Proxmox-Port/libtpms
1
0
Fork 0
mirror of https://github.com/stefanberger/libtpms synced 2025-08-26 13:14:36 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Compare commits

base: Proxmox-Port:4c374f99943792b36ea1e02347bf4c6909ed9076
Branches Tags
Proxmox-Port:master
Proxmox-Port:master.next
Proxmox-Port:stable-0.9
Proxmox-Port:stable-0.9.next
Proxmox-Port:coverity_scan
Proxmox-Port:stefanberger/rev180.part3
Proxmox-Port:stable-0.7.0
Proxmox-Port:stable-0.10
Proxmox-Port:stable-0.8
Proxmox-Port:stable-0.8.next
Proxmox-Port:stable-0.10.next
Proxmox-Port:stable-0.7.0.next
Proxmox-Port:stefanberger/force_m68k_alignment
Proxmox-Port:stefanberger/svn-hierarchy-enablement
Proxmox-Port:stefanberger/fips-140-3
Proxmox-Port:stefanberger/drbg_continous_test
Proxmox-Port:stefanberger/policycapability_filter
Proxmox-Port:stefanberger/fips-140-2+.backup
Proxmox-Port:stefanberger/use_openssl_kdfa
Proxmox-Port:stefanberger/use_openssl_kdf
Proxmox-Port:stefanberger/ossl3_symmetric_functions
Proxmox-Port:stefanberger/ossl3_ec
Proxmox-Port:stefanberger/no_lockout_counter_increase
Proxmox-Port:stable-0.6.0.next
Proxmox-Port:stable-0.6.0
Proxmox-Port:pure_openssl_seeds
Proxmox-Port:fuzzer-data
Proxmox-Port:v0.7.12
Proxmox-Port:v0.8.10
Proxmox-Port:v0.9.7
Proxmox-Port:v0.10.1
Proxmox-Port:v0.10.0
Proxmox-Port:v0.10.0-rc1
Proxmox-Port:v0.9.6
Proxmox-Port:v0.8.9
Proxmox-Port:v0.7.11
Proxmox-Port:v0.8.8
Proxmox-Port:v0.9.5
Proxmox-Port:v0.9.4
Proxmox-Port:v0.9.3
Proxmox-Port:v0.9.2
Proxmox-Port:v0.9.1
Proxmox-Port:v0.9.0
Proxmox-Port:v0.8.7
Proxmox-Port:v0.7.10
Proxmox-Port:v0.8.6
Proxmox-Port:v0.6.6
Proxmox-Port:v0.7.9
Proxmox-Port:v0.8.5
Proxmox-Port:v0.6.5
Proxmox-Port:v0.7.8
Proxmox-Port:v0.8.4
Proxmox-Port:v0.8.3
Proxmox-Port:v0.7.7
Proxmox-Port:v0.8.2
Proxmox-Port:v0.7.6
Proxmox-Port:v0.6.4
Proxmox-Port:v0.8.1
Proxmox-Port:v0.8.0
Proxmox-Port:v0.7.5
Proxmox-Port:v0.7.4
Proxmox-Port:v0.6.3
Proxmox-Port:v0.7.3
Proxmox-Port:v0.7.2
Proxmox-Port:v0.6.2
Proxmox-Port:v0.7.1
Proxmox-Port:v0.6.1
Proxmox-Port:v0.7.0
Proxmox-Port:v0.6.0
Proxmox-Port:v0.6.0-dev1
Proxmox-Port:v0.5.2.1
Proxmox-Port:v0.5.2
...
compare: Proxmox-Port:13a41ca095859cc459be252d033e06aa5466ff3e
Branches Tags
Proxmox-Port:master
Proxmox-Port:master.next
Proxmox-Port:stable-0.9
Proxmox-Port:stable-0.9.next
Proxmox-Port:coverity_scan
Proxmox-Port:stefanberger/rev180.part3
Proxmox-Port:stable-0.7.0
Proxmox-Port:stable-0.10
Proxmox-Port:stable-0.8
Proxmox-Port:stable-0.8.next
Proxmox-Port:stable-0.10.next
Proxmox-Port:stable-0.7.0.next
Proxmox-Port:stefanberger/force_m68k_alignment
Proxmox-Port:stefanberger/svn-hierarchy-enablement
Proxmox-Port:stefanberger/fips-140-3
Proxmox-Port:stefanberger/drbg_continous_test
Proxmox-Port:stefanberger/policycapability_filter
Proxmox-Port:stefanberger/fips-140-2+.backup
Proxmox-Port:stefanberger/use_openssl_kdfa
Proxmox-Port:stefanberger/use_openssl_kdf
Proxmox-Port:stefanberger/ossl3_symmetric_functions
Proxmox-Port:stefanberger/ossl3_ec
Proxmox-Port:stefanberger/no_lockout_counter_increase
Proxmox-Port:stable-0.6.0.next
Proxmox-Port:stable-0.6.0
Proxmox-Port:pure_openssl_seeds
Proxmox-Port:fuzzer-data
Proxmox-Port:v0.7.12
Proxmox-Port:v0.8.10
Proxmox-Port:v0.9.7
Proxmox-Port:v0.10.1
Proxmox-Port:v0.10.0
Proxmox-Port:v0.10.0-rc1
Proxmox-Port:v0.9.6
Proxmox-Port:v0.8.9
Proxmox-Port:v0.7.11
Proxmox-Port:v0.8.8
Proxmox-Port:v0.9.5
Proxmox-Port:v0.9.4
Proxmox-Port:v0.9.3
Proxmox-Port:v0.9.2
Proxmox-Port:v0.9.1
Proxmox-Port:v0.9.0
Proxmox-Port:v0.8.7
Proxmox-Port:v0.7.10
Proxmox-Port:v0.8.6
Proxmox-Port:v0.6.6
Proxmox-Port:v0.7.9
Proxmox-Port:v0.8.5
Proxmox-Port:v0.6.5
Proxmox-Port:v0.7.8
Proxmox-Port:v0.8.4
Proxmox-Port:v0.8.3
Proxmox-Port:v0.7.7
Proxmox-Port:v0.8.2
Proxmox-Port:v0.7.6
Proxmox-Port:v0.6.4
Proxmox-Port:v0.8.1
Proxmox-Port:v0.8.0
Proxmox-Port:v0.7.5
Proxmox-Port:v0.7.4
Proxmox-Port:v0.6.3
Proxmox-Port:v0.7.3
Proxmox-Port:v0.7.2
Proxmox-Port:v0.6.2
Proxmox-Port:v0.7.1
Proxmox-Port:v0.6.1
Proxmox-Port:v0.7.0
Proxmox-Port:v0.6.0
Proxmox-Port:v0.6.0-dev1
Proxmox-Port:v0.5.2.1
Proxmox-Port:v0.5.2

18 Commits
4c374f9994 ... 13a41ca095

Author SHA1 Message Date
Stefan Berger
13a41ca095 tpm2: Add missing defines for existing structures, remove others 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
2a5baa8800 tpm2: Sync up RunCommand.c with upstream 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
e60fafc61a tpm2: Add missing SVN-related cases in TPMPropertyIsDefined 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
b2839e2613 tpm2: Sync TPM_PT_MODES case in TPMPropertyIsDefined 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
865b356292 tpm2: Add missing '|| TABLE_DRIVEN_MARSHAL' to CommandDispatcher.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
fccc05845b tpm2: Add support for CRYPTO_LIB_REPORTING but do not use it 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
74bd4ee1d6 tpm2: Use TPM2B_DIGEST in MAC_Out 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
79e233c607 tpm2: Remove CLOCK_ defines for header since already in Clock.c 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
1278421db9 tpm2: Add TPMI_RH_BASE_HIERARCHY type and use it 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
04dab706c5 tpm2: Add (unused) defines to TpmTcpProtocol.h 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
fa637145b8 tpm2: Fix definition of CertifyX509 error codes 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
0945ad07ef tpm2: Fix definition of ChangePPS error codes 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
a954fa214b tpm2: Fix definition of NV_ReadPublic error codes 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
2360ec6d83 tpm2: Fix definition of HierarchyChnageAuth error codes 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
bd282cce6a tpm2: Fix definition of SequenceUpdate error codes 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
f8ddf879af tpm2: Replace occurrences of xorr with xor 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
4c7dcf2db3 tpm2: Rebase on TPM v1.83: Reduce diffs 
- Rename files so the filenames match
- Reduce whitespace diffs
- Other trivial changes

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
Stefan Berger
5de6c7fe40 scripts: Implement scripts to be able to use meld on upstream codebase 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2025-07-31 18:57:14 -04:00
350 changed files with 31518 additions and 27298 deletions
Show Stats Expand all files Collapse all files

98
scripts/meld-all Executable file
View File

@ -0,0 +1,98 @@
#!/usr/bin/env bash
SKIP_FILES="(Marshal.c|Marshal_fp.h)"
NO_MELD_FLAG=$((1<<0))
main()
{
local opts f fname upstream flags
flags=0
prgname="$0"
if ! opts=$(getopt -l "help,no-meld,diff-only" -n "$prgname" -- "$prgname" "$@"); then
echo "Error: Failed to parse options." >&2
return 1
fi
eval set -- "${opts}"
while :; do
case "$1" in
--no-meld|diff-only)
flags=$((flags | NO_MELD_FLAG))
shift
;;
--)
shift
break
;;
--help)
help "$prgname"
return 0
;;
*)
echo "Internal error: Unregonized option '$1'" >&2
shift
return
;;
esac
done
if [ ! -r "$1" ]; then
echo "Cannot find file '$1' in libtpms repo."
exit 1
fi
if [ ! -d "$1" ]; then
echo "'$1' is not a directory."
exit 1
fi
if [ ! -d "${TCG_TPM_HOME}" ]; then
echo "TCG_TPM_HOME must point to a directory."
exit 1
fi
for f in $(find "$1" -type f -name '*.[ch]'); do
fname=$(basename "$f")
if [[ "${fname}" =~ ^${SKIP_FILES}$ ]]; then
echo "skipping ${fname}"
continue
fi
upstream=$(find "${TCG_TPM_HOME}" | grep -E "/${fname}\$")
if [ -n "${upstream}" ]; then
# find first empty line presumably after license
line=$(grep -m 1 -E "^$" -n "${f}" | cut -d":" -f1)
if [ -z "$line" ]; then
if [ $((flags & NO_MELD_FLAG)) -eq 0 ]; then
meld "${upstrean}" "${f}"
else
echo "Something wrong with file $f"
fi
fi
line=$((line+1))
if [ $((flags & NO_MELD_FLAG)) -ne 0 ]; then
echo "============================================================================"
echo "${f}"
diff --ignore-trailing-space <(sed -n "${line},\$p" < "${f}") "${upstream}"
fi
if ! diff --ignore-trailing-space <(sed -n "${line},\$p" < "${f}") "${upstream}" >/dev/null; then
if [ $((flags & NO_MELD_FLAG)) -eq 0 ]; then
meld "${upstream}" "$f"
fi
else
echo "${f}: nothing to do"
fi
else
echo "Could not find file ${fname} in TCG TPM repo"
fi
done
}
main "$@"
exit $?

23
scripts/meld-find Executable file
View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
if [ ! -f "$1" ]; then
echo "Cannot find file '$1' in libtpms repo."
exit 1
fi
if [ -z "${TCG_TPM_HOME}" ]; then
echo "TCG_TPM_HOME must be set to the TCG TPM repo checkout."
exit 1
fi
if [ ! -d "${TCG_TPM_HOME}" ]; then
echo "TCG_TPM_HOME must point to a directory."
exit 1
fi
fname=$(basename "$1")
upstream=$(find "${TCG_TPM_HOME}" | grep -E "/${fname}\$")
meld "${upstream}" "$1"

11
src/Makefile.am
View File

@ -237,9 +237,9 @@ libtpms_tpm2_la_SOURCES = \
tpm2/MathOnByteBuffers.c \
tpm2/Memory.c \
tpm2/NVCommands.c \
tpm2/NVDynamic.c \
tpm2/NvDynamic.c \
tpm2/NVMem.c \
tpm2/NVReserved.c \
tpm2/NvReserved.c \
tpm2/NV_spt.c \
tpm2/Object.c \
tpm2/ObjectCommands.c \
@ -268,7 +268,7 @@ libtpms_tpm2_la_SOURCES = \
tpm2/TestingCommands.c \
tpm2/Ticket.c \
tpm2/Time.c \
tpm2/TpmAsn1.c \
tpm2/TpmASN1.c \
tpm2/TpmBigNumThunks.c \
tpm2/TpmEcc_Signature_ECDAA.c \
tpm2/TpmEcc_Signature_ECDSA.c \
@ -365,6 +365,7 @@ noinst_HEADERS += \
tpm2/Create_fp.h \
tpm2/CreateLoaded_fp.h \
tpm2/CreatePrimary_fp.h \
tpm2/CryptoInterface.h \
tpm2/CryptSelfTest_fp.h \
tpm2/DA_fp.h \
tpm2/DebugHelpers_fp.h \
@ -426,7 +427,7 @@ noinst_HEADERS += \
tpm2/NV_ChangeAuth_fp.h \
tpm2/NV_DefineSpace_fp.h \
tpm2/NV_DefineSpace2_fp.h \
tpm2/NVDynamic_fp.h \
tpm2/NvDynamic_fp.h \
tpm2/NV_Extend_fp.h \
tpm2/NV_GlobalWriteLock_fp.h \
tpm2/NV.h \
@ -435,7 +436,7 @@ noinst_HEADERS += \
tpm2/NV_ReadLock_fp.h \
tpm2/NV_ReadPublic_fp.h \
tpm2/NV_ReadPublic2_fp.h \
tpm2/NVReserved_fp.h \
tpm2/NvReserved_fp.h \
tpm2/NV_SetBits_fp.h \
tpm2/NV_spt_fp.h \
tpm2/NV_UndefineSpace_fp.h \

20
src/tpm2/ACT.h
View File

@ -59,11 +59,20 @@
/* */
/********************************************************************************/
// 5.24 ACT.h
#ifndef _ACT_H_
#define _ACT_H_
#include "TpmProfile.h"
#if 0 // libtpms added
#if ACT_SUPPORT \
!= (RH_ACT_0 | RH_ACT_1 | RH_ACT_2 | RH_ACT_3 | RH_ACT_4 | RH_ACT_5 | RH_ACT_6 \
| RH_ACT_7 | RH_ACT_8 | RH_ACT_9 | RH_ACT_A | RH_ACT_B | RH_ACT_C | RH_ACT_D \
| RH_ACT_E | RH_ACT_F)
# error "If ACT_SUPPORT == NO, no ACTs can be enabled"
#endif // (ACT_SUPPORT != ...)
#endif // libtpms added
#if !(defined RH_ACT_0) || (RH_ACT_0 != YES)
# undef RH_ACT_0
# define RH_ACT_0 NO
@ -176,9 +185,11 @@
#else
# define IF_ACT_F_IMPLEMENTED(op) op(F)
#endif
#ifndef TPM_RH_ACT_0
# error Need numeric definition for TPM_RH_ACT_0
#endif
#ifndef TPM_RH_ACT_1
# define TPM_RH_ACT_1 (TPM_RH_ACT_0 + 1)
#endif
@ -224,6 +235,7 @@
#ifndef TPM_RH_ACT_F
# define TPM_RH_ACT_F (TPM_RH_ACT_0 + 0xF)
#endif
#define FOR_EACH_ACT(op) \
IF_ACT_0_IMPLEMENTED(op) \
IF_ACT_1_IMPLEMENTED(op) \
@ -243,15 +255,17 @@
IF_ACT_F_IMPLEMENTED(op)
// This is the mask for ACT that are implemented
//#define ACT_MASK(N) | (1 << 0x##N)
//#define ACT_IMPLEMENTED_MASK (0 FOR_EACH_ACT(ACT_MASK))
#define CASE_ACT_HANDLE(N) case TPM_RH_ACT_##N:
#define CASE_ACT_NUMBER(N) case 0x##N:
typedef struct ACT_STATE
{
UINT32 remaining;
TPM_ALG_ID hashAlg;
TPM2B_DIGEST authPolicy;
} ACT_STATE, *P_ACT_STATE;
#endif // _ACT_H_

25
src/tpm2/ACT_SetTimeout_fp.h
View File

@ -59,21 +59,28 @@
/* */
/********************************************************************************/
#ifndef ACT_SETTIMEOUT_FP_H
#define ACT_SETTIMEOUT_FP_H
typedef struct {
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
#if CC_ACT_SetTimeout // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ACT actHandle;
UINT32 startTimeout;
} ACT_SetTimeout_In;
// Response code modifiers
# define RC_ACT_SetTimeout_actHandle (TPM_RC_H + TPM_RC_1)
#define RC_ACT_SetTimeout_startTimeout (TPM_RC_H + TPM_RC_2)
# define RC_ACT_SetTimeout_startTimeout (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ACT_SetTimeout(
ACT_SetTimeout_In *in // IN: input parameter list
);
TPM2_ACT_SetTimeout(ACT_SetTimeout_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
#endif // CC_ACT_SetTimeout

34
src/tpm2/ActivateCredential_fp.h
View File

@ -59,30 +59,38 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ACTIVATECREDENTIAL_FP_H
#define ACTIVATECREDENTIAL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ActivateCredential // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT activateHandle;
TPMI_DH_OBJECT keyHandle;
TPM2B_ID_OBJECT credentialBlob;
TPM2B_ENCRYPTED_SECRET secret;
} ActivateCredential_In;
// Output structure definition
typedef struct
{
TPM2B_DIGEST certInfo;
} ActivateCredential_Out;
// Response code modifiers
# define RC_ActivateCredential_activateHandle (TPM_RC_H + TPM_RC_1)
# define RC_ActivateCredential_keyHandle (TPM_RC_H + TPM_RC_2)
# define RC_ActivateCredential_credentialBlob (TPM_RC_P + TPM_RC_1)
# define RC_ActivateCredential_secret (TPM_RC_P + TPM_RC_2)
typedef struct {
TPM2B_DIGEST certInfo;
} ActivateCredential_Out;
// Function prototype
TPM_RC
TPM2_ActivateCredential(
ActivateCredential_In *in, // IN: input parameter list
ActivateCredential_Out *out // OUT: output parameter list
);
#endif
TPM2_ActivateCredential(ActivateCredential_In* in, ActivateCredential_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
#endif // CC_ActivateCredential

66
src/tpm2/AlgorithmCap.c
View File

@ -58,42 +58,51 @@
/* */
/********************************************************************************/
/* 9.1 AlgorithmCap.c */
/* 9.1.1 Description */
/* This file contains the algorithm property definitions for the algorithms and the code for the
TPM2_GetCapability() to return the algorithm properties. */
/* 9.1.2 Includes and Defines */
//** Description
// This file contains the algorithm property definitions for the algorithms and the
// code for the TPM2_GetCapability() to return the algorithm properties.
//** Includes and Defines
#include "Tpm.h"
typedef struct
{
TPM_ALG_ID algID;
TPMA_ALGORITHM attributes;
} ALGORITHM;
static const ALGORITHM s_algorithms[] =
{
static const ALGORITHM s_algorithms[] = {
// The entries in this table need to be in ascending order but the table doesn't
// need to be full (gaps are allowed). One day, a tool might exist to fill in the
// table from the TPM_ALG description
#if ALG_RSA
{TPM_ALG_RSA, TPMA_ALGORITHM_INITIALIZER(1, 0, 0, 1, 0, 0, 0, 0, 0)},
#endif
#if ALG_TDES
#if ALG_TDES // libtpms added begin
{TPM_ALG_TDES, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
#endif
#endif // libtpms added end
#if ALG_SHA1
{TPM_ALG_SHA1, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 0, 0)},
#endif
{TPM_ALG_HMAC, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 1, 0, 0, 0)},
#if ALG_AES
{TPM_ALG_AES, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
#endif
#if ALG_MGF1
{TPM_ALG_MGF1, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 1, 0)},
#endif
{TPM_ALG_KEYEDHASH, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 1, 0, 1, 1, 0, 0)},
#if ALG_XOR
{TPM_ALG_XOR, TPMA_ALGORITHM_INITIALIZER(0, 1, 1, 0, 0, 0, 0, 0, 0)},
#endif
#if ALG_SHA256
{TPM_ALG_SHA256, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 0, 0)},
#endif
@ -151,7 +160,9 @@ static const ALGORITHM s_algorithms[] =
#if ALG_ECC
{TPM_ALG_ECC, TPMA_ALGORITHM_INITIALIZER(1, 0, 0, 1, 0, 0, 0, 0, 0)},
#endif
{TPM_ALG_SYMCIPHER, TPMA_ALGORITHM_INITIALIZER(0, 0, 0, 1, 0, 0, 0, 0, 0)},
#if ALG_CAMELLIA
{TPM_ALG_CAMELLIA, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
#endif
@ -174,14 +185,16 @@ static const ALGORITHM s_algorithms[] =
{TPM_ALG_ECB, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 1, 0, 0)},
#endif
};
/* 9.1.3 AlgorithmCapGetImplemented() */
/* This function is used by TPM2_GetCapability() to return a list of the implemented algorithms. */
/* Return Values Meaning */
/* YES more algorithms to report */
/* NO no more algorithms to report */
//** AlgorithmCapGetImplemented()
// This function is used by TPM2_GetCapability() to return a list of the
// implemented algorithms.
//
// Return Type: TPMI_YES_NO
// YES more algorithms to report
// NO no more algorithms to report
TPMI_YES_NO
AlgorithmCapGetImplemented(
TPM_ALG_ID algID, // IN: the starting algorithm ID
AlgorithmCapGetImplemented(TPM_ALG_ID algID, // IN: the starting algorithm ID
UINT32 count, // IN: count of returned algorithms
TPML_ALG_PROPERTY* algList // OUT: algorithm list
)
@ -189,13 +202,17 @@ AlgorithmCapGetImplemented(
TPMI_YES_NO more = NO;
UINT32 i;
UINT32 algNum;
// initialize output algorithm list
algList->count = 0;
// The maximum count of algorithms we may return is MAX_CAP_ALGS.
if(count > MAX_CAP_ALGS)
count = MAX_CAP_ALGS;
// Compute how many algorithms are defined in s_algorithms array.
algNum = sizeof(s_algorithms) / sizeof(s_algorithms[0]);
// Scan the implemented algorithm list to see if there is a match to 'algID'.
for(i = 0; i < algNum; i++)
{
@ -222,6 +239,7 @@ AlgorithmCapGetImplemented(
break;
}
}
return more;
}
@ -253,27 +271,25 @@ BOOL AlgorithmCapGetOneImplemented(
return TRUE;
}
}
return FALSE;
}
/* 9.1.4 AlgorithmGetImplementedVector()
This function returns the bit vector of the implemented algorithms.
*/
//** AlgorithmGetImplementedVector()
// This function returns the bit vector of the implemented algorithms.
LIB_EXPORT
void
AlgorithmGetImplementedVector(
void AlgorithmGetImplementedVector(
ALGORITHM_VECTOR* implemented // OUT: the implemented bits are SET
)
{
int index;
// Nothing implemented until we say it is
MemorySet(implemented, 0, sizeof(ALGORITHM_VECTOR));
// Go through the list of implemented algorithms and SET the corresponding bit in
// in the implemented vector
for(index = (sizeof(s_algorithms) / sizeof(s_algorithms[0])) - 1;
index >= 0; index--) { // libtpms changed
for(index = (sizeof(s_algorithms) / sizeof(s_algorithms[0])) - 1; index >= 0;
index--) { // libtpms changed
if (RuntimeAlgorithmCheckEnabled(&g_RuntimeProfile.RuntimeAlgorithm, // libtpms added begin
s_algorithms[index].algID))
SET_BIT(s_algorithms[index].algID, *implemented);

28
src/tpm2/AlgorithmCap_fp.h
View File

@ -58,15 +58,27 @@
/* */
/********************************************************************************/
#ifndef ALGORITHMCAP_FP_H
#define ALGORITHMCAP_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
#ifndef _ALGORITHM_CAP_FP_H_
#define _ALGORITHM_CAP_FP_H_
//** AlgorithmCapGetImplemented()
// This function is used by TPM2_GetCapability() to return a list of the
// implemented algorithms.
//
// Return Type: TPMI_YES_NO
// YES more algorithms to report
// NO no more algorithms to report
TPMI_YES_NO
AlgorithmCapGetImplemented(
TPM_ALG_ID algID, // IN: the starting algorithm ID
AlgorithmCapGetImplemented(TPM_ALG_ID algID, // IN: the starting algorithm ID
UINT32 count, // IN: count of returned algorithms
TPML_ALG_PROPERTY* algList // OUT: algorithm list
);
//** AlgorithmCapGetOneImplemented()
// This function returns whether a single algorithm was implemented, along
// with its properties (if implemented).
@ -75,11 +87,11 @@ BOOL AlgorithmCapGetOneImplemented(
TPMS_ALG_PROPERTY* algProperty // OUT: algorithm properties
);
//** AlgorithmGetImplementedVector()
// This function returns the bit vector of the implemented algorithms.
LIB_EXPORT
void
AlgorithmGetImplementedVector(
void AlgorithmGetImplementedVector(
ALGORITHM_VECTOR* implemented // OUT: the implemented bits are SET
);
#endif
#endif // _ALGORITHM_CAP_FP_H_

7
src/tpm2/AlgorithmTests.c
View File

@ -309,7 +309,7 @@ static TPM_RC TestSymmetric(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
//
if(!TEST_BIT(alg, *toTest))
return TPM_RC_SUCCESS;
if(alg == TPM_ALG_AES || alg == TPM_ALG_SM4 || alg == TPM_ALG_CAMELLIA || alg == TPM_ALG_TDES)
if(alg == TPM_ALG_AES || alg == TPM_ALG_SM4 || alg == TPM_ALG_CAMELLIA || alg == TPM_ALG_TDES) // libtpms added TPM_ALG_TDES
{
// Will test the algorithm for all modes and key sizes
CLEAR_BOTH(alg);
@ -872,7 +872,8 @@ TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
case TPM_ALG_AES:
// libtpms added begin
# if SMAC_IMPLEMENTED && ALG_CMAC
if (doTest) {
if (doTest)
{
result = TestSMAC(toTest);
if (result != TPM_RC_SUCCESS)
break;
@ -1000,4 +1001,4 @@ TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
return result;
}
#endif // ENABLE_SELF_TESTS
#endif // SELF_TESTS

37
src/tpm2/AlgorithmTests_fp.h
View File

@ -58,17 +58,38 @@
/* */
/********************************************************************************/
#ifndef ALGORITHMTESTS_FP_H
#define ALGORITHMTESTS_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 4, 2020 Time: 02:36:44PM
*/
#ifndef _ALGORITHM_TESTS_FP_H_
#define _ALGORITHM_TESTS_FP_H_
#if ENABLE_SELF_TESTS
//*** TestAlgorithm()
// Dispatches to the correct test function for the algorithm or gets a list of
// testable algorithms.
//
// If 'toTest' is not NULL, then the test decisions are based on the algorithm
// selections in 'toTest'. Otherwise, 'g_toTest' is used. When bits are clear in
// 'g_toTest' they will also be cleared 'toTest'.
//
// If there doesn't happen to be a test for the algorithm, its associated bit is
// quietly cleared.
//
// If 'alg' is zero (TPM_ALG_ERROR), then the toTest vector is cleared of any bits
// for which there is no test (i.e. no tests are actually run but the vector is
// cleared).
//
// Note: 'toTest' will only ever have bits set for implemented algorithms but 'alg'
// can be anything.
// Return Type: TPM_RC
// TPM_RC_CANCELED test was canceled
LIB_EXPORT
TPM_RC
TestAlgorithm(
TPM_ALG_ID alg,
ALGORITHM_VECTOR *toTest
);
TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest);
#endif // ENABLE_SELF_TESTS
#endif // ALGORITHMTESTS_FP_H
#endif // _ALGORITHM_TESTS_FP_H_

79
src/tpm2/Attest_spt.c
View File

@ -59,13 +59,16 @@
/* */
/********************************************************************************/
//** Includes
#include "Tpm.h"
#include "Attest_spt_fp.h"
/* 7.2.2 Functions */
/* 7.2.2.1 FillInAttestInfo() */
/* Fill in common fields of TPMS_ATTEST structure. */
void
FillInAttestInfo(
#include "Marshal.h"
//** Functions
//***FillInAttestInfo()
// Fill in common fields of TPMS_ATTEST structure.
void FillInAttestInfo(
TPMI_DH_OBJECT signHandle, // IN: handle of signing object
TPMT_SIG_SCHEME* scheme, // IN/OUT: scheme to be used for signing
TPM2B_DATA* data, // IN: qualifying data
@ -73,8 +76,10 @@ FillInAttestInfo(
)
{
OBJECT* signObject = HandleToObject(signHandle);
// Magic number
attest->magic = TPM_GENERATED_VALUE;
if(signObject == NULL)
{
// The name for a null handle is TPM_RH_NULL
@ -96,9 +101,11 @@ FillInAttestInfo(
}
// current clock in plain text
TimeFillInfo(&attest->clockInfo);
// Firmware version in plain text
attest->firmwareVersion = ((UINT64)gp.firmwareV1 << (sizeof(UINT32) * 8));
attest->firmwareVersion += gp.firmwareV2;
// Check the hierarchy of sign object. For NULL sign handle, the hierarchy
// will be TPM_RH_NULL
if((signObject == NULL)
@ -108,9 +115,15 @@ FillInAttestInfo(
// For signing key that is not in platform or endorsement hierarchy,
// obfuscate the reset, restart and firmware version information
UINT64 obfuscation[2];
CryptKDFa(CONTEXT_INTEGRITY_HASH_ALG, &gp.shProof.b, OBFUSCATE_STRING,
&attest->qualifiedSigner.b, NULL, 128,
(BYTE *)&obfuscation[0], NULL, FALSE);
CryptKDFa(CONTEXT_INTEGRITY_HASH_ALG,
&gp.shProof.b,
OBFUSCATE_STRING,
&attest->qualifiedSigner.b,
NULL,
128,
(BYTE*)&obfuscation[0],
NULL,
FALSE);
// Obfuscate data
attest->firmwareVersion += obfuscation[0];
attest->clockInfo.resetCount += (UINT32)(obfuscation[1] >> 32);
@ -127,16 +140,20 @@ FillInAttestInfo(
data->t.size = 0;
}
}
/* 7.2.2.2 SignAttestInfo() */
/* Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature is returned. */
/* Error Returns Meaning */
/* TPM_RC_ATTRIBUTES signHandle references not a signing key */
/* TPM_RC_SCHEME scheme is not compatible with signHandle type */
/* TPM_RC_VALUE digest generated for the given scheme is greater than the modulus of signHandle (for
an RSA key); invalid commit status or failed to generate r value (for an ECC key) */
//***SignAttestInfo()
// Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature
// is returned.
//
// Return Type: TPM_RC
// TPM_RC_ATTRIBUTES 'signHandle' references not a signing key
// TPM_RC_SCHEME 'scheme' is not compatible with 'signHandle' type
// TPM_RC_VALUE digest generated for the given 'scheme' is greater than
// the modulus of 'signHandle' (for an RSA key);
// invalid commit status or failed to generate "r" value
// (for an ECC key)
TPM_RC
SignAttestInfo(
OBJECT *signKey, // IN: sign object
SignAttestInfo(OBJECT* signKey, // IN: sign object
TPMT_SIG_SCHEME* scheme, // IN: sign scheme
TPMS_ATTEST* certifyInfo, // IN: the data to be signed
TPM2B_DATA* qualifyingData, // IN: extra data for the signing
@ -150,9 +167,11 @@ SignAttestInfo(
HASH_STATE hashState;
TPM2B_DIGEST digest;
TPM_RC result;
// Marshal TPMS_ATTEST structure for hash
buffer = attest->t.attestationData;
attest->t.size = TPMS_ATTEST_Marshal(certifyInfo, &buffer, NULL);
if(signKey == NULL)
{
signature->sigAlg = TPM_ALG_NULL;
@ -165,9 +184,11 @@ SignAttestInfo(
hashAlg = scheme->details.any.hashAlg;
// need to set the receive buffer to get something put in it
digest.t.size = sizeof(digest.t.buffer);
digest.t.size = CryptHashBlock(hashAlg, attest->t.size,
digest.t.size = CryptHashBlock(hashAlg,
attest->t.size,
attest->t.attestationData,
digest.t.size, digest.t.buffer);
digest.t.size,
digest.t.buffer);
// If there is qualifying data, need to rehash the data
// hash(qualifyingData || hash(attestationData))
if(qualifyingData->t.size != 0)
@ -180,6 +201,7 @@ SignAttestInfo(
// Sign the hash. A TPM_RC_VALUE, TPM_RC_SCHEME, or
// TPM_RC_ATTRIBUTES error may be returned at this point
result = CryptSign(signKey, scheme, &digest, signature);
// Since the clock is used in an attestation, the state in NV is no longer
// "orderly" with respect to the data in RAM if the signature is valid
if(result == TPM_RC_SUCCESS)
@ -191,19 +213,18 @@ SignAttestInfo(
}
return result;
}
/* 7.2.2.3 IsSigningObject() */
/* Checks to see if the object is OK for signing. This is here rather than in Object_spt.c because
all the attestation commands use this file but not Object_spt.c. */
/* Return Values Meaning */
/* TRUE object may sign */
/* FALSE object may not sign */
BOOL
IsSigningObject(
OBJECT *object // IN:
//*** IsSigningObject()
// Checks to see if the object is OK for signing. This is here rather than in
// Object_spt.c because all the attestation commands use this file but not
// Object_spt.c.
// Return Type: BOOL
// TRUE(1) object may sign
// FALSE(0) object may not sign
BOOL IsSigningObject(OBJECT* object // IN:
)
{
return ((object == NULL)
|| ((IS_ATTRIBUTE(object->publicArea.objectAttributes, TPMA_OBJECT, sign)
&& object->publicArea.type != TPM_ALG_SYMCIPHER)));
}

