• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3  * Copyright 2017, Fraunhofer SIT sponsored by Infineon Technologies AG
4  * All rights reserved.
5  *******************************************************************************/
6 #ifndef ESYS_INT_H
7 #define ESYS_INT_H
8 
9 #include <stdint.h>
10 #include "esys_types.h"
11 
12 #ifdef __cplusplus
13 extern "C" {
14 #endif
15 
16 /** Linked list type for object meta data.
17  *
18  * This structure represents a linked list to store meta data information of
19  * type IESYS_RESOURCE.
20  */
21 typedef struct RSRC_NODE_T {
22     ESYS_TR esys_handle;        /**< The ESYS_TR handle used by the application
23                                      to reference this entry. */
24     TPM2B_AUTH auth;            /**< The authValue for this resource object. */
25     IESYS_RESOURCE rsrc;        /**< The meta data for this resource object. */
26     struct RSRC_NODE_T * next;  /**< The next object in the linked list. */
27 } RSRC_NODE_T;
28 
29 typedef struct {
30     ESYS_TR tpmKey;
31     ESYS_TR bind;
32     TPM2_SE sessionType;
33     TPMI_ALG_HASH authHash;
34     TPM2B_NONCE *nonceCaller;
35     TPM2B_NONCE nonceCallerData;
36     TPMT_SYM_DEF *symmetric;
37     TPMT_SYM_DEF symmetricData;
38 } StartAuthSession_IN;
39 
40 typedef struct {
41     TPM2B_SENSITIVE_CREATE *inSensitive;
42     TPM2B_SENSITIVE_CREATE inSensitiveData;
43 } CreatePrimary_IN;
44 
45 typedef struct {
46     ESYS_TR saveHandle;
47 } ContextSave_IN;
48 
49 typedef struct {
50     TPMS_CONTEXT *context;
51     TPMS_CONTEXT contextData;
52 } ContextLoad_IN;
53 
54 typedef struct {
55     TPM2B_PUBLIC *inPublic;
56     TPM2B_PUBLIC inPublicData;
57 } Load_IN;
58 
59 typedef struct {
60     TPM2B_PUBLIC *inPublic;
61     TPM2B_PUBLIC inPublicData;
62 } LoadExternal_IN;
63 
64 typedef struct {
65     TPM2B_SENSITIVE_CREATE *inSensitive;
66     TPM2B_SENSITIVE_CREATE inSensitiveData;
67     TPM2B_TEMPLATE *inPublic;
68     TPM2B_TEMPLATE inPublicData;
69 } CreateLoaded_IN;
70 
71 typedef struct {
72     ESYS_TR objectHandle;
73     TPMI_DH_PERSISTENT persistentHandle;
74 } EvictControl_IN;
75 
76 typedef struct {
77     TPM2B_AUTH *auth;
78     TPM2B_AUTH authData;
79 } HMAC_Start_IN;
80 
81 typedef struct {
82     ESYS_TR authHandle;
83     TPM2B_AUTH *newAuth;
84     TPM2B_AUTH newAuthData;
85 } HierarchyChangeAuth_IN;
86 
87 typedef struct {
88     ESYS_TR sequenceHandle;
89 } SequenceComplete_IN;
90 
91 typedef struct {
92     ESYS_TR policySession;
93 } Policy_IN;
94 
95 typedef struct {
96     ESYS_TR nvIndex;
97     TPM2B_AUTH *auth;
98     TPM2B_AUTH authData;
99     TPM2B_NV_PUBLIC *publicInfo;
100     TPM2B_NV_PUBLIC publicInfoData;
101 } NV_IN;
102 
103 typedef struct {
104     ESYS_TR flushHandle;
105 } FlushContext_IN;
106 
107 /** Union for input parameters.
108  *
109  * The input parameters of a command need to be stored if they are needed
110  * in corresponding _Finish() function.
