[swtpm.git] / tests / _test_tpm2_hashing2

#!/bin/bash

# For the license, see the LICENSE file in the root directory.
#set -x

ROOT=${abs_top_builddir:-$(pwd)/..}
TESTDIR=${abs_top_testdir:-$(dirname "$0")}

VTPM_NAME="vtpm-test-tpm2-hashing2"
SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
export TPM_PATH="$(mktemp -d)" || exit 1
STATE_FILE=$TPM_PATH/tpm2-00.permall
VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock

function cleanup()
{
	pid=${SWTPM_PID}
	if [ -n "$pid" ]; then
		kill_quiet -9 $pid
	fi
	rm -rf $TPM_PATH
}

trap "cleanup" EXIT

[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
source ${TESTDIR}/common

rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null

run_swtpm ${SWTPM_INTERFACE} --tpm2

display_processes_by_name "$SWTPM"

kill_quiet -0 ${SWTPM_PID}
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	exit 1
fi

# Init the TPM
run_swtpm_ioctl ${SWTPM_INTERFACE} -i
if [ $? -ne 0 ]; then
	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -ne 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
	exit 1
fi

# Startup the TPM
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
exp=' 80 01 00 00 00 0a 00 00 00 00'
if [ "$RES" != "$exp" ]; then
	echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Check the TPM Established bit before the hashing
RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
if [ $? -ne 0 ]; then
	echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

exp='tpmEstablished is 0'
if [ "$RES" != "$exp" ]; then
	echo "Error (1): TPM Established flag has wrong value."
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
if [ $? -ne 0 ]; then
	echo "Error: The hash command failed."
	exit 1
fi

# Read PCR 17
#                                                     length         CC            count       hashalg         sz
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
# disregard the update counter using a regex comparison
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
if [[ "$RES" =~ "$exp" ]]; then
	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Check the TPM Established bit after the hashing
RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
if [ $? -ne 0 ]; then
	echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

exp='tpmEstablished is 1'
if [ "$RES" != "$exp" ]; then
	echo "Error (2): TPM Established flag has wrong value."
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Reset the establishment bit; we switch to locality 0 and reset via locality 3
run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
if [ $? -ne 0 ]; then
	echo "Error: Could not set locality 0"
	exit 1
fi

for ((l = 0; l <= 2; l++)); do
	# Resetting via locality 2 must fail
	ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -r $l 2>&1)"
	if [ $? -eq 0 ]; then
		echo "Error: Could reset the establishment bit via locality $l"
		exit 1
	fi
	exp="TPM result from PTM_RESET_TPMESTABLISHED: 0x3d"
	if [ "$ERR" != "$exp" ]; then
		echo "Error: Unexpected error message"
		echo "Received: $ERR"
		echo "Expected: $exp"
		exit 1
	fi
done

# Resetting via locality 3 must work
run_swtpm_ioctl ${SWTPM_INTERFACE} -r 3
if [ $? -ne 0 ]; then
	echo "Error: Could not reset the establishment bit via locality 3"
	exit 1
fi

# Check the TPM Established bit after the reset
RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
if [ $? -ne 0 ]; then
	echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

exp='tpmEstablished is 0'
if [ "$RES" != "$exp" ]; then
	echo "Error (3): TPM Established flag has wrong value."
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

# Read from a file
dd if=/dev/zero bs=1024 count=1024 2>/dev/null| \
	run_swtpm_ioctl ${SWTPM_INTERFACE} -h -

# Read PCR 17
#                                                     length         CC            count       hashalg         sz
RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
# disregard the update counter using a regex comparison
exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 27 7e de f1 02 56 46 5d 8e 71 65 38 3f d3 63 c9 8a be 89 e2 90 2e 4d 3a 2b 3a 30 80 2f 28 af 19'
if [[ "$RES" =~ "$exp" ]]; then
	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
	echo "expected: $exp"
	echo "received: $RES"
	exit 1
fi

run_swtpm_ioctl ${SWTPM_INTERFACE} -s
if [ $? -ne 0 ]; then
	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	exit 1
fi

sleep 0.5

kill_quiet -0 ${SWTPM_PID} 2>/dev/null
if [ $? -eq 0 ]; then
	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
	exit 1
fi

if [ ! -e $STATE_FILE ]; then
	echo "Error: TPM state file $STATE_FILE does not exist."
	exit 1
fi

echo "OK"

