1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3 * Copyright 2017, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
5 *******************************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include <stdio.h>
12 #include <stdbool.h>
13 #include <stdlib.h>
14 #include <string.h>
15 #include <sys/stat.h>
16
17 #include "tss2_esys.h"
18 #include "tss2_fapi.h"
19
20 #include "test-fapi.h"
21
22 #define LOGDEFAULT LOGLEVEL_INFO
23 #define LOGMODULE test
24 #include "util/log.h"
25 #include "util/aux_util.h"
26
27 #ifndef FAPI_PROFILE
28 #define FAPI_PROFILE "P_ECC"
29 #endif /* FAPI_PROFILE */
30
31 char *fapi_profile = NULL;
32
33 TSS2_RC
pcr_reset(FAPI_CONTEXT * context,UINT32 pcr)34 pcr_reset(FAPI_CONTEXT *context, UINT32 pcr)
35 {
36 TSS2_RC r;
37 TSS2_TCTI_CONTEXT *tcti;
38 ESYS_CONTEXT *esys;
39
40 r = Fapi_GetTcti(context, &tcti);
41 goto_if_error(r, "Error Fapi_GetTcti", error);
42
43 r = Esys_Initialize(&esys, tcti, NULL);
44 goto_if_error(r, "Error Fapi_GetTcti", error);
45
46 r = Esys_PCR_Reset(esys, pcr,
47 ESYS_TR_PASSWORD, ESYS_TR_NONE, ESYS_TR_NONE);
48 Esys_Finalize(&esys);
49 goto_if_error(r, "Error Eys_PCR_Reset", error);
50
51 error:
52 return r;
53 }
54
55 /**
56 * This program is a template for integration tests (ones that use the TCTI,
57 * the ESAPI, and FAPI contexts / API directly). It does nothing more than
58 * parsing command line options that allow the caller (likely a script)
59 * to specifywhich TCTI to use for the test using getenv("TPM20TEST_TCTI").
60 */
61 int
main(int argc,char * argv[])62 main(int argc, char *argv[])
63 {
64 TSS2_RC rc;
65 FAPI_CONTEXT *fapi_context = NULL;
66
67 int ret, size;
68 char *config = NULL;
69 char *config_path = NULL;
70 char *config_env = NULL;
71 char *remove_cmd = NULL;
72 char *system_dir = NULL;
73
74 FILE *config_file;
75
76 char template[] = "/tmp/fapi_tmpdir.XXXXXX";
77
78 char *tmpdir = mkdtemp(template);
79 if (!tmpdir) {
80 LOG_ERROR("No temp dir created");
81 return EXIT_ERROR;
82 }
83
84 fapi_profile = FAPI_PROFILE;
85
86 /* First we construct a fapi config file */
87 #if defined(FAPI_NONTPM)
88 size = asprintf(&config, "{\n"
89 " \"profile_name\": \"" FAPI_PROFILE "\",\n"
90 " \"profile_dir\": \"" TOP_SOURCEDIR "/test/data/fapi/\",\n"
91 " \"user_dir\": \"%s/user/dir\",\n"
92 " \"system_dir\": \"%s/system_dir\",\n"
93 " \"system_pcrs\" : [],\n"
94 " \"log_dir\" : \"%s\",\n"
95 " \"tcti\": \"none\",\n"
96 "}\n",
97 tmpdir, tmpdir, tmpdir);
98 #elif defined(FAPI_TEST_FINGERPRINT)
99 size = asprintf(&config, "{\n"
100 " \"profile_name\": \"" FAPI_PROFILE "\",\n"
101 " \"profile_dir\": \"" TOP_SOURCEDIR "/test/data/fapi/\",\n"
102 " \"user_dir\": \"%s/user/dir\",\n"
103 " \"system_dir\": \"%s/system_dir\",\n"
104 " \"system_pcrs\" : [],\n"
105 " \"log_dir\" : \"%s\",\n"
106 " \"tcti\": \"%s\",\n"
107 #if defined(FAPI_TEST_EK_CERT_LESS)
108 " \"ek_cert_less\": \"yes\",\n"
109 #else
110 " \"ek_fingerprint\": %s,\n"
111 #endif
112 "}\n",
113 tmpdir, tmpdir, tmpdir,
114 getenv("TPM20TEST_TCTI"),
115 getenv("FAPI_TEST_FINGERPRINT"));
116 #elif defined(FAPI_TEST_CERTIFICATE)
117 size = asprintf(&config, "{\n"
118 " \"profile_name\": \"" FAPI_PROFILE "\",\n"
119 " \"profile_dir\": \"" TOP_SOURCEDIR "/test/data/fapi/\",\n"
120 " \"user_dir\": \"%s/user/dir\",\n"
121 " \"system_dir\": \"%s/system_dir\",\n"
122 " \"system_pcrs\" : [],\n"
123 " \"log_dir\" : \"%s\",\n"
124 " \"tcti\": \"%s\",\n"
125 #if defined(FAPI_TEST_EK_CERT_LESS)
126 " \"ek_cert_less\": \"yes\",\n"
127 #else
128 " \"ek_cert_file\": \"%s\",\n"
129 #endif
130 "}\n",
131 tmpdir, tmpdir, tmpdir,
132 getenv("TPM20TEST_TCTI"),
133 getenv("FAPI_TEST_CERTIFICATE"));
134 #elif defined(FAPI_TEST_FINGERPRINT_ECC)
135 size = asprintf(&config, "{\n"
136 " \"profile_name\": \"" FAPI_PROFILE "\",\n"
137 " \"profile_dir\": \"" TOP_SOURCEDIR "/test/data/fapi/\",\n"
138 " \"user_dir\": \"%s/user/dir\",\n"
