From a47c19cba4a8519c767b31b2a36954dc12c3a32f Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Fri, 30 May 2025 21:56:32 +0000 Subject: [PATCH 1/9] feat: optionally ignore prerelease info from tss version, could be git-dirty, the rest of the version still has to match --- tss-esapi/README.md | 15 +++++++++++---- tss-esapi/build.rs | 14 +++++++++++--- 2 files changed, 22 insertions(+), 7 deletions(-) diff --git a/tss-esapi/README.md b/tss-esapi/README.md index 3ee4a12be..4089937a1 100644 --- a/tss-esapi/README.md +++ b/tss-esapi/README.md @@ -1,4 +1,4 @@ -# TPM2 Software Stack Rust Wrapper +# TPM2 Software Stack Rust Wrapper

Crates.io @@ -6,12 +6,12 @@

-This is the high-level, Rust idiomatic wrapper crate that exposes an interface +This is the high-level, Rust idiomatic wrapper crate that exposes an interface to [TSS](https://github.com/tpm2-software/tpm2-tss). This crate depends on the [`tss-esapi-sys`](../tss-esapi-sys/) crate for its FFI interface. By default, pre-generated bindings are used. If you'd like the -bindings to be generated at build time, please enable either the +bindings to be generated at build time, please enable either the `generate-bindings` feature - the FFI bindings will then be generated at build time using the headers identified on the system. @@ -31,7 +31,7 @@ The crate currently offers the following features: * `abstraction` (enabled by default) - provides a set of abstracted primitives on top of the basic Rust-native ESAPI API provided by the crate. This feature can be turned off to reduce the number of dependencies built. -* `serde` - enable serde `Serialize`/`Deserialize` traits for types. +* `serde` - enable serde `Serialize`/`Deserialize` traits for types. * `rustcrypto-full` (disabled by default) - provides conversion from all supported elliptic curves, rsa or hashes. Support for individual hash, rsa or curves can be pulled individually. @@ -45,4 +45,11 @@ The crate currently offers the following features: For more information on cross-compiling the `tss-esapi` crate, please see the README of the `tss-esapi-sys` crate. +## Building against libtss2 + +The [TSS](https://github.com/tpm2-software/tpm2-tss) library can be installed from Debian, RPM, or other packaging manager. +It will install a pkg-config definition to indicate how to compile and link against the library. +When it is installed via source, and/or if it has been edited (such as to debug things), then the version number will be marked with the git commit (and dirty flag). The resulting version string is unfortunately not compatible with the semver parser/comparing mechanism, and it can be rejected. +Setting the environment variable TPM2\_TSS\_VERSION\_IGNORE\]_PRERELEASE to a non-empty string will cause the build system to ignore this pre-release information. + *Copyright 2021 Contributors to the Parsec project.* diff --git a/tss-esapi/build.rs b/tss-esapi/build.rs index 39c3a0a18..ef3f3305c 100644 --- a/tss-esapi/build.rs +++ b/tss-esapi/build.rs @@ -1,8 +1,9 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 -use semver::{Version, VersionReq}; +use semver::{Version, VersionReq, Prerelease}; const TPM2_TSS_MINIMUM_VERSION: Version = Version::new(4, 1, 3); +const TPM2_TSS_VERSION_IGNORE_PRERELEASE: &str = "TPM2_TSS_VERSION_IGNORE_PRERELEASE"; fn main() { println!("cargo:rustc-check-cfg=cfg(hierarchy_is_esys_tr)"); @@ -20,15 +21,22 @@ fn main() { .expect("Failed to parse ENV variable DEP_TSS2_ESYS_VERSION as string"); Version::parse(&tss_version_string) - .expect("Failed to parse the DEP_TSS2_ESYS_VERSION variable as a semver version") + .map(|mut v| { + if std::env::var(TPM2_TSS_VERSION_IGNORE_PRERELEASE).is_ok() { + v.pre = Prerelease::EMPTY; + } + v + }) + .expect("Failed to parse the DEP_TSS2_ESYS_VERSION variable {tss_version_string} as a semver version") }; let supported_tss_version = VersionReq::parse("<5.0.0, >=2.3.3").expect("Failed to parse supported TSS version"); + //eprintln!("tss version: {} / {:?}", supported_tss_version, tss_version); assert!( supported_tss_version.matches(&tss_version), - "Unsupported TSS version {tss_version}" + "Unsupported TSS version {tss_version}, maybe try {TPM2_TSS_VERSION_IGNORE_PRERELEASE}=true" ); let hierarchy_is_esys_tr_req = VersionReq::parse(">=3.0.0").unwrap(); From 7ec81d26c792c9fca82f2f00a1db86a1f021e23b Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Thu, 13 Nov 2025 20:33:52 -0500 Subject: [PATCH 2/9] bug: mark some unused things as allowed, and comment them out --- tss-esapi/src/lib.rs | 1 + 1 file changed, 1 insertion(+) diff --git a/tss-esapi/src/lib.rs b/tss-esapi/src/lib.rs index a07b2ca1b..77e895c8d 100644 --- a/tss-esapi/src/lib.rs +++ b/tss-esapi/src/lib.rs @@ -29,6 +29,7 @@ missing_copy_implementations, rustdoc::broken_intra_doc_links, )] +#![feature(stmt_expr_attributes)] //! # TSS 2.0 Rust Wrapper over Enhanced System API //! This crate exposes the functionality of the TCG Software Stack Enhanced System API to From 36d17ba5878e4d522a6ecc553ca823fcdcbbbfda Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Sun, 21 Dec 2025 18:09:30 -0500 Subject: [PATCH 3/9] feat: be specific about what error is being returned --- ...igning_and_signature_verification_tests.rs | 22 ++++++++++++------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs index 499aa9fd6..63cabdd26 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs @@ -174,6 +174,7 @@ mod test_sign { algorithm::RsaSchemeAlgorithm, key_bits::RsaKeyBits, reserved_handles::Hierarchy, }, structures::{Auth, Digest, RsaExponent, RsaScheme, SignatureScheme}, + ReturnCode, }; use { @@ -276,14 +277,19 @@ mod test_sign { .unwrap() .key_handle; - context - .sign( - key_handle, - Digest::try_from([0xbb; 40].to_vec()).unwrap(), - SignatureScheme::Null, - None, - ) - .unwrap_err(); + assert_eq!( + context + .sign( + key_handle, + Digest::try_from([0xbb; 40].to_vec()).unwrap(), + SignatureScheme::Null, + None, + ) + .unwrap_err(), + tss_esapi::Error::TssError(ReturnCode::Tpm(TpmResponseCode::FormatOne( + TpmFormatOneResponseCode::new(Size, Parameter(1)) + ))) + ); } #[cfg(feature = "p256")] From 791d5173c56d478f1fd63cff1e27cdc3c2ca80d8 Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Wed, 17 Dec 2025 23:03:47 -0500 Subject: [PATCH 4/9] wip: this patches property_tag.rs so that new TPM2_PT_ values that come from a TPM do not Err out This gets certify.rs some steps further: it then runs into an authorization error --- tss-esapi/src/abstraction/nv.rs | 4 ++-- tss-esapi/src/constants/mod.rs | 2 +- tss-esapi/src/constants/property_tag.rs | 25 +++++++++++++++++-------- tss-esapi/src/utils/mod.rs | 10 +++++----- 4 files changed, 25 insertions(+), 16 deletions(-) diff --git a/tss-esapi/src/abstraction/nv.rs b/tss-esapi/src/abstraction/nv.rs index 01562e688..40f7d46f8 100644 --- a/tss-esapi/src/abstraction/nv.rs +++ b/tss-esapi/src/abstraction/nv.rs @@ -7,7 +7,7 @@ use std::{ }; use crate::{ - constants::{tss::*, CapabilityType, PropertyTag}, + constants::{tss::*, CapabilityType, PropertyTag, PrimitivePropertyTag}, handles::{AuthHandle, NvIndexHandle, NvIndexTpmHandle, TpmHandle}, interface_types::reserved_handles::NvAuth, structures::{CapabilityData, MaxNvBuffer, Name, NvPublic}, @@ -154,7 +154,7 @@ impl NvOpenOptions { /// Get the maximum buffer size for an NV space. pub fn max_nv_buffer_size(ctx: &mut Context) -> Result { Ok(ctx - .get_tpm_property(PropertyTag::NvBufferMax)? + .get_tpm_property(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::NvBufferMax))? .map(usize::try_from) .transpose() .map_err(|_| { diff --git a/tss-esapi/src/constants/mod.rs b/tss-esapi/src/constants/mod.rs index f1ada1a78..299fb7096 100644 --- a/tss-esapi/src/constants/mod.rs +++ b/tss-esapi/src/constants/mod.rs @@ -64,7 +64,7 @@ pub use command_code::CommandCode; pub use ecc::EccCurveIdentifier; pub use nv_index_type::NvIndexType; pub use pcr_property_tag::PcrPropertyTag; -pub use property_tag::PropertyTag; +pub use property_tag::{PropertyTag,PrimitivePropertyTag}; pub use return_code::{ BaseError, ReturnCodeLayer, TpmFormatOneError, TpmFormatZeroError, TpmFormatZeroWarning, }; diff --git a/tss-esapi/src/constants/property_tag.rs b/tss-esapi/src/constants/property_tag.rs index ec8eca1da..1321b9afa 100644 --- a/tss-esapi/src/constants/property_tag.rs +++ b/tss-esapi/src/constants/property_tag.rs @@ -1,14 +1,13 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 -use crate::{constants::tss::*, tss2_esys::TPM2_PT, Error, Result, WrapperErrorKind}; -use log::error; +use crate::{constants::tss::*, tss2_esys::TPM2_PT, Error, Result}; use num_derive::{FromPrimitive, ToPrimitive}; use num_traits::{FromPrimitive, ToPrimitive}; use std::convert::TryFrom; #[derive(FromPrimitive, ToPrimitive, Debug, Clone, Copy, PartialEq, Eq, Hash)] #[repr(u32)] -pub enum PropertyTag { +pub enum PrimitivePropertyTag { None = TPM2_PT_NONE, // Fixed FamilyIndicator = TPM2_PT_FAMILY_INDICATOR, @@ -81,19 +80,29 @@ pub enum PropertyTag { AuditCounter1 = TPM2_PT_AUDIT_COUNTER_1, } +#[derive(Debug, Clone, Copy, PartialEq, Eq, Hash)] +pub enum PropertyTag { + PrimitivePropertyTag(PrimitivePropertyTag), + Other(u32), +} + + impl From for TPM2_PT { fn from(property_tag: PropertyTag) -> TPM2_PT { // The values are well defined so this cannot fail. - property_tag.to_u32().unwrap() + match property_tag { + PropertyTag::PrimitivePropertyTag(base) => { base.to_u32().unwrap() }, + PropertyTag::Other(value) => { value }, + } } } impl TryFrom for PropertyTag { type Error = Error; fn try_from(tpm_pt: TPM2_PT) -> Result { - PropertyTag::from_u32(tpm_pt).ok_or_else(|| { - error!("value = {} did not match any PropertyTag.", tpm_pt); - Error::local_error(WrapperErrorKind::InvalidParam) - }) + match PrimitivePropertyTag::from_u32(tpm_pt) { + Some(x) => { Ok(PropertyTag::PrimitivePropertyTag(x)) }, + None => { Ok(PropertyTag::Other(tpm_pt)) }, + } } } diff --git a/tss-esapi/src/utils/mod.rs b/tss-esapi/src/utils/mod.rs index 3bce90967..854a61154 100644 --- a/tss-esapi/src/utils/mod.rs +++ b/tss-esapi/src/utils/mod.rs @@ -9,7 +9,7 @@ //! type name. Unions are converted to Rust `enum`s by dropping the `TPMU` qualifier and appending //! `Union`. use crate::attributes::ObjectAttributesBuilder; -use crate::constants::PropertyTag; +use crate::constants::{PropertyTag,PrimitivePropertyTag}; use crate::interface_types::{ algorithm::{HashingAlgorithm, PublicAlgorithm}, ecc::EccCurve, @@ -248,10 +248,10 @@ fn tpm_int_to_string(num: u32) -> String { pub fn get_tpm_vendor(context: &mut Context) -> Result { // Retrieve the TPM property values Ok([ - PropertyTag::VendorString1, - PropertyTag::VendorString2, - PropertyTag::VendorString3, - PropertyTag::VendorString4, + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::VendorString1), + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::VendorString2), + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::VendorString3), + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::VendorString4), ] .iter() // Retrieve property values From 7b617c80d0ff8664b7b9d2802b814d71ae7b357a Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Sun, 21 Dec 2025 19:31:45 -0500 Subject: [PATCH 5/9] feat: fix tests that user PropertyTag --- tss-esapi/src/abstraction/nv.rs | 6 +- tss-esapi/src/constants/mod.rs | 2 +- tss-esapi/src/constants/property_tag.rs | 9 ++- tss-esapi/src/context.rs | 4 +- tss-esapi/src/utils/mod.rs | 2 +- .../abstraction_tests/ak_tests.rs | 8 ++- .../tpm_commands/capability_commands_tests.rs | 12 +++- ...igning_and_signature_verification_tests.rs | 4 ++ .../tagged_tpm_property_list_tests.rs | 62 ++++++++++++------- .../structures_tests/tagged_property_tests.rs | 4 +- 10 files changed, 76 insertions(+), 37 deletions(-) diff --git a/tss-esapi/src/abstraction/nv.rs b/tss-esapi/src/abstraction/nv.rs index 40f7d46f8..117dbe06d 100644 --- a/tss-esapi/src/abstraction/nv.rs +++ b/tss-esapi/src/abstraction/nv.rs @@ -7,7 +7,7 @@ use std::{ }; use crate::{ - constants::{tss::*, CapabilityType, PropertyTag, PrimitivePropertyTag}, + constants::{tss::*, CapabilityType, PrimitivePropertyTag, PropertyTag}, handles::{AuthHandle, NvIndexHandle, NvIndexTpmHandle, TpmHandle}, interface_types::reserved_handles::NvAuth, structures::{CapabilityData, MaxNvBuffer, Name, NvPublic}, @@ -154,7 +154,9 @@ impl NvOpenOptions { /// Get the maximum buffer size for an NV space. pub fn max_nv_buffer_size(ctx: &mut Context) -> Result { Ok(ctx - .get_tpm_property(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::NvBufferMax))? + .get_tpm_property(PropertyTag::PrimitivePropertyTag( + PrimitivePropertyTag::NvBufferMax, + ))? .map(usize::try_from) .transpose() .map_err(|_| { diff --git a/tss-esapi/src/constants/mod.rs b/tss-esapi/src/constants/mod.rs index 299fb7096..4cd88c464 100644 --- a/tss-esapi/src/constants/mod.rs +++ b/tss-esapi/src/constants/mod.rs @@ -64,7 +64,7 @@ pub use command_code::CommandCode; pub use ecc::EccCurveIdentifier; pub use nv_index_type::NvIndexType; pub use pcr_property_tag::PcrPropertyTag; -pub use property_tag::{PropertyTag,PrimitivePropertyTag}; +pub use property_tag::{PrimitivePropertyTag, PropertyTag}; pub use return_code::{ BaseError, ReturnCodeLayer, TpmFormatOneError, TpmFormatZeroError, TpmFormatZeroWarning, }; diff --git a/tss-esapi/src/constants/property_tag.rs b/tss-esapi/src/constants/property_tag.rs index 1321b9afa..a3201e1c8 100644 --- a/tss-esapi/src/constants/property_tag.rs +++ b/tss-esapi/src/constants/property_tag.rs @@ -86,13 +86,12 @@ pub enum PropertyTag { Other(u32), } - impl From for TPM2_PT { fn from(property_tag: PropertyTag) -> TPM2_PT { // The values are well defined so this cannot fail. match property_tag { - PropertyTag::PrimitivePropertyTag(base) => { base.to_u32().unwrap() }, - PropertyTag::Other(value) => { value }, + PropertyTag::PrimitivePropertyTag(base) => base.to_u32().unwrap(), + PropertyTag::Other(value) => value, } } } @@ -101,8 +100,8 @@ impl TryFrom for PropertyTag { type Error = Error; fn try_from(tpm_pt: TPM2_PT) -> Result { match PrimitivePropertyTag::from_u32(tpm_pt) { - Some(x) => { Ok(PropertyTag::PrimitivePropertyTag(x)) }, - None => { Ok(PropertyTag::Other(tpm_pt)) }, + Some(x) => Ok(PropertyTag::PrimitivePropertyTag(x)), + None => Ok(PropertyTag::Other(tpm_pt)), } } } diff --git a/tss-esapi/src/context.rs b/tss-esapi/src/context.rs index adb26e999..1d9839b00 100644 --- a/tss-esapi/src/context.rs +++ b/tss-esapi/src/context.rs @@ -356,7 +356,7 @@ impl Context { /// # Example /// /// ```rust - /// # use tss_esapi::{Context, tcti_ldr::TctiNameConf, constants::PropertyTag}; + /// # use tss_esapi::{Context, tcti_ldr::TctiNameConf, constants::{PropertyTag,PrimitivePropertyTag}}; /// # use std::str::FromStr; /// # // Create context /// # let mut context = @@ -364,7 +364,7 @@ impl Context { /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), /// # ).expect("Failed to create Context"); /// let rev = context - /// .get_tpm_property(PropertyTag::Revision) + /// .get_tpm_property(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Revision)) /// .expect("Wrong value from TPM") /// .expect("Value is not supported"); /// ``` diff --git a/tss-esapi/src/utils/mod.rs b/tss-esapi/src/utils/mod.rs index 854a61154..d6b8d351a 100644 --- a/tss-esapi/src/utils/mod.rs +++ b/tss-esapi/src/utils/mod.rs @@ -9,7 +9,7 @@ //! type name. Unions are converted to Rust `enum`s by dropping the `TPMU` qualifier and appending //! `Union`. use crate::attributes::ObjectAttributesBuilder; -use crate::constants::{PropertyTag,PrimitivePropertyTag}; +use crate::constants::{PrimitivePropertyTag, PropertyTag}; use crate::interface_types::{ algorithm::{HashingAlgorithm, PublicAlgorithm}, ecc::EccCurve, diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs index aafbdb6c0..e816ccbe5 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs @@ -76,7 +76,7 @@ fn test_create_ak_rsa_ecc() { None, ) .unwrap(); - if let Err(Error::WrapperError(WrapperErrorKind::InconsistentParams)) = ak::create_ak( + if let Err(Error::WrapperError(errno)) = ak::create_ak( &mut context, ek_rsa, HashingAlgorithm::Sha256, @@ -85,6 +85,12 @@ fn test_create_ak_rsa_ecc() { None, None, ) { + match errno { + WrapperErrorKind::InconsistentParams => {} + _ => { + panic!("unexpected error {:?}", errno) + } + } } else { panic!