]>
Commit | Line | Data |
---|---|---|
83d290c5 | 1 | // SPDX-License-Identifier: GPL-2.0+ |
8732b070 CC |
2 | /* |
3 | * Copyright (c) 2013 The Chromium OS Authors. | |
be6c1529 | 4 | * Coypright (c) 2013 Guntermann & Drunck GmbH |
8732b070 CC |
5 | */ |
6 | ||
7 | #include <common.h> | |
c8a8c510 | 8 | #include <dm.h> |
8732b070 | 9 | #include <asm/unaligned.h> |
c8a8c510 | 10 | #include <u-boot/sha1.h> |
d677bfe2 MR |
11 | #include <tpm-common.h> |
12 | #include <tpm-v1.h> | |
13 | #include "tpm-utils.h" | |
8732b070 | 14 | |
be6c1529 RP |
15 | #ifdef CONFIG_TPM_AUTH_SESSIONS |
16 | ||
17 | #ifndef CONFIG_SHA1 | |
18 | #error "TPM_AUTH_SESSIONS require SHA1 to be configured, too" | |
19 | #endif /* !CONFIG_SHA1 */ | |
20 | ||
21 | struct session_data { | |
22 | int valid; | |
b9804e5b MR |
23 | u32 handle; |
24 | u8 nonce_even[DIGEST_LENGTH]; | |
25 | u8 nonce_odd[DIGEST_LENGTH]; | |
be6c1529 RP |
26 | }; |
27 | ||
28 | static struct session_data oiap_session = {0, }; | |
29 | ||
30 | #endif /* CONFIG_TPM_AUTH_SESSIONS */ | |
31 | ||
b9804e5b | 32 | u32 tpm_startup(enum tpm_startup_type mode) |
8732b070 | 33 | { |
b9804e5b | 34 | const u8 command[12] = { |
8732b070 CC |
35 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0, |
36 | }; | |
37 | const size_t mode_offset = 10; | |
b9804e5b | 38 | u8 buf[COMMAND_BUFFER_SIZE]; |
8732b070 CC |
39 | |
40 | if (pack_byte_string(buf, sizeof(buf), "sw", | |
c6179187 MR |
41 | 0, command, sizeof(command), |
42 | mode_offset, mode)) | |
8732b070 CC |
43 | return TPM_LIB_ERROR; |
44 | ||
45 | return tpm_sendrecv_command(buf, NULL, NULL); | |
46 | } | |
47 | ||
b9804e5b | 48 | u32 tpm_self_test_full(void) |
8732b070 | 49 | { |
b9804e5b | 50 | const u8 command[10] = { |
8732b070 CC |
51 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50, |
52 | }; | |
53 | return tpm_sendrecv_command(command, NULL, NULL); | |
54 | } | |
55 | ||
b9804e5b | 56 | u32 tpm_continue_self_test(void) |
8732b070 | 57 | { |
b9804e5b | 58 | const u8 command[10] = { |
8732b070 CC |
59 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53, |
60 | }; | |
61 | return tpm_sendrecv_command(command, NULL, NULL); | |
62 | } | |
63 | ||
b9804e5b | 64 | u32 tpm_nv_define_space(u32 index, u32 perm, u32 size) |
8732b070 | 65 | { |
b9804e5b | 66 | const u8 command[101] = { |
8732b070 CC |
67 | 0x0, 0xc1, /* TPM_TAG */ |
68 | 0x0, 0x0, 0x0, 0x65, /* parameter size */ | |
69 | 0x0, 0x0, 0x0, 0xcc, /* TPM_COMMAND_CODE */ | |
70 | /* TPM_NV_DATA_PUBLIC->... */ | |
71 | 0x0, 0x18, /* ...->TPM_STRUCTURE_TAG */ | |
72 | 0, 0, 0, 0, /* ...->TPM_NV_INDEX */ | |
73 | /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */ | |
74 | 0x0, 0x3, | |
75 | 0, 0, 0, | |
76 | 0x1f, | |
77 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
78 | /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */ | |
79 | 0x0, 0x3, | |
80 | 0, 0, 0, | |
81 | 0x1f, | |
82 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
83 | /* TPM_NV_ATTRIBUTES->... */ | |
84 | 0x0, 0x17, /* ...->TPM_STRUCTURE_TAG */ | |
85 | 0, 0, 0, 0, /* ...->attributes */ | |
86 | /* End of TPM_NV_ATTRIBUTES */ | |
87 | 0, /* bReadSTClear */ | |
88 | 0, /* bWriteSTClear */ | |
89 | 0, /* bWriteDefine */ | |
90 | 0, 0, 0, 0, /* size */ | |
91 | }; | |
92 | const size_t index_offset = 12; | |
93 | const size_t perm_offset = 70; | |
94 | const size_t size_offset = 77; | |
b9804e5b | 95 | u8 buf[COMMAND_BUFFER_SIZE]; |
8732b070 CC |
96 | |
97 | if (pack_byte_string(buf, sizeof(buf), "sddd", | |
c6179187 MR |
98 | 0, command, sizeof(command), |
99 | index_offset, index, | |
100 | perm_offset, perm, | |
101 | size_offset, size)) | |
8732b070 CC |
102 | return TPM_LIB_ERROR; |
103 | ||
104 | return tpm_sendrecv_command(buf, NULL, NULL); | |
105 | } | |
106 | ||
b9804e5b | 107 | u32 tpm_nv_read_value(u32 index, void *data, u32 count) |
8732b070 | 108 | { |
b9804e5b | 109 | const u8 command[22] = { |
8732b070 CC |
110 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf, |
111 | }; | |
112 | const size_t index_offset = 10; | |
113 | const size_t length_offset = 18; | |
114 | const size_t data_size_offset = 10; | |
115 | const size_t data_offset = 14; | |
