1#!/bin/bash -e 2# 3# Copyright 2010 The ChromiumOS Authors 4# Use of this source code is governed by a BSD-style license that can be 5# found in the LICENSE file. 6 7# Attempt to trigger the TPM Dictionary Attack Defense Lock and measure its 8# behavior. 9 10if [ -f /sys/class/misc/tpm0/device/owned ]; then 11 owned=$(cat /sys/class/misc/tpm0/device/owned) 12else 13 owned=$(cat /sys/class/tpm/tpm0/device/owned) 14fi 15if [ "$owned" = "" ]; then 16 echo "TPM is not functional" 17 exit 1 18fi 19if [ "$owned" = "0" ]; then 20 echo "please use random, non-empty passwords" 21 tpm_takeownership || exit 1 22fi 23 24attempts=0 25max=1 26e=/tmp/x$$ 27 28while true; do 29 attempts=$(( $attempts + 1 )) 30 before=$(date +%s) 31 defending=1 32 while [ $defending -eq 1 ]; do 33 if tpm_getpubek -z 2> $e; then 34 echo "unexpected success of tpm_getpubek" 35 exit 1 36 fi 37 if grep -q communication $e; then 38 echo "communication failure" 39 exit 1 40 fi 41 if ! grep -q dictionary $e; then 42 defending=0 43 fi 44 done 45 after=$(date +%s) 46 elapsed=$(( $after - $before )) 47 if [ $elapsed -gt $max ]; then 48 echo delay of $elapsed seconds after $attempts attempts 49 max=$elapsed 50 fi 51done 52