You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
346 lines
16 KiB
346 lines
16 KiB
|
|
/* Microsoft Reference Implementation for TPM 2.0
|
|
*
|
|
* The copyright in this software is being made available under the BSD License,
|
|
* included below. This software may be subject to other third party and
|
|
* contributor rights, including patent rights, and no such rights are granted
|
|
* under this license.
|
|
*
|
|
* Copyright (c) Microsoft Corporation
|
|
*
|
|
* All rights reserved.
|
|
*
|
|
* BSD License
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without modification,
|
|
* are permitted provided that the following conditions are met:
|
|
*
|
|
* Redistributions of source code must retain the above copyright notice, this list
|
|
* of conditions and the following disclaimer.
|
|
*
|
|
* Redistributions in binary form must reproduce the above copyright notice, this
|
|
* list of conditions and the following disclaimer in the documentation and/or
|
|
* other materials provided with the distribution.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
|
|
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
|
|
* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
|
|
* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
// This file contains the build switches. This contains switches for multiple
|
|
// versions of the crypto-library so some may not apply to your environment.
|
|
//
|
|
// The switches are guarded so that they can either be set on the command line or
|
|
// set here. If the switch is listed on the command line (-DSOME_SWITCH) with NO
|
|
// setting, then the switch will be set to YES. If the switch setting is not on the
|
|
// command line or if the setting is other than YES or NO, then the switch will be set
|
|
// to the default value. The default can either be YES or NO as indicated on each line
|
|
// where the default is selected.
|
|
//
|
|
// A caution: do not try to test these macros by inserting #defines in this file. For
|
|
// some curious reason, a variable set on the command line with no setting will have a
|
|
// value of 1. An "#if SOME_VARIABLE" will work if the variable is not defined or is
|
|
// defined on the command line with no initial setting. However, a
|
|
// "#define SOME_VARIABLE" is a null string and when used in "#if SOME_VARIABLE" will
|
|
// not be a proper expression If you want to test various switches, either use the
|
|
// command line or change the default.
|
|
//
|
|
#ifndef _TPM_BUILD_SWITCHES_H_
|
|
#define _TPM_BUILD_SWITCHES_H_
|
|
|
|
#undef YES
|
|
#define YES 1
|
|
#undef NO
|
|
#define NO 0
|
|
|
|
// Allow the command line to specify a "profile" file
|
|
#ifdef PROFILE
|
|
# define PROFILE_QUOTE(a) #a
|
|
# define PROFILE_INCLUDE(a) PROFILE_QUOTE(a)
|
|
# include PROFILE_INCLUDE(PROFILE)
|
|
#endif
|
|
|
|
// Need an unambiguous definition for DEBUG. Do not change this
|
|
#ifndef DEBUG
|
|
# ifdef NDEBUG
|
|
# define DEBUG NO
|
|
# else
|
|
# define DEBUG YES
|
|
# endif
|
|
#elif (DEBUG != NO) && (DEBUG != YES)
|
|
# undef DEBUG
|
|
# define DEBUG YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
#include "CompilerDependencies.h"
|
|
|
|
// This definition is required for the re-factored code
|
|
#if (!defined USE_BN_ECC_DATA) \
|
|
|| ((USE_BN_ECC_DATA != NO) && (USE_BN_ECC_DATA != YES))
|
|
# undef USE_BN_ECC_DATA
|
|
# define USE_BN_ECC_DATA YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// The SIMULATION switch allows certain other macros to be enabled. The things that
|
|
// can be enabled in a simulation include key caching, reproducible "random"
|
|
// sequences, instrumentation of the RSA key generation process, and certain other
|
|
// debug code. SIMULATION Needs to be defined as either YES or NO. This grouping of
|
|
// macros will make sure that it is set correctly. A simulated TPM would include a
|
|
// Virtual TPM. The interfaces for a Virtual TPM should be modified from the standard
|
|
// ones in the Simulator project.
|
|
//
|
|
// If SIMULATION is in the compile parameters without modifiers,
|
|
// make SIMULATION == YES
|
|
#if !(defined SIMULATION) || ((SIMULATION != NO) && (SIMULATION != YES))
|
|
# undef SIMULATION
|
|
# define SIMULATION YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Define this to run the function that checks the compatibility between the
|
|
// chosen big number math library and the TPM code. Not all ports use this.
