]>
Commit | Line | Data |
---|---|---|
8732b070 CC |
1 | /* |
2 | * Copyright (c) 2013 The Chromium OS Authors. | |
be6c1529 | 3 | * Coypright (c) 2013 Guntermann & Drunck GmbH |
8732b070 | 4 | * |
1a459660 | 5 | * SPDX-License-Identifier: GPL-2.0+ |
8732b070 CC |
6 | */ |
7 | ||
8 | #include <common.h> | |
c8a8c510 | 9 | #include <dm.h> |
8732b070 CC |
10 | #include <tpm.h> |
11 | #include <asm/unaligned.h> | |
c8a8c510 | 12 | #include <u-boot/sha1.h> |
8732b070 CC |
13 | |
14 | /* Internal error of TPM command library */ | |
15 | #define TPM_LIB_ERROR ((uint32_t)~0u) | |
16 | ||
17 | /* Useful constants */ | |
18 | enum { | |
19 | COMMAND_BUFFER_SIZE = 256, | |
8732b070 CC |
20 | TPM_REQUEST_HEADER_LENGTH = 10, |
21 | TPM_RESPONSE_HEADER_LENGTH = 10, | |
22 | PCR_DIGEST_LENGTH = 20, | |
be6c1529 RP |
23 | DIGEST_LENGTH = 20, |
24 | TPM_REQUEST_AUTH_LENGTH = 45, | |
25 | TPM_RESPONSE_AUTH_LENGTH = 41, | |
26 | /* some max lengths, valid for RSA keys <= 2048 bits */ | |
27 | TPM_KEY12_MAX_LENGTH = 618, | |
28 | TPM_PUBKEY_MAX_LENGTH = 288, | |
8732b070 CC |
29 | }; |
30 | ||
be6c1529 RP |
31 | #ifdef CONFIG_TPM_AUTH_SESSIONS |
32 | ||
33 | #ifndef CONFIG_SHA1 | |
34 | #error "TPM_AUTH_SESSIONS require SHA1 to be configured, too" | |
35 | #endif /* !CONFIG_SHA1 */ | |
36 | ||
37 | struct session_data { | |
38 | int valid; | |
39 | uint32_t handle; | |
40 | uint8_t nonce_even[DIGEST_LENGTH]; | |
41 | uint8_t nonce_odd[DIGEST_LENGTH]; | |
42 | }; | |
43 | ||
44 | static struct session_data oiap_session = {0, }; | |
45 | ||
46 | #endif /* CONFIG_TPM_AUTH_SESSIONS */ | |
47 | ||
8732b070 CC |
48 | /** |
49 | * Pack data into a byte string. The data types are specified in | |
50 | * the format string: 'b' means unsigned byte, 'w' unsigned word, | |
51 | * 'd' unsigned double word, and 's' byte string. The data are a | |
52 | * series of offsets and values (for type byte string there are also | |
53 | * lengths). The data values are packed into the byte string | |
54 | * sequentially, and so a latter value could over-write a former | |
55 | * value. | |
56 | * | |
57 | * @param str output string | |
58 | * @param size size of output string | |
59 | * @param format format string | |
60 | * @param ... data points | |
61 | * @return 0 on success, non-0 on error | |
62 | */ | |
63 | int pack_byte_string(uint8_t *str, size_t size, const char *format, ...) | |
64 | { | |
65 | va_list args; | |
66 | size_t offset = 0, length = 0; | |
67 | uint8_t *data = NULL; | |
68 | uint32_t value = 0; | |
69 | ||
70 | va_start(args, format); | |
71 | for (; *format; format++) { | |
72 | switch (*format) { | |
73 | case 'b': | |
74 | offset = va_arg(args, size_t); | |
75 | value = va_arg(args, int); | |
76 | length = 1; | |
77 | break; | |
78 | case 'w': | |
79 | offset = va_arg(args, size_t); | |
80 | value = va_arg(args, int); | |
81 | length = 2; | |
82 | break; | |
83 | case 'd': | |
84 | offset = va_arg(args, size_t); | |
85 | value = va_arg(args, uint32_t); | |
86 | length = 4; | |
87 | break; | |
88 | case 's': | |
89 | offset = va_arg(args, size_t); | |
90 | data = va_arg(args, uint8_t *); | |
91 | length = va_arg(args, uint32_t); | |
92 | break; | |
93 | default: | |
94 | debug("Couldn't recognize format string\n"); | |
95 | return -1; | |
96 | } | |
97 | ||
98 | if (offset + length > size) | |
99 | return -1; | |
100 | ||
101 | switch (*format) { | |
102 | case 'b': | |
103 | str[offset] = value; | |
104 | break; | |
105 | case 'w': | |
106 | put_unaligned_be16(value, str + offset); | |
107 | break; | |
108 | case 'd': | |
109 | put_unaligned_be32(value, str + offset); | |
110 | break; | |
111 | case 's': | |
112 | memcpy(str + offset, data, length); | |
113 | break; | |
114 | } | |
115 | } | |
116 | va_end(args); | |
117 | ||
118 | return 0; | |
119 | } | |
120 | ||
121 | /** | |
122 | * Unpack data from a byte string. The data types are specified in | |
123 | * the format string: 'b' means unsigned byte, 'w' unsigned word, | |
124 | * 'd' unsigned double word, and 's' byte string. The data are a | |
125 | * series of offsets and pointers (for type byte string there are also | |
126 | * lengths). | |
127 | * | |
128 | * @param str output string | |
129 | * @param size size of output string | |
130 | * @param format format string | |
131 | * @param ... data points | |
132 | * @return 0 on success, non-0 on error | |
133 | */ | |
134 | int unpack_byte_string(const uint8_t *str, size_t size, const char *format, ...) | |
135 | { | |
136 | va_list args; | |
137 | size_t offset = 0, length = 0; | |
138 | uint8_t *ptr8 = NULL; | |
139 | uint16_t *ptr16 = NULL; | |
140 | uint32_t *ptr32 = NULL; | |
141 | ||
142 | va_start(args, format); | |
