1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************
3 * Copyright (c) 2017-2018, Intel Corporation
4 *
5 * All rights reserved.
6 ***********************************************************************/
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include <inttypes.h>
12 #include <stdio.h>
13 #include <stdlib.h>
14 #include <string.h>
15
16 #include <openssl/rand.h>
17
18 #include "tss2_mu.h"
19 #include "tss2_sys.h"
20
21 #define LOGMODULE test
22 #include "util/log.h"
23 #include "test-esapi.h"
24 #include "test.h"
25 #include "sapi-util.h"
26
27 int
test_invoke(TSS2_SYS_CONTEXT * sapi_context)28 test_invoke (TSS2_SYS_CONTEXT *sapi_context)
29 {
30 TSS2_RC rc;
31 TPM2B_ENCRYPTED_SECRET encrypted_salt = { 0 };
32 TPMI_SH_AUTH_SESSION session_handle = 0;
33 TPMT_SYM_DEF symmetric = { .algorithm = TPM2_ALG_NULL };
34 TSS2L_SYS_AUTH_COMMAND cmd_auth = {
35 .count = 1,
36 .auths = {{
37 .sessionHandle = TPM2_RS_PW,
38 }},
39 };
40 TSS2L_SYS_AUTH_RESPONSE rsp_auth = { 0 };
41 TPM2B_NONCE nonce_caller = {
42 .size = TPM2_SHA256_DIGEST_SIZE,
43 .buffer = { 0 }
44 };
45 TPM2B_NONCE nonce_tpm = {
46 .size = TPM2_SHA256_DIGEST_SIZE,
47 .buffer = { 0 }
48 };
49
50 /* First start a policy session */
51 LOG_INFO("Calling StartAuthSession policy session");
52 rc = Tss2_Sys_StartAuthSession (sapi_context,
53 TPM2_RH_NULL, /* tpmKey */
54 TPM2_RH_NULL, /* bind */
55 NULL, /* cmdAuthsArray */
56 &nonce_caller, /* nonceCaller */
57 &encrypted_salt, /* encryptedSalt */
58 TPM2_SE_POLICY, /* sessionType */
59 &symmetric, /* symmetric */
60 TPM2_ALG_SHA256, /* authHash */
61 &session_handle, /* sessionHandle */
62 &nonce_tpm, /* nonceTPM */
63 NULL /* rspAuthsArray */
64 );
65 if (rc != TSS2_RC_SUCCESS) {
66 LOG_ERROR("StartAuthSession failed: 0x%" PRIx32, rc);
67 exit(1);
68 }
69 LOG_INFO("StartAuthSession TPM2_SE_POLICY success! Session handle: "
70 "0x%" PRIx32, session_handle);
71
72 /*
73 * Then create an NV space where the digest required for PolicyAuthorizeNV
74 * will be stored.
75 */
76 TPM2B_NV_PUBLIC nv_public = { 0 };
77 TPM2B_AUTH nv_auth = {
78 .size = TPM2_SHA256_DIGEST_SIZE,
79 };
80 TPMI_RH_NV_INDEX nv_index = TPM2_HR_NV_INDEX | 0x01;
81
82 nv_public.nvPublic.nvIndex = nv_index;
83 nv_public.nvPublic.nameAlg = TPM2_ALG_SHA256;
84 nv_public.nvPublic.attributes = TPMA_NV_PPREAD;
85 nv_public.nvPublic.attributes |= TPMA_NV_PPWRITE;
86 nv_public.nvPublic.attributes |= TPMA_NV_WRITE_STCLEAR;
87 nv_public.nvPublic.attributes |= TPMA_NV_ORDERLY;
88 nv_public.nvPublic.attributes |= TPMA_NV_OWNERREAD;
89 nv_public.nvPublic.attributes |= TPMA_NV_OWNERWRITE;
90 nv_public.nvPublic.authPolicy.size = 0;
91 nv_public.nvPublic.dataSize = sizeof(TPMT_HA);
92 cmd_auth.count = 1;
93 cmd_auth.auths[0].sessionHandle = TPM2_RS_PW;
