Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / tpm2-tss / 35c121f6814beef3dbc369e60a2ca189eb381911 / . / test / integration / esys-zgen-2phase.int.c
blob: 61abee5544c754348615b5633c3d32da047fde53 [file] [log] [blame]
Peter Huewed5a36f62018-06-12 00:59:26 +0200[diff] [blame]1/* SPDX-License-Identifier: BSD-2 */
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]2/*******************************************************************************
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]3 * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]4 * All rights reserved.
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]5 *******************************************************************************/
6
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]7#include <stdlib.h>
8
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]9#include "tss2_esys.h"
10
11#include "esys_iutil.h"
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]12#include "test-esapi.h"
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]13#define LOGMODULE test
14#include "util/log.h"
Juergen Repp35c121f2018-10-15 17:02:25 +0200[diff] [blame^]15#include "util/aux_util.h"
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]16
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]17/** This test is intended to test Esys_ECDH_ZGen.
18 *
19 * The test is based on an ECC key created with Esys_CreatePrimary
20 * and data produced by the command Esys_EC_Ephemeral.
21 *
22 * Tested ESAPI commands:
23 * - Esys_CreatePrimary() (M)
24 * - Esys_ECDH_ZGen() (M)
25 * - Esys_EC_Ephemeral() (F)
26 * - Esys_FlushContext() (M)
27 * - Esys_StartAuthSession() (M)
28 * - Esys_ZGen_2Phase() (O)
29 *
30 * @param[in,out] esys_context The ESYS_CONTEXT.
31 * @retval EXIT_FAILURE
32 * @retval EXIT_SKIP
33 * @retval EXIT_SUCCESS
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]34 */
35
36int
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]37test_esys_zgen_2phase(ESYS_CONTEXT * esys_context)
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]38{
Juergen Reppbb517eb2018-06-15 16:22:28 +0200[diff] [blame]39 TSS2_RC r;
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]40 ESYS_TR eccHandle = ESYS_TR_NONE;
41 int failure_return = EXIT_FAILURE;
42 ESYS_TR session = ESYS_TR_NONE;
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]43 TPMT_SYM_DEF symmetric = {
44 .algorithm = TPM2_ALG_AES,
45 .keyBits = { .aes = 128 },
46 .mode = {.aes = TPM2_ALG_CFB}
47 };
48 TPMA_SESSION sessionAttributes;
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]49 TPM2B_NONCE nonceCaller = {
50 .size = 20,
51 .buffer = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
52 11, 12, 13, 14, 15, 16, 17, 18, 19, 20}
53 };
54
55 memset(&sessionAttributes, 0, sizeof sessionAttributes);
56
57 r = Esys_StartAuthSession(esys_context, ESYS_TR_NONE, ESYS_TR_NONE,
58 ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
59 &nonceCaller,
Andreas Fuchs7b206a52018-05-25 10:03:27 +0200[diff] [blame]60 TPM2_SE_HMAC, &symmetric, TPM2_ALG_SHA1,
61 &session);
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]62 goto_if_error(r, "Error: During initialization of session", error);
63
64 TPM2B_SENSITIVE_CREATE inSensitive = {
65 .size = 4,
66 .sensitive = {
67 .userAuth = {
68 .size = 0,
69 .buffer = {0}
70 },
71 .data = {
72 .size = 0,
73 .buffer = {0}
74 }
75 }
76 };
77 TPM2B_PUBLIC inPublicECC = {
78 .size = 0,
79 .publicArea = {
80 .type = TPM2_ALG_ECC,
81 .nameAlg = TPM2_ALG_SHA1,
82 .objectAttributes = (TPMA_OBJECT_USERWITHAUTH |
83 TPMA_OBJECT_DECRYPT |
84 TPMA_OBJECT_FIXEDTPM |
85 TPMA_OBJECT_FIXEDPARENT |
86 TPMA_OBJECT_SENSITIVEDATAORIGIN),
87 .authPolicy = {
88 .size = 0,
89 },
90 .parameters.eccDetail = {
91 .symmetric = {
92 .algorithm = TPM2_ALG_NULL,
93 .keyBits.aes = 128,
Juergen Reppb8afa372018-06-12 17:25:22 +0200[diff] [blame]94 .mode.aes = TPM2_ALG_CFB,
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]95 },
96 .scheme = {
97 .scheme = TPM2_ALG_ECDH,
98 .details = {.ecdh = {.hashAlg = TPM2_ALG_SHA1}
99 }
100 },
