1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (c) 2013 The Chromium OS Authors.
4 * Coypright (c) 2013 Guntermann & Drunck GmbH
7 #define LOG_CATEGORY UCLASS_TPM
11 #include <asm/unaligned.h>
12 #include <u-boot/sha1.h>
13 #include <tpm-common.h>
15 #include "tpm-utils.h"
17 #ifdef CONFIG_TPM_AUTH_SESSIONS
20 #error "TPM_AUTH_SESSIONS require SHA1 to be configured, too"
21 #endif /* !CONFIG_SHA1 */
26 u8 nonce_even
[DIGEST_LENGTH
];
27 u8 nonce_odd
[DIGEST_LENGTH
];
30 static struct session_data oiap_session
= {0, };
32 #endif /* CONFIG_TPM_AUTH_SESSIONS */
34 u32
tpm_startup(struct udevice
*dev
, enum tpm_startup_type mode
)
36 const u8 command
[12] = {
37 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0,
39 const size_t mode_offset
= 10;
40 u8 buf
[COMMAND_BUFFER_SIZE
];
42 if (pack_byte_string(buf
, sizeof(buf
), "sw",
43 0, command
, sizeof(command
),
47 return tpm_sendrecv_command(dev
, buf
, NULL
, NULL
);
50 u32
tpm_resume(struct udevice
*dev
)
52 return tpm_startup(dev
, TPM_ST_STATE
);
55 u32
tpm_self_test_full(struct udevice
*dev
)
57 const u8 command
[10] = {
58 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50,
60 return tpm_sendrecv_command(dev
, command
, NULL
, NULL
);
63 u32
tpm_continue_self_test(struct udevice
*dev
)
65 const u8 command
[10] = {
66 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53,
68 return tpm_sendrecv_command(dev
, command
, NULL
, NULL
);
71 u32
tpm_clear_and_reenable(struct udevice
*dev
)
75 log_info("TPM: Clear and re-enable\n");
76 ret
= tpm_force_clear(dev
);
77 if (ret
!= TPM_SUCCESS
) {
78 log_err("Can't initiate a force clear\n");
82 if (tpm_get_version(dev
) == TPM_V1
) {
83 ret
= tpm_physical_enable(dev
);
84 if (ret
!= TPM_SUCCESS
) {
85 log_err("TPM: Can't set enabled state\n");
89 ret
= tpm_physical_set_deactivated(dev
, 0);
90 if (ret
!= TPM_SUCCESS
) {
91 log_err("TPM: Can't set deactivated state\n");
99 u32
tpm_nv_define_space(struct udevice
*dev
, u32 index
, u32 perm
, u32 size
)
101 const u8 command
[101] = {
102 0x0, 0xc1, /* TPM_TAG */
103 0x0, 0x0, 0x0, 0x65, /* parameter size */
104 0x0, 0x0, 0x0, 0xcc, /* TPM_COMMAND_CODE */
105 /* TPM_NV_DATA_PUBLIC->... */
106 0x0, 0x18, /* ...->TPM_STRUCTURE_TAG */
107 0, 0, 0, 0, /* ...->TPM_NV_INDEX */
108 /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */
112 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
113 /* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */
117 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
118 /* TPM_NV_ATTRIBUTES->... */
119 0x0, 0x17, /* ...->TPM_STRUCTURE_TAG */
120 0, 0, 0, 0, /* ...->attributes */
121 /* End of TPM_NV_ATTRIBUTES */
122 0, /* bReadSTClear */
123 0, /* bWriteSTClear */
124 0, /* bWriteDefine */
125 0, 0, 0, 0, /* size */
127 const size_t index_offset
= 12;
128 const size_t perm_offset
= 70;
129 const size_t size_offset
= 77;
130 u8 buf
[COMMAND_BUFFER_SIZE
];
132 if (pack_byte_string(buf
, sizeof(buf
), "sddd",
133 0, command
, sizeof(command
),
137 return TPM_LIB_ERROR
;
139 return tpm_sendrecv_command(dev
, buf
, NULL
, NULL
);
142 u32
tpm_nv_set_locked(struct udevice
*dev
)
144 return tpm_nv_define_space(dev
, TPM_NV_INDEX_LOCK
, 0, 0);
147 u32
tpm_nv_read_value(struct udevice
*dev
, u32 index
, void *data
, u32 count
)
149 const u8 command
[22] = {
150 0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf,
