[swtpm.git] / tests / _test_migration_key

#!/bin/bash

# For the license, see the LICENSE file in the root directory.
# set -x

ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}

VTPM_NAME="${VTPM_NAME:-vtpm-test-migration-key}"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
MIGRATION_PASSWORD="migration"
VOLATILESTATE=${TESTDIR}/data/migkey1/volatilestate.bin

tpmstatedir="$(mktemp -d)"
if [ -z "$tpmstatedir" ]; then
	echo "Could not create temporary directory."
	exit 1
fi

migpwdfile="$(mktemp)"
if [ -z "$migpwdfile" ]; then
	echo "Could not create temporary file."
	exit 1
fi
echo -n "$MIGRATION_PASSWORD" > $migpwdfile

volatilestatefile="$(mktemp)"
if [ -z "$volatilestatefile" ]; then
	echo "Could not create temporary file."
	exit 1
fi

SWTPM_CMD_UNIX_PATH=${tpmstatedir}/unix-cmd.sock
SWTPM_CTRL_UNIX_PATH=${tpmstatedir}/unix-ctrl.sock
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}

function cleanup()
{
	pid=${SWTPM_PID}
	if [ -n "$pid" ]; then
		kill_quiet -9 $pid
	fi
	rm -rf $migpwdfile $volatilestatefile $tpmstatedir
}

trap "cleanup" EXIT

[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
source ${TESTDIR}/common

# make a backup of the volatile state
export TPM_PATH=$tpmstatedir
cp ${TESTDIR}/data/tpmstate1/* $TPM_PATH

run_swtpm ${SWTPM_INTERFACE} \
	--migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	exit 1
fi

# Init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
	exit 1
fi

kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
	exit 1
fi

# Read PCR 10
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Assert physical presence
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Create a big NVRAM Area with 4000 bytes (0xfa0)
tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
tmp+='\x00\x00\x00\x00\x00'
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
exp=' 00 c4 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Save the volatile state into a file
run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $volatilestatefile
if [ $? -ne 0 ]; then
	echo "Error: Could not save the volatile state to ${volatilestatefile}."
	exit 1
fi
if [ ! -r $volatilestatefile ]; then
	echo "Error: Volatile state file $volatilestatefile does not exist."
	exit 1
fi

#ls -l $volatilestatefile
size=$(get_filesize $volatilestatefile)
expsize=1324
if [ $size -ne $expsize ]; then
	echo "Error: Unexpected size of volatile state file."
	echo "       Expected file with size of $expsize, found $size bytes."
	exit 1
fi

tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g | cut -d":" -f2)
if [ $? -ne 0 ]; then
	echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

if [ "$tmp" != " 0x2" ]; then
	echo "Error: Unexpected configuration flags: $tmp; expected 0x2."
	exit 1
fi

# Shut the TPM down
exec 100>&-
run_swtpm_ioctl ${SWTPM_INTERFACE} -s

echo "Test 1: Ok"

# Start the vTPM again and load the encrypted volatile state into it
run_swtpm ${SWTPM_INTERFACE} \
	--migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	exit 1
fi

# Do NOT init the TPM now; first load volatile state

# load the encrypted volatile state into it
run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile
if [ $? -ne 0 ]; then
	echo "Error: Could not load encrypted volatile state into TPM."
	exit 1
fi

# Now init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
	exit 1
fi

# Read PCR 10
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Shut the TPM down
exec 100>&-
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

echo "Test 2: Ok"


# Start the vTPM again and load the encrypted volatile state into it
# This time we make this fail since we don't provide the migration key
run_swtpm ${SWTPM_INTERFACE}

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	exit 1
fi

# Do NOT init the TPM now; first load volatile state

# load the encrypted volatile state into it
# This will not work; the TPM writes the data into the volatile state file
# and validates it
ERR=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile 2>&1)
if [ $? -eq 0 ]; then
	echo "Error: Could load encrypted volatile state into TPM."
	exit 1
fi
exp="TPM result from PTM_SET_STATEBLOB: 0xd"
if [ "$ERR" != "$exp" ]; then
	echo "Error: Unexpected error message"
	echo "Received: $ERR"
	echo "Expected: $exp"
	exit 1
fi

run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

echo "Test 3: Ok"

