int main_v1_1( void ) { char *function = "Tspi_TPM_KillMaintenanceFeature01"; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_HPOLICY hTPMPolicy; TSS_RESULT result; UINT32 exitCode = 0; print_begin_test( function ); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); exit( result ); } // Connect to Context result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Connect", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // Retrieve TPM object of context result = Tspi_Context_GetTpmObject( hContext, &hTPM ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_GetTpmObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Insert the owner auth into the TPM's policy result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTPMPolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit(result); } result = Tspi_Policy_SetSecret(hTPMPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit(result); } //Get random number result = Tspi_TPM_KillMaintenanceFeature( hTPM ); if ( result != TSS_SUCCESS && TSS_ERROR_CODE(result) != TCPA_E_INACTIVE) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } exitCode = result; } else { print_success( function, result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( exitCode ); }
int main_v1_2( char version ) { char * function = "Tspi_TPM_Delegate_UpdateVerificationCount-trans03"; TSS_HCONTEXT hContext; TSS_HKEY hSRK, hWrappingKey; TSS_HTPM hTPM; TSS_HPOLICY hTPMPolicy; TSS_HPOLICY hDelegation1 = NULL_HPOLICY; TSS_HPOLICY hDelegation2 = NULL_HPOLICY; TSS_HDELFAMILY hFamily = NULL_HDELFAMILY; TSS_RESULT result; print_begin_test( function ); result = connect_load_all(&hContext, &hSRK, &hTPM); if ( result != TSS_SUCCESS ) { print_error( "connect_load_all", (result) ); goto done; } result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey, NULL); if (result != TSS_SUCCESS) { print_error("Testsuite_Transport_Init", result); Tspi_Context_Close(hContext); exit(result); } result = Tspi_GetPolicyObject( hTPM, TSS_POLICY_USAGE, &hTPMPolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetPolicyObject", result ); goto done; } result = Tspi_Policy_SetSecret( hTPMPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); goto done; } result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hDelegation1); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject", (result) ); goto done; } result = Tspi_Policy_SetSecret( hDelegation1, TESTSUITE_DELEGATE_SECRET_MODE, TESTSUITE_DELEGATE_SECRET_LEN, TESTSUITE_DELEGATE_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); goto done; } result = Tspi_SetAttribUint32(hDelegation1, TSS_TSPATTRIB_POLICY_DELEGATION_INFO, TSS_TSPATTRIB_POLDEL_TYPE, TSS_DELEGATIONTYPE_OWNER); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", (result) ); goto done; } result = Tspi_SetAttribUint32(hDelegation1, TSS_TSPATTRIB_POLICY_DELEGATION_INFO, TSS_TSPATTRIB_POLDEL_PER1, 0); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", (result) ); goto done; } result = Tspi_SetAttribUint32(hDelegation1, TSS_TSPATTRIB_POLICY_DELEGATION_INFO, TSS_TSPATTRIB_POLDEL_PER2, 0); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", (result) ); goto done; } result = Tspi_TPM_Delegate_AddFamily(hTPM, 'a', &hFamily); if ( result != TSS_SUCCESS ) { print_error( "Tspi_TPM_Delegate_AddFamily", (result) ); goto done; } result = Tspi_TPM_Delegate_CreateDelegation(hTPM, 'b', 0, NULL_HPCRS, hFamily, hDelegation1); if ( result != TSS_SUCCESS ) { print_error( "Tspi_TPM_Delegate_CreateDelegation", (result) ); goto done; } result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hDelegation2); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject", (result) ); goto done; } result = Tspi_Policy_SetSecret( hDelegation2, TESTSUITE_DELEGATE_SECRET_MODE, TESTSUITE_DELEGATE_SECRET_LEN, TESTSUITE_DELEGATE_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); goto done; } result = Tspi_SetAttribUint32(hDelegation2, TSS_TSPATTRIB_POLICY_DELEGATION_INFO, TSS_TSPATTRIB_POLDEL_TYPE, TSS_DELEGATIONTYPE_OWNER); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", (result) ); goto done; } result = Tspi_SetAttribUint32(hDelegation2, TSS_TSPATTRIB_POLICY_DELEGATION_INFO, TSS_TSPATTRIB_POLDEL_PER1, 0); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", (result) ); goto done; } result = Tspi_SetAttribUint32(hDelegation2, TSS_TSPATTRIB_POLICY_DELEGATION_INFO, TSS_TSPATTRIB_POLDEL_PER2, 0); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", (result) ); goto done; } result = Tspi_TPM_Delegate_CreateDelegation(hTPM, 'b', TSS_DELEGATE_INCREMENTVERIFICATIONCOUNT, NULL_HPCRS, hFamily, hDelegation2); if ( result != TSS_SUCCESS ) { print_error( "Tspi_TPM_Delegate_CreateDelegation", (result) ); goto done; } result = Tspi_TPM_Delegate_UpdateVerificationCount(hTPM, hDelegation1); if ( result != TSS_SUCCESS ) { print_error( "Tspi_TPM_Delegate_UpdateVerificationCount", (result) ); goto done; } result = Testsuite_Transport_Final(hContext, 0); if ( result != TSS_SUCCESS ) { print_error( "Testsuite_Transport_Final", (result) ); goto done; } else { print_success( function, result ); } print_end_test( function ); done: /* Invalidate the family to avoid resource exhaustion */ if (hFamily != NULL_HDELFAMILY) Tspi_TPM_Delegate_InvalidateFamily(hTPM, hFamily); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); }
main_v1_2(char version) { TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HTPM hTPM; TSS_HPOLICY hTpmUsagePolicy; TSS_FLAG initFlags; TSS_HKEY hSrcKey; TSS_HKEY hDestKey; TSS_HKEY hMaKey[MA_KEY_COUNT]; TSS_HKEY hCmkKey; TSS_HMIGDATA hMigData; TSS_HHASH hHash; UINT32 blobSize; BYTE *blob; int i; TSS_RESULT result; print_begin_test(nameOfFunction); result = connect_load_all(&hContext, &hSRK, &hTPM); if ( result != TSS_SUCCESS ) { print_error( "connect_load_all", result ); exit(result); } //Get TPM Policy Object result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTpmUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Set Secret result = Tspi_Policy_SetSecret(hTpmUsagePolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } /***** Create Overall Source Parent key *****/ initFlags = TSS_KEY_STRUCT_KEY12 | TSS_KEY_TYPE_STORAGE | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION; tc_create_object(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hSrcKey); tc_create_key(hContext, hSrcKey, hSRK, initFlags); tc_load_key(hContext, hSrcKey, hSRK); /***** Create Overall Destination Parent key *****/ initFlags = TSS_KEY_STRUCT_KEY12 | TSS_KEY_TYPE_STORAGE | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION; tc_create_object(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hDestKey); tc_create_key(hContext, hDestKey, hSRK, initFlags); tc_load_key(hContext, hDestKey, hSRK); /***** Create MAs and MSA list *****/ //Create MigData Object tc_create_object(hContext, TSS_OBJECT_TYPE_MIGDATA, 0, &hMigData); for (i = 0; i < MA_KEY_COUNT; i++) { //Create Key Object initFlags = TSS_KEY_STRUCT_KEY12 | TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION; tc_create_object(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hMaKey[i]); tc_create_key(hContext, hMaKey[i], hSrcKey, initFlags); //Get PubKey Blob tc_get_attribdata(hContext, hMaKey[i], TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobSize, &blob); //Add PubKey Blob to the MSA list tc_set_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIGRATIONBLOB, TSS_MIGATTRIB_MIG_MSALIST_PUBKEY_BLOB, blobSize, blob); } //Grant Owner Approval of MAs result = Tspi_TPM_CMKApproveMA(hTPM, hMigData); if (result != TSS_SUCCESS) { print_error("Tspi_TPM_CMKApproveMA", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } /***** Create a CMK ****/ initFlags = TSS_KEY_STRUCT_KEY12 | TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION | TSS_KEY_MIGRATABLE | TSS_KEY_CERTIFIED_MIGRATABLE; tc_create_object(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hCmkKey); //Get and Assign MA/MSA information tc_get_attribdata(hContext, hMigData, TSS_MIGATTRIB_AUTHORITY_DATA, TSS_MIGATTRIB_AUTHORITY_DIGEST, &blobSize, &blob); tc_set_attribdata(hContext, hCmkKey, TSS_TSPATTRIB_KEY_CMKINFO, TSS_TSPATTRIB_KEYINFO_CMK_MA_DIGEST, blobSize, blob); tc_get_attribdata(hContext, hMigData, TSS_MIGATTRIB_AUTHORITY_DATA, TSS_MIGATTRIB_AUTHORITY_APPROVAL_HMAC, &blobSize, &blob); tc_set_attribdata(hContext, hCmkKey, TSS_TSPATTRIB_KEY_CMKINFO, TSS_TSPATTRIB_KEYINFO_CMK_MA_APPROVAL, blobSize, blob); tc_create_key(hContext, hCmkKey, hSrcKey, initFlags); /***** Authorize migration to the Dest key *****/ //Authorize Migration Ticket result = Tspi_TPM_AuthorizeMigrationTicket(hTPM, hDestKey, TSS_MS_RESTRICT_APPROVE_DOUBLE, &blobSize, &blob); if (result != TSS_SUCCESS) { print_error("Tspi_TPM_AuthorizeMigrationTicket", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Save Ticket tc_set_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIGRATIONTICKET, 0, blobSize, blob); /***** Sign the migration ticket *****/ //Get PubKey Blob of CMK tc_get_attribdata(hContext, hCmkKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobSize, &blob); tc_set_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIGRATIONBLOB, TSS_MIGATTRIB_MIG_SOURCE_PUBKEY_BLOB, blobSize, blob); //Get PubKey Blob of destination CMK parent tc_get_attribdata(hContext, hDestKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobSize, &blob); tc_set_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIGRATIONBLOB, TSS_MIGATTRIB_MIG_DESTINATION_PUBKEY_BLOB, blobSize, blob); //Get PubKey Blob of MA tc_get_attribdata(hContext, hMaKey[0], TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobSize, &blob); tc_set_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIGRATIONBLOB, TSS_MIGATTRIB_MIG_AUTHORITY_PUBKEY_BLOB, blobSize, blob); //Get Ticket Signature Data