Пример #1
0
main_v1_1(void){

	char		*nameOfFunction = "Tspi_GetAttribData09";
	TSS_HCONTEXT	hContext;
	TSS_RESULT	result;
	TSS_HKEY	hSRK;
	BYTE*		BLOB;
	UINT32		BlobLength;

	print_begin_test(nameOfFunction);

		//Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create ", result);
		exit(result);
	}
		//Connect Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Load Key by UUID for SRK
	result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
				SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Call GetAttribData
	result = Tspi_GetAttribData(hSRK, TSS_TSPATTRIB_KEY_BLOB, TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY,
				    &BlobLength, &BLOB);
	if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #2
0
int main(int argc,char **argv)
{
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_RESULT result;
TSS_HKEY hSRK=0;
TSS_HPOLICY hSRKPolicy=0;
TSS_UUID SRK_UUID=TSS_UUID_SRK;
BYTE wks[20]; //For the well known secret
// Set wks to the well known secret: 20 bytes of all 0’s
memset(wks,0,20);



//Pick the TPM you are talking to.
// In this case, it is the system TPM (indicated with NULL).
result = Tspi_Context_Create( &hContext);
DBG("Create Context",result);
result = Tspi_Context_Connect(hContext, NULL);
DBG("Context Connect�",result);
// Get the TPM handle
result=Tspi_Context_GetTpmObject(hContext,&hTPM);
DBG("Get TPM Handle",result);
// Get the SRK handle
result=Tspi_Context_LoadKeyByUUID(hContext,TSS_PS_TYPE_SYSTEM,SRK_UUID,&hSRK);
DBG("Got the SRK handle�", result);
//Get the SRK policy
result = Tspi_GetPolicyObject(hSRK,TSS_POLICY_USAGE,&hSRKPolicy);
DBG("Got the SRK policy",result);
//Then set the SRK policy to be the well known secret
result=Tspi_Policy_SetSecret(hSRKPolicy,TSS_SECRET_MODE_SHA1,20,wks);

//Note: TSS SECRET MODE SHA1 says ”Don’t hash this.
// Use the 20 bytes as they are.
DBG("Set the SRK secret in its policy",result);

//Do something usefull

TSS_UUID MY_UUID=BACKUP_KEY_UUID;

TSS_HKEY hESS_Bind_Key;
result=Tspi_Context_GetKeyByUUID(hContext,TSS_PS_TYPE_SYSTEM,MY_UUID,&hESS_Bind_Key);
DBG("Get key handle", result);
printf("Unregistering key\r\n");
result=Tspi_Context_UnregisterKey(hContext,TSS_PS_TYPE_SYSTEM,MY_UUID,&hESS_Bind_Key);
DBG("Unregister key",result);




//Done doing something usefull

// Context Close(hobjects you have created);
Tspi_Context_FreeMemory(hContext,NULL);
// This frees up memory automatically allocated for you.
Tspi_Context_Close(hContext);
return 0;
}
Пример #3
0
static int tpm_open_session(struct tpm_ctx_st *s, const char *srk_password)
{
	int err, ret;

	err = Tspi_Context_Create(&s->tpm_ctx);
	if (err) {
		gnutls_assert();
		return tss_err(err);
	}

	err = Tspi_Context_Connect(s->tpm_ctx, NULL);
	if (err) {
		gnutls_assert();
		ret = tss_err(err);
		goto out_tspi_ctx;
	}

	err =
	    Tspi_Context_LoadKeyByUUID(s->tpm_ctx, TSS_PS_TYPE_SYSTEM,
				       srk_uuid, &s->srk);
	if (err) {
		gnutls_assert();
		ret = tss_err(err);
		goto out_tspi_ctx;
	}

	err =
	    Tspi_GetPolicyObject(s->srk, TSS_POLICY_USAGE, &s->srk_policy);
	if (err) {
		gnutls_assert();
		ret = tss_err(err);
		goto out_srk;
	}

	err = myTspi_Policy_SetSecret(s->srk_policy,
				      SAFE_LEN(srk_password),
				      (BYTE *) srk_password);
	if (err) {
		gnutls_assert();
		ret = tss_err(err);
		goto out_srkpol;
	}

	return 0;

      out_srkpol:
	Tspi_Context_CloseObject(s->tpm_ctx, s->srk_policy);
	s->srk_policy = 0;
      out_srk:
	Tspi_Context_CloseObject(s->tpm_ctx, s->srk);
	s->srk = 0;
      out_tspi_ctx:
	Tspi_Context_Close(s->tpm_ctx);
	s->tpm_ctx = 0;
	return ret;

}
Пример #4
0
int
main_v1_1(void){

	TSS_HCONTEXT	hContext;
	TSS_RESULT	result;
	TSS_HKEY	hSRK, hKey2;
	TSS_UUID	uuid0, uuid1, uuid2, SRK_UUID = TSS_UUID_SRK;
	TSS_UUID	*uuids[] = { &uuid0, &uuid1, &uuid2, NULL };

	print_begin_test(nameOfFunction);

	memset(&uuid0, 0x5a, sizeof(TSS_UUID));
	memset(&uuid1, 0x5b, sizeof(TSS_UUID));
	memset(&uuid2, 0x5c, sizeof(TSS_UUID));

		//Create Result
	result = connect_load_srk(&hContext, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create ", result);
		exit(result);
	}

	if ((result = store_keys(hContext, hSRK, &SRK_UUID, uuids))) {
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext,
					    TSS_PS_TYPE_SYSTEM,
					    uuid2, &hKey2);
	if (result != TSS_SUCCESS) {
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #5
0
static int
import_tpm_pubkey(gnutls_pubkey_t pkey,
		  const gnutls_datum_t * fdata,
		  gnutls_tpmkey_fmt_t format,
		  TSS_UUID * uuid,
		  TSS_FLAG storage, const char *srk_password)
{
	int err, ret;
	struct tpm_ctx_st s;

	ret = tpm_open_session(&s, srk_password);
	if (ret < 0)
		return gnutls_assert_val(ret);

	if (fdata != NULL) {
		ret =
		    load_key(s.tpm_ctx, s.srk, fdata, format, &s.tpm_key);
		if (ret < 0) {
			gnutls_assert();
			goto out_session;
		}
	} else if (uuid) {
		err =
		    Tspi_Context_LoadKeyByUUID(s.tpm_ctx, storage,
					       *uuid, &s.tpm_key);
		if (err) {
			gnutls_assert();
			ret = tss_err(err);
			goto out_session;
		}
	} else {
		gnutls_assert();
		ret = GNUTLS_E_INVALID_REQUEST;
		goto out_session;
	}

	ret = read_pubkey(pkey, s.tpm_key, NULL);
	if (ret < 0) {
		gnutls_assert();
		goto out_session;
	}

	ret = 0;
      out_session:
	tpm_close_session(&s);
	return ret;
}
Пример #6
0
int
main_v1_1(void){

	char		*nameOfFunction = "Tspi_Context_LoadKeyByUUID02";
	TSS_HCONTEXT	hContext;
	TSS_RESULT	result;
	TSS_HKEY	hSRK;

	print_begin_test(nameOfFunction);

		//Create Result
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create ", result);
		exit(result);
	}
		//Load Key By UUID 
	result = Tspi_Context_LoadKeyByUUID(-1,
		TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
	if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #7
0
int main(int argc, char **argv)
{
	TSS_HCONTEXT hContext=0;
	TSS_HTPM hTPM = 0;
	TSS_RESULT result;
	TSS_HKEY hSRK = 0;
	TSS_HPOLICY hSRKPolicy=0;
	TSS_UUID SRK_UUID = TSS_UUID_SRK;
	//By default SRK is 20bytes 0
	//takeownership -z
	BYTE wks[20]; 
	memset(wks,0,20);
	//At the beginning 
	//Create context and get tpm handle
	result =Tspi_Context_Create(&hContext);
	DBG("Create a context\n", result);
	result=Tspi_Context_Connect(hContext, NULL);
	DBG("Connect to TPM\n", result);
	result=Tspi_Context_GetTpmObject(hContext, &hTPM);
	DBG("Get TPM handle\n", result);
	//Get SRK handle
	//This operation need SRK secret when you takeownership
	//if takeownership -z the SRK is wks by default
	result=Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
	DBG("Get SRK handle\n", result);
	result=Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy);
	DBG("Get SRK Policy\n", result);
	result=Tspi_Policy_SetSecret(hSRKPolicy,TSS_SECRET_MODE_SHA1,20, wks);
	DBG("Tspi_Policy_SetSecret\n", result);

	//At the end of program 
	//Cleanup some object 
	result = Tspi_Context_FreeMemory(hContext, NULL);
	DBG("Tspi Context Free Memory\n", result);
	result = Tspi_Context_Close(hContext);
	DBG("Tspi Context Close\n", result);
	return 0;
}
Пример #8
0
main_v1_2(char version){

	char		*nameOfFunction = "Tspi_TPM_KeyControlOwner01";
	TSS_RESULT	result;
	TSS_HCONTEXT	hContext;
	TSS_HTPM	hTPM;
	TSS_FLAG	initFlags;
	TSS_HKEY	hSRK;
	TSS_HKEY	hKey;
	TSS_HKEY	hTargetPubKey;
	TSS_HPOLICY	hTpmPolicy, hSrkPolicy;
	TSS_UUID	Uuid;

	print_begin_test(nameOfFunction);

		//Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create", result);
		exit(result);
	}
		//Connect Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		exit(result);
	}

		//Create Object
	result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
					   TSS_KEY_SIZE_2048 |
					   TSS_KEY_TYPE_SIGNING, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Get TPM Object
	result = Tspi_Context_GetTpmObject(hContext, &hTPM);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_GetTpmObject", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Requires Owner auth - get policy
	result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTpmPolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject ", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Set Owner Secret
	result = Tspi_Policy_SetSecret(hTpmPolicy, TESTSUITE_OWNER_SECRET_MODE,
				       TESTSUITE_OWNER_SECRET_LEN,
				       TESTSUITE_OWNER_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error("Tspi_Policy_SetSecret (Owner)", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Get SRK Key
	result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID ", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Requires SRK auth - get policy
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSrkPolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject ", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Set SRK Secret
	result = Tspi_Policy_SetSecret(hSrkPolicy, TESTSUITE_SRK_SECRET_MODE,
				       TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error("Tspi_Policy_SetSecret (Owner)", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Create Key
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_CreateKey", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Load key
	result = Tspi_Key_LoadKey(hKey, hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_LoadKey", result);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Set Ownerevict bit
	result = Tspi_TPM_KeyControlOwner(hTPM, hKey, TSS_TSPATTRIB_KEYCONTROL_OWNEREVICT,
					  TRUE, &Uuid);
	if (result != TSS_SUCCESS) {
		print_error(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(result);
	} else {
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #9
0
int TSPI_SealCurrPCR(TSS_HCONTEXT c, uint32_t keyhandle, uint32_t pcrmap,
			 unsigned char *keyauth,
			 unsigned char *dataauth,
			 unsigned char *data, unsigned int datalen,
			 unsigned char *blob, unsigned int *bloblen)
{

#define CHECK_ERROR(r,m) if (r != TSS_SUCCESS) { fprintf(stderr, m ": 0x%08x\n", r); return -1;}

	TSS_RESULT r = 0;
	TSS_HTPM tpm;
	TSS_HPCRS pcrComposite;
	TSS_UUID uuid;
	TSS_UUID srk_uuid = TSS_UUID_SRK;
	TSS_HKEY key;
	TSS_HENCDATA seal;
	TSS_HPOLICY key_policy, seal_policy;
	unsigned char *cipher;
	unsigned int cipher_len;

