From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.23011.1641761915228559305 for ; Sun, 09 Jan 2022 12:58:35 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: joseph.hemann@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id E1480106F; Sun, 9 Jan 2022 12:58:34 -0800 (PST) Received: from u203013-lin.austin.arm.com (u203013-lin.austin.arm.com [10.118.28.29]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id D7EC13F766; Sun, 9 Jan 2022 12:58:34 -0800 (PST) From: "Joseph Hemann" To: devel@edk2.groups.io Cc: nd@arm.com, Joseph Hemann Subject: [PATCH 6/6] uefi-sct/SctPkg: TCG2 Protocol: add SubmitCommand test Date: Sun, 9 Jan 2022 14:58:27 -0600 Message-Id: <20220109205827.3608758-7-Joseph.hemann@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220109205827.3608758-1-Joseph.hemann@arm.com> References: <20220109205827.3608758-1-Joseph.hemann@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable -add initial TCG2 protocol test for SubmitCommand() -checkpoint for test function with TPM2_Hash Command V2: -Change command submitted from GetRandom to TPM2_HASH -combined to 2 assertions into 1 Signed-off-by: Joseph Hemann Change-Id: Ibab68cae1d49953d1076c5628ea80319ba7ca831 --- .../EFI/Protocol/TCG2/BlackBoxTest/Guid.c | 2 + .../EFI/Protocol/TCG2/BlackBoxTest/Guid.h | 5 + .../TCG2/BlackBoxTest/TCG2ProtocolBBTest.h | 70 +++++++ .../TCG2ProtocolBBTestConformance.c | 172 ++++++++++++++++++ .../BlackBoxTest/TCG2ProtocolBBTestMain.c | 9 + 5 files changed, 258 insertions(+) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/G= uid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.c index b5a4e5c7..87541743 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.c @@ -57,3 +57,5 @@ EFI_GUID gTcg2ConformanceTestAssertionGuid013 =3D EFI_TES= T_TCG2CONFORMANCE_ASSERTI EFI_GUID gTcg2ConformanceTestAssertionGuid014 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_014_GUID;=0D =0D EFI_GUID gTcg2ConformanceTestAssertionGuid015 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_015_GUID;=0D +=0D +EFI_GUID gTcg2ConformanceTestAssertionGuid016 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_016_GUID;=0D diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/G= uid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.h index d3a18aee..507cecc6 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.h @@ -100,3 +100,8 @@ extern EFI_GUID gTcg2ConformanceTestAssertionGuid014; { 0xa76d2903, 0xbbcc, 0x8a72, {0x90, 0x23, 0xd3, 0xaa, 0xba, 0xb1, 0x52, 0= x13 }}=0D=0D =0D extern EFI_GUID gTcg2ConformanceTestAssertionGuid015;=0D +=0D +#define EFI_TEST_TCG2CONFORMANCE_ASSERTION_016_GUID \=0D +{ 0x1689bc3a, 0x2298, 0xa116, {0x28, 0x4c, 0xc1, 0xdd, 0xaa, 0xd8, 0xef, 0= x51 }}=0D=0D +=0D +extern EFI_GUID gTcg2ConformanceTestAssertionGuid016;=0D diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/T= CG2ProtocolBBTest.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/Black= BoxTest/TCG2ProtocolBBTest.h index d9c23094..c8684f79 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTest.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTest.h @@ -43,6 +43,9 @@ Abstract: #define EFI_TCG2_PROTOCOL_TEST_ENTRY_GUID0103 \=0D {0x907a7878, 0xb294, 0xf147, {0xe9, 0x0a, 0x65, 0x43, 0xab, 0x55, 0x76, 0= x46} }=0D =0D +#define EFI_TCG2_PROTOCOL_TEST_ENTRY_GUID0104 \=0D + {0x9087ad78, 0x9ad2, 0x4172, {0x9a, 0xbc, 0x98, 0x23, 0x08, 0xf5, 0x6d, 0= x26} }=0D +=0D #define EV_POST_CODE 0x01=0D =0D #define EV_NO_ACTION 0x03=0D=0D @@ -51,6 +54,61 @@ Abstract: =0D #define PE_COFF_IMAGE 0x0000000000000010=0D =0D +// ST_NO_SESSION as definied in Table 19 of TPM Library Part 2: Structures= =0D=0D +#define ST_NO_SESSIONS (UINT16) 0x8001=0D=0D +=0D=0D +// TPM_RC_SUCCESS as definied in Table 16 of TPM Library Spec Part 2: Stru= ctures=0D=0D +#define TPM_RC_SUCCESS (UINT32) 0x0000000=0D=0D +=0D=0D +// TPM_CC_Hash as definied in Table 12 of TPM Library Spec Part 2: Structu= res=0D=0D +#define TPM_CC_Hash (UINT32)(0x0000017D)=0D +=0D +#define TPM_RH_NULL (UINT32) 0x40000007=0D +=0D +#define TPM_ALG_SHA256 (UINT16) 0x000B=0D +=0D +#define SHA256_LENGTH (UINT16) 0x0020=0D +=0D +#pragma pack(1)=0D=0D +// TPM2B_MAX_BUFFER as definied in Table 86 of TPM Library Spec Part 2: St= ructures=0D=0D +typedef struct {=0D=0D + UINT16 size;=0D=0D + UINT8 digest[5]; // Size of buffer in spec is defined to be variable l= ength but for this test will always be 5=0D=0D +} TPM2B_MAX_BUFFER;=0D=0D +=0D=0D +#pragma pack(1)=0D=0D +// TPM2B_DIGEST as definied in Table 73 of TPM Library Spec Part 2: Struct= ures=0D=0D +typedef struct {=0D=0D + UINT16 size;=0D=0D + UINT8 digest[32]; // Size of buffer in spec is defined to be variable = length but for this test will always be 32=0D=0D +} TPM2B_DIGEST;=0D=0D +=0D +typedef struct {=0D + UINT16 tag;=0D + UINT32 hierarchy;=0D + UINT16 digest; //Size of buffer in spec is defined to be vari= able length but for this test will always be UINT16=0D +} TPMT_TK_HASHCHECK;=0D +=0D +// TPM2_Hash command Structure as defined in Sectin 15.4 of TPM Spec Part = 3: Commands=0D=0D +typedef struct {=0D + UINT16 Tag;=0D + UINT32 CommandSize;=0D + UINT32 CommandCode;=0D + TPM2B_MAX_BUFFER data;=0D + UINT16 hashAlg;=0D + UINT32 hierarchy;=0D +} TPM2_HASH_COMMAND;=0D +=0D +// TPM2_Hash Response Structure as defined in Sectin 15.4 of TPM Spec Part= 3: Commands=0D=0D +typedef struct {=0D=0D + UINT16 Tag;=0D=0D + UINT32 ResponseSize;=0D=0D + UINT32 ResponseCode;=0D=0D + TPM2B_DIGEST data;=0D=0D + TPMT_TK_HASHCHECK validation;=0D +} TPM2_HASH_RESPONSE;=0D=0D +#pragma=0D=0D +=0D EFI_STATUS=0D EFIAPI=0D BBTestTCG2ProtocolUnload (=0D @@ -111,6 +169,11 @@ BBTestGetEventLogConformanceTestCheckpoint2 ( IN EFI_TCG2_PROTOCOL *TCG2=0D=0D );=0D=0D =0D=0D +EFI_STATUS=0D=0D +BBTestSubmitCommandConformanceTestCheckpoint1 (=0D=0D + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,=0D=0D + IN EFI_TCG2_PROTOCOL *TCG2=0D=0D + );=0D=0D =0D EFI_STATUS=0D BBTestGetCapabilityConformanceTest (=0D @@ -136,3 +199,10 @@ BBTestHashLogExtendEventConformanceTest ( IN EFI_HANDLE SupportHandle=0D );=0D =0D +EFI_STATUS=0D +BBTestSubmitCommandConformanceTest (=0D + IN EFI_BB_TEST_PROTOCOL *This,=0D + IN VOID *ClientInterface,=0D + IN EFI_TEST_LEVEL TestLevel,=0D + IN EFI_HANDLE SupportHandle=0D + );=0D diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/T= CG2ProtocolBBTestConformance.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol= /TCG2/BlackBoxTest/TCG2ProtocolBBTestConformance.c index a7bec793..c77828df 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTestConformance.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTestConformance.c @@ -192,6 +192,56 @@ BBTestHashLogExtendEventConformanceTest ( return EFI_SUCCESS;=0D }=0D =0D +/**=0D + * @brief Entrypoint for SubmitCommand() Function Test.=0D + * 1 checkpoint will be tested.=0D + * @param This a pointer of EFI_BB_TEST_PROTOCOL=0D + * @param ClientInterface A pointer to the interface array under test=0D + * @param TestLevel Test "thoroughness" control=0D + * @param SupportHandle A handle containing protocols required=0D + * @return EFI_SUCCESS=0D + * @return EFI_NOT_FOUND=0D + */=0D +=0D +EFI_STATUS=0D +BBTestSubmitCommandConformanceTest (=0D + IN EFI_BB_TEST_PROTOCOL *This,=0D + IN VOID *ClientInterface,=0D + IN EFI_TEST_LEVEL TestLevel,=0D + IN EFI_HANDLE SupportHandle=0D + )=0D +{=0D + EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib;=0D + EFI_STATUS Status;=0D + EFI_TCG2_PROTOCOL *TCG2;=0D + + //=0D + // init=0D + //=0D + TCG2 =3D (EFI_TCG2_PROTOCOL*)ClientInterface;=0D + + // Ensure Protocol not NULL + if (TCG2 =3D=3D NULL) + return EFI_UNSUPPORTED; + + // + // Get the Standard Library Interface=0D + //=0D + Status =3D gtBS->HandleProtocol (=0D + SupportHandle,=0D + &gEfiStandardTestLibraryGuid,=0D + (VOID **) &StandardLib=0D + );=0D + if (EFI_ERROR(Status)) {=0D + return Status;=0D + }=0D +=0D + // Test GetRandom TPM Command=0D + BBTestSubmitCommandConformanceTestCheckpoint1 (StandardLib, TCG2);=0D +=0D + return EFI_SUCCESS;=0D +}=0D + EFI_STATUS=0D BBTestGetCapabilityConformanceTestCheckpoint1 (=0D IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,=0D @@ -961,3 +1011,125 @@ BBTestGetEventLogConformanceTestCheckpoint2 ( =20 return EFI_SUCCESS;=0D }=0D + +// Expected SHA256 Hash for input "hello" +UINT8 Tpm2HashOut[32] =3D {0x2c,0xf2,0x4d,0xba,0x5f,0xb0,0xa3,0x0e,0x26,0x= e8,0x3b,0x2a,0xc5,0xb9,0xe2,0x9e,\ +0x1b,0x16,0x1e,0x5c,0x1f,0xa7,0x42,0x5e,0x73,0x04,0x33,0x62,0x93,0x8b,0x98= ,0x24}; + +EFI_STATUS +BBTestSubmitCommandConformanceTestCheckpoint1 (=0D + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,=0D + IN EFI_TCG2_PROTOCOL *TCG2=0D + )=0D +{=0D + EFI_TEST_ASSERTION AssertionType;=0D + EFI_STATUS Status;=0D + TPM2_HASH_RESPONSE CommandResponse;=0D + TPM2_HASH_COMMAND CommandInput;=0D + char *Str =3D"hello"; + + // Build TPM2 Hash commmand to hash string "hello" + CommandInput.Tag =3D SctSwapBytes16(ST_NO_SESSIONS);=0D + CommandInput.CommandSize =3D SctSwapBytes32(sizeof(TPM2_HASH_COMMAND));= =0D + CommandInput.CommandCode =3D SctSwapBytes32(TPM_CC_Hash);=0D + CommandInput.data.size =3D SctSwapBytes16(SctAsciiStrLen(Str));=0D + SctAsciiStrCpy(CommandInput.data.digest, Str); + CommandInput.hashAlg =3D SctSwapBytes16(TPM_ALG_SHA256);=0D + CommandInput.hierarchy =3D SctSwapBytes32(TPM_RH_NULL);=0D +=0D + // allocate buffer for response=0D + SctZeroMem(&CommandResponse, sizeof(TPM2_HASH_RESPONSE));=0D + + Status =3D TCG2->SubmitCommand (=0D + TCG2,=0D + sizeof(TPM2_HASH_COMMAND),=0D + &CommandInput,=0D + sizeof(TPM2_HASH_RESPONSE),=0D + &CommandResponse);=0D + + + AssertionType =3D EFI_TEST_ASSERTION_PASSED;=0D + + // Verify SubmitCommand returns EFI_SUCCESS=0D + if (Status !