diff --git a/examples/csr/csr.c b/examples/csr/csr.c index 8fce7d9..1ed002e 100644 --- a/examples/csr/csr.c +++ b/examples/csr/csr.c @@ -156,6 +156,7 @@ int TPM2_CSR_ExampleArgs(void* userCtx, int argc, char *argv[]) #endif TpmCryptoDevCtx tpmCtx; int tpmDevId; + TPMT_PUBLIC publicTemplate; printf("TPM2 CSR Example\n"); @@ -169,10 +170,12 @@ int TPM2_CSR_ExampleArgs(void* userCtx, int argc, char *argv[]) /* Setup the wolf crypto device callback */ XMEMSET(&tpmCtx, 0, sizeof(tpmCtx)); #ifndef NO_RSA + XMEMSET(&rsaKey, 0, sizeof(rsaKey)); XMEMSET(&wolfRsaKey, 0, sizeof(wolfRsaKey)); tpmCtx.rsaKey = &rsaKey; #endif #ifdef HAVE_ECC + XMEMSET(&eccKey, 0, sizeof(eccKey)); XMEMSET(&wolfEccKey, 0, sizeof(wolfEccKey)); tpmCtx.eccKey = &eccKey; #endif @@ -184,12 +187,18 @@ int TPM2_CSR_ExampleArgs(void* userCtx, int argc, char *argv[]) if (rc != 0) goto exit; #ifndef NO_RSA + rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate, + TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | + TPMA_OBJECT_decrypt | TPMA_OBJECT_sign | TPMA_OBJECT_noDA); + if (rc != 0) goto exit; + rc = getRSAkey(&dev, &storageKey, &rsaKey, &wolfRsaKey, tpmDevId, - (byte*)gKeyAuth, sizeof(gKeyAuth)-1); + (byte*)gKeyAuth, sizeof(gKeyAuth)-1, + &publicTemplate); if (rc != 0) goto exit; rc = TPM2_CSR_Generate(&dev, RSA_TYPE, &wolfRsaKey, gClientCertRsaFile); @@ -198,12 +207,18 @@ int TPM2_CSR_ExampleArgs(void* userCtx, int argc, char *argv[]) #ifdef HAVE_ECC - rc = getECCkey(&dev, - &storageKey, - &eccKey, - &wolfEccKey, - tpmDevId, - (byte*)gKeyAuth, sizeof(gKeyAuth)-1); + rc = wolfTPM2_GetKeyTemplate_ECC(&publicTemplate, + TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | + TPMA_OBJECT_sign | TPMA_OBJECT_noDA, + TPM_ECC_NIST_P256, TPM_ALG_ECDSA); + if (rc != 0) goto exit; + rc = getECCkey(&dev, + &storageKey, + &eccKey, + &wolfEccKey, + tpmDevId, + (byte*)gKeyAuth, sizeof(gKeyAuth)-1, + &publicTemplate); if (rc != 0) goto exit; rc = TPM2_CSR_Generate(&dev, ECC_TYPE, &wolfEccKey, gClientCertEccFile); diff --git a/examples/keygen/keygen.c b/examples/keygen/keygen.c index 9c9043d..85e82eb 100644 --- a/examples/keygen/keygen.c +++ b/examples/keygen/keygen.c @@ -56,10 +56,6 @@ int TPM2_Keygen_Example(void* userCtx, int argc, char *argv[]) WOLFTPM2_SESSION tpmSession; TPM2B_AUTH auth; int bAIK = 1; -#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_FILESYSTEM) - XFILE f; - size_t fileSz = 0; -#endif const char* outputFile = "keyblob.bin"; if (argc >= 2) { @@ -178,14 +174,7 @@ int TPM2_Keygen_Example(void* userCtx, int argc, char *argv[]) /* Save key as encrypted blob to the disk */ #if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_FILESYSTEM) - f = XFOPEN(outputFile, "wb"); - if (f != XBADFILE) { - newKey.pub.size = sizeof(newKey.pub); - fileSz += XFWRITE(&newKey.pub, 1, sizeof(newKey.pub), f); - fileSz += XFWRITE(&newKey.priv, 1, sizeof(UINT16) + newKey.priv.size, f); - XFCLOSE(f); - } - printf("Wrote %d bytes to %s\n", (int)fileSz, outputFile); + rc = writeKeyBlob(outputFile, &newKey); #else printf("Key Public Blob %d\n", newKey.pub.size); TPM2_PrintBin((const byte*)&newKey.pub.publicArea, newKey.pub.size); diff --git a/examples/keygen/keyimport.c