From 790d3ba1491261e59c781d0364df5f5e7b532135 Mon Sep 17 00:00:00 2001 From: Tom D <40675700+twitchy-jsonp@users.noreply.github.com> Date: Wed, 3 Apr 2019 12:19:25 -0700 Subject: [PATCH] Script setup of fake filesystem objects for tpm12 tests, fix build of tpm12 tests. (#5) --- attest/attest_simulated_tpm20_test.go | 6 +-- attest/attest_tpm12_test.go | 5 +- ci/setup_tests_fs.sh | 78 +++++++++++++++++++++++++++ 3 files changed, 84 insertions(+), 5 deletions(-) create mode 100755 ci/setup_tests_fs.sh diff --git a/attest/attest_simulated_tpm20_test.go b/attest/attest_simulated_tpm20_test.go index 8ddd627..c4bc691 100644 --- a/attest/attest_simulated_tpm20_test.go +++ b/attest/attest_simulated_tpm20_test.go @@ -99,8 +99,8 @@ func TestAIKCreateAndLoad(t *testing.T) { } } -// chooseEK selects the EK public which will be activated against. -func chooseEK(t *testing.T, eks []PlatformEK) crypto.PublicKey { +// chooseEKPub selects the EK public which will be activated against. +func chooseEKPub(t *testing.T, eks []PlatformEK) crypto.PublicKey { t.Helper() for _, ek := range eks { @@ -129,7 +129,7 @@ func TestActivateCredentialTPM20(t *testing.T) { if err != nil { t.Fatalf("EKs() failed: %v", err) } - ek := chooseEK(t, EKs) + ek := chooseEKPub(t, EKs) att, err := tpm2.DecodeAttestationData(aik.CreateAttestation) if err != nil { diff --git a/attest/attest_tpm12_test.go b/attest/attest_tpm12_test.go index dbbdf60..e69beb5 100644 --- a/attest/attest_tpm12_test.go +++ b/attest/attest_tpm12_test.go @@ -150,7 +150,8 @@ func TestTPMQuote(t *testing.T) { t.Logf("Quote{version: %v, quote: %x, signature: %x}\n", quote.Version, quote.Quote, quote.Signature) } -func chooseEK(t *testing.T, eks []PlatformEK) []byte { +// chooseEKCertRaw selects the EK cert which will be activated against. +func chooseEKCertRaw(t *testing.T, eks []PlatformEK) []byte { t.Helper() for _, ek := range eks { @@ -186,7 +187,7 @@ func TestTPMActivateCredential(t *testing.T) { if err != nil { t.Fatalf("failed to read EKs: %v", err) } - ekcert := chooseEK(t, EKs) + ekcert := chooseEKCertRaw(t, EKs) challenge.Credential, challenge.Secret, err = verification.GenerateChallenge(ekcert, aik.Public, nonce) if err != nil { diff --git a/ci/setup_tests_fs.sh b/ci/setup_tests_fs.sh new file mode 100755 index 0000000..479a933 --- /dev/null +++ b/ci/setup_tests_fs.sh @@ -0,0 +1,78 @@ +#!/bin/bash +# +############################################################################### +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +################################################################################ +# +# Sets up a root filesystem with files that symbolize the presence of a fake +# hardware VM. This filesystem can be chrooted into to run tests. +# USAGE: ./setup_tests_fs.sh