Compare commits

..

31 Commits

Author SHA1 Message Date
Stefan Berger
001aa47a96
Merge ffd93ef183 into b4d81572c1 2025-08-17 11:20:23 +00:00
Stefan Berger
b4d81572c1 tpm2: Define TPMI_RH_NV_DEFINED_INDEX_H_UNMARSHAL and use it
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-07 11:05:51 -04:00
Stefan Berger
c9ed596fe4 tpm2: Add missing ADD_FLAG to X509Certificate definition
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-07 11:05:51 -04:00
Stefan Berger
e7e8c38281 tpm2: Rename PlatformPCR.c to PlatformPcr.c and sync
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-06 13:55:46 -04:00
Stefan Berger
04bd7d4b2b tpm2: Sync (unused) structures and defines related to FIPS-140
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-06 10:24:30 -04:00
Stefan Berger
e02951cd05 tpm2: Add or remove empty lines to reduce diffs
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-05 10:47:24 -04:00
Stefan Berger
7eb43b9ebe tpm2: Remove commented-out blocks
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-05 10:47:24 -04:00
Stefan Berger
8fd1293d60 tpm2: Sync defines for unsupported AC_GetCapability
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-05 10:47:24 -04:00
Stefan Berger
bee52fbed3 tpm2: Add definitions for new algorithms and curves
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-05 10:47:24 -04:00
Stefan Berger
3edd48d6b1 tpm2: Sync with new defines on symmetric algorithms' sizes
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-05 10:47:24 -04:00
Stefan Berger
8c89e53ed4 tpm2: Move defines for commands from TpmAlgorithmDefines to TpmTypes.h
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-05 10:47:24 -04:00
Stefan Berger
c0a2f22226 tpm2: Add explicit casts to UINT32 to avoid UBSAN issue
UBSAN complains about the following now:

  runtime error: left shift of 129 by 24 places cannot be
     represented in type 'int'

Fix this (again) in the affected variables by casting the values to UINT32.
Some of the fixes got lost in the recent re-base, others are new due to
how the values are defined.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-08-03 17:47:15 -04:00
Stefan Berger
13a41ca095 tpm2: Add missing defines for existing structures, remove others
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
2a5baa8800 tpm2: Sync up RunCommand.c with upstream
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
e60fafc61a tpm2: Add missing SVN-related cases in TPMPropertyIsDefined
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
b2839e2613 tpm2: Sync TPM_PT_MODES case in TPMPropertyIsDefined
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
865b356292 tpm2: Add missing '|| TABLE_DRIVEN_MARSHAL' to CommandDispatcher.c
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
fccc05845b tpm2: Add support for CRYPTO_LIB_REPORTING but do not use it
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
74bd4ee1d6 tpm2: Use TPM2B_DIGEST in MAC_Out
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
79e233c607 tpm2: Remove CLOCK_ defines for header since already in Clock.c
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
1278421db9 tpm2: Add TPMI_RH_BASE_HIERARCHY type and use it
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
04dab706c5 tpm2: Add (unused) defines to TpmTcpProtocol.h
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
fa637145b8 tpm2: Fix definition of CertifyX509 error codes
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
0945ad07ef tpm2: Fix definition of ChangePPS error codes
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
a954fa214b tpm2: Fix definition of NV_ReadPublic error codes
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
2360ec6d83 tpm2: Fix definition of HierarchyChnageAuth error codes
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
bd282cce6a tpm2: Fix definition of SequenceUpdate error codes
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
f8ddf879af tpm2: Replace occurrences of xorr with xor
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
4c7dcf2db3 tpm2: Rebase on TPM v1.83: Reduce diffs
- Rename files so the filenames match
- Reduce whitespace diffs
- Other trivial changes

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
5de6c7fe40 scripts: Implement scripts to be able to use meld on upstream codebase
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-31 18:57:14 -04:00
Stefan Berger
4c374f9994 tpm2: Have TPM2_NV_DefineSpace call NvDefineSpace
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2025-07-22 15:45:42 -04:00
356 changed files with 31906 additions and 27726 deletions

98
scripts/meld-all Executable file
View File

@ -0,0 +1,98 @@
#!/usr/bin/env bash
SKIP_FILES="(Marshal.c|Marshal_fp.h)"
NO_MELD_FLAG=$((1<<0))
main()
{
local opts f fname upstream flags
flags=0
prgname="$0"
if ! opts=$(getopt -l "help,no-meld,diff-only" -n "$prgname" -- "$prgname" "$@"); then
echo "Error: Failed to parse options." >&2
return 1
fi
eval set -- "${opts}"
while :; do
case "$1" in
--no-meld|diff-only)
flags=$((flags | NO_MELD_FLAG))
shift
;;
--)
shift
break
;;
--help)
help "$prgname"
return 0
;;
*)
echo "Internal error: Unregonized option '$1'" >&2
shift
return
;;
esac
done
if [ ! -r "$1" ]; then
echo "Cannot find file '$1' in libtpms repo."
exit 1
fi
if [ ! -d "$1" ]; then
echo "'$1' is not a directory."
exit 1
fi
if [ ! -d "${TCG_TPM_HOME}" ]; then
echo "TCG_TPM_HOME must point to a directory."
exit 1
fi
for f in $(find "$1" -type f -name '*.[ch]'); do
fname=$(basename "$f")
if [[ "${fname}" =~ ^${SKIP_FILES}$ ]]; then
echo "skipping ${fname}"
continue
fi
upstream=$(find "${TCG_TPM_HOME}" | grep -E "/${fname}\$")
if [ -n "${upstream}" ]; then
# find first empty line presumably after license
line=$(grep -m 1 -E "^$" -n "${f}" | cut -d":" -f1)
if [ -z "$line" ]; then
if [ $((flags & NO_MELD_FLAG)) -eq 0 ]; then
meld "${upstrean}" "${f}"
else
echo "Something wrong with file $f"
fi
fi
line=$((line+1))
if [ $((flags & NO_MELD_FLAG)) -ne 0 ]; then
echo "============================================================================"
echo "${f}"
diff --ignore-trailing-space <(sed -n "${line},\$p" < "${f}") "${upstream}"
fi
if ! diff --ignore-trailing-space <(sed -n "${line},\$p" < "${f}") "${upstream}" >/dev/null; then
if [ $((flags & NO_MELD_FLAG)) -eq 0 ]; then
meld "${upstream}" "$f"
fi
else
echo "${f}: nothing to do"
fi
else
echo "Could not find file ${fname} in TCG TPM repo"
fi
done
}
main "$@"
exit $?

23
scripts/meld-find Executable file
View File

@ -0,0 +1,23 @@
#!/usr/bin/env bash
if [ ! -f "$1" ]; then
echo "Cannot find file '$1' in libtpms repo."
exit 1
fi
if [ -z "${TCG_TPM_HOME}" ]; then
echo "TCG_TPM_HOME must be set to the TCG TPM repo checkout."
exit 1
fi
if [ ! -d "${TCG_TPM_HOME}" ]; then
echo "TCG_TPM_HOME must point to a directory."
exit 1
fi
fname=$(basename "$1")
upstream=$(find "${TCG_TPM_HOME}" | grep -E "/${fname}\$")
meld "${upstream}" "$1"

View File

@ -237,9 +237,9 @@ libtpms_tpm2_la_SOURCES = \
tpm2/MathOnByteBuffers.c \
tpm2/Memory.c \
tpm2/NVCommands.c \
tpm2/NVDynamic.c \
tpm2/NvDynamic.c \
tpm2/NVMem.c \
tpm2/NVReserved.c \
tpm2/NvReserved.c \
tpm2/NV_spt.c \
tpm2/Object.c \
tpm2/ObjectCommands.c \
@ -247,7 +247,7 @@ libtpms_tpm2_la_SOURCES = \
tpm2/PCR.c \
tpm2/PlatformACT.c \
tpm2/PlatformData.c \
tpm2/PlatformPCR.c \
tpm2/PlatformPcr.c \
tpm2/Policy_spt.c \
tpm2/Power.c \
tpm2/PowerPlat.c \
@ -268,7 +268,7 @@ libtpms_tpm2_la_SOURCES = \
tpm2/TestingCommands.c \
tpm2/Ticket.c \
tpm2/Time.c \
tpm2/TpmAsn1.c \
tpm2/TpmASN1.c \
tpm2/TpmBigNumThunks.c \
tpm2/TpmEcc_Signature_ECDAA.c \
tpm2/TpmEcc_Signature_ECDSA.c \
@ -365,6 +365,7 @@ noinst_HEADERS += \
tpm2/Create_fp.h \
tpm2/CreateLoaded_fp.h \
tpm2/CreatePrimary_fp.h \
tpm2/CryptoInterface.h \
tpm2/CryptSelfTest_fp.h \
tpm2/DA_fp.h \
tpm2/DebugHelpers_fp.h \
@ -426,7 +427,7 @@ noinst_HEADERS += \
tpm2/NV_ChangeAuth_fp.h \
tpm2/NV_DefineSpace_fp.h \
tpm2/NV_DefineSpace2_fp.h \
tpm2/NVDynamic_fp.h \
tpm2/NvDynamic_fp.h \
tpm2/NV_Extend_fp.h \
tpm2/NV_GlobalWriteLock_fp.h \
tpm2/NV.h \
@ -435,7 +436,7 @@ noinst_HEADERS += \
tpm2/NV_ReadLock_fp.h \
tpm2/NV_ReadPublic_fp.h \
tpm2/NV_ReadPublic2_fp.h \
tpm2/NVReserved_fp.h \
tpm2/NvReserved_fp.h \
tpm2/NV_SetBits_fp.h \
tpm2/NV_spt_fp.h \
tpm2/NV_UndefineSpace_fp.h \

View File

@ -59,11 +59,20 @@
/* */
/********************************************************************************/
// 5.24 ACT.h
#ifndef _ACT_H_
#define _ACT_H_
#include "TpmProfile.h"
#if 0 // libtpms added
#if ACT_SUPPORT \
!= (RH_ACT_0 | RH_ACT_1 | RH_ACT_2 | RH_ACT_3 | RH_ACT_4 | RH_ACT_5 | RH_ACT_6 \
| RH_ACT_7 | RH_ACT_8 | RH_ACT_9 | RH_ACT_A | RH_ACT_B | RH_ACT_C | RH_ACT_D \
| RH_ACT_E | RH_ACT_F)
# error "If ACT_SUPPORT == NO, no ACTs can be enabled"
#endif // (ACT_SUPPORT != ...)
#endif // libtpms added
#if !(defined RH_ACT_0) || (RH_ACT_0 != YES)
# undef RH_ACT_0
# define RH_ACT_0 NO
@ -176,9 +185,11 @@
#else
# define IF_ACT_F_IMPLEMENTED(op) op(F)
#endif
#ifndef TPM_RH_ACT_0
#error Need numeric definition for TPM_RH_ACT_0
# error Need numeric definition for TPM_RH_ACT_0
#endif
#ifndef TPM_RH_ACT_1
# define TPM_RH_ACT_1 (TPM_RH_ACT_0 + 1)
#endif
@ -224,6 +235,7 @@
#ifndef TPM_RH_ACT_F
# define TPM_RH_ACT_F (TPM_RH_ACT_0 + 0xF)
#endif
#define FOR_EACH_ACT(op) \
IF_ACT_0_IMPLEMENTED(op) \
IF_ACT_1_IMPLEMENTED(op) \
@ -243,15 +255,17 @@
IF_ACT_F_IMPLEMENTED(op)
// This is the mask for ACT that are implemented
//#define ACT_MASK(N) | (1 << 0x##N)
//#define ACT_IMPLEMENTED_MASK (0 FOR_EACH_ACT(ACT_MASK))
#define CASE_ACT_HANDLE(N) case TPM_RH_ACT_##N:
#define CASE_ACT_NUMBER(N) case 0x##N:
typedef struct ACT_STATE
{
UINT32 remaining;
TPM_ALG_ID hashAlg;
TPM2B_DIGEST authPolicy;
} ACT_STATE, *P_ACT_STATE;
#endif // _ACT_H_

View File

@ -59,21 +59,28 @@
/* */
/********************************************************************************/
#ifndef ACT_SETTIMEOUT_FP_H
#define ACT_SETTIMEOUT_FP_H
typedef struct {
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
#if CC_ACT_SetTimeout // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ACT actHandle;
UINT32 startTimeout;
} ACT_SetTimeout_In;
#define RC_ACT_SetTimeout_actHandle (TPM_RC_H + TPM_RC_1)
#define RC_ACT_SetTimeout_startTimeout (TPM_RC_H + TPM_RC_2)
// Response code modifiers
# define RC_ACT_SetTimeout_actHandle (TPM_RC_H + TPM_RC_1)
# define RC_ACT_SetTimeout_startTimeout (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ACT_SetTimeout(
ACT_SetTimeout_In *in // IN: input parameter list
);
TPM2_ACT_SetTimeout(ACT_SetTimeout_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
#endif // CC_ACT_SetTimeout

View File

@ -83,7 +83,7 @@
#ifndef __ACT_DISABLED // libtpms added
static void _ActResume(UINT32 act, //IN: the act number
ACT_STATE* actData //IN: pointer to the saved ACT data
)
)
{
// If the act was non-zero, then restore the counter value.
if(actData->remaining > 0)
@ -168,7 +168,7 @@ BOOL ActGetSignaled(TPM_RH actHandle)
//***ActShutdown()
// This function saves the current state of the counters
BOOL ActShutdown(TPM_SU state //IN: the type of the shutdown.
)
)
{
// if this is not shutdown state, then the only type of startup is TPM_RESTART
// so the timer values will be cleared. If this is shutdown state, get the current
@ -216,7 +216,7 @@ BOOL ActIsImplemented(UINT32 act)
TPM_RC
ActCounterUpdate(TPM_RH handle, //IN: the handle of the act
UINT32 newValue //IN: the value to set in the ACT
)
)
{
UINT32 act;
TPM_RC result;
@ -262,7 +262,7 @@ TPMI_YES_NO
ActGetCapabilityData(TPM_HANDLE actHandle, // IN: the handle for the starting ACT
UINT32 maxCount, // IN: maximum allowed return values
TPML_ACT_DATA* actList // OUT: ACT data list
)
)
{
// Initialize output property list
actList->count = 0;
@ -313,7 +313,7 @@ ActGetCapabilityData(TPM_HANDLE actHandle, // IN: the handle for the starti
// This function returns an ACT's capability, if present.
BOOL ActGetOneCapability(TPM_HANDLE actHandle, // IN: the handle for the ACT
TPMS_ACT_DATA* actData // OUT: ACT data
)
)
{
UINT32 act = actHandle - TPM_RH_ACT_0;

View File

@ -77,7 +77,7 @@ BOOL ActGetSignaled(TPM_RH actHandle);
//***ActShutdown()
// This function saves the current state of the counters
BOOL ActShutdown(TPM_SU state //IN: the type of the shutdown.
);
);
//*** ActIsImplemented()
// This function determines if an ACT is implemented in both the TPM and the platform
@ -90,7 +90,7 @@ BOOL ActIsImplemented(UINT32 act);
TPM_RC
ActCounterUpdate(TPM_RH handle, //IN: the handle of the act
UINT32 newValue //IN: the value to set in the ACT
);
);
//*** ActGetCapabilityData()
// This function returns the list of ACT data
@ -101,12 +101,12 @@ TPMI_YES_NO
ActGetCapabilityData(TPM_HANDLE actHandle, // IN: the handle for the starting ACT
UINT32 maxCount, // IN: maximum allowed return values
TPML_ACT_DATA* actList // OUT: ACT data list
);
);
//*** ActGetOneCapability()
// This function returns an ACT's capability, if present.
BOOL ActGetOneCapability(TPM_HANDLE actHandle, // IN: the handle for the ACT
TPMS_ACT_DATA* actData // OUT: ACT data
);
);
#endif // _ACT_SPT_FP_H_

View File

@ -59,30 +59,38 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ACTIVATECREDENTIAL_FP_H
#define ACTIVATECREDENTIAL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ActivateCredential // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT activateHandle;
TPMI_DH_OBJECT keyHandle;
TPM2B_ID_OBJECT credentialBlob;
TPM2B_ENCRYPTED_SECRET secret;
} ActivateCredential_In;
#define RC_ActivateCredential_activateHandle (TPM_RC_H + TPM_RC_1)
#define RC_ActivateCredential_keyHandle (TPM_RC_H + TPM_RC_2)
#define RC_ActivateCredential_credentialBlob (TPM_RC_P + TPM_RC_1)
#define RC_ActivateCredential_secret (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DIGEST certInfo;
} ActivateCredential_Out;
// Response code modifiers
# define RC_ActivateCredential_activateHandle (TPM_RC_H + TPM_RC_1)
# define RC_ActivateCredential_keyHandle (TPM_RC_H + TPM_RC_2)
# define RC_ActivateCredential_credentialBlob (TPM_RC_P + TPM_RC_1)
# define RC_ActivateCredential_secret (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_ActivateCredential(
ActivateCredential_In *in, // IN: input parameter list
ActivateCredential_Out *out // OUT: output parameter list
);
#endif
TPM2_ActivateCredential(ActivateCredential_In* in, ActivateCredential_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
#endif // CC_ActivateCredential

View File

@ -58,42 +58,51 @@
/* */
/********************************************************************************/
/* 9.1 AlgorithmCap.c */
/* 9.1.1 Description */
/* This file contains the algorithm property definitions for the algorithms and the code for the
TPM2_GetCapability() to return the algorithm properties. */
/* 9.1.2 Includes and Defines */
//** Description
// This file contains the algorithm property definitions for the algorithms and the
// code for the TPM2_GetCapability() to return the algorithm properties.
//** Includes and Defines
#include "Tpm.h"
typedef struct
{
TPM_ALG_ID algID;
TPMA_ALGORITHM attributes;
} ALGORITHM;
static const ALGORITHM s_algorithms[] =
{
// The entries in this table need to be in ascending order but the table doesn't
// need to be full (gaps are allowed). One day, a tool might exist to fill in the
// table from the TPM_ALG description
static const ALGORITHM s_algorithms[] = {
// The entries in this table need to be in ascending order but the table doesn't
// need to be full (gaps are allowed). One day, a tool might exist to fill in the
// table from the TPM_ALG description
#if ALG_RSA
{TPM_ALG_RSA, TPMA_ALGORITHM_INITIALIZER(1, 0, 0, 1, 0, 0, 0, 0, 0)},
#endif
#if ALG_TDES
#if ALG_TDES // libtpms added begin
{TPM_ALG_TDES, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
#endif
#endif // libtpms added end
#if ALG_SHA1
{TPM_ALG_SHA1, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 0, 0)},
#endif
{TPM_ALG_HMAC, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 1, 0, 0, 0)},
#if ALG_AES
{TPM_ALG_AES, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
#endif
#if ALG_MGF1
{TPM_ALG_MGF1, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 1, 0)},
#endif
{TPM_ALG_KEYEDHASH, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 1, 0, 1, 1, 0, 0)},
#if ALG_XOR
{TPM_ALG_XOR, TPMA_ALGORITHM_INITIALIZER(0, 1, 1, 0, 0, 0, 0, 0, 0)},
#endif
#if ALG_SHA256
{TPM_ALG_SHA256, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 0, 0)},
#endif
@ -151,7 +160,9 @@ static const ALGORITHM s_algorithms[] =
#if ALG_ECC
{TPM_ALG_ECC, TPMA_ALGORITHM_INITIALIZER(1, 0, 0, 1, 0, 0, 0, 0, 0)},
#endif
{TPM_ALG_SYMCIPHER, TPMA_ALGORITHM_INITIALIZER(0, 0, 0, 1, 0, 0, 0, 0, 0)},
#if ALG_CAMELLIA
{TPM_ALG_CAMELLIA, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
#endif
@ -173,29 +184,35 @@ static const ALGORITHM s_algorithms[] =
#if ALG_ECB
{TPM_ALG_ECB, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 1, 0, 0)},
#endif
};
/* 9.1.3 AlgorithmCapGetImplemented() */
/* This function is used by TPM2_GetCapability() to return a list of the implemented algorithms. */
/* Return Values Meaning */
/* YES more algorithms to report */
/* NO no more algorithms to report */
};
//** AlgorithmCapGetImplemented()
// This function is used by TPM2_GetCapability() to return a list of the
// implemented algorithms.
//
// Return Type: TPMI_YES_NO
// YES more algorithms to report
// NO no more algorithms to report
TPMI_YES_NO
AlgorithmCapGetImplemented(
TPM_ALG_ID algID, // IN: the starting algorithm ID
AlgorithmCapGetImplemented(TPM_ALG_ID algID, // IN: the starting algorithm ID
UINT32 count, // IN: count of returned algorithms
TPML_ALG_PROPERTY *algList // OUT: algorithm list
)
TPML_ALG_PROPERTY* algList // OUT: algorithm list
)
{
TPMI_YES_NO more = NO;
UINT32 i;
UINT32 algNum;
// initialize output algorithm list
algList->count = 0;
// The maximum count of algorithms we may return is MAX_CAP_ALGS.
if(count > MAX_CAP_ALGS)
count = MAX_CAP_ALGS;
// Compute how many algorithms are defined in s_algorithms array.
algNum = sizeof(s_algorithms) / sizeof(s_algorithms[0]);
// Scan the implemented algorithm list to see if there is a match to 'algID'.
for(i = 0; i < algNum; i++)
{
@ -222,6 +239,7 @@ AlgorithmCapGetImplemented(
break;
}
}
return more;
}
@ -231,7 +249,7 @@ AlgorithmCapGetImplemented(
BOOL AlgorithmCapGetOneImplemented(
TPM_ALG_ID algID, // IN: the algorithm ID
TPMS_ALG_PROPERTY* algProperty // OUT: algorithm properties
)
)
{
UINT32 i;
UINT32 algNum;
@ -253,27 +271,25 @@ BOOL AlgorithmCapGetOneImplemented(
return TRUE;
}
}
return FALSE;
}
/* 9.1.4 AlgorithmGetImplementedVector()
This function returns the bit vector of the implemented algorithms.
*/
//** AlgorithmGetImplementedVector()
// This function returns the bit vector of the implemented algorithms.
LIB_EXPORT
void
AlgorithmGetImplementedVector(
ALGORITHM_VECTOR *implemented // OUT: the implemented bits are SET
)
void AlgorithmGetImplementedVector(
ALGORITHM_VECTOR* implemented // OUT: the implemented bits are SET
)
{
int index;
// Nothing implemented until we say it is
MemorySet(implemented, 0, sizeof(ALGORITHM_VECTOR));
// Go through the list of implemented algorithms and SET the corresponding bit in
// in the implemented vector
for(index = (sizeof(s_algorithms) / sizeof(s_algorithms[0])) - 1;
index >= 0; index--) { // libtpms changed
for(index = (sizeof(s_algorithms) / sizeof(s_algorithms[0])) - 1; index >= 0;
index--) { // libtpms changed
if (RuntimeAlgorithmCheckEnabled(&g_RuntimeProfile.RuntimeAlgorithm, // libtpms added begin
s_algorithms[index].algID))
SET_BIT(s_algorithms[index].algID, *implemented);

View File

@ -58,28 +58,40 @@
/* */
/********************************************************************************/
#ifndef ALGORITHMCAP_FP_H
#define ALGORITHMCAP_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
#ifndef _ALGORITHM_CAP_FP_H_
#define _ALGORITHM_CAP_FP_H_
//** AlgorithmCapGetImplemented()
// This function is used by TPM2_GetCapability() to return a list of the
// implemented algorithms.
//
// Return Type: TPMI_YES_NO
// YES more algorithms to report
// NO no more algorithms to report
TPMI_YES_NO
AlgorithmCapGetImplemented(
TPM_ALG_ID algID, // IN: the starting algorithm ID
AlgorithmCapGetImplemented(TPM_ALG_ID algID, // IN: the starting algorithm ID
UINT32 count, // IN: count of returned algorithms
TPML_ALG_PROPERTY *algList // OUT: algorithm list
);
TPML_ALG_PROPERTY* algList // OUT: algorithm list
);
//** AlgorithmCapGetOneImplemented()
// This function returns whether a single algorithm was implemented, along
// with its properties (if implemented).
BOOL AlgorithmCapGetOneImplemented(
TPM_ALG_ID algID, // IN: the algorithm ID
TPMS_ALG_PROPERTY* algProperty // OUT: algorithm properties
);
);
//** AlgorithmGetImplementedVector()
// This function returns the bit vector of the implemented algorithms.
LIB_EXPORT
void
AlgorithmGetImplementedVector(
ALGORITHM_VECTOR *implemented // OUT: the implemented bits are SET
);
void AlgorithmGetImplementedVector(
ALGORITHM_VECTOR* implemented // OUT: the implemented bits are SET
);
#endif
#endif // _ALGORITHM_CAP_FP_H_

View File

@ -199,7 +199,7 @@ TestSMAC(
static UINT32 MakeIv(TPM_ALG_ID mode, // IN: symmetric mode
UINT32 size, // IN: block size of the algorithm
BYTE* iv // OUT: IV to fill in
)
)
{
BYTE i;
@ -223,7 +223,7 @@ static UINT32 MakeIv(TPM_ALG_ID mode, // IN: symmetric mode
// Function to test a specific algorithm, key size, and mode.
static void TestSymmetricAlgorithm(const SYMMETRIC_TEST_VECTOR* test, //
TPM_ALG_ID mode //
)
)
{
static BYTE encrypted[MAX_SYM_BLOCK_SIZE * 2];
static BYTE decrypted[MAX_SYM_BLOCK_SIZE * 2];
@ -309,7 +309,7 @@ static TPM_RC TestSymmetric(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
//
if(!TEST_BIT(alg, *toTest))
return TPM_RC_SUCCESS;
if(alg == TPM_ALG_AES || alg == TPM_ALG_SM4 || alg == TPM_ALG_CAMELLIA || alg == TPM_ALG_TDES)
if(alg == TPM_ALG_AES || alg == TPM_ALG_SM4 || alg == TPM_ALG_CAMELLIA || alg == TPM_ALG_TDES) // libtpms added TPM_ALG_TDES
{
// Will test the algorithm for all modes and key sizes
CLEAR_BOTH(alg);
@ -414,7 +414,7 @@ static void RsaKeyInitialize(OBJECT* testObject)
// These tests are for a public key encryption that uses a random value.
static TPM_RC TestRsaEncryptDecrypt(TPM_ALG_ID scheme, // IN: the scheme
ALGORITHM_VECTOR* toTest //
)
)
{
static TPM2B_PUBLIC_KEY_RSA testInput;
static TPM2B_PUBLIC_KEY_RSA testOutput;
@ -639,7 +639,7 @@ static TPM_RC TestRsa(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
// This function is mostly for readability and type checking
static void LoadEccParameter(TPM2B_ECC_PARAMETER* to, // target
const TPM2B_EC_TEST* from // source
)
)
{
MemoryCopy2B(&to->b, &from->b, sizeof(to->t.buffer));
}
@ -657,7 +657,7 @@ static void LoadEccPoint(TPMS_ECC_POINT* point, // target
// This test does a KVT on a point multiply.
static TPM_RC TestECDH(TPM_ALG_ID scheme, // IN: for consistency
ALGORITHM_VECTOR* toTest // IN/OUT: modified after test is run
)
)
{
static TPMS_ECC_POINT Z;
static TPMS_ECC_POINT Qe;
@ -872,7 +872,8 @@ TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
case TPM_ALG_AES:
// libtpms added begin
# if SMAC_IMPLEMENTED && ALG_CMAC
if (doTest) {
if (doTest)
{
result = TestSMAC(toTest);
if (result != TPM_RC_SUCCESS)
break;
@ -936,8 +937,8 @@ TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
// tested because this uses HMAC
SET_BOTH(DEFAULT_TEST_HASH);
break;
// Have to use two arguments for the macro even though only the first is used in the
// expansion.
// Have to use two arguments for the macro even though only the first is used in the
// expansion.
# define HASH_CASE_TEST(HASH, hash) case ALG_##HASH##_VALUE:
FOR_EACH_HASH(HASH_CASE_TEST)
# undef HASH_CASE_TEST
@ -1000,4 +1001,4 @@ TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
return result;
}
#endif // ENABLE_SELF_TESTS
#endif // SELF_TESTS

View File

@ -58,17 +58,38 @@
/* */
/********************************************************************************/
#ifndef ALGORITHMTESTS_FP_H
#define ALGORITHMTESTS_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 4, 2020 Time: 02:36:44PM
*/
#ifndef _ALGORITHM_TESTS_FP_H_
#define _ALGORITHM_TESTS_FP_H_
#if ENABLE_SELF_TESTS
//*** TestAlgorithm()
// Dispatches to the correct test function for the algorithm or gets a list of
// testable algorithms.
//
// If 'toTest' is not NULL, then the test decisions are based on the algorithm
// selections in 'toTest'. Otherwise, 'g_toTest' is used. When bits are clear in
// 'g_toTest' they will also be cleared 'toTest'.
//
// If there doesn't happen to be a test for the algorithm, its associated bit is
// quietly cleared.
//
// If 'alg' is zero (TPM_ALG_ERROR), then the toTest vector is cleared of any bits
// for which there is no test (i.e. no tests are actually run but the vector is
// cleared).
//
// Note: 'toTest' will only ever have bits set for implemented algorithms but 'alg'
// can be anything.
// Return Type: TPM_RC
// TPM_RC_CANCELED test was canceled
LIB_EXPORT
TPM_RC
TestAlgorithm(
TPM_ALG_ID alg,
ALGORITHM_VECTOR *toTest
);
TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest);
#endif // ENABLE_SELF_TESTS
#endif // ALGORITHMTESTS_FP_H
#endif // _ALGORITHM_TESTS_FP_H_

View File

@ -59,22 +59,27 @@
/* */
/********************************************************************************/
//** Includes
#include "Tpm.h"
#include "Attest_spt_fp.h"
/* 7.2.2 Functions */
/* 7.2.2.1 FillInAttestInfo() */
/* Fill in common fields of TPMS_ATTEST structure. */
void
FillInAttestInfo(
#include "Marshal.h"
//** Functions
//***FillInAttestInfo()
// Fill in common fields of TPMS_ATTEST structure.
void FillInAttestInfo(
TPMI_DH_OBJECT signHandle, // IN: handle of signing object
TPMT_SIG_SCHEME *scheme, // IN/OUT: scheme to be used for signing
TPM2B_DATA *data, // IN: qualifying data
TPMS_ATTEST *attest // OUT: attest structure
)
TPMT_SIG_SCHEME* scheme, // IN/OUT: scheme to be used for signing
TPM2B_DATA* data, // IN: qualifying data
TPMS_ATTEST* attest // OUT: attest structure
)
{
OBJECT *signObject = HandleToObject(signHandle);
OBJECT* signObject = HandleToObject(signHandle);
// Magic number
attest->magic = TPM_GENERATED_VALUE;
if(signObject == NULL)
{
// The name for a null handle is TPM_RH_NULL
@ -96,9 +101,11 @@ FillInAttestInfo(
}
// current clock in plain text
TimeFillInfo(&attest->clockInfo);
// Firmware version in plain text
attest->firmwareVersion = ((UINT64)gp.firmwareV1 << (sizeof(UINT32) * 8));
attest->firmwareVersion += gp.firmwareV2;
// Check the hierarchy of sign object. For NULL sign handle, the hierarchy
// will be TPM_RH_NULL
if((signObject == NULL)
@ -108,9 +115,15 @@ FillInAttestInfo(
// For signing key that is not in platform or endorsement hierarchy,
// obfuscate the reset, restart and firmware version information
UINT64 obfuscation[2];
CryptKDFa(CONTEXT_INTEGRITY_HASH_ALG, &gp.shProof.b, OBFUSCATE_STRING,
&attest->qualifiedSigner.b, NULL, 128,
(BYTE *)&obfuscation[0], NULL, FALSE);
CryptKDFa(CONTEXT_INTEGRITY_HASH_ALG,
&gp.shProof.b,
OBFUSCATE_STRING,
&attest->qualifiedSigner.b,
NULL,
128,
(BYTE*)&obfuscation[0],
NULL,
FALSE);
// Obfuscate data
attest->firmwareVersion += obfuscation[0];
attest->clockInfo.resetCount += (UINT32)(obfuscation[1] >> 32);
@ -127,32 +140,38 @@ FillInAttestInfo(
data->t.size = 0;
}
}
/* 7.2.2.2 SignAttestInfo() */
/* Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature is returned. */
/* Error Returns Meaning */
/* TPM_RC_ATTRIBUTES signHandle references not a signing key */
/* TPM_RC_SCHEME scheme is not compatible with signHandle type */
/* TPM_RC_VALUE digest generated for the given scheme is greater than the modulus of signHandle (for
an RSA key); invalid commit status or failed to generate r value (for an ECC key) */
//***SignAttestInfo()
// Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature
// is returned.
//
// Return Type: TPM_RC
// TPM_RC_ATTRIBUTES 'signHandle' references not a signing key
// TPM_RC_SCHEME 'scheme' is not compatible with 'signHandle' type
// TPM_RC_VALUE digest generated for the given 'scheme' is greater than
// the modulus of 'signHandle' (for an RSA key);
// invalid commit status or failed to generate "r" value
// (for an ECC key)
TPM_RC
SignAttestInfo(
OBJECT *signKey, // IN: sign object
TPMT_SIG_SCHEME *scheme, // IN: sign scheme
TPMS_ATTEST *certifyInfo, // IN: the data to be signed
TPM2B_DATA *qualifyingData, // IN: extra data for the signing
SignAttestInfo(OBJECT* signKey, // IN: sign object
TPMT_SIG_SCHEME* scheme, // IN: sign scheme
TPMS_ATTEST* certifyInfo, // IN: the data to be signed
TPM2B_DATA* qualifyingData, // IN: extra data for the signing
// process
TPM2B_ATTEST *attest, // OUT: marshaled attest blob to be
TPM2B_ATTEST* attest, // OUT: marshaled attest blob to be
// signed
TPMT_SIGNATURE *signature // OUT: signature
)
TPMT_SIGNATURE* signature // OUT: signature
)
{
BYTE *buffer;
BYTE* buffer;
HASH_STATE hashState;
TPM2B_DIGEST digest;
TPM_RC result;
// Marshal TPMS_ATTEST structure for hash
buffer = attest->t.attestationData;
attest->t.size = TPMS_ATTEST_Marshal(certifyInfo, &buffer, NULL);
if(signKey == NULL)
{
signature->sigAlg = TPM_ALG_NULL;
@ -165,9 +184,11 @@ SignAttestInfo(
hashAlg = scheme->details.any.hashAlg;
// need to set the receive buffer to get something put in it
digest.t.size = sizeof(digest.t.buffer);
digest.t.size = CryptHashBlock(hashAlg, attest->t.size,
digest.t.size = CryptHashBlock(hashAlg,
attest->t.size,
attest->t.attestationData,
digest.t.size, digest.t.buffer);
digest.t.size,
digest.t.buffer);
// If there is qualifying data, need to rehash the data
// hash(qualifyingData || hash(attestationData))
if(qualifyingData->t.size != 0)
@ -180,6 +201,7 @@ SignAttestInfo(
// Sign the hash. A TPM_RC_VALUE, TPM_RC_SCHEME, or
// TPM_RC_ATTRIBUTES error may be returned at this point
result = CryptSign(signKey, scheme, &digest, signature);
// Since the clock is used in an attestation, the state in NV is no longer
// "orderly" with respect to the data in RAM if the signature is valid
if(result == TPM_RC_SUCCESS)
@ -191,19 +213,18 @@ SignAttestInfo(
}
return result;
}
/* 7.2.2.3 IsSigningObject() */
/* Checks to see if the object is OK for signing. This is here rather than in Object_spt.c because
all the attestation commands use this file but not Object_spt.c. */
/* Return Values Meaning */
/* TRUE object may sign */
/* FALSE object may not sign */
BOOL
IsSigningObject(
OBJECT *object // IN:
)
//*** IsSigningObject()
// Checks to see if the object is OK for signing. This is here rather than in
// Object_spt.c because all the attestation commands use this file but not
// Object_spt.c.
// Return Type: BOOL
// TRUE(1) object may sign
// FALSE(0) object may not sign
BOOL IsSigningObject(OBJECT* object // IN:
)
{
return ((object == NULL)
|| ((IS_ATTRIBUTE(object->publicArea.objectAttributes, TPMA_OBJECT, sign)
&& object->publicArea.type != TPM_ALG_SYMCIPHER)));
}

