Vadim Bendebury | c4b77e0 | 2015-05-27 15:29:50 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2015 The Chromium OS Authors. All rights reserved. |
| 3 | * Use of this source code is governed by a BSD-style license that can be |
| 4 | * found in the LICENSE file. |
| 5 | */ |
| 6 | |
| 7 | #ifndef __SOURCE_CRYPTUTIL_FP_H |
| 8 | #define __SOURCE_CRYPTUTIL_FP_H |
| 9 | |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 10 | BOOL CryptAreKeySizesConsistent( |
| 11 | TPMT_PUBLIC *publicArea // IN: the public area to check |
Vadim Bendebury | bbd7900 | 2015-05-31 14:44:07 -0700 | [diff] [blame^] | 12 | ); |
| 13 | TPMI_YES_NO CryptCapGetECCCurve( |
| 14 | TPM_ECC_CURVE curveID, // IN: the starting ECC curve |
| 15 | UINT32 maxCount, // IN: count of returned curve |
| 16 | TPML_ECC_CURVE *curveList // OUT: ECC curve list |
| 17 | ); |
Vadim Bendebury | 6bb41ff | 2015-05-29 22:43:25 -0700 | [diff] [blame] | 18 | UINT16 CryptCommit(void); |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 19 | LIB_EXPORT int CryptCompare( |
| 20 | const UINT32 aSize, // IN: size of a |
| 21 | const BYTE *a, // IN: a buffer |
| 22 | const UINT32 bSize, // IN: size of b |
| 23 | const BYTE *b // IN: b buffer |
| 24 | ); |
Vadim Bendebury | 6bb41ff | 2015-05-29 22:43:25 -0700 | [diff] [blame] | 25 | TPM_RC CryptCommitCompute( |
| 26 | TPMS_ECC_POINT *K, // OUT: [d]B |
| 27 | TPMS_ECC_POINT *L, // OUT: [r]B |
| 28 | TPMS_ECC_POINT *E, // OUT: [r]M |
| 29 | TPM_ECC_CURVE curveID, // IN: The curve for the computation |
| 30 | TPMS_ECC_POINT *M, // IN: M (P1) |
| 31 | TPMS_ECC_POINT *B, // IN: B (x2, y2) |
| 32 | TPM2B_ECC_PARAMETER *d, // IN: the private scalar |
| 33 | TPM2B_ECC_PARAMETER *r // IN: the computed r value |
| 34 | ); |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 35 | void CryptComputeSymmetricUnique( |
| 36 | TPMI_ALG_HASH nameAlg, // IN: object name algorithm |
| 37 | TPMT_SENSITIVE *sensitive, // IN: sensitive area |
| 38 | TPM2B_DIGEST *unique // OUT: unique buffer |
| 39 | ); |
Vadim Bendebury | 8c027af | 2015-05-29 22:45:58 -0700 | [diff] [blame] | 40 | LIB_EXPORT UINT16 CryptCompleteHMAC2B( |
| 41 | HMAC_STATE *hmacState, // IN: the state of HMAC stack |
| 42 | TPM2B *digest // OUT: HMAC |
| 43 | ); |
Vadim Bendebury | b0d692f | 2015-05-29 22:54:52 -0700 | [diff] [blame] | 44 | LIB_EXPORT UINT16 CryptCompleteHash( |
| 45 | void *state, // IN: the state of hash stack |
| 46 | UINT16 digestSize, // IN: size of digest buffer |
| 47 | BYTE *digest // OUT: hash digest |
| 48 | ); |
Vadim Bendebury | b86371b | 2015-05-27 18:16:19 -0700 | [diff] [blame] | 49 | UINT16 CryptCompleteHash2B( |
| 50 | void *state, // IN: the state of hash stack |
| 51 | TPM2B *digest // IN: the size of the buffer Out: requested |
| 52 | // number of byte |
| 53 | ); |
Vadim Bendebury | bde479a | 2015-05-29 22:48:02 -0700 | [diff] [blame] | 54 | TPM_RC CryptCreateObject( |
| 55 | TPM_HANDLE parentHandle, // IN/OUT: indication of the seed |
| 56 | // source |
| 57 | TPMT_PUBLIC *publicArea, // IN/OUT: public area |
| 58 | TPMS_SENSITIVE_CREATE *sensitiveCreate, // IN: sensitive creation |
| 59 | TPMT_SENSITIVE *sensitive // OUT: sensitive area |
| 60 | ); |
Vadim Bendebury | 161c910 | 2015-05-28 15:21:26 -0700 | [diff] [blame] | 61 | void CryptDrbgGetPutState( |
| 62 | GET_PUT direction // IN: Get from or put to DRBG |
| 63 | ); |
Vadim Bendebury | 3743ac1 | 2015-05-29 22:44:14 -0700 | [diff] [blame] | 64 | TPM_RC CryptDecryptRSA( |
| 65 | UINT16 *dataOutSize, // OUT: size of plain text in byte |
| 66 | BYTE *dataOut, // OUT: plain text |
| 67 | OBJECT *rsaKey, // IN: internal RSA key |
| 68 | TPMT_RSA_DECRYPT *scheme, // IN: selects the padding scheme |
| 69 | UINT16 cipherInSize, // IN: size of cipher text in byte |
| 70 | BYTE *cipherIn, // IN: cipher text |
| 71 | const char *label // IN: a label, when needed |
| 72 | ); |
Vadim Bendebury | 6bb41ff | 2015-05-29 22:43:25 -0700 | [diff] [blame] | 73 | TPM_RC CryptDivide( |
| 74 | TPM2B *numerator, // IN: numerator |
| 75 | TPM2B *denominator, // IN: denominator |
| 76 | TPM2B *quotient, // OUT: quotient = numerator / denominator. |
| 77 | TPM2B *remainder // OUT: numerator mod denominator. |
| 78 | ); |
Vadim Bendebury | 3743ac1 | 2015-05-29 22:44:14 -0700 | [diff] [blame] | 79 | void CryptDrbgGetPutState( |
| 80 | GET_PUT direction // IN: Get from or put to DRBG |
| 81 | ); |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 82 | // |
| 83 | // |
| 84 | // 10.2.6.3 CryptEccGetKeySizeBytes() |
| 85 | // |
| 86 | // This macro returns the size of the ECC key in bytes. It uses |
| 87 | // CryptEccGetKeySizeInBits(). |
| 88 | // |
| 89 | #define CryptEccGetKeySizeInBytes(curve) \ |
| 90 | ((CryptEccGetKeySizeInBits(curve)+7)/8) |
| 91 | |
Vadim Bendebury | b0d692f | 2015-05-29 22:54:52 -0700 | [diff] [blame] | 92 | LIB_EXPORT TPM_ALG_ID CryptGetHashAlgByIndex( |
| 93 | UINT32 index // IN: the index |
| 94 | ); |
Vadim Bendebury | 6edc84a | 2015-05-29 22:51:56 -0700 | [diff] [blame] | 95 | LIB_EXPORT UINT16 CryptGetHashDigestSize( |
| 96 | TPM_ALG_ID hashAlg // IN: hash algorithm |
| 97 | ); |
Vadim Bendebury | 6bb41ff | 2015-05-29 22:43:25 -0700 | [diff] [blame] | 98 | LIB_EXPORT const TPM2B * CryptEccGetParameter( |
| 99 | char p, // IN: the parameter selector |
| 100 | TPM_ECC_CURVE curveId // IN: the curve id |
| 101 | ); |
Vadim Bendebury | 6edc84a | 2015-05-29 22:51:56 -0700 | [diff] [blame] | 102 | BOOL CryptEccGetParameters( |
| 103 | TPM_ECC_CURVE curveId, // IN: ECC curve ID |
| 104 | TPMS_ALGORITHM_DETAIL_ECC *parameters // OUT: ECC parameter |
