2 Implement TPM2 DictionaryAttack related command.
4 Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include <IndustryStandard/UefiTcgPlatform.h>
10 #include <Library/Tpm2CommandLib.h>
11 #include <Library/Tpm2DeviceLib.h>
12 #include <Library/BaseMemoryLib.h>
13 #include <Library/BaseLib.h>
14 #include <Library/DebugLib.h>
19 TPM2_COMMAND_HEADER Header
;
20 TPMI_RH_LOCKOUT LockHandle
;
21 UINT32 AuthSessionSize
;
22 TPMS_AUTH_COMMAND AuthSession
;
23 } TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND
;
26 TPM2_RESPONSE_HEADER Header
;
27 UINT32 AuthSessionSize
;
28 TPMS_AUTH_RESPONSE AuthSession
;
29 } TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE
;
32 TPM2_COMMAND_HEADER Header
;
33 TPMI_RH_LOCKOUT LockHandle
;
34 UINT32 AuthSessionSize
;
35 TPMS_AUTH_COMMAND AuthSession
;
37 UINT32 NewRecoveryTime
;
38 UINT32 LockoutRecovery
;
39 } TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND
;
42 TPM2_RESPONSE_HEADER Header
;
43 UINT32 AuthSessionSize
;
44 TPMS_AUTH_RESPONSE AuthSession
;
45 } TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE
;
50 This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
51 If this command is properly authorized, the lockout counter is set to zero.
53 @param[in] LockHandle TPM_RH_LOCKOUT
54 @param[in] AuthSession Auth Session context
56 @retval EFI_SUCCESS Operation completed successfully.
57 @retval EFI_DEVICE_ERROR Unexpected device behavior.
61 Tpm2DictionaryAttackLockReset (
62 IN TPMI_RH_LOCKOUT LockHandle
,
63 IN TPMS_AUTH_COMMAND
*AuthSession
67 TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND SendBuffer
;
68 TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE RecvBuffer
;
69 UINT32 SendBufferSize
;
70 UINT32 RecvBufferSize
;
72 UINT32 SessionInfoSize
;
77 SendBuffer
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
78 SendBuffer
.Header
.commandCode
= SwapBytes32(TPM_CC_DictionaryAttackLockReset
);
80 SendBuffer
.LockHandle
= SwapBytes32 (LockHandle
);
83 // Add in Auth session
85 Buffer
= (UINT8
*)&SendBuffer
.AuthSession
;
88 SessionInfoSize
= CopyAuthSessionCommand (AuthSession
, Buffer
);
89 Buffer
+= SessionInfoSize
;
90 SendBuffer
.AuthSessionSize
= SwapBytes32(SessionInfoSize
);
92 SendBufferSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&SendBuffer
);
93 SendBuffer
.Header
.paramSize
= SwapBytes32 (SendBufferSize
);
98 RecvBufferSize
= sizeof (RecvBuffer
);
99 Status
= Tpm2SubmitCommand (SendBufferSize
, (UINT8
*)&SendBuffer
, &RecvBufferSize
, (UINT8
*)&RecvBuffer
);
100 if (EFI_ERROR (Status
)) {
104 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
)) {
105 DEBUG ((EFI_D_ERROR
, "Tpm2DictionaryAttackLockReset - RecvBufferSize Error - %x\n", RecvBufferSize
));
106 Status
= EFI_DEVICE_ERROR
;
109 if (SwapBytes32(RecvBuffer
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
110 DEBUG ((EFI_D_ERROR
, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32(RecvBuffer
.Header
.responseCode
)));
111 Status
= EFI_DEVICE_ERROR
;
117 // Clear AuthSession Content
119 ZeroMem (&SendBuffer
, sizeof(SendBuffer
));
120 ZeroMem (&RecvBuffer
, sizeof(RecvBuffer
));
125 This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
126 If this command is properly authorized, the lockout counter is set to zero.
128 @param[in] LockHandle TPM_RH_LOCKOUT
129 @param[in] AuthSession Auth Session context
130 @param[in] NewMaxTries Count of authorization failures before the lockout is imposed
131 @param[in] NewRecoveryTime Time in seconds before the authorization failure count is automatically decremented
132 @param[in] LockoutRecovery Time in seconds after a lockoutAuth failure before use of lockoutAuth is allowed
134 @retval EFI_SUCCESS Operation completed successfully.
135 @retval EFI_DEVICE_ERROR Unexpected device behavior.
139 Tpm2DictionaryAttackParameters (
140 IN TPMI_RH_LOCKOUT LockHandle
,
141 IN TPMS_AUTH_COMMAND
*AuthSession
,
142 IN UINT32 NewMaxTries
,
143 IN UINT32 NewRecoveryTime
,
144 IN UINT32 LockoutRecovery
148 TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND SendBuffer
;
149 TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE RecvBuffer
;
150 UINT32 SendBufferSize
;
151 UINT32 RecvBufferSize
;
153 UINT32 SessionInfoSize
;
158 SendBuffer
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
159 SendBuffer
.Header
.commandCode
= SwapBytes32(TPM_CC_DictionaryAttackParameters
);
161 SendBuffer
.LockHandle
= SwapBytes32 (LockHandle
);
164 // Add in Auth session
166 Buffer
= (UINT8
*)&SendBuffer
.AuthSession
;
169 SessionInfoSize
= CopyAuthSessionCommand (AuthSession
, Buffer
);
170 Buffer
+= SessionInfoSize
;
171 SendBuffer
.AuthSessionSize
= SwapBytes32(SessionInfoSize
);
176 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(NewMaxTries
));
177 Buffer
+= sizeof(UINT32
);
178 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(NewRecoveryTime
));
179 Buffer
+= sizeof(UINT32
);
180 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(LockoutRecovery
));
181 Buffer
+= sizeof(UINT32
);
183 SendBufferSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&SendBuffer
);
184 SendBuffer
.Header
.paramSize
= SwapBytes32 (SendBufferSize
);
189 RecvBufferSize
= sizeof (RecvBuffer
);
190 Status
= Tpm2SubmitCommand (SendBufferSize
, (UINT8
*)&SendBuffer
, &RecvBufferSize
, (UINT8
*)&RecvBuffer
);
191 if (EFI_ERROR (Status
)) {
195 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
)) {
196 DEBUG ((EFI_D_ERROR
, "Tpm2DictionaryAttackParameters - RecvBufferSize Error - %x\n", RecvBufferSize
));
197 Status
= EFI_DEVICE_ERROR
;
200 if (SwapBytes32(RecvBuffer
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
201 DEBUG ((EFI_D_ERROR
, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32(RecvBuffer
.Header
.responseCode
)));
202 Status
= EFI_DEVICE_ERROR
;
208 // Clear AuthSession Content
210 ZeroMem (&SendBufferSize
, sizeof(SendBufferSize
));
211 ZeroMem (&RecvBuffer
, sizeof(RecvBuffer
));