Merge pull request #308 from Superhepper/tpml_tagged_pcr_property

Rust native TPML_TAGGED_PCR_PROPERTY type

Author: ionut-arm

tss-esapi/src/constants/mod.rs

@@ -55,10 +55,15 @@ pub mod ecc;
 /// Constants -> TPM_CC section of the specification.
 pub mod command_code;
 
+/// Representation of the constants defined in
+/// Constants -> TPM_PT_PCR section of the specification.
+pub mod pcr_property_tag;
+
 pub use capabilities::CapabilityType;
 pub use command_code::CommandCode;
 pub use ecc::EccCurveIdentifier;
 pub use nv_index_type::NvIndexType;
+pub use pcr_property_tag::PcrPropertyTag;
 pub use property_tag::PropertyTag;
 pub use response_code::{ResponseCode, Tss2ResponseCode, Tss2ResponseCodeKind};
 pub use session_type::SessionType;

tss-esapi/src/constants/pcr_property_tag.rs

@@ -0,0 +1,56 @@
+// Copyright 2022 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+use crate::{
+    constants::tss::{
+        TPM2_PT_PCR_AUTH, TPM2_PT_PCR_DRTM_RESET, TPM2_PT_PCR_EXTEND_L0, TPM2_PT_PCR_EXTEND_L1,
+        TPM2_PT_PCR_EXTEND_L2, TPM2_PT_PCR_EXTEND_L3, TPM2_PT_PCR_EXTEND_L4,
+        TPM2_PT_PCR_NO_INCREMENT, TPM2_PT_PCR_POLICY, TPM2_PT_PCR_RESET_L0, TPM2_PT_PCR_RESET_L1,
+        TPM2_PT_PCR_RESET_L2, TPM2_PT_PCR_RESET_L3, TPM2_PT_PCR_RESET_L4, TPM2_PT_PCR_SAVE,
+    },
+    tss2_esys::TPM2_PT_PCR,
+    Error, Result, WrapperErrorKind,
+};
+use log::error;
+use num_derive::{FromPrimitive, ToPrimitive};
+use num_traits::{FromPrimitive, ToPrimitive};
+use std::convert::TryFrom;
+
+#[derive(FromPrimitive, ToPrimitive, Debug, Clone, Copy, PartialEq, Eq, Hash)]
+#[repr(u32)]
+pub enum PcrPropertyTag {
+    Save = TPM2_PT_PCR_SAVE,
+    ExtendL0 = TPM2_PT_PCR_EXTEND_L0,
+    ResetL0 = TPM2_PT_PCR_RESET_L0,
+    ExtendL1 = TPM2_PT_PCR_EXTEND_L1,
+    ResetL1 = TPM2_PT_PCR_RESET_L1,
+    ExtendL2 = TPM2_PT_PCR_EXTEND_L2,
+    ResetL2 = TPM2_PT_PCR_RESET_L2,
+    ExtendL3 = TPM2_PT_PCR_EXTEND_L3,
+    ResetL3 = TPM2_PT_PCR_RESET_L3,
+    ExtendL4 = TPM2_PT_PCR_EXTEND_L4,
+    ResetL4 = TPM2_PT_PCR_RESET_L4,
+    // Reserved 0x0000000B – 0x00000010
+    NoIncrement = TPM2_PT_PCR_NO_INCREMENT,
+    DrtmReset = TPM2_PT_PCR_DRTM_RESET,
+    Policy = TPM2_PT_PCR_POLICY,
+    Auth = TPM2_PT_PCR_AUTH,
+}
+
+impl From<PcrPropertyTag> for TPM2_PT_PCR {
+    fn from(pcr_property_tag: PcrPropertyTag) -> Self {
+        // The values are well defined so this cannot fail.
+        pcr_property_tag.to_u32().unwrap()
+    }
+}
+
+impl TryFrom<TPM2_PT_PCR> for PcrPropertyTag {
+    type Error = Error;
+
+    fn try_from(tpm_pt_pcr: TPM2_PT_PCR) -> Result<Self> {
+        PcrPropertyTag::from_u32(tpm_pt_pcr).ok_or_else(|| {
+            error!("value = {} did not match any PcrPropertyTag.", tpm_pt_pcr);
+            Error::local_error(WrapperErrorKind::InvalidParam)
+        })
+    }
+}

tss-esapi/src/constants/property_tag.rs

@@ -4,7 +4,7 @@ use crate::{constants::tss::*, tss2_esys::TPM2_PT, Error, Result, WrapperErrorKi
 use log::error;
 use num_derive::{FromPrimitive, ToPrimitive};
 use num_traits::{FromPrimitive, ToPrimitive};
-use std::convert::{From, TryFrom};
+use std::convert::TryFrom;
 