|
|
#if !(defined LIBRARY_COMPATIBILITY_CHECK) \
|
|
|| (( LIBRARY_COMPATIBILITY_CHECK != NO) \
|
|
&& (LIBRARY_COMPATIBILITY_CHECK != YES))
|
|
# undef LIBRARY_COMPATIBILITY_CHECK
|
|
# define LIBRARY_COMPATIBILITY_CHECK YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
#if !(defined FIPS_COMPLIANT) || ((FIPS_COMPLIANT != NO) && (FIPS_COMPLIANT != YES))
|
|
# undef FIPS_COMPLIANT
|
|
# define FIPS_COMPLIANT YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Definition to allow alternate behavior for non-orderly startup. If there is a
|
|
// chance that the TPM could not update 'failedTries'
|
|
#if !(defined USE_DA_USED) || ((USE_DA_USED != NO) && (USE_DA_USED != YES))
|
|
# undef USE_DA_USED
|
|
# define USE_DA_USED YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Define TABLE_DRIVEN_DISPATCH to use tables rather than case statements
|
|
// for command dispatch and handle unmarshaling
|
|
#if !(defined TABLE_DRIVEN_DISPATCH) \
|
|
|| ((TABLE_DRIVEN_DISPATCH != NO) && (TABLE_DRIVEN_DISPATCH != YES))
|
|
# undef TABLE_DRIVEN_DISPATCH
|
|
# define TABLE_DRIVEN_DISPATCH YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// This switch is used to enable the self-test capability in AlgorithmTests.c
|
|
#if !(defined SELF_TEST) || ((SELF_TEST != NO) && (SELF_TEST != YES))
|
|
# undef SELF_TEST
|
|
# define SELF_TEST YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Enable the generation of RSA primes using a sieve.
|
|
#if !(defined RSA_KEY_SIEVE) || ((RSA_KEY_SIEVE != NO) && (RSA_KEY_SIEVE != YES))
|
|
# undef RSA_KEY_SIEVE
|
|
# define RSA_KEY_SIEVE YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Enable the instrumentation of the sieve process. This is used to tune the sieve
|
|
// variables.
|
|
#if RSA_KEY_SIEVE && SIMULATION
|
|
# if !(defined RSA_INSTRUMENT) \
|
|
|| ((RSA_INSTRUMENT != NO) && (RSA_INSTRUMENT != YES))
|
|
# undef RSA_INSTRUMENT
|
|
# define RSA_INSTRUMENT NO // Default: Either YES or NO
|
|
# endif
|
|
#endif
|
|
|
|
// This switch enables the RNG state save and restore
|
|
#if !(defined _DRBG_STATE_SAVE) \
|
|
|| ((_DRBG_STATE_SAVE != NO) && (_DRBG_STATE_SAVE != YES))
|
|
# undef _DRBG_STATE_SAVE
|
|
# define _DRBG_STATE_SAVE YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Switch added to support packed lists that leave out space associated with
|
|
// unimplemented commands. Comment this out to use linear lists.
|
|
// Note: if vendor specific commands are present, the associated list is always
|
|
// in compressed form.
|
|
#if !(defined COMPRESSED_LISTS) \
|
|
|| ((COMPRESSED_LISTS != NO) && (COMPRESSED_LISTS != YES))
|
|
# undef COMPRESSED_LISTS
|
|
# define COMPRESSED_LISTS YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// This switch indicates where clock epoch value should be stored. If this value
|
|
// defined, then it is assumed that the timer will change at any time so the
|
|
// nonce should be a random number kept in RAM. When it is not defined, then the
|
|
// timer only stops during power outages.
|
|
#if !(defined CLOCK_STOPS) || ((CLOCK_STOPS != NO) && (CLOCK_STOPS != YES))
|
|
# undef CLOCK_STOPS
|
|
# define CLOCK_STOPS NO // Default: Either YES or NO
|
|
#endif
|
|
|
|
// This switch allows use of #defines in place of pass-through marshaling or
|
|
// unmarshaling code. A pass-through function just calls another function to do
|
|
// the required function and does no parameter checking of its own. The
|
|
// table-driven dispatcher calls directly to the lowest level
|
|
// marshaling/unmarshaling code and by-passes any pass-through functions.
