Merge pull request #350 from dgarske/policyauth

Improvements in auth handling to support Policy Password and Policy Auth Value

Author: embhorn

examples/run_examples.sh

@@ -163,10 +163,10 @@ if [ $WOLFCRYPT_ENABLE -eq 1 ]; then
 
     ./examples/keygen/keygen ecckeyblobeh.bin -ecc -eh >> run.out 2>&1
     RESULT=$?
-    [ $RESULT -ne 0 ] && echo -e "keygen endorsement rsa failed! $RESULT" && exit 1
+    [ $RESULT -ne 0 ] && echo -e "keygen endorsement ecc failed! $RESULT" && exit 1
     ./examples/keygen/keyload ecckeyblobeh.bin -ecc -eh >> run.out 2>&1
     RESULT=$?
-    [ $RESULT -ne 0 ] && echo -e "keygen endorsement rsa failed! $RESULT" && exit 1
+    [ $RESULT -ne 0 ] && echo -e "keyload endorsement ecc failed! $RESULT" && exit 1
 fi
 
 

src/tpm2.c

@@ -108,7 +108,7 @@ static int TPM2_CommandProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
     BYTE *param, *encParam = NULL;
     int paramSz, encParamSz = 0;
     int i, authPos;
-    int tmpSz = 0; /* Used to calculate the new total size of the Auth Area */
+    int authTotalSzPos = 0;
 #ifndef WOLFTPM2_NO_WOLFCRYPT
     UINT32 handleValue1, handleValue2, handleValue3;
     int handlePos;
@@ -120,8 +120,8 @@ static int TPM2_CommandProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
     /* Parse Auth */
     TPM2_Packet_ParseU32(packet, &authSz);
     packet->pos -= sizeof(authSz);
-    /* Later Auth Area size is updated */
-    TPM2_Packet_MarkU32(packet, &tmpSz);
+    /* Get position for total auth size to be updated later */
+    TPM2_Packet_MarkU32(packet, &authTotalSzPos);
     /* Mark the position of the Auth Area data */
     authPos = packet->pos;
     packet->pos += authSz;
@@ -174,17 +174,32 @@ static int TPM2_CommandProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
             }
         }
 
-        /* Note: Copy between TPM2_AUTH_SESSION and TPMS_AUTH_COMMAND is allowed */
-        XMEMCPY(&authCmd, session, sizeof(TPMS_AUTH_COMMAND));
-
-        if (TPM2_IS_HMAC_SESSION(session->sessionHandle) ||
-            TPM2_IS_POLICY_SESSION(session->sessionHandle))
+        /* Build auth */
+        XMEMSET(&authCmd, 0, sizeof(authCmd));
+        authCmd.sessionHandle = session->sessionHandle;
+        authCmd.sessionAttributes = session->sessionAttributes;
+        authCmd.nonce.size = session->nonceCaller.size;
+        XMEMCPY(authCmd.nonce.buffer, session->nonceCaller.buffer,
+            authCmd.nonce.size);
+
+        /* Password Auth */
+        if (session->sessionHandle == TPM_RS_PW) {
+            authCmd.hmac.size = session->auth.size;
+            XMEMCPY(authCmd.hmac.buffer, session->auth.buffer,
+                session->auth.size);
+        }
+        /* HMAC or Policy Session */
+        else if (TPM2_IS_HMAC_SESSION(session->sessionHandle) ||
+                 TPM2_IS_POLICY_SESSION(session->sessionHandle))
         {
         #ifndef WOLFTPM2_NO_WOLFCRYPT
             TPM2B_NAME name1, name2, name3;
             TPM2B_DIGEST hash;
         #endif
 
+            /* default is a HMAC output (using alg authHash) */
+            authCmd.hmac.size = TPM2_GetHashDigestSize(session->authHash);
+
             /* if param enc is not supported for this command then clear flag */
             /* session attribute flags are from TPM perspective */
             if ((info->flags & (CMD_FLAG_ENC2 | CMD_FLAG_ENC4)) == 0) {
@@ -240,16 +255,28 @@ static int TPM2_CommandProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
         #endif /* !WOLFTPM2_NO_WOLFCRYPT && !NO_HMAC */
         }
 
-        /* Replace auth in session */
+        /* Place session auth */
         packet->pos = authPos;
         TPM2_Packet_AppendAuthCmd(packet, &authCmd);
         authPos = packet->pos; /* update auth position */
     }
 