152 const size_t index_offset
= 10;
153 const size_t length_offset
= 18;
154 const size_t data_size_offset
= 10;
155 const size_t data_offset
= 14;
156 u8 buf
[COMMAND_BUFFER_SIZE
], response
[COMMAND_BUFFER_SIZE
];
157 size_t response_length
= sizeof(response
);
161 if (pack_byte_string(buf
, sizeof(buf
), "sdd",
162 0, command
, sizeof(command
),
164 length_offset
, count
))
165 return TPM_LIB_ERROR
;
166 err
= tpm_sendrecv_command(dev
, buf
, response
, &response_length
);
169 if (unpack_byte_string(response
, response_length
, "d",
170 data_size_offset
, &data_size
))
171 return TPM_LIB_ERROR
;
172 if (data_size
> count
)
173 return TPM_LIB_ERROR
;
174 if (unpack_byte_string(response
, response_length
, "s",
175 data_offset
, data
, data_size
))
176 return TPM_LIB_ERROR
;
181 u32
tpm_nv_write_value(struct udevice
*dev
, u32 index
, const void *data
,
184 const u8 command
[256] = {
185 0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd,
187 const size_t command_size_offset
= 2;
188 const size_t index_offset
= 10;
189 const size_t length_offset
= 18;
190 const size_t data_offset
= 22;
191 const size_t write_info_size
= 12;
192 const u32 total_length
=
193 TPM_REQUEST_HEADER_LENGTH
+ write_info_size
+ length
;
194 u8 buf
[COMMAND_BUFFER_SIZE
], response
[COMMAND_BUFFER_SIZE
];
195 size_t response_length
= sizeof(response
);
198 if (pack_byte_string(buf
, sizeof(buf
), "sddds",
199 0, command
, sizeof(command
),
200 command_size_offset
, total_length
,
202 length_offset
, length
,
203 data_offset
, data
, length
))
204 return TPM_LIB_ERROR
;
205 err
= tpm_sendrecv_command(dev
, buf
, response
, &response_length
);
212 uint32_t tpm_set_global_lock(struct udevice
*dev
)
214 return tpm_nv_write_value(dev
, TPM_NV_INDEX_0
, NULL
, 0);
217 u32
tpm_extend(struct udevice
*dev
, u32 index
, const void *in_digest
,
220 const u8 command
[34] = {
221 0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14,
223 const size_t index_offset
= 10;
224 const size_t in_digest_offset
= 14;
225 const size_t out_digest_offset
= 10;
226 u8 buf
[COMMAND_BUFFER_SIZE
];
227 u8 response
[TPM_RESPONSE_HEADER_LENGTH
+ PCR_DIGEST_LENGTH
];
228 size_t response_length
= sizeof(response
);
231 if (pack_byte_string(buf
, sizeof(buf
), "sds",
232 0, command
, sizeof(command
),
234 in_digest_offset
, in_digest
,
236 return TPM_LIB_ERROR
;
237 err
= tpm_sendrecv_command(dev
, buf
, response
, &response_length
);
241 if (unpack_byte_string(response
, response_length
, "s",
242 out_digest_offset
, out_digest
,
244 return TPM_LIB_ERROR
;
249 u32
tpm_pcr_read(struct udevice
*dev
, u32 index
, void *data
, size_t count
)
251 const u8 command
[14] = {
252 0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15,
254 const size_t index_offset
= 10;
255 const size_t out_digest_offset
= 10;
256 u8 buf
[COMMAND_BUFFER_SIZE
], response
[COMMAND_BUFFER_SIZE
];
257 size_t response_length
= sizeof(response
);
260 if (count
< PCR_DIGEST_LENGTH
)
261 return TPM_LIB_ERROR
;
263 if (pack_byte_string(buf
, sizeof(buf
), "sd",
264 0, command
, sizeof(command
),
265 index_offset
, index
))
266 return TPM_LIB_ERROR
;
267 err
= tpm_sendrecv_command(dev
, buf
, response
, &response_length
);
270 if (unpack_byte_string(response
, response_length
, "s",
271 out_digest_offset
, data
, PCR_DIGEST_LENGTH
))
272 return TPM_LIB_ERROR
;
277 u32
