SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c

   1 /** @file
   2   Implement TPM2 DictionaryAttack related command.
   3
   4 Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
   5 This program and the accompanying materials
   6 are licensed and made available under the terms and conditions of the BSD License
   7 which accompanies this distribution.  The full text of the license may be found at
   8 http://opensource.org/licenses/bsd-license.php
   9
  10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  12
  13 **/
  14
  15 #include <IndustryStandard/UefiTcgPlatform.h>
  16 #include <Library/Tpm2CommandLib.h>
  17 #include <Library/Tpm2DeviceLib.h>
  18 #include <Library/BaseMemoryLib.h>
  19 #include <Library/BaseLib.h>
  20 #include <Library/DebugLib.h>
  21
  22 #pragma pack(1)
  23
  24 typedef struct {
  25   TPM2_COMMAND_HEADER       Header;
  26   TPMI_RH_LOCKOUT           LockHandle;
  27   UINT32                    AuthSessionSize;
  28   TPMS_AUTH_COMMAND         AuthSession;
  29 } TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND;
  30
  31 typedef struct {
  32   TPM2_RESPONSE_HEADER       Header;
  33   UINT32                     AuthSessionSize;
  34   TPMS_AUTH_RESPONSE         AuthSession;
  35 } TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE;
  36
  37 typedef struct {
  38   TPM2_COMMAND_HEADER       Header;
  39   TPMI_RH_LOCKOUT           LockHandle;
  40   UINT32                    AuthSessionSize;
  41   TPMS_AUTH_COMMAND         AuthSession;
  42   UINT32                    NewMaxTries;
  43   UINT32                    NewRecoveryTime;
  44   UINT32                    LockoutRecovery;
  45 } TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND;
  46
  47 typedef struct {
  48   TPM2_RESPONSE_HEADER       Header;
  49   UINT32                     AuthSessionSize;
  50   TPMS_AUTH_RESPONSE         AuthSession;
  51 } TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE;
  52
  53 #pragma pack()
  54
  55 /**
  56   This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
  57   If this command is properly authorized, the lockout counter is set to zero.
  58
  59   @param[in]  LockHandle            TPM_RH_LOCKOUT
  60   @param[in]  AuthSession           Auth Session context
  61
  62   @retval EFI_SUCCESS      Operation completed successfully.
  63   @retval EFI_DEVICE_ERROR Unexpected device behavior.
  64 **/
  65 EFI_STATUS
  66 EFIAPI
  67 Tpm2DictionaryAttackLockReset (
  68   IN  TPMI_RH_LOCKOUT           LockHandle,
  69   IN  TPMS_AUTH_COMMAND         *AuthSession
  70   )
  71 {
  72   EFI_STATUS                                 Status;
  73   TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND  SendBuffer;
  74   TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE RecvBuffer;
  75   UINT32                                     SendBufferSize;
  76   UINT32                                     RecvBufferSize;
  77   UINT8                                      *Buffer;
  78   UINT32                                     SessionInfoSize;
  79
  80   //
  81   // Construct command
  82   //
  83   SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
  84   SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_DictionaryAttackLockReset);
  85
  86   SendBuffer.LockHandle = SwapBytes32 (LockHandle);
  87
  88   //
  89   // Add in Auth session
  90   //
  91   Buffer = (UINT8 *)&SendBuffer.AuthSession;
  92
  93   // sessionInfoSize
  94   SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
  95   Buffer += SessionInfoSize;
  96   SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
  97
  98   SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
  99   SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
 100
 101   //
 102   // send Tpm command
 103   //
 104   RecvBufferSize = sizeof (RecvBuffer);
 105   Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
 106   if (EFI_ERROR (Status)) {
 107     return Status;
 108   }
 109
 110   if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
 111     DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - RecvBufferSize Error - %x\n", RecvBufferSize));
 112     return EFI_DEVICE_ERROR;
 113   }
 114   if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
 115     DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
 116     return EFI_DEVICE_ERROR;
 117   }
 118
 119   return EFI_SUCCESS;
 120 }
 121
 122 /**
 123   This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
 124   If this command is properly authorized, the lockout counter is set to zero.
 125
 126   @param[in]  LockHandle            TPM_RH_LOCKOUT
 127   @param[in]  AuthSession           Auth Session context
 128   @param[in]  NewMaxTries           Count of authorization failures before the lockout is imposed
 129   @param[in]  NewRecoveryTime       Time in seconds before the authorization failure count is automatically decremented
 130   @param[in]  LockoutRecovery       Time in seconds after a lockoutAuth failure before use of lockoutAuth is allowed
 131
 132   @retval EFI_SUCCESS      Operation completed successfully.
 133   @retval EFI_DEVICE_ERROR Unexpected device behavior.
 134 **/
 135 EFI_STATUS
 136 EFIAPI
 137 Tpm2DictionaryAttackParameters (
 138   IN  TPMI_RH_LOCKOUT           LockHandle,
 139   IN  TPMS_AUTH_COMMAND         *AuthSession,
 140   IN  UINT32                    NewMaxTries,
 141   IN  UINT32                    NewRecoveryTime,
 142   IN  UINT32                    LockoutRecovery
 143   )
 144 {
 145   EFI_STATUS                                 Status;
 146   TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND  SendBuffer;
 147   TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE RecvBuffer;
 148   UINT32                                     SendBufferSize;
 149   UINT32                                     RecvBufferSize;
 150   UINT8                                      *Buffer;
 151   UINT32                                     SessionInfoSize;
 152
 153   //
 154   // Construct command
 155   //
 156   SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
 157   SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_DictionaryAttackParameters);
 158
 159   SendBuffer.LockHandle = SwapBytes32 (LockHandle);
 160
 161   //
 162   // Add in Auth session
 163   //
 164   Buffer = (UINT8 *)&SendBuffer.AuthSession;
 165
 166   // sessionInfoSize
 167   SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
 168   Buffer += SessionInfoSize;
 169   SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
 170
 171   //
 172   // Real data
 173   //
 174   WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(NewMaxTries));
 175   Buffer += sizeof(UINT32);
 176   WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(NewRecoveryTime));
 177   Buffer += sizeof(UINT32);
 178   WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(LockoutRecovery));
 179   Buffer += sizeof(UINT32);
 180
 181   SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
 182   SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
 183
 184   //
 185   // send Tpm command
 186   //
 187   RecvBufferSize = sizeof (RecvBuffer);
 188   Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
 189   if (EFI_ERROR (Status)) {
 190     return Status;
 191   }
 192
 193   if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
 194     DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - RecvBufferSize Error - %x\n", RecvBufferSize));
 195     return EFI_DEVICE_ERROR;
 196   }
 197   if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
 198     DEBUG ((EFI_D_ERROR, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
 199     return EFI_DEVICE_ERROR;
 200   }
 201
 202   return EFI_SUCCESS;
 203 }