Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
SoftwareDesign
/
csu3_am335x
8
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Салаа: master
Салаанууд Тагууд
csu3_am335x
/
EVSE
/
GPL
/
tpm2-tools-5.1
/
tools
/
fapi
/
tss2_quote.c

tss2_quote.c 6.4 KB
Байнгын холболт Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223 
  1. /* SPDX-License-Identifier: BSD-3-Clause */
    2. 

  2. 

  3. #include <stdbool.h>
    4. 

  4. #include <stdio.h>
    5. 

  5. #include <stdlib.h>
    6. 

  6. #include <string.h>
    7. 

  7. #include "tools/fapi/tss2_template.h"
    8. 

  8. 

  9. /* Context struct used to store passed command line parameters */
    10. 

  10. static struct cxt {
    11. 

  11.     uint32_t   *pcrList;
    12. 

  12.     size_t     pcrListSize;
    13. 

  13.     char const *keyPath;
    14. 

  14.     char const *qualifyingData;
    15. 

  15.     char const *quoteInfo;
    16. 

  16.     char const *pcrLog;
    17. 

  17.     char const *signature;
    18. 

  18.     char const *certificate;
    19. 

  19.     bool        overwrite;
    20. 

  20. } ctx;
    21. 

  21. 

  22. /**
    23. 

  23.  * Split the comma separated input, parse each token as number,
    24. 

  24.  * put the numbers in the array output.  Allocate memory for
    25. 

  25.  * output to hold the numbers.
    26. 

  26.  *
    27. 

  27.  * On failure returns false and output is not allocated.
    28. 

  28.  * On success the caller frees output.
    29. 

  29.  */
    30. 

  30. static inline bool extract_pcrs(char *input, uint32_t **output, size_t *list_size) {
    31. 

  31.     size_t size = 1;
    32. 

  32.     char *temp = input;
    33. 

  33.     while ((temp = strchr (temp+1, ','))) size++;
    34. 

  34.     *output = malloc (sizeof(uint32_t) * (size));
    35. 

  35.     if (!*output) {
    36. 

  36.         fprintf (stderr, "malloc failed: %m\n");
    37. 

  37.         return false;
    38. 

  38.     }
    39. 

  39.     char *x = strtok_r (input, ",", &temp);
    40. 

  40.     if (!tpm2_util_string_to_uint32(x, output[0])) {
    41. 

  41.         fprintf (stderr, "%s cannot be used as PCR\n", x);
    42. 

  42.         free (*output);
    43. 

  43.         return false;
    44. 

  44.     }
    45. 

  45.     size = 0;
    46. 

  46.     while ((x = strtok_r (NULL, ",", &temp))) {
    47. 

  47.       if (!tpm2_util_string_to_uint32(x, &(*output)[++size])) {
    48. 

  48.             fprintf (stderr, "%s cannot be used as PCR\n", x);
    49. 

  49.             free (*output);
    50. 

  50.             return false;
    51. 

  51.         }
    52. 

  52.     }
    53. 

  53. 

  54.     *list_size = size+1;
    55. 

  55. 

  56.     return true;
    57. 

  57. }
    58. 

  58. 

  59. /* Parse command line parameters */
    60. 

  60. static bool on_option(char key, char *value) {
    61. 

  61.     (void)value;
    62. 

  62.     switch (key) {
    63. 

  63.     case 'x':
    64. 

  64.         return extract_pcrs(value, &ctx.pcrList, &ctx.pcrListSize);
    65. 

  65.     case 'Q':
    66. 

  66.         ctx.qualifyingData = value;
    67. 

  67.         break;
    68. 

  68.     case 'l':
    69. 

  69.         ctx.pcrLog = value;
    70. 

  70.         break;
    71. 

  71.     case 'f':
    72. 

  72.         ctx.overwrite = true;
    73. 

  73.         break;
    74. 

  74.     case 'p':
    75. 

  75.         ctx.keyPath = value;
    76. 

  76.         break;
    77. 

