1 /* 2 * Copyright (c) 2013 The Chromium OS Authors. 3 * Coypright (c) 2013 Guntermann & Drunck GmbH 4 * 5 * SPDX-License-Identifier: GPL-2.0+ 6 */ 7 8 #include <common.h> 9 #include <stdarg.h> 10 #include <u-boot/sha1.h> 11 #include <tpm.h> 12 #include <asm/unaligned.h> 13 14 /* Internal error of TPM command library */ 15 #define TPM_LIB_ERROR ((uint32_t)~0u) 16 17 /* Useful constants */ 18 enum { 19 COMMAND_BUFFER_SIZE = 256, 20 TPM_PUBEK_SIZE = 256, 21 TPM_REQUEST_HEADER_LENGTH = 10, 22 TPM_RESPONSE_HEADER_LENGTH = 10, 23 PCR_DIGEST_LENGTH = 20, 24 DIGEST_LENGTH = 20, 25 TPM_REQUEST_AUTH_LENGTH = 45, 26 TPM_RESPONSE_AUTH_LENGTH = 41, 27 /* some max lengths, valid for RSA keys <= 2048 bits */ 28 TPM_KEY12_MAX_LENGTH = 618, 29 TPM_PUBKEY_MAX_LENGTH = 288, 30 }; 31 32 #ifdef CONFIG_TPM_AUTH_SESSIONS 33 34 #ifndef CONFIG_SHA1 35 #error "TPM_AUTH_SESSIONS require SHA1 to be configured, too" 36 #endif /* !CONFIG_SHA1 */ 37 38 struct session_data { 39 int valid; 40 uint32_t handle; 41 uint8_t nonce_even[DIGEST_LENGTH]; 42 uint8_t nonce_odd[DIGEST_LENGTH]; 43 }; 44 45 static struct session_data oiap_session = {0, }; 46 47 #endif /* CONFIG_TPM_AUTH_SESSIONS */ 48 49 /** 50 * Pack data into a byte string. The data types are specified in 51 * the format string: 'b' means unsigned byte, 'w' unsigned word, 52 * 'd' unsigned double word, and 's' byte string. The data are a 53 * series of offsets and values (for type byte string there are also 54 * lengths). The data values are packed into the byte string 55 * sequentially, and so a latter value could over-write a former 56 * value. 57 * 58 * @param str output string 59 * @param size size of output string 60 * @param format format string 61 * @param ... data points 62 * @return 0 on success, non-0 on error 63 */ 64 int pack_byte_string(uint8_t *str, size_t size, const char *format, ...) 65 { 66 va_list args; 67 size_t offset = 0, length = 0; 68 uint8_t *data = NULL; 69 uint32_t value = 0; 70 71 va_start(args, format); 72 for (; *format; format++) { 73 switch (*format) { 74 case 'b': 75 offset = va_arg(args, size_t); 76 value = va_arg(args, int); 77 length = 1; 78 break; 79 case 'w': 80 offset = va_arg(args, size_t); 81 value = va_arg(args, int); 82 length = 2; 83 break; 84 case 'd': 85 offset = va_arg(args, size_t); 86 value = va_arg(args, uint32_t); 87 length = 4; 88 break; 89 case 's': 90 offset = va_arg(args, size_t); 91 data = va_arg(args, uint8_t *); 92 length = va_arg(args, uint32_t); 93 break; 94 default: 95 debug("Couldn't recognize format string\n"); 96 return -1; 97 } 98 99 if (offset + length > size) 100 return -1; 101 102 switch (*format) { 103 case 'b': 104 str[offset] = value; 105 break; 106 case 'w': 107 put_unaligned_be16(value, str + offset); 108 break; 109 case 'd': 110 put_unaligned_be32(value, str + offset); 111 break; 112 case 's': 113 memcpy(str + offset, data, length); 114 break; 115 } 116 } 117 va_end(args); 118 119 return 0; 120 } 121 122 /** 123 * Unpack data from a byte string. The data types are specified in 124 * the format string: 'b' means unsigned byte, 'w' unsigned word, 125 * 'd' unsigned double word, and 's' byte string. The data are a 126 * series of offsets and pointers (for type byte string there are also 127 * lengths). 128 * 129 * @param str output string 130 * @param size size of output string 131 * @param format format string 132 * @param ... data points 133 * @return 0 on success, non-0 on error 134 */ 135 int unpack_byte_string(const uint8_t *str, size_t size, const char *format, ...) 