( "Should've gotten an 'InconsistentParams' error when trying to create an a P256 AK with an SM2 signing scheme." diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs index 876b7eab8..3d6318179 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs @@ -3,7 +3,9 @@ mod test_get_capability { use crate::common::create_ctx_without_session; use tss_esapi::{ - constants::{tss::TPM2_PT_VENDOR_STRING_1, CapabilityType, PropertyTag}, + constants::{ + tss::TPM2_PT_VENDOR_STRING_1, CapabilityType, PrimitivePropertyTag, PropertyTag, + }, structures::CapabilityData, }; @@ -26,13 +28,17 @@ mod test_get_capability { let mut context = create_ctx_without_session(); let rev = context - .get_tpm_property(PropertyTag::Revision) + .get_tpm_property(PropertyTag::PrimitivePropertyTag( + PrimitivePropertyTag::Revision, + )) .expect("Failed to call get_tpm_property") .expect("The TPM did not have a value for the Reveision property tag"); assert_ne!(rev, 0); let year = context - .get_tpm_property(PropertyTag::Year) + .get_tpm_property(PropertyTag::PrimitivePropertyTag( + PrimitivePropertyTag::Year, + )) .expect("Failed to call get_tpm_property") .expect("The TPM did not have a value for the Year property tag"); assert_ne!(year, 0); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs index 63cabdd26..09c9ce21c 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs @@ -170,6 +170,10 @@ mod test_sign { use crate::common::{create_ctx_with_session, signing_key_pub, HASH}; use std::convert::TryFrom; use tss_esapi::{ + constants::TpmFormatOneError::Size, + error::ArgumentNumber::Parameter, + error::TpmFormatOneResponseCode, + error::TpmResponseCode, interface_types::{ algorithm::RsaSchemeAlgorithm, key_bits::RsaKeyBits, reserved_handles::Hierarchy, }, diff --git a/tss-esapi/tests/integration_tests/structures_tests/lists_tests/tagged_tpm_property_list_tests.rs b/tss-esapi/tests/integration_tests/structures_tests/lists_tests/tagged_tpm_property_list_tests.rs index b1f4f9cef..d18c94021 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/lists_tests/tagged_tpm_property_list_tests.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/lists_tests/tagged_tpm_property_list_tests.rs @@ -2,7 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 use std::convert::{TryFrom, TryInto}; use tss_esapi::{ - constants::PropertyTag, + constants::{PrimitivePropertyTag, PropertyTag}, structures::{TaggedProperty, TaggedTpmPropertyList}, tss2_esys::{TPML_TAGGED_TPM_PROPERTY, TPMS_TAGGED_PROPERTY}, Error, WrapperErrorKind, @@ -10,9 +10,18 @@ use tss_esapi::{ #[test] fn test_valid_conversions() { let expected_tagged_properties: Vec = vec![ - TaggedProperty::new(PropertyTag::FamilyIndicator, 8u32), - TaggedProperty::new(PropertyTag::Level, 12u32), - TaggedProperty::new(PropertyTag::HrLoadedMin, 24u32), + TaggedProperty::new( + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::FamilyIndicator), + 8u32, + ), + TaggedProperty::new( + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Level), + 12u32, + ), + TaggedProperty::new( + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::HrLoadedMin), + 24u32, + ), ]; let expected_tpml_tagged_tpm_property: TPML_TAGGED_TPM_PROPERTY = expected_tagged_properties @@ -72,7 +81,7 @@ fn test_valid_conversions() { fn test_invalid_conversions() { assert_eq!( Err(Error::WrapperError(WrapperErrorKind::InvalidParam)), - TaggedTpmPropertyList::try_from(vec![TaggedProperty::new(PropertyTag::FamilyIndicator, 8u32); TaggedTpmPropertyList::MAX_SIZE + 1]), + TaggedTpmPropertyList::try_from(vec![TaggedProperty::new(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::FamilyIndicator), 8u32); TaggedTpmPropertyList::MAX_SIZE + 1]), "Converting a vector with to many elements into a TaggedTpmPropertyList did not produce the expected error", ); @@ -89,40 +98,51 @@ fn test_invalid_conversions() { #[test] fn test_find() { let tagged_tpm_property_list: TaggedTpmPropertyList = vec![ - TaggedProperty::new(PropertyTag::FamilyIndicator, 8u32), - TaggedProperty::new(PropertyTag::Level, 12u32), - TaggedProperty::new(PropertyTag::HrLoadedMin, 24u32), + TaggedProperty::new( + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::FamilyIndicator), + 8u32, + ), + TaggedProperty::new( + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Level), + 12u32, + ), + TaggedProperty::new( + PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::HrLoadedMin), + 24u32, + ), ] .try_into() .expect("Failed to convert Vec into TaggedTpmPropertyList"); assert_eq!( - &TaggedProperty::new(PropertyTag::FamilyIndicator, 8u32), + &TaggedProperty::new(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::FamilyIndicator), 8u32), tagged_tpm_property_list - .find(PropertyTag::FamilyIndicator) - .expect("Calling find with PropertyTag::FamilyIndicator returned an unexpected 'None'"), - "'find(PropertyTag::FamilyIndicator)' did not return the expected TaggedProperty value", + .find(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::FamilyIndicator)) + .expect("Calling find with PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::FamilyIndicator) returned an unexpected 'None'"), + "'find(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::FamilyIndicator))' did not return the expected TaggedProperty value", ); assert_eq!( - &TaggedProperty::new(PropertyTag::Level, 12u32), + &TaggedProperty::new(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Level), 12u32), tagged_tpm_property_list - .find(PropertyTag::Level) - .expect("Calling find with PropertyTag::Level returned an unexpected 'None'"), - "'find(PropertyTag::Level)' did not return the expected TaggedProperty value", + .find(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Level)) + .expect("Calling find with PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Level) returned an unexpected 'None'"), + "'find(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Level))' did not return the expected TaggedProperty value", ); assert_eq!( - &TaggedProperty::new(PropertyTag::HrLoadedMin, 24u32), + &TaggedProperty::new(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::HrLoadedMin), 24u32), tagged_tpm_property_list - .find(PropertyTag::HrLoadedMin) - .expect("Calling find with PropertyTag::HrLoadedMin returned an unexpected 'None'"), - "'find(PropertyTag::HrLoadedMin)' did not return the expected TaggedProperty value", + .find(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::HrLoadedMin)) + .expect("Calling find with PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::HrLoadedMin) returned an unexpected 'None'"), + "'find(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::HrLoadedMin))' did not return the expected TaggedProperty value", ); assert!( tagged_tpm_property_list - .find(PropertyTag::AlgorithmSet) + .find(PropertyTag::PrimitivePropertyTag( + PrimitivePropertyTag::AlgorithmSet + )) .is_none(), "A value that should not exist was found in the TaggedTpmPropertyList" ); diff --git a/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs b/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs index b9d10b037..b3e2adea5 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs @@ -1,7 +1,9 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 use tss_esapi::{ - constants::PropertyTag, structures::TaggedProperty, tss2_esys::TPMS_TAGGED_PROPERTY, + constants::{PrimitivePropertyTag, PropertyTag}, + structures::TaggedProperty, + tss2_esys::TPMS_TAGGED_PROPERTY, }; use std::convert::TryInto; From 935618d3b32981723dfdcbfacba29b24ea73953a Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Tue, 23 Dec 2025 19:47:40 -0500 Subject: [PATCH 6/9] feat: failing test needs to fail with expected error --- tss-esapi/src/abstraction/ek.rs | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tss-esapi/src/abstraction/ek.rs b/tss-esapi/src/abstraction/ek.rs index dcba25ad2..98a869a1a 100644 --- a/tss-esapi/src/abstraction/ek.rs +++ b/tss-esapi/src/abstraction/ek.rs @@ -38,6 +38,8 @@ const AUTHPOLICY_A_SHA256: [u8; 32] = [ 0x83, 0x71, 0x97, 0x67, 0x44, 0x84, 0xb3, 0xf8, 0x1a, 0x90, 0xcc, 0x8d, 0x46, 0xa5, 0xd7, 0x24, 0xfd, 0x52, 0xd7, 0x6e, 0x06, 0x52, 0x0b, 0x64, 0xf2, 0xa1, 0xda, 0x1b, 0x33, 0x14, 0x69, 0xaa, ]; + +#[allow(unused)] const AUTHPOLICY_B_SHA384: [u8; 48] = [ 0xb2, 0x6e, 0x7d, 0x28, 0xd1, 0x1a, 0x50, 0xbc, 0x53, 0xd8, 0x82, 0xbc, 0xf5, 0xfd, 0x3a, 0x1a, 0x07, 0x41, 0x48, 0xbb, 0x35, 0xd3, 0xb4, 0xe4, 0xcb, 0x1c, 0x0a, 0xd9, 0xbd, 0xe4, 0x19, 0xca, @@ -103,8 +105,8 @@ pub fn create_ek_public_from_default_template( PublicKeyRsa::new_empty_with_size(RsaKeyBits::Rsa2048), ), RsaKeyBits::Rsa3072 | RsaKeyBits::Rsa4096 => ( - HashingAlgorithm::Sha384, - AUTHPOLICY_B_SHA384.into(), + HashingAlgorithm::Sha256, + AUTHPOLICY_A_SHA256.into(), SymmetricDefinitionObject::AES_256_CFB, PublicKeyRsa::new_empty(), ), @@ -139,8 +141,8 @@ pub fn create_ek_public_from_default_template( 32, ), EccCurve::NistP384 => ( - HashingAlgorithm::Sha384, - AUTHPOLICY_B_SHA384.into(), + HashingAlgorithm::Sha256, + AUTHPOLICY_A_SHA256.into(), SymmetricDefinitionObject::AES_256_CFB, 0, ), From a64d39c6552dbb3f22a52b54975946ded8e0d263 Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Sun, 21 Dec 2025 19:30:18 -0500 Subject: [PATCH 7/9] feat: mark some integration tests as needing serial execution due to interactions with swtpm --- tss-esapi/Cargo.toml | 1 + .../abstraction_tests/ak_tests.rs | 8 +++++ .../abstraction_tests/ek_tests.rs | 4 +++ .../abstraction_tests/no_tpm/quote_test.rs | 7 ++++ .../abstraction_tests/nv_tests.rs | 4 +++ .../abstraction_tests/pcr_data_tests.rs | 1 + .../abstraction_tests/pcr_tests.rs | 1 + .../abstraction_tests/public_tests.rs | 7 ++++ .../transient_key_context_tests.rs | 24 ++++++++++++++ .../algorithm_attributes_tests.rs | 1 + .../command_code_attributes_tests.rs | 1 + .../locality_attributes_tests.rs | 1 + .../nv_index_attributes_tests.rs | 1 + .../session_attributes_tests.rs | 1 + .../constants_tests/algorithm_tests.rs | 1 + .../constants_tests/capabilities_tests.rs | 1 + .../constants_tests/command_code_tests.rs | 1 + .../constants_tests/nv_index_type_tests.rs | 1 + .../constants_tests/pcr_property_tag_tests.rs | 1 + .../base_return_code_tests.rs | 1 + .../return_code_layer_tests.rs | 1 + .../tpm_format_one_error_tests.rs | 1 + .../tpm_format_zero_error_tests.rs | 1 + .../tpm_format_zero_warning_tests.rs | 1 + .../context_tests/general_esys_tr_tests.rs | 6 ++++ .../asymmetric_primitives_tests.rs | 3 ++ .../attestation_commands_tests.rs | 6 ++++ .../tpm_commands/capability_commands_tests.rs | 3 ++ .../tpm_commands/context_management_tests.rs | 10 ++++++ .../duplication_commands_tests.rs | 2 ++ ...nhanced_authorization_ea_commands_tests.rs | 32 +++++++++++++++++++ .../tpm_commands/hierarchy_commands_tests.rs | 9 ++++++ .../integrity_collection_pcr_tests.rs | 5 +++ .../non_volatile_storage_tests.rs | 15 +++++++++ .../tpm_commands/object_commands_tests.rs | 15 +++++++++ .../random_number_generator_tests.rs | 5 +++ .../tpm_commands/session_commands_tests.rs | 9 ++++++ ...igning_and_signature_verification_tests.rs | 12 +++++++ .../tpm_commands/startup_tests.rs | 4 +++ .../symmetric_primitives_tests.rs | 7 ++++ .../tpm_commands/testing_tests.rs | 4 +++ .../error_tests/return_code_tests.rs | 3 ++ .../return_code_tests/base_tests.rs | 1 + .../return_code_tests/esapi_tests.rs | 5 +++ .../return_code_tests/fapi_tests.rs | 4 +++ .../return_code_tests/muapi_tests.rs | 4 +++ .../resource_manager_tests.rs | 2 ++ .../resource_manager_tpm_tests.rs | 1 + .../interface_types_tests/algorithms_tests.rs | 18 +++++++++++ .../data_handles_tests.rs | 5 +++ .../reserved_handles_tests.rs | 11 +++++++ .../structure_tags_tests.rs | 2 ++ .../structures_tests/attest_tests.rs | 9 ++++++ .../buffers_tests/sensitive.rs | 4 +++ .../sensitive_create_buffer_tests.rs | 7 ++++ .../structures_tests/capability_data_tests.rs | 12 +++++++ .../structures_tests/tagged_property_tests.rs | 2 +- .../tagged_tests/parameters_tests.rs | 6 ++++ .../tcti_ldr_tests/tcti_context_tests.rs | 2 ++ .../tcti_ldr_tests/tcti_info_tests.rs | 2 ++ .../utils_tests/get_tpm_vendor_test.rs | 2 ++ 61 files changed, 320 insertions(+), 1 deletion(-) diff --git a/tss-esapi/Cargo.toml b/tss-esapi/Cargo.toml index fa8e9fed6..c23b31902 100644 --- a/tss-esapi/Cargo.toml +++ b/tss-esapi/Cargo.toml @@ -66,6 +66,7 @@ paste = "1.0.14" getrandom = "0.2.11" [dev-dependencies] +serial_test = "*" env_logger = "0.11.5" serde_json = "^1.0.108" sha2 = { version = "0.10.8", features = ["oid"] } diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs index e816ccbe5..2104a8105 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/ak_tests.rs @@ -1,6 +1,7 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::{TryFrom, TryInto}; use tss_esapi::{ @@ -21,6 +22,7 @@ use tss_esapi::{ use crate::common::create_ctx_without_session; #[test] +#[serial] fn test_create_ak_rsa_rsa() { let mut context = create_ctx_without_session(); @@ -44,6 +46,7 @@ fn test_create_ak_rsa_rsa() { } #[test] +#[serial] fn test_create_ak_rsa_rsa_3072() { let mut context = create_ctx_without_session(); @@ -67,6 +70,7 @@ fn test_create_ak_rsa_rsa_3072() { } #[test] +#[serial] fn test_create_ak_rsa_ecc() { let mut context = create_ctx_without_session(); @@ -100,6 +104,7 @@ fn test_create_ak_rsa_ecc() { } #[test] +#[serial] fn test_create_ak_ecc() { let mut context = create_ctx_without_session(); @@ -135,6 +140,7 @@ fn test_create_ak_ecc() { } #[test] +#[serial] fn test_create_ak_ecdaa() { let mut context = create_ctx_without_session(); @@ -159,6 +165,7 @@ fn test_create_ak_ecdaa() { } #[test] +#[serial] fn test_create_and_use_ak() { let mut context = create_ctx_without_session(); @@ -256,6 +263,7 @@ fn test_create_and_use_ak() { } #[test] +#[serial] fn test_create_custom_ak() { struct CustomizeKey; impl KeyCustomization for &CustomizeKey { diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/ek_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/ek_tests.rs index 834fe0cac..a45b9346e 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/ek_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/ek_tests.rs @@ -1,6 +1,7 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::{ abstraction::{ek, AsymmetricAlgorithmSelection}, constants::return_code::TpmFormatOneError, @@ -12,6 +13,7 @@ use tss_esapi::{ use crate::common::create_ctx_without_session; #[test] +#[serial] fn test_retrieve_ek_pubcert() { let mut context = create_ctx_without_session(); @@ -40,6 +42,7 @@ fn test_retrieve_ek_pubcert() { } #[test] +#[serial] fn test_create_ek_rsa() { // RSA key sizes currently supported by swtpm let supported_ek_sizes = vec![RsaKeyBits::Rsa2048, RsaKeyBits::Rsa3072]; @@ -57,6 +60,7 @@ fn test_create_ek_rsa() { } #[test] +#[serial] fn test_create_ek_ecc() { // ECC curves currently supported by swtpm let supported_ek_curves = vec![EccCurve::NistP256, EccCurve::NistP384]; diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/no_tpm/quote_test.rs b/tss-esapi/tests/integration_tests/abstraction_tests/no_tpm/quote_test.rs index a373ffbe5..5cf706e7b 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/no_tpm/quote_test.