Google Git
Sign in
android / platform / external / tpm2-tss / 3a4b07c0 / . / test / integration / sapi-util.c
blob: 351f6be567e65e67a59bad3534cecf2c602fa89b [file] [log] [blame]
/*
* Copyright (c) 2017, Intel Corporation
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "log.h"
#include "sapi-util.h"
/*
* Use te provide SAPI context to create & load a primary key. The key will
* be a 2048 bit (restricted decryption) RSA key. The associated symmetric
* key is a 128 bit AES (CFB mode) key.
*/
TSS2_RC
create_primary_rsa_2048_aes_128_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPM_HANDLE *handle)
{
TSS2_RC rc = TSS2_RC_SUCCESS;
TPM2B_SENSITIVE_CREATE in_sensitive = { 0 };
TPM2B_PUBLIC in_public = { 0 };
TPM2B_DATA outside_info = { 0 };
TPML_PCR_SELECTION creation_pcr = { 0 };
TPM2B_PUBLIC out_public = { 0 };
TPM2B_CREATION_DATA creation_data = { 0 };
TPM2B_DIGEST creation_hash = TPM2B_DIGEST_INIT;
TPMT_TK_CREATION creation_ticket = { 0 };
TPM2B_NAME name = TPM2B_NAME_INIT;
/* session parameters */
/* command session info */
TPMS_AUTH_COMMAND session_cmd = { .sessionHandle = TPM_RS_PW };
TPMS_AUTH_COMMAND *session_cmd_array[1] = { &session_cmd };
TSS2_SYS_CMD_AUTHS sessions_cmd = {
.cmdAuths = session_cmd_array,
.cmdAuthsCount = 1
};
/* response session info */
TPMS_AUTH_RESPONSE session_rsp = { 0 };
TPMS_AUTH_RESPONSE *session_rsp_array[1] = { &session_rsp };
TSS2_SYS_RSP_AUTHS sessions_rsp = {
.rspAuths = session_rsp_array,
.rspAuthsCount = 1
};
if (sapi_context == NULL || handle == NULL) {
return TSS2_APP_RC_BAD_REFERENCE;
}
in_public.t.publicArea.type = TPM_ALG_RSA;
in_public.t.publicArea.nameAlg = TPM_ALG_SHA256;
in_public.t.publicArea.objectAttributes.restricted = 1;
in_public.t.publicArea.objectAttributes.userWithAuth = 1;
in_public.t.publicArea.objectAttributes.decrypt = 1;
in_public.t.publicArea.objectAttributes.fixedTPM = 1;
in_public.t.publicArea.objectAttributes.fixedParent = 1;
in_public.t.publicArea.objectAttributes.sensitiveDataOrigin = 1;
in_public.t.publicArea.parameters.rsaDetail.symmetric.algorithm = TPM_ALG_AES;
in_public.t.publicArea.parameters.rsaDetail.symmetric.keyBits.aes = 128;
in_public.t.publicArea.parameters.rsaDetail.symmetric.mode.aes = TPM_ALG_CFB;
in_public.t.publicArea.parameters.rsaDetail.scheme.scheme = TPM_ALG_NULL;
in_public.t.publicArea.parameters.rsaDetail.keyBits = 2048;
print_log ("CreatePrimary RSA 2048, AES 128 CFB");
rc = Tss2_Sys_CreatePrimary (sapi_context,
TPM_RH_OWNER,
&sessions_cmd,
&in_sensitive,
&in_public,
&outside_info,
&creation_pcr,
handle,
&out_public,
&creation_data,
&creation_hash,
&creation_ticket,
&name,
&sessions_rsp);
if (rc == TPM_RC_SUCCESS) {
print_log ("success");
} else {
print_fail ("CreatePrimary FAILED! Response Code : 0x%x", rc);
}
return rc;
}