]> git.ipfire.org Git - thirdparty/systemd.git/commit
test-tpm2: add tests for tpm2_pcr_bank_from_efi_active() 42538/head
authorIvan Kruglov <mail@ikruglov.com>
Fri, 19 Jun 2026 10:18:15 +0000 (03:18 -0700)
committerIvan Kruglov <mail@ikruglov.com>
Fri, 19 Jun 2026 10:18:15 +0000 (03:18 -0700)
commitd080ef9ebd905511b4f1ee37fa8da002bb984a93
tree77b7f51b8bf060064196c539483e61b322da0147
parent2acfa5b294e34dd876fed16d9c048597bffbd224
test-tpm2: add tests for tpm2_pcr_bank_from_efi_active()

Cover the full preference order (SHA256 > SHA384 > SHA512 > SHA1), the
single-bank cases and the -EOPNOTSUPP path. Also test the _legacy()
variant: a set with SHA384/SHA512 active but no SHA256 must resolve to
SHA1, not SHA384, pinning down the backwards-compatibility behavior that
keeps legacy sealed secrets unsealable.

Co-developed-by: Claude Opus 4.8 <noreply@anthropic.com>
src/test/test-tpm2.c