b/examples/keygen/keyimport.c index b6af55c..7477104 100644 --- a/examples/keygen/keyimport.c +++ b/examples/keygen/keyimport.c @@ -54,10 +54,6 @@ int TPM2_Keyimport_Example(void* userCtx, int argc, char *argv[]) TPMI_ALG_PUBLIC alg = TPM_ALG_RSA; /* TPM_ALG_ECC */ TPM_ALG_ID paramEncAlg = TPM_ALG_NULL; WOLFTPM2_SESSION tpmSession; -#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_FILESYSTEM) - XFILE f; - size_t fileSz = 0; -#endif const char* outputFile = "keyblob.bin"; if (argc >= 2) { @@ -144,14 +140,7 @@ int TPM2_Keyimport_Example(void* userCtx, int argc, char *argv[]) /* Save key as encrypted blob to the disk */ #if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_FILESYSTEM) - f = XFOPEN(outputFile, "wb"); - if (f != XBADFILE) { - impKey.pub.size = sizeof(impKey.pub); - fileSz += XFWRITE(&impKey.pub, 1, sizeof(impKey.pub), f); - fileSz += XFWRITE(&impKey.priv, 1, sizeof(UINT16) + impKey.priv.size, f); - XFCLOSE(f); - } - printf("Wrote %d bytes to %s\n", (int)fileSz, outputFile); + rc = writeKeyBlob(outputFile, &impKey); #else printf("Key Public Blob %d\n", impKey.pub.size); TPM2_PrintBin((const byte*)&impKey.pub.publicArea, impKey.pub.size); diff --git a/examples/keygen/keyload.c b/examples/keygen/keyload.c index 43bd1c5..07d0390 100644 --- a/examples/keygen/keyload.c +++ b/examples/keygen/keyload.c @@ -59,9 +59,6 @@ int TPM2_Keyload_Example(void* userCtx, int argc, char *argv[]) WOLFTPM2_KEYBLOB newKey; TPM_ALG_ID paramEncAlg = TPM_ALG_NULL; WOLFTPM2_SESSION tpmSession; -#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_FILESYSTEM) - XFILE f; -#endif const char* inputFile = "keyblob.bin"; if (argc >= 2) { @@ -119,50 +116,8 @@ int TPM2_Keyload_Example(void* userCtx, int argc, char *argv[]) /* Load encrypted key from the disk */ #if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_FILESYSTEM) - f = XFOPEN(inputFile, "rb"); - if (f != XBADFILE) { - size_t fileSz; - size_t bytes_read; - - XFSEEK(f, 0, XSEEK_END); - fileSz = XFTELL(f); - XREWIND(f); - if (fileSz > sizeof(newKey.priv) + sizeof(newKey.pub)) { - printf("File size check failed\n"); - rc = BUFFER_E; goto exit; - } - printf("Reading %d bytes from %s\n", (int)fileSz, inputFile); - - bytes_read = XFREAD(&newKey.pub, 1, sizeof(newKey.pub), f); - if (bytes_read != sizeof(newKey.pub)) { - printf("Read %zu, expected public blob %zu bytes\n", bytes_read, sizeof(newKey.pub)); - rc = BUFFER_E; - XFCLOSE(f); - goto exit; - } - - if (fileSz > sizeof(newKey.pub)) { - fileSz -= sizeof(newKey.pub); - bytes_read = XFREAD(&newKey.priv, 1, fileSz, f); - if (bytes_read != fileSz) { - rc = BUFFER_E; - XFCLOSE(f); - goto exit; - } - } - XFCLOSE(f); - - /* sanity check the sizes */ - if (newKey.pub.size != sizeof(newKey.pub) || newKey.priv.size > sizeof(newKey.priv.buffer)) { - printf("Struct size check failed (pub %d, priv %d)\n", newKey.pub.size, newKey.priv.size); - rc = BUFFER_E; goto exit; - } - } - else { - rc = BUFFER_E; - printf("File %s not found!