From 831f91315ba24ae24e476c7683f0d393f807d779 Mon Sep 17 00:00:00 2001
From: Kevin Cernekee <cernekee@chromium.org>
Date: Tue, 28 Jul 2015 17:25:04 -0700
Subject: Add "tpmc pcrextend" command to extend a PCR

This is useful for testing different configurations without repeatedly
reflashing the firmware, e.g.

    # stop tcsd
    # tpmc pcr 0
    0000000000000000000000000000000000000000
    # tpmc pcrextend 0 c42ac1c46f1d4e211c735cc7dfad4ff8391110e9
    # tpmc pcr 0
    865aedd337518e56f648440b81b4cbd9359fdff3
    <reboot and try another value>

BUG=none
BRANCH=none
TEST=manual

Change-Id: Ie5814ca2a3a5cf5a0eaf0ffee0385315db09bf25
Signed-off-by: Kevin Cernekee <cernekee@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/289009
Reviewed-by: Luigi Semenzato <semenzato@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
---
 utility/tpmc.c | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/utility/tpmc.c b/utility/tpmc.c
index adcbf6ed..d7c3e15e 100644
--- a/utility/tpmc.c
+++ b/utility/tpmc.c
@@ -59,6 +59,23 @@ int HexStringToUint8(const char* string, uint8_t* value) {
   return 0;
 }
 
+int HexStringToArray(const char* string, uint8_t* value, int num_bytes) {
+  int len = strlen(string);
+  if (!strncmp(string, "0x", 2)) {
+    string += 2;
+    len -= 2;
+  }
+  if (len != num_bytes * 2) {
+    return 1;
+  }
+  for (; len > 0; string += 2, len -= 2, value++) {
+    if (sscanf(string, "%2hhx", value) != 1) {
+      return 1;
+    }
+  }
+  return 0;
+}
+
 /* TPM error check and reporting.  Returns 0 if |result| is 0 (TPM_SUCCESS).
  * Otherwise looks up a TPM error in the error table and prints the error if
  * found.  Then returns min(result, OTHER_ERROR) since some error codes, such
@@ -187,6 +204,24 @@ static uint32_t HandlerPCRRead(void) {
   return result;
 }
 
+static uint32_t HandlerPCRExtend(void) {
+  uint32_t index;
+  uint8_t value[TPM_PCR_DIGEST];
+  if (nargs != 4) {
+    fprintf(stderr, "usage: tpmc pcrextend <index> <extend_hash>\n");
+    exit(OTHER_ERROR);
+  }
+  if (HexStringToUint32(args[2], &index) != 0) {
+    fprintf(stderr, "<index> must be 32-bit hex (0x[0-9a-f]+)\n");
+    exit(OTHER_ERROR);
+  }
+  if (HexStringToArray(args[3], value, TPM_PCR_DIGEST)) {
+    fprintf(stderr, "<extend_hash> must be a 20-byte hex string\n");
+    exit(OTHER_ERROR);
+  }
+  return TlclExtend(index, value, value);
+}
+
 static uint32_t HandlerRead(void) {
   uint32_t index, size;
   uint8_t value[4096];
@@ -397,6 +432,8 @@ command_record command_table[] = {
     HandlerRead },
   { "pcrread", "pcr", "read from a PCR (pcrread <index>)",
     HandlerPCRRead },
+  { "pcrextend", "extend", "extend a PCR (extend <index> <extend_hash>)",
+    HandlerPCRExtend },
   { "getownership", "geto", "print state of TPM ownership",
     HandlerGetOwnership },
   { "getpermissions", "getp", "print space permissions (getp <index>)",
-- 
cgit v1.2.1