mirror of https://github.com/wolfSSL/wolfTPM.git
Fix logic error with `--enable-wrapper`. Fix for RSA encrypt/decrypt with no (NULL) padding scheme. Added RSA wrapper test for no padding. Added wrapper function to get a devId based on did_vid. Added wrapper TPM device pointer to handle.
parent
9f574a89fb
commit
2d274f08b7
|
@ -110,7 +110,7 @@ AC_ARG_ENABLE([wrapper],
|
|||
[ ENABLED_WRAPPER=yes ]
|
||||
)
|
||||
|
||||
if test "$ENABLED_WRAPPER" = "yes"
|
||||
if test "$ENABLED_WRAPPER" = "no"
|
||||
then
|
||||
AM_CFLAGS="$AM_CFLAGS -DWOLFTPM2_NO_WRAPPER"
|
||||
fi
|
||||
|
|
|
@ -160,28 +160,44 @@ int TPM2_Wrapper_Test(void* userCtx)
|
|||
if (rc != 0) goto exit;
|
||||
|
||||
|
||||
/* Perform RSA encrypt / decrypt */
|
||||
/* Perform RSA encrypt / decrypt (no pad) */
|
||||
message.size = 256; /* test message 0x11,0x11,etc */
|
||||
XMEMSET(message.buffer, 0x11, message.size);
|
||||
cipher.size = sizeof(cipher.buffer); /* encrypted data */
|
||||
rc = wolfTPM2_RsaEncrypt(&dev, &rsaKey, TPM_ALG_NULL,
|
||||
message.buffer, message.size, cipher.buffer, &cipher.size);
|
||||
if (rc != 0) goto exit;
|
||||
plain.size = sizeof(plain.buffer);
|
||||
rc = wolfTPM2_RsaDecrypt(&dev, &rsaKey, TPM_ALG_NULL,
|
||||
cipher.buffer, cipher.size, plain.buffer, &plain.size);
|
||||
if (rc != 0) goto exit;
|
||||
/* Validate encrypt / decrypt */
|
||||
if (message.size != plain.size ||
|
||||
XMEMCMP(message.buffer, plain.buffer, message.size) != 0) {
|
||||
rc = TPM_RC_TESTING; goto exit;
|
||||
}
|
||||
printf("RSA Encrypt/Decrypt Test Passed\n");
|
||||
|
||||
/* Perform RSA encrypt / decrypt (OAEP pad) */
|
||||
message.size = WC_SHA256_DIGEST_SIZE; /* test message 0x11,0x11,etc */
|
||||
XMEMSET(message.buffer, 0x11, message.size);
|
||||
cipher.size = sizeof(cipher.buffer); /* encrypted data */
|
||||
rc = wolfTPM2_RsaEncrypt(&dev, &rsaKey, TPM_ALG_OAEP,
|
||||
message.buffer, message.size, cipher.buffer, &cipher.size);
|
||||
if (rc != 0) goto exit;
|
||||
|
||||
plain.size = sizeof(plain.buffer);
|
||||
rc = wolfTPM2_RsaDecrypt(&dev, &rsaKey, TPM_ALG_OAEP,
|
||||
cipher.buffer, cipher.size, plain.buffer, &plain.size);
|
||||
if (rc != 0) goto exit;
|
||||
|
||||
rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
|
||||
if (rc != 0) goto exit;
|
||||
|
||||
/* Validate encrypt / decrypt */
|
||||
if (message.size != plain.size ||
|
||||
XMEMCMP(message.buffer, plain.buffer, message.size) != 0) {
|
||||
rc = TPM_RC_TESTING; goto exit;
|
||||
}
|
||||
printf("RSA Encrypt Test Passed\n");
|
||||
printf("RSA Encrypt/Decrypt OAEP Test Passed\n");
|
||||
|
||||
rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
|
||||
if (rc != 0) goto exit;
|
||||
|
||||
|
||||
/* Create an ECC key for ECDSA */
|
||||
|
|
|
@ -1380,7 +1380,8 @@ TPM_RC TPM2_RSA_Encrypt(RSA_Encrypt_In* in, RSA_Encrypt_Out* out)