tpm_tsc_physical_presence(struct udevice
*dev
, u16 presence
)
279 const u8 command
[12] = {
280 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0,
282 const size_t presence_offset
= 10;
283 u8 buf
[COMMAND_BUFFER_SIZE
];
285 if (pack_byte_string(buf
, sizeof(buf
), "sw",
286 0, command
, sizeof(command
),
287 presence_offset
, presence
))
288 return TPM_LIB_ERROR
;
290 return tpm_sendrecv_command(dev
, buf
, NULL
, NULL
);
293 u32
tpm_finalise_physical_presence(struct udevice
*dev
)
295 const u8 command
[12] = {
296 0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x2, 0xa0,
299 return tpm_sendrecv_command(dev
, command
, NULL
, NULL
);
302 u32
tpm_read_pubek(struct udevice
*dev
, void *data
, size_t count
)
304 const u8 command
[30] = {
305 0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c,
307 const size_t response_size_offset
= 2;
308 const size_t data_offset
= 10;
309 const size_t header_and_checksum_size
= TPM_RESPONSE_HEADER_LENGTH
+ 20;
310 u8 response
[COMMAND_BUFFER_SIZE
+ TPM_PUBEK_SIZE
];
311 size_t response_length
= sizeof(response
);
315 err
= tpm_sendrecv_command(dev
, command
, response
, &response_length
);
318 if (unpack_byte_string(response
, response_length
, "d",
319 response_size_offset
, &data_size
))
320 return TPM_LIB_ERROR
;
321 if (data_size
< header_and_checksum_size
)
322 return TPM_LIB_ERROR
;
323 data_size
-= header_and_checksum_size
;
324 if (data_size
> count
)
325 return TPM_LIB_ERROR
;
326 if (unpack_byte_string(response
, response_length
, "s",
327 data_offset
, data
, data_size
))
328 return TPM_LIB_ERROR
;
333 u32
tpm_force_clear(struct udevice
*dev
)
335 const u8 command
[10] = {
336 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d,
339 return tpm_sendrecv_command(dev
, command
, NULL
, NULL
);
342 u32
tpm_physical_enable(struct udevice
*dev
)
344 const u8 command
[10] = {
345 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f,
348 return tpm_sendrecv_command(dev
, command
, NULL
, NULL
);
351 u32
tpm_physical_disable(struct udevice
*dev
)
353 const u8 command
[10] = {
354 0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70,
357 return tpm_sendrecv_command(dev
, command
, NULL
, NULL
);
360 u32
tpm_physical_set_deactivated(struct udevice
*dev
, u8 state
)
362 const u8 command
[11] = {
363 0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72,
365 const size_t state_offset
= 10;
366 u8 buf
[COMMAND_BUFFER_SIZE
];
368 if (pack_byte_string(buf
, sizeof(buf
), "sb",
369 0, command
, sizeof(command
),
370 state_offset
, state
))
371 return TPM_LIB_ERROR
;
373 return tpm_sendrecv_command(dev
, buf
, NULL
, NULL
);
376 u32
tpm_get_capability(struct udevice
*dev
, u32 cap_area
, u32 sub_cap
,
377 void *cap
, size_t count
)
379 const u8 command
[22] = {
380 0x0, 0xc1, /* TPM_TAG */
381 0x0, 0x0, 0x0, 0x16, /* parameter size */
382 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */
383 0x0, 0x0, 0x0, 0x0, /* TPM_CAPABILITY_AREA */
384 0x0, 0x0, 0x0, 0x4, /* subcap size */
385 0x0, 0x0, 0x0, 0x0, /* subcap value */
387 const size_t cap_area_offset
= 10;
388 const size_t sub_cap_offset
= 18;
389 const size_t cap_offset
= 14;
390 const size_t cap_size_offset
= 10;
391 u8 buf
[COMMAND_BUFFER_SIZE
], response
[COMMAND_BUFFER_SIZE
];
392 size_t response_length
= sizeof(response
);
396 if (pack_byte_string(buf
, sizeof(buf
), "sdd",
