--- /dev/null
+/*
+ * Copyright (C) 2021 Andreas Steffen, strongSec GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * for more details.
+ */
+
+#ifdef TSS_TSS2_V2
+
+#include "tpm_tss_tss2_session.h"
+
+#define LABEL "TPM 2.0 - "
+
+typedef struct private_tpm_tss_tss2_session_t private_tpm_tss_tss2_session_t;
+
+/**
+ * Private data of an tpm_tss_tss2_session_t object.
+ */
+struct private_tpm_tss_tss2_session_t {
+
+ /**
+ * Public tpm_tss_tss2_session_t interface.
+ */
+ tpm_tss_tss2_session_t public;
+
+ /**
+ * Session handle for protected communication with TPM 2.0
+ */
+ uint32_t session_handle;
+
+ /**
+ * Session key for protected communication with TPM 2.0
+ */
+ chunk_t session_key;
+
+ /**
+ * Hash algorithm to be used for protected communication with TPM 2.0
+ */
+ TPM2_ALG_ID hash_alg;
+
+ /**
+ * nonceCaller used for protected communication with TPM 2.0
+ */
+ TPM2B_NONCE nonceCaller;
+
+ /**
+ * nonceTPM used for protected communication with TPM 2.0
+ */
+ TPM2B_NONCE nonceTPM;
+
+ /**
+ * AES-CFB encryption of protected communication with TPM 2.0
+ */
+ crypter_t *crypter;
+
+ /**
+ * SYS context
+ */
+ TSS2_SYS_CONTEXT *sys_context;
+
+};
+
+/**
+ * Two functions shared with tpm_tss_tss2_v2.c
+ */
+
+hash_algorithm_t hash_alg_from_tpm_alg_id(TPM2_ALG_ID alg);
+
+size_t hash_len_from_tpm_alg_id(TPM2_ALG_ID alg);
+
+
+/**
+ * Convert TPM2_ALG_ID to PRF algorithm
+ */
+pseudo_random_function_t prf_alg_from_tpm_alg_id(TPM2_ALG_ID alg)
+{
+ switch (alg)
+ {
+ case TPM2_ALG_SHA1:
+ return PRF_HMAC_SHA1;
+ case TPM2_ALG_SHA256:
+ return PRF_HMAC_SHA2_256;
+ case TPM2_ALG_SHA384:
+ return PRF_HMAC_SHA2_384;
+ case TPM2_ALG_SHA512:
+ return PRF_HMAC_SHA2_512;
+ default:
+ return PRF_UNDEFINED;
+ }
+}
+
+static bool generate_nonce(size_t size, TPM2B_NONCE *nonce)
+{
+ nonce_gen_t *nonce_gen;
+ bool success;
+
+ nonce_gen = lib->crypto->create_nonce_gen(lib->crypto);
+ if (!nonce_gen)
+ {
+ DBG1(DBG_PTS, "no nonce generator available");
+ return FALSE;
+ }
+ nonce->size = size;
+ success = nonce_gen->get_nonce(nonce_gen, nonce->size, nonce->buffer);
+ nonce_gen->destroy(nonce_gen);
+
+ if (!success)
+ {
+ DBG1(DBG_PTS, "generation of nonce failed");
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+METHOD(tpm_tss_tss2_session_t, set_cmd_auths, bool,
+ private_tpm_tss_tss2_session_t *this)
+{
+ size_t hash_len, param_size, cp_size;
+ const uint8_t *param_buffer, *cp_buffer;
+ uint8_t cc_buffer[4];
+ hash_algorithm_t hash_algorithm;
+ hasher_t *hasher;
+ pseudo_random_function_t prf_alg;
+ prf_t *prf;
+ chunk_t data, cp_hash, cp_hmac, nonce_caller, nonce_tpm, session_attributes;
+ bool success;
+ uint32_t rval;
+
+ TSS2L_SYS_AUTH_COMMAND cmd;
+ TPM2B_DIGEST cpHash;
+
+ cmd.count = 1;
+ cmd.auths[0].sessionHandle = this->session_handle;
+ cmd.auths[0].sessionAttributes = TPMA_SESSION_CONTINUESESSION |
+ TPMA_SESSION_ENCRYPT;
+ session_attributes = chunk_create(&cmd.auths[0].sessionAttributes, 1);
+
+ hash_len = hash_len_from_tpm_alg_id(this->hash_alg);
+
+ if (!generate_nonce(hash_len, &this->nonceCaller))
+ {
+ return FALSE;
+ }
+ cmd.auths[0].nonce.size = this->nonceCaller.size;
+ memcpy(cmd.auths[0].nonce.buffer, this->nonceCaller.buffer,
+ this->nonceCaller.size);
+
+ rval = Tss2_Sys_GetEncryptParam(this->sys_context, ¶m_size,
+ ¶m_buffer);
+ if (rval == TSS2_SYS_RC_NO_ENCRYPT_PARAM)
+ {
+ DBG2(DBG_PTS, LABEL "parameter encryption not possible");
+ return FALSE;
+ }
+
+ rval = Tss2_Sys_GetCommandCode(this->sys_context, cc_buffer);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_GetCommandCode failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ rval = Tss2_Sys_GetCpBuffer(this->sys_context, &cp_size, &cp_buffer);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_GetCpBuffer failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ /* compute cpHash */
+ hash_algorithm = hash_alg_from_tpm_alg_id(this->hash_alg);
+ hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm);
+ if (!hasher)
+ {
+ DBG1(DBG_PTS, "hasher could not be created");
+ return FALSE;
+ }
+
+ data = chunk_alloc(4 + cp_size);
+ memcpy(data.ptr, cc_buffer, 4);
+ memcpy(data.ptr + 4, cp_buffer, cp_size);
+
+ success = hasher->get_hash(hasher, data, cpHash.buffer);
+ cpHash.size = hasher->get_hash_size(hasher);
+ hasher->destroy(hasher);
+ chunk_free(&data);
+
+ if (!success)
+ {
+ DBG1(DBG_PTS, "computation of cpHash failed");
+ return FALSE;
+ }
+ cp_hash = chunk_create(cpHash.buffer, cpHash.size);
+
