Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.11/site-packages/scapy/layers/tpm.py: 97%
Shortcuts on this page
r m x toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# SPDX-License-Identifier: GPL-2.0-only
2# This file is part of Scapy
3# See https://scapy.net/ for more information
4# Copyright (C) Gabriel Potter
6"""
7Implementation of structures related to TPM 2.0 and Windows PCP
9(Windows Plateform Crypto Provider)
10"""
12from scapy.config import conf
13from scapy.packet import Packet
14from scapy.fields import (
15 BitField,
16 ByteField,
17 ConditionalField,
18 FlagsField,
19 IntField,
20 LEIntEnumField,
21 LEIntField,
22 LongField,
23 MultipleTypeField,
24 PacketField,
25 PacketLenField,
26 PacketListField,
27 ShortEnumField,
28 ShortField,
29 StrField,
30 StrFixedLenField,
31 StrLenField,
32)
35##########################
36# TPM 2 structures #
37##########################
39IMPLEMENTATION_PCR = 24
40PCR_SELECT_MAX = (IMPLEMENTATION_PCR + 7) // 8
41MAX_RSA_KEY_BITS = 2048
42MAX_RSA_KEY_BYTES = (MAX_RSA_KEY_BITS + 7) // 8
44# TPM20.h source
46TPM_ALG = {
47 0x0000: "TPM_ALG_ERROR",
48 0x0001: "TPM_ALG_RSA",
49 0x0004: "TPM_ALG_SHA1",
50 0x0005: "TPM_ALG_HMAC",
51 0x0006: "TPM_ALG_AES",
52 0x0007: "TPM_ALG_MGF1",
53 0x0008: "TPM_ALG_KEYEDHASH",
54 0x000A: "TPM_ALG_XOR",
55 0x000B: "TPM_ALG_SHA256",
56 0x000C: "TPM_ALG_SHA384",
57 0x000D: "TPM_ALG_SHA512",
58 0x0010: "TPM_ALG_NULL",
59 0x0012: "TPM_ALG_SM3_256",
60 0x0013: "TPM_ALG_SM4",
61 0x0014: "TPM_ALG_RSASSA",
62 0x0015: "TPM_ALG_RSAES",
63 0x0016: "TPM_ALG_RSAPSS",
64 0x0017: "TPM_ALG_OAEP",
65 0x0018: "TPM_ALG_ECDSA",
66 0x0019: "TPM_ALG_ECDH",
67 0x001A: "TPM_ALG_ECDAA",
68 0x001B: "TPM_ALG_SM2",
69 0x001C: "TPM_ALG_ECSCHNORR",
70 0x001D: "TPM_ALG_ECMQV",
71 0x0020: "TPM_ALG_KDF1_SP800_56a",
72 0x0021: "TPM_ALG_KDF2",
73 0x0022: "TPM_ALG_KDF1_SP800_108",
74 0x0023: "TPM_ALG_ECC",
75 0x0025: "TPM_ALG_SYMCIPHER",
76 0x0040: "TPM_ALG_CTR",
77 0x0041: "TPM_ALG_OFB",
78 0x0042: "TPM_ALG_CBC",
79 0x0043: "TPM_ALG_CFB",
80 0x0044: "TPM_ALG_ECB",
81}
83TPM_ST = {
84 0x00C4: "TPM_ST_RSP_COMMAND",
85 0x8000: "TPM_ST_NULL",
86 0x8001: "TPM_ST_NO_SESSIONS",
87 0x8002: "TPM_ST_SESSIONS",
88 0x8014: "TPM_ST_ATTEST_NV",
89 0x8015: "TPM_ST_ATTEST_COMMAND_AUDIT",
90 0x8016: "TPM_ST_ATTEST_SESSION_AUDIT",
91 0x8017: "TPM_ST_ATTEST_CERTIFY",
92 0x8018: "TPM_ST_ATTEST_QUOTE",
93 0x8019: "TPM_ST_ATTEST_TIME",
94 0x801A: "TPM_ST_ATTEST_CREATION",
95 0x8021: "TPM_ST_CREATION",
96 0x8022: "TPM_ST_VERIFIED",
97 0x8023: "TPM_ST_AUTH_SECRET",
98 0x8024: "TPM_ST_HASHCHECK",
99 0x8025: "TPM_ST_AUTH_SIGNED",
100 0x8029: "TPM_ST_FU_MANIFEST",
101}
104class _Packet(Packet):
105 def default_payload_class(self, payload):
