mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-20 13:33:13 +00:00
ec8c4b5c3e
* [#71] Initial Dockerization of TPM 1.2 Provisioner * Fix permissions on new script * Fix current bugs * [#71] Try a new direction for setting up TPM 1.2 Provisioner Testing * [#71] Attempt to the latest version of Trousers on Travis CI VM for 1.2 Provisioner support * [#71] Try IBM TPM 1.2 Emulator * [#71] Move towards cleaning up work * [#71] Update TPM1.2 Provisioner Docker to work with Docker Compose in Systems Test * [#71] Get TPM 1.2 Provisioner to provision successfully in Docker container * Update system tests script to include TPM 1.2 Provisioner container * [#71] Separate TPM 1.2 and 2.0 Provisioner System Tests * [#71] Pipe TPM Emulator log output to file to clear up system test output
111 lines
2.7 KiB
Bash
Executable File
111 lines
2.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Script to setup the TPM Provisioner Docker Image for Integration Tests
|
|
set -e
|
|
|
|
# Wait for ACA to boot
|
|
echo "Waiting for ACA to spin up..."
|
|
until [ "`curl --silent --connect-timeout 1 -I -k https://${HIRS_ACA_PORTAL_IP}:${HIRS_ACA_PORTAL_PORT}/HIRS_AttestationCAPortal | grep '302 Found'`" != "" ]; do
|
|
:
|
|
done
|
|
echo "ACA is up!"
|
|
|
|
# Function to install Provisioner packages.
|
|
function InstallProvisioner {
|
|
echo "===========Installing Provisioner Packages...==========="
|
|
|
|
pushd /HIRS
|
|
if [ ! -d package/rpm/RPMS ]; then
|
|
./package/package.centos.sh
|
|
fi
|
|
yum install -y package/rpm/RPMS/noarch/HIRS_Provisioner_TPM_1_2*.el7.noarch.rpm
|
|
popd
|
|
}
|
|
|
|
# Function to initialize the TPM Emulator
|
|
function InitTpmEmulator {
|
|
echo "===========Initializing TPM Emulator...==========="
|
|
|
|
# Set variables for server
|
|
export TPM_PATH=/tpm_emulator/tpm_storage
|
|
export TPM_PORT=6543
|
|
|
|
# Set variables for client utils
|
|
export TPM_SERVER_NAME=localhost
|
|
export TPM_SERVER_PORT=6543
|
|
|
|
# Set variable for TrouSerS
|
|
export TCSD_TCP_DEVICE_PORT=6543
|
|
|
|
mkdir -p $TPM_PATH
|
|
|
|
pushd /tpm_emulator
|
|
|
|
# Activate Software TPM
|
|
./tpm/tpm_server > tpm.log 2>&1 &
|
|
./libtpm/utils/tpmbios
|
|
|
|
# Restart Software TPM after Activation
|
|
pkill tpm_server
|
|
./tpm/tpm_server > tpm.log 2>&1 &
|
|
./libtpm/utils/tpmbios
|
|
|
|
# Create EK on Software TPM
|
|
./libtpm/utils/createek
|
|
|
|
# Initialize last memory address
|
|
./libtpm/utils/nv_definespace -in ffffffff -sz 0
|
|
|
|
popd
|
|
|
|
echo "Starting TrouSerS Daemon"
|
|
tcsd -e
|
|
|
|
echo "Testing TPM Connectivity"
|
|
tpm_selftest
|
|
|
|
echo "===========TPM Emulator Initialization Complete!==========="
|
|
}
|
|
|
|
# Function to update the hirs-site.config file
|
|
function UpdateHirsSiteConfigFile {
|
|
HIRS_SITE_CONFIG="/etc/hirs/hirs-site.config"
|
|
|
|
echo ""
|
|
echo "===========Updating ${HIRS_SITE_CONFIG}, using values from /HIRS/.ci/docker/.env file...==========="
|
|
cat /HIRS/.ci/docker/.env
|
|
|
|
cat <<DEFAULT_SITE_CONFIG_FILE > $HIRS_SITE_CONFIG
|
|
#*******************************************
|
|
#* HIRS site configuration properties file
|
|
#*******************************************
|
|
CLIENT_HOSTNAME=${HIRS_ACA_PROVISIONER_IP}
|
|
TPM_ENABLED=${TPM_ENABLED}
|
|
IMA_ENABLED=${IMA_ENABLED}
|
|
|
|
# Site-specific configuration
|
|
ATTESTATION_CA_FQDN=${HIRS_ACA_HOSTNAME}
|
|
ATTESTATION_CA_PORT=${HIRS_ACA_PORTAL_PORT}
|
|
BROKER_FQDN=${HIRS_ACA_PORTAL_IP}
|
|
BROKER_PORT=${HIRS_BROKER_PORT}
|
|
PORTAL_FQDN=${HIRS_ACA_PORTAL_IP}
|
|
PORTAL_PORT=${HIRS_ACA_PORTAL_PORT}
|
|
|
|
DEFAULT_SITE_CONFIG_FILE
|
|
|
|
echo "===========New HIRS Config File==========="
|
|
cat /etc/hirs/hirs-site.config
|
|
}
|
|
|
|
# Install packages
|
|
InstallProvisioner
|
|
|
|
# Install TPM Emulator
|
|
InitTpmEmulator
|
|
|
|
# Update the hirs-site.config file
|
|
UpdateHirsSiteConfigFile
|
|
|
|
echo ""
|
|
echo "===========HIRS ACA Provisioner Setup Complete!==========="
|