uint32_t TPM_OwnerClear(unsigned char *ownpass)
{
unsigned char clear_owner_fmt[] = "00 c2 T l l % 00 %";
uint32_t ret;
unsigned char tpmdata[TPM_MAX_BUFF_SIZE];
unsigned char nonceeven[TPM_HASH_SIZE];
/* fields to be inserted into Owner Clear Request Buffer */
uint32_t command;
uint32_t authhandle;
unsigned char nonceodd[TPM_HASH_SIZE];
unsigned char authdata[TPM_HASH_SIZE];
/* check that parameters are valid */
if (ownpass == NULL)
return ERR_NULL_ARG;
command = htonl(91);
/* generate odd nonce */
ret = TSS_gennonce(nonceodd);
if (ret == 0)
return ret;
/* start OIAP Protocol */
ret = TSS_OIAPopen(&authhandle, nonceeven);
if (ret != 0)
return ret;
ret =
TSS_authhmac(authdata, ownpass, TPM_HASH_SIZE, nonceeven,
nonceodd, 0, TPM_U32_SIZE, &command, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
ret = TSS_buildbuff(clear_owner_fmt, tpmdata,
command,
authhandle,
TPM_HASH_SIZE,
nonceodd, TPM_HASH_SIZE, authdata);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
ret = TPM_Transmit(tpmdata, "Owner Clear");
TSS_OIAPclose(authhandle);
return ret;
}
/*
* use the AUTH2_COMMAND form of unseal, to authorize both key and blob
*/
static int tpm_unseal(struct tpm_buf *tb,
uint32_t keyhandle, const unsigned char *keyauth,
const unsigned char *blob, int bloblen,
const unsigned char *blobauth,
unsigned char *data, unsigned int *datalen)
{
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char enonce1[TPM_NONCE_SIZE];
unsigned char enonce2[TPM_NONCE_SIZE];
unsigned char authdata1[SHA1_DIGEST_SIZE];
unsigned char authdata2[SHA1_DIGEST_SIZE];
uint32_t authhandle1 = 0;
uint32_t authhandle2 = 0;
unsigned char cont = 0;
uint32_t ordinal;
uint32_t keyhndl;
int ret;
/* sessions for unsealing key and data */
ret = oiap(tb, &authhandle1, enonce1);
if (ret < 0) {
pr_info("trusted_key: oiap failed (%d)\n", ret);
return ret;
}
ret = oiap(tb, &authhandle2, enonce2);
if (ret < 0) {
pr_info("trusted_key: oiap failed (%d)\n", ret);
return ret;
}
ordinal = htonl(TPM_ORD_UNSEAL);
keyhndl = htonl(SRKHANDLE);
ret = tpm_get_random(TPM_ANY_NUM, nonceodd, TPM_NONCE_SIZE);
if (ret != TPM_NONCE_SIZE) {
pr_info("trusted_key: tpm_get_random failed (%d)\n", ret);
return ret;
}
ret = TSS_authhmac(authdata1, keyauth, TPM_NONCE_SIZE,
enonce1, nonceodd, cont, sizeof(uint32_t),
&ordinal, bloblen, blob, 0, 0);
if (ret < 0)
return ret;
ret = TSS_authhmac(authdata2, blobauth, TPM_NONCE_SIZE,
enonce2, nonceodd, cont, sizeof(uint32_t),
&ordinal, bloblen, blob, 0, 0);
if (ret < 0)
return ret;
/* build and send TPM request packet */
INIT_BUF(tb);
store16(tb, TPM_TAG_RQU_AUTH2_COMMAND);
store32(tb, TPM_UNSEAL_SIZE + bloblen);
store32(tb, TPM_ORD_UNSEAL);
store32(tb, keyhandle);
storebytes(tb, blob, bloblen);
store32(tb, authhandle1);
storebytes(tb, nonceodd, TPM_NONCE_SIZE);
store8(tb, cont);
storebytes(tb, authdata1, SHA1_DIGEST_SIZE);
store32(tb, authhandle2);
storebytes(tb, nonceodd, TPM_NONCE_SIZE);
store8(tb, cont);
storebytes(tb, authdata2, SHA1_DIGEST_SIZE);
ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE);
if (ret < 0) {
pr_info("trusted_key: authhmac failed (%d)\n", ret);
return ret;
}
*datalen = LOAD32(tb->data, TPM_DATA_OFFSET);
ret = TSS_checkhmac2(tb->data, ordinal, nonceodd,
keyauth, SHA1_DIGEST_SIZE,
blobauth, SHA1_DIGEST_SIZE,
sizeof(uint32_t), TPM_DATA_OFFSET,
*datalen, TPM_DATA_OFFSET + sizeof(uint32_t), 0,
0);
if (ret < 0) {
pr_info("trusted_key: TSS_checkhmac2 failed (%d)\n", ret);
return ret;
}
memcpy(data, tb->data + TPM_DATA_OFFSET + sizeof(uint32_t), *datalen);
return 0;
}
/*
* Have the TPM seal(encrypt) the trusted key, possibly based on
* Platform Configuration Registers (PCRs). AUTH1 for sealing key.
*/
static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
uint32_t keyhandle, const unsigned char *keyauth,
const unsigned char *data, uint32_t datalen,
unsigned char *blob, uint32_t *bloblen,
const unsigned char *blobauth,
const unsigned char *pcrinfo, uint32_t pcrinfosize)
{
struct osapsess sess;
struct tpm_digests *td;
unsigned char cont;
uint32_t ordinal;
uint32_t pcrsize;
uint32_t datsize;
int sealinfosize;
int encdatasize;
int storedsize;
int ret;
int i;
/* alloc some work space for all the hashes */
td = kmalloc(sizeof *td, GFP_KERNEL);
if (!td)
return -ENOMEM;
/* get session for sealing key */
ret = osap(tb, &sess, keyauth, keytype, keyhandle);
if (ret < 0)
goto out;
dump_sess(&sess);
/* calculate encrypted authorization value */
memcpy(td->xorwork, sess.secret, SHA1_DIGEST_SIZE);
memcpy(td->xorwork + SHA1_DIGEST_SIZE, sess.enonce, SHA1_DIGEST_SIZE);
ret = TSS_sha1(td->xorwork, SHA1_DIGEST_SIZE * 2, td->xorhash);
if (ret < 0)
goto out;
ret = tpm_get_random(TPM_ANY_NUM, td->nonceodd, TPM_NONCE_SIZE);
if (ret != TPM_NONCE_SIZE)
goto out;
ordinal = htonl(TPM_ORD_SEAL);
datsize = htonl(datalen);
pcrsize = htonl(pcrinfosize);
cont = 0;
/* encrypt data authorization key */
for (i = 0; i < SHA1_DIGEST_SIZE; ++i)
td->encauth[i] = td->xorhash[i] ^ blobauth[i];
/* calculate authorization HMAC value */
if (pcrinfosize == 0) {
/* no pcr info specified */
ret = TSS_authhmac(td->pubauth, sess.secret, SHA1_DIGEST_SIZE,
sess.enonce, td->nonceodd, cont,
sizeof(uint32_t), &ordinal, SHA1_DIGEST_SIZE,
td->encauth, sizeof(uint32_t), &pcrsize,
sizeof(uint32_t), &datsize, datalen, data, 0,
0);
} else {
/* pcr info specified */
ret = TSS_authhmac(td->pubauth, sess.secret, SHA1_DIGEST_SIZE,
sess.enonce, td->nonceodd, cont,
sizeof(uint32_t), &ordinal, SHA1_DIGEST_SIZE,
td->encauth, sizeof(uint32_t), &pcrsize,
pcrinfosize, pcrinfo, sizeof(uint32_t),
&datsize, datalen, data, 0, 0);
}
if (ret < 0)
goto out;
/* build and send the TPM request packet */
INIT_BUF(tb);
store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
store32(tb, TPM_SEAL_SIZE + pcrinfosize + datalen);
store32(tb, TPM_ORD_SEAL);
store32(tb, keyhandle);
storebytes(tb, td->encauth, SHA1_DIGEST_SIZE);
store32(tb, pcrinfosize);
storebytes(tb, pcrinfo, pcrinfosize);
store32(tb, datalen);
storebytes(tb, data, datalen);
store32(tb, sess.handle);
storebytes(tb, td->nonceodd, TPM_NONCE_SIZE);
store8(tb, cont);
storebytes(tb, td->pubauth, SHA1_DIGEST_SIZE);
ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE);
if (ret < 0)
goto out;
/* calculate the size of the returned Blob */
sealinfosize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t));
encdatasize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t) +
sizeof(uint32_t) + sealinfosize);
storedsize = sizeof(uint32_t) + sizeof(uint32_t) + sealinfosize +
sizeof(uint32_t) + encdatasize;
/* check the HMAC in the response */
ret = TSS_checkhmac1(tb->data, ordinal, td->nonceodd, sess.secret,
SHA1_DIGEST_SIZE, storedsize, TPM_DATA_OFFSET, 0,
0);
/* copy the returned blob to caller */
if (!ret) {
memcpy(blob, tb->data + TPM_DATA_OFFSET, storedsize);
*bloblen = storedsize;
}
out:
kfree(td);
return ret;
}
uint32_t TPM_AuthorizeMigrationKey(unsigned char *ownpass,
int migtype,
unsigned char *keyblob,
unsigned int keyblen,
unsigned char *migblob,
unsigned int *migblen)
{
unsigned char auth_mig_fmt[] = "00 c2 T l s % l % o %";
uint32_t ret;
unsigned char tpmdata[TPM_MAX_BUFF_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char evennonce[TPM_NONCE_SIZE];
unsigned char pubauth[TPM_HASH_SIZE];
unsigned char c;
uint32_t ordinal;
uint16_t migscheme;
uint32_t authhandle;
int size;
/* check input arguments */
if (keyblob == NULL || migblob == NULL || migblen == NULL)
return ERR_NULL_ARG;
if (migtype != 1 && migtype != 2)
return ERR_BAD_ARG;
/* generate odd nonce */
TSS_gennonce(nonceodd);
/* Open OIAP Session */
ret = TSS_OIAPopen(&authhandle, evennonce);
if (ret != 0)
return ret;
/* move Network byte order data to variables for hmac calculation */
ordinal = htonl(0x2B);
migscheme = htons(migtype);
c = 0;
/* calculate authorization HMAC value */
ret =
TSS_authhmac(pubauth, ownpass, TPM_HASH_SIZE, evennonce,
nonceodd, c, TPM_U32_SIZE, &ordinal, TPM_U16_SIZE,
&migscheme, keyblen, keyblob, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff(auth_mig_fmt, tpmdata,
ordinal,
migscheme,
keyblen, keyblob,
authhandle,
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, pubauth);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "AuthMigrationKey");
if (ret != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
TSS_OIAPclose(authhandle);
size = TSS_PubKeySize(tpmdata + TPM_DATA_OFFSET, 0);
size += TPM_U16_SIZE + TPM_HASH_SIZE;
ret =
TSS_checkhmac1(tpmdata, ordinal, nonceodd, ownpass,
TPM_HASH_SIZE, size, TPM_DATA_OFFSET, 0, 0);
if (ret != 0)
return ret;
memcpy(migblob, tpmdata + TPM_DATA_OFFSET, size);
*migblen = size;
return 0;
}
uint32_t TPM_ConvertMigrationBlob(unsigned int keyhandle,
unsigned char *keyauth,
unsigned char *rndblob,
unsigned int rndblen,
unsigned char *keyblob,
unsigned int keyblen,
unsigned char *encblob,
unsigned int *encblen)
{
unsigned char convert_mig_fmt[] = "00 c2 T l l @ @ l % o %";
uint32_t ret;
unsigned char tpmdata[TPM_MAX_BUFF_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char evennonce[TPM_NONCE_SIZE];
unsigned char pubauth[TPM_HASH_SIZE];
unsigned char c;
uint32_t ordinal;
uint32_t authhandle;
uint32_t keyhndl;
uint32_t rndsize;
uint32_t datsize;
int size;
/* check input arguments */
if (keyauth == NULL || rndblob == NULL || keyblob == NULL
|| encblob == NULL || encblen == NULL)
return ERR_NULL_ARG;
/* generate odd nonce */
TSS_gennonce(nonceodd);
/* Open OIAP Session */
ret = TSS_OIAPopen(&authhandle, evennonce);
if (ret != 0)
return ret;
/* move Network byte order data to variables for hmac calculation */
ordinal = htonl(0x2A);
keyhndl = htonl(keyhandle);
rndsize = htonl(rndblen);
datsize = htonl(keyblen);
c = 0;
/* calculate authorization HMAC value */
ret =
TSS_authhmac(pubauth, keyauth, TPM_HASH_SIZE, evennonce,
nonceodd, c, TPM_U32_SIZE, &ordinal, TPM_U32_SIZE,
&datsize, keyblen, keyblob, TPM_U32_SIZE,
&rndsize, rndblen, rndblob, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff(convert_mig_fmt, tpmdata,
ordinal,
keyhndl,
keyblen, keyblob,
rndblen, rndblob,
authhandle,
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, pubauth);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "ConvertMigrationBlob");
if (ret != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
TSS_OIAPclose(authhandle);
size = LOAD32(tpmdata, TPM_DATA_OFFSET);
ret =
TSS_checkhmac1(tpmdata, ordinal, nonceodd, keyauth,
TPM_HASH_SIZE, TPM_U32_SIZE, TPM_DATA_OFFSET,
size, TPM_DATA_OFFSET + TPM_U32_SIZE, 0, 0);
if (ret != 0)
return ret;
memcpy(encblob, tpmdata + TPM_DATA_OFFSET + TPM_U32_SIZE, size);
*encblen = size;
return 0;
}
uint32_t TPM_CreateMigrationBlob(unsigned int keyhandle,
unsigned char *keyauth,
unsigned char *migauth,
int migtype,
unsigned char *migblob,
unsigned int migblen,
unsigned char *keyblob,
unsigned int keyblen,
unsigned char *rndblob,
unsigned int *rndblen,
unsigned char *outblob,
unsigned int *outblen)
{
unsigned char create_mig_fmt[] =
"00 c3 T l l s % @ l % o % l % o %";
unsigned char create_mig_fmt_noauth[] =
"00 c2 T l l s % @ l % o %";
uint32_t ret;
unsigned char tpmdata[TPM_MAX_BUFF_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char enonce1[TPM_NONCE_SIZE];
unsigned char enonce2[TPM_NONCE_SIZE];
unsigned char c;
uint32_t ordinal;
uint32_t keyhndl;
uint32_t datsize;
uint16_t migscheme;
uint32_t authhandle1;
uint32_t authhandle2;
unsigned char authdata1[TPM_HASH_SIZE];
unsigned char authdata2[TPM_HASH_SIZE];
uint32_t size1;
uint32_t size2;
keydata k;
/* check input arguments */
if (migauth == NULL || migblob == NULL || keyblob == NULL)
return ERR_NULL_ARG;
if (rndblob == NULL || rndblen == NULL || outblob == NULL
|| outblen == NULL)
return ERR_NULL_ARG;
if (migtype != 1 && migtype != 2)
return ERR_BAD_ARG;
TSS_KeyExtract(keyblob, &k);
/* move data to Network byte order variables for HMAC calculation */
ordinal = htonl(0x28);
keyhndl = htonl(keyhandle);
migscheme = htons(migtype);
datsize = htonl(k.privkeylen);
/* generate odd nonce */
TSS_gennonce(nonceodd);
c = 0;
if (keyauth != NULL) { /* parent key password is required */
/* open TWO OIAP sessions: Parent and Migrating Key */
ret = TSS_OIAPopen(&authhandle1, enonce1);
if (ret != 0)
return ret;
ret = TSS_OIAPopen(&authhandle2, enonce2);
if (ret != 0)
return ret;
/* calculate Parent KEY authorization HMAC value */
ret =
TSS_authhmac(authdata1, keyauth, TPM_HASH_SIZE,
enonce1, nonceodd, c, TPM_U32_SIZE,
&ordinal, TPM_U16_SIZE, &migscheme,
migblen, migblob, TPM_U32_SIZE, &datsize,
k.privkeylen, k.encprivkey, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
/* calculate Migration authorization HMAC value */
ret =
