Google Git
Sign in
fuchsia / third_party / github.com / tpm2-software / tpm2-tss / refs/heads/upstream/3.0.x / . / src / tss2-fapi / api / Fapi_VerifyQuote.c
blob: 03a67459fcc2400668c093554163ddc5b55168c4 [file] [log] [blame]
/* SPDX-License-Identifier: BSD-2-Clause */
/*******************************************************************************
* Copyright 2018-2019, Fraunhofer SIT sponsored by Infineon Technologies AG
* All rights reserved.
******************************************************************************/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdlib.h>
#include <errno.h>
#include <unistd.h>
#include <errno.h>
#include <string.h>
#include "tss2_fapi.h"
#include "fapi_int.h"
#include "fapi_util.h"
#include "tss2_esys.h"
#include "fapi_crypto.h"
#define LOGMODULE fapi
#include "util/log.h"
#include "util/aux_util.h"
/** One-Call function for Fapi_VerifyQuote
*
* Verifies that the data returned by a quote is valid.
*
* @param[in,out] context The FAPI_CONTEXT
* @param[in] publicKeyPath The path to the signing key
* @param[in] qualifyingData The qualifying data nonce. May be NULL
* @param[in] qualifyingDataSize The size of qualifyingData in bytes. Must be 0
* if qualifyingData is NULL
* @param[in] quoteInfo The quote information
* @param[in] signature The quote's signature
* @param[in] signatureSize The size of signature in bytes
* @param[in] pcrLog The PCR's log. May be NULL
*
* @retval TSS2_RC_SUCCESS: if the function call was a success.
* @retval TSS2_FAPI_RC_BAD_REFERENCE: if context, publicKeyPath, quoteInfo,
* or signature is NULL.
* @retval TSS2_FAPI_RC_BAD_CONTEXT: if context corruption is detected.
* @retval TSS2_FAPI_RC_KEY_NOT_FOUND: if path does not map to a FAPI entity.
* @retval TSS2_FAPI_RC_BAD_KEY: if the entity at path is not a key, or is a key
* that is unsuitable for the requested operation.
* @retval TSS2_FAPI_RC_BAD_VALUE: if quoteInfo, pcrEventLog, qualifyingData, or
* signature is invalid.
* @retval TSS2_FAPI_RC_BAD_SEQUENCE: if the context has an asynchronous
* operation already pending.
* @retval TSS2_FAPI_RC_IO_ERROR: if the data cannot be saved.
* @retval TSS2_FAPI_RC_MEMORY: if the FAPI cannot allocate enough memory for
* internal operations or return parameters.
* @retval TSS2_FAPI_RC_PATH_NOT_FOUND if a FAPI object path was not found
* during authorization.
* @retval TSS2_FAPI_RC_TRY_AGAIN if an I/O operation is not finished yet and
* this function needs to be called again.
* @retval TSS2_FAPI_RC_GENERAL_FAILURE if an internal error occurred.
* @retval TSS2_FAPI_RC_SIGNATURE_VERIFICATION_FAILED if the signature could not
* be verified
* @retval TSS2_FAPI_RC_NOT_PROVISIONED FAPI was not provisioned.
* @retval TSS2_FAPI_RC_BAD_PATH if the path is used in inappropriate context
* or contains illegal characters.
*/
TSS2_RC
Fapi_VerifyQuote(
FAPI_CONTEXT *context,
char const *publicKeyPath,
uint8_t const *qualifyingData,
size_t qualifyingDataSize,
char const *quoteInfo,
uint8_t const *signature,
size_t signatureSize,
char const *pcrLog)
{
LOG_TRACE("called for context:%p", context);
TSS2_RC r;
/* Check for NULL parameters */
check_not_null(context);
check_not_null(publicKeyPath);
check_not_null(quoteInfo);
check_not_null(signature);
r = Fapi_VerifyQuote_Async(context, publicKeyPath,
qualifyingData, qualifyingDataSize,
quoteInfo, signature,
signatureSize, pcrLog);
return_if_error_reset_state(r, "Key_VerifyQuote");
do {
/* We wait for file I/O to be ready if the FAPI state automata
are in a file I/O state. */
r = ifapi_io_poll(&context->io);
return_if_error(r, "Something went wrong with IO polling");
/* Repeatedly call the finish function, until FAPI has transitioned
through all execution stages / states of this invocation. */
r = Fapi_VerifyQuote_Finish(context);
} while (base_rc(r) == TSS2_BASE_RC_TRY_AGAIN);
return_if_error_reset_state(r, "Key_VerifyQuote");
LOG_TRACE("finished");
return TSS2_RC_SUCCESS;
}
/** Asynchronous function for Fapi_VerifyQuote
*
* Verifies that the data returned by a quote is valid.
* Call Fapi_VerifyQuote_Finish to finish the execution of this command.
