| // Copyright 2015 The Chromium OS Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| // Test methods that run on a real TPM. |
| // Note: the TPM must be owned in order for all tests to work correctly. |
| |
| #ifndef CRYPTOHOME_TPM_LIVE_TEST_H_ |
| #define CRYPTOHOME_TPM_LIVE_TEST_H_ |
| |
| #include <map> |
| #include <string> |
| |
| #include "cryptohome/tpm.h" |
| |
| #include <base/logging.h> |
| #include <brillo/secure_blob.h> |
| |
| namespace cryptohome { |
| |
| class TpmLiveTest { |
| public: |
| TpmLiveTest(); |
| TpmLiveTest(const TpmLiveTest&) = delete; |
| TpmLiveTest& operator=(const TpmLiveTest&) = delete; |
| |
| ~TpmLiveTest() = default; |
| |
| // This method runs all or a subset of all tests, depending on the supplied |
| // parameters. |
| bool RunLiveTests(); |
| |
| private: |
| // Helper method to try to sign some data. |
| bool SignData(const brillo::SecureBlob& pcr_bound_key, |
| const brillo::SecureBlob& public_key_der, |
| int index); |
| |
| // Helper method to try to encrypt and decrypt some data. |
| bool EncryptAndDecryptData(const brillo::SecureBlob& pcr_bound_key, |
| const std::map<uint32_t, std::string>& pcr_map); |
| |
| // This test checks if PCRs and PCR bound keys work correctly. |
| bool PCRKeyTest(); |
| |
| // This test checks if PCRs and keys bound to multiple PCR indexes work |
| // correctly. |
| bool MultiplePCRKeyTest(); |
| |
| // This test checks if we can create and load an RSA decryption key and use |
| // it to encrypt and decrypt. |
| bool DecryptionKeyTest(); |
| |
| // This test checks if we can seal and unseal a blob to a PCR state using |
| // some authorization value. |
| bool SealToPcrWithAuthorizationTest(); |
| |
| // This test verifies that the Nvram subsystem of the TPM is working |
| // correctly. |
| bool NvramTest(); |
| |
| // This test checks the signature-sealed secret creation and its unsealing. A |
| // random RSA key is used. |
| bool SignatureSealedSecretTest(); |
| |
| Tpm* tpm_; |
| }; |
| |
| } // namespace cryptohome |
| |
| #endif // CRYPTOHOME_TPM_LIVE_TEST_H_ |