TSS_authhmac(authdata2, migauth, TPM_HASH_SIZE,
enonce2, nonceodd, c, TPM_U32_SIZE,
&ordinal, TPM_U16_SIZE, &migscheme,
migblen, migblob, TPM_U32_SIZE, &datsize,
k.privkeylen, k.encprivkey, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff(create_mig_fmt, tpmdata,
ordinal,
keyhndl,
migscheme,
migblen, migblob,
k.privkeylen, k.encprivkey,
authhandle1,
TPM_NONCE_SIZE, nonceodd,
c,
TPM_HASH_SIZE, authdata1,
authhandle2,
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, authdata2);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
/* transmit buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "CreateMigrationBlob");
if (ret != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
/* validate HMAC in response */
size1 = LOAD32(tpmdata, TPM_DATA_OFFSET);
size2 =
LOAD32(tpmdata,
TPM_DATA_OFFSET + TPM_U32_SIZE + size1);
if (size1 != 0) {
ret = TSS_checkhmac2(tpmdata, ordinal, nonceodd,
keyauth, TPM_HASH_SIZE,
migauth, TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET,
size1,
TPM_DATA_OFFSET +
TPM_U32_SIZE, TPM_U32_SIZE,
TPM_DATA_OFFSET +
TPM_U32_SIZE + size1, size2,
TPM_DATA_OFFSET +
TPM_U32_SIZE + size1 +
TPM_U32_SIZE, 0, 0);
} else {
ret = TSS_checkhmac2(tpmdata, ordinal, nonceodd,
keyauth, TPM_HASH_SIZE,
migauth, TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET,
TPM_U32_SIZE,
TPM_DATA_OFFSET +
TPM_U32_SIZE, size2,
TPM_DATA_OFFSET +
TPM_U32_SIZE + TPM_U32_SIZE,
0, 0);
}
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
if (ret != 0)
return ret;
} else { /* no parent key password required */
/* open OIAP session for the Migrating Key */
ret = TSS_OIAPopen(&authhandle1, enonce1);
if (ret != 0)
return ret;
/* calculate Migration authorization HMAC value */
ret =
TSS_authhmac(authdata1, migauth, TPM_HASH_SIZE,
enonce1, nonceodd, c, TPM_U32_SIZE,
&ordinal, TPM_U16_SIZE, &migscheme,
migblen, migblob, TPM_U32_SIZE, &datsize,
k.privkeylen, k.encprivkey, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle1);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff(create_mig_fmt_noauth, tpmdata,
ordinal,
keyhndl,
migscheme,
migblen, migblob,
k.privkeylen, k.encprivkey,
authhandle1,
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, authdata1);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle1);
return ret;
}
/* transmit buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "CreateMigrationBlob");
if (ret != 0) {
TSS_OIAPclose(authhandle1);
return ret;
}
/* check HMAC in response */
size1 = LOAD32(tpmdata, TPM_DATA_OFFSET);
size2 =
LOAD32(tpmdata,
TPM_DATA_OFFSET + TPM_U32_SIZE + size1);
if (size1 != 0) {
ret =
TSS_checkhmac1(tpmdata, ordinal, nonceodd,
migauth, TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET,
size1,
TPM_DATA_OFFSET + TPM_U32_SIZE,
TPM_U32_SIZE,
TPM_DATA_OFFSET + TPM_U32_SIZE +
size1, size2,
TPM_DATA_OFFSET + TPM_U32_SIZE +
size1 + TPM_U32_SIZE, 0, 0);
} else {
ret =
TSS_checkhmac1(tpmdata, ordinal, nonceodd,
migauth, TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET,
TPM_U32_SIZE,
TPM_DATA_OFFSET + TPM_U32_SIZE,
size2,
TPM_DATA_OFFSET + TPM_U32_SIZE +
TPM_U32_SIZE, 0, 0);
}
TSS_OIAPclose(authhandle1);
if (ret != 0)
return ret;
}
memcpy(rndblob, tpmdata + TPM_DATA_OFFSET + TPM_U32_SIZE, size1);
memcpy(outblob,
tpmdata + TPM_DATA_OFFSET + TPM_U32_SIZE + size1 +
TPM_U32_SIZE, size2);
*rndblen = size1;
*outblen = size2;
return 0;
}
uint32_t TPM_Seal(uint32_t keyhandle,
unsigned char *pcrinfo, uint32_t pcrinfosize,
unsigned char *keyauth,
unsigned char *dataauth,
unsigned char *data, unsigned int datalen,
unsigned char *blob, unsigned int *bloblen)
{
unsigned char seal_fmt[] = "00 C2 T l l % @ @ l % o %";
uint32_t ret;
int i;
unsigned char tpmdata[TPM_MAX_BUFF_SIZE];
osapsess sess;
unsigned char encauth[TPM_HASH_SIZE];
unsigned char pubauth[TPM_HASH_SIZE];
unsigned char xorwork[TPM_HASH_SIZE * 2];
unsigned char xorhash[TPM_HASH_SIZE];
unsigned char dummyauth[TPM_HASH_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char c;
uint32_t ordinal;
uint32_t pcrsize;
uint32_t datsize;
uint32_t keyhndl;
uint16_t keytype;
unsigned char *passptr1;
unsigned char *passptr2;
int sealinfosize;
int encdatasize;
int storedsize;
memset(dummyauth, 0, sizeof dummyauth);
/* check input arguments */
if (data == NULL || blob == NULL)
return ERR_NULL_ARG;
if (pcrinfosize != 0 && pcrinfo == NULL)
return ERR_NULL_ARG;
if (keyhandle == 0x40000000)
keytype = 0x0004;
else
keytype = 0x0001;
if (keyauth == NULL)
passptr1 = dummyauth;
else
passptr1 = keyauth;
if (dataauth == NULL)
passptr2 = dummyauth;
else
passptr2 = dataauth;
/* Open OSAP Session */
ret = TSS_OSAPopen(&sess, passptr1, keytype, keyhandle);
if (ret != 0)
return ret;
/* calculate encrypted authorization value */
memcpy(xorwork, sess.ssecret, TPM_HASH_SIZE);
memcpy(xorwork + TPM_HASH_SIZE, sess.enonce, TPM_HASH_SIZE);
TSS_sha1(xorwork, TPM_HASH_SIZE * 2, xorhash);
/* generate odd nonce */
TSS_gennonce(nonceodd);
/* move Network byte order data to variables for hmac calculation */
ordinal = htonl(0x17);
datsize = htonl(datalen);
keyhndl = htonl(keyhandle);
pcrsize = htonl(pcrinfosize);
c = 0;
/* encrypt data authorization key */
for (i = 0; i < TPM_HASH_SIZE; ++i)
encauth[i] = xorhash[i] ^ passptr2[i];
/* calculate authorization HMAC value */
if (pcrinfosize == 0) {
/* no pcr info specified */
ret =
TSS_authhmac(pubauth, sess.ssecret, TPM_HASH_SIZE,
sess.enonce, nonceodd, c, TPM_U32_SIZE,
&ordinal, TPM_HASH_SIZE, encauth,
TPM_U32_SIZE, &pcrsize, TPM_U32_SIZE,
&datsize, datalen, data, 0, 0);
} else {
/* pcr info specified */
ret =
TSS_authhmac(pubauth, sess.ssecret, TPM_HASH_SIZE,
sess.enonce, nonceodd, c, TPM_U32_SIZE,
&ordinal, TPM_HASH_SIZE, encauth,
TPM_U32_SIZE, &pcrsize, pcrinfosize,
pcrinfo, TPM_U32_SIZE, &datsize, datalen,
data, 0, 0);
}
if (ret != 0) {
TSS_OSAPclose(&sess);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff(seal_fmt, tpmdata,
ordinal,
keyhndl,
TPM_HASH_SIZE, encauth,
pcrinfosize, pcrinfo,
datalen, data,
sess.handle,
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, pubauth);
if ((ret & ERR_MASK) != 0) {
TSS_OSAPclose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "Seal");
if (ret != 0) {
TSS_OSAPclose(&sess);
return ret;
}
/* calculate the size of the returned Blob */
sealinfosize = LOAD32(tpmdata, TPM_DATA_OFFSET + TPM_U32_SIZE);
encdatasize =
LOAD32(tpmdata,
TPM_DATA_OFFSET + TPM_U32_SIZE + TPM_U32_SIZE +
sealinfosize);
storedsize =
TPM_U32_SIZE + TPM_U32_SIZE + sealinfosize + TPM_U32_SIZE +
encdatasize;
/* check the HMAC in the response */
ret =
TSS_checkhmac1(tpmdata, ordinal, nonceodd, sess.ssecret,
TPM_HASH_SIZE, storedsize, TPM_DATA_OFFSET, 0,
0);
if (ret != 0) {
TSS_OSAPclose(&sess);
return ret;
}
/* copy the returned blob to caller */
memcpy(blob, tpmdata + TPM_DATA_OFFSET, storedsize);
*bloblen = storedsize;
TSS_OSAPclose(&sess);
return 0;
}
uint32_t TPM_Quote(uint32_t keyhandle,
unsigned char *keyauth,
unsigned char *externalData,
TPM_PCR_SELECTION *tps,
TPM_PCR_COMPOSITE *tpc,
struct tpm_buffer *signature)
{
uint32_t ret;
STACK_TPM_BUFFER( tpmdata )
session sess;
unsigned char pubauth[TPM_HASH_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char c;
uint32_t ordinal = htonl(TPM_ORD_Quote);
uint32_t keyhndl = htonl(keyhandle);
uint16_t pcrselsize;
uint32_t valuesize;
uint32_t sigsize;
uint32_t offset;
STACK_TPM_BUFFER( serPcrSel );
/* check input arguments */
if (tpc == NULL || externalData == NULL || signature == NULL) return ERR_NULL_ARG;
ret = needKeysRoom(keyhandle, 0, 0, 0);
if (ret != 0) {
return ret;
}
ret = TPM_WritePCRSelection(&serPcrSel, tps);
if ((ret & ERR_MASK))
return ret;
if (keyauth != NULL) /* authdata required */ {
/* Open OSAP Session */
ret = TSS_SessionOpen(SESSION_OSAP|SESSION_DSAP,&sess,
keyauth,TPM_ET_KEYHANDLE,keyhandle);
if (ret != 0) return ret;
/* generate odd nonce */
TSS_gennonce(nonceodd);
/* move Network byte order data to variables for hmac calculation */
c = 0;
/* calculate authorization HMAC value */
ret = TSS_authhmac(pubauth,TSS_Session_GetAuth(&sess),TPM_HASH_SIZE,TSS_Session_GetENonce(&sess),nonceodd,c,
TPM_U32_SIZE,&ordinal,
TPM_HASH_SIZE,externalData,
serPcrSel.used,serPcrSel.buffer,
0,0);
if (ret != 0) {
TSS_SessionClose(&sess);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff("00 C2 T l l % % L % o %",&tpmdata,
ordinal,
keyhndl,
TPM_HASH_SIZE,externalData,
serPcrSel.used, serPcrSel.buffer,
TSS_Session_GetHandle(&sess),
TPM_NONCE_SIZE,nonceodd,
c,
TPM_HASH_SIZE,pubauth);
if ((ret & ERR_MASK) != 0) {
TSS_SessionClose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata,"Quote");
TSS_SessionClose(&sess);
if (ret != 0) {
return ret;
}
offset = TPM_DATA_OFFSET;
/* calculate the size of the returned Blob */
ret = tpm_buffer_load16(&tpmdata,offset,&pcrselsize);
if ((ret & ERR_MASK)) {
return ret;
}
offset += TPM_U16_SIZE + pcrselsize;
ret = tpm_buffer_load32(&tpmdata,offset,&valuesize);
if ((ret & ERR_MASK)) {
return ret;
}
offset += TPM_U32_SIZE + valuesize;
ret = tpm_buffer_load32(&tpmdata,offset, &sigsize);
if ((ret & ERR_MASK)) {
return ret;
}
offset += TPM_U32_SIZE;
/* check the HMAC in the response */
ret = TSS_checkhmac1(&tpmdata,ordinal,nonceodd,TSS_Session_GetAuth(&sess),TPM_HASH_SIZE,
offset-TPM_DATA_OFFSET+sigsize,TPM_DATA_OFFSET,
0,0);
if (ret != 0) {
return ret;
}
ret = TPM_ReadPCRComposite(&tpmdata,
TPM_DATA_OFFSET,
tpc);
if ((ret & ERR_MASK)) {
return ret;
}
/* copy the returned blob to caller */
SET_TPM_BUFFER(signature,
&tpmdata.buffer[offset],
sigsize);
} else /* no authdata required */ {
/* build the request buffer */
ret = TSS_buildbuff("00 C1 T l l % %",&tpmdata,
ordinal,
keyhndl,
TPM_HASH_SIZE,externalData,
serPcrSel.used,serPcrSel.buffer);
if ((ret & ERR_MASK) != 0) return ret;
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata,"Quote");
if (ret != 0) return ret;
/* calculate the size of the returned Blob */
offset = TPM_DATA_OFFSET;
ret = tpm_buffer_load16(&tpmdata,offset, &pcrselsize);
if ((ret & ERR_MASK)) {
return ret;
}
offset += TPM_U16_SIZE + pcrselsize;
ret = tpm_buffer_load32(&tpmdata,offset, &valuesize);
if ((ret & ERR_MASK)) {
return ret;
}
offset += TPM_U32_SIZE + valuesize;
ret = tpm_buffer_load32(&tpmdata,offset, &sigsize);
if ((ret & ERR_MASK)) {
return ret;
}
offset += TPM_U32_SIZE;
/* copy the returned PCR composite to caller */
ret = TPM_ReadPCRComposite(&tpmdata,
TPM_DATA_OFFSET,
tpc);
if ((ret & ERR_MASK)) {
return ret;
}
/* copy the returned blob to caller */
SET_TPM_BUFFER(signature,
&tpmdata.buffer[offset],
sigsize);
}
return 0;
}
uint32_t TPM_TakeOwnership(unsigned char *ownpass, unsigned char *srkpass,
keydata * key)
{
unsigned char take_owner_fmt[] = "00 c2 T l s @ @ % l % 00 %";
/* required OAEP padding P parameter */
unsigned char tpm_oaep_pad_str[] = { 'T', 'C', 'P', 'A' };
uint32_t ret;
int iret;
unsigned char tpmdata[TPM_MAX_BUFF_SIZE];
pubkeydata tpmpubkey; /* public endorsement key data */
uint32_t srkparamsize; /* SRK parameter buffer size */
unsigned char nonceeven[TPM_HASH_SIZE]; /* even nonce (from OIAPopen) */
RSA *pubkey; /* PubEK converted to OpenSSL format */
unsigned char padded[RSA_MODULUS_BYTE_SIZE];
keydata srk; /* key info for SRK */
unsigned char dummypass[TPM_HASH_SIZE]; /* dummy srk password */
unsigned char *spass; /* pointer to srkpass or dummy */
unsigned int i;
/* data to be inserted into Take Owner Request Buffer */
/* the uint32_t and uint16_t values are stored in network byte order */
uint32_t command; /* command ordinal */
uint16_t protocol; /* protocol ID */
uint32_t oencdatasize; /* owner auth data encrypted size */
unsigned char ownerencr[RSA_MODULUS_BYTE_SIZE];
uint32_t sencdatasize; /* srk auth data encrypted size */
unsigned char srkencr[RSA_MODULUS_BYTE_SIZE];
unsigned char srk_param_buff[TPM_SRK_PARAM_BUFF_SIZE];
uint32_t authhandle; /* auth handle (from OIAPopen) */
unsigned char nonceodd[TPM_HASH_SIZE]; /* odd nonce */
unsigned char authdata[TPM_HASH_SIZE]; /* auth data */
/* check that parameters are valid */
if (ownpass == NULL)
return ERR_NULL_ARG;
if (srkpass == NULL) {
memset(dummypass, 0, sizeof dummypass);
spass = dummypass;
} else
spass = srkpass;
/* set up command and protocol values for TakeOwnership function */
command = htonl(0x0d);
protocol = htons(0x05);
/* get the TPM Endorsement Public Key */
ret = TPM_ReadPubek(&tpmpubkey);
if (ret)
return ret;
/* convert the public key to OpenSSL format */
pubkey = TSS_convpubkey(&tpmpubkey);
if (pubkey == NULL)
return ERR_CRYPT_ERR;
memset(ownerencr, 0, sizeof ownerencr);
memset(srkencr, 0, sizeof srkencr);
/* Pad and then encrypt the owner data using the RSA public key */
iret = RSA_padding_add_PKCS1_OAEP(padded, RSA_MODULUS_BYTE_SIZE,
ownpass, TPM_HASH_SIZE,
tpm_oaep_pad_str,
sizeof tpm_oaep_pad_str);
if (iret == 0)
return ERR_CRYPT_ERR;
iret =
RSA_public_encrypt(RSA_MODULUS_BYTE_SIZE, padded, ownerencr,
pubkey, RSA_NO_PADDING);
if (iret < 0)
return ERR_CRYPT_ERR;
oencdatasize = htonl(iret);
/* Pad and then encrypt the SRK data using the RSA public key */
iret = RSA_padding_add_PKCS1_OAEP(padded, RSA_MODULUS_BYTE_SIZE,
spass, TPM_HASH_SIZE,
tpm_oaep_pad_str,
sizeof tpm_oaep_pad_str);
if (iret == 0)
return ERR_CRYPT_ERR;
iret =
RSA_public_encrypt(RSA_MODULUS_BYTE_SIZE, padded, srkencr,
pubkey, RSA_NO_PADDING);
if (iret < 0)
return ERR_CRYPT_ERR;
sencdatasize = htonl(iret);
RSA_free(pubkey);
if (ntohl(oencdatasize) < 0)
return ERR_CRYPT_ERR;
if (ntohl(sencdatasize) < 0)
return ERR_CRYPT_ERR;
/* fill the SRK-params key structure */
/* get tpm version */
ret =
TPM_GetCapability(0x00000006, NULL, 0, &(srk.version[0]), &i);
if (ret != 0)
return ret;
srk.keyusage = 0x0011; /* Storage Key */
srk.keyflags = 0;
if (srkpass != NULL)
srk.authdatausage = 0x01;
else
srk.authdatausage = 0x00;
srk.privkeylen = 0; /* private key not specified here */
srk.pub.algorithm = 0x00000001; /* RSA */
srk.pub.encscheme = 0x0003; /* RSA OAEP SHA1 MGF1 */
srk.pub.sigscheme = 0x0001; /* NONE */
srk.pub.keybitlen = RSA_MODULUS_BIT_SIZE;
srk.pub.numprimes = 2;
srk.pub.expsize = 0; /* defaults to 0x010001 */
srk.pub.keylength = 0; /* not used here */
srk.pub.pcrinfolen = 0; /* not used here */
/* convert to a memory buffer */
srkparamsize = TPM_BuildKey(srk_param_buff, &srk);
/* generate the odd nonce */
ret = TSS_gennonce(nonceodd);
if (ret == 0)
return ret;
/* initiate the OIAP protocol */
ret = TSS_OIAPopen(&authhandle, nonceeven);
if (ret != 0)
return ret;
/* calculate the Authorization Data */
ret =
TSS_authhmac(authdata, ownpass, TPM_HASH_SIZE, nonceeven,
nonceodd, 0, TPM_U32_SIZE, &command, TPM_U16_SIZE,
&protocol, TPM_U32_SIZE, &oencdatasize,
ntohl(oencdatasize), ownerencr, TPM_U32_SIZE,
&sencdatasize, ntohl(sencdatasize), srkencr,
srkparamsize, srk_param_buff, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
/* insert all the calculated fields into the request buffer */
ret = TSS_buildbuff(take_owner_fmt, tpmdata,
command,
protocol,
ntohl(oencdatasize),
ownerencr,
ntohl(sencdatasize),
srkencr,
srkparamsize,
srk_param_buff,
authhandle,
TPM_HASH_SIZE,
nonceodd, TPM_HASH_SIZE, authdata);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "Take Ownership");
TSS_OIAPclose(authhandle);
if (ret != 0)
return ret;
/* check the response HMAC */
srkparamsize = TSS_KeySize(tpmdata + TPM_DATA_OFFSET);
ret =
TSS_checkhmac1(tpmdata, command, nonceodd, ownpass,
TPM_HASH_SIZE, srkparamsize, TPM_DATA_OFFSET, 0,
0);
if (ret != 0)
return ret;
/* convert the returned key to a structure */
if (key == NULL)
return 0;
TSS_KeyExtract(tpmdata + TPM_DATA_OFFSET, key);
return 0;
}
uint32_t TPM_DirWriteAuth(uint32_t dirIndex,
unsigned char * newValue,
unsigned char * ownerAuth)
{
STACK_TPM_BUFFER(tpmdata)
uint32_t ordinal_no = htonl(TPM_ORD_DirWriteAuth);
uint32_t ret;
uint32_t dirIndex_no = htonl(dirIndex);
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char authdata[TPM_NONCE_SIZE];
session sess;
int c = 0;
/* check input arguments */
if (NULL == ownerAuth ||
NULL == newValue) {
return ERR_NULL_ARG;
}
/* Open OSAP Session */
ret = TSS_SessionOpen(SESSION_DSAP | SESSION_OSAP | SESSION_OIAP,
&sess,
ownerAuth, TPM_ET_OWNER, 0);
if (ret != 0)
return ret;
/* generate odd nonce */
ret = TSS_gennonce(nonceodd);
if (0 == ret)
return ERR_CRYPT_ERR;
/* move Network byte order data to varaible for hmac calcualtion */
ret = TSS_authhmac(authdata,TSS_Session_GetAuth(&sess),TPM_HASH_SIZE,TSS_Session_GetENonce(&sess),nonceodd,c,
TPM_U32_SIZE,&ordinal_no,
TPM_U32_SIZE,&dirIndex_no,
TPM_HASH_SIZE, newValue,
0,0);
if (0 != ret) {
TSS_SessionClose(&sess);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff("00 c2 T l l % L % o %", &tpmdata,
ordinal_no,
dirIndex_no,
TPM_HASH_SIZE, newValue,
TSS_Session_GetHandle(&sess),
TPM_HASH_SIZE, nonceodd,
c,
TPM_HASH_SIZE, authdata);
if ((ret & ERR_MASK)) {
TSS_SessionClose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata,"DirWriteAuth");
TSS_SessionClose(&sess);
if (ret != 0) {
return ret;
}
/* check the HMAC in the response */
ret = TSS_checkhmac1(&tpmdata,ordinal_no,nonceodd,TSS_Session_GetAuth(&sess),TPM_HASH_SIZE,
0,0);
return ret;
}
/*
* Load a TPM key from the blob provided by userspace
*/
static int tpm_loadkey2(struct tpm_buf *tb,
uint32_t keyhandle, unsigned char *keyauth,
const unsigned char *keyblob, int keybloblen,
uint32_t *newhandle)
{
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char enonce[TPM_NONCE_SIZE];
unsigned char authdata[SHA1_DIGEST_SIZE];
uint32_t authhandle = 0;
unsigned char cont = 0;
uint32_t ordinal;
int ret;
ordinal = htonl(TPM_ORD_LOADKEY2);
/* session for loading the key */
ret = oiap(tb, &authhandle, enonce);
if (ret < 0) {
pr_info("oiap failed (%d)\n", ret);
return ret;
}
/* generate odd nonce */
ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
if (ret < 0) {
pr_info("tpm_get_random failed (%d)\n", ret);
return ret;
}
/* calculate authorization HMAC value */
ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce,
nonceodd, cont, sizeof(uint32_t), &ordinal,
keybloblen, keyblob, 0, 0);
if (ret < 0)
return ret;
/* build the request buffer */
INIT_BUF(tb);
store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
store32(tb, TPM_LOADKEY2_SIZE + keybloblen);
store32(tb, TPM_ORD_LOADKEY2);
store32(tb, keyhandle);
storebytes(tb, keyblob, keybloblen);
store32(tb, authhandle);
storebytes(tb, nonceodd, TPM_NONCE_SIZE);
store8(tb, cont);
storebytes(tb, authdata, SHA1_DIGEST_SIZE);
ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE);
if (ret < 0) {
pr_info("authhmac failed (%d)\n", ret);
return ret;
}
ret = TSS_checkhmac1(tb->data, ordinal, nonceodd, keyauth,
SHA1_DIGEST_SIZE, 0, 0);
if (ret < 0) {
pr_info("TSS_checkhmac1 failed (%d)\n", ret);
return ret;
}
*newhandle = LOAD32(tb->data, TPM_DATA_OFFSET);
return 0;
}
/*
* Sign a blob provided by userspace (that has had the hash function applied)
* using a specific key handle. The handle is assumed to have been previously
* loaded by e.g. LoadKey2.
*
* Note that the key signature scheme of the used key should be set to
* TPM_SS_RSASSAPKCS1v15_DER. This allows the hashed input to be of any size
* up to key_length_in_bytes - 11 and not be limited to size 20 like the
* TPM_SS_RSASSAPKCS1v15_SHA1 signature scheme.
*/
static int tpm_sign(struct tpm_buf *tb,
uint32_t keyhandle, unsigned char *keyauth,
const unsigned char *blob, uint32_t bloblen,
void *out, uint32_t outlen)
{
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char enonce[TPM_NONCE_SIZE];
unsigned char authdata[SHA1_DIGEST_SIZE];
uint32_t authhandle = 0;
unsigned char cont = 0;
uint32_t ordinal;
uint32_t datalen;
int ret;
ordinal = htonl(TPM_ORD_SIGN);
datalen = htonl(bloblen);
/* session for loading the key */
ret = oiap(tb, &authhandle, enonce);
if (ret < 0) {
pr_info("oiap failed (%d)\n", ret);
return ret;
}
/* generate odd nonce */
ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
if (ret < 0) {
pr_info("tpm_get_random failed (%d)\n", ret);
return ret;
}
/* calculate authorization HMAC value */
ret = TSS_authhmac(authdata, keyauth, SHA1_DIGEST_SIZE, enonce,
nonceodd, cont, sizeof(uint32_t), &ordinal,
sizeof(uint32_t), &datalen,
bloblen, blob, 0, 0);
if (ret < 0)
return ret;
/* build the request buffer */
INIT_BUF(tb);
store16(tb, TPM_TAG_RQU_AUTH1_COMMAND);
store32(tb, TPM_SIGN_SIZE + bloblen);
store32(tb, TPM_ORD_SIGN);
store32(tb, keyhandle);
store32(tb, bloblen);
storebytes(tb, blob, bloblen);
store32(tb, authhandle);
storebytes(tb, nonceodd, TPM_NONCE_SIZE);
store8(tb, cont);
storebytes(tb, authdata, SHA1_DIGEST_SIZE);
ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE);
if (ret < 0) {
pr_info("authhmac failed (%d)\n", ret);
return ret;
}
datalen = LOAD32(tb->data, TPM_DATA_OFFSET);
ret = TSS_checkhmac1(tb->data, ordinal, nonceodd,
keyauth, SHA1_DIGEST_SIZE,
sizeof(uint32_t), TPM_DATA_OFFSET,
datalen, TPM_DATA_OFFSET + sizeof(uint32_t),
0, 0);
if (ret < 0) {
pr_info("TSS_checkhmac1 failed (%d)\n", ret);
return ret;
}
memcpy(out, tb->data + TPM_DATA_OFFSET + sizeof(uint32_t),
min(datalen, outlen));
return datalen;
}
uint32_t TPM_Quote2(uint32_t keyhandle,
TPM_PCR_SELECTION * selection,
TPM_BOOL addVersion,
unsigned char *keyauth,
unsigned char *antiReplay,
TPM_PCR_INFO_SHORT * pcrinfo,
struct tpm_buffer *versionblob,
struct tpm_buffer *signature)
{
uint32_t ret;
uint32_t rc;
STACK_TPM_BUFFER( tpmdata )
session sess;
unsigned char pubauth[TPM_HASH_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char c = 0;
uint32_t ordinal_no = htonl(TPM_ORD_Quote2);
uint16_t pcrselsize;
uint32_t verinfosize;
uint32_t sigsize;
uint32_t storedsize;
uint32_t keyhndl = htonl(keyhandle);
uint16_t keytype;
struct tpm_buffer * serPCRSelection;
uint32_t serPCRSelectionSize;
/* check input arguments */
if (pcrinfo == NULL ||
selection == NULL ||
antiReplay == NULL) return ERR_NULL_ARG;
keytype = 0x0001;
ret = needKeysRoom(keyhandle, 0, 0, 0);
if (ret != 0) {
return ret;
}
TSS_gennonce(antiReplay);
serPCRSelection = TSS_AllocTPMBuffer(TPM_U16_SIZE +
selection->sizeOfSelect);
if (NULL == serPCRSelection) {
return ERR_MEM_ERR;
}
ret = TPM_WritePCRSelection(serPCRSelection, selection);
if (( ret & ERR_MASK) != 0) {
TSS_FreeTPMBuffer(serPCRSelection);
return ret;
}
serPCRSelectionSize = ret;
if (keyauth != NULL) {
/* Open OSAP Session */
ret = TSS_SessionOpen(SESSION_OSAP|SESSION_DSAP,&sess,keyauth,keytype,keyhandle);
if (ret != 0) {
TSS_FreeTPMBuffer(serPCRSelection);
return ret;
}
/* generate odd nonce */
TSS_gennonce(nonceodd);
/* move Network byte order data to variables for hmac calculation */
/* calculate authorization HMAC value */
ret = TSS_authhmac(pubauth,TSS_Session_GetAuth(&sess),TPM_HASH_SIZE,TSS_Session_GetENonce(&sess),nonceodd,c,
TPM_U32_SIZE,&ordinal_no,
TPM_HASH_SIZE,antiReplay,
serPCRSelectionSize, serPCRSelection->buffer,
sizeof(TPM_BOOL), &addVersion,
0,0);
if (ret != 0) {
TSS_FreeTPMBuffer(serPCRSelection);
TSS_SessionClose(&sess);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff("00 C2 T l l % % o L % o %",&tpmdata,
ordinal_no,
keyhndl,
TPM_HASH_SIZE,antiReplay,
serPCRSelectionSize,serPCRSelection->buffer,
addVersion,
TSS_Session_GetHandle(&sess),
TPM_NONCE_SIZE,nonceodd,
c,
TPM_HASH_SIZE,pubauth);
TSS_FreeTPMBuffer(serPCRSelection);
if ((ret & ERR_MASK) != 0) {
TSS_SessionClose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata,"Quote2 - AUTH1");
TSS_SessionClose(&sess);
if (ret != 0) {
return ret;
}
} else {
/* build the request buffer */
ret = TSS_buildbuff("00 C1 T l l % % o",&tpmdata,
ordinal_no,
keyhndl,
TPM_HASH_SIZE,antiReplay,
serPCRSelectionSize,serPCRSelection->buffer,
addVersion);
TSS_FreeTPMBuffer(serPCRSelection);
if ((ret & ERR_MASK) != 0) {
TSS_SessionClose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata,"Quote2");
TSS_SessionClose(&sess);
if (ret != 0) {
return ret;
}
}
/* calculate the size of the returned Blob */
ret = tpm_buffer_load16(&tpmdata,TPM_DATA_OFFSET, &pcrselsize);
if ((ret & ERR_MASK)) {
return ret;
}
pcrselsize += TPM_U16_SIZE + 1 + TPM_HASH_SIZE;
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET + pcrselsize, &verinfosize);
if ((ret & ERR_MASK)) {
return ret;
}
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET + pcrselsize + TPM_U32_SIZE + verinfosize, &sigsize);
if ((ret & ERR_MASK)) {
return ret;
}
storedsize = pcrselsize + TPM_U32_SIZE + verinfosize +
TPM_U32_SIZE + sigsize;
if (keyauth != NULL) {
/* check the HMAC in the response */
ret = TSS_checkhmac1(&tpmdata,ordinal_no,nonceodd,TSS_Session_GetAuth(&sess),TPM_HASH_SIZE,
storedsize,TPM_DATA_OFFSET,
0,0);
if (ret != 0) {
return ret;
}
}
/* copy the returned PCR composite to caller */
if (pcrselsize != (rc =
TPM_ReadPCRInfoShort(&tpmdata, TPM_DATA_OFFSET,
pcrinfo))) {
if ((rc & ERR_MASK))
return rc;
return ERR_BUFFER;
}
if (NULL != versionblob) {
SET_TPM_BUFFER(
versionblob,
&tpmdata.buffer[TPM_DATA_OFFSET+pcrselsize+TPM_U32_SIZE],
verinfosize);
}
if (NULL != signature) {
SET_TPM_BUFFER(signature,
&tpmdata.buffer[TPM_DATA_OFFSET+pcrselsize+TPM_U32_SIZE+verinfosize+TPM_U32_SIZE],
sigsize);
}
return ret;
}
uint32_t TPM_GetCapabilitySigned(uint32_t keyhandle,
unsigned char *keypass,
unsigned char *antiReplay,
uint32_t caparea,
struct tpm_buffer * scap,
struct tpm_buffer * resp,
unsigned char *sig, uint32_t * siglen)
{
uint32_t ret;
uint32_t rlen;
STACK_TPM_BUFFER(tpmdata) /* request/response buffer */
uint32_t ordinal_no = htonl(TPM_ORD_GetCapabilitySigned);
uint32_t keyhandle_no = htonl(keyhandle);
uint32_t caparea_no = htonl(caparea);
unsigned char c = 0;
unsigned char authdata[TPM_HASH_SIZE];
uint32_t ssize;
unsigned char *buffer = NULL;
uint32_t subcaplen = 0;
uint32_t subcaplen_no;
/* check arguments */
if (scap) {
subcaplen = scap->used;
buffer = scap->buffer;
}
subcaplen_no = htonl(subcaplen);
ret = needKeysRoom(keyhandle, 0, 0, 0);
if (ret)
return ret;
if (resp == NULL)
return ERR_NULL_ARG;
if (keypass) {
unsigned char nonceodd[TPM_HASH_SIZE];
session sess;
ret = TSS_gennonce(nonceodd);
if (ret == 0)
return ERR_CRYPT_ERR;
ret = TSS_SessionOpen(SESSION_OSAP | SESSION_OIAP,
&sess, keypass, TPM_ET_KEYHANDLE, keyhandle);
if (ret)
return ret;
/* move Network byte order data to variable for hmac calculation */
ret = TSS_authhmac(authdata, TSS_Session_GetAuth(&sess),
TPM_HASH_SIZE, TSS_Session_GetENonce(&sess),
nonceodd, c, TPM_U32_SIZE, &ordinal_no,
TPM_NONCE_SIZE, antiReplay, TPM_U32_SIZE,
&caparea_no, TPM_U32_SIZE, &subcaplen_no,
subcaplen, buffer, 0, 0);
if (ret) {
TSS_SessionClose(&sess);
return ret;
}
ret = TSS_buildbuff("00 c2 T l l % l @ L % o %", &tpmdata,
ordinal_no,
keyhandle_no,
TPM_NONCE_SIZE, antiReplay,
caparea_no,
subcaplen, buffer,
TSS_Session_GetHandle(&sess),
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, authdata);
if (ret & ERR_MASK) {
TSS_SessionClose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata, "GetCapability - AUTH1");
TSS_SessionClose(&sess);
if (ret)
return ret;
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET+TPM_U32_SIZE, &rlen);
if (ret & ERR_MASK)
return ret;
ret = tpm_buffer_load32(&tpmdata,
TPM_DATA_OFFSET + TPM_U32_SIZE +
TPM_U32_SIZE + rlen, &ssize);
if (ret & ERR_MASK)
return ret;
ret = TSS_checkhmac1(&tpmdata, ordinal_no, nonceodd,
TSS_Session_GetAuth(&sess), TPM_HASH_SIZE,
TPM_U32_SIZE + TPM_U32_SIZE + rlen +
TPM_U32_SIZE + ssize, TPM_DATA_OFFSET, 0, 0);
if (ret)
return ret;
} else {
ret = TSS_buildbuff("00 c1 T l l % l @", &tpmdata,
ordinal_no,
keyhandle_no,
TPM_NONCE_SIZE, antiReplay,
caparea_no, subcaplen, buffer);
if (ret & ERR_MASK)
return ret;
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata, "GetCapability - NO AUTH");
if (ret)
return ret;
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET+TPM_U32_SIZE, &rlen);
if (ret & ERR_MASK)
return ret;
ret = tpm_buffer_load32(&tpmdata,
TPM_DATA_OFFSET + TPM_U32_SIZE +
TPM_U32_SIZE + rlen, &ssize);
if (ret & ERR_MASK)
return ret;
}
if (resp)
SET_TPM_BUFFER(resp,
&tpmdata.buffer[TPM_DATA_OFFSET + TPM_U32_SIZE +
TPM_U32_SIZE], rlen);
if (sig) {
*siglen = MIN(*siglen, ssize);
memcpy(sig,
&tpmdata.buffer[TPM_DATA_OFFSET + TPM_U32_SIZE +
TPM_U32_SIZE + rlen + TPM_U32_SIZE],
*siglen);
}
return ret;
}
uint32_t TPM_Unseal(uint32_t keyhandle,
unsigned char *keyauth,
unsigned char *dataauth,
unsigned char *blob, unsigned int bloblen,
unsigned char *rawdata, unsigned int *datalen)
{
unsigned char unseal_fmt[] = "00 C3 T l l % l % o % l % o %";
unsigned char unseal_fmt_noauth[] = "00 C2 T l l % l % o %";
uint32_t ret;
unsigned char tpmdata[TPM_MAX_BUFF_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char enonce1[TPM_NONCE_SIZE];
unsigned char enonce2[TPM_NONCE_SIZE];
unsigned char dummyauth[TPM_NONCE_SIZE];
unsigned char *passptr2;
unsigned char c;
uint32_t ordinal;
uint32_t keyhndl;
uint32_t authhandle1;
uint32_t authhandle2;
unsigned char authdata1[TPM_HASH_SIZE];
unsigned char authdata2[TPM_HASH_SIZE];
memset(dummyauth, 0, sizeof dummyauth);
/* check input arguments */
if (rawdata == NULL || blob == NULL)
return ERR_NULL_ARG;
if (dataauth == NULL)
passptr2 = dummyauth;
else
passptr2 = dataauth;
if (keyauth != NULL) { /* key password specified */
/* open TWO OIAP sessions, Key and Data */
ret = TSS_OIAPopen(&authhandle1, enonce1);
if (ret != 0)
return ret;
ret = TSS_OIAPopen(&authhandle2, enonce2);
if (ret != 0)
return ret;
/* data to Network byte order variables for HMAC calculation */
ordinal = htonl(0x18);
keyhndl = htonl(keyhandle);
/* generate odd nonce */
TSS_gennonce(nonceodd);
c = 0;
/* calculate KEY authorization HMAC value */
ret =
TSS_authhmac(authdata1, keyauth, TPM_HASH_SIZE,
enonce1, nonceodd, c, TPM_U32_SIZE,
&ordinal, bloblen, blob, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
/* calculate DATA authorization HMAC value */
ret =
TSS_authhmac(authdata2, passptr2, TPM_NONCE_SIZE,
enonce2, nonceodd, c, TPM_U32_SIZE,
&ordinal, bloblen, blob, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff(unseal_fmt, tpmdata,
ordinal,
keyhndl,
bloblen, blob,
authhandle1,
TPM_NONCE_SIZE, nonceodd,
c,
TPM_HASH_SIZE, authdata1,
authhandle2,
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, authdata2);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
/* transmit buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "Unseal");
if (ret != 0) {
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
return ret;
}
*datalen = LOAD32(tpmdata, TPM_DATA_OFFSET);
/* check HMAC in response */
ret = TSS_checkhmac2(tpmdata, ordinal, nonceodd,
keyauth, TPM_HASH_SIZE,
passptr2, TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET,
*datalen,
TPM_DATA_OFFSET + TPM_U32_SIZE, 0, 0);
TSS_OIAPclose(authhandle1);
TSS_OIAPclose(authhandle2);
if (ret != 0)
return ret;
} else { /* no key password */
/* open ONE OIAP session, for the Data */
ret = TSS_OIAPopen(&authhandle2, enonce2);
if (ret != 0)
return ret;
/* data to Network byte order variables for HMAC calculation */
ordinal = htonl(0x18);
keyhndl = htonl(keyhandle);
/* generate odd nonce */
TSS_gennonce(nonceodd);
c = 0;
