Added TPM support

Signed-off-by: Manjeet Singh <[email protected]>

Author: itsManjeet

CMakeLists.txt

@@ -36,6 +36,7 @@ set(GCOV ${GCOV} CACHE STRING "Choose the target of Gcov: ON  OFF, and default i
 set(STACK_USAGE ${STACK_USAGE} CACHE STRING "Choose the target of STACK_USAGE: ON  OFF, and default is OFF" FORCE)
 set(BUILD_LINUX_SHARED_LIB ${BUILD_LINUX_SHARED_LIB} CACHE STRING "Choose if libspdm shared library should be built for linux: ON OFF, and default is OFF" FORCE)
 set(X509_IGNORE_CRITICAL ${X509_IGNORE_CRITICAL} CACHE STRING "Choose if libspdm-provided cryptography libraries (OpenSSL and MbedTLS) ignore unsupported critical extensions in certificates : ON OFF, and default is OFF" FORCE)
+set(DEVICE ${DEVICE} CACHE STRING "Choose the test device: sample tpm, and default is sample" FORCE)
 
 if(NOT GCOV)
     set(GCOV "OFF")
@@ -53,6 +54,11 @@ if(NOT X509_IGNORE_CRITICAL)
     set(X509_IGNORE_CRITICAL "OFF")
 endif()
 
+if (NOT DEVICE)
+    set(DEVICE "sample")
+endif()
+
+
 set(LIBSPDM_DIR ${PROJECT_SOURCE_DIR})
 
 #
@@ -62,6 +68,7 @@ set(COMPILED_LIBCRYPTO_PATH ${COMPILED_LIBCRYPTO_PATH} CACHE STRING "Optionally
 set(COMPILED_LIBSSL_PATH ${COMPILED_LIBSSL_PATH} CACHE STRING "Optionally provide a path to libssl" FORCE)
 
 message("CMAKE_GENERATOR = ${CMAKE_GENERATOR}")
+message("DEVICE = ${DEVICE}")
 
 if(ARCH STREQUAL "x64")
     message("ARCH = x64")
@@ -981,7 +988,7 @@ if(ENABLE_CODEQL STREQUAL "ON")
     add_subdirectory(os_stub/platform_lib)
     add_subdirectory(os_stub/platform_lib_null)
     add_subdirectory(os_stub/malloclib)
-    add_subdirectory(os_stub/spdm_device_secret_lib_sample)
+    add_subdirectory(os_stub/spdm_device_secret_lib_${DEVICE})
     add_subdirectory(os_stub/spdm_device_secret_lib_null)
     add_subdirectory(os_stub/spdm_cert_verify_callback_sample)
     add_subdirectory(os_stub/cryptlib_null)
@@ -1020,7 +1027,7 @@ else()
         add_subdirectory(os_stub/platform_lib)
         add_subdirectory(os_stub/platform_lib_null)
         add_subdirectory(os_stub/malloclib)
-        add_subdirectory(os_stub/spdm_device_secret_lib_sample)
+        add_subdirectory(os_stub/spdm_device_secret_lib_${DEVICE})
         add_subdirectory(os_stub/spdm_device_secret_lib_null)
         add_subdirectory(os_stub/spdm_cert_verify_callback_sample)
 

include/hal/library/cryptlib/cryptlib_tpm.h

@@ -0,0 +1,24 @@
+/**
+ *  Copyright Notice:
+ *  Copyright 2021-2026 DMTF. All rights reserved.
+ *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
+ **/
+
+#ifndef __CRYPTLIB_TPM_H__
+#define __CRYPTLIB_TPM_H__
+
+#include <stdbool.h>
+
+bool libspdm_tpm_device_init();
+
+bool libspdm_tpm_get_private_key(void *handle, void **context);
+
+bool libspdm_tpm_get_public_key(void *handle, void **context);
+
+bool libspdm_tpm_get_certificate(void *handle, void **context);
+
+bool libspdm_tpm_dump_certificate(void *context, void **buffer, size_t *size);
+
+bool libspdm_tpm_read_pcr(uint32_t hash_algo, uint32_t index, void *buffer, size_t *size);
+
+#endif

os_stub/cryptlib_openssl/CMakeLists.txt

@@ -48,3 +48,10 @@ target_sources(cryptlib_openssl
 target_compile_options(cryptlib_openssl PRIVATE ${OPENSSL_FLAGS})
 
 target_link_libraries(cryptlib_openssl PUBLIC openssllib memlib)
+
+if (${DEVICE} STREQUAL "tpm")
+  target_sources(cryptlib_openssl PRIVATE
+        tpm/tpm.c
+  )
+  target_link_libraries(cryptlib_openssl PUBLIC tss2-esys tss2-tctildr)
+endif()

os_stub/cryptlib_openssl/pk/x509.c

@@ -2036,7 +2036,6 @@ bool libspdm_x509_verify_cert_chain(const uint8_t *root_cert, size_t root_cert_l
 