111  */
112 typedef union {
113     StartAuthSession_IN StartAuthSession;
114     CreatePrimary_IN CreatePrimary;
115     ContextSave_IN ContextSave;
116     ContextLoad_IN ContextLoad;
117     Load_IN Load;
118     LoadExternal_IN LoadExternal;
119     CreateLoaded_IN CreateLoaded;
120     EvictControl_IN EvictControl;
121     HMAC_Start_IN HMAC_Start;
122     HierarchyChangeAuth_IN HierarchyChangeAuth;
123     SequenceComplete_IN SequenceComplete;
124     Policy_IN Policy;
125     NV_IN NV;
126     FlushContext_IN FlushContext;
127 } IESYS_CMD_IN_PARAM;
128 
129 /** The states for the ESAPI's internal state machine */
130 enum _ESYS_STATE {
131     _ESYS_STATE_INIT = 0,     /**< The initial state after creation or after
132                                    finishing a command. A new command can only
133                                    be issued in this state. */
134     _ESYS_STATE_SENT,         /**< The state after sending a command to the TPM
135                                    before receiving a response. */
136     _ESYS_STATE_RESUBMISSION, /**< The state after receiving a response from the
137                                    TPM that requires resending of the command.*/
138     _ESYS_STATE_INTERNALERROR /**< A non-recoverable error occured within the
139                                    ESAPI code. */
140 };
141 
142 /** The data structure holding internal state information.
143  *
144  * Each ESYS_CONTEXT respresents a logically independent connection to the TPM.
145  * It stores meta data information about object in order to calculate session
146  * auths and similar things.
147  */
148 struct ESYS_CONTEXT {
149     enum _ESYS_STATE state;      /**< The current state of the ESAPI context. */
150     TSS2_SYS_CONTEXT *sys;       /**< The SYS context used internally to talk to
151                                       the TPM. */
152     ESYS_TR esys_handle_cnt;     /**< The next free ESYS_TR number. */
153     RSRC_NODE_T *rsrc_list;      /**< The linked list of all ESYS_TR objects. */
154     int32_t timeout;             /**< The timeout to be used during
155                                       Tss2_Sys_ExecuteFinish. */
156     ESYS_TR session_type[3];     /**< The list of TPM session handles in the
157                                       current command execution. */
158     RSRC_NODE_T *session_tab[3]; /**< The list of TPM session meta data in the
159                                       current command execution. */
160     int encryptNonceIdx;         /**< The index of the encrypt session. */
161     TPM2B_NONCE *encryptNonce;   /**< The nonce of the encrypt session, or NULL
162                                       if no encrypt session exists. */
163     int authsCount;              /**< The number of session provided during the
164                                       command. */
165     int submissionCount;         /**< The current number of submissions of this
166                                       command to the TPM. */
167     TPM2B_DATA salt;             /**< The salt used during a StartAuthSession.*/
168     IESYS_CMD_IN_PARAM in;       /**< Temporary storage for Input parameters
169                                       needed in corresponding _Finish function*/
170     ESYS_TR esys_handle;         /**< Temporary storage for the object's TPM
171                                       handle during Esys_TR_FromTPMPublic. */
172     TSS2_TCTI_CONTEXT *tcti_app_param;/**< The TCTI context provided by the
173                                            application during Esys_Initialize()
174                                            to be returned from Esys_GetTcti().*/
175     void *dlhandle;              /**< The handle of dlopen if the tcti was
176                                       automatically loaded. */
177     IESYS_SESSION *enc_session;  /**< Ptr to the enc param session.
178                                       Used to restore session attributes */
179 };
180 
181 /** The number of authomatic resubmissions.
182  *
183  * The number of resubmissions before a TPM's TPM2_RC_YIELDED is forwarded to
184  * the application.
185  */
186 #define _ESYS_MAX_SUBMISSIONS 5
187 
188 /** Makro testing parameters against null.
189  */
190 #define _ESYS_ASSERT_NON_NULL(x) \
191     if (x == NULL) { \
192         LOG_ERROR(str(x) " == NULL."); \
193         return TSS2_ESYS_RC_BAD_REFERENCE; \
194     }
195 
196 #ifdef __cplusplus
197 }
198 #endif
199 #endif /* ESYS_INT_H */
200