94 cmd_auth.auths[0].hmac.size = 0;
95
96 LOG_INFO("Calling NV_DefineSpace");
97 rc = Tss2_Sys_NV_DefineSpace (sapi_context,
98 TPM2_RH_OWNER,
99 &cmd_auth,
100 &nv_auth,
101 &nv_public,
102 &rsp_auth);
103 if (rc != TSS2_RC_SUCCESS) {
104 LOG_ERROR("NV_DefineSpace failed: 0x%" PRIx32, rc);
105 exit(1);
106 }
107 LOG_INFO("NV_DefineSpace success!, NV_index: 0x%x", nv_index);
108
109 TPM2B_MAX_NV_BUFFER nv_data = { .size = 32 + 2, };
110 rc = Tss2_MU_INT16_Marshal(TPM2_ALG_SHA256, nv_data.buffer,
111 TPM2_MAX_DIGEST_BUFFER, NULL);
112
113
114 if (rc != TSS2_RC_SUCCESS) {
115 LOG_ERROR("Tss2_MU_INT16_Marshal failed: 0x%" PRIx32, rc);
116 exit(1);
117 }
118
119 /* Write the empty policy session to the NV index */
120 LOG_INFO("Calling NV_Write");
121 rc = Tss2_Sys_NV_Write(sapi_context,
122 TPM2_RH_OWNER,
123 nv_index,
124 &cmd_auth,
125 &nv_data,
126 0,
127 &rsp_auth);
128 if (rc != TPM2_RC_SUCCESS) {
129 LOG_ERROR("Sys_NV_Write FAILED! Response Code : 0x%x", rc);
130 exit(1);
131 }
132 LOG_INFO("Sys_NV_Write success!");
133
134 /* Authorize the policy using the NV index */
135 LOG_INFO("Calling PolicyAuthorizeNV");
136 rc = Tss2_Sys_PolicyAuthorizeNV(sapi_context,
137 TPM2_RH_OWNER,
138 nv_index,
139 session_handle,
140 &cmd_auth,
141 &rsp_auth);
142 if (rc != TPM2_RC_SUCCESS) {
143 LOG_ERROR("PolicyAuthorizeNV FAILED! Response Code : 0x%x", rc);
144 exit(1);
145 }
146 LOG_INFO("PolicyAuthorizeNV success!");
147
148 /* Create a symmetric encryption key using the password session */
149 TPM2B_SENSITIVE_CREATE in_sensitive = { 0 };
150 TPMT_PUBLIC in_public = { 0 };
151 TPM2B_TEMPLATE public_template = { 0 };
152 TPM2B_PRIVATE out_private = { 0 };
153 TPM2B_PUBLIC out_public = { 0 };
154 TPM2B_NAME name = TPM2B_NAME_INIT;
155 TPM2_HANDLE object_handle = 0;
156
157 /* Use precomputed authPolicy for simplicity */
158 char auth[] = {0x06, 0x3a, 0x24, 0xdc, 0x2f, 0xc9, 0x32, 0xc3,
159 0xb8, 0xa0, 0x85, 0xca, 0x67, 0x27, 0x3c, 0x03,
160 0xa6, 0x7c, 0x11, 0x39, 0x8f, 0x2a, 0x4a, 0x13,
161 0xbd, 0x05, 0x37, 0xf8, 0x5f, 0x47, 0x56, 0xcb};
162 memcpy(in_public.authPolicy.buffer, auth, TPM2_SHA256_DIGEST_SIZE);
163 in_public.type = TPM2_ALG_SYMCIPHER;
164 in_public.nameAlg = TPM2_ALG_SHA256;
165 in_public.objectAttributes |= TPMA_OBJECT_USERWITHAUTH;
166 in_public.objectAttributes |= TPMA_OBJECT_DECRYPT;
167 in_public.objectAttributes |= TPMA_OBJECT_SIGN_ENCRYPT;
168 in_public.objectAttributes |= TPMA_OBJECT_FIXEDTPM;
169 in_public.objectAttributes |= TPMA_OBJECT_FIXEDPARENT;
170 in_public.objectAttributes |= TPMA_OBJECT_SENSITIVEDATAORIGIN;
171 in_public.parameters.symDetail.sym.algorithm = TPM2_ALG_AES;
172 in_public.parameters.symDetail.sym.keyBits.sym = 128;
173 in_public.parameters.symDetail.sym.mode.sym = TPM2_ALG_CFB;