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/no_tpm/quote_test.rs @@ -3,6 +3,7 @@ mod test_quote { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ abstraction::{ak, ek, no_tpm, AsymmetricAlgorithmSelection}, @@ -162,16 +163,19 @@ mod test_quote { } #[test] + #[serial] fn checkquote_ecc_sha1() { checkquote_ecc(HashingAlgorithm::Sha1); } #[test] + #[serial] fn checkquote_ecc_sha256() { checkquote_ecc(HashingAlgorithm::Sha256); } #[test] + #[serial] fn checkquote_ecc_sha512() { checkquote_ecc(HashingAlgorithm::Sha512); } @@ -236,6 +240,7 @@ mod test_quote { } #[test] + #[serial] fn checkquote_rsa_pss_sha1() { checkquote_rsa( RsaKeyBits::Rsa1024, @@ -245,6 +250,7 @@ mod test_quote { } #[test] + #[serial] fn checkquote_rsa_ssa_sha256() { checkquote_rsa( RsaKeyBits::Rsa2048, @@ -254,6 +260,7 @@ mod test_quote { } #[test] + #[serial] fn checkquote_rsa_pss_sha384() { checkquote_rsa( RsaKeyBits::Rsa3072, diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/nv_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/nv_tests.rs index 1a9553579..586922f59 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/nv_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/nv_tests.rs @@ -1,6 +1,7 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::io::{ErrorKind, Seek, SeekFrom, Write}; use tss_esapi::{ abstraction::nv, @@ -16,6 +17,7 @@ use tss_esapi::{ use crate::common::{create_ctx_with_session, write_nv_index}; #[test] +#[serial] fn list() { let mut context = create_ctx_with_session(); @@ -52,6 +54,7 @@ fn list() { } #[test] +#[serial] fn read_full() { let mut context = create_ctx_with_session(); @@ -84,6 +87,7 @@ fn read_full() { } #[test] +#[serial] fn write() { let mut context = create_ctx_with_session(); diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/pcr_data_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/pcr_data_tests.rs index 68fe5704a..f11bef7b1 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/pcr_data_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/pcr_data_tests.rs @@ -1,3 +1,4 @@ +use serial_test::serial; use tss_esapi::{ abstraction::pcr::PcrData, interface_types::algorithm::HashingAlgorithm, diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/pcr_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/pcr_tests.rs index 296eff3dd..904e7420e 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/pcr_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/pcr_tests.rs @@ -1,6 +1,7 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 use crate::common::create_ctx_without_session; +use serial_test::serial; use tss_esapi::{ interface_types::algorithm::HashingAlgorithm, diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/public_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/public_tests.rs index 582d98173..b6a025ed9 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/public_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/public_tests.rs @@ -1,8 +1,10 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; mod public_rsa_test { use rsa::{pkcs1, traits::PublicKeyParts, BigUint}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::ObjectAttributesBuilder, @@ -69,6 +71,7 @@ mod public_rsa_test { } #[test] + #[serial] fn test_public_to_decoded_key_rsa() { let public_rsa = get_ext_rsa_pub(); let default_exponent = BigUint::from(RSA_DEFAULT_EXP); @@ -79,6 +82,7 @@ mod public_rsa_test { } #[test] + #[serial] fn test_public_to_subject_public_key_info_rsa() { let public_rsa = get_ext_rsa_pub(); let key = SubjectPublicKeyInfoOwned::try_from(&public_rsa) @@ -101,6 +105,7 @@ mod public_rsa_test { } mod public_ecc_test { + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::ObjectAttributesBuilder, @@ -163,6 +168,7 @@ mod public_ecc_test { } #[test] + #[serial] fn test_public_to_decoded_key_ecc() { let public_ecc = get_ext_ecc_pub(); let key = p256::PublicKey::try_from(&public_ecc) @@ -173,6 +179,7 @@ mod public_ecc_test { } #[test] + #[serial] fn test_public_to_subject_public_key_info_ecc() { let public_ecc = get_ext_ecc_pub(); let key = SubjectPublicKeyInfoOwned::try_from(&public_ecc) diff --git a/tss-esapi/tests/integration_tests/abstraction_tests/transient_key_context_tests.rs b/tss-esapi/tests/integration_tests/abstraction_tests/transient_key_context_tests.rs index fc5d0a97c..4193eb8df 100644 --- a/tss-esapi/tests/integration_tests/abstraction_tests/transient_key_context_tests.rs +++ b/tss-esapi/tests/integration_tests/abstraction_tests/transient_key_context_tests.rs @@ -1,5 +1,6 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::{ convert::{TryFrom, TryInto}, str::FromStr, @@ -50,6 +51,7 @@ fn create_ctx() -> TransientKeyContext { } #[test] +#[serial] fn wrong_key_sizes() { assert_eq!( TransientKeyContextBuilder::new() @@ -98,6 +100,7 @@ fn wrong_auth_size() { } #[test] +#[serial] fn load_bad_sized_key() { let mut ctx = create_ctx(); let key_params = KeyParams::Rsa { @@ -112,6 +115,7 @@ fn load_bad_sized_key() { } #[test] +#[serial] fn load_with_invalid_params() { let pub_key = vec![ 0x96, 0xDC, 0x72, 0x77, 0x49, 0x82, 0xFD, 0x2D, 0x06, 0x65, 0x8C, 0xE5, 0x3A, 0xCD, 0xED, @@ -141,6 +145,7 @@ fn load_with_invalid_params() { } #[test] +#[serial] fn verify() { let pub_key = vec![ 0x96, 0xDC, 0x72, 0x77, 0x49, 0x82, 0xFD, 0x2D, 0x06, 0x65, 0x8C, 0xE5, 0x3A, 0xCD, 0xED, @@ -198,6 +203,7 @@ fn verify() { } #[test] +#[serial] fn sign_with_bad_auth() { let mut ctx = create_ctx(); let key_params = KeyParams::Rsa { @@ -220,6 +226,7 @@ fn sign_with_bad_auth() { } #[test] +#[serial] fn sign_with_no_auth() { let mut ctx = create_ctx(); let key_params = KeyParams::Rsa { @@ -239,6 +246,7 @@ fn sign_with_no_auth() { } #[test] +#[serial] fn encrypt_decrypt() { let mut ctx = create_ctx(); let key_params = KeyParams::Rsa { @@ -271,6 +279,7 @@ fn encrypt_decrypt() { } #[test] +#[serial] fn two_signatures_different_digest() { let mut ctx = create_ctx(); let key_params1 = KeyParams::Rsa { @@ -319,6 +328,7 @@ fn two_signatures_different_digest() { } #[test] +#[serial] fn verify_wrong_key() { let mut ctx = create_ctx(); let key_params1 = KeyParams::Rsa { @@ -366,6 +376,7 @@ fn verify_wrong_key() { } } #[test] +#[serial] fn verify_wrong_digest() { let mut ctx = create_ctx(); let key_params = KeyParams::Rsa { @@ -406,6 +417,7 @@ fn verify_wrong_digest() { } #[test] +#[serial] fn full_test() { let mut ctx = create_ctx(); for _ in 0..4 { @@ -439,6 +451,7 @@ fn full_test() { } #[test] +#[serial] fn create_ecc_key() { let mut ctx = create_ctx(); let _ = ctx @@ -458,6 +471,7 @@ fn create_ecc_key() { } #[test] +#[serial] fn create_ecc_key_decryption_scheme() { let mut ctx = create_ctx(); let _ = ctx @@ -477,6 +491,7 @@ fn create_ecc_key_decryption_scheme() { } #[test] +#[serial] fn full_ecc_test() { let mut ctx = create_ctx(); let key_params = KeyParams::Ecc { @@ -513,6 +528,7 @@ fn full_ecc_test() { } #[test] +#[serial] fn ctx_migration_test() { // Create two key contexts using `Context`, one for an RSA keypair, // one for just the public part of the key @@ -617,6 +633,7 @@ fn ctx_migration_test() { } #[test] +#[serial] fn activate_credential() { // create a Transient key context, generate a key and // obtain the Make Credential parameters @@ -703,6 +720,7 @@ fn activate_credential() { } #[test] +#[serial] fn make_cred_params_name() { // create a Transient key context, generate a key and // obtain the Make Credential parameters @@ -735,6 +753,7 @@ fn make_cred_params_name() { } #[test] +#[serial] fn activate_credential_wrong_key() { // create a Transient key context, generate two keys and // obtain the Make Credential parameters for the first one @@ -835,6 +854,7 @@ fn activate_credential_wrong_key() { } #[test] +#[serial] fn activate_credential_wrong_data() { let mut ctx = create_ctx(); let params = KeyParams::Ecc { @@ -882,6 +902,7 @@ fn activate_credential_wrong_data() { } #[test] +#[serial] fn get_random_from_tkc() { // Check that we can convert a reference from TKC to Context let mut ctx = create_ctx(); @@ -892,6 +913,7 @@ fn get_random_from_tkc() { } #[test] +#[serial] fn sign_csr() { // Check that we can convert a reference from TKC to Context let mut ctx = create_ctx(); @@ -917,6 +939,7 @@ fn sign_csr() { } #[test] +#[serial] fn sign_p256_sha2_256() { // Check that we can convert a reference from TKC to Context let mut ctx = create_ctx(); @@ -948,6 +971,7 @@ fn sign_p256_sha2_256() { // This test is ignored for now to avoid issues with the CI. #[ignore] #[test] +#[serial] fn sign_p256_sha3_256() { // Check that we can convert a reference from TKC to Context let mut ctx = create_ctx(); diff --git a/tss-esapi/tests/integration_tests/attributes_tests/algorithm_attributes_tests.rs b/tss-esapi/tests/integration_tests/attributes_tests/algorithm_attributes_tests.rs index 9c2e23c23..74b17243f 100644 --- a/tss-esapi/tests/integration_tests/attributes_tests/algorithm_attributes_tests.rs +++ b/tss-esapi/tests/integration_tests/attributes_tests/algorithm_attributes_tests.rs @@ -1,6 +1,7 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::ops::Shl; use tss_esapi::{attributes::AlgorithmAttributes, tss2_esys::TPMA_ALGORITHM}; diff --git a/tss-esapi/tests/integration_tests/attributes_tests/command_code_attributes_tests.rs b/tss-esapi/tests/integration_tests/attributes_tests/command_code_attributes_tests.rs index 91a956518..4edc5b844 100644 --- a/tss-esapi/tests/integration_tests/attributes_tests/command_code_attributes_tests.rs +++ b/tss-esapi/tests/integration_tests/attributes_tests/command_code_attributes_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use bitfield::bitfield; use std::convert::{TryFrom, TryInto}; use tss_esapi::{ diff --git a/tss-esapi/tests/integration_tests/attributes_tests/locality_attributes_tests.rs b/tss-esapi/tests/integration_tests/attributes_tests/locality_attributes_tests.rs index 52ebbd770..6db24518e 100644 --- a/tss-esapi/tests/integration_tests/attributes_tests/locality_attributes_tests.rs +++ b/tss-esapi/tests/integration_tests/attributes_tests/locality_attributes_tests.rs @@ -1,6 +1,7 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::{ attributes::{LocalityAttributes, LocalityAttributesBuilder}, tss2_esys::TPMA_LOCALITY, diff --git a/tss-esapi/tests/integration_tests/attributes_tests/nv_index_attributes_tests.rs b/tss-esapi/tests/integration_tests/attributes_tests/nv_index_attributes_tests.rs index 9258ae7b4..7dcfbff22 100644 --- a/tss-esapi/tests/integration_tests/attributes_tests/nv_index_attributes_tests.rs +++ b/tss-esapi/tests/integration_tests/attributes_tests/nv_index_attributes_tests.rs @@ -1,5 +1,6 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::{ attributes::{NvIndexAttributes, NvIndexAttributesBuilder}, constants::NvIndexType, diff --git a/tss-esapi/tests/integration_tests/attributes_tests/session_attributes_tests.rs b/tss-esapi/tests/integration_tests/attributes_tests/session_attributes_tests.rs index fac19a618..4d186c309 100644 --- a/tss-esapi/tests/integration_tests/attributes_tests/session_attributes_tests.rs +++ b/tss-esapi/tests/integration_tests/attributes_tests/session_attributes_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use std::convert::TryFrom; use tss_esapi::{ attributes::{SessionAttributes, SessionAttributesBuilder, SessionAttributesMask}, diff --git a/tss-esapi/tests/integration_tests/constants_tests/algorithm_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/algorithm_tests.rs index 014a6ac44..0d8fc920d 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/algorithm_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/algorithm_tests.rs @@ -1,5 +1,6 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use std::convert::TryFrom; use tss_esapi::{ constants::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/capabilities_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/capabilities_tests.rs index 5261c7086..8a6b512af 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/capabilities_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/capabilities_tests.rs @@ -1,5 +1,6 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use std::convert::TryFrom; use tss_esapi::{ constants::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/command_code_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/command_code_tests.rs index db3140302..7d6dd5dff 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/command_code_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/command_code_tests.rs @@ -1,6 +1,7 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::{tss::*, CommandCode}, diff --git a/tss-esapi/tests/integration_tests/constants_tests/nv_index_type_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/nv_index_type_tests.rs index d1a30897b..5d952fb92 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/nv_index_type_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/nv_index_type_tests.rs @@ -1,5 +1,6 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use tss_esapi::{ constants::{ tss::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/pcr_property_tag_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/pcr_property_tag_tests.rs index 132e4e089..1852fd2bf 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/pcr_property_tag_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/pcr_property_tag_tests.rs @@ -1,6 +1,7 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/base_return_code_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/base_return_code_tests.rs index 54d4878a3..fe1ea3f7f 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/base_return_code_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/base_return_code_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use std::convert::TryFrom; use tss_esapi::{ constants::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/return_code_layer_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/return_code_layer_tests.rs index 33a0cd296..a019d8fe0 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/return_code_layer_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/return_code_layer_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use std::convert::TryFrom; use tss_esapi::{ constants::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_one_error_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_one_error_tests.rs index dcdfb96fe..c60f8d385 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_one_error_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_one_error_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use bitfield::bitfield; use std::convert::TryFrom; use tss_esapi::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_error_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_error_tests.rs index 46b34dfbc..7780db9c1 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_error_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_error_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use bitfield::bitfield; use std::convert::TryFrom; use tss_esapi::{ diff --git a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_warning_tests.rs b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_warning_tests.rs index d0dd5140b..b3dabbedd 100644 --- a/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_warning_tests.rs +++ b/tss-esapi/tests/integration_tests/constants_tests/return_code_tests/tpm_format_zero_warning_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + use bitfield::bitfield; use std::convert::TryFrom; use tss_esapi::{ diff --git a/tss-esapi/tests/integration_tests/context_tests/general_esys_tr_tests.rs b/tss-esapi/tests/integration_tests/context_tests/general_esys_tr_tests.rs index b9606f1c5..879c22a5a 100644 --- a/tss-esapi/tests/integration_tests/context_tests/general_esys_tr_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/general_esys_tr_tests.rs @@ -1,4 +1,5 @@ use crate::common::{create_ctx_with_session, create_ctx_without_session, decryption_key_pub}; +use serial_test::serial; use tss_esapi::{ attributes::NvIndexAttributesBuilder, constants::{tss::TPM2_NV_INDEX_FIRST, CapabilityType}, @@ -54,6 +55,7 @@ mod test_tr_from_tpm_public { // Need to set the shEnable in the TPMA_STARTUP in order for this to work. #[ignore] #[test] + #[serial] fn test_tr_from_tpm_public_owner_auth() { let mut context = create_ctx_without_session(); @@ -126,6 +128,7 @@ mod test_tr_from_tpm_public { } #[test] + #[serial] fn test_tr_from_tpm_public_password_auth() { let nv_index_tpm_handle = NvIndexTpmHandle::new(0x01500302).unwrap(); remove_nv_index_handle_from_tpm(nv_index_tpm_handle, Provision::Owner); @@ -228,6 +231,7 @@ mod test_tr_from_tpm_public { } #[test] + #[serial] fn read_from_retrieved_handle_using_password_authorization() { let nv_index_tpm_handle = NvIndexTpmHandle::new(0x01500303).unwrap(); @@ -381,6 +385,7 @@ mod test_tr_from_tpm_public { #[cfg(has_esys_tr_get_tpm_handle)] #[test] + #[serial] fn test_tr_get_tpm_handle() { use tss_esapi::handles::TpmHandle; @@ -453,6 +458,7 @@ mod test_tr_serialize_tr_deserialize { use super::*; #[test] + #[serial] fn test_tr_serialize_tr_deserialize() -> Result<(), Error> { let persistent_addr = PersistentTpmHandle::new(u32::from_be_bytes([0x81, 0x00, 0x00, 0x05]))?; diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/asymmetric_primitives_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/asymmetric_primitives_tests.rs index c42f60e66..4842afb55 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/asymmetric_primitives_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/asymmetric_primitives_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_rsa_encrypt_decrypt { use crate::common::{create_ctx_with_session, encryption_decryption_key_pub}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::attributes::ObjectAttributesBuilder; use tss_esapi::{ @@ -17,6 +18,7 @@ mod test_rsa_encrypt_decrypt { }; #[test] + #[serial] fn test_encrypt_decrypt() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -58,6 +60,7 @@ mod test_rsa_encrypt_decrypt { } #[test] + #[serial] fn test_ecdh() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/attestation_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/attestation_commands_tests.rs index 596981b71..1f9f91d7b 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/attestation_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/attestation_commands_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_quote { use