/*ARGSUSED*/
int
cmd_deletekey(TSS_HCONTEXT hContext, TSS_HTPM hTPM, int argc, char *argv[])
{
TSS_RESULT ret;
TSS_HOBJECT hKey;
union {
uuid_t arr_uuid;
TSS_UUID tss_uuid;
} uuid;
if (argc < 2) {
(void) fprintf(stderr, gettext("Usage:\n"));
(void) fprintf(stderr, "\tdeletekey [uuid]\n");
return (ERR_USAGE);
}
if (uuid_parse(argv[1], uuid.arr_uuid))
return (ERR_FAIL);
ret = Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_USER,
uuid.tss_uuid, &hKey);
if (ret == TSP_ERROR(TSS_E_PS_KEY_NOTFOUND)) {
ret = Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
uuid.tss_uuid, &hKey);
}
if (ret) {
print_error(ret, gettext("Unregister key"));
return (ERR_FAIL);
}
return (0);
}
/**
* gnutls_tpm_privkey_delete:
* @url: the URL describing the key
* @srk_password: a password for the SRK key
*
* This function will unregister the private key from the TPM
* chip.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.1.0
**/
int gnutls_tpm_privkey_delete(const char *url, const char *srk_password)
{
struct tpm_ctx_st s;
struct tpmkey_url_st durl;
TSS_RESULT tssret;
TSS_HKEY tkey;
int ret;
ret = decode_tpmkey_url(url, &durl);
if (ret < 0)
return gnutls_assert_val(ret);
if (durl.uuid_set == 0)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
ret = tpm_open_session(&s, srk_password);
if (ret < 0)
return gnutls_assert_val(ret);
tssret =
Tspi_Context_UnregisterKey(s.tpm_ctx, durl.storage, durl.uuid,
&tkey);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_cc;
}
ret = 0;
err_cc:
tpm_close_session(&s);
return ret;
}
TSS_RESULT
unregisterkey(int i)
{
TSS_RESULT result;
char *function = "Tspi_Context_UnregisterKey";
printf("%s: key %d\n", __FUNCTION__, i);
result = Tspi_Context_UnregisterKey( hContext,
TSS_PS_TYPE_SYSTEM,
hKey[i].uuid,
&throw_away );
if (result != TSS_SUCCESS)
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
return result;
}
else
{
print_error_nonapi( function, result );
return result;
}
}
else
{
hKey[i].registered = 0;
print_success( function, result );
return 0;
}
}
/* create and store keys with the uuids in the @uuids parameter. Unregister
* any keys in the PS that are already stored. hParentKey should already be
* loaded and will become the parent of the key stored with uuids[0] */
TSS_RESULT
store_keys(TSS_HCONTEXT hContext, TSS_HKEY hParentKey, TSS_UUID *uuidParent0,
TSS_UUID **uuids)
{
int i;
TSS_RESULT result;
TSS_UUID *uuidParent;
TSS_HKEY hKey;
TSS_FLAG initFlags;
for (i = 0; uuids[i]; i++) {
/* unregister any keys in the PS that are in the way */
if ((result = Tspi_Context_UnregisterKey(hContext,
TSS_PS_TYPE_SYSTEM,
*uuids[i], &hKey)) &&
(TSS_ERROR_CODE(result) != TSS_E_PS_KEY_NOTFOUND)) {
print_error("Tspi_Context_UnregisterKey", result);
return result;
}
}
initFlags = TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_STORAGE |
TSS_KEY_NO_AUTHORIZATION;
uuidParent = uuidParent0;
for (i = 0; uuids[i]; i++) {
/* create the keys and register them */
if ((result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey))) {
print_error("Tspi_Context_CreateObject", result);
return result;
}
if ((result = Tspi_Key_CreateKey(hKey, hParentKey, 0))) {
print_error("Tspi_Key_CreateKey", result);
return result;
}
/* load key so that the child can be created */
if ((result = Tspi_Key_LoadKey(hKey, hParentKey))) {
print_error("Tspi_Key_LoadKey", result);
return result;
}
/* register the new key */
if ((result = Tspi_Context_RegisterKey(hContext, hKey,
TSS_PS_TYPE_SYSTEM,
*uuids[i],
TSS_PS_TYPE_SYSTEM,
*uuidParent))) {
print_error("Tspi_Context_RegisterKey", result);
return result;
}
hParentKey = hKey;
uuidParent = uuids[i];
}
return TSS_SUCCESS;
}
int main(int argc,char **argv)
{
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HKEY hSRK=0;
TSS_HPOLICY hSRKPolicy=0;
TSS_UUID SRK_UUID=TSS_UUID_SRK;
BYTE wks[20]; //For the well known secret
// Set wks to the well known secret: 20 bytes of all 0’s
memset(wks,0,20);
//Pick the TPM you are talking to.
// In this case, it is the system TPM (indicated with NULL).
result = Tspi_Context_Create( &hContext);
DBG("Create Context",result);
result = Tspi_Context_Connect(hContext, NULL);
DBG("Context Connect�",result);
// Get the TPM handle
result=Tspi_Context_GetTpmObject(hContext,&hTPM);
DBG("Get TPM Handle",result);
// Get the SRK handle
result=Tspi_Context_LoadKeyByUUID(hContext,TSS_PS_TYPE_SYSTEM,SRK_UUID,&hSRK);
DBG("Got the SRK handle�", result);
//Get the SRK policy
result = Tspi_GetPolicyObject(hSRK,TSS_POLICY_USAGE,&hSRKPolicy);
DBG("Got the SRK policy",result);
//Then set the SRK policy to be the well known secret
result=Tspi_Policy_SetSecret(hSRKPolicy,TSS_SECRET_MODE_SHA1,20,wks);
//Note: TSS SECRET MODE SHA1 says ”Don’t hash this.
// Use the 20 bytes as they are.
DBG("Set the SRK secret in its policy",result);
//Do something usefull
TSS_UUID MY_UUID=BACKUP_KEY_UUID;
TSS_HKEY hESS_Bind_Key;
result=Tspi_Context_GetKeyByUUID(hContext,TSS_PS_TYPE_SYSTEM,MY_UUID,&hESS_Bind_Key);
DBG("Get key handle", result);
printf("Unregistering key\r\n");
result=Tspi_Context_UnregisterKey(hContext,TSS_PS_TYPE_SYSTEM,MY_UUID,&hESS_Bind_Key);
DBG("Unregister key",result);
//Done doing something usefull
// Context Close(hobjects you have created);
Tspi_Context_FreeMemory(hContext,NULL);
// This frees up memory automatically allocated for you.
Tspi_Context_Close(hContext);
return 0;
}
main_v1_1(void){
char *nameOfFunction = "Tspi_GetAttribData19";
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HCONTEXT hContext;
TSS_RESULT result;
TSS_HKEY hSRK;
BYTE* uuid;
UINT32 uuidLength;
int rc;
TSS_UUID null_uuid, key_uuid;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
memset(&null_uuid, 0, sizeof(TSS_UUID));
memset(&key_uuid, 0x7f, sizeof(TSS_UUID));
print_begin_test(nameOfFunction);
//Create Context and connect
result = connect_load_srk(&hContext, &hSRK);
if (result != TSS_SUCCESS) {
print_error("connect_load_srk", result);
print_error_exit(nameOfFunction, err_string(result));
exit(result);
}
//Create Key Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Create Key in the TPM
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Call GetAttribData, uuid should be all 0's
result = Tspi_GetAttribData(hKey,
TSS_TSPATTRIB_KEY_UUID, 0,
&uuidLength, &uuid);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetAttribData", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Check length and data
if (uuidLength != sizeof(TSS_UUID)) {
print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1);
print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
if ((rc = memcmp(uuid, &null_uuid, uuidLength))) {
print_verifyerr("a null uuid from Tspi_GetAttribData", 0, rc);
print_hex(uuid, sizeof(TSS_UUID));
print_error("uuid NULL from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
Tspi_Context_FreeMemory(hContext, uuid);
register_key:
//Register Key
result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM,
key_uuid, TSS_PS_TYPE_SYSTEM,
SRK_UUID);
if (TSS_ERROR_CODE(result) == TSS_E_KEY_ALREADY_REGISTERED) {
result = Tspi_Context_UnregisterKey(hContext,
TSS_PS_TYPE_SYSTEM,
key_uuid, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_UnregisterKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
goto register_key;
} else if (result != TSS_SUCCESS) {
print_error("Tspi_Context_RegisterKey", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Close the object
result = Tspi_Context_CloseObject(hContext, hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CloseObject", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
hKey = 0;
//Load the key by UUID from PS
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
key_uuid, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Call GetAttribData, uuid should be equal to key_uuid
result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_UUID, 0,
&uuidLength, &uuid);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetAttribData", result);
print_error_exit(nameOfFunction, err_string(result));
Tspi_Context_Close(hContext);
exit(result);
}
//Check length and data
if (uuidLength != sizeof(TSS_UUID)) {
print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1);
print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
if ((rc = memcmp(uuid, &key_uuid, uuidLength))) {
print_verifyerr("key's uuid from Tspi_GetAttribData", 0, rc);
print_hex((BYTE *)&key_uuid, sizeof(TSS_UUID));
print_error("key's uuid from Tspi_GetAttribData", TSS_E_FAIL);
Tspi_Context_Close(hContext);
exit(result);
}
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_Close(hContext);
exit(0);
}
int main_v1_1(void)
{
char *function = "Tspi_Hash_Sign03";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hMSigningKey;
TSS_HKEY hKey;
TSS_UUID SRKUUID = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 };
TSS_UUID migratableSignUUID = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2 };
TSS_HHASH hHash;
BYTE *prgbSignature;
// UINT32 pulSignatureLength;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
UINT32 exitCode = 0;
print_begin_test(function);
// Create Context
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create", result);
exit(result);
}
// Connect to Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// create hKey
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hKey)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result =
Tspi_Policy_SetSecret(srkUsagePolicy,
TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN,
TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create Signing Key
result =
Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING, &hMSigningKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result = Tspi_Context_RegisterKey(hContext, hMSigningKey,
TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
TSS_PS_TYPE_SYSTEM, SRKUUID);
if ((result != TSS_SUCCESS) &&
(TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED)) {
print_error("Tspi_Context_RegisterKey (signing key)",
result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
/* result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (signing key)",
result );
Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
*/
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH,
TSS_HASH_SHA1, &hHash);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject (hash)", result);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
result =
Tspi_Hash_SetHashValue(hHash, 20, "Je pense, danc je suis.");
if (result != TSS_SUCCESS) {
print_error("Tspi_Hash_SetHashValue", result);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key Blob
result = Tspi_Hash_Sign(hHash, hMSigningKey, NULL, &prgbSignature);
if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
if (!(checkNonAPI(result))) {
print_error(function, result);
} else {
print_error_nonapi(function, result);
}
exitCode = result;
} else {
print_success(function, result);
}
print_end_test(function);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hMSigningKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(exitCode);
}
/**
* gnutls_tpm_privkey_generate:
* @pk: the public key algorithm
* @bits: the security bits
* @srk_password: a password to protect the exported key (optional)
* @key_password: the password for the TPM (optional)
* @format: the format of the private key
* @pub_format: the format of the public key
* @privkey: the generated key
* @pubkey: the corresponding public key (may be null)
* @flags: should be a list of GNUTLS_TPM_* flags
*
* This function will generate a private key in the TPM
* chip. The private key will be generated within the chip
* and will be exported in a wrapped with TPM's master key
* form. Furthermore the wrapped key can be protected with
* the provided @password.
*
* Note that bits in TPM is quantized value. If the input value
* is not one of the allowed values, then it will be quantized to
* one of 512, 1024, 2048, 4096, 8192 and 16384.
*
* Allowed flags are:
*
* %GNUTLS_TPM_KEY_SIGNING: Generate a signing key instead of a legacy,
* %GNUTLS_TPM_REGISTER_KEY: Register the generate key in TPM. In that
* case @privkey would contain a URL with the UUID.
*
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
* negative error value.
*
* Since: 3.1.0
**/
int
gnutls_tpm_privkey_generate(gnutls_pk_algorithm_t pk, unsigned int bits,
const char *srk_password,
const char *key_password,
gnutls_tpmkey_fmt_t format,
gnutls_x509_crt_fmt_t pub_format,
gnutls_datum_t * privkey,
gnutls_datum_t * pubkey, unsigned int flags)
{
TSS_FLAG tpm_flags = TSS_KEY_VOLATILE;
TSS_HKEY key_ctx;
TSS_RESULT tssret;
int ret;
void *tdata;
UINT32 tint;
gnutls_datum_t tmpkey = { NULL, 0 };
TSS_HPOLICY key_policy;
gnutls_pubkey_t pub;
struct tpm_ctx_st s;
TSS_FLAG storage_type;
TSS_HTPM htpm;
uint8_t buf[32];
if (flags & GNUTLS_TPM_KEY_SIGNING)
tpm_flags |= TSS_KEY_TYPE_SIGNING;
else
tpm_flags |= TSS_KEY_TYPE_LEGACY;
if (flags & GNUTLS_TPM_KEY_USER)
storage_type = TSS_PS_TYPE_USER;
else
storage_type = TSS_PS_TYPE_SYSTEM;
if (bits <= 512)
tpm_flags |= TSS_KEY_SIZE_512;
else if (bits <= 1024)
tpm_flags |= TSS_KEY_SIZE_1024;
else if (bits <= 2048)
tpm_flags |= TSS_KEY_SIZE_2048;
else if (bits <= 4096)
tpm_flags |= TSS_KEY_SIZE_4096;
else if (bits <= 8192)
tpm_flags |= TSS_KEY_SIZE_8192;
else
tpm_flags |= TSS_KEY_SIZE_16384;
ret = tpm_open_session(&s, srk_password);
if (ret < 0)
return gnutls_assert_val(ret);
/* put some randomness into TPM.
* Let's not trust it completely.
*/
tssret = Tspi_Context_GetTpmObject(s.tpm_ctx, &htpm);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_cc;
}
ret = _gnutls_rnd(GNUTLS_RND_RANDOM, buf, sizeof(buf));
if (ret < 0) {
gnutls_assert();
goto err_cc;
}
tssret = Tspi_TPM_StirRandom(htpm, sizeof(buf), buf);
if (tssret) {
gnutls_assert();
}
tssret =
Tspi_Context_CreateObject(s.tpm_ctx, TSS_OBJECT_TYPE_RSAKEY,
tpm_flags, &key_ctx);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_cc;
}
tssret =
Tspi_SetAttribUint32(key_ctx, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
TSS_SS_RSASSAPKCS1V15_DER);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
/* set the password of the actual key */
if (key_password) {
tssret =
Tspi_GetPolicyObject(key_ctx, TSS_POLICY_USAGE,
&key_policy);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
tssret = myTspi_Policy_SetSecret(key_policy,
SAFE_LEN(key_password),
(void *) key_password);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
}
tssret = Tspi_Key_CreateKey(key_ctx, s.srk, 0);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
if (flags & GNUTLS_TPM_REGISTER_KEY) {
TSS_UUID key_uuid;
ret = randomize_uuid(&key_uuid);
if (ret < 0) {
gnutls_assert();
goto err_sa;
}
tssret =
Tspi_Context_RegisterKey(s.tpm_ctx, key_ctx,
storage_type, key_uuid,
TSS_PS_TYPE_SYSTEM, srk_uuid);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
ret =
encode_tpmkey_url((char **) &privkey->data, &key_uuid,
storage_type);
if (ret < 0) {
TSS_HKEY tkey;
Tspi_Context_UnregisterKey(s.tpm_ctx, storage_type,
key_uuid, &tkey);
gnutls_assert();
goto err_sa;
}
privkey->size = strlen((char *) privkey->data);
} else { /* get the key as blob */
tssret =
Tspi_GetAttribData(key_ctx, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_BLOB, &tint,
(void *) &tdata);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto err_sa;
}
if (format == GNUTLS_TPMKEY_FMT_CTK_PEM) {
ret =
_gnutls_x509_encode_string
(ASN1_ETYPE_OCTET_STRING, tdata, tint,
&tmpkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
ret =
_gnutls_fbase64_encode("TSS KEY BLOB",
tmpkey.data,
tmpkey.size, privkey);
if (ret < 0) {
gnutls_assert();
goto cleanup;
}
} else {
UINT32 tint2;
tmpkey.size = tint + 32; /* spec says no more than 20 */
tmpkey.data = gnutls_malloc(tmpkey.size);
if (tmpkey.data == NULL) {
gnutls_assert();
ret = GNUTLS_E_MEMORY_ERROR;
goto cleanup;
}
tint2 = tmpkey.size;
tssret =
Tspi_EncodeDER_TssBlob(tint, tdata,
TSS_BLOB_TYPE_PRIVATEKEY,
&tint2, tmpkey.data);
if (tssret != 0) {
gnutls_assert();
ret = tss_err(tssret);
goto cleanup;
}
tmpkey.size = tint2;
privkey->data = tmpkey.data;
privkey->size = tmpkey.size;
tmpkey.data = NULL;
}
}
/* read the public key */
if (pubkey != NULL) {
size_t psize;
ret = gnutls_pubkey_init(&pub);
if (ret < 0) {
gnutls_assert();
goto privkey_cleanup;
}
ret = read_pubkey(pub, key_ctx, &psize);
if (ret < 0) {
gnutls_assert();
goto privkey_cleanup;
}
psize += 512;
pubkey->data = gnutls_malloc(psize);
if (pubkey->data == NULL) {
gnutls_assert();
ret = GNUTLS_E_MEMORY_ERROR;
