144 lines
4.9 KiB
Diff
144 lines
4.9 KiB
Diff
From 6a3100ad060934228a1bec06ae43b41f5ea8a51b Mon Sep 17 00:00:00 2001
|
|
From: Trammell hudson <hudson@trmm.net>
|
|
Date: Fri, 26 Mar 2021 17:23:07 +0000
|
|
Subject: [PATCH 03/17] tpm2_identity_util: move create_name() into utility
|
|
library
|
|
|
|
Signed-off-by: Trammell Hudson <hudson@trmm.net>
|
|
---
|
|
lib/tpm2_identity_util.c | 40 ++++++++++++++++++++++++++++++++++++++
|
|
lib/tpm2_identity_util.h | 10 ++++++++++
|
|
tools/tpm2_import.c | 42 +---------------------------------------
|
|
3 files changed, 51 insertions(+), 41 deletions(-)
|
|
|
|
diff --git a/lib/tpm2_identity_util.c b/lib/tpm2_identity_util.c
|
|
index a3b0e387..e11137ab 100644
|
|
--- a/lib/tpm2_identity_util.c
|
|
+++ b/lib/tpm2_identity_util.c
|
|
@@ -423,3 +423,43 @@ void tpm2_identity_util_calculate_outer_integrity(TPMI_ALG_HASH parent_name_alg,
|
|
encrypted_duplicate_sensitive->size, pubname->name, pubname->size,
|
|
protection_hmac_key->buffer, outer_hmac);
|
|
}
|
|
+
|
|
+bool tpm2_identity_create_name(TPM2B_PUBLIC *public, TPM2B_NAME *pubname) {
|
|
+
|
|
+ /*
|
|
+ * A TPM2B_NAME is the name of the algorithm, followed by the hash.
|
|
+ * Calculate the name by:
|
|
+ * 1. Marshaling the name algorithm
|
|
+ * 2. Marshaling the TPMT_PUBLIC past the name algorithm from step 1.
|
|
+ * 3. Hash the TPMT_PUBLIC portion in marshaled data.
|
|
+ */
|
|
+
|
|
+ TPMI_ALG_HASH name_alg = public->publicArea.nameAlg;
|
|
+
|
|
+ // Step 1 - set beginning of name to hash alg
|
|
+ size_t hash_offset = 0;
|
|
+ Tss2_MU_UINT16_Marshal(name_alg, pubname->name, pubname->size,
|
|
+ &hash_offset);
|
|
+
|
|
+ // Step 2 - marshal TPMTP
|
|
+ TPMT_PUBLIC marshaled_tpmt;
|
|
+ size_t tpmt_marshalled_size = 0;
|
|
+ Tss2_MU_TPMT_PUBLIC_Marshal(&public->publicArea,
|
|
+ (uint8_t *) &marshaled_tpmt, sizeof(public->publicArea),
|
|
+ &tpmt_marshalled_size);
|
|
+
|
|
+ // Step 3 - Hash the data into name just past the alg type.
|
|
+ digester d = tpm2_openssl_halg_to_digester(name_alg);
|
|
+ if (!d) {
|
|
+ return false;
|
|
+ }
|
|
+
|
|
+ d((const unsigned char *) &marshaled_tpmt, tpmt_marshalled_size,
|
|
+ pubname->name + hash_offset);
|
|
+
|
|
+ //Set the name size, UINT16 followed by HASH
|
|
+ UINT16 hash_size = tpm2_alg_util_get_hash_size(name_alg);
|
|
+ pubname->size = hash_size + hash_offset;
|
|
+
|
|
+ return true;
|
|
+}
|
|
diff --git a/lib/tpm2_identity_util.h b/lib/tpm2_identity_util.h
|
|
index 0ac55793..61e10376 100644
|
|
--- a/lib/tpm2_identity_util.h
|
|
+++ b/lib/tpm2_identity_util.h
|
|
@@ -102,4 +102,14 @@ void tpm2_identity_util_calculate_outer_integrity(TPMI_ALG_HASH parent_name_alg,
|
|
TPM2B_MAX_BUFFER *encrypted_duplicate_sensitive,
|
|
TPM2B_DIGEST *outer_hmac);
|
|
|
|
+/**
|
|
+ * Computes the name of a TPM key.