136 { 137 va_list args; 138 size_t offset = 0, length = 0; 139 uint8_t *ptr8 = NULL; 140 uint16_t *ptr16 = NULL; 141 uint32_t *ptr32 = NULL; 142 143 va_start(args, format); 144 for (; *format; format++) { 145 switch (*format) { 146 case 'b': 147 offset = va_arg(args, size_t); 148 ptr8 = va_arg(args, uint8_t *); 149 length = 1; 150 break; 151 case 'w': 152 offset = va_arg(args, size_t); 153 ptr16 = va_arg(args, uint16_t *); 154 length = 2; 155 break; 156 case 'd': 157 offset = va_arg(args, size_t); 158 ptr32 = va_arg(args, uint32_t *); 159 length = 4; 160 break; 161 case 's': 162 offset = va_arg(args, size_t); 163 ptr8 = va_arg(args, uint8_t *); 164 length = va_arg(args, uint32_t); 165 break; 166 default: 167 debug("Couldn't recognize format string\n"); 168 return -1; 169 } 170 171 if (offset + length > size) 172 return -1; 173 174 switch (*format) { 175 case 'b': 176 *ptr8 = str[offset]; 177 break; 178 case 'w': 179 *ptr16 = get_unaligned_be16(str + offset); 180 break; 181 case 'd': 182 *ptr32 = get_unaligned_be32(str + offset); 183 break; 184 case 's': 185 memcpy(ptr8, str + offset, length); 186 break; 187 } 188 } 189 va_end(args); 190 191 return 0; 192 } 193 194 /** 195 * Get TPM command size. 196 * 197 * @param command byte string of TPM command 198 * @return command size of the TPM command 199 */ 200 static uint32_t tpm_command_size(const void *command) 201 { 202 const size_t command_size_offset = 2; 203 return get_unaligned_be32(command + command_size_offset); 204 } 205 206 /** 207 * Get TPM response return code, which is one of TPM_RESULT values. 208 * 209 * @param response byte string of TPM response 210 * @return return code of the TPM response 211 */ 212 static uint32_t tpm_return_code(const void *response) 213 { 214 const size_t return_code_offset = 6; 215 return get_unaligned_be32(response + return_code_offset); 216 } 217 218 /** 219 * Send a TPM command and return response's return code, and optionally 220 * return response to caller. 221 * 222 * @param command byte string of TPM command 223 * @param response output buffer for TPM response, or NULL if the 224 * caller does not care about it 225 * @param size_ptr output buffer size (input parameter) and TPM 226 * response length (output parameter); this parameter 227 * is a bidirectional 228 * @return return code of the TPM response 229 */ 230 static uint32_t tpm_sendrecv_command(const void *command, 231 void *response, size_t *size_ptr) 232 { 233 uint8_t response_buffer[COMMAND_BUFFER_SIZE]; 234 size_t response_length; 235 uint32_t err; 236 237 if (response) { 238 response_length = *size_ptr; 239 } else { 240 response = response_buffer; 241 response_length = sizeof(response_buffer); 242 } 243 err = tis_sendrecv(command, tpm_command_size(command), 244 response, &response_length); 245 if (err) 246 return TPM_LIB_ERROR; 247 if (size_ptr) 248 *size_ptr = response_length; 249 250 return tpm_return_code(response); 251 } 252 253 uint32_t tpm_init(void) 254 { 255 uint32_t err; 256 257 err = tis_init(); 258 if (err) 259 return err; 260 261 return tis_open(); 262 } 263 264 uint32_t tpm_startup(enum tpm_startup_type mode) 265 { 266 const uint8_t command[12] = { 267 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0, 268 }; 269 const size_t mode_offset = 10; 270 uint8_t buf[COMMAND_BUFFER_SIZE]; 