1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3 * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
5 ******************************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include "tss2_mu.h"
12 #include "tss2_sys.h"
13 #include "tss2_esys.h"
14
15 #include "esys_types.h"
16 #include "esys_iutil.h"
17 #include "esys_mu.h"
18 #define LOGMODULE esys
19 #include "util/log.h"
20 #include "util/aux_util.h"
21
22 /** One-Call function for TPM2_VerifySignature
23 *
24 * This function invokes the TPM2_VerifySignature command in a one-call
25 * variant. This means the function will block until the TPM response is
26 * available. All input parameters are const. The memory for non-simple output
27 * parameters is allocated by the function implementation.
28 *
29 * @param[in,out] esysContext The ESYS_CONTEXT.
30 * @param[in] keyHandle Handle of public key that will be used in the
31 * validation.
32 * @param[in] shandle1 First session handle.
33 * @param[in] shandle2 Second session handle.
34 * @param[in] shandle3 Third session handle.
35 * @param[in] digest Digest of the signed message.
36 * @param[in] signature Signature to be tested.
37 * @param[out] validation .
38 * (callee-allocated)
39 * @retval TSS2_RC_SUCCESS if the function call was a success.
40 * @retval TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input
41 * pointers or required output handle references are NULL.
42 * @retval TSS2_ESYS_RC_BAD_CONTEXT: if esysContext corruption is detected.
43 * @retval TSS2_ESYS_RC_MEMORY: if the ESAPI cannot allocate enough memory for
44 * internal operations or return parameters.
45 * @retval TSS2_ESYS_RC_BAD_SEQUENCE: if the context has an asynchronous
46 * operation already pending.
47 * @retval TSS2_ESYS_RC_INSUFFICIENT_RESPONSE: if the TPM's response does not
48 * at least contain the tag, response length, and response code.
49 * @retval TSS2_ESYS_RC_MALFORMED_RESPONSE: if the TPM's response is corrupted.
50 * @retval TSS2_ESYS_RC_RSP_AUTH_FAILED: if the response HMAC from the TPM
51 did not verify.
52 * @retval TSS2_ESYS_RC_MULTIPLE_DECRYPT_SESSIONS: if more than one session has
53 * the 'decrypt' attribute bit set.
54 * @retval TSS2_ESYS_RC_MULTIPLE_ENCRYPT_SESSIONS: if more than one session has
55 * the 'encrypt' attribute bit set.
56 * @retval TSS2_ESYS_RC_BAD_TR: if any of the ESYS_TR objects are unknown
57 * to the ESYS_CONTEXT or are of the wrong type or if required
58 * ESYS_TR objects are ESYS_TR_NONE.
59 * @retval TSS2_ESYS_RC_NO_ENCRYPT_PARAM: if one of the sessions has the
60 * 'encrypt' attribute set and the command does not support encryption
61 * of the first response parameter.
62 * @retval TSS2_RCs produced by lower layers of the software stack may be
63 * returned to the caller unaltered unless handled internally.
64 */
65 TSS2_RC
Esys_VerifySignature(ESYS_CONTEXT * esysContext,ESYS_TR keyHandle,ESYS_TR shandle1,ESYS_TR shandle2,ESYS_TR shandle3,const TPM2B_DIGEST * digest,const TPMT_SIGNATURE * signature,TPMT_TK_VERIFIED ** validation)66 Esys_VerifySignature(
67 ESYS_CONTEXT *esysContext,
68 ESYS_TR keyHandle,
69 ESYS_TR shandle1,
70 ESYS_TR shandle2,
71 ESYS_TR shandle3,
72 const TPM2B_DIGEST *digest,
73 const TPMT_SIGNATURE *signature,
74 TPMT_TK_VERIFIED **validation)
75 {
76 TSS2_RC r;
77
78 r = Esys_VerifySignature_Async(esysContext, keyHandle, shandle1, shandle2,
79 shandle3, digest, signature);
80 return_if_error(r, "Error in async function");
81
82 /* Set the timeout to indefinite for now, since we want _Finish to block */
83 int32_t timeouttmp = esysContext->timeout;
84 esysContext->timeout = -1;
85 /*
86 * Now we call the finish function, until return code is not equal to
87 * from TSS2_BASE_RC_TRY_AGAIN.
