1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * Copyright (C) 2004 IBM Corporation 4 * Copyright (C) 2014 Intel Corporation 5 */ 6 7 #include <linux/asn1_encoder.h> 8 #include <linux/oid_registry.h> 9 #include <linux/string.h> 10 #include <linux/err.h> 11 #include <linux/tpm.h> 12 #include <linux/tpm_command.h> 13 14 #include <keys/trusted-type.h> 15 #include <keys/trusted_tpm.h> 16 17 #include <asm/unaligned.h> 18 19 #include "tpm2key.asn1.h" 20 21 static struct tpm2_hash tpm2_hash_map[] = { 22 {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 23 {HASH_ALGO_SHA256, TPM_ALG_SHA256}, 24 {HASH_ALGO_SHA384, TPM_ALG_SHA384}, 25 {HASH_ALGO_SHA512, TPM_ALG_SHA512}, 26 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, 27 }; 28 29 static u32 tpm2key_oid[] = { 2, 23, 133, 10, 1, 5 }; 30 31 static int tpm2_key_encode(struct trusted_key_payload *payload, 32 struct trusted_key_options *options, 33 u8 *src, u32 len) 34 { 35 const int SCRATCH_SIZE = PAGE_SIZE; 36 u8 *scratch = kmalloc(SCRATCH_SIZE, GFP_KERNEL); 37 u8 *work = scratch, *work1; 38 u8 *end_work = scratch + SCRATCH_SIZE; 39 u8 *priv, *pub; 40 u16 priv_len, pub_len; 41 int ret; 42 43 priv_len = get_unaligned_be16(src) + 2; 44 priv = src; 45 46 src += priv_len; 47 48 pub_len = get_unaligned_be16(src) + 2; 49 pub = src; 50 51 if (!scratch) 52 return -ENOMEM; 53 54 work = asn1_encode_oid(work, end_work, tpm2key_oid, 55 asn1_oid_len(tpm2key_oid)); 56 57 if (options->blobauth_len == 0) { 58 unsigned char bool[3], *w = bool; 59 /* tag 0 is emptyAuth */ 60 w = asn1_encode_boolean(w, w + sizeof(bool), true); 61 if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) { 62 ret = PTR_ERR(w); 63 goto err; 64 } 65 work = asn1_encode_tag(work, end_work, 0, bool, w - bool); 66 } 67 68 /* 69 * Assume both octet strings will encode to a 2 byte definite length 70 * 71 * Note: For a well behaved TPM, this warning should never 72 * trigger, so if it does there's something nefarious going on 73 */ 74 if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE, 75 "BUG: scratch buffer is too small")) { 76 ret = -EINVAL; 77 goto err; 78 } 79 80 work = asn1_encode_integer(work, end_work, options->keyhandle); 81 work = asn1_encode_octet_string(work, end_work, pub, pub_len); 82 work = asn1_encode_octet_string(work, end_work, priv, priv_len); 83 84 work1 = payload->blob; 85 work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob), 86 scratch, work - scratch); 87 if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) { 88 ret = PTR_ERR(work1); 89 goto err; 90 } 91 92 kfree(scratch); 93 return work1 - payload->blob; 94 95 err: 96 kfree(scratch); 97 return ret; 98 } 99 100 struct tpm2_key_context { 101 u32 parent; 102 const u8 *pub; 103 u32 pub_len; 104 const u8 *priv; 105 u32 priv_len; 106 }; 107 108 static int tpm2_key_decode(struct trusted_key_payload *payload, 109 struct trusted_key_options *options, 110 u8 **buf) 111 { 112 int ret; 113 struct tpm2_key_context ctx; 114 u8 *blob; 115 116 memset(&ctx, 0, sizeof(ctx)); 117 118 ret = asn1_ber_decoder(&tpm2key_decoder, &ctx, payload->blob, 119 payload->blob_len); 120 if (ret < 0) 121 return ret; 122 123 if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE) 124 return -EINVAL; 125 126 blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL); 127 if (!blob) 128 return -ENOMEM; 129 130 *buf = blob; 131 options->keyhandle = ctx.parent; 132 133 memcpy(blob, ctx.priv, ctx.priv_len); 134 blob += ctx.priv_len; 135 136 memcpy(blob, ctx.pub, ctx.pub_len); 137 138 return 0; 139 } 140 141 int tpm2_key_parent(void *context, size_t hdrlen, 142 unsigned char tag, 143 const void *value, size_t vlen) 144 { 145 struct tpm2_key_context *ctx = context; 146 const u8 *v = value; 147 int i; 148 149 ctx->parent = 0; 150 for (i = 0; i < vlen; i++) { 151 ctx->parent <<= 8; 152 ctx->parent |= v[i]; 153 } 154 155 return 0; 156 } 157 158 int tpm2_key_type(void *context, size_t