diff options
-rw-r--r-- | build.sh | 148 | ||||
-rw-r--r-- | tpm-util/import/include/tpm_wrapper.h | 17 | ||||
-rw-r--r-- | tpm-util/import/main.c | 8 | ||||
-rw-r--r-- | tpm-util/import/sampleMakefile | 2 | ||||
-rw-r--r-- | tpm-util/import/tpm_wrapper.c | 58 |
5 files changed, 99 insertions, 134 deletions
@@ -1,110 +1,82 @@ #!/bin/bash -#set -e -sudo kill -9 $(ps -ef | grep "apt" | grep -v grep | awk '{print $2}') - -sudo rm /var/lib/dpkg/lock -sudo rm /var/lib/apt/lists/lock -sudo rm /var/cache/apt/archives/lock +set -e +sudo apt -y update -sudo dpkg --configure -a +sudo apt-get -y install \ + autoconf \ + autoconf-archive \ + libglib2.0-dev \ + libdbus-1-dev \ + automake \ + libtool \ + autotools-dev \ + libcppunit-dev \ + p11-kit \ + libcurl4-gnutls-dev \ + libcmocka0 \ + libcmocka-dev \ + build-essential \ + git \ + pkg-config \ + vim \ + gcc \ + g++ \ + m4 \ + curl \ + wget \ + liburiparser-dev \ + libssl-dev \ + pandoc \ + opensc \ + default-jdk \ + libgcrypt20-dev -sudo dpkg --remove --force-remove-reinstreq linux-headers-generic -sudo dpkg --remove --force-remove-reinstreq linux-generic -sudo apt-get -f install -sudo apt-get install linux-image-generic - -sudo apt -y update -sudo apt -y install autoconf -sudo apt -y install autoconf-archive -sudo apt -y install libglib2.0-dev -sudo apt -y install libdbus-1-dev -sudo apt -y install automake -sudo apt -y install libtool -sudo apt -y install autotools-dev -sudo apt -y install libcppunit-dev -sudo apt -y install p11-kit -sudo apt -y install libcurl4-gnutls-dev -sudo apt -y autoremove +export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/ echo "Build SoftHSMv2..." cd SoftHSMv2 sh autogen.sh ./configure --disable-gost -make check -make -j$(nproc) -cd .. - -sudo apt -y install \ - libcmocka0 \ - libcmocka-dev \ - build-essential \ - git \ - pkg-config \ - gcc \ - g++ \ - m4 \ - liburiparser-dev \ - libgcrypt20-dev \ - libssl-dev \ - pandoc - -#echo "Install openssl..." -#git clone https://github.com/openssl/openssl.git -#cd openssl -#./config -#make -j$(nproc) -#sudo make install -#cd .. -#rm -rf openssl - -echo "Install tpm2-tss 1.2.0..." -git clone https://github.com/tpm2-software/tpm2-tss.git -cd tpm2-tss -git checkout 1.2.0 -./bootstrap -./configure --enable-unit -#cp ../implementation.h ./include/sapi/implementation.h -make -j$(nproc) check sudo make install -sudo ldconfig cd .. -rm -rf tpm2-tss -echo "Install tpm2-abrmd 1.1.1..." -#sudo useradd --system --user-group tss -git clone https://github.com/tpm2-software/tpm2-abrmd.git -cd tpm2-abrmd -git checkout 1.1.1 -./bootstrap -./configure --with-dbuspolicydir=/etc/dbus-1/system.d --with-systemdsystemunitdir=/lib/systemd/system --with-systemdpresetdir=/lib/systemd/system-preset --with-udevrulesdir=/etc/udev/rules.d --datarootdir=/usr/share --enable-unit -make -j$(nproc) check +echo "Install tpm2-tss 2.0.0" +wget https://github.com/tpm2-software/tpm2-tss/releases/download/2.0.0/tpm2-tss-2.0.0.tar.gz +tar -xvf tpm2-tss-2.0.0.tar.gz +wget https://github.com/tpm2-software/tpm2-abrmd/releases/download/2.0.0/tpm2-abrmd-2.0.0.tar.gz +tar -xvf tpm2-abrmd-2.0.0.tar.gz +wget https://github.com/tpm2-software/tpm2-tools/releases/download/3.1.0/tpm2-tools-3.1.0.tar.gz +tar -xvf tpm2-tools-3.1.0.tar.gz + +cd tpm2-tss-2.0.0 +./configure +make sudo make install -sudo ldconfig -sudo udevadm control --reload-rules && sudo udevadm trigger -sudo pkill -HUP dbus-daemon -sudo systemctl daemon-reload cd .. -rm -rf tpm2-abrmd +sudo cp tpm2-tss-2.0.0/src/util/tpm2b.h /usr/local/include/tss2/ +rm -rf tpm2-tss-2.0.0 -echo "Install tpm2-tools 2.1.1..." -git clone https://github.com/tpm2-software/tpm2-tools.git -cd tpm2-tools -git checkout 2.1.1 -./bootstrap -./configure --enable-unit -make -j$(nproc) check +cd tpm2-abrmd-2.0.0 +sudo useradd --system --user-group tss +./configure --with-dbuspolicydir=/etc/dbus-1/system.d \ + --with-udevrulesdir=/etc/udev/rules.d/ \ + --with-systemdsystemunitdir=/lib/systemd/system +make sudo make install -sudo ldconfig cd .. -rm -rf tpm2-tools +rm -rf tpm2-abrmd-2.0.0 -echo "Build TPM2_plugin..." -cd TPM2-Plugin -./bootstrap +cd tpm2-tools-3.1.0 ./configure make sudo make install -sudo ldconfig cd .. -export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib +rm -rf tpm2-tools-3.1.0 + +echo "Build Import utility tool" +cd tpm-util/import +make -f sampleMakefile +cd ../../ + +sudo ldconfig diff --git a/tpm-util/import/include/tpm_wrapper.h b/tpm-util/import/include/tpm_wrapper.h index 4d1639d..ac91532 100644 --- a/tpm-util/import/include/tpm_wrapper.h +++ b/tpm-util/import/include/tpm_wrapper.h @@ -25,17 +25,22 @@ #include <ctype.h> #include <getopt.h> -#include <sapi/tpm20.h> - -#include <tcti/tcti-tabrmd.h> +#include <tss2/tss2_sys.h> +#include <tss2/tss2-tcti-tabrmd.h> +#include <tss2/tss2_common.h> +#include <tss2/tss2_esys.h> +#include <tss2/tss2_mu.h> +#include <tss2/tss2_tcti.h> +#include <tss2/tss2_tpm2_types.h> +#include <tss2/tpm2b.h> #ifdef __cplusplus extern "C" { #endif -#define INIT_SIMPLE_TPM2B_SIZE( type ) (type).t.size = sizeof( type ) - 2; +#define INIT_SIMPLE_TPM2B_SIZE( type ) (type).size = sizeof( type ) - 2; -TSS2_TCTI_CONTEXT* tpm_tcti_tabrmd_init (void); +TSS2_TCTI_CONTEXT* tpm2_tcti_tabrmd_init (void); TSS2_SYS_CONTEXT* sys_ctx_init (TSS2_TCTI_CONTEXT *tcti_ctx); @@ -46,7 +51,7 @@ void TeardownSysContext( TSS2_SYS_CONTEXT **sysContext ); TSS2_RC swKeyTpmImport( /* IN */ TSS2_SYS_CONTEXT *sysContext, - TPM_HANDLE parentKeyHandle, + TPM2_HANDLE parentKeyHandle, TPM2B_DATA* encryptionKey, TPM2B_PUBLIC* swKeyPublic, TPM2B_PRIVATE* swKeyPrivate, TPM2B_ENCRYPTED_SECRET* encSymSeed, unsigned char* tpm_pwd, int tpm_pwd_len, /* OUT */ diff --git a/tpm-util/import/main.c b/tpm-util/import/main.c index 8f66fd6..678dffc 100644 --- a/tpm-util/import/main.c +++ b/tpm-util/import/main.c @@ -23,8 +23,6 @@ #include <string.h> #include <unistd.h> -#include <sapi/tpm20.h> - #include "tpm_wrapper.h" #include "util.h" @@ -45,7 +43,7 @@ void PrintHelp() int main(int argc, char* argv[]) { - TPM_RC rval = 0; + TPM2_RC rval = 0; int count=0; TSS2_TCTI_CONTEXT *tcti_ctx = 0; TSS2_SYS_CONTEXT *sysContext = 0; @@ -72,7 +70,7 @@ int main(int argc, char* argv[]) int priv_flag = 0; unsigned short file_size = 0; - TPM_HANDLE primaryKeyHandle = 0; + TPM2_HANDLE primaryKeyHandle = 0; int H_flag = 0; TPM2B_PUBLIC parentKeyPublicPortion; @@ -207,7 +205,7 @@ int main(int argc, char* argv[]) if ( rval == 0 ) { /* Initialize TCTI and sapi context */ - tcti_ctx = tpm_tcti_tabrmd_init(); + tcti_ctx = tpm2_tcti_tabrmd_init(); if(tcti_ctx == NULL) { printf("Creation of TCTI context with TABRMD failed ! \n"); goto end; diff --git a/tpm-util/import/sampleMakefile b/tpm-util/import/sampleMakefile index 96ac729..000b4da 100644 --- a/tpm-util/import/sampleMakefile +++ b/tpm-util/import/sampleMakefile @@ -16,7 +16,7 @@ OBJS= util.o \ CFLAGS += -g -fPIC -I./include -I${TSS_DIR}/include/ -I$(TSS_DIR)/sysapi/include -LDFLAGS += -ldl -L/usr/local/lib/ -lsapi -ltcti-device -ltcti-tabrmd +LDFLAGS += -L/usr/local/lib/ -ltss2-tcti-device -ltss2-sys -ltss2-tcti-tabrmd -ldl LIBS = -lpthread -lcrypto -lssl diff --git a/tpm-util/import/tpm_wrapper.c b/tpm-util/import/tpm_wrapper.c index 5f4ab2a..b593d24 100644 --- a/tpm-util/import/tpm_wrapper.c +++ b/tpm-util/import/tpm_wrapper.c @@ -21,61 +21,49 @@ #include "util.h" #include <errno.h> - -#include <sapi/tpm20.h> -#include <sapi/tss2_sys.h> -#include <tcti/tcti_device.h> -#include "tcti_util.h" +#define TSSWG_INTEROP 1 +#define TSS_SAPI_FIRST_FAMILY 2 +#define TSS_SAPI_FIRST_LEVEL 1 +#define TSS_SAPI_FIRST_VERSION 108 TSS2_RC swKeyTpmImport( /* IN */ TSS2_SYS_CONTEXT *sysContext, - TPM_HANDLE parentKeyHandle, + TPM2_HANDLE parentKeyHandle, TPM2B_DATA* encryptionKey, TPM2B_PUBLIC* swKeyPublic, TPM2B_PRIVATE* swKeyPrivate, TPM2B_ENCRYPTED_SECRET* encSymSeed, unsigned char* tpm_pwd, int tpm_pwd_len, /* OUT */ TPM2B_PRIVATE *importPrivate) { - TPM_RC rval = TPM_RC_SUCCESS; - TPM2B_NAME name = { { sizeof( TPM2B_NAME ) - 2, } }; + TPM2_RC rval = TPM2_RC_SUCCESS; + TPM2B_NAME name = {sizeof( TPM2B_NAME ) - 2}; - TPM_HANDLE