1 /********************************************************************************/
3 /* LibTPM interface functions */
4 /* Written by Stefan Berger */
5 /* IBM Thomas J. Watson Research Center */
6 /* $Id: tpm_library.c 4615 2011-08-30 15:35:24Z stefanb $ */
8 /* (c) Copyright IBM Corporation 2010. */
10 /* All rights reserved. */
12 /* Redistribution and use in source and binary forms, with or without */
13 /* modification, are permitted provided that the following conditions are */
16 /* Redistributions of source code must retain the above copyright notice, */
17 /* this list of conditions and the following disclaimer. */
19 /* Redistributions in binary form must reproduce the above copyright */
20 /* notice, this list of conditions and the following disclaimer in the */
21 /* documentation and/or other materials provided with the distribution. */
23 /* Neither the names of the IBM Corporation nor the names of its */
24 /* contributors may be used to endorse or promote products derived from */
25 /* this software without specific prior written permission. */
27 /* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS */
28 /* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT */
29 /* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR */
30 /* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT */
31 /* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, */
32 /* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT */
33 /* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, */
34 /* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY */
35 /* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT */
36 /* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE */
37 /* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
38 /********************************************************************************/
51 #ifdef USE_FREEBL_CRYPTO_LIBRARY
52 # include <plbase64.h>
55 #ifdef USE_OPENSSL_CRYPTO_LIBRARY
56 # include <openssl/bio.h>
57 # include <openssl/evp.h>
60 #include "tpm12/tpm_debug.h"
61 #include "tpm_error.h"
62 #include "tpm_library.h"
63 #include "tpm_library_intern.h"
64 #include "tpm_memory.h"
65 #include "tpm_nvfilename.h"
67 static const struct tags_and_indices
{
70 } tags_and_indices
[] = {
71 [TPMLIB_BLOB_TYPE_INITSTATE
] =
73 .starttag
= TPMLIB_INITSTATE_START_TAG
,
74 .endtag
= TPMLIB_INITSTATE_END_TAG
,
78 static const struct tpm_interface
*const tpm_iface
[] = {
82 static int debug_fd
= -1;
83 static unsigned debug_level
= 0;
84 static char *debug_prefix
= NULL
;
86 static struct sized_buffer cached_blobs
[TPMLIB_STATE_SAVE_STATE
+ 1];
88 uint32_t TPMLIB_GetVersion(void)
90 return TPM_LIBRARY_VERSION
;
93 TPM_RESULT
TPMLIB_MainInit(void)
95 return tpm_iface
[0]->MainInit();
98 void TPMLIB_Terminate(void)
100 tpm_iface
[0]->Terminate();
104 * Send a command to the TPM. The command buffer must hold a well formatted
105 * TPM command and the command_size indicate the size of the command.
106 * The respbuffer parameter may be provided by the user and grow if
107 * the respbufsize size indicator is determined to be too small for the
108 * response. In that case a new buffer will be allocated and the size of that
109 * buffer returned in the respbufsize parameter. resp_size describes the
110 * size of the actual response within the respbuffer.
112 TPM_RESULT
TPMLIB_Process(unsigned char **respbuffer
, uint32_t *resp_size
,
113 uint32_t *respbufsize
,
114 unsigned char *command
, uint32_t command_size
)
116 return tpm_iface
[0]->Process(respbuffer
, resp_size
, respbufsize
,
117 command
, command_size
);
121 * Get the volatile state from the TPM. This function will return the
122 * buffer and the length of the buffer to the caller in case everything
125 TPM_RESULT
TPMLIB_VolatileAll_Store(unsigned char **buffer
,
128 return tpm_iface
[0]->VolatileAllStore(buffer
, buflen
);
132 * Get a property of the TPM. The functions currently only
133 * return compile-time #defines but this may change in future
134 * versions where we may return parameters with which the TPM
135 * was created (rather than compiled).