	/* Get the PCR values into composite object */
	r = Tspi_Context_GetTpmObject(c, &tpm);
	CHECK_ERROR(r, "Error Getting TPM");
	r = Tspi_Context_CreateObject(c, TSS_OBJECT_TYPE_PCRS, TSS_PCRS_STRUCT_INFO_LONG, &pcrComposite);
	CHECK_ERROR(r, "Error Creating PCR-Composite");
	r = Tspi_PcrComposite_SetPcrLocality(pcrComposite, TPM_LOC_ZERO | TPM_LOC_ONE |
				TPM_LOC_TWO | TPM_LOC_THREE | TPM_LOC_FOUR);
	CHECK_ERROR(r, "Error Setting Localities");

	for (uint32_t pcrmask = 1, pcr = 0; pcr < NUM_PCRS; pcr++, pcrmask <<= 1) {
		if ((pcrmap & pcrmask) != 0) {
			uint32_t pcrval_size;
			uint8_t *pcrval;
			if (pcrvals[pcr] == NULL) {
			     r = Tspi_TPM_PcrRead(tpm, pcr, &pcrval_size, &pcrval);
			     CHECK_ERROR(r, "Error Reading PCR");
			     r = Tspi_PcrComposite_SetPcrValue(pcrComposite, pcr, pcrval_size, pcrval);
			     CHECK_ERROR(r, "Error Setting Composite");
			     r = Tspi_Context_FreeMemory(c, pcrval);
			     CHECK_ERROR(r, "Error Freeing Memory");
			}
			else {
			     pcrval = pcrvals[pcr];
			     r = Tspi_PcrComposite_SetPcrValue(pcrComposite, pcr, LEN, pcrval);
			     CHECK_ERROR(r, "Error Setting Composite");
			}
		}
	}

	/* Get the SRK and Policy Ready */
	if (keyhandle = 0x40000000) {
		uuid = srk_uuid;
	} else {
		fprintf(stderr, "Error, only SRK currently supported\n");
		r = 1;
		return -1;
	}
	r = Tspi_Context_LoadKeyByUUID(c, TSS_PS_TYPE_SYSTEM, uuid, &key);
	CHECK_ERROR(r, "Error Loading Key");
	r = Tspi_Context_CreateObject(c, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &key_policy);
	CHECK_ERROR(r, "Error Creating Policy");
	r = Tspi_Policy_SetSecret(key_policy, TSS_SECRET_MODE_SHA1, keylen, keyauth);
	CHECK_ERROR(r, "Error Setting Secret");
	r = Tspi_Policy_AssignToObject(key_policy, key);
	CHECK_ERROR(r, "Error Assigning Policy");

	/* Get the Encdata Ready */
	r = Tspi_Context_CreateObject(c, TSS_OBJECT_TYPE_ENCDATA, TSS_ENCDATA_SEAL, &seal);
	CHECK_ERROR(r, "Error Creating EncData");
	r = Tspi_Context_CreateObject(c, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE, &seal_policy);
	CHECK_ERROR(r, "Error Creating Policy");
	r = Tspi_Policy_SetSecret(seal_policy, TSS_SECRET_MODE_SHA1, keylen, dataauth);
	CHECK_ERROR(r, "Error Setting Secret");
	r = Tspi_Policy_AssignToObject(seal_policy, seal);
	CHECK_ERROR(r, "Error Assigning Policy");

	/* Seal the Data */
	r = Tspi_Data_Seal(seal, key, datalen, data, pcrComposite);
	CHECK_ERROR(r, "Error Sealing Data");
	r = Tspi_GetAttribData(seal, TSS_TSPATTRIB_ENCDATA_BLOB,
                                   TSS_TSPATTRIB_ENCDATABLOB_BLOB,
                                   &cipher_len, &cipher);
	CHECK_ERROR(r, "Error Getting Sealed Data");

	/* Return that stuff */
	if (cipher_len > bloblen) {
		sprintf(stderr, "Internal Error, cipher too long");
		r = 1;
		return -1;
	}
	memcpy(blob, cipher, cipher_len);
	*bloblen = cipher_len;

	/* Note: Do not even bother to return cipher directly. Would be freed during Context_Close anyways */
	Tspi_Context_FreeMemory(c, cipher);

	return (r == 0)? 0 : -1;
}
Пример #10
0
int
main(int argc, char **argv)
{
	RSA			*rsa = NULL;
	TSS_HCONTEXT 		hContext;
	TSS_HKEY 		hKey, hSRK, hCAKey;
	TSS_HPOLICY 		hTPMPolicy, hidpol;
	TSS_UUID 		srkUUID = TSS_UUID_SRK;
	TSS_HPOLICY		srkpol;
	TSS_HTPM 		hTPM;
	UINT32			idbloblen, ch;
	int			ret,i, blobos, fd;
	BYTE			*srkpass, *tpmpass;
	BYTE			*blobo, *idblob;

	srkpass = tpmpass = NULL;
	while ((ch = getopt(argc, argv, "hs:t:")) != -1) {
		switch (ch) {
			case 's':
				srkpass = optarg;
				break;
			case 't':
				tpmpass = optarg;
				break;
			case 'h':
			default:
				usage(argv[0]);
				break;
		}
	}

	if (!srkpass || !tpmpass)
		usage(argv[0]);

	/* create context and connect */
	ret = Tspi_Context_Create(&hContext);
	check_fail("context create", ret);
	ret = Tspi_Context_Connect(hContext, NULL);
	check_fail("context connect", ret);

	ret = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, srkUUID,
	    &hSRK);
	check_fail("loadkeybyuuid", ret);

	ret = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkpol);
	check_fail("get policy object", ret);
	//ret = Tspi_Policy_SetSecret(srkpol, TSS_SECRET_MODE_PLAIN, 4, "1234");
	ret = Tspi_Policy_SetSecret(srkpol, TSS_SECRET_MODE_PLAIN,
	    strlen(srkpass), srkpass);
	check_fail("policy set secret", ret);

	ret = Tspi_Context_GetTpmObject(hContext, &hTPM);
	check_fail("get policy object", ret);

	//Insert the owner auth into the TPM's policy
	ret = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &hTPMPolicy);
	check_fail("get tpm policy", ret);

	ret = Tspi_Policy_SetSecret(hTPMPolicy, TSS_SECRET_MODE_PLAIN,
		strlen(tpmpass), tpmpass);
	check_fail("set owner secret", ret);

	ret = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, 
		  //TSS_KEY_TYPE_STORAGE
		  TSS_KEY_TYPE_IDENTITY
		  //TSS_KEY_TYPE_SIGNING
		| TSS_KEY_SIZE_2048 | TSS_KEY_NO_AUTHORIZATION
		| TSS_KEY_NOT_MIGRATABLE | TSS_KEY_VOLATILE
		, &hKey);
	check_fail("create object - key", ret);

	ret = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &hidpol);
	check_fail("get id key policy", ret);

	ret = Tspi_Policy_SetSecret(hidpol, TSS_SECRET_MODE_PLAIN,
	    strlen(srkpass), srkpass);
	check_fail("set idkey secret", ret);

	/* We must create this fake privacy CA key in software so that
	 * Tspi_TPM_CollateIdentityRequest will happily work.  It needs it to
	 * create the cert request which is required in a normal remote
	 * attestion procedure.  It is not needed in our setup though.
	 */
	ret = make_fake_key(hContext, &hCAKey, &rsa, RSA_PKCS1_OAEP_PADDING);
	check_fail("ca nonsense", ret);

	/* We do not care about idblob - that is the certificate request that
	 * we are supposed to send to our CA in normal remote attestation.  The
	 * fifth argument is our identity label (it is supposed to be unicode).
	 */
	ret = Tspi_TPM_CollateIdentityRequest(hTPM, hSRK, hCAKey, 8, "id label",
	    hKey, TSS_ALG_3DES, &idbloblen, &idblob);
	check_fail("collate id", ret);

	blobo = NULL;
	/*ret = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB,
	    TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobos, &blobo);*/
	ret = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB,
	    TSS_TSPATTRIB_KEYBLOB_BLOB, &blobos, &blobo);
	check_fail("get blob", ret);

	if (!blobo) {
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		FATAL("no blobo");
	}

	printf("size: %d\n", blobos);
	for (i = 0;i < blobos; i++) {
		printf("\\x%x", blobo[i]);
	}
	printf("\n");

	fd = open("key.blob", O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR);
	if (fd == -1) {
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		FATAL("Open\n");
	}
	ret = write(fd, blobo, blobos);
	if (ret != blobos)
		printf("Warning: couldn't write the whole key\n");
	close(fd);

	Tspi_Context_FreeMemory(hContext, NULL);
	Tspi_Context_Close(hContext);

	return 0;
}
Пример #11
0
int
main_v1_1( void )
{
	char		*function = "key_auth_chain02";
	TSS_HCONTEXT    hContext;
	TSS_HKEY        hSRK;
	TSS_HKEY	hKey0, hKey1, hKey2;
	TSS_RESULT	result;
	TSS_HENCDATA	hEncData;
	TSS_HPOLICY	srkUsagePolicy, keyUsagePolicy;
	int temp;

	print_begin_test( function );

	srand(time(0));

		// Create Context
	result = Tspi_Context_Create( &hContext );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Create", result );
		print_error_exit( function, err_string(result) );
		exit( result );
	}

		// Connect to Context
	result = Tspi_Context_Connect( hContext, NULL );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Connect", result );
		goto done;
	}

		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
						uuid_2, &hKey2 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
		goto done;
	}

	result = Tspi_Context_CreateObject( hContext,
						TSS_OBJECT_TYPE_ENCDATA,
						TSS_ENCDATA_BIND, &hEncData );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (hEncData)", result );
		goto done;
	}

		// Data Bind
	result = Tspi_Data_Bind( hEncData, hKey2, ulDataLength, rgbDataToBind );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Data_Bind", result );
		goto done;
	}


	result = Tspi_Data_Unbind( hEncData, hKey2, &pulDataLength, &prgbDataToUnBind );
	if ( result != TSS_SUCCESS )
	{
		if( !(checkNonAPI(result)) )
		{
			print_error( function, result );
			goto done;
		}
		else
		{
			print_error_nonapi( function, result );
			goto done;
		}
	}
	else
	{
		if ((pulDataLength == ulDataLength) &&
			!memcmp(prgbDataToUnBind, rgbDataToBind, pulDataLength))
			print_success( function, result );
		else{
			printf("Data doesn't match");
			print_error("Data doestn't match: Tspi_Data_Unbind", TSS_E_FAIL);
		}
		
	}


#if 0
#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
					&srkUsagePolicy );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetPolicyObject", result );
		goto done;
	}

		//Set Secret
	result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
				TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Policy_SetSecret", result );
		goto done;
	}
#endif

	/* ######## Start Key 0 ######## */
	result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
						TSS_KEY_SIZE_2048 |
						TSS_KEY_TYPE_STORAGE |
						TSS_KEY_NO_AUTHORIZATION,
						&hKey0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (key 0)", result );
		goto done;
	}

	result = Tspi_Key_CreateKey( hKey0, hSRK, 0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_CreateKey (key 0)", result );
		goto done;
	}

	result = Tspi_Context_RegisterKey( hContext, hKey0,
						TSS_PS_TYPE_SYSTEM,
						uuid_0,
						TSS_PS_TYPE_SYSTEM,
						SRK_UUID );
	if ( (result != TSS_SUCCESS) )
	{
		print_error( "Tspi_Context_RegisterKey (uuid_0)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		goto done;
	}
	fprintf( stderr, "\t\tKey 0 Finished\n" );
	/* ######## End Key 0 ######## */

	/* ######## Start Key 1 ######## */
	result = Tspi_Context_CreateObject( hContext,
						TSS_OBJECT_TYPE_RSAKEY,
						TSS_KEY_AUTHORIZATION,
						&hKey1 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (key 1)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		goto done;
	}

	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
                                                uuid_0, &hKey0 );
        if ( result != TSS_SUCCESS )
        {
                print_error( "Tspi_Context_LoadKeyByUUID (hKey0)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		goto done;
        }

	result = Tspi_GetPolicyObject( hKey1, TSS_POLICY_USAGE,
					&keyUsagePolicy );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetPolicyObject", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		goto done;
	}

		//Set Secret
	result = Tspi_Policy_SetSecret( keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
				TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Policy_SetSecret", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		goto done;
	}

	result = Tspi_Key_CreateKey( hKey1, hKey0, 0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_CreateKey (key 1)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		goto done;
	}

	result = Tspi_Context_RegisterKey( hContext, hKey1,
						TSS_PS_TYPE_SYSTEM,
						uuid_1,
						TSS_PS_TYPE_SYSTEM,
						uuid_0 );
	if ( (result != TSS_SUCCESS) )
	{
		print_error( "Tspi_Context_RegisterKey (uuid_1)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		goto done;
	}
	fprintf( stderr, "\t\tKey 1 Finished\n" );
	/* ######## End Key 1 ######## */

	/* ######## Start Key 2 ######## */
	result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
						TSS_KEY_NO_AUTHORIZATION,
						&hKey2 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (key 2)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
		goto done;
	}

	result = Tspi_Key_LoadKey( hKey1, hKey0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (hKey1)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
		goto done;
	}

	result = Tspi_Key_CreateKey( hKey2, hKey1, 0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_CreateKey (key 2)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
		goto done;
	}

	result = Tspi_Context_RegisterKey( hContext, hKey2,
						TSS_PS_TYPE_SYSTEM,
						uuid_2,
						TSS_PS_TYPE_SYSTEM,
						uuid_1 );
	if ( (result != TSS_SUCCESS) )
	{
		print_error( "Tspi_Context_RegisterKey (uuid_2)", result );
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_0, &hKey0);
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM, uuid_1, &hKey1);
		goto done;
	}
	fprintf( stderr, "\t\tKey 2 Finished\n" );
	/* ######## End Key 2 ######## */
#endif

	Tspi_Context_FreeMemory( hContext, NULL );
	Tspi_Context_Close( hContext );
	exit( result );

done:
	print_error_exit( function, err_string(result) );
	Tspi_Context_FreeMemory( hContext, NULL );
	Tspi_Context_Close( hContext );
	exit( result );
}
Пример #12
0
int
main_v1_1( void )
{
	char		*function = "Tspi_GetPolicyObject01";
	TSS_HCONTEXT	hContext;
	TSS_HKEY	hSRK;
	TSS_RESULT	result;
	UINT32		exitCode;
	TSS_HPOLICY	srkUsagePolicy;

	print_begin_test( function );

		// Create Context
	result = Tspi_Context_Create( &hContext );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Create", result );
		exit( result );
	}

		// Connect to Context
	result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Connect", result );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
						SRK_UUID, &hSRK );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Get Policy Object
	result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
					&srkUsagePolicy );
	if ( result != TSS_SUCCESS )
	{
		if( !(checkNonAPI(result)) )
		{
			print_error( function, result );
			print_end_test( function );
			Tspi_Context_Close( hContext );
			exit(result);
		}
		else
		{
			print_error_nonapi( function, result );
			print_end_test( function );
			Tspi_Context_Close( hContext );
			exit(result);
		}
	}
	else
	{
		print_success( function, result );
		exitCode = 0;
	}

	print_end_test( function );
	Tspi_Context_Close( hContext );
	exit( exitCode );
}
Пример #13
0
int main(int argc, char **argv)
{
	TSS_HCONTEXT	hContext;
	TSS_FLAG	initFlags = TSS_KEY_TYPE_LEGACY | TSS_KEY_VOLATILE;
	TSS_HKEY	hKey;
	TSS_HKEY	hSRK;
	TSS_RESULT	result;
	TSS_HPOLICY	srkUsagePolicy, keyUsagePolicy, keyMigrationPolicy;
	BYTE		*blob;
	UINT32		blob_size, srk_authusage;
	BIO		*outb;
	ASN1_OCTET_STRING *blob_str;
	unsigned char	*blob_asn1 = NULL;
	int		asn1_len;
	char		*filename, c, *openssl_key = NULL;
	int		option_index, auth = 0, popup = 0, wrap = 0, well_known = 0;
	UINT32		enc_scheme = TSS_ES_RSAESPKCSV15;
	UINT32		sig_scheme = TSS_SS_RSASSAPKCS1V15_DER;
	UINT32		key_size = 2048;
	RSA		*rsa;

	while (1) {
		option_index = 0;
		c = getopt_long(argc, argv, "pe:q:s:azhw:",
				long_options, &option_index);
		if (c == -1)
			break;

		switch (c) {
			case 'a':
				initFlags |= TSS_KEY_AUTHORIZATION;
				auth = 1;
				break;
			case 'h':
				usage(argv[0]);
				break;
			case 's':
				key_size = atoi(optarg);
				break;
			case 'e':
				if (!strncasecmp("oaep", optarg, 4)) {
					enc_scheme = TSS_ES_RSAESOAEP_SHA1_MGF1;
				} else if (strncasecmp("pkcs", optarg, 4)) {
					usage(argv[0]);
				}
				break;
			case 'q':
				if (!strncasecmp("der", optarg, 3)) {
					sig_scheme = TSS_SS_RSASSAPKCS1V15_SHA1;
				} else if (strncasecmp("sha", optarg, 3)) {
					usage(argv[0]);
				}
				break;
			case 'p':
				initFlags |= TSS_KEY_AUTHORIZATION;
				auth = 1;
				popup = 1;
				break;
			case 'w':
				initFlags |= TSS_KEY_MIGRATABLE;
				wrap = 1;
				openssl_key = optarg;
				break;
			case 'z':
				well_known = 1;
				break;
			default:
				usage(argv[0]);
				break;
		}
	}

	/* set up the key option flags */
	switch (key_size) {
		case 512:
			initFlags |= TSS_KEY_SIZE_512;
			break;
		case 1024:
			initFlags |= TSS_KEY_SIZE_1024;
			break;
		case 2048:
			initFlags |= TSS_KEY_SIZE_2048;
			break;
		case 4096:
			initFlags |= TSS_KEY_SIZE_4096;
			break;
		case 8192:
			initFlags |= TSS_KEY_SIZE_8192;
			break;
		case 16384:
			initFlags |= TSS_KEY_SIZE_16384;
			break;
		default:
			usage(argv[0]);
			break;
	}
#if 0
	while (argc--) {
		printf("argv[%d] = \"%s\"\n", argc, argv[argc]);
	}
	exit(1);
#endif
	filename = argv[argc - 1];
	if (argc < 2 || filename[0] == '-')
		usage(argv[0]);

		//Create Context
	if ((result = Tspi_Context_Create(&hContext))) {
		print_error("Tspi_Context_Create", result);
		exit(result);
	}
		//Connect Context
	if ((result = Tspi_Context_Connect(hContext, NULL))) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Create Object
	if ((result = Tspi_Context_CreateObject(hContext,
						TSS_OBJECT_TYPE_RSAKEY,
						initFlags, &hKey))) {
		print_error("Tspi_Context_CreateObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
					   TSS_TSPATTRIB_KEYINFO_SIGSCHEME,
					   sig_scheme))) {
		print_error("Tspi_SetAttribUint32", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	if ((result = Tspi_SetAttribUint32(hKey, TSS_TSPATTRIB_KEY_INFO,
					   TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
					   enc_scheme))) {
		print_error("Tspi_SetAttribUint32", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Load Key By UUID
	if ((result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
						 SRK_UUID, &hSRK))) {
		print_error("Tspi_Context_LoadKeyByUUID", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	if ((result = Tspi_GetAttribUint32(hSRK, TSS_TSPATTRIB_KEY_INFO,
					   TSS_TSPATTRIB_KEYINFO_AUTHUSAGE,
					   &srk_authusage))) {
		print_error("Tspi_GetAttribUint32", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	if (srk_authusage) {

		if ((result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
						   &srkUsagePolicy))) {
			print_error("Tspi_GetPolicyObject", result);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}

		if (well_known) {

			BYTE well_known_secret[] = TSS_WELL_KNOWN_SECRET;

			//Set Well Known Secret
			if ((result = Tspi_Policy_SetSecret(srkUsagePolicy,
							TSS_SECRET_MODE_SHA1,
							sizeof(well_known_secret),
							(BYTE *)well_known_secret))) {
				print_error("Tspi_Policy_SetSecret", result);
				Tspi_Context_Close(hContext);
				exit(result);
			}
		} else {

			char *authdata = calloc(1, 128);

			if (!authdata) {
				fprintf(stderr, "malloc failed.\n");
				Tspi_Context_Close(hContext);
				exit(result);
			}

			if (EVP_read_pw_string(authdata, 128, "SRK Password: "******"Tspi_Policy_SetSecret", result);
				free(authdata);
				Tspi_Context_Close(hContext);
				exit(result);
			}

			free(authdata);
		}
	}

	if (auth) {
		if ((result = Tspi_Context_CreateObject(hContext,
							TSS_OBJECT_TYPE_POLICY,
							TSS_POLICY_USAGE,
							&keyUsagePolicy))) {
			print_error("Tspi_Context_CreateObject", result);
			Tspi_Context_Close(hContext);
			exit(result);
		}

		if (popup) {
			//Set Secret
			if ((result = Tspi_Policy_SetSecret(keyUsagePolicy,
							    TSS_SECRET_MODE_POPUP,
							    0, NULL))) {
				print_error("Tspi_Policy_SetSecret", result);
				Tspi_Context_Close(hContext);
				exit(result);
			}
		} else {
			char *authdata = calloc(1, 128);

			if (!authdata) {
				fprintf(stderr, "malloc failed.\n");
				Tspi_Context_Close(hContext);
				exit(result);
			}

			if (EVP_read_pw_string(authdata, 128,
						"Enter Key Usage Password: "******"Passwords do not match.\n");
				free(authdata);
				Tspi_Context_Close(hContext);
				exit(result);
			}

			//Set Secret
			if ((result = Tspi_Policy_SetSecret(keyUsagePolicy,
							    TSS_SECRET_MODE_PLAIN,
							    strlen(authdata),
							    (BYTE *)authdata))) {
				print_error("Tspi_Policy_SetSecret", result);
				free(authdata);
				Tspi_Context_Close(hContext);
				exit(result);
			}

			free(authdata);
		}

		if ((result = Tspi_Policy_AssignToObject(keyUsagePolicy, hKey))) {
			print_error("Tspi_Policy_AssignToObject", result);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}

	// Create or Wrap Key
	if (wrap) {
		char n[256], p[128];
		unsigned int size_n, size_p;
		BYTE *pubSRK;

		/*Set migration policy needed to wrap the key*/
		if ((result = Tspi_Context_CreateObject(hContext,
						TSS_OBJECT_TYPE_POLICY,
						TSS_POLICY_MIGRATION,
						&keyMigrationPolicy))) {
			print_error("Tspi_Context_CreateObject", result);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		if (auth) {
			char *authdata = calloc(1, 128);

			if (!authdata) {
				fprintf(stderr, "malloc failed.\n");
				Tspi_Context_Close(hContext);
				exit(result);
			}

			if (EVP_read_pw_string(authdata, 128,
						"Enter Key Migration Password: "******"Passwords do not match.\n");
				free(authdata);
				Tspi_Context_Close(hContext);
				exit(result);
			}

			if ((result = Tspi_Policy_SetSecret(keyMigrationPolicy,
							    TSS_SECRET_MODE_PLAIN,
							    strlen(authdata),
							    (BYTE *)authdata))) {
				print_error("Tspi_Policy_SetSecret", result);
				Tspi_Context_Close(hContext);
				exit(result);
			}

			free(authdata);
		}

		if ((result = Tspi_Policy_AssignToObject(keyMigrationPolicy, hKey))) {
			print_error("Tspi_Policy_AssignToObject", result);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}

		/* Pull the PubKRK out of the TPM */
		if ((result = Tspi_Key_GetPubKey(hSRK, &size_n, &pubSRK))) {
			print_error("Tspi_Key_WrapKey", result);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		Tspi_Context_FreeMemory(hContext, pubSRK);

		if ((rsa = openssl_read_key(openssl_key)) == NULL) {
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(-1);
		}

		if (RSA_size(rsa) != key_size / 8) {
			fprintf(stderr,
				"Error, key size is incorrect, please use the '-s' option\n");
			RSA_free(rsa);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(-1);
		}

		if (openssl_get_modulus_and_prime(rsa, &size_n, (unsigned char *)n,
						  &size_p, (unsigned char *)p)) {
			fprintf(stderr, "Error getting modulus and prime!\n");
			RSA_free(rsa);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(-1);
		}

		if ((result = Tspi_SetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO,
						 TSS_TSPATTRIB_KEYINFO_RSA_MODULUS,
						 size_n, (BYTE *)n))) {
			print_error("Tspi_SetAttribData (RSA modulus)", result);
			RSA_free(rsa);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(-1);
		}

		if ((result = Tspi_SetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB,
						 TSS_TSPATTRIB_KEYBLOB_PRIVATE_KEY,
						 size_p, (BYTE *)p))) {
			print_error("Tspi_SetAttribData (private key)", result);
			RSA_free(rsa);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(-1);
		}

		if ((result = Tspi_Key_WrapKey(hKey, hSRK, 0))) {
			print_error("Tspi_Key_WrapKey", result);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	} else {
		if ((result = Tspi_Key_CreateKey(hKey, hSRK, 0))) {
			print_error("Tspi_Key_CreateKey", result);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}

	if ((result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_BLOB,
					 TSS_TSPATTRIB_KEYBLOB_BLOB,
					 &blob_size, &blob))) {
		print_error("Tspi_GetAttribData", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	if ((outb = BIO_new_file(filename, "w")) == NULL) {
                fprintf(stderr, "Error opening file for write: %s\n", filename);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(-1);
	}
	blob_str = ASN1_OCTET_STRING_new();
	if (!blob_str) {
                fprintf(stderr, "Error allocating ASN1_OCTET_STRING\n");
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(-1);
	}		

	ASN1_STRING_set(blob_str, blob, blob_size);
	asn1_len = i2d_ASN1_OCTET_STRING(blob_str, &blob_asn1);
	PEM_write_bio(outb, "TSS KEY BLOB", "", blob_asn1, asn1_len);

	BIO_free(outb);
	Tspi_Context_Close(hContext);

	printf("Success.\n");

	return 0;
}
Пример #14
0
main_v1_1(void){

	char		*nameOfFunction = "Tspi_GetAttribData19";
	TSS_FLAG	initFlags;
	TSS_HKEY	hKey;
	TSS_HCONTEXT	hContext;
	TSS_RESULT	result;
	TSS_HKEY	hSRK;
	BYTE*		uuid;
	UINT32		uuidLength;
	int		rc;
	TSS_UUID	null_uuid, key_uuid;
	initFlags	= TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048  |
			TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
			TSS_KEY_NOT_MIGRATABLE;

	memset(&null_uuid, 0, sizeof(TSS_UUID));
	memset(&key_uuid, 0x7f, sizeof(TSS_UUID));

	print_begin_test(nameOfFunction);

		//Create Context and connect
	result = connect_load_srk(&hContext, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("connect_load_srk", result);
		print_error_exit(nameOfFunction, err_string(result));
		exit(result);
	}
		//Create Key Object
	result = Tspi_Context_CreateObject(hContext,
					   TSS_OBJECT_TYPE_RSAKEY,
					   initFlags, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create Key in the TPM
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_CreateKey", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Call GetAttribData, uuid should be all 0's
	result = Tspi_GetAttribData(hKey,
				    TSS_TSPATTRIB_KEY_UUID, 0,
				    &uuidLength, &uuid);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetAttribData", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Check length and data
	if (uuidLength != sizeof(TSS_UUID)) {
		print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1);
		print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	if ((rc = memcmp(uuid, &null_uuid, uuidLength))) {
		print_verifyerr("a null uuid from Tspi_GetAttribData", 0, rc);
		print_hex(uuid, sizeof(TSS_UUID));
		print_error("uuid NULL from Tspi_GetAttribData", TSS_E_FAIL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	Tspi_Context_FreeMemory(hContext, uuid);

register_key:
		//Register Key
	result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM,
					  key_uuid, TSS_PS_TYPE_SYSTEM,
					  SRK_UUID);
	if (TSS_ERROR_CODE(result) == TSS_E_KEY_ALREADY_REGISTERED) {
		result = Tspi_Context_UnregisterKey(hContext,
						    TSS_PS_TYPE_SYSTEM,
						    key_uuid, &hKey);
		if (result != TSS_SUCCESS) {
			print_error("Tspi_Context_UnregisterKey", result);
			print_error_exit(nameOfFunction, err_string(result));
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		goto register_key;
	} else if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_RegisterKey", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Close the object
	result = Tspi_Context_CloseObject(hContext, hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CloseObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	hKey = 0;
		//Load the key by UUID from PS
	result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
					    key_uuid, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Call GetAttribData, uuid should be equal to key_uuid
	result = Tspi_GetAttribData(hKey, TSS_TSPATTRIB_KEY_UUID, 0,
				    &uuidLength, &uuid);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetAttribData", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Check length and data
	if (uuidLength != sizeof(TSS_UUID)) {
		print_verifyerr("uuid length from Tspi_GetAttribData", 0, 1);
		print_error("uuid length from Tspi_GetAttribData", TSS_E_FAIL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	if ((rc = memcmp(uuid, &key_uuid, uuidLength))) {
		print_verifyerr("key's uuid from Tspi_GetAttribData", 0, rc);
		print_hex((BYTE *)&key_uuid, sizeof(TSS_UUID));
		print_error("key's uuid from Tspi_GetAttribData", TSS_E_FAIL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	print_success(nameOfFunction, result);
	print_end_test(nameOfFunction);
	Tspi_Context_Close(hContext);
	exit(0);
}
Пример #15
0
int
main_v1_2( char version )
{
	char		*function = "Tspi_GetAttribData21";
	TSS_HCONTEXT	hContext;
	TSS_HKEY	hSRK, hKey;
	TSS_HPOLICY	hSrkPolicy;
	BYTE		*rgbDataToSeal = "This is a test";
	BYTE		rgbPcrValue[20];
	TSS_HPCRS	hPcrComposite;
	UINT32		AttribDataSize;
	BYTE*		AttribData;
	UINT32		ulDataLength = strlen(rgbDataToSeal);
	TSS_RESULT	result,resultFree;
	TSS_FLAG        keyInitFlags = TSS_KEY_SIZE_2048 |
				       TSS_KEY_TYPE_STORAGE |
				       TSS_KEY_NO_AUTHORIZATION;
	TSS_FLAG	pcrsInitFlags = 0;

	print_begin_test( function );

	if (version == TESTSUITE_TEST_TSS_1_2) {
		keyInitFlags |= TSS_KEY_STRUCT_KEY12;
		pcrsInitFlags |= TSS_PCRS_STRUCT_INFO_LONG;
	}

	memset(rgbPcrValue, 0x5a, sizeof(rgbPcrValue));

		// Create Context
	result = Tspi_Context_Create( &hContext );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Create", result );
		print_end_test(function);
		exit( result );
	}

		// Connect to Context
	result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Connect", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY, keyInitFlags, &hKey );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (hKey)", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Load Key by UUID
	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
				SRK_UUID, &hSRK );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

#ifndef TESTSUITE_NOAUTH_SRK
	result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE, &hSrkPolicy );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetPolicyObject", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Policy_SetSecret( hSrkPolicy, TESTSUITE_SRK_SECRET_MODE,
				TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Policy_SetSecret", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}
#endif

	result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_PCRS, pcrsInitFlags,
					   &hPcrComposite );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (hPcrComposite)",
				result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_PcrComposite_SetPcrValue( hPcrComposite, 8, 20, rgbPcrValue );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_PcrComposite_SetPcrValue", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_PcrComposite_SetPcrLocality( hPcrComposite, TPM_LOC_ZERO );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_PcrComposite_SetPcrLocality", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Key_CreateKey(hKey, hSRK, hPcrComposite);
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_CreateKey", result );
		print_end_test(function);
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}


	// Checking flag and subflags

		//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION
	result = Tspi_GetAttribData(hKey,
			TSS_TSPATTRIB_KEY_PCR_LONG,
			TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION, 
			&AttribDataSize, &AttribData);
	if ( result != TSS_SUCCESS ) 
	{
		print_error("Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION",
							result );
		print_end_test(function);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	else
	{
		resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
		if ( resultFree != TSS_SUCCESS )
		{
			print_error( "Tspi_Context_FreeMemory", resultFree );
			print_end_test(function);
			exit(resultFree);
		}
		print_success( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION -",
						result );
	}

		//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE
	result = Tspi_GetAttribData(hKey,
			TSS_TSPATTRIB_KEY_PCR_LONG,
			TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE,
			&AttribDataSize, &AttribData);
	if ( result != TSS_SUCCESS ) 
	{
		print_error( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE",
							result );
		print_end_test(function);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	else
	{
		resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
		if ( resultFree != TSS_SUCCESS )
		{
			print_error( "Tspi_Context_FreeMemory", resultFree );
			print_end_test(function);
			exit(resultFree);
		}
		print_success("Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE -",
						result );
	}

		//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION
	result = Tspi_GetAttribData(hKey,
			TSS_TSPATTRIB_KEY_PCR_LONG,
			TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION,
			&AttribDataSize, &AttribData);
	if ( result != TSS_SUCCESS ) 
	{
		print_error( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION",
						result );
		print_end_test(function);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	else
	{
		resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
		if ( resultFree != TSS_SUCCESS )
		{
			print_error( "Tspi_Context_FreeMemory", resultFree );
			print_end_test(function);
			exit(resultFree);
		}
		print_success( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION -",
						result );
	}

		//Call GetAttribData for subFlag TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION
	result = Tspi_GetAttribData(hKey,
			TSS_TSPATTRIB_KEY_PCR_LONG,
			TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION,
			&AttribDataSize, &AttribData);
	if ( result != TSS_SUCCESS ) 
	{
		print_error( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION",
						result );
		print_end_test(function);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	else
	{
		resultFree = Tspi_Context_FreeMemory(hContext, AttribData);
		if ( resultFree != TSS_SUCCESS )
		{
			print_error( "Tspi_Context_FreeMemory", resultFree );
			print_end_test(function);
			exit(resultFree);
		}
		print_success( "Tspi_GetAttribData - subflag TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION -",
						result );
	}

	print_end_test(function);

