FAPI: Fix and test config-ekcert Fix the generation of the ekcert PEM file for ECC for the tpm simulator. Enable the tests for ekcert configs and ek fingerprint configs for the simulator. Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>

commit: 7bb7a579787b6308df288eea39559a40580817a4 [log] [tgz]
author: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de> Thu Jan 30 17:35:11 2020 +0100
committer: Tadeusz Struk <tadeusz.struk@intel.com> Thu Jan 30 13:34:23 2020 -0800
tree: b82fe12c9bd585106ee61bee10d2eed908f45b0f
parent: db52757768737eaea9cd2670eeddf470da5807af [diff]
diff --git a/Makefile-test.am b/Makefile-test.am
index 549a648..5ccdd4a 100644
--- a/Makefile-test.am
+++ b/Makefile-test.am

@@ -304,15 +304,17 @@
 if TESTPTPM
 if PTPMDESTRUCTIVE
 FAPI_TESTS_INTEGRATION += test/integration/fapi-key-create-sign-policy-provision.int
-endif
-#else
+endif #PTPMDESTRUCTIVE
+endif #TESTPTPM
+
+if !TESTPTPM
 FAPI_TESTS_INTEGRATION += \
     test/integration/fapi-key-create-sign-policy-provision.int \
     test/integration/fapi-provision-fingerprint.int \
     test/integration/fapi-provision-certificate.int \
     test/integration/fapi-provision-fingerprint_ecc.int \
     test/integration/fapi-provision-certificate_ecc.int
-endif #TESTPTM
+endif #!TESTPTPM
 
 TESTS_INTEGRATION += $(FAPI_TESTS_INTEGRATION)
 

diff --git a/script/int-log-compiler.sh b/script/int-log-compiler.sh
index e17b9ce..39c41d2 100755
--- a/script/int-log-compiler.sh
+++ b/script/int-log-compiler.sh

@@ -288,7 +288,7 @@
 # Determine the fingerprint of the RSA EK public.
 FINGERPRINT_ECC=$(openssl pkey -pubin -inform PEM -in $EKECCPUB_FILE -outform DER | sha256sum  | cut -f 1 -d ' ')
 export FAPI_TEST_FINGERPRINT_ECC="  { \"hashAlg\" : \"sha256\", \"digest\" : \"$FINGERPRINT_ECC\" }"
-openssl x509 -inform DER -in $EKCERT_FILE -outform PEM -out $EKCERT_PEM_FILE
+openssl x509 -inform DER -in $EKECCCERT_FILE -outform PEM -out $EKECCCERT_PEM_FILE
 export FAPI_TEST_CERTIFICATE_ECC="file:${EKECCCERT_PEM_FILE}"
 
 cat $EKCERT_FILE | \

diff --git a/test/integration/main-fapi.c b/test/integration/main-fapi.c
index fa663db..11d310f 100644
--- a/test/integration/main-fapi.c
+++ b/test/integration/main-fapi.c

@@ -70,7 +70,6 @@
     char *config_env = NULL;
     char *remove_cmd = NULL;
     char *system_dir = NULL;
-    char *ek_cert_less = NULL;
 
     FILE *config_file;
 
@@ -84,13 +83,6 @@
 
     fapi_profile = FAPI_PROFILE;
 
