Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Have swtpm report RSA key size capabilities and use to adapt test cases #261

Merged
merged 2 commits into from
May 4, 2020
Merged

Have swtpm report RSA key size capabilities and use to adapt test cases #261

merged 2 commits into from
May 4, 2020

Conversation

stefanberger
Copy link
Owner

Have swtpm report libtpms's RSA key size capabilities and use it to adapt test cases so that we run RSA 3072 test cases when libtpms supports them.

@stefanberger
swtpm: Construct RSA key size capabilities from TPMLIB_GetInfo()
cc4dc3a 
Construct RSA key size capability strings from libtpms TPMLIB_GetInfo()
string so that we can easily show which RSA key sizes are supported by
the TPM 2 implementation. If none are advertised, 1024 & 2048 can be
assumed to be supported.

'swtpm socket --tpm2 --print-capabilities' may now print the following:
{
  "type": "swtpm",
  "features": [
    "tpm-send-command-header",
    "flags-opt-startup",
    "cmdarg-seccomp",
    "cmdarg-key-fd",
    "cmdarg-pwd-fd",
    "no-tpm12-tools",
    "rsa-keysize-1024",
    "rsa-keysize-2048",
    "rsa-keysize-3072"
  ]
}

We need to adapt the related test case to use a regular expression since
the rsa-keysize-xyz strings may or may not be there depending on libtpms
version.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
@stefanberger
tests: Remove RSA 3072 tests only if libtpms not show RSA 3072 support
a248400 
Check the libtpms capabilities via 'swtpm_ioctl -i 4' to see whether
libtpms supports RSA 3072 bit keys. Only if this is not the case
deactivate all RSA 3072 bit key tests.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
@coveralls
Copy link

Pull Request Test Coverage Report for Build 2137

  • 27 of 37 (72.97%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.0005%) to 72.903%
Changes Missing Coverage Covered Lines Changed/Added Lines %
src/swtpm/capabilities.c 27 37 72.97%
Totals Coverage Status
Change from base Build 2126: 0.0005%
Covered Lines: 3764
Relevant Lines: 5163
💛 - Coveralls

@stefanberger stefanberger merged commit 8abf473 into master May 4, 2020
@stefanberger stefanberger deleted the rsa_3072_splitoff branch May 12, 2020 18:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@stefanberger @coveralls