| 105 | ); |
Vadim Bendebury | 7ef58d9 | 2015-05-29 22:52:44 -0700 | [diff] [blame] | 106 | TPM_RC CryptEccPointMultiply( |
| 107 | TPMS_ECC_POINT *pOut, // OUT: output point |
| 108 | TPM_ECC_CURVE curveId, // IN: curve selector |
| 109 | TPM2B_ECC_PARAMETER *dIn, // IN: public scalar |
| 110 | TPMS_ECC_POINT *pIn // IN: optional point |
| 111 | ); |
Vadim Bendebury | 6bb41ff | 2015-05-29 22:43:25 -0700 | [diff] [blame] | 112 | BOOL CryptEccIsPointOnCurve( |
| 113 | TPM_ECC_CURVE curveID, // IN: ECC curve ID |
| 114 | TPMS_ECC_POINT *Q // IN: ECC point |
| 115 | ); |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 116 | void CryptEndCommit( |
| 117 | UINT16 c // IN: the counter value of the commitment |
| 118 | ); |
Vadim Bendebury | 6bb41ff | 2015-05-29 22:43:25 -0700 | [diff] [blame] | 119 | BOOL CryptGenerateR( |
| 120 | TPM2B_ECC_PARAMETER *r, // OUT: the generated random value |
| 121 | UINT16 *c, // IN/OUT: count value. |
| 122 | TPMI_ECC_CURVE curveID, // IN: the curve for the value |
| 123 | TPM2B_NAME *name // IN: optional name of a key to |
| 124 | // associate with 'r' |
| 125 | ); |
Vadim Bendebury | 59727bd | 2015-05-28 14:58:08 -0700 | [diff] [blame] | 126 | UINT16 CryptGenerateRandom( |
| 127 | UINT16 randomSize, // IN: size of random number |
| 128 | BYTE *buffer // OUT: buffer of random number |
| 129 | ); |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 130 | void CryptGenerateNewSymmetric( |
| 131 | TPMS_SENSITIVE_CREATE *sensitiveCreate, // IN: sensitive creation data |
| 132 | TPMT_SENSITIVE *sensitive, // OUT: sensitive area |
| 133 | TPM_ALG_ID hashAlg, // IN: hash algorithm for the KDF |
| 134 | TPM2B_SEED *seed, // IN: seed used in creation |
| 135 | TPM2B_NAME *name // IN: name of the object |
| 136 | ); |
Vadim Bendebury | 3743ac1 | 2015-05-29 22:44:14 -0700 | [diff] [blame] | 137 | LIB_EXPORT UINT16 CryptGetHashDigestSize( |
| 138 | TPM_ALG_ID hashAlg // IN: hash algorithm |
| 139 | ); |
Vadim Bendebury | bde479a | 2015-05-29 22:48:02 -0700 | [diff] [blame] | 140 | INT16 CryptGetSymmetricBlockSize( |
| 141 | TPMI_ALG_SYM algorithm, // IN: symmetric algorithm |
| 142 | UINT16 keySize // IN: key size in bit |
| 143 | ); |
Vadim Bendebury | 6bb41ff | 2015-05-29 22:43:25 -0700 | [diff] [blame] | 144 | LIB_EXPORT UINT16 CryptHashBlock( |
| 145 | TPM_ALG_ID algId, // IN: the hash algorithm to use |
| 146 | UINT16 blockSize, // IN: size of the data block |
| 147 | BYTE *block, // IN: address of the block to hash |
| 148 | UINT16 retSize, // IN: size of the return buffer |
| 149 | BYTE *ret // OUT: address of the buffer |
| 150 | ); |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 151 | // |
| 152 | // |
| 153 | // |
| 154 | // 10.2.4.23 CryptKDFa() |
| 155 | // |
| 156 | // This function generates a key using the KDFa() formulation in Part 1 of the |