143 | for (; *format; format++) { | |
144 | switch (*format) { | |
145 | case 'b': | |
146 | offset = va_arg(args, size_t); | |
147 | ptr8 = va_arg(args, uint8_t *); | |
148 | length = 1; | |
149 | break; | |
150 | case 'w': | |
151 | offset = va_arg(args, size_t); | |
152 | ptr16 = va_arg(args, uint16_t *); | |
153 | length = 2; | |
154 | break; | |
155 | case 'd': | |
156 | offset = va_arg(args, size_t); | |
157 | ptr32 = va_arg(args, uint32_t *); | |
158 | length = 4; | |
159 | break; | |
160 | case 's': | |
161 | offset = va_arg(args, size_t); | |
162 | ptr8 = va_arg(args, uint8_t *); | |
163 | length = va_arg(args, uint32_t); | |
164 | break; | |
165 | default: | |
166 | debug("Couldn't recognize format string\n"); | |
167 | return -1; | |
168 | } | |
169 | ||
170 | if (offset + length > size) | |
171 | return -1; | |
172 | ||
173 | switch (*format) { | |
174 | case 'b': | |
175 | *ptr8 = str[offset]; | |
176 | break; | |
177 | case 'w': | |
178 | *ptr16 = get_unaligned_be16(str + offset); | |
179 | break; | |
180 | case 'd': | |
181 | *ptr32 = get_unaligned_be32(str + offset); | |
182 | break; | |
183 | case 's': | |
184 | memcpy(ptr8, str + offset, length); | |
185 | break; | |
186 | } | |
187 | } | |
188 | va_end(args); | |
189 | ||
190 | return 0; | |
191 | } | |
192 | ||
193 | /** | |
194 | * Get TPM command size. | |
195 | * | |
196 | * @param command byte string of TPM command | |
197 | * @return command size of the TPM command | |
198 | */ | |
199 | static uint32_t tpm_command_size(const void *command) | |
200 | { | |
201 | const size_t command_size_offset = 2; | |
202 | return get_unaligned_be32(command + command_size_offset); | |
203 | } | |
204 | ||
205 | /** | |
206 | * Get TPM response return code, which is one of TPM_RESULT values. | |
207 | * | |
208 | * @param response byte string of TPM response | |
209 | * @return return code of the TPM response | |
210 | */ | |
211 | static uint32_t tpm_return_code(const void *response) | |
212 | { | |
213 | const size_t return_code_offset = 6; | |
214 | return get_unaligned_be32(response + return_code_offset); | |
215 | } | |
216 | ||
217 | /** | |
218 | * Send a TPM command and return response's return code, and optionally | |
219 | * return response to caller. | |
220 | * | |
221 | * @param command byte string of TPM command | |
222 | * @param response output buffer for TPM response, or NULL if the | |
223 | * caller does not care about it | |
224 | * @param size_ptr output buffer size (input parameter) and TPM | |
225 | * response length (output parameter); this parameter | |
226 | * is a bidirectional | |
227 | * @return return code of the TPM response | |
228 | */ | |
229 | static uint32_t tpm_sendrecv_command(const void *command, | |
230 | void *response, size_t *size_ptr) | |
231 | { | |
c2b0f600 | 232 | struct udevice *dev; |
667d6856 | 233 | int err, ret; |
8732b070 CC |
234 | uint8_t response_buffer[COMMAND_BUFFER_SIZE]; |
235 | size_t response_length; | |
8732b070 CC |
236 | |
237 | if (response) { | |
238 | response_length = *size_ptr; | |
239 | } else { | |
240 | response = response_buffer; | |
241 | response_length = sizeof(response_buffer); | |
242 | } | |
c8a8c510 | 243 | |
3f603cbb | 244 | ret = uclass_first_device_err(UCLASS_TPM, &dev); |
c8a8c510 SG |
245 | if (ret) |
246 | return ret; | |
247 | err = tpm_xfer(dev, command, tpm_command_size(command), | |
248 | response, &response_length); | |
c2b0f600 | 249 | |
c8a8c510 | 250 | if (err < 0) |
8732b070 | 251 | return TPM_LIB_ERROR; |
be6c1529 | 252 | if (size_ptr) |
8732b070 CC |
253 | *size_ptr = response_length; |
254 | ||
255 | return tpm_return_code(response); | |
256 | } | |
257 | ||
c8a8c510 | 258 | int tpm_init(void) |
8732b070 | 259 | { |
c8a8c510 | 260 | int err; |
c8a8c510 SG |
261 | struct udevice *dev; |
262 | ||
3f603cbb SG |
263 | err = uclass_first_device_err(UCLASS_TPM, &dev); |
264 | if (err) | |
c8a8c510 SG |
265 | return err; |
266 | return tpm_open(dev); | |
8732b070 CC |
267 | } |
268 | ||
269 | uint32_t tpm_startup(enum tpm_startup_type mode) | |
270 | { | |
271 | const uint8_t command[12] = { | |
272 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0, | |
273 | }; | |
274 | const size_t mode_offset = 10; | |
275 | uint8_t buf[COMMAND_BUFFER_SIZE]; | |
276 | ||
277 | if (pack_byte_string(buf, sizeof(buf), "sw", | |
278 | 0, command, sizeof(command), | |
279 | mode_offset, mode)) | |
280 | return TPM_LIB_ERROR; | |
281 | ||
282 | return tpm_sendrecv_command(buf, NULL, NULL); | |
283 | } | |
284 | ||
285 | uint32_t tpm_self_test_full(void) | |
286 | { | |
287 | const uint8_t command[10] = { | |
288 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50, | |
289 | }; | |
