tpm_nvdefinespace: add support for PCR sealing

 This patch adds the ability to seal an NVRAM area to PCR states for
both reading and writing. PCR indices are passed in two ways.

 1. Repeatedly using the -r (read PCR state) and -w (write PCR state)
options. This will cause tpm_nvdefine to read the current PCR value from
the TPM and use that to lock the NV area for reading or writing.

 2. Using the -f option to pass a file containing PCR values. The format
of the file is this:

  [r/w] [PCR index] [Hash value in ascii hex]

example:
  r 12 00112233445566778899AABBCCDDEEFF001122233
  w 15 00112233445566778899AABBCCDDEEFF001122233

  This would lock the NVRAM area such that PCR 12 must have the listed
hash value in order to be read, and PCR 15 such that it must have the
same hash value to be written.

Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>

Author: Kent Yoder

src/tpm_mgmt/tpm_nvdefine.c

@@ -19,6 +19,8 @@
  * http://www.opensource.org/licenses/cpl1.0.php.
  */
 
+#include <stdio.h>
+#include <errno.h>
 #include <limits.h>
 
 #include "tpm_tspi.h"
@@ -36,6 +38,11 @@ static const char *datapass;
 static BOOL dataWellKnown;
 static BOOL askDataPass;
 static int end;
+static UINT32 selectedPcrsRead[24];
+static UINT32 selectedPcrsWrite[24];
+static UINT32 selectedPcrsReadLen = 0;
+static UINT32 selectedPcrsWriteLen = 0;
+static const char *filename;
 
 TSS_HCONTEXT hContext = 0;
 
@@ -101,6 +108,24 @@ static int parse(const int aOpt, const char *aArg)
 		useUnicode = TRUE;
 		break;
 
+	case 'r':
+		if (aArg && atoi(aArg) >= 0 && atoi(aArg) < 24) {
+			selectedPcrsRead[selectedPcrsReadLen++] = atoi(aArg);
+		} else
+			return -1;
+		break;
+
+	case 'w':
+		if (aArg && atoi(aArg) >= 0 && atoi(aArg) < 24) {
+			selectedPcrsWrite[selectedPcrsWriteLen++] = atoi(aArg);
+		} else
+			return -1;
+		break;
+
+	case 'f':
+		filename = aArg;
+		break;
+
 	default:
 		return -1;
 	}
@@ -123,12 +148,92 @@ static void help(const char* aCmd)
 	logNVIndexCmdOption();
 	logCmdOption("-s, --size",
 		     _("Size of the NVRAM area"));
+	logCmdOption("-r, --rpcrs",
+		     _("PCRs to seal the NVRAM area to for reading (use multiple times)"));
+	logCmdOption("-w, --wpcrs",
+		     _("PCRs to seal the NVRAM area to for writing (use multiple times)"));
+	logCmdOption("-f, --filename",
+		     _("File containing PCR info for the NVRAM area"));
+
 	logCmdOption("-p, --permissions",
 		     _("Permissions of the NVRAM area"));
-
         displayStringsAndValues(permvalues, "                ");
 }
 
+void logInvalidPcrInfoFile()
+{
+	logError(_("Invalid PCR info file. Format is:\n"
+		 "[r/w] [PCR IDX] [SHA-1 ascii]\n\nExample:\n"
+		 "r 9 00112233445566778899AABBCCDDEEFF00112233"));
+}
+
+int
+parseNVPermsFile(FILE *f, TSS_HCONTEXT *hContext, TSS_HNVSTORE *nvObject,
+		 TSS_HPCRS *hPcrsRead, TSS_HPCRS *hPcrsWrite)
+{
+	UINT32 pcrSize;
+	char rw;
+	unsigned int pcr, n;
+	char hash_ascii[65], hash_bin[32], save;
+	int rc = -1;
+
+	while (!feof(f)) {
+		errno = 0;
+		n = fscanf(f, "%c %u %s\n", &rw, &pcr, hash_ascii);
+		if (n != 3) {
+			logInvalidPcrInfoFile();
+			goto out;
+		} else if (errno != 0) {
+			perror("fscanf");
+			goto out;
+		}
+
+		if (rw != 'r' && rw != 'w') {
+			logInvalidPcrInfoFile();
+			goto out;
+		}
+
+		if (pcr > 15) {
+			logError(_("Cannot seal NVRAM area to PCR > 15\n"));
+			goto out;
+		}
+
+		for (n = 0; n < strlen(hash_ascii); n += 2) {
+			save = hash_ascii[n + 2];
+			hash_ascii[n + 2] = '\0';
+			hash_bin[n/2] = strtoul(&hash_ascii[n], NULL, 16);
+			hash_ascii[n + 2] = save;
+		}
+		pcrSize = n/2;
+
+		if (rw == 'r') {
+			if (*hPcrsRead == NULL_HPCRS)
+				if (contextCreateObject(*hContext, TSS_OBJECT_TYPE_PCRS,
+							TSS_PCRS_STRUCT_INFO_SHORT,
+							hPcrsRead) != TSS_SUCCESS)
+					goto out;
+
+			if (pcrcompositeSetPcrValue(*hPcrsRead, pcr, pcrSize, (BYTE *)hash_bin)
+					!= TSS_SUCCESS)
+				goto out;
+		} else {
+			if (*hPcrsWrite == NULL_HPCRS)
+				if (contextCreateObject(*hContext, TSS_OBJECT_TYPE_PCRS,
+							TSS_PCRS_STRUCT_INFO_SHORT,
+							hPcrsWrite) != TSS_SUCCESS)
+					goto out;
+
+			if (pcrcompositeSetPcrValue(*hPcrsWrite, pcr, pcrSize, (BYTE *)hash_bin)
+					!= TSS_SUCCESS)
+				goto out;
+		}
+	}
+
+	rc = 0;
+out:
+	return rc;
+}
+
 int main(int argc, char **argv)
 {
 	TSS_HTPM hTpm;
@@ -139,22 +244,29 @@ int main(int argc, char **argv)
 	BYTE well_known_secret[] = TSS_WELL_KNOWN_SECRET;
 	int opswd_len = -1;
 	int dpswd_len = -1;
+	TSS_HPCRS hPcrsRead = 0, hPcrsWrite = 0;
 	struct option hOpts[] = {
 		{"index"           , required_argument, NULL, 'i'},
 		{"size"            , required_argument, NULL, 's'},
 		{"permissions"     , required_argument, NULL, 'p'},
+		{"rpcrs"           , required_argument, NULL, 'r'},
+		{"wpcrs"           , required_argument, NULL, 'w'},
+		{"filename"        , required_argument, NULL, 'f'},
 		{"pwdo"            , optional_argument, NULL, 'o'},
 		{"pwda"            , optional_argument, NULL, 'a'},
 		{"use-unicode"     ,       no_argument, NULL, 'u'},
 		{"data-well-known" ,       no_argument, NULL, 'z'},
 		{"owner-well-known",       no_argument, NULL, 'y'},
 		{NULL              ,       no_argument, NULL, 0},
 	};
+	TSS_FLAG initFlag = TSS_PCRS_STRUCT_INFO_SHORT;
+	UINT32 localityValue = TPM_LOC_ZERO | TPM_LOC_ONE | TPM_LOC_TWO |
+			       TPM_LOC_THREE | TPM_LOC_FOUR;
 
