int do_pcr_extend(int pcr, BYTE *data, size_t data_len) { TSS_RESULT ret; TSS_HCONTEXT context; TSS_HTPM tpm; BYTE *new_pcr_value; unsigned int new_pcr_value_len; assert(data_len == 20); ret = Tspi_Context_Create(&context); if (ret != TSS_SUCCESS) { fprintf(stderr, "ERROR: failed to get TSS context: %d\n", ret); return 1; } ret = Tspi_Context_Connect(context, NULL); if (ret != TSS_SUCCESS) { fprintf(stderr, "ERROR: failed to connect to TSS daemon: %d\n", ret); return 1; } ret = Tspi_Context_GetTpmObject(context, &tpm); if (ret != TSS_SUCCESS) { fprintf(stderr, "ERROR: failed to get TPM object: %d\n", ret); return 1; } ret = Tspi_TPM_PcrExtend(tpm, pcr, data_len, data, NULL /* event */, &new_pcr_value_len, &new_pcr_value); if (ret != TSS_SUCCESS) { fprintf(stderr, "ERROR: PCR extend fails with code %d\n", ret); return 1; } /* this will free new_pcr_value */ Tspi_Context_Close(context); return 0; }
int main_v1_1(void) { TSS_RESULT result; TSS_HCONTEXT hContext; TSS_HTPM hTPM; BYTE pcrValue[] = "01234567890123456789"; UINT32 ulPcrValLen = 20; BYTE *newPcrValue; UINT32 ulnewPcrValLen; // Create Context result = Tspi_Context_Create(&hContext); if (TSS_SUCCESS != result) { print_error("Tspi_Context_Create", result); exit(result); } // Connect Context result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER)); if (TSS_SUCCESS != result) { print_error("Tspi_Context_Connect", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } // Get TPM Object result = Tspi_Context_GetTpmObject(hContext, &hTPM); if (TSS_SUCCESS != result) { print_error("Tspi_Context_GetTpmObject", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } printf("ulPcrValLen:%d\n", ulPcrValLen); // Call PcrExtend result = Tspi_TPM_PcrExtend(hTPM, 15, ulPcrValLen, pcrValue, NULL, &ulnewPcrValLen, &newPcrValue); if (TSS_SUCCESS != result) { print_error("Tspi_TPM_PcrExtend", result); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); exit(result); } printf("\nSuccess\n"); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); return 0; }
int main(int argc, char **argv) { TSS_HKEY hSRK, hKey; TSS_UUID srkUUID = TSS_UUID_SRK; TSS_HPOLICY srkpol, hTPMPolicy; TSS_HTPM hTPM; TSS_PCR_EVENT event; BYTE *pcr; int ret, i, pcri; uint32_t size; char rub[20] = "BLAHBLAHBLAHBLAHBLAH"; if (argc != 2) usage(argv[0]); pcri = atoi(argv[1]); if (pcri < 0 || pcri > 23) errx(1, "PCR out of range (0-16) (no extending to dynamic PCRS this way)\n"); memset(&event, 0, sizeof(event)); event.ulPcrIndex = pcri; /* create context and connect */ ret = Tspi_Context_Create(&hContext); check("context create", ret); ret = Tspi_Context_Connect(hContext, NULL); check("context connect", ret); ret = Tspi_Context_GetTpmObject(hContext, &hTPM); check("get policy object", ret); ret = Tspi_TPM_PcrExtend(hTPM, pcri, 20, rub, &event, &size, &pcr); check("pcr extend", ret); printf("pcr %d is now: \n", pcri); for (i = 0; i < size; i++) printf("%x ", pcr[i]); printf("\n"); Tspi_Context_FreeMemory(hContext, NULL); Tspi_Context_Close(hContext); return 0; }
TSS_RESULT extend_pcr (const char * buf, const int len) { TSS_HCONTEXT hContext=0; TSS_HTPM hTPM = 0; TSS_RESULT result; TSS_HKEY hSRK = 0; TSS_HPOLICY hSRKPolicy=0; TSS_HPOLICY hOwnerPolicy=0; TSS_UUID SRK_UUID = TSS_UUID_SRK; BYTE passcode[20]; memset(passcode,0,20); memcpy (passcode, buf, len); UINT32 ulNewPcrValueLength; BYTE* NewPcrValue; result = Tspi_Context_Create (&hContext); DBG(" Create a Context\n",result); result = Tspi_Context_Connect (hContext, NULL); DBG(" Connect to TPM\n", result); // Get the TPM handle result = Tspi_Context_GetTpmObject (hContext, &hTPM); DBG(" Get TPM Handle\n",result); result = Tspi_GetPolicyObject (hTPM, TSS_POLICY_USAGE, &hOwnerPolicy); DBG( " Owner Policy\n", result); result = Tspi_TPM_PcrExtend (hTPM, 9, sizeof(passcode), passcode, NULL, &ulNewPcrValueLength, &NewPcrValue); DBG(" extend\n",result); return result; }