\n", inputFile); - goto exit; - } + rc = readKeyBlob(inputFile, &newKey); + if (rc != 0) goto exit; #else /* TODO: Option to load hex blob */ printf("Loading blob from disk not supported\n"); diff --git a/examples/pkcs7/pkcs7.c b/examples/pkcs7/pkcs7.c index 7f313e6..71c851f 100644 --- a/examples/pkcs7/pkcs7.c +++ b/examples/pkcs7/pkcs7.c @@ -335,26 +335,19 @@ int TPM2_PKCS7_ExampleArgs(void* userCtx, int argc, char *argv[]) if (rc != 0) goto exit; /* Create/Load RSA key for PKCS7 signing */ - rc = wolfTPM2_ReadPublicKey(&dev, &rsaKey, TPM2_DEMO_RSA_KEY_HANDLE); - if (rc != 0) { - rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate, - TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | - TPMA_OBJECT_decrypt | TPMA_OBJECT_sign | TPMA_OBJECT_noDA); - if (rc != 0) goto exit; - rc = wolfTPM2_CreateAndLoadKey(&dev, &rsaKey, &storageKey.handle, - &publicTemplate, (byte*)gKeyAuth, sizeof(gKeyAuth)-1); - if (rc != 0) goto exit; + rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate, + TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | + TPMA_OBJECT_decrypt | TPMA_OBJECT_sign | TPMA_OBJECT_noDA); + if (rc != 0) goto exit; - /* Move this key into persistent storage */ - rc = wolfTPM2_NVStoreKey(&dev, TPM_RH_OWNER, &rsaKey, - TPM2_DEMO_RSA_KEY_HANDLE); - if (rc != 0) goto exit; - } - else { - /* specify auth password for rsa key */ - rsaKey.handle.auth.size = sizeof(gKeyAuth)-1; - XMEMCPY(rsaKey.handle.auth.buffer, gKeyAuth, rsaKey.handle.auth.size); - } + rc = getRSAkey(&dev, + &storageKey, + &rsaKey, + NULL, + tpmDevId, + (byte*)gKeyAuth, sizeof(gKeyAuth)-1, + &publicTemplate); + if (rc != 0) goto exit; wolfTPM2_SetAuthHandle(&dev, 0, &rsaKey.handle); diff --git a/examples/tls/tls_client.c b/examples/tls/tls_client.c index 4f1658b..950a36a 100644 --- a/examples/tls/tls_client.c +++ b/examples/tls/tls_client.c @@ -123,6 +123,7 @@ int TPM2_TLS_ClientArgs(void* userCtx, int argc, char *argv[]) int useECC = 0; TPM_ALG_ID paramEncAlg = TPM_ALG_NULL; WOLFTPM2_SESSION tpmSession; + TPMT_PUBLIC publicTemplate; /* initialize variables */ XMEMSET(&storageKey, 0, sizeof(storageKey)); @@ -206,12 +207,17 @@ int TPM2_TLS_ClientArgs(void* userCtx, int argc, char *argv[]) #ifndef NO_RSA if (!useECC) { /* Create/Load RSA key for TLS authentication */ + rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate, + TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | + TPMA_OBJECT_decrypt | TPMA_OBJECT_sign | TPMA_OBJECT_noDA); + if (rc != 0) goto exit; rc = getRSAkey(&dev, &storageKey, &rsaKey, &wolfRsaKey, tpmDevId, - (byte*)gKeyAuth, sizeof(gKeyAuth)-1); + (byte*)gKeyAuth, sizeof(gKeyAuth)-1, + &publicTemplate); if (rc != 0) goto exit; } #endif /* !NO_RSA */ @@ -219,12 +225,18 @@ int TPM2_TLS_ClientArgs(void* userCtx, int argc, char *argv[]) #ifdef HAVE_ECC if (useECC) { /* Create/Load ECC key for TLS authentication */ + rc = wolfTPM2_GetKeyTemplate_ECC(&publicTemplate, + TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | + TPMA_OBJECT_sign | TPMA_OBJECT_noDA, + TPM_ECC_NIST_P256, TPM_ALG_ECDSA); + if (rc != 0) goto exit; rc = getECCkey(&dev, &storageKey, &eccKey, &wolfEccKey, tpmDevId, - (byte*)gKeyAuth, sizeof(gKeyAuth)-1); + (byte*)gKeyAuth, sizeof(gKeyAuth)-1, + &publicTemplate); if (rc != 0) goto exit; } diff --git a/examples/tls/tls_server.c b/examples/tls/tls_server.c index 57bd78b..cdfea66 100644 --- a/examples/tls/tls_server.c +++ b/examples/tls/tls_server.c @@ -130,6 +130,7 @@ int TPM2_TLS_ServerArgs(void* userCtx, int argc, char *argv[]) int useECC = 0; TPM_ALG_ID paramEncAlg = TPM_ALG_NULL; WOLFTPM2_SESSION tpmSession; + TPMT_PUBLIC publicTemplate; /* initialize variables */ XMEMSET(&storageKey, 0, sizeof(storageKey)); @@ -218,12 +219,17 @@ int TPM2_TLS_ServerArgs(void* userCtx, int argc, char *argv[]) #ifndef NO_RSA if (!useECC) { /* Create/Load RSA key for TLS authentication */ + rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate, + TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | + TPMA_OBJECT_decrypt | TPMA_OBJECT_sign | TPMA_OBJECT_noDA); + if (rc != 0) goto exit; rc = getRSAkey(&dev, &storageKey, &rsaKey, &wolfRsaKey, tpmDevId, - (byte*)gKeyAuth, sizeof(gKeyAuth)-1); + (byte*)gKeyAuth, sizeof(gKeyAuth)-1, + &publicTemplate); if (rc != 0) goto exit; } #endif /* !NO_RSA */ @@ -231,12 +237,18 @@ int TPM2_TLS_ServerArgs(void* userCtx, int argc, char *argv[]) #ifdef HAVE_ECC if (useECC) { /* Create/Load ECC key for TLS authentication */ + rc = wolfTPM2_GetKeyTemplate_ECC(&publicTemplate, + TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth | + TPMA_OBJECT_sign | TPMA_OBJECT_noDA, + TPM_ECC_NIST_P256, TPM_ALG_ECDSA); + if (rc != 0) goto exit; rc = getECCkey(&dev, &storageKey, &eccKey, &wolfEccKey, tpmDevId, - (byte*)gKeyAuth, sizeof(gKeyAuth)-1); + (byte*)gKeyAuth, sizeof(gKeyAuth)-1, + &publicTemplate); if (rc != 0) goto exit; } diff --git a/examples/tpm_test_keys.c b/examples/tpm_test_keys.c index 1dcf732..f53fbec 100644 --- a/examples/tpm_test_keys.c +++ b/examples/tpm_test_keys.c @@ -35,8 +35,7 @@ #ifndef WOLFTPM2_NO_WRAPPER -#if 0 -static int writeKeyBlob(const char* filename, +int writeKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key) { int rc = 0; @@ -58,9 +57,8 @@ static int writeKeyBlob(const char* filename, #endif /* !NO_FILESYSTEM && !NO_WRITE_TEMP_FILES */ return rc; } -#endif -static int readKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key) +int readKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key) { int rc = 0; #if !defined(NO_FILESYSTEM) && !defined(NO_WRITE_TEMP_FILES) @@ -93,6 +91,7 @@ static int readKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key) printf("Read %zu, expected private blob %zu bytes\n", bytes_read, fileSz); goto exit; } + rc = 0; /* success */ } /* sanity check the sizes */ @@ -120,7 +119,65 @@ exit: return rc; } -static int readAndLoadKey(WOLFTPM2_DEV* pDev, +int createAndLoadKey(WOLFTPM2_DEV* pDev, + WOLFTPM2_KEY* key, + WOLFTPM2_HANDLE* parent, + const char* filename, + const byte* auth, + int authSz, + TPMT_PUBLIC* publicTemplate) +{ + int rc; + WOLFTPM2_KEYBLOB keyblob; + + rc = readAndLoadKey(pDev, key, parent, filename, auth, authSz); + if (rc == 0) { + return rc; + } + /* read failed, so let's create a new key */ + + /* if a public template was not provided we cannot create */ + if (publicTemplate == NULL) { + return BUFFER_E; + } + + + XMEMSET(&keyblob, 0, sizeof(keyblob)); + rc = wolfTPM2_CreateKey(pDev, &keyblob, parent, + publicTemplate, auth, authSz); + if (rc != TPM_RC_SUCCESS) { + printf("wolfTPM2_CreateKey failed\n"); + return rc; + } + printf("Created new key (pub %d, priv %d bytes)\n", + keyblob.pub.size, keyblob.priv.size); + + /* Save key as encrypted blob to the disk */ +#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_FILESYSTEM) + rc = writeKeyBlob(filename, &keyblob); + if (rc != 0) { + return rc; + } +#endif + + /* Load Key */ + rc = wolfTPM2_LoadKey(pDev, &keyblob, parent); + if (rc != TPM_RC_SUCCESS) { + printf("wolfTPM2_LoadKey failed\n"); + return rc; + } + printf("Loaded key to 0x%x\n", + (word32)keyblob.handle.hndl); + + key->handle = keyblob.handle; + key->pub = keyblob.pub; + key->handle.auth.size = authSz; + XMEMCPY(key->handle.auth.buffer, auth, authSz); + + return rc; +} + +int readAndLoadKey(WOLFTPM2_DEV* pDev, WOLFTPM2_KEY* key, WOLFTPM2_HANDLE* parent, const char* filename, @@ -134,7 +191,11 @@ static int readAndLoadKey(WOLFTPM2_DEV* pDev, XMEMSET(key, 0, sizeof(WOLFTPM2_KEY)); rc = readKeyBlob(filename, &keyblob); - if (rc != 0) return rc; + if (rc != 0) { + /* if does not exist - create */ + + return rc; + } rc = wolfTPM2_LoadKey(pDev, &keyblob, parent); if (rc != TPM_RC_SUCCESS) { @@ -188,79 +249,71 @@ int getPrimaryStoragekey(WOLFTPM2_DEV* pDev, return rc; } -#ifndef NO_RSA -#ifdef WOLFTPM2_NO_WOLFCRYPT int getRSAkey(WOLFTPM2_DEV* pDev, WOLFTPM2_KEY* pStorageKey, WOLFTPM2_KEY* key, - const byte* auth, int authSz) -#else -int getRSAkey(WOLFTPM2_DEV* pDev, - WOLFTPM2_KEY* pStorageKey, - WOLFTPM2_KEY* key, - RsaKey* pWolfRsaKey, + void* pWolfRsaKey, int tpmDevId, - const byte* auth, int authSz) -#endif /* WOLFTPM2_NO_WOLFCRYPT */ - + const byte* auth, int authSz, + TPMT_PUBLIC* publicTemplate) { int rc = 0; - rc = readAndLoadKey(pDev, key, &pStorageKey->handle, + /* Create/Load RSA key */ + rc = createAndLoadKey(pDev, key, &pStorageKey->handle, RSA_FILENAME, - auth, authSz); + auth, authSz, publicTemplate); if (rc != 0) { return rc; } -#if !defined(WOLFTPM2_NO_WOLFCRYPT) - /* setup wolf RSA key with TPM deviceID, so crypto callbacks are used */ - rc = wc_InitRsaKey_ex(pWolfRsaKey, NULL, tpmDevId); - if (rc != 0) return rc; +#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_RSA) + if (pWolfRsaKey) { + /* setup wolf RSA key with TPM deviceID, so crypto callbacks are used */ + rc = wc_InitRsaKey_ex(pWolfRsaKey, NULL, tpmDevId); + if (rc != 0) return rc; - /* load public portion of key into wolf RSA Key */ - rc = wolfTPM2_RsaKey_TpmToWolf(pDev, key, pWolfRsaKey); -#endif /* !defined(WOLFTPM2_NO_WOLFCRYPT) */ + /* load public portion of key into wolf RSA Key */ + rc = wolfTPM2_RsaKey_TpmToWolf(pDev, key, (RsaKey*)pWolfRsaKey); + } +#else + (void)pWolfRsaKey; +#endif /* !WOLFTPM2_NO_WOLFCRYPT && !NO_RSA */ return rc; } -#endif /* !NO_RSA */ - -#ifdef HAVE_ECC -#ifdef WOLFTPM2_NO_WOLFCRYPT int getECCkey(WOLFTPM2_DEV* pDev, WOLFTPM2_KEY* pStorageKey, WOLFTPM2_KEY* key, - const byte* auth, int authSz) -#else -int getECCkey(WOLFTPM2_DEV* pDev, - WOLFTPM2_KEY* pStorageKey, - WOLFTPM2_KEY* key, - ecc_key* pWolfEccKey, + void* pWolfEccKey, int tpmDevId, - const byte* auth, int authSz) -#endif + const byte* auth, int authSz, + TPMT_PUBLIC* publicTemplate) { int rc = 0; /* Create/Load ECC key */ - rc = readAndLoadKey(pDev, key, &pStorageKey->handle, + rc = createAndLoadKey(pDev, key, &pStorageKey->handle, ECC_FILENAME, - auth, authSz); + auth, authSz, publicTemplate); if (rc != 0) { return rc; } -#if !defined(WOLFTPM2_NO_WOLFCRYPT) - /* setup wolf ECC key with TPM deviceID, so crypto callbacks are used */ - rc = wc_ecc_init_ex(pWolfEccKey, NULL, tpmDevId); - if (rc != 0) return rc; +#if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(HAVE_ECC) + if (pWolfEccKey) { + /* setup wolf ECC key with TPM deviceID, so crypto callbacks are used */ + rc = wc_ecc_init_ex(pWolfEccKey, NULL, tpmDevId); + if (rc != 0) return rc; - /* load public portion of key into wolf ECC Key */ - rc = wolfTPM2_EccKey_TpmToWolf(pDev, key, pWolfEccKey); -#endif /* !defined(WOLFTPM2_NO_WOLFCRYPT) */ + /* load public portion of key into wolf ECC Key */ + rc = wolfTPM2_EccKey_TpmToWolf(pDev, key, (ecc_key*)pWolfEccKey); + } +#else + (void)pWolfEccKey; +#endif /* !WOLFTPM2_NO_WRAPPER && HAVE_ECC */ return rc; } -#endif /* HAVE_ECC */ + #endif /* !WOLFTPM2_NO_WRAPPER */ diff --git a/examples/tpm_test_keys.h b/examples/tpm_test_keys.h index e0544a4..bc89185 100644 --- a/examples/tpm_test_keys.h +++ b/examples/tpm_test_keys.h @@ -26,41 +26,46 @@ #include #include +WOLFTPM_LOCAL int readKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key); +WOLFTPM_LOCAL int writeKeyBlob(const char* filename, WOLFTPM2_KEYBLOB* key); + + +WOLFTPM_LOCAL int readAndLoadKey(WOLFTPM2_DEV* pDev, + WOLFTPM2_KEY* key, + WOLFTPM2_HANDLE* parent, + const char* filename, + const byte* auth, + int authSz); + +WOLFTPM_LOCAL int createAndLoadKey(WOLFTPM2_DEV* pDev, + WOLFTPM2_KEY* key, + WOLFTPM2_HANDLE* parent, + const char* filename, + const byte* auth, + int authSz, + TPMT_PUBLIC* publicTemplate); + + WOLFTPM_LOCAL int getPrimaryStoragekey(WOLFTPM2_DEV* pDev, WOLFTPM2_KEY* pStorageKey, TPM_ALG_ID alg); -#ifndef NO_RSA -#ifdef WOLFTPM2_NO_WOLFCRYPT WOLFTPM_LOCAL int getRSAkey(WOLFTPM2_DEV* pDev, WOLFTPM2_KEY* pStorageKey, WOLFTPM2_KEY* key, - const byte* auth, int authSz); -#else -WOLFTPM_LOCAL int getRSAkey(WOLFTPM2_DEV* pDev, - WOLFTPM2_KEY* pStorageKey, - WOLFTPM2_KEY* key, - RsaKey* pWolfRsaKey, + void* pWolfRsaKey, int tpmDevId, - const byte* auth, int authSz); -#endif /* WOLFTPM2_NO_WOLFCRYPT */ -#endif + const byte* auth, int authSz, + TPMT_PUBLIC* publicTemplate); -#ifdef HAVE_ECC -#ifdef WOLFTPM2_NO_WOLFCRYPT WOLFTPM_LOCAL int getECCkey(WOLFTPM2_DEV* pDev, WOLFTPM2_KEY* pStorageKey, WOLFTPM2_KEY* key, - const byte* auth, int authSz); -#else -WOLFTPM_LOCAL int getECCkey(WOLFTPM2_DEV* pDev, - WOLFTPM2_KEY* pStorageKey, - WOLFTPM2_KEY* key, - ecc_key* pWolfEccKey, + void* pWolfEccKey, int tpmDevId, - const byte* auth, int authSz); -#endif -#endif + const byte* auth, int authSz, + TPMT_PUBLIC* publicTemplate); #endif /* !WOLFTPM2_NO_WRAPPER */ + #endif /* _TPM_TEST_KEYS_H_ */ diff --git a/src/tpm2_packet.c b/src/tpm2_packet.c index 33effff..a8293c2 100644 --- a/src/tpm2_packet.c +++ b/src/tpm2_packet.c @@ -410,6 +410,7 @@ void TPM2_Packet_AppendSymmetric(TPM2_Packet* packet, TPMT_SYM_DEF* symmetric) } void TPM2_Packet_ParseSymmetric(TPM2_Packet* packet, TPMT_SYM_DEF* symmetric) { + XMEMSET(symmetric, 0, sizeof(TPMT_SYM_DEF)); TPM2_Packet_ParseU16(packet, &symmetric->algorithm); switch (symmetric->algorithm) { case TPM_ALG_XOR: