1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3 * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
5 ******************************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include "tss2_mu.h"
12 #include "tss2_sys.h"
13 #include "tss2_esys.h"
14
15 #include "esys_types.h"
16 #include "esys_iutil.h"
17 #include "esys_mu.h"
18 #define LOGMODULE esys
19 #include "util/log.h"
20 #include "util/aux_util.h"
21
22 /** One-Call function for TPM2_RSA_Decrypt
23 *
24 * This function invokes the TPM2_RSA_Decrypt command in a one-call
25 * variant. This means the function will block until the TPM response is
26 * available. All input parameters are const. The memory for non-simple output
27 * parameters is allocated by the function implementation.
28 *
29 * @param[in,out] esysContext The ESYS_CONTEXT.
30 * @param[in] keyHandle RSA key to use for decryption.
31 * @param[in] shandle1 Session handle for authorization of keyHandle
32 * @param[in] shandle2 Second session handle.
33 * @param[in] shandle3 Third session handle.
34 * @param[in] cipherText Cipher text to be decrypted.
35 * @param[in] inScheme TPM2_The padding scheme to use if scheme associated with
36 * keyHandle is TPM2_ALG_NULL.
37 * @param[in] label Label whose association with the message is to be verified.
38 * @param[out] message Decrypted output.
39 * (callee-allocated)
40 * @retval TSS2_RC_SUCCESS if the function call was a success.
41 * @retval TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input
42 * pointers or required output handle references are NULL.
43 * @retval TSS2_ESYS_RC_BAD_CONTEXT: if esysContext corruption is detected.
44 * @retval TSS2_ESYS_RC_MEMORY: if the ESAPI cannot allocate enough memory for
45 * internal operations or return parameters.
46 * @retval TSS2_ESYS_RC_BAD_SEQUENCE: if the context has an asynchronous
47 * operation already pending.
48 * @retval TSS2_ESYS_RC_INSUFFICIENT_RESPONSE: if the TPM's response does not
49 * at least contain the tag, response length, and response code.
50 * @retval TSS2_ESYS_RC_MALFORMED_RESPONSE: if the TPM's response is corrupted.
51 * @retval TSS2_ESYS_RC_RSP_AUTH_FAILED: if the response HMAC from the TPM
52 did not verify.
53 * @retval TSS2_ESYS_RC_MULTIPLE_DECRYPT_SESSIONS: if more than one session has
54 * the 'decrypt' attribute bit set.
55 * @retval TSS2_ESYS_RC_MULTIPLE_ENCRYPT_SESSIONS: if more than one session has
56 * the 'encrypt' attribute bit set.
57 * @retval TSS2_ESYS_RC_BAD_TR: if any of the ESYS_TR objects are unknown
58 * to the ESYS_CONTEXT or are of the wrong type or if required
59 * ESYS_TR objects are ESYS_TR_NONE.
60 * @retval TSS2_RCs produced by lower layers of the software stack may be
61 * returned to the caller unaltered unless handled internally.
62 */
63 TSS2_RC
Esys_RSA_Decrypt(ESYS_CONTEXT * esysContext,ESYS_TR keyHandle,ESYS_TR shandle1,ESYS_TR shandle2,ESYS_TR shandle3,const TPM2B_PUBLIC_KEY_RSA * cipherText,const TPMT_RSA_DECRYPT * inScheme,const TPM2B_DATA * label,TPM2B_PUBLIC_KEY_RSA ** message)64 Esys_RSA_Decrypt(
65 ESYS_CONTEXT *esysContext,
66 ESYS_TR keyHandle,
67 ESYS_TR shandle1,
68 ESYS_TR shandle2,
69 ESYS_TR shandle3,
70 const TPM2B_PUBLIC_KEY_RSA *cipherText,
71 const TPMT_RSA_DECRYPT *inScheme,
72 const TPM2B_DATA *label,
73 TPM2B_PUBLIC_KEY_RSA **message)
74 {
75 TSS2_RC r;
76
77 r = Esys_RSA_Decrypt_Async(esysContext, keyHandle, shandle1, shandle2,
78 shandle3, cipherText, inScheme, label);
79 return_if_error(r, "Error in async function");
80
81 /* Set the timeout to indefinite for now, since we want _Finish to block */
82 int32_t timeouttmp = esysContext->timeout;
83 esysContext->timeout = -1;
84 /*
85 * Now we call the finish function, until return code is not equal to
86 * from TSS2_BASE_RC_TRY_AGAIN.
87 * Note that the finish function may return TSS2_RC_TRY_AGAIN, even if we
88 * have set the timeout to -1. This occurs for example if the TPM requests
89 * a retransmission of the command via TPM2_RC_YIELDED.
90 */
91 do {
92 r = Esys_RSA_Decrypt_Finish(esysContext, message);
93 /* This is just debug information about the reattempt to finish the
94 command */
95 if ((r & ~TSS2_RC_LAYER_MASK) == TSS2_BASE_RC_TRY_AGAIN)
96 LOG_DEBUG("A layer below returned TRY_AGAIN: %" PRIx32
97 " => resubmitting command", r);
98 } while ((r & ~TSS2_RC_LAYER_MASK) == TSS2_BASE_RC_TRY_AGAIN);
99
100 /* Restore the timeout value to the original value */
101 esysContext->timeout = timeouttmp;
102 return_if_error(r, "Esys Finish");
103
104 return TSS2_RC_SUCCESS;
105 }
106
107 /** Asynchronous function for TPM2_RSA_Decrypt
108 *
109 * This function invokes the TPM2_RSA_Decrypt command in a asynchronous
110 * variant. This means the function will return as soon as the command has been
111 * sent downwards the stack to the TPM. All input parameters are const.
112 * In order to retrieve the TPM's response call Esys_RSA_Decrypt_Finish.
113 *
114 * @param[in,out] esysContext The ESYS_CONTEXT.
115 * @param[in] keyHandle RSA key to use for decryption.
116 * @param[in] shandle1 Session handle for authorization of keyHandle
117 * @param[in] shandle2 Second session handle.
118 * @param[in] shandle3 Third session handle.
119 * @param[in] cipherText Cipher text to be decrypted.
120 * @param[in] inScheme TPM2_The padding scheme to use if scheme associated with
121 * keyHandle is TPM2_ALG_NULL.
122 * @param[in] label Label whose association with the message is to be verified.
123 * @retval ESYS_RC_SUCCESS if the function call was a success.
124 * @retval TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input
125 * pointers or required output handle references are NULL.
126 * @retval TSS2_ESYS_RC_BAD_CONTEXT: if esysContext corruption is detected.
127 * @retval TSS2_ESYS_RC_MEMORY: if the ESAPI cannot allocate enough memory for
128 * internal operations or return parameters.
129 * @retval TSS2_RCs produced by lower layers of the software stack may be
130 returned to the caller unaltered unless handled internally.
131 * @retval TSS2_ESYS_RC_MULTIPLE_DECRYPT_SESSIONS: if more than one session has
132 * the 'decrypt' attribute bit set.
133 * @retval TSS2_ESYS_RC_MULTIPLE_ENCRYPT_SESSIONS: if more than one session has
134 * the 'encrypt' attribute bit set.
135 * @retval TSS2_ESYS_RC_BAD_TR: if any of the ESYS_TR objects are unknown
136 * to the ESYS_CONTEXT or are of the wrong type or if required
137 * ESYS_TR objects are ESYS_TR_NONE.
138 */
139 TSS2_RC
Esys_RSA_Decrypt_Async(ESYS_CONTEXT * esysContext,ESYS_TR keyHandle,ESYS_TR shandle1,ESYS_TR shandle2,ESYS_TR shandle3,const TPM2B_PUBLIC_KEY_RSA * cipherText,const TPMT_RSA_DECRYPT * inScheme,const TPM2B_DATA * label)140 Esys_RSA_Decrypt_Async(
141 ESYS_CONTEXT *esysContext,
142 ESYS_TR keyHandle,
143 ESYS_TR shandle1,
144 ESYS_TR shandle2,
145 ESYS_TR shandle3,
146 const TPM2B_PUBLIC_KEY_RSA *cipherText,
147 const TPMT_RSA_DECRYPT *inScheme,
148 const TPM2B_DATA *label)
149 {
150 TSS2_RC r;
151 LOG_TRACE("context=%p, keyHandle=%"PRIx32 ", cipherText=%p,"
152 "inScheme=%p, label=%p",
153 esysContext, keyHandle, cipherText, inScheme, label);
154 TSS2L_SYS_AUTH_COMMAND auths;
155 RSRC_NODE_T *keyHandleNode;
156
157 /* Check context, sequence correctness and set state to error for now */
158 if (esysContext == NULL) {
159 LOG_ERROR("esyscontext is NULL.");
160 return TSS2_ESYS_RC_BAD_REFERENCE;
161 }
162 r = iesys_check_sequence_async(esysContext);
163 if (r != TSS2_RC_SUCCESS)
164 return r;
165 esysContext->state = _ESYS_STATE_INTERNALERROR;
166
167 /* Check input parameters */
168 r = check_session_feasibility(shandle1, shandle2, shandle3, 1);
169 return_state_if_error(r, _ESYS_STATE_INIT, "Check session usage");
170
171 /* Retrieve the metadata objects for provided handles */
172 r = esys_GetResourceObject(esysContext, keyHandle, &keyHandleNode);
173 return_state_if_error(r, _ESYS_STATE_INIT, "keyHandle unknown.");
174
175 /* Initial invocation of SAPI to prepare the command buffer with parameters */
176 r = Tss2_Sys_RSA_Decrypt_Prepare(esysContext->sys,
177 (keyHandleNode == NULL) ? TPM2_RH_NULL
178 : keyHandleNode->rsrc.handle, cipherText,
179 inScheme, label);
180 return_state_if_error(r, _ESYS_STATE_INIT, "SAPI Prepare returned error.");
181
182 /* Calculate the cpHash Values */
183 r = init_session_tab(esysContext, shandle1, shandle2, shandle3);
184 return_state_if_error(r, _ESYS_STATE_INIT, "Initialize session resources");
185 if (keyHandleNode != NULL)
186 iesys_compute_session_value(esysContext->session_tab[0],
187 &keyHandleNode->rsrc.name, &keyHandleNode->auth);
188 else
189 iesys_compute_session_value(esysContext->session_tab[0], NULL, NULL);
190
191 iesys_compute_session_value(esysContext->session_tab[1], NULL, NULL);
192 iesys_compute_session_value(esysContext->session_tab[2], NULL, NULL);
193
194 /* Generate the auth values and set them in the SAPI command buffer */
195 r = iesys_gen_auths(esysContext, keyHandleNode, NULL, NULL, &auths);
196 return_state_if_error(r, _ESYS_STATE_INIT,
197 "Error in computation of auth values");
198
199 esysContext->authsCount = auths.count;
200 if (auths.count > 0) {
201 r = Tss2_Sys_SetCmdAuths(esysContext->sys, &auths);
202 return_state_if_error(r, _ESYS_STATE_INIT, "SAPI error on SetCmdAuths");
203 }
204
205 /* Trigger execution and finish the async invocation */
206 r = Tss2_Sys_ExecuteAsync(esysContext->sys);
207 return_state_if_error(r, _ESYS_STATE_INTERNALERROR,
208 "Finish (Execute Async)");
209
210 esysContext->state = _ESYS_STATE_SENT;
211
212 return r;
213 }
214
215 /** Asynchronous finish function for TPM2_RSA_Decrypt
216 *
217 * This function returns the results of a TPM2_RSA_Decrypt command
218 * invoked via Esys_RSA_Decrypt_Finish. All non-simple output parameters
219 * are allocated by the function's implementation. NULL can be passed for every
220 * output parameter if the value is not required.
221 *
222 * @param[in,out] esysContext The ESYS_CONTEXT.
223 * @param[out] message Decrypted output.
224 * (callee-allocated)
225 * @retval TSS2_RC_SUCCESS on success
226 * @retval ESYS_RC_SUCCESS if the function call was a success.
227 * @retval TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input
228 * pointers or required output handle references are NULL.
229 * @retval TSS2_ESYS_RC_BAD_CONTEXT: if esysContext corruption is detected.
230 * @retval TSS2_ESYS_RC_MEMORY: if the ESAPI cannot allocate enough memory for
231 * internal operations or return parameters.
232 * @retval TSS2_ESYS_RC_BAD_SEQUENCE: if the context has an asynchronous
233 * operation already pending.
234 * @retval TSS2_ESYS_RC_TRY_AGAIN: if the timeout counter expires before the
235 * TPM response is received.
236 * @retval TSS2_ESYS_RC_INSUFFICIENT_RESPONSE: if the TPM's response does not
237 * at least contain the tag, response length, and response code.
238 * @retval TSS2_ESYS_RC_RSP_AUTH_FAILED: if the response HMAC from the TPM did
239 * not verify.
240 * @retval TSS2_ESYS_RC_MALFORMED_RESPONSE: if the TPM's response is corrupted.
241 * @retval TSS2_RCs produced by lower layers of the software stack may be
242 * returned to the caller unaltered unless handled internally.
243 */
244 TSS2_RC
Esys_RSA_Decrypt_Finish(ESYS_CONTEXT * esysContext,TPM2B_PUBLIC_KEY_RSA ** message)245 Esys_RSA_Decrypt_Finish(
246 ESYS_CONTEXT *esysContext,
247 TPM2B_PUBLIC_KEY_RSA **message)
248 {
249 TSS2_RC r;
250 LOG_TRACE("context=%p, message=%p",
251 esysContext, message);
252
253 if (esysContext == NULL) {
254 LOG_ERROR("esyscontext is NULL.");
255 return TSS2_ESYS_RC_BAD_REFERENCE;
256 }
257
258 /* Check for correct sequence and set sequence to irregular for now */
259 if (esysContext->state != _ESYS_STATE_SENT &&
260 esysContext->state != _ESYS_STATE_RESUBMISSION) {
261 LOG_ERROR("Esys called in bad sequence.");
262 return TSS2_ESYS_RC_BAD_SEQUENCE;
263 }
264 esysContext->state = _ESYS_STATE_INTERNALERROR;
265
266 /* Allocate memory for response parameters */
267 if (message != NULL) {
268 *message = calloc(sizeof(TPM2B_PUBLIC_KEY_RSA), 1);
269 if (*message == NULL) {
270 return_error(TSS2_ESYS_RC_MEMORY, "Out of memory");
271 }
272 }
273
274 /*Receive the TPM response and handle resubmissions if necessary. */
275 r = Tss2_Sys_ExecuteFinish(esysContext->sys, esysContext->timeout);
276 if ((r & ~TSS2_RC_LAYER_MASK) == TSS2_BASE_RC_TRY_AGAIN) {
277 LOG_DEBUG("A layer below returned TRY_AGAIN: %" PRIx32, r);
278 esysContext->state = _ESYS_STATE_SENT;
279 goto error_cleanup;
280 }
281 /* This block handle the resubmission of TPM commands given a certain set of
282 * TPM response codes. */
283 if (r == TPM2_RC_RETRY || r == TPM2_RC_TESTING || r == TPM2_RC_YIELDED) {
284 LOG_DEBUG("TPM returned RETRY, TESTING or YIELDED, which triggers a "
285 "resubmission: %" PRIx32, r);
286 if (esysContext->submissionCount++ >= _ESYS_MAX_SUBMISSIONS) {
287 LOG_WARNING("Maximum number of (re)submissions has been reached.");
288 esysContext->state = _ESYS_STATE_INIT;
289 goto error_cleanup;
290 }
291 esysContext->state = _ESYS_STATE_RESUBMISSION;
292 r = Tss2_Sys_ExecuteAsync(esysContext->sys);
293 if (r != TSS2_RC_SUCCESS) {
294 LOG_WARNING("Error attempting to resubmit");
295 /* We do not set esysContext->state here but inherit the most recent
296 * state of the _async function. */
297 goto error_cleanup;
298 }
299 r = TSS2_ESYS_RC_TRY_AGAIN;
300 LOG_DEBUG("Resubmission initiated and returning RC_TRY_AGAIN.");
301 goto error_cleanup;
302 }
303 /* The following is the "regular error" handling. */
304 if (iesys_tpm_error(r)) {
305 LOG_WARNING("Received TPM Error");
306 esysContext->state = _ESYS_STATE_INIT;
307 goto error_cleanup;
308 } else if (r != TSS2_RC_SUCCESS) {
309 LOG_ERROR("Received a non-TPM Error");
310 esysContext->state = _ESYS_STATE_INTERNALERROR;
311 goto error_cleanup;
312 }
313
314 /*
315 * Now the verification of the response (hmac check) and if necessary the
316 * parameter decryption have to be done.
317 */
318 r = iesys_check_response(esysContext);
319 goto_state_if_error(r, _ESYS_STATE_INTERNALERROR, "Error: check response",
320 error_cleanup);
321
322 /*
323 * After the verification of the response we call the complete function
324 * to deliver the result.
325 */
326 r = Tss2_Sys_RSA_Decrypt_Complete(esysContext->sys,
327 (message != NULL) ? *message : NULL);
328 goto_state_if_error(r, _ESYS_STATE_INTERNALERROR,
329 "Received error from SAPI unmarshaling" ,
330 error_cleanup);
331
332 esysContext->state = _ESYS_STATE_INIT;
333
334 return TSS2_RC_SUCCESS;
335
336 error_cleanup:
337 if (message != NULL)
338 SAFE_FREE(*message);
339
340 return r;
341 }
342