main_v1_1(void){ char *nameOfFunction = "Tspi_Key_CreateKeyWithPcrs01"; TSS_HCONTEXT hContext; TSS_HTPM hTPM; TSS_FLAG initFlags; TSS_HKEY hKey; TSS_HKEY hSRK; TSS_HPCRS hPcrs; TSS_RESULT result; TSS_HPOLICY srkUsagePolicy, keyUsagePolicy; BYTE *pcrValue; UINT32 pcrLen; BYTE pcrData[] = "09876543210987654321"; initFlags = TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE; print_begin_test(nameOfFunction); result = connect_load_all(&hContext, &hSRK, &hTPM); if (result != TSS_SUCCESS) { print_error("connect_load_all", result); exit(result); } //Create Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, initFlags, &hKey); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } //Get Policy Object result = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &keyUsagePolicy); if (result != TSS_SUCCESS) { print_error("Tspi_GetPolicyObject", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Set Secret result = Tspi_Policy_SetSecret(keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE, TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET); if (result != TSS_SUCCESS) { print_error("Tspi_Policy_SetSecret", result); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } //Create PCRs Object result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, 0, &hPcrs); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } //Get PCR vals from TPM result = Tspi_TPM_PcrRead(hTPM, 1, &pcrLen, &pcrValue); if (result != TSS_SUCCESS) { print_error("Tspi_TPM_PcrRead", result); Tspi_Context_Close(hContext); exit(result); } //Set PCR vals in the object result = Tspi_PcrComposite_SetPcrValue(hPcrs, 1, pcrLen, pcrValue); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } Tspi_Context_FreeMemory(hContext, pcrValue); //Get PCR vals from TPM result = Tspi_TPM_PcrRead(hTPM, 15, &pcrLen, &pcrValue); if (result != TSS_SUCCESS) { print_error("Tspi_TPM_PcrRead", result); Tspi_Context_Close(hContext); exit(result); } //Set PCR vals in the object result = Tspi_PcrComposite_SetPcrValue(hPcrs, 15, pcrLen, pcrValue); if (result != TSS_SUCCESS) { print_error("Tspi_Context_CreateObject", result); Tspi_Context_Close(hContext); exit(result); } Tspi_Context_FreeMemory(hContext, pcrValue); //Create Key result = Tspi_Key_CreateKey(hKey, hSRK, hPcrs); if (result != TSS_SUCCESS) { print_error("Tspi_Key_CreateKey", result); Tspi_Context_Close(hContext); exit(result); } /* if the key loads, the key creation is successful */ result = Tspi_Key_LoadKey(hKey, hSRK); if (result != TSS_SUCCESS) { print_error("Tspi_Key_LoadKey ", result); Tspi_Context_Close(hContext); exit(result); } /* now, encrypt and decrypt some data to see if the key "works" */ result = bind_and_unbind(hContext, hKey); if (result != TSS_SUCCESS) { print_error("bind_and_unbind ", result); Tspi_Context_Close(hContext); exit(result); } /* now, change a PCR value that the key is set to */ result = Tspi_TPM_PcrExtend(hTPM, 15, 20, pcrData, NULL, &pcrLen, &pcrValue); if (result != TSS_SUCCESS) { print_error("Tspi_TPM_PcrExtend ", result); Tspi_Context_Close(hContext); exit(result); } /* now, encrypt and decrypt some data, which should fail, since * the PCR changed */ result = bind_and_unbind(hContext, hKey); if (result != TCPA_E_WRONGPCRVAL){ if(!checkNonAPI(result)){ print_error(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } else{ print_error_nonapi(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(result); } } else{ print_success(nameOfFunction, result); print_end_test(nameOfFunction); Tspi_Context_CloseObject(hContext, hKey); Tspi_Context_Close(hContext); exit(0); } }
int main(int argc, char *argv[]) { int rc; TSS_HCONTEXT hContext; TSS_HTPM hTPM; int i; unsigned int pcr_len = 0; unsigned char *pcr_value; unsigned char sha1[20]; /* The argument being the executable */ if (argc <= 1) { printf("Must give atleast one argument\n"); exit(1); } /* Find out the currently running kernel and return its hash */ rc = get_kernel(sha1); if (rc != 0) { printf("Kernel read failed\n"); exit(1); } /* Start creating the TSS context */ rc = Tspi_Context_Create(&hContext); if (rc != TSS_SUCCESS) printf("Context creation failed!\n"); rc = Tspi_Context_Connect(hContext, NULL); if (rc != TSS_SUCCESS) printf("Context connection failed!\n"); rc = Tspi_Context_GetTpmObject(hContext, &hTPM); if (rc != TSS_SUCCESS) printf("Getting TPM Object failed\n"); rc = Tspi_TPM_PcrRead(hTPM, 16, &pcr_len, &pcr_value); printf("Length of data read: %d\n", pcr_len); for (i = 0; i < pcr_len; i++) printf("%x ", pcr_value[i]); printf("\n"); /* Trousers wonkiness - have to pass SHA1 hash */ rc = Tspi_TPM_PcrExtend(hTPM, 16, 20, sha1, NULL, &pcr_len, &pcr_value); if (rc != TSS_SUCCESS) { printf("Kernel Extend failed : %d\n", rc); } /* argv[1] is the path to secure_daemon */ rc = get_hash(argv[1], sha1); if (rc != 0) exit(1); rc = Tspi_TPM_PcrExtend(hTPM, 16, 20, sha1, NULL, &pcr_len, &pcr_value); if (rc != TSS_SUCCESS) { printf("Secure Daemon Extend failed : %d\n", rc); } printf("Length of extended PCR value: %d\n", pcr_len); for (i = 0; i < pcr_len; i++) printf("%x ", pcr_value[i]); printf("\n"); free(pcr_value); Tspi_Context_Close(hContext); return 0; }