1 #include <sys/socket.h>
9 #include <openssl/bn.h>
10 #include <openssl/sha.h>
11 #include <lib/base/eerror.h>
17 struct sockaddr_un addr;
23 level2_cert_read = level3_cert_read = false;
25 addr.sun_family = AF_UNIX;
26 strcpy(addr.sun_path, TPMD_SOCKET);
28 fd = socket(PF_UNIX, SOCK_STREAM, 0);
31 eDebug("[eTPM] socket error");
35 if (connect(fd, (const struct sockaddr *)&addr, SUN_LEN(&addr)) < 0)
37 eDebug("[eTPM] connect error");
41 buf[0] = TPMD_DT_LEVEL2_CERT;
42 buf[1] = TPMD_DT_LEVEL3_CERT;
43 if (!send_cmd(TPMD_CMD_GET_DATA, buf, 2))
48 val = (unsigned char*)recv_cmd(&tag, &len);
63 bool eTPM::send_cmd(enum tpmd_cmd cmd, const void *data, size_t len)
65 unsigned char buf[len + 4];
67 buf[0] = (cmd >> 8) & 0xff;
68 buf[1] = (cmd >> 0) & 0xff;
69 buf[2] = (len >> 8) & 0xff;
70 buf[3] = (len >> 0) & 0xff;
71 memcpy(&buf[4], data, len);
73 if (write(fd, buf, sizeof(buf)) != (ssize_t)sizeof(buf))
75 fprintf(stderr, "%s: incomplete write\n", __func__);
82 void* eTPM::recv_cmd(unsigned int *tag, size_t *len)
87 if (read(fd, buf, 4) != 4)
89 fprintf(stderr, "%s: incomplete read\n", __func__);
93 *tag = (buf[0] << 8) | buf[1];
94 *len = (buf[2] << 8) | buf[3];
100 ssize_t rd = read(fd, val, *len);
103 perror("eTPM::recv_cmd read");
106 else if ((size_t)rd != *len) {
107 fprintf(stderr, "%s: incomplete read\n", __func__);
115 void eTPM::parse_data(const unsigned char *data, size_t datalen)
120 const unsigned char *val;
122 for (i = 0; i < datalen; i += len) {
128 case TPMD_DT_LEVEL2_CERT:
131 memcpy(level2_cert, val, 210);
132 level2_cert_read = true;
134 case TPMD_DT_LEVEL3_CERT:
137 memcpy(level3_cert, val, 210);
138 level3_cert_read = true;
144 std::string eTPM::getCert(cert_type type)
146 if (type == TPMD_DT_LEVEL2_CERT && level2_cert_read)
147 return std::string((char*)level2_cert, 210);
148 else if (type == TPMD_DT_LEVEL3_CERT && level3_cert_read)
149 return std::string((char*)level3_cert, 210);
153 std::string eTPM::challenge(std::string rnd)
155 if (rnd.length() == 8)
157 if (!send_cmd(TPMD_CMD_COMPUTE_SIGNATURE, rnd.c_str(), 8))
162 unsigned char *val = (unsigned char*)recv_cmd(&tag, &len);
164 if (tag != TPMD_CMD_COMPUTE_SIGNATURE)
167 std::string ret((char*)val, len);