47
src/tpm2/Attest_spt_fp.h
View File

@ -59,19 +59,36 @@
/* */
/********************************************************************************/
#ifndef ATTEST_SPT_FP_H
#define ATTEST_SPT_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:18PM
*/
void
FillInAttestInfo(
#ifndef _ATTEST_SPT_FP_H_
#define _ATTEST_SPT_FP_H_
//***FillInAttestInfo()
// Fill in common fields of TPMS_ATTEST structure.
void FillInAttestInfo(
TPMI_DH_OBJECT signHandle, // IN: handle of signing object
TPMT_SIG_SCHEME* scheme, // IN/OUT: scheme to be used for signing
TPM2B_DATA* data, // IN: qualifying data
TPMS_ATTEST* attest // OUT: attest structure
);
//***SignAttestInfo()
// Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature
// is returned.
//
// Return Type: TPM_RC
// TPM_RC_ATTRIBUTES 'signHandle' references not a signing key
// TPM_RC_SCHEME 'scheme' is not compatible with 'signHandle' type
// TPM_RC_VALUE digest generated for the given 'scheme' is greater than
// the modulus of 'signHandle' (for an RSA key);
// invalid commit status or failed to generate "r" value
// (for an ECC key)
TPM_RC
SignAttestInfo(
OBJECT *signKey, // IN: sign object
SignAttestInfo(OBJECT* signKey, // IN: sign object
TPMT_SIG_SCHEME* scheme, // IN: sign scheme
TPMS_ATTEST* certifyInfo, // IN: the data to be signed
TPM2B_DATA* qualifyingData, // IN: extra data for the signing
@ -80,13 +97,15 @@ SignAttestInfo(
// signed
TPMT_SIGNATURE* signature // OUT: signature
);
BOOL
IsSigningObject(
OBJECT *object // IN:
//*** IsSigningObject()
// Checks to see if the object is OK for signing. This is here rather than in
// Object_spt.c because all the attestation commands use this file but not
// Object_spt.c.
// Return Type: BOOL
// TRUE(1) object may sign
// FALSE(0) object may not sign
BOOL IsSigningObject(OBJECT* object // IN:
);
#endif
#endif // _ATTEST_SPT_FP_H_

15
src/tpm2/BaseTypes.h
View File

@ -59,18 +59,17 @@
/* */
/********************************************************************************/
/* 5.2 BaseTypes.h */
#ifndef BASETYPES_H
#define BASETYPES_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
#include <stdint.h>
/* NULL definition */
#ifndef _TPM_INCLUDE_PUBLIC_BASETYPES_H_
#define _TPM_INCLUDE_PUBLIC_BASETYPES_H_
// NULL definition
#ifndef NULL
# define NULL (0)
#endif
#endif // NULL
typedef uint8_t UINT8;
typedef uint8_t BYTE;
typedef int8_t INT8;
@ -82,4 +81,4 @@ typedef int32_t INT32;
typedef uint64_t UINT64;
typedef int64_t INT64;
#endif
#endif // _TPM_INCLUDE_PUBLIC_BASETYPES_H_

56
src/tpm2/Bits.c
View File

@ -59,24 +59,28 @@
/* */
/********************************************************************************/
/* 9.2 Bits.c */
/* 9.2.1 Introduction */
/* This file contains bit manipulation routines. They operate on bit arrays. */
/* The 0th bit in the array is the right-most bit in the 0th octet in the array. */
/* NOTE: If pAssert() is defined, the functions will assert if the indicated bit number is outside
of the range of bArray. How the assert is handled is implementation dependent. */
/* 9.2.2 Includes */
#include "Tpm.h"
/* 9.2.3 Functions */
/* 9.2.3.1 TestBit() */
/* This function is used to check the setting of a bit in an array of bits. */
/* Return Values Meaning */
/* TRUE bit is set */
/* FALSE bit is not set */
//** Introduction
// This file contains bit manipulation routines. They operate on bit arrays.
//
// The 0th bit in the array is the right-most bit in the 0th octet in
// the array.
//
// NOTE: If pAssert() is defined, the functions will assert if the indicated bit
// number is outside of the range of 'bArray'. How the assert is handled is
// implementation dependent.
BOOL
TestBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
//** Includes
#include "Tpm.h"
//** Functions
//*** TestBit()
// This function is used to check the setting of a bit in an array of bits.
// Return Type: BOOL
// TRUE(1) bit is set
// FALSE(0) bit is not set
BOOL TestBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
)
@ -85,12 +89,9 @@ TestBit(
return ((bArray[bitNum >> 3] & (1 << (bitNum & 7))) != 0);
}
/* 9.2.3.2 SetBit() */
/* This function will set the indicated bit in bArray. */
void
SetBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
//*** SetBit()
// This function will set the indicated bit in 'bArray'.
void SetBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
)
@ -99,12 +100,9 @@ SetBit(
bArray[bitNum >> 3] |= (1 << (bitNum & 7));
}
/* 9.2.3.3 ClearBit() */
/* This function will clear the indicated bit in bArray. */
void
ClearBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'.
//*** ClearBit()
// This function will clear the indicated bit in 'bArray'.
void ClearBit(unsigned int bitNum, // IN: number of the bit in 'bArray'.
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
)

42
src/tpm2/Bits_fp.h
View File

@ -59,40 +59,36 @@
/* */
/********************************************************************************/
#ifndef BITS_FP_H
#define BITS_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
/* 5.3.1 TestBit() */
/* This function is used to check the setting of a bit in an array of bits. */
/* Return Value Meaning */
/* TRUE bit is set */
/* FALSE bit is not set */
#ifndef _BITS_FP_H_
#define _BITS_FP_H_
BOOL
TestBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
//*** TestBit()
// This function is used to check the setting of a bit in an array of bits.
// Return Type: BOOL
// TRUE(1) bit is set
// FALSE(0) bit is not set
BOOL TestBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
);
/* 5.3.2 SetBit() */
/* This function will set the indicated bit in bArray. */
void
SetBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
//*** SetBit()
// This function will set the indicated bit in 'bArray'.
void SetBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
);
/* 5.3.3 ClearBit() */
/* This function will clear the indicated bit in bArray. */
void
ClearBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'.
//*** ClearBit()
// This function will clear the indicated bit in 'bArray'.
void ClearBit(unsigned int bitNum, // IN: number of the bit in 'bArray'.
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
);
#endif
#endif // _BITS_FP_H_

2
src/tpm2/BnMath.c
View File

@ -87,7 +87,7 @@
//** Includes
#include "Tpm.h" // libtpms: for CryptRand.h
#include "TpmMath_Util_fp.h"
#include "TpmMath_Util_fp.h" // libtpms: added
#include "TpmBigNum.h"
extern BOOL g_inFailureMode; // can't use global.h because we can't use tpm.h

102
src/tpm2/BnMemory.c
View File

@ -59,19 +59,20 @@
/* */
/********************************************************************************/
/* 10.2.5 BnMemory.c */
/* 10.2.5.1 Introduction */
/* This file contains the memory setup functions used by the bigNum functions in CryptoEngine() */
/* 10.2.5.2 Includes */
#include "Tpm.h"
/* 10.2.5.3 Functions */
/* 10.2.5.3.1 BnSetTop() */
/* This function is used when the size of a bignum_t is changed. It makes sure that the unused words
are set to zero and that any significant words of zeros are eliminated from the used size
indicator. */
LIB_EXPORT bigNum
BnSetTop(
bigNum bn, // IN/OUT: number to clean
//** Introduction
// This file contains the memory setup functions used by the bigNum functions
// in CryptoEngine
//** Includes
#include "TpmBigNum.h"
//** Functions
//*** BnSetTop()
// This function is used when the size of a bignum_t is changed. It
// makes sure that the unused words are set to zero and that any significant
// words of zeros are eliminated from the used size indicator.
LIB_EXPORT bigNum BnSetTop(bigNum bn, // IN/OUT: number to clean
crypt_uword_t top // IN: the new top
)
{
@ -91,12 +92,10 @@ BnSetTop(
return bn;
}
#if 0 /* libtpms added */
/* 10.2.5.3.2 BnClearTop() */
/* This function will make sure that all unused words are zero. */
LIB_EXPORT bigNum
BnClearTop(
bigNum bn
)
//*** BnClearTop()
// This function will make sure that all unused words are zero.
LIB_EXPORT bigNum BnClearTop(bigNum bn)
{
crypt_uword_t i;
//
@ -110,12 +109,11 @@ BnClearTop(
return bn;
}
#endif /* libtpms added */
/* 10.2.5.3.3 BnInitializeWord() */
/* This function is used to initialize an allocated bigNum with a word value. The bigNum does not
have to be allocated with a single word. */
LIB_EXPORT bigNum
BnInitializeWord(
bigNum bn, // IN:
//*** BnInitializeWord()
// This function is used to initialize an allocated bigNum with a word value. The
// bigNum does not have to be allocated with a single word.
LIB_EXPORT bigNum BnInitializeWord(bigNum bn, // IN:
crypt_uword_t allocated, // IN:
crypt_uword_t word // IN:
)
@ -127,14 +125,11 @@ BnInitializeWord(
bn->d[--allocated] = 0;
return bn;
}
/* 10.2.5.3.4 BnInit() */
/* This function initializes a stack allocated bignum_t. It initializes allocated and size and zeros
the words of d. */
LIB_EXPORT bigNum
BnInit(
bigNum bn,
crypt_uword_t allocated
)
//*** BnInit()
// This function initializes a stack allocated bignum_t. It initializes
// 'allocated' and 'size' and zeros the words of 'd'.
LIB_EXPORT bigNum BnInit(bigNum bn, crypt_uword_t allocated)
{
if(bn != NULL)
{
@ -145,14 +140,12 @@ BnInit(
}
return bn;
}
/* 10.2.5.3.5 BnCopy() */
/* Function to copy a bignum_t. If the output is NULL, then nothing happens. If the input is NULL,
the output is set to zero. */
LIB_EXPORT BOOL
BnCopy(
bigNum out,
bigConst in
)
//*** BnCopy()
// Function to copy a bignum_t. If the output is NULL, then
// nothing happens. If the input is NULL, the output is set
// to zero.
LIB_EXPORT BOOL BnCopy(bigNum out, bigConst in)
{
if(in == out)
BnSetTop(out, BnGetSize(out));
@ -171,25 +164,23 @@ BnCopy(
}
return TRUE;
}
#if ALG_ECC
#if 0 /* libtpms added */
/* 10.2.5.3.6 BnPointCopy() */
/* Function to copy a bn point. */
LIB_EXPORT BOOL
BnPointCopy(
bigPoint pOut,
pointConst pIn
)
//*** BnPointCopy()
// Function to copy a bn point.
LIB_EXPORT BOOL BnPointCopy(bigPoint pOut, pointConst pIn)
{
return BnCopy(pOut->x, pIn->x)
&& BnCopy(pOut->y, pIn->y)
return BnCopy(pOut->x, pIn->x) && BnCopy(pOut->y, pIn->y)
&& BnCopy(pOut->z, pIn->z);
}
#endif /* libtpms added */
/* 10.2.5.3.7 BnInitializePoint() */
/* This function is used to initialize a point structure with the addresses of the coordinates. */
LIB_EXPORT bn_point_t *
BnInitializePoint(
//*** BnInitializePoint()
// This function is used to initialize a point structure with the addresses
// of the coordinates.
LIB_EXPORT bn_point_t* BnInitializePoint(
bigPoint p, // OUT: structure to receive pointers
bigNum x, // IN: x coordinate
bigNum y, // IN: y coordinate
@ -202,4 +193,5 @@ BnInitializePoint(
BnSetWord(z, 1);
return p;
}
#endif // TPM_ALG_ECC
#endif // ALG_ECC

9
src/tpm2/BnSupport_Interface.h
View File

@ -79,6 +79,7 @@
#define BN_SUPPORT_INTERFACE_H
// TODO_RENAME_INC_FOLDER:private refers to the TPM_CoreLib private headers
#include "GpMacros.h"
#include "CryptoInterface.h"
#include "BnValues.h"
//** BnSupportLibInit()
@ -167,6 +168,14 @@ LIB_EXPORT BOOL BnEccAdd(
#endif // ALG_ECC
#if CRYPTO_LIB_REPORTING
//** BnGetImplementation()
// This function reports the underlying library being used for bignum operations.
void BnGetImplementation(_CRYPTO_IMPL_DESCRIPTION* result);
#endif // CRYPTO_LIB_REPORTING
// libtpms: added begin
bigCurveData*
BnCurveInitialize(

49
src/tpm2/Cancel.c
View File

@ -59,41 +59,38 @@
/* */
/********************************************************************************/
/* C.2 Cancel.c */
/* C.2.1. Description */
/* This module simulates the cancel pins on the TPM. */
/* C.2.2. Includes, Typedefs, Structures, and Defines */
//** Description
//
// This module simulates the cancel pins on the TPM.
//
//** Includes, Typedefs, Structures, and Defines
#include "Platform.h"
/* C.2.3. Functions */
/* C.2.3.1. _plat__IsCanceled() */
/* Check if the cancel flag is set */
/* Return Values Meaning */
/* TRUE(1) if cancel flag is set */
/* FALSE(0) if cancel flag is not set */
LIB_EXPORT int
_plat__IsCanceled(
void
)
//** Functions
//***_plat__IsCanceled()
// Check if the cancel flag is set
// Return Type: int
// TRUE(1) if cancel flag is set
// FALSE(0) if cancel flag is not set
LIB_EXPORT int _plat__IsCanceled(void)
{
// return cancel flag
return s_isCanceled;
}
/* C.2.3.2. _plat__SetCancel() */
/* Set cancel flag. */
LIB_EXPORT void
_plat__SetCancel(
void
)
//***_plat__SetCancel()
// Set cancel flag.
LIB_EXPORT void _plat__SetCancel(void)
{
s_isCanceled = TRUE;
return;
}
/* C.2.3.3. _plat__ClearCancel() */
/* Clear cancel flag */
LIB_EXPORT void
_plat__ClearCancel(
void
)
//***_plat__ClearCancel()
// Clear cancel flag
LIB_EXPORT void _plat__ClearCancel(void)
{
s_isCanceled = FALSE;
return;

36
src/tpm2/CertifyCreation_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CERTIFYCREATION_FP_H
#define CERTIFYCREATION_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CertifyCreation // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT signHandle;
TPMI_DH_OBJECT objectHandle;
TPM2B_DATA qualifyingData;
@ -73,6 +78,14 @@ typedef struct {
TPMT_TK_CREATION creationTicket;
} CertifyCreation_In;
// Output structure definition
typedef struct
{
TPM2B_ATTEST certifyInfo;
TPMT_SIGNATURE signature;
} CertifyCreation_Out;
// Response code modifiers
# define RC_CertifyCreation_signHandle (TPM_RC_H + TPM_RC_1)
# define RC_CertifyCreation_objectHandle (TPM_RC_H + TPM_RC_2)
# define RC_CertifyCreation_qualifyingData (TPM_RC_P + TPM_RC_1)
@ -80,16 +93,9 @@ typedef struct {
# define RC_CertifyCreation_inScheme (TPM_RC_P + TPM_RC_3)
# define RC_CertifyCreation_creationTicket (TPM_RC_P + TPM_RC_4)
typedef struct {
TPM2B_ATTEST certifyInfo;
TPMT_SIGNATURE signature;
} CertifyCreation_Out;
// Function prototype
TPM_RC
TPM2_CertifyCreation(
CertifyCreation_In *in, // IN: input parameter list
CertifyCreation_Out *out // OUT: output parameter list
);
TPM2_CertifyCreation(CertifyCreation_In* in, CertifyCreation_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
#endif // CC_CertifyCreation

41
src/tpm2/CertifyX509_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 155 */
#ifndef CERTIFYX509_FP_H
#define CERTIFYX509_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CertifyX509 // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT objectHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA reserved;
@ -72,22 +77,24 @@ typedef struct {
TPM2B_MAX_BUFFER partialCertificate;
} CertifyX509_In;
#define RC_CertifyX509_signHandle (TPM_RC_H + TPM_RC_1)
#define RC_CertifyX509_objectHandle (TPM_RC_H + TPM_RC_2)
#define RC_CertifyX509_reserved (TPM_RC_P + TPM_RC_1)
#define RC_CertifyX509_inScheme (TPM_RC_P + TPM_RC_2)
#define RC_CertifyX509_partialCertificate (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER addedToCertificate;
TPM2B_DIGEST tbsDigest;
TPMT_SIGNATURE signature;
} CertifyX509_Out;
TPM_RC
TPM2_CertifyX509(
CertifyX509_In *in, // IN: input parameter list
CertifyX509_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_CertifyX509_objectHandle (TPM_RC_H + TPM_RC_1)
# define RC_CertifyX509_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_CertifyX509_reserved (TPM_RC_P + TPM_RC_1)
# define RC_CertifyX509_inScheme (TPM_RC_P + TPM_RC_2)
# define RC_CertifyX509_partialCertificate (TPM_RC_P + TPM_RC_3)
#endif
// Function prototype
TPM_RC
TPM2_CertifyX509(CertifyX509_In* in, CertifyX509_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
#endif // CC_CertifyX509

38
src/tpm2/Certify_fp.h
View File

@ -59,35 +59,39 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CERTIFY_FP_H
#define CERTIFY_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Certify // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT objectHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA qualifyingData;
TPMT_SIG_SCHEME inScheme;
} Certify_In;
// Output structure definition
typedef struct
{
TPM2B_ATTEST certifyInfo;
TPMT_SIGNATURE signature;
} Certify_Out;
// Response code modifiers
# define RC_Certify_objectHandle (TPM_RC_H + TPM_RC_1)
# define RC_Certify_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_Certify_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_Certify_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
TPM2B_ATTEST certifyInfo;
TPMT_SIGNATURE signature;
} Certify_Out;
// Function prototype
TPM_RC
TPM2_Certify(
Certify_In *in, // IN: input parameter list
Certify_Out *out // OUT: output parameter list
);
TPM2_Certify(Certify_In* in, Certify_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
#endif // CC_Certify

23
src/tpm2/ChangeEPS_fp.h
View File

@ -59,21 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CHANGEEPS_FP_H
#define CHANGEEPS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ChangeEPS // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PLATFORM authHandle;
} ChangeEPS_In;
// Response code modifiers
# define RC_ChangeEPS_authHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ChangeEPS(
ChangeEPS_In *in // IN: input parameter list
);
TPM2_ChangeEPS(ChangeEPS_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
#endif // CC_ChangeEPS

25
src/tpm2/ChangePPS_fp.h
View File

@ -59,21 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CHANGEPPS_FP_H
#define CHANGEPPS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ChangePPS // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PLATFORM authHandle;
} ChangePPS_In;
#define RC_ChangePPS_authHandle (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_ChangePPS_authHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ChangePPS(
ChangePPS_In *in // IN: input parameter list
);
TPM2_ChangePPS(ChangePPS_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
#endif // CC_ChangePPS

23
src/tpm2/ClearControl_fp.h
View File

@ -59,21 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLEARCONTROL_FP_H
#define CLEARCONTROL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ClearControl // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_CLEAR auth;
TPMI_YES_NO disable;
} ClearControl_In;
// Response code modifiers
# define RC_ClearControl_auth (TPM_RC_H + TPM_RC_1)
# define RC_ClearControl_disable (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ClearControl(
ClearControl_In *in // IN: input parameter list
);
#endif
TPM2_ClearControl(ClearControl_In* in);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
#endif // CC_ClearControl

22
src/tpm2/Clear_fp.h
View File

@ -59,20 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLEAR_FP_H
#define CLEAR_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Clear // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_CLEAR authHandle;
} Clear_In;
// Response code modifiers
# define RC_Clear_authHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_Clear(
Clear_In *in // IN: input parameter list
);
TPM2_Clear(Clear_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
#endif // CC_Clear

42
src/tpm2/Clock.c
View File

@ -175,9 +175,9 @@ clock_t debugTime;
LIB_EXPORT uint64_t _plat__RealTime(void)
{
clock64_t time;
//#ifdef _MSC_VER kgold
//#ifdef _MSC_VER kgold // libtpms changed begin
#ifdef TPM_WINDOWS
#include <sys/timeb.h>
#include <sys/timeb.h> // libtpms changed end
struct _timeb sysTime;
//
_ftime(&sysTime); /* kgold, mingw doesn't have _ftime_s */
@ -354,41 +354,3 @@ LIB_EXPORT void _plat__ClockRateAdjust(_plat__ClockAdjustStep adjust)
return;
}
#if 0
/* added for portability because Linux clock is 32 bits */
#include <stdint.h>
#include <stdio.h>
#include <time.h>
#include "TpmFail_fp.h"
LIB_EXPORT uint64_t
_plat__RealTime(
void
)
{
clock64_t time;
//#ifdef _MSC_VER kgold
#ifdef TPM_WINDOWS
#include <sys/timeb.h>
struct _timeb sysTime;
//
_ftime(&sysTime); /* kgold, mingw doesn't have _ftime_s */
time = (clock64_t)(sysTime.time) * 1000 + sysTime.millitm;
// set the time back by one hour if daylight savings
if(sysTime.dstflag)
time -= 1000 * 60 * 60; // mSec/sec * sec/min * min/hour = ms/hour
#else
// hopefully, this will work with most UNIX systems
struct timespec systime;
//
clock_gettime(CLOCK_MONOTONIC, &systime);
time = (clock64_t)systime.tv_sec * 1000 + (systime.tv_nsec / 1000000);
#endif
return time;
}
#endif

23
src/tpm2/ClockRateAdjust_fp.h
View File

@ -59,23 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLOCKRATEADJUST_FP_H
#define CLOCKRATEADJUST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ClockRateAdjust // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PROVISION auth;
TPM_CLOCK_ADJUST rateAdjust;
} ClockRateAdjust_In;
// Response code modifiers
# define RC_ClockRateAdjust_auth (TPM_RC_H + TPM_RC_1)
# define RC_ClockRateAdjust_rateAdjust (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ClockRateAdjust(
ClockRateAdjust_In *in // IN: input parameter list
);
TPM2_ClockRateAdjust(ClockRateAdjust_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
#endif // CC_ClockRateAdjust

23
src/tpm2/ClockSet_fp.h
View File

@ -59,23 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLOCKSET_FP_H
#define CLOCKSET_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ClockSet // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PROVISION auth;
UINT64 newTime;
} ClockSet_In;
// Response code modifiers
# define RC_ClockSet_auth (TPM_RC_H + TPM_RC_1)
# define RC_ClockSet_newTime (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ClockSet(
ClockSet_In *in // IN: input parameter list
);
TPM2_ClockSet(ClockSet_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
#endif // CC_ClockSet

