# HG changeset patch
# User kaf24@xxxxxxxxxxxxxxxxxxxx
# Node ID d186157615d66829104041652746d4759a82d39c
# Parent f22ea989389d939ec1f3acd72b81cd03c698efcb
This patch adds TPM_Seal support to the VTSP. On measured platforms
this can be use to better protect secrets in the VTPM System
Signed-off-by: Vinnie Scarlata <vincent.r.scarlata@xxxxxxxxx>
diff -r f22ea989389d -r d186157615d6 tools/vtpm_manager/manager/vtsp.c
--- a/tools/vtpm_manager/manager/vtsp.c Tue Jan 3 18:06:14 2006
+++ b/tools/vtpm_manager/manager/vtsp.c Wed Jan 4 10:37:41 2006
@@ -144,7 +144,10 @@
if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0) // 0 indicates
equality
return (TPM_SUCCESS);
else {
- VTSP_OIAP( hContext, auth);
+ // If specified, reconnect the OIAP session.
+ // NOTE: This only works for TCS's that never have a 0 context.
+ if (hContext)
+ VTSP_OIAP( hContext, auth);
return (TPM_AUTHFAIL);
}
}
@@ -157,6 +160,10 @@
TPMTRYRETURN( TCSP_OIAP(hContext,
&auth->AuthHandle,
&auth->NonceEven) );
+
+ memset(&auth->HMAC, 0, sizeof(TPM_DIGEST));
+ auth->fContinueAuthSession = FALSE;
+
goto egress;
abort_egress:
@@ -195,6 +202,9 @@
BSG_TPM_NONCE, &nonceOddOSAP);
Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) usageAuth,
TPM_DIGEST_SIZE, (BYTE *) sharedSecret);
+
+ memset(&auth->HMAC, 0, sizeof(TPM_DIGEST));
+ auth->fContinueAuthSession = FALSE;
goto egress;
@@ -287,9 +297,6 @@
srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo;
struct pack_buf_t srkText;
-
- // GenerateAuth new nonceOdd
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
//These values are accurate for an enc(AuthData).
struct pack_buf_t encOwnerAuth, encSrkAuth;
@@ -383,9 +390,6 @@
BYTE *paramText; // Digest to make Auth.
UINT32 paramTextSize;
- // Generate HMAC
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
paramTextSize = BSG_PackList(paramText, 1,
@@ -504,9 +508,6 @@
newKeyText.data = flatKey;
newKeyText.size = flatKeySize;
- // GenerateAuth new nonceOdd
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
// Generate HMAC
paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
@@ -587,9 +588,6 @@
// Generate Extra TCS Parameters
TPM_HANDLE phKeyHMAC;
- // Generate HMAC
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
paramTextSize = BSG_PackList(paramText, 1,
@@ -675,9 +673,6 @@
struct pack_buf_t clear_data32;
BYTE *clear_data_text;
UINT32 clear_data_size;
-
- // Generate HMAC
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes};
@@ -787,6 +782,196 @@
return TPM_SUCCESS;
}
+TPM_RESULT VTSP_Seal(const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_HANDLE keyHandle,
+ const TPM_AUTHDATA *sealDataAuth,
+ const TPM_PCR_COMPOSITE *pcrComp,
+ const buffer_t *inData,
+ TPM_STORED_DATA *sealedData,
+ const TPM_SECRET *osapSharedSecret,
+ TCS_AUTH *auth) {
+
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE command = TPM_ORD_Seal;
+
+ BYTE *paramText; // Digest to make Auth.
+ UINT32 paramTextSize;
+
+ // Generate PCR_Info Struct from Comp
+ TPM_PCR_INFO pcrInfo;
+ UINT32 pcrInfoSize, flatpcrSize;
+ BYTE flatpcr[3 + // PCR_Select = 3 1 byte banks
+ sizeof(UINT16) + // 2 byte UINT16
+ sizeof(UINT32) + // PCR_Comp = 4 byte UINT32
+ 24 * sizeof(TPM_PCRVALUE) ]; // up to 24 PCRs
+
+ if (pcrComp != NULL) {
+ //printf("\n\tBinding to PCRs: ");
+ //for(int i = 0 ; i < pcrComp->select.sizeOfSelect ; i++)
+ //printf("%2.2x", pcrComp->select.pcrSelect[i]);
+
+ memcpy(&pcrInfo.pcrSelection, &pcrComp->select,
sizeof(TPM_PCR_SELECTION));
+
+ flatpcrSize = BSG_Pack(BSG_TPM_PCR_COMPOSITE, (BYTE *) pcrComp, flatpcr);
+ Crypto_SHA1Full((BYTE *) flatpcr, flatpcrSize, (BYTE *)
&(pcrInfo.digestAtRelease));
+ memset(&(pcrInfo.digestAtCreation), 0, sizeof(TPM_DIGEST));
+ pcrInfoSize = BSG_Pack(BSG_TPM_PCR_INFO, (BYTE *) &pcrInfo, flatpcr);
+ } else {
+ //printf("\n\tBinding to no PCRS.");
+ pcrInfoSize = 0;
+ }
+
+ // Calculate encUsageAuth
+ BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)];
+ UINT32 XORbufferSize = sizeof(XORbuffer);
+ TPM_DIGEST XORKey;
+ TPM_ENCAUTH encAuth;
+
+ BSG_PackList( XORbuffer, 2,
+ BSG_TPM_SECRET, osapSharedSecret,
+ BSG_TPM_NONCE, &auth->NonceEven );
+
+ Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey);
+
+ int i;
+ for (i=0; i < TPM_DIGEST_SIZE; i++)
+ ((BYTE *) &encAuth)[i] = ((BYTE *) &XORKey)[i] ^ ((BYTE *)
sealDataAuth)[i];
+
+ // Generate Extra TCS Parameters
+ UINT32 inDataSize = buffer_len(inData);
+ struct pack_buf_t inData_pack = {inDataSize, inData->bytes};
+ struct pack_buf_t pcrInfo_pack = {pcrInfoSize, flatpcr};
+
+ UINT32 sealedDataSize;
+ BYTE *flatSealedData=NULL;
+
+ paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+
+ paramTextSize = BSG_PackList(paramText, 4,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_ENCAUTH, &encAuth,
+ BSG_TPM_SIZE32_DATA, &pcrInfo_pack,
+ BSG_TPM_SIZE32_DATA, &inData_pack);
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
+ osapSharedSecret, auth) );
+
+ // Call TCS
+ TPMTRYRETURN( TCSP_Seal( hContext,
+ keyHandle,
+ encAuth,
+ pcrInfoSize,
+ flatpcr,
+ inDataSize,
+ inData->bytes,
+ auth,
+ &sealedDataSize,
+ &flatSealedData) );
+
+ // Unpack/return key structure
+ BSG_Unpack( BSG_TPM_STORED_DATA, flatSealedData, sealedData );
+
+ paramTextSize = BSG_PackList(paramText, 3,
+ BSG_TPM_RESULT, &status,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_STORED_DATA, sealedData);
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ osapSharedSecret, auth,
+ 0) );
+
+
+ goto egress;
+
+ abort_egress:
+ egress:
+
+ if (flatSealedData)
+ TCS_FreeMemory( hContext, flatSealedData);
+
+ free(paramText);
+ return status;
+}
+
+
+TPM_RESULT VTSP_Unseal(const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_HANDLE keyHandle,
+ const TPM_STORED_DATA *sealedData,
+ const TPM_AUTHDATA *key_usage_auth,
+ const TPM_AUTHDATA *data_usage_auth,
+ buffer_t *outData,
+ TCS_AUTH *auth,
+ TCS_AUTH *dataAuth) {
+
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE command = TPM_ORD_Unseal;
+
+ BYTE *paramText; // Digest to make Auth.
