#ifdef TSS_TSS2_V2
#include "tpm_tss_tss2_session.h"
+#include "tpm_tss_tss2_names.h"
#define LABEL "TPM 2.0 - "
TPM2B_NONCE nonceTPM;
/**
- * AES-CFB encryption of protected communication with TPM 2.0
+ * AES-CFB key size in bytes
*/
- crypter_t *crypter;
+ size_t aes_key_len;
/**
* SYS context
hasher_t *hasher;
pseudo_random_function_t prf_alg;
prf_t *prf;
+ crypter_t *crypter;
chunk_t kdf_label = chunk_from_chars('C','F','B', 0x00);
chunk_t data, rp_hash, rp_hmac, nonce_caller, nonce_tpm, session_attributes;
chunk_t key_mat, aes_key, aes_iv;
return FALSE;
}
- key_len = this->crypter->get_key_size(this->crypter);
- iv_len = this->crypter->get_iv_size(this->crypter);
+ crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CFB,
+ this->aes_key_len);
+ if (!crypter)
+ {
+ DBG1(DBG_PTS, "could not create %N crypter", encryption_algorithm_names,
+ ENCR_AES_CFB);
+ return FALSE;
+ }
+
+ key_len = crypter->get_key_size(crypter);
+ iv_len = crypter->get_iv_size(crypter);
/* derive decryption key using KDFa */
if (!kdf_a(this->hash_alg, this->session_key, kdf_label, nonce_tpm,
aes_key = chunk_create(key_mat.ptr, key_len);
aes_iv = chunk_create(key_mat.ptr + key_len, iv_len);
- if (!this->crypter->set_key(this->crypter, aes_key))
+ if (!crypter->set_key(crypter, aes_key))
{
+ crypter->destroy(crypter);
chunk_clear(&key_mat);
return FALSE;
}
memcpy(data.ptr, param_buffer, param_size);
/* decrypt ciphertext */
- success = this->crypter->decrypt(this->crypter, data, aes_iv, NULL);
+ success = crypter->decrypt(crypter, data, aes_iv, NULL);
+ crypter->destroy(crypter);
chunk_clear(&key_mat);
if (!success)
{
}
chunk_clear(&this->session_key);
}
- DESTROY_IF(this->crypter);
free(this);
}
TPM2B_ENCRYPTED_SECRET encryptedSalt;
TPM2_SE sessionType = TPM2_SE_HMAC;
- TPMT_SYM_DEF symmetric = { .algorithm = TPM2_ALG_AES,
- .mode.aes = TPM2_ALG_CFB, .keyBits.aes = 128 };
+ TPMT_SYM_DEF *sym;
INIT(this,
.public = {
hash_len = hash_len_from_tpm_alg_id(this->hash_alg);
- this->crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CFB,
- symmetric.keyBits.aes / 8);
- if (!this->crypter)
- {
- DBG1(DBG_PTS, "could not create %N crypter", encryption_algorithm_names,
- ENCR_AES_CFB);
- goto error;
- }
-
if (!generate_nonce(hash_len, &this->nonceCaller))
{
goto error;
}
break;
case TPM2_ALG_ECC:
- DBG1(DBG_PTS, LABEL "ECC EK handle: 0x%08x", ek_handle);
+ DBG1(DBG_PTS, LABEL "ECC %N EK handle: 0x%08x", tpm_ecc_curve_names,
+ public->publicArea.parameters.eccDetail.curveID, ek_handle);
if (!ecc_salt(public, this->hash_alg, &secret, &encryptedSalt))
{
goto error;
goto error;
}
+ sym = (TPMT_SYM_DEF*)&public->publicArea.parameters.asymDetail.symmetric;
+ DBG2(DBG_PTS, LABEL "AES-CFB with %u bits", sym->keyBits.aes);
+ this->aes_key_len = sym->keyBits.aes / 8;
+
rval = Tss2_Sys_StartAuthSession(this->sys_context, ek_handle, TPM2_RH_NULL,
