1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3 * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
5 *******************************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include <stdlib.h>
12
13 #include "tss2_esys.h"
14
15 #include "esys_iutil.h"
16 #define LOGMODULE test
17 #include "util/log.h"
18 #include "util/aux_util.h"
19
20 /** This test is intended to test Esys_ECDH_ZGen.
21 * based on an ECC key
22 * created with Esys_CreatePrimary and a dummy ECC point.
23 *
24 * Tested ESAPI commands:
25 * - Esys_CreatePrimary() (M)
26 * - Esys_ECDH_ZGen() (M)
27 * - Esys_FlushContext() (M)
28 * - Esys_StartAuthSession() (M)
29 *
30 * @param[in,out] esys_context The ESYS_CONTEXT.
31 * @retval EXIT_FAILURE
32 * @retval EXIT_SUCCESS
33 */
34
35 int
test_esys_ecdh_zgen(ESYS_CONTEXT * esys_context)36 test_esys_ecdh_zgen(ESYS_CONTEXT * esys_context)
37 {
38 TSS2_RC r;
39 ESYS_TR eccHandle = ESYS_TR_NONE;
40 ESYS_TR session = ESYS_TR_NONE;
41 TPMT_SYM_DEF symmetric = {
42 .algorithm = TPM2_ALG_AES,
43 .keyBits = { .aes = 128 },
44 .mode = {.aes = TPM2_ALG_CFB}
45 };
46 TPMA_SESSION sessionAttributes;
47 TPM2B_NONCE nonceCaller = {
48 .size = 20,
49 .buffer = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20}
50 };
51
52 TPM2B_PUBLIC *outPublic = NULL;
53 TPM2B_CREATION_DATA *creationData = NULL;
54 TPM2B_DIGEST *creationHash = NULL;
55 TPMT_TK_CREATION *creationTicket = NULL;
56 TPM2B_ECC_POINT *outPoint = NULL;
57
58 memset(&sessionAttributes, 0, sizeof sessionAttributes);
59
60 r = Esys_StartAuthSession(esys_context, ESYS_TR_NONE, ESYS_TR_NONE,
61 ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
62 &nonceCaller,
63 TPM2_SE_HMAC, &symmetric, TPM2_ALG_SHA1,
64 &session);
65 goto_if_error(r, "Error: During initialization of session", error);
66
67 TPM2B_SENSITIVE_CREATE inSensitive = {
68 .size = 0,
69 .sensitive = {
70 .userAuth = {
71 .size = 0,
72 .buffer = {0}
73 },
74 .data = {
75 .size = 0,
76 .buffer = {0}
77 }
78 }
79 };
80 TPM2B_PUBLIC inPublicECC = {
81 .size = 0,
82 .publicArea = {
83 .type = TPM2_ALG_ECC,
84 .nameAlg = TPM2_ALG_SHA1,
85 .objectAttributes = (TPMA_OBJECT_USERWITHAUTH |
86 TPMA_OBJECT_DECRYPT |
87 TPMA_OBJECT_FIXEDTPM |
88 TPMA_OBJECT_FIXEDPARENT |
89 TPMA_OBJECT_SENSITIVEDATAORIGIN),
90 .authPolicy = {
91 .size = 0,
92 },
93 .parameters.eccDetail = {
94 .symmetric = {
95 .algorithm = TPM2_ALG_NULL,
96 .keyBits.aes = 128,
97 .mode.aes = TPM2_ALG_CFB,
98 },
99 .scheme = {
100 .scheme = TPM2_ALG_ECDH,
101 .details = {.ecdh = {.hashAlg = TPM2_ALG_SHA1}
102 }
103 },
104 .curveID = TPM2_ECC_NIST_P256,
105 .kdf = {.scheme = TPM2_ALG_NULL }
106 },
107 .unique.ecc = {
108 .x = {.size = 0,.buffer = {}},
