test/system/test_tpm2_dictionarylockout.sh

@@ -32,32 +32,25 @@
 #;**********************************************************************;
 ###this script use for test the implementation tpm2_dictionarylockout 
 
+onerror() {
+    echo "$BASH_COMMAND on line ${BASH_LINENO[0]} failed: $?"
+    exit 1
+}
+trap onerror ERR
 
 tpm2_dictionarylockout -s -n 5 -t 6 -l 7
-if [ $? != 0 ];then
-echo "tpm2_dictionarylockout command failed, please check the environment or parameters!"
-exit 1
-fi
 
 if [ $(tpm2_dump_capability -c properties-variable | grep TPM_PT_MAX_AUTH_FAIL | sed -e 's/TPM_PT_MAX_AUTH_FAIL: \+//') != "0x00000005" ];then
  echo "Failure: setting up the number of allowed tries in the lockout parameters"
  exit 1
-else
- echo "Success: setting up the number of allowed tries in the lockout parameters"
 fi
 
 if [ $(tpm2_dump_capability -c properties-variable | grep TPM_PT_LOCKOUT_INTERVAL | sed -e 's/TPM_PT_LOCKOUT_INTERVAL: \+//') != "0x00000006" ];then
  echo "Failure: setting up the lockout period in the lockout parameters"
- exit 1
-else
- echo "Success: setting up the lockout period in the lockout parameters"
 fi
 
 if [ $(tpm2_dump_capability -c properties-variable | grep TPM_PT_LOCKOUT_RECOVERY | sed -e 's/TPM_PT_LOCKOUT_RECOVERY: \+//') != "0x00000007" ];then
  echo "Failure: setting up the lockout recovery period in the lockout parameters"
- exit 1
-else
- echo "Success: setting up the lockout recovery period in the lockout parameters"
 fi
 
-echo "passed tpm2_dictionarylockout tests"
+exit 0

test/system/test_tpm2_evictcontrol.sh

@@ -30,49 +30,31 @@
 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 
 # THE POSSIBILITY OF SUCH DAMAGE.
 #;**********************************************************************;
-file_primary_key_ctx=context.p_B1
-file_evict_key_pub=opuB1_B8
-file_evict_key_priv=oprB1_B8
-file_evict_key_ctx=context_load_out_B1_B8
-file_evict_key_name=name.load.B1_B8
-
-persistentHandle=0x81010003
 
+onerror() {
+    echo "$BASH_COMMAND on line ${BASH_LINENO[0]} failed: $?"
+    exit 1
+}
+trap onerror ERR
 
-alg_hash=0x000B
-alg_primary_key=0x0001
-alg_evict_key=0x0008
+cleanup() {
+  rm -f primary.ctx decrypt.ctx key.pub key.priv key.name decrypt.out \
+        encrypt.out secret.dat &>/dev/null
+}
+trap cleanup EXIT
 
+cleanup
 
-rm $file_primary_key_ctx $file_evict_key_pub $file_evict_key_priv $file_evict_key_ctx $file_evict_key_name $file_output_data -rf
+tpm2_takeownership -Q -c
 
-tpm2_takeownership -c
+tpm2_createprimary -Q -A e -g sha256 -G rsa -C primary.ctx
 
-tpm2_createprimary -A e -g $alg_hash -G $alg_primary_key -C $file_primary_key_ctx
-if [ $? != 0 ];then
- echo "createprimary fail, please check the environment or parameters!"
- exit 1
-fi
-tpm2_create -g $alg_hash -G $alg_evict_key -u $file_evict_key_pub -r $file_evict_key_priv  -c $file_primary_key_ctx
-if [ $? != 0 ];then
- echo "create fail, please check the environment or parameters!"
- exit 1
-fi
-tpm2_load -c $file_primary_key_ctx  -u $file_evict_key_pub  -r $file_evict_key_priv -n $file_evict_key_name -C $file_evict_key_ctx
-if [ $? != 0 ];then
- echo "load fail, please check the environment or parameters!"
- exit 1
-fi
+tpm2_create -Q -g sha256 -G keyedhash -u key.pub -r key.priv  -c primary.ctx
 
-tpm2_evictcontrol -A o -c $file_evict_key_ctx  -S $persistentHandle
-if [ $? != 0 ];then
- echo "evictontronl persistentHandle fail, please check the environment or parameters!"
- exit 1
-fi
+tpm2_load -Q -c primary.ctx  -u key.pub  -r key.priv -n key.name -C key.ctx
 
-tpm2_evictcontrol -A o -H $persistentHandle   -S $persistentHandle
-if [ $? != 0 ];then
- echo "evictcontrol release Handle fail, please check the environment or parameters!"
- exit 1
-fi
+tpm2_evictcontrol -Q -A o -c key.ctx  -S 0x81010003
 