271 272 if (pack_byte_string(buf, sizeof(buf), "sw", 273 0, command, sizeof(command), 274 mode_offset, mode)) 275 return TPM_LIB_ERROR; 276 277 return tpm_sendrecv_command(buf, NULL, NULL); 278 } 279 280 uint32_t tpm_self_test_full(void) 281 { 282 const uint8_t command[10] = { 283 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50, 284 }; 285 return tpm_sendrecv_command(command, NULL, NULL); 286 } 287 288 uint32_t tpm_continue_self_test(void) 289 { 290 const uint8_t command[10] = { 291 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53, 292 }; 293 return tpm_sendrecv_command(command, NULL, NULL); 294 } 295 296 uint32_t tpm_nv_define_space(uint32_t index, uint32_t perm, uint32_t size) 297 { 298 const uint8_t command[101] = { 299 0x0, 0xc1, /* TPM_TAG */ 300 0x0, 0x0, 0x0, 0x65, /* parameter size */ 301 0x0, 0x0, 0x0, 0xcc, /* TPM_COMMAND_CODE */ 302 /* TPM_NV_DATA_PUBLIC->... */ 303 0x0, 0x18, /* ...->TPM_STRUCTURE_TAG */ 304 0, 0, 0, 0, /* ...->TPM_NV_INDEX */ 305 /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */ 306 0x0, 0x3, 307 0, 0, 0, 308 0x1f, 309 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 310 /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */ 311 0x0, 0x3, 312 0, 0, 0, 313 0x1f, 314 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 315 /* TPM_NV_ATTRIBUTES->... */ 316 0x0, 0x17, /* ...->TPM_STRUCTURE_TAG */ 317 0, 0, 0, 0, /* ...->attributes */ 318 /* End of TPM_NV_ATTRIBUTES */ 319 0, /* bReadSTClear */ 320 0, /* bWriteSTClear */ 321 0, /* bWriteDefine */ 322 0, 0, 0, 0, /* size */ 323 }; 324 const size_t index_offset = 12; 325 const size_t perm_offset = 70; 326 const size_t size_offset = 77; 327 uint8_t buf[COMMAND_BUFFER_SIZE]; 328 329 if (pack_byte_string(buf, sizeof(buf), "sddd", 330 0, command, sizeof(command), 331 index_offset, index, 332 perm_offset, perm, 333 size_offset, size)) 334 return TPM_LIB_ERROR; 335 336 return tpm_sendrecv_command(buf, NULL, NULL); 337 } 338 339 uint32_t tpm_nv_read_value(uint32_t index, void *data, uint32_t count) 340 { 341 const uint8_t command[22] = { 342 0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf, 343 }; 344 const size_t index_offset = 10; 345 const size_t length_offset = 18; 346 const size_t data_size_offset = 10; 347 const size_t data_offset = 14; 348 uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; 349 size_t response_length = sizeof(response); 350 uint32_t data_size; 351 uint32_t err; 352 353 if (pack_byte_string(buf, sizeof(buf), "sdd", 354 0, command, sizeof(command), 355 index_offset, index, 356 length_offset, count)) 357 return TPM_LIB_ERROR; 358 err = tpm_sendrecv_command(buf, response, &response_length); 359 if (err) 360 return err; 361 if (unpack_byte_string(response, response_length, "d", 362 data_size_offset, &data_size)) 363 return TPM_LIB_ERROR; 364 if (data_size > count) 365 return TPM_LIB_ERROR; 366 if (unpack_byte_string(response, response_length, "s", 367 data_offset, data, data_size)) 368 return TPM_LIB_ERROR; 369 370 return 0; 371 } 372 373 uint32_t tpm_nv_write_value(uint32_t index, const void *data, uint32_t length) 374 { 375 const uint8_t command[256] = { 376 0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd, 377 }; 378 const size_t command_size_offset = 2; 379 const size_t index_offset = 10; 380 const size_t length_offset = 18; 381 const size_t data_offset = 22; 382 const size_t write_info_size = 12; 383 const uint32_t