# In this test we now feed it an encrypted volatile state

# Start the vTPM again and load the encrypted volatile state into it
run_swtpm ${SWTPM_INTERFACE} \
	--migration-key pwdfile=$migpwdfile,remove=true,kdf=sha512

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	exit 1
fi

# load the encrypted volatile state into it
run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $VOLATILESTATE
if [ $? -ne 0 ]; then
	echo "Error: Could not load encrypted volatile state into TPM."
	exit 1
fi

# Now init the TPM; this must work
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

# Read PCR 10
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
if [ "$RES" != "$exp" ]; then
	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Shut the TPM down
exec 100>&-
run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

echo "Test 4: Ok"
Commit	Line	Data
01aa2ed3 SB	1	#!/bin/bash
	2
	3	# For the license, see the LICENSE file in the root directory.
	4	# set -x
	5
313cf75c SB	6	ROOT=${abs_top_builddir:-$(pwd)/..}
	7	TESTDIR=${abs_top_testdir:-$(dirname "$0")}
	8
01aa2ed3 SB	9	VTPM_NAME="${VTPM_NAME:-vtpm-test-migration-key}"
	10	SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
	11	MIGRATION_PASSWORD="migration"
313cf75c	12	VOLATILESTATE=${TESTDIR}/data/migkey1/volatilestate.bin
01aa2ed3	13
cce7503c	14	tpmstatedir="$(mktemp -d)"
01aa2ed3 SB	15	if [ -z "$tpmstatedir" ]; then
	16	echo "Could not create temporary directory."
	17	exit 1
	18	fi
	19
cce7503c	20	migpwdfile="$(mktemp)"
01aa2ed3 SB	21	if [ -z "$migpwdfile" ]; then
	22	echo "Could not create temporary file."
	23	exit 1
	24	fi
	25	echo -n "$MIGRATION_PASSWORD" > $migpwdfile
	26
cce7503c	27	volatilestatefile="$(mktemp)"
01aa2ed3 SB	28	if [ -z "$volatilestatefile" ]; then
	29	echo "Could not create temporary file."
	30	exit 1
	31	fi
	32
	33	SWTPM_CMD_UNIX_PATH=${tpmstatedir}/unix-cmd.sock
	34	SWTPM_CTRL_UNIX_PATH=${tpmstatedir}/unix-ctrl.sock
	35	SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
	36
	37	function cleanup()
	38	{
	39	pid=${SWTPM_PID}
	40	if [ -n "$pid" ]; then
47c7ea77	41	kill_quiet -9 $pid
01aa2ed3 SB	42	fi
	43	rm -rf $migpwdfile $volatilestatefile $tpmstatedir
	44	}
	45
	46	trap "cleanup" EXIT
	47
313cf75c SB	48	[ "${SWTPM_INTERFACE}" == cuse ] && source ${TESTDIR}/test_cuse
313cf75c SB	49	source ${TESTDIR}/common
01aa2ed3 SB	50
	51	# make a backup of the volatile state
	52	export TPM_PATH=$tpmstatedir
313cf75c	53	cp ${TESTDIR}/data/tpmstate1/* $TPM_PATH
01aa2ed3	54
a39f098f SB	55	run_swtpm ${SWTPM_INTERFACE} \
a39f098f SB	56	--migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512
01aa2ed3	57
100317d5	58	display_processes_by_name "$SWTPM"
01aa2ed3	59
47c7ea77	60	kill_quiet -0 ${SWTPM_PID}
01aa2ed3 SB	61	if [ $? -ne 0 ]; then
	62	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	63	exit 1
	64	fi
	65
	66	# Init the TPM
	67	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	68	if [ $? -ne 0 ]; then
	69	echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
	70	exit 1
	71	fi
	72
47c7ea77	73	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
01aa2ed3 SB	74	if [ $? -ne 0 ]; then
	75	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
	76	exit 1
	77	fi
	78
	79	# Read PCR 10
01aa2ed3 SB	80	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
	81	exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
	82	if [ "$RES" != "$exp" ]; then
	83	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	84	echo "expected: $exp"
