• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************
3  * Copyright (c) 2017-2018, Intel Corporation
4  *
5  * All rights reserved.
6  ***********************************************************************/
7 #ifndef TEST_INTEGRATION_SAPI_UTIL_H
8 #define TEST_INTEGRATION_SAPI_UTIL_H
9 
10 #include "tss2_tpm2_types.h"
11 #include "tss2_sys.h"
12 #include "util/tpm2b.h"
13 
14 /*
15  * This macro is like the GNU TEMP_FAILURE_RETRY macro for the
16  * TPM2_RC_RETRY response code.
17  */
18 #define TSS2_RETRY_EXP(expression)                         \
19     ({                                                     \
20         TSS2_RC __result = 0;                              \
21         do {                                               \
22             __result = (expression);                       \
23         } while ((__result & 0x0000ffff) == TPM2_RC_RETRY); \
24         __result;                                          \
25     })
26 /*
27  * tpm2b default initializers, these set the size to the max for the default
28  * structure and zero's the data area.
29  */
30 #define TPM2B_SIZE(type) (sizeof (type) - 2)
31 #define TPM2B_NAMED_INIT(type, field) \
32     { \
33         .size = TPM2B_SIZE (type), \
34         .field = { 0 } \
35     }
36 #define TPM2B_DIGEST_INIT TPM2B_NAMED_INIT (TPM2B_DIGEST, buffer)
37 #define TPM2B_NAME_INIT TPM2B_NAMED_INIT (TPM2B_NAME, name)
38 #define TPM2B_PRIVATE_INIT TPM2B_NAMED_INIT (TPM2B_PRIVATE, buffer)
39 
40 #define TPM2B_MAX_BUFFER_INIT { .size = TPM2_MAX_DIGEST_BUFFER }
41 #define TPM2B_IV_INIT { .size = TPM2_MAX_SYM_BLOCK_SIZE }
42 
43 #define BUFFER_SIZE(type, field) (sizeof((((type *)NULL)->t.field)))
44 #define TPM2B_TYPE_INIT(type, field) { .size = BUFFER_SIZE(type, field), }
45 /*
46  * Use te provide SAPI context to create & load a primary key. The key will
47  * be a 2048 bit (restricted decryption) RSA key. The associated symmetric
48  * key is a 128 bit AES (CFB mode) key.
49  */
50 TSS2_RC
51 create_primary_rsa_2048_aes_128_cfb (
52     TSS2_SYS_CONTEXT *sapi_context,
53     TPM2_HANDLE       *handle);
54 /*
55  * This function creates a 128 bit symmetric AES key in cbc mode. This key will
56  * be created as the child of the parameter 'handle_parent'. The handle for the
57  * newly created AND loaded key is returned in the parameter 'handle'.
58  */
59 TSS2_RC
60 create_aes_128_cfb (
61     TSS2_SYS_CONTEXT *sapi_context,
62     TPM2_HANDLE        handle_parent,
63     TPM2_HANDLE       *handle);
64 
65 /*
66  * This function creates a RSA key of KEYEDHASH type.
67  */
68 TSS2_RC
69 create_keyedhash_key (
70     TSS2_SYS_CONTEXT *sapi_context,
71     TPM2_HANDLE       handle_parent,
72     TPM2_HANDLE      *handle);
73 
74 /*
75  * This function will decrypt or encrypt the 'data_in' buffer and return the
76  * results in the 'data_out' parameter. Decrypt or encrypt is selected using
77  * the 'decrypt' TPMI_YES_NO parameter. The key used for the operation is
78  * provided in the 'handle' parameter.
79  * Under the covers this function uses an IV of all zeros and so it can not
80  * be used for streaming. It can only be used to encrypt or decrypt a single
81  * buffer. This function uses tpm to perform encryption.
82  */
83 TSS2_RC
84 tpm_encrypt_decrypt_cfb (
85     TSS2_SYS_CONTEXT *sapi_context,
86     TPMI_DH_OBJECT    handle,
87     TPMI_YES_NO       decrypt,
88     TPM2B_MAX_BUFFER *data_in,
89     TPM2B_MAX_BUFFER *data_out);
90 /*
91  * This is a convenience wrapper around the encrypt_decrypt_cfb function.
92  * This function uses tpm to perform encryption.
93  */
94 TSS2_RC
95 tpm_encrypt_cfb (
96     TSS2_SYS_CONTEXT *sapi_context,
97     TPMI_DH_OBJECT    handle,
98     TPM2B_MAX_BUFFER *data_in,
99     TPM2B_MAX_BUFFER *data_out);
100 /*
101  * This is a convenience wrapper around the encrypt_decrypt_cfb function.
