From b19e728bb3b9e60fb8a2fb55ecebe8b12e3768fb Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Sat, 16 Nov 2019 22:13:52 -0500 Subject: [PATCH] tpm2: Code reformatting and comment changes only Signed-off-by: Stefan Berger --- src/tpm2/AlgorithmTests.c | 2 +- src/tpm2/BaseTypes.h | 2 +- src/tpm2/BnMath.c | 21 +++++++ src/tpm2/ClearControl_fp.h | 2 +- src/tpm2/ClockCommands.c | 2 +- src/tpm2/CommandAudit.c | 4 +- src/tpm2/CommandDispatchData.h | 3 + src/tpm2/Create_fp.h | 2 +- src/tpm2/CryptEccData.c | 2 +- src/tpm2/CryptUtil.c | 10 ++-- src/tpm2/DictionaryAttackParameters_fp.h | 2 +- src/tpm2/EC_Ephemeral_fp.h | 2 +- src/tpm2/EncryptDecrypt_fp.h | 2 +- src/tpm2/EvictControl_fp.h | 2 +- src/tpm2/FlushContext_fp.h | 2 +- src/tpm2/GetTestResult_fp.h | 2 +- src/tpm2/Global.h | 19 ++++--- src/tpm2/GpMacros.h | 6 +- src/tpm2/HMAC_fp.h | 2 +- src/tpm2/Hash_fp.h | 2 +- src/tpm2/LoadExternal_fp.h | 2 +- src/tpm2/Load_fp.h | 2 +- src/tpm2/Manufacture.c | 2 +- src/tpm2/NV_Increment_fp.h | 2 +- src/tpm2/NV_WriteLock_fp.h | 2 +- src/tpm2/PCR.c | 4 +- src/tpm2/PCR_Allocate_fp.h | 2 +- src/tpm2/PCR_fp.h | 2 +- src/tpm2/PP_Commands_fp.h | 2 +- src/tpm2/PlatformData.c | 2 +- src/tpm2/PolicyCpHash_fp.h | 2 +- src/tpm2/PolicySecret_fp.h | 2 +- src/tpm2/PolicySigned_fp.h | 2 +- src/tpm2/PolicyTicket_fp.h | 2 +- src/tpm2/SessionCommands.c | 4 +- src/tpm2/SetPrimaryPolicy_fp.h | 4 +- src/tpm2/Sign_fp.h | 2 +- src/tpm2/Startup_fp.h | 2 +- .../SupportLibraryFunctionPrototypes_fp.h | 2 +- src/tpm2/TPMB.h | 2 +- src/tpm2/TPMCmdp.c | 5 +- src/tpm2/TpmAlgorithmDefines.h | 12 ++-- src/tpm2/TpmAsn1.c | 41 ++++++------- src/tpm2/TpmAsn1.h | 6 +- src/tpm2/TpmBuildSwitches.h | 2 +- src/tpm2/VendorString.h | 8 +-- src/tpm2/X509.h | 14 ++++- src/tpm2/X509_ECC.c | 2 +- src/tpm2/X509_RSA.c | 16 +++--- src/tpm2/X509_spt.c | 4 ++ src/tpm2/_TPM_Hash_Data_fp.h | 2 +- src/tpm2/_TPM_Hash_End_fp.h | 2 +- src/tpm2/_TPM_Hash_Start_fp.h | 2 +- src/tpm2/crypto/CryptEcc.h | 4 +- src/tpm2/crypto/CryptHash.h | 3 +- src/tpm2/crypto/CryptSym.h | 4 +- src/tpm2/crypto/CryptUtil_fp.h | 6 +- src/tpm2/crypto/openssl/CryptHash.c | 6 +- src/tpm2/crypto/openssl/CryptPrime.c | 19 ++++--- src/tpm2/crypto/openssl/CryptPrimeSieve.c | 32 ++++++++--- src/tpm2/crypto/openssl/CryptRand.c | 11 ++-- src/tpm2/crypto/openssl/LibSupport.h | 16 +++++- src/tpm2/crypto/openssl/TpmToOsslMath.c | 57 +++++++++++++++---- src/tpm2/crypto/openssl/TpmToOsslMath.h | 2 - src/tpm2/crypto/openssl/TpmToOsslMath_fp.h | 1 - 65 files changed, 263 insertions(+), 151 deletions(-) diff --git a/src/tpm2/AlgorithmTests.c b/src/tpm2/AlgorithmTests.c index e7b5ba2a..9e9ba794 100644 --- a/src/tpm2/AlgorithmTests.c +++ b/src/tpm2/AlgorithmTests.c @@ -393,7 +393,7 @@ RsaKeyInitialize( testObject->attributes.privateExp = 0; } /* 10.2.1.5.3 TestRsaEncryptDecrypt() */ -/* These test are for an public key encryption that uses a random value */ +/* These tests are for a public key encryption that uses a random value. */ static TPM_RC TestRsaEncryptDecrypt( TPM_ALG_ID scheme, // IN: the scheme diff --git a/src/tpm2/BaseTypes.h b/src/tpm2/BaseTypes.h index 03524c0b..7687715e 100644 --- a/src/tpm2/BaseTypes.h +++ b/src/tpm2/BaseTypes.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: BaseTypes.h 827 2016-11-18 20:45:01Z kgoldman $ */ +/* $Id: BaseTypes.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/BnMath.c b/src/tpm2/BnMath.c index 13e7252d..49faf521 100644 --- a/src/tpm2/BnMath.c +++ b/src/tpm2/BnMath.c @@ -60,6 +60,27 @@ /********************************************************************************/ /* 10.2.3 BnMath.c */ + +/* 10.2.3.1 Introduction */ +/* The simulator code uses the canonical form whenever possible in order to make the code in Part 3 + more accessible. The canonical data formats are simple and not well suited for complex big number + computations. When operating on big numbers, the data format is changed for easier + manipulation. The format is native words in little-endian format. As the magnitude of the number + decreases, the length of the array containing the number decreases but the starting address + doesn't change. */ +/* The functions in this file perform simple operations on these big numbers. Only the more complex + operations are passed to the underlying support library. Although the support library would have + most of these functions, the interface code to convert the format for the values is greater than + the size of the code to implement the functions here. So, rather than incur the overhead of + conversion, they are done here. */ +/* If an implementer would prefer, the underlying library can be used simply by making code + substitutions here. */ +/* NOTE: There is an intention to continue to augment these functions so that there would be no need + to use an external big number library. */ +/* Many of these functions have no error returns and will always return TRUE. This is to allow them + to be used in guarded sequences. That is: OK = OK || BnSomething(s); where the BnSomething() + function should not be called if OK isn't true. */ + /* 10.2.3.2 Includes */ #include "Tpm.h" /* A constant value of zero as a stand in for NULL bigNum values */ diff --git a/src/tpm2/ClearControl_fp.h b/src/tpm2/ClearControl_fp.h index 730e508b..7c6920e2 100644 --- a/src/tpm2/ClearControl_fp.h +++ b/src/tpm2/ClearControl_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: ClearControl_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: ClearControl_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/ClockCommands.c b/src/tpm2/ClockCommands.c index 08ec0a8d..fa0837c5 100644 --- a/src/tpm2/ClockCommands.c +++ b/src/tpm2/ClockCommands.c @@ -3,7 +3,7 @@ /* Clocks and Timers */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: ClockCommands.c 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: ClockCommands.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/CommandAudit.c b/src/tpm2/CommandAudit.c index 5da6762a..1358c98e 100644 --- a/src/tpm2/CommandAudit.c +++ b/src/tpm2/CommandAudit.c @@ -3,7 +3,7 @@ /* Functions That Support Command Audit */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: CommandAudit.c 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: CommandAudit.