xref: /aosp_15_r20/external/tpm2-tss/test/integration/sapi-encrypt-decrypt.int.c (revision 758e9fba6fc9adbf15340f70c73baee7b168b1c9) 
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************
3  * Copyright (c) 2017-2018, Intel Corporation
4  *
5  * All rights reserved.
6  ***********************************************************************/
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10 
11 #include <inttypes.h>
12 #include <stdlib.h>
13 #include <string.h>
14 
15 #define LOGMODULE test
16 #include "util/log.h"
17 #include "sapi-util.h"
18 #include "test-esapi.h"
19 #include "test.h"
20 
21 #define ENC_STR "test-data-test-data-test-data"
22 
23 /*
24  * This test is intended to exercise the EncryptDecrypt2 command. We start by
25  * creating a primary key, then a 128 bit AES key in CFB mode under it. We
26  * then encrypt a well known string with this key, and then decrypt that same
27  * string. The test is successful if the original string and the decrypted
28  * string are the same.
29  */
30 int
test_invoke(TSS2_SYS_CONTEXT * sapi_context)31 test_invoke (TSS2_SYS_CONTEXT *sapi_context)
32 {
33     TSS2_RC rc;
34     TPM2_HANDLE handle_parent, handle;
35     TPM2B_MAX_BUFFER data_in = { 0 };
36     TPM2B_MAX_BUFFER data_encrypt = TPM2B_MAX_BUFFER_INIT;
37     TPM2B_MAX_BUFFER data_decrypt = TPM2B_MAX_BUFFER_INIT;
38 
39     data_in.size = strlen (ENC_STR);
40     strcpy ((char*)data_in.buffer, ENC_STR);
41 
42     rc = create_primary_rsa_2048_aes_128_cfb (sapi_context, &handle_parent);
43     if (rc != TSS2_RC_SUCCESS) {
44         LOG_ERROR("Failed to create primary RSA 2048 key: 0x%" PRIx32 "",
45                     rc);
46         exit(1);
47     }
48 
49     rc = create_aes_128_cfb (sapi_context, handle_parent, &handle);
50     if (rc != TSS2_RC_SUCCESS) {
51         LOG_ERROR("Failed to create child AES 128 key: 0x%" PRIx32 "", rc);
52         exit(1);
53     }
54 
55     LOG_INFO("Encrypting data: \"%s\" with key handle: 0x%08" PRIx32,
56                data_in.buffer, handle);
57     rc = tpm_encrypt_cfb (sapi_context, handle, &data_in, &data_encrypt);
58 
59     if (rc == TPM2_RC_COMMAND_CODE) {
60         LOG_WARNING("Encrypt/Decrypt 2 not supported by TPM");
61         rc = Tss2_Sys_FlushContext(sapi_context, handle_parent);
62         if (rc != TSS2_RC_SUCCESS) {
63             LOG_ERROR("Tss2_Sys_FlushContext failed with 0x%"PRIx32, rc);
64             return 99; /* fatal error */
65         }
66         rc = Tss2_Sys_FlushContext(sapi_context, handle);
67         if (rc != TSS2_RC_SUCCESS) {
68             LOG_ERROR("Tss2_Sys_FlushContext failed with 0x%"PRIx32, rc);
69             return 99; /* fatal error */
70         }
71         return EXIT_SKIP;
72     }
73 
74     if (rc != TSS2_RC_SUCCESS) {
75         LOG_ERROR("Failed to encrypt buffer: 0x%" PRIx32 "", rc);
76         exit(1);
77     }
78 
79     rc = tpm_decrypt_cfb (sapi_context, handle, &data_encrypt, &data_decrypt);
80     if (rc != TSS2_RC_SUCCESS) {
81         LOG_ERROR("Failed to encrypt buffer: 0x%" PRIx32 "", rc);
82         exit(1);
83     }
84     LOG_INFO("Decrypted data: \"%s\" with key handle: 0x%08" PRIx32,
85                data_decrypt.buffer, handle);
86     if (strcmp ((char*)data_in.buffer, (char*)data_decrypt.buffer)) {
87         LOG_ERROR("Decrypt succeeded but decrypted data != to input data");
88         exit(1);
89     }
90 
91     rc = Tss2_Sys_FlushContext(sapi_context, handle_parent);
92     if (rc != TSS2_RC_SUCCESS) {
93         LOG_ERROR("Tss2_Sys_FlushContext failed with 0x%"PRIx32, rc);
94         return 99; /* fatal error */
95     }
96     rc = Tss2_Sys_FlushContext(sapi_context, handle);
97     if (rc != TSS2_RC_SUCCESS) {
98         LOG_ERROR("Tss2_Sys_FlushContext failed with 0x%"PRIx32, rc);
99         return 99; /* fatal error */
100     }
101 
102     return 0;
103 }
104