tpm: add AUTH1 cmds for LoadKey2 and GetPubKey
Extend the tpm library with support for single authorized (AUTH1) commands
as specified in the TCG Main Specification 1.2. (The internally used helper
functions are implemented in a way that they could also be used for double
authorized commands if someone needs it.)
Provide enums with the return codes from the TCG Main specification.
For now only a single OIAP session is supported.
OIAP authorized version of the commands TPM_LoadKey2 and TPM_GetPubKey are
provided. Both features are available using the 'tpm' command, too.
Authorized commands are enabled with CONFIG_TPM_AUTH_SESSIONS. (Note that
this also requires CONFIG_SHA1 to be enabled.)
Signed-off-by: Reinhard Pfau <reinhard.pfau@gdsys.cc>
Signed-off-by: Dirk Eibach <dirk.eibach@gdsys.cc>
Acked-by: Che-Liang Chiou <clchiou@chromium.org>
Signed-off-by: Andy Fleming <afleming@freescale.com>
diff --git a/include/tpm.h b/include/tpm.h
index 7219b73..5e9f832 100644
--- a/include/tpm.h
+++ b/include/tpm.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2013 The Chromium OS Authors.
+ * Coypright (c) 2013 Guntermann & Drunck GmbH
*
* See file CREDITS for list of people who contributed to this
* project.
@@ -54,6 +55,120 @@
};
/**
+ * TPM return codes as defined in the TCG Main specification
+ * (TPM Main Part 2 Structures; Specification version 1.2)
+ */
+enum tpm_return_code {
+ TPM_BASE = 0x00000000,
+ TPM_NON_FATAL = 0x00000800,
+ TPM_SUCCESS = TPM_BASE,
+ /* TPM-defined fatal error codes */
+ TPM_AUTHFAIL = TPM_BASE + 1,
+ TPM_BADINDEX = TPM_BASE + 2,
+ TPM_BAD_PARAMETER = TPM_BASE + 3,
+ TPM_AUDITFAILURE = TPM_BASE + 4,
+ TPM_CLEAR_DISABLED = TPM_BASE + 5,
+ TPM_DEACTIVATED = TPM_BASE + 6,
+ TPM_DISABLED = TPM_BASE + 7,
+ TPM_DISABLED_CMD = TPM_BASE + 8,
+ TPM_FAIL = TPM_BASE + 9,
+ TPM_BAD_ORDINAL = TPM_BASE + 10,
+ TPM_INSTALL_DISABLED = TPM_BASE + 11,
+ TPM_INVALID_KEYHANDLE = TPM_BASE + 12,
+ TPM_KEYNOTFOUND = TPM_BASE + 13,
+ TPM_INAPPROPRIATE_ENC = TPM_BASE + 14,
+ TPM_MIGRATE_FAIL = TPM_BASE + 15,
+ TPM_INVALID_PCR_INFO = TPM_BASE + 16,
+ TPM_NOSPACE = TPM_BASE + 17,
+ TPM_NOSRK = TPM_BASE + 18,
+ TPM_NOTSEALED_BLOB = TPM_BASE + 19,
+ TPM_OWNER_SET = TPM_BASE + 20,
+ TPM_RESOURCES = TPM_BASE + 21,
+ TPM_SHORTRANDOM = TPM_BASE + 22,
+ TPM_SIZE = TPM_BASE + 23,
+ TPM_WRONGPCRVAL = TPM_BASE + 24,
+ TPM_BAD_PARAM_SIZE = TPM_BASE + 25,
+ TPM_SHA_THREAD = TPM_BASE + 26,
+ TPM_SHA_ERROR = TPM_BASE + 27,
+ TPM_FAILEDSELFTEST = TPM_BASE + 28,
+ TPM_AUTH2FAIL = TPM_BASE + 29,
+ TPM_BADTAG = TPM_BASE + 30,
