xref: /aosp_15_r20/external/ltp/testscripts/tpm_tools.sh (revision 49cdfc7efb34551c7342be41a7384b9c40d7cab7)

#!/bin/sh
#
# Copyright (c) International Business Machines  Corp., 2005
#
# This program is free software;  you can redistribute it and#or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
# for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program;  if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
#

# test_tpm_tools.sh - Run the tpm-tools test suite.

# Must be root to run the testsuite
#if [ $UID != 0 ]
#then
#	echo "FAILED: Must be root to execute this script"
#	exit 1
#fi

# Set the LTPROOT directory
cd `dirname $0`
export LTPROOT=${PWD}
echo $LTPROOT | grep testscripts > /dev/null 2>&1
if [ $? -eq 0 ]
then
	cd ..
	export LTPROOT=${PWD}
fi

# Set the PATH to include testcase/bin
# and the sbin directories
export LTPBIN=$LTPROOT/testcases/bin
export PATH=$PATH:/sbin:/usr/sbin:/usr/local/sbin:$LTPBIN

# We will store the logfiles in $LTPROOT/results, so make sure
# it exists.
if [ ! -d $LTPROOT/results ]
then
	mkdir $LTPROOT/results
fi

# Check for programs/daemons/groups...
USER="`whoami`"
RC=0
if [ -z "$LTPTMP" ] && [ -z "$TMPBASE" ]
then
	LTPTMP="/tmp"
else
	LTPTMP="$TMPBASE"
fi
export TPM_TMPFILE="$LTPTMP/tst_tpm.err"
rm -f $TPM_TMPFILE 1>/dev/null 2>&1

# Check for the expect command
rm -f $TPM_TMPFILE 1>/dev/null 2>&1
which expect 1>$TPM_TMPFILE 2>&1
if [ $? -ne 0 ]
then
	echo "The 'expect' command is not available.  Be sure the expect package has been installed properly"
	RC=1
fi

# Check for TrouSerS and that it is running
rm -f $TPM_TMPFILE 1>/dev/null 2>&1
which tcsd 1>$TPM_TMPFILE 2>&1
if [ $? -ne 0 ]
then
	echo "The trousers TSS stack is not available.  Be sure trousers has been installed properly"
	if [ -f $TPM_TMPFILE ]
	then
		cat $TPM_TMPFILE
	fi
	RC=1
else
	rm -f $TPM_TMPFILE 1>/dev/null 2>&1
	ps -ef 1>$TPM_TMPFILE
	grep tcsd $TPM_TMPFILE 1>/dev/null
	if [ $? -ne 0 ]
	then
		echo "The trousers TSS stack is not running.  Be sure to start the trousers daemon (tcsd)"
		RC=1
	fi
fi

# Make the opencryptoki testing optional
if [ -z "$TPM_NOPKCS11" ]
then

	# Check for the pkcs11 group and that the user is a member of it
	grep -q ^pkcs11: /etc/group
	if [ $? -ne 0 ]
	then
		echo "The 'pkcs11' group does not exist.  Be sure openCryptoki has been installed properly"
		RC=1
	fi

	groups | grep pkcs11 1>/dev/null 2>&1
	if [ $? -ne 0 ]
	then
		echo "User '$USER' is not a member of the 'pkcs11' group"
		RC=1
	fi

	# Check for openCryptoki and that it is running
	#   Additionally, delete the user's TPM token data store.
	rm -f $TPM_TMPFILE 1>/dev/null 2>&1
	which pkcsslotd 1>$TPM_TMPFILE 2>&1
	if [ $? -ne 0 ]
	then
		echo "The openCryptoki PKCS#11 slot daemon is not available.  Be sure openCryptoki has been installed properly"
		if [ -f $TPM_TMPFILE ]
		then
			cat $TPM_TMPFILE
		fi
		RC=1
	else
		rm -f $TPM_TMPFILE 1>/dev/null 2>&1
		ps -ef 1>$TPM_TMPFILE
		grep pkcsslotd $TPM_TMPFILE 1>/dev/null
		if [ $? -ne 0 ]
		then
			echo "The openCryptoki PKCS#11 slot daemon is not running.  Be sure to start the openCryptoki slot daemon (pkcsslotd)"
			RC=1
		else
			P11DIR=`which pkcsslotd | sed s-/sbin/pkcsslotd--`
			if [ "$P11DIR" = "/usr" ]
			then
				P11DIR=""
			fi

			grep libpkcs11_tpm $P11DIR/var/lib/opencryptoki/pk_config_data 1>/dev/null
			if [ $? -ne 0 ]
			then
				echo "The TPM PKCS#11 token is not active.  Be sure openCryptoki has been installed properly"
				RC=1
			fi
			if [ -d $P11DIR/var/lib/opencryptoki/tpm/$USER ]
			then
				rm -rf $P11DIR/var/lib/opencryptoki/tpm/$USER
			fi
		fi
	fi
fi

if [ $RC -ne 0 ]
then
	exit 1
fi

# Set known password values
export OWN_PWD="OWN PWD"
export NEW_OWN_PWD="NEW OWN PWD"
export SRK_PWD="SRK PWD"
export NEW_SRK_PWD="NEW SRK PWD"
export P11_SO_PWD="P11 SO PWD"
export NEW_P11_SO_PWD="NEW P11 SO PWD"
export P11_USER_PWD="P11 USER PWD"
export NEW_P11_USER_PWD="NEW P11 USER PWD"

echo "Running the tpm-tools testsuite..."
$LTPROOT/bin/ltp-pan -d 5 -S -a $LTPROOT/results/tpm_tools -n ltp-tpm-tools -l $LTPROOT/results/tpm_tools.logfile -o $LTPROOT/results/tpm_tools.outfile -p -f $LTPROOT/runtest/tpm_tools

echo "Done."
exit 0