1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 */ 6 7 #include <linux/asn1_encoder.h> 8 #include <linux/oid_registry.h> 9 #include <linux/string.h> 10 #include <linux/err.h> 11 #include <linux/tpm.h> 12 #include <linux/tpm_command.h> 13 14 #include <keys/trusted-type.h> 15 #include <keys/trusted_tpm.h> 16 17 #include <linux/unaligned.h> 18 19 #include "tpm2key.asn1.h" 20 21 static struct tpm2_hash tpm2_hash_map[] = { 22 {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 23 {HASH_ALGO_SHA256, TPM_ALG_SHA256}, 24 {HASH_ALGO_SHA384, TPM_ALG_SHA384}, 25 {HASH_ALGO_SHA512, TPM_ALG_SHA512}, 26 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, 27 }; 28 29 static u32 tpm2key_oid[] = { 2, 23, 133, 10, 1, 5 }; 30 31 static int tpm2_key_encode(struct trusted_key_payload *payload, 32 struct trusted_key_options *options, 33 u8 *src, u32 len) 34 { 35 const int SCRATCH_SIZE = PAGE_SIZE; 36 u8 *scratch = kmalloc(SCRATCH_SIZE, GFP_KERNEL); 37 u8 *work = scratch, *work1; 38 u8 *end_work = scratch + SCRATCH_SIZE; 39 u8 *priv, *pub; 40 u16 priv_len, pub_len; 41 int ret; 42 43 priv_len = get_unaligned_be16(src) + 2; 44 priv = src; 45 46 src += priv_len; 47 48 pub_len = get_unaligned_be16(src) + 2; 49 pub = src; 50 51 if (!scratch) 52 return -ENOMEM; 53 54 work = asn1_encode_oid(work, end_work, tpm2key_oid, 55 asn1_oid_len(tpm2key_oid)); 56 57 if (options->blobauth_len == 0) { 58 unsigned char bool[3], *w = bool; 59 /* tag 0 is emptyAuth */ 60 w = asn1_encode_boolean(w, w + sizeof(bool), true); 61 if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) { 62 ret = PTR_ERR(w); 63 goto err; 64 } 65 work = asn1_encode_tag(work, end_work, 0, bool, w - bool); 66 } 67 68 /* 69 * Assume both octet strings will encode to a 2 byte definite length 70 * 71 * Note: For a well behaved TPM, this warning should never 72 * trigger, so if it does there's something nefarious going on 73 */ 74 if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE, 75 "BUG: scratch buffer is too small")) { 76 ret = -EINVAL; 77 goto err; 78 } 79 80 work = asn1_encode_integer(work, end_work, options->keyhandle); 81 work = asn1_encode_octet_string(work, end_work, pub, pub_len); 82 work = asn1_encode_octet_string(work, end_work, priv, priv_len); 83 84 work1 = payload->blob; 85 work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob), 86 scratch, work - scratch); 87 if (IS_ERR(work1)) { 88 ret = PTR_ERR(work1); 89 pr_err("BUG: ASN.1 encoder failed with %d\n", ret); 90 goto err; 91 } 92 93 kfree(scratch); 94 return work1 - payload->blob; 95 96 err: 97 kfree(scratch); 98 return ret; 99 } 100 101 struct tpm2_key_context { 102 u32 parent; 103 const u8 *pub; 104 u32 pub_len; 105 const u8 *priv; 106 u32 priv_len; 107 }; 108 109 static int tpm2_key_decode(struct trusted_key_payload *payload, 110 struct trusted_key_options *options, 111 u8 **buf) 112 { 113 int ret; 114 struct tpm2_key_context ctx; 115 u8 *blob; 116 117 memset(&ctx, 0, sizeof(ctx)); 118 119 ret = asn1_ber_decoder(&tpm2key_decoder, &ctx, payload->blob, 120 payload->blob_len); 121 if (ret < 0) 122 return ret; 123 124 if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE) 125 return -EINVAL; 126 127 blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL); 128 if (!blob) 129 return -ENOMEM; 130 131 *buf = blob; 132 options->keyhandle = ctx.parent; 133 134 memcpy(blob, ctx.priv, ctx.priv_len); 135 blob += ctx.priv_len; 136 137 memcpy(blob, ctx.pub, ctx.pub_len); 138 139 return 0; 140 } 141 142 int tpm2_key_parent(void *context, size_t hdrlen, 143 unsigned char tag, 144 const void *value, size_t vlen) 145 { 146 struct tpm2_key_context *ctx = context; 147 const u8 *v = value; 148 int i; 149 150 ctx->parent = 0; 151 for (i = 0; i < vlen; i++) { 152 ctx->parent <<= 8; 153 ctx->parent |= v[i]; 154 } 155 156 return 0; 157 } 158 159 int tpm2_key_type(void *context, size_t hdrlen, 160 unsigned char tag, 161 const