Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
torvalds
GitHub Repository: torvalds/linux
 Path: blob/master/security/keys/trusted-keys/trusted_tpm2.c
26424 views
1
// SPDX-License-Identifier: GPL-2.0-only

2
/*

3
 * Copyright (C) 2004 IBM Corporation

4
 * Copyright (C) 2014 Intel Corporation

5
 */

6


7
#include <linux/asn1_encoder.h>

8
#include <linux/oid_registry.h>

9
#include <linux/string.h>

10
#include <linux/err.h>

11
#include <linux/tpm.h>

12
#include <linux/tpm_command.h>

13


14
#include <keys/trusted-type.h>

15
#include <keys/trusted_tpm.h>

16


17
#include <linux/unaligned.h>

18


19
#include "tpm2key.asn1.h"

20


21
static struct tpm2_hash tpm2_hash_map[] = {

22
	{HASH_ALGO_SHA1, TPM_ALG_SHA1},

23
	{HASH_ALGO_SHA256, TPM_ALG_SHA256},

24
	{HASH_ALGO_SHA384, TPM_ALG_SHA384},

25
	{HASH_ALGO_SHA512, TPM_ALG_SHA512},

26
	{HASH_ALGO_SM3_256, TPM_ALG_SM3_256},

27
};

28


29
static u32 tpm2key_oid[] = { 2, 23, 133, 10, 1, 5 };

30


31
static int tpm2_key_encode(struct trusted_key_payload *payload,

32
			   struct trusted_key_options *options,

33
			   u8 *src, u32 len)

34
{

35
	const int SCRATCH_SIZE = PAGE_SIZE;

36
	u8 *scratch = kmalloc(SCRATCH_SIZE, GFP_KERNEL);

37
	u8 *work = scratch, *work1;

38
	u8 *end_work = scratch + SCRATCH_SIZE;

39
	u8 *priv, *pub;

40
	u16 priv_len, pub_len;

41
	int ret;

42


43
	priv_len = get_unaligned_be16(src) + 2;

44
	priv = src;

45


46
	src += priv_len;

47


48
	pub_len = get_unaligned_be16(src) + 2;

49
	pub = src;

50


51
	if (!scratch)

52
		return -ENOMEM;

53


54
	work = asn1_encode_oid(work, end_work, tpm2key_oid,

55
			       asn1_oid_len(tpm2key_oid));

56


57
	if (options->blobauth_len == 0) {

58
		unsigned char bool[3], *w = bool;

59
		/* tag 0 is emptyAuth */

60
		w = asn1_encode_boolean(w, w + sizeof(bool), true);

61
		if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) {

62
			ret = PTR_ERR(w);

63
			goto err;

64
		}

65
		work = asn1_encode_tag(work, end_work, 0, bool, w - bool);

66
	}

67


68
	/*

69
	 * Assume both octet strings will encode to a 2 byte definite length

70
	 *

71
	 * Note: For a well behaved TPM, this warning should never

72
	 * trigger, so if it does there's something nefarious going on

73
	 */

74
	if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE,

75
		 "BUG: scratch buffer is too small")) {

76
		ret = -EINVAL;

77
		goto err;

78
	}

79


80
	work = asn1_encode_integer(work, end_work, options->keyhandle);

81
	work = asn1_encode_octet_string(work, end_work, pub, pub_len);

82
	work = asn1_encode_octet_string(work, end_work, priv, priv_len);

83


84
	work1 = payload->blob;

85
	work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),

86
				     scratch, work - scratch);

87
	if (IS_ERR(work1)) {

88
		ret = PTR_ERR(work1);

89
		pr_err("BUG: ASN.1 encoder failed with %d\n", ret);

90
		goto err;

91
	}

92


93
	kfree(scratch);

94
	return work1 - payload->blob;

95


96
err:

97
	kfree(scratch);

98
	return ret;

99
}

100


101
struct tpm2_key_context {

102
	u32 parent;

103
	const u8 *pub;

104
	u32 pub_len;

105
	const u8 *priv;

106
	u32 priv_len;

107
};

108


109
static int tpm2_key_decode(struct trusted_key_payload *payload,

110
			   struct trusted_key_options *options,

111
			   u8 **buf)

