hwsec

package
v0.0.0-...-683b059 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 23, 2022 License: BSD-3-Clause Imports: 45 Imported by: 0

Documentation

Overview

Package hwsec contains local Tast tests that exercise TPM-related daemons.

See details of each daemon at the following locations: 

https://chromium.googlesource.com/chromiumos/platform2/+/main/attestation
https://chromium.googlesource.com/chromiumos/platform2/+/main/chaps
https://chromium.googlesource.com/chromiumos/platform2/+/main/cryptohome
https://chromium.googlesource.com/chromiumos/platform2/+/main/tpm_manager
https://chromium.googlesource.com/chromiumos/platform2/+/main/trunks
https://chromium.googlesource.com/chromiumos/platform2/+/main/u2fd

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AccountDiskUsage 

func AccountDiskUsage(ctx context.Context, s *testing.State)

func Attestation 

func Attestation(ctx context.Context, s *testing.State)

Attestation runs through the attestation flow, including enrollment, cert, sign challenge. Also, it verifies the the key access functionality.

func AttestationEID 

func AttestationEID(ctx context.Context, s *testing.State)

func AttestationEnrollOnly 

func AttestationEnrollOnly(ctx context.Context, s *testing.State)

AttestationEnrollOnly enrolls the device. Note that this item it to check if crbug/1070162 can be reproduced.

func AttestationNoExternalServer 

func AttestationNoExternalServer(ctx context.Context, s *testing.State)

AttestationNoExternalServer runs through the attestation flow, including enrollment, cert, sign challenge. Also, it verifies the the key access functionality. All the external dependencies are replaced with the locally generated server responses.

func CertProvision 

func CertProvision(ctx context.Context, s *testing.State)

func CertProvisionNoDatabase 

func CertProvisionNoDatabase(ctx context.Context, s *testing.State)

func ChallengeResponseMount 

func ChallengeResponseMount(ctx context.Context, s *testing.State)

func ChapsAttributePolicy 

func ChapsAttributePolicy(ctx context.Context, s *testing.State)

func ChapsCloseAllSessions 

func ChapsCloseAllSessions(ctx context.Context, s *testing.State)

ChapsCloseAllSessions verifies the behaviour of C_CloseAllSessions() in libchaps is correct.

func ChapsECDSA 

func ChapsECDSA(ctx context.Context, s *testing.State)

func ChapsECPerf 

func ChapsECPerf(ctx context.Context, s *testing.State)

func ChapsPKCS1V15 

func ChapsPKCS1V15(ctx context.Context, s *testing.State)

func ChapsPerf 

func ChapsPerf(ctx context.Context, s *testing.State)

func ChapsRSAPSS 

func ChapsRSAPSS(ctx context.Context, s *testing.State)

func ChapsRemount 

func ChapsRemount(ctx context.Context, s *testing.State)

func CrossVersionLogin 

func CrossVersionLogin(ctx context.Context, s *testing.State)

func CryptohomeBadPerms 

func CryptohomeBadPerms(ctx context.Context, s *testing.State)

CryptohomeBadPerms checks that cryptohome could detect directories with bad permissions or ownership in the mount path of a home directory.

func CryptohomeCorruptedKeys 

func CryptohomeCorruptedKeys(ctx context.Context, s *testing.State)

CryptohomeCorruptedKeys checks that the mount and keys works when part of the vaultkeys corrupted.

func CryptohomeDataLeak 

func CryptohomeDataLeak(ctx context.Context, s *testing.State)

func CryptohomeKeyEviction 

func CryptohomeKeyEviction(ctx context.Context, s *testing.State)

CryptohomeKeyEviction ensures that the cryptohome properly manages key eviction from the tpm. This test verifies this behaviour by creating 30 keys using chaps, and then remounting a user's cryptohome. Mount requires use of the user's cryptohome key, and thus the mount only succeeds if the cryptohome key was properly evicted and reloaded into the TPM.

