void
tc_create_key(TSS_HCONTEXT hContext, TSS_HKEY hKey, TSS_HKEY hParent, UINT32 flags)
{
TSS_RESULT result;
//Create Policy
if (flags & TSS_KEY_AUTHORIZATION) {
//Create Usage Policy Object
tc_create_policy(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, hKey);
if (flags & TSS_KEY_MIGRATABLE) {
//Create Migration Policy Object
tc_create_policy(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_MIGRATION, hKey);
}
}
//Create Key
result = Tspi_Key_CreateKey(hKey, hParent, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
}
/* create and store keys with the uuids in the @uuids parameter. Unregister
* any keys in the PS that are already stored. hParentKey should already be
* loaded and will become the parent of the key stored with uuids[0] */
TSS_RESULT
store_keys(TSS_HCONTEXT hContext, TSS_HKEY hParentKey, TSS_UUID *uuidParent0,
TSS_UUID **uuids)
{
int i;
TSS_RESULT result;
TSS_UUID *uuidParent;
TSS_HKEY hKey;
TSS_FLAG initFlags;
for (i = 0; uuids[i]; i++) {
/* unregister any keys in the PS that are in the way */
if ((result = Tspi_Context_UnregisterKey(hContext,
TSS_PS_TYPE_SYSTEM,
*uuids[i], &hKey)) &&
(TSS_ERROR_CODE(result) != TSS_E_PS_KEY_NOTFOUND)) {
print_error("Tspi_Context_UnregisterKey", result);
return result;
}
}
initFlags = TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_STORAGE |
TSS_KEY_NO_AUTHORIZATION;
uuidParent = uuidParent0;
for (i = 0; uuids[i]; i++) {
/* create the keys and register them */
if ((result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey))) {
print_error("Tspi_Context_CreateObject", result);
return result;
}
if ((result = Tspi_Key_CreateKey(hKey, hParentKey, 0))) {
print_error("Tspi_Key_CreateKey", result);
return result;
}
/* load key so that the child can be created */
if ((result = Tspi_Key_LoadKey(hKey, hParentKey))) {
print_error("Tspi_Key_LoadKey", result);
return result;
}
/* register the new key */
if ((result = Tspi_Context_RegisterKey(hContext, hKey,
TSS_PS_TYPE_SYSTEM,
*uuids[i],
TSS_PS_TYPE_SYSTEM,
*uuidParent))) {
print_error("Tspi_Context_RegisterKey", result);
return result;
}
hParentKey = hKey;
uuidParent = uuids[i];
}
return TSS_SUCCESS;
}
main_v1_1(void){
char *nameOfFunction = "Tspi_ChangeAuth04";
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_HPOLICY hPolicy;
TSS_HKEY hMStorageKey;
TSS_HCONTEXT hContext;
TSS_RESULT result;
TSS_FLAG initFlags;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
TSS_HPOLICY srkUsagePolicy;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create hKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID for hSRK", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Storage Key
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMStorageKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_CreateKey(hMStorageKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Call Change Auth
result = Tspi_ChangeAuth(0xffffffff, hMStorageKey, hPolicy);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
main_v1_1(void){
char *nameOfFunction = "policy_no_secret";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_BOOL allowMaint = FALSE;
BYTE *randomData;
TSS_HPOLICY srkUsagePolicy, tpmUsagePolicy;
print_begin_test(nameOfFunction);
#ifdef TESTSUITE_NOAUTH_SRK
print_NA();
print_end_test(nameOfFunction);
exit(0);
#endif
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Policy Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE,
&srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret mode to none
result = Tspi_Policy_SetSecret(srkUsagePolicy, TSS_SECRET_MODE_NONE, 0, NULL);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Assign new policy w/o secret to the SRK object
result = Tspi_Policy_AssignToObject(srkUsagePolicy, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create child key Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_512|TSS_KEY_TYPE_BIND|
TSS_KEY_NO_AUTHORIZATION, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
// Attempt to use the SRK w/o putting a secret in its policy
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (TSS_ERROR_CODE(result) != TSS_E_POLICY_NO_SECRET) {
print_error("Key creation w/o parent secret set", result);
print_error(nameOfFunction, result);
Tspi_Context_Close(hContext);
exit(result);
} else {
print_success("Key creation w/o parent secret set", result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
// With a secret set, this should work OK
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_Close(hContext);
exit(result);
}
// Try an owner auth'd command w/o secret
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get Policy Object
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &tpmUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret mode to none
result = Tspi_Policy_SetSecret(tpmUsagePolicy, TSS_SECRET_MODE_NONE, 0, NULL);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_TPM_GetStatus(hTPM, TSS_TPMSTATUS_ALLOWMAINTENANCE, &allowMaint);
if (TSS_ERROR_CODE(result) != TSS_E_POLICY_NO_SECRET) {
print_error("Tspi_TPM_GetStatus w/o owner secret set", result);
Tspi_Context_Close(hContext);
exit(result);
} else {
print_success("TPM_GetStatus w/o owner secret set", result);
}
//Set Secret
result = Tspi_Policy_SetSecret(tpmUsagePolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_TPM_GetStatus(hTPM, TSS_TPMSTATUS_ALLOWMAINTENANCE, &allowMaint);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_GetStatus", result);
Tspi_Context_Close(hContext);
exit(result);
}
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_Close(hContext);
exit(result);
}
int main_v1_2(char version)
{
char *function = "Tspi_Hash_TickStampBlob02";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK, hMSigningKey;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
TSS_VALIDATION validationData;
BYTE *nonce;
print_begin_test(function);
// Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
// Connect to Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Signing Key
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING |
TSS_KEY_NO_AUTHORIZATION,
&hMSigningKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey (signing key)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_LoadKey(hMSigningKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKey (hMSigningKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_TPM_GetRandom(hTPM, 20, &nonce);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_GetRandom", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
validationData.rgbExternalData = nonce;
validationData.ulExternalDataLength = 20;
result = Tspi_Hash_TickStampBlob(0xffffffff, hMSigningKey, &validationData);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if (!(checkNonAPI(result))) {
print_error(function, result);
} else {
print_error_nonapi(function, result);
}
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(TSS_E_FAIL);
}
print_success(function, result);
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(0);
}
main_v1_1(void){
char *nameOfFunction = "Tspi_Key_CreateMigrationBlob03";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKey;
UINT32 TargetPubKeyLength;
BYTE *TargetPublicKeyData;
BYTE *MigTicket;
UINT32 TicketLength;
BYTE *randomData;
UINT32 randomLength;
UINT32 migBlobLength;
BYTE *migBlob;
UINT32 blobLength;
TSS_RESULT result;
TSS_HTPM hTPM;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy, keyMigPolicy,
tpmUsagePolicy;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID for hSRK", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Get Policy Object
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &tpmUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(tpmUsagePolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 |
TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE,
&hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Create Signing Key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS)
{
print_error("Tspi_Key_CreateKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
Tspi_Context_CloseObject(hContext, hKey);
exit(result);
}
//Authorize Migration Ticket
result = Tspi_TPM_AuthorizeMigrationTicket(hTPM, hKey,
TSS_MS_REWRAP, &TicketLength, &MigTicket);
if (result != TSS_SUCCESS)
{
print_error("Tpsi_TPM_AuthorizeMigrationTicket ", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
Tspi_Context_CloseObject(hContext, hKey);
exit(result);
}
//Create Migration Blob
result = Tspi_Key_CreateMigrationBlob(-1, hSRK,
TicketLength, MigTicket, &randomLength,
&randomData, &migBlobLength, &migBlob);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int
main_v1_2(char version)
{
char *function = "Tspi_Data_Unbind-trans03";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKey, hWrappingKey;
TSS_HPOLICY hSrkPolicy;
BYTE *prgbDataToUnBind;
TSS_HENCDATA hEncData;
UINT32 pulDataLength;
BYTE rgbDataToBind[32] =
{ 0, 1, 3, 4, 5, 6, 7, 0, 1, 2, 3, 4, 5, 6, 7, 0, 1, 2, 3, 4,
5, 6, 7, 0, 1, 2, 3, 4, 5, 6, 7 };
UINT32 ulDataLength = 32;
TSS_UUID uuid;
TSS_RESULT result;
TSS_HTPM hTPM;
TSS_FLAG initFlags = TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(function);
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey,
NULL);
if (result != TSS_SUCCESS) {
print_error("Testsuite_Transport_Init", result);
Tspi_Context_Close(hContext);
exit(result);
}
// create hKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_BIND, &hEncData);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hEncData)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// Load the newly created key
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_LoadKey", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Data_Bind(hEncData, hKey, ulDataLength, rgbDataToBind);
if (result != TSS_SUCCESS) {
print_error("Tspi_Data_Bind", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Data_Unbind(hEncData, hKey, &pulDataLength, &prgbDataToUnBind);
if (result != TSS_SUCCESS) {
print_error("Tspi_Data_Unbind", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Testsuite_Transport_Final(hContext, 0);
if (result != TSS_SUCCESS) {
if (!(checkNonAPI(result)))
print_error(function, result);
else
print_error_nonapi(function, result);
} else {
result =
Tspi_Context_FreeMemory(hContext, prgbDataToUnBind);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_FreeMemory ", result);
Tspi_Context_Close(hContext);
exit(result);
}
print_success(function, result);
}
