summaryrefslogtreecommitdiffstats
path: root/TPM2-Plugin
diff options
context:
space:
mode:
Diffstat (limited to 'TPM2-Plugin')
-rw-r--r--TPM2-Plugin/lib/Makefile.am5
-rw-r--r--TPM2-Plugin/lib/include/hwpluginif.h205
-rw-r--r--TPM2-Plugin/lib/include/plugin_api.h48
-rw-r--r--TPM2-Plugin/lib/include/plugin_register.h233
-rw-r--r--TPM2-Plugin/lib/include/tpm2_plugin_api.h13
-rw-r--r--TPM2-Plugin/lib/plugin_register.c40
-rw-r--r--TPM2-Plugin/lib/tpm2_plugin_api.c26
-rw-r--r--TPM2-Plugin/lib/tpm2_plugin_init.c31
-rw-r--r--TPM2-Plugin/src/main.c18
9 files changed, 251 insertions, 368 deletions
diff --git a/TPM2-Plugin/lib/Makefile.am b/TPM2-Plugin/lib/Makefile.am
index 26689a7..ed5f3c0 100644
--- a/TPM2-Plugin/lib/Makefile.am
+++ b/TPM2-Plugin/lib/Makefile.am
@@ -1,5 +1,4 @@
-AM_CPPFLAGS = -I ./include
+AM_CPPFLAGS = -I ./include -I /opt/openssl
lib_LTLIBRARIES = libtpm2-plugin.la
-libtpm2_plugin_la_SOURCES = tpm2_error.c tpm2_plugin_api.c tpm2_plugin_init.c tpm2_tcti_ldr.c tpm2_util.c log.c plugin_register.c files.c tpm2_attr_util.c tpm2_alg_util.c tpm2_hash.c tpm2_convert.c
-#libtpm2_plugin_la_LDFLAGS = -version-info @VERSION_INFO@ -lsapi -ltss2 -ltcti-socket -ltcti-device -lcrypto -lssl -ldl
+libtpm2_plugin_la_SOURCES = tpm2_error.c tpm2_plugin_api.c tpm2_plugin_init.c tpm2_tcti_ldr.c tpm2_util.c log.c files.c tpm2_attr_util.c tpm2_alg_util.c tpm2_hash.c tpm2_convert.c
libtpm2_plugin_la_LDFLAGS = -version-info @VERSION_INFO@ -lsapi -ltss2-mu -ltcti-socket -ltcti-device -lcrypto -lssl -ldl
diff --git a/TPM2-Plugin/lib/include/hwpluginif.h b/TPM2-Plugin/lib/include/hwpluginif.h
new file mode 100644
index 0000000..57c5e07
--- /dev/null
+++ b/TPM2-Plugin/lib/include/hwpluginif.h
@@ -0,0 +1,205 @@
+/* Copyright 2018 Intel Corporation, Inc
+*
+* Licensed under the Apache License, Version 2.0 (the "License");
+* you may not use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+* http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.
+*/
+
+#ifndef __SSHSM_HW_PLUGIN_IF_H__
+#define __SSHSM_HW_PLUGIN_IF_H__
+
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+#define MAX_ID_LENGTH (32)
+
+typedef struct buffer_info_s{
+ char id[MAX_ID_LENGTH+1];
+ int length_of_buffer;
+ unsigned char *buffer;
+ }buffer_info_t;
+
+/***
+ * Init Callback
+ * Description:
+ * This function is called by HWPluginInfra as part of C_Initialize to figure
+ * out whether there is any correspnding HW is present to use this plugin.
+ * In case of TPM2.0 Plugin,
+ * it is expected that this function checks
+ * whether the TPM2.0 is present or not, by checking the capabilities
+ * using Tss2_Sys_GetCapability with TPM_CAP_TPM_PROPERTIES and
+ * TPM_PT_MANUFACTURER property. If this function returns SUCCESS,
+ * TPM plguin can assume that TPM2.0 is presenta nd return success
+ * In case of SGX Plugin: <To be filled>
+ * Parameters:
+ * Inputs: None
+ * OUtputs; None
+ * Returns : SUCCESS (if HW is present), FAILURE if HW is not present
+ *
+ ***/
+typedef int (*sshsm_hw_plugin_init)();
+
+/***
+ * UnInit Callback
+ * Description: This function is called by HWPluginInfra during C_Finalize().
+ * This functin is gives chance for any cleanup by plugins.