|
|
#if (defined USE_MARSHALING_DEFINES) && (USE_MARSHALING_DEFINES != NO)
|
|
# undef USE_MARSHALING_DEFINES
|
|
# define USE_MARSHALING_DEFINES YES
|
|
#else
|
|
# define USE_MARSHALING_DEFINES YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
//**********************************
|
|
// The switches in this group can only be enabled when doing debug during simulation
|
|
#if SIMULATION && DEBUG
|
|
// This forces the use of a smaller context slot size. This reduction reduces the
|
|
// range of the epoch allowing the tester to force the epoch to occur faster than
|
|
// the normal defined in TpmProfile.h
|
|
# if !(defined CONTEXT_SLOT)
|
|
# define CONTEXT_SLOT UINT8
|
|
# endif
|
|
// Enables use of the key cache. Default is YES
|
|
# if !(defined USE_RSA_KEY_CACHE) \
|
|
|| ((USE_RSA_KEY_CACHE != NO) && (USE_RSA_KEY_CACHE != YES))
|
|
# undef USE_RSA_KEY_CACHE
|
|
# define USE_RSA_KEY_CACHE YES // Default: Either YES or NO
|
|
# endif
|
|
|
|
// Enables use of a file to store the key cache values so that the TPM will start
|
|
// faster during debug. Default for this is YES
|
|
# if USE_RSA_KEY_CACHE
|
|
# if !(defined USE_KEY_CACHE_FILE) \
|
|
|| ((USE_KEY_CACHE_FILE != NO) && (USE_KEY_CACHE_FILE != YES))
|
|
# undef USE_KEY_CACHE_FILE
|
|
# define USE_KEY_CACHE_FILE YES // Default: Either YES or NO
|
|
# endif
|
|
# else
|
|
# undef USE_KEY_CACHE_FILE
|
|
# define USE_KEY_CACHE_FILE NO
|
|
# endif // USE_RSA_KEY_CACHE
|
|
|
|
// This provides fixed seeding of the RNG when doing debug on a simulator. This
|
|
// should allow consistent results on test runs as long as the input parameters
|
|
// to the functions remains the same. There is no default value.
|
|
# if !(defined USE_DEBUG_RNG) || ((USE_DEBUG_RNG != NO) && (USE_DEBUG_RNG != YES))
|
|
# undef USE_DEBUG_RNG
|
|
# define USE_DEBUG_RNG YES // Default: Either YES or NO
|
|
# endif
|
|
|
|
// Do not change these. They are the settings needed when not doing a simulation and
|
|
// not doing debug. Can't use the key cache except during debug. Otherwise, all of the
|
|
// key values end up being the same
|
|
#else
|
|
# define USE_RSA_KEY_CACHE NO
|
|
# define USE_RSA_KEY_CACHE_FILE NO
|
|
# define USE_DEBUG_RNG NO
|
|
#endif // DEBUG && SIMULATION
|
|
|
|
#if DEBUG
|
|
|
|
// In some cases, the relationship between two values may be dependent
|
|
// on things that change based on various selections like the chosen cryptographic
|
|
// libraries. It is possible that these selections will result in incompatible
|
|
// settings. These are often detectable by the compiler but it is not always
|
|
// possible to do the check in the preprocessor code. For example, when the
|
|
// check requires use of 'sizeof'() then the preprocessor can't do the comparison.
|
|
// For these cases, we include a special macro that, depending on the compiler
|
|
// will generate a warning to indicate if the check always passes or always fails
|
|
// because it involves fixed constants. To run these checks, define COMPILER_CHECKS.
|
|
# if !(defined COMPILER_CHECKS) \
|
|
|| ((COMPILER_CHECKS != NO) && (COMPILER_CHECKS != YES))
|
|
# undef COMPILER_CHECKS
|
|
# define COMPILER_CHECKS NO // Default: Either YES or NO
|
|
# endif
|
|
|
|
// Some of the values (such as sizes) are the result of different options set in
|
|
// TpmProfile.h. The combination might not be consistent. A function is defined
|
|
// (TpmSizeChecks()) that is used to verify the sizes at run time. To enable the
|
|
// function, define this parameter.
|
|
# if !(defined RUNTIME_SIZE_CHECKS) \
|
|
|| ((RUNTIME_SIZE_CHECKS != NO) && (RUNTIME_SIZE_CHECKS != YES))
|
|
# undef RUNTIME_SIZE_CHECKS
|
|
# define RUNTIME_SIZE_CHECKS YES // Default: Either YES or NO
|
|
# endif
|
|
|
|
// If doing debug, can set the DRBG to print out the intermediate test values.
