testing: Add CA ID mappings to TKM tests

Extend the build-certs-chroot script is to fill in the public key
fingerprint of the CA certificate in the appropriate strongswan.con
files.

testing/scripts/build-certs-chroot

@@ -1925,3 +1925,30 @@ do
       -e "s|SUN_PUB_DNS|${SUN_PUB_DNS}|g" \
       ${TEST_DATA}.in > ${TEST_DATA}
 done
+
+################################################################################
+# TKM CA ID mapping                                                            #
+################################################################################
+
+for t in host2host-initiator host2host-responder host2host-xfrmproxy \
+         net2net-initiator net2net-xfrmproxy xfrmproxy-expire xfrmproxy-rekey
+do
+  for h in moon
+  do
+    TEST_DATA="${TEST_DIR}/tkm/${t}/hosts/moon/etc/strongswan.conf"
+    sed -e "s/CA_SPK_HEX/${CA_SPK_HEX}/g" \
+        -e "s/CA_SPKI_HEX/${CA_SPKI_HEX}/g" \
+        ${TEST_DATA}.in > ${TEST_DATA}
+  done
+done
+
+for t in multiple-clients
+do
+  for h in sun
+  do
+    TEST_DATA="${TEST_DIR}/tkm/${t}/hosts/${h}/etc/strongswan.conf"
+    sed -e "s/CA_SPK_HEX/${CA_SPK_HEX}/g" \
+        -e "s/CA_SPKI_HEX/${CA_SPKI_HEX}/g" \
+        ${TEST_DATA}.in > ${TEST_DATA}
+  done
+done

testing/tests/tkm/.gitignore

@@ -1 +1,2 @@
 *.der
+strongswan.conf

testing/tests/tkm/host2host-initiator/hosts/moon/etc/strongswan.conf.in

@@ -5,4 +5,10 @@ charon-tkm {
     15 = 1
     16 = 2
   }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
 }

testing/tests/tkm/host2host-responder/hosts/moon/etc/strongswan.conf.in

@@ -5,4 +5,10 @@ charon-tkm {
     15 = 1
     16 = 2
   }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
 }

testing/tests/tkm/host2host-xfrmproxy/hosts/moon/etc/strongswan.conf.in

@@ -5,4 +5,10 @@ charon-tkm {
     15 = 1
     16 = 2
   }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
 }

testing/tests/tkm/multiple-clients/hosts/sun/etc/strongswan.conf.in

@@ -5,4 +5,10 @@ charon-tkm {
     15 = 1
     16 = 2
   }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
 }

testing/tests/tkm/net2net-initiator/hosts/moon/etc/strongswan.conf

@@ -1,8 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon-tkm {
-  dh_mapping {
-    15 = 1
-    16 = 2
-  }
-}

testing/tests/tkm/net2net-initiator/hosts/moon/etc/strongswan.conf.in

@@ -0,0 +1,14 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon-tkm {
+  dh_mapping {
+    15 = 1
+    16 = 2
+  }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
+}

testing/tests/tkm/net2net-xfrmproxy/hosts/moon/etc/strongswan.conf

@@ -1,8 +0,0 @@
-# /etc/strongswan.conf - strongSwan configuration file
-
-charon-tkm {
-  dh_mapping {
-    15 = 1
-    16 = 2
-  }
-}

testing/tests/tkm/net2net-xfrmproxy/hosts/moon/etc/strongswan.conf.in

@@ -0,0 +1,14 @@
+# /etc/strongswan.conf - strongSwan configuration file
+
+charon-tkm {
+  dh_mapping {
+    15 = 1
+    16 = 2
+  }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
+}

testing/tests/tkm/xfrmproxy-expire/hosts/moon/etc/strongswan.conf.in

@@ -7,4 +7,10 @@ charon-tkm {
     15 = 1
     16 = 2
   }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
 }

testing/tests/tkm/xfrmproxy-rekey/hosts/moon/etc/strongswan.conf.in

@@ -7,4 +7,10 @@ charon-tkm {
     15 = 1
     16 = 2
   }
+  ca_mapping {
+    strongswan_ca {
+      id = 1
+      fingerprint = CA_SPK_HEX
+    }
+  }
 }