test

package

v0.4.4 Latest Latest Go to latest Published: Mar 29, 2024 License: Apache-2.0, BSD-3-Clause Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/go-tpm-tools

Links

Open Source Insights

Documentation ¶

Rendered for

Overview ¶

Package test provides helper methods for testing. It should never be included in non-test libraries/binaries.

Index ¶

Variables
func CreateTpm2EventLog(gceConfidentialTechnologyEnum byte) []byte
func GetSimulatorWithLog(tb testing.TB, eventLog []byte) io.ReadWriteCloser
func GetTPM(tb testing.TB) io.ReadWriteCloser
func LoadRandomExternalKey(tb testing.TB, rw io.ReadWriter) tpmutil.Handle
func SkipForRealTPM(tb testing.TB)
func SkipOnUnsupportedAlg(t testing.TB, rw io.ReadWriter, alg tpm2.Algorithm)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	//go:embed eventlogs/arch-linux-workstation.bin
	ArchLinuxWorkstationEventLog []byte
	//go:embed eventlogs/debian-10.bin
	Debian10EventLog []byte
	//go:embed eventlogs/glinux-alex.bin
	GlinuxAlexEventLog []byte
	//go:embed eventlogs/rhel8-uefi.bin
	Rhel8EventLog []byte
	//go:embed eventlogs/ubuntu-1804-amd-sev.bin
	Ubuntu1804AmdSevEventLog []byte
	//go:embed eventlogs/ubuntu-2104-no-dbx.bin
	Ubuntu2104NoDbxEventLog []byte
	//go:embed eventlogs/ubuntu-2104-no-secure-boot.bin
	Ubuntu2104NoSecureBootEventLog []byte
	//go:embed eventlogs/cos-85-amd-sev.bin
	Cos85AmdSevEventLog []byte
	//go:embed eventlogs/cos-93-amd-sev.bin
	Cos93AmdSevEventLog []byte
	//go:embed eventlogs/cos-101-amd-sev.bin
	Cos101AmdSevEventLog []byte
)

Raw binary TCG Event Logs

View Source

var (
	Cos85AmdSevCmdline  = "" /* 785-byte string literal not displayed */
	Cos93AmdSevCmdline  = "" /* 791-byte string literal not displayed */
	Cos101AmdSevCmdline = "" /* 711-byte string literal not displayed */
)

Kernel command lines from event logs.

View Source

var (
	//go:embed attestations/gce-cos-85-no-nonce.pb
	COS85NoNonce []byte
	//go:embed attestations/gce-cos-85-nonce9009.pb
	COS85Nonce9009 []byte
)

Attestation .pb files.

View Source

var (
	//go:embed certificates/pca_tpm_ecc_enc_cert.pem
	GCEEncryptECCCertPCA []byte
	//go:embed certificates/pca_tpm_ecc_sign_cert.pem
	GCESignECCCertPCA []byte
	//go:embed certificates/pca_tpm_rsa_enc_cert.pem
	GCEEncryptRSACertPCA []byte
	//go:embed certificates/pca_tpm_rsa_sign_cert.pem
	GCESignRSACertPCA []byte

	//go:embed certificates/uca_tpm_ecc_enc_cert.pem
	GCEEncryptECCCertUCA []byte
	//go:embed certificates/uca_tpm_ecc_sign_cert.pem
	GCESignECCCertUCA []byte
	//go:embed certificates/uca_tpm_rsa_enc_cert.pem
	GCEEncryptRSACertUCA []byte
	//go:embed certificates/uca_tpm_rsa_sign_cert.pem
	GCESignRSACertUCA []byte
)

EK and AK Certificates.

View Source

var (
	DebugPCR       = 16
	ApplicationPCR = 23
)

PCR registers that are OK to use in tests (can be reset without reboot)

View Source

var GCECertPEMs = [][]byte{
	GCEEncryptECCCertPCA, GCESignECCCertPCA,
	GCEEncryptRSACertPCA, GCESignRSACertPCA,
	GCEEncryptECCCertUCA, GCESignECCCertUCA,
	GCEEncryptRSACertUCA, GCESignRSACertUCA,
}

GCECertPEMs provides a variety of GCE test certificates, including AK/EK, RSA/ECC, and PCA/UCA.

View Source

var (
	//go:embed tdx_test_files/tdxReportData.bin
	TdxReportData []byte // Use as tdx nonce
)

TDX test files

Functions ¶

func CreateTpm2EventLog ¶ added in v0.4.3

func CreateTpm2EventLog(gceConfidentialTechnologyEnum byte) []byte

CreateTpm2EventLog generates a sample event log that is based on gceConfidentialTechnology

func GetSimulatorWithLog ¶ added in v0.3.2

func GetSimulatorWithLog(tb testing.TB, eventLog []byte) io.ReadWriteCloser

GetSimulatorWithLog returns a simulated TPM with PCRs that match the events of the passed in eventlog. This allows for testing attestation flows.

func GetTPM ¶

func GetTPM(tb testing.TB) io.ReadWriteCloser

GetTPM is a cross-platform testing helper function that retrives the appropriate TPM device from the flags passed into "go test".

If using a test TPM, this will also retrieve a test eventlog. In this case, GetTPM extends the test event log's events into the test TPM.

func LoadRandomExternalKey ¶

func LoadRandomExternalKey(tb testing.TB, rw io.ReadWriter) tpmutil.Handle

LoadRandomExternalKey loads a randomly generated external key into the TPM simulator and returns its' handle. If any errors occur, calls Fatal() on the passed testing.TB.

func SkipForRealTPM ¶ added in v0.3.10

func SkipForRealTPM(tb testing.TB)

SkipForRealTPM causes a test or benchmark to be skipped if we are not using a test TPM. This lets us avoid clobbering important PCRs on a real machine.

func SkipOnUnsupportedAlg ¶

func SkipOnUnsupportedAlg(t testing.TB, rw io.ReadWriter, alg tpm2.Algorithm)

SkipOnUnsupportedAlg skips the test if the algorithm is not found in the TPM capability.

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL