int do_pcr_extend(int pcr, BYTE *data, size_t data_len) {
TSS_RESULT ret;
TSS_HCONTEXT context;
TSS_HTPM tpm;
BYTE *new_pcr_value;
unsigned int new_pcr_value_len;
assert(data_len == 20);
ret = Tspi_Context_Create(&context);
if (ret != TSS_SUCCESS) {
fprintf(stderr, "ERROR: failed to get TSS context: %d\n", ret);
return 1;
}
ret = Tspi_Context_Connect(context, NULL);
if (ret != TSS_SUCCESS) {
fprintf(stderr, "ERROR: failed to connect to TSS daemon: %d\n", ret);
return 1;
}
ret = Tspi_Context_GetTpmObject(context, &tpm);
if (ret != TSS_SUCCESS) {
fprintf(stderr, "ERROR: failed to get TPM object: %d\n", ret);
return 1;
}
ret = Tspi_TPM_PcrExtend(tpm, pcr, data_len, data, NULL /* event */,
&new_pcr_value_len, &new_pcr_value);
if (ret != TSS_SUCCESS) {
fprintf(stderr, "ERROR: PCR extend fails with code %d\n", ret);
return 1;
}
/* this will free new_pcr_value */
Tspi_Context_Close(context);
return 0;
}
int main_v1_1(void)
{
TSS_RESULT result;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
BYTE pcrValue[] = "01234567890123456789";
UINT32 ulPcrValLen = 20;
BYTE *newPcrValue;
UINT32 ulnewPcrValLen;
// Create Context
result = Tspi_Context_Create(&hContext);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_Create", result);
exit(result);
}
// Connect Context
result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_Connect", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
// Get TPM Object
result = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (TSS_SUCCESS != result) {
print_error("Tspi_Context_GetTpmObject", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
printf("ulPcrValLen:%d\n", ulPcrValLen);
// Call PcrExtend
result = Tspi_TPM_PcrExtend(hTPM, 15, ulPcrValLen, pcrValue,
NULL, &ulnewPcrValLen, &newPcrValue);
if (TSS_SUCCESS != result) {
print_error("Tspi_TPM_PcrExtend", result);
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
exit(result);
}
printf("\nSuccess\n");
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return 0;
}
int
main(int argc, char **argv)
{
TSS_HKEY hSRK, hKey;
TSS_UUID srkUUID = TSS_UUID_SRK;
TSS_HPOLICY srkpol, hTPMPolicy;
TSS_HTPM hTPM;
TSS_PCR_EVENT event;
BYTE *pcr;
int ret, i, pcri;
uint32_t size;
char rub[20] = "BLAHBLAHBLAHBLAHBLAH";
if (argc != 2)
usage(argv[0]);
pcri = atoi(argv[1]);
if (pcri < 0 || pcri > 23)
errx(1, "PCR out of range (0-16) (no extending to dynamic PCRS this way)\n");
memset(&event, 0, sizeof(event));
event.ulPcrIndex = pcri;
/* create context and connect */
ret = Tspi_Context_Create(&hContext);
check("context create", ret);
ret = Tspi_Context_Connect(hContext, NULL);
check("context connect", ret);
ret = Tspi_Context_GetTpmObject(hContext, &hTPM);
check("get policy object", ret);
ret = Tspi_TPM_PcrExtend(hTPM, pcri, 20, rub, &event, &size, &pcr);
check("pcr extend", ret);
printf("pcr %d is now: \n", pcri);
for (i = 0; i < size; i++)
printf("%x ", pcr[i]);
printf("\n");
Tspi_Context_FreeMemory(hContext, NULL);
Tspi_Context_Close(hContext);
return 0;
}
TSS_RESULT extend_pcr (const char * buf, const int len)
{
TSS_HCONTEXT hContext=0;
TSS_HTPM hTPM = 0;
TSS_RESULT result;
TSS_HKEY hSRK = 0;
TSS_HPOLICY hSRKPolicy=0;
TSS_HPOLICY hOwnerPolicy=0;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
BYTE passcode[20];
memset(passcode,0,20);
memcpy (passcode, buf, len);
UINT32 ulNewPcrValueLength;
BYTE* NewPcrValue;
result = Tspi_Context_Create (&hContext);
DBG(" Create a Context\n",result);
result = Tspi_Context_Connect (hContext, NULL);
DBG(" Connect to TPM\n", result);
// Get the TPM handle
result = Tspi_Context_GetTpmObject (hContext, &hTPM);
DBG(" Get TPM Handle\n",result);
result = Tspi_GetPolicyObject (hTPM, TSS_POLICY_USAGE, &hOwnerPolicy);
DBG( " Owner Policy\n", result);
result = Tspi_TPM_PcrExtend (hTPM,
9,
sizeof(passcode),
passcode,
NULL,
&ulNewPcrValueLength,
&NewPcrValue);
DBG(" extend\n",result);
return result;
}
main_v1_1(void){
char *nameOfFunction = "Tspi_Key_CreateKeyWithPcrs01";
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_FLAG initFlags;
TSS_HKEY hKey;
TSS_HKEY hSRK;
TSS_HPCRS hPcrs;
TSS_RESULT result;
TSS_HPOLICY srkUsagePolicy, keyUsagePolicy;
BYTE *pcrValue;
UINT32 pcrLen;
BYTE pcrData[] = "09876543210987654321";
initFlags = TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 |
TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION |
TSS_KEY_NOT_MIGRATABLE;
print_begin_test(nameOfFunction);
result = connect_load_all(&hContext, &hSRK, &hTPM);
if (result != TSS_SUCCESS) {