b9804e5b | 116 | u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; |
8732b070 | 117 | size_t response_length = sizeof(response); |
b9804e5b MR |
118 | u32 data_size; |
119 | u32 err; | |
8732b070 CC |
120 | |
121 | if (pack_byte_string(buf, sizeof(buf), "sdd", | |
c6179187 MR |
122 | 0, command, sizeof(command), |
123 | index_offset, index, | |
124 | length_offset, count)) | |
8732b070 CC |
125 | return TPM_LIB_ERROR; |
126 | err = tpm_sendrecv_command(buf, response, &response_length); | |
127 | if (err) | |
128 | return err; | |
129 | if (unpack_byte_string(response, response_length, "d", | |
c6179187 | 130 | data_size_offset, &data_size)) |
8732b070 CC |
131 | return TPM_LIB_ERROR; |
132 | if (data_size > count) | |
133 | return TPM_LIB_ERROR; | |
134 | if (unpack_byte_string(response, response_length, "s", | |
c6179187 | 135 | data_offset, data, data_size)) |
8732b070 CC |
136 | return TPM_LIB_ERROR; |
137 | ||
138 | return 0; | |
139 | } | |
140 | ||
b9804e5b | 141 | u32 tpm_nv_write_value(u32 index, const void *data, u32 length) |
8732b070 | 142 | { |
b9804e5b | 143 | const u8 command[256] = { |
8732b070 CC |
144 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd, |
145 | }; | |
146 | const size_t command_size_offset = 2; | |
147 | const size_t index_offset = 10; | |
148 | const size_t length_offset = 18; | |
149 | const size_t data_offset = 22; | |
150 | const size_t write_info_size = 12; | |
b9804e5b | 151 | const u32 total_length = |
8732b070 | 152 | TPM_REQUEST_HEADER_LENGTH + write_info_size + length; |
b9804e5b | 153 | u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; |
8732b070 | 154 | size_t response_length = sizeof(response); |
b9804e5b | 155 | u32 err; |
8732b070 CC |
156 | |
157 | if (pack_byte_string(buf, sizeof(buf), "sddds", | |
c6179187 MR |
158 | 0, command, sizeof(command), |
159 | command_size_offset, total_length, | |
160 | index_offset, index, | |
161 | length_offset, length, | |
162 | data_offset, data, length)) | |
8732b070 CC |
163 | return TPM_LIB_ERROR; |
164 | err = tpm_sendrecv_command(buf, response, &response_length); | |
165 | if (err) | |
166 | return err; | |
167 | ||
168 | return 0; | |
169 | } | |
170 | ||
b9804e5b | 171 | u32 tpm_extend(u32 index, const void *in_digest, void *out_digest) |
8732b070 | 172 | { |
b9804e5b | 173 | const u8 command[34] = { |
8732b070 CC |
174 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14, |
175 | }; | |
176 | const size_t index_offset = 10; | |
177 | const size_t in_digest_offset = 14; | |
178 | const size_t out_digest_offset = 10; | |
b9804e5b MR |
179 | u8 buf[COMMAND_BUFFER_SIZE]; |
180 | u8 response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH]; | |
8732b070 | 181 | size_t response_length = sizeof(response); |
b9804e5b | 182 | u32 err; |
8732b070 CC |
183 | |
184 | if (pack_byte_string(buf, sizeof(buf), "sds", | |
c6179187 MR |
185 | 0, command, sizeof(command), |
186 | index_offset, index, | |
187 | in_digest_offset, in_digest, | |
188 | PCR_DIGEST_LENGTH)) | |
8732b070 CC |
189 | return TPM_LIB_ERROR; |
190 | err = tpm_sendrecv_command(buf, response, &response_length); | |
191 | if (err) | |
192 | return err; | |
193 | ||
194 | if (unpack_byte_string(response, response_length, "s", | |
c6179187 MR |
195 | out_digest_offset, out_digest, |
196 | PCR_DIGEST_LENGTH)) | |
8732b070 CC |
197 | return TPM_LIB_ERROR; |
198 | ||
199 | return 0; | |
200 | } | |
201 | ||
b9804e5b | 202 | u32 tpm_pcr_read(u32 index, void *data, size_t count) |
8732b070 | 203 | { |
b9804e5b | 204 | const u8 command[14] = { |
8732b070 CC |
205 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15, |
206 | }; | |
207 | const size_t index_offset = 10; | |
208 | const size_t out_digest_offset = 10; | |
b9804e5b | 209 | u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; |
8732b070 | 210 | size_t response_length = sizeof(response); |
b9804e5b | 211 | u32 err; |
8732b070 CC |
212 | |
213 | if (count < PCR_DIGEST_LENGTH) | |
214 | return TPM_LIB_ERROR; | |
215 | ||
216 | if (pack_byte_string(buf, sizeof(buf), "sd", | |
c6179187 MR |
217 | 0, command, sizeof(command), |
218 | index_offset, index)) | |
8732b070 CC |
219 | return TPM_LIB_ERROR; |