|
|
// Before enabling this, make sure that the dbgDumpMemBlock() function
|
|
// has been added someplace (preferably, somewhere in CryptRand.c)
|
|
# if !(defined DRBG_DEBUG_PRINT) \
|
|
|| ((DRBG_DEBUG_PRINT != NO) && (DRBG_DEBUG_PRINT != YES))
|
|
# undef DRBG_DEBUG_PRINT
|
|
# define DRBG_DEBUG_PRINT NO // Default: Either YES or NO
|
|
# endif
|
|
|
|
// If an assertion event it not going to produce any trace information (function and
|
|
// line number) then make FAIL_TRACE == NO
|
|
# if !(defined FAIL_TRACE) || ((FAIL_TRACE != NO) && (FAIL_TRACE != YES))
|
|
# undef FAIL_TRACE
|
|
# define FAIL_TRACE YES // Default: Either YES or NO
|
|
# endif
|
|
|
|
#endif // DEBUG
|
|
|
|
// Indicate if the implementation is going to give lockout time credit for time up to
|
|
// the last orderly shutdown.
|
|
#if !(defined ACCUMULATE_SELF_HEAL_TIMER) \
|
|
|| ((ACCUMULATE_SELF_HEAL_TIMER != NO) && (ACCUMULATE_SELF_HEAL_TIMER != YES))
|
|
# undef ACCUMULATE_SELF_HEAL_TIMER
|
|
# define ACCUMULATE_SELF_HEAL_TIMER YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Indicates if the implementation is to compute the sizes of the proof and primary
|
|
// seed size values based on the implemented algorithms.
|
|
#if !(defined USE_SPEC_COMPLIANT_PROOFS) \
|
|
|| ((USE_SPEC_COMPLIANT_PROOFS != NO) && (USE_SPEC_COMPLIANT_PROOFS != YES))
|
|
# undef USE_SPEC_COMPLIANT_PROOFS
|
|
# define USE_SPEC_COMPLIANT_PROOFS YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Comment this out to allow compile to continue even though the chosen proof values
|
|
// do not match the compliant values. This is written so that someone would
|
|
// have to proactively ignore errors.
|
|
#if !(defined SKIP_PROOF_ERRORS) \
|
|
|| ((SKIP_PROOF_ERRORS != NO) && (SKIP_PROOF_ERRORS != YES))
|
|
# undef SKIP_PROOF_ERRORS
|
|
# define SKIP_PROOF_ERRORS NO // Default: Either YES or NO
|
|
#endif
|
|
|
|
// This define is used to eliminate the use of bit-fields. It can be enabled for big-
|
|
// or little-endian machines. For big-endian architectures that numbers bits in
|
|
// registers from left to right (MSb0) this must be enabled. Little-endian machines
|
|
// number from right to left with the least significant bit having assigned a bit
|
|
// number of 0. These are LSb0 machines (they are also little-endian so they are also
|
|
// least-significant byte 0 (LSB0) machines. Big-endian (MSB0) machines may number in
|
|
// either direction (MSb0 or LSb0). For an MSB0+MSb0 machine this value is required to
|
|
// be 'NO'
|
|
#if !(defined USE_BIT_FIELD_STRUCTURES) \
|
|
|| ((USE_BIT_FIELD_STRUCTURES != NO) && (USE_BIT_FIELD_STRUCTURES != YES))
|
|
# undef USE_BIT_FIELD_STRUCTURES
|
|
# define USE_BIT_FIELD_STRUCTURES NO // Default: Either YES or NO
|
|
#endif
|
|
|
|
// This define is used to control the debug for the CertifyX509 command.
|
|
#if !(defined CERTIFYX509_DEBUG) \
|
|
|| ((CERTIFYX509_DEBUG != NO) && (CERTIFYX509_DEBUG != YES))
|
|
# undef CERTIFYX509_DEBUG
|
|
# define CERTIFYX509_DEBUG YES // Default: Either YES or NO
|
|
#endif
|
|
|
|
// This define is used to enable the new table-driven marshaling code.
|
|
#if !(defined TABLE_DRIVEN_MARSHAL) \
|
|
|| ((TABLE_DRIVEN_MARSHAL != NO) && (TABLE_DRIVEN_MARSHAL != YES))
|
|
# undef TABLE_DRIVEN_MARSHAL
|
|
# define TABLE_DRIVEN_MARSHAL NO // Default: Either YES or NO
|
|
#endif
|
|
|
|
// Change these definitions to turn all algorithms or commands ON or OFF. That is,
|
|
// to turn all algorithms on, set ALG_NO to YES. This is mostly useful as a debug
|
|
// feature.
|
|
#define ALG_YES YES
|
|
#define ALG_NO NO
|
|
#define CC_YES YES
|
|
#define CC_NO NO
|
|
|
|
#endif // _TPM_BUILD_SWITCHES_H_
|