/* calculate DATA authorization HMAC value */
ret =
TSS_authhmac(authdata2, passptr2, TPM_NONCE_SIZE,
enonce2, nonceodd, c, TPM_U32_SIZE,
&ordinal, bloblen, blob, 0, 0);
if (ret != 0) {
TSS_OIAPclose(authhandle2);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff(unseal_fmt_noauth, tpmdata,
ordinal,
keyhndl,
bloblen, blob,
authhandle2,
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, authdata2);
if ((ret & ERR_MASK) != 0) {
TSS_OIAPclose(authhandle2);
return ret;
}
/* transmit buffer to the TPM device and read the reply */
ret = TPM_Transmit(tpmdata, "Unseal");
if (ret != 0) {
TSS_OIAPclose(authhandle2);
return ret;
}
*datalen = LOAD32(tpmdata, TPM_DATA_OFFSET);
/* check HMAC in response */
ret = TSS_checkhmac1(tpmdata, ordinal, nonceodd,
passptr2, TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET,
*datalen,
TPM_DATA_OFFSET + TPM_U32_SIZE, 0, 0);
TSS_OIAPclose(authhandle2);
if (ret != 0)
return ret;
}
/* copy decrypted data back to caller */
memcpy(rawdata, tpmdata + TPM_DATA_OFFSET + TPM_U32_SIZE,
*datalen);
return 0;
}
uint32_t TPM_GetCapabilityOwner(unsigned char *ownpass,
uint32_t * volflags, uint32_t * nvolflags)
{
uint32_t ret;
STACK_TPM_BUFFER(tpmdata)
/* data to be inserted into Request Buffer (in Network Byte Order) */
/* the uint32_t and uint16_t values are stored in network byte order so they
** are in the correct format when being hashed by the HMAC calculation */
uint32_t command; /* command ordinal */
unsigned char nonceodd[TPM_HASH_SIZE]; /* odd nonce */
unsigned char authdata[TPM_HASH_SIZE]; /* auth data */
session sess;
/* check that parameters are valid */
if (ownpass == NULL || volflags == NULL || nvolflags == NULL)
return ERR_NULL_ARG;
/* set up command and protocol values for TakeOwnership function */
command = htonl(TPM_ORD_GetCapabilityOwner);
/* generate the odd nonce */
ret = TSS_gennonce(nonceodd);
if (ret == 0)
return ret;
/* initiate the OSAP protocol */
ret = TSS_SessionOpen(SESSION_OSAP, &sess, ownpass, TPM_OWNER_ETYPE,
TPM_OWNER_EVALUE);
if (ret)
return ret;
/* calculate the Authorization Data */
ret = TSS_authhmac(authdata, TSS_Session_GetAuth(&sess), TPM_HASH_SIZE,
TSS_Session_GetENonce(&sess), nonceodd, 0,
TPM_U32_SIZE, &command, 0, 0);
if (ret) {
TSS_SessionClose(&sess);
return ret;
}
/* insert all the calculated fields into the request buffer */
ret = TSS_buildbuff("00 c2 T l L % 00 %", &tpmdata,
command,
TSS_Session_GetHandle(&sess),
TPM_HASH_SIZE, nonceodd, TPM_HASH_SIZE, authdata);
if (ret & ERR_MASK) {
TSS_SessionClose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata, "GetCapabilityOwner");
TSS_SessionClose(&sess);
if (ret)
return ret;
ret = TSS_checkhmac1(&tpmdata, command, nonceodd,
TSS_Session_GetAuth(&sess), TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET, TPM_U32_SIZE,
TPM_DATA_OFFSET + TPM_U32_SIZE, TPM_U32_SIZE,
TPM_DATA_OFFSET + TPM_U32_SIZE + TPM_U32_SIZE, 0,
0);
if (ret)
return ret;
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET + 4, nvolflags);
if (ret & ERR_MASK)
return ret;
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET + 4 + TPM_U32_SIZE,
volflags);
if (ret & ERR_MASK)
return ret;
return 0;
}
uint32_t TPM_UnBind(uint32_t keyhandle,
unsigned char *keyauth,
unsigned char *data, uint32_t datalen,
unsigned char *blob, uint32_t * bloblen)
{
uint32_t ret = 0;
STACK_TPM_BUFFER(tpmdata)
session sess;
unsigned char pubauth[TPM_HASH_SIZE];
unsigned char nonceodd[TPM_NONCE_SIZE];
unsigned char c = 0;
uint32_t ordinal = htonl(TPM_ORD_UnBind);
uint32_t datsize = htonl(datalen);
uint32_t keyhndl = htonl(keyhandle);
uint16_t keytype;
uint32_t infosize;
/* check input arguments */
if (data == NULL || blob == NULL)
return ERR_NULL_ARG;
if (keyhandle == 0x40000000)
keytype = TPM_ET_SRK;
else
keytype = TPM_ET_KEYHANDLE;
ret = needKeysRoom(keyhandle, 0, 0, 0);
if (ret)
return ret;
if (keyauth != NULL) { /* key needs authorization */
/* Open OSAP Session */
ret = TSS_SessionOpen(SESSION_OSAP | SESSION_DSAP, &sess, keyauth,
keytype, keyhandle);
if (ret)
return ret;
/* generate odd nonce */
TSS_gennonce(nonceodd);
/* move Network byte order data to variables for HMAC calculation */
/* calculate authorization HMAC value */
ret = TSS_authhmac(pubauth, TSS_Session_GetAuth(&sess),
TPM_HASH_SIZE, TSS_Session_GetENonce(&sess),
nonceodd, c, TPM_U32_SIZE, &ordinal, TPM_U32_SIZE,
&datsize, datalen, data, 0, 0);
if (ret) {
TSS_SessionClose(&sess);
return ret;
}
/* build the request buffer */
ret = TSS_buildbuff("00 C2 T l l @ L % o %", &tpmdata,
ordinal,
keyhndl,
datalen, data,
TSS_Session_GetHandle(&sess),
TPM_NONCE_SIZE, nonceodd,
c, TPM_HASH_SIZE, pubauth);
if (ret & ERR_MASK) {
TSS_SessionClose(&sess);
return ret;
}
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata, "UnBind");
TSS_SessionClose(&sess);
if (ret)
return ret;
/* calculate the size of the returned Blob */
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET, &infosize);
if (ret & ERR_MASK)
return ret;
/* check the HMAC in the response */
ret = TSS_checkhmac1(&tpmdata, ordinal, nonceodd,
TSS_Session_GetAuth(&sess), TPM_HASH_SIZE,
TPM_U32_SIZE, TPM_DATA_OFFSET, infosize,
TPM_DATA_OFFSET + TPM_U32_SIZE, 0, 0);
if (ret)
return ret;
/* copy the returned blob to caller */
memcpy(blob,
&tpmdata.buffer[TPM_DATA_OFFSET + TPM_U32_SIZE], infosize);
*bloblen = infosize;
} else { /* key needs NO authorization */
/* move Network byte order data to variables for HMAC calculation */
/* build the request buffer */
ret = TSS_buildbuff("00 C1 T l l @", &tpmdata,
ordinal, keyhndl, datalen, data);
if (ret & ERR_MASK)
return ret;
/* transmit the request buffer to the TPM device and read the reply */
ret = TPM_Transmit(&tpmdata, "UnBind");
if (ret)
return ret;
/* calculate the size of the returned Blob */
ret = tpm_buffer_load32(&tpmdata, TPM_DATA_OFFSET, &infosize);
if (ret & ERR_MASK)
return ret;
/* copy the returned blob to caller */
memcpy(blob, &tpmdata.buffer[TPM_DATA_OFFSET + TPM_U32_SIZE], infosize);
*bloblen = infosize;
}
return ret;
}