int main(int argc, char *argv[]) { int ret; char base32_key[BASE32_LEN(keylen)+1]; unsigned char uefiblob[4100]; unsigned char blob[4096]; /* resulting sealed blob */ unsigned int bloblen; /* blob length */ unsigned char wellknown[20] = {0}; unsigned char totpstring[64]; uint32_t pcrmask = 0x000003BF; // PCRs 0-5 and 7-9 const char * hostname = "TPMTOTP"; char *outfile_name; FILE *infile; FILE *outfile; QRcode *qrcode; #ifdef CONFIG_TSS TSS_HCONTEXT context; #endif if (generate_key()) { return -1; } pcrvals = malloc(NUM_PCRS * sizeof(uint8_t*)); CHECK_MALLOC(pcrvals); static int base32_flag = 0; static int qr_flag = 1; static int nvram_flag = 0; int option_index = 0; static struct option long_options[] = { {"pcrs", required_argument, 0, 'p'}, {"nvram", no_argument, &nvram_flag, 1}, {"no-qrcode", no_argument, &qr_flag, 0}, {"base32", no_argument, &base32_flag, 1}, {"help", no_argument, 0, 'h'}, {0,0,0,0} }; if (argc == 1) { print_help(); return -1; } int c; while ((c = getopt_long(argc, argv, "p:nbh", long_options, &option_index)) != -1) { switch (c) { case 0: // Flag only break; case 'p': pcrmask = parse_pcrs(optarg); if (pcrmask == (uint32_t) -1) return -1; break; case 'h': print_help(); return 0; case 'b': base32_flag = 1; break; case 'n': nvram_flag = 1; break; case 's': qr_flag = 0; break; case '?': // Unrecognized Option print_help(); return -1; default: print_help(); } } if (!nvram_flag) { if (optind == argc) { fprintf(stderr, "Output name required!\n"); print_help(); return -1; } else { outfile_name = argv[optind]; } } base32_encode(key, keylen, base32_key); base32_key[BASE32_LEN(keylen)] = NULL; #ifdef CONFIG_TSS ret = Tspi_Context_Create(&context); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to create TPM context\n"); return -1; } ret = Tspi_Context_Connect(context, NULL); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to connect to TPM\n"); return -1; } ret = TSPI_SealCurrPCR(context, // context 0x40000000, // SRK pcrmask, wellknown, // Well-known SRK secret wellknown, // Well-known SEAL secret key, keylen, /* data to be sealed */ blob, &bloblen); /* buffer to receive result */ #else ret = TPM_SealCurrPCR( 0x40000000, // SRK pcrmask, wellknown, // Well-known SRK secret wellknown, // Well-known SEAL secret key, keylen, /* data to be sealed */ blob, &bloblen); /* buffer to receive result */ #endif if (ret != 0) { fprintf(stderr, "Error %s from TPM_Seal\n", TPM_GetErrMsg(ret)); //goto out; } sprintf(totpstring, "otpauth://totp/%s?secret=%s", hostname, base32_key); //sprintf(totpstring, "%s", base32_key); if (base32_flag) { printf("%s\n", base32_key); } printf("%s\n", totpstring); if (qr_flag) { qrcode = QRcode_encodeString(totpstring, 0, QR_ECLEVEL_L, QR_MODE_8, 1); writeANSI(qrcode); } if (nvram_flag) { uint32_t nvindex = 0x00004d47; uint32_t permissions = TPM_NV_PER_OWNERREAD|TPM_NV_PER_OWNERWRITE; #ifdef CONFIG_TSS TSS_HNVSTORE nvObject; TSS_FLAG nvattrs = 0; ret = Tspi_Context_CreateObject(context, TSS_OBJECT_TYPE_NV, nvattrs, &nvObject); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to create nvram object: %x\n", ret); goto out; } ret = Tspi_SetAttribUint32(nvObject, TSS_TSPATTRIB_NV_INDEX, 0, nvindex); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to set index\n"); goto out; } ret = Tspi_SetAttribUint32(nvObject, TSS_TSPATTRIB_NV_PERMISSIONS, 0, permissions); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to set permissions\n"); goto out; } ret = Tspi_SetAttribUint32(nvObject, TSS_TSPATTRIB_NV_DATASIZE, 0, bloblen); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to set size\n"); goto out; } ret = Tspi_NV_DefineSpace(nvObject, NULL, NULL); if (ret != TSS_SUCCESS && ret != (0x3000 | TSS_E_NV_AREA_EXIST)) { fprintf(stderr, "Unable to define space: %x\n", ret); goto out; } ret = Tspi_NV_WriteValue(nvObject, 0, bloblen, blob); if (ret != TSS_SUCCESS) { fprintf(stderr, "Unable to write to nvram\n"); goto out; } #else unsigned char * ownauth = wellknown; unsigned char * areaauth = wellknown; TPM_PCR_INFO_SHORT *pcrInfoRead = NULL; TPM_PCR_INFO_SHORT *pcrInfoWrite = NULL; ret = TPM_NV_DefineSpace2( ownauth, nvindex, bloblen, permissions, areaauth, pcrInfoRead, pcrInfoWrite); //if (ret != TPM_SUCCESS && ret != (0x3000 | TSS_E_NV_AREA_EXIST)) { if (ret != TPM_SUCCESS) { fprintf(stderr, "Unable to define space: %x\n", ret); goto out; } ret = TPM_NV_WriteValue( nvindex, 0, blob, bloblen, ownauth ); if (ret != TPM_SUCCESS) { fprintf(stderr, "Unable to write to nvram\n"); goto out; } #endif } else { outfile = fopen(outfile_name, "w"); if (outfile == NULL) { fprintf(stderr, "Unable to open output file '%s'\n", outfile_name); goto out; } if (strncmp(outfile_name, efivarfs, strlen(efivarfs)) == 0) { int attributes = 7; // NV, RT, BS memcpy(uefiblob, &attributes, sizeof(int)); memcpy(uefiblob + sizeof(int), blob, bloblen); bloblen += sizeof(int); ret = fwrite(uefiblob, 1, bloblen, outfile); } else { ret = fwrite(blob, 1, bloblen, outfile); } if (ret != bloblen) { fprintf(stderr, "I/O Error while writing output file '%s'\n", outfile_name); goto out; } } out: #ifdef CONFIG_TSS Tspi_Context_FreeMemory(context, NULL); Tspi_Context_Close(context); #endif exit(ret); }
int main_v1_2(char version) { char *nameOfFunction = "Tspi_Nv_WriteValue04"; TSS_HCONTEXT hContext = NULL_HCONTEXT; TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE TSS_HOBJECT hPolObject = NULL_HOBJECT; BYTE *auth = "123456"; UINT32 auth_length = 6; BYTE *data = "1234567890"; TSS_RESULT result; print_begin_test(nameOfFunction); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); print_error_exit(nameOfFunction, err_string(result)); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext,NULL); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create policy object for the NV object*/ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hPolObject); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolObject, TSS_SECRET_MODE_PLAIN, auth_length, auth); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_AssignToObject(hPolObject, hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_AssignToObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00050001); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_NV_WriteValue(hNVStore, /*offset*/0,/*datalength*/10, data); #ifdef NV_LOCKED if (TSS_ERROR_CODE(result)== TPM_E_BADINDEX) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else{ print_error("Tspi_NV_WriteValue", result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); if ( result == TSS_SUCCESS ) exit(-1); exit(result); } #else if (TSS_ERROR_CODE(result)== TPM_E_BADINDEX) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else{ print_error("Tspi_NV_WriteValue", result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); if ( result == TSS_SUCCESS ) exit(-1); exit(result); } #endif }
int main_v1_2(char version) { char *nameOfFunction = "Tspi_nv_WriteValue-trans02"; TSS_HCONTEXT hContext = NULL_HCONTEXT; TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE TSS_HOBJECT hPolObject = NULL_HOBJECT; TSS_HPOLICY hPolicy = NULL_HPOLICY; TSS_HTPM hTPM = NULL_HTPM; BYTE *auth = "123456"; UINT32 auth_length = 6; BYTE *data = "1234567890"; TSS_RESULT result; TSS_HKEY hSigningKey, hWrappingKey, hSRK; print_begin_test(nameOfFunction); result = connect_load_all(&hContext, &hSRK, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } result = Testsuite_Transport_Init(hContext, hSRK, hTPM, TRUE, TRUE, &hWrappingKey, &hSigningKey); if (result != TSS_SUCCESS) { print_error("Testsuite_Transport_Init", result); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create policy object for the NV object*/ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &hPolObject); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolObject, TSS_SECRET_MODE_PLAIN, auth_length, auth); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_AssignToObject(hPolObject, hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_AssignToObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011131); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the permission for the index. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_PERMISSIONS, 0, 0x4); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting permission", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the data size to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_DATASIZE, 0, 0xa); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting data size", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /*Define NV space*/ result = Tspi_NV_DefineSpace(hNVStore, 0, 0); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext,NULL); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011131); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_NV_WriteValue(hNVStore, /*offset*/0,/*datalength*/10, data); #ifdef CLEAR_TEST_INDEX Tspi_Context_GetTpmObject(hContext, &hTPM); Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy); Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); Tspi_NV_ReleaseSpace(hNVStore); #endif #ifdef NV_LOCKED if (TSS_ERROR_CODE(result) != TPM_E_AUTH_CONFLICT) #else if (TSS_ERROR_CODE(result) != TSS_SUCCESS) #endif { print_error("Tspi_NV_WriteValue", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Testsuite_Transport_Final(hContext, hSigningKey); if (TSS_ERROR_CODE(result)== TSS_SUCCESS) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else { print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); if ( result == TSS_SUCCESS ) exit(-1); exit(result); } }
int main_v1_2(char version) { char *nameOfFunction = "Tspi_Nv_WriteValue08"; TSS_HCONTEXT hContext = NULL_HCONTEXT; TSS_HNVSTORE hNVStore = 0;//NULL_HNVSTORE TSS_HOBJECT hPolObject = NULL_HOBJECT; TSS_HPOLICY hPolicy = NULL_HPOLICY; TSS_HTPM hTPM = NULL_HTPM; TSS_RESULT result; print_begin_test(nameOfFunction); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); print_error_exit(nameOfFunction, err_string(result)); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext,NULL); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #ifdef NV_LOCKED /* Get TPM object */ result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (result != TSS_SUCCESS) { print_error("Tspi_Context_GetTpmObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set password */ result = Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } #endif /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011139); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the permission for the index. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_PERMISSIONS, 0, 0x2000); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting permission", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the data size to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_DATASIZE, 0, 0xa); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting data size", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /*Define NV space*/ result = Tspi_NV_DefineSpace(hNVStore, 0, 0); //Create Context result = Tspi_Context_Create(&hContext); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Create ", result); print_error_exit(nameOfFunction, err_string(result)); exit(result); } //Connect Context result = Tspi_Context_Connect(hContext,NULL); if (result != TSS_SUCCESS) { print_error("Tspi_Context_Connect", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Create TPM NV object */ result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_NV, 0,&hNVStore); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } /* Set the index to be defined. */ result = Tspi_SetAttribUint32(hNVStore, TSS_TSPATTRIB_NV_INDEX, 0,0x00011139); if (result != TSS_SUCCESS) { print_error("Tspi_SetAttribUint32 for setting NV index", result); print_error_exit(nameOfFunction, err_string(result)); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } result = Tspi_NV_WriteValue(hNVStore, /*offset*/0,/*datalength*/9, NULL); #ifdef CLEAR_TEST_INDEX Tspi_Context_GetTpmObject(hContext, &hTPM); Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hPolicy); Tspi_Policy_SetSecret(hPolicy, TESTSUITE_OWNER_SECRET_MODE, TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET); Tspi_NV_ReleaseSpace(hNVStore); #endif #ifdef NV_LOCKED if (TSS_ERROR_CODE(result)== TSS_E_BAD_PARAMETER) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else{ print_error("Tspi_NV_WriteValue", result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); if ( result == TSS_SUCCESS ) exit(-1); exit(result); } #else if (TSS_ERROR_CODE(result)== TSS_E_BAD_PARAMETER) { print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(0); } else{ print_error("Tspi_NV_WriteValue", result); print_end_test(nameOfFunction); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); if ( result == TSS_SUCCESS ) exit(-1); exit(result); } #endif }