void *value, size_t vlen) 162 { 163 enum OID oid = look_up_OID(value, vlen); 164 165 if (oid != OID_TPMSealedData) { 166 char buffer[50]; 167 168 sprint_oid(value, vlen, buffer, sizeof(buffer)); 169 pr_debug("OID is \"%s\" which is not TPMSealedData\n", 170 buffer); 171 return -EINVAL; 172 } 173 174 return 0; 175 } 176 177 int tpm2_key_pub(void *context, size_t hdrlen, 178 unsigned char tag, 179 const void *value, size_t vlen) 180 { 181 struct tpm2_key_context *ctx = context; 182 183 ctx->pub = value; 184 ctx->pub_len = vlen; 185 186 return 0; 187 } 188 189 int tpm2_key_priv(void *context, size_t hdrlen, 190 unsigned char tag, 191 const void *value, size_t vlen) 192 { 193 struct tpm2_key_context *ctx = context; 194 195 ctx->priv = value; 196 ctx->priv_len = vlen; 197 198 return 0; 199 } 200 201 /** 202 * tpm2_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. 203 * 204 * @buf: an allocated tpm_buf instance 205 * @session_handle: session handle 206 * @nonce: the session nonce, may be NULL if not used 207 * @nonce_len: the session nonce length, may be 0 if not used 208 * @attributes: the session attributes 209 * @hmac: the session HMAC or password, may be NULL if not used 210 * @hmac_len: the session HMAC or password length, maybe 0 if not used 211 */ 212 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 213 const u8 *nonce, u16 nonce_len, 214 u8 attributes, 215 const u8 *hmac, u16 hmac_len) 216 { 217 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 218 tpm_buf_append_u32(buf, session_handle); 219 tpm_buf_append_u16(buf, nonce_len); 220 221 if (nonce && nonce_len) 222 tpm_buf_append(buf, nonce, nonce_len); 223 224 tpm_buf_append_u8(buf, attributes); 225 tpm_buf_append_u16(buf, hmac_len); 226 227 if (hmac && hmac_len) 228 tpm_buf_append(buf, hmac, hmac_len); 229 } 230 231 /** 232 * tpm2_seal_trusted() - seal the payload of a trusted key 233 * 234 * @chip: TPM chip to use 235 * @payload: the key data in clear and encrypted form 236 * @options: authentication values and other options 237 * 238 * Return: < 0 on error and 0 on success. 239 */ 240 int tpm2_seal_trusted(struct tpm_chip *chip, 241 struct trusted_key_payload *payload, 242 struct trusted_key_options *options) 243 { 244 off_t offset = TPM_HEADER_SIZE; 245 struct tpm_buf buf, sized; 246 int blob_len = 0; 247 u32 hash; 248 u32 flags; 249 int i; 250 int rc; 251 252 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 253 if (options->hash == tpm2_hash_map[i].crypto_id) { 254 hash = tpm2_hash_map[i].tpm_id; 255 break; 256 } 257 } 258 259 if (i == ARRAY_SIZE(tpm2_hash_map)) 260 return -EINVAL; 261 262 if (!options->keyhandle) 263 return -EINVAL; 264 265 rc = tpm_try_get_ops(chip); 266 if (rc) 267 return rc; 268 269 rc = tpm2_start_auth_session(chip); 270 if (rc) 271 goto out_put; 272 273 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 274 if (rc) { 275 tpm2_end_auth_session(chip); 276 goto out_put; 277 } 278 279 rc = tpm_buf_init_sized(&sized); 280 if (rc) { 281 tpm_buf_destroy(&buf); 282 tpm2_end_auth_session(chip); 283 goto out_put; 284 } 285 286 tpm_buf_append_name(chip, &buf, options->keyhandle, NULL); 287 tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_DECRYPT, 288 options->keyauth, TPM_DIGEST_SIZE); 289 290 /* sensitive */ 291 tpm_buf_append_u16(&sized, options->blobauth_len); 292 293 if (options->blobauth_len) 294 tpm_buf_append(&sized, options->blobauth, options->blobauth_len); 295 296 tpm_buf_append_u16(&sized, payload->key_len); 297 tpm_buf_append(&sized, payload->key, payload->key_len); 298 tpm_buf_append(&buf, sized.data, sized.length); 299 300 /* public */ 301 tpm_buf_reset_sized(&sized); 302 tpm_buf_append_u16(&sized, TPM_ALG_KEYEDHASH); 303 tpm_buf_append_u16(&sized, hash); 304 305 /* key properties */ 306 flags = 0; 307 flags |= options->policydigest_len ? 0 : TPM2_OA_USER_WITH_AUTH; 308 flags |= payload->migratable ? 