TSS_RESULT registerkey(int i) { TSS_RESULT result; char *function = "Tspi_Context_RegisterKey"; printf("%s: key %d\n", __FUNCTION__, i); result = Tspi_Context_RegisterKey( hContext, hKey[i].handle, TSS_PS_TYPE_SYSTEM, hKey[i].uuid, TSS_PS_TYPE_SYSTEM, SRK_UUID ); if (result != TSS_SUCCESS) { if( !(checkNonAPI(result)) ) { print_error( function, result ); return result; } else { print_error_nonapi( function, result ); return result; } } else { hKey[i].registered = 1; print_success( function, result ); return 0; } }
/* create and store keys with the uuids in the @uuids parameter. Unregister * any keys in the PS that are already stored. hParentKey should already be * loaded and will become the parent of the key stored with uuids[0] */ TSS_RESULT store_keys(TSS_HCONTEXT hContext, TSS_HKEY hParentKey, TSS_UUID *uuidParent0, TSS_UUID **uuids) { int i; TSS_RESULT result; TSS_UUID *uuidParent; TSS_HKEY hKey; TSS_FLAG initFlags; for (i = 0; uuids[i]; i++) { /* unregister any keys in the PS that are in the way */ if ((result = Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, *uuids[i], &hKey)) && (TSS_ERROR_CODE(result) != TSS_E_PS_KEY_NOTFOUND)) { print_error("Tspi_Context_UnregisterKey", result); return result; } } initFlags = TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_STORAGE | TSS_KEY_NO_AUTHORIZATION; uuidParent = uuidParent0; for (i = 0; uuids[i]; i++) { /* create the keys and register them */ if ((result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey))) { print_error("Tspi_Context_CreateObject", result); return result; } if ((result = Tspi_Key_CreateKey(hKey, hParentKey, 0))) { print_error("Tspi_Key_CreateKey", result); return result; } /* load key so that the child can be created */ if ((result = Tspi_Key_LoadKey(hKey, hParentKey))) { print_error("Tspi_Key_LoadKey", result); return result; } /* register the new key */ if ((result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM, *uuids[i], TSS_PS_TYPE_SYSTEM, *uuidParent))) { print_error("Tspi_Context_RegisterKey", result); return result; } hParentKey = hKey; uuidParent = uuids[i]; } return TSS_SUCCESS; }
main_v1_1(void){ char *nameOfFunction = "Tspi_GetAttribData19"; TSS_FLAG initFlags; TSS_HKEY hKey; TSS_HCONTEXT hContext; TSS_RESULT result; TSS_HKEY hSRK; BYTE* uuid; UINT32 uuidLength; int rc; TSS_UUID null_uuid, key_uuid; initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; memset(&null_uuid, 0, sizeof(TSS_UUID)); memset(&key_uuid, 0x7f, sizeof(TSS_UUID)); print_begin_test(nameOfFunction); //Create Context and connect result = connect_load_srk(&hContext, &hSRK); if (result != TSS_SUCCESS) { print_error("connect_load_srk", result); print_error_exit(nameOfFunction, err_string(result)); exit(result); } //Create Key Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Create Key in the TPM result = Tspi_Key_CreateKey(hKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Call GetAttribData, uuid should be all 0's result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_UUID, 0, &uuidLength, &uuid); if (result != TSS_SUCCESS) { print_error("Tspi_GetAttribData", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Check length and data if (uuidLength != sizeof(TSS_UUID)) { print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1); print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } if ((rc = memcmp(uuid, &null_uuid, uuidLength))) { print_verifyerr("a null uuid from Tspi_GetAttribData", 0, rc); print_hex(uuid, sizeof(TSS_UUID)); print_error("uuid NULL from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } Tspi_Context_FreeMemory(hContext, uuid); register_key: //Register Key result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM, key_uuid, TSS_PS_TYPE_SYSTEM, SRK_UUID); if (TSS_ERROR_CODE(result) == TSS_E_KEY_ALREADY_REGISTERED) { result = Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, key_uuid, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_UnregisterKey", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } goto register_key; } else if (result != TSS_SUCCESS) { print_error("Tspi_Context_RegisterKey", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Close the object result = Tspi_Context_CloseObject(hContext, hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CloseObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } hKey = 0; //Load the key by UUID from PS result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, key_uuid, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Call GetAttribData, uuid should be equal to key_uuid result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_UUID, 0, &uuidLength, &uuid); if (result != TSS_SUCCESS) { print_error("Tspi_GetAttribData", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Check length and data if (uuidLength != sizeof(TSS_UUID)) { print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1); print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } if ((rc = memcmp(uuid, &key_uuid, uuidLength))) { print_verifyerr("key's uuid from Tspi_GetAttribData", 0, rc); print_hex((BYTE *)&key_uuid, sizeof(TSS_UUID)); print_error("key's uuid from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_Close(hContext); exit(0); }
int main_v1_1(void){ char *nameOfFunction = "Tspi_Context_GetRegisteredKeysByUUID03"; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_FLAG initFlags; TSS_HKEY hKey; TSS_HKEY hSRK; TSS_RESULT result; TSS_UUID migratableSignUUID={1, 2, 3, 4, 5, {6, 7, 8, 9, 10, 2}}; TSS_HPOLICY srkUsagePolicy; UINT32 pulKeyHierarchySize; TSS_KM_KEYINFO* ppKeyHierarchy; initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_512 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; print_begin_test(nameOfFunction); //Create result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } //Connect result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect ", result); Tspi_Context_Close(hContext); exit(result); } //Get TPM Object result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetTpmObject ", result); Tspi_Context_Close(hContext); exit(result); } //Create Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject ", result); Tspi_Context_Close(hContext); exit(result); } //Load Key by UUID result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object for the srkUsagePolicy result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Set Secret for the srkUsagePolicy result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #endif //Create the hKey with the hSRK wrapping key result = Tspi_Key_CreateKey(hKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Register the hKey result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRK_UUID); if (result != TSS_SUCCESS && TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) { print_error("Tspi_Context_RegisterKey ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Get Registered Keys By UUID result = Tspi_Context_GetRegisteredKeysByUUID(hContext, -1, &migratableSignUUID, &pulKeyHierarchySize, &ppKeyHierarchy); if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) { if(!checkNonAPI(result)){ print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } else{ print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } else{ print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(0); } }
int main_v1_1(void) { char *function = "Tspi_Hash_Sign03"; TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HKEY hMSigningKey; TSS_HKEY hKey; TSS_UUID SRKUUID = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }; TSS_UUID migratableSignUUID = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2 }; TSS_HHASH hHash; BYTE *prgbSignature; // UINT32 pulSignatureLength; TSS_RESULT result; TSS_HPOLICY srkUsagePolicy; TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; UINT32 exitCode = 0; print_begin_test(function); // Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create", result); exit(result); } // Connect to Context result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } // create hKey result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject (hKey)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } //Load Key By UUID result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } //Set Secret result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #endif //Create Signing Key result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING, &hMSigningKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject (signing key)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey (signing key)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Context_RegisterKey(hContext, hMSigningKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRKUUID); if ((result != TSS_SUCCESS) && (TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED)) { print_error("Tspi_Context_RegisterKey (signing key)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (signing key)", result ); Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_SHA1, &hHash); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject (hash)", result); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Hash_SetHashValue(hHash, 20, "Je pense, danc je suis."); if (result != TSS_SUCCESS) { print_error("Tspi_Hash_SetHashValue", result); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } //Load Key Blob result = Tspi_Hash_Sign(hHash, hMSigningKey, NULL, &prgbSignature); if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) { if (!(checkNonAPI(result))) { print_error(function, result); } else { print_error_nonapi(function, result); } exitCode = result; } else { print_success(function, result); } print_end_test(function); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(exitCode); }
/** * gnutls_tpm_privkey_generate: * @pk: the public key algorithm * @bits: the security bits * @srk_password: a password to protect the exported key (optional) * @key_password: the password for the TPM (optional) * @format: the format of the private key * @pub_format: the format of the public key * @privkey: the generated key * @pubkey: the corresponding public key (may be null) * @flags: should be a list of GNUTLS_TPM_* flags * * This function will generate a private key in the TPM * chip. The private key will be generated within the chip * and will be exported in a wrapped with TPM's master key * form. Furthermore the wrapped key can be protected with * the provided @password. * * Note that bits in TPM is quantized value. If the input value * is not one of the allowed values, then it will be quantized to * one of 512, 1024, 2048, 4096, 8192 and 16384. * * Allowed flags are: * * %GNUTLS_TPM_KEY_SIGNING: Generate a signing key instead of a legacy, * %GNUTLS_TPM_REGISTER_KEY: Register the generate key in TPM. In that * case @privkey would contain a URL with the UUID. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. * * Since: 3.1.0 **/ int gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, unsigned int bits, const char *srk_password, const char *key_password, gnutls_tpmkey_fmt_t format, gnutls_x509_crt_fmt_t pub_format, gnutls_datum_t * privkey, gnutls_datum_t * pubkey, unsigned int flags) { TSS_FLAG tpm_flags = TSS_KEY_VOLATILE; TSS_HKEY key_ctx; TSS_RESULT tssret; int ret; void *tdata; UINT32 tint; gnutls_datum_t tmpkey = { NULL, 0 }; TSS_HPOLICY key_policy; gnutls_pubkey_t pub; struct tpm_ctx_st s; TSS_FLAG storage_type; TSS_HTPM htpm; uint8_t buf[32]; if (flags & GNUTLS_TPM_KEY_SIGNING) tpm_flags |= TSS_KEY_TYPE_SIGNING; else tpm_flags |= TSS_KEY_TYPE_LEGACY; if (flags & GNUTLS_TPM_KEY_USER) storage_type = TSS_PS_TYPE_USER; else storage_type = TSS_PS_TYPE_SYSTEM; if (bits <= 512) tpm_flags |= TSS_KEY_SIZE_512; else if (bits <= 1024) tpm_flags |= TSS_KEY_SIZE_1024; else if (bits <= 2048) tpm_flags |= TSS_KEY_SIZE_2048; else if (bits <= 4096) tpm_flags |= TSS_KEY_SIZE_4096; else if (bits <= 8192) tpm_flags |= TSS_KEY_SIZE_8192; else tpm_flags |= TSS_KEY_SIZE_16384; ret = tpm_open_session(&s, srk_password); if (ret < 0) return gnutls_assert_val(ret); /* put some randomness into TPM. * Let's not trust it completely. */ tssret = Tspi_Context_GetTpmObject(s.tpm_ctx, &htpm); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_cc; } ret = _gnutls_rnd(GNUTLS_RND_RANDOM, buf, sizeof(buf)); if (ret < 0) { gnutls_assert(); goto err_cc; } tssret = Tspi_TPM_StirRandom(htpm, sizeof(buf), buf); if (tssret) { gnutls_assert(); } tssret = Tspi_Context_CreateObject(s.tpm_ctx, TSS_OBJECT_TYPE_RSAKEY, tpm_flags, &key_ctx); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_cc; } tssret = Tspi_SetAttribUint32(key_ctx, TSS_TSPATTRIB_KEY_INFO, TSS_TSPATTRIB_KEYINFO_SIGSCHEME, TSS_SS_RSASSAPKCS1V15_DER); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_sa; } /* set the password of the actual key */ if (key_password) { tssret = Tspi_GetPolicyObject(key_ctx, TSS_POLICY_USAGE, &key_policy); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_sa; } tssret = myTspi_Policy_SetSecret(key_policy, SAFE_LEN(key_password), (void *) key_password); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_sa; } } tssret = Tspi_Key_CreateKey(key_ctx, s.srk, 0); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_sa; } if (flags & GNUTLS_TPM_REGISTER_KEY) { TSS_UUID key_uuid; ret = randomize_uuid(&key_uuid); if (ret < 0) { gnutls_assert(); goto err_sa; } tssret = Tspi_Context_RegisterKey(s.tpm_ctx, key_ctx, storage_type, key_uuid, TSS_PS_TYPE_SYSTEM, srk_uuid); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_sa; } ret = encode_tpmkey_url((char **) &privkey->data, &key_uuid, storage_type); if (ret < 0) { TSS_HKEY tkey; Tspi_Context_UnregisterKey(s.tpm_ctx, storage_type, key_uuid, &tkey); gnutls_assert(); goto err_sa; } privkey->size = strlen((char *) privkey->data); } else { /* get the key as blob */ tssret = Tspi_GetAttribData(key_ctx, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_BLOB, &tint, (void *) &tdata); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto err_sa; } if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) { ret = _gnutls_x509_encode_string (ASN1_ETYPE_OCTET_STRING, tdata, tint, &tmpkey); if (ret < 0) { gnutls_assert(); goto cleanup; } ret = _gnutls_fbase64_encode("TSS KEY BLOB", tmpkey.data, tmpkey.size, privkey); if (ret < 0) { gnutls_assert(); goto cleanup; } } else { UINT32 tint2; tmpkey.size = tint + 32; /* spec says no more than 20 */ tmpkey.data = gnutls_malloc(tmpkey.size); if (tmpkey.data == NULL) { gnutls_assert(); ret = GNUTLS_E_MEMORY_ERROR; goto cleanup; } tint2 = tmpkey.size; tssret = Tspi_EncodeDER_TssBlob(tint, tdata, TSS_BLOB_TYPE_PRIVATEKEY, &tint2, tmpkey.data); if (tssret != 0) { gnutls_assert(); ret = tss_err(tssret); goto cleanup; } tmpkey.size = tint2; privkey->data = tmpkey.data; privkey->size = tmpkey.size; tmpkey.data = NULL; } } /* read the public key */ if (pubkey != NULL) { size_t psize; ret = gnutls_pubkey_init(&pub); if (ret < 0) { gnutls_assert(); goto privkey_cleanup; } ret = read_pubkey(pub, key_ctx, &psize); if (ret < 0) { gnutls_assert(); goto privkey_cleanup; } psize += 512; pubkey->data = gnutls_malloc(psize); if (pubkey->data == NULL) { gnutls_assert(); ret = GNUTLS_E_MEMORY_ERROR; goto pubkey_cleanup; } ret = gnutls_pubkey_export(pub, pub_format, pubkey->data, &psize); if (ret < 0) { gnutls_assert(); goto pubkey_cleanup; } pubkey->size = psize; gnutls_pubkey_deinit(pub); } ret = 0; goto cleanup; pubkey_cleanup: gnutls_pubkey_deinit(pub); privkey_cleanup: gnutls_free(privkey->data); privkey->data = NULL; cleanup: gnutls_free(tmpkey.data); tmpkey.data = NULL; err_sa: Tspi_Context_CloseObject(s.tpm_ctx, key_ctx); err_cc: tpm_close_session(&s); return ret; }
int main_v1_1( void ) { char *function = "key_auth_check01"; TSS_HCONTEXT hContext; UINT32 exitCode; TSS_HKEY hSRK; TSS_HKEY hMSigningKey; TSS_UUID migratableSignUUID = {0x1, 0x55, 0x67, 0x8, 0x5, { 6, 7, 8, 9, 10, 2 } }; TSS_HHASH hHash; BYTE *prgbSignature; UINT32 pulSignatureLength; TSS_RESULT result; TSS_HPOLICY srkUsagePolicy, keyUsagePolicy; print_begin_test( function ); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); print_error_exit( function, err_string(result) ); exit( result ); } // Connect to Context result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Connect", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Load Key By UUID result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE, &srkUsagePolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetPolicyObject", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Set Secret result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } #endif //Create Signing Key result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING | TSS_KEY_AUTHORIZATION, &hMSigningKey ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (signing key)", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // get signing key's policy result = Tspi_GetPolicyObject( hMSigningKey, TSS_POLICY_USAGE, &keyUsagePolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetPolicyObject", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Set Secret result = Tspi_Policy_SetSecret( keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE, TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_CreateKey (signing key)", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Key_LoadKey( hMSigningKey, hSRK ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKey (hMSigningKey)", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // create hash result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_SHA1, &hHash ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (hash)", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Hash_UpdateHashValue( hHash, 20, "Je pense, danc je s" ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Hash_SetHashValue", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Hash_Sign( hHash, hMSigningKey, &pulSignatureLength, &prgbSignature ); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); exitCode = 1; } else { print_error_nonapi( function, result ); exitCode = 1; } } else { result = Tspi_Context_RegisterKey(hContext, hMSigningKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRK_UUID); if (result != TSS_SUCCESS) { print_error( "Tspi_Context_RegisterKey", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } print_success( function, result ); exitCode = 0; } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( exitCode ); }
int main_v1_1( void ) { char *function = "key_auth_chain02"; TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HKEY hKey0, hKey1, hKey2; TSS_RESULT result; TSS_HENCDATA hEncData; TSS_HPOLICY srkUsagePolicy, keyUsagePolicy; int temp; print_begin_test( function ); srand(time(0)); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); print_error_exit( function, err_string(result) ); exit( result ); } // Connect to Context result = Tspi_Context_Connect( hContext, NULL ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Connect", result ); goto done; } //Load Key By UUID result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, uuid_2, &hKey2 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result ); goto done; } result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_ENCDATA, TSS_ENCDATA_BIND, &hEncData ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (hEncData)", result ); goto done; } // Data Bind result = Tspi_Data_Bind( hEncData, hKey2, ulDataLength, rgbDataToBind ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Data_Bind", result ); goto done; } result = Tspi_Data_Unbind( hEncData, hKey2, &pulDataLength, &prgbDataToUnBind ); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); goto done; } else { print_error_nonapi( function, result ); goto done; } } else { if ((pulDataLength == ulDataLength) && !memcmp(prgbDataToUnBind, rgbDataToBind, pulDataLength)) print_success( function, result ); else{ printf("Data doesn't match"); print_error("Data doestn't match: Tspi_Data_Unbind", TSS_E_FAIL); } } #if 0 #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE, &srkUsagePolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetPolicyObject", result ); goto done; } //Set Secret result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); goto done; } #endif /* ######## Start Key 0 ######## */ result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_STORAGE | TSS_KEY_NO_AUTHORIZATION, &hKey0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (key 0)", result ); goto done; } result = Tspi_Key_CreateKey( hKey0, hSRK, 0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_CreateKey (key 0)", result ); goto done; } result = Tspi_Context_RegisterKey( hContext, hKey0, TSS_PS_TYPE_SYSTEM, uuid_0, TSS_PS_TYPE_SYSTEM, SRK_UUID ); if ( (result != TSS_SUCCESS) ) { print_error( "Tspi_Context_RegisterKey (uuid_0)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); goto done; } fprintf( stderr, "\t\tKey 0 Finished\n" ); /* ######## End Key 0 ######## */ /* ######## Start Key 1 ######## */ result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_AUTHORIZATION, &hKey1 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (key 1)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); goto done; } result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (hKey0)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); goto done; } result = Tspi_GetPolicyObject( hKey1, TSS_POLICY_USAGE, &keyUsagePolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetPolicyObject", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); goto done; } //Set Secret result = Tspi_Policy_SetSecret( keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE, TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); goto done; } result = Tspi_Key_CreateKey( hKey1, hKey0, 0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_CreateKey (key 1)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); goto done; } result = Tspi_Context_RegisterKey( hContext, hKey1, TSS_PS_TYPE_SYSTEM, uuid_1, TSS_PS_TYPE_SYSTEM, uuid_0 ); if ( (result != TSS_SUCCESS) ) { print_error( "Tspi_Context_RegisterKey (uuid_1)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); goto done; } fprintf( stderr, "\t\tKey 1 Finished\n" ); /* ######## End Key 1 ######## */ /* ######## Start Key 2 ######## */ result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_NO_AUTHORIZATION, &hKey2 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (key 2)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1); goto done; } result = Tspi_Key_LoadKey( hKey1, hKey0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (hKey1)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1); goto done; } result = Tspi_Key_CreateKey( hKey2, hKey1, 0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_CreateKey (key 2)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1); goto done; } result = Tspi_Context_RegisterKey( hContext, hKey2, TSS_PS_TYPE_SYSTEM, uuid_2, TSS_PS_TYPE_SYSTEM, uuid_1 ); if ( (result != TSS_SUCCESS) ) { print_error( "Tspi_Context_RegisterKey (uuid_2)", result ); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1); goto done; } fprintf( stderr, "\t\tKey 2 Finished\n" ); /* ######## End Key 2 ######## */ #endif Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); done: print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); }
int main(int argc, char **argv) { TSS_HKEY hKey, hSRK; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_RESULT result; TSS_HPOLICY hPolicy; TSS_HPCRS hPcrs; UINT32 ulPcrValueLength, subCap, subCapLength; UINT32 pulRespDataLength, numPcrs; BYTE *pNumPcrs, *rgbPcrValue, *uuidString, *pcrsSelectedValues[24]; int i, c, *pcrsSelected = NULL, numPcrsSelected = 0; TSS_UUID *uuid; BYTE wellknown[] = TSS_WELL_KNOWN_SECRET; while (1) { c = getopt(argc, argv, "p:"); if (c == -1) break; switch (c) { case 'p': numPcrsSelected++; pcrsSelected = realloc(pcrsSelected, (sizeof(int) * numPcrsSelected)); if (pcrsSelected == NULL) { PRINT_ERR("Malloc of %zd bytes failed.", (sizeof(int) * numPcrsSelected)); return -1; } pcrsSelected[numPcrsSelected - 1] = atoi(optarg); break; default: usage(argv[0]); break; } } if (numPcrsSelected == 0) printf("Warning: Key will not be bound to any PCR's!\n"); if (numPcrsSelected > 24) { PRINT_ERR("Too many PCRs selected! Exiting."); return -EINVAL; } result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Context_Create", result); return result; } result = Tspi_Context_Connect(hContext, NULL); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Context_Connect", result); Tspi_Context_Close(hContext); return result; } result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Context_GetTpmObject", result); Tspi_Context_Close(hContext); return result; } subCap = TSS_TPMCAP_PROP_PCR; subCapLength = sizeof(UINT32); result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_PROPERTY, subCapLength, (BYTE *)&subCap, &pulRespDataLength, &pNumPcrs ); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_TPM_GetCapability", result); Tspi_Context_Close(hContext); return result; } numPcrs = *(UINT32 *)pNumPcrs; for (i = 0; i < (int)numPcrsSelected; i++) { if (pcrsSelected[i] > (int)numPcrs) { fprintf(stderr, "%d: invalid PCR register. PCRs range " "from 0 - %u\n", pcrsSelected[i], numPcrs); return -1; } } result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0, &hPcrs); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Context_CreateObject", result); return result; } for (i = 0; i < numPcrsSelected; i++) { result = Tspi_TPM_PcrRead(hTPM, pcrsSelected[i], &ulPcrValueLength, &rgbPcrValue); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_TPM_PcrRead", result); Tspi_Context_Close(hContext); return result; } result = Tspi_PcrComposite_SetPcrValue(hPcrs, pcrsSelected[i], ulPcrValueLength, rgbPcrValue); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_PcrComposite_SetPcrValue", result ); Tspi_Context_Close( hContext ); return result; } pcrsSelectedValues[i] = rgbPcrValue; } result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Context_LoadKeyByUUID", result); Tspi_Context_Close(hContext); return result; } result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hPolicy); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_GetPolicyObject", result); Tspi_Context_Close(hContext); return result; } result = Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_SHA1, sizeof(wellknown), wellknown); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_GetPolicyObject", result); Tspi_Context_Close(hContext); return result; } result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, (TSS_KEY_TYPE_STORAGE | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE), &hKey); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); return result; } result = Tspi_Key_CreateKey(hKey, hSRK, hPcrs); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Key_CreateKey", result); Tspi_Context_Close(hContext); return result; } result = Tspi_TPM_GetRandom(hTPM, (UINT32)16, (BYTE **)&uuid); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_TPM_GetRandom", result); Tspi_Context_Close(hContext); return result; } result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_USER, *uuid, TSS_PS_TYPE_SYSTEM, SRK_UUID); if (result != TSS_SUCCESS) { PRINT_TSS_ERR("Tspi_Context_RegisterKey", result); Tspi_Context_Close(hContext); return result; } printf("Success: Key created bound to:\n"); for (i = 0; i < numPcrsSelected; i++) { uuidString = (unsigned char *) util_bytes_to_string((char *) pcrsSelectedValues[i], 20); if (uuidString == NULL) { PRINT_ERR("malloc of 41 bytes failed"); Tspi_Context_Close(hContext); return result; } printf("PCR %d: %s\n", pcrsSelected[i], uuidString); free(uuidString); Tspi_Context_FreeMemory(hContext, pcrsSelectedValues[i]); } uuidString = (BYTE *)util_bytes_to_string((char *)uuid, 16); if (uuidString == NULL) { PRINT_ERR("malloc of 33 bytes failed"); Tspi_Context_Close(hContext); return result; } printf("And registered in persistent storage with UUID " "(tspi_uuid parameter): %s\n", uuidString); Tspi_Context_FreeMemory(hContext, (BYTE *)uuid); free(uuidString); Tspi_Context_Close(hContext); return 0; }
int main(int argc, char **argv) { TSS_HCONTEXT hContext=0; TSS_HTPM hTPM = 0; TSS_RESULT result; TSS_HKEY hSRK = 0; TSS_HPOLICY hSRKPolicy=0; TSS_UUID SRK_UUID = TSS_UUID_SRK; BYTE wks[20]; memset(wks,0,20); TSS_HKEY hESS_Bind_Key; TSS_UUID ESS_BIND_UUID=BACKUP_KEY_UUID; TSS_HPOLICY hESS_Policy; TSS_FLAG initFlags; BYTE *pubKey; UINT32 pubKeySize; FILE *fout, *fin; result =Tspi_Context_Create(&hContext); DBG("Create a context", result); result=Tspi_Context_Connect(hContext, NULL); DBG("Connect to TPM", result); result=Tspi_Context_GetTpmObject(hContext, &hTPM); DBG("Get TPM handle", result); result=Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); DBG("Get SRK handle", result); result=Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy); DBG("Get SRK Policy", result); result=Tspi_Policy_SetSecret(hSRKPolicy,TSS_SECRET_MODE_SHA1, 20, wks); DBG("Tspi_Policy_SetSecret", result); result = Tspi_Context_CreateObject(hContext,TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hESS_Policy); DBG("Create a key policy object", result); result = Tspi_Policy_SetSecret(hESS_Policy, TSS_SECRET_MODE_SHA1, 20, wks); DBG("Set key policy object secret", result); initFlags = TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 | TSS_KEY_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hESS_Bind_Key); DBG("Create the key object", result); result = Tspi_SetAttribUint32(hESS_Bind_Key, TSS_TSPATTRIB_KEY_INFO, TSS_TSPATTRIB_KEYINFO_ENCSCHEME, TSS_ES_RSAESPKCSV15); DBG("Set the keys's padding type", result); result = Tspi_Policy_AssignToObject(hESS_Policy, hESS_Bind_Key); DBG("Assign the key's policy to the key", result); printf("Creating the key could take a while\n"); result = Tspi_Key_CreateKey(hESS_Bind_Key, hSRK, 0); DBG("Asking TPM to create the key", result); result = Tspi_Context_RegisterKey(hContext, hESS_Bind_Key, TSS_PS_TYPE_SYSTEM, ESS_BIND_UUID, TSS_PS_TYPE_SYSTEM, SRK_UUID); DBG("Registering the key for later retrieval", result); printf("Registering the key blob for later retrieval\r\n"); result = Tspi_Key_LoadKey(hESS_Bind_Key,hSRK); DBG("Loading key in TPM", result); result = Tspi_Key_GetPubKey(hESS_Bind_Key, &pubKeySize, &pubKey); DBG("Get Public portion of key", result); fout = fopen("BackupESSBindKey.pub", "wb"); if(fout != NULL) { write(fileno(fout), pubKey, pubKeySize); printf("Finished writing BackupESSBindKey.pub\n"); fclose(fout); } else { printf("Error opening XXXXXXXXXXXX \r\n"); } result = Tspi_Policy_FlushSecret(hESS_Policy); DBG("Policy flush secret", result); result = Tspi_Context_GetKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, ESS_BIND_UUID, &hESS_Bind_Key); DBG("Get key handle", result); printf("Unregistering key\r\n"); result = Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, ESS_BIND_UUID, &hESS_Bind_Key); DBG("Unregister key", result); // Load a key and bind data UINT32 ulDataLength; BYTE *rbgBoundData; BYTE newPubKey[1000], encData[1000]; TSS_HENCDATA hEncData; fin = fopen("BackupESSBindKey.pub", "r"); read(fileno(fin), newPubKey,284); if (fin == NULL) return 0; fclose(fin); result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hESS_Bind_Key); DBG("Tspi_Context_CreateObject BindKey", result); result = Tspi_SetAttribData(hESS_Bind_Key, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, 284,newPubKey); DBG("Set Public key into new key object", result); fin = fopen("data", "rb"); read(fileno(fin), encData, 7); fclose(fin); result=Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_ENCDATA, TSS_ENCDATA_BIND, &hEncData); DBG("Create Data Object", result); result = Tspi_Data_Bind(hEncData,hESS_Bind_Key,7,encData); DBG("Bind data", result); result = Tspi_GetAttribData(hEncData, TSS_TSPATTRIB_ENCDATA_BLOB, TSS_TSPATTRIB_ENCDATABLOB_BLOB, &ulDataLength,&rbgBoundData); DBG("Get encrypted data", result); fout = fopen("Bound.data", "wb"); write(fileno(fout),rbgBoundData,ulDataLength); fclose(fout); result = Tspi_Context_FreeMemory(hContext, NULL); DBG("Tspi Context Free Memory", result); result = Tspi_Context_Close(hContext); DBG("Tspi Context Close", result); return 0; }
int main_v1_1( void ) { char *function = "Tspi_Context_GetKeyByUUID04"; TSS_HKEY hSRK; TSS_HKEY hMSigningKey; TSS_UUID SRKUUID = {0,0,0,0,0,0,0,0,0,0,1}; TSS_UUID migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,2}; TSS_UUID wrongUUID = {4,1,5,2,2,6,6,3,4,8,0}; TSS_HCONTEXT hContext; TSS_RESULT result; TSS_HPOLICY srkUsagePolicy; UINT32 exitCode = 0; print_begin_test( function ); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); exit( result ); } // Connect to Context result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Connect", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // Load SRK result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE, &srkUsagePolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetPolicyObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Set Secret result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } #endif //Create Signing Key result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING, &hMSigningKey ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (signing key)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // Create signing key result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_CreateKey (signing key)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // register signing key; srk is parent result = Tspi_Context_RegisterKey( hContext, hMSigningKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRKUUID ); if ( (result != TSS_SUCCESS) && (TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED)) { print_error( "Tspi_Context_RegisterKey", result ); Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // get signing key result = Tspi_Context_GetKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, wrongUUID, &hMSigningKey ); if ( TSS_ERROR_CODE(result) != TSS_E_PS_KEY_NOTFOUND ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); exitCode = result; } else { print_error_nonapi( function, result ); exitCode = result; } } else { print_success( function, result ); } print_end_test( function ); Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( exitCode ); }
int main_v1_1(void){ char *nameOfFunction = "Tspi_Context_GetKeyByPublicInfo02"; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_FLAG initFlags; TSS_HKEY hKey; TSS_HKEY hSRK; TSS_RESULT result; TSS_UUID migratableSignUUID={1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2}; TSS_HPOLICY srkUsagePolicy, keyUsagePolicy; TSS_HKEY hMSigningKey; UINT32 ulPublicKeyLength = 2048; BYTE* rgbPublicKeyInfo; initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; TSS_FLAG wrongType; BYTE well_known_secret[20] = TSS_WELL_KNOWN_SECRET; wrongType = (TSS_PS_TYPE_SYSTEM + TSS_PS_TYPE_USER); print_begin_test(nameOfFunction); //Create result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); Tspi_Context_Close(hContext); exit(result); } //Connect result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect ", result); Tspi_Context_Close(hContext); exit(result); } //Get TPM Object result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetTpmObject ", result); Tspi_Context_Close(hContext); exit(result); } //Create Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject ", result); Tspi_Context_Close(hContext); exit(result); } //Load Key by UUID result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object for the srkUsagePolicy result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Set Secret for the srkUsagePolicy result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #endif //Create the hKey with the hSRK wrapping key result = Tspi_Key_CreateKey(hKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Register the hKey result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRK_UUID); if (result != TSS_SUCCESS && TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) { print_error("Tspi_Context_RegisterKey ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Create the hKey with the hSRK wrapping key result = Tspi_Context_CloseObject(hContext, hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CloseObject ", result); Tspi_Context_Close(hContext); exit(result); } //GetKeyByPublicInfo result = Tspi_Context_GetKeyByPublicInfo(hContext, wrongType, TSS_ALG_RSA, ulPublicKeyLength, rgbPublicKeyInfo, &hKey); if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) { if(!checkNonAPI(result)){ print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } else{ print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } else{ print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(0); } }