Update a utility to support the new tpm sysfs class directory
[vboot.git] / utility / tpm-dad-lock
1 #!/bin/bash -e
2 #
3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
4 # Use of this source code is governed by a BSD-style license that can be
5 # found in the LICENSE file.
6
7 # Attempt to trigger the TPM Dictionary Attack Defense Lock and measure its
8 # behavior.
9
10 if [ -f /sys/class/misc/tpm0/device/owned ]; then
11   owned=$(cat /sys/class/misc/tpm0/device/owned)
12 else
13   owned=$(cat /sys/class/tpm/tpm0/device/owned)
14 fi
15 if [ "$owned" = "" ]; then
16   echo "TPM is not functional"
17   exit 1
18 fi
19 if [ "$owned" = "0" ]; then
20   echo "please use random, non-empty passwords"
21   tpm_takeownership || exit 1
22 fi
23
24 attempts=0
25 max=1
26 e=/tmp/x$$
27
28 while true; do
29   attempts=$(( $attempts + 1 ))
30   before=$(date +%s)
31   defending=1
32   while [ $defending -eq 1 ]; do
33     if tpm_getpubek -z 2> $e; then
34       echo "unexpected success of tpm_getpubek"
35       exit 1
36     fi
37     if grep -q communication $e; then
38       echo "communication failure"
39       exit 1
40     fi
41     if ! grep -q dictionary $e; then
42       defending=0
43     fi
44   done
45   after=$(date +%s)
46   elapsed=$(( $after - $before ))
47   if [ $elapsed -gt $max ]; then
48     echo delay of $elapsed seconds after $attempts attempts
49     max=$elapsed
50   fi
51 done