goto pubkey_cleanup;
}
ret =
gnutls_pubkey_export(pub, pub_format, pubkey->data,
&psize);
if (ret < 0) {
gnutls_assert();
goto pubkey_cleanup;
}
pubkey->size = psize;
gnutls_pubkey_deinit(pub);
}
ret = 0;
goto cleanup;
pubkey_cleanup:
gnutls_pubkey_deinit(pub);
privkey_cleanup:
gnutls_free(privkey->data);
privkey->data = NULL;
cleanup:
gnutls_free(tmpkey.data);
tmpkey.data = NULL;
err_sa:
Tspi_Context_CloseObject(s.tpm_ctx, key_ctx);
err_cc:
tpm_close_session(&s);
return ret;
}
int
main_v1_1( void )
{
char *function = "key_auth_chain02";
TSS_HCONTEXT hContext;
TSS_HKEY hSRK;
TSS_HKEY hKey0, hKey1, hKey2;
TSS_RESULT result;
TSS_HENCDATA hEncData;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
int temp;
print_begin_test( function );
srand(time(0));
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
print_error_exit( function, err_string(result) );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, NULL );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
goto done;
}
//Load Key By UUID
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
uuid_2, &hKey2 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
goto done;
}
result = Tspi_Context_CreateObject( hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_BIND, &hEncData );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (hEncData)", result );
goto done;
}
// Data Bind
result = Tspi_Data_Bind( hEncData, hKey2, ulDataLength, rgbDataToBind );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Data_Bind", result );
goto done;
}
result = Tspi_Data_Unbind( hEncData, hKey2, &pulDataLength, &prgbDataToUnBind );
if ( result != TSS_SUCCESS )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
goto done;
}
else
{
print_error_nonapi( function, result );
goto done;
}
}
else
{
if ((pulDataLength == ulDataLength) &&
!memcmp(prgbDataToUnBind, rgbDataToBind, pulDataLength))
print_success( function, result );
else{
printf("Data doesn't match");
print_error("Data doestn't match: Tspi_Data_Unbind", TSS_E_FAIL);
}
}
#if 0
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
goto done;
}
//Set Secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
goto done;
}
#endif
/* ######## Start Key 0 ######## */
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_STORAGE |
TSS_KEY_NO_AUTHORIZATION,
&hKey0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (key 0)", result );
goto done;
}
result = Tspi_Key_CreateKey( hKey0, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (key 0)", result );
goto done;
}
result = Tspi_Context_RegisterKey( hContext, hKey0,
TSS_PS_TYPE_SYSTEM,
uuid_0,
TSS_PS_TYPE_SYSTEM,
SRK_UUID );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Context_RegisterKey (uuid_0)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
fprintf( stderr, "\t\tKey 0 Finished\n" );
/* ######## End Key 0 ######## */
/* ######## Start Key 1 ######## */
result = Tspi_Context_CreateObject( hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_AUTHORIZATION,
&hKey1 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (key 1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
uuid_0, &hKey0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hKey0)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_GetPolicyObject( hKey1, TSS_POLICY_USAGE,
&keyUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
//Set Secret
result = Tspi_Policy_SetSecret( keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_Key_CreateKey( hKey1, hKey0, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (key 1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
result = Tspi_Context_RegisterKey( hContext, hKey1,
TSS_PS_TYPE_SYSTEM,
uuid_1,
TSS_PS_TYPE_SYSTEM,
uuid_0 );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Context_RegisterKey (uuid_1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
goto done;
}
fprintf( stderr, "\t\tKey 1 Finished\n" );
/* ######## End Key 1 ######## */
/* ######## Start Key 2 ######## */
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_NO_AUTHORIZATION,
&hKey2 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (key 2)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
result = Tspi_Key_LoadKey( hKey1, hKey0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hKey1)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