| 157 | // TPM specification. In this implementation, this is a macro invocation of |
| 158 | // _cpri__KDFa() in the hash module of the CryptoEngine(). This macro sets |
| 159 | // once to FALSE so that KDFa() will iterate as many times as necessary to |
| 160 | // generate sizeInBits number of bits. |
| 161 | // |
| 162 | #define CryptKDFa(hashAlg, key, label, contextU, contextV, \ |
| 163 | sizeInBits, keyStream, counterInOut) \ |
| 164 | TEST_HASH(hashAlg); \ |
| 165 | _cpri__KDFa( \ |
| 166 | ((TPM_ALG_ID)hashAlg), \ |
| 167 | ((TPM2B *)key), \ |
| 168 | ((const char *)label), \ |
| 169 | ((TPM2B *)contextU), \ |
| 170 | ((TPM2B *)contextV), \ |
| 171 | ((UINT32)sizeInBits), \ |
| 172 | ((BYTE *)keyStream), \ |
| 173 | ((UINT32 *)counterInOut), \ |
| 174 | ((BOOL) FALSE) \ |
| 175 | ) |
| 176 | |
| 177 | // |
| 178 | // |
| 179 | // 10.2.4.24 CryptKDFaOnce() |
| 180 | // |
| 181 | // This function generates a key using the KDFa() formulation in Part 1 of the |
| 182 | // TPM specification. In this implementation, this is a macro invocation of |
| 183 | // _cpri__KDFa() in the hash module of the CryptoEngine(). This macro will |
| 184 | // call _cpri__KDFa() with once TRUE so that only one iteration is performed, |
| 185 | // regardless of sizeInBits. |
| 186 | // |
| 187 | #define CryptKDFaOnce(hashAlg, key, label, contextU, contextV, \ |
| 188 | sizeInBits, keyStream, counterInOut) \ |
| 189 | TEST_HASH(hashAlg); \ |
| 190 | _cpri__KDFa( \ |
| 191 | ((TPM_ALG_ID)hashAlg), \ |
| 192 | ((TPM2B *)key), \ |
| 193 | ((const char *)label), \ |
| 194 | ((TPM2B *)contextU), \ |
| 195 | ((TPM2B *)contextV), \ |
| 196 | ((UINT32)sizeInBits), \ |
| 197 | ((BYTE *)keyStream), \ |
| 198 | ((UINT32 *)counterInOut), \ |
| 199 | ((BOOL) TRUE) \ |
| 200 | ) |
| 201 | |
| 202 | // |
| 203 | // |
| 204 | // 10.2.4.26 CryptKDFe() |
| 205 | // |
| 206 | // This function generates a key using the KDFa() formulation in Part 1 of |
| 207 | // the TPM specification. In this implementation, this is a macro invocation |
| 208 | // of _cpri__KDFe() in the hash module of the CryptoEngine(). |
| 209 | // |
| 210 | #define CryptKDFe(hashAlg, Z, label, partyUInfo, partyVInfo, \ |
| 211 | sizeInBits, keyStream) \ |
| 212 | TEST_HASH(hashAlg); \ |
| 213 | _cpri__KDFe( \ |
| 214 | ((TPM_ALG_ID)hashAlg), \ |
| 215 | ((TPM2B *)Z), \ |
| 216 | ((const char *)label), \ |
| 217 | ((TPM2B *)partyUInfo), \ |
| 218 | ((TPM2B *)partyVInfo), \ |
| 219 | ((UINT32)sizeInBits), \ |
| 220 | ((BYTE *)keyStream) \ |
| 221 | ) |
| 222 | |
Vadim Bendebury | 8c027af | 2015-05-29 22:45:58 -0700 | [diff] [blame] | 223 | void CryptHashStateImportExport( |
| 224 | HASH_STATE *internalFmt, // IN: state to LIB_EXPORT |
| 225 | HASH_STATE *externalFmt, // OUT: exported state |