397 0, command
, sizeof(command
),
398 cap_area_offset
, cap_area
,
399 sub_cap_offset
, sub_cap
))
400 return TPM_LIB_ERROR
;
401 err
= tpm_sendrecv_command(dev
, buf
, response
, &response_length
);
404 if (unpack_byte_string(response
, response_length
, "d",
405 cap_size_offset
, &cap_size
))
406 return TPM_LIB_ERROR
;
407 if (cap_size
> response_length
|| cap_size
> count
)
408 return TPM_LIB_ERROR
;
409 if (unpack_byte_string(response
, response_length
, "s",
410 cap_offset
, cap
, cap_size
))
411 return TPM_LIB_ERROR
;
416 u32
tpm_get_permanent_flags(struct udevice
*dev
,
417 struct tpm_permanent_flags
*pflags
)
419 const u8 command
[22] = {
420 0x0, 0xc1, /* TPM_TAG */
421 0x0, 0x0, 0x0, 0x16, /* parameter size */
422 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */
423 0x0, 0x0, 0x0, 0x4, /* TPM_CAP_FLAG_PERM */
424 0x0, 0x0, 0x0, 0x4, /* subcap size */
425 0x0, 0x0, 0x1, 0x8, /* subcap value */
427 const size_t data_size_offset
= TPM_HEADER_SIZE
;
428 const size_t data_offset
= TPM_HEADER_SIZE
+ sizeof(u32
);
429 u8 response
[COMMAND_BUFFER_SIZE
];
430 size_t response_length
= sizeof(response
);
434 err
= tpm_sendrecv_command(dev
, command
, response
, &response_length
);
437 if (unpack_byte_string(response
, response_length
, "d",
438 data_size_offset
, &data_size
)) {
439 log_err("Cannot unpack data size\n");
440 return TPM_LIB_ERROR
;
442 if (data_size
< sizeof(*pflags
)) {
443 log_err("Data size too small\n");
444 return TPM_LIB_ERROR
;
446 if (unpack_byte_string(response
, response_length
, "s",
447 data_offset
, pflags
, sizeof(*pflags
))) {
448 log_err("Cannot unpack pflags\n");
449 return TPM_LIB_ERROR
;
455 u32
tpm_get_permissions(struct udevice
*dev
, u32 index
, u32
*perm
)
457 const u8 command
[22] = {
458 0x0, 0xc1, /* TPM_TAG */
459 0x0, 0x0, 0x0, 0x16, /* parameter size */
460 0x0, 0x0, 0x0, 0x65, /* TPM_COMMAND_CODE */
464 const size_t index_offset
= 18;
465 const size_t perm_offset
= 60;
466 u8 buf
[COMMAND_BUFFER_SIZE
], response
[COMMAND_BUFFER_SIZE
];
467 size_t response_length
= sizeof(response
);
470 if (pack_byte_string(buf
, sizeof(buf
), "d", 0, command
, sizeof(command
),
471 index_offset
, index
))
472 return TPM_LIB_ERROR
;
473 err
= tpm_sendrecv_command(dev
, buf
, response
, &response_length
);
476 if (unpack_byte_string(response
, response_length
, "d",
478 return TPM_LIB_ERROR
;
483 #ifdef CONFIG_TPM_FLUSH_RESOURCES
484 u32
tpm_flush_specific(struct udevice
*dev
, u32 key_handle
, u32 resource_type
)
486 const u8 command
[18] = {
487 0x00, 0xc1, /* TPM_TAG */
488 0x00, 0x00, 0x00, 0x12, /* parameter size */
489 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */
490 0x00, 0x00, 0x00, 0x00, /* key handle */
491 0x00, 0x00, 0x00, 0x00, /* resource type */
493 const size_t key_handle_offset
= 10;
494 const size_t resource_type_offset
= 14;
495 u8 buf
[COMMAND_BUFFER_SIZE
], response
[COMMAND_BUFFER_SIZE
];
496 size_t response_length
= sizeof(response
);
499 if (pack_byte_string(buf
, sizeof(buf
), "sdd",
500 0, command
, sizeof(command
),
501 key_handle_offset
, key_handle
,
502 resource_type_offset
, resource_type
))
503 return TPM_LIB_ERROR
;
505 err
= tpm_sendrecv_command(dev
, buf
, response
, &response_length
);
510 #endif /* CONFIG_TPM_FLUSH_RESOURCES */
512 #ifdef CONFIG_TPM_AUTH_SESSIONS
515 * Fill an authentication block in a request.
516 * This func can create the first as well as the second auth block (for
517 * double authorized commands).
519 * @param request pointer to the request (w/ uninitialised auth data)
520 * @param request_len0 length of the request without auth data
521 * @param handles_len length of the handles area in request
522 * @param auth_session pointer to the (valid) auth session to be used
523 * @param request_auth pointer to the auth block of the request to be filled
524 * @param auth authentication data (HMAC key)
526 static u32
create_request_auth(const void *request
, size_t request_len0
,
528 struct session_data
*auth_session
,
529 void *request_auth
, const void *auth
)
531 u8 hmac_data
[DIGEST_LENGTH
* 3 + 1];
532 sha1_context hash_ctx
;
533 const size_t command_code_offset
= 6;
534 const size_t auth_nonce_odd_offset
= 4;
535 const size_t auth_continue_offset
= 24;
536 const size_t auth_auth_offset
= 25;
538 if (!auth_session
|| !auth_session
->valid
)
539 return TPM_LIB_ERROR
;
541 sha1_starts(&hash_ctx
);
542 sha1_update(&hash_ctx
, request
+ command_code_offset
, 4);
543 if (request_len0
> TPM_REQUEST_HEADER_LENGTH
+ handles_len
)
544 sha1_update(&hash_ctx
,
545 request
+ TPM_REQUEST_HEADER_LENGTH
+ handles_len
,
546 request_len0
- TPM_REQUEST_HEADER_LENGTH
548 sha1_finish(&hash_ctx
, hmac_data
);
550 sha1_starts(&hash_ctx
);
551 sha1_update(&hash_ctx
, auth_session
->nonce_odd
, DIGEST_LENGTH
);
552 sha1_update(&hash_ctx
, hmac_data
, sizeof(hmac_data
));
553 sha1_finish(&hash_ctx
, auth_session
->nonce_odd
);
555 if (pack_byte_string(request_auth
, TPM_REQUEST_AUTH_LENGTH
, "dsb",
556 0, auth_session
->handle
,
557 auth_nonce_odd_offset
, auth_session
->nonce_odd
,
559 auth_continue_offset
, 1))
560 return TPM_LIB_ERROR
;
561 if (pack_byte_string(hmac_data
, sizeof(hmac_data
), "ss",
563 auth_session
->nonce_even
,
566 request_auth
+ auth_nonce_odd_offset
,
568 return TPM_LIB_ERROR
;
569 sha1_hmac(auth
, DIGEST_LENGTH
, hmac_data
, sizeof(hmac_data
),
570 request_auth
+ auth_auth_offset
);
576 * Verify an authentication block in a response.
577 * Since this func updates the nonce_even in the session data it has to be
578 * called when receiving a succesfull AUTH response.
579 * This func can verify the first as well as the second auth block (for
580 * double authorized commands).