result = Tspi_Key_CreateKey( hKey2, hKey1, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (key 2)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
result = Tspi_Context_RegisterKey( hContext, hKey2,
TSS_PS_TYPE_SYSTEM,
uuid_2,
TSS_PS_TYPE_SYSTEM,
uuid_1 );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Context_RegisterKey (uuid_2)", result );
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
goto done;
}
fprintf( stderr, "\t\tKey 2 Finished\n" );
/* ######## End Key 2 ######## */
#endif
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
done:
print_error_exit( function, err_string(result) );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
int
main_v1_1(void){
char *nameOfFunction = "Tspi_Context_UnregisterKey04";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID migratableSignUUID;
TSS_HPOLICY srkUsagePolicy;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(nameOfFunction);
//Create
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
exit(result);
}
//Connect
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key by UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object for the srkUsagePolicy
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret for the srkUsagePolicy
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create the hKey with the hSRK wrapping key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//UnregisterKey
result = Tspi_Context_UnregisterKey(hContext,
TSS_PS_TYPE_SYSTEM, migratableSignUUID,
&hKey);
if (TSS_ERROR_CODE(result) != TSS_E_PS_KEY_NOTFOUND) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int main(int argc, char **argv)
{
TSS_HCONTEXT hContext=0;
TSS_HTPM hTPM = 0;
TSS_RESULT result;
TSS_HKEY hSRK = 0;
TSS_HPOLICY hSRKPolicy=0;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
BYTE wks[20];
memset(wks,0,20);
TSS_HKEY hESS_Bind_Key;
TSS_UUID ESS_BIND_UUID=BACKUP_KEY_UUID;
TSS_HPOLICY hESS_Policy;
TSS_FLAG initFlags;
BYTE *pubKey;
UINT32 pubKeySize;
FILE *fout, *fin;
result =Tspi_Context_Create(&hContext);
DBG("Create a context", result);
result=Tspi_Context_Connect(hContext, NULL);
DBG("Connect to TPM", result);
result=Tspi_Context_GetTpmObject(hContext, &hTPM);
DBG("Get TPM handle", result);
result=Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
DBG("Get SRK handle", result);
result=Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy);
DBG("Get SRK Policy", result);
result=Tspi_Policy_SetSecret(hSRKPolicy,TSS_SECRET_MODE_SHA1, 20, wks);
DBG("Tspi_Policy_SetSecret", result);
result = Tspi_Context_CreateObject(hContext,TSS_OBJECT_TYPE_POLICY,
TSS_POLICY_USAGE, &hESS_Policy);
DBG("Create a key policy object", result);
result = Tspi_Policy_SetSecret(hESS_Policy, TSS_SECRET_MODE_SHA1,
20, wks);
DBG("Set key policy object secret", result);
initFlags = TSS_KEY_TYPE_BIND |
TSS_KEY_SIZE_2048 |
TSS_KEY_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hESS_Bind_Key);
DBG("Create the key object", result);
result = Tspi_SetAttribUint32(hESS_Bind_Key,
TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
TSS_ES_RSAESPKCSV15);
DBG("Set the keys's padding type", result);
result = Tspi_Policy_AssignToObject(hESS_Policy, hESS_Bind_Key);
DBG("Assign the key's policy to the key", result);
printf("Creating the key could take a while\n");
result = Tspi_Key_CreateKey(hESS_Bind_Key,
hSRK, 0);
DBG("Asking TPM to create the key", result);
result = Tspi_Context_RegisterKey(hContext,
hESS_Bind_Key,
TSS_PS_TYPE_SYSTEM,
ESS_BIND_UUID,
TSS_PS_TYPE_SYSTEM,
SRK_UUID);
DBG("Registering the key for later retrieval", result);
printf("Registering the key blob for later retrieval\r\n");
result = Tspi_Key_LoadKey(hESS_Bind_Key,hSRK);
DBG("Loading key in TPM", result);
result = Tspi_Key_GetPubKey(hESS_Bind_Key,
&pubKeySize, &pubKey);
DBG("Get Public portion of key", result);
fout = fopen("BackupESSBindKey.pub", "wb");
if(fout != NULL) {
write(fileno(fout), pubKey, pubKeySize);
printf("Finished writing BackupESSBindKey.pub\n");
fclose(fout);
}
else {
printf("Error opening XXXXXXXXXXXX \r\n");
}
result = Tspi_Policy_FlushSecret(hESS_Policy);
DBG("Policy flush secret", result);
result = Tspi_Context_GetKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
