SecurityPkg: Replace BSD License with BSD+Patent License

[mirror_edk2.git] / SecurityPkg / Library / Tpm2CommandLib / Tpm2Help.c

diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c
index 2df18dfe070ac6dd33baf19b5e676c15a3ca4026..36c240d1221c88319b29a34fba46c161d6371e39 100644 (file)
--- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c
+++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c
@@ -1,14 +1,8 @@
 /** @file\r
   Implement TPM2 help.\r
 \r
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution.  The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
 \r
 **/\r
 \r
@@ -22,14 +16,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 typedef struct {\r
   TPMI_ALG_HASH              HashAlgo;\r
   UINT16                     HashSize;\r
+  UINT32                     HashMask;\r
 } INTERNAL_HASH_INFO;\r
 \r
 STATIC INTERNAL_HASH_INFO mHashInfo[] = {\r
-  {TPM_ALG_SHA1,          SHA1_DIGEST_SIZE},\r
-  {TPM_ALG_SHA256,        SHA256_DIGEST_SIZE},\r
-  {TPM_ALG_SM3_256,       SM3_256_DIGEST_SIZE},\r
-  {TPM_ALG_SHA384,        SHA384_DIGEST_SIZE},\r
-  {TPM_ALG_SHA512,        SHA512_DIGEST_SIZE},\r
+  {TPM_ALG_SHA1,          SHA1_DIGEST_SIZE,     HASH_ALG_SHA1},\r
+  {TPM_ALG_SHA256,        SHA256_DIGEST_SIZE,   HASH_ALG_SHA256},\r
+  {TPM_ALG_SM3_256,       SM3_256_DIGEST_SIZE,  HASH_ALG_SM3_256},\r
+  {TPM_ALG_SHA384,        SHA384_DIGEST_SIZE,   HASH_ALG_SHA384},\r
+  {TPM_ALG_SHA512,        SHA512_DIGEST_SIZE,   HASH_ALG_SHA512},\r
 };\r
 \r
 /**\r
@@ -55,6 +50,29 @@ GetHashSizeFromAlgo (
   return 0;\r
 }\r
 \r
+/**\r
+  Get hash mask from algorithm.\r
+\r
+  @param[in] HashAlgo   Hash algorithm\r
+\r
+  @return Hash mask\r
+**/\r
+UINT32\r
+EFIAPI\r
+GetHashMaskFromAlgo (\r
+  IN TPMI_ALG_HASH     HashAlgo\r
+  )\r
+{\r
+  UINTN  Index;\r
+\r
+  for (Index = 0; Index < sizeof(mHashInfo)/sizeof(mHashInfo[0]); Index++) {\r
+    if (mHashInfo[Index].HashAlgo == HashAlgo) {\r
+      return mHashInfo[Index].HashMask;\r
+    }\r
+  }\r
+  return 0;\r
+}\r
+\r
 /**\r
   Copy AuthSessionIn to TPM2 command buffer.\r
 \r
@@ -73,7 +91,7 @@ CopyAuthSessionCommand (
   UINT8  *Buffer;\r
 \r
   Buffer = (UINT8 *)AuthSessionOut;\r
-  \r
+\r
   //\r
   // Add in Auth session\r
   //\r
@@ -117,7 +135,7 @@ CopyAuthSessionCommand (
     Buffer += sizeof(UINT16);\r
   }\r
 \r
-  return (UINT32)(UINTN)(Buffer - (UINT8 *)AuthSessionOut);\r
+  return (UINT32)((UINTN)Buffer - (UINTN)AuthSessionOut);\r
 }\r
 \r
 /**\r
@@ -126,7 +144,8 @@ CopyAuthSessionCommand (
   @param [in]  AuthSessionIn   Input AuthSession data in TPM2 response buffer\r
   @param [out] AuthSessionOut  Output AuthSession data\r
 \r
-  @return AuthSession size\r
+  @return 0    copy failed\r
+          else AuthSession size\r
 **/\r
 UINT32\r
 EFIAPI\r
@@ -147,6 +166,10 @@ CopyAuthSessionResponse (
   // nonce\r
   AuthSessionOut->nonce.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));\r
   Buffer += sizeof(UINT16);\r
+  if (AuthSessionOut->nonce.size > sizeof(TPMU_HA)) {\r
+    DEBUG ((DEBUG_ERROR, "CopyAuthSessionResponse - nonce.size error %x\n", AuthSessionOut->nonce.size));\r
+    return 0;\r
+  }\r
 \r
   CopyMem (AuthSessionOut->nonce.buffer, Buffer, AuthSessionOut->nonce.size);\r
   Buffer += AuthSessionOut->nonce.size;\r
@@ -158,11 +181,130 @@ CopyAuthSessionResponse (
   // hmac\r
   AuthSessionOut->hmac.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));\r
   Buffer += sizeof(UINT16);\r
+  if (AuthSessionOut->hmac.size > sizeof(TPMU_HA)) {\r
+    DEBUG ((DEBUG_ERROR, "CopyAuthSessionResponse - hmac.size error %x\n", AuthSessionOut->hmac.size));\r
+    return 0;\r
+  }\r
 \r
   CopyMem (AuthSessionOut->hmac.buffer, Buffer, AuthSessionOut->hmac.size);\r
