WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Adds wrapper code. Adds tests for `TPM2_PolicyPCR` and `TPM2_FlushContext`.

pull/3/head
David Garske 2018-02-15 10:20:19 -08:00
parent e9ffa0b32a
commit 78876923cc
7 changed files with 211 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
examples/tpm/tpm2_demo.c
View File

@ -30,8 +30,10 @@
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/hash.h>
#include <wolftpm/tpm2.h>
#include <wolftpm/tpm2_wrap.h>
#include <examples/tpm/tpm2_demo.h>
/* Local variables */
@ -54,48 +56,6 @@ static TPM2_CTX gTpm2Ctx;
#define TPM2_USER_CTX NULL
#endif
/* Util / Debug */
#ifdef DEBUG_WOLFTPM
#define LINE_LEN 16
static void print_bin(const byte* buffer, word32 length)
{
word32 i;
char line[80];
if (!buffer) {
printf("\tNULL");
return;
}
sprintf(line, "\t");
for (i = 0; i < LINE_LEN; i++) {
if (i < length)
sprintf(line + 1 + i * 3,"%02x ", buffer[i]);
else
sprintf(line + 1 + i * 3, " ");
}
sprintf(line + 1 + LINE_LEN * 3, "| ");
for (i = 0; i < LINE_LEN; i++)
if (i < length)
sprintf(line + 3 + LINE_LEN * 3 + i,
"%c", 31 < buffer[i] && buffer[i] < 127 ? buffer[i] : '.');
printf("%s\n", line);
if (length > LINE_LEN)
print_bin(buffer + LINE_LEN, length - LINE_LEN);
}
#else
static void print_bin(const byte* buffer, word32 length) {
(void)buffer;
(void)length;
return;
}
#endif
/* IO Callback */
static TPM_RC TPM2_IoCb(TPM2_CTX* ctx, const byte* txBuf, byte* rxBuf,
@ -154,8 +114,8 @@ static TPM_RC TPM2_IoCb(TPM2_CTX* ctx, const byte* txBuf, byte* rxBuf,
#ifdef DEBUG_WOLFTPM
//printf("TPM2_IoCb: %d\n", xferSz);
//print_bin(txBuf, xferSz);
//print_bin(rxBuf, xferSz);
//TPM2_Util_PrintBin(txBuf, xferSz);
//TPM2_Util_PrintBin(rxBuf, xferSz);
#endif
(void)ctx;
@ -204,8 +164,10 @@ int TPM2_Demo(void* userCtx)
} cmdOut;
int pcrCount, pcrIndex, i;
TPML_TAGGED_TPM_PROPERTY* tpmProp;
TPMI_SH_POLICY sessionHandle;
TPM_HANDLE sessionHandle = TPM_RH_NULL;
WC_RNG rng;
byte hash[WC_SHA256_DIGEST_SIZE];
int hash_len = WC_SHA256_DIGEST_SIZE;
#ifdef DEBUG_WOLFSSL
wolfSSL_Debugging_ON();
@ -215,7 +177,7 @@ int TPM2_Demo(void* userCtx)
rc = wc_InitRng(&rng);
if (rc < 0) {
printf("wc_InitRng failed: %d\n", rc);
printf("wc_InitRng failed %d: %s\n", rc, wc_GetErrorString(rc));
return rc;
}
@ -253,7 +215,7 @@ int TPM2_Demo(void* userCtx)
}
printf("TPM2_GetTestResult: Size %d, Rc 0x%x\n", cmdOut.tr.outData.size,
cmdOut.tr.testResult);
print_bin(cmdOut.tr.outData.buffer, cmdOut.tr.outData.size);
TPM2_Util_PrintBin(cmdOut.tr.outData.buffer, cmdOut.tr.outData.size);
/* Incremental Test */
cmdIn.incSelfTest.toTest.count = 1;
@ -303,7 +265,7 @@ int TPM2_Demo(void* userCtx)
goto exit;
}
printf("TPM2_GetRandom: Got %d bytes\n", cmdOut.getRand.randomBytes.size);
print_bin(cmdOut.getRand.randomBytes.buffer,
TPM2_Util_PrintBin(cmdOut.getRand.randomBytes.buffer,
cmdOut.getRand.randomBytes.size);
@ -320,7 +282,7 @@ int TPM2_Demo(void* userCtx)
pcrIndex,
(int)cmdOut.pcrRead.pcrValues.digests[0].size,
(int)cmdOut.pcrRead.pcrUpdateCounter);