+ /* compute cp HMAC */
+ prf_alg = prf_alg_from_tpm_alg_id(this->hash_alg);
+ prf = lib->crypto->create_prf(lib->crypto, prf_alg);
+ if (!prf)
+ {
+ DBG1(DBG_PTS, "could not create PRF");
+ return FALSE;
+ }
+ if (!prf->set_key(prf, this->session_key))
+ {
+ DBG1(DBG_PTS, "could not set PRF key");
+ prf->destroy(prf);
+ return FALSE;
+ }
+
+ nonce_caller = chunk_create(this->nonceCaller.buffer, this->nonceCaller.size);
+ nonce_tpm = chunk_create(this->nonceTPM.buffer, this->nonceTPM.size);
+
+ success = prf->get_bytes(prf, cp_hash, NULL) &&
+ prf->get_bytes(prf, nonce_caller, NULL) &&
+ prf->get_bytes(prf, nonce_tpm, NULL) &&
+ prf->get_bytes(prf, session_attributes, cmd.auths[0].hmac.buffer);
+ cmd.auths[0].hmac.size = prf->get_block_size(prf);
+ prf->destroy(prf);
+
+ if (!success)
+ {
+ DBG1(DBG_PTS, "cpHmac computation failed");
+ return FALSE;
+ }
+ cp_hmac = chunk_create(cmd.auths[0].hmac.buffer, cmd.auths[0].hmac.size);
+ DBG2(DBG_PTS, LABEL "cpHmac: %B", &cp_hmac);
+
+ rval = Tss2_Sys_SetCmdAuths(this->sys_context, &cmd);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_SetCmdAuths failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
+ * Key Derivation Function using Counter Mode as defined by NIST SP800-108
+ * - the label is expected to be NUL terminated
+ */
+static bool kdf_a(TPMI_ALG_HASH hash_alg, chunk_t key, chunk_t label,
+ chunk_t context_u, chunk_t context_v, uint32_t bytes,
+ chunk_t *key_mat)
+{
+ pseudo_random_function_t prf_alg;
+ chunk_t count_chunk, bits_chunk;
+ uint32_t iterations, counter, count, bits;
+ uint8_t *pos;
+ size_t hlen;
+ prf_t *prf;
+
+ bits = htonl(8 * bytes);
+ bits_chunk = chunk_create((uint8_t*)&bits, sizeof(bits));
+
+ prf_alg = prf_alg_from_tpm_alg_id(hash_alg);
+ prf = lib->crypto->create_prf(lib->crypto, prf_alg);
+ if (!prf)
+ {
+ DBG1(DBG_PTS, "could not create PRF");
+ return FALSE;
+ }
+ if (!prf->set_key(prf, key))
+ {
+ DBG1(DBG_PTS, "could not set PRF key");
+ prf->destroy(prf);
+ return FALSE;
+ }
+
+ hlen = prf->get_block_size(prf);
+ iterations = (bytes + hlen - 1) / hlen;
+ *key_mat = chunk_alloc(iterations * hlen);
+ pos = key_mat->ptr;
+
+ for (counter = 1; counter <= iterations; counter++)
+ {
+ count = htonl(counter);
+ count_chunk = chunk_create((uint8_t*)&count, sizeof(count));
+
+ if (!prf->get_bytes(prf, count_chunk, NULL) ||
+ !prf->get_bytes(prf, label, NULL) ||
+ !prf->get_bytes(prf, context_u, NULL) ||
+ !prf->get_bytes(prf, context_v, NULL) ||
+ !prf->get_bytes(prf, bits_chunk, pos))
+ {
+ DBG1(DBG_PTS, "KDFa computation failed");
+ chunk_free(key_mat);
+ prf->destroy(prf);
+ return FALSE;
+ }
+ pos += hlen;
+ }
+ prf->destroy(prf);
+
+ return TRUE;
+}
+
+METHOD(tpm_tss_tss2_session_t, get_rsp_auths, bool,
+ private_tpm_tss_tss2_session_t *this)
+{
+ size_t param_size, rp_size, key_len, iv_len;
+ const uint8_t *param_buffer, *rp_buffer;
+ uint8_t rc_buffer[4] = { 0 };
+ uint8_t cc_buffer[4];
+ hash_algorithm_t hash_algorithm;
+ hasher_t *hasher;
+ pseudo_random_function_t prf_alg;
+ prf_t *prf;
+ chunk_t kdf_label = chunk_from_chars('C','F','B', 0x00);
+ chunk_t data, rp_hash, rp_hmac, nonce_caller, nonce_tpm, session_attributes;
+ chunk_t key_mat, aes_key, aes_iv;
+ bool success;
+ uint32_t rval;
+
+ TSS2L_SYS_AUTH_RESPONSE rsp;
+ TPM2B_DIGEST rpHash, rpHmac;
+
+ rval = Tss2_Sys_GetRspAuths(this->sys_context, &rsp);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_GetRspAuths failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ /* update nonceTPM */
+ memcpy(this->nonceTPM.buffer, rsp.auths[0].nonce.buffer,
+ rsp.auths[0].nonce.size);
+ this->nonceTPM.size = rsp.auths[0].nonce.size;
+
+ rval = Tss2_Sys_GetRpBuffer(this->sys_context, &rp_size, &rp_buffer);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_GetRpBuffer failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ rval = Tss2_Sys_GetCommandCode(this->sys_context, cc_buffer);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_GetCommandCode failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ /* compute rpHash */
+ hash_algorithm = hash_alg_from_tpm_alg_id(this->hash_alg);
+ hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm);
+ if (!hasher)
+ {
+ DBG1(DBG_PTS, "hasher could not be created");
+ return FALSE;
+ }
+
+ data = chunk_alloc(4 + 4 + rp_size);
+ memcpy(data.ptr, rc_buffer, 4);
+ memcpy(data.ptr + 4, cc_buffer, 4);
+ memcpy(data.ptr + 8, rp_buffer, rp_size);
+
+ success = hasher->get_hash(hasher, data, rpHash.buffer);