+ ***/
+typedef int (*sshsm_hw_plugin_uninit)();
+
+/***
+ * Activate Callback
+ * Description: This callback function is called by HWPluginInfra
+ * (as part of C_Intialize) to activate the
+ * HW via HW plugin. SofHSM HWPluginInfra reads set of files required for
+ * activation (from
+ * activation directory) and passes them as buffers.
+ * HWPluginInfra reads the file in 'activate directory'
+ * as part of C_Initialize and passes the file content as is
+ * to the activate callback function.
+ * If there are two files, then num_buffers in in_info would be 2.
+ * 'id' is name of the file (May not be used by TPM plugin)
+ * 'length_of_buffer' is the valid length of the buffer.
+ * 'buffer' contains the file content.
+ * HWPluginInfra in SoftHSM allocates memory for this structure and internal
+ * buffers and it frees them up after this function returns. Hence,
+ * the plugin should not expect that these buffers are valid after the call
+ * is returned.
+ *
+ * In case of TPM Plugin:
+ * It is expected that activate directory has a file with SRK Handle
+ * saved in it. Note that SRK is saved in TPM memory (persistence)
+ * Actiate function of TPM plugin is called with SRK handle.
+ *
+ ***/
+
+#define MAX_BUFFER_SEGMENTS 8
+typedef struct sshsm_hw_plugin_activate_in_info_s {
+ int num_buffers;
+ buffer_info_t *buffer_info[MAX_BUFFER_SEGMENTS];
+}SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t;
+
+typedef int (*sshsm_hw_plugin_activate)(
+ SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *activate_in_info
+ );
+
+/***
+ * Load Key Callback
+ * Description: This callback function is called by SoftHSM HWPluginInfra
+ * to load private keys into the HW using HW plugin.
+ * Each HW plugin expects the keys to be specific to its HW.
+ * Since SoftHSM HWPluginInfra is expected to be generic, the design
+ * chosen is that HWPluginInfra reads key content from files and pass
+ * that information to HW Plugins via this function pointer.
+ * Yet times, Key information for HW Plugins is exposed as multiple files.
+ * Hence, HWPluginInfra reads multiple files for each key. Since, there
+ * could be multiple keys, each set of files that correspond to one key
+ * is expected to have same file name, but with different extensions. Since
+ * the directory holding these file may also need to have other files
+ * related to key, but for PKCS11, it is expected that all HWPlugin related
+ * files should have its name start with HW.
+ *
+ * HWPluginInfra calls this callback function as many timne as number of
+ * distinct keys. For each distinct key, it reads the HW tagged files, loads
+ * them into the buffer pointers and calls the HW Plugin -loadkey- function.
+ * HWPluginInfra also stores the any returned buffers into the SoftHSM key
+ * object.
+ *
+ * In case of TPM Plugin, it does following:
+ *
+ * -- Gets the buffers in in_info structure.
+ * --- Typically, there are two buffers in TPM understandable way
+ * - public & private key portion
+ * --- From global variables, it knows SRKHandle, SAPI context.
+ * --- Using Tss2_Sys_Load(), it loads the key.
+ *
+ * -- In both cases, it also expected to return KeyHandle, which is
+ * keyObjectHandle in case of TPM.
+ *
+ *
+ ***/
+
+typedef int (*sshsm_hw_plugin_load_key)(
+ SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *loadkey_in_info,
+ void **keyHandle
+ );
+
+typedef int (*sshsm_hw_plugin_unload_key)(
+ void **keyHandle
+ );
+
+/***
+ * Callback: RSA Sign Init
+ * Description: This is called by HWPluginInfra as part of C_SignInit function
+ * for RSA keys
+ */
+
+typedef int (*sshsm_hw_plugin_rsa_sign_init)(
+ void *keyHandle,
+ unsigned long mechanism,
+ void *param,
+ int len
+ );
+
+/***
+ * Callback: RSA Sign Init
+ * Description: This is called by HWPluginInfra as part of C_Sign function
+ * for RSA keys. HWPluginInfra get the keyHandle from the key object.
+ *
+ * In case of TPM plugin, it does following:
+ * -- TSS2_Sys_Sing function is called.
+ *
+ *
+ */
+
+typedef int (*sshsm_hw_plugin_rsa_sign)(
+ void *keyHandle,
+ unsigned long mechanism,
+ unsigned char *msg,
+ int msg_len,
+ unsigned char *outsig,
+ int *outsiglen
+ );
+
+/***
+ * Function Name: sshsm_hw_plugin_get_plugin_functions
+ * Descrpiton: Every HW plugin is expected to define this function.