print_bin(cmdOut.pcrRead.pcrValues.digests[0].buffer,
TPM2_Util_PrintBin(cmdOut.pcrRead.pcrValues.digests[0].buffer,
cmdOut.pcrRead.pcrValues.digests[0].size);
}
@ -348,7 +310,7 @@ int TPM2_Demo(void* userCtx)
pcrIndex,
(int)cmdOut.pcrRead.pcrValues.digests[0].size,
(int)cmdOut.pcrRead.pcrUpdateCounter);
print_bin(cmdOut.pcrRead.pcrValues.digests[0].buffer,
TPM2_Util_PrintBin(cmdOut.pcrRead.pcrValues.digests[0].buffer,
cmdOut.pcrRead.pcrValues.digests[0].size);
@ -382,22 +344,64 @@ int TPM2_Demo(void* userCtx)
goto exit;
}
printf("TPM2_PolicyGetDigest: size %d\n", cmdOut.policyGetDigest.policyDigest.size);
print_bin(cmdOut.policyGetDigest.policyDigest.buffer,
TPM2_Util_PrintBin(cmdOut.policyGetDigest.policyDigest.buffer,
cmdOut.policyGetDigest.policyDigest.size);
#if 0
/* Read PCR[0] SHA1 */
rc = wolfTPM_ReadPCR(0, TPM_ALG_SHA1, hash, &hash_len);
if (rc != TPM_RC_SUCCESS) {
printf("TPM2_PCR_Read failed %d: %s\n", rc, TPM2_GetRCString(rc));
goto exit;
}
/* Hash SHA256 PCR[0] */
rc = wc_Hash(WC_HASH_TYPE_SHA256, cmdOut.pcrRead.pcrValues.digests[0].buffer,
cmdOut.pcrRead.pcrValues.digests[0].size, hash, hash_len);
if (rc < 0) {
printf("wc_Hash failed %d: %s\n", rc, wc_GetErrorString(rc));
goto exit;
}
printf("wc_Hash of PCR[0]: size %d\n", hash_len);
TPM2_Util_PrintBin(hash, hash_len);
/* Policy PCR */
pcrIndex = 0;
cmdIn.policyPCR.policySession = sessionHandle;
pcrDigest.size
pcrDigest.buffer
TPM2_SetupPCRSel(&cmdIn.policyPCR.pcrs, TPM_ALG_SHA256, pcrIndex);
cmdIn.policyPCR.pcrDigest.size = hash_len;
memcpy(cmdIn.policyPCR.pcrDigest.buffer, hash, hash_len);
TPM2_SetupPCRSel(&cmdIn.policyPCR.pcrs, TPM_ALG_SHA1, pcrIndex);
rc = TPM2_PolicyPCR(&cmdIn.policyPCR);
if (rc != TPM_RC_SUCCESS) {
printf("TPM2_PolicyPCR failed %d: %s\n", rc, TPM2_GetRCString(rc));
goto exit;
}
#endif
printf("TPM2_PolicyPCR: Updated\n");
/* Read PCR[0] SHA1 */
pcrIndex = 0;
TPM2_SetupPCRSel(&cmdIn.pcrRead.pcrSelectionIn, TPM_ALG_SHA1, pcrIndex);
rc = TPM2_PCR_Read(&cmdIn.pcrRead, &cmdOut.pcrRead);
if (rc != TPM_RC_SUCCESS) {
printf("TPM2_PCR_Read failed %d: %s\n", rc, TPM2_GetRCString(rc));
goto exit;
}
printf("TPM2_PCR_Read: Index %d, Digest Sz %d, Update Counter %d\n",
pcrIndex,
(int)cmdOut.pcrRead.pcrValues.digests[0].size,
(int)cmdOut.pcrRead.pcrUpdateCounter);
TPM2_Util_PrintBin(cmdOut.pcrRead.pcrValues.digests[0].buffer,
cmdOut.pcrRead.pcrValues.digests[0].size);
/* Close session (TPM2_FlushContext) */
cmdIn.flushCtx.flushHandle = sessionHandle;
rc = TPM2_FlushContext(&cmdIn.flushCtx);
if (rc != TPM_RC_SUCCESS) {
printf("TPM2_FlushContext failed %d: %s\n", rc, TPM2_GetRCString(rc));
goto exit;
}
printf("TPM2_FlushContext: Closed sessionHandle 0x%x\n", sessionHandle);
sessionHandle = TPM_RH_NULL;
/* TODO: Add tests for API's */
//rc = TPM2_CreatePrimary(&cmdIn.create, &cmdOut.create);
@ -407,6 +411,8 @@ int TPM2_Demo(void* userCtx)
//TPM_RC TPM2_Unseal(Unseal_In* in, Unseal_Out* out);
/* Shutdown */
cmdIn.shutdown.shutdownType = TPM_SU_CLEAR;
rc = TPM2_Shutdown(&cmdIn.shutdown);