crate::common::{create_ctx_with_session, decryption_key_pub, signing_key_pub}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::StructureTag, @@ -20,6 +21,7 @@ mod test_quote { }; #[test] + #[serial] fn pcr_quote() { let mut context = create_ctx_with_session(); // Quote PCR 0 @@ -69,6 +71,7 @@ mod test_quote { } #[test] + #[serial] fn time() { let mut context = create_ctx_with_session(); // No qualifying data @@ -110,6 +113,7 @@ mod test_quote { } #[test] + #[serial] fn certify() { let mut context = create_ctx_with_session(); let qualifying_data = vec![0xff; 16]; @@ -171,6 +175,7 @@ mod test_quote { } #[test] + #[serial] fn certify_null() { let mut context = create_ctx_with_session(); let qualifying_data = vec![0xff; 16]; @@ -212,6 +217,7 @@ mod test_quote { } #[test] + #[serial] fn certify_creation() { let mut context = create_ctx_with_session(); let qualifying_data = vec![0xff; 16]; diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs index 3d6318179..d821e73bf 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/capability_commands_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_get_capability { use crate::common::create_ctx_without_session; + use serial_test::serial; use tss_esapi::{ constants::{ tss::TPM2_PT_VENDOR_STRING_1, CapabilityType, PrimitivePropertyTag, PropertyTag, @@ -10,6 +11,7 @@ mod test_get_capability { }; #[test] + #[serial] fn test_get_capability() { let mut context = create_ctx_without_session(); let (res, _more) = context @@ -24,6 +26,7 @@ mod test_get_capability { } #[test] + #[serial] fn test_get_tpm_property() { let mut context = create_ctx_without_session(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/context_management_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/context_management_tests.rs index b2a3adca1..7b6cb8793 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/context_management_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/context_management_tests.rs @@ -2,9 +2,11 @@ // SPDX-License-Identifier: Apache-2.0 mod test_ctx_save { use crate::common::{create_ctx_with_session, decryption_key_pub, signing_key_pub}; + use serial_test::serial; use tss_esapi::{interface_types::reserved_handles::Hierarchy, structures::Auth}; #[test] + #[serial] fn test_ctx_save() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -26,6 +28,7 @@ mod test_ctx_save { } #[test] + #[serial] fn test_ctx_save_leaf() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -65,11 +68,13 @@ mod test_ctx_save { mod test_ctx_load { use crate::common::{create_ctx_with_session, decryption_key_pub, signing_key_pub}; + use serial_test::serial; use tss_esapi::{ handles::KeyHandle, interface_types::reserved_handles::Hierarchy, structures::Auth, }; #[test] + #[serial] fn test_ctx_load() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -110,9 +115,11 @@ mod test_ctx_load { mod test_flush_context { use crate::common::{create_ctx_with_session, decryption_key_pub, signing_key_pub}; + use serial_test::serial; use tss_esapi::{interface_types::reserved_handles::Hierarchy, structures::Auth}; #[test] + #[serial] fn test_flush_ctx() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -135,6 +142,7 @@ mod test_flush_context { } #[test] + #[serial] fn test_flush_parent_ctx() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -174,6 +182,7 @@ mod test_flush_context { mod test_evict_control { use crate::common::{create_ctx_without_session, decryption_key_pub}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::{tss::TPM2_PERSISTENT_FIRST, CapabilityType}, @@ -222,6 +231,7 @@ mod test_evict_control { } #[test] + #[serial] fn test_basic_evict_control() { // Create persistent TPM handle with let persistent_tpm_handle = diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/duplication_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/duplication_commands_tests.rs index 857eea0bd..a7f9efde1 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/duplication_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/duplication_commands_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_duplicate { use crate::common::{create_ctx_with_session, create_ctx_without_session}; + use serial_test::serial; use std::convert::TryFrom; use std::convert::TryInto; use tss_esapi::attributes::{ObjectAttributesBuilder, SessionAttributesBuilder}; @@ -20,6 +21,7 @@ mod test_duplicate { }; #[test] + #[serial] fn test_duplicate_and_import() { let mut context = create_ctx_with_session(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/enhanced_authorization_ea_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/enhanced_authorization_ea_commands_tests.rs index f7a39dcf4..232da5b8f 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/enhanced_authorization_ea_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/enhanced_authorization_ea_commands_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_policy_signed { use crate::common::{create_ctx_with_session, signing_key_pub}; + use serial_test::serial; use std::{convert::TryFrom, time::Duration}; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -13,6 +14,7 @@ mod test_policy_signed { structures::{Digest, Nonce, PublicKeyRsa, RsaSignature, Signature, SymmetricDefinition}, }; #[test] + #[serial] fn test_policy_signed() { let mut context = create_ctx_with_session(); @@ -80,6 +82,7 @@ mod test_policy_signed { mod test_policy_secret { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::{convert::TryFrom, time::Duration}; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -89,6 +92,7 @@ mod test_policy_secret { structures::{Digest, Nonce, SymmetricDefinition}, }; #[test] + #[serial] fn test_policy_secret() { let mut context = create_ctx_with_session(); @@ -140,6 +144,7 @@ mod test_policy_secret { mod test_policy_or { use crate::common::{create_ctx_without_session, get_pcr_policy_digest}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -148,6 +153,7 @@ mod test_policy_or { structures::{DigestList, SymmetricDefinition}, }; #[test] + #[serial] fn test_policy_or() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -192,6 +198,7 @@ mod test_policy_or { mod test_policy_pcr { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -204,6 +211,7 @@ mod test_policy_pcr { }; #[test] + #[serial] fn test_policy_pcr_sha_256() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -276,6 +284,7 @@ mod test_policy_pcr { mod test_policy_locality { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::{LocalityAttributes, SessionAttributesBuilder}, @@ -284,6 +293,7 @@ mod test_policy_locality { structures::SymmetricDefinition, }; #[test] + #[serial] fn test_policy_locality() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -320,6 +330,7 @@ mod test_policy_locality { mod test_policy_command_code { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -328,6 +339,7 @@ mod test_policy_command_code { structures::SymmetricDefinition, }; #[test] + #[serial] fn test_policy_command_code() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -364,6 +376,7 @@ mod test_policy_command_code { mod test_policy_physical_presence { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -372,6 +385,7 @@ mod test_policy_physical_presence { structures::SymmetricDefinition, }; #[test] + #[serial] fn test_policy_physical_presence() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -408,6 +422,7 @@ mod test_policy_physical_presence { mod test_policy_cp_hash { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -416,6 +431,7 @@ mod test_policy_cp_hash { structures::{Digest, SymmetricDefinition}, }; #[test] + #[serial] fn test_policy_cp_hash() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -458,6 +474,7 @@ mod test_policy_cp_hash { mod test_policy_name_hash { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -466,6 +483,7 @@ mod test_policy_name_hash { structures::{Digest, SymmetricDefinition}, }; #[test] + #[serial] fn test_policy_name_hash() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -508,6 +526,7 @@ mod test_policy_name_hash { mod test_policy_authorize { use crate::common::{create_ctx_with_session, get_pcr_policy_digest, signing_key_pub}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ interface_types::{algorithm::HashingAlgorithm, reserved_handles::Hierarchy}, @@ -515,6 +534,7 @@ mod test_policy_authorize { tss2_esys::TPM2B_NONCE, }; #[test] + #[serial] fn test_policy_authorize() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -570,6 +590,7 @@ mod test_policy_authorize { mod test_policy_auth_value { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -578,6 +599,7 @@ mod test_policy_auth_value { structures::SymmetricDefinition, }; #[test] + #[serial] fn test_policy_auth_value() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -614,6 +636,7 @@ mod test_policy_auth_value { mod test_policy_password { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -622,6 +645,7 @@ mod test_policy_password { structures::SymmetricDefinition, }; #[test] + #[serial] fn test_policy_password() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -658,6 +682,7 @@ mod test_policy_password { mod test_policy_get_digest { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -669,6 +694,7 @@ mod test_policy_get_digest { structures::{MaxBuffer, PcrSelectionListBuilder, PcrSlot, SymmetricDefinition}, }; #[test] + #[serial] fn get_policy_digest() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -747,6 +773,7 @@ mod test_policy_get_digest { mod test_policy_nv_written { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -755,6 +782,7 @@ mod test_policy_nv_written { structures::SymmetricDefinition, }; #[test] + #[serial] fn test_policy_nv_written() { let mut context = create_ctx_without_session(); let trial_policy_auth_session = context @@ -792,6 +820,7 @@ mod test_policy_nv_written { mod test_policy_template { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::SessionType, @@ -799,6 +828,7 @@ mod test_policy_template { structures::{Digest, Nonce, SymmetricDefinition}, }; #[test] + #[serial] fn basic_policy_template_test() { let trial_session_nonce = Nonce::try_from(vec![ 11, 12, 13, 14, 15, 16, 17, 18, 19, 11, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, @@ -849,6 +879,7 @@ mod test_policy_template { mod test_policy_authorize_nv { use crate::common::{create_ctx_with_session, write_nv_index}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -863,6 +894,7 @@ mod test_policy_authorize_nv { }; #[test] + #[serial] fn test_policy_authorize_nv() { let mut context = create_ctx_with_session(); let trial_policy_auth_session = context diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/hierarchy_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/hierarchy_commands_tests.rs index 4fc73deae..40f019c1d 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/hierarchy_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/hierarchy_commands_tests.rs @@ -2,11 +2,13 @@ // SPDX-License-Identifier: Apache-2.0 mod test_create_primary { use crate::common::{create_ctx_with_session, decryption_key_pub}; + use serial_test::serial; use tss_esapi::{ handles::ObjectHandle, interface_types::reserved_handles::Hierarchy, structures::Auth, }; #[test] + #[serial] fn test_create_primary() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -30,9 +32,11 @@ mod test_create_primary { mod test_clear { use crate::common::create_ctx_with_session; + use serial_test::serial; use tss_esapi::handles::AuthHandle; #[test] + #[serial] fn test_clear() { let mut context = create_ctx_with_session(); @@ -42,8 +46,10 @@ mod test_clear { mod test_clear_control { use crate::common::create_ctx_with_session; + use serial_test::serial; use tss_esapi::handles::AuthHandle; #[test] + #[serial] fn test_clear_control() { let mut context = create_ctx_with_session(); @@ -57,11 +63,13 @@ mod test_clear_control { mod test_change_auth { use crate::common::{create_ctx_with_session, decryption_key_pub}; + use serial_test::serial; use tss_esapi::{ handles::AuthHandle, interface_types::reserved_handles::Hierarchy, structures::Auth, }; #[test] + #[serial] fn test_object_change_auth() { let mut context = create_ctx_with_session(); @@ -107,6 +115,7 @@ mod test_change_auth { } #[test] + #[serial] fn test_hierarchy_change_auth() { let mut context = create_ctx_with_session(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/integrity_collection_pcr_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/integrity_collection_pcr_tests.rs index 32a5ea9bb..6a89404c5 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/integrity_collection_pcr_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/integrity_collection_pcr_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_pcr_extend_reset { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ handles::PcrHandle, @@ -9,6 +10,7 @@ mod test_pcr_extend_reset { structures::{Digest, DigestValues, PcrSelectionListBuilder, PcrSlot}, }; #[test] + #[serial] fn test_pcr_extend_reset_commands() { // In this test, we use PCR16. This was chosen because it's the only one that is // resettable and extendable from the locality in which we are running, and does not @@ -165,6 +167,7 @@ mod test_pcr_extend_reset { mod test_pcr_read { use crate::common::create_ctx_without_session; + use serial_test::serial; use tss_esapi::{ interface_types::algorithm::HashingAlgorithm, structures::{PcrSelectionListBuilder, PcrSlot}, @@ -172,6 +175,7 @@ mod test_pcr_read { }; #[test] + #[serial] fn test_pcr_read_command() { let mut context = create_ctx_without_session(); // Read PCR 0 @@ -229,6 +233,7 @@ mod test_pcr_read { } #[test] + #[serial] fn test_pcr_read_large_pcr_selections() { // If the pcr Selection contains more then 16 values // then not all can be read at once and the returned diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/non_volatile_storage_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/non_volatile_storage_tests.rs index 9e12bc759..f1e622129 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/non_volatile_storage_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/non_volatile_storage_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_nv_define_space { use crate::common::create_ctx_with_session; + use serial_test::serial; use tss_esapi::{ attributes::NvIndexAttributesBuilder, handles::NvIndexTpmHandle, @@ -10,6 +11,7 @@ mod test_nv_define_space { }; #[test] + #[serial] fn test_nv_define_space_failures() { let mut context = create_ctx_with_session(); @@ -57,6 +59,7 @@ mod test_nv_define_space { } #[test] + #[serial] fn test_nv_define_space() { let mut context = create_ctx_with_session(); @@ -116,6 +119,7 @@ mod test_nv_define_space { mod test_nv_undefine_space { use crate::common::create_ctx_with_session; + use serial_test::serial; use tss_esapi::{ attributes::NvIndexAttributesBuilder, handles::NvIndexTpmHandle, @@ -124,6 +128,7 @@ mod test_nv_undefine_space { }; #[test] + #[serial] fn test_nv_undefine_space() { let mut context = create_ctx_with_session(); @@ -157,6 +162,7 @@ mod test_nv_undefine_space { mod test_nv_read_public { use crate::common::create_ctx_with_session; + use serial_test::serial; use tss_esapi::{ attributes::NvIndexAttributesBuilder, handles::NvIndexTpmHandle, @@ -165,6 +171,7 @@ mod test_nv_read_public { }; #[test] + #[serial] fn test_nv_read_public() { let mut context = create_ctx_with_session(); @@ -204,6 +211,7 @@ mod test_nv_read_public { mod test_nv_write { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::NvIndexAttributesBuilder, @@ -216,6 +224,7 @@ mod test_nv_write { }; #[test] + #[serial] fn test_nv_write() { let mut context = create_ctx_with_session(); @@ -256,6 +265,7 @@ mod test_nv_write { mod test_nv_read { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::NvIndexAttributesBuilder, @@ -268,6 +278,7 @@ mod test_nv_read { }; #[test] + #[serial] fn test_nv_read() { let mut context = create_ctx_with_session(); @@ -321,6 +332,7 @@ mod test_nv_read { mod test_nv_increment { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::convert::TryInto; use tss_esapi::{ attributes::NvIndexAttributesBuilder, @@ -334,6 +346,7 @@ mod test_nv_increment { }; #[test] + #[serial] fn test_nv_increment() { let mut context = create_ctx_with_session(); let nv_index = NvIndexTpmHandle::new(0x01500021).unwrap(); @@ -424,6 +437,7 @@ mod test_nv_increment { mod test_nv_extend { use crate::common::create_ctx_with_session; + use serial_test::serial; use tss_esapi::{ attributes::NvIndexAttributesBuilder, constants::nv_index_type::NvIndexType, @@ -436,6 +450,7 @@ mod test_nv_extend { }; #[test] + #[serial] fn test_nv_extend() { let mut context = create_ctx_with_session(); let