	Tspi_Context_Close(hContext);
	exit( 0 );

}
Пример #16
0
static int
import_tpm_key(gnutls_privkey_t pkey,
	       const gnutls_datum_t * fdata,
	       gnutls_tpmkey_fmt_t format,
	       TSS_UUID * uuid,
	       TSS_FLAG storage,
	       const char *srk_password, const char *key_password)
{
	int err, ret;
	struct tpm_ctx_st *s;
	gnutls_datum_t tmp_sig;

	s = gnutls_malloc(sizeof(*s));
	if (s == NULL) {
		gnutls_assert();
		return GNUTLS_E_MEMORY_ERROR;
	}

	ret = tpm_open_session(s, srk_password);
	if (ret < 0) {
		gnutls_assert();
		goto out_ctx;
	}

	if (fdata != NULL) {
		ret =
		    load_key(s->tpm_ctx, s->srk, fdata, format,
			     &s->tpm_key);
		if (ret < 0) {
			gnutls_assert();
			goto out_session;
		}
	} else if (uuid) {
		err =
		    Tspi_Context_LoadKeyByUUID(s->tpm_ctx, storage,
					       *uuid, &s->tpm_key);

		if (err) {
			gnutls_assert();
			ret = tss_err(err);
			goto out_session;
		}
	} else {
		gnutls_assert();
		ret = GNUTLS_E_INVALID_REQUEST;
		goto out_session;
	}

	ret =
	    gnutls_privkey_import_ext2(pkey, GNUTLS_PK_RSA, s,
				       tpm_sign_fn, NULL, tpm_deinit_fn,
				       0);
	if (ret < 0) {
		gnutls_assert();
		goto out_session;
	}

	ret =
	    gnutls_privkey_sign_data(pkey, GNUTLS_DIG_SHA1, 0, &nulldata,
				     &tmp_sig);
	if (ret == GNUTLS_E_TPM_KEY_PASSWORD_ERROR) {
		if (!s->tpm_key_policy) {
			err = Tspi_Context_CreateObject(s->tpm_ctx,
							TSS_OBJECT_TYPE_POLICY,
							TSS_POLICY_USAGE,
							&s->
							tpm_key_policy);
			if (err) {
				gnutls_assert();
				ret = tss_err(err);
				goto out_key;
			}

			err =
			    Tspi_Policy_AssignToObject(s->tpm_key_policy,
						       s->tpm_key);
			if (err) {
				gnutls_assert();
				ret = tss_err(err);
				goto out_key_policy;
			}
		}

		err = myTspi_Policy_SetSecret(s->tpm_key_policy,
					      SAFE_LEN(key_password),
					      (void *) key_password);

		if (err) {
			gnutls_assert();
			ret = tss_err_key(err);
			goto out_key_policy;
		}
	} else if (ret < 0) {
		gnutls_assert();
		goto out_session;
	}

	return 0;
      out_key_policy:
	Tspi_Context_CloseObject(s->tpm_ctx, s->tpm_key_policy);
	s->tpm_key_policy = 0;
      out_key:
	Tspi_Context_CloseObject(s->tpm_ctx, s->tpm_key);
	s->tpm_key = 0;
      out_session:
	tpm_close_session(s);
      out_ctx:
	gnutls_free(s);
	return ret;
}
Пример #17
0
int main_v1_1(void)
{
	char *function = "Tspi_Data_Unseal02";
	TSS_HCONTEXT hContext;
	TSS_HCONTEXT whContext = -1;
	TSS_HKEY hSRK;
	TSS_HKEY hKey;
	TSS_HPOLICY hSRKPolicy, hKeyPolicy;
	BYTE rgbDataToSeal[32] =
	    { 0, 1, 3, 4, 5, 6, 7, 8, 9, 'A', 'B', 'C', 'D', 'E', 'F', 0,
1, 2, 3, 4, 5, 6, 7, 8, 9, 'A', 'B', 'C', 'D', 'E', 'F' };
	BYTE rgbPcrValue[20] =
	    { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
	BYTE *prgbDataToUnseal;
	UINT32 ulDataLength = 32, exitCode = 0;
	TSS_RESULT result;
	TSS_FLAG initFlags = TSS_KEY_TYPE_STORAGE | TSS_KEY_SIZE_2048 |
	    TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
	    TSS_KEY_NOT_MIGRATABLE;


	print_begin_test(function);

	// Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create", result);
		exit(result);
	}
	// Connect to Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	// create hKey
	result = Tspi_Context_CreateObject(hContext,
					   TSS_OBJECT_TYPE_RSAKEY,
					   initFlags, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject (hKey)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
					    SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#ifndef TESTSUITE_NOAUTH_SRK
	// set the SRK auth data
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKPolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject (hSRK)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	result =
	    Tspi_Policy_SetSecret(hSRKPolicy, TESTSUITE_SRK_SECRET_MODE,
				  TESTSUITE_SRK_SECRET_LEN,
				  TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret (hSRKPolicy)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#endif
	// create the key
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_CreateKey (hKey)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	result = Tspi_Key_LoadKey(hKey, hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_LoadKey (hKey)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}


	result = Tspi_Data_Unseal(whContext, hKey, &ulDataLength,
				  &prgbDataToUnseal);
	if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
		if (!(checkNonAPI(result))) {
			print_error(function, result);
		} else {
			print_error_nonapi(function, result);
		}
		exitCode = result;
	} else {
		print_success(function, result);
	}

	print_end_test(function);
	Tspi_Context_FreeMemory(hContext, NULL);
	Tspi_Context_Close(hContext);
	exit(exitCode);
}
Пример #18
0
main_v1_1(void){

	char		*nameOfFunction	= "Tspi_TPM_Quote03";
	TSS_HCONTEXT	hContext;
	TSS_RESULT	result;
	TSS_HTPM	hTPM;
	TSS_HKEY	hSRK;
	TSS_UUID	identityKeyUUID	= {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2};
	TSS_VALIDATION	pValidationData;
	TSS_HPCRS	hPcrComposite;
	TSS_FLAG	initFlags;
	TSS_HPOLICY	srkUsagePolicy;
	BYTE		*data;


	initFlags	= TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048  |
			TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
			TSS_KEY_NOT_MIGRATABLE;

	print_begin_test(nameOfFunction);

		//Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create ", result);
		exit(result);
	}
		//Connect Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Get TPM Object
	result = Tspi_Context_GetTpmObject(hContext, &hTPM);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_GetTpmObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext,
			TSS_PS_TYPE_SYSTEM,
			SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret
	result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
					TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#endif
		//Create object for the hPcrComposite Key
	result = Tspi_Context_CreateObject(hContext, 
			TSS_OBJECT_TYPE_PCRS, 0,
			&hPcrComposite);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreatehIdentKey", result);
		Tspi_Context_CloseObject(hContext, hPcrComposite);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//SelectPcrIndex
	result = Tspi_PcrComposite_SelectPcrIndex(hPcrComposite, 1);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_PcrComposite_SelectPcrIndex ", result);
		Tspi_Context_CloseObject(hContext, hPcrComposite);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	result = Tspi_TPM_GetRandom(hTPM, 20, &data);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_TPM_GetRandom ", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	pValidationData.ulDataLength = 20;
	pValidationData.rgbExternalData = data;

		//Call TPM Quote
	result = Tspi_TPM_Quote(hTPM, -1, hPcrComposite, &pValidationData);
	if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hPcrComposite);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hPcrComposite);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_CloseObject(hContext, hPcrComposite);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #19
0
int
main_v1_1( void )
{
	char		*function = "key_auth_check01";
	TSS_HCONTEXT	hContext;
	UINT32		exitCode;
	TSS_HKEY	hSRK;
	TSS_HKEY	hMSigningKey;
	TSS_UUID	migratableSignUUID = {0x1, 0x55, 0x67, 0x8, 0x5, { 6, 7, 8, 9, 10, 2 } };
	TSS_HHASH	hHash;
	BYTE		*prgbSignature;
	UINT32		pulSignatureLength;
	TSS_RESULT	result;
	TSS_HPOLICY	srkUsagePolicy, keyUsagePolicy;

	print_begin_test( function );

		// Create Context
	result = Tspi_Context_Create( &hContext );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Create", result );
		print_error_exit( function, err_string(result) );
		exit( result );
	}

		// Connect to Context
	result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Connect", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
						SRK_UUID, &hSRK );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
					&srkUsagePolicy );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetPolicyObject", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Set Secret
	result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
				TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Policy_SetSecret", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}
#endif

		//Create Signing Key
	result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
						TSS_KEY_SIZE_2048 |
						TSS_KEY_TYPE_SIGNING |
						TSS_KEY_AUTHORIZATION,
						&hMSigningKey );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (signing key)",
				result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		// get signing key's policy
	result = Tspi_GetPolicyObject( hMSigningKey, TSS_POLICY_USAGE,
					&keyUsagePolicy );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetPolicyObject", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Set Secret
	result = Tspi_Policy_SetSecret( keyUsagePolicy, TESTSUITE_KEY_SECRET_MODE,
					TESTSUITE_KEY_SECRET_LEN, TESTSUITE_KEY_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Policy_SetSecret", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_CreateKey (signing key)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Key_LoadKey( hMSigningKey, hSRK );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKey (hMSigningKey)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		// create hash
	result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_HASH,
						TSS_HASH_SHA1, &hHash );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (hash)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Hash_UpdateHashValue( hHash, 20, "Je pense, danc je s" );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Hash_SetHashValue", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}


	result = Tspi_Hash_Sign( hHash, hMSigningKey, &pulSignatureLength,
					&prgbSignature );
	if ( result != TSS_SUCCESS )
	{
		if( !(checkNonAPI(result)) )
		{
			print_error( function, result );
			exitCode = 1;
		}
		else
		{
			print_error_nonapi( function, result );
			exitCode = 1;
		}
	}
	else
	{
		result = Tspi_Context_RegisterKey(hContext, hMSigningKey, TSS_PS_TYPE_SYSTEM,
						migratableSignUUID, TSS_PS_TYPE_SYSTEM, SRK_UUID);
		if (result != TSS_SUCCESS)
		{
			print_error( "Tspi_Context_RegisterKey", result );
			print_error_exit( function, err_string(result) );
			Tspi_Context_FreeMemory( hContext, NULL );
			Tspi_Context_Close( hContext );
			exit( result );
		}
		print_success( function, result );
		exitCode = 0;
	}

	print_end_test( function );
	Tspi_Context_FreeMemory( hContext, NULL );
	Tspi_Context_Close( hContext );
	exit( exitCode );
}
Пример #20
0
int
main_v1_1( void )
{
	char		*function = "Tspi_Key_GetPubKey01";
	TSS_HCONTEXT	hContext;
	TSS_HKEY	hSRK;
	TSS_HKEY	hKey;
	TSS_UUID	SRKUUID			= {0,0,0,0,0,0,0,0,0,0,1};
	TSS_UUID	migratableSignUUID	= {1,2,3,4,5,6,7,8,9,10,2};
	TSS_UUID	uuid;
	TSS_RESULT	result;
	UINT32		ulPubKeyLength;
	BYTE		*rgbPubKey;
	TSS_HPOLICY	srkUsagePolicy;
	TSS_FLAG	initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048  |
				TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
				TSS_KEY_NOT_MIGRATABLE;

	print_begin_test( function );