106 return conf.padding_layer
109class TPMS_SCHEME_SIGHASH(_Packet):
110 fields_desc = [
111 ShortEnumField("hashAlg", 0, TPM_ALG),
112 ]
115class TPMT_RSA_SCHEME(_Packet):
116 fields_desc = [
117 ShortEnumField("scheme", 0, TPM_ALG),
118 # TPMU_ASYM_SCHEME
119 MultipleTypeField(
120 [
121 (
122 PacketField(
123 "parameters", TPMS_SCHEME_SIGHASH(), TPMS_SCHEME_SIGHASH
124 ),
125 lambda pkt: pkt.scheme
126 in [
127 0x0014, # RSASSA
128 0x0016, # RSAPSS
129 0x001A, # RSAPSS
130 0x001B, # SM2
131 0x001C, # ECSCHNORR
132 ],
133 )
134 ],
135 StrFixedLenField("parameters", b"", length=0),
136 ),
137 ]
140class TPMT_SYM_DEF_OBJECT(_Packet):
141 fields_desc = [
142 ShortEnumField("algorithm", 0, TPM_ALG),
143 ConditionalField(
144 ShortField("keyBits", 0),
145 lambda pkt: pkt.algorithm != 0x0010,
146 ),
147 ConditionalField(
148 ShortField("mode", 0),
149 lambda pkt: pkt.algorithm != 0x0010,
150 ),
151 ]
154class TPMS_RSA_PARMS(_Packet):
155 fields_desc = [
156 PacketField("symmetric", TPMT_SYM_DEF_OBJECT(), TPMT_SYM_DEF_OBJECT),
157 PacketField("scheme", TPMT_RSA_SCHEME(), TPMT_RSA_SCHEME),
158 ShortField("keyBits", 0),
159 IntField("exponent", 0),
160 ]
163class TPM2B_DIGEST(_Packet):
164 fields_desc = [
165 ShortField("size", 0),
166 StrLenField("buffer", b"", length_from=lambda pkt: pkt.size),
167 ]
170class TPML_DIGEST(_Packet):
171 fields_desc = [
172 IntField("count", 0),
173 PacketListField("digests", [], TPM2B_DIGEST, count_from=lambda pkt: pkt.count),
174 ]
177class TPMS_NULL_PARMS(_Packet):
178 fields_desc = [
179 ShortEnumField("algorithm", 0x0010, TPM_ALG),
180 ]
183class TPMT_PUBLIC(_Packet):
184 fields_desc = [
185 ShortEnumField("type", 0x0001, TPM_ALG),
186 ShortEnumField("nameAlg", 0, TPM_ALG),
187 FlagsField(
188 "objectAttributes",
189 0,
190 32,
191 [
192 "reserved1",
193 "fixedTPM",
194 "stClear",
195 "reserved4",
196 "fixedParent",
197 "sensitiveDataOrigin",
198 "userWithAuth",
199 "adminWithPolicy",
200 "reserved8",
201 "reserved9",
202 "noDA",
203 "encryptedDuplication",
204 "reserved12",
205 "reserved13",
206 "reserved14",
207 "reserved15",
208 "restricted",
209 "decrypt",
210 "sign",
211 ],
212 ),
213 PacketField("authPolicy", TPM2B_DIGEST(), TPM2B_DIGEST),
214 MultipleTypeField(
215 [
216 # TPMU_PUBLIC_PARMS
217 (
218 PacketField("parameters", TPMS_RSA_PARMS(), TPMS_RSA_PARMS),
219 lambda pkt: pkt.type == 0x0001,
220 )
221 ],
222 StrFixedLenField("parameters", b"", length=0),
223 ),
224 # TPMU_PUBLIC_ID
225 PacketField("unique", TPM2B_DIGEST(), TPM2B_DIGEST),
226 ]
229class TPM2B_PUBLIC(_Packet):
230 fields_desc = [
231 ShortField("size", 0),
232 PacketLenField(
233 "publicArea",
234 TPMT_PUBLIC(),
235 TPMT_PUBLIC,
236 length_from=lambda pkt: pkt.size,
237 ),
238 ]
241class TPM2B_PRIVATE_KEY_RSA(_Packet):
242 fields_desc = [
243 ShortField("size", 0),
244 StrLenField(
245 "buffer",
246 b"",
247 length_from=lambda pkt: pkt.size,
248 ),
249 ]
252TPM2B_AUTH = TPM2B_DIGEST
255class TPMT_SENSITIVE(_Packet):
256 fields_desc = [
257 ShortEnumField("sensitiveType", 0, TPM_ALG),
258 PacketField("authValue", TPM2B_AUTH(), TPM2B_AUTH),
259 PacketField("seedValue", TPM2B_DIGEST(), TPM2B_DIGEST),
260 MultipleTypeField(
261 [
262 # TPMU_SENSITIVE_COMPOSITE
263 (
264 PacketField(
265 "sensitive", TPM2B_PRIVATE_KEY_RSA(), TPM2B_PRIVATE_KEY_RSA
266 ),
267 lambda pkt: pkt.sensitiveType == 0x0001, # TPM_ALG_RSA
268 ),
269 ],
270 StrField("sensitive", b""),
271 ),
272 ]
275class TPM2B_SENSITIVE(_Packet):
276 fields_desc = [
277 ShortField("size", 0),
278 PacketLenField(
279 "sensitiveArea",
280 TPMT_SENSITIVE(),
281 TPMT_SENSITIVE,
282 length_from=lambda pkt: pkt.size,
283 ),
284 ]
287class _PRIVATE(_Packet):
288 fields_desc = [
289 PacketField("integrityOuter", TPM2B_DIGEST(), TPM2B_DIGEST),
290 PacketField("integrityInner", TPM2B_DIGEST(), TPM2B_DIGEST),
291 StrField("sensitive", b""), # Encrypted
292 ]
295class TPM2B_PRIVATE(_Packet):
296 fields_desc = [
297 ShortField("size", 0),
298 PacketLenField(
299 "buffer",
300 _PRIVATE(),
301 _PRIVATE,
302 length_from=lambda pkt: pkt.size,
303 ),
304 ]
307class TPM2B_NAME(_Packet):
308 fields_desc = [
309 ShortField("size", 0),
310 StrLenField("Name", b"", length_from=lambda pkt: pkt.size),
311 ]
314class TPM2B_DATA(_Packet):
315 fields_desc = [
316 ShortField("size", 0),
317 StrLenField("buffer", b"", length_from=lambda pkt: pkt.size),
318 ]
321class TPMA_LOCALITY(_Packet):
322 fields_desc = [
323 BitField("locZero", 0, 1),
324 BitField("locOne", 0, 1),
325 BitField("locTwo", 0, 1),
326 BitField("locThree", 0, 1),
327 BitField("locFour", 0, 1),
328 BitField("Extended", 0, 3),
329 ]
332class TPMS_PCR_SELECTION(_Packet):
333 fields_desc = [
334 ShortEnumField("hash", 0, TPM_ALG),
335 ByteField("sizeOfSelect", 0),
336 StrFixedLenField("pcrSelect", b"", length=PCR_SELECT_MAX),
337 ]
340class TPML_PCR_SELECTION(_Packet):
341 fields_desc = [
342 IntField("count", 0),
343 PacketListField(
344 "pcrSelections", [], TPMS_PCR_SELECTION, count_from=lambda pkt: pkt.count
345 ),
346 ]
349class TPMS_CREATION_DATA(_Packet):
350 fields_desc = [
351 PacketField("pcrSelect", TPML_PCR_SELECTION(), TPML_PCR_SELECTION),
352 PacketField("pcrDigest", TPM2B_DIGEST(), TPM2B_DIGEST),
353 PacketField("locality", TPMA_LOCALITY(), TPMA_LOCALITY),
354 ShortEnumField("parentNameAlg", 0, TPM_ALG),
355 PacketField("parentName", TPM2B_NAME(), TPM2B_NAME),
356 PacketField("parentQualifiedName", TPM2B_NAME(), TPM2B_NAME),
357 PacketField("outsideInfo", TPM2B_DATA(), TPM2B_DATA),