 #[derive(FromPrimitive, ToPrimitive, Debug, Clone, Copy, PartialEq, Eq, Hash)]
 #[repr(u32)]
@@ -90,12 +90,9 @@ impl From<PropertyTag> for TPM2_PT {
 
 impl TryFrom<TPM2_PT> for PropertyTag {
     type Error = Error;
-    fn try_from(tpm_property_tag: TPM2_PT) -> Result<PropertyTag> {
-        PropertyTag::from_u32(tpm_property_tag).ok_or_else(|| {
-            error!(
-                "value = {} did not match any PropertyTag.",
-                tpm_property_tag
-            );
+    fn try_from(tpm_pt: TPM2_PT) -> Result<PropertyTag> {
+        PropertyTag::from_u32(tpm_pt).ok_or_else(|| {
+            error!("value = {} did not match any PropertyTag.", tpm_pt);
             Error::local_error(WrapperErrorKind::InvalidParam)
         })
     }

tss-esapi/src/structures/capabilitydata.rs

@@ -4,12 +4,12 @@ use crate::{
     constants::tss::*,
     handles::TpmHandle,
     structures::{
-        AlgorithmPropertyList, CommandCodeList, PcrSelect, PcrSelectionList, TaggedTpmPropertyList,
+        AlgorithmPropertyList, CommandCodeList, PcrSelectionList, TaggedPcrPropertyList,
+        TaggedTpmPropertyList,
     },
     tss2_esys::*,
     Error, Result, WrapperErrorKind,
 };
-use std::collections::HashMap;
 use std::convert::{TryFrom, TryInto};
 use std::mem::size_of;
 
@@ -22,9 +22,9 @@ pub enum CapabilityData {
     AuditCommands(CommandCodeList),
     AssignedPCR(PcrSelectionList),
     TpmProperties(TaggedTpmPropertyList),
-    PCRProperties(HashMap<TPM2_PT_PCR, PcrSelect>),
+    PcrProperties(TaggedPcrPropertyList),
     ECCCurves(Vec<TPM2_ECC_CURVE>),
-    // These are in the TPM TMU_CAPABILITIES, but are not defined by esapi-2.4.1
+    // These are in the TPM TPMU_CAPABILITIES, but are not defined by esapi-2.4.1
     // AuthPolicies(),
     // ActData(),
 }
@@ -90,24 +90,7 @@ fn cd_from_tpm_properties(props: TPML_TAGGED_TPM_PROPERTY) -> Result<CapabilityD
 }
 
 fn cd_from_pcr_properties(props: TPML_TAGGED_PCR_PROPERTY) -> Result<CapabilityData> {
-    if props.count > max_cap_size::<TPMS_TAGGED_PCR_SELECT>() {
-        return Err(Error::WrapperError(WrapperErrorKind::InvalidParam));
-    }
-
-    let mut data = HashMap::new();
-
-    for i in 0..props.count {
-        let prop = props.pcrProperty[i as usize];
-
-        let select = PcrSelect::try_from(TPMS_PCR_SELECT {
-            sizeofSelect: prop.sizeofSelect,
-            pcrSelect: prop.pcrSelect,
-        })?;
-
-        let _ = data.insert(prop.tag, select);
-    }
-
-    Ok(CapabilityData::PCRProperties(data))
+    Ok(CapabilityData::PcrProperties(props.try_into()?))
 }
 
 fn cd_from_ecc_curves(props: TPML_ECC_CURVE) -> Result<CapabilityData> {

tss-esapi/src/structures/lists/mod.rs

@@ -5,4 +5,5 @@ pub mod command_code;
 pub mod digest;
 pub mod digest_values;
 pub mod pcr_selection;
+pub mod tagged_pcr_property;
 pub mod tagged_tpm_property;