		// Create Context
	result = Tspi_Context_Create( &hContext );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Create", result );
		print_error_exit( function, err_string(result) );
		exit( result );
	}

		// Connect to Context
	result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Connect", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
						SRK_UUID, &hSRK );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
					&srkUsagePolicy );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetPolicyObject", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Set Secret
	result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
				TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Policy_SetSecret", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}
#endif
		//Create Signing Key
	result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
						initFlags, &hKey );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_CreateObject (hKey)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Key_CreateKey( hKey, hSRK, 0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_CreateKey (hKey)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Key_LoadKey( hKey, hSRK );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_LoadKey (hKey)", result );
		print_error_exit( function, err_string(result) );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		// Get Pub Key
	result = Tspi_Key_GetPubKey( hKey, &ulPubKeyLength, &rgbPubKey );
	if ( result != TSS_SUCCESS )
	{
		if( !(checkNonAPI(result)) )
		{
			print_error( function, result );
		}
		else
		{
			print_error_nonapi( function, result );
		}
	}
	else
	{
		result = Tspi_Context_FreeMemory(hContext, rgbPubKey);
		if (result != TSS_SUCCESS) {
			print_error("Tspi_Context_FreeMemory ", result);
			print_error_exit(function, err_string(result));
			Tspi_Context_Close(hContext);
			exit(result);
		}
		print_success( function, result );
	}

	print_end_test( function );
	Tspi_Context_FreeMemory( hContext, NULL );
	Tspi_Context_Close( hContext );
	exit( result );
}
Пример #21
0
int
main_v1_1( void )
{
	char		*function = "Tspi_Context_LoadKeyByBlob03";
	TSS_HCONTEXT	hContext;
	TSS_HKEY	hSRK;
	TSS_HKEY	hMSigningKey;
	BYTE*		migratableSignKeyBlob;
	UINT32		blobLength;
	TSS_RESULT	result;
	TSS_HPOLICY	srkUsagePolicy;
	UINT32		exitCode = 0;

	print_begin_test( function );

		// Create Context
	result = Tspi_Context_Create( &hContext );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Create", result );
		exit( result );
	}

		// Connect to Context
	result = Tspi_Context_Connect( hContext, get_server(GLOBALSERVER) );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_Connect", result );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
						SRK_UUID, &hSRK );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (hSRK)", result );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject( hSRK, TSS_POLICY_USAGE,
					&srkUsagePolicy );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetPolicyObject", result );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Set Secret
	result = Tspi_Policy_SetSecret( srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
				TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Policy_SetSecret (1)", result );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}
#endif

		//Create Signing Key
	result = Tspi_Context_CreateObject( hContext, TSS_OBJECT_TYPE_RSAKEY,
						TSS_KEY_SIZE_2048 |
						TSS_KEY_TYPE_SIGNING,
						&hMSigningKey );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_CreateObject (signing key)", result );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

	result = Tspi_Key_CreateKey( hMSigningKey, hSRK, 0 );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Key_CreateKey (Signing Key)", result );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		// get blob
	result = Tspi_GetAttribData( hMSigningKey, TSS_TSPATTRIB_KEY_BLOB,
					TSS_TSPATTRIB_KEYBLOB_BLOB,
					&blobLength, &migratableSignKeyBlob );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_GetAttribData", result );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}

		//Load Key Blob
	result = Tspi_Context_LoadKeyByBlob( hContext, hSRK,
						blobLength,
						NULL,
						&hMSigningKey );
	if ( TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER )
	{
		if( !(checkNonAPI(result)) )
		{
			print_error( function, result );
			exitCode = result;
		}
		else
		{
			print_error_nonapi( function, result );
			exitCode = result;
		}
	}
	else
	{
		print_success( function, result );
	}

	print_end_test( function );
	Tspi_Context_FreeMemory( hContext, NULL );
	Tspi_Context_Close( hContext );
	exit( exitCode );
}
Пример #22
0
int main_v1_1(void)
{
	char *function = "Tspi_Hash_Sign03";
	TSS_HCONTEXT hContext;
	TSS_HKEY hSRK;
	TSS_HKEY hMSigningKey;
	TSS_HKEY hKey;
	TSS_UUID SRKUUID = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1 };
	TSS_UUID migratableSignUUID = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 2 };
	TSS_HHASH hHash;
	BYTE *prgbSignature;
//      UINT32          pulSignatureLength;
	TSS_RESULT result;
	TSS_HPOLICY srkUsagePolicy;
	TSS_FLAG initFlags = TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048 |
	    TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
	    TSS_KEY_NOT_MIGRATABLE;
	UINT32 exitCode = 0;

	print_begin_test(function);

	// Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create", result);
		exit(result);
	}
	// Connect to Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	// create hKey
	result = Tspi_Context_CreateObject(hContext,
					   TSS_OBJECT_TYPE_RSAKEY,
					   initFlags, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject (hKey)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
					    SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID (hSRK)", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#ifndef TESTSUITE_NOAUTH_SRK
	//Get Policy Object
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
				      &srkUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	//Set Secret
	result =
	    Tspi_Policy_SetSecret(srkUsagePolicy,
				  TESTSUITE_SRK_SECRET_MODE,
				  TESTSUITE_SRK_SECRET_LEN,
				  TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#endif
	//Create Signing Key
	result =
	    Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
				      TSS_KEY_SIZE_2048 |
				      TSS_KEY_TYPE_SIGNING, &hMSigningKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject (signing key)",
			    result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_CreateKey (signing key)",
			    result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	result = Tspi_Context_RegisterKey(hContext, hMSigningKey,
					  TSS_PS_TYPE_SYSTEM,
					  migratableSignUUID,
					  TSS_PS_TYPE_SYSTEM, SRKUUID);
	if ((result != TSS_SUCCESS) &&
	    (TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED)) {
		print_error("Tspi_Context_RegisterKey (signing key)",
			    result);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

/*	result = Tspi_Context_LoadKeyByUUID( hContext, TSS_PS_TYPE_SYSTEM,
						migratableSignUUID,
						&hMSigningKey );
	if ( result != TSS_SUCCESS )
	{
		print_error( "Tspi_Context_LoadKeyByUUID (signing key)",
				result );
		Tspi_Context_UnregisterKey( hContext, TSS_PS_TYPE_SYSTEM,
						migratableSignUUID,
						&hMSigningKey );
		Tspi_Context_FreeMemory( hContext, NULL );
		Tspi_Context_Close( hContext );
		exit( result );
	}
*/
	result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_HASH,
					   TSS_HASH_SHA1, &hHash);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject (hash)", result);
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
					   migratableSignUUID,
					   &hMSigningKey);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	result =
	    Tspi_Hash_SetHashValue(hHash, 20, "Je pense, danc je suis.");
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Hash_SetHashValue", result);
		Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
					   migratableSignUUID,
					   &hMSigningKey);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	//Load Key Blob
	result = Tspi_Hash_Sign(hHash, hMSigningKey, NULL, &prgbSignature);
	if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
		if (!(checkNonAPI(result))) {
			print_error(function, result);
		} else {
			print_error_nonapi(function, result);
		}
		exitCode = result;
	} else {
		print_success(function, result);
	}

	print_end_test(function);
	Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
				   migratableSignUUID, &hMSigningKey);
	Tspi_Context_FreeMemory(hContext, NULL);
	Tspi_Context_Close(hContext);
	exit(exitCode);
}
Пример #23
0
main_v1_1(void){

	char		*nameOfFunction = "Tspi_Key_CreateMigrationBlob03";
	TSS_HCONTEXT	hContext;
	TSS_HKEY	hSRK;
	TSS_HKEY	hKey;
	UINT32		TargetPubKeyLength;
	BYTE		*TargetPublicKeyData;
	BYTE		*MigTicket;
	UINT32		TicketLength;
	BYTE		*randomData;
	UINT32		randomLength;
	UINT32		migBlobLength;
	BYTE		*migBlob;
	UINT32		blobLength;
	TSS_RESULT	result;
	TSS_HTPM	hTPM;
	TSS_HPOLICY	srkUsagePolicy, keyUsagePolicy, keyMigPolicy,
			tpmUsagePolicy;

	print_begin_test(nameOfFunction);

			//Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create ", result);
		print_error_exit(nameOfFunction, err_string(result));
		exit(result);
	}
		//Connect Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Get TPM Object
	result = Tspi_Context_GetTpmObject(hContext, &hTPM);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_GetTpmObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
	//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext,
			TSS_PS_TYPE_SYSTEM,
			SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID for hSRK", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret
	result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
					TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
#endif
		//Get Policy Object
	result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &tpmUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret
	result = Tspi_Policy_SetSecret(tpmUsagePolicy, TESTSUITE_OWNER_SECRET_MODE,
					TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create Object
	result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
				TSS_KEY_TYPE_BIND | TSS_KEY_SIZE_2048 |
				TSS_KEY_NO_AUTHORIZATION | TSS_KEY_NOT_MIGRATABLE,
				&hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create Signing Key
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (result != TSS_SUCCESS)
	{
		print_error("Tspi_Key_CreateKey", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		Tspi_Context_CloseObject(hContext, hKey);
		exit(result);
	}
		//Authorize Migration Ticket
	result = Tspi_TPM_AuthorizeMigrationTicket(hTPM, hKey,
			TSS_MS_REWRAP, &TicketLength, &MigTicket);
	if (result != TSS_SUCCESS)
	{
		print_error("Tpsi_TPM_AuthorizeMigrationTicket ", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		Tspi_Context_CloseObject(hContext, hKey);
		exit(result);
	}
		//Create Migration Blob
	result = Tspi_Key_CreateMigrationBlob(-1, hSRK,
				TicketLength, MigTicket, &randomLength,
				&randomData, &migBlobLength, &migBlob);
	if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #24
0
int
main_v1_1(void){

	char		*nameOfFunction = "Tspi_Context_GetRegisteredKeysByUUID03";
	TSS_HCONTEXT	hContext;
	TSS_HTPM	hTPM;
	TSS_FLAG	initFlags;
	TSS_HKEY	hKey;
	TSS_HKEY	hSRK;
	TSS_RESULT	result;
	TSS_UUID	migratableSignUUID={1, 2, 3, 4, 5, {6, 7, 8, 9, 10, 2}};
	TSS_HPOLICY	srkUsagePolicy;

	UINT32			pulKeyHierarchySize;
	TSS_KM_KEYINFO*		ppKeyHierarchy;

	initFlags	= TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_512  |
			TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
			TSS_KEY_NOT_MIGRATABLE;

	print_begin_test(nameOfFunction);