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -66,7 +66,7 @@ #include "Tpm.h" /* 8.1.3 Functions */ /* 8.1.3.1 CommandAuditPreInstall_Init() */ -/* This function initializes the command audit list. This function is simulates the behavior of +/* This function initializes the command audit list. This function simulates the behavior of manufacturing. A function is used instead of a structure definition because this is easier than figuring out the initialization value for a bit array. */ /* This function would not be implemented outside of a manufacturing or simulation environment. */ diff --git a/src/tpm2/CommandDispatchData.h b/src/tpm2/CommandDispatchData.h index 454f29fb..c91c7ad7 100644 --- a/src/tpm2/CommandDispatchData.h +++ b/src/tpm2/CommandDispatchData.h @@ -3942,6 +3942,7 @@ NV_Certify_COMMAND_DESCRIPTOR_t _NV_CertifyData = { #else #define _NV_CertifyDataAddress 0 #endif + #if CC_AC_GetCapability #include "AC_GetCapability_fp.h" typedef TPM_RC (AC_GetCapability_Entry)( @@ -3976,6 +3977,7 @@ AC_GetCapability_COMMAND_DESCRIPTOR_t _AC_GetCapabilityData = { #else #define _AC_GetCapabilityDataAddress 0 #endif + #if CC_AC_Send #include "AC_Send_fp.h" typedef TPM_RC (AC_Send_Entry)( @@ -4010,6 +4012,7 @@ AC_Send_COMMAND_DESCRIPTOR_t _AC_SendData = { #else #define _AC_SendDataAddress 0 #endif + #if CC_Policy_AC_SendSelect #include "Policy_AC_SendSelect_fp.h" typedef TPM_RC (Policy_AC_SendSelect_Entry)( diff --git a/src/tpm2/Create_fp.h b/src/tpm2/Create_fp.h index a9e8fa7c..69752a15 100644 --- a/src/tpm2/Create_fp.h +++ b/src/tpm2/Create_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: Create_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: Create_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/CryptEccData.c b/src/tpm2/CryptEccData.c index 39bba9c9..374806fa 100644 --- a/src/tpm2/CryptEccData.c +++ b/src/tpm2/CryptEccData.c @@ -3,7 +3,7 @@ /* ECC curve data */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: CryptEccData.c 1476 2019-06-10 19:32:03Z kgoldman $ */ +/* $Id: CryptEccData.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/CryptUtil.c b/src/tpm2/CryptUtil.c index d22dcf2c..162a9b5d 100644 --- a/src/tpm2/CryptUtil.c +++ b/src/tpm2/CryptUtil.c @@ -1399,7 +1399,7 @@ CryptGetTestResult( outData->t.size = 0; return TPM_RC_SUCCESS; } -/* 10.2.6.6.19 CryptValidateKeys() */ +/* 10.2.6.6.17 CryptValidateKeys() */ /* This function is used to verify that the key material of and object is valid. For a publicOnly object, the key is verified for size and, if it is an ECC key, it is verified to be on the specified curve. For a key with a sensitive area, the binding between the public and private @@ -1596,7 +1596,7 @@ CryptValidateKeys( } return TPM_RC_SUCCESS; } -/* 10.2.6.6.21 CryptSelectMac() */ +/* 10.2.6.6.18 CryptSelectMac() */ /* This function is used to set the MAC scheme based on the key parameters and the input scheme. */ /* Error Returns Meaning */ /* TPM_RC_SCHEME the scheme is not a valid mac scheme */ @@ -1653,7 +1653,7 @@ CryptSelectMac( return TPM_RCS_SCHEME; return TPM_RC_SUCCESS; } -/* 10.2.6.6.22 CryptMacIsValidForKey() */ +/* 10.2.6.6.19 CryptMacIsValidForKey() */ /* Check to see if the key type is compatible with the mac type */ BOOL CryptMacIsValidForKey( @@ -1675,7 +1675,7 @@ CryptMacIsValidForKey( } return FALSE; } -/* 10.2.6.6.23 CryptSmacIsValidAlg() */ +/* 10.2.6.6.20 CryptSmacIsValidAlg() */ /* This function is used to test if an algorithm is a supported SMAC algorithm. It needs to be updated as new algorithms are added. */ BOOL @@ -1698,7 +1698,7 @@ CryptSmacIsValidAlg( return FALSE; } } -/* 10.2.6.6.24 CryptSymModeIsValid() */ +/* 10.2.6.6.21 CryptSymModeIsValid() */ /* Function checks to see if an algorithm ID is a valid, symmetric block cipher mode for the TPM. If flag is SET, them TPM_ALG_NULL is a valid mode. not include the modes used for SMAC */ BOOL diff --git a/src/tpm2/DictionaryAttackParameters_fp.h b/src/tpm2/DictionaryAttackParameters_fp.h index 598e9977..cfc6124a 100644 --- a/src/tpm2/DictionaryAttackParameters_fp.h +++ b/src/tpm2/DictionaryAttackParameters_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: DictionaryAttackParameters_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: DictionaryAttackParameters_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/EC_Ephemeral_fp.h b/src/tpm2/EC_Ephemeral_fp.h index fbe4e605..c0047671 100644 --- a/src/tpm2/EC_Ephemeral_fp.h +++ b/src/tpm2/EC_Ephemeral_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: EC_Ephemeral_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: EC_Ephemeral_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/EncryptDecrypt_fp.h b/src/tpm2/EncryptDecrypt_fp.h index 6fd732b8..814acce0 100644 --- a/src/tpm2/EncryptDecrypt_fp.h +++ b/src/tpm2/EncryptDecrypt_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: EncryptDecrypt_fp.h 1047 2017-07-20 18:27:34Z kgoldman $ */ +/* $Id: EncryptDecrypt_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/EvictControl_fp.h b/src/tpm2/EvictControl_fp.h index e3e1fcb0..0de7abb3 100644 --- a/src/tpm2/EvictControl_fp.h +++ b/src/tpm2/EvictControl_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: EvictControl_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: EvictControl_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/FlushContext_fp.h b/src/tpm2/FlushContext_fp.h index 8e3a2dcb..6426e9f5 100644 --- a/src/tpm2/FlushContext_fp.h +++ b/src/tpm2/FlushContext_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: FlushContext_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: FlushContext_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/GetTestResult_fp.h b/src/tpm2/GetTestResult_fp.h index fcc9f0fc..21d1e9c4 100644 --- a/src/tpm2/GetTestResult_fp.h +++ b/src/tpm2/GetTestResult_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: GetTestResult_fp.h 827 2016-11-18 20:45:01Z kgoldman $ */ +/* $Id: GetTestResult_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/Global.h b/src/tpm2/Global.h index 9912e971..6cc194ab 100644 --- a/src/tpm2/Global.h +++ b/src/tpm2/Global.h @@ -68,13 +68,6 @@ #ifndef GLOBAL_H #define GLOBAL_H -// #ifdef GLOBAL_C -// #define EXTERN -// #define INITIALIZER(_value_) = _value_ -// #else -// #define EXTERN extern -// #define INITIALIZER(_name_) -// #endif _REDUCE_WARNING_LEVEL_(2) #include #include @@ -539,7 +532,7 @@ typedef union EXTERN ALGORITHM_VECTOR g_implementedAlgorithms; EXTERN ALGORITHM_VECTOR g_toTest; -/* 5.9.10.3 g_rcIndex */ +/* 5.9.10.3 g_rcIndex[] */ /* This array is used to contain the array of values that are added to a return code when it is a parameter-, handle-, or session-related error. This is an implementation choice and the same result can be achieved by using a macro. */ @@ -689,6 +682,16 @@ EXTERN TPM_RC g_NvStatus; EXTERN TPM2B_AUTH g_platformUniqueAuthorities; // Reserved for RNG EXTERN TPM2B_AUTH g_platformUniqueDetails; // referenced by VENDOR_PERMANENT +//********************************************************************************* +//********************************************************************************* +//** Persistent Global Values +//********************************************************************************* +//********************************************************************************* +//*** Description +// The values in this section are global values that are persistent across power +// events. The lifetime of the values determines the structure in which the value +// is placed. + /* 5.9.11.2 PERSISTENT_DATA */ /* This structure holds the persistent values that only change as a consequence of a specific Protected Capability and are not affected by TPM power events (TPM2_Startup() or diff --git a/src/tpm2/GpMacros.h b/src/tpm2/GpMacros.h index f2568e34..55b88874 100644 --- a/src/tpm2/GpMacros.h +++ b/src/tpm2/GpMacros.h @@ -125,7 +125,7 @@ # define pAssert(a) {if(!