  77.     case 'q':
    78. 

  78.         ctx.quoteInfo = value;
    79. 

  79.         break;
    80. 

  80.     case 'o':
    81. 

  81.         ctx.signature = value;
    82. 

  82.         break;
    83. 

  83.     case 'c':
    84. 

  84.         ctx.certificate = value;
    85. 

  85.         break;
    86. 

  86.     }
    87. 

  87.     return true;
    88. 

  88. }
    89. 

  89. 

  90. /* Define possible command line parameters */
    91. 

  91. static bool tss2_tool_onstart(tpm2_options **opts) {
    92. 

  92.     struct option topts[] = {
    93. 

  93.         {"pcrList"       , required_argument, NULL, 'x'},
    94. 

  94.         {"keyPath"        , required_argument, NULL, 'p'},
    95. 

  95.         {"qualifyingData", required_argument, NULL, 'Q'},
    96. 

  96.         {"quoteInfo"     , required_argument, NULL, 'q'},
    97. 

  97.         {"signature"      , required_argument, NULL, 'o'},
    98. 

  98.         {"pcrLog"        , required_argument, NULL, 'l'},
    99. 

  99.         {"certificate"    , required_argument, NULL, 'c'},
    100. 

  100.         {"force"          , no_argument      , NULL, 'f'}
    101. 

  101.     };
    102. 

  102.     return (*opts = tpm2_options_new ("x:Q:l:fp:q:o:c:", ARRAY_LEN(topts),
    103. 

  103.         topts, on_option, NULL, 0)) != NULL;
    104. 

  104. }
    105. 

  105. 

  106. /* Execute specific tool */
    107. 

  107. static int tss2_tool_onrun (FAPI_CONTEXT *fctx) {
    108. 

  108.     /* Check availability of required parameters */
    109. 

  109.     if (!ctx.pcrList) {
    110. 

  110.         fprintf (stderr, "No PCRs were chosen, use --pcrList\n");
    111. 

  111.         return -1;
    112. 

  112.     }
    113. 

  113.     if (!ctx.keyPath) {
    114. 

  114.         fprintf (stderr, "No key path provided, use --keyPath\n");
    115. 

  115.         free (ctx.pcrList);
    116. 

  116.         return -1;
    117. 

  117.     }
    118. 

  118.     if (!ctx.quoteInfo) {
    119. 

  119.         fprintf (stderr, "No quoteInfo provided, use --quoteInfo\n");
    120. 

  120.         free (ctx.pcrList);
    121. 

  121.         return -1;
    122. 

  122.     }
    123. 

  123.     if (!ctx.signature) {
    124. 

  124.         fprintf (stderr, "No signature provided, use --signature\n");
    125. 

  125.         free (ctx.pcrList);
    126. 

  126.         return -1;
    127. 

  127.     }
    128. 

  128. 

  129.     /* Check exclusive access to stdout */
    130. 

  130.     int count_out = 0;
    131. 

  131.     if (ctx.quoteInfo && !strcmp (ctx.quoteInfo, "-")) count_out +=1;
    132. 

  132.     if (ctx.pcrLog && !strcmp (ctx.pcrLog, "-")) count_out +=1;
    133. 

  133.     if (ctx.signature && !strcmp (ctx.signature, "-")) count_out +=1;
    134. 

  134.     if (ctx.certificate && !strcmp (ctx.certificate, "-")) count_out +=1;
    135. 

  135.     if (count_out > 1) {
    136. 

  136.         fprintf (stderr, "Only one of --quoteInfo, --pcrLog, --signature and "\
    137. 

  137.             "--certificate can print to - (standard output)\n");
    138. 

  138.         free (ctx.pcrList);
    139. 

  139.         return -1;
    140. 

  140.     }
    141. 

  141. 

  142.     /* Read qualifyingData file */
    143. 

  143.     TSS2_RC r;
    144. 

  144.     uint8_t *qualifyingData = NULL;
    145. 

  145.     size_t qualifyingDataSize = 0;
    146. 

