libtpmtss: Support for TSS2 v2 libraries

2018-07-17 23:22:52 +02:00 · 2018-07-17 23:22:52 +02:00 · e74e920bbc
parent 75214fabd8
commit e74e920bbc
12 changed files with 1323 additions and 29 deletions
--- a/conf/plugins/tpm.opt
+++ b/conf/plugins/tpm.opt
@ -1,2 +1,5 @@
 charon.plugins.tpm.use_rng = no
 	Whether the TPM should be used as RNG.
 charon.plugins.tpm.tcti.name = tabrmd
 	Name of TCTI library. Valid values: tabrmd, device, mssim.
--- a/configure.ac
+++ b/configure.ac
@ -1019,18 +1019,28 @@ if test x$tss_trousers = xtrue; then
 fi
 if test x$tss_tss2 = xtrue; then
 	PKG_CHECK_MODULES(tss2_sys, [tss2-sys],
 		[tss2_sys=true; AC_DEFINE([TSS2_SYS], [], [use TSS2 v2 System API])],
 		[tss2_sys=false])
 	PKG_CHECK_MODULES(tss2_esys, [tss2-esys],
 		[tss2_esys=true; AC_DEFINE([TSS2_ESYS], [], [use TSS2 v2 Extended System API])],
 		[tss2_esys=false])
 	PKG_CHECK_MODULES(tss2_tabrmd, [tcti-tabrmd],
 		[tss2_tabrmd=true; AC_DEFINE([TSS2_TCTI_TABRMD], [], [use TCTI Access Broker and Resource Mamager])],
 		[tss2_tabrmd=false])
 	PKG_CHECK_MODULES(tss2_socket, [tcti-socket],
 		[tss2_socket=true; AC_DEFINE([TSS2_TCTI_SOCKET], [], [use TCTI Sockets])],
 		[tss2_socket=false])
-	if test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then
+	if test x$tss2_sys = xtrue; then
-		AC_DEFINE([TSS_TSS2], [], [use TSS 2.0 libraries])
+		AC_DEFINE([TSS_TSS2_V2], [], [use TSS 2.0 v2 libraries])
 		AC_SUBST(tss2_CFLAGS, "$tss2_sys_CFLAGS")
 		AC_SUBST(tss2_LIBS, "$tss2_sys_LIBS")
 	elif test x$tss2_tabrmd = xtrue -o x$tss2_socket = xtrue; then
 		AC_DEFINE([TSS_TSS2_V1], [], [use TSS 2.0 v1 libraries])
 		AC_SUBST(tss2_CFLAGS, "$tss2_tabrmd_CFLAGS $tss2_socket_CFLAGS")
 		AC_SUBST(tss2_LIBS, "$tss2_tabrmd_LIBS $tss2_socket_LIBS")
 	else
-		AC_MSG_FAILURE([no TSS2 TCTI library detected])
+		AC_MSG_FAILURE([no TSS2 TCTI or SAPI libraries detected])
 	fi
 fi
--- a/src/libtpmtss/Makefile.am
+++ b/src/libtpmtss/Makefile.am
@ -24,8 +24,8 @@ libtpmtss_la_SOURCES = \
 	tpm_tss.h tpm_tss.c \
 	tpm_tss_quote_info.h tpm_tss_quote_info.c \
 	tpm_tss_trousers.h tpm_tss_trousers.c \
-	tpm_tss_tss2.h tpm_tss_tss2.c \
+	tpm_tss_tss2.h tpm_tss_tss2_v1.c tpm_tss_tss2_v2.c \
-	tpm_tss_tss2_names.h tpm_tss_tss2_names.c
+	tpm_tss_tss2_names.h tpm_tss_tss2_names_v1.c tpm_tss_tss2_names_v2.c
 if MONOLITHIC
 SUBDIRS =
--- a/src/libtpmtss/plugins/tpm/tpm_plugin.c
+++ b/src/libtpmtss/plugins/tpm/tpm_plugin.c
@ -18,6 +18,7 @@
 #include "tpm_cert.h"
 #include "tpm_rng.h"
 #include <tpm_tss.h>
 #include <library.h>
 typedef struct private_tpm_plugin_t private_tpm_plugin_t;
@ -80,6 +81,7 @@ METHOD(plugin_t, destroy, void,
 	private_tpm_plugin_t *this)
 {
 	free(this);
 	libtpmtss_deinit();
 }
 /*
@ -89,6 +91,11 @@ plugin_t *tpm_plugin_create()
 {
 	private_tpm_plugin_t *this;
 	if (!libtpmtss_init())
 	{
 		return NULL;
 	}
 	INIT(this,
 		.public = {
 			.plugin = {
--- a/src/libtpmtss/tpm_tss.c
+++ b/src/libtpmtss/tpm_tss.c
@ -27,12 +27,20 @@
 /**
 * Described in header.
 */
-void libtpmtss_init(void)
+bool libtpmtss_init(void)
 {
-	/* empty */
+	return tpm_tss_tss2_init();
 }
-typedef tpm_tss_t*(*tpm_tss_create)();
+/**
 * Described in header.
