Fixes for properly setting auth (needs to include name for HMAC cpHash/rpHash calculation). Fix for sessionAttributes when command / response doesn't support it. Fixes for the TLS client / server examples. Added back the useful param enc / hmac debugging enabled with --enable-debug=verbose.

Author: dgarske

examples/tls/tls_client.c

@@ -130,9 +130,11 @@ int TPM2_TLS_ClientArgs(void* userCtx, int argc, char *argv[])
     sockIoCtx.fd = -1;
     XMEMSET(&tpmCtx, 0, sizeof(tpmCtx));
 #ifndef NO_RSA
+    XMEMSET(&rsaKey, 0, sizeof(rsaKey));
     XMEMSET(&wolfRsaKey, 0, sizeof(wolfRsaKey));
 #endif
 #ifdef HAVE_ECC
+    XMEMSET(&eccKey, 0, sizeof(eccKey));
     XMEMSET(&wolfEccKey, 0, sizeof(wolfEccKey));
 #endif
     XMEMSET(&tpmSession, 0, sizeof(tpmSession));
@@ -523,6 +525,7 @@ int TPM2_TLS_ClientArgs(void* userCtx, int argc, char *argv[])
     wc_ecc_free(&wolfEccKey);
     wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
 #endif
+    wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
 
     wolfSSL_shutdown(ssl);
 

examples/tls/tls_server.c

@@ -137,10 +137,16 @@ int TPM2_TLS_ServerArgs(void* userCtx, int argc, char *argv[])
     sockIoCtx.fd = -1;
     XMEMSET(&tpmCtx, 0, sizeof(tpmCtx));
 #ifndef NO_RSA
+    XMEMSET(&rsaKey, 0, sizeof(rsaKey));
     XMEMSET(&wolfRsaKey, 0, sizeof(wolfRsaKey));
 #endif
 #ifdef HAVE_ECC
+    XMEMSET(&eccKey, 0, sizeof(eccKey));
     XMEMSET(&wolfEccKey, 0, sizeof(wolfEccKey));
+    #ifndef WOLFTPM2_USE_SW_ECDHE
+    /* Ephemeral Key */
+    XMEMSET(&ecdhKey, 0, sizeof(ecdhKey));
+    #endif
 #endif
     XMEMSET(&tpmSession, 0, sizeof(tpmSession));
 
@@ -236,7 +242,6 @@ int TPM2_TLS_ServerArgs(void* userCtx, int argc, char *argv[])
 
     #ifndef WOLFTPM2_USE_SW_ECDHE
     /* Ephemeral Key */
-    XMEMSET(&ecdhKey, 0, sizeof(ecdhKey));
     tpmCtx.ecdhKey = &ecdhKey;
     #endif
 #endif /* HAVE_ECC */
@@ -497,6 +502,7 @@ int TPM2_TLS_ServerArgs(void* userCtx, int argc, char *argv[])
     wc_ecc_free(&wolfEccKey);
     wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
 #endif
+    wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
 
     wolfTPM2_Cleanup(&dev);
 

examples/wrap/wrap_test.c

@@ -121,6 +121,8 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     TPM_ALG_ID paramEncAlg = TPM_ALG_NULL;
     WOLFTPM2_SESSION tpmSession;
 
+    XMEMSET(&aesKey, 0, sizeof(aesKey));
+    XMEMSET(&publicKey, 0, sizeof(publicKey));
 #ifndef WOLFTPM2_NO_WOLFCRYPT
 #ifndef NO_RSA
     XMEMSET(&wolfRsaPubKey, 0, sizeof(wolfRsaPubKey));
@@ -415,6 +417,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
 
     /* Close TPM session based on RSA storage key */
     wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
+    wolfTPM2_SetAuthSession(&dev, 1, NULL, 0); /* clear auth session */
 
 
     /*------------------------------------------------------------------------*/
@@ -462,6 +465,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
             storageKey.handle.auth.size);
     }
 
+#if 0 /* disabled until ECC Encrypted salt is added */
     /* Start an authenticated session (salted / unbound) with parameter encryption */
     if (paramEncAlg != TPM_ALG_NULL) {
         rc = wolfTPM2_StartSession(&dev, &tpmSession, &storageKey, NULL,
@@ -475,6 +479,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
             (TPMA_SESSION_decrypt | TPMA_SESSION_encrypt | TPMA_SESSION_continueSession));
         if (rc != 0) goto exit;
     }
+#endif
 
     /* Create an ECC key for ECDSA */
     rc = wolfTPM2_GetKeyTemplate_ECC(&publicTemplate,
@@ -630,9 +635,11 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     rc = wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
     if (rc != 0) goto exit;
 
