Skip to content

Commit a7c3395

Browse files
dgarskedgarske
authored
Merge pull request #481 from aidangarske/fenrir-fixes-7
SPDM and Examples Fixes and Unit Testing
2 parents c8fc133 + 7ef21c0 commit a7c3395

11 files changed

Lines changed: 578 additions & 130 deletions

File tree

examples/boot/secret_seal.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -268,6 +268,8 @@ int TPM2_Boot_SecretSeal_Example(void* userCtx, int argc, char *argv[])
268268

269269
/* Create a new key for sealing using signing auth for external key */
270270
wolfTPM2_GetKeyTemplate_KeySeal(&sealTemplate, pcrAlg);
271+
/* Clear userWithAuth - policy-only access */
272+
sealTemplate.objectAttributes &= ~TPMA_OBJECT_userWithAuth;
271273
sealTemplate.authPolicy.size = policyDigestSz;
272274
XMEMCPY(sealTemplate.authPolicy.buffer, policyDigest, policyDigestSz);
273275
rc = wolfTPM2_CreateKeySeal_ex(&dev, &sealBlob, &storage.handle,

examples/seal/seal_pcr.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -216,7 +216,8 @@ int TPM2_Seal_PCR_Example(void* userCtx, int argc, char *argv[])
216216

217217
/* Step 2: Create seal template with PCR policy */
218218
wolfTPM2_GetKeyTemplate_KeySeal(&sealTemplate, pcrAlg);
219-
/* Do NOT set TPMA_OBJECT_userWithAuth - policy-only access */
219+
/* Clear userWithAuth - policy-only access */
220+
sealTemplate.objectAttributes &= ~TPMA_OBJECT_userWithAuth;
220221
sealTemplate.authPolicy.size = policyDigestSz;
221222
XMEMCPY(sealTemplate.authPolicy.buffer, policyDigest, policyDigestSz);
222223

examples/seal/seal_policy_auth.c

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -265,7 +265,8 @@ int TPM2_Seal_PolicyAuth_Example(void* userCtx, int argc, char *argv[])
265265

266266
/* Step 3: Create seal template with PolicyAuthorize digest */
267267
wolfTPM2_GetKeyTemplate_KeySeal(&sealTemplate, pcrAlg);
268-
/* Do NOT set TPMA_OBJECT_userWithAuth - policy-only access */
268+
/* Clear userWithAuth - policy-only access */
269+
sealTemplate.objectAttributes &= ~TPMA_OBJECT_userWithAuth;
269270
sealTemplate.authPolicy.size = policyDigestSz;
270271
XMEMCPY(sealTemplate.authPolicy.buffer, policyDigest, policyDigestSz);
271272

src/spdm/spdm_psk.c

Lines changed: 45 additions & 53 deletions
Original file line numberDiff line numberDiff line change
@@ -356,84 +356,76 @@ int wolfSPDM_ConnectPsk(WOLFSPDM_CTX* ctx)
356356
wolfSPDM_TranscriptReset(ctx);
357357

358358
/* Step 1: GET_VERSION */
359-
SPDM_CONNECT_STEP(ctx, "PSK Step 1: GET_VERSION\n",
360-
wolfSPDM_GetVersion(ctx));
359+
wolfSPDM_DebugPrint(ctx, "PSK Step 1: GET_VERSION\n");
360+
rc = wolfSPDM_GetVersion(ctx);
361361

362362
/* Steps 2-3: GET_CAPABILITIES + NEGOTIATE_ALGORITHMS
363363
* Not mandatory for PSK mode per TCG PC Client PSK spec.
364364
* NS350 supports direct GET_VERSION -> PSK_EXCHANGE. */
365365

366366
/* Step 2: PSK_EXCHANGE / PSK_EXCHANGE_RSP */
367-
txSz = sizeof(txBuf);
368-
rxSz = sizeof(rxBuf);
367+
if (rc == WOLFSPDM_SUCCESS) {
368+
txSz = sizeof(txBuf);
369+
rxSz = sizeof(rxBuf);
369370