174 in_public.authPolicy.size = TPM2_SHA256_DIGEST_SIZE;
175
176 uint8_t public_buf[sizeof(in_public)] = {0};
177 size_t offset = 0;
178
179 rc = Tss2_MU_TPMT_PUBLIC_Marshal(&in_public, public_buf,
180 sizeof(in_public), &offset);
181 if (rc != TPM2_RC_SUCCESS) {
182 LOG_ERROR("Tss2_MU_TPMT_PUBLIC_Marshal FAILED! Response Code: 0x%x", rc);
183 exit(1);
184 }
185 public_template.size = offset;
186 memcpy(public_template.buffer, public_buf, offset);
187 cmd_auth.count = 1;
188 cmd_auth.auths[0].sessionHandle = TPM2_RS_PW;
189 cmd_auth.auths[0].hmac.size = TPM2_SHA256_DIGEST_SIZE;
190
191 /* Create a symmetric encryption key using the password session */
192 LOG_INFO("Calling CreateLoaded");
193 rc = Tss2_Sys_CreateLoaded (sapi_context,
194 TPM2_RH_OWNER,
195 &cmd_auth,
196 &in_sensitive,
197 &public_template,
198 &object_handle,
199 &out_private,
200 &out_public,
201 &name,
202 &rsp_auth);
203 if (rc != TPM2_RC_SUCCESS) {
204 LOG_ERROR("CreateLoaded FAILED! Response Code: 0x%x", rc);
205 exit(1);
206 }
207 LOG_INFO("success object handle: 0x%x", object_handle);
208
209 TPM2B_MAX_BUFFER data_in = TPM2B_MAX_BUFFER_INIT;
210 TPM2B_MAX_BUFFER data_out = TPM2B_MAX_BUFFER_INIT;
211 TPM2B_IV iv_in = TPM2B_IV_INIT;
212 TPM2B_IV iv_out = TPM2B_IV_INIT;
213
214 if (RAND_bytes(data_in.buffer, TPM2_MAX_DIGEST_BUFFER) != 1) {
215 LOG_ERROR("RAND_bytes FAILED!");
216 exit(1);
217 }
218
219 /* Call encrypt using the key object using the password session */
220 LOG_INFO("Calling EncryptDecrypt using password session 0x%x", TPM2_RS_PW);
221 LOGBLOB_DEBUG(data_in.buffer, 32, "%s", "First 32 bytes of plain text:");
222 rc = TSS2_RETRY_EXP(Tss2_Sys_EncryptDecrypt (sapi_context,
223 object_handle,
224 &cmd_auth,
225 NO, /* encrypt */
226 TPM2_ALG_NULL,
227 &iv_in,
228 &data_in,
229 &data_out,
230 &iv_out,
231 &rsp_auth));
232 if (rc == TPM2_RC_COMMAND_CODE) {
233 LOG_WARNING("Encrypt/Decrypt not supported by TPM");
234 rc = Tss2_Sys_NV_UndefineSpace(sapi_context,
235 TPM2_RH_OWNER,
236 nv_index,
237 &cmd_auth,
238 &rsp_auth);
239 if (rc != TSS2_RC_SUCCESS) {
240 LOG_ERROR("Tss2_Sys_NV_UndefineSpace failed: 0x%"PRIx32, rc);
241 return 99; /* fatal error */
242 }
243 rc = Tss2_Sys_FlushContext(sapi_context, object_handle);
244 if (rc != TSS2_RC_SUCCESS) {
245 LOG_ERROR("Tss2_Sys_FlushContext failed with 0x%"PRIx32, rc);
246 return 99; /* fatal error */
247 }
248 rc = Tss2_Sys_FlushContext(sapi_context, session_handle);
249 if (rc != TSS2_RC_SUCCESS) {
250 LOG_ERROR("Tss2_Sys_FlushContext failed with 0x%"PRIx32, rc);
251 return 99; /* fatal error */
252 }
253 return EXIT_SKIP;
254 }
255
256 if (rc != TPM2_RC_SUCCESS) {
257 LOG_ERROR("EncryptDecrypt FAILED! Response Code : 0x%x", rc);
258 exit(1);
259 }
260 LOG_INFO("EncryptDecrypt success!");
261
