Peter Huewe | d5a36f6 | 2018-06-12 00:59:26 +0200 | [diff] [blame] | 1 | /* SPDX-License-Identifier: BSD-2 */ |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 2 | /******************************************************************************* |
Juergen Repp | 4fc93c4 | 2018-07-11 14:33:53 +0200 | [diff] [blame] | 3 | * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG |
| 4 | * All rights reserved. |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 5 | *******************************************************************************/ |
| 6 | |
Juergen Repp | bb517eb | 2018-06-15 16:22:28 +0200 | [diff] [blame] | 7 | #include <stdlib.h> |
| 8 | |
Philip Tricca | 910f17c | 2018-03-15 12:38:37 -0700 | [diff] [blame] | 9 | #include "tss2_esys.h" |
| 10 | |
Andreas Fuchs | c60541b | 2018-03-19 16:54:24 +0100 | [diff] [blame] | 11 | #include "esys_iutil.h" |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 12 | #define LOGMODULE test |
Philip Tricca | a7c51ce | 2018-03-10 18:28:25 -0800 | [diff] [blame] | 13 | #include "util/log.h" |
Juergen Repp | 35c121f | 2018-10-15 17:02:25 +0200 | [diff] [blame^] | 14 | #include "util/aux_util.h" |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 15 | |
Juergen Repp | 4fc93c4 | 2018-07-11 14:33:53 +0200 | [diff] [blame] | 16 | /** This test is intended to test the quote command with password |
| 17 | * authentication. |
| 18 | * |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 19 | * We create a RSA primary signing key which will be used |
| 20 | * for signing. |
Juergen Repp | 4fc93c4 | 2018-07-11 14:33:53 +0200 | [diff] [blame] | 21 | * |
| 22 | * Tested ESAPI commands: |
| 23 | * - Esys_CreatePrimary() (M) |
| 24 | * - Esys_FlushContext() (M) |
| 25 | * - Esys_Quote() (M) |
| 26 | * |
| 27 | * @param[in,out] esys_context The ESYS_CONTEXT. |
| 28 | * @retval EXIT_FAILURE |
| 29 | * @retval EXIT_SUCCESS |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 30 | */ |
| 31 | |
| 32 | int |
Juergen Repp | 4fc93c4 | 2018-07-11 14:33:53 +0200 | [diff] [blame] | 33 | test_esys_quote(ESYS_CONTEXT * esys_context) |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 34 | { |
Juergen Repp | bb517eb | 2018-06-15 16:22:28 +0200 | [diff] [blame] | 35 | TSS2_RC r; |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 36 | ESYS_TR primaryHandle = ESYS_TR_NONE; |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 37 | |
| 38 | TPM2B_AUTH authValuePrimary = { |
| 39 | .size = 5, |
| 40 | .buffer = {1, 2, 3, 4, 5} |
| 41 | }; |
| 42 | |
| 43 | TPM2B_SENSITIVE_CREATE inSensitivePrimary = { |
| 44 | .size = 4, |
| 45 | .sensitive = { |
| 46 | .userAuth = { |
| 47 | .size = 0, |
| 48 | .buffer = {0}, |
| 49 | }, |
| 50 | .data = { |
| 51 | .size = 0, |
| 52 | .buffer = {0}, |
| 53 | }, |
| 54 | }, |
| 55 | }; |
| 56 | |
| 57 | inSensitivePrimary.sensitive.userAuth = authValuePrimary; |
| 58 | |
| 59 | TPM2B_PUBLIC inPublic = { |
| 60 | .size = 0, |
| 61 | .publicArea = { |
| 62 | .type = TPM2_ALG_RSA, |
| 63 | .nameAlg = TPM2_ALG_SHA1, |
| 64 | .objectAttributes = ( |
| 65 | TPMA_OBJECT_USERWITHAUTH | |
| 66 | TPMA_OBJECT_RESTRICTED | |
| 67 | TPMA_OBJECT_SIGN_ENCRYPT | |
| 68 | TPMA_OBJECT_FIXEDTPM | |
| 69 | TPMA_OBJECT_FIXEDPARENT | |
| 70 | TPMA_OBJECT_SENSITIVEDATAORIGIN |
| 71 | ), |
| 72 | .authPolicy = { |
| 73 | .size = 0, |
| 74 | }, |
| 75 | .parameters.rsaDetail = { |
| 76 | .symmetric = { |
| 77 | .algorithm = TPM2_ALG_NULL, |
| 78 | .keyBits.aes = 128, |
Juergen Repp | b8afa37 | 2018-06-12 17:25:22 +0200 | [diff] [blame] | 79 | .mode.aes = TPM2_ALG_CFB, |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 80 | }, |
| 81 | .scheme = { |
| 82 | .scheme = TPM2_ALG_RSASSA, |
| 83 | .details = { .rsassa = { .hashAlg = TPM2_ALG_SHA1 }}, |
| 84 | |
| 85 | }, |
| 86 | .keyBits = 2048, |
| 87 | .exponent = 0, |
| 88 | }, |
| 89 | .unique.rsa = { |
| 90 | .size = 0, |
| 91 | .buffer = {}, |
| 92 | }, |
| 93 | }, |
| 94 | }; |
| 95 | |
| 96 | TPM2B_AUTH authValue = { |