nv_index = NvIndexTpmHandle::new(0x01500029).unwrap(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/object_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/object_commands_tests.rs index ba28bb4d8..8d5c5cfea 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/object_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/object_commands_tests.rs @@ -2,9 +2,11 @@ // SPDX-License-Identifier: Apache-2.0 mod test_create { use crate::common::{create_ctx_with_session, decryption_key_pub}; + use serial_test::serial; use tss_esapi::{interface_types::reserved_handles::Hierarchy, structures::Auth}; #[test] + #[serial] fn test_create() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -38,9 +40,11 @@ mod test_create { mod test_load { use crate::common::{create_ctx_with_session, decryption_key_pub, signing_key_pub}; + use serial_test::serial; use tss_esapi::{interface_types::reserved_handles::Hierarchy, structures::Auth}; #[test] + #[serial] fn test_load() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -78,6 +82,7 @@ mod test_load { mod test_load_external { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::convert::TryInto; use tss_esapi::{ attributes::ObjectAttributesBuilder, @@ -164,6 +169,7 @@ mod test_load_external { } #[test] + #[serial] fn test_load_external_private_and_public_parts() { let mut context = create_ctx_with_session(); let pub_key = get_ext_rsa_pub(); @@ -176,6 +182,7 @@ mod test_load_external { } #[test] + #[serial] fn test_load_external_only_public_part() { let mut context = create_ctx_with_session(); let pub_key = get_ext_rsa_pub(); @@ -189,9 +196,11 @@ mod test_load_external { mod test_read_public { use crate::common::{create_ctx_with_session, signing_key_pub}; + use serial_test::serial; use tss_esapi::{interface_types::reserved_handles::Hierarchy, structures::Auth}; #[test] + #[serial] fn test_read_public() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -215,10 +224,12 @@ mod test_read_public { mod test_make_credential { use crate::common::{create_ctx_with_session, decryption_key_pub}; + use serial_test::serial; use std::convert::TryInto; use tss_esapi::interface_types::reserved_handles::Hierarchy; #[test] + #[serial] fn test_make_credential() { let mut context = create_ctx_with_session(); @@ -248,6 +259,7 @@ mod test_make_credential { mod test_activate_credential { use crate::common::{create_ctx_with_session, decryption_key_pub}; + use serial_test::serial; use std::convert::{TryFrom, TryInto}; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -256,6 +268,7 @@ mod test_activate_credential { structures::{Digest, SymmetricDefinition}, }; #[test] + #[serial] fn test_make_activate_credential() { let mut context = create_ctx_with_session(); @@ -333,10 +346,12 @@ mod test_activate_credential { mod test_unseal { use crate::common::{create_ctx_with_session, create_public_sealed_object, decryption_key_pub}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{interface_types::reserved_handles::Hierarchy, structures::SensitiveData}; #[test] + #[serial] fn unseal() { let testbytes: [u8; 5] = [0x01, 0x02, 0x03, 0x04, 0x42]; diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/random_number_generator_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/random_number_generator_tests.rs index fbf41c493..5f6645b2e 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/random_number_generator_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/random_number_generator_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_random { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -11,6 +12,7 @@ mod test_random { }; #[test] + #[serial] fn test_encrypted_get_rand() { let mut context = create_ctx_without_session(); let encrypted_sess = context @@ -38,6 +40,7 @@ mod test_random { } #[test] + #[serial] fn test_authenticated_get_rand() { let mut context = create_ctx_without_session(); let auth_sess = context @@ -57,12 +60,14 @@ mod test_random { } #[test] + #[serial] fn test_get_0_rand() { let mut context = create_ctx_without_session(); let _ = context.get_random(0); } #[test] + #[serial] fn test_stir_random() { let mut context = create_ctx_without_session(); let additional_data = SensitiveData::try_from(vec![1, 2, 3]).unwrap(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/session_commands_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/session_commands_tests.rs index 9144a9384..b16985a93 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/session_commands_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/session_commands_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_start_auth_session { use crate::common::{create_ctx_with_session, create_ctx_without_session, decryption_key_pub}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -11,6 +12,7 @@ mod test_start_auth_session { }; #[test] + #[serial] fn test_simple_sess() { let mut context = create_ctx_without_session(); context @@ -26,6 +28,7 @@ mod test_start_auth_session { } #[test] + #[serial] fn test_nonce_sess() { let mut context = create_ctx_without_session(); context @@ -49,6 +52,7 @@ mod test_start_auth_session { } #[test] + #[serial] fn test_bound_sess() { let mut context = create_ctx_with_session(); let prim_key_handle = context @@ -76,6 +80,7 @@ mod test_start_auth_session { } #[test] + #[serial] fn test_encrypted_start_sess() { let mut context = create_ctx_without_session(); let encrypted_sess = context @@ -113,6 +118,7 @@ mod test_start_auth_session { } #[test] + #[serial] fn test_authenticated_start_sess() { let mut context = create_ctx_without_session(); let auth_sess = context @@ -140,6 +146,7 @@ mod test_start_auth_session { } #[test] + #[serial] fn test_get_nonce_tpm() { let mut context = create_ctx_without_session(); let session = context @@ -166,6 +173,7 @@ mod test_start_auth_session { mod test_policy_restart { use crate::common::{create_ctx_without_session, get_pcr_policy_digest}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -174,6 +182,7 @@ mod test_policy_restart { structures::{Digest, DigestList, SymmetricDefinition}, }; #[test] + #[serial] fn test_policy_restart() { let mut context = create_ctx_without_session(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs index 09c9ce21c..78d303a5c 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/signing_and_signature_verification_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2.0 mod test_verify_signature { use crate::common::{create_ctx_with_session, signing_key_pub, HASH}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ interface_types::{algorithm::HashingAlgorithm, reserved_handles::Hierarchy}, @@ -9,6 +10,7 @@ mod test_verify_signature { }; #[test] + #[serial] fn test_verify_signature() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -46,6 +48,7 @@ mod test_verify_signature { } #[test] + #[serial] fn test_verify_wrong_signature() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -93,6 +96,7 @@ mod test_verify_signature { } #[test] + #[serial] fn test_verify_wrong_signature_2() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -130,6 +134,7 @@ mod test_verify_signature { } #[test] + #[serial] fn test_verify_wrong_signature_3() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -168,6 +173,7 @@ mod test_verify_signature { mod test_sign { use crate::common::{create_ctx_with_session, signing_key_pub, HASH}; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::TpmFormatOneError::Size, @@ -205,6 +211,7 @@ mod test_sign { }; #[test] + #[serial] fn test_sign() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -234,6 +241,7 @@ mod test_sign { } #[test] + #[serial] fn test_sign_empty_digest() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -263,6 +271,7 @@ mod test_sign { } #[test] + #[serial] fn test_sign_large_digest() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -298,6 +307,7 @@ mod test_sign { #[cfg(feature = "p256")] #[test] + #[serial] fn test_sign_signer() { let public = utils::create_unrestricted_signing_ecc_public( EccScheme::EcDsa(HashScheme::new(HashingAlgorithm::Sha256)), @@ -327,6 +337,7 @@ mod test_sign { #[cfg(feature = "rsa")] #[test] + #[serial] fn test_sign_signer_rsa_pkcs() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; @@ -361,6 +372,7 @@ mod test_sign { #[cfg(feature = "rsa")] #[test] + #[serial] fn test_sign_signer_rsa_pss() { let mut context = create_ctx_with_session(); let mut random_digest = vec![0u8; 16]; diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/startup_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/startup_tests.rs index c3002124d..eb030f62b 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/startup_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/startup_tests.rs @@ -2,9 +2,11 @@ // SPDX-License-Identifier: Apache-2.0 mod test_startup { use crate::common::create_ctx_without_session; + use serial_test::serial; use tss_esapi::constants::StartupType; #[test] + #[serial] fn test_startup() { let mut context = create_ctx_without_session(); context.startup(StartupType::Clear).unwrap(); @@ -13,8 +15,10 @@ mod test_startup { mod test_shutdown { use crate::common::create_ctx_without_session; + use serial_test::serial; use tss_esapi::constants::StartupType; #[test] + #[serial] fn test_shutdown() { let mut context = create_ctx_without_session(); context.shutdown(StartupType::Clear).unwrap(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/symmetric_primitives_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/symmetric_primitives_tests.rs index 165e97bc0..8431ba9d2 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/symmetric_primitives_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/symmetric_primitives_tests.rs @@ -1,7 +1,9 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 + mod test_encrypt_decrypt_2 { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::ObjectAttributesBuilder, @@ -17,6 +19,7 @@ mod test_encrypt_decrypt_2 { }, }; #[test] + #[serial] fn test_encrypt_decrypt_with_aes_128_cfb_symmetric_key() { let mut context = create_ctx_without_session(); @@ -146,6 +149,7 @@ mod test_encrypt_decrypt_2 { mod test_hash { use crate::common::create_ctx_without_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ interface_types::{algorithm::HashingAlgorithm, reserved_handles::Hierarchy}, @@ -153,6 +157,7 @@ mod test_hash { }; #[test] + #[serial] fn test_hash_with_sha_256() { let mut context = create_ctx_without_session(); let data = "There is no spoon"; @@ -178,6 +183,7 @@ mod test_hash { mod test_hmac { use crate::common::create_ctx_with_session; + use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::ObjectAttributesBuilder, @@ -189,6 +195,7 @@ mod test_hmac { }; #[test] + #[serial] fn test_hmac() { let mut context = create_ctx_with_session(); diff --git a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/testing_tests.rs b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/testing_tests.rs index 94b3e57df..d673a30af 100644 --- a/tss-esapi/tests/integration_tests/context_tests/tpm_commands/testing_tests.rs +++ b/tss-esapi/tests/integration_tests/context_tests/tpm_commands/testing_tests.rs @@ -2,8 +2,10 @@ // SPDX-License-Identifier: Apache-2.0 mod test_self_test { use crate::common::create_ctx_without_session; + use serial_test::serial; #[test] + #[serial] fn test_self_test() { let mut context = create_ctx_without_session(); context.self_test(false).unwrap(); @@ -13,7 +15,9 @@ mod test_self_test { mod test_get_test_result { use crate::common::create_ctx_without_session; + use serial_test::serial; #[test] + #[serial] fn test_get_test_result() { let mut context = create_ctx_without_session(); let (_, rc) = context.get_test_result().unwrap(); diff --git a/tss-esapi/tests/integration_tests/error_tests/return_code_tests.rs b/tss-esapi/tests/integration_tests/error_tests/return_code_tests.rs index 0ef6d307f..d45ecadb4 100644 --- a/tss-esapi/tests/integration_tests/error_tests/return_code_tests.rs +++ b/tss-esapi/tests/integration_tests/error_tests/return_code_tests.rs @@ -9,6 +9,7 @@ mod resource_manager_tpm_tests; mod sapi_tests; mod tcti_tests; mod tpm_tests; +use serial_test::serial; use tss_esapi::{ constants::tss::{ @@ -68,6 +69,7 @@ macro_rules! test_error_trait_impl { } #[test] +#[serial] fn test_error_trait_implementation() { test_error_trait_impl!(TpmResponseCode, TSS2_TPM_RC_LAYER, TPM2_RC_INITIALIZE); test_error_trait_impl!( @@ -135,6 +137,7 @@ macro_rules! test_display_trait_impl { } #[test] +#[serial] fn test_display_trait_implementation() { test_display_trait_impl!( "TSS Layer: TPM, Code: 0x00000100, Message:", diff --git a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/base_tests.rs b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/base_tests.rs index 9cfcb4b55..a425b4f23 100644 --- a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/base_tests.rs +++ b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/base_tests.rs @@ -74,6 +74,7 @@ macro_rules! test_display_trait_impl { }; } +// do not interact with swtpm, can be parallel. #[test] fn test_valid_conversions() { test_valid_conversion!(TSS2_BASE_RC_GENERAL_FAILURE, BaseError::GeneralFailure); diff --git a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/esapi_tests.rs b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/esapi_tests.rs index e5bd1c197..d39128f28 100644 --- a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/esapi_tests.rs +++ b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/esapi_tests.rs @@ -2,6 +2,7 @@ // SPDX-License-Identifier: Apache-2. use crate::common::{create_ctx_with_session, decryption_key_pub}; +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ attributes::SessionAttributesBuilder, @@ -84,6 +85,7 @@ macro_rules! test_valid_conversion { } #[test] +#[serial] fn test_valid_conversions() { test_valid_conversion!(TSS2_BASE_RC_GENERAL_FAILURE, BaseError::GeneralFailure); test_valid_conversion!(TSS2_BASE_RC_NOT_IMPLEMENTED, BaseError::NotImplemented); @@ -119,6 +121,7 @@ fn test_valid_conversions() { } #[test] +#[serial] fn test_invalid_conversions() { let tss_invalid_esapi_rc = TSS2_ESYS_RC_LAYER | TSS2_BASE_RC_BAD_TEMPLATE; assert_eq!( @@ -129,6 +132,7 @@ fn test_invalid_conversions() { } #[test] +#[serial] fn test_esapi_error_from_context_method() { let mut context = create_ctx_with_session(); let random_digest = context.get_random(16).unwrap(); @@ -207,6 +211,7 @@ macro_rules! test_base_error { } #[test] +#[serial] fn test_base_error_method() { test_base_error!(BaseError::GeneralFailure); test_base_error!(BaseError::NotImplemented); diff --git a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/fapi_tests.rs b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/fapi_tests.rs index 19fc1a13c..eca3c1bfb 100644 --- a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/fapi_tests.rs +++ b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/fapi_tests.rs @@ -1,6 +1,7 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::{ @@ -86,6 +87,7 @@ macro_rules! test_valid_conversion { } #[test] +#[serial] fn test_valid_conversions() { test_valid_conversion!(TSS2_BASE_RC_GENERAL_FAILURE, BaseError::GeneralFailure); test_valid_conversion!(TSS2_BASE_RC_NOT_IMPLEMENTED, BaseError::NotImplemented); @@ -145,6 +147,7 @@ fn test_valid_conversions() { } #[test] +#[serial] fn test_invalid_conversions() { let tss_invalid_fapi_rc = TSS2_FEATURE_RC_LAYER | TSS2_BASE_RC_ABI_MISMATCH; assert_eq!( @@ -170,6 +173,7 @@ macro_rules! test_base_error { } #[test] +#[serial] fn test_base_error_method() { test_base_error!(BaseError::GeneralFailure); test_base_error!(BaseError::NotImplemented); diff --git a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/muapi_tests.rs b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/muapi_tests.rs index 4eef029e4..27795ee63 100644 --- a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/muapi_tests.rs +++ b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/muapi_tests.rs @@ -1,6 +1,7 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2. +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::{ @@ -74,6 +75,7 @@ macro_rules! test_valid_conversion { } #[test] +#[serial] fn test_valid_conversions() { test_valid_conversion!(TSS2_BASE_RC_GENERAL_FAILURE, BaseError::GeneralFailure); test_valid_conversion!(TSS2_BASE_RC_BAD_REFERENCE, BaseError::BadReference); @@ -86,6 +88,7 @@ fn test_valid_conversions() { } #[test] +#[serial] fn test_invalid_conversions() { let tss_invalid_fapi_rc = TSS2_MU_RC_LAYER | TSS2_BASE_RC_BAD_TEMPLATE; assert_eq!( @@ -111,6 +114,7 @@ macro_rules! test_base_error { } #[test] +#[serial] fn test_base_error_method() { test_base_error!