220 | err = tpm_sendrecv_command(buf, response, &response_length); | |
221 | if (err) | |
222 | return err; | |
223 | if (unpack_byte_string(response, response_length, "s", | |
c6179187 | 224 | out_digest_offset, data, PCR_DIGEST_LENGTH)) |
8732b070 CC |
225 | return TPM_LIB_ERROR; |
226 | ||
227 | return 0; | |
228 | } | |
229 | ||
b9804e5b | 230 | u32 tpm_tsc_physical_presence(u16 presence) |
8732b070 | 231 | { |
b9804e5b | 232 | const u8 command[12] = { |
8732b070 CC |
233 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0, |
234 | }; | |
235 | const size_t presence_offset = 10; | |
b9804e5b | 236 | u8 buf[COMMAND_BUFFER_SIZE]; |
8732b070 CC |
237 | |
238 | if (pack_byte_string(buf, sizeof(buf), "sw", | |
c6179187 MR |
239 | 0, command, sizeof(command), |
240 | presence_offset, presence)) | |
8732b070 CC |
241 | return TPM_LIB_ERROR; |
242 | ||
243 | return tpm_sendrecv_command(buf, NULL, NULL); | |
244 | } | |
245 | ||
b9804e5b | 246 | u32 tpm_read_pubek(void *data, size_t count) |
8732b070 | 247 | { |
b9804e5b | 248 | const u8 command[30] = { |
8732b070 CC |
249 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c, |
250 | }; | |
251 | const size_t response_size_offset = 2; | |
252 | const size_t data_offset = 10; | |
253 | const size_t header_and_checksum_size = TPM_RESPONSE_HEADER_LENGTH + 20; | |
b9804e5b | 254 | u8 response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE]; |
8732b070 | 255 | size_t response_length = sizeof(response); |
b9804e5b MR |
256 | u32 data_size; |
257 | u32 err; | |
8732b070 CC |
258 | |
259 | err = tpm_sendrecv_command(command, response, &response_length); | |
260 | if (err) | |
261 | return err; | |
262 | if (unpack_byte_string(response, response_length, "d", | |
c6179187 | 263 | response_size_offset, &data_size)) |
8732b070 CC |
264 | return TPM_LIB_ERROR; |
265 | if (data_size < header_and_checksum_size) | |
266 | return TPM_LIB_ERROR; | |
267 | data_size -= header_and_checksum_size; | |
268 | if (data_size > count) | |
269 | return TPM_LIB_ERROR; | |
270 | if (unpack_byte_string(response, response_length, "s", | |
c6179187 | 271 | data_offset, data, data_size)) |
8732b070 CC |
272 | return TPM_LIB_ERROR; |
273 | ||
274 | return 0; | |
275 | } | |
276 | ||
b9804e5b | 277 | u32 tpm_force_clear(void) |
8732b070 | 278 | { |
b9804e5b | 279 | const u8 command[10] = { |
8732b070 CC |
280 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d, |
281 | }; | |
282 | ||
283 | return tpm_sendrecv_command(command, NULL, NULL); | |
284 | } | |
285 | ||
b9804e5b | 286 | u32 tpm_physical_enable(void) |
8732b070 | 287 | { |
b9804e5b | 288 | const u8 command[10] = { |
8732b070 CC |
289 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f, |
290 | }; | |
291 | ||
292 | return tpm_sendrecv_command(command, NULL, NULL); | |
293 | } | |
294 | ||
b9804e5b | 295 | u32 tpm_physical_disable(void) |
8732b070 | 296 | { |
b9804e5b | 297 | const u8 command[10] = { |
8732b070 CC |
298 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70, |
299 | }; | |
300 | ||
301 | return tpm_sendrecv_command(command, NULL, NULL); | |
302 | } | |
303 | ||
b9804e5b | 304 | u32 tpm_physical_set_deactivated(u8 state) |
8732b070 | 305 | { |
b9804e5b | 306 | const u8 command[11] = { |
8732b070 CC |
307 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72, |
308 | }; | |
309 | const size_t state_offset = 10; | |
b9804e5b | 310 | u8 buf[COMMAND_BUFFER_SIZE]; |
8732b070 CC |
311 | |
312 | if (pack_byte_string(buf, sizeof(buf), "sb", | |
c6179187 MR |
313 | 0, command, sizeof(command), |
314 | state_offset, state)) | |
8732b070 CC |
315 | return TPM_LIB_ERROR; |
316 | ||
317 | return tpm_sendrecv_command(buf, NULL, NULL); | |
318 | } | |
319 | ||
b9804e5b | 320 | u32 tpm_get_capability(u32 cap_area, u32 sub_cap, void *cap, size_t count) |
8732b070 | 321 | { |
b9804e5b | 322 | const u8 command[22] = { |
8732b070 CC |
323 | 0x0, 0xc1, /* TPM_TAG */ |
324 | 0x0, 0x0, 0x0, 0x16, /* parameter size */ | |
325 | 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ | |
326 | 0x0, 0x0, 0x0, 0x0, /* TPM_CAPABILITY_AREA */ | |
327 | 0x0, 0x0, 0x0, 0x4, /* subcap size */ | |
328 | 0x0, 0x0, 0x0, 0x0, /* subcap value */ | |
329 | }; | |
330 | const size_t cap_area_offset = 10; | |