370-
wolfSPDM_DebugPrint(ctx, "PSK Step 4: PSK_EXCHANGE\n");
371-
rc = wolfSPDM_BuildPskExchange(ctx, txBuf, &txSz);
372-
if (rc != WOLFSPDM_SUCCESS) {
373-
ctx->state = WOLFSPDM_STATE_ERROR;
374-
return rc;
371+
wolfSPDM_DebugPrint(ctx, "PSK Step 4: PSK_EXCHANGE\n");
372+
rc = wolfSPDM_BuildPskExchange(ctx, txBuf, &txSz);
375373
}
376-
rc = wolfSPDM_TranscriptAdd(ctx, txBuf, txSz);
377-
if (rc != WOLFSPDM_SUCCESS) {
378-
ctx->state = WOLFSPDM_STATE_ERROR;
379-
return rc;
374+
if (rc == WOLFSPDM_SUCCESS) {
375+
rc = wolfSPDM_TranscriptAdd(ctx, txBuf, txSz);
380376
}
381-
rc = wolfSPDM_SendReceive(ctx, txBuf, txSz, rxBuf, &rxSz);
382-
if (rc != WOLFSPDM_SUCCESS) {
383-
ctx->state = WOLFSPDM_STATE_ERROR;
384-
return rc;
377+
if (rc == WOLFSPDM_SUCCESS) {
378+
rc = wolfSPDM_SendReceive(ctx, txBuf, txSz, rxBuf, &rxSz);
385379
}
386-
rc = wolfSPDM_ParsePskExchangeRsp(ctx, rxBuf, rxSz);
387-
if (rc != WOLFSPDM_SUCCESS) {
388-
ctx->state = WOLFSPDM_STATE_ERROR;
389-
return rc;
380+
if (rc == WOLFSPDM_SUCCESS) {
381+
rc = wolfSPDM_ParsePskExchangeRsp(ctx, rxBuf, rxSz);
390382
}
391383

392384
/* Step 5: PSK_FINISH / PSK_FINISH_RSP (encrypted) */
393-
finSz = sizeof(finBuf);
394-
encSz = sizeof(encBuf);
395-
rxSz = sizeof(rxBuf);
396-
decSz = sizeof(decBuf);
385+
if (rc == WOLFSPDM_SUCCESS) {
386+
finSz = sizeof(finBuf);
387+
encSz = sizeof(encBuf);
388+
rxSz = sizeof(rxBuf);
389+
decSz = sizeof(decBuf);
397390

398-
wolfSPDM_DebugPrint(ctx, "PSK Step 5: PSK_FINISH\n");
399-
rc = wolfSPDM_BuildPskFinish(ctx, finBuf, &finSz);
400-
if (rc != WOLFSPDM_SUCCESS) {
401-
ctx->state = WOLFSPDM_STATE_ERROR;
402-
return rc;
391+
wolfSPDM_DebugPrint(ctx, "PSK Step 5: PSK_FINISH\n");
392+
rc = wolfSPDM_BuildPskFinish(ctx, finBuf, &finSz);
403393
}
404-
rc = wolfSPDM_EncryptInternal(ctx, finBuf, finSz, encBuf, &encSz);
405-
if (rc != WOLFSPDM_SUCCESS) {
406-
ctx->state = WOLFSPDM_STATE_ERROR;
407-
return rc;
394+
if (rc == WOLFSPDM_SUCCESS) {
395+
rc = wolfSPDM_EncryptInternal(ctx, finBuf, finSz, encBuf, &encSz);
408396
}
409-
rc = wolfSPDM_SendReceive(ctx, encBuf, encSz, rxBuf, &rxSz);
410-
if (rc != WOLFSPDM_SUCCESS) {
411-
ctx->state = WOLFSPDM_STATE_ERROR;
412-
return rc;
397+
if (rc == WOLFSPDM_SUCCESS) {
398+
rc = wolfSPDM_SendReceive(ctx, encBuf, encSz, rxBuf, &rxSz);
413399
}
414-
rc = wolfSPDM_DecryptInternal(ctx, rxBuf, rxSz, decBuf, &decSz);
415-
if (rc != WOLFSPDM_SUCCESS) {
416-
ctx->state = WOLFSPDM_STATE_ERROR;
417-
return rc;
400+
if (rc == WOLFSPDM_SUCCESS) {
401+
rc = wolfSPDM_DecryptInternal(ctx, rxBuf, rxSz, decBuf, &decSz);
418402
}
419-
rc = wolfSPDM_ParsePskFinishRsp(ctx, decBuf, decSz);
420-
if (rc != WOLFSPDM_SUCCESS) {
421-
ctx->state = WOLFSPDM_STATE_ERROR;
422-
return rc;
403+
if (rc == WOLFSPDM_SUCCESS) {
404+
rc = wolfSPDM_ParsePskFinishRsp(ctx, decBuf, decSz);
423405
}
424406