(a)) FAIL(FATAL_ERROR_PARAMETER);} #endif /* 5.10.4 Derived from Vendor-specific values */ -/* Values derived from vendor specific settings in Implementation.h */ +/* Values derived from vendor specific settings in TpmProfile.h */ #define PCR_SELECT_MIN ((PLATFORM_PCR+7)/8) #define PCR_SELECT_MAX ((IMPLEMENTATION_PCR+7)/8) #define MAX_ORDERLY_COUNT ((1 << ORDERLY_BITS) - 1) @@ -262,7 +262,7 @@ # error "PROOF_SIZE is not compliant with TPM specification" # endif # if PRIMARY_SEED_SIZE < COMPLIANT_PRIMARY_SEED_SIZE -# error "Implementation.h specifies a non-compliant PRIMARY_SEED_SIZE" +# error "Non-compliant PRIMARY_SEED_SIZE" # endif #endif // !SKIP_PROOF_ERRORS @@ -296,7 +296,7 @@ is added to the timeout value returned by TPM2_PoliySigned() and TPM2_PolicySecret() and used by TPM2_PolicyTicket(). The timeout value is relative to Time (g_time). Time is reset whenever the TPM loses power and cannot be moved forward by the user (as can Clock). g_time is a 64-bit value - expressing time in ms. Sealing the MSb() for a flag means that the TPM needs to be reset at least + expressing time in ms. Stealing the MSb() for a flag means that the TPM needs to be reset at least once every 292,471,208 years rather than once every 584,942,417 years. */ #define EXPIRATION_BIT ((UINT64)1 << 63) /* Check for consistency of the bit ordering of bit fields */ diff --git a/src/tpm2/HMAC_fp.h b/src/tpm2/HMAC_fp.h index 8640714a..deb4fc22 100644 --- a/src/tpm2/HMAC_fp.h +++ b/src/tpm2/HMAC_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: HMAC_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: HMAC_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/Hash_fp.h b/src/tpm2/Hash_fp.h index 54e070f8..710fffc4 100644 --- a/src/tpm2/Hash_fp.h +++ b/src/tpm2/Hash_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: Hash_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: Hash_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/LoadExternal_fp.h b/src/tpm2/LoadExternal_fp.h index 24651136..f57f942d 100644 --- a/src/tpm2/LoadExternal_fp.h +++ b/src/tpm2/LoadExternal_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: LoadExternal_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: LoadExternal_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/Load_fp.h b/src/tpm2/Load_fp.h index dd94f000..7d5c2a5f 100644 --- a/src/tpm2/Load_fp.h +++ b/src/tpm2/Load_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: Load_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: Load_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/Manufacture.c b/src/tpm2/Manufacture.c index a290dd37..c59d25e5 100644 --- a/src/tpm2/Manufacture.c +++ b/src/tpm2/Manufacture.c @@ -76,9 +76,9 @@ will fail if previously called. The TPM can be re-manufactured by calling TPM_Teardown() first and then calling this function again. */ /* Return Values Meaning */ +/* -1 failure */ /* 0 success */ /* 1 manufacturing process previously performed */ -/* -1 an error occurred -- libtpms added */ LIB_EXPORT int TPM_Manufacture( int firstTime // IN: indicates if this is the first call from diff --git a/src/tpm2/NV_Increment_fp.h b/src/tpm2/NV_Increment_fp.h index 50fe2ef1..260e0cba 100644 --- a/src/tpm2/NV_Increment_fp.h +++ b/src/tpm2/NV_Increment_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: NV_Increment_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: NV_Increment_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/NV_WriteLock_fp.h b/src/tpm2/NV_WriteLock_fp.h index b22d6e0d..77713435 100644 --- a/src/tpm2/NV_WriteLock_fp.h +++ b/src/tpm2/NV_WriteLock_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: NV_WriteLock_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: NV_WriteLock_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PCR.c b/src/tpm2/PCR.c index 64e94408..87338525 100644 --- a/src/tpm2/PCR.c +++ b/src/tpm2/PCR.c @@ -3,7 +3,7 @@ /* PCR access and manipulation */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PCR.c 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: PCR.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -96,7 +96,7 @@ static const PCR_Attributes s_initAttributes[] = /* This function indicates if a PCR belongs to a group that requires an authValue in order to modify the PCR. If it does, groupIndex is set to value of the group index. This feature of PCR is decided by the platform specification. */ -/* Return Values Meaning */ +/* Return Type: BOOL */ /* TRUE: PCR belongs an authorization group */ /* FALSE: PCR does not belong an authorization group */ BOOL diff --git a/src/tpm2/PCR_Allocate_fp.h b/src/tpm2/PCR_Allocate_fp.h index f9fe1f1c..30f92998 100644 --- a/src/tpm2/PCR_Allocate_fp.h +++ b/src/tpm2/PCR_Allocate_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PCR_Allocate_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: PCR_Allocate_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PCR_fp.h b/src/tpm2/PCR_fp.h index 8d8dc7fd..cfad5353 100644 --- a/src/tpm2/PCR_fp.h +++ b/src/tpm2/PCR_fp.h @@ -3,7 +3,7 @@ /* Functions Needed for PCR Access and Manipulation */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PCR_fp.h 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: PCR_fp.h 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PP_Commands_fp.h b/src/tpm2/PP_Commands_fp.h index 9672f3be..7f858c62 100644 --- a/src/tpm2/PP_Commands_fp.h +++ b/src/tpm2/PP_Commands_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PP_Commands_fp.h 827 2016-11-18 20:45:01Z kgoldman $ */ +/* $Id: PP_Commands_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PlatformData.c b/src/tpm2/PlatformData.c index 9d8a354f..8a562f0e 100644 --- a/src/tpm2/PlatformData.c +++ b/src/tpm2/PlatformData.c @@ -3,7 +3,7 @@ /* TPM variables that are not stack allocated */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PlatformData.c 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: PlatformData.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PolicyCpHash_fp.h b/src/tpm2/PolicyCpHash_fp.h index e0569382..0ee1ea2f 100644 --- a/src/tpm2/PolicyCpHash_fp.h +++ b/src/tpm2/PolicyCpHash_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PolicyCpHash_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: PolicyCpHash_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PolicySecret_fp.h b/src/tpm2/PolicySecret_fp.h index 14125713..ff89a6ce 100644 --- a/src/tpm2/PolicySecret_fp.h +++ b/src/tpm2/PolicySecret_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PolicySecret_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: PolicySecret_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PolicySigned_fp.h b/src/tpm2/PolicySigned_fp.h index 59c8edcf..3c75b422 100644 --- a/src/tpm2/PolicySigned_fp.h +++ b/src/tpm2/PolicySigned_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PolicySigned_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: PolicySigned_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/PolicyTicket_fp.h b/src/tpm2/PolicyTicket_fp.h index 96e4464e..8d78c87f 100644 --- a/src/tpm2/PolicyTicket_fp.h +++ b/src/tpm2/PolicyTicket_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: PolicyTicket_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: PolicyTicket_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/SessionCommands.c b/src/tpm2/SessionCommands.c index 35b4257d..d2f3f96c 100644 --- a/src/tpm2/SessionCommands.c +++ b/src/tpm2/SessionCommands.c @@ -3,7 +3,7 @@ /* Session Commands */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: SessionCommands.c 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: SessionCommands.