View File

@ -59,34 +59,53 @@
/* */
/********************************************************************************/
#ifndef ATTEST_SPT_FP_H
#define ATTEST_SPT_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:18PM
*/
void
FillInAttestInfo(
#ifndef _ATTEST_SPT_FP_H_
#define _ATTEST_SPT_FP_H_
//***FillInAttestInfo()
// Fill in common fields of TPMS_ATTEST structure.
void FillInAttestInfo(
TPMI_DH_OBJECT signHandle, // IN: handle of signing object
TPMT_SIG_SCHEME *scheme, // IN/OUT: scheme to be used for signing
TPM2B_DATA *data, // IN: qualifying data
TPMS_ATTEST *attest // OUT: attest structure
);
TPMT_SIG_SCHEME* scheme, // IN/OUT: scheme to be used for signing
TPM2B_DATA* data, // IN: qualifying data
TPMS_ATTEST* attest // OUT: attest structure
);
//***SignAttestInfo()
// Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature
// is returned.
//
// Return Type: TPM_RC
// TPM_RC_ATTRIBUTES 'signHandle' references not a signing key
// TPM_RC_SCHEME 'scheme' is not compatible with 'signHandle' type
// TPM_RC_VALUE digest generated for the given 'scheme' is greater than
// the modulus of 'signHandle' (for an RSA key);
// invalid commit status or failed to generate "r" value
// (for an ECC key)
TPM_RC
SignAttestInfo(
OBJECT *signKey, // IN: sign object
TPMT_SIG_SCHEME *scheme, // IN: sign scheme
TPMS_ATTEST *certifyInfo, // IN: the data to be signed
TPM2B_DATA *qualifyingData, // IN: extra data for the signing
SignAttestInfo(OBJECT* signKey, // IN: sign object
TPMT_SIG_SCHEME* scheme, // IN: sign scheme
TPMS_ATTEST* certifyInfo, // IN: the data to be signed
TPM2B_DATA* qualifyingData, // IN: extra data for the signing
// process
TPM2B_ATTEST *attest, // OUT: marshaled attest blob to be
TPM2B_ATTEST* attest, // OUT: marshaled attest blob to be
// signed
TPMT_SIGNATURE *signature // OUT: signature
);
BOOL
IsSigningObject(
OBJECT *object // IN:
);
TPMT_SIGNATURE* signature // OUT: signature
);
//*** IsSigningObject()
// Checks to see if the object is OK for signing. This is here rather than in
// Object_spt.c because all the attestation commands use this file but not
// Object_spt.c.
// Return Type: BOOL
// TRUE(1) object may sign
// FALSE(0) object may not sign
BOOL IsSigningObject(OBJECT* object // IN:
);
#endif
#endif // _ATTEST_SPT_FP_H_

View File

@ -59,18 +59,17 @@
/* */
/********************************************************************************/
/* 5.2 BaseTypes.h */
#ifndef BASETYPES_H
#define BASETYPES_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
#include <stdint.h>
/* NULL definition */
#ifndef _TPM_INCLUDE_PUBLIC_BASETYPES_H_
#define _TPM_INCLUDE_PUBLIC_BASETYPES_H_
// NULL definition
#ifndef NULL
#define NULL (0)
#endif
# define NULL (0)
#endif // NULL
typedef uint8_t UINT8;
typedef uint8_t BYTE;
typedef int8_t INT8;
@ -82,4 +81,4 @@ typedef int32_t INT32;
typedef uint64_t UINT64;
typedef int64_t INT64;
#endif
#endif // _TPM_INCLUDE_PUBLIC_BASETYPES_H_

View File

@ -59,55 +59,53 @@
/* */
/********************************************************************************/
/* 9.2 Bits.c */
/* 9.2.1 Introduction */
/* This file contains bit manipulation routines. They operate on bit arrays. */
/* The 0th bit in the array is the right-most bit in the 0th octet in the array. */
/* NOTE: If pAssert() is defined, the functions will assert if the indicated bit number is outside
of the range of bArray. How the assert is handled is implementation dependent. */
/* 9.2.2 Includes */
#include "Tpm.h"
/* 9.2.3 Functions */
/* 9.2.3.1 TestBit() */
/* This function is used to check the setting of a bit in an array of bits. */
/* Return Values Meaning */
/* TRUE bit is set */
/* FALSE bit is not set */
//** Introduction
// This file contains bit manipulation routines. They operate on bit arrays.
//
// The 0th bit in the array is the right-most bit in the 0th octet in
// the array.
//
// NOTE: If pAssert() is defined, the functions will assert if the indicated bit
// number is outside of the range of 'bArray'. How the assert is handled is
// implementation dependent.
BOOL
TestBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE *bArray, // IN: array containing the bits
//** Includes
#include "Tpm.h"
//** Functions
//*** TestBit()
// This function is used to check the setting of a bit in an array of bits.
// Return Type: BOOL
// TRUE(1) bit is set
// FALSE(0) bit is not set
BOOL TestBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
)
)
{
pAssert(bytesInArray > (bitNum >> 3));
return((bArray[bitNum >> 3] & (1 << (bitNum & 7))) != 0);
return ((bArray[bitNum >> 3] & (1 << (bitNum & 7))) != 0);
}
/* 9.2.3.2 SetBit() */
/* This function will set the indicated bit in bArray. */
void
SetBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE *bArray, // IN: array containing the bits
//*** SetBit()
// This function will set the indicated bit in 'bArray'.
void SetBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
)
)
{
pAssert(bytesInArray > (bitNum >> 3));
bArray[bitNum >> 3] |= (1 << (bitNum & 7));
}
/* 9.2.3.3 ClearBit() */
/* This function will clear the indicated bit in bArray. */
void
ClearBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'.
BYTE *bArray, // IN: array containing the bits
//*** ClearBit()
// This function will clear the indicated bit in 'bArray'.
void ClearBit(unsigned int bitNum, // IN: number of the bit in 'bArray'.
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
)
)
{
pAssert(bytesInArray > (bitNum >> 3));
bArray[bitNum >> 3] &= ~(1 << (bitNum & 7));

View File

@ -59,40 +59,36 @@
/* */
/********************************************************************************/
#ifndef BITS_FP_H
#define BITS_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
/* 5.3.1 TestBit() */
/* This function is used to check the setting of a bit in an array of bits. */
/* Return Value Meaning */
/* TRUE bit is set */
/* FALSE bit is not set */
#ifndef _BITS_FP_H_
#define _BITS_FP_H_
BOOL
TestBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE *bArray, // IN: array containing the bits
//*** TestBit()
// This function is used to check the setting of a bit in an array of bits.
// Return Type: BOOL
// TRUE(1) bit is set
// FALSE(0) bit is not set
BOOL TestBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
);
);
/* 5.3.2 SetBit() */
/* This function will set the indicated bit in bArray. */
void
SetBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE *bArray, // IN: array containing the bits
//*** SetBit()
// This function will set the indicated bit in 'bArray'.
void SetBit(unsigned int bitNum, // IN: number of the bit in 'bArray'
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
);
);
/* 5.3.3 ClearBit() */
/* This function will clear the indicated bit in bArray. */
void
ClearBit(
unsigned int bitNum, // IN: number of the bit in 'bArray'.
BYTE *bArray, // IN: array containing the bits
//*** ClearBit()
// This function will clear the indicated bit in 'bArray'.
void ClearBit(unsigned int bitNum, // IN: number of the bit in 'bArray'.
BYTE* bArray, // IN: array containing the bits
unsigned int bytesInArray // IN: size in bytes of 'bArray'
);
);
#endif
#endif // _BITS_FP_H_

View File

@ -120,7 +120,7 @@ LIB_EXPORT bigNum BnFromBytes(bigNum bn, const BYTE* bytes, NUMBYTES nBytes)
// will not fit into the output the function returns NULL
LIB_EXPORT bigNum BnFrom2B(bigNum bn, // OUT:
const TPM2B* a2B // IN: number to convert
)
)
{
if(a2B != NULL)
return BnFromBytes(bn, a2B->buffer, a2B->size);
@ -146,7 +146,7 @@ LIB_EXPORT BOOL BnToBytes(bigConst bn,
NUMBYTES* size // This the number of bytes that are
// available in the buffer. The result
// should be this big.
)
)
{
crypt_uword_t requiredSize;
BYTE* pFrom;
@ -205,7 +205,7 @@ LIB_EXPORT BOOL BnToBytes(bigConst bn,
LIB_EXPORT BOOL BnTo2B(bigConst bn, // IN:
TPM2B* a2B, // OUT:
NUMBYTES size // IN: the desired size
)
)
{
// Set the output size
if(bn && a2B)

View File

@ -87,7 +87,7 @@
//** Includes
#include "Tpm.h" // libtpms: for CryptRand.h
#include "TpmMath_Util_fp.h"
#include "TpmMath_Util_fp.h" // libtpms: added
#include "TpmBigNum.h"
extern BOOL g_inFailureMode; // can't use global.h because we can't use tpm.h
@ -327,7 +327,7 @@ LIB_EXPORT crypt_word_t BnModWord(bigConst numerator, crypt_word_t modulus)
static int Msb(crypt_uword_t word)
{
int retVal = -1;
//
//
#if RADIX_BITS == 64
if(word & 0xffffffff00000000)
{
@ -410,7 +410,7 @@ LIB_EXPORT bigNum BnSetWord(bigNum n, crypt_uword_t w)
// the 0th digit_t. The function will return FALSE if the bitNum is invalid, else TRUE.
LIB_EXPORT BOOL BnSetBit(bigNum bn, // IN/OUT: big number to modify
unsigned int bitNum // IN: Bit number to SET
)
)
{
crypt_uword_t offset = bitNum / RADIX_BITS;
if(bitNum > bn->allocated * RADIX_BITS)
@ -433,7 +433,7 @@ LIB_EXPORT BOOL BnSetBit(bigNum bn, // IN/OUT: big number to modify
// FALSE(0) the bit is not set or the number is out of range
LIB_EXPORT BOOL BnTestBit(bigNum bn, // IN: number to check
unsigned int bitNum // IN: bit to test
)
)
{
crypt_uword_t offset = RADIX_DIV(bitNum);
//
@ -453,7 +453,7 @@ LIB_EXPORT BOOL BnTestBit(bigNum bn, // IN: number to check
// FALSE(0) the input was not as large as the mask
LIB_EXPORT BOOL BnMaskBits(bigNum bn, // IN/OUT: number to mask
crypt_uword_t maskBit // IN: the bit number for the mask.
)
)
{
crypt_uword_t finalSize;
BOOL retVal;

View File

@ -59,21 +59,22 @@
/* */
/********************************************************************************/
/* 10.2.5 BnMemory.c */
/* 10.2.5.1 Introduction */
/* This file contains the memory setup functions used by the bigNum functions in CryptoEngine() */
/* 10.2.5.2 Includes */
#include "Tpm.h"
/* 10.2.5.3 Functions */
/* 10.2.5.3.1 BnSetTop() */
/* This function is used when the size of a bignum_t is changed. It makes sure that the unused words
are set to zero and that any significant words of zeros are eliminated from the used size
indicator. */
LIB_EXPORT bigNum
BnSetTop(
bigNum bn, // IN/OUT: number to clean
//** Introduction
// This file contains the memory setup functions used by the bigNum functions
// in CryptoEngine
//** Includes
#include "TpmBigNum.h"
//** Functions
//*** BnSetTop()
// This function is used when the size of a bignum_t is changed. It
// makes sure that the unused words are set to zero and that any significant
// words of zeros are eliminated from the used size indicator.
LIB_EXPORT bigNum BnSetTop(bigNum bn, // IN/OUT: number to clean
crypt_uword_t top // IN: the new top
)
)
{
if(bn != NULL)
{
@ -91,12 +92,10 @@ BnSetTop(
return bn;
}
#if 0 /* libtpms added */
/* 10.2.5.3.2 BnClearTop() */
/* This function will make sure that all unused words are zero. */
LIB_EXPORT bigNum
BnClearTop(
bigNum bn
)
//*** BnClearTop()
// This function will make sure that all unused words are zero.
LIB_EXPORT bigNum BnClearTop(bigNum bn)
{
crypt_uword_t i;
//
@ -110,15 +109,14 @@ BnClearTop(
return bn;
}
#endif /* libtpms added */
/* 10.2.5.3.3 BnInitializeWord() */
/* This function is used to initialize an allocated bigNum with a word value. The bigNum does not
have to be allocated with a single word. */
LIB_EXPORT bigNum
BnInitializeWord(
bigNum bn, // IN:
//*** BnInitializeWord()
// This function is used to initialize an allocated bigNum with a word value. The
// bigNum does not have to be allocated with a single word.
LIB_EXPORT bigNum BnInitializeWord(bigNum bn, // IN:
crypt_uword_t allocated, // IN:
crypt_uword_t word // IN:
)
)
{
bn->allocated = allocated;
bn->size = (word != 0);
@ -127,14 +125,11 @@ BnInitializeWord(
bn->d[--allocated] = 0;
return bn;
}
/* 10.2.5.3.4 BnInit() */
/* This function initializes a stack allocated bignum_t. It initializes allocated and size and zeros
the words of d. */
LIB_EXPORT bigNum
BnInit(
bigNum bn,
crypt_uword_t allocated
)
//*** BnInit()
// This function initializes a stack allocated bignum_t. It initializes
// 'allocated' and 'size' and zeros the words of 'd'.
LIB_EXPORT bigNum BnInit(bigNum bn, crypt_uword_t allocated)
{
if(bn != NULL)
{
@ -145,14 +140,12 @@ BnInit(
}
return bn;
}
/* 10.2.5.3.5 BnCopy() */
/* Function to copy a bignum_t. If the output is NULL, then nothing happens. If the input is NULL,
the output is set to zero. */
LIB_EXPORT BOOL
BnCopy(
bigNum out,
bigConst in
)
//*** BnCopy()
// Function to copy a bignum_t. If the output is NULL, then
// nothing happens. If the input is NULL, the output is set
// to zero.
LIB_EXPORT BOOL BnCopy(bigNum out, bigConst in)
{
if(in == out)
BnSetTop(out, BnGetSize(out));
@ -171,30 +164,28 @@ BnCopy(
}
return TRUE;
}
#if ALG_ECC
#if 0 /* libtpms added */
/* 10.2.5.3.6 BnPointCopy() */
/* Function to copy a bn point. */
LIB_EXPORT BOOL
BnPointCopy(
bigPoint pOut,
pointConst pIn
)
//*** BnPointCopy()
// Function to copy a bn point.
LIB_EXPORT BOOL BnPointCopy(bigPoint pOut, pointConst pIn)
{
return BnCopy(pOut->x, pIn->x)
&& BnCopy(pOut->y, pIn->y)
return BnCopy(pOut->x, pIn->x) && BnCopy(pOut->y, pIn->y)
&& BnCopy(pOut->z, pIn->z);
}
#endif /* libtpms added */
/* 10.2.5.3.7 BnInitializePoint() */
/* This function is used to initialize a point structure with the addresses of the coordinates. */
LIB_EXPORT bn_point_t *
BnInitializePoint(
//*** BnInitializePoint()
// This function is used to initialize a point structure with the addresses
// of the coordinates.
LIB_EXPORT bn_point_t* BnInitializePoint(
bigPoint p, // OUT: structure to receive pointers
bigNum x, // IN: x coordinate
bigNum y, // IN: y coordinate
bigNum z // IN: x coordinate
)
)
{
p->x = x;
p->y = y;
@ -202,4 +193,5 @@ BnInitializePoint(
BnSetWord(z, 1);
return p;
}
#endif // TPM_ALG_ECC
#endif // ALG_ECC

View File

@ -79,6 +79,7 @@
#define BN_SUPPORT_INTERFACE_H
// TODO_RENAME_INC_FOLDER:private refers to the TPM_CoreLib private headers
#include "GpMacros.h"
#include "CryptoInterface.h"
#include "BnValues.h"
//** BnSupportLibInit()
@ -122,8 +123,8 @@ LIB_EXPORT BOOL BnModExp(
bigNum result, bigConst number, bigConst exponent, bigConst modulus);
#endif // ALG_RSA
//** BnModInverse()
// Modular multiplicative inverse.
//** BnModInverse()
// Modular multiplicative inverse.
LIB_EXPORT BOOL BnModInverse(bigNum result, bigConst number, bigConst modulus);
#if ALG_ECC
@ -167,6 +168,14 @@ LIB_EXPORT BOOL BnEccAdd(
#endif // ALG_ECC
#if CRYPTO_LIB_REPORTING
//** BnGetImplementation()
// This function reports the underlying library being used for bignum operations.
void BnGetImplementation(_CRYPTO_IMPL_DESCRIPTION* result);
#endif // CRYPTO_LIB_REPORTING
// libtpms: added begin
bigCurveData*
BnCurveInitialize(

View File

@ -59,41 +59,38 @@
/* */
/********************************************************************************/
/* C.2 Cancel.c */
/* C.2.1. Description */
/* This module simulates the cancel pins on the TPM. */
/* C.2.2. Includes, Typedefs, Structures, and Defines */
//** Description
//
// This module simulates the cancel pins on the TPM.
//
//** Includes, Typedefs, Structures, and Defines
#include "Platform.h"
/* C.2.3. Functions */
/* C.2.3.1. _plat__IsCanceled() */
/* Check if the cancel flag is set */
/* Return Values Meaning */
/* TRUE(1) if cancel flag is set */
/* FALSE(0) if cancel flag is not set */
LIB_EXPORT int
_plat__IsCanceled(
void
)
//** Functions
//***_plat__IsCanceled()
// Check if the cancel flag is set
// Return Type: int
// TRUE(1) if cancel flag is set
// FALSE(0) if cancel flag is not set
LIB_EXPORT int _plat__IsCanceled(void)
{
// return cancel flag
return s_isCanceled;
}
/* C.2.3.2. _plat__SetCancel() */
/* Set cancel flag. */
LIB_EXPORT void
_plat__SetCancel(
void
)
//***_plat__SetCancel()
// Set cancel flag.
LIB_EXPORT void _plat__SetCancel(void)
{
s_isCanceled = TRUE;
return;
}
/* C.2.3.3. _plat__ClearCancel() */
/* Clear cancel flag */
LIB_EXPORT void
_plat__ClearCancel(
void
)
//***_plat__ClearCancel()
// Clear cancel flag
LIB_EXPORT void _plat__ClearCancel(void)
{
s_isCanceled = FALSE;
return;

View File

@ -62,7 +62,7 @@
#ifndef _CAPABILITIES_H
#define _CAPABILITIES_H
#define MAX_CAP_DATA (MAX_CAP_BUFFER - sizeof(TPM_CAP)-sizeof(UINT32))
#define MAX_CAP_DATA (MAX_CAP_BUFFER - sizeof(TPM_CAP) - sizeof(UINT32))
#define MAX_CAP_ALGS (MAX_CAP_DATA / sizeof(TPMS_ALG_PROPERTY))
#define MAX_CAP_HANDLES (MAX_CAP_DATA / sizeof(TPM_HANDLE))
#define MAX_CAP_CC (MAX_CAP_DATA / sizeof(TPM_CC))

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CERTIFYCREATION_FP_H
#define CERTIFYCREATION_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CertifyCreation // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT signHandle;
TPMI_DH_OBJECT objectHandle;
TPM2B_DATA qualifyingData;
@ -73,23 +78,24 @@ typedef struct {
TPMT_TK_CREATION creationTicket;
} CertifyCreation_In;
#define RC_CertifyCreation_signHandle (TPM_RC_H + TPM_RC_1)
#define RC_CertifyCreation_objectHandle (TPM_RC_H + TPM_RC_2)
#define RC_CertifyCreation_qualifyingData (TPM_RC_P + TPM_RC_1)
#define RC_CertifyCreation_creationHash (TPM_RC_P + TPM_RC_2)
#define RC_CertifyCreation_inScheme (TPM_RC_P + TPM_RC_3)
#define RC_CertifyCreation_creationTicket (TPM_RC_P + TPM_RC_4)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ATTEST certifyInfo;
TPMT_SIGNATURE signature;
} CertifyCreation_Out;
// Response code modifiers
# define RC_CertifyCreation_signHandle (TPM_RC_H + TPM_RC_1)
# define RC_CertifyCreation_objectHandle (TPM_RC_H + TPM_RC_2)
# define RC_CertifyCreation_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_CertifyCreation_creationHash (TPM_RC_P + TPM_RC_2)
# define RC_CertifyCreation_inScheme (TPM_RC_P + TPM_RC_3)
# define RC_CertifyCreation_creationTicket (TPM_RC_P + TPM_RC_4)
// Function prototype
TPM_RC
TPM2_CertifyCreation(
CertifyCreation_In *in, // IN: input parameter list
CertifyCreation_Out *out // OUT: output parameter list
);
TPM2_CertifyCreation(CertifyCreation_In* in, CertifyCreation_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
#endif // CC_CertifyCreation

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 155 */
#ifndef CERTIFYX509_FP_H
#define CERTIFYX509_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CertifyX509 // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT objectHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA reserved;
@ -72,22 +77,24 @@ typedef struct {
TPM2B_MAX_BUFFER partialCertificate;
} CertifyX509_In;
#define RC_CertifyX509_signHandle (TPM_RC_H + TPM_RC_1)
#define RC_CertifyX509_objectHandle (TPM_RC_H + TPM_RC_2)
#define RC_CertifyX509_reserved (TPM_RC_P + TPM_RC_1)
#define RC_CertifyX509_inScheme (TPM_RC_P + TPM_RC_2)
#define RC_CertifyX509_partialCertificate (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER addedToCertificate;
TPM2B_DIGEST tbsDigest;
TPMT_SIGNATURE signature;
} CertifyX509_Out;
TPM_RC
TPM2_CertifyX509(
CertifyX509_In *in, // IN: input parameter list
CertifyX509_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_CertifyX509_objectHandle (TPM_RC_H + TPM_RC_1)
# define RC_CertifyX509_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_CertifyX509_reserved (TPM_RC_P + TPM_RC_1)
# define RC_CertifyX509_inScheme (TPM_RC_P + TPM_RC_2)
# define RC_CertifyX509_partialCertificate (TPM_RC_P + TPM_RC_3)
#endif
// Function prototype
TPM_RC
TPM2_CertifyX509(CertifyX509_In* in, CertifyX509_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
#endif // CC_CertifyX509

View File

@ -59,35 +59,39 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CERTIFY_FP_H
#define CERTIFY_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Certify // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT objectHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA qualifyingData;
TPMT_SIG_SCHEME inScheme;
} Certify_In;
#define RC_Certify_objectHandle (TPM_RC_H + TPM_RC_1)
#define RC_Certify_signHandle (TPM_RC_H + TPM_RC_2)
#define RC_Certify_qualifyingData (TPM_RC_P + TPM_RC_1)
#define RC_Certify_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ATTEST certifyInfo;
TPMT_SIGNATURE signature;
} Certify_Out;
// Response code modifiers
# define RC_Certify_objectHandle (TPM_RC_H + TPM_RC_1)
# define RC_Certify_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_Certify_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_Certify_inScheme (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_Certify(
Certify_In *in, // IN: input parameter list
Certify_Out *out // OUT: output parameter list
);
TPM2_Certify(Certify_In* in, Certify_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
#endif // CC_Certify

View File

@ -59,21 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CHANGEEPS_FP_H
#define CHANGEEPS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ChangeEPS // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PLATFORM authHandle;
} ChangeEPS_In;
#define RC_ChangeEPS_authHandle (TPM_RC_H + TPM_RC_1)
// Response code modifiers
# define RC_ChangeEPS_authHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ChangeEPS(
ChangeEPS_In *in // IN: input parameter list
);
TPM2_ChangeEPS(ChangeEPS_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
#endif // CC_ChangeEPS

View File

@ -59,21 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CHANGEPPS_FP_H
#define CHANGEPPS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ChangePPS // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PLATFORM authHandle;
} ChangePPS_In;
#define RC_ChangePPS_authHandle (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_ChangePPS_authHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ChangePPS(
ChangePPS_In *in // IN: input parameter list
);
TPM2_ChangePPS(ChangePPS_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
#endif // CC_ChangePPS

View File

@ -59,21 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLEARCONTROL_FP_H
#define CLEARCONTROL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ClearControl // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_CLEAR auth;
TPMI_YES_NO disable;
} ClearControl_In;
#define RC_ClearControl_auth (TPM_RC_H + TPM_RC_1)
#define RC_ClearControl_disable (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_ClearControl_auth (TPM_RC_H + TPM_RC_1)
# define RC_ClearControl_disable (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ClearControl(
ClearControl_In *in // IN: input parameter list
);
#endif
TPM2_ClearControl(ClearControl_In* in);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
#endif // CC_ClearControl

View File

@ -59,20 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLEAR_FP_H
#define CLEAR_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Clear // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_CLEAR authHandle;
} Clear_In;
#define RC_Clear_authHandle (TPM_RC_H + TPM_RC_1)
// Response code modifiers
# define RC_Clear_authHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_Clear(
Clear_In *in // IN: input parameter list
);
TPM2_Clear(Clear_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
#endif // CC_Clear

View File

@ -175,9 +175,9 @@ clock_t debugTime;
LIB_EXPORT uint64_t _plat__RealTime(void)
{
clock64_t time;
//#ifdef _MSC_VER kgold
//#ifdef _MSC_VER kgold // libtpms changed begin
#ifdef TPM_WINDOWS
#include <sys/timeb.h>
#include <sys/timeb.h> // libtpms changed end
struct _timeb sysTime;
//
_ftime(&sysTime); /* kgold, mingw doesn't have _ftime_s */
@ -354,41 +354,3 @@ LIB_EXPORT void _plat__ClockRateAdjust(_plat__ClockAdjustStep adjust)
return;
}
#if 0
/* added for portability because Linux clock is 32 bits */
#include <stdint.h>
#include <stdio.h>
#include <time.h>
#include "TpmFail_fp.h"
LIB_EXPORT uint64_t
_plat__RealTime(
void
)
{
clock64_t time;
//#ifdef _MSC_VER kgold
#ifdef TPM_WINDOWS
#include <sys/timeb.h>
struct _timeb sysTime;
//
_ftime(&sysTime); /* kgold, mingw doesn't have _ftime_s */
time = (clock64_t)(sysTime.time) * 1000 + sysTime.millitm;
// set the time back by one hour if daylight savings
if(sysTime.dstflag)
time -= 1000 * 60 * 60; // mSec/sec * sec/min * min/hour = ms/hour
#else
// hopefully, this will work with most UNIX systems
struct timespec systime;
//
clock_gettime(CLOCK_MONOTONIC, &systime);
time = (clock64_t)systime.tv_sec * 1000 + (systime.tv_nsec / 1000000);
#endif
return time;
}
#endif

View File

@ -59,23 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLOCKRATEADJUST_FP_H
#define CLOCKRATEADJUST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ClockRateAdjust // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PROVISION auth;
TPM_CLOCK_ADJUST rateAdjust;
} ClockRateAdjust_In;
#define RC_ClockRateAdjust_auth (TPM_RC_H + TPM_RC_1)
#define RC_ClockRateAdjust_rateAdjust (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_ClockRateAdjust_auth (TPM_RC_H + TPM_RC_1)
# define RC_ClockRateAdjust_rateAdjust (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ClockRateAdjust(
ClockRateAdjust_In *in // IN: input parameter list
);
TPM2_ClockRateAdjust(ClockRateAdjust_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
#endif // CC_ClockRateAdjust

View File

@ -59,23 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CLOCKSET_FP_H
#define CLOCKSET_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ClockSet // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PROVISION auth;
UINT64 newTime;
} ClockSet_In;
#define RC_ClockSet_auth (TPM_RC_H + TPM_RC_1)
#define RC_ClockSet_newTime (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_ClockSet_auth (TPM_RC_H + TPM_RC_1)
# define RC_ClockSet_newTime (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ClockSet(
ClockSet_In *in // IN: input parameter list
);
TPM2_ClockSet(ClockSet_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
#endif // CC_ClockSet