190
src/tpm2/CommandAttributeData.h
View File

@ -58,23 +58,27 @@
/* */
/********************************************************************************/
/* 5.6 CommandAttributeData.h */
/* This file should only be included by CommandCodeAttibutes.c */
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
// clang-format off
// This file should only be included by CommandCodeAttibutes.c
#ifdef _COMMAND_CODE_ATTRIBUTES_
#include "CommandAttributes.h"
#if COMPRESSED_LISTS
# define PAD_LIST 0
#else
# define PAD_LIST 1
#endif
/* This is the command code attribute array for GetCapability(). Both this array and
s_commandAttributes provides command code attributes, but tuned for different purpose */
// This is the command code attribute array for GetCapability.
// Both this array and s_commandAttributes provides command code attributes,
// but tuned for different purpose
const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_NV_UndefineSpaceSpecial)
TPMA_CC_INITIALIZER(0x011f, 0, 1, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x011F, 0, 1, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_EvictControl)
TPMA_CC_INITIALIZER(0x0120, 0, 1, 0, 0, 2, 0, 0, 0),
@ -107,22 +111,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0129, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_DefineSpace)
TPMA_CC_INITIALIZER(0x012a, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012A, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Allocate)
TPMA_CC_INITIALIZER(0x012b, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012B, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_SetAuthPolicy)
TPMA_CC_INITIALIZER(0x012c, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012C, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PP_Commands)
TPMA_CC_INITIALIZER(0x012d, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012D, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SetPrimaryPolicy)
TPMA_CC_INITIALIZER(0x012e, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012E, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_FieldUpgradeStart)
TPMA_CC_INITIALIZER(0x012f, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012F, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_ClockRateAdjust)
TPMA_CC_INITIALIZER(0x0130, 0, 0, 0, 0, 1, 0, 0, 0),
@ -155,22 +159,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0139, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_DictionaryAttackParameters)
TPMA_CC_INITIALIZER(0x013a, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013A, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_ChangeAuth)
TPMA_CC_INITIALIZER(0x013b, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013B, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Event)
TPMA_CC_INITIALIZER(0x013c, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013C, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Reset)
TPMA_CC_INITIALIZER(0x013d, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013D, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SequenceComplete)
TPMA_CC_INITIALIZER(0x013e, 0, 0, 0, 1, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013E, 0, 0, 0, 1, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SetAlgorithmSet)
TPMA_CC_INITIALIZER(0x013f, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013F, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SetCommandCodeAuditStatus)
TPMA_CC_INITIALIZER(0x0140, 0, 1, 0, 0, 1, 0, 0, 0),
@ -203,22 +207,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0149, 0, 0, 0, 0, 3, 0, 0, 0),
#endif
#if (PAD_LIST || CC_CertifyCreation)
TPMA_CC_INITIALIZER(0x014a, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014A, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Duplicate)
TPMA_CC_INITIALIZER(0x014b, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014B, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetTime)
TPMA_CC_INITIALIZER(0x014c, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014C, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetSessionAuditDigest)
TPMA_CC_INITIALIZER(0x014d, 0, 0, 0, 0, 3, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014D, 0, 0, 0, 0, 3, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_Read)
TPMA_CC_INITIALIZER(0x014e, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014E, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_ReadLock)
TPMA_CC_INITIALIZER(0x014f, 0, 1, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014F, 0, 1, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_ObjectChangeAuth)
TPMA_CC_INITIALIZER(0x0150, 0, 0, 0, 0, 2, 0, 0, 0),
@ -251,22 +255,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0159, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST)
TPMA_CC_INITIALIZER(0x015a, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015A, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || (CC_HMAC_Start || CC_MAC_Start))
TPMA_CC_INITIALIZER(0x015b, 0, 0, 0, 0, 1, 1, 0, 0),
TPMA_CC_INITIALIZER(0x015B, 0, 0, 0, 0, 1, 1, 0, 0),
#endif
#if (PAD_LIST || CC_SequenceUpdate)
TPMA_CC_INITIALIZER(0x015c, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015C, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Sign)
TPMA_CC_INITIALIZER(0x015d, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015D, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Unseal)
TPMA_CC_INITIALIZER(0x015e, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015E, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST)
TPMA_CC_INITIALIZER(0x015f, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015F, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicySigned)
TPMA_CC_INITIALIZER(0x0160, 0, 0, 0, 0, 2, 0, 0, 0),
@ -299,22 +303,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0169, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyAuthorize)
TPMA_CC_INITIALIZER(0x016a, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016A, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyAuthValue)
TPMA_CC_INITIALIZER(0x016b, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016B, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyCommandCode)
TPMA_CC_INITIALIZER(0x016c, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016C, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyCounterTimer)
TPMA_CC_INITIALIZER(0x016d, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016D, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyCpHash)
TPMA_CC_INITIALIZER(0x016e, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016E, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyLocality)
TPMA_CC_INITIALIZER(0x016f, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016F, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyNameHash)
TPMA_CC_INITIALIZER(0x0170, 0, 0, 0, 0, 1, 0, 0, 0),
@ -347,22 +351,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0179, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetCapability)
TPMA_CC_INITIALIZER(0x017a, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017A, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetRandom)
TPMA_CC_INITIALIZER(0x017b, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017B, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetTestResult)
TPMA_CC_INITIALIZER(0x017c, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017C, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Hash)
TPMA_CC_INITIALIZER(0x017d, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017D, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Read)
TPMA_CC_INITIALIZER(0x017e, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017E, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyPCR)
TPMA_CC_INITIALIZER(0x017f, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017F, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyRestart)
TPMA_CC_INITIALIZER(0x0180, 0, 0, 0, 0, 1, 0, 0, 0),
@ -395,22 +399,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0189, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_TestParms)
TPMA_CC_INITIALIZER(0x018a, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018A, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Commit)
TPMA_CC_INITIALIZER(0x018b, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018B, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyPassword)
TPMA_CC_INITIALIZER(0x018c, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018C, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_ZGen_2Phase)
TPMA_CC_INITIALIZER(0x018d, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018D, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_EC_Ephemeral)
TPMA_CC_INITIALIZER(0x018e, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018E, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyNvWritten)
TPMA_CC_INITIALIZER(0x018f, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018F, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyTemplate)
TPMA_CC_INITIALIZER(0x0190, 0, 0, 0, 0, 1, 0, 0, 0),
@ -463,15 +467,14 @@ const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_Vendor_TCG_Test)
TPMA_CC_INITIALIZER(0x0000, 0, 0, 0, 0, 0, 0, 1, 0),
#endif
TPMA_ZERO_INITIALIZER()
};
/* This is the command code attribute structure. */
// This is the command code attribute structure.
const COMMAND_ATTRIBUTES s_commandAttributes [] = {
#if (PAD_LIST || CC_NV_UndefineSpaceSpecial)
(COMMAND_ATTRIBUTES)(CC_NV_UndefineSpaceSpecial * // 0x011f
(COMMAND_ATTRIBUTES)(CC_NV_UndefineSpaceSpecial * // 0x011F
(IS_IMPLEMENTED+HANDLE_1_ADMIN+HANDLE_2_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_EvictControl)
@ -514,27 +517,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_NV_DefineSpace)
(COMMAND_ATTRIBUTES)(CC_NV_DefineSpace * // 0x012a
(COMMAND_ATTRIBUTES)(CC_NV_DefineSpace * // 0x012A
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_PCR_Allocate)
(COMMAND_ATTRIBUTES)(CC_PCR_Allocate * // 0x012b
(COMMAND_ATTRIBUTES)(CC_PCR_Allocate * // 0x012B
(IS_IMPLEMENTED+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_PCR_SetAuthPolicy)
(COMMAND_ATTRIBUTES)(CC_PCR_SetAuthPolicy * // 0x012c
(COMMAND_ATTRIBUTES)(CC_PCR_SetAuthPolicy * // 0x012C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_PP_Commands)
(COMMAND_ATTRIBUTES)(CC_PP_Commands * // 0x012d
(COMMAND_ATTRIBUTES)(CC_PP_Commands * // 0x012D
(IS_IMPLEMENTED+HANDLE_1_USER+PP_REQUIRED)),
#endif
#if (PAD_LIST || CC_SetPrimaryPolicy)
(COMMAND_ATTRIBUTES)(CC_SetPrimaryPolicy * // 0x012e
(COMMAND_ATTRIBUTES)(CC_SetPrimaryPolicy * // 0x012E
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_FieldUpgradeStart)
(COMMAND_ATTRIBUTES)(CC_FieldUpgradeStart * // 0x012f
(COMMAND_ATTRIBUTES)(CC_FieldUpgradeStart * // 0x012F
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_ADMIN+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_ClockRateAdjust)
@ -578,27 +581,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_DictionaryAttackParameters)
(COMMAND_ATTRIBUTES)(CC_DictionaryAttackParameters * // 0x013a
(COMMAND_ATTRIBUTES)(CC_DictionaryAttackParameters * // 0x013A
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_NV_ChangeAuth)
(COMMAND_ATTRIBUTES)(CC_NV_ChangeAuth * // 0x013b
(COMMAND_ATTRIBUTES)(CC_NV_ChangeAuth * // 0x013B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_ADMIN)),
#endif
#if (PAD_LIST || CC_PCR_Event)
(COMMAND_ATTRIBUTES)(CC_PCR_Event * // 0x013c
(COMMAND_ATTRIBUTES)(CC_PCR_Event * // 0x013C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_PCR_Reset)
(COMMAND_ATTRIBUTES)(CC_PCR_Reset * // 0x013d
(COMMAND_ATTRIBUTES)(CC_PCR_Reset * // 0x013D
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_SequenceComplete)
(COMMAND_ATTRIBUTES)(CC_SequenceComplete * // 0x013e
(COMMAND_ATTRIBUTES)(CC_SequenceComplete * // 0x013E
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_SetAlgorithmSet)
(COMMAND_ATTRIBUTES)(CC_SetAlgorithmSet * // 0x013f
(COMMAND_ATTRIBUTES)(CC_SetAlgorithmSet * // 0x013F
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_SetCommandCodeAuditStatus)
@ -642,27 +645,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_CertifyCreation)
(COMMAND_ATTRIBUTES)(CC_CertifyCreation * // 0x014a
(COMMAND_ATTRIBUTES)(CC_CertifyCreation * // 0x014A
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_Duplicate)
(COMMAND_ATTRIBUTES)(CC_Duplicate * // 0x014b
(COMMAND_ATTRIBUTES)(CC_Duplicate * // 0x014B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_DUP+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetTime)
(COMMAND_ATTRIBUTES)(CC_GetTime * // 0x014c
(COMMAND_ATTRIBUTES)(CC_GetTime * // 0x014C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+HANDLE_2_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetSessionAuditDigest)
(COMMAND_ATTRIBUTES)(CC_GetSessionAuditDigest * // 0x014d
(COMMAND_ATTRIBUTES)(CC_GetSessionAuditDigest * // 0x014D
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+HANDLE_2_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_NV_Read)
(COMMAND_ATTRIBUTES)(CC_NV_Read * // 0x014e
(COMMAND_ATTRIBUTES)(CC_NV_Read * // 0x014E
(IS_IMPLEMENTED+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_NV_ReadLock)
(COMMAND_ATTRIBUTES)(CC_NV_ReadLock * // 0x014f
(COMMAND_ATTRIBUTES)(CC_NV_ReadLock * // 0x014F
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_ObjectChangeAuth)
@ -706,26 +709,26 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST)
(COMMAND_ATTRIBUTES)(0), // 0x015a
(COMMAND_ATTRIBUTES)(0), // 0x015A
#endif
#if (PAD_LIST || (CC_HMAC_Start || CC_MAC_Start))
(COMMAND_ATTRIBUTES)((CC_HMAC_Start || CC_MAC_Start) * // 0x015b
(COMMAND_ATTRIBUTES)((CC_HMAC_Start || CC_MAC_Start) * // 0x015B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+R_HANDLE)),
#endif
#if (PAD_LIST || CC_SequenceUpdate)
(COMMAND_ATTRIBUTES)(CC_SequenceUpdate * // 0x015c
(COMMAND_ATTRIBUTES)(CC_SequenceUpdate * // 0x015C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_Sign)
(COMMAND_ATTRIBUTES)(CC_Sign * // 0x015d
(COMMAND_ATTRIBUTES)(CC_Sign * // 0x015D
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_Unseal)
(COMMAND_ATTRIBUTES)(CC_Unseal * // 0x015e
(COMMAND_ATTRIBUTES)(CC_Unseal * // 0x015E
(IS_IMPLEMENTED+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST)
(COMMAND_ATTRIBUTES)(0), // 0x015f
(COMMAND_ATTRIBUTES)(0), // 0x015F
#endif
#if (PAD_LIST || CC_PolicySigned)
(COMMAND_ATTRIBUTES)(CC_PolicySigned * // 0x0160
@ -767,27 +770,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PolicyAuthorize)
(COMMAND_ATTRIBUTES)(CC_PolicyAuthorize * // 0x016a
(COMMAND_ATTRIBUTES)(CC_PolicyAuthorize * // 0x016A
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyAuthValue)
(COMMAND_ATTRIBUTES)(CC_PolicyAuthValue * // 0x016b
(COMMAND_ATTRIBUTES)(CC_PolicyAuthValue * // 0x016B
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyCommandCode)
(COMMAND_ATTRIBUTES)(CC_PolicyCommandCode * // 0x016c
(COMMAND_ATTRIBUTES)(CC_PolicyCommandCode * // 0x016C
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyCounterTimer)
(COMMAND_ATTRIBUTES)(CC_PolicyCounterTimer * // 0x016d
(COMMAND_ATTRIBUTES)(CC_PolicyCounterTimer * // 0x016D
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyCpHash)
(COMMAND_ATTRIBUTES)(CC_PolicyCpHash * // 0x016e
(COMMAND_ATTRIBUTES)(CC_PolicyCpHash * // 0x016E
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyLocality)
(COMMAND_ATTRIBUTES)(CC_PolicyLocality * // 0x016f
(COMMAND_ATTRIBUTES)(CC_PolicyLocality * // 0x016F
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyNameHash)
@ -830,27 +833,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetCapability)
(COMMAND_ATTRIBUTES)(CC_GetCapability * // 0x017a
(COMMAND_ATTRIBUTES)(CC_GetCapability * // 0x017A
(IS_IMPLEMENTED)),
#endif
#if (PAD_LIST || CC_GetRandom)
(COMMAND_ATTRIBUTES)(CC_GetRandom * // 0x017b
(COMMAND_ATTRIBUTES)(CC_GetRandom * // 0x017B
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetTestResult)
(COMMAND_ATTRIBUTES)(CC_GetTestResult * // 0x017c
(COMMAND_ATTRIBUTES)(CC_GetTestResult * // 0x017C
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_Hash)
(COMMAND_ATTRIBUTES)(CC_Hash * // 0x017d
(COMMAND_ATTRIBUTES)(CC_Hash * // 0x017D
(IS_IMPLEMENTED+DECRYPT_2+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PCR_Read)
(COMMAND_ATTRIBUTES)(CC_PCR_Read * // 0x017e
(COMMAND_ATTRIBUTES)(CC_PCR_Read * // 0x017E
(IS_IMPLEMENTED)),
#endif
#if (PAD_LIST || CC_PolicyPCR)
(COMMAND_ATTRIBUTES)(CC_PolicyPCR * // 0x017f
(COMMAND_ATTRIBUTES)(CC_PolicyPCR * // 0x017F
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyRestart)
@ -894,27 +897,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+ALLOW_TRIAL+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_TestParms)
(COMMAND_ATTRIBUTES)(CC_TestParms * // 0x018a
(COMMAND_ATTRIBUTES)(CC_TestParms * // 0x018A
(IS_IMPLEMENTED)),
#endif
#if (PAD_LIST || CC_Commit)
(COMMAND_ATTRIBUTES)(CC_Commit * // 0x018b
(COMMAND_ATTRIBUTES)(CC_Commit * // 0x018B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PolicyPassword)
(COMMAND_ATTRIBUTES)(CC_PolicyPassword * // 0x018c
(COMMAND_ATTRIBUTES)(CC_PolicyPassword * // 0x018C
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_ZGen_2Phase)
(COMMAND_ATTRIBUTES)(CC_ZGen_2Phase * // 0x018d
(COMMAND_ATTRIBUTES)(CC_ZGen_2Phase * // 0x018D
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_EC_Ephemeral)
(COMMAND_ATTRIBUTES)(CC_EC_Ephemeral * // 0x018e
(COMMAND_ATTRIBUTES)(CC_EC_Ephemeral * // 0x018E
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PolicyNvWritten)
(COMMAND_ATTRIBUTES)(CC_PolicyNvWritten * // 0x018f
(COMMAND_ATTRIBUTES)(CC_PolicyNvWritten * // 0x018F
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyTemplate)
@ -985,7 +988,6 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(COMMAND_ATTRIBUTES)(CC_Vendor_TCG_Test * // 0x0000
(IS_IMPLEMENTED+DECRYPT_2+ENCRYPT_2)),
#endif
0
};

20
src/tpm2/CommandAttributes.h
View File

@ -59,14 +59,19 @@
/* */
/********************************************************************************/
#ifndef COMMANDATTRIBUTES_H
#define COMMANDATTRIBUTES_H
/*(Auto-generated)
* Created by TpmStructures; Version 4.4 Mar 26, 2019
* Date: Aug 30, 2019 Time: 02:11:52PM
*/
/* 5.7 CommandAttributes.h */
/* The attributes defined in this file are produced by the parser that creates the structure
definitions from Part 3. The attributes are defined in that parser and should track the
attributes being tested in CommandCodeAttributes.c. Generally, when an attribute is added to this
list, new code will be needed in CommandCodeAttributes.c to test it. */
// The attributes defined in this file are produced by the parser that
// creates the structure definitions from Part 3. The attributes are defined
// in that parser and should track the attributes being tested in
// CommandCodeAttributes.c. Generally, when an attribute is added to this list,
// new code will be needed in CommandCodeAttributes.c to test it.
#ifndef COMMAND_ATTRIBUTES_H
#define COMMAND_ATTRIBUTES_H
typedef UINT16 COMMAND_ATTRIBUTES;
#define NOT_IMPLEMENTED (COMMAND_ATTRIBUTES)(0)
@ -85,4 +90,5 @@ typedef UINT16 COMMAND_ATTRIBUTES;
#define PP_REQUIRED ((COMMAND_ATTRIBUTES)1 << 12)
#define R_HANDLE ((COMMAND_ATTRIBUTES)1 << 13)
#define ALLOW_TRIAL ((COMMAND_ATTRIBUTES)1 << 14)
#endif // COMMAND_ATTRIBUTES_H

100
src/tpm2/CommandAudit_fp.h
View File

@ -58,41 +58,91 @@
/* */
/********************************************************************************/
#ifndef COMMANDAUDIT_FP_H
#define COMMANDAUDIT_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Apr 2, 2019 Time: 04:23:27PM
*/
void
CommandAuditPreInstall_Init(
void
#ifndef _COMMAND_AUDIT_FP_H_
#define _COMMAND_AUDIT_FP_H_
//*** CommandAuditPreInstall_Init()
// This function initializes the command audit list. This function simulates
// the behavior of manufacturing. A function is used instead of a structure
// definition because this is easier than figuring out the initialization value
// for a bit array.
//
// This function would not be implemented outside of a manufacturing or
// simulation environment.
void CommandAuditPreInstall_Init(void);
//*** CommandAuditStartup()
// This function clears the command audit digest on a TPM Reset.
BOOL CommandAuditStartup(STARTUP_TYPE type // IN: start up type
);
BOOL
CommandAuditStartup(
STARTUP_TYPE type // IN: start up type
//*** CommandAuditSet()
// This function will SET the audit flag for a command. This function
// will not SET the audit flag for a command that is not implemented. This
// ensures that the audit status is not SET when TPM2_GetCapability() is
// used to read the list of audited commands.
//
// This function is only used by TPM2_SetCommandCodeAuditStatus().
//
// The actions in TPM2_SetCommandCodeAuditStatus() are expected to cause the
// changes to be saved to NV after it is setting and clearing bits.
// Return Type: BOOL
// TRUE(1) command code audit status was changed
// FALSE(0) command code audit status was not changed
BOOL CommandAuditSet(TPM_CC commandCode // IN: command code
);
BOOL
CommandAuditSet(
TPM_CC commandCode // IN: command code
//*** CommandAuditClear()
// This function will CLEAR the audit flag for a command. It will not CLEAR the
// audit flag for TPM_CC_SetCommandCodeAuditStatus().
//
// This function is only used by TPM2_SetCommandCodeAuditStatus().
//
// The actions in TPM2_SetCommandCodeAuditStatus() are expected to cause the
// changes to be saved to NV after it is setting and clearing bits.
// Return Type: BOOL
// TRUE(1) command code audit status was changed
// FALSE(0) command code audit status was not changed
BOOL CommandAuditClear(TPM_CC commandCode // IN: command code
);
BOOL
CommandAuditClear(
TPM_CC commandCode // IN: command code
);
BOOL
CommandAuditIsRequired(
COMMAND_INDEX commandIndex // IN: command index
//*** CommandAuditIsRequired()
// This function indicates if the audit flag is SET for a command.
// Return Type: BOOL
// TRUE(1) command is audited
// FALSE(0) command is not audited
BOOL CommandAuditIsRequired(COMMAND_INDEX commandIndex // IN: command index
);
//*** CommandAuditCapGetCCList()
// This function returns a list of commands that have their audit bit SET.
//
// The list starts at the input commandCode.
// Return Type: TPMI_YES_NO
// YES if there are more command code available
// NO all the available command code has been returned
TPMI_YES_NO
CommandAuditCapGetCCList(
TPM_CC commandCode, // IN: start command code
CommandAuditCapGetCCList(TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: count of returned TPM_CC
TPML_CC* commandList // OUT: list of TPM_CC
);
//*** CommandAuditCapGetOneCC()
// This function returns true if a command has its audit bit set.
BOOL CommandAuditCapGetOneCC(TPM_CC commandCode // IN: command code
);
void
CommandAuditGetDigest(
TPM2B_DIGEST *digest // OUT: command digest
//*** CommandAuditGetDigest
// This command is used to create a digest of the commands being audited. The
// commands are processed in ascending numeric order with a list of TPM_CC being
// added to a hash. This operates as if all the audited command codes were
// concatenated and then hashed.
void CommandAuditGetDigest(TPM2B_DIGEST* digest // OUT: command digest
);
#endif
#endif // _COMMAND_AUDIT_FP_H_

290
src/tpm2/CommandCodeAttributes.c
View File

@ -58,40 +58,44 @@
/* */
/********************************************************************************/
/* 9.3 CommandCodeAttributes.c */
/* 9.3.1 Introduction */
/* This file contains the functions for testing various command properties. */
/* 9.3.2 Includes and Defines */
//** Introduction
// This file contains the functions for testing various command properties.
//** Includes and Defines
#include "Tpm.h"
#include "CommandCodeAttributes_fp.h"
/* Set the default value for CC_VEND if not already set */
// Set the default value for CC_VEND if not already set
#ifndef CC_VEND
# define CC_VEND (TPM_CC)(0x20000000)
#endif
typedef UINT16 ATTRIBUTE_TYPE;
/* The following file is produced from the command tables in part 3 of the specification. It defines
the attributes for each of the commands. */
/* NOTE: This file is currently produced by an automated process. Files produced from Part 2 or Part
3 tables through automated processes are not included in the specification so that there is no
ambiguity about the table containing the information being the normative definition. */
// The following file is produced from the command tables in part 3 of the
// specification. It defines the attributes for each of the commands.
// NOTE: This file is currently produced by an automated process. Files
// produced from Part 2 or Part 3 tables through automated processes are not
// included in the specification so that their is no ambiguity about the
// table containing the information being the normative definition.
#define _COMMAND_CODE_ATTRIBUTES_
#include "CommandAttributeData.h"
/* 9.3.3 Command Attribute Functions */
/* 9.3.3.1 NextImplementedIndex() */
/* This function is used when the lists are not compressed. In a compressed list, only the
implemented commands are present. So, a search might find a value but that value may not be
implemented. This function checks to see if the input commandIndex points to an implemented
command and, if not, it searches upwards until it finds one. When the list is compressed, this
function gets defined as a no-op. */
/* Return Value Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
//** Command Attribute Functions
//*** NextImplementedIndex()
// This function is used when the lists are not compressed. In a compressed list,
// only the implemented commands are present. So, a search might find a value
// but that value may not be implemented. This function checks to see if the input
// commandIndex points to an implemented command and, if not, it searches upwards
// until it finds one. When the list is compressed, this function gets defined
// as a no-op.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of the command
#if !COMPRESSED_LISTS
static COMMAND_INDEX
NextImplementedIndex(
COMMAND_INDEX commandIndex
)
static COMMAND_INDEX NextImplementedIndex(COMMAND_INDEX commandIndex)
{
for(; commandIndex < COMMAND_COUNT; commandIndex++)
{
@ -106,20 +110,20 @@ NextImplementedIndex(
#else
# define NextImplementedIndex(x) (x)
#endif
/* 9.3.3.2 GetClosestCommandIndex() */
/* This function returns the command index for the command with a value that is equal to or greater
than the input value */
/* Return Value Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
//*** GetClosestCommandIndex()
// This function returns the command index for the command with a value that is
// equal to or greater than the input value
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of a command
COMMAND_INDEX
GetClosestCommandIndex(
TPM_CC commandCode // IN: the command code to start at
GetClosestCommandIndex(TPM_CC commandCode // IN: the command code to start at
)
{
BOOL vendor = (commandCode & CC_VEND) != 0;
COMMAND_INDEX searchIndex = (COMMAND_INDEX)commandCode;
// The commandCode is a UINT32 and the search index is UINT16. We are going to
// search for a match but need to make sure that the commandCode value is not
// out of range. To do this, need to clear the vendor bit of the commandCode
@ -127,6 +131,7 @@ GetClosestCommandIndex(
// out of range, indicate that the command is not implemented
if((commandCode & ~CC_VEND) != searchIndex)
return UNIMPLEMENTED_COMMAND_INDEX;
// if there is at least one vendor command, the last entry in the array will
// have the v bit set. If the input commandCode is larger than the last
// vendor-command, then it is out of range.
@ -144,8 +149,8 @@ GetClosestCommandIndex(
// entry.
// Note: Put this check first so that the typical case of only one vendor-
// specific command doesn't waste any more time.
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE], TPMA_CC,
commandIndex) >= searchIndex)
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE], TPMA_CC, commandIndex)
>= searchIndex)
{
// the vendor array is always assumed to be packed so there is
// no need to check to see if the command is implemented
@ -193,8 +198,9 @@ GetClosestCommandIndex(
#endif
}
// Get here if the V-Bit was not set in 'commandCode'
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE - 1], TPMA_CC,
commandIndex) < searchIndex)
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE - 1], TPMA_CC, commandIndex)
< searchIndex)
{
// requested index is out of the range to the top
#if VENDOR_COMMAND_ARRAY_SIZE > 0
@ -230,13 +236,14 @@ GetClosestCommandIndex(
// The s_ccAttr array contains an extra entry at the end (a zero value).
// Don't count this as an array entry. This means that max should start
// out pointing to the last valid entry in the array which is - 2
pAssert(max == (sizeof(s_ccAttr) / sizeof(TPMA_CC)
- VENDOR_COMMAND_ARRAY_SIZE - 2));
pAssert(
max
== (sizeof(s_ccAttr) / sizeof(TPMA_CC) - VENDOR_COMMAND_ARRAY_SIZE - 2));
while(min <= max)
{
commandIndex = (min + max + 1) / 2;
diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC,
commandIndex) - searchIndex;
diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex)
- searchIndex;
if(diff == 0)
return commandIndex;
if(diff > 0)
@ -259,19 +266,20 @@ GetClosestCommandIndex(
// The list is not compressed so offset into the array by the command
// code value of the first entry in the list. Then go find the first
// implemented command.
return NextImplementedIndex(searchIndex
- (COMMAND_INDEX)GET_ATTRIBUTE(s_ccAttr[0], TPMA_CC, commandIndex)); // libtpms changed
return NextImplementedIndex(
searchIndex - (COMMAND_INDEX)GET_ATTRIBUTE(s_ccAttr[0], TPMA_CC, commandIndex)); // libtpms changed
#endif
}
}
/* 9.3.3.3 CommandCodeToComandIndex() */
/* This function returns the index in the various attributes arrays of the command. */
/* Return Values Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
//*** CommandCodeToComandIndex()
// This function returns the index in the various attributes arrays of the
// command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of the command
COMMAND_INDEX
CommandCodeToCommandIndex(
TPM_CC commandCode // IN: the command code to look up
CommandCodeToCommandIndex(TPM_CC commandCode // IN: the command code to look up
)
{
// Extract the low 16-bits of the command code to get the starting search index
@ -297,6 +305,7 @@ CommandCodeToCommandIndex(
#endif
// Need this code for any vendor code lookup or for compressed lists
commandIndex = GetClosestCommandIndex(commandCode);
// Look at the returned value from get closest. If it isn't the one that was
// requested, then the command is not implemented.
// libtpms: Or it may be runtime-disabled
@ -311,14 +320,14 @@ CommandCodeToCommandIndex(
}
return commandIndex;
}
/* 9.3.3.4 GetNextCommandIndex() */
/* This function returns the index of the next implemented command. */
/* Return Values Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX no more implemented commands */
/* other the index of the next implemented command */
//*** GetNextCommandIndex()
// This function returns the index of the next implemented command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX no more implemented commands
// other the index of the next implemented command
COMMAND_INDEX
GetNextCommandIndex(
COMMAND_INDEX commandIndex // IN: the starting index
GetNextCommandIndex(COMMAND_INDEX commandIndex // IN: the starting index
)
{
while(++commandIndex < COMMAND_COUNT)
@ -334,29 +343,30 @@ GetNextCommandIndex(
}
return UNIMPLEMENTED_COMMAND_INDEX;
}
/* 9.3.3.5 GetCommandCode() */
/* This function returns the commandCode associated with the command index */
//*** GetCommandCode()
// This function returns the commandCode associated with the command index
TPM_CC
GetCommandCode(
COMMAND_INDEX commandIndex // IN: the command index
GetCommandCode(COMMAND_INDEX commandIndex // IN: the command index
)
{
TPM_CC commandCode = GET_ATTRIBUTE(s_ccAttr[commandIndex],
TPMA_CC, commandIndex);
TPM_CC commandCode = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex);
if(IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
commandCode += CC_VEND;
return commandCode;
}
/* 9.3.3.6 CommandAuthRole() */
/* This function returns the authorization role required of a handle. */
/* Return Values Meaning */
/* AUTH_NONE no authorization is required */
/* AUTH_USER user role authorization is required */
/* AUTH_ADMIN admin role authorization is required */
/* AUTH_DUP duplication role authorization is required */
//*** CommandAuthRole()
//
// This function returns the authorization role required of a handle.
//
// Return Type: AUTH_ROLE
// AUTH_NONE no authorization is required
// AUTH_USER user role authorization is required
// AUTH_ADMIN admin role authorization is required
// AUTH_DUP duplication role authorization is required
AUTH_ROLE
CommandAuthRole(
COMMAND_INDEX commandIndex, // IN: command index
CommandAuthRole(COMMAND_INDEX commandIndex, // IN: command index
UINT32 handleIndex // IN: handle index (zero based)
)
{
@ -364,6 +374,7 @@ CommandAuthRole(
{
// Any authorization role set?
COMMAND_ATTRIBUTES properties = s_commandAttributes[commandIndex];
if(properties & HANDLE_1_USER)
return AUTH_USER;
if(properties & HANDLE_1_ADMIN)
@ -378,72 +389,63 @@ CommandAuthRole(
}
return AUTH_NONE;
}
/* 9.3.3.7 EncryptSize() */
/* This function returns the size of the decrypt size field. This function returns 0 if encryption
is not allowed */
/* Return Values Meaning */
/* 0 encryption not allowed */
/* 2 size field is two bytes */
/* 4 size field is four bytes */
int
EncryptSize(
COMMAND_INDEX commandIndex // IN: command index
//*** EncryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if encryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int EncryptSize(COMMAND_INDEX commandIndex // IN: command index
)
{
return ((s_commandAttributes[commandIndex] & ENCRYPT_2) ? 2 :
(s_commandAttributes[commandIndex] & ENCRYPT_4) ? 4 : 0);
return ((s_commandAttributes[commandIndex] & ENCRYPT_2) ? 2
: (s_commandAttributes[commandIndex] & ENCRYPT_4) ? 4
: 0);
}
/* 9.3.3.8 DecryptSize() */
/* This function returns the size of the decrypt size field. This function returns 0 if decryption
is not allowed */
/* Return Values Meaning */
/* 0 encryption not allowed */
/* 2 size field is two bytes */
/* 4 size field is four bytes */
int
DecryptSize(
COMMAND_INDEX commandIndex // IN: command index
//*** DecryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if decryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int DecryptSize(COMMAND_INDEX commandIndex // IN: command index
)
{
return ((s_commandAttributes[commandIndex] & DECRYPT_2) ? 2 :
(s_commandAttributes[commandIndex] & DECRYPT_4) ? 4 : 0);
return ((s_commandAttributes[commandIndex] & DECRYPT_2) ? 2
: (s_commandAttributes[commandIndex] & DECRYPT_4) ? 4
: 0);
}
/* 9.3.3.9 IsSessionAllowed() */
/* This function indicates if the command is allowed to have sessions. */
/* This function must not be called if the command is not known to be implemented. */
/* Return Values Meaning */
/* TRUE session is allowed with this command */
/* FALSE session is not allowed with this command */
BOOL
IsSessionAllowed(
COMMAND_INDEX commandIndex // IN: the command to be checked
//*** IsSessionAllowed()
//
// This function indicates if the command is allowed to have sessions.
//
// This function must not be called if the command is not known to be implemented.
//
// Return Type: BOOL
// TRUE(1) session is allowed with this command
// FALSE(0) session is not allowed with this command
BOOL IsSessionAllowed(COMMAND_INDEX commandIndex // IN: the command to be checked
)
{
return ((s_commandAttributes[commandIndex] & NO_SESSIONS) == 0);
}
/* 9.3.3.10 IsHandleInResponse() */
/* This function determines if a command has a handle in the response */
BOOL
IsHandleInResponse(
COMMAND_INDEX commandIndex
)
//*** IsHandleInResponse()
// This function determines if a command has a handle in the response
BOOL IsHandleInResponse(COMMAND_INDEX commandIndex)
{
return ((s_commandAttributes[commandIndex] & R_HANDLE) != 0);
}
/* 9.3.3.11 IsWriteOperation() */
/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
read-lock */
BOOL
IsWriteOperation(
COMMAND_INDEX commandIndex // IN: Command to check
//*** IsWriteOperation()
// Checks to see if an operation will write to an NV Index and is subject to being
// blocked by read-lock
BOOL IsWriteOperation(COMMAND_INDEX commandIndex // IN: Command to check
)
{
#ifdef WRITE_LOCK
@ -478,17 +480,17 @@ IsWriteOperation(
return FALSE;
#endif
}
/* 9.3.3.12 IsReadOperation() */
/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
write-lock. */
BOOL
IsReadOperation(
COMMAND_INDEX commandIndex // IN: Command to check
//*** IsReadOperation()
// Checks to see if an operation will write to an NV Index and is
// subject to being blocked by write-lock.
BOOL IsReadOperation(COMMAND_INDEX commandIndex // IN: Command to check
)
{
#ifdef READ_LOCK
return ((s_commandAttributes[commandIndex] & READ_LOCK) != 0);
#else
if(!IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
{
switch(GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex))
@ -508,15 +510,15 @@ IsReadOperation(
return FALSE;
#endif
}
/* 9.3.3.13 CommandCapGetCCList() */
/* This function returns a list of implemented commands and command attributes starting from the
command in commandCode. */
/* Return Values Meaning */
/* YES more command attributes are available */
/* NO no more command attributes are available */
//*** CommandCapGetCCList()
// This function returns a list of implemented commands and command attributes
// starting from the command in 'commandCode'.
// Return Type: TPMI_YES_NO
// YES more command attributes are available
// NO no more command attributes are available
TPMI_YES_NO
CommandCapGetCCList(
TPM_CC commandCode, // IN: start command code
CommandCapGetCCList(TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: maximum count for number of entries in
// 'commandList'
TPML_CCA* commandList // OUT: list of TPMA_CC
@ -524,8 +526,10 @@ CommandCapGetCCList(
{
TPMI_YES_NO more = NO;
COMMAND_INDEX commandIndex;
// initialize output handle list count
commandList->count = 0;
for(commandIndex = GetClosestCommandIndex(commandCode);
commandIndex != UNIMPLEMENTED_COMMAND_INDEX;
commandIndex = GetNextCommandIndex(commandIndex))
@ -542,8 +546,8 @@ CommandCapGetCCList(
if(commandList->count < count)
{
// If the list is not full, add the attributes for this command.
commandList->commandAttributes[commandList->count]
= s_ccAttr[commandIndex];
commandList->commandAttributes[commandList->count] =
s_ccAttr[commandIndex];
commandList->count++;
}
else
@ -556,6 +560,7 @@ CommandCapGetCCList(
}
return more;
}
//*** CommandCapGetOneCC()
// This function checks whether a command is implemented, and returns its
// attributes if so.
@ -572,18 +577,15 @@ BOOL CommandCapGetOneCC(TPM_CC commandCode, // IN: command code
return FALSE;
}
#if 0 /* libtpms added */
/* 9.3.3.14 IsVendorCommand() */
/* Function indicates if a command index references a vendor command. */
/* Return Values Meaning */
/* TRUE command is a vendor command */
/* FALSE command is not a vendor command */
BOOL
IsVendorCommand(
COMMAND_INDEX commandIndex // IN: command index to check
//*** IsVendorCommand()
// Function indicates if a command index references a vendor command.
// Return Type: BOOL
// TRUE(1) command is a vendor command
// FALSE(0) command is not a vendor command
BOOL IsVendorCommand(COMMAND_INDEX commandIndex // IN: command index to check
)
{
return (IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V));
}
#endif /* libtpms added */