*
* @param[in,out] context The FAPI_CONTEXT
* @param[in] publicKeyPath The path to the signing key
* @param[in] qualifyingData The qualifying data nonce. May be NULL
* @param[in] qualifyingDataSize The size of qualifyingData in bytes. Must be 0
* if qualifyingData is NULL
* @param[in] quoteInfo The quote information
* @param[in] signature The quote's signature
* @param[in] signatureSize The size of signature in bytes
* @param[in] pcrLog The PCR's log. May be NULL
*
* @retval TSS2_RC_SUCCESS: if the function call was a success.
* @retval TSS2_FAPI_RC_BAD_REFERENCE: if context, publicKeyPath, quoteInfo,
* or signature is NULL.
* @retval TSS2_FAPI_RC_BAD_CONTEXT: if context corruption is detected.
* @retval TSS2_FAPI_RC_KEY_NOT_FOUND: if path does not map to a FAPI entity.
* @retval TSS2_FAPI_RC_BAD_KEY: if the entity at path is not a key, or is a key
* that is unsuitable for the requested operation.
* @retval TSS2_FAPI_RC_BAD_VALUE: if quoteInfo, pcrEventLog, qualifyingData, or
* signature is invalid.
* @retval TSS2_FAPI_RC_BAD_SEQUENCE: if the context has an asynchronous
* operation already pending.
* @retval TSS2_FAPI_RC_IO_ERROR: if the data cannot be saved.
* @retval TSS2_FAPI_RC_MEMORY: if the FAPI cannot allocate enough memory for
* internal operations or return parameters.
* @retval TSS2_FAPI_RC_PATH_NOT_FOUND if a FAPI object path was not found
* during authorization.
* @retval TSS2_FAPI_RC_NOT_PROVISIONED FAPI was not provisioned.
* @retval TSS2_FAPI_RC_BAD_PATH if the path is used in inappropriate context
* or contains illegal characters.
*/
TSS2_RC
Fapi_VerifyQuote_Async(
FAPI_CONTEXT *context,
char const *publicKeyPath,
uint8_t const *qualifyingData,
size_t qualifyingDataSize,
char const *quoteInfo,
uint8_t const *signature,
size_t signatureSize,
char const *pcrLog)
{
LOG_TRACE("called for context:%p", context);
LOG_TRACE("publicKeyPath: %s", publicKeyPath);
if (qualifyingData) {
LOGBLOB_TRACE(qualifyingData, qualifyingDataSize, "qualifyingData");
} else {
LOG_TRACE("qualifyingData: (null) qualifyingDataSize: %zi", qualifyingDataSize);
}
LOG_TRACE("quoteInfo: %s", quoteInfo);
if (signature) {
LOGBLOB_TRACE(signature, signatureSize, "signature");
} else {
LOG_TRACE("signature: (null) signatureSize: %zi", signatureSize);
}
LOG_TRACE("pcrLog: %s", pcrLog);
TSS2_RC r;
/* Check for NULL parameters */
check_not_null(context);
check_not_null(publicKeyPath);
check_not_null(quoteInfo);
check_not_null(signature);
/* Check for invalid parameters */
if (qualifyingData == NULL && qualifyingDataSize != 0) {
LOG_ERROR("qualifyingData is NULL but qualifyingDataSize is not 0");
return TSS2_FAPI_RC_BAD_VALUE;
}
/* Helpful alias pointers */
IFAPI_PCR * command = &context->cmd.pcr;
if (qualifyingDataSize > sizeof(command->qualifyingData.buffer)) {
return_error(TSS2_FAPI_RC_BAD_VALUE, "qualifyingDataSize too large.");
}
r = ifapi_non_tpm_mode_init(context);
return_if_error(r, "Initialize VerifyQuote");
/* Copy parameters to context for use during _Finish. */
uint8_t * signatureBuffer = malloc(signatureSize);
goto_if_null2(signatureBuffer, "Out of memory",
r, TSS2_FAPI_RC_MEMORY, error_cleanup);
memcpy(signatureBuffer, signature, signatureSize);
command->signature = signatureBuffer;
command->signatureSize = signatureSize;
strdup_check(command->keyPath, publicKeyPath, r, error_cleanup);
strdup_check(command->quoteInfo, quoteInfo, r, error_cleanup);
strdup_check(command->logData, pcrLog, r, error_cleanup);
command->event_list = NULL;
if (qualifyingData != NULL) {
FAPI_COPY_DIGEST(&command->qualifyingData.buffer[0],
command->qualifyingData.size,
qualifyingData, qualifyingDataSize);
} else {
command->qualifyingData.size = 0;
}
/* Load the key for verification from the keystore. */
r = ifapi_keystore_load_async(&context->keystore, &context->io, publicKeyPath);
goto_if_error(r, "Could not open publicKeyPath", error_cleanup);
/* Initialize the context state for this operation. */
context->state = VERIFY_QUOTE_READ;
LOG_TRACE("finished");
return TSS2_RC_SUCCESS;
error_cleanup:
/* Cleanup duplicated input parameters that were copied before. */
SAFE_FREE(command->keyPath);
SAFE_FREE(signatureBuffer);
command->signature = NULL;
SAFE_FREE(command->quoteInfo);
SAFE_FREE(command->logData);
return r;
}
/** Asynchronous finish function for Fapi_VerifyQuote
*
* This function should be called after a previous Fapi_VerifyQuote_Async.