0 : (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT); 309 tpm_buf_append_u32(&sized, flags); 310 311 /* policy */ 312 tpm_buf_append_u16(&sized, options->policydigest_len); 313 if (options->policydigest_len) 314 tpm_buf_append(&sized, options->policydigest, options->policydigest_len); 315 316 /* public parameters */ 317 tpm_buf_append_u16(&sized, TPM_ALG_NULL); 318 tpm_buf_append_u16(&sized, 0); 319 320 tpm_buf_append(&buf, sized.data, sized.length); 321 322 /* outside info */ 323 tpm_buf_append_u16(&buf, 0); 324 325 /* creation PCR */ 326 tpm_buf_append_u32(&buf, 0); 327 328 if (buf.flags & TPM_BUF_OVERFLOW) { 329 rc = -E2BIG; 330 tpm2_end_auth_session(chip); 331 goto out; 332 } 333 334 tpm_buf_fill_hmac_session(chip, &buf); 335 rc = tpm_transmit_cmd(chip, &buf, 4, "sealing data"); 336 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 337 if (rc) 338 goto out; 339 340 blob_len = tpm_buf_read_u32(&buf, &offset); 341 if (blob_len > MAX_BLOB_SIZE || buf.flags & TPM_BUF_BOUNDARY_ERROR) { 342 rc = -E2BIG; 343 goto out; 344 } 345 if (buf.length - offset < blob_len) { 346 rc = -EFAULT; 347 goto out; 348 } 349 350 blob_len = tpm2_key_encode(payload, options, &buf.data[offset], blob_len); 351 352 out: 353 tpm_buf_destroy(&sized); 354 tpm_buf_destroy(&buf); 355 356 if (rc > 0) { 357 if (tpm2_rc_value(rc) == TPM2_RC_HASH) 358 rc = -EINVAL; 359 else 360 rc = -EPERM; 361 } 362 if (blob_len < 0) 363 rc = blob_len; 364 else 365 payload->blob_len = blob_len; 366 367 out_put: 368 tpm_put_ops(chip); 369 return rc; 370 } 371 372 /** 373 * tpm2_load_cmd() - execute a TPM2_Load command 374 * 375 * @chip: TPM chip to use 376 * @payload: the key data in clear and encrypted form 377 * @options: authentication values and other options 378 * @blob_handle: returned blob handle 379 * 380 * Return: 0 on success. 381 * -E2BIG on wrong payload size. 382 * -EPERM on tpm error status. 383 * < 0 error from tpm_send. 384 */ 385 static int tpm2_load_cmd(struct tpm_chip *chip, 386 struct trusted_key_payload *payload, 387 struct trusted_key_options *options, 388 u32 *blob_handle) 389 { 390 struct tpm_buf buf; 391 unsigned int private_len; 392 unsigned int public_len; 393 unsigned int blob_len; 394 u8 *blob, *pub; 395 int rc; 396 u32 attrs; 397 398 rc = tpm2_key_decode(payload, options, &blob); 399 if (rc) { 400 /* old form */ 401 blob = payload->blob; 402 payload->old_format = 1; 403 } 404 405 /* new format carries keyhandle but old format doesn't */ 406 if (!options->keyhandle) 407 return -EINVAL; 408 409 /* must be big enough for at least the two be16 size counts */ 410 if (payload->blob_len < 4) 411 return -EINVAL; 412 413 private_len = get_unaligned_be16(blob); 414 415 /* must be big enough for following public_len */ 416 if (private_len + 2 + 2 > (payload->blob_len)) 417 return -E2BIG; 418 419 public_len = get_unaligned_be16(blob + 2 + private_len); 420 if (private_len + 2 + public_len + 2 > payload->blob_len) 421 return -E2BIG; 422 423 pub = blob + 2 + private_len + 2; 424 /* key attributes are always at offset 4 */ 425 attrs = get_unaligned_be32(pub + 4); 426 427 if ((attrs & (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) == 428 (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) 429 payload->migratable = 0; 430 else 431 payload->migratable = 1; 432 433 blob_len = private_len + public_len + 4; 434 if (blob_len > payload->blob_len) 435 return -E2BIG; 436 437 rc = tpm2_start_auth_session(chip); 438 if (rc) 439 return rc; 440 441 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 442 if (rc) { 443 tpm2_end_auth_session(chip); 444 return rc; 445 } 446 447 tpm_buf_append_name(chip, &buf, options->keyhandle, NULL); 448 tpm_buf_append_hmac_session(chip, &buf, 0, options->keyauth, 449 TPM_DIGEST_SIZE); 450 451 tpm_buf_append(&buf, blob, blob_len); 452 453 if (buf.flags & TPM_BUF_OVERFLOW) { 454 rc = -E2BIG; 455 tpm2_end_auth_session(chip); 456 goto