]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blame - include/keys/trusted.h
projects / mirror_ubuntu-jammy-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
KEYS: Use common tpm_buf for trusted and asymmetric keys
[mirror_ubuntu-jammy-kernel.git] / include / keys / trusted.h
CommitLineData
b2441318 1/* SPDX-License-Identifier: GPL-2.0 */
d00a1c72
MZ		 2#ifndef __TRUSTED_KEY_H
3#define __TRUSTED_KEY_H
4
5/* implementation specific TPM constants */
e1ea9f86 6#define MAX_BUF_SIZE 1024
d00a1c72 7#define TPM_GETRANDOM_SIZE 14
d00a1c72
MZ		 8#define TPM_SIZE_OFFSET 2
9#define TPM_RETURN_OFFSET 6
10#define TPM_DATA_OFFSET 10
11
12#define LOAD32(buffer, offset) (ntohl(*(uint32_t *)&buffer[offset]))
13#define LOAD32N(buffer, offset) (*(uint32_t *)&buffer[offset])
14#define LOAD16(buffer, offset) (ntohs(*(uint16_t *)&buffer[offset]))
15
d00a1c72
MZ		 16struct osapsess {
17 uint32_t handle;
18 unsigned char secret[SHA1_DIGEST_SIZE];
19 unsigned char enonce[TPM_NONCE_SIZE];
20};
21
22/* discrete values, but have to store in uint16_t for TPM use */
23enum {
24 SEAL_keytype = 1,
25 SRK_keytype = 4
26};
27
e1ea9f86
DK		 28int TSS_authhmac(unsigned char *digest, const unsigned char *key,
29 unsigned int keylen, unsigned char *h1,
be24b37e 30 unsigned char *h2, unsigned int h3, ...);
e1ea9f86
DK		 31int TSS_checkhmac1(unsigned char *buffer,
32 const uint32_t command,
33 const unsigned char *ononce,
34 const unsigned char *key,
35 unsigned int keylen, ...);
36
37int trusted_tpm_send(unsigned char *cmd, size_t buflen);
c6f61e59 38int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
e1ea9f86 39
d00a1c72
MZ		 40#define TPM_DEBUG 0
41
42#if TPM_DEBUG
43static inline void dump_options(struct trusted_key_options *o)
44{
45 pr_info("trusted_key: sealing key type %d\n", o->keytype);
46 pr_info("trusted_key: sealing key handle %0X\n", o->keyhandle);
47 pr_info("trusted_key: pcrlock %d\n", o->pcrlock);
48 pr_info("trusted_key: pcrinfo %d\n", o->pcrinfo_len);
49 print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
50 16, 1, o->pcrinfo, o->pcrinfo_len, 0);
51}
52
53static inline void dump_payload(struct trusted_key_payload *p)
54{
55 pr_info("trusted_key: key_len %d\n", p->key_len);
56 print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE,
57 16, 1, p->key, p->key_len, 0);
58 pr_info("trusted_key: bloblen %d\n", p->blob_len);
59 print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE,
60 16, 1, p->blob, p->blob_len, 0);
61 pr_info("trusted_key: migratable %d\n", p->migratable);
62}
63
64static inline void dump_sess(struct osapsess *s)
65{
66 print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
67 16, 1, &s->handle, 4, 0);
68 pr_info("trusted-key: secret:\n");
69 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
70 16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
71 pr_info("trusted-key: enonce:\n");
72 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
73 16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
74}
75
76static inline void dump_tpm_buf(unsigned char *buf)
77{
78 int len;
79
80 pr_info("\ntrusted-key: tpm buffer\n");
81 len = LOAD32(buf, TPM_SIZE_OFFSET);
82 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
83}
84#else
85static inline void dump_options(struct trusted_key_options *o)
86{
87}
88
89static inline void dump_payload(struct trusted_key_payload *p)
90{
91}
92
93static inline void dump_sess(struct osapsess *s)
94{
95}
96
97static inline void dump_tpm_buf(unsigned char *buf)
98{
99}
100#endif
d00a1c72 101#endif
Ubuntu Jammy Linux kernel mirror