1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************;
3 * Copyright (c) 2015 - 2017, Intel Corporation
4 * All rights reserved.
5 ***********************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include "tss2_tpm2_types.h"
12 #include "tss2_mu.h"
13 #include "sysapi_util.h"
14
Tss2_Sys_StartAuthSession_Prepare(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT tpmKey,TPMI_DH_ENTITY bind,const TPM2B_NONCE * nonceCaller,const TPM2B_ENCRYPTED_SECRET * encryptedSalt,TPM2_SE sessionType,const TPMT_SYM_DEF * symmetric,TPMI_ALG_HASH authHash)15 TSS2_RC Tss2_Sys_StartAuthSession_Prepare(
16 TSS2_SYS_CONTEXT *sysContext,
17 TPMI_DH_OBJECT tpmKey,
18 TPMI_DH_ENTITY bind,
19 const TPM2B_NONCE *nonceCaller,
20 const TPM2B_ENCRYPTED_SECRET *encryptedSalt,
21 TPM2_SE sessionType,
22 const TPMT_SYM_DEF *symmetric,
23 TPMI_ALG_HASH authHash)
24 {
25 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
26 TSS2_RC rval;
27
28 if (!ctx || !symmetric)
29 return TSS2_SYS_RC_BAD_REFERENCE;
30
31 if (IsAlgorithmWeak(authHash, 0))
32 return TSS2_SYS_RC_BAD_VALUE;
33
34 rval = CommonPreparePrologue(ctx, TPM2_CC_StartAuthSession);
35 if (rval)
36 return rval;
37
38 rval = Tss2_MU_UINT32_Marshal(tpmKey, ctx->cmdBuffer,
39 ctx->maxCmdSize,
40 &ctx->nextData);
41 if (rval)
42 return rval;
43
44 rval = Tss2_MU_UINT32_Marshal(bind, ctx->cmdBuffer,
45 ctx->maxCmdSize,
46 &ctx->nextData);
47 if (rval)
48 return rval;
49
50 if (!nonceCaller) {
51 ctx->decryptNull = 1;
52
53 rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
54 ctx->maxCmdSize,
55 &ctx->nextData);
56 } else {
57
58 rval = Tss2_MU_TPM2B_NONCE_Marshal(nonceCaller, ctx->cmdBuffer,
59 ctx->maxCmdSize,
60 &ctx->nextData);
61 }
62
63 if (rval)
64 return rval;
65
66 if (!encryptedSalt) {
67 rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
68 ctx->maxCmdSize,
69 &ctx->nextData);
70
71 } else {
72
73 rval = Tss2_MU_TPM2B_ENCRYPTED_SECRET_Marshal(encryptedSalt,
74 ctx->cmdBuffer,
75 ctx->maxCmdSize,
76 &ctx->nextData);
77 }
78
79 if (rval)
80 return rval;
81
82 rval = Tss2_MU_UINT8_Marshal(sessionType, ctx->cmdBuffer,
83 ctx->maxCmdSize,
84 &ctx->nextData);
85 if (rval)
86 return rval;
87
88 rval = Tss2_MU_TPMT_SYM_DEF_Marshal(symmetric, ctx->cmdBuffer,
89 ctx->maxCmdSize,
90 &ctx->nextData);
91 if (rval)
92 return rval;
93
94 rval = Tss2_MU_UINT16_Marshal(authHash, ctx->cmdBuffer,
95 ctx->maxCmdSize,
96 &ctx->nextData);
97 if (rval)
98 return rval;
99
100 ctx->decryptAllowed = 1;
101 ctx->encryptAllowed = 1;
102 ctx->authAllowed = 1;
103
104 return CommonPrepareEpilogue(ctx);
105 }
106
Tss2_Sys_StartAuthSession_Complete(TSS2_SYS_CONTEXT * sysContext,TPMI_SH_AUTH_SESSION * sessionHandle,TPM2B_NONCE * nonceTPM)107 TSS2_RC Tss2_Sys_StartAuthSession_Complete(
108 TSS2_SYS_CONTEXT *sysContext,
109 TPMI_SH_AUTH_SESSION *sessionHandle,
110 TPM2B_NONCE *nonceTPM)
111 {
112 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
113 TSS2_RC rval;
114
115 if (!ctx)
116 return TSS2_SYS_RC_BAD_REFERENCE;
117
118 rval = Tss2_MU_UINT32_Unmarshal(ctx->cmdBuffer,
119 ctx->maxCmdSize,
120 &ctx->nextData,
121 sessionHandle);
122 if (rval)
123 return rval;
124
125 rval = CommonComplete(ctx);
126 if (rval)
127 return rval;
128
129 return Tss2_MU_TPM2B_NONCE_Unmarshal(ctx->cmdBuffer,
130 ctx->maxCmdSize,
131 &ctx->nextData, nonceTPM);
132 }
133
Tss2_Sys_StartAuthSession(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT tpmKey,TPMI_DH_ENTITY bind,TSS2L_SYS_AUTH_COMMAND const * cmdAuthsArray,const TPM2B_NONCE * nonceCaller,const TPM2B_ENCRYPTED_SECRET * encryptedSalt,TPM2_SE sessionType,const TPMT_SYM_DEF * symmetric,TPMI_ALG_HASH authHash,TPMI_SH_AUTH_SESSION * sessionHandle,TPM2B_NONCE * nonceTPM,TSS2L_SYS_AUTH_RESPONSE * rspAuthsArray)134 TSS2_RC Tss2_Sys_StartAuthSession(
135 TSS2_SYS_CONTEXT *sysContext,
136 TPMI_DH_OBJECT tpmKey,
137 TPMI_DH_ENTITY bind,
138 TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
139 const TPM2B_NONCE *nonceCaller,
140 const TPM2B_ENCRYPTED_SECRET *encryptedSalt,
141 TPM2_SE sessionType,
142 const TPMT_SYM_DEF *symmetric,
143 TPMI_ALG_HASH authHash,
144 TPMI_SH_AUTH_SESSION *sessionHandle,
145 TPM2B_NONCE *nonceTPM,
146 TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray)
147 {
148 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
149 TSS2_RC rval;
150
151 if (!symmetric)
152 return TSS2_SYS_RC_BAD_REFERENCE;
153
154 rval = Tss2_Sys_StartAuthSession_Prepare(sysContext, tpmKey, bind, nonceCaller, encryptedSalt, sessionType, symmetric, authHash);
155 if (rval)
156 return rval;
157
158 rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
159 if (rval)
160 return rval;
161
162 return Tss2_Sys_StartAuthSession_Complete(sysContext, sessionHandle, nonceTPM);
163 }
164