4 Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include <IndustryStandard/UefiTcgPlatform.h>
10 #include <Library/Tpm2CommandLib.h>
11 #include <Library/Tpm2DeviceLib.h>
12 #include <Library/BaseMemoryLib.h>
13 #include <Library/BaseLib.h>
14 #include <Library/DebugLib.h>
17 TPMI_ALG_HASH HashAlgo
;
22 STATIC INTERNAL_HASH_INFO mHashInfo
[] = {
23 {TPM_ALG_SHA1
, SHA1_DIGEST_SIZE
, HASH_ALG_SHA1
},
24 {TPM_ALG_SHA256
, SHA256_DIGEST_SIZE
, HASH_ALG_SHA256
},
25 {TPM_ALG_SM3_256
, SM3_256_DIGEST_SIZE
, HASH_ALG_SM3_256
},
26 {TPM_ALG_SHA384
, SHA384_DIGEST_SIZE
, HASH_ALG_SHA384
},
27 {TPM_ALG_SHA512
, SHA512_DIGEST_SIZE
, HASH_ALG_SHA512
},
31 Return size of digest.
33 @param[in] HashAlgo Hash algorithm
35 @return size of digest
40 IN TPMI_ALG_HASH HashAlgo
45 for (Index
= 0; Index
< sizeof(mHashInfo
)/sizeof(mHashInfo
[0]); Index
++) {
46 if (mHashInfo
[Index
].HashAlgo
== HashAlgo
) {
47 return mHashInfo
[Index
].HashSize
;
54 Get hash mask from algorithm.
56 @param[in] HashAlgo Hash algorithm
63 IN TPMI_ALG_HASH HashAlgo
68 for (Index
= 0; Index
< sizeof(mHashInfo
)/sizeof(mHashInfo
[0]); Index
++) {
69 if (mHashInfo
[Index
].HashAlgo
== HashAlgo
) {
70 return mHashInfo
[Index
].HashMask
;
77 Copy AuthSessionIn to TPM2 command buffer.
79 @param [in] AuthSessionIn Input AuthSession data
80 @param [out] AuthSessionOut Output AuthSession data in TPM2 command buffer
82 @return AuthSession size
86 CopyAuthSessionCommand (
87 IN TPMS_AUTH_COMMAND
*AuthSessionIn
, OPTIONAL
88 OUT UINT8
*AuthSessionOut
93 Buffer
= (UINT8
*)AuthSessionOut
;
96 // Add in Auth session
98 if (AuthSessionIn
!= NULL
) {
100 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(AuthSessionIn
->sessionHandle
));
101 Buffer
+= sizeof(UINT32
);
104 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16 (AuthSessionIn
->nonce
.size
));
105 Buffer
+= sizeof(UINT16
);
107 CopyMem (Buffer
, AuthSessionIn
->nonce
.buffer
, AuthSessionIn
->nonce
.size
);
108 Buffer
+= AuthSessionIn
->nonce
.size
;
111 *(UINT8
*)Buffer
= *(UINT8
*)&AuthSessionIn
->sessionAttributes
;
115 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16 (AuthSessionIn
->hmac
.size
));
116 Buffer
+= sizeof(UINT16
);
118 CopyMem (Buffer
, AuthSessionIn
->hmac
.buffer
, AuthSessionIn
->hmac
.size
);
119 Buffer
+= AuthSessionIn
->hmac
.size
;
122 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(TPM_RS_PW
));
123 Buffer
+= sizeof(UINT32
);
126 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(0));
127 Buffer
+= sizeof(UINT16
);
129 // sessionAttributes = 0
130 *(UINT8
*)Buffer
= 0x00;
134 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(0));
135 Buffer
+= sizeof(UINT16
);
138 return (UINT32
)((UINTN
)Buffer
- (UINTN
)AuthSessionOut
);
142 Copy AuthSessionIn from TPM2 response buffer.
144 @param [in] AuthSessionIn Input AuthSession data in TPM2 response buffer
145 @param [out] AuthSessionOut Output AuthSession data
147 @return 0 copy failed
148 else AuthSession size
152 CopyAuthSessionResponse (
153 IN UINT8
*AuthSessionIn
,
154 OUT TPMS_AUTH_RESPONSE
*AuthSessionOut OPTIONAL
158 TPMS_AUTH_RESPONSE LocalAuthSessionOut
;
160 if (AuthSessionOut
== NULL
) {
161 AuthSessionOut
= &LocalAuthSessionOut
;
164 Buffer
= (UINT8
*)AuthSessionIn
;
167 AuthSessionOut
->nonce
.size
= SwapBytes16 (ReadUnaligned16 ((UINT16
*)Buffer
));
168 Buffer
+= sizeof(UINT16
);
169 if (AuthSessionOut
->nonce
.size
> sizeof(TPMU_HA
)) {
170 DEBUG ((DEBUG_ERROR
, "CopyAuthSessionResponse - nonce.size error %x\n", AuthSessionOut
->nonce
.size
));
174 CopyMem (AuthSessionOut
->nonce
.buffer
, Buffer
, AuthSessionOut
->nonce
.size
);
175 Buffer
+= AuthSessionOut
->nonce
.size
;
178 *(UINT8
*)&AuthSessionOut
->sessionAttributes
= *(UINT8
*)Buffer
;
182 AuthSessionOut
->hmac
.size
= SwapBytes16 (ReadUnaligned16 ((UINT16
*)Buffer
));
183 Buffer
+= sizeof(UINT16
);
184 if (AuthSessionOut
->hmac
.size
> sizeof(TPMU_HA
)) {
185 DEBUG ((DEBUG_ERROR
, "CopyAuthSessionResponse - hmac.size error %x\n", AuthSessionOut
->hmac
.size
));
189 CopyMem (AuthSessionOut
->hmac
.buffer
, Buffer
, AuthSessionOut
->hmac
.size
);
190 Buffer
+= AuthSessionOut
->hmac
.size
;
192 return (UINT32
)((UINTN
)Buffer
- (UINTN
)AuthSessionIn
);
