summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/oeqa/selftest/updater.py23
1 files changed, 23 insertions, 0 deletions
diff --git a/lib/oeqa/selftest/updater.py b/lib/oeqa/selftest/updater.py
index 8ee8378..690dae5 100644
--- a/lib/oeqa/selftest/updater.py
+++ b/lib/oeqa/selftest/updater.py
@@ -1,6 +1,7 @@
1# pylint: disable=C0111,C0325 1# pylint: disable=C0111,C0325
2import os 2import os
3import logging 3import logging
4import re
4import subprocess 5import subprocess
5import unittest 6import unittest
6from time import sleep 7from time import sleep
@@ -273,6 +274,7 @@ class HsmTests(oeSelfTest):
273 self.assertIn(b'Fetched metadata: no', stdout, 274 self.assertIn(b'Fetched metadata: no', stdout,
274 'Device already provisioned!? ' + stderr.decode() + stdout.decode()) 275 'Device already provisioned!? ' + stderr.decode() + stdout.decode())
275 276
277 # Verify that HSM is not yet initialized.
276 pkcs11_command = 'pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O' 278 pkcs11_command = 'pkcs11-tool --module=/usr/lib/softhsm/libsofthsm2.so -O'
277 stdout, stderr, retcode = self.run_command(pkcs11_command) 279 stdout, stderr, retcode = self.run_command(pkcs11_command)
278 self.assertNotEqual(retcode, 0, 'pkcs11-tool succeeded before initialization: ' + 280 self.assertNotEqual(retcode, 0, 'pkcs11-tool succeeded before initialization: ' +
@@ -282,6 +284,7 @@ class HsmTests(oeSelfTest):
282 self.assertNotEqual(retcode, 0, 'softhsm2-tool succeeded before initialization: ' + 284 self.assertNotEqual(retcode, 0, 'softhsm2-tool succeeded before initialization: ' +
283 stdout.decode() + stderr.decode()) 285 stdout.decode() + stderr.decode())
284 286
287 # Run cert_provider.
285 bb_vars = get_bb_vars(['SYSROOT_DESTDIR', 'bindir', 'libdir', 288 bb_vars = get_bb_vars(['SYSROOT_DESTDIR', 'bindir', 'libdir',
286 'SOTA_PACKED_CREDENTIALS'], 'aktualizr-native') 289 'SOTA_PACKED_CREDENTIALS'], 'aktualizr-native')
287 l = bb_vars['libdir'] 290 l = bb_vars['libdir']
@@ -297,6 +300,7 @@ class HsmTests(oeSelfTest):
297 result = runCmd(command, ignore_status=True) 300 result = runCmd(command, ignore_status=True)
298 self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output) 301 self.assertEqual(result.status, 0, "Status not equal to 0. output: %s" % result.output)
299 302
303 # Verify that HSM is able to initialize.
300 ran_ok = False 304 ran_ok = False
301 for delay in [5, 5, 5, 5, 10]: 305 for delay in [5, 5, 5, 5, 10]:
302 sleep(delay) 306 sleep(delay)
@@ -314,6 +318,20 @@ class HsmTests(oeSelfTest):
314 self.assertIn(b'User PIN init.: yes', hsm_out, 'softhsm2-tool failed: ' + 318 self.assertIn(b'User PIN init.: yes', hsm_out, 'softhsm2-tool failed: ' +
315 hsm_err.decode() + hsm_out.decode()) 319 hsm_err.decode() + hsm_out.decode())
316 320
321 # Check that pkcs11 output matches sofhsm output.
322 p11_p = re.compile(r'Using slot [0-9] with a present token \((0x[0-9a-f]*)\)\s')
323 p11_m = p11_p.search(p11_err.decode())
324 self.assertTrue(p11_m, 'Slot number not found with pkcs11-tool: ' + p11_err.decode() + p11_out.decode())
325 self.assertGreater(p11_m.lastindex, 0, 'Slot number not found with pkcs11-tool: ' +
326 p11_err.decode() + p11_out.decode())
327 hsm_p = re.compile(r'Description:\s*SoftHSM slot ID (0x[0-9a-f]*)\s')
328 hsm_m = hsm_p.search(hsm_out.decode())
329 self.assertTrue(hsm_m, 'Slot number not found with softhsm2-tool: ' + hsm_err.decode() + hsm_out.decode())
330 self.assertGreater(hsm_m.lastindex, 0, 'Slot number not found with softhsm2-tool: ' +
331 hsm_err.decode() + hsm_out.decode())
332 self.assertEqual(p11_m.group(1), hsm_m.group(1), 'Slot number does not match: ' +
333 p11_err.decode() + p11_out.decode() + hsm_err.decode() + hsm_out.decode())
334
317 # Verify that device HAS provisioned. 335 # Verify that device HAS provisioned.
318 ran_ok = False 336 ran_ok = False
319 for delay in [5, 5, 5, 5, 10]: 337 for delay in [5, 5, 5, 5, 10]:
@@ -326,6 +344,11 @@ class HsmTests(oeSelfTest):
326 self.assertIn(b'Primary ecu hardware ID: qemux86-64', stdout, 344 self.assertIn(b'Primary ecu hardware ID: qemux86-64', stdout,
327 'Provisioning failed: ' + stderr.decode() + stdout.decode()) 345 'Provisioning failed: ' + stderr.decode() + stdout.decode())
328 self.assertIn(b'Fetched metadata: yes', stdout, 'Provisioning failed: ' + stderr.decode() + stdout.decode()) 346 self.assertIn(b'Fetched metadata: yes', stdout, 'Provisioning failed: ' + stderr.decode() + stdout.decode())
347 p = re.compile(r'Device ID: ([a-z0-9-]*)\n')
348 m = p.search(stdout.decode())
349 self.assertTrue(m, 'Device ID could not be read: ' + stderr.decode() + stdout.decode())
350 self.assertGreater(m.lastindex, 0, 'Device ID could not be read: ' + stderr.decode() + stdout.decode())
351 logger.info('Device successfully provisioned with ID: ' + m.group(1))
329 352
330 353
331def qemu_launch(efi=False, machine=None): 354def qemu_launch(efi=False, machine=None):