diff --git a/examples/tpm/tpm2_demo.c b/examples/tpm/tpm2_demo.c index 27901c9..c2a7476 100644 --- a/examples/tpm/tpm2_demo.c +++ b/examples/tpm/tpm2_demo.c @@ -30,8 +30,10 @@ #include #include #include +#include #include +#include #include /* Local variables */ @@ -54,48 +56,6 @@ static TPM2_CTX gTpm2Ctx; #define TPM2_USER_CTX NULL #endif -/* Util / Debug */ -#ifdef DEBUG_WOLFTPM -#define LINE_LEN 16 -static void print_bin(const byte* buffer, word32 length) -{ - word32 i; - char line[80]; - - if (!buffer) { - printf("\tNULL"); - return; - } - - sprintf(line, "\t"); - - for (i = 0; i < LINE_LEN; i++) { - if (i < length) - sprintf(line + 1 + i * 3,"%02x ", buffer[i]); - else - sprintf(line + 1 + i * 3, " "); - } - - sprintf(line + 1 + LINE_LEN * 3, "| "); - - for (i = 0; i < LINE_LEN; i++) - if (i < length) - sprintf(line + 3 + LINE_LEN * 3 + i, - "%c", 31 < buffer[i] && buffer[i] < 127 ? buffer[i] : '.'); - - printf("%s\n", line); - - if (length > LINE_LEN) - print_bin(buffer + LINE_LEN, length - LINE_LEN); -} -#else -static void print_bin(const byte* buffer, word32 length) { - (void)buffer; - (void)length; - return; -} -#endif - /* IO Callback */ static TPM_RC TPM2_IoCb(TPM2_CTX* ctx, const byte* txBuf, byte* rxBuf, @@ -154,8 +114,8 @@ static TPM_RC TPM2_IoCb(TPM2_CTX* ctx, const byte* txBuf, byte* rxBuf, #ifdef DEBUG_WOLFTPM //printf("TPM2_IoCb: %d\n", xferSz); - //print_bin(txBuf, xferSz); - //print_bin(rxBuf, xferSz); + //TPM2_Util_PrintBin(txBuf, xferSz); + //TPM2_Util_PrintBin(rxBuf, xferSz); #endif (void)ctx; @@ -204,8 +164,10 @@ int TPM2_Demo(void* userCtx) } cmdOut; int pcrCount, pcrIndex, i; TPML_TAGGED_TPM_PROPERTY* tpmProp; - TPMI_SH_POLICY sessionHandle; + TPM_HANDLE sessionHandle = TPM_RH_NULL; WC_RNG rng; + byte hash[WC_SHA256_DIGEST_SIZE]; + int hash_len = WC_SHA256_DIGEST_SIZE; #ifdef DEBUG_WOLFSSL wolfSSL_Debugging_ON(); @@ -215,7 +177,7 @@ int TPM2_Demo(void* userCtx) rc = wc_InitRng(&rng); if (rc < 0) { - printf("wc_InitRng failed: %d\n", rc); + printf("wc_InitRng failed %d: %s\n", rc, wc_GetErrorString(rc)); return rc; } @@ -253,7 +215,7 @@ int TPM2_Demo(void* userCtx) } printf("TPM2_GetTestResult: Size %d, Rc 0x%x\n", cmdOut.tr.outData.size, cmdOut.tr.testResult); - print_bin(cmdOut.tr.outData.buffer, cmdOut.tr.outData.size); + TPM2_Util_PrintBin(cmdOut.tr.outData.buffer, cmdOut.tr.outData.size); /* Incremental Test */ cmdIn.incSelfTest.toTest.count = 1; @@ -303,7 +265,7 @@ int TPM2_Demo(void* userCtx) goto exit; } printf("TPM2_GetRandom: Got %d