Home Explore Help
Sign In
miti
/
linux-sgx-trts-modified
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 5a7e3e6240
Branches Tags
linux-sgx-tr...
/
external
/
epid-sdk
/
epid
/
member
/
tpm2
/
ibm_tss
/
createprimary.c

createprimary.c 4.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100 
  1. /*############################################################################
    2. 

  2. # Copyright 2017 Intel Corporation
    3. 

  3. #
    4. 

  4. # Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. # you may not use this file except in compliance with the License.
    6. 

  6. # You may obtain a copy of the License at
    7. 

  7. #
    8. 

  8. #     http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. #
    10. 

  10. # Unless required by applicable law or agreed to in writing, software
    11. 

  11. # distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. # See the License for the specific language governing permissions and
    14. 

  14. # limitations under the License.
    15. 

  15. ############################################################################*/
    16. 

  16. 

  17. /*!
    18. 

  18.  * \brief TPM2_CreatePrimary command implementation.
    19. 

  19.  * \file
    20. 

  20.  */
    21. 

  21. #include "epid/member/tpm2/createprimary.h"
    22. 

  22. #include "epid/common/src/memory.h"
    23. 

  23. #include "epid/member/tpm2/ibm_tss/conversion.h"
    24. 

  24. #include "epid/member/tpm2/ibm_tss/printtss.h"
    25. 

  25. #include "epid/member/tpm2/ibm_tss/state.h"
    26. 

  26. #include "tss2/TPM_Types.h"
    27. 

  27. #include "tss2/tss.h"
    28. 

  28. 

  29. EpidStatus Tpm2CreatePrimary(Tpm2Ctx* ctx, G1ElemStr* p_str) {
    30. 

  30.   if (!ctx || !ctx->epid2_params || !p_str) {
    31. 

  31.     return kEpidBadArgErr;
    32. 

  32.   }
    33. 

  33.   CreatePrimary_In in = {0};
    34. 

  34.   CreatePrimary_Out out;
    35. 

  35.   TPM_RC rc = TPM_RC_SUCCESS;
    36. 

  36.   TPMI_ALG_PUBLIC algPublic = TPM_ALG_ECC;
    37. 

  37.   TPMI_ECC_CURVE curveID = TPM_ECC_BN_P256;
    38. 

  38.   TPMI_ALG_HASH halg = TPM_ALG_NULL;
    39. 

  39.   TPMI_ALG_HASH nalg = TPM_ALG_NULL;
    40. 

  40.   TPMI_SH_AUTH_SESSION sessionHandle0 = TPM_RS_PW;
    41. 

  41.   TPM2B_ECC_POINT public_area;
    42. 

  42.   unsigned int sessionAttributes0 = 0;
    43. 

  43.   const char* parentPasswordPtr = NULL;
    44. 

  44. 

  45.   in.primaryHandle = TPM_RH_ENDORSEMENT;
    46. 

  46.   halg = EpidtoTpm2HashAlg(ctx->hash_alg);
    47. 

  47.   if (halg == TPM_ALG_NULL) {
    48. 

  48.     return kEpidHashAlgorithmNotSupported;
    49. 

  49.   }
    50. 

  50.   nalg = halg;
    51. 

  51.   /* Table 185 - TPM2B_PUBLIC inPublic */
    52. 

  52.   /* Table 184 - TPMT_PUBLIC in.inPublic.publicArea */
    53. 

  53.   in.inPublic.publicArea.type = algPublic;
    54. 

  54.   in.inPublic.publicArea.nameAlg = nalg;
    55. 

  55. 

  56.   /* Table 32 - TPMA_OBJECT objectAttributes */
    57. 

  57.   in.inPublic.publicArea.objectAttributes.val |= TPMA_OBJECT_NODA;
    58. 

  58.   in.inPublic.publicArea.objectAttributes.val |= TPMA_OBJECT_FIXEDTPM;
    59. 

