WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #212 from dgarske/csharp_add2 

Adds CSharp wrapper tests for authenticated sessions
pull/213/head
Anthony Hu 2022-06-27 13:43:00 -04:00 committed by GitHub
parent f121ab90d7 8567c907d1
commit 2c41a935d1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 258 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/tpm2_wrap.c
View File

@ -291,11 +291,18 @@ int wolfTPM2_FreeSession(WOLFTPM2_SESSION* session)
WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromKey(WOLFTPM2_KEY* key) WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromKey(WOLFTPM2_KEY* key)
{ {
if (key == NULL) { return (key != NULL) ? &key->handle : NULL;
return NULL;
}
return &(key->handle);
} }
WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromKeyBlob(WOLFTPM2_KEYBLOB* keyBlob)
{
return (keyBlob != NULL) ? &keyBlob->handle : NULL;
}
WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromSession(WOLFTPM2_SESSION* session)
{
return (session != NULL) ? &session->handle : NULL;
}
int wolfTPM2_GetKeyBlobAsBuffer(byte *buffer, word32 bufferSz, int wolfTPM2_GetKeyBlobAsBuffer(byte *buffer, word32 bufferSz,
WOLFTPM2_KEYBLOB* key) WOLFTPM2_KEYBLOB* key)

22
wolftpm/tpm2_wrap.h
View File

@ -2478,6 +2478,28 @@ WOLFTPM_API int wolfTPM2_FreeSession(WOLFTPM2_SESSION* session);
*/ */
WOLFTPM_API WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromKey(WOLFTPM2_KEY* key); WOLFTPM_API WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromKey(WOLFTPM2_KEY* key);
/*!
\ingroup wolfTPM2_Wrappers
\brief Retrieve the WOLFTPM2_HANDLE from a WOLFTPM2_KEYBLOB
\return pointer to handle in the key blob structure
\return NULL if key pointer is NULL
\param key pointer to a WOLFTPM2_KEYBLOB struct
*/
WOLFTPM_API WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromKeyBlob(WOLFTPM2_KEYBLOB* keyBlob);
/*!
\ingroup wolfTPM2_Wrappers
\brief Retrieve the WOLFTPM2_HANDLE from a WOLFTPM2_SESSION
\return pointer to handle in the session structure
\return NULL if key pointer is NULL
\param key pointer to a WOLFTPM2_SESSION struct
*/
WOLFTPM_API WOLFTPM2_HANDLE* wolfTPM2_GetHandleRefFromSession(WOLFTPM2_SESSION* session);
/*! /*!
\ingroup wolfTPM2_Wrappers \ingroup wolfTPM2_Wrappers
\brief Set the authentication data for a key \brief Set the authentication data for a key

