Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 2 additions & 4 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -99,8 +99,7 @@ if(BUILD_SHARED_LIBS)

if(USE_TPM)
target_link_libraries(xtt PUBLIC tss2::sys)
target_link_libraries(xtt PUBLIC tss2::tcti-device)
target_link_libraries(xtt PUBLIC tss2::tcti-mssim)
target_link_libraries(xtt PUBLIC tss2::tctildr)
target_link_libraries(xtt PUBLIC xaptum-tpm::xaptum-tpm)
target_link_libraries(xtt PRIVATE ecdaa::ecdaa-tpm)
endif()
Expand Down Expand Up @@ -137,8 +136,7 @@ if(BUILD_STATIC_LIBS)
)
if(USE_TPM)
target_link_libraries(xtt_static PUBLIC tss2::sys)
target_link_libraries(xtt_static PUBLIC tss2::tcti-device)
target_link_libraries(xtt_static PUBLIC tss2::tcti-mssim)
target_link_libraries(xtt_static PUBLIC tss2::tctildr)
target_link_libraries(xtt_static PUBLIC xaptum-tpm::xaptum-tpm)
target_link_libraries(xtt_static PRIVATE ecdaa::ecdaa-tpm)
else()
Expand Down
51 changes: 12 additions & 39 deletions cmake/FindTSS2.cmake
Original file line number Diff line number Diff line change
Expand Up @@ -39,54 +39,27 @@ if (libtss2_sys_FOUND)
endif ()

###############################################################################
# TSS2-TCTI-Device Library
# TSS2-TCTILDR Library
###############################################################################
find_library(libtss2_tcti_device_LIBRARY
NAMES tss2-tcti-device
find_library(libtss2_tctildr_LIBRARY
NAMES tss2-tctildr
PATHS ${libtss2_PKGCONFIG_LIBRARY_DIRS}
)

set(libtss2_tcti_device_PROCESS_INCLUDES libtss2_INCLUDE_DIR)
set(libtss2_tcti_device_PROCESS_LIBS libtss2_tcti_device_LIBRARY)
set(libtss2_tctildr_PROCESS_INCLUDES libtss2_INCLUDE_DIR)
set(libtss2_tctildr_PROCESS_LIBS libtss2_tctildr_LIBRARY)

libfind_process(libtss2_tcti_device)
libfind_process(libtss2_tctildr)

if (libtss2_tcti_device_FOUND)
if (NOT TARGET tss2::tcti-device)
if (libtss2_tctildr_FOUND)
if (NOT TARGET tss2::tctildr)

add_library(tss2::tcti-device UNKNOWN IMPORTED)
add_library(tss2::tctildr UNKNOWN IMPORTED)

set_target_properties(tss2::tcti-device PROPERTIES
set_target_properties(tss2::tctildr PROPERTIES
INTERFACE_INCLUDE_DIRECTORIES "${libtss2_INCLUDE_DIR}"
IMPORTED_LINK_INTERFACE_LANGUAGES "C"
IMPORTED_LOCATION "${libtss2_tcti_device_LIBRARY}"
)

endif ()
endif ()

###############################################################################
# TSS2-TCTI-MSSIM Library
###############################################################################
find_library(libtss2_tcti_mssim_LIBRARY
NAMES tss2-tcti-mssim
PATHS ${libtss2_PKGCONFIG_LIBRARY_DIRS}
)

set(libtss2_tcti_mssim_PROCESS_INCLUDES libtss2_INCLUDE_DIR)
set(libtss2_tcti_mssim_PROCESS_LIBS libtss2_tcti_mssim_LIBRARY)

libfind_process(libtss2_tcti_mssim)

if (libtss2_tcti_mssim_FOUND)
if (NOT TARGET tss2::tcti-mssim)

add_library(tss2::tcti-mssim UNKNOWN IMPORTED)

set_target_properties(tss2::tcti-mssim PROPERTIES
INTERFACE_INCLUDE_DIRECTORIES "${libtss2_INCLUDE_DIR}"
IMPORTED_LINK_INTERFACE_LANGUAGES "C"
IMPORTED_LOCATION "${libtss2_tcti_mssim_LIBRARY}"
IMPORTED_LOCATION "${libtss2_tctildr_LIBRARY}"
)

