1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3 * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
5 *******************************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include <stdlib.h>
12
13 #include "tss2_esys.h"
14
15 #include "esys_iutil.h"
16 #define LOGMODULE test
17 #include "util/log.h"
18 #include "util/aux_util.h"
19
20 /** This test is intended to test Esys_ECDH_KeyGen based on an ECC key
21 * created with Esys_CreatePrimary.
22 *
23 * Tested ESAPI commands:
24 * - Esys_CreatePrimary() (M)
25 * - Esys_ECDH_KeyGen() (M)
26 * - Esys_FlushContext() (M)
27 * - Esys_StartAuthSession() (M)
28 *
29 * @param[in,out] esys_context The ESYS_CONTEXT.
30 * @retval EXIT_FAILURE
31 * @retval EXIT_SUCCESS
32 */
33
34 int
test_esys_ecdh_keygen(ESYS_CONTEXT * esys_context)35 test_esys_ecdh_keygen(ESYS_CONTEXT * esys_context)
36 {
37 TSS2_RC r;
38 ESYS_TR eccHandle = ESYS_TR_NONE;
39 ESYS_TR session = ESYS_TR_NONE;
40 TPMT_SYM_DEF symmetric = {.algorithm = TPM2_ALG_AES,.keyBits = {.aes =
41 128},.mode =
42 {.aes = TPM2_ALG_CFB}
43 };
44 TPMA_SESSION sessionAttributes;
45 TPM2B_NONCE nonceCaller = {
46 .size = 20,
47 .buffer = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20}
48 };
49
50 TPM2B_PUBLIC *outPublic = NULL;
51 TPM2B_CREATION_DATA *creationData = NULL;
52 TPM2B_DIGEST *creationHash = NULL;
53 TPMT_TK_CREATION *creationTicket = NULL;
54
55 TPM2B_ECC_POINT *zPoint = NULL;
56 TPM2B_ECC_POINT *pubPoint = NULL;
57
58 memset(&sessionAttributes, 0, sizeof sessionAttributes);
59
60 r = Esys_StartAuthSession(esys_context, ESYS_TR_NONE, ESYS_TR_NONE,
61 ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
62 &nonceCaller,
63 TPM2_SE_HMAC, &symmetric, TPM2_ALG_SHA1,
64 &session);
65 goto_if_error(r, "Error: During initialization of session", error);
66
67 TPM2B_SENSITIVE_CREATE inSensitive = {
68 .size = 0,
69 .sensitive = {
70 .userAuth = {
71 .size = 0,
72 .buffer = {0}
73 ,
74 },
75 .data = {
76 .size = 0,
77 .buffer = {0}
78 }
79 }
80 };
81 TPM2B_PUBLIC inPublicECC = {
82 .size = 0,
83 .publicArea = {
84 .type = TPM2_ALG_ECC,
85 .nameAlg = TPM2_ALG_SHA1,
86 .objectAttributes = (TPMA_OBJECT_USERWITHAUTH |
87 TPMA_OBJECT_DECRYPT |
88 TPMA_OBJECT_FIXEDTPM |
89 TPMA_OBJECT_FIXEDPARENT |
90 TPMA_OBJECT_SENSITIVEDATAORIGIN),
91 .authPolicy = {
92 .size = 0,
93 },
94 .parameters.eccDetail = {
95 .symmetric = {
96 .algorithm = TPM2_ALG_NULL,
97 },
98 .scheme = {
99 .scheme = TPM2_ALG_NULL,
100 .details = {}
101 },
102 .curveID = TPM2_ECC_NIST_P256,
103 .kdf = {.scheme = TPM2_ALG_NULL,
104 .details = {}
105 }
106 },
107 .unique.ecc = {
108 .x = {.size = 0,.buffer = {}},
109 .y = {.size = 0,.buffer = {}}
110 }
111 ,
112 }
113 };
114 LOG_INFO("\nECC key will be created.");
115 TPM2B_PUBLIC inPublic = inPublicECC;
116
117 TPM2B_DATA outsideInfo = {
118 .size = 0,
119 .buffer = {}
120 ,
121 };
122
123 TPML_PCR_SELECTION creationPCR = {
124 .count = 0,
125 };
126
127 TPM2B_AUTH authValue = {
128 .size = 0,
129 .buffer = {}
130 };
131
132 r = Esys_TR_SetAuth(esys_context, ESYS_TR_RH_OWNER, &authValue);
133 goto_if_error(r, "Error: TR_SetAuth", error);
134
135 r = Esys_CreatePrimary(esys_context, ESYS_TR_RH_OWNER, session,
136 ESYS_TR_NONE, ESYS_TR_NONE, &inSensitive, &inPublic,
137 &outsideInfo, &creationPCR, &eccHandle,
138 &outPublic, &creationData, &creationHash,
139 &creationTicket);
140 goto_if_error(r, "Error esapi create primary", error);
141
142 r = Esys_ECDH_KeyGen(
143 esys_context,
144 eccHandle,
145 ESYS_TR_NONE,
146 ESYS_TR_NONE,
147 ESYS_TR_NONE,
148 &zPoint,
149 &pubPoint);
150 goto_if_error(r, "Error: ECDH_KeyGen", error);
151
152 r = Esys_FlushContext(esys_context, eccHandle);
153 goto_if_error(r, "Error during FlushContext", error);
154
155 r = Esys_FlushContext(esys_context, session);
156 goto_if_error(r, "Flushing context", error);
157
158 Esys_Free(outPublic);
159 Esys_Free(creationData);
160 Esys_Free(creationHash);
161 Esys_Free(creationTicket);
162
163 Esys_Free(zPoint);
164 Esys_Free(pubPoint);
165 return EXIT_SUCCESS;
166
167 error:
168 LOG_ERROR("\nError Code: %x\n", r);
169
170 if (session != ESYS_TR_NONE) {
171 if (Esys_FlushContext(esys_context, session) != TSS2_RC_SUCCESS) {
172 LOG_ERROR("Cleanup session failed.");
173 }
174 }
175
176 if (eccHandle != ESYS_TR_NONE) {
177 if (Esys_FlushContext(esys_context, eccHandle) != TSS2_RC_SUCCESS) {
178 LOG_ERROR("Cleanup eccHandle failed.");
179 }
180 }
181 Esys_Free(outPublic);
182 Esys_Free(creationData);
183 Esys_Free(creationHash);
184 Esys_Free(creationTicket);
185
186 Esys_Free(zPoint);
187 Esys_Free(pubPoint);
188 return EXIT_FAILURE;
189 }
190
191 int
test_invoke_esapi(ESYS_CONTEXT * esys_context)192 test_invoke_esapi(ESYS_CONTEXT * esys_context) {
193 return test_esys_ecdh_keygen(esys_context);
194 }
195