185
wrapper/CSharp/wolfTPM-tests.cs
View File

@ -1,3 +1,26 @@
/* wolfTPM-tests.cs
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfTPM.
*
* wolfTPM is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfTPM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* Tests for C# wrapper using NUnit */
using NUnit.Framework; using NUnit.Framework;
using System; using System;
using System.IO; using System.IO;
@ -82,7 +105,7 @@ namespace tpm_csharp_test
Console.WriteLine(sb.ToString()); Console.WriteLine(sb.ToString());
} }
void getSRK(Key srkKey, string auth) private void GetSRK(Key srkKey, string auth)
{ {
int ret = device.CreateSRK(srkKey, int ret = device.CreateSRK(srkKey,
(int)TPM2_Alg.RSA, (int)TPM2_Alg.RSA,
@ -90,66 +113,7 @@ namespace tpm_csharp_test
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
} }
[SetUp] private void GenerateKey(string algorithm)
public void TestInit()
{
parent_key = new Key();
getSRK(parent_key, "ThisIsMyStorageKeyAuth");
}
[TearDown]
public void TestCleanup()
{
int ret = (int)Status.TPM_RC_SUCCESS;
ret = device.UnloadHandle(parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
}
[Test]
public void TrySelfTest()
{
uint ret = (uint)device.SelfTest();
Assert.That(ret, Is.EqualTo((uint)Status.TPM_RC_SUCCESS) | Is.EqualTo(0x80280400));
}
[Test]
public void TryFillBufferWithRandom()
{
const int bufSz = 256;
byte[] buf = new byte[bufSz];
int ret = device.GetRandom(buf);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
PrintByteArray(buf);
Assert.That(buf, Has.Some.GreaterThan(0));
}
[Test]
public void TryGenerateAndLoadRSA()
{
GenerateRSA();
LoadGeneratedRSA();
}
[Test]
public void TryGenerateAndLoadAES()
{
GenerateAES();
LoadGeneratedAES();
}
void GenerateRSA()
{
GenerateKey("RSA");
}
void GenerateAES()
{
GenerateKey("AES");
}
void GenerateKey(string algorithm)
{ {
int ret = (int)Status.TPM_RC_SUCCESS; int ret = (int)Status.TPM_RC_SUCCESS;
KeyBlob blob = new KeyBlob(); KeyBlob blob = new KeyBlob();
@ -185,7 +149,6 @@ namespace tpm_csharp_test
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
ret = blob.GetKeyBlobAsBuffer(blob_buffer); ret = blob.GetKeyBlobAsBuffer(blob_buffer);
if (ret > 0) if (ret > 0)
{ {
Array.Resize(ref blob_buffer, ret); Array.Resize(ref blob_buffer, ret);
@ -199,7 +162,7 @@ namespace tpm_csharp_test
} }
else else
{ {
Console.WriteLine("Unexpected algorithm name!!!"); Console.WriteLine("Unexpected algorithm name!");
return; return;
} }
ret = (int)Status.TPM_RC_SUCCESS; ret = (int)Status.TPM_RC_SUCCESS;
@ -210,24 +173,11 @@ namespace tpm_csharp_test
ret = -1; ret = -1;
} }
ret = device.UnloadHandle(blob); ret = device.UnloadHandle(blob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
} }
private void LoadGeneratedKey(string algorithm)
void LoadGeneratedRSA()
{
LoadGeneratedKey("RSA");
}
void LoadGeneratedAES()
{
LoadGeneratedKey("AES");
}
void LoadGeneratedKey(string algorithm)
{ {
int ret = (int)Status.TPM_RC_SUCCESS; int ret = (int)Status.TPM_RC_SUCCESS;
KeyBlob blob = new KeyBlob(); KeyBlob blob = new KeyBlob();
@ -243,7 +193,7 @@ namespace tpm_csharp_test
} }
else else
{ {
Console.WriteLine("Unexpected algorithm name!!!"); Console.WriteLine("Unexpected algorithm name!");
return; return;
} }
@ -255,13 +205,84 @@ namespace tpm_csharp_test
ret = device.UnloadHandle(blob); ret = device.UnloadHandle(blob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
}
[SetUp]
public void TestInit()
{
parent_key = new Key();
GetSRK(parent_key, "ThisIsMyStorageKeyAuth");
}
[TearDown]
public void TestCleanup()
{
int ret = device.UnloadHandle(parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
}
[Test]
public void TrySelfTest()
{
uint ret = (uint)device.SelfTest();
Assert.That(ret, Is.EqualTo((uint)Status.TPM_RC_SUCCESS) |
Is.EqualTo(0x80280400));
}
[Test]
public void TryFillBufferWithRandom()
{
int ret;
const int bufSz = 256;
byte[] buf = new byte[bufSz];
ret = device.GetRandom(buf);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
PrintByteArray(buf);
Assert.That(buf, Has.Some.GreaterThan(0));
}
[Test]
public void TryGenerateAndLoadRSA()
{
GenerateKey("RSA");
LoadGeneratedKey("RSA");
}
[Test]
public void TryGenerateAndLoadAES()
{
GenerateKey("AES");
LoadGeneratedKey("AES");
}
[Test]
public void TryAuthSession()
{
int ret;
Session tpmSession = new Session();
const int bufSz = 256;
byte[] buf = new byte[bufSz];
Console.WriteLine("Testing Parameter Encryption with AES CFB");
ret = tpmSession.StartAuth(device, parent_key, TPM2_Alg.CFB);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
/* Do sensitive operation */
ret = device.GetRandom(buf);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
ret = tpmSession.StopAuth(device);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
} }
[Test] [Test]
public void TryLoadRSAPublicKey() public void TryLoadRSAPublicKey()
{ {
int ret = (int)Status.TPM_RC_SUCCESS; int ret;
Key pub_key; Key pub_key;
int exp = 0x10001; int exp = 0x10001;
@ -279,8 +300,7 @@ namespace tpm_csharp_test
[Test] [Test]
public void TryLoadRSAPrivateKey() public void TryLoadRSAPrivateKey()
{ {
int ret = (int)Status.TPM_RC_SUCCESS; int ret;
Key priv_key; Key priv_key;
int exp = 0x10001; int exp = 0x10001;
@ -301,7 +321,7 @@ namespace tpm_csharp_test
[Test] [Test]
public void TryImportRSAPrivateKey() public void TryImportRSAPrivateKey()
{ {
int ret = (int)Status.TPM_RC_SUCCESS; int ret;
KeyBlob blob; KeyBlob blob;
int exp = 0x10001; int exp = 0x10001;
@ -319,7 +339,6 @@ namespace tpm_csharp_test
ret = device.UnloadHandle(blob); ret = device.UnloadHandle(blob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret);
} }
} }