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -55,7 +55,7 @@ /* arising in any way out of use or reliance upon this specification or any */ /* information herein. */ /* */ -/* (c) Copyright IBM Corp. and others, 2016 - 2018 */ +/* (c) Copyright IBM Corp. and others, 2016 - 2019 */ /* */ /********************************************************************************/ diff --git a/src/tpm2/SetPrimaryPolicy_fp.h b/src/tpm2/SetPrimaryPolicy_fp.h index 3b1d22e7..1ca3e9df 100644 --- a/src/tpm2/SetPrimaryPolicy_fp.h +++ b/src/tpm2/SetPrimaryPolicy_fp.h @@ -1,6 +1,6 @@ /********************************************************************************/ /* */ -/* */ +/* TPM2_SetPrimaryPolicy Command Header */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ /* $Id: SetPrimaryPolicy_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ @@ -59,8 +59,6 @@ /* */ /********************************************************************************/ -/* rev 119 */ - #ifndef SETPRIMARYPOLICY_FP_H #define SETPRIMARYPOLICY_FP_H diff --git a/src/tpm2/Sign_fp.h b/src/tpm2/Sign_fp.h index f32edcb7..16a8ba74 100644 --- a/src/tpm2/Sign_fp.h +++ b/src/tpm2/Sign_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: Sign_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: Sign_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/Startup_fp.h b/src/tpm2/Startup_fp.h index 78d1dd70..1aaad542 100644 --- a/src/tpm2/Startup_fp.h +++ b/src/tpm2/Startup_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: Startup_fp.h 827 2016-11-18 20:45:01Z kgoldman $ */ +/* $Id: Startup_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/SupportLibraryFunctionPrototypes_fp.h b/src/tpm2/SupportLibraryFunctionPrototypes_fp.h index 7c0050cf..3d5b8839 100644 --- a/src/tpm2/SupportLibraryFunctionPrototypes_fp.h +++ b/src/tpm2/SupportLibraryFunctionPrototypes_fp.h @@ -65,7 +65,7 @@ #define SUPPORT_LIBRARY_FUNCTION_PROTOTYPES_H /* This file contains the function prototypes for the functions that need to be present in the - selected match library. For each function listed, there should be a small stub function. That + selected math library. For each function listed, there should be a small stub function. That stub provides the interface between the TPM code and the support library. In most cases, the stub function will only need to do a format conversion between the TPM big number and the support library big number. The TPM big number format was chosen to make this relatively simple and diff --git a/src/tpm2/TPMB.h b/src/tpm2/TPMB.h index eb0fef64..8559b179 100644 --- a/src/tpm2/TPMB.h +++ b/src/tpm2/TPMB.h @@ -3,7 +3,7 @@ /* This file contains extra TPM2B structures */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: TPMB.h 1476 2019-06-10 19:32:03Z kgoldman $ */ +/* $Id: TPMB.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/TPMCmdp.c b/src/tpm2/TPMCmdp.c index e2be1ad0..7ee7de40 100644 --- a/src/tpm2/TPMCmdp.c +++ b/src/tpm2/TPMCmdp.c @@ -85,10 +85,10 @@ #include "TpmTcpProtocol.h" #include "Simulator_fp.h" #ifdef TPM_WINDOWS -#include "TcpServer_fp.h" +#include "TcpServer_fp.h" /* kgold */ #endif #ifdef TPM_POSIX -#include "TcpServerPosix_fp.h" +#include "TcpServerPosix_fp.h" /* kgold */ #endif #include "TpmProfile.h" /* kgold */ @@ -153,6 +153,7 @@ _rpc__ForceFailureMode( ) { SetForceFailureMode(); + return; } /* D.4.3.5. _rpc__Signal_PhysicalPresenceOn() */ /* This function is called to simulate activation of the physical presence pin. */ diff --git a/src/tpm2/TpmAlgorithmDefines.h b/src/tpm2/TpmAlgorithmDefines.h index 603f997f..581220fb 100644 --- a/src/tpm2/TpmAlgorithmDefines.h +++ b/src/tpm2/TpmAlgorithmDefines.h @@ -3,7 +3,7 @@ /* Algorithm Values from the TCG Algorithm Registry */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: TpmAlgorithmDefines.h 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: TpmAlgorithmDefines.h 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -73,17 +73,19 @@ ECC_NIST_P256 + ECC_NIST_P384 + ECC_NIST_P521 + ECC_SM2_P256) #define MAX_ECC_KEY_BITS \ MAX(ECC_BN_P256 * 256, MAX(ECC_BN_P638 * 638, \ - MAX(ECC_NIST_P192 * 192, MAX(ECC_NIST_P224 * 224, \ - MAX(ECC_NIST_P256 * 256, MAX(ECC_NIST_P384 * 384, \ - MAX(ECC_NIST_P521 * 521, MAX(ECC_SM2_P256 * 256, \ - 0)))))))) + MAX(ECC_NIST_P192 * 192, MAX(ECC_NIST_P224 * 224, \ + MAX(ECC_NIST_P256 * 256, MAX(ECC_NIST_P384 * 384, \ + MAX(ECC_NIST_P521 * 521, MAX(ECC_SM2_P256 * 256, \ + 0)))))))) #define MAX_ECC_KEY_BYTES BITS_TO_BYTES(MAX_ECC_KEY_BITS) + // Table 0:6 - Defines for PLATFORM Values #define PLATFORM_FAMILY TPM_SPEC_FAMILY #define PLATFORM_LEVEL TPM_SPEC_LEVEL #define PLATFORM_VERSION TPM_SPEC_VERSION #define PLATFORM_YEAR TPM_SPEC_YEAR #define PLATFORM_DAY_OF_YEAR TPM_SPEC_DAY_OF_YEAR + // Table 1:12 - Defines for SHA1 Hash Values #define SHA1_DIGEST_SIZE 20 #define SHA1_BLOCK_SIZE 64 diff --git a/src/tpm2/TpmAsn1.c b/src/tpm2/TpmAsn1.c index dc95c961..f23b2a9b 100644 --- a/src/tpm2/TpmAsn1.c +++ b/src/tpm2/TpmAsn1.c @@ -3,7 +3,7 @@ /* TPM ASN.1 */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: TpmAsn1.c 1509 2019-10-07 19:10:05Z kgoldman $ */ +/* $Id: TpmAsn1.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -164,11 +164,13 @@ ASN1NextTag( return -1; } /* 10.2.23.2.4 ASN1GetBitStringValue() */ -/* Try to parse a bit string of up to 32 bits from a value that is expected to be a bit string. If +/* Try to parse a bit string of up to 32 bits from a value that is expected to be a bit string. The + bit string is left justified so that the MSb of the input is the MSb of the returned value. If there is a general parsing error, the context->size is set to -1. */ /* Return Value Meaning */ /* TRUE(1) success */ /* FALSE(0) failure */ + BOOL ASN1GetBitStringValue( ASN1UnmarshalContext *ctx, @@ -179,7 +181,7 @@ ASN1GetBitStringValue( INT16 length; UINT32 value = 0; int inputBits; -// + // length = ASN1NextTag(ctx); VERIFY(length >= 1); VERIFY(ctx->tag == ASN1_BITSTRING); @@ -192,31 +194,32 @@ ASN1GetBitStringValue( VERIFY((shift < 8) && ((length > 0) || (shift == 0))); // if there are any bytes left for(; length > 1; length--) - { - - // for all but the last octet, just shift and add the new octet - VERIFY((value & 0xFF000000) == 0); // can't loose significant bits - value = (value << 8) + NEXT_OCTET(ctx); - - } + { + + // for all but the last octet, just shift and add the new octet + VERIFY((value & 0xFF000000) == 0); // can't loose significant bits + value = (value << 8) + NEXT_OCTET(ctx); + + } if(length == 1) - { - // for the last octet, just shift the accumulated value enough to - // accept the significant bits in the last octet and shift the last - // octet down - VERIFY(((value & (0xFF000000 << (8 - shift)))) == 0); - value = (value << (8 - shift)) + (NEXT_OCTET(ctx) >> shift); - - } + { + // for the last octet, just shift the accumulated value enough to + // accept