hdrlen, 159 unsigned char tag, 160 const void *value, size_t vlen) 161 { 162 enum OID oid = look_up_OID(value, vlen); 163 164 if (oid != OID_TPMSealedData) { 165 char buffer[50]; 166 167 sprint_oid(value, vlen, buffer, sizeof(buffer)); 168 pr_debug("OID is \"%s\" which is not TPMSealedData\n", 169 buffer); 170 return -EINVAL; 171 } 172 173 return 0; 174 } 175 176 int tpm2_key_pub(void *context, size_t hdrlen, 177 unsigned char tag, 178 const void *value, size_t vlen) 179 { 180 struct tpm2_key_context *ctx = context; 181 182 ctx->pub = value; 183 ctx->pub_len = vlen; 184 185 return 0; 186 } 187 188 int tpm2_key_priv(void *context, size_t hdrlen, 189 unsigned char tag, 190 const void *value, size_t vlen) 191 { 192 struct tpm2_key_context *ctx = context; 193 194 ctx->priv = value; 195 ctx->priv_len = vlen; 196 197 return 0; 198 } 199 200 /** 201 * tpm2_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. 202 * 203 * @buf: an allocated tpm_buf instance 204 * @session_handle: session handle 205 * @nonce: the session nonce, may be NULL if not used 206 * @nonce_len: the session nonce length, may be 0 if not used 207 * @attributes: the session attributes 208 * @hmac: the session HMAC or password, may be NULL if not used 209 * @hmac_len: the session HMAC or password length, maybe 0 if not used 210 */ 211 static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, 212 const u8 *nonce, u16 nonce_len, 213 u8 attributes, 214 const u8 *hmac, u16 hmac_len) 215 { 216 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); 217 tpm_buf_append_u32(buf, session_handle); 218 tpm_buf_append_u16(buf, nonce_len); 219 220 if (nonce && nonce_len) 221 tpm_buf_append(buf, nonce, nonce_len); 222 223 tpm_buf_append_u8(buf, attributes); 224 tpm_buf_append_u16(buf, hmac_len); 225 226 if (hmac && hmac_len) 227 tpm_buf_append(buf, hmac, hmac_len); 228 } 229 230 /** 231 * tpm2_seal_trusted() - seal the payload of a trusted key 232 * 233 * @chip: TPM chip to use 234 * @payload: the key data in clear and encrypted form 235 * @options: authentication values and other options 236 * 237 * Return: < 0 on error and 0 on success. 238 */ 239 int tpm2_seal_trusted(struct tpm_chip *chip, 240 struct trusted_key_payload *payload, 241 struct trusted_key_options *options) 242 { 243 off_t offset = TPM_HEADER_SIZE; 244 struct tpm_buf buf, sized; 245 int blob_len = 0; 246 u32 hash; 247 u32 flags; 248 int i; 249 int rc; 250 251 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { 252 if (options->hash == tpm2_hash_map[i].crypto_id) { 253 hash = tpm2_hash_map[i].tpm_id; 254 break; 255 } 256 } 257 258 if (i == ARRAY_SIZE(tpm2_hash_map)) 259 return -EINVAL; 260 261 if (!options->keyhandle) 262 return -EINVAL; 263 264 rc = tpm_try_get_ops(chip); 265 if (rc) 266 return rc; 267 268 rc = tpm2_start_auth_session(chip); 269 if (rc) 270 goto out_put; 271 272 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); 273 if (rc) { 274 tpm2_end_auth_session(chip); 275 goto out_put; 276 } 277 278 rc = tpm_buf_init_sized(&sized); 279 if (rc) { 280 tpm_buf_destroy(&buf); 281 tpm2_end_auth_session(chip); 282 goto out_put; 283 } 284 285 tpm_buf_append_name(chip, &buf, options->keyhandle, NULL); 286 tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_DECRYPT, 287 options->keyauth, TPM_DIGEST_SIZE); 288 289 /* sensitive */ 290 tpm_buf_append_u16(&sized, options->blobauth_len); 291 292 if (options->blobauth_len) 293 tpm_buf_append(&sized, options->blobauth, options->blobauth_len); 294 295 tpm_buf_append_u16(&sized, payload->key_len); 296 tpm_buf_append(&sized, payload->key, payload->key_len); 297 tpm_buf_append(&buf, sized.data, sized.length); 298 299 /* public */ 300 tpm_buf_reset_sized(&sized); 301 tpm_buf_append_u16(&sized, TPM_ALG_KEYEDHASH); 302 tpm_buf_append_u16(&sized, hash); 303 304 /* key properties */ 305 flags = 0; 306 flags |= options->policydigest_len ? 0 : TPM2_OA_USER_WITH_AUTH; 307 flags |= payload->migratable ? 