+ rpHash.size = hasher->get_hash_size(hasher);
+ hasher->destroy(hasher);
+ chunk_free(&data);
+
+ if (!success)
+ {
+ DBG1(DBG_PTS, "computation of rpHash failed");
+ return FALSE;
+ }
+ rp_hash = chunk_create(rpHash.buffer, rpHash.size);
+
+ /* compute rpHmac */
+ prf_alg = prf_alg_from_tpm_alg_id(this->hash_alg);
+ prf = lib->crypto->create_prf(lib->crypto, prf_alg);
+ if (!prf)
+ {
+ DBG1(DBG_PTS, "could not create PRF");
+ return FALSE;
+ }
+ if (!prf->set_key(prf, this->session_key))
+ {
+ DBG1(DBG_PTS, "could not set PRF key");
+ prf->destroy(prf);
+ return FALSE;
+ }
+
+ nonce_tpm = chunk_create(this->nonceTPM.buffer, this->nonceTPM.size);
+ nonce_caller = chunk_create(this->nonceCaller.buffer, this->nonceCaller.size);
+ session_attributes = chunk_create(&rsp.auths[0].sessionAttributes, 1);
+
+ success = prf->get_bytes(prf, rp_hash, NULL) &&
+ prf->get_bytes(prf, nonce_tpm, NULL) &&
+ prf->get_bytes(prf, nonce_caller, NULL) &&
+ prf->get_bytes(prf, session_attributes, rpHmac.buffer);
+ rpHmac.size = prf->get_block_size(prf);
+ prf->destroy(prf);
+
+ if (!success)
+ {
+ DBG1(DBG_PTS, "computation of rpHmac failed");
+ return FALSE;
+ }
+ rp_hmac = chunk_create(rpHmac.buffer, rpHmac.size);
+ DBG2(DBG_PTS, LABEL "rpHMAC: %B", &rp_hmac);
+
+ /* verify rpHmac */
+ if (!memeq(rsp.auths[0].hmac.buffer, rpHmac.buffer, rpHmac.size))
+ {
+ DBG1(DBG_PTS, LABEL "invalid HMAC received for session 0x%08x",
+ this->session_handle);
+ return FALSE;
+ }
+
+ /* decrypt parameter */
+ rval = Tss2_Sys_GetEncryptParam(this->sys_context, ¶m_size,
+ ¶m_buffer);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_GetEncryptParam failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ key_len = this->crypter->get_key_size(this->crypter);
+ iv_len = this->crypter->get_iv_size(this->crypter);
+
+ /* derive decryption key using KDFa */
+ if (!kdf_a(this->hash_alg, this->session_key, kdf_label, nonce_tpm,
+ nonce_caller, key_len + iv_len , &key_mat))
+ {
+ return FALSE;
+ }
+ aes_key = chunk_create(key_mat.ptr, key_len);
+ aes_iv = chunk_create(key_mat.ptr + key_len, iv_len);
+
+ if (!this->crypter->set_key(this->crypter, aes_key))
+ {
+ chunk_clear(&key_mat);
+ return FALSE;
+ }
+
+ /* copy ciphertext */
+ data = chunk_alloc(param_size);
+ memcpy(data.ptr, param_buffer, param_size);
+
+ /* decrypt ciphertext */
+ success = this->crypter->decrypt(this->crypter, data, aes_iv, NULL);
+ chunk_clear(&key_mat);
+ if (!success)
+ {
+ chunk_free(&data);
+ return FALSE;
+ }
+ DBG4(DBG_PTS, LABEL "plaintext: %B", &data);
+
+ /* copy back plaintext */
+ rval = Tss2_Sys_SetEncryptParam(this->sys_context, data.len, data.ptr);
+ chunk_clear(&data);
+
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_SetEncryptParam failed: 0x%06x", rval);
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+
+METHOD(tpm_tss_tss2_session_t, destroy, void,
+ private_tpm_tss_tss2_session_t *this)
+{
+ if (this->session_handle)
+ {
+ uint32_t rval;
+
+ /* flush session context */
+ rval = Tss2_Sys_FlushContext(this->sys_context, this->session_handle);
+ if (rval != TPM2_RC_SUCCESS)
+ {
+ DBG2(DBG_PTS, LABEL "Tss2_Sys_FlushContext failed: 0x%06x", rval);
+ }
+ chunk_clear(&this->session_key);
+ }
+ DESTROY_IF(this->crypter);
+ free(this);
+}
+
+static chunk_t secret_label = chunk_from_chars('S','E','C','R','E','T', 0x00);
+
+static bool rsa_salt(TPM2B_PUBLIC *public, TPMI_ALG_HASH hash_alg,
+ chunk_t *secret, TPM2B_ENCRYPTED_SECRET *encryptedSalt)
+{
+ encryption_scheme_t encryption_scheme;
+ public_key_t *pubkey = NULL;
+ nonce_gen_t *nonce_gen;
+ chunk_t encrypted_salt = chunk_empty;
+ chunk_t rsa_modulus;
+ chunk_t rsa_exponent = chunk_from_chars(0x01, 0x00, 0x01);
+ uint32_t exponent;
+ size_t hash_len;
+ bool success;
+
+ TPM2B_PUBLIC_KEY_RSA *rsa;
+
+ switch (hash_alg)
+ {
+ case TPM2_ALG_SHA1:
+ encryption_scheme = ENCRYPT_RSA_OAEP_SHA1;
+ break;
+ case TPM2_ALG_SHA256:
+ encryption_scheme = ENCRYPT_RSA_OAEP_SHA256;
+ break;
+ case TPM2_ALG_SHA384:
+ encryption_scheme = ENCRYPT_RSA_OAEP_SHA384;
+ break;
+ case TPM2_ALG_SHA512:
+ encryption_scheme = ENCRYPT_RSA_OAEP_SHA512;
+ break;
+ default:
+ DBG1(DBG_PTS, LABEL "unsupported key hash algorithm");
+ return FALSE;
+ }
+
+ hash_len = hash_len_from_tpm_alg_id(hash_alg);
+
+ /* create a salt nonce to be used as a shared secret */
+ nonce_gen = lib->crypto->create_nonce_gen(lib->crypto);
+ if (!nonce_gen)
+ {
+ DBG1(DBG_PTS, "no nonce generator available");
+ return FALSE;
+ }
