1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************
3 * Copyright (c) 2017-2018, Intel Corporation
4 *
5 * All rights reserved.
6 ***********************************************************************/
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include <stdlib.h>
12
13 #include "tss2_sys.h"
14
15 #include "inttypes.h"
16 #define LOGMODULE test
17 #include "util/log.h"
18 #include "sapi-util.h"
19 #include "test.h"
20
21 /*
22 * Test auth value changes for Owner Auth
23 */
24 int
test_owner_auth(TSS2_SYS_CONTEXT * sapi_context)25 test_owner_auth (TSS2_SYS_CONTEXT *sapi_context)
26 {
27 UINT32 rval;
28 TPM2B_AUTH newAuth;
29 TPM2B_AUTH resetAuth;
30 int i;
31
32 TSS2L_SYS_AUTH_COMMAND sessionsData = {
33 .count = 1,
34 .auths = {{.sessionHandle = TPM2_RS_PW,
35 .sessionAttributes = 0x00,
36 .nonce={.size=0},
37 .hmac={.size=0}}}};
38
39 LOG_INFO("HIERARCHY_CHANGE_AUTH TESTS:" );
40
41 newAuth.size = 0;
42 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0);
43 if (rval != TPM2_RC_SUCCESS) {
44 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
45 exit(1);
46 }
47
48 /* Init new auth */
49 newAuth.size = 20;
50 for( i = 0; i < newAuth.size; i++ )
51 newAuth.buffer[i] = i;
52
53 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0 );
54 if (rval != TPM2_RC_SUCCESS) {
55 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
56 exit(1);
57 }
58
59 /* Create hmac session */
60 sessionsData.auths[0].hmac = newAuth;
61 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0 );
62 if (rval != TPM2_RC_SUCCESS) {
63 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
64 exit(1);
65 }
66
67 /* Provide current auth value in SessionData hmac field */
68 sessionsData.auths[0].hmac = newAuth;
69 /* change auth value to different value */
70 newAuth.buffer[0] = 3;
71 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0 );
72 if (rval != TPM2_RC_SUCCESS) {
73 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
74 exit(1);
75 }
76 /* Provide current auth value in SessionData hmac field */
77 sessionsData.auths[0].hmac = newAuth;
78 /* change auth value to different value */
79 newAuth.buffer[0] = 4;
80 /* backup auth value to restore to empty buffer after test */
81 resetAuth = newAuth;
82
83 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0 );
84 if (rval != TPM2_RC_SUCCESS) {
85 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
86 exit(1);
87 }
88 /* Set new auth to zero */
89 newAuth.size = 0;
90 /* Assert that without setting current auth value the command fails */
91 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0 );
92 if (rval != (TPM2_RC_1 + TPM2_RC_S + TPM2_RC_BAD_AUTH)) {
93 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
94 exit(1);
95 }
96 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0 );
97 if (rval != (TPM2_RC_1 + TPM2_RC_S + TPM2_RC_BAD_AUTH)) {
98 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
99 exit(1);
100 }
101 /* test return value for empty hierarchy */
102 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, 0, &sessionsData, &newAuth, 0 );
103 if (rval != (TPM2_RC_1 + TPM2_RC_VALUE)) {
104 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
105 exit(1);
106 }
107 /* Set auth to zero again with valid session */
108 sessionsData.auths[0].hmac = resetAuth;
109 /* change auth value to different value */
110 newAuth.size = 0;
111 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_OWNER, &sessionsData, &newAuth, 0 );
112 if (rval != TPM2_RC_SUCCESS) {
113 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
114 exit(1);
115 }
116 return 0;
117 }
118
119 /*
120 * Test auth value changes for Platform Auth
121 */
122 int
test_platform_auth(TSS2_SYS_CONTEXT * sapi_context)123 test_platform_auth (TSS2_SYS_CONTEXT *sapi_context)
124 {
125 UINT32 rval;
126 TPM2B_AUTH newAuth;
127 TPM2B_AUTH resetAuth;
128 int i;
129
130 TSS2L_SYS_AUTH_COMMAND sessionsData = {
131 .count = 1,
132 .auths = {{.sessionHandle = TPM2_RS_PW,
133 .sessionAttributes = 0x00,
134 .nonce={.size=0},
135 .hmac={.size=0}}}};
136
137 LOG_INFO("HIERARCHY_CHANGE_AUTH TESTS:" );
138
139 newAuth.size = 0;
140 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0);
141 if (rval != TPM2_RC_SUCCESS) {
142 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
143 exit(1);
144 }
145 /* Init new auth */
146 newAuth.size = 20;
147 for( i = 0; i < newAuth.size; i++ )
148 newAuth.buffer[i] = i;
149
150 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0 );
151 if (rval != TPM2_RC_SUCCESS) {
152 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
153 exit(1);
154 }
155 /* Create hmac session */
156 sessionsData.auths[0].hmac = newAuth;
157 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0 );
158 if (rval != TPM2_RC_SUCCESS) {
159 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
160 exit(1);
161 }
162 /* Provide current auth value in SessionData hmac field */
163 sessionsData.auths[0].hmac = newAuth;
164 /* change auth value to different value */
165 newAuth.buffer[0] = 3;
166 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0 );
167 if (rval != TPM2_RC_SUCCESS) {
168 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
169 exit(1);
170 }
171 /* Provide current auth value in SessionData hmac field */
172 sessionsData.auths[0].hmac = newAuth;
173 /* change auth value to different value */
174 newAuth.buffer[0] = 4;
175 /* backup auth value to restore to empty buffer after test */
176 resetAuth = newAuth;
177
178 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0 );
179 if (rval != TPM2_RC_SUCCESS) {
180 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
181 exit(1);
182 }
183 /* Set new auth to zero */
184 newAuth.size = 0;
185 /* Assert that without setting current auth value the command fails */
186 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0 );
187 if (rval != (TPM2_RC_1 + TPM2_RC_S + TPM2_RC_BAD_AUTH)) {
188 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
189 exit(1);
190 }
191 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0 );
192 if (rval != (TPM2_RC_1 + TPM2_RC_S + TPM2_RC_BAD_AUTH)) {
193 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
194 exit(1);
195 }
196 /* test return value for empty hierarchy */
197 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, 0, &sessionsData, &newAuth, 0 );
198 if (rval != (TPM2_RC_1 + TPM2_RC_VALUE)) {
199 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
200 exit(1);
201 }
202 /* Set auth to zero again with valid session */
203 sessionsData.auths[0].hmac = resetAuth;
204 /* change auth value to different value */
205 newAuth.size = 0;
206 rval = Tss2_Sys_HierarchyChangeAuth( sapi_context, TPM2_RH_PLATFORM, &sessionsData, &newAuth, 0 );
207 if (rval != TPM2_RC_SUCCESS) {
208 LOG_ERROR("HierarchyChangeAuth FAILED! Response Code : 0x%x", rval);
209 exit(1);
210 }
211 return 0;
212 }
213
214 int
test_invoke(TSS2_SYS_CONTEXT * sapi_context)215 test_invoke (TSS2_SYS_CONTEXT *sapi_context)
216 {
217
218 test_platform_auth (sapi_context);
219 test_owner_auth (sapi_context);
220
221 return 0;
222 }
223