+ * This function is expected to return its function as pointers to the
+ * caller.
+ * SoftHSM calls this function after loading the hw plugin .SO file.
+ * SoftHSM calls this function as part of C_initialize.
+ * Arugments:
+ * Outputs: funcs
+ * Inputs: None
+ * Return value: SUCCESS or FAILURE
+ *
+ ***/
+
+typedef struct sshsm_hw_functions_s
+{
+ sshsm_hw_plugin_init xxx_init;
+ sshsm_hw_plugin_uninit xxx_uninit;
+ sshsm_hw_plugin_activate xxx_activate;
+ sshsm_hw_plugin_load_key xxx_load_key;
+ sshsm_hw_plugin_unload_key xxx_unload_key;
+ sshsm_hw_plugin_rsa_sign_init xxx_rsa_sign_init;
+ sshsm_hw_plugin_rsa_sign xxx_rsa_sign;
+}SSHSM_HW_FUNCTIONS_t;
+
+int sshsm_hw_plugin_get_plugin_functions(SSHSM_HW_FUNCTIONS_t *funcs);
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif
+
diff --git a/TPM2-Plugin/lib/include/plugin_api.h b/TPM2-Plugin/lib/include/plugin_api.h
deleted file mode 100644
index 5f4b924..0000000
--- a/TPM2-Plugin/lib/include/plugin_api.h
+++ /dev/null
@@ -1,48 +0,0 @@
-//**********************************************************************;
-// Copyright (c) 2017, Intel Corporation
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are met:
-//
-// 1. Redistributions of source code must retain the above copyright notice,
-// this list of conditions and the following disclaimer.
-//
-// 2. Redistributions in binary form must reproduce the above copyright notice,
-// this list of conditions and the following disclaimer in the documentation
-// and/or other materials provided with the distribution.
-//
-// 3. Neither the name of Intel Corporation nor the names of its contributors
-// may be used to endorse or promote products derived from this software without
-// specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
-// THE POSSIBILITY OF SUCH DAMAGE.
-//**********************************************************************;
-
-#ifndef __PLUGIN_API_H__
-#define __PLUGIN_API_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-int plugin_configure(char *configPath);
-
-void plugin_assign_hw_instance();
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/TPM2-Plugin/lib/include/plugin_register.h b/TPM2-Plugin/lib/include/plugin_register.h
deleted file mode 100644
index 2bb118d..0000000
--- a/TPM2-Plugin/lib/include/plugin_register.h
+++ /dev/null
@@ -1,233 +0,0 @@
-//**********************************************************************;
-// Copyright (c) 2017, Intel Corporation
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are met:
-//
-// 1. Redistributions of source code must retain the above copyright notice,
-// this list of conditions and the following disclaimer.
-//
-// 2. Redistributions in binary form must reproduce the above copyright notice,
-// this list of conditions and the following disclaimer in the documentation
-// and/or other materials provided with the distribution.
-//
-// 3. Neither the name of Intel Corporation nor the names of its contributors
-// may be used to endorse or promote products derived from this software without
-// specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
-// THE POSSIBILITY OF SUCH DAMAGE.