147
src/tpm2/CommandCodeAttributes_fp.h
View File

@ -58,70 +58,141 @@
/* */
/********************************************************************************/
#ifndef COMMANDCODEATTRIBUTES_FP_H
#define COMMANDCODEATTRIBUTES_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
#ifndef _COMMAND_CODE_ATTRIBUTES_FP_H_
#define _COMMAND_CODE_ATTRIBUTES_FP_H_
//*** GetClosestCommandIndex()
// This function returns the command index for the command with a value that is
// equal to or greater than the input value
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of a command
COMMAND_INDEX
GetClosestCommandIndex(
TPM_CC commandCode // IN: the command code to start at
GetClosestCommandIndex(TPM_CC commandCode // IN: the command code to start at
);
//*** CommandCodeToComandIndex()
// This function returns the index in the various attributes arrays of the
// command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of the command
COMMAND_INDEX
CommandCodeToCommandIndex(
TPM_CC commandCode // IN: the command code to look up
CommandCodeToCommandIndex(TPM_CC commandCode // IN: the command code to look up
);
//*** GetNextCommandIndex()
// This function returns the index of the next implemented command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX no more implemented commands
// other the index of the next implemented command
COMMAND_INDEX
GetNextCommandIndex(
COMMAND_INDEX commandIndex // IN: the starting index
GetNextCommandIndex(COMMAND_INDEX commandIndex // IN: the starting index
);
//*** GetCommandCode()
// This function returns the commandCode associated with the command index
TPM_CC
GetCommandCode(
COMMAND_INDEX commandIndex // IN: the command index
GetCommandCode(COMMAND_INDEX commandIndex // IN: the command index
);
//*** CommandAuthRole()
//
// This function returns the authorization role required of a handle.
//
// Return Type: AUTH_ROLE
// AUTH_NONE no authorization is required
// AUTH_USER user role authorization is required
// AUTH_ADMIN admin role authorization is required
// AUTH_DUP duplication role authorization is required
AUTH_ROLE
CommandAuthRole(
COMMAND_INDEX commandIndex, // IN: command index
CommandAuthRole(COMMAND_INDEX commandIndex, // IN: command index
UINT32 handleIndex // IN: handle index (zero based)
);
int
EncryptSize(
COMMAND_INDEX commandIndex // IN: command index
//*** EncryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if encryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int EncryptSize(COMMAND_INDEX commandIndex // IN: command index
);
int
DecryptSize(
COMMAND_INDEX commandIndex // IN: command index
//*** DecryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if decryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int DecryptSize(COMMAND_INDEX commandIndex // IN: command index
);
BOOL
IsSessionAllowed(
COMMAND_INDEX commandIndex // IN: the command to be checked
//*** IsSessionAllowed()
//
// This function indicates if the command is allowed to have sessions.
//
// This function must not be called if the command is not known to be implemented.
//
// Return Type: BOOL
// TRUE(1) session is allowed with this command
// FALSE(0) session is not allowed with this command
BOOL IsSessionAllowed(COMMAND_INDEX commandIndex // IN: the command to be checked
);
BOOL
IsHandleInResponse(
COMMAND_INDEX commandIndex
//*** IsHandleInResponse()
// This function determines if a command has a handle in the response
BOOL IsHandleInResponse(COMMAND_INDEX commandIndex);
//*** IsWriteOperation()
// Checks to see if an operation will write to an NV Index and is subject to being
// blocked by read-lock
BOOL IsWriteOperation(COMMAND_INDEX commandIndex // IN: Command to check
);
BOOL
IsWriteOperation(
COMMAND_INDEX commandIndex // IN: Command to check
);
BOOL
IsReadOperation(
COMMAND_INDEX commandIndex // IN: Command to check
//*** IsReadOperation()
// Checks to see if an operation will write to an NV Index and is
// subject to being blocked by write-lock.
BOOL IsReadOperation(COMMAND_INDEX commandIndex // IN: Command to check
);
//*** CommandCapGetCCList()
// This function returns a list of implemented commands and command attributes
// starting from the command in 'commandCode'.
// Return Type: TPMI_YES_NO
// YES more command attributes are available
// NO no more command attributes are available
TPMI_YES_NO
CommandCapGetCCList(
TPM_CC commandCode, // IN: start command code
CommandCapGetCCList(TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: maximum count for number of entries in
// 'commandList'
TPML_CCA* commandList // OUT: list of TPMA_CC
);
//*** CommandCapGetOneCC()
// This function checks whether a command is implemented, and returns its
// attributes if so.
BOOL CommandCapGetOneCC(TPM_CC commandCode, // IN: command code
TPMA_CC* commandAttributes // OUT: Command attributes
);
#if 0 /* libtpms added */
BOOL
IsVendorCommand(
COMMAND_INDEX commandIndex // IN: command index to check
//*** IsVendorCommand()
// Function indicates if a command index references a vendor command.
// Return Type: BOOL
// TRUE(1) command is a vendor command
// FALSE(0) command is not a vendor command
BOOL IsVendorCommand(COMMAND_INDEX commandIndex // IN: command index to check
);
#endif /* libtpms added */
#endif
#endif // _COMMAND_CODE_ATTRIBUTES_FP_H_

1763
src/tpm2/CommandDispatchData.h
View File

File diff suppressed because it is too large Load Diff

188
src/tpm2/CommandDispatcher.c
View File

@ -59,43 +59,69 @@
/* */
/********************************************************************************/
/* 6.3 CommandDispatcher.c */
/* CommandDispatcher() performs the following operations: */
/* * unmarshals command parameters from the input buffer; */
/* NOTE Unlike other unmarshaling functions, parmBufferStart does not advance. parmBufferSize Is
reduced. */
/* * invokes the function that performs the command actions; */
/* * marshals the returned handles, if any; and */
/* * marshals the returned parameters, if any, into the output buffer putting in the
* parameterSize field if authorization sessions are present. */
/* NOTE 1 The output buffer is the return from the MemoryGetResponseBuffer() function. It includes
the header, handles, response parameters, and authorization area. respParmSize is the response
parameter size, and does not include the header, handles, or authorization area. */
/* NOTE 2 The reference implementation is permitted to do compare operations over a union as a byte
array. Therefore, the command parameter in structure must be initialized (e.g., zeroed) before
unmarshaling so that the compare operation is valid in cases where some bytes are unused. */
/* 6.3.1.1 Includes and Typedefs */
//* Includes and Typedefs
#include "Tpm.h"
// #include "Marshal.h" kgold
#include "Marshal.h"
#if TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
#if TABLE_DRIVEN_DISPATCH
typedef TPM_RC(NoFlagFunction)(void* target, BYTE** buffer, INT32* size);
typedef TPM_RC(FlagFunction)(void* target, BYTE** buffer, INT32* size, BOOL flag);
typedef FlagFunction* UNMARSHAL_t;
typedef INT16(MarshalFunction)(void* source, BYTE** buffer, INT32* size);
typedef MarshalFunction* MARSHAL_t;
typedef TPM_RC(COMMAND_NO_ARGS)(void);
typedef TPM_RC(COMMAND_IN_ARG)(void* in);
typedef TPM_RC(COMMAND_OUT_ARG)(void* out);
typedef TPM_RC(COMMAND_INOUT_ARG)(void* in, void* out);
typedef union
typedef union COMMAND_t
{
COMMAND_NO_ARGS* noArgs;
COMMAND_IN_ARG* inArg;
COMMAND_OUT_ARG* outArg;
COMMAND_INOUT_ARG* inOutArg;
} COMMAND_t;
typedef struct
// This structure is used by ParseHandleBuffer() and CommandDispatcher(). The
// parameters in this structure are unique for each command. The parameters are:
// command holds the address of the command processing function that is called
// by Command Dispatcher
// inSize This is the size of the command-dependent input structure. The
// input structure holds the unmarshaled handles and command
// parameters. If the command takes no arguments (handles or
// parameters) then inSize will have a value of 0.
// outSize This is the size of the command-dependent output structure. The
// output structure holds the results of the command in an unmarshaled
// form. When command processing is completed, these values are
// marshaled into the output buffer. It is always the case that the
// unmarshaled version of an output structure is larger then the
// marshaled version. This is because the marshaled version contains
// the exact same number of significant bytes but with padding removed.
// typesOffsets This parameter points to the list of data types that are to be
// marshaled or unmarshaled. The list of types follows the 'offsets'
// array. The offsets array is variable sized so the typesOffset filed
// is necessary for the handle and command processing to be able to
// find the types that are being handled. The 'offsets' array may be
// empty. The 'types' structure is described below.
// offsets This is an array of offsets of each of the parameters in the
// command or response. When processing the command parameters (not
// handles) the list contains the offset of the next parameter. For
// example, if the first command parameter has a size of 4 and there is
// a second command parameter, then the offset would be 4, indicating
// that the second parameter starts at 4. If the second parameter has
// a size of 8, and there is a third parameter, then the second entry
// in offsets is 12 (4 for the first parameter and 8 for the second).
// An offset value of 0 in the list indicates the start of the response
// parameter list. When CommandDispatcher hits this value, it will stop
// unmarshaling the parameters and call 'command'. If a command has no
// response parameters and only one command parameter, then offsets can
// be an empty list.
typedef struct COMMAND_DESCRIPTOR_t
{
COMMAND_t command; // Address of the command
UINT16 inSize; // Maximum size of the input structure
@ -103,6 +129,26 @@ typedef struct
UINT16 typesOffset; // address of the types field
UINT16 offsets[1];
} COMMAND_DESCRIPTOR_t;
// The 'types' list is an encoded byte array. The byte value has two parts. The most
// significant bit is used when a parameter takes a flag and indicates if the flag
// should be SET or not. The remaining 7 bits are an index into an array of
// addresses of marshaling and unmarshaling functions.
// The array of functions is divided into 6 sections with a value assigned
// to denote the start of that section (and the end of the previous section). The
// defined offset values for each section are:
// 0 unmarshaling for handles that do not take flags
// HANDLE_FIRST_FLAG_TYPE unmarshaling for handles that take flags
// PARAMETER_FIRST_TYPE unmarshaling for parameters that do not take flags
// PARAMETER_FIRST_FLAG_TYPE unmarshaling for parameters that take flags
// PARAMETER_LAST_TYPE + 1 marshaling for handles
// RESPONSE_PARAMETER_FIRST_TYPE marshaling for parameters
// RESPONSE_PARAMETER_LAST_TYPE is the last value in the list of marshaling and
// unmarshaling functions.
//
// The types list is constructed with a byte of 0xff at the end of the command
// parameters and with an 0xff at the end of the response parameters.
# if COMPRESSED_LISTS
# define PAD_LIST 0
# else
@ -110,39 +156,46 @@ typedef struct
# endif
# define _COMMAND_TABLE_DISPATCH_
# include "CommandDispatchData.h"
# define TEST_COMMAND TPM_CC_Startup
# define NEW_CC
#else
# include "Commands.h"
#endif
/* 6.3.1.2 Marshal/Unmarshal Functions */
/* 6.3.1.2.1 ParseHandleBuffer() */
/* This is the table-driven version of the handle buffer unmarshaling code */
//* Marshal/Unmarshal Functions
//** ParseHandleBuffer()
// This is the table-driven version of the handle buffer unmarshaling code
TPM_RC
ParseHandleBuffer(
COMMAND *command
)
ParseHandleBuffer(COMMAND* command)
{
TPM_RC result;
#if TABLE_DRIVEN_DISPATCH
#if TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
COMMAND_DESCRIPTOR_t* desc;
BYTE* types;
BYTE type;
BYTE dType;
// Make sure that nothing strange has happened
pAssert(command->index
< sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t *));
pAssert(
command->index < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t*));
// Get the address of the descriptor for this command
desc = s_CommandDataArray[command->index];
pAssert(desc != NULL);
// Get the associated list of unmarshaling data types.
types = &((BYTE*)desc)[desc->typesOffset];
// if(s_ccAttr[commandIndex].commandIndex == TEST_COMMAND)
// commandIndex = commandIndex;
// No handles yet
command->handleNum = 0;
// Get the first type value
for(type = *types++;
// check each byte to make sure that we have not hit the start
@ -154,11 +207,12 @@ ParseHandleBuffer(
# if TABLE_DRIVEN_MARSHAL
marshalIndex_t index;
index = unmarshalArray[dType] | ((type & 0x80) ? NULL_FLAG : 0);
result = Unmarshal(index, &(command->handles[command->handleNum]),
&command->parameterBuffer, &command->parameterSize);
result = Unmarshal(index,
&(command->handles[command->handleNum]),
&command->parameterBuffer,
&command->parameterSize);
# else
// See if unmarshaling of this handle type requires a flag
if(dType < HANDLE_FIRST_FLAG_TYPE)
{
@ -173,12 +227,15 @@ ParseHandleBuffer(
{
// Look up the function
FlagFunction* f = unmarshalArray[dType];
// Call it setting the flag to the appropriate value
result = f(&(command->handles[command->handleNum]),
&command->parameterBuffer,
&command->parameterSize, (type & 0x80) != 0);
&command->parameterSize,
(type & 0x80) != 0);
}
# endif
// Got a handle
// We do this first so that the match for the handle offset of the
// response code works correctly.
@ -206,16 +263,13 @@ ParseHandleBuffer(
return TPM_RC_SUCCESS;
}
/* 6.3.1.2.2 CommandDispatcher() */
/* Function to unmarshal the command parameters, call the selected action code, and marshal the
response parameters. */
//** CommandDispatcher()
// Function to unmarshal the command parameters, call the selected action code, and
// marshal the response parameters.
TPM_RC
CommandDispatcher(
COMMAND *command
)
CommandDispatcher(COMMAND* command)
{
#if !TABLE_DRIVEN_DISPATCH
#if !TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
TPM_RC result;
BYTE** paramBuffer = &command->parameterBuffer;
INT32* paramBufferSize = &command->parameterSize;
@ -223,13 +277,17 @@ CommandDispatcher(
INT32* respParmSize = &command->parameterSize;
INT32 rSize;
TPM_HANDLE* handles = &command->handles[0];
command->handleNum = 0; /* The command-specific code knows how many handles there are. This
is for cataloging the number of response handles */
MemoryIoBufferAllocationReset(); /* Initialize so that allocation will work properly */
//
command->handleNum = 0; // The command-specific code knows how
// many handles there are. This is for
// cataloging the number of response
// handles
MemoryIoBufferAllocationReset(); // Initialize so that allocation will
// work properly
switch(GetCommandCode(command->index))
{
# include "CommandDispatcher.h"
default:
FAIL(FATAL_ERROR_INTERNAL);
break;
@ -256,27 +314,33 @@ CommandDispatcher(
TPM_RC result;
//
// Get the address of the descriptor for this command
pAssert(command->index
< sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t *));
pAssert(
command->index < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t*));
desc = s_CommandDataArray[command->index];
// Get the list of parameter types for this command
pAssert(desc != NULL);
types = &((BYTE*)desc)[desc->typesOffset];
// Get a pointer to the list of parameter offsets
offsets = &desc->offsets[0];
// pointer to handles
handles = command->handles;
// Get the size required to hold all the unmarshaled parameters for this command
maxInSize = desc->inSize;
// and the size of the output parameter structure returned by this command
maxOutSize = desc->outSize;
MemoryIoBufferAllocationReset();
// Get a buffer for the input parameters
commandIn = MemoryGetInBuffer(maxInSize);
// And the output parameters
commandOut = (BYTE*)MemoryGetOutBuffer((UINT32)maxOutSize);
// Get the address of the action code dispatch
cmd = desc->command;
// Copy any handles into the input buffer
for(type = *types++; (type & 0x7F) < PARAMETER_FIRST_TYPE; type = *types++)
{
@ -295,6 +359,7 @@ CommandDispatcher(
// maxInSize has the amount of space remaining in the command action input
// buffer. Make sure that we don't have more data to unmarshal than is going to
// fit.
// type contains the last value read from types so it is not necessary to
// reload it, which is good because *types now points to the next value
for(; (dType = (type & 0x7F)) <= PARAMETER_LAST_TYPE; type = *types++)
@ -304,20 +369,24 @@ CommandDispatcher(
{
marshalIndex_t index = unmarshalArray[dType];
index |= (type & 0x80) ? NULL_FLAG : 0;
result = Unmarshal(index, &commandIn[offset], &command->parameterBuffer,
result = Unmarshal(index,
&commandIn[offset],
&command->parameterBuffer,
&command->parameterSize);
}
# else
if(dType < PARAMETER_FIRST_FLAG_TYPE)
{
NoFlagFunction* f = (NoFlagFunction*)unmarshalArray[dType];
result = f(&commandIn[offset], &command->parameterBuffer,
result = f(&commandIn[offset],
&command->parameterBuffer,
&command->parameterSize);
}
else
{
FlagFunction* f = unmarshalArray[dType];
result = f(&commandIn[offset], &command->parameterBuffer,
result = f(&commandIn[offset],
&command->parameterBuffer,
&command->parameterSize,
(type & 0x80) != 0);
}
@ -340,12 +409,14 @@ CommandDispatcher(
result = TPM_RC_SIZE;
goto Exit;
}
// The command parameter unmarshaling stopped when it hit a value that was out
// of range for unmarshaling values and left *types pointing to the first
// marshaling type. If that type happens to be the STOP value, then there
// are no response parameters. So, set the flag to indicate if there are
// output parameters.
hasOutParameters = *types != 0xFF;
// There are four cases for calling, with and without input parameters and with
// and without output parameters.
if(hasInParameters > 0)
@ -364,10 +435,13 @@ CommandDispatcher(
}
if(result != TPM_RC_SUCCESS)
goto Exit;
// Offset in the marshaled output structure
offset = 0;
// Process the return handles, if any
command->handleNum = 0;
// Could make this a loop to process output handles but there is only ever
// one handle in the outputs (for now).
type = *types++;
@ -386,18 +460,18 @@ CommandDispatcher(
// no pointers to data, all of the data being returned has to be in the
// command action output buffer. If we try to marshal more bytes than
// could fit into the output buffer, we need to fail.
for(;(dType = (type & 0x7F)) <= RESPONSE_PARAMETER_LAST_TYPE
&& !g_inFailureMode; type = *types++)
for(; (dType = (type & 0x7F)) <= RESPONSE_PARAMETER_LAST_TYPE && !g_inFailureMode;
type = *types++)
{
# if TABLE_DRIVEN_MARSHAL
marshalIndex_t index = marshalArray[dType];
command->parameterSize += Marshal(index, &commandOut[offset],
&command->responseBuffer,
&maxOutSize);
command->parameterSize += Marshal(
index, &commandOut[offset], &command->responseBuffer, &maxOutSize);
# else
const MARSHAL_t f = marshalArray[dType];
command->parameterSize += f(&commandOut[offset], &command->responseBuffer,
&maxOutSize);
command->parameterSize +=
f(&commandOut[offset], &command->responseBuffer, &maxOutSize);
# endif
offset = *offsets++;
}

26
src/tpm2/CommandDispatcher_fp.h
View File

@ -59,17 +59,23 @@
/* */
/********************************************************************************/
#ifndef COMMANDDISPATCHER_FP_H
#define COMMANDDISPATCHER_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 7, 2020 Time: 07:06:44PM
*/
#ifndef _COMMAND_DISPATCHER_FP_H_
#define _COMMAND_DISPATCHER_FP_H_
//** ParseHandleBuffer()
// This is the table-driven version of the handle buffer unmarshaling code
TPM_RC
CommandDispatcher(
COMMAND *command
);
ParseHandleBuffer(COMMAND* command);
//** CommandDispatcher()
// Function to unmarshal the command parameters, call the selected action code, and
// marshal the response parameters.
TPM_RC
ParseHandleBuffer(
COMMAND *command
);
CommandDispatcher(COMMAND* command);
#endif
#endif // _COMMAND_DISPATCHER_FP_H_

39
src/tpm2/Commit_fp.h
View File

@ -59,36 +59,41 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef COMMIT_FP_H
#define COMMIT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Commit // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT signHandle;
TPM2B_ECC_POINT P1;
TPM2B_SENSITIVE_DATA s2;
TPM2B_ECC_PARAMETER y2;
} Commit_In;
#define RC_Commit_signHandle (TPM_RC_H + TPM_RC_1)
#define RC_Commit_P1 (TPM_RC_P + TPM_RC_1)
#define RC_Commit_s2 (TPM_RC_P + TPM_RC_2)
#define RC_Commit_y2 (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT K;
TPM2B_ECC_POINT L;
TPM2B_ECC_POINT E;
UINT16 counter;
} Commit_Out;
// Response code modifiers
# define RC_Commit_signHandle (TPM_RC_H + TPM_RC_1)
# define RC_Commit_P1 (TPM_RC_P + TPM_RC_1)
# define RC_Commit_s2 (TPM_RC_P + TPM_RC_2)
# define RC_Commit_y2 (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_Commit(
Commit_In *in, // IN: input parameter list
Commit_Out *out // OUT: output parameter list
);
TPM2_Commit(Commit_In* in, Commit_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
#endif // CC_Commit

32
src/tpm2/ContextLoad_fp.h
View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CONTEXTLOAD_FP_H
#define CONTEXTLOAD_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ContextLoad // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
// Input structure definition
typedef struct
{
TPMS_CONTEXT context;
} ContextLoad_In;
#define RC_ContextLoad_context (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPMI_DH_CONTEXT loadedHandle;
} ContextLoad_Out;
// Response code modifiers
# define RC_ContextLoad_context (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ContextLoad(
ContextLoad_In *in, // IN: input parameter list
ContextLoad_Out *out // OUT: output parameter list
);
TPM2_ContextLoad(ContextLoad_In* in, ContextLoad_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
#endif // CC_ContextLoad

32
src/tpm2/ContextSave_fp.h
View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CONTEXTSAVE_FP_H
#define CONTEXTSAVE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ContextSave // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_CONTEXT saveHandle;
} ContextSave_In;
#define RC_ContextSave_saveHandle (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPMS_CONTEXT context;
} ContextSave_Out;
// Response code modifiers
# define RC_ContextSave_saveHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ContextSave(
ContextSave_In *in, // IN: input parameter list
ContextSave_Out *out // OUT: output parameter list
);
TPM2_ContextSave(ContextSave_In* in, ContextSave_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
#endif // CC_ContextSave

4
src/tpm2/Context_spt.c
View File

@ -236,7 +236,7 @@ TPM_RC ComputeContextIntegrity(TPMS_CONTEXT* contextBlob, // IN: context blob
return TPM_RC_SUCCESS;
}
#if 0
#if 0 // libtpms added
//*** SequenceDataExport();
// This function is used scan through the sequence object and
// either modify the hash state data for export (contextSave) or to
@ -290,4 +290,4 @@ void SequenceDataImport(
CryptHashImportState(hash, (EXPORT_HASH_STATE*)importHash);
}
}
#endif
#endif // libtpms added

37
src/tpm2/CreateLoaded_fp.h
View File

@ -59,32 +59,39 @@
/* */
/********************************************************************************/
#ifndef CREATELOADED_FP_H
#define CREATELOADED_FP_H
/* rev 136 */
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CreateLoaded // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_PARENT parentHandle;
TPM2B_SENSITIVE_CREATE inSensitive;
TPM2B_TEMPLATE inPublic;
} CreateLoaded_In;
#define RC_CreateLoaded_parentHandle (TPM_RC_H + TPM_RC_1)
#define RC_CreateLoaded_inSensitive (TPM_RC_P + TPM_RC_1)
#define RC_CreateLoaded_inPublic (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM_HANDLE objectHandle;
TPM2B_PRIVATE outPrivate;
TPM2B_PUBLIC outPublic;
TPM2B_NAME name;
} CreateLoaded_Out;
TPM_RC
TPM2_CreateLoaded(
CreateLoaded_In *in, // IN: input parameter list
CreateLoaded_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_CreateLoaded_parentHandle (TPM_RC_H + TPM_RC_1)
# define RC_CreateLoaded_inSensitive (TPM_RC_P + TPM_RC_1)
# define RC_CreateLoaded_inPublic (TPM_RC_P + TPM_RC_2)
#endif
// Function prototype
TPM_RC
TPM2_CreateLoaded(CreateLoaded_In* in, CreateLoaded_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
#endif // CC_CreateLoaded

41
src/tpm2/CreatePrimary_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CREATEPRIMARY_FP_H
#define CREATEPRIMARY_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CreatePrimary // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_HIERARCHY primaryHandle;
TPM2B_SENSITIVE_CREATE inSensitive;
TPM2B_PUBLIC inPublic;
@ -72,13 +77,9 @@ typedef struct {
TPML_PCR_SELECTION creationPCR;
} CreatePrimary_In;
#define RC_CreatePrimary_primaryHandle (TPM_RC_H + TPM_RC_1)
#define RC_CreatePrimary_inSensitive (TPM_RC_P + TPM_RC_1)
#define RC_CreatePrimary_inPublic (TPM_RC_P + TPM_RC_2)
#define RC_CreatePrimary_outsideInfo (TPM_RC_P + TPM_RC_3)
#define RC_CreatePrimary_creationPCR (TPM_RC_P + TPM_RC_4)
typedef struct {
// Output structure definition
typedef struct
{
TPM_HANDLE objectHandle;
TPM2B_PUBLIC outPublic;
TPM2B_CREATION_DATA creationData;
@ -87,10 +88,16 @@ typedef struct {
TPM2B_NAME name;
} CreatePrimary_Out;
TPM_RC
TPM2_CreatePrimary(
CreatePrimary_In *in, // IN: input parameter list
CreatePrimary_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_CreatePrimary_primaryHandle (TPM_RC_H + TPM_RC_1)
# define RC_CreatePrimary_inSensitive (TPM_RC_P + TPM_RC_1)
# define RC_CreatePrimary_inPublic (TPM_RC_P + TPM_RC_2)
# define RC_CreatePrimary_outsideInfo (TPM_RC_P + TPM_RC_3)
# define RC_CreatePrimary_creationPCR (TPM_RC_P + TPM_RC_4)
#endif
// Function prototype
TPM_RC
TPM2_CreatePrimary(CreatePrimary_In* in, CreatePrimary_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
#endif // CC_CreatePrimary

40
src/tpm2/Create_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 137 */
#ifndef CREATE_FP_H
#define CREATE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Create // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT parentHandle;
TPM2B_SENSITIVE_CREATE inSensitive;
TPM2B_PUBLIC inPublic;
@ -72,13 +77,9 @@ typedef struct {
TPML_PCR_SELECTION creationPCR;
} Create_In;
#define RC_Create_parentHandle (TPM_RC_H + TPM_RC_1)
#define RC_Create_inSensitive (TPM_RC_P + TPM_RC_1)
#define RC_Create_inPublic (TPM_RC_P + TPM_RC_2)
#define RC_Create_outsideInfo (TPM_RC_P + TPM_RC_3)
#define RC_Create_creationPCR (TPM_RC_P + TPM_RC_4)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_PRIVATE outPrivate;
TPM2B_PUBLIC outPublic;
TPM2B_CREATION_DATA creationData;
@ -86,11 +87,16 @@ typedef struct {
TPMT_TK_CREATION creationTicket;
} Create_Out;
// Response code modifiers
# define RC_Create_parentHandle (TPM_RC_H + TPM_RC_1)
# define RC_Create_inSensitive (TPM_RC_P + TPM_RC_1)
# define RC_Create_inPublic (TPM_RC_P + TPM_RC_2)
# define RC_Create_outsideInfo (TPM_RC_P + TPM_RC_3)
# define RC_Create_creationPCR (TPM_RC_P + TPM_RC_4)
// Function prototype
TPM_RC
TPM2_Create(
Create_In *in, // IN: input parameter list
Create_Out *out // OUT: output parameter list
);
TPM2_Create(Create_In* in, Create_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
#endif // CC_Create

72
src/tpm2/CryptSelfTest_fp.h
View File

@ -59,29 +59,69 @@
/* */
/********************************************************************************/
#ifndef CRYPTSELFTEST_FP_H
#define CRYPTSELFTEST_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 4, 2020 Time: 02:36:44PM
*/
#ifndef _CRYPT_SELF_TEST_FP_H_
#define _CRYPT_SELF_TEST_FP_H_
//*** CryptSelfTest()
// This function is called to start/complete a full self-test.
// If 'fullTest' is NO, then only the untested algorithms will be run. If
// 'fullTest' is YES, then 'g_untestedDecryptionAlgorithms' is reinitialized and then
// all tests are run.
// This implementation of the reference design does not support processing outside
// the framework of a TPM command. As a consequence, this command does not
// complete until all tests are done. Since this can take a long time, the TPM
// will check after each test to see if the command is canceled. If so, then the
// TPM will returned TPM_RC_CANCELLED. To continue with the self-tests, call
// TPM2_SelfTest(fullTest == No) and the TPM will complete the testing.
// Return Type: TPM_RC
// TPM_RC_CANCELED if the command is canceled
LIB_EXPORT
TPM_RC
CryptSelfTest(
TPMI_YES_NO fullTest // IN: if full test is required
CryptSelfTest(TPMI_YES_NO fullTest // IN: if full test is required
);
//*** CryptIncrementalSelfTest()
// This function is used to perform an incremental self-test. This implementation
// will perform the toTest values before returning. That is, it assumes that the
// TPM cannot perform background tasks between commands.
//
// This command may be canceled. If it is, then there is no return result.
// However, this command can be run again and the incremental progress will not
// be lost.
// Return Type: TPM_RC
// TPM_RC_CANCELED processing of this command was canceled
// TPM_RC_TESTING if toTest list is not empty
// TPM_RC_VALUE an algorithm in the toTest list is not implemented
TPM_RC
CryptIncrementalSelfTest(
TPML_ALG *toTest, // IN: list of algorithms to be tested
CryptIncrementalSelfTest(TPML_ALG* toTest, // IN: list of algorithms to be tested
TPML_ALG* toDoList // OUT: list of algorithms needing test
);
void
CryptInitializeToTest(
void
);
//*** CryptInitializeToTest()
// This function will initialize the data structures for testing all the
// algorithms. This should not be called unless CryptAlgsSetImplemented() has
// been called
void CryptInitializeToTest(void);
//*** CryptTestAlgorithm()
// Only point of contact with the actual self tests. If a self-test fails, there
// is no return and the TPM goes into failure mode.
// The call to TestAlgorithm uses an algorithm selector and a bit vector. When the
// test is run, the corresponding bit in 'toTest' and in 'g_toTest' is CLEAR. If
// 'toTest' is NULL, then only the bit in 'g_toTest' is CLEAR.
// There is a special case for the call to TestAlgorithm(). When 'alg' is
// ALG_ERROR, TestAlgorithm() will CLEAR any bit in 'toTest' for which it has
// no test. This allows the knowledge about which algorithms have test to be
// accessed through the interface that provides the test.
// Return Type: TPM_RC
// TPM_RC_CANCELED test was canceled
LIB_EXPORT
TPM_RC
CryptTestAlgorithm(
TPM_ALG_ID alg,
ALGORITHM_VECTOR *toTest
);
CryptTestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest);
#endif
#endif // _CRYPT_SELF_TEST_FP_H_

25
src/tpm2/CryptUtil.c
View File

@ -189,7 +189,7 @@ static TPM_RC CryptGenerateKeyedHash(
if(scheme->scheme == TPM_ALG_NULL)
hashAlg = publicArea->nameAlg;
else if(scheme->scheme == TPM_ALG_XOR)
hashAlg = scheme->details.xorr.hashAlg;
hashAlg = scheme->details.xor.hashAlg;
else
hashAlg = scheme->details.hmac.hashAlg;
digestSize = CryptHashGetDigestSize(hashAlg);
@ -905,8 +905,8 @@ CryptSecretDecrypt(OBJECT* decryptKey, // IN: decrypt key
{
if(nonceCaller->t.size > sizeof(iv.t.buffer))
return TPM_RC_FAILURE;
MemoryCopy(iv.t.buffer, nonceCaller->t.buffer, // libtpms changed: use iv.t.buffer
nonceCaller->t.size);
MemoryCopy(
iv.t.buffer, nonceCaller->t.buffer, nonceCaller->t.size); // libtpms changed: use iv.t.buffer
}
// make sure secret will fit
if(secret->t.size > sizeof(data->t.buffer))
@ -1316,8 +1316,7 @@ BOOL CryptIsSplitSign(TPM_ALG_ID scheme // IN: the algorithm selector
}
//*** CryptIsAsymSignScheme()
// This function indicates if a scheme algorithm is a sign algorithm valid for the
// public key type.
// This function indicates if a scheme algorithm is a sign algorithm.
BOOL CryptIsAsymSignScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the object
TPMI_ALG_ASYM_SCHEME scheme // IN: the scheme
)
@ -1351,6 +1350,7 @@ BOOL CryptIsAsymSignScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the
# endif
switch(scheme)
{
// Support for ECDSA is required for ECC
case TPM_ALG_ECDSA:
# if ALG_ECDAA // ECDAA is optional
case TPM_ALG_ECDAA:
@ -1483,10 +1483,8 @@ BOOL CryptIsAsymDecryptScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the ob
//*** CryptSelectSignScheme()
// This function is used by the attestation and signing commands. It implements
// the rules for selecting the signature scheme to use in signing and validates
// that the selected scheme is compatible with the key type. It also ensures
// the selected scheme specifies a valid hash algorithm. This function requires
// that the signing key either be TPM_RH_NULL or be loaded.
// the rules for selecting the signature scheme to use in signing. This function
// requires that the signing key either be TPM_RH_NULL or be loaded.
//
// If a default scheme is defined in object, the default scheme should be chosen,
// otherwise, the input scheme should be chosen.
@ -1501,9 +1499,7 @@ BOOL CryptIsAsymDecryptScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the ob
// FALSE(0) both 'scheme' and key's default scheme are empty; or
// 'scheme' is empty while key's default scheme requires
// explicit input scheme (split signing); or
// non-empty default key scheme differs from 'scheme'; or
// 'scheme' not valid for key type; or invalid hash
// algorithm specified; or key type is ALG_SYMCIPHER
// non-empty default key scheme differs from 'scheme'
BOOL CryptSelectSignScheme(OBJECT* signObject, // IN: signing key
TPMT_SIG_SCHEME* scheme // IN/OUT: signing scheme
)
@ -1550,6 +1546,8 @@ BOOL CryptSelectSignScheme(OBJECT* signObject, // IN: signing key
{
// Input and default can't both be NULL
OK = (scheme->scheme != TPM_ALG_NULL);
// Assume that the scheme is compatible with the key. If not,
// an error will be generated in the signing operation.
}
else if(scheme->scheme == TPM_ALG_NULL)
{
@ -1584,7 +1582,6 @@ BOOL CryptSelectSignScheme(OBJECT* signObject, // IN: signing key
// valid hash algorithm specified.
OK = CryptIsValidSignScheme(publicArea->type, scheme);
}
}
return OK;
}
@ -1907,7 +1904,7 @@ CryptValidateKeys(TPMT_PUBLIC* publicArea,
scheme = &params->keyedHashDetail.scheme;
if(scheme->scheme == TPM_ALG_XOR)
{
maxSize = CryptHashGetBlockSize(scheme->details.xorr.hashAlg);
maxSize = CryptHashGetBlockSize(scheme->details.xor.hashAlg);
}
else if(scheme->scheme == TPM_ALG_HMAC)
{