- NULL, &this->nonceCaller, &encryptedSalt, sessionType, &symmetric,
+ NULL, &this->nonceCaller, &encryptedSalt, sessionType, sym,
this->hash_alg, &this->session_handle, &this->nonceTPM, NULL);
if (rval != TSS2_RC_SUCCESS)
{
private_tpm_tss_tss2_t *this, uint32_t handle)
{
TPM2B_PUBLIC public = { 0, };
- TPM2_ALG_ID sig_alg, digest_alg;
chunk_t aik_pubkey = chunk_empty;
if (!read_public(this, handle, &public))
case TPM2_ALG_RSA:
{
TPM2B_PUBLIC_KEY_RSA *rsa;
- TPMT_RSA_SCHEME *scheme;
chunk_t aik_exponent = chunk_from_chars(0x01, 0x00, 0x01);
chunk_t aik_modulus;
uint32_t exponent;
- scheme = &public.publicArea.parameters.rsaDetail.scheme;
- sig_alg = scheme->scheme;
- digest_alg = scheme->details.anySig.hashAlg;
-
rsa = &public.publicArea.unique.rsa;
aik_modulus = chunk_create(rsa->buffer, rsa->size);
exponent = htonl(public.publicArea.parameters.rsaDetail.exponent);
case TPM2_ALG_ECC:
{
TPMS_ECC_POINT *ecc;
- TPMT_ECC_SCHEME *scheme;
chunk_t ecc_point;
+ int curve_oid;
uint8_t *pos;
- scheme = &public.publicArea.parameters.eccDetail.scheme;
- sig_alg = scheme->scheme;
- digest_alg = scheme->details.anySig.hashAlg;
+ /* determine ECC curveID */
+ switch (public.publicArea.parameters.eccDetail.curveID)
+ {
+ case TPM2_ECC_NIST_P192:
+ curve_oid = OID_PRIME192V1;
+ break;
+ case TPM2_ECC_NIST_P224:
+ curve_oid = OID_SECT224R1;
+ break;
+ case TPM2_ECC_NIST_P256:
+ curve_oid = OID_PRIME256V1;
+ break;
+ case TPM2_ECC_NIST_P384:
+ curve_oid = OID_SECT384R1;
+ break;
+ case TPM2_ECC_NIST_P521:
+ curve_oid = OID_SECT521R1;
+ break;
+ default:
+ DBG1(DBG_PTS, "ECC curve type not supported");
+ return chunk_empty;
+ }
ecc = &public.publicArea.unique.ecc;
pos += ecc->x.size;
/* copy y coordinate of ECC point */
memcpy(pos, ecc->y.buffer, ecc->y.size);
+
/* subjectPublicKeyInfo encoding of ECC public key */
aik_pubkey = asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_wrap(ASN1_SEQUENCE, "mm",
asn1_build_known_oid(OID_EC_PUBLICKEY),
- asn1_build_known_oid(ecc->x.size == 32 ?
- OID_PRIME256V1 : OID_SECT384R1)),
+ asn1_build_known_oid(curve_oid)),
ecc_point);
break;
}
DBG1(DBG_PTS, LABEL "unsupported key type");
return chunk_empty;
}
- DBG1(DBG_PTS, "signature algorithm is %N with %N hash",
- tpm_alg_id_names, sig_alg, tpm_alg_id_names, digest_alg);
+ if (public.publicArea.objectAttributes & TPMA_OBJECT_SIGN_ENCRYPT)
+ {
+ TPMT_ASYM_SCHEME *s;
+
+ s = &public.publicArea.parameters.asymDetail.scheme;
+ DBG1(DBG_PTS, "signature algorithm is %N with %N hash",
+ tpm_alg_id_names, s->scheme,
+ tpm_alg_id_names, s->details.anySig.hashAlg);
+ }
+ if (public.publicArea.objectAttributes & TPMA_OBJECT_DECRYPT)
+ {
+ TPMT_SYM_DEF_OBJECT *s;
+
+ s = &public.publicArea.parameters.asymDetail.symmetric;
+ DBG1(DBG_PTS, "encryption algorithm is %N-%N with %u bits",
+ tpm_alg_id_names, s->algorithm,
+ tpm_alg_id_names, s->mode, s->keyBits.sym);
+ }
+
return aik_pubkey;
}