141
wrapper/CSharp/wolfTPM.cs
View File

@ -1,3 +1,24 @@
/* wolfTPM.cs
*
* Copyright (C) 2006-2022 wolfSSL Inc.
*
* This file is part of wolfTPM.
*
* wolfTPM is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfTPM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
using System; using System;
using System.Runtime.InteropServices; using System.Runtime.InteropServices;
@ -7,6 +28,7 @@ namespace wolfTPM
public enum Status : int public enum Status : int
{ {
TPM_RC_SUCCESS = 0, TPM_RC_SUCCESS = 0,
BAD_FUNC_ARG = -173,
} }
public enum TPM2_Object : ulong public enum TPM2_Object : ulong
@ -99,6 +121,11 @@ namespace wolfTPM
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetKeyBlobFromBuffer")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetKeyBlobFromBuffer")]
private static extern int wolfTPM2_SetKeyBlobFromBuffer(IntPtr key, private static extern int wolfTPM2_SetKeyBlobFromBuffer(IntPtr key,
byte[] buffer, int bufferSz); byte[] buffer, int bufferSz);
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetHandleRefFromKeyBlob")]
private static extern IntPtr wolfTPM2_GetHandleRefFromKeyBlob(IntPtr keyBlob);
internal IntPtr keyblob; internal IntPtr keyblob;
public KeyBlob() public KeyBlob()
@ -124,6 +151,11 @@ namespace wolfTPM
{ {
return wolfTPM2_SetKeyBlobFromBuffer(keyblob, buffer, buffer.Length); return wolfTPM2_SetKeyBlobFromBuffer(keyblob, buffer, buffer.Length);
} }
public IntPtr GetHandle()
{
return wolfTPM2_GetHandleRefFromKeyBlob(keyblob);
}
} }
public class Key public class Key
@ -140,7 +172,6 @@ namespace wolfTPM
/* Native Getters and Setters */ /* Native Getters and Setters */
/* ================================================================== */ /* ================================================================== */
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetKeyAuthPassword")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetKeyAuthPassword")]
private static extern int wolfTPM2_SetKeyAuthPassword( private static extern int wolfTPM2_SetKeyAuthPassword(
IntPtr key, IntPtr key,
@ -166,6 +197,12 @@ namespace wolfTPM
} }
} }
public IntPtr GetHandle()
{
return wolfTPM2_GetHandleRefFromKey(key);
}
/* kept for backwards compatibility, use GetHandle */
public IntPtr GetHandleRefFromKey() public IntPtr GetHandleRefFromKey()
{ {
return wolfTPM2_GetHandleRefFromKey(key); return wolfTPM2_GetHandleRefFromKey(key);
@ -228,7 +265,6 @@ namespace wolfTPM
isDecrypt ? 1 : 0); isDecrypt ? 1 : 0);
} }
} }
public class Session public class Session
@ -241,23 +277,76 @@ namespace wolfTPM
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_FreeSession")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_FreeSession")]
private static extern int wolfTPM2_FreeSession(IntPtr session); private static extern int wolfTPM2_FreeSession(IntPtr session);
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetHandleRefFromSession")]
private static extern IntPtr wolfTPM2_GetHandleRefFromSession(IntPtr session);
internal IntPtr session; internal IntPtr session;
internal int sessionIdx;
public Session() public Session()
{ {
session = wolfTPM2_NewSession(); session = wolfTPM2_NewSession();
sessionIdx = 1; /* for most commands the index is 1 */
}
public Session(int index)
{
session = wolfTPM2_NewSession();
sessionIdx = index;
} }
~Session() ~Session()
{ {
if (session != IntPtr.Zero) if (session != IntPtr.Zero)
{ {
// TODO: check return value /* ignore return code on free */
wolfTPM2_FreeSession(session); wolfTPM2_FreeSession(session);
} }
} }
public IntPtr GetHandle()
{
return wolfTPM2_GetHandleRefFromSession(session);
}
public int StartAuth(Device device, Key parentKey, TPM2_Alg algMode)
{
int ret;
/* Algorithm modes: With parameter encryption use CFB or XOR.
* For HMAC only (no parameter encryption) use NULL. */
if (algMode != TPM2_Alg.NULL &&
algMode != TPM2_Alg.CFB &&
algMode != TPM2_Alg.XOR) {
return (int)Status.BAD_FUNC_ARG;
}
/* Start an authenticated session (salted / unbound) with
* parameter encryption */
ret = device.StartSession(this, parentKey, IntPtr.Zero,
(byte)SE.HMAC, (int)algMode);
