UINT32 LoadSessionEncryptDecryptKey( TPMT_SYM_DEF *symmetric, TPM2B_MAX_BUFFER *key, TPM_HANDLE *keyHandle, TPM2B_NAME *keyName )
{
TPM2B keyAuth;
TPM2B_SENSITIVE inPrivate;
TPM2B_PUBLIC inPublic;
UINT32 rval;
TSS2_SYS_CONTEXT *sysContext;
keyAuth.size = 0;
inPrivate.t.sensitiveArea.sensitiveType = TPM_ALG_SYMCIPHER;
inPrivate.t.size = CopySizedByteBuffer( &(inPrivate.t.sensitiveArea.authValue.b), &keyAuth);
inPrivate.t.sensitiveArea.seedValue.b.size = 0;
inPrivate.t.size += CopySizedByteBuffer( &inPrivate.t.sensitiveArea.sensitive.bits.b, &key->b );
inPrivate.t.size += 2 * sizeof( UINT16 );
inPublic.t.publicArea.type = TPM_ALG_SYMCIPHER;
inPublic.t.publicArea.nameAlg = TPM_ALG_NULL;
*( UINT32 *)&( inPublic.t.publicArea.objectAttributes )= 0;
inPublic.t.publicArea.objectAttributes.decrypt = 1;
inPublic.t.publicArea.objectAttributes.sign = 1;
inPublic.t.publicArea.objectAttributes.userWithAuth = 1;
inPublic.t.publicArea.authPolicy.t.size = 0;
inPublic.t.publicArea.parameters.symDetail.sym.algorithm = symmetric->algorithm;
inPublic.t.publicArea.parameters.symDetail.sym.keyBits = symmetric->keyBits;
inPublic.t.publicArea.parameters.symDetail.sym.mode = symmetric->mode;
inPublic.t.publicArea.unique.sym.t.size = 0;
sysContext = InitSysContext( 1000, resMgrTctiContext, &abiVersion );
if( sysContext == 0 )
{
return TSS2_APP_RC_INIT_SYS_CONTEXT_FAILED;
}
keyName->t.size = sizeof( *keyName ) - 2;
rval = Tss2_Sys_LoadExternal( sysContext, 0, &inPrivate, &inPublic, TPM_RH_NULL, keyHandle, keyName, 0 );
TeardownSysContext( &sysContext );
return rval;
}
TSS2_RC GenerateSessionEncryptDecryptKey( SESSION *session, TPM2B_MAX_BUFFER *cfbKey, TPM2B_IV *ivIn, TPM2B_AUTH *authValue )
{
TSS2_RC rval = TSS2_RC_SUCCESS;
UINT32 blockSize;
TPM2B_MAX_BUFFER key, sessionValue;
rval = GetBlockSizeInBits( session->symmetric.algorithm, &blockSize );
CopySizedByteBuffer( &sessionValue.b, &session->sessionKey.b );
CatSizedByteBuffer( &sessionValue.b, &authValue->b );
if( rval == TSS2_RC_SUCCESS )
{
key.t.size = sizeof( key ) - 2;
rval = KDFa( session->authHash, &( sessionValue.b ), "CFB", &( session->nonceNewer.b ),
&( session->nonceOlder.b ), session->symmetric.keyBits.sym + blockSize, &key );
if( rval == TSS2_RC_SUCCESS )
{
if( key.t.size == ( session->symmetric.keyBits.sym + blockSize ) / 8 )
{
if( ivIn != 0 && cfbKey != 0 )
{
ivIn->t.size = blockSize / 8;
cfbKey->t.size = (session->symmetric.keyBits.sym) / 8;
if( ( ivIn->t.size <= sizeof( ivIn->t.buffer ) ) &&
( ( cfbKey->t.size + ivIn->t.size ) <= MAX_DIGEST_BUFFER ) &&
( cfbKey->t.size <= MAX_DIGEST_BUFFER ) )
{
memcpy( (void *)&ivIn->t.buffer[0],
(void *)&( key.t.buffer[ cfbKey->t.size ] ),
ivIn->t.size );
memcpy( (void *)&cfbKey->t.buffer[0], (void *)&key.t.buffer[0],
cfbKey->t.size );
}
else
{
rval = APPLICATION_ERROR( TSS2_BASE_RC_INSUFFICIENT_BUFFER );
}
}
else
{
rval = APPLICATION_ERROR( TSS2_BASE_RC_INSUFFICIENT_BUFFER );
}
}
}
}
return rval;
}
UINT32 LoadExternalHMACKey( TPMI_ALG_HASH hashAlg, TPM2B *key, TPM_HANDLE *keyHandle, TPM2B_NAME *keyName )
{
TPM2B keyAuth;
TPM2B_SENSITIVE inPrivate;
TPM2B_PUBLIC inPublic;
UINT32 rval;
TSS2_SYS_CONTEXT *sysContext;
keyAuth.size = 0;
inPrivate.t.sensitiveArea.sensitiveType = TPM_ALG_KEYEDHASH;
inPrivate.t.size = CopySizedByteBuffer( &(inPrivate.t.sensitiveArea.authValue.b), &keyAuth);
inPrivate.t.sensitiveArea.seedValue.b.size = 0;
inPrivate.t.size += CopySizedByteBuffer( &inPrivate.t.sensitiveArea.sensitive.bits.b, key);
inPrivate.t.size += 2 * sizeof( UINT16 );
inPublic.t.publicArea.type = TPM_ALG_KEYEDHASH;
inPublic.t.publicArea.nameAlg = TPM_ALG_NULL;
*( UINT32 *)&( inPublic.t.publicArea.objectAttributes )= 0;
inPublic.t.publicArea.objectAttributes.sign = 1;
inPublic.t.publicArea.objectAttributes.userWithAuth = 1;
inPublic.t.publicArea.authPolicy.t.size = 0;
inPublic.t.publicArea.parameters.keyedHashDetail.scheme.scheme = TPM_ALG_HMAC;
inPublic.t.publicArea.parameters.keyedHashDetail.scheme.details.hmac.hashAlg = hashAlg;
inPublic.t.publicArea.unique.keyedHash.t.size = 0;
sysContext = InitSysContext( 1000, resMgrTctiContext, &abiVersion );
if( sysContext == 0 )
{
TeardownSysContext( &sysContext );
return TSS2_APP_ERROR_LEVEL + TPM_RC_FAILURE;
}
rval = Tss2_Sys_LoadExternal( sysContext, 0, &inPrivate, &inPublic, TPM_RH_NULL, keyHandle, keyName, 0 );
TeardownSysContext( &sysContext );
return rval;
}
TPM_RC AddEntity( TPM_HANDLE entityHandle, TPM2B_AUTH *auth )
{
int i;
TPM_RC rval = TPM_RC_FAILURE;
for( i = 0; i < MAX_NUM_ENTITIES; i++ )
{
if( entities[i].entityHandle == TPM_HT_NO_HANDLE )
{
entities[i].entityHandle = entityHandle;
CopySizedByteBuffer( &( entities[i].entityAuth.b ), &( auth->b ) );
if( ( entityHandle >> HR_SHIFT ) == TPM_HT_NV_INDEX )
{
entities[i].nvNameChanged = 0;
}
rval = TPM_RC_SUCCESS;
break;
}
}
TSS2_RC EncryptDecryptXOR( SESSION *session, TPM2B_MAX_BUFFER *outputData, TPM2B_MAX_BUFFER *inputData, TPM2B_AUTH *authValue )
{
TSS2_RC rval = TSS2_RC_SUCCESS;
TPM2B_MAX_BUFFER key, mask;
int i;
CopySizedByteBuffer( &key.b, &session->sessionKey.b );
CatSizedByteBuffer( &key.b, &authValue->b );
rval = KDFa( session->authHash, &key.b, "XOR", &session->nonceNewer.b, &session->nonceOlder.b, inputData->t.size * 8, &mask );
if( rval == TSS2_RC_SUCCESS )
{
for( i = 0; i < inputData->t.size; i++ )
{
outputData->t.buffer[i] = inputData->t.buffer[i] ^ mask.t.buffer[i];
}
outputData->t.size = inputData->t.size;
}
return rval;
}
//
// This version of StartAuthSession initializes the fields
// of the session structure using the passed in
// parameters, then calls StartAuthSession
// with just a pointer to the session structure.
// This allows all params to be set in one line of code when
// the function is called; cleaner this way, for
// some uses.
//
TPM_RC StartAuthSessionWithParams( SESSION **session,
TPMI_DH_OBJECT tpmKey, TPM2B_MAX_BUFFER *salt,
TPMI_DH_ENTITY bind, TPM2B_AUTH *bindAuth, TPM2B_NONCE *nonceCaller,
TPM2B_ENCRYPTED_SECRET *encryptedSalt,
TPM_SE sessionType, TPMT_SYM_DEF *symmetric, TPMI_ALG_HASH algId )
{
TPM_RC rval;
SESSION_LIST_ENTRY *sessionEntry;
rval = AddSession( &sessionEntry );
if( rval == TSS2_RC_SUCCESS )
{
*session = &sessionEntry->session;
// Copy handles to session struct.
(*session)->bind = bind;
(*session)->tpmKey = tpmKey;
// Copy nonceCaller to nonceOlder in session struct.
// This will be used as nonceCaller when StartAuthSession
// is called.
CopySizedByteBuffer( &(*session)->nonceOlder.b, &nonceCaller->b );
// Copy encryptedSalt
CopySizedByteBuffer( &(*session)->encryptedSalt.b, &encryptedSalt->b );
// Copy sessionType.
(*session)->sessionType = sessionType;
// Init symmetric.
(*session)->symmetric.algorithm = symmetric->algorithm;
(*session)->symmetric.keyBits.sym = symmetric->keyBits.sym;
(*session)->symmetric.mode.sym = symmetric->mode.sym;
(*session)->authHash = algId;
// Copy bind' authValue.
if( bindAuth == 0 )
{
(*session)->authValueBind.b.size = 0;
}
else
{
CopySizedByteBuffer( &( (*session)->authValueBind.b ), &( bindAuth->b ) );
}
// Calculate sessionKey
if( (*session)->tpmKey == TPM_RH_NULL )
{
(*session)->salt.t.size = 0;
}
else
{
CopySizedByteBuffer( &(*session)->salt.b, &salt->b );
}
if( (*session)->bind == TPM_RH_NULL )
(*session)->authValueBind.t.size = 0;
rval = StartAuthSession( *session );
}
else
{
DeleteSession( *session );
}
return( rval );
}
//
// This function does an HMAC on a null-terminated list of input buffers.
//
UINT32 TpmHmac( TPMI_ALG_HASH hashAlg, TPM2B *key, TPM2B **bufferList, TPM2B_DIGEST *result )
{
TPM2B_AUTH nullAuth;
TPMI_DH_OBJECT sequenceHandle;
int i;
TPM2B emptyBuffer;
TPMT_TK_HASHCHECK validation;
TPMS_AUTH_COMMAND *sessionDataArray[1];
TPMS_AUTH_COMMAND sessionData;
TSS2_SYS_CMD_AUTHS sessionsData;
TPM2B_AUTH hmac;
TPM2B_NONCE nonce;
TPMS_AUTH_RESPONSE *sessionDataOutArray[1];
TPMS_AUTH_RESPONSE sessionDataOut;
TSS2_SYS_RSP_AUTHS sessionsDataOut;
UINT32 rval;
TPM_HANDLE keyHandle;
TPM2B_NAME keyName;
TPM2B keyAuth;
TSS2_SYS_CONTEXT *sysContext;
sessionDataArray[0] = &sessionData;
sessionDataOutArray[0] = &sessionDataOut;
// Set result size to 0, in case any errors occur
result->b.size = 0;
keyAuth.size = 0;
nullAuth.t.size = 0;
rval = LoadExternalHMACKey( hashAlg, key, &keyHandle, &keyName );
if( rval != TPM_RC_SUCCESS )
{
return( rval );
}
// Init input sessions struct
sessionData.sessionHandle = TPM_RS_PW;
nonce.t.size = 0;
sessionData.nonce = nonce;
CopySizedByteBuffer( &(hmac.b), &keyAuth );
sessionData.hmac = hmac;
*( (UINT8 *)((void *)&( sessionData.sessionAttributes ) ) ) = 0;
sessionsData.cmdAuthsCount = 1;
sessionsData.cmdAuths = &sessionDataArray[0];
// Init sessions out struct
sessionsDataOut.rspAuthsCount = 1;
sessionsDataOut.rspAuths = &sessionDataOutArray[0];
emptyBuffer.size = 0;
sysContext = InitSysContext( 3000, resMgrTctiContext, &abiVersion );
if( sysContext == 0 )
return TSS2_APP_ERROR_LEVEL + TPM_RC_FAILURE;
rval = Tss2_Sys_HMAC_Start( sysContext, keyHandle, &sessionsData, &nullAuth, hashAlg, &sequenceHandle, 0 );
if( rval != TPM_RC_SUCCESS )
return( rval );
hmac.t.size = 0;
sessionData.hmac = hmac;
for( i = 0; bufferList[i] != 0; i++ )
{
rval = Tss2_Sys_SequenceUpdate ( sysContext, sequenceHandle, &sessionsData, (TPM2B_MAX_BUFFER *)( bufferList[i] ), &sessionsDataOut );
if( rval != TPM_RC_SUCCESS )
return( rval );
}
result->t.size = sizeof( TPM2B_DIGEST ) - 2;
rval = Tss2_Sys_SequenceComplete ( sysContext, sequenceHandle, &sessionsData, ( TPM2B_MAX_BUFFER *)&emptyBuffer,
TPM_RH_PLATFORM, result, &validation, &sessionsDataOut );
if( rval != TPM_RC_SUCCESS )
return( rval );
rval = Tss2_Sys_FlushContext( sysContext, keyHandle );
TeardownSysContext( &sysContext );
return rval;
}