88 * Note that the finish function may return TSS2_RC_TRY_AGAIN, even if we
89 * have set the timeout to -1. This occurs for example if the TPM requests
90 * a retransmission of the command via TPM2_RC_YIELDED.
91 */
92 do {
93 r = Esys_VerifySignature_Finish(esysContext, validation);
94 /* This is just debug information about the reattempt to finish the
95 command */
96 if ((r & ~TSS2_RC_LAYER_MASK) == TSS2_BASE_RC_TRY_AGAIN)
97 LOG_DEBUG("A layer below returned TRY_AGAIN: %" PRIx32
98 " => resubmitting command", r);
99 } while ((r & ~TSS2_RC_LAYER_MASK) == TSS2_BASE_RC_TRY_AGAIN);
100
101 /* Restore the timeout value to the original value */
102 esysContext->timeout = timeouttmp;
103 return_if_error(r, "Esys Finish");
104
105 return TSS2_RC_SUCCESS;
106 }
107
108 /** Asynchronous function for TPM2_VerifySignature
109 *
110 * This function invokes the TPM2_VerifySignature command in a asynchronous
111 * variant. This means the function will return as soon as the command has been
112 * sent downwards the stack to the TPM. All input parameters are const.
113 * In order to retrieve the TPM's response call Esys_VerifySignature_Finish.
114 *
115 * @param[in,out] esysContext The ESYS_CONTEXT.
116 * @param[in] keyHandle Handle of public key that will be used in the
117 * validation.
118 * @param[in] shandle1 First session handle.
119 * @param[in] shandle2 Second session handle.
120 * @param[in] shandle3 Third session handle.
121 * @param[in] digest Digest of the signed message.
122 * @param[in] signature Signature to be tested.
123 * @retval ESYS_RC_SUCCESS if the function call was a success.
124 * @retval TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input
125 * pointers or required output handle references are NULL.
126 * @retval TSS2_ESYS_RC_BAD_CONTEXT: if esysContext corruption is detected.
127 * @retval TSS2_ESYS_RC_MEMORY: if the ESAPI cannot allocate enough memory for
128 * internal operations or return parameters.
129 * @retval TSS2_RCs produced by lower layers of the software stack may be
130 returned to the caller unaltered unless handled internally.
131 * @retval TSS2_ESYS_RC_MULTIPLE_DECRYPT_SESSIONS: if more than one session has
132 * the 'decrypt' attribute bit set.
133 * @retval TSS2_ESYS_RC_MULTIPLE_ENCRYPT_SESSIONS: if more than one session has
134 * the 'encrypt' attribute bit set.
135 * @retval TSS2_ESYS_RC_BAD_TR: if any of the ESYS_TR objects are unknown
136 * to the ESYS_CONTEXT or are of the wrong type or if required
137 * ESYS_TR objects are ESYS_TR_NONE.
138 * @retval TSS2_ESYS_RC_NO_ENCRYPT_PARAM: if one of the sessions has the
139 * 'encrypt' attribute set and the command does not support encryption
140 * of the first response parameter.
141 */
142 TSS2_RC
Esys_VerifySignature_Async(ESYS_CONTEXT * esysContext,ESYS_TR keyHandle,ESYS_TR shandle1,ESYS_TR shandle2,ESYS_TR shandle3,const TPM2B_DIGEST * digest,const TPMT_SIGNATURE * signature)143 Esys_VerifySignature_Async(
144 ESYS_CONTEXT *esysContext,
145 ESYS_TR keyHandle,
146 ESYS_TR shandle1,
147 ESYS_TR shandle2,
148 ESYS_TR shandle3,
149 const TPM2B_DIGEST *digest,
150 const TPMT_SIGNATURE *signature)
151 {
152 TSS2_RC r;
153 LOG_TRACE("context=%p, keyHandle=%"PRIx32 ", digest=%p,"
154 "signature=%p",
155 esysContext, keyHandle, digest, signature);
156 TSS2L_SYS_AUTH_COMMAND auths;
157 RSRC_NODE_T *keyHandleNode;
158
159 /* Check context, sequence correctness and set state to error for now */
160 if (esysContext == NULL) {
161 LOG_ERROR("esyscontext is NULL.");
162 return TSS2_ESYS_RC_BAD_REFERENCE;
163 }
164 r = iesys_check_sequence_async(esysContext);
