test/integration/session-util.h - platform/external/tpm2-tss - Gitiles

 /*
  * Copyright (c) 2017, Intel Corporation
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
  *
  * 1. Redistributions of source code must retain the above copyright notice,
  * this list of conditions and the following disclaimer.
  *
  * 2. Redistributions in binary form must reproduce the above copyright notice,
  * this list of conditions and the following disclaimer in the documentation
  * and/or other materials provided with the distribution.
  *
  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
  * THE POSSIBILITY OF SUCH DAMAGE.
  */

 #ifndef _SESSION_UTIL_H_
 #define _SESSION_UTIL_H_

 #include <stdbool.h>
 #include <uthash.h>
 #include "tss2_tpm2_types.h"
 #include "tss2_sys.h"
 #include "util/tpm2b.h"

 typedef struct {
     TPMI_DH_OBJECT tpmKey;
     TPMI_DH_ENTITY bind;
     TPM2B_ENCRYPTED_SECRET encryptedSalt;
     TPM2B_MAX_BUFFER salt;
     TPM2_SE sessionType;
     TPMT_SYM_DEF symmetric;
     TPMI_ALG_HASH authHash;
     TPMI_SH_AUTH_SESSION sessionHandle;
     TPM2B_NONCE nonceTPM;
     TPM2B_DIGEST sessionKey;
     TPM2B_DIGEST authValueBind;
     TPM2B_NONCE nonceNewer;
     TPM2B_NONCE nonceOlder;
     TPM2B_NONCE nonceTpmDecrypt;
     TPM2B_NONCE nonceTpmEncrypt;
     TPM2B_NAME name;
     void *hmacPtr;
     UT_hash_handle hh;
 } SESSION;

 typedef struct{
     TPM2_HANDLE entityHandle;
     TPM2B_AUTH entityAuth;
     UT_hash_handle hh;
 } ENTITY;

 /*
  * Helper function used to calculate cpHash and rpHash
  * if command is true cpHash is calculated,
  * otherwise rpHash rpHash is calculated.
  */
 TSS2_RC
 TpmCalcPHash(
     TSS2_SYS_CONTEXT *sysContext,
     TPM2_HANDLE handle1,
     TPM2_HANDLE handle2,
     TPM2_HANDLE handle3,
     TPMI_ALG_HASH auth_hash,
     bool command,
     TPM2B_DIGEST *result);

 UINT32
 TpmHandleToName(
     TSS2_TCTI_CONTEXT *tcti_context,
     TPM2_HANDLE handle,
     TPM2B_NAME *name);

 void
 RollNonces(
     SESSION *session,
     TPM2B_NONCE *new_nonce);

 TSS2_RC
 KDFa(TPMI_ALG_HASH hash,
      TPM2B *key,
      const char *label,
      TPM2B *contextU,
      TPM2B *contextV,
      UINT16 bits,
      TPM2B_MAX_BUFFER *resultKey );

 SESSION *
 get_session(TPMI_SH_AUTH_SESSION hndl);

 TSS2_RC StartAuthSessionWithParams(
     SESSION **psession,
     TPMI_DH_OBJECT tpmKey,
     TPM2B_MAX_BUFFER *salt,
     TPMI_DH_ENTITY bind,
     TPM2B_AUTH *bindAuth,
     TPM2B_NONCE *nonceCaller,
     TPM2B_ENCRYPTED_SECRET *encryptedSalt,
     TPM2_SE sessionType,
     TPMT_SYM_DEF *symmetric,
     TPMI_ALG_HASH algId,
     TSS2_TCTI_CONTEXT *tctiContext);

 TSS2_RC
 ComputeCommandHmacs(
     TSS2_SYS_CONTEXT *sysContext,
     TPM2_HANDLE handle1,
     TPM2_HANDLE handle2,
     TPM2_HANDLE handle3,
     TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn);

 TSS2_RC
 CheckResponseHMACs(
     TSS2_SYS_CONTEXT *sysContext,
     TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn,
     TPM2_HANDLE handle1,
     TPM2_HANDLE handle2,
     TPM2_HANDLE handle3,
     TSS2L_SYS_AUTH_RESPONSE *pSessionsDataOut);

 void
 EndAuthSession(SESSION *session);

 int
 AddEntity(TPM2_HANDLE handle, TPM2B_AUTH *auth);

 void
 DeleteEntity(TPM2_HANDLE handle);

 int
 GetEntityAuth(TPM2_HANDLE handle, TPM2B_AUTH *auth);

 ENTITY *
 GetEntity(TPM2_HANDLE handle);

 TSS2_RC
 EncryptCommandParam(
     SESSION *session,
     TPM2B_MAX_BUFFER *encryptedData,
     TPM2B_MAX_BUFFER *clearData,
     TPM2B_AUTH *authValue);

 TSS2_RC
 DecryptResponseParam(
     SESSION *session,
     TPM2B_MAX_BUFFER *clearData,
     TPM2B_MAX_BUFFER *encryptedData,
     TPM2B_AUTH *authValue);