-//**********************************************************************;
-
-#ifndef __PLUGIN_REGISTER_H__
-#define __PLUGIN_REGISTER_H__
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-#define MAX_ID_LENGTH (32)
-
-typedef struct buffer_info_s{
- char id[MAX_ID_LENGTH+1];
- int length_of_buffer;
- unsigned char *buffer;
-}buffer_info_t;
-
-
-typedef struct sshsm_hw_plugin_activate_in_info_s {
- int num_buffers;
- buffer_info_t *buffer_info;
-}SSHSM_HW_PLUGIN_ACTIVATE_IN_INFO_t;
-
-typedef struct sshsm_hw_plugin_load_key_in_info_s {
- int num_buffers;
- buffer_info_t buffer_info[];
-}SSHSM_HW_PLUGIN_LOAD_KEY_IN_INFO_t;
-
-
-//typedef int (*sshsm_hw_plugin_load_key)(SSHSM_HW_PLUGIN_LOAD_KEY_IN_INFO_t *loadkey_in_info, void **keyHandle);
-
-//typedef int (*sshsm_hw_plugin_activate)(SSHSM_HW_PLUGIN_ACTIVATE_IN_INFO_t *activate_in_info);
-
-/*
- * Callback function definitions
- */
-
-typedef int (*fp_crypto_hw_plugin_init) ( );
-typedef int (*fp_crypto_hw_plugin_uninit) ( );
-typedef int (*fp_crypto_hw_plugin_activate)(
- SSHSM_HW_PLUGIN_ACTIVATE_IN_INFO_t *activate_in_info
- );
-
-typedef int (*fp_crypto_hw_plugin_load_key)(
- SSHSM_HW_PLUGIN_LOAD_KEY_IN_INFO_t *loadkey_in_info,
- void **keyHandle
- );
-typedef int (*fp_crypto_rsa_decrypt_init) (
- /* IN */
- unsigned long mechanism, /* PKCS#11 Mechanism */
- void *param, /* PKCS#11 Paramter */
- unsigned long param_len, /* PKCS#11 Parameter len */
- /* OUT */
- void *cb /* Address of pointer to store context block */
- );
-
-typedef int (*fp_crypto_rsa_decrypt) (
- /* IN */
- void* cb, /* Pointer Crypto Block which is created during decrypt_init */
- unsigned char* cipher, /* Input Cipher data */
- int cipher_length, /* Ciphet data length */
- /* OUT */
- unsigned char* out_data, /* Decrypted output data */
- int* out_data_len /* output length */
- );
-
-typedef int (*fp_crypto_rsa_sign_init) (
- /* IN */
- unsigned long mechanism, /* PKCS#11 Mechanism */
- void *param, /* PKCS#11 Paramter */
- unsigned long param_len, /* PKCS#11 Parameter len */
- /* OUT */
- void *cb /* Address of pointer to store context block */
- );
-
-typedef int (*fp_crypto_rsa_sign_update) (
- /* IN */
- void *cb, /* Previously created context block (during sign_init) passed */
- void *pPart, /* pPart */
- unsigned long ulPartLen /* ulPartLen */
- );
-
-typedef int (*fp_crypto_rsa_sign_final) (
- /* IN */
- void *cb, /* Previously passed context block */
- /* OUT */
- unsigned char *sig, /* Output Signature buffer */
- int *sigLen /* Pointer to hold signature buffer length */
- );
-
-typedef int (*fp_crypto_rsa_sign) (
- /* IN */
- void *cb, /* Previously created context block (during sign_init) passed */
- unsigned char* msg, /* Data to be signed */
- int msg_len, /* Input data length */
- /* OUT */
- unsigned char *sig, /* Output Signature buffer */
- int *sig_len /* Pointer to hold signature buffer length */
- );
-
-typedef int (*fp_crypto_ecdsa_sign) (
- /* IN */
- void *cb, /* Previously created context block (during sign_init) passed */
- unsigned char* data, /* Data to be signed */
- int data_len, /* Input data length */
- /* OUT */
- unsigned char *sig, /* Output Signature buffer */
- int *sig_len /* Pointer to hold signature buffer length */
- );
-
-typedef int (*fp_crypto_ecdsa_verify) (
- /* IN */
- unsigned long appHandle, /* Application handle needed for QAT KPT mode */
- //DhsmWPKECDSAFormat *wpk, /* Wrapped Private Key strcuture for ECDSA */
- void *wpk, /* Wrapped Private Key strcuture for ECDSA */
- unsigned char* swk, /* Symmetric Wrapping Key (SWK) value */
- int swk_len, /* SWK length */
- unsigned char* iv, /* IV value used during Application Key encryption */
- int iv_len, /* IV length */
- int tag_len, /* AES-GCM tag length */
- unsigned char* data, /* Data which is used for signing */
- int data_len, /* Input data length */
- unsigned char *sig, /* Signature value */
- int sig_len, /* Signature length */
- /* OUT */
- int* verifyResult /* Pointer to hold the verification result */
- );
-
-typedef int (*fp_crypto_del_apphandle) (unsigned long skmKeyHandle);
-
-// SWK related operations
-typedef int (*fp_crypto_swk_getParentKey) (unsigned char** tlvbuffer, int* buflen);
-typedef int (*fp_crypto_swk_import) (
- unsigned long appHandle,
- unsigned char* tlvbuffer,