66
src/tpm2/CryptoInterface.h Normal file
View File

@ -0,0 +1,66 @@
/********************************************************************************/
/* */
/* CryptoInterface header file */
/* Written by Stefan Berger */
/* IBM Thomas J. Watson Research Center */
/* */
/* (c) Copyright IBM Corporation 2017,2018. */
/* */
/* All rights reserved. */
/* */
/* Redistribution and use in source and binary forms, with or without */
/* modification, are permitted provided that the following conditions are */
/* met: */
/* */
/* Redistributions of source code must retain the above copyright notice, */
/* this list of conditions and the following disclaimer. */
/* */
/* Redistributions in binary form must reproduce the above copyright */
/* notice, this list of conditions and the following disclaimer in the */
/* documentation and/or other materials provided with the distribution. */
/* */
/* Neither the names of the IBM Corporation nor the names of its */
/* contributors may be used to endorse or promote products derived from */
/* this software without specific prior written permission. */
/* */
/* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS */
/* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT */
/* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR */
/* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT */
/* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, */
/* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT */
/* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, */
/* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY */
/* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT */
/* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE */
/* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
/********************************************************************************/
//** Introduction
//
// This file contains prototypes that are common to all TPM crypto interfaces.
//
#ifndef CRYPTO_INTERFACE_H
#define CRYPTO_INTERFACE_H
#include "TpmBuildSwitches.h"
#if SIMULATION && CRYPTO_LIB_REPORTING
typedef struct crypto_impl_description
{
// The name of the crypto library, ASCII encoded.
char name[32];
// The version of the crypto library, ASCII encoded.
char version[32];
} _CRYPTO_IMPL_DESCRIPTION;
// When building the simulator, the plugged-in crypto libraries can report its
// version information by implementing these interfaces.
void _crypto_GetSymImpl(_CRYPTO_IMPL_DESCRIPTION* result);
void _crypto_GetHashImpl(_CRYPTO_IMPL_DESCRIPTION* result);
void _crypto_GetMathImpl(_CRYPTO_IMPL_DESCRIPTION* result);
#endif // SIMULATION && CRYPTO_LIB_REPORTING
#endif // CRYPTO_INTERFACE_H

97
src/tpm2/DA.c
View File

@ -59,45 +59,50 @@
/* */
/********************************************************************************/
/* 8.2 DA.c */
/* 8.2.1 Introduction */
/* This file contains the functions and data definitions relating to the dictionary attack logic. */
/* 8.2.2 Includes and Data Definitions */
//** Introduction
// This file contains the functions and data definitions relating to the
// dictionary attack logic.
//** Includes and Data Definitions
#define DA_C
#include "Tpm.h"
/* 8.2.3 Functions */
/* 8.2.3.1 DAPreInstall_Init() */
/* This function initializes the DA parameters to their manufacturer-default values. The default
values are determined by a platform-specific specification. */
/* This function should not be called outside of a manufacturing or simulation environment. */
/* The DA parameters will be restored to these initial values by TPM2_Clear(). */
void
DAPreInstall_Init(
void
)
//** Functions
//*** DAPreInstall_Init()
// This function initializes the DA parameters to their manufacturer-default
// values. The default values are determined by a platform-specific specification.
//
// This function should not be called outside of a manufacturing or simulation
// environment.
//
// The DA parameters will be restored to these initial values by TPM2_Clear().
void DAPreInstall_Init(void)
{
gp.failedTries = 0;
gp.maxTries = 3;
gp.recoveryTime = 1000; // in seconds (~16.67 minutes)
gp.lockoutRecovery = 1000; // in seconds
gp.lockOutAuthEnabled = TRUE; // Use of lockoutAuth is enabled
// Record persistent DA parameter changes to NV
NV_SYNC_PERSISTENT(failedTries);
NV_SYNC_PERSISTENT(maxTries);
NV_SYNC_PERSISTENT(recoveryTime);
NV_SYNC_PERSISTENT(lockoutRecovery);
NV_SYNC_PERSISTENT(lockOutAuthEnabled);
return;
}
/* 8.2.3.2 DAStartup() */
/* This function is called by TPM2_Startup() to initialize the DA parameters. In the case of
Startup(CLEAR), use of lockoutAuth will be enabled if the lockout recovery time is 0. Otherwise,
lockoutAuth will not be enabled until the TPM has been continuously powered for the
lockoutRecovery time. */
/* This function requires that NV be available and not rate limiting. */
BOOL
DAStartup(
STARTUP_TYPE type // IN: startup type
//*** DAStartup()
// This function is called by TPM2_Startup() to initialize the DA parameters.
// In the case of Startup(CLEAR), use of lockoutAuth will be enabled if the
// lockout recovery time is 0. Otherwise, lockoutAuth will not be enabled until
// the TPM has been continuously powered for the lockoutRecovery time.
//
// This function requires that NV be available and not rate limiting.
BOOL DAStartup(STARTUP_TYPE type // IN: startup type
)
{
NOT_REFERENCED(type);
@ -126,6 +131,7 @@ DAStartup(
}
}
#endif
// For any Startup(), if lockoutRecovery is 0, enable use of lockoutAuth.
if(gp.lockoutRecovery == 0)
{
@ -133,10 +139,10 @@ DAStartup(
// Record the changes to NV
NV_SYNC_PERSISTENT(lockOutAuthEnabled);
}
// If DA has not been disabled and the previous shutdown is not orderly
// failedTries is not already at its maximum then increment 'failedTries'
if(gp.recoveryTime != 0
&& gp.failedTries < gp.maxTries
if(gp.recoveryTime != 0 && gp.failedTries < gp.maxTries
&& !IS_ORDERLY(g_prevOrderlyState))
{
#if USE_DA_USED
@ -151,15 +157,16 @@ DAStartup(
// Before Startup, the TPM will not do clock updates. At startup, need to
// do a time update which will do the DA update.
TimeUpdate();
return TRUE;
}
/* 8.2.3.3 DARegisterFailure() */
/* This function is called when an authorization failure occurs on an entity that is subject to
dictionary-attack protection. When a DA failure is triggered, register the failure by resetting
the relevant self-healing timer to the current time. */
void
DARegisterFailure(
TPM_HANDLE handle // IN: handle for failure
//*** DARegisterFailure()
// This function is called when an authorization failure occurs on an entity
// that is subject to dictionary-attack protection. When a DA failure is
// triggered, register the failure by resetting the relevant self-healing
// timer to the current time.
void DARegisterFailure(TPM_HANDLE handle // IN: handle for failure
)
{
// Reset the timer associated with lockout if the handle is the lockoutAuth.
@ -169,14 +176,13 @@ DARegisterFailure(
s_selfHealTimer = g_time;
return;
}
/* 8.2.3.4 DASelfHeal() */
/* This function is called to check if sufficient time has passed to allow decrement of failedTries
or to re-enable use of lockoutAuth. */
/* This function should be called when the time interval is updated. */
void
DASelfHeal(
void
)
//*** DASelfHeal()
// This function is called to check if sufficient time has passed to allow
// decrement of failedTries or to re-enable use of lockoutAuth.
//
// This function should be called when the time interval is updated.
void DASelfHeal(void)
{
// Regular authorization self healing logic
// If no failed authorization tries, do nothing. Otherwise, try to
@ -194,22 +200,26 @@ DASelfHeal(
else
{
UINT64 decreaseCount;
#if 0 // Errata eliminates this code
#if 0
// Errata eliminates this code
// In the unlikely event that failedTries should become larger than
// maxTries
if(gp.failedTries > gp.maxTries)
gp.failedTries = gp.maxTries;
#endif
// How much can failedTries be decreased
// Cast s_selfHealTimer to an int in case it became negative at
// startup
decreaseCount = ((g_time - (INT64)s_selfHealTimer) / 1000)
/ gp.recoveryTime;
decreaseCount =
((g_time - (INT64)s_selfHealTimer) / 1000) / gp.recoveryTime;
if(gp.failedTries <= (UINT32)decreaseCount)
// should not set failedTries below zero
gp.failedTries = 0;
else
gp.failedTries -= (UINT32)decreaseCount;
// the cast prevents overflow of the product
s_selfHealTimer += (decreaseCount * (UINT64)gp.recoveryTime) * 1000;
if(decreaseCount != 0)
@ -218,6 +228,7 @@ DASelfHeal(
NV_SYNC_PERSISTENT(failedTries);
}
}
// LockoutAuth self healing logic
// If lockoutAuth is enabled, do nothing. Otherwise, try to see if we
// may enable it

62
src/tpm2/DA_fp.h
View File

@ -59,29 +59,47 @@
/* */
/********************************************************************************/
#ifndef DA_FP_H
#define DA_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Apr 2, 2019 Time: 04:23:27PM
*/
void
DAPreInstall_Init(
void
);
void
DAInit(
void
);
BOOL
DAStartup(
STARTUP_TYPE type // IN: startup type
);
void
DARegisterFailure(
TPM_HANDLE handle // IN: handle for failure
);
void
DASelfHeal(
void
#ifndef _DA_FP_H_
#define _DA_FP_H_
//*** DAPreInstall_Init()
// This function initializes the DA parameters to their manufacturer-default
// values. The default values are determined by a platform-specific specification.
//
// This function should not be called outside of a manufacturing or simulation
// environment.
//
// The DA parameters will be restored to these initial values by TPM2_Clear().
void DAPreInstall_Init(void);
//*** DAStartup()
// This function is called by TPM2_Startup() to initialize the DA parameters.
// In the case of Startup(CLEAR), use of lockoutAuth will be enabled if the
// lockout recovery time is 0. Otherwise, lockoutAuth will not be enabled until
// the TPM has been continuously powered for the lockoutRecovery time.
//
// This function requires that NV be available and not rate limiting.
BOOL DAStartup(STARTUP_TYPE type // IN: startup type
);
//*** DARegisterFailure()
// This function is called when a authorization failure occurs on an entity
// that is subject to dictionary-attack protection. When a DA failure is
// triggered, register the failure by resetting the relevant self-healing
// timer to the current time.
void DARegisterFailure(TPM_HANDLE handle // IN: handle for failure
);
#endif
//*** DASelfHeal()
// This function is called to check if sufficient time has passed to allow
// decrement of failedTries or to re-enable use of lockoutAuth.
//
// This function should be called when the time interval is updated.
void DASelfHeal(void);
#endif // _DA_FP_H_

59
src/tpm2/DebugHelpers.c
View File

@ -59,29 +59,25 @@
/* */
/********************************************************************************/
/* C.13 DebugHelpers.c */
/* C.13.1. Description */
/* This file contains the NV read and write access methods. This implementation uses RAM/file and
does not manage the RAM/file as NV blocks. The implementation may become more sophisticated over
time. */
/* C.13.2. Includes and Local */
//** Description
//
// This file contains the NV read and write access methods. This implementation
// uses RAM/file and does not manage the RAM/file as NV blocks.
// The implementation may become more sophisticated over time.
//
//** Includes and Local
#include <stdio.h>
#include <time.h>
#include "Platform.h"
#include "DebugHelpers_fp.h"
#if CERTIFYX509_DEBUG
const char* debugFileName = "DebugFile.txt";
/* C.13.2.1. fileOpen() */
/* This exists to allow use of the safe version of fopen() with a MS runtime. */
static FILE *
fileOpen(
const char *fn,
const char *mode
)
//*** fileOpen()
// This exists to allow use of the 'safe' version of fopen() with a MS runtime.
static FILE* fileOpen(const char* fn, const char* mode)
{
FILE* f;
# if defined _MSC_VER
@ -92,17 +88,14 @@ fileOpen(
# endif
return f;
}
/* C.13.2.2. DebugFileInit() */
/* This function initializes the file containing the debug data with the time of the file
creation. */
/* This function opens the file used to hold the debug data. */
/* Return Value Meaning */
/* 0 success */
/* != 0 error */
int
DebugFileInit(
void
)
//*** DebugFileInit()
// This function initializes the file containing the debug data with the time of the
// file creation.
// Return Type: int
// 0 success
// != 0 error
int DebugFileInit(void)
{
FILE* f = NULL;
time_t t = time(NULL);
@ -119,7 +112,7 @@ DebugFileInit(
f = fileOpen(debugFileName, "w");
if(f)
{
/* Initialize the contents with the time. */
// Initialize the contents with the time.
fprintf(f, "%s\n", timeString);
fclose(f);
return 0;
@ -127,14 +120,8 @@ DebugFileInit(
return -1;
}
/* C.13.2.3. DebugDumpBuffer() */
void
DebugDumpBuffer(
int size,
unsigned char *buf,
const char *identifier
)
//*** DebugDumpBuffer()
void DebugDumpBuffer(int size, unsigned char* buf, const char* identifier)
{
int i;
//

23
src/tpm2/DictionaryAttackLockReset_fp.h
View File

@ -59,21 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef DICTIONARYATTACKLOCKRESET_FP_H
#define DICTIONARYATTACKLOCKRESET_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_DictionaryAttackLockReset // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_LOCKOUT lockHandle;
} DictionaryAttackLockReset_In;
// Response code modifiers
# define RC_DictionaryAttackLockReset_lockHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_DictionaryAttackLockReset(
DictionaryAttackLockReset_In *in // IN: input parameter list
);
TPM2_DictionaryAttackLockReset(DictionaryAttackLockReset_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
#endif // CC_DictionaryAttackLockReset

22
src/tpm2/DictionaryAttackParameters_fp.h
View File

@ -59,28 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef DICTIONARYATTACKPARAMETERS_FP_H
#define DICTIONARYATTACKPARAMETERS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
#if CC_DictionaryAttackParameters // Command must be enabled
typedef struct {
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_LOCKOUT lockHandle;
UINT32 newMaxTries;
UINT32 newRecoveryTime;
UINT32 lockoutRecovery;
} DictionaryAttackParameters_In;
// Response code modifiers
# define RC_DictionaryAttackParameters_lockHandle (TPM_RC_H + TPM_RC_1)
# define RC_DictionaryAttackParameters_newMaxTries (TPM_RC_P + TPM_RC_1)
# define RC_DictionaryAttackParameters_newRecoveryTime (TPM_RC_P + TPM_RC_2)
# define RC_DictionaryAttackParameters_lockoutRecovery (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_DictionaryAttackParameters(
DictionaryAttackParameters_In *in // IN: input parameter list
);
TPM2_DictionaryAttackParameters(DictionaryAttackParameters_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
#endif // CC_DictionaryAttackParameters

27
src/tpm2/Duplicate_fp.h
View File

@ -59,33 +59,40 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef DUPLICATE_FP_H
#define DUPLICATE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Duplicate // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT objectHandle;
TPMI_DH_OBJECT newParentHandle;
TPM2B_DATA encryptionKeyIn;
TPMT_SYM_DEF_OBJECT symmetricAlg;
} Duplicate_In;
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DATA encryptionKeyOut;
TPM2B_PRIVATE duplicate;
TPM2B_ENCRYPTED_SECRET outSymSeed;
} Duplicate_Out;
// Response code modifiers
# define RC_Duplicate_objectHandle (TPM_RC_H + TPM_RC_1)
# define RC_Duplicate_newParentHandle (TPM_RC_H + TPM_RC_2)
# define RC_Duplicate_encryptionKeyIn (TPM_RC_P + TPM_RC_1)
# define RC_Duplicate_symmetricAlg (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_Duplicate(
Duplicate_In *in, // IN: input parameter list
Duplicate_Out *out // OUT: output parameter list
);
TPM2_Duplicate(Duplicate_In* in, Duplicate_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
#endif // CC_Duplicate

2
src/tpm2/EACommands.c
View File

@ -1643,7 +1643,7 @@ TPM2_PolicyAuthorizeNV(PolicyAuthorizeNV_In* in)
#include "CommandCodeAttributes_fp.h"
#include "CryptEccMain_fp.h"
#include "Handle_fp.h"
#include "NVDynamic_fp.h"
#include "NvDynamic_fp.h"
#include "Object_fp.h"
#include "PCR_fp.h"
#include "PP_fp.h"

32
src/tpm2/ECC_Parameters_fp.h
View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ECC_PARAMETERS_FP_H
#define ECC_PARAMETERS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ECC_Parameters // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
// Input structure definition
typedef struct
{
TPMI_ECC_CURVE curveID;
} ECC_Parameters_In;
#define RC_ECC_Parameters_curveID (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPMS_ALGORITHM_DETAIL_ECC parameters;
} ECC_Parameters_Out;
// Response code modifiers
# define RC_ECC_Parameters_curveID (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ECC_Parameters(
ECC_Parameters_In *in, // IN: input parameter list
ECC_Parameters_Out *out // OUT: output parameter list
);
TPM2_ECC_Parameters(ECC_Parameters_In* in, ECC_Parameters_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
#endif // CC_ECC_Parameters

32
src/tpm2/ECDH_KeyGen_fp.h
View File

@ -59,27 +59,33 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ECDH_KEYGEN_FP_H
#define ECDH_KEYGEN_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ECDH_KeyGen // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
} ECDH_KeyGen_In;
#define RC_ECDH_KeyGen_keyHandle (TPM_RC_H + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT zPoint;
TPM2B_ECC_POINT pubPoint;
} ECDH_KeyGen_Out;
// Response code modifiers
# define RC_ECDH_KeyGen_keyHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ECDH_KeyGen(
ECDH_KeyGen_In *in, // IN: input parameter list
ECDH_KeyGen_Out *out // OUT: output parameter list
);
TPM2_ECDH_KeyGen(ECDH_KeyGen_In* in, ECDH_KeyGen_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
#endif // CC_ECDH_KeyGen

34
src/tpm2/ECDH_ZGen_fp.h
View File

@ -59,28 +59,34 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ECDH_ZGEN_FP_H
#define ECDH_ZGEN_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ECDH_ZGen // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
TPM2B_ECC_POINT inPoint;
} ECDH_ZGen_In;
#define RC_ECDH_ZGen_keyHandle (TPM_RC_H + TPM_RC_1)
#define RC_ECDH_ZGen_inPoint (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT outPoint;
} ECDH_ZGen_Out;
// Response code modifiers
# define RC_ECDH_ZGen_keyHandle (TPM_RC_H + TPM_RC_1)
# define RC_ECDH_ZGen_inPoint (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ECDH_ZGen(
ECDH_ZGen_In *in, // IN: input parameter list
ECDH_ZGen_Out *out // OUT: output parameter list
);
TPM2_ECDH_ZGen(ECDH_ZGen_In* in, ECDH_ZGen_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
#endif // CC_ECDH_ZGen

33
src/tpm2/EC_Ephemeral_fp.h
View File

@ -59,26 +59,33 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef EC_EPHEMERAL_FP_H
#define EC_EPHEMERAL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EC_Ephemeral // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
// Input structure definition
typedef struct
{
TPMI_ECC_CURVE curveID;
} EC_Ephemeral_In;
#define RC_EC_Ephemeral_curveID (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT Q;
UINT16 counter;
} EC_Ephemeral_Out;
TPM_RC
TPM2_EC_Ephemeral(
EC_Ephemeral_In *in, // IN: input parameter list
EC_Ephemeral_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_EC_Ephemeral_curveID (TPM_RC_P + TPM_RC_1)
#endif
// Function prototype
TPM_RC
TPM2_EC_Ephemeral(EC_Ephemeral_In* in, EC_Ephemeral_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
#endif // CC_EC_Ephemeral