+#if 0 /* disabled until ECC Encrypted salt is added */
     /* Close TPM session based on ECC storage key */
     wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
-
+    wolfTPM2_SetAuthSession(&dev, 1, NULL, 0); /* clear auth session */
+#endif
 
     /*------------------------------------------------------------------------*/
     /* NV TESTS */
@@ -792,7 +799,6 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     /*------------------------------------------------------------------------*/
     /* ENCRYPT/DECRYPT TESTS */
     /*------------------------------------------------------------------------*/
-    XMEMSET(&aesKey, 0, sizeof(aesKey));
     rc = wolfTPM2_LoadSymmetricKey(&dev, &aesKey, TEST_AES_MODE,
         TEST_AES_KEY, (word32)sizeof(TEST_AES_KEY));
     if (rc != 0) goto exit;
@@ -904,6 +910,7 @@ int TPM2_Wrapper_TestArgs(void* userCtx, int argc, char *argv[])
     wolfTPM2_UnloadHandle(&dev, &rsaKey.handle);
     wolfTPM2_UnloadHandle(&dev, &eccKey.handle);
     wolfTPM2_UnloadHandle(&dev, &ekKey.handle);
+    wolfTPM2_UnloadHandle(&dev, &tpmSession.handle);
 
     wolfTPM2_Shutdown(&dev, 0); /* 0=just shutdown, no startup */
 

src/tpm2.c

@@ -175,7 +175,7 @@ static int TPM2_CommandProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
             }
 
             /* Handle session request for encryption */
-            if (encParam && session->sessionAttributes & TPMA_SESSION_decrypt) {
+            if (encParam && authCmd.sessionAttributes & TPMA_SESSION_decrypt) {
                 /* Encrypt the first command parameter */
                 rc = TPM2_ParamEnc_CmdRequest(session, encParam, encParamSz);
                 if (rc != TPM_RC_SUCCESS) {
@@ -210,7 +210,7 @@ static int TPM2_CommandProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
             /* this is done after encryption */
             rc = TPM2_CalcHmac(session->authHash, &session->auth, &hash, 
                 &session->nonceCaller, &session->nonceTPM, 
-                session->sessionAttributes, &authCmd.hmac);
+                authCmd.sessionAttributes, &authCmd.hmac);
             if (rc != TPM_RC_SUCCESS) {
             #ifdef DEBUG_WOLFTPM
                 printf("Error calculating command HMAC!\n");
@@ -302,7 +302,7 @@ static int TPM2_ResponseProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
                 /* Calculate HMAC prior to decryption */
                 rc = TPM2_CalcHmac(session->authHash, &session->auth, &hash, 
                     &session->nonceTPM, &session->nonceCaller, 
-                    session->sessionAttributes, &hmac);
+                    authRsp.sessionAttributes, &hmac);
                 if (rc != TPM_RC_SUCCESS) {
                 #ifdef DEBUG_WOLFTPM
                     printf("Error calculating response HMAC!\n");
@@ -323,7 +323,7 @@ static int TPM2_ResponseProcess(TPM2_CTX* ctx, TPM2_Packet* packet,
 
             /* Handle session request for decryption */
             /* If the response supports decryption */
-            if (decParam && session->sessionAttributes & TPMA_SESSION_encrypt) {
+            if (decParam && authRsp.sessionAttributes & TPMA_SESSION_encrypt) {
                 /* Decrypt the first response parameter */
                 rc = TPM2_ParamDec_CmdResponse(session, decParam, decParamSz);
                 if (rc != TPM_RC_SUCCESS) {
@@ -5282,6 +5282,10 @@ int TPM2_GetName(TPM2_CTX* ctx, int handleCnt, int idx, TPM2B_NAME* name)
         name->size = session->name.size;
         XMEMCPY(name->name, session->name.name, name->size);
     }
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("Name %d: %d\n", idx, name->size);
+    TPM2_PrintBin(name->name, name->size);
+#endif
     return TPM_RC_SUCCESS;
 }
 

src/tpm2_param_enc.c

@@ -286,6 +286,12 @@ static int TPM2_ParamEnc_AESCFB(TPM2_AUTH_SESSION *session, TPM2B_AUTH* keyIn,
         return TPM_RC_FAILURE;
     }
 
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("AES Enc Key %d, IV %d\n", symKeySz, symKeyIvSz);
+    TPM2_PrintBin(symKey, symKeySz);
+    TPM2_PrintBin(&symKey[symKeySz], symKeyIvSz);
+#endif
+
     /* Perform AES CFB Encryption */
     rc = wc_AesInit(&enc, NULL, INVALID_DEVID);
     if (rc == 0) {
@@ -325,6 +331,12 @@ static int TPM2_ParamDec_AESCFB(TPM2_AUTH_SESSION *session, TPM2B_AUTH* keyIn,
         return TPM_RC_FAILURE;
     }
 