0 : (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT); 308 tpm_buf_append_u32(&sized, flags); 309 310 /* policy */ 311 tpm_buf_append_u16(&sized, options->policydigest_len); 312 if (options->policydigest_len) 313 tpm_buf_append(&sized, options->policydigest, options->policydigest_len); 314 315 /* public parameters */ 316 tpm_buf_append_u16(&sized, TPM_ALG_NULL); 317 tpm_buf_append_u16(&sized, 0); 318 319 tpm_buf_append(&buf, sized.data, sized.length); 320 321 /* outside info */ 322 tpm_buf_append_u16(&buf, 0); 323 324 /* creation PCR */ 325 tpm_buf_append_u32(&buf, 0); 326 327 if (buf.flags & TPM_BUF_OVERFLOW) { 328 rc = -E2BIG; 329 tpm2_end_auth_session(chip); 330 goto out; 331 } 332 333 tpm_buf_fill_hmac_session(chip, &buf); 334 rc = tpm_transmit_cmd(chip, &buf, 4, "sealing data"); 335 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 336 if (rc) 337 goto out; 338 339 blob_len = tpm_buf_read_u32(&buf, &offset); 340 if (blob_len > MAX_BLOB_SIZE || buf.flags & TPM_BUF_BOUNDARY_ERROR) { 341 rc = -E2BIG; 342 goto out; 343 } 344 if (buf.length - offset < blob_len) { 345 rc = -EFAULT; 346 goto out; 347 } 348 349 blob_len = tpm2_key_encode(payload, options, &buf.data[offset], blob_len); 350 351 out: 352 tpm_buf_destroy(&sized); 353 tpm_buf_destroy(&buf); 354 355 if (rc > 0) { 356 if (tpm2_rc_value(rc) == TPM2_RC_HASH) 357 rc = -EINVAL; 358 else 359 rc = -EPERM; 360 } 361 if (blob_len < 0) 362 rc = blob_len; 363 else 364 payload->blob_len = blob_len; 365 366 out_put: 367 tpm_put_ops(chip); 368 return rc; 369 } 370 371 /** 372 * tpm2_load_cmd() - execute a TPM2_Load command 373 * 374 * @chip: TPM chip to use 375 * @payload: the key data in clear and encrypted form 376 * @options: authentication values and other options 377 * @blob_handle: returned blob handle 378 * 379 * Return: 0 on success. 380 * -E2BIG on wrong payload size. 381 * -EPERM on tpm error status. 382 * < 0 error from tpm_send. 383 */ 384 static int tpm2_load_cmd(struct tpm_chip *chip, 385 struct trusted_key_payload *payload, 386 struct trusted_key_options *options, 387 u32 *blob_handle) 388 { 389 struct tpm_buf buf; 390 unsigned int private_len; 391 unsigned int public_len; 392 unsigned int blob_len; 393 u8 *blob, *pub; 394 int rc; 395 u32 attrs; 396 397 rc = tpm2_key_decode(payload, options, &blob); 398 if (rc) { 399 /* old form */ 400 blob = payload->blob; 401 payload->old_format = 1; 402 } 403 404 /* new format carries keyhandle but old format doesn't */ 405 if (!options->keyhandle) 406 return -EINVAL; 407 408 /* must be big enough for at least the two be16 size counts */ 409 if (payload->blob_len < 4) 410 return -EINVAL; 411 412 private_len = get_unaligned_be16(blob); 413 414 /* must be big enough for following public_len */ 415 if (private_len + 2 + 2 > (payload->blob_len)) 416 return -E2BIG; 417 418 public_len = get_unaligned_be16(blob + 2 + private_len); 419 if (private_len + 2 + public_len + 2 > payload->blob_len) 420 return -E2BIG; 421 422 pub = blob + 2 + private_len + 2; 423 /* key attributes are always at offset 4 */ 424 attrs = get_unaligned_be32(pub + 4); 425 426 if ((attrs & (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) == 427 (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) 428 payload->migratable = 0; 429 else 430 payload->migratable = 1; 431 432 blob_len = private_len + public_len + 4; 433 if (blob_len > payload->blob_len) 434 return -E2BIG; 435 436 rc = tpm2_start_auth_session(chip); 437 if (rc) 438 return rc; 439 440 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD); 441 if (rc) { 442 tpm2_end_auth_session(chip); 443 return rc; 444 } 445 446 tpm_buf_append_name(chip, &buf, options->keyhandle, NULL); 447 tpm_buf_append_hmac_session(chip, &buf, 0, options->keyauth, 448 TPM_DIGEST_SIZE); 449 450 tpm_buf_append(&buf, blob, blob_len); 451 452 if (buf.flags & TPM_BUF_OVERFLOW) { 453 rc = -E2BIG; 454 