xref: /linux/include/keys/trusted_tpm.h (revision 621cde16e49b3ecf7d59a8106a20aaebfb4a59a9) 
147f9c279SSumit Garg /* SPDX-License-Identifier: GPL-2.0 */
247f9c279SSumit Garg #ifndef __TRUSTED_TPM_H
347f9c279SSumit Garg #define __TRUSTED_TPM_H
447f9c279SSumit Garg 
547f9c279SSumit Garg #include <keys/trusted-type.h>
647f9c279SSumit Garg #include <linux/tpm_command.h>
747f9c279SSumit Garg 
847f9c279SSumit Garg /* implementation specific TPM constants */
947f9c279SSumit Garg #define TPM_SIZE_OFFSET			2
1047f9c279SSumit Garg #define TPM_RETURN_OFFSET		6
1147f9c279SSumit Garg #define TPM_DATA_OFFSET			10
1247f9c279SSumit Garg 
1347f9c279SSumit Garg #define LOAD32(buffer, offset)	(ntohl(*(uint32_t *)&buffer[offset]))
1447f9c279SSumit Garg #define LOAD32N(buffer, offset)	(*(uint32_t *)&buffer[offset])
1547f9c279SSumit Garg #define LOAD16(buffer, offset)	(ntohs(*(uint16_t *)&buffer[offset]))
1647f9c279SSumit Garg 
17*5d0682beSSumit Garg extern struct trusted_key_ops trusted_key_tpm_ops;
18*5d0682beSSumit Garg 
1947f9c279SSumit Garg struct osapsess {
2047f9c279SSumit Garg 	uint32_t handle;
2147f9c279SSumit Garg 	unsigned char secret[SHA1_DIGEST_SIZE];
2247f9c279SSumit Garg 	unsigned char enonce[TPM_NONCE_SIZE];
2347f9c279SSumit Garg };
2447f9c279SSumit Garg 
2547f9c279SSumit Garg /* discrete values, but have to store in uint16_t for TPM use */
2647f9c279SSumit Garg enum {
2747f9c279SSumit Garg 	SEAL_keytype = 1,
2847f9c279SSumit Garg 	SRK_keytype = 4
2947f9c279SSumit Garg };
3047f9c279SSumit Garg 
3147f9c279SSumit Garg int TSS_authhmac(unsigned char *digest, const unsigned char *key,
3247f9c279SSumit Garg 			unsigned int keylen, unsigned char *h1,
3347f9c279SSumit Garg 			unsigned char *h2, unsigned int h3, ...);
3447f9c279SSumit Garg int TSS_checkhmac1(unsigned char *buffer,
3547f9c279SSumit Garg 			  const uint32_t command,
3647f9c279SSumit Garg 			  const unsigned char *ononce,
3747f9c279SSumit Garg 			  const unsigned char *key,
3847f9c279SSumit Garg 			  unsigned int keylen, ...);
3947f9c279SSumit Garg 
4047f9c279SSumit Garg int trusted_tpm_send(unsigned char *cmd, size_t buflen);
4147f9c279SSumit Garg int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
4247f9c279SSumit Garg 
432e19e101SSumit Garg int tpm2_seal_trusted(struct tpm_chip *chip,
442e19e101SSumit Garg 		      struct trusted_key_payload *payload,
452e19e101SSumit Garg 		      struct trusted_key_options *options);
462e19e101SSumit Garg int tpm2_unseal_trusted(struct tpm_chip *chip,
472e19e101SSumit Garg 			struct trusted_key_payload *payload,
482e19e101SSumit Garg 			struct trusted_key_options *options);
492e19e101SSumit Garg 
5047f9c279SSumit Garg #define TPM_DEBUG 0
5147f9c279SSumit Garg 
5247f9c279SSumit Garg #if TPM_DEBUG
dump_options(struct trusted_key_options * o)5347f9c279SSumit Garg static inline void dump_options(struct trusted_key_options *o)
5447f9c279SSumit Garg {
55*5d0682beSSumit Garg 	pr_info("sealing key type %d\n", o->keytype);
56*5d0682beSSumit Garg 	pr_info("sealing key handle %0X\n", o->keyhandle);
57*5d0682beSSumit Garg 	pr_info("pcrlock %d\n", o->pcrlock);
58*5d0682beSSumit Garg 	pr_info("pcrinfo %d\n", o->pcrinfo_len);
5947f9c279SSumit Garg 	print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
6047f9c279SSumit Garg 		       16, 1, o->pcrinfo, o->pcrinfo_len, 0);
6147f9c279SSumit Garg }
6247f9c279SSumit Garg 
dump_sess(struct osapsess * s)6347f9c279SSumit Garg static inline void dump_sess(struct osapsess *s)
6447f9c279SSumit Garg {
6547f9c279SSumit Garg 	print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
6647f9c279SSumit Garg 		       16, 1, &s->handle, 4, 0);
67*5d0682beSSumit Garg 	pr_info("secret:\n");
6847f9c279SSumit Garg 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
6947f9c279SSumit Garg 		       16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
7047f9c279SSumit Garg 	pr_info("trusted-key: enonce:\n");
7147f9c279SSumit Garg 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
7247f9c279SSumit Garg 		       16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
7347f9c279SSumit Garg }
7447f9c279SSumit Garg 
dump_tpm_buf(unsigned char * buf)7547f9c279SSumit Garg static inline void dump_tpm_buf(unsigned char *buf)
7647f9c279SSumit Garg {
7747f9c279SSumit Garg 	int len;
7847f9c279SSumit Garg 
79*5d0682beSSumit Garg 	pr_info("\ntpm buffer\n");
8047f9c279SSumit Garg 	len = LOAD32(buf, TPM_SIZE_OFFSET);
8147f9c279SSumit Garg 	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
8247f9c279SSumit Garg }
8347f9c279SSumit Garg #else
dump_options(struct trusted_key_options * o)8447f9c279SSumit Garg static inline void dump_options(struct trusted_key_options *o)
8547f9c279SSumit Garg {
8647f9c279SSumit Garg }
8747f9c279SSumit Garg 
dump_sess(struct osapsess * s)8847f9c279SSumit Garg static inline void dump_sess(struct osapsess *s)
8947f9c279SSumit Garg {
9047f9c279SSumit Garg }
9147f9c279SSumit Garg 
dump_tpm_buf(unsigned char * buf)9247f9c279SSumit Garg static inline void dump_tpm_buf(unsigned char *buf)
9347f9c279SSumit Garg {
9447f9c279SSumit Garg }
9547f9c279SSumit Garg #endif
9647f9c279SSumit Garg #endif
97