View File

@ -58,23 +58,27 @@
/* */
/********************************************************************************/
/* 5.6 CommandAttributeData.h */
/* This file should only be included by CommandCodeAttibutes.c */
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
// clang-format off
// This file should only be included by CommandCodeAttibutes.c
#ifdef _COMMAND_CODE_ATTRIBUTES_
#include "CommandAttributes.h"
#if COMPRESSED_LISTS
# define PAD_LIST 0
#else
# define PAD_LIST 1
#endif
/* This is the command code attribute array for GetCapability(). Both this array and
s_commandAttributes provides command code attributes, but tuned for different purpose */
// This is the command code attribute array for GetCapability.
// Both this array and s_commandAttributes provides command code attributes,
// but tuned for different purpose
const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_NV_UndefineSpaceSpecial)
TPMA_CC_INITIALIZER(0x011f, 0, 1, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x011F, 0, 1, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_EvictControl)
TPMA_CC_INITIALIZER(0x0120, 0, 1, 0, 0, 2, 0, 0, 0),
@ -85,7 +89,7 @@ const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_NV_UndefineSpace)
TPMA_CC_INITIALIZER(0x0122, 0, 1, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST )
#if (PAD_LIST)
TPMA_CC_INITIALIZER(0x0123, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_ChangeEPS)
@ -107,22 +111,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0129, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_DefineSpace)
TPMA_CC_INITIALIZER(0x012a, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012A, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Allocate)
TPMA_CC_INITIALIZER(0x012b, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012B, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_SetAuthPolicy)
TPMA_CC_INITIALIZER(0x012c, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012C, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PP_Commands)
TPMA_CC_INITIALIZER(0x012d, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012D, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SetPrimaryPolicy)
TPMA_CC_INITIALIZER(0x012e, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012E, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_FieldUpgradeStart)
TPMA_CC_INITIALIZER(0x012f, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x012F, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_ClockRateAdjust)
TPMA_CC_INITIALIZER(0x0130, 0, 0, 0, 0, 1, 0, 0, 0),
@ -155,22 +159,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0139, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_DictionaryAttackParameters)
TPMA_CC_INITIALIZER(0x013a, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013A, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_ChangeAuth)
TPMA_CC_INITIALIZER(0x013b, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013B, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Event)
TPMA_CC_INITIALIZER(0x013c, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013C, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Reset)
TPMA_CC_INITIALIZER(0x013d, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013D, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SequenceComplete)
TPMA_CC_INITIALIZER(0x013e, 0, 0, 0, 1, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013E, 0, 0, 0, 1, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SetAlgorithmSet)
TPMA_CC_INITIALIZER(0x013f, 0, 1, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x013F, 0, 1, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_SetCommandCodeAuditStatus)
TPMA_CC_INITIALIZER(0x0140, 0, 1, 0, 0, 1, 0, 0, 0),
@ -203,22 +207,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0149, 0, 0, 0, 0, 3, 0, 0, 0),
#endif
#if (PAD_LIST || CC_CertifyCreation)
TPMA_CC_INITIALIZER(0x014a, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014A, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Duplicate)
TPMA_CC_INITIALIZER(0x014b, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014B, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetTime)
TPMA_CC_INITIALIZER(0x014c, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014C, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetSessionAuditDigest)
TPMA_CC_INITIALIZER(0x014d, 0, 0, 0, 0, 3, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014D, 0, 0, 0, 0, 3, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_Read)
TPMA_CC_INITIALIZER(0x014e, 0, 0, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014E, 0, 0, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_NV_ReadLock)
TPMA_CC_INITIALIZER(0x014f, 0, 1, 0, 0, 2, 0, 0, 0),
TPMA_CC_INITIALIZER(0x014F, 0, 1, 0, 0, 2, 0, 0, 0),
#endif
#if (PAD_LIST || CC_ObjectChangeAuth)
TPMA_CC_INITIALIZER(0x0150, 0, 0, 0, 0, 2, 0, 0, 0),
@ -250,23 +254,23 @@ const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_RSA_Decrypt)
TPMA_CC_INITIALIZER(0x0159, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST )
TPMA_CC_INITIALIZER(0x015a, 0, 0, 0, 0, 0, 0, 0, 0),
#if (PAD_LIST)
TPMA_CC_INITIALIZER(0x015A, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || (CC_HMAC_Start || CC_MAC_Start))
TPMA_CC_INITIALIZER(0x015b, 0, 0, 0, 0, 1, 1, 0, 0),
TPMA_CC_INITIALIZER(0x015B, 0, 0, 0, 0, 1, 1, 0, 0),
#endif
#if (PAD_LIST || CC_SequenceUpdate)
TPMA_CC_INITIALIZER(0x015c, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015C, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Sign)
TPMA_CC_INITIALIZER(0x015d, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015D, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Unseal)
TPMA_CC_INITIALIZER(0x015e, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x015E, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST )
TPMA_CC_INITIALIZER(0x015f, 0, 0, 0, 0, 0, 0, 0, 0),
#if (PAD_LIST)
TPMA_CC_INITIALIZER(0x015F, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicySigned)
TPMA_CC_INITIALIZER(0x0160, 0, 0, 0, 0, 2, 0, 0, 0),
@ -286,7 +290,7 @@ const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_FlushContext)
TPMA_CC_INITIALIZER(0x0165, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST )
#if (PAD_LIST)
TPMA_CC_INITIALIZER(0x0166, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_LoadExternal)
@ -299,22 +303,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0169, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyAuthorize)
TPMA_CC_INITIALIZER(0x016a, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016A, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyAuthValue)
TPMA_CC_INITIALIZER(0x016b, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016B, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyCommandCode)
TPMA_CC_INITIALIZER(0x016c, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016C, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyCounterTimer)
TPMA_CC_INITIALIZER(0x016d, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016D, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyCpHash)
TPMA_CC_INITIALIZER(0x016e, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016E, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyLocality)
TPMA_CC_INITIALIZER(0x016f, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x016F, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyNameHash)
TPMA_CC_INITIALIZER(0x0170, 0, 0, 0, 0, 1, 0, 0, 0),
@ -331,7 +335,7 @@ const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_RSA_Encrypt)
TPMA_CC_INITIALIZER(0x0174, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST )
#if (PAD_LIST)
TPMA_CC_INITIALIZER(0x0175, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_StartAuthSession)
@ -347,22 +351,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0179, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetCapability)
TPMA_CC_INITIALIZER(0x017a, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017A, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetRandom)
TPMA_CC_INITIALIZER(0x017b, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017B, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_GetTestResult)
TPMA_CC_INITIALIZER(0x017c, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017C, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Hash)
TPMA_CC_INITIALIZER(0x017d, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017D, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PCR_Read)
TPMA_CC_INITIALIZER(0x017e, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017E, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyPCR)
TPMA_CC_INITIALIZER(0x017f, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x017F, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyRestart)
TPMA_CC_INITIALIZER(0x0180, 0, 0, 0, 0, 1, 0, 0, 0),
@ -395,22 +399,22 @@ const TPMA_CC s_ccAttr [] = {
TPMA_CC_INITIALIZER(0x0189, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_TestParms)
TPMA_CC_INITIALIZER(0x018a, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018A, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_Commit)
TPMA_CC_INITIALIZER(0x018b, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018B, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyPassword)
TPMA_CC_INITIALIZER(0x018c, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018C, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_ZGen_2Phase)
TPMA_CC_INITIALIZER(0x018d, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018D, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_EC_Ephemeral)
TPMA_CC_INITIALIZER(0x018e, 0, 0, 0, 0, 0, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018E, 0, 0, 0, 0, 0, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyNvWritten)
TPMA_CC_INITIALIZER(0x018f, 0, 0, 0, 0, 1, 0, 0, 0),
TPMA_CC_INITIALIZER(0x018F, 0, 0, 0, 0, 1, 0, 0, 0),
#endif
#if (PAD_LIST || CC_PolicyTemplate)
TPMA_CC_INITIALIZER(0x0190, 0, 0, 0, 0, 1, 0, 0, 0),
@ -463,15 +467,14 @@ const TPMA_CC s_ccAttr [] = {
#if (PAD_LIST || CC_Vendor_TCG_Test)
TPMA_CC_INITIALIZER(0x0000, 0, 0, 0, 0, 0, 0, 1, 0),
#endif
TPMA_ZERO_INITIALIZER()
};
/* This is the command code attribute structure. */
// This is the command code attribute structure.
const COMMAND_ATTRIBUTES s_commandAttributes [] = {
#if (PAD_LIST || CC_NV_UndefineSpaceSpecial)
(COMMAND_ATTRIBUTES)(CC_NV_UndefineSpaceSpecial * // 0x011f
(COMMAND_ATTRIBUTES)(CC_NV_UndefineSpaceSpecial * // 0x011F
(IS_IMPLEMENTED+HANDLE_1_ADMIN+HANDLE_2_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_EvictControl)
@ -486,7 +489,7 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(COMMAND_ATTRIBUTES)(CC_NV_UndefineSpace * // 0x0122
(IS_IMPLEMENTED+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST )
#if (PAD_LIST)
(COMMAND_ATTRIBUTES)(0), // 0x0123
#endif
#if (PAD_LIST || CC_ChangeEPS)
@ -514,27 +517,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_NV_DefineSpace)
(COMMAND_ATTRIBUTES)(CC_NV_DefineSpace * // 0x012a
(COMMAND_ATTRIBUTES)(CC_NV_DefineSpace * // 0x012A
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_PCR_Allocate)
(COMMAND_ATTRIBUTES)(CC_PCR_Allocate * // 0x012b
(COMMAND_ATTRIBUTES)(CC_PCR_Allocate * // 0x012B
(IS_IMPLEMENTED+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_PCR_SetAuthPolicy)
(COMMAND_ATTRIBUTES)(CC_PCR_SetAuthPolicy * // 0x012c
(COMMAND_ATTRIBUTES)(CC_PCR_SetAuthPolicy * // 0x012C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_PP_Commands)
(COMMAND_ATTRIBUTES)(CC_PP_Commands * // 0x012d
(COMMAND_ATTRIBUTES)(CC_PP_Commands * // 0x012D
(IS_IMPLEMENTED+HANDLE_1_USER+PP_REQUIRED)),
#endif
#if (PAD_LIST || CC_SetPrimaryPolicy)
(COMMAND_ATTRIBUTES)(CC_SetPrimaryPolicy * // 0x012e
(COMMAND_ATTRIBUTES)(CC_SetPrimaryPolicy * // 0x012E
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_FieldUpgradeStart)
(COMMAND_ATTRIBUTES)(CC_FieldUpgradeStart * // 0x012f
(COMMAND_ATTRIBUTES)(CC_FieldUpgradeStart * // 0x012F
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_ADMIN+PP_COMMAND)),
#endif
#if (PAD_LIST || CC_ClockRateAdjust)
@ -578,27 +581,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_DictionaryAttackParameters)
(COMMAND_ATTRIBUTES)(CC_DictionaryAttackParameters * // 0x013a
(COMMAND_ATTRIBUTES)(CC_DictionaryAttackParameters * // 0x013A
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_NV_ChangeAuth)
(COMMAND_ATTRIBUTES)(CC_NV_ChangeAuth * // 0x013b
(COMMAND_ATTRIBUTES)(CC_NV_ChangeAuth * // 0x013B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_ADMIN)),
#endif
#if (PAD_LIST || CC_PCR_Event)
(COMMAND_ATTRIBUTES)(CC_PCR_Event * // 0x013c
(COMMAND_ATTRIBUTES)(CC_PCR_Event * // 0x013C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_PCR_Reset)
(COMMAND_ATTRIBUTES)(CC_PCR_Reset * // 0x013d
(COMMAND_ATTRIBUTES)(CC_PCR_Reset * // 0x013D
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_SequenceComplete)
(COMMAND_ATTRIBUTES)(CC_SequenceComplete * // 0x013e
(COMMAND_ATTRIBUTES)(CC_SequenceComplete * // 0x013E
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_SetAlgorithmSet)
(COMMAND_ATTRIBUTES)(CC_SetAlgorithmSet * // 0x013f
(COMMAND_ATTRIBUTES)(CC_SetAlgorithmSet * // 0x013F
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_SetCommandCodeAuditStatus)
@ -642,27 +645,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_CertifyCreation)
(COMMAND_ATTRIBUTES)(CC_CertifyCreation * // 0x014a
(COMMAND_ATTRIBUTES)(CC_CertifyCreation * // 0x014A
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_Duplicate)
(COMMAND_ATTRIBUTES)(CC_Duplicate * // 0x014b
(COMMAND_ATTRIBUTES)(CC_Duplicate * // 0x014B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_DUP+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetTime)
(COMMAND_ATTRIBUTES)(CC_GetTime * // 0x014c
(COMMAND_ATTRIBUTES)(CC_GetTime * // 0x014C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+HANDLE_2_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetSessionAuditDigest)
(COMMAND_ATTRIBUTES)(CC_GetSessionAuditDigest * // 0x014d
(COMMAND_ATTRIBUTES)(CC_GetSessionAuditDigest * // 0x014D
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+HANDLE_2_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_NV_Read)
(COMMAND_ATTRIBUTES)(CC_NV_Read * // 0x014e
(COMMAND_ATTRIBUTES)(CC_NV_Read * // 0x014E
(IS_IMPLEMENTED+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_NV_ReadLock)
(COMMAND_ATTRIBUTES)(CC_NV_ReadLock * // 0x014f
(COMMAND_ATTRIBUTES)(CC_NV_ReadLock * // 0x014F
(IS_IMPLEMENTED+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_ObjectChangeAuth)
@ -705,27 +708,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(COMMAND_ATTRIBUTES)(CC_RSA_Decrypt * // 0x0159
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST )
(COMMAND_ATTRIBUTES)(0), // 0x015a
#if (PAD_LIST)
(COMMAND_ATTRIBUTES)(0), // 0x015A
#endif
#if (PAD_LIST || (CC_HMAC_Start || CC_MAC_Start))
(COMMAND_ATTRIBUTES)((CC_HMAC_Start || CC_MAC_Start) * // 0x015b
(COMMAND_ATTRIBUTES)((CC_HMAC_Start || CC_MAC_Start) * // 0x015B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+R_HANDLE)),
#endif
#if (PAD_LIST || CC_SequenceUpdate)
(COMMAND_ATTRIBUTES)(CC_SequenceUpdate * // 0x015c
(COMMAND_ATTRIBUTES)(CC_SequenceUpdate * // 0x015C
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_Sign)
(COMMAND_ATTRIBUTES)(CC_Sign * // 0x015d
(COMMAND_ATTRIBUTES)(CC_Sign * // 0x015D
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
#endif
#if (PAD_LIST || CC_Unseal)
(COMMAND_ATTRIBUTES)(CC_Unseal * // 0x015e
(COMMAND_ATTRIBUTES)(CC_Unseal * // 0x015E
(IS_IMPLEMENTED+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST )
(COMMAND_ATTRIBUTES)(0), // 0x015f
#if (PAD_LIST)
(COMMAND_ATTRIBUTES)(0), // 0x015F
#endif
#if (PAD_LIST || CC_PolicySigned)
(COMMAND_ATTRIBUTES)(CC_PolicySigned * // 0x0160
@ -751,7 +754,7 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(COMMAND_ATTRIBUTES)(CC_FlushContext * // 0x0165
(IS_IMPLEMENTED+NO_SESSIONS)),
#endif
#if (PAD_LIST )
#if (PAD_LIST)
(COMMAND_ATTRIBUTES)(0), // 0x0166
#endif
#if (PAD_LIST || CC_LoadExternal)
@ -767,27 +770,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PolicyAuthorize)
(COMMAND_ATTRIBUTES)(CC_PolicyAuthorize * // 0x016a
(COMMAND_ATTRIBUTES)(CC_PolicyAuthorize * // 0x016A
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyAuthValue)
(COMMAND_ATTRIBUTES)(CC_PolicyAuthValue * // 0x016b
(COMMAND_ATTRIBUTES)(CC_PolicyAuthValue * // 0x016B
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyCommandCode)
(COMMAND_ATTRIBUTES)(CC_PolicyCommandCode * // 0x016c
(COMMAND_ATTRIBUTES)(CC_PolicyCommandCode * // 0x016C
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyCounterTimer)
(COMMAND_ATTRIBUTES)(CC_PolicyCounterTimer * // 0x016d
(COMMAND_ATTRIBUTES)(CC_PolicyCounterTimer * // 0x016D
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyCpHash)
(COMMAND_ATTRIBUTES)(CC_PolicyCpHash * // 0x016e
(COMMAND_ATTRIBUTES)(CC_PolicyCpHash * // 0x016E
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyLocality)
(COMMAND_ATTRIBUTES)(CC_PolicyLocality * // 0x016f
(COMMAND_ATTRIBUTES)(CC_PolicyLocality * // 0x016F
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyNameHash)
@ -810,7 +813,7 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(COMMAND_ATTRIBUTES)(CC_RSA_Encrypt * // 0x0174
(IS_IMPLEMENTED+DECRYPT_2+ENCRYPT_2)),
#endif
#if (PAD_LIST )
#if (PAD_LIST)
(COMMAND_ATTRIBUTES)(0), // 0x0175
#endif
#if (PAD_LIST || CC_StartAuthSession)
@ -830,27 +833,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetCapability)
(COMMAND_ATTRIBUTES)(CC_GetCapability * // 0x017a
(COMMAND_ATTRIBUTES)(CC_GetCapability * // 0x017A
(IS_IMPLEMENTED)),
#endif
#if (PAD_LIST || CC_GetRandom)
(COMMAND_ATTRIBUTES)(CC_GetRandom * // 0x017b
(COMMAND_ATTRIBUTES)(CC_GetRandom * // 0x017B
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_GetTestResult)
(COMMAND_ATTRIBUTES)(CC_GetTestResult * // 0x017c
(COMMAND_ATTRIBUTES)(CC_GetTestResult * // 0x017C
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_Hash)
(COMMAND_ATTRIBUTES)(CC_Hash * // 0x017d
(COMMAND_ATTRIBUTES)(CC_Hash * // 0x017D
(IS_IMPLEMENTED+DECRYPT_2+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PCR_Read)
(COMMAND_ATTRIBUTES)(CC_PCR_Read * // 0x017e
(COMMAND_ATTRIBUTES)(CC_PCR_Read * // 0x017E
(IS_IMPLEMENTED)),
#endif
#if (PAD_LIST || CC_PolicyPCR)
(COMMAND_ATTRIBUTES)(CC_PolicyPCR * // 0x017f
(COMMAND_ATTRIBUTES)(CC_PolicyPCR * // 0x017F
(IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyRestart)
@ -894,27 +897,27 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(IS_IMPLEMENTED+ALLOW_TRIAL+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_TestParms)
(COMMAND_ATTRIBUTES)(CC_TestParms * // 0x018a
(COMMAND_ATTRIBUTES)(CC_TestParms * // 0x018A
(IS_IMPLEMENTED)),
#endif
#if (PAD_LIST || CC_Commit)
(COMMAND_ATTRIBUTES)(CC_Commit * // 0x018b
(COMMAND_ATTRIBUTES)(CC_Commit * // 0x018B
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PolicyPassword)
(COMMAND_ATTRIBUTES)(CC_PolicyPassword * // 0x018c
(COMMAND_ATTRIBUTES)(CC_PolicyPassword * // 0x018C
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_ZGen_2Phase)
(COMMAND_ATTRIBUTES)(CC_ZGen_2Phase * // 0x018d
(COMMAND_ATTRIBUTES)(CC_ZGen_2Phase * // 0x018D
(IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_EC_Ephemeral)
(COMMAND_ATTRIBUTES)(CC_EC_Ephemeral * // 0x018e
(COMMAND_ATTRIBUTES)(CC_EC_Ephemeral * // 0x018E
(IS_IMPLEMENTED+ENCRYPT_2)),
#endif
#if (PAD_LIST || CC_PolicyNvWritten)
(COMMAND_ATTRIBUTES)(CC_PolicyNvWritten * // 0x018f
(COMMAND_ATTRIBUTES)(CC_PolicyNvWritten * // 0x018F
(IS_IMPLEMENTED+ALLOW_TRIAL)),
#endif
#if (PAD_LIST || CC_PolicyTemplate)
@ -985,7 +988,6 @@ const COMMAND_ATTRIBUTES s_commandAttributes [] = {
(COMMAND_ATTRIBUTES)(CC_Vendor_TCG_Test * // 0x0000
(IS_IMPLEMENTED+DECRYPT_2+ENCRYPT_2)),
#endif
0
};

View File

@ -59,14 +59,19 @@
/* */
/********************************************************************************/
#ifndef COMMANDATTRIBUTES_H
#define COMMANDATTRIBUTES_H
/*(Auto-generated)
* Created by TpmStructures; Version 4.4 Mar 26, 2019
* Date: Aug 30, 2019 Time: 02:11:52PM
*/
/* 5.7 CommandAttributes.h */
/* The attributes defined in this file are produced by the parser that creates the structure
definitions from Part 3. The attributes are defined in that parser and should track the
attributes being tested in CommandCodeAttributes.c. Generally, when an attribute is added to this
list, new code will be needed in CommandCodeAttributes.c to test it. */
// The attributes defined in this file are produced by the parser that
// creates the structure definitions from Part 3. The attributes are defined
// in that parser and should track the attributes being tested in
// CommandCodeAttributes.c. Generally, when an attribute is added to this list,
// new code will be needed in CommandCodeAttributes.c to test it.
#ifndef COMMAND_ATTRIBUTES_H
#define COMMAND_ATTRIBUTES_H
typedef UINT16 COMMAND_ATTRIBUTES;
#define NOT_IMPLEMENTED (COMMAND_ATTRIBUTES)(0)
@ -85,4 +90,5 @@ typedef UINT16 COMMAND_ATTRIBUTES;
#define PP_REQUIRED ((COMMAND_ATTRIBUTES)1 << 12)
#define R_HANDLE ((COMMAND_ATTRIBUTES)1 << 13)
#define ALLOW_TRIAL ((COMMAND_ATTRIBUTES)1 << 14)
#endif // COMMAND_ATTRIBUTES_H

View File

@ -100,7 +100,7 @@ void CommandAuditPreInstall_Init(void)
//*** CommandAuditStartup()
// This function clears the command audit digest on a TPM Reset.
BOOL CommandAuditStartup(STARTUP_TYPE type // IN: start up type
)
)
{
if((type != SU_RESTART) && (type != SU_RESUME))
{
@ -124,7 +124,7 @@ BOOL CommandAuditStartup(STARTUP_TYPE type // IN: start up type
// TRUE(1) command code audit status was changed
// FALSE(0) command code audit status was not changed
BOOL CommandAuditSet(TPM_CC commandCode // IN: command code
)
)
{
COMMAND_INDEX commandIndex = CommandCodeToCommandIndex(commandCode);
@ -158,7 +158,7 @@ BOOL CommandAuditSet(TPM_CC commandCode // IN: command code
// TRUE(1) command code audit status was changed
// FALSE(0) command code audit status was not changed
BOOL CommandAuditClear(TPM_CC commandCode // IN: command code
)
)
{
COMMAND_INDEX commandIndex = CommandCodeToCommandIndex(commandCode);
@ -187,7 +187,7 @@ BOOL CommandAuditClear(TPM_CC commandCode // IN: command code
// TRUE(1) command is audited
// FALSE(0) command is not audited
BOOL CommandAuditIsRequired(COMMAND_INDEX commandIndex // IN: command index
)
)
{
// Check the bit map. If the bit is SET, command audit is required
return (TEST_BIT(commandIndex, gp.auditCommands));
@ -204,7 +204,7 @@ TPMI_YES_NO
CommandAuditCapGetCCList(TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: count of returned TPM_CC
TPML_CC* commandList // OUT: list of TPM_CC
)
)
{
TPMI_YES_NO more = NO;
COMMAND_INDEX commandIndex;
@ -267,7 +267,7 @@ BOOL CommandAuditCapGetOneCC(TPM_CC commandCode) // IN: command code
// added to a hash. This operates as if all the audited command codes were
// concatenated and then hashed.
void CommandAuditGetDigest(TPM2B_DIGEST* digest // OUT: command digest
)
)
{
TPM_CC commandCode;
COMMAND_INDEX commandIndex;

View File

@ -58,41 +58,91 @@
/* */
/********************************************************************************/
#ifndef COMMANDAUDIT_FP_H
#define COMMANDAUDIT_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Apr 2, 2019 Time: 04:23:27PM
*/
void
CommandAuditPreInstall_Init(
void
);
BOOL
CommandAuditStartup(
STARTUP_TYPE type // IN: start up type
);
BOOL
CommandAuditSet(
TPM_CC commandCode // IN: command code
);
BOOL
CommandAuditClear(
TPM_CC commandCode // IN: command code
);
BOOL
CommandAuditIsRequired(
COMMAND_INDEX commandIndex // IN: command index
);
#ifndef _COMMAND_AUDIT_FP_H_
#define _COMMAND_AUDIT_FP_H_
//*** CommandAuditPreInstall_Init()
// This function initializes the command audit list. This function simulates
// the behavior of manufacturing. A function is used instead of a structure
// definition because this is easier than figuring out the initialization value
// for a bit array.
//
// This function would not be implemented outside of a manufacturing or
// simulation environment.
void CommandAuditPreInstall_Init(void);
//*** CommandAuditStartup()
// This function clears the command audit digest on a TPM Reset.
BOOL CommandAuditStartup(STARTUP_TYPE type // IN: start up type
);
//*** CommandAuditSet()
// This function will SET the audit flag for a command. This function
// will not SET the audit flag for a command that is not implemented. This
// ensures that the audit status is not SET when TPM2_GetCapability() is
// used to read the list of audited commands.
//
// This function is only used by TPM2_SetCommandCodeAuditStatus().
//
// The actions in TPM2_SetCommandCodeAuditStatus() are expected to cause the
// changes to be saved to NV after it is setting and clearing bits.
// Return Type: BOOL
// TRUE(1) command code audit status was changed
// FALSE(0) command code audit status was not changed
BOOL CommandAuditSet(TPM_CC commandCode // IN: command code
);
//*** CommandAuditClear()
// This function will CLEAR the audit flag for a command. It will not CLEAR the
// audit flag for TPM_CC_SetCommandCodeAuditStatus().
//
// This function is only used by TPM2_SetCommandCodeAuditStatus().
//
// The actions in TPM2_SetCommandCodeAuditStatus() are expected to cause the
// changes to be saved to NV after it is setting and clearing bits.
// Return Type: BOOL
// TRUE(1) command code audit status was changed
// FALSE(0) command code audit status was not changed
BOOL CommandAuditClear(TPM_CC commandCode // IN: command code
);
//*** CommandAuditIsRequired()
// This function indicates if the audit flag is SET for a command.
// Return Type: BOOL
// TRUE(1) command is audited
// FALSE(0) command is not audited
BOOL CommandAuditIsRequired(COMMAND_INDEX commandIndex // IN: command index
);
//*** CommandAuditCapGetCCList()
// This function returns a list of commands that have their audit bit SET.
//
// The list starts at the input commandCode.
// Return Type: TPMI_YES_NO
// YES if there are more command code available
// NO all the available command code has been returned
TPMI_YES_NO
CommandAuditCapGetCCList(
TPM_CC commandCode, // IN: start command code
CommandAuditCapGetCCList(TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: count of returned TPM_CC
TPML_CC *commandList // OUT: list of TPM_CC
);
TPML_CC* commandList // OUT: list of TPM_CC
);
//*** CommandAuditCapGetOneCC()
// This function returns true if a command has its audit bit set.
BOOL CommandAuditCapGetOneCC(TPM_CC commandCode // IN: command code
);
void
CommandAuditGetDigest(
TPM2B_DIGEST *digest // OUT: command digest
);
);
//*** CommandAuditGetDigest
// This command is used to create a digest of the commands being audited. The
// commands are processed in ascending numeric order with a list of TPM_CC being
// added to a hash. This operates as if all the audited command codes were
// concatenated and then hashed.
void CommandAuditGetDigest(TPM2B_DIGEST* digest // OUT: command digest
);
#endif
#endif // _COMMAND_AUDIT_FP_H_

View File

@ -58,68 +58,72 @@
/* */
/********************************************************************************/
/* 9.3 CommandCodeAttributes.c */
/* 9.3.1 Introduction */
/* This file contains the functions for testing various command properties. */
/* 9.3.2 Includes and Defines */
//** Introduction
// This file contains the functions for testing various command properties.
//** Includes and Defines
#include "Tpm.h"
#include "CommandCodeAttributes_fp.h"
/* Set the default value for CC_VEND if not already set */
// Set the default value for CC_VEND if not already set
#ifndef CC_VEND
#define CC_VEND (TPM_CC)(0x20000000)
# define CC_VEND (TPM_CC)(0x20000000)
#endif
typedef UINT16 ATTRIBUTE_TYPE;
/* The following file is produced from the command tables in part 3 of the specification. It defines
the attributes for each of the commands. */
/* NOTE: This file is currently produced by an automated process. Files produced from Part 2 or Part
3 tables through automated processes are not included in the specification so that there is no
ambiguity about the table containing the information being the normative definition. */
// The following file is produced from the command tables in part 3 of the
// specification. It defines the attributes for each of the commands.
// NOTE: This file is currently produced by an automated process. Files
// produced from Part 2 or Part 3 tables through automated processes are not
// included in the specification so that their is no ambiguity about the
// table containing the information being the normative definition.
#define _COMMAND_CODE_ATTRIBUTES_
#include "CommandAttributeData.h"
/* 9.3.3 Command Attribute Functions */
/* 9.3.3.1 NextImplementedIndex() */
/* This function is used when the lists are not compressed. In a compressed list, only the
implemented commands are present. So, a search might find a value but that value may not be
implemented. This function checks to see if the input commandIndex points to an implemented
command and, if not, it searches upwards until it finds one. When the list is compressed, this
function gets defined as a no-op. */
/* Return Value Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
//** Command Attribute Functions
//*** NextImplementedIndex()
// This function is used when the lists are not compressed. In a compressed list,
// only the implemented commands are present. So, a search might find a value
// but that value may not be implemented. This function checks to see if the input
// commandIndex points to an implemented command and, if not, it searches upwards
// until it finds one. When the list is compressed, this function gets defined
// as a no-op.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of the command
#if !COMPRESSED_LISTS
static COMMAND_INDEX
NextImplementedIndex(
COMMAND_INDEX commandIndex
)
static COMMAND_INDEX NextImplementedIndex(COMMAND_INDEX commandIndex)
{
for(;commandIndex < COMMAND_COUNT; commandIndex++)
for(; commandIndex < COMMAND_COUNT; commandIndex++)
{
if((s_commandAttributes[commandIndex] & IS_IMPLEMENTED) && // libtpms changed
RuntimeCommandsCheckEnabled(&g_RuntimeProfile.RuntimeCommands, // libtpms added begin
GET_ATTRIBUTE(s_ccAttr[commandIndex],
TPMA_CC, commandIndex)))// libtpms added end
TPMA_CC, commandIndex))) // libtpms added end
return commandIndex;
}
return UNIMPLEMENTED_COMMAND_INDEX;
}
#else
#define NextImplementedIndex(x) (x)
# define NextImplementedIndex(x) (x)
#endif
/* 9.3.3.2 GetClosestCommandIndex() */
/* This function returns the command index for the command with a value that is equal to or greater
than the input value */
/* Return Value Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
//*** GetClosestCommandIndex()
// This function returns the command index for the command with a value that is
// equal to or greater than the input value
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of a command
COMMAND_INDEX
GetClosestCommandIndex(
TPM_CC commandCode // IN: the command code to start at
)
GetClosestCommandIndex(TPM_CC commandCode // IN: the command code to start at
)
{
BOOL vendor = (commandCode & CC_VEND) != 0;
COMMAND_INDEX searchIndex = (COMMAND_INDEX)commandCode;
// The commandCode is a UINT32 and the search index is UINT16. We are going to
// search for a match but need to make sure that the commandCode value is not
// out of range. To do this, need to clear the vendor bit of the commandCode
@ -127,6 +131,7 @@ GetClosestCommandIndex(
// out of range, indicate that the command is not implemented
if((commandCode & ~CC_VEND) != searchIndex)
return UNIMPLEMENTED_COMMAND_INDEX;
// if there is at least one vendor command, the last entry in the array will
// have the v bit set. If the input commandCode is larger than the last
// vendor-command, then it is out of range.
@ -137,15 +142,15 @@ GetClosestCommandIndex(
COMMAND_INDEX min;
COMMAND_INDEX max;
int diff;
#if LIBRARY_COMMAND_ARRAY_SIZE == COMMAND_COUNT
#error "Constants are not consistent."
#endif
# if LIBRARY_COMMAND_ARRAY_SIZE == COMMAND_COUNT
# error "Constants are not consistent."
# endif
// Check to see if the value is equal to or below the minimum
// entry.
// Note: Put this check first so that the typical case of only one vendor-
// specific command doesn't waste any more time.
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE], TPMA_CC,
commandIndex) >= searchIndex)
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE], TPMA_CC, commandIndex)
>= searchIndex)
{
// the vendor array is always assumed to be packed so there is
// no need to check to see if the command is implemented
@ -193,8 +198,9 @@ GetClosestCommandIndex(
#endif
}
// Get here if the V-Bit was not set in 'commandCode'
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE - 1], TPMA_CC,
commandIndex) < searchIndex)
if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE - 1], TPMA_CC, commandIndex)
< searchIndex)
{
// requested index is out of the range to the top
#if VENDOR_COMMAND_ARRAY_SIZE > 0
@ -224,19 +230,20 @@ GetClosestCommandIndex(
COMMAND_INDEX min = 0;
COMMAND_INDEX max = LIBRARY_COMMAND_ARRAY_SIZE - 1;
int diff = 1;
#if LIBRARY_COMMAND_ARRAY_SIZE == 0
#error "Something is terribly wrong"
#endif
# if LIBRARY_COMMAND_ARRAY_SIZE == 0
# error "Something is terribly wrong"
# endif
// The s_ccAttr array contains an extra entry at the end (a zero value).
// Don't count this as an array entry. This means that max should start
// out pointing to the last valid entry in the array which is - 2
pAssert(max == (sizeof(s_ccAttr) / sizeof(TPMA_CC)
- VENDOR_COMMAND_ARRAY_SIZE - 2));
pAssert(
max
== (sizeof(s_ccAttr) / sizeof(TPMA_CC) - VENDOR_COMMAND_ARRAY_SIZE - 2));
while(min <= max)
{
commandIndex = (min + max + 1) / 2;
diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC,
commandIndex) - searchIndex;
diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex)
- searchIndex;
if(diff == 0)
return commandIndex;
if(diff > 0)
@ -259,20 +266,21 @@ GetClosestCommandIndex(
// The list is not compressed so offset into the array by the command
// code value of the first entry in the list. Then go find the first
// implemented command.
return NextImplementedIndex(searchIndex
- (COMMAND_INDEX)GET_ATTRIBUTE(s_ccAttr[0], TPMA_CC, commandIndex)); // libtpms changed
return NextImplementedIndex(
searchIndex - (COMMAND_INDEX)GET_ATTRIBUTE(s_ccAttr[0], TPMA_CC, commandIndex)); // libtpms changed
#endif
}
}
/* 9.3.3.3 CommandCodeToComandIndex() */
/* This function returns the index in the various attributes arrays of the command. */
/* Return Values Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
/* other index of the command */
//*** CommandCodeToComandIndex()
// This function returns the index in the various attributes arrays of the
// command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of the command
COMMAND_INDEX
CommandCodeToCommandIndex(
TPM_CC commandCode // IN: the command code to look up
)
CommandCodeToCommandIndex(TPM_CC commandCode // IN: the command code to look up
)
{
// Extract the low 16-bits of the command code to get the starting search index
COMMAND_INDEX searchIndex = (COMMAND_INDEX)commandCode;
@ -289,7 +297,7 @@ CommandCodeToCommandIndex(
// the unsigned check below.
if(commandIndex >= LIBRARY_COMMAND_ARRAY_SIZE
|| (s_commandAttributes[commandIndex] & IS_IMPLEMENTED) == 0
|| !RuntimeCommandsCheckEnabled(&g_RuntimeProfile.RuntimeCommands,// libtpms added
|| !RuntimeCommandsCheckEnabled(&g_RuntimeProfile.RuntimeCommands, // libtpms added
commandCode)) // libtpms added
return UNIMPLEMENTED_COMMAND_INDEX;
return commandIndex;
@ -297,6 +305,7 @@ CommandCodeToCommandIndex(
#endif
// Need this code for any vendor code lookup or for compressed lists
commandIndex = GetClosestCommandIndex(commandCode);
// Look at the returned value from get closest. If it isn't the one that was
// requested, then the command is not implemented.
// libtpms: Or it may be runtime-disabled
@ -305,21 +314,21 @@ CommandCodeToCommandIndex(
if((GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex)
!= searchIndex)
|| (IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V)) != vendor
|| !RuntimeCommandsCheckEnabled(&g_RuntimeProfile.RuntimeCommands,// libtpms added
|| !RuntimeCommandsCheckEnabled(&g_RuntimeProfile.RuntimeCommands, // libtpms added
commandCode)) // libtpms added
commandIndex = UNIMPLEMENTED_COMMAND_INDEX;
}
return commandIndex;
}
/* 9.3.3.4 GetNextCommandIndex() */
/* This function returns the index of the next implemented command. */
/* Return Values Meaning */
/* UNIMPLEMENTED_COMMAND_INDEX no more implemented commands */
/* other the index of the next implemented command */
//*** GetNextCommandIndex()
// This function returns the index of the next implemented command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX no more implemented commands
// other the index of the next implemented command
COMMAND_INDEX
GetNextCommandIndex(
COMMAND_INDEX commandIndex // IN: the starting index
)
GetNextCommandIndex(COMMAND_INDEX commandIndex // IN: the starting index
)
{
while(++commandIndex < COMMAND_COUNT)
{
@ -334,36 +343,38 @@ GetNextCommandIndex(
}
return UNIMPLEMENTED_COMMAND_INDEX;
}
/* 9.3.3.5 GetCommandCode() */
/* This function returns the commandCode associated with the command index */
//*** GetCommandCode()
// This function returns the commandCode associated with the command index
TPM_CC
GetCommandCode(
COMMAND_INDEX commandIndex // IN: the command index
)
GetCommandCode(COMMAND_INDEX commandIndex // IN: the command index
)
{
TPM_CC commandCode = GET_ATTRIBUTE(s_ccAttr[commandIndex],
TPMA_CC, commandIndex);
TPM_CC commandCode = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex);
if(IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
commandCode += CC_VEND;
return commandCode;
}
/* 9.3.3.6 CommandAuthRole() */
/* This function returns the authorization role required of a handle. */
/* Return Values Meaning */
/* AUTH_NONE no authorization is required */
/* AUTH_USER user role authorization is required */
/* AUTH_ADMIN admin role authorization is required */
/* AUTH_DUP duplication role authorization is required */
//*** CommandAuthRole()
//
// This function returns the authorization role required of a handle.
//
// Return Type: AUTH_ROLE
// AUTH_NONE no authorization is required
// AUTH_USER user role authorization is required
// AUTH_ADMIN admin role authorization is required
// AUTH_DUP duplication role authorization is required
AUTH_ROLE
CommandAuthRole(
COMMAND_INDEX commandIndex, // IN: command index
CommandAuthRole(COMMAND_INDEX commandIndex, // IN: command index
UINT32 handleIndex // IN: handle index (zero based)
)
)
{
if(0 == handleIndex)
{
// Any authorization role set?
COMMAND_ATTRIBUTES properties = s_commandAttributes[commandIndex];
if(properties & HANDLE_1_USER)
return AUTH_USER;
if(properties & HANDLE_1_ADMIN)
@ -378,73 +389,64 @@ CommandAuthRole(
}
return AUTH_NONE;
}
/* 9.3.3.7 EncryptSize() */
/* This function returns the size of the decrypt size field. This function returns 0 if encryption
is not allowed */
/* Return Values Meaning */
/* 0 encryption not allowed */
/* 2 size field is two bytes */
/* 4 size field is four bytes */
int
EncryptSize(
COMMAND_INDEX commandIndex // IN: command index
)
//*** EncryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if encryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int EncryptSize(COMMAND_INDEX commandIndex // IN: command index
)
{
return ((s_commandAttributes[commandIndex] & ENCRYPT_2) ? 2 :
(s_commandAttributes[commandIndex] & ENCRYPT_4) ? 4 : 0);
return ((s_commandAttributes[commandIndex] & ENCRYPT_2) ? 2
: (s_commandAttributes[commandIndex] & ENCRYPT_4) ? 4
: 0);
}
/* 9.3.3.8 DecryptSize() */
/* This function returns the size of the decrypt size field. This function returns 0 if decryption
is not allowed */
/* Return Values Meaning */
/* 0 encryption not allowed */
/* 2 size field is two bytes */
/* 4 size field is four bytes */
int
DecryptSize(
COMMAND_INDEX commandIndex // IN: command index
)
//*** DecryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if decryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int DecryptSize(COMMAND_INDEX commandIndex // IN: command index
)
{
return ((s_commandAttributes[commandIndex] & DECRYPT_2) ? 2 :
(s_commandAttributes[commandIndex] & DECRYPT_4) ? 4 : 0);
return ((s_commandAttributes[commandIndex] & DECRYPT_2) ? 2
: (s_commandAttributes[commandIndex] & DECRYPT_4) ? 4
: 0);
}
/* 9.3.3.9 IsSessionAllowed() */
/* This function indicates if the command is allowed to have sessions. */
/* This function must not be called if the command is not known to be implemented. */
/* Return Values Meaning */
/* TRUE session is allowed with this command */
/* FALSE session is not allowed with this command */
BOOL
IsSessionAllowed(
COMMAND_INDEX commandIndex // IN: the command to be checked
)
//*** IsSessionAllowed()
//
// This function indicates if the command is allowed to have sessions.
//
// This function must not be called if the command is not known to be implemented.
//
// Return Type: BOOL
// TRUE(1) session is allowed with this command
// FALSE(0) session is not allowed with this command
BOOL IsSessionAllowed(COMMAND_INDEX commandIndex // IN: the command to be checked
)
{
return ((s_commandAttributes[commandIndex] & NO_SESSIONS) == 0);
}
/* 9.3.3.10 IsHandleInResponse() */
/* This function determines if a command has a handle in the response */
BOOL
IsHandleInResponse(
COMMAND_INDEX commandIndex
)
//*** IsHandleInResponse()
// This function determines if a command has a handle in the response
BOOL IsHandleInResponse(COMMAND_INDEX commandIndex)
{
return ((s_commandAttributes[commandIndex] & R_HANDLE) != 0);
}
/* 9.3.3.11 IsWriteOperation() */
/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
read-lock */
BOOL
IsWriteOperation(
COMMAND_INDEX commandIndex // IN: Command to check
)
//*** IsWriteOperation()
// Checks to see if an operation will write to an NV Index and is subject to being
// blocked by read-lock
BOOL IsWriteOperation(COMMAND_INDEX commandIndex // IN: Command to check
)
{
#ifdef WRITE_LOCK
return ((s_commandAttributes[commandIndex] & WRITE_LOCK) != 0);
@ -454,18 +456,18 @@ IsWriteOperation(
switch(GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex))
{
case TPM_CC_NV_Write:
#if CC_NV_Increment
# if CC_NV_Increment
case TPM_CC_NV_Increment:
#endif
#if CC_NV_SetBits
# endif
# if CC_NV_SetBits
case TPM_CC_NV_SetBits:
#endif
#if CC_NV_Extend
# endif
# if CC_NV_Extend
case TPM_CC_NV_Extend:
#endif
#if CC_AC_Send
# endif
# if CC_AC_Send
case TPM_CC_AC_Send:
#endif
# endif
// NV write lock counts as a write operation for authorization purposes.
// We check to see if the NV is write locked before we do the
// authorization. If it is locked, we fail the command early.
@ -478,17 +480,17 @@ IsWriteOperation(
return FALSE;
#endif
}
/* 9.3.3.12 IsReadOperation() */
/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
write-lock. */
BOOL
IsReadOperation(
COMMAND_INDEX commandIndex // IN: Command to check
)
//*** IsReadOperation()
// Checks to see if an operation will write to an NV Index and is
// subject to being blocked by write-lock.
BOOL IsReadOperation(COMMAND_INDEX commandIndex // IN: Command to check
)
{
#ifdef READ_LOCK
return ((s_commandAttributes[commandIndex] & READ_LOCK) != 0);
#else
if(!IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
{
switch(GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex))
@ -508,24 +510,26 @@ IsReadOperation(
return FALSE;
#endif
}
/* 9.3.3.13 CommandCapGetCCList() */
/* This function returns a list of implemented commands and command attributes starting from the
command in commandCode. */
/* Return Values Meaning */
/* YES more command attributes are available */
/* NO no more command attributes are available */
//*** CommandCapGetCCList()
// This function returns a list of implemented commands and command attributes
// starting from the command in 'commandCode'.
// Return Type: TPMI_YES_NO
// YES more command attributes are available
// NO no more command attributes are available
TPMI_YES_NO
CommandCapGetCCList(
TPM_CC commandCode, // IN: start command code
CommandCapGetCCList(TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: maximum count for number of entries in
// 'commandList'
TPML_CCA *commandList // OUT: list of TPMA_CC
)
TPML_CCA* commandList // OUT: list of TPMA_CC
)
{
TPMI_YES_NO more = NO;
COMMAND_INDEX commandIndex;
// initialize output handle list count
commandList->count = 0;
for(commandIndex = GetClosestCommandIndex(commandCode);
commandIndex != UNIMPLEMENTED_COMMAND_INDEX;
commandIndex = GetNextCommandIndex(commandIndex))
@ -542,8 +546,8 @@ CommandCapGetCCList(
if(commandList->count < count)
{
// If the list is not full, add the attributes for this command.
commandList->commandAttributes[commandList->count]
= s_ccAttr[commandIndex];
commandList->commandAttributes[commandList->count] =
s_ccAttr[commandIndex];
commandList->count++;
}
else
@ -556,12 +560,13 @@ CommandCapGetCCList(
}
return more;
}
//*** CommandCapGetOneCC()
// This function checks whether a command is implemented, and returns its
// attributes if so.
BOOL CommandCapGetOneCC(TPM_CC commandCode, // IN: command code
TPMA_CC* commandAttributes // OUT: command attributes
)
)
{
COMMAND_INDEX commandIndex = CommandCodeToCommandIndex(commandCode);
if(commandIndex != UNIMPLEMENTED_COMMAND_INDEX)
@ -572,18 +577,15 @@ BOOL CommandCapGetOneCC(TPM_CC commandCode, // IN: command code
return FALSE;
}
#if 0 /* libtpms added */
/* 9.3.3.14 IsVendorCommand() */
/* Function indicates if a command index references a vendor command. */
/* Return Values Meaning */
/* TRUE command is a vendor command */
/* FALSE command is not a vendor command */
BOOL
IsVendorCommand(
COMMAND_INDEX commandIndex // IN: command index to check
)
//*** IsVendorCommand()
// Function indicates if a command index references a vendor command.
// Return Type: BOOL
// TRUE(1) command is a vendor command
// FALSE(0) command is not a vendor command
BOOL IsVendorCommand(COMMAND_INDEX commandIndex // IN: command index to check
)
{
return (IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V));
}
#endif /* libtpms added */