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
main_v1_1(void){
char *nameOfFunction = "Tspi_GetAttribData19";
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HCONTEXT hContext;
TSS_RESULT result;
TSS_HKEY hSRK;
BYTE* uuid;
UINT32 uuidLength;
int rc;
TSS_UUID null_uuid, key_uuid;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
memset(&null_uuid, 0, sizeof(TSS_UUID));
memset(&key_uuid, 0x7f, sizeof(TSS_UUID));
print_begin_test(nameOfFunction);
//Create Context and connect
result = connect_load_srk(&hContext, &hSRK);
if (result != TSS_SUCCESS) {
print_error("connect_load_srk", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Create Key Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Create Key in the TPM
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Call GetAttribData, uuid should be all 0's
result = Tspi_GetAttribData(hKey,
TSS_TSPATTRIB_KEY_UUID, 0,
&uuidLength, &uuid);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetAttribData", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Check length and data
if (uuidLength != sizeof(TSS_UUID)) {
print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1);
print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
if ((rc = memcmp(uuid, &null_uuid, uuidLength))) {
print_verifyerr("a null uuid from Tspi_GetAttribData", 0, rc);
print_hex(uuid, sizeof(TSS_UUID));
print_error("uuid NULL from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
Tspi_Context_FreeMemory(hContext, uuid);
register_key:
//Register Key
result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM,
key_uuid, TSS_PS_TYPE_SYSTEM,
SRK_UUID);
if (TSS_ERROR_CODE(result) == TSS_E_KEY_ALREADY_REGISTERED) {
result = Tspi_Context_UnregisterKey(hContext,
TSS_PS_TYPE_SYSTEM,
key_uuid, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_UnregisterKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
goto register_key;
} else if (result != TSS_SUCCESS) {
print_error("Tspi_Context_RegisterKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Close the object
result = Tspi_Context_CloseObject(hContext, hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CloseObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
hKey = 0;
//Load the key by UUID from PS
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
key_uuid, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Call GetAttribData, uuid should be equal to key_uuid
result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_UUID, 0,
&uuidLength, &uuid);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetAttribData", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Check length and data
if (uuidLength != sizeof(TSS_UUID)) {
print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1);
print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
if ((rc = memcmp(uuid, &key_uuid, uuidLength))) {
print_verifyerr("key's uuid from Tspi_GetAttribData", 0, rc);
print_hex((BYTE *)&key_uuid, sizeof(TSS_UUID));
print_error("key's uuid from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_Close(hContext);
exit(0);
}
int
main_v1_1( void )
{
char *function = "Tspi_Context_LoadKeyByBlob03";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hMSigningKey;
BYTE* migratableSignKeyBlob;
UINT32 blobLength;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
UINT32 exitCode = 0;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Set Secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret (1)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
//Create Signing Key
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING,
&hMSigningKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_CreateObject (signing key)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (Signing Key)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// get blob
result = Tspi_GetAttribData( hMSigningKey, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_BLOB,
&blobLength, &migratableSignKeyBlob );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetAttribData", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Load Key Blob
result = Tspi_Context_LoadKeyByBlob( hContext, hSRK,
blobLength,
NULL,
&hMSigningKey );
if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
exitCode = result;
}
else
{
print_error_nonapi( function, result );
exitCode = result;
}
}
else
{
print_success( function, result );
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
int
main_v1_1( void )
{
char *function = "key_auth_check01";
TSS_HCONTEXT hContext;
UINT32 exitCode;
TSS_HKEY hSRK;
TSS_HKEY hMSigningKey;
TSS_UUID migratableSignUUID = {0x1, 0x55, 0x67, 0x8, 0x5, { 6, 7, 8, 9, 10, 2 } };
TSS_HHASH hHash;
BYTE *prgbSignature;
UINT32 pulSignatureLength;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
print_error_exit( function, err_string(result) );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Set Secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
//Create Signing Key
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING |
TSS_KEY_AUTHORIZATION,
&hMSigningKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (signing key)",
result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// get signing key's policy
result = Tspi_GetPolicyObject( hMSigningKey, TSS_POLICY_USAGE,
&keyUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Set Secret
result = Tspi_Policy_SetSecret( keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (signing key)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_LoadKey( hMSigningKey, hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKey (hMSigningKey)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// create hash
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_HASH,
TSS_HASH_SHA1, &hHash );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hash)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Hash_UpdateHashValue( hHash, 20, "Je pense, danc je s" );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Hash_SetHashValue", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Hash_Sign( hHash, hMSigningKey, &pulSignatureLength,
&prgbSignature );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
exitCode = 1;
}
else
{
print_error_nonapi( function, result );
exitCode = 1;
}
}
else
{
result = Tspi_Context_RegisterKey(hContext, hMSigningKey, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS)
{
print_error( "Tspi_Context_RegisterKey", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
print_success( function, result );
exitCode = 0;
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
int
main_v1_2(char version)
{
char *nameOfFunction = "Tspi_Key_ConvertMigrationBlob-trans03";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKeyToMigrate, hKeyToMigrateInto;
TSS_HKEY hMigrationAuthorityKey, hWrappingKey;
BYTE *MigTicket;
UINT32 TicketLength;
BYTE *randomData;
UINT32 randomLength;
UINT32 migBlobLength;
BYTE *migBlob;
TSS_RESULT result;
TSS_HTPM hTPM;
TSS_HPOLICY hUsagePolicy, hMigPolicy, tpmUsagePolicy;
print_begin_test(nameOfFunction);
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey,
NULL);
if (result != TSS_SUCCESS) {
print_error("Testsuite_Transport_Init", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get Policy Object
result =
Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &tpmUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result =
Tspi_Policy_SetSecret(tpmUsagePolicy,
TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN,
TESTSUITE_OWNER_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_TYPE_STORAGE |
TSS_KEY_SIZE_2048 |
TSS_KEY_NO_AUTHORIZATION,
&hMigrationAuthorityKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Migrate Authority's key
result = Tspi_Key_CreateKey(hMigrationAuthorityKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create key Object
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_TYPE_SIGNING |
TSS_KEY_SIZE_2048 |
TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_MIGRATABLE, &hKeyToMigrate);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
// Create usage policy
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_USAGE, &hUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(hUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN,
TESTSUITE_KEY_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Assign migration policy
result = Tspi_Policy_AssignToObject(hUsagePolicy, hKeyToMigrate);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create migration policy
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_MIGRATION, &hMigPolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(hMigPolicy, TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN,
TESTSUITE_KEY_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Assign migration policy
result = Tspi_Policy_AssignToObject(hMigPolicy, hKeyToMigrate);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Key To Migrate
result = Tspi_Key_CreateKey(hKeyToMigrate, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_Close(hContext);
Tspi_Context_CloseObject(hContext, hKeyToMigrate);
exit(result);
}
//Authorize Migration Ticket
result =
Tspi_TPM_AuthorizeMigrationTicket(hTPM, hMigrationAuthorityKey,
TSS_MS_MIGRATE,
&TicketLength, &MigTicket);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_AuthorizeMigrationTicket ", result);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_TYPE_SIGNING |
TSS_KEY_SIZE_2048 |
TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_MIGRATABLE,
&hKeyToMigrateInto);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Migration Blob
result = Tspi_Key_CreateMigrationBlob(hKeyToMigrate, hSRK, TicketLength, MigTicket,
&randomLength, &randomData, &migBlobLength, &migBlob);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_AuthorizeMigrationTicket ", result);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_LoadKey(hMigrationAuthorityKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_AuthorizeMigrationTicket ", result);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_ConvertMigrationBlob(hKeyToMigrateInto, hMigrationAuthorityKey,
randomLength, randomData, migBlobLength, migBlob);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_ConvertMigrationBlob", result);
Tspi_Context_Close(hContext);
exit(result);
}
result = Testsuite_Transport_Final(hContext, 0);
if (result != TSS_SUCCESS) {
if (!checkNonAPI(result)) {
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
} else {
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
} else {
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(0);
}
}
int main_v1_1(void)
{
char *function = "Tspi_Data_Unseal02";
TSS_HCONTEXT hContext;
TSS_HCONTEXT whContext = -1;
TSS_HKEY hSRK;
TSS_HKEY hKey;
TSS_HPOLICY hSRKPolicy, hKeyPolicy;
BYTE rgbDataToSeal[32] =
{ 0, 1, 3, 4, 5, 6, 7, 8, 9, 'A', 'B', 'C', 'D', 'E', 'F', 0,
1, 2, 3, 4, 5, 6, 7, 8, 9, 'A', 'B', 'C', 'D', 'E', 'F' };
BYTE rgbPcrValue[20] =
{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
BYTE *prgbDataToUnseal;
UINT32 ulDataLength = 32, exitCode = 0;
TSS_RESULT result;
TSS_FLAG initFlags = TSS_KEY_TYPE_STORAGE | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(function);
// Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
// Connect to Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// create hKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
// set the SRK auth data
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Policy_SetSecret(hSRKPolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN,
TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret (hSRKPolicy)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
// create the key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_LoadKey (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Data_Unseal(whContext, hKey, &ulDataLength,
&prgbDataToUnseal);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if (!(checkNonAPI(result))) {
print_error(function, result);
} else {
print_error_nonapi(function, result);
}
exitCode = result;
} else {
print_success(function, result);
}
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(exitCode);
}
int
main_v1_1( void )
{
char *function = "Tspi_Key_GetPubKey01";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKey;
TSS_UUID SRKUUID = {0,0,0,0,0,0,0,0,0,0,1};
TSS_UUID migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,2};
TSS_UUID uuid;
TSS_RESULT result;
UINT32 ulPubKeyLength;
BYTE *rgbPubKey;
TSS_HPOLICY srkUsagePolicy;
TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
print_error_exit( function, err_string(result) );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Set Secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
//Create Signing Key
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hKey)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_CreateKey( hKey, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (hKey)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_LoadKey( hKey, hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_LoadKey (hKey)", result );
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Get Pub Key
result = Tspi_Key_GetPubKey( hKey, &ulPubKeyLength, &rgbPubKey );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
}
else
{
print_error_nonapi( function, result );
}
}
else
{
result = Tspi_Context_FreeMemory(hContext, rgbPubKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_FreeMemory ", result);
print_error_exit(function, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
print_success( function, result );
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
int
main_v1_1( void )
{
char *function = "key_auth_chain02";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKey0, hKey1, hKey2;
TSS_RESULT result;
TSS_HENCDATA hEncData;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
int temp;
print_begin_test( function );
srand(time(0));
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
print_error_exit( function, err_string(result) );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, NULL );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
goto done;
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
uuid_2, &hKey2 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
goto done;
}
result = Tspi_Context_CreateObject( hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_BIND, &hEncData );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hEncData)", result );
goto done;
}
// Data Bind
result = Tspi_Data_Bind( hEncData, hKey2, ulDataLength, rgbDataToBind );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Data_Bind", result );
goto done;
}
result = Tspi_Data_Unbind( hEncData, hKey2, &pulDataLength, &prgbDataToUnBind );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
goto done;
}
else
{
print_error_nonapi( function, result );
goto done;
}
}
else
{
if ((pulDataLength == ulDataLength) &&
!memcmp(prgbDataToUnBind, rgbDataToBind, pulDataLength))
print_success( function, result );
else{
printf("Data doesn't match");
print_error("Data doestn't match: Tspi_Data_Unbind", TSS_E_FAIL);
}
}
#if 0
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
goto done;
}
//Set Secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
goto done;
}
#endif
/* ######## Start Key 0 ######## */
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_STORAGE |
TSS_KEY_NO_AUTHORIZATION,
&hKey0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (key 0)", result );
goto done;
}
result = Tspi_Key_CreateKey( hKey0, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (key 0)", result );
goto done;
}
result = Tspi_Context_RegisterKey( hContext, hKey0,
TSS_PS_TYPE_SYSTEM,
uuid_0,
TSS_PS_TYPE_SYSTEM,
SRK_UUID );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Context_RegisterKey (uuid_0)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
fprintf( stderr, "\t\tKey 0 Finished\n" );
/* ######## End Key 0 ######## */
/* ######## Start Key 1 ######## */
result = Tspi_Context_CreateObject( hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_AUTHORIZATION,
&hKey1 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (key 1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
uuid_0, &hKey0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hKey0)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_GetPolicyObject( hKey1, TSS_POLICY_USAGE,
&keyUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
//Set Secret
result = Tspi_Policy_SetSecret( keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_Key_CreateKey( hKey1, hKey0, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (key 1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_Context_RegisterKey( hContext, hKey1,
TSS_PS_TYPE_SYSTEM,
uuid_1,
TSS_PS_TYPE_SYSTEM,
uuid_0 );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Context_RegisterKey (uuid_1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
fprintf( stderr, "\t\tKey 1 Finished\n" );
/* ######## End Key 1 ######## */
/* ######## Start Key 2 ######## */
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_NO_AUTHORIZATION,
&hKey2 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (key 2)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
result = Tspi_Key_LoadKey( hKey1, hKey0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hKey1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
result = Tspi_Key_CreateKey( hKey2, hKey1, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (key 2)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
result = Tspi_Context_RegisterKey( hContext, hKey2,
TSS_PS_TYPE_SYSTEM,
uuid_2,
TSS_PS_TYPE_SYSTEM,
uuid_1 );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Context_RegisterKey (uuid_2)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
fprintf( stderr, "\t\tKey 2 Finished\n" );
/* ######## End Key 2 ######## */
#endif
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
done:
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
main_v1_1(void)
{
char *nameOfFunction = "Tspi_Key_CreateKey03";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID uuid;
BYTE *randomData;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
BYTE well_known_secret[20] = TSS_WELL_KNOWN_SECRET;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM, SRK_UUID,
&hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result =
Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result =
Tspi_Policy_SetSecret(srkUsagePolicy,
TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN,
TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Get Policy Object
result =
Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &keyUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(keyUsagePolicy,
TSS_SECRET_MODE_SHA1, 20,
well_known_secret);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Create Key
result = Tspi_Key_CreateKey(-1, hSRK, 0);
if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
if (!checkNonAPI(result)) {
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
} else {
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
} else {
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
main_v1_1(void){
char *nameOfFunction = "Tspi_Key_CreateKeyWithPcrs01";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_HPCRS hPcrs;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
BYTE *pcrValue;
UINT32 pcrLen;
BYTE pcrData[] = "09876543210987654321";
initFlags = TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(nameOfFunction);
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("connect_load_all", result);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get Policy Object
result = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &keyUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create PCRs Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS,
0, &hPcrs);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get PCR vals from TPM
result = Tspi_TPM_PcrRead(hTPM, 1, &pcrLen, &pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_PcrRead", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set PCR vals in the object
result = Tspi_PcrComposite_SetPcrValue(hPcrs, 1, pcrLen, pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
Tspi_Context_FreeMemory(hContext, pcrValue);
//Get PCR vals from TPM
result = Tspi_TPM_PcrRead(hTPM, 15, &pcrLen, &pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_PcrRead", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set PCR vals in the object
result = Tspi_PcrComposite_SetPcrValue(hPcrs, 15, pcrLen, pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
Tspi_Context_FreeMemory(hContext, pcrValue);
//Create Key
result = Tspi_Key_CreateKey(hKey, hSRK, hPcrs);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* if the key loads, the key creation is successful */
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_LoadKey ", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* now, encrypt and decrypt some data to see if the key "works" */
result = bind_and_unbind(hContext, hKey);
if (result != TSS_SUCCESS) {
print_error("bind_and_unbind ", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* now, change a PCR value that the key is set to */
result = Tspi_TPM_PcrExtend(hTPM, 15, 20, pcrData, NULL,
&pcrLen, &pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_PcrExtend ", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* now, encrypt and decrypt some data, which should fail, since
* the PCR changed */
result = bind_and_unbind(hContext, hKey);
if (result != TCPA_E_WRONGPCRVAL){
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
/* create a new key. we need a way to specify creation of a key with OAEP
* padding as well as PKCSv1.5, since signatures will need to be done on
* data larger than 20 bytes, which is the max size *regardless of key size*
* for an OAEP key signing using the TPM */
static int tpm_rsa_keygen(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb)
{
TSS_RESULT result;
TSS_FLAG initFlags = TSS_KEY_TYPE_LEGACY;
UINT32 encScheme, sigScheme;
TSS_HKEY hKey;
/* XXX allow this to be specified through pre commands */
sigScheme = TSS_SS_RSASSAPKCS1V15_DER;
encScheme = TSS_ES_RSAESPKCSV15;
DBG("%s", __FUNCTION__);
if (!BN_is_word(e, 65537)) {
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_INVALID_EXPONENT);
return 0;
}
/* set e in the RSA object as done in the built-in openssl function */
if (!rsa->e && ((rsa->e = BN_new()) == NULL)) {
TSSerr(TPM_F_TPM_RSA_KEYGEN, ERR_R_MALLOC_FAILURE);
return 0;
}
BN_copy(rsa->e, e);
switch (bits) {
case 512:
initFlags |= TSS_KEY_SIZE_512;
break;
case 1024:
initFlags |= TSS_KEY_SIZE_1024;
break;
case 2048:
initFlags |= TSS_KEY_SIZE_2048;
break;
case 4096:
initFlags |= TSS_KEY_SIZE_4096;
break;
case 8192:
initFlags |= TSS_KEY_SIZE_8192;
break;
case 16384:
initFlags |= TSS_KEY_SIZE_16384;
break;
default:
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_INVALID_KEY_SIZE);
return 0;
}
/* Load the parent key (SRK) which will wrap the new key */
if (!tpm_load_srk(NULL, NULL)) {
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_SRK_LOAD_FAILED);
return 0;
}
/* Create the new key object */
if ((result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey))) {
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_REQUEST_FAILED);
return 0;
}
/* set the signature scheme */
if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
sigScheme))) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_REQUEST_FAILED);
return 0;
}
/* set the encryption scheme */
if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
encScheme))) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_REQUEST_FAILED);
return 0;
}
/* Call create key using the new object */
if ((result = Tspi_Key_CreateKey(hKey, hSRK, NULL_HPCRS))) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_REQUEST_FAILED);
return 0;
}
if (!fill_out_rsa_object(rsa, hKey)) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_RSA_KEYGEN, TPM_R_REQUEST_FAILED);
return 0;
}
/* Load the key into the chip so other functions don't need to */
if ((result = Tspi_Key_LoadKey(hKey, hSRK))) {
Tspi_Context_CloseObject(hContext, hKey);
TSSerr(TPM_F_TPM_ENGINE_LOAD_KEY, TPM_R_REQUEST_FAILED);
return 0;
}
return 1;
}
main_v1_2(char version)
{
char *nameOfFunction = "Tspi_Key_LoadKey-trans01";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey, hWrappingKey, hSigningKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID uuid;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy, keyMigPolicy;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE | TSS_KEY_STRUCT_KEY12;
print_begin_test(nameOfFunction);
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, FALSE, &hWrappingKey,
&hSigningKey);
if (result != TSS_SUCCESS) {
print_error("Testsuite_Transport_Init", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_Create Key", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key (hKey)
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_LoadKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
result = Testsuite_Transport_Final(hContext, hSigningKey);
if (result != TSS_SUCCESS){
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
main_v1_2(char version){
char *nameOfFunction = "Tspi_TPM_KeyControlOwner01";
TSS_RESULT result;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hSRK;
TSS_HKEY hKey;
TSS_HKEY hTargetPubKey;
TSS_HPOLICY hTpmPolicy, hSrkPolicy;
TSS_UUID Uuid;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory( hContext, NULL );
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Requires Owner auth - get policy
result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTpmPolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject ", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Set Owner Secret
result = Tspi_Policy_SetSecret(hTpmPolicy, TESTSUITE_OWNER_SECRET_MODE,
TESTSUITE_OWNER_SECRET_LEN,
TESTSUITE_OWNER_SECRET );
if ( result != TSS_SUCCESS )
{
print_error("Tspi_Policy_SetSecret (Owner)", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Get SRK Key
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID ", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Requires SRK auth - get policy
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSrkPolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject ", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Set SRK Secret
result = Tspi_Policy_SetSecret(hSrkPolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error("Tspi_Policy_SetSecret (Owner)", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Create Key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Load key
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_LoadKey", result);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
}
//Set Ownerevict bit
result = Tspi_TPM_KeyControlOwner(hTPM, hKey, TSS_TSPATTRIB_KEYCONTROL_OWNEREVICT,
TRUE, &Uuid);
if (result != TSS_SUCCESS) {
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(result);
} else {
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close(hContext);
exit(0);
}
}
int main_v1_2(char version)
{
char *function = "Tspi_Hash_Sign-trans03";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hMSigningKey, hWrappingKey;
TSS_UUID SRKUUID = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 };
TSS_UUID migratableSignUUID = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2 };
TSS_HHASH hHash;
BYTE *prgbSignature;
UINT32 pulSignatureLength;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
TSS_HTPM hTPM;
print_begin_test(function);
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey,
NULL);
if (result != TSS_SUCCESS) {
print_error("Testsuite_Transport_Init", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Signing Key
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING |
TSS_KEY_NO_AUTHORIZATION,
&hMSigningKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey (signing key)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_LoadKey(hMSigningKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKey (hMSigningKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// create hash
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH,
TSS_HASH_SHA1, &hHash);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hash)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Hash_SetHashValue(hHash, 20, "Je pense, danc je s");
if (result != TSS_SUCCESS) {
print_error("Tspi_Hash_SetHashValue", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Hash_Sign(hHash, hMSigningKey, &pulSignatureLength,
&prgbSignature);
if (result != TSS_SUCCESS) {
print_error("Tspi_Hash_Sign", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Testsuite_Transport_Final(hContext, 0);
if (result != TSS_SUCCESS) {
if (!(checkNonAPI(result))) {
print_error(function, result);
} else {
print_error_nonapi(function, result);
}
} else {
print_success(function, result);
}
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
int
main_v1_2(char version)
{
char *function = "Tspi_Key_GetPubKey-trans02";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKey, hWrappingKey, hSigningKey;
TSS_UUID SRKUUID = {0,0,0,0,0,0,0,0,0,0,1};
TSS_UUID migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,2};
TSS_UUID uuid;
TSS_RESULT result;
UINT32 ulPubKeyLength;
BYTE *rgbPubKey;
TSS_HPOLICY srkUsagePolicy;
TSS_HTPM hTPM;
TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test( function );
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey,
&hSigningKey);
if (result != TSS_SUCCESS) {
print_error("Testsuite_Transport_Init", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Signing Key
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hKey)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_CreateKey( hKey, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (hKey)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_LoadKey( hKey, hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_LoadKey (hKey)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Get Pub Key
result = Tspi_Key_GetPubKey( hKey, &ulPubKeyLength, &rgbPubKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_GetPubKey", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Testsuite_Transport_Final(hContext, hSigningKey);
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
}
else
{
print_error_nonapi( function, result );
}
}
else
{
result = Tspi_Context_FreeMemory(hContext, rgbPubKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_FreeMemory ", result);
Tspi_Context_Close(hContext);
exit(result);
}
print_success( function, result );
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
/**
* gnutls_tpm_privkey_generate:
* @pk: the public key algorithm
* @bits: the security bits
* @srk_password: a password to protect the exported key (optional)
* @key_password: the password for the TPM (optional)
* @format: the format of the private key
* @pub_format: the format of the public key
* @privkey: the generated key
* @pubkey: the corresponding public key (may be null)
* @flags: should be a list of GNUTLS_TPM_* flags
*
* This function will generate a private key in the TPM
* chip. The private key will be generated within the chip
* and will be exported in a wrapped with TPM's master key
* form. Furthermore the wrapped key can be protected with
* the provided @password.
*
* Note that bits in TPM is quantized value. If the input value
* is not one of the allowed values, then it will be quantized to
* one of 512, 1024, 2048, 4096, 8192 and 16384.
*
* Allowed flags are:
*
* %GNUTLS_TPM_KEY_SIGNING: Generate a signing key instead of a legacy,
* %GNUTLS_TPM_REGISTER_KEY: Register the generate key in TPM. In that
* case @privkey would contain a URL with the UUID.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.1.0
**/
int
gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, unsigned int bits,
const char *srk_password,
const char *key_password,
gnutls_tpmkey_fmt_t format,
gnutls_x509_crt_fmt_t pub_format,
gnutls_datum_t * privkey,
gnutls_datum_t * pubkey, unsigned int flags)
{
TSS_FLAG tpm_flags = TSS_KEY_VOLATILE;
TSS_HKEY key_ctx;
TSS_RESULT tssret;
int ret;
void *tdata;
UINT32 tint;
gnutls_datum_t tmpkey = { NULL, 0 };
TSS_HPOLICY key_policy;
gnutls_pubkey_t pub;
struct tpm_ctx_st s;
TSS_FLAG storage_type;
TSS_HTPM htpm;
uint8_t buf[32];
if (flags & GNUTLS_TPM_KEY_SIGNING)
tpm_flags |= TSS_KEY_TYPE_SIGNING;
else
tpm_flags |= TSS_KEY_TYPE_LEGACY;
if (flags & GNUTLS_TPM_KEY_USER)
storage_type = TSS_PS_TYPE_USER;
else
storage_type = TSS_PS_TYPE_SYSTEM;
if (bits <= 512)
tpm_flags |= TSS_KEY_SIZE_512;
else if (bits <= 1024)
tpm_flags |= TSS_KEY_SIZE_1024;
else if (bits <= 2048)
tpm_flags |= TSS_KEY_SIZE_2048;
else if (bits <= 4096)
tpm_flags |= TSS_KEY_SIZE_4096;
else if (bits <= 8192)
tpm_flags |= TSS_KEY_SIZE_8192;
else
tpm_flags |= TSS_KEY_SIZE_16384;
ret = tpm_open_session(&s, srk_password);
if (ret < 0)
return gnutls_assert_val(ret);
/* put some randomness into TPM.
* Let's not trust it completely.
*/
tssret = Tspi_Context_GetTpmObject(s.tpm_ctx, &htpm);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_cc;
}
ret = _gnutls_rnd(GNUTLS_RND_RANDOM, buf, sizeof(buf));
if (ret < 0) {
gnutls_assert();
goto err_cc;
}
tssret = Tspi_TPM_StirRandom(htpm, sizeof(buf), buf);
if (tssret) {
gnutls_assert();
}
tssret =
Tspi_Context_CreateObject(s.tpm_ctx, TSS_OBJECT_TYPE_RSAKEY,
tpm_flags, &key_ctx);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_cc;
}
tssret =
Tspi_SetAttribUint32(key_ctx, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
TSS_SS_RSASSAPKCS1V15_DER);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
/* set the password of the actual key */
if (key_password) {
tssret =
Tspi_GetPolicyObject(key_ctx, TSS_POLICY_USAGE,
&key_policy);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
tssret = myTspi_Policy_SetSecret(key_policy,
SAFE_LEN(key_password),
(void *) key_password);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
}
tssret = Tspi_Key_CreateKey(key_ctx, s.srk, 0);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
if (flags & GNUTLS_TPM_REGISTER_KEY) {
TSS_UUID key_uuid;
ret = randomize_uuid(&key_uuid);
if (ret < 0) {
gnutls_assert();
goto err_sa;
}
tssret =
Tspi_Context_RegisterKey(s.tpm_ctx, key_ctx,
storage_type, key_uuid,
TSS_PS_TYPE_SYSTEM, srk_uuid);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
ret =
encode_tpmkey_url((char **) &privkey->data, &key_uuid,
storage_type);
if (ret < 0) {
TSS_HKEY tkey;
Tspi_Context_UnregisterKey(s.tpm_ctx, storage_type,
key_uuid, &tkey);
gnutls_assert();
goto err_sa;
}
privkey->size = strlen((char *) privkey->data);
} else { /* get the key as blob */
tssret =
Tspi_GetAttribData(key_ctx, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_BLOB, &tint,
(void *) &tdata);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) {
ret =
_gnutls_x509_encode_string
(ASN1_ETYPE_OCTET_STRING, tdata, tint,
&tmpkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_fbase64_encode("TSS KEY BLOB",
tmpkey.data,
tmpkey.size, privkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
} else {
UINT32 tint2;
tmpkey.size = tint + 32; /* spec says no more than 20 */
tmpkey.data = gnutls_malloc(tmpkey.size);
if (tmpkey.data == NULL) {
gnutls_assert();
ret = GNUTLS_E_MEMORY_ERROR;
goto cleanup;
}
tint2 = tmpkey.size;
tssret =
Tspi_EncodeDER_TssBlob(tint, tdata,
TSS_BLOB_TYPE_PRIVATEKEY,
&tint2, tmpkey.data);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto cleanup;
}
tmpkey.size = tint2;
privkey->data = tmpkey.data;
privkey->size = tmpkey.size;
tmpkey.data = NULL;
}
}
/* read the public key */
if (pubkey != NULL) {
size_t psize;
ret = gnutls_pubkey_init(&pub);
if (ret < 0) {
gnutls_assert();
goto privkey_cleanup;
}
ret = read_pubkey(pub, key_ctx, &psize);
if (ret < 0) {
gnutls_assert();
goto privkey_cleanup;
}
psize += 512;
pubkey->data = gnutls_malloc(psize);
if (pubkey->data == NULL) {
gnutls_assert();
ret = GNUTLS_E_MEMORY_ERROR;
goto pubkey_cleanup;
}
ret =
gnutls_pubkey_export(pub, pub_format, pubkey->data,
&psize);
if (ret < 0) {
gnutls_assert();
goto pubkey_cleanup;
}
pubkey->size = psize;
gnutls_pubkey_deinit(pub);
}
ret = 0;
goto cleanup;
pubkey_cleanup:
gnutls_pubkey_deinit(pub);
privkey_cleanup:
gnutls_free(privkey->data);
privkey->data = NULL;
cleanup:
gnutls_free(tmpkey.data);
tmpkey.data = NULL;
err_sa:
Tspi_Context_CloseObject(s.tpm_ctx, key_ctx);
err_cc:
tpm_close_session(&s);
return ret;
}
int
main_v1_2( char version )
{
char *function = "Tspi_GetAttribData21";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK, hKey;
TSS_HPOLICY hSrkPolicy;
BYTE *rgbDataToSeal = "This is a test";
BYTE rgbPcrValue[20];
TSS_HPCRS hPcrComposite;
UINT32 AttribDataSize;
BYTE* AttribData;
UINT32 ulDataLength = strlen(rgbDataToSeal);
TSS_RESULT result,resultFree;
TSS_FLAG keyInitFlags = TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_STORAGE |
TSS_KEY_NO_AUTHORIZATION;
TSS_FLAG pcrsInitFlags = 0;
print_begin_test( function );
if (version == TESTSUITE_TEST_TSS_1_2) {
keyInitFlags |= TSS_KEY_STRUCT_KEY12;
pcrsInitFlags |= TSS_PCRS_STRUCT_INFO_LONG;
}
memset(rgbPcrValue, 0x5a, sizeof(rgbPcrValue));
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
print_end_test(function);
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, keyInitFlags, &hKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hKey)", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Load Key by UUID
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE, &hSrkPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Policy_SetSecret( hSrkPolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, pcrsInitFlags,
&hPcrComposite );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hPcrComposite)",
result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_PcrComposite_SetPcrValue( hPcrComposite, 8, 20, rgbPcrValue );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_PcrComposite_SetPcrValue", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_PcrComposite_SetPcrLocality( hPcrComposite, TPM_LOC_ZERO );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_PcrComposite_SetPcrLocality", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_CreateKey(hKey, hSRK, hPcrComposite);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey", result );
print_end_test(function);
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Checking flag and subflags
//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION
result = Tspi_GetAttribData(hKey,
TSS_TSPATTRIB_KEY_PCR_LONG,
TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION,
&AttribDataSize, &AttribData);
if ( result != TSS_SUCCESS )
{
print_error("Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION",
result );
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
else
{
resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
if ( resultFree != TSS_SUCCESS )
{
print_error( "Tspi_Context_FreeMemory", resultFree );
print_end_test(function);
exit(resultFree);
}
print_success( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION -",
result );
}
//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE
result = Tspi_GetAttribData(hKey,
TSS_TSPATTRIB_KEY_PCR_LONG,
TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE,
&AttribDataSize, &AttribData);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE",
result );
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
else
{
resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
if ( resultFree != TSS_SUCCESS )
{
print_error( "Tspi_Context_FreeMemory", resultFree );
print_end_test(function);
exit(resultFree);
}
print_success("Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE -",
result );
}
//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION
result = Tspi_GetAttribData(hKey,
TSS_TSPATTRIB_KEY_PCR_LONG,
TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION,
&AttribDataSize, &AttribData);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION",
result );
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
else
{
resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
if ( resultFree != TSS_SUCCESS )
{
print_error( "Tspi_Context_FreeMemory", resultFree );
print_end_test(function);
exit(resultFree);
}
print_success( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION -",
result );
}
//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION
result = Tspi_GetAttribData(hKey,
TSS_TSPATTRIB_KEY_PCR_LONG,
TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION,
&AttribDataSize, &AttribData);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION",
result );
print_end_test(function);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
else
{
resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
if ( resultFree != TSS_SUCCESS )
{
print_error( "Tspi_Context_FreeMemory", resultFree );
print_end_test(function);
exit(resultFree);
}
print_success( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION -",
result );
}
print_end_test(function);
Tspi_Context_Close(hContext);
exit( 0 );
}
int main_v1_1(void)
{
char *function = "Tspi_Hash_Sign03";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hMSigningKey;
TSS_HKEY hKey;
TSS_UUID SRKUUID = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 };
TSS_UUID migratableSignUUID = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2 };
TSS_HHASH hHash;
BYTE *prgbSignature;
// UINT32 pulSignatureLength;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
UINT32 exitCode = 0;
print_begin_test(function);
// Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
// Connect to Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// create hKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result =
Tspi_Policy_SetSecret(srkUsagePolicy,
TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN,
TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Signing Key
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING, &hMSigningKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_RegisterKey(hContext, hMSigningKey,
TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
TSS_PS_TYPE_SYSTEM, SRKUUID);
if ((result != TSS_SUCCESS) &&
(TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED)) {
print_error("Tspi_Context_RegisterKey (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (signing key)",
result );
Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
*/
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH,
TSS_HASH_SHA1, &hHash);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hash)", result);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Hash_SetHashValue(hHash, 20, "Je pense, danc je suis.");
if (result != TSS_SUCCESS) {
print_error("Tspi_Hash_SetHashValue", result);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key Blob
result = Tspi_Hash_Sign(hHash, hMSigningKey, NULL, &prgbSignature);
if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
if (!(checkNonAPI(result))) {
print_error(function, result);
} else {
print_error_nonapi(function, result);
}
exitCode = result;
} else {
print_success(function, result);
}
print_end_test(function);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hMSigningKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(exitCode);
}
main_v1_1(void){
char *nameOfFunction = "Tspi_Key_LoadKey01";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID uuid;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy, keyMigPolicy;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_Create Key", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key (hKey)
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS){
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int main(int argc, char **argv)
{
TSS_HKEY hKey, hSRK;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HPOLICY hPolicy;
TSS_HPCRS hPcrs;
UINT32 ulPcrValueLength, subCap, subCapLength;
UINT32 pulRespDataLength, numPcrs;
BYTE *pNumPcrs, *rgbPcrValue, *uuidString, *pcrsSelectedValues[24];
int i, c, *pcrsSelected = NULL, numPcrsSelected = 0;
TSS_UUID *uuid;
BYTE wellknown[] = TSS_WELL_KNOWN_SECRET;
while (1) {
c = getopt(argc, argv, "p:");
if (c == -1)
break;
switch (c) {
case 'p':
numPcrsSelected++;
pcrsSelected = realloc(pcrsSelected,
(sizeof(int)
* numPcrsSelected));
if (pcrsSelected == NULL) {
PRINT_ERR("Malloc of %zd bytes failed.",
(sizeof(int)
* numPcrsSelected));
return -1;
}
pcrsSelected[numPcrsSelected - 1] =
atoi(optarg);
break;
default:
usage(argv[0]);
break;
}
}
if (numPcrsSelected == 0)
printf("Warning: Key will not be bound to any PCR's!\n");
if (numPcrsSelected > 24) {
PRINT_ERR("Too many PCRs selected! Exiting.");
return -EINVAL;
}
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_Create", result);
return result;
}
result = Tspi_Context_Connect(hContext, NULL);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_GetTpmObject", result);
Tspi_Context_Close(hContext);
return result;
}
subCap = TSS_TPMCAP_PROP_PCR;
subCapLength = sizeof(UINT32);
result = Tspi_TPM_GetCapability(hTPM, TSS_TPMCAP_PROPERTY,
subCapLength, (BYTE *)&subCap,
&pulRespDataLength, &pNumPcrs );
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_TPM_GetCapability", result);
Tspi_Context_Close(hContext);
return result;
}
numPcrs = *(UINT32 *)pNumPcrs;
for (i = 0; i < (int)numPcrsSelected; i++) {
if (pcrsSelected[i] > (int)numPcrs) {
fprintf(stderr, "%d: invalid PCR register. PCRs range "
"from 0 - %u\n", pcrsSelected[i], numPcrs);
return -1;
}
}
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0,
&hPcrs);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_CreateObject", result);
return result;
}
for (i = 0; i < numPcrsSelected; i++) {
result = Tspi_TPM_PcrRead(hTPM, pcrsSelected[i],
&ulPcrValueLength, &rgbPcrValue);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_TPM_PcrRead", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_PcrComposite_SetPcrValue(hPcrs, pcrsSelected[i],
ulPcrValueLength,
rgbPcrValue);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_PcrComposite_SetPcrValue", result );
Tspi_Context_Close( hContext );
return result;
}
pcrsSelectedValues[i] = rgbPcrValue;
}
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_LoadKeyByUUID", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hPolicy);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_SHA1,
sizeof(wellknown), wellknown);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_GetPolicyObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
(TSS_KEY_TYPE_STORAGE
| TSS_KEY_SIZE_2048
| TSS_KEY_VOLATILE
| TSS_KEY_NO_AUTHORIZATION
| TSS_KEY_NOT_MIGRATABLE), &hKey);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Key_CreateKey(hKey, hSRK, hPcrs);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Key_CreateKey", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_TPM_GetRandom(hTPM, (UINT32)16, (BYTE **)&uuid);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_TPM_GetRandom", result);
Tspi_Context_Close(hContext);
return result;
}