tc_create_object(hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_SHA1, &hHash); tc_get_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIG_AUTH_DATA, TSS_MIGATTRIB_MIG_AUTH_AUTHORITY_DIGEST, &blobSize, &blob); result = Tspi_Hash_UpdateHashValue(hHash, blobSize, blob); if (result != TSS_SUCCESS) { print_error("Tspi_Hash_UpdateHashValue", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } tc_get_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIG_AUTH_DATA, TSS_MIGATTRIB_MIG_AUTH_DESTINATION_DIGEST, &blobSize, &blob); result = Tspi_Hash_UpdateHashValue(hHash, blobSize, blob); if (result != TSS_SUCCESS) { print_error("Tspi_Hash_UpdateHashValue", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } tc_get_attribdata(hContext, hMigData, TSS_MIGATTRIB_MIG_AUTH_DATA, TSS_MIGATTRIB_MIG_AUTH_SOURCE_DIGEST, &blobSize, &blob); result = Tspi_Hash_UpdateHashValue(hHash, blobSize, blob); if (result != TSS_SUCCESS) { print_error("Tspi_Hash_UpdateHashValue", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Hash_GetHashValue(hHash, &blobSize, &blob); if (result != TSS_SUCCESS) { print_error("Tspi_Hash_GetHashValue", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Load Verify Key tc_load_key(hContext, hMaKey[0], hSrcKey); //Generate Ticket Signature result = Tspi_Hash_Sign(hHash, hMaKey[0], &blobSize, &blob); if (result != TSS_SUCCESS) { print_error("Tspi_Hash_Sign", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Save Ticket Signature tc_set_attribdata(hContext, hMigData, TSS_MIGATTRIB_TICKET_DATA, TSS_MIGATTRIB_TICKET_SIG_VALUE, blobSize, blob); //Create Ticket result = Tspi_TPM_CMKCreateTicket(hTPM, hMaKey[0], hMigData); if (result != TSS_SUCCESS) { if (!checkNonAPI(result)) { print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_Close(hContext); exit(result); } else { print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_Close(hContext); exit(result); } } print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_Close(hContext); exit(0); }
int main_v1_2(char version) { char *function = "Tspi_Key_GetPubKey-trans02"; TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HKEY hKey, hWrappingKey, hSigningKey; TSS_UUID SRKUUID = {0,0,0,0,0,0,0,0,0,0,1}; TSS_UUID migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,2}; TSS_UUID uuid; TSS_RESULT result; UINT32 ulPubKeyLength; BYTE *rgbPubKey; TSS_HPOLICY srkUsagePolicy; TSS_HTPM hTPM; TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; print_begin_test( function ); result = connect_load_all(&hContext, &hSRK, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey, &hSigningKey); if (result != TSS_SUCCESS) { print_error("Testsuite_Transport_Init", result); Tspi_Context_Close(hContext); exit(result); } //Create Signing Key result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject (hKey)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Key_CreateKey( hKey, hSRK, 0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_CreateKey (hKey)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Key_LoadKey( hKey, hSRK ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_LoadKey (hKey)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // Get Pub Key result = Tspi_Key_GetPubKey( hKey, &ulPubKeyLength, &rgbPubKey ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_GetPubKey", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Testsuite_Transport_Final(hContext, hSigningKey); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } } else { result = Tspi_Context_FreeMemory(hContext, rgbPubKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_FreeMemory ", result); Tspi_Context_Close(hContext); exit(result); } print_success( function, result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); }
int main_v1_1( void ) { char *function = "Tspi_Context_LoadKeyByBlob03"; TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HKEY hMSigningKey; BYTE* migratableSignKeyBlob; UINT32 blobLength; TSS_RESULT result; TSS_HPOLICY srkUsagePolicy; UINT32 exitCode = 0; print_begin_test( function ); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); exit( result ); } // Connect to Context result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Connect", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Load Key By UUID result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE, &srkUsagePolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetPolicyObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Set Secret result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret (1)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } #endif //Create Signing Key result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING, &hMSigningKey ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_CreateObject (signing key)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Key_CreateKey (Signing Key)", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // get blob result = Tspi_GetAttribData( hMSigningKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_BLOB, &blobLength, &migratableSignKeyBlob ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetAttribData", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Load Key Blob result = Tspi_Context_LoadKeyByBlob( hContext, hSRK, blobLength, NULL, &hMSigningKey ); if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); exitCode = result; } else { print_error_nonapi( function, result ); exitCode = result; } } else { print_success( function, result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( exitCode ); }
main_v1_2(char version){ char *nameOfFunction = "Tspi_TPM_KeyControlOwner01"; TSS_RESULT result; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_FLAG initFlags; TSS_HKEY hSRK; TSS_HKEY hKey; TSS_HKEY hTargetPubKey; TSS_HPOLICY hTpmPolicy, hSrkPolicy; TSS_UUID Uuid; print_begin_test(nameOfFunction); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create", result); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); Tspi_Context_FreeMemory( hContext, NULL ); exit(result); } //Create Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Get TPM Object result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetTpmObject", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Requires Owner auth - get policy result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTpmPolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject ", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Set Owner Secret result = Tspi_Policy_SetSecret(hTpmPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET ); if ( result != TSS_SUCCESS ) { print_error("Tspi_Policy_SetSecret (Owner)", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Get SRK Key result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID ", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Requires SRK auth - get policy result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSrkPolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject ", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Set SRK Secret result = Tspi_Policy_SetSecret(hSrkPolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET ); if ( result != TSS_SUCCESS ) { print_error("Tspi_Policy_SetSecret (Owner)", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Create Key result = Tspi_Key_CreateKey(hKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Load key result = Tspi_Key_LoadKey(hKey, hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Key_LoadKey", result); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } //Set Ownerevict bit result = Tspi_TPM_KeyControlOwner(hTPM, hKey, TSS_TSPATTRIB_KEYCONTROL_OWNEREVICT, TRUE, &Uuid); if (result != TSS_SUCCESS) { print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(result); } else { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close(hContext); exit(0); } }
int main_v1_2( char version ) { char *function = "Tspi_DecodeBER_TssBlob01"; TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HPOLICY hSrkPolicy; TSS_HKEY hKey; BYTE* rgbBlob; UINT32 ulBlobLength; BYTE* rgbEncBlob = NULL; UINT32 ulEncBlobLength; UINT32 ulBlobType; BYTE* rgbDecBlob = NULL; UINT32 ulDecBlobLength; TSS_RESULT result; print_begin_test( function ); result = connect_load_srk(&hContext, &hSRK); if ( result != TSS_SUCCESS ) { print_error( "connect_load_srk", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = create_key(hContext, TSS_KEY_TYPE_BIND, hSRK, &hKey); if ( result != TSS_SUCCESS ) { print_error( "create_key", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Call GetAttribData result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_BLOB, &ulBlobLength, &rgbBlob); if ( result != TSS_SUCCESS ) { print_error( "Tspi_GetAttribData", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // EncodeDER_TssBlob (32 bytes extra is enough for the encoding) ulEncBlobLength = ulBlobLength + 32; rgbEncBlob = calloc(1, ulEncBlobLength); result = Tspi_EncodeDER_TssBlob( ulBlobLength, rgbBlob, TSS_BLOB_TYPE_KEY, &ulEncBlobLength, rgbEncBlob ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_EncodeDER_TssBlob", result ); free(rgbEncBlob); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // DecodeBER_TssBlob (determine length first) ulDecBlobLength = 0; rgbDecBlob = NULL; result = Tspi_DecodeBER_TssBlob( ulEncBlobLength, rgbEncBlob, &ulBlobType, &ulDecBlobLength, rgbDecBlob ); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } free(rgbEncBlob); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // DecodeBER_TssBlob rgbDecBlob = calloc(1, ulDecBlobLength); result = Tspi_DecodeBER_TssBlob( ulEncBlobLength, rgbEncBlob, &ulBlobType, &ulDecBlobLength, rgbDecBlob ); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } free(rgbEncBlob); free(rgbDecBlob); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // Compare the blobs if ( (ulBlobLength != ulDecBlobLength) || (memcmp(rgbBlob, rgbDecBlob, ulDecBlobLength) != 0) ) { if ( ulBlobLength != ulDecBlobLength ) { //Original blob length does not equal decoded blob length result = TSS_E_ENC_INVALID_LENGTH; print_error( function, result ); } else { //Original blob does not equal decoded blob result = TSS_E_FAIL; print_error( function, result ); } } else { print_success( function, result ); result = 0; } print_end_test( function ); free(rgbEncBlob); free(rgbDecBlob); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); }