+ success = nonce_gen->allocate_nonce(nonce_gen, hash_len, secret);
+ nonce_gen->destroy(nonce_gen);
+ if (!success)
+ {
+ DBG1(DBG_PTS, "generation of salt nonce failed");
+ return FALSE;
+ }
+
+ /* get RSA public key */
+ rsa = &public->publicArea.unique.rsa;
+ rsa_modulus = chunk_create(rsa->buffer, rsa->size);
+ exponent = htonl(public->publicArea.parameters.rsaDetail.exponent);
+ if (exponent)
+ {
+ rsa_exponent = chunk_from_thing(exponent);
+ }
+ pubkey = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA,
+ BUILD_RSA_MODULUS, rsa_modulus, BUILD_RSA_PUB_EXP,
+ rsa_exponent, BUILD_END);
+ if (!pubkey)
+ {
+ DBG1(DBG_PTS, "retrieval of EK public key failed");
+ chunk_clear(secret);
+ return FALSE;
+ }
+
+ /* use RSA public key encryption to encrypt secret salt nonce */
+ success = pubkey->encrypt(pubkey, encryption_scheme, &secret_label,
+ *secret, &encrypted_salt);
+ pubkey->destroy(pubkey);
+ if (!success)
+ {
+ DBG1(DBG_PTS, "encryption of salt failed");
+ chunk_clear(secret);
+ return FALSE;
+ }
+
+ /* copy encryptedSalt to output parameter */
+ encryptedSalt->size = encrypted_salt.len;
+ memcpy(encryptedSalt->secret, encrypted_salt.ptr, encrypted_salt.len);
+ free(encrypted_salt.ptr);
+
+ return TRUE;
+}
+
+
+/**
+ * Key Derivation Function used to derive an ecc-based secret
+ * - the label is expected to be NUL terminated
+ */
+static bool kdf_e(TPMI_ALG_HASH hash_alg, chunk_t z, chunk_t label,
+ chunk_t context_u, chunk_t context_v, uint32_t bytes,
+ chunk_t *key_mat)
+{
+ hash_algorithm_t hash_algorithm;
+ chunk_t count_chunk;
+ uint32_t iterations, counter, count;
+ uint8_t *pos;
+ size_t hlen;
+ hasher_t *hasher;
+
+ hash_algorithm = hash_alg_from_tpm_alg_id(hash_alg);
+ hasher = lib->crypto->create_hasher(lib->crypto, hash_algorithm);
+ if (!hasher)
+ {
+ DBG1(DBG_PTS, "could not create hasher");
+ return FALSE;
+ }
+
+ hlen = hasher->get_hash_size(hasher);
+ iterations = (bytes + hlen - 1) / hlen;
+ *key_mat = chunk_alloc(iterations * hlen);
+ pos = key_mat->ptr;
+
+ for (counter = 1; counter <= iterations; counter++)
+ {
+ count = htonl(counter);
+ count_chunk = chunk_create((uint8_t*)&count, sizeof(count));
+
+ if (!hasher->get_hash(hasher, count_chunk, NULL) ||
+ !hasher->get_hash(hasher, z, NULL) ||
+ !hasher->get_hash(hasher, label, NULL) ||
+ !hasher->get_hash(hasher, context_u, NULL) ||
+ !hasher->get_hash(hasher, context_v, pos))
+ {
+ DBG1(DBG_PTS, "KDFe computation failed");
+ chunk_free(key_mat);
+ hasher->destroy(hasher);
+ return FALSE;
+ }
+ pos += hlen;
+ }
+ hasher->destroy(hasher);
+
+ return TRUE;
+}
+
+static bool ecc_salt(TPM2B_PUBLIC *public, TPMI_ALG_HASH hash_alg,
+ chunk_t *secret, TPM2B_ENCRYPTED_SECRET *encryptedSalt)
+{
+ diffie_hellman_group_t ec_group;
+ diffie_hellman_t *dh;
+ chunk_t ecdh_pubkey = chunk_empty, ecdh_pubkey_x, ecdh_pubkey_y;
+ chunk_t ecc_pubkey = chunk_empty, ecc_pubkey_x, ecc_pubkey_y;
+ chunk_t z = chunk_empty;
+ uint16_t len;
+ uint8_t *pos;
+ size_t hash_len;
+ bool success = FALSE;
+
+ switch (public->publicArea.parameters.eccDetail.curveID)
+ {
+ case TPM2_ECC_NIST_P256:
+ ec_group = ECP_256_BIT;
+ break;
+ case TPM2_ECC_NIST_P384:
+ ec_group = ECP_384_BIT;
+ break;
+ case TPM2_ECC_NIST_P521:
+ ec_group = ECP_521_BIT;
+ break;
+ default:
+ DBG1(DBG_PTS, "type of ECC EK key not supported");
+ return FALSE;
+ }
+
+ /* Generate ECDH key pair */
+ dh = lib->crypto->create_dh(lib->crypto, ec_group);
+ if (!dh)
+ {
+ DBG1(DBG_PTS, "DH group could not be created");
+ return FALSE;
+ }
+ if (!dh->get_my_public_value(dh, &ecdh_pubkey))
+ {
+ DBG1(DBG_PTS, "DH public key could not be generated");
+ dh->destroy(dh);
+ return FALSE;
+ }
+ ecdh_pubkey_x = chunk_create(ecdh_pubkey.ptr, ecdh_pubkey.len / 2);
+ ecdh_pubkey_y = chunk_create(ecdh_pubkey.ptr + ecdh_pubkey_x.len,
+ ecdh_pubkey_x.len);
+
+ /* get ECC public key */
+ ecc_pubkey_x = chunk_create(public->publicArea.unique.ecc.x.buffer,
+ public->publicArea.unique.ecc.x.size);
+ ecc_pubkey_y = chunk_create(public->publicArea.unique.ecc.y.buffer,
+ public->publicArea.unique.ecc.y.size);
+ ecc_pubkey = chunk_cat("cc", ecc_pubkey_x, ecc_pubkey_y);
+
+ /* compute point multiplication of ecc_pubkey with ecdh_privkey */
+ if (!dh->set_other_public_value(dh, ecc_pubkey))
+ {
+ DBG1(DBG_PTS, "ECC public could not be set");
+ goto error;
+ }
+ if (!dh->get_shared_secret(dh, &z))
+ {
+ DBG1(DBG_PTS, "could not create shared secret");
+ goto error;
+ }
+
+ hash_len = hash_len_from_tpm_alg_id(hash_alg);
+