tss-esapi/src/structures/lists/tagged_pcr_property.rs

@@ -0,0 +1,134 @@
+// Copyright 2022 Contributors to the Parsec project.
+// SPDX-License-Identifier: Apache-2.0
+
+use crate::{
+    constants::PcrPropertyTag,
+    structures::{PcrSlot, TaggedPcrSelect},
+    tss2_esys::{TPM2_CAP, TPM2_MAX_CAP_BUFFER, TPML_TAGGED_PCR_PROPERTY, TPMS_TAGGED_PCR_SELECT},
+    Error, Result, WrapperErrorKind,
+};
+use log::error;
+use std::{convert::TryFrom, iter::IntoIterator, ops::Deref};
+/// A structure holding a list of tagged pcr properties.
+///
+/// # Details
+/// This corresponds to the TPML_TAGGED_PCR_PROPERTY structure.
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct TaggedPcrPropertyList {
+    tagged_pcr_properties: Vec<TaggedPcrSelect>,
+}
+
+impl TaggedPcrPropertyList {
+    pub const MAX_SIZE: usize = Self::calculate_max_size();
+
+    /// Finds the first [TaggedPcrSelect] in the list that matches the provided `pcr_property_tag`.
+    pub fn find(&self, pcr_property_tag: PcrPropertyTag) -> Option<&TaggedPcrSelect> {
+        self.tagged_pcr_properties
+            .iter()
+            .find(|tps| tps.pcr_property_tag() == pcr_property_tag)
+    }
+
+    /// Returns a collection [TaggedPcrSelect] references in which each referenced items
+    /// has the specified [PcrSlot] selected.
+    pub fn find_pcr_slot(&self, pcr_slot: PcrSlot) -> Vec<&TaggedPcrSelect> {
+        self.tagged_pcr_properties
+            .iter()
+            .fold(Vec::<&TaggedPcrSelect>::new(), |mut acc, tps| {
+                if tps.selected_pcrs().iter().any(|&ps| ps == pcr_slot) {
+                    acc.push(tps);
+                }
+                acc
+            })
+    }
+
+    /// Private function that calculates the maximum number
+    /// elements allowed in internal storage.
+    const fn calculate_max_size() -> usize {
+        // According to the specification the size is vendor specific.
+        // So if someone is using modified values in their TSS libraries
+        // it is picked up here.
+        (TPM2_MAX_CAP_BUFFER as usize
+            - std::mem::size_of::<TPM2_CAP>()
+            - std::mem::size_of::<u32>())
+            / std::mem::size_of::<TPMS_TAGGED_PCR_SELECT>()
+    }
+}
+
+impl Deref for TaggedPcrPropertyList {
+    type Target = Vec<TaggedPcrSelect>;
+
+    fn deref(&self) -> &Self::Target {
+        &self.tagged_pcr_properties
+    }
+}
+
+impl AsRef<[TaggedPcrSelect]> for TaggedPcrPropertyList {
+    fn as_ref(&self) -> &[TaggedPcrSelect] {
+        self.tagged_pcr_properties.as_slice()
+    }
+}
+
+impl TryFrom<Vec<TaggedPcrSelect>> for TaggedPcrPropertyList {
+    type Error = Error;
+
+    fn try_from(tagged_pcr_properties: Vec<TaggedPcrSelect>) -> Result<Self> {
+        if tagged_pcr_properties.len() > Self::MAX_SIZE {
+            error!("Failed to convert Vec<TaggedPcrSelect> into TaggedPcrPropertyList, to many items (> {})", Self::MAX_SIZE);
+            return Err(Error::local_error(WrapperErrorKind::InvalidParam));
+        }
+        Ok(TaggedPcrPropertyList {
+            tagged_pcr_properties,
+        })
+    }
+}
+
+impl IntoIterator for TaggedPcrPropertyList {
+    type Item = TaggedPcrSelect;
+    type IntoIter = std::vec::IntoIter<Self::Item>;
+
+    fn into_iter(self) -> Self::IntoIter {
+        self.tagged_pcr_properties.into_iter()
+    }
+}
+
+impl TryFrom<TPML_TAGGED_PCR_PROPERTY> for TaggedPcrPropertyList {
+    type Error = Error;
+
+    fn try_from(tpml_tagged_pcr_property: TPML_TAGGED_PCR_PROPERTY) -> Result<Self> {
+        let count = usize::try_from(tpml_tagged_pcr_property.count).map_err(|e| {
+            error!(
+                "Failed to parse count in TPML_TAGGED_PCR_PROPERTY as usize: {}",
+                e
+            );
+            Error::local_error(WrapperErrorKind::InvalidParam)
+        })?;
+
+        if count > Self::MAX_SIZE {
+            error!(
+                "Invalid size value in TPML_TAGGED_PCR_PROPERTY (> {})",
+                Self::MAX_SIZE,
+            );
+            return Err(Error::local_error(WrapperErrorKind::InvalidParam));
+        }
+
+        tpml_tagged_pcr_property.pcrProperty[..count]
+            .iter()
+            .map(|&tp| TaggedPcrSelect::try_from(tp))
+            .collect::<Result<Vec<TaggedPcrSelect>>>()
+            .map(|tagged_pcr_properties| TaggedPcrPropertyList {
+                tagged_pcr_properties,
+            })
+    }
+}
+
+impl From<TaggedPcrPropertyList> for TPML_TAGGED_PCR_PROPERTY {
+    fn from(tagged_pcr_property_list: TaggedPcrPropertyList) -> Self {
+        let mut tpml_tagged_pcr_property = TPML_TAGGED_PCR_PROPERTY::default();
+        for tagged_pcr_select in tagged_pcr_property_list {
+            tpml_tagged_pcr_property.pcrProperty[tpml_tagged_pcr_property.count as usize] =
+                tagged_pcr_select.into();
+            tpml_tagged_pcr_property.count += 1;
+        }
+        tpml_tagged_pcr_property
+    }
+}