tpm2_end_auth_session(chip); 455 goto out; 456 } 457 458 tpm_buf_fill_hmac_session(chip, &buf); 459 rc = tpm_transmit_cmd(chip, &buf, 4, "loading blob"); 460 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 461 if (!rc) 462 *blob_handle = be32_to_cpup( 463 (__be32 *) &buf.data[TPM_HEADER_SIZE]); 464 465 out: 466 if (blob != payload->blob) 467 kfree(blob); 468 tpm_buf_destroy(&buf); 469 470 if (rc > 0) 471 rc = -EPERM; 472 473 return rc; 474 } 475 476 /** 477 * tpm2_unseal_cmd() - execute a TPM2_Unload command 478 * 479 * @chip: TPM chip to use 480 * @payload: the key data in clear and encrypted form 481 * @options: authentication values and other options 482 * @blob_handle: blob handle 483 * 484 * Return: 0 on success 485 * -EPERM on tpm error status 486 * < 0 error from tpm_send 487 */ 488 static int tpm2_unseal_cmd(struct tpm_chip *chip, 489 struct trusted_key_payload *payload, 490 struct trusted_key_options *options, 491 u32 blob_handle) 492 { 493 struct tpm_buf buf; 494 u16 data_len; 495 u8 *data; 496 int rc; 497 498 rc = tpm2_start_auth_session(chip); 499 if (rc) 500 return rc; 501 502 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL); 503 if (rc) { 504 tpm2_end_auth_session(chip); 505 return rc; 506 } 507 508 tpm_buf_append_name(chip, &buf, blob_handle, NULL); 509 510 if (!options->policyhandle) { 511 tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT, 512 options->blobauth, 513 options->blobauth_len); 514 } else { 515 /* 516 * FIXME: The policy session was generated outside the 517 * kernel so we don't known the nonce and thus can't 518 * calculate a HMAC on it. Therefore, the user can 519 * only really use TPM2_PolicyPassword and we must 520 * send down the plain text password, which could be 521 * intercepted. We can still encrypt the returned 522 * key, but that's small comfort since the interposer 523 * could repeat our actions with the exfiltrated 524 * password. 525 */ 526 tpm2_buf_append_auth(&buf, options->policyhandle, 527 NULL /* nonce */, 0, 0, 528 options->blobauth, options->blobauth_len); 529 tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT, 530 NULL, 0); 531 } 532 533 tpm_buf_fill_hmac_session(chip, &buf); 534 rc = tpm_transmit_cmd(chip, &buf, 6, "unsealing"); 535 rc = tpm_buf_check_hmac_response(chip, &buf, rc); 536 if (rc > 0) 537 rc = -EPERM; 538 539 if (!rc) { 540 data_len = be16_to_cpup( 541 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]); 542 if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE) { 543 rc = -EFAULT; 544 goto out; 545 } 546 547 if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) { 548 rc = -EFAULT; 549 goto out; 550 } 551 data = &buf.data[TPM_HEADER_SIZE + 6]; 552 553 if (payload->old_format) { 554 /* migratable flag is at the end of the key */ 555 memcpy(payload->key, data, data_len - 1); 556 payload->key_len = data_len - 1; 557 payload->migratable = data[data_len - 1]; 558 } else { 559 /* 560 * migratable flag already collected from key 561 * attributes 562 */ 563 memcpy(payload->key, data, data_len); 564 payload->key_len = data_len; 565 } 566 } 567 568 out: 569 tpm_buf_destroy(&buf); 570 return rc; 571 } 572 573 /** 574 * tpm2_unseal_trusted() - unseal the payload of a trusted key 575 * 576 * @chip: TPM chip to use 577 * @payload: the key data in clear and encrypted form 578 * @options: authentication values and other options 579 * 580 * Return: Same as with tpm_send. 581 */ 582 int tpm2_unseal_trusted(struct tpm_chip *chip, 583 struct trusted_key_payload *payload, 584 struct trusted_key_options *options) 585 { 586 u32 blob_handle; 587 int rc; 588 589 rc = tpm_try_get_ops(chip); 590 if (rc) 591 return rc; 592 593 rc = tpm2_load_cmd(chip, payload, options, &blob_handle); 594 if (rc) 595 goto out; 596 597 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle); 598 tpm2_flush_context(chip, blob_handle); 599 600 out: 601 tpm_put_ops(chip); 602 603 return rc; 604 } 605