+ /* derive secret using KDFe */
+ if (!kdf_e(hash_alg, z, secret_label, ecdh_pubkey_x, ecc_pubkey_x,
+ hash_len, secret))
+ {
+ goto error;
+ }
+
+ /* copy ECDH pubkey to encrypted salt parameter */
+ len = htons(ecdh_pubkey_x.len);
+ encryptedSalt->size = 2 * sizeof(len) + ecdh_pubkey.len;
+ pos = encryptedSalt->secret;
+ memcpy(pos, (uint8_t*)&len, sizeof(len));
+ pos += sizeof(len);
+ memcpy(pos, ecdh_pubkey_x.ptr, ecdh_pubkey_x.len);
+ pos += ecdh_pubkey_x.len;
+ memcpy(pos, (uint8_t*)&len, sizeof(len));
+ pos += sizeof(len);
+ memcpy(pos, ecdh_pubkey_y.ptr, ecdh_pubkey_y.len);
+
+ success = TRUE;
+
+error:
+ dh->destroy(dh);
+ chunk_free(&ecdh_pubkey);
+ chunk_free(&ecc_pubkey);
+ chunk_clear(&z);
+
+ return success;
+}
+
+/**
+ * See header
+ */
+tpm_tss_tss2_session_t* tpm_tss_tss2_session_create(uint32_t ek_handle,
+ TPM2B_PUBLIC *public, TSS2_SYS_CONTEXT *sys_context)
+{
+ private_tpm_tss_tss2_session_t *this;
+ chunk_t secret = chunk_empty;
+ chunk_t kdf_label = chunk_from_chars('A','T','H', 0x00);
+ chunk_t nonce_caller, nonce_tpm;
+ size_t hash_len;
+ uint32_t rval;
+
+ TPM2B_ENCRYPTED_SECRET encryptedSalt;
+ TPM2_SE sessionType = TPM2_SE_HMAC;
+ TPMT_SYM_DEF symmetric = { .algorithm = TPM2_ALG_AES,
+ .mode.aes = TPM2_ALG_CFB, .keyBits.aes = 128 };
+
+ INIT(this,
+ .public = {
+ .set_cmd_auths = _set_cmd_auths,
+ .get_rsp_auths = _get_rsp_auths,
+ .destroy = _destroy,
+ },
+ .sys_context = sys_context,
+ .hash_alg = public->publicArea.nameAlg,
+ );
+
+ hash_len = hash_len_from_tpm_alg_id(this->hash_alg);
+
+ this->crypter = lib->crypto->create_crypter(lib->crypto, ENCR_AES_CFB,
+ symmetric.keyBits.aes / 8);
+ if (!this->crypter)
+ {
+ DBG1(DBG_PTS, "could not create %N crypter", encryption_algorithm_names,
+ ENCR_AES_CFB);
+ goto error;
+ }
+
+ if (!generate_nonce(hash_len, &this->nonceCaller))
+ {
+ goto error;
+ }
+
+ /* determine endorsement key type */
+ switch (public->publicArea.type)
+ {
+ case TPM2_ALG_RSA:
+ DBG1(DBG_PTS, LABEL "RSA EK handle: 0x%08x", ek_handle);
+ if (!rsa_salt(public, this->hash_alg, &secret, &encryptedSalt))
+ {
+ goto error;
+ }
+ break;
+ case TPM2_ALG_ECC:
+ DBG1(DBG_PTS, LABEL "ECC EK handle: 0x%08x", ek_handle);
+ if (!ecc_salt(public, this->hash_alg, &secret, &encryptedSalt))
+ {
+ goto error;
+ }
+ break;
+ default:
+ DBG1(DBG_PTS, LABEL "unsupported ek key type");
+ goto error;
+ }
+
+ rval = Tss2_Sys_StartAuthSession(this->sys_context, ek_handle, TPM2_RH_NULL,
+ NULL, &this->nonceCaller, &encryptedSalt, sessionType, &symmetric,
+ this->hash_alg, &this->session_handle, &this->nonceTPM, NULL);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_StartAuthSession failed: 0x%06x", rval);
+ goto error;
+ }
+ DBG2(DBG_PTS, LABEL "session handle: 0x%08x", this->session_handle);
+
+ nonce_tpm = chunk_create(this->nonceTPM.buffer, this->nonceTPM.size);
+ nonce_caller = chunk_create(this->nonceCaller.buffer, this->nonceCaller.size);
+
+ /* derive sessionKey using KDFa */
+ if (!kdf_a(this->hash_alg, secret, kdf_label, nonce_tpm, nonce_caller,
+ hash_len, &this->session_key))
+ {
+ goto error;
+ }
+ chunk_clear(&secret);
+ DBG4(DBG_PTS, LABEL "session key: %B", &this->session_key);
+
+ return &this->public;
+
+ error:
+ chunk_clear(&secret);
+ destroy(this);
+ return NULL;
+}
+
+#endif /* TSS_TSS2_V2 */
* Copyright (C) 2018-2020 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
+ * Copyright (C) 2021 Andreas Steffen, strongSec GmbH
+ *
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
#ifdef TSS_TSS2_V2
+#include "tpm_tss_tss2_session.h"
+
#include <asn1/asn1.h>
#include <asn1/oid.h>
#include <bio/bio_reader.h>
#include <bio/bio_writer.h>
#include <threading/mutex.h>
-#include <tss2/tss2_sys.h>
-
#include <dlfcn.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
-#define LABEL "TPM 2.0 -"
+#define LABEL "TPM 2.0 - "
#define PLATFORM_PCR 24
#define MAX_PCR_BANKS 4
*/
bool old_event_digest_format;
+ /**
+ * TSS2 session used for protected communication with TPM 2.0
+ */
+ tpm_tss_tss2_session_t *session;
+
/**
* Mutex controlling access to the TPM 2.0 context
*/
/**
* Convert TPM2_ALG_ID to hash algorithm
*/
-static hash_algorithm_t hash_alg_from_tpm_alg_id(TPM2_ALG_ID alg)
+hash_algorithm_t hash_alg_from_tpm_alg_id(TPM2_ALG_ID alg)
{
switch (alg)
{
}
}
+/**
+ * Return hash length of TPM2_ALG_ID algorithm
+ */
+size_t hash_len_from_tpm_alg_id(TPM2_ALG_ID alg)
+{
+ switch (alg)
+ {
+ case TPM2_ALG_SHA1:
+ return TPM2_SHA1_DIGEST_SIZE;
+ case TPM2_ALG_SHA256:
+ case TPM2_ALG_SHA3_256:
+ return TPM2_SHA256_DIGEST_SIZE;
+ case TPM2_ALG_SHA384:
+ case TPM2_ALG_SHA3_384:
+ return TPM2_SHA384_DIGEST_SIZE;
+ case TPM2_ALG_SHA512:
+ case TPM2_ALG_SHA3_512:
+ return TPM2_SHA512_DIGEST_SIZE;
+ case TPM2_ALG_SM3_256:
+ return TPM2_SM3_256_DIGEST_SIZE;
+ default:
+ return 0;
+ }
+}
+
/**
* Check if an algorithm given by its TPM2_ALG_ID is supported by the TPM
*/
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s GetCapability failed for TPM2_CAP_TPM_PROPERTIES: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "GetCapability failed for TPM2_CAP_TPM_PROPERTIES: 0x%06x",
+ rval);
return FALSE;
}
memset(manufacturer, '\0', sizeof(manufacturer));
this->fips_186_4 = lib->settings->get_bool(lib->settings,
"%s.plugins.tpm.fips_186_4", FALSE, lib->ns);
}
- DBG2(DBG_PTS, "%s manufacturer: %s (%s) rev: %05.2f %u %s", LABEL,
+ DBG2(DBG_PTS, LABEL "manufacturer: %s (%s) rev: %05.2f %u %s",
manufacturer, vendor_string, (float)revision/100, year,
fips_140_2 ? "FIPS 140-2" : (this->fips_186_4 ? "FIPS 186-4" : ""));
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s GetCapability failed for TPM2_CAP_ALGS: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "GetCapability failed for TPM2_CAP_ALGS: 0x%06x",
+ rval);
return FALSE;
}
pos += written;
len -= written;
}
- DBG2(DBG_PTS, "%s algorithms:%s", LABEL, buf);
+ DBG2(DBG_PTS, LABEL "algorithms:%s", buf);
/* get supported ECC curves */
this->mutex->lock(this->mutex);
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s GetCapability failed for TPM2_CAP_ECC_CURVES: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "GetCapability failed for TPM2_CAP_ECC_CURVES: 0x%06x",
+ rval);
return FALSE;
}
pos += written;
len -= written;
}
- DBG2(DBG_PTS, "%s ECC curves:%s", LABEL, buf);
+ DBG2(DBG_PTS, LABEL "ECC curves:%s", buf);
/* get assigned PCR banks */
this->mutex->lock(this->mutex);
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s GetCapability failed for TPM2_CAP_PCRS: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "GetCapability failed for TPM2_CAP_PCRS: 0x%06x",
+ rval);
return FALSE;
}
pos += written;
len -= written;
}
- DBG2(DBG_PTS, "%s PCR banks:%s", LABEL, buf);
+ DBG2(DBG_PTS, LABEL "PCR banks:%s", buf);
return TRUE;
}
rval = tcti_init(NULL, &tcti_context_size, tcti_opts);
if (rval != TSS2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s tcti init setup failed: 0x%06x", LABEL, rval);
+ DBG1(DBG_PTS, LABEL "tcti init setup failed: 0x%06x", rval);
return FALSE;
}
rval = tcti_init(this->tcti_context, &tcti_context_size, tcti_opts);
if (rval != TSS2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s tcti init allocation failed: 0x%06x", LABEL,rval);
+ DBG1(DBG_PTS, LABEL "tcti init allocation failed: 0x%06x", rval);
return FALSE;
}
return TRUE;
this->tcti_context, &abi_version);
if (rval != TSS2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s could not get sys_context: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "could not get sys_context: 0x%06x", rval);
return FALSE;
}
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s could not read public key from handle 0x%08x: 0x%06x",
- LABEL, handle, rval);
+ DBG1(DBG_PTS, LABEL "could not read public key from handle 0x%08x: 0x%06x",
+ handle, rval);
return FALSE;
}
return TRUE;
NULL, &aik_pubkey, CRED_PART_RSA_MODULUS, aik_modulus,
CRED_PART_RSA_PUB_EXP, aik_exponent, CRED_PART_END))
{
- DBG1(DBG_PTS, "%s subjectPublicKeyInfo encoding of public key "
- "failed", LABEL);
+ DBG1(DBG_PTS, LABEL "subjectPublicKeyInfo encoding of public key "
+ "failed");
return chunk_empty;
}
break;
break;
}
default:
- DBG1(DBG_PTS, "%s unsupported key type", LABEL);
+ DBG1(DBG_PTS, LABEL "unsupported key type");
return chunk_empty;
}
DBG1(DBG_PTS, "signature algorithm is %N with %N hash",
break;
}
default:
- DBG1(DBG_PTS, "%s unsupported key type", LABEL);
+ DBG1(DBG_PTS, LABEL "unsupported key type");
return enumerator_create_empty();
}
return enumerator_create_single(signature_params_clone(&supported_scheme),
/* check if there is an assigned PCR bank for this hash algorithm */
if (!has_pcr_bank(this, alg))
{
- DBG1(DBG_PTS, "%s %N hash algorithm not supported by any PCR bank",
- LABEL, hash_algorithm_short_names, alg);
+ DBG1(DBG_PTS, LABEL "%N hash algorithm not supported by any PCR bank",
+ hash_algorithm_short_names, alg);
return FALSE;
}
if (pcr_num >= PLATFORM_PCR)
{
- DBG1(DBG_PTS, "%s maximum number of supported PCR is %d",
- LABEL, PLATFORM_PCR);
