1 /* Microsoft Reference Implementation for TPM 2.0
2  *
3  *  The copyright in this software is being made available under the BSD License,
4  *  included below. This software may be subject to other third party and
5  *  contributor rights, including patent rights, and no such rights are granted
6  *  under this license.
7  *
8  *  Copyright (c) Microsoft Corporation
9  *
10  *  All rights reserved.
11  *
12  *  BSD License
13  *
14  *  Redistribution and use in source and binary forms, with or without modification,
15  *  are permitted provided that the following conditions are met:
16  *
17  *  Redistributions of source code must retain the above copyright notice, this list
18  *  of conditions and the following disclaimer.
19  *
20  *  Redistributions in binary form must reproduce the above copyright notice, this
21  *  list of conditions and the following disclaimer in the documentation and/or
22  *  other materials provided with the distribution.
23  *
24  *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
25  *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26  *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
27  *  DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
28  *  ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
29  *  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
30  *  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
31  *  ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32  *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33  *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34  */
35 //** Introduction
36 // The functions in this file are designed to support self-test of cryptographic
37 // functions in the TPM. The TPM allows the user to decide whether to run self-test
38 // on a demand basis or to run all the self-tests before proceeding.
39 //
40 // The self-tests are controlled by a set of bit vectors. The
41 // 'g_untestedDecryptionAlgorithms' vector has a bit for each decryption algorithm
42 // that needs to be tested and 'g_untestedEncryptionAlgorithms' has a bit for
43 // each encryption algorithm that needs to be tested. Before an algorithm
44 // is used, the appropriate vector is checked (indexed using the algorithm ID).
45 // If the bit is 1, then the test function should be called.
46 //
47 // For more information, see TpmSelfTests.txt
48 
49 #include "Tpm.h"
50 
51 //** Functions
52 
53 //*** RunSelfTest()
54 // Local function to run self-test
55 static TPM_RC
CryptRunSelfTests(ALGORITHM_VECTOR * toTest)56 CryptRunSelfTests(
57     ALGORITHM_VECTOR    *toTest         // IN: the vector of the algorithms to test
58     )
59 {
60     TPM_ALG_ID           alg;
61 
62     // For each of the algorithms that are in the toTestVecor, need to run a
63     // test
64     for(alg = TPM_ALG_FIRST; alg <= TPM_ALG_LAST; alg++)
65     {
66         if(TEST_BIT(alg, *toTest))
67         {
68             TPM_RC          result = CryptTestAlgorithm(alg, toTest);
69             if(result != TPM_RC_SUCCESS)
70                 return result;
71         }
72     }
73     return TPM_RC_SUCCESS;
74 }
75 
76 //*** CryptSelfTest()
77 // This function is called to start/complete a full self-test.
78 // If 'fullTest' is NO, then only the untested algorithms will be run. If
79 // 'fullTest' is YES, then 'g_untestedDecryptionAlgorithms' is reinitialized and then
80 // all tests are run.
81 // This implementation of the reference design does not support processing outside
82 // the framework of a TPM command. As a consequence, this command does not
83 // complete until all tests are done. Since this can take a long time, the TPM
84 // will check after each test to see if the command is canceled. If so, then the
85 // TPM will returned TPM_RC_CANCELLED. To continue with the self-tests, call
86 // TPM2_SelfTest(fullTest == No) and the TPM will complete the testing.
87 //  Return Type: TPM_RC
88 //      TPM_RC_CANCELED        if the command is canceled
89 LIB_EXPORT
90 TPM_RC
CryptSelfTest(TPMI_YES_NO fullTest)91 CryptSelfTest(
92     TPMI_YES_NO      fullTest       // IN: if full test is required
93     )
94 {
95 #if SIMULATION
96     if(g_forceFailureMode)
97         FAIL(FATAL_ERROR_FORCED);
98 #endif
99 
100     // If the caller requested a full test, then reset the to test vector so that
101     // all the tests will be run
102     if(fullTest == YES)
103     {
104         MemoryCopy(g_toTest,
105                    g_implementedAlgorithms,
106                    sizeof(g_toTest));
107     }
108     return CryptRunSelfTests(&g_toTest);
109 }
110 
111 //*** CryptIncrementalSelfTest()
112 // This function is used to perform an incremental self-test. This implementation
113 // will perform the toTest values before returning. That is, it assumes that the
114 // TPM cannot perform background tasks between commands.
115 //
116 // This command may be canceled. If it is, then there is no return result.
117 // However, this command can be run again and the incremental progress will not
118 // be lost.