bytes\n", cmdOut.getRand.randomBytes.size); - print_bin(cmdOut.getRand.randomBytes.buffer, + TPM2_Util_PrintBin(cmdOut.getRand.randomBytes.buffer, cmdOut.getRand.randomBytes.size); @@ -320,7 +282,7 @@ int TPM2_Demo(void* userCtx) pcrIndex, (int)cmdOut.pcrRead.pcrValues.digests[0].size, (int)cmdOut.pcrRead.pcrUpdateCounter); - print_bin(cmdOut.pcrRead.pcrValues.digests[0].buffer, + TPM2_Util_PrintBin(cmdOut.pcrRead.pcrValues.digests[0].buffer, cmdOut.pcrRead.pcrValues.digests[0].size); } @@ -348,7 +310,7 @@ int TPM2_Demo(void* userCtx) pcrIndex, (int)cmdOut.pcrRead.pcrValues.digests[0].size, (int)cmdOut.pcrRead.pcrUpdateCounter); - print_bin(cmdOut.pcrRead.pcrValues.digests[0].buffer, + TPM2_Util_PrintBin(cmdOut.pcrRead.pcrValues.digests[0].buffer, cmdOut.pcrRead.pcrValues.digests[0].size); @@ -382,22 +344,64 @@ int TPM2_Demo(void* userCtx) goto exit; } printf("TPM2_PolicyGetDigest: size %d\n", cmdOut.policyGetDigest.policyDigest.size); - print_bin(cmdOut.policyGetDigest.policyDigest.buffer, + TPM2_Util_PrintBin(cmdOut.policyGetDigest.policyDigest.buffer, cmdOut.policyGetDigest.policyDigest.size); -#if 0 + /* Read PCR[0] SHA1 */ + rc = wolfTPM_ReadPCR(0, TPM_ALG_SHA1, hash, &hash_len); + if (rc != TPM_RC_SUCCESS) { + printf("TPM2_PCR_Read failed %d: %s\n", rc, TPM2_GetRCString(rc)); + goto exit; + } + + /* Hash SHA256 PCR[0] */ + rc = wc_Hash(WC_HASH_TYPE_SHA256, cmdOut.pcrRead.pcrValues.digests[0].buffer, + cmdOut.pcrRead.pcrValues.digests[0].size, hash, hash_len); + if (rc < 0) { + printf("wc_Hash failed %d: %s\n", rc, wc_GetErrorString(rc)); + goto exit; + } + printf("wc_Hash of PCR[0]: size %d\n", hash_len); + TPM2_Util_PrintBin(hash, hash_len); + /* Policy PCR */ pcrIndex = 0; cmdIn.policyPCR.policySession = sessionHandle; - pcrDigest.size - pcrDigest.buffer - TPM2_SetupPCRSel(&cmdIn.policyPCR.pcrs, TPM_ALG_SHA256, pcrIndex); + cmdIn.policyPCR.pcrDigest.size = hash_len; + memcpy(cmdIn.policyPCR.pcrDigest.buffer, hash, hash_len); + TPM2_SetupPCRSel(&cmdIn.policyPCR.pcrs, TPM_ALG_SHA1, pcrIndex); rc = TPM2_PolicyPCR(&cmdIn.policyPCR); if (rc != TPM_RC_SUCCESS) { printf("TPM2_PolicyPCR failed %d: %s\n", rc, TPM2_GetRCString(rc)); goto exit; } -#endif + printf("TPM2_PolicyPCR: Updated\n"); + + /* Read PCR[0] SHA1 */ + pcrIndex = 0; + TPM2_SetupPCRSel(&cmdIn.pcrRead.pcrSelectionIn, TPM_ALG_SHA1, pcrIndex); + rc = TPM2_PCR_Read(&cmdIn.pcrRead, &cmdOut.pcrRead); + if (rc != TPM_RC_SUCCESS) { + printf("TPM2_PCR_Read failed %d: %s\n", rc, TPM2_GetRCString(rc)); + goto exit; + } + printf("TPM2_PCR_Read: Index %d, Digest Sz %d, Update Counter %d\n", + pcrIndex, + (int)cmdOut.pcrRead.pcrValues.digests[0].size, + (int)cmdOut.pcrRead.pcrUpdateCounter); + TPM2_Util_PrintBin(cmdOut.pcrRead.pcrValues.digests[0].buffer, + cmdOut.pcrRead.pcrValues.digests[0].size); + + /* Close session (TPM2_FlushContext) */ + cmdIn.flushCtx.flushHandle = sessionHandle; + rc = TPM2_FlushContext(&cmdIn.flushCtx); + if (rc != TPM_RC_SUCCESS) { + printf("TPM2_FlushContext failed %d: %s\n", rc, TPM2_GetRCString(rc)); + goto exit; + } + printf("TPM2_FlushContext: Closed sessionHandle 0x%x\n", sessionHandle); + sessionHandle = TPM_RH_NULL; + /* TODO: Add tests for API's */ //rc = TPM2_CreatePrimary(&cmdIn.create, &cmdOut.create); @@ -407,6 +411,8 @@ int TPM2_Demo(void* userCtx) //TPM_RC TPM2_Unseal(Unseal_In* in, Unseal_Out* out); + + /* Shutdown */ cmdIn.shutdown.shutdownType = TPM_SU_CLEAR; rc = TPM2_Shutdown(&cmdIn.shutdown); diff --git a/src/include.am b/src/include.am index fa8eef7..e708b31 100644 --- a/src/include.am +++ b/src/include.am @@ -4,9 +4,12 @@ lib_LTLIBRARIES+= src/libwolftpm.la -src_libwolftpm_la_SOURCES = src/tpm2.c +src_libwolftpm_la_SOURCES = \ + src/tpm2.c \ + src/tpm2_wrap.c src_libwolftpm_la_CFLAGS = -DBUILDING_WOLFTPM $(AM_CFLAGS) src_libwolftpm_la_CPPFLAGS = -DBUILDING_WOLFTPM $(AM_CPPFLAGS) src_libwolftpm_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${WOLFTPM_LIBRARY_VERSION} -src_libwolftpm_la_DEPENDENCIES = -EXTRA_DIST += + +#src_libwolftpm_la_DEPENDENCIES = +#EXTRA_DIST += diff --git a/src/tpm2.c b/src/tpm2.c index 784b075..e0610b3 100644 --- a/src/tpm2.c +++ b/src/tpm2.c @@ -5065,3 +5065,39 @@ void TPM2_SetupPCRSel(TPML_PCR_SELECTION* pcr, TPM_ALG_ID alg, int pcrIndex) pcr->pcrSelections[0].pcrSelect[pcrIndex >> 3] = (1 << (pcrIndex & 0x7)); } } + + +#ifdef DEBUG_WOLFTPM +#define LINE_LEN 16 +void TPM2_Util_PrintBin(const byte* buffer, word32 length) +{ + word32 i; + char line[80]; + + if (!buffer) { + printf("\tNULL"); + return; + } + + sprintf(line, "\t"); + + for (i = 0; i < LINE_LEN; i++) { + if (i < length) + sprintf(line + 1 + i * 3,"%02x ", buffer[i]); + else + sprintf(line + 1 + i * 3, " "); + } + + sprintf(line + 1 + LINE_LEN * 3, "| "); + + for (i = 0; i < LINE_LEN; i++) + if (i < length) + sprintf(line + 3 + LINE_LEN * 3 + i, + "%c", 31 < buffer[i] && buffer[i] < 127 ? buffer[i] : '.'); + + printf("%s\n", line); + + if (length > LINE_LEN) + TPM2_Util_PrintBin(buffer + LINE_LEN, length - LINE_LEN); +} +#endif diff --git a/src/tpm2_wrap.c b/src/tpm2_wrap.c new file mode 100755 index 0000000..3d32ef4 --- /dev/null +++ b/src/tpm2_wrap.c @@ -0,0 +1,47 @@ +/* tpm2_wrap.c + * + * Copyright (C) 2006-2018 wolfSSL Inc. + * + * This