tools/testing/selftests/tpm2/tpm2_tests.py
Source file repositories/reference/linux-study-clean/tools/testing/selftests/tpm2/tpm2_tests.py
File Facts
- System
- Linux kernel
- Corpus path
tools/testing/selftests/tpm2/tpm2_tests.py- Extension
.py- Size
- 10439 bytes
- Lines
- 334
- Domain
- Support Tooling And Documentation
- Bucket
- tools
- Inferred role
- Support Tooling And Documentation: tools
- Status
- atlas-only
Why This File Exists
Repository support layer: documentation, build tooling, samples, user-space helper tools, generated initramfs support, licenses, and validation utilities.
- Repository support layer: documentation, build tooling, samples, user-space helper tools, generated initramfs support, licenses, and validation utilities.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
- No C-style include directives detected by the generator.
Detected Declarations
- No top-level syscall, struct, function, initcall, or export declaration detected by the generator.
Annotated Snippet
# SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause)
from argparse import ArgumentParser
from argparse import FileType
import os
import sys
import tpm2
from tpm2 import ProtocolError
import unittest
import logging
import struct
class SmokeTest(unittest.TestCase):
def setUp(self):
self.client = tpm2.Client()
self.root_key = self.client.create_root_key()
def tearDown(self):
self.client.flush_context(self.root_key)
self.client.close()
def test_seal_with_auth(self):
data = ('X' * 64).encode()
auth = ('A' * 15).encode()
blob = self.client.seal(self.root_key, data, auth, None)
result = self.client.unseal(self.root_key, blob, auth, None)
self.assertEqual(data, result)
def determine_bank_alg(self, mask):
pcr_banks = self.client.get_cap_pcrs()
for bank_alg, pcrSelection in pcr_banks.items():
if pcrSelection & mask == mask:
return bank_alg
return None
def test_seal_with_policy(self):
bank_alg = self.determine_bank_alg(1 << 16)
self.assertIsNotNone(bank_alg)
handle = self.client.start_auth_session(tpm2.TPM2_SE_TRIAL)
data = ('X' * 64).encode()
auth = ('A' * 15).encode()
pcrs = [16]
try:
self.client.policy_pcr(handle, pcrs, bank_alg=bank_alg)
self.client.policy_password(handle)
policy_dig = self.client.get_policy_digest(handle)
finally:
self.client.flush_context(handle)
blob = self.client.seal(self.root_key, data, auth, policy_dig)
handle = self.client.start_auth_session(tpm2.TPM2_SE_POLICY)
try:
self.client.policy_pcr(handle, pcrs, bank_alg=bank_alg)
self.client.policy_password(handle)
result = self.client.unseal(self.root_key, blob, auth, handle)
except:
self.client.flush_context(handle)
raise
self.assertEqual(data, result)
def test_unseal_with_wrong_auth(self):
Annotation
- Atlas domain: Support Tooling And Documentation / tools.
- Implementation status: atlas-only.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.