1 #!/bin/bash -e 2 # 3 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. 4 # Use of this source code is governed by a BSD-style license that can be 5 # found in the LICENSE file. 6 7 # Attempt to trigger the TPM Dictionary Attack Defense Lock and measure its 8 # behavior. 9 10 owned=$(cat /sys/class/misc/tpm0/device/owned) 11 if [ "$owned" = "" ]; then 12 echo "TPM is not functional" 13 exit 1 14 fi 15 if [ "$owned" = "0" ]; then 16 echo "please use random, non-empty passwords" 17 tpm_takeownership || exit 1 18 fi 19 20 attempts=0 21 max=1 22 e=/tmp/x$$ 23 24 while true; do 25 attempts=$(( $attempts + 1 )) 26 before=$(date +%s) 27 defending=1 28 while [ $defending -eq 1 ]; do 29 if tpm_getpubek -z 2> $e; then 30 echo "unexpected success of tpm_getpubek" 31 exit 1 32 fi 33 if grep -q communication $e; then 34 echo "communication failure" 35 exit 1 36 fi 37 if ! grep -q dictionary $e; then 38 defending=0 39 fi 40 done 41 after=$(date +%s) 42 elapsed=$(( $after - $before )) 43 if [ $elapsed -gt $max ]; then 44 echo delay of $elapsed seconds after $attempts attempts 45 max=$elapsed 46 fi 47 done 48