search

tpm2-software / tpm2-tools

The source repository for the Trusted Platform Module (TPM2.0) tools
https://tpm2-software.github.io
705 stars 377 forks source link

tss2_getinfo: ifapi_json_TPM2_ALG_ID_serialize() Undefined constant. #3228

Open MartinLoeper opened 1 year ago

MartinLoeper commented 1 year ago

I cannot get the tss2_getinfo command to run. The relevant TRACE log is attached below.

debug:tcti:src/tss2-tcti/tcti-device.c:114:tcti_device_transmit() sending 22 byte command buffer: (size=22): 
0000: 8001000000160000017a000000080000  .........z......
0010: 0000000001fc                      ......
debug:tcti:src/util/io.c:94:write_all() writing 22 bytes starting at 0x55f3df10d450 to fd 3 
debug:tcti:src/util/io.c:108:write_all() wrote 22 bytes to fd 3 
trace:fapi:src/tss2-fapi/fapi_util.c:4073:ifapi_capability_get() State context->state reached GET_INFO_WAIT_FOR_CAP 
trace:esys:src/tss2-esys/api/Esys_GetCapability.c:248:Esys_GetCapability_Finish() context=0x55f3df10bed0, moreData=0x7ffc194d7d27, capabilityData=0x55f3df0ff0d8 
debug:tcti:src/tss2-tcti/tcti-device.c:183:tcti_device_receive() Partial read - reading response size 
debug:tcti:src/tss2-tcti/tcti-device.c:203:tcti_device_receive() Partial read - received header 
trace:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset non-NULL, initial value: 2 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() Unmarshaling UINT32 from 0x7ffc194d7c2e to buffer 0x7ffc194d7c14 at index 0x2 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset parameter non-NULL, updated to 6 
debug:tcti:src/tss2-tcti/tcti-device.c:216:tcti_device_receive() Partial read - received response size 25. 
debug:tcti:src/tss2-tcti/tcti-device.c:274:tcti_device_receive() Response Received (size=25): 
0000: 80010000001900000000000000000800  ................
0010: 000003000300040010                .........
trace:tcti:src/tss2-tcti/tcti-common.c:139:header_unmarshal() Parsing header from buffer: 0x55f3df10d450 
trace:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() offset non-NULL, initial value: 0 
debug:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() Unmarshaling TPM2_ST from 0x55f3df10d450 to buffer 0x55f3df10be3c at index 0x0 
debug:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() offset parameter non-NULL, updated to 2 
trace:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset non-NULL, initial value: 2 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() Unmarshaling UINT32 from 0x55f3df10d450 to buffer 0x55f3df10be40 at index 0x2 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset parameter non-NULL, updated to 6 
trace:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset non-NULL, initial value: 6 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() Unmarshaling UINT32 from 0x55f3df10d450 to buffer 0x55f3df10be44 at index 0x6 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset parameter non-NULL, updated to 10 
debug:tcti:src/tss2-tcti/tcti-device.c:288:tcti_device_receive() Size from header 25 bytes read 25 
trace:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() offset non-NULL, initial value: 0 
debug:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() Unmarshaling TPM2_ST from 0x55f3df10d450 to buffer 0x55f3df10d41e at index 0x0 
debug:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() offset parameter non-NULL, updated to 2 
trace:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset non-NULL, initial value: 2 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() Unmarshaling UINT32 from 0x55f3df10d450 to buffer 0x55f3df10d420 at index 0x2 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset parameter non-NULL, updated to 6 
trace:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset non-NULL, initial value: 6 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() Unmarshaling UINT32 from 0x55f3df10d450 to buffer 0x55f3df10d424 at index 0x6 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset parameter non-NULL, updated to 10 
trace:esys:src/tss2-esys/esys_iutil.c:1393:iesys_check_response() No auths to verify 
trace:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() offset non-NULL, initial value: 0 
debug:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() Unmarshaling TPM2_ST from 0x55f3df10d450 to buffer 0x7ffc194d7c5e at index 0x0 
debug:marshal:src/tss2-mu/base-types.c:180:Tss2_MU_TPM2_ST_Unmarshal() offset parameter non-NULL, updated to 2 