 	initIntlSys();
 
 	if (genericOptHandler
-		    (argc, argv, "i:s:p:o:a:yzu", hOpts,
+		    (argc, argv, "i:s:p:o:a:r:w:f:yzu", hOpts,
 		     sizeof(hOpts) / sizeof(struct option), parse, help) != 0)
 		goto out;
 
@@ -269,8 +381,85 @@ int main(int argc, char **argv)
 				 nvsize) != TSS_SUCCESS)
 		goto out_close_obj;
 
-	if (NVDefineSpace(nvObject, (TSS_HPCRS)0, (TSS_HPCRS)0) !=
-	    TSS_SUCCESS)
+	if (selectedPcrsReadLen) {
+		UINT32 pcrSize;
+		BYTE *pcrValue;
+		UINT32 i;
+
+		for (i = 0; i < selectedPcrsReadLen; i++) {
+			if (selectedPcrsRead[i] > 15) {
+				logError(_("Cannot seal NVRAM area to PCR > 15\n"));
+				goto out_close;
+			}
+		}
+
+		if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag,
+					&hPcrsRead) != TSS_SUCCESS)
+			goto out_close;
+
+		for (i = 0; i < selectedPcrsReadLen; i++) {
+			if (tpmPcrRead(hTpm, selectedPcrsRead[i], &pcrSize, &pcrValue) !=
+			    TSS_SUCCESS)
+				goto out_close;
+
+			if (pcrcompositeSetPcrValue(hPcrsRead, selectedPcrsRead[i],
+						    pcrSize, pcrValue)
+					!= TSS_SUCCESS)
+				goto out_close;
+		}
+	}
+
+	if (selectedPcrsWriteLen) {
+		UINT32 pcrSize;
+		BYTE *pcrValue;
+		UINT32 i;
+
+		for (i = 0; i < selectedPcrsWriteLen; i++) {
+			if (selectedPcrsWrite[i] > 15) {
+				logError(_("Cannot seal NVRAM area to PCR > 15\n"));
+				goto out_close;
+			}
+		}
+
+		if (contextCreateObject(hContext, TSS_OBJECT_TYPE_PCRS, initFlag,
+					&hPcrsWrite) != TSS_SUCCESS)
+			goto out_close;
+
+		for (i = 0; i < selectedPcrsWriteLen; i++) {
+			if (tpmPcrRead(hTpm, selectedPcrsWrite[i], &pcrSize, &pcrValue) !=
+			    TSS_SUCCESS)
+				goto out_close;
+
+			if (pcrcompositeSetPcrValue(hPcrsWrite, selectedPcrsWrite[i],
+						    pcrSize, pcrValue)
+					!= TSS_SUCCESS)
+				goto out_close;
+		}
+	}
+
+	if (filename) {
+		FILE *f;
+
+		f = fopen(filename, "r");
+		if (!f) {
+			logError(_("Could not access file '%s'\n"), filename);
+			goto out_close_obj;
+		}
+
+		if (parseNVPermsFile(f, &hContext, &nvObject, &hPcrsRead, &hPcrsWrite)
+		    != TSS_SUCCESS)
+			goto out_close_obj;
+	}
+
+	if (hPcrsRead)
+		if (pcrcompositeSetPcrLocality(hPcrsRead, localityValue) != TSS_SUCCESS)
+			goto out_close;
+
+	if (hPcrsWrite)
+		if (pcrcompositeSetPcrLocality(hPcrsWrite, localityValue) != TSS_SUCCESS)
+			goto out_close;
+
+	if (NVDefineSpace(nvObject, hPcrsRead, hPcrsWrite) != TSS_SUCCESS)
 		goto out_close;
 
 	logMsg(_("Successfully created NVRAM area at index 0x%x (%u).\n"),