+tpm2_evictcontrol -Q -A o -H 0x81010003   -S 0x81010003
+
+exit 0

test/system/test_tpm2_getmanufec.sh

@@ -77,11 +77,11 @@ tpm2_getmanufec -H $handle -U -E ECcert2.bin -f test_ek.pub -o $opass -e $epass
 
 tpm2_listpersistent | grep -q $handle
 
-tpm2_evictcontrol -H $handle -A o -P $opass
+tpm2_evictcontrol -Q -H $handle -A o -P $opass
 
 if [ $(md5sum ECcert.bin| awk '{ print $1 }') != "56af9eb8a271bbf7ac41b780acd91ff5" ]; then
  echo "Failed: retrieving endorsement certificate"
  exit 1
-else
- echo "Successful: retrieving endorsement certificate"
 fi
+
+exit 0

test/system/test_tpm2_getpubak.sh

@@ -30,33 +30,30 @@
 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 
 # THE POSSIBILITY OF SUCH DAMAGE.
 #;**********************************************************************;
-handle_ek=0x8101000b
-handle_ak=0x8101000c
-ek_alg=0x001
-ak_alg=0x0001
-digestAlg=0x000B 
-signAlg=0x0014
-output_ek_pub=ek_pub.out
-output_ak_pub=ak_pub.out
-output_ak_pub_name=ak_name_pub.out
 
-tpm2_takeownership -c
+onerror() {
+    echo "$BASH_COMMAND on line ${BASH_LINENO[0]} failed: $?"
+    exit 1
+}
+trap onerror ERR
 
-rm $output_ek_pub $output_ak_pub $output_ak_pub_name -rf 
+cleanup() {
+    rm -f ek.pub ak.pub ak.name ak.name
 
- tpm2_getpubek  -H $handle_ek -g $ek_alg -f $output_ek_pub 
-if [ $? != 0 ] || [ ! -e $output_ek_pub ];then
-echo "getpubek fail, please check the environment or parameters!"
-exit 1
-fi
+    # Evict persistent handles, we want them to always succeed and never trip
+    # the onerror trap.
+	tpm2_evictcontrol -Q -A o -H 0x8101000b 2>/dev/null || true
+	tpm2_evictcontrol -Q -A o -H 0x8101000c 2>/dev/null || true
 
-tpm2_getpubak  -E $handle_ek  -k $handle_ak -g $ak_alg -D $digestAlg -s $signAlg -f $output_ak_pub  -n $output_ak_pub_name 
+	# clear tpm state
+	tpm2_takeownership -c
+}
+trap cleanup EXIT
 
-if [ $? != 0 ] || [ ! -e $output_ak_pub ];then
-echo "getpubak fail, please check the environment or parameters!"
-exit 1
-fi
-
-echo "getpubak successfully!"
+cleanup
 
+tpm2_getpubek -Q -H 0x8101000b -g rsa -f ek.pub
 
+tpm2_getpubak -Q -E 0x8101000b  -k 0x8101000c -g rsa -D sha256 -s rsassa -f ak.pub  -n ak.name
+
+exit 0

test/system/test_tpm2_getpubek.sh

@@ -30,20 +30,24 @@
 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 
 # THE POSSIBILITY OF SUCH DAMAGE.
 #;**********************************************************************;
-handle_ek=0x81010005
-ek_alg=0x001
-output_ek_pub=ek_pub.out
 
-if [ -f $output_ek_pub ]; then
-    rm $output_ek_pub
-fi
-
-tpm2_getpubek  -H $handle_ek -g $ek_alg -f $output_ek_pub 
-if [ $? != 0 ] || [ ! -e $output_ek_pub ];then
-    echo "getpubek fail, please check the environment or parameters!"
+onerror() {
+    echo "$BASH_COMMAND on line ${BASH_LINENO[0]} failed: $?"
     exit 1
-fi
+}
+trap onerror ERR
+
+cleanup() {
+    rm -f ek.pub
+
+    # Evict persistent handles, we want them to always succeed and never trip
+    # the onerror trap.
+	tpm2_evictcontrol -Q -A o -H 0x81010005 2>/dev/null || true
+}
+trap cleanup EXIT
 
-echo "getpubek successfully!"
+cleanup
 
+tpm2_getpubek -H 0x81010005 -g rsa -f ek.pub
 
+exit 0

test/system/test_tpm2_getrandom.sh

@@ -31,18 +31,23 @@
 # THE POSSIBILITY OF SUCH DAMAGE.
 #;**********************************************************************;
 
-size=32
+onerror() {
+    echo "$BASH_COMMAND on line ${BASH_LINENO[0]} failed: $?"
+    exit 1
+}
+trap onerror ERR
 
-rm -f  random.out
+cleanup() {
+    rm -f random.out
+}
+trap cleanup EXIT
 
-tpm2_getrandom -o random.out 32
-if [ $? != 0 ];then
-	    echo "getrandom test fail, please check the environment or parameters!"
-		exit 1
-else
-	    echo "getrandom  succeed"
-fi
-
+cleanup
 
+# test file output
+tpm2_getrandom -o random.out 32
 
+#test stdout
+tpm2_getrandom 4 > random.out
 
+exit 0