*
* @param[in,out] context The FAPI_CONTEXT
*
* @retval TSS2_RC_SUCCESS: if the function call was a success.
* @retval TSS2_FAPI_RC_BAD_REFERENCE: if context is NULL.
* @retval TSS2_FAPI_RC_BAD_CONTEXT: if context corruption is detected.
* @retval TSS2_FAPI_RC_BAD_SEQUENCE: if the context has an asynchronous
* operation already pending.
* @retval TSS2_FAPI_RC_IO_ERROR: if the data cannot be saved.
* @retval TSS2_FAPI_RC_MEMORY: if the FAPI cannot allocate enough memory for
* internal operations or return parameters.
* @retval TSS2_FAPI_RC_TRY_AGAIN: if the asynchronous operation is not yet
* complete. Call this function again later.
* @retval TSS2_FAPI_RC_BAD_VALUE if an invalid value was passed into
* the function.
* @retval TSS2_FAPI_RC_GENERAL_FAILURE if an internal error occurred.
* @retval TSS2_FAPI_RC_SIGNATURE_VERIFICATION_FAILED if the signature could not
* be verified
*/
TSS2_RC
Fapi_VerifyQuote_Finish(
FAPI_CONTEXT *context)
{
LOG_TRACE("called for context:%p", context);
TSS2_RC r;
IFAPI_OBJECT key_object;
TPM2B_ATTEST attest2b;
TPM2B_DIGEST pcr_digest;
/* Check for NULL parameters */
check_not_null(context);
/* Helpful alias pointers */
IFAPI_PCR * command = &context->cmd.pcr;
memset(&key_object, 0, sizeof(IFAPI_OBJECT));
switch (context->state) {
statecase(context->state, VERIFY_QUOTE_READ);
r = ifapi_keystore_load_finish(&context->keystore, &context->io, &key_object);
return_try_again(r);
goto_if_error_reset_state(r, "read_finish failed", error_cleanup);
/* Recalculate the quote-info and attest2b buffer. */
r = ifapi_get_quote_info(command->quoteInfo, &attest2b,
&command->fapi_quote_info);
goto_if_error(r, "Get quote info.", error_cleanup);
/* Verify the signature over the attest2b structure. */
r = ifapi_verify_signature_quote(&key_object,
command->signature,
command->signatureSize,
&attest2b.attestationData[0],
attest2b.size,
&command->fapi_quote_info.sig_scheme);
goto_if_error(r, "Verify signature.", error_cleanup);
/* Check qualifying data */
if (command->qualifyingData.size != command->fapi_quote_info.attest.extraData.size ||
memcmp(&command->qualifyingData.buffer[0],
&command->fapi_quote_info.attest.extraData.buffer[0],
command->qualifyingData.size) != 0) {
context->state = _FAPI_STATE_INIT;
goto_error(r, TSS2_FAPI_RC_SIGNATURE_VERIFICATION_FAILED,
"Invalid qualifying data for quote", error_cleanup);
}
/* If no logData was provided then the operation is done. */
if (!command->logData) {
context->state = _FAPI_STATE_INIT;
break;
}
/* If logData was provided then the pcr_digests need to be recalculated
and verified against the quote_info. */
/* Parse the logData JSON. */
command->event_list = json_tokener_parse(context->cmd.pcr.logData);
if (!command->event_list) {
goto_error(r, TSS2_FAPI_RC_BAD_VALUE, "Bad value for logData", error_cleanup);
}
/* Recalculate and verify the PCR digests. */
r = ifapi_calculate_pcr_digest(command->event_list,
&command->fapi_quote_info, &pcr_digest);
goto_if_error(r, "Verify event list.", error_cleanup);
context->state = _FAPI_STATE_INIT;
break;
statecasedefault(context->state);
}
error_cleanup:
/* Cleanup any intermediate results and state stored in the context. */
if (key_object.objectType)
ifapi_cleanup_ifapi_object(&key_object);
if (command->event_list)
json_object_put(command->event_list);
ifapi_cleanup_ifapi_object(&context->loadKey.auth_object);
ifapi_cleanup_ifapi_object(context->loadKey.key_object);
ifapi_cleanup_ifapi_object(&context->createPrimary.pkey_object);
SAFE_FREE(command->keyPath);
SAFE_FREE(command->signature);
SAFE_FREE(command->quoteInfo);
SAFE_FREE(command->logData);
LOG_TRACE("finished");
return r;
}