101 .curveID = TPM2_ECC_NIST_P256,
102 .kdf = {.scheme = TPM2_ALG_NULL }
103 },
104 .unique.ecc = {
105 .x = {.size = 0,.buffer = {}},
106 .y = {.size = 0,.buffer = {}}
107 }
108 ,
109 }
110 };
111 LOG_INFO("\nECC key will be created.");
112 TPM2B_PUBLIC inPublic = inPublicECC;
113
114 TPM2B_DATA outsideInfo = {
115 .size = 0,
116 .buffer = {}
117 ,
118 };
119
120 TPML_PCR_SELECTION creationPCR = {
121 .count = 0,
122 };
123
124 TPM2B_AUTH authValue = {
125 .size = 0,
126 .buffer = {}
127 };
128
129 r = Esys_TR_SetAuth(esys_context, ESYS_TR_RH_OWNER, &authValue);
130 goto_if_error(r, "Error: TR_SetAuth", error);
131
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]132 TPM2B_PUBLIC *outPublic;
133 TPM2B_CREATION_DATA *creationData;
134 TPM2B_DIGEST *creationHash;
135 TPMT_TK_CREATION *creationTicket;
136
137 r = Esys_CreatePrimary(esys_context, ESYS_TR_RH_OWNER, session,
138 ESYS_TR_NONE, ESYS_TR_NONE, &inSensitive, &inPublic,
139 &outsideInfo, &creationPCR, &eccHandle,
140 &outPublic, &creationData, &creationHash,
141 &creationTicket);
142 goto_if_error(r, "Error esapi create primary", error);
143
144 TPMI_ECC_CURVE curveID = TPM2_ECC_NIST_P256;
145 TPM2B_ECC_POINT *Q;
146 UINT16 counter;
147
148 r = Esys_EC_Ephemeral(
149 esys_context,
150 ESYS_TR_NONE,
151 ESYS_TR_NONE,
152 ESYS_TR_NONE,
153 curveID,
154 &Q,
155 &counter);
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]156
Juergen Reppac598362018-07-17 13:36:38 +0200[diff] [blame]157 if ((r == TPM2_RC_COMMAND_CODE) ||
158 (r == (TPM2_RC_COMMAND_CODE | TSS2_RESMGR_RC_LAYER)) ||
159 (r == (TPM2_RC_COMMAND_CODE | TSS2_RESMGR_TPM_RC_LAYER))) {
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]160 LOG_WARNING("Command TPM2_Ephemeral not supported by TPM.");
161 failure_return = EXIT_SKIP;
162 goto error;
163 }
164
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]165 goto_if_error(r, "Error: EC_Ephemeral", error);
166
167 TPM2B_ECC_POINT inQsB = {
168 .size = 0,
169 .point = outPublic->publicArea.unique.ecc
170 };
171 TPM2B_ECC_POINT inQeB = *Q;
172 TPMI_ECC_KEY_EXCHANGE inScheme = TPM2_ALG_ECDH;
173 TPM2B_ECC_POINT *outZ1;
174 TPM2B_ECC_POINT *outZ2;
175
176 r = Esys_ZGen_2Phase(
177 esys_context,
178 eccHandle,
179 ESYS_TR_PASSWORD,
180 ESYS_TR_NONE,
181 ESYS_TR_NONE,
182 &inQsB,
183 &inQeB,
184 inScheme,
185 counter,
186 &outZ1,
187 &outZ2);
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]188
Juergen Reppac598362018-07-17 13:36:38 +0200[diff] [blame]189 if ((r == TPM2_RC_COMMAND_CODE) ||
190 (r == (TPM2_RC_COMMAND_CODE | TSS2_RESMGR_RC_LAYER)) ||
191 (r == (TPM2_RC_COMMAND_CODE | TSS2_RESMGR_TPM_RC_LAYER))) {
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]192 LOG_WARNING("Command TPM2_ZGen_2Phase not supported by TPM.");
193 failure_return = EXIT_SKIP;
194 goto error;
195 }
196
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]197 goto_if_error(r, "Error: ZGen_2Phase", error);
198
199 r = Esys_FlushContext(esys_context, eccHandle);
200 goto_if_error(r, "Flushing context", error);
201
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]202 r = Esys_FlushContext(esys_context, session);
203 goto_if_error(r, "Flushing context", error);
204
205 return EXIT_SUCCESS;
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]206
207 error:
208 LOG_ERROR("\nError Code: %x\n", r);
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]209
210 if (eccHandle != ESYS_TR_NONE) {
211 if (Esys_FlushContext(esys_context, eccHandle) != TSS2_RC_SUCCESS) {
212 LOG_ERROR("Cleanup eccHandle failed.");
213 }
214 }
215
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]216 if (session != ESYS_TR_NONE) {
Juergen Repp16d774c2018-06-18 15:49:21 +0200[diff] [blame]217 if (Esys_FlushContext(esys_context, session) != TSS2_RC_SUCCESS) {
218 LOG_ERROR("Cleanup session failed.");
219 }
220 }
221
222 return failure_return;
Juergen Repp0d6e2782018-04-12 11:05:23 +0200[diff] [blame]223}
Juergen Repp4fc93c42018-07-11 14:33:53 +0200[diff] [blame]224
225int
226test_invoke_esapi(ESYS_CONTEXT * esys_context) {
227 return test_esys_zgen_2phase(esys_context);
228}