2 Implement TPM2 DictionaryAttack related command.
4 Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include <IndustryStandard/UefiTcgPlatform.h>
10 #include <Library/Tpm2CommandLib.h>
11 #include <Library/Tpm2DeviceLib.h>
12 #include <Library/BaseMemoryLib.h>
13 #include <Library/BaseLib.h>
14 #include <Library/DebugLib.h>
19 TPM2_COMMAND_HEADER Header
;
20 TPMI_RH_LOCKOUT LockHandle
;
21 UINT32 AuthSessionSize
;
22 TPMS_AUTH_COMMAND AuthSession
;
23 } TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND
;
26 TPM2_RESPONSE_HEADER Header
;
27 UINT32 AuthSessionSize
;
28 TPMS_AUTH_RESPONSE AuthSession
;
29 } TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE
;
32 TPM2_COMMAND_HEADER Header
;
33 TPMI_RH_LOCKOUT LockHandle
;
34 UINT32 AuthSessionSize
;
35 TPMS_AUTH_COMMAND AuthSession
;
37 UINT32 NewRecoveryTime
;
38 UINT32 LockoutRecovery
;
39 } TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND
;
42 TPM2_RESPONSE_HEADER Header
;
43 UINT32 AuthSessionSize
;
44 TPMS_AUTH_RESPONSE AuthSession
;
45 } TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE
;
50 This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
51 If this command is properly authorized, the lockout counter is set to zero.
53 @param[in] LockHandle TPM_RH_LOCKOUT
54 @param[in] AuthSession Auth Session context
56 @retval EFI_SUCCESS Operation completed successfully.
57 @retval EFI_DEVICE_ERROR Unexpected device behavior.
61 Tpm2DictionaryAttackLockReset (
62 IN TPMI_RH_LOCKOUT LockHandle
,
63 IN TPMS_AUTH_COMMAND
*AuthSession
67 TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND SendBuffer
;
68 TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE RecvBuffer
;
69 UINT32 SendBufferSize
;
70 UINT32 RecvBufferSize
;
72 UINT32 SessionInfoSize
;
77 SendBuffer
.Header
.tag
= SwapBytes16 (TPM_ST_SESSIONS
);
78 SendBuffer
.Header
.commandCode
= SwapBytes32 (TPM_CC_DictionaryAttackLockReset
);
80 SendBuffer
.LockHandle
= SwapBytes32 (LockHandle
);
83 // Add in Auth session
85 Buffer
= (UINT8
*)&SendBuffer
.AuthSession
;
88 SessionInfoSize
= CopyAuthSessionCommand (AuthSession
, Buffer
);
89 Buffer
+= SessionInfoSize
;
90 SendBuffer
.AuthSessionSize
= SwapBytes32 (SessionInfoSize
);
92 SendBufferSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&SendBuffer
);
93 SendBuffer
.Header
.paramSize
= SwapBytes32 (SendBufferSize
);
98 RecvBufferSize
= sizeof (RecvBuffer
);
99 Status
= Tpm2SubmitCommand (SendBufferSize
, (UINT8
*)&SendBuffer
, &RecvBufferSize
, (UINT8
*)&RecvBuffer
);
100 if (EFI_ERROR (Status
)) {
104 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
)) {
105 DEBUG ((DEBUG_ERROR
, "Tpm2DictionaryAttackLockReset - RecvBufferSize Error - %x\n", RecvBufferSize
));
106 Status
= EFI_DEVICE_ERROR
;
110 if (SwapBytes32 (RecvBuffer
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
111 DEBUG ((DEBUG_ERROR
, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32 (RecvBuffer
.Header
.responseCode
)));
112 Status
= EFI_DEVICE_ERROR
;
118 // Clear AuthSession Content
120 ZeroMem (&SendBuffer
, sizeof (SendBuffer
));
121 ZeroMem (&RecvBuffer
, sizeof (RecvBuffer
));
126 This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
127 If this command is properly authorized, the lockout counter is set to zero.
129 @param[in] LockHandle TPM_RH_LOCKOUT
130 @param[in] AuthSession Auth Session context
131 @param[in] NewMaxTries Count of authorization failures before the lockout is imposed
132 @param[in] NewRecoveryTime Time in seconds before the authorization failure count is automatically decremented
133 @param[in] LockoutRecovery Time in seconds after a lockoutAuth failure before use of lockoutAuth is allowed
135 @retval EFI_SUCCESS Operation completed successfully.
136 @retval EFI_DEVICE_ERROR Unexpected device behavior.
140 Tpm2DictionaryAttackParameters (
141 IN TPMI_RH_LOCKOUT LockHandle
,
142 IN TPMS_AUTH_COMMAND
*AuthSession
,
143 IN UINT32 NewMaxTries
,
144 IN UINT32 NewRecoveryTime
,
145 IN UINT32 LockoutRecovery
149 TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND SendBuffer
;
150 TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE RecvBuffer
;
151 UINT32 SendBufferSize
;
152 UINT32 RecvBufferSize
;
154 UINT32 SessionInfoSize
;
159 SendBuffer
.Header
.tag
= SwapBytes16 (TPM_ST_SESSIONS
);
160 SendBuffer
.Header
.commandCode
= SwapBytes32 (TPM_CC_DictionaryAttackParameters
);
162 SendBuffer
.LockHandle
= SwapBytes32 (LockHandle
);
165 // Add in Auth session
167 Buffer
= (UINT8
*)&SendBuffer
.AuthSession
;
170 SessionInfoSize
= CopyAuthSessionCommand (AuthSession
, Buffer
);
171 Buffer
+= SessionInfoSize
;
172 SendBuffer
.AuthSessionSize
= SwapBytes32 (SessionInfoSize
);
177 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32 (NewMaxTries
));
178 Buffer
+= sizeof (UINT32
);
179 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32 (NewRecoveryTime
));
180 Buffer
+= sizeof (UINT32
);
181 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32 (LockoutRecovery
));
182 Buffer
+= sizeof (UINT32
);
184 SendBufferSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&SendBuffer
);
185 SendBuffer
.Header
.paramSize
= SwapBytes32 (SendBufferSize
);
190 RecvBufferSize
= sizeof (RecvBuffer
);
191 Status
= Tpm2SubmitCommand (SendBufferSize
, (UINT8
*)&SendBuffer
, &RecvBufferSize
, (UINT8
*)&RecvBuffer
);
192 if (EFI_ERROR (Status
)) {
196 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
)) {
197 DEBUG ((DEBUG_ERROR
, "Tpm2DictionaryAttackParameters - RecvBufferSize Error - %x\n", RecvBufferSize
));
198 Status
= EFI_DEVICE_ERROR
;
202 if (SwapBytes32 (RecvBuffer
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
203 DEBUG ((DEBUG_ERROR
, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32 (RecvBuffer
.Header
.responseCode
)));
204 Status
= EFI_DEVICE_ERROR
;
210 // Clear AuthSession Content
212 ZeroMem (&SendBufferSize
, sizeof (SendBufferSize
));
213 ZeroMem (&RecvBuffer
, sizeof (RecvBuffer
));