Skip to content
Snippets Groups Projects
Normal view Permalink
tpm.c 29.2 KiB
Newer Older
  • Learn to ignore specific revisions
    • Miquel Raynal's avatar
    tpm: align arguments with open parenthesis  
    Miquel Raynal committed
    1001 
    		     - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len)
    Reinhard Pfau's avatar
    tpm: add AUTH1 cmds for LoadKey2 and GetPubKey  
    Reinhard Pfau committed
    1002 1003 1004 1005 1006 1007 1008 1009 1010 1011 1012 
    			return TPM_LIB_ERROR;
		*pubkey_len = response_length - TPM_RESPONSE_HEADER_LENGTH
			- TPM_RESPONSE_AUTH_LENGTH;
		memcpy(pubkey, response + res_pubkey_offset,
		       response_length - TPM_RESPONSE_HEADER_LENGTH
		       - TPM_RESPONSE_AUTH_LENGTH);
	}

	return 0;
}
    mario.six@gdsys.cc's avatar
    tpm: Add function to load keys via their parent's SHA1 hash  
    mario.six@gdsys.cc committed
    1013 
    #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
    Miquel Raynal's avatar
    tpm: substitute deprecated uint<x>_t types with their u<x> equivalent  
    Miquel Raynal committed
    1014 1015 
    u32 tpm_find_key_sha1(const u8 auth[20], const u8 pubkey_digest[20],
		      u32 *handle)
    mario.six@gdsys.cc's avatar
    tpm: Add function to load keys via their parent's SHA1 hash  
    mario.six@gdsys.cc committed
    1016 
    {
    Miquel Raynal's avatar
    tpm: substitute deprecated uint<x>_t types with their u<x> equivalent  
    Miquel Raynal committed
    1017 1018 1019 1020 1021 1022 
    	u16 key_count;
	u32 key_handles[10];
	u8 buf[288];
	u8 *ptr;
	u32 err;
	u8 digest[20];
    mario.six@gdsys.cc's avatar
    tpm: Add function to load keys via their parent's SHA1 hash  
    mario.six@gdsys.cc committed
    1023 1024 1025 1026 1027 1028 1029 1030 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 
    	size_t buf_len;
	unsigned int i;

	/* fetch list of already loaded keys in the TPM */
	err = tpm_get_capability(TPM_CAP_HANDLE, TPM_RT_KEY, buf, sizeof(buf));
	if (err)
		return -1;
	key_count = get_unaligned_be16(buf);
	ptr = buf + 2;
	for (i = 0; i < key_count; ++i, ptr += 4)
		key_handles[i] = get_unaligned_be32(ptr);

	/* now search a(/ the) key which we can access with the given auth */
	for (i = 0; i < key_count; ++i) {
		buf_len = sizeof(buf);
		err = tpm_get_pub_key_oiap(key_handles[i], auth, buf, &buf_len);
		if (err && err != TPM_AUTHFAIL)
			return -1;
		if (err)
			continue;
		sha1_csum(buf, buf_len, digest);
		if (!memcmp(digest, pubkey_digest, 20)) {
			*handle = key_handles[i];
			return 0;
		}
	}
	return 1;
}
#endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */
    Reinhard Pfau's avatar
    tpm: add AUTH1 cmds for LoadKey2 and GetPubKey  
    Reinhard Pfau committed
    1053 
    #endif /* CONFIG_TPM_AUTH_SESSIONS */
    André Draszik's avatar
    tpm: add tpm_get_random()  
    André Draszik committed
    1054
    Miquel Raynal's avatar
    tpm: substitute deprecated uint<x>_t types with their u<x> equivalent  
    Miquel Raynal committed
    1055 
    u32 tpm_get_random(void *data, u32 count)
    André Draszik's avatar
    tpm: add tpm_get_random()  
    André Draszik committed
    1056 
    {
    Miquel Raynal's avatar
    tpm: substitute deprecated uint<x>_t types with their u<x> equivalent  
    Miquel Raynal committed
    1057 
    	const u8 command[14] = {
    André Draszik's avatar
    tpm: add tpm_get_random()  
    André Draszik committed
    1058 1059 1060 1061 1062 1063 1064 
    		0x0, 0xc1,		/* TPM_TAG */
		0x0, 0x0, 0x0, 0xe,	/* parameter size */
		0x0, 0x0, 0x0, 0x46,	/* TPM_COMMAND_CODE */
	};
	const size_t length_offset = 10;
	const size_t data_size_offset = 10;
	const size_t data_offset = 14;
    Miquel Raynal's avatar
    tpm: substitute deprecated uint<x>_t types with their u<x> equivalent  
    Miquel Raynal committed
    1065 
    	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
    André Draszik's avatar
    tpm: add tpm_get_random()  
    André Draszik committed
    1066 
    	size_t response_length = sizeof(response);
    Miquel Raynal's avatar
    tpm: substitute deprecated uint<x>_t types with their u<x> equivalent  
    Miquel Raynal committed
    1067 1068 
    	u32 data_size;
	u8 *out = data;
    André Draszik's avatar
    tpm: add tpm_get_random()  
    André Draszik committed
    1069 1070 
    
	while (count > 0) {
    Miquel Raynal's avatar
    tpm: substitute deprecated uint<x>_t types with their u<x> equivalent  
    Miquel Raynal committed
    1071 1072 1073 
    		u32 this_bytes = min((size_t)count,
				     sizeof(response) - data_offset);
		u32 err;
    André Draszik's avatar
    tpm: add tpm_get_random()  
    André Draszik committed
    1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092 1093 1094 1095 1096 
    
		if (pack_byte_string(buf, sizeof(buf), "sd",
				     0, command, sizeof(command),
				     length_offset, this_bytes))
			return TPM_LIB_ERROR;
		err = tpm_sendrecv_command(buf, response, &response_length);
		if (err)
			return err;
		if (unpack_byte_string(response, response_length, "d",
				       data_size_offset, &data_size))
			return TPM_LIB_ERROR;
		if (data_size > count)
			return TPM_LIB_ERROR;
		if (unpack_byte_string(response, response_length, "s",
				       data_offset, out, data_size))
			return TPM_LIB_ERROR;

		count -= data_size;
		out += data_size;
	}

	return 0;
}
    Show full blame