int load_tpm_key(struct openconnect_info *vpninfo, gnutls_datum_t *fdata, gnutls_privkey_t *pkey, gnutls_datum_t *pkey_sig) { static const TSS_UUID SRK_UUID = TSS_UUID_SRK; gnutls_datum_t asn1; unsigned int tss_len; char *pass; int ofs, err; err = gnutls_pem_base64_decode_alloc("TSS KEY BLOB", fdata, &asn1); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Error decoding TSS key blob: %s\n"), gnutls_strerror(err)); return -EINVAL; } /* Ick. We have to parse the ASN1 OCTET_STRING for ourselves. */ if (asn1.size < 2 || asn1.data[0] != 0x04 /* OCTET_STRING */) { vpn_progress(vpninfo, PRG_ERR, _("Error in TSS key blob\n")); goto out_blob; } tss_len = asn1.data[1]; ofs = 2; if (tss_len & 0x80) { int lenlen = tss_len & 0x7f; if (asn1.size < 2 + lenlen || lenlen > 3) { vpn_progress(vpninfo, PRG_ERR, _("Error in TSS key blob\n")); goto out_blob; } tss_len = 0; while (lenlen) { tss_len <<= 8; tss_len |= asn1.data[ofs++]; lenlen--; } } if (tss_len + ofs != asn1.size) { vpn_progress(vpninfo, PRG_ERR, _("Error in TSS key blob\n")); goto out_blob; } err = Tspi_Context_Create(&vpninfo->tpm_context); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to create TPM context: %s\n"), Trspi_Error_String(err)); goto out_blob; } err = Tspi_Context_Connect(vpninfo->tpm_context, NULL); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to connect TPM context: %s\n"), Trspi_Error_String(err)); goto out_context; } err = Tspi_Context_LoadKeyByUUID(vpninfo->tpm_context, TSS_PS_TYPE_SYSTEM, SRK_UUID, &vpninfo->srk); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to load TPM SRK key: %s\n"), Trspi_Error_String(err)); goto out_context; } err = Tspi_GetPolicyObject(vpninfo->srk, TSS_POLICY_USAGE, &vpninfo->srk_policy); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to load TPM SRK policy object: %s\n"), Trspi_Error_String(err)); goto out_srk; } pass = vpninfo->cert_password; vpninfo->cert_password = NULL; while (1) { static const char nullpass[20]; /* We don't seem to get the error here... */ if (pass) err = Tspi_Policy_SetSecret(vpninfo->srk_policy, TSS_SECRET_MODE_PLAIN, strlen(pass), (BYTE *)pass); else /* Well-known NULL key */ err = Tspi_Policy_SetSecret(vpninfo->srk_policy, TSS_SECRET_MODE_SHA1, sizeof(nullpass), (BYTE *)nullpass); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to set TPM PIN: %s\n"), Trspi_Error_String(err)); goto out_srkpol; } free(pass); /* ... we get it here instead. */ err = Tspi_Context_LoadKeyByBlob(vpninfo->tpm_context, vpninfo->srk, tss_len, asn1.data + ofs, &vpninfo->tpm_key); if (!err) break; if (pass) vpn_progress(vpninfo, PRG_ERR, _("Failed to load TPM key blob: %s\n"), Trspi_Error_String(err)); if (err != TPM_E_AUTHFAIL) goto out_srkpol; err = request_passphrase(vpninfo, "openconnect_tpm_srk", &pass, _("Enter TPM SRK PIN:")); if (err) goto out_srkpol; } #ifdef HAVE_GNUTLS_CERTIFICATE_SET_KEY gnutls_privkey_init(pkey); /* This would be nicer if there was a destructor callback. I could allocate a data structure with the TPM handles and the vpninfo pointer, and destroy that properly when the key is destroyed. */ gnutls_privkey_import_ext(*pkey, GNUTLS_PK_RSA, vpninfo, tpm_sign_fn, NULL, 0); #else *pkey = OPENCONNECT_TPM_PKEY; #endif retry_sign: err = sign_dummy_data(vpninfo, *pkey, fdata, pkey_sig); if (err == GNUTLS_E_INSUFFICIENT_CREDENTIALS) { if (!vpninfo->tpm_key_policy) { err = Tspi_Context_CreateObject(vpninfo->tpm_context, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &vpninfo->tpm_key_policy); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to create key policy object: %s\n"), Trspi_Error_String(err)); goto out_key; } err = Tspi_Policy_AssignToObject(vpninfo->tpm_key_policy, vpninfo->tpm_key); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to assign policy to key: %s\n"), Trspi_Error_String(err)); goto out_key_policy; } } err = request_passphrase(vpninfo, "openconnect_tpm_key", &pass, _("Enter TPM key PIN:")); if (err) goto out_key_policy; err = Tspi_Policy_SetSecret(vpninfo->tpm_key_policy, TSS_SECRET_MODE_PLAIN, strlen(pass), (void *)pass); free(pass); if (err) { vpn_progress(vpninfo, PRG_ERR, _("Failed to set key PIN: %s\n"), Trspi_Error_String(err)); goto out_key_policy; } goto retry_sign; } free(asn1.data); return 0; out_key_policy: Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->tpm_key_policy); vpninfo->tpm_key_policy = 0; out_key: Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->tpm_key); vpninfo->tpm_key = 0; out_srkpol: Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->srk_policy); vpninfo->srk_policy = 0; out_srk: Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->srk); vpninfo->srk = 0; out_context: Tspi_Context_Close(vpninfo->tpm_context); vpninfo->tpm_context = 0; out_blob: free(asn1.data); return -EIO; }
int main_v1_2(char version) { char *nameOfFunction = "Tspi_nv_WriteValue-trans02"; TSS_HCONTEXT hContext = NULL_HCONTEXT; TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE TSS_HOBJECT hPolObject = NULL_HOBJECT; TSS_HPOLICY hPolicy = NULL_HPOLICY; TSS_HTPM hTPM = NULL_HTPM; BYTE *auth = "123456"; UINT32 auth_length = 6; BYTE *data = "1234567890"; TSS_RESULT result; TSS_HKEY hSigningKey, hWrappingKey, hSRK; print_begin_test(nameOfFunction); result = connect_load_all(&hContext, &hSRK, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey, &hSigningKey); if (result != TSS_SUCCESS) { print_error("Testsuite_Transport_Init", result); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create policy object for the NV object*/ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hPolObject); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolObject, TSS_SECRET_MODE_PLAIN, auth_length, auth); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_AssignToObject(hPolObject, hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_AssignToObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011131); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the permission for the index. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_PERMISSIONS, 0, 0x4); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting permission", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the data size to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_DATASIZE, 0, 0xa); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting data size", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /*Define NV space*/ result = Tspi_NV_DefineSpace(hNVStore, 0, 0); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext,NULL); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011131); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_NV_WriteValue(hNVStore, /*offset*/0,/*datalength*/10, data); #ifdef CLEAR_TEST_INDEX Tspi_Context_GetTpmObject(hContext, &hTPM); Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy); Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); Tspi_NV_ReleaseSpace(hNVStore); #endif #ifdef NV_LOCKED if (TSS_ERROR_CODE(result) != TPM_E_AUTH_CONFLICT) #else if (TSS_ERROR_CODE(result) != TSS_SUCCESS) #endif { print_error("Tspi_NV_WriteValue", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Testsuite_Transport_Final(hContext, hSigningKey); if (TSS_ERROR_CODE(result)== TSS_SUCCESS) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else { print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); if ( result == TSS_SUCCESS ) exit(-1); exit(result); } }
int main_v1_2( char version ) { char * function = "Tspi_SetAttribUint3208"; TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HTPM hTPM; TSS_HPOLICY hTpmPolicy; UINT32 ordinal = TPM_ORD_CreateWrapKey, subCap, pulRespLen; TSS_RESULT result; BYTE* prgbRespData; print_begin_test( function ); result = connect_load_all(&hContext, &hSRK, &hTPM); if ( result != TSS_SUCCESS ) { print_error( "connect_load_all", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hTpmPolicy); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_createObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Policy_SetSecret(hTpmPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Policy_AssignToObject(hTpmPolicy, hTPM); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_AssignToObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } /* Check if ordinal auditing is supported on this TPM */ result = Testsuite_Is_Ordinal_Supported(hTPM, TPM_ORD_SetOrdinalAuditStatus); if (result != TSS_SUCCESS) { fprintf(stderr, "%s: TPM doesn't support auditing, returning success\n", __FILE__); print_success( function, TSS_SUCCESS ); print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( 0 ); } //Call SetAttribUint32 result = Tspi_SetAttribUint32(hTPM, TSS_TSPATTRIB_TPM_ORDINAL_AUDIT_STATUS, TPM_CAP_PROP_TPM_SET_ORDINAL_AUDIT, ordinal); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Call SetAttribUint32 result = Tspi_SetAttribUint32(hTPM, TSS_TSPATTRIB_TPM_ORDINAL_AUDIT_STATUS, TPM_CAP_PROP_TPM_CLEAR_ORDINAL_AUDIT, ordinal); if ( result != TSS_SUCCESS ) { print_error( "Tspi_SetAttribUint32", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } else { print_success( function, result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( 0 ); }