trace:marshal:src/tss2-mu/base-types.c:170:Tss2_MU_UINT8_Unmarshal() offset non-NULL, initial value: 10 
debug:marshal:src/tss2-mu/base-types.c:170:Tss2_MU_UINT8_Unmarshal() Unmarshaling UINT8 from 0x55f3df10d450 to buffer 0x7ffc194d7d27 at index 0xa 
debug:marshal:src/tss2-mu/base-types.c:170:Tss2_MU_UINT8_Unmarshal() offset parameter non-NULL, updated to 11 
debug:marshal:src/tss2-mu/tpms-types.c:1268:Tss2_MU_TPMS_CAPABILITY_DATA_Unmarshal() Unmarshaling TPMS_CAPABILITY_DATA from 0x55f3df118870 to buffer 0x55f3df10d450 at index 0xb 
trace:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset non-NULL, initial value: 11 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() Unmarshaling UINT32 from 0x55f3df10d450 to buffer 0x55f3df118870 at index 0xb 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset parameter non-NULL, updated to 15 
debug:marshal:src/tss2-mu/tpmu-types.c:470:Tss2_MU_TPMU_CAPABILITIES_Unmarshal() Unmarshalling TPMU_CAPABILITIES, selector 8 
trace:marshal:src/tss2-mu/tpml-types.c:169:Tss2_MU_TPML_ECC_CURVE_Unmarshal() offset non-NULL, initial value: 15 
debug:marshal:src/tss2-mu/tpml-types.c:169:Tss2_MU_TPML_ECC_CURVE_Unmarshal() Unmarshaling TPML_ECC_CURVE from 0x55f3df10d450 to buffer 0x55f3df118874 at index 0xf 
trace:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset non-NULL, initial value: 15 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() Unmarshaling UINT32 from 0x55f3df10d450 to buffer 0x7ffc194d781c at index 0xf 
debug:marshal:src/tss2-mu/base-types.c:174:Tss2_MU_UINT32_Unmarshal() offset parameter non-NULL, updated to 19 
trace:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() offset non-NULL, initial value: 19 
debug:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() Unmarshaling UINT16 from 0x55f3df10d450 to buffer 0x55f3df118878 at index 0x13 
debug:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() offset parameter non-NULL, updated to 21 
trace:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() offset non-NULL, initial value: 21 
debug:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() Unmarshaling UINT16 from 0x55f3df10d450 to buffer 0x55f3df11887a at index 0x15 
debug:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() offset parameter non-NULL, updated to 23 
trace:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() offset non-NULL, initial value: 23 
debug:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() Unmarshaling UINT16 from 0x55f3df10d450 to buffer 0x55f3df11887c at index 0x17 
debug:marshal:src/tss2-mu/base-types.c:172:Tss2_MU_UINT16_Unmarshal() offset parameter non-NULL, updated to 25 
debug:marshal:src/tss2-mu/tpml-types.c:169:Tss2_MU_TPML_ECC_CURVE_Unmarshal() offset parameter non-NULL, updated to 25 
trace:fapi:src/tss2-fapi/fapi_util.c:4078:ifapi_capability_get() GetCapability: capability: 0x8, property: 0x0 
ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:397:ifapi_json_TPM2_ALG_ID_serialize() Undefined constant. ErrorCode (0x0006000b) 
ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:1566:ifapi_json_TPMS_ALG_PROPERTY_serialize() Serialize TPM2_ALG_ID ErrorCode (0x0006000b) 
ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:1799:ifapi_json_TPML_ALG_PROPERTY_serialize() Serialize TPMS_ALG_PROPERTY ErrorCode (0x0006000b) 
ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:2040:ifapi_json_TPMS_CAPABILITY_DATA_serialize() Serialize TPMU_CAPABILITIES ErrorCode (0x0006000b) 
ERROR:fapijson:src/tss2-fapi/ifapi_json_serialize.c:585:ifapi_json_IFAPI_CAP_INFO_serialize() Serialize TPMS_CAPABILITY_DATA ErrorCode (0x0006000b) 
ERROR:fapijson:src/tss2-fapi/ifapi_json_serialize.c:628:ifapi_json_IFAPI_INFO_serialize() Serialize TPMS_CAPABILITY_DATA ErrorCode (0x0006000b) 
ERROR:fapi:src/tss2-fapi/api/Fapi_GetInfo.c:270:Fapi_GetInfo_Finish() Error serialize info object ErrorCode (0x0006000b) 
trace:fapi:src/tss2-fapi/api/Fapi_GetInfo.c:293:Fapi_GetInfo_Finish() finished 
ERROR:fapi:src/tss2-fapi/api/Fapi_GetInfo.c:123:Fapi_GetInfo() ErrorCode (0x0006000b) GetTPMInfo 
Fapi_GetInfo(0x6000B) - fapi:A parameter has a bad value
trace:fapi:src/tss2-fapi/api/Fapi_Finalize.c:38:Fapi_Finalize() called for context:0x7ffc194d7e68 
debug:fapi:src/tss2-fapi/api/Fapi_Finalize.c:46:Fapi_Finalize() called: context: 0x7ffc194d7e68, *context: 0x55f3df0fe490 
trace:fapi:src/tss2-fapi/api/Fapi_Finalize.c:59:Fapi_Finalize() Finalizing TCTI 
debug:fapi:src/tss2-fapi/api/Fapi_Finalize.c:95:Fapi_Finalize() finished