290 | return tpm_sendrecv_command(command, NULL, NULL); | |
291 | } | |
292 | ||
293 | uint32_t tpm_continue_self_test(void) | |
294 | { | |
295 | const uint8_t command[10] = { | |
296 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53, | |
297 | }; | |
298 | return tpm_sendrecv_command(command, NULL, NULL); | |
299 | } | |
300 | ||
301 | uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size) | |
302 | { | |
303 | const uint8_t command[101] = { | |
304 | 0x0, 0xc1, /* TPM_TAG */ | |
305 | 0x0, 0x0, 0x0, 0x65, /* parameter size */ | |
306 | 0x0, 0x0, 0x0, 0xcc, /* TPM_COMMAND_CODE */ | |
307 | /* TPM_NV_DATA_PUBLIC->... */ | |
308 | 0x0, 0x18, /* ...->TPM_STRUCTURE_TAG */ | |
309 | 0, 0, 0, 0, /* ...->TPM_NV_INDEX */ | |
310 | /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */ | |
311 | 0x0, 0x3, | |
312 | 0, 0, 0, | |
313 | 0x1f, | |
314 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
315 | /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */ | |
316 | 0x0, 0x3, | |
317 | 0, 0, 0, | |
318 | 0x1f, | |
319 | 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, | |
320 | /* TPM_NV_ATTRIBUTES->... */ | |
321 | 0x0, 0x17, /* ...->TPM_STRUCTURE_TAG */ | |
322 | 0, 0, 0, 0, /* ...->attributes */ | |
323 | /* End of TPM_NV_ATTRIBUTES */ | |
324 | 0, /* bReadSTClear */ | |
325 | 0, /* bWriteSTClear */ | |
326 | 0, /* bWriteDefine */ | |
327 | 0, 0, 0, 0, /* size */ | |
328 | }; | |
329 | const size_t index_offset = 12; | |
330 | const size_t perm_offset = 70; | |
331 | const size_t size_offset = 77; | |
332 | uint8_t buf[COMMAND_BUFFER_SIZE]; | |
333 | ||
334 | if (pack_byte_string(buf, sizeof(buf), "sddd", | |
335 | 0, command, sizeof(command), | |
336 | index_offset, index, | |
337 | perm_offset, perm, | |
338 | size_offset, size)) | |
339 | return TPM_LIB_ERROR; | |
340 | ||
341 | return tpm_sendrecv_command(buf, NULL, NULL); | |
342 | } | |
343 | ||
344 | uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count) | |
345 | { | |
346 | const uint8_t command[22] = { | |
347 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf, | |
348 | }; | |
349 | const size_t index_offset = 10; | |
350 | const size_t length_offset = 18; | |
351 | const size_t data_size_offset = 10; | |
352 | const size_t data_offset = 14; | |
353 | uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; | |
354 | size_t response_length = sizeof(response); | |
355 | uint32_t data_size; | |
356 | uint32_t err; | |
357 | ||
358 | if (pack_byte_string(buf, sizeof(buf), "sdd", | |
359 | 0, command, sizeof(command), | |
360 | index_offset, index, | |
361 | length_offset, count)) | |
362 | return TPM_LIB_ERROR; | |
363 | err = tpm_sendrecv_command(buf, response, &response_length); | |
364 | if (err) | |
365 | return err; | |
366 | if (unpack_byte_string(response, response_length, "d", | |
367 | data_size_offset, &data_size)) | |
368 | return TPM_LIB_ERROR; | |
369 | if (data_size > count) | |
370 | return TPM_LIB_ERROR; | |
371 | if (unpack_byte_string(response, response_length, "s", | |
372 | data_offset, data, data_size)) | |
373 | return TPM_LIB_ERROR; | |
374 | ||
375 | return 0; | |
376 | } | |
377 | ||
378 | uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length) | |
379 | { | |
380 | const uint8_t command[256] = { | |
381 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd, | |
382 | }; | |
383 | const size_t command_size_offset = 2; | |
384 | const size_t index_offset = 10; | |
385 | const size_t length_offset = 18; | |
386 | const size_t data_offset = 22; | |
387 | const size_t write_info_size = 12; | |
388 | const uint32_t total_length = | |
389 | TPM_REQUEST_HEADER_LENGTH + write_info_size + length; | |
390 | uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; | |
391 | size_t response_length = sizeof(response); | |
392 | uint32_t err; | |
393 | ||
394 | if (pack_byte_string(buf, sizeof(buf), "sddds", | |
395 | 0, command, sizeof(command), | |
396 | command_size_offset, total_length, | |
397 | index_offset, index, | |
398 | length_offset, length, | |
399 | data_offset, data, length)) | |
400 | return TPM_LIB_ERROR; | |
401 | err = tpm_sendrecv_command(buf, response, &response_length); | |
402 | if (err) | |
403 | return err; | |
404 | ||
405 | return 0; | |
406 | } | |
407 | ||
408 | uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest) | |
409 | { | |
410 | const uint8_t command[34] = { | |
411 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14, | |
412 | }; | |
413 | const size_t index_offset = 10; | |
414 | const size_t in_digest_offset = 14; | |
415 | const size_t out_digest_offset = 10; | |
416 | uint8_t buf[COMMAND_BUFFER_SIZE]; | |
417 | uint8_t response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH]; | |