196 Return if hash alg is supported in HashAlgorithmMask.
198 @param HashAlg Hash algorithm to be checked.
199 @param HashAlgorithmMask Bitfield of allowed hash algorithms.
201 @retval TRUE Hash algorithm is supported.
202 @retval FALSE Hash algorithm is not supported.
206 IsHashAlgSupportedInHashAlgorithmMask(
207 IN TPMI_ALG_HASH HashAlg
,
208 IN UINT32 HashAlgorithmMask
213 if ((HashAlgorithmMask
& HASH_ALG_SHA1
) != 0) {
218 if ((HashAlgorithmMask
& HASH_ALG_SHA256
) != 0) {
223 if ((HashAlgorithmMask
& HASH_ALG_SHA384
) != 0) {
228 if ((HashAlgorithmMask
& HASH_ALG_SHA512
) != 0) {
232 case TPM_ALG_SM3_256
:
233 if ((HashAlgorithmMask
& HASH_ALG_SM3_256
) != 0) {
243 Copy TPML_DIGEST_VALUES into a buffer
245 @param[in,out] Buffer Buffer to hold copied TPML_DIGEST_VALUES compact binary.
246 @param[in] DigestList TPML_DIGEST_VALUES to be copied.
247 @param[in] HashAlgorithmMask HASH bits corresponding to the desired digests to copy.
249 @return The end of buffer to hold TPML_DIGEST_VALUES.
253 CopyDigestListToBuffer (
255 IN TPML_DIGEST_VALUES
*DigestList
,
256 IN UINT32 HashAlgorithmMask
261 UINT32 DigestListCount
;
262 UINT32
*DigestListCountPtr
;
264 DigestListCountPtr
= (UINT32
*) Buffer
;
266 Buffer
= (UINT8
*)Buffer
+ sizeof(DigestList
->count
);
267 for (Index
= 0; Index
< DigestList
->count
; Index
++) {
268 if (!IsHashAlgSupportedInHashAlgorithmMask(DigestList
->digests
[Index
].hashAlg
, HashAlgorithmMask
)) {
269 DEBUG ((EFI_D_ERROR
, "WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0x%x)\n", DigestList
->digests
[Index
].hashAlg
));
272 CopyMem (Buffer
, &DigestList
->digests
[Index
].hashAlg
, sizeof(DigestList
->digests
[Index
].hashAlg
));
273 Buffer
= (UINT8
*)Buffer
+ sizeof(DigestList
->digests
[Index
].hashAlg
);
274 DigestSize
= GetHashSizeFromAlgo (DigestList
->digests
[Index
].hashAlg
);
275 CopyMem (Buffer
, &DigestList
->digests
[Index
].digest
, DigestSize
);
276 Buffer
= (UINT8
*)Buffer
+ DigestSize
;
279 WriteUnaligned32 (DigestListCountPtr
, DigestListCount
);
285 Get TPML_DIGEST_VALUES data size.
287 @param[in] DigestList TPML_DIGEST_VALUES data.
289 @return TPML_DIGEST_VALUES data size.
294 IN TPML_DIGEST_VALUES
*DigestList
301 TotalSize
= sizeof(DigestList
->count
);
302 for (Index
= 0; Index
< DigestList
->count
; Index
++) {
303 DigestSize
= GetHashSizeFromAlgo (DigestList
->digests
[Index
].hashAlg
);
304 TotalSize
+= sizeof(DigestList
->digests
[Index
].hashAlg
) + DigestSize
;
311 This function get digest from digest list.
313 @param[in] HashAlg Digest algorithm
314 @param[in] DigestList Digest list
315 @param[out] Digest Digest
317 @retval EFI_SUCCESS Digest is found and returned.
318 @retval EFI_NOT_FOUND Digest is not found.
322 GetDigestFromDigestList (
323 IN TPMI_ALG_HASH HashAlg
,
324 IN TPML_DIGEST_VALUES
*DigestList
,
331 DigestSize
= GetHashSizeFromAlgo (HashAlg
);
332 for (Index
= 0; Index
< DigestList
->count
; Index
++) {
333 if (DigestList
->digests
[Index
].hashAlg
== HashAlg
) {
336 &DigestList
->digests
[Index
].digest
,
343 return EFI_NOT_FOUND
;