|
|
+ *
|
|
+ * @param public
|
|
+ * Public key structure
|
|
+ * @param pubname
|
|
+ * The name structure to populate.
|
|
+ */
|
|
+bool tpm2_identity_create_name(TPM2B_PUBLIC *public, TPM2B_NAME *pubname);
|
|
+
|
|
#endif /* LIB_TPM2_IDENTITY_UTIL_H_ */
|
|
diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c
|
|
index eb8dd9a7..a5d1b4e6 100644
|
|
--- a/tools/tpm2_import.c
|
|
+++ b/tools/tpm2_import.c
|
|
@@ -74,46 +74,6 @@ static tool_rc readpublic(ESYS_CONTEXT *ectx, ESYS_TR handle,
|
|
return tpm2_readpublic(ectx, handle, public, NULL, NULL);
|
|
}
|
|
|
|
-static bool create_name(TPM2B_PUBLIC *public, TPM2B_NAME *pubname) {
|
|
-
|
|
- /*
|
|
- * A TPM2B_NAME is the name of the algorithm, followed by the hash.
|
|
- * Calculate the name by:
|
|
- * 1. Marshaling the name algorithm
|
|
- * 2. Marshaling the TPMT_PUBLIC past the name algorithm from step 1.
|
|
- * 3. Hash the TPMT_PUBLIC portion in marshaled data.
|
|
- */
|
|
-
|
|
- TPMI_ALG_HASH name_alg = public->publicArea.nameAlg;
|
|
-
|
|
- // Step 1 - set beginning of name to hash alg
|
|
- size_t hash_offset = 0;
|
|
- Tss2_MU_UINT16_Marshal(name_alg, pubname->name, pubname->size,
|
|
- &hash_offset);
|
|
-
|
|
- // Step 2 - marshal TPMTP
|
|
- TPMT_PUBLIC marshaled_tpmt;
|
|
- size_t tpmt_marshalled_size = 0;
|
|
- Tss2_MU_TPMT_PUBLIC_Marshal(&public->publicArea,
|
|
- (uint8_t *) &marshaled_tpmt, sizeof(public->publicArea),
|
|
- &tpmt_marshalled_size);
|
|
-
|
|
- // Step 3 - Hash the data into name just past the alg type.
|
|
- digester d = tpm2_openssl_halg_to_digester(name_alg);
|
|
- if (!d) {
|
|
- return false;
|
|
- }
|
|
-
|
|
- d((const unsigned char *) &marshaled_tpmt, tpmt_marshalled_size,
|
|
- pubname->name + 2);
|
|
-
|
|
- //Set the name size, UINT16 followed by HASH
|
|
- UINT16 hash_size = tpm2_alg_util_get_hash_size(name_alg);
|
|
- pubname->size = hash_size + 2;
|
|
-
|
|
- return true;
|
|
-}
|
|
-
|
|
static void create_import_key_private_data(TPM2B_PRIVATE *private,
|
|
TPMI_ALG_HASH parent_name_alg,
|
|
TPM2B_MAX_BUFFER *encrypted_duplicate_sensitive,
|
|
@@ -155,7 +115,7 @@ static tool_rc key_import(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *parent_pub,
|
|
* Calculate the object name.
|
|
*/
|
|
TPM2B_NAME pubname = TPM2B_TYPE_INIT(TPM2B_NAME, name);
|
|
- bool res = create_name(pubkey, &pubname);
|
|
+ bool res = tpm2_identity_create_name(pubkey, &pubname);
|
|
if (!res) {
|
|
return false;
|
|
}
|
|
--
|
|
2.31.1
|
|
|