358 ]
361class TPM2B_CREATION_DATA(_Packet):
362 fields_desc = [
363 ShortField("size", 0),
364 PacketLenField(
365 "creationData",
366 TPMS_CREATION_DATA(),
367 TPMS_CREATION_DATA,
368 length_from=lambda pkt: pkt.size,
369 ),
370 ]
373class TPMS_CLOCK_INFO(_Packet):
374 fields_desc = [
375 LongField("clock", 0), # obfuscated
376 IntField("resetCount", 0), # obfuscated
377 IntField("restartCount", 0), # obfuscated
378 ByteField("safe", 0),
379 ]
382class TPMS_CREATION_INFO(_Packet):
383 fields_desc = [
384 PacketField("objectName", TPM2B_NAME(), TPM2B_NAME),
385 PacketField("creationHash", TPM2B_DIGEST(), TPM2B_DIGEST),
386 ]
389class TPMS_CERTIFY_INFO(_Packet):
390 fields_desc = [
391 PacketField("Name", TPM2B_NAME(), TPM2B_NAME),
392 PacketField("qualifiedName", TPM2B_DIGEST(), TPM2B_DIGEST),
393 ]
396class TPMS_ATTEST(_Packet):
397 fields_desc = [
398 StrFixedLenField("magic", b"\xffTCG", length=4),
399 ShortEnumField("type", 0, TPM_ST),
400 PacketField("qualifiedSigned", TPM2B_NAME(), TPM2B_NAME),
401 PacketField("extraData", TPM2B_DATA(), TPM2B_DATA),
402 PacketField("clockInfo", TPMS_CLOCK_INFO(), TPMS_CLOCK_INFO),
403 LongField("firmwareVersion", 0),
404 MultipleTypeField(
405 [
406 # TPMU_ATTEST
407 (
408 PacketField("attested", TPMS_CERTIFY_INFO(), TPMS_CERTIFY_INFO),
409 lambda pkt: pkt.type == 0x8017, # TPM_ST_ATTEST_CERTIFY
410 ),
411 (
412 PacketField("attested", TPMS_CREATION_INFO(), TPMS_CREATION_INFO),
413 lambda pkt: pkt.type == 0x801A, # TPM_ST_ATTEST_CREATION
414 ),
415 ],
416 StrField("attested", b""),
417 ),
418 ]
421class TPM2B_ATTEST(_Packet):
422 fields_desc = [
423 ShortField("size", 0),
424 PacketLenField(
425 "attestationData",
426 TPMS_ATTEST(),
427 TPMS_ATTEST,
428 length_from=lambda pkt: pkt.size,
429 ),
430 ]
433class TPM2B_PUBLIC_KEY_RSA(_Packet):
434 fields_desc = [
435 ShortField("size", 0),
436 StrFixedLenField("buffer", b"", length=MAX_RSA_KEY_BYTES),
437 ]
440class TPMS_SIGNATURE_RSASSA(_Packet):
441 fields_desc = [
442 ShortEnumField("hash", 0, TPM_ALG),
443 PacketField("sig", TPM2B_PUBLIC_KEY_RSA(), TPM2B_PUBLIC_KEY_RSA),
444 ]
447class TPMS_SIGNATURE_RSAPSS(_Packet):
448 fields_desc = [
449 ShortEnumField("hash", 0, TPM_ALG),
450 PacketField("sig", TPM2B_PUBLIC_KEY_RSA(), TPM2B_PUBLIC_KEY_RSA),
451 ]
454class TPMT_SIGNATURE(_Packet):
455 fields_desc = [
456 ShortEnumField("sigAlg", 0, TPM_ALG),
457 MultipleTypeField(
458 [
459 # TPMU_SIGNATURE
460 (
461 PacketField(
462 "signature", TPMS_SIGNATURE_RSASSA(), TPMS_SIGNATURE_RSASSA
463 ),
464 lambda pkt: pkt.sigAlg == 0x0014, # RSASSA
465 ),
466 (
467 PacketField(
468 "signature", TPMS_SIGNATURE_RSAPSS(), TPMS_SIGNATURE_RSAPSS
469 ),
470 lambda pkt: pkt.sigAlg == 0x0016, # RSASSA
