You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

224 lines
6.3 KiB

/* SPDX-License-Identifier: BSD-2-Clause */
/***********************************************************************
* Copyright (c) 2017-2018, Intel Corporation
*
* All rights reserved.
***********************************************************************/
#ifndef TEST_INTEGRATION_SAPI_UTIL_H
#define TEST_INTEGRATION_SAPI_UTIL_H
#include "tss2_tpm2_types.h"
#include "tss2_sys.h"
#include "util/tpm2b.h"
/*
* This macro is like the GNU TEMP_FAILURE_RETRY macro for the
* TPM2_RC_RETRY response code.
*/
#define TSS2_RETRY_EXP(expression) \
({ \
TSS2_RC __result = 0; \
do { \
__result = (expression); \
} while ((__result & 0x0000ffff) == TPM2_RC_RETRY); \
__result; \
})
/*
* tpm2b default initializers, these set the size to the max for the default
* structure and zero's the data area.
*/
#define TPM2B_SIZE(type) (sizeof (type) - 2)
#define TPM2B_NAMED_INIT(type, field) \
{ \
.size = TPM2B_SIZE (type), \
.field = { 0 } \
}
#define TPM2B_DIGEST_INIT TPM2B_NAMED_INIT (TPM2B_DIGEST, buffer)
#define TPM2B_NAME_INIT TPM2B_NAMED_INIT (TPM2B_NAME, name)
#define TPM2B_PRIVATE_INIT TPM2B_NAMED_INIT (TPM2B_PRIVATE, buffer)
#define TPM2B_MAX_BUFFER_INIT { .size = TPM2_MAX_DIGEST_BUFFER }
#define TPM2B_IV_INIT { .size = TPM2_MAX_SYM_BLOCK_SIZE }
#define BUFFER_SIZE(type, field) (sizeof((((type *)NULL)->t.field)))
#define TPM2B_TYPE_INIT(type, field) { .size = BUFFER_SIZE(type, field), }
/*
* Use te provide SAPI context to create & load a primary key. The key will
* be a 2048 bit (restricted decryption) RSA key. The associated symmetric
* key is a 128 bit AES (CFB mode) key.
*/
TSS2_RC
create_primary_rsa_2048_aes_128_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPM2_HANDLE *handle);
/*
* This function creates a 128 bit symmetric AES key in cbc mode. This key will
* be created as the child of the parameter 'handle_parent'. The handle for the
* newly created AND loaded key is returned in the parameter 'handle'.
*/
TSS2_RC
create_aes_128_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPM2_HANDLE handle_parent,
TPM2_HANDLE *handle);
/*
* This function creates a RSA key of KEYEDHASH type.
*/
TSS2_RC
create_keyedhash_key (
TSS2_SYS_CONTEXT *sapi_context,
TPM2_HANDLE handle_parent,
TPM2_HANDLE *handle);
/*
* This function will decrypt or encrypt the 'data_in' buffer and return the
* results in the 'data_out' parameter. Decrypt or encrypt is selected using
* the 'decrypt' TPMI_YES_NO parameter. The key used for the operation is
* provided in the 'handle' parameter.
* Under the covers this function uses an IV of all zeros and so it can not
* be used for streaming. It can only be used to encrypt or decrypt a single
* buffer. This function uses tpm to perform encryption.
*/
TSS2_RC
tpm_encrypt_decrypt_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPMI_DH_OBJECT handle,
TPMI_YES_NO decrypt,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *data_out);
/*
* This is a convenience wrapper around the encrypt_decrypt_cfb function.
* This function uses tpm to perform encryption.
*/
TSS2_RC
tpm_encrypt_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPMI_DH_OBJECT handle,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *data_out);
/*
* This is a convenience wrapper around the encrypt_decrypt_cfb function.
* This function uses tpm to perform encryption.
*/
TSS2_RC
tpm_decrypt_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPMI_DH_OBJECT handle,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *data_out);
/*
* This function is identical to the encrypt_decrypt_cfb function but under
* the covers it uses the EncryptDecrypt2 function instead of EncryptDecrypt.
* This function uses tpm to perform encryption.
*/
TSS2_RC
tpm_encrypt_decrypt_2_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPMI_DH_OBJECT handle,
TPMI_YES_NO decrypt,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *data_out);
/*
* This is a convenience wrapper around the encrypt_decrypt_2_cfb function.
* This function uses tpm to perform encryption.
*/
TSS2_RC
tpm_encrypt_2_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPMI_DH_OBJECT handle,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *data_out);
/*
* This is a convenience wrapper around the encrypt_decrypt_2_cfb function.
* This function uses tpm to perform encryption.
*/
TSS2_RC
tpm_decrypt_2_cfb (
TSS2_SYS_CONTEXT *sapi_context,
TPMI_DH_OBJECT handle,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *data_out);
/*
* This helper function uses software to perform decryption.
*/
TSS2_RC
decrypt_cfb (
TPM2B_MAX_BUFFER *data_out,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *key,
TPM2B_IV *iv);
/*
* This helper function uses software to perform encryption.
*/
TSS2_RC
encrypt_cfb (
TPM2B_MAX_BUFFER *data_out,
TPM2B_MAX_BUFFER *data_in,
TPM2B_MAX_BUFFER *key,
TPM2B_IV *iv);
/*
* This is a helper function for digest calculation.
* alg can be TPM2_ALG_SHA1, TPM2_ALG_SHA256, TPM2_ALG_SHA384,
* and TPM2_ALG_SHA512
*/
TSS2_RC
hash (
TPM2_ALG_ID alg,
const void *data,
int size,
TPM2B_DIGEST *out);
/*
* This is a helper function for calculating HMAC.
* alg can be TPM2_ALG_SHA1, TPM2_ALG_SHA256, TPM2_ALG_SHA384,
* and TPM2_ALG_SHA512
*/
TSS2_RC
hmac(
TPM2_ALG_ID alg,
const void *key,
int key_len,
TPM2B_DIGEST **buffer_list,
TPM2B_DIGEST *out);
/*
* Returns digest size for a give hash alg
*/
UINT16
GetDigestSize(TPM2_ALG_ID hash);
TSS2_RC
CompareSizedByteBuffer(
TPM2B *buffer1,
TPM2B *buffer2);
TSS2_RC
ConcatSizedByteBuffer(
TPM2B_MAX_BUFFER *result,
TPM2B *buf);
void
CatSizedByteBuffer(
TPM2B *dest,
TPM2B *src);
UINT16
CopySizedByteBuffer(
TPM2B *dest,
const TPM2B *src);
TSS2_RC
DefineNvIndex (
TSS2_SYS_CONTEXT *sys_ctx,
TPMI_RH_PROVISION authHandle,
TPM2B_AUTH *auth,
const TPM2B_DIGEST *authPolicy,
TPMI_RH_NV_INDEX nvIndex,
TPMI_ALG_HASH nameAlg,
TPMA_NV attributes,
UINT16 size);
#endif /* TEST_INTEGRATION_SAPI_UTIL_H */