 
         /* Verify current_cert with preceding cert;*/
-
         verify_flag =
             libspdm_x509_verify_cert(current_cert, current_cert_len,
                                      preceding_cert, preceding_cert_len);
@@ -2458,6 +2457,7 @@ bool libspdm_gen_x509_csr_with_pqc(
     X509_NAME *x509_name;
     EVP_PKEY *private_key;
     EVP_PKEY *public_key;
+    bool owned_keys = false;
     EVP_MD *md;
     uint8_t *csr_p;
     STACK_OF(X509_EXTENSION) *exts;
@@ -2536,11 +2536,13 @@ bool libspdm_gen_x509_csr_with_pqc(
             EVP_PKEY_free(private_key);
             EVP_PKEY_free(public_key);
 
-            private_key = EVP_PKEY_dup(ec_pkey);
-            public_key = EVP_PKEY_dup(ec_pkey);
+            // Can't DUP hardware backed keys
+            private_key = ec_pkey;
+            public_key = ec_pkey;
             if (private_key == NULL || public_key == NULL) {
                 goto free_all;
             }
+            owned_keys = true;
             break;
         }
         case LIBSPDM_CRYPTO_NID_SM2_DSA_P256: {
@@ -2763,8 +2765,10 @@ bool libspdm_gen_x509_csr_with_pqc(
         EVP_MD_free((EVP_MD *)md);
     }
     X509_REQ_free(x509_req);
-    EVP_PKEY_free(private_key);
-    EVP_PKEY_free(public_key);
+    if (!owned_keys) {
+        EVP_PKEY_free(private_key);
+        EVP_PKEY_free(public_key);
+    }
 