View File

@ -58,70 +58,141 @@
/* */
/********************************************************************************/
#ifndef COMMANDCODEATTRIBUTES_FP_H
#define COMMANDCODEATTRIBUTES_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
#ifndef _COMMAND_CODE_ATTRIBUTES_FP_H_
#define _COMMAND_CODE_ATTRIBUTES_FP_H_
//*** GetClosestCommandIndex()
// This function returns the command index for the command with a value that is
// equal to or greater than the input value
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of a command
COMMAND_INDEX
GetClosestCommandIndex(
TPM_CC commandCode // IN: the command code to start at
);
GetClosestCommandIndex(TPM_CC commandCode // IN: the command code to start at
);
//*** CommandCodeToComandIndex()
// This function returns the index in the various attributes arrays of the
// command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX command is not implemented
// other index of the command
COMMAND_INDEX
CommandCodeToCommandIndex(
TPM_CC commandCode // IN: the command code to look up
);
CommandCodeToCommandIndex(TPM_CC commandCode // IN: the command code to look up
);
//*** GetNextCommandIndex()
// This function returns the index of the next implemented command.
// Return Type: COMMAND_INDEX
// UNIMPLEMENTED_COMMAND_INDEX no more implemented commands
// other the index of the next implemented command
COMMAND_INDEX
GetNextCommandIndex(
COMMAND_INDEX commandIndex // IN: the starting index
);
GetNextCommandIndex(COMMAND_INDEX commandIndex // IN: the starting index
);
//*** GetCommandCode()
// This function returns the commandCode associated with the command index
TPM_CC
GetCommandCode(
COMMAND_INDEX commandIndex // IN: the command index
);
GetCommandCode(COMMAND_INDEX commandIndex // IN: the command index
);
//*** CommandAuthRole()
//
// This function returns the authorization role required of a handle.
//
// Return Type: AUTH_ROLE
// AUTH_NONE no authorization is required
// AUTH_USER user role authorization is required
// AUTH_ADMIN admin role authorization is required
// AUTH_DUP duplication role authorization is required
AUTH_ROLE
CommandAuthRole(
COMMAND_INDEX commandIndex, // IN: command index
CommandAuthRole(COMMAND_INDEX commandIndex, // IN: command index
UINT32 handleIndex // IN: handle index (zero based)
);
int
EncryptSize(
COMMAND_INDEX commandIndex // IN: command index
);
int
DecryptSize(
COMMAND_INDEX commandIndex // IN: command index
);
BOOL
IsSessionAllowed(
COMMAND_INDEX commandIndex // IN: the command to be checked
);
BOOL
IsHandleInResponse(
COMMAND_INDEX commandIndex
);
BOOL
IsWriteOperation(
COMMAND_INDEX commandIndex // IN: Command to check
);
BOOL
IsReadOperation(
COMMAND_INDEX commandIndex // IN: Command to check
);
);
//*** EncryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if encryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int EncryptSize(COMMAND_INDEX commandIndex // IN: command index
);
//*** DecryptSize()
// This function returns the size of the decrypt size field. This function returns
// 0 if decryption is not allowed
// Return Type: int
// 0 encryption not allowed
// 2 size field is two bytes
// 4 size field is four bytes
int DecryptSize(COMMAND_INDEX commandIndex // IN: command index
);
//*** IsSessionAllowed()
//
// This function indicates if the command is allowed to have sessions.
//
// This function must not be called if the command is not known to be implemented.
//
// Return Type: BOOL
// TRUE(1) session is allowed with this command
// FALSE(0) session is not allowed with this command
BOOL IsSessionAllowed(COMMAND_INDEX commandIndex // IN: the command to be checked
);
//*** IsHandleInResponse()
// This function determines if a command has a handle in the response
BOOL IsHandleInResponse(COMMAND_INDEX commandIndex);
//*** IsWriteOperation()
// Checks to see if an operation will write to an NV Index and is subject to being
// blocked by read-lock
BOOL IsWriteOperation(COMMAND_INDEX commandIndex // IN: Command to check
);
//*** IsReadOperation()
// Checks to see if an operation will write to an NV Index and is
// subject to being blocked by write-lock.
BOOL IsReadOperation(COMMAND_INDEX commandIndex // IN: Command to check
);
//*** CommandCapGetCCList()
// This function returns a list of implemented commands and command attributes
// starting from the command in 'commandCode'.
// Return Type: TPMI_YES_NO
// YES more command attributes are available
// NO no more command attributes are available
TPMI_YES_NO
CommandCapGetCCList(
TPM_CC commandCode, // IN: start command code
CommandCapGetCCList(TPM_CC commandCode, // IN: start command code
UINT32 count, // IN: maximum count for number of entries in
// 'commandList'
TPML_CCA *commandList // OUT: list of TPMA_CC
);
TPML_CCA* commandList // OUT: list of TPMA_CC
);
//*** CommandCapGetOneCC()
// This function checks whether a command is implemented, and returns its
// attributes if so.
BOOL CommandCapGetOneCC(TPM_CC commandCode, // IN: command code
TPMA_CC* commandAttributes // OUT: Command attributes
);
);
#if 0 /* libtpms added */
BOOL
IsVendorCommand(
COMMAND_INDEX commandIndex // IN: command index to check
);
//*** IsVendorCommand()
// Function indicates if a command index references a vendor command.
// Return Type: BOOL
// TRUE(1) command is a vendor command
// FALSE(0) command is not a vendor command
BOOL IsVendorCommand(COMMAND_INDEX commandIndex // IN: command index to check
);
#endif /* libtpms added */
#endif
#endif // _COMMAND_CODE_ATTRIBUTES_FP_H_

File diff suppressed because it is too large Load Diff

View File

@ -59,43 +59,70 @@
/* */
/********************************************************************************/
/* 6.3 CommandDispatcher.c */
/* CommandDispatcher() performs the following operations: */
/* * unmarshals command parameters from the input buffer; */
/* NOTE Unlike other unmarshaling functions, parmBufferStart does not advance. parmBufferSize Is
reduced. */
/* * invokes the function that performs the command actions; */
/* * marshals the returned handles, if any; and */
/* * marshals the returned parameters, if any, into the output buffer putting in the
* parameterSize field if authorization sessions are present. */
/* NOTE 1 The output buffer is the return from the MemoryGetResponseBuffer() function. It includes
the header, handles, response parameters, and authorization area. respParmSize is the response
parameter size, and does not include the header, handles, or authorization area. */
/* NOTE 2 The reference implementation is permitted to do compare operations over a union as a byte
array. Therefore, the command parameter in structure must be initialized (e.g., zeroed) before
unmarshaling so that the compare operation is valid in cases where some bytes are unused. */
/* 6.3.1.1 Includes and Typedefs */
#include "Tpm.h"
// #include "Marshal.h" kgold
#if TABLE_DRIVEN_DISPATCH
typedef TPM_RC(NoFlagFunction)(void *target, BYTE **buffer, INT32 *size);
typedef TPM_RC(FlagFunction)(void *target, BYTE **buffer, INT32 *size, BOOL flag);
typedef FlagFunction *UNMARSHAL_t;
typedef INT16(MarshalFunction)(void *source, BYTE **buffer, INT32 *size);
typedef MarshalFunction *MARSHAL_t;
//* Includes and Typedefs
#include "Tpm.h"
#include "Marshal.h"
#if TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
typedef TPM_RC(NoFlagFunction)(void* target, BYTE** buffer, INT32* size);
typedef TPM_RC(FlagFunction)(void* target, BYTE** buffer, INT32* size, BOOL flag);
typedef FlagFunction* UNMARSHAL_t;
typedef INT16(MarshalFunction)(void* source, BYTE** buffer, INT32* size);
typedef MarshalFunction* MARSHAL_t;
typedef TPM_RC(COMMAND_NO_ARGS)(void);
typedef TPM_RC(COMMAND_IN_ARG)(void *in);
typedef TPM_RC(COMMAND_OUT_ARG)(void *out);
typedef TPM_RC(COMMAND_INOUT_ARG)(void *in, void *out);
typedef union
typedef TPM_RC(COMMAND_IN_ARG)(void* in);
typedef TPM_RC(COMMAND_OUT_ARG)(void* out);
typedef TPM_RC(COMMAND_INOUT_ARG)(void* in, void* out);
typedef union COMMAND_t
{
COMMAND_NO_ARGS *noArgs;
COMMAND_IN_ARG *inArg;
COMMAND_OUT_ARG *outArg;
COMMAND_INOUT_ARG *inOutArg;
COMMAND_NO_ARGS* noArgs;
COMMAND_IN_ARG* inArg;
COMMAND_OUT_ARG* outArg;
COMMAND_INOUT_ARG* inOutArg;
} COMMAND_t;
typedef struct
// This structure is used by ParseHandleBuffer() and CommandDispatcher(). The
// parameters in this structure are unique for each command. The parameters are:
// command holds the address of the command processing function that is called
// by Command Dispatcher
// inSize This is the size of the command-dependent input structure. The
// input structure holds the unmarshaled handles and command
// parameters. If the command takes no arguments (handles or
// parameters) then inSize will have a value of 0.
// outSize This is the size of the command-dependent output structure. The
// output structure holds the results of the command in an unmarshaled
// form. When command processing is completed, these values are
// marshaled into the output buffer. It is always the case that the
// unmarshaled version of an output structure is larger then the
// marshaled version. This is because the marshaled version contains
// the exact same number of significant bytes but with padding removed.
// typesOffsets This parameter points to the list of data types that are to be
// marshaled or unmarshaled. The list of types follows the 'offsets'
// array. The offsets array is variable sized so the typesOffset filed
// is necessary for the handle and command processing to be able to
// find the types that are being handled. The 'offsets' array may be
// empty. The 'types' structure is described below.
// offsets This is an array of offsets of each of the parameters in the
// command or response. When processing the command parameters (not
// handles) the list contains the offset of the next parameter. For
// example, if the first command parameter has a size of 4 and there is
// a second command parameter, then the offset would be 4, indicating
// that the second parameter starts at 4. If the second parameter has
// a size of 8, and there is a third parameter, then the second entry
// in offsets is 12 (4 for the first parameter and 8 for the second).
// An offset value of 0 in the list indicates the start of the response
// parameter list. When CommandDispatcher hits this value, it will stop
// unmarshaling the parameters and call 'command'. If a command has no
// response parameters and only one command parameter, then offsets can
// be an empty list.
typedef struct COMMAND_DESCRIPTOR_t
{
COMMAND_t command; // Address of the command
UINT16 inSize; // Maximum size of the input structure
@ -103,46 +130,73 @@ typedef struct
UINT16 typesOffset; // address of the types field
UINT16 offsets[1];
} COMMAND_DESCRIPTOR_t;
#if COMPRESSED_LISTS
// The 'types' list is an encoded byte array. The byte value has two parts. The most
// significant bit is used when a parameter takes a flag and indicates if the flag
// should be SET or not. The remaining 7 bits are an index into an array of
// addresses of marshaling and unmarshaling functions.
// The array of functions is divided into 6 sections with a value assigned
// to denote the start of that section (and the end of the previous section). The
// defined offset values for each section are:
// 0 unmarshaling for handles that do not take flags
// HANDLE_FIRST_FLAG_TYPE unmarshaling for handles that take flags
// PARAMETER_FIRST_TYPE unmarshaling for parameters that do not take flags
// PARAMETER_FIRST_FLAG_TYPE unmarshaling for parameters that take flags
// PARAMETER_LAST_TYPE + 1 marshaling for handles
// RESPONSE_PARAMETER_FIRST_TYPE marshaling for parameters
// RESPONSE_PARAMETER_LAST_TYPE is the last value in the list of marshaling and
// unmarshaling functions.
//
// The types list is constructed with a byte of 0xff at the end of the command
// parameters and with an 0xff at the end of the response parameters.
# if COMPRESSED_LISTS
# define PAD_LIST 0
#else
# else
# define PAD_LIST 1
#endif
#define _COMMAND_TABLE_DISPATCH_
#include "CommandDispatchData.h"
#define TEST_COMMAND TPM_CC_Startup
#define NEW_CC
# endif
# define _COMMAND_TABLE_DISPATCH_
# include "CommandDispatchData.h"
# define TEST_COMMAND TPM_CC_Startup
# define NEW_CC
#else
#include "Commands.h"
# include "Commands.h"
#endif
/* 6.3.1.2 Marshal/Unmarshal Functions */
/* 6.3.1.2.1 ParseHandleBuffer() */
/* This is the table-driven version of the handle buffer unmarshaling code */
//* Marshal/Unmarshal Functions
//** ParseHandleBuffer()
// This is the table-driven version of the handle buffer unmarshaling code
TPM_RC
ParseHandleBuffer(
COMMAND *command
)
ParseHandleBuffer(COMMAND* command)
{
TPM_RC result;
#if TABLE_DRIVEN_DISPATCH
COMMAND_DESCRIPTOR_t *desc;
BYTE *types;
#if TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
COMMAND_DESCRIPTOR_t* desc;
BYTE* types;
BYTE type;
BYTE dType;
// Make sure that nothing strange has happened
pAssert(command->index
< sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t *));
pAssert(
command->index < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t*));
// Get the address of the descriptor for this command
desc = s_CommandDataArray[command->index];
pAssert(desc != NULL);
// Get the associated list of unmarshaling data types.
types = &((BYTE *)desc)[desc->typesOffset];
types = &((BYTE*)desc)[desc->typesOffset];
// if(s_ccAttr[commandIndex].commandIndex == TEST_COMMAND)
// commandIndex = commandIndex;
// No handles yet
command->handleNum = 0;
// Get the first type value
for(type = *types++;
// check each byte to make sure that we have not hit the start
@ -151,19 +205,20 @@ ParseHandleBuffer(
// get the next type
type = *types++)
{
#if TABLE_DRIVEN_MARSHAL
# if TABLE_DRIVEN_MARSHAL
marshalIndex_t index;
index = unmarshalArray[dType] | ((type & 0x80) ? NULL_FLAG : 0);
result = Unmarshal(index, &(command->handles[command->handleNum]),
&command->parameterBuffer, &command->parameterSize);
#else
result = Unmarshal(index,
&(command->handles[command->handleNum]),
&command->parameterBuffer,
&command->parameterSize);
# else
// See if unmarshaling of this handle type requires a flag
if(dType < HANDLE_FIRST_FLAG_TYPE)
{
// Look up the function to do the unmarshaling
NoFlagFunction *f = (NoFlagFunction *)unmarshalArray[dType];
NoFlagFunction* f = (NoFlagFunction*)unmarshalArray[dType];
// call it
result = f(&(command->handles[command->handleNum]),
&command->parameterBuffer,
@ -172,13 +227,16 @@ ParseHandleBuffer(
else
{
// Look up the function
FlagFunction *f = unmarshalArray[dType];
FlagFunction* f = unmarshalArray[dType];
// Call it setting the flag to the appropriate value
result = f(&(command->handles[command->handleNum]),
&command->parameterBuffer,
&command->parameterSize, (type & 0x80) != 0);
&command->parameterSize,
(type & 0x80) != 0);
}
#endif
# endif
// Got a handle
// We do this first so that the match for the handle offset of the
// response code works correctly.
@ -189,15 +247,15 @@ ParseHandleBuffer(
return result + TPM_RC_H + (command->handleNum * TPM_RC_1);
}
#else
BYTE **handleBufferStart = &command->parameterBuffer;
INT32 *bufferRemainingSize = &command->parameterSize;
TPM_HANDLE *handles = &command->handles[0];
UINT32 *handleCount = &command->handleNum;
BYTE** handleBufferStart = &command->parameterBuffer;
INT32* bufferRemainingSize = &command->parameterSize;
TPM_HANDLE* handles = &command->handles[0];
UINT32* handleCount = &command->handleNum;
*handleCount = 0;
switch(command->code)
{
#include "HandleProcess.h"
#undef handles
# include "HandleProcess.h"
# undef handles
default:
FAIL(FATAL_ERROR_INTERNAL);
break;
@ -206,49 +264,50 @@ ParseHandleBuffer(
return TPM_RC_SUCCESS;
}
/* 6.3.1.2.2 CommandDispatcher() */
/* Function to unmarshal the command parameters, call the selected action code, and marshal the
response parameters. */
//** CommandDispatcher()
// Function to unmarshal the command parameters, call the selected action code, and
// marshal the response parameters.
TPM_RC
CommandDispatcher(
COMMAND *command
)
CommandDispatcher(COMMAND* command)
{
#if !TABLE_DRIVEN_DISPATCH
#if !TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
TPM_RC result;
BYTE **paramBuffer = &command->parameterBuffer;
INT32 *paramBufferSize = &command->parameterSize;
BYTE **responseBuffer = &command->responseBuffer;
INT32 *respParmSize = &command->parameterSize;
BYTE** paramBuffer = &command->parameterBuffer;
INT32* paramBufferSize = &command->parameterSize;
BYTE** responseBuffer = &command->responseBuffer;
INT32* respParmSize = &command->parameterSize;
INT32 rSize;
TPM_HANDLE *handles = &command->handles[0];
command->handleNum = 0; /* The command-specific code knows how many handles there are. This
is for cataloging the number of response handles */
MemoryIoBufferAllocationReset(); /* Initialize so that allocation will work properly */
TPM_HANDLE* handles = &command->handles[0];
//
command->handleNum = 0; // The command-specific code knows how
// many handles there are. This is for
// cataloging the number of response
// handles
MemoryIoBufferAllocationReset(); // Initialize so that allocation will
// work properly
switch(GetCommandCode(command->index))
{
#include "CommandDispatcher.h"
# include "CommandDispatcher.h"
default:
FAIL(FATAL_ERROR_INTERNAL);
break;
}
Exit:
Exit:
MemoryIoBufferZero();
return result;
#else
COMMAND_DESCRIPTOR_t *desc;
BYTE *types;
COMMAND_DESCRIPTOR_t* desc;
BYTE* types;
BYTE type;
UINT16 *offsets;
UINT16* offsets;
UINT16 offset = 0;
UINT32 maxInSize;
BYTE *commandIn;
BYTE* commandIn;
INT32 maxOutSize;
BYTE *commandOut;
BYTE* commandOut;
COMMAND_t cmd;
TPM_HANDLE *handles;
TPM_HANDLE* handles;
UINT32 hasInParameters = 0;
BOOL hasOutParameters = FALSE;
UINT32 pNum = 0;
@ -256,33 +315,39 @@ CommandDispatcher(
TPM_RC result;
//
// Get the address of the descriptor for this command
pAssert(command->index
< sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t *));
pAssert(
command->index < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t*));
desc = s_CommandDataArray[command->index];
// Get the list of parameter types for this command
pAssert(desc != NULL);
types = &((BYTE *)desc)[desc->typesOffset];
types = &((BYTE*)desc)[desc->typesOffset];
// Get a pointer to the list of parameter offsets
offsets = &desc->offsets[0];
// pointer to handles
handles = command->handles;
// Get the size required to hold all the unmarshaled parameters for this command
maxInSize = desc->inSize;
// and the size of the output parameter structure returned by this command
maxOutSize = desc->outSize;
MemoryIoBufferAllocationReset();
// Get a buffer for the input parameters
commandIn = MemoryGetInBuffer(maxInSize);
// And the output parameters
commandOut = (BYTE *)MemoryGetOutBuffer((UINT32)maxOutSize);
commandOut = (BYTE*)MemoryGetOutBuffer((UINT32)maxOutSize);
// Get the address of the action code dispatch
cmd = desc->command;
// Copy any handles into the input buffer
for(type = *types++; (type & 0x7F) < PARAMETER_FIRST_TYPE; type = *types++)
{
// 'offset' was initialized to zero so the first unmarshaling will always
// be to the start of the data structure
*(TPM_HANDLE *)&(commandIn[offset]) = *handles++;
*(TPM_HANDLE*)&(commandIn[offset]) = *handles++;
// This check is used so that we don't have to add an additional offset
// value to the offsets list to correspond to the stop value in the
// command parameter list.
@ -295,33 +360,38 @@ CommandDispatcher(
// maxInSize has the amount of space remaining in the command action input
// buffer. Make sure that we don't have more data to unmarshal than is going to
// fit.
// type contains the last value read from types so it is not necessary to
// reload it, which is good because *types now points to the next value
for(; (dType = (type & 0x7F)) <= PARAMETER_LAST_TYPE; type = *types++)
{
pNum++;
#if TABLE_DRIVEN_MARSHAL
# if TABLE_DRIVEN_MARSHAL
{
marshalIndex_t index = unmarshalArray[dType];
index |= (type & 0x80) ? NULL_FLAG : 0;
result = Unmarshal(index, &commandIn[offset], &command->parameterBuffer,
result = Unmarshal(index,
&commandIn[offset],
&command->parameterBuffer,
&command->parameterSize);
}
#else
# else
if(dType < PARAMETER_FIRST_FLAG_TYPE)
{
NoFlagFunction *f = (NoFlagFunction *)unmarshalArray[dType];
result = f(&commandIn[offset], &command->parameterBuffer,
NoFlagFunction* f = (NoFlagFunction*)unmarshalArray[dType];
result = f(&commandIn[offset],
&command->parameterBuffer,
&command->parameterSize);
}
else
{
FlagFunction *f = unmarshalArray[dType];
result = f(&commandIn[offset], &command->parameterBuffer,
FlagFunction* f = unmarshalArray[dType];
result = f(&commandIn[offset],
&command->parameterBuffer,
&command->parameterSize,
(type & 0x80) != 0);
}
#endif
# endif
if(result != TPM_RC_SUCCESS)
{
result += TPM_RC_P + (TPM_RC_1 * pNum);
@ -340,12 +410,14 @@ CommandDispatcher(
result = TPM_RC_SIZE;
goto Exit;
}
// The command parameter unmarshaling stopped when it hit a value that was out
// of range for unmarshaling values and left *types pointing to the first
// marshaling type. If that type happens to be the STOP value, then there
// are no response parameters. So, set the flag to indicate if there are
// output parameters.
hasOutParameters = *types != 0xFF;
// There are four cases for calling, with and without input parameters and with
// and without output parameters.
if(hasInParameters > 0)
@ -364,10 +436,13 @@ CommandDispatcher(
}
if(result != TPM_RC_SUCCESS)
goto Exit;
// Offset in the marshaled output structure
offset = 0;
// Process the return handles, if any
command->handleNum = 0;
// Could make this a loop to process output handles but there is only ever
// one handle in the outputs (for now).
type = *types++;
@ -376,7 +451,7 @@ CommandDispatcher(
// The out->handle value was referenced as TPM_HANDLE in the
// action code so it has to be properly aligned.
command->handles[command->handleNum++] =
*((TPM_HANDLE *)&(commandOut[offset]));
*((TPM_HANDLE*)&(commandOut[offset]));
maxOutSize -= sizeof(UINT32);
type = *types++;
offset = *offsets++;
@ -386,23 +461,23 @@ CommandDispatcher(
// no pointers to data, all of the data being returned has to be in the
// command action output buffer. If we try to marshal more bytes than
// could fit into the output buffer, we need to fail.
for(;(dType = (type & 0x7F)) <= RESPONSE_PARAMETER_LAST_TYPE
&& !g_inFailureMode; type = *types++)
for(; (dType = (type & 0x7F)) <= RESPONSE_PARAMETER_LAST_TYPE && !g_inFailureMode;
type = *types++)
{
#if TABLE_DRIVEN_MARSHAL
# if TABLE_DRIVEN_MARSHAL
marshalIndex_t index = marshalArray[dType];
command->parameterSize += Marshal(index, &commandOut[offset],
&command->responseBuffer,
&maxOutSize);
#else
command->parameterSize += Marshal(
index, &commandOut[offset], &command->responseBuffer, &maxOutSize);
# else
const MARSHAL_t f = marshalArray[dType];
command->parameterSize += f(&commandOut[offset], &command->responseBuffer,
&maxOutSize);
#endif
command->parameterSize +=
f(&commandOut[offset], &command->responseBuffer, &maxOutSize);
# endif
offset = *offsets++;
}
result = (maxOutSize < 0) ? TPM_RC_FAILURE : TPM_RC_SUCCESS;
Exit:
Exit:
MemoryIoBufferZero();
return result;
#endif

View File

@ -59,17 +59,23 @@
/* */
/********************************************************************************/
#ifndef COMMANDDISPATCHER_FP_H
#define COMMANDDISPATCHER_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 7, 2020 Time: 07:06:44PM
*/
#ifndef _COMMAND_DISPATCHER_FP_H_
#define _COMMAND_DISPATCHER_FP_H_
//** ParseHandleBuffer()
// This is the table-driven version of the handle buffer unmarshaling code
TPM_RC
CommandDispatcher(
COMMAND *command
);
ParseHandleBuffer(COMMAND* command);
//** CommandDispatcher()
// Function to unmarshal the command parameters, call the selected action code, and
// marshal the response parameters.
TPM_RC
ParseHandleBuffer(
COMMAND *command
);
CommandDispatcher(COMMAND* command);
#endif
#endif // _COMMAND_DISPATCHER_FP_H_

View File

@ -59,36 +59,41 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef COMMIT_FP_H
#define COMMIT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Commit // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT signHandle;
TPM2B_ECC_POINT P1;
TPM2B_SENSITIVE_DATA s2;
TPM2B_ECC_PARAMETER y2;
} Commit_In;
#define RC_Commit_signHandle (TPM_RC_H + TPM_RC_1)
#define RC_Commit_P1 (TPM_RC_P + TPM_RC_1)
#define RC_Commit_s2 (TPM_RC_P + TPM_RC_2)
#define RC_Commit_y2 (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT K;
TPM2B_ECC_POINT L;
TPM2B_ECC_POINT E;
UINT16 counter;
} Commit_Out;
// Response code modifiers
# define RC_Commit_signHandle (TPM_RC_H + TPM_RC_1)
# define RC_Commit_P1 (TPM_RC_P + TPM_RC_1)
# define RC_Commit_s2 (TPM_RC_P + TPM_RC_2)
# define RC_Commit_y2 (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_Commit(
Commit_In *in, // IN: input parameter list
Commit_Out *out // OUT: output parameter list
);
TPM2_Commit(Commit_In* in, Commit_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
#endif // CC_Commit

View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CONTEXTLOAD_FP_H
#define CONTEXTLOAD_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ContextLoad // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
// Input structure definition
typedef struct
{
TPMS_CONTEXT context;
} ContextLoad_In;
#define RC_ContextLoad_context (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPMI_DH_CONTEXT loadedHandle;
} ContextLoad_Out;
// Response code modifiers
# define RC_ContextLoad_context (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ContextLoad(
ContextLoad_In *in, // IN: input parameter list
ContextLoad_Out *out // OUT: output parameter list
);
TPM2_ContextLoad(ContextLoad_In* in, ContextLoad_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
#endif // CC_ContextLoad

View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CONTEXTSAVE_FP_H
#define CONTEXTSAVE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ContextSave // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_CONTEXT saveHandle;
} ContextSave_In;
#define RC_ContextSave_saveHandle (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPMS_CONTEXT context;
} ContextSave_Out;
// Response code modifiers
# define RC_ContextSave_saveHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ContextSave(
ContextSave_In *in, // IN: input parameter list
ContextSave_Out *out // OUT: output parameter list
);
TPM2_ContextSave(ContextSave_In* in, ContextSave_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
#endif // CC_ContextSave

View File

@ -94,7 +94,7 @@
TPM_RC ComputeContextProtectionKey(TPMS_CONTEXT* contextBlob, // IN: context blob
TPM2B_SYM_KEY* symKey, // OUT: the symmetric key
TPM2B_IV* iv // OUT: the IV.
)
)
{
TPM_RC result = TPM_RC_SUCCESS;
UINT16 symKeyBits; // number of bits in the parent's
@ -183,7 +183,7 @@ TPM_RC ComputeContextProtectionKey(TPMS_CONTEXT* contextBlob, // IN: context b
// requested SVN.
TPM_RC ComputeContextIntegrity(TPMS_CONTEXT* contextBlob, // IN: context blob
TPM2B_DIGEST* integrity // OUT: integrity
)
)
{
TPM_RC result = TPM_RC_SUCCESS;
HMAC_STATE hmacState;
@ -236,7 +236,7 @@ TPM_RC ComputeContextIntegrity(TPMS_CONTEXT* contextBlob, // IN: context blob
return TPM_RC_SUCCESS;
}
#if 0
#if 0 // libtpms added
//*** SequenceDataExport();
// This function is used scan through the sequence object and
// either modify the hash state data for export (contextSave) or to
@ -249,7 +249,7 @@ TPM_RC ComputeContextIntegrity(TPMS_CONTEXT* contextBlob, // IN: context blob
void SequenceDataExport(
HASH_OBJECT* object, // IN: an internal hash object
HASH_OBJECT_BUFFER* exportObject // OUT: a sequence context in a buffer
)
)
{
// If the hash object is not an event, then only one hash context is needed
int count = (object->attributes.eventSeq) ? HASH_COUNT : 1;
@ -276,7 +276,7 @@ void SequenceDataExport(
void SequenceDataImport(
HASH_OBJECT* object, // IN/OUT: an internal hash object
HASH_OBJECT_BUFFER* exportObject // IN/OUT: a sequence context in a buffer
)
)
{
// If the hash object is not an event, then only one hash context is needed
int count = (object->attributes.eventSeq) ? HASH_COUNT : 1;
@ -290,4 +290,4 @@ void SequenceDataImport(
CryptHashImportState(hash, (EXPORT_HASH_STATE*)importHash);
}
}
#endif
#endif // libtpms added

View File

@ -81,7 +81,7 @@
TPM_RC ComputeContextProtectionKey(TPMS_CONTEXT* contextBlob, // IN: context blob
TPM2B_SYM_KEY* symKey, // OUT: the symmetric key
TPM2B_IV* iv // OUT: the IV.
);
);
//*** ComputeContextIntegrity()
// Generate the integrity hash for a context
@ -97,7 +97,7 @@ TPM_RC ComputeContextProtectionKey(TPMS_CONTEXT* contextBlob, // IN: context b
// requested SVN.
TPM_RC ComputeContextIntegrity(TPMS_CONTEXT* contextBlob, // IN: context blob
TPM2B_DIGEST* integrity // OUT: integrity
);
);
//*** SequenceDataExport()
// This function is used scan through the sequence object and
@ -111,7 +111,7 @@ TPM_RC ComputeContextIntegrity(TPMS_CONTEXT* contextBlob, // IN: context blob
void SequenceDataExport(
HASH_OBJECT* object, // IN: an internal hash object
HASH_OBJECT_BUFFER* exportObject // OUT: a sequence context in a buffer
);
);
//*** SequenceDataImport()
// This function is used scan through the sequence object and
@ -125,6 +125,6 @@ void SequenceDataExport(
void SequenceDataImport(
HASH_OBJECT* object, // IN/OUT: an internal hash object
HASH_OBJECT_BUFFER* exportObject // IN/OUT: a sequence context in a buffer
);
);
#endif // _CONTEXT_SPT_FP_H_

View File

@ -59,32 +59,39 @@
/* */
/********************************************************************************/
#ifndef CREATELOADED_FP_H
#define CREATELOADED_FP_H
/* rev 136 */
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CreateLoaded // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_PARENT parentHandle;
TPM2B_SENSITIVE_CREATE inSensitive;
TPM2B_TEMPLATE inPublic;
} CreateLoaded_In;
#define RC_CreateLoaded_parentHandle (TPM_RC_H + TPM_RC_1)
#define RC_CreateLoaded_inSensitive (TPM_RC_P + TPM_RC_1)
#define RC_CreateLoaded_inPublic (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM_HANDLE objectHandle;
TPM2B_PRIVATE outPrivate;
TPM2B_PUBLIC outPublic;
TPM2B_NAME name;
} CreateLoaded_Out;
TPM_RC
TPM2_CreateLoaded(
CreateLoaded_In *in, // IN: input parameter list
CreateLoaded_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_CreateLoaded_parentHandle (TPM_RC_H + TPM_RC_1)
# define RC_CreateLoaded_inSensitive (TPM_RC_P + TPM_RC_1)
# define RC_CreateLoaded_inPublic (TPM_RC_P + TPM_RC_2)
#endif
// Function prototype
TPM_RC
TPM2_CreateLoaded(CreateLoaded_In* in, CreateLoaded_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
#endif // CC_CreateLoaded

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef CREATEPRIMARY_FP_H
#define CREATEPRIMARY_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_CreatePrimary // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_HIERARCHY primaryHandle;
TPM2B_SENSITIVE_CREATE inSensitive;
TPM2B_PUBLIC inPublic;
@ -72,13 +77,9 @@ typedef struct {
TPML_PCR_SELECTION creationPCR;
} CreatePrimary_In;
#define RC_CreatePrimary_primaryHandle (TPM_RC_H + TPM_RC_1)
#define RC_CreatePrimary_inSensitive (TPM_RC_P + TPM_RC_1)
#define RC_CreatePrimary_inPublic (TPM_RC_P + TPM_RC_2)
#define RC_CreatePrimary_outsideInfo (TPM_RC_P + TPM_RC_3)
#define RC_CreatePrimary_creationPCR (TPM_RC_P + TPM_RC_4)
typedef struct {
// Output structure definition
typedef struct
{
TPM_HANDLE objectHandle;
TPM2B_PUBLIC outPublic;
TPM2B_CREATION_DATA creationData;
@ -87,10 +88,16 @@ typedef struct {
TPM2B_NAME name;
} CreatePrimary_Out;
TPM_RC
TPM2_CreatePrimary(
CreatePrimary_In *in, // IN: input parameter list
CreatePrimary_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_CreatePrimary_primaryHandle (TPM_RC_H + TPM_RC_1)
# define RC_CreatePrimary_inSensitive (TPM_RC_P + TPM_RC_1)
# define RC_CreatePrimary_inPublic (TPM_RC_P + TPM_RC_2)
# define RC_CreatePrimary_outsideInfo (TPM_RC_P + TPM_RC_3)
# define RC_CreatePrimary_creationPCR (TPM_RC_P + TPM_RC_4)
#endif
// Function prototype
TPM_RC
TPM2_CreatePrimary(CreatePrimary_In* in, CreatePrimary_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
#endif // CC_CreatePrimary

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 137 */
#ifndef CREATE_FP_H
#define CREATE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Create // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT parentHandle;
TPM2B_SENSITIVE_CREATE inSensitive;
TPM2B_PUBLIC inPublic;
@ -72,13 +77,9 @@ typedef struct {
TPML_PCR_SELECTION creationPCR;
} Create_In;
#define RC_Create_parentHandle (TPM_RC_H + TPM_RC_1)
#define RC_Create_inSensitive (TPM_RC_P + TPM_RC_1)
#define RC_Create_inPublic (TPM_RC_P + TPM_RC_2)
#define RC_Create_outsideInfo (TPM_RC_P + TPM_RC_3)
#define RC_Create_creationPCR (TPM_RC_P + TPM_RC_4)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_PRIVATE outPrivate;
TPM2B_PUBLIC outPublic;
TPM2B_CREATION_DATA creationData;
@ -86,11 +87,16 @@ typedef struct {
TPMT_TK_CREATION creationTicket;
} Create_Out;
// Response code modifiers
# define RC_Create_parentHandle (TPM_RC_H + TPM_RC_1)
# define RC_Create_inSensitive (TPM_RC_P + TPM_RC_1)
# define RC_Create_inPublic (TPM_RC_P + TPM_RC_2)
# define RC_Create_outsideInfo (TPM_RC_P + TPM_RC_3)
# define RC_Create_creationPCR (TPM_RC_P + TPM_RC_4)
// Function prototype
TPM_RC
TPM2_Create(
Create_In *in, // IN: input parameter list
Create_Out *out // OUT: output parameter list
);
TPM2_Create(Create_In* in, Create_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
#endif // CC_Create