331 | const size_t sub_cap_offset = 18; | |
332 | const size_t cap_offset = 14; | |
333 | const size_t cap_size_offset = 10; | |
b9804e5b | 334 | u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; |
8732b070 | 335 | size_t response_length = sizeof(response); |
b9804e5b MR |
336 | u32 cap_size; |
337 | u32 err; | |
8732b070 CC |
338 | |
339 | if (pack_byte_string(buf, sizeof(buf), "sdd", | |
c6179187 MR |
340 | 0, command, sizeof(command), |
341 | cap_area_offset, cap_area, | |
342 | sub_cap_offset, sub_cap)) | |
8732b070 CC |
343 | return TPM_LIB_ERROR; |
344 | err = tpm_sendrecv_command(buf, response, &response_length); | |
345 | if (err) | |
346 | return err; | |
347 | if (unpack_byte_string(response, response_length, "d", | |
c6179187 | 348 | cap_size_offset, &cap_size)) |
8732b070 CC |
349 | return TPM_LIB_ERROR; |
350 | if (cap_size > response_length || cap_size > count) | |
351 | return TPM_LIB_ERROR; | |
352 | if (unpack_byte_string(response, response_length, "s", | |
c6179187 | 353 | cap_offset, cap, cap_size)) |
8732b070 CC |
354 | return TPM_LIB_ERROR; |
355 | ||
356 | return 0; | |
357 | } | |
be6c1529 | 358 | |
b9804e5b | 359 | u32 tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) |
2132f971 | 360 | { |
b9804e5b | 361 | const u8 command[22] = { |
2132f971 SG |
362 | 0x0, 0xc1, /* TPM_TAG */ |
363 | 0x0, 0x0, 0x0, 0x16, /* parameter size */ | |
364 | 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ | |
365 | 0x0, 0x0, 0x0, 0x4, /* TPM_CAP_FLAG_PERM */ | |
366 | 0x0, 0x0, 0x0, 0x4, /* subcap size */ | |
367 | 0x0, 0x0, 0x1, 0x8, /* subcap value */ | |
368 | }; | |
e8155dfe | 369 | const size_t data_size_offset = TPM_HEADER_SIZE; |
b9804e5b MR |
370 | const size_t data_offset = TPM_HEADER_SIZE + sizeof(u32); |
371 | u8 response[COMMAND_BUFFER_SIZE]; | |
2132f971 | 372 | size_t response_length = sizeof(response); |
b9804e5b MR |
373 | u32 err; |
374 | u32 data_size; | |
2132f971 SG |
375 | |
376 | err = tpm_sendrecv_command(command, response, &response_length); | |
377 | if (err) | |
378 | return err; | |
e8155dfe AD |
379 | if (unpack_byte_string(response, response_length, "d", |
380 | data_size_offset, &data_size)) | |
381 | return TPM_LIB_ERROR; | |
382 | if (data_size < sizeof(*pflags)) | |
383 | return TPM_LIB_ERROR; | |
384 | if (unpack_byte_string(response, response_length, "s", | |
385 | data_offset, pflags, sizeof(*pflags))) | |
386 | return TPM_LIB_ERROR; | |
2132f971 SG |
387 | |
388 | return 0; | |
389 | } | |
390 | ||
b9804e5b | 391 | u32 tpm_get_permissions(u32 index, u32 *perm) |
2132f971 | 392 | { |
b9804e5b | 393 | const u8 command[22] = { |
2132f971 SG |
394 | 0x0, 0xc1, /* TPM_TAG */ |
395 | 0x0, 0x0, 0x0, 0x16, /* parameter size */ | |
396 | 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ | |
397 | 0x0, 0x0, 0x0, 0x11, | |
398 | 0x0, 0x0, 0x0, 0x4, | |
399 | }; | |
400 | const size_t index_offset = 18; | |
401 | const size_t perm_offset = 60; | |
b9804e5b | 402 | u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; |
2132f971 | 403 | size_t response_length = sizeof(response); |
b9804e5b | 404 | u32 err; |
2132f971 SG |
405 | |
406 | if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command), | |
407 | index_offset, index)) | |
408 | return TPM_LIB_ERROR; | |
409 | err = tpm_sendrecv_command(buf, response, &response_length); | |
410 | if (err) | |
411 | return err; | |
412 | if (unpack_byte_string(response, response_length, "d", | |
413 | perm_offset, perm)) | |
414 | return TPM_LIB_ERROR; | |
415 | ||
416 | return 0; | |
417 | } | |
418 | ||
7690be35 | 419 | #ifdef CONFIG_TPM_FLUSH_RESOURCES |
b9804e5b | 420 | u32 tpm_flush_specific(u32 key_handle, u32 resource_type) |
7690be35 | 421 | { |
b9804e5b | 422 | const u8 command[18] = { |
7690be35 MS |
423 | 0x00, 0xc1, /* TPM_TAG */ |
424 | 0x00, 0x00, 0x00, 0x12, /* parameter size */ | |
425 | 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ | |
426 | 0x00, 0x00, 0x00, 0x00, /* key handle */ | |
427 | 0x00, 0x00, 0x00, 0x00, /* resource type */ | |
428 | }; | |
429 | const size_t key_handle_offset = 10; | |
430 | const size_t resource_type_offset = 14; | |
b9804e5b | 431 | u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; |