| 226 | IMPORT_EXPORT direction |
| 227 | ); |
Vadim Bendebury | bde479a | 2015-05-29 22:48:02 -0700 | [diff] [blame] | 228 | BOOL CryptIsAsymAlgorithm( |
| 229 | TPM_ALG_ID algID // IN: algorithm ID |
| 230 | ); |
Vadim Bendebury | b86371b | 2015-05-27 18:16:19 -0700 | [diff] [blame] | 231 | BOOL CryptIsSchemeAnonymous( |
| 232 | TPM_ALG_ID scheme // IN: the scheme algorithm to test |
| 233 | ); |
Vadim Bendebury | c00055c | 2015-05-29 22:50:18 -0700 | [diff] [blame] | 234 | BOOL CryptIsSplitSign( |
| 235 | TPM_ALG_ID scheme // IN: the algorithm selector |
| 236 | ); |
Vadim Bendebury | 7ef58d9 | 2015-05-29 22:52:44 -0700 | [diff] [blame] | 237 | TPM_RC CryptNewEccKey( |
| 238 | TPM_ECC_CURVE curveID, // IN: ECC curve |
| 239 | TPMS_ECC_POINT *publicPoint, // OUT: public point |
| 240 | TPM2B_ECC_PARAMETER *sensitive // OUT: private area |
| 241 | ); |
Vadim Bendebury | c4b77e0 | 2015-05-27 15:29:50 -0700 | [diff] [blame] | 242 | TPM_RC CryptSecretDecrypt( |
| 243 | TPM_HANDLE tpmKey, // IN: decrypt key |
| 244 | TPM2B_NONCE *nonceCaller, // IN: nonceCaller. It is needed for |
| 245 | // symmetric decryption. For |
| 246 | // asymmetric decryption, this |
| 247 | // parameter is NULL |
| 248 | const char *label, // IN: a null-terminated string as L |
| 249 | TPM2B_ENCRYPTED_SECRET *secret, // IN: input secret |
| 250 | TPM2B_DATA *data // OUT: decrypted secret value |
| 251 | ); |
Vadim Bendebury | 30f6dee | 2015-05-29 22:51:10 -0700 | [diff] [blame] | 252 | TPM_RC CryptSecretEncrypt( |
| 253 | TPMI_DH_OBJECT keyHandle, // IN: encryption key handle |
| 254 | const char *label, // IN: a null-terminated string as L |
| 255 | TPM2B_DATA *data, // OUT: secret value |
| 256 | TPM2B_ENCRYPTED_SECRET *secret // OUT: secret structure |
| 257 | ); |
Vadim Bendebury | b86371b | 2015-05-27 18:16:19 -0700 | [diff] [blame] | 258 | TPM_RC CryptSelectSignScheme( |
| 259 | TPMI_DH_OBJECT signHandle, // IN: handle of signing key |
| 260 | TPMT_SIG_SCHEME *scheme // IN/OUT: signing scheme |
| 261 | ); |
| 262 | TPM_RC CryptSign( |
| 263 | TPMI_DH_OBJECT signHandle, // IN: The handle of sign key |
| 264 | TPMT_SIG_SCHEME *signScheme, // IN: sign scheme. |
| 265 | TPM2B_DIGEST *digest, // IN: The digest being signed |
| 266 | TPMT_SIGNATURE *signature // OUT: signature |
| 267 | ); |
Vadim Bendebury | 8c027af | 2015-05-29 22:45:58 -0700 | [diff] [blame] | 268 | LIB_EXPORT UINT16 CryptStartHMAC2B( |
| 269 | TPMI_ALG_HASH hashAlg, // IN: hash algorithm |
| 270 | TPM2B *key, // IN: HMAC key |
| 271 | HMAC_STATE *hmacState // OUT: the state of HMAC stack. It will be used |
| 272 | // in HMAC update and completion |
| 273 | ); |
Vadim Bendebury | 3743ac1 | 2015-05-29 22:44:14 -0700 | [diff] [blame] | 274 | void CryptSymmetricDecrypt( |
| 275 | BYTE *decrypted, |
