1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3 * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
4 * All rights reserved.
5 *******************************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include <stdlib.h>
12
13 #include "tss2_esys.h"
14
15 #include "esys_iutil.h"
16 #define LOGMODULE test
17 #include "util/log.h"
18 #include "util/aux_util.h"
19
20 /** This test is intended to test the definition of a counter in NV ram and to
21 * test the ESAPI NV_Increment function.
22 *
23 * Tested ESAPI commands:
24 * - Esys_FlushContext() (M)
25 * - Esys_NV_DefineSpace() (M)
26 * - Esys_NV_Increment() (M)
27 * - Esys_NV_Read() (M)
28 * - Esys_NV_ReadPublic() (M)
29 * - Esys_NV_UndefineSpace() (M)
30 * - Esys_StartAuthSession() (M)
31 *
32 * Used compiler defines: TEST_SESSION
33 *
34 * @param[in,out] esys_context The ESYS_CONTEXT.
35 * @retval EXIT_FAILURE
36 * @retval EXIT_SUCCESS
37 */
38
39 int
test_esys_nv_ram_counter(ESYS_CONTEXT * esys_context)40 test_esys_nv_ram_counter(ESYS_CONTEXT * esys_context)
41 {
42 TSS2_RC r;
43 ESYS_TR nvHandle = ESYS_TR_NONE;
44
45 TPM2B_NV_PUBLIC *nvPublic = NULL;
46 TPM2B_NAME *nvName = NULL;
47
48 TPM2B_MAX_NV_BUFFER *nv_test_data = NULL;
49
50 #ifdef TEST_SESSION
51 ESYS_TR session = ESYS_TR_NONE;
52 TPMT_SYM_DEF symmetric = {.algorithm = TPM2_ALG_AES,
53 .keyBits = {.aes = 128},
54 .mode = {.aes = TPM2_ALG_CFB}
55 };
56 TPMA_SESSION sessionAttributes;
57 TPM2B_NONCE nonceCaller = {
58 .size = 20,
59 .buffer = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10,
60 11, 12, 13, 14, 15, 16, 17, 18, 19, 20}
61 };
62
63 memset(&sessionAttributes, 0, sizeof sessionAttributes);
64
65 r = Esys_StartAuthSession(esys_context, ESYS_TR_NONE, ESYS_TR_NONE,
66 ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
67 &nonceCaller,
68 TPM2_SE_HMAC, &symmetric, TPM2_ALG_SHA1,
69 &session);
70 goto_if_error(r, "Error: During initialization of session", error);
71 #endif /* TEST_SESSION */
72
73 TPM2B_AUTH auth = {.size = 20,
74 .buffer={10, 11, 12, 13, 14, 15, 16, 17, 18, 19,
75 20, 21, 22, 23, 24, 25, 26, 27, 28, 29}};
76
77 TPM2B_NV_PUBLIC publicInfo = {
78 .size = 0,
79 .nvPublic = {
80 .nvIndex =TPM2_NV_INDEX_FIRST,
81 .nameAlg = TPM2_ALG_SHA1,
82 .attributes = (
83 TPMA_NV_OWNERWRITE |
84 TPMA_NV_AUTHWRITE |
85 TPMA_NV_WRITE_STCLEAR |
86 TPMA_NV_AUTHREAD |
87 TPMA_NV_OWNERREAD |
88 TPM2_NT_COUNTER << TPMA_NV_TPM2_NT_SHIFT
89 ),
90 .authPolicy = {
91 .size = 0,
92 .buffer = {},
93 },
94 .dataSize = 8,
95 }
96 };
97
98 r = Esys_NV_DefineSpace(esys_context,
99 ESYS_TR_RH_OWNER,
100 #ifdef TEST_SESSION
101 session,
102 #else
103 ESYS_TR_PASSWORD,
104 #endif
105 ESYS_TR_NONE,
106 ESYS_TR_NONE,
107 &auth,
108 &publicInfo,
109 &nvHandle);
110
111 goto_if_error(r, "Error esys define nv space", error);
112
113 r = Esys_NV_ReadPublic(esys_context,
114 nvHandle,
115 ESYS_TR_NONE,
116 ESYS_TR_NONE,
117 ESYS_TR_NONE,
118 &nvPublic,
119 &nvName);
120 goto_if_error(r, "Error: nv read public", error);
121
122 RSRC_NODE_T *nvHandleNode;
123
124 r = esys_GetResourceObject(esys_context, nvHandle, &nvHandleNode);
125 goto_if_error(r, "Error: nv get resource object", error);
126
127 if (nvName->size != nvHandleNode->rsrc.name.size ||
