Commit | Line | Data |
---|---|---|
72c5afd0 MX |
1 | /** @file\r |
2 | This library is HashLib for Tdx.\r | |
3 | \r | |
4 | Copyright (c) 2021 - 2022, Intel Corporation. All rights reserved. <BR>\r | |
5 | SPDX-License-Identifier: BSD-2-Clause-Patent\r | |
6 | \r | |
7 | **/\r | |
8 | \r | |
9 | #include <PiPei.h>\r | |
10 | #include <Library/BaseLib.h>\r | |
11 | #include <Library/BaseMemoryLib.h>\r | |
12 | #include <Library/DebugLib.h>\r | |
13 | #include <Library/PcdLib.h>\r | |
14 | #include <Library/HashLib.h>\r | |
15 | #include <Library/TdxLib.h>\r | |
16 | #include <Protocol/CcMeasurement.h>\r | |
17 | \r | |
18 | EFI_GUID mSha384Guid = HASH_ALGORITHM_SHA384_GUID;\r | |
19 | \r | |
20 | //\r | |
21 | // Currently TDX supports SHA384.\r | |
22 | //\r | |
23 | HASH_INTERFACE mHashInterface = {\r | |
24 | { 0 }, NULL, NULL, NULL\r | |
25 | };\r | |
26 | \r | |
27 | UINTN mHashInterfaceCount = 0;\r | |
28 | \r | |
29 | /**\r | |
30 | Start hash sequence.\r | |
31 | \r | |
32 | @param HashHandle Hash handle.\r | |
33 | \r | |
34 | @retval EFI_SUCCESS Hash sequence start and HandleHandle returned.\r | |
35 | @retval EFI_OUT_OF_RESOURCES No enough resource to start hash.\r | |
36 | **/\r | |
37 | EFI_STATUS\r | |
38 | EFIAPI\r | |
39 | HashStart (\r | |
40 | OUT HASH_HANDLE *HashHandle\r | |
41 | )\r | |
42 | {\r | |
43 | HASH_HANDLE HashCtx;\r | |
44 | \r | |
45 | if (mHashInterfaceCount == 0) {\r | |
46 | ASSERT (FALSE);\r | |
47 | return EFI_UNSUPPORTED;\r | |
48 | }\r | |
49 | \r | |
50 | HashCtx = 0;\r | |
51 | mHashInterface.HashInit (&HashCtx);\r | |
52 | \r | |
53 | *HashHandle = HashCtx;\r | |
54 | \r | |
55 | return EFI_SUCCESS;\r | |
56 | }\r | |
57 | \r | |
58 | /**\r | |
59 | Update hash sequence data.\r | |
60 | \r | |
61 | @param HashHandle Hash handle.\r | |
62 | @param DataToHash Data to be hashed.\r | |
63 | @param DataToHashLen Data size.\r | |
64 | \r | |
65 | @retval EFI_SUCCESS Hash sequence updated.\r | |
66 | **/\r | |
67 | EFI_STATUS\r | |
68 | EFIAPI\r | |
69 | HashUpdate (\r | |
70 | IN HASH_HANDLE HashHandle,\r | |
71 | IN VOID *DataToHash,\r | |
72 | IN UINTN DataToHashLen\r | |
73 | )\r | |
74 | {\r | |
75 | if (mHashInterfaceCount == 0) {\r | |
76 | ASSERT (FALSE);\r | |
77 | return EFI_UNSUPPORTED;\r | |
78 | }\r | |
79 | \r | |
80 | mHashInterface.HashUpdate (HashHandle, DataToHash, DataToHashLen);\r | |
81 | \r | |
82 | return EFI_SUCCESS;\r | |
83 | }\r | |
84 | \r | |
85 | /**\r | |
86 | Hash sequence complete and extend to PCR.\r | |
87 | \r | |
88 | @param HashHandle Hash handle.\r | |
89 | @param PcrIndex PCR to be extended.\r | |
90 | @param DataToHash Data to be hashed.\r | |
91 | @param DataToHashLen Data size.\r | |
92 | @param DigestList Digest list.\r | |
93 | \r | |
94 | @retval EFI_SUCCESS Hash sequence complete and DigestList is returned.\r | |
95 | **/\r | |
96 | EFI_STATUS\r | |
97 | EFIAPI\r | |
98 | HashCompleteAndExtend (\r | |
99 | IN HASH_HANDLE HashHandle,\r | |
100 | IN TPMI_DH_PCR PcrIndex,\r | |
101 | IN VOID *DataToHash,\r | |
102 | IN UINTN DataToHashLen,\r | |
103 | OUT TPML_DIGEST_VALUES *DigestList\r | |
104 | )\r | |
105 | {\r | |
106 | TPML_DIGEST_VALUES Digest;\r | |