112
{

113
	int ret;

114
	struct tpm2_key_context ctx;

115
	u8 *blob;

116


117
	memset(&ctx, 0, sizeof(ctx));

118


119
	ret = asn1_ber_decoder(&tpm2key_decoder, &ctx, payload->blob,

120
			       payload->blob_len);

121
	if (ret < 0)

122
		return ret;

123


124
	if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE)

125
		return -EINVAL;

126


127
	blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL);

128
	if (!blob)

129
		return -ENOMEM;

130


131
	*buf = blob;

132
	options->keyhandle = ctx.parent;

133


134
	memcpy(blob, ctx.priv, ctx.priv_len);

135
	blob += ctx.priv_len;

136


137
	memcpy(blob, ctx.pub, ctx.pub_len);

138


139
	return 0;

140
}

141


142
int tpm2_key_parent(void *context, size_t hdrlen,

143
		  unsigned char tag,

144
		  const void *value, size_t vlen)

145
{

146
	struct tpm2_key_context *ctx = context;

147
	const u8 *v = value;

148
	int i;

149


150
	ctx->parent = 0;

151
	for (i = 0; i < vlen; i++) {

152
		ctx->parent <<= 8;

153
		ctx->parent |= v[i];

154
	}

155


156
	return 0;

157
}

158


159
int tpm2_key_type(void *context, size_t hdrlen,

160
		unsigned char tag,

161
		const void *value, size_t vlen)

162
{

163
	enum OID oid = look_up_OID(value, vlen);

164


165
	if (oid != OID_TPMSealedData) {

166
		char buffer[50];

167


168
		sprint_oid(value, vlen, buffer, sizeof(buffer));

169
		pr_debug("OID is \"%s\" which is not TPMSealedData\n",

170
			 buffer);

171
		return -EINVAL;

172
	}

173


174
	return 0;

175
}

176


177
int tpm2_key_pub(void *context, size_t hdrlen,

178
	       unsigned char tag,

179
	       const void *value, size_t vlen)

180
{

181
	struct tpm2_key_context *ctx = context;

182


183
	ctx->pub = value;

184
	ctx->pub_len = vlen;

185


186
	return 0;

187
}

188


189
int tpm2_key_priv(void *context, size_t hdrlen,

190
		unsigned char tag,

191
		const void *value, size_t vlen)

192
{

193
	struct tpm2_key_context *ctx = context;

194


195
	ctx->priv = value;

196
	ctx->priv_len = vlen;

197


198
	return 0;

199
}

200


201
/**

202
 * tpm2_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer.

203
 *

204
 * @buf: an allocated tpm_buf instance

205
 * @session_handle: session handle

206
 * @nonce: the session nonce, may be NULL if not used

207
 * @nonce_len: the session nonce length, may be 0 if not used

208
 * @attributes: the session attributes

209
 * @hmac: the session HMAC or password, may be NULL if not used

210
 * @hmac_len: the session HMAC or password length, maybe 0 if not used

211
 */

212
static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle,

213
				 const u8 *nonce, u16 nonce_len,

214
				 u8 attributes,

215
				 const u8 *hmac, u16 hmac_len)

216
{

217
	tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len);

218
	tpm_buf_append_u32(buf, session_handle);

219
	tpm_buf_append_u16(buf, nonce_len);

220


221
	if (nonce && nonce_len)

222
		tpm_buf_append(buf, nonce, nonce_len);

223


224
	tpm_buf_append_u8(buf, attributes);

225
	tpm_buf_append_u16(buf, hmac_len);

226


227
	if (hmac && hmac_len)

228
		tpm_buf_append(buf, hmac, hmac_len);

229
}

230


231
/**

232
 * tpm2_seal_trusted() - seal the payload of a trusted key

233
 *

234
 * @chip: TPM chip to use

235
 * @payload: the key data in clear and encrypted form

236
 * @options: authentication values and other options

237
 *

238
 * Return: < 0 on error and 0 on success.