582 * @param command_code command code of the request
583 * @param response pointer to the request (w/ uninitialised auth data)
584 * @param handles_len length of the handles area in response
585 * @param auth_session pointer to the (valid) auth session to be used
586 * @param response_auth pointer to the auth block of the response to be verified
587 * @param auth authentication data (HMAC key)
589 static u32
verify_response_auth(u32 command_code
, const void *response
,
590 size_t response_len0
, size_t handles_len
,
591 struct session_data
*auth_session
,
592 const void *response_auth
, const void *auth
)
594 u8 hmac_data
[DIGEST_LENGTH
* 3 + 1];
595 u8 computed_auth
[DIGEST_LENGTH
];
596 sha1_context hash_ctx
;
597 const size_t return_code_offset
= 6;
598 const size_t auth_continue_offset
= 20;
599 const size_t auth_auth_offset
= 21;
602 if (!auth_session
|| !auth_session
->valid
)
604 if (pack_byte_string(hmac_data
, sizeof(hmac_data
), "d",
606 return TPM_LIB_ERROR
;
607 if (response_len0
< TPM_RESPONSE_HEADER_LENGTH
)
608 return TPM_LIB_ERROR
;
610 sha1_starts(&hash_ctx
);
611 sha1_update(&hash_ctx
, response
+ return_code_offset
, 4);
612 sha1_update(&hash_ctx
, hmac_data
, 4);
613 if (response_len0
> TPM_RESPONSE_HEADER_LENGTH
+ handles_len
)
614 sha1_update(&hash_ctx
,
615 response
+ TPM_RESPONSE_HEADER_LENGTH
+ handles_len
,
616 response_len0
- TPM_RESPONSE_HEADER_LENGTH
618 sha1_finish(&hash_ctx
, hmac_data
);
620 memcpy(auth_session
->nonce_even
, response_auth
, DIGEST_LENGTH
);
621 auth_continue
= ((u8
*)response_auth
)[auth_continue_offset
];
622 if (pack_byte_string(hmac_data
, sizeof(hmac_data
), "ssb",
627 auth_session
->nonce_odd
,
631 return TPM_LIB_ERROR
;
633 sha1_hmac(auth
, DIGEST_LENGTH
, hmac_data
, sizeof(hmac_data
),
636 if (memcmp(computed_auth
, response_auth
+ auth_auth_offset
,
643 u32
tpm_terminate_auth_session(struct udevice
*dev
, u32 auth_handle
)
645 const u8 command
[18] = {
646 0x00, 0xc1, /* TPM_TAG */
647 0x00, 0x00, 0x00, 0x00, /* parameter size */
648 0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */
649 0x00, 0x00, 0x00, 0x00, /* TPM_HANDLE */
650 0x00, 0x00, 0x00, 0x02, /* TPM_RESOURCE_TYPE */
652 const size_t req_handle_offset
= TPM_REQUEST_HEADER_LENGTH
;
653 u8 request
[COMMAND_BUFFER_SIZE
];
655 if (pack_byte_string(request
, sizeof(request
), "sd",
656 0, command
, sizeof(command
),
657 req_handle_offset
, auth_handle
))
658 return TPM_LIB_ERROR
;
659 if (oiap_session
.valid
&& oiap_session
.handle
== auth_handle
)
660 oiap_session
.valid
= 0;
662 return tpm_sendrecv_command(dev
, request
, NULL
, NULL
);
665 u32
tpm_end_oiap(struct udevice
*dev
)
667 u32 err
= TPM_SUCCESS
;
669 if (oiap_session
.valid
)
670 err
= tpm_terminate_auth_session(dev
, oiap_session
.handle
);
674 u32
tpm_oiap(struct udevice
*dev
, u32
*auth_handle
)
676 const u8 command
[10] = {
677 0x00, 0xc1, /* TPM_TAG */
678 0x00, 0x00, 0x00, 0x0a, /* parameter size */
679 0x00, 0x00, 0x00, 0x0a, /* TPM_COMMAND_CODE */
681 const size_t res_auth_handle_offset
