github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/src/tpm2/quote_protocol.cc

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/src/tpm2/quote_protocol.cc (about)

     1  // Copyright 2015 Google Corporation, All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //     http://www.apache.org/licenses/LICENSE-2.0
     7  // or in the the file LICENSE-2.0.txt in the top level sourcedirectory
     8  // Unless required by applicable law or agreed to in writing, software
     9  // distributed under the License is distributed on an "AS IS" BASIS,
    10  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    11  // See the License for the specific language governing permissions and
    12  // limitations under the License
    13  //
    14  // Portions of this code were derived TPM2.0-TSS published
    15  // by Intel under the license set forth in intel_license.txt
    16  // and downloaded on or about August 6, 2015.
    17  // File: quote_protocol.cc
    18  
    19  // standard buffer size
    20  
    21  #include <stdio.h>
    22  #include <stdlib.h>
    23  #include <sys/types.h>
    24  #include <sys/stat.h>
    25  #include <fcntl.h>
    26  #include <unistd.h>
    27  #include <string.h>
    28  #include <tpm20.h>
    29  #include <tpm2_lib.h>
    30  #include <errno.h>
    31  
    32  #include <tpm2.pb.h>
    33  #include <openssl/sha.h>
    34  #include <openssl_helpers.h>
    35  
    36  #include <string>
    37  #define DEBUG
    38  
    39  void print_quote_certifyinfo(TPMS_ATTEST& in) {
    40    printf("\n");
    41    printf("magic: %08x\n", in.magic);
    42    printf("type: %04x\n", in.type);
    43    printf("qualifiedSigner: ");
    44    PrintBytes(in.qualifiedSigner.size, in.qualifiedSigner.name);
    45    printf("\n");
    46    printf("extraData: ");
    47    PrintBytes(in.extraData.size, in.extraData.buffer);
    48    printf("\n");
    49    printf("clock: %016llx\n", in.clockInfo.clock);
    50    printf("resetCount: %08x\n", in.clockInfo.resetCount);
    51    printf("restartCount: %08x\n", in.clockInfo.restartCount);
    52    printf("safe: %02x\n", in.clockInfo.safe);
    53    printf("firmwareVersion: %016llx\n", in.firmwareVersion);
    54    printf("pcrSelect: %08x\n", in.attested.quote.pcrSelect.count);
    55    for (int i = 0; i < (int)in.attested.quote.pcrSelect.count; i++) {
    56      printf("  %04x %02x ", in.attested.quote.pcrSelect.pcrSelections[i].hash,
    57             in.attested.quote.pcrSelect.pcrSelections[i].sizeofSelect);
    58      PrintBytes(in.attested.quote.pcrSelect.pcrSelections[i].sizeofSelect,
    59                 in.attested.quote.pcrSelect.pcrSelections[i].pcrSelect);
    60      printf("\n");
    61    }
    62    printf("Pcr Digest (%d): ", in.attested.quote.pcrDigest.size);
    63    PrintBytes(in.attested.quote.pcrDigest.size,
    64               in.attested.quote.pcrDigest.buffer);
    65    printf("\n");
    66  }
    67  
    68  bool MarshalCertifyInfo(TPMS_ATTEST& in, int* size, byte* out) {
    69    return true;
    70  }
    71  
    72  bool UnmarshalCertifyInfo(int size, byte* in, TPMS_ATTEST* out) {
    73    byte* current_in = in;
    74  
    75    ChangeEndian32((uint32_t*)current_in, &out->magic);
    76    current_in += sizeof(uint32_t);
    77    ChangeEndian16((uint16_t*)current_in, &out->type);
    78    current_in += sizeof(uint16_t);
    79    ChangeEndian16((uint16_t*)current_in, &out->qualifiedSigner.size);
    80    current_in += sizeof(uint16_t);
    81    memcpy(out->qualifiedSigner.name, current_in, out->qualifiedSigner.size);
    82    current_in += out->qualifiedSigner.size;