 */
 void libtpmtss_deinit(void)
 {
 	tpm_tss_tss2_deinit();
 }
 typedef tpm_tss_t*(*tpm_tss_create)(void);
 /**
 * See header.
--- a/src/libtpmtss/tpm_tss.h
+++ b/src/libtpmtss/tpm_tss.h
@ -48,14 +48,14 @@ struct tpm_tss_t {
 	/**
 	 * Get TPM version supported by TSS
 	 *
-	 * @return		TPM version
+	 * @return				TPM version
 	 */
 	tpm_version_t (*get_version)(tpm_tss_t *this);
 	/**
 	 * Get TPM version info (TPM 1.2 only)
 	 *
-	 * @return			TPM version info struct
+	 * @return				TPM version info struct
 	 */
 	chunk_t (*get_version_info)(tpm_tss_t *this);
@ -74,8 +74,8 @@ struct tpm_tss_t {
 	/**
 	 * Get public key from TPM using its object handle (TPM 2.0 only)
 	 *
-	 * @param handle	key object handle
+	 * @param handle		key object handle
-	 * @return			public key in PKCS#1 format
+	 * @return				public key in PKCS#1 format
 	 */
 	chunk_t (*get_public)(tpm_tss_t *this, uint32_t handle);
@ -169,8 +169,15 @@ struct tpm_tss_t {
 tpm_tss_t *tpm_tss_probe(tpm_version_t version);
 /**
- * Dummy libtpmtss initialization function needed for integrity test
+ * libtpmtss initialization function
 *
 * @return					TRUE if initialization was successful
 */
-void libtpmtss_init(void);
+bool libtpmtss_init(void);
 /**
 * libtpmtss de-initialization function
 */
 void libtpmtss_deinit(void);
 #endif /** TPM_TSS_H_ @}*/
--- a/src/libtpmtss/tpm_tss_trousers.h
+++ b/src/libtpmtss/tpm_tss_trousers.h
@ -47,6 +47,6 @@ struct tpm_tss_trousers_t {
 /**
 * Create a tpm_tss_trousers instance.
 */
-tpm_tss_t *tpm_tss_trousers_create();
+tpm_tss_t *tpm_tss_trousers_create(void);
 #endif /** TPM_TSS_TROUSERS_H_ @}*/
--- a/src/libtpmtss/tpm_tss_tss2.h
+++ b/src/libtpmtss/tpm_tss_tss2.h
@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2016-2018 Andreas Steffen
 * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
@ -26,6 +26,18 @@
 /**
 * Create a tpm_tss_tss2 instance.
 */
-tpm_tss_t *tpm_tss_tss2_create();
+tpm_tss_t *tpm_tss_tss2_create(void);
 /**
 * Initialize the tpm_tss_tss2 library.
 *
 * @return		TRUE if initialization was successful
 */
 bool tpm_tss_tss2_init(void);
 /**
 * /De-initialize the tpm_tss_tss2 library.
 */
 void tpm_tss_tss2_deinit(void);
 #endif /** TPM_TSS_TSS2_H_ @}*/
--- a/src/libtpmtss/tpm_tss_tss2_names_v1.c
+++ b/src/libtpmtss/tpm_tss_tss2_names_v1.c
@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2016-2018 Andreas Steffen
 * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
@ -15,7 +15,7 @@
 #include "tpm_tss_tss2_names.h"
-#ifdef TSS_TSS2
+#ifdef TSS_TSS2_V1
 #include <tpm20.h>
@ -102,7 +102,9 @@ ENUM_NEXT(tpm_ecc_curve_names, TPM_ECC_SM2_P256, TPM_ECC_SM2_P256, TPM_ECC_BN_P6
 );
 ENUM_END(tpm_ecc_curve_names, TPM_ECC_SM2_P256);
-#else /* TSS_TSS2 */
+#else /* TSS_TSS2_V1 */
 #ifndef TSS_TSS2_V2 
 /**
 * TPM 2.0 algorithm ID names
@ -118,6 +120,8 @@ ENUM(tpm_ecc_curve_names, 0, 0,
 	"NONE"
 );
-#endif /* TSS_TSS2 */
+#endif /* !TSS_TSS2_V2 */
 #endif /* TSS_TSS2_V1 */
--- a/src/libtpmtss/tpm_tss_tss2_names_v2.c
+++ b/src/libtpmtss/tpm_tss_tss2_names_v2.c
@ -0,0 +1,98 @@
 /*
 * Copyright (C) 2018 Andreas Steffen
 * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */
 #ifdef TSS_TSS2_V2
 #include "tpm_tss_tss2_names.h"
 #include <tss2/tss2_sys.h>
 /**
 * TPM 2.0 algorithm ID names
 */
 ENUM_BEGIN(tpm_alg_id_names, TPM2_ALG_ERROR, TPM2_ALG_RSA,
 	"ERROR",
 	"RSA"
 );
 ENUM_NEXT(tpm_alg_id_names, TPM2_ALG_SHA1, TPM2_ALG_KEYEDHASH, TPM2_ALG_RSA,
 	"SHA1",
 	"HMAC",
 	"AES",
 	"MGF1",
 	"KEYEDHASH"
 );
 ENUM_NEXT(tpm_alg_id_names, TPM2_ALG_XOR, TPM2_ALG_SHA512, TPM2_ALG_KEYEDHASH,
 	"XOR",
 	"SHA256",
 	"SHA384",
 	"SHA512"
 );
 ENUM_NEXT(tpm_alg_id_names, TPM2_ALG_NULL, TPM2_ALG_NULL, TPM2_ALG_SHA512,
 	"NULL"
 );
 ENUM_NEXT(tpm_alg_id_names, TPM2_ALG_SM3_256, TPM2_ALG_ECMQV, TPM2_ALG_NULL,
 	"SM3_256",
 	"SM4",
 	"RSASSA",
 	"RSAES",
 	"RSAPSS",
 	"OAEP",
 	"ECDSA",
 	"ECDH",
 	"SM2",
 	"ECSCHNORR",
 	"ECMQV"
 );
 ENUM_NEXT(tpm_alg_id_names, TPM2_ALG_KDF1_SP800_56A, TPM2_ALG_ECC, TPM2_ALG_ECMQV,
 	"KDF1_SP800_56A",
 	"KDF2",
 	"KDF1_SP800_108",
 	"ECC"
 );
 ENUM_NEXT(tpm_alg_id_names, TPM2_ALG_SYMCIPHER, TPM2_ALG_CAMELLIA, TPM2_ALG_ECC,
 	"SYMCIPHER",
 	"CAMELLIA"
 );
 ENUM_NEXT(tpm_alg_id_names, TPM2_ALG_CTR, TPM2_ALG_ECB, TPM2_ALG_CAMELLIA,
 	"CTR",
 	"OFB",
 	"CBC",
 	"CFB",
 	"ECB"
 );
 ENUM_END(tpm_alg_id_names, TPM2_ALG_ECB);
 /**
 * TPM 2.0 ECC curve names
 */
 ENUM_BEGIN(tpm_ecc_curve_names, TPM2_ECC_NONE, TPM2_ECC_NIST_P521,
 	"NONE",
 	"NIST_P192",
 	"NIST_P224",
 	"NIST_P256",
 	"NIST_P384",
 	"NIST_P521"
 );
 ENUM_NEXT(tpm_ecc_curve_names, TPM2_ECC_BN_P256, TPM2_ECC_BN_P638, TPM2_ECC_NIST_P521,
 	"BN_P256",
 	"BN_P638"
 );
 ENUM_NEXT(tpm_ecc_curve_names, TPM2_ECC_SM2_P256, TPM2_ECC_SM2_P256, TPM2_ECC_BN_P638,
 	"SM2_P256"
 );
 ENUM_END(tpm_ecc_curve_names, TPM2_ECC_SM2_P256);
 #endif /* TSS_TSS2_V2 */
--- a/src/libtpmtss/tpm_tss_tss2_v1.c
+++ b/src/libtpmtss/tpm_tss_tss2_v1.c
@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2016 Andreas Steffen
+ * Copyright (C) 2016-2018 Andreas Steffen
 * HSR Hochschule fuer Technik Rapperswil
 *
 * This program is free software; you can redistribute it and/or modify it
@ -16,7 +16,7 @@
 #include "tpm_tss_tss2.h"
 #include "tpm_tss_tss2_names.h"
-#ifdef TSS_TSS2
+#ifdef TSS_TSS2_V1
 #include <asn1/asn1.h>
 #include <asn1/oid.h>
@ -24,9 +24,9 @@
 #include <tpm20.h>
-#ifdef TSS2_TCTI_TABRMD
+#ifdef TSS2_TCTI_TABRMD_V1
 #include <tcti/tcti-tabrmd.h>
-#endif /* TSS2_TCTI_TABRMD */
+#endif /* TSS2_TCTI_TABRMD_V1 */
 #ifdef TSS2_TCTI_SOCKET
 #include <tcti_socket.h>
@ -1168,7 +1168,7 @@ tpm_tss_t *tpm_tss_tss2_create()
 	{
 		available = initialize_sys_context(this);
 	}
-	DBG1(DBG_PTS, "TPM 2.0 via TSS2 %savailable", available ? "" : "not ");
+	DBG1(DBG_PTS, "TPM 2.0 via TSS2 v1 %savailable", available ? "" : "not ");
 	if (!available)
 	{
@ -1178,13 +1178,15 @@ tpm_tss_t *tpm_tss_tss2_create()
 	return &this->public;
 }
-#else /* TSS_TSS2 */
+#else /* TSS_TSS2_V1 */
-tpm_tss_t *tpm_tss_tss2_create()
+#ifndef TSS_TSS2_V2
 tpm_tss_t *tpm_tss_tss2_create(void)
 {
 	return NULL;
 }
 #endif /* !TSS_TSS2_V2 */
-#endif /* TSS_TSS2 */
+#endif /* TSS_TSS2_V1 */
--- a/src/libtpmtss/tpm_tss_tss2_v2.c
+++ b/src/libtpmtss/tpm_tss_tss2_v2.c