file is part of wolfTPM. + * + * wolfTPM is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfTPM is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#include + +int wolfTPM_ReadPCR(int pcrIndex, int alg, byte* digest, int* digest_len) +{ + int rc; + PCR_Read_In pcrReadIn; + PCR_Read_Out pcrReadOut; + + TPM2_SetupPCRSel(&pcrReadIn.pcrSelectionIn, alg, pcrIndex); + rc = TPM2_PCR_Read(&pcrReadIn, &pcrReadOut); + if (rc != TPM_RC_SUCCESS) { + printf("TPM2_PCR_Read failed %d: %s\n", rc, TPM2_GetRCString(rc)); + return rc; + } + + *digest_len = (int)pcrReadOut.pcrValues.digests[0].size; + XMEMCPY(digest, pcrReadOut.pcrValues.digests[0].buffer, *digest_len); + +#ifdef DEBUG_WOLFTPM + printf("TPM2_PCR_Read: Index %d, Digest Sz %d, Update Counter %d\n", + pcrIndex, *digest_len, (int)pcrReadOut.pcrUpdateCounter); + TPM2_Util_PrintBin(digest, *digest_len); +#endif + + return rc; +} diff --git a/wolftpm/include.am b/wolftpm/include.am index f69a7c4..a5920bc 100644 --- a/wolftpm/include.am +++ b/wolftpm/include.am @@ -4,5 +4,6 @@ nobase_include_HEADERS+= \ wolftpm/tpm2.h \ + wolftpm/tpm2_wrap.h \ wolftpm/version.h \ wolftpm/visibility.h diff --git a/wolftpm/tpm2.h b/wolftpm/tpm2.h index ff1a0ab..cc37bf0 100644 --- a/wolftpm/tpm2.h +++ b/wolftpm/tpm2.h @@ -28,6 +28,7 @@ #include #include + #ifndef MAX_SPI_FRAMESIZE #define MAX_SPI_FRAMESIZE 64 #endif @@ -2875,5 +2876,11 @@ WOLFTPM_API const char* TPM2_GetAlgName(TPM_ALG_ID alg); WOLFTPM_API const char* TPM2_GetRCString(TPM_RC rc); WOLFTPM_API void TPM2_SetupPCRSel(TPML_PCR_SELECTION* pcr, TPM_ALG_ID alg, int pcrIndex); +#ifdef DEBUG_WOLFTPM +WOLFTPM_API void TPM2_Util_PrintBin(const byte* buffer, word32 length); +#else +#define TPM2_Util_PrintBin(b, l) +#endif + #endif /* __TPM2_H__ */ diff --git a/wolftpm/tpm2_wrap.h b/wolftpm/tpm2_wrap.h new file mode 100755 index 0000000..dd1862c --- /dev/null +++ b/wolftpm/tpm2_wrap.h @@ -0,0 +1,52 @@ +/* tpm2_wolf.h + * + * Copyright (C) 2006-2018 wolfSSL Inc. + * + * This file is part of wolfTPM. + * + * wolfTPM is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * wolfTPM is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA + */ + +#ifndef __TPM2_WRAP_H__ +#define __TPM2_WRAP_H__ + + +#ifdef HAVE_CONFIG_H + #include +#endif + +#ifndef WOLFSSL_USER_SETTINGS + #include +#else + #include +#endif + +#include +#include + +#include +#include +#include +#include +#include +#include + + + +/* Wrapper API's to simplify TPM use */ +WOLFTPM_API int wolfTPM_ReadPCR(int pcrIndex, int alg, byte* digest, int* digest_len); + + +#endif /* __TPM2_WRAP_H__ */