summaryrefslogtreecommitdiffstats
path: root/tests/tpm2dtests/unimportable.scm
diff options
context:
space:
mode:
authorJames Bottomley <James.Bottomley@HansenPartnership.com>2021-03-09 22:50:31 +0100
committerWerner Koch <wk@gnupg.org>2021-03-10 14:29:50 +0100
commit6720f1343aef9342127380b155c19e12c92d65ac (patch)
tree638a5e8780827f1907356f3f6a40b942d421fc1c /tests/tpm2dtests/unimportable.scm
parentgpg: Add new command keytotpm to convert a private key to TPM format (diff)
downloadgnupg2-6720f1343aef9342127380b155c19e12c92d65ac.tar.xz
gnupg2-6720f1343aef9342127380b155c19e12c92d65ac.zip
tpm2d: add tests for the tpm2daemon
* configure.ac: Detect TPM emulator and enable tests. * tests/tpm2dtests/: New test suite. * tests/Makefile.am: Run tests. -- Add a set of tests that exercise tpm2daemon handling of keys and verify compatibility with non-tpm based keys. Running this test infrastructure requires a tpm emulator, which is tested for during configuration. If an emulator is not found, the tests won't be run since they require the presence of a TPM (although the TPM handling code will still be built). Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> - Fixed tests/Makefile.am for make distcheck. Signed-off-by: Werner Koch <wk@gnupg.org>
Diffstat (limited to 'tests/tpm2dtests/unimportable.scm')
-rw-r--r--tests/tpm2dtests/unimportable.scm28
1 files changed, 28 insertions, 0 deletions
diff --git a/tests/tpm2dtests/unimportable.scm b/tests/tpm2dtests/unimportable.scm
new file mode 100644
index 000000000..be84c13c6
--- /dev/null
+++ b/tests/tpm2dtests/unimportable.scm
@@ -0,0 +1,28 @@
+#!/usr/bin/env gpgscm
+
+;; Copyright (C) 2021 James.Bottomley@HansenPartnership.com
+;;
+;; SPDX-License-Identifier: GPL-3.0-or-later
+;;
+(load (in-srcdir "tests" "tpm2dtests" "defs.scm"))
+
+(setup-environment)
+(setenv "PINENTRY_USER_DATA" "this is a password" #t)
+
+;;
+;; Tries to import a selection of keys with no TPM representation
+;; and verifies it fails. There are many unimportable keys, so
+;; save time by only choosing one EC and one RSA one
+;;
+(define key-list '("ed25519" "rsa4096"))
+
+(for-each
+ (lambda(algo)
+ (info "Checking failure to import" algo)
+ (define name algo "<ecc" algo "@example.com>")
+ (call-check `(,@GPG --quick-generate-key ,name ,algo))
+ (let ((result (call-with-io `(,@GPG --command-fd=0 --edit-key ,name "key 0" keytotpm) "y\n")))
+ (if (= 0 (:retcode result))
+ (throw "Importing Key succeeded")
+ (:stderr result))))
+ key-list)