  59.   in.inPublic.publicArea.objectAttributes.val |= TPMA_OBJECT_FIXEDPARENT;
    60. 

  60.   in.inPublic.publicArea.objectAttributes.val |=
    61. 

  61.       TPMA_OBJECT_SENSITIVEDATAORIGIN;
    62. 

  62.   in.inPublic.publicArea.parameters.eccDetail.symmetric.algorithm =
    63. 

  63.       TPM_ALG_NULL;
    64. 

  64.   in.inPublic.publicArea.parameters.eccDetail.scheme.scheme = TPM_ALG_ECDAA;
    65. 

  65.   in.inPublic.publicArea.parameters.eccDetail.scheme.details.ecdaa.hashAlg =
    66. 

  66.       halg;
    67. 

  67.   in.inPublic.publicArea.parameters.eccDetail.scheme.details.ecdaa.count = 1;
    68. 

  68.   in.inPublic.publicArea.parameters.eccDetail.curveID = curveID;
    69. 

  69.   in.inPublic.publicArea.parameters.eccDetail.kdf.scheme = TPM_ALG_NULL;
    70. 

  70.   in.inSensitive.sensitive.userAuth.t.size = 0;
    71. 

  71.   in.inSensitive.sensitive.data.t.size = 0;
    72. 

  72.   in.inPublic.publicArea.objectAttributes.val |=
    73. 

  73.       TPMA_OBJECT_SENSITIVEDATAORIGIN;
    74. 

  74.   in.inPublic.publicArea.objectAttributes.val |= TPMA_OBJECT_USERWITHAUTH;
    75. 

  75.   in.inPublic.publicArea.objectAttributes.val &= ~TPMA_OBJECT_ADMINWITHPOLICY;
    76. 

  76.   in.inPublic.publicArea.objectAttributes.val |= TPMA_OBJECT_SIGN;
    77. 

  77.   in.inPublic.publicArea.objectAttributes.val &= ~TPMA_OBJECT_DECRYPT;
    78. 

  78.   in.inPublic.publicArea.objectAttributes.val &= ~TPMA_OBJECT_RESTRICTED;
    79. 

  79.   in.inPublic.publicArea.unique.ecc.y.t.size = 0;
    80. 

  80.   in.inPublic.publicArea.unique.ecc.x.t.size = 0;
    81. 

  81.   in.inPublic.publicArea.authPolicy.t.size = 0;
    82. 

  82.   in.inPublic.publicArea.unique.rsa.t.size = 0;
    83. 

  83.   in.outsideInfo.t.size = 0;
    84. 

  84.   in.creationPCR.count = 0;
    85. 

  85.   rc = TSS_Execute(ctx->tss, (RESPONSE_PARAMETERS*)&out,
    86. 

  86.                    (COMMAND_PARAMETERS*)&in, NULL, TPM_CC_CreatePrimary,
    87. 

  87.                    sessionHandle0, parentPasswordPtr, sessionAttributes0,
    88. 

  88.                    TPM_RH_NULL, NULL, 0);
    89. 

  89.   if (rc != TPM_RC_SUCCESS) {
    90. 

  90.     print_tpm2_response_code("TPM2_CreatePrimary", rc);
    91. 

  91.     if (TPM_RC_ATTRIBUTES == rc || TPM_RC_KDF == rc || TPM_RC_SYMMETRIC == rc ||
    92. 

  92.         TPM_RC_TYPE == rc || TPM_RC_SCHEME == rc || TPM_RC_SIZE == rc ||
    93. 

  93.         TPM_RC_KEY == rc)
    94. 

  94.       return kEpidBadArgErr;
    95. 

  95.     return kEpidErr;
    96. 

  96.   }
    97. 

  97.   ctx->key_handle = out.objectHandle;
    98. 

  98.   public_area.point = out.outPublic.publicArea.unique.ecc;
    99. 

  99.   return WriteTpm2EcPoint(&public_area, p_str);
    100. 

  100. }
    101.