(BaseError::GeneralFailure); test_base_error!(BaseError::BadReference); diff --git a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tests.rs b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tests.rs index 4e6110f57..96536be5e 100644 --- a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tests.rs +++ b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2. +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::{ @@ -78,6 +79,7 @@ macro_rules! test_valid_conversion { }; } +// no interaction with swtpm, can be parallel #[test] fn test_valid_conversions() { test_valid_conversion!(TSS2_BASE_RC_GENERAL_FAILURE, BaseError::GeneralFailure); diff --git a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tpm_tests.rs b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tpm_tests.rs index dd6bf8434..ed852d58c 100644 --- a/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tpm_tests.rs +++ b/tss-esapi/tests/integration_tests/error_tests/return_code_tests/resource_manager_tpm_tests.rs @@ -7,6 +7,7 @@ use tss_esapi::{ tss2_esys::TSS2_RC, }; +// no interaction with swtpm, can be parallel #[test] fn test_valid_tpm_resmgr_format_zero_response_code() { let expected_tss_rc = TSS2_RESMGR_TPM_RC_LAYER | TPM2_RC_SEQUENCE; diff --git a/tss-esapi/tests/integration_tests/interface_types_tests/algorithms_tests.rs b/tss-esapi/tests/integration_tests/interface_types_tests/algorithms_tests.rs index 9b2a7584a..64bc106ba 100644 --- a/tss-esapi/tests/integration_tests/interface_types_tests/algorithms_tests.rs +++ b/tss-esapi/tests/integration_tests/interface_types_tests/algorithms_tests.rs @@ -1,5 +1,6 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; macro_rules! test_conversion { @@ -78,6 +79,7 @@ mod hashing_algorithm_tests { interface_types::algorithm::HashingAlgorithm, }; #[test] + #[serial] fn test_hashing_algorithm_conversion() { test_conversion!(TPM2_ALG_SHA1, HashingAlgorithm::Sha1); test_conversion!(TPM2_ALG_SHA256, HashingAlgorithm::Sha256); @@ -91,6 +93,7 @@ mod hashing_algorithm_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_RSA, @@ -115,6 +118,7 @@ mod keyed_hash_scheme_tests { interface_types::algorithm::KeyedHashSchemeAlgorithm, }; #[test] + #[serial] fn test_keyed_hash_scheme_conversion() { test_conversion!(TPM2_ALG_HMAC, KeyedHashSchemeAlgorithm::Hmac); test_conversion!(TPM2_ALG_XOR, KeyedHashSchemeAlgorithm::Xor); @@ -122,6 +126,7 @@ mod keyed_hash_scheme_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_RSA, @@ -146,6 +151,7 @@ mod key_derivation_function_tests { interface_types::algorithm::KeyDerivationFunction, }; #[test] + #[serial] fn test_key_derivation_function_conversion() { test_conversion!( TPM2_ALG_KDF1_SP800_56A, @@ -160,6 +166,7 @@ mod key_derivation_function_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_RSA, @@ -187,6 +194,7 @@ mod symmetric_algorithm_tests { interface_types::algorithm::SymmetricAlgorithm, }; #[test] + #[serial] fn test_symmetric_algorithm_conversion() { test_conversion!(TPM2_ALG_TDES, SymmetricAlgorithm::Tdes); test_conversion!(TPM2_ALG_AES, SymmetricAlgorithm::Aes); @@ -197,6 +205,7 @@ mod symmetric_algorithm_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_RSA, @@ -224,6 +233,7 @@ mod symmetric_mode_tests { }; #[test] + #[serial] fn test_symmetric_mode_conversion() { test_conversion!(TPM2_ALG_CTR, SymmetricMode::Ctr); test_conversion!(TPM2_ALG_OFB, SymmetricMode::Ofb); @@ -234,6 +244,7 @@ mod symmetric_mode_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_RSA, @@ -259,6 +270,7 @@ mod asymmetric_algorithm_tests { }; #[test] + #[serial] fn test_asymmetric_algorithm_conversion() { test_conversion!(TPM2_ALG_RSA, AsymmetricAlgorithm::Rsa); test_conversion!(TPM2_ALG_ECC, AsymmetricAlgorithm::Ecc); @@ -266,6 +278,7 @@ mod asymmetric_algorithm_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_AES, @@ -294,6 +307,7 @@ mod signature_scheme_tests { interface_types::algorithm::{AsymmetricAlgorithm, SignatureSchemeAlgorithm}, }; #[test] + #[serial] fn test_signature_scheme_conversion() { test_conversion!(TPM2_ALG_RSASSA, SignatureSchemeAlgorithm::RsaSsa); test_conversion!(TPM2_ALG_RSAPSS, SignatureSchemeAlgorithm::RsaPss); @@ -306,6 +320,7 @@ mod signature_scheme_tests { } #[test] + #[serial] fn test_special_conversion_into_asymmetric_algorithm() { assert_eq!( AsymmetricAlgorithm::Rsa, @@ -356,6 +371,7 @@ mod signature_scheme_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_AES, @@ -380,6 +396,7 @@ mod symmetric_object_tests { interface_types::algorithm::SymmetricObject, }; #[test] + #[serial] fn test_symmetric_object_conversion() { test_conversion!(TPM2_ALG_TDES, SymmetricObject::Tdes); test_conversion!(TPM2_ALG_AES, SymmetricObject::Aes); @@ -389,6 +406,7 @@ mod symmetric_object_tests { } #[test] + #[serial] fn test_conversion_of_incorrect_algorithm() { test_invalid_tpm_alg_conversion!( TPM2_ALG_RSA, diff --git a/tss-esapi/tests/integration_tests/interface_types_tests/data_handles_tests.rs b/tss-esapi/tests/integration_tests/interface_types_tests/data_handles_tests.rs index 43248ffe8..d83506c08 100644 --- a/tss-esapi/tests/integration_tests/interface_types_tests/data_handles_tests.rs +++ b/tss-esapi/tests/integration_tests/interface_types_tests/data_handles_tests.rs @@ -1,5 +1,6 @@ // Copyright 2023 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::tss::{ @@ -98,6 +99,7 @@ macro_rules! test_invalid_conversions { } #[test] +#[serial] fn test_context_data_handle_valid_conversions() { test_valid_conversions_for_range_enum_items!( ContextDataHandle::Hmac, @@ -117,6 +119,7 @@ fn test_context_data_handle_valid_conversions() { } #[test] +#[serial] fn test_context_data_handle_invalid_conversion() { test_invalid_conversions!( ContextDataHandle, @@ -126,6 +129,7 @@ fn test_context_data_handle_invalid_conversion() { } #[test] +#[serial] fn test_saved_valid_conversions() { test_valid_conversions_for_range_enum_items!( Saved::Hmac, @@ -155,6 +159,7 @@ fn test_saved_valid_conversions() { } #[test] +#[serial] fn test_saved_invalid_conversions() { test_invalid_conversions!(Saved, TPM2_PERMANENT_LAST, WrapperErrorKind::InvalidParam); test_invalid_conversions!(Saved, TPM2_TRANSIENT_LAST, WrapperErrorKind::InvalidParam); diff --git a/tss-esapi/tests/integration_tests/interface_types_tests/reserved_handles_tests.rs b/tss-esapi/tests/integration_tests/interface_types_tests/reserved_handles_tests.rs index 1b0a75a74..e3914b38b 100644 --- a/tss-esapi/tests/integration_tests/interface_types_tests/reserved_handles_tests.rs +++ b/tss-esapi/tests/integration_tests/interface_types_tests/reserved_handles_tests.rs @@ -1,5 +1,6 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ handles::{AuthHandle, NvIndexHandle, ObjectHandle, PermanentTpmHandle, TpmHandle}, @@ -13,6 +14,7 @@ use tss_esapi::{ mod test_hierarchy { use super::*; #[test] + #[serial] fn test_conversions() { let test_conversion = |hierarchy: Hierarchy, tpm_rh: TpmHandle, esys_rh: ObjectHandle, name: &str| { @@ -61,6 +63,7 @@ mod test_hierarchy { mod test_enables { use super::*; #[test] + #[serial] fn test_conversions() { let test_conversion = |enables: Enables, tpm_rh: TpmHandle, esys_rh: ObjectHandle, name: &str| { @@ -114,6 +117,7 @@ mod test_enables { mod test_hierarchy_auth { use super::*; #[test] + #[serial] fn test_conversions() { let test_conversion = |hierarchy_auth: HierarchyAuth, tpm_rh: TpmHandle, @@ -164,6 +168,7 @@ mod test_hierarchy_auth { mod test_platform { use super::*; #[test] + #[serial] fn test_conversions() { assert_eq!(AuthHandle::from(Platform::Platform), AuthHandle::Platform); assert_eq!( @@ -177,6 +182,7 @@ mod test_platform { mod test_owner { use super::*; #[test] + #[serial] fn test_conversions() { assert_eq!(ObjectHandle::from(Owner::Owner), ObjectHandle::Owner); assert_eq!(ObjectHandle::from(Owner::Null), ObjectHandle::Null); @@ -196,6 +202,7 @@ mod test_owner { mod test_endorsement { use super::*; #[test] + #[serial] fn test_conversions() { assert_eq!( ObjectHandle::from(Endorsement::Endorsement), @@ -218,6 +225,7 @@ mod test_endorsement { mod test_provision { use super::*; #[test] + #[serial] fn test_conversions() { assert_eq!(AuthHandle::from(Provision::Owner), AuthHandle::Owner); assert_eq!(AuthHandle::from(Provision::Platform), AuthHandle::Platform); @@ -237,6 +245,7 @@ mod test_provision { mod test_clear { use super::*; #[test] + #[serial] fn test_conversions() { assert_eq!(AuthHandle::from(Clear::Owner), AuthHandle::Owner); assert_eq!(AuthHandle::from(Clear::Platform), AuthHandle::Platform); @@ -256,6 +265,7 @@ mod test_nv_auth { use super::*; #[test] + #[serial] fn test_conversions() { assert_eq!(AuthHandle::from(NvAuth::Platform), AuthHandle::Platform); assert_eq!(AuthHandle::from(NvAuth::Owner), AuthHandle::Owner); @@ -287,6 +297,7 @@ mod test_nv_auth { mod test_lockout { use super::*; #[test] + #[serial] fn test_conversions() { assert_eq!(ObjectHandle::from(Lockout::Lockout), ObjectHandle::Lockout); assert_eq!( diff --git a/tss-esapi/tests/integration_tests/interface_types_tests/structure_tags_tests.rs b/tss-esapi/tests/integration_tests/interface_types_tests/structure_tags_tests.rs index 12f221e5c..b7af4ef57 100644 --- a/tss-esapi/tests/integration_tests/interface_types_tests/structure_tags_tests.rs +++ b/tss-esapi/tests/integration_tests/interface_types_tests/structure_tags_tests.rs @@ -1,6 +1,8 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +// none of these conversions connect to the swtpm. + macro_rules! test_valid_conversions { (AttestationType::$attestation_type_item:ident, StructureTag::$strucutre_tag_item:ident) => { assert_eq!( diff --git a/tss-esapi/tests/integration_tests/structures_tests/attest_tests.rs b/tss-esapi/tests/integration_tests/structures_tests/attest_tests.rs index bdfc0ab47..9c87724f5 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/attest_tests.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/attest_tests.rs @@ -1,5 +1,6 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::{ constants::{tss::TPM2_GENERATED_VALUE, AlgorithmIdentifier}, interface_types::{algorithm::HashingAlgorithm, structure_tags::AttestationType, YesNo}, @@ -18,6 +19,7 @@ use tss_esapi::{ use std::convert::{TryFrom, TryInto}; #[test] +#[serial] fn test_attest_with_certify_info_into_tpm_type_conversions() { let expected_certify_info_name = Name::try_from(vec![0xffu8; 64]).expect("Failed to create name"); @@ -56,6 +58,7 @@ fn test_attest_with_certify_info_into_tpm_type_conversions() { } #[test] +#[serial] fn test_attest_with_quote_info_into_tpm_type_conversions() { let expected_pcr_selection = PcrSelectionListBuilder::new() .with_selection( @@ -103,6 +106,7 @@ fn test_attest_with_quote_info_into_tpm_type_conversions() { } #[test] +#[serial] fn test_attest_with_session_audit_info_into_tpm_type_conversions() { let expected_exclusive_session = YesNo::Yes; let expected_session_digest = @@ -140,6 +144,7 @@ fn test_attest_with_session_audit_info_into_tpm_type_conversions() { } #[test] +#[serial] fn test_attest_with_command_audit_info_into_tpm_type_conversions() { let expected_audit_counter = 1u64; let expected_digest_alg = HashingAlgorithm::Sha512; @@ -192,6 +197,7 @@ fn test_attest_with_command_audit_info_into_tpm_type_conversions() { } #[test] +#[serial] fn test_attest_with_time_info_into_tpm_type_conversions() { let expected_time_attest_info: TimeAttestInfo = TPMS_TIME_ATTEST_INFO { time: TPMS_TIME_INFO { @@ -230,6 +236,7 @@ fn test_attest_with_time_info_into_tpm_type_conversions() { } #[test] +#[serial] fn test_attest_with_creation_info_into_tpm_type_conversions() { let expected_object_name = Name::try_from(vec![0xf0u8; 68]).expect("Failed to create object name"); @@ -269,6 +276,7 @@ fn test_attest_with_creation_info_into_tpm_type_conversions() { } #[test] +#[serial] fn test_attest_with_nv_creation_info_into_tpm_type_conversions() { let expected_index_name = Name::try_from(vec![0xf0u8; 68]).expect("Failed to create index name"); @@ -314,6 +322,7 @@ fn test_attest_with_nv_creation_info_into_tpm_type_conversions() { } #[test] +#[serial] fn test_marshall_and_unmarshall() { let expected_index_name = Name::try_from(vec![0xf0u8; 68]).expect("Failed to create index name"); diff --git a/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive.rs b/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive.rs index 3887c8298..3934b2d7f 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive.rs @@ -1,6 +1,7 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ structures::{Sensitive, SensitiveBuffer}, @@ -10,12 +11,14 @@ use tss_esapi::{ const SENSITIVE_BUFFER_MAX_SIZE: usize = 1416; #[test] +#[serial] fn test_max_sized_data() { let _ = SensitiveBuffer::try_from(vec![0xffu8; SENSITIVE_BUFFER_MAX_SIZE]) .expect("Failed to parse buffer of maximum size as SensitiveBuffer"); } #[test] +#[serial] fn test_to_large_data() { assert_eq!( SensitiveBuffer::try_from(vec![0xffu8; SENSITIVE_BUFFER_MAX_SIZE + 1]) @@ -27,6 +30,7 @@ fn test_to_large_data() { } #[test] +#[serial] fn marshall_unmarshall() { crate::common::sensitives().iter().for_each(|sensitive| { let sensitive = sensitive.clone(); diff --git a/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive_create_buffer_tests.rs b/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive_create_buffer_tests.rs index b159e63fd..e890713ea 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive_create_buffer_tests.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/buffers_tests/sensitive_create_buffer_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::{convert::TryFrom, ops::Deref}; use tss_esapi::{ structures::{Auth, SensitiveCreate, SensitiveCreateBuffer, SensitiveData}, @@ -14,6 +15,7 @@ use tss_esapi_sys::TPM2B_SENSITIVE_DATA; const SENSITIVE_CREATE_BUFFER_MAX_SIZE: usize = 324; #[test] +#[serial] fn test_byte_conversions() { let expected_buffer = vec![0xFFu8; SENSITIVE_CREATE_BUFFER_MAX_SIZE]; let sensitive_create_buffer_from_slice = @@ -34,6 +36,7 @@ fn test_byte_conversions() { } #[test] +#[serial] fn test_conversions_of_over_sized_byte_data() { let over_sized_buffer = vec![0xFFu8; SENSITIVE_CREATE_BUFFER_MAX_SIZE + 1]; @@ -55,6 +58,7 @@ fn test_conversions_of_over_sized_byte_data() { } #[test] +#[serial] fn test_deref() { let expected_buffer = vec![0x0fu8; SENSITIVE_CREATE_BUFFER_MAX_SIZE]; let sensitive_create_buffer_from_slice = @@ -75,6 +79,7 @@ fn test_deref() { } #[test] +#[serial] fn test_tpm_types_conversions() { let expected_auth = Auth::default(); let expected_sensitive_data = SensitiveData::default(); @@ -107,6 +112,7 @@ fn test_tpm_types_conversions() { } #[test] +#[serial] fn test_marshall_unmarshall() { let expected_auth = Auth::try_from(vec![0, 1, 2, 3, 4, 5, 6, 7, 8, 9]).expect("Failed to create auth value"); @@ -127,6 +133,7 @@ fn test_marshall_unmarshall() { } #[test] +#[serial] fn test_conversion_from_max_size_buffer() { let data = vec![1u8; SensitiveData::MAX_SIZE]; let sensitive_data = SensitiveData::try_from(data) diff --git a/tss-esapi/tests/integration_tests/structures_tests/capability_data_tests.rs b/tss-esapi/tests/integration_tests/structures_tests/capability_data_tests.rs index 4bccfb274..3c3b6570d 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/capability_data_tests.