- int buflen,
- unsigned char* iv,
- int iv_len,
- unsigned char* tpm_pwd,
- int tpm_pwd_len);
-
-typedef int (*fp_crypto_rsa_create_object) (
- unsigned long appHandle, /* Application handle needed for QAT KPT mode */
- //DhsmWPKRSAFormat *wpk, /* Wrapped Private Key structure for RSA */
- void *wpk, /* Wrapped Private Key structure for RSA */
- unsigned char* swk, /* Symmetric Wrapping Key (SWK) value */
- int swk_len, /* SWK length */
- unsigned char* iv, /* IV value used during Application Key encryption */
- int iv_len, /* IV length */
- int tag_len, /* AES-GCM tag length */
- void **cb_object /* Pointer to store context block */
- );
-
-typedef int (*fp_crypto_rsa_delete_object) (
- void *cb_object /* Pointer Crypto Block which is created during decrypt_create_object */
- );
-
-typedef int (*fp_crypto_ecdsa_create_object) (
- unsigned long appHandle, /* Application handle needed for QAT KPT mode */
- //DhsmWPKECDSAFormat *wpk, /* Wrapped Private Key structure for RSA */
- void *wpk, /* Wrapped Private Key structure for RSA */
- unsigned char* swk, /* Symmetric Wrapping Key (SWK) value */
- int swk_len, /* SWK length */
- unsigned char* iv, /* IV value used during Application Key encryption */
- int iv_len, /* IV length */
- int tag_len, /* AES-GCM tag length */
- void **cb_object /* Pointer to store context block */
- );
-
-typedef int (*fp_crypto_ecdsa_delete_object) (
- void *cb_object /* Pointer Crypto Block which is created during decrypt_create_object */
- );
-
-
-typedef struct
-{
- fp_crypto_hw_plugin_init cb_crypto_hw_plugin_init;
- fp_crypto_hw_plugin_uninit cb_crypto_hw_plugin_uninit;
- fp_crypto_hw_plugin_activate cb_crypto_hw_plugin_activate;
- fp_crypto_hw_plugin_load_key cb_crypto_hw_plugin_load_key;
- fp_crypto_rsa_decrypt cb_crypto_rsa_decrypt;
- fp_crypto_rsa_sign_init cb_crypto_rsa_sign_init;
- fp_crypto_rsa_sign_update cb_crypto_rsa_sign_update;
- fp_crypto_rsa_sign_final cb_crypto_rsa_sign_final;
- fp_crypto_rsa_sign cb_crypto_rsa_sign;
- fp_crypto_ecdsa_sign cb_crypto_ecdsa_sign;
- fp_crypto_ecdsa_verify cb_crypto_ecdsa_verify;
- fp_crypto_del_apphandle cb_crypto_del_apphandle;
- fp_crypto_swk_getParentKey cb_crypto_swk_getParentKey;
- fp_crypto_swk_import cb_crypto_swk_import;
- fp_crypto_rsa_create_object cb_crypto_rsa_create_object;
- fp_crypto_rsa_delete_object cb_crypto_rsa_delete_object;
- fp_crypto_ecdsa_create_object cb_crypto_ecdsa_create_object;
- fp_crypto_ecdsa_delete_object cb_crypto_ecdsa_delete_object;
-
-} plugin_register;
-
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif
-
diff --git a/TPM2-Plugin/lib/include/tpm2_plugin_api.h b/TPM2-Plugin/lib/include/tpm2_plugin_api.h
index 4c3ad63..e166071 100644
--- a/TPM2-Plugin/lib/include/tpm2_plugin_api.h
+++ b/TPM2-Plugin/lib/include/tpm2_plugin_api.h
@@ -37,7 +37,7 @@
#include <tss2/tss2_sys.h>
-#include "plugin_register.h"
+#include "hwpluginif.h"
#ifdef __cplusplus
extern "C" {
@@ -92,9 +92,9 @@ TSS2_RC TeardownTctiResMgrContext( TSS2_TCTI_CONTEXT *tctiContext );
int tpm2_plugin_init();
int tpm2_plugin_uninit();
-int tpm2_plugin_activate(SSHSM_HW_PLUGIN_ACTIVATE_IN_INFO_t *activate_in_info);
+int tpm2_plugin_activate(SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *activate_in_info);
int tpm2_plugin_load_key(
- SSHSM_HW_PLUGIN_LOAD_KEY_IN_INFO_t *loadkey_in_info,
+ SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *loadkey_in_info,
void **keyHandle
);
@@ -113,13 +113,14 @@ int tpm2_rsa_delete_object(
void *cb_object);
int tpm2_plugin_rsa_sign_init(
+ void *keyHandle,
unsigned long mechanish,
void *param,
- size_t len,
- void *ctx);
+ int len);
int tpm2_plugin_rsa_sign(
- void *ctx,
+ void *keyHandle,
+ unsigned long mechanism,
unsigned char *msg,
int msg_len,
unsigned char *sig,
diff --git a/TPM2-Plugin/lib/plugin_register.c b/TPM2-Plugin/lib/plugin_register.c
deleted file mode 100644
index 3de390c..0000000
--- a/TPM2-Plugin/lib/plugin_register.c
+++ /dev/null
@@ -1,40 +0,0 @@
-//**********************************************************************;
-// Copyright (c) 2017, Intel Corporation
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are met:
-//
-// 1. Redistributions of source code must retain the above copyright notice,
-// this list of conditions and the following disclaimer.