418 | size_t response_length = sizeof(response); | |
419 | uint32_t err; | |
420 | ||
421 | if (pack_byte_string(buf, sizeof(buf), "sds", | |
422 | 0, command, sizeof(command), | |
423 | index_offset, index, | |
424 | in_digest_offset, in_digest, | |
425 | PCR_DIGEST_LENGTH)) | |
426 | return TPM_LIB_ERROR; | |
427 | err = tpm_sendrecv_command(buf, response, &response_length); | |
428 | if (err) | |
429 | return err; | |
430 | ||
431 | if (unpack_byte_string(response, response_length, "s", | |
432 | out_digest_offset, out_digest, | |
433 | PCR_DIGEST_LENGTH)) | |
434 | return TPM_LIB_ERROR; | |
435 | ||
436 | return 0; | |
437 | } | |
438 | ||
439 | uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count) | |
440 | { | |
441 | const uint8_t command[14] = { | |
442 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15, | |
443 | }; | |
444 | const size_t index_offset = 10; | |
445 | const size_t out_digest_offset = 10; | |
446 | uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; | |
447 | size_t response_length = sizeof(response); | |
448 | uint32_t err; | |
449 | ||
450 | if (count < PCR_DIGEST_LENGTH) | |
451 | return TPM_LIB_ERROR; | |
452 | ||
453 | if (pack_byte_string(buf, sizeof(buf), "sd", | |
454 | 0, command, sizeof(command), | |
455 | index_offset, index)) | |
456 | return TPM_LIB_ERROR; | |
457 | err = tpm_sendrecv_command(buf, response, &response_length); | |
458 | if (err) | |
459 | return err; | |
460 | if (unpack_byte_string(response, response_length, "s", | |
461 | out_digest_offset, data, PCR_DIGEST_LENGTH)) | |
462 | return TPM_LIB_ERROR; | |
463 | ||
464 | return 0; | |
465 | } | |
466 | ||
467 | uint32_t tpm_tsc_physical_presence(uint16_t presence) | |
468 | { | |
469 | const uint8_t command[12] = { | |
470 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0, | |
471 | }; | |
472 | const size_t presence_offset = 10; | |
473 | uint8_t buf[COMMAND_BUFFER_SIZE]; | |
474 | ||
475 | if (pack_byte_string(buf, sizeof(buf), "sw", | |
476 | 0, command, sizeof(command), | |
477 | presence_offset, presence)) | |
478 | return TPM_LIB_ERROR; | |
479 | ||
480 | return tpm_sendrecv_command(buf, NULL, NULL); | |
481 | } | |
482 | ||
483 | uint32_t tpm_read_pubek(void *data, size_t count) | |
484 | { | |
485 | const uint8_t command[30] = { | |
486 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c, | |
487 | }; | |
488 | const size_t response_size_offset = 2; | |
489 | const size_t data_offset = 10; | |
490 | const size_t header_and_checksum_size = TPM_RESPONSE_HEADER_LENGTH + 20; | |
491 | uint8_t response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE]; | |
492 | size_t response_length = sizeof(response); | |
493 | uint32_t data_size; | |
494 | uint32_t err; | |
495 | ||
496 | err = tpm_sendrecv_command(command, response, &response_length); | |
497 | if (err) | |
498 | return err; | |
499 | if (unpack_byte_string(response, response_length, "d", | |
500 | response_size_offset, &data_size)) | |
501 | return TPM_LIB_ERROR; | |
502 | if (data_size < header_and_checksum_size) | |
503 | return TPM_LIB_ERROR; | |
504 | data_size -= header_and_checksum_size; | |
505 | if (data_size > count) | |
506 | return TPM_LIB_ERROR; | |
507 | if (unpack_byte_string(response, response_length, "s", | |
508 | data_offset, data, data_size)) | |
509 | return TPM_LIB_ERROR; | |
510 | ||
511 | return 0; | |
512 | } | |
513 | ||
514 | uint32_t tpm_force_clear(void) | |
515 | { | |
516 | const uint8_t command[10] = { | |
517 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d, | |
518 | }; | |
519 | ||
520 | return tpm_sendrecv_command(command, NULL, NULL); | |
521 | } | |
522 | ||
523 | uint32_t tpm_physical_enable(void) | |
524 | { | |
525 | const uint8_t command[10] = { | |
526 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f, | |
527 | }; | |
528 | ||
529 | return tpm_sendrecv_command(command, NULL, NULL); | |
530 | } | |
531 | ||
532 | uint32_t tpm_physical_disable(void) | |
533 | { | |
534 | const uint8_t command[10] = { | |
535 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70, | |
536 | }; | |
537 | ||
538 | return tpm_sendrecv_command(command, NULL, NULL); | |
539 | } | |
540 | ||
541 | uint32_t tpm_physical_set_deactivated(uint8_t state) | |
542 | { | |
543 | const uint8_t command[11] = { | |
544 | 0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72, | |
545 | }; | |
546 | const size_t state_offset = 10; | |
547 | uint8_t buf[COMMAND_BUFFER_SIZE]; | |
548 | ||
549 | if (pack_byte_string(buf, sizeof(buf), "sb", | |
550 | 0, command, sizeof(command), | |
551 | state_offset, state)) | |
552 | return TPM_LIB_ERROR; | |
553 | ||
554 | return tpm_sendrecv_command(buf, NULL, NULL); | |
