OLD | NEW |
(Empty) | |
| 1 #!/bin/bash -e |
| 2 # |
| 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 4 # Use of this source code is governed by a BSD-style license that can be |
| 5 # found in the LICENSE file. |
| 6 |
| 7 # Attempt to trigger the TPM Dictionary Attack Defense Lock and measure its |
| 8 # behavior. |
| 9 |
| 10 owned=$(cat /sys/class/misc/tpm0/device/owned) |
| 11 if [ "$owned" = "" ]; then |
| 12 echo "TPM is not functional" |
| 13 exit 1 |
| 14 fi |
| 15 if [ "$owned" = "0" ]; then |
| 16 echo "please use random, non-empty passwords" |
| 17 tpm_takeownership || exit 1 |
| 18 fi |
| 19 |
| 20 attempts=0 |
| 21 max=1 |
| 22 e=/tmp/x$$ |
| 23 |
| 24 while true; do |
| 25 attempts=$(( $attempts + 1 )) |
| 26 before=$(date +%s) |
| 27 defending=1 |
| 28 while [ $defending -eq 1 ]; do |
| 29 if tpm_getpubek -z 2> $e; then |
| 30 echo "unexpected success of tpm_getpubek" |
| 31 exit 1 |
| 32 fi |
| 33 if grep -q communication $e; then |
| 34 echo "communication failure" |
| 35 exit 1 |
| 36 fi |
| 37 if ! grep -q dictionary $e; then |
| 38 defending=0 |
| 39 fi |
| 40 done |
| 41 after=$(date +%s) |
| 42 elapsed=$(( $after - $before )) |
| 43 if [ $elapsed -gt $max ]; then |
| 44 echo delay of $elapsed seconds after $attempts attempts |
| 45 max=$elapsed |
| 46 fi |
| 47 done |
OLD | NEW |