Google Git
Sign in
qemu / skiboot / 326a4666bd69ca071c4f7d2eacf868b11099baee / . / libstb / tss2 / ibmtpm20tss / utils / regtests / testecc.bat
blob: 5de54d60df07e26c928780254d6ac192af7a38e9 [file] [log] [blame]
REM #############################################################################
REM # #
REM # TPM2 regression test #
REM # Written by Ken Goldman #
REM # IBM Thomas J. Watson Research Center #
REM # #
REM # (c) Copyright IBM Corporation 2015 - 2019. #
REM # #
REM # All rights reserved. #
REM # #
REM # Redistribution and use in source and binary forms, with or without #
REM # modification, are permitted provided that the following conditions are #
REM # met: #
REM # #
REM # Redistributions of source code must retain the above copyright notice, #
REM # this list of conditions and the following disclaimer. #
REM # #
REM # Redistributions in binary form must reproduce the above copyright #
REM # notice, this list of conditions and the following disclaimer in the #
REM # documentation and/or other materials provided with the distribution. #
REM # #
REM # Neither the names of the IBM Corporation nor the names of its #
REM # contributors may be used to endorse or promote products derived from #
REM # this software without specific prior written permission. #
REM # #
REM # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS #
REM # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT #
REM # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR #
REM # A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT #
REM # HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, #
REM # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT #
REM # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, #
REM # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY #
REM # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT #
REM # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE #
REM # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #
REM # #
REM #############################################################################
setlocal enableDelayedExpansion
echo ""
echo "ECC Ephemeral"
echo ""
echo ""
echo "ECC Parameters and Ephemeral"
echo ""
for %%C in (bnp256 nistp256 nistp384) do (
echo "ECC Parameters for curve %%C"
%TPM_EXE_PATH%eccparameters -cv %%C > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
for %%A in (-si -sir) do (
echo "Create %%A for curve %%C"
%TPM_EXE_PATH%create -hp 80000000 -pwdp sto %%A -ecc %%C > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
)
echo "EC Ephemeral for curve %%C"
%TPM_EXE_PATH%ecephemeral -ecc %%C > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
)
echo ""
echo "ECC Commit"
echo ""
echo "Start an HMAC auth session"
%TPM_EXE_PATH%startauthsession -se h > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
for %%K in ("-dau" "-dar") do (
for %%S in ("" "-se0 02000000 1") do (
echo "Create a %%~K ECDAA signing key under the primary key"
%TPM_EXE_PATH%create -hp 80000000 -ecc bnp256 %%~K -nalg sha256 -halg sha256 -kt f -kt p -opr tmprpriv.bin -opu tmprpub.bin -pwdp sto -pwdk siga > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Load the signing key 80000001 under the primary key 80000000"
%TPM_EXE_PATH%load -hp 80000000 -ipr tmprpriv.bin -ipu tmprpub.bin -pwdp sto > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
REM %TPM_EXE_PATH%getcapability -cap 1 -pr 80000001
REM The trick with commit is first use - empty ECC point and no s2 and y2 parameters
REM which means no P1, no s2 and no y2.
REM and output the result and get the efile.bin
REM feed back the point in efile.bin as the new p1 because it is on the curve.
REM There is no test case for s2 and y2. To construct a y2 requires using Cipolla's algorithm.
REM example of normal command
REM %TPM_EXE_PATH%commit -hk 80000001 -pt p1.bin -s2 s2.bin -y2 y2_a.bin -Kf kfile.bin -Lf lfile.bin -Ef efile.bin -pwdk siga > run.out
echo "Create new point E, based on point-multiply of TPM's commit random scalar and Generator point %%~S"
%TPM_EXE_PATH%commit -hk 80000001 -Ef efile.bin -pwdk siga %%~S > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
REM copy efile as new p1 - for hash operation
cp efile.bin p1.bin
REM We have a point on the curve - in efile.bin. Use E as P1 and feed it back in
REM All this does is simulate the commit that the FIDO alliance wants to
REM use in its TPM Join operation.
echo "Create new point E, based on point-multiply of TPM's commit random scalar and input point %%~S"
%TPM_EXE_PATH%commit -hk 80000001 -pt p1.bin -Ef efile.bin -cf counterfile.bin -pwdk siga %%~S > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
cat efile.bin p1.bin tmprpub.bin > hashinput.bin
echo "Hash the E, P1, and Q to create the ticket to use in signing"
%TPM_EXE_PATH%hash -hi p -halg sha256 -if hashinput.bin -oh outhash.bin -tk tfile.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Sign the hash of the points made from commit"
%TPM_EXE_PATH%sign -hk 80000001 -pwdk siga -salg ecc -scheme ecdaa -cf counterfile.bin -if hashinput.bin -os sig.bin -tk tfile.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Flush the signing key"
%TPM_EXE_PATH%flushcontext -ha 80000001 > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
)
)
REM save old counterfile for off nominal error check
cp counterfile.bin counterfileold.bin
for %%K in ("-dau" "-dar") do (
for %%S in ("" "-se0 02000000 1") do (
echo "Create a %%~K ECDAA signing primary key"
%TPM_EXE_PATH%createprimary -ecc bnp256 %%~K -nalg sha256 -halg sha256 -kt f -kt p -opu tmprpub.bin -pwdk siga > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
REM %TPM_EXE_PATH%getcapability -cap 1 -pr 80000001
REM The trick with commit is first use - empty ECC point and no s2 and y2 parameters
REM which means no P1, no s2 and no y2.