-//
-// 2. Redistributions in binary form must reproduce the above copyright notice,
-// this list of conditions and the following disclaimer in the documentation
-// and/or other materials provided with the distribution.
-//
-// 3. Neither the name of Intel Corporation nor the names of its contributors
-// may be used to endorse or promote products derived from this software without
-// specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
-// THE POSSIBILITY OF SUCH DAMAGE.
-//**********************************************************************;
-
-#include <stdio.h>
-#include <string.h>
-#include <dlfcn.h>
-#include <dirent.h>
-
-#include "plugin_register.h"
-int (*plugin_init)(char* configPath);
-int (*plugin_functions_mapping)(plugin_register *plugin_fp);
-int (*plugin_finalize)();
diff --git a/TPM2-Plugin/lib/tpm2_plugin_api.c b/TPM2-Plugin/lib/tpm2_plugin_api.c
index 7e9a7a8..d63550e 100644
--- a/TPM2-Plugin/lib/tpm2_plugin_api.c
+++ b/TPM2-Plugin/lib/tpm2_plugin_api.c
@@ -118,12 +118,23 @@ int tpm2_plugin_uninit()
return 0;
}
-int tpm2_plugin_activate(SSHSM_HW_PLUGIN_ACTIVATE_IN_INFO_t *activate_in_info)
+TPM2_HANDLE srk_handle;
+int tpm2_plugin_activate(SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *activate_in_info)
{
-
+ /*
+ */
+ char *handle;
+ printf("number of buffers %d ! \n", activate_in_info->num_buffers);
+ if (activate_in_info->num_buffers!=1){
+ printf("activate failed ! \n");
+ return 1;
+ }
+ printf("number of buffers %d ! \n", activate_in_info->num_buffers);
+ handle = malloc(activate_in_info->buffer_info[0]->length_of_buffer);
+ memcpy(handle, activate_in_info->buffer_info[0]->buffer, activate_in_info->buffer_info[0]->length_of_buffer);
+ srk_handle = strtol(handle, NULL, 16);
printf("Activate API done for TPM plugin ! \n");
return 0;
-
}
TPM2_HANDLE handle_load;
@@ -226,7 +237,7 @@ int tpm2_tool_load_key(TSS2_SYS_CONTEXT *sapi_context)
}
int tpm2_plugin_load_key(
- SSHSM_HW_PLUGIN_LOAD_KEY_IN_INFO_t *loadkey_in_info,
+ SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *loadkey_in_info,
void **keyHandle
)
{
@@ -296,10 +307,10 @@ tpm_sign_ctx ctx_sign = {
int tpm2_plugin_rsa_sign_init(
+ void *keyHandle,
unsigned long mechanish,
void *param,
- size_t len,
- void *ctx)
+ int len)
{
printf("rsa_sign_init API done for tpm2_plugin... \n");
return 0;
@@ -423,7 +434,8 @@ int tpm2_tool_sign(TSS2_SYS_CONTEXT *sapi_context)
int tpm2_plugin_rsa_sign(
- void *ctx,
+ void *keyHandle,
+ unsigned long mechanism,
unsigned char *msg,
int msg_len,
unsigned char *sig,
diff --git a/TPM2-Plugin/lib/tpm2_plugin_init.c b/TPM2-Plugin/lib/tpm2_plugin_init.c
index d73b230..d09020f 100644
--- a/TPM2-Plugin/lib/tpm2_plugin_init.c
+++ b/TPM2-Plugin/lib/tpm2_plugin_init.c
@@ -31,33 +31,18 @@
#include <stdio.h>
-#include "plugin_register.h"
-
#include "tpm2_plugin_api.h"
-
-int __plugin_functions_mapping(plugin_register *plugin_fp)
