################################################
# HIRS ACA Policy System Tests
#
#########################################################################################
source ./.ci/system-tests/sys_test_common.sh
testResult=false
totalTests=0;
failedTests=0;
test="all"
case $1 in
1) test="1" ;;
2) test="2" ;;
3) test="3" ;;
4) test="4" ;;
5) test="5" ;;
6) test="6" ;;
7) test="7" ;;
8) test="8" ;;
9) test="9" ;;
10) test="10" ;;
esac
# Start ACA Policy Tests
# provisionTpm2 takes 1 parameter (the expected result): "pass" or "fail"
if [ "$test" = "1" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 1: Test ACA default policy ###"
writeToLogs "Now using default appsettings"
clearAcaDb
resetTpmForNewTest
setAppsettings
setPolicyNone
setPlatformCerts -p "laptop" -t "empty"
provisionTpm2 "pass"
fi
if [ "$test" = "2" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 2: Test EK cert Only Validation Policy without a EK Issuer Cert in the trust store ###"
setPolicyEkOnly
provisionTpm2 "fail"
fi
if [ "$test" = "3" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 3: Test EK Only Validation Policy ###"
uploadTrustedCerts
provisionTpm2 "pass"
fi
if [ "$test" = "4" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 4: Test PC Validation Policy with no PC ###"
setPolicyEkPc_noAttCheck
provisionTpm2 "fail"
fi
if [ "$test" = "5" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 5: Test FW and PC Validation Policy with no PC ###"
setPolicyEkPcFw
provisionTpm2 "fail"
fi
writeToLogs "Now using appsettings with hardware information"
setAppsettings --paccor-output-file /ci_test/hw.json --event-log-file /ci_test/binary_bios_measurements --linux-dmi
if [ "$test" = "6" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 6: Test PC Validation Policy with valid PC with no Attribute Check ###"
clearAcaDb
resetTpmForNewTest
setPolicyEkPc_noAttCheck
uploadTrustedCerts
setPlatformCerts -p "laptop" -t "default"
provisionTpm2 "pass"
fi
if [ "$test" = "7" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 7: Test PC Validation Policy with valid PC with Attribute Check ###"
clearAcaDb
resetTpmForNewTest
setPolicyEkPc
uploadTrustedCerts
setPlatformCerts -p "laptop" -t "default"
provisionTpm2 "pass"
fi
if [ "$test" = "8" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 8: Test PC with RIM Validation Policy with valid PC and RIM ###"
clearAcaDb
resetTpmForNewTest
setPolicyEkPcFw
uploadTrustedCerts
setPlatformCerts -p "laptop" -t "default"
setRims -p "laptop" -t "default"
provisionTpm2 "pass"
fi
if [ "$test" = "9" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 9: Test valid PC and RIM with PC only uploaded ###"
clearAcaDb
resetTpmForNewTest
setPolicyEkPcFw
uploadTrustedCerts
setPlatformCerts -p "laptop" -t "default" -u -n
setRims -p "laptop" -t "default"
provisionTpm2 "pass"
fi
if [ "$test" = "10" ] || [ "$test" = "all" ]; then
writeToLogs "### ACA POLICY TEST 10: Test valid PC and RIM with RIM only uploaded ###"
clearAcaDb
resetTpmForNewTest
setPolicyEkPcFw
uploadTrustedCerts
setPlatformCerts -p "laptop" -t "default"
setRims -p "laptop" -t "default" -u -n
provisionTpm2 "pass"
fi
# Process Test Results, any single failure will send back a failed result.
if [[ $failedTests != 0 ]]; then
export TEST_STATUS=1
echo "**** $failedTests out of $totalTests ACA Policy Tests Failed! ****"
exit 1
else
echo "**** $totalTests ACA Policy Tests Passed! ****"
fi
Reference in New Issue View Git Blame Copy Permalink