7690be35 | 432 | size_t response_length = sizeof(response); |
b9804e5b | 433 | u32 err; |
7690be35 MS |
434 | |
435 | if (pack_byte_string(buf, sizeof(buf), "sdd", | |
436 | 0, command, sizeof(command), | |
437 | key_handle_offset, key_handle, | |
438 | resource_type_offset, resource_type)) | |
439 | return TPM_LIB_ERROR; | |
440 | ||
441 | err = tpm_sendrecv_command(buf, response, &response_length); | |
442 | if (err) | |
443 | return err; | |
444 | return 0; | |
445 | } | |
446 | #endif /* CONFIG_TPM_FLUSH_RESOURCES */ | |
447 | ||
be6c1529 RP |
448 | #ifdef CONFIG_TPM_AUTH_SESSIONS |
449 | ||
450 | /** | |
451 | * Fill an authentication block in a request. | |
452 | * This func can create the first as well as the second auth block (for | |
453 | * double authorized commands). | |
454 | * | |
455 | * @param request pointer to the request (w/ uninitialised auth data) | |
456 | * @param request_len0 length of the request without auth data | |
457 | * @param handles_len length of the handles area in request | |
458 | * @param auth_session pointer to the (valid) auth session to be used | |
459 | * @param request_auth pointer to the auth block of the request to be filled | |
460 | * @param auth authentication data (HMAC key) | |
461 | */ | |
b9804e5b MR |
462 | static u32 create_request_auth(const void *request, size_t request_len0, |
463 | size_t handles_len, | |
464 | struct session_data *auth_session, | |
465 | void *request_auth, const void *auth) | |
be6c1529 | 466 | { |
b9804e5b | 467 | u8 hmac_data[DIGEST_LENGTH * 3 + 1]; |
be6c1529 RP |
468 | sha1_context hash_ctx; |
469 | const size_t command_code_offset = 6; | |
470 | const size_t auth_nonce_odd_offset = 4; | |
471 | const size_t auth_continue_offset = 24; | |
472 | const size_t auth_auth_offset = 25; | |
473 | ||
474 | if (!auth_session || !auth_session->valid) | |
475 | return TPM_LIB_ERROR; | |
476 | ||
477 | sha1_starts(&hash_ctx); | |
478 | sha1_update(&hash_ctx, request + command_code_offset, 4); | |
479 | if (request_len0 > TPM_REQUEST_HEADER_LENGTH + handles_len) | |
480 | sha1_update(&hash_ctx, | |
481 | request + TPM_REQUEST_HEADER_LENGTH + handles_len, | |
482 | request_len0 - TPM_REQUEST_HEADER_LENGTH | |
483 | - handles_len); | |
484 | sha1_finish(&hash_ctx, hmac_data); | |
485 | ||
486 | sha1_starts(&hash_ctx); | |
487 | sha1_update(&hash_ctx, auth_session->nonce_odd, DIGEST_LENGTH); | |
488 | sha1_update(&hash_ctx, hmac_data, sizeof(hmac_data)); | |
489 | sha1_finish(&hash_ctx, auth_session->nonce_odd); | |
490 | ||
491 | if (pack_byte_string(request_auth, TPM_REQUEST_AUTH_LENGTH, "dsb", | |
492 | 0, auth_session->handle, | |
493 | auth_nonce_odd_offset, auth_session->nonce_odd, | |
494 | DIGEST_LENGTH, | |
495 | auth_continue_offset, 1)) | |
496 | return TPM_LIB_ERROR; | |
497 | if (pack_byte_string(hmac_data, sizeof(hmac_data), "ss", | |
498 | DIGEST_LENGTH, | |
499 | auth_session->nonce_even, | |
500 | DIGEST_LENGTH, | |
501 | 2 * DIGEST_LENGTH, | |
502 | request_auth + auth_nonce_odd_offset, | |
503 | DIGEST_LENGTH + 1)) | |
504 | return TPM_LIB_ERROR; | |
505 | sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data), | |
506 | request_auth + auth_auth_offset); | |
507 | ||
508 | return TPM_SUCCESS; | |
509 | } | |
510 | ||
511 | /** | |
512 | * Verify an authentication block in a response. | |
513 | * Since this func updates the nonce_even in the session data it has to be | |
514 | * called when receiving a succesfull AUTH response. | |
515 | * This func can verify the first as well as the second auth block (for | |
516 | * double authorized commands). | |
517 | * | |
518 | * @param command_code command code of the request | |
519 | * @param response pointer to the request (w/ uninitialised auth data) | |
520 | * @param handles_len length of the handles area in response | |
521 | * @param auth_session pointer to the (valid) auth session to be used | |
522 | * @param response_auth pointer to the auth block of the response to be verified | |
523 | * @param auth authentication data (HMAC key) | |
524 | */ | |
b9804e5b MR |
525 | static u32 verify_response_auth(u32 command_code, const void *response, |