137 TPM_RESULT
TPMLIB_GetTPMProperty(enum TPMLIB_TPMProperty prop
,
141 case TPMPROP_TPM_BUFFER_MAX
:
142 *result
= TPM_BUFFER_MAX
;
146 return tpm_iface
[0]->GetTPMProperty(prop
, result
);
152 char *TPMLIB_GetInfo(enum TPMLIB_InfoFlags flags
)
154 return tpm_iface
[0]->GetInfo(flags
);
157 TPM_RESULT
TPMLIB_SetState(enum TPMLIB_StateType st
,
158 const unsigned char *buffer
, uint32_t buflen
)
160 return tpm_iface
[0]->SetState(st
, buffer
, buflen
);
163 TPM_RESULT
TPMLIB_GetState(enum TPMLIB_StateType st
,
164 unsigned char **buffer
, uint32_t *buflen
)
166 return tpm_iface
[0]->GetState(st
, buffer
, buflen
);
169 TPM_RESULT
TPM_IO_Hash_Start(void)
171 return tpm_iface
[0]->HashStart();
174 TPM_RESULT
TPM_IO_Hash_Data(const unsigned char *data
, uint32_t data_length
)
176 return tpm_iface
[0]->HashData(data
, data_length
);
179 TPM_RESULT
TPM_IO_Hash_End(void)
181 return tpm_iface
[0]->HashEnd();
184 TPM_RESULT
TPM_IO_TpmEstablished_Get(TPM_BOOL
*tpmEstablished
)
186 return tpm_iface
[0]->TpmEstablishedGet(tpmEstablished
);
189 uint32_t TPMLIB_SetBufferSize(uint32_t wanted_size
,
193 return tpm_iface
[0]->SetBufferSize(wanted_size
, min_size
, max_size
);
196 TPM_RESULT
TPMLIB_ValidateState(enum TPMLIB_StateType st
,
199 return tpm_iface
[0]->ValidateState(st
, flags
);
202 static struct libtpms_callbacks libtpms_cbs
;
204 struct libtpms_callbacks
*TPMLIB_GetCallbacks(void)
209 TPM_RESULT
TPMLIB_RegisterCallbacks(struct libtpms_callbacks
*callbacks
)
211 int max_size
= sizeof(struct libtpms_callbacks
);
213 /* restrict the size of the structure to what we know currently
214 future versions may know more callbacks */
215 if (callbacks
->sizeOfStruct
< max_size
)
216 max_size
= callbacks
->sizeOfStruct
;
218 /* clear the internal callback structure and copy the user provided
220 memset(&libtpms_cbs
, 0x0, sizeof(libtpms_cbs
));
221 memcpy(&libtpms_cbs
, callbacks
, max_size
);
226 static int is_base64ltr(char c
)
228 return ((c
>= 'A' && c
<= 'Z') ||
229 (c
>= 'a' && c
<= 'z') ||
230 (c
>= '0' && c
<= '9') ||
236 #ifdef USE_OPENSSL_CRYPTO_LIBRARY
237 static unsigned char *TPMLIB_OpenSSL_Base64Decode(char *input
,
238 unsigned int outputlen
)
241 unsigned char *res
= NULL
;
244 b64
= BIO_new(BIO_f_base64());
249 bmem
= BIO_new_mem_buf(input
, strlen(input
));
254 bmem
= BIO_push(b64
, bmem
);
255 BIO_set_flags(bmem
, BIO_FLAGS_BASE64_NO_NL
);
257 res
= malloc(outputlen
);
259 TPMLIB_LogError("Could not allocate %u bytes.\n", outputlen
);
263 n
= BIO_read(bmem
, res
, outputlen
);
278 * Base64 decode the string starting at 'start' and the last
279 * valid character may be a 'end'. The length of the decoded string
280 * is returned in *length.
282 static unsigned char *TPMLIB_Base64Decode(const char *start
, const char *end
,
285 unsigned char *ret
= NULL
;
286 char *input
= NULL
, *d
;
289 unsigned int numbase64chars
= 0;
294 while (end
> start
&& !is_base64ltr(*end
))
299 input
= malloc(end
- start
+ 1);
301 TPMLIB_LogError("Could not allocate %u bytes.\n",
302 (unsigned int)(end
- start
+ 1));
306 /* copy from source string skipping '\n' and '\r' and using
307 '=' to calculate the exact length */
313 if (is_base64ltr(c
)) {
326 *length
= (numbase64chars
/ 4) * 3;
327 switch (numbase64chars
% 4) {
330 *length
+= (numbase64chars
% 4) - 1;
335 fprintf(stderr
,"malformed base64\n");
340 #ifdef USE_FREEBL_CRYPTO_LIBRARY
341 ret
= (unsigned char *)PL_Base64Decode(input
, 0, NULL
);
344 #ifdef USE_OPENSSL_CRYPTO_LIBRARY
345 ret
= TPMLIB_OpenSSL_Base64Decode(input
, *length
);
354 static unsigned char *TPMLIB_GetPlaintext(const char *stream
,
355 const char *starttag
,
360 unsigned char *plaintext
= NULL
;
362 start
= strstr(stream
, starttag
);
364 start
+= strlen(starttag
);
365 while (isspace((int)*start
))
367 end
= strstr(start
, endtag
);
369 plaintext
= TPMLIB_Base64Decode(start
, --end
, length
);
375 TPM_RESULT
TPMLIB_DecodeBlob(const char *buffer
, enum TPMLIB_BlobType type
,
376 unsigned char **result
, size_t *result_len
)
378 TPM_RESULT res
= TPM_SUCCESS
;
380 *result
= TPMLIB_GetPlaintext(buffer
,
381 tags_and_indices
[type
].starttag
,
382 tags_and_indices
[type
].endtag
,
385 if (*result
== NULL
) {
392 void TPMLIB_SetDebugFD(int fd
)
397 void TPMLIB_SetDebugLevel(unsigned level
)
402 TPM_RESULT
TPMLIB_SetDebugPrefix(const char *prefix
)
407 debug_prefix
= strdup(prefix
);
417 int TPMLIB_LogPrintf(const char *format
, ...)
