tpm2-sessions.c - OpenGrok cross reference for /linux/drivers/char/tpm/tpm2-sessions.c

Lines Matching full:hmac
7  * authorization HMAC and request response encryption.
9  * The idea is to ensure that every TPM command is HMAC protected by a
36  * The design is all the crypto, hash and hmac gunk is confined in this
50  *	calculating the HMAC.  In particular, for NV, volatile and
52  * tpm_buf_append_hmac_session() which appends the hmac session to the
56  *	command buffer is finalized so it can fill in the correct HMAC
73 #include <crypto/hmac.h>
123 	 * because several HMAC/KDF schemes use the combination of the
302  * for the HMAC which cannot be computed until the command buffer is
312  * tpm_buf_fill_hmac_session() otherwise the HMAC will be incorrect
341 	 * before computing the HMAC  in tpm_buf_append_hmac_session()
375 	/* and put a placeholder for the hmac */  in tpm_buf_append_hmac_session()
388  * It turns out the crypto hmac(sha256) is hard for us to consume
390  * on every operation, so we weld the hmac init and final functions in
568  * tpm_buf_fill_hmac_session() - finalize the session HMAC
573  * been appended to @buf otherwise the computed HMAC will be
576  * This function computes and fills in the session HMAC using the
592 	u8 *hmac = NULL;  in tpm_buf_fill_hmac_session()  local
645 			hmac = &buf->data[offset_s];  in tpm_buf_fill_hmac_session()
659 	if (!hmac) {  in tpm_buf_fill_hmac_session()
660 		dev_err(&chip->dev, "TPM could not find HMAC session\n");  in tpm_buf_fill_hmac_session()
664 	/* encrypt before HMAC */  in tpm_buf_fill_hmac_session()
679 		/* reset p to beginning of parameters for HMAC */  in tpm_buf_fill_hmac_session()
706 	/* now calculate the hmac */  in tpm_buf_fill_hmac_session()
714 			+ auth->passphrase_len, hmac);  in tpm_buf_fill_hmac_session()
719  * tpm_buf_check_hmac_response() - check the TPM return HMAC for correctness
729  * If @rc is zero, the response HMAC is computed against the returned
733  * The reason for this is that the command issue and HMAC check
773 		dev_err(&chip->dev, "TPM: HMAC response check has no sessions tag\n");  in tpm_buf_check_hmac_response()
810 	 * offset_s points to the HMAC. now calculate comparison, beginning  in tpm_buf_check_hmac_response()
822 	/* now calculate the hmac */  in tpm_buf_check_hmac_response()
829 	/* we're done with the rphash, so put our idea of the hmac there */  in tpm_buf_check_hmac_response()
835 		dev_err(&chip->dev, "TPM: HMAC check failed\n");  in tpm_buf_check_hmac_response()
961  * tpm2_start_auth_session() - Create an a HMAC authentication session
964  * Loads the ephemeral key (null seed), and starts an HMAC authenticated
1006 	/* session type (HMAC, audit or policy) */  in tpm2_start_auth_session()
1040  * used in HMAC encryption. For more information on specific attributes look up
1198 	/* the ticket digest HMAC (might not be sha256) */  in tpm2_parse_create_primary()