tss-esapi/src/structures/lists/tagged_tpm_property.rs

@@ -4,7 +4,7 @@
 use crate::{
     constants::PropertyTag,
     structures::TaggedProperty,
-    tss2_esys::{TPML_TAGGED_TPM_PROPERTY, TPMS_TAGGED_PROPERTY},
+    tss2_esys::{TPM2_CAP, TPM2_MAX_CAP_BUFFER, TPML_TAGGED_TPM_PROPERTY, TPMS_TAGGED_PROPERTY},
     Error, Result, WrapperErrorKind,
 };
 use log::error;
@@ -22,7 +22,7 @@ pub struct TaggedTpmPropertyList {
 impl TaggedTpmPropertyList {
     pub const MAX_SIZE: usize = Self::calculate_max_size();
 
-    /// Finds a [TaggedProperty] in the list matching the provided `property_tag`.
+    /// Finds the first [TaggedProperty] in the list matching the provided `property_tag`.
     pub fn find(&self, property_tag: PropertyTag) -> Option<&TaggedProperty> {
         self.tagged_tpm_properties
             .iter()
@@ -35,7 +35,9 @@ impl TaggedTpmPropertyList {
         // According to the specification the size is vendor specific.
         // So if someone is using modified values in their TSS libraries
         // it is picked up here.
-        (std::mem::size_of::<TPML_TAGGED_TPM_PROPERTY>() - std::mem::size_of::<u32>())
+        (TPM2_MAX_CAP_BUFFER as usize
+            - std::mem::size_of::<TPM2_CAP>()
+            - std::mem::size_of::<u32>())
             / std::mem::size_of::<TPMS_TAGGED_PROPERTY>()
     }
 }
@@ -110,7 +112,7 @@ impl TryFrom<TPML_TAGGED_TPM_PROPERTY> for TaggedTpmPropertyList {
 impl From<TaggedTpmPropertyList> for TPML_TAGGED_TPM_PROPERTY {
     fn from(tagged_tpm_property_list: TaggedTpmPropertyList) -> Self {
         let mut tpml_tagged_tpm_property: TPML_TAGGED_TPM_PROPERTY = Default::default();
-        for tagged_property in tagged_tpm_property_list.tagged_tpm_properties {
+        for tagged_property in tagged_tpm_property_list {
             tpml_tagged_tpm_property.tpmProperty[tpml_tagged_tpm_property.count as usize] =
                 tagged_property.into();
             tpml_tagged_tpm_property.count += 1;

tss-esapi/src/structures/mod.rs

@@ -56,9 +56,13 @@ pub use self::hash::agile::HashAgile;
 /// The pcr section
 /////////////////////////////////////////////////////////
 mod pcr;
+
+pub use self::pcr_slot::PcrSlot;
+pub mod pcr_slot {
+    pub use super::pcr::slot::*;
+}
+
 pub use self::pcr_select::PcrSelect;
-pub use self::pcr_select::PcrSelectSize;
-pub use self::pcr_select::PcrSlot;
 pub mod pcr_select {
     pub use super::pcr::select::*;
 }
@@ -67,6 +71,11 @@ pub use self::pcr_selection::PcrSelection;
 pub mod pcr_selection {
     pub use super::pcr::selection::*;
 }
+
+pub use self::pcr_select_size::PcrSelectSize;
+pub mod pcr_select_size {
+    pub use super::pcr::select_size::*;
+}
 /////////////////////////////////////////////////////////
 /// The lists section
 /////////////////////////////////////////////////////////
@@ -101,6 +110,11 @@ pub use algorithm_property_list::AlgorithmPropertyList;
 pub mod algorithm_property_list {
     pub use super::lists::algorithm_property::*;
 }
+
+pub use tagged_pcr_property_list::TaggedPcrPropertyList;
+pub mod tagged_pcr_property_list {
+    pub use super::lists::tagged_pcr_property::*;
+}
 /////////////////////////////////////////////////////////
 /// The parameters section
 /////////////////////////////////////////////////////////
@@ -215,3 +229,8 @@ pub use tagged_property::TaggedProperty;
 /////////////////////////////////////////////////////////
 mod algorithm_property;
 pub use algorithm_property::AlgorithmProperty;
+/////////////////////////////////////////////////////////
+/// TaggedPcrSelect
+/////////////////////////////////////////////////////////
+mod tagged_pcr_select;
+pub use tagged_pcr_select::TaggedPcrSelect;

tss-esapi/src/structures/pcr/mod.rs

@@ -1,4 +1,6 @@
 // Copyright 2020 Contributors to the Parsec project.
 // SPDX-License-Identifier: Apache-2.0
 pub mod select;
+pub mod select_size;
 pub mod selection;
+pub mod slot;