the significant bits in the last octet and shift the last + // octet down + VERIFY(((value & (0xFF000000 << (8 - shift)))) == 0); + value = (value << (8 - shift)) + (NEXT_OCTET(ctx) >> shift); + + } // 'Left justify' the result if(inputBits > 0) - value <<= (32 - inputBits); + value <<= (32 - inputBits); *val = value; return TRUE; Error: ctx->size = -1; return FALSE; } + /* 10.2.23.3 Marshaling Functions */ /* 10.2.23.3.1 Introduction */ /* Marshaling of an ASN.1 structure is accomplished from the bottom up. That is, the things that diff --git a/src/tpm2/TpmAsn1.h b/src/tpm2/TpmAsn1.h index bf2c4687..5e57eac4 100644 --- a/src/tpm2/TpmAsn1.h +++ b/src/tpm2/TpmAsn1.h @@ -3,7 +3,7 @@ /* Macro and Structure Definitions for the X509 Commands and Functions. */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: TpmAsn1.h 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: TpmAsn1.h 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -114,8 +114,8 @@ #define PEEK_NEXT(context) ((context)->buffer[(context)->offset]) // 10.1.15.4.2 Marshaling Macros Marshaling works in reverse order. The offset is set to the top of // the buffer and, as the buffer is filled, offset counts down to zero. When the full thing is -// encoded it can be moved to the top of the buffer. This happens when the last context is closed -// (when the +// encoded it can be moved to the top of the buffer. This happens when the last context is closed. + #define CHECK_SPACE(context, length) VERIFY(context->offset > length) // 10.1.15.5 Structures typedef struct ASN1UnmarshalContext { diff --git a/src/tpm2/TpmBuildSwitches.h b/src/tpm2/TpmBuildSwitches.h index 5869653f..ee56ab03 100644 --- a/src/tpm2/TpmBuildSwitches.h +++ b/src/tpm2/TpmBuildSwitches.h @@ -263,7 +263,7 @@ # endif // Some of the values (such as sizes) are the result of different options set in -// Implementation.h. The combination might not be consistent. A function is defined +// TpmProfile.h. The combination might not be consistent. A function is defined // (TpmSizeChecks()) that is used to verify the sizes at run time. To enable the function, define // this parameter. # if !(defined RUNTIME_SIZE_CHECKS) \ diff --git a/src/tpm2/VendorString.h b/src/tpm2/VendorString.h index f65e5683..651853b8 100644 --- a/src/tpm2/VendorString.h +++ b/src/tpm2/VendorString.h @@ -69,8 +69,8 @@ /* The following #if macro may be deleted after a proper MANUFACTURER is provided. */ #ifndef MANUFACTURER -#error MANUFACTURER is not provided. \ - Please modify include\VendorString.h to provide a specific \ +#error MANUFACTURER is not provided. \ + Please modify VendorString.h to provide a specific \ manufacturer name. #endif @@ -87,7 +87,7 @@ /* The following #if macro may be deleted after a proper VENDOR_STRING_1 is provided. */ #ifndef VENDOR_STRING_1 #error VENDOR_STRING_1 is not provided. \ - Please modify include\VendorString.h to provide a vendor specific string. + Please modify VendorString.h to provide a vendor specific string. #endif /* the more significant 32-bits of a vendor-specific value indicating the version of the firmware @@ -101,7 +101,7 @@ // The following #if macro may be deleted after a proper FIRMWARE_V1 is provided. #ifndef FIRMWARE_V1 #error FIRMWARE_V1 is not provided. \ - Please modify include\VendorString.h to provide a vendor specific firmware \ + Please modify VendorString.h to provide a vendor specific firmware \ version #endif diff --git a/src/tpm2/X509.h b/src/tpm2/X509.h index f3bf6e82..f3757ece 100644 --- a/src/tpm2/X509.h +++ b/src/tpm2/X509.h @@ -93,19 +93,27 @@ typedef struct stringRef BYTE *buf; INT16 len; } stringRef; +// This is defined to avoid bit by bit comparisons within a UINT32 typedef union x509KeyUsageUnion { TPMA_X509_KEY_USAGE x509; UINT32 integer; } x509KeyUsageUnion; -// 10.1.16.5 Global X509 Constants These values are instanced by X509_spt.c and referenced by other -// X509-related files. This is the DER-encoded value for the Key Usage OID (2.5.29.15). This is the -// full OID, not just the numeric value + +// 10.1.16.5 Global X509 Constants + +// These values are instanced by X509_spt.c and referenced by other X509-related files. This is the +// DER-encoded value for the Key Usage OID (2.5.29.15). This is the full OID, not just the numeric +// value + #define OID_KEY_USAGE_EXTENSION_VALUE 0x06, 0x03, 0x55, 0x1D, 0x0F MAKE_OID(_KEY_USAGE_EXTENSION); + // This is the DER-encoded value for the TCG-defined TPMA_OBJECT OID (2.23.133.10.1.1.1) + #define OID_TCG_TPMA_OBJECT_VALUE 0x06, 0x07, 0x67, 0x81, 0x05, 0x0a, 0x01, \ 0x01, 0x01 MAKE_OID(_TCG_TPMA_OBJECT); + #ifdef _X509_SPT_ // If a bit is SET in keyUsageSign is also SET in keyUsagem then the associated key // has to have 'sign' SET. diff --git a/src/tpm2/X509_ECC.c b/src/tpm2/X509_ECC.c index d3999ae2..884a792c 100644 --- a/src/tpm2/X509_ECC.c +++ b/src/tpm2/X509_ECC.c @@ -3,7 +3,7 @@ /* TPM X509 ECC */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: X509_ECC.c 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: X509_ECC.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/X509_RSA.c b/src/tpm2/X509_RSA.c index 9a9b45e3..734abe5d 100644 --- a/src/tpm2/X509_RSA.c +++ b/src/tpm2/X509_RSA.c @@ -3,7 +3,7 @@ /* TPM X509 RSA */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: X509_RSA.c 1509 2019-10-07 19:10:05Z kgoldman $ */ +/* $Id: X509_RSA.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -94,13 +94,13 @@ X509AddSigningAlgorithmRSA( { case ALG_RSASSA_VALUE: { - // if the hash is implemented but there is no PKCS1 OID defined - // then this is not a valid signing combination. - if(hashDef->PKCS1[0] != ASN1_OBJECT_IDENTIFIER) - break; - if(ctx == NULL) - return 1; - return X509PushAlgorithmIdentifierSequence(ctx, hashDef->PKCS1); + // if the hash is implemented but there is no PKCS1 OID defined + // then this is not a valid signing combination. + if(hashDef->PKCS1[0] != ASN1_OBJECT_IDENTIFIER) + break; + if(ctx == NULL) + return 1; + return X509PushAlgorithmIdentifierSequence(ctx, hashDef->PKCS1); } case ALG_RSAPSS_VALUE: // leave if this is just an implementation check diff --git a/src/tpm2/X509_spt.c b/src/tpm2/X509_spt.c index 8ccec45d..9f74b837 100644 --- a/src/tpm2/X509_spt.c +++ b/src/tpm2/X509_spt.c @@ -98,8 +98,11 @@ X509FindExtensionByOID( // the provided context. if (ctx == NULL) ctx = ctxIn; + // if the provide search context is different from the context of the extension, + // then copy the search context to the search context. else if(ctx != ctxIn) *ctx = *ctxIn; + // Now, search in the extension context for(;ctx->size > ctx->offset; ctx->offset += length) { VERIFY((length = ASN1NextTag(ctx)) >= 0); @@ -311,6 +314,7 @@ X509AddPublicKey( return FALSE; } /* 10.2.26.3.3 X509PushAlgorithmIdentifierSequence() */ +/* The function adds the algorithm identifier sequence. */ /* Return Value Meaning */ /* > 0 number of bytes added */ /* == 0 failure */ diff --git a/src/tpm2/_TPM_Hash_Data_fp.h b/src/tpm2/_TPM_Hash_Data_fp.h index dadddba9..0da24c59 100644 --- a/src/tpm2/_TPM_Hash_Data_fp.h +++ b/src/tpm2/_TPM_Hash_Data_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: _TPM_Hash_Data_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: _TPM_Hash_Data_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/_TPM_Hash_End_fp.h b/src/tpm2/_TPM_Hash_End_fp.h index d35878ca..c99c7f63 100644 --- a/src/tpm2/_TPM_Hash_End_fp.h +++ b/src/tpm2/_TPM_Hash_End_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: _TPM_Hash_End_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: _TPM_Hash_End_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/_TPM_Hash_Start_fp.h b/src/tpm2/_TPM_Hash_Start_fp.h index 4539fa8c..99806532 100644 --- a/src/tpm2/_TPM_Hash_Start_fp.h +++ b/src/tpm2/_TPM_Hash_Start_fp.h @@ -3,7 +3,7 @@ /* */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: _TPM_Hash_Start_fp.h 809 2016-11-16 18:31:54Z kgoldman $ */ +/* $Id: _TPM_Hash_Start_fp.h 1521 2019-11-15 21:00:47Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/crypto/CryptEcc.h b/src/tpm2/crypto/CryptEcc.h index 6355b25d..1e99b2ea 100644 --- a/src/tpm2/crypto/CryptEcc.h +++ b/src/tpm2/crypto/CryptEcc.h @@ -1,9 +1,9 @@ /********************************************************************************/ /* */ -/* */ +/* Structure definitions used for ECC */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: CryptEcc.h 1476 2019-06-10 19:32:03Z kgoldman $ */ +/* $Id: CryptEcc.h 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ diff --git a/src/tpm2/crypto/CryptHash.h b/src/tpm2/crypto/CryptHash.h index 059e71ec..4697aab0 100644 --- a/src/tpm2/crypto/CryptHash.h +++ b/src/tpm2/crypto/CryptHash.h @@ -306,8 +306,7 @@ typedef struct hmacState TPM2B_HASH_BLOCK hmacKey; // the HMAC key } HMAC_STATE, *PHMAC_STATE; /* This is for the external hash state. This implementation assumes that the size of the exported - hash state is no larger than the internal hash state. There is a run time check that makes sure - that this i. */ + hash state is no larger than the internal hash state. */ typedef struct { BYTE buffer[sizeof(HASH_STATE)]; diff --git a/src/tpm2/crypto/CryptSym.h b/src/tpm2/crypto/CryptSym.h index 7c842795..9a33b13e 100644 --- a/src/tpm2/crypto/CryptSym.h +++ b/src/tpm2/crypto/CryptSym.h @@ -3,7 +3,7 @@ /* Implementation of the symmetric block cipher modes */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: CryptSym.h 1259 2018-07-10 19:11:09Z kgoldman $ */ +/* $Id: CryptSym.h 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -55,7 +55,7 @@ /* arising in any way out of use or reliance upon this specification or any */ /* information herein. */ /* */ -/* (c) Copyright IBM Corp. and others, 2017 - 2018 */ +/* (c) Copyright IBM Corp. and others, 2017 - 2019 */ /* */ /********************************************************************************/ diff --git a/src/tpm2/crypto/CryptUtil_fp.h b/src/tpm2/crypto/CryptUtil_fp.h index b851e542..2ca16e7a 100644 --- a/src/tpm2/crypto/CryptUtil_fp.h +++ b/src/tpm2/crypto/CryptUtil_fp.h @@ -1,9 +1,9 @@ /********************************************************************************/ /* */ -/* */ +/* Interfaces to the CryptoEngine */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: CryptUtil_fp.h 1490 2019-07-26 21:13:22Z kgoldman $ */ +/* $Id: CryptUtil_fp.h 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -55,7 +55,7 @@ /* arising in any way out of use or reliance upon this specification or any */ /* information herein. */ /* */ -/* (c) Copyright IBM Corp. and others, 2016, 2017 */ +/* (c) Copyright IBM Corp. and others, 2016 - 2019 */ /* */ /********************************************************************************/ diff --git a/src/tpm2/crypto/openssl/CryptHash.c b/src/tpm2/crypto/openssl/CryptHash.c index 46139957..62b1b613 100644 --- a/src/tpm2/crypto/openssl/CryptHash.c +++ b/src/tpm2/crypto/openssl/CryptHash.c @@ -3,7 +3,7 @@ /* Implementation of cryptographic functions for hashing. */ /* Written by Ken Goldman */ /* IBM Thomas J. Watson Research Center */ -/* $Id: CryptHash.c 1478 2019-06-10 21:15:14Z kgoldman $ */ +/* $Id: CryptHash.c 1519 2019-11-15 20:43:51Z kgoldman $ */ /* */ /* Licenses and Notices */ /* */ @@ -116,8 +116,8 @@ CryptHashInit( return TRUE; } /* 10.2.13.3.2 CryptHashStartup() */ -/* This function is called by TPM2_Startup() in case there is work to do at startup. Currently, this - is a placeholder. */ +/* This function is called by TPM2_Startup(). It checks that the size of the HashDefArray() is + consistent with the HASH_COUNT. */ BOOL CryptHashStartup( void diff --git a/src/tpm2/crypto/openssl/CryptPrime.c b/src/tpm2/crypto/openssl/CryptPrime.c index 1bafa757..6cd6bf4c 100644 --- a/src/tpm2/crypto/openssl/CryptPrime.c +++ b/src/tpm2/crypto/openssl/CryptPrime.c @@ -59,7 +59,10 @@ /* */ /********************************************************************************/ -/* 10.2.16 CryptPrime.c */ +/* 10.2.14 CryptPrime.c */ +/* 10.2.14.1 Introduction */ +/* This file contains the code for prime validation. */ + #include "Tpm.h" #include "CryptPrime_fp.h" //#define CPRI_PRIME @@ -70,7 +73,8 @@ extern const uint32_t s_PrimeTableSize; extern const uint32_t s_PrimesInTable; extern const unsigned char s_PrimeTable[]; extern bigConst s_CompositeOfSmallPrimes; -/* 10.2.16.1.1 Root2() */ + +/* 10.2.14.1.1 Root2() */ /* This finds ceil(sqrt(n)) to use as a stopping point for searching the prime table. */ static uint32_t Root2( @@ -99,7 +103,7 @@ Root2( pAssert(((n / next) <= (unsigned)next) && (n / (next + 1) < (unsigned)next)); return next; } -/* 10.2.16.1.2 IsPrimeInt() */ +/* 10.2.14.1.2 IsPrimeInt() */ /* This will do a test of a word of up to 32-bits in size. */ BOOL IsPrimeInt( @@ -127,7 +131,7 @@ IsPrimeInt( } return TRUE; } -/* 10.2.16.1.3 BnIsProbablyPrime() */ +/* 10.2.14.1.3 BnIsProbablyPrime() */ /* This function is used when the key sieve is not implemented. This function Will try to eliminate some of the obvious things before going on to perform MillerRabin() as a final verification of primeness. */ @@ -159,7 +163,7 @@ BnIsProbablyPrime( } return MillerRabin(prime, rand); } -/* 10.2.16.1.4 MillerRabinRounds() */ +/* 10.2.14.1.4 MillerRabinRounds() */ /* Function returns the number of Miller-Rabin rounds necessary to give an error probability equal to the security strength of the prime. These values are from FIPS 186-3. */ UINT32 @@ -171,7 +175,7 @@ MillerRabinRounds( if(bits < 1536) return 5; // for 512 and 1K primes return 4; // for 3K public modulus and greater } -/* 10.2.16.1.5 MillerRabin() */ +/* 10.2.14.1.5 MillerRabin() */ /* This function performs a Miller-Rabin test from FIPS 186-3. It does iterations trials on the number. In all likelihood, if the number is not prime, the first test fails. */ /* Return Values Meaning */ @@ -260,7 +264,7 @@ MillerRabin( return ret; } #if ALG_RSA -/* 10.2.16.1.6 RsaCheckPrime() */ +/* 10.2.14.1.6 RsaCheckPrime() */ /* This will check to see if a number is prime and appropriate for an RSA prime. */ /* This has different functionality based on whether we are using key sieving or not. If not, the number checked to see if it is divisible by the public exponent, then the number is adjusted @@ -428,4 +432,5 @@ BnGeneratePrimeForRSA( } return TPM_RC_SUCCESS; } + #endif // TPM_ALG_RSA diff --git