419 unsigned level
= debug_level
, i
;
424 if (!debug_fd
|| !debug_level
)
427 va_start(args
, format
);
428 n
= vsnprintf(buffer
, sizeof(buffer
), format
, args
);
431 if (n
< 0 || n
>= (int)sizeof(buffer
))
440 if (buffer
[i
] != ' ')
448 dprintf(debug_fd
, "%s", debug_prefix
);
449 dprintf(debug_fd
, "%s", buffer
);
455 * TPMLIB_LogPrintfA: Printf to the logfd without indentation check
457 * @indent: how many spaces to indent; indent of ~0 forces logging
458 * with indent 0 even if not debug_level is set
459 * @format: format to use for formatting the following parameters
462 void TPMLIB_LogPrintfA(unsigned int indent
, const char *format
, ...)
468 if (indent
!= (unsigned int)~0) {
469 if (!debug_fd
|| !debug_level
)
474 fd
= (debug_fd
>= 0) ? debug_fd
: STDERR_FILENO
;
478 if (indent
> sizeof(spaces
) - 1)
479 indent
= sizeof(spaces
) - 1;
480 memset(spaces
, ' ', indent
);
482 dprintf(fd
, "%s", spaces
);
485 va_start(args
, format
);
486 vdprintf(fd
, format
, args
);
490 void ClearCachedState(enum TPMLIB_StateType st
)
492 free(cached_blobs
[st
].buffer
);
493 cached_blobs
[st
].buffer
= NULL
;
494 cached_blobs
[st
].buflen
= 0;
497 void ClearAllCachedState(void)
499 ClearCachedState(TPMLIB_STATE_VOLATILE
);
500 ClearCachedState(TPMLIB_STATE_PERMANENT
);
501 ClearCachedState(TPMLIB_STATE_SAVE_STATE
);
505 * Set buffer for cached state; we allow setting an empty cached state
506 * by the caller passing a NULL pointer for the buffer.
508 void SetCachedState(enum TPMLIB_StateType st
,
509 unsigned char *buffer
, uint32_t buflen
)
511 free(cached_blobs
[st
].buffer
);
512 cached_blobs
[st
].buffer
= buffer
;
513 cached_blobs
[st
].buflen
= buffer
? buflen
: BUFLEN_EMPTY_BUFFER
;
516 void GetCachedState(enum TPMLIB_StateType st
,
517 unsigned char **buffer
, uint32_t *buflen
,
518 bool *is_empty_buffer
)
520 /* caller owns blob now */
521 *buffer
= cached_blobs
[st
].buffer
;
522 *buflen
= cached_blobs
[st
].buflen
;
523 *is_empty_buffer
= (*buflen
== BUFLEN_EMPTY_BUFFER
);
524 cached_blobs
[st
].buffer
= NULL
;
525 cached_blobs
[st
].buflen
= 0;
528 bool HasCachedState(enum TPMLIB_StateType st
)
530 return (cached_blobs
[st
].buffer
!= NULL
|| cached_blobs
[st
].buflen
!= 0);
533 TPM_RESULT
CopyCachedState(enum TPMLIB_StateType st
,
534 unsigned char **buffer
, uint32_t *buflen
,
535 bool *is_empty_buffer
)
537 TPM_RESULT ret
= TPM_SUCCESS
;
539 /* buflen may indicate an empty buffer */
540 *buflen
= cached_blobs
[st
].buflen
;
541 *is_empty_buffer
= (*buflen
== BUFLEN_EMPTY_BUFFER
);
543 if (cached_blobs
[st
].buffer
) {
544 *buffer
= malloc(*buflen
);
546 TPMLIB_LogError("Could not allocate %u bytes.\n", *buflen
);
549 memcpy(*buffer
, cached_blobs
[st
].buffer
, *buflen
);
558 const char *TPMLIB_StateTypeToName(enum TPMLIB_StateType st
)
561 case TPMLIB_STATE_PERMANENT
:
562 return TPM_PERMANENT_ALL_NAME
;
563 case TPMLIB_STATE_VOLATILE
:
564 return TPM_VOLATILESTATE_NAME
;
565 case TPMLIB_STATE_SAVE_STATE
:
566 return TPM_SAVESTATE_NAME
;
571 enum TPMLIB_StateType
TPMLIB_NameToStateType(const char *name
)
575 if (!strcmp(name
, TPM_PERMANENT_ALL_NAME
))
576 return TPMLIB_STATE_PERMANENT
;
577 if (!strcmp(name
, TPM_VOLATILESTATE_NAME
))
578 return TPMLIB_STATE_VOLATILE
;
579 if (!strcmp(name
, TPM_SAVESTATE_NAME
))
580 return TPMLIB_STATE_SAVE_STATE
;