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("AES Dec Key %d, IV %d\n", symKeySz, symKeyIvSz);
+    TPM2_PrintBin(symKey, symKeySz);
+    TPM2_PrintBin(&symKey[symKeySz], symKeyIvSz);
+#endif
+
     /* Perform AES CFB Decryption */
     rc = wc_AesInit(&dec, NULL, INVALID_DEVID);
     if (rc == 0) {
@@ -386,6 +398,11 @@ int TPM2_CalcCpHash(TPMI_ALG_HASH authHash, TPM_CC cmdCode,
         wc_HashFree(&hash_ctx, hashType);
     }
 
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("cpHash: cmd %x, size %d\n", cmdCode, hash->size);
+    TPM2_PrintBin(hash->buffer, hash->size);
+#endif
+
     return rc;
 }
 
@@ -430,6 +447,11 @@ int TPM2_CalcRpHash(TPMI_ALG_HASH authHash,
         wc_HashFree(&hash_ctx, hashType);
     }
 
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("rpHash: cmd %x, size %d\n", cmdCode, hash->size);
+    TPM2_PrintBin(hash->buffer, hash->size);
+#endif
+
     return rc;
 }
 
@@ -455,9 +477,14 @@ int TPM2_CalcHmac(TPMI_ALG_HASH authHash, TPM2B_AUTH* auth,
     rc = wc_HmacInit(&hmac_ctx, NULL, INVALID_DEVID);
     if (rc != 0)
         return rc;
+
     /* start HMAC - sessionKey || authValue */
     /* TODO: Handle "authValue" case "a value that is found in the sensitive area of an entity" */
     if (auth) {
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("HMAC Key: %d\n", auth->size);
+    TPM2_PrintBin(auth->buffer, auth->size);
+#endif
         rc = wc_HmacSetKey(&hmac_ctx, hashType, auth->buffer, auth->size);
     }
     else {
@@ -488,6 +515,11 @@ int TPM2_CalcHmac(TPMI_ALG_HASH authHash, TPM2B_AUTH* auth,
         rc = wc_HmacFinal(&hmac_ctx, hmac->buffer);
     wc_HmacFree(&hmac_ctx);
 
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("HMAC Auth: attrib %x, size %d\n", sessionAttributes, hmac->size);
+    TPM2_PrintBin(hmac->buffer, hmac->size);
+#endif
+
     return rc;
 }
 #endif /* !WOLFTPM2_NO_WOLFCRYPT */
@@ -497,6 +529,16 @@ TPM_RC TPM2_ParamEnc_CmdRequest(TPM2_AUTH_SESSION *session,
 {
     TPM_RC rc = TPM_RC_FAILURE;
 
+ #ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("CmdEnc Session Key %d\n", session->auth.size);
+    TPM2_PrintBin(session->auth.buffer, session->auth.size);
+    printf("CmdEnc Nonce caller %d\n", session->nonceCaller.size);
+    TPM2_PrintBin(session->nonceCaller.buffer, session->nonceCaller.size);
+    printf("CmdEnc Nonce TPM %d\n", session->nonceTPM.size);
+    TPM2_PrintBin(session->nonceTPM.buffer, session->nonceTPM.size);
+ #endif
+
+
     if (session->symmetric.algorithm == TPM_ALG_XOR) {
         rc = TPM2_ParamEnc_XOR(session, &session->auth, &session->nonceCaller,
             &session->nonceTPM, paramData, paramSz);
@@ -517,6 +559,15 @@ TPM_RC TPM2_ParamDec_CmdResponse(TPM2_AUTH_SESSION *session,
 {
     TPM_RC rc = TPM_RC_FAILURE;
 
+#ifdef WOLFTPM_DEBUG_VERBOSE
+    printf("RspDec Session Key %d\n", session->auth.size);
+    TPM2_PrintBin(session->auth.buffer, session->auth.size);
+    printf("RspDec Nonce caller %d\n", session->nonceCaller.size);
+    TPM2_PrintBin(session->nonceCaller.buffer, session->nonceCaller.size);
+    printf("RspDec Nonce TPM %d\n", session->nonceTPM.size);
+    TPM2_PrintBin(session->nonceTPM.buffer, session->nonceTPM.size);
+ #endif
+
     if (session->symmetric.algorithm == TPM_ALG_XOR) {
         rc = TPM2_ParamDec_XOR(session, &session->auth, &session->nonceCaller,
             &session->nonceTPM, paramData, paramSz);