Home Explore Help
Sign In
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
csu3_am335x
/
EVSE
/
GPL
/
tpm2-tools-5.1
/
tools
/
tpm2_policyauthorize.c

tpm2_policyauthorize.c 3.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121 
  1. /* SPDX-License-Identifier: BSD-3-Clause */
    2. 

  2. 

  3. #include <stdlib.h>
    4. 

  4. 

  5. #include "files.h"
    6. 

  6. #include "log.h"
    7. 

  7. #include "tpm2_tool.h"
    8. 

  8. #include "tpm2_policy.h"
    9. 

  9. #include "tpm2_tool.h"
    10. 

  10. 

  11. typedef struct tpm2_policyauthorize_ctx tpm2_policyauthorize_ctx;
    12. 

  12. struct tpm2_policyauthorize_ctx {
    13. 

  13.     //File path for the session context data
    14. 

  14.     const char *session_path;
    15. 

  15.     //File path for the policy digest that will be authorized
    16. 

  16.     const char *policy_digest_path;
    17. 

  17.     //File path for the policy qualifier data
    18. 

  18.     const char *qualifier_data_path;
    19. 

  19.     //File path for the verifying public key name
    20. 

  20.     const char *verifying_pubkey_name_path;
    21. 

  21.     //File path for the verification ticket
    22. 

  22.     const char *ticket_path;
    23. 

  23.     //File path for storing the policy digest output
    24. 

  24.     const char *out_policy_dgst_path;
    25. 

  25. 

  26.     tpm2_session *session;
    27. 

  27.     TPM2B_DIGEST *policy_digest;
    28. 

  28. };
    29. 

  29. 

  30. static tpm2_policyauthorize_ctx ctx;
    31. 

  31. 

  32. static bool on_option(char key, char *value) {
    33. 

  33. 

  34.     switch (key) {
    35. 

  35.     case 'L':
    36. 

  36.         ctx.out_policy_dgst_path = value;
    37. 

  37.         break;
    38. 

  38.     case 'S':
    39. 

  39.         ctx.session_path = value;
    40. 

  40.         break;
    41. 

  41.     case 'i':
    42. 

  42.         ctx.policy_digest_path = value;
    43. 

  43.         break;
    44. 

  44.     case 'q':
    45. 

  45.         ctx.qualifier_data_path = value;
    46. 

  46.         break;
    47. 

  47.     case 'n':
    48. 

  48.         ctx.verifying_pubkey_name_path = value;
    49. 

  49.         break;
    50. 

  50.     case 't':
    51. 

  51.         ctx.ticket_path = value;
    52. 

  52.         break;
    53. 

  53.     }
    54. 

  54.     return true;
    55. 

  55. }
    56. 

  56. 

  57. static bool tpm2_tool_onstart(tpm2_options **opts) {
    58. 

  58. 

  59.     static struct option topts[] = {
    60. 

  60.         { "policy",        required_argument, NULL, 'L' },
    61. 

  61.         { "session",       required_argument, NULL, 'S' },
    62. 

  62.         { "input",         required_argument, NULL, 'i' },
    63. 

  63.         { "qualification", required_argument, NULL, 'q' },
    64. 

  64.         { "name",          required_argument, NULL, 'n' },
    65. 

  65.         { "ticket",        required_argument, NULL, 't' },
    66. 

  66.     };
    67. 

  67. 

  68.     *opts = tpm2_options_new("L:S:i:q:n:t:", ARRAY_LEN(topts), topts, on_option,
    69. 

  69.     NULL, 0);
    70. 

  70. 

  71.     return *opts != NULL;
    72. 

  72. }
    73. 

  73. 

  74. bool is_check_input_options_ok(void) {
    75. 

  75. 

  76.     if (!ctx.session_path) {
    77. 

  77.         LOG_ERR("Must specify a session file with -S.");
    78. 

  78.         return false;
    79. 

  79.     }
    80. 

  80. 

  81.     if (!ctx.verifying_pubkey_name_path) {
    82. 

  82.         LOG_ERR("Must specify name of the public key used for verification -n.");
    83. 

  83.         return false;
    84. 

  84.     }
    85. 

  85. 

  86.     return true;
    87. 

  87. }
    88. 

  88. 

  89. static tool_rc tpm2_tool_onrun(ESYS_CONTEXT *ectx, tpm2_option_flags flags) {
    90. 

  90. 

  91.     UNUSED(flags);
    92. 

  92. 

  93.     if (!is_check_input_options_ok()) {
    94. 

  94.         return tool_rc_option_error;
    95. 

  95.     }
    96. 

  96. 

  97.     tool_rc rc = tpm2_session_restore(ectx, ctx.session_path, false,
    98. 

  98.             &ctx.session);
    99. 

  99.     if (rc != tool_rc_success) {
    100. 

  100.         return rc;
    101. 

  101.     }
    102. 

  102. 

  103.     rc = tpm2_policy_build_policyauthorize(ectx, ctx.session,
    104. 

  104.             ctx.policy_digest_path, ctx.qualifier_data_path,
    105. 

  105.             ctx.verifying_pubkey_name_path, ctx.ticket_path);
    106. 

  106.     if (rc != tool_rc_success) {
    107. 

  107.         LOG_ERR("Could not build tpm authorized policy");
    108. 

  108.         return rc;
    109. 

  109.     }
    110. 

  110. 

  111.     return tpm2_policy_tool_finish(ectx, ctx.session, ctx.out_policy_dgst_path);
    112. 

  112. }
    113. 

  113. 

  114. static tool_rc tpm2_tool_onstop(ESYS_CONTEXT *ectx) {
    115. 

  115.     UNUSED(ectx);
    116. 

  116.     free(ctx.policy_digest);
    117. 

  117.     return tpm2_session_close(&ctx.session);
    118. 

  118. }
    119. 

  119. 

  120. // Register this tool with tpm2_tool.c
    121. 

  121. TPM2_TOOL_REGISTER("policyauthorize", tpm2_tool_onstart, tpm2_tool_onrun, tpm2_tool_onstop, NULL)
    122.