239
 */

240
int tpm2_seal_trusted(struct tpm_chip *chip,

241
		      struct trusted_key_payload *payload,

242
		      struct trusted_key_options *options)

243
{

244
	off_t offset = TPM_HEADER_SIZE;

245
	struct tpm_buf buf, sized;

246
	int blob_len = 0;

247
	u32 hash;

248
	u32 flags;

249
	int i;

250
	int rc;

251


252
	for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {

253
		if (options->hash == tpm2_hash_map[i].crypto_id) {

254
			hash = tpm2_hash_map[i].tpm_id;

255
			break;

256
		}

257
	}

258


259
	if (i == ARRAY_SIZE(tpm2_hash_map))

260
		return -EINVAL;

261


262
	if (!options->keyhandle)

263
		return -EINVAL;

264


265
	rc = tpm_try_get_ops(chip);

266
	if (rc)

267
		return rc;

268


269
	rc = tpm2_start_auth_session(chip);

270
	if (rc)

271
		goto out_put;

272


273
	rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE);

274
	if (rc) {

275
		tpm2_end_auth_session(chip);

276
		goto out_put;

277
	}

278


279
	rc = tpm_buf_init_sized(&sized);

280
	if (rc) {

281
		tpm_buf_destroy(&buf);

282
		tpm2_end_auth_session(chip);

283
		goto out_put;

284
	}

285


286
	tpm_buf_append_name(chip, &buf, options->keyhandle, NULL);

287
	tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_DECRYPT,

288
				    options->keyauth, TPM_DIGEST_SIZE);

289


290
	/* sensitive */

291
	tpm_buf_append_u16(&sized, options->blobauth_len);

292


293
	if (options->blobauth_len)

294
		tpm_buf_append(&sized, options->blobauth, options->blobauth_len);

295


296
	tpm_buf_append_u16(&sized, payload->key_len);

297
	tpm_buf_append(&sized, payload->key, payload->key_len);

298
	tpm_buf_append(&buf, sized.data, sized.length);

299


300
	/* public */

301
	tpm_buf_reset_sized(&sized);

302
	tpm_buf_append_u16(&sized, TPM_ALG_KEYEDHASH);

303
	tpm_buf_append_u16(&sized, hash);

304


305
	/* key properties */

306
	flags = 0;

307
	flags |= options->policydigest_len ? 0 : TPM2_OA_USER_WITH_AUTH;

308
	flags |= payload->migratable ? 0 : (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT);

309
	tpm_buf_append_u32(&sized, flags);

310


311
	/* policy */

312
	tpm_buf_append_u16(&sized, options->policydigest_len);

313
	if (options->policydigest_len)

314
		tpm_buf_append(&sized, options->policydigest, options->policydigest_len);

315


316
	/* public parameters */

317
	tpm_buf_append_u16(&sized, TPM_ALG_NULL);

318
	tpm_buf_append_u16(&sized, 0);

319


320
	tpm_buf_append(&buf, sized.data, sized.length);

321


322
	/* outside info */

323
	tpm_buf_append_u16(&buf, 0);

324


325
	/* creation PCR */

326
	tpm_buf_append_u32(&buf, 0);

327


328
	if (buf.flags & TPM_BUF_OVERFLOW) {

329
		rc = -E2BIG;

330
		tpm2_end_auth_session(chip);

331
		goto out;

332
	}

333


334
	tpm_buf_fill_hmac_session(chip, &buf);

335
	rc = tpm_transmit_cmd(chip, &buf, 4, "sealing data");

336
	rc = tpm_buf_check_hmac_response(chip, &buf, rc);

337
	if (rc)

338
		goto out;

339


340
	blob_len = tpm_buf_read_u32(&buf, &offset);

341
	if (blob_len > MAX_BLOB_SIZE || buf.flags & TPM_BUF_BOUNDARY_ERROR) {

342
		rc = -E2BIG;

343
		goto out;

344
	}

345
	if (buf.length - offset < blob_len) {

346
		rc = -EFAULT;

347
		goto out;

348
	}

349


350
	blob_len = tpm2_key_encode(payload, options, &buf.data[offset], blob_len);

351


352
out:

353
	tpm_buf_destroy(&sized);

354
	tpm_buf_destroy(&buf);

