Skip to content

Commit

Permalink
test: add tcti state backup for finalize/reinit
Browse files Browse the repository at this point in the history
Signed-off-by: Johannes Holland <[email protected]>
  • Loading branch information
Johannes Holland committed Sep 6, 2024
1 parent 81494ba commit f3e1929
Show file tree
Hide file tree
Showing 9 changed files with 675 additions and 278 deletions.
1 change: 1 addition & 0 deletions Makefile-test.am
Original file line number Diff line number Diff line change
Expand Up @@ -1147,6 +1147,7 @@ test_integration_libtest_utils_la_SOURCES = \
test/integration/sys-session-util.c test/integration/session-util.h \
test/integration/sys-entity-util.c test/integration/test.h \
test/integration/test-common.c test/integration/test-common.h \
test/integration/test-common-tcti.c test/integration/test-common-tcti.h \
src/util/log.c

test_integration_sys_asymmetric_encrypt_decrypt_int_CFLAGS = $(AM_CFLAGS) $(TESTS_CFLAGS)
Expand Down
4 changes: 4 additions & 0 deletions src/tss2-tcti/tcti-tbs.h
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@

#define TCTI_TBS_MAGIC 0xfbf2afa3761e188aULL

#ifndef _WIN32
typedef BYTE *PBYTE;
#endif /* _WIN32 */

typedef struct {
TSS2_TCTI_COMMON_CONTEXT common;
void *hContext;
Expand Down
49 changes: 33 additions & 16 deletions test/integration/fapi-key-create-null-key-sign.int.c
Original file line number Diff line number Diff line change
Expand Up @@ -8,19 +8,22 @@
#include "config.h" // IWYU pragma: keep
#endif

#include <json.h> // for json_object_new_string, json_object
#include <stdint.h> // for uint8_t
#include <stdio.h> // for NULL, size_t, sprintf
#include <stdlib.h> // for EXIT_FAILURE, EXIT_SUCCESS
#include <string.h> // for strncmp

#include "test-fapi.h" // for init_fapi, fapi_profile, test_invoke_fapi
#include "tss2_common.h" // for TSS2_FAPI_RC_BAD_VALUE, TSS2_RC_SUCCESS
#include "tss2_fapi.h" // for Fapi_CreateKey, Fapi_Delete, Fapi_Finalize
#include "tss2_tpm2_types.h" // for TPM2B_DIGEST
#include <json.h> // for json_object_new_string
#include <stdint.h> // for uint8_t
#include <stdio.h> // for NULL, size_t, sprintf
#include <stdlib.h> // for EXIT_FAILURE, EXIT_SU...
#include <string.h> // for strncmp

#include "test-fapi.h" // for init_fapi, fapi_profile
#include "test/integration/test-common-tcti.h" // for tcti_is_volatile, tct...
#include "test/integration/test-common.h" // for tcti_is_volatile, tct...
#include "tss2_common.h" // for TSS2_FAPI_RC_BAD_VALUE
#include "tss2_fapi.h" // for Fapi_CreateKey, Fapi_...
#include "tss2_tcti.h" // for TSS2_TCTI_CONTEXT
#include "tss2_tpm2_types.h" // for TPM2B_DIGEST

#define LOGMODULE test
#include "util/log.h" // for goto_if_error, SAFE_FREE, UNUSED, retur...
#include "util/log.h" // for goto_if_error, SAFE_FREE

#define PASSWORD "abc"
#define SIGN_TEMPLATE "sign,noDa"
Expand Down Expand Up @@ -75,18 +78,26 @@ auth_callback(
int
test_fapi_key_create_null_sign(FAPI_CONTEXT *context)
{
TSS2_RC r;
char *sigscheme = NULL;
uint8_t *signature = NULL;
char *publicKey = NULL;
char *path_list = NULL;
TSS2_RC r;
int ret;
TSS2_TCTI_CONTEXT *tcti;
libtpms_state libtpms_state;
char *sigscheme = NULL;
uint8_t *signature = NULL;
char *publicKey = NULL;
char *path_list = NULL;

if (strncmp("P_ECC", fapi_profile, 5) != 0)
sigscheme = "RSA_PSS";

r = Fapi_Provision(context, NULL, NULL, NULL);
goto_if_error(r, "Error Fapi_Provision", error);

r = Fapi_GetTcti(context, &tcti);
if (tcti_is_volatile(tcti) && !tcti_state_backup_supported(tcti)) {
return EXIT_SKIP;
}

r = Fapi_SetAuthCB(context, auth_callback, NULL);
goto_if_error(r, "Error SetPolicyAuthCallback", error);

Expand Down Expand Up @@ -140,11 +151,17 @@ test_fapi_key_create_null_sign(FAPI_CONTEXT *context)
&digest.buffer[0], digest.size, signature, signatureSize);
goto_if_error(r, "Error Fapi_VerifySignature", error);

ret = fapi_tcti_state_backup_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_backup_if_necessary", error);

Fapi_Finalize(&context);
int rc = init_fapi(fapi_profile, &context);
if (rc)
goto error;

ret = fapi_tcti_state_restore_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_restore_if_necessary", error);

/* Test the creation of a primary in the storage hierarchy. */
r = Fapi_CreateKey(context, "HS/myPrimary", "noDa", "",
PASSWORD);
Expand Down
47 changes: 41 additions & 6 deletions test/integration/fapi-second-provisioning.int.c
Original file line number Diff line number Diff line change
Expand Up @@ -8,15 +8,18 @@
#include "config.h" // IWYU pragma: keep
#endif

