首頁 探索 說明
登入
SoftwareDesign
/
csu3_am335x
8
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
分支: master
分支列表 標籤列表
csu3_am335x
/
EVSE
/
GPL
/
tpm2-tools-5.1
/
tools
/
misc
/
tpm2_print.c

tpm2_print.c 10 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383 
  1. /* SPDX-License-Identifier: BSD-3-Clause */
    2. 

  2. 

  3. #include <inttypes.h>
    4. 

  4. #include <stdbool.h>
    5. 

  5. #include <stdio.h>
    6. 

  6. #include <string.h>
    7. 

  7. 

  8. #include "files.h"
    9. 

  9. #include "log.h"
    10. 

  10. #include "tpm2_alg_util.h"
    11. 

  11. #include "tpm2_tool.h"
    12. 

  12. #include "tpm2_util.h"
    13. 

  13. 

  14. typedef bool (*print_fn)(FILE *f);
    15. 

  15. 

  16. typedef struct tpm2_print_ctx tpm2_print_ctx;
    17. 

  17. struct tpm2_print_ctx {
    18. 

  18.     struct {
    19. 

  19.         const char *path;
    20. 

  20.         print_fn handler;
    21. 

  21.     } file;
    22. 

  22. };
    23. 

  23. 

  24. static tpm2_print_ctx ctx;
    25. 

  25. 

  26. static void print_clock_info(TPMS_CLOCK_INFO *clock_info, size_t indent_count) {
    27. 

  27. 

  28.     print_yaml_indent(indent_count);
    29. 

  29.     tpm2_tool_output("clock: %"PRIu64"\n", clock_info->clock);
    30. 

  30. 

  31.     print_yaml_indent(indent_count);
    32. 

  32.     tpm2_tool_output("resetCount: %"PRIu32"\n", clock_info->resetCount);
    33. 

  33. 

  34.     print_yaml_indent(indent_count);
    35. 

  35.     tpm2_tool_output("restartCount: %"PRIu32"\n", clock_info->restartCount);
    36. 

  36. 

  37.     print_yaml_indent(indent_count);
    38. 

  38.     tpm2_tool_output("safe: %u\n", clock_info->safe);
    39. 

  39. }
    40. 

  40. 

  41. static bool print_TPMS_QUOTE_INFO(TPMS_QUOTE_INFO *info, size_t indent_count) {
    42. 

  42. 

  43.     print_yaml_indent(indent_count);
    44. 

  44.     tpm2_tool_output("pcrSelect:\n");
    45. 

  45. 

  46.     print_yaml_indent(indent_count + 1);
    47. 

  47.     tpm2_tool_output("count: %"PRIu32"\n", info->pcrSelect.count);
    48. 

  48. 

  49.     print_yaml_indent(indent_count + 1);
    50. 

  50.     tpm2_tool_output("pcrSelections:\n");
    51. 

  51. 

  52.     // read TPML_PCR_SELECTION array (of size count)
    53. 

  53.     UINT32 i;
    54. 

  54.     for (i = 0; i < info->pcrSelect.count; ++i) {
    55. 

  55.         print_yaml_indent(indent_count + 2);
    56. 

  56.         tpm2_tool_output("%"PRIu32":\n", i);
    57. 

  57. 

  58.         // print hash type (TPMI_ALG_HASH)
    59. 

  59.         const char* const hash_name = tpm2_alg_util_algtostr(
    60. 

  60.                 info->pcrSelect.pcrSelections[i].hash,
    61. 

  61.                 tpm2_alg_util_flags_hash);
    62. 

  62.         if (!hash_name) {
    63. 

  63.             LOG_ERR("Invalid hash type in quote");
    64. 

  64.             return false;
    65. 

  65.         }
    66. 

  66.         print_yaml_indent(indent_count + 3);
    67. 

  67.         tpm2_tool_output("hash: %"PRIu16" (%s)\n",
    68. 

  68.                 info->pcrSelect.pcrSelections[i].hash,
    69. 

  69.                 hash_name);
    70. 

  70. 

  71.         print_yaml_indent(indent_count + 3);
    72. 

  72.         tpm2_tool_output("sizeofSelect: %"PRIu8"\n",
    73. 

  73.                 info->pcrSelect.pcrSelections[i].sizeofSelect);
    74. 

  74. 

  75.         // print PCR selection in hex
    76. 

  76.         print_yaml_indent(indent_count + 3);
    77. 

  77.         tpm2_tool_output("pcrSelect: ");
    78. 

  78.         tpm2_util_hexdump((BYTE *)&info->pcrSelect.pcrSelections[i].pcrSelect,
    79. 

  79.                 info->pcrSelect.pcrSelections[i].sizeofSelect);
    80. 

  80.         tpm2_tool_output("\n");
    81. 

  81.     }
    82. 

  82. 