471 ),
472 ],
473 StrField("signature", b""),
474 ),
475 ]
478# From "Using the Windows 8 Platform PCP" documentation
479# https://github.com/Microsoft/TSS.MSR/blob/main/PCPTool.v11/inc/TpmAtt.h
482# NCRYPT_PCP_TPM12_IDBINDING
483class PCP_IDBinding20(Packet):
484 fields_desc = [
485 PacketField("PublicKey", TPM2B_PUBLIC(), TPM2B_PUBLIC),
486 PacketField("CreationData", TPM2B_CREATION_DATA(), TPM2B_CREATION_DATA),
487 PacketField("Attest", TPM2B_ATTEST(), TPM2B_ATTEST),
488 PacketField("Signature", TPMT_SIGNATURE(), TPMT_SIGNATURE),
489 ]
492_PCP_TYPE = {
493 1: "TPM 1.2",
494 2: "TPM 2.0",
495}
498class PCP_KEY_BLOB(Packet):
499 fields_desc = [
500 StrFixedLenField("Magic", b"PCPM", length=4),
501 LEIntField("cbHeader", 0),
502 LEIntEnumField("pcpType", 1, _PCP_TYPE),
503 FlagsField(
504 "flags",
505 0,
506 -32,
507 {
508 0x00000001: "authRequired",
509 0x00000002: "undocumented2",
510 },
511 ),
512 LEIntField("cbTpmKey", 0),
513 StrLenField(
514 "tpmKey",
515 b"",
516 length_from=lambda pkt: pkt.cbTpmKey,
517 ),
518 ]
521class PCP_20_KEY_BLOB(Packet):
522 fields_desc = [
523 StrFixedLenField("Magic", b"PCPM", length=4),
524 LEIntField("cbHeader", 0),
525 LEIntEnumField("pcpType", 2, _PCP_TYPE),
526 FlagsField(
527 "flags",
528 0,
529 -32,
530 {
531 0x00000001: "authRequired",
532 0x00000002: "undocumented2",
533 },
534 ),
535 LEIntField("cbPublic", 0),
536 LEIntField("cbPrivate", 0),
537 LEIntField("cbMigrationPublic", 0),
538 LEIntField("cbMigrationPrivate", 0),
539 LEIntField("cbPolicyDigestList", 0),
540 LEIntField("cbPCRBinding", 0),
541 LEIntField("cbPCRDigest", 0),
542 LEIntField("cbEncryptedSecret", 0),
543 LEIntField("cbTpm12HostageBlob", 0),
544 LEIntField("pcrAlgId", 0),
545 PacketLenField(
546 "public",
547 TPM2B_PUBLIC(),
548 TPM2B_PUBLIC,
549 length_from=lambda pkt: pkt.cbPublic,
550 ),
551 PacketLenField(
552 "private",
553 TPM2B_PRIVATE(),
554 TPM2B_PRIVATE,
555 length_from=lambda pkt: pkt.cbPrivate,
556 ),
557 PacketLenField(
558 "migrationPublic",
559 None,
560 TPM2B_PUBLIC,
561 length_from=lambda pkt: pkt.cbMigrationPublic,
562 ),
563 PacketLenField(
564 "migrationPrivate",
565 TPM2B_PRIVATE(),
566 TPM2B_PRIVATE,
567 length_from=lambda pkt: pkt.cbMigrationPrivate,
568 ),
569 PacketLenField(
570 "policyDigestList",
571 TPML_DIGEST(),
572 TPML_DIGEST,
573 length_from=lambda pkt: pkt.cbPolicyDigestList,
574 ),
575 StrLenField(
576 "pcrBinding",
577 b"",
578 length_from=lambda pkt: pkt.cbPCRBinding,
579 ),
580 StrLenField(
581 "pcrDigest",
582 b"",
583 length_from=lambda pkt: pkt.cbPCRDigest,
584 ),
585 StrLenField(
586 "encryptedSecret",
587 b"",
588 length_from=lambda pkt: pkt.cbEncryptedSecret,
589 ),
590 StrLenField(
591 "tpm12HostageBlob",