		//Create
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create ", result);
		exit(result);
	}
		//Connect
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect ", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Get TPM Object
	result = Tspi_Context_GetTpmObject(hContext, &hTPM);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_GetTpmObject ", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create Object
	result = Tspi_Context_CreateObject(hContext,
				TSS_OBJECT_TYPE_RSAKEY,
				initFlags, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject ", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Load Key by UUID
	result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, 
					SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID ", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object for the srkUsagePolicy
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject ", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret for the srkUsagePolicy
	result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
			TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret ", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#endif
		//Create the hKey with the hSRK wrapping key
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_CreateKey", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Register the hKey
	result = Tspi_Context_RegisterKey(hContext,
				hKey, TSS_PS_TYPE_SYSTEM, migratableSignUUID,
				TSS_PS_TYPE_SYSTEM, SRK_UUID);
	if (result != TSS_SUCCESS && TSS_ERROR_CODE(result) != TSS_E_KEY_ALREADY_REGISTERED) {
		print_error("Tspi_Context_RegisterKey ", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Get Registered Keys By UUID
	result = Tspi_Context_GetRegisteredKeysByUUID(hContext, 
			-1, &migratableSignUUID,
			&pulKeyHierarchySize, &ppKeyHierarchy);
	if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #25
0
main_v1_1(void){

	char		*nameOfFunction = "Tspi_Key_LoadKey01";
	TSS_HCONTEXT	hContext;
	TSS_HTPM	hTPM;
	TSS_FLAG	initFlags;
	TSS_HKEY	hKey;
	TSS_HKEY	hSRK;
	TSS_RESULT	result;
	TSS_UUID	uuid;
	TSS_HPOLICY	srkUsagePolicy, keyUsagePolicy, keyMigPolicy;
	initFlags	= TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048  |
			TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
			TSS_KEY_NOT_MIGRATABLE;

	print_begin_test(nameOfFunction);

		//Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		print_error_exit(nameOfFunction, err_string(result));
		exit(result);
	}
		//Connect Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create Object
	result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
				initFlags, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext,
				TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret
	result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
			TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#endif
		//Create Key
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_Create Key", result);
		print_error_exit(nameOfFunction, err_string(result));
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Load Key (hKey)
	result = Tspi_Key_LoadKey(hKey, hSRK);
	if (result != TSS_SUCCESS){
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #26
0
main_v1_1(void) {

    char		*nameOfFunction = "Tspi_ChangeAuthAsym02";
    TSS_HKEY	hKey;
    TSS_HKEY	hSRK;
    TSS_HPOLICY	hPolicy;
    TSS_UUID	migratableStorageUUID = {1,2,3,4,5,6,7,8,9,10,5};
    TSS_UUID	migratableSignUUID = {1,2,3,4,5,6,7,8,9,10,8};
    TSS_UUID	AIKUUID = {1,2,3,4,5,6,7,8,9,10,6};
    TSS_HKEY	hAIK;
    TSS_HKEY	hMSigningKey;
    TSS_HKEY	hMStorageKey;
    TSS_HCONTEXT	hContext;
    TSS_RESULT	result;
    TSS_FLAG	initFlags;
    initFlags	= TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048  |
                  TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
                  TSS_KEY_NOT_MIGRATABLE;
    TSS_HPOLICY	srkUsagePolicy;

    print_begin_test(nameOfFunction);

    //Create Context
    result = Tspi_Context_Create(&hContext);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_Create", result);
        exit(result);
    }
    //Connect Context
    result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_Connect", result);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Create hKey
    result = Tspi_Context_CreateObject(hContext,
                                       TSS_OBJECT_TYPE_RSAKEY,
                                       initFlags, &hKey);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_CreateObject", result);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Load Key By UUID
    result = Tspi_Context_LoadKeyByUUID(hContext,
                                        TSS_PS_TYPE_SYSTEM,
                                        SRK_UUID, &hSRK);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_LoadKeyByUUID ", result);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
#ifndef TESTSUITE_NOAUTH_SRK
    //Get Policy Object
    result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_GetPolicyObject", result);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Set Secret
    result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
                                   TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Policy_SetSecret", result);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
#endif
    //Create Object for the hAIK Key
    result = Tspi_Context_CreateObject(hContext,
                                       TSS_OBJECT_TYPE_RSAKEY,
                                       TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hAIK);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_CreateObject", result);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Create the hAIK Key
    result = Tspi_Key_CreateKey(hAIK, hSRK, 0);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Key_CreateKey", result);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    // Load hAIK Key
    result = Tspi_Key_LoadKey(hAIK, hSRK);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_CreateObject", result);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Create Object for Storage Key
    result = Tspi_Context_CreateObject(hContext,
                                       TSS_OBJECT_TYPE_RSAKEY,
                                       TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMStorageKey);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_CreateObject", result);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Create Storage Key
    result = Tspi_Key_CreateKey(hMStorageKey, hSRK, 0);
    if (result != TSS_SUCCESS) {
        print_error("Tpspi_Key_CreateKey", result);
        Tspi_Context_CloseObject(hContext, hMStorageKey);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    // Load hMStorageKey Key
    result = Tspi_Key_LoadKey(hMStorageKey, hSRK);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_CreateObject", result);
        Tspi_Context_CloseObject(hContext, hMStorageKey);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Create Object for Signing Key
    result = Tspi_Context_CreateObject(hContext,
                                       TSS_OBJECT_TYPE_RSAKEY,
                                       TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMSigningKey);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_CreateObject", result);
        Tspi_Context_CloseObject(hContext, hMStorageKey);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Create Signing Key
    result = Tspi_Key_CreateKey(hMSigningKey, hSRK, 0);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Key_CreateKey", result);
        Tspi_Context_CloseObject(hContext, hMStorageKey);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Get Default Policy
    result = Tspi_Context_GetDefaultPolicy(hContext, &hPolicy);
    if (result != TSS_SUCCESS) {
        print_error("Tspi_Context_GetPolicy", result);
        Tspi_Context_CloseObject(hContext, hMStorageKey);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(result);
    }
    //Call to Change Auth Asym
    result = Tspi_ChangeAuthAsym(-1, hMStorageKey, hAIK, hPolicy);
    if (TSS_ERROR_CODE(result) != TSS_E_BAD_PARAMETER) {
        if(!checkNonAPI(result)) {
            print_error(nameOfFunction, result);
            print_end_test(nameOfFunction);
            Tspi_Context_FreeMemory(hContext, NULL);
            Tspi_Context_CloseObject(hContext, hMStorageKey);
            Tspi_Context_CloseObject(hContext, hAIK);
            Tspi_Context_CloseObject(hContext, hKey);
            Tspi_Context_Close(hContext);
            exit(result);
        }
        else {
            print_error_nonapi(nameOfFunction, result);
            print_end_test(nameOfFunction);
            Tspi_Context_FreeMemory(hContext, NULL);
            Tspi_Context_CloseObject(hContext, hMStorageKey);
            Tspi_Context_CloseObject(hContext, hAIK);
            Tspi_Context_CloseObject(hContext, hKey);
            Tspi_Context_Close(hContext);
            exit(result);
        }
    }
    else {
        print_success(nameOfFunction, result);
        print_end_test(nameOfFunction);
        Tspi_Context_FreeMemory(hContext, NULL);
        Tspi_Context_CloseObject(hContext, hMStorageKey);
        Tspi_Context_CloseObject(hContext, hAIK);
        Tspi_Context_CloseObject(hContext, hKey);
        Tspi_Context_Close(hContext);
        exit(0);
    }
}
Пример #27
0
int load_tpm_key(struct openconnect_info *vpninfo, gnutls_datum_t *fdata,
		 gnutls_privkey_t *pkey, gnutls_datum_t *pkey_sig)
{
	static const TSS_UUID SRK_UUID = TSS_UUID_SRK;
	gnutls_datum_t asn1;
	unsigned int tss_len;
	char *pass;
	int ofs, err;

	err = gnutls_pem_base64_decode_alloc("TSS KEY BLOB", fdata, &asn1);
	if (err) {
		vpn_progress(vpninfo, PRG_ERR,
			     _("Error decoding TSS key blob: %s\n"),
			     gnutls_strerror(err));
		return -EINVAL;
	}
	/* Ick. We have to parse the ASN1 OCTET_STRING for ourselves. */
	if (asn1.size < 2 || asn1.data[0] != 0x04 /* OCTET_STRING */) {
		vpn_progress(vpninfo, PRG_ERR,
			     _("Error in TSS key blob\n"));
		goto out_blob;
	}

	tss_len = asn1.data[1];
	ofs = 2;
	if (tss_len & 0x80) {
		int lenlen = tss_len & 0x7f;

		if (asn1.size < 2 + lenlen || lenlen > 3) {
			vpn_progress(vpninfo, PRG_ERR,
				     _("Error in TSS key blob\n"));
			goto out_blob;
		}

		tss_len = 0;
		while (lenlen) {
			tss_len <<= 8;
			tss_len |= asn1.data[ofs++];
			lenlen--;
		}
	}
	if (tss_len + ofs != asn1.size) {
		vpn_progress(vpninfo, PRG_ERR,
			     _("Error in TSS key blob\n"));
		goto out_blob;
	}

	err = Tspi_Context_Create(&vpninfo->tpm_context);
	if (err) {
		vpn_progress(vpninfo, PRG_ERR,
			     _("Failed to create TPM context: %s\n"),
			     Trspi_Error_String(err));
		goto out_blob;
	}
	err = Tspi_Context_Connect(vpninfo->tpm_context, NULL);
	if (err) {
		vpn_progress(vpninfo, PRG_ERR,
			     _("Failed to connect TPM context: %s\n"),
			     Trspi_Error_String(err));
		goto out_context;
	}
	err = Tspi_Context_LoadKeyByUUID(vpninfo->tpm_context, TSS_PS_TYPE_SYSTEM,
					 SRK_UUID, &vpninfo->srk);
	if (err) {
		vpn_progress(vpninfo, PRG_ERR,
			     _("Failed to load TPM SRK key: %s\n"),
			     Trspi_Error_String(err));
		goto out_context;
	}
	err = Tspi_GetPolicyObject(vpninfo->srk, TSS_POLICY_USAGE, &vpninfo->srk_policy);
	if (err) {
		vpn_progress(vpninfo, PRG_ERR,
			     _("Failed to load TPM SRK policy object: %s\n"),
			     Trspi_Error_String(err));
		goto out_srk;
	}

	pass = vpninfo->cert_password;
	vpninfo->cert_password = NULL;
	while (1) {
		static const char nullpass[20];

		/* We don't seem to get the error here... */
		if (pass)
			err = Tspi_Policy_SetSecret(vpninfo->srk_policy,
						    TSS_SECRET_MODE_PLAIN,
						    strlen(pass), (BYTE *)pass);
		else /* Well-known NULL key */
			err = Tspi_Policy_SetSecret(vpninfo->srk_policy,
						    TSS_SECRET_MODE_SHA1,
						    sizeof(nullpass), (BYTE *)nullpass);
		if (err) {
			vpn_progress(vpninfo, PRG_ERR,
				     _("Failed to set TPM PIN: %s\n"),
				     Trspi_Error_String(err));
			goto out_srkpol;
		}

		free(pass);

		/* ... we get it here instead. */
		err = Tspi_Context_LoadKeyByBlob(vpninfo->tpm_context, vpninfo->srk,
						 tss_len, asn1.data + ofs,
						 &vpninfo->tpm_key);
		if (!err)
			break;

		if (pass)
			vpn_progress(vpninfo, PRG_ERR,
				     _("Failed to load TPM key blob: %s\n"),
				     Trspi_Error_String(err));

		if (err != TPM_E_AUTHFAIL)
			goto out_srkpol;

		err = request_passphrase(vpninfo, "openconnect_tpm_srk",
					 &pass, _("Enter TPM SRK PIN:"));
		if (err)
			goto out_srkpol;
	}