endif ()
Expand All @@ -95,7 +68,7 @@ endif ()
###############################################################################
# Indicate package was found
###############################################################################
if (libtss2_sys_FOUND AND libtss2_tcti_device_FOUND AND libtss2_tcti_mssim_FOUND)
if (libtss2_sys_FOUND AND libtss2_tctildr_FOUND AND libtss2_tctildr_FOUND)
set(TSS2_FOUND TRUE)
else()
set(TSS2_FOUND FALSE)
Expand Down
15 changes: 1 addition & 14 deletions include/xtt/tpm/context.h
Original file line number Diff line number Diff line change
Expand Up @@ -27,26 +27,13 @@ extern "C" {
#include <tss2/tss2_sys.h>
#include <tss2/tss2_tcti.h>

typedef enum {
XTT_TCTI_SOCKET,
XTT_TCTI_DEVICE,
} xtt_tcti_type;

struct xtt_tpm_params {
xtt_tcti_type tcti;
const char *dev_file;
const char *hostname;
const char *port;
};

struct xtt_tpm_context {
unsigned char tcti_context_buffer[256];
TSS2_TCTI_CONTEXT *tcti_context;
unsigned char sapi_context_buffer[5120];
TSS2_SYS_CONTEXT *sapi_context;
};

int xtt_init_tpm_context(struct xtt_tpm_context *ctx, const struct xtt_tpm_params *params);
int xtt_init_tpm_context(struct xtt_tpm_context *ctx, const char* nameConf);

void xtt_free_tpm_context(struct xtt_tpm_context *ctx);

Expand Down
37 changes: 5 additions & 32 deletions src/tpm/context.c
Original file line number Diff line number Diff line change
Expand Up @@ -19,47 +19,20 @@
#include <xtt/util/util_errors.h>
#include <xtt/tpm/context.h>

#include <tss2/tss2_tcti_device.h>
#include <tss2/tss2_tcti_mssim.h>
#include <tss2/tss2_tctildr.h>

#include <string.h>
#include <assert.h>
#include <stdio.h>

int xtt_init_tpm_context(struct xtt_tpm_context *ctx, const struct xtt_tpm_params *params)
int xtt_init_tpm_context(struct xtt_tpm_context *ctx, const char* nameConf)
{
// tpm2-software's TSS2 implementation seems to have issues
// if the memory used for the TCTI and SYS contexts aren't zeroed-out before initialization...
memset(ctx, 0, sizeof(struct xtt_tpm_context));

ctx->tcti_context = (TSS2_TCTI_CONTEXT*)ctx->tcti_context_buffer;

size_t tcti_ctx_size;
switch (params->tcti) {
case XTT_TCTI_SOCKET: {
char config_string[64];
size_t ret = snprintf(config_string, sizeof(config_string), "host=%s,port=%s", params->hostname, params->port);
if (ret >= sizeof(config_string)) {
return TPM_ERROR;
}
if (TSS2_RC_SUCCESS != Tss2_Tcti_Mssim_Init(NULL, &tcti_ctx_size, config_string)) {
return TPM_ERROR;
}
assert(tcti_ctx_size < sizeof(ctx->tcti_context_buffer));
if (TSS2_RC_SUCCESS != Tss2_Tcti_Mssim_Init(ctx->tcti_context, &tcti_ctx_size, config_string)) {
return TPM_ERROR;
}
break;
}
case XTT_TCTI_DEVICE:
if (TSS2_RC_SUCCESS != Tss2_Tcti_Device_Init(NULL, &tcti_ctx_size, params->dev_file)) {
return TPM_ERROR;
}
assert(tcti_ctx_size < sizeof(ctx->tcti_context_buffer));
if (TSS2_RC_SUCCESS != Tss2_Tcti_Device_Init(ctx->tcti_context, &tcti_ctx_size, params->dev_file)) {
return TPM_ERROR;
}
break;
if (TSS2_RC_SUCCESS != Tss2_TctiLdr_Initialize(nameConf, &ctx->tcti_context)) {
return TPM_ERROR;
}

