xref: /OK3568_Linux_fs/kernel/include/keys/trusted_tpm.h (revision 4882a59341e53eb6f0b4789bf948001014eff981) 
1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */
2*4882a593Smuzhiyun #ifndef __TRUSTED_TPM_H
3*4882a593Smuzhiyun #define __TRUSTED_TPM_H
4*4882a593Smuzhiyun 
5*4882a593Smuzhiyun #include <keys/trusted-type.h>
6*4882a593Smuzhiyun #include <linux/tpm_command.h>
7*4882a593Smuzhiyun 
8*4882a593Smuzhiyun /* implementation specific TPM constants */
9*4882a593Smuzhiyun #define MAX_BUF_SIZE			1024
10*4882a593Smuzhiyun #define TPM_GETRANDOM_SIZE		14
11*4882a593Smuzhiyun #define TPM_SIZE_OFFSET			2
12*4882a593Smuzhiyun #define TPM_RETURN_OFFSET		6
13*4882a593Smuzhiyun #define TPM_DATA_OFFSET			10
14*4882a593Smuzhiyun 
15*4882a593Smuzhiyun #define LOAD32(buffer, offset)	(ntohl(*(uint32_t *)&buffer[offset]))
16*4882a593Smuzhiyun #define LOAD32N(buffer, offset)	(*(uint32_t *)&buffer[offset])
17*4882a593Smuzhiyun #define LOAD16(buffer, offset)	(ntohs(*(uint16_t *)&buffer[offset]))
18*4882a593Smuzhiyun 
19*4882a593Smuzhiyun struct osapsess {
20*4882a593Smuzhiyun 	uint32_t handle;
21*4882a593Smuzhiyun 	unsigned char secret[SHA1_DIGEST_SIZE];
22*4882a593Smuzhiyun 	unsigned char enonce[TPM_NONCE_SIZE];
23*4882a593Smuzhiyun };
24*4882a593Smuzhiyun 
25*4882a593Smuzhiyun /* discrete values, but have to store in uint16_t for TPM use */
26*4882a593Smuzhiyun enum {
27*4882a593Smuzhiyun 	SEAL_keytype = 1,
28*4882a593Smuzhiyun 	SRK_keytype = 4
29*4882a593Smuzhiyun };
30*4882a593Smuzhiyun 
31*4882a593Smuzhiyun int TSS_authhmac(unsigned char *digest, const unsigned char *key,
32*4882a593Smuzhiyun 			unsigned int keylen, unsigned char *h1,
33*4882a593Smuzhiyun 			unsigned char *h2, unsigned int h3, ...);
34*4882a593Smuzhiyun int TSS_checkhmac1(unsigned char *buffer,
35*4882a593Smuzhiyun 			  const uint32_t command,
36*4882a593Smuzhiyun 			  const unsigned char *ononce,
37*4882a593Smuzhiyun 			  const unsigned char *key,
38*4882a593Smuzhiyun 			  unsigned int keylen, ...);
39*4882a593Smuzhiyun 
40*4882a593Smuzhiyun int trusted_tpm_send(unsigned char *cmd, size_t buflen);
41*4882a593Smuzhiyun int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
42*4882a593Smuzhiyun 
43*4882a593Smuzhiyun int tpm2_seal_trusted(struct tpm_chip *chip,
44*4882a593Smuzhiyun 		      struct trusted_key_payload *payload,
45*4882a593Smuzhiyun 		      struct trusted_key_options *options);
46*4882a593Smuzhiyun int tpm2_unseal_trusted(struct tpm_chip *chip,
47*4882a593Smuzhiyun 			struct trusted_key_payload *payload,
48*4882a593Smuzhiyun 			struct trusted_key_options *options);
49*4882a593Smuzhiyun 
50*4882a593Smuzhiyun #define TPM_DEBUG 0
51*4882a593Smuzhiyun 
52*4882a593Smuzhiyun #if TPM_DEBUG
dump_options(struct trusted_key_options * o)53*4882a593Smuzhiyun static inline void dump_options(struct trusted_key_options *o)
54*4882a593Smuzhiyun {
55*4882a593Smuzhiyun 	pr_info("trusted_key: sealing key type %d\n", o->keytype);
56*4882a593Smuzhiyun 	pr_info("trusted_key: sealing key handle %0X\n", o->keyhandle);