     return (ret != 0);
 }

os_stub/cryptlib_openssl/tpm/tpm.c

@@ -0,0 +1,218 @@
+/**
+ *  Copyright Notice:
+ *  Copyright 2021-2025 DMTF. All rights reserved.
+ *  License: BSD 3-Clause License. For full text see link: https://github.com/DMTF/libspdm/blob/main/LICENSE.md
+ **/
+
+#include <complex.h>
+#include <openssl/err.h>
+#include <tss2/tss2_common.h>
+#include <tss2/tss2_esys.h>
+#include <tss2/tss2_tctildr.h>
+
+#include <openssl/provider.h>
+#include <openssl/store.h>
+#include <tss2/tss2_tcti.h>
+#include <tss2/tss2_tpm2_types.h>
+#include "library/cryptlib/cryptlib_tpm.h"
+#include "internal/libspdm_crypt_lib.h"
+
+#include "key_context.h"
+
+bool g_tpm_device_initialized = false;
+
+static libspdm_key_context *create_key_context(EVP_PKEY *pkey)
+{
+    libspdm_key_context *context = (libspdm_key_context *)malloc(sizeof(libspdm_key_context));
+    context->evp_pkey = pkey;
+    return context;
+}
+
+bool libspdm_tpm_device_init()
+{
+    OSSL_PROVIDER *tpm_provider = NULL;
+
+    if (g_tpm_device_initialized)
+        return true;
+
+    tpm_provider = OSSL_PROVIDER_load(NULL, "tpm2");
+    if (tpm_provider == NULL)
+    {
+        LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR, "failed to load tpm2\n"));
+        return false;
+    }
+
+    OSSL_PROVIDER_load(NULL, "default");
+    OSSL_PROVIDER_load(NULL, "legacy");
+
+    g_tpm_device_initialized = true;
+    return true;
+}
+
+static bool get_keyinfo(const char *handle, void **context, int keyinfo_type)
+{
+    OSSL_STORE_CTX *store_ctx = NULL;
+    OSSL_STORE_INFO *info = NULL;
+
+    /* handle must look like: "tpm2tss:0x81010002" */
+    store_ctx = OSSL_STORE_open_ex(handle, NULL, "provider=tpm2", NULL, NULL, NULL, NULL, NULL);
+    if (!store_ctx)
+    {
+        return false;
+    }
+
+    while ((info = OSSL_STORE_load(store_ctx)) != NULL)
+    {
+        if (OSSL_STORE_INFO_get_type(info) == keyinfo_type)
+        {
+            switch (keyinfo_type)
+            {
+            case OSSL_STORE_INFO_PKEY:
+                *context = OSSL_STORE_INFO_get1_PKEY(info);
+                break;
+            case OSSL_STORE_INFO_PUBKEY:
+                *context = OSSL_STORE_INFO_get1_PUBKEY(info);
+                break;
+            case OSSL_STORE_INFO_CERT:
+                *context = OSSL_STORE_INFO_get1_CERT(info);
+                break;
+            }
+            break;
+        }
+        OSSL_STORE_INFO_free(info);
+    }
+
+    OSSL_STORE_close(store_ctx);
+
+    if (*context == NULL)
+    {
+        LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR, "no keyinfo %d foun on handle %s\n", keyinfo_type, handle));
+        return false;
+    }
+
+    return true;
+}
+
+bool libspdm_tpm_get_private_key(void *handle, void **context)
+{
+    EVP_PKEY *pkey = NULL;
+    if (!get_keyinfo((const char *)handle, (void **)&pkey, OSSL_STORE_INFO_PKEY))
+    {
+        return false;
+    }
+    *context = create_key_context(pkey);
+    return true;
+}
+
+bool libspdm_tpm_get_public_key(void *handle, void **context)
+{
+    EVP_PKEY *pkey = NULL;
+    if (!get_keyinfo((const char *)handle, (void **)&pkey, OSSL_STORE_INFO_PUBKEY))
+    {
+        return false;
+    }
+    *context = create_key_context(pkey);
+    return true;
+}
+
+bool libspdm_tpm_get_certificate(void *handle, void **context)
+{
+    return get_keyinfo((const char *)handle, context, OSSL_STORE_INFO_CERT);
+}
+
+bool libspdm_tpm_dump_certificate(void *context, void **buffer, size_t *size)
+{
+    int len = 0;
+    len = i2d_X509((X509 *)context, NULL);
+    if (len < 0)
+        return false;
+
+    void *cert = OPENSSL_malloc(len);
+    if (cert == NULL)
+    {
+        return false;
+    }
+    *buffer = cert;
+    len = i2d_X509((X509 *)context, (unsigned char **)&cert);
+    if (len < 0)
+    {
+        free(*buffer);
+        *buffer = NULL;
+        return false;
+    }
+    *size = len;
+    return true;
+}
+
+bool libspdm_tpm_read_pcr(uint32_t hash_algo, uint32_t index, void *buffer, size_t *size)
+{
+    TSS2_RC result;
+    TSS2_TCTI_CONTEXT *tcti_context = NULL;
+    ESYS_CONTEXT *context = NULL;
+
+    TPML_PCR_SELECTION sel = {
+        .count = 1,
+        .pcrSelections = {
+            {
+                .sizeofSelect = 3,
+                .pcrSelect = {0x00, 0x00, 0x00, 0x00},
+            },
+        }};
+
+    *size = 0;
+    switch (hash_algo)
+    {
+    case SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_256:
+    case SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_256:
+    case SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SM3_256:
+        sel.pcrSelections[0].hash = TPM2_ALG_SHA256;
+        *size = 32;
+        break;
+    case SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_384:
+    case SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_384:
+        sel.pcrSelections[0].hash = TPM2_ALG_SHA384;
+        *size = 48;
+        break;
+    case SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA_512:
+    case SPDM_ALGORITHMS_MEASUREMENT_HASH_ALGO_TPM_ALG_SHA3_512:
+        sel.pcrSelections[0].hash = TPM2_ALG_SHA512;
+        *size = 64;
+        break;
+    default:
+        LIBSPDM_DEBUG((LIBSPDM_DEBUG_ERROR, "unsupported measurement hash algo %d\n", hash_algo));
+        return false;
+    }
+    sel.pcrSelections[0].pcrSelect[(index - 1) / 8] |= 1 << ((index - 1) % 8);
+
+    UINT32 uc;
+    TPML_PCR_SELECTION *out = NULL;
+    TPML_DIGEST *values = NULL;
+
+    const char *tssconf = getenv("TPM2TOOLS_TCTI");
+    if ((result = Tss2_TctiLdr_Initialize(tssconf, &tcti_context)) != TSS2_RC_SUCCESS)
+    {
+        goto finish;
+    }
+
+    // TODO: abi version check
+    if ((result = Esys_Initialize(&context, tcti_context, NULL)) != TSS2_RC_SUCCESS)
+    {
+        goto cleanup_tcti;
+    }
+
+    if ((result = Esys_PCR_Read(context, ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE, &sel, &uc, &out, &values)) != TSS2_RC_SUCCESS)
+    {
+        goto cleanup_esys;
+    }
+
+    memcpy(buffer, values->digests[0].buffer, *size);
+
+cleanup_esys:
+    Esys_Finalize(&context);
+
+cleanup_tcti:
+    Tss2_TctiLdr_Finalize(&tcti_context);
+
+finish:
+    return result == TSS2_RC_SUCCESS;
+}