102  * This function uses tpm to perform encryption.
103  */
104 TSS2_RC
105 tpm_decrypt_cfb (
106     TSS2_SYS_CONTEXT *sapi_context,
107     TPMI_DH_OBJECT    handle,
108     TPM2B_MAX_BUFFER *data_in,
109     TPM2B_MAX_BUFFER *data_out);
110 /*
111  * This function is identical to the encrypt_decrypt_cfb function but under
112  * the covers it uses the EncryptDecrypt2 function instead of EncryptDecrypt.
113  * This function uses tpm to perform encryption.
114  */
115 TSS2_RC
116 tpm_encrypt_decrypt_2_cfb (
117     TSS2_SYS_CONTEXT *sapi_context,
118     TPMI_DH_OBJECT    handle,
119     TPMI_YES_NO       decrypt,
120     TPM2B_MAX_BUFFER *data_in,
121     TPM2B_MAX_BUFFER *data_out);
122 /*
123  * This is a convenience wrapper around the encrypt_decrypt_2_cfb function.
124  * This function uses tpm to perform encryption.
125  */
126 TSS2_RC
127 tpm_encrypt_2_cfb (
128     TSS2_SYS_CONTEXT *sapi_context,
129     TPMI_DH_OBJECT    handle,
130     TPM2B_MAX_BUFFER *data_in,
131     TPM2B_MAX_BUFFER *data_out);
132 /*
133  * This is a convenience wrapper around the encrypt_decrypt_2_cfb function.
134  * This function uses tpm to perform encryption.
135  */
136 TSS2_RC
137 tpm_decrypt_2_cfb (
138     TSS2_SYS_CONTEXT *sapi_context,
139     TPMI_DH_OBJECT    handle,
140     TPM2B_MAX_BUFFER *data_in,
141     TPM2B_MAX_BUFFER *data_out);
142 /*
143  * This helper function uses software to perform decryption.
144  */
145 TSS2_RC
146 decrypt_cfb (
147     TPM2B_MAX_BUFFER *data_out,
148     TPM2B_MAX_BUFFER *data_in,
149     TPM2B_MAX_BUFFER *key,
150     TPM2B_IV *iv);
151 /*
152  * This helper function uses software to perform encryption.
153  */
154 TSS2_RC
155 encrypt_cfb (
156     TPM2B_MAX_BUFFER *data_out,
157     TPM2B_MAX_BUFFER *data_in,
158     TPM2B_MAX_BUFFER *key,
159     TPM2B_IV *iv);
160 
161 /*
162  * This is a helper function for digest calculation.
163  * alg can be TPM2_ALG_SHA1, TPM2_ALG_SHA256, TPM2_ALG_SHA384,
164  * and TPM2_ALG_SHA512
165  */
166 TSS2_RC
167 hash (
168     TPM2_ALG_ID alg,
169     const void *data,
170     int size,
171     TPM2B_DIGEST *out);
172 
173 /*
174  * This is a helper function for calculating HMAC.
175  * alg can be TPM2_ALG_SHA1, TPM2_ALG_SHA256, TPM2_ALG_SHA384,
176  * and TPM2_ALG_SHA512
177  */
178 TSS2_RC
179 hmac(
180     TPM2_ALG_ID alg,
181     const void *key,
182     int key_len,
183     TPM2B_DIGEST **buffer_list,
184     TPM2B_DIGEST *out);
185 
186 /*
187  * Returns digest size for a give hash alg
188  */
189 UINT16
190 GetDigestSize(TPM2_ALG_ID hash);
191 
192 TSS2_RC
193 CompareSizedByteBuffer(
194         TPM2B *buffer1,
195         TPM2B *buffer2);
196 
197 TSS2_RC
198 ConcatSizedByteBuffer(
199         TPM2B_MAX_BUFFER *result,
200         TPM2B *buf);
201 
202 void
203 CatSizedByteBuffer(
204         TPM2B *dest,
205         TPM2B *src);
206 
207 UINT16
208 CopySizedByteBuffer(
209         TPM2B *dest,
210         const TPM2B *src);
211 
212 TSS2_RC
213 DefineNvIndex (
214     TSS2_SYS_CONTEXT *sys_ctx,
215     TPMI_RH_PROVISION authHandle,
216     TPM2B_AUTH *auth,
217     const TPM2B_DIGEST *authPolicy,
218     TPMI_RH_NV_INDEX nvIndex,
219     TPMI_ALG_HASH nameAlg,
220     TPMA_NV attributes,
221     UINT16 size);
222 
223 #endif /* TEST_INTEGRATION_SAPI_UTIL_H */
224