blob: d233d08e557f99e020804d8b3ed2dc3924201a5f [file] [log] [blame]
from argparse import ArgumentParser
from argparse import FileType
import os
import sys
import tpm2
from tpm2 import ProtocolError
import unittest
import logging
import tss2
pwd1 = "wibble"
pwd2 = "newpassword"
class SessionTest(unittest.TestCase):
def setUp(self):
self.c = tss2.Client()
def tearDown(self):
self.c.close()
# open handles until failure. Return the ones we got
def open_handles(self):
ha = []
try:
for i in range(0, 10):
h = self.c.start_session(tpm2.TPM2_SE_HMAC)
print "Handle is %08x" % h
ha.append(h)
except tss2.tpm_error, e:
if (e.rc != tpm2.TPM2_RC_SESSION_MEMORY):
raise e
return ha
def test_handle_flush_on_space_close(self):
i = self.open_handles()
print "Ran out of handles at %d" %len(i)
self.c.close()
self.c = tss2.Client()
# closing and reopening a space session should clear out our handles
j = self.open_handles()
print "Ran out of handles at %d" %len(j)
self.assertNotEqual(len(i), 0)
self.assertEqual(len(i), len(j))
def test_flush(self):
i = self.open_handles()
print "opened %d handles" % len(i)
self.c.flush_context(i[0])
self.c.flush_context(i[1])
i = self.open_handles()
self.assertEqual(len(i), 2);
def test_session_consumption(self):
self.c.read_public(self.c.SRK)
# authorization hmac session
hmac = self.c.start_session(tpm2.TPM2_SE_HMAC)
# parameter encryption session
enc = self.c.start_session(tpm2.TPM2_SE_HMAC, self.c.SRK)
# fill all remaing handles
i = self.open_handles()
# create rsa key continuing both hmac and encryption sessions
self.c.create_rsa(self.c.SRK, pwd1, hmac, 1, enc, 1)
# should be no handles left
i = self.open_handles()
self.assertEqual(len(i),0)
# now create rsa key continuing hmac and consuming encryption
k = self.c.create_rsa(self.c.SRK, pwd1, hmac, 1, enc, 0)
# now should be one handle remaining
i = self.open_handles()
self.assertEqual(len(i),1)
self.c.flush_context(i[0])
# check the hmac continuation actually works
k = self.c.load(self.c.SRK, k.outPrivate, k.outPublic, None)
print "Loaded key at handle %x" %k
# and finally verify with an authenticated encrypted operation
# consuming both handles
enc = self.c.start_session(tpm2.TPM2_SE_HMAC, k)
self.c.change_auth(self.c.SRK, k, pwd1, pwd2, hmac, 0, enc, 0)
i = self.open_handles()
self.assertEqual(len(i), 2)
if __name__ == '__main__':
unittest.main()