555 | } | |
556 | ||
557 | uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, | |
558 | void *cap, size_t count) | |
559 | { | |
560 | const uint8_t command[22] = { | |
561 | 0x0, 0xc1, /* TPM_TAG */ | |
562 | 0x0, 0x0, 0x0, 0x16, /* parameter size */ | |
563 | 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ | |
564 | 0x0, 0x0, 0x0, 0x0, /* TPM_CAPABILITY_AREA */ | |
565 | 0x0, 0x0, 0x0, 0x4, /* subcap size */ | |
566 | 0x0, 0x0, 0x0, 0x0, /* subcap value */ | |
567 | }; | |
568 | const size_t cap_area_offset = 10; | |
569 | const size_t sub_cap_offset = 18; | |
570 | const size_t cap_offset = 14; | |
571 | const size_t cap_size_offset = 10; | |
572 | uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; | |
573 | size_t response_length = sizeof(response); | |
574 | uint32_t cap_size; | |
575 | uint32_t err; | |
576 | ||
577 | if (pack_byte_string(buf, sizeof(buf), "sdd", | |
578 | 0, command, sizeof(command), | |
579 | cap_area_offset, cap_area, | |
580 | sub_cap_offset, sub_cap)) | |
581 | return TPM_LIB_ERROR; | |
582 | err = tpm_sendrecv_command(buf, response, &response_length); | |
583 | if (err) | |
584 | return err; | |
585 | if (unpack_byte_string(response, response_length, "d", | |
586 | cap_size_offset, &cap_size)) | |
587 | return TPM_LIB_ERROR; | |
588 | if (cap_size > response_length || cap_size > count) | |
589 | return TPM_LIB_ERROR; | |
590 | if (unpack_byte_string(response, response_length, "s", | |
591 | cap_offset, cap, cap_size)) | |
592 | return TPM_LIB_ERROR; | |
593 | ||
594 | return 0; | |
595 | } | |
be6c1529 | 596 | |
2132f971 SG |
597 | uint32_t tpm_get_permanent_flags(struct tpm_permanent_flags *pflags) |
598 | { | |
599 | const uint8_t command[22] = { | |
600 | 0x0, 0xc1, /* TPM_TAG */ | |
601 | 0x0, 0x0, 0x0, 0x16, /* parameter size */ | |
602 | 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ | |
603 | 0x0, 0x0, 0x0, 0x4, /* TPM_CAP_FLAG_PERM */ | |
604 | 0x0, 0x0, 0x0, 0x4, /* subcap size */ | |
605 | 0x0, 0x0, 0x1, 0x8, /* subcap value */ | |
606 | }; | |
607 | uint8_t response[COMMAND_BUFFER_SIZE]; | |
608 | size_t response_length = sizeof(response); | |
609 | uint32_t err; | |
610 | ||
611 | err = tpm_sendrecv_command(command, response, &response_length); | |
612 | if (err) | |
613 | return err; | |
614 | memcpy(pflags, response + TPM_HEADER_SIZE, sizeof(*pflags)); | |
615 | ||
616 | return 0; | |
617 | } | |
618 | ||
619 | uint32_t tpm_get_permissions(uint32_t index, uint32_t *perm) | |
620 | { | |
621 | const uint8_t command[22] = { | |
622 | 0x0, 0xc1, /* TPM_TAG */ | |
623 | 0x0, 0x0, 0x0, 0x16, /* parameter size */ | |
624 | 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ | |
625 | 0x0, 0x0, 0x0, 0x11, | |
626 | 0x0, 0x0, 0x0, 0x4, | |
627 | }; | |
628 | const size_t index_offset = 18; | |
629 | const size_t perm_offset = 60; | |
630 | uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; | |
631 | size_t response_length = sizeof(response); | |
632 | uint32_t err; | |
633 | ||
634 | if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command), | |
635 | index_offset, index)) | |
636 | return TPM_LIB_ERROR; | |
637 | err = tpm_sendrecv_command(buf, response, &response_length); | |
638 | if (err) | |
639 | return err; | |
640 | if (unpack_byte_string(response, response_length, "d", | |
641 | perm_offset, perm)) | |
642 | return TPM_LIB_ERROR; | |
643 | ||
644 | return 0; | |
645 | } | |
646 | ||
7690be35 MS |
647 | #ifdef CONFIG_TPM_FLUSH_RESOURCES |
648 | uint32_t tpm_flush_specific(uint32_t key_handle, uint32_t resource_type) | |
649 | { | |
650 | const uint8_t command[18] = { | |
651 | 0x00, 0xc1, /* TPM_TAG */ | |
652 | 0x00, 0x00, 0x00, 0x12, /* parameter size */ | |
653 | 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ | |
654 | 0x00, 0x00, 0x00, 0x00, /* key handle */ | |
655 | 0x00, 0x00, 0x00, 0x00, /* resource type */ | |
656 | }; | |
657 | const size_t key_handle_offset = 10; | |
658 | const size_t resource_type_offset = 14; | |
659 | uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; | |
660 | size_t response_length = sizeof(response); | |
661 | uint32_t err; | |
662 | ||
663 | if (pack_byte_string(buf, sizeof(buf), "sdd", | |
664 | 0, command, sizeof(command), | |
665 | key_handle_offset, key_handle, | |
666 | resource_type_offset, resource_type)) | |
667 | return TPM_LIB_ERROR; | |
668 | ||
669 | err = tpm_sendrecv_command(buf, response, &response_length); | |
670 | if (err) | |
671 | return err; | |
672 | return 0; | |
673 | } | |
674 | #endif /* CONFIG_TPM_FLUSH_RESOURCES */ | |
675 | ||
be6c1529 RP |
676 | #ifdef CONFIG_TPM_AUTH_SESSIONS |
677 | ||
678 | /** | |
679 | * Fill an authentication block in a request. | |