  83.     // print digest in hex (a TPM2B object)
    84. 

  84.     print_yaml_indent(indent_count);
    85. 

  85.     tpm2_tool_output("pcrDigest: ");
    86. 

  86.     tpm2_util_print_tpm2b(&info->pcrDigest);
    87. 

  87.     tpm2_tool_output("\n");
    88. 

  88. 

  89.     return true;
    90. 

  90. }
    91. 

  91. 

  92. static bool print_TPMS_ATTEST(FILE* fd) {
    93. 

  93. 

  94.     TPMS_ATTEST attest = { 0 };
    95. 

  95.     bool res = files_load_attest_file(fd, ctx.file.path, &attest);
    96. 

  96.     if (!res) {
    97. 

  97.         LOG_ERR("Could not parse TPMS_ATTEST file: \"%s\"", ctx.file.path);
    98. 

  98.         return false;
    99. 

  99.     }
    100. 

  100. 

  101.     tpm2_tool_output("magic: ");
    102. 

  102.     /* dump these in TPM endianess (big-endian) */
    103. 

  103.     typeof(attest.magic) be_magic = tpm2_util_hton_32(attest.magic);
    104. 

  104.     tpm2_util_hexdump((const UINT8*) &be_magic,
    105. 

  105.             sizeof(attest.magic));
    106. 

  106.     tpm2_tool_output("\n");
    107. 

  107. 

  108.     // check magic
    109. 

  109.     if (attest.magic != TPM2_GENERATED_VALUE) {
    110. 

  110.         LOG_ERR("Bad magic, got: 0x%x, expected: 0x%x",
    111. 

  111.                 attest.magic, TPM2_GENERATED_VALUE);
    112. 

  112.         return false;
    113. 

  113.     }
    114. 

  114. 

  115.     tpm2_tool_output("type: ");
    116. 

  116.     /* dump these in TPM endianess (big-endian) */
    117. 

  117.     typeof(attest.type) be_type = tpm2_util_hton_16(attest.type);
    118. 

  118.     tpm2_util_hexdump((const UINT8*) &be_type,
    119. 

  119.             sizeof(attest.type));
    120. 

  120.     tpm2_tool_output("\n");
    121. 

  121. 

  122.     tpm2_tool_output("qualifiedSigner: ");
    123. 

  123.     tpm2_util_print_tpm2b(&attest.qualifiedSigner);
    124. 

  124.     tpm2_tool_output("\n");
    125. 

  125. 

  126.     tpm2_tool_output("extraData: ");
    127. 

  127.     tpm2_util_print_tpm2b(&attest.extraData);
    128. 

  128.     tpm2_tool_output("\n");
    129. 

  129. 

  130.     tpm2_tool_output("clockInfo:\n");
    131. 

  131.     print_clock_info(&attest.clockInfo, 1);
    132. 

  132. 

  133.     tpm2_tool_output("firmwareVersion: ");
    134. 

  134.     tpm2_util_hexdump((BYTE *)&attest.firmwareVersion,
    135. 

  135.             sizeof(attest.firmwareVersion));
    136. 

  136.     tpm2_tool_output("\n");
    137. 

  137. 

  138.     switch (attest.type) {
    139. 

  139.     case TPM2_ST_ATTEST_QUOTE:
    140. 

  140.         tpm2_tool_output("attested:\n");
    141. 

  141.         print_yaml_indent(1);
    142. 

  142.         tpm2_tool_output("quote:\n");
    143. 

  143.         return print_TPMS_QUOTE_INFO(&attest.attested.quote, 2);
    144. 

  144.         break;
    145. 

  145. 

  146.     default:
    147. 

  147.         LOG_ERR("Cannot print unsupported type 0x%" PRIx16, attest.type);
    148. 

  148.         return false;
    149. 

  149.     }
    150. 

  150. 

  151.     /* Should be unreachable */
    152. 

  152.     return false;
    153. 

  153. }
    154. 

  154. 

  155. static bool print_TPMS_CONTEXT(FILE *fstream) {
    156. 

  156. 

  157.     /*
    158. 

  158.      * Reading the TPMS_CONTEXT structure to disk, format:
    159. 

  159.      * TPM2.0-TOOLS HEADER
    160. 

  160.      * U32 hierarchy
    161. 

  161.      * U32 savedHandle
    162. 

  162.      * U64 sequence
    163. 

  163.      * U16 contextBlobLength
    164. 

  164.      * BYTE[] contextBlob
    165. 

  165.      */
    166. 

  166.     UINT32 version;
    167. 

  167.     TPMS_CONTEXT context;
    168. 

  168.     bool result = files_read_header(fstream, &version);
    169. 

  169.     if (!result) {
    170. 

  170.         LOG_WARN("The loaded tpm context does not appear to be in the proper "
    171. 

  171.                  "format, assuming old format.");
    172. 