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/capability_data_tests.rs @@ -1,12 +1,14 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::constants::CapabilityType; use tss_esapi::structures::CapabilityData; use crate::common::create_ctx_without_session; #[test] +#[serial] fn test_algorithms() { let mut context = create_ctx_without_session(); @@ -22,6 +24,7 @@ fn test_algorithms() { } #[test] +#[serial] fn test_handles() { let mut context = create_ctx_without_session(); @@ -37,6 +40,7 @@ fn test_handles() { } #[test] +#[serial] fn test_command() { let mut context = create_ctx_without_session(); @@ -52,6 +56,7 @@ fn test_command() { } #[test] +#[serial] fn test_pp_commands() { let mut context = create_ctx_without_session(); @@ -67,6 +72,7 @@ fn test_pp_commands() { } #[test] +#[serial] fn test_audit_commands() { let mut context = create_ctx_without_session(); @@ -82,6 +88,7 @@ fn test_audit_commands() { } #[test] +#[serial] fn test_assigned_pcr() { let mut context = create_ctx_without_session(); @@ -97,6 +104,7 @@ fn test_assigned_pcr() { } #[test] +#[serial] fn test_tpm_properties() { let mut context = create_ctx_without_session(); @@ -112,6 +120,7 @@ fn test_tpm_properties() { } #[test] +#[serial] fn test_pcr_properties() { let mut context = create_ctx_without_session(); @@ -127,6 +136,7 @@ fn test_pcr_properties() { } #[test] +#[serial] fn test_ecc_curves() { let mut context = create_ctx_without_session(); @@ -144,6 +154,7 @@ fn test_ecc_curves() { // For these tests to work the tpm2-tss library need to have the // authPolicies field in the TPMU_CAPABILITIES union. // #[test] +// #[serial] // fn test_auth_policies() { // let mut context = create_ctx_without_session(); @@ -161,6 +172,7 @@ fn test_ecc_curves() { // For these tests to work the tpm2-tss library need to have the // actData field in the TPMU_CAPABILITIES union. // #[test] +// #[serial] // fn test_act() { // let mut context = create_ctx_without_session(); diff --git a/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs b/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs index b3e2adea5..184029752 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/tagged_property_tests.rs @@ -10,7 +10,7 @@ use std::convert::TryInto; #[test] fn test_conversions() { - let expected_property = PropertyTag::AlgorithmSet; + let expected_property = PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::AlgorithmSet); let expected_value = 1u32; let expected_tpms_tagged_property = TPMS_TAGGED_PROPERTY { diff --git a/tss-esapi/tests/integration_tests/structures_tests/tagged_tests/parameters_tests.rs b/tss-esapi/tests/integration_tests/structures_tests/tagged_tests/parameters_tests.rs index ba1b9b7a7..5f93c6807 100644 --- a/tss-esapi/tests/integration_tests/structures_tests/tagged_tests/parameters_tests.rs +++ b/tss-esapi/tests/integration_tests/structures_tests/tagged_tests/parameters_tests.rs @@ -1,5 +1,6 @@ // Copyright 2022 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use std::convert::TryFrom; use tss_esapi::{ constants::AlgorithmIdentifier, @@ -18,6 +19,7 @@ use tss_esapi::{ }; #[test] +#[serial] fn test_valid_rsa_parameters_conversions() { let expected_public_rsa_parameters = PublicRsaParameters::builder() .with_restricted(true) @@ -55,6 +57,7 @@ fn test_valid_rsa_parameters_conversions() { } #[test] +#[serial] fn test_valid_ecc_parameters_conversion() { let expected_public_ecc_parameters = PublicEccParameters::builder() .with_restricted(true) @@ -93,6 +96,7 @@ fn test_valid_ecc_parameters_conversion() { } #[test] +#[serial] fn test_valid_keyed_hash_parameters_conversion() { let expected_public_keyed_hash_parameters = PublicKeyedHashParameters::new(KeyedHashScheme::Hmac { @@ -128,6 +132,7 @@ fn test_valid_keyed_hash_parameters_conversion() { } #[test] +#[serial] fn test_valid_symmetric_cipher_parameters_conversion() { let expected_symmetric_cipher_parameters = SymmetricCipherParameters::new(SymmetricDefinitionObject::AES_128_CFB); @@ -161,6 +166,7 @@ fn test_valid_symmetric_cipher_parameters_conversion() { } #[test] +#[serial] fn test_conversion_failure_due_to_invalid_public_algorithm() { assert_eq!( Err(Error::WrapperError(WrapperErrorKind::InvalidParam)), diff --git a/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_context_tests.rs b/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_context_tests.rs index 57f96d753..7ebf41ebf 100644 --- a/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_context_tests.rs +++ b/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_context_tests.rs @@ -1,8 +1,10 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::tcti_ldr::TctiContext; #[test] +#[serial] fn new_context() { let _context = TctiContext::initialize(crate::tcti_ldr_tests::name_conf()).unwrap(); } diff --git a/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_info_tests.rs b/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_info_tests.rs index 4c6592e90..3567d876d 100644 --- a/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_info_tests.rs +++ b/tss-esapi/tests/integration_tests/tcti_ldr_tests/tcti_info_tests.rs @@ -1,8 +1,10 @@ // Copyright 2021 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::tcti_ldr::TctiInfo; #[test] +#[serial] fn new_info() { let info = TctiInfo::get_info(crate::tcti_ldr_tests::name_conf()).unwrap(); let _version = info.version(); diff --git a/tss-esapi/tests/integration_tests/utils_tests/get_tpm_vendor_test.rs b/tss-esapi/tests/integration_tests/utils_tests/get_tpm_vendor_test.rs index 163ec5d36..74949073c 100644 --- a/tss-esapi/tests/integration_tests/utils_tests/get_tpm_vendor_test.rs +++ b/tss-esapi/tests/integration_tests/utils_tests/get_tpm_vendor_test.rs @@ -1,6 +1,7 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +use serial_test::serial; use tss_esapi::utils; // Copyright 2021 Contributors to the Parsec project. @@ -8,6 +9,7 @@ use tss_esapi::utils; use crate::common::create_ctx_without_session; #[test] +#[serial] fn get_tpm_vendor() { let mut context = create_ctx_without_session(); From ea193eff0e9a4bfcef88288433898f2e80bbbf5a Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Mon, 29 Dec 2025 00:56:38 -0500 Subject: [PATCH 8/9] feat: mark some documentation tests as serial execution, requires explicit main() --- tss-esapi/Cargo.toml | 2 +- tss-esapi/src/abstraction/no_tpm/quote.rs | 3 +++ tss-esapi/src/abstraction/pcr.rs | 3 +++ tss-esapi/src/context.rs | 12 +++++++++ tss-esapi/src/context/general_esys_tr.rs | 18 +++++++++++++ .../tpm_commands/asymmetric_primitives.rs | 9 +++++++ .../tpm_commands/attestation_commands.rs | 12 +++++++++ .../tpm_commands/capability_commands.rs | 3 +++ .../tpm_commands/context_management.rs | 9 +++++++ .../tpm_commands/duplication_commands.rs | 6 +++++ .../enhanced_authorization_ea_commands.rs | 8 +++++- .../tpm_commands/integrity_collection_pcr.rs | 9 +++++++ .../tpm_commands/non_volatile_storage.rs | 26 ++++++++++++++++++- .../context/tpm_commands/object_commands.rs | 3 +++ .../context/tpm_commands/session_commands.rs | 3 +++ .../signing_and_signature_verification.rs | 3 +++ .../tpm_commands/symmetric_primitives.rs | 10 ++++++- 17 files changed, 135 insertions(+), 4 deletions(-) diff --git a/tss-esapi/Cargo.toml b/tss-esapi/Cargo.toml index c23b31902..66e632bbf 100644 --- a/tss-esapi/Cargo.toml +++ b/tss-esapi/Cargo.toml @@ -66,7 +66,7 @@ paste = "1.0.14" getrandom = "0.2.11" [dev-dependencies] -serial_test = "*" +serial_test = { version = "*", features = ["file_locks"] } env_logger = "0.11.5" serde_json = "^1.0.108" sha2 = { version = "0.10.8", features = ["oid"] } diff --git a/tss-esapi/src/abstraction/no_tpm/quote.rs b/tss-esapi/src/abstraction/no_tpm/quote.rs index 25e9719ea..8d85dfb65 100644 --- a/tss-esapi/src/abstraction/no_tpm/quote.rs +++ b/tss-esapi/src/abstraction/no_tpm/quote.rs @@ -222,6 +222,8 @@ fn checkquote_pcr_digests( /// # }, /// # TctiNameConf, /// # }; +/// # #[serial_test::file_serial] +/// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -293,6 +295,7 @@ fn checkquote_pcr_digests( /// &qualifying_data /// ) /// .unwrap(); +/// # } /// ``` pub fn checkquote( attest: &Attest, diff --git a/tss-esapi/src/abstraction/pcr.rs b/tss-esapi/src/abstraction/pcr.rs index 97e856a36..5f8706596 100644 --- a/tss-esapi/src/abstraction/pcr.rs +++ b/tss-esapi/src/abstraction/pcr.rs @@ -15,6 +15,8 @@ pub use data::PcrData; /// /// ```rust /// # use tss_esapi::{Context, TctiNameConf}; +/// # #[serial_test::file_serial] +/// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -57,6 +59,7 @@ pub use data::PcrData; /// .expect("Failed to build PcrSelectionList"); /// let _pcr_data = tss_esapi::abstraction::pcr::read_all(&mut context, pcr_selection_list) /// .expect("pcr::read_all failed"); +/// # } /// ``` pub fn read_all( context: &mut Context, diff --git a/tss-esapi/src/context.rs b/tss-esapi/src/context.rs index 1d9839b00..238480250 100644 --- a/tss-esapi/src/context.rs +++ b/tss-esapi/src/context.rs @@ -149,6 +149,8 @@ impl Context { /// # interface_types::algorithm::HashingAlgorithm, /// # structures::SymmetricDefinition, /// # }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -175,6 +177,7 @@ impl Context { /// # assert_eq!(auth_session, session_1); /// # assert_eq!(None, session_2); /// # assert_eq!(None, session_3); + /// # } /// ``` pub fn set_sessions( &mut self, @@ -197,6 +200,8 @@ impl Context { /// ```rust /// # use tss_esapi::{Context, tcti_ldr::TctiNameConf, interface_types::session_handles::AuthSession}; /// # // Create context + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -210,6 +215,7 @@ impl Context { /// # assert_eq!(None, session_1); /// # assert_eq!(None, session_2); /// # assert_eq!(None, session_3); + /// # } /// ``` pub fn clear_sessions(&mut self) { self.sessions = (None, None, None) @@ -221,6 +227,8 @@ impl Context { /// /// ```rust /// # use tss_esapi::{Context, tcti_ldr::TctiNameConf, interface_types::session_handles::AuthSession}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -234,6 +242,7 @@ impl Context { /// assert_eq!(Some(AuthSession::Password), session_1); /// assert_eq!(None, session_2); /// assert_eq!(None, session_3); + /// # } /// ``` pub fn sessions( &self, @@ -358,6 +367,8 @@ impl Context { /// ```rust /// # use tss_esapi::{Context, tcti_ldr::TctiNameConf, constants::{PropertyTag,PrimitivePropertyTag}}; /// # use std::str::FromStr; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -367,6 +378,7 @@ impl Context { /// .get_tpm_property(PropertyTag::PrimitivePropertyTag(PrimitivePropertyTag::Revision)) /// .expect("Wrong value from TPM") /// .expect("Value is not supported"); + /// # } /// ``` pub fn get_tpm_property(&mut self, property: PropertyTag) -> Result> { // Return cached value if it exists diff --git a/tss-esapi/src/context/general_esys_tr.rs b/tss-esapi/src/context/general_esys_tr.rs index ab44624bb..c94a92488 100644 --- a/tss-esapi/src/context/general_esys_tr.rs +++ b/tss-esapi/src/context/general_esys_tr.rs @@ -29,6 +29,8 @@ impl Context { /// ```rust /// # use tss_esapi::{Context, TctiNameConf}; /// use tss_esapi::{handles::ObjectHandle, structures::Auth}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -39,6 +41,7 @@ impl Context { /// context /// .tr_set_auth(ObjectHandle::Owner, Auth::default()) /// .expect("Failed to call tr_set_auth"); + /// # } /// ``` pub fn tr_set_auth(&mut self, object_handle: ObjectHandle, auth: Auth) -> Result<()> { let mut auth_value = auth.into(); @@ -67,6 +70,8 @@ impl Context { /// # interface_types::{algorithm::HashingAlgorithm, reserved_handles::Provision}, /// # structures::{SymmetricDefinition, NvPublic}, /// # }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -130,6 +135,7 @@ impl Context { /// let (_public_area, expected_name) = nv_read_public_result.expect("Call to nv_read_public failed"); /// let actual_name = tr_get_name_result.expect("Call to tr_get_name failed"); /// assert_eq!(expected_name, actual_name); + /// # } /// ``` pub fn tr_get_name(&mut self, object_handle: ObjectHandle) -> Result { let mut name_ptr = null_mut(); @@ -162,6 +168,8 @@ impl Context { /// use tss_esapi::{ /// handles::NvIndexTpmHandle, /// }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -239,6 +247,7 @@ impl Context { /// # let (_, expected_name) = nv_read_public_result.expect("Call to nv_read_public failed"); /// # let actual_name = tr_get_name_result.expect("Call to tr_get_name failed"); /// # assert_eq!(expected_name, actual_name); + /// # } /// ``` pub fn tr_from_tpm_public(&mut self, tpm_handle: TpmHandle) -> Result { let mut object = ObjectHandle::None.into(); @@ -287,6 +296,8 @@ impl Context { /// # interface_types::{algorithm::HashingAlgorithm, reserved_handles::Provision}, /// # structures::{SymmetricDefinition, NvPublic}, /// # }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -359,6 +370,7 @@ impl Context { /// // Process results. /// tr_close_result.expect("Call to tr_close failed."); /// # tr_get_name_result.expect_err("Calling tr_get_name with invalid handle did not result in an error."); + /// # } /// ``` pub fn tr_close(&mut self, object_handle: &mut ObjectHandle) -> Result<()> { let mut rsrc_handle = object_handle.try_into_not_none()?; @@ -423,6 +435,8 @@ impl Context { /// # }, /// # structures::EccScheme, /// # }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -443,6 +457,7 @@ impl Context { /// ).unwrap() /// .key_handle; /// let data = context.tr_serialize(key_handle.into()).unwrap(); + /// # } /// ``` pub fn tr_serialize(&mut self, handle: ObjectHandle) -> Result> { let mut len = 0; @@ -491,6 +506,8 @@ impl Context { /// # }, /// # structures::EccScheme, /// # }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -515,6 +532,7 @@ impl Context { /// let data = context.tr_serialize(key_handle.into()).unwrap(); /// let new_handle = context.tr_deserialize(&data).unwrap(); /// assert_eq!(public_key, context.read_public(new_handle.into()).unwrap()); + /// # } /// ``` pub fn tr_deserialize(&mut self, buffer: &[u8]) -> Result { let mut handle = TPM2_RH_UNASSIGNED; diff --git a/tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs b/tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs index 40758900c..63a383581 100644 --- a/tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs +++ b/tss-esapi/src/context/tpm_commands/asymmetric_primitives.rs @@ -58,6 +58,8 @@ impl Context { /// # }, /// # }; /// # use std::{env, str::FromStr, convert::TryFrom}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -141,6 +143,7 @@ impl Context { /// # .expect("Should be possible to call rsa_decrypt using valid arguments."); /// # let decrypted_bytes = message_out.as_bytes(); /// # assert_eq!(plain_text_bytes, decrypted_bytes); + /// # } /// ``` pub fn rsa_encrypt( &mut self, @@ -367,6 +370,8 @@ impl Context { /// # }, /// # }; /// # use std::{env, str::FromStr, convert::TryFrom}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -442,6 +447,7 @@ impl Context { /// /// // Generate ephemeral key pair and a shared secret /// let (z_point, pub_point) = context.ecdh_key_gen(key_handle).unwrap(); + /// # } /// ``` pub fn ecdh_key_gen(&mut self, key_handle: KeyHandle) -> Result<(EccPoint, EccPoint)> { let mut z_point_ptr = null_mut(); @@ -503,6 +509,8 @@ impl Context { /// # }, /// # }; /// # use std::{env, str::FromStr, convert::TryFrom}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -580,6 +588,7 @@ impl Context { /// let (z_point, pub_point) = context.ecdh_key_gen(key_handle).unwrap(); /// let z_point_gen = context.ecdh_z_gen(key_handle, pub_point).unwrap(); /// assert_eq!(z_point.x().as_bytes(), z_point_gen.x().as_bytes()); + /// # } /// ``` pub fn ecdh_z_gen(&mut self, key_handle: KeyHandle, in_point: EccPoint) -> Result { let mut out_point_ptr = null_mut(); diff --git a/tss-esapi/src/context/tpm_commands/attestation_commands.rs b/tss-esapi/src/context/tpm_commands/attestation_commands.rs index e27625a5a..099e48198 100644 --- a/tss-esapi/src/context/tpm_commands/attestation_commands.rs +++ b/tss-esapi/src/context/tpm_commands/attestation_commands.rs @@ -61,6 +61,8 @@ impl Context { /// structures::{Data, SignatureScheme}, /// interface_types::session_handles::AuthSession, /// }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -117,6 +119,7 @@ impl Context { /// }, /// ) /// .expect("Failed to certify object handle"); + /// # } /// ``` pub fn certify( &mut self, @@ -204,6 +207,8 @@ impl Context { /// structures::{Data, SignatureScheme}, /// interface_types::session_handles::AuthSession, /// }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -238,6 +243,7 @@ impl Context { /// }, /// ) /// .expect("Failed to certify creation"); + /// # } /// ``` pub fn certify_creation( &mut self, @@ -318,6 +324,8 @@ impl Context { /// }, /// }; /// + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -385,6 +393,7 @@ impl Context { /// # panic!("Attested did not contain the expected variant.") /// # } /// # } + /// # } /// ``` pub fn quote( &mut self, @@ -465,6 +474,8 @@ impl Context { /// structures::{Data, SignatureScheme}, /// interface_types::session_handles::AuthSession, /// }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -499,6 +510,7 @@ impl Context { /// }, /// ) /// .expect("Failed to get tpm time"); + /// # } /// ``` pub fn get_time( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/capability_commands.rs b/tss-esapi/src/context/tpm_commands/capability_commands.rs index fa1c36c91..bb6509948 100644 --- a/tss-esapi/src/context/tpm_commands/capability_commands.rs +++ b/tss-esapi/src/context/tpm_commands/capability_commands.rs @@ -28,6 +28,8 @@ impl Context { /// /// ```rust /// # use tss_esapi::{Context, TctiNameConf}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -39,6 +41,7 @@ impl Context { /// let (_capabilities, _more) = context /// .get_capability(CapabilityType::Algorithms, 0, 80) /// .expect("Failed to call get_capability"); + /// # } /// ``` pub fn get_capability( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/context_management.rs b/tss-esapi/src/context/tpm_commands/context_management.rs index 02b701672..d0e36f545 100644 --- a/tss-esapi/src/context/tpm_commands/context_management.rs +++ b/tss-esapi/src/context/tpm_commands/context_management.rs @@ -71,6 +71,8 @@ impl Context { /// # }; /// # use std::convert::TryFrom; /// # use std::str::FromStr; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -126,6 +128,7 @@ impl Context { /// ctx.flush_context(key_handle.into()).expect("Call to flush_context failed"); /// assert!