| Brad Bishop | 316dfdd | 2018-06-25 12:45:53 -0400 | [diff] [blame] | 1 | diff --git a/tpm/tpm_cmd_handler.c b/tpm/tpm_cmd_handler.c |
| 2 | index 69511d1..7545d51 100644 |
| 3 | --- a/tpm/tpm_cmd_handler.c |
| 4 | +++ b/tpm/tpm_cmd_handler.c |
| 5 | @@ -3347,12 +3347,13 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) |
| 6 | { |
| 7 | TPM_NONCE nonce; |
| 8 | TPM_RESULT res; |
| 9 | - UINT32 sigSize; |
| 10 | - BYTE *sig; |
| 11 | + UINT32 quote_blob_size; |
| 12 | + BYTE *quote_blob; |
| 13 | BYTE *ptr; |
| 14 | UINT32 len; |
| 15 | TPM_PCR_SELECTION myPCR; |
| 16 | TPM_PCR_SELECTION ptPCR; |
| 17 | + UINT32 extraInfoFlags = 0; |
| 18 | |
| 19 | tpm_compute_in_param_digest(req); |
| 20 | |
| 21 | @@ -3361,17 +3362,19 @@ static TPM_RESULT execute_TPM_DeepQuote(TPM_REQUEST *req, TPM_RESPONSE *rsp) |
| 22 | if (tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonce) |
| 23 | || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &myPCR) |
| 24 | || tpm_unmarshal_TPM_PCR_SELECTION(&ptr, &len, &ptPCR) |
| 25 | + || tpm_unmarshal_TPM_DEEP_QUOTE_INFO(&ptr, &len, &extraInfoFlags) |
| 26 | || len != 0) return TPM_BAD_PARAMETER; |
| 27 | |
| 28 | - res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, &sigSize, &sig); |
| 29 | + res = TPM_DeepQuote(&nonce, &myPCR, &ptPCR, &req->auth1, extraInfoFlags, |
| 30 | + "e_blob_size, "e_blob); |
| 31 | if (res != TPM_SUCCESS) return res; |
| 32 | - rsp->paramSize = len = sigSize; |
| 33 | + rsp->paramSize = len = quote_blob_size; |
| 34 | rsp->param = ptr = tpm_malloc(len); |
| 35 | - if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, sig, sigSize)) { |
| 36 | + if (ptr == NULL || tpm_marshal_BLOB(&ptr, &len, quote_blob, quote_blob_size)) { |
| 37 | tpm_free(rsp->param); |
| 38 | res = TPM_FAIL; |
| 39 | } |
| 40 | - tpm_free(sig); |
| 41 | + tpm_free(quote_blob); |
| 42 | |
| 43 | return res; |
| 44 | } |
| 45 | diff --git a/tpm/tpm_commands.h b/tpm/tpm_commands.h |
| 46 | index 328d1be..a56dd5f 100644 |
| 47 | --- a/tpm/tpm_commands.h |
| 48 | +++ b/tpm/tpm_commands.h |
| 49 | @@ -3077,6 +3077,7 @@ TPM_RESULT TPM_ParentSignEK( |
| 50 | * @myPCR: [in] PCR selection for the virtual TPM |
| 51 | * @ptPCR: [in] PCR selection for the hardware TPM |
| 52 | * @auth1: [in, out] Authorization protocol parameters |
| 53 | + * @extraInfoFlags [in] Flags for including, kernel hash, group info, etc |
| 54 | * @sigSize: [out] The length of the returned digital signature |
| 55 | * @sig: [out] The resulting digital signature and PCR values |
| 56 | * Returns: TPM_SUCCESS on success, a TPM error code otherwise. |
| 57 | @@ -3086,6 +3087,7 @@ TPM_RESULT TPM_DeepQuote( |
| 58 | TPM_PCR_SELECTION *myPCR, |
| 59 | TPM_PCR_SELECTION *ptPCR, |
| 60 | TPM_AUTH *auth1, |
| 61 | + UINT32 extraInfoFlags, |
| 62 | UINT32 *sigSize, |
| 63 | BYTE **sig |
| 64 | ); |
| 65 | diff --git a/tpm/tpm_credentials.c b/tpm/tpm_credentials.c |