View File

@ -80,7 +80,7 @@
// Local function to run self-test
static TPM_RC CryptRunSelfTests(
ALGORITHM_VECTOR* toTest // IN: the vector of the algorithms to test
)
)
{
TPM_ALG_ID alg;
@ -114,7 +114,7 @@ static TPM_RC CryptRunSelfTests(
LIB_EXPORT
TPM_RC
CryptSelfTest(TPMI_YES_NO fullTest // IN: if full test is required
)
)
{
#if ALLOW_FORCE_FAILURE_MODE
if(g_forceFailureMode)
@ -145,7 +145,7 @@ CryptSelfTest(TPMI_YES_NO fullTest // IN: if full test is required
TPM_RC
CryptIncrementalSelfTest(TPML_ALG* toTest, // IN: list of algorithms to be tested
TPML_ALG* toDoList // OUT: list of algorithms needing test
)
)
{
ALGORITHM_VECTOR toTestVector = {0};
TPM_ALG_ID alg;

View File

@ -59,29 +59,69 @@
/* */
/********************************************************************************/
#ifndef CRYPTSELFTEST_FP_H
#define CRYPTSELFTEST_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 4, 2020 Time: 02:36:44PM
*/
#ifndef _CRYPT_SELF_TEST_FP_H_
#define _CRYPT_SELF_TEST_FP_H_
//*** CryptSelfTest()
// This function is called to start/complete a full self-test.
// If 'fullTest' is NO, then only the untested algorithms will be run. If
// 'fullTest' is YES, then 'g_untestedDecryptionAlgorithms' is reinitialized and then
// all tests are run.
// This implementation of the reference design does not support processing outside
// the framework of a TPM command. As a consequence, this command does not
// complete until all tests are done. Since this can take a long time, the TPM
// will check after each test to see if the command is canceled. If so, then the
// TPM will returned TPM_RC_CANCELLED. To continue with the self-tests, call
// TPM2_SelfTest(fullTest == No) and the TPM will complete the testing.
// Return Type: TPM_RC
// TPM_RC_CANCELED if the command is canceled
LIB_EXPORT
TPM_RC
CryptSelfTest(
TPMI_YES_NO fullTest // IN: if full test is required
);
CryptSelfTest(TPMI_YES_NO fullTest // IN: if full test is required
);
//*** CryptIncrementalSelfTest()
// This function is used to perform an incremental self-test. This implementation
// will perform the toTest values before returning. That is, it assumes that the
// TPM cannot perform background tasks between commands.
//
// This command may be canceled. If it is, then there is no return result.
// However, this command can be run again and the incremental progress will not
// be lost.
// Return Type: TPM_RC
// TPM_RC_CANCELED processing of this command was canceled
// TPM_RC_TESTING if toTest list is not empty
// TPM_RC_VALUE an algorithm in the toTest list is not implemented
TPM_RC
CryptIncrementalSelfTest(
TPML_ALG *toTest, // IN: list of algorithms to be tested
TPML_ALG *toDoList // OUT: list of algorithms needing test
);
void
CryptInitializeToTest(
void
);
CryptIncrementalSelfTest(TPML_ALG* toTest, // IN: list of algorithms to be tested
TPML_ALG* toDoList // OUT: list of algorithms needing test
);
//*** CryptInitializeToTest()
// This function will initialize the data structures for testing all the
// algorithms. This should not be called unless CryptAlgsSetImplemented() has
// been called
void CryptInitializeToTest(void);
//*** CryptTestAlgorithm()
// Only point of contact with the actual self tests. If a self-test fails, there
// is no return and the TPM goes into failure mode.
// The call to TestAlgorithm uses an algorithm selector and a bit vector. When the
// test is run, the corresponding bit in 'toTest' and in 'g_toTest' is CLEAR. If
// 'toTest' is NULL, then only the bit in 'g_toTest' is CLEAR.
// There is a special case for the call to TestAlgorithm(). When 'alg' is
// ALG_ERROR, TestAlgorithm() will CLEAR any bit in 'toTest' for which it has
// no test. This allows the knowledge about which algorithms have test to be
// accessed through the interface that provides the test.
// Return Type: TPM_RC
// TPM_RC_CANCELED test was canceled
LIB_EXPORT
TPM_RC
CryptTestAlgorithm(
TPM_ALG_ID alg,
ALGORITHM_VECTOR *toTest
);
CryptTestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest);
#endif
#endif // _CRYPT_SELF_TEST_FP_H_

View File

@ -80,7 +80,7 @@
static TPM_RC CryptHmacSign(TPMT_SIGNATURE* signature, // OUT: signature
OBJECT* signKey, // IN: HMAC key sign the hash
TPM2B_DIGEST* hashData // IN: hash to be signed
)
)
{
HMAC_STATE hmacState;
UINT32 digestSize;
@ -116,7 +116,7 @@ static TPM_RC CryptHMACVerifySignature(
OBJECT* signKey, // IN: HMAC key signed the hash
TPM2B_DIGEST* hashData, // IN: digest being verified
TPMT_SIGNATURE* signature // IN: signature to be verified
)
)
{
TPMT_SIGNATURE test;
TPMT_KEYEDHASH_SCHEME* keyScheme =
@ -174,7 +174,7 @@ static TPM_RC CryptGenerateKeyedHash(
TPMT_SENSITIVE* sensitive, // OUT: sensitive area
TPMS_SENSITIVE_CREATE* sensitiveCreate, // IN: sensitive creation data
RAND_STATE* rand // IN: "entropy" source
)
)
{
TPMT_KEYEDHASH_SCHEME* scheme;
TPM_ALG_ID hashAlg;
@ -189,7 +189,7 @@ static TPM_RC CryptGenerateKeyedHash(
if(scheme->scheme == TPM_ALG_NULL)
hashAlg = publicArea->nameAlg;
else if(scheme->scheme == TPM_ALG_XOR)
hashAlg = scheme->details.xorr.hashAlg;
hashAlg = scheme->details.xor.hashAlg;
else
hashAlg = scheme->details.hmac.hashAlg;
digestSize = CryptHashGetDigestSize(hashAlg);
@ -235,7 +235,7 @@ static TPM_RC CryptGenerateKeyedHash(
// The only anonymous scheme is ECDAA. ECDAA can be used to do things
// like U-Prove.
BOOL CryptIsSchemeAnonymous(TPM_ALG_ID scheme // IN: the scheme algorithm to test
)
)
{
return scheme == TPM_ALG_ECDAA;
}
@ -267,7 +267,7 @@ void ParmDecryptSym(TPM_ALG_ID symAlg, // IN: the symmetric algorithm
TPM2B* nonceTpm, // IN: nonce TPM
UINT32 dataSize, // IN: size of parameter buffer
BYTE* data // OUT: buffer to be decrypted
)
)
{
// KDF output buffer
// It contains parameters for the CFB encryption
@ -327,7 +327,7 @@ void ParmEncryptSym(TPM_ALG_ID symAlg, // IN: symmetric algorithm
TPM2B* nonceTpm, // IN: nonce TPM
UINT32 dataSize, // IN: size of parameter buffer
BYTE* data // OUT: buffer to be encrypted
)
)
{
// KDF output buffer
// It contains parameters for the CFB encryption
@ -380,7 +380,7 @@ static TPM_RC CryptGenerateKeySymmetric(
TPMT_SENSITIVE* sensitive, // OUT: sensitive area
TPMS_SENSITIVE_CREATE* sensitiveCreate, // IN: sensitive creation data
RAND_STATE* rand // IN: the "entropy" source for
)
)
{
UINT16 keyBits = publicArea->parameters.symDetail.sym.keyBits.sym;
TPM_RC result;
@ -428,7 +428,7 @@ void CryptXORObfuscation(TPM_ALG_ID hash, // IN: hash algorithm for KDF
TPM2B* contextV, // IN: contextV
UINT32 dataSize, // IN: size of data buffer
BYTE* data // IN/OUT: data to be XORed in place
)
)
{
BYTE mask[MAX_DIGEST_SIZE]; // Allocate a digest sized buffer
BYTE* pm;
@ -510,7 +510,7 @@ BOOL CryptInit(void)
// FALSE(0) startup failed and caller should place the TPM into
// Failure Mode
BOOL CryptStartup(STARTUP_TYPE type // IN: the startup type
)
)
{
BOOL OK;
NOT_REFERENCED(type);
@ -554,7 +554,7 @@ BOOL CryptStartup(STARTUP_TYPE type // IN: the startup type
// TRUE(1) if it is an asymmetric algorithm
// FALSE(0) if it is not an asymmetric algorithm
BOOL CryptIsAsymAlgorithm(TPM_ALG_ID algID // IN: algorithm ID
)
)
{
switch(algID)
{
@ -589,7 +589,7 @@ CryptSecretEncrypt(OBJECT* encryptKey, // IN: encryption key object
const TPM2B* label, // IN: a null-terminated string as L
TPM2B_DATA* data, // OUT: secret value
TPM2B_ENCRYPTED_SECRET* secret // OUT: secret structure
)
)
{
TPM_RC result = TPM_RC_SUCCESS;
//
@ -741,7 +741,7 @@ CryptSecretDecrypt(OBJECT* decryptKey, // IN: decrypt key
const TPM2B* label, // IN: a value for L
TPM2B_ENCRYPTED_SECRET* secret, // IN: input secret
TPM2B_DATA* data // OUT: decrypted secret value
)
)
{
TPM_RC result = TPM_RC_SUCCESS;
@ -905,8 +905,8 @@ CryptSecretDecrypt(OBJECT* decryptKey, // IN: decrypt key
{
if(nonceCaller->t.size > sizeof(iv.t.buffer))
return TPM_RC_FAILURE;
MemoryCopy(iv.t.buffer, nonceCaller->t.buffer, // libtpms changed: use iv.t.buffer
nonceCaller->t.size);
MemoryCopy(
iv.t.buffer, nonceCaller->t.buffer, nonceCaller->t.size); // libtpms changed: use iv.t.buffer
}
// make sure secret will fit
if(secret->t.size > sizeof(data->t.buffer))
@ -942,7 +942,7 @@ void CryptParameterEncryption(
TPM2B_AUTH* extraKey, // IN: additional key material other than
// sessionAuth
BYTE* buffer // IN/OUT: parameter buffer to be encrypted
)
)
{
SESSION* session = SessionGet(handle); // encrypt session
TPM2B_TYPE(TEMP_KEY,
@ -1016,7 +1016,7 @@ CryptParameterDecryption(
// byte
TPM2B_AUTH* extraKey, // IN: the authValue
BYTE* buffer // IN/OUT: parameter buffer to be decrypted
)
)
{
SESSION* session = SessionGet(handle); // encrypt session
// The HMAC key is going to be the concatenation of the session key and any
@ -1083,7 +1083,7 @@ void CryptComputeSymmetricUnique(
TPMT_PUBLIC* publicArea, // IN: the object's public area
TPMT_SENSITIVE* sensitive, // IN: the associated sensitive area
TPM2B_DIGEST* unique // OUT: unique buffer
)
)
{
// For parents (symmetric and derivation), use an HMAC to compute
// the 'unique' field
@ -1150,7 +1150,7 @@ CryptCreateObject(OBJECT* object, // IN: new object structure po
TPMS_SENSITIVE_CREATE* sensitiveCreate, // IN: sensitive creation
RAND_STATE* rand // IN: the random number generator
// to use
)
)
{
TPMT_PUBLIC* publicArea = &object->publicArea;
TPMT_SENSITIVE* sensitive = &object->sensitive;
@ -1242,7 +1242,7 @@ CryptCreateObject(OBJECT* object, // IN: new object structure po
// This is a function for easy access
TPMI_ALG_HASH
CryptGetSignHashAlg(TPMT_SIGNATURE* auth // IN: signature
)
)
{
if(auth->sigAlg == TPM_ALG_NULL)
FAIL(FATAL_ERROR_INTERNAL);
@ -1300,7 +1300,7 @@ CryptGetSignHashAlg(TPMT_SIGNATURE* auth // IN: signature
// signing operation that required a TPM2_Commit().
//
BOOL CryptIsSplitSign(TPM_ALG_ID scheme // IN: the algorithm selector
)
)
{
switch(scheme)
{
@ -1316,11 +1316,10 @@ BOOL CryptIsSplitSign(TPM_ALG_ID scheme // IN: the algorithm selector
}
//*** CryptIsAsymSignScheme()
// This function indicates if a scheme algorithm is a sign algorithm valid for the
// public key type.
// This function indicates if a scheme algorithm is a sign algorithm.
BOOL CryptIsAsymSignScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the object
TPMI_ALG_ASYM_SCHEME scheme // IN: the scheme
)
)
{
BOOL isSignScheme = TRUE;
@ -1351,6 +1350,7 @@ BOOL CryptIsAsymSignScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the
# endif
switch(scheme)
{
// Support for ECDSA is required for ECC
case TPM_ALG_ECDSA:
# if ALG_ECDAA // ECDAA is optional
case TPM_ALG_ECDAA:
@ -1432,7 +1432,7 @@ static BOOL CryptIsValidSignScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of
// This function indicate if a scheme algorithm is a decrypt algorithm.
BOOL CryptIsAsymDecryptScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the object
TPMI_ALG_ASYM_SCHEME scheme // IN: the scheme
)
)
{
BOOL isDecryptScheme = TRUE;
@ -1483,10 +1483,8 @@ BOOL CryptIsAsymDecryptScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the ob
//*** CryptSelectSignScheme()
// This function is used by the attestation and signing commands. It implements
// the rules for selecting the signature scheme to use in signing and validates
// that the selected scheme is compatible with the key type. It also ensures
// the selected scheme specifies a valid hash algorithm. This function requires
// that the signing key either be TPM_RH_NULL or be loaded.
// the rules for selecting the signature scheme to use in signing. This function
// requires that the signing key either be TPM_RH_NULL or be loaded.
//
// If a default scheme is defined in object, the default scheme should be chosen,
// otherwise, the input scheme should be chosen.
@ -1501,12 +1499,10 @@ BOOL CryptIsAsymDecryptScheme(TPMI_ALG_PUBLIC publicType, // IN: Type of the ob
// FALSE(0) both 'scheme' and key's default scheme are empty; or
// 'scheme' is empty while key's default scheme requires
// explicit input scheme (split signing); or
// non-empty default key scheme differs from 'scheme'; or
// 'scheme' not valid for key type; or invalid hash
// algorithm specified; or key type is ALG_SYMCIPHER
// non-empty default key scheme differs from 'scheme'
BOOL CryptSelectSignScheme(OBJECT* signObject, // IN: signing key
TPMT_SIG_SCHEME* scheme // IN/OUT: signing scheme
)
)
{
TPMT_SIG_SCHEME* objectScheme;
TPMT_PUBLIC* publicArea;
@ -1550,6 +1546,8 @@ BOOL CryptSelectSignScheme(OBJECT* signObject, // IN: signing key
{
// Input and default can't both be NULL
OK = (scheme->scheme != TPM_ALG_NULL);
// Assume that the scheme is compatible with the key. If not,
// an error will be generated in the signing operation.
}
else if(scheme->scheme == TPM_ALG_NULL)
{
@ -1584,7 +1582,6 @@ BOOL CryptSelectSignScheme(OBJECT* signObject, // IN: signing key
// valid hash algorithm specified.
OK = CryptIsValidSignScheme(publicArea->type, scheme);
}
}
return OK;
}
@ -1610,7 +1607,7 @@ CryptSign(OBJECT* signKey, // IN: signing key
TPMT_SIG_SCHEME* signScheme, // IN: sign scheme.
TPM2B_DIGEST* digest, // IN: The digest being signed
TPMT_SIGNATURE* signature // OUT: signature
)
)
{
TPM_RC result = TPM_RC_SCHEME;
@ -1689,7 +1686,7 @@ TPM_RC
CryptValidateSignature(TPMI_DH_OBJECT keyHandle, // IN: The handle of sign key
TPM2B_DIGEST* digest, // IN: The digest being validated
TPMT_SIGNATURE* signature // IN: signature
)
)
{
// NOTE: HandleToObject will either return a pointer to a loaded object or
// will assert. It will never return a non-valid value. This makes it save
@ -1742,7 +1739,7 @@ CryptValidateSignature(TPMI_DH_OBJECT keyHandle, // IN: The handle of sign key
// consult the part 3 specification for TPM2_GetTestResult().
TPM_RC
CryptGetTestResult(TPM2B_MAX_BUFFER* outData // OUT: test result data
)
)
{
outData->t.size = 0;
return TPM_RC_SUCCESS;
@ -1907,7 +1904,7 @@ CryptValidateKeys(TPMT_PUBLIC* publicArea,
scheme = &params->keyedHashDetail.scheme;
if(scheme->scheme == TPM_ALG_XOR)
{
maxSize = CryptHashGetBlockSize(scheme->details.xorr.hashAlg);
maxSize = CryptHashGetBlockSize(scheme->details.xor.hashAlg);
}
else if(scheme->scheme == TPM_ALG_HMAC)
{
@ -2029,7 +2026,7 @@ BOOL CryptMacIsValidForKey(TPM_ALG_ID keyType, TPM_ALG_ID macAlg, BOOL flag)
// needs to be updated as new algorithms are added.
BOOL CryptSmacIsValidAlg(TPM_ALG_ID alg,
BOOL FLAG // IN: Indicates if TPM_ALG_NULL is valid
)
)
{
switch(alg)
{

View File

@ -0,0 +1,66 @@
/********************************************************************************/
/* */
/* CryptoInterface header file */
/* Written by Stefan Berger */
/* IBM Thomas J. Watson Research Center */
/* */
/* (c) Copyright IBM Corporation 2017,2018. */
/* */
/* All rights reserved. */
/* */
/* Redistribution and use in source and binary forms, with or without */
/* modification, are permitted provided that the following conditions are */
/* met: */
/* */
/* Redistributions of source code must retain the above copyright notice, */
/* this list of conditions and the following disclaimer. */
/* */
/* Redistributions in binary form must reproduce the above copyright */
/* notice, this list of conditions and the following disclaimer in the */
/* documentation and/or other materials provided with the distribution. */
/* */
/* Neither the names of the IBM Corporation nor the names of its */
/* contributors may be used to endorse or promote products derived from */
/* this software without specific prior written permission. */
/* */
/* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS */
/* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT */
/* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR */
/* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT */
/* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, */
/* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT */
/* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, */
/* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY */
/* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT */
/* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE */
/* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
/********************************************************************************/
//** Introduction
//
// This file contains prototypes that are common to all TPM crypto interfaces.
//
#ifndef CRYPTO_INTERFACE_H
#define CRYPTO_INTERFACE_H
#include "TpmBuildSwitches.h"
#if SIMULATION && CRYPTO_LIB_REPORTING
typedef struct crypto_impl_description
{
// The name of the crypto library, ASCII encoded.
char name[32];
// The version of the crypto library, ASCII encoded.
char version[32];
} _CRYPTO_IMPL_DESCRIPTION;
// When building the simulator, the plugged-in crypto libraries can report its
// version information by implementing these interfaces.
void _crypto_GetSymImpl(_CRYPTO_IMPL_DESCRIPTION* result);
void _crypto_GetHashImpl(_CRYPTO_IMPL_DESCRIPTION* result);
void _crypto_GetMathImpl(_CRYPTO_IMPL_DESCRIPTION* result);
#endif // SIMULATION && CRYPTO_LIB_REPORTING
#endif // CRYPTO_INTERFACE_H

View File

@ -59,46 +59,51 @@
/* */
/********************************************************************************/
/* 8.2 DA.c */
/* 8.2.1 Introduction */
/* This file contains the functions and data definitions relating to the dictionary attack logic. */
/* 8.2.2 Includes and Data Definitions */
//** Introduction
// This file contains the functions and data definitions relating to the
// dictionary attack logic.
//** Includes and Data Definitions
#define DA_C
#include "Tpm.h"
/* 8.2.3 Functions */
/* 8.2.3.1 DAPreInstall_Init() */
/* This function initializes the DA parameters to their manufacturer-default values. The default
values are determined by a platform-specific specification. */
/* This function should not be called outside of a manufacturing or simulation environment. */
/* The DA parameters will be restored to these initial values by TPM2_Clear(). */
void
DAPreInstall_Init(
void
)
//** Functions
//*** DAPreInstall_Init()
// This function initializes the DA parameters to their manufacturer-default
// values. The default values are determined by a platform-specific specification.
//
// This function should not be called outside of a manufacturing or simulation
// environment.
//
// The DA parameters will be restored to these initial values by TPM2_Clear().
void DAPreInstall_Init(void)
{
gp.failedTries = 0;
gp.maxTries = 3;
gp.recoveryTime = 1000; // in seconds (~16.67 minutes)
gp.lockoutRecovery = 1000; // in seconds
gp.lockOutAuthEnabled = TRUE; // Use of lockoutAuth is enabled
// Record persistent DA parameter changes to NV
NV_SYNC_PERSISTENT(failedTries);
NV_SYNC_PERSISTENT(maxTries);
NV_SYNC_PERSISTENT(recoveryTime);
NV_SYNC_PERSISTENT(lockoutRecovery);
NV_SYNC_PERSISTENT(lockOutAuthEnabled);
return;
}
/* 8.2.3.2 DAStartup() */
/* This function is called by TPM2_Startup() to initialize the DA parameters. In the case of
Startup(CLEAR), use of lockoutAuth will be enabled if the lockout recovery time is 0. Otherwise,
lockoutAuth will not be enabled until the TPM has been continuously powered for the
lockoutRecovery time. */
/* This function requires that NV be available and not rate limiting. */
BOOL
DAStartup(
STARTUP_TYPE type // IN: startup type
)
//*** DAStartup()
// This function is called by TPM2_Startup() to initialize the DA parameters.
// In the case of Startup(CLEAR), use of lockoutAuth will be enabled if the
// lockout recovery time is 0. Otherwise, lockoutAuth will not be enabled until
// the TPM has been continuously powered for the lockoutRecovery time.
//
// This function requires that NV be available and not rate limiting.
BOOL DAStartup(STARTUP_TYPE type // IN: startup type
)
{
NOT_REFERENCED(type);
#if !ACCUMULATE_SELF_HEAL_TIMER
@ -126,6 +131,7 @@ DAStartup(
}
}
#endif
// For any Startup(), if lockoutRecovery is 0, enable use of lockoutAuth.
if(gp.lockoutRecovery == 0)
{
@ -133,10 +139,10 @@ DAStartup(
// Record the changes to NV
NV_SYNC_PERSISTENT(lockOutAuthEnabled);
}
// If DA has not been disabled and the previous shutdown is not orderly
// failedTries is not already at its maximum then increment 'failedTries'
if(gp.recoveryTime != 0
&& gp.failedTries < gp.maxTries
if(gp.recoveryTime != 0 && gp.failedTries < gp.maxTries
&& !IS_ORDERLY(g_prevOrderlyState))
{
#if USE_DA_USED
@ -151,16 +157,17 @@ DAStartup(
// Before Startup, the TPM will not do clock updates. At startup, need to
// do a time update which will do the DA update.
TimeUpdate();
return TRUE;
}
/* 8.2.3.3 DARegisterFailure() */
/* This function is called when an authorization failure occurs on an entity that is subject to
dictionary-attack protection. When a DA failure is triggered, register the failure by resetting
the relevant self-healing timer to the current time. */
void
DARegisterFailure(
TPM_HANDLE handle // IN: handle for failure
)
//*** DARegisterFailure()
// This function is called when an authorization failure occurs on an entity
// that is subject to dictionary-attack protection. When a DA failure is
// triggered, register the failure by resetting the relevant self-healing
// timer to the current time.
void DARegisterFailure(TPM_HANDLE handle // IN: handle for failure
)
{
// Reset the timer associated with lockout if the handle is the lockoutAuth.
if(handle == TPM_RH_LOCKOUT)
@ -169,14 +176,13 @@ DARegisterFailure(
s_selfHealTimer = g_time;
return;
}
/* 8.2.3.4 DASelfHeal() */
/* This function is called to check if sufficient time has passed to allow decrement of failedTries
or to re-enable use of lockoutAuth. */
/* This function should be called when the time interval is updated. */
void
DASelfHeal(
void
)
//*** DASelfHeal()
// This function is called to check if sufficient time has passed to allow
// decrement of failedTries or to re-enable use of lockoutAuth.
//
// This function should be called when the time interval is updated.
void DASelfHeal(void)
{
// Regular authorization self healing logic
// If no failed authorization tries, do nothing. Otherwise, try to
@ -194,22 +200,26 @@ DASelfHeal(
else
{
UINT64 decreaseCount;
#if 0 // Errata eliminates this code
#if 0
// Errata eliminates this code
// In the unlikely event that failedTries should become larger than
// maxTries
if(gp.failedTries > gp.maxTries)
gp.failedTries = gp.maxTries;
#endif
// How much can failedTries be decreased
// Cast s_selfHealTimer to an int in case it became negative at
// startup
decreaseCount = ((g_time - (INT64)s_selfHealTimer) / 1000)
/ gp.recoveryTime;
decreaseCount =
((g_time - (INT64)s_selfHealTimer) / 1000) / gp.recoveryTime;
if(gp.failedTries <= (UINT32)decreaseCount)
// should not set failedTries below zero
gp.failedTries = 0;
else
gp.failedTries -= (UINT32)decreaseCount;
// the cast prevents overflow of the product
s_selfHealTimer += (decreaseCount * (UINT64)gp.recoveryTime) * 1000;
if(decreaseCount != 0)
@ -218,6 +228,7 @@ DASelfHeal(
NV_SYNC_PERSISTENT(failedTries);
}
}
// LockoutAuth self healing logic
// If lockoutAuth is enabled, do nothing. Otherwise, try to see if we
// may enable it

View File

@ -59,29 +59,47 @@
/* */
/********************************************************************************/
#ifndef DA_FP_H
#define DA_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Apr 2, 2019 Time: 04:23:27PM
*/
void
DAPreInstall_Init(
void
);
void
DAInit(
void
);
BOOL
DAStartup(
STARTUP_TYPE type // IN: startup type
);
void
DARegisterFailure(
TPM_HANDLE handle // IN: handle for failure
);
void
DASelfHeal(
void
);
#ifndef _DA_FP_H_
#define _DA_FP_H_
//*** DAPreInstall_Init()
// This function initializes the DA parameters to their manufacturer-default
// values. The default values are determined by a platform-specific specification.
//
// This function should not be called outside of a manufacturing or simulation
// environment.
//
// The DA parameters will be restored to these initial values by TPM2_Clear().
void DAPreInstall_Init(void);
#endif
//*** DAStartup()
// This function is called by TPM2_Startup() to initialize the DA parameters.
// In the case of Startup(CLEAR), use of lockoutAuth will be enabled if the
// lockout recovery time is 0. Otherwise, lockoutAuth will not be enabled until
// the TPM has been continuously powered for the lockoutRecovery time.
//
// This function requires that NV be available and not rate limiting.
BOOL DAStartup(STARTUP_TYPE type // IN: startup type
);
//*** DARegisterFailure()
// This function is called when a authorization failure occurs on an entity
// that is subject to dictionary-attack protection. When a DA failure is
// triggered, register the failure by resetting the relevant self-healing
// timer to the current time.
void DARegisterFailure(TPM_HANDLE handle // IN: handle for failure
);
//*** DASelfHeal()
// This function is called to check if sufficient time has passed to allow
// decrement of failedTries or to re-enable use of lockoutAuth.
//
// This function should be called when the time interval is updated.
void DASelfHeal(void);
#endif // _DA_FP_H_

View File

@ -59,31 +59,27 @@
/* */
/********************************************************************************/
/* C.13 DebugHelpers.c */
/* C.13.1. Description */
/* This file contains the NV read and write access methods. This implementation uses RAM/file and
does not manage the RAM/file as NV blocks. The implementation may become more sophisticated over
time. */
/* C.13.2. Includes and Local */
//** Description
//
// This file contains the NV read and write access methods. This implementation
// uses RAM/file and does not manage the RAM/file as NV blocks.
// The implementation may become more sophisticated over time.
//
//** Includes and Local
#include <stdio.h>
#include <time.h>
#include "Platform.h"
#include "DebugHelpers_fp.h"
#if CERTIFYX509_DEBUG
const char *debugFileName = "DebugFile.txt";
/* C.13.2.1. fileOpen() */
const char* debugFileName = "DebugFile.txt";
/* This exists to allow use of the safe version of fopen() with a MS runtime. */
static FILE *
fileOpen(
const char *fn,
const char *mode
)
//*** fileOpen()
// This exists to allow use of the 'safe' version of fopen() with a MS runtime.
static FILE* fileOpen(const char* fn, const char* mode)
{
FILE *f;
FILE* f;
# if defined _MSC_VER
if(fopen_s(&f, fn, mode) != 0)
f = NULL;
@ -92,34 +88,31 @@ fileOpen(
# endif
return f;
}
/* C.13.2.2. DebugFileInit() */
/* This function initializes the file containing the debug data with the time of the file
creation. */
/* This function opens the file used to hold the debug data. */
/* Return Value Meaning */
/* 0 success */
/* != 0 error */
int
DebugFileInit(
void
)
//*** DebugFileInit()
// This function initializes the file containing the debug data with the time of the
// file creation.
// Return Type: int
// 0 success
// != 0 error
int DebugFileInit(void)
{
FILE *f = NULL;
FILE* f = NULL;
time_t t = time(NULL);
//
// Get current date and time.
//
// Get current date and time.
# if defined _MSC_VER
char timeString[100];
ctime_s(timeString, (size_t)sizeof(timeString), &t);
# else
char *timeString;
char* timeString;
timeString = ctime(&t);
# endif
// Try to open the debug file
f = fileOpen(debugFileName, "w");
if(f)
{
/* Initialize the contents with the time. */
// Initialize the contents with the time.
fprintf(f, "%s\n", timeString);
fclose(f);
return 0;
@ -127,18 +120,12 @@ DebugFileInit(
return -1;
}
/* C.13.2.3. DebugDumpBuffer() */
void
DebugDumpBuffer(
int size,
unsigned char *buf,
const char *identifier
)
//*** DebugDumpBuffer()
void DebugDumpBuffer(int size, unsigned char* buf, const char* identifier)
{
int i;
//
FILE *f = fileOpen(debugFileName, "a");
FILE* f = fileOpen(debugFileName, "a");
if(!f)
return;
if(identifier)

View File

@ -59,21 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef DICTIONARYATTACKLOCKRESET_FP_H
#define DICTIONARYATTACKLOCKRESET_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_DictionaryAttackLockReset // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_LOCKOUT lockHandle;
} DictionaryAttackLockReset_In;
#define RC_DictionaryAttackLockReset_lockHandle (TPM_RC_H + TPM_RC_1)
// Response code modifiers
# define RC_DictionaryAttackLockReset_lockHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_DictionaryAttackLockReset(
DictionaryAttackLockReset_In *in // IN: input parameter list
);
TPM2_DictionaryAttackLockReset(DictionaryAttackLockReset_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
#endif // CC_DictionaryAttackLockReset

View File

@ -59,28 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef DICTIONARYATTACKPARAMETERS_FP_H
#define DICTIONARYATTACKPARAMETERS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
#if CC_DictionaryAttackParameters // Command must be enabled
typedef struct {
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_LOCKOUT lockHandle;
UINT32 newMaxTries;
UINT32 newRecoveryTime;
UINT32 lockoutRecovery;
} DictionaryAttackParameters_In;
#define RC_DictionaryAttackParameters_lockHandle (TPM_RC_H + TPM_RC_1)
#define RC_DictionaryAttackParameters_newMaxTries (TPM_RC_P + TPM_RC_1)
#define RC_DictionaryAttackParameters_newRecoveryTime (TPM_RC_P + TPM_RC_2)
#define RC_DictionaryAttackParameters_lockoutRecovery (TPM_RC_P + TPM_RC_3)
// Response code modifiers
# define RC_DictionaryAttackParameters_lockHandle (TPM_RC_H + TPM_RC_1)
# define RC_DictionaryAttackParameters_newMaxTries (TPM_RC_P + TPM_RC_1)
# define RC_DictionaryAttackParameters_newRecoveryTime (TPM_RC_P + TPM_RC_2)
# define RC_DictionaryAttackParameters_lockoutRecovery (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_DictionaryAttackParameters(
DictionaryAttackParameters_In *in // IN: input parameter list
);
TPM2_DictionaryAttackParameters(DictionaryAttackParameters_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
#endif // CC_DictionaryAttackParameters

View File

@ -59,33 +59,40 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef DUPLICATE_FP_H
#define DUPLICATE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Duplicate // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT objectHandle;
TPMI_DH_OBJECT newParentHandle;
TPM2B_DATA encryptionKeyIn;
TPMT_SYM_DEF_OBJECT symmetricAlg;
} Duplicate_In;
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DATA encryptionKeyOut;
TPM2B_PRIVATE duplicate;
TPM2B_ENCRYPTED_SECRET outSymSeed;
} Duplicate_Out;
#define RC_Duplicate_objectHandle (TPM_RC_H + TPM_RC_1)
#define RC_Duplicate_newParentHandle (TPM_RC_H + TPM_RC_2)
#define RC_Duplicate_encryptionKeyIn (TPM_RC_P + TPM_RC_1)
#define RC_Duplicate_symmetricAlg (TPM_RC_P + TPM_RC_2)
// Response code modifiers
# define RC_Duplicate_objectHandle (TPM_RC_H + TPM_RC_1)
# define RC_Duplicate_newParentHandle (TPM_RC_H + TPM_RC_2)
# define RC_Duplicate_encryptionKeyIn (TPM_RC_P + TPM_RC_1)
# define RC_Duplicate_symmetricAlg (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_Duplicate(
Duplicate_In *in, // IN: input parameter list
Duplicate_Out *out // OUT: output parameter list
);
TPM2_Duplicate(Duplicate_In* in, Duplicate_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
#endif // CC_Duplicate

View File

@ -1643,7 +1643,7 @@ TPM2_PolicyAuthorizeNV(PolicyAuthorizeNV_In* in)
#include "CommandCodeAttributes_fp.h"
#include "CryptEccMain_fp.h"
#include "Handle_fp.h"
#include "NVDynamic_fp.h"
#include "NvDynamic_fp.h"
#include "Object_fp.h"
#include "PCR_fp.h"
#include "PP_fp.h"

View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ECC_PARAMETERS_FP_H
#define ECC_PARAMETERS_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ECC_Parameters // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
// Input structure definition
typedef struct
{
TPMI_ECC_CURVE curveID;
} ECC_Parameters_In;
#define RC_ECC_Parameters_curveID (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPMS_ALGORITHM_DETAIL_ECC parameters;
} ECC_Parameters_Out;
// Response code modifiers
# define RC_ECC_Parameters_curveID (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ECC_Parameters(
ECC_Parameters_In *in, // IN: input parameter list
ECC_Parameters_Out *out // OUT: output parameter list
);
TPM2_ECC_Parameters(ECC_Parameters_In* in, ECC_Parameters_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
#endif // CC_ECC_Parameters

View File

@ -59,27 +59,33 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ECDH_KEYGEN_FP_H
#define ECDH_KEYGEN_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ECDH_KeyGen // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
} ECDH_KeyGen_In;
#define RC_ECDH_KeyGen_keyHandle (TPM_RC_H + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT zPoint;
TPM2B_ECC_POINT pubPoint;
} ECDH_KeyGen_Out;
// Response code modifiers
# define RC_ECDH_KeyGen_keyHandle (TPM_RC_H + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ECDH_KeyGen(
ECDH_KeyGen_In *in, // IN: input parameter list
ECDH_KeyGen_Out *out // OUT: output parameter list
);
TPM2_ECDH_KeyGen(ECDH_KeyGen_In* in, ECDH_KeyGen_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
#endif // CC_ECDH_KeyGen