| 97 | .size = 0, |
| 98 | .buffer = {} |
| 99 | }; |
| 100 | |
| 101 | |
| 102 | TPM2B_DATA outsideInfo = { |
| 103 | .size = 0, |
| 104 | .buffer = {}, |
| 105 | }; |
| 106 | |
| 107 | |
| 108 | TPML_PCR_SELECTION creationPCR = { |
| 109 | .count = 0, |
| 110 | }; |
| 111 | |
| 112 | LOG_INFO("\nRSA key will be created."); |
| 113 | |
| 114 | r = Esys_TR_SetAuth(esys_context, ESYS_TR_RH_OWNER, &authValue); |
| 115 | goto_if_error(r, "Error: TR_SetAuth", error); |
| 116 | |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 117 | RSRC_NODE_T *primaryHandle_node; |
| 118 | TPM2B_PUBLIC *outPublic; |
| 119 | TPM2B_CREATION_DATA *creationData; |
| 120 | TPM2B_DIGEST *creationHash; |
| 121 | TPMT_TK_CREATION *creationTicket; |
| 122 | |
| 123 | r = Esys_CreatePrimary(esys_context, ESYS_TR_RH_OWNER, ESYS_TR_PASSWORD, |
| 124 | ESYS_TR_NONE, ESYS_TR_NONE, &inSensitivePrimary, |
| 125 | &inPublic, &outsideInfo, &creationPCR, |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 126 | &primaryHandle, &outPublic, &creationData, |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 127 | &creationHash, &creationTicket); |
| 128 | goto_if_error(r, "Error esys create primary", error); |
| 129 | |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 130 | r = esys_GetResourceObject(esys_context, primaryHandle, |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 131 | &primaryHandle_node); |
| 132 | goto_if_error(r, "Error Esys GetResourceObject", error); |
| 133 | |
| 134 | LOG_INFO("Created Primary with handle 0x%08x...", |
| 135 | primaryHandle_node->rsrc.handle); |
| 136 | |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 137 | r = Esys_TR_SetAuth(esys_context, primaryHandle, |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 138 | &authValuePrimary); |
| 139 | goto_if_error(r, "Error: TR_SetAuth", error); |
| 140 | |
| 141 | TPM2B_DATA qualifyingData = { .size = 0, .buffer = {}}; |
| 142 | TPMT_SIG_SCHEME sig_scheme = { .scheme = TPM2_ALG_NULL }; |
| 143 | |
| 144 | TPML_PCR_SELECTION pcr_selection = { |
| 145 | .count = 2, |
| 146 | .pcrSelections = { |
| 147 | { |
| 148 | .hash = TPM2_ALG_SHA1, |
| 149 | .sizeofSelect = 3, |
| 150 | .pcrSelect = { 0,4,0 } }, |
| 151 | { |
| 152 | .hash = TPM2_ALG_SHA256, |
| 153 | .sizeofSelect = 3, |
| 154 | .pcrSelect = { 0,4,0 } }, |
| 155 | }}; |
| 156 | |
| 157 | TPM2B_ATTEST *attest; |
| 158 | TPMT_SIGNATURE *signature; |
| 159 | |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 160 | r = Esys_Quote(esys_context, primaryHandle, |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 161 | ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE, |
| 162 | &qualifyingData, &sig_scheme, &pcr_selection, |
| 163 | &attest, &signature); |
dantpm | a13b958 | 2018-04-06 15:28:22 -0700 | [diff] [blame] | 164 | goto_if_error(r, "Error Esys Quote", error); |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 165 | |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 166 | r = Esys_FlushContext(esys_context, primaryHandle); |
Andreas Fuchs | fd6f965 | 2018-03-28 15:32:00 +0200 | [diff] [blame] | 167 | goto_if_error(r, "Error: FlushContext", error); |
| 168 | |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 169 | return EXIT_SUCCESS; |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 170 | |
| 171 | error: |
Juergen Repp | 16d774c | 2018-06-18 15:49:21 +0200 | [diff] [blame] | 172 | |
| 173 | if (primaryHandle != ESYS_TR_NONE) { |
| 174 | if (Esys_FlushContext(esys_context, primaryHandle) != TSS2_RC_SUCCESS) { |
| 175 | LOG_ERROR("Cleanup primaryHandle failed."); |
| 176 | } |
| 177 | } |
| 178 | |
Juergen Repp | bb517eb | 2018-06-15 16:22:28 +0200 | [diff] [blame] | 179 | return EXIT_FAILURE; |
Juergen Repp | ecd44eb | 2018-02-23 13:41:16 +0100 | [diff] [blame] | 180 | } |
Juergen Repp | 4fc93c4 | 2018-07-11 14:33:53 +0200 | [diff] [blame] | 181 | |
| 182 | int |
| 183 | test_invoke_esapi(ESYS_CONTEXT * esys_context) { |
| 184 | return test_esys_quote(esys_context); |
| 185 | } |