-    /* Update the Auth Area size in the command packet */
-    TPM2_Packet_PlaceU32(packet, tmpSz);
+    /* Update the Auth Area total size in the command packet */
+    i = TPM2_Packet_PlaceU32(packet, authTotalSzPos);
+
+#ifdef DEBUG_WOLFTPM
+    if ((int)authSz != i) {
+        /* actual auth size did not match estimated size from
+         * TPM2_Packet_AppendAuth */
+        printf("Error: Calculated auth size %d did not match actual %d!\n",
+            authSz, i);
+        return BUFFER_E;
+    }
+#endif
 
     (void)cmdCode;
+    (void)i;
+
     return rc;
 }
 
@@ -343,6 +370,11 @@ static int TPM2_ResponseProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
                     return TPM_RC_HMAC;
                 }
             }
+
+            /* Save off last known HMAC */
+            session->hmac.size = authRsp.hmac.size;
+            XMEMCMP(session->hmac.buffer, authRsp.hmac.buffer,
+                authRsp.hmac.size);
         #else
             (void)cmdCode;
         #endif /* !WOLFTPM2_NO_WOLFCRYPT && !NO_HMAC */

src/tpm2_packet.c

@@ -233,36 +233,34 @@ void TPM2_Packet_MarkU32(TPM2_Packet* packet, int* markSz)
         TPM2_Packet_AppendU32(packet, 0);
     }
 }
-void TPM2_Packet_PlaceU32(TPM2_Packet* packet, int markSz)
+int TPM2_Packet_PlaceU32(TPM2_Packet* packet, int markSz)
 {
+    int actSz = 0;
     /* update with actual size */
     if (packet) {
         UINT32 data;
         byte* sizePtr = &packet->buf[markSz];
         markSz += sizeof(UINT32); /* skip marker */
         if (markSz <= packet->pos) {
-            markSz = packet->pos - markSz;
+            actSz = packet->pos - markSz;
 
-            data = cpu_to_be32(markSz);
+            data = cpu_to_be32(actSz);
             XMEMCPY(sizePtr, &data, sizeof(UINT32));
         }
     }
+    return actSz;
 }
 
 void TPM2_Packet_AppendAuthCmd(TPM2_Packet* packet, TPMS_AUTH_COMMAND* authCmd)
 {
-    if (packet == NULL || authCmd == NULL)
+    if (packet == NULL || authCmd == NULL) {
         return;
+    }
 
 #ifdef WOLFTPM_DEBUG_VERBOSE
     TPM2_PrintAuth(authCmd);
 #endif
 
-    /* make sure continueSession is set for TPM_RS_PW */
-    if (authCmd->sessionHandle == TPM_RS_PW &&
-        (authCmd->sessionAttributes & TPMA_SESSION_continueSession) == 0) {
-        authCmd->sessionAttributes |= TPMA_SESSION_continueSession;
-    }
     TPM2_Packet_AppendU32(packet, authCmd->sessionHandle);
     TPM2_Packet_AppendU16(packet, authCmd->nonce.size);
     TPM2_Packet_AppendBytes(packet, authCmd->nonce.buffer, authCmd->nonce.size);
@@ -347,15 +345,53 @@ TPM_ST TPM2_Packet_AppendAuth(TPM2_Packet* packet, TPM2_CTX* ctx, CmdInfo_t* inf
 
