mirror of
https://github.com/stefanberger/libtpms
synced 2025-08-25 10:34:37 +00:00
ad95a32cf2
Fix PCRBelongsTCBGroup by adjusting the set of PCRs that belong to the TCB Group. The effect of this is that PCR changes to PCR 16 (for example) do not change the pcrUpdateCounter anymore. The effect *should not* have any negative side effects when using the TPM. We also need to update the test cases that now show a different pcrUpdateCounter in the responses. Also 'swtpm' test cases need to be fixed to expect the changed result. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
147 lines
5.7 KiB
C
147 lines
5.7 KiB
C
#include <stdio.h>
|
|
#include <string.h>
|
|
#include <assert.h>
|
|
|
|
#include <libtpms/tpm_library.h>
|
|
#include <libtpms/tpm_error.h>
|
|
#include <libtpms/tpm_memory.h>
|
|
|
|
static void dump_array(const char *h, const unsigned char *d, size_t dlen)
|
|
{
|
|
size_t i;
|
|
|
|
fprintf(stderr, "%s\n", h);
|
|
for (i = 0; i < dlen; i++) {
|
|
fprintf(stderr, "%02x ", d[i]);
|
|
if ((i & 0xf) == 0xf)
|
|
fprintf(stderr, "\n");
|
|
}
|
|
fprintf(stderr, "\n");
|
|
}
|
|
|
|
int main(void)
|
|
{
|
|
unsigned char *rbuffer = NULL;
|
|
uint32_t rlength;
|
|
uint32_t rtotal = 0;
|
|
TPM_RESULT res;
|
|
int ret = 1;
|
|
unsigned char startup[] = {
|
|
0x80, 0x01, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x00,
|
|
0x01, 0x44, 0x00, 0x00
|
|
};
|
|
|
|
unsigned char tpm2_pcr_read[] = {
|
|
0x80, 0x01, // TPM_ST_NO_SESSIONS
|
|
0x00, 0x00, 0x00, 0x26, // command size
|
|
0x00, 0x00, 0x01, 0x7e, // TPM_CC_PCR_Read
|
|
0x00, 0x00, 0x00, 0x04, // TPML_PCR_SELECTION
|
|
0x00, 0x04, // TPMI_ALG_HASH, SHA1=4
|
|
0x03, // size of the select
|
|
0x01, 0x00, 0x10, // pcrSelect
|
|
0x00, 0x0b, // TPMI_ALG_HASH, SHA256=11
|
|
0x03, // size of the select
|
|
0x01, 0x00, 0x10, // pcrSelect
|
|
0x00, 0x0c, // TPMI_ALG_HASH, SHA384=12
|
|
0x03, // size of the select
|
|
0x01, 0x00, 0x10, // pcrSelect
|
|
0x00, 0x0d, // TPMI_ALG_HASH, SHA512=13
|
|
0x03, // size of the select
|
|
0x01, 0x00, 0x10 // pcrSelect
|
|
};
|
|
const unsigned char tpm2_pcr_read_exp_resp[] = {
|
|
0x80, 0x01, 0x00, 0x00, 0x01, 0x86, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00,
|
|
0x00, 0x04, 0x00, 0x04, 0x03, 0x01, 0x00, 0x10,
|
|
0x00, 0x0b, 0x03, 0x01, 0x00, 0x10, 0x00, 0x0c,
|
|
0x03, 0x01, 0x00, 0x10, 0x00, 0x0d, 0x03, 0x01,
|
|
0x00, 0x10, 0x00, 0x00, 0x00, 0x08, 0x00, 0x14,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0x00, 0x20, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00, 0x30,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x30, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
|
|
0xff, 0xff, 0xff, 0xff, 0xff, 0xff
|
|
};
|
|
|
|
res = TPMLIB_ChooseTPMVersion(TPMLIB_TPM_VERSION_2);
|
|
assert(res == TPM_SUCCESS);
|
|
|
|
res = TPMLIB_MainInit();
|
|
if (res != TPM_SUCCESS) {
|
|
fprintf(stderr, "TPMLIB_MainInit() failed\n");
|
|
goto exit;
|
|
}
|
|
|
|
res = TPMLIB_Process(&rbuffer, &rlength, &rtotal, startup, sizeof(startup));
|
|
if (res != TPM_SUCCESS) {
|
|
fprintf(stderr, "TPMLIB_Process(Startup) failed\n");
|
|
goto exit;
|
|
}
|
|
|
|
res = TPMLIB_Process(&rbuffer, &rlength, &rtotal,
|
|
tpm2_pcr_read, sizeof(tpm2_pcr_read));
|
|
if (res != TPM_SUCCESS) {
|
|
fprintf(stderr, "TPMLIB_Process(TPM2_PCR_Read) failed\n");
|
|
goto exit;
|
|
}
|
|
|
|
if (rlength != sizeof(tpm2_pcr_read_exp_resp)) {
|
|
fprintf(stderr, "Expected response is %zu bytes, but got %u.\n",
|
|
sizeof(tpm2_pcr_read_exp_resp), rlength);
|
|
goto exit;
|
|
}
|
|
|
|
if (memcmp(rbuffer, tpm2_pcr_read_exp_resp, rlength)) {
|
|
fprintf(stderr, "Expected response is different than received one.\n");
|
|
dump_array("actual:", rbuffer, rlength);
|
|
dump_array("expected:", tpm2_pcr_read_exp_resp, sizeof(tpm2_pcr_read_exp_resp));
|
|
goto exit;
|
|
}
|
|
|
|
ret = 0;
|
|
|
|
exit:
|
|
TPMLIB_Terminate();
|
|
TPM_Free(rbuffer);
|
|
|
|
return ret;
|
|
}
|