1*520786ccSPatrick WilliamsUpstream-Status: Pending 2*520786ccSPatrick Williams 3dc9d6147SAndrew GeisslerIndex: git/include/tpm_tspi.h 4dc9d6147SAndrew Geissler=================================================================== 5dc9d6147SAndrew Geissler--- git.orig/include/tpm_tspi.h 6dc9d6147SAndrew Geissler+++ git/include/tpm_tspi.h 7dc9d6147SAndrew Geissler@@ -117,6 +117,10 @@ TSS_RESULT tpmPcrRead(TSS_HTPM a_hTpm, U 8dc9d6147SAndrew Geissler UINT32 *a_PcrSize, BYTE **a_PcrValue); 9dc9d6147SAndrew Geissler TSS_RESULT pcrcompositeSetPcrValue(TSS_HPCRS a_hPcrs, UINT32 a_Idx, 10dc9d6147SAndrew Geissler UINT32 a_PcrSize, BYTE *a_PcrValue); 11dc9d6147SAndrew Geissler+TSS_RESULT tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx, 12dc9d6147SAndrew Geissler+ UINT32 a_DataSize, BYTE *a_Data, 13dc9d6147SAndrew Geissler+ TSS_PCR_EVENT *a_Event, 14dc9d6147SAndrew Geissler+ UINT32 *a_PcrSize, BYTE **a_PcrValue); 15dc9d6147SAndrew Geissler #ifdef TSS_LIB_IS_12 16dc9d6147SAndrew Geissler TSS_RESULT unloadVersionInfo(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v); 17dc9d6147SAndrew Geissler TSS_RESULT pcrcompositeSetPcrLocality(TSS_HPCRS a_hPcrs, UINT32 localityValue); 18dc9d6147SAndrew GeisslerIndex: git/lib/tpm_tspi.c 19dc9d6147SAndrew Geissler=================================================================== 20dc9d6147SAndrew Geissler--- git.orig/lib/tpm_tspi.c 21dc9d6147SAndrew Geissler+++ git/lib/tpm_tspi.c 22dc9d6147SAndrew Geissler@@ -594,6 +594,20 @@ pcrcompositeSetPcrValue(TSS_HPCRS a_hPcr 23dc9d6147SAndrew Geissler return result; 24dc9d6147SAndrew Geissler } 25dc9d6147SAndrew Geissler 26dc9d6147SAndrew Geissler+TSS_RESULT 27dc9d6147SAndrew Geissler+tpmPcrExtend(TSS_HTPM a_hTpm, UINT32 a_Idx, 28dc9d6147SAndrew Geissler+ UINT32 a_DataSize, BYTE *a_Data, 29dc9d6147SAndrew Geissler+ TSS_PCR_EVENT *a_Event, 30dc9d6147SAndrew Geissler+ UINT32 *a_PcrSize, BYTE **a_PcrValue) 31dc9d6147SAndrew Geissler+{ 32dc9d6147SAndrew Geissler+ TSS_RESULT result = 33dc9d6147SAndrew Geissler+ Tspi_TPM_PcrExtend(a_hTpm, a_Idx, a_DataSize, a_Data, a_Event, 34dc9d6147SAndrew Geissler+ a_PcrSize, a_PcrValue); 35dc9d6147SAndrew Geissler+ tspiResult("Tspi_TPM_PcrExtend", result); 36dc9d6147SAndrew Geissler+ 37dc9d6147SAndrew Geissler+ return result; 38dc9d6147SAndrew Geissler+} 39dc9d6147SAndrew Geissler+ 40dc9d6147SAndrew Geissler #ifdef TSS_LIB_IS_12 41dc9d6147SAndrew Geissler /* 42dc9d6147SAndrew Geissler * These getPasswd functions will wrap calls to the other functions and check to see if the TSS 43dc9d6147SAndrew GeisslerIndex: git/src/cmds/Makefile.am 44dc9d6147SAndrew Geissler=================================================================== 45dc9d6147SAndrew Geissler--- git.orig/src/cmds/Makefile.am 46dc9d6147SAndrew Geissler+++ git/src/cmds/Makefile.am 47dc9d6147SAndrew Geissler@@ -22,6 +22,7 @@ 48dc9d6147SAndrew Geissler # 49dc9d6147SAndrew Geissler 50dc9d6147SAndrew Geissler bin_PROGRAMS = tpm_sealdata \ 51dc9d6147SAndrew Geissler+ tpm_extendpcr \ 52dc9d6147SAndrew Geissler tpm_unsealdata 53dc9d6147SAndrew Geissler 54dc9d6147SAndrew Geissler if TSS_LIB_IS_12 55dc9d6147SAndrew Geissler@@ -33,4 +34,5 @@ endif 56dc9d6147SAndrew Geissler LDADD = $(top_builddir)/lib/libtpm_tspi.la -ltspi $(top_builddir)/lib/libtpm_unseal.la -ltpm_unseal -lcrypto @INTLLIBS@ 57dc9d6147SAndrew Geissler 58dc9d6147SAndrew Geissler tpm_sealdata_SOURCES = tpm_sealdata.c 59dc9d6147SAndrew Geissler+tpm_extendpcr_SOURCES = tpm_extendpcr.c 60dc9d6147SAndrew Geissler tpm_unsealdata_SOURCES = tpm_unsealdata.c 61dc9d6147SAndrew GeisslerIndex: git/src/cmds/tpm_extendpcr.c 62dc9d6147SAndrew Geissler=================================================================== 63dc9d6147SAndrew Geissler--- /dev/null 64dc9d6147SAndrew Geissler+++ git/src/cmds/tpm_extendpcr.c 65dc9d6147SAndrew Geissler@@ -0,0 +1,181 @@ 66dc9d6147SAndrew Geissler+/* 67dc9d6147SAndrew Geissler+ * The Initial Developer of the Original Code is International 68dc9d6147SAndrew Geissler+ * Business Machines Corporation. Portions created by IBM 69dc9d6147SAndrew Geissler+ * Corporation are Copyright (C) 2005, 2006 International Business 70dc9d6147SAndrew Geissler+ * Machines Corporation. All Rights Reserved. 71dc9d6147SAndrew Geissler+ * 72dc9d6147SAndrew Geissler+ * This program is free software; you can redistribute it and/or modify 73dc9d6147SAndrew Geissler+ * it under the terms of the Common Public License as published by 74dc9d6147SAndrew Geissler+ * IBM Corporation; either version 1 of the License, or (at your option) 75dc9d6147SAndrew Geissler+ * any later version. 76dc9d6147SAndrew Geissler+ * 77dc9d6147SAndrew Geissler+ * This program is distributed in the hope that it will be useful, 78dc9d6147SAndrew Geissler+ * but WITHOUT ANY WARRANTY; without even the implied warranty of 79dc9d6147SAndrew Geissler+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 80dc9d6147SAndrew Geissler+ * Common Public License for more details. 81dc9d6147SAndrew Geissler+ * 82dc9d6147SAndrew Geissler+ * You should have received a copy of the Common Public License 83dc9d6147SAndrew Geissler+ * along with this program; if not, a copy can be viewed at 84dc9d6147SAndrew Geissler+ * http://www.opensource.org/licenses/cpl1.0.php. 85dc9d6147SAndrew Geissler+ */ 86dc9d6147SAndrew Geissler+#include <openssl/evp.h> 87dc9d6147SAndrew Geissler+#include <openssl/sha.h> 88dc9d6147SAndrew Geissler+#include <limits.h> 89dc9d6147SAndrew Geissler+#include "tpm_tspi.h" 90dc9d6147SAndrew Geissler+#include "tpm_utils.h" 91dc9d6147SAndrew Geissler+#include "tpm_seal.h" 92dc9d6147SAndrew Geissler+ 93dc9d6147SAndrew Geissler+// #define TPM_EXTENDPCR_DEBUG 94dc9d6147SAndrew Geissler+ 95dc9d6147SAndrew Geissler+static void help(const char *aCmd) 96dc9d6147SAndrew Geissler+{ 97dc9d6147SAndrew Geissler+ logCmdHelp(aCmd); 98dc9d6147SAndrew Geissler+ logCmdOption("-i, --infile FILE", 99dc9d6147SAndrew Geissler+ _ 100dc9d6147SAndrew Geissler+ ("Filename containing data to extend PCRs with. Default is STDIN.")); 101dc9d6147SAndrew Geissler+ logCmdOption("-p, --pcr NUMBER", 102dc9d6147SAndrew Geissler+ _("PCR to extend.")); 103dc9d6147SAndrew Geissler+ 104dc9d6147SAndrew Geissler+} 105dc9d6147SAndrew Geissler+ 106dc9d6147SAndrew Geissler+static char in_filename[PATH_MAX] = ""; 107dc9d6147SAndrew Geissler+static TSS_HPCRS hPcrs = NULL_HPCRS; 108dc9d6147SAndrew Geissler+static TSS_HTPM hTpm; 109dc9d6147SAndrew Geissler+static UINT32 selectedPcrs[24]; 110dc9d6147SAndrew Geissler+static UINT32 selectedPcrsLen = 0; 111dc9d6147SAndrew Geissler+TSS_HCONTEXT hContext = 0; 112dc9d6147SAndrew Geissler+ 113dc9d6147SAndrew Geissler+static int parse(const int aOpt, const char *aArg) 114dc9d6147SAndrew Geissler+{ 115dc9d6147SAndrew Geissler+ int rc = -1; 116dc9d6147SAndrew Geissler+ 117dc9d6147SAndrew Geissler+ switch (aOpt) { 118dc9d6147SAndrew Geissler+ case 'i': 119dc9d6147SAndrew Geissler+ if (aArg) { 120dc9d6147SAndrew Geissler+ strncpy(in_filename, aArg, PATH_MAX); 121dc9d6147SAndrew Geissler+ rc = 0; 122dc9d6147SAndrew Geissler+ } 123dc9d6147SAndrew Geissler+ break; 124dc9d6147SAndrew Geissler+ case 'p': 125dc9d6147SAndrew Geissler+ if (aArg) { 126dc9d6147SAndrew Geissler+ selectedPcrs[selectedPcrsLen++] = atoi(aArg); 127dc9d6147SAndrew Geissler+ rc = 0; 128dc9d6147SAndrew Geissler+ } 129dc9d6147SAndrew Geissler+ break; 130dc9d6147SAndrew Geissler+ default: 131dc9d6147SAndrew Geissler+ break; 132dc9d6147SAndrew Geissler+ } 133dc9d6147SAndrew Geissler+ return rc; 134dc9d6147SAndrew Geissler+ 135dc9d6147SAndrew Geissler+} 136dc9d6147SAndrew Geissler+ 137dc9d6147SAndrew Geissler+int main(int argc, char **argv) 138dc9d6147SAndrew Geissler+{ 139dc9d6147SAndrew Geissler+ 140dc9d6147SAndrew Geissler+ int iRc = -1; 141dc9d6147SAndrew Geissler+ struct option opts[] = { 142dc9d6147SAndrew Geissler+ {"infile", required_argument, NULL, 'i'}, 143dc9d6147SAndrew Geissler+ {"pcr", required_argument, NULL, 'p'}, 144dc9d6147SAndrew Geissler+ }; 145dc9d6147SAndrew Geissler+ unsigned char line[EVP_MD_block_size(EVP_sha1()) * 16]; 146dc9d6147SAndrew Geissler+ int lineLen; 147dc9d6147SAndrew Geissler+ UINT32 i; 148dc9d6147SAndrew Geissler+ 149dc9d6147SAndrew Geissler+ BIO *bin = NULL; 150dc9d6147SAndrew Geissler+ 151dc9d6147SAndrew Geissler+ initIntlSys(); 152dc9d6147SAndrew Geissler+ 153dc9d6147SAndrew Geissler+ if (genericOptHandler(argc, argv, "i:p:", opts, 154dc9d6147SAndrew Geissler+ sizeof(opts) / sizeof(struct option), parse, 155dc9d6147SAndrew Geissler+ help) != 0) 156dc9d6147SAndrew Geissler+ goto out; 157dc9d6147SAndrew Geissler+ 158dc9d6147SAndrew Geissler+ if (contextCreate(&hContext) != TSS_SUCCESS) 159dc9d6147SAndrew Geissler+ goto out; 160dc9d6147SAndrew Geissler+ 161dc9d6147SAndrew Geissler+ if (contextConnect(hContext) != TSS_SUCCESS) 162dc9d6147SAndrew Geissler+ goto out_close; 163dc9d6147SAndrew Geissler+ 164dc9d6147SAndrew Geissler+ if (contextGetTpm(hContext, &hTpm) != TSS_SUCCESS) 165dc9d6147SAndrew Geissler+ goto out_close; 166dc9d6147SAndrew Geissler+ 167dc9d6147SAndrew Geissler+ /* Create a BIO for the input file */ 168dc9d6147SAndrew Geissler+ if ((bin = BIO_new(BIO_s_file())) == NULL) { 169dc9d6147SAndrew Geissler+ logError(_("Unable to open input BIO\n")); 170dc9d6147SAndrew Geissler+ goto out_close; 171dc9d6147SAndrew Geissler+ } 172dc9d6147SAndrew Geissler+ 173dc9d6147SAndrew Geissler+ /* Assign the input file to the BIO */ 174dc9d6147SAndrew Geissler+ if (strlen(in_filename) == 0) 175dc9d6147SAndrew Geissler+ BIO_set_fp(bin, stdin, BIO_NOCLOSE); 176dc9d6147SAndrew Geissler+ else if (!BIO_read_filename(bin, in_filename)) { 177dc9d6147SAndrew Geissler+ logError(_("Unable to open input file: %s\n"), 178dc9d6147SAndrew Geissler+ in_filename); 179dc9d6147SAndrew Geissler+ goto out_close; 180dc9d6147SAndrew Geissler+ } 181dc9d6147SAndrew Geissler+ 182dc9d6147SAndrew Geissler+ /* Create the PCRs object. If any PCRs above 15 are selected, this will need to be 183dc9d6147SAndrew Geissler+ * a 1.2 TSS/TPM */ 184dc9d6147SAndrew Geissler+ if (selectedPcrsLen) { 185dc9d6147SAndrew Geissler+ TSS_FLAG initFlag = 0; 186dc9d6147SAndrew Geissler+ UINT32 pcrSize; 187dc9d6147SAndrew Geissler+ BYTE *pcrValue; 188dc9d6147SAndrew Geissler+ 189dc9d6147SAndrew Geissler+ for (i = 0; i < selectedPcrsLen; i++) { 190dc9d6147SAndrew Geissler+ if (selectedPcrs[i] > 15) { 191dc9d6147SAndrew Geissler+#ifdef TSS_LIB_IS_12 192dc9d6147SAndrew Geissler+ initFlag |= TSS_PCRS_STRUCT_INFO_LONG; 193dc9d6147SAndrew Geissler+#else 194dc9d6147SAndrew Geissler+ logError(_("This version of %s was compiled for a v1.1 TSS, which " 195dc9d6147SAndrew Geissler+ "can only seal\n data to PCRs 0-15. PCR %u is out of range" 196dc9d6147SAndrew Geissler+ "\n"), argv[0], selectedPcrs[i]); 197dc9d6147SAndrew Geissler+ goto out_close; 198dc9d6147SAndrew Geissler+#endif 199dc9d6147SAndrew Geissler+ } 200dc9d6147SAndrew Geissler+ } 201dc9d6147SAndrew Geissler+ 202dc9d6147SAndrew Geissler+ unsigned char msg[EVP_MAX_MD_SIZE]; 203dc9d6147SAndrew Geissler+ unsigned int msglen; 204dc9d6147SAndrew Geissler+ EVP_MD_CTX ctx; 205dc9d6147SAndrew Geissler+ EVP_DigestInit(&ctx, EVP_sha1()); 206dc9d6147SAndrew Geissler+ while ((lineLen = BIO_read(bin, line, sizeof(line))) > 0) 207dc9d6147SAndrew Geissler+ EVP_DigestUpdate(&ctx, line, lineLen); 208dc9d6147SAndrew Geissler+ EVP_DigestFinal(&ctx, msg, &msglen); 209dc9d6147SAndrew Geissler+ 210dc9d6147SAndrew Geissler+ if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag, 211dc9d6147SAndrew Geissler+ &hPcrs) != TSS_SUCCESS) 212dc9d6147SAndrew Geissler+ goto out_close; 213dc9d6147SAndrew Geissler+ 214dc9d6147SAndrew Geissler+ for (i = 0; i < selectedPcrsLen; i++) { 215dc9d6147SAndrew Geissler+#ifdef TPM_EXTENDPCR_DEBUG 216dc9d6147SAndrew Geissler+ if (tpmPcrRead(hTpm, selectedPcrs[i], &pcrSize, &pcrValue) != TSS_SUCCESS) 217dc9d6147SAndrew Geissler+ goto out_close; 218dc9d6147SAndrew Geissler+ 219dc9d6147SAndrew Geissler+ unsigned int j; 220dc9d6147SAndrew Geissler+ for (j = 0; j < pcrSize; j++) 221dc9d6147SAndrew Geissler+ printf("%02X ", pcrValue[j]); 222dc9d6147SAndrew Geissler+ printf("\n"); 223dc9d6147SAndrew Geissler+#endif 224dc9d6147SAndrew Geissler+ 225dc9d6147SAndrew Geissler+ if (tpmPcrExtend(hTpm, selectedPcrs[i], msglen, msg, NULL, &pcrSize, &pcrValue) != TSS_SUCCESS) 226dc9d6147SAndrew Geissler+ goto out_close; 227dc9d6147SAndrew Geissler+ 228dc9d6147SAndrew Geissler+#ifdef TPM_EXTENDPCR_DEBUG 229dc9d6147SAndrew Geissler+ for (j = 0; j < pcrSize; j++) 230dc9d6147SAndrew Geissler+ printf("%02X ", pcrValue[j]); 231dc9d6147SAndrew Geissler+ printf("\n"); 232dc9d6147SAndrew Geissler+#endif 233dc9d6147SAndrew Geissler+ } 234dc9d6147SAndrew Geissler+ } 235dc9d6147SAndrew Geissler+ 236dc9d6147SAndrew Geissler+ iRc = 0; 237dc9d6147SAndrew Geissler+ logSuccess(argv[0]); 238dc9d6147SAndrew Geissler+ 239dc9d6147SAndrew Geissler+out_close: 240dc9d6147SAndrew Geissler+ contextClose(hContext); 241dc9d6147SAndrew Geissler+ 242dc9d6147SAndrew Geissler+out: 243dc9d6147SAndrew Geissler+ if (bin) 244dc9d6147SAndrew Geissler+ BIO_free(bin); 245dc9d6147SAndrew Geissler+ return iRc; 246dc9d6147SAndrew Geissler+} 247