google · josephlr · Jun 2, 2026 · May 29, 2026 · May 29, 2026 · May 30, 2026
@@ -14,11 +14,11 @@ import (
 )
 
 const (
-	// Chosen based on MAX_DIGEST_BUFFER, the length of the longest
-	// reasonable list returned by the reference implementation.
-	// The maxListLength must be greater than MAX_CONTEXT_SIZE = 1344,
-	// in order to allow for the unmarshalling of Context.
-	maxListLength uint32 = 4096
+	// The maxListLength must be greater than MAX_CONTEXT_SIZE (which can be up to
+	// 4344 in modern reference implementations), in order to allow for the
+	// unmarshalling of Context. Under Part 2, Section 10.3.1 of the TPM
+	// specification, the maximum value of the size field in any TPM2B is 32767.
+	maxListLength uint32 = 0x7FFF // 32767
 )
 
 // execute sends the provided command and returns the TPM's response.

@@ -6,7 +6,7 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 // p384Template is an SRK-like ECDH-P384 key based on the P384 EK template.
@@ -59,10 +59,7 @@ var p384Template = TPMTPublic{
 
 // This test checks that ActivateCredential can decrypt a credential created by the TPM in MakeCredential.
 func TestActivateTPMCredential(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	ekCreate := CreatePrimary{
@@ -140,10 +137,7 @@ func TestActivateTPMCredential(t *testing.T) {
 
 // This test checks that ActivateCredential can decrypt a credential created by a remote server using CreateCredential.
 func TestActivateSWCredential(t *testing.T) {
-	tpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("OpenSimulator() = %v", err)
-	}
+	tpm := testhelper.Open(t)
 	defer tpm.Close()
 
 	for _, tc := range []struct {

@@ -6,14 +6,11 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestAuditSession(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	// Create the audit session
@@ -193,10 +190,7 @@ func TestAuditSession(t *testing.T) {
 // TestAuditSessionWithCertify tests audit session with a more complex command (Certify)
 // which has two AuthHandles
 func TestAuditSessionWithCertify(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	// Create the audit session

@@ -9,14 +9,11 @@ import (
 
 	"github.com/google/go-cmp/cmp"
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestCertify(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	Auth := []byte("password")
@@ -172,10 +169,7 @@ func TestCertify(t *testing.T) {
 }
 
 func TestCreateAndCertifyCreation(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	public := New2B(TPMTPublic{
@@ -303,10 +297,7 @@ func TestCreateAndCertifyCreation(t *testing.T) {
 }
 
 func TestNVCertify(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	Auth := []byte("password")

@@ -5,14 +5,11 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestClear(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	srkCreate := CreatePrimary{

@@ -7,7 +7,7 @@ import (
 	"github.com/google/go-cmp/cmp/cmpopts"
 	. "github.com/google/go-tpm/tpm2"
 	"github.com/google/go-tpm/tpm2/transport"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func ReadPublicName(t *testing.T, handle TPMHandle, thetpm transport.TPM) TPM2BName {
@@ -24,10 +24,7 @@ func ReadPublicName(t *testing.T, handle TPMHandle, thetpm transport.TPM) TPM2BN
 }
 
 func TestCombinedContext(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	createPrimary := CreatePrimary{

@@ -4,14 +4,11 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestCommit(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 
 	defer thetpm.Close()
 

@@ -5,7 +5,7 @@ import (
 
 	. "github.com/google/go-tpm/tpm2"
 	"github.com/google/go-tpm/tpm2/transport"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func getDeriver(t *testing.T, thetpm transport.TPM) NamedHandle {
@@ -51,10 +51,7 @@ func getDeriver(t *testing.T, thetpm transport.TPM) NamedHandle {
 }
 
 func TestCreateLoaded(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	deriver := getDeriver(t, thetpm)

@@ -5,16 +5,13 @@ import (
 
 	. "github.com/google/go-tpm/tpm2"
 	"github.com/google/go-tpm/tpm2/transport"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 // TestDuplicate creates an object under Owner->SRK and duplicates it to
 // Endorsement->SRK.
 func TestDuplicate(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	t.Log("### Create Owner SRK")

@@ -8,14 +8,11 @@ import (
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestECDH(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	// Create a TPM ECDH key

@@ -8,7 +8,7 @@ import (
 
 	. "github.com/google/go-tpm/tpm2"
 	"github.com/google/go-tpm/tpm2/transport"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 // Decodes the provided hex strings into a byte array. Panics on non-hex chars.
@@ -317,10 +317,7 @@ func ekTest(t *testing.T, ekTemplate TPMTPublic) {
 		}
 	}
 
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	for _, c := range cases {

@@ -4,14 +4,11 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestEvictControl(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	srkCreate := CreatePrimary{

@@ -4,14 +4,11 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestGetRandom(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	grc := GetRandom{

@@ -5,14 +5,11 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestGetTime(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	createPrimary := CreatePrimary{

@@ -9,15 +9,12 @@ import (
 
 	. "github.com/google/go-tpm/tpm2"
 	"github.com/google/go-tpm/tpm2/transport"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestHash(t *testing.T) {
 
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	run := func(t *testing.T, data []byte, hierarchy TPMHandle, thetpm transport.TPM) {
@@ -48,10 +45,7 @@ func TestHash(t *testing.T) {
 }
 
 func TestHashNullHierarchy(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	data := []byte("carolyn")
@@ -72,10 +66,7 @@ func TestHashNullHierarchy(t *testing.T) {
 }
 
 func TestHashSequence(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	run := func(t *testing.T, bufferSize int, password string, hierarchy TPMHandle, thetpm transport.TPM) {
@@ -153,10 +144,7 @@ func TestHashSequence(t *testing.T) {
 }
 
 func TestHashSequenceNullHierarchy(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	run := func(t *testing.T, bufferSize int, password string, thetpm transport.TPM) {

@@ -5,14 +5,11 @@ import (
 	"testing"
 
 	. "github.com/google/go-tpm/tpm2"
-	"github.com/google/go-tpm/tpm2/transport/simulator"
+	"github.com/google/go-tpm/tpm2/transport/testhelper"
 )
 
 func TestHierarchyChangeAuth(t *testing.T) {
-	thetpm, err := simulator.OpenSimulator()
-	if err != nil {
-		t.Fatalf("could not connect to TPM simulator: %v", err)
-	}
+	thetpm := testhelper.Open(t)
 	defer thetpm.Close()
 
 	authKey := []byte("authkey")