#ifdef HAVE_GNUTLS_CERTIFICATE_SET_KEY
	gnutls_privkey_init(pkey);
	/* This would be nicer if there was a destructor callback. I could
	   allocate a data structure with the TPM handles and the vpninfo
	   pointer, and destroy that properly when the key is destroyed. */
	gnutls_privkey_import_ext(*pkey, GNUTLS_PK_RSA, vpninfo, tpm_sign_fn, NULL, 0);
#else
	*pkey = OPENCONNECT_TPM_PKEY;
#endif

 retry_sign:
	err = sign_dummy_data(vpninfo, *pkey, fdata, pkey_sig);
	if (err == GNUTLS_E_INSUFFICIENT_CREDENTIALS) {
		if (!vpninfo->tpm_key_policy) {
			err = Tspi_Context_CreateObject(vpninfo->tpm_context,
							TSS_OBJECT_TYPE_POLICY,
							TSS_POLICY_USAGE,
							&vpninfo->tpm_key_policy);
			if (err) {
				vpn_progress(vpninfo, PRG_ERR,
					     _("Failed to create key policy object: %s\n"),
					     Trspi_Error_String(err));
				goto out_key;
			}
			err = Tspi_Policy_AssignToObject(vpninfo->tpm_key_policy,
							 vpninfo->tpm_key);
			if (err) {
				vpn_progress(vpninfo, PRG_ERR,
					     _("Failed to assign policy to key: %s\n"),
					     Trspi_Error_String(err));
				goto out_key_policy;
			}
		}
	        err = request_passphrase(vpninfo, "openconnect_tpm_key",
					 &pass, _("Enter TPM key PIN:"));
		if (err)
			goto out_key_policy;

		err = Tspi_Policy_SetSecret(vpninfo->tpm_key_policy,
					    TSS_SECRET_MODE_PLAIN,
					    strlen(pass), (void *)pass);
		free (pass);

		if (err) {
			vpn_progress(vpninfo, PRG_ERR,
				     _("Failed to set key PIN: %s\n"),
				     Trspi_Error_String(err));
			goto out_key_policy;
		}
		goto retry_sign;
	}

	free (asn1.data);
	return 0;
 out_key_policy:
	Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->tpm_key_policy);
	vpninfo->tpm_key_policy = 0;
 out_key:
	Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->tpm_key);
	vpninfo->tpm_key = 0;
 out_srkpol:
	Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->srk_policy);
	vpninfo->srk_policy = 0;
 out_srk:
	Tspi_Context_CloseObject(vpninfo->tpm_context, vpninfo->srk);
	vpninfo->srk = 0;
 out_context:
	Tspi_Context_Close(vpninfo->tpm_context);
	vpninfo->tpm_context = 0;
 out_blob:
	free (asn1.data);
	return -EIO;
}
Пример #28
0
main_v1_1(void){

	char		*nameOfFunction = "Tspi_ChangeAuth04";
	TSS_HKEY	hKey;
	TSS_HKEY	hSRK;
	TSS_HPOLICY	hPolicy;
	TSS_HKEY	hMStorageKey;
	TSS_HCONTEXT	hContext;
	TSS_RESULT	result;
	TSS_FLAG	initFlags;
	initFlags	= TSS_KEY_TYPE_SIGNING | TSS_KEY_SIZE_2048  |
			TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION |
			TSS_KEY_NOT_MIGRATABLE;
	TSS_HPOLICY	srkUsagePolicy;

	print_begin_test(nameOfFunction);

		//Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create ", result);
		exit(result);
	}
		//Connect Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create hKey
	result = Tspi_Context_CreateObject(hContext,
			TSS_OBJECT_TYPE_RSAKEY,
			initFlags, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext,
			TSS_PS_TYPE_SYSTEM,
			SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID for hSRK", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#ifndef TESTSUITE_NOAUTH_SRK
		//Get Policy Object
	result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &srkUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret
	result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
				TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
#endif
		//Create Storage Key
	result = Tspi_Context_CreateObject(hContext, 
			TSS_OBJECT_TYPE_RSAKEY,
			TSS_KEY_SIZE_2048 |TSS_KEY_TYPE_SIGNING, &hMStorageKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	result = Tspi_Key_CreateKey(hMStorageKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_CreateKey", result);
		Tspi_Context_CloseObject(hContext, hMStorageKey);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Call Change Auth
	result = Tspi_ChangeAuth(0xffffffff, hMStorageKey, hPolicy);
	if (TSS_ERROR_CODE(result) != TSS_E_INVALID_HANDLE) {
		if(!checkNonAPI(result)){
			print_error(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hMStorageKey);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
		else{
			print_error_nonapi(nameOfFunction, result);
			print_end_test(nameOfFunction);
			Tspi_Context_FreeMemory(hContext, NULL);
			Tspi_Context_CloseObject(hContext, hMStorageKey);
			Tspi_Context_CloseObject(hContext, hKey);
			Tspi_Context_Close(hContext);
			exit(result);
		}
	}
	else{
		print_success(nameOfFunction, result);
		print_end_test(nameOfFunction);
		Tspi_Context_FreeMemory(hContext, NULL);
		Tspi_Context_CloseObject(hContext, hMStorageKey);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(0);
	}
}
Пример #29
0
main_v1_1(void){

	char		*nameOfFunction = "policy_no_secret";
	TSS_HCONTEXT	hContext;
	TSS_HTPM	hTPM;
	TSS_FLAG	initFlags;
	TSS_HKEY	hKey;
	TSS_HKEY	hSRK;
	TSS_RESULT	result;
	TSS_BOOL	allowMaint = FALSE;
	BYTE		*randomData;
	TSS_HPOLICY	srkUsagePolicy, tpmUsagePolicy;

	print_begin_test(nameOfFunction);

#ifdef TESTSUITE_NOAUTH_SRK
	print_NA();
	print_end_test(nameOfFunction);
	exit(0);
#endif
		//Create Context
	result = Tspi_Context_Create(&hContext);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Create", result);
		exit(result);
	}
		//Connect Context
	result = Tspi_Context_Connect(hContext, get_server(GLOBALSERVER));
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_Connect", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Load Key By UUID
	result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_LoadKeyByUUID", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create Policy Object
	result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_POLICY, TSS_POLICY_USAGE,
					   &srkUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret mode to none
	result = Tspi_Policy_SetSecret(srkUsagePolicy, TSS_SECRET_MODE_NONE, 0, NULL);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Assign new policy w/o secret to the SRK object
	result = Tspi_Policy_AssignToObject(srkUsagePolicy, hSRK);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_AssignToObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Create child key Object
	result = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY,
					   TSS_KEY_SIZE_512|TSS_KEY_TYPE_BIND|
					   TSS_KEY_NO_AUTHORIZATION, &hKey);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_CreateObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		// Attempt to use the SRK w/o putting a secret in its policy
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (TSS_ERROR_CODE(result) != TSS_E_POLICY_NO_SECRET) {
		print_error("Key creation w/o parent secret set", result);
		print_error(nameOfFunction, result);
		Tspi_Context_Close(hContext);
		exit(result);
	} else {
		print_success("Key creation w/o parent secret set", result);
	}

		//Set Secret
	result = Tspi_Policy_SetSecret(srkUsagePolicy, TESTSUITE_SRK_SECRET_MODE,
				TESTSUITE_SRK_SECRET_LEN, TESTSUITE_SRK_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		// With a secret set, this should work OK
	result = Tspi_Key_CreateKey(hKey, hSRK, 0);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Key_CreateKey", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		// Try an owner auth'd command w/o secret
	result = Tspi_Context_GetTpmObject(hContext, &hTPM);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Context_GetTpmObject", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

		//Get Policy Object
	result = Tspi_GetPolicyObject(hTPM, TSS_POLICY_USAGE, &tpmUsagePolicy);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_GetPolicyObject", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
		//Set Secret mode to none
	result = Tspi_Policy_SetSecret(tpmUsagePolicy, TSS_SECRET_MODE_NONE, 0, NULL);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	result = Tspi_TPM_GetStatus(hTPM, TSS_TPMSTATUS_ALLOWMAINTENANCE, &allowMaint);
	if (TSS_ERROR_CODE(result) != TSS_E_POLICY_NO_SECRET) {
		print_error("Tspi_TPM_GetStatus w/o owner secret set", result);
		Tspi_Context_Close(hContext);
		exit(result);
	} else {
		print_success("TPM_GetStatus w/o owner secret set", result);
	}

		//Set Secret
	result = Tspi_Policy_SetSecret(tpmUsagePolicy, TESTSUITE_OWNER_SECRET_MODE,
				       TESTSUITE_OWNER_SECRET_LEN, TESTSUITE_OWNER_SECRET);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_Policy_SetSecret", result);
		Tspi_Context_CloseObject(hContext, hKey);
		Tspi_Context_Close(hContext);
		exit(result);
	}
	result = Tspi_TPM_GetStatus(hTPM, TSS_TPMSTATUS_ALLOWMAINTENANCE, &allowMaint);
	if (result != TSS_SUCCESS) {
		print_error("Tspi_TPM_GetStatus", result);
		Tspi_Context_Close(hContext);
		exit(result);
	}

	print_success(nameOfFunction, result);
	print_end_test(nameOfFunction);
	Tspi_Context_Close(hContext);
	exit(result);
}
Пример #30
0
int tpm_load_srk(UI_METHOD *ui, void *cb_data)
{
	TSS_RESULT result;
	UINT32 authusage;
	BYTE *auth;
	UINT32 auth_size;
	UINT32 srk_secret_mode = secret_mode;
	BYTE well_known_secret[] = TSS_WELL_KNOWN_SECRET;

	if (hSRK != NULL_HKEY) {
		DBGFN("SRK is already loaded.");
		return 1;
	}

	if ((result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
						   SRK_UUID, &hSRK))) {
		TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
		return 0;
	}

	if ((result = Tspi_GetAttribUint32(hSRK, TSS_TSPATTRIB_KEY_INFO,
					     TSS_TSPATTRIB_KEYINFO_AUTHUSAGE,
					     &authusage))) {
		Tspi_Context_CloseObject(hContext, hSRK);
		TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
		return 0;
	}

	if (!authusage) {
		DBG("SRK has no auth associated with it.");
		return 1;
	}

	/* If hSRKPolicy is non 0, then a policy object for the SRK has already
	 * been set up by engine pre/post commands. Just assign it to the SRK.
	 * Otherwise, we need to get the SRK's implicit policy and prompt for a
	 * secret */
	if (hSRKPolicy) {
		DBG("Found an already initialized SRK policy, using it");
		if ((result = Tspi_Policy_AssignToObject(hSRKPolicy, hSRK))) {
			TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
			return 0;
		}

		return 1;
	}

	if ((result = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE,
					&hSRKPolicy))) {
		Tspi_Context_CloseObject(hContext, hSRK);
		TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
		return 0;
	}

	if ((auth = calloc(1, 128)) == NULL) {
		TSSerr(TPM_F_TPM_LOAD_SRK, ERR_R_MALLOC_FAILURE);
		return 0;
	}

	if (!srk_zeroed) {
		if (!tpm_engine_get_auth(ui, (char *)auth, 128, "SRK authorization: ",
					cb_data)) {
			Tspi_Context_CloseObject(hContext, hSRK);
			free(auth);
			TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
		}
		auth_size = strlen((char *)auth);
	} else {
		auth_size = sizeof(well_known_secret);
		memcpy(auth, well_known_secret, auth_size);
		srk_secret_mode = TSS_SECRET_MODE_SHA1;
	}

	/* secret_mode is a global that may be set by engine ctrl
	 * commands.  By default, its set to TSS_SECRET_MODE_PLAIN */
	if ((result = Tspi_Policy_SetSecret(hSRKPolicy, srk_secret_mode,
					      auth_size, auth))) {
		Tspi_Context_CloseObject(hContext, hSRK);
		free(auth);
		TSSerr(TPM_F_TPM_LOAD_SRK, TPM_R_REQUEST_FAILED);
		return 0;
	}

	free(auth);

	return 1;
}