print_error("connect_load_all", result);
exit(result);
}
//Create Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get Policy Object
result = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &keyUsagePolicy);
if (result != TSS_SUCCESS) {
print_error("Tspi_GetPolicyObject", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Set Secret
result = Tspi_Policy_SetSecret(keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET);
if (result != TSS_SUCCESS) {
print_error("Tspi_Policy_SetSecret", result);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
//Create PCRs Object
result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS,
0, &hPcrs);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Get PCR vals from TPM
result = Tspi_TPM_PcrRead(hTPM, 1, &pcrLen, &pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_PcrRead", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set PCR vals in the object
result = Tspi_PcrComposite_SetPcrValue(hPcrs, 1, pcrLen, pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
Tspi_Context_FreeMemory(hContext, pcrValue);
//Get PCR vals from TPM
result = Tspi_TPM_PcrRead(hTPM, 15, &pcrLen, &pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_PcrRead", result);
Tspi_Context_Close(hContext);
exit(result);
}
//Set PCR vals in the object
result = Tspi_PcrComposite_SetPcrValue(hPcrs, 15, pcrLen, pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_Context_CreateObject", result);
Tspi_Context_Close(hContext);
exit(result);
}
Tspi_Context_FreeMemory(hContext, pcrValue);
//Create Key
result = Tspi_Key_CreateKey(hKey, hSRK, hPcrs);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_CreateKey", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* if the key loads, the key creation is successful */
result = Tspi_Key_LoadKey(hKey, hSRK);
if (result != TSS_SUCCESS) {
print_error("Tspi_Key_LoadKey ", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* now, encrypt and decrypt some data to see if the key "works" */
result = bind_and_unbind(hContext, hKey);
if (result != TSS_SUCCESS) {
print_error("bind_and_unbind ", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* now, change a PCR value that the key is set to */
result = Tspi_TPM_PcrExtend(hTPM, 15, 20, pcrData, NULL,
&pcrLen, &pcrValue);
if (result != TSS_SUCCESS) {
print_error("Tspi_TPM_PcrExtend ", result);
Tspi_Context_Close(hContext);
exit(result);
}
/* now, encrypt and decrypt some data, which should fail, since
* the PCR changed */
result = bind_and_unbind(hContext, hKey);
if (result != TCPA_E_WRONGPCRVAL){
if(!checkNonAPI(result)){
print_error(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
else{
print_error_nonapi(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(result);
}
}
else{
print_success(nameOfFunction, result);
print_end_test(nameOfFunction);
Tspi_Context_CloseObject(hContext, hKey);
Tspi_Context_Close(hContext);
exit(0);
}
}
int main(int argc, char *argv[])
{
int rc;
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
int i;
unsigned int pcr_len = 0;
unsigned char *pcr_value;
unsigned char sha1[20];
/* The argument being the executable */
if (argc <= 1) {
printf("Must give atleast one argument\n");
exit(1);
}
/* Find out the currently running kernel and return its hash */
rc = get_kernel(sha1);
if (rc != 0) {
printf("Kernel read failed\n");
exit(1);
}
/* Start creating the TSS context */
rc = Tspi_Context_Create(&hContext);
if (rc != TSS_SUCCESS)
printf("Context creation failed!\n");
rc = Tspi_Context_Connect(hContext, NULL);
if (rc != TSS_SUCCESS)
printf("Context connection failed!\n");
rc = Tspi_Context_GetTpmObject(hContext, &hTPM);
if (rc != TSS_SUCCESS)
printf("Getting TPM Object failed\n");
rc = Tspi_TPM_PcrRead(hTPM, 16, &pcr_len, &pcr_value);
printf("Length of data read: %d\n", pcr_len);
for (i = 0; i < pcr_len; i++)
printf("%x ", pcr_value[i]);
printf("\n");
/* Trousers wonkiness - have to pass SHA1 hash */
rc = Tspi_TPM_PcrExtend(hTPM, 16, 20, sha1, NULL,
&pcr_len, &pcr_value);
if (rc != TSS_SUCCESS) {
printf("Kernel Extend failed : %d\n", rc);
}
/* argv[1] is the path to secure_daemon */
rc = get_hash(argv[1], sha1);
if (rc != 0)
exit(1);
rc = Tspi_TPM_PcrExtend(hTPM, 16, 20, sha1, NULL,
&pcr_len, &pcr_value);
if (rc != TSS_SUCCESS) {
printf("Secure Daemon Extend failed : %d\n", rc);
}
printf("Length of extended PCR value: %d\n", pcr_len);
for (i = 0; i < pcr_len; i++)
printf("%x ", pcr_value[i]);
printf("\n");
free(pcr_value);
Tspi_Context_Close(hContext);
return 0;
}