-#if defined(FAPI_TEST_EK_CERT_LESS)
-    ek_cert_less = "yes";
-#else
-    ek_cert_less = "no";
-#endif
-
-
     /* First we construct a fapi config file */
 #if defined(FAPI_NONTPM)
     size = asprintf(&config, "{\n"
@@ -101,9 +93,8 @@
                     "     \"system_pcrs\" : [],\n"
                     "     \"log_dir\" : \"%s\",\n"
                     "     \"tcti\": \"none\",\n"
-                    "     \"ek_cert_less\": \"%s\",\n"
                     "}\n",
-                    tmpdir, tmpdir, tmpdir, ek_cert_less);
+                    tmpdir, tmpdir, tmpdir);
 #elif defined(FAPI_TEST_FINGERPRINT)
     size = asprintf(&config, "{\n"
                     "     \"profile_name\": \"" FAPI_PROFILE "\",\n"
@@ -113,13 +104,15 @@
                     "     \"system_pcrs\" : [],\n"
                     "     \"log_dir\" : \"%s\",\n"
                     "     \"tcti\": \"%s\",\n"
+#if defined(FAPI_TEST_EK_CERT_LESS)
+                    "     \"ek_cert_less\": \"yes\",\n"
+#else
                     "     \"ek_fingerprint\": %s,\n"
-                    "     \"ek_cert_less\": \"%s\",\n"
+#endif
                     "}\n",
                     tmpdir, tmpdir, tmpdir,
                     getenv("TPM20TEST_TCTI"),
-                    getenv("FAPI_TEST_FINGERPRINT"),
-                    ek_cert_less);
+                    getenv("FAPI_TEST_FINGERPRINT"));
 #elif defined(FAPI_TEST_CERTIFICATE)
     size = asprintf(&config, "{\n"
                     "     \"profile_name\": \"" FAPI_PROFILE "\",\n"
@@ -129,13 +122,15 @@
                     "     \"system_pcrs\" : [],\n"
                     "     \"log_dir\" : \"%s\",\n"
                     "     \"tcti\": \"%s\",\n"
+#if defined(FAPI_TEST_EK_CERT_LESS)
+                    "     \"ek_cert_less\": \"yes\",\n"
+#else
                     "     \"ek_cert_file\": \"%s\",\n"
-                    "     \"ek_cert_less\": \"%s\",\n"
+#endif
                     "}\n",
                     tmpdir, tmpdir, tmpdir,
                     getenv("TPM20TEST_TCTI"),
-                    getenv("FAPI_TEST_CERTIFICATE"),
-                    ek_cert_less);
+                    getenv("FAPI_TEST_CERTIFICATE"));
 #elif defined(FAPI_TEST_FINGERPRINT_ECC)
     size = asprintf(&config, "{\n"
                     "     \"profile_name\": \"" FAPI_PROFILE "\",\n"
@@ -145,13 +140,15 @@
                     "     \"system_pcrs\" : [],\n"
                     "     \"log_dir\" : \"%s\",\n"
                     "     \"tcti\": \"%s\",\n"
+#if defined(FAPI_TEST_EK_CERT_LESS)
+                    "     \"ek_cert_less\": \"yes\",\n"
+#else
                     "     \"ek_fingerprint\": %s,\n"
-                    "     \"ek_cert_less\": \"%s\",\n"
+#endif
                     "}\n",
                     tmpdir, tmpdir, tmpdir,
                     getenv("TPM20TEST_TCTI"),
-                    getenv("FAPI_TEST_FINGERPRINT_ECC"),
-                    ek_cert_less);
+                    getenv("FAPI_TEST_FINGERPRINT_ECC"));
 #elif defined(FAPI_TEST_CERTIFICATE_ECC)
     size = asprintf(&config, "{\n"
                     "     \"profile_name\": \"" FAPI_PROFILE "\",\n"
@@ -161,13 +158,15 @@
                     "     \"system_pcrs\" : [],\n"
                     "     \"log_dir\" : \"%s\",\n"
                     "     \"tcti\": \"%s\",\n"
+#if defined(FAPI_TEST_EK_CERT_LESS)
+                    "     \"ek_cert_less\": \"yes\",\n"
+#else
                     "     \"ek_cert_file\": \"%s\",\n"
-                    "     \"ek_cert_less\": \"%s\",\n"
+#endif
                     "}\n",
                     tmpdir, tmpdir, tmpdir,
                     getenv("TPM20TEST_TCTI"),
-                    getenv("FAPI_TEST_CERTIFICATE_ECC"),
-                    ek_cert_less);
+                    getenv("FAPI_TEST_CERTIFICATE_ECC"));
 #else /* FAPI_NONTPM */
     size = asprintf(&config, "{\n"
                     "     \"profile_name\": \"" FAPI_PROFILE "\",\n"
@@ -177,11 +176,12 @@
                     "     \"system_pcrs\" : [],\n"
                     "     \"log_dir\" : \"%s\",\n"
                     "     \"tcti\": \"%s\",\n"
-                    "     \"ek_cert_less\": \"%s\",\n"
+#if defined(FAPI_TEST_EK_CERT_LESS)
+                    "     \"ek_cert_less\": \"yes\",\n"
+#endif
                     "}\n",
                     tmpdir, tmpdir, tmpdir,
-                    getenv("TPM20TEST_TCTI"),
-                    ek_cert_less);
+                    getenv("TPM20TEST_TCTI"));
 #endif /* FAPI_NONTPM */
     if (size < 0) {
         LOG_ERROR("Out of memory");
commit	7bb7a579787b6308df288eea39559a40580817a4	[log] [tgz]
author	Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>	Thu Jan 30 17:35:11 2020 +0100
committer	Tadeusz Struk <tadeusz.struk@intel.com>	Thu Jan 30 13:34:23 2020 -0800
tree	b82fe12c9bd585106ee61bee10d2eed908f45b0f
parent	db52757768737eaea9cd2670eeddf470da5807af [diff]