236
src/tpm2/EccTestData.h
View File

@ -59,97 +59,153 @@
/* */
/********************************************************************************/
// This file contains the parameter data for ECC testing.
#ifdef SELF_TEST_DATA
TPM2B_TYPE(EC_TEST, 32);
const TPM_ECC_CURVE c_testCurve = 00003;
// The static key
const TPM2B_EC_TEST c_ecTestKey_ds = {{32, {
0xdf,0x8d,0xa4,0xa3,0x88,0xf6,0x76,0x96,0x89,0xfc,0x2f,0x2d,0xa1,0xb4,0x39,0x7a,
0x78,0xc4,0x7f,0x71,0x8c,0xa6,0x91,0x85,0xc0,0xbf,0xf3,0x54,0x20,0x91,0x2f,0x73}}};
const TPM2B_EC_TEST c_ecTestKey_QsX = {{32, {
0x17,0xad,0x2f,0xcb,0x18,0xd4,0xdb,0x3f,0x2c,0x53,0x13,0x82,0x42,0x97,0xff,0x8d,
0x99,0x50,0x16,0x02,0x35,0xa7,0x06,0xae,0x1f,0xda,0xe2,0x9c,0x12,0x77,0xc0,0xf9}}};
const TPM2B_EC_TEST c_ecTestKey_QsY = {{32, {
0xa6,0xca,0xf2,0x18,0x45,0x96,0x6e,0x58,0xe6,0x72,0x34,0x12,0x89,0xcd,0xaa,0xad,
0xcb,0x68,0xb2,0x51,0xdc,0x5e,0xd1,0x6d,0x38,0x20,0x35,0x57,0xb2,0xfd,0xc7,0x52}}};
// The ephemeral key
const TPM2B_EC_TEST c_ecTestKey_de = {{32, {
0xb6,0xb5,0x33,0x5c,0xd1,0xee,0x52,0x07,0x99,0xea,0x2e,0x8f,0x8b,0x19,0x18,0x07,
0xc1,0xf8,0xdf,0xdd,0xb8,0x77,0x00,0xc7,0xd6,0x53,0x21,0xed,0x02,0x53,0xee,0xac}}};
const TPM2B_EC_TEST c_ecTestKey_QeX = {{32, {
0xa5,0x1e,0x80,0xd1,0x76,0x3e,0x8b,0x96,0xce,0xcc,0x21,0x82,0xc9,0xa2,0xa2,0xed,
0x47,0x21,0x89,0x53,0x44,0xe9,0xc7,0x92,0xe7,0x31,0x48,0x38,0xe6,0xea,0x93,0x47}}};
const TPM2B_EC_TEST c_ecTestKey_QeY = {{32, {
0x30,0xe6,0x4f,0x97,0x03,0xa1,0xcb,0x3b,0x32,0x2a,0x70,0x39,0x94,0xeb,0x4e,0xea,
0x55,0x88,0x81,0x3f,0xb5,0x00,0xb8,0x54,0x25,0xab,0xd4,0xda,0xfd,0x53,0x7a,0x18}}};
// ECDH test results
const TPM2B_EC_TEST c_ecTestEcdh_X = {{32, {
0x64,0x02,0x68,0x92,0x78,0xdb,0x33,0x52,0xed,0x3b,0xfa,0x3b,0x74,0xa3,0x3d,0x2c,
0x2f,0x9c,0x59,0x03,0x07,0xf8,0x22,0x90,0xed,0xe3,0x45,0xf8,0x2a,0x0a,0xd8,0x1d}}};
const TPM2B_EC_TEST c_ecTestEcdh_Y = {{32, {
0x58,0x94,0x05,0x82,0xbe,0x5f,0x33,0x02,0x25,0x90,0x3a,0x33,0x90,0x89,0xe3,0xe5,
0x10,0x4a,0xbc,0x78,0xa5,0xc5,0x07,0x64,0xaf,0x91,0xbc,0xe6,0xff,0x85,0x11,0x40}}};
TPM2B_TYPE(TEST_VALUE, 64);
const TPM2B_TEST_VALUE c_ecTestValue = {{64, {
0x78,0xd5,0xd4,0x56,0x43,0x61,0xdb,0x97,0xa4,0x32,0xc4,0x0b,0x06,0xa9,0xa8,0xa0,
0xf4,0x45,0x7f,0x13,0xd8,0x13,0x81,0x0b,0xe5,0x76,0xbe,0xaa,0xb6,0x3f,0x8d,0x4d,
0x23,0x65,0xcc,0xa7,0xc9,0x19,0x10,0xce,0x69,0xcb,0x0c,0xc7,0x11,0x8d,0xc3,0xff,
0x62,0x69,0xa2,0xbe,0x46,0x90,0xe7,0x7d,0x81,0x77,0x94,0x65,0x1c,0x3e,0xc1,0x3e}}};
#if ALG_SHA1_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0x57,0xf3,0x36,0xb7,0xec,0xc2,0xdd,0x76,0x0e,0xe2,0x81,0x21,0x49,0xc5,0x66,0x11,
0x4b,0x8a,0x4f,0x17,0x62,0x82,0xcc,0x06,0xf6,0x64,0x78,0xef,0x6b,0x7c,0xf2,0x6c}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32, {
0x1b,0xed,0x23,0x72,0x8f,0x17,0x5f,0x47,0x2e,0xa7,0x97,0x2c,0x51,0x57,0x20,0x70,
0x6f,0x89,0x74,0x8a,0xa8,0xf4,0x26,0xf4,0x96,0xa1,0xb8,0x3e,0xe5,0x35,0xc5,0x94}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32,{
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x1b,0x08,0x9f,0xde,
0xef,0x62,0xe3,0xf1,0x14,0xcb,0x54,0x28,0x13,0x76,0xfc,0x6d,0x69,0x22,0xb5,0x3e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0xd9,0xd3,0x20,0xfb,0x4d,0x16,0xf2,0xe6,0xe2,0x45,0x07,0x45,0x1c,0x92,0x92,0x92,
0xa9,0x6b,0x48,0xf8,0xd1,0x98,0x29,0x4d,0xd3,0x8f,0x56,0xf2,0xbb,0x2e,0x22,0x3b}}};
#endif // SHA1
#if ALG_SHA256_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0x04,0x7d,0x54,0xeb,0x04,0x6f,0x56,0xec,0xa2,0x6c,0x38,0x8c,0xeb,0x43,0x0b,0x71,
0xf8,0xf2,0xf4,0xa5,0xe0,0x1d,0x3c,0xa2,0x39,0x31,0xe4,0xe7,0x36,0x3b,0xb5,0x5f}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32, {
0x8f,0xd0,0x12,0xd9,0x24,0x75,0xf6,0xc4,0x3b,0xb5,0x46,0x75,0x3a,0x41,0x8d,0x80,
0x23,0x99,0x38,0xd7,0xe2,0x40,0xca,0x9a,0x19,0x2a,0xfc,0x54,0x75,0xd3,0x4a,0x6e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32, {
0xf7,0xb9,0x15,0x4c,0x34,0xf6,0x41,0x19,0xa3,0xd2,0xf1,0xbd,0xf4,0x13,0x6a,0x4f,
0x63,0xb8,0x4d,0xb5,0xc8,0xcd,0xde,0x85,0x95,0xa5,0x39,0x0a,0x14,0x49,0x3d,0x2f}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0xfe,0xbe,0x17,0xaa,0x31,0x22,0x9f,0xd0,0xd2,0xf5,0x25,0x04,0x92,0xb0,0xaa,0x4e,
0xcc,0x1c,0xb6,0x79,0xd6,0x42,0xb3,0x4e,0x3f,0xbb,0xfe,0x5f,0xd0,0xd0,0x8b,0xc3}}};
#endif // SHA256
#if ALG_SHA384_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0xf5,0x74,0x6d,0xd6,0xc6,0x56,0x86,0xbb,0xba,0x1c,0xba,0x75,0x65,0xee,0x64,0x31,
0xce,0x04,0xe3,0x9f,0x24,0x3f,0xbd,0xfe,0x04,0xcd,0xab,0x7e,0xfe,0xad,0xcb,0x82}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32, {
0xc2,0x4f,0x32,0xa1,0x06,0xc0,0x85,0x4f,0xc6,0xd8,0x31,0x66,0x91,0x9f,0x79,0xcd,
0x5b,0xe5,0x7b,0x94,0xa1,0x91,0x38,0xac,0xd4,0x20,0xa2,0x10,0xf0,0xd5,0x9d,0xbf}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32, {
0x1e,0xb8,0xe1,0xbf,0xa1,0x9e,0x39,0x1e,0x58,0xa2,0xe6,0x59,0xd0,0x1a,0x6a,0x03,
0x6a,0x1f,0x1c,0x4f,0x36,0x19,0xc1,0xec,0x30,0xa4,0x85,0x1b,0xe9,0x74,0x35,0x66}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0xb9,0xe6,0xe3,0x7e,0xcb,0xb9,0xea,0xf1,0xcc,0xf4,0x48,0x44,0x4a,0xda,0xc8,0xd7,
0x87,0xb4,0xba,0x40,0xfe,0x5b,0x68,0x11,0x14,0xcf,0xa0,0x0e,0x85,0x46,0x99,0x01}}};
#endif // SHA384
#if ALG_SHA512_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0xc9,0x71,0xa6,0xb4,0xaf,0x46,0x26,0x8c,0x27,0x00,0x06,0x3b,0x00,0x0f,0xa3,0x17,
0x72,0x48,0x40,0x49,0x4d,0x51,0x4f,0xa4,0xcb,0x7e,0x86,0xe9,0xe7,0xb4,0x79,0xb2}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32,{
0x87,0xbc,0xc0,0xed,0x74,0x60,0x9e,0xfa,0x4e,0xe8,0x16,0xf3,0xf9,0x6b,0x26,0x07,
0x3c,0x74,0x31,0x7e,0xf0,0x62,0x46,0xdc,0xd6,0x45,0x22,0x47,0x3e,0x0c,0xa0,0x02}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32,{
0xcc,0x07,0xad,0x65,0x91,0xdd,0xa0,0x10,0x23,0xae,0x53,0xec,0xdf,0xf1,0x50,0x90,
0x16,0x96,0xf4,0x45,0x09,0x73,0x9c,0x84,0xb5,0x5c,0x5f,0x08,0x51,0xcb,0x60,0x01}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0x55,0x20,0x21,0x54,0xe2,0x49,0x07,0x47,0x71,0xf4,0x99,0x15,0x54,0xf3,0xab,0x14,
0xdb,0x8e,0xda,0x79,0xb6,0x02,0x0e,0xe3,0x5e,0x6f,0x2c,0xb6,0x05,0xbd,0x14,0x10}}};
#endif // SHA512
#endif // SELF_TEST_DATA
// The "static" key
const TPM2B_EC_TEST c_ecTestKey_ds = {
{32, {0xdf, 0x8d, 0xa4, 0xa3, 0x88, 0xf6, 0x76, 0x96, 0x89, 0xfc, 0x2f,
0x2d, 0xa1, 0xb4, 0x39, 0x7a, 0x78, 0xc4, 0x7f, 0x71, 0x8c, 0xa6,
0x91, 0x85, 0xc0, 0xbf, 0xf3, 0x54, 0x20, 0x91, 0x2f, 0x73}}};
const TPM2B_EC_TEST c_ecTestKey_QsX = {
{32, {0x17, 0xad, 0x2f, 0xcb, 0x18, 0xd4, 0xdb, 0x3f, 0x2c, 0x53, 0x13,
0x82, 0x42, 0x97, 0xff, 0x8d, 0x99, 0x50, 0x16, 0x02, 0x35, 0xa7,
0x06, 0xae, 0x1f, 0xda, 0xe2, 0x9c, 0x12, 0x77, 0xc0, 0xf9}}};
const TPM2B_EC_TEST c_ecTestKey_QsY = {
{32, {0xa6, 0xca, 0xf2, 0x18, 0x45, 0x96, 0x6e, 0x58, 0xe6, 0x72, 0x34,
0x12, 0x89, 0xcd, 0xaa, 0xad, 0xcb, 0x68, 0xb2, 0x51, 0xdc, 0x5e,
0xd1, 0x6d, 0x38, 0x20, 0x35, 0x57, 0xb2, 0xfd, 0xc7, 0x52}}};
// The "ephemeral" key
const TPM2B_EC_TEST c_ecTestKey_de = {
{32, {0xb6, 0xb5, 0x33, 0x5c, 0xd1, 0xee, 0x52, 0x07, 0x99, 0xea, 0x2e,
0x8f, 0x8b, 0x19, 0x18, 0x07, 0xc1, 0xf8, 0xdf, 0xdd, 0xb8, 0x77,
0x00, 0xc7, 0xd6, 0x53, 0x21, 0xed, 0x02, 0x53, 0xee, 0xac}}};
const TPM2B_EC_TEST c_ecTestKey_QeX = {
{32, {0xa5, 0x1e, 0x80, 0xd1, 0x76, 0x3e, 0x8b, 0x96, 0xce, 0xcc, 0x21,
0x82, 0xc9, 0xa2, 0xa2, 0xed, 0x47, 0x21, 0x89, 0x53, 0x44, 0xe9,
0xc7, 0x92, 0xe7, 0x31, 0x48, 0x38, 0xe6, 0xea, 0x93, 0x47}}};
const TPM2B_EC_TEST c_ecTestKey_QeY = {
{32, {0x30, 0xe6, 0x4f, 0x97, 0x03, 0xa1, 0xcb, 0x3b, 0x32, 0x2a, 0x70,
0x39, 0x94, 0xeb, 0x4e, 0xea, 0x55, 0x88, 0x81, 0x3f, 0xb5, 0x00,
0xb8, 0x54, 0x25, 0xab, 0xd4, 0xda, 0xfd, 0x53, 0x7a, 0x18}}};
// ECDH test results
const TPM2B_EC_TEST c_ecTestEcdh_X = {
{32, {0x64, 0x02, 0x68, 0x92, 0x78, 0xdb, 0x33, 0x52, 0xed, 0x3b, 0xfa,
0x3b, 0x74, 0xa3, 0x3d, 0x2c, 0x2f, 0x9c, 0x59, 0x03, 0x07, 0xf8,
0x22, 0x90, 0xed, 0xe3, 0x45, 0xf8, 0x2a, 0x0a, 0xd8, 0x1d}}};
const TPM2B_EC_TEST c_ecTestEcdh_Y = {
{32, {0x58, 0x94, 0x05, 0x82, 0xbe, 0x5f, 0x33, 0x02, 0x25, 0x90, 0x3a,
0x33, 0x90, 0x89, 0xe3, 0xe5, 0x10, 0x4a, 0xbc, 0x78, 0xa5, 0xc5,
0x07, 0x64, 0xaf, 0x91, 0xbc, 0xe6, 0xff, 0x85, 0x11, 0x40}}};
TPM2B_TYPE(TEST_VALUE, 64);
const TPM2B_TEST_VALUE c_ecTestValue = {
{64,
{0x78, 0xd5, 0xd4, 0x56, 0x43, 0x61, 0xdb, 0x97, 0xa4, 0x32, 0xc4, 0x0b, 0x06,
0xa9, 0xa8, 0xa0, 0xf4, 0x45, 0x7f, 0x13, 0xd8, 0x13, 0x81, 0x0b, 0xe5, 0x76,
0xbe, 0xaa, 0xb6, 0x3f, 0x8d, 0x4d, 0x23, 0x65, 0xcc, 0xa7, 0xc9, 0x19, 0x10,
0xce, 0x69, 0xcb, 0x0c, 0xc7, 0x11, 0x8d, 0xc3, 0xff, 0x62, 0x69, 0xa2, 0xbe,
0x46, 0x90, 0xe7, 0x7d, 0x81, 0x77, 0x94, 0x65, 0x1c, 0x3e, 0xc1, 0x3e}}};
# if ALG_SHA1_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0x57, 0xf3, 0x36, 0xb7, 0xec, 0xc2, 0xdd, 0x76, 0x0e, 0xe2, 0x81,
0x21, 0x49, 0xc5, 0x66, 0x11, 0x4b, 0x8a, 0x4f, 0x17, 0x62, 0x82,
0xcc, 0x06, 0xf6, 0x64, 0x78, 0xef, 0x6b, 0x7c, 0xf2, 0x6c}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0x1b, 0xed, 0x23, 0x72, 0x8f, 0x17, 0x5f, 0x47, 0x2e, 0xa7, 0x97,
0x2c, 0x51, 0x57, 0x20, 0x70, 0x6f, 0x89, 0x74, 0x8a, 0xa8, 0xf4,
0x26, 0xf4, 0x96, 0xa1, 0xb8, 0x3e, 0xe5, 0x35, 0xc5, 0x94}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x1b, 0x08, 0x9f, 0xde, 0xef, 0x62, 0xe3, 0xf1, 0x14, 0xcb,
0x54, 0x28, 0x13, 0x76, 0xfc, 0x6d, 0x69, 0x22, 0xb5, 0x3e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0xd9, 0xd3, 0x20, 0xfb, 0x4d, 0x16, 0xf2, 0xe6, 0xe2, 0x45, 0x07,
0x45, 0x1c, 0x92, 0x92, 0x92, 0xa9, 0x6b, 0x48, 0xf8, 0xd1, 0x98,
0x29, 0x4d, 0xd3, 0x8f, 0x56, 0xf2, 0xbb, 0x2e, 0x22, 0x3b}}};
# endif // SHA1
# if ALG_SHA256_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0x04, 0x7d, 0x54, 0xeb, 0x04, 0x6f, 0x56, 0xec, 0xa2, 0x6c, 0x38,
0x8c, 0xeb, 0x43, 0x0b, 0x71, 0xf8, 0xf2, 0xf4, 0xa5, 0xe0, 0x1d,
0x3c, 0xa2, 0x39, 0x31, 0xe4, 0xe7, 0x36, 0x3b, 0xb5, 0x5f}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0x8f, 0xd0, 0x12, 0xd9, 0x24, 0x75, 0xf6, 0xc4, 0x3b, 0xb5, 0x46,
0x75, 0x3a, 0x41, 0x8d, 0x80, 0x23, 0x99, 0x38, 0xd7, 0xe2, 0x40,
0xca, 0x9a, 0x19, 0x2a, 0xfc, 0x54, 0x75, 0xd3, 0x4a, 0x6e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0xf7, 0xb9, 0x15, 0x4c, 0x34, 0xf6, 0x41, 0x19, 0xa3, 0xd2, 0xf1,
0xbd, 0xf4, 0x13, 0x6a, 0x4f, 0x63, 0xb8, 0x4d, 0xb5, 0xc8, 0xcd,
0xde, 0x85, 0x95, 0xa5, 0x39, 0x0a, 0x14, 0x49, 0x3d, 0x2f}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0xfe, 0xbe, 0x17, 0xaa, 0x31, 0x22, 0x9f, 0xd0, 0xd2, 0xf5, 0x25,
0x04, 0x92, 0xb0, 0xaa, 0x4e, 0xcc, 0x1c, 0xb6, 0x79, 0xd6, 0x42,
0xb3, 0x4e, 0x3f, 0xbb, 0xfe, 0x5f, 0xd0, 0xd0, 0x8b, 0xc3}}};
# endif // SHA256
# if ALG_SHA384_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0xf5, 0x74, 0x6d, 0xd6, 0xc6, 0x56, 0x86, 0xbb, 0xba, 0x1c, 0xba,
0x75, 0x65, 0xee, 0x64, 0x31, 0xce, 0x04, 0xe3, 0x9f, 0x24, 0x3f,
0xbd, 0xfe, 0x04, 0xcd, 0xab, 0x7e, 0xfe, 0xad, 0xcb, 0x82}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0xc2, 0x4f, 0x32, 0xa1, 0x06, 0xc0, 0x85, 0x4f, 0xc6, 0xd8, 0x31,
0x66, 0x91, 0x9f, 0x79, 0xcd, 0x5b, 0xe5, 0x7b, 0x94, 0xa1, 0x91,
0x38, 0xac, 0xd4, 0x20, 0xa2, 0x10, 0xf0, 0xd5, 0x9d, 0xbf}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0x1e, 0xb8, 0xe1, 0xbf, 0xa1, 0x9e, 0x39, 0x1e, 0x58, 0xa2, 0xe6,
0x59, 0xd0, 0x1a, 0x6a, 0x03, 0x6a, 0x1f, 0x1c, 0x4f, 0x36, 0x19,
0xc1, 0xec, 0x30, 0xa4, 0x85, 0x1b, 0xe9, 0x74, 0x35, 0x66}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0xb9, 0xe6, 0xe3, 0x7e, 0xcb, 0xb9, 0xea, 0xf1, 0xcc, 0xf4, 0x48,
0x44, 0x4a, 0xda, 0xc8, 0xd7, 0x87, 0xb4, 0xba, 0x40, 0xfe, 0x5b,
0x68, 0x11, 0x14, 0xcf, 0xa0, 0x0e, 0x85, 0x46, 0x99, 0x01}}};
# endif // SHA384
# if ALG_SHA512_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0xc9, 0x71, 0xa6, 0xb4, 0xaf, 0x46, 0x26, 0x8c, 0x27, 0x00, 0x06,
0x3b, 0x00, 0x0f, 0xa3, 0x17, 0x72, 0x48, 0x40, 0x49, 0x4d, 0x51,
0x4f, 0xa4, 0xcb, 0x7e, 0x86, 0xe9, 0xe7, 0xb4, 0x79, 0xb2}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0x87, 0xbc, 0xc0, 0xed, 0x74, 0x60, 0x9e, 0xfa, 0x4e, 0xe8, 0x16,
0xf3, 0xf9, 0x6b, 0x26, 0x07, 0x3c, 0x74, 0x31, 0x7e, 0xf0, 0x62,
0x46, 0xdc, 0xd6, 0x45, 0x22, 0x47, 0x3e, 0x0c, 0xa0, 0x02}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0xcc, 0x07, 0xad, 0x65, 0x91, 0xdd, 0xa0, 0x10, 0x23, 0xae, 0x53,
0xec, 0xdf, 0xf1, 0x50, 0x90, 0x16, 0x96, 0xf4, 0x45, 0x09, 0x73,
0x9c, 0x84, 0xb5, 0x5c, 0x5f, 0x08, 0x51, 0xcb, 0x60, 0x01}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0x55, 0x20, 0x21, 0x54, 0xe2, 0x49, 0x07, 0x47, 0x71, 0xf4, 0x99,
0x15, 0x54, 0xf3, 0xab, 0x14, 0xdb, 0x8e, 0xda, 0x79, 0xb6, 0x02,
0x0e, 0xe3, 0x5e, 0x6f, 0x2c, 0xb6, 0x05, 0xbd, 0x14, 0x10}}};
# endif // SHA512
#endif // SELF_TEST_DATA

36
src/tpm2/EncryptDecrypt2_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 146 */
#ifndef ENCRYPTDECRYPT2_FP_H
#define ENCRYPTDECRYPT2_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EncryptDecrypt2 // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
TPM2B_MAX_BUFFER inData;
TPMI_YES_NO decrypt;
@ -72,22 +77,23 @@ typedef struct {
TPM2B_IV ivIn;
} EncryptDecrypt2_In;
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER outData;
TPM2B_IV ivOut;
} EncryptDecrypt2_Out;
// Response code modifiers
# define RC_EncryptDecrypt2_keyHandle (TPM_RC_H + TPM_RC_1)
# define RC_EncryptDecrypt2_inData (TPM_RC_P + TPM_RC_1)
# define RC_EncryptDecrypt2_decrypt (TPM_RC_P + TPM_RC_2)
# define RC_EncryptDecrypt2_mode (TPM_RC_P + TPM_RC_3)
# define RC_EncryptDecrypt2_ivIn (TPM_RC_P + TPM_RC_4)
typedef struct {
TPM2B_MAX_BUFFER outData;
TPM2B_IV ivOut;
} EncryptDecrypt2_Out;
// Function prototype
TPM_RC
TPM2_EncryptDecrypt2(
EncryptDecrypt2_In *in, // IN: input parameter list
EncryptDecrypt2_Out *out // OUT: output parameter list
);
TPM2_EncryptDecrypt2(EncryptDecrypt2_In* in, EncryptDecrypt2_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
#endif // CC_EncryptDecrypt2

36
src/tpm2/EncryptDecrypt_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ENCRYPTDECRYPT_FP_H
#define ENCRYPTDECRYPT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EncryptDecrypt // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
TPMI_YES_NO decrypt;
TPMI_ALG_CIPHER_MODE mode;
@ -72,22 +77,23 @@ typedef struct {
TPM2B_MAX_BUFFER inData;
} EncryptDecrypt_In;
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER outData;
TPM2B_IV ivOut;
} EncryptDecrypt_Out;
// Response code modifiers
# define RC_EncryptDecrypt_keyHandle (TPM_RC_H + TPM_RC_1)
# define RC_EncryptDecrypt_decrypt (TPM_RC_P + TPM_RC_1)
# define RC_EncryptDecrypt_mode (TPM_RC_P + TPM_RC_2)
# define RC_EncryptDecrypt_ivIn (TPM_RC_P + TPM_RC_3)
# define RC_EncryptDecrypt_inData (TPM_RC_P + TPM_RC_4)
typedef struct {
TPM2B_MAX_BUFFER outData;
TPM2B_IV ivOut;
} EncryptDecrypt_Out;
// Function prototype
TPM_RC
TPM2_EncryptDecrypt(
EncryptDecrypt_In *in, // IN: input parameter list
EncryptDecrypt_Out *out // OUT: output parameter list
);
TPM2_EncryptDecrypt(EncryptDecrypt_In* in, EncryptDecrypt_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
#endif // CC_EncryptDecrypt

64
src/tpm2/EncryptDecrypt_spt.c
View File

@ -59,25 +59,30 @@
/* */
/********************************************************************************/
/* 7.7 Encrypt Decrypt Support (EncryptDecrypt_spt.c) */
#include "Tpm.h"
#include "EncryptDecrypt_fp.h"
#include "EncryptDecrypt_spt_fp.h"
#if CC_EncryptDecrypt2
/* Error Returns Meaning */
/* TPM_RC_KEY is not a symmetric decryption key with both public and private portions loaded */
/* TPM_RC_SIZE IvIn size is incompatible with the block cipher mode; or inData size is not an even
multiple of the block size for CBC or ECB mode */
/* TPM_RC_VALUE keyHandle is restricted and the argument mode does not match the key's mode */
/*(See part 3 specification)
// symmetric encryption or decryption
*/
// Return Type: TPM_RC
// TPM_RC_KEY is not a symmetric decryption key with both
// public and private portions loaded
// TPM_RC_SIZE 'IvIn' size is incompatible with the block cipher mode;
// or 'inData' size is not an even multiple of the block
// size for CBC or ECB mode
// TPM_RC_VALUE 'keyHandle' is restricted and the argument 'mode' does
// not match the key's mode
TPM_RC
EncryptDecryptShared(
TPMI_DH_OBJECT keyHandleIn,
EncryptDecryptShared(TPMI_DH_OBJECT keyHandleIn,
TPMI_YES_NO decryptIn,
TPMI_ALG_SYM_MODE modeIn,
TPM2B_IV* ivIn,
TPM2B_MAX_BUFFER* inData,
EncryptDecrypt_Out *out
)
EncryptDecrypt_Out* out)
{
OBJECT* symKey;
UINT16 keySize;
@ -90,23 +95,26 @@ EncryptDecryptShared(
// Input Validation
symKey = HandleToObject(keyHandleIn);
mode = symKey->publicArea.parameters.symDetail.sym.mode.sym;
// The input key should be a symmetric key
if(symKey->publicArea.type != TPM_ALG_SYMCIPHER)
return TPM_RCS_KEY + RC_EncryptDecrypt_keyHandle;
// The key must be unrestricted and allow the selected operation
OK = !IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
TPMA_OBJECT, restricted);
OK = !IS_ATTRIBUTE(symKey->publicArea.objectAttributes, TPMA_OBJECT, restricted);
if(YES == decryptIn)
OK = OK && IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
TPMA_OBJECT, decrypt);
OK = OK
&& IS_ATTRIBUTE(
symKey->publicArea.objectAttributes, TPMA_OBJECT, decrypt);
else
OK = OK && IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
TPMA_OBJECT, sign);
OK = OK
&& IS_ATTRIBUTE(symKey->publicArea.objectAttributes, TPMA_OBJECT, sign);
if(!OK)
return TPM_RCS_ATTRIBUTES + RC_EncryptDecrypt_keyHandle;
// Make sure that key is an encrypt/decrypt key and not SMAC
if(!CryptSymModeIsValid(mode, TRUE))
return TPM_RCS_MODE + RC_EncryptDecrypt_keyHandle;
// If the key mode is not TPM_ALG_NULL...
// or TPM_ALG_NULL
if(mode != TPM_ALG_NULL)
@ -127,21 +135,26 @@ EncryptDecryptShared(
keySize = symKey->publicArea.parameters.symDetail.sym.keyBits.sym;
alg = symKey->publicArea.parameters.symDetail.sym.algorithm;
blockSize = CryptGetSymmetricBlockSize(alg, keySize);
// reverify the algorithm. This is mainly to keep static analysis tools happy
if(blockSize == 0)
return TPM_RCS_KEY + RC_EncryptDecrypt_keyHandle;
if(((mode == TPM_ALG_ECB) && (ivIn->t.size != 0))
|| ((mode != TPM_ALG_ECB) && (ivIn->t.size != blockSize)))
return TPM_RCS_SIZE + RC_EncryptDecrypt_ivIn;
// The input data size of CBC mode or ECB mode must be an even multiple of
// the symmetric algorithm's block size
if(((mode == TPM_ALG_CBC) || (mode == TPM_ALG_ECB))
&& ((inData->t.size % blockSize) != 0))
return TPM_RCS_SIZE + RC_EncryptDecrypt_inData;
// Copy IV
// Note: This is copied here so that the calls to the encrypt/decrypt functions
// will modify the output buffer, not the input buffer
out->ivOut = *ivIn;
// Command Output
key = symKey->sensitive.sensitive.sym.t.buffer;
// For symmetric encryption, the cipher data size is the same as plain data
@ -150,17 +163,28 @@ EncryptDecryptShared(
if(decryptIn == YES)
{
// Decrypt data to output
result = CryptSymmetricDecrypt(out->outData.t.buffer, alg, keySize, key,
&(out->ivOut), mode, inData->t.size,
result = CryptSymmetricDecrypt(out->outData.t.buffer,
alg,
keySize,
key,
&(out->ivOut),
mode,
inData->t.size,
inData->t.buffer);
}
else
{
// Encrypt data to output
result = CryptSymmetricEncrypt(out->outData.t.buffer, alg, keySize, key,
&(out->ivOut), mode, inData->t.size,
result = CryptSymmetricEncrypt(out->outData.t.buffer,
alg,
keySize,
key,
&(out->ivOut),
mode,
inData->t.size,
inData->t.buffer);
}
return result;
}
#endif // CC_EncryptDecrypt

28
src/tpm2/EncryptDecrypt_spt_fp.h
View File

@ -59,17 +59,31 @@
/* */
/********************************************************************************/
#ifndef ENCRYPTDECRYPT_SPT_FP_H
#define ENCRYPTDECRYPT_SPT_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:18PM
*/
#ifndef _ENCRYPT_DECRYPT_SPT_FP_H_
#define _ENCRYPT_DECRYPT_SPT_FP_H_
#if CC_EncryptDecrypt2
// Return Type: TPM_RC
// TPM_RC_KEY is not a symmetric decryption key with both
// public and private portions loaded
// TPM_RC_SIZE 'IvIn' size is incompatible with the block cipher mode;
// or 'inData' size is not an even multiple of the block
// size for CBC or ECB mode
// TPM_RC_VALUE 'keyHandle' is restricted and the argument 'mode' does
// not match the key's mode
TPM_RC
EncryptDecryptShared(
TPMI_DH_OBJECT keyHandleIn,
EncryptDecryptShared(TPMI_DH_OBJECT keyHandleIn,
TPMI_YES_NO decryptIn,
TPMI_ALG_SYM_MODE modeIn,
TPM2B_IV* ivIn,
TPM2B_MAX_BUFFER* inData,
EncryptDecrypt_Out *out
);
EncryptDecrypt_Out* out);
#endif // CC_EncryptDecrypt
#endif
#endif // _ENCRYPT_DECRYPT_SPT_FP_H_

69
src/tpm2/Entity_fp.h
View File

@ -59,32 +59,71 @@
/* */
/********************************************************************************/
#ifndef ENTITY_FP_H
#define ENTITY_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 7, 2020 Time: 07:19:36PM
*/
#ifndef _ENTITY_FP_H_
#define _ENTITY_FP_H_
//** Functions
//*** EntityGetLoadStatus()
// This function will check that all the handles access loaded entities.
// Return Type: TPM_RC
// TPM_RC_HANDLE handle type does not match
// TPM_RC_REFERENCE_Hx entity is not present
// TPM_RC_HIERARCHY entity belongs to a disabled hierarchy
// TPM_RC_OBJECT_MEMORY handle is an evict object but there is no
// space to load it to RAM
TPM_RC
EntityGetLoadStatus(
COMMAND *command // IN/OUT: command parsing structure
EntityGetLoadStatus(COMMAND* command // IN/OUT: command parsing structure
);
//*** EntityGetAuthValue()
// This function is used to access the 'authValue' associated with a handle.
// This function assumes that the handle references an entity that is accessible
// and the handle is not for a persistent objects. That is EntityGetLoadStatus()
// should have been called. Also, the accessibility of the authValue should have
// been verified by IsAuthValueAvailable().
//
// This function copies the authorization value of the entity to 'auth'.
// Return Type: UINT16
// count number of bytes in the authValue with 0's stripped
UINT16
EntityGetAuthValue(
TPMI_DH_ENTITY handle, // IN: handle of entity
EntityGetAuthValue(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_AUTH* auth // OUT: authValue of the entity
);
//*** EntityGetAuthPolicy()
// This function is used to access the 'authPolicy' associated with a handle.
// This function assumes that the handle references an entity that is accessible
// and the handle is not for a persistent objects. That is EntityGetLoadStatus()
// should have been called. Also, the accessibility of the authPolicy should have
// been verified by IsAuthPolicyAvailable().
//
// This function copies the authorization policy of the entity to 'authPolicy'.
//
// The return value is the hash algorithm for the policy.
TPMI_ALG_HASH
EntityGetAuthPolicy(
TPMI_DH_ENTITY handle, // IN: handle of entity
EntityGetAuthPolicy(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_DIGEST* authPolicy // OUT: authPolicy of the entity
);
TPM2B_NAME *
EntityGetName(
TPMI_DH_ENTITY handle, // IN: handle of entity
//*** EntityGetName()
// This function returns the Name associated with a handle.
TPM2B_NAME* EntityGetName(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_NAME* name // OUT: name of entity
);
//*** EntityGetHierarchy()
// This function returns the hierarchy handle associated with an entity.
// a) A handle that is a hierarchy handle is associated with itself.
// b) An NV index belongs to TPM_RH_PLATFORM if TPMA_NV_PLATFORMCREATE,
// is SET, otherwise it belongs to TPM_RH_OWNER
// c) An object handle belongs to its hierarchy.
TPMI_RH_HIERARCHY
EntityGetHierarchy(
TPMI_DH_ENTITY handle // IN :handle of entity
EntityGetHierarchy(TPMI_DH_ENTITY handle // IN :handle of entity
);
#endif
#endif // _ENTITY_FP_H_

82
src/tpm2/Entropy.c
View File

@ -59,8 +59,8 @@
/* */
/********************************************************************************/
/* C.4 Entropy.c */
/* C.4.1. Includes and Local values*/
//** Includes and Local Values
#define _CRT_RAND_S
#include <stdlib.h>
#include <memory.h>
@ -70,29 +70,29 @@
#include <time.h>
#include "Platform.h"
#if defined _MSC_VER || defined _MINGW
#if defined _MSC_VER || defined _MINGW // libtpms changed
# include <process.h>
#else
# include <unistd.h>
#endif
/* This is the last 32-bits of hardware entropy produced. We have to check to see that two
consecutive 32-bit values are not the same because (according to FIPS 140-2, annex C */
/* "If each call to a RNG produces blocks of n bits (where n > 15), the first n-bit block generated
after power-up, initialization, or reset shall not be used, but shall be saved for comparison
with the next n-bit block to be generated. Each subsequent generation of an n-bit block shall be
compared with the previously generated block. The test shall fail if any two compared n-bit
blocks are equal." */
// This is the last 32-bits of hardware entropy produced. We have to check to
// see that two consecutive 32-bit values are not the same because
// according to FIPS 140-2, annex C:
//
// "If each call to an RNG produces blocks of n bits (where n > 15), the first
// n-bit block generated after power-up, initialization, or reset shall not be
// used, but shall be saved for comparison with the next n-bit block to be
// generated. Each subsequent generation of an n-bit block shall be compared with
// the previously generated block. The test shall fail if any two compared n-bit
// blocks are equal."
extern uint32_t lastEntropy;
/* C.4.2. Functions */
/* C.4.2.1. rand32() */
/* Local function to get a 32-bit random number */
//** Functions
static uint32_t
rand32(
void
)
//*** rand32()
// Local function to get a 32-bit random number
static uint32_t rand32(void)
{
uint32_t rndNum = rand();
#if RAND_MAX < UINT16_MAX
@ -111,15 +111,15 @@ rand32(
return rndNum;
}
/* C.4.2.2 _plat__GetEntropy() */
/* This function is used to get available hardware entropy. In a hardware implementation of this
function, there would be no call to the system to get entropy. */
/* Return Values Meaning */
/* < 0 hardware failure of the entropy generator, this is sticky */
/* >= 0 the returned amount of entropy (bytes) */
LIB_EXPORT int32_t
_plat__GetEntropy(
unsigned char *entropy, // output buffer
//*** _plat__GetEntropy()
// This function is used to get available hardware entropy. In a hardware
// implementation of this function, there would be no call to the system
// to get entropy.
// Return Type: int32_t
// < 0 hardware failure of the entropy generator, this is sticky
// >= 0 the returned amount of entropy (bytes)
//
LIB_EXPORT int32_t _plat__GetEntropy(unsigned char* entropy, // output buffer
uint32_t amount // amount requested
)
{
@ -134,21 +134,21 @@ _plat__GetEntropy(
if(amount == 0)
{
// Seed the platform entropy source if the entropy source is software. There is
// no reason to put a guard macro (#if or #ifdef) around this code because this
// code would not be here if someone was changing it for a system with actual
// hardware.
// Seed the platform entropy source if the entropy source is software. There
// is no reason to put a guard macro (#if or #ifdef) around this code because
// this code would not be here if someone was changing it for a system with
// actual hardware.
//
// NOTE 1: The following command does not provide proper cryptographic entropy.
// Its primary purpose to make sure that different instances of the simulator,
// possibly started by a script on the same machine, are seeded differently.
// Vendors of the actual TPMs need to ensure availability of proper entropy
// using their platform specific means.
// NOTE 1: The following command does not provide proper cryptographic
// entropy. Its primary purpose to make sure that different instances of the
// simulator, possibly started by a script on the same machine, are seeded
// differently. Vendors of the actual TPMs need to ensure availability of
// proper entropy using their platform-specific means.
//
// NOTE 2: In debug builds by default the reference implementation will seed
// its RNG deterministically (without using any platform provided randomness).
// See the USE_DEBUG_RNG macro and DRBG_GetEntropy() function.
#if defined _MSC_VER || defined _MINGW
#if defined _MSC_VER || defined _MINGW // libtpms changed
srand((unsigned)_plat__RealTime() ^ _getpid());
#else
srand((unsigned)_plat__RealTime() ^ getpid());
@ -166,14 +166,15 @@ _plat__GetEntropy(
else
{
lastEntropy = rndNum;
// Each process will have its random number generator initialized according
// to the process id and the initialization time. This is not a lot of
// entropy so, to add a bit more, XOR the current time value into the
// returned entropy value.
// Each process will have its random number generator initialized
// according to the process id and the initialization time. This is not a
// lot of entropy so, to add a bit more, XOR the current time value into
// the returned entropy value.
// NOTE: the reason for including the time here rather than have it in
// in the value assigned to lastEntropy is that rand() could be broken and
// using the time would in the lastEntropy value would hide this.
rndNum ^= (uint32_t)_plat__RealTime();
// Only provide entropy 32 bits at a time to test the ability
// of the caller to deal with partial results.
ret = MIN(amount, sizeof(rndNum));
@ -182,4 +183,3 @@ _plat__GetEntropy(
}
return ret;
}

35
src/tpm2/EventSequenceComplete_fp.h
View File

@ -59,30 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef EVENTSEQUENCECOMPLETE_FP_H
#define EVENTSEQUENCECOMPLETE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EventSequenceComplete // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_PCR pcrHandle;
TPMI_DH_OBJECT sequenceHandle;
TPM2B_MAX_BUFFER buffer;
} EventSequenceComplete_In;
// Output structure definition
typedef struct
{
TPML_DIGEST_VALUES results;
} EventSequenceComplete_Out;
// Response code modifiers
# define RC_EventSequenceComplete_pcrHandle (TPM_RC_H + TPM_RC_1)
# define RC_EventSequenceComplete_sequenceHandle (TPM_RC_H + TPM_RC_2)
# define RC_EventSequenceComplete_buffer (TPM_RC_P + TPM_RC_1)
typedef struct {
TPML_DIGEST_VALUES results;
} EventSequenceComplete_Out;
// Function prototype
TPM_RC
TPM2_EventSequenceComplete(
EventSequenceComplete_In *in, // IN: input parameter list
EventSequenceComplete_Out *out // OUT: output parameter list
);
TPM2_EventSequenceComplete(EventSequenceComplete_In* in,
EventSequenceComplete_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
#endif // CC_EventSequenceComplete

22
src/tpm2/EvictControl_fp.h
View File

@ -59,24 +59,30 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef EVICTCONTROL_FP_H
#define EVICTCONTROL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EvictControl // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PROVISION auth;
TPMI_DH_OBJECT objectHandle;
TPMI_DH_PERSISTENT persistentHandle;
} EvictControl_In;
// Response code modifiers
# define RC_EvictControl_auth (TPM_RC_H + TPM_RC_1)
# define RC_EvictControl_objectHandle (TPM_RC_H + TPM_RC_2)
# define RC_EvictControl_persistentHandle (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_EvictControl(
EvictControl_In *in // IN: input parameter list
);
TPM2_EvictControl(EvictControl_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
#endif // CC_EvictControl