ESS_BIND_UUID,
&hESS_Bind_Key);
DBG("Get key handle", result);
printf("Unregistering key\r\n");
result = Tspi_Context_UnregisterKey(hContext,
TSS_PS_TYPE_SYSTEM,
ESS_BIND_UUID,
&hESS_Bind_Key);
DBG("Unregister key", result);
// Load a key and bind data
UINT32 ulDataLength;
BYTE *rbgBoundData;
BYTE newPubKey[1000], encData[1000];
TSS_HENCDATA hEncData;
fin = fopen("BackupESSBindKey.pub", "r");
read(fileno(fin), newPubKey,284);
if (fin == NULL)
return 0;
fclose(fin);
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hESS_Bind_Key);
DBG("Tspi_Context_CreateObject BindKey", result);
result = Tspi_SetAttribData(hESS_Bind_Key,
TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY,
284,newPubKey);
DBG("Set Public key into new key object", result);
fin = fopen("data", "rb");
read(fileno(fin), encData, 7);
fclose(fin);
result=Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_ENCDATA,
TSS_ENCDATA_BIND,
&hEncData);
DBG("Create Data Object", result);
result = Tspi_Data_Bind(hEncData,hESS_Bind_Key,7,encData);
DBG("Bind data", result);
result = Tspi_GetAttribData(hEncData,
TSS_TSPATTRIB_ENCDATA_BLOB,
TSS_TSPATTRIB_ENCDATABLOB_BLOB,
&ulDataLength,&rbgBoundData);
DBG("Get encrypted data", result);
fout = fopen("Bound.data", "wb");
write(fileno(fout),rbgBoundData,ulDataLength);
fclose(fout);
result = Tspi_Context_FreeMemory(hContext, NULL);
DBG("Tspi Context Free Memory", result);
result = Tspi_Context_Close(hContext);
DBG("Tspi Context Close", result);
return 0;
}
int
main_v1_1( void )
{
char *function = "Tspi_Context_GetKeyByUUID04";
TSS_HKEY hSRK;
TSS_HKEY hMSigningKey;
TSS_UUID SRKUUID = {0,0,0,0,0,0,0,0,0,0,1};
TSS_UUID migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,2};
TSS_UUID wrongUUID = {4,1,5,2,2,6,6,3,4,8,0};
TSS_HCONTEXT hContext;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
UINT32 exitCode = 0;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Load SRK
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
//Set Secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
//Create Signing Key
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 |
TSS_KEY_TYPE_SIGNING,
&hMSigningKey );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject (signing key)",
result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Create signing key
result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Key_CreateKey (signing key)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// register signing key; srk is parent
result = Tspi_Context_RegisterKey( hContext, hMSigningKey,
TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
TSS_PS_TYPE_SYSTEM,
SRKUUID );
if ( (result != TSS_SUCCESS) &&
(TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED))
{
print_error( "Tspi_Context_RegisterKey", result );
Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// get signing key
result = Tspi_Context_GetKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
wrongUUID,
&hMSigningKey );
if ( TSS_ERROR_CODE(result) != TSS_E_PS_KEY_NOTFOUND )
{
if( !(checkNonAPI(result)) )
{
print_error( function, result );
exitCode = result;
}
else
{
print_error_nonapi( function, result );
exitCode = result;
}
}
else
{
print_success( function, result );
}
print_end_test( function );
Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID,
&hMSigningKey );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( exitCode );
}
int
main_v1_1(void){
char *nameOfFunction = "Tspi_Context_GetKeyByPublicInfo02";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_RESULT result;
TSS_UUID migratableSignUUID={1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2};
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
TSS_HKEY hMSigningKey;
UINT32 ulPublicKeyLength = 2048;
BYTE* rgbPublicKeyInfo;
initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
TSS_FLAG wrongType;
BYTE well_known_secret[20] = TSS_WELL_KNOWN_SECRET;
wrongType = (TSS_PS_TYPE_SYSTEM + TSS_PS_TYPE_USER);
print_begin_test(nameOfFunction);
//Create
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Create ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Connect
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_Connect ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_GetTpmObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Load Key by UUID