680 | * This func can create the first as well as the second auth block (for | |
681 | * double authorized commands). | |
682 | * | |
683 | * @param request pointer to the request (w/ uninitialised auth data) | |
684 | * @param request_len0 length of the request without auth data | |
685 | * @param handles_len length of the handles area in request | |
686 | * @param auth_session pointer to the (valid) auth session to be used | |
687 | * @param request_auth pointer to the auth block of the request to be filled | |
688 | * @param auth authentication data (HMAC key) | |
689 | */ | |
690 | static uint32_t create_request_auth(const void *request, size_t request_len0, | |
691 | size_t handles_len, | |
692 | struct session_data *auth_session, | |
693 | void *request_auth, const void *auth) | |
694 | { | |
695 | uint8_t hmac_data[DIGEST_LENGTH * 3 + 1]; | |
696 | sha1_context hash_ctx; | |
697 | const size_t command_code_offset = 6; | |
698 | const size_t auth_nonce_odd_offset = 4; | |
699 | const size_t auth_continue_offset = 24; | |
700 | const size_t auth_auth_offset = 25; | |
701 | ||
702 | if (!auth_session || !auth_session->valid) | |
703 | return TPM_LIB_ERROR; | |
704 | ||
705 | sha1_starts(&hash_ctx); | |
706 | sha1_update(&hash_ctx, request + command_code_offset, 4); | |
707 | if (request_len0 > TPM_REQUEST_HEADER_LENGTH + handles_len) | |
708 | sha1_update(&hash_ctx, | |
709 | request + TPM_REQUEST_HEADER_LENGTH + handles_len, | |
710 | request_len0 - TPM_REQUEST_HEADER_LENGTH | |
711 | - handles_len); | |
712 | sha1_finish(&hash_ctx, hmac_data); | |
713 | ||
714 | sha1_starts(&hash_ctx); | |
715 | sha1_update(&hash_ctx, auth_session->nonce_odd, DIGEST_LENGTH); | |
716 | sha1_update(&hash_ctx, hmac_data, sizeof(hmac_data)); | |
717 | sha1_finish(&hash_ctx, auth_session->nonce_odd); | |
718 | ||
719 | if (pack_byte_string(request_auth, TPM_REQUEST_AUTH_LENGTH, "dsb", | |
720 | 0, auth_session->handle, | |
721 | auth_nonce_odd_offset, auth_session->nonce_odd, | |
722 | DIGEST_LENGTH, | |
723 | auth_continue_offset, 1)) | |
724 | return TPM_LIB_ERROR; | |
725 | if (pack_byte_string(hmac_data, sizeof(hmac_data), "ss", | |
726 | DIGEST_LENGTH, | |
727 | auth_session->nonce_even, | |
728 | DIGEST_LENGTH, | |
729 | 2 * DIGEST_LENGTH, | |
730 | request_auth + auth_nonce_odd_offset, | |
731 | DIGEST_LENGTH + 1)) | |
732 | return TPM_LIB_ERROR; | |
733 | sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data), | |
734 | request_auth + auth_auth_offset); | |
735 | ||
736 | return TPM_SUCCESS; | |
737 | } | |
738 | ||
739 | /** | |
740 | * Verify an authentication block in a response. | |
741 | * Since this func updates the nonce_even in the session data it has to be | |
742 | * called when receiving a succesfull AUTH response. | |
743 | * This func can verify the first as well as the second auth block (for | |
744 | * double authorized commands). | |
745 | * | |
746 | * @param command_code command code of the request | |
747 | * @param response pointer to the request (w/ uninitialised auth data) | |
748 | * @param handles_len length of the handles area in response | |
749 | * @param auth_session pointer to the (valid) auth session to be used | |
750 | * @param response_auth pointer to the auth block of the response to be verified | |
751 | * @param auth authentication data (HMAC key) | |
752 | */ | |
753 | static uint32_t verify_response_auth(uint32_t command_code, | |
754 | const void *response, size_t response_len0, | |
755 | size_t handles_len, | |
756 | struct session_data *auth_session, | |
757 | const void *response_auth, const void *auth) | |
758 | { | |
759 | uint8_t hmac_data[DIGEST_LENGTH * 3 + 1]; | |
760 | uint8_t computed_auth[DIGEST_LENGTH]; | |
761 | sha1_context hash_ctx; | |
762 | const size_t return_code_offset = 6; | |
763 | const size_t auth_continue_offset = 20; | |
764 | const size_t auth_auth_offset = 21; | |
765 | uint8_t auth_continue; | |
766 | ||
767 | if (!auth_session || !auth_session->valid) | |
768 | return TPM_AUTHFAIL; | |
769 | if (pack_byte_string(hmac_data, sizeof(hmac_data), "d", | |
770 | 0, command_code)) | |
771 | return TPM_LIB_ERROR; | |
772 | if (response_len0 < TPM_RESPONSE_HEADER_LENGTH) | |
773 | return TPM_LIB_ERROR; | |
774 | ||
775 | sha1_starts(&hash_ctx); | |
776 | sha1_update(&hash_ctx, response + return_code_offset, 4); | |
777 | sha1_update(&hash_ctx, hmac_data, 4); | |
778 | if (response_len0 > TPM_RESPONSE_HEADER_LENGTH + handles_len) | |
779 | sha1_update(&hash_ctx, | |
780 | response + TPM_RESPONSE_HEADER_LENGTH + handles_len, | |
781 | response_len0 - TPM_RESPONSE_HEADER_LENGTH | |
782 | - handles_len); | |
783 | sha1_finish(&hash_ctx, hmac_data); | |