92
src/tpm2/ExecCommand.c
View File

@ -58,22 +58,32 @@
/* */
/********************************************************************************/
/* 6.2 ExecCommand.c */
/* This file contains the entry function ExecuteCommand() which provides the main control flow for
TPM command execution. */
//** Introduction
//
// This file contains the entry function ExecuteCommand() which provides the main
// control flow for TPM command execution.
//** Includes
#include "Tpm.h"
#include "ExecCommand_fp.h"
#include "Marshal.h"
// TODO_RENAME_INC_FOLDER:platform_interface refers to the TPM_CoreLib platform interface
#include "ExecCommand_fp.h" // libtpms changed
// Uncomment this next #include if doing static command/response buffer sizing
// #include "CommandResponseSizes_fp.h"
#define TPM_HAVE_TPM2_DECLARATIONS
#include "tpm_library_intern.h" // libtpms added
/* Uncomment this next #include if doing static command/response buffer sizing */
// #include "CommandResponseSizes_fp.h"
//** ExecuteCommand()
//
// The function performs the following steps.
//
// a) Parses the command header from input buffer.
// b) Calls ParseHandleBuffer() to parse the handle area of the command.
// c) Validates that each of the handles references a loaded entity.
// d) Calls ParseSessionBuffer() () to:
// d) Calls ParseSessionBuffer () to:
// 1) unmarshal and parse the session area;
// 2) check the authorizations; and
// 3) when necessary, decrypt a parameter.
@ -81,24 +91,29 @@
// 1) unmarshal the command parameters from the command buffer;
// 2) call the routine that performs the command actions; and
// 3) marshal the responses into the response buffer.
// f) If any error occurs in any of the steps above create the error response and return.
// f) If any error occurs in any of the steps above create the error response
// and return.
// g) Calls BuildResponseSession() to:
// 1) when necessary, encrypt a parameter
// 2) build the response authorization sessions
// 3) update the audit sessions and nonces
// h) Calls BuildResponseHeader() to complete the construction of the response.
// responseSize is set by the caller to the maximum number of bytes available in the output
// buffer. ExecuteCommand() will adjust the value and return the number of bytes placed in
// the buffer.
// response is also set by the caller to indicate the buffer into which ExecuteCommand() is
// to place the response.
// request and response may point to the same buffer
// NOTE: As of February, 2016, the failure processing has been moved to the platform-specific
// code. When the TPM code encounters an unrecoverable failure, it will SET g_inFailureMode
// and call _plat__Fail(). That function should not return but may call ExecuteCommand().
LIB_EXPORT void
ExecuteCommand(
//
// 'responseSize' is set by the caller to the maximum number of bytes available in
// the output buffer. ExecuteCommand will adjust the value and return the number
// of bytes placed in the buffer.
//
// 'response' is also set by the caller to indicate the buffer into which
// ExecuteCommand is to place the response.
//
// 'request' and 'response' may point to the same buffer
//
// Note: As of February, 2016, the failure processing has been moved to the
// platform-specific code. When the TPM code encounters an unrecoverable failure, it
// will SET g_inFailureMode and call _plat__Fail(). That function should not return
// but may call ExecuteCommand().
//
LIB_EXPORT void ExecuteCommand(
uint32_t requestSize, // IN: command buffer size
unsigned char* request, // IN: command buffer
uint32_t* responseSize, // IN/OUT: response buffer size
@ -108,6 +123,7 @@ ExecuteCommand(
// Command local variables
UINT32 commandSize;
COMMAND command;
// Response local variables
UINT32 maxResponse = *responseSize;
TPM_RC result; // return code for the command
@ -119,7 +135,7 @@ ExecuteCommand(
}
// This next function call is used in development to size the command and response
// buffers. The values printed are the sizes of the internal structures and
// not the sizes of the canonical forms of he command response structures. Also,
// not the sizes of the canonical forms of the command response structures. Also,
// the sizes do not include the tag, command.code, requestSize, or the authorization
// fields.
//CommandResponseSizes();
@ -142,32 +158,34 @@ ExecuteCommand(
// is not available later when it is necessary to write to NV, then the TPM
// will go into failure mode.
NvCheckState();
// Due to the limitations of the simulation, TPM clock must be explicitly
// synchronized with the system clock whenever a command is received.
// This function call is not necessary in a hardware TPM. However, taking
// a snapshot of the hardware timer at the beginning of the command allows
// the time value to be consistent for the duration of the command execution.
TimeUpdateToCurrent();
// Any command through this function will unceremoniously end the
// _TPM_Hash_Data/_TPM_Hash_End sequence.
if(g_DRTMHandle != TPM_RH_UNASSIGNED)
ObjectTerminateEvent();
// Get command buffer size and command buffer.
command.tag = 0; // libtpms added: Coverity
command.parameterBuffer = request;
command.parameterSize = requestSize;
// Parse command header: tag, commandSize and command.code.
// First parse the tag. The unmarshaling routine will validate
// that it is either TPM_ST_SESSIONS or TPM_ST_NO_SESSIONS.
result = TPMI_ST_COMMAND_TAG_Unmarshal(&command.tag,
&command.parameterBuffer,
&command.parameterSize);
result = TPMI_ST_COMMAND_TAG_Unmarshal(
&command.tag, &command.parameterBuffer, &command.parameterSize);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// Unmarshal the commandSize indicator.
result = UINT32_Unmarshal(&commandSize,
&command.parameterBuffer,
&command.parameterSize);
result = UINT32_Unmarshal(
&commandSize, &command.parameterBuffer, &command.parameterSize);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// On a TPM that receives bytes on a port, the number of bytes that were
@ -183,8 +201,8 @@ ExecuteCommand(
goto Cleanup;
}
// Unmarshal the command code.
result = TPM_CC_Unmarshal(&command.code, &command.parameterBuffer,
&command.parameterSize);
result = TPM_CC_Unmarshal(
&command.code, &command.parameterBuffer, &command.parameterSize);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// Check to see if the command is implemented.
@ -239,13 +257,13 @@ ExecuteCommand(
// the command, then it is an error. NOTE: This check could pass but the
// session size could still be wrong. That will be determined after the
// sessions are unmarshaled.
if(command.authSize < 9
|| command.authSize > command.parameterSize)
if(command.authSize < 9 || command.authSize > command.parameterSize)
{
result = TPM_RC_SIZE;
goto Cleanup;
}
command.parameterSize -= command.authSize;
// The actions of ParseSessionBuffer() are described in the introduction.
// As the sessions are parsed command.parameterBuffer is advanced so, on a
// successful return, command.parameterBuffer should be pointing at the
@ -269,26 +287,29 @@ ExecuteCommand(
//*response = MemoryGetResponseBuffer(command.index);
// leave space for the command header
command.responseBuffer = *response + STD_RESPONSE_HEADER;
// leave space for the parameter size field if needed
if(command.tag == TPM_ST_SESSIONS)
command.responseBuffer += sizeof(UINT32);
if(IsHandleInResponse(command.index))
command.responseBuffer += sizeof(TPM_HANDLE);
// CommandDispatcher returns a response handle buffer and a response parameter
// buffer if it succeeds. It will also set the parameterSize field in the
// buffer if the tag is TPM_RC_SESSIONS.
result = CommandDispatcher(&command);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// Build the session area at the end of the parameter area.
result = BuildResponseSession(&command);
if(result != TPM_RC_SUCCESS)
{
goto Cleanup;
}
Cleanup:
if(g_clearOrderly == TRUE
&& NV_IS_ORDERLY)
if(g_clearOrderly == TRUE && NV_IS_ORDERLY)
{
#if USE_DA_USED
gp.orderlyState = g_daUsed ? SU_DA_USED_VALUE : SU_NONE_VALUE;
@ -302,9 +323,11 @@ ExecuteCommand(
// access to any object is the same. These temporary objects need to be
// cleared from RAM whether the command succeeds or fails.
ObjectCleanupEvict();
// The parameters and sessions have been marshaled. Now tack on the header and
// set the sizes
BuildResponseHeader(&command, *response, result);
// Try to commit all the writes to NV if any NV write happened during this
// command execution. This check should be made for both succeeded and failed
// commands, because a failed one may trigger a NV write in DA logic as well.
@ -319,9 +342,12 @@ ExecuteCommand(
g_updateNV = UT_NONE;
}
pAssert((UINT32)command.parameterSize <= maxResponse);
// Clear unused bits in response buffer.
MemorySet(*response + *responseSize, 0, maxResponse - *responseSize);
// as a final act, and not before, update the response size.
*responseSize = (UINT32)command.parameterSize;
return;
}

51
src/tpm2/ExecCommand_fp.h
View File

@ -59,15 +59,56 @@
/* */
/********************************************************************************/
#ifndef EXECCOMMAND_FP_H
#define EXECCOMMAND_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
LIB_EXPORT void
ExecuteCommand(
#ifndef _EXEC_COMMAND_FP_H_
#define _EXEC_COMMAND_FP_H_
//** ExecuteCommand()
//
// The function performs the following steps.
//
// a) Parses the command header from input buffer.
// b) Calls ParseHandleBuffer() to parse the handle area of the command.
// c) Validates that each of the handles references a loaded entity.
// d) Calls ParseSessionBuffer () to:
// 1) unmarshal and parse the session area;
// 2) check the authorizations; and
// 3) when necessary, decrypt a parameter.
// e) Calls CommandDispatcher() to:
// 1) unmarshal the command parameters from the command buffer;
// 2) call the routine that performs the command actions; and
// 3) marshal the responses into the response buffer.
// f) If any error occurs in any of the steps above create the error response
// and return.
// g) Calls BuildResponseSession() to:
// 1) when necessary, encrypt a parameter
// 2) build the response authorization sessions
// 3) update the audit sessions and nonces
// h) Calls BuildResponseHeader() to complete the construction of the response.
//
// 'responseSize' is set by the caller to the maximum number of bytes available in
// the output buffer. ExecuteCommand will adjust the value and return the number
// of bytes placed in the buffer.
//
// 'response' is also set by the caller to indicate the buffer into which
// ExecuteCommand is to place the response.
//
// 'request' and 'response' may point to the same buffer
//
// Note: As of February, 2016, the failure processing has been moved to the
// platform-specific code. When the TPM code encounters an unrecoverable failure, it
// will SET g_inFailureMode and call _plat__Fail(). That function should not return
// but may call ExecuteCommand().
//
LIB_EXPORT void ExecuteCommand(
uint32_t requestSize, // IN: command buffer size
unsigned char* request, // IN: command buffer
uint32_t* responseSize, // IN/OUT: response buffer size
unsigned char** response // IN/OUT: response buffer
);
#endif
#endif // _EXEC_COMMAND_FP_H_

22
src/tpm2/FlushContext_fp.h
View File

@ -59,20 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef FLUSHCONTEXT_FP_H
#define FLUSHCONTEXT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_FlushContext // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_CONTEXT flushHandle;
} FlushContext_In;
// Response code modifiers
# define RC_FlushContext_flushHandle (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_FlushContext(
FlushContext_In *in // IN: input parameter list
);
TPM2_FlushContext(FlushContext_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
#endif // CC_FlushContext

35
src/tpm2/GetCapability_fp.h
View File

@ -59,32 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETCAPABILITY_FP_H
#define GETCAPABILITY_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetCapability // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
// Input structure definition
typedef struct
{
TPM_CAP capability;
UINT32 property;
UINT32 propertyCount;
} GetCapability_In;
#define RC_GetCapability_capability (TPM_RC_P + TPM_RC_1)
#define RC_GetCapability_property (TPM_RC_P + TPM_RC_2)
#define RC_GetCapability_propertyCount (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPMI_YES_NO moreData;
TPMS_CAPABILITY_DATA capabilityData;
} GetCapability_Out;
// Response code modifiers
# define RC_GetCapability_capability (TPM_RC_P + TPM_RC_1)
# define RC_GetCapability_property (TPM_RC_P + TPM_RC_2)
# define RC_GetCapability_propertyCount (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_GetCapability(
GetCapability_In *in, // IN: input parameter list
GetCapability_Out *out // OUT: output parameter list
);
TPM2_GetCapability(GetCapability_In* in, GetCapability_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
#endif // CC_GetCapability

37
src/tpm2/GetCommandAuditDigest_fp.h
View File

@ -59,33 +59,40 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETCOMMANDAUDITDIGEST_FP_H
#define GETCOMMANDAUDITDIGEST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetCommandAuditDigest // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ENDORSEMENT privacyHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA qualifyingData;
TPMT_SIG_SCHEME inScheme;
} GetCommandAuditDigest_In;
// Output structure definition
typedef struct
{
TPM2B_ATTEST auditInfo;
TPMT_SIGNATURE signature;
} GetCommandAuditDigest_Out;
// Response code modifiers
# define RC_GetCommandAuditDigest_privacyHandle (TPM_RC_H + TPM_RC_1)
# define RC_GetCommandAuditDigest_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_GetCommandAuditDigest_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_GetCommandAuditDigest_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
TPM2B_ATTEST auditInfo;
TPMT_SIGNATURE signature;
} GetCommandAuditDigest_Out;
// Function prototype
TPM_RC
TPM2_GetCommandAuditDigest(
GetCommandAuditDigest_In *in, // IN: input parameter list
GetCommandAuditDigest_Out *out // OUT: output parameter list
);
TPM2_GetCommandAuditDigest(GetCommandAuditDigest_In* in,
GetCommandAuditDigest_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
#endif // CC_GetCommandAuditDigest

32
src/tpm2/GetRandom_fp.h
View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETRANDOM_FP_H
#define GETRANDOM_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetRandom // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
// Input structure definition
typedef struct
{
UINT16 bytesRequested;
} GetRandom_In;
#define RC_GetRandom_bytesRequested (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DIGEST randomBytes;
} GetRandom_Out;
// Response code modifiers
# define RC_GetRandom_bytesRequested (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_GetRandom(
GetRandom_In *in, // IN: input parameter list
GetRandom_Out *out // OUT: output parameter list
);
TPM2_GetRandom(GetRandom_In* in, GetRandom_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
#endif // CC_GetRandom

37
src/tpm2/GetSessionAuditDigest_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETSESSIONAUDITDIGEST_FP_H
#define GETSESSIONAUDITDIGEST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetSessionAuditDigest // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ENDORSEMENT privacyAdminHandle;
TPMI_DH_OBJECT signHandle;
TPMI_SH_HMAC sessionHandle;
@ -72,22 +77,24 @@ typedef struct {
TPMT_SIG_SCHEME inScheme;
} GetSessionAuditDigest_In;
// Output structure definition
typedef struct
{
TPM2B_ATTEST auditInfo;
TPMT_SIGNATURE signature;
} GetSessionAuditDigest_Out;
// Response code modifiers
# define RC_GetSessionAuditDigest_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
# define RC_GetSessionAuditDigest_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_GetSessionAuditDigest_sessionHandle (TPM_RC_H + TPM_RC_3)
# define RC_GetSessionAuditDigest_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_GetSessionAuditDigest_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
TPM2B_ATTEST auditInfo;
TPMT_SIGNATURE signature;
} GetSessionAuditDigest_Out;
// Function prototype
TPM_RC
TPM2_GetSessionAuditDigest(
GetSessionAuditDigest_In *in, // IN: input parameter list
GetSessionAuditDigest_Out *out // OUT: output parameter list
);
TPM2_GetSessionAuditDigest(GetSessionAuditDigest_In* in,
GetSessionAuditDigest_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
#endif // CC_GetSessionAuditDigest

23
src/tpm2/GetTestResult_fp.h
View File

@ -59,21 +59,24 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETTESTRESULT_FP_H
#define GETTESTRESULT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct{
#if CC_GetTestResult // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER outData;
TPM_RC testResult;
} GetTestResult_Out;
// Function prototype
TPM_RC
TPM2_GetTestResult(
GetTestResult_Out *out // OUT: output parameter list
);
TPM2_GetTestResult(GetTestResult_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
#endif // CC_GetTestResult

36
src/tpm2/GetTime_fp.h
View File

@ -59,33 +59,39 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETTIME_FP_H
#define GETTIME_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetTime // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ENDORSEMENT privacyAdminHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA qualifyingData;
TPMT_SIG_SCHEME inScheme;
} GetTime_In;
// Output structure definition
typedef struct
{
TPM2B_ATTEST timeInfo;
TPMT_SIGNATURE signature;
} GetTime_Out;
// Response code modifiers
# define RC_GetTime_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
# define RC_GetTime_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_GetTime_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_GetTime_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
TPM2B_ATTEST timeInfo;
TPMT_SIGNATURE signature;
} GetTime_Out;
// Function prototype
TPM_RC
TPM2_GetTime(
GetTime_In *in, // IN: input parameter list
GetTime_Out *out // OUT: output parameter list
);
TPM2_GetTime(GetTime_In* in, GetTime_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
#endif // CC_GetTime

2
src/tpm2/Global.h
View File

@ -1093,9 +1093,9 @@ typedef struct state_reset_data
// default reset value is from the RNG.
TPM2B_SEED nullSeed; // The seed value for the TPM_RN_NULL
SEED_COMPAT_LEVEL nullSeedCompatLevel; // libtpms added
// hierarchy. The default reset value
// is from the RNG.
SEED_COMPAT_LEVEL nullSeedCompatLevel; // libtpms added
//*****************************************************************************
// Context

28
src/tpm2/HMAC_Start_fp.h
View File

@ -59,30 +59,36 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HMAC_START_FP_H
#define HMAC_START_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HMAC_Start // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT handle;
TPM2B_AUTH auth;
TPMI_ALG_HASH hashAlg;
} HMAC_Start_In;
typedef struct {
// Output structure definition
typedef struct
{
TPMI_DH_OBJECT sequenceHandle;
} HMAC_Start_Out;
// Response code modifiers
# define RC_HMAC_Start_handle (TPM_RC_H + TPM_RC_1)
# define RC_HMAC_Start_auth (TPM_RC_P + TPM_RC_1)
# define RC_HMAC_Start_hashAlg (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_HMAC_Start(
HMAC_Start_In *in, // IN: input parameter list
HMAC_Start_Out *out // OUT: output parameter list
);
TPM2_HMAC_Start(HMAC_Start_In* in, HMAC_Start_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
#endif // CC_HMAC_Start

34
src/tpm2/HMAC_fp.h
View File

@ -59,30 +59,36 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HMAC_FP_H
#define HMAC_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HMAC // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT handle;
TPM2B_MAX_BUFFER buffer;
TPMI_ALG_HASH hashAlg;
} HMAC_In;
// Output structure definition
typedef struct
{
TPM2B_DIGEST outHMAC;
} HMAC_Out;
// Response code modifiers
# define RC_HMAC_handle (TPM_RC_H + TPM_RC_1)
# define RC_HMAC_buffer (TPM_RC_P + TPM_RC_1)
# define RC_HMAC_hashAlg (TPM_RC_P + TPM_RC_2)
typedef struct {
TPM2B_DIGEST outHMAC;
} HMAC_Out;
// Function prototype
TPM_RC
TPM2_HMAC(
HMAC_In *in, // IN: input parameter list
HMAC_Out *out // OUT: output parameter list
);
TPM2_HMAC(HMAC_In* in, HMAC_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
#endif // CC_HMAC

54
src/tpm2/Handle_fp.h
View File

@ -58,33 +58,63 @@
/* */
/********************************************************************************/
#ifndef HANDLE_FP_H
#define HANDLE_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
#ifndef _HANDLE_FP_H_
#define _HANDLE_FP_H_
//*** HandleGetType()
// This function returns the type of a handle which is the MSO of the handle.
TPM_HT
HandleGetType(
TPM_HANDLE handle // IN: a handle to be checked
HandleGetType(TPM_HANDLE handle // IN: a handle to be checked
);
//*** NextPermanentHandle()
// This function returns the permanent handle that is equal to the input value or
// is the next higher value. If there is no handle with the input value and there
// is no next higher value, it returns 0:
TPM_HANDLE
NextPermanentHandle(
TPM_HANDLE inHandle // IN: the handle to check
NextPermanentHandle(TPM_HANDLE inHandle // IN: the handle to check
);
//*** PermanentCapGetHandles()
// This function returns a list of the permanent handles of PCR, started from
// 'handle'. If 'handle' is larger than the largest permanent handle, an empty list
// will be returned with 'more' set to NO.
// Return Type: TPMI_YES_NO
// YES if there are more handles available
// NO all the available handles has been returned
TPMI_YES_NO
PermanentCapGetHandles(
TPM_HANDLE handle, // IN: start handle
PermanentCapGetHandles(TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: count of returned handles
TPML_HANDLE* handleList // OUT: list of handle
);
//*** PermanentCapGetOneHandle()
// This function returns whether a permanent handle exists.
BOOL PermanentCapGetOneHandle(TPM_HANDLE handle // IN: handle
);
//*** PermanentHandleGetPolicy()
// This function returns a list of the permanent handles of PCR, started from
// 'handle'. If 'handle' is larger than the largest permanent handle, an empty list
// will be returned with 'more' set to NO.
// Return Type: TPMI_YES_NO
// YES if there are more handles available
// NO all the available handles has been returned
TPMI_YES_NO
PermanentHandleGetPolicy(
TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: count of returned handles
PermanentHandleGetPolicy(TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: max count of returned handles
TPML_TAGGED_POLICY* policyList // OUT: list of handle
);
//*** PermanentHandleGetOnePolicy()
// This function returns a permanent handle's policy, if present.
BOOL PermanentHandleGetOnePolicy(TPM_HANDLE handle, // IN: handle
TPMS_TAGGED_POLICY* policy // OUT: tagged policy
);
#endif
#endif // _HANDLE_FP_H_

34
src/tpm2/HashSequenceStart_fp.h
View File

@ -59,30 +59,34 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HASHSEQUENCESTART_FP_H
#define HASHSEQUENCESTART_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HashSequenceStart // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
// Input structure definition
typedef struct
{
TPM2B_AUTH auth;
TPMI_ALG_HASH hashAlg;
} HashSequenceStart_In;
#define RC_HashSequenceStart_auth (TPM_RC_P + TPM_RC_1)
#define RC_HashSequenceStart_hashAlg (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPMI_DH_OBJECT sequenceHandle;
} HashSequenceStart_Out;
// Response code modifiers
# define RC_HashSequenceStart_auth (TPM_RC_P + TPM_RC_1)
# define RC_HashSequenceStart_hashAlg (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_HashSequenceStart(
HashSequenceStart_In *in, // IN: input parameter list
HashSequenceStart_Out *out // OUT: output parameter list
);
TPM2_HashSequenceStart(HashSequenceStart_In* in, HashSequenceStart_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
#endif // CC_HashSequenceStart

112
src/tpm2/HashTestData.h
View File

@ -59,72 +59,81 @@
/* */
/********************************************************************************/
#ifndef HASHTESTDATA_H
#define HASHTESTDATA_H
//
// Hash Test Vectors
//
/* 10.1.8 HashTestData.h */
/* Hash Test Vectors */
TPM2B_TYPE(HASH_TEST_KEY, 128); // Twice the largest digest size
TPM2B_HASH_TEST_KEY c_hashTestKey = {{128, {
0xa0,0xed,0x5c,0x9a,0xd2,0x4a,0x21,0x40,0x1a,0xd0,0x81,0x47,0x39,0x63,0xf9,0x50,
0xdc,0x59,0x47,0x11,0x40,0x13,0x99,0x92,0xc0,0x72,0xa4,0x0f,0xe2,0x33,0xe4,0x63,
0x9b,0xb6,0x76,0xc3,0x1e,0x6f,0x13,0xee,0xcc,0x99,0x71,0xa5,0xc0,0xcf,0x9a,0x40,
0xcf,0xdb,0x66,0x70,0x05,0x63,0x54,0x12,0x25,0xf4,0xe0,0x1b,0x23,0x35,0xe3,0x70,
0x7d,0x19,0x5f,0x00,0xe4,0xf1,0x61,0x73,0x05,0xd8,0x58,0x7f,0x60,0x61,0x84,0x36,
0xec,0xbe,0x96,0x1b,0x69,0x00,0xf0,0x9a,0x6e,0xe3,0x26,0x73,0x0d,0x17,0x5b,0x33,
0x41,0x44,0x9d,0x90,0xab,0xd9,0x6b,0x7d,0x48,0x99,0x25,0x93,0x29,0x14,0x2b,0xce,
0x93,0x8d,0x8c,0xaf,0x31,0x0e,0x9c,0x57,0xd8,0x5b,0x57,0x20,0x1b,0x9f,0x2d,0xa5
}}};
TPM2B_HASH_TEST_KEY c_hashTestKey = {
{128,
{0xa0, 0xed, 0x5c, 0x9a, 0xd2, 0x4a, 0x21, 0x40, 0x1a, 0xd0, 0x81, 0x47, 0x39,
0x63, 0xf9, 0x50, 0xdc, 0x59, 0x47, 0x11, 0x40, 0x13, 0x99, 0x92, 0xc0, 0x72,
0xa4, 0x0f, 0xe2, 0x33, 0xe4, 0x63, 0x9b, 0xb6, 0x76, 0xc3, 0x1e, 0x6f, 0x13,
0xee, 0xcc, 0x99, 0x71, 0xa5, 0xc0, 0xcf, 0x9a, 0x40, 0xcf, 0xdb, 0x66, 0x70,
0x05, 0x63, 0x54, 0x12, 0x25, 0xf4, 0xe0, 0x1b, 0x23, 0x35, 0xe3, 0x70, 0x7d,
0x19, 0x5f, 0x00, 0xe4, 0xf1, 0x61, 0x73, 0x05, 0xd8, 0x58, 0x7f, 0x60, 0x61,
0x84, 0x36, 0xec, 0xbe, 0x96, 0x1b, 0x69, 0x00, 0xf0, 0x9a, 0x6e, 0xe3, 0x26,
0x73, 0x0d, 0x17, 0x5b, 0x33, 0x41, 0x44, 0x9d, 0x90, 0xab, 0xd9, 0x6b, 0x7d,
0x48, 0x99, 0x25, 0x93, 0x29, 0x14, 0x2b, 0xce, 0x93, 0x8d, 0x8c, 0xaf, 0x31,
0x0e, 0x9c, 0x57, 0xd8, 0x5b, 0x57, 0x20, 0x1b, 0x9f, 0x2d, 0xa5}}};
TPM2B_TYPE(HASH_TEST_DATA, 256); // Twice the largest block size
TPM2B_HASH_TEST_DATA c_hashTestData = {{256, {
0x88,0xac,0xc3,0xe5,0x5f,0x66,0x9d,0x18,0x80,0xc9,0x7a,0x9c,0xa4,0x08,0x90,0x98,
0x0f,0x3a,0x53,0x92,0x4c,0x67,0x4e,0xb7,0x37,0xec,0x67,0x87,0xb6,0xbe,0x10,0xca,
0x11,0x5b,0x4a,0x0b,0x45,0xc3,0x32,0x68,0x48,0x69,0xce,0x25,0x1b,0xc8,0xaf,0x44,
0x79,0x22,0x83,0xc8,0xfb,0xe2,0x63,0x94,0xa2,0x3c,0x59,0x3e,0x3e,0xc6,0x64,0x2c,
0x1f,0x8c,0x11,0x93,0x24,0xa3,0x17,0xc5,0x2f,0x37,0xcf,0x95,0x97,0x8e,0x63,0x39,
0x68,0xd5,0xca,0xba,0x18,0x37,0x69,0x6e,0x4f,0x19,0xfd,0x8a,0xc0,0x8d,0x87,0x3a,
0xbc,0x31,0x42,0x04,0x05,0xef,0xb5,0x02,0xef,0x1e,0x92,0x4b,0xb7,0x73,0x2c,0x8c,
0xeb,0x23,0x13,0x81,0x34,0xb9,0xb5,0xc1,0x17,0x37,0x39,0xf8,0x3e,0xe4,0x4c,0x06,
0xa8,0x81,0x52,0x2f,0xef,0xc9,0x9c,0x69,0x89,0xbc,0x85,0x9c,0x30,0x16,0x02,0xca,
0xe3,0x61,0xd4,0x0f,0xed,0x34,0x1b,0xca,0xc1,0x1b,0xd1,0xfa,0xc1,0xa2,0xe0,0xdf,
0x52,0x2f,0x0b,0x4b,0x9f,0x0e,0x45,0x54,0xb9,0x17,0xb6,0xaf,0xd6,0xd5,0xca,0x90,
0x29,0x57,0x7b,0x70,0x50,0x94,0x5c,0x8e,0xf6,0x4e,0x21,0x8b,0xc6,0x8b,0xa6,0xbc,
0xb9,0x64,0xd4,0x4d,0xf3,0x68,0xd8,0xac,0xde,0xd8,0xd8,0xb5,0x6d,0xcd,0x93,0xeb,
0x28,0xa4,0xe2,0x5c,0x44,0xef,0xf0,0xe1,0x6f,0x38,0x1a,0x3c,0xe6,0xef,0xa2,0x9d,
0xb9,0xa8,0x05,0x2a,0x95,0xec,0x5f,0xdb,0xb0,0x25,0x67,0x9c,0x86,0x7a,0x8e,0xea,
0x51,0xcc,0xc3,0xd3,0xff,0x6e,0xf0,0xed,0xa3,0xae,0xf9,0x5d,0x33,0x70,0xf2,0x11
}}};
TPM2B_HASH_TEST_DATA c_hashTestData = {
{256,
{0x88, 0xac, 0xc3, 0xe5, 0x5f, 0x66, 0x9d, 0x18, 0x80, 0xc9, 0x7a, 0x9c, 0xa4,
0x08, 0x90, 0x98, 0x0f, 0x3a, 0x53, 0x92, 0x4c, 0x67, 0x4e, 0xb7, 0x37, 0xec,
0x67, 0x87, 0xb6, 0xbe, 0x10, 0xca, 0x11, 0x5b, 0x4a, 0x0b, 0x45, 0xc3, 0x32,
0x68, 0x48, 0x69, 0xce, 0x25, 0x1b, 0xc8, 0xaf, 0x44, 0x79, 0x22, 0x83, 0xc8,
0xfb, 0xe2, 0x63, 0x94, 0xa2, 0x3c, 0x59, 0x3e, 0x3e, 0xc6, 0x64, 0x2c, 0x1f,
0x8c, 0x11, 0x93, 0x24, 0xa3, 0x17, 0xc5, 0x2f, 0x37, 0xcf, 0x95, 0x97, 0x8e,
0x63, 0x39, 0x68, 0xd5, 0xca, 0xba, 0x18, 0x37, 0x69, 0x6e, 0x4f, 0x19, 0xfd,
0x8a, 0xc0, 0x8d, 0x87, 0x3a, 0xbc, 0x31, 0x42, 0x04, 0x05, 0xef, 0xb5, 0x02,
0xef, 0x1e, 0x92, 0x4b, 0xb7, 0x73, 0x2c, 0x8c, 0xeb, 0x23, 0x13, 0x81, 0x34,
0xb9, 0xb5, 0xc1, 0x17, 0x37, 0x39, 0xf8, 0x3e, 0xe4, 0x4c, 0x06, 0xa8, 0x81,
0x52, 0x2f, 0xef, 0xc9, 0x9c, 0x69, 0x89, 0xbc, 0x85, 0x9c, 0x30, 0x16, 0x02,
0xca, 0xe3, 0x61, 0xd4, 0x0f, 0xed, 0x34, 0x1b, 0xca, 0xc1, 0x1b, 0xd1, 0xfa,
0xc1, 0xa2, 0xe0, 0xdf, 0x52, 0x2f, 0x0b, 0x4b, 0x9f, 0x0e, 0x45, 0x54, 0xb9,
0x17, 0xb6, 0xaf, 0xd6, 0xd5, 0xca, 0x90, 0x29, 0x57, 0x7b, 0x70, 0x50, 0x94,
0x5c, 0x8e, 0xf6, 0x4e, 0x21, 0x8b, 0xc6, 0x8b, 0xa6, 0xbc, 0xb9, 0x64, 0xd4,
0x4d, 0xf3, 0x68, 0xd8, 0xac, 0xde, 0xd8, 0xd8, 0xb5, 0x6d, 0xcd, 0x93, 0xeb,
0x28, 0xa4, 0xe2, 0x5c, 0x44, 0xef, 0xf0, 0xe1, 0x6f, 0x38, 0x1a, 0x3c, 0xe6,
0xef, 0xa2, 0x9d, 0xb9, 0xa8, 0x05, 0x2a, 0x95, 0xec, 0x5f, 0xdb, 0xb0, 0x25,
0x67, 0x9c, 0x86, 0x7a, 0x8e, 0xea, 0x51, 0xcc, 0xc3, 0xd3, 0xff, 0x6e, 0xf0,
0xed, 0xa3, 0xae, 0xf9, 0x5d, 0x33, 0x70, 0xf2, 0x11}}};
#if ALG_SHA1 == YES
TPM2B_TYPE(SHA1, 20);
TPM2B_SHA1 c_SHA1_digest = {{20, {
0xee,0x2c,0xef,0x93,0x76,0xbd,0xf8,0x91,0xbc,0xe6,0xe5,0x57,0x53,0x77,0x01,0xb5,
0x70,0x95,0xe5,0x40
}}};
TPM2B_SHA1 c_SHA1_digest = {
{20, {0xee, 0x2c, 0xef, 0x93, 0x76, 0xbd, 0xf8, 0x91, 0xbc, 0xe6,
0xe5, 0x57, 0x53, 0x77, 0x01, 0xb5, 0x70, 0x95, 0xe5, 0x40}}};
#endif
#if ALG_SHA256 == YES
TPM2B_TYPE(SHA256, 32);
TPM2B_SHA256 c_SHA256_digest = {{32, {
0x64,0xe8,0xe0,0xc3,0xa9,0xa4,0x51,0x49,0x10,0x55,0x8d,0x31,0x71,0xe5,0x2f,0x69,
0x3a,0xdc,0xc7,0x11,0x32,0x44,0x61,0xbd,0x34,0x39,0x57,0xb0,0xa8,0x75,0x86,0x1b
}}};
TPM2B_SHA256 c_SHA256_digest = {
{32, {0x64, 0xe8, 0xe0, 0xc3, 0xa9, 0xa4, 0x51, 0x49, 0x10, 0x55, 0x8d,
0x31, 0x71, 0xe5, 0x2f, 0x69, 0x3a, 0xdc, 0xc7, 0x11, 0x32, 0x44,
0x61, 0xbd, 0x34, 0x39, 0x57, 0xb0, 0xa8, 0x75, 0x86, 0x1b}}};
#endif
#if ALG_SHA384 == YES
TPM2B_TYPE(SHA384, 48);
TPM2B_SHA384 c_SHA384_digest = {{48, {
0x37,0x75,0x29,0xb5,0x20,0x15,0x6e,0xa3,0x7e,0xa3,0x0d,0xcd,0x80,0xa8,0xa3,0x3d,
0xeb,0xe8,0xad,0x4e,0x1c,0x77,0x94,0x5a,0xaf,0x6c,0xd0,0xc1,0xfa,0x43,0x3f,0xc7,
0xb8,0xf1,0x01,0xc0,0x60,0xbf,0xf2,0x87,0xe8,0x71,0x9e,0x51,0x97,0xa0,0x09,0x8d
}}};
TPM2B_SHA384 c_SHA384_digest = {
{48, {0x37, 0x75, 0x29, 0xb5, 0x20, 0x15, 0x6e, 0xa3, 0x7e, 0xa3, 0x0d, 0xcd,
0x80, 0xa8, 0xa3, 0x3d, 0xeb, 0xe8, 0xad, 0x4e, 0x1c, 0x77, 0x94, 0x5a,
0xaf, 0x6c, 0xd0, 0xc1, 0xfa, 0x43, 0x3f, 0xc7, 0xb8, 0xf1, 0x01, 0xc0,
0x60, 0xbf, 0xf2, 0x87, 0xe8, 0x71, 0x9e, 0x51, 0x97, 0xa0, 0x09, 0x8d}}};
#endif
#if ALG_SHA512 == YES
TPM2B_TYPE(SHA512, 64);
TPM2B_SHA512 c_SHA512_digest = {{64, {
0xe2,0x7b,0x10,0x3d,0x5e,0x48,0x58,0x44,0x67,0xac,0xa3,0x81,0x8c,0x1d,0xc5,0x71,
0x66,0x92,0x8a,0x89,0xaa,0xd4,0x35,0x51,0x60,0x37,0x31,0xd7,0xba,0xe7,0x93,0x0b,
0x16,0x4d,0xb3,0xc8,0x34,0x98,0x3c,0xd3,0x53,0xde,0x5e,0xe8,0x0c,0xbc,0xaf,0xc9,
0x24,0x2c,0xcc,0xed,0xdb,0xde,0xba,0x1f,0x14,0x14,0x5a,0x95,0x80,0xde,0x66,0xbd
}}};
TPM2B_SHA512 c_SHA512_digest = {
{64,
{0xe2, 0x7b, 0x10, 0x3d, 0x5e, 0x48, 0x58, 0x44, 0x67, 0xac, 0xa3, 0x81, 0x8c,
0x1d, 0xc5, 0x71, 0x66, 0x92, 0x8a, 0x89, 0xaa, 0xd4, 0x35, 0x51, 0x60, 0x37,
0x31, 0xd7, 0xba, 0xe7, 0x93, 0x0b, 0x16, 0x4d, 0xb3, 0xc8, 0x34, 0x98, 0x3c,
0xd3, 0x53, 0xde, 0x5e, 0xe8, 0x0c, 0xbc, 0xaf, 0xc9, 0x24, 0x2c, 0xcc, 0xed,
0xdb, 0xde, 0xba, 0x1f, 0x14, 0x14, 0x5a, 0x95, 0x80, 0xde, 0x66, 0xbd}}};
#endif
TPM2B_TYPE(EMPTY, 1);
@ -207,4 +216,3 @@ static const struct CMACTest {
#endif
// libtpms added end
#endif