main_v1_1(void){ char *nameOfFunction = "Tspi_ChangeAuth04"; TSS_HKEY hKey; TSS_HKEY hSRK; TSS_HPOLICY hPolicy; TSS_HKEY hMStorageKey; TSS_HCONTEXT hContext; TSS_RESULT result; TSS_FLAG initFlags; initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; TSS_HPOLICY srkUsagePolicy; print_begin_test(nameOfFunction); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); Tspi_Context_Close(hContext); exit(result); } //Create hKey result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } //Load Key By UUID result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID for hSRK", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Set Secret result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #endif //Create Storage Key result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMStorageKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Key_CreateKey(hMStorageKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Call Change Auth result = Tspi_ChangeAuth(0xffffffff, hMStorageKey, hPolicy); if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) { if(!checkNonAPI(result)){ print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } else{ print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } else{ print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(0); } }
main_v1_1(void) { char *nameOfFunction = "Tspi_ChangeAuthAsym02"; TSS_HKEY hKey; TSS_HKEY hSRK; TSS_HPOLICY hPolicy; TSS_UUID migratableStorageUUID = {1,2,3,4,5,6,7,8,9,10,5}; TSS_UUID migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,8}; TSS_UUID AIKUUID = {1,2,3,4,5,6,7,8,9,10,6}; TSS_HKEY hAIK; TSS_HKEY hMSigningKey; TSS_HKEY hMStorageKey; TSS_HCONTEXT hContext; TSS_RESULT result; TSS_FLAG initFlags; initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; TSS_HPOLICY srkUsagePolicy; print_begin_test(nameOfFunction); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create", result); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); Tspi_Context_Close(hContext); exit(result); } //Create hKey result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } //Load Key By UUID result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Set Secret result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #endif //Create Object for the hAIK Key result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hAIK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Create the hAIK Key result = Tspi_Key_CreateKey(hAIK, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } // Load hAIK Key result = Tspi_Key_LoadKey(hAIK, hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Create Object for Storage Key result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMStorageKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Create Storage Key result = Tspi_Key_CreateKey(hMStorageKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tpspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } // Load hMStorageKey Key result = Tspi_Key_LoadKey(hMStorageKey, hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Create Object for Signing Key result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMSigningKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Create Signing Key result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Get Default Policy result = Tspi_Context_GetDefaultPolicy(hContext, &hPolicy); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetPolicy", result); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Call to Change Auth Asym result = Tspi_ChangeAuthAsym(-1, hMStorageKey, hAIK, hPolicy); if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) { if(!checkNonAPI(result)) { print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } else { print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } else { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hMStorageKey); Tspi_Context_CloseObject(hContext, hAIK); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(0); } }
int main_v1_1(void){ char *nameOfFunction = "Tspi_Context_GetRegisteredKeysByUUID03"; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_FLAG initFlags; TSS_HKEY hKey; TSS_HKEY hSRK; TSS_RESULT result; TSS_UUID migratableSignUUID={1, 2, 3, 4, 5, {6, 7, 8, 9, 10, 2}}; TSS_HPOLICY srkUsagePolicy; UINT32 pulKeyHierarchySize; TSS_KM_KEYINFO* ppKeyHierarchy; initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_512 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; print_begin_test(nameOfFunction); //Create result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } //Connect result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect ", result); Tspi_Context_Close(hContext); exit(result); } //Get TPM Object result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetTpmObject ", result); Tspi_Context_Close(hContext); exit(result); } //Create Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject ", result); Tspi_Context_Close(hContext); exit(result); } //Load Key by UUID result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object for the srkUsagePolicy result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Set Secret for the srkUsagePolicy result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } #endif //Create the hKey with the hSRK wrapping key result = Tspi_Key_CreateKey(hKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Register the hKey result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRK_UUID); if (result != TSS_SUCCESS && TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) { print_error("Tspi_Context_RegisterKey ", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Get Registered Keys By UUID result = Tspi_Context_GetRegisteredKeysByUUID(hContext, -1, &migratableSignUUID, &pulKeyHierarchySize, &ppKeyHierarchy); if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) { if(!checkNonAPI(result)){ print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } else{ print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } else{ print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(0); } }
int main_v1_1(void) { char *function = "Tspi_Hash_Sign03"; TSS_HCONTEXT hContext; TSS_HKEY hSRK; TSS_HKEY hMSigningKey; TSS_HKEY hKey; TSS_UUID SRKUUID = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 }; TSS_UUID migratableSignUUID = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2 }; TSS_HHASH hHash; BYTE *prgbSignature; // UINT32 pulSignatureLength; TSS_RESULT result; TSS_HPOLICY srkUsagePolicy; TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; UINT32 exitCode = 0; print_begin_test(function); // Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create", result); exit(result); } // Connect to Context result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } // create hKey result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject (hKey)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } //Load Key By UUID result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #ifndef TESTSUITE_NOAUTH_SRK //Get Policy Object result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } //Set Secret result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE, TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #endif //Create Signing Key result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, TSS_KEY_SIZE_2048 | TSS_KEY_TYPE_SIGNING, &hMSigningKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject (signing key)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey (signing key)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Context_RegisterKey(hContext, hMSigningKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRKUUID); if ((result != TSS_SUCCESS) && (TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED)) { print_error("Tspi_Context_RegisterKey (signing key)", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_LoadKeyByUUID (signing key)", result ); Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_SHA1, &hHash); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject (hash)", result); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Hash_SetHashValue(hHash, 20, "Je pense, danc je suis."); if (result != TSS_SUCCESS) { print_error("Tspi_Hash_SetHashValue", result); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } //Load Key Blob result = Tspi_Hash_Sign(hHash, hMSigningKey, NULL, &prgbSignature); if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) { if (!(checkNonAPI(result))) { print_error(function, result); } else { print_error_nonapi(function, result); } exitCode = result; } else { print_success(function, result); } print_end_test(function); Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, migratableSignUUID, &hMSigningKey); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(exitCode); }
int main_v1_2( char version ) { char *function = "Tspi_TPM_GetCapability18"; UINT32 pulRespDataLength; BYTE *pRetData; UINT32 subCap, subCapLength, numPcrs; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_RESULT result; UINT32 exitCode; print_begin_test( function ); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); exit( result ); } // Connect to Context result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Connect", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // Retrieve TPM object of context result = Tspi_Context_GetTpmObject( hContext, &hTPM ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_GetTpmObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } subCap = TSS_TPMCAP_PROP_SESSIONS; subCapLength = sizeof(UINT32); result = Tspi_TPM_GetCapability( hTPM, TSS_TPMCAP_PROPERTY, subCapLength, (BYTE *)&subCap, &pulRespDataLength, &pRetData ); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); exitCode = 1; } else { print_error_nonapi( function, result ); exitCode = 1; } } else { print_success( function, result ); exitCode = 0; if (pulRespDataLength == sizeof(UINT32)) fprintf(stderr, "\tThere are %u available sessions in the pool\n\n", *(UINT32 *)pRetData ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( exitCode ); }