| 66 | index c0d62e7..6586c22 100644 |
| 67 | --- a/tpm/tpm_credentials.c |
| 68 | +++ b/tpm/tpm_credentials.c |
| 69 | @@ -183,7 +183,8 @@ TPM_RESULT TPM_OwnerReadInternalPub(TPM_KEY_HANDLE keyHandle, TPM_AUTH *auth1, |
| 70 | |
| 71 | int endorsementKeyFresh = 0; |
| 72 | |
| 73 | -TPM_RESULT VTPM_GetParentQuote(TPM_DIGEST* data, TPM_PCR_SELECTION *sel, UINT32 *sigSize, BYTE **sig); |
| 74 | +TPM_RESULT VTPM_GetParentQuote(TPM_NONCE *data, TPM_PCR_SELECTION *sel, |
| 75 | + UINT32 extraInfoFlags, UINT32 *sigSize, BYTE **sig); |
| 76 | |
| 77 | TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, |
| 78 | TPM_AUTH *auth1, UINT32 *sigSize, BYTE **sig) |
| 79 | @@ -191,7 +192,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, |
| 80 | TPM_PUBKEY pubKey; |
| 81 | TPM_RESULT res; |
| 82 | TPM_DIGEST hres; |
| 83 | - |
| 84 | + UINT32 extraInfoFlags = 0; |
| 85 | info("TPM_ParentSignEK()"); |
| 86 | |
| 87 | res = tpm_verify_auth(auth1, tpmData.permanent.data.ownerAuth, TPM_KH_OWNER); |
| 88 | @@ -206,7 +207,7 @@ TPM_RESULT TPM_ParentSignEK(TPM_NONCE *externalData, TPM_PCR_SELECTION *sel, |
| 89 | res = TPM_FAIL; |
| 90 | |
| 91 | if (res == TPM_SUCCESS) |
| 92 | - res = VTPM_GetParentQuote(&hres, sel, sigSize, sig); |
| 93 | + res = VTPM_GetParentQuote((TPM_NONCE*)&hres, sel, extraInfoFlags, sigSize, sig); |
| 94 | |
| 95 | free_TPM_PUBKEY(pubKey); |
| 96 | return res; |
| 97 | @@ -218,7 +219,7 @@ static const BYTE dquot_hdr[] = { |
| 98 | |
| 99 | TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, |
| 100 | TPM_PCR_SELECTION *ptPCR, TPM_AUTH *auth1, |
| 101 | - UINT32 *sigSize, BYTE **sig) |
| 102 | + UINT32 extraInfoFlags, UINT32 *quote_blob_size, BYTE **quote_blob) |
| 103 | { |
| 104 | TPM_RESULT res; |
| 105 | TPM_DIGEST hres; |
| 106 | @@ -253,7 +254,7 @@ TPM_RESULT TPM_DeepQuote(TPM_NONCE *externalData, TPM_PCR_SELECTION *myPCR, |
| 107 | |
| 108 | tpm_free(buf); |
| 109 | |
| 110 | - res = VTPM_GetParentQuote(&hres, ptPCR, sigSize, sig); |
| 111 | + res = VTPM_GetParentQuote((TPM_NONCE*)&hres, ptPCR, extraInfoFlags, quote_blob_size, quote_blob); |
| 112 | |
| 113 | return res; |
| 114 | } |
| 115 | diff --git a/tpm/tpm_marshalling.h b/tpm/tpm_marshalling.h |
| 116 | index d510ebe..2e0c008 100644 |
| 117 | --- a/tpm/tpm_marshalling.h |
| 118 | +++ b/tpm/tpm_marshalling.h |
| 119 | @@ -268,6 +268,8 @@ static inline int tpm_unmarshal_BOOL(BYTE **ptr, UINT32 *length, BOOL *v) |
| 120 | #define tpm_unmarshal_TPM_REDIR_COMMAND tpm_unmarshal_UINT32 |
| 121 | #define tpm_marshal_DAAHANDLE tpm_marshal_UINT32 |
| 122 | #define tpm_unmarshal_DAAHANDLE tpm_unmarshal_UINT32 |
| 123 | +#define tpm_marshal_TPM_DEEP_QUOTE_INFO tpm_marshal_UINT32 |
| 124 | +#define tpm_unmarshal_TPM_DEEP_QUOTE_INFO tpm_unmarshal_UINT32 |
| 125 | |
| 126 | int tpm_marshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); |
| 127 | int tpm_unmarshal_UINT32_ARRAY(BYTE **ptr, UINT32 *length, UINT32 *v, UINT32 n); |