+ TPM_IOERROR = TPM_BASE + 31,
+ TPM_ENCRYPT_ERROR = TPM_BASE + 32,
+ TPM_DECRYPT_ERROR = TPM_BASE + 33,
+ TPM_INVALID_AUTHHANDLE = TPM_BASE + 34,
+ TPM_NO_ENDORSEMENT = TPM_BASE + 35,
+ TPM_INVALID_KEYUSAGE = TPM_BASE + 36,
+ TPM_WRONG_ENTITYTYPE = TPM_BASE + 37,
+ TPM_INVALID_POSTINIT = TPM_BASE + 38,
+ TPM_INAPPROPRIATE_SIG = TPM_BASE + 39,
+ TPM_BAD_KEY_PROPERTY = TPM_BASE + 40,
+ TPM_BAD_MIGRATION = TPM_BASE + 41,
+ TPM_BAD_SCHEME = TPM_BASE + 42,
+ TPM_BAD_DATASIZE = TPM_BASE + 43,
+ TPM_BAD_MODE = TPM_BASE + 44,
+ TPM_BAD_PRESENCE = TPM_BASE + 45,
+ TPM_BAD_VERSION = TPM_BASE + 46,
+ TPM_NO_WRAP_TRANSPORT = TPM_BASE + 47,
+ TPM_AUDITFAIL_UNSUCCESSFUL = TPM_BASE + 48,
+ TPM_AUDITFAIL_SUCCESSFUL = TPM_BASE + 49,
+ TPM_NOTRESETABLE = TPM_BASE + 50,
+ TPM_NOTLOCAL = TPM_BASE + 51,
+ TPM_BAD_TYPE = TPM_BASE + 52,
+ TPM_INVALID_RESOURCE = TPM_BASE + 53,
+ TPM_NOTFIPS = TPM_BASE + 54,
+ TPM_INVALID_FAMILY = TPM_BASE + 55,
+ TPM_NO_NV_PERMISSION = TPM_BASE + 56,
+ TPM_REQUIRES_SIGN = TPM_BASE + 57,
+ TPM_KEY_NOTSUPPORTED = TPM_BASE + 58,
+ TPM_AUTH_CONFLICT = TPM_BASE + 59,
+ TPM_AREA_LOCKED = TPM_BASE + 60,
+ TPM_BAD_LOCALITY = TPM_BASE + 61,
+ TPM_READ_ONLY = TPM_BASE + 62,
+ TPM_PER_NOWRITE = TPM_BASE + 63,
+ TPM_FAMILY_COUNT = TPM_BASE + 64,
+ TPM_WRITE_LOCKED = TPM_BASE + 65,
+ TPM_BAD_ATTRIBUTES = TPM_BASE + 66,
+ TPM_INVALID_STRUCTURE = TPM_BASE + 67,
+ TPM_KEY_OWNER_CONTROL = TPM_BASE + 68,
+ TPM_BAD_COUNTER = TPM_BASE + 69,
+ TPM_NOT_FULLWRITE = TPM_BASE + 70,
+ TPM_CONTEXT_GAP = TPM_BASE + 71,
+ TPM_MAXNVWRITES = TPM_BASE + 72,
+ TPM_NOOPERATOR = TPM_BASE + 73,
+ TPM_RESOURCEMISSING = TPM_BASE + 74,
+ TPM_DELEGATE_LOCK = TPM_BASE + 75,
+ TPM_DELEGATE_FAMILY = TPM_BASE + 76,
+ TPM_DELEGATE_ADMIN = TPM_BASE + 77,
+ TPM_TRANSPORT_NOTEXCLUSIVE = TPM_BASE + 78,
+ TPM_OWNER_CONTROL = TPM_BASE + 79,
+ TPM_DAA_RESOURCES = TPM_BASE + 80,
+ TPM_DAA_INPUT_DATA0 = TPM_BASE + 81,
+ TPM_DAA_INPUT_DATA1 = TPM_BASE + 82,
+ TPM_DAA_ISSUER_SETTINGS = TPM_BASE + 83,
+ TPM_DAA_TPM_SETTINGS = TPM_BASE + 84,
+ TPM_DAA_STAGE = TPM_BASE + 85,
+ TPM_DAA_ISSUER_VALIDITY = TPM_BASE + 86,
+ TPM_DAA_WRONG_W = TPM_BASE + 87,
+ TPM_BAD_HANDLE = TPM_BASE + 88,
+ TPM_BAD_DELEGATE = TPM_BASE + 89,
+ TPM_BADCONTEXT = TPM_BASE + 90,
+ TPM_TOOMANYCONTEXTS = TPM_BASE + 91,
+ TPM_MA_TICKET_SIGNATURE = TPM_BASE + 92,
+ TPM_MA_DESTINATION = TPM_BASE + 93,
+ TPM_MA_SOURCE = TPM_BASE + 94,
+ TPM_MA_AUTHORITY = TPM_BASE + 95,
+ TPM_PERMANENTEK = TPM_BASE + 97,
+ TPM_BAD_SIGNATURE = TPM_BASE + 98,
