/** @file\r
Implement TPM2 help.\r
\r
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
typedef struct {\r
TPMI_ALG_HASH HashAlgo;\r
UINT16 HashSize;\r
+ UINT32 HashMask;\r
} INTERNAL_HASH_INFO;\r
\r
STATIC INTERNAL_HASH_INFO mHashInfo[] = {\r
- {TPM_ALG_SHA1, SHA1_DIGEST_SIZE},\r
- {TPM_ALG_SHA256, SHA256_DIGEST_SIZE},\r
- {TPM_ALG_SM3_256, SM3_256_DIGEST_SIZE},\r
- {TPM_ALG_SHA384, SHA384_DIGEST_SIZE},\r
- {TPM_ALG_SHA512, SHA512_DIGEST_SIZE},\r
+ {TPM_ALG_SHA1, SHA1_DIGEST_SIZE, HASH_ALG_SHA1},\r
+ {TPM_ALG_SHA256, SHA256_DIGEST_SIZE, HASH_ALG_SHA256},\r
+ {TPM_ALG_SM3_256, SM3_256_DIGEST_SIZE, HASH_ALG_SM3_256},\r
+ {TPM_ALG_SHA384, SHA384_DIGEST_SIZE, HASH_ALG_SHA384},\r
+ {TPM_ALG_SHA512, SHA512_DIGEST_SIZE, HASH_ALG_SHA512},\r
};\r
\r
/**\r
return 0;\r
}\r
\r
+/**\r
+ Get hash mask from algorithm.\r
+\r
+ @param[in] HashAlgo Hash algorithm\r
+\r
+ @return Hash mask\r
+**/\r
+UINT32\r
+EFIAPI\r
+GetHashMaskFromAlgo (\r
+ IN TPMI_ALG_HASH HashAlgo\r
+ )\r
+{\r
+ UINTN Index;\r
+\r
+ for (Index = 0; Index < sizeof(mHashInfo)/sizeof(mHashInfo[0]); Index++) {\r
+ if (mHashInfo[Index].HashAlgo == HashAlgo) {\r
+ return mHashInfo[Index].HashMask;\r
+ }\r
+ }\r
+ return 0;\r
+}\r
+\r
/**\r
Copy AuthSessionIn to TPM2 command buffer.\r
\r
UINT8 *Buffer;\r
\r
Buffer = (UINT8 *)AuthSessionOut;\r
- \r
+\r
//\r
// Add in Auth session\r
//\r
Buffer += sizeof(UINT16);\r
}\r
\r
- return (UINT32)(UINTN)(Buffer - (UINT8 *)AuthSessionOut);\r
+ return (UINT32)((UINTN)Buffer - (UINTN)AuthSessionOut);\r
}\r
\r
/**\r
@param [in] AuthSessionIn Input AuthSession data in TPM2 response buffer\r
@param [out] AuthSessionOut Output AuthSession data\r
\r
- @return AuthSession size\r
+ @return 0 copy failed\r
+ else AuthSession size\r
**/\r
UINT32\r
EFIAPI\r
// nonce\r
AuthSessionOut->nonce.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));\r
Buffer += sizeof(UINT16);\r
+ if (AuthSessionOut->nonce.size > sizeof(TPMU_HA)) {\r
+ DEBUG ((DEBUG_ERROR, "CopyAuthSessionResponse - nonce.size error %x\n", AuthSessionOut->nonce.size));\r
+ return 0;\r
+ }\r
\r
CopyMem (AuthSessionOut->nonce.buffer, Buffer, AuthSessionOut->nonce.size);\r
Buffer += AuthSessionOut->nonce.size;\r
// hmac\r
AuthSessionOut->hmac.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));\r
Buffer += sizeof(UINT16);\r
+ if (AuthSessionOut->hmac.size > sizeof(TPMU_HA)) {\r
+ DEBUG ((DEBUG_ERROR, "CopyAuthSessionResponse - hmac.size error %x\n", AuthSessionOut->hmac.size));\r
+ return 0;\r
+ }\r
\r
CopyMem (AuthSessionOut->hmac.buffer, Buffer, AuthSessionOut->hmac.size);\r
Buffer += AuthSessionOut->hmac.size;\r
\r
- return (UINT32)(UINTN)(Buffer - (UINT8 *)AuthSessionIn);\r