= TPM_RESPONSE_HEADER_LENGTH
;
682 const size_t res_nonce_even_offset
= TPM_RESPONSE_HEADER_LENGTH
+ 4;
683 u8 response
[COMMAND_BUFFER_SIZE
];
684 size_t response_length
= sizeof(response
);
687 if (oiap_session
.valid
)
688 tpm_terminate_auth_session(dev
, oiap_session
.handle
);
690 err
= tpm_sendrecv_command(dev
, command
, response
, &response_length
);
693 if (unpack_byte_string(response
, response_length
, "ds",
694 res_auth_handle_offset
, &oiap_session
.handle
,
695 res_nonce_even_offset
, &oiap_session
.nonce_even
,
697 return TPM_LIB_ERROR
;
698 oiap_session
.valid
= 1;
700 *auth_handle
= oiap_session
.handle
;
704 u32
tpm_load_key2_oiap(struct udevice
*dev
, u32 parent_handle
, const void *key
,
705 size_t key_length
, const void *parent_key_usage_auth
,
708 const u8 command
[14] = {
709 0x00, 0xc2, /* TPM_TAG */
710 0x00, 0x00, 0x00, 0x00, /* parameter size */
711 0x00, 0x00, 0x00, 0x41, /* TPM_COMMAND_CODE */
712 0x00, 0x00, 0x00, 0x00, /* parent handle */
714 const size_t req_size_offset
= 2;
715 const size_t req_parent_handle_offset
= TPM_REQUEST_HEADER_LENGTH
;
716 const size_t req_key_offset
= TPM_REQUEST_HEADER_LENGTH
+ 4;
717 const size_t res_handle_offset
= TPM_RESPONSE_HEADER_LENGTH
;
718 u8 request
[sizeof(command
) + TPM_KEY12_MAX_LENGTH
+
719 TPM_REQUEST_AUTH_LENGTH
];
720 u8 response
[COMMAND_BUFFER_SIZE
];
721 size_t response_length
= sizeof(response
);
724 if (!oiap_session
.valid
) {
725 err
= tpm_oiap(dev
, NULL
);
729 if (pack_byte_string(request
, sizeof(request
), "sdds",
730 0, command
, sizeof(command
),
732 sizeof(command
) + key_length
733 + TPM_REQUEST_AUTH_LENGTH
,
734 req_parent_handle_offset
, parent_handle
,
735 req_key_offset
, key
, key_length
737 return TPM_LIB_ERROR
;
739 err
= create_request_auth(request
, sizeof(command
) + key_length
, 4,
741 request
+ sizeof(command
) + key_length
,
742 parent_key_usage_auth
);
745 err
= tpm_sendrecv_command(dev
, request
, response
, &response_length
);
747 if (err
== TPM_AUTHFAIL
)
748 oiap_session
.valid
= 0;
752 err
= verify_response_auth(0x00000041, response
,
753 response_length
- TPM_RESPONSE_AUTH_LENGTH
,
755 response
+ response_length
-
756 TPM_RESPONSE_AUTH_LENGTH
,
757 parent_key_usage_auth
);
762 if (unpack_byte_string(response
, response_length
, "d",
763 res_handle_offset
, key_handle
))
764 return TPM_LIB_ERROR
;
770 u32
tpm_get_pub_key_oiap(struct udevice
*dev
, u32 key_handle
,
771 const void *usage_auth
, void *pubkey
,
774 const u8 command
[14] = {
775 0x00, 0xc2, /* TPM_TAG */
776 0x00, 0x00, 0x00, 0x00, /* parameter size */
777 0x00, 0x00, 0x00, 0x21, /* TPM_COMMAND_CODE */
778 0x00, 0x00, 0x00, 0x00, /* key handle */
780 const size_t req_size_offset
= 2;
781 const size_t req_key_handle_offset
= TPM_REQUEST_HEADER_LENGTH
;
782 const size_t res_pubkey_offset
= TPM_RESPONSE_HEADER_LENGTH
;
783 u8 request
[sizeof(command
) + TPM_REQUEST_AUTH_LENGTH
];
784 u8 response
[TPM_RESPONSE_HEADER_LENGTH
+ TPM_PUBKEY_MAX_LENGTH
+
785 TPM_RESPONSE_AUTH_LENGTH
];
786 size_t response_length