526 | size_t response_len0, size_t handles_len, | |
527 | struct session_data *auth_session, | |
528 | const void *response_auth, const void *auth) | |
be6c1529 | 529 | { |
b9804e5b MR |
530 | u8 hmac_data[DIGEST_LENGTH * 3 + 1]; |
531 | u8 computed_auth[DIGEST_LENGTH]; | |
be6c1529 RP |
532 | sha1_context hash_ctx; |
533 | const size_t return_code_offset = 6; | |
534 | const size_t auth_continue_offset = 20; | |
535 | const size_t auth_auth_offset = 21; | |
b9804e5b | 536 | u8 auth_continue; |
be6c1529 RP |
537 | |
538 | if (!auth_session || !auth_session->valid) | |
539 | return TPM_AUTHFAIL; | |
540 | if (pack_byte_string(hmac_data, sizeof(hmac_data), "d", | |
541 | 0, command_code)) | |
542 | return TPM_LIB_ERROR; | |
543 | if (response_len0 < TPM_RESPONSE_HEADER_LENGTH) | |
544 | return TPM_LIB_ERROR; | |
545 | ||
546 | sha1_starts(&hash_ctx); | |
547 | sha1_update(&hash_ctx, response + return_code_offset, 4); | |
548 | sha1_update(&hash_ctx, hmac_data, 4); | |
549 | if (response_len0 > TPM_RESPONSE_HEADER_LENGTH + handles_len) | |
550 | sha1_update(&hash_ctx, | |
551 | response + TPM_RESPONSE_HEADER_LENGTH + handles_len, | |
552 | response_len0 - TPM_RESPONSE_HEADER_LENGTH | |
553 | - handles_len); | |
554 | sha1_finish(&hash_ctx, hmac_data); | |
555 | ||
556 | memcpy(auth_session->nonce_even, response_auth, DIGEST_LENGTH); | |
b9804e5b | 557 | auth_continue = ((u8 *)response_auth)[auth_continue_offset]; |
be6c1529 RP |
558 | if (pack_byte_string(hmac_data, sizeof(hmac_data), "ssb", |
559 | DIGEST_LENGTH, | |
560 | response_auth, | |
561 | DIGEST_LENGTH, | |
562 | 2 * DIGEST_LENGTH, | |
563 | auth_session->nonce_odd, | |
564 | DIGEST_LENGTH, | |
565 | 3 * DIGEST_LENGTH, | |
566 | auth_continue)) | |
567 | return TPM_LIB_ERROR; | |
568 | ||
569 | sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data), | |
570 | computed_auth); | |
571 | ||
572 | if (memcmp(computed_auth, response_auth + auth_auth_offset, | |
573 | DIGEST_LENGTH)) | |
574 | return TPM_AUTHFAIL; | |
575 | ||
576 | return TPM_SUCCESS; | |
577 | } | |
578 | ||
b9804e5b | 579 | u32 tpm_terminate_auth_session(u32 auth_handle) |
be6c1529 | 580 | { |
b9804e5b | 581 | const u8 command[18] = { |
be6c1529 RP |
582 | 0x00, 0xc1, /* TPM_TAG */ |
583 | 0x00, 0x00, 0x00, 0x00, /* parameter size */ | |
584 | 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ | |
585 | 0x00, 0x00, 0x00, 0x00, /* TPM_HANDLE */ | |
52da18a3 | 586 | 0x00, 0x00, 0x00, 0x02, /* TPM_RESOURCE_TYPE */ |
be6c1529 RP |
587 | }; |
588 | const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH; | |
b9804e5b | 589 | u8 request[COMMAND_BUFFER_SIZE]; |
be6c1529 RP |
590 | |
591 | if (pack_byte_string(request, sizeof(request), "sd", | |
592 | 0, command, sizeof(command), | |
593 | req_handle_offset, auth_handle)) | |
594 | return TPM_LIB_ERROR; | |
595 | if (oiap_session.valid && oiap_session.handle == auth_handle) | |
596 | oiap_session.valid = 0; | |
597 | ||
598 | return tpm_sendrecv_command(request, NULL, NULL); | |
599 | } | |
600 | ||
b9804e5b | 601 | u32 tpm_end_oiap(void) |
be6c1529 | 602 | { |
b9804e5b | 603 | u32 err = TPM_SUCCESS; |
96cc4e31 | 604 | |
be6c1529 RP |
605 | if (oiap_session.valid) |
606 | err = tpm_terminate_auth_session(oiap_session.handle); | |
607 | return err; | |
608 | } | |
609 | ||
b9804e5b | 610 | u32 tpm_oiap(u32 *auth_handle) |
be6c1529 | 611 | { |
b9804e5b | 612 | const u8 command[10] = { |
be6c1529 RP |
613 | 0x00, 0xc1, /* TPM_TAG */ |
614 | 0x00, 0x00, 0x00, 0x0a, /* parameter size */ | |
615 | 0x00, 0x00, 0x00, 0x0a, /* TPM_COMMAND_CODE */ | |
616 | }; | |
617 | const size_t res_auth_handle_offset = TPM_RESPONSE_HEADER_LENGTH; | |
618 | const size_t res_nonce_even_offset = TPM_RESPONSE_HEADER_LENGTH + 4; | |
b9804e5b | 619 | u8 response[COMMAND_BUFFER_SIZE]; |
be6c1529 | 620 | size_t response_length = sizeof(response); |
b9804e5b | 621 | u32 err; |
be6c1529 RP |
622 | |
623 | if (oiap_session.valid) | |
624 | tpm_terminate_auth_session(oiap_session.handle); | |
625 | ||
626 | err = tpm_sendrecv_command(command, response, &response_length); | |
627 | if (err) | |
628 | return err; | |
629 | if (unpack_byte_string(response, response_length, "ds", | |