57*4882a593Smuzhiyun 	pr_info("trusted_key: pcrlock %d\n", o->pcrlock);
58*4882a593Smuzhiyun 	pr_info("trusted_key: pcrinfo %d\n", o->pcrinfo_len);
59*4882a593Smuzhiyun 	print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
60*4882a593Smuzhiyun 		       16, 1, o->pcrinfo, o->pcrinfo_len, 0);
61*4882a593Smuzhiyun }
62*4882a593Smuzhiyun 
dump_payload(struct trusted_key_payload * p)63*4882a593Smuzhiyun static inline void dump_payload(struct trusted_key_payload *p)
64*4882a593Smuzhiyun {
65*4882a593Smuzhiyun 	pr_info("trusted_key: key_len %d\n", p->key_len);
66*4882a593Smuzhiyun 	print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE,
67*4882a593Smuzhiyun 		       16, 1, p->key, p->key_len, 0);
68*4882a593Smuzhiyun 	pr_info("trusted_key: bloblen %d\n", p->blob_len);
69*4882a593Smuzhiyun 	print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE,
70*4882a593Smuzhiyun 		       16, 1, p->blob, p->blob_len, 0);
71*4882a593Smuzhiyun 	pr_info("trusted_key: migratable %d\n", p->migratable);
72*4882a593Smuzhiyun }
73*4882a593Smuzhiyun 
dump_sess(struct osapsess * s)74*4882a593Smuzhiyun static inline void dump_sess(struct osapsess *s)
75*4882a593Smuzhiyun {
76*4882a593Smuzhiyun 	print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
77*4882a593Smuzhiyun 		       16, 1, &s->handle, 4, 0);
78*4882a593Smuzhiyun 	pr_info("trusted-key: secret:\n");
79*4882a593Smuzhiyun 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
80*4882a593Smuzhiyun 		       16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
81*4882a593Smuzhiyun 	pr_info("trusted-key: enonce:\n");
82*4882a593Smuzhiyun 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
83*4882a593Smuzhiyun 		       16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
84*4882a593Smuzhiyun }
85*4882a593Smuzhiyun 
dump_tpm_buf(unsigned char * buf)86*4882a593Smuzhiyun static inline void dump_tpm_buf(unsigned char *buf)
87*4882a593Smuzhiyun {
88*4882a593Smuzhiyun 	int len;
89*4882a593Smuzhiyun 
90*4882a593Smuzhiyun 	pr_info("\ntrusted-key: tpm buffer\n");
91*4882a593Smuzhiyun 	len = LOAD32(buf, TPM_SIZE_OFFSET);
92*4882a593Smuzhiyun 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
93*4882a593Smuzhiyun }
94*4882a593Smuzhiyun #else
dump_options(struct trusted_key_options * o)95*4882a593Smuzhiyun static inline void dump_options(struct trusted_key_options *o)
96*4882a593Smuzhiyun {
97*4882a593Smuzhiyun }
98*4882a593Smuzhiyun 
dump_payload(struct trusted_key_payload * p)99*4882a593Smuzhiyun static inline void dump_payload(struct trusted_key_payload *p)
100*4882a593Smuzhiyun {
101*4882a593Smuzhiyun }
102*4882a593Smuzhiyun 
dump_sess(struct osapsess * s)103*4882a593Smuzhiyun static inline void dump_sess(struct osapsess *s)
104*4882a593Smuzhiyun {
105*4882a593Smuzhiyun }
106*4882a593Smuzhiyun 
dump_tpm_buf(unsigned char * buf)107*4882a593Smuzhiyun static inline void dump_tpm_buf(unsigned char *buf)
108*4882a593Smuzhiyun {
109*4882a593Smuzhiyun }
110*4882a593Smuzhiyun #endif
111*4882a593Smuzhiyun #endif
112