 #endif
	/*
	* Copyright (c) 2017, Intel Corporation
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions are met:
	*
	* 1. Redistributions of source code must retain the above copyright notice,
	* this list of conditions and the following disclaimer.
	*
	* 2. Redistributions in binary form must reproduce the above copyright notice,
	* this list of conditions and the following disclaimer in the documentation
	* and/or other materials provided with the distribution.
	*
	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
	* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
	* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
	* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
	* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
	* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
	* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
	* THE POSSIBILITY OF SUCH DAMAGE.
	*/

	#ifndef _SESSION_UTIL_H_
	#define _SESSION_UTIL_H_

	#include <stdbool.h>
	#include <uthash.h>
	#include "tss2_tpm2_types.h"
	#include "tss2_sys.h"
	#include "util/tpm2b.h"

	typedef struct {
	TPMI_DH_OBJECT tpmKey;
	TPMI_DH_ENTITY bind;
	TPM2B_ENCRYPTED_SECRET encryptedSalt;
	TPM2B_MAX_BUFFER salt;
	TPM2_SE sessionType;
	TPMT_SYM_DEF symmetric;
	TPMI_ALG_HASH authHash;
	TPMI_SH_AUTH_SESSION sessionHandle;
	TPM2B_NONCE nonceTPM;
	TPM2B_DIGEST sessionKey;
	TPM2B_DIGEST authValueBind;
	TPM2B_NONCE nonceNewer;
	TPM2B_NONCE nonceOlder;
	TPM2B_NONCE nonceTpmDecrypt;
	TPM2B_NONCE nonceTpmEncrypt;
	TPM2B_NAME name;
	void *hmacPtr;
	UT_hash_handle hh;
	} SESSION;

	typedef struct{
	TPM2_HANDLE entityHandle;
	TPM2B_AUTH entityAuth;
	UT_hash_handle hh;
	} ENTITY;

	/*
	* Helper function used to calculate cpHash and rpHash
	* if command is true cpHash is calculated,
	* otherwise rpHash rpHash is calculated.
	*/
	TSS2_RC
	TpmCalcPHash(
	TSS2_SYS_CONTEXT *sysContext,
	TPM2_HANDLE handle1,
	TPM2_HANDLE handle2,
	TPM2_HANDLE handle3,
	TPMI_ALG_HASH auth_hash,
	bool command,
	TPM2B_DIGEST *result);

	UINT32
	TpmHandleToName(
	TSS2_TCTI_CONTEXT *tcti_context,
	TPM2_HANDLE handle,
	TPM2B_NAME *name);

	void
	RollNonces(
	SESSION *session,
	TPM2B_NONCE *new_nonce);

	TSS2_RC
	KDFa(TPMI_ALG_HASH hash,
	TPM2B *key,
	const char *label,
	TPM2B *contextU,
	TPM2B *contextV,
	UINT16 bits,
	TPM2B_MAX_BUFFER *resultKey );

	SESSION *
	get_session(TPMI_SH_AUTH_SESSION hndl);

	TSS2_RC StartAuthSessionWithParams(
	SESSION **psession,
	TPMI_DH_OBJECT tpmKey,
	TPM2B_MAX_BUFFER *salt,
	TPMI_DH_ENTITY bind,
	TPM2B_AUTH *bindAuth,
	TPM2B_NONCE *nonceCaller,
	TPM2B_ENCRYPTED_SECRET *encryptedSalt,
	TPM2_SE sessionType,
	TPMT_SYM_DEF *symmetric,
	TPMI_ALG_HASH algId,
	TSS2_TCTI_CONTEXT *tctiContext);

	TSS2_RC
	ComputeCommandHmacs(
	TSS2_SYS_CONTEXT *sysContext,
	TPM2_HANDLE handle1,
	TPM2_HANDLE handle2,
	TPM2_HANDLE handle3,
	TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn);

	TSS2_RC
	CheckResponseHMACs(
	TSS2_SYS_CONTEXT *sysContext,
	TSS2L_SYS_AUTH_COMMAND *pSessionsDataIn,
	TPM2_HANDLE handle1,
	TPM2_HANDLE handle2,
	TPM2_HANDLE handle3,
	TSS2L_SYS_AUTH_RESPONSE *pSessionsDataOut);

	void
	EndAuthSession(SESSION *session);

	int
	AddEntity(TPM2_HANDLE handle, TPM2B_AUTH *auth);

	void
	DeleteEntity(TPM2_HANDLE handle);

	int
	GetEntityAuth(TPM2_HANDLE handle, TPM2B_AUTH *auth);

	ENTITY *
	GetEntity(TPM2_HANDLE handle);

	TSS2_RC
	EncryptCommandParam(
	SESSION *session,
	TPM2B_MAX_BUFFER *encryptedData,
	TPM2B_MAX_BUFFER *clearData,
	TPM2B_AUTH *authValue);

	TSS2_RC
	DecryptResponseParam(
	SESSION *session,
	TPM2B_MAX_BUFFER *clearData,
	TPM2B_MAX_BUFFER *encryptedData,
	TPM2B_AUTH *authValue);

	#endif