result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_USER,
*uuid, TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS) {
PRINT_TSS_ERR("Tspi_Context_RegisterKey", result);
Tspi_Context_Close(hContext);
return result;
}
printf("Success: Key created bound to:\n");
for (i = 0; i < numPcrsSelected; i++) {
uuidString = (unsigned char *)
util_bytes_to_string((char *)
pcrsSelectedValues[i], 20);
if (uuidString == NULL) {
PRINT_ERR("malloc of 41 bytes failed");
Tspi_Context_Close(hContext);
return result;
}
printf("PCR %d: %s\n", pcrsSelected[i], uuidString);
free(uuidString);
Tspi_Context_FreeMemory(hContext, pcrsSelectedValues[i]);
}
uuidString = (BYTE *)util_bytes_to_string((char *)uuid, 16);
if (uuidString == NULL) {
PRINT_ERR("malloc of 33 bytes failed");
Tspi_Context_Close(hContext);
return result;
}
printf("And registered in persistent storage with UUID "
"(tspi_uuid parameter): %s\n", uuidString);
Tspi_Context_FreeMemory(hContext, (BYTE *)uuid);
free(uuidString);
Tspi_Context_Close(hContext);
return 0;
}
int main(int argc, char **argv)
{
TSS_HCONTEXT hContext;
TSS_FLAG initFlags = TSS_KEY_TYPE_LEGACY | TSS_KEY_VOLATILE;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy, keyMigrationPolicy;
BYTE *blob;
UINT32 blob_size, srk_authusage;
BIO *outb;
ASN1_OCTET_STRING *blob_str;
unsigned char *blob_asn1 = NULL;
int asn1_len;
char *filename, c, *openssl_key = NULL;
int option_index, auth = 0, popup = 0, wrap = 0, well_known = 0;
UINT32 enc_scheme = TSS_ES_RSAESPKCSV15;
UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER;
UINT32 key_size = 2048;
RSA *rsa;
while (1) {
option_index = 0;
c = getopt_long(argc, argv, "pe:q:s:azhw:",
long_options, &option_index);
if (c == -1)
break;
switch (c) {
case 'a':
initFlags |= TSS_KEY_AUTHORIZATION;
auth = 1;
break;
case 'h':
usage(argv[0]);
break;
case 's':
key_size = atoi(optarg);
break;
case 'e':
if (!strncasecmp("oaep", optarg, 4)) {
enc_scheme = TSS_ES_RSAESOAEP_SHA1_MGF1;
} else if (strncasecmp("pkcs", optarg, 4)) {
usage(argv[0]);
}
break;
case 'q':
if (!strncasecmp("der", optarg, 3)) {
sig_scheme = TSS_SS_RSASSAPKCS1V15_SHA1;
} else if (strncasecmp("sha", optarg, 3)) {
usage(argv[0]);
}
break;
case 'p':
initFlags |= TSS_KEY_AUTHORIZATION;
auth = 1;
popup = 1;
break;
case 'w':
initFlags |= TSS_KEY_MIGRATABLE;
wrap = 1;
openssl_key = optarg;
break;
case 'z':
well_known = 1;
break;
default:
usage(argv[0]);
break;
}
}
/* set up the key option flags */
switch (key_size) {
case 512:
initFlags |= TSS_KEY_SIZE_512;
break;
case 1024:
initFlags |= TSS_KEY_SIZE_1024;
break;
case 2048:
initFlags |= TSS_KEY_SIZE_2048;
break;
case 4096:
initFlags |= TSS_KEY_SIZE_4096;
break;
case 8192:
initFlags |= TSS_KEY_SIZE_8192;
break;
case 16384:
initFlags |= TSS_KEY_SIZE_16384;
break;
default:
usage(argv[0]);
break;
}
#if 0
while (argc--) {
printf("argv[%d] = \"%s\"\n", argc, argv[argc]);
}
exit(1);
#endif
filename = argv[argc - 1];
if (argc < 2 || filename[0] == '-')
usage(argv[0]);
//Create Context
if ((result = Tspi_Context_Create(&hContext))) {
print_error("Tspi_Context_Create", result);
exit(result);
}
//Connect Context
if ((result = Tspi_Context_Connect(hContext, NULL))) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
if ((result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey))) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
sig_scheme))) {
print_error("Tspi_SetAttribUint32", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
enc_scheme))) {
print_error("Tspi_SetAttribUint32", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
if ((result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK))) {
print_error("Tspi_Context_LoadKeyByUUID", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
if ((result = Tspi_GetAttribUint32(hSRK, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_AUTHUSAGE,
&srk_authusage))) {
print_error("Tspi_GetAttribUint32", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
if (srk_authusage) {
if ((result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy))) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
if (well_known) {
BYTE well_known_secret[] = TSS_WELL_KNOWN_SECRET;
//Set Well Known Secret
if ((result = Tspi_Policy_SetSecret(srkUsagePolicy,
TSS_SECRET_MODE_SHA1,
sizeof(well_known_secret),
(BYTE *)well_known_secret))) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
} else {
char *authdata = calloc(1, 128);
if (!authdata) {
fprintf(stderr, "malloc failed.\n");
Tspi_Context_Close(hContext);
exit(result);
}
if (EVP_read_pw_string(authdata, 128, "SRK Password: "******"Tspi_Policy_SetSecret", result);
free(authdata);
Tspi_Context_Close(hContext);
exit(result);
}
free(authdata);
}
}
if (auth) {
if ((result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_USAGE,
&keyUsagePolicy))) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
if (popup) {
//Set Secret
if ((result = Tspi_Policy_SetSecret(keyUsagePolicy,
TSS_SECRET_MODE_POPUP,
0, NULL))) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
} else {
char *authdata = calloc(1, 128);
if (!authdata) {
fprintf(stderr, "malloc failed.\n");
Tspi_Context_Close(hContext);
exit(result);
}
if (EVP_read_pw_string(authdata, 128,
"Enter Key Usage Password: "******"Passwords do not match.\n");
free(authdata);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
if ((result = Tspi_Policy_SetSecret(keyUsagePolicy,
TSS_SECRET_MODE_PLAIN,
strlen(authdata),
(BYTE *)authdata))) {
print_error("Tspi_Policy_SetSecret", result);
free(authdata);
Tspi_Context_Close(hContext);
exit(result);
}
free(authdata);
}
if ((result = Tspi_Policy_AssignToObject(keyUsagePolicy, hKey))) {
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
// Create or Wrap Key
if (wrap) {
char n[256], p[128];
unsigned int size_n, size_p;
BYTE *pubSRK;
/*Set migration policy needed to wrap the key*/
if ((result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_MIGRATION,
&keyMigrationPolicy))) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
if (auth) {
char *authdata = calloc(1, 128);
if (!authdata) {
fprintf(stderr, "malloc failed.\n");
Tspi_Context_Close(hContext);
exit(result);
}
if (EVP_read_pw_string(authdata, 128,
"Enter Key Migration Password: "******"Passwords do not match.\n");
free(authdata);
Tspi_Context_Close(hContext);
exit(result);
}
if ((result = Tspi_Policy_SetSecret(keyMigrationPolicy,
TSS_SECRET_MODE_PLAIN,
strlen(authdata),
(BYTE *)authdata))) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_Close(hContext);
exit(result);
}
free(authdata);
}
if ((result = Tspi_Policy_AssignToObject(keyMigrationPolicy, hKey))) {
print_error("Tspi_Policy_AssignToObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
/* Pull the PubKRK out of the TPM */
if ((result = Tspi_Key_GetPubKey(hSRK, &size_n, &pubSRK))) {
print_error("Tspi_Key_WrapKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
Tspi_Context_FreeMemory(hContext, pubSRK);
if ((rsa = openssl_read_key(openssl_key)) == NULL) {
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(-1);
}
if (RSA_size(rsa) != key_size / 8) {
fprintf(stderr,
"Error, key size is incorrect, please use the '-s' option\n");
RSA_free(rsa);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(-1);
}
if (openssl_get_modulus_and_prime(rsa, &size_n, (unsigned char *)n,
&size_p, (unsigned char *)p)) {
fprintf(stderr, "Error getting modulus and prime!\n");
RSA_free(rsa);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(-1);
}
if ((result = Tspi_SetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO,
TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,
size_n, (BYTE *)n))) {
print_error("Tspi_SetAttribData (RSA modulus)", result);
RSA_free(rsa);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(-1);
}
if ((result = Tspi_SetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_PRIVATE_KEY,
size_p, (BYTE *)p))) {