int main_v1_2(char version) { char *nameOfFunction = "Tspi_Nv_DefineSpace-trans03"; TSS_HCONTEXT hContext = NULL_HCONTEXT; TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE TSS_HPOLICY hPolicy = NULL_HPOLICY; TSS_HTPM hTPM = NULL_HTPM; TSS_RESULT result; TSS_HKEY hWrappingKey, hSRK; print_begin_test(nameOfFunction); result = connect_load_all(&hContext, &hSRK, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey, NULL); if (result != TSS_SUCCESS) { print_error("Testsuite_Transport_Init", result); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #ifdef NV_LOCKED /* Get TPM object */ result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetTpmObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #endif /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011101); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the permission for the index. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_PERMISSIONS, 0, 0x2000); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting permission", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the data size to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_DATASIZE, 0, 0xa); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting data size", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /*Define NV space*/ result = Tspi_NV_DefineSpace(hNVStore, 0, 0); #ifdef CLEAR_TEST_INDEX Tspi_NV_ReleaseSpace(hNVStore); #endif if (result != TSS_SUCCESS) { print_error("Tspi_NV_DefineSpace", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Testsuite_Transport_Final(hContext, 0); if (result== TSS_SUCCESS) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else { print_error("Tspi_NV_DefineSpace", result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } }
int main(int argc, char *argv[]) { int ret; char base32_key[BASE32_LEN(keylen)+1]; unsigned char uefiblob[4100]; unsigned char blob[4096]; /* resulting sealed blob */ unsigned int bloblen; /* blob length */ unsigned char wellknown[20] = {0}; unsigned char totpstring[64]; uint32_t pcrmask = 0x000003BF; // PCRs 0-5 and 7-9 const char * hostname = "TPMTOTP"; char *outfile_name; FILE *infile; FILE *outfile; QRcode *qrcode; #ifdef CONFIG_TSS TSS_HCONTEXT context; #endif if (generate_key()) { return -1; } pcrvals = malloc(NUM_PCRS * sizeof(uint8_t*)); CHECK_MALLOC(pcrvals); static int base32_flag = 0; static int qr_flag = 1; static int nvram_flag = 0; int option_index = 0; static struct option long_options[] = { {"pcrs", required_argument, 0, 'p'}, {"nvram", no_argument, &nvram_flag, 1}, {"no-qrcode", no_argument, &qr_flag, 0}, {"base32", no_argument, &base32_flag, 1}, {"help", no_argument, 0, 'h'}, {0,0,0,0} }; if (argc == 1) { print_help(); return -1; } int c; while ((c = getopt_long(argc, argv, "p:nbh", long_options, &option_index)) != -1) { switch (c) { case 0: // Flag only break; case 'p': pcrmask = parse_pcrs(optarg); if (pcrmask == (uint32_t) -1) return -1; break; case 'h': print_help(); return 0; case 'b': base32_flag = 1; break; case 'n': nvram_flag = 1; break; case 's': qr_flag = 0; break; case '?': // Unrecognized Option print_help(); return -1; default: print_help(); } } if (!nvram_flag) { if (optind == argc) { fprintf(stderr, "Output name required!\n"); print_help(); return -1; } else { outfile_name = argv[optind]; } } base32_encode(key, keylen, base32_key); base32_key[BASE32_LEN(keylen)] = NULL; #ifdef CONFIG_TSS ret = Tspi_Context_Create(&context); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to create TPM context\n"); return -1; } ret = Tspi_Context_Connect(context, NULL); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to connect to TPM\n"); return -1; } ret = TSPI_SealCurrPCR(context, // context 0x40000000, // SRK pcrmask, wellknown, // Well-known SRK secret wellknown, // Well-known SEAL secret key, keylen, /* data to be sealed */ blob, &bloblen); /* buffer to receive result */ #else ret = TPM_SealCurrPCR( 0x40000000, // SRK pcrmask, wellknown, // Well-known SRK secret wellknown, // Well-known SEAL secret key, keylen, /* data to be sealed */ blob, &bloblen); /* buffer to receive result */ #endif if (ret != 0) { fprintf(stderr, "Error %s from TPM_Seal\n", TPM_GetErrMsg(ret)); //goto out; } sprintf(totpstring, "otpauth://totp/%s?secret=%s", hostname, base32_key); //sprintf(totpstring, "%s", base32_key); if (base32_flag) { printf("%s\n", base32_key); } printf("%s\n", totpstring); if (qr_flag) { qrcode = QRcode_encodeString(totpstring, 0, QR_ECLEVEL_L, QR_MODE_8, 1); writeANSI(qrcode); } if (nvram_flag) { uint32_t nvindex = 0x00004d47; uint32_t permissions = TPM_NV_PER_OWNERREAD|TPM_NV_PER_OWNERWRITE; #ifdef CONFIG_TSS TSS_HNVSTORE nvObject; TSS_FLAG nvattrs = 0; ret = Tspi_Context_CreateObject(context, TSS_OBJECT_TYPE_NV, nvattrs, &nvObject); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to create nvram object: %x\n", ret); goto out; } ret = Tspi_SetAttribUint32(nvObject, TSS_TSPATTRIB_NV_INDEX, 0, nvindex); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to set index\n"); goto out; } ret = Tspi_SetAttribUint32(nvObject, TSS_TSPATTRIB_NV_PERMISSIONS, 0, permissions); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to set permissions\n"); goto out; } ret = Tspi_SetAttribUint32(nvObject, TSS_TSPATTRIB_NV_DATASIZE, 0, bloblen); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to set size\n"); goto out; } ret = Tspi_NV_DefineSpace(nvObject, NULL, NULL); if (ret != TSS_SUCCESS && ret != (0x3000 | TSS_E_NV_AREA_EXIST)) { fprintf(stderr, "Unable to define space: %x\n", ret); goto out; } ret = Tspi_NV_WriteValue(nvObject, 0, bloblen, blob); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to write to nvram\n"); goto out; } #else unsigned char * ownauth = wellknown; unsigned char * areaauth = wellknown; TPM_PCR_INFO_SHORT *pcrInfoRead = NULL; TPM_PCR_INFO_SHORT *pcrInfoWrite = NULL; ret = TPM_NV_DefineSpace2( ownauth, nvindex, bloblen, permissions, areaauth, pcrInfoRead, pcrInfoWrite); //if (ret != TPM_SUCCESS && ret != (0x3000 | TSS_E_NV_AREA_EXIST)) { if (ret != TPM_SUCCESS) { fprintf(stderr, "Unable to define space: %x\n", ret); goto out; } ret = TPM_NV_WriteValue( nvindex, 0, blob, bloblen, ownauth ); if (ret != TPM_SUCCESS) { fprintf(stderr, "Unable to write to nvram\n"); goto out; } #endif } else { outfile = fopen(outfile_name, "w"); if (outfile == NULL) { fprintf(stderr, "Unable to open output file '%s'\n", outfile_name); goto out; } if (strncmp(outfile_name, efivarfs, strlen(efivarfs)) == 0) { int attributes = 7; // NV, RT, BS memcpy(uefiblob, &attributes, sizeof(int)); memcpy(uefiblob + sizeof(int), blob, bloblen); bloblen += sizeof(int); ret = fwrite(uefiblob, 1, bloblen, outfile); } else { ret = fwrite(blob, 1, bloblen, outfile); } if (ret != bloblen) { fprintf(stderr, "I/O Error while writing output file '%s'\n", outfile_name); goto out; } } out: #ifdef CONFIG_TSS Tspi_Context_FreeMemory(context, NULL); Tspi_Context_Close(context); #endif exit(ret); }
int main_v1_1(void) { char *nameOfFunction = "Tspi_Context_GetCapability18"; TSS_HCONTEXT hContext; TSS_FLAG capArea = TSS_TCSCAP_MANUFACTURER; UINT32 subCap; UINT32 ulSubCapLength; BYTE *prgbRespData; UINT32 pulRespDataLength; TSS_RESULT result; print_begin_test(nameOfFunction); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect ", result); exit(result); } subCap = TSS_TCSCAP_PROP_MANUFACTURER_STR; ulSubCapLength = sizeof(UINT32); //Get Capability result = Tspi_Context_GetCapability(hContext, capArea, ulSubCapLength, (BYTE *) & subCap, &pulRespDataLength, &prgbRespData); if (result != TSS_SUCCESS) { if (!checkNonAPI(result)) { print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } else { print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } } else { fprintf(stderr, "Manufacturer string is: %s\n", TestSuite_UNICODE_To_Native(prgbRespData, &pulRespDataLength)); result = Tspi_Context_FreeMemory(hContext, prgbRespData); if (result != TSS_SUCCESS) { print_error("Tspi_Context_FreeMemory ", result); Tspi_Context_Close(hContext); exit(result); } print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } }
int main_v1_2( char version ) { char *function = "Tspi_TPM_SetOperatorAuth01"; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_HKEY hSRK; TSS_HPOLICY hOperatorPolicy; TSS_RESULT result; print_begin_test( function ); result = connect_load_all(&hContext, &hSRK, &hTPM); if ( result != TSS_SUCCESS ) { print_error( "connect_load_all", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_OPERATOR, &hOperatorPolicy); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_CreateObject", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_Policy_SetSecret( hOperatorPolicy, TESTSUITE_OPERATOR_SECRET_MODE, TESTSUITE_OPERATOR_SECRET_LEN, TESTSUITE_OPERATOR_SECRET); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Policy_SetSecret", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Tspi_TPM_SetOperatorAuth( hTPM, hOperatorPolicy ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_TPM_SetOperatorAuth", result ); print_error_exit( function, err_string(result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } else { print_success( function, result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); }
CK_RV session_mgr_close_session(SESSION *sess) { DL_NODE * node = NULL; CK_RV rc = CKR_OK; if (! sess) return (FALSE); rc = pthread_mutex_lock(&sess_list_mutex); if (rc != CKR_OK) { return (CKR_FUNCTION_FAILED); } node = dlist_find(sess_list, sess); if (! node) { rc = CKR_FUNCTION_FAILED; goto done; } (void) object_mgr_purge_session_objects(sess, ALL); if (sess->find_list) free(sess->find_list); if (sess->encr_ctx.context) free(sess->encr_ctx.context); if (sess->encr_ctx.mech.pParameter) free(sess->encr_ctx.mech.pParameter); if (sess->decr_ctx.context) free(sess->decr_ctx.context); if (sess->decr_ctx.mech.pParameter) free(sess->decr_ctx.mech.pParameter); if (sess->digest_ctx.context.ref) free(sess->digest_ctx.context.ref); if (sess->digest_ctx.mech.pParameter) free(sess->digest_ctx.mech.pParameter); if (sess->sign_ctx.context) free(sess->sign_ctx.context); if (sess->sign_ctx.mech.pParameter) free(sess->sign_ctx.mech.pParameter); if (sess->verify_ctx.context) free(sess->verify_ctx.context); if (sess->verify_ctx.mech.pParameter) free(sess->verify_ctx.mech.pParameter); if (sess->hContext) (void) Tspi_Context_Close(sess->hContext); free(sess); sess_list = dlist_remove_node(sess_list, node); if (sess_list == NULL) { TSS_HCONTEXT hContext; if (open_tss_context(&hContext) == 0) { (void) object_mgr_purge_private_token_objects(hContext); (void) Tspi_Context_Close(hContext); } global_login_state = 0; (void) pthread_mutex_lock(&obj_list_mutex); (void) object_mgr_purge_map((SESSION *)0xFFFF, PRIVATE); (void) pthread_mutex_unlock(&obj_list_mutex); } done: (void) pthread_mutex_unlock(&sess_list_mutex); return (rc); }