a/src/tpm2/crypto/openssl/CryptPrimeSieve.c b/src/tpm2/crypto/openssl/CryptPrimeSieve.c index 7405cf15..2cd012c1 100644 --- a/src/tpm2/crypto/openssl/CryptPrimeSieve.c +++ b/src/tpm2/crypto/openssl/CryptPrimeSieve.c @@ -255,7 +255,7 @@ PrimeSieve( BYTE *field // IN: field ) { - UINT32 i; /* kgold changed to unsigned */ + UINT32 i; UINT32 j; UINT32 fieldBits = fieldSize * 8; UINT32 r; @@ -321,16 +321,31 @@ PrimeSieve( if(next == 0) goto done; r = composite % next; - // these computations deal with the fact that the field starts at some - // arbitrary offset within the number space. If the field were all numbers, - // then we would have gone through some number of bit clearings before we - // got to the start of this range. We don't know how many there were before, - // but we can tell from the remainder whether we are on an even or odd + // these computations deal with the fact that we have picked a field-sized + // range that is aligned to a 105 count boundary. The problem is, this field + // only contains odd numbers. If we take our prime guess and walk through all + // the numbers using that prime as the 'stride', then every other 'stride' is + // going to be an even number. So, we are actually counting by 2 * the stride + // We want the count to start on an odd number at the start of our field. That + // is, we want to assume that we have counted up to the edge of the field by + // the 'stride' and now we are going to start flipping bits in the field as we + // continue to count up by 'stride'. If we take the base of our field and + // divide by the stride, we find out how much we find out how short the last + // count was from reaching the edge of the bit field. Say we get a quotient of + // 3 and remainder of 1. This means that after 3 strides, we are 1 short of + // the start of the field and the next stride will either land within the + // field or step completely over it. The confounding factor is that our field + // only contains odd numbers and our stride is actually 2 * stride. If the + // quoitent is even, then that means that when we add 2 * stride, we are going + // to hit another even number. So, we have to know if we need to back off + // by 1 stride before we start couting by 2 * stride. + // We can tell from the remainder whether we are on an even or odd // stride when we hit the beginning of the table. If we are on an odd stride // (r & 1), we would start half a stride in (next - r)/2. If we are on an - // even stride, we need 1.5 strides (next + r/2) because the table only has + // even stride, we need 0.5 strides (next - r/2) because the table only has // odd numbers. If the remainder happens to be zero, then the start of the // table is on stride so no adjustment is necessary. + if(r & 1) j = (next - r) / 2; else if(r == 0) j = 0; else j = next - r / 2; @@ -525,10 +540,13 @@ GetSieveStats( #endif #endif // RSA_KEY_SIEVE #if !RSA_INSTRUMENT +//*** RsaSimulationEnd() +// Stub for call when not doing instrumentation. void RsaSimulationEnd( void ) { + return; } #endif diff --git a/src/tpm2/crypto/openssl/CryptRand.c b/src/tpm2/crypto/openssl/CryptRand.c index 71a927c8..6b40e140 100644 --- a/src/tpm2/crypto/openssl/CryptRand.c +++ b/src/tpm2/crypto/openssl/CryptRand.c @@ -492,7 +492,7 @@ DRBG_SelfTest( /* 10.2.16.3.1 Description */ /* The functions in this section are the interface to the RNG. These are the functions that are used - by TPM.lib. Other functions are only visible to programs in the LtcCryptoEngine(). */ + by TPM.lib. */ /* 10.2.16.3.2 CryptRandomStir() */ /* This function is used to cause a reseed. A DRBG_SEED amount of entropy is collected from the @@ -592,8 +592,10 @@ DRBG_AdditionalData( } /* 10.2.16.3.6 DRBG_InstantiateSeeded() */ /* This function is used to instantiate a random number generator from seed values. The nominal use - of this generator is to create sequences of pseudo-random numbers from a seed value. This - function always returns TRUE. */ + of this generator is to create sequences of pseudo-random numbers from a seed value. */ +/* Returns + TPM_RC_FAILURE DRBG self-test failure +*/ LIB_EXPORT TPM_RC DRBG_InstantiateSeeded( DRBG_STATE *drbgState, // IN/OUT: buffer to hold the state @@ -698,7 +700,8 @@ DRBG_GetSeedCompatLevel( randomSize bytes of random values are generated. If random is NULL or randomSize is zero, then the function returns TRUE without generating any bits or updating the reseed counter. This function returns 0 if a reseed is required. Otherwise, it returns the number of bytes produced - which could be less than the number requested if the request is too large. */ + which could be less than the number requested if the request is too large.("too large" is + implementation dependent.) */ LIB_EXPORT UINT16 DRBG_Generate( RAND_STATE *state, diff --git a/src/tpm2/crypto/openssl/LibSupport.h b/src/tpm2/crypto/openssl/LibSupport.h index 6abd761e..741fad78 100644 --- a/src/tpm2/crypto/openssl/LibSupport.h +++ b/src/tpm2/crypto/openssl/LibSupport.h @@ -60,16 +60,26 @@ /********************************************************************************/ // 5.12 LibSupport.h -// This header file is used to select the library code that gets included in the TPM built +// This header file is used to select the library code that gets included in the TPM build #ifndef _LIB_SUPPORT_H_ #define _LIB_SUPPORT_H_ + +#if 0 // libtpms added #ifndef RADIX_BITS -# if defined(__x86_64__) || defined(_WIN64) || defined(_M_X64) || defined(_M_ARM64) +# if defined(__x86_64__) || defined(__x86_64) \ + || defined(__amd64__) || defined(__amd64) || defined(_WIN64) || defined(_M_X64) \ + || defined(_M_ARM64) || defined(__aarch64__) \ + || defined(__powerpc64__) || defined(__ppc64__) # define RADIX_BITS 64 -# else +# elif defined(__i386__) || defined(__i386) || defined(i386) \ + || defined(_WIN32) || defined(_M_IX86) \ + || defined(_M_ARM) || defined(__arm__) || defined(__thumb__) # define RADIX_BITS 32 +# else +# error Unable to determine RADIX_BITS from compiler environment # endif #endif // RADIX_BITS +#endif // libtpms added // These macros use the selected libraries to the proper include files. #define LIB_QUOTE(_STRING_) #_STRING_ diff --git a/src/tpm2/crypto/openssl/TpmToOsslMath.c b/src/tpm2/crypto/openssl/TpmToOsslMath.c index 65048a88..ef06f56d 100644 --- a/src/tpm2/crypto/openssl/TpmToOsslMath.c +++ b/src/tpm2/crypto/openssl/TpmToOsslMath.c @@ -61,20 +61,28 @@ /* B.2.3.2. TpmToOsslMath.c */ /* B.2.3.2.1. Introduction */ -/* This file contains the math functions that are not implemented in the BnMath() library - (yet). These math functions will call the OpenSSL library to execute the operations. There is a - difference between the internal format and the OpenSSL format. To call the OpenSSL function, - a BIGNUM structure is created for each passed variable. The sizes in the bignum_t are copied and - the d pointer in the BIGNUM is set to point to the d parameter of the bignum_t. On return, - SetSizeOsslToTpm() is used for each returned variable to make sure that the pointers are not - changed. The size of the returned BIGGNUM is copied to bignum_t. */ -/* B.2.3.2.2. Includes and Defines */ + +/* The functions