View File

@ -59,28 +59,34 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ECDH_ZGEN_FP_H
#define ECDH_ZGEN_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_ECDH_ZGen // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
TPM2B_ECC_POINT inPoint;
} ECDH_ZGen_In;
#define RC_ECDH_ZGen_keyHandle (TPM_RC_H + TPM_RC_1)
#define RC_ECDH_ZGen_inPoint (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT outPoint;
} ECDH_ZGen_Out;
// Response code modifiers
# define RC_ECDH_ZGen_keyHandle (TPM_RC_H + TPM_RC_1)
# define RC_ECDH_ZGen_inPoint (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_ECDH_ZGen(
ECDH_ZGen_In *in, // IN: input parameter list
ECDH_ZGen_Out *out // OUT: output parameter list
);
TPM2_ECDH_ZGen(ECDH_ZGen_In* in, ECDH_ZGen_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
#endif // CC_ECDH_ZGen

View File

@ -59,26 +59,33 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef EC_EPHEMERAL_FP_H
#define EC_EPHEMERAL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EC_Ephemeral // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
// Input structure definition
typedef struct
{
TPMI_ECC_CURVE curveID;
} EC_Ephemeral_In;
#define RC_EC_Ephemeral_curveID (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ECC_POINT Q;
UINT16 counter;
} EC_Ephemeral_Out;
TPM_RC
TPM2_EC_Ephemeral(
EC_Ephemeral_In *in, // IN: input parameter list
EC_Ephemeral_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_EC_Ephemeral_curveID (TPM_RC_P + TPM_RC_1)
#endif
// Function prototype
TPM_RC
TPM2_EC_Ephemeral(EC_Ephemeral_In* in, EC_Ephemeral_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
#endif // CC_EC_Ephemeral

View File

@ -59,97 +59,153 @@
/* */
/********************************************************************************/
// This file contains the parameter data for ECC testing.
#ifdef SELF_TEST_DATA
TPM2B_TYPE(EC_TEST, 32);
const TPM_ECC_CURVE c_testCurve = 00003;
// The static key
const TPM2B_EC_TEST c_ecTestKey_ds = {{32, {
0xdf,0x8d,0xa4,0xa3,0x88,0xf6,0x76,0x96,0x89,0xfc,0x2f,0x2d,0xa1,0xb4,0x39,0x7a,
0x78,0xc4,0x7f,0x71,0x8c,0xa6,0x91,0x85,0xc0,0xbf,0xf3,0x54,0x20,0x91,0x2f,0x73}}};
const TPM2B_EC_TEST c_ecTestKey_QsX = {{32, {
0x17,0xad,0x2f,0xcb,0x18,0xd4,0xdb,0x3f,0x2c,0x53,0x13,0x82,0x42,0x97,0xff,0x8d,
0x99,0x50,0x16,0x02,0x35,0xa7,0x06,0xae,0x1f,0xda,0xe2,0x9c,0x12,0x77,0xc0,0xf9}}};
const TPM2B_EC_TEST c_ecTestKey_QsY = {{32, {
0xa6,0xca,0xf2,0x18,0x45,0x96,0x6e,0x58,0xe6,0x72,0x34,0x12,0x89,0xcd,0xaa,0xad,
0xcb,0x68,0xb2,0x51,0xdc,0x5e,0xd1,0x6d,0x38,0x20,0x35,0x57,0xb2,0xfd,0xc7,0x52}}};
// The ephemeral key
const TPM2B_EC_TEST c_ecTestKey_de = {{32, {
0xb6,0xb5,0x33,0x5c,0xd1,0xee,0x52,0x07,0x99,0xea,0x2e,0x8f,0x8b,0x19,0x18,0x07,
0xc1,0xf8,0xdf,0xdd,0xb8,0x77,0x00,0xc7,0xd6,0x53,0x21,0xed,0x02,0x53,0xee,0xac}}};
const TPM2B_EC_TEST c_ecTestKey_QeX = {{32, {
0xa5,0x1e,0x80,0xd1,0x76,0x3e,0x8b,0x96,0xce,0xcc,0x21,0x82,0xc9,0xa2,0xa2,0xed,
0x47,0x21,0x89,0x53,0x44,0xe9,0xc7,0x92,0xe7,0x31,0x48,0x38,0xe6,0xea,0x93,0x47}}};
const TPM2B_EC_TEST c_ecTestKey_QeY = {{32, {
0x30,0xe6,0x4f,0x97,0x03,0xa1,0xcb,0x3b,0x32,0x2a,0x70,0x39,0x94,0xeb,0x4e,0xea,
0x55,0x88,0x81,0x3f,0xb5,0x00,0xb8,0x54,0x25,0xab,0xd4,0xda,0xfd,0x53,0x7a,0x18}}};
// ECDH test results
const TPM2B_EC_TEST c_ecTestEcdh_X = {{32, {
0x64,0x02,0x68,0x92,0x78,0xdb,0x33,0x52,0xed,0x3b,0xfa,0x3b,0x74,0xa3,0x3d,0x2c,
0x2f,0x9c,0x59,0x03,0x07,0xf8,0x22,0x90,0xed,0xe3,0x45,0xf8,0x2a,0x0a,0xd8,0x1d}}};
const TPM2B_EC_TEST c_ecTestEcdh_Y = {{32, {
0x58,0x94,0x05,0x82,0xbe,0x5f,0x33,0x02,0x25,0x90,0x3a,0x33,0x90,0x89,0xe3,0xe5,
0x10,0x4a,0xbc,0x78,0xa5,0xc5,0x07,0x64,0xaf,0x91,0xbc,0xe6,0xff,0x85,0x11,0x40}}};
TPM2B_TYPE(TEST_VALUE, 64);
const TPM2B_TEST_VALUE c_ecTestValue = {{64, {
0x78,0xd5,0xd4,0x56,0x43,0x61,0xdb,0x97,0xa4,0x32,0xc4,0x0b,0x06,0xa9,0xa8,0xa0,
0xf4,0x45,0x7f,0x13,0xd8,0x13,0x81,0x0b,0xe5,0x76,0xbe,0xaa,0xb6,0x3f,0x8d,0x4d,
0x23,0x65,0xcc,0xa7,0xc9,0x19,0x10,0xce,0x69,0xcb,0x0c,0xc7,0x11,0x8d,0xc3,0xff,
0x62,0x69,0xa2,0xbe,0x46,0x90,0xe7,0x7d,0x81,0x77,0x94,0x65,0x1c,0x3e,0xc1,0x3e}}};
#if ALG_SHA1_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0x57,0xf3,0x36,0xb7,0xec,0xc2,0xdd,0x76,0x0e,0xe2,0x81,0x21,0x49,0xc5,0x66,0x11,
0x4b,0x8a,0x4f,0x17,0x62,0x82,0xcc,0x06,0xf6,0x64,0x78,0xef,0x6b,0x7c,0xf2,0x6c}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32, {
0x1b,0xed,0x23,0x72,0x8f,0x17,0x5f,0x47,0x2e,0xa7,0x97,0x2c,0x51,0x57,0x20,0x70,
0x6f,0x89,0x74,0x8a,0xa8,0xf4,0x26,0xf4,0x96,0xa1,0xb8,0x3e,0xe5,0x35,0xc5,0x94}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32,{
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x1b,0x08,0x9f,0xde,
0xef,0x62,0xe3,0xf1,0x14,0xcb,0x54,0x28,0x13,0x76,0xfc,0x6d,0x69,0x22,0xb5,0x3e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0xd9,0xd3,0x20,0xfb,0x4d,0x16,0xf2,0xe6,0xe2,0x45,0x07,0x45,0x1c,0x92,0x92,0x92,
0xa9,0x6b,0x48,0xf8,0xd1,0x98,0x29,0x4d,0xd3,0x8f,0x56,0xf2,0xbb,0x2e,0x22,0x3b}}};
#endif // SHA1
#if ALG_SHA256_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0x04,0x7d,0x54,0xeb,0x04,0x6f,0x56,0xec,0xa2,0x6c,0x38,0x8c,0xeb,0x43,0x0b,0x71,
0xf8,0xf2,0xf4,0xa5,0xe0,0x1d,0x3c,0xa2,0x39,0x31,0xe4,0xe7,0x36,0x3b,0xb5,0x5f}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32, {
0x8f,0xd0,0x12,0xd9,0x24,0x75,0xf6,0xc4,0x3b,0xb5,0x46,0x75,0x3a,0x41,0x8d,0x80,
0x23,0x99,0x38,0xd7,0xe2,0x40,0xca,0x9a,0x19,0x2a,0xfc,0x54,0x75,0xd3,0x4a,0x6e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32, {
0xf7,0xb9,0x15,0x4c,0x34,0xf6,0x41,0x19,0xa3,0xd2,0xf1,0xbd,0xf4,0x13,0x6a,0x4f,
0x63,0xb8,0x4d,0xb5,0xc8,0xcd,0xde,0x85,0x95,0xa5,0x39,0x0a,0x14,0x49,0x3d,0x2f}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0xfe,0xbe,0x17,0xaa,0x31,0x22,0x9f,0xd0,0xd2,0xf5,0x25,0x04,0x92,0xb0,0xaa,0x4e,
0xcc,0x1c,0xb6,0x79,0xd6,0x42,0xb3,0x4e,0x3f,0xbb,0xfe,0x5f,0xd0,0xd0,0x8b,0xc3}}};
#endif // SHA256
#if ALG_SHA384_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0xf5,0x74,0x6d,0xd6,0xc6,0x56,0x86,0xbb,0xba,0x1c,0xba,0x75,0x65,0xee,0x64,0x31,
0xce,0x04,0xe3,0x9f,0x24,0x3f,0xbd,0xfe,0x04,0xcd,0xab,0x7e,0xfe,0xad,0xcb,0x82}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32, {
0xc2,0x4f,0x32,0xa1,0x06,0xc0,0x85,0x4f,0xc6,0xd8,0x31,0x66,0x91,0x9f,0x79,0xcd,
0x5b,0xe5,0x7b,0x94,0xa1,0x91,0x38,0xac,0xd4,0x20,0xa2,0x10,0xf0,0xd5,0x9d,0xbf}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32, {
0x1e,0xb8,0xe1,0xbf,0xa1,0x9e,0x39,0x1e,0x58,0xa2,0xe6,0x59,0xd0,0x1a,0x6a,0x03,
0x6a,0x1f,0x1c,0x4f,0x36,0x19,0xc1,0xec,0x30,0xa4,0x85,0x1b,0xe9,0x74,0x35,0x66}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0xb9,0xe6,0xe3,0x7e,0xcb,0xb9,0xea,0xf1,0xcc,0xf4,0x48,0x44,0x4a,0xda,0xc8,0xd7,
0x87,0xb4,0xba,0x40,0xfe,0x5b,0x68,0x11,0x14,0xcf,0xa0,0x0e,0x85,0x46,0x99,0x01}}};
#endif // SHA384
#if ALG_SHA512_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {{32, {
0xc9,0x71,0xa6,0xb4,0xaf,0x46,0x26,0x8c,0x27,0x00,0x06,0x3b,0x00,0x0f,0xa3,0x17,
0x72,0x48,0x40,0x49,0x4d,0x51,0x4f,0xa4,0xcb,0x7e,0x86,0xe9,0xe7,0xb4,0x79,0xb2}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {{32,{
0x87,0xbc,0xc0,0xed,0x74,0x60,0x9e,0xfa,0x4e,0xe8,0x16,0xf3,0xf9,0x6b,0x26,0x07,
0x3c,0x74,0x31,0x7e,0xf0,0x62,0x46,0xdc,0xd6,0x45,0x22,0x47,0x3e,0x0c,0xa0,0x02}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {{32,{
0xcc,0x07,0xad,0x65,0x91,0xdd,0xa0,0x10,0x23,0xae,0x53,0xec,0xdf,0xf1,0x50,0x90,
0x16,0x96,0xf4,0x45,0x09,0x73,0x9c,0x84,0xb5,0x5c,0x5f,0x08,0x51,0xcb,0x60,0x01}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {{32,{
0x55,0x20,0x21,0x54,0xe2,0x49,0x07,0x47,0x71,0xf4,0x99,0x15,0x54,0xf3,0xab,0x14,
0xdb,0x8e,0xda,0x79,0xb6,0x02,0x0e,0xe3,0x5e,0x6f,0x2c,0xb6,0x05,0xbd,0x14,0x10}}};
#endif // SHA512
#endif // SELF_TEST_DATA
// The "static" key
const TPM2B_EC_TEST c_ecTestKey_ds = {
{32, {0xdf, 0x8d, 0xa4, 0xa3, 0x88, 0xf6, 0x76, 0x96, 0x89, 0xfc, 0x2f,
0x2d, 0xa1, 0xb4, 0x39, 0x7a, 0x78, 0xc4, 0x7f, 0x71, 0x8c, 0xa6,
0x91, 0x85, 0xc0, 0xbf, 0xf3, 0x54, 0x20, 0x91, 0x2f, 0x73}}};
const TPM2B_EC_TEST c_ecTestKey_QsX = {
{32, {0x17, 0xad, 0x2f, 0xcb, 0x18, 0xd4, 0xdb, 0x3f, 0x2c, 0x53, 0x13,
0x82, 0x42, 0x97, 0xff, 0x8d, 0x99, 0x50, 0x16, 0x02, 0x35, 0xa7,
0x06, 0xae, 0x1f, 0xda, 0xe2, 0x9c, 0x12, 0x77, 0xc0, 0xf9}}};
const TPM2B_EC_TEST c_ecTestKey_QsY = {
{32, {0xa6, 0xca, 0xf2, 0x18, 0x45, 0x96, 0x6e, 0x58, 0xe6, 0x72, 0x34,
0x12, 0x89, 0xcd, 0xaa, 0xad, 0xcb, 0x68, 0xb2, 0x51, 0xdc, 0x5e,
0xd1, 0x6d, 0x38, 0x20, 0x35, 0x57, 0xb2, 0xfd, 0xc7, 0x52}}};
// The "ephemeral" key
const TPM2B_EC_TEST c_ecTestKey_de = {
{32, {0xb6, 0xb5, 0x33, 0x5c, 0xd1, 0xee, 0x52, 0x07, 0x99, 0xea, 0x2e,
0x8f, 0x8b, 0x19, 0x18, 0x07, 0xc1, 0xf8, 0xdf, 0xdd, 0xb8, 0x77,
0x00, 0xc7, 0xd6, 0x53, 0x21, 0xed, 0x02, 0x53, 0xee, 0xac}}};
const TPM2B_EC_TEST c_ecTestKey_QeX = {
{32, {0xa5, 0x1e, 0x80, 0xd1, 0x76, 0x3e, 0x8b, 0x96, 0xce, 0xcc, 0x21,
0x82, 0xc9, 0xa2, 0xa2, 0xed, 0x47, 0x21, 0x89, 0x53, 0x44, 0xe9,
0xc7, 0x92, 0xe7, 0x31, 0x48, 0x38, 0xe6, 0xea, 0x93, 0x47}}};
const TPM2B_EC_TEST c_ecTestKey_QeY = {
{32, {0x30, 0xe6, 0x4f, 0x97, 0x03, 0xa1, 0xcb, 0x3b, 0x32, 0x2a, 0x70,
0x39, 0x94, 0xeb, 0x4e, 0xea, 0x55, 0x88, 0x81, 0x3f, 0xb5, 0x00,
0xb8, 0x54, 0x25, 0xab, 0xd4, 0xda, 0xfd, 0x53, 0x7a, 0x18}}};
// ECDH test results
const TPM2B_EC_TEST c_ecTestEcdh_X = {
{32, {0x64, 0x02, 0x68, 0x92, 0x78, 0xdb, 0x33, 0x52, 0xed, 0x3b, 0xfa,
0x3b, 0x74, 0xa3, 0x3d, 0x2c, 0x2f, 0x9c, 0x59, 0x03, 0x07, 0xf8,
0x22, 0x90, 0xed, 0xe3, 0x45, 0xf8, 0x2a, 0x0a, 0xd8, 0x1d}}};
const TPM2B_EC_TEST c_ecTestEcdh_Y = {
{32, {0x58, 0x94, 0x05, 0x82, 0xbe, 0x5f, 0x33, 0x02, 0x25, 0x90, 0x3a,
0x33, 0x90, 0x89, 0xe3, 0xe5, 0x10, 0x4a, 0xbc, 0x78, 0xa5, 0xc5,
0x07, 0x64, 0xaf, 0x91, 0xbc, 0xe6, 0xff, 0x85, 0x11, 0x40}}};
TPM2B_TYPE(TEST_VALUE, 64);
const TPM2B_TEST_VALUE c_ecTestValue = {
{64,
{0x78, 0xd5, 0xd4, 0x56, 0x43, 0x61, 0xdb, 0x97, 0xa4, 0x32, 0xc4, 0x0b, 0x06,
0xa9, 0xa8, 0xa0, 0xf4, 0x45, 0x7f, 0x13, 0xd8, 0x13, 0x81, 0x0b, 0xe5, 0x76,
0xbe, 0xaa, 0xb6, 0x3f, 0x8d, 0x4d, 0x23, 0x65, 0xcc, 0xa7, 0xc9, 0x19, 0x10,
0xce, 0x69, 0xcb, 0x0c, 0xc7, 0x11, 0x8d, 0xc3, 0xff, 0x62, 0x69, 0xa2, 0xbe,
0x46, 0x90, 0xe7, 0x7d, 0x81, 0x77, 0x94, 0x65, 0x1c, 0x3e, 0xc1, 0x3e}}};
# if ALG_SHA1_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0x57, 0xf3, 0x36, 0xb7, 0xec, 0xc2, 0xdd, 0x76, 0x0e, 0xe2, 0x81,
0x21, 0x49, 0xc5, 0x66, 0x11, 0x4b, 0x8a, 0x4f, 0x17, 0x62, 0x82,
0xcc, 0x06, 0xf6, 0x64, 0x78, 0xef, 0x6b, 0x7c, 0xf2, 0x6c}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0x1b, 0xed, 0x23, 0x72, 0x8f, 0x17, 0x5f, 0x47, 0x2e, 0xa7, 0x97,
0x2c, 0x51, 0x57, 0x20, 0x70, 0x6f, 0x89, 0x74, 0x8a, 0xa8, 0xf4,
0x26, 0xf4, 0x96, 0xa1, 0xb8, 0x3e, 0xe5, 0x35, 0xc5, 0x94}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x1b, 0x08, 0x9f, 0xde, 0xef, 0x62, 0xe3, 0xf1, 0x14, 0xcb,
0x54, 0x28, 0x13, 0x76, 0xfc, 0x6d, 0x69, 0x22, 0xb5, 0x3e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0xd9, 0xd3, 0x20, 0xfb, 0x4d, 0x16, 0xf2, 0xe6, 0xe2, 0x45, 0x07,
0x45, 0x1c, 0x92, 0x92, 0x92, 0xa9, 0x6b, 0x48, 0xf8, 0xd1, 0x98,
0x29, 0x4d, 0xd3, 0x8f, 0x56, 0xf2, 0xbb, 0x2e, 0x22, 0x3b}}};
# endif // SHA1
# if ALG_SHA256_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0x04, 0x7d, 0x54, 0xeb, 0x04, 0x6f, 0x56, 0xec, 0xa2, 0x6c, 0x38,
0x8c, 0xeb, 0x43, 0x0b, 0x71, 0xf8, 0xf2, 0xf4, 0xa5, 0xe0, 0x1d,
0x3c, 0xa2, 0x39, 0x31, 0xe4, 0xe7, 0x36, 0x3b, 0xb5, 0x5f}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0x8f, 0xd0, 0x12, 0xd9, 0x24, 0x75, 0xf6, 0xc4, 0x3b, 0xb5, 0x46,
0x75, 0x3a, 0x41, 0x8d, 0x80, 0x23, 0x99, 0x38, 0xd7, 0xe2, 0x40,
0xca, 0x9a, 0x19, 0x2a, 0xfc, 0x54, 0x75, 0xd3, 0x4a, 0x6e}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0xf7, 0xb9, 0x15, 0x4c, 0x34, 0xf6, 0x41, 0x19, 0xa3, 0xd2, 0xf1,
0xbd, 0xf4, 0x13, 0x6a, 0x4f, 0x63, 0xb8, 0x4d, 0xb5, 0xc8, 0xcd,
0xde, 0x85, 0x95, 0xa5, 0x39, 0x0a, 0x14, 0x49, 0x3d, 0x2f}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0xfe, 0xbe, 0x17, 0xaa, 0x31, 0x22, 0x9f, 0xd0, 0xd2, 0xf5, 0x25,
0x04, 0x92, 0xb0, 0xaa, 0x4e, 0xcc, 0x1c, 0xb6, 0x79, 0xd6, 0x42,
0xb3, 0x4e, 0x3f, 0xbb, 0xfe, 0x5f, 0xd0, 0xd0, 0x8b, 0xc3}}};
# endif // SHA256
# if ALG_SHA384_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0xf5, 0x74, 0x6d, 0xd6, 0xc6, 0x56, 0x86, 0xbb, 0xba, 0x1c, 0xba,
0x75, 0x65, 0xee, 0x64, 0x31, 0xce, 0x04, 0xe3, 0x9f, 0x24, 0x3f,
0xbd, 0xfe, 0x04, 0xcd, 0xab, 0x7e, 0xfe, 0xad, 0xcb, 0x82}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0xc2, 0x4f, 0x32, 0xa1, 0x06, 0xc0, 0x85, 0x4f, 0xc6, 0xd8, 0x31,
0x66, 0x91, 0x9f, 0x79, 0xcd, 0x5b, 0xe5, 0x7b, 0x94, 0xa1, 0x91,
0x38, 0xac, 0xd4, 0x20, 0xa2, 0x10, 0xf0, 0xd5, 0x9d, 0xbf}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0x1e, 0xb8, 0xe1, 0xbf, 0xa1, 0x9e, 0x39, 0x1e, 0x58, 0xa2, 0xe6,
0x59, 0xd0, 0x1a, 0x6a, 0x03, 0x6a, 0x1f, 0x1c, 0x4f, 0x36, 0x19,
0xc1, 0xec, 0x30, 0xa4, 0x85, 0x1b, 0xe9, 0x74, 0x35, 0x66}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0xb9, 0xe6, 0xe3, 0x7e, 0xcb, 0xb9, 0xea, 0xf1, 0xcc, 0xf4, 0x48,
0x44, 0x4a, 0xda, 0xc8, 0xd7, 0x87, 0xb4, 0xba, 0x40, 0xfe, 0x5b,
0x68, 0x11, 0x14, 0xcf, 0xa0, 0x0e, 0x85, 0x46, 0x99, 0x01}}};
# endif // SHA384
# if ALG_SHA512_VALUE == DEFAULT_TEST_HASH
const TPM2B_EC_TEST c_TestEcDsa_r = {
{32, {0xc9, 0x71, 0xa6, 0xb4, 0xaf, 0x46, 0x26, 0x8c, 0x27, 0x00, 0x06,
0x3b, 0x00, 0x0f, 0xa3, 0x17, 0x72, 0x48, 0x40, 0x49, 0x4d, 0x51,
0x4f, 0xa4, 0xcb, 0x7e, 0x86, 0xe9, 0xe7, 0xb4, 0x79, 0xb2}}};
const TPM2B_EC_TEST c_TestEcDsa_s = {
{32, {0x87, 0xbc, 0xc0, 0xed, 0x74, 0x60, 0x9e, 0xfa, 0x4e, 0xe8, 0x16,
0xf3, 0xf9, 0x6b, 0x26, 0x07, 0x3c, 0x74, 0x31, 0x7e, 0xf0, 0x62,
0x46, 0xdc, 0xd6, 0x45, 0x22, 0x47, 0x3e, 0x0c, 0xa0, 0x02}}};
const TPM2B_EC_TEST c_TestEcSchnorr_r = {
{32, {0xcc, 0x07, 0xad, 0x65, 0x91, 0xdd, 0xa0, 0x10, 0x23, 0xae, 0x53,
0xec, 0xdf, 0xf1, 0x50, 0x90, 0x16, 0x96, 0xf4, 0x45, 0x09, 0x73,
0x9c, 0x84, 0xb5, 0x5c, 0x5f, 0x08, 0x51, 0xcb, 0x60, 0x01}}};
const TPM2B_EC_TEST c_TestEcSchnorr_s = {
{32, {0x55, 0x20, 0x21, 0x54, 0xe2, 0x49, 0x07, 0x47, 0x71, 0xf4, 0x99,
0x15, 0x54, 0xf3, 0xab, 0x14, 0xdb, 0x8e, 0xda, 0x79, 0xb6, 0x02,
0x0e, 0xe3, 0x5e, 0x6f, 0x2c, 0xb6, 0x05, 0xbd, 0x14, 0x10}}};
# endif // SHA512
#endif // SELF_TEST_DATA

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 146 */
#ifndef ENCRYPTDECRYPT2_FP_H
#define ENCRYPTDECRYPT2_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EncryptDecrypt2 // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
TPM2B_MAX_BUFFER inData;
TPMI_YES_NO decrypt;
@ -72,22 +77,23 @@ typedef struct {
TPM2B_IV ivIn;
} EncryptDecrypt2_In;
#define RC_EncryptDecrypt2_keyHandle (TPM_RC_H + TPM_RC_1)
#define RC_EncryptDecrypt2_inData (TPM_RC_P + TPM_RC_1)
#define RC_EncryptDecrypt2_decrypt (TPM_RC_P + TPM_RC_2)
#define RC_EncryptDecrypt2_mode (TPM_RC_P + TPM_RC_3)
#define RC_EncryptDecrypt2_ivIn (TPM_RC_P + TPM_RC_4)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER outData;
TPM2B_IV ivOut;
} EncryptDecrypt2_Out;
// Response code modifiers
# define RC_EncryptDecrypt2_keyHandle (TPM_RC_H + TPM_RC_1)
# define RC_EncryptDecrypt2_inData (TPM_RC_P + TPM_RC_1)
# define RC_EncryptDecrypt2_decrypt (TPM_RC_P + TPM_RC_2)
# define RC_EncryptDecrypt2_mode (TPM_RC_P + TPM_RC_3)
# define RC_EncryptDecrypt2_ivIn (TPM_RC_P + TPM_RC_4)
// Function prototype
TPM_RC
TPM2_EncryptDecrypt2(
EncryptDecrypt2_In *in, // IN: input parameter list
EncryptDecrypt2_Out *out // OUT: output parameter list
);
TPM2_EncryptDecrypt2(EncryptDecrypt2_In* in, EncryptDecrypt2_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
#endif // CC_EncryptDecrypt2

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef ENCRYPTDECRYPT_FP_H
#define ENCRYPTDECRYPT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EncryptDecrypt // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT keyHandle;
TPMI_YES_NO decrypt;
TPMI_ALG_CIPHER_MODE mode;
@ -72,22 +77,23 @@ typedef struct {
TPM2B_MAX_BUFFER inData;
} EncryptDecrypt_In;
#define RC_EncryptDecrypt_keyHandle (TPM_RC_H + TPM_RC_1)
#define RC_EncryptDecrypt_decrypt (TPM_RC_P + TPM_RC_1)
#define RC_EncryptDecrypt_mode (TPM_RC_P + TPM_RC_2)
#define RC_EncryptDecrypt_ivIn (TPM_RC_P + TPM_RC_3)
#define RC_EncryptDecrypt_inData (TPM_RC_P + TPM_RC_4)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER outData;
TPM2B_IV ivOut;
} EncryptDecrypt_Out;
// Response code modifiers
# define RC_EncryptDecrypt_keyHandle (TPM_RC_H + TPM_RC_1)
# define RC_EncryptDecrypt_decrypt (TPM_RC_P + TPM_RC_1)
# define RC_EncryptDecrypt_mode (TPM_RC_P + TPM_RC_2)
# define RC_EncryptDecrypt_ivIn (TPM_RC_P + TPM_RC_3)
# define RC_EncryptDecrypt_inData (TPM_RC_P + TPM_RC_4)
// Function prototype
TPM_RC
TPM2_EncryptDecrypt(
EncryptDecrypt_In *in, // IN: input parameter list
EncryptDecrypt_Out *out // OUT: output parameter list
);
TPM2_EncryptDecrypt(EncryptDecrypt_In* in, EncryptDecrypt_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
#endif // CC_EncryptDecrypt

View File

@ -59,30 +59,35 @@
/* */
/********************************************************************************/
/* 7.7 Encrypt Decrypt Support (EncryptDecrypt_spt.c) */
#include "Tpm.h"
#include "EncryptDecrypt_fp.h"
#include "EncryptDecrypt_spt_fp.h"
#if CC_EncryptDecrypt2
/* Error Returns Meaning */
/* TPM_RC_KEY is not a symmetric decryption key with both public and private portions loaded */
/* TPM_RC_SIZE IvIn size is incompatible with the block cipher mode; or inData size is not an even
multiple of the block size for CBC or ECB mode */
/* TPM_RC_VALUE keyHandle is restricted and the argument mode does not match the key's mode */
/*(See part 3 specification)
// symmetric encryption or decryption
*/
// Return Type: TPM_RC
// TPM_RC_KEY is not a symmetric decryption key with both
// public and private portions loaded
// TPM_RC_SIZE 'IvIn' size is incompatible with the block cipher mode;
// or 'inData' size is not an even multiple of the block
// size for CBC or ECB mode
// TPM_RC_VALUE 'keyHandle' is restricted and the argument 'mode' does
// not match the key's mode
TPM_RC
EncryptDecryptShared(
TPMI_DH_OBJECT keyHandleIn,
EncryptDecryptShared(TPMI_DH_OBJECT keyHandleIn,
TPMI_YES_NO decryptIn,
TPMI_ALG_SYM_MODE modeIn,
TPM2B_IV *ivIn,
TPM2B_MAX_BUFFER *inData,
EncryptDecrypt_Out *out
)
TPM2B_IV* ivIn,
TPM2B_MAX_BUFFER* inData,
EncryptDecrypt_Out* out)
{
OBJECT *symKey;
OBJECT* symKey;
UINT16 keySize;
UINT16 blockSize;
BYTE *key;
BYTE* key;
TPM_ALG_ID alg;
TPM_ALG_ID mode;
TPM_RC result;
@ -90,23 +95,26 @@ EncryptDecryptShared(
// Input Validation
symKey = HandleToObject(keyHandleIn);
mode = symKey->publicArea.parameters.symDetail.sym.mode.sym;
// The input key should be a symmetric key
if(symKey->publicArea.type != TPM_ALG_SYMCIPHER)
return TPM_RCS_KEY + RC_EncryptDecrypt_keyHandle;
// The key must be unrestricted and allow the selected operation
OK = !IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
TPMA_OBJECT, restricted);
OK = !IS_ATTRIBUTE(symKey->publicArea.objectAttributes, TPMA_OBJECT, restricted);
if(YES == decryptIn)
OK = OK && IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
TPMA_OBJECT, decrypt);
OK = OK
&& IS_ATTRIBUTE(
symKey->publicArea.objectAttributes, TPMA_OBJECT, decrypt);
else
OK = OK && IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
TPMA_OBJECT, sign);
OK = OK
&& IS_ATTRIBUTE(symKey->publicArea.objectAttributes, TPMA_OBJECT, sign);
if(!OK)
return TPM_RCS_ATTRIBUTES + RC_EncryptDecrypt_keyHandle;
// Make sure that key is an encrypt/decrypt key and not SMAC
if(!CryptSymModeIsValid(mode, TRUE))
return TPM_RCS_MODE + RC_EncryptDecrypt_keyHandle;
// If the key mode is not TPM_ALG_NULL...
// or TPM_ALG_NULL
if(mode != TPM_ALG_NULL)
@ -127,21 +135,26 @@ EncryptDecryptShared(
keySize = symKey->publicArea.parameters.symDetail.sym.keyBits.sym;
alg = symKey->publicArea.parameters.symDetail.sym.algorithm;
blockSize = CryptGetSymmetricBlockSize(alg, keySize);
// reverify the algorithm. This is mainly to keep static analysis tools happy
if(blockSize == 0)
return TPM_RCS_KEY + RC_EncryptDecrypt_keyHandle;
if(((mode == TPM_ALG_ECB) && (ivIn->t.size != 0))
|| ((mode != TPM_ALG_ECB) && (ivIn->t.size != blockSize)))
return TPM_RCS_SIZE + RC_EncryptDecrypt_ivIn;
// The input data size of CBC mode or ECB mode must be an even multiple of
// the symmetric algorithm's block size
if(((mode == TPM_ALG_CBC) || (mode == TPM_ALG_ECB))
&& ((inData->t.size % blockSize) != 0))
return TPM_RCS_SIZE + RC_EncryptDecrypt_inData;
// Copy IV
// Note: This is copied here so that the calls to the encrypt/decrypt functions
// will modify the output buffer, not the input buffer
out->ivOut = *ivIn;
// Command Output
key = symKey->sensitive.sensitive.sym.t.buffer;
// For symmetric encryption, the cipher data size is the same as plain data
@ -150,17 +163,28 @@ EncryptDecryptShared(
if(decryptIn == YES)
{
// Decrypt data to output
result = CryptSymmetricDecrypt(out->outData.t.buffer, alg, keySize, key,
&(out->ivOut), mode, inData->t.size,
result = CryptSymmetricDecrypt(out->outData.t.buffer,
alg,
keySize,
key,
&(out->ivOut),
mode,
inData->t.size,
inData->t.buffer);
}
else
{
// Encrypt data to output
result = CryptSymmetricEncrypt(out->outData.t.buffer, alg, keySize, key,
&(out->ivOut), mode, inData->t.size,
result = CryptSymmetricEncrypt(out->outData.t.buffer,
alg,
keySize,
key,
&(out->ivOut),
mode,
inData->t.size,
inData->t.buffer);
}
return result;
}
#endif // CC_EncryptDecrypt

View File

@ -59,17 +59,31 @@
/* */
/********************************************************************************/
#ifndef ENCRYPTDECRYPT_SPT_FP_H
#define ENCRYPTDECRYPT_SPT_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:18PM
*/
#ifndef _ENCRYPT_DECRYPT_SPT_FP_H_
#define _ENCRYPT_DECRYPT_SPT_FP_H_
#if CC_EncryptDecrypt2
// Return Type: TPM_RC
// TPM_RC_KEY is not a symmetric decryption key with both
// public and private portions loaded
// TPM_RC_SIZE 'IvIn' size is incompatible with the block cipher mode;
// or 'inData' size is not an even multiple of the block
// size for CBC or ECB mode
// TPM_RC_VALUE 'keyHandle' is restricted and the argument 'mode' does
// not match the key's mode
TPM_RC
EncryptDecryptShared(
TPMI_DH_OBJECT keyHandleIn,
EncryptDecryptShared(TPMI_DH_OBJECT keyHandleIn,
TPMI_YES_NO decryptIn,
TPMI_ALG_SYM_MODE modeIn,
TPM2B_IV *ivIn,
TPM2B_MAX_BUFFER *inData,
EncryptDecrypt_Out *out
);
TPM2B_IV* ivIn,
TPM2B_MAX_BUFFER* inData,
EncryptDecrypt_Out* out);
#endif // CC_EncryptDecrypt
#endif
#endif // _ENCRYPT_DECRYPT_SPT_FP_H_

View File

@ -78,7 +78,7 @@
// space to load it to RAM
TPM_RC
EntityGetLoadStatus(COMMAND* command // IN/OUT: command parsing structure
)
)
{
UINT32 i;
TPM_RC result = TPM_RC_SUCCESS;
@ -221,7 +221,7 @@ EntityGetLoadStatus(COMMAND* command // IN/OUT: command parsing structure
UINT16
EntityGetAuthValue(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_AUTH* auth // OUT: authValue of the entity
)
)
{
TPM2B_AUTH* pAuth = NULL;
@ -330,7 +330,7 @@ EntityGetAuthValue(TPMI_DH_ENTITY handle, // IN: handle of entity
TPMI_ALG_HASH
EntityGetAuthPolicy(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_DIGEST* authPolicy // OUT: authPolicy of the entity
)
)
{
TPMI_ALG_HASH hashAlg = TPM_ALG_NULL;
authPolicy->t.size = 0;
@ -405,7 +405,7 @@ EntityGetAuthPolicy(TPMI_DH_ENTITY handle, // IN: handle of entity
// This function returns the Name associated with a handle.
TPM2B_NAME* EntityGetName(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_NAME* name // OUT: name of entity
)
)
{
switch(HandleGetType(handle))
{
@ -441,7 +441,7 @@ TPM2B_NAME* EntityGetName(TPMI_DH_ENTITY handle, // IN: handle of entity
// c) An object handle belongs to its hierarchy.
TPMI_RH_HIERARCHY
EntityGetHierarchy(TPMI_DH_ENTITY handle // IN :handle of entity
)
)
{
TPMI_RH_HIERARCHY hierarchy = TPM_RH_NULL;