|
|||
TPM2_Packet_AppendBytes(&packet, in->message.buffer, in->message.size);
|
||||
|
||||
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
|
||||
TPM2_Packet_AppendU16(&packet, in->inScheme.details.anySig.hashAlg);
|
||||
if (in->inScheme.scheme != TPM_ALG_NULL)
|
||||
TPM2_Packet_AppendU16(&packet, in->inScheme.details.anySig.hashAlg);
|
||||
|
||||
TPM2_Packet_AppendU16(&packet, in->label.size);
|
||||
TPM2_Packet_AppendBytes(&packet, in->label.buffer, in->label.size);
|
||||
|
@ -1427,7 +1428,8 @@ TPM_RC TPM2_RSA_Decrypt(RSA_Decrypt_In* in, RSA_Decrypt_Out* out)
|
|||
in->cipherText.size);
|
||||
|
||||
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
|
||||
TPM2_Packet_AppendU16(&packet, in->inScheme.details.anySig.hashAlg);
|
||||
if (in->inScheme.scheme != TPM_ALG_NULL)
|
||||
TPM2_Packet_AppendU16(&packet, in->inScheme.details.anySig.hashAlg);
|
||||
|
||||
TPM2_Packet_AppendU16(&packet, in->label.size);
|
||||
TPM2_Packet_AppendBytes(&packet, in->label.buffer, in->label.size);
|
||||
|
|
|
@ -81,6 +81,15 @@ int wolfTPM2_Init(WOLFTPM2_DEV* dev, TPM2HalIoCb ioCb, void* userCtx)
|
|||
return TPM_RC_SUCCESS;
|
||||
}
|
||||
|
||||
int wolfTPM2_GetTpmDevId(WOLFTPM2_DEV* dev)
|
||||
{
|
||||
if (dev == NULL) {
|
||||
return BAD_FUNC_ARG;
|
||||
}
|
||||
|
||||
return dev->ctx.did_vid; /* not INVALID_DEVID */
|
||||
}
|
||||
|
||||
int wolfTPM2_SetAuth(WOLFTPM2_DEV* dev, int index,
|
||||
TPM_HANDLE sessionHandle, const byte* auth, int authSz)
|
||||
{
|
||||
|
@ -158,6 +167,7 @@ int wolfTPM2_StartSession(WOLFTPM2_DEV* dev, WOLFTPM2_SESSION* session,
|
|||
return rc;
|
||||
}
|
||||
|
||||
session->handle.dev = dev;
|
||||
session->handle.hndl = authSesOut.sessionHandle;
|
||||
session->nonceTPM = authSesOut.nonceTPM;
|
||||
|
||||
|
@ -199,6 +209,7 @@ int wolfTPM2_CreatePrimaryKey(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
|
|||
wolfTPM2_GetRCString(rc));
|
||||
return rc;
|
||||
}
|
||||
key->handle.dev = dev;
|
||||
key->handle.hndl = createPriOut.objectHandle;
|
||||
key->handle.auth = createPriIn.inSensitive.sensitive.userAuth;
|
||||
|
||||
|
@ -270,6 +281,7 @@ int wolfTPM2_CreateAndLoadKey(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
|
|||
printf("TPM2_Load key failed %d: %s\n", rc, wolfTPM2_GetRCString(rc));
|
||||
return rc;
|
||||
}
|
||||
key->handle.dev = dev;
|
||||
key->handle.hndl = loadOut.objectHandle;
|
||||
key->handle.auth = createIn.inSensitive.sensitive.userAuth;
|
||||
|
||||
|
@ -300,6 +312,7 @@ int wolfTPM2_LoadPublicKey(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
|
|||
wolfTPM2_GetRCString(rc));
|
||||
return rc;
|
||||
}
|
||||
key->handle.dev = dev;
|
||||
key->handle.hndl = loadExtOut.objectHandle;
|
||||
key->pub = loadExtIn.inPublic;
|
||||