in this file provide the low-level interface between the TPM code and the big + number and elliptic curve math routines in OpenSSL. */ +/* Most math on big numbers require a context. The context contains the memory in which OpenSSL + creates and manages the big number values. When a OpenSSL math function will be called that + modifies a BIGNUM value, that value must be created in an OpenSSL context. The first line of code + in such a function must be: OSSL_ENTER(); and the last operation before returning must be + OSSL_LEAVE(). OpenSSL variables can then be created with BnNewVariable(). Constant values to be + used by OpenSSL are created from the bigNum values passed to the functions in this file. Space + for the BIGNUM control block is allocated in the stack of the function and then it is initialized + by calling BigInitialized(). That function sets up the values in the BIGNUM structure and sets + the data pointer to point to the data in the bignum_t. This is only used when the value is known + to be a constant in the called function. */ +/* Because the allocations of constants is on the local stack and the OSSL_ENTER()/OSSL_LEAVE() pair + flushes everything created in OpenSSL memory, there should be no chance of a memory leak. */ + #include "Tpm.h" #ifdef MATH_LIB_OSSL #include "TpmToOsslMath_fp.h" -/* B.2.3.2.3.1. OsslToTpmBn() */ +/* B.2.3.2.3.1. OsslToTpmBn() */ /* This function converts an OpenSSL BIGNUM to a TPM bignum. In this implementation it is assumed that OpenSSL used the same format for a big number as does the TPM -- an array of native-endian words in little-endian order. */ @@ -97,8 +105,11 @@ OsslToTpmBn( BnFromBytes(bn, buffer, buffer_len); /* bin to TPM */ } } + /* B.2.3.2.3.2. BigInitialized() */ -/* This function initializes an OSSL BIGNUM from a TPM bignum. */ +/* This function initializes an OSSL BIGNUM from a TPM bigConst. Do not use this for values that are + passed to OpenSLL when they are not declared as const in the function prototype. Instead, use + BnNewVariable(). */ BIGNUM * BigInitialized( bigConst initializer @@ -122,6 +133,7 @@ BigInitialized( #else # define DEBUG_PRINT(x) printf("%s", x) # define BIGNUM_PRINT(label, bn, eol) BIGNUM_print((label), (bn), (eol)) + static void BIGNUM_print( const char *label, @@ -186,12 +198,15 @@ MathLibraryCompatibilityCheck( cAssert(osslTemp->d[0] == tpmTemp->d[0]); OSSL_LEAVE(); } + #endif + /* B.2.3.2.3.3. BnModMult() */ /* Does multiply and divide returning the remainder of the divide. */ /* Return Value Meaning */ /* TRUE(1) success */ /* FALSE(0) failure in operation */ + LIB_EXPORT BOOL BnModMult( bigNum result, @@ -224,11 +239,13 @@ BnModMult( OSSL_LEAVE(); return OK; } + /* B.2.3.2.3.4. BnMult() */ /* Multiplies two numbers */ /* Return Value Meaning */ /* TRUE(1) success */ /* FALSE(0) failure in operation */ + LIB_EXPORT BOOL BnMult( bigNum result, @@ -257,12 +274,14 @@ BnMult( OSSL_LEAVE(); return OK; } + /* B.2.3.2.3.5. BnDiv() */ /* This function divides two bigNum values. The function returns FALSE if there is an error in the operation. */ /* Return Value Meaning */ /* TRUE(1) success */ /* FALSE(0) failure in operation */ + LIB_EXPORT BOOL BnDiv( bigNum quotient, @@ -319,6 +338,7 @@ BnDiv( /* Return Value Meaning */ /* TRUE(1) success */ /* FALSE(0) failure in operation */ + LIB_EXPORT BOOL BnGcd( bigNum gcd, // OUT: the common divisor @@ -344,12 +364,14 @@ BnGcd( OSSL_LEAVE(); return OK; } + /* B.2.3.2.3.7. BnModExp() */ /* Do modular exponentiation using bigNum values. The conversion from a bignum_t to a bigNum is trivial as they are based on the same structure */ /* Return Value Meaning */ /* TRUE(1) success */ /* FALSE(0) failure in operation */ + LIB_EXPORT BOOL BnModExp( bigNum result, // OUT: the result @@ -377,11 +399,13 @@ BnModExp( OSSL_LEAVE(); return OK; } + /* B.2.3.2.3.8. BnModInverse() */ /* Modular multiplicative inverse */ /* Return Value Meaning */ /* TRUE(1) success */ /* FALSE(0) failure in operation */ + LIB_EXPORT BOOL BnModInverse( bigNum result, @@ -405,9 +429,11 @@ BnModInverse( OSSL_LEAVE(); return OK; } + #endif // TPM_ALG_RSA #if ALG_ECC + /* B.2.3.2.3.9. PointFromOssl() */ /* Function to copy the point result from an OSSL function to a bigNum */ /* Return Value Meaning */ @@ -448,6 +474,7 @@ PointFromOssl( } /* B.2.3.2.3.10. EcPointInitialized() */ /* Allocate and initialize a point. */ + LIB_EXPORT EC_POINT * // libtpms: exported function EcPointInitialized( pointConst initializer, @@ -469,12 +496,14 @@ EcPointInitialized( BN_clear_free(bnX); return P; } + /* B.2.3.2.3.11. BnCurveInitialize() */ /* This function initializes the OpenSSL group definition */ /* It is a fatal error if groupContext is not provided. */ /* Return Values Meaning */ /* NULL the TPM_ECC_CURVE is not valid */ /* non-NULL points to a structure in groupContext */ + bigCurve BnCurveInitialize( bigCurve E, // IN: curve structure to initialize @@ -535,10 +564,12 @@ BnCurveInitialize( BN_clear_free(bnP); return OK ? E : NULL; } + /* B.2.3.2.3.11. BnEccModMult() */ /* This functi2n does a point multiply of the form R = [d]S */ /* Return Values Meaning */ /* FALSE failure in operation; treat as result being point at infinity */ + LIB_EXPORT BOOL BnEccModMult( bigPoint R, // OUT: computed point @@ -550,6 +581,7 @@ BnEccModMult( EC_POINT *pR = EC_POINT_new(E->G); EC_POINT *pS = EcPointInitialized(S, E); BIG_INITIALIZED(bnD, d); + if(S == NULL) EC_POINT_mul(E->G, pR, bnD, NULL, NULL, E->CTX); else @@ -560,9 +592,11 @@ BnEccModMult( BN_clear_free(bnD); return !BnEqualZero(R->z); } + /* B.2.3.2.3.13. BnEccModMult2() */ /* This function does a point multiply of the form R = [d]G + [u]Q */ /* FALSE failure in operation; treat as result being point at infinity */ + LIB_EXPORT BOOL BnEccModMult2( bigPoint R, // OUT: computed point @@ -578,6 +612,7 @@ BnEccModMult2( BIG_INITIALIZED(bnD, d); EC_POINT *pQ = EcPointInitialized(Q, E); BIG_INITIALIZED(bnU, u); + if(S == NULL || S == (pointConst)&(AccessCurveData(E)->base)) EC_POINT_mul(E->G, pR, bnD, pQ, bnU, E->CTX); else @@ -598,6 +633,7 @@ BnEccModMult2( BN_clear_free(bnU); return !BnEqualZero(R->z); } + /* B.2.3.2.4. BnEccAdd() */ /* This function does addition of two points. */ /* Return Values Meaning */ @@ -621,5 +657,6 @@ BnEccAdd( EC_POINT_clear_free(pQ); return !BnEqualZero(R->z); } + #endif // ALG_ECC #endif // MATH_LIB_OSSL diff --git a/src/tpm2/crypto/openssl/TpmToOsslMath.h b/src/tpm2/crypto/openssl/TpmToOsslMath.h index 1434a3d6..8b8a8525 100644 --- a/src/tpm2/crypto/openssl/TpmToOsslMath.h +++ b/src/tpm2/crypto/openssl/TpmToOsslMath.h @@ -59,8 +59,6 @@ /* */ /********************************************************************************/ - - /* B.2.2.1. TpmToOsslMath.h */ /* B.2.2.1.1. Introduction */ /* This file contains the structure definitions used for ECC in the LibTopCrypt() version of the diff --git a/src/tpm2/crypto/openssl/TpmToOsslMath_fp.h b/src/tpm2/crypto/openssl/TpmToOsslMath_fp.h index 7d513557..5b3a2d35 100644 --- a/src/tpm2/crypto/openssl/TpmToOsslMath_fp.h +++ b/src/tpm2/crypto/openssl/TpmToOsslMath_fp.h @@ -150,5 +150,4 @@ BnEccAdd( bigCurve E // IN: curve ); - #endif