	85	echo "received: $RES"
	86	exit 1
	87	fi
	88
	89	# Assert physical presence
01aa2ed3 SB	90	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0C\x40\x00\x00\x0A\x00\x20')
	91	exp=' 00 c4 00 00 00 0a 00 00 00 00'
	92	if [ "$RES" != "$exp" ]; then
	93	echo "Error: (1) Did not get expected result from TSC_PhysicalPresence(ENABLE)"
	94	echo "expected: $exp"
	95	echo "received: $RES"
	96	exit 1
	97	fi
	98
	99	# Create a big NVRAM Area with 4000 bytes (0xfa0)
	100	tmp='\x00\xC1\x00\x00\x00\x65\x00\x00\x00\xcc\x00\x18\x00\x00\x00\x01'
	101	tmp+='\x00\x03\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
	102	tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00\x00\x00\x01'
	103	tmp+='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
	104	tmp+='\x00\x00\x00\x00\x00\x17\x00\x01\x00\x01\x00\x00\x00\x00\x00\x0f'
	105	tmp+='\xa0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
	106	tmp+='\x00\x00\x00\x00\x00'
01aa2ed3 SB	107	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} $tmp)
	108	exp=' 00 c4 00 00 00 0a 00 00 00 00'
	109	if [ "$RES" != "$exp" ]; then
	110	echo "Error: (1) Did not get expected result from TPM_NVDefineSpace()"
	111	echo "expected: $exp"
	112	echo "received: $RES"
	113	exit 1
	114	fi
	115
	116	# Save the volatile state into a file
	117	run_swtpm_ioctl ${SWTPM_INTERFACE} --save volatile $volatilestatefile
	118	if [ $? -ne 0 ]; then
	119	echo "Error: Could not save the volatile state to ${volatilestatefile}."
	120	exit 1
	121	fi
	122	if [ ! -r $volatilestatefile ]; then
	123	echo "Error: Volatile state file $volatilestatefile does not exist."
	124	exit 1
	125	fi
	126
	127	#ls -l $volatilestatefile
0f648eda	128	size=$(get_filesize $volatilestatefile)
638bd3ba	129	expsize=1324
01aa2ed3 SB	130	if [ $size -ne $expsize ]; then
	131	echo "Error: Unexpected size of volatile state file."
	132	echo " Expected file with size of $expsize, found $size bytes."
	133	exit 1
	134	fi
	135
01aa2ed3 SB	136	tmp=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -g \| cut -d":" -f2)
	137	if [ $? -ne 0 ]; then
	138	echo "Error: Could not get the configration flags of the ${SWTPM_INTERFACE} TPM."
	139	exit 1
	140	fi
	141
	142	if [ "$tmp" != " 0x2" ]; then
	143	echo "Error: Unexpected configuration flags: $tmp; expected 0x2."
	144	exit 1
	145	fi
	146
	147	# Shut the TPM down
	148	exec 100>&-
	149	run_swtpm_ioctl ${SWTPM_INTERFACE} -s
	150
	151	echo "Test 1: Ok"
	152
	153	# Start the vTPM again and load the encrypted volatile state into it
a39f098f SB	154	run_swtpm ${SWTPM_INTERFACE} \
a39f098f SB	155	--migration-key pwdfile=$migpwdfile,remove=false,kdf=sha512
01aa2ed3	156
100317d5	157	display_processes_by_name "$SWTPM"
01aa2ed3	158
47c7ea77	159	kill_quiet -0 ${SWTPM_PID}
01aa2ed3 SB	160	if [ $? -ne 0 ]; then
	161	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	162	exit 1
	163	fi
	164
	165	# Do NOT init the TPM now; first load volatile state
	166
	167	# load the encrypted volatile state into it
	168	run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile
	169	if [ $? -ne 0 ]; then
	170	echo "Error: Could not load encrypted volatile state into TPM."
	171	exit 1
	172	fi
	173
	174	# Now init the TPM
	175	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	176	if [ $? -ne 0 ]; then
	177	echo "Error: Initializing the ${SWTPM_INTERFACE} TPM failed."
	178	exit 1
	179	fi
	180
	181	# Read PCR 10