View File

@ -59,32 +59,71 @@
/* */
/********************************************************************************/
#ifndef ENTITY_FP_H
#define ENTITY_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 7, 2020 Time: 07:19:36PM
*/
#ifndef _ENTITY_FP_H_
#define _ENTITY_FP_H_
//** Functions
//*** EntityGetLoadStatus()
// This function will check that all the handles access loaded entities.
// Return Type: TPM_RC
// TPM_RC_HANDLE handle type does not match
// TPM_RC_REFERENCE_Hx entity is not present
// TPM_RC_HIERARCHY entity belongs to a disabled hierarchy
// TPM_RC_OBJECT_MEMORY handle is an evict object but there is no
// space to load it to RAM
TPM_RC
EntityGetLoadStatus(
COMMAND *command // IN/OUT: command parsing structure
);
EntityGetLoadStatus(COMMAND* command // IN/OUT: command parsing structure
);
//*** EntityGetAuthValue()
// This function is used to access the 'authValue' associated with a handle.
// This function assumes that the handle references an entity that is accessible
// and the handle is not for a persistent objects. That is EntityGetLoadStatus()
// should have been called. Also, the accessibility of the authValue should have
// been verified by IsAuthValueAvailable().
//
// This function copies the authorization value of the entity to 'auth'.
// Return Type: UINT16
// count number of bytes in the authValue with 0's stripped
UINT16
EntityGetAuthValue(
TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_AUTH *auth // OUT: authValue of the entity
);
EntityGetAuthValue(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_AUTH* auth // OUT: authValue of the entity
);
//*** EntityGetAuthPolicy()
// This function is used to access the 'authPolicy' associated with a handle.
// This function assumes that the handle references an entity that is accessible
// and the handle is not for a persistent objects. That is EntityGetLoadStatus()
// should have been called. Also, the accessibility of the authPolicy should have
// been verified by IsAuthPolicyAvailable().
//
// This function copies the authorization policy of the entity to 'authPolicy'.
//
// The return value is the hash algorithm for the policy.
TPMI_ALG_HASH
EntityGetAuthPolicy(
TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_DIGEST *authPolicy // OUT: authPolicy of the entity
);
TPM2B_NAME *
EntityGetName(
TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_NAME *name // OUT: name of entity
);
EntityGetAuthPolicy(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_DIGEST* authPolicy // OUT: authPolicy of the entity
);
//*** EntityGetName()
// This function returns the Name associated with a handle.
TPM2B_NAME* EntityGetName(TPMI_DH_ENTITY handle, // IN: handle of entity
TPM2B_NAME* name // OUT: name of entity
);
//*** EntityGetHierarchy()
// This function returns the hierarchy handle associated with an entity.
// a) A handle that is a hierarchy handle is associated with itself.
// b) An NV index belongs to TPM_RH_PLATFORM if TPMA_NV_PLATFORMCREATE,
// is SET, otherwise it belongs to TPM_RH_OWNER
// c) An object handle belongs to its hierarchy.
TPMI_RH_HIERARCHY
EntityGetHierarchy(
TPMI_DH_ENTITY handle // IN :handle of entity
);
EntityGetHierarchy(TPMI_DH_ENTITY handle // IN :handle of entity
);
#endif
#endif // _ENTITY_FP_H_

View File

@ -59,8 +59,8 @@
/* */
/********************************************************************************/
/* C.4 Entropy.c */
/* C.4.1. Includes and Local values*/
//** Includes and Local Values
#define _CRT_RAND_S
#include <stdlib.h>
#include <memory.h>
@ -70,29 +70,29 @@
#include <time.h>
#include "Platform.h"
#if defined _MSC_VER || defined _MINGW
#include <process.h>
#if defined _MSC_VER || defined _MINGW // libtpms changed
# include <process.h>
#else
#include <unistd.h>
# include <unistd.h>
#endif
/* This is the last 32-bits of hardware entropy produced. We have to check to see that two
consecutive 32-bit values are not the same because (according to FIPS 140-2, annex C */
/* "If each call to a RNG produces blocks of n bits (where n > 15), the first n-bit block generated
after power-up, initialization, or reset shall not be used, but shall be saved for comparison
with the next n-bit block to be generated. Each subsequent generation of an n-bit block shall be
compared with the previously generated block. The test shall fail if any two compared n-bit
blocks are equal." */
// This is the last 32-bits of hardware entropy produced. We have to check to
// see that two consecutive 32-bit values are not the same because
// according to FIPS 140-2, annex C:
//
// "If each call to an RNG produces blocks of n bits (where n > 15), the first
// n-bit block generated after power-up, initialization, or reset shall not be
// used, but shall be saved for comparison with the next n-bit block to be
// generated. Each subsequent generation of an n-bit block shall be compared with
// the previously generated block. The test shall fail if any two compared n-bit
// blocks are equal."
extern uint32_t lastEntropy;
/* C.4.2. Functions */
/* C.4.2.1. rand32() */
/* Local function to get a 32-bit random number */
//** Functions
static uint32_t
rand32(
void
)
//*** rand32()
// Local function to get a 32-bit random number
static uint32_t rand32(void)
{
uint32_t rndNum = rand();
#if RAND_MAX < UINT16_MAX
@ -111,17 +111,17 @@ rand32(
return rndNum;
}
/* C.4.2.2 _plat__GetEntropy() */
/* This function is used to get available hardware entropy. In a hardware implementation of this
function, there would be no call to the system to get entropy. */
/* Return Values Meaning */
/* < 0 hardware failure of the entropy generator, this is sticky */
/* >= 0 the returned amount of entropy (bytes) */
LIB_EXPORT int32_t
_plat__GetEntropy(
unsigned char *entropy, // output buffer
//*** _plat__GetEntropy()
// This function is used to get available hardware entropy. In a hardware
// implementation of this function, there would be no call to the system
// to get entropy.
// Return Type: int32_t
// < 0 hardware failure of the entropy generator, this is sticky
// >= 0 the returned amount of entropy (bytes)
//
LIB_EXPORT int32_t _plat__GetEntropy(unsigned char* entropy, // output buffer
uint32_t amount // amount requested
)
)
{
uint32_t rndNum;
int32_t ret;
@ -134,21 +134,21 @@ _plat__GetEntropy(
if(amount == 0)
{
// Seed the platform entropy source if the entropy source is software. There is
// no reason to put a guard macro (#if or #ifdef) around this code because this
// code would not be here if someone was changing it for a system with actual
// hardware.
// Seed the platform entropy source if the entropy source is software. There
// is no reason to put a guard macro (#if or #ifdef) around this code because
// this code would not be here if someone was changing it for a system with
// actual hardware.
//
// NOTE 1: The following command does not provide proper cryptographic entropy.
// Its primary purpose to make sure that different instances of the simulator,
// possibly started by a script on the same machine, are seeded differently.
// Vendors of the actual TPMs need to ensure availability of proper entropy
// using their platform specific means.
// NOTE 1: The following command does not provide proper cryptographic
// entropy. Its primary purpose to make sure that different instances of the
// simulator, possibly started by a script on the same machine, are seeded
// differently. Vendors of the actual TPMs need to ensure availability of
// proper entropy using their platform-specific means.
//
// NOTE 2: In debug builds by default the reference implementation will seed
// its RNG deterministically (without using any platform provided randomness).
// See the USE_DEBUG_RNG macro and DRBG_GetEntropy() function.
#if defined _MSC_VER || defined _MINGW
#if defined _MSC_VER || defined _MINGW // libtpms changed
srand((unsigned)_plat__RealTime() ^ _getpid());
#else
srand((unsigned)_plat__RealTime() ^ getpid());
@ -166,14 +166,15 @@ _plat__GetEntropy(
else
{
lastEntropy = rndNum;
// Each process will have its random number generator initialized according
// to the process id and the initialization time. This is not a lot of
// entropy so, to add a bit more, XOR the current time value into the
// returned entropy value.
// Each process will have its random number generator initialized
// according to the process id and the initialization time. This is not a
// lot of entropy so, to add a bit more, XOR the current time value into
// the returned entropy value.
// NOTE: the reason for including the time here rather than have it in
// in the value assigned to lastEntropy is that rand() could be broken and
// using the time would in the lastEntropy value would hide this.
rndNum ^= (uint32_t)_plat__RealTime();
// Only provide entropy 32 bits at a time to test the ability
// of the caller to deal with partial results.
ret = MIN(amount, sizeof(rndNum));
@ -182,4 +183,3 @@ _plat__GetEntropy(
}
return ret;
}

View File

@ -59,30 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef EVENTSEQUENCECOMPLETE_FP_H
#define EVENTSEQUENCECOMPLETE_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EventSequenceComplete // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_PCR pcrHandle;
TPMI_DH_OBJECT sequenceHandle;
TPM2B_MAX_BUFFER buffer;
} EventSequenceComplete_In;
#define RC_EventSequenceComplete_pcrHandle (TPM_RC_H + TPM_RC_1)
#define RC_EventSequenceComplete_sequenceHandle (TPM_RC_H + TPM_RC_2)
#define RC_EventSequenceComplete_buffer (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPML_DIGEST_VALUES results;
} EventSequenceComplete_Out;
// Response code modifiers
# define RC_EventSequenceComplete_pcrHandle (TPM_RC_H + TPM_RC_1)
# define RC_EventSequenceComplete_sequenceHandle (TPM_RC_H + TPM_RC_2)
# define RC_EventSequenceComplete_buffer (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_EventSequenceComplete(
EventSequenceComplete_In *in, // IN: input parameter list
EventSequenceComplete_Out *out // OUT: output parameter list
);
TPM2_EventSequenceComplete(EventSequenceComplete_In* in,
EventSequenceComplete_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
#endif // CC_EventSequenceComplete

View File

@ -59,24 +59,30 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef EVICTCONTROL_FP_H
#define EVICTCONTROL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_EvictControl // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_PROVISION auth;
TPMI_DH_OBJECT objectHandle;
TPMI_DH_PERSISTENT persistentHandle;
} EvictControl_In;
#define RC_EvictControl_auth (TPM_RC_H + TPM_RC_1)
#define RC_EvictControl_objectHandle (TPM_RC_H + TPM_RC_2)
#define RC_EvictControl_persistentHandle (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_EvictControl_auth (TPM_RC_H + TPM_RC_1)
# define RC_EvictControl_objectHandle (TPM_RC_H + TPM_RC_2)
# define RC_EvictControl_persistentHandle (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_EvictControl(
EvictControl_In *in // IN: input parameter list
);
TPM2_EvictControl(EvictControl_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
#endif // CC_EvictControl

View File

@ -58,22 +58,32 @@
/* */
/********************************************************************************/
/* 6.2 ExecCommand.c */
/* This file contains the entry function ExecuteCommand() which provides the main control flow for
TPM command execution. */
//** Introduction
//
// This file contains the entry function ExecuteCommand() which provides the main
// control flow for TPM command execution.
//** Includes
#include "Tpm.h"
#include "ExecCommand_fp.h"
#include "Marshal.h"
// TODO_RENAME_INC_FOLDER:platform_interface refers to the TPM_CoreLib platform interface
#include "ExecCommand_fp.h" // libtpms changed
// Uncomment this next #include if doing static command/response buffer sizing
// #include "CommandResponseSizes_fp.h"
#define TPM_HAVE_TPM2_DECLARATIONS
#include "tpm_library_intern.h" // libtpms added
/* Uncomment this next #include if doing static command/response buffer sizing */
// #include "CommandResponseSizes_fp.h"
//** ExecuteCommand()
//
// The function performs the following steps.
//
// a) Parses the command header from input buffer.
// b) Calls ParseHandleBuffer() to parse the handle area of the command.
// c) Validates that each of the handles references a loaded entity.
// d) Calls ParseSessionBuffer() () to:
// d) Calls ParseSessionBuffer () to:
// 1) unmarshal and parse the session area;
// 2) check the authorizations; and
// 3) when necessary, decrypt a parameter.
@ -81,33 +91,39 @@
// 1) unmarshal the command parameters from the command buffer;
// 2) call the routine that performs the command actions; and
// 3) marshal the responses into the response buffer.
// f) If any error occurs in any of the steps above create the error response and return.
// f) If any error occurs in any of the steps above create the error response
// and return.
// g) Calls BuildResponseSession() to:
// 1) when necessary, encrypt a parameter
// 2) build the response authorization sessions
// 3) update the audit sessions and nonces
// h) Calls BuildResponseHeader() to complete the construction of the response.
// responseSize is set by the caller to the maximum number of bytes available in the output
// buffer. ExecuteCommand() will adjust the value and return the number of bytes placed in
// the buffer.
// response is also set by the caller to indicate the buffer into which ExecuteCommand() is
// to place the response.
// request and response may point to the same buffer
// NOTE: As of February, 2016, the failure processing has been moved to the platform-specific
// code. When the TPM code encounters an unrecoverable failure, it will SET g_inFailureMode
// and call _plat__Fail(). That function should not return but may call ExecuteCommand().
LIB_EXPORT void
ExecuteCommand(
//
// 'responseSize' is set by the caller to the maximum number of bytes available in
// the output buffer. ExecuteCommand will adjust the value and return the number
// of bytes placed in the buffer.
//
// 'response' is also set by the caller to indicate the buffer into which
// ExecuteCommand is to place the response.
//
// 'request' and 'response' may point to the same buffer
//
// Note: As of February, 2016, the failure processing has been moved to the
// platform-specific code. When the TPM code encounters an unrecoverable failure, it
// will SET g_inFailureMode and call _plat__Fail(). That function should not return
// but may call ExecuteCommand().
//
LIB_EXPORT void ExecuteCommand(
uint32_t requestSize, // IN: command buffer size
unsigned char *request, // IN: command buffer
uint32_t *responseSize, // IN/OUT: response buffer size
unsigned char **response // IN/OUT: response buffer
)
unsigned char* request, // IN: command buffer
uint32_t* responseSize, // IN/OUT: response buffer size
unsigned char** response // IN/OUT: response buffer
)
{
// Command local variables
UINT32 commandSize;
COMMAND command;
// Response local variables
UINT32 maxResponse = *responseSize;
TPM_RC result; // return code for the command
@ -119,7 +135,7 @@ ExecuteCommand(
}
// This next function call is used in development to size the command and response
// buffers. The values printed are the sizes of the internal structures and
// not the sizes of the canonical forms of he command response structures. Also,
// not the sizes of the canonical forms of the command response structures. Also,
// the sizes do not include the tag, command.code, requestSize, or the authorization
// fields.
//CommandResponseSizes();
@ -142,32 +158,34 @@ ExecuteCommand(
// is not available later when it is necessary to write to NV, then the TPM
// will go into failure mode.
NvCheckState();
// Due to the limitations of the simulation, TPM clock must be explicitly
// synchronized with the system clock whenever a command is received.
// This function call is not necessary in a hardware TPM. However, taking
// a snapshot of the hardware timer at the beginning of the command allows
// the time value to be consistent for the duration of the command execution.
TimeUpdateToCurrent();
// Any command through this function will unceremoniously end the
// _TPM_Hash_Data/_TPM_Hash_End sequence.
if(g_DRTMHandle != TPM_RH_UNASSIGNED)
ObjectTerminateEvent();
// Get command buffer size and command buffer.
command.tag = 0; // libtpms added: Coverity
command.parameterBuffer = request;
command.parameterSize = requestSize;
// Parse command header: tag, commandSize and command.code.
// First parse the tag. The unmarshaling routine will validate
// that it is either TPM_ST_SESSIONS or TPM_ST_NO_SESSIONS.
result = TPMI_ST_COMMAND_TAG_Unmarshal(&command.tag,
&command.parameterBuffer,
&command.parameterSize);
result = TPMI_ST_COMMAND_TAG_Unmarshal(
&command.tag, &command.parameterBuffer, &command.parameterSize);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// Unmarshal the commandSize indicator.
result = UINT32_Unmarshal(&commandSize,
&command.parameterBuffer,
&command.parameterSize);
result = UINT32_Unmarshal(
&commandSize, &command.parameterBuffer, &command.parameterSize);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// On a TPM that receives bytes on a port, the number of bytes that were
@ -183,8 +201,8 @@ ExecuteCommand(
goto Cleanup;
}
// Unmarshal the command code.
result = TPM_CC_Unmarshal(&command.code, &command.parameterBuffer,
&command.parameterSize);
result = TPM_CC_Unmarshal(
&command.code, &command.parameterBuffer, &command.parameterSize);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// Check to see if the command is implemented.
@ -229,7 +247,7 @@ ExecuteCommand(
if(command.tag == TPM_ST_SESSIONS)
{
// Find out session buffer size.
result = UINT32_Unmarshal((UINT32 *)&command.authSize,
result = UINT32_Unmarshal((UINT32*)&command.authSize,
&command.parameterBuffer,
&command.parameterSize);
if(result != TPM_RC_SUCCESS)
@ -239,13 +257,13 @@ ExecuteCommand(
// the command, then it is an error. NOTE: This check could pass but the
// session size could still be wrong. That will be determined after the
// sessions are unmarshaled.
if(command.authSize < 9
|| command.authSize > command.parameterSize)
if(command.authSize < 9 || command.authSize > command.parameterSize)
{
result = TPM_RC_SIZE;
goto Cleanup;
}
command.parameterSize -= command.authSize;
// The actions of ParseSessionBuffer() are described in the introduction.
// As the sessions are parsed command.parameterBuffer is advanced so, on a
// successful return, command.parameterBuffer should be pointing at the
@ -266,29 +284,32 @@ ExecuteCommand(
}
// Set up the response buffer pointers. CommandDispatch will marshal the
// response parameters starting at the address in command.responseBuffer.
// *response = MemoryGetResponseBuffer(command.index);
//*response = MemoryGetResponseBuffer(command.index);
// leave space for the command header
command.responseBuffer = *response + STD_RESPONSE_HEADER;
// leave space for the parameter size field if needed
if(command.tag == TPM_ST_SESSIONS)
command.responseBuffer += sizeof(UINT32);
if(IsHandleInResponse(command.index))
command.responseBuffer += sizeof(TPM_HANDLE);
// CommandDispatcher returns a response handle buffer and a response parameter
// buffer if it succeeds. It will also set the parameterSize field in the
// buffer if the tag is TPM_RC_SESSIONS.
result = CommandDispatcher(&command);
if(result != TPM_RC_SUCCESS)
goto Cleanup;
// Build the session area at the end of the parameter area.
result = BuildResponseSession(&command);
if(result != TPM_RC_SUCCESS)
{
goto Cleanup;
}
Cleanup:
if(g_clearOrderly == TRUE
&& NV_IS_ORDERLY)
Cleanup:
if(g_clearOrderly == TRUE && NV_IS_ORDERLY)
{
#if USE_DA_USED
gp.orderlyState = g_daUsed ? SU_DA_USED_VALUE : SU_NONE_VALUE;
@ -302,9 +323,11 @@ ExecuteCommand(
// access to any object is the same. These temporary objects need to be
// cleared from RAM whether the command succeeds or fails.
ObjectCleanupEvict();
// The parameters and sessions have been marshaled. Now tack on the header and
// set the sizes
BuildResponseHeader(&command, *response, result);
// Try to commit all the writes to NV if any NV write happened during this
// command execution. This check should be made for both succeeded and failed
// commands, because a failed one may trigger a NV write in DA logic as well.
@ -319,9 +342,12 @@ ExecuteCommand(
g_updateNV = UT_NONE;
}
pAssert((UINT32)command.parameterSize <= maxResponse);
// Clear unused bits in response buffer.
MemorySet(*response + *responseSize, 0, maxResponse - *responseSize);
// as a final act, and not before, update the response size.
*responseSize = (UINT32)command.parameterSize;
return;
}

View File

@ -59,15 +59,56 @@
/* */
/********************************************************************************/
#ifndef EXECCOMMAND_FP_H
#define EXECCOMMAND_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
LIB_EXPORT void
ExecuteCommand(
#ifndef _EXEC_COMMAND_FP_H_
#define _EXEC_COMMAND_FP_H_
//** ExecuteCommand()
//
// The function performs the following steps.
//
// a) Parses the command header from input buffer.
// b) Calls ParseHandleBuffer() to parse the handle area of the command.
// c) Validates that each of the handles references a loaded entity.
// d) Calls ParseSessionBuffer () to:
// 1) unmarshal and parse the session area;
// 2) check the authorizations; and
// 3) when necessary, decrypt a parameter.
// e) Calls CommandDispatcher() to:
// 1) unmarshal the command parameters from the command buffer;
// 2) call the routine that performs the command actions; and
// 3) marshal the responses into the response buffer.
// f) If any error occurs in any of the steps above create the error response
// and return.
// g) Calls BuildResponseSession() to:
// 1) when necessary, encrypt a parameter
// 2) build the response authorization sessions
// 3) update the audit sessions and nonces
// h) Calls BuildResponseHeader() to complete the construction of the response.
//
// 'responseSize' is set by the caller to the maximum number of bytes available in
// the output buffer. ExecuteCommand will adjust the value and return the number
// of bytes placed in the buffer.
//
// 'response' is also set by the caller to indicate the buffer into which
// ExecuteCommand is to place the response.
//
// 'request' and 'response' may point to the same buffer
//
// Note: As of February, 2016, the failure processing has been moved to the
// platform-specific code. When the TPM code encounters an unrecoverable failure, it
// will SET g_inFailureMode and call _plat__Fail(). That function should not return
// but may call ExecuteCommand().
//
LIB_EXPORT void ExecuteCommand(
uint32_t requestSize, // IN: command buffer size
unsigned char *request, // IN: command buffer
uint32_t *responseSize, // IN/OUT: response buffer size
unsigned char **response // IN/OUT: response buffer
);
unsigned char* request, // IN: command buffer
uint32_t* responseSize, // IN/OUT: response buffer size
unsigned char** response // IN/OUT: response buffer
);
#endif
#endif // _EXEC_COMMAND_FP_H_

View File

@ -59,20 +59,26 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef FLUSHCONTEXT_FP_H
#define FLUSHCONTEXT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_FlushContext // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_CONTEXT flushHandle;
} FlushContext_In;
#define RC_FlushContext_flushHandle (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_FlushContext_flushHandle (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_FlushContext(
FlushContext_In *in // IN: input parameter list
);
TPM2_FlushContext(FlushContext_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
#endif // CC_FlushContext

View File

@ -59,32 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETCAPABILITY_FP_H
#define GETCAPABILITY_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetCapability // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
// Input structure definition
typedef struct
{
TPM_CAP capability;
UINT32 property;
UINT32 propertyCount;
} GetCapability_In;
#define RC_GetCapability_capability (TPM_RC_P + TPM_RC_1)
#define RC_GetCapability_property (TPM_RC_P + TPM_RC_2)
#define RC_GetCapability_propertyCount (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPMI_YES_NO moreData;
TPMS_CAPABILITY_DATA capabilityData;
} GetCapability_Out;
// Response code modifiers
# define RC_GetCapability_capability (TPM_RC_P + TPM_RC_1)
# define RC_GetCapability_property (TPM_RC_P + TPM_RC_2)
# define RC_GetCapability_propertyCount (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_GetCapability(
GetCapability_In *in, // IN: input parameter list
GetCapability_Out *out // OUT: output parameter list
);
TPM2_GetCapability(GetCapability_In* in, GetCapability_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
#endif // CC_GetCapability

View File

@ -59,33 +59,40 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETCOMMANDAUDITDIGEST_FP_H
#define GETCOMMANDAUDITDIGEST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetCommandAuditDigest // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ENDORSEMENT privacyHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA qualifyingData;
TPMT_SIG_SCHEME inScheme;
} GetCommandAuditDigest_In;
#define RC_GetCommandAuditDigest_privacyHandle (TPM_RC_H + TPM_RC_1)
#define RC_GetCommandAuditDigest_signHandle (TPM_RC_H + TPM_RC_2)
#define RC_GetCommandAuditDigest_qualifyingData (TPM_RC_P + TPM_RC_1)
#define RC_GetCommandAuditDigest_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ATTEST auditInfo;
TPMT_SIGNATURE signature;
} GetCommandAuditDigest_Out;
// Response code modifiers
# define RC_GetCommandAuditDigest_privacyHandle (TPM_RC_H + TPM_RC_1)
# define RC_GetCommandAuditDigest_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_GetCommandAuditDigest_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_GetCommandAuditDigest_inScheme (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_GetCommandAuditDigest(
GetCommandAuditDigest_In *in, // IN: input parameter list
GetCommandAuditDigest_Out *out // OUT: output parameter list
);
TPM2_GetCommandAuditDigest(GetCommandAuditDigest_In* in,
GetCommandAuditDigest_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
#endif // CC_GetCommandAuditDigest

View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETRANDOM_FP_H
#define GETRANDOM_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetRandom // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
// Input structure definition
typedef struct
{
UINT16 bytesRequested;
} GetRandom_In;
#define RC_GetRandom_bytesRequested (TPM_RC_P + TPM_RC_1)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DIGEST randomBytes;
} GetRandom_Out;
// Response code modifiers
# define RC_GetRandom_bytesRequested (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_GetRandom(
GetRandom_In *in, // IN: input parameter list
GetRandom_Out *out // OUT: output parameter list
);
TPM2_GetRandom(GetRandom_In* in, GetRandom_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
#endif // CC_GetRandom

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETSESSIONAUDITDIGEST_FP_H
#define GETSESSIONAUDITDIGEST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetSessionAuditDigest // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ENDORSEMENT privacyAdminHandle;
TPMI_DH_OBJECT signHandle;
TPMI_SH_HMAC sessionHandle;
@ -72,22 +77,24 @@ typedef struct {
TPMT_SIG_SCHEME inScheme;
} GetSessionAuditDigest_In;
#define RC_GetSessionAuditDigest_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
#define RC_GetSessionAuditDigest_signHandle (TPM_RC_H + TPM_RC_2)
#define RC_GetSessionAuditDigest_sessionHandle (TPM_RC_H + TPM_RC_3)
#define RC_GetSessionAuditDigest_qualifyingData (TPM_RC_P + TPM_RC_1)
#define RC_GetSessionAuditDigest_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ATTEST auditInfo;
TPMT_SIGNATURE signature;
} GetSessionAuditDigest_Out;
// Response code modifiers
# define RC_GetSessionAuditDigest_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
# define RC_GetSessionAuditDigest_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_GetSessionAuditDigest_sessionHandle (TPM_RC_H + TPM_RC_3)
# define RC_GetSessionAuditDigest_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_GetSessionAuditDigest_inScheme (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_GetSessionAuditDigest(
GetSessionAuditDigest_In *in, // IN: input parameter list
GetSessionAuditDigest_Out *out // OUT: output parameter list
);
TPM2_GetSessionAuditDigest(GetSessionAuditDigest_In* in,
GetSessionAuditDigest_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
#endif // CC_GetSessionAuditDigest

View File

@ -59,21 +59,24 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETTESTRESULT_FP_H
#define GETTESTRESULT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct{
#if CC_GetTestResult // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
// Output structure definition
typedef struct
{
TPM2B_MAX_BUFFER outData;
TPM_RC testResult;
} GetTestResult_Out;
// Function prototype
TPM_RC
TPM2_GetTestResult(GetTestResult_Out* out);
TPM_RC
TPM2_GetTestResult(
GetTestResult_Out *out // OUT: output parameter list
);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
#endif // CC_GetTestResult

View File

@ -59,33 +59,39 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef GETTIME_FP_H
#define GETTIME_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_GetTime // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_ENDORSEMENT privacyAdminHandle;
TPMI_DH_OBJECT signHandle;
TPM2B_DATA qualifyingData;
TPMT_SIG_SCHEME inScheme;
} GetTime_In;
#define RC_GetTime_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
#define RC_GetTime_signHandle (TPM_RC_H + TPM_RC_2)
#define RC_GetTime_qualifyingData (TPM_RC_P + TPM_RC_1)
#define RC_GetTime_inScheme (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_ATTEST timeInfo;
TPMT_SIGNATURE signature;
} GetTime_Out;
// Response code modifiers
# define RC_GetTime_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
# define RC_GetTime_signHandle (TPM_RC_H + TPM_RC_2)
# define RC_GetTime_qualifyingData (TPM_RC_P + TPM_RC_1)
# define RC_GetTime_inScheme (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_GetTime(
GetTime_In *in, // IN: input parameter list
GetTime_Out *out // OUT: output parameter list
);
TPM2_GetTime(GetTime_In* in, GetTime_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
#endif // CC_GetTime

View File

@ -58,6 +58,7 @@
/* */
/********************************************************************************/
//** Description
// This file contains internal global type definitions and data declarations that
@ -531,11 +532,11 @@ typedef struct PCR_AUTH_VALUE
// This enumeration is the possible startup types. The type is determined
// by the combination of TPM2_ShutDown and TPM2_Startup.
typedef enum
{
{
SU_RESET,
SU_RESTART,
SU_RESUME
} STARTUP_TYPE;
} STARTUP_TYPE;
//**NV
@ -848,13 +849,13 @@ typedef struct
// TPM2_Clear().
UINT32 resetCount;
//*********************************************************************************
// PCR
//*********************************************************************************
// This structure hold the policies for those PCR that have an update policy.
// This implementation only supports a single group of PCR controlled by
// policy. If more are required, then this structure would be changed to
// an array.
//*********************************************************************************
// PCR
//*********************************************************************************
// This structure hold the policies for those PCR that have an update policy.
// This implementation only supports a single group of PCR controlled by
// policy. If more are required, then this structure would be changed to
// an array.
# if defined NUM_POLICY_PCR_GROUP && NUM_POLICY_PCR_GROUP > 0
PCR_POLICY pcrPolicies;
# endif
@ -937,12 +938,12 @@ typedef struct
// In the reference implementation, if this value is printed as a hex
// value, it will have the format of 00 HH MM SS
UINT32 firmwareV2;
//*****************************************************************************
// Timer Epoch
//*****************************************************************************
// timeEpoch contains a nonce that has a vendor=specific size (should not be
// less than 8 bytes. This nonce changes when the clock epoch changes. The clock
// epoch changes when there is a discontinuity in the timing of the TPM.
//*****************************************************************************
// Timer Epoch
//*****************************************************************************
// timeEpoch contains a nonce that has a vendor=specific size (should not be
// less than 8 bytes. This nonce changes when the clock epoch changes. The clock
// epoch changes when there is a discontinuity in the timing of the TPM.
# if !CLOCK_STOPS
CLOCK_NONCE timeEpoch;
# endif
@ -982,8 +983,8 @@ typedef struct orderly_data
// accumulate.
DRBG_STATE drbgState;
// These values allow the accumulation of self-healing time across orderly shutdown
// of the TPM.
// These values allow the accumulation of self-healing time across orderly shutdown
// of the TPM.
# if ACCUMULATE_SELF_HEAL_TIMER
UINT64 selfHealTimer; // current value of s_selfHealTimer
UINT64 lockoutTimer; // current value of s_lockoutTimer
@ -992,7 +993,7 @@ typedef struct orderly_data
#ifndef __ACT_DISABLED // libtpms added
#error ACT not supported in ORDERLY_DATA!
// These are the ACT Timeout values. They are saved with the other timers
// These are the ACT Timeout values. They are saved with the other timers
# define DefineActData(N) ACT_STATE ACT_##N;
FOR_EACH_ACT(DefineActData)
@ -1057,9 +1058,9 @@ typedef struct state_clear_data
PCR_AUTHVALUE pcrAuthValues;
#ifndef __ACT_DISABLED // libtpms added
//*****************************************************************************
// ACT
//*****************************************************************************
//*****************************************************************************
// ACT
//*****************************************************************************
# define DefineActPolicySpace(N) TPMT_HA act_##N;
FOR_EACH_ACT(DefineActPolicySpace)
@ -1093,9 +1094,9 @@ typedef struct state_reset_data
// default reset value is from the RNG.
TPM2B_SEED nullSeed; // The seed value for the TPM_RN_NULL
SEED_COMPAT_LEVEL nullSeedCompatLevel; // libtpms added
// hierarchy. The default reset value
// is from the RNG.
SEED_COMPAT_LEVEL nullSeedCompatLevel; // libtpms added
//*****************************************************************************
// Context
@ -1501,7 +1502,7 @@ EXTERN int s_freeSessionSlots;
// dispatch code will marshal the response values into the final output buffer.
EXTERN UINT64 s_actionIoBuffer[768]; // action I/O buffer
EXTERN UINT32 s_actionIoAllocation; // number of UIN64 allocated for the
// action input structure
// action input structure
# endif // IO_BUFFER_C
//*****************************************************************************

View File

@ -101,9 +101,9 @@
# endif
#endif // FAIL_TRACE
// SETFAILED calls TpmFail. It may or may not return based on the NO_LONGJMP flag.
// CODELOCATOR is a macro that expands to either one 64-bit value that encodes the
// location, or two parameters: Function Name and Line Number.
// SETFAILED calls TpmFail. It may or may not return based on the NO_LONGJMP flag.
// CODELOCATOR is a macro that expands to either one 64-bit value that encodes the
// location, or two parameters: Function Name and Line Number.
#define SETFAILED(errorCode) (TpmFail(CODELOCATOR(), errorCode))
// If implementation is using longjmp, then calls to TpmFail() will never
@ -407,7 +407,7 @@
#include "MinMax.h"
#ifndef IsOdd
# define IsOdd(a) (((a)&1) != 0)
# define IsOdd(a) (((a) & 1) != 0)
#endif
#ifndef BITS_TO_BYTES

View File

@ -59,30 +59,36 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HMAC_START_FP_H
#define HMAC_START_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HMAC_Start // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT handle;
TPM2B_AUTH auth;
TPMI_ALG_HASH hashAlg;
} HMAC_Start_In;
typedef struct {
// Output structure definition
typedef struct
{
TPMI_DH_OBJECT sequenceHandle;
} HMAC_Start_Out;
#define RC_HMAC_Start_handle (TPM_RC_H + TPM_RC_1)
#define RC_HMAC_Start_auth (TPM_RC_P + TPM_RC_1)
#define RC_HMAC_Start_hashAlg (TPM_RC_P + TPM_RC_2)
// Response code modifiers
# define RC_HMAC_Start_handle (TPM_RC_H + TPM_RC_1)
# define RC_HMAC_Start_auth (TPM_RC_P + TPM_RC_1)
# define RC_HMAC_Start_hashAlg (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_HMAC_Start(
HMAC_Start_In *in, // IN: input parameter list
HMAC_Start_Out *out // OUT: output parameter list
);
TPM2_HMAC_Start(HMAC_Start_In* in, HMAC_Start_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
#endif // CC_HMAC_Start

View File

@ -59,30 +59,36 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HMAC_FP_H
#define HMAC_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HMAC // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT handle;
TPM2B_MAX_BUFFER buffer;
TPMI_ALG_HASH hashAlg;
} HMAC_In;
#define RC_HMAC_handle (TPM_RC_H + TPM_RC_1)
#define RC_HMAC_buffer (TPM_RC_P + TPM_RC_1)
#define RC_HMAC_hashAlg (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DIGEST outHMAC;
} HMAC_Out;
// Response code modifiers
# define RC_HMAC_handle (TPM_RC_H + TPM_RC_1)
# define RC_HMAC_buffer (TPM_RC_P + TPM_RC_1)
# define RC_HMAC_hashAlg (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_HMAC(
HMAC_In *in, // IN: input parameter list
HMAC_Out *out // OUT: output parameter list
);
TPM2_HMAC(HMAC_In* in, HMAC_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
#endif // CC_HMAC

View File

@ -70,7 +70,7 @@
// This function returns the type of a handle which is the MSO of the handle.
TPM_HT
HandleGetType(TPM_HANDLE handle // IN: a handle to be checked
)
)
{
// return the upper bytes of input data
return (TPM_HT)((handle & HR_RANGE_MASK) >> HR_SHIFT);
@ -82,7 +82,7 @@ HandleGetType(TPM_HANDLE handle // IN: a handle to be checked
// is no next higher value, it returns 0:
TPM_HANDLE
NextPermanentHandle(TPM_HANDLE inHandle // IN: the handle to check
)
)
{
// If inHandle is below the start of the range of permanent handles
// set it to the start and scan from there
@ -128,7 +128,7 @@ NextPermanentHandle(TPM_HANDLE inHandle // IN: the handle to check
#if VENDOR_PERMANENT_AUTH_ENABLED == YES
case VENDOR_PERMANENT_AUTH_HANDLE:
#endif
// Each of the implemented ACT
// Each of the implemented ACT
#define ACT_IMPLEMENTED_CASE(N) case TPM_RH_ACT_##N:
FOR_EACH_ACT(ACT_IMPLEMENTED_CASE)
@ -154,7 +154,7 @@ TPMI_YES_NO
PermanentCapGetHandles(TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: count of returned handles
TPML_HANDLE* handleList // OUT: list of handle
)
)
{
TPMI_YES_NO more = NO;
UINT32 i;
@ -219,7 +219,7 @@ TPMI_YES_NO
PermanentHandleGetPolicy(TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: max count of returned handles
TPML_TAGGED_POLICY* policyList // OUT: list of handle
)
)
{
TPMI_YES_NO more = NO;
@ -268,7 +268,7 @@ PermanentHandleGetPolicy(TPM_HANDLE handle, // IN: start handle
// This function returns a permanent handle's policy, if present.
BOOL PermanentHandleGetOnePolicy(TPM_HANDLE handle, // IN: handle
TPMS_TAGGED_POLICY* policy // OUT: tagged policy
)
)
{
pAssert(HandleGetType(handle) == TPM_HT_PERMANENT);