if (ret == (int)Status.TPM_RC_SUCCESS) {
/* Set session for authorization of the primary key */
ret = device.SetAuthSession(this, this.sessionIdx,
(byte)(SESSION_mask.decrypt | SESSION_mask.encrypt |
SESSION_mask.continueSession));
}
return ret;
}
public int StopAuth(Device device)
{
int ret;
/* Clear the auth index, since the auth session is ending */
device.ClearAuthSession(this, this.sessionIdx);
/* Unload session */
ret = device.UnloadHandle(this);
return ret;
}
} }
public class Device public class Device
@ -330,24 +419,24 @@ namespace wolfTPM
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_StartSession")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_StartSession")]
private static extern int wolfTPM2_StartSession(IntPtr dev, private static extern int wolfTPM2_StartSession(IntPtr dev,
IntPtr session, IntPtr session,
IntPtr tmpKey, IntPtr tmpKey,
IntPtr bind, IntPtr bind,
byte sesType, byte sesType,
int encDecAlg); int encDecAlg);
public int StartSession(IntPtr session, public int StartSession(Session tpmSession,
Key tmpKey, Key tmpKey,
IntPtr bind, IntPtr bind,
byte sesType, byte sesType,
int encDecAlg) int encDecAlg)
{ {
return wolfTPM2_StartSession(device, return wolfTPM2_StartSession(device,
session, tpmSession.session,
tmpKey.key, tmpKey.key,
bind, bind,
sesType, sesType,
encDecAlg); encDecAlg);
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetAuthSession")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetAuthSession")]
@ -355,14 +444,26 @@ namespace wolfTPM
int index, int index,
IntPtr tpmSession, IntPtr tpmSession,
byte sessionAttributes); byte sessionAttributes);
public int SetAuthSession(IntPtr session, public int SetAuthSession(Session tpmSession,
int index, int index,
byte sessionAttributes) byte sessionAttributes)
{ {
/* For sessionAttributes suggest using: /* For sessionAttributes suggest using:
* (byte)(SESSION_mask.decrypt | SESSION_mask.encrypt | SESSION_mask.continueSession) * (byte)(SESSION_mask.decrypt | SESSION_mask.encrypt | SESSION_mask.continueSession)
*/ */
return wolfTPM2_SetAuthSession(device, index, session, sessionAttributes); return wolfTPM2_SetAuthSession(device,
index,
tpmSession.session,
sessionAttributes);
}
public int ClearAuthSession(Session tpmSession,
int index)
{
return wolfTPM2_SetAuthSession(device,
index,
IntPtr.Zero,
0);
} }
@ -394,7 +495,7 @@ namespace wolfTPM
{ {
return wolfTPM2_CreateKey(device, return wolfTPM2_CreateKey(device,
keyBlob.keyblob, keyBlob.keyblob,
parent.GetHandleRefFromKey(), parent.GetHandle(),
publicTemplate.template, publicTemplate.template,
auth, auth,
auth.Length); auth.Length);
@ -408,7 +509,7 @@ namespace wolfTPM
public int LoadKey(KeyBlob keyBlob, public int LoadKey(KeyBlob keyBlob,
Key parent) Key parent)
{ {
return wolfTPM2_LoadKey(device, keyBlob.keyblob, parent.GetHandleRefFromKey()); return wolfTPM2_LoadKey(device, keyBlob.keyblob, parent.GetHandle());
} }
@ -417,7 +518,7 @@ namespace wolfTPM
IntPtr primaryHandle, IntPtr key, IntPtr persistentHandle); IntPtr primaryHandle, IntPtr key, IntPtr persistentHandle);
public int StoreKey(Key key, IntPtr primaryHandle, IntPtr persistentHandle) public int StoreKey(Key key, IntPtr primaryHandle, IntPtr persistentHandle)
{ {
return wolfTPM2_NVStoreKey(device, primaryHandle, key.GetHandleRefFromKey(), return wolfTPM2_NVStoreKey(device, primaryHandle, key.GetHandle(),
persistentHandle); persistentHandle);
} }
@ -506,14 +607,18 @@ namespace wolfTPM
private static extern int wolfTPM2_UnloadHandle(IntPtr dev, IntPtr handle); private static extern int wolfTPM2_UnloadHandle(IntPtr dev, IntPtr handle);
public int UnloadHandle(Key key) public int UnloadHandle(Key key)
{ {
return wolfTPM2_UnloadHandle(device, key.key); return wolfTPM2_UnloadHandle(device, key.GetHandle());
} }
public int UnloadHandle(KeyBlob keyblob) public int UnloadHandle(KeyBlob keyBlob)
{ {
return wolfTPM2_UnloadHandle(device, keyblob.keyblob); return wolfTPM2_UnloadHandle(device, keyBlob.GetHandle());
} }
public int UnloadHandle(Session tpmSession)
{
return wolfTPM2_UnloadHandle(device, tpmSession.GetHandle());
}
} }
} }