diff options
Diffstat (limited to 'roms/skiboot/libstb/tss2/ibmtpm20tss/utils/createekcert.c')
| -rw-r--r-- | roms/skiboot/libstb/tss2/ibmtpm20tss/utils/createekcert.c | 488 |
1 files changed, 488 insertions, 0 deletions
diff --git a/roms/skiboot/libstb/tss2/ibmtpm20tss/utils/createekcert.c b/roms/skiboot/libstb/tss2/ibmtpm20tss/utils/createekcert.c new file mode 100644 index 000000000..072407cde --- /dev/null +++ b/roms/skiboot/libstb/tss2/ibmtpm20tss/utils/createekcert.c @@ -0,0 +1,488 @@ +/********************************************************************************/ +/* */ +/* TPM 2.0 Attestation - Client EK and EK certificate */ +/* Written by Ken Goldman */ +/* IBM Thomas J. Watson Research Center */ +/* */ +/* (c) Copyright IBM Corporation 2016 - 2019. */ +/* */ +/* All rights reserved. */ +/* */ +/* Redistribution and use in source and binary forms, with or without */ +/* modification, are permitted provided that the following conditions are */ +/* met: */ +/* */ +/* Redistributions of source code must retain the above copyright notice, */ +/* this list of conditions and the following disclaimer. */ +/* */ +/* Redistributions in binary form must reproduce the above copyright */ +/* notice, this list of conditions and the following disclaimer in the */ +/* documentation and/or other materials provided with the distribution. */ +/* */ +/* Neither the names of the IBM Corporation nor the names of its */ +/* contributors may be used to endorse or promote products derived from */ +/* this software without specific prior written permission. */ +/* */ +/* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS */ +/* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT */ +/* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR */ +/* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT */ +/* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, */ +/* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT */ +/* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, */ +/* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY */ +/* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT */ +/* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE */ +/* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +/********************************************************************************/ + +/* This program provisions an EK certificate. It is required only for a SW TPM, which does not, of + course, come with a certificate. + + NOTE This is a one time operation unless the EPS is changed, typically through the TSS regression + test. I suggest saving the NVChip file. + + Steps implemented: + + Create a primary key using the default IWG template + + Create a certificate using the CA key cakey.pem + + Create NV Index if not already provisioned. + + Write the certificate to NV. +*/ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdint.h> + +/* Windows 10 crypto API clashes with openssl */ +#ifdef TPM_WINDOWS +#ifndef WIN32_LEAN_AND_MEAN +#define WIN32_LEAN_AND_MEAN +#endif +#endif + +#include <ibmtss/tss.h> +#include <ibmtss/tssutils.h> +#include <ibmtss/tssresponsecode.h> +#include <ibmtss/tsscrypto.h> +#include "ekutils.h" + +/* local function prototypes */ + +static void printUsage(void); + +static TPM_RC defineEKCertIndex(TSS_CONTEXT *tssContext, + uint32_t certLength, + TPMI_RH_NV_INDEX nvIndex, + const char *platformPassword); +static TPM_RC storeEkCertificate(TSS_CONTEXT *tssContext, + uint32_t certLength, + unsigned char *certificate, + TPMI_RH_NV_INDEX nvIndex, + const char *platformPassword); + +int vverbose = 0; +extern int tssUtilsVerbose; + +int main(int argc, char *argv[]) +{ + int rc = 0; + int i; /* argc iterator */ + TSS_CONTEXT *tssContext = NULL; + int noFlush = FALSE; + const char *certificateFilename = NULL; + TPMI_RH_NV_INDEX ekCertIndex = EK_CERT_RSA_INDEX; + /* the CA for endorsement key certificates */ + const char *caKeyFileName = NULL; + const char *caKeyPassword = ""; + const char *platformPassword = NULL; + TPMT_PUBLIC tpmtPublicOut; /* primary key public part */ + char *x509CertString = NULL; + char *pemCertString = NULL; + uint32_t certLength; + unsigned char *certificate = NULL; + + /* FIXME may be better from command line or config file */ + char *subjectEntries[] = { + "US", /* 0 country */ + "NY", /* 1 state */ + "Yorktown", /* 2 locality*/ + "IBM", /* 3 organization */ + NULL, /* 4 organization unit */ + "IBM's SW TPM", /* 5 common name */ + NULL /* 6 email */ + }; + /* FIXME should come from root certificate, cacert.pem, cacertec.pem */ + char *rootIssuerEntriesRsa[] = { + "US" , + "NY" , + "Yorktown" , + "IBM" , + NULL , + "EK CA" , + NULL + }; + char *rootIssuerEntriesEc[] = { + "US" , + "NY" , + "Yorktown" , + "IBM" , + NULL , + "EK EC CA" , + NULL + }; + /* default RSA */ + char **issuerEntries = rootIssuerEntriesRsa; + size_t issuerEntriesSize = sizeof(rootIssuerEntriesRsa)/sizeof(char *); + + setvbuf(stdout, 0, _IONBF, 0); /* output may be going through pipe to log file */ + TSS_SetProperty(NULL, TPM_TRACE_LEVEL, "1"); + tssUtilsVerbose = FALSE; + + /* command line argument defaults */ + for (i=1 ; (i<argc) && (rc == 0) ; i++) { + if (strcmp(argv[i],"-noflush") == 0) { + noFlush = TRUE; + } + else if (strcmp(argv[i],"-of") == 0) { + i++; + if (i < argc) { + certificateFilename = argv[i]; + } + else { + printf("-of option needs a value\n"); + printUsage(); + } + } + else if (strcmp(argv[i],"-alg") == 0) { + i++; + if (i < argc) { + if (strcmp(argv[i],"rsa") == 0) { + ekCertIndex = EK_CERT_RSA_INDEX; + } + else if (strcmp(argv[i],"ecc") == 0) { + ekCertIndex = EK_CERT_EC_INDEX; + } + else { + printf("Bad parameter %s for -alg\n", argv[i]); + printUsage(); + } + } + else { + printf("-alg option needs a value\n"); + printUsage(); + } + } + else if (strcmp(argv[i],"-caalg") == 0) { + i++; + if (i < argc) { + if (strcmp(argv[i],"rsa") == 0) { + issuerEntries = rootIssuerEntriesRsa; + issuerEntriesSize = sizeof(rootIssuerEntriesRsa)/sizeof(char *); + } + else if (strcmp(argv[i],"ec") == 0) { + issuerEntries = rootIssuerEntriesEc; + issuerEntriesSize = sizeof(rootIssuerEntriesEc)/sizeof(char *); + } + else { + printf("Bad parameter %s for -caalg\n", argv[i]); + printUsage(); + } + } + else { + printf("-alg option needs a value\n"); + printUsage(); + } + } + else if (strcmp(argv[i],"-cakey") == 0) { + i++; + if (i < argc) { + caKeyFileName = argv[i]; + } + else { + printf("ERROR: Missing parameter for -cakey\n"); + printUsage(); + } + } + else if (strcmp(argv[i],"-capwd") == 0) { + i++; + if (i < argc) { + caKeyPassword = argv[i]; + } + else { + printf("ERROR: Missing parameter for -capwd\n"); + printUsage(); + } + } + else if (strcmp(argv[i],"-pwdp") == 0) { + i++; + if (i < argc) { + platformPassword = argv[i]; + } + else { + printf("-pwdp option needs a value\n"); + printUsage(); + } + } + else if (strcmp(argv[i],"-h") == 0) { + printUsage(); + } + else if (strcmp(argv[i],"-v") == 0) { + tssUtilsVerbose = 1; + } + else if (strcmp(argv[i],"-vv") == 0) { + TSS_SetProperty(NULL, TPM_TRACE_LEVEL, "2"); /* trace entire TSS */ + tssUtilsVerbose = 1; + vverbose = 1; + } + else { + printf("\n%s is not a valid option\n", argv[i]); + printUsage(); + } + } + if (caKeyFileName == NULL) { + printf("ERROR: Missing -cakey\n"); + printUsage(); + } + /* Start a TSS context */ + if (rc == 0) { + rc = TSS_Create(&tssContext); + } + /* create a primary EK using the default IWG template */ + if (rc == 0) { + TPM_HANDLE keyHandle; + rc = processCreatePrimary(tssContext, + &keyHandle, + ekCertIndex, /* RSA or EC */ + NULL, 0, /* EK nonce, can be NULL */ + NULL, /* template */ + &tpmtPublicOut, /* primary key */ + noFlush, + tssUtilsVerbose); /* print errors */ + } + /* create the EK certificate from the EK public key, using the above issuer and subject */ + if (rc == 0) { + rc = createCertificate(&x509CertString, /* freed @3 */ + &pemCertString, /* freed @2 */ + &certLength, + &certificate, /* output, freed @1 */ + &tpmtPublicOut, /* public key to be certified */ + caKeyFileName, /* CA signing key */ + issuerEntriesSize, + issuerEntries, /* certificate issuer */ + sizeof(subjectEntries)/sizeof(char *), + subjectEntries, /* certificate subject */ + caKeyPassword); /* CA signing key password */ + } + /* If the NV index is not defined, define it */ + if (rc == 0) { + rc = defineEKCertIndex(tssContext, + certLength, + ekCertIndex, + platformPassword); + } + /* store the EK certificate in NV */ + if (rc == 0) { + rc = storeEkCertificate(tssContext, + certLength, certificate, + ekCertIndex, + platformPassword); + } + /* optionally store the certificate in DER format */ + if ((rc == 0) && (certificateFilename != NULL)) { + rc = TSS_File_WriteBinaryFile(certificate, certLength, certificateFilename); + } + { + TPM_RC rc1 = TSS_Delete(tssContext); + if (rc == 0) { + rc = rc1; + } + } + free(certificate); /* @1 */ + free(pemCertString); /* @2 */ + free(x509CertString); /* @3 */ + return rc; +} + +/* defineEKCertIndex() defines the EK certificate index if it is not already defined */ + +static TPM_RC defineEKCertIndex(TSS_CONTEXT *tssContext, + uint32_t certLength, + TPMI_RH_NV_INDEX nvIndex, + const char *platformPassword) +{ + TPM_RC rc = 0; + NV_ReadPublic_In nvReadPublicIn; + NV_ReadPublic_Out nvReadPublicOut; + NV_DefineSpace_In nvDefineSpaceIn; + + /* read metadata to make sure the index is there, the size is sufficient, and get the Name */ + if (tssUtilsVerbose) printf("defineEKCertIndex: certificate length %u\n", certLength); + if (rc == 0) { + nvReadPublicIn.nvIndex = nvIndex; + rc = TSS_Execute(tssContext, + (RESPONSE_PARAMETERS *)&nvReadPublicOut, + (COMMAND_PARAMETERS *)&nvReadPublicIn, + NULL, + TPM_CC_NV_ReadPublic, + TPM_RH_NULL, NULL, 0); + } + /* if already defined, check the size */ + if (rc == 0) { + if (tssUtilsVerbose) printf("defineEKCertIndex: defined data size %u\n", + nvReadPublicOut.nvPublic.nvPublic.dataSize); + if (nvReadPublicOut.nvPublic.nvPublic.dataSize < certLength) { + printf("defineEKCertIndex: data size %u insufficient for certificate %u\n", + nvReadPublicOut.nvPublic.nvPublic.dataSize, certLength); + rc = EXIT_FAILURE; + } + } + else if ((rc & 0xff) == TPM_RC_HANDLE) { + rc = 0; /* not an error yet, define the index for the EK certificate */ + nvDefineSpaceIn.authHandle = TPM_RH_PLATFORM; + nvDefineSpaceIn.auth.b.size = 0; /* empty auth */ + nvDefineSpaceIn.publicInfo.nvPublic.authPolicy.t.size = 0; /* empty policy */ + nvDefineSpaceIn.publicInfo.nvPublic.nvIndex = nvIndex; /* handle of the data area */ + nvDefineSpaceIn.publicInfo.nvPublic.nameAlg = TPM_ALG_SHA256; /* name hash algorithm */ + nvDefineSpaceIn.publicInfo.nvPublic.attributes.val = 0; + /* PC Client specification */ + nvDefineSpaceIn.publicInfo.nvPublic.attributes.val |= TPMA_NVA_ORDINARY; + nvDefineSpaceIn.publicInfo.nvPublic.attributes.val |= TPMA_NVA_PLATFORMCREATE; + nvDefineSpaceIn.publicInfo.nvPublic.attributes.val |= TPMA_NVA_AUTHREAD; + nvDefineSpaceIn.publicInfo.nvPublic.attributes.val |= TPMA_NVA_NO_DA; + nvDefineSpaceIn.publicInfo.nvPublic.attributes.val |= TPMA_NVA_PPWRITE; + /* required for Microsoft Windows certification test */ + nvDefineSpaceIn.publicInfo.nvPublic.attributes.val |= TPMA_NVA_OWNERREAD; + if (certLength < 1000) { + nvDefineSpaceIn.publicInfo.nvPublic.dataSize = 1000; /* minimum size */ + } + else { + nvDefineSpaceIn.publicInfo.nvPublic.dataSize = certLength; + } + /* call TSS to execute the command */ + if (rc == 0) { + rc = TSS_Execute(tssContext, + NULL, + (COMMAND_PARAMETERS *)&nvDefineSpaceIn, + NULL, + TPM_CC_NV_DefineSpace, + TPM_RS_PW, platformPassword, 0, + TPM_RH_NULL, NULL, 0); + } + } + if (rc != 0) { + const char *msg; + const char *submsg; + const char *num; + printf("defineEKCertIndex: failed, rc %08x\n", rc); + TSS_ResponseCode_toString(&msg, &submsg, &num, rc); + printf("%s%s%s\n", msg, submsg, num); + printf("ERROR: defineEKCertIndex: requires certificate min length %u at index %08x\n", + certLength, nvIndex); + rc = EXIT_FAILURE; + } + return rc; +} + +/* storeEkCertificate() writes the EK certificate at the specified NV index. It does not define the + NV index. */ + +static TPM_RC storeEkCertificate(TSS_CONTEXT *tssContext, + uint32_t certLength, + unsigned char *certificate, + TPMI_RH_NV_INDEX nvIndex, + const char *platformPassword) +{ + TPM_RC rc = 0; + NV_Write_In nvWriteIn; + uint32_t nvBufferMax; /* max write in one chunk */ + uint16_t bytesWritten; /* bytes written so far */ + int done = FALSE; + + if (rc == 0) { + rc = readNvBufferMax(tssContext, + &nvBufferMax); + } + if (rc == 0) { + if (tssUtilsVerbose) printf("storeEkCertificate: writing %u bytes to %08x\n", + certLength, nvIndex); + nvWriteIn.authHandle = TPM_RH_PLATFORM; + nvWriteIn.nvIndex = nvIndex; + nvWriteIn.offset = 0; + bytesWritten = 0; /* bytes written so far */ + } + while ((rc == 0) && !done) { + uint16_t writeBytes; /* bytes to write in this pass */ + if (rc == 0) { + nvWriteIn.offset = bytesWritten; + if ((uint32_t)(certLength - bytesWritten) < nvBufferMax) { + writeBytes = certLength - bytesWritten; /* last chunk */ + } + else { + writeBytes = nvBufferMax; /* next chunk */ + } + rc = TSS_TPM2B_Create(&nvWriteIn.data.b, certificate + bytesWritten, writeBytes, + sizeof(nvWriteIn.data.t.buffer)); + } + if (rc == 0) { + rc = TSS_Execute(tssContext, + NULL, + (COMMAND_PARAMETERS *)&nvWriteIn, + NULL, + TPM_CC_NV_Write, + TPM_RS_PW, platformPassword, 0, + TPM_RH_NULL, NULL, 0); + } + if (rc == 0) { + bytesWritten += writeBytes; + if (bytesWritten == certLength) { + done = TRUE; + } + } + } + if (rc == 0) { + if (tssUtilsVerbose) printf("storeEkCertificate: success\n"); + } + else { + const char *msg; + const char *submsg; + const char *num; + printf("storeEkCertificate: failed, rc %08x\n", rc); + TSS_ResponseCode_toString(&msg, &submsg, &num, rc); + printf("%s%s%s\n", msg, submsg, num); + if (rc == TSS_RC_FILE_OPEN) { + printf("Possible cause: missing nvreadpublic before nvwrite\n"); + } + rc = EXIT_FAILURE; + } + return rc; +} + +static void printUsage(void) +{ + printf("\n"); + printf("createekcert\n"); + printf("\n"); + printf("Provisions an EK certificate, using the default IWG template\n"); + printf("E.g.,\n"); + printf("\n"); + printf("Usage: createekcert -alg rsa -cakey cakey.pem -capwd rrrr -v\n"); + printf("or: createekcert -alg ecc -cakey cakeyecc.pem -capwd rrrr -caalg ec -v\n"); + printf("\n"); + printf("\t[-pwdp\t\tplatform hierarchy password (default empty)]\n"); + printf("\t-cakey\t\tCA PEM key file name\n"); + printf("\t[-capwd\t\tCA PEM key password (default empty)]\n"); + printf("\t[-caalg\t\tCA key algorithm (rsa or ec) (default rsa)]\n"); + printf("\t[-alg\t\t(rsa or ecc certificate) (default rsa)]\n"); + printf("\t[-noflush\tdo not flush the primary key]\n"); + printf("\t[-of\t\tDER certificate output file name]\n"); + printf("\n"); + printf("Currently:\n"); + printf("\n"); + printf("\tCertificate issuer, subject, and validity are hard coded.\n"); + exit(1); +} |