9
src/include.am
View File

@ -4,9 +4,12 @@
lib_LTLIBRARIES+= src/libwolftpm.la
src_libwolftpm_la_SOURCES = src/tpm2.c
src_libwolftpm_la_SOURCES = \
src/tpm2.c \
src/tpm2_wrap.c
src_libwolftpm_la_CFLAGS = -DBUILDING_WOLFTPM $(AM_CFLAGS)
src_libwolftpm_la_CPPFLAGS = -DBUILDING_WOLFTPM $(AM_CPPFLAGS)
src_libwolftpm_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${WOLFTPM_LIBRARY_VERSION}
src_libwolftpm_la_DEPENDENCIES =
EXTRA_DIST +=
#src_libwolftpm_la_DEPENDENCIES =
#EXTRA_DIST +=

36
src/tpm2.c
View File

@ -5065,3 +5065,39 @@ void TPM2_SetupPCRSel(TPML_PCR_SELECTION* pcr, TPM_ALG_ID alg, int pcrIndex)
pcr->pcrSelections[0].pcrSelect[pcrIndex >> 3] = (1 << (pcrIndex & 0x7));
}
}
#ifdef DEBUG_WOLFTPM
#define LINE_LEN 16
void TPM2_Util_PrintBin(const byte* buffer, word32 length)
{
word32 i;
char line[80];
if (!buffer) {
printf("\tNULL");
return;
}
sprintf(line, "\t");
for (i = 0; i < LINE_LEN; i++) {
if (i < length)
sprintf(line + 1 + i * 3,"%02x ", buffer[i]);
else
sprintf(line + 1 + i * 3, " ");
}
sprintf(line + 1 + LINE_LEN * 3, "| ");
for (i = 0; i < LINE_LEN; i++)
if (i < length)
sprintf(line + 3 + LINE_LEN * 3 + i,
"%c", 31 < buffer[i] && buffer[i] < 127 ? buffer[i] : '.');
printf("%s\n", line);
if (length > LINE_LEN)
TPM2_Util_PrintBin(buffer + LINE_LEN, length - LINE_LEN);
}
#endif

47
src/tpm2_wrap.c 100755
View File

@ -0,0 +1,47 @@
/* tpm2_wrap.c
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfTPM.
*
* wolfTPM is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfTPM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#include <wolftpm/tpm2_wrap.h>
int wolfTPM_ReadPCR(int pcrIndex, int alg, byte* digest, int* digest_len)
{
int rc;
PCR_Read_In pcrReadIn;
PCR_Read_Out pcrReadOut;
TPM2_SetupPCRSel(&pcrReadIn.pcrSelectionIn, alg, pcrIndex);
rc = TPM2_PCR_Read(&pcrReadIn, &pcrReadOut);
if (rc != TPM_RC_SUCCESS) {
printf("TPM2_PCR_Read failed %d: %s\n", rc, TPM2_GetRCString(rc));
return rc;
}
*digest_len = (int)pcrReadOut.pcrValues.digests[0].size;
XMEMCPY(digest, pcrReadOut.pcrValues.digests[0].buffer, *digest_len);
#ifdef DEBUG_WOLFTPM
printf("TPM2_PCR_Read: Index %d, Digest Sz %d, Update Counter %d\n",
pcrIndex, *digest_len, (int)pcrReadOut.pcrUpdateCounter);
TPM2_Util_PrintBin(digest, *digest_len);
#endif
return rc;
}

1
wolftpm/include.am
View File

@ -4,5 +4,6 @@
nobase_include_HEADERS+= \
wolftpm/tpm2.h \
wolftpm/tpm2_wrap.h \
wolftpm/version.h \
wolftpm/visibility.h

7
wolftpm/tpm2.h
View File

@ -28,6 +28,7 @@
#include <wolfssl/wolfcrypt/rsa.h>
#include <wolfssl/wolfcrypt/ecc.h>
#ifndef MAX_SPI_FRAMESIZE
#define MAX_SPI_FRAMESIZE 64
#endif
@ -2875,5 +2876,11 @@ WOLFTPM_API const char* TPM2_GetAlgName(TPM_ALG_ID alg);
WOLFTPM_API const char* TPM2_GetRCString(TPM_RC rc);
WOLFTPM_API void TPM2_SetupPCRSel(TPML_PCR_SELECTION* pcr, TPM_ALG_ID alg, int pcrIndex);
#ifdef DEBUG_WOLFTPM
WOLFTPM_API void TPM2_Util_PrintBin(const byte* buffer, word32 length);
#else
#define TPM2_Util_PrintBin(b, l)
#endif
#endif /* __TPM2_H__ */

52
wolftpm/tpm2_wrap.h 100755
View File

@ -0,0 +1,52 @@
/* tpm2_wolf.h
*
* Copyright (C) 2006-2018 wolfSSL Inc.
*
* This file is part of wolfTPM.
*
* wolfTPM is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfTPM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
#ifndef __TPM2_WRAP_H__
#define __TPM2_WRAP_H__
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifndef WOLFSSL_USER_SETTINGS
#include <wolfssl/options.h>
#else
#include <wolfssl/wolfcrypt/settings.h>
#endif
#include <wolftpm/visibility.h>
#include <wolftpm/tpm2.h>
#include <wolfssl/wolfcrypt/types.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/hash.h>
#include <wolfssl/wolfcrypt/rsa.h>
#include <wolfssl/wolfcrypt/ecc.h>
/* Wrapper API's to simplify TPM use */
WOLFTPM_API int wolfTPM_ReadPCR(int pcrIndex, int alg, byte* digest, int* digest_len);
#endif /* __TPM2_WRAP_H__ */