tools/testing/selftests/tpm2/tpm2_tests.py

Source file repositories/reference/linux-study-clean/tools/testing/selftests/tpm2/tpm2_tests.py

File Facts

System
Linux kernel
Corpus path
tools/testing/selftests/tpm2/tpm2_tests.py
Extension
.py
Size
10439 bytes
Lines
334
Domain
Support Tooling And Documentation
Bucket
tools
Inferred role
Support Tooling And Documentation: tools
Status
atlas-only

Why This File Exists

Repository support layer: documentation, build tooling, samples, user-space helper tools, generated initramfs support, licenses, and validation utilities.

Dependency Surface

Detected Declarations

Annotated Snippet

# SPDX-License-Identifier: (GPL-2.0 OR BSD-3-Clause)

from argparse import ArgumentParser
from argparse import FileType
import os
import sys
import tpm2
from tpm2 import ProtocolError
import unittest
import logging
import struct

class SmokeTest(unittest.TestCase):
    def setUp(self):
        self.client = tpm2.Client()
        self.root_key = self.client.create_root_key()

    def tearDown(self):
        self.client.flush_context(self.root_key)
        self.client.close()

    def test_seal_with_auth(self):
        data = ('X' * 64).encode()
        auth = ('A' * 15).encode()

        blob = self.client.seal(self.root_key, data, auth, None)
        result = self.client.unseal(self.root_key, blob, auth, None)
        self.assertEqual(data, result)

    def determine_bank_alg(self, mask):
        pcr_banks = self.client.get_cap_pcrs()
        for bank_alg, pcrSelection in pcr_banks.items():
            if pcrSelection & mask == mask:
                return bank_alg
        return None

    def test_seal_with_policy(self):
        bank_alg = self.determine_bank_alg(1 << 16)
        self.assertIsNotNone(bank_alg)

        handle = self.client.start_auth_session(tpm2.TPM2_SE_TRIAL)

        data = ('X' * 64).encode()
        auth = ('A' * 15).encode()
        pcrs = [16]

        try:
            self.client.policy_pcr(handle, pcrs, bank_alg=bank_alg)
            self.client.policy_password(handle)

            policy_dig = self.client.get_policy_digest(handle)
        finally:
            self.client.flush_context(handle)

        blob = self.client.seal(self.root_key, data, auth, policy_dig)

        handle = self.client.start_auth_session(tpm2.TPM2_SE_POLICY)

        try:
            self.client.policy_pcr(handle, pcrs, bank_alg=bank_alg)
            self.client.policy_password(handle)

            result = self.client.unseal(self.root_key, blob, auth, handle)
        except:
            self.client.flush_context(handle)
            raise

        self.assertEqual(data, result)

    def test_unseal_with_wrong_auth(self):

Annotation

Implementation Notes