165 if (r != TSS2_RC_SUCCESS)
166 return r;
167 esysContext->state = _ESYS_STATE_INTERNALERROR;
168
169 /* Check input parameters */
170 r = check_session_feasibility(shandle1, shandle2, shandle3, 0);
171 return_state_if_error(r, _ESYS_STATE_INIT, "Check session usage");
172
173 /* Retrieve the metadata objects for provided handles */
174 r = esys_GetResourceObject(esysContext, keyHandle, &keyHandleNode);
175 return_state_if_error(r, _ESYS_STATE_INIT, "keyHandle unknown.");
176
177 /* Initial invocation of SAPI to prepare the command buffer with parameters */
178 r = Tss2_Sys_VerifySignature_Prepare(esysContext->sys,
179 (keyHandleNode == NULL) ? TPM2_RH_NULL
180 : keyHandleNode->rsrc.handle, digest,
181 signature);
182 return_state_if_error(r, _ESYS_STATE_INIT, "SAPI Prepare returned error.");
183
184 /* Calculate the cpHash Values */
185 r = init_session_tab(esysContext, shandle1, shandle2, shandle3);
186 return_state_if_error(r, _ESYS_STATE_INIT, "Initialize session resources");
187 iesys_compute_session_value(esysContext->session_tab[0], NULL, NULL);
188 iesys_compute_session_value(esysContext->session_tab[1], NULL, NULL);
189 iesys_compute_session_value(esysContext->session_tab[2], NULL, NULL);
190
191 /* Generate the auth values and set them in the SAPI command buffer */
192 r = iesys_gen_auths(esysContext, keyHandleNode, NULL, NULL, &auths);
193 return_state_if_error(r, _ESYS_STATE_INIT,
194 "Error in computation of auth values");
195
196 esysContext->authsCount = auths.count;
197 if (auths.count > 0) {
198 r = Tss2_Sys_SetCmdAuths(esysContext->sys, &auths);
199 return_state_if_error(r, _ESYS_STATE_INIT, "SAPI error on SetCmdAuths");
200 }
201
202 /* Trigger execution and finish the async invocation */
203 r = Tss2_Sys_ExecuteAsync(esysContext->sys);
204 return_state_if_error(r, _ESYS_STATE_INTERNALERROR,
205 "Finish (Execute Async)");
206
207 esysContext->state = _ESYS_STATE_SENT;
208
209 return r;
210 }
211
212 /** Asynchronous finish function for TPM2_VerifySignature
213 *
214 * This function returns the results of a TPM2_VerifySignature command
215 * invoked via Esys_VerifySignature_Finish. All non-simple output parameters
216 * are allocated by the function's implementation. NULL can be passed for every
217 * output parameter if the value is not required.
218 *
219 * @param[in,out] esysContext The ESYS_CONTEXT.
220 * @param[out] validation .
221 * (callee-allocated)
222 * @retval TSS2_RC_SUCCESS on success
223 * @retval ESYS_RC_SUCCESS if the function call was a success.
224 * @retval TSS2_ESYS_RC_BAD_REFERENCE if the esysContext or required input
225 * pointers or required output handle references are NULL.
226 * @retval TSS2_ESYS_RC_BAD_CONTEXT: if esysContext corruption is detected.
227 * @retval TSS2_ESYS_RC_MEMORY: if the ESAPI cannot allocate enough memory for
228 * internal operations or return parameters.
229 * @retval TSS2_ESYS_RC_BAD_SEQUENCE: if the context has an asynchronous
230 * operation already pending.
231 * @retval TSS2_ESYS_RC_TRY_AGAIN: if the timeout counter expires before the
232 * TPM response is received.
233 * @retval TSS2_ESYS_RC_INSUFFICIENT_RESPONSE: if the TPM's response does not
234 * at least contain the tag, response length, and response code.
235 * @retval TSS2_ESYS_RC_RSP_AUTH_FAILED: if the response HMAC from the TPM did
236 * not verify.
237 * @retval TSS2_ESYS_RC_MALFORMED_RESPONSE: if the TPM's response is corrupted.
238 * @retval TSS2_RCs produced by lower layers of the software stack may be
239 * returned to the caller unaltered unless handled internally.