+ DBG1(DBG_PTS, LABEL "maximum number of supported PCR is %d",
+ PLATFORM_PCR);
return FALSE;
}
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s PCR bank could not be read: 0x%60x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "PCR bank could not be read: 0x%60x", rval);
return FALSE;
}
pcr_value_ptr = (uint8_t *)pcr_values.digests[0].buffer;
/* check if there is an assigned PCR bank for this hash algorithm */
if (!has_pcr_bank(this, alg))
{
- DBG1(DBG_PTS, "%s %N hash algorithm not supported by any PCR bank",
- LABEL, hash_algorithm_short_names, alg);
+ DBG1(DBG_PTS, LABEL "%N hash algorithm not supported by any PCR bank",
+ hash_algorithm_short_names, alg);
return FALSE;
}
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS, "%s PCR %02u could not be extended: 0x%06x",
- LABEL, pcr_num, rval);
+ DBG1(DBG_PTS, LABEL "PCR %02u could not be extended: 0x%06x",
+ pcr_num, rval);
return FALSE;
}
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_Quote failed: 0x%06x", LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_Quote failed: 0x%06x", rval);
return FALSE;
}
quoted_chunk = chunk_create(quoted.attestationData, quoted.size);
!reader->read_data (reader, 10, &pcr_select) ||
!reader->read_data16(reader, &pcr_digest))
{
- DBG1(DBG_PTS, "%s parsing of quoted struct failed", LABEL);
+ DBG1(DBG_PTS, LABEL "parsing of quoted struct failed");
reader->destroy(reader);
return FALSE;
}
hash_alg = sig.signature.ecdsa.hash;
break;
default:
- DBG1(DBG_PTS, "%s unsupported %N signature algorithm",
- LABEL, tpm_alg_id_names, sig.sigAlg);
+ DBG1(DBG_PTS, LABEL "unsupported %N signature algorithm",
+ tpm_alg_id_names, sig.sigAlg);
return FALSE;
}
alg_id = hash_alg_to_tpm_alg_id(hash_alg);
if (!is_supported_alg(this, alg_id))
{
- DBG1(DBG_PTS, "%s %N hash algorithm not supported by TPM",
- LABEL, hash_algorithm_short_names, hash_alg);
+ DBG1(DBG_PTS, LABEL "%N hash algorithm not supported by TPM",
+ hash_algorithm_short_names, hash_alg);
return FALSE;
}
}
else
{
- DBG1(DBG_PTS, "%s signature scheme %N not supported by TPM key",
- LABEL, signature_scheme_names, scheme);
+ DBG1(DBG_PTS, LABEL "signature scheme %N not supported by TPM key",
+ signature_scheme_names, scheme);
return FALSE;
}
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_Hash failed: 0x%06x", LABEL, rval);
+ DBG1(DBG_PTS,LABEL "Tss2_Sys_Hash failed: 0x%06x", rval);
return FALSE;
}
}
alg_id, &sequence_handle, 0);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_HashSequenceStart failed: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_HashSequenceStart failed: 0x%06x",
+ rval);
this->mutex->unlock(this->mutex);
return FALSE;
}
&auth_cmd, &buffer, 0);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_SequenceUpdate failed: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_SequenceUpdate failed: 0x%06x",
+ rval);
this->mutex->unlock(this->mutex);
return FALSE;
}
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_SequenceComplete failed: 0x%06x",
- LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_SequenceComplete failed: 0x%06x",
+ rval);
return FALSE;
}
}
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_Sign failed: 0x%06x", LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_Sign failed: 0x%06x", rval);
return FALSE;
}
sig.signature.ecdsa.signatureS.size)));
break;
default:
- DBG1(DBG_PTS, "%s unsupported %N signature scheme",
- LABEL, signature_scheme_names, scheme);
+ DBG1(DBG_PTS, LABEL "unsupported %N signature scheme",
+ signature_scheme_names, scheme);
return FALSE;
}
return TRUE;
}
+/**
+ * Check if an authenticated session with the TPM 2.0 can be started
+ * The handle of the RSA Endorsement Key (EK) is required
+ */
+static void try_session_start(private_tpm_tss_tss2_t *this)
+{
+ uint32_t ek_handle = 0;
+ chunk_t handle_chunk;
+ char *handle_str;
+
+ TPM2B_PUBLIC public = { 0, };
+
+ /* get Endorsement Key (EK) handle from settings */
+ handle_str = lib->settings->get_str(lib->settings,
+ "%s.plugins.tpm.ek_handle", NULL, lib->ns);
+ if (handle_str)
+ {
+ handle_chunk = chunk_from_hex(chunk_from_str(handle_str),
+ (char *)&ek_handle);
+ ek_handle = (handle_chunk.len == 4) ? htonl(ek_handle) : 0;
+
+ /* establish protected auth session if ek_handle is set */
+ if (ek_handle && read_public(this, ek_handle, &public))
+ {
+ this->mutex->lock(this->mutex);
+ this->session = tpm_tss_tss2_session_create(ek_handle, &public,
+ this->sys_context);
+ this->mutex->unlock(this->mutex);
+ }
+ }
+}
+