total_length = 384 TPM_REQUEST_HEADER_LENGTH + write_info_size + length; 385 uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; 386 size_t response_length = sizeof(response); 387 uint32_t err; 388 389 if (pack_byte_string(buf, sizeof(buf), "sddds", 390 0, command, sizeof(command), 391 command_size_offset, total_length, 392 index_offset, index, 393 length_offset, length, 394 data_offset, data, length)) 395 return TPM_LIB_ERROR; 396 err = tpm_sendrecv_command(buf, response, &response_length); 397 if (err) 398 return err; 399 400 return 0; 401 } 402 403 uint32_t tpm_extend(uint32_t index, const void *in_digest, void *out_digest) 404 { 405 const uint8_t command[34] = { 406 0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14, 407 }; 408 const size_t index_offset = 10; 409 const size_t in_digest_offset = 14; 410 const size_t out_digest_offset = 10; 411 uint8_t buf[COMMAND_BUFFER_SIZE]; 412 uint8_t response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH]; 413 size_t response_length = sizeof(response); 414 uint32_t err; 415 416 if (pack_byte_string(buf, sizeof(buf), "sds", 417 0, command, sizeof(command), 418 index_offset, index, 419 in_digest_offset, in_digest, 420 PCR_DIGEST_LENGTH)) 421 return TPM_LIB_ERROR; 422 err = tpm_sendrecv_command(buf, response, &response_length); 423 if (err) 424 return err; 425 426 if (unpack_byte_string(response, response_length, "s", 427 out_digest_offset, out_digest, 428 PCR_DIGEST_LENGTH)) 429 return TPM_LIB_ERROR; 430 431 return 0; 432 } 433 434 uint32_t tpm_pcr_read(uint32_t index, void *data, size_t count) 435 { 436 const uint8_t command[14] = { 437 0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15, 438 }; 439 const size_t index_offset = 10; 440 const size_t out_digest_offset = 10; 441 uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; 442 size_t response_length = sizeof(response); 443 uint32_t err; 444 445 if (count < PCR_DIGEST_LENGTH) 446 return TPM_LIB_ERROR; 447 448 if (pack_byte_string(buf, sizeof(buf), "sd", 449 0, command, sizeof(command), 450 index_offset, index)) 451 return TPM_LIB_ERROR; 452 err = tpm_sendrecv_command(buf, response, &response_length); 453 if (err) 454 return err; 455 if (unpack_byte_string(response, response_length, "s", 456 out_digest_offset, data, PCR_DIGEST_LENGTH)) 457 return TPM_LIB_ERROR; 458 459 return 0; 460 } 461 462 uint32_t tpm_tsc_physical_presence(uint16_t presence) 463 { 464 const uint8_t command[12] = { 465 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0, 466 }; 467 const size_t presence_offset = 10; 468 uint8_t buf[COMMAND_BUFFER_SIZE]; 469 470 if (pack_byte_string(buf, sizeof(buf), "sw", 471 0, command, sizeof(command), 472 presence_offset, presence)) 473 return TPM_LIB_ERROR; 474 475 return tpm_sendrecv_command(buf, NULL, NULL); 476 } 477 478 uint32_t tpm_read_pubek(void *data, size_t count) 479 { 480 const uint8_t command[30] = { 481 0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c, 482 }; 483 const size_t response_size_offset = 2; 484 const size_t data_offset = 10; 485 const size_t header_and_checksum_size = TPM_RESPONSE_HEADER_LENGTH + 20; 486 uint8_t response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE]; 487 size_t response_length = sizeof(response); 488 uint32_t data_size; 489 uint32_t err; 490 491 err = tpm_sendrecv_command(command, response, &response_length); 492 if (err) 493 return err; 494 if (unpack_byte_string(response, response_length, "d", 495 response_size_offset, &data_size)) 496 return TPM_LIB_ERROR; 497 if (data_size < header_and_checksum_size) 498 return TPM_LIB_ERROR; 499 data_size -= header_and_checksum_size; 500 if (data_size > count) 501 return TPM_LIB_ERROR; 502 if (unpack_byte_string(response, response_length, "s", 503 data_offset, data, data_size)) 504 return TPM_LIB_ERROR; 505 506 return 0; 507 } 508 509 uint32_t tpm_force_clear(void) 510 { 511 const uint8_t command[10] = { 512 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d, 513 }; 514 515 return tpm_sendrecv_command(command, NULL, NULL); 516 } 517 518 uint32_t tpm_physical_enable(void) 519 { 520 const uint8_t command[10] = { 521 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f, 522 }; 523 524 return tpm_sendrecv_command(command, NULL, NULL); 525 } 526 527 uint32_t tpm_physical_disable(void) 528 { 529 const uint8_t command[10] = { 530 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70, 531 }; 532 533 return tpm_sendrecv_command(command, NULL, NULL); 534 } 535 536 uint32_t tpm_physical_set_deactivated(uint8_t state) 537 { 538 const uint8_t command[11] = { 539 0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72, 540 }; 541 const size_t state_offset = 10; 542 uint8_t buf[COMMAND_BUFFER_SIZE]; 543 544 if (pack_byte_string(buf, sizeof(buf), "sb", 545 0, command, sizeof(command), 546 state_offset, state)) 547 return TPM_LIB_ERROR; 548 549 return tpm_sendrecv_command(buf, NULL, NULL); 550 } 551 552 uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap, 553 void *cap, size_t count) 554 { 555 const uint8_t command[22] = { 556 0x0, 0xc1, /* TPM_TAG */ 557 0x0, 0x0, 0x0, 0x16, /* parameter size */ 558 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */ 559 0x0, 0x0, 0x0, 0x0, /* TPM_CAPABILITY_AREA */ 560 0x0, 0x0, 0x0, 0x4, /* subcap size */ 561 0x0, 0x0, 0x0, 0x0, /* subcap value */ 562 }; 563 const size_t cap_area_offset = 10; 564 const size_t sub_cap_offset = 18; 565 const size_t cap_offset = 14; 566 const size_t cap_size_offset = 10; 567 uint8_t buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE]; 568 size_t response_length = sizeof(response); 569 uint32_t cap_size; 570 uint32_t err; 571 572 if (pack_byte_string(buf, sizeof(buf), "sdd", 573 0, command, sizeof(command), 574 cap_area_offset, cap_area, 575 sub_cap_offset, sub_cap)) 576 return TPM_LIB_ERROR; 577 err = tpm_sendrecv_command(buf, response, &response_length); 578 if (err) 579 return err; 580 if (unpack_byte_string(response, response_length, "d", 581 cap_size_offset, &cap_size)) 582 return TPM_LIB_ERROR; 583 if (cap_size > response_length || cap_size > count) 584 return TPM_LIB_ERROR; 585 if (unpack_byte_string(response, response_length, "s", 586 cap_offset, cap, cap_size)) 587 return TPM_LIB_ERROR; 588 589 return 0; 590 } 591 592 #ifdef CONFIG_TPM_AUTH_SESSIONS 593 594 /** 595 * Fill an authentication block in a request. 596 * This func can create the first as well as the second auth block (for 597 * double authorized commands). 