exit 0
Commit	Line	Data
3008874c SB	1	#!/bin/bash
	2
	3	# For the license, see the LICENSE file in the root directory.
	4	#set -x
	5
313cf75c SB	6	ROOT=${abs_top_builddir:-$(pwd)/..}
	7	TESTDIR=${abs_top_testdir:-$(dirname "$0")}
	8
3008874c SB	9	VTPM_NAME="vtpm-test-tpm2-hashing2"
3008874c SB	10	SWTPM_DEV_NAME="/dev/${VTPM_NAME}"
cce7503c	11	export TPM_PATH="$(mktemp -d)" \|\| exit 1
3008874c SB	12	STATE_FILE=$TPM_PATH/tpm2-00.permall
	13	VOLATILE_STATE_FILE=$TPM_PATH/tpm2-00.volatilestate
	14	SWTPM_INTERFACE=${SWTPM_INTERFACE:-cuse}
	15	SWTPM_CMD_UNIX_PATH=${TPM_PATH}/unix-cmd.sock
	16	SWTPM_CTRL_UNIX_PATH=${TPM_PATH}/unix-ctrl.sock
	17
	18	function cleanup()
	19	{
	20	pid=${SWTPM_PID}
	21	if [ -n "$pid" ]; then
47c7ea77	22	kill_quiet -9 $pid
3008874c SB	23	fi
	24	rm -rf $TPM_PATH
	25	}
	26
	27	trap "cleanup" EXIT
	28
313cf75c SB	29	[ "${SWTPM_INTERFACE}" == "cuse" ] && source ${TESTDIR}/test_cuse
313cf75c SB	30	source ${TESTDIR}/common
3008874c SB	31
	32	rm -f $STATE_FILE $VOLATILE_STATE_FILE 2>/dev/null
	33
	34	run_swtpm ${SWTPM_INTERFACE} --tpm2
	35
100317d5	36	display_processes_by_name "$SWTPM"
3008874c	37
47c7ea77	38	kill_quiet -0 ${SWTPM_PID}
3008874c SB	39	if [ $? -ne 0 ]; then
	40	echo "Error: ${SWTPM_INTERFACE} TPM did not start."
	41	exit 1
	42	fi
	43
	44	# Init the TPM
	45	run_swtpm_ioctl ${SWTPM_INTERFACE} -i
	46	if [ $? -ne 0 ]; then
	47	echo "Error: Could not initialize the ${SWTPM_INTERFACE} TPM."
	48	exit 1
	49	fi
	50
47c7ea77	51	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
3008874c SB	52	if [ $? -ne 0 ]; then
	53	echo "Error: ${SWTPM_INTERFACE} TPM not running anymore after INIT."
	54	exit 1
	55	fi
	56
3008874c SB	57	# Startup the TPM
	58	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x0c\x00\x00\x01\x44\x00\x00')
	59	exp=' 80 01 00 00 00 0a 00 00 00 00'
	60	if [ "$RES" != "$exp" ]; then
	61	echo "Error: Did not get expected result from TPM2_Startup(SU_Clear)"
	62	echo "expected: $exp"
	63	echo "received: $RES"
	64	exit 1
	65	fi
	66
	67	# Check the TPM Established bit before the hashing
	68	RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
	69	if [ $? -ne 0 ]; then
	70	echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
	71	exit 1
	72	fi
	73
	74	exp='tpmEstablished is 0'
	75	if [ "$RES" != "$exp" ]; then
	76	echo "Error (1): TPM Established flag has wrong value."
	77	echo "expected: $exp"
	78	echo "received: $RES"
	79	exit 1
	80	fi
	81
	82	run_swtpm_ioctl ${SWTPM_INTERFACE} -h 1234
	83	if [ $? -ne 0 ]; then
	84	echo "Error: The hash command failed."
	85	exit 1
	86	fi
	87
3008874c SB	88	# Read PCR 17
	89	# length CC count hashalg sz
	90	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
	91	# disregard the update counter using a regex comparison
	92	exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 fc a5 d6 49 bf b0 c9 22 fd 33 0f 79 b2 00 43 28 9d af d6 0d 01 a4 c4 37 3c f2 8a db 56 c9 b4 54'
	93	if [[ "$RES" =~ "$exp" ]]; then
	94	echo "Error: (1) Did not get expected result from TPM_PCRRead(17)"
	95	echo "expected: $exp"
	96	echo "received: $RES"
	97	exit 1
	98	fi
	99
	100	# Check the TPM Established bit after the hashing