+ UINT32 paramTextSize;
+
+ // Generate Extra TCS Parameters
+ UINT32 sealDataSize, clearDataSize;
+ BYTE *flatSealedData= (BYTE *) malloc(sizeof(TPM_VERSION) +
+ 2 * sizeof(UINT32) +
+ sealedData->sealInfoSize +
+ sealedData->encDataSize),
+ *clearData=NULL;
+
+ sealDataSize = BSG_Pack(BSG_TPM_STORED_DATA, sealedData, flatSealedData );
+
+ paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+
+ paramTextSize = BSG_PackList(paramText, 2,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_STORED_DATA, sealedData);
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
+ key_usage_auth, auth) );
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
+ data_usage_auth, dataAuth) );
+ // Call TCS
+ TPMTRYRETURN( TCSP_Unseal( hContext,
+ keyHandle,
+ sealDataSize,
+ flatSealedData,
+ auth,
+ dataAuth,
+ &clearDataSize,
+ &clearData) );
+
+ // Verify Auth
+ struct pack_buf_t clearData_pack = {clearDataSize, clearData};
+
+ paramTextSize = BSG_PackList(paramText, 3,
+ BSG_TPM_RESULT, &status,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_SIZE32_DATA, &clearData_pack);
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ key_usage_auth, auth,
+ hContext) );
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ data_usage_auth, dataAuth,
+ hContext) );
+
+ // Unpack/return key structure
+ TPMTRYRETURN( buffer_init(outData, clearDataSize, clearData) );
+
+ goto egress;
+
+ abort_egress:
+ egress:
+
+ if (flatSealedData)
+ TCS_FreeMemory( hContext, clearData);
+
+ free(paramText);
+ return status;
+}
+
+
// Function Reaches into unsupported TCS command, beware.
TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext,
const buffer_t *inbuf,
diff -r f22ea989389d -r d186157615d6 tools/vtpm_manager/manager/vtsp.h
--- a/tools/vtpm_manager/manager/vtsp.h Tue Jan 3 18:06:14 2006
+++ b/tools/vtpm_manager/manager/vtsp.h Wed Jan 4 10:37:41 2006
@@ -100,4 +100,22 @@
const buffer_t *inData,
buffer_t *outData);
+TPM_RESULT VTSP_Seal(const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_HANDLE keyHandle,
+ const TPM_AUTHDATA *sealDataAuth,
+ const TPM_PCR_COMPOSITE *pcrComp,
+ const buffer_t *inData,
+ TPM_STORED_DATA *sealedData,
+ const TPM_SECRET *osapSharedSecret,
+ TCS_AUTH *auth);
+
+TPM_RESULT VTSP_Unseal(const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_HANDLE keyHandle,
+ const TPM_STORED_DATA *sealedData,
+ const TPM_AUTHDATA *key_usage_auth,
+ const TPM_AUTHDATA *data_usage_auth,
+ buffer_t *outData,
+ TCS_AUTH *auth,
+ TCS_AUTH *dataAuth);
+
#endif //_VTSP_H_
diff -r f22ea989389d -r d186157615d6 tools/vtpm_manager/tcs/tcs.c
--- a/tools/vtpm_manager/tcs/tcs.c Tue Jan 3 18:06:14 2006
+++ b/tools/vtpm_manager/tcs/tcs.c Wed Jan 4 10:37:41 2006
@@ -636,7 +636,7 @@
TDDL_UINT32 OutLength = TCPA_MAX_BUFFER_LENGTH;
// check input params
- if (inData == NULL || pubAuth == NULL || SealedDataSize == NULL ||
*SealedData == NULL)
+ if (inData == NULL || pubAuth == NULL || SealedDataSize == NULL ||
SealedData == NULL)
return TPM_BAD_PARAMETER;
// Convert Byte Input parameter in the input byte stream InBuf
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|