From 3adf48c3999d27221f8489675e81528360cec1c7 Mon Sep 17 00:00:00 2001
From: Ian <ian.justin.oliver@gmail.com>
Date: Mon, 28 Feb 2022 20:39:57 +0200
Subject: [PATCH] added random number to quote

---
 PythonExamples/quote.md | 27 ++++++++++++++++++++++-----
 PythonExamples/quote.py | 22 +++++++++++++++++++++-
 2 files changed, 43 insertions(+), 6 deletions(-)

diff --git a/PythonExamples/quote.md b/PythonExamples/quote.md
index dc22575..4657083 100644
--- a/PythonExamples/quote.md
+++ b/PythonExamples/quote.md
@@ -9,6 +9,10 @@ The code will:
    * request a quote using the given attestation key, pcrs and extradata
    * unmarshal the returned data structures and print these as a python dict and convert to JSON and pretty print
 
+then as a bonus example
+
+   * generate a random number from the TPM and use that as the extra data to the quote
+
 ## Setup and Variables
 
 The following code might need to be modified for you local setup
@@ -31,10 +35,18 @@ Errors might be generated as the pytss libraries search for a suitable TPM devic
 The following is example output:
 
 ```bash
-~/tpm.dev.tutorials/PythonExamples$ python3 quote.py
-att= <tpm2_pytss.types.TPMS_ATTEST object at 0x7f5fb10419d0>
+~/tpm.dev.tutorials/PythonExamples$ python3 quote.py 
+ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory 
+ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 
+ERROR:tcti:src/tss2-tcti/tcti-device.c:442:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpm0: No such file or directory 
+ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-device.so.0 
+ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:222:tcti_control_command() Control command failed with error: 1 
+ERROR:tcti:src/tss2-tcti/tcti-swtpm.c:330:tcti_swtpm_set_locality() Failed to set locality: 0xa000a 
+WARNING:tcti:src/tss2-tcti/tcti-swtpm.c:599:Tss2_Tcti_Swtpm_Init() Could not set locality via control channel: 0xa000a 
+ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-swtpm.so.0 
+att= <tpm2_pytss.types.TPMS_ATTEST object at 0x7f0bebf19070>
 ae= <class 'dict'> 
- {'attested': {'pcrDigest': '38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca', 'pcrSelect': [{'hash': 'sha256', 'pcrSelect': [0, 1, 2, 3]}]}, 'clockInfo': {'clock': 308418200, 'resetCount': 22, 'restartCount': 0, 'safe': 1}, 'extraData': '49616e3132333435', 'firmwareVersion': [538513443, 1455670], 'magic': 4283712327, 'qualifiedSigner': '000bff3ea118be81e7f10ead098c900b93c885785e828bf27d824a87add847b5ec56', 'type': 'attest_quote'}
+ {'attested': {'pcrDigest': '38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca', 'pcrSelect': [{'hash': 'sha256', 'pcrSelect': [0, 1, 2, 3]}]}, 'clockInfo': {'clock': 313399693, 'resetCount': 24, 'restartCount': 0, 'safe': 1}, 'extraData': '49616e3132333435', 'firmwareVersion': [538513443, 1455670], 'magic': 4283712327, 'qualifiedSigner': '000bff3ea118be81e7f10ead098c900b93c885785e828bf27d824a87add847b5ec56', 'type': 'attest_quote'}
 
  {
     "attested": {
@@ -52,8 +64,8 @@ ae= <class 'dict'>
         ]
     },
     "clockInfo": {
-        "clock": 308418200,
-        "resetCount": 22,
+        "clock": 313399693,
+        "resetCount": 24,
         "restartCount": 0,
         "safe": 1
     },
@@ -67,6 +79,11 @@ ae= <class 'dict'>
     "type": "attest_quote"
 }
 
+With randomly generated extra data:  0c830dd1a9dd50c0
+ae2= <class 'dict'> 
+ {'attested': {'pcrDigest': '38723a2e5e8a17aa7950dc008209944e898f69a7bd10a23c839d341e935fd5ca', 'pcrSelect': [{'hash': 'sha256', 'pcrSelect': [0, 1, 2, 3]}]}, 'clockInfo': {'clock': 313399694, 'resetCount': 24, 'restartCount': 0, 'safe': 1}, 'extraData': '30633833306464316139646435306330', 'firmwareVersion': [538513443, 1455670], 'magic': 4283712327, 'qualifiedSigner': '000bff3ea118be81e7f10ead098c900b93c885785e828bf27d824a87add847b5ec56', 'type': 'attest_quote'}
+
+
 ```
 
 The *magic number* of the quote is returned as an integer `4283712327` this corresponds to the better known TPM returned byte sequence `FF544347` in hex.
\ No newline at end of file
diff --git a/PythonExamples/quote.py b/PythonExamples/quote.py
index 4f47cd8..f41841c 100644
--- a/PythonExamples/quote.py
+++ b/PythonExamples/quote.py
@@ -76,4 +76,24 @@ print("ae=",type(ae),"\n",ae)
 #
 
 js = json.dumps(ae,indent=4)
-print("\n",js)
\ No newline at end of file
+print("\n",js)
+
+
+#
+# Now we'll do the same, except we'll generate the nonce using the TPM's random number generator
+#
+
+r = tpm.get_random( 8 )
+
+extradata_to_use = TPM2B_DATA(str(r))
+
+print("\nWith randomly generated extra data: ",str(r))
+
+quote,signature = tpm.quote(
+	  handle, pcrsels, extradata_to_use
+	)
+
+att,_ = TPMS_ATTEST.unmarshal( bytes(quote) )
+enc = json_encdec() 
+ae = enc.encode(att)
+print("ae2=",type(ae),"\n",ae)
\ No newline at end of file