4 Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
5 SPDX-License-Identifier: BSD-2-Clause-Patent
9 #include <IndustryStandard/UefiTcgPlatform.h>
10 #include <Library/Tpm2CommandLib.h>
11 #include <Library/Tpm2DeviceLib.h>
12 #include <Library/BaseMemoryLib.h>
13 #include <Library/BaseLib.h>
14 #include <Library/DebugLib.h>
17 TPMI_ALG_HASH HashAlgo
;
22 STATIC INTERNAL_HASH_INFO mHashInfo
[] = {
23 { TPM_ALG_SHA1
, SHA1_DIGEST_SIZE
, HASH_ALG_SHA1
},
24 { TPM_ALG_SHA256
, SHA256_DIGEST_SIZE
, HASH_ALG_SHA256
},
25 { TPM_ALG_SM3_256
, SM3_256_DIGEST_SIZE
, HASH_ALG_SM3_256
},
26 { TPM_ALG_SHA384
, SHA384_DIGEST_SIZE
, HASH_ALG_SHA384
},
27 { TPM_ALG_SHA512
, SHA512_DIGEST_SIZE
, HASH_ALG_SHA512
},
31 Return size of digest.
33 @param[in] HashAlgo Hash algorithm
35 @return size of digest
40 IN TPMI_ALG_HASH HashAlgo
45 for (Index
= 0; Index
< sizeof (mHashInfo
)/sizeof (mHashInfo
[0]); Index
++) {
46 if (mHashInfo
[Index
].HashAlgo
== HashAlgo
) {
47 return mHashInfo
[Index
].HashSize
;
55 Get hash mask from algorithm.
57 @param[in] HashAlgo Hash algorithm
64 IN TPMI_ALG_HASH HashAlgo
69 for (Index
= 0; Index
< sizeof (mHashInfo
)/sizeof (mHashInfo
[0]); Index
++) {
70 if (mHashInfo
[Index
].HashAlgo
== HashAlgo
) {
71 return mHashInfo
[Index
].HashMask
;
79 Copy AuthSessionIn to TPM2 command buffer.
81 @param [in] AuthSessionIn Input AuthSession data
82 @param [out] AuthSessionOut Output AuthSession data in TPM2 command buffer
84 @return AuthSession size
88 CopyAuthSessionCommand (
89 IN TPMS_AUTH_COMMAND
*AuthSessionIn OPTIONAL
,
90 OUT UINT8
*AuthSessionOut
95 Buffer
= (UINT8
*)AuthSessionOut
;
98 // Add in Auth session
100 if (AuthSessionIn
!= NULL
) {
102 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32 (AuthSessionIn
->sessionHandle
));
103 Buffer
+= sizeof (UINT32
);
106 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16 (AuthSessionIn
->nonce
.size
));
107 Buffer
+= sizeof (UINT16
);
109 CopyMem (Buffer
, AuthSessionIn
->nonce
.buffer
, AuthSessionIn
->nonce
.size
);
110 Buffer
+= AuthSessionIn
->nonce
.size
;
113 *(UINT8
*)Buffer
= *(UINT8
*)&AuthSessionIn
->sessionAttributes
;
117 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16 (AuthSessionIn
->hmac
.size
));
118 Buffer
+= sizeof (UINT16
);
120 CopyMem (Buffer
, AuthSessionIn
->hmac
.buffer
, AuthSessionIn
->hmac
.size
);
121 Buffer
+= AuthSessionIn
->hmac
.size
;
124 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32 (TPM_RS_PW
));
125 Buffer
+= sizeof (UINT32
);
128 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16 (0));
129 Buffer
+= sizeof (UINT16
);
131 // sessionAttributes = 0
132 *(UINT8
*)Buffer
= 0x00;
136 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16 (0));
137 Buffer
+= sizeof (UINT16
);
140 return (UINT32
)((UINTN
)Buffer
- (UINTN
)AuthSessionOut
);
144 Copy AuthSessionIn from TPM2 response buffer.
146 @param [in] AuthSessionIn Input AuthSession data in TPM2 response buffer
147 @param [out] AuthSessionOut Output AuthSession data
149 @return 0 copy failed
150 else AuthSession size
154 CopyAuthSessionResponse (
155 IN UINT8
*AuthSessionIn
,
156 OUT TPMS_AUTH_RESPONSE
*AuthSessionOut OPTIONAL
160 TPMS_AUTH_RESPONSE LocalAuthSessionOut
;
162 if (AuthSessionOut
== NULL
) {
163 AuthSessionOut
= &LocalAuthSessionOut
;
166 Buffer
= (UINT8
*)AuthSessionIn
;
169 AuthSessionOut
->nonce
.size
= SwapBytes16 (ReadUnaligned16 ((UINT16
*)Buffer
));
170 Buffer
+= sizeof (UINT16
);
171 if (AuthSessionOut
->nonce
.size
> sizeof (TPMU_HA
)) {
172 DEBUG ((DEBUG_ERROR
, "CopyAuthSessionResponse - nonce.size error %x\n", AuthSessionOut
->nonce
.size
));
176 CopyMem (AuthSessionOut
->nonce
.buffer
, Buffer
, AuthSessionOut
->nonce
.size
);
177 Buffer
+= AuthSessionOut
->nonce
.size
;
180 *(UINT8
*) &AuthSessionOut
->sessionAttributes
= *(UINT8
*)Buffer
;
184 AuthSessionOut
->hmac
.size
= SwapBytes16 (ReadUnaligned16 ((UINT16
*)Buffer
));
185 Buffer
+= sizeof (UINT16
);
186 if (AuthSessionOut
->hmac
.size
> sizeof (TPMU_HA
)) {
187 DEBUG ((DEBUG_ERROR
, "CopyAuthSessionResponse - hmac.size error %x\n", AuthSessionOut
->hmac
.size
));
191 CopyMem (AuthSessionOut
->hmac
.buffer
, Buffer
, AuthSessionOut
->hmac
.size
);
192 Buffer
+= AuthSessionOut
->hmac
.size
;
194 return (UINT32
)((UINTN
)Buffer
- (UINTN
)AuthSessionIn
);