#include <stdlib.h> // for NULL, EXIT_FAILURE, EXIT_SUCCESS
#include <string.h> // for strcmp, strncmp
#include <stdlib.h> // for NULL, EXIT_FAILURE
#include <string.h> // for strcmp, strncmp

#include "test-fapi.h" // for init_fapi, FAPI_PROFILE, pcr_reset, EXIT_SKIP
#include "tss2_common.h" // for TSS2_RC, TSS2_RC_SUCCESS, TSS2_FAPI_RC_AUTH...
#include "tss2_fapi.h" // for Fapi_Provision, Fapi_Delete, Fapi_Finalize
#include "test-fapi.h" // for init_fapi, FAPI_PROFILE
#include "test/integration/test-common-tcti.h" // for tcti_state_backup_if_...
#include "test/integration/test-common.h" // for tcti_state_backup_if_...
#include "tss2_common.h" // for TSS2_RC, TSS2_RC_SUCCESS
#include "tss2_fapi.h" // for Fapi_Provision, Fapi_...
#include "tss2_tcti.h" // for TSS2_TCTI_CONTEXT

#define LOGMODULE test
#include "util/log.h" // for goto_if_error, UNUSED, LOG_ERROR, LOG_WARNING
#include "util/log.h" // for goto_if_error, UNUSED

#define PASSWORD "abc"

Expand Down Expand Up @@ -55,6 +58,9 @@ int
test_fapi_test_second_provisioning(FAPI_CONTEXT *context)
{
TSS2_RC r;
int ret;
TSS2_TCTI_CONTEXT *tcti;
libtpms_state libtpms_state;

if (strncmp(FAPI_PROFILE, "P_RSA", 5) == 0) {
LOG_WARNING("Default ECC profile needed for this test %s is used", FAPI_PROFILE);
Expand All @@ -65,6 +71,11 @@ test_fapi_test_second_provisioning(FAPI_CONTEXT *context)
r = Fapi_Provision(context, PASSWORD, PASSWORD, NULL);
goto_if_error(r, "Error Fapi_Provision", error);

r = Fapi_GetTcti(context, &tcti);
if (tcti_is_volatile(tcti) && !tcti_state_backup_supported(tcti)) {
return EXIT_SKIP;
}

r = pcr_reset(context, 16);
goto_if_error(r, "Error pcr_reset", error);

Expand All @@ -73,12 +84,18 @@ test_fapi_test_second_provisioning(FAPI_CONTEXT *context)

goto_if_error(r, "Error Fapi_NV_Undefine", error);

ret = fapi_tcti_state_backup_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_backup_if_necessary", error);

Fapi_Finalize(&context);

int rc = init_fapi("P_RSA2", &context);
if (rc)
goto error;

ret = fapi_tcti_state_restore_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_restore_if_necessary", error);

/* Authentication should not work due to auth for hierarchy was set. */
r = Fapi_Provision(context, NULL, NULL, NULL);

Expand All @@ -101,11 +118,17 @@ test_fapi_test_second_provisioning(FAPI_CONTEXT *context)
r = Fapi_Delete(context, "/");
goto_if_error(r, "Error Fapi_Delete", error);

ret = fapi_tcti_state_backup_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_backup_if_necessary", error);

Fapi_Finalize(&context);
rc = init_fapi("P_RSA2", &context);
if (rc)
goto error;

ret = fapi_tcti_state_restore_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_restore_if_necessary", error);

/* Correct Provisioning with auth value for hierarchy from previous
provisioning. Non information whether auth value is needed is
available. */
Expand All @@ -126,6 +149,9 @@ test_fapi_test_second_provisioning(FAPI_CONTEXT *context)
r = Fapi_Delete(context, "/");
goto_if_error(r, "Error Fapi_Delete", error);

ret = fapi_tcti_state_backup_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_backup_if_necessary", error);

Fapi_Finalize(&context);

if (strcmp(FAPI_PROFILE, "P_ECC384") == 0) {
Expand All @@ -137,11 +163,17 @@ test_fapi_test_second_provisioning(FAPI_CONTEXT *context)
if (rc)
goto error;

ret = fapi_tcti_state_restore_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_restore_if_necessary", error);

/* A policy will be assigned to owner and endorsement hierarchy. */

r = Fapi_Provision(context, NULL, NULL, NULL);
goto_if_error(r, "Error Fapi_Provision", error);

ret = fapi_tcti_state_backup_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_backup_if_necessary", error);

Fapi_Finalize(&context);
if (strcmp(FAPI_PROFILE, "P_ECC") == 0) {
rc = init_fapi("P_ECC", &context);
Expand All @@ -156,6 +188,9 @@ test_fapi_test_second_provisioning(FAPI_CONTEXT *context)
if (rc)
goto error;

ret = fapi_tcti_state_restore_if_necessary(context, &libtpms_state);
goto_if_error(ret, "Error fapi_tcti_state_restore_if_necessary", error);

/* Owner and endorsement hierarchy will be authorized via policy and
policy will be reset. */
r = Fapi_Provision(context, NULL, NULL, NULL);
Expand Down
Loading

0 comments on commit f3e1929

Please sign in to comment.