     info->authCnt = TPM2_GetCmdAuthCount(ctx, info);
     if (info->authCnt > 0) {
-        int i, tmpSz = 0;
-        TPM2_Packet_MarkU32(packet, &tmpSz);
+        int i, authTotalSzPos = 0;
+        TPM2_Packet_MarkU32(packet, &authTotalSzPos);
         for (i=0; i<info->authCnt; i++) {
-            /* Note: Casting a TPM2_AUTH_SESSION to TPMS_AUTH_COMMAND here,
-             * this is allowed because top of structure matches */
-            TPM2_Packet_AppendAuthCmd(packet, (TPMS_AUTH_COMMAND*)&ctx->session[i]);
+            TPM2_AUTH_SESSION* session = &ctx->session[i];
+
+            /* Determine auth size - appended later in TPM2_CommandProcess */
+
+            /* sessionHandle */
+            packet->pos += sizeof(UINT32);
+
+            /* Nonce size:
+             * Determined by us and TPM matches it on reply
+             * Typically use SHA2-256 digest size (16 bytes). The random nonce
+             * is populated in TPM2_CommandProcess */
+            packet->pos += sizeof(UINT16); /* nonceSz */
+            if (session->sessionHandle != TPM_RS_PW) {
+                session->nonceCaller.size =
+                    TPM2_GetHashDigestSize(WOLFTPM2_WRAP_DIGEST);
+                packet->pos += session->nonceCaller.size;
+            }
+
+            /* sessionAttributes */
+            packet->pos += sizeof(UINT8);
+            if (session->sessionHandle == TPM_RS_PW) {
+                /* make sure continueSession is set for TPM_RS_PW */
+                session->sessionAttributes |= TPMA_SESSION_continueSession;
+            }
+
+            /* Password Auth */
+            packet->pos += sizeof(UINT16); /* hmac.size */
+            if (session->sessionHandle == TPM_RS_PW) {
+                packet->pos += session->auth.size;
+            }
+            /* HMAC or Policy Session */
+            else if (TPM2_IS_HMAC_SESSION(session->sessionHandle) ||
+                     TPM2_IS_POLICY_SESSION(session->sessionHandle)) {
+                if (!session->policyAuth && session->auth.size > 0) {
+                    packet->pos += session->auth.size;
+                }
+                else {
+                    /* auth is always HMAC result */
+                    packet->pos += TPM2_GetHashDigestSize(session->authHash);
+                }
+            }
         }
         /* based on position difference places calculated size at marked U32 above */
-        TPM2_Packet_PlaceU32(packet, tmpSz);
+        (void)TPM2_Packet_PlaceU32(packet, authTotalSzPos);
         st = TPM_ST_SESSIONS;
     }
     return st;

src/tpm2_param_enc.c

@@ -383,18 +383,42 @@ int TPM2_CalcCpHash(TPMI_ALG_HASH authHash, TPM_CC cmdCode,
         /* Hash Command Code */
         UINT32 ccSwap = TPM2_Packet_SwapU32(cmdCode);
         rc = wc_HashUpdate(&hash_ctx, hashType, (byte*)&ccSwap, sizeof(ccSwap));
+    #ifdef WOLFTPM_DEBUG_VERBOSE
+        printf("cpHash: cmdcode size %d\n", (int)sizeof(TPM_CC));
+        TPM2_PrintBin((unsigned char*)&cmdCode, sizeof(TPM_CC));
+    #endif
 
         /* For Command's only hash each session name */
-        if (rc == 0 && name1 && name1->size > 0)
+        if (rc == 0 && name1 && name1->size > 0) {
+        #ifdef WOLFTPM_DEBUG_VERBOSE
+            printf("Name 0: %d\n", name1->size);
+    		TPM2_PrintBin(name1->name, name1->size);
+        #endif
             rc = wc_HashUpdate(&hash_ctx, hashType, name1->name, name1->size);
-        if (rc == 0 && name2 && name2->size > 0)
+        }
+        if (rc == 0 && name2 && name2->size > 0) {
+        #ifdef WOLFTPM_DEBUG_VERBOSE
+            printf("Name 1: %d\n", name2->size);
+    		TPM2_PrintBin(name2->name, name2->size);
+        #endif
             rc = wc_HashUpdate(&hash_ctx, hashType, name2->name, name2->size);
-        if (rc == 0 && name3 && name3->size > 0)
+        }
+        if (rc == 0 && name3 && name3->size > 0) {
+        #ifdef WOLFTPM_DEBUG_VERBOSE
+            printf("Name 2: %d\n", name3->size);
+    		TPM2_PrintBin(name3->name, name3->size);
+        #endif
             rc = wc_HashUpdate(&hash_ctx, hashType, name3->name, name3->size);
+        }
 
         /* Hash Remainder of parameters - after handles and auth */
-        if (rc == 0)
+        if (rc == 0) {
+        #ifdef WOLFTPM_DEBUG_VERBOSE
+            printf("cpHash: params size %d\n", paramSz);
+            TPM2_PrintBin(param, paramSz);
+        #endif
             rc = wc_HashUpdate(&hash_ctx, hashType, param, paramSz);
+        }
 
         if (rc == 0)
             rc = wc_HashFinal(&hash_ctx, hashType, hash->buffer);