Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / tpm2-tss / 35c121f6814beef3dbc369e60a2ca189eb381911 / . / test / integration / esys-quote.int.c
blob: 4dba920b7970ad0d9dc1a078608eb0ec80e2c2e5 [file] [log] [blame]
Peter Huewed5a36f62018-06-12 00:59:26 +0200[diff] [blame]1/* SPDX-License-Identifier: BSD-2 */
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]2/*******************************************************************************
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]3 * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]5 *******************************************************************************/
6
Juergen Reppbb517eb2018-06-15 16:22:28 +0200[diff] [blame]7#include <stdlib.h>
8
Philip Tricca910f17c2018-03-15 12:38:37 -0700[diff] [blame]9#include "tss2_esys.h"
10
Andreas Fuchsc60541b2018-03-19 16:54:24 +0100[diff] [blame]11#include "esys_iutil.h"
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]12#define LOGMODULE test
Philip Triccaa7c51ce2018-03-10 18:28:25 -0800[diff] [blame]13#include "util/log.h"
Juergen Repp35c121f2018-10-15 17:02:25 +0200[diff] [blame^]14#include "util/aux_util.h"
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]15
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]16/** This test is intended to test the quote command with password
17 * authentication.
18 *
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]19 * We create a RSA primary signing key which will be used
20 * for signing.
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]21 *
22 * Tested ESAPI commands:
23 * - Esys_CreatePrimary() (M)
24 * - Esys_FlushContext() (M)
25 * - Esys_Quote() (M)
26 *
27 * @param[in,out] esys_context The ESYS_CONTEXT.
28 * @retval EXIT_FAILURE
29 * @retval EXIT_SUCCESS
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]30 */
31
32int
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]33test_esys_quote(ESYS_CONTEXT * esys_context)
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]34{
Juergen Reppbb517eb2018-06-15 16:22:28 +0200[diff] [blame]35 TSS2_RC r;
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]36 ESYS_TR primaryHandle = ESYS_TR_NONE;
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]37
38 TPM2B_AUTH authValuePrimary = {
39 .size = 5,
40 .buffer = {1, 2, 3, 4, 5}
41 };
42
43 TPM2B_SENSITIVE_CREATE inSensitivePrimary = {
44 .size = 4,
45 .sensitive = {
46 .userAuth = {
47 .size = 0,
48 .buffer = {0},
49 },
50 .data = {
51 .size = 0,
52 .buffer = {0},
53 },
54 },
55 };
56
57 inSensitivePrimary.sensitive.userAuth = authValuePrimary;
58
59 TPM2B_PUBLIC inPublic = {
60 .size = 0,
61 .publicArea = {
62 .type = TPM2_ALG_RSA,
63 .nameAlg = TPM2_ALG_SHA1,
64 .objectAttributes = (
65 TPMA_OBJECT_USERWITHAUTH |
66 TPMA_OBJECT_RESTRICTED |
67 TPMA_OBJECT_SIGN_ENCRYPT |
68 TPMA_OBJECT_FIXEDTPM |
69 TPMA_OBJECT_FIXEDPARENT |
70 TPMA_OBJECT_SENSITIVEDATAORIGIN
71 ),
72 .authPolicy = {
73 .size = 0,
74 },
75 .parameters.rsaDetail = {
76 .symmetric = {
77 .algorithm = TPM2_ALG_NULL,
78 .keyBits.aes = 128,
Juergen Reppb8afa372018-06-12 17:25:22 +0200[diff] [blame]79 .mode.aes = TPM2_ALG_CFB,
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]80 },
81 .scheme = {
82 .scheme = TPM2_ALG_RSASSA,
83 .details = { .rsassa = { .hashAlg = TPM2_ALG_SHA1 }},
84
85 },
86 .keyBits = 2048,
87 .exponent = 0,
88 },
89 .unique.rsa = {
90 .size = 0,
91 .buffer = {},
92 },
93 },
94 };
95
96 TPM2B_AUTH authValue = {
