2 * This file is part of the OpenPTS project.
4 * The Initial Developer of the Original Code is International
5 * Business Machines Corporation. Portions created by IBM
6 * Corporation are Copyright (C) 2010 International Business
7 * Machines Corporation. All Rights Reserved.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the Common Public License as published by
11 * IBM Corporation; either version 1 of the License, or (at your option)
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * Common Public License for more details.
19 * You should have received a copy of the Common Public License
20 * along with this program; if not, a copy can be viewed at
21 * http://www.opensource.org/licenses/cpl1.0.php.
27 * @author Seiji Munetoh <munetoh@users.sourceforge.jp>
29 * cleanup 2012-01-05 SM
31 * Emulate TPM to validate IML and PCR
38 #include <tss/platform.h>
39 #include <tss/tss_defines.h>
40 #include <tss/tss_typedef.h>
41 #include <tss/tss_structs.h>
42 #include <tss/tss_error.h>
45 #include <openssl/sha.h>
49 /* TPM functions -------------------------------------------------------------*/
54 int resetTpm(OPENPTS_TPM_CONTEXT *tctx, int drtm) {
57 DEBUG_TPM("tpm.c - RESET (POR)\n");
61 LOG(LOG_ERR, "ERROR TPM_CONTEXT is NULL");
65 for (i = 0; i < MAX_PCRNUM; i++) {
66 for (j = 0; j < SHA1_DIGEST_SIZE; j++) {
71 for (i = 17; i < 23; i++) {
72 for (j = 0; j < SHA1_DIGEST_SIZE; j++) {
73 if (drtm == 0) tctx->pcr[i][j] = 0xff;
74 else tctx->pcr[i][j] = 0x00;
78 DEBUG_TPM("tpm.c - RESET (POR)\n");
86 int resetTpmPcr(OPENPTS_TPM_CONTEXT *tctx, int index) {
89 DEBUG_TPM("resetTpmPcr - RESET just one PCR %d\n", index);
93 LOG(LOG_ERR, "ERROR TPM_CONTEXT is NULL");
97 for (j = 0; j < SHA1_DIGEST_SIZE; j++) {
98 tctx->pcr[index][j] = 0;
104 * check digest is Zero or not
107 * @return 1 if digest is Zero
109 int isZero(BYTE * digest) {
113 if (digest == NULL) {
114 LOG(LOG_ERR, "null input");
119 for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
120 if (digest[i] != 0 ) return 0;
130 void setFF(BYTE * digest) {
134 if (digest == NULL) {
135 LOG(LOG_ERR, "null input");
140 for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
146 * extend event to TPM
151 int extendTpm(OPENPTS_TPM_CONTEXT *tctx, TSS_PCR_EVENT *event) {
158 LOG(LOG_ERR, "TPM_CONTEXT is NULL\n");
162 LOG(LOG_ERR, "TSS_PCR_EVENT is NULL\n");
166 digest = event->rgbPcrValue;
167 if (digest == NULL) {
168 LOG(LOG_ERR, "event->rgbPcrValue is NULL\n");
172 index = event->ulPcrIndex;
173 if (index >= MAX_PCRNUM) {
174 LOG(LOG_ERR, "BAD PCR INDEX %d >= %d\n", index, MAX_PCRNUM);
175 return PTS_INTERNAL_ERROR;
179 LOG(LOG_ERR, "ERROR BAD PCR INDEX %d < 0\n", index);
180 return PTS_INTERNAL_ERROR;
183 if (index == 10) { // Linux-IML, 0000... -> FFFF...
184 if (isZero(digest) == 1) {
190 SHA1_Update(&ctx, &(tctx->pcr[index][0]), SHA1_DIGEST_SIZE);
191 SHA1_Update(&ctx, digest, SHA1_DIGEST_SIZE);
192 SHA1_Final(&tctx->pcr[index][0], &ctx);
194 if (isDebugFlagSet(DEBUG_TPM_FLAG)) {
196 DEBUG_TPM("\ttpm.c - extend pcr=%d digest=", index);
197 for (i = 0; i < SHA1_DIGEST_SIZE; i++) OUTPUT("%02x", digest[i]);
199 for (i = 0; i < SHA1_DIGEST_SIZE; i++) OUTPUT("%02x", tctx->pcr[index][i]);
207 * extend event to TPM (2)
213 int extendTpm2(OPENPTS_TPM_CONTEXT *tctx, int index, BYTE * digest) {
218 LOG(LOG_ERR, "TPM_CONTEXT is NULL\n");
221 if (digest == NULL) {
222 LOG(LOG_ERR, "null input\n");
226 if (index >= MAX_PCRNUM) {
227 LOG(LOG_ERR, "BAD pcr index, %d >= %d", index, MAX_PCRNUM);
228 return PTS_INTERNAL_ERROR;
232 if (index == 10) { // Linux-IML, 0000... -> FFFF...
233 if (isZero(digest) == 1) {
239 SHA1_Update(&ctx, &(tctx->pcr[index][0]), SHA1_DIGEST_SIZE);
240 SHA1_Update(&ctx, digest, SHA1_DIGEST_SIZE);
241 SHA1_Final(&tctx->pcr[index][0], &ctx);
243 if (isDebugFlagSet(DEBUG_TPM_FLAG)) {
245 DEBUG_TPM("tpm.c - extend pcr=%d digest=", index);
246 for (i = 0; i < SHA1_DIGEST_SIZE; i++) OUTPUT("%02x", digest[i]);
254 * check current PCR value with digest
260 int checkTpmPcr2(OPENPTS_TPM_CONTEXT *tctx, int index, BYTE * digest) {
265 LOG(LOG_ERR, "TPM_CONTEXT is NULL\n");
269 for (i = 0; i < SHA1_DIGEST_SIZE; i++) {
270 if (tctx->pcr[index][i] != digest[i]) return PTS_INTERNAL_ERROR; // TODO
276 * print TPM PCRs to stdout
278 int printTpm(OPENPTS_TPM_CONTEXT *tctx) {
281 DEBUG_FSM("tpm.c - pprint pcrs\n");
285 LOG(LOG_ERR, "TPM_CONTEXT is NULL\n");
289 for (i = 0; i < MAX_PCRNUM; i++) {
290 OUTPUT("PCR[%2d] = ", i);
291 for (j = 0; j < SHA1_DIGEST_SIZE; j++) {
292 OUTPUT("%02x", tctx->pcr[i][j]);
303 int getTpmPcrValue(OPENPTS_TPM_CONTEXT *tpm, int index, BYTE *digest) {
306 DEBUG_CAL("getTpmPcrValue - pcr[%d]\n", index);
310 LOG(LOG_ERR, "null input");
313 if (digest == NULL) {
314 LOG(LOG_ERR, "null input");
317 if (index >= MAX_PCRNUM) {
318 LOG(LOG_ERR, "BAD PCR INDEX %d >= %d\n", index, MAX_PCRNUM);
319 return PTS_INTERNAL_ERROR;
322 LOG(LOG_ERR, "ERROR BAD PCR INDEX %d < 0\n", index);
323 return PTS_INTERNAL_ERROR;
327 for (j = 0; j < SHA1_DIGEST_SIZE; j++) {
328 digest[j]=tpm->pcr[index][j];
331 DEBUG_CAL("getTpmPcrValue - done\n");