TSS2_ABI_VERSION abi_version = TSS2_ABI_VERSION_CURRENT;
Expand All @@ -77,5 +50,5 @@ int xtt_init_tpm_context(struct xtt_tpm_context *ctx, const struct xtt_tpm_param
void xtt_free_tpm_context(struct xtt_tpm_context *ctx)
{
Tss2_Sys_Finalize(ctx->sapi_context);
Tss2_Tcti_Finalize(ctx->tcti_context);
Tss2_TctiLdr_Finalize(&ctx->tcti_context);
}
2 changes: 1 addition & 1 deletion tool/client.c
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@ int run_client(struct cli_params* params)
#ifdef USE_TPM
int tpm_ctx_ret = SUCCESS;
if (use_tpm) {
tpm_ctx_ret = xtt_init_tpm_context(&tpm_ctx, &params->tpm_params);
tpm_ctx_ret = xtt_init_tpm_context(&tpm_ctx, params->tcti_conf);
if (SUCCESS != tpm_ctx_ret) {
fprintf(stderr, "Error initializing TPM context: %d\n", tpm_ctx_ret);
return tpm_ctx_ret;
Expand Down
60 changes: 8 additions & 52 deletions tool/parse_cli.c
Original file line number Diff line number Diff line change
Expand Up @@ -298,10 +298,7 @@ void parse_runclient_cli(int argc, char** argv, struct cli_params *params){
params->usetpm = 0;
params->suitespec = "X25519_LRSW_ECDSAP256_CHACHA20POLY1305_SHA512";
#ifdef USE_TPM
char *tcti_str = "device";
params->tpm_params.dev_file = "/dev/tpm0";
params->tpm_params.hostname = "localhost";
params->tpm_params.port = "2321";
params->tcti_conf = "device:/dev/tpm0";
#endif
const char *usage_str = "Run XTT client.\n\n"
"Usage: %s %s [-h] [-p <file>] [-s option] [-a <file>] [-q <file>] [-r <file>] [-d <file>] [-c <file>] [-k <file>]"
Expand Down Expand Up @@ -330,8 +327,7 @@ void parse_runclient_cli(int argc, char** argv, struct cli_params *params){
"\t\t-v --longtermpriv Longterm Private Key output location [default = longterm_priv.bin]\n"
#ifdef USE_TPM
"\t\t-m --tpmuse Indicates to use TPM [default = false]\n"
"\t\t-t --tctitype Which TCTI socket is used ('device' or 'socket') [default = device]\n"
"\t\t-f --devfile Device file input location if tcti == device [default = /dev/tpm0]\n"
"\t\t-t --tcti TCTI conf options [default = device:/dev/tpm0]\n"
#endif
;

Expand All @@ -352,8 +348,7 @@ void parse_runclient_cli(int argc, char** argv, struct cli_params *params){
{"help", no_argument, NULL, 'h'},
#ifdef USE_TPM
{"tpmuse", no_argument, NULL, 'm'},
{"tctitype", required_argument, NULL, 't'},
{"devfile", required_argument, NULL, 'f'},
{"tcti", required_argument, NULL, 't'},
#endif

{NULL, 0, NULL, 0}
Expand Down Expand Up @@ -424,15 +419,11 @@ void parse_runclient_cli(int argc, char** argv, struct cli_params *params){
params->usetpm = 1;
break;
case 't':
tcti_str = optarg;
break;
case 'f':
params->tpm_params.dev_file = optarg;
params->tcti_conf = optarg;
break;
#else
case 'm':
case 't':
case 'f':
printf("TPM options are not supported, because not built with TPM support.");
exit(1);
#endif
Expand All @@ -445,15 +436,6 @@ void parse_runclient_cli(int argc, char** argv, struct cli_params *params){
#ifdef USE_TPM
if (!nondefault_priv_file && 1 == params->usetpm)
params->longtermpriv = "longterm_priv.pem";

