]>
Commit | Line | Data |
---|---|---|
b2441318 | 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
d00a1c72 MZ |
2 | #ifndef __TRUSTED_KEY_H |
3 | #define __TRUSTED_KEY_H | |
4 | ||
5 | /* implementation specific TPM constants */ | |
e1ea9f86 | 6 | #define MAX_BUF_SIZE 1024 |
d00a1c72 | 7 | #define TPM_GETRANDOM_SIZE 14 |
d00a1c72 MZ |
8 | #define TPM_SIZE_OFFSET 2 |
9 | #define TPM_RETURN_OFFSET 6 | |
10 | #define TPM_DATA_OFFSET 10 | |
11 | ||
12 | #define LOAD32(buffer, offset) (ntohl(*(uint32_t *)&buffer[offset])) | |
13 | #define LOAD32N(buffer, offset) (*(uint32_t *)&buffer[offset]) | |
14 | #define LOAD16(buffer, offset) (ntohs(*(uint16_t *)&buffer[offset])) | |
15 | ||
d00a1c72 MZ |
16 | struct osapsess { |
17 | uint32_t handle; | |
18 | unsigned char secret[SHA1_DIGEST_SIZE]; | |
19 | unsigned char enonce[TPM_NONCE_SIZE]; | |
20 | }; | |
21 | ||
22 | /* discrete values, but have to store in uint16_t for TPM use */ | |
23 | enum { | |
24 | SEAL_keytype = 1, | |
25 | SRK_keytype = 4 | |
26 | }; | |
27 | ||
e1ea9f86 DK |
28 | int TSS_authhmac(unsigned char *digest, const unsigned char *key, |
29 | unsigned int keylen, unsigned char *h1, | |
be24b37e | 30 | unsigned char *h2, unsigned int h3, ...); |
e1ea9f86 DK |
31 | int TSS_checkhmac1(unsigned char *buffer, |
32 | const uint32_t command, | |
33 | const unsigned char *ononce, | |
34 | const unsigned char *key, | |
35 | unsigned int keylen, ...); | |
36 | ||
37 | int trusted_tpm_send(unsigned char *cmd, size_t buflen); | |
c6f61e59 | 38 | int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce); |
e1ea9f86 | 39 | |
d00a1c72 MZ |
40 | #define TPM_DEBUG 0 |
41 | ||
42 | #if TPM_DEBUG | |
43 | static inline void dump_options(struct trusted_key_options *o) | |
44 | { | |
45 | pr_info("trusted_key: sealing key type %d\n", o->keytype); | |
46 | pr_info("trusted_key: sealing key handle %0X\n", o->keyhandle); | |
47 | pr_info("trusted_key: pcrlock %d\n", o->pcrlock); | |
48 | pr_info("trusted_key: pcrinfo %d\n", o->pcrinfo_len); | |
49 | print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE, | |
50 | 16, 1, o->pcrinfo, o->pcrinfo_len, 0); | |
51 | } | |
52 | ||
53 | static inline void dump_payload(struct trusted_key_payload *p) | |
54 | { | |
55 | pr_info("trusted_key: key_len %d\n", p->key_len); | |
56 | print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE, | |
57 | 16, 1, p->key, p->key_len, 0); | |
58 | pr_info("trusted_key: bloblen %d\n", p->blob_len); | |
59 | print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE, | |
60 | 16, 1, p->blob, p->blob_len, 0); | |
61 | pr_info("trusted_key: migratable %d\n", p->migratable); | |
62 | } | |
63 | ||
64 | static inline void dump_sess(struct osapsess *s) | |
65 | { | |
66 | print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE, | |
67 | 16, 1, &s->handle, 4, 0); | |
68 | pr_info("trusted-key: secret:\n"); | |
69 | print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, | |
70 | 16, 1, &s->secret, SHA1_DIGEST_SIZE, 0); | |
71 | pr_info("trusted-key: enonce:\n"); | |
72 | print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, | |
73 | 16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0); | |
74 | } | |
75 | ||
76 | static inline void dump_tpm_buf(unsigned char *buf) | |
77 | { | |
78 | int len; | |
79 | ||
80 | pr_info("\ntrusted-key: tpm buffer\n"); | |
81 | len = LOAD32(buf, TPM_SIZE_OFFSET); | |
82 | print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0); | |
83 | } | |
84 | #else | |
85 | static inline void dump_options(struct trusted_key_options *o) | |
86 | { | |
87 | } | |
88 | ||
89 | static inline void dump_payload(struct trusted_key_payload *p) | |
90 | { | |
91 | } | |
92 | ||
93 | static inline void dump_sess(struct osapsess *s) | |
94 | { | |
95 | } | |
96 | ||
97 | static inline void dump_tpm_buf(unsigned char *buf) | |
98 | { | |
99 | } | |
100 | #endif | |
d00a1c72 | 101 | #endif |