out; 457 } 458 459 tpm_buf_fill_hmac_session(chip, &buf); 460 rc = tpm_transmit_cmd(chip, &buf, 4, "loading blob"); 461 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 462 if (!rc) 463 *blob_handle = be32_to_cpup( 464 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 465 466 out: 467 if (blob != payload->blob) 468 kfree(blob); 469 tpm_buf_destroy(&buf); 470 471 if (rc > 0) 472 rc = -EPERM; 473 474 return rc; 475 } 476 477 /** 478 * tpm2_unseal_cmd() - execute a TPM2_Unload command 479 * 480 * @chip: TPM chip to use 481 * @payload: the key data in clear and encrypted form 482 * @options: authentication values and other options 483 * @blob_handle: blob handle 484 * 485 * Return: 0 on success 486 * -EPERM on tpm error status 487 * < 0 error from tpm_send 488 */ 489 static int tpm2_unseal_cmd(struct tpm_chip *chip, 490 struct trusted_key_payload *payload, 491 struct trusted_key_options *options, 492 u32 blob_handle) 493 { 494 struct tpm_buf buf; 495 u16 data_len; 496 u8 *data; 497 int rc; 498 499 rc = tpm2_start_auth_session(chip); 500 if (rc) 501 return rc; 502 503 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 504 if (rc) { 505 tpm2_end_auth_session(chip); 506 return rc; 507 } 508 509 tpm_buf_append_name(chip, &buf, blob_handle, NULL); 510 511 if (!options->policyhandle) { 512 tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT, 513 options->blobauth, 514 options->blobauth_len); 515 } else { 516 /* 517 * FIXME: The policy session was generated outside the 518 * kernel so we don't known the nonce and thus can't 519 * calculate a HMAC on it. Therefore, the user can 520 * only really use TPM2_PolicyPassword and we must 521 * send down the plain text password, which could be 522 * intercepted. We can still encrypt the returned 523 * key, but that's small comfort since the interposer 524 * could repeat our actions with the exfiltrated 525 * password. 526 */ 527 tpm2_buf_append_auth(&buf, options->policyhandle, 528 NULL /* nonce */, 0, 0, 529 options->blobauth, options->blobauth_len); 530 tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT, 531 NULL, 0); 532 } 533 534 tpm_buf_fill_hmac_session(chip, &buf); 535 rc = tpm_transmit_cmd(chip, &buf, 6, "unsealing"); 536 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 537 if (rc > 0) 538 rc = -EPERM; 539 540 if (!rc) { 541 data_len = be16_to_cpup( 542 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 543 if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE) { 544 rc = -EFAULT; 545 goto out; 546 } 547 548 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) { 549 rc = -EFAULT; 550 goto out; 551 } 552 data = &buf.data[TPM_HEADER_SIZE + 6]; 553 554 if (payload->old_format) { 555 /* migratable flag is at the end of the key */ 556 memcpy(payload->key, data, data_len - 1); 557 payload->key_len = data_len - 1; 558 payload->migratable = data[data_len - 1]; 559 } else { 560 /* 561 * migratable flag already collected from key 562 * attributes 563 */ 564 memcpy(payload->key, data, data_len); 565 payload->key_len = data_len; 566 } 567 } 568 569 out: 570 tpm_buf_destroy(&buf); 571 return rc; 572 } 573 574 /** 575 * tpm2_unseal_trusted() - unseal the payload of a trusted key 576 * 577 * @chip: TPM chip to use 578 * @payload: the key data in clear and encrypted form 579 * @options: authentication values and other options 580 * 581 * Return: Same as with tpm_send. 582 */ 583 int tpm2_unseal_trusted(struct tpm_chip *chip, 584 struct trusted_key_payload *payload, 585 struct trusted_key_options *options) 586 { 587 u32 blob_handle; 588 int rc; 589 590 rc = tpm_try_get_ops(chip); 591 if (rc) 592 return rc; 593 594 rc = tpm2_load_cmd(chip, payload, options, &blob_handle); 595 if (rc) 596 goto out; 597 598 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle); 599 tpm2_flush_context(chip, blob_handle); 600 601 out: 602 tpm_put_ops(chip); 603 604 return rc; 605 } 606