METHOD(tpm_tss_t, get_random, bool,
private_tpm_tss_tss2_t *this, size_t bytes, uint8_t *buffer)
{
- size_t len, random_len= sizeof(TPM2B_DIGEST)-2;
+ size_t len, random_len = sizeof(TPM2B_DIGEST)-2;
TPM2B_DIGEST random = { random_len, };
uint8_t *pos = buffer;
uint32_t rval;
+ if (!this->session)
+ {
+ try_session_start(this);
+ }
+
while (bytes > 0)
{
- len = min(bytes, random_len);
+ bool success = FALSE;
+ len = min(bytes, random_len);
this->mutex->lock(this->mutex);
- rval = Tss2_Sys_GetRandom(this->sys_context, NULL, len, &random, NULL);
- this->mutex->unlock(this->mutex);
+
+ rval = Tss2_Sys_GetRandom_Prepare(this->sys_context, len);
if (rval != TSS2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_GetRandom failed: 0x%06x", LABEL, rval);
- return FALSE;
+ DBG1(DBG_PTS, "%s Tss2_Sys_GetRandom_Prepare failed: 0x%06x",
+ LABEL, rval);
+ goto error;
}
+
+ if (this->session && !this->session->set_cmd_auths(this->session))
+ {
+ goto error;
+ }
+
+ rval = Tss2_Sys_Execute(this->sys_context);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_Execute failed: 0x%06x", rval);
+ goto error;
+ }
+
+ if (this->session && !this->session->get_rsp_auths(this->session))
+ {
+ goto error;
+ }
+
+ rval = Tss2_Sys_GetRandom_Complete(this->sys_context, &random);
+ if (rval != TSS2_RC_SUCCESS)
+ {
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_GetRandom_Complete failed: 0x%06x",
+ rval);
+ goto error;
+ }
+ success = TRUE;
+
+error:
+ this->mutex->unlock(this->mutex);
+ if (!success)
+ {
+ return FALSE;
+ }
+
memcpy(pos, random.buffer, random.size);
pos += random.size;
bytes -= random.size;
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_GetCapability failed for "
- "TPM2_CAP_TPM_PROPERTIES: 0x%06x", LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_GetCapability failed for "
+ "TPM2_CAP_TPM_PROPERTIES: 0x%06x", rval);
return FALSE;
}
max_data_size = min(cap_data.data.tpmProperties.tpmProperty[0].value,
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_NV_ReadPublic failed: 0x%06x", LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_NV_ReadPublic failed: 0x%06x", rval);
return FALSE;
}
nv_size = nv_public.nvPublic.dataSize;
this->mutex->unlock(this->mutex);
if (rval != TPM2_RC_SUCCESS)
{
- DBG1(DBG_PTS,"%s Tss2_Sys_NV_Read failed: 0x%06x", LABEL, rval);
+ DBG1(DBG_PTS, LABEL "Tss2_Sys_NV_Read failed: 0x%06x", rval);
chunk_free(data);
return FALSE;
}
{
return FALSE;
}
- hash_alg = hash_alg_from_tpm_alg_id(alg_id);
+ hash_alg = hash_alg_from_tpm_alg_id(alg_id);
+ digest_len = hash_len_from_tpm_alg_id(alg_id);
- switch (hash_alg)
- {
- case HASH_SHA1:
- digest_len = HASH_SIZE_SHA1;
- break;
- case HASH_SHA256:
- digest_len = HASH_SIZE_SHA256;
- break;
- case HASH_SHA384:
- digest_len = HASH_SIZE_SHA384;
- break;
- case HASH_SHA512:
- digest_len = HASH_SIZE_SHA512;
- break;
- default:
- DBG2(DBG_PTS, "alg_id: 0x%04x", alg_id);
- return FALSE;
- }
if (hash_alg == alg)
{
*digest = chunk_alloc(digest_len);
METHOD(tpm_tss_t, destroy, void,
private_tpm_tss_tss2_t *this)
{
+ DESTROY_IF(this->session);
finalize_context(this);
this->mutex->destroy(this->mutex);
free(this->version_info.ptr);
destroy(this);
return NULL;
}
+
return &this->public;
}
{
i = 1;
}
- DBG2(DBG_PTS, "%s \"%s\" in-kernel resource manager is %spresent",
- LABEL, tcti_options[0], i ? "not " : "");
+ DBG2(DBG_PTS, LABEL "\"%s\" in-kernel resource manager is %spresent",
+ tcti_options[0], i ? "not " : "");
/* select a dynamic TCTI library (device, tabrmd or mssim) */
tcti_name = lib->settings->get_str(lib->settings,
}
if (!match)
{
- DBG1(DBG_PTS, "%s \"%s\" is not a valid TCTI library name",
- LABEL, tcti_lib);
+ DBG1(DBG_PTS, LABEL "\"%s\" is not a valid TCTI library name", tcti_lib);
return FALSE;
}
tcti_handle = dlopen(tcti_lib, RTLD_LAZY);
if (!tcti_handle)
{
- DBG1(DBG_PTS, "%s could not load \"%s\"", LABEL, tcti_lib);
+ DBG1(DBG_PTS, LABEL "could not load \"%s\"", tcti_lib);
return FALSE;
}
infofn = (TSS2_TCTI_INFO_FUNC)dlsym(tcti_handle, TSS2_TCTI_INFO_SYMBOL);
if (!infofn)
{
- DBG1(DBG_PTS, "%s symbol \"%s\" not found in \"%s\"", LABEL,
- TSS2_TCTI_INFO_SYMBOL, tcti_lib);
+ DBG1(DBG_PTS, LABEL "symbol \"%s\" not found in \"%s\"",
+ TSS2_TCTI_INFO_SYMBOL, tcti_lib);
tpm_tss_tss2_deinit();
return FALSE;
}
- DBG2(DBG_PTS, "%s \"%s\" successfully loaded", LABEL, tcti_lib);
+ DBG2(DBG_PTS, LABEL "\"%s\" successfully loaded", tcti_lib);
info = infofn();
tcti_init = info->init;
projects / thirdparty / strongswan.git / commitdiff