print_error("Tspi_SetAttribData (private key)", result);
RSA_free(rsa);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(-1);
}
if ((result = Tspi_Key_WrapKey(hKey, hSRK, 0))) {
print_error("Tspi_Key_WrapKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
} else {
if ((result = Tspi_Key_CreateKey(hKey, hSRK, 0))) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
if ((result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_BLOB,
&blob_size, &blob))) {
print_error("Tspi_GetAttribData", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
if ((outb = BIO_new_file(filename, "w")) == NULL) {
fprintf(stderr, "Error opening file for write: %s\n", filename);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(-1);
}
blob_str = ASN1_OCTET_STRING_new();
if (!blob_str) {
fprintf(stderr, "Error allocating ASN1_OCTET_STRING\n");
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(-1);
}
ASN1_STRING_set(blob_str, blob, blob_size);
asn1_len = i2d_ASN1_OCTET_STRING(blob_str, &blob_asn1);
PEM_write_bio(outb, "TSS KEY BLOB", "", blob_asn1, asn1_len);
BIO_free(outb);
Tspi_Context_Close(hContext);
printf("Success.\n");
return 0;
}
main_v1_1(void) {
char *nameOfFunction = "Tspi_ChangeAuthAsym02";
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_HPOLICY hPolicy;
TSS_UUID migratableStorageUUID = {1,2,3,4,5,6,7,8,9,10,5};
TSS_UUID migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,8};
TSS_UUID AIKUUID = {1,2,3,4,5,6,7,8,9,10,6};
TSS_HKEY hAIK;
TSS_HKEY hMSigningKey;
TSS_HKEY hMStorageKey;
TSS_HCONTEXT hContext;
TSS_RESULT result;
TSS_FLAG initFlags;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
TSS_HPOLICY srkUsagePolicy;
print_begin_test(nameOfFunction);
//Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
//Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create hKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Object for the hAIK Key
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hAIK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create the hAIK Key
result = Tspi_Key_CreateKey(hAIK, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
// Load hAIK Key
result = Tspi_Key_LoadKey(hAIK, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object for Storage Key
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMStorageKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Storage Key
result = Tspi_Key_CreateKey(hMStorageKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tpspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
// Load hMStorageKey Key
result = Tspi_Key_LoadKey(hMStorageKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object for Signing Key
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMSigningKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Signing Key
result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Get Default Policy
result = Tspi_Context_GetDefaultPolicy(hContext, &hPolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetPolicy", result);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Call to Change Auth Asym
result = Tspi_ChangeAuthAsym(-1, hMStorageKey, hAIK, hPolicy);
if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
if(!checkNonAPI(result)) {
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else {
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else {
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hMStorageKey);
Tspi_Context_CloseObject(hContext, hAIK);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int
main_v1_1(void){
char *nameOfFunction = "Tspi_Context_GetRegisteredKeysByUUID03";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID migratableSignUUID={1, 2, 3, 4, 5, {6, 7, 8, 9, 10, 2}};
TSS_HPOLICY srkUsagePolicy;
UINT32 pulKeyHierarchySize;
TSS_KM_KEYINFO* ppKeyHierarchy;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_512 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(nameOfFunction);
//Create
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
//Connect
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key by UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object for the srkUsagePolicy
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret for the srkUsagePolicy
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create the hKey with the hSRK wrapping key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Register the hKey
result = Tspi_Context_RegisterKey(hContext,
hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID,
TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS && TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) {
print_error("Tspi_Context_RegisterKey ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Get Registered Keys By UUID
result = Tspi_Context_GetRegisteredKeysByUUID(hContext,
-1, &migratableSignUUID,
&pulKeyHierarchySize, &ppKeyHierarchy);
if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int
main_v1_1( void )
{
char *function = "Tspi_Data_Unbind05";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKey;
TSS_HPOLICY hSrkPolicy;
BYTE *prgbDataToUnBind;
TSS_HENCDATA hEncData;
UINT32 pulDataLength;
BYTE rgbDataToBind[DATA_SIZE], *rgbEncryptedData = NULL;
UINT32 ulDataLength = DATA_SIZE, ulEncryptedDataLength = 0;
TSS_UUID uuid;
TSS_RESULT result;
UINT32 exitCode;
TSS_FLAG initFlags = TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test( function );
memset (rgbDataToBind, 0x5a, DATA_SIZE);
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// create hKey
result = Tspi_Context_CreateObject( hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hKey)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Context_CreateObject( hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_BIND, &hEncData );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hEncData)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE, &hSrkPolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Policy_SetSecret( hSrkPolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
result = Tspi_SetAttribUint32( hKey, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
TSS_ES_RSAESPKCSV15 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_SetAtttribUint32", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_Key_CreateKey( hKey, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Load the newly created key
result = Tspi_Key_LoadKey( hKey, hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_LoadKey", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
printf("Data before binding:\n");
print_hex(rgbDataToBind, ulDataLength);
result = Tspi_Data_Bind( hEncData, hKey, ulDataLength, rgbDataToBind );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Data_Bind", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
result = Tspi_GetAttribData(hEncData, TSS_TSPATTRIB_ENCDATA_BLOB,
TSS_TSPATTRIB_ENCDATABLOB_BLOB,
&ulEncryptedDataLength, &rgbEncryptedData);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetAttribData", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
printf("Data after encrypting:\n");
print_hex(rgbEncryptedData, ulEncryptedDataLength);
result = Tspi_Data_Unbind( hEncData, hKey, &pulDataLength,
&prgbDataToUnBind );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
exitCode = 1;
}
else
{
print_error_nonapi( function, result );
exitCode = 1;
}
}
else
{
printf("Data after unbinding:\n");
print_hex(prgbDataToUnBind, pulDataLength);
if (pulDataLength != ulDataLength) {
printf("ERROR: Size of decrypted data does not match! "
"(%u != %u)\n", pulDataLength, ulDataLength);
} else if (memcmp(prgbDataToUnBind, rgbDataToBind, ulDataLength)) {
printf("ERROR: Content of decrypted data does not match!\n");
} else {
print_success( function, result );
exitCode = 0;
}
}
print_end_test( function );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
