diff options
author | James Bottomley <James.Bottomley@HansenPartnership.com> | 2021-03-09 22:50:31 +0100 |
---|---|---|
committer | Werner Koch <wk@gnupg.org> | 2021-03-10 14:29:50 +0100 |
commit | 6720f1343aef9342127380b155c19e12c92d65ac (patch) | |
tree | 638a5e8780827f1907356f3f6a40b942d421fc1c /tests/tpm2dtests/unimportable.scm | |
parent | gpg: Add new command keytotpm to convert a private key to TPM format (diff) | |
download | gnupg2-6720f1343aef9342127380b155c19e12c92d65ac.tar.xz gnupg2-6720f1343aef9342127380b155c19e12c92d65ac.zip |
tpm2d: add tests for the tpm2daemon
* configure.ac: Detect TPM emulator and enable tests.
* tests/tpm2dtests/: New test suite.
* tests/Makefile.am: Run tests.
--
Add a set of tests that exercise tpm2daemon handling of keys and
verify compatibility with non-tpm based keys.
Running this test infrastructure requires a tpm emulator, which is
tested for during configuration. If an emulator is not found, the
tests won't be run since they require the presence of a TPM (although
the TPM handling code will still be built).
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
- Fixed tests/Makefile.am for make distcheck.
Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'tests/tpm2dtests/unimportable.scm')
-rw-r--r-- | tests/tpm2dtests/unimportable.scm | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/tests/tpm2dtests/unimportable.scm b/tests/tpm2dtests/unimportable.scm new file mode 100644 index 000000000..be84c13c6 --- /dev/null +++ b/tests/tpm2dtests/unimportable.scm @@ -0,0 +1,28 @@ +#!/usr/bin/env gpgscm + +;; Copyright (C) 2021 James.Bottomley@HansenPartnership.com +;; +;; SPDX-License-Identifier: GPL-3.0-or-later +;; +(load (in-srcdir "tests" "tpm2dtests" "defs.scm")) + +(setup-environment) +(setenv "PINENTRY_USER_DATA" "this is a password" #t) + +;; +;; Tries to import a selection of keys with no TPM representation +;; and verifies it fails. There are many unimportable keys, so +;; save time by only choosing one EC and one RSA one +;; +(define key-list '("ed25519" "rsa4096")) + +(for-each + (lambda(algo) + (info "Checking failure to import" algo) + (define name algo "<ecc" algo "@example.com>") + (call-check `(,@GPG --quick-generate-key ,name ,algo)) + (let ((result (call-with-io `(,@GPG --command-fd=0 --edit-key ,name "key 0" keytotpm) "y\n"))) + (if (= 0 (:retcode result)) + (throw "Importing Key succeeded") + (:stderr result)))) + key-list) |