func CryptohomeMigrateKey 

func CryptohomeMigrateKey(ctx context.Context, s *testing.State)

CryptohomeMigrateKey checks that cryptohome could migrate the key and login correctly.

func CryptohomeMount 

func CryptohomeMount(ctx context.Context, s *testing.State)

CryptohomeMount checks that cryptohome could mount the user folder correctly.

func CryptohomeNonDirs 

func CryptohomeNonDirs(ctx context.Context, s *testing.State)

CryptohomeNonDirs checks that cryptohome could detect directories with bad permissions or ownership in the mount path of a home directory.

func CryptohomeTestAuth 

func CryptohomeTestAuth(ctx context.Context, s *testing.State)

CryptohomeTestAuth checks that cryptohome could test the user authorization correctly.

func DaemonsRestartStress 

func DaemonsRestartStress(ctx context.Context, s *testing.State)

DaemonsRestartStress checks that restarting hwsec daemons wouldn't cause problems.

func DictionaryAttackLockoutResetTPM1 

func DictionaryAttackLockoutResetTPM1(ctx context.Context, s *testing.State)

DictionaryAttackLockoutResetTPM1 checks that get dictionary attack info and reset dictionary attack lockout works as expected.

func DictionaryAttackLockoutResetTPM2 

func DictionaryAttackLockoutResetTPM2(ctx context.Context, s *testing.State)

DictionaryAttackLockoutResetTPM2 checks that get dictionary attack info and reset dictionary attack lockout works as expected.

func ECDHShortKey 

func ECDHShortKey(ctx context.Context, s *testing.State)

ECDHShortKey verifies ECDD can work with short ECC keys.

func FirmwareManagementParameters 

func FirmwareManagementParameters(ctx context.Context, s *testing.State)

FirmwareManagementParameters checks that the firmware management parameters are functioning correctly.

func KeysetTiedToTPM2 

func KeysetTiedToTPM2(ctx context.Context, s *testing.State)

KeysetTiedToTPM2 is an integration test that verifies a user's VKK is tied to the TPM after the second login.

func Login 

func Login(ctx context.Context, s *testing.State)

func LoginGuest 

func LoginGuest(ctx context.Context, s *testing.State)

func MountCombinations 

func MountCombinations(ctx context.Context, s *testing.State)

MountCombinations tests that we are able to signin/mount 2+ users with different combinations of pin/password.

func Pkcs11ChangeAuthData 

func Pkcs11ChangeAuthData(ctx context.Context, s *testing.State)

Pkcs11ChangeAuthData test the chapsd behavior of change auth data.

func Pkcs11Events 

func Pkcs11Events(ctx context.Context, s *testing.State)

Pkcs11Events test the response of the PKCS #11 system to load /unload events.

func Pkcs11InitOnLogin 

func Pkcs11InitOnLogin(ctx context.Context, s *testing.State)

Pkcs11InitOnLogin test the PKCS#11 behavior of initialization on login.

func Pkcs11InitUnderErrors 

func Pkcs11InitUnderErrors(ctx context.Context, s *testing.State)

Pkcs11InitUnderErrors test the chapsd pkcs11 initialization under various system states.

func Pkcs11LoadPerf 

func Pkcs11LoadPerf(ctx context.Context, s *testing.State)

Pkcs11LoadPerf test the chapsd load key performance.

func PrepareCrossVersionLoginData 

func PrepareCrossVersionLoginData(ctx context.Context, s *testing.State)

func RecreateUserVaultTPM2 

func RecreateUserVaultTPM2(ctx context.Context, s *testing.State)

RecreateUserVaultTPM2 is ported from the autotest test platform_CryptohomeTPMReOwn and renamed to reflects what's being tested. It avoids reboots in the original test by using the soft-clearing TPM utils and restarting TPM-related daemons.

func SanitizedUsernameAndSalt 

func SanitizedUsernameAndSalt(ctx context.Context, s *testing.State)

func UnmountAll 

func UnmountAll(ctx context.Context, s *testing.State)

UnmountAll tests that cryptohome's Unmount() correctly unmount all logged-in user's vault.