97 .size = 0,
98 .buffer = {}
99 };
100
101
102 TPM2B_DATA outsideInfo = {
103 .size = 0,
104 .buffer = {},
105 };
106
107
108 TPML_PCR_SELECTION creationPCR = {
109 .count = 0,
110 };
111
112 LOG_INFO("\nRSA key will be created.");
113
114 r = Esys_TR_SetAuth(esys_context, ESYS_TR_RH_OWNER, &authValue);
115 goto_if_error(r, "Error: TR_SetAuth", error);
116
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]117 RSRC_NODE_T *primaryHandle_node;
118 TPM2B_PUBLIC *outPublic;
119 TPM2B_CREATION_DATA *creationData;
120 TPM2B_DIGEST *creationHash;
121 TPMT_TK_CREATION *creationTicket;
122
123 r = Esys_CreatePrimary(esys_context, ESYS_TR_RH_OWNER, ESYS_TR_PASSWORD,
124 ESYS_TR_NONE, ESYS_TR_NONE, &inSensitivePrimary,
125 &inPublic, &outsideInfo, &creationPCR,
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]126 &primaryHandle, &outPublic, &creationData,
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]127 &creationHash, &creationTicket);
128 goto_if_error(r, "Error esys create primary", error);
129
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]130 r = esys_GetResourceObject(esys_context, primaryHandle,
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]131 &primaryHandle_node);
132 goto_if_error(r, "Error Esys GetResourceObject", error);
133
134 LOG_INFO("Created Primary with handle 0x%08x...",
135 primaryHandle_node->rsrc.handle);
136
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]137 r = Esys_TR_SetAuth(esys_context, primaryHandle,
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]138 &authValuePrimary);
139 goto_if_error(r, "Error: TR_SetAuth", error);
140
141 TPM2B_DATA qualifyingData = { .size = 0, .buffer = {}};
142 TPMT_SIG_SCHEME sig_scheme = { .scheme = TPM2_ALG_NULL };
143
144 TPML_PCR_SELECTION pcr_selection = {
145 .count = 2,
146 .pcrSelections = {
147 {
148 .hash = TPM2_ALG_SHA1,
149 .sizeofSelect = 3,
150 .pcrSelect = { 0,4,0 } },
151 {
152 .hash = TPM2_ALG_SHA256,
153 .sizeofSelect = 3,
154 .pcrSelect = { 0,4,0 } },
155 }};
156
157 TPM2B_ATTEST *attest;
158 TPMT_SIGNATURE *signature;
159
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]160 r = Esys_Quote(esys_context, primaryHandle,
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]161 ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE,
162 &qualifyingData, &sig_scheme, &pcr_selection,
163 &attest, &signature);
dantpma13b9582018-04-06 15:28:22 -0700[diff] [blame]164 goto_if_error(r, "Error Esys Quote", error);
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]165
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]166 r = Esys_FlushContext(esys_context, primaryHandle);
Andreas Fuchsfd6f9652018-03-28 15:32:00 +0200[diff] [blame]167 goto_if_error(r, "Error: FlushContext", error);
168
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]169 return EXIT_SUCCESS;
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]170
171 error:
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]172
173 if (primaryHandle != ESYS_TR_NONE) {
174 if (Esys_FlushContext(esys_context, primaryHandle) != TSS2_RC_SUCCESS) {
175 LOG_ERROR("Cleanup primaryHandle failed.");
176 }
177 }
178
Juergen Reppbb517eb2018-06-15 16:22:28 +0200[diff] [blame]179 return EXIT_FAILURE;
Juergen Reppecd44eb2018-02-23 13:41:16 +0100[diff] [blame]180}
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]181
182int
183test_invoke_esapi(ESYS_CONTEXT * esys_context) {
184 return test_esys_quote(esys_context);
185}