+ TPM_NOCONTEXTSPACE = TPM_BASE + 99,
+ /* TPM-defined non-fatal errors */
+ TPM_RETRY = TPM_BASE + TPM_NON_FATAL,
+ TPM_NEEDS_SELFTEST = TPM_BASE + TPM_NON_FATAL + 1,
+ TPM_DOING_SELFTEST = TPM_BASE + TPM_NON_FATAL + 2,
+ TPM_DEFEND_LOCK_RUNNING = TPM_BASE + TPM_NON_FATAL + 3,
+};
+
+/**
* Initialize TPM device. It must be called before any TPM commands.
*
* @return 0 on success, non-0 on error.
@@ -201,4 +316,63 @@
uint32_t tpm_get_capability(uint32_t cap_area, uint32_t sub_cap,
void *cap, size_t count);
+/**
+ * Issue a TPM_FlushSpecific command for a AUTH ressource.
+ *
+ * @param auth_handle handle of the auth session
+ * @return return code of the operation
+ */
+uint32_t tpm_terminate_auth_session(uint32_t auth_handle);
+
+/**
+ * Issue a TPM_OIAP command to setup an object independant authorization
+ * session.
+ * Information about the session is stored internally.
+ * If there was already an OIAP session active it is terminated and a new
+ * session is set up.
+ *
+ * @param auth_handle pointer to the (new) auth handle or NULL.
+ * @return return code of the operation
+ */
+uint32_t tpm_oiap(uint32_t *auth_handle);
+
+/**
+ * Ends an active OIAP session.
+ *
+ * @return return code of the operation
+ */
+uint32_t tpm_end_oiap(void);
+
+/**
+ * Issue a TPM_LoadKey2 (Auth1) command using an OIAP session for authenticating
+ * the usage of the parent key.
+ *
+ * @param parent_handle handle of the parent key.
+ * @param key pointer to the key structure (TPM_KEY or TPM_KEY12).
+ * @param key_length size of the key structure
+ * @param parent_key_usage_auth usage auth for the parent key
+ * @param key_handle pointer to the key handle
+ * @return return code of the operation
+ */
+uint32_t tpm_load_key2_oiap(uint32_t parent_handle,
+ const void *key, size_t key_length,
+ const void *parent_key_usage_auth,
+ uint32_t *key_handle);
+
+/**
+ * Issue a TPM_GetPubKey (Auth1) command using an OIAP session for
+ * authenticating the usage of the key.
+ *
+ * @param key_handle handle of the key
+ * @param usage_auth usage auth for the key
+ * @param pubkey pointer to the pub key buffer; may be NULL if the pubkey
+ * should not be stored.
+ * @param pubkey_len pointer to the pub key buffer len. On entry: the size of
+ * the provided pubkey buffer. On successful exit: the size
+ * of the stored TPM_PUBKEY structure (iff pubkey != NULL).
+ * @return return code of the operation
+ */
+uint32_t tpm_get_pub_key_oiap(uint32_t key_handle, const void *usage_auth,
+ void *pubkey, size_t *pubkey_len);
+
#endif /* __TPM_H */