From 080dae0125636ee299830b9f6679df1af3730372 Mon Sep 17 00:00:00 2001
From: David Garske <david@wolfssl.com>
Date: Tue, 10 Sep 2024 11:12:10 -0700
Subject: [PATCH] Fixes to properly support TPM policy with more than one PCR.

---
 .github/workflows/test-build-sim-tpm.yml |  4 +-
 docs/TPM.md                              | 51 +++++++++++++-----------
 lib/wolfTPM                              |  2 +-
 src/tpm.c                                |  6 +--
 tools/tpm/policy_create.c                |  6 +--
 5 files changed, 38 insertions(+), 31 deletions(-)

diff --git a/.github/workflows/test-build-sim-tpm.yml b/.github/workflows/test-build-sim-tpm.yml
index 0a2b961c5..786e2f0f0 100644
--- a/.github/workflows/test-build-sim-tpm.yml
+++ b/.github/workflows/test-build-sim-tpm.yml
@@ -67,8 +67,10 @@ jobs:
       - name: Create a PCR Policy
         run: |
           echo aaa > aaa.bin
+          echo bbb > bbb.bin
           ./tools/tpm/pcr_extend 0 aaa.bin
-          ./tools/tpm/policy_create -pcr=0 -out=policy.bin
+          ./tools/tpm/pcr_extend 1 bbb.bin
+          ./tools/tpm/policy_create -pcr=1 -pcr=0 -out=policy.bin
 
       - name: Build wolfboot
         run: |
diff --git a/docs/TPM.md b/docs/TPM.md
index f95d31d90..6a58185da 100644
--- a/docs/TPM.md
+++ b/docs/TPM.md
@@ -59,49 +59,54 @@ NOTE: The TPM's RSA verify requires ASN.1 encoding, so use SIGN=RSA2048ENC
 % make keytools
 % make tpmtools
 % echo aaa > aaa.bin
+% echo bbb > bbb.bin
 % ./tools/tpm/pcr_extend 0 aaa.bin
-% ./tools/tpm/policy_create -pcr=0
+% ./tools/tpm/pcr_extend 1 bbb.bin
+# hash for policy PCR is done 1 then 0
+% ./tools/tpm/policy_create -pcr=1 -pcr=0 -out=policy.bin
 # if ROT enabled
 % ./tools/tpm/rot -write [-auth=TestAuth]
 % make clean
 $ make POLICY_FILE=policy.bin [WOLFBOOT_TPM_KEYSTORE_AUTH=TestAuth] [WOLFBOOT_TPM_SEAL_AUTH=SealAuth]
 
