Some of the defines are used in JSON strings and to have them properly
formatted, remove the surrounding '()' from numbers.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Implement a cache for the private exponent 'D' and prime 'Q' so that we
do not have to recalculate 'Q' and 'D' every time an RSA key is used. For
a cache hit we now use ~34000 cycles and on a cache miss it needs around
130000 cycles. Previously it needed around 100000 cycles to calcuate 'Q'
and 'D'. Assuming that keys will be reused and the cache is big enough
for the number of keys being use (64 entries), it seems well worth it.
This solution is better than extending the OBJECT with 'D' since OBJECT is
kept in the TPM's NVRAM and we would then need more memory to store OBJECTs
there.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
The JSON returned by TPM2_GetInfo contains a leading zero in the level.
$> swtpm_ioctl --tcp :10000 --info 1
{"TPMSpecification":{"family":"2.0","level":00,"revision":162+0}}
This patch fixes this to:
$> swtpm_ioctl --tcp :10000 --info 1
{"TPMSpecification":{"family":"2.0","level":0,"revision":162+0}}
Return the RSAKeySizes in the JSON produced by TPM2_GetInfo() under
a new flag with value '4'. This helps higher level tools and users
to easily determine what key sizes are supported for RSA.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
When no callbacks are set and the plain NVChip file is used it wasn't
possible to save the state of the TPM 2 after a TPMLIB_Terminate()
TPMLIB_MainInit() sequence with a cached state (TPMLIB_SetState) since
in this case the NVRAM was not initialized. We now initialize the NV
in case no callback for restoring the state is set.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
CryptRandStartup() did not propagate initialization errors to the caller
but always returned TRUE. We now return the initialization errors and
display an error message and some state variables.
This error should almost never occur, but the fuzzer was able to trigger
it with rev 146 when the random number generated returned 32 bit numbers only
and the same 32 bit number was returned as the one before it. With rev 150
the random number generating function now returns as many random numbers as
the caller requested and this error is not getting triggered anymore.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
_rcp__SendCommand() may come back with a different buffer than what was
passed in. This happens when the TPM 2 is in failure more and the TPM 2
code uses an internal buffer. In this case we just copy from that inter-
nal buffer into the buffer that was passed into the function.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Older gcc versions are unhappy that some types declared by TPM 1.2
headers are re-declared by TPM 2 headers. All of these types have
the same UINT32 datatype and we can avoid having the re-declared
by introducing TPM_HAVE_TPM2_DECLARATIONS and inlcuding the TPM2
headers first and then the TPM 1.2 headers where we then do not re-
declare those datatypes that are clashing.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Modify the test for whether a state file exists by return code from the
load function being != TPM_RETRY. All other error codes indicate that some
form of state file exists, independent whether it is readable or not.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Determine which PCR banks need to be restored by determining which PCR banks
are active. We only expect data for active PCR banks and the other ones do
not need data.
The tricky part here is that the TPM 2 maintains a variable that indicates
which PCR banks are active in gp.pcrAllocated and another variable in NVRAM
indicating which ones will become active after a reboot. So far we only saved
the one from NVRAM when marshalling the state but now we have to save the one
holding the current active PCR banks also. The restauration of this variable
needs to happen when we resume the VM with volatile state.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
If the permanent state was set using SetState() write the permanent
state once we successfully read the volatile state and can use it.
This way we have the state in a file.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Implement TPM2_PersistentAllStore that allocates a buffer big
enough to store all the persistent state and returns that buffer
along with the number of valid bytes.
In this patch we move code from _plat__NvCommit() into this new
function and call this new function now.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Get rid of all the changes to have the NvChip written in big
endian format. Remove test case.
Now the NvChip in memory holds data in native format.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Push the nvOffset parameter where either one of the 4 state blobs
found in the NVRAM file can be found. Also push the size parameter
into the functions.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
In case the NVRAM file cannot be decrypted we get a TPM_DECRYPT_ERROR
error which also indicates that the file exists. So do not return FALSE
in this case, which would delete the existing file and start over with
a blank file.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Add functions to marshal the volatile state of the TPM. We write it in
big endian format.
Add functions to write the data structure in big endian format
into NVRAM.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Return a failure code to the control command initiated
initialization of the TPM 2.
Reset the failure move on every INIT call so that corrections
can be done without having to restart the TPM emulator.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Introduce --with-tpm2 for ./configure to enable building with
TPM 2 functionality. Delay the building of TPM 2 code until more
patches are applied and the vTPM state that's created has a chance
of being backwards compatible.
Extend the libtpms API to allow user to choose version of TPM.
Missing functionality at this point:
- TPM 2 needs to be extended to serialize and deserialize its volatile state
- Handling of the establishment bit
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