Types

type AttestationDBusService 

type AttestationDBusService struct {
	// contains filtered or unexported fields
}

func (*AttestationDBusService) CreateCertificateRequest 

func (*AttestationDBusService) CreateCertificateRequest(ctx context.Context, request *apb.CreateCertificateRequestRequest) (*apb.CreateCertificateRequestReply, error)

func (*AttestationDBusService) CreateEnrollRequest 

func (*AttestationDBusService) CreateEnrollRequest(ctx context.Context, request *apb.CreateEnrollRequestRequest) (*apb.CreateEnrollRequestReply, error)

func (*AttestationDBusService) DeleteKeys 

func (*AttestationDBusService) DeleteKeys(ctx context.Context, request *apb.DeleteKeysRequest) (*apb.DeleteKeysReply, error)

func (*AttestationDBusService) FinishCertificateRequest 

func (*AttestationDBusService) FinishCertificateRequest(ctx context.Context, request *apb.FinishCertificateRequestRequest) (*apb.FinishCertificateRequestReply, error)

func (*AttestationDBusService) FinishEnroll 

func (*AttestationDBusService) FinishEnroll(ctx context.Context, request *apb.FinishEnrollRequest) (*apb.FinishEnrollReply, error)

func (*AttestationDBusService) GetEnrollmentID 

func (*AttestationDBusService) GetEnrollmentID(ctx context.Context, request *apb.GetEnrollmentIdRequest) (*apb.GetEnrollmentIdReply, error)

func (*AttestationDBusService) GetKeyInfo 

func (*AttestationDBusService) GetKeyInfo(ctx context.Context, request *apb.GetKeyInfoRequest) (*apb.GetKeyInfoReply, error)

func (*AttestationDBusService) GetStatus 

func (*AttestationDBusService) GetStatus(ctx context.Context, request *apb.GetStatusRequest) (*apb.GetStatusReply, error)

func (*AttestationDBusService) RegisterKeyWithChapsToken 

func (*AttestationDBusService) RegisterKeyWithChapsToken(ctx context.Context, request *apb.RegisterKeyWithChapsTokenRequest) (*apb.RegisterKeyWithChapsTokenReply, error)

func (*AttestationDBusService) SetKeyPayload 

func (*AttestationDBusService) SetKeyPayload(ctx context.Context, request *apb.SetKeyPayloadRequest) (*apb.SetKeyPayloadReply, error)

func (*AttestationDBusService) SignEnterpriseChallenge 

func (*AttestationDBusService) SignEnterpriseChallenge(ctx context.Context, request *apb.SignEnterpriseChallengeRequest) (*apb.SignEnterpriseChallengeReply, error)

func (*AttestationDBusService) SignSimpleChallenge 

func (*AttestationDBusService) SignSimpleChallenge(ctx context.Context, request *apb.SignSimpleChallengeRequest) (*apb.SignSimpleChallengeReply, error)

type OwnershipService 

type OwnershipService struct {
	// contains filtered or unexported fields
}

func (*OwnershipService) EnsureTPMAndSystemStateAreReset 

func (*OwnershipService) EnsureTPMAndSystemStateAreReset(ctx context.Context, req *empty.Empty) (*empty.Empty, error)

EnsureTPMAndSystemStateAreReset calls the local EnsureTPMAndSystemStateAreReset hwsec helpers.

func (*OwnershipService) EnsureTPMIsReset 

func (*OwnershipService) EnsureTPMIsReset(ctx context.Context, req *empty.Empty) (*empty.Empty, error)

EnsureTPMIsReset calls the local EnsureTPMIsReset hwsec helpers.

Source Files

View all Source files

Directories

Path Synopsis
Package util contains some common utilities or constants that is used by more than 1 hwsec test.
 Package util contains some common utilities or constants that is used by more than 1 hwsec test.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.