240 */
241 TSS2_RC
Esys_VerifySignature_Finish(ESYS_CONTEXT * esysContext,TPMT_TK_VERIFIED ** validation)242 Esys_VerifySignature_Finish(
243 ESYS_CONTEXT *esysContext,
244 TPMT_TK_VERIFIED **validation)
245 {
246 TSS2_RC r;
247 LOG_TRACE("context=%p, validation=%p",
248 esysContext, validation);
249
250 if (esysContext == NULL) {
251 LOG_ERROR("esyscontext is NULL.");
252 return TSS2_ESYS_RC_BAD_REFERENCE;
253 }
254
255 /* Check for correct sequence and set sequence to irregular for now */
256 if (esysContext->state != _ESYS_STATE_SENT &&
257 esysContext->state != _ESYS_STATE_RESUBMISSION) {
258 LOG_ERROR("Esys called in bad sequence.");
259 return TSS2_ESYS_RC_BAD_SEQUENCE;
260 }
261 esysContext->state = _ESYS_STATE_INTERNALERROR;
262
263 /* Allocate memory for response parameters */
264 if (validation != NULL) {
265 *validation = calloc(sizeof(TPMT_TK_VERIFIED), 1);
266 if (*validation == NULL) {
267 return_error(TSS2_ESYS_RC_MEMORY, "Out of memory");
268 }
269 }
270
271 /*Receive the TPM response and handle resubmissions if necessary. */
272 r = Tss2_Sys_ExecuteFinish(esysContext->sys, esysContext->timeout);
273 if ((r & ~TSS2_RC_LAYER_MASK) == TSS2_BASE_RC_TRY_AGAIN) {
274 LOG_DEBUG("A layer below returned TRY_AGAIN: %" PRIx32, r);
275 esysContext->state = _ESYS_STATE_SENT;
276 goto error_cleanup;
277 }
278 /* This block handle the resubmission of TPM commands given a certain set of
279 * TPM response codes. */
280 if (r == TPM2_RC_RETRY || r == TPM2_RC_TESTING || r == TPM2_RC_YIELDED) {
281 LOG_DEBUG("TPM returned RETRY, TESTING or YIELDED, which triggers a "
282 "resubmission: %" PRIx32, r);
283 if (esysContext->submissionCount++ >= _ESYS_MAX_SUBMISSIONS) {
284 LOG_WARNING("Maximum number of (re)submissions has been reached.");
285 esysContext->state = _ESYS_STATE_INIT;
286 goto error_cleanup;
287 }
288 esysContext->state = _ESYS_STATE_RESUBMISSION;
289 r = Tss2_Sys_ExecuteAsync(esysContext->sys);
290 if (r != TSS2_RC_SUCCESS) {
291 LOG_WARNING("Error attempting to resubmit");
292 /* We do not set esysContext->state here but inherit the most recent
293 * state of the _async function. */
294 goto error_cleanup;
295 }
296 r = TSS2_ESYS_RC_TRY_AGAIN;
297 LOG_DEBUG("Resubmission initiated and returning RC_TRY_AGAIN.");
298 goto error_cleanup;
299 }
300 /* The following is the "regular error" handling. */
301 if (iesys_tpm_error(r)) {
302 LOG_WARNING("Received TPM Error");
303 esysContext->state = _ESYS_STATE_INIT;
304 goto error_cleanup;
305 } else if (r != TSS2_RC_SUCCESS) {
306 LOG_ERROR("Received a non-TPM Error");
307 esysContext->state = _ESYS_STATE_INTERNALERROR;
308 goto error_cleanup;
309 }
310
311 /*
312 * Now the verification of the response (hmac check) and if necessary the
313 * parameter decryption have to be done.
314 */
315 r = iesys_check_response(esysContext);
316 goto_state_if_error(r, _ESYS_STATE_INTERNALERROR, "Error: check response",
317 error_cleanup);
318
319 /*
320 * After the verification of the response we call the complete function
321 * to deliver the result.
322 */
323 r = Tss2_Sys_VerifySignature_Complete(esysContext->sys,
324 (validation != NULL) ? *validation
325 : NULL);
326 goto_state_if_error(r, _ESYS_STATE_INTERNALERROR,
327 "Received error from SAPI unmarshaling" ,
328 error_cleanup);
329
330 esysContext->state = _ESYS_STATE_INIT;
331
332 return TSS2_RC_SUCCESS;
333
334 error_cleanup:
335 if (validation != NULL)
336 SAFE_FREE(*validation);
337
338 return r;
339 }
340