	101	RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
	102	if [ $? -ne 0 ]; then
	103	echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
	104	exit 1
	105	fi
	106
	107	exp='tpmEstablished is 1'
	108	if [ "$RES" != "$exp" ]; then
	109	echo "Error (2): TPM Established flag has wrong value."
	110	echo "expected: $exp"
	111	echo "received: $RES"
	112	exit 1
	113	fi
	114
	115	# Reset the establishment bit; we switch to locality 0 and reset via locality 3
	116	run_swtpm_ioctl ${SWTPM_INTERFACE} -l 0
	117	if [ $? -ne 0 ]; then
	118	echo "Error: Could not set locality 0"
	119	exit 1
	120	fi
	121
	122	for ((l = 0; l <= 2; l++)); do
	123	# Resetting via locality 2 must fail
f759520c	124	ERR="$(run_swtpm_ioctl ${SWTPM_INTERFACE} -r $l 2>&1)"
3008874c SB	125	if [ $? -eq 0 ]; then
	126	echo "Error: Could reset the establishment bit via locality $l"
	127	exit 1
	128	fi
f759520c SB	129	exp="TPM result from PTM_RESET_TPMESTABLISHED: 0x3d"
	130	if [ "$ERR" != "$exp" ]; then
	131	echo "Error: Unexpected error message"
	132	echo "Received: $ERR"
	133	echo "Expected: $exp"
	134	exit 1
	135	fi
3008874c SB	136	done
	137
	138	# Resetting via locality 3 must work
	139	run_swtpm_ioctl ${SWTPM_INTERFACE} -r 3
	140	if [ $? -ne 0 ]; then
	141	echo "Error: Could not reset the establishment bit via locality 3"
	142	exit 1
	143	fi
	144
	145	# Check the TPM Established bit after the reset
	146	RES=$(run_swtpm_ioctl ${SWTPM_INTERFACE} -e)
	147	if [ $? -ne 0 ]; then
	148	echo "Error: Could not get the TPM Established bit from the ${SWTPM_INTERFACE} TPM."
	149	exit 1
	150	fi
	151
	152	exp='tpmEstablished is 0'
	153	if [ "$RES" != "$exp" ]; then
	154	echo "Error (3): TPM Established flag has wrong value."
	155	echo "expected: $exp"
	156	echo "received: $RES"
	157	exit 1
	158	fi
	159
	160	# Read from a file
	161	dd if=/dev/zero bs=1024 count=1024 2>/dev/null\| \
	162	run_swtpm_ioctl ${SWTPM_INTERFACE} -h -
	163
3008874c SB	164	# Read PCR 17
	165	# length CC count hashalg sz
	166	RES=$(swtpm_cmd_tx ${SWTPM_INTERFACE} '\x80\x01\x00\x00\x00\x14\x00\x00\x01\x7e\x00\x00\x00\x01\x00\x0b\x03\x00\x00\x02')
	167	# disregard the update counter using a regex comparison
	168	exp=' 80 01 00 00 00 3e 00 00 00 00 00 00 00 .. 00 00 00 01 00 0b 03 00 00 02 00 00 00 01 00 20 27 7e de f1 02 56 46 5d 8e 71 65 38 3f d3 63 c9 8a be 89 e2 90 2e 4d 3a 2b 3a 30 80 2f 28 af 19'
	169	if [[ "$RES" =~ "$exp" ]]; then
	170	echo "Error: (2) Did not get expected result from TPM_PCRRead(17)"
	171	echo "expected: $exp"
	172	echo "received: $RES"
	173	exit 1
	174	fi
	175
	176	run_swtpm_ioctl ${SWTPM_INTERFACE} -s
	177	if [ $? -ne 0 ]; then
	178	echo "Error: Could not shut down the ${SWTPM_INTERFACE} TPM."
	179	exit 1
	180	fi
	181
	182	sleep 0.5
	183
47c7ea77	184	kill_quiet -0 ${SWTPM_PID} 2>/dev/null
3008874c SB	185	if [ $? -eq 0 ]; then
	186	echo "Error: ${SWTPM_INTERFACE} TPM should not be running anymore."
	187	exit 1
	188	fi
	189
	190	if [ ! -e $STATE_FILE ]; then
	191	echo "Error: TPM state file $STATE_FILE does not exist."
	192	exit 1
	193	fi
	194
	195	echo "OK"
	196
	197	exit 0