View File

@ -58,33 +58,63 @@
/* */
/********************************************************************************/
#ifndef HANDLE_FP_H
#define HANDLE_FP_H
/*(Auto-generated)
* Created by TpmPrototypes; Version 3.0 July 18, 2017
* Date: Mar 28, 2019 Time: 08:25:19PM
*/
#ifndef _HANDLE_FP_H_
#define _HANDLE_FP_H_
//*** HandleGetType()
// This function returns the type of a handle which is the MSO of the handle.
TPM_HT
HandleGetType(
TPM_HANDLE handle // IN: a handle to be checked
);
HandleGetType(TPM_HANDLE handle // IN: a handle to be checked
);
//*** NextPermanentHandle()
// This function returns the permanent handle that is equal to the input value or
// is the next higher value. If there is no handle with the input value and there
// is no next higher value, it returns 0:
TPM_HANDLE
NextPermanentHandle(
TPM_HANDLE inHandle // IN: the handle to check
);
NextPermanentHandle(TPM_HANDLE inHandle // IN: the handle to check
);
//*** PermanentCapGetHandles()
// This function returns a list of the permanent handles of PCR, started from
// 'handle'. If 'handle' is larger than the largest permanent handle, an empty list
// will be returned with 'more' set to NO.
// Return Type: TPMI_YES_NO
// YES if there are more handles available
// NO all the available handles has been returned
TPMI_YES_NO
PermanentCapGetHandles(
TPM_HANDLE handle, // IN: start handle
PermanentCapGetHandles(TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: count of returned handles
TPML_HANDLE *handleList // OUT: list of handle
);
TPML_HANDLE* handleList // OUT: list of handle
);
//*** PermanentCapGetOneHandle()
// This function returns whether a permanent handle exists.
BOOL PermanentCapGetOneHandle(TPM_HANDLE handle // IN: handle
);
);
//*** PermanentHandleGetPolicy()
// This function returns a list of the permanent handles of PCR, started from
// 'handle'. If 'handle' is larger than the largest permanent handle, an empty list
// will be returned with 'more' set to NO.
// Return Type: TPMI_YES_NO
// YES if there are more handles available
// NO all the available handles has been returned
TPMI_YES_NO
PermanentHandleGetPolicy(
TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: count of returned handles
TPML_TAGGED_POLICY *policyList // OUT: list of handle
);
PermanentHandleGetPolicy(TPM_HANDLE handle, // IN: start handle
UINT32 count, // IN: max count of returned handles
TPML_TAGGED_POLICY* policyList // OUT: list of handle
);
//*** PermanentHandleGetOnePolicy()
// This function returns a permanent handle's policy, if present.
BOOL PermanentHandleGetOnePolicy(TPM_HANDLE handle, // IN: handle
TPMS_TAGGED_POLICY* policy // OUT: tagged policy
);
);
#endif
#endif // _HANDLE_FP_H_

View File

@ -59,30 +59,34 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HASHSEQUENCESTART_FP_H
#define HASHSEQUENCESTART_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HashSequenceStart // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
// Input structure definition
typedef struct
{
TPM2B_AUTH auth;
TPMI_ALG_HASH hashAlg;
} HashSequenceStart_In;
#define RC_HashSequenceStart_auth (TPM_RC_P + TPM_RC_1)
#define RC_HashSequenceStart_hashAlg (TPM_RC_P + TPM_RC_2)
typedef struct {
// Output structure definition
typedef struct
{
TPMI_DH_OBJECT sequenceHandle;
} HashSequenceStart_Out;
// Response code modifiers
# define RC_HashSequenceStart_auth (TPM_RC_P + TPM_RC_1)
# define RC_HashSequenceStart_hashAlg (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_HashSequenceStart(
HashSequenceStart_In *in, // IN: input parameter list
HashSequenceStart_Out *out // OUT: output parameter list
);
TPM2_HashSequenceStart(HashSequenceStart_In* in, HashSequenceStart_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
#endif // CC_HashSequenceStart

View File

@ -59,72 +59,81 @@
/* */
/********************************************************************************/
#ifndef HASHTESTDATA_H
#define HASHTESTDATA_H
//
// Hash Test Vectors
//
/* 10.1.8 HashTestData.h */
/* Hash Test Vectors */
TPM2B_TYPE(HASH_TEST_KEY, 128); // Twice the largest digest size
TPM2B_HASH_TEST_KEY c_hashTestKey = {{128, {
0xa0,0xed,0x5c,0x9a,0xd2,0x4a,0x21,0x40,0x1a,0xd0,0x81,0x47,0x39,0x63,0xf9,0x50,
0xdc,0x59,0x47,0x11,0x40,0x13,0x99,0x92,0xc0,0x72,0xa4,0x0f,0xe2,0x33,0xe4,0x63,
0x9b,0xb6,0x76,0xc3,0x1e,0x6f,0x13,0xee,0xcc,0x99,0x71,0xa5,0xc0,0xcf,0x9a,0x40,
0xcf,0xdb,0x66,0x70,0x05,0x63,0x54,0x12,0x25,0xf4,0xe0,0x1b,0x23,0x35,0xe3,0x70,
0x7d,0x19,0x5f,0x00,0xe4,0xf1,0x61,0x73,0x05,0xd8,0x58,0x7f,0x60,0x61,0x84,0x36,
0xec,0xbe,0x96,0x1b,0x69,0x00,0xf0,0x9a,0x6e,0xe3,0x26,0x73,0x0d,0x17,0x5b,0x33,
0x41,0x44,0x9d,0x90,0xab,0xd9,0x6b,0x7d,0x48,0x99,0x25,0x93,0x29,0x14,0x2b,0xce,
0x93,0x8d,0x8c,0xaf,0x31,0x0e,0x9c,0x57,0xd8,0x5b,0x57,0x20,0x1b,0x9f,0x2d,0xa5
}}};
TPM2B_HASH_TEST_KEY c_hashTestKey = {
{128,
{0xa0, 0xed, 0x5c, 0x9a, 0xd2, 0x4a, 0x21, 0x40, 0x1a, 0xd0, 0x81, 0x47, 0x39,
0x63, 0xf9, 0x50, 0xdc, 0x59, 0x47, 0x11, 0x40, 0x13, 0x99, 0x92, 0xc0, 0x72,
0xa4, 0x0f, 0xe2, 0x33, 0xe4, 0x63, 0x9b, 0xb6, 0x76, 0xc3, 0x1e, 0x6f, 0x13,
0xee, 0xcc, 0x99, 0x71, 0xa5, 0xc0, 0xcf, 0x9a, 0x40, 0xcf, 0xdb, 0x66, 0x70,
0x05, 0x63, 0x54, 0x12, 0x25, 0xf4, 0xe0, 0x1b, 0x23, 0x35, 0xe3, 0x70, 0x7d,
0x19, 0x5f, 0x00, 0xe4, 0xf1, 0x61, 0x73, 0x05, 0xd8, 0x58, 0x7f, 0x60, 0x61,
0x84, 0x36, 0xec, 0xbe, 0x96, 0x1b, 0x69, 0x00, 0xf0, 0x9a, 0x6e, 0xe3, 0x26,
0x73, 0x0d, 0x17, 0x5b, 0x33, 0x41, 0x44, 0x9d, 0x90, 0xab, 0xd9, 0x6b, 0x7d,
0x48, 0x99, 0x25, 0x93, 0x29, 0x14, 0x2b, 0xce, 0x93, 0x8d, 0x8c, 0xaf, 0x31,
0x0e, 0x9c, 0x57, 0xd8, 0x5b, 0x57, 0x20, 0x1b, 0x9f, 0x2d, 0xa5}}};
TPM2B_TYPE(HASH_TEST_DATA, 256); // Twice the largest block size
TPM2B_HASH_TEST_DATA c_hashTestData = {{256, {
0x88,0xac,0xc3,0xe5,0x5f,0x66,0x9d,0x18,0x80,0xc9,0x7a,0x9c,0xa4,0x08,0x90,0x98,
0x0f,0x3a,0x53,0x92,0x4c,0x67,0x4e,0xb7,0x37,0xec,0x67,0x87,0xb6,0xbe,0x10,0xca,
0x11,0x5b,0x4a,0x0b,0x45,0xc3,0x32,0x68,0x48,0x69,0xce,0x25,0x1b,0xc8,0xaf,0x44,
0x79,0x22,0x83,0xc8,0xfb,0xe2,0x63,0x94,0xa2,0x3c,0x59,0x3e,0x3e,0xc6,0x64,0x2c,
0x1f,0x8c,0x11,0x93,0x24,0xa3,0x17,0xc5,0x2f,0x37,0xcf,0x95,0x97,0x8e,0x63,0x39,
0x68,0xd5,0xca,0xba,0x18,0x37,0x69,0x6e,0x4f,0x19,0xfd,0x8a,0xc0,0x8d,0x87,0x3a,
0xbc,0x31,0x42,0x04,0x05,0xef,0xb5,0x02,0xef,0x1e,0x92,0x4b,0xb7,0x73,0x2c,0x8c,
0xeb,0x23,0x13,0x81,0x34,0xb9,0xb5,0xc1,0x17,0x37,0x39,0xf8,0x3e,0xe4,0x4c,0x06,
0xa8,0x81,0x52,0x2f,0xef,0xc9,0x9c,0x69,0x89,0xbc,0x85,0x9c,0x30,0x16,0x02,0xca,
0xe3,0x61,0xd4,0x0f,0xed,0x34,0x1b,0xca,0xc1,0x1b,0xd1,0xfa,0xc1,0xa2,0xe0,0xdf,
0x52,0x2f,0x0b,0x4b,0x9f,0x0e,0x45,0x54,0xb9,0x17,0xb6,0xaf,0xd6,0xd5,0xca,0x90,
0x29,0x57,0x7b,0x70,0x50,0x94,0x5c,0x8e,0xf6,0x4e,0x21,0x8b,0xc6,0x8b,0xa6,0xbc,
0xb9,0x64,0xd4,0x4d,0xf3,0x68,0xd8,0xac,0xde,0xd8,0xd8,0xb5,0x6d,0xcd,0x93,0xeb,
0x28,0xa4,0xe2,0x5c,0x44,0xef,0xf0,0xe1,0x6f,0x38,0x1a,0x3c,0xe6,0xef,0xa2,0x9d,
0xb9,0xa8,0x05,0x2a,0x95,0xec,0x5f,0xdb,0xb0,0x25,0x67,0x9c,0x86,0x7a,0x8e,0xea,
0x51,0xcc,0xc3,0xd3,0xff,0x6e,0xf0,0xed,0xa3,0xae,0xf9,0x5d,0x33,0x70,0xf2,0x11
}}};
TPM2B_HASH_TEST_DATA c_hashTestData = {
{256,
{0x88, 0xac, 0xc3, 0xe5, 0x5f, 0x66, 0x9d, 0x18, 0x80, 0xc9, 0x7a, 0x9c, 0xa4,
0x08, 0x90, 0x98, 0x0f, 0x3a, 0x53, 0x92, 0x4c, 0x67, 0x4e, 0xb7, 0x37, 0xec,
0x67, 0x87, 0xb6, 0xbe, 0x10, 0xca, 0x11, 0x5b, 0x4a, 0x0b, 0x45, 0xc3, 0x32,
0x68, 0x48, 0x69, 0xce, 0x25, 0x1b, 0xc8, 0xaf, 0x44, 0x79, 0x22, 0x83, 0xc8,
0xfb, 0xe2, 0x63, 0x94, 0xa2, 0x3c, 0x59, 0x3e, 0x3e, 0xc6, 0x64, 0x2c, 0x1f,
0x8c, 0x11, 0x93, 0x24, 0xa3, 0x17, 0xc5, 0x2f, 0x37, 0xcf, 0x95, 0x97, 0x8e,
0x63, 0x39, 0x68, 0xd5, 0xca, 0xba, 0x18, 0x37, 0x69, 0x6e, 0x4f, 0x19, 0xfd,
0x8a, 0xc0, 0x8d, 0x87, 0x3a, 0xbc, 0x31, 0x42, 0x04, 0x05, 0xef, 0xb5, 0x02,
0xef, 0x1e, 0x92, 0x4b, 0xb7, 0x73, 0x2c, 0x8c, 0xeb, 0x23, 0x13, 0x81, 0x34,
0xb9, 0xb5, 0xc1, 0x17, 0x37, 0x39, 0xf8, 0x3e, 0xe4, 0x4c, 0x06, 0xa8, 0x81,
0x52, 0x2f, 0xef, 0xc9, 0x9c, 0x69, 0x89, 0xbc, 0x85, 0x9c, 0x30, 0x16, 0x02,
0xca, 0xe3, 0x61, 0xd4, 0x0f, 0xed, 0x34, 0x1b, 0xca, 0xc1, 0x1b, 0xd1, 0xfa,
0xc1, 0xa2, 0xe0, 0xdf, 0x52, 0x2f, 0x0b, 0x4b, 0x9f, 0x0e, 0x45, 0x54, 0xb9,
0x17, 0xb6, 0xaf, 0xd6, 0xd5, 0xca, 0x90, 0x29, 0x57, 0x7b, 0x70, 0x50, 0x94,
0x5c, 0x8e, 0xf6, 0x4e, 0x21, 0x8b, 0xc6, 0x8b, 0xa6, 0xbc, 0xb9, 0x64, 0xd4,
0x4d, 0xf3, 0x68, 0xd8, 0xac, 0xde, 0xd8, 0xd8, 0xb5, 0x6d, 0xcd, 0x93, 0xeb,
0x28, 0xa4, 0xe2, 0x5c, 0x44, 0xef, 0xf0, 0xe1, 0x6f, 0x38, 0x1a, 0x3c, 0xe6,
0xef, 0xa2, 0x9d, 0xb9, 0xa8, 0x05, 0x2a, 0x95, 0xec, 0x5f, 0xdb, 0xb0, 0x25,
0x67, 0x9c, 0x86, 0x7a, 0x8e, 0xea, 0x51, 0xcc, 0xc3, 0xd3, 0xff, 0x6e, 0xf0,
0xed, 0xa3, 0xae, 0xf9, 0x5d, 0x33, 0x70, 0xf2, 0x11}}};
#if ALG_SHA1 == YES
TPM2B_TYPE(SHA1, 20);
TPM2B_SHA1 c_SHA1_digest = {{20, {
0xee,0x2c,0xef,0x93,0x76,0xbd,0xf8,0x91,0xbc,0xe6,0xe5,0x57,0x53,0x77,0x01,0xb5,
0x70,0x95,0xe5,0x40
}}};
TPM2B_SHA1 c_SHA1_digest = {
{20, {0xee, 0x2c, 0xef, 0x93, 0x76, 0xbd, 0xf8, 0x91, 0xbc, 0xe6,
0xe5, 0x57, 0x53, 0x77, 0x01, 0xb5, 0x70, 0x95, 0xe5, 0x40}}};
#endif
#if ALG_SHA256 == YES
TPM2B_TYPE(SHA256, 32);
TPM2B_SHA256 c_SHA256_digest = {{32, {
0x64,0xe8,0xe0,0xc3,0xa9,0xa4,0x51,0x49,0x10,0x55,0x8d,0x31,0x71,0xe5,0x2f,0x69,
0x3a,0xdc,0xc7,0x11,0x32,0x44,0x61,0xbd,0x34,0x39,0x57,0xb0,0xa8,0x75,0x86,0x1b
}}};
TPM2B_SHA256 c_SHA256_digest = {
{32, {0x64, 0xe8, 0xe0, 0xc3, 0xa9, 0xa4, 0x51, 0x49, 0x10, 0x55, 0x8d,
0x31, 0x71, 0xe5, 0x2f, 0x69, 0x3a, 0xdc, 0xc7, 0x11, 0x32, 0x44,
0x61, 0xbd, 0x34, 0x39, 0x57, 0xb0, 0xa8, 0x75, 0x86, 0x1b}}};
#endif
#if ALG_SHA384 == YES
TPM2B_TYPE(SHA384, 48);
TPM2B_SHA384 c_SHA384_digest = {{48, {
0x37,0x75,0x29,0xb5,0x20,0x15,0x6e,0xa3,0x7e,0xa3,0x0d,0xcd,0x80,0xa8,0xa3,0x3d,
0xeb,0xe8,0xad,0x4e,0x1c,0x77,0x94,0x5a,0xaf,0x6c,0xd0,0xc1,0xfa,0x43,0x3f,0xc7,
0xb8,0xf1,0x01,0xc0,0x60,0xbf,0xf2,0x87,0xe8,0x71,0x9e,0x51,0x97,0xa0,0x09,0x8d
}}};
TPM2B_SHA384 c_SHA384_digest = {
{48, {0x37, 0x75, 0x29, 0xb5, 0x20, 0x15, 0x6e, 0xa3, 0x7e, 0xa3, 0x0d, 0xcd,
0x80, 0xa8, 0xa3, 0x3d, 0xeb, 0xe8, 0xad, 0x4e, 0x1c, 0x77, 0x94, 0x5a,
0xaf, 0x6c, 0xd0, 0xc1, 0xfa, 0x43, 0x3f, 0xc7, 0xb8, 0xf1, 0x01, 0xc0,
0x60, 0xbf, 0xf2, 0x87, 0xe8, 0x71, 0x9e, 0x51, 0x97, 0xa0, 0x09, 0x8d}}};
#endif
#if ALG_SHA512 == YES
TPM2B_TYPE(SHA512, 64);
TPM2B_SHA512 c_SHA512_digest = {{64, {
0xe2,0x7b,0x10,0x3d,0x5e,0x48,0x58,0x44,0x67,0xac,0xa3,0x81,0x8c,0x1d,0xc5,0x71,
0x66,0x92,0x8a,0x89,0xaa,0xd4,0x35,0x51,0x60,0x37,0x31,0xd7,0xba,0xe7,0x93,0x0b,
0x16,0x4d,0xb3,0xc8,0x34,0x98,0x3c,0xd3,0x53,0xde,0x5e,0xe8,0x0c,0xbc,0xaf,0xc9,
0x24,0x2c,0xcc,0xed,0xdb,0xde,0xba,0x1f,0x14,0x14,0x5a,0x95,0x80,0xde,0x66,0xbd
}}};
TPM2B_SHA512 c_SHA512_digest = {
{64,
{0xe2, 0x7b, 0x10, 0x3d, 0x5e, 0x48, 0x58, 0x44, 0x67, 0xac, 0xa3, 0x81, 0x8c,
0x1d, 0xc5, 0x71, 0x66, 0x92, 0x8a, 0x89, 0xaa, 0xd4, 0x35, 0x51, 0x60, 0x37,
0x31, 0xd7, 0xba, 0xe7, 0x93, 0x0b, 0x16, 0x4d, 0xb3, 0xc8, 0x34, 0x98, 0x3c,
0xd3, 0x53, 0xde, 0x5e, 0xe8, 0x0c, 0xbc, 0xaf, 0xc9, 0x24, 0x2c, 0xcc, 0xed,
0xdb, 0xde, 0xba, 0x1f, 0x14, 0x14, 0x5a, 0x95, 0x80, 0xde, 0x66, 0xbd}}};
#endif
TPM2B_TYPE(EMPTY, 1);
@ -145,9 +154,7 @@ TPM2B_EMPTY c_SHA3_384_digest = {{0, {0}}};
TPM2B_EMPTY c_SHA3_512_digest = {{0, {0}}};
#endif
// libtpms added begin
#if SMAC_IMPLEMENTED && ALG_CMAC
#if SMAC_IMPLEMENTED && ALG_CMAC // libtpms added begin
TPM2B_TYPE(AES128, 16);
static TPM2B_AES128 cmac_aeskey = {{16, {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
@ -204,7 +211,5 @@ static const struct CMACTest {
.key = NULL,
}
};
#endif
// libtpms added end
#endif // libtpms added end
#endif

View File

@ -59,31 +59,37 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HASH_FP_H
#define HASH_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Hash // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
// Input structure definition
typedef struct
{
TPM2B_MAX_BUFFER data;
TPMI_ALG_HASH hashAlg;
TPMI_RH_HIERARCHY hierarchy;
} Hash_In;
#define RC_Hash_data (TPM_RC_P + TPM_RC_1)
#define RC_Hash_hashAlg (TPM_RC_P + TPM_RC_2)
#define RC_Hash_hierarchy (TPM_RC_P + TPM_RC_3)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_DIGEST outHash;
TPMT_TK_HASHCHECK validation;
} Hash_Out;
// Response code modifiers
# define RC_Hash_data (TPM_RC_P + TPM_RC_1)
# define RC_Hash_hashAlg (TPM_RC_P + TPM_RC_2)
# define RC_Hash_hierarchy (TPM_RC_P + TPM_RC_3)
// Function prototype
TPM_RC
TPM2_Hash(
Hash_In *in, // IN: input parameter list
Hash_Out *out // OUT: output parameter list
);
TPM2_Hash(Hash_In* in, Hash_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
#endif // CC_Hash

View File

@ -69,11 +69,11 @@
//**HIERARCHY_MODIFIER_TYPE
// This enumerates the possible hierarchy modifiers.
typedef enum
{
{
HM_NONE = 0,
HM_FW_LIMITED, // Hierarchy is firmware-limited.
HM_SVN_LIMITED // Hierarchy is SVN-limited.
} HIERARCHY_MODIFIER_TYPE;
} HIERARCHY_MODIFIER_TYPE;
//*** HIERARCHY_MODIFIER Structure
// A HIERARCHY_MODIFIER structure holds metadata about an OBJECT's
@ -161,7 +161,7 @@ void HierarchyPreInstall_Init(void)
// This function is called at TPM2_Startup() to initialize the hierarchy
// related values.
BOOL HierarchyStartup(STARTUP_TYPE type // IN: start up type
)
)
{
// phEnable is SET on any startup
g_phEnable = TRUE;
@ -196,7 +196,7 @@ BOOL HierarchyStartup(STARTUP_TYPE type // IN: start up type
// Returns the base hierarchy.
static TPMI_RH_HIERARCHY DecomposeHandle(TPMI_RH_HIERARCHY handle, // IN
HIERARCHY_MODIFIER* modifier // OUT
)
)
{
TPMI_RH_HIERARCHY base_hierarchy = handle;
@ -284,7 +284,7 @@ static TPMI_RH_HIERARCHY DecomposeHandle(TPMI_RH_HIERARCHY handle, // IN
static TPM_RC GetAdditionalSecret(const HIERARCHY_MODIFIER* modifier, // IN
TPM2B_SEED* secret_buffer, // OUT
const TPM2B** secret_label // OUT
)
)
{
switch(modifier->type)
{
@ -354,7 +354,7 @@ static TPM_RC MixAdditionalSecret(const HIERARCHY_MODIFIER* modifier,
const TPM2B* base_secret_label, // IN
const TPM2B* base_secret, // IN
TPM2B* output_secret // OUT
)
)
{
TPM_RC result = TPM_RC_SUCCESS;
TPM2B_SEED additional_secret;
@ -394,7 +394,7 @@ static TPM_RC MixAdditionalSecret(const HIERARCHY_MODIFIER* modifier,
// buffer containing the proof value.
TPM_RC HierarchyGetProof(TPMI_RH_HIERARCHY hierarchy, // IN: hierarchy constant
TPM2B_PROOF* proof // OUT: proof buffer
)
)
{
TPM2B_PROOF* base_proof = NULL;
HIERARCHY_MODIFIER modifier;
@ -427,7 +427,7 @@ TPM_RC HierarchyGetProof(TPMI_RH_HIERARCHY hierarchy, // IN: hierarchy constant
// This function derives the primary seed of a hierarchy.
TPM_RC HierarchyGetPrimarySeed(TPMI_RH_HIERARCHY hierarchy, // IN: hierarchy
TPM2B_SEED* seed // OUT: seed buffer
)
)
{
TPM2B_SEED* base_seed = NULL;
HIERARCHY_MODIFIER modifier;
@ -491,7 +491,7 @@ HierarchyGetPrimarySeedCompatLevel(
// is greater than the TPM's current SVN.
// TPM_RC_VALUE Hierarchy is not valid
TPM_RC ValidateHierarchy(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
)
)
{
BOOL enabled;
HIERARCHY_MODIFIER modifier;
@ -555,7 +555,7 @@ TPM_RC ValidateHierarchy(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
// TRUE(1) hierarchy is enabled
// FALSE(0) hierarchy is disabled
BOOL HierarchyIsEnabled(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
)
)
{
return ValidateHierarchy(hierarchy) == TPM_RC_SUCCESS;
}
@ -564,7 +564,7 @@ BOOL HierarchyIsEnabled(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
// This function accepts a handle that may or may not be FW- or SVN-bound,
// and returns the base hierarchy to which the handle refers.
TPMI_RH_HIERARCHY HierarchyNormalizeHandle(TPMI_RH_HIERARCHY handle // IN: handle
)
)
{
HIERARCHY_MODIFIER unused_modifier;
@ -575,7 +575,7 @@ TPMI_RH_HIERARCHY HierarchyNormalizeHandle(TPMI_RH_HIERARCHY handle // IN: hand
// This function accepts a hierarchy handle and returns whether it is firmware-
// limited.
BOOL HierarchyIsFirmwareLimited(TPMI_RH_HIERARCHY handle // IN
)
)
{
HIERARCHY_MODIFIER modifier;
@ -587,7 +587,7 @@ BOOL HierarchyIsFirmwareLimited(TPMI_RH_HIERARCHY handle // IN
// This function accepts a hierarchy handle and returns whether it is SVN-
// limited.
BOOL HierarchyIsSvnLimited(TPMI_RH_HIERARCHY handle // IN
)
)
{
HIERARCHY_MODIFIER modifier;

View File

@ -59,22 +59,28 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HIERARCHYCHANGEAUTH_FP_H
#define HIERARCHYCHANGEAUTH_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_HierarchyChangeAuth // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_HIERARCHY_AUTH authHandle;
TPM2B_AUTH newAuth;
} HierarchyChangeAuth_In;
#define RC_HierarchyChangeAuth_authHandle (TPM_RC_H + TPM_RC_1)
#define RC_HierarchyChangeAuth_newAuth (TPM_RC_P + TPM_RC_2)
// Response code modifiers
# define RC_HierarchyChangeAuth_authHandle (TPM_RC_H + TPM_RC_1)
# define RC_HierarchyChangeAuth_newAuth (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_HierarchyChangeAuth(
HierarchyChangeAuth_In *in // IN: input parameter list
);
TPM2_HierarchyChangeAuth(HierarchyChangeAuth_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
#endif // CC_HierarchyChangeAuth

View File

@ -59,25 +59,30 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef HIERARCHYCONTROL_FP_H
#define HIERARCHYCONTROL_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
TPMI_RH_HIERARCHY authHandle;
#if CC_HierarchyControl // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
// Input structure definition
typedef struct
{
TPMI_RH_BASE_HIERARCHY authHandle;
TPMI_RH_ENABLES enable;
TPMI_YES_NO state;
} HierarchyControl_In;
#define RC_HierarchyControl_authHandle (TPM_RC_H + TPM_RC_1)
#define RC_HierarchyControl_enable (TPM_RC_P + TPM_RC_1)
#define RC_HierarchyControl_state (TPM_RC_P + TPM_RC_2)
// Response code modifiers
# define RC_HierarchyControl_authHandle (TPM_RC_H + TPM_RC_1)
# define RC_HierarchyControl_enable (TPM_RC_P + TPM_RC_1)
# define RC_HierarchyControl_state (TPM_RC_P + TPM_RC_2)
// Function prototype
TPM_RC
TPM2_HierarchyControl(
HierarchyControl_In *in // IN: input parameter list
);
TPM2_HierarchyControl(HierarchyControl_In* in);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
#endif // CC_HierarchyControl

View File

@ -77,7 +77,7 @@ void HierarchyPreInstall_Init(void);
// This function is called at TPM2_Startup() to initialize the hierarchy
// related values.
BOOL HierarchyStartup(STARTUP_TYPE type // IN: start up type
);
);
//*** HierarchyGetProof()
// This function derives the proof value associated with a hierarchy. It returns a
@ -93,7 +93,7 @@ BOOL HierarchyStartup(STARTUP_TYPE type // IN: start up type
// SVN.
TPM_RC HierarchyGetProof(TPMI_RH_HIERARCHY hierarchy, // IN: hierarchy constant
TPM2B_PROOF* proof // OUT: proof buffer
);
);
//*** HierarchyGetPrimarySeed()
// This function derives the primary seed of a hierarchy.
@ -108,7 +108,7 @@ TPM_RC HierarchyGetProof(TPMI_RH_HIERARCHY hierarchy, // IN: hierarchy constant
// SVN.
TPM_RC HierarchyGetPrimarySeed(TPMI_RH_HIERARCHY hierarchy, // IN: hierarchy
TPM2B_SEED* seed // OUT: seed buffer
);
);
//*** ValidateHierarchy()
// This function ensures a given hierarchy is valid and enabled.
@ -121,13 +121,12 @@ TPM_RC HierarchyGetPrimarySeed(TPMI_RH_HIERARCHY hierarchy, // IN: hierarchy
// is greater than the TPM's current SVN.
// TPM_RC_VALUE Hierarchy is not valid
TPM_RC ValidateHierarchy(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
);
);
// libtpms added begin
SEED_COMPAT_LEVEL
HierarchyGetPrimarySeedCompatLevel(
TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
);
HierarchyGetPrimarySeedCompatLevel(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
);
// libtpms added end
//*** HierarchyIsEnabled()
@ -137,24 +136,24 @@ HierarchyGetPrimarySeedCompatLevel(
// TRUE(1) hierarchy is enabled
// FALSE(0) hierarchy is disabled
BOOL HierarchyIsEnabled(TPMI_RH_HIERARCHY hierarchy // IN: hierarchy
);
);
//*** HierarchyNormalizeHandle
// This function accepts a handle that may or may not be FW- or SVN-bound,
// and returns the base hierarchy to which the handle refers.
TPMI_RH_HIERARCHY HierarchyNormalizeHandle(TPMI_RH_HIERARCHY handle // IN
);
);
//*** HierarchyIsFirmwareLimited
// This function accepts a hierarchy handle and returns whether it is firmware-
// limited.
BOOL HierarchyIsFirmwareLimited(TPMI_RH_HIERARCHY handle // IN
);
);
//*** HierarchyIsSvnLimited
// This function accepts a hierarchy handle and returns whether it is SVN-
// limited.
BOOL HierarchyIsSvnLimited(TPMI_RH_HIERARCHY handle // IN
);
);
#endif // _HIERARCHY_FP_H_

View File

@ -59,12 +59,17 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef IMPORT_FP_H
#define IMPORT_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct {
#if CC_Import // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
// Input structure definition
typedef struct
{
TPMI_DH_OBJECT parentHandle;
TPM2B_DATA encryptionKey;
TPM2B_PUBLIC objectPublic;
@ -73,21 +78,23 @@ typedef struct {
TPMT_SYM_DEF_OBJECT symmetricAlg;
} Import_In;
#define RC_Import_parentHandle (TPM_RC_H + TPM_RC_1)
#define RC_Import_encryptionKey (TPM_RC_P + TPM_RC_1)
#define RC_Import_objectPublic (TPM_RC_P + TPM_RC_2)
#define RC_Import_duplicate (TPM_RC_P + TPM_RC_3)
#define RC_Import_inSymSeed (TPM_RC_P + TPM_RC_4)
#define RC_Import_symmetricAlg (TPM_RC_P + TPM_RC_5)
typedef struct {
// Output structure definition
typedef struct
{
TPM2B_PRIVATE outPrivate;
} Import_Out;
TPM_RC
TPM2_Import(
Import_In *in, // IN: input parameter list
Import_Out *out // OUT: output parameter list
);
// Response code modifiers
# define RC_Import_parentHandle (TPM_RC_H + TPM_RC_1)
# define RC_Import_encryptionKey (TPM_RC_P + TPM_RC_1)
# define RC_Import_objectPublic (TPM_RC_P + TPM_RC_2)
# define RC_Import_duplicate (TPM_RC_P + TPM_RC_3)
# define RC_Import_inSymSeed (TPM_RC_P + TPM_RC_4)
# define RC_Import_symmetricAlg (TPM_RC_P + TPM_RC_5)
#endif
// Function prototype
TPM_RC
TPM2_Import(Import_In* in, Import_Out* out);
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
#endif // CC_Import

View File

@ -59,26 +59,32 @@
/* */
/********************************************************************************/
/* rev 119 */
#ifndef INCREMENTALSELFTEST_FP_H
#define INCREMENTALSELFTEST_FP_H
// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
typedef struct{
#if CC_IncrementalSelfTest // Command must be enabled
# ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
# define _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
// Input structure definition
typedef struct
{
TPML_ALG toTest;
} IncrementalSelfTest_In;
typedef struct{
// Output structure definition
typedef struct
{
TPML_ALG toDoList;
} IncrementalSelfTest_Out;
#define RC_IncrementalSelfTest_toTest (TPM_RC_P + TPM_RC_1)
// Response code modifiers
# define RC_IncrementalSelfTest_toTest (TPM_RC_P + TPM_RC_1)
// Function prototype
TPM_RC
TPM2_IncrementalSelfTest(
IncrementalSelfTest_In *in, // IN: input parameter list
IncrementalSelfTest_Out *out // OUT: output parameter list
);
TPM2_IncrementalSelfTest(IncrementalSelfTest_In* in, IncrementalSelfTest_Out* out);
#endif
# endif // _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
#endif // CC_IncrementalSelfTest

View File

@ -59,32 +59,35 @@
/* */
/********************************************************************************/
#ifndef INTERNALROUTINES_H
#define INTERNALROUTINES_H
#ifndef INTERNAL_ROUTINES_H
#define INTERNAL_ROUTINES_H
#if !defined _LIB_SUPPORT_H_ && !defined _TPM_H_
#error "Should not be called"
# error "Should not be called"
#endif
/* DRTM functions */
// DRTM functions
#include "_TPM_Hash_Start_fp.h"
#include "_TPM_Hash_Data_fp.h"
#include "_TPM_Hash_End_fp.h"
/* Internal subsystem functions */
// Internal subsystem functions
#include "Object_fp.h"
#include "Context_spt_fp.h"
#include "Object_spt_fp.h"
#include "Entity_fp.h"
#include "Session_fp.h"
#include "Hierarchy_fp.h"
#include "NVReserved_fp.h"
#include "NVDynamic_fp.h"
#include "NvReserved_fp.h"
#include "NvDynamic_fp.h"
#include "NV_spt_fp.h"
#include "ACT_spt_fp.h"
#include "PCR_fp.h"
#include "DA_fp.h"
#include "TpmFail_fp.h"
#include "SessionProcess_fp.h"
/* Internal support functions */
// Internal support functions
#include "CommandCodeAttributes_fp.h"
#include "Marshal_fp.h"
#include "Unmarshal_fp.h" /* kgold */
@ -97,10 +100,12 @@
#include "Power_fp.h"
#include "Response_fp.h"
#include "CommandDispatcher_fp.h"
#if CC_AC_Send
# include "AC_spt_fp.h"
#endif // CC_AC_Send
/* Miscellaneous */
// Miscellaneous
#include "Bits_fp.h"
#include "AlgorithmCap_fp.h"
#include "PropertyCap_fp.h"
@ -122,16 +127,19 @@
#include "MathOnByteBuffers_fp.h"
#include "CryptSym_fp.h"
#include "AlgorithmTests_fp.h"
#if ALG_RSA
#include "CryptRsa_fp.h"
#include "CryptPrimeSieve_fp.h"
# include "CryptRsa_fp.h"
# include "CryptPrimeSieve_fp.h"
#endif
#if ALG_ECC
#include "CryptEccMain_fp.h"
#include "CryptEccSignature_fp.h"
#include "CryptEccKeyExchange_fp.h"
#include "CryptEccCrypt_fp.h"
# include "CryptEccMain_fp.h"
# include "CryptEccSignature_fp.h"
# include "CryptEccKeyExchange_fp.h"
# include "CryptEccCrypt_fp.h"
#endif
#if CC_MAC || CC_MAC_Start
# include "CryptSmac_fp.h"
# if ALG_CMAC

Some files were not shown because too many files have changed in this diff Show More