WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

CSharp tests for key NV. Added CSharp `DeleteKey` API.

pull/230/head
David Garske 2022-07-19 10:46:23 -07:00
parent 9ce29ff94e
commit 02e41c1673
3 changed files with 123 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/tpm2_wrap.c
View File

@ -116,7 +116,7 @@ static int wolfTPM2_Init_ex(TPM2_CTX* ctx, TPM2HalIoCb ioCb, void* userCtx,
#else #else
rc = TPM_RC_SUCCESS; rc = TPM_RC_SUCCESS;
#endif /* WOLFTPM_MCHP || WOLFTPM_PERFORM_SELFTEST */ #endif /* WOLFTPM_MCHP || WOLFTPM_PERFORM_SELFTEST */
#endif /* !defined(WOLFTPM_LINUX_DEV) && !defined(WOLFTPM_WINAPI) */ #endif /* !WOLFTPM_LINUX_DEV && !WOLFTPM_WINAPI */
return rc; return rc;
} }
@ -511,7 +511,7 @@ int wolfTPM2_SelfTest(WOLFTPM2_DEV* dev)
selfTest.fullTest = YES; selfTest.fullTest = YES;
rc = TPM2_SelfTest(&selfTest); rc = TPM2_SelfTest(&selfTest);
#ifdef WOLFTPM_WINAPI #ifdef WOLFTPM_WINAPI
if (rc == TPM_E_COMMAND_BLOCKED) { if (rc == TPM_E_COMMAND_BLOCKED) { /* 0x80280400 */
#ifdef DEBUG_WOLFTPM #ifdef DEBUG_WOLFTPM
printf("TPM2_SelfTest not allowed on Windows TBS (err 0x%x)\n", rc); printf("TPM2_SelfTest not allowed on Windows TBS (err 0x%x)\n", rc);
#endif #endif

68
wrapper/CSharp/wolfTPM-tests.cs
View File

@ -169,7 +169,7 @@ namespace tpm_csharp_test
} }
else else
{ {
Console.WriteLine("wolfTPM2_GetKeyBlobAsBuffer() failed."); Console.WriteLine("wolfTPM2_GetKeyBlobAsBuffer() failed");
rc = -1; rc = -1;
} }
@ -285,6 +285,7 @@ namespace tpm_csharp_test
Key pub_key; Key pub_key;
int exp = 0x10001; int exp = 0x10001;
Console.WriteLine("Testing load RSA Public key");
PrintByteArray(pub_buffer); PrintByteArray(pub_buffer);
pub_key = new Key(); pub_key = new Key();
@ -303,6 +304,8 @@ namespace tpm_csharp_test
Key priv_key; Key priv_key;
int exp = 0x10001; int exp = 0x10001;
Console.WriteLine("Testing load RSA Private key");
PrintByteArray(pub_buffer); PrintByteArray(pub_buffer);
PrintByteArray(priv_buffer); PrintByteArray(priv_buffer);
@ -325,6 +328,8 @@ namespace tpm_csharp_test
KeyBlob blob; KeyBlob blob;
int exp = 0x10001; int exp = 0x10001;
Console.WriteLine("Testing import RSA Private key");
PrintByteArray(pub_buffer); PrintByteArray(pub_buffer);
PrintByteArray(priv_buffer); PrintByteArray(priv_buffer);
@ -347,6 +352,8 @@ namespace tpm_csharp_test
Key key = new Key(); Key key = new Key();
Template template = new Template(); Template template = new Template();
Console.WriteLine("Testing create primary");
/* Test creating the primary RSA endorsement key (EK) */ /* Test creating the primary RSA endorsement key (EK) */
rc = template.GetKeyTemplate_RSA_EK(); rc = template.GetKeyTemplate_RSA_EK();
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
@ -365,6 +372,8 @@ namespace tpm_csharp_test
Key key = new Key(); Key key = new Key();
Template template = new Template(); Template template = new Template();
Console.WriteLine("Testing create primary custom");
/* Test creating custom SRK (different than one Windows uses) */ /* Test creating custom SRK (different than one Windows uses) */
rc = template.GetKeyTemplate_RSA_SRK(); rc = template.GetKeyTemplate_RSA_SRK();
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
@ -405,6 +414,8 @@ namespace tpm_csharp_test
"/emailAddress=info@wolfssl.com"; "/emailAddress=info@wolfssl.com";
string keyUsage = "serverAuth,clientAuth,codeSigning"; string keyUsage = "serverAuth,clientAuth,codeSigning";
Console.WriteLine("Testing generate CSR");
rc = template.GetKeyTemplate_RSA((ulong)( rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin | TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth | TPM2_Object.userWithAuth |
@ -444,6 +455,8 @@ namespace tpm_csharp_test
"/emailAddress=info@wolfssl.com"; "/emailAddress=info@wolfssl.com";
string keyUsage = "serverAuth,clientAuth,codeSigning"; string keyUsage = "serverAuth,clientAuth,codeSigning";
Console.WriteLine("Testing generate Certificate");
rc = template.GetKeyTemplate_RSA((ulong)( rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin | TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth | TPM2_Object.userWithAuth |
@ -487,6 +500,8 @@ namespace tpm_csharp_test
string custOid = "1.2.3.4.5"; string custOid = "1.2.3.4.5";
string custOidVal = "This is NOT a critical extension"; string custOidVal = "This is NOT a critical extension";
Console.WriteLine("Testing generate CSR custom");
rc = template.GetKeyTemplate_RSA((ulong)( rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin | TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth | TPM2_Object.userWithAuth |
@ -524,5 +539,56 @@ namespace tpm_csharp_test
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test]
public void TryKeyNV()
{
int rc;
KeyBlob keyBlob = new KeyBlob();
Template template = new Template();
ulong testPersistentHandle = 0x81000202;
Console.WriteLine("Testing key with NV");
rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth |
TPM2_Object.decrypt |
TPM2_Object.sign |
TPM2_Object.noDA));
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* Generate new key */
rc = device.CreateKey(keyBlob, parent_key, template,
"ThisIsMyStorageKeyAuth");
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* Load key */
rc = device.LoadKey(keyBlob, parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* Store key */
rc = device.StoreKey(keyBlob, (ulong)TPM_RH.OWNER, testPersistentHandle);
if ((uint)rc == 0x80280400) { /* TPM_E_COMMAND_BLOCKED */
/* Windows TBS does not allow storing keys to NV */
rc = 0; /* ignore error */
}
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* Read public key */
rc = device.ReadPublicKey(keyBlob, testPersistentHandle);
if (rc == (int)Status.TPM_RC_HANDLE) {
/* valid error if the handle is not found */
rc = 0; /* ignore error */
}
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* Delete Key */
rc = device.DeleteKey(keyBlob, (ulong)TPM_RH.OWNER);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
rc = device.UnloadHandle(keyBlob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
}
} }
} }