784 | ||
785 | memcpy(auth_session->nonce_even, response_auth, DIGEST_LENGTH); | |
786 | auth_continue = ((uint8_t *)response_auth)[auth_continue_offset]; | |
787 | if (pack_byte_string(hmac_data, sizeof(hmac_data), "ssb", | |
788 | DIGEST_LENGTH, | |
789 | response_auth, | |
790 | DIGEST_LENGTH, | |
791 | 2 * DIGEST_LENGTH, | |
792 | auth_session->nonce_odd, | |
793 | DIGEST_LENGTH, | |
794 | 3 * DIGEST_LENGTH, | |
795 | auth_continue)) | |
796 | return TPM_LIB_ERROR; | |
797 | ||
798 | sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data), | |
799 | computed_auth); | |
800 | ||
801 | if (memcmp(computed_auth, response_auth + auth_auth_offset, | |
802 | DIGEST_LENGTH)) | |
803 | return TPM_AUTHFAIL; | |
804 | ||
805 | return TPM_SUCCESS; | |
806 | } | |
807 | ||
808 | ||
809 | uint32_t tpm_terminate_auth_session(uint32_t auth_handle) | |
810 | { | |
811 | const uint8_t command[18] = { | |
812 | 0x00, 0xc1, /* TPM_TAG */ | |
813 | 0x00, 0x00, 0x00, 0x00, /* parameter size */ | |
814 | 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ | |
815 | 0x00, 0x00, 0x00, 0x00, /* TPM_HANDLE */ | |
816 | 0x00, 0x00, 0x00, 0x02, /* TPM_RESSOURCE_TYPE */ | |
817 | }; | |
818 | const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH; | |
819 | uint8_t request[COMMAND_BUFFER_SIZE]; | |
820 | ||
821 | if (pack_byte_string(request, sizeof(request), "sd", | |
822 | 0, command, sizeof(command), | |
823 | req_handle_offset, auth_handle)) | |
824 | return TPM_LIB_ERROR; | |
825 | if (oiap_session.valid && oiap_session.handle == auth_handle) | |
826 | oiap_session.valid = 0; | |
827 | ||
828 | return tpm_sendrecv_command(request, NULL, NULL); | |
829 | } | |
830 | ||
831 | uint32_t tpm_end_oiap(void) | |
832 | { | |
833 | uint32_t err = TPM_SUCCESS; | |
834 | if (oiap_session.valid) | |
835 | err = tpm_terminate_auth_session(oiap_session.handle); | |
836 | return err; | |
837 | } | |
838 | ||
839 | uint32_t tpm_oiap(uint32_t *auth_handle) | |
840 | { | |
841 | const uint8_t command[10] = { | |
842 | 0x00, 0xc1, /* TPM_TAG */ | |
843 | 0x00, 0x00, 0x00, 0x0a, /* parameter size */ | |
844 | 0x00, 0x00, 0x00, 0x0a, /* TPM_COMMAND_CODE */ | |
845 | }; | |
846 | const size_t res_auth_handle_offset = TPM_RESPONSE_HEADER_LENGTH; | |
847 | const size_t res_nonce_even_offset = TPM_RESPONSE_HEADER_LENGTH + 4; | |
848 | uint8_t response[COMMAND_BUFFER_SIZE]; | |
849 | size_t response_length = sizeof(response); | |
850 | uint32_t err; | |
851 | ||
852 | if (oiap_session.valid) | |
853 | tpm_terminate_auth_session(oiap_session.handle); | |
854 | ||
855 | err = tpm_sendrecv_command(command, response, &response_length); | |
856 | if (err) | |
857 | return err; | |
858 | if (unpack_byte_string(response, response_length, "ds", | |
859 | res_auth_handle_offset, &oiap_session.handle, | |
860 | res_nonce_even_offset, &oiap_session.nonce_even, | |
861 | (uint32_t)DIGEST_LENGTH)) | |
862 | return TPM_LIB_ERROR; | |
863 | oiap_session.valid = 1; | |
864 | if (auth_handle) | |
865 | *auth_handle = oiap_session.handle; | |
866 | return 0; | |
867 | } | |
868 | ||
869 | uint32_t tpm_load_key2_oiap(uint32_t parent_handle, | |
870 | const void *key, size_t key_length, | |
871 | const void *parent_key_usage_auth, | |
872 | uint32_t *key_handle) | |
873 | { | |
874 | const uint8_t command[14] = { | |
875 | 0x00, 0xc2, /* TPM_TAG */ | |
876 | 0x00, 0x00, 0x00, 0x00, /* parameter size */ | |
877 | 0x00, 0x00, 0x00, 0x41, /* TPM_COMMAND_CODE */ | |
878 | 0x00, 0x00, 0x00, 0x00, /* parent handle */ | |
879 | }; | |
880 | const size_t req_size_offset = 2; | |
881 | const size_t req_parent_handle_offset = TPM_REQUEST_HEADER_LENGTH; | |
882 | const size_t req_key_offset = TPM_REQUEST_HEADER_LENGTH + 4; | |
883 | const size_t res_handle_offset = TPM_RESPONSE_HEADER_LENGTH; | |
884 | uint8_t request[sizeof(command) + TPM_KEY12_MAX_LENGTH | |
885 | + TPM_REQUEST_AUTH_LENGTH]; | |
886 | uint8_t response[COMMAND_BUFFER_SIZE]; | |
887 | size_t response_length = sizeof(response); | |
888 | uint32_t err; | |
889 | ||
890 | if (!oiap_session.valid) { | |
891 | err = tpm_oiap(NULL); | |
892 | if (err) | |
893 | return err; | |
894 | } | |
895 | if (pack_byte_string(request, sizeof(request), "sdds", | |
896 | 0, command, sizeof(command), | |
897 | req_size_offset, | |
898 | sizeof(command) + key_length | |
899 | + TPM_REQUEST_AUTH_LENGTH, | |
900 | req_parent_handle_offset, parent_handle, | |
901 | req_key_offset, key, key_length | |
902 | )) | |
903 | return TPM_LIB_ERROR; | |
904 | ||
905 | err = create_request_auth(request, sizeof(command) + key_length, 4, | |
906 | &oiap_session, | |
907 | request + sizeof(command) + key_length, | |
908 | parent_key_usage_auth); | |