630 | res_auth_handle_offset, &oiap_session.handle, | |
631 | res_nonce_even_offset, &oiap_session.nonce_even, | |
b9804e5b | 632 | (u32)DIGEST_LENGTH)) |
be6c1529 RP |
633 | return TPM_LIB_ERROR; |
634 | oiap_session.valid = 1; | |
635 | if (auth_handle) | |
636 | *auth_handle = oiap_session.handle; | |
637 | return 0; | |
638 | } | |
639 | ||
b9804e5b MR |
640 | u32 tpm_load_key2_oiap(u32 parent_handle, const void *key, size_t key_length, |
641 | const void *parent_key_usage_auth, u32 *key_handle) | |
be6c1529 | 642 | { |
b9804e5b | 643 | const u8 command[14] = { |
be6c1529 RP |
644 | 0x00, 0xc2, /* TPM_TAG */ |
645 | 0x00, 0x00, 0x00, 0x00, /* parameter size */ | |
646 | 0x00, 0x00, 0x00, 0x41, /* TPM_COMMAND_CODE */ | |
647 | 0x00, 0x00, 0x00, 0x00, /* parent handle */ | |
648 | }; | |
649 | const size_t req_size_offset = 2; | |
650 | const size_t req_parent_handle_offset = TPM_REQUEST_HEADER_LENGTH; | |
651 | const size_t req_key_offset = TPM_REQUEST_HEADER_LENGTH + 4; | |
652 | const size_t res_handle_offset = TPM_RESPONSE_HEADER_LENGTH; | |
b9804e5b MR |
653 | u8 request[sizeof(command) + TPM_KEY12_MAX_LENGTH + |
654 | TPM_REQUEST_AUTH_LENGTH]; | |
655 | u8 response[COMMAND_BUFFER_SIZE]; | |
be6c1529 | 656 | size_t response_length = sizeof(response); |
b9804e5b | 657 | u32 err; |
be6c1529 RP |
658 | |
659 | if (!oiap_session.valid) { | |
660 | err = tpm_oiap(NULL); | |
661 | if (err) | |
662 | return err; | |
663 | } | |
664 | if (pack_byte_string(request, sizeof(request), "sdds", | |
665 | 0, command, sizeof(command), | |
666 | req_size_offset, | |
667 | sizeof(command) + key_length | |
668 | + TPM_REQUEST_AUTH_LENGTH, | |
669 | req_parent_handle_offset, parent_handle, | |
670 | req_key_offset, key, key_length | |
671 | )) | |
672 | return TPM_LIB_ERROR; | |
673 | ||
674 | err = create_request_auth(request, sizeof(command) + key_length, 4, | |
c6179187 MR |
675 | &oiap_session, |
676 | request + sizeof(command) + key_length, | |
677 | parent_key_usage_auth); | |
be6c1529 RP |
678 | if (err) |
679 | return err; | |
680 | err = tpm_sendrecv_command(request, response, &response_length); | |
681 | if (err) { | |
682 | if (err == TPM_AUTHFAIL) | |
683 | oiap_session.valid = 0; | |
684 | return err; | |
685 | } | |
686 | ||
687 | err = verify_response_auth(0x00000041, response, | |
c6179187 MR |
688 | response_length - TPM_RESPONSE_AUTH_LENGTH, |
689 | 4, &oiap_session, | |
690 | response + response_length - | |
691 | TPM_RESPONSE_AUTH_LENGTH, | |
692 | parent_key_usage_auth); | |
be6c1529 RP |
693 | if (err) |
694 | return err; | |
695 | ||
696 | if (key_handle) { | |
697 | if (unpack_byte_string(response, response_length, "d", | |
698 | res_handle_offset, key_handle)) | |
699 | return TPM_LIB_ERROR; | |
700 | } | |
701 | ||
702 | return 0; | |
703 | } | |
704 | ||
b9804e5b MR |
705 | u32 tpm_get_pub_key_oiap(u32 key_handle, const void *usage_auth, void *pubkey, |
706 | size_t *pubkey_len) | |
be6c1529 | 707 | { |
b9804e5b | 708 | const u8 command[14] = { |
be6c1529 RP |
709 | 0x00, 0xc2, /* TPM_TAG */ |
710 | 0x00, 0x00, 0x00, 0x00, /* parameter size */ | |
711 | 0x00, 0x00, 0x00, 0x21, /* TPM_COMMAND_CODE */ | |
712 | 0x00, 0x00, 0x00, 0x00, /* key handle */ | |
713 | }; | |
714 | const size_t req_size_offset = 2; | |
715 | const size_t req_key_handle_offset = TPM_REQUEST_HEADER_LENGTH; | |
716 | const size_t res_pubkey_offset = TPM_RESPONSE_HEADER_LENGTH; | |
b9804e5b MR |
717 | u8 request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH]; |
718 | u8 response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH + | |
719 | TPM_RESPONSE_AUTH_LENGTH]; | |
be6c1529 | 720 | size_t response_length = sizeof(response); |
b9804e5b | 721 | u32 err; |
be6c1529 RP |
722 | |
723 | if (!oiap_session.valid) { | |
724 | err = tpm_oiap(NULL); | |
725 | if (err) | |
726 | return err; | |
727 | } | |
728 | if (pack_byte_string(request, sizeof(request), "sdd", | |
729 | 0, command, sizeof(command), | |
730 | req_size_offset, | |
b9804e5b | 731 | (u32)(sizeof(command) |
be6c1529 RP |
732 | + TPM_REQUEST_AUTH_LENGTH), |
733 | req_key_handle_offset, key_handle | |
734 | )) | |
735 | return TPM_LIB_ERROR; | |
736 | err = create_request_auth(request, sizeof(command), 4, &oiap_session, | |