REM and output the result and get the efile.bin
REM feed back the point in efile.bin as the new p1 because it is on the curve.
REM There is no test case for s2 and y2. To construct a y2 requires using Cipolla's algorithm.
REM example of normal command
REM %TPM_EXE_PATH%commit -hk 80000001 -pt p1.bin -s2 s2.bin -y2 y2_a.bin -Kf kfile.bin -Lf lfile.bin -Ef efile.bin -cf counterfile.bin -pwdk siga > run.out
echo "Create new point E, based on point-multiply of TPM's commit random scalar and Generator point %%~S"
%TPM_EXE_PATH%commit -hk 80000001 -Ef efile.bin -cf counterfile.bin -pwdk siga %%~S > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
REM copy efile as new p1 - for hash operation
cp efile.bin p1.bin
REM We have a point on the curve - in efile.bin. Use E as P1 and feed it back in
REM All this does is simulate the commit that the FIDO alliance wants to
REM use in its TPM Join operation.
echo "Create new point E, based on point-multiply of TPM's commit random scalar and input point %%~S"
%TPM_EXE_PATH%commit -hk 80000001 -pt efile.bin -Ef efile.bin -pwdk siga %%~S > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
cat efile.bin p1.bin tmprpub.bin > hashinput.bin
echo "Hash the E, P1, and Q to create the ticket to use in signing"
%TPM_EXE_PATH%hash -hi p -halg sha256 -if hashinput.bin -oh outhash.bin -tk tfile.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Check error case bad counter"
%TPM_EXE_PATH%sign -hk 80000001 -pwdk siga -salg ecc -scheme ecdaa -cf counterfileold.bin -if hashinput.bin -os sig.bin -tk tfile.bin > run.out
IF !ERRORLEVEL! EQU 0 (
exit /B 1
)
echo "Sign the hash of the points made from commit"
%TPM_EXE_PATH%sign -hk 80000001 -pwdk siga -salg ecc -scheme ecdaa -cf counterfile.bin -if hashinput.bin -os sig.bin -tk tfile.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Flush the signing key"
%TPM_EXE_PATH%flushcontext -ha 80000001 > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
)
)
echo "Flush the session"
%TPM_EXE_PATH%flushcontext -ha 02000000 > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo ""
echo "ECC zgen2phase"
echo ""
echo "ECC Parameters for curve nistp256"
%TPM_EXE_PATH%eccparameters -cv nistp256 > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
REM This is just a script for a B "remote" side to create a static key
REM pair and ephemeral for use in demonstrating (on the local side) a
REM two-phase operation involving ecephemeral and zgen2phase
echo "Create decryption key for curve nistp256"
%TPM_EXE_PATH%create -hp 80000000 -pwdp sto -den -ecc nistp256 -opu QsBpub.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "EC Ephemeral for curve nistp256"
%TPM_EXE_PATH%ecephemeral -ecc nistp256 -oq QeBpt.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
REM local side
REM
REM scp or cp the QsBpub.bin and QeBpt.bin from the B side over to the
REM A side. This assumes QsBpub is a TPM2B_PUBLIC from a create command
REM on B side. QeBpt is already in TPM2B_ECC_POINT form since it was
REM created by ecephemeral on B side QsBpub.bin is presumed in a form
REM produced by a create commamnd using another TPM
echo "Create decryption key for curve nistp256"
%TPM_EXE_PATH%create -hp 80000000 -pwdp sto -den -ecc nistp256 -opr QsApriv.bin -opu QsApub.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Load the decryption key under the primary key, 80000001"
%TPM_EXE_PATH%load -hp 80000000 -ipr QsApriv.bin -ipu QsApub.bin -pwdp sto > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "EC Ephemeral for curve nistp256"
%TPM_EXE_PATH%ecephemeral -ecc nistp256 -oq QeApt.bin -cf counter.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Convert public raw to TPM2B_ECC_POINT"
%TPM_EXE_PATH%tpmpublic2eccpoint -ipu QsBpub.bin -pt QsBpt.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Execute zgen2phase for curve nistp256"
%TPM_EXE_PATH%zgen2phase -hk 80000001 -scheme ecdh -qsb QsBpt.bin -qeb QeBpt.bin -cf counter.bin > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
echo "Flush the key"
%TPM_EXE_PATH%flushcontext -ha 80000001 > run.out
IF !ERRORLEVEL! NEQ 0 (
exit /B 1
)
rm -rf efile.bin
rm -rf tmprpub.bin
rm -rf tmprpriv.bin
rm -rf counterfile.bin
rm -rf counterfileold.bin
rm -rf p1.bin
rm -rf hashinput.bin
rm -rf outhash.bin
rm -rf sig.bin
rm -rf tfile.bin
rm -rf QsBpub.bin
rm -rf QeBpt.bin
rm -rf QsApriv.bin
rm -rf QsApub.bin
rm -rf QeApt.bin
rm -rf counter.bin
rm -rf QsBpt.bin
REM %TPM_EXE_PATH%getcapability -cap 1 -pr 80000000
REM %TPM_EXE_PATH%getcapability -cap 1 -pr 02000000
exit /B 0