119 //  Return Type: TPM_RC
120 //      TPM_RC_CANCELED         processing of this command was canceled
121 //      TPM_RC_TESTING          if toTest list is not empty
122 //      TPM_RC_VALUE            an algorithm in the toTest list is not implemented
123 TPM_RC
CryptIncrementalSelfTest(TPML_ALG * toTest,TPML_ALG * toDoList)124 CryptIncrementalSelfTest(
125     TPML_ALG            *toTest,        // IN: list of algorithms to be tested
126     TPML_ALG            *toDoList       // OUT: list of algorithms needing test
127     )
128 {
129     ALGORITHM_VECTOR     toTestVector = {0};
130     TPM_ALG_ID           alg;
131     UINT32               i;
132 
133     pAssert(toTest != NULL && toDoList != NULL);
134     if(toTest->count > 0)
135     {
136         // Transcribe the toTest list into the toTestVector
137         for(i = 0; i < toTest->count; i++)
138         {
139             alg = toTest->algorithms[i];
140 
141             // make sure that the algorithm value is not out of range
142             if((alg > TPM_ALG_LAST) || !TEST_BIT(alg, g_implementedAlgorithms))
143                 return TPM_RC_VALUE;
144             SET_BIT(alg, toTestVector);
145         }
146         // Run the test
147         if(CryptRunSelfTests(&toTestVector) == TPM_RC_CANCELED)
148             return TPM_RC_CANCELED;
149     }
150     // Fill in the toDoList with the algorithms that are still untested
151     toDoList->count = 0;
152 
153     for(alg = TPM_ALG_FIRST;
154     toDoList->count < MAX_ALG_LIST_SIZE && alg <= TPM_ALG_LAST;
155         alg++)
156     {
157         if(TEST_BIT(alg, g_toTest))
158             toDoList->algorithms[toDoList->count++] = alg;
159     }
160     return TPM_RC_SUCCESS;
161 }
162 
163 //*** CryptInitializeToTest()
164 // This function will initialize the data structures for testing all the
165 // algorithms. This should not be called unless CryptAlgsSetImplemented() has
166 // been called
167 void
CryptInitializeToTest(void)168 CryptInitializeToTest(
169     void
170     )
171 {
172     // Indicate that nothing has been tested
173     memset(&g_cryptoSelfTestState, 0, sizeof(g_cryptoSelfTestState));
174 
175     // Copy the implemented algorithm vector
176     MemoryCopy(g_toTest, g_implementedAlgorithms, sizeof(g_toTest));
177 
178     // Setting the algorithm to null causes the test function to just clear
179     // out any algorithms for which there is no test.
180     CryptTestAlgorithm(TPM_ALG_ERROR, &g_toTest);
181 
182     return;
183 }
184 
185 //*** CryptTestAlgorithm()
186 // Only point of contact with the actual self tests. If a self-test fails, there
187 // is no return and the TPM goes into failure mode.
188 // The call to TestAlgorithm uses an algorithm selector and a bit vector. When the
189 // test is run, the corresponding bit in 'toTest' and in 'g_toTest' is CLEAR. If
190 // 'toTest' is NULL, then only the bit in 'g_toTest' is CLEAR.
191 // There is a special case for the call to TestAlgorithm(). When 'alg' is
192 // ALG_ERROR, TestAlgorithm() will CLEAR any bit in 'toTest' for which it has
193 // no test. This allows the knowledge about which algorithms have test to be
194 // accessed through the interface that provides the test.
195 //  Return Type: TPM_RC
196 //      TPM_RC_CANCELED     test was canceled
197 LIB_EXPORT
198 TPM_RC
CryptTestAlgorithm(TPM_ALG_ID alg,ALGORITHM_VECTOR * toTest)199 CryptTestAlgorithm(
200     TPM_ALG_ID           alg,
201     ALGORITHM_VECTOR    *toTest
202     )
203 {
204     TPM_RC                   result;
205 #if SELF_TEST
206     result = TestAlgorithm(alg, toTest);
207 #else
208     // If this is an attempt to determine the algorithms for which there is a
209     // self test, pretend that all of them do. We do that by not clearing any
210     // of the algorithm bits. When/if this function is called to run tests, it
211     // will over report. This can be changed so that any call to check on which
212     // algorithms have tests, 'toTest' can be cleared.
213     if(alg != TPM_ALG_ERROR)
214     {
215         CLEAR_BIT(alg, g_toTest);
216         if(toTest != NULL)
217             CLEAR_BIT(alg, *toTest);
218     }
219     result = TPM_RC_SUCCESS;
220 #endif
221     return result;
222 }