01aa2ed3 SB	182	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
	183	exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
	184	if [ "$RES" != "$exp" ]; then
	185	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	186	echo "expected: $exp"
	187	echo "received: $RES"
	188	exit 1
	189	fi
	190
	191	# Shut the TPM down
	192	exec 100>&-
	193	run_swtpm_ioctl ${SWTPM_INTERFACE} -s
	194	if [ $? -ne 0 ]; then
	195	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	196	exit 1
	197	fi
	198
	199	echo "Test 2: Ok"
	200
	201
	202	# Start the vTPM again and load the encrypted volatile state into it
	203	# This time we make this fail since we don't provide the migration key
	204	run_swtpm ${SWTPM_INTERFACE}
	205
100317d5	206	display_processes_by_name "$SWTPM"
01aa2ed3	207
47c7ea77	208	kill_quiet -0 ${SWTPM_PID}
01aa2ed3 SB	209	if [ $? -ne 0 ]; then
	210	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	211	exit 1
	212	fi
	213
	214	# Do NOT init the TPM now; first load volatile state
	215
	216	# load the encrypted volatile state into it
a31a26ea SB	217	# This will not work; the TPM writes the data into the volatile state file
a31a26ea SB	218	# and validates it
f759520c	219	ERR=$(run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $volatilestatefile 2>&1)
a31a26ea SB	220	if [ $? -eq 0 ]; then
a31a26ea SB	221	echo "Error: Could load encrypted volatile state into TPM."
01aa2ed3 SB	222	exit 1
01aa2ed3 SB	223	fi
f759520c SB	224	exp="TPM result from PTM_SET_STATEBLOB: 0xd"
	225	if [ "$ERR" != "$exp" ]; then
	226	echo "Error: Unexpected error message"
	227	echo "Received: $ERR"
	228	echo "Expected: $exp"
	229	exit 1
	230	fi
01aa2ed3	231
01aa2ed3 SB	232	run_swtpm_ioctl ${SWTPM_INTERFACE} -s
	233	if [ $? -ne 0 ]; then
	234	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	235	exit 1
	236	fi
	237
	238	echo "Test 3: Ok"
	239
	240	# In this test we now feed it an encrypted volatile state
	241
	242	# Start the vTPM again and load the encrypted volatile state into it
a39f098f SB	243	run_swtpm ${SWTPM_INTERFACE} \
a39f098f SB	244	--migration-key pwdfile=$migpwdfile,remove=true,kdf=sha512
01aa2ed3	245
100317d5	246	display_processes_by_name "$SWTPM"
01aa2ed3	247
47c7ea77	248	kill_quiet -0 ${SWTPM_PID}
01aa2ed3 SB	249	if [ $? -ne 0 ]; then
	250	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	251	exit 1
	252	fi
	253
	254	# load the encrypted volatile state into it
	255	run_swtpm_ioctl ${SWTPM_INTERFACE} --load volatile $VOLATILESTATE
	256	if [ $? -ne 0 ]; then
	257	echo "Error: Could not load encrypted volatile state into TPM."
	258	exit 1
	259	fi
	260
	261	# Now init the TPM; this must work
	262	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	263	if [ $? -ne 0 ]; then
	264	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
	265	exit 1
	266	fi
	267
	268	# Read PCR 10
01aa2ed3 SB	269	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x00\xC1\x00\x00\x00\x0E\x00\x00\x00\x15\x00\x00\x00\x0a')
	270	exp=' 00 c4 00 00 00 1e 00 00 00 00 c7 8a 6e 94 c7 3c 4d 7f c3 05 c8 a6 6b bf 15 45 f4 ed b7 a5'
	271	if [ "$RES" != "$exp" ]; then
	272	echo "Error: (1) Did not get expected result from TPM_PCRRead(10)"
	273	echo "expected: $exp"
	274	echo "received: $RES"
	275	exit 1
	276	fi
	277
	278	# Shut the TPM down
	279	exec 100>&-
	280	run_swtpm_ioctl ${SWTPM_INTERFACE} -s
	281	if [ $? -ne 0 ]; then
	282	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	283	exit 1
	284	fi
	285
	286	echo "Test 4: Ok"