search

joholl / tpmstream

A tool to help you understand TPM commands and responses.
https://joholl.github.io/tpmstream-web
BSD 2-Clause "Simplified" License
34 stars 3 forks source link

Encrypted Parameter #16

Closed AndreasFuchsTPM closed 1 year ago

AndreasFuchsTPM commented 1 year ago

Encrypted parameters should be handles as simple TPM2Bs instead of trying to decode their inner workings.

Example:

Command                                   .                                                                   
TPMI_ST_COMMAND_TAG                       |   .tag                                       8002                 TPMI_ST_COMMAND_TAG.SESSIONS
UINT32                                    |   .commandSize                               000000a3             163
TPM_CC                                    |   .commandCode                               00000131             TPM_CC.CreatePrimary
TPMS_COMMAND_HANDLES_CREATE_PRIMARY       |   .handles                                                        
TPMI_RH_HIERARCHY                         |   |   .primaryHandle                         40000001             TPM_RH.OWNER
UINT32                                    |   .authSize                                  00000049             73
TPMS_AUTH_COMMAND                         |   .authorizationArea[0]                                           
TPMI_SH_AUTH_SESSION                      |   |   .sessionHandle                         02000000             TPM_HR.HMAC_SESSION.000000
TPM2B_NONCE                               |   |   .nonce                                                      
UINT16                                    |   |   |   .size                              0020                 32
list[BYTE]                                |   |   |   .buffer                            5765e890f5c7bafa312e331803c60631ede51d3cdcc6b991117456f1b19b9d31 We......1.3....1...<.....tV....1
TPMA_SESSION                              |   |   .sessionAttributes                     e1                   225
                                          |   |   |   .continueSession                                        .......1
                                          |   |   |   .auditExclusive                                         ......0.
                                          |   |   |   .auditReset                                             .....0..
                                          |   |   |   .reserved                                               ...00...
                                          |   |   |   .decrypt                                                ..1.....
                                          |   |   |   .encrypt                                                .1......
                                          |   |   |   .audit                                                  1.......
TPM2B_AUTH                                |   |   .hmac                                                       
UINT16                                    |   |   |   .size                              0020                 32
list[BYTE]                                |   |   |   .buffer                            410adc18ef2c019b7c7d55a808de9ae8cec1fdcfbe0b95a893acdce8d1149b61 A....,..|}U....................a
TPMS_COMMAND_PARAMS_CREATE_PRIMARY        |   .parameters                                                     
TPM2B_SENSITIVE_CREATE                    |   |   .inSensitive                                                
UINT16                                    |   |   |   .size                              0004                 4
TPMS_SENSITIVE_CREATE                     |   |   |   .sensitive                                              
TPM2B_AUTH                                |   |   |   |   .userAuth                                           
UINT16                                    |   |   |   |   |   .size                      e8cd                 59597
Warning: Anticipating violation of size constraint .commandSize = 163: already parsed 95 bytes and .parameters.inSensitive.sensitive.userAuth.size = 59597 indicates that the limit will be exceeded by >= 59529 byte(s).
Warning: Violated size constraint .parameters.inSensitive.size = 4: already parsed 4 bytes and .parameters.inSensitive.sensitive.userAuth.buffer[2] exceeds the limit by 1 byte(s).
list[BYTE]                                |   |   |   |   |   .buffer                    41f9                 A.
TPM2B_PUBLIC                              |   |   .inPublic                                                   
UINT16                                    |   |   |   .size                              003a                 58
TPMT_PUBLIC                               |   |   |   .publicArea                                             
TPMI_ALG_PUBLIC                           |   |   |   |   .type                          0023                 TPMI_ALG_PUBLIC.ECC
TPMI_ALG_HASH                             |   |   |   |   .nameAlg                       000b                 TPMI_ALG_HASH.SHA256
TPMA_OBJECT                               |   |   |   |   .objectAttributes              000300b2             196786
                                          |   |   |   |   |   .reserved                                       ...............................0
                                          |   |   |   |   |   .fixedTPM                                       ..............................1.
                                          |   |   |   |   |   .stClear                                        .............................0..
                                          |   |   |   |   |   .reserved0                                      ............................0...
                                          |   |   |   |   |   .fixedParent                                    ...........................1....
                                          |   |   |   |   |   .sensitiveDataOrigin                            ..........................1.....
                                          |   |   |   |   |   .userWithAuth                                   .........................0......