+ return (UINT32)((UINTN)Buffer - (UINTN)AuthSessionIn);\r
+}\r
+\r
+/**\r
+ Return if hash alg is supported in HashAlgorithmMask.\r
+\r
+ @param HashAlg Hash algorithm to be checked.\r
+ @param HashAlgorithmMask Bitfield of allowed hash algorithms.\r
+\r
+ @retval TRUE Hash algorithm is supported.\r
+ @retval FALSE Hash algorithm is not supported.\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+IsHashAlgSupportedInHashAlgorithmMask(\r
+ IN TPMI_ALG_HASH HashAlg,\r
+ IN UINT32 HashAlgorithmMask\r
+ )\r
+{\r
+ switch (HashAlg) {\r
+ case TPM_ALG_SHA1:\r
+ if ((HashAlgorithmMask & HASH_ALG_SHA1) != 0) {\r
+ return TRUE;\r
+ }\r
+ break;\r
+ case TPM_ALG_SHA256:\r
+ if ((HashAlgorithmMask & HASH_ALG_SHA256) != 0) {\r
+ return TRUE;\r
+ }\r
+ break;\r
+ case TPM_ALG_SHA384:\r
+ if ((HashAlgorithmMask & HASH_ALG_SHA384) != 0) {\r
+ return TRUE;\r
+ }\r
+ break;\r
+ case TPM_ALG_SHA512:\r
+ if ((HashAlgorithmMask & HASH_ALG_SHA512) != 0) {\r
+ return TRUE;\r
+ }\r
+ break;\r
+ case TPM_ALG_SM3_256:\r
+ if ((HashAlgorithmMask & HASH_ALG_SM3_256) != 0) {\r
+ return TRUE;\r
+ }\r
+ break;\r
+ }\r
+\r
+ return FALSE;\r
+}\r
+\r
+/**\r
+ Copy TPML_DIGEST_VALUES into a buffer\r
+\r
+ @param[in,out] Buffer Buffer to hold copied TPML_DIGEST_VALUES compact binary.\r
+ @param[in] DigestList TPML_DIGEST_VALUES to be copied.\r
+ @param[in] HashAlgorithmMask HASH bits corresponding to the desired digests to copy.\r
+\r
+ @return The end of buffer to hold TPML_DIGEST_VALUES.\r
+**/\r
+VOID *\r
+EFIAPI\r
+CopyDigestListToBuffer (\r
+ IN OUT VOID *Buffer,\r
+ IN TPML_DIGEST_VALUES *DigestList,\r
+ IN UINT32 HashAlgorithmMask\r
+ )\r
+{\r
+ UINTN Index;\r
+ UINT16 DigestSize;\r
+ UINT32 DigestListCount;\r
+ UINT32 *DigestListCountPtr;\r
+\r
+ DigestListCountPtr = (UINT32 *) Buffer;\r
+ DigestListCount = 0;\r
+ Buffer = (UINT8 *)Buffer + sizeof(DigestList->count);\r
+ for (Index = 0; Index < DigestList->count; Index++) {\r
+ if (!IsHashAlgSupportedInHashAlgorithmMask(DigestList->digests[Index].hashAlg, HashAlgorithmMask)) {\r
+ DEBUG ((EFI_D_ERROR, "WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0x%x)\n", DigestList->digests[Index].hashAlg));\r
+ continue;\r
+ }\r
+ CopyMem (Buffer, &DigestList->digests[Index].hashAlg, sizeof(DigestList->digests[Index].hashAlg));\r
+ Buffer = (UINT8 *)Buffer + sizeof(DigestList->digests[Index].hashAlg);\r
+ DigestSize = GetHashSizeFromAlgo (DigestList->digests[Index].hashAlg);\r
+ CopyMem (Buffer, &DigestList->digests[Index].digest, DigestSize);\r
+ Buffer = (UINT8 *)Buffer + DigestSize;\r
+ DigestListCount++;\r
+ }\r
+ WriteUnaligned32 (DigestListCountPtr, DigestListCount);\r
+\r
+ return Buffer;\r
}\r
\r
/**\r