592 b"",
593 length_from=lambda pkt: pkt.cbTpm12HostageBlob,
594 ),
595 ]
598###########################
599# Microsoft Windows #
600###########################
602# [MS-WCCE] sect 2.2.2.5
605class KeyAttestation(Packet):
606 fields_desc = [
607 StrFixedLenField("Magic", b"KADS", length=4),
608 LEIntEnumField("Platform", 2, _PCP_TYPE),
609 LEIntField("HeaderSize", 0),
610 LEIntField("cbKeyAttest", 0),
611 LEIntField("cbSignature", 0),
612 LEIntField("cbKeyBlob", 0),
613 MultipleTypeField(
614 [
615 (
616 PacketLenField(
617 "keyAttest",
618 TPMS_ATTEST(),
619 TPMS_ATTEST,
620 length_from=lambda pkt: pkt.cbKeyAttest,
621 ),
622 lambda pkt: pkt.Platform == 2,
623 )
624 ],
625 StrLenField(
626 "keyAttest",
627 b"",
628 length_from=lambda pkt: pkt.cbKeyAttest,
629 ),
630 ),
631 StrLenField(
632 "signature",
633 b"",
634 length_from=lambda pkt: pkt.cbSignature,
635 ),
636 MultipleTypeField(
637 [
638 (
639 PacketLenField(
640 "keyBlob",
641 PCP_20_KEY_BLOB(),
642 PCP_20_KEY_BLOB,
643 length_from=lambda pkt: pkt.cbKeyBlob,
644 ),
645 lambda pkt: pkt.Platform == 2,
646 ),
647 (
648 PacketLenField(
649 "keyBlob",
650 PCP_KEY_BLOB(),
651 PCP_KEY_BLOB,
652 length_from=lambda pkt: pkt.cbKeyBlob,
653 ),
654 lambda pkt: pkt.Platform == 1,
655 ),
656 ],
657 StrLenField(
658 "keyBlob",
659 b"",
660 length_from=lambda pkt: pkt.cbKeyBlob,
661 ),
662 ),
663 ]
665 def default_payload_class(self, payload):
666 return conf.padding_layer
669class KeyAttestationStatement(Packet):
670 fields_desc = [
671 StrFixedLenField("Magic", b"KAST", length=4),
672 LEIntField("Version", 1),
673 LEIntEnumField("Platform", 2, _PCP_TYPE),
674 LEIntField("HeaderSize", 0),
675 LEIntField("cbIdBinding", 0),
676 LEIntField("cbKeyAttestation", 0),
677 LEIntField("cbAIKOpaque", 0),
678 MultipleTypeField(
679 [
680 (
681 PacketLenField(
682 "idBinding",
683 PCP_IDBinding20(),
684 PCP_IDBinding20,
685 length_from=lambda pkt: pkt.cbIdBinding,
686 ),
687 lambda pkt: pkt.Platform == 2,
688 )
689 ],
690 StrLenField(
691 "idBinding",
692 b"",
693 length_from=lambda pkt: pkt.cbIdBinding,
694 ),
695 ),
696 PacketLenField(
697 "keyAttestation",
698 KeyAttestation(),
699 KeyAttestation,
700 length_from=lambda pkt: pkt.cbKeyAttestation,
701 ),
702 MultipleTypeField(
703 [
704 (
705 PacketLenField(
706 "aikOpaque",
707 PCP_20_KEY_BLOB(),
708 PCP_20_KEY_BLOB,
709 length_from=lambda pkt: pkt.cbAIKOpaque,
710 ),
711 lambda pkt: pkt.Platform == 2,
712 ),
713 (
714 PacketLenField(
715 "aikOpaque",
716 PCP_KEY_BLOB(),
717 PCP_KEY_BLOB,
718 length_from=lambda pkt: pkt.cbAIKOpaque,
719 ),
720 lambda pkt: pkt.Platform == 1,
721 ),
722 ],
723 StrLenField(
724 "aikOpaque",
725 b"",
726 length_from=lambda pkt: pkt.cbAIKOpaque,
727 ),
728 ),
729 ]