    83    ChangeEndian16((uint16_t*)current_in, &out->extraData.size);
    84    current_in += sizeof(uint16_t);
    85    memcpy(out->extraData.buffer, current_in, out->extraData.size);
    86    current_in += out->extraData.size;
    87    // clock
    88    ChangeEndian64((uint64_t*)current_in, &out->clockInfo.clock);
    89    current_in += sizeof(uint64_t);
    90    ChangeEndian32((uint32_t*)current_in, &out->clockInfo.resetCount);
    91    current_in += sizeof(uint32_t);
    92    ChangeEndian32((uint32_t*)current_in, &out->clockInfo.restartCount);
    93    current_in += sizeof(uint32_t);
    94    out->clockInfo.safe = *(current_in++);
    95    ChangeEndian64((uint64_t*)current_in, &out->firmwareVersion);
    96    current_in += sizeof(uint64_t);
    97    ChangeEndian32((uint32_t*)current_in, &out->attested.quote.pcrSelect.count);
    98    current_in += sizeof(uint32_t);
    99    for (int i = 0; i < (int)out->attested.quote.pcrSelect.count; i++) {
   100      ChangeEndian16((uint16_t*)current_in, (uint16_t*)
   101                     &out->attested.quote.pcrSelect.pcrSelections[i].hash);
   102      current_in += sizeof(uint16_t);
   103      out->attested.quote.pcrSelect.pcrSelections[i].sizeofSelect =
   104          *(current_in++);
   105      memcpy(out->attested.quote.pcrSelect.pcrSelections[i].pcrSelect,
   106             current_in,
   107             out->attested.quote.pcrSelect.pcrSelections[i].sizeofSelect);
   108      current_in += out->attested.quote.pcrSelect.pcrSelections[i].sizeofSelect;
   109    }
   110    ChangeEndian16((uint16_t*)current_in, &out->attested.quote.pcrDigest.size);
   111    current_in += sizeof(uint16_t);
   112    memcpy(out->attested.quote.pcrDigest.buffer, current_in,
   113           out->attested.quote.pcrDigest.size);
   114    current_in += out->attested.quote.pcrDigest.size;
   115    return true;
   116  }
   117  
   118  bool ProtoToCertifyInfo(quote_certification_information& message,
   119                          TPMS_ATTEST* out) {
   120    memcpy((byte*)&out->magic, (byte*)message.magic().data(), sizeof(uint32_t));
   121    out->type = *(uint16_t*)message.type().data();
   122    message.qualifiedsigner();
   123    out->extraData.size = 0;
   124    memcpy(&out->clockInfo, message.clockinfo().data(), message.clockinfo().size());
   125    out->firmwareVersion = message.firmwareversion();
   126    memcpy(&out->attested.quote.pcrSelect, message.pcr_selection().data(), message.pcr_selection().size());
   127    out->attested.quote.pcrDigest.size = message.digest().size();
   128    return true;
   129  }
   130  
   131  bool ComputeQuotedValue(TPM_ALG_ID alg, int credInfo_size, byte* credInfo,
   132                          int* size_quoted, byte* quoted) {
   133    if (alg == TPM_ALG_SHA1) {
   134      SHA_CTX sha1;
   135      SHA1_Init(&sha1);
   136      SHA1_Update(&sha1, credInfo, credInfo_size);
   137      SHA1_Final(quoted, &sha1);
   138      *size_quoted = 20;
   139    } else if (alg == TPM_ALG_SHA256) {
   140      SHA256_CTX sha256;
   141      SHA256_Init(&sha256);
   142      SHA256_Update(&sha256, credInfo, credInfo_size);
   143      SHA256_Final(quoted, &sha256);
   144      *size_quoted = 32;
   145    } else {
   146      printf("unsupported hash alg\n");
   147      return false;
   148    }
   149  
   150  #ifdef DEBUG
   151    printf("Quote struct (%d): ", credInfo_size);
   152    PrintBytes(credInfo_size, credInfo);
   153    printf("\n");
   154    printf("Computed hash: ");
   155    PrintBytes(*size_quoted, quoted);
   156    printf("\n");
   157  #endif
   158    return true;
   159  }
   160  
   161