I wonder whether the following line has something to do with it since the tpm output contains the byte "0x04" which might correspond to TPM2_ALG_SHA: https://github.com/tpm2-software/tpm2-tss/blob/master/src/tss2-fapi/tpm_json_serialize.c#L356

JuergenReppSIT commented 1 year ago

TPM2_ALG_SHA and TPM2_ALG_SHA1 both have the value 0x4. So that can't be the reason. Unfortunately the bad value is not displayed. Would it be possible for you to replace the return_error at the end of ifapi_json_TPM2_ALG_ID_serialize with: LOG_ERROR("Undefined constant %hu", in); return TSS2_FAPI_RC_BAD_VALUE ; So we could check what's the alg value which is currently not defined in TSS.

JuergenReppSIT commented 1 year ago

@MartinLoeper It also would be interesting what TPM you are using.

MartinLoeper commented 1 year ago

@MartinLoeper It also would be interesting what TPM you are using.

It's produced by STM. I cannot determine which particular product it is. It is built into a ThinkPad X1. Here is the output of tpm2_getcap properties-fixed:

TPM2_PT_FAMILY_INDICATOR:
  raw: 0x322E3000
  value: "2.0"
TPM2_PT_LEVEL:
  raw: 0
TPM2_PT_REVISION:
  raw: 0x8A
  value: 1.38
TPM2_PT_DAY_OF_YEAR:
  raw: 0x8
TPM2_PT_YEAR:
  raw: 0x7E2
TPM2_PT_MANUFACTURER:
  raw: 0x53544D20
  value: "STM "
TPM2_PT_VENDOR_STRING_1:
  raw: 0x10102
  value: ""
TPM2_PT_VENDOR_STRING_2:
  raw: 0x20102
  value: ""
TPM2_PT_VENDOR_STRING_3:
  raw: 0x0
  value: ""
TPM2_PT_VENDOR_STRING_4:
  raw: 0x0
  value: ""
TPM2_PT_VENDOR_TPM_TYPE:
  raw: 0x1
TPM2_PT_FIRMWARE_VERSION_1:
  raw: 0x10102
TPM2_PT_FIRMWARE_VERSION_2:
  raw: 0x0
TPM2_PT_INPUT_BUFFER:
  raw: 0x400
TPM2_PT_HR_TRANSIENT_MIN:
  raw: 0x5
TPM2_PT_HR_PERSISTENT_MIN:
  raw: 0x8
TPM2_PT_HR_LOADED_MIN:
  raw: 0x4
TPM2_PT_ACTIVE_SESSIONS_MAX:
  raw: 0x40
TPM2_PT_PCR_COUNT:
  raw: 0x18
TPM2_PT_PCR_SELECT_MIN:
  raw: 0x3
TPM2_PT_CONTEXT_GAP_MAX:
  raw: 0xFFFF
TPM2_PT_NV_COUNTERS_MAX:
  raw: 0x0
TPM2_PT_NV_INDEX_MAX:
  raw: 0x800
TPM2_PT_MEMORY:
  raw: 0x2
TPM2_PT_CLOCK_UPDATE:
  raw: 0x2710
TPM2_PT_CONTEXT_HASH:
  raw: 0xC
TPM2_PT_CONTEXT_SYM:
  raw: 0x6
TPM2_PT_CONTEXT_SYM_SIZE:
  raw: 0x100
TPM2_PT_ORDERLY_COUNT:
  raw: 0xFF
TPM2_PT_MAX_COMMAND_SIZE:
  raw: 0x710
TPM2_PT_MAX_RESPONSE_SIZE:
  raw: 0x710
TPM2_PT_MAX_DIGEST:
  raw: 0x30
TPM2_PT_MAX_OBJECT_CONTEXT:
  raw: 0x4A4
TPM2_PT_MAX_SESSION_CONTEXT:
  raw: 0x146
TPM2_PT_PS_FAMILY_INDICATOR:
  raw: 0x1
TPM2_PT_PS_LEVEL:
  raw: 0x0
TPM2_PT_PS_REVISION:
  raw: 0x103
TPM2_PT_PS_DAY_OF_YEAR:
  raw: 0x0
TPM2_PT_PS_YEAR:
  raw: 0x0
TPM2_PT_SPLIT_MAX:
  raw: 0x80
TPM2_PT_TOTAL_COMMANDS:
  raw: 0x6F
TPM2_PT_LIBRARY_COMMANDS:
  raw: 0x68
TPM2_PT_VENDOR_COMMANDS:
  raw: 0x7
TPM2_PT_NV_BUFFER_MAX:
  raw: 0x400
TPM2_PT_MODES:
  raw: 0x1
  value: TPMA_MODES_FIPS_140_2
MartinLoeper commented 1 year ago