139 " \"system_dir\": \"%s/system_dir\",\n"
140 " \"system_pcrs\" : [],\n"
141 " \"log_dir\" : \"%s\",\n"
142 " \"tcti\": \"%s\",\n"
143 #if defined(FAPI_TEST_EK_CERT_LESS)
144 " \"ek_cert_less\": \"yes\",\n"
145 #else
146 " \"ek_fingerprint\": %s,\n"
147 #endif
148 "}\n",
149 tmpdir, tmpdir, tmpdir,
150 getenv("TPM20TEST_TCTI"),
151 getenv("FAPI_TEST_FINGERPRINT_ECC"));
152 #elif defined(FAPI_TEST_CERTIFICATE_ECC)
153 size = asprintf(&config, "{\n"
154 " \"profile_name\": \"" FAPI_PROFILE "\",\n"
155 " \"profile_dir\": \"" TOP_SOURCEDIR "/test/data/fapi/\",\n"
156 " \"user_dir\": \"%s/user/dir\",\n"
157 " \"system_dir\": \"%s/system_dir\",\n"
158 " \"system_pcrs\" : [],\n"
159 " \"log_dir\" : \"%s\",\n"
160 " \"tcti\": \"%s\",\n"
161 #if defined(FAPI_TEST_EK_CERT_LESS)
162 " \"ek_cert_less\": \"yes\",\n"
163 #else
164 " \"ek_cert_file\": \"%s\",\n"
165 #endif
166 "}\n",
167 tmpdir, tmpdir, tmpdir,
168 getenv("TPM20TEST_TCTI"),
169 getenv("FAPI_TEST_CERTIFICATE_ECC"));
170 #else /* FAPI_NONTPM */
171 size = asprintf(&config, "{\n"
172 " \"profile_name\": \"" FAPI_PROFILE "\",\n"
173 " \"profile_dir\": \"" TOP_SOURCEDIR "/test/data/fapi/\",\n"
174 " \"user_dir\": \"%s/user/dir\",\n"
175 " \"system_dir\": \"%s/system_dir\",\n"
176 " \"system_pcrs\" : [],\n"
177 " \"log_dir\" : \"%s\",\n"
178 " \"tcti\": \"%s\",\n"
179 #if defined(FAPI_TEST_EK_CERT_LESS)
180 " \"ek_cert_less\": \"yes\",\n"
181 #endif
182 "}\n",
183 tmpdir, tmpdir, tmpdir,
184 getenv("TPM20TEST_TCTI"));
185 #endif /* FAPI_NONTPM */
186 if (size < 0) {
187 LOG_ERROR("Out of memory");
188 ret = EXIT_ERROR;
189 goto error;
190 }
191
192 size = asprintf(&system_dir, "%s/system_dir/", tmpdir);
193 if (size < 0) {
194 LOG_ERROR("Out of memory");
195 ret = EXIT_ERROR;
196 goto error;
197 }
198
199 int rc_mkdir = mkdir(system_dir, 0777);
200 if (rc_mkdir != 0) {
201 LOG_ERROR("mkdir not possible: %i %s", rc_mkdir, system_dir);
202 ret = EXIT_ERROR;
203 goto error;
204 }
205
206 if (size < 0) {
207 LOG_ERROR("Out of memory");
208 ret = EXIT_ERROR;
209 goto error;
210 }
211 LOG_INFO("Using config:\n%s", config);
212
213 /* We construct the path for the config file */
214 size = asprintf(&config_path, "%s/fapi-config.json", tmpdir);
215 if (size < 0) {
216 LOG_ERROR("Out of memory");
217 ret = EXIT_ERROR;
218 goto error;
219 }
220
221 /* We write the config file to disk */
222 config_file = fopen(config_path, "w");
223 if (!config_file) {
224 LOG_ERROR("Opening config file for writing");
225 perror(config_path);
226 ret = EXIT_ERROR;
227 goto error;
228 }
229 size = fprintf(config_file, "%s", config);
230 fclose(config_file);
231 if (size < 0) {
232 LOG_ERROR("Writing config file");
233 perror(config_path);
234 ret = EXIT_ERROR;
235 goto error;
236 }
237
238 /* We set the environment variable for FAPI to consume the config file */
239 size = asprintf(&config_env, "TSS2_FAPICONF=%s", config_path);
240 if (size < 0) {
241 LOG_ERROR("Out of memory");
242 ret = EXIT_ERROR;
243 goto error;
244 }
245 putenv(config_env);
246
247 /***********
248 * Call FAPI
249 ***********/
250
251 rc = Fapi_Initialize(&fapi_context, NULL);
252 if (rc != TSS2_RC_SUCCESS) {
253 LOG_ERROR("Esys_Initialize FAILED! Response Code : 0x%x", rc);
254 ret = EXIT_FAILURE;
255 goto error;
256 }
257
258 ret = test_invoke_fapi(fapi_context);
259 LOG_INFO("Test returned %i", ret);
260 if (ret) goto error;
261
262 size = asprintf(&remove_cmd, "rm -r -f %s", tmpdir);
263 if (size < 0) {
264 LOG_ERROR("Out of memory");
265 ret = EXIT_ERROR;
266 goto error;
267 }
268 if (system(remove_cmd) != 0) {
269 LOG_ERROR("Directory %s can't be deleted.", tmpdir);
270 ret = EXIT_ERROR;
271 goto error;
272 }
273
274 error:
275 Fapi_Finalize(&fapi_context);
276
277 if (system_dir) free(system_dir);
278 if (config) free(config);
279 if (config_path) free(config_path);
280 if (config_env) free(config_env);
281 if (remove_cmd) free(remove_cmd);
282
283 return ret;
284 }
285