From 6a3100ad060934228a1bec06ae43b41f5ea8a51b Mon Sep 17 00:00:00 2001

From: Trammell hudson <hudson@trmm.net>

Date: Fri, 26 Mar 2021 17:23:07 +0000

Subject: [PATCH 03/17] tpm2_identity_util: move create_name() into utility

 library

Signed-off-by: Trammell Hudson <hudson@trmm.net>

---

 lib/tpm2_identity_util.c | 40 ++++++++++++++++++++++++++++++++++++++

 lib/tpm2_identity_util.h | 10 ++++++++++

 tools/tpm2_import.c      | 42 +---------------------------------------

 3 files changed, 51 insertions(+), 41 deletions(-)

diff --git a/lib/tpm2_identity_util.c b/lib/tpm2_identity_util.c

index a3b0e387..e11137ab 100644

--- a/lib/tpm2_identity_util.c

+++ b/lib/tpm2_identity_util.c

@@ -423,3 +423,43 @@ void tpm2_identity_util_calculate_outer_integrity(TPMI_ALG_HASH parent_name_alg,

             encrypted_duplicate_sensitive->size, pubname->name, pubname->size,

             protection_hmac_key->buffer, outer_hmac);

 }

+

+bool tpm2_identity_create_name(TPM2B_PUBLIC *public, TPM2B_NAME *pubname) {

+

+    /*

+     * A TPM2B_NAME is the name of the algorithm, followed by the hash.

+     * Calculate the name by:

+     * 1. Marshaling the name algorithm

+     * 2. Marshaling the TPMT_PUBLIC past the name algorithm from step 1.

+     * 3. Hash the TPMT_PUBLIC portion in marshaled data.

+     */

+

+    TPMI_ALG_HASH name_alg = public->publicArea.nameAlg;

+

+    // Step 1 - set beginning of name to hash alg

+    size_t hash_offset = 0;

+    Tss2_MU_UINT16_Marshal(name_alg, pubname->name, pubname->size,

+            &hash_offset);

+

+    // Step 2 - marshal TPMTP

+    TPMT_PUBLIC marshaled_tpmt;

+    size_t tpmt_marshalled_size = 0;

+    Tss2_MU_TPMT_PUBLIC_Marshal(&public->publicArea,

+            (uint8_t *) &marshaled_tpmt, sizeof(public->publicArea),

+            &tpmt_marshalled_size);

+

+    // Step 3 - Hash the data into name just past the alg type.

+    digester d = tpm2_openssl_halg_to_digester(name_alg);

+    if (!d) {

+        return false;

+    }

+

+    d((const unsigned char *) &marshaled_tpmt, tpmt_marshalled_size,

+            pubname->name + hash_offset);

+

+    //Set the name size, UINT16 followed by HASH

+    UINT16 hash_size = tpm2_alg_util_get_hash_size(name_alg);

+    pubname->size = hash_size + hash_offset;

+

+    return true;

+}

diff --git a/lib/tpm2_identity_util.h b/lib/tpm2_identity_util.h

index 0ac55793..61e10376 100644

--- a/lib/tpm2_identity_util.h

+++ b/lib/tpm2_identity_util.h

@@ -102,4 +102,14 @@ void tpm2_identity_util_calculate_outer_integrity(TPMI_ALG_HASH parent_name_alg,

         TPM2B_MAX_BUFFER *encrypted_duplicate_sensitive,

         TPM2B_DIGEST *outer_hmac);

+/**

+ * Computes the name of a TPM key.

+ *

+ * @param public

+ *  Public key structure

+ * @param pubname

+ *  The name structure to populate.

+ */

+bool tpm2_identity_create_name(TPM2B_PUBLIC *public, TPM2B_NAME *pubname);

+

 #endif /* LIB_TPM2_IDENTITY_UTIL_H_ */

diff --git a/tools/tpm2_import.c b/tools/tpm2_import.c

index eb8dd9a7..a5d1b4e6 100644

--- a/tools/tpm2_import.c

+++ b/tools/tpm2_import.c

@@ -74,46 +74,6 @@ static tool_rc readpublic(ESYS_CONTEXT *ectx, ESYS_TR handle,

     return tpm2_readpublic(ectx, handle, public, NULL, NULL);

 }

-static bool create_name(TPM2B_PUBLIC *public, TPM2B_NAME *pubname) {

-

-    /*

-     * A TPM2B_NAME is the name of the algorithm, followed by the hash.

-     * Calculate the name by:

-     * 1. Marshaling the name algorithm

-     * 2. Marshaling the TPMT_PUBLIC past the name algorithm from step 1.

-     * 3. Hash the TPMT_PUBLIC portion in marshaled data.

-     */

-

-    TPMI_ALG_HASH name_alg = public->publicArea.nameAlg;

-

-    // Step 1 - set beginning of name to hash alg

-    size_t hash_offset = 0;

-    Tss2_MU_UINT16_Marshal(name_alg, pubname->name, pubname->size,

-            &hash_offset);

-

-    // Step 2 - marshal TPMTP

-    TPMT_PUBLIC marshaled_tpmt;

-    size_t tpmt_marshalled_size = 0;

-    Tss2_MU_TPMT_PUBLIC_Marshal(&public->publicArea,

-            (uint8_t *) &marshaled_tpmt, sizeof(public->publicArea),

-            &tpmt_marshalled_size);

-

-    // Step 3 - Hash the data into name just past the alg type.

-    digester d = tpm2_openssl_halg_to_digester(name_alg);

-    if (!d) {

-        return false;

-    }

-

-    d((const unsigned char *) &marshaled_tpmt, tpmt_marshalled_size,

-            pubname->name + 2);

-

-    //Set the name size, UINT16 followed by HASH

-    UINT16 hash_size = tpm2_alg_util_get_hash_size(name_alg);

-    pubname->size = hash_size + 2;

-

-    return true;

-}

-

 static void create_import_key_private_data(TPM2B_PRIVATE *private,

         TPMI_ALG_HASH parent_name_alg,

         TPM2B_MAX_BUFFER *encrypted_duplicate_sensitive,

@@ -155,7 +115,7 @@ static tool_rc key_import(ESYS_CONTEXT *ectx, TPM2B_PUBLIC *parent_pub,

      * Calculate the object name.

      */

     TPM2B_NAME pubname = TPM2B_TYPE_INIT(TPM2B_NAME, name);

-    bool res = create_name(pubkey, &pubname);

+    bool res = tpm2_identity_create_name(pubkey, &pubname);

     if (!res) {

         return false;

     }

-- 

2.31.1