main_v1_1(void){ char *nameOfFunction = "Tspi_GetAttribData19"; TSS_FLAG initFlags; TSS_HKEY hKey; TSS_HCONTEXT hContext; TSS_RESULT result; TSS_HKEY hSRK; BYTE* uuid; UINT32 uuidLength; int rc; TSS_UUID null_uuid, key_uuid; initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; memset(&null_uuid, 0, sizeof(TSS_UUID)); memset(&key_uuid, 0x7f, sizeof(TSS_UUID)); print_begin_test(nameOfFunction); //Create Context and connect result = connect_load_srk(&hContext, &hSRK); if (result != TSS_SUCCESS) { print_error("connect_load_srk", result); print_error_exit(nameOfFunction, err_string(result)); exit(result); } //Create Key Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Create Key in the TPM result = Tspi_Key_CreateKey(hKey, hSRK, 0); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Call GetAttribData, uuid should be all 0's result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_UUID, 0, &uuidLength, &uuid); if (result != TSS_SUCCESS) { print_error("Tspi_GetAttribData", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Check length and data if (uuidLength != sizeof(TSS_UUID)) { print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1); print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } if ((rc = memcmp(uuid, &null_uuid, uuidLength))) { print_verifyerr("a null uuid from Tspi_GetAttribData", 0, rc); print_hex(uuid, sizeof(TSS_UUID)); print_error("uuid NULL from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } Tspi_Context_FreeMemory(hContext, uuid); register_key: //Register Key result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM, key_uuid, TSS_PS_TYPE_SYSTEM, SRK_UUID); if (TSS_ERROR_CODE(result) == TSS_E_KEY_ALREADY_REGISTERED) { result = Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, key_uuid, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_UnregisterKey", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } goto register_key; } else if (result != TSS_SUCCESS) { print_error("Tspi_Context_RegisterKey", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Close the object result = Tspi_Context_CloseObject(hContext, hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CloseObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } hKey = 0; //Load the key by UUID from PS result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, key_uuid, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_LoadKeyByUUID", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Call GetAttribData, uuid should be equal to key_uuid result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_UUID, 0, &uuidLength, &uuid); if (result != TSS_SUCCESS) { print_error("Tspi_GetAttribData", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_Close(hContext); exit(result); } //Check length and data if (uuidLength != sizeof(TSS_UUID)) { print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1); print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } if ((rc = memcmp(uuid, &key_uuid, uuidLength))) { print_verifyerr("key's uuid from Tspi_GetAttribData", 0, rc); print_hex((BYTE *)&key_uuid, sizeof(TSS_UUID)); print_error("key's uuid from Tspi_GetAttribData", TSS_E_FAIL); Tspi_Context_Close(hContext); exit(result); } print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_Close(hContext); exit(0); }
/* initialisation function */ static int tpm_engine_init(ENGINE * e) { TSS_RESULT result; DBG("%s", __FUNCTION__); #ifdef DLOPEN_TSPI if (tpm_dso != NULL) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_ALREADY_LOADED); return 1; } if ((tpm_dso = DSO_load(NULL, TPM_LIBNAME, NULL, 0)) == NULL) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_DSO_FAILURE); goto err; } #define bind_tspi_func(dso, func) (p_tspi_##func = (void *)DSO_bind_func(dso, "Tspi_" #func)) if (!bind_tspi_func(tpm_dso, Context_Create) || !bind_tspi_func(tpm_dso, Context_Close) || !bind_tspi_func(tpm_dso, Context_Connect) || !bind_tspi_func(tpm_dso, TPM_GetRandom) || !bind_tspi_func(tpm_dso, Key_CreateKey) || !bind_tspi_func(tpm_dso, Data_Bind) || !bind_tspi_func(tpm_dso, Data_Unbind) || !bind_tspi_func(tpm_dso, Context_CreateObject) || !bind_tspi_func(tpm_dso, Context_FreeMemory) || !bind_tspi_func(tpm_dso, Key_LoadKey) || !bind_tspi_func(tpm_dso, Context_LoadKeyByUUID) || !bind_tspi_func(tpm_dso, GetAttribData) || !bind_tspi_func(tpm_dso, Hash_Sign) || !bind_tspi_func(tpm_dso, Context_CloseObject) || !bind_tspi_func(tpm_dso, Hash_SetHashValue) || !bind_tspi_func(tpm_dso, SetAttribUint32) || !bind_tspi_func(tpm_dso, GetPolicyObject) || !bind_tspi_func(tpm_dso, Policy_SetSecret) || !bind_tspi_func(tpm_dso, TPM_StirRandom) || !bind_tspi_func(tpm_dso, Context_LoadKeyByBlob) || !bind_tspi_func(tpm_dso, Context_GetTpmObject) || !bind_tspi_func(tpm_dso, GetAttribUint32) || !bind_tspi_func(tpm_dso, SetAttribData) || !bind_tspi_func(tpm_dso, Policy_AssignToObject) ) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_DSO_FAILURE); goto err; } #endif /* DLOPEN_TSPI */ if ((result = Tspi_Context_Create(&hContext))) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE); goto err; } /* XXX allow dest to be specified through pre commands */ if ((result = Tspi_Context_Connect(hContext, NULL))) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE); goto err; } if ((result = Tspi_Context_GetTpmObject(hContext, &hTPM))) { TSSerr(TPM_F_TPM_ENGINE_INIT, TPM_R_UNIT_FAILURE); goto err; } tpm_rsa.rsa_mod_exp = RSA_PKCS1_SSLeay()->rsa_mod_exp; return 1; err: if (hContext != NULL_HCONTEXT) { Tspi_Context_Close(hContext); hContext = NULL_HCONTEXT; hTPM = NULL_HTPM; } #ifdef DLOPEN_TSPI if (tpm_dso) { DSO_free(tpm_dso); tpm_dso = NULL; } p_tspi_Context_Create = NULL; p_tspi_Context_Close = NULL; p_tspi_Context_Connect = NULL; p_tspi_Context_FreeMemory = NULL; p_tspi_Context_LoadKeyByBlob = NULL; p_tspi_Context_LoadKeyByUUID = NULL; p_tspi_Context_GetTpmObject = NULL; p_tspi_Context_CloseObject = NULL; p_tspi_Key_CreateKey = NULL; p_tspi_Key_LoadKey = NULL; p_tspi_Data_Bind = NULL; p_tspi_Data_Unbind = NULL; p_tspi_Hash_SetHashValue = NULL; p_tspi_Hash_Sign = NULL; p_tspi_GetAttribData = NULL; p_tspi_SetAttribData = NULL; p_tspi_GetAttribUint32 = NULL; p_tspi_SetAttribUint32 = NULL; p_tspi_GetPolicyObject = NULL; p_tspi_Policy_SetSecret = NULL; p_tspi_Policy_AssignToObject = NULL; p_tspi_TPM_StirRandom = NULL; p_tspi_TPM_GetRandom = NULL; #endif return 0; }
int main_v1_2(char version) { char *function = "Tspi_TPM_GetCapability-trans01"; UINT32 pulRespDataLength; BYTE *pNumPCRs; UINT32 subCap, subCapLength, numPcrs; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_RESULT result; TSS_HKEY hSRK, hSigningKey, hWrappingKey; print_begin_test( function ); result = connect_load_all(&hContext, &hSRK, &hTPM); if ( result != TSS_SUCCESS ) { print_error( "connect_load_all", (result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, FALSE, &hWrappingKey, &hSigningKey); if (result != TSS_SUCCESS) { print_error("Testsuite_Transport_Init", result); Tspi_Context_Close(hContext); exit(result); } subCap = TSS_TPMCAP_PROP_PCR; subCapLength = sizeof(UINT32); result = Tspi_TPM_GetCapability( hTPM, TSS_TPMCAP_PROPERTY, subCapLength, (BYTE *)&subCap, &pulRespDataLength, &pNumPCRs ); if (result != TSS_SUCCESS) { print_error("Tspi_TPM_GetCapability", result); Tspi_Context_Close(hContext); exit(result); } result = Testsuite_Transport_Final(hContext, hSigningKey); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } } else { print_success( function, result ); } fprintf(stderr, "\tThere are %u PCRs supported by this TPM\n", *(UINT32 *)pNumPCRs ); print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); }
int main_v1_1( void ) { char *function = "Tspi_Context_CreateObject"; TSS_RESULT result; TSS_HCONTEXT hContext; TSS_HOBJECT hObject; print_begin_test( function ); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); exit( result ); } /* ==== TEST 1 ==== */ /* create a default hash obj */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_DEFAULT, &hObject); if ( result == TSS_SUCCESS ) { print_success( function, result ); } else { print_error( "Tspi_Context_CreateObject", result ); } /* close the object, test done */ result = Tspi_Context_CloseObject(hContext, hObject); if (result != TSS_SUCCESS) { print_error( "Tspi_Context_CreateObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } /* ==== TEST 2 ==== */ /* create a hash sha1 obj */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_SHA1, &hObject); if ( result == TSS_SUCCESS ) { print_success( function, result ); } else { print_error( "Tspi_Context_CreateObject", result ); } /* close the object, test done */ result = Tspi_Context_CloseObject(hContext, hObject); if (result != TSS_SUCCESS) { print_error( "Tspi_Context_CreateObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } /* ==== TEST 3 ==== */ /* create a hash other obj */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, TSS_HASH_OTHER, &hObject); if ( result == TSS_SUCCESS ) { print_success( function, result ); } else { print_error( "Tspi_Context_CreateObject", result ); } /* close the object, test done */ result = Tspi_Context_CloseObject(hContext, hObject); if (result != TSS_SUCCESS) { print_error( "Tspi_Context_CreateObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } /* ==== TEST 4 ==== */ /* create an invalid hash obj */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, 0xffddeeff, &hObject); if ( TSS_ERROR_CODE(result) == TSS_E_INVALID_OBJECT_INITFLAG ) { print_success( function, result ); } else { if (result == TSS_SUCCESS) Tspi_Context_CloseObject(hContext, hObject); print_error( "Tspi_Context_CreateObject", result ); } /* ==== TEST 5 ==== */ /* create an ambiguous hash obj */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH, 0x15151551, &hObject); if ( TSS_ERROR_CODE(result) == TSS_E_INVALID_OBJECT_INITFLAG ) { print_success( function, result ); } else { if (result == TSS_SUCCESS) Tspi_Context_CloseObject(hContext, hObject); print_error( "Tspi_Context_CreateObject", result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( 0 ); }
