Skip to content

Commit 830bd02

Browse files
committed
tests: enable systemd-tpm2 test to run with default system path.
If run in Makefile.localtest there was unset CRYPTSETUP_TOKENS_PATH. It's valid test case to run with systemd-tpm2 plugin installed on the system (integration tests).
1 parent ea96360 commit 830bd02

1 file changed

Lines changed: 12 additions & 5 deletions

File tree

tests/systemd-test-plugin

Lines changed: 12 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -167,29 +167,36 @@ export LD_PRELOAD="$LD_PRELOAD:$FAKE_TPM_PATH"
167167
export TPM_PATH=$TPM_PATH
168168
echo "TPM path is $TPM_PATH"
169169

170+
if [ -z "$CRYPTSETUP_TOKENS_PATH" ]; then
171+
echo "Running with system cryptsetup plugins path"
172+
CRYPTSETUP_EXTERNAL_PATH_PARAM=
173+
else
174+
CRYPTSETUP_EXTERNAL_PATH_PARAM="--external-tokens-path $CRYPTSETUP_TOKENS_PATH"
175+
fi
176+
170177
dd if=/dev/zero of=$IMG bs=1M count=32 >/dev/null 2>&1
171178
echo $PASSWD | $CRYPTSETUP luksFormat --type luks2 $FAST_PBKDF_OPT $IMG --force-password -q
172179

173180
echo "Enrolling the device to TPM 2 using systemd-cryptenroll.."
174181
LD_PRELOAD="$LD_PRELOAD:$CRYPTENROLL_LD_PRELOAD" PASSWORD="$PASSWD" $SYSTEMD_CRYPTENROLL $IMG --tpm2-device=$TPM_PATH >/dev/null 2>&1
175182

176-
$CRYPTSETUP luksDump --external-tokens-path $CRYPTSETUP_TOKENS_PATH $IMG | grep -q "tpm2-blob" || fail "Failed to dump $IMG using systemd_tpm2 token (no tpm2-blob in output)."
183+
$CRYPTSETUP luksDump $CRYPTSETUP_EXTERNAL_PATH_PARAM $IMG | grep -q "tpm2-blob" || fail "Failed to dump $IMG using systemd_tpm2 token (no tpm2-blob in output)."
177184
echo "Activating the device via TPM2 external token.."
178-
$CRYPTSETUP open --external-tokens-path $CRYPTSETUP_TOKENS_PATH --token-only $IMG $MAP >/dev/null 2>&1 || fail "Failed to open $IMG using systemd_tpm2 token."
185+
$CRYPTSETUP open $CRYPTSETUP_EXTERNAL_PATH_PARAM --token-only $IMG $MAP >/dev/null 2>&1 || fail "Failed to open $IMG using systemd_tpm2 token."
179186
$CRYPTSETUP close $MAP >/dev/null 2>&1 || fail "Failed to close $MAP."
180187

181188
echo "Adding passphrase via TPM2 token.."
182-
echo $PASSWD2 | $CRYPTSETUP luksAddKey --external-tokens-path $CRYPTSETUP_TOKENS_PATH $FAST_PBKDF_OPT $IMG --force-password -q --token-only >/dev/null 2>&1 || fail "Failed to add passphrase by tpm2 token."
189+
echo $PASSWD2 | $CRYPTSETUP luksAddKey $CRYPTSETUP_EXTERNAL_PATH_PARAM $FAST_PBKDF_OPT $IMG --force-password -q --token-only >/dev/null 2>&1 || fail "Failed to add passphrase by tpm2 token."
183190
echo $PASSWD2 | $CRYPTSETUP open $IMG --test-passphrase --disable-external-tokens >/dev/null 2>&1 || fail "Failed to test passphrase added by tpm2 token."
184191

185192
echo "Exporting and removing TPM2 token.."
186193
EXPORTED_TOKEN=$($CRYPTSETUP token export $IMG --token-id 0)
187194
$CRYPTSETUP token remove $IMG --token-id 0
188-
$CRYPTSETUP open --external-tokens-path $CRYPTSETUP_TOKENS_PATH $IMG --test-passphrase --token-only >/dev/null 2>&1 && fail "Activating without passphrase should fail after TPM2 token removal."
195+
$CRYPTSETUP open $CRYPTSETUP_EXTERNAL_PATH_PARAM $IMG --test-passphrase --token-only >/dev/null 2>&1 && fail "Activating without passphrase should fail after TPM2 token removal."
189196

190197
echo "Re-importing TPM2 token.."
191198
echo $EXPORTED_TOKEN | $CRYPTSETUP token import $IMG --token-id 0 || fail "Failed to re-import deleted token."
192-
$CRYPTSETUP open --external-tokens-path $CRYPTSETUP_TOKENS_PATH $IMG --test-passphrase --token-only >/dev/null 2>&1 || fail "Failed to activate after re-importing deleted token."
199+
$CRYPTSETUP open $CRYPTSETUP_EXTERNAL_PATH_PARAM $IMG --test-passphrase --token-only >/dev/null 2>&1 || fail "Failed to activate after re-importing deleted token."
193200

194201
cleanup
195202
exit 0

0 commit comments

Comments
 (0)