36
src/tpm2/Hash_fp.h
View File

@ -59,31 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HASH_FP_H
#define HASH_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Hash // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
// Input structure definition
typedef struct
{
TPM2B_MAX_BUFFER data;
TPMI_ALG_HASH hashAlg;
TPMI_RH_HIERARCHY hierarchy;
} Hash_In;
#define RC_Hash_data (TPM_RC_P + TPM_RC_1)
#define RC_Hash_hashAlg (TPM_RC_P + TPM_RC_2)
#define RC_Hash_hierarchy (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DIGEST outHash;
TPMT_TK_HASHCHECK validation;
} Hash_Out;
// Response code modifiers
# define RC_Hash_data (TPM_RC_P + TPM_RC_1)
# define RC_Hash_hashAlg (TPM_RC_P + TPM_RC_2)
# define RC_Hash_hierarchy (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_Hash(
Hash_In *in, // IN: input parameter list
Hash_Out *out // OUT: output parameter list
);
TPM2_Hash(Hash_In* in, Hash_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
#endif // CC_Hash

24
src/tpm2/HierarchyChangeAuth_fp.h
View File

@ -59,22 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HIERARCHYCHANGEAUTH_FP_H
#define HIERARCHYCHANGEAUTH_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HierarchyChangeAuth // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_HIERARCHY_AUTH authHandle;
TPM2B_AUTH newAuth;
} HierarchyChangeAuth_In;
// Response code modifiers
# define RC_HierarchyChangeAuth_authHandle (TPM_RC_H + TPM_RC_1)
#define RC_HierarchyChangeAuth_newAuth (TPM_RC_P + TPM_RC_2)
# define RC_HierarchyChangeAuth_newAuth (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_HierarchyChangeAuth(
HierarchyChangeAuth_In *in // IN: input parameter list
);
TPM2_HierarchyChangeAuth(HierarchyChangeAuth_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
#endif // CC_HierarchyChangeAuth

25
src/tpm2/HierarchyControl_fp.h
View File

@ -59,25 +59,30 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HIERARCHYCONTROL_FP_H
#define HIERARCHYCONTROL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
TPMI_RH_HIERARCHY authHandle;
#if CC_HierarchyControl // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_BASE_HIERARCHY authHandle;
TPMI_RH_ENABLES enable;
TPMI_YES_NO state;
} HierarchyControl_In;
// Response code modifiers
# define RC_HierarchyControl_authHandle (TPM_RC_H + TPM_RC_1)
# define RC_HierarchyControl_enable (TPM_RC_P + TPM_RC_1)
# define RC_HierarchyControl_state (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_HierarchyControl(
HierarchyControl_In *in // IN: input parameter list
);
TPM2_HierarchyControl(HierarchyControl_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
#endif // CC_HierarchyControl

3
src/tpm2/Hierarchy_fp.h
View File

@ -125,8 +125,7 @@ TPM_RC ValidateHierarchy(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
// libtpms added begin
SEED_COMPAT_LEVEL
HierarchyGetPrimarySeedCompatLevel(
TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
HierarchyGetPrimarySeedCompatLevel(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
);
// libtpms added end

33
src/tpm2/Import_fp.h
View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef IMPORT_FP_H
#define IMPORT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Import // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT parentHandle;
TPM2B_DATA encryptionKey;
TPM2B_PUBLIC objectPublic;
@ -73,6 +78,13 @@ typedef struct {
TPMT_SYM_DEF_OBJECT symmetricAlg;
} Import_In;
// Output structure definition
typedef struct
{
TPM2B_PRIVATE outPrivate;
} Import_Out;
// Response code modifiers
# define RC_Import_parentHandle (TPM_RC_H + TPM_RC_1)
# define RC_Import_encryptionKey (TPM_RC_P + TPM_RC_1)
# define RC_Import_objectPublic (TPM_RC_P + TPM_RC_2)
@ -80,14 +92,9 @@ typedef struct {
# define RC_Import_inSymSeed (TPM_RC_P + TPM_RC_4)
# define RC_Import_symmetricAlg (TPM_RC_P + TPM_RC_5)
typedef struct {
TPM2B_PRIVATE outPrivate;
} Import_Out;
// Function prototype
TPM_RC
TPM2_Import(
Import_In *in, // IN: input parameter list
Import_Out *out // OUT: output parameter list
);
TPM2_Import(Import_In* in, Import_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
#endif // CC_Import

28
src/tpm2/IncrementalSelfTest_fp.h
View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef INCREMENTALSELFTEST_FP_H
#define INCREMENTALSELFTEST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct{
#if CC_IncrementalSelfTest // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
// Input structure definition
typedef struct
{
TPML_ALG toTest;
} IncrementalSelfTest_In;
typedef struct{
// Output structure definition
typedef struct
{
TPML_ALG toDoList;
} IncrementalSelfTest_Out;
// Response code modifiers
# define RC_IncrementalSelfTest_toTest (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_IncrementalSelfTest(
IncrementalSelfTest_In *in, // IN: input parameter list
IncrementalSelfTest_Out *out // OUT: output parameter list
);
TPM2_IncrementalSelfTest(IncrementalSelfTest_In* in, IncrementalSelfTest_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
#endif // CC_IncrementalSelfTest

24
src/tpm2/InternalRoutines.h
View File

@ -59,32 +59,35 @@
/* */
/********************************************************************************/
#ifndef INTERNALROUTINES_H
#define INTERNALROUTINES_H
#ifndef INTERNAL_ROUTINES_H
#define INTERNAL_ROUTINES_H
#if !defined _LIB_SUPPORT_H_ && !defined _TPM_H_
# error "Should not be called"
#endif
/* DRTM functions */
// DRTM functions
#include "_TPM_Hash_Start_fp.h"
#include "_TPM_Hash_Data_fp.h"
#include "_TPM_Hash_End_fp.h"
/* Internal subsystem functions */
// Internal subsystem functions
#include "Object_fp.h"
#include "Context_spt_fp.h"
#include "Object_spt_fp.h"
#include "Entity_fp.h"
#include "Session_fp.h"
#include "Hierarchy_fp.h"
#include "NVReserved_fp.h"
#include "NVDynamic_fp.h"
#include "NvReserved_fp.h"
#include "NvDynamic_fp.h"
#include "NV_spt_fp.h"
#include "ACT_spt_fp.h"
#include "PCR_fp.h"
#include "DA_fp.h"
#include "TpmFail_fp.h"
#include "SessionProcess_fp.h"
/* Internal support functions */
// Internal support functions
#include "CommandCodeAttributes_fp.h"
#include "Marshal_fp.h"
#include "Unmarshal_fp.h" /* kgold */
@ -97,10 +100,12 @@
#include "Power_fp.h"
#include "Response_fp.h"
#include "CommandDispatcher_fp.h"
#if CC_AC_Send
# include "AC_spt_fp.h"
#endif // CC_AC_Send
/* Miscellaneous */
// Miscellaneous
#include "Bits_fp.h"
#include "AlgorithmCap_fp.h"
#include "PropertyCap_fp.h"
@ -122,16 +127,19 @@
#include "MathOnByteBuffers_fp.h"
#include "CryptSym_fp.h"
#include "AlgorithmTests_fp.h"
#if ALG_RSA
# include "CryptRsa_fp.h"
# include "CryptPrimeSieve_fp.h"
#endif
#if ALG_ECC
# include "CryptEccMain_fp.h"
# include "CryptEccSignature_fp.h"
# include "CryptEccKeyExchange_fp.h"
# include "CryptEccCrypt_fp.h"
#endif
#if CC_MAC || CC_MAC_Start
# include "CryptSmac_fp.h"
# if ALG_CMAC

86
src/tpm2/IoBuffers.c
View File

@ -59,42 +59,43 @@
/* */
/********************************************************************************/
/* 9.7 IoBuffers.c */
/* 9.7.1 Includes and Data Definitions */
/* This definition allows this module to see the values that are private to this module but kept in
Global.c for ease of state migration. */
//** Includes and Data Definitions
// This definition allows this module to "see" the values that are private
// to this module but kept in Global.c for ease of state migration.
#define IO_BUFFER_C
#include "Tpm.h"
#include "IoBuffers_fp.h"
/* 9.7.2 Buffers and Functions */
/* These buffers are set aside to hold command and response values. In this implementation, it is
not guaranteed that the code will stop accessing the s_actionInputBuffer before starting to put
values in the s_actionOutputBuffer so different buffers are required. */
/* 9.7.2.1 MemoryIoBufferAllocationReset() */
/* This function is used to reset the allocation of buffers. */
void
MemoryIoBufferAllocationReset(
void
)
//** Buffers and Functions
// These buffers are set aside to hold command and response values. In this
// implementation, it is not guaranteed that the code will stop accessing
// the s_actionInputBuffer before starting to put values in the
// s_actionOutputBuffer so different buffers are required.
//
//*** MemoryIoBufferAllocationReset()
// This function is used to reset the allocation of buffers.
void MemoryIoBufferAllocationReset(void)
{
s_actionIoAllocation = 0;
}
/* 9.7.2.2 MemoryIoBufferZero() */
/* Function zeros the action I/O buffer at the end of a command. Calling this is not mandatory for
proper functionality. */
void
MemoryIoBufferZero(
void
)
//*** MemoryIoBufferZero()
// Function zeros the action I/O buffer at the end of a command. Calling this is
// not mandatory for proper functionality.
void MemoryIoBufferZero(void)
{
memset(s_actionIoBuffer, 0, s_actionIoAllocation);
}
/* 9.7.2.3 MemoryGetInBuffer() */
/* This function returns the address of the buffer into which the command parameters will be
unmarshaled in preparation for calling the command actions. */
BYTE *
MemoryGetInBuffer(
UINT32 size // Size, in bytes, required for the input
//*** MemoryGetInBuffer()
// This function returns the address of the buffer into which the
// command parameters will be unmarshaled in preparation for calling
// the command actions.
BYTE* MemoryGetInBuffer(UINT32 size // Size, in bytes, required for the input
// unmarshaling
)
{
@ -110,12 +111,11 @@ MemoryGetInBuffer(
s_actionIoAllocation = size;
return (BYTE*)&s_actionIoBuffer[0];
}
/* 9.7.2.4 MemoryGetOutBuffer() */
/* This function returns the address of the buffer into which the command action code places its
output values. */
BYTE *
MemoryGetOutBuffer(
UINT32 size // required size of the buffer
//*** MemoryGetOutBuffer()
// This function returns the address of the buffer into which the command
// action code places its output values.
BYTE* MemoryGetOutBuffer(UINT32 size // required size of the buffer
)
{
BYTE* retVal = (BYTE*)(&s_actionIoBuffer[s_actionIoAllocation / UoM]);
@ -126,20 +126,14 @@ MemoryGetOutBuffer(
s_actionIoAllocation += size;
return retVal;
}
/* 9.7.2.5 IsLabelProperlyFormatted() */
/* This function checks that a label is a null-terminated string. */
/* NOTE: this function is here because there was no better place for it. */
/* Return Value Meaning */
/* FALSE string is not null terminated */
/* TRUE string is null terminated */
BOOL
IsLabelProperlyFormatted(
TPM2B *x
)
//*** IsLabelProperlyFormatted()
// This function checks that a label is a null-terminated string.
// NOTE: this function is here because there was no better place for it.
// Return Type: BOOL
// TRUE(1) string is null terminated
// FALSE(0) string is not null terminated
BOOL IsLabelProperlyFormatted(TPM2B* x)
{
return (((x)->size == 0) || ((x)->buffer[(x)->size - 1] == 0));
}

56
src/tpm2/IoBuffers_fp.h
View File

@ -59,29 +59,43 @@
/* */
/********************************************************************************/
#ifndef IOBUFFERS_FP_H
#define IOBUFFERS_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
void
MemoryIoBufferAllocationReset(
void
);
void
MemoryIoBufferZero(
void
);
BYTE *
MemoryGetInBuffer(
UINT32 size // Size, in bytes, required for the input
#ifndef _IO_BUFFERS_FP_H_
#define _IO_BUFFERS_FP_H_
//*** MemoryIoBufferAllocationReset()
// This function is used to reset the allocation of buffers.
void MemoryIoBufferAllocationReset(void);
//*** MemoryIoBufferZero()
// Function zeros the action I/O buffer at the end of a command. Calling this is
// not mandatory for proper functionality.
void MemoryIoBufferZero(void);
//*** MemoryGetInBuffer()
// This function returns the address of the buffer into which the
// command parameters will be unmarshaled in preparation for calling
// the command actions.
BYTE* MemoryGetInBuffer(UINT32 size // Size, in bytes, required for the input
// unmarshaling
);
BYTE *
MemoryGetOutBuffer(
UINT32 size // required size of the buffer
);
BOOL
IsLabelProperlyFormatted(
TPM2B *x
//*** MemoryGetOutBuffer()
// This function returns the address of the buffer into which the command
// action code places its output values.
BYTE* MemoryGetOutBuffer(UINT32 size // required size of the buffer
);
#endif
//*** IsLabelProperlyFormatted()
// This function checks that a label is a null-terminated string.
// NOTE: this function is here because there was no better place for it.
// Return Type: BOOL
// TRUE(1) string is null terminated
// FALSE(0) string is not null terminated
BOOL IsLabelProperlyFormatted(TPM2B* x);
#endif // _IO_BUFFERS_FP_H_

59
src/tpm2/KdfTestData.h
View File

@ -59,42 +59,67 @@
/* */
/********************************************************************************/
//
// Hash Test Vectors
//
#define TEST_KDF_KEY_SIZE 20
TPM2B_TYPE(KDF_TEST_KEY, TEST_KDF_KEY_SIZE);
TPM2B_KDF_TEST_KEY c_kdfTestKeyIn = {{TEST_KDF_KEY_SIZE, {
0x27, 0x1F, 0xA0, 0x8B, 0xBD, 0xC5, 0x06, 0x0E, 0xC3, 0xDF,
TPM2B_KDF_TEST_KEY c_kdfTestKeyIn = {
{TEST_KDF_KEY_SIZE,
{0x27, 0x1F, 0xA0, 0x8B, 0xBD, 0xC5, 0x06, 0x0E, 0xC3, 0xDF,
0xA9, 0x28, 0xFF, 0x9B, 0x73, 0x12, 0x3A, 0x12, 0xDA, 0x0C}}};
TPM2B_TYPE(KDF_TEST_LABEL, 17);
TPM2B_KDF_TEST_LABEL c_kdfTestLabel = {{17, {
0x4B, 0x44, 0x46, 0x53, 0x45, 0x4C, 0x46, 0x54,
0x45, 0x53, 0x54, 0x4C, 0x41, 0x42, 0x45, 0x4C, 0x00 }}};
TPM2B_KDF_TEST_LABEL c_kdfTestLabel = {{17,
{0x4B,
0x44,
0x46,
0x53,
0x45,
0x4C,
0x46,
0x54,
0x45,
0x53,
0x54,
0x4C,
0x41,
0x42,
0x45,
0x4C,
0x00}}};
TPM2B_TYPE(KDF_TEST_CONTEXT, 8);
TPM2B_KDF_TEST_CONTEXT c_kdfTestContextU = {{8, {
0xCE, 0x24, 0x4F, 0x39, 0x5D, 0xCA, 0x73, 0x91 }}};
TPM2B_KDF_TEST_CONTEXT c_kdfTestContextV = {{8, {
0xDA, 0x50, 0x40, 0x31, 0xDD, 0xF1, 0x2E, 0x83 }}};
TPM2B_KDF_TEST_CONTEXT c_kdfTestContextU = {
{8, {0xCE, 0x24, 0x4F, 0x39, 0x5D, 0xCA, 0x73, 0x91}}};
TPM2B_KDF_TEST_CONTEXT c_kdfTestContextV = {
{8, {0xDA, 0x50, 0x40, 0x31, 0xDD, 0xF1, 0x2E, 0x83}}};
#if ALG_SHA512 == ALG_YES
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {{20, {
0x8b, 0xe2, 0xc1, 0xb8, 0x5b, 0x78, 0x56, 0x9b, 0x9f, 0xa7,
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
{20, {0x8b, 0xe2, 0xc1, 0xb8, 0x5b, 0x78, 0x56, 0x9b, 0x9f, 0xa7,
0x59, 0xf5, 0x85, 0x7c, 0x56, 0xd6, 0x84, 0x81, 0x0f, 0xd3}}};
# define KDF_TEST_ALG TPM_ALG_SHA512
#elif ALG_SHA384 == ALG_YES
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {{20, {
0x1d, 0xce, 0x70, 0xc9, 0x11, 0x3e, 0xb2, 0xdb, 0xa4, 0x7b,
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
{20, {0x1d, 0xce, 0x70, 0xc9, 0x11, 0x3e, 0xb2, 0xdb, 0xa4, 0x7b,
0xd9, 0xcf, 0xc7, 0x2b, 0xf4, 0x6f, 0x45, 0xb0, 0x93, 0x12}}};
# define KDF_TEST_ALG TPM_ALG_SHA384
#elif ALG_SHA256 == ALG_YES
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {{20, {
0xbb, 0x02, 0x59, 0xe1, 0xc8, 0xba, 0x60, 0x7e, 0x6a, 0x2c,
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
{20, {0xbb, 0x02, 0x59, 0xe1, 0xc8, 0xba, 0x60, 0x7e, 0x6a, 0x2c,
0xd7, 0x04, 0xb6, 0x9a, 0x90, 0x2e, 0x9a, 0xde, 0x84, 0xc4}}};
# define KDF_TEST_ALG TPM_ALG_SHA256
#elif ALG_SHA1 == ALG_YES
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {{20, {
0x55, 0xb5, 0xa7, 0x18, 0x4a, 0xa0, 0x74, 0x23, 0xc4, 0x7d,
TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
{20, {0x55, 0xb5, 0xa7, 0x18, 0x4a, 0xa0, 0x74, 0x23, 0xc4, 0x7d,
0xae, 0x76, 0x6c, 0x26, 0xa2, 0x37, 0x7d, 0x7c, 0xf8, 0x51}}};
# define KDF_TEST_ALG TPM_ALG_SHA1
#endif

36
src/tpm2/LoadExternal_fp.h
View File

@ -59,29 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef LOADEXTERNAL_FP_H
#define LOADEXTERNAL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_LoadExternal // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOADEXTERNAL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOADEXTERNAL_FP_H_
// Input structure definition
typedef struct
{
TPM2B_SENSITIVE inPrivate;
TPM2B_PUBLIC inPublic;
TPMI_RH_HIERARCHY hierarchy;
} LoadExternal_In;
#define RC_LoadExternal_inPrivate (TPM_RC_P + TPM_RC_1)
#define RC_LoadExternal_inPublic (TPM_RC_P + TPM_RC_2)
#define RC_LoadExternal_hierarchy (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPM_HANDLE objectHandle;
TPM2B_NAME name;
} LoadExternal_Out;
// Response code modifiers
# define RC_LoadExternal_inPrivate (TPM_RC_P + TPM_RC_1)
# define RC_LoadExternal_inPublic (TPM_RC_P + TPM_RC_2)
# define RC_LoadExternal_hierarchy (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_LoadExternal(
LoadExternal_In *in, // IN: input parameter list
LoadExternal_Out *out // OUT: output parameter list
);
#endif
TPM2_LoadExternal(LoadExternal_In* in, LoadExternal_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOADEXTERNAL_FP_H_
#endif // CC_LoadExternal

37
src/tpm2/Load_fp.h
View File

@ -59,30 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef LOAD_FP_H
#define LOAD_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Load // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOAD_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOAD_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT parentHandle;
TPM2B_PRIVATE inPrivate;
TPM2B_PUBLIC inPublic;
} Load_In;
#define RC_Load_parentHandle (TPM_RC_H + TPM_RC_1)
#define RC_Load_inPrivate (TPM_RC_P + TPM_RC_1)
#define RC_Load_inPublic (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM_HANDLE objectHandle;
TPM2B_NAME name;
} Load_Out;
TPM_RC
TPM2_Load(
Load_In *in, // IN: input parameter list
Load_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_Load_parentHandle (TPM_RC_H + TPM_RC_1)
# define RC_Load_inPrivate (TPM_RC_P + TPM_RC_1)
# define RC_Load_inPublic (TPM_RC_P + TPM_RC_2)
#endif
// Function prototype
TPM_RC
TPM2_Load(Load_In* in, Load_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOAD_FP_H_
#endif // CC_Load

16
src/tpm2/Locality.c
View File

@ -59,19 +59,21 @@
/* */
/********************************************************************************/
/* 9.8 Locality.c */
/* 9.8.1 Includes */
//** Includes
#include "Tpm.h"
/* 9.8.2 LocalityGetAttributes() */
/* This function will convert a locality expressed as an integer into TPMA_LOCALITY form. */
/* The function returns the locality attribute. */
//** LocalityGetAttributes()
// This function will convert a locality expressed as an integer into
// TPMA_LOCALITY form.
//
// The function returns the locality attribute.
TPMA_LOCALITY
LocalityGetAttributes(
UINT8 locality // IN: locality value
LocalityGetAttributes(UINT8 locality // IN: locality value
)
{
TPMA_LOCALITY locality_attributes;
BYTE* localityAsByte = (BYTE*)&locality_attributes;
MemorySet(&locality_attributes, 0, sizeof(TPMA_LOCALITY));
switch(locality)
{

29
src/tpm2/LocalityPlat.c
View File

@ -59,26 +59,23 @@
/* */
/********************************************************************************/
/* C.5 LocalityPlat.c */
/* C.5.1. Includes */
//** Includes
#include "Platform.h"
/* C.5.2. Functions */
/* C.5.2.1. _plat__LocalityGet() */
/* Get the most recent command locality in locality value form. This is an integer value for
locality and not a locality structure The locality can be 0-4 or 32-255. 5-31 is not allowed. */
LIB_EXPORT unsigned char
_plat__LocalityGet(
void
)
//** Functions
//***_plat__LocalityGet()
// Get the most recent command locality in locality value form.
// This is an integer value for locality and not a locality structure
// The locality can be 0-4 or 32-255. 5-31 is not allowed.
LIB_EXPORT unsigned char _plat__LocalityGet(void)
{
return s_locality;
}
/* C.5.2.2. _plat__LocalitySet() */
/* Set the most recent command locality in locality value form */
LIB_EXPORT void
_plat__LocalitySet(
unsigned char locality
)
//***_plat__LocalitySet()
// Set the most recent command locality in locality value form
LIB_EXPORT void _plat__LocalitySet(unsigned char locality)
{
if(locality > 4 && locality < 32)
locality = 0;

20
src/tpm2/Locality_fp.h
View File

@ -59,13 +59,21 @@
/* */
/********************************************************************************/
#ifndef LOCALITY_FP_H
#define LOCALITY_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
#ifndef _LOCALITY_FP_H_
#define _LOCALITY_FP_H_
//** LocalityGetAttributes()
// This function will convert a locality expressed as an integer into
// TPMA_LOCALITY form.
//
// The function returns the locality attribute.
TPMA_LOCALITY
LocalityGetAttributes(
UINT8 locality // IN: locality value
LocalityGetAttributes(UINT8 locality // IN: locality value
);
#endif
#endif // _LOCALITY_FP_H_

28
src/tpm2/MAC_Start_fp.h
View File

@ -59,30 +59,36 @@
/* */
/********************************************************************************/
/* rev 146 */
#ifndef MAC_START_FP_H
#define MAC_START_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_MAC_Start // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_START_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_START_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT handle;
TPM2B_AUTH auth;
TPMI_ALG_MAC_SCHEME inScheme;
} MAC_Start_In;
typedef struct {
// Output structure definition
typedef struct
{
TPMI_DH_OBJECT sequenceHandle;
} MAC_Start_Out;
// Response code modifiers
# define RC_MAC_Start_handle (TPM_RC_H + TPM_RC_1)
# define RC_MAC_Start_auth (TPM_RC_P + TPM_RC_1)
# define RC_MAC_Start_inScheme (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_MAC_Start(
MAC_Start_In *in, // IN: input parameter list
MAC_Start_Out *out // OUT: output parameter list
);
TPM2_MAC_Start(MAC_Start_In* in, MAC_Start_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_START_FP_H_
#endif // CC_MAC_Start

34
src/tpm2/MAC_fp.h
View File

@ -59,30 +59,36 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef MAC_FP_H
#define MAC_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_MAC // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT handle;
TPM2B_MAX_BUFFER buffer;
TPMI_ALG_MAC_SCHEME inScheme;
} MAC_In;
// Output structure definition
typedef struct
{
TPM2B_DIGEST outMAC;
} MAC_Out;
// Response code modifiers
# define RC_MAC_handle (TPM_RC_H + TPM_RC_1)
# define RC_MAC_buffer (TPM_RC_P + TPM_RC_1)
# define RC_MAC_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
TPM2B_MAX_BUFFER outMAC;
} MAC_Out;
// Function prototype
TPM_RC
TPM2_MAC(
MAC_In *in, // IN: input parameter list
MAC_Out *out // OUT: output parameter list
);
TPM2_MAC(MAC_In* in, MAC_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_FP_H_
#endif // CC_MAC

38
src/tpm2/MakeCredential_fp.h
View File

@ -59,31 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef MAKECREDENTIAL_FP_H
#define MAKECREDENTIAL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_MakeCredential // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAKECREDENTIAL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAKECREDENTIAL_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT handle;
TPM2B_DIGEST credential;
TPM2B_NAME objectName;
} MakeCredential_In;
#define RC_MakeCredential_handle (TPM_RC_H + TPM_RC_1)
#define RC_MakeCredential_credential (TPM_RC_P + TPM_RC_1)
#define RC_MakeCredential_objectName (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ID_OBJECT credentialBlob;
TPM2B_ENCRYPTED_SECRET secret;
} MakeCredential_Out;
TPM_RC
TPM2_MakeCredential(
MakeCredential_In *in, // IN: input parameter list
MakeCredential_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_MakeCredential_handle (TPM_RC_H + TPM_RC_1)
# define RC_MakeCredential_credential (TPM_RC_P + TPM_RC_1)
# define RC_MakeCredential_objectName (TPM_RC_P + TPM_RC_2)
#endif
// Function prototype
TPM_RC
TPM2_MakeCredential(MakeCredential_In* in, MakeCredential_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAKECREDENTIAL_FP_H_
#endif // CC_MakeCredential

Some files were not shown because too many files have changed in this diff Show More