if (0 == strcmp(tcti_str, "device")) {
params->tpm_params.tcti = XTT_TCTI_DEVICE;
} else if (0 == strcmp(tcti_str, "socket")) {
params->tpm_params.tcti = XTT_TCTI_SOCKET;
} else {
fprintf(stderr, "Unknown tcti_type '%s'\n", tcti_str);
exit(1);
}
#else
(void)nondefault_priv_file;
#endif
Expand All @@ -463,19 +445,13 @@ static
void parse_nvram_cli(int argc, char** argv, struct cli_params *params)
{
#ifdef USE_TPM
char *tcti_str = "device";
params->tpm_params.dev_file = "/dev/tpm0";
params->tpm_params.hostname = "localhost";
params->tpm_params.port = "2321";
params->tcti_conf = "device:/dev/tpm0";
params->outfile = NULL;
const char *usage_str = "Dump to file an NVRAM object provisioned on a Xaptum TPM.\n\n"
"Usage: %s [-h] [-t device|socket] [-d <path>] [-a <ip>] [-p <port>] [-o <file>] <object-name>\n"
"\tOptions:\n"
"\t\t-h --help Display this message.\n"
"\t\t-t --tcti TPM TCTI type (device|socket) [default = device].\n"
"\t\t-d --tpm-device-file TCTI device file, if tcti==device [default = '/dev/tpm0'].\n"
"\t\t-a --tpm-ip-address IP hostname of TPM TCP server, if tcti==socket [default = 'localhost'].\n"
"\t\t-p --tpm-port TCP port of TPM TCP server, if tcti==socket [default = 2321].\n"
"\t\t-t --tcti TPM TCTI conf optiosn [default = device:/dev/tpm0].\n"
"\t\t-o --output-file Output file. [default: '<object-name>.[bin,pem]']\n"
"\tArguments:\n"
"\t\tobject-name\tOne of daa_gpk, daa_cred, daa_cred_sig, root_asn1_cert, root_xtt_cert, or basename\n"
Expand All @@ -484,28 +460,16 @@ void parse_nvram_cli(int argc, char** argv, struct cli_params *params)
static struct option cli_options[] =
{
{"tcti", required_argument, NULL, 't'},
{"tpm-device-file", required_argument, NULL, 'd'},
{"tpm-ip-address", required_argument, NULL, 'a'},
{"tpm-port", required_argument, NULL, 'p'},
{"output-file", required_argument, NULL, 'o'},
{"help", no_argument, NULL, 'h'},
{NULL, 0, NULL, 0}
};

int c;
while ((c = getopt_long(argc, argv, "t:d:a:p:o:h", cli_options, NULL)) != -1) {
while ((c = getopt_long(argc, argv, "t:o:h", cli_options, NULL)) != -1) {
switch (c) {
case 't':
tcti_str = optarg;
break;
case 'd':
params->tpm_params.dev_file = optarg;
break;
case 'a':
params->tpm_params.hostname = optarg;
break;
case 'p':
params->tpm_params.port = optarg;
params->tcti_conf = optarg;
break;
case 'o':
params->outfile = optarg;
Expand Down Expand Up @@ -549,14 +513,6 @@ void parse_nvram_cli(int argc, char** argv, struct cli_params *params)
exit(1);
}

if (0 == strcmp(tcti_str, "device")) {
params->tpm_params.tcti = XTT_TCTI_DEVICE;
} else if (0 == strcmp(tcti_str, "socket")) {
params->tpm_params.tcti = XTT_TCTI_SOCKET;
} else {
fprintf(stderr, "Unknown tcti_type '%s'\n", tcti_str);
exit(1);
}
#else
(void)argc;
(void)argv;
Expand Down
2 changes: 1 addition & 1 deletion tool/parse_cli.h
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ struct cli_params {
const char* outfile;

#ifdef USE_TPM
struct xtt_tpm_params tpm_params;
const char* tcti_conf;
enum xtpm_object_name obj_name;
#endif

Expand Down
4 changes: 2 additions & 2 deletions tool/read_nvram.c
Original file line number Diff line number Diff line change
Expand Up @@ -28,11 +28,11 @@

#define MAX_NVRAM_SIZE 768

int read_nvram(const struct xtt_tpm_params *params, const char* outfile, enum xtpm_object_name obj_name)
int read_nvram(const char* tcti_conf, const char* outfile, enum xtpm_object_name obj_name)
{
struct xtt_tpm_context ctx;

int ctx_ret = xtt_init_tpm_context(&ctx, params);
int ctx_ret = xtt_init_tpm_context(&ctx, tcti_conf);
if (SUCCESS != ctx_ret) {
fprintf(stderr, "Error initializing TPM context: %d\n", ctx_ret);
return ctx_ret;
Expand Down
2 changes: 1 addition & 1 deletion tool/read_nvram.h
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ extern "C" {

#include <xaptum-tpm/nvram.h>

int read_nvram(const struct xtt_tpm_params *params, const char* outfile, enum xtpm_object_name obj_name);
int read_nvram(const char* tcti_conf, const char* outfile, enum xtpm_object_name obj_name);


#ifdef __cplusplus
Expand Down
2 changes: 1 addition & 1 deletion tool/xtt.c
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ int main(int argc, char **argv)
}
case action_readnvram: {
#ifdef USE_TPM
out = read_nvram(&params.tpm_params, params.outfile, params.obj_name);
out = read_nvram(params.tcti_conf, params.outfile, params.obj_name);
#else
fprintf(stderr, "Attempted to use a TPM, but not built with TPM enabled!\n");
out = TPM_ERROR;
Expand Down