= sizeof(response
);
789 if (!oiap_session
.valid
) {
790 err
= tpm_oiap(dev
, NULL
);
794 if (pack_byte_string(request
, sizeof(request
), "sdd",
795 0, command
, sizeof(command
),
797 (u32
)(sizeof(command
)
798 + TPM_REQUEST_AUTH_LENGTH
),
799 req_key_handle_offset
, key_handle
801 return TPM_LIB_ERROR
;
802 err
= create_request_auth(request
, sizeof(command
), 4, &oiap_session
,
803 request
+ sizeof(command
), usage_auth
);
806 err
= tpm_sendrecv_command(dev
, request
, response
, &response_length
);
808 if (err
== TPM_AUTHFAIL
)
809 oiap_session
.valid
= 0;
812 err
= verify_response_auth(0x00000021, response
,
813 response_length
- TPM_RESPONSE_AUTH_LENGTH
,
815 response
+ response_length
-
816 TPM_RESPONSE_AUTH_LENGTH
,
822 if ((response_length
- TPM_RESPONSE_HEADER_LENGTH
823 - TPM_RESPONSE_AUTH_LENGTH
) > *pubkey_len
)
824 return TPM_LIB_ERROR
;
825 *pubkey_len
= response_length
- TPM_RESPONSE_HEADER_LENGTH
826 - TPM_RESPONSE_AUTH_LENGTH
;
827 memcpy(pubkey
, response
+ res_pubkey_offset
,
828 response_length
- TPM_RESPONSE_HEADER_LENGTH
829 - TPM_RESPONSE_AUTH_LENGTH
);
835 #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
836 u32
tpm_find_key_sha1(struct udevice
*dev
, const u8 auth
[20],
837 const u8 pubkey_digest
[20], u32
*handle
)
848 /* fetch list of already loaded keys in the TPM */
849 err
= tpm_get_capability(dev
, TPM_CAP_HANDLE
, TPM_RT_KEY
, buf
,
853 key_count
= get_unaligned_be16(buf
);
855 for (i
= 0; i
< key_count
; ++i
, ptr
+= 4)
856 key_handles
[i
] = get_unaligned_be32(ptr
);
858 /* now search a(/ the) key which we can access with the given auth */
859 for (i
= 0; i
< key_count
; ++i
) {
860 buf_len
= sizeof(buf
);
861 err
= tpm_get_pub_key_oiap(key_handles
[i
], auth
, buf
, &buf_len
);
862 if (err
&& err
!= TPM_AUTHFAIL
)
866 sha1_csum(buf
, buf_len
, digest
);
867 if (!memcmp(digest
, pubkey_digest
, 20)) {
868 *handle
= key_handles
[i
];
874 #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */
876 #endif /* CONFIG_TPM_AUTH_SESSIONS */
878 u32
tpm_get_random(struct udevice
*dev
, void *data
, u32 count
)
880 const u8 command
[14] = {
881 0x0, 0xc1, /* TPM_TAG */
882 0x0, 0x0, 0x0, 0xe, /* parameter size */
883 0x0, 0x0, 0x0, 0x46, /* TPM_COMMAND_CODE */
885 const size_t length_offset
= 10;
886 const size_t data_size_offset
= 10;
887 const size_t data_offset
= 14;
888 u8 buf
[COMMAND_BUFFER_SIZE
], response
[COMMAND_BUFFER_SIZE
];
889 size_t response_length
= sizeof(response
);
894 u32 this_bytes
= min((size_t)count
,
895 sizeof(response
) - data_offset
);
898 if (pack_byte_string(buf
, sizeof(buf
), "sd",
899 0, command
, sizeof(command
),
900 length_offset
, this_bytes
))
901 return TPM_LIB_ERROR
;
902 err
= tpm_sendrecv_command(dev
, buf
, response
,
906 if (unpack_byte_string(response
, response_length
, "d",
907 data_size_offset
, &data_size
))
908 return TPM_LIB_ERROR
;
909 if (data_size
> count
)
910 return TPM_LIB_ERROR
;
911 if (unpack_byte_string(response
, response_length
, "s",
912 data_offset
, out
, data_size
))
913 return TPM_LIB_ERROR
;