198 Return if hash alg is supported in HashAlgorithmMask.
200 @param HashAlg Hash algorithm to be checked.
201 @param HashAlgorithmMask Bitfield of allowed hash algorithms.
203 @retval TRUE Hash algorithm is supported.
204 @retval FALSE Hash algorithm is not supported.
208 IsHashAlgSupportedInHashAlgorithmMask (
209 IN TPMI_ALG_HASH HashAlg
,
210 IN UINT32 HashAlgorithmMask
215 if ((HashAlgorithmMask
& HASH_ALG_SHA1
) != 0) {
221 if ((HashAlgorithmMask
& HASH_ALG_SHA256
) != 0) {
227 if ((HashAlgorithmMask
& HASH_ALG_SHA384
) != 0) {
233 if ((HashAlgorithmMask
& HASH_ALG_SHA512
) != 0) {
238 case TPM_ALG_SM3_256
:
239 if ((HashAlgorithmMask
& HASH_ALG_SM3_256
) != 0) {
250 Copy TPML_DIGEST_VALUES into a buffer
252 @param[in,out] Buffer Buffer to hold copied TPML_DIGEST_VALUES compact binary.
253 @param[in] DigestList TPML_DIGEST_VALUES to be copied.
254 @param[in] HashAlgorithmMask HASH bits corresponding to the desired digests to copy.
256 @return The end of buffer to hold TPML_DIGEST_VALUES.
260 CopyDigestListToBuffer (
262 IN TPML_DIGEST_VALUES
*DigestList
,
263 IN UINT32 HashAlgorithmMask
268 UINT32 DigestListCount
;
269 UINT32
*DigestListCountPtr
;
271 DigestListCountPtr
= (UINT32
*)Buffer
;
273 Buffer
= (UINT8
*)Buffer
+ sizeof (DigestList
->count
);
274 for (Index
= 0; Index
< DigestList
->count
; Index
++) {
275 if (!IsHashAlgSupportedInHashAlgorithmMask (DigestList
->digests
[Index
].hashAlg
, HashAlgorithmMask
)) {
276 DEBUG ((DEBUG_ERROR
, "WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0x%x)\n", DigestList
->digests
[Index
].hashAlg
));
280 CopyMem (Buffer
, &DigestList
->digests
[Index
].hashAlg
, sizeof (DigestList
->digests
[Index
].hashAlg
));
281 Buffer
= (UINT8
*)Buffer
+ sizeof (DigestList
->digests
[Index
].hashAlg
);
282 DigestSize
= GetHashSizeFromAlgo (DigestList
->digests
[Index
].hashAlg
);
283 CopyMem (Buffer
, &DigestList
->digests
[Index
].digest
, DigestSize
);
284 Buffer
= (UINT8
*)Buffer
+ DigestSize
;
288 WriteUnaligned32 (DigestListCountPtr
, DigestListCount
);
294 Get TPML_DIGEST_VALUES data size.
296 @param[in] DigestList TPML_DIGEST_VALUES data.
298 @return TPML_DIGEST_VALUES data size.
303 IN TPML_DIGEST_VALUES
*DigestList
310 TotalSize
= sizeof (DigestList
->count
);
311 for (Index
= 0; Index
< DigestList
->count
; Index
++) {
312 DigestSize
= GetHashSizeFromAlgo (DigestList
->digests
[Index
].hashAlg
);
313 TotalSize
+= sizeof (DigestList
->digests
[Index
].hashAlg
) + DigestSize
;
320 This function get digest from digest list.
322 @param[in] HashAlg Digest algorithm
323 @param[in] DigestList Digest list
324 @param[out] Digest Digest
326 @retval EFI_SUCCESS Digest is found and returned.
327 @retval EFI_NOT_FOUND Digest is not found.
331 GetDigestFromDigestList (
332 IN TPMI_ALG_HASH HashAlg
,
333 IN TPML_DIGEST_VALUES
*DigestList
,
340 DigestSize
= GetHashSizeFromAlgo (HashAlg
);
341 for (Index
= 0; Index
< DigestList
->count
; Index
++) {
342 if (DigestList
->digests
[Index
].hashAlg
== HashAlg
) {
345 &DigestList
->digests
[Index
].digest
,
352 return EFI_NOT_FOUND
;