598 * 599 * @param request pointer to the request (w/ uninitialised auth data) 600 * @param request_len0 length of the request without auth data 601 * @param handles_len length of the handles area in request 602 * @param auth_session pointer to the (valid) auth session to be used 603 * @param request_auth pointer to the auth block of the request to be filled 604 * @param auth authentication data (HMAC key) 605 */ 606 static uint32_t create_request_auth(const void *request, size_t request_len0, 607 size_t handles_len, 608 struct session_data *auth_session, 609 void *request_auth, const void *auth) 610 { 611 uint8_t hmac_data[DIGEST_LENGTH * 3 + 1]; 612 sha1_context hash_ctx; 613 const size_t command_code_offset = 6; 614 const size_t auth_nonce_odd_offset = 4; 615 const size_t auth_continue_offset = 24; 616 const size_t auth_auth_offset = 25; 617 618 if (!auth_session || !auth_session->valid) 619 return TPM_LIB_ERROR; 620 621 sha1_starts(&hash_ctx); 622 sha1_update(&hash_ctx, request + command_code_offset, 4); 623 if (request_len0 > TPM_REQUEST_HEADER_LENGTH + handles_len) 624 sha1_update(&hash_ctx, 625 request + TPM_REQUEST_HEADER_LENGTH + handles_len, 626 request_len0 - TPM_REQUEST_HEADER_LENGTH 627 - handles_len); 628 sha1_finish(&hash_ctx, hmac_data); 629 630 sha1_starts(&hash_ctx); 631 sha1_update(&hash_ctx, auth_session->nonce_odd, DIGEST_LENGTH); 632 sha1_update(&hash_ctx, hmac_data, sizeof(hmac_data)); 633 sha1_finish(&hash_ctx, auth_session->nonce_odd); 634 635 if (pack_byte_string(request_auth, TPM_REQUEST_AUTH_LENGTH, "dsb", 636 0, auth_session->handle, 637 auth_nonce_odd_offset, auth_session->nonce_odd, 638 DIGEST_LENGTH, 639 auth_continue_offset, 1)) 640 return TPM_LIB_ERROR; 641 if (pack_byte_string(hmac_data, sizeof(hmac_data), "ss", 642 DIGEST_LENGTH, 643 auth_session->nonce_even, 644 DIGEST_LENGTH, 645 2 * DIGEST_LENGTH, 646 request_auth + auth_nonce_odd_offset, 647 DIGEST_LENGTH + 1)) 648 return TPM_LIB_ERROR; 649 sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data), 650 request_auth + auth_auth_offset); 651 652 return TPM_SUCCESS; 653 } 654 655 /** 656 * Verify an authentication block in a response. 657 * Since this func updates the nonce_even in the session data it has to be 658 * called when receiving a succesfull AUTH response. 659 * This func can verify the first as well as the second auth block (for 660 * double authorized commands). 661 * 662 * @param command_code command code of the request 663 * @param response pointer to the request (w/ uninitialised auth data) 664 * @param handles_len length of the handles area in response 665 * @param auth_session pointer to the (valid) auth session to be used 666 * @param response_auth pointer to the auth block of the response to be verified 667 * @param auth authentication data (HMAC key) 668 */ 669 static uint32_t verify_response_auth(uint32_t command_code, 670 const void *response, size_t response_len0, 671 size_t handles_len, 672 struct session_data *auth_session, 673 const void *response_auth, const void *auth) 674 { 675 uint8_t hmac_data[DIGEST_LENGTH * 3 + 1]; 676 uint8_t computed_auth[DIGEST_LENGTH]; 677 sha1_context hash_ctx; 678 const size_t return_code_offset = 6; 679 const size_t auth_continue_offset = 20; 680 const size_t auth_auth_offset = 21; 681 uint8_t auth_continue; 682 683 if (!auth_session || !auth_session->valid) 684 return TPM_AUTHFAIL; 685 if (pack_byte_string(hmac_data, sizeof(hmac_data), "d", 686 0, command_code)) 687 return TPM_LIB_ERROR; 688 if (response_len0 < TPM_RESPONSE_HEADER_LENGTH) 689 return TPM_LIB_ERROR; 690 691 sha1_starts(&hash_ctx); 692 sha1_update(&hash_ctx, response + return_code_offset, 4); 693 sha1_update(&hash_ctx, hmac_data, 4); 694 if (response_len0 > TPM_RESPONSE_HEADER_LENGTH + handles_len) 695 sha1_update(&hash_ctx, 696 