  146.     if (ctx.qualifyingData) {
    147. 

  147.         r = open_read_and_close (ctx.qualifyingData,
    148. 

  148.             (void*)&qualifyingData, &qualifyingDataSize);
    149. 

  149.         if (r) {
    150. 

  150.           free (ctx.pcrList);
    151. 

  151.           return 1;
    152. 

  152.         }
    153. 

  153.     }
    154. 

  154. 

  155.     /* Execute FAPI command with passed arguments */
    156. 

  156.     uint8_t *signature;
    157. 

  157.     size_t signatureSize;
    158. 

  158.     char *quoteInfo, *pcrLog = NULL, *certificate = NULL;
    159. 

  159.     r = Fapi_Quote (fctx, ctx.pcrList, ctx.pcrListSize, ctx.keyPath,
    160. 

  160.         NULL, qualifyingData, qualifyingDataSize, &quoteInfo,
    161. 

  161.         &signature, &signatureSize, &pcrLog, &certificate);
    162. 

  162.     if (r != TSS2_RC_SUCCESS) {
    163. 

  163.         LOG_PERR ("Fapi_Quote", r);
    164. 

  164.         free (ctx.pcrList);
    165. 

  165.         free (qualifyingData);
    166. 

  166.         return 1;
    167. 

  167.     }
    168. 

  168. 

  169.     free (ctx.pcrList);
    170. 

  170.     free (qualifyingData);
    171. 

  171. 

  172.     /* Write returned data to file(s) */
    173. 

  173.     if (ctx.quoteInfo && quoteInfo) {
    174. 

  174.         r = open_write_and_close (ctx.quoteInfo, ctx.overwrite, quoteInfo,
    175. 

  175.             strlen(quoteInfo));
    176. 

  176.         if (r) {
    177. 

  177.             Fapi_Free (quoteInfo);
    178. 

  178.             Fapi_Free (pcrLog);
    179. 

  179.             Fapi_Free (signature);
    180. 

  180.             Fapi_Free (certificate);
    181. 

  181.             return 1;
    182. 

  182.         }
    183. 

  183.     }
    184. 

  184. 

  185.     Fapi_Free (quoteInfo);
    186. 

  186. 

  187.     if (ctx.pcrLog && pcrLog) {
    188. 

  188.         r = open_write_and_close (ctx.pcrLog, ctx.overwrite, pcrLog,
    189. 

  189.             strlen(pcrLog));
    190. 

  190.         if (r) {
    191. 

  191.             Fapi_Free (pcrLog);
    192. 

  192.             Fapi_Free (signature);
    193. 

  193.             Fapi_Free (certificate);
    194. 

  194.             return 1;
    195. 

  195.         }
    196. 

  196.     }
    197. 

  197.     Fapi_Free (pcrLog);
    198. 

  198. 

  199.     if (ctx.signature && signature) {
    200. 

  200.         r = open_write_and_close (ctx.signature, ctx.overwrite, signature,
    201. 

  201.             signatureSize);
    202. 

  202.         if (r) {
    203. 

  203.             Fapi_Free (signature);
    204. 

  204.             Fapi_Free (certificate);
    205. 

  205.             return 1;
    206. 

  206.         }
    207. 

  207.     }
    208. 

  208.     Fapi_Free (signature);
    209. 

  209. 

  210.     if (ctx.certificate && certificate) {
    211. 

  211.         r = open_write_and_close (ctx.certificate, ctx.overwrite, certificate,
    212. 

  212.             strlen(certificate));
    213. 

  213.         if (r) {
    214. 

  214.             Fapi_Free (certificate);
    215. 

  215.             return 1;
    216. 

  216.         }
    217. 

  217.     }
    218. 

  218.     Fapi_Free (certificate);
    219. 

  219. 

  220.     return 0;
    221. 

  221. }
    222. 

  222. 

  223. TSS2_TOOL_REGISTER("quote", tss2_tool_onstart, tss2_tool_onrun, NULL)
    224.