c6179187 | 737 | request + sizeof(command), usage_auth); |
be6c1529 RP |
738 | if (err) |
739 | return err; | |
740 | err = tpm_sendrecv_command(request, response, &response_length); | |
741 | if (err) { | |
742 | if (err == TPM_AUTHFAIL) | |
743 | oiap_session.valid = 0; | |
744 | return err; | |
745 | } | |
746 | err = verify_response_auth(0x00000021, response, | |
c6179187 MR |
747 | response_length - TPM_RESPONSE_AUTH_LENGTH, |
748 | 0, &oiap_session, | |
749 | response + response_length - | |
750 | TPM_RESPONSE_AUTH_LENGTH, | |
751 | usage_auth); | |
be6c1529 RP |
752 | if (err) |
753 | return err; | |
754 | ||
755 | if (pubkey) { | |
756 | if ((response_length - TPM_RESPONSE_HEADER_LENGTH | |
c6179187 | 757 | - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len) |
be6c1529 RP |
758 | return TPM_LIB_ERROR; |
759 | *pubkey_len = response_length - TPM_RESPONSE_HEADER_LENGTH | |
760 | - TPM_RESPONSE_AUTH_LENGTH; | |
761 | memcpy(pubkey, response + res_pubkey_offset, | |
762 | response_length - TPM_RESPONSE_HEADER_LENGTH | |
763 | - TPM_RESPONSE_AUTH_LENGTH); | |
764 | } | |
765 | ||
766 | return 0; | |
767 | } | |
768 | ||
0f4b2ba1 | 769 | #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 |
b9804e5b MR |
770 | u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20], |
771 | u32 *handle) | |
0f4b2ba1 | 772 | { |
b9804e5b MR |
773 | u16 key_count; |
774 | u32 key_handles[10]; | |
775 | u8 buf[288]; | |
776 | u8 *ptr; | |
777 | u32 err; | |
778 | u8 digest[20]; | |
0f4b2ba1 | 779 | size_t buf_len; |
780 | unsigned int i; | |
781 | ||
782 | /* fetch list of already loaded keys in the TPM */ | |
783 | err = tpm_get_capability(TPM_CAP_HANDLE, TPM_RT_KEY, buf, sizeof(buf)); | |
784 | if (err) | |
785 | return -1; | |
786 | key_count = get_unaligned_be16(buf); | |
787 | ptr = buf + 2; | |
788 | for (i = 0; i < key_count; ++i, ptr += 4) | |
789 | key_handles[i] = get_unaligned_be32(ptr); | |
790 | ||
791 | /* now search a(/ the) key which we can access with the given auth */ | |
792 | for (i = 0; i < key_count; ++i) { | |
793 | buf_len = sizeof(buf); | |
794 | err = tpm_get_pub_key_oiap(key_handles[i], auth, buf, &buf_len); | |
795 | if (err && err != TPM_AUTHFAIL) | |
796 | return -1; | |
797 | if (err) | |
798 | continue; | |
799 | sha1_csum(buf, buf_len, digest); | |
800 | if (!memcmp(digest, pubkey_digest, 20)) { | |
801 | *handle = key_handles[i]; | |
802 | return 0; | |
803 | } | |
804 | } | |
805 | return 1; | |
806 | } | |
807 | #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ | |
808 | ||
be6c1529 | 809 | #endif /* CONFIG_TPM_AUTH_SESSIONS */ |
3c605027 | 810 | |
b9804e5b | 811 | u32 tpm_get_random(void *data, u32 count) |
3c605027 | 812 | { |
b9804e5b | 813 | const u8 command[14] = { |
3c605027 AD |
814 | 0x0, 0xc1, /* TPM_TAG */ |
815 | 0x0, 0x0, 0x0, 0xe, /* parameter size */ | |
816 | 0x0, 0x0, 0x0, 0x46, /* TPM_COMMAND_CODE */ | |
817 | }; | |
818 | const size_t length_offset = 10; | |
819 | const size_t data_size_offset = 10; | |
820 | const size_t data_offset = 14; | |
b9804e5b | 821 | u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; |
3c605027 | 822 | size_t response_length = sizeof(response); |
b9804e5b MR |
823 | u32 data_size; |
824 | u8 *out = data; | |
3c605027 AD |
825 | |
826 | while (count > 0) { | |
b9804e5b MR |
827 | u32 this_bytes = min((size_t)count, |
828 | sizeof(response) - data_offset); | |
829 | u32 err; | |
3c605027 AD |
830 | |
831 | if (pack_byte_string(buf, sizeof(buf), "sd", | |
832 | 0, command, sizeof(command), | |
833 | length_offset, this_bytes)) | |
834 | return TPM_LIB_ERROR; | |
835 | err = tpm_sendrecv_command(buf, response, &response_length); | |
836 | if (err) | |
837 | return err; | |
838 | if (unpack_byte_string(response, response_length, "d", | |
839 | data_size_offset, &data_size)) | |
840 | return TPM_LIB_ERROR; | |
841 | if (data_size > count) | |
842 | return TPM_LIB_ERROR; | |
843 | if (unpack_byte_string(response, response_length, "s", | |
844 | data_offset, out, data_size)) | |
845 | return TPM_LIB_ERROR; | |
846 | ||
847 | count -= data_size; | |
848 | out += data_size; | |
849 | } | |
850 | ||
851 | return 0; | |
852 | } |