CryptUtil_fp.h

/*
 * Copyright 2015 The Chromium OS Authors. All rights reserved.
 * Use of this source code is governed by a BSD-style license that can be
 * found in the LICENSE file.
 */

#ifndef __SOURCE_CRYPTUTIL_FP_H
#define __SOURCE_CRYPTUTIL_FP_H

BOOL CryptAreKeySizesConsistent(
    TPMT_PUBLIC *publicArea  // IN: the public area to check
    );
TPMI_YES_NO CryptCapGetECCCurve(
    TPM_ECC_CURVE curveID,     // IN: the starting ECC curve
    UINT32 maxCount,           // IN: count of returned curve
    TPML_ECC_CURVE *curveList  // OUT: ECC curve list
    );
UINT32 CryptCapGetEccCurveNumber(void);
UINT16 CryptCommit(void);
LIB_EXPORT int CryptCompare(const UINT32 aSize,  //   IN:   size of a
                            const BYTE *a,       //   IN:   a buffer
                            const UINT32 bSize,  //   IN:   size of b
                            const BYTE *b        //   IN:   b buffer
                            );
TPM_RC CryptCommitCompute(
    TPMS_ECC_POINT *K,       //   OUT: [d]B
    TPMS_ECC_POINT *L,       //   OUT: [r]B
    TPMS_ECC_POINT *E,       //   OUT: [r]M
    TPM_ECC_CURVE curveID,   //   IN: The curve for the computation
    TPMS_ECC_POINT *M,       //   IN: M (P1)
    TPMS_ECC_POINT *B,       //   IN: B (x2, y2)
    TPM2B_ECC_PARAMETER *d,  //   IN: the private scalar
    TPM2B_ECC_PARAMETER *r   //   IN: the computed r value
    );
int CryptCompareSigned(UINT32 aSize,  //   IN:   size of a
                       BYTE *a,       //   IN:   a buffer
                       UINT32 bSize,  //   IN:   size of b
                       BYTE *b        //   IN:   b buffer
                       );
void CryptComputeSymmetricUnique(
    TPMI_ALG_HASH nameAlg,      // IN: object name algorithm
    TPMT_SENSITIVE *sensitive,  // IN: sensitive area
    TPM2B_DIGEST *unique        // OUT: unique buffer
    );
LIB_EXPORT UINT16
CryptCompleteHMAC2B(HMAC_STATE *hmacState,  // IN: the state of HMAC stack
                    TPM2B *digest           // OUT: HMAC
                    );
LIB_EXPORT UINT16
CryptCompleteHash(void *state,        // IN: the state of hash stack
                  UINT16 digestSize,  // IN: size of digest buffer
                  BYTE *digest        // OUT: hash digest
                  );
UINT16 CryptCompleteHash2B(
    void *state,   // IN: the state of hash stack
    TPM2B *digest  // IN: the size of the buffer Out: requested number of byte
    );
TPM_RC CryptCreateObject(
    TPM_HANDLE parentHandle,  //   IN/OUT: indication of the seed source
    TPMT_PUBLIC *publicArea,  //   IN/OUT: public area
    TPMS_SENSITIVE_CREATE *sensitiveCreate,  //   IN: sensitive creation
    TPMT_SENSITIVE *sensitive                //   OUT: sensitive area
    );
void CryptDrbgGetPutState(GET_PUT direction  // IN: Get from or put to DRBG
                          );
TPM_RC CryptDecryptRSA(
    UINT16 *dataOutSize,       // OUT: size of plain text in byte
    BYTE *dataOut,             //   OUT: plain text
    OBJECT *rsaKey,            //   IN: internal RSA key
    TPMT_RSA_DECRYPT *scheme,  //   IN: selects the padding scheme
    UINT16 cipherInSize,       //   IN: size of cipher text in byte
    BYTE *cipherIn,            //   IN: cipher text
    const char *label          //   IN: a label, when needed
    );
TPM_RC CryptDivide(
    TPM2B *numerator,    //   IN: numerator
    TPM2B *denominator,  //   IN: denominator
    TPM2B *quotient,     //   OUT: quotient = numerator / denominator.
    TPM2B *remainder     //   OUT: numerator mod denominator.
    );
void CryptDrbgGetPutState(GET_PUT direction  // IN: Get from or put to DRBG
                          );
//
//
//      10.2.6.3    CryptEccGetKeySizeBytes()
//
//  This macro returns the size of the ECC key in bytes. It uses
//  CryptEccGetKeySizeInBits().
//
#define CryptEccGetKeySizeInBytes(curve) \
  ((CryptEccGetKeySizeInBits(curve) + 7) / 8)

TPM_RC CryptEcc2PhaseKeyExchange(
    TPMS_ECC_POINT *outZ1,     //   OUT: the computed point
    TPMS_ECC_POINT *outZ2,     //   OUT: optional second point
    TPM_ALG_ID scheme,         //   IN: the key exchange scheme
    TPM_ECC_CURVE curveId,     //   IN: the curve for the computation
    TPM2B_ECC_PARAMETER *dsA,  //   IN: static private TPM key
    TPM2B_ECC_PARAMETER *deA,  //   IN: ephemeral private TPM key
    TPMS_ECC_POINT *QsB,       //   IN: static public party B key
    TPMS_ECC_POINT *QeB        //   IN: ephemeral public party B key
    );
TPM_RC CryptEncryptRSA(
    UINT16 *cipherOutSize,     //   OUT: size of cipher text in byte
    BYTE *cipherOut,           //   OUT: cipher text
    OBJECT *rsaKey,            //   IN: internal RSA key
    TPMT_RSA_DECRYPT *scheme,  //   IN: selects the padding scheme
    UINT16 dataInSize,         //   IN: size of plain text in byte
    BYTE *dataIn,              //   IN: plain text
    const char *label          //   IN: an optional label
    );
TPM_ALG_ID CryptGetContextAlg(void *state  // IN: the context to check
                              );
LIB_EXPORT TPM_ALG_ID CryptGetHashAlgByIndex(UINT32 index  // IN: the index
                                             );
LIB_EXPORT UINT16
CryptGetHashDigestSize(TPM_ALG_ID hashAlg  // IN: hash algorithm
                       );
LIB_EXPORT const TPM2B *CryptEccGetParameter(
    char p,                // IN: the parameter selector
    TPM_ECC_CURVE curveId  // IN: the curve id
    );
BOOL CryptEccGetParameters(
    TPM_ECC_CURVE curveId,                 // IN: ECC curve ID
    TPMS_ALGORITHM_DETAIL_ECC *parameters  // OUT: ECC parameter
    );
TPM_RC CryptEccPointMultiply(TPMS_ECC_POINT *pOut,      //   OUT: output point
                             TPM_ECC_CURVE curveId,     //   IN: curve selector
                             TPM2B_ECC_PARAMETER *dIn,  //   IN: public scalