void getkeyblob(
unsigned char *auth_srk_value,
unsigned long auth_srk_size,
bool auth_srk_sha1,
unsigned char *auth_key_value,
unsigned long auth_key_size,
bool auth_key_sha1,
unsigned char *uuid_key_value,
unsigned char *&output_value,
unsigned long &output_size)
{
//establish a session
result = Tspi_Context_Connect(hcontext, 0);
if(result != TSS_SUCCESS) throw libhis_exception("Connect Context", result);
//get the TPM object
result = Tspi_Context_GetTpmObject(hcontext, &htpm);
if(result != TSS_SUCCESS) throw libhis_exception("Get TPM Object", result);
//load the SRK
TSS_UUID uuid_srk = TSS_UUID_SRK;
result = Tspi_Context_LoadKeyByUUID(hcontext, TSS_PS_TYPE_SYSTEM, uuid_srk, &hkey_srk);
if(result != TSS_SUCCESS) throw libhis_exception("Load SRK", result);
//set up SRK auth
if(auth_srk_sha1)
{
result = Tspi_Policy_SetSecret(hpolicy_srk, TSS_SECRET_MODE_SHA1, auth_srk_size, auth_srk_value);
if(result != TSS_SUCCESS) throw libhis_exception("Set SRK Secret SHA1", result);
}
else
{
result = Tspi_Policy_SetSecret(hpolicy_srk, TSS_SECRET_MODE_PLAIN, auth_srk_size, auth_srk_value);
if(result != TSS_SUCCESS) throw libhis_exception("Set SRK Secret Plain", result);
}
//assign the SRK auth
result = Tspi_Policy_AssignToObject(hpolicy_srk, hkey_srk);
if(result != TSS_SUCCESS) throw libhis_exception("Assign SRK Secret", result);
//Set up the key UUID
hextouuid(uuid_key_value, uuid_key);
//Get the key by UUID
result = Tspi_Context_GetKeyByUUID(hcontext, TSS_PS_TYPE_SYSTEM, uuid_key, &hkey_key);
if(result != TSS_SUCCESS) throw libhis_exception("Get key by UUID", result);
//set up key auth
if(auth_key_sha1)
{
result = Tspi_Policy_SetSecret(hpolicy_key, TSS_SECRET_MODE_SHA1, auth_key_size, auth_key_value);
if(result != TSS_SUCCESS) throw libhis_exception("Set key Secret SHA1", result);
}
else
{
result = Tspi_Policy_SetSecret(hpolicy_key, TSS_SECRET_MODE_PLAIN, auth_key_size, auth_key_value);
if(result != TSS_SUCCESS) throw libhis_exception("Set key Secret Plain", result);
}
//assign the key auth
result = Tspi_Policy_AssignToObject(hpolicy_key, hkey_key);
if(result != TSS_SUCCESS) throw libhis_exception("Assign key Secret", result);
//Unwrap the key
result = Tspi_Key_LoadKey(hkey_key, hkey_srk);
if(result != TSS_SUCCESS) throw libhis_exception("Unwrap key", result);
//get the keyblob
UINT32 size;
BYTE *value;
result = Tspi_GetAttribData(hkey_key, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_BLOB, &size, &value);
if(result != TSS_SUCCESS) throw libhis_exception("Get keyblob", result);
//copy out the results
output_size = size;
output_value = new unsigned char[size];
for(unsigned long i = 0; i < size; i++)
output_value[i] = value[i];
//clean up dynamic memory
result = Tspi_Context_FreeMemory(hcontext, value);
if(result != TSS_SUCCESS) throw libhis_exception("Cleanup dynamic memory", result);
return;
}
int
main_v1_2(char version)
{
char *nameOfFunction = "Tspi_Nv_ReadValue08";
TSS_HCONTEXT hContext = NULL_HCONTEXT;
TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE
TSS_HOBJECT hPolObject = NULL_HOBJECT;
TSS_HPOLICY hPolicy = NULL_HPOLICY;
TSS_HTPM hTPM = NULL_HTPM;
UINT32 read_space = 9;
TSS_RESULT result;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext,NULL);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Create TPM NV object */
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#ifdef NV_LOCKED
/* Get TPM object */
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Context_GetTpmObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy);
if (result != TSS_SUCCESS)
{
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set password */
result = Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Policy_SetSecret", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
/* Set the index to be defined. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011149);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting NV index", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set the permission for the index. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_PERMISSIONS, 0, 0x2000);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting permission", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set the data size to be defined. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_DATASIZE, 0, 0xa);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting data size", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/*Define NV space*/
result = Tspi_NV_DefineSpace(hNVStore, 0, 0);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext,NULL);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Create TPM NV object */
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set the index to be defined. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011149);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting NV index", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_NV_ReadValue(hNVStore,/*read_offset*/0, &read_space, NULL);
#ifdef CLEAR_TEST_INDEX
Tspi_Context_GetTpmObject(hContext, &hTPM);
Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy);
Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
Tspi_NV_ReleaseSpace(hNVStore);
#endif
#ifdef NV_LOCKED
if (TSS_ERROR_CODE(result)== TSS_E_BAD_PARAMETER)
{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(0);
}
else{
print_error("Tspi_NV_ReadValue", result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
if ( result == TSS_SUCCESS )
exit(-1);
exit(result);
}
#else
if (TSS_ERROR_CODE(result)== TSS_E_BAD_PARAMETER)
{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(0);
}
else{
print_error("Tspi_NV_ReadValue", result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
if ( result == TSS_SUCCESS )
exit(-1);
exit(result);
}
#endif
}
int main_v1_2(char version)
{
char *function = "Tspi_Data_Unseal01";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK, hKey;
TSS_HTPM hTPM;
TSS_HPOLICY hKeyPolicy, hEncUsagePolicy, hSRKPolicy;
BYTE rgbDataToSeal[DATA_SIZE];
BYTE *rgbPcrValue;
UINT32 ulPcrLen;
TSS_HENCDATA hEncData;
BYTE *prgbDataToUnseal;
TSS_HPCRS hPcrComposite;
UINT32 BlobLength;
UINT32 ulDataLength = DATA_SIZE, ulNewDataLength;
TSS_UUID uuid;
TSS_RESULT result;
TSS_FLAG initFlags = TSS_KEY_TYPE_STORAGE | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(function);
memset(rgbDataToSeal, 0x5d, DATA_SIZE);
// Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
// Connect to Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// create hKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_SEAL, &hEncData);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hEncData)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// get the use policy for the encrypted data to set its secret
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE,
&hEncUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Policy_SetSecret(hEncUsagePolicy, TESTSUITE_ENCDATA_SECRET_MODE,
TESTSUITE_ENCDATA_SECRET_LEN, TESTSUITE_ENCDATA_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret (hEncUsagePolicy)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// Assign the use policy to the object
result = Tspi_Policy_AssignToObject(hEncUsagePolicy, hEncData);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
// set the SRK auth data
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Policy_SetSecret(hSRKPolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN,
TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret (hSRKPolicy)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
// set the new key's authdata
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE,
&hKeyPolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Policy_SetSecret(hKeyPolicy, TESTSUITE_KEY_SECRET_MODE, TESTSUITE_KEY_SECRET_LEN,
TESTSUITE_KEY_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret (hKeyPolicy)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// Assign the use policy to the object
result = Tspi_Policy_AssignToObject(hKeyPolicy, hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// create the key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_LoadKey (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS,
TSS_PCRS_STRUCT_INFO_LONG, &hPcrComposite);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hPcrComposite)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#define PCR_NUM 5
result = Tspi_TPM_PcrRead(hTPM, PCR_NUM, &ulPcrLen, &rgbPcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_PcrRead", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_PcrComposite_SetPcrValue(hPcrComposite, PCR_NUM, ulPcrLen,
rgbPcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_PcrComposite_SetPcrValue", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_FreeMemory(hContext, rgbPcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_FreeMemory", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_PcrComposite_SetPcrLocality(hPcrComposite, TPM_LOC_ZERO);
if (result != TSS_SUCCESS) {
print_error("Tspi_PcrComposite_SetPcrValue", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// Tell the TSS to mask the data before sending
result = Tspi_SetAttribUint32(hEncData, TSS_TSPATTRIB_ENCDATA_SEAL,
TSS_TSPATTRIB_ENCDATASEAL_PROTECT_MODE,
TSS_TSPATTRIB_ENCDATA_SEAL_PROTECT);
if (result != TSS_SUCCESS) {
print_error("Tspi_SetAttribUint32", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// Data Seal
result =
Tspi_Data_Seal(hEncData, hKey, ulDataLength, rgbDataToSeal, hPcrComposite);
if (result != TSS_SUCCESS) {
print_error("Tspi_Data_Seal", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Data_Unseal(hEncData, hKey, &ulNewDataLength, &prgbDataToUnseal);
if (result != TSS_SUCCESS) {
if (!(checkNonAPI(result))) {
print_error(function, result);
} else {
print_error_nonapi(function, result);
}
} else {
if (ulDataLength != ulNewDataLength) {
printf
("ERROR length of returned data doesn't match!\n");
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
} else
if (memcmp
(prgbDataToUnseal, rgbDataToSeal, ulDataLength)) {
printf
("ERROR data returned from unseal doesn't match!\n");
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Context_FreeMemory(hContext, prgbDataToUnseal);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_FreeMemory ", result);
Tspi_Context_Close(hContext);
exit(result);
}
print_success(function, result);
}
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* initialisation function */
static int tpm_engine_init(ENGINE * e)
{
TSS_RESULT result;
DBG("%s", __FUNCTION__);
#ifdef DLOPEN_TSPI
if (tpm_dso != NULL) {
TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_ALREADY_LOADED);
return 1;
}
if ((tpm_dso = DSO_load(NULL, TPM_LIBNAME, NULL, 0)) == NULL) {
TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_DSO_FAILURE);
goto err;
}
#define bind_tspi_func(dso, func) (p_tspi_##func = (void *)DSO_bind_func(dso, "Tspi_" #func))
if (!bind_tspi_func(tpm_dso, Context_Create) ||
!bind_tspi_func(tpm_dso, Context_Close) ||
!bind_tspi_func(tpm_dso, Context_Connect) ||
!bind_tspi_func(tpm_dso, TPM_GetRandom) ||
!bind_tspi_func(tpm_dso, Key_CreateKey) ||
!bind_tspi_func(tpm_dso, Data_Bind) ||
!bind_tspi_func(tpm_dso, Data_Unbind) ||
!bind_tspi_func(tpm_dso, Context_CreateObject) ||
!bind_tspi_func(tpm_dso, Context_FreeMemory) ||
!bind_tspi_func(tpm_dso, Key_LoadKey) ||
!bind_tspi_func(tpm_dso, Context_LoadKeyByUUID) ||
!bind_tspi_func(tpm_dso, GetAttribData) ||
!bind_tspi_func(tpm_dso, Hash_Sign) ||
!bind_tspi_func(tpm_dso, Context_CloseObject) ||
!bind_tspi_func(tpm_dso, Hash_SetHashValue) ||
!bind_tspi_func(tpm_dso, SetAttribUint32) ||
!bind_tspi_func(tpm_dso, GetPolicyObject) ||
!bind_tspi_func(tpm_dso, Policy_SetSecret) ||
!bind_tspi_func(tpm_dso, TPM_StirRandom) ||
!bind_tspi_func(tpm_dso, Context_LoadKeyByBlob) ||
!bind_tspi_func(tpm_dso, Context_GetTpmObject) ||
!bind_tspi_func(tpm_dso, GetAttribUint32) ||
!bind_tspi_func(tpm_dso, SetAttribData) ||
!bind_tspi_func(tpm_dso, Policy_AssignToObject)
) {
TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_DSO_FAILURE);
goto err;
}
#endif /* DLOPEN_TSPI */
if ((result = Tspi_Context_Create(&hContext))) {
TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE);
goto err;
}
/* XXX allow dest to be specified through pre commands */
if ((result = Tspi_Context_Connect(hContext, NULL))) {
TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE);
goto err;
}
if ((result = Tspi_Context_GetTpmObject(hContext, &hTPM))) {
TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE);
goto err;
}
tpm_rsa.rsa_mod_exp = RSA_PKCS1_SSLeay()->rsa_mod_exp;
return 1;
err:
if (hContext != NULL_HCONTEXT) {
Tspi_Context_Close(hContext);
hContext = NULL_HCONTEXT;
hTPM = NULL_HTPM;
}
#ifdef DLOPEN_TSPI
if (tpm_dso) {
DSO_free(tpm_dso);
tpm_dso = NULL;
}
p_tspi_Context_Create = NULL;
p_tspi_Context_Close = NULL;
p_tspi_Context_Connect = NULL;
p_tspi_Context_FreeMemory = NULL;
p_tspi_Context_LoadKeyByBlob = NULL;
p_tspi_Context_LoadKeyByUUID = NULL;
p_tspi_Context_GetTpmObject = NULL;
p_tspi_Context_CloseObject = NULL;
p_tspi_Key_CreateKey = NULL;
p_tspi_Key_LoadKey = NULL;
p_tspi_Data_Bind = NULL;
p_tspi_Data_Unbind = NULL;
p_tspi_Hash_SetHashValue = NULL;
p_tspi_Hash_Sign = NULL;
p_tspi_GetAttribData = NULL;
p_tspi_SetAttribData = NULL;
p_tspi_GetAttribUint32 = NULL;
p_tspi_SetAttribUint32 = NULL;
p_tspi_GetPolicyObject = NULL;
p_tspi_Policy_SetSecret = NULL;
p_tspi_Policy_AssignToObject = NULL;
p_tspi_TPM_StirRandom = NULL;
p_tspi_TPM_GetRandom = NULL;
#endif
return 0;
}
main_v1_1(void)
{
char *nameOfFunction = "Tspi_Key_CreateKey03";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID uuid;
BYTE *randomData;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
BYTE well_known_secret[20] = TSS_WELL_KNOWN_SECRET;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM, SRK_UUID,
&hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result =
Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result =
Tspi_Policy_SetSecret(srkUsagePolicy,
TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN,
TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Get Policy Object
result =
Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &keyUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(keyUsagePolicy,
TSS_SECRET_MODE_SHA1, 20,
well_known_secret);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Create Key
result = Tspi_Key_CreateKey(-1, hSRK, 0);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if (!checkNonAPI(result)) {
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
} else {
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
} else {
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int main(int argc,char **argv)
{
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HKEY hSRK=0;
TSS_HPOLICY hSRKPolicy=0;
TSS_UUID SRK_UUID=TSS_UUID_SRK;
BYTE wks[20]; //For the well known secret
// Set wks to the well known secret: 20 bytes of all 0’s
memset(wks,0,20);
//Pick the TPM you are talking to.
// In this case, it is the system TPM (indicated with NULL).
result = Tspi_Context_Create( &hContext);
DBG("Create Context",result);
result = Tspi_Context_Connect(hContext, NULL);
DBG("Context Connect�",result);
// Get the TPM handle
result=Tspi_Context_GetTpmObject(hContext,&hTPM);
DBG("Get TPM Handle",result);
// Get the SRK handle
result=Tspi_Context_LoadKeyByUUID(hContext,TSS_PS_TYPE_SYSTEM,SRK_UUID,&hSRK);
DBG("Got the SRK handle�", result);
//Get the SRK policy
result = Tspi_GetPolicyObject(hSRK,TSS_POLICY_USAGE,&hSRKPolicy);
DBG("Got the SRK policy",result);
//Then set the SRK policy to be the well known secret
result=Tspi_Policy_SetSecret(hSRKPolicy,TSS_SECRET_MODE_SHA1,20,wks);
//Note: TSS SECRET MODE SHA1 says ”Don’t hash this.
// Use the 20 bytes as they are.
DBG("Set the SRK secret in its policy",result);
//Do something usefull
UINT32 ulDataLength;
TSS_HKEY hESS_Bind_Key;
FILE * fin;
FILE * fout;
TSS_HENCDATA hEncData;
TSS_UUID MY_UUID=BACKUP_KEY_UUID;
BYTE encryptedData[256];
BYTE * decryptedData;
BYTE pass123[3];
memset(pass123,0,3);
//Read in the encrypted data from the file
fin=fopen("data/AES.key.enc","rb");
read(fileno(fin),encryptedData,ulDataLength);
fclose(fin);
// Create a data object , fill it with clear text and then bind it.
result=Tspi_Context_CreateObject(hContext,TSS_OBJECT_TYPE_ENCDATA,TSS_ENCDATA_BIND,&hEncData);
DBG("Create Data object",result);
result = Tspi_Context_GetKeyByUUID(hContext,TSS_PS_TYPE_SYSTEM,MY_UUID,&hESS_Bind_Key);
DBG("Get unbinding key",result);
result = Tspi_Key_LoadKey(hESS_Bind_Key,hSRK);
DBG("Loaded Key",result);
TSS_HPOLICY hBackup_Policy;
// Create a policy for the new key. Set its password to ?~@~\123?~@~]
result=Tspi_Context_CreateObject(hContext,TSS_OBJECT_TYPE_POLICY,TSS_POLICY_USAGE, &hBackup_Policy);
DBG("Create a backup policy object",result);
result=Tspi_Policy_SetSecret(hBackup_Policy,TSS_SECRET_MODE_PLAIN,3,pass123);
DBG("Set backup policy object secret",result);
// Assign the key?~@~Ys policy to the key object
result=Tspi_Policy_AssignToObject( hBackup_Policy,hESS_Bind_Key);
DBG("Assign the keys policy to the key", result);
result = Tspi_SetAttribData(hEncData,TSS_TSPATTRIB_ENCDATA_BLOB,TSS_TSPATTRIB_ENCDATABLOB_BLOB,256,encryptedData);
DBG("Load Data",result);
// Use the Unbinding key to decrypt the encrypted data
// in the BindData object, and return it
result=Tspi_Data_Unbind(hEncData,hESS_Bind_Key,&ulDataLength,&decryptedData);
DBG("Unbind",result);
fout=fopen("data/originalAES.key", "wb");
write(fileno(fout),decryptedData,ulDataLength);
fclose(fout);
//Done doing something usefull
// Context Close(hobjects you have created);
Tspi_Context_FreeMemory(hContext,NULL);
// This frees up memory automatically allocated for you.
Tspi_Context_Close(hContext);
return 0;
}
main_v1_1(void){
char *nameOfFunction = "dump_event_log";
TSS_HCONTEXT hContext;
TSS_RESULT result;
TSS_HTPM hTPM;
UINT32 ulEventNumber, i, j;
TSS_PCR_EVENT* PCREvents;
print_begin_test(nameOfFunction);
//Create Result
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Connect Result
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect ", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject ", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Get Event
result = Tspi_TPM_GetEventLog(hTPM, &ulEventNumber,
&PCREvents);
if (result != TSS_SUCCESS) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
}
}
printf("There are %d events:\n", ulEventNumber);
printf("PCR SHA1\t\t\t\t Type Name\n");
for (i = 0; i < ulEventNumber; i++) {
printf("%*d ", 3, PCREvents[i].ulPcrIndex);
for (j=0; j<PCREvents[i].ulPcrValueLength; j++)
printf("%02x", PCREvents[i].rgbPcrValue[j] & 0xff);
if (j < 20)
while (j < 20) {
printf(" ");
j++;
}
printf(" %*d ", 4, PCREvents[i].eventType);
if (PCREvents[i].ulEventLength == 0)
printf("NONE\n");
else
for (j=0; j<PCREvents[i].ulEventLength; j++)
printf("%c", PCREvents[i].rgbEvent[j] & 0xff);
printf("\n");
}
}
int
main_v1_2( char version )
{
char *function = "policy_check_lifetime02";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HPOLICY hPolicy;
TSS_BOOL state;
TSS_RESULT result;
UINT32 remainingUsages;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject( hTPM, TSS_POLICY_USAGE, &hPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Sets the policy Lifetime Counter
result = Tspi_SetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_COUNTER, COUNTER);
if (result != TSS_SUCCESS){
print_error("Tspi_SetAttribUint32", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Sets the secret and fires the counter
result = Tspi_Policy_SetSecret( hPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//First two GetStatus calls: the Policy should not be expired yet
//Get status - first call (remainingUsages = COUNTER -1
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_SETOWNERINSTALL,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(1)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get status - second call (remainingUsages = COUNTER -2)
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_DISABLEPUBEKREAD,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(2)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get status - third call (remainingUsages = COUNTER -3)
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_OWNERSETDISABLE,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(3)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Ensure Secret usages reached 0
result = Tspi_GetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_COUNTER, &remainingUsages);
if ( result != TSS_SUCCESS || (remainingUsages)){
if (remainingUsages){
fprintf( stderr, "\tError: Secret usages did not reach zero: (%u)\n",
remainingUsages );
print_error( function, result );
}else{
print_error( "Tspi_GetAttribUint32", result );
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get status - fourth call with secret expired (remainingUsages = COUNTER -3)
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_OWNERSETDISABLE,
&state );
if ( Trspi_Error_Code(result) != TSS_E_INVALID_OBJ_ACCESS )
{
print_error( "Tspi_TPM_GetStatus(4)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Set secret again and reset policy lifetime counter
result = Tspi_Policy_SetSecret( hPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_COUNTER, &remainingUsages);
if ( result != TSS_SUCCESS || (remainingUsages != COUNTER)){
if (remainingUsages != COUNTER){
fprintf( stderr, "\tError: Secret usages counter wasn't reset: (%u)\n",
remainingUsages );
print_error( function, result );
}else{
print_error( "Tspi_GetAttribUint32", result );
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_SETOWNERINSTALL,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(5)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
print_success( function, result);
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
int main(int argc, char **argv)
{
TSS_HCONTEXT hContext=0;
TSS_HTPM hTPM = 0;
TSS_RESULT result;
TSS_HKEY hSRK = 0;
TSS_HPOLICY hSRKPolicy=0;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
BYTE wks[20];
memset(wks,0,20);
TSS_HKEY hESS_Bind_Key;
TSS_UUID ESS_BIND_UUID=BACKUP_KEY_UUID;
TSS_HPOLICY hESS_Policy;
TSS_FLAG initFlags;
BYTE *pubKey;
UINT32 pubKeySize;
FILE *fout, *fin;
result =Tspi_Context_Create(&hContext);
DBG("Create a context", result);
result=Tspi_Context_Connect(hContext, NULL);
DBG("Connect to TPM", result);
result=Tspi_Context_GetTpmObject(hContext, &hTPM);
DBG("Get TPM handle", result);
result=Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
DBG("Get SRK handle", result);
result=Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy);
DBG("Get SRK Policy", result);
result=Tspi_Policy_SetSecret(hSRKPolicy,TSS_SECRET_MODE_SHA1, 20, wks);
DBG("Tspi_Policy_SetSecret", result);
result = Tspi_Context_CreateObject(hContext,TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_USAGE, &hESS_Policy);
DBG("Create a key policy object", result);
result = Tspi_Policy_SetSecret(hESS_Policy, TSS_SECRET_MODE_SHA1,
20, wks);
DBG("Set key policy object secret", result);
initFlags = TSS_KEY_TYPE_BIND |
TSS_KEY_SIZE_2048 |
TSS_KEY_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hESS_Bind_Key);
DBG("Create the key object", result);
result = Tspi_SetAttribUint32(hESS_Bind_Key,
TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
TSS_ES_RSAESPKCSV15);
DBG("Set the keys's padding type", result);
result = Tspi_Policy_AssignToObject(hESS_Policy, hESS_Bind_Key);
DBG("Assign the key's policy to the key", result);
printf("Creating the key could take a while\n");
result = Tspi_Key_CreateKey(hESS_Bind_Key,
hSRK, 0);
DBG("Asking TPM to create the key", result);
result = Tspi_Context_RegisterKey(hContext,
hESS_Bind_Key,
TSS_PS_TYPE_SYSTEM,
ESS_BIND_UUID,
TSS_PS_TYPE_SYSTEM,
SRK_UUID);
DBG("Registering the key for later retrieval", result);
printf("Registering the key blob for later retrieval\r\n");
result = Tspi_Key_LoadKey(hESS_Bind_Key,hSRK);
DBG("Loading key in TPM", result);
result = Tspi_Key_GetPubKey(hESS_Bind_Key,
&pubKeySize, &pubKey);
DBG("Get Public portion of key", result);
fout = fopen("BackupESSBindKey.pub", "wb");
if(fout != NULL) {
write(fileno(fout), pubKey, pubKeySize);
printf("Finished writing BackupESSBindKey.pub\n");
fclose(fout);
}
else {
printf("Error opening XXXXXXXXXXXX \r\n");
}
result = Tspi_Policy_FlushSecret(hESS_Policy);
DBG("Policy flush secret", result);
result = Tspi_Context_GetKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
ESS_BIND_UUID,
&hESS_Bind_Key);
DBG("Get key handle", result);
printf("Unregistering key\r\n");
result = Tspi_Context_UnregisterKey(hContext,
TSS_PS_TYPE_SYSTEM,
ESS_BIND_UUID,
&hESS_Bind_Key);
DBG("Unregister key", result);
// Load a key and bind data
UINT32 ulDataLength;
BYTE *rbgBoundData;
BYTE newPubKey[1000], encData[1000];
TSS_HENCDATA hEncData;
fin = fopen("BackupESSBindKey.pub", "r");
read(fileno(fin), newPubKey,284);
if (fin == NULL)
return 0;
fclose(fin);
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hESS_Bind_Key);
DBG("Tspi_Context_CreateObject BindKey", result);
result = Tspi_SetAttribData(hESS_Bind_Key,
TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY,
284,newPubKey);
DBG("Set Public key into new key object", result);
fin = fopen("data", "rb");
read(fileno(fin), encData, 7);
fclose(fin);
result=Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_BIND,
&hEncData);
DBG("Create Data Object", result);
result = Tspi_Data_Bind(hEncData,hESS_Bind_Key,7,encData);
DBG("Bind data", result);
result = Tspi_GetAttribData(hEncData,
TSS_TSPATTRIB_ENCDATA_BLOB,
TSS_TSPATTRIB_ENCDATABLOB_BLOB,
&ulDataLength,&rbgBoundData);
DBG("Get encrypted data", result);
fout = fopen("Bound.data", "wb");
write(fileno(fout),rbgBoundData,ulDataLength);
fclose(fout);
result = Tspi_Context_FreeMemory(hContext, NULL);
DBG("Tspi Context Free Memory", result);
result = Tspi_Context_Close(hContext);
DBG("Tspi Context Close", result);
return 0;
}
int
main_v1_1(void){
char *nameOfFunction = "Tspi_Context_GetKeyByPublicInfo02";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID migratableSignUUID={1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2};
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
TSS_HKEY hMSigningKey;
UINT32 ulPublicKeyLength = 2048;
BYTE* rgbPublicKeyInfo;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
TSS_FLAG wrongType;
BYTE well_known_secret[20] = TSS_WELL_KNOWN_SECRET;
wrongType = (TSS_PS_TYPE_SYSTEM + TSS_PS_TYPE_USER);
print_begin_test(nameOfFunction);
//Create
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Connect
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key by UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object for the srkUsagePolicy
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret for the srkUsagePolicy
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create the hKey with the hSRK wrapping key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Register the hKey
result = Tspi_Context_RegisterKey(hContext,
hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID,
TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS &&
TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) {
print_error("Tspi_Context_RegisterKey ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create the hKey with the hSRK wrapping key
result = Tspi_Context_CloseObject(hContext, hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CloseObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//GetKeyByPublicInfo
result = Tspi_Context_GetKeyByPublicInfo(hContext,
wrongType, TSS_ALG_RSA,
ulPublicKeyLength,
rgbPublicKeyInfo, &hKey);
if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int main(int argc, char *argv[])
{
int rc;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
int i;
unsigned int pcr_len = 0;
unsigned char *pcr_value;
unsigned char sha1[20];
/* The argument being the executable */
if (argc <= 1) {
printf("Must give atleast one argument\n");
exit(1);
}
/* Find out the currently running kernel and return its hash */
rc = get_kernel(sha1);
if (rc != 0) {
printf("Kernel read failed\n");
exit(1);
}
/* Start creating the TSS context */
rc = Tspi_Context_Create(&hContext);
if (rc != TSS_SUCCESS)
printf("Context creation failed!\n");
rc = Tspi_Context_Connect(hContext, NULL);
if (rc != TSS_SUCCESS)
printf("Context connection failed!\n");
rc = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (rc != TSS_SUCCESS)
printf("Getting TPM Object failed\n");
rc = Tspi_TPM_PcrRead(hTPM, 16, &pcr_len, &pcr_value);
printf("Length of data read: %d\n", pcr_len);
for (i = 0; i < pcr_len; i++)
printf("%x ", pcr_value[i]);
printf("\n");
/* Trousers wonkiness - have to pass SHA1 hash */
rc = Tspi_TPM_PcrExtend(hTPM, 16, 20, sha1, NULL,
&pcr_len, &pcr_value);
if (rc != TSS_SUCCESS) {
printf("Kernel Extend failed : %d\n", rc);
}
/* argv[1] is the path to secure_daemon */
rc = get_hash(argv[1], sha1);
if (rc != 0)
exit(1);
rc = Tspi_TPM_PcrExtend(hTPM, 16, 20, sha1, NULL,
&pcr_len, &pcr_value);
if (rc != TSS_SUCCESS) {
printf("Secure Daemon Extend failed : %d\n", rc);
}
printf("Length of extended PCR value: %d\n", pcr_len);
for (i = 0; i < pcr_len; i++)
printf("%x ", pcr_value[i]);
printf("\n");
free(pcr_value);
Tspi_Context_Close(hContext);
return 0;
}
int
main_v1_2( char version )
{
char *function = "policy_check_lifetime04";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HPOLICY hPolicy;
TSS_BOOL state;
TSS_RESULT result;
UINT32 remainingTimer;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject( hTPM, TSS_POLICY_USAGE, &hPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Sets the policy Lifetime Timer
result = Tspi_SetAttribUint32( hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_TIMER, TIMER );
if (result != TSS_SUCCESS){
print_error("Tspi_SetAttribUint32", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Sets the secret and fires the timer
result = Tspi_Policy_SetSecret( hPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Ensure Secret usages is not always
result = Tspi_GetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_ALWAYS, &remainingTimer);
if ( result != TSS_SUCCESS || (remainingTimer) ){
if ( remainingTimer ){
fprintf( stderr, "\tError: Policy Usage is set as always: (%u)\n",
remainingTimer );
print_error( function, result );
}else{
print_error( "Tspi_Policy_SetSecret", result );
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get status - first call within TIMER seconds
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_SETOWNERINSTALL,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(1)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Sleeps for TIMER - 3 seconds
fprintf( stdout, "Sleeping for %u seconds\n", TIMER-3);
sleep( TIMER - 3 );
//Ensures the usage timer has decremented
result = Tspi_GetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_TIMER, &remainingTimer);
if ( result != TSS_SUCCESS || (remainingTimer <= TIMER-3)){
if ( remainingTimer <= TIMER-3 ){
fprintf( stderr, "\tError: Invalid policy timer after usage: (%u)\n",
remainingTimer );
print_error( function, result );
}else{
print_error( "Tspi_GetAttribUint32", result );
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Sets the policy Lifetime as always
result = Tspi_SetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_ALWAYS, 0);
if (result != TSS_SUCCESS){
print_error("Tspi_SetAttribUint32", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Ensure Secret usages is always
result = Tspi_GetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_ALWAYS, &remainingTimer);
if ( result != TSS_SUCCESS || (!remainingTimer) ){
if ( !remainingTimer ){
fprintf( stderr, "\tError: Policy Usage is not set as always: (%u)\n",
remainingTimer );
print_error( function, result );
}else{
print_error( "Tspi_GetAttribUint32", result );
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get status - second call
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_OWNERSETDISABLE,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(2)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get status - third call
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_OWNERSETDISABLE,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(3)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get status - fourth call
result = Tspi_TPM_GetStatus( hTPM, TSS_TPMSTATUS_SETOWNERINSTALL,
&state );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetStatus(4)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Ensure Secret usages is always
result = Tspi_GetAttribUint32(hPolicy, TSS_TSPATTRIB_POLICY_SECRET_LIFETIME,
TSS_TSPATTRIB_POLSECRET_LIFETIME_ALWAYS, &remainingTimer);
if ( result != TSS_SUCCESS || (!remainingTimer) ){
if ( !remainingTimer ){
fprintf( stderr, "\tError: Policy Usage is not set as always: (%u)\n",
remainingTimer );
print_error( function, result );
}else{
print_error( "Tspi_GetAttribUint32", result );
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
print_success( function, result);
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
int
main_v1_2(char version)
{
char *nameOfFunction = "Tspi_nv_WriteValue-trans02";
TSS_HCONTEXT hContext = NULL_HCONTEXT;
TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE
TSS_HOBJECT hPolObject = NULL_HOBJECT;
TSS_HPOLICY hPolicy = NULL_HPOLICY;
TSS_HTPM hTPM = NULL_HTPM;
BYTE *auth = "123456";
UINT32 auth_length = 6;
BYTE *data = "1234567890";
TSS_RESULT result;
TSS_HKEY hSigningKey, hWrappingKey, hSRK;
print_begin_test(nameOfFunction);
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey,
&hSigningKey);
if (result != TSS_SUCCESS) {
print_error("Testsuite_Transport_Init", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* Create TPM NV object */
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Create policy object for the NV object*/
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hPolObject);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set password */
result = Tspi_Policy_SetSecret(hPolObject, TSS_SECRET_MODE_PLAIN, auth_length, auth);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set password */
result = Tspi_Policy_AssignToObject(hPolObject, hNVStore);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set the index to be defined. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011131);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting NV index", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set the permission for the index. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_PERMISSIONS, 0, 0x4);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting permission", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set the data size to be defined. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_DATASIZE, 0, 0xa);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting data size", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/*Define NV space*/
result = Tspi_NV_DefineSpace(hNVStore, 0, 0);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext,NULL);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Create TPM NV object */
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* Set the index to be defined. */
result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011131);
if (result != TSS_SUCCESS)
{
print_error("Tspi_SetAttribUint32 for setting NV index", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_NV_WriteValue(hNVStore, /*offset*/0,/*datalength*/10, data);
#ifdef CLEAR_TEST_INDEX
Tspi_Context_GetTpmObject(hContext, &hTPM);
Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy);
Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
Tspi_NV_ReleaseSpace(hNVStore);
#endif
#ifdef NV_LOCKED
if (TSS_ERROR_CODE(result)== TPM_E_AUTH_CONFLICT)
#else
if (TSS_ERROR_CODE(result)== TSS_SUCCESS)
#endif
{
print_error("Tspi_NV_WriteValue", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Testsuite_Transport_Final(hContext, hSigningKey);
if (TSS_ERROR_CODE(result)== TSS_SUCCESS)
{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(0);
} else {
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
if ( result == TSS_SUCCESS )
exit(-1);
exit(result);
}
}
int
main_v1_1( void )
{
char *function = "Tspi_Context_RegisterKey05";
TSS_HKEY hSRK;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
int i;
BYTE *rand;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
/* initialize the struct */
for (i = 0; i < NUM_KEYS; i++)
{
result = Tspi_TPM_GetRandom( hTPM, sizeof(TSS_UUID), &rand);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetRandom", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
memcpy(&hKey[i].uuid, rand, sizeof(TSS_UUID));
Tspi_Context_FreeMemory(hContext, rand);
hKey[i].registered = hKey[i].handle = 0;
}
// Load SRK
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
// Get SRK Usage Policy
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// set secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret (1)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
/* create NUM_KEYS keys */
for (i = 0; i < NUM_KEYS; i++)
{
// create object
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING,
&hKey[i].handle );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// create signing key
result = Tspi_Key_CreateKey( hKey[i].handle, hSRK, 0 );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Key_CreateKey", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
}
/* all in order */
for (i = 0; i < NUM_KEYS; i++)
{
if ((result = registerkey(i))) {
printf("%d: registerkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
for (i = 0; i < NUM_KEYS; i++)
{
if ((result = unregisterkey(i))) {
printf("%d: unregisterkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
/* backwards */
for (i = 0; i < NUM_KEYS; i++)
{
if ((result = registerkey(i))) {
printf("%d: registerkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
for (i = NUM_KEYS-1; i >= 0; i--)
{
if ((result = unregisterkey(i))) {
printf("%d: unregisterkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
print_end_test( function );
cleanup:
for (i = 0; i < NUM_KEYS; i++) {
if (hKey[i].registered == 1) {
Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM,
hKey[i].uuid, &throw_away);
}
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
int
main_v1_1( void )
{
char *function = "Tspi_TPM_GetCapability02";
UINT32 pulRespDataLength;
BYTE *pNumPCRs;
UINT32 subCap;
UINT32 subCapLength, exitCode = 0;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
subCap = TSS_TPMCAP_PROP_PCR;
subCapLength = sizeof(UINT32);
//Get random number
result = Tspi_TPM_GetCapability( hTPM, TSS_TPMCAP_PROPERTY,
subCapLength, (BYTE *)&subCap,
NULL,
&pNumPCRs );
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
}
else
{
print_error_nonapi( function, result );
}
exitCode = result;
}
else
{
print_success( function, result );
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
int
main (int ac, char **av)
{
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HKEY hSRK;
TSS_HKEY hAIK;
TSS_HPOLICY hTPMPolicy;
TSS_HPOLICY hSrkPolicy;
TSS_HPOLICY hAIKPolicy;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
BYTE srkSecret[] = TSS_WELL_KNOWN_SECRET;
FILE *f_in;
FILE *f_out;
char *pass = NULL;
BYTE *response;
UINT32 responseLen;
BYTE *buf;
UINT32 bufLen;
BYTE *asym;
UINT32 asymLen;
BYTE *sym;
UINT32 symLen;
int i;
int result;
if ((ac<2) || ((0==strcmp(av[1],"-p")) ? (ac!=6) : (ac!=4))) {
fprintf (stderr, "Usage: %s [-p password] aikblobfile challengefile outresponsefile\n", av[0]);
exit (1);
}
if (0 == strcmp(av[1], "-p")) {
pass = av[2];
for (i=3; i<ac; i++)
av[i-2] = av[i];
ac -= 2;
}
result = Tspi_Context_Create(&hContext); CKERR;
result = Tspi_Context_Connect(hContext, NULL); CKERR;
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); CKERR;
result = Tspi_GetPolicyObject (hSRK, TSS_POLICY_USAGE, &hSrkPolicy); CKERR;
result = Tspi_Policy_SetSecret(hSrkPolicy, TSS_SECRET_MODE_SHA1,
sizeof(srkSecret), srkSecret); CKERR;
result = Tspi_Context_GetTpmObject (hContext, &hTPM); CKERR;
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_USAGE, &hTPMPolicy); CKERR;
result = Tspi_Policy_AssignToObject(hTPMPolicy, hTPM);
#ifdef OWNER_SECRET
result = Tspi_Policy_SetSecret (hTPMPolicy, TSS_SECRET_MODE_PLAIN,
strlen(OWNER_SECRET)+1, OWNER_SECRET); CKERR;
#else
result = Tspi_Policy_SetSecret (hTPMPolicy, TSS_SECRET_MODE_POPUP, 0, NULL); CKERR;
#endif
/* Read AIK blob */
if ((f_in = fopen(av[1], "rb")) == NULL) {
fprintf (stderr, "Unable to open file %s\n", av[1]);
exit (1);
}
fseek (f_in, 0, SEEK_END);
bufLen = ftell (f_in);
fseek (f_in, 0, SEEK_SET);
buf = malloc (bufLen);
if (fread(buf, 1, bufLen, f_in) != bufLen) {
fprintf (stderr, "Unable to readn file %s\n", av[1]);
exit (1);
}
fclose (f_in);
result = Tspi_Context_LoadKeyByBlob (hContext, hSRK, bufLen, buf, &hAIK); CKERR;
free (buf);
if (pass) {
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_USAGE, &hAIKPolicy); CKERR;
result = Tspi_Policy_AssignToObject(hAIKPolicy, hAIK);
result = Tspi_Policy_SetSecret (hAIKPolicy, TSS_SECRET_MODE_PLAIN,
strlen(pass)+1, pass); CKERR;
}
/* Read challenge file */
if ((f_in = fopen(av[2], "rb")) == NULL) {
fprintf (stderr, "Unable to open file %s\n", av[2]);
exit (1);
}
fseek (f_in, 0, SEEK_END);
bufLen = ftell (f_in);
fseek (f_in, 0, SEEK_SET);
buf = malloc (bufLen);
if (fread(buf, 1, bufLen, f_in) != bufLen) {
fprintf (stderr, "Unable to readn file %s\n", av[2]);
exit (1);
}
fclose (f_in);
/* Parse challenge */
if (bufLen < 8)
goto badchal;
asymLen = ntohl(*(UINT32*)buf);
asym = buf + 4;
buf += asymLen + 4;
if (bufLen < asymLen+8)
goto badchal;
symLen = ntohl(*(UINT32*)buf);
if (bufLen != asymLen + symLen + 8)
goto badchal;
sym = buf + 4;
/* Decrypt challenge data */
#ifndef OWNER_SECRET
{
/* Work around a bug in Trousers 0.3.1 - remove this block when fixed */
/* Force POPUP to activate, it is being ignored */
BYTE *dummyblob1; UINT32 dummylen1;
if (Tspi_TPM_OwnerGetSRKPubKey(hTPM, &dummylen1, &dummyblob1)
== TSS_SUCCESS) {
Tspi_Context_FreeMemory (hContext, dummyblob1);
}
}
#endif
result = Tspi_TPM_ActivateIdentity (hTPM, hAIK, asymLen, asym,
symLen, sym,
&responseLen, &response); CKERR;
/* Output response file */
if ((f_out = fopen (av[3], "wb")) == NULL) {
fprintf (stderr, "Unable to create file %s\n", av[3]);
exit (1);
}
if (fwrite (response, 1, responseLen, f_out) != responseLen) {
fprintf (stderr, "Unable to write to file %s\n", av[3]);
exit (1);
}
fclose (f_out);
printf ("Success!\n");
return 0;
error:
fprintf (stderr, "Failure, error code: 0x%x\n", result);
return 1;
badchal:
fprintf (stderr, "Challenge file format is wrong\n");
return 1;
}
int main(int argc, char **argv)
{
TSS_HKEY hKey, hSRK;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HPOLICY hPolicy;
TSS_HPCRS hPcrs;
UINT32 ulPcrValueLength, subCap, subCapLength;
UINT32 pulRespDataLength, numPcrs;
BYTE *pNumPcrs, *rgbPcrValue, *uuidString, *pcrsSelectedValues[24];
int i, c, *pcrsSelected = NULL, numPcrsSelected = 0;
TSS_UUID *uuid;
BYTE wellknown[] = TSS_WELL_KNOWN_SECRET;
while (1) {
c = getopt(argc, argv, "p:");
if (c == -1)
break;
switch (c) {
case 'p':
numPcrsSelected++;
pcrsSelected = realloc(pcrsSelected,
(sizeof(int)
* numPcrsSelected));
if (pcrsSelected == NULL) {
PRINT_ERR("Malloc of %zd bytes failed.",
(sizeof(int)
* numPcrsSelected));
return -1;
}
pcrsSelected[numPcrsSelected - 1] =
atoi(optarg);
break;
default:
usage(argv[0]);
break;
}
}
if (numPcrsSelected == 0)
printf("Warning: Key will not be bound to any PCR's!\n");
if (numPcrsSelected > 24) {
PRINT_ERR("Too many PCRs selected! Exiting.");
return -EINVAL;
}
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_Create", result);
return result;
}
result = Tspi_Context_Connect(hContext, NULL);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_GetTpmObject", result);
Tspi_Context_Close(hContext);
return result;
}
subCap = TSS_TPMCAP_PROP_PCR;
subCapLength = sizeof(UINT32);
result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_PROPERTY,
subCapLength, (BYTE *)&subCap,
&pulRespDataLength, &pNumPcrs );
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_TPM_GetCapability", result);
Tspi_Context_Close(hContext);
return result;
}
numPcrs = *(UINT32 *)pNumPcrs;
for (i = 0; i < (int)numPcrsSelected; i++) {
if (pcrsSelected[i] > (int)numPcrs) {
fprintf(stderr, "%d: invalid PCR register. PCRs range "
"from 0 - %u\n", pcrsSelected[i], numPcrs);
return -1;
}
}
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0,
&hPcrs);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_CreateObject", result);
return result;
}
for (i = 0; i < numPcrsSelected; i++) {
result = Tspi_TPM_PcrRead(hTPM, pcrsSelected[i],
&ulPcrValueLength, &rgbPcrValue);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_TPM_PcrRead", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_PcrComposite_SetPcrValue(hPcrs, pcrsSelected[i],
ulPcrValueLength,
rgbPcrValue);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_PcrComposite_SetPcrValue", result );
Tspi_Context_Close( hContext );
return result;
}
pcrsSelectedValues[i] = rgbPcrValue;
}
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_LoadKeyByUUID", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hPolicy);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_SHA1,
sizeof(wellknown), wellknown);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
(TSS_KEY_TYPE_STORAGE
| TSS_KEY_SIZE_2048
| TSS_KEY_VOLATILE
| TSS_KEY_NO_AUTHORIZATION
| TSS_KEY_NOT_MIGRATABLE), &hKey);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Key_CreateKey(hKey, hSRK, hPcrs);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Key_CreateKey", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_TPM_GetRandom(hTPM, (UINT32)16, (BYTE **)&uuid);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_TPM_GetRandom", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_USER,
*uuid, TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_RegisterKey", result);
Tspi_Context_Close(hContext);
return result;
}
printf("Success: Key created bound to:\n");
for (i = 0; i < numPcrsSelected; i++) {
uuidString = (unsigned char *)
util_bytes_to_string((char *)
pcrsSelectedValues[i], 20);
if (uuidString == NULL) {
PRINT_ERR("malloc of 41 bytes failed");
Tspi_Context_Close(hContext);
return result;
}
printf("PCR %d: %s\n", pcrsSelected[i], uuidString);
free(uuidString);
Tspi_Context_FreeMemory(hContext, pcrsSelectedValues[i]);
}
uuidString = (BYTE *)util_bytes_to_string((char *)uuid, 16);
if (uuidString == NULL) {
PRINT_ERR("malloc of 33 bytes failed");
Tspi_Context_Close(hContext);
return result;
}
printf("And registered in persistent storage with UUID "
"(tspi_uuid parameter): %s\n", uuidString);
Tspi_Context_FreeMemory(hContext, (BYTE *)uuid);
free(uuidString);
Tspi_Context_Close(hContext);
return 0;
}
main_v1_1(void){
char *nameOfFunction = "Tspi_TPM_Quote04";
TSS_HCONTEXT hContext;
TSS_RESULT result;
TSS_HTPM hTPM;
TSS_HKEY hSRK;
TSS_VALIDATION pValidationData;
TSS_HKEY hIdentKey;
TSS_FLAG initFlags;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy, keyMigPolicy;
BYTE *data;
BYTE well_known_secret[20] = TSS_WELL_KNOWN_SECRET;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID", result);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create object for the hIdentKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hIdentKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create hIdentKey
result = Tspi_Key_CreateKey(hIdentKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hIdentKey);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_TPM_GetRandom(hTPM, 20, &data);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_GetRandom ", result);
Tspi_Context_Close(hContext);
Tspi_Context_CloseObject(hContext, hIdentKey);
exit(result);
}
pValidationData.ulDataLength = 20;
pValidationData.rgbExternalData = data;
//Call TPM Quote
result = Tspi_TPM_Quote(hTPM, hIdentKey, -1, &pValidationData);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hIdentKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hIdentKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hIdentKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int
main_v1_1(void){
char *nameOfFunction = "Tspi_Context_GetRegisteredKeysByUUID01";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID migratableSignUUID={1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2};
TSS_HPOLICY srkUsagePolicy;
UINT32 pulKeyHierarchySize;
TSS_KM_KEYINFO* ppKeyHierarchy;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_512 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(nameOfFunction);
//Create
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
//Connect
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key by UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID ", result);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object for the srkUsagePolicy
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret for the srkUsagePolicy
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret ", result);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create the hKey with the hSRK wrapping key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Register the hKey
result = Tspi_Context_RegisterKey(hContext,
hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID,
TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS &&
TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) {
print_error("Tspi_Context_RegisterKey ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Register the hKey
result = Tspi_Context_RegisterKey(hContext,
hKey, TSS_PS_TYPE_USER, migratableSignUUID,
TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS &&
TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) {
print_error("Tspi_Context_RegisterKey ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Get Registered Keys By UUID
result = Tspi_Context_GetRegisteredKeysByUUID(hContext,
TSS_PS_TYPE_SYSTEM, NULL,
&pulKeyHierarchySize, &ppKeyHierarchy);
if (result != TSS_SUCCESS) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
result = Tspi_Context_FreeMemory(hContext, (BYTE *)ppKeyHierarchy);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_FreeMemory ", result);
Tspi_Context_Close(hContext);
exit(result);
}
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int
main_v1_1( void )
{
char *function = "Tspi_TPM_GetRandom03";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
UINT32 exitCode = 0;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get random number
result = Tspi_TPM_GetRandom( hTPM, 16, NULL );
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
}
else
{
print_error_nonapi( function, result );
}
exitCode = result;
}
else
{
print_success( function, result );
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
int
main(int argc, char **argv)
{
#define BUF_LEN (1024*1024)
#define KEY_SIZE 64
TSS_RESULT result;
TSS_HCONTEXT hContext;
TSS_HKEY hSRK, hKey;
TSS_HPOLICY hPolicy;
TSS_HTPM hTPM;
TSS_HENCDATA hEncData;
TSS_HPCRS hPcrs;
UINT32 u32PcrValLen, u32EncDataLen;
BYTE *rgbPcrVal, *rgbEncData;
BYTE *random;
FILE *fpIn = NULL, *fpOut = NULL;
int len, size;
char *pBufIn = NULL, *pBufOut = NULL;
unsigned int salt[] = {12345, 54321};
EVP_CIPHER_CTX en;
TSS_UUID UUID_K1 = {0, 0, 0, 0, 0, {8, 0, 0, 0, 0, 1}} ;
if (argc < 3) {
usage(argv[0]);
return 0;
}
result = Tspi_Context_Create(&hContext);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_Create", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
SRK_UUID,
&hSRK);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_LoadKeyByUUID", result);
Tspi_Context_Close(hContext);
return result;
}
#ifndef TESTSUITE_NOAUTH_SRK
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hPolicy);
if (TSS_SUCCESS != result) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Policy_SetSecret(hPolicy,
TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN,
TESTSUITE_SRK_SECRET);
if (TSS_SUCCESS != result) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
return result;
}
#endif // #ifndef TESTSUITE_NOAUTH_SRK
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_PCRS,
0,
&hPcrs);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_SEAL,
&hEncData);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = set_secret(hContext, hEncData, &hPolicy);
if (TSS_SUCCESS != result) {
print_error("set_secret", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
UUID_K1,
&hKey);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_LoadKeyByUUID", result);
Tspi_Context_Close(hContext);
return -1;
}
result = set_popup_secret(hContext,
hKey,
TSS_POLICY_USAGE,
"Input K1's Pin\n",
0);
if (TSS_SUCCESS != result) {
print_error("set_popup_secret", result);
Tspi_Context_Close(hContext);
return result;
}
/*result = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &hPolicy);
if (TSS_SUCCESS != result) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Policy_SetSecret(hPolicy,
TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN,
TESTSUITE_KEY_SECRET);
if (TSS_SUCCESS != result) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
return result;
}*/
result = Tspi_TPM_GetRandom(hTPM, KEY_SIZE, &random);
if (TSS_SUCCESS != result) {
print_error("Tspi_TPM_GetRandom", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_TPM_PcrRead(hTPM, 15, &u32PcrValLen, &rgbPcrVal);
if (TSS_SUCCESS != result) {
print_error("Tspi_TPM_PcrRead", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_PcrComposite_SetPcrValue(hPcrs, 15, u32PcrValLen, rgbPcrVal);
if (TSS_SUCCESS != result) {
print_error("Tspi_PcrComposite_SetPcrValue", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Data_Seal(hEncData,
hKey,
KEY_SIZE,
random,
hPcrs);
if (TSS_SUCCESS != result) {
print_error("Tspi_Data_Seal", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_GetAttribData(hEncData,
TSS_TSPATTRIB_ENCDATA_BLOB,
TSS_TSPATTRIB_ENCDATABLOB_BLOB,
&u32EncDataLen,
&rgbEncData);
if (TSS_SUCCESS != result) {
print_error("Tspi_GetAttribData", result);
Tspi_Context_Close(hContext);
return result;
}
fpIn = fopen(argv[1], "rb");
if (!fpIn) {
printf("open file: %s failed\n", argv[1]);
Tspi_Context_Close(hContext);
return result;
}
fseek(fpIn, 0, SEEK_END);
size = ftell(fpIn);
if (size > BUF_LEN) {
printf("file is more than 1MB, too big !\n");
Tspi_Context_Close(hContext);
fclose(fpIn);
return -1;
}
pBufIn = malloc(size);
if (!pBufIn) {
printf("No Memmory\n");
Tspi_Context_Close(hContext);
}
fseek(fpIn, 0, SEEK_SET);
len = fread(pBufIn, 1, size, fpIn);
if (len != size) {
printf("fread error");
Tspi_Context_Close(hContext);
fclose(fpIn);
return -1;
}
fclose(fpIn);
if (aes_init(random, KEY_SIZE, (unsigned char *)&salt, &en)) {
printf("aes_init failed\n");
Tspi_Context_Close(hContext);
free(pBufIn);
return -1;
}
pBufOut = aes_encrypt(&en, pBufIn, &size);
fpOut = fopen(argv[2], "wb");
if (!fpOut) {
printf("open file: %s failed\n", argv[2]);
Tspi_Context_Close(hContext);
free(pBufIn);
free(pBufOut);
return -1;
}
len = fwrite(&u32EncDataLen, 1, sizeof(UINT32), fpOut);
if (sizeof(UINT32) != len) {
printf("fwrite u32EncDataLen failed\n");
Tspi_Context_Close(hContext);
free(pBufIn);
free(pBufOut);
fclose(fpOut);
return -1;
}
len = fwrite(rgbEncData, 1, u32EncDataLen, fpOut);
if (len != u32EncDataLen) {
printf("fwrite rgbEncData failed\n");
Tspi_Context_Close(hContext);
free(pBufIn);
free(pBufOut);
fclose(fpOut);
return -1;
}
len = fwrite(&size, 1, sizeof(int), fpOut);
if (len != sizeof(int)) {
printf("fwrite failed\n");
Tspi_Context_Close(hContext);
free(pBufIn);
free(pBufOut);
fclose(fpOut);
return -1;
}
len = fwrite(pBufOut, 1, size, fpOut);
if (len != size) {
printf("fwrite failed\n");
Tspi_Context_Close(hContext);
free(pBufIn);
free(pBufOut);
fclose(fpOut);
return -1;
}
fclose(fpOut);
free(pBufIn);
free(pBufOut);
Tspi_Context_Close(hContext);
return 0;
}
int
main_v1_1( void )
{
char *function = "Tspi_TPM_GetCapability01";
UINT32 pulRespDataLength;
BYTE *pNumPCRs;
UINT32 subCap, subCapLength, numPcrs;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
subCap = TSS_TPMCAP_PROP_PCR;
subCapLength = sizeof(UINT32);
result = Tspi_TPM_GetCapability( hTPM, TSS_TPMCAP_PROPERTY,
subCapLength, (BYTE *)&subCap,
&pulRespDataLength,
&pNumPCRs );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
}
else
{
print_error_nonapi( function, result );
}
}
else
{
print_success( function, result );
}
fprintf(stderr, "\tThere are %u PCRs supported by this TPM\n",
*(UINT32 *)pNumPCRs );
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
int main_v1_2(char version)
{
char *function = "Tspi_Hash_TickStampBlob02";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK, hMSigningKey;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
TSS_VALIDATION validationData;
BYTE *nonce;
print_begin_test(function);
// Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
// Connect to Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Signing Key
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING |
TSS_KEY_NO_AUTHORIZATION,
&hMSigningKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey (signing key)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_LoadKey(hMSigningKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKey (hMSigningKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_TPM_GetRandom(hTPM, 20, &nonce);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_GetRandom", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
validationData.rgbExternalData = nonce;
validationData.ulExternalDataLength = 20;
result = Tspi_Hash_TickStampBlob(0xffffffff, hMSigningKey, &validationData);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if (!(checkNonAPI(result))) {
print_error(function, result);
} else {
print_error_nonapi(function, result);
}
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(TSS_E_FAIL);
}
print_success(function, result);
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(0);
}
int
main_v1_1( void )
{
char *function = "Tspi_TPM_TakeOwnership01";
BYTE *rgbPcrValue;
UINT32 ulPcrValueLength;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HPOLICY hPolicy;
TSS_HPOLICY hSrkPolicy;
TSS_HKEY hEndorsement;
TSS_HKEY hKeySRK;
BYTE allones[8];
TSS_VALIDATION valid;
TSS_RESULT result;
UINT32 exitCode, initFlags;
print_begin_test( function );
memset( allones, 0x02, 8 );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject( hTPM, TSS_POLICY_USAGE, &hPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
printf("TESTSUITE_OWNER_SECRET:%s\n",TESTSUITE_OWNER_SECRET);
result = Tspi_Policy_SetSecret( hPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_TPM_GetPubEndorsementKey( hTPM, 0, NULL, &hEndorsement );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetPubEndorsementKey", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
initFlags = TSS_KEY_TSP_SRK | TSS_KEY_AUTHORIZATION;
#else
initFlags = TSS_KEY_TSP_SRK;
#endif
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKeySRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
result = Tspi_GetPolicyObject( hKeySRK, TSS_POLICY_USAGE,
&hSrkPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
printf("TESTSUITE_SRK_SECRET:%s\n",TESTSUITE_SRK_SECRET);
result = Tspi_Policy_SetSecret( hSrkPolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
result = Tspi_TPM_TakeOwnership( hTPM, hKeySRK, hEndorsement );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
exitCode = 1;
}
else
{
print_error_nonapi( function, result );
exitCode = 1;
}
}
else
{
print_success( function, result );
exitCode = 0;
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
int
main_v1_1( void )
{
char *function = "Tspi_TPM_PcrRead01";
BYTE *rgbPcrValue;
UINT32 ulPcrValueLength;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_TPM_PcrRead( hTPM, 8, &ulPcrValueLength, &rgbPcrValue );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
}
else
{
print_error_nonapi( function, result );
}
}
else
{
print_success( function, result );
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
int
main_v1_1( void )
{
char *function = "Tspi_TPM_ClearOwner01";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HPOLICY tpmUsagePolicy;
TSS_RESULT result;
UINT32 exitCode;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Get Policy Object
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &tpmUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(tpmUsagePolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
// Clear owner with owner auth (TRUE means PhyPres, FALSE means owner auth)
result = Tspi_TPM_ClearOwner( hTPM, FALSE );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
exitCode = 1;
}
else
{
print_error_nonapi( function, result );
exitCode = 1;
}
}
else
{
print_success( function, result );
exitCode = 0;
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
int
main_v1_1( void )
{
char *function = "policy_compliance";
TSS_RESULT result;
TSS_HPOLICY hDefaultPolicy, hKeyUsagePolicy, hKeyMigPolicy;
TSS_HPOLICY hEncdataUsagePolicy, hTPMPolicy, hNewPolicy;
TSS_HCONTEXT hContext;
TSS_HKEY hKey;
TSS_HENCDATA hEncData;
TSS_HTPM hTPM;
TSS_HPCRS hPcrs;
TSS_HHASH hHash;
UINT32 trash;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
/*
* Test 1
*
* TSP's default policy object should exist.
*
*/
result = Tspi_Context_GetDefaultPolicy ( hContext, &hDefaultPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Test 1: TSP object's default policy should exist", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 1", result );
/*
* Test 2
*
* Create a key, then get its usage policy handle. It should match
* the TSP's default policy.
*
*/
result = Tspi_Context_CreateObject ( hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_TYPE_SIGNING |
TSS_KEY_SIZE_512 |
TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_MIGRATABLE,
&hKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &hKeyUsagePolicy);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
if (hKeyUsagePolicy != hDefaultPolicy) {
print_error( "Test 2: default policy should match new policies", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 2", result );
/*
* Test 3
*
* The key should have no migration policy by default.
*
*/
result = Tspi_GetPolicyObject(hKey, TSS_POLICY_MIGRATION, &hKeyMigPolicy);
if ( TSS_ERROR_CODE(result) != TSS_E_KEY_NO_MIGRATION_POLICY )
{
print_error( "Test 3: Key's migration policy shouldn't exist by default", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 3", result );
/*
* Test 4
*
* Create an encdata object, then get its usage policy handle. It should match
* the TSP's default policy.
*
*/
result = Tspi_Context_CreateObject ( hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_BIND,
&hEncData );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject(hEncData, TSS_POLICY_USAGE, &hEncdataUsagePolicy);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
if (hEncdataUsagePolicy != hDefaultPolicy) {
print_error( "Test 4: default policy should match new policies", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 4", result );
/*
* Test 5
*
* Connect the TSP context to a TCS and get the TPM object, then its policy. It should
* not match the TSP's default policy.
*
*/
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTPMPolicy);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
if (hTPMPolicy == hDefaultPolicy) {
print_error( "Test 5: default policy should not match the TPM policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 5", result );
/*
* Test 6
*
* Create a new policy object. Its handle should not match the TSP's default policy or
* the TPM's policy.
*
*/
result = Tspi_Context_CreateObject ( hContext,
TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_MIGRATION,
&hNewPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
if (hNewPolicy == hTPMPolicy || hNewPolicy == hDefaultPolicy) {
print_error( "Test 6: new policy should not match any other policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 6", result );
/*
* Test 7
*
* Assign the policy object as the key's migration policy. After this, the key should have
* a migration policy.
*
*/
result = Tspi_Policy_AssignToObject( hNewPolicy, hKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_AssignToObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject(hKey, TSS_POLICY_MIGRATION, &hKeyMigPolicy);
if ( result != TSS_SUCCESS || hKeyMigPolicy != hNewPolicy)
{
print_error( "Test 7: Key's migration policy should match new policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 7", result );
/*
* Test 8
*
* Try to get a migration policy for the TPM
*
*/
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_MIGRATION, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 8: TPM should have no migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 8", result );
/*
* Test 9
*
* Try to get a migration policy for enc data
*
*/
result = Tspi_GetPolicyObject(hEncData, TSS_POLICY_MIGRATION, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 9: Encdata should have no migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 9", result );
/*
* Test 10
*
* Try to get a migration policy for a hash object
*
*/
result = Tspi_Context_CreateObject ( hContext,
TSS_OBJECT_TYPE_HASH,
TSS_HASH_OTHER,
&hHash );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject(hHash, TSS_POLICY_MIGRATION, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 10: Hash should have no migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 10", result );
/*
* Test 11
*
* Try to get a usage policy for a hash object
*
*/
result = Tspi_GetPolicyObject(hHash, TSS_POLICY_USAGE, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 11: Hash should have no usage policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 11", result );
/*
* Test 12
*
* Try to get a migration policy for a pcrs object
*
*/
result = Tspi_Context_CreateObject ( hContext,
TSS_OBJECT_TYPE_PCRS,
0,
&hPcrs );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject(hPcrs, TSS_POLICY_MIGRATION, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 12: Pcrs should have no migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 12", result );
/*
* Test 13
*
* Try to get a usage policy for a pcrs object
*
*/
result = Tspi_GetPolicyObject(hPcrs, TSS_POLICY_USAGE, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 13: Pcrs should have no usage policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 13", result );
/*
* Test 14
*
* Try to get a migration policy for a policy object
*
*/
result = Tspi_GetPolicyObject(hEncdataUsagePolicy, TSS_POLICY_MIGRATION, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 14: Policies should have no migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 14", result );
/*
* Test 15
*
* Try to get a usage policy for a policy object
*
*/
result = Tspi_GetPolicyObject(hEncdataUsagePolicy, TSS_POLICY_USAGE, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 15: Policies should have no usage policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 15", result );
/*
* Test 16
*
* Try to get a migration policy for a context object
*
*/
result = Tspi_GetPolicyObject(hContext, TSS_POLICY_MIGRATION, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 16: Contexts should have no migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 16", result );
/*
* Test 17
*
* Try to get a usage policy for a context object
*
*/
result = Tspi_GetPolicyObject(hContext, TSS_POLICY_USAGE, &trash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 17: Context's policies should not be accessible by "
"Tspi_GetPolicyObject", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 17", result );
/*
* Test 18
*
* Try to assign a migration policy for the TPM
*
*/
result = Tspi_Policy_AssignToObject(hKeyMigPolicy, hTPM);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 18: TPM should not be assigned a migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 18", result );
/*
* Test 19
*
* Try to assign a migration policy for enc data
*
*/
result = Tspi_Policy_AssignToObject(hKeyMigPolicy, hEncData);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 19: Encdata should not be assigned a migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 19", result );
/*
* Test 20
*
* Try to assign a migration policy to a hash object
*
*/
result = Tspi_Policy_AssignToObject(hKeyMigPolicy, hHash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 20: Hash should not be assigned a migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 20", result );
/*
* Test 21
*
* Try to assign a usage policy for a hash object
*
*/
result = Tspi_Policy_AssignToObject(hKeyUsagePolicy, hHash);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER)
{
print_error( "Test 21: Hash should not be assigned a usage policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 21", result );
/*
* Test 22
*
* Try to assign a migration policy for a pcrs object
*
*/
result = Tspi_Policy_AssignToObject(hKeyMigPolicy, hPcrs);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 22: Pcrs should not be assigned a migration policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 22", result );
/*
* Test 23
*
* Try to assign a usage policy for a pcrs object
*
*/
result = Tspi_Policy_AssignToObject(hKeyUsagePolicy, hPcrs);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 23: Pcrs should not be assigned a usage policy", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 23", result );
/*
* Test 24
*
* Try to assign a migration policy for a policy object
*
*/
result = Tspi_Policy_AssignToObject(hKeyMigPolicy, hKeyUsagePolicy);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 24: Policies should not be assigned migration policies",
result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 24", result );
/*
* Test 25
*
* Try to assign a usage policy for a policy object
*
*/
result = Tspi_Policy_AssignToObject(hKeyUsagePolicy, hEncdataUsagePolicy);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 25: Policies should not be assigned usage policies", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 25", result );
/*
* Test 26
*
* Try to assign a migration policy for a context object
*
*/
result = Tspi_Policy_AssignToObject(hKeyMigPolicy, hContext);
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
print_error( "Test 26: Contexts should not be assigned migration policies",
result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 26", result );
/*
* Test 27
*
* Close hKey's usage policy and make sure getPolicyObject returns correctly
*
*/
result = Tspi_Context_CloseObject(hContext, hKeyUsagePolicy);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CloseObject", result );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &hNewPolicy);
if ( TSS_ERROR_CODE(result) != TSS_E_INTERNAL_ERROR )
{
print_error( "Test 27: Accessing a closed policy should trigger"
" TSS_E_INTERNAL_ERROR", result );
print_error( function, result );
Tspi_Context_Close( hContext );
exit( result );
} else
print_success( "Test 27", result );
print_success(function, TSS_SUCCESS);
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( 0 );
}
int
main_v1_2( char version )
{
char *function = "Tspi_TPM_GetCapability22";
UINT32 pulRespDataLength;
BYTE *pRetData;
UINT32 subCap, subCapLength, numPcrs;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
UINT32 exitCode;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
subCap = TSS_TPMCAP_PROP_DAASESSIONS;
subCapLength = sizeof(UINT32);
result = Tspi_TPM_GetCapability( hTPM, TSS_TPMCAP_PROPERTY,
subCapLength, (BYTE *)&subCap,
&pulRespDataLength,
&pRetData );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
exitCode = 1;
}
else
{
print_error_nonapi( function, result );
exitCode = 1;
}
}
else
{
print_success( function, result );
exitCode = 0;
if (pulRespDataLength == sizeof(UINT32))
fprintf(stderr, "\tThere are %u available DAA sessions in this TPM\n\n",
*(UINT32 *)pRetData );
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}