wrapperKeyHandle; + TPM2_HANDLE wrapperKeyHandle; - TSS2_SYS_CMD_AUTHS npsessionsData; - TSS2_SYS_RSP_AUTHS npsessionsDataOut; - TPMS_AUTH_COMMAND npsessionData; - TPMS_AUTH_RESPONSE npsessionDataOut; + TSS2L_SYS_AUTH_RESPONSE npsessionsDataOut; if(NULL == tpm_pwd) { printf("TPM password pinter is NULL \n"); return -1; } - *((UINT8 *)((void *)&npsessionData.sessionAttributes)) = 0; - npsessionData.sessionHandle = TPM_RS_PW; - npsessionData.nonce.t.size = 0; - npsessionData.hmac.t.size = 0; +TSS2L_SYS_AUTH_COMMAND npsessionsData = { .count = 1, .auths = {{ + .sessionHandle = TPM2_RS_PW, + .sessionAttributes = 0, + .nonce = {.size = 0}, + .hmac = {.size = 0}}}}; - npsessionData.hmac.t.size = tpm_pwd_len; + npsessionsData.auths[0].hmac.size = tpm_pwd_len; if(tpm_pwd_len > 0) { - memcpy(npsessionData.hmac.t.buffer, tpm_pwd, npsessionData.hmac.t.size); + memcpy(npsessionsData.auths[0].hmac.buffer, tpm_pwd, npsessionsData.auths[0].hmac.size); } - TPMS_AUTH_COMMAND *npsessionDataArray[1]; - TPMS_AUTH_RESPONSE *npsessionDataOutArray[1]; TPMT_SYM_DEF_OBJECT symmetricAlg; - npsessionDataArray[0] = &npsessionData; - npsessionDataOutArray[0] = &npsessionDataOut; - npsessionsData.cmdAuthsCount = 1; - npsessionsData.cmdAuths = &npsessionDataArray[0]; - npsessionsDataOut.rspAuthsCount = 1; - npsessionsDataOut.rspAuths = &npsessionDataOutArray[0]; - - symmetricAlg.algorithm = TPM_ALG_AES; + symmetricAlg.algorithm = TPM2_ALG_AES; symmetricAlg.keyBits.aes = 128; - symmetricAlg.mode.aes = TPM_ALG_CFB; + symmetricAlg.mode.aes = TPM2_ALG_CFB; rval = Tss2_Sys_Import( sysContext, parentKeyHandle, @@ -110,13 +98,13 @@ TSS2_RC swKeyTpmImport( return rval; } -TSS2_TCTI_CONTEXT* tpm_tcti_tabrmd_init (void) +TSS2_TCTI_CONTEXT* tpm2_tcti_tabrmd_init (void) { TSS2_TCTI_CONTEXT *tcti_ctx; TSS2_RC rc; size_t size; - rc = tss2_tcti_tabrmd_init(NULL, &size); + rc = Tss2_Tcti_Tabrmd_Init(NULL, &size, NULL); if (rc != TSS2_RC_SUCCESS) { printf ("Failed to get size for TABRMD TCTI context: 0x%x", rc); return NULL; @@ -128,7 +116,7 @@ TSS2_TCTI_CONTEXT* tpm_tcti_tabrmd_init (void) strerror (errno)); return NULL; } - rc = tss2_tcti_tabrmd_init (tcti_ctx, &size); + rc = Tss2_Tcti_Tabrmd_Init (tcti_ctx, &size, NULL); if (rc != TSS2_RC_SUCCESS) { printf ("Failed to initialize TABRMD TCTI context: 0x%x", rc); free (tcti_ctx); @@ -170,7 +158,9 @@ TSS2_SYS_CONTEXT* sys_ctx_init (TSS2_TCTI_CONTEXT *tcti_ctx) TSS2_RC TeardownTctiContext( TSS2_TCTI_CONTEXT *tctiContext ) { - ((TSS2_TCTI_CONTEXT_INTEL *)tctiContext)->finalize( tctiContext ); + //(tctiContext)->finalize( tctiContext ); + //TSS2_TCTI_FINALIZiE(tctiContext); + Tss2_Tcti_Finalize (tctiContext); free (tctiContext); tctiContext = NULL; return TSS2_RC_SUCCESS; |