  172.         rewind(fstream);
    173. 

  173.         result = files_read_bytes(fstream, (UINT8 *) &context, sizeof(context));
    174. 

  174.         if (!result) {
    175. 

  175.             LOG_ERR("Could not load tpm context file");
    176. 

  176.             goto out;
    177. 

  177.         } else {
    178. 

  178.             goto print_context;
    179. 

  179.         }
    180. 

  180.     }
    181. 

  181. 

  182.     result = files_read_32(fstream, &context.hierarchy);
    183. 

  183.     if (!result) {
    184. 

  184.         LOG_ERR("Error reading hierarchy!");
    185. 

  185.         goto out;
    186. 

  186.     }
    187. 

  187. 

  188.     result = files_read_32(fstream, &context.savedHandle);
    189. 

  189.     if (!result) {
    190. 

  190.         LOG_ERR("Error reading savedHandle!");
    191. 

  191.         goto out;
    192. 

  192.     }
    193. 

  193. 

  194.     result = files_read_64(fstream, &context.sequence);
    195. 

  195.     if (!result) {
    196. 

  196.         LOG_ERR("Error reading sequence!");
    197. 

  197.         goto out;
    198. 

  198.     }
    199. 

  199. 

  200.     result = files_read_16(fstream, &context.contextBlob.size);
    201. 

  201.     if (!result) {
    202. 

  202.         LOG_ERR("Error reading contextBlob.size!");
    203. 

  203.         goto out;
    204. 

  204.     }
    205. 

  205. 

  206.     if (context.contextBlob.size > sizeof(context.contextBlob.buffer)) {
    207. 

  207.         LOG_ERR("Size mismatch found on contextBlob, got %"PRIu16" expected "
    208. 

  208.                 "less than or equal to %zu", context.contextBlob.size,
    209. 

  209.                 sizeof(context.contextBlob.buffer));
    210. 

  210.         result = false;
    211. 

  211.         goto out;
    212. 

  212.     }
    213. 

  213. 

  214.     result = files_read_bytes(fstream, context.contextBlob.buffer,
    215. 

  215.             context.contextBlob.size);
    216. 

  216.     if (!result) {
    217. 

  217.         LOG_ERR("Error reading contextBlob.size!");
    218. 

  218.         goto out;
    219. 

  219.     }
    220. 

  220. 

  221.     print_context:
    222. 

  222.     tpm2_tool_output("version: %d\n", version);
    223. 

  223.     const char *hierarchy;
    224. 

  224.     switch (context.hierarchy) {
    225. 

  225.     case TPM2_RH_OWNER:
    226. 

  226.         hierarchy = "owner";
    227. 

  227.         break;
    228. 

  228.     case TPM2_RH_PLATFORM:
    229. 

  229.         hierarchy = "platform";
    230. 

  230.         break;
    231. 

  231.     case TPM2_RH_ENDORSEMENT:
    232. 

  232.         hierarchy = "endorsement";
    233. 

  233.         break;
    234. 

  234.     case TPM2_RH_NULL:
    235. 

  235.     default:
    236. 

  236.         hierarchy = "null";
    237. 

  237.         break;
    238. 

  238.     }
    239. 

  239.     tpm2_tool_output("hierarchy: %s\n", hierarchy);
    240. 

  240.     tpm2_tool_output("handle: 0x%X (%u)\n", context.savedHandle,
    241. 

  241.             context.savedHandle);
    242. 

  242.     tpm2_tool_output("sequence: %"PRIu64"\n", context.sequence);
    243. 

  243.     tpm2_tool_output("contextBlob: \n");
    244. 

  244.     tpm2_tool_output("\tsize: %d\n", context.contextBlob.size);
    245. 

  245.     result = true;
    246. 

  246. 

  247. out:
    248. 

  248.     return result;
    249. 

  249. }
    250. 

  250. 

  251. static bool print_TPMT_PUBLIC(FILE *fstream) {
    252. 

  252. 

  253.     TPMT_PUBLIC public = { 0 };
    254. 

  254.     bool res = files_load_template_file(fstream, ctx.file.path, &public);
    255. 

  255.     if (!res) {
    256. 

  256.         return res;
    257. 

  257.     }
    258. 

  258. 

  259.     tpm2_util_tpmt_public_to_yaml(&public, NULL);
    260. 

  260. 

  261.     return true;
    262. 

  262. }
    263. 

  263. 

  264. static bool print_TPM2B_PUBLIC(FILE *fstream) {
    265. 

  265. 

  266.     TPM2B_PUBLIC public = { 0 };
    267. 

  267.     bool res = files_load_public_file(fstream, ctx.file.path, &public);
    268. 

  268.     if (!res) {
    269. 

  269.         return res;
    270. 

  270.     }
    271. 

  271. 

  272.     tpm2_util_public_to_yaml(&public, NULL);
    273. 