128 memcmp(&nvName->name, &nvHandleNode->rsrc.name.name, nvName->size) != 0) {
129 LOG_ERROR("Error: define space name not equal");
130 goto error;
131 }
132 r = Esys_NV_Increment(esys_context,
133 nvHandle,
134 nvHandle,
135 #ifdef TEST_SESSION
136 session,
137 #else
138 ESYS_TR_PASSWORD,
139 #endif
140 ESYS_TR_NONE,
141 ESYS_TR_NONE);
142
143 goto_if_error(r, "Error esys nv write", error);
144
145 Esys_Free(nvPublic);
146 Esys_Free(nvName);
147
148 r = Esys_NV_ReadPublic(esys_context,
149 nvHandle,
150 ESYS_TR_NONE,
151 ESYS_TR_NONE,
152 ESYS_TR_NONE,
153 &nvPublic,
154 &nvName);
155 goto_if_error(r, "Error: nv read public", error);
156
157 r = esys_GetResourceObject(esys_context, nvHandle, &nvHandleNode);
158 goto_if_error(r, "Error: nv get resource object", error);
159
160 if (nvName->size != nvHandleNode->rsrc.name.size ||
161 memcmp(&nvName->name, &nvHandleNode->rsrc.name.name, nvName->size) != 0) {
162 LOG_ERROR("Error: nv write name not equal");
163 goto error;
164 }
165
166 Esys_Free(nvPublic);
167 Esys_Free(nvName);
168
169 r = Esys_NV_Read(esys_context,
170 nvHandle,
171 nvHandle,
172 #ifdef TEST_SESSION
173 session,
174 #else
175 ESYS_TR_PASSWORD,
176 #endif
177 ESYS_TR_NONE,
178 ESYS_TR_NONE,
179 8,
180 0,
181 &nv_test_data);
182
183 goto_if_error(r, "Error esys nv read", error);
184
185 r = Esys_NV_ReadPublic(esys_context,
186 nvHandle,
187 ESYS_TR_NONE,
188 ESYS_TR_NONE,
189 ESYS_TR_NONE,
190 &nvPublic,
191 &nvName);
192 goto_if_error(r, "Error: nv read public", error);
193
194 r = esys_GetResourceObject(esys_context, nvHandle, &nvHandleNode);
195 goto_if_error(r, "Error: nv get resource object", error);
196
197 if (nvName->size != nvHandleNode->rsrc.name.size ||
198 memcmp(&nvName->name, &nvHandleNode->rsrc.name.name, nvName->size) != 0) {
199 LOG_ERROR("Error: nv read name not equal");
200 goto error;
201 }
202
203 r = Esys_NV_UndefineSpace(esys_context,
204 ESYS_TR_RH_OWNER,
205 nvHandle,
206 #ifdef TEST_SESSION
207 session,
208 #else
209 ESYS_TR_PASSWORD,
210 #endif
211 ESYS_TR_NONE,
212 ESYS_TR_NONE
213 );
214 goto_if_error(r, "Error: NV_UndefineSpace", error);
215
216
217 #ifdef TEST_SESSION
218 r = Esys_FlushContext(esys_context, session);
219 goto_if_error(r, "Error: FlushContext", error);
220 #endif
221
222 Esys_Free(nvPublic);
223 Esys_Free(nvName);
224 Esys_Free(nv_test_data);
225 return EXIT_SUCCESS;
226
227 error:
228
229 if (nvHandle != ESYS_TR_NONE) {
230 if (Esys_NV_UndefineSpace(esys_context,
231 ESYS_TR_RH_OWNER,
232 nvHandle,
233 #ifdef TEST_SESSION
234 session,
235 #else
236 ESYS_TR_PASSWORD,
237 #endif
238 ESYS_TR_NONE,
239 ESYS_TR_NONE) != TSS2_RC_SUCCESS) {
240 LOG_ERROR("Cleanup nvHandle failed.");
241 }
242 }
243
244 #ifdef TEST_SESSION
245 if (session != ESYS_TR_NONE) {
246 if (Esys_FlushContext(esys_context, session) != TSS2_RC_SUCCESS) {
247 LOG_ERROR("Cleanup session failed.");
248 }
249 }
250 #endif
251
252 Esys_Free(nvPublic);
253 Esys_Free(nvName);
254 Esys_Free(nv_test_data);
255 return EXIT_FAILURE;
256 }
257
258 int
test_invoke_esapi(ESYS_CONTEXT * esys_context)259 test_invoke_esapi(ESYS_CONTEXT * esys_context) {
260 return test_esys_nv_ram_counter(esys_context);
261 }
262