tpm2-software / tpm2-tools / 1011 / 1
0%
master: 0%

DEFAULT BRANCH: master
Ran
Files 699
Run time 29s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 68.736%. Remained the same
1011.1

push

travis-ci

williamcroberts 
test: don't extend a PCR with more digest values than supported banks

The list of digest values used to extend a PCR are defined by passing a
TPML_DIGEST_VALUES to TPM2_PCR_Extend. By passing a list of values, the
PCR can be extended in all the supported banks on a single TPM2 command.

Since there's no check if the algorithm ID is different for each digest
used, different digest values could be passed for the same PCR bank so a
PCR will be extended multiple times for the same hash algorithm bank.

But this isn't the preferred way to use it, as explained in the TCG spec:

"While the semantics of this command allow multiple extends to a single
PCR bank, this is not the preferred use and the limit on the number of
entries in the list make this use somewhat impractical."

Also, the number of banks will vary depending of the hash algorithms that
are supported by each TPM2 chip, so the test shouldn't make assumption on
the maximum number of digests that could be used. Instead, it should only
attempt to extend the PCR for the banks that are known to be supported.

The test though, assumes that 3 hash digests could be passed since that's
what supported by the TPM2 simulator (sha1, sha256 and sha384). So change
the test to make sure that it will work on all TPM2 chips.

And also change the test to not attempt to extend the same PCR multiple
times for the same bank since the spec says that's not the preferred way
to use the TPM2_PCR_Extend command.

Finally, the test is checking that attempting to extend a PCR with more
digest values than supported banks will fail but there's no check for the
command exit status to make sure that it failed.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>

4063 of 5911 relevant lines covered (68.74%)

44.02 hits per line

Source Files on job 1011.1