  273. 

  274.     return true;
    275. 

  275. }
    276. 

  276. 

  277. #define ADD_HANDLER(type) { .name = #type, .fn = print_##type }
    278. 

  278. 

  279. static bool handle_type(const char *name) {
    280. 

  280. 

  281.     static const struct {
    282. 

  282.         const char *name;
    283. 

  283.         print_fn fn;
    284. 

  284.     } handlers[] = {
    285. 

  285.         ADD_HANDLER(TPMS_ATTEST),
    286. 

  286.         ADD_HANDLER(TPMS_CONTEXT),
    287. 

  287.         ADD_HANDLER(TPM2B_PUBLIC),
    288. 

  288.         ADD_HANDLER(TPMT_PUBLIC)
    289. 

  289.     };
    290. 

  290. 

  291.     size_t i;
    292. 

  292.     for (i=0; i < ARRAY_LEN(handlers); i++) {
    293. 

  293. 

  294.         if (!strcmp(name, handlers[i].name)) {
    295. 

  295.             ctx.file.handler = handlers[i].fn;
    296. 

  296.             return true;
    297. 

  297.         }
    298. 

  298.     }
    299. 

  299. 

  300.     LOG_ERR("Unknown file type, got: \"%s\"", name);
    301. 

  301. 

  302.     return false;
    303. 

  303. }
    304. 

  304. 

  305. static bool on_option(char key, char *value) {
    306. 

  306.     switch (key) {
    307. 

  307.     case 't':
    308. 

  308.         return handle_type(value);
    309. 

  309.     case 'i':
    310. 

  310.         ctx.file.path = value;
    311. 

  311.         break;
    312. 

  312.     default:
    313. 

  313.         LOG_ERR("Invalid option %c", key);
    314. 

  314.         return false;
    315. 

  315.     }
    316. 

  316. 

  317.     return true;
    318. 

  318. }
    319. 

  319. 

  320. static bool on_arg(int argc, char *argv[]) {
    321. 

  321. 

  322.     if (argc != 1) {
    323. 

  323.         LOG_ERR("Expected single file path argument");
    324. 

  324.         return false;
    325. 

  325.     }
    326. 

  326. 

  327.     ctx.file.path = argv[0];
    328. 

  328. 

  329.     return true;
    330. 

  330. }
    331. 

  331. 

  332. static bool tpm2_tool_onstart(tpm2_options **opts) {
    333. 

  333.     static const struct option topts[] = {
    334. 

  334.         { "type",  required_argument, NULL, 't' },
    335. 

  335.     };
    336. 

  336. 

  337.     *opts = tpm2_options_new("t:", ARRAY_LEN(topts), topts, on_option, on_arg,
    338. 

  338.             TPM2_OPTIONS_NO_SAPI);
    339. 

  339. 

  340.     return *opts != NULL;
    341. 

  341. }
    342. 

  342. 

  343. static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
    344. 

  344.     UNUSED(ectx);
    345. 

  345.     UNUSED(flags);
    346. 

  346. 

  347.     FILE* fd = stdin;
    348. 

  348. 

  349.     if (!ctx.file.handler) {
    350. 

  350.         /*
    351. 

  351.          * TODO: This could be automated by each
    352. 

  352.          * type having an interrogation function. If it passes,
    353. 

  353.          * then use the associated handler. For now, make -t
    354. 

  354.          * mandatory.
    355. 

  355.          */
    356. 

  356.         LOG_ERR("Must specify -t/--type");
    357. 

  357.         return tool_rc_general_error;
    358. 

  358.     }
    359. 

  359. 

  360.     if (ctx.file.path) {
    361. 

  361.         LOG_INFO("Reading from file %s", ctx.file.path);
    362. 

  362.         fd = fopen(ctx.file.path, "rb");
    363. 

  363.         if (!fd) {
    364. 

  364.             LOG_ERR("Could not open file %s", ctx.file.path);
    365. 

  365.             return tool_rc_general_error;
    366. 

  366.         }
    367. 

  367.     } else {
    368. 

  368.         LOG_INFO("Reading from stdin");
    369. 

  369.     }
    370. 

  370. 

  371.     bool res = ctx.file.handler(fd);
    372. 

  372. 

  373.     LOG_INFO("Read %ld bytes from file %s", ftell(fd), ctx.file.path);
    374. 

  374. 

  375.     if (fd != stdin) {
    376. 

  376.         fclose(fd);
    377. 

  377.     }
    378. 

  378. 

  379.     return res ? tool_rc_success : tool_rc_general_error;
    380. 

  380. }
    381. 

  381. 

  382. // Register this tool with tpm2_tool.c
    383. 

  383. TPM2_TOOL_REGISTER("print", tpm2_tool_onstart, tpm2_tool_onrun, NULL, NULL)
    384.