|
||||
|
@ -382,6 +395,7 @@ int wolfTPM2_ReadPublicKey(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
|
|||
return rc;
|
||||
}
|
||||
|
||||
key->handle.dev = dev;
|
||||
key->handle.hndl = readPubIn.objectHandle;
|
||||
key->pub = readPubOut.outPublic;
|
||||
|
||||
|
@ -665,8 +679,9 @@ int wolfTPM2_RsaEncrypt(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
|
|||
rsaEncIn.keyHandle = key->handle.hndl;
|
||||
rsaEncIn.message.size = msgSz;
|
||||
XMEMCPY(rsaEncIn.message.buffer, msg, msgSz);
|
||||
rsaEncIn.inScheme.scheme = padScheme; /* TPM_ALG_OAEP or TPM_ALG_RSAPSS */
|
||||
rsaEncIn.inScheme.details.oaep.hashAlg = WOLFTPM2_WRAP_DIGEST;
|
||||
/* TPM_ALG_NULL, TPM_ALG_OAEP, TPM_ALG_RSASSA or TPM_ALG_RSAPSS */
|
||||
rsaEncIn.inScheme.scheme = padScheme;
|
||||
rsaEncIn.inScheme.details.anySig.hashAlg = WOLFTPM2_WRAP_DIGEST;
|
||||
|
||||
#if 0
|
||||
/* Optional label */
|
||||
|
@ -713,8 +728,9 @@ int wolfTPM2_RsaDecrypt(WOLFTPM2_DEV* dev, WOLFTPM2_KEY* key,
|
|||
rsaDecIn.keyHandle = key->handle.hndl;
|
||||
rsaDecIn.cipherText.size = inSz;
|
||||
XMEMCPY(rsaDecIn.cipherText.buffer, in, inSz);
|
||||
/* TPM_ALG_NULL, TPM_ALG_OAEP, TPM_ALG_RSASSA or TPM_ALG_RSAPSS */
|
||||
rsaDecIn.inScheme.scheme = padScheme;
|
||||
rsaDecIn.inScheme.details.oaep.hashAlg = WOLFTPM2_WRAP_DIGEST;
|
||||
rsaDecIn.inScheme.details.anySig.hashAlg = WOLFTPM2_WRAP_DIGEST;
|
||||
|
||||
#if 0
|
||||
/* Optional label */
|
||||
|
|
|
@ -25,7 +25,13 @@
|
|||
|
||||
#include <wolftpm/tpm2.h>
|
||||
|
||||
typedef struct WOLFTPM2_DEV {
|
||||
TPM2_CTX ctx;
|
||||
TPMS_AUTH_COMMAND session[MAX_SESSION_NUM];
|
||||
} WOLFTPM2_DEV;
|
||||
|
||||
typedef struct WOLFTPM2_HANDLE {
|
||||
WOLFTPM2_DEV* dev;
|
||||
TPM_HANDLE hndl;
|
||||
TPM2B_AUTH auth;
|
||||
} WOLFTPM2_HANDLE;
|
||||
|
@ -42,14 +48,14 @@ typedef struct WOLFTPM2_KEY {
|
|||
TPM2B_NAME name;
|
||||
} WOLFTPM2_KEY;
|
||||
|
||||
typedef struct WOLFTPM2_DEV {
|
||||
TPM2_CTX ctx;
|
||||
TPMS_AUTH_COMMAND session[MAX_SESSION_NUM];
|
||||
} WOLFTPM2_DEV;
|
||||
|
||||
#ifndef WOLFTPM2_MAX_BUFFER
|
||||
#define WOLFTPM2_MAX_BUFFER MAX_DIGEST_BUFFER
|
||||
#endif
|
||||
|
||||
typedef struct WOLFTPM2_BUFFER {
|
||||
int size;
|
||||
byte buffer[MAX_DIGEST_BUFFER];
|
||||
byte buffer[WOLFTPM2_MAX_BUFFER];
|
||||
} WOLFTPM2_BUFFER;
|
||||
|
||||
|
||||
|
@ -58,6 +64,8 @@ typedef struct WOLFTPM2_BUFFER {
|
|||
WOLFTPM_API int wolfTPM2_Init(WOLFTPM2_DEV* dev, TPM2HalIoCb ioCb, void* userCtx);
|
||||
WOLFTPM_API int wolfTPM2_Cleanup(WOLFTPM2_DEV* dev);
|
||||
|
||||
WOLFTPM_API int wolfTPM2_GetTpmDevId(WOLFTPM2_DEV* dev);
|
||||
|
||||
WOLFTPM_API int wolfTPM2_SetAuth(WOLFTPM2_DEV* dev, int index,
|
||||
TPM_HANDLE sessionHandle, const byte* auth, int authSz);
|
||||
|
||||
|
|
Loading…
Reference in New Issue