You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
141 lines
3.1 KiB
141 lines
3.1 KiB
/* SPDX-License-Identifier: BSD-2-Clause */
|
|
/***********************************************************************
|
|
* Copyright (c) 2017-2018, Intel Corporation
|
|
*
|
|
* All rights reserved.
|
|
***********************************************************************/
|
|
#ifndef _SESSION_UTIL_H_
|
|
#define _SESSION_UTIL_H_
|
|
|
|
#include <stdbool.h>
|
|
#include <uthash.h>
|
|
#include "tss2_tpm2_types.h"
|
|
#include "tss2_sys.h"
|
|
#include "util/tpm2b.h"
|
|
|
|
typedef struct {
|
|
TPMI_DH_OBJECT tpmKey;
|
|
TPMI_DH_ENTITY bind;
|
|
TPM2B_ENCRYPTED_SECRET encryptedSalt;
|
|
TPM2B_MAX_BUFFER salt;
|
|
TPM2_SE sessionType;
|
|
TPMT_SYM_DEF symmetric;
|
|
TPMI_ALG_HASH authHash;
|
|
TPMI_SH_AUTH_SESSION sessionHandle;
|
|
TPM2B_NONCE nonceTPM;
|
|
TPM2B_DIGEST sessionKey;
|
|
TPM2B_DIGEST authValueBind;
|
|
TPM2B_NONCE nonceNewer;
|
|
TPM2B_NONCE nonceOlder;
|
|
TPM2B_NONCE nonceTpmDecrypt;
|
|
TPM2B_NONCE nonceTpmEncrypt;
|
|
TPM2B_NAME name;
|
|
void *hmacPtr;
|
|
UT_hash_handle hh;
|
|
} SESSION;
|
|
|
|
typedef struct{
|
|
TPM2_HANDLE entityHandle;
|
|
TPM2B_AUTH entityAuth;
|
|
UT_hash_handle hh;
|
|
} ENTITY;
|
|
|
|
/*
|
|
* Helper function used to calculate cpHash and rpHash
|
|
* if command is true cpHash is calculated,
|
|
* otherwise rpHash rpHash is calculated.
|
|
*/
|
|
TSS2_RC
|
|
tpm_calc_phash(
|
|
TSS2_SYS_CONTEXT *sysContext,
|
|
TPM2_HANDLE handle1,
|
|
TPM2_HANDLE handle2,
|
|
TPM2_HANDLE handle3,
|
|
TPMI_ALG_HASH auth_hash,
|
|
bool command,
|
|
TPM2B_DIGEST *result);
|
|
|
|
UINT32
|
|
tpm_handle_to_name(
|
|
TSS2_TCTI_CONTEXT *tcti_context,
|
|
TPM2_HANDLE handle,
|
|
TPM2B_NAME *name);
|
|
|
|
void
|
|
roll_nonces(
|
|
SESSION *session,
|
|
TPM2B_NONCE *new_nonce);
|
|
|
|
TSS2_RC
|
|
KDFa(TPMI_ALG_HASH hash,
|
|
TPM2B *key,
|
|
const char *label,
|
|
TPM2B *contextU,
|
|
TPM2B *contextV,
|
|
UINT16 bits,
|
|
TPM2B_MAX_BUFFER *resultKey );
|
|
|
|
SESSION *
|
|
get_session(TPMI_SH_AUTH_SESSION hndl);
|
|
|
|
TSS2_RC create_auth_session(
|
|
SESSION **psession,
|
|
TPMI_DH_OBJECT tpmKey,
|
|
TPM2B_MAX_BUFFER *salt,
|
|
TPMI_DH_ENTITY bind,
|
|
TPM2B_AUTH *bindAuth,
|
|
TPM2B_NONCE *nonceCaller,
|
|
TPM2B_ENCRYPTED_SECRET *encryptedSalt,
|
|
TPM2_SE sessionType,
|
|
TPMT_SYM_DEF *symmetric,
|
|
TPMI_ALG_HASH algId,
|
|
TSS2_TCTI_CONTEXT *tctiContext);
|
|
|
|
TSS2_RC
|
|
compute_command_hmac(
|
|
TSS2_SYS_CONTEXT *sysContext,
|
|
TPM2_HANDLE handle1,
|
|
TPM2_HANDLE handle2,
|
|
TPM2_HANDLE handle3,
|
|
TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn);
|
|
|
|
TSS2_RC
|
|
check_response_hmac(
|
|
TSS2_SYS_CONTEXT *sysContext,
|
|
TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn,
|
|
TPM2_HANDLE handle1,
|
|
TPM2_HANDLE handle2,
|
|
TPM2_HANDLE handle3,
|
|
TSS2L_SYS_AUTH_RESPONSE *pSessionsDataOut);
|
|
|
|
void
|
|
end_auth_session(SESSION *session);
|
|
|
|
int
|
|
AddEntity(TPM2_HANDLE handle, TPM2B_AUTH *auth);
|
|
|
|
void
|
|
DeleteEntity(TPM2_HANDLE handle);
|
|
|
|
int
|
|
GetEntityAuth(TPM2_HANDLE handle, TPM2B_AUTH *auth);
|
|
|
|
ENTITY *
|
|
GetEntity(TPM2_HANDLE handle);
|
|
|
|
TSS2_RC
|
|
encrypt_command_param(
|
|
SESSION *session,
|
|
TPM2B_MAX_BUFFER *encryptedData,
|
|
TPM2B_MAX_BUFFER *clearData,
|
|
TPM2B_AUTH *authValue);
|
|
|
|
TSS2_RC
|
|
decrypt_response_param(
|
|
SESSION *session,
|
|
TPM2B_MAX_BUFFER *clearData,
|
|
TPM2B_MAX_BUFFER *encryptedData,
|
|
TPM2B_AUTH *authValue);
|
|
|
|
#endif
|