(ctx.read_public(key_handle).is_err()); /// }) + /// # } /// ``` pub fn flush_context(&mut self, handle: ObjectHandle) -> Result<()> { ReturnCode::ensure_success( @@ -183,6 +186,8 @@ impl Context { /// # tss2_esys::TPM2_HANDLE, /// # }; /// # use std::{env, str::FromStr, convert::TryFrom}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -281,6 +286,7 @@ impl Context { /// # .expect("Failed to evict persistent handle") /// # }); /// # assert_ne!(retireved_persistent_handle, ObjectHandle::None); + /// # } /// ``` /// /// Make persistent object transient @@ -302,6 +308,8 @@ impl Context { /// # tss2_esys::TPM2_HANDLE, /// # }; /// # use std::{env, str::FromStr, convert::TryFrom}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -401,6 +409,7 @@ impl Context { /// .expect("Failed to evict persistent handle") /// }); /// # assert_ne!(retrieved_persistent_handle, ObjectHandle::None); + /// # } /// ``` pub fn evict_control( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/duplication_commands.rs b/tss-esapi/src/context/tpm_commands/duplication_commands.rs index a24772480..50443701e 100644 --- a/tss-esapi/src/context/tpm_commands/duplication_commands.rs +++ b/tss-esapi/src/context/tpm_commands/duplication_commands.rs @@ -58,6 +58,8 @@ impl Context { /// # use tss_esapi::abstraction::cipher::Cipher; /// # use tss_esapi::{Context, TctiNameConf}; /// # + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = // ... /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -294,6 +296,7 @@ impl Context { /// ) /// .unwrap(); /// # eprintln!("D: {:?}, P: {:?}, S: {:?}", encryption_key_out, duplicate, out_sym_seed); + /// # } /// ``` pub fn duplicate( &mut self, @@ -380,6 +383,8 @@ impl Context { /// # use tss_esapi::abstraction::cipher::Cipher; /// # use tss_esapi::{Context, TctiNameConf}; /// # + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = // ... /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -652,6 +657,7 @@ impl Context { /// ).unwrap(); /// # /// # eprintln!("P: {:?}", private); + /// # } /// ``` pub fn import( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/enhanced_authorization_ea_commands.rs b/tss-esapi/src/context/tpm_commands/enhanced_authorization_ea_commands.rs index 0f36bcc48..6b1321436 100644 --- a/tss-esapi/src/context/tpm_commands/enhanced_authorization_ea_commands.rs +++ b/tss-esapi/src/context/tpm_commands/enhanced_authorization_ea_commands.rs @@ -359,6 +359,8 @@ impl Context { /// # use tss_esapi::abstraction::cipher::Cipher; /// # use tss_esapi::{Context, TctiNameConf}; /// # + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = // ... /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -402,7 +404,8 @@ impl Context { /// # /// Digest of the policy that allows duplication /// # let digest = context /// # .policy_get_digest(policy_session) - /// # .expect("Could retrieve digest"); + /// # .expect("Could retrieve digest"); + /// # } /// ``` pub fn policy_duplication_select( &mut self, @@ -617,6 +620,8 @@ impl Context { /// # use tss_esapi::structures::{NvPublic, SymmetricDefinition}; /// # use tss_esapi::{Context, TctiNameConf}; /// # + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = // ... /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -702,6 +707,7 @@ impl Context { /// # context /// # .nv_undefine_space(Provision::Owner, nv_index_handle) /// # .expect("Call to nv_undefine_space failed"); + /// # } /// ``` pub fn policy_authorize_nv( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/integrity_collection_pcr.rs b/tss-esapi/src/context/tpm_commands/integrity_collection_pcr.rs index 72db1d09d..64842a112 100644 --- a/tss-esapi/src/context/tpm_commands/integrity_collection_pcr.rs +++ b/tss-esapi/src/context/tpm_commands/integrity_collection_pcr.rs @@ -32,6 +32,8 @@ impl Context { /// # structures::{Digest, SymmetricDefinition}, /// # }; /// # use std::{env, str::FromStr}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -86,6 +88,7 @@ impl Context { /// context.execute_with_session(Some(pcr_session), |ctx| { /// ctx.pcr_extend(PcrHandle::Pcr16, vals).expect("Call to pcr_extend failed"); /// }); + /// # } /// ``` pub fn pcr_extend(&mut self, pcr_handle: PcrHandle, digests: DigestValues) -> Result<()> { ReturnCode::ensure_success( @@ -129,6 +132,8 @@ impl Context { /// ```rust /// # use tss_esapi::{Context, TctiNameConf}; /// # use std::{env, str::FromStr}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -147,6 +152,7 @@ impl Context { /// /// let (update_counter, read_pcr_list, digest_list) = context.pcr_read(pcr_selection_list) /// .expect("Call to pcr_read failed"); + /// # } /// ``` pub fn pcr_read( &mut self, @@ -206,6 +212,8 @@ impl Context { /// # interface_types::algorithm::HashingAlgorithm, /// # }; /// # use std::{env, str::FromStr}; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -236,6 +244,7 @@ impl Context { /// context.execute_with_session(Some(pcr_session), |ctx| { /// ctx.pcr_reset(PcrHandle::Pcr16).expect("Call to pcr_reset failed"); /// }); + /// # } /// ``` pub fn pcr_reset(&mut self, pcr_handle: PcrHandle) -> Result<()> { ReturnCode::ensure_success( diff --git a/tss-esapi/src/context/tpm_commands/non_volatile_storage.rs b/tss-esapi/src/context/tpm_commands/non_volatile_storage.rs index b8f2c4a3a..03f2dc0a9 100644 --- a/tss-esapi/src/context/tpm_commands/non_volatile_storage.rs +++ b/tss-esapi/src/context/tpm_commands/non_volatile_storage.rs @@ -44,6 +44,8 @@ impl Context { /// handles::NvIndexTpmHandle, attributes::NvIndexAttributes, structures::NvPublic, /// interface_types::{algorithm::HashingAlgorithm, reserved_handles::Provision}, /// }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -95,7 +97,8 @@ impl Context { /// /// # context /// # .nv_undefine_space(Provision::Owner, owner_nv_index_handle) - /// # .expect("Call to nv_undefine_space failed"); + /// # .expect("Call to nv_undefine_space failed"); + /// # } /// ``` pub fn nv_define_space( &mut self, @@ -150,6 +153,8 @@ impl Context { /// # interface_types::algorithm::HashingAlgorithm, /// # }; /// use tss_esapi::interface_types::reserved_handles::Provision; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -201,6 +206,7 @@ impl Context { /// context /// .nv_undefine_space(Provision::Owner, owner_nv_index_handle) /// .expect("Call to nv_undefine_space failed"); + /// # } /// ``` pub fn nv_undefine_space( &mut self, @@ -252,6 +258,8 @@ impl Context { /// # use std::convert::TryFrom; /// use tss_esapi::interface_types::reserved_handles::Provision; /// use tss_esapi::interface_types::session_handles::AuthSession; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -345,6 +353,7 @@ impl Context { /// .expect("Call to nv_undefine_space_special failed"); /// } /// ); + /// # } /// ``` pub fn nv_undefine_space_special( &mut self, @@ -393,6 +402,8 @@ impl Context { /// interface_types::reserved_handles::Provision, /// }; /// + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -454,6 +465,7 @@ impl Context { /// .expect("Call to nv_read_public failed"); /// /// assert_eq!(owner_nv_public, read_nv_public); + /// # } /// ``` pub fn nv_read_public(&mut self, nv_index_handle: NvIndexHandle) -> Result<(NvPublic, Name)> { let mut nv_public_ptr = null_mut(); @@ -509,6 +521,8 @@ impl Context { /// }; /// use std::convert::TryFrom; /// + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -569,6 +583,7 @@ impl Context { /// /// // Process result /// nv_write_result.expect("Call to nv_write failed"); + /// # } /// ``` pub fn nv_write( &mut self, @@ -620,6 +635,8 @@ impl Context { /// interface_types::reserved_handles::{Provision, NvAuth} /// }; /// + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -677,6 +694,7 @@ impl Context { /// /// // Process result /// nv_increment_result.expect("Call to nv_increment failed"); + /// # } /// ``` pub fn nv_increment( &mut self, @@ -729,6 +747,8 @@ impl Context { /// interface_types::reserved_handles::{Provision, NvAuth}, structures::MaxNvBuffer, /// }; /// + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -785,6 +805,7 @@ impl Context { /// # context /// # .nv_undefine_space(Provision::Owner, nv_index_handle) /// # .expect("Call to nv_undefine_space failed"); + /// # } /// ``` pub fn nv_extend( &mut self, @@ -840,6 +861,8 @@ impl Context { /// }; /// use std::convert::TryFrom; /// + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -907,6 +930,7 @@ impl Context { /// nv_write_result.expect("Call to nv_write failed"); /// let read_data = nv_read_result.expect("Call to nv_read failed"); /// assert_eq!(data, read_data); + /// # } /// ``` pub fn nv_read( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/object_commands.rs b/tss-esapi/src/context/tpm_commands/object_commands.rs index 22f2fca83..74ede5783 100644 --- a/tss-esapi/src/context/tpm_commands/object_commands.rs +++ b/tss-esapi/src/context/tpm_commands/object_commands.rs @@ -170,6 +170,8 @@ impl Context { /// # 164, 162, 189, /// # ]; /// # + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -220,6 +222,7 @@ impl Context { /// // Load public key into Owner hierarchy. /// let key_handle = context.load_external(None, public, Hierarchy::Owner) /// .expect("The load_external should have returned a valid key handle."); + /// # } /// ``` pub fn load_external( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/session_commands.rs b/tss-esapi/src/context/tpm_commands/session_commands.rs index bdf0387f2..0c253e1b5 100644 --- a/tss-esapi/src/context/tpm_commands/session_commands.rs +++ b/tss-esapi/src/context/tpm_commands/session_commands.rs @@ -29,6 +29,8 @@ impl Context { /// # interface_types::algorithm::HashingAlgorithm, /// # structures::SymmetricDefinition, /// # }; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -47,6 +49,7 @@ impl Context { /// ) /// .expect("Failed to create session") /// .expect("Received invalid handle"); + /// # } /// ``` #[allow(clippy::too_many_arguments)] pub fn start_auth_session( diff --git a/tss-esapi/src/context/tpm_commands/signing_and_signature_verification.rs b/tss-esapi/src/context/tpm_commands/signing_and_signature_verification.rs index 3fbc3ee1a..302c18f14 100644 --- a/tss-esapi/src/context/tpm_commands/signing_and_signature_verification.rs +++ b/tss-esapi/src/context/tpm_commands/signing_and_signature_verification.rs @@ -63,6 +63,8 @@ impl Context { /// # utils::create_unrestricted_signing_rsa_public /// # }; /// use tss_esapi::structures::SignatureScheme; + /// # #[serial_test::file_serial] + /// # fn main() { /// # let mut context = /// # Context::new( /// # TctiNameConf::from_environment_variable().expect("Failed to get TCTI"), @@ -90,6 +92,7 @@ impl Context { /// ) /// }) /// .expect("Failed to sign digest"); + /// # } /// ``` pub fn sign( &mut self, diff --git a/tss-esapi/src/context/tpm_commands/symmetric_primitives.rs b/tss-esapi/src/context/tpm_commands/symmetric_primitives.rs index 797cb256b..8a9916f0e 100644 --- a/tss-esapi/src/context/tpm_commands/symmetric_primitives.rs +++ b/tss-esapi/src/context/tpm_commands/symmetric_primitives.rs @@ -46,6 +46,8 @@ impl Context { /// use tss_esapi::interface_types::session_handles::AuthSession; /// use tss_esapi::interface_types::algorithm::SymmetricMode; /// # use std::convert::TryFrom; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -180,6 +182,7 @@ impl Context { /// # }); /// # /// # debug_assert_eq!(data, decrypted_data); + /// # } /// ``` pub fn encrypt_decrypt_2( &mut self, @@ -235,6 +238,8 @@ impl Context { /// # interface_types::{algorithm::HashingAlgorithm, reserved_handles::Hierarchy}, /// # }; /// # use std::convert::TryFrom; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -258,6 +263,7 @@ impl Context { /// assert_eq!(expected_hashed_data.len(), actual_hashed_data.len()); /// assert_eq!(&expected_hashed_data[..], &actual_hashed_data[..]); /// assert_eq!(ticket.hierarchy(), expected_hierarchy); + /// # } /// ``` pub fn hash( &mut self, @@ -310,6 +316,8 @@ impl Context { /// # Context, tcti_ldr::TctiNameConf, /// # }; /// # use std::convert::TryFrom; + /// # #[serial_test::file_serial] + /// # fn main() { /// # // Create context /// # let mut context = /// # Context::new( @@ -339,7 +347,7 @@ impl Context { /// /// ctx.hmac(key.key_handle.into(), input_data, HashingAlgorithm::Sha256) /// }).unwrap(); - /// + /// # } /// ``` /// /// # Errors From 07c9c5113d616c0a065d5ea7feef4b8d4ff2f0b9 Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Sat, 20 Dec 2025 19:12:12 -0500 Subject: [PATCH 9/9] wip: maybe working ek.rs with correct policyauth --- tss-esapi/src/abstraction/ek.rs | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/tss-esapi/src/abstraction/ek.rs b/tss-esapi/src/abstraction/ek.rs index 98a869a1a..b2edfc1c7 100644 --- a/tss-esapi/src/abstraction/ek.rs +++ b/tss-esapi/src/abstraction/ek.rs @@ -1,6 +1,7 @@ // Copyright 2020 Contributors to the Parsec project. // SPDX-License-Identifier: Apache-2.0 +#[allow(unused_imports)] use crate::{ abstraction::{nv, AsymmetricAlgorithmSelection, IntoKeyCustomization, KeyCustomization}, attributes::ObjectAttributesBuilder, @@ -12,12 +13,13 @@ use crate::{ reserved_handles::{Hierarchy, NvAuth}, }, structures::{ - EccParameter, EccPoint, EccScheme, KeyDerivationFunctionScheme, Public, PublicBuilder, - PublicEccParametersBuilder, PublicKeyRsa, PublicRsaParametersBuilder, RsaExponent, - RsaScheme, SymmetricDefinitionObject, + Digest, EccParameter, EccPoint, EccScheme, KeyDerivationFunctionScheme, Public, + PublicBuilder, PublicEccParametersBuilder, PublicKeyRsa, PublicRsaParametersBuilder, + RsaExponent, RsaScheme, SymmetricDefinitionObject, }, Context, Error, Result, WrapperErrorKind, }; +#[allow(unused_imports)] use std::convert::TryFrom; // Source: TCG EK Credential Profile for TPM Family 2.0; Level 0 Version 2.3 Revision 2 // Section 2.2.1.4 (Low Range) for Windows compatibility @@ -38,24 +40,24 @@ const AUTHPOLICY_A_SHA256: [u8; 32] = [ 0x83, 0x71, 0x97, 0x67, 0x44, 0x84, 0xb3, 0xf8, 0x1a, 0x90, 0xcc, 0x8d, 0x46, 0xa5, 0xd7, 0x24, 0xfd, 0x52, 0xd7, 0x6e, 0x06, 0x52, 0x0b, 0x64, 0xf2, 0xa1, 0xda, 0x1b, 0x33, 0x14, 0x69, 0xaa, ]; - #[allow(unused)] const AUTHPOLICY_B_SHA384: [u8; 48] = [ 0xb2, 0x6e, 0x7d, 0x28, 0xd1, 0x1a, 0x50, 0xbc, 0x53, 0xd8, 0x82, 0xbc, 0xf5, 0xfd, 0x3a, 0x1a, 0x07, 0x41, 0x48, 0xbb, 0x35, 0xd3, 0xb4, 0xe4, 0xcb, 0x1c, 0x0a, 0xd9, 0xbd, 0xe4, 0x19, 0xca, 0xcb, 0x47, 0xba, 0x09, 0x69, 0x96, 0x46, 0x15, 0x0f, 0x9f, 0xc0, 0x00, 0xf3, 0xf8, 0x0e, 0x12, ]; +#[allow(unused)] const AUTHPOLICY_B_SHA512: [u8; 64] = [ 0xb8, 0x22, 0x1c, 0xa6, 0x9e, 0x85, 0x50, 0xa4, 0x91, 0x4d, 0xe3, 0xfa, 0xa6, 0xa1, 0x8c, 0x07, 0x2c, 0xc0, 0x12, 0x08, 0x07, 0x3a, 0x92, 0x8d, 0x5d, 0x66, 0xd5, 0x9e, 0xf7, 0x9e, 0x49, 0xa4, 0x29, 0xc4, 0x1a, 0x6b, 0x26, 0x95, 0x71, 0xd5, 0x7e, 0xdb, 0x25, 0xfb, 0xdb, 0x18, 0x38, 0x42, 0x56, 0x08, 0xb4, 0x13, 0xcd, 0x61, 0x6a, 0x5f, 0x6d, 0xb5, 0xb6, 0x07, 0x1a, 0xf9, 0x9b, 0xea, ]; +#[allow(unused)] const AUTHPOLICY_B_SM3_256: [u8; 32] = [ 0x16, 0x78, 0x60, 0xa3, 0x5f, 0x2c, 0x5c, 0x35, 0x67, 0xf9, 0xc9, 0x27, 0xac, 0x56, 0xc0, 0x32, 0xf3, 0xb3, 0xa6, 0x46, 0x2f, 0x8d, 0x03, 0x79, 0x98, 0xe7, 0xa1, 0x0f, 0x77, 0xfa, 0x45, 0x4a, ]; - /// Get the [`Public`] representing a default Endorsement Key /// /// **Note**: This only works for key algorithms specified in TCG EK Credential Profile for TPM Family 2.0. @@ -114,6 +116,7 @@ pub fn create_ek_public_from_default_template( _ => return Err(Error::local_error(WrapperErrorKind::UnsupportedParam)), }; + PublicBuilder::new() .with_public_algorithm(PublicAlgorithm::Rsa) .with_name_hashing_algorithm(hash_alg) @@ -144,7 +147,7 @@ pub fn create_ek_public_from_default_template( HashingAlgorithm::Sha256, AUTHPOLICY_A_SHA256.into(), SymmetricDefinitionObject::AES_256_CFB, - 0, + 48, ), EccCurve::NistP521 => ( HashingAlgorithm::Sha512, @@ -182,6 +185,8 @@ pub fn create_ek_public_from_default_template( EccParameter::try_from(vec![0u8; xy_size])?, )) } + // Other algos are not supported in the spec, so return a error + //_ => return Err(Error::local_error(WrapperErrorKind::UnsupportedParam)), }; let key_builder = if let Some(ref k) = key_customization {