109 .y = {.size = 0,.buffer = {}}
110 }
111 ,
112 }
113 };
114 LOG_INFO("\nECC key will be created.");
115 TPM2B_PUBLIC inPublic = inPublicECC;
116
117 TPM2B_DATA outsideInfo = {
118 .size = 0,
119 .buffer = {}
120 ,
121 };
122
123 TPML_PCR_SELECTION creationPCR = {
124 .count = 0,
125 };
126
127 TPM2B_AUTH authValue = {
128 .size = 0,
129 .buffer = {}
130 };
131
132 r = Esys_TR_SetAuth(esys_context, ESYS_TR_RH_OWNER, &authValue);
133 goto_if_error(r, "Error: TR_SetAuth", error);
134
135 r = Esys_CreatePrimary(esys_context, ESYS_TR_RH_OWNER, session,
136 ESYS_TR_NONE, ESYS_TR_NONE, &inSensitive, &inPublic,
137 &outsideInfo, &creationPCR, &eccHandle,
138 &outPublic, &creationData, &creationHash,
139 &creationTicket);
140 goto_if_error(r, "Error esapi create primary", error);
141
142 TPM2B_ECC_POINT inPoint= {
143 .size = 0,
144 .point = {
145 .x = {
146 .size = 32,
147 .buffer = {
148 0x25, 0xdb, 0x1f, 0x8b, 0xbc, 0xfa, 0xbc, 0x31,
149 0xf8, 0x17, 0x6a, 0xcb, 0xb2, 0xf8, 0x40, 0xa3,
150 0xb6, 0xa5, 0xd3, 0x40, 0x65, 0x9d, 0x37, 0xee,
151 0xd9, 0xfd, 0x52, 0x47, 0xf5, 0x14, 0xd5, 0x98
152 },
153 },
154 .y = {
155 .size = 32,
156 .buffer = {
157 0xed, 0x62, 0x3e, 0x3d, 0xd2, 0x09, 0x08, 0xcf,
158 0x58, 0x3c, 0x81, 0x4b, 0xbf, 0x65, 0x7e, 0x08,
159 0xab, 0x9f, 0x40, 0xff, 0xea, 0x51, 0xda, 0x21,
160 0x29, 0x8c, 0xe2, 0x4d, 0xeb, 0x34, 0x4c, 0xcc
161 }
162 }
163 }
164 };
165
166 r = Esys_ECDH_ZGen(
167 esys_context,
168 eccHandle,
169 ESYS_TR_PASSWORD,
170 ESYS_TR_NONE,
171 ESYS_TR_NONE,
172 &inPoint,
173 &outPoint);
174 goto_if_error(r, "Error: ECDH_ZGen", error);
175
176 r = Esys_FlushContext(esys_context, eccHandle);
177 goto_if_error(r, "Error during FlushContext", error);
178
179 r = Esys_FlushContext(esys_context, session);
180 goto_if_error(r, "Flushing context", error);
181
182 Esys_Free(outPublic);
183 Esys_Free(creationData);
184 Esys_Free(creationHash);
185 Esys_Free(creationTicket);
186 Esys_Free(outPoint);
187 return EXIT_SUCCESS;
188
189 error:
190 LOG_ERROR("\nError Code: %x\n", r);
191
192 if (session != ESYS_TR_NONE) {
193 if (Esys_FlushContext(esys_context, session) != TSS2_RC_SUCCESS) {
194 LOG_ERROR("Cleanup session failed.");
195 }
196 }
197
198 if (eccHandle != ESYS_TR_NONE) {
199 if (Esys_FlushContext(esys_context, eccHandle) != TSS2_RC_SUCCESS) {
200 LOG_ERROR("Cleanup eccHandle failed.");
201 }
202 }
203
204 Esys_Free(outPublic);
205 Esys_Free(creationData);
206 Esys_Free(creationHash);
207 Esys_Free(creationTicket);
208 Esys_Free(outPoint);
209 return EXIT_FAILURE;
210 }
211
212 int
test_invoke_esapi(ESYS_CONTEXT * esys_context)213 test_invoke_esapi(ESYS_CONTEXT * esys_context) {
214 return test_esys_ecdh_zgen(esys_context);
215 }
216