+int sshsm_hw_plugin_get_plugin_functions(SSHSM_HW_FUNCTIONS_t *funcs)
{
printf("%s(): Assigning Function pointers for TPM (dTPM or PTT) mode \n", __func__);
- plugin_fp->cb_crypto_hw_plugin_init = &tpm2_plugin_init;
- plugin_fp->cb_crypto_hw_plugin_uninit = &tpm2_plugin_uninit;
- plugin_fp->cb_crypto_hw_plugin_activate = &tpm2_plugin_activate;
- plugin_fp->cb_crypto_hw_plugin_load_key = &tpm2_plugin_load_key;
- plugin_fp->cb_crypto_rsa_decrypt = NULL;
- plugin_fp->cb_crypto_rsa_sign_init = &tpm2_plugin_rsa_sign_init;
- plugin_fp->cb_crypto_rsa_sign = &tpm2_plugin_rsa_sign;
- plugin_fp->cb_crypto_rsa_sign_update = NULL;
- plugin_fp->cb_crypto_rsa_sign_final = NULL;
- plugin_fp->cb_crypto_ecdsa_sign = NULL;
- plugin_fp->cb_crypto_ecdsa_verify = NULL;
- plugin_fp->cb_crypto_del_apphandle = NULL;
- plugin_fp->cb_crypto_swk_getParentKey = NULL;
- plugin_fp->cb_crypto_swk_import = &tpm2_import_object;
- plugin_fp->cb_crypto_rsa_create_object = &tpm2_rsa_create_object;
- plugin_fp->cb_crypto_rsa_delete_object = &tpm2_rsa_delete_object;
- plugin_fp->cb_crypto_ecdsa_create_object = NULL;
- plugin_fp->cb_crypto_ecdsa_delete_object = NULL;
+ funcs->xxx_init = &tpm2_plugin_init;
+ funcs->xxx_uninit = &tpm2_plugin_uninit;
+ funcs->xxx_activate = &tpm2_plugin_activate;
+ funcs->xxx_load_key = &tpm2_plugin_load_key;
+ funcs->xxx_unload_key = NULL;
+ funcs->xxx_rsa_sign_init = &tpm2_plugin_rsa_sign_init;
+ funcs->xxx_rsa_sign = &tpm2_plugin_rsa_sign;
return 0;
}
-
diff --git a/TPM2-Plugin/src/main.c b/TPM2-Plugin/src/main.c
index 6fc54a4..5020ce6 100644
--- a/TPM2-Plugin/src/main.c
+++ b/TPM2-Plugin/src/main.c
@@ -31,22 +31,24 @@
#include <stdio.h>
#include "tpm2_plugin_api.h"
-#include "plugin_register.h"
+//#include "plugin_register.h"
+//#include "hwpluginif.h"
void main(void)
{
- unsigned long mechanish =1;
+ unsigned long mechanism =1;
void *param = NULL;
size_t len = 100;
- void *ctx = NULL;
-
+ void *keyHandle_sign = NULL;
+
unsigned char *msg;
int msg_len;
unsigned char *sig;
int *sig_len;
- SSHSM_HW_PLUGIN_ACTIVATE_IN_INFO_t *activate_in_info;
- SSHSM_HW_PLUGIN_LOAD_KEY_IN_INFO_t *loadkey_in_info;
+ SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *activate_in_info;
+ activate_in_info = malloc(sizeof(SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t));
+ SSHSM_HW_PLUGIN_ACTIVATE_LOAD_IN_INFO_t *loadkey_in_info;
void **keyHandle;
printf("---------------------------------------------\n");
@@ -65,9 +67,9 @@ void main(void)
tpm2_plugin_load_key(loadkey_in_info, keyHandle );
printf("---------------------------------------------\n");
- tpm2_plugin_rsa_sign_init(mechanish, param, len, ctx);
+ tpm2_plugin_rsa_sign_init(keyHandle_sign, mechanism, param, len);
printf("---------------------------------------------\n");
- tpm2_plugin_rsa_sign(ctx, msg, msg_len, sig, sig_len);
+ tpm2_plugin_rsa_sign(keyHandle_sign, mechanism, msg, msg_len, sig, sig_len);
}