1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /*********************************************************************** 3 * Copyright (c) 2017-2018, Intel Corporation 4 * 5 * All rights reserved. 6 ***********************************************************************/ 7 #ifndef _SESSION_UTIL_H_ 8 #define _SESSION_UTIL_H_ 9 10 #include <stdbool.h> 11 #include <uthash.h> 12 #include "tss2_tpm2_types.h" 13 #include "tss2_sys.h" 14 #include "util/tpm2b.h" 15 16 typedef struct { 17 TPMI_DH_OBJECT tpmKey; 18 TPMI_DH_ENTITY bind; 19 TPM2B_ENCRYPTED_SECRET encryptedSalt; 20 TPM2B_MAX_BUFFER salt; 21 TPM2_SE sessionType; 22 TPMT_SYM_DEF symmetric; 23 TPMI_ALG_HASH authHash; 24 TPMI_SH_AUTH_SESSION sessionHandle; 25 TPM2B_NONCE nonceTPM; 26 TPM2B_DIGEST sessionKey; 27 TPM2B_DIGEST authValueBind; 28 TPM2B_NONCE nonceNewer; 29 TPM2B_NONCE nonceOlder; 30 TPM2B_NONCE nonceTpmDecrypt; 31 TPM2B_NONCE nonceTpmEncrypt; 32 TPM2B_NAME name; 33 void *hmacPtr; 34 UT_hash_handle hh; 35 } SESSION; 36 37 typedef struct{ 38 TPM2_HANDLE entityHandle; 39 TPM2B_AUTH entityAuth; 40 UT_hash_handle hh; 41 } ENTITY; 42 43 /* 44 * Helper function used to calculate cpHash and rpHash 45 * if command is true cpHash is calculated, 46 * otherwise rpHash rpHash is calculated. 47 */ 48 TSS2_RC 49 tpm_calc_phash( 50 TSS2_SYS_CONTEXT *sysContext, 51 TPM2_HANDLE handle1, 52 TPM2_HANDLE handle2, 53 TPM2_HANDLE handle3, 54 TPMI_ALG_HASH auth_hash, 55 bool command, 56 TPM2B_DIGEST *result); 57 58 UINT32 59 tpm_handle_to_name( 60 TSS2_TCTI_CONTEXT *tcti_context, 61 TPM2_HANDLE handle, 62 TPM2B_NAME *name); 63 64 void 65 roll_nonces( 66 SESSION *session, 67 TPM2B_NONCE *new_nonce); 68 69 TSS2_RC 70 KDFa(TPMI_ALG_HASH hash, 71 TPM2B *key, 72 const char *label, 73 TPM2B *contextU, 74 TPM2B *contextV, 75 UINT16 bits, 76 TPM2B_MAX_BUFFER *resultKey ); 77 78 SESSION * 79 get_session(TPMI_SH_AUTH_SESSION hndl); 80 81 TSS2_RC create_auth_session( 82 SESSION **psession, 83 TPMI_DH_OBJECT tpmKey, 84 TPM2B_MAX_BUFFER *salt, 85 TPMI_DH_ENTITY bind, 86 TPM2B_AUTH *bindAuth, 87 TPM2B_NONCE *nonceCaller, 88 TPM2B_ENCRYPTED_SECRET *encryptedSalt, 89 TPM2_SE sessionType, 90 TPMT_SYM_DEF *symmetric, 91 TPMI_ALG_HASH algId, 92 TSS2_TCTI_CONTEXT *tctiContext); 93 94 TSS2_RC 95 compute_command_hmac( 96 TSS2_SYS_CONTEXT *sysContext, 97 TPM2_HANDLE handle1, 98 TPM2_HANDLE handle2, 99 TPM2_HANDLE handle3, 100 TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn); 101 102 TSS2_RC 103 check_response_hmac( 104 TSS2_SYS_CONTEXT *sysContext, 105 TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn, 106 TPM2_HANDLE handle1, 107 TPM2_HANDLE handle2, 108 TPM2_HANDLE handle3, 109 TSS2L_SYS_AUTH_RESPONSE *pSessionsDataOut); 110 111 void 112 end_auth_session(SESSION *session); 113 114 int 115 AddEntity(TPM2_HANDLE handle, TPM2B_AUTH *auth); 116 117 void 118 DeleteEntity(TPM2_HANDLE handle); 119 120 int 121 GetEntityAuth(TPM2_HANDLE handle, TPM2B_AUTH *auth); 122 123 ENTITY * 124 GetEntity(TPM2_HANDLE handle); 125 126 TSS2_RC 127 encrypt_command_param( 128 SESSION *session, 129 TPM2B_MAX_BUFFER *encryptedData, 130 TPM2B_MAX_BUFFER *clearData, 131 TPM2B_AUTH *authValue); 132 133 TSS2_RC 134 decrypt_response_param( 135 SESSION *session, 136 TPM2B_MAX_BUFFER *clearData, 137 TPM2B_MAX_BUFFER *encryptedData, 138 TPM2B_AUTH *authValue); 139 140 #endif 141