   Buffer += AuthSessionOut->hmac.size;\r
 \r
-  return (UINT32)(UINTN)(Buffer - (UINT8 *)AuthSessionIn);\r
+  return (UINT32)((UINTN)Buffer - (UINTN)AuthSessionIn);\r
+}\r
+\r
+/**\r
+  Return if hash alg is supported in HashAlgorithmMask.\r
+\r
+  @param HashAlg            Hash algorithm to be checked.\r
+  @param HashAlgorithmMask  Bitfield of allowed hash algorithms.\r
+\r
+  @retval TRUE  Hash algorithm is supported.\r
+  @retval FALSE Hash algorithm is not supported.\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+IsHashAlgSupportedInHashAlgorithmMask(\r
+  IN TPMI_ALG_HASH  HashAlg,\r
+  IN UINT32         HashAlgorithmMask\r
+  )\r
+{\r
+  switch (HashAlg) {\r
+  case TPM_ALG_SHA1:\r
+    if ((HashAlgorithmMask & HASH_ALG_SHA1) != 0) {\r
+      return TRUE;\r
+    }\r
+    break;\r
+  case TPM_ALG_SHA256:\r
+    if ((HashAlgorithmMask & HASH_ALG_SHA256) != 0) {\r
+      return TRUE;\r
+    }\r
+    break;\r
+  case TPM_ALG_SHA384:\r
+    if ((HashAlgorithmMask & HASH_ALG_SHA384) != 0) {\r
+      return TRUE;\r
+    }\r
+    break;\r
+  case TPM_ALG_SHA512:\r
+    if ((HashAlgorithmMask & HASH_ALG_SHA512) != 0) {\r
+      return TRUE;\r
+    }\r
+    break;\r
+  case TPM_ALG_SM3_256:\r
+    if ((HashAlgorithmMask & HASH_ALG_SM3_256) != 0) {\r
+      return TRUE;\r
+    }\r
+    break;\r
+  }\r
+\r
+  return FALSE;\r
+}\r
+\r
+/**\r
+  Copy TPML_DIGEST_VALUES into a buffer\r
+\r
+  @param[in,out] Buffer             Buffer to hold copied TPML_DIGEST_VALUES compact binary.\r
+  @param[in]     DigestList         TPML_DIGEST_VALUES to be copied.\r
+  @param[in]     HashAlgorithmMask  HASH bits corresponding to the desired digests to copy.\r
+\r
+  @return The end of buffer to hold TPML_DIGEST_VALUES.\r
+**/\r
+VOID *\r
+EFIAPI\r
+CopyDigestListToBuffer (\r
+  IN OUT VOID                       *Buffer,\r
+  IN TPML_DIGEST_VALUES             *DigestList,\r
+  IN UINT32                         HashAlgorithmMask\r
+  )\r
+{\r
+  UINTN  Index;\r
+  UINT16 DigestSize;\r
+  UINT32 DigestListCount;\r
+  UINT32 *DigestListCountPtr;\r
+\r
+  DigestListCountPtr = (UINT32 *) Buffer;\r
+  DigestListCount = 0;\r
+  Buffer = (UINT8 *)Buffer + sizeof(DigestList->count);\r
+  for (Index = 0; Index < DigestList->count; Index++) {\r
+    if (!IsHashAlgSupportedInHashAlgorithmMask(DigestList->digests[Index].hashAlg, HashAlgorithmMask)) {\r
+      DEBUG ((EFI_D_ERROR, "WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0x%x)\n", DigestList->digests[Index].hashAlg));\r
+      continue;\r
+    }\r
+    CopyMem (Buffer, &DigestList->digests[Index].hashAlg, sizeof(DigestList->digests[Index].hashAlg));\r
+    Buffer = (UINT8 *)Buffer + sizeof(DigestList->digests[Index].hashAlg);\r
+    DigestSize = GetHashSizeFromAlgo (DigestList->digests[Index].hashAlg);\r
+    CopyMem (Buffer, &DigestList->digests[Index].digest, DigestSize);\r
+    Buffer = (UINT8 *)Buffer + DigestSize;\r
+    DigestListCount++;\r
+  }\r
+  WriteUnaligned32 (DigestListCountPtr, DigestListCount);\r
+\r
+  return Buffer;\r
+}\r
+\r
+/**\r
+  Get TPML_DIGEST_VALUES data size.\r
+\r
+  @param[in]     DigestList    TPML_DIGEST_VALUES data.\r
+\r
+  @return TPML_DIGEST_VALUES data size.\r
+**/\r
+UINT32\r
+EFIAPI\r
+GetDigestListSize (\r
+  IN TPML_DIGEST_VALUES             *DigestList\r
+  )\r
+{\r
+  UINTN  Index;\r
+  UINT16 DigestSize;\r
+  UINT32 TotalSize;\r
+\r
+  TotalSize = sizeof(DigestList->count);\r
+  for (Index = 0; Index < DigestList->count; Index++) {\r
+    DigestSize = GetHashSizeFromAlgo (DigestList->digests[Index].hashAlg);\r
+    TotalSize += sizeof(DigestList->digests[Index].hashAlg) + DigestSize;\r
+  }\r
+\r
+  return TotalSize;\r
 }\r
 \r
 /**\r