355


356
	if (rc > 0) {

357
		if (tpm2_rc_value(rc) == TPM2_RC_HASH)

358
			rc = -EINVAL;

359
		else

360
			rc = -EPERM;

361
	}

362
	if (blob_len < 0)

363
		rc = blob_len;

364
	else

365
		payload->blob_len = blob_len;

366


367
out_put:

368
	tpm_put_ops(chip);

369
	return rc;

370
}

371


372
/**

373
 * tpm2_load_cmd() - execute a TPM2_Load command

374
 *

375
 * @chip: TPM chip to use

376
 * @payload: the key data in clear and encrypted form

377
 * @options: authentication values and other options

378
 * @blob_handle: returned blob handle

379
 *

380
 * Return: 0 on success.

381
 *        -E2BIG on wrong payload size.

382
 *        -EPERM on tpm error status.

383
 *        < 0 error from tpm_send.

384
 */

385
static int tpm2_load_cmd(struct tpm_chip *chip,

386
			 struct trusted_key_payload *payload,

387
			 struct trusted_key_options *options,

388
			 u32 *blob_handle)

389
{

390
	struct tpm_buf buf;

391
	unsigned int private_len;

392
	unsigned int public_len;

393
	unsigned int blob_len;

394
	u8 *blob, *pub;

395
	int rc;

396
	u32 attrs;

397


398
	rc = tpm2_key_decode(payload, options, &blob);

399
	if (rc) {

400
		/* old form */

401
		blob = payload->blob;

402
		payload->old_format = 1;

403
	}

404


405
	/* new format carries keyhandle but old format doesn't */

406
	if (!options->keyhandle)

407
		return -EINVAL;

408


409
	/* must be big enough for at least the two be16 size counts */

410
	if (payload->blob_len < 4)

411
		return -EINVAL;

412


413
	private_len = get_unaligned_be16(blob);

414


415
	/* must be big enough for following public_len */

416
	if (private_len + 2 + 2 > (payload->blob_len))

417
		return -E2BIG;

418


419
	public_len = get_unaligned_be16(blob + 2 + private_len);

420
	if (private_len + 2 + public_len + 2 > payload->blob_len)

421
		return -E2BIG;

422


423
	pub = blob + 2 + private_len + 2;

424
	/* key attributes are always at offset 4 */

425
	attrs = get_unaligned_be32(pub + 4);

426


427
	if ((attrs & (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) ==

428
	    (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT))

429
		payload->migratable = 0;

430
	else

431
		payload->migratable = 1;

432


433
	blob_len = private_len + public_len + 4;

434
	if (blob_len > payload->blob_len)

435
		return -E2BIG;

436


437
	rc = tpm2_start_auth_session(chip);

438
	if (rc)

439
		return rc;

440


441
	rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD);

442
	if (rc) {

443
		tpm2_end_auth_session(chip);

444
		return rc;

445
	}

446


447
	tpm_buf_append_name(chip, &buf, options->keyhandle, NULL);

448
	tpm_buf_append_hmac_session(chip, &buf, 0, options->keyauth,

449
				    TPM_DIGEST_SIZE);

450


451
	tpm_buf_append(&buf, blob, blob_len);

452


453
	if (buf.flags & TPM_BUF_OVERFLOW) {

454
		rc = -E2BIG;

455
		tpm2_end_auth_session(chip);

456
		goto out;

457
	}

458


459
	tpm_buf_fill_hmac_session(chip, &buf);

460
	rc = tpm_transmit_cmd(chip, &buf, 4, "loading blob");

461
	rc = tpm_buf_check_hmac_response(chip, &buf, rc);

462
	if (!rc)

463
		*blob_handle = be32_to_cpup(

464
			(__be32 *) &buf.data[TPM_HEADER_SIZE]);

465


466
out:

467
	if (blob != payload->blob)

468
		kfree(blob);

469
	tpm_buf_destroy(&buf);

470


471
	if (rc > 0)

472
		rc = -EPERM;

473


474
	return rc;