65
wrapper/CSharp/wolfTPM.cs
View File

@ -65,6 +65,7 @@ namespace wolfTPM
public enum Status : int public enum Status : int
{ {
TPM_RC_SUCCESS = 0, TPM_RC_SUCCESS = 0,
TPM_RC_HANDLE = 0x8B,
BAD_FUNC_ARG = -173, BAD_FUNC_ARG = -173,
NOT_COMPILED_IN = -174, NOT_COMPILED_IN = -174,
} }
@ -893,13 +894,23 @@ namespace wolfTPM
private static extern int wolfTPM2_ReadPublicKey(IntPtr dev, private static extern int wolfTPM2_ReadPublicKey(IntPtr dev,
IntPtr key, IntPtr key,
ulong handle); ulong handle);
public int ReadPublicKey(Key key, public int ReadPublicKey(Key key, ulong handle)
ulong handle)
{ {
int rc = wolfTPM2_ReadPublicKey(device, int rc = wolfTPM2_ReadPublicKey(device, key.key, handle);
key.key, if (rc != (int)Status.TPM_RC_SUCCESS &&
handle); rc != (int)Status.TPM_RC_HANDLE)
if (rc != (int)Status.TPM_RC_SUCCESS) { {
throw new WolfTpm2Exception(
"wolfTPM2_ReadPublicKey", rc);
}
return rc;
}
public int ReadPublicKey(KeyBlob keyBlob, ulong handle)
{
int rc = wolfTPM2_ReadPublicKey(device, keyBlob.keyblob, handle);
if (rc != (int)Status.TPM_RC_SUCCESS &&
rc != (int)Status.TPM_RC_HANDLE)
{
throw new WolfTpm2Exception( throw new WolfTpm2Exception(
"wolfTPM2_ReadPublicKey", rc); "wolfTPM2_ReadPublicKey", rc);
} }
@ -950,21 +961,53 @@ namespace wolfTPM
return rc; return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_NVStoreKey")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_NVStoreKey")]
private static extern int wolfTPM2_NVStoreKey(IntPtr dev, private static extern int wolfTPM2_NVStoreKey(IntPtr dev,
IntPtr primaryHandle, IntPtr key, IntPtr persistentHandle); ulong primaryHandle, IntPtr key, ulong persistentHandle);
public int StoreKey(Key key, IntPtr primaryHandle, IntPtr persistentHandle) public int StoreKey(Key key, ulong primaryHandle, ulong persistentHandle)
{ {
int rc = wolfTPM2_NVStoreKey(device, primaryHandle, key.GetHandle(), int rc = wolfTPM2_NVStoreKey(device, primaryHandle, key.key,
persistentHandle); persistentHandle);
if (rc != (int)Status.TPM_RC_SUCCESS) { if (rc != (int)Status.TPM_RC_SUCCESS &&
(uint)rc != 0x80280400) { /* TPM_E_COMMAND_BLOCKED */
throw new WolfTpm2Exception(
"wolfTPM2_NVStoreKey", rc);
}
return rc;
}
public int StoreKey(KeyBlob keyBlob, ulong primaryHandle, ulong persistentHandle)
{
int rc = wolfTPM2_NVStoreKey(device, primaryHandle, keyBlob.keyblob,
persistentHandle);
if (rc != (int)Status.TPM_RC_SUCCESS &&
(uint)rc != 0x80280400) { /* TPM_E_COMMAND_BLOCKED */
throw new WolfTpm2Exception( throw new WolfTpm2Exception(
"wolfTPM2_NVStoreKey", rc); "wolfTPM2_NVStoreKey", rc);
} }
return rc; return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_NVDeleteKey")]
private static extern int wolfTPM2_NVDeleteKey(IntPtr dev,
ulong primaryHandle, IntPtr key);
public int DeleteKey(Key key, ulong primaryHandle)
{
int rc = wolfTPM2_NVDeleteKey(device, primaryHandle, key.key);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_NVDeleteKey", rc);
}
return rc;
}
public int DeleteKey(KeyBlob keyBlob, ulong primaryHandle)
{
int rc = wolfTPM2_NVDeleteKey(device, primaryHandle, keyBlob.keyblob);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_NVDeleteKey", rc);
}
return rc;
}
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_ImportRsaPrivateKey")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_ImportRsaPrivateKey")]
private static extern int wolfTPM2_ImportRsaPrivateKey( private static extern int wolfTPM2_ImportRsaPrivateKey(