blob: ba5527c9043fb56e91a84dd34bff9ba03c14157c [file] [log] [blame]
Luigi Semenzato7c6a69f2010-09-30 13:35:11 -07001#!/bin/bash -e
2#
3# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
4# Use of this source code is governed by a BSD-style license that can be
5# found in the LICENSE file.
6
7# Attempt to trigger the TPM Dictionary Attack Defense Lock and measure its
8# behavior.
9
Bryan Freedfd2b02a2016-01-07 09:11:58 -080010if [ -f /sys/class/misc/tpm0/device/owned ]; then
11 owned=$(cat /sys/class/misc/tpm0/device/owned)
12else
13 owned=$(cat /sys/class/tpm/tpm0/device/owned)
14fi
Luigi Semenzato7c6a69f2010-09-30 13:35:11 -070015if [ "$owned" = "" ]; then
16 echo "TPM is not functional"
17 exit 1
18fi
19if [ "$owned" = "0" ]; then
20 echo "please use random, non-empty passwords"
21 tpm_takeownership || exit 1
22fi
23
24attempts=0
25max=1
26e=/tmp/x$$
27
28while true; do
29 attempts=$(( $attempts + 1 ))
30 before=$(date +%s)
31 defending=1
32 while [ $defending -eq 1 ]; do
33 if tpm_getpubek -z 2> $e; then
34 echo "unexpected success of tpm_getpubek"
35 exit 1
36 fi
37 if grep -q communication $e; then
38 echo "communication failure"
39 exit 1
40 fi
41 if ! grep -q dictionary $e; then
42 defending=0
43 fi
44 done
45 after=$(date +%s)
46 elapsed=$(( $after - $before ))
47 if [ $elapsed -gt $max ]; then
48 echo delay of $elapsed seconds after $attempts attempts
49 max=$elapsed
50 fi
51done