107 | EFI_STATUS Status;\r | |
108 | \r | |
109 | if (mHashInterfaceCount == 0) {\r | |
110 | ASSERT (FALSE);\r | |
111 | return EFI_UNSUPPORTED;\r | |
112 | }\r | |
113 | \r | |
114 | ZeroMem (DigestList, sizeof (*DigestList));\r | |
115 | \r | |
116 | mHashInterface.HashUpdate (HashHandle, DataToHash, DataToHashLen);\r | |
117 | mHashInterface.HashFinal (HashHandle, &Digest);\r | |
118 | \r | |
119 | CopyMem (\r | |
120 | &DigestList->digests[0],\r | |
121 | &Digest.digests[0],\r | |
122 | sizeof (Digest.digests[0])\r | |
123 | );\r | |
124 | DigestList->count++;\r | |
125 | \r | |
126 | ASSERT (DigestList->count == 1 && DigestList->digests[0].hashAlg == TPM_ALG_SHA384);\r | |
127 | \r | |
128 | Status = TdExtendRtmr (\r | |
129 | (UINT32 *)DigestList->digests[0].digest.sha384,\r | |
130 | SHA384_DIGEST_SIZE,\r | |
131 | (UINT8)PcrIndex\r | |
132 | );\r | |
133 | \r | |
134 | ASSERT (!EFI_ERROR (Status));\r | |
135 | return Status;\r | |
136 | }\r | |
137 | \r | |
138 | /**\r | |
139 | Hash data and extend to RTMR.\r | |
140 | \r | |
141 | @param PcrIndex PCR to be extended.\r | |
142 | @param DataToHash Data to be hashed.\r | |
143 | @param DataToHashLen Data size.\r | |
144 | @param DigestList Digest list.\r | |
145 | \r | |
146 | @retval EFI_SUCCESS Hash data and DigestList is returned.\r | |
147 | **/\r | |
148 | EFI_STATUS\r | |
149 | EFIAPI\r | |
150 | HashAndExtend (\r | |
151 | IN TPMI_DH_PCR PcrIndex,\r | |
152 | IN VOID *DataToHash,\r | |
153 | IN UINTN DataToHashLen,\r | |
154 | OUT TPML_DIGEST_VALUES *DigestList\r | |
155 | )\r | |
156 | {\r | |
157 | HASH_HANDLE HashHandle;\r | |
158 | EFI_STATUS Status;\r | |
159 | \r | |
160 | if (mHashInterfaceCount == 0) {\r | |
161 | ASSERT (FALSE);\r | |
162 | return EFI_UNSUPPORTED;\r | |
163 | }\r | |
164 | \r | |
165 | ASSERT (TdIsEnabled ());\r | |
166 | \r | |
167 | HashStart (&HashHandle);\r | |
168 | HashUpdate (HashHandle, DataToHash, DataToHashLen);\r | |
169 | Status = HashCompleteAndExtend (HashHandle, PcrIndex, NULL, 0, DigestList);\r | |
170 | \r | |
171 | return Status;\r | |
172 | }\r | |
173 | \r | |
174 | /**\r | |
175 | This service register Hash.\r | |
176 | \r | |
177 | @param HashInterface Hash interface\r | |
178 | \r | |
179 | @retval EFI_SUCCESS This hash interface is registered successfully.\r | |
180 | @retval EFI_UNSUPPORTED System does not support register this interface.\r | |
181 | @retval EFI_ALREADY_STARTED System already register this interface.\r | |
182 | **/\r | |
183 | EFI_STATUS\r | |
184 | EFIAPI\r | |
185 | RegisterHashInterfaceLib (\r | |
186 | IN HASH_INTERFACE *HashInterface\r | |
187 | )\r | |
188 | {\r | |
189 | ASSERT (TdIsEnabled ());\r | |
190 | \r | |
191 | //\r | |
192 | // Only SHA384 is allowed.\r | |
193 | //\r | |
194 | if (!CompareGuid (&mSha384Guid, &HashInterface->HashGuid)) {\r | |
195 | return EFI_UNSUPPORTED;\r | |
196 | }\r | |
197 | \r | |
198 | if (mHashInterfaceCount != 0) {\r | |
199 | ASSERT (FALSE);\r | |
200 | return EFI_OUT_OF_RESOURCES;\r | |
201 | }\r | |
202 | \r | |
203 | CopyMem (&mHashInterface, HashInterface, sizeof (*HashInterface));\r | |
204 | mHashInterfaceCount++;\r | |
205 | \r | |
206 | return EFI_SUCCESS;\r | |
207 | }\r |