475
}

476


477
/**

478
 * tpm2_unseal_cmd() - execute a TPM2_Unload command

479
 *

480
 * @chip: TPM chip to use

481
 * @payload: the key data in clear and encrypted form

482
 * @options: authentication values and other options

483
 * @blob_handle: blob handle

484
 *

485
 * Return: 0 on success

486
 *         -EPERM on tpm error status

487
 *         < 0 error from tpm_send

488
 */

489
static int tpm2_unseal_cmd(struct tpm_chip *chip,

490
			   struct trusted_key_payload *payload,

491
			   struct trusted_key_options *options,

492
			   u32 blob_handle)

493
{

494
	struct tpm_buf buf;

495
	u16 data_len;

496
	u8 *data;

497
	int rc;

498


499
	rc = tpm2_start_auth_session(chip);

500
	if (rc)

501
		return rc;

502


503
	rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL);

504
	if (rc) {

505
		tpm2_end_auth_session(chip);

506
		return rc;

507
	}

508


509
	tpm_buf_append_name(chip, &buf, blob_handle, NULL);

510


511
	if (!options->policyhandle) {

512
		tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT,

513
					    options->blobauth,

514
					    options->blobauth_len);

515
	} else {

516
		/*

517
		 * FIXME: The policy session was generated outside the

518
		 * kernel so we don't known the nonce and thus can't

519
		 * calculate a HMAC on it.  Therefore, the user can

520
		 * only really use TPM2_PolicyPassword and we must

521
		 * send down the plain text password, which could be

522
		 * intercepted.  We can still encrypt the returned

523
		 * key, but that's small comfort since the interposer

524
		 * could repeat our actions with the exfiltrated

525
		 * password.

526
		 */

527
		tpm2_buf_append_auth(&buf, options->policyhandle,

528
				     NULL /* nonce */, 0, 0,

529
				     options->blobauth, options->blobauth_len);

530
		tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT,

531
						NULL, 0);

532
	}

533


534
	tpm_buf_fill_hmac_session(chip, &buf);

535
	rc = tpm_transmit_cmd(chip, &buf, 6, "unsealing");

536
	rc = tpm_buf_check_hmac_response(chip, &buf, rc);

537
	if (rc > 0)

538
		rc = -EPERM;

539


540
	if (!rc) {

541
		data_len = be16_to_cpup(

542
			(__be16 *) &buf.data[TPM_HEADER_SIZE + 4]);

543
		if (data_len < MIN_KEY_SIZE ||  data_len > MAX_KEY_SIZE) {

544
			rc = -EFAULT;

545
			goto out;

546
		}

547


548
		if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) {

549
			rc = -EFAULT;

550
			goto out;

551
		}

552
		data = &buf.data[TPM_HEADER_SIZE + 6];

553


554
		if (payload->old_format) {

555
			/* migratable flag is at the end of the key */

556
			memcpy(payload->key, data, data_len - 1);

557
			payload->key_len = data_len - 1;

558
			payload->migratable = data[data_len - 1];

559
		} else {

560
			/*

561
			 * migratable flag already collected from key

562
			 * attributes

563
			 */

564
			memcpy(payload->key, data, data_len);

565
			payload->key_len = data_len;

566
		}

567
	}

568


569
out:

570
	tpm_buf_destroy(&buf);

571
	return rc;

572
}

573


574
/**

575
 * tpm2_unseal_trusted() - unseal the payload of a trusted key

576
 *

577
 * @chip: TPM chip to use

578
 * @payload: the key data in clear and encrypted form

579
 * @options: authentication values and other options

580
 *

581
 * Return: Same as with tpm_send.

582
 */

583
int tpm2_unseal_trusted(struct tpm_chip *chip,

584
			struct trusted_key_payload *payload,

585
			struct trusted_key_options *options)

586
{

587
	u32 blob_handle;

588
	int rc;

589


590
	rc = tpm_try_get_ops(chip);

591
	if (rc)

592
		return rc;

593


594
	rc = tpm2_load_cmd(chip, payload, options, &blob_handle);

595
	if (rc)

596
		goto out;

597


598
	rc = tpm2_unseal_cmd(chip, payload, options, blob_handle);

599
	tpm2_flush_context(chip, blob_handle);

600


601
out:

602
	tpm_put_ops(chip);

603


604
	return rc;

605
}

606


607