diff options
author | Kevin Cernekee <cernekee@chromium.org> | 2015-07-28 17:25:04 -0700 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2015-08-10 20:42:12 +0000 |
commit | 831f91315ba24ae24e476c7683f0d393f807d779 (patch) | |
tree | c9afd24160cd88163aa1cbe0c6d0d6a6fd331ecf /utility | |
parent | 8804be8cbeccfca8085a45c76c0d510f030d9061 (diff) | |
download | vboot-831f91315ba24ae24e476c7683f0d393f807d779.tar.gz |
Add "tpmc pcrextend" command to extend a PCRstabilize-7356.B
This is useful for testing different configurations without repeatedly
reflashing the firmware, e.g.
# stop tcsd
# tpmc pcr 0
0000000000000000000000000000000000000000
# tpmc pcrextend 0 c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
# tpmc pcr 0
865aedd337518e56f648440b81b4cbd9359fdff3
<reboot and try another value>
BUG=none
BRANCH=none
TEST=manual
Change-Id: Ie5814ca2a3a5cf5a0eaf0ffee0385315db09bf25
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/289009
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'utility')
-rw-r--r-- | utility/tpmc.c | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/utility/tpmc.c b/utility/tpmc.c index adcbf6ed..d7c3e15e 100644 --- a/utility/tpmc.c +++ b/utility/tpmc.c @@ -59,6 +59,23 @@ int HexStringToUint8(const char* string, uint8_t* value) { return 0; } +int HexStringToArray(const char* string, uint8_t* value, int num_bytes) { + int len = strlen(string); + if (!strncmp(string, "0x", 2)) { + string += 2; + len -= 2; + } + if (len != num_bytes * 2) { + return 1; + } + for (; len > 0; string += 2, len -= 2, value++) { + if (sscanf(string, "%2hhx", value) != 1) { + return 1; + } + } + return 0; +} + /* TPM error check and reporting. Returns 0 if |result| is 0 (TPM_SUCCESS). * Otherwise looks up a TPM error in the error table and prints the error if * found. Then returns min(result, OTHER_ERROR) since some error codes, such @@ -187,6 +204,24 @@ static uint32_t HandlerPCRRead(void) { return result; } +static uint32_t HandlerPCRExtend(void) { + uint32_t index; + uint8_t value[TPM_PCR_DIGEST]; + if (nargs != 4) { + fprintf(stderr, "usage: tpmc pcrextend <index> <extend_hash>\n"); + exit(OTHER_ERROR); + } + if (HexStringToUint32(args[2], &index) != 0) { + fprintf(stderr, "<index> must be 32-bit hex (0x[0-9a-f]+)\n"); + exit(OTHER_ERROR); + } + if (HexStringToArray(args[3], value, TPM_PCR_DIGEST)) { + fprintf(stderr, "<extend_hash> must be a 20-byte hex string\n"); + exit(OTHER_ERROR); + } + return TlclExtend(index, value, value); +} + static uint32_t HandlerRead(void) { uint32_t index, size; uint8_t value[4096]; @@ -397,6 +432,8 @@ command_record command_table[] = { HandlerRead }, { "pcrread", "pcr", "read from a PCR (pcrread <index>)", HandlerPCRRead }, + { "pcrextend", "extend", "extend a PCR (extend <index> <extend_hash>)", + HandlerPCRExtend }, { "getownership", "geto", "print state of TPM ownership", HandlerGetOwnership }, { "getpermissions", "getp", "print space permissions (getp <index>)", |