response + TPM_RESPONSE_HEADER_LENGTH + handles_len, 697 response_len0 - TPM_RESPONSE_HEADER_LENGTH 698 - handles_len); 699 sha1_finish(&hash_ctx, hmac_data); 700 701 memcpy(auth_session->nonce_even, response_auth, DIGEST_LENGTH); 702 auth_continue = ((uint8_t *)response_auth)[auth_continue_offset]; 703 if (pack_byte_string(hmac_data, sizeof(hmac_data), "ssb", 704 DIGEST_LENGTH, 705 response_auth, 706 DIGEST_LENGTH, 707 2 * DIGEST_LENGTH, 708 auth_session->nonce_odd, 709 DIGEST_LENGTH, 710 3 * DIGEST_LENGTH, 711 auth_continue)) 712 return TPM_LIB_ERROR; 713 714 sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data), 715 computed_auth); 716 717 if (memcmp(computed_auth, response_auth + auth_auth_offset, 718 DIGEST_LENGTH)) 719 return TPM_AUTHFAIL; 720 721 return TPM_SUCCESS; 722 } 723 724 725 uint32_t tpm_terminate_auth_session(uint32_t auth_handle) 726 { 727 const uint8_t command[18] = { 728 0x00, 0xc1, /* TPM_TAG */ 729 0x00, 0x00, 0x00, 0x00, /* parameter size */ 730 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */ 731 0x00, 0x00, 0x00, 0x00, /* TPM_HANDLE */ 732 0x00, 0x00, 0x00, 0x02, /* TPM_RESSOURCE_TYPE */ 733 }; 734 const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH; 735 uint8_t request[COMMAND_BUFFER_SIZE]; 736 737 if (pack_byte_string(request, sizeof(request), "sd", 738 0, command, sizeof(command), 739 req_handle_offset, auth_handle)) 740 return TPM_LIB_ERROR; 741 if (oiap_session.valid && oiap_session.handle == auth_handle) 742 oiap_session.valid = 0; 743 744 return tpm_sendrecv_command(request, NULL, NULL); 745 } 746 747 uint32_t tpm_end_oiap(void) 748 { 749 uint32_t err = TPM_SUCCESS; 750 if (oiap_session.valid) 751 err = tpm_terminate_auth_session(oiap_session.handle); 752 return err; 753 } 754 755 uint32_t tpm_oiap(uint32_t *auth_handle) 756 { 757 const uint8_t command[10] = { 758 0x00, 0xc1, /* TPM_TAG */ 759 0x00, 0x00, 0x00, 0x0a, /* parameter size */ 760 0x00, 0x00, 0x00, 0x0a, /* TPM_COMMAND_CODE */ 761 }; 762 const size_t res_auth_handle_offset = TPM_RESPONSE_HEADER_LENGTH; 763 const size_t res_nonce_even_offset = TPM_RESPONSE_HEADER_LENGTH + 4; 764 uint8_t response[COMMAND_BUFFER_SIZE]; 765 size_t response_length = sizeof(response); 766 uint32_t err; 767 768 if (oiap_session.valid) 769 tpm_terminate_auth_session(oiap_session.handle); 770 771 err = tpm_sendrecv_command(command, response, &response_length); 772 if (err) 773 return err; 774 if (unpack_byte_string(response, response_length, "ds", 775 res_auth_handle_offset, &oiap_session.handle, 776 res_nonce_even_offset, &oiap_session.nonce_even, 777 (uint32_t)DIGEST_LENGTH)) 778 return TPM_LIB_ERROR; 779 oiap_session.valid = 1; 780 if (auth_handle) 781 *auth_handle = oiap_session.handle; 782 return 0; 783 } 784 785 uint32_t tpm_load_key2_oiap(uint32_t parent_handle, 786 const void *key, size_t key_length, 787 const void *parent_key_usage_auth, 788 uint32_t *key_handle) 789 { 790 const uint8_t command[14] = { 791 0x00, 0xc2, /* TPM_TAG */ 792 0x00, 0x00, 0x00, 0x00, /* parameter size */ 793 0x00, 0x00, 0x00, 0x41, /* TPM_COMMAND_CODE */ 794 0x00, 0x00, 0x00, 0x00, /* parent handle */ 795 }; 796 const size_t req_size_offset = 2; 797 const size_t req_parent_handle_offset = TPM_REQUEST_HEADER_LENGTH; 798 const size_t req_key_offset = TPM_REQUEST_HEADER_LENGTH + 4; 799 const size_t res_handle_offset = TPM_RESPONSE_HEADER_LENGTH; 800 uint8_t request[sizeof(command) + TPM_KEY12_MAX_LENGTH 