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_LoadKeyByUUID ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#ifndef TESTSUITE_NOAUTH_SRK
//Get Policy Object for the srkUsagePolicy
result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret for the srkUsagePolicy
result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
#endif
//Create the hKey with the hSRK wrapping key
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Register the hKey
result = Tspi_Context_RegisterKey(hContext,
hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID,
TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (result != TSS_SUCCESS &&
TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) {
print_error("Tspi_Context_RegisterKey ", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create the hKey with the hSRK wrapping key
result = Tspi_Context_CloseObject(hContext, hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CloseObject ", result);
Tspi_Context_Close(hContext);
exit(result);
}
//GetKeyByPublicInfo
result = Tspi_Context_GetKeyByPublicInfo(hContext,
wrongType, TSS_ALG_RSA,
ulPublicKeyLength,
rgbPublicKeyInfo, &hKey);
if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hKey);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int
main_v1_1( void )
{
char *function = "Tspi_Context_RegisterKey05";
TSS_HKEY hSRK;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy;
int i;
BYTE *rand;
print_begin_test( function );
// Create Context
result = Tspi_Context_Create( &hContext );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Create", result );
exit( result );
}
// Connect to Context
result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_Connect", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// Retrieve TPM object of context
result = Tspi_Context_GetTpmObject( hContext, &hTPM );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_GetTpmObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
/* initialize the struct */
for (i = 0; i < NUM_KEYS; i++)
{
result = Tspi_TPM_GetRandom( hTPM, sizeof(TSS_UUID), &rand);
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_TPM_GetRandom", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
memcpy(&hKey[i].uuid, rand, sizeof(TSS_UUID));
Tspi_Context_FreeMemory(hContext, rand);
hKey[i].registered = hKey[i].handle = 0;
}
// Load SRK
result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#ifndef TESTSUITE_NOAUTH_SRK
// Get SRK Usage Policy
result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
&srkUsagePolicy );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_GetPolicyObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// set secret
result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Policy_SetSecret (1)", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
#endif
/* create NUM_KEYS keys */
for (i = 0; i < NUM_KEYS; i++)
{
// create object
result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING,
&hKey[i].handle );
if ( result != TSS_SUCCESS )
{
print_error( "Tspi_Context_CreateObject", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
// create signing key
result = Tspi_Key_CreateKey( hKey[i].handle, hSRK, 0 );
if ( (result != TSS_SUCCESS) )
{
print_error( "Tspi_Key_CreateKey", result );
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
}
/* all in order */
for (i = 0; i < NUM_KEYS; i++)
{
if ((result = registerkey(i))) {
printf("%d: registerkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
for (i = 0; i < NUM_KEYS; i++)
{
if ((result = unregisterkey(i))) {
printf("%d: unregisterkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
/* backwards */
for (i = 0; i < NUM_KEYS; i++)
{
if ((result = registerkey(i))) {
printf("%d: registerkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
for (i = NUM_KEYS-1; i >= 0; i--)
{
if ((result = unregisterkey(i))) {
printf("%d: unregisterkey error, key %d\n", __LINE__, i);
goto cleanup;
}
}
print_end_test( function );
cleanup:
for (i = 0; i < NUM_KEYS; i++) {
if (hKey[i].registered == 1) {
Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM,
hKey[i].uuid, &throw_away);
}
}
Tspi_Context_FreeMemory( hContext, NULL );
Tspi_Context_Close( hContext );
exit( result );
}