 % ./wolfboot.elf get_version
-Simulator assigned ./internal_flash.dd to base 0x103378000
-Mfg IBM  (0), Vendor SW   TPM, Fw 8217.4131 (0x163636), FIPS 140-2 1, CC-EAL4 0
+Simulator assigned ./internal_flash.dd to base 0x107175000
+Mfg IBM  (0), Vendor SW   TPM, Fw 8228.293 (0x120000), FIPS 140-2 1, CC-EAL4 0
 Unlocking disk...
-Boot partition: 0x1033f8000
-Image size 54400
+Boot partition: 0x1071f5000 (size 21288, version 0x1)
 Error 395 reading blob from NV index 1400300 (error TPM_RC_HANDLE)
 Error 395 unsealing secret! (TPM_RC_HANDLE)
 Sealed secret does not exist!
 Creating new secret (32 bytes)
-430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
-Wrote 210 bytes to NV index 0x1400300
-Read 210 bytes from NV index 0x1400300
+7801a7fb716371c975a9a1bca6159a223bc7dba6adb2acf82781421062e498a5
+Error 395 deleting blob from NV index 1400300 (error TPM_RC_HANDLE)
+Wrote 242 bytes to NV index 0x1400300
+Read 242 bytes from NV index 0x1400300
 Secret Check 32 bytes
-430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
+7801a7fb716371c975a9a1bca6159a223bc7dba6adb2acf82781421062e498a5
 Secret 32 bytes
-430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
-Boot partition: 0x1033f8000
-Image size 54400
+7801a7fb716371c975a9a1bca6159a223bc7dba6adb2acf82781421062e498a5
+Boot partition: 0x1071f5000 (size 21288, version 0x1)
+Boot header magic 0x00000000 invalid at 0x107275000
+Boot partition: 0x1071f5000 (size 21288, version 0x1)
+Booting version: 0x1
 TPM Root of Trust valid (id 0)
-Simulator assigned ./internal_flash.dd to base 0x103543000
+Simulator assigned ./internal_flash.dd to base 0x1073cc000
 1
-
 % ./wolfboot.elf get_version
-Simulator assigned ./internal_flash.dd to base 0x10c01c000
-Mfg IBM  (0), Vendor SW   TPM, Fw 8217.4131 (0x163636), FIPS 140-2 1, CC-EAL4 0
+Simulator assigned ./internal_flash.dd to base 0x102f38000
+Mfg IBM  (0), Vendor SW   TPM, Fw 8228.293 (0x120000), FIPS 140-2 1, CC-EAL4 0
 Unlocking disk...
-Boot partition: 0x10c09c000
-Image size 54400
-Read 210 bytes from NV index 0x1400300
+Boot partition: 0x102fb8000 (size 21288, version 0x1)
+Read 242 bytes from NV index 0x1400300
 Secret 32 bytes
-430dee45553c4a8b75fbc6bcd0890765c48cab760b24b1aa6b633dc0538e0159
-Boot partition: 0x10c09c000
-Image size 54400
+7801a7fb716371c975a9a1bca6159a223bc7dba6adb2acf82781421062e498a5
+Boot partition: 0x102fb8000 (size 21288, version 0x1)
+Boot header magic 0x00000000 invalid at 0x103038000
+Boot partition: 0x102fb8000 (size 21288, version 0x1)
+Booting version: 0x1
 TPM Root of Trust valid (id 0)
-Simulator assigned ./internal_flash.dd to base 0x10c1e7000
+Simulator assigned ./internal_flash.dd to base 0x10318f000
 1
 ```
 
diff --git a/lib/wolfTPM b/lib/wolfTPM
index fb7e321ac..fc683a1cc 160000
--- a/lib/wolfTPM
+++ b/lib/wolfTPM
@@ -1 +1 @@
-Subproject commit fb7e321ac0f5c4a29cea273ed84c9ef60b6c0a4d
+Subproject commit fc683a1cc0c0b5fa1c49639c5e302a6558593243
diff --git a/src/tpm.c b/src/tpm.c
index ceb95c4a7..97d65d8f6 100644
--- a/src/tpm.c
+++ b/src/tpm.c
@@ -476,9 +476,9 @@ uint32_t wolfBoot_tpm_pcrmask_sel(uint32_t pcrMask, uint8_t* pcrArray,
     uint32_t pcrArraySzAct = 0;
     for (i=0; i<IMPLEMENTATION_PCR; i++) {
         if (pcrMask & (1 << i)) {
-            pcrArray[pcrArraySzAct++] = i;
-            if (pcrArraySzAct < pcrArraySz) { /* make sure we have room */
-                break;
+            /* add if we have room */
+            if (pcrArraySzAct < pcrArraySz) {
+                pcrArray[pcrArraySzAct++] = i;
             }
         }
     }
diff --git a/tools/tpm/policy_create.c b/tools/tpm/policy_create.c
index 2544dc300..dc53534c9 100644
--- a/tools/tpm/policy_create.c
+++ b/tools/tpm/policy_create.c
@@ -116,9 +116,9 @@ uint32_t wolfBoot_tpm_pcrmask_sel(uint32_t pcrMask, uint8_t* pcrArray,
     uint32_t pcrArraySzAct = 0;
     for (i=0; i<IMPLEMENTATION_PCR; i++) {
         if (pcrMask & (1 << i)) {
-            pcrArray[pcrArraySzAct++] = i;
-            if (pcrArraySzAct < pcrArraySz) { /* make sure we have room */
-                break;
+            /* add if we have room */
+            if (pcrArraySzAct < pcrArraySz) {
+                pcrArray[pcrArraySzAct++] = i;
             }
         }
     }