801 + TPM_REQUEST_AUTH_LENGTH]; 802 uint8_t response[COMMAND_BUFFER_SIZE]; 803 size_t response_length = sizeof(response); 804 uint32_t err; 805 806 if (!oiap_session.valid) { 807 err = tpm_oiap(NULL); 808 if (err) 809 return err; 810 } 811 if (pack_byte_string(request, sizeof(request), "sdds", 812 0, command, sizeof(command), 813 req_size_offset, 814 sizeof(command) + key_length 815 + TPM_REQUEST_AUTH_LENGTH, 816 req_parent_handle_offset, parent_handle, 817 req_key_offset, key, key_length 818 )) 819 return TPM_LIB_ERROR; 820 821 err = create_request_auth(request, sizeof(command) + key_length, 4, 822 &oiap_session, 823 request + sizeof(command) + key_length, 824 parent_key_usage_auth); 825 if (err) 826 return err; 827 err = tpm_sendrecv_command(request, response, &response_length); 828 if (err) { 829 if (err == TPM_AUTHFAIL) 830 oiap_session.valid = 0; 831 return err; 832 } 833 834 err = verify_response_auth(0x00000041, response, 835 response_length - TPM_RESPONSE_AUTH_LENGTH, 836 4, &oiap_session, 837 response + response_length - TPM_RESPONSE_AUTH_LENGTH, 838 parent_key_usage_auth); 839 if (err) 840 return err; 841 842 if (key_handle) { 843 if (unpack_byte_string(response, response_length, "d", 844 res_handle_offset, key_handle)) 845 return TPM_LIB_ERROR; 846 } 847 848 return 0; 849 } 850 851 uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth, 852 void *pubkey, size_t *pubkey_len) 853 { 854 const uint8_t command[14] = { 855 0x00, 0xc2, /* TPM_TAG */ 856 0x00, 0x00, 0x00, 0x00, /* parameter size */ 857 0x00, 0x00, 0x00, 0x21, /* TPM_COMMAND_CODE */ 858 0x00, 0x00, 0x00, 0x00, /* key handle */ 859 }; 860 const size_t req_size_offset = 2; 861 const size_t req_key_handle_offset = TPM_REQUEST_HEADER_LENGTH; 862 const size_t res_pubkey_offset = TPM_RESPONSE_HEADER_LENGTH; 863 uint8_t request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH]; 864 uint8_t response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH 865 + TPM_RESPONSE_AUTH_LENGTH]; 866 size_t response_length = sizeof(response); 867 uint32_t err; 868 869 if (!oiap_session.valid) { 870 err = tpm_oiap(NULL); 871 if (err) 872 return err; 873 } 874 if (pack_byte_string(request, sizeof(request), "sdd", 875 0, command, sizeof(command), 876 req_size_offset, 877 (uint32_t)(sizeof(command) 878 + TPM_REQUEST_AUTH_LENGTH), 879 req_key_handle_offset, key_handle 880 )) 881 return TPM_LIB_ERROR; 882 err = create_request_auth(request, sizeof(command), 4, &oiap_session, 883 request + sizeof(command), usage_auth); 884 if (err) 885 return err; 886 err = tpm_sendrecv_command(request, response, &response_length); 887 if (err) { 888 if (err == TPM_AUTHFAIL) 889 oiap_session.valid = 0; 890 return err; 891 } 892 err = verify_response_auth(0x00000021, response, 893 response_length - TPM_RESPONSE_AUTH_LENGTH, 894 0, &oiap_session, 895 response + response_length - TPM_RESPONSE_AUTH_LENGTH, 896 usage_auth); 897 if (err) 898 return err; 899 900 if (pubkey) { 901 if ((response_length - TPM_RESPONSE_HEADER_LENGTH 902 - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len) 903 return TPM_LIB_ERROR; 904 *pubkey_len = response_length - TPM_RESPONSE_HEADER_LENGTH 905 - TPM_RESPONSE_AUTH_LENGTH; 906 memcpy(pubkey, response + res_pubkey_offset, 907 response_length - TPM_RESPONSE_HEADER_LENGTH 908 - TPM_RESPONSE_AUTH_LENGTH); 909 } 910 911 return 0; 912 } 913 914 #endif /* CONFIG_TPM_AUTH_SESSIONS */ 915