int main_v1_2(char version) { char *nameOfFunction = "Tspi_Nv_ReadValue03"; TSS_HCONTEXT hContext = NULL_HCONTEXT; TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE TSS_HOBJECT hPolObject = NULL_HOBJECT; TSS_HPOLICY hPolicy = NULL_HPOLICY; TSS_HTPM hTPM = NULL_HTPM; BYTE *auth = "123456"; UINT32 auth_length = 6; BYTE *policyData; UINT32 read_space = 10; TSS_RESULT result; print_begin_test(nameOfFunction); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); print_error_exit(nameOfFunction, err_string(result)); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext,NULL); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #ifdef NV_LOCKED /* Get TPM object */ result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetTpmObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #endif /* Create policy object for the NV object*/ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hPolObject); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolObject, TSS_SECRET_MODE_PLAIN, auth_length, auth); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_AssignToObject(hPolObject, hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_AssignToObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011143); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the permission for the index. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_PERMISSIONS, 0, 0x42000); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting permission", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the data size to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_DATASIZE, 0, 0xa); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting data size", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /*Define NV space*/ result = Tspi_NV_DefineSpace(hNVStore, 0, 0); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); print_error_exit(nameOfFunction, err_string(result)); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext,NULL); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create policy object for the NV object*/ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hPolObject); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolObject, TSS_SECRET_MODE_PLAIN, auth_length, auth); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_AssignToObject(hPolObject, hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_AssignToObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011143); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_NV_ReadValue(hNVStore,/*read_offset*/0, &read_space, &policyData); #ifdef CLEAR_TEST_INDEX Tspi_Context_GetTpmObject(hContext, &hTPM); Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy); Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); Tspi_NV_ReleaseSpace(hNVStore); #endif #ifdef NV_LOCKED if (TSS_ERROR_CODE(result)== TSS_SUCCESS) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else { print_error("Tspi_NV_ReadValue", result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #else if (TSS_ERROR_CODE(result)== TSS_SUCCESS) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else { print_error("Tspi_NV_ReadValue", result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #endif }
int main(int argc, char *argv[]) { char *filename = DEFAULT_FILENAME; int i=1; char *param; TSS_RESULT result; TSS_HCONTEXT hContext; TSS_HDAA hDAA; FILE *file; // foreground = 1; // for debug printf("Key Verification (%s:%s,%s)\n", argv[0], __DATE__, __TIME__); while( i < argc) { param = argv[ i]; if( strcmp( param, "-if") == 0 || strcmp( param, "--issuer_file")) { i++; if( i == argc) return print_usage( argv[0]); filename = argv[i]; } else { fprintf(stderr, "%s:unrecognized option `%s'\n", argv[0], param); return print_usage( argv[0]); } i++; } bi_init( NULL); printf("Loading issuer info (keypair & proof) -> \'%s\'", filename); file = fopen( filename, "r"); if( file == NULL) { fprintf( stderr, "%s: Error when opening \'%s\': %s\n", argv[0], filename, strerror( errno)); return -1; } KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof = load_KEY_PAIR_WITH_PROOF( file); if( key_pair_with_proof == NULL) { fprintf( stderr, "%s: Error when reading \'%s\': %s\n", argv[0], filename, strerror( errno)); return -1; } fclose( file); // Create Context printf("\nCreate Context\n"); result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { fprintf( stderr, "Tspi_Context_Create %d\n", result ); exit( result ); } // Connect to Context printf("\nConnect to the context\n"); result = Tspi_Context_Connect( hContext, NULL ); if ( result != TSS_SUCCESS ) { fprintf( stderr, "Tspi_Context_Connect error:%d\n", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //TODO save key in the persistent store // result = ps_write_key( fd, ) //Create Object result = obj_daa_add( hContext, &hDAA); if (result != TSS_SUCCESS) { LogError("Tspi_Context_CreateObject:%d", result); Tspi_Context_Close(hContext); LogError("issuer_setup: %s", err_string(result)); exit(result); } // TSS_HDAA, TSS_HKEY, TSS_DAA_PK_PROOF, TSS_BOOL* isCorrect( hDAA, key_pair_with_proof->pk, key_pair_with_proof->proof); obj_daa_remove( hDAA, hContext); printf("\nClosing the context\n"); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( 0 ); }
int main_v1_1( void ) { char *function = "Tspi_TPM_GetRandom01"; BYTE *random; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_RESULT result; print_begin_test( function ); // Create Context result = Tspi_Context_Create( &hContext ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Create", result ); exit( result ); } // Connect to Context result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_Connect", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } // Retrieve TPM object of context result = Tspi_Context_GetTpmObject( hContext, &hTPM ); if ( result != TSS_SUCCESS ) { print_error( "Tspi_Context_GetTpmObject", result ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } //Get random number result = Tspi_TPM_GetRandom( hTPM, 16, &random ); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } } else { result = Tspi_Context_FreeMemory(hContext, random); if (result != TSS_SUCCESS) { print_error("Tspi_Context_FreeMemory ", result); Tspi_Context_Close(hContext); exit(result); } print_success( function, result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); }
int main(int argc, char **argv) { RSA *rsa = NULL; TSS_HCONTEXT hContext; TSS_HKEY hKey, hSRK, hCAKey; TSS_HPOLICY hTPMPolicy, hidpol; TSS_UUID srkUUID = TSS_UUID_SRK; TSS_HPOLICY srkpol; TSS_HTPM hTPM; UINT32 idbloblen, ch; int ret,i, blobos, fd; BYTE *srkpass, *tpmpass; BYTE *blobo, *idblob; srkpass = tpmpass = NULL; while ((ch = getopt(argc, argv, "hs:t:")) != -1) { switch (ch) { case 's': srkpass = optarg; break; case 't': tpmpass = optarg; break; case 'h': default: usage(argv[0]); break; } } if (!srkpass || !tpmpass) usage(argv[0]); /* create context and connect */ ret = Tspi_Context_Create(&hContext); check_fail("context create", ret); ret = Tspi_Context_Connect(hContext, NULL); check_fail("context connect", ret); ret = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, srkUUID, &hSRK); check_fail("loadkeybyuuid", ret); ret = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkpol); check_fail("get policy object", ret); //ret = Tspi_Policy_SetSecret(srkpol, TSS_SECRET_MODE_PLAIN, 4, "1234"); ret = Tspi_Policy_SetSecret(srkpol, TSS_SECRET_MODE_PLAIN, strlen(srkpass), srkpass); check_fail("policy set secret", ret); ret = Tspi_Context_GetTpmObject(hContext, &hTPM); check_fail("get policy object", ret); //Insert the owner auth into the TPM's policy ret = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTPMPolicy); check_fail("get tpm policy", ret); ret = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_PLAIN, strlen(tpmpass), tpmpass); check_fail("set owner secret", ret); ret = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, //TSS_KEY_TYPE_STORAGE TSS_KEY_TYPE_IDENTITY //TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 | TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE | TSS_KEY_VOLATILE , &hKey); check_fail("create object - key", ret); ret = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &hidpol); check_fail("get id key policy", ret); ret = Tspi_Policy_SetSecret(hidpol, TSS_SECRET_MODE_PLAIN, strlen(srkpass), srkpass); check_fail("set idkey secret", ret); /* We must create this fake privacy CA key in software so that * Tspi_TPM_CollateIdentityRequest will happily work. It needs it to * create the cert request which is required in a normal remote * attestion procedure. It is not needed in our setup though. */ ret = make_fake_key(hContext, &hCAKey, &rsa, RSA_PKCS1_OAEP_PADDING); check_fail("ca nonsense", ret); /* We do not care about idblob - that is the certificate request that * we are supposed to send to our CA in normal remote attestation. The * fifth argument is our identity label (it is supposed to be unicode). */ ret = Tspi_TPM_CollateIdentityRequest(hTPM, hSRK, hCAKey, 8, "id label", hKey, TSS_ALG_3DES, &idbloblen, &idblob); check_fail("collate id", ret); blobo = NULL; /*ret = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobos, &blobo);*/ ret = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_BLOB, &blobos, &blobo); check_fail("get blob", ret); if (!blobo) { Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); FATAL("no blobo"); } printf("size: %d\n", blobos); for (i = 0;i < blobos; i++) { printf("\\x%x", blobo[i]); } printf("\n"); fd = open("key.blob", O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR); if (fd == -1) { Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); FATAL("Open\n"); } ret = write(fd, blobo, blobos); if (ret != blobos) printf("Warning: couldn't write the whole key\n"); close(fd); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); return 0; }