                                          |   |   |   |   |   .adminWithPolicy                                ........................1.......
                                          |   |   |   |   |   .reserved1                                      ......................00........
                                          |   |   |   |   |   .noDA                                           .....................0..........
                                          |   |   |   |   |   .encryptedDuplication                           ....................0...........
                                          |   |   |   |   |   .reserved2                                      ................0000............
                                          |   |   |   |   |   .restricted                                     ...............1................
                                          |   |   |   |   |   .decrypt                                        ..............1.................
                                          |   |   |   |   |   .sign_decrypt                                   .............0..................
                                          |   |   |   |   |   .sign                                           ............0...................
                                          |   |   |   |   |   .reserved3                                      000000000000....................
TPM2B_DIGEST                              |   |   |   |   .authPolicy                                         
UINT16                                    |   |   |   |   |   .size                      0020                 32
list[BYTE]                                |   |   |   |   |   .buffer                    e587c11ab50f9d8730f721e3fea42b46c0455b246f96aee85d18eb3be64d666a ........0.!...+F.E[$o...]..;.Mfj
TPMU_PUBLIC_PARMS                         |   |   |   |   .parameters                                         
TPMS_ECC_PARMS                            |   |   |   |   |   .eccDetail                                      
TPMT_SYM_DEF_OBJECT                       |   |   |   |   |   |   .symmetric                                  
TPMI_ALG_SYM_OBJECT                       |   |   |   |   |   |   |   .algorithm         0006                 TPMI_ALG_SYM_OBJECT.AES
TPMU_SYM_KEY_BITS                         |   |   |   |   |   |   |   .keyBits                                
TPMI_AES_KEY_BITS                         |   |   |   |   |   |   |   |   .aes           0080                 128
TPMU_SYM_MODE                             |   |   |   |   |   |   |   .mode                                   
TPMI_ALG_SYM_MODE                         |   |   |   |   |   |   |   |   .aes           0043                 TPMI_ALG_SYM_MODE.CFB
TPMU_SYM_DETAILS                          |   |   |   |   |   |   |   .details                                
TPMT_ECC_SCHEME                           |   |   |   |   |   |   .scheme                                     
TPMI_ALG_ECC_SCHEME                       |   |   |   |   |   |   |   .scheme            0010                 TPMI_ALG_ECC_SCHEME.NULL
TPMU_ASYM_SCHEME                          |   |   |   |   |   |   |   .details                                
TPMI_ECC_CURVE                            |   |   |   |   |   |   .curveID               0003                 TPMI_ECC_CURVE.NIST_P256
TPMT_KDF_SCHEME                           |   |   |   |   |   |   .kdf                                        
TPMI_ALG_KDF                              |   |   |   |   |   |   |   .scheme            0010                 TPMI_ALG_KDF.NULL
TPMU_KDF_SCHEME                           |   |   |   |   |   |   |   .details                                
TPMU_PUBLIC_ID                            |   |   |   |   .unique                                             
TPMS_ECC_POINT                            |   |   |   |   |   .ecc                                            
TPM2B_ECC_PARAMETER                       |   |   |   |   |   |   .x                                          
UINT16                                    |   |   |   |   |   |   |   .size              0000                 0
list[BYTE]                                |   |   |   |   |   |   |   .buffer                                 
TPM2B_ECC_PARAMETER                       |   |   |   |   |   |   .y                                          
UINT16                                    |   |   |   |   |   |   |   .size              0000                 0
list[BYTE]                                |   |   |   |   |   |   |   .buffer                                 
TPM2B_DATA                                |   |   .outsideInfo                                                
UINT16                                    |   |   |   .size                              0000                 0
list[BYTE]                                |   |   |   .buffer                                                 
TPML_PCR_SELECTION                        |   |   .creationPCR                                                
Warning: Violated size constraint .commandSize = 163: already parsed 160 bytes and .parameters.creationPCR.count exceeds the limit by 1 byte(s).
Response                                  .                                                                   
TPM_ST                                    |   .tag                                       0000                 TPM_ST.None
Warning: Parsed bad value for TPM_ST .tag = 0x0 = 0 not in ValidValues(TPM_ST)
UINT32                                    |   .responseSize                              018a0000             25821184
TPM_RC                                    |   .responseCode                              000080ff             TPM_RC.None
Warning: Parsed bad value for TPM_RC .responseCode = 0x80ff = 33023 not in ValidValues(TPM_RC)
Warning: Violated size constraint: .responseSize = 25821184 bytes should be parsed by now, but 10 bytes were actually parsed
Warning: Input stream exhausted but parser is not done.
joholl commented 1 year ago

Fixed in cc8f227af6cfa5e2df5cddd90e6f2a496d414377 for commands d0f265cf78fc0823b64d4a9a83ace9110d7947ac for responses.