262 LOGBLOB_DEBUG(data_out.buffer, 32, "%s", "First 32 bytes of cypher text:");
263
264 cmd_auth.auths[0].sessionAttributes |= TPMA_SESSION_CONTINUESESSION;
265 cmd_auth.auths[0].sessionHandle = session_handle;
266 cmd_auth.auths[0].hmac.size = 0;
267 memset(data_out.buffer, '\0', TPM2_MAX_DIGEST_BUFFER);
268
269 /* Call encrypt using the key object using the policy session
270 * This should pass because we allowed it with the PolicyAuthorizeNV call */
271 LOG_INFO("Calling EncryptDecrypt using policy session 0x%x", session_handle);
272 rc = TSS2_RETRY_EXP(Tss2_Sys_EncryptDecrypt (sapi_context,
273 object_handle,
274 &cmd_auth,
275 NO, /* encrypt */
276 TPM2_ALG_NULL,
277 &iv_in,
278 &data_in,
279 &data_out,
280 &iv_out,
281 &rsp_auth));
282 if (rc != TPM2_RC_SUCCESS) {
283 LOG_INFO("EncryptDecrypt Failed rc: 0x%x", rc);
284 exit(1);
285 }
286 LOG_INFO("EncryptDecrypt success!");
287
288 cmd_auth.auths[0].sessionHandle = TPM2_RS_PW;
289 cmd_auth.auths[0].hmac.size = 0;
290
291 /* Kill the NV index - this should invalidate the policy */
292 rc = Tss2_Sys_NV_UndefineSpace(sapi_context,
293 TPM2_RH_OWNER,
294 nv_index,
295 &cmd_auth,
296 &rsp_auth);
297 if (rc != TSS2_RC_SUCCESS) {
298 LOG_ERROR("Tss2_Sys_NV_UndefineSpace failed: 0x%" PRIx32, rc);
299 exit(1);
300 }
301 LOG_INFO("Tss2_Sys_NV_UndefineSpace for NV index 0x%" PRIx32 " success!",
302 nv_index);
303
304 /* Call encrypt using the key object using the policy session again.
305 * This should fail because the NV index is destroyed */
306 cmd_auth.auths[0].sessionHandle = session_handle;
307 memset(data_out.buffer, '\0', TPM2_MAX_DIGEST_BUFFER);
308 LOG_INFO("Calling EncryptDecrypt again with policy session after destroying"
309 " the NV index This should fail with RC_POLICY_FAIL");
310 rc = TSS2_RETRY_EXP(Tss2_Sys_EncryptDecrypt(sapi_context,
311 object_handle,
312 &cmd_auth,
313 NO, /* encrypt */
314 TPM2_ALG_NULL,
315 &iv_in,
316 &data_in,
317 &data_out,
318 &iv_out,
319 &rsp_auth));
320 if (rc != TPM2_RC_1 + TPM2_RC_S + TPM2_RC_POLICY_FAIL) {
321 LOG_INFO("EncryptDecrypt passes unexpectedly rc: 0x%x", rc);
322 exit(1);
323 }
324 LOG_INFO("EncryptDecrypt failed as expected!");
325
326 /* Clean up the session and key*/
327 rc = Tss2_Sys_FlushContext (sapi_context, object_handle);
328 if (rc != TSS2_RC_SUCCESS) {
329 LOG_ERROR("Tss2_Sys_FlushContext failed: 0x%" PRIx32, rc);
330 exit(1);
331 }
332 LOG_INFO("Flushed context for object handle: 0x%" PRIx32 " success!",
333 object_handle);
334
335 rc = Tss2_Sys_FlushContext (sapi_context, session_handle);
336 if (rc != TSS2_RC_SUCCESS) {
337 LOG_ERROR("Tss2_Sys_FlushContext failed: 0x%" PRIx32, rc);
338 exit(1);
339 }
340 LOG_INFO("Flushed context for session handle: 0x%" PRIx32 " success!",
341 session_handle);
342
343 return 0;
344 }
345