int main_v1_2(char version) { char *function = "Tspi_TPM_GetRandom-trans02"; BYTE *random; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_RESULT result; TSS_HKEY hSRK, hSigningKey, hWrappingKey; print_begin_test( function ); result = connect_load_all(&hContext, &hSRK, &hTPM); if ( result != TSS_SUCCESS ) { print_error( "connect_load_all", (result) ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); } result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey, &hSigningKey); if (result != TSS_SUCCESS) { print_error("Testsuite_Transport_Init", result); Tspi_Context_Close(hContext); exit(result); } //Get random number result = Tspi_TPM_GetRandom( hTPM, 16, &random ); if (result != TSS_SUCCESS) { print_error("Tspi_TPM_GetRandom", result); Tspi_Context_Close(hContext); exit(result); } result = Tspi_Context_FreeMemory(hContext, random); if (result != TSS_SUCCESS) { print_error("Tspi_Context_FreeMemory ", result); Tspi_Context_Close(hContext); exit(result); } result = Testsuite_Transport_Final(hContext, hSigningKey); if ( result != TSS_SUCCESS ) { if( !(checkNonAPI(result)) ) { print_error( function, result ); } else { print_error_nonapi( function, result ); } } else { print_success( function, result ); } print_end_test( function ); Tspi_Context_FreeMemory( hContext, NULL ); Tspi_Context_Close( hContext ); exit( result ); }
int main(int argc, char **argv) { TSS_HCONTEXT hContext; TSS_FLAG initFlags = TSS_KEY_TYPE_LEGACY | TSS_KEY_VOLATILE; TSS_HKEY hKey; TSS_HKEY hSRK; TSS_RESULT result; TSS_HPOLICY srkUsagePolicy, keyUsagePolicy, keyMigrationPolicy; BYTE *blob; UINT32 blob_size, srk_authusage; BIO *outb; ASN1_OCTET_STRING *blob_str; unsigned char *blob_asn1 = NULL; int asn1_len; char *filename, c, *openssl_key = NULL; int option_index, auth = 0, popup = 0, wrap = 0; UINT32 enc_scheme = TSS_ES_RSAESPKCSV15; UINT32 sig_scheme = TSS_SS_RSASSAPKCS1V15_DER; UINT32 key_size = 2048; RSA *rsa; while (1) { option_index = 0; c = getopt_long(argc, argv, "pe:q:s:ahw:", long_options, &option_index); if (c == -1) break; switch (c) { case 'a': initFlags |= TSS_KEY_AUTHORIZATION; auth = 1; break; case 'h': usage(argv[0]); break; case 's': key_size = atoi(optarg); break; case 'e': if (!strncasecmp("oaep", optarg, 4)) { enc_scheme = TSS_ES_RSAESOAEP_SHA1_MGF1; } else if (strncasecmp("pkcs", optarg, 4)) { usage(argv[0]); } break; case 'q': if (!strncasecmp("der", optarg, 3)) { sig_scheme = TSS_SS_RSASSAPKCS1V15_SHA1; } else if (strncasecmp("sha", optarg, 3)) { usage(argv[0]); } break; case 'p': initFlags |= TSS_KEY_AUTHORIZATION; auth = 1; popup = 1; break; case 'w': initFlags |= TSS_KEY_MIGRATABLE; wrap = 1; openssl_key = optarg; break; default: usage(argv[0]); break; } } /* set up the key option flags */ switch (key_size) { case 512: initFlags |= TSS_KEY_SIZE_512; break; case 1024: initFlags |= TSS_KEY_SIZE_1024; break; case 2048: initFlags |= TSS_KEY_SIZE_2048; break; case 4096: initFlags |= TSS_KEY_SIZE_4096; break; case 8192: initFlags |= TSS_KEY_SIZE_8192; break; case 16384: initFlags |= TSS_KEY_SIZE_16384; break; default: usage(argv[0]); break; } #if 0 while (argc--) { printf("argv[%d] = \"%s\"\n", argc, argv[argc]); } exit(1); #endif filename = argv[argc - 1]; if (argc < 2 || filename[0] == '-') usage(argv[0]); //Create Context if ((result = Tspi_Context_Create(&hContext))) { print_error("Tspi_Context_Create", result); exit(result); } //Connect Context if ((result = Tspi_Context_Connect(hContext, NULL))) { print_error("Tspi_Context_Connect", result); Tspi_Context_Close(hContext); exit(result); } //Create Object if ((result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey))) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO, TSS_TSPATTRIB_KEYINFO_SIGSCHEME, sig_scheme))) { print_error("Tspi_SetAttribUint32", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO, TSS_TSPATTRIB_KEYINFO_ENCSCHEME, enc_scheme))) { print_error("Tspi_SetAttribUint32", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Load Key By UUID if ((result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK))) { print_error("Tspi_Context_LoadKeyByUUID", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } if ((result = Tspi_GetAttribUint32(hSRK, TSS_TSPATTRIB_KEY_INFO, TSS_TSPATTRIB_KEYINFO_AUTHUSAGE, &srk_authusage))) { print_error("Tspi_GetAttribUint32", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } if (srk_authusage) { char *authdata = calloc(1, 128); if (!authdata) { fprintf(stderr, "malloc failed.\n"); Tspi_Context_Close(hContext); exit(result); } if ((result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy))) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); free(authdata); exit(result); } if (EVP_read_pw_string(authdata, 128, "SRK Password: "******"Tspi_Policy_SetSecret", result); free(authdata); Tspi_Context_Close(hContext); exit(result); } free(authdata); } if (auth) { if ((result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &keyUsagePolicy))) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } if (popup) { //Set Secret if ((result = Tspi_Policy_SetSecret(keyUsagePolicy, TSS_SECRET_MODE_POPUP, 0, NULL))) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_Close(hContext); exit(result); } } else { char *authdata = calloc(1, 128); if (!authdata) { fprintf(stderr, "malloc failed.\n"); Tspi_Context_Close(hContext); exit(result); } if (EVP_read_pw_string(authdata, 128, "Enter Key Usage Password: "******"Passwords do not match.\n"); free(authdata); Tspi_Context_Close(hContext); exit(result); } //Set Secret if ((result = Tspi_Policy_SetSecret(keyUsagePolicy, TSS_SECRET_MODE_PLAIN, strlen(authdata), (BYTE *)authdata))) { print_error("Tspi_Policy_SetSecret", result); free(authdata); Tspi_Context_Close(hContext); exit(result); } free(authdata); } if ((result = Tspi_Policy_AssignToObject(keyUsagePolicy, hKey))) { print_error("Tspi_Policy_AssignToObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } // Create or Wrap Key if (wrap) { char n[256], p[128]; unsigned int size_n, size_p; BYTE *pubSRK; /*Set migration policy needed to wrap the key*/ if ((result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_MIGRATION, &keyMigrationPolicy))) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } if (auth) { char *authdata = calloc(1, 128); if (!authdata) { fprintf(stderr, "malloc failed.\n"); Tspi_Context_Close(hContext); exit(result); } if (EVP_read_pw_string(authdata, 128, "Enter Key Migration Password: "******"Passwords do not match.\n"); free(authdata); Tspi_Context_Close(hContext); exit(result); } if ((result = Tspi_Policy_SetSecret(keyMigrationPolicy, TSS_SECRET_MODE_PLAIN, strlen(authdata), (BYTE *)authdata))) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_Close(hContext); exit(result); } free(authdata); } if ((result = Tspi_Policy_AssignToObject(keyMigrationPolicy, hKey))) { print_error("Tspi_Policy_AssignToObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } /* Pull the PubKRK out of the TPM */ if ((result = Tspi_Key_GetPubKey(hSRK, &size_n, &pubSRK))) { print_error("Tspi_Key_WrapKey", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } Tspi_Context_FreeMemory(hContext, pubSRK); if ((rsa = openssl_read_key(openssl_key)) == NULL) { Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(-1); } if (RSA_size(rsa) != key_size / 8) { fprintf(stderr, "Error, key size is incorrect, please use the '-s' option\n"); RSA_free(rsa); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(-1); } if (openssl_get_modulus_and_prime(rsa, &size_n, (unsigned char *)n, &size_p, (unsigned char *)p)) { fprintf(stderr, "Error getting modulus and prime!\n"); RSA_free(rsa); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(-1); } if ((result = Tspi_SetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, size_n, (BYTE *)n))) { print_error("Tspi_SetAttribData (RSA modulus)", result); RSA_free(rsa); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(-1); } if ((result = Tspi_SetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PRIVATE_KEY, size_p, (BYTE *)p))) { print_error("Tspi_SetAttribData (private key)", result); RSA_free(rsa); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(-1); } if ((result = Tspi_Key_WrapKey(hKey, hSRK, 0))) { print_error("Tspi_Key_WrapKey", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } else { if ((result = Tspi_Key_CreateKey(hKey, hSRK, 0))) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } if ((result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_BLOB, &blob_size, &blob))) { print_error("Tspi_GetAttribData", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } if ((outb = BIO_new_file(filename, "w")) == NULL) { fprintf(stderr, "Error opening file for write: %s\n", filename); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(-1); } blob_str = ASN1_OCTET_STRING_new(); if (!blob_str) { fprintf(stderr, "Error allocating ASN1_OCTET_STRING\n"); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(-1); } ASN1_STRING_set(blob_str, blob, blob_size); asn1_len = i2d_ASN1_OCTET_STRING(blob_str, &blob_asn1); PEM_write_bio(outb, "TSS KEY BLOB", "", blob_asn1, asn1_len); BIO_free(outb); Tspi_Context_Close(hContext); printf("Success.\n"); return 0; }