=3D EFI_SUCCESS) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol SubmitCommand Test: SubmitCommand= should return EFI_SUCCESS, Status =3D %r",=0D + Status=0D + );=0D + + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + } + + // Verify SubmitCommand returns correct Response Tag=0D + if (SctSwapBytes16(CommandResponse.Tag) !=3D ST_NO_SESSIONS) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol SubmitCommand Test: SubmitCommand= should return ST_NO_SESSIONS response Tag"=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + // Verify SubmitCommand returns correct Response Code=0D + if (SctSwapBytes32(CommandResponse.ResponseCode) !=3D TPM_RC_SUCCESS) {= =0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol SubmitCommand Test: SubmitCommand= should return Correct ResponseCode, ResponseCode =3D %x",=0D + SctSwapBytes32(CommandResponse.ResponseCode)=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + + // Verify SubmitCommand returns correct Response Size=0D + if (SctSwapBytes32(CommandResponse.ResponseSize) !=3D sizeof(TPM2_HASH_R= ESPONSE)) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol SubmitCommand Test: SubmitCommand= should return Correct ResponseSize, Size =3D %x",=0D + SctSwapBytes32(CommandResponse.ResponseSize)=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + // Check that the size of the buffer returned is size of SHA256 hash=0D + if (SctSwapBytes16(CommandResponse.data.size) !=3D 32) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol SubmitCommand Test: SubmitCommand= should return correct size digest for SHA256, Size =3D %x",=0D + SctSwapBytes16(CommandResponse.data.size)=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + // Ensure Hash returned matches expected response for input=0D + if (0 !=3D SctCompareMem(Tpm2HashOut, CommandResponse.data.digest, SHA25= 6_LENGTH) ) { + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D L"\r\n= TCG2 Protocol SubmitCommand Test: SubmitCommand should return expected Hash= for data that was hashed." + ); + + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + } + + StandardLib->RecordAssertion (=0D + StandardLib,=0D + AssertionType, + gTcg2ConformanceTestAssertionGuid016,=0D + L"EFI_TCG2_PROTOCOL. SubmitComand() - SubmitCommand() sha= ll populate the response buffer and return with a status of EFI_SUCCESS whe= n valid command parameters are passed in.", + L"%a:%d: Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS;=0D +}=0D diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/T= CG2ProtocolBBTestMain.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/B= lackBoxTest/TCG2ProtocolBBTestMain.c index 892fce26..48a8a450 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTestMain.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTestMain.c @@ -65,6 +65,15 @@ EFI_BB_TEST_ENTRY_FIELD gBBTestEntryField[] =3D { EFI_TEST_CASE_AUTO,=0D BBTestHashLogExtendEventConformanceTest=0D },=0D + {=0D=0D + EFI_TCG2_PROTOCOL_TEST_ENTRY_GUID0104,=0D=0D + L"SubmitCommand_Conf",=0D=0D + L"Test the SubmitCommmand API",=0D=0D + EFI_TEST_LEVEL_DEFAULT,=0D=0D + gSupportProtocolGuid1,=0D=0D + EFI_TEST_CASE_AUTO,=0D=0D + BBTestSubmitCommandConformanceTest=0D=0D + },=0D=0D 0=0D };=0D =0D --=20 2.25.1