| 276 | TPM_ALG_ID algorithm, // IN: algorithm for encryption |
| 277 | UINT16 keySizeInBits, // IN: key size in bit |
| 278 | TPMI_ALG_SYM_MODE mode, // IN: symmetric encryption mode |
| 279 | BYTE *key, // IN: encryption key |
| 280 | TPM2B_IV *ivIn, // IN/OUT: IV for next block |
| 281 | UINT32 dataSize, // IN: data size in byte |
| 282 | BYTE *data // IN/OUT: data buffer |
| 283 | ); |
Vadim Bendebury | f7ee38d | 2015-05-29 22:45:03 -0700 | [diff] [blame] | 284 | void CryptSymmetricEncrypt( |
| 285 | BYTE *encrypted, // OUT: the encrypted data |
| 286 | TPM_ALG_ID algorithm, // IN: algorithm for encryption |
| 287 | UINT16 keySizeInBits, // IN: key size in bit |
| 288 | TPMI_ALG_SYM_MODE mode, // IN: symmetric encryption mode |
| 289 | BYTE *key, // IN: encryption key |
| 290 | TPM2B_IV *ivIn, // IN/OUT: Input IV and output chaining |
| 291 | // value for the next block |
| 292 | UINT32 dataSize, // IN: data size in byte |
| 293 | BYTE *data // IN/OUT: data buffer |
| 294 | ); |
Vadim Bendebury | b86371b | 2015-05-27 18:16:19 -0700 | [diff] [blame] | 295 | UINT16 CryptStartHash( |
| 296 | TPMI_ALG_HASH hashAlg, // IN: hash algorithm |
| 297 | HASH_STATE *hashState // OUT: the state of hash stack. It will be used |
| 298 | // in hash update and completion |
| 299 | ); |
| 300 | void CryptUpdateDigest( |
| 301 | void *digestState, // IN: the state of hash stack |
| 302 | UINT32 dataSize, // IN: the size of data |
| 303 | BYTE *data // IN: data to be hashed |
| 304 | ); |
Vadim Bendebury | b0d692f | 2015-05-29 22:54:52 -0700 | [diff] [blame] | 305 | LIB_EXPORT void CryptUpdateDigest2B( |
| 306 | void *digestState, // IN: the digest state |
| 307 | TPM2B *bIn // IN: 2B containing the data |
| 308 | ); |
Vadim Bendebury | 258ca73 | 2015-05-28 16:35:41 -0700 | [diff] [blame] | 309 | void CryptUpdateDigestInt( |
| 310 | void *state, // IN: the state of hash stack |
| 311 | UINT32 intSize, // IN: the size of 'intValue' in byte |
| 312 | void *intValue // IN: integer value to be hashed |
| 313 | ); |
Vadim Bendebury | b86371b | 2015-05-27 18:16:19 -0700 | [diff] [blame] | 314 | void KDFa( |
| 315 | TPM_ALG_ID hash, // IN: hash algorithm used in HMAC |
| 316 | TPM2B *key, // IN: HMAC key |
| 317 | const char *label, // IN: a null-terminated label for KDF |
| 318 | TPM2B *contextU, // IN: context U |
| 319 | TPM2B *contextV, // IN: context V |
| 320 | UINT32 sizeInBits, // IN: size of generated key in bit |
| 321 | BYTE *keyStream, // OUT: key buffer |
| 322 | UINT32 *counterInOut // IN/OUT: caller may provide the iteration |
| 323 | // counter for incremental operations to |
| 324 | // avoid large intermediate buffers. |
| 325 | ); |
Vadim Bendebury | c4b77e0 | 2015-05-27 15:29:50 -0700 | [diff] [blame] | 326 | |
| 327 | #endif // __SOURCE_CRYPTUTIL_FP_H |