TPM2_ALG_SHA and TPM2_ALG_SHA1 both have the value 0x4. So that can't be the reason. Unfortunately the bad value is not displayed. Would it be possible for you to replace the return_error at the end of ifapi_json_TPM2_ALG_ID_serialize with: LOG_ERROR("Undefined constant %hu", in); return TSS2_FAPI_RC_BAD_VALUE ; So we could check what's the alg value which is currently not defined in TSS.

Will have to look into it as I typically do not compile packages manually on that Arch machine. Anyway, thanks for your hint how to debug it further!

JuergenReppSIT commented 1 year ago

@MartinLoeper Could you please also attach the output of tpm2_getcap algorithms. If that command works with your TPM we should see the alg id which causes the problem.

MartinLoeper commented 1 year ago

Yes that worked!

rsa:
  value:      0x1
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     1
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
sha1:
  value:      0x4
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
hmac:
  value:      0x5
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    1
  encrypting: 0
  method:     0
aes:
  value:      0x6
  asymmetric: 0
  symmetric:  1
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
mgf1:
  value:      0x7
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     1
keyedhash:
  value:      0x8
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     1
  reserved:   0x0
  signing:    1
  encrypting: 1
  method:     0
xor:
  value:      0xA
  asymmetric: 0
  symmetric:  1
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
sha256:
  value:      0xB
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
sha384:
  value:      0xC
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
rsassa:
  value:      0x14
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    1
  encrypting: 0
  method:     0
rsaes:
  value:      0x15
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 1
  method:     0
rsapss:
  value:      0x16
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    1
  encrypting: 0
  method:     0
oaep:
  value:      0x17
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 1
  method:     0
ecdsa:
  value:      0x18
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    1
  encrypting: 0
  method:     1
ecdh:
  value:      0x19
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     1
ecdaa:
  value:      0x1A
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    1
  encrypting: 0
  method:     0
ecschnorr:
  value:      0x1C
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     0
  reserved:   0x0
  signing:    1
  encrypting: 0
  method:     0
kdf1_sp800_56a:
  value:      0x20
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     1
kdf1_sp800_108:
  value:      0x22
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     1
ecc:
  value:      0x23
  asymmetric: 1
  symmetric:  0
  hash:       0
  object:     1
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
symcipher:
  value:      0x25
  asymmetric: 0
  symmetric:  0
  hash:       0
  object:     1
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
sha3_256:
  value:      0x27
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
sha3_384:
  value:      0x28
  asymmetric: 0
  symmetric:  0
  hash:       1
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 0
  method:     0
ctr:
  value:      0x40
  asymmetric: 0
  symmetric:  1
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 1
  method:     0
ofb:
  value:      0x41
  asymmetric: 0
  symmetric:  1
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 1
  method:     0
cbc:
  value:      0x42
  asymmetric: 0
  symmetric:  1
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 1
  method:     0
cfb:
  value:      0x43
  asymmetric: 0
  symmetric:  1
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 1
  method:     0
ecb:
  value:      0x44
  asymmetric: 0
  symmetric:  1
  hash:       0
  object:     0
  reserved:   0x0
  signing:    0
  encrypting: 1
  method:     0
JuergenReppSIT commented 1 year ago

@MartinLoeper Thank you for sending the alg list. Currently tss does not support: sha3_256, sha3_384, and sha3_512 If you do not use these algs everything should work except of tss2_getinfo which tries to list all algs. As an emergency solution you could add: LOG_WARNING("Undefined alg %hu", in); return TSS2_RC_SUCCESS; at the end of ifapi_json_TPM2_ALG_ID_serialize I will create a PR to fix this problem.

MartinLoeper commented 1 year ago

Thanks for looking into this! This is not an issue for me right now. I was just starting to play around with this whole tpm2/tss ecosystem and was surprised that I could not obtain the info. Thanks for confirming the issue and suggesting a fix!