909 | if (err) | |
910 | return err; | |
911 | err = tpm_sendrecv_command(request, response, &response_length); | |
912 | if (err) { | |
913 | if (err == TPM_AUTHFAIL) | |
914 | oiap_session.valid = 0; | |
915 | return err; | |
916 | } | |
917 | ||
918 | err = verify_response_auth(0x00000041, response, | |
919 | response_length - TPM_RESPONSE_AUTH_LENGTH, | |
920 | 4, &oiap_session, | |
921 | response + response_length - TPM_RESPONSE_AUTH_LENGTH, | |
922 | parent_key_usage_auth); | |
923 | if (err) | |
924 | return err; | |
925 | ||
926 | if (key_handle) { | |
927 | if (unpack_byte_string(response, response_length, "d", | |
928 | res_handle_offset, key_handle)) | |
929 | return TPM_LIB_ERROR; | |
930 | } | |
931 | ||
932 | return 0; | |
933 | } | |
934 | ||
935 | uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, | |
936 | void *pubkey, size_t *pubkey_len) | |
937 | { | |
938 | const uint8_t command[14] = { | |
939 | 0x00, 0xc2, /* TPM_TAG */ | |
940 | 0x00, 0x00, 0x00, 0x00, /* parameter size */ | |
941 | 0x00, 0x00, 0x00, 0x21, /* TPM_COMMAND_CODE */ | |
942 | 0x00, 0x00, 0x00, 0x00, /* key handle */ | |
943 | }; | |
944 | const size_t req_size_offset = 2; | |
945 | const size_t req_key_handle_offset = TPM_REQUEST_HEADER_LENGTH; | |
946 | const size_t res_pubkey_offset = TPM_RESPONSE_HEADER_LENGTH; | |
947 | uint8_t request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH]; | |
948 | uint8_t response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH | |
949 | + TPM_RESPONSE_AUTH_LENGTH]; | |
950 | size_t response_length = sizeof(response); | |
951 | uint32_t err; | |
952 | ||
953 | if (!oiap_session.valid) { | |
954 | err = tpm_oiap(NULL); | |
955 | if (err) | |
956 | return err; | |
957 | } | |
958 | if (pack_byte_string(request, sizeof(request), "sdd", | |
959 | 0, command, sizeof(command), | |
960 | req_size_offset, | |
961 | (uint32_t)(sizeof(command) | |
962 | + TPM_REQUEST_AUTH_LENGTH), | |
963 | req_key_handle_offset, key_handle | |
964 | )) | |
965 | return TPM_LIB_ERROR; | |
966 | err = create_request_auth(request, sizeof(command), 4, &oiap_session, | |
967 | request + sizeof(command), usage_auth); | |
968 | if (err) | |
969 | return err; | |
970 | err = tpm_sendrecv_command(request, response, &response_length); | |
971 | if (err) { | |
972 | if (err == TPM_AUTHFAIL) | |
973 | oiap_session.valid = 0; | |
974 | return err; | |
975 | } | |
976 | err = verify_response_auth(0x00000021, response, | |
977 | response_length - TPM_RESPONSE_AUTH_LENGTH, | |
978 | 0, &oiap_session, | |
979 | response + response_length - TPM_RESPONSE_AUTH_LENGTH, | |
980 | usage_auth); | |
981 | if (err) | |
982 | return err; | |
983 | ||
984 | if (pubkey) { | |
985 | if ((response_length - TPM_RESPONSE_HEADER_LENGTH | |
986 | - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len) | |
987 | return TPM_LIB_ERROR; | |
988 | *pubkey_len = response_length - TPM_RESPONSE_HEADER_LENGTH | |
989 | - TPM_RESPONSE_AUTH_LENGTH; | |
990 | memcpy(pubkey, response + res_pubkey_offset, | |
991 | response_length - TPM_RESPONSE_HEADER_LENGTH | |
992 | - TPM_RESPONSE_AUTH_LENGTH); | |
993 | } | |
994 | ||
995 | return 0; | |
996 | } | |
997 | ||
0f4b2ba1 | 998 | #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1 |
999 | uint32_t tpm_find_key_sha1(const uint8_t auth[20], const uint8_t | |
1000 | pubkey_digest[20], uint32_t *handle) | |
1001 | { | |
1002 | uint16_t key_count; | |
1003 | uint32_t key_handles[10]; | |
1004 | uint8_t buf[288]; | |
1005 | uint8_t *ptr; | |
1006 | uint32_t err; | |
1007 | uint8_t digest[20]; | |
1008 | size_t buf_len; | |
1009 | unsigned int i; | |
1010 | ||
1011 | /* fetch list of already loaded keys in the TPM */ | |
1012 | err = tpm_get_capability(TPM_CAP_HANDLE, TPM_RT_KEY, buf, sizeof(buf)); | |
1013 | if (err) | |
1014 | return -1; | |
1015 | key_count = get_unaligned_be16(buf); | |
1016 | ptr = buf + 2; | |
1017 | for (i = 0; i < key_count; ++i, ptr += 4) | |
1018 | key_handles[i] = get_unaligned_be32(ptr); | |
1019 | ||
1020 | /* now search a(/ the) key which we can access with the given auth */ | |
1021 | for (i = 0; i < key_count; ++i) { | |
1022 | buf_len = sizeof(buf); | |
1023 | err = tpm_get_pub_key_oiap(key_handles[i], auth, buf, &buf_len); | |
1024 | if (err && err != TPM_AUTHFAIL) | |
1025 | return -1; | |
1026 | if (err) | |
1027 | continue; | |
1028 | sha1_csum(buf, buf_len, digest); | |
1029 | if (!memcmp(digest, pubkey_digest, 20)) { | |
1030 | *handle = key_handles[i]; | |
1031 | return 0; | |
1032 | } | |
1033 | } | |
1034 | return 1; | |
1035 | } | |
1036 | #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */ | |
1037 | ||
be6c1529 | 1038 | #endif /* CONFIG_TPM_AUTH_SESSIONS */ |