425407
/* Derive application data keys */
426-
rc = wolfSPDM_DeriveAppDataKeys(ctx);
427-
if (rc != WOLFSPDM_SUCCESS) {
408+
if (rc == WOLFSPDM_SUCCESS) {
409+
rc = wolfSPDM_DeriveAppDataKeys(ctx);
410+
}
411+
412+
if (rc == WOLFSPDM_SUCCESS) {
413+
ctx->state = WOLFSPDM_STATE_CONNECTED;
414+
wolfSPDM_DebugPrint(ctx, "PSK: SPDM Session Established! "
415+
"SessionID=0x%08x\n", ctx->sessionId);
416+
}
417+
else {
428418
ctx->state = WOLFSPDM_STATE_ERROR;
429-
return rc;
430419
}
431420

432-
ctx->state = WOLFSPDM_STATE_CONNECTED;
433-
wolfSPDM_DebugPrint(ctx, "PSK: SPDM Session Established! "
434-
"SessionID=0x%08x\n", ctx->sessionId);
421+
/* Always zero sensitive stack buffers */
422+
wc_ForceZero(txBuf, sizeof(txBuf));
423+
wc_ForceZero(rxBuf, sizeof(rxBuf));
424+
wc_ForceZero(finBuf, sizeof(finBuf));
425+
wc_ForceZero(encBuf, sizeof(encBuf));
426+
wc_ForceZero(decBuf, sizeof(decBuf));
435427

436-
return WOLFSPDM_SUCCESS;
428+
return rc;
437429
}
438430

439431
#endif /* WOLFTPM_SPDM_PSK */

src/spdm/spdm_tcg.c

Lines changed: 13 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -89,31 +89,33 @@ int wolfSPDM_TCG_VendorCmdSecured(WOLFSPDM_CTX* ctx, const char* vdCode,
8989
byte spdmMsg[WOLFSPDM_VENDOR_BUF_SZ];
9090
int spdmMsgSz;
9191
byte decBuf[WOLFSPDM_VENDOR_BUF_SZ];
92-
word32 decSz;
92+
word32 decSz = 0;
9393
int rc;
9494
byte ver;
9595

9696
ver = ctx->spdmVersion ? ctx->spdmVersion : SPDM_VERSION_13;
9797
spdmMsgSz = wolfSPDM_BuildVendorDefined(ver, vdCode, payload,
9898
payloadSz, spdmMsg, sizeof(spdmMsg));
9999
if (spdmMsgSz < 0) {
100-
return spdmMsgSz;
100+
rc = spdmMsgSz;
101101
}
102-
103-
decSz = sizeof(decBuf);
104-
rc = wolfSPDM_SecuredExchange(ctx, spdmMsg, (word32)spdmMsgSz,
105-
decBuf, &decSz);
106-
if (rc != WOLFSPDM_SUCCESS) {
107-
return rc;
102+
else {
103+
decSz = sizeof(decBuf);
104+
rc = wolfSPDM_SecuredExchange(ctx, spdmMsg, (word32)spdmMsgSz,
105+
decBuf, &decSz);
108106
}
109107

110-
if (decSz >= 4 && decBuf[1] == SPDM_ERROR) {
108+
if (rc == WOLFSPDM_SUCCESS && decSz >= 4 && decBuf[1] == SPDM_ERROR) {
111109
wolfSPDM_DebugPrint(ctx, "%s: SPDM ERROR 0x%02x 0x%02x\n",
112110
vdCode, decBuf[2], decBuf[3]);
113-
return WOLFSPDM_E_PEER_ERROR;
111+
rc = WOLFSPDM_E_PEER_ERROR;
114112
}
115113

116-
return WOLFSPDM_SUCCESS;
114+
/* Always zero sensitive stack buffers */
115+
wc_ForceZero(spdmMsg, sizeof(spdmMsg));
116+
wc_ForceZero(decBuf, sizeof(decBuf));
117+
118+
return rc;
117119
}
118120

119121
/* ----- TCG SPDM Binding Message Framing ----- */

src/tpm2.c

Lines changed: 8 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -2831,10 +2831,7 @@ TPM_RC TPM2_Certify(Certify_In* in, Certify_Out* out)
28312831
TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer,
28322832
in->qualifyingData.size);
28332833

2834-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
2835-
if (in->inScheme.scheme != TPM_ALG_NULL) {
2836-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
2837-
}
2834+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
28382835

28392836
TPM2_Packet_Finalize(&packet, TPM_ST_SESSIONS, TPM_CC_Certify);
28402837

@@ -2887,10 +2884,7 @@ TPM_RC TPM2_CertifyCreation(CertifyCreation_In* in, CertifyCreation_Out* out)
28872884
TPM2_Packet_AppendBytes(&packet, in->creationHash.buffer,
28882885
in->creationHash.size);
28892886

2890-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
2891-
if (in->inScheme.scheme != TPM_ALG_NULL) {
2892-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
2893-
}
2887+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
28942888

28952889
TPM2_Packet_AppendU16(&packet, in->creationTicket.tag);
28962890
TPM2_Packet_AppendU32(&packet, in->creationTicket.hierarchy);
@@ -2945,10 +2939,7 @@ TPM_RC TPM2_Quote(Quote_In* in, Quote_Out* out)
29452939
TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer,
29462940
in->qualifyingData.size);
29472941

2948-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
2949-
if (in->inScheme.scheme != TPM_ALG_NULL) {
2950-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
2951-
}
2942+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
29522943

29532944
TPM2_Packet_AppendPCR(&packet, &in->PCRselect);
29542945

@@ -3002,10 +2993,7 @@ TPM_RC TPM2_GetSessionAuditDigest(GetSessionAuditDigest_In* in,
30022993
TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer,
30032994
in->qualifyingData.size);
30042995

3005-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
3006-
if (in->inScheme.scheme != TPM_ALG_NULL) {
3007-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
3008-
}
2996+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
30092997

30102998
TPM2_Packet_Finalize(&packet, TPM_ST_SESSIONS,
30112999
TPM_CC_GetSessionAuditDigest);
@@ -3057,10 +3045,7 @@ TPM_RC TPM2_GetCommandAuditDigest(GetCommandAuditDigest_In* in,
30573045
TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer,
30583046
in->qualifyingData.size);
30593047

3060-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
3061-
if (in->inScheme.scheme != TPM_ALG_NULL) {
3062-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
3063-
}
3048+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
30643049

30653050
TPM2_Packet_Finalize(&packet, TPM_ST_SESSIONS,
30663051
TPM_CC_GetCommandAuditDigest);
@@ -3111,10 +3096,7 @@ TPM_RC TPM2_GetTime(GetTime_In* in, GetTime_Out* out)
31113096
TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer,
31123097
in->qualifyingData.size);
31133098

3114-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
3115-
if (in->inScheme.scheme != TPM_ALG_NULL) {
3116-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
3117-
}
3099+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
31183100

31193101
TPM2_Packet_Finalize(&packet, TPM_ST_SESSIONS, TPM_CC_GetTime);
31203102

@@ -3299,10 +3281,7 @@ TPM_RC TPM2_Sign(Sign_In* in, Sign_Out* out)
32993281
TPM2_Packet_AppendU16(&packet, in->digest.size);
33003282
TPM2_Packet_AppendBytes(&packet, in->digest.buffer, in->digest.size);
33013283

3302-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
3303-
if (in->inScheme.scheme != TPM_ALG_NULL) {
3304-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
3305-
}
3284+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
33063285

33073286
TPM2_Packet_AppendU16(&packet, in->validation.tag);
33083287
TPM2_Packet_AppendU32(&packet, in->validation.hierarchy);
@@ -5461,10 +5440,7 @@ TPM_RC TPM2_NV_Certify(NV_Certify_In* in, NV_Certify_Out* out)
54615440
TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer,
54625441
in->qualifyingData.size);
54635442

5464-
TPM2_Packet_AppendU16(&packet, in->inScheme.scheme);
5465-
if (in->inScheme.scheme != TPM_ALG_NULL) {
5466-
TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg);
5467-
}
5443+
TPM2_Packet_AppendEccScheme(&packet, &in->inScheme);
54685444

54695445
TPM2_Packet_AppendU16(&packet, in->size);
54705446
TPM2_Packet_AppendU16(&packet, in->offset);

src/tpm2_packet.c

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -646,26 +646,38 @@ void TPM2_Packet_ParseSymmetric(TPM2_Packet* packet, TPMT_SYM_DEF* symmetric)
646646
void TPM2_Packet_AppendEccScheme(TPM2_Packet* packet, TPMT_SIG_SCHEME* scheme)
647647
{
648648
TPM2_Packet_AppendU16(packet, scheme->scheme);
649-
if (scheme->scheme != TPM_ALG_NULL)
649+
if (scheme->scheme == TPM_ALG_ECDAA) {
650+
TPM2_Packet_AppendU16(packet, scheme->details.ecdaa.hashAlg);
651+
TPM2_Packet_AppendU16(packet, scheme->details.ecdaa.count);
652+
}
653+
else if (scheme->scheme != TPM_ALG_NULL) {
650654
TPM2_Packet_AppendU16(packet, scheme->details.any.hashAlg);
655+
}
651656
}
652657
void TPM2_Packet_ParseEccScheme(TPM2_Packet* packet, TPMT_SIG_SCHEME* scheme)
653658
{
654659
TPM2_Packet_ParseU16(packet, &scheme->scheme);
655-
if (scheme->scheme != TPM_ALG_NULL)
660+
if (scheme->scheme == TPM_ALG_ECDAA) {
661+
TPM2_Packet_ParseU16(packet, &scheme->details.ecdaa.hashAlg);
662+
TPM2_Packet_ParseU16(packet, &scheme->details.ecdaa.count);
663+
}
664+
else if (scheme->scheme != TPM_ALG_NULL) {
656665
TPM2_Packet_ParseU16(packet, &scheme->details.any.hashAlg);
666+
}
657667
}
658668

659669
void TPM2_Packet_AppendRsaScheme(TPM2_Packet* packet, TPMT_RSA_SCHEME* scheme)
660670
{
661671
TPM2_Packet_AppendU16(packet, scheme->scheme);
662-
if (scheme->scheme != TPM_ALG_NULL)
672+
if (scheme->scheme != TPM_ALG_NULL &&
673+
scheme->scheme != TPM_ALG_RSAES)
663674
TPM2_Packet_AppendU16(packet, scheme->details.anySig.hashAlg);
664675
}
665676
void TPM2_Packet_ParseRsaScheme(TPM2_Packet* packet, TPMT_RSA_SCHEME* scheme)
666677
{
667678
TPM2_Packet_ParseU16(packet, &scheme->scheme);
668-
if (scheme->scheme != TPM_ALG_NULL)
679+
if (scheme->scheme != TPM_ALG_NULL &&
680+
scheme->scheme != TPM_ALG_RSAES)
669681
TPM2_Packet_ParseU16(packet, &scheme->details.anySig.hashAlg);
670682
}
671683

@@ -698,13 +710,15 @@ void TPM2_Packet_ParseKdfScheme(TPM2_Packet* packet, TPMT_KDF_SCHEME* scheme)
698710
void TPM2_Packet_AppendAsymScheme(TPM2_Packet* packet, TPMT_ASYM_SCHEME* scheme)
699711
{
700712
TPM2_Packet_AppendU16(packet, scheme->scheme);
701-
if (scheme->scheme != TPM_ALG_NULL)
713+
if (scheme->scheme != TPM_ALG_NULL &&
714+
scheme->scheme != TPM_ALG_RSAES)
702715
TPM2_Packet_AppendU16(packet, scheme->details.anySig.hashAlg);
703716
}
704717
void TPM2_Packet_ParseAsymScheme(TPM2_Packet* packet, TPMT_ASYM_SCHEME* scheme)
705718
{
706719
TPM2_Packet_ParseU16(packet, &scheme->scheme);
707-
if (scheme->scheme != TPM_ALG_NULL)
720+
if (scheme->scheme != TPM_ALG_NULL &&
721+
scheme->scheme != TPM_ALG_RSAES)
708722
TPM2_Packet_ParseU16(packet, &scheme->details.anySig.hashAlg);
709723
}
710724

0 commit comments

Comments
 (0)