WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfTPM/examples/wrap/wrap_test.c

1064 lines
38 KiB
C
Raw Permalink Blame History

/* wrap_test.c
*
* Copyright (C) 2006-2024 wolfSSL Inc.
*
* This file is part of wolfTPM.
*
* wolfTPM is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* wolfTPM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
*/
/* This example shows using the TPM2 wrapper API's in TPM2_Wrapper_Test() below.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <wolftpm/tpm2.h>
#include <wolftpm/tpm2_wrap.h>
#include <stdio.h>
#ifndef WOLFTPM2_NO_WRAPPER
#include <hal/tpm_io.h>
#include <examples/tpm_test.h>
#include <examples/wrap/wrap_test.h>
/* Configuration */
#if 0
#define ENABLE_LARGE_HASH_TEST /* optional large hash test */
#endif
/******************************************************************************/
/* --- BEGIN Wrapper API Tests -- */
/******************************************************************************/
static int resetTPM = 0;
void TPM2_Wrapper_SetReset(int reset)
{
resetTPM = reset;
}
static void usage(void)
{
printf("Expected Usage:\n");
printf("./examples/wrap/wrap_test [-aes/xor]\n");
printf("* -aes/xor: Use Parameter Encryption\n");
}
int TPM2_Wrapper_Test(void* userCtx)
{
return TPM2_Wrapper_TestArgs(userCtx, 0, NULL);
}
int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
{
int rc, i;
WOLFTPM2_DEV dev;
WOLFTPM2_CAPS caps;
WOLFTPM2_KEY ekKey;
WOLFTPM2_KEY storageKey;
WOLFTPM2_KEY rsaKey;
WOLFTPM2_KEY eccKey;
WOLFTPM2_KEY publicKey;
WOLFTPM2_KEY aesKey;
WOLFTPM2_KEYBLOB testKey;
byte aesIv[MAX_AES_BLOCK_SIZE_BYTES];
WOLFTPM2_BUFFER message;
WOLFTPM2_BUFFER cipher;
WOLFTPM2_BUFFER plain;
TPMT_PUBLIC publicTemplate;
TPM2B_ECC_POINT pubPoint;
#ifndef WOLFTPM_WINAPI
word32 nvAttributes = 0;
#endif
#ifdef WOLFTPM_CRYPTOCB
TpmCryptoDevCtx tpmCtx;
#endif
WOLFTPM2_HASH hash;
byte hashBuf[TPM_MAX_DIGEST_SIZE];
int hashSz;
#ifdef ENABLE_LARGE_HASH_TEST
const char* hashTestDig =
"\x27\x78\x3e\x87\x96\x3a\x4e\xfb\x68\x29\xb5\x31\xc9\xba\x57\xb4"
"\x4f\x45\x79\x7f\x67\x70\xbd\x63\x7f\xbf\x0d\x80\x7c\xbd\xba\xe0";
#else
const char* hashTestData =
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
const char* hashTestDig =
"\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60\x39"
"\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB\x06\xC1";
#endif
WOLFTPM2_HMAC hmac;
const char* hmacTestKey =
"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
"\x0b\x0b\x0b\x0b";
const char* hmacTestData = "Hi There";
const char* hmacTestDig =
"\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b"
"\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7";
#ifndef WOLFTPM2_NO_WOLFCRYPT
int tpmDevId = INVALID_DEVID;
#if (defined(HAVE_ECC) || !defined(NO_RSA)) && !defined(NO_ASN)
word32 idx;
#endif
#ifndef NO_RSA
RsaKey wolfRsaPubKey;
RsaKey wolfRsaPrivKey;
#endif
#ifdef HAVE_ECC
ecc_key wolfEccPubKey;
ecc_key wolfEccPrivKey;
#endif
#endif /* !WOLFTPM2_NO_WOLFCRYPT */
TPM_ALG_ID paramEncAlg = TPM_ALG_NULL;
WOLFTPM2_SESSION tpmSession;
XMEMSET(&aesKey, 0, sizeof(aesKey));
XMEMSET(&publicKey, 0, sizeof(publicKey));
#ifndef WOLFTPM2_NO_WOLFCRYPT
#ifndef NO_RSA
XMEMSET(&wolfRsaPubKey, 0, sizeof(wolfRsaPubKey));
XMEMSET(&wolfRsaPrivKey, 0, sizeof(wolfRsaPrivKey));
#endif
#ifdef HAVE_ECC
XMEMSET(&wolfEccPubKey, 0, sizeof(wolfEccPubKey));
XMEMSET(&wolfEccPrivKey, 0, sizeof(wolfEccPrivKey));
#endif
#endif /* !WOLFTPM2_NO_WOLFCRYPT */
XMEMSET(&tpmSession, 0, sizeof(tpmSession));
XMEMSET(&storageKey, 0, sizeof(storageKey));
XMEMSET(&testKey, 0, sizeof(testKey));
if (argc >= 2) {
if (XSTRCMP(argv[1], "-?") == 0 ||
XSTRCMP(argv[1], "-h") == 0 ||
XSTRCMP(argv[1], "--help") == 0) {
usage();
return 0;
}
}
while (argc > 1) {
if (XSTRCMP(argv[argc-1], "-aes") == 0) {
paramEncAlg = TPM_ALG_CFB;
}
else if (XSTRCMP(argv[argc-1], "-xor") == 0) {
paramEncAlg = TPM_ALG_XOR;
}
else {
printf("Warning: Unrecognized option: %s\n", argv[argc-1]);
}
argc--;
}
printf("TPM2 Demo for Wrapper API's\n");
/* Init the TPM2 device */
rc = wolfTPM2_Init(&dev, TPM2_IoCb, userCtx);
if (rc != 0) return rc;
#ifdef WOLFTPM_CRYPTOCB
/* Setup the wolf crypto device callback */
XMEMSET(&tpmCtx, 0, sizeof(tpmCtx));
#ifndef NO_RSA
XMEMSET(&rsaKey, 0, sizeof(rsaKey));
tpmCtx.rsaKey = &rsaKey;
#endif
#ifdef HAVE_ECC
XMEMSET(&eccKey, 0, sizeof(eccKey));
tpmCtx.eccKey = &eccKey;
#endif
tpmCtx.storageKey = &storageKey;
rc = wolfTPM2_SetCryptoDevCb(&dev, wolfTPM2_CryptoDevCb, &tpmCtx, &tpmDevId);
if (rc != 0) goto exit;
#endif
rc = wolfTPM2_GetCapabilities(&dev, &caps);
if (rc != 0) goto exit;
printf("Mfg %s (%d), Vendor %s, Fw %u.%u (0x%x), "
"FIPS 140-2 %d, CC-EAL4 %d\n",
caps.mfgStr, caps.mfg, caps.vendorStr, caps.fwVerMajor,
caps.fwVerMinor, caps.fwVerVendor, caps.fips140_2, caps.cc_eal4);
#if defined(WOLFTPM_SLB9672) || defined(WOLFTPM_SLB9673)
printf("\tKeyGroupId 0x%x, Operational Mode 0x%x, FwCounter %d (%d same)\n",
caps.keyGroupId, caps.opMode, caps.fwCounter, caps.fwCounterSame);
#endif
/* List the active persistent handles */
rc = wolfTPM2_GetHandles(PERSISTENT_FIRST, NULL);
if (rc >= 0) {
printf("Found %d persistent handles\n", rc);
}
if (resetTPM) {
/* reset all content on TPM and reseed */
rc = wolfTPM2_Clear(&dev);
if (rc != 0) return rc;
}
/* unload all transient handles */
rc = wolfTPM2_UnloadHandles_AllTransient(&dev);
if (rc != 0) goto exit;
/*------------------------------------------------------------------------*/
/* RSA TESTS */
/*------------------------------------------------------------------------*/
/* Get the RSA endorsement key (EK) */
rc = wolfTPM2_GetKeyTemplate_RSA_EK(&publicTemplate);
if (rc != 0) goto exit;
rc = wolfTPM2_CreatePrimaryKey(&dev, &ekKey, TPM_RH_ENDORSEMENT,
&publicTemplate, NULL, 0);
if (rc != 0) goto exit;
wolfTPM2_UnloadHandle(&dev, &ekKey.handle);
/* See if RSA primary storage key already exists */
rc = wolfTPM2_ReadPublicKey(&dev, &storageKey,
TPM2_DEMO_STORAGE_KEY_HANDLE);
#ifdef TEST_WRAP_DELETE_KEY
if (rc == 0) {
storageKey.handle.hndl = TPM2_DEMO_STORAGE_KEY_HANDLE;
rc = wolfTPM2_NVDeleteKey(&dev, TPM_RH_OWNER, &storageKey);
if (rc != 0) goto exit;
rc = TPM_RC_HANDLE; /* mark handle as missing */
}
#endif
if (rc != 0) {
/* Create primary storage key (RSA) */
rc = wolfTPM2_CreateSRK(&dev, &storageKey, TPM_ALG_RSA,
(byte*)gStorageKeyAuth, sizeof(gStorageKeyAuth)-1);
if (rc != 0) goto exit;
/* Move this key into persistent storage */
rc = wolfTPM2_NVStoreKey(&dev, TPM_RH_OWNER, &storageKey,
TPM2_DEMO_STORAGE_KEY_HANDLE);
if (!WOLFTPM_IS_COMMAND_UNAVAILABLE(rc) && rc != 0) goto exit;
printf("Created new RSA Primary Storage Key at 0x%x\n",
TPM2_DEMO_STORAGE_KEY_HANDLE);
}
else {
/* specify auth password for storage key */
storageKey.handle.auth.size = sizeof(gStorageKeyAuth)-1;
XMEMCPY(storageKey.handle.auth.buffer, gStorageKeyAuth,
storageKey.handle.auth.size);
}
/* Start an authenticated session (salted / unbound) with parameter encryption */
if (paramEncAlg != TPM_ALG_NULL) {
void* bindKey = &storageKey;
#ifdef NO_RSA
bindKey = NULL; /* cannot bind to key without RSA enabled */
#endif
rc = wolfTPM2_StartSession(&dev, &tpmSession, bindKey, NULL,
TPM_SE_HMAC, paramEncAlg);
if (rc != 0) goto exit;
printf("TPM2_StartAuthSession: sessionHandle 0x%x\n",
(word32)tpmSession.handle.hndl);
/* set session for authorization of the storage key */
rc = wolfTPM2_SetAuthSession(&dev, 0, &tpmSession,
(TPMA_SESSION_decrypt | TPMA_SESSION_encrypt | TPMA_SESSION_continueSession));
if (rc != 0) goto exit;
}
/* Create RSA key to test CreateLoaded */
rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate,
TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth |
TPMA_OBJECT_sign | TPMA_OBJECT_noDA);
if (rc != 0) goto exit;
rc = wolfTPM2_CreateLoadedKey(&dev, &testKey, &storageKey.handle,
&publicTemplate, (byte*)gKeyAuth, sizeof(gKeyAuth)-1);
if (rc == TPM_RC_SUCCESS) {
printf("Creating a loaded new TPM 2.0 key Test Passed\n");
wolfTPM2_UnloadHandle(&dev, &testKey.handle);
}
else if (WOLFTPM_IS_COMMAND_UNAVAILABLE(rc)) {
printf("CreateLoadedKey: Feature is not suppored on this hardware\n");
}
else {
goto exit;
}
/* Create RSA key for sign/verify */
rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate,
TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth |
TPMA_OBJECT_sign | TPMA_OBJECT_noDA);
if (rc != 0) goto exit;
rc = wolfTPM2_CreateAndLoadKey(&dev, &rsaKey, &storageKey.handle,
&publicTemplate, (byte*)gKeyAuth, sizeof(gKeyAuth)-1);
if (rc != 0) goto exit;
/* Perform RSA sign / verify - PKCSv1.5 (SSA) padding */
message.size = 32; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
cipher.size = sizeof(cipher.buffer); /* signature */
rc = wolfTPM2_SignHashScheme(&dev, &rsaKey, message.buffer, message.size,
cipher.buffer, &cipher.size, TPM_ALG_RSASSA, TPM_ALG_SHA256);
if (rc != 0) goto exit;
rc = wolfTPM2_VerifyHashScheme(&dev, &rsaKey, cipher.buffer, cipher.size,
message.buffer, message.size, TPM_ALG_RSASSA, TPM_ALG_SHA256);
if (rc != 0) goto exit;
printf("RSA Sign/Verify using RSA PKCSv1.5 (SSA) padding\n");
/* Perform RSA sign / verify - PSS padding */
message.size = 32; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
cipher.size = sizeof(cipher.buffer); /* signature */
rc = wolfTPM2_SignHashScheme(&dev, &rsaKey, message.buffer, message.size,
cipher.buffer, &cipher.size, TPM_ALG_RSAPSS, TPM_ALG_SHA256);
if (rc != 0) goto exit;
rc = wolfTPM2_VerifyHashScheme(&dev, &rsaKey, cipher.buffer, cipher.size,
message.buffer, message.size, TPM_ALG_RSAPSS, TPM_ALG_SHA256);
if (rc != 0) goto exit;
printf("RSA Sign/Verify using RSA PSS padding\n");
rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
if (rc != 0) goto exit;
/* Create RSA key for encrypt/decrypt */
rc = wolfTPM2_GetKeyTemplate_RSA(&publicTemplate,
TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth |
TPMA_OBJECT_decrypt | TPMA_OBJECT_noDA);
if (rc != 0) goto exit;
rc = wolfTPM2_CreateAndLoadKey(&dev, &rsaKey, &storageKey.handle,
&publicTemplate, (byte*)gKeyAuth, sizeof(gKeyAuth)-1);
if (rc != 0) goto exit;
/* Perform RSA encrypt / decrypt (no pad) */
message.size = 256; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
cipher.size = sizeof(cipher.buffer); /* encrypted data */
rc = wolfTPM2_RsaEncrypt(&dev, &rsaKey, TPM_ALG_NULL,
message.buffer, message.size, cipher.buffer, &cipher.size);
if (rc != 0) goto exit;
plain.size = sizeof(plain.buffer);
rc = wolfTPM2_RsaDecrypt(&dev, &rsaKey, TPM_ALG_NULL,
cipher.buffer, cipher.size, plain.buffer, &plain.size);
if (rc != 0) goto exit;
/* Validate encrypt / decrypt */
if (message.size != plain.size ||
XMEMCMP(message.buffer, plain.buffer, message.size) != 0) {
rc = TPM_RC_TESTING; goto exit;
}
printf("RSA Encrypt/Decrypt Test Passed\n");
/* Perform RSA encrypt / decrypt (OAEP pad) */
message.size = TPM_SHA256_DIGEST_SIZE; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
cipher.size = sizeof(cipher.buffer); /* encrypted data */
rc = wolfTPM2_RsaEncrypt(&dev, &rsaKey, TPM_ALG_OAEP,
message.buffer, message.size, cipher.buffer, &cipher.size);
if (rc != 0) goto exit;
plain.size = sizeof(plain.buffer);
rc = wolfTPM2_RsaDecrypt(&dev, &rsaKey, TPM_ALG_OAEP,
cipher.buffer, cipher.size, plain.buffer, &plain.size);
if (rc != 0) goto exit;
/* Validate encrypt / decrypt */
if (message.size != plain.size ||
XMEMCMP(message.buffer, plain.buffer, message.size) != 0) {
rc = TPM_RC_TESTING; goto exit;
}
printf("RSA Encrypt/Decrypt OAEP Test Passed\n");
/* Perform RSA encrypt / decrypt (RSAES pad) */
message.size = TPM_SHA256_DIGEST_SIZE; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
cipher.size = sizeof(cipher.buffer); /* encrypted data */
rc = wolfTPM2_RsaEncrypt(&dev, &rsaKey, TPM_ALG_RSAES,
message.buffer, message.size, cipher.buffer, &cipher.size);
if (rc != 0) goto exit;
plain.size = sizeof(plain.buffer);
rc = wolfTPM2_RsaDecrypt(&dev, &rsaKey, TPM_ALG_RSAES,
cipher.buffer, cipher.size, plain.buffer, &plain.size);
if (rc != 0) goto exit;
/* Validate encrypt / decrypt */
if (message.size != plain.size ||
XMEMCMP(message.buffer, plain.buffer, message.size) != 0) {
rc = TPM_RC_TESTING; goto exit;
}
printf("RSA Encrypt/Decrypt RSAES Test Passed\n");
/*------------------------------------------------------------------------*/
/* RSA KEY LOADING TESTS */
/*------------------------------------------------------------------------*/
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_RSA) && !defined(NO_ASN)
/* Extract an RSA public key from TPM */
/* Setup wolf RSA key with TPM deviceID */
/* crypto dev callbacks are used for private portion */
rc = wc_InitRsaKey_ex(&wolfRsaPrivKey, NULL, tpmDevId);
if (rc != 0) goto exit;
/* load public portion of key into wolf RSA Key */
rc = wolfTPM2_RsaKey_TpmToWolf(&dev, &rsaKey, &wolfRsaPrivKey);
if (rc != 0) goto exit;
/* Use TPM Handle... */
printf("RSA Key 0x%x Exported to wolf RsaKey\n",
(word32)rsaKey.handle.hndl);
wc_FreeRsaKey(&wolfRsaPrivKey);
rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
if (rc != 0) goto exit;
/* Load RSA public key into wolf RsaKey structure */
rc = wc_InitRsaKey(&wolfRsaPubKey, NULL);
if (rc != 0) goto exit;
idx = 0;
rc = wc_RsaPublicKeyDecode(kRsaKeyPubDer, &idx,
&wolfRsaPubKey, (word32)sizeof(kRsaKeyPubDer));
if (rc != 0) goto exit;
rc = wolfTPM2_RsaKey_WolfToTpm(&dev, &wolfRsaPubKey, &publicKey);
if (rc != 0) goto exit;
/* Use TPM Handle... */
wc_FreeRsaKey(&wolfRsaPubKey);
rc = wolfTPM2_UnloadHandle(&dev, &publicKey.handle);
if (rc != 0) goto exit;
#else
rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
if (rc != 0) goto exit;
#endif /* !WOLFTPM2_NO_WOLFCRYPT && !NO_RSA && !NO_ASN */
/* Load raw RSA public key into TPM */
rc = wolfTPM2_LoadRsaPublicKey(&dev, &publicKey,
kRsaKeyPubModulus, (word32)sizeof(kRsaKeyPubModulus),
kRsaKeyPubExponent);
if (rc != 0) goto exit;
/* Use TPM Handle... */
printf("wolf RsaKey loaded into TPM: Handle 0x%x\n",
(word32)publicKey.handle.hndl);
rc = wolfTPM2_UnloadHandle(&dev, &publicKey.handle);
if (rc != 0) goto exit;
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && !defined(NO_RSA) && !defined(NO_ASN)
/* Load RSA private key into TPM */
rc = wc_InitRsaKey(&wolfRsaPrivKey, NULL);
if (rc != 0) goto exit;
idx = 0;
PRIVATE_KEY_UNLOCK();
rc = wc_RsaPrivateKeyDecode(kRsaKeyPrivDer, &idx, &wolfRsaPrivKey,
(word32)sizeof(kRsaKeyPrivDer));
PRIVATE_KEY_LOCK();
if (rc != 0) goto exit;
rc = wolfTPM2_RsaKey_WolfToTpm_ex(&dev, &storageKey, &wolfRsaPrivKey,
&rsaKey);
wc_FreeRsaKey(&wolfRsaPrivKey);
if (rc != 0 && rc != NOT_COMPILED_IN) {
/* NOT_COMPILED_IN here likely means that AES-CFB is not enabled for
* encrypting secrets */
goto exit;
}
printf("RSA Private Key Loaded into TPM: Handle 0x%x\n",
(word32)rsaKey.handle.hndl);
/* Use TPM Handle... */
rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
if (rc != 0) goto exit;
#endif /* !WOLFTPM2_NO_WOLFCRYPT && !NO_RSA && !NO_ASN */
/* Load raw RSA private key into TPM */
rc = wolfTPM2_LoadRsaPrivateKey(&dev, &storageKey, &rsaKey,
kRsaKeyPubModulus, (word32)sizeof(kRsaKeyPubModulus),
kRsaKeyPubExponent,
kRsaKeyPrivQ, (word32)sizeof(kRsaKeyPrivQ));
if (rc != 0 && rc != NOT_COMPILED_IN) {
/* NOT_COMPILED_IN here likely means that AES-CFB is not enabled for
* encrypting secrets */
goto exit;
}
printf("RSA Private Key RAW Loaded into TPM: Handle 0x%x\n",
(word32)rsaKey.handle.hndl);
/* Use TPM Handle... */
rc = wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
if (rc != 0) goto exit;
/* Close TPM session based on RSA storage key */
wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
wolfTPM2_SetAuthSession(&dev, 1, NULL, 0); /* clear auth session */
/*------------------------------------------------------------------------*/
/* ECC TESTS */
/*------------------------------------------------------------------------*/
/* Get the ECC endorsement key (EK) */
rc = wolfTPM2_GetKeyTemplate_ECC_EK(&publicTemplate);
if (rc != 0) goto exit;
rc = wolfTPM2_CreatePrimaryKey(&dev, &ekKey, TPM_RH_ENDORSEMENT,
&publicTemplate, NULL, 0);
if (rc != 0) goto exit;
wolfTPM2_UnloadHandle(&dev, &ekKey.handle);
/* See if ECC primary storage key already exists */
rc = wolfTPM2_ReadPublicKey(&dev, &storageKey,
TPM2_DEMO_STORAGE_EC_KEY_HANDLE);
#ifdef TEST_WRAP_DELETE_KEY
if (rc == 0) {
storageKey.handle.hndl = TPM2_DEMO_STORAGE_EC_KEY_HANDLE;
rc = wolfTPM2_NVDeleteKey(&dev, TPM_RH_OWNER, &storageKey);
if (rc != 0) goto exit;
rc = TPM_RC_HANDLE; /* mark handle as missing */
}
#endif
if (rc != 0) {
/* Create primary storage key (ECC) */
rc = wolfTPM2_CreateSRK(&dev, &storageKey, TPM_ALG_ECC,
(byte*)gStorageKeyAuth, sizeof(gStorageKeyAuth)-1);
if (rc != 0) goto exit;
/* Move this key into persistent storage */
rc = wolfTPM2_NVStoreKey(&dev, TPM_RH_OWNER, &storageKey,
TPM2_DEMO_STORAGE_EC_KEY_HANDLE);
if (!WOLFTPM_IS_COMMAND_UNAVAILABLE(rc) && rc != 0) goto exit;
printf("Created new ECC Primary Storage Key at 0x%x\n",
TPM2_DEMO_STORAGE_EC_KEY_HANDLE);
}
else {
/* specify auth password for storage key */
storageKey.handle.auth.size = sizeof(gStorageKeyAuth)-1;
XMEMCPY(storageKey.handle.auth.buffer, gStorageKeyAuth,
storageKey.handle.auth.size);
}
/* Start an authenticated session (salted / unbound) with parameter encryption */
if (paramEncAlg != TPM_ALG_NULL) {
void* bindKey = &storageKey;
#ifndef HAVE_ECC
bindKey = NULL; /* cannot bind to key without ECC enabled */
#endif
rc = wolfTPM2_StartSession(&dev, &tpmSession, bindKey, NULL,
TPM_SE_HMAC, paramEncAlg);
if (rc != 0) goto exit;
printf("TPM2_StartAuthSession: sessionHandle 0x%x\n",
(word32)tpmSession.handle.hndl);
/* set session for authorization of the storage key */
rc = wolfTPM2_SetAuthSession(&dev, 0, &tpmSession,
(TPMA_SESSION_decrypt | TPMA_SESSION_encrypt | TPMA_SESSION_continueSession));
if (rc != 0) goto exit;
}
/* Create an ECC key for ECDSA */
rc = wolfTPM2_GetKeyTemplate_ECC(&publicTemplate,
TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth |
TPMA_OBJECT_sign | TPMA_OBJECT_noDA,
TPM_ECC_NIST_P256, TPM_ALG_ECDSA);
if (rc != 0) goto exit;
publicTemplate.nameAlg = TPM_ALG_SHA256; /* make sure its SHA256 */
rc = wolfTPM2_CreateAndLoadKey(&dev, &eccKey, &storageKey.handle,
&publicTemplate, (byte*)gKeyAuth, sizeof(gKeyAuth)-1);
if (rc != 0) goto exit;
/* Test changing auth for a key */
rc = wolfTPM2_ChangeAuthKey(&dev, &eccKey, &storageKey.handle,
(byte*)gKeyAuthAlt, sizeof(gKeyAuthAlt)-1);
if (rc != 0) goto exit;
/* Perform ECC sign / verify */
message.size = TPM_SHA256_DIGEST_SIZE; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
cipher.size = sizeof(cipher.buffer); /* signature */
rc = wolfTPM2_SignHash(&dev, &eccKey, message.buffer, message.size,
cipher.buffer, &cipher.size);
if (rc != 0) goto exit;
rc = wolfTPM2_VerifyHash(&dev, &eccKey, cipher.buffer, cipher.size,
message.buffer, message.size);
if (rc != 0) goto exit;
rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
if (rc != 0) goto exit;
printf("ECC Sign/Verify Passed\n");
/* Create an ECC key for DH */
rc = wolfTPM2_GetKeyTemplate_ECC(&publicTemplate,
TPMA_OBJECT_sensitiveDataOrigin | TPMA_OBJECT_userWithAuth |
TPMA_OBJECT_decrypt | TPMA_OBJECT_noDA,
TPM_ECC_NIST_P256, TPM_ALG_ECDH);
if (rc != 0) goto exit;
publicTemplate.nameAlg = TPM_ALG_SHA256; /* make sure its SHA256 */
rc = wolfTPM2_CreateAndLoadKey(&dev, &eccKey, &storageKey.handle,
&publicTemplate, (byte*)gKeyAuth, sizeof(gKeyAuth)-1);
if (rc != 0) goto exit;
/* Create ephemeral ECC key and generate a shared secret */
message.size = sizeof(message.buffer);
rc = wolfTPM2_ECDHGen(&dev, &eccKey, &pubPoint,
message.buffer, &message.size);
if (rc != 0) goto exit;
/* Compute shared secret and compare results */
rc = wolfTPM2_ECDHGenZ(&dev, &eccKey, &pubPoint, cipher.buffer, &cipher.size);
if (rc != 0) goto exit;
if (message.size != cipher.size ||
XMEMCMP(message.buffer, cipher.buffer, message.size) != 0) {
rc = -1; /* failed */
}
printf("ECC DH Test %s\n", rc == 0 ? "Passed" : "Failed");
/* ECC Public Key Signature Verify Test/Example */
rc = wolfTPM2_LoadEccPublicKey(&dev, &publicKey, TPM_ECC_NIST_P256,
kEccTestPubQX, sizeof(kEccTestPubQX),
kEccTestPubQY, sizeof(kEccTestPubQY));
if (rc != 0) goto exit;
rc = wolfTPM2_VerifyHashScheme(&dev, &publicKey,
kEccTestSigRS, sizeof(kEccTestSigRS),
kEccTestMsg, sizeof(kEccTestMsg), TPM_ALG_ECDSA, TPM_ALG_SHA1);
if (rc != 0) goto exit;
rc = wolfTPM2_UnloadHandle(&dev, &publicKey.handle);
if (rc != 0) goto exit;
printf("ECC Verify Test Passed\n");
/*------------------------------------------------------------------------*/
/* ECC KEY LOADING TESTS */
/*------------------------------------------------------------------------*/
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(HAVE_ECC) && !defined(NO_ASN)
/* Extract an ECC public key from TPM */
/* Setup wolf ECC key with TPM deviceID, so crypto callbacks
can be used for private operations */
rc = wc_ecc_init_ex(&wolfEccPrivKey, NULL, tpmDevId);
if (rc != 0) goto exit;
/* load public portion of key into wolf ECC Key */
rc = wolfTPM2_EccKey_TpmToWolf(&dev, &eccKey, &wolfEccPrivKey);
if (rc != 0) goto exit;
/* Use TPM Handle... */
printf("ECC Key 0x%x Exported to wolf ecc_key\n",
(word32)eccKey.handle.hndl);
wc_ecc_free(&wolfEccPrivKey);
rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
if (rc != 0) goto exit;
/* Load ECC DER public key into TPM */
rc = wc_ecc_init(&wolfEccPubKey);
if (rc != 0) goto exit;
idx = 0;
rc = wc_EccPublicKeyDecode(kEccKeyPubDer, &idx, &wolfEccPubKey,
(word32)sizeof(kEccKeyPubDer));
if (rc != 0) goto exit;
rc = wolfTPM2_EccKey_WolfToTpm(&dev, &wolfEccPubKey, &publicKey);
if (rc != 0) goto exit;
/* Use TPM Handle... */
wc_ecc_free(&wolfEccPubKey);
rc = wolfTPM2_UnloadHandle(&dev, &publicKey.handle);
if (rc != 0) goto exit;
#else
rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
if (rc != 0) goto exit;
#endif /* !WOLFTPM2_NO_WOLFCRYPT && HAVE_ECC && !NO_ASN */
/* Load raw ECC public key into TPM */
rc = wolfTPM2_LoadEccPublicKey(&dev, &publicKey, TPM_ECC_NIST_P256,
kEccKeyPubXRaw, (word32)sizeof(kEccKeyPubXRaw),
kEccKeyPubYRaw, (word32)sizeof(kEccKeyPubYRaw));
if (rc != 0) goto exit;
/* Use TPM Handle... */
printf("wolf ecc_key loaded into TPM: Handle 0x%x\n",
(word32)publicKey.handle.hndl);
rc = wolfTPM2_UnloadHandle(&dev, &publicKey.handle);
if (rc != 0) goto exit;
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(HAVE_ECC) && !defined(NO_ASN)
/* Load ECC DER Private Key into TPM */
rc = wc_ecc_init(&wolfEccPrivKey);
if (rc != 0) goto exit;
idx = 0;
rc = wc_EccPrivateKeyDecode(kEccKeyPrivDer, &idx, &wolfEccPrivKey,
(word32)sizeof(kEccKeyPrivDer));
if (rc != 0) goto exit;
rc = wolfTPM2_EccKey_WolfToTpm_ex(&dev, &storageKey, &wolfEccPrivKey,
&eccKey);
wc_ecc_free(&wolfEccPrivKey);
if (rc != 0 && rc != NOT_COMPILED_IN) {
/* NOT_COMPILED_IN here likely means the WOLFSSL_PUBLIC_MP is enabled
* exposing the mp_ math API's or AES CFB is not enabled.
* Both are needed for encrypting secrets */
goto exit;
}
printf("ECC Private Key Loaded into TPM: Handle 0x%x\n",
(word32)eccKey.handle.hndl);
/* Use TPM Handle... */
rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
if (rc != 0) goto exit;
#endif /* !WOLFTPM2_NO_WOLFCRYPT && HAVE_ECC && !NO_ASN */
/* Load raw ECC private key into TPM */
rc = wolfTPM2_LoadEccPrivateKey(&dev, &storageKey, &eccKey, TPM_ECC_NIST_P256,
kEccKeyPubXRaw, (word32)sizeof(kEccKeyPubXRaw),
kEccKeyPubYRaw, (word32)sizeof(kEccKeyPubYRaw),
kEccKeyPrivD, (word32)sizeof(kEccKeyPrivD));
if (rc != 0 && rc != NOT_COMPILED_IN) {
/* NOT_COMPILED_IN here likely means the WOLFSSL_PUBLIC_MP is enabled
* exposing the mp_ math API's or AES CFB is not enabled.
* Both are needed for encrypting secrets */
goto exit;
}
printf("ECC Private Key RAW Loaded into TPM: Handle 0x%x\n",
(word32)eccKey.handle.hndl);
/* Use TPM Handle... */
rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
if (rc != 0) goto exit;
#if 0 /* disabled until ECC Encrypted salt is added */
/* Close TPM session based on ECC storage key */
wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
wolfTPM2_SetAuthSession(&dev, 1, NULL, 0); /* clear auth session */
#endif
/*------------------------------------------------------------------------*/
/* NV TESTS */
/*------------------------------------------------------------------------*/
/* NV with Auth (preferred API's) */
#ifndef WOLFTPM_WINAPI
{
WOLFTPM2_HANDLE parent;
WOLFTPM2_NV nv;
XMEMSET(&parent, 0, sizeof(parent));
parent.hndl = TPM_RH_OWNER;
rc = wolfTPM2_GetNvAttributesTemplate(parent.hndl, &nvAttributes);
if (rc != 0) goto exit;
rc = wolfTPM2_NVCreateAuth(&dev, &parent, &nv, TPM2_DEMO_NV_TEST_AUTH_INDEX,
nvAttributes, TPM2_DEMO_NV_TEST_SIZE, (byte*)gNvAuth, sizeof(gNvAuth)-1);
if (rc != 0 && rc != TPM_RC_NV_DEFINED) goto exit;
wolfTPM2_SetAuthHandle(&dev, 0, &nv.handle);
message.size = TPM2_DEMO_NV_TEST_SIZE; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
rc = wolfTPM2_NVWriteAuth(&dev, &nv, TPM2_DEMO_NV_TEST_AUTH_INDEX,
message.buffer, message.size, 0);
if (rc != 0) goto exit;
plain.size = TPM2_DEMO_NV_TEST_SIZE;
rc = wolfTPM2_NVReadAuth(&dev, &nv, TPM2_DEMO_NV_TEST_AUTH_INDEX,
plain.buffer, (word32*)&plain.size, 0);
if (rc != 0) goto exit;
rc = wolfTPM2_NVReadPublic(&dev, TPM2_DEMO_NV_TEST_AUTH_INDEX, NULL);
if (rc != 0) goto exit;
rc = wolfTPM2_NVDeleteAuth(&dev, &parent, TPM2_DEMO_NV_TEST_AUTH_INDEX);
if (rc != 0) goto exit;
if (message.size != plain.size ||
XMEMCMP(message.buffer, plain.buffer, message.size) != 0) {
rc = TPM_RC_TESTING; goto exit;
}
printf("NV Test (with auth) on index 0x%x with %d bytes passed\n",
TPM2_DEMO_NV_TEST_AUTH_INDEX, TPM2_DEMO_NV_TEST_SIZE);
}
/* NV Tests (older API's without auth) */
rc = wolfTPM2_GetNvAttributesTemplate(TPM_RH_OWNER, &nvAttributes);
if (rc != 0) goto exit;
rc = wolfTPM2_NVCreate(&dev, TPM_RH_OWNER, TPM2_DEMO_NV_TEST_INDEX,
nvAttributes, TPM2_DEMO_NV_TEST_SIZE, NULL, 0);
if (rc != 0 && rc != TPM_RC_NV_DEFINED) goto exit;
message.size = TPM2_DEMO_NV_TEST_SIZE; /* test message 0x11,0x11,etc */
XMEMSET(message.buffer, 0x11, message.size);
rc = wolfTPM2_NVWrite(&dev, TPM_RH_OWNER, TPM2_DEMO_NV_TEST_INDEX,
message.buffer, message.size, 0);
if (rc != 0) goto exit;
plain.size = TPM2_DEMO_NV_TEST_SIZE;
rc = wolfTPM2_NVRead(&dev, TPM_RH_OWNER, TPM2_DEMO_NV_TEST_INDEX,
plain.buffer, (word32*)&plain.size, 0);
if (rc != 0) goto exit;
rc = wolfTPM2_NVReadPublic(&dev, TPM2_DEMO_NV_TEST_INDEX, NULL);
if (rc != 0) goto exit;
rc = wolfTPM2_NVDelete(&dev, TPM_RH_OWNER, TPM2_DEMO_NV_TEST_INDEX);
if (rc != 0) goto exit;
if (message.size != plain.size ||
XMEMCMP(message.buffer, plain.buffer, message.size) != 0) {
rc = TPM_RC_TESTING; goto exit;
}
printf("NV Test on index 0x%x with %d bytes passed\n",
TPM2_DEMO_NV_TEST_INDEX, TPM2_DEMO_NV_TEST_SIZE);
#endif
/*------------------------------------------------------------------------*/
/* RANDOM TESTS */
/*------------------------------------------------------------------------*/
/* Random Test */
XMEMSET(message.buffer, 0, sizeof(message.buffer));
rc = wolfTPM2_GetRandom(&dev, message.buffer, sizeof(message.buffer));
if (rc != 0) goto exit;
/*------------------------------------------------------------------------*/
/* HASH TESTS */
/*------------------------------------------------------------------------*/
XMEMSET(&hash, 0, sizeof(hash));
rc = wolfTPM2_HashStart(&dev, &hash, TPM_ALG_SHA256,
(const byte*)gUsageAuth, sizeof(gUsageAuth)-1);
if (rc != 0) goto exit;
#ifdef ENABLE_LARGE_HASH_TEST
message.size = 1024;
for (i = 0; i < message.size; i++) {
message.buffer[i] = (byte)(i & 0xFF);
}
for (i = 0; i < 100; i++) {
rc = wolfTPM2_HashUpdate(&dev, &hash, message.buffer, message.size);
if (rc != 0) goto exit;
}
#else
rc = wolfTPM2_HashUpdate(&dev, &hash, (byte*)hashTestData,
(word32)XSTRLEN(hashTestData));
if (rc != 0) goto exit;
#endif
cipher.size = TPM_SHA256_DIGEST_SIZE;
rc = wolfTPM2_HashFinish(&dev, &hash, cipher.buffer, (word32*)&cipher.size);
if (rc != 0) goto exit;
if (cipher.size != TPM_SHA256_DIGEST_SIZE ||
XMEMCMP(cipher.buffer, hashTestDig, cipher.size) != 0) {
printf("Hash SHA256 test failed, result not as expected!\n");
goto exit;
}
printf("Hash SHA256 test success\n");
/*------------------------------------------------------------------------*/
/* HMAC TESTS */
/*------------------------------------------------------------------------*/
XMEMSET(&hmac, 0, sizeof(hmac));
hmac.hmacKeyKeep = 1; /* don't unload key on finish */
rc = wolfTPM2_HmacStart(&dev, &hmac, &storageKey.handle, TPM_ALG_SHA256,
(const byte*)hmacTestKey, (word32)XSTRLEN(hmacTestKey),
(const byte*)gUsageAuth, sizeof(gUsageAuth)-1);
if (rc != 0) goto exit;
rc = wolfTPM2_HmacUpdate(&dev, &hmac, (byte*)hmacTestData,
(word32)XSTRLEN(hmacTestData));
if (rc != 0) goto exit;
cipher.size = TPM_SHA256_DIGEST_SIZE;
rc = wolfTPM2_HmacFinish(&dev, &hmac, cipher.buffer, (word32*)&cipher.size);
if (rc != 0) goto exit;
if (cipher.size != TPM_SHA256_DIGEST_SIZE ||
XMEMCMP(cipher.buffer, hmacTestDig, cipher.size) != 0) {
printf("HMAC SHA256 test failed, result not as expected!\n");
goto exit;
}
/* Can reuse the HMAC key here:
* wolfTPM2_HmacStart, wolfTPM2_HmacUpdate, wolfTPM2_HmacFinish
*/
/* Manually unload HMAC key, since hmacKeyKeep was set above */
/* If hmacKeyKeep == 0 then key will be unloaded in wolfTPM2_HmacFinish */
wolfTPM2_UnloadHandle(&dev, &hmac.key.handle);
printf("HMAC SHA256 test success\n");
/*------------------------------------------------------------------------*/
/* ENCRYPT/DECRYPT TESTS */
/*------------------------------------------------------------------------*/
#ifndef WOLFTPM2_NO_WOLFCRYPT
rc = wolfTPM2_LoadSymmetricKey(&dev, &aesKey, TEST_AES_MODE,
TEST_AES_KEY, (word32)sizeof(TEST_AES_KEY));
if (rc != 0) goto exit;
message.size = (word32)sizeof(TEST_AES_MSG);
XMEMCPY(message.buffer, TEST_AES_MSG, message.size);
XMEMSET(cipher.buffer, 0, sizeof(cipher.buffer));
cipher.size = message.size;
XMEMCPY(aesIv, TEST_AES_IV, (word32)sizeof(TEST_AES_IV));
rc = wolfTPM2_EncryptDecrypt(&dev, &aesKey, message.buffer, cipher.buffer,
message.size, aesIv, (word32)sizeof(aesIv), WOLFTPM2_ENCRYPT);
if (rc != 0 && !WOLFTPM_IS_COMMAND_UNAVAILABLE(rc)) goto exit;
XMEMSET(plain.buffer, 0, sizeof(plain.buffer));
plain.size = message.size;
XMEMCPY(aesIv, (byte*)TEST_AES_IV, (word32)sizeof(TEST_AES_IV));
rc = wolfTPM2_EncryptDecrypt(&dev, &aesKey, cipher.buffer, plain.buffer,
cipher.size, aesIv, (word32)sizeof(aesIv), WOLFTPM2_DECRYPT);
wolfTPM2_UnloadHandle(&dev, &aesKey.handle);
if (rc == TPM_RC_SUCCESS &&
message.size == plain.size &&
XMEMCMP(message.buffer, plain.buffer, message.size) == 0 &&
cipher.size == sizeof(TEST_AES_VERIFY) &&
XMEMCMP(cipher.buffer, TEST_AES_VERIFY, cipher.size) == 0) {
printf("Encrypt/Decrypt (known key) test success\n");
}
else if (WOLFTPM_IS_COMMAND_UNAVAILABLE(rc)) {
printf("Encrypt/Decrypt: Is not a supported feature due to export controls\n");
rc = TPM_RC_SUCCESS; /* clear error code */
}
else {
printf("Encrypt/Decrypt test failed, result not as expected!\n");
goto exit;
}
if (rc != 0) goto exit;
#else
(void)aesIv;
#endif /* !WOLFTPM2_NO_WOLFCRYPT */
rc = wolfTPM2_GetKeyTemplate_Symmetric(&publicTemplate, 128, TEST_AES_MODE,
YES, YES);
if (rc != 0) goto exit;
rc = wolfTPM2_CreateAndLoadKey(&dev, &aesKey, &storageKey.handle,
&publicTemplate, (byte*)gUsageAuth, sizeof(gUsageAuth)-1);
if (rc != 0) goto exit;
/* Test data */
message.size = sizeof(message.buffer);
for (i=0; i<message.size; i++) {
message.buffer[i] = (byte)(i & 0xff);
}
XMEMSET(cipher.buffer, 0, sizeof(cipher.buffer));
cipher.size = message.size;
rc = wolfTPM2_EncryptDecrypt(&dev, &aesKey, message.buffer, cipher.buffer,
message.size, NULL, 0, WOLFTPM2_ENCRYPT);
if (rc != 0 && !WOLFTPM_IS_COMMAND_UNAVAILABLE(rc)) goto exit;
XMEMSET(plain.buffer, 0, sizeof(plain.buffer));
plain.size = message.size;
rc = wolfTPM2_EncryptDecrypt(&dev, &aesKey, cipher.buffer, plain.buffer,
cipher.size, NULL, 0, WOLFTPM2_DECRYPT);
wolfTPM2_UnloadHandle(&dev, &aesKey.handle);
if (rc == TPM_RC_SUCCESS &&
message.size == plain.size &&
XMEMCMP(message.buffer, plain.buffer, message.size) == 0) {
printf("Encrypt/Decrypt test success\n");
}
else if (WOLFTPM_IS_COMMAND_UNAVAILABLE(rc)) {
printf("Encrypt/Decrypt: Is not a supported feature due to export controls\n");
}
else {
printf("Encrypt/Decrypt (gen key) test failed, result not as expected!\n");
goto exit;
}
/*------------------------------------------------------------------------*/
/* PCR TESTS */
/*------------------------------------------------------------------------*/
/* Read PCR Index 0 */
hashSz = 0;
rc = wolfTPM2_ReadPCR(&dev, 0, TEST_WRAP_DIGEST, hashBuf, &hashSz);
if (rc != 0) goto exit;
/* Extend PCR Index 0 */
for (i=0; i<hashSz; i++) {
hashBuf[i] = i;
}
rc = wolfTPM2_ExtendPCR(&dev, 0, TEST_WRAP_DIGEST, hashBuf, hashSz);
if (rc != 0 && !WOLFTPM_IS_COMMAND_UNAVAILABLE(rc)) goto exit;
/* Read PCR Index 0 */
rc = wolfTPM2_ReadPCR(&dev, 0, TEST_WRAP_DIGEST, hashBuf, &hashSz);
if (rc != 0) goto exit;
printf("PCR Test pass\n");
/*------------------------------------------------------------------------*/
/* OTHER TESTS */
/*------------------------------------------------------------------------*/
/* Test not enabled by default */
#if defined(WOLFTPM_SWTPM) && defined(WOLFTPM_TEST_CHANGE_PLATFORM_AUTH)
rc = wolfTPM2_ChangePlatformAuth(&dev, &tpmSession);
if (rc != 0) goto exit;
#endif
exit:
if (rc != 0) {
printf("Failure 0x%x: %s\n", rc, wolfTPM2_GetRCString(rc));
}
wolfTPM2_UnloadHandle(&dev, &aesKey.handle);
wolfTPM2_UnloadHandle(&dev, &publicKey.handle);
wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
wolfTPM2_UnloadHandle(&dev, &ekKey.handle);
wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
wolfTPM2_Shutdown(&dev, 0); /* 0=just shutdown, no startup */
wolfTPM2_Cleanup(&dev);
#ifndef WOLFTPM2_NO_WOLFCRYPT
(void)tpmDevId;
#endif
return rc;
}
/******************************************************************************/
/* --- END Wrapper API Tests -- */
/******************************************************************************/
#endif /* !WOLFTPM2_NO_WRAPPER */
#ifndef NO_MAIN_DRIVER
int main(int argc, char *argv[])
{
int rc = -1;
if (argc > 1) {
#ifndef WOLFTPM2_NO_WRAPPER
TPM2_Wrapper_SetReset(1);
#endif
}
(void)argv;
#ifndef WOLFTPM2_NO_WRAPPER
rc = TPM2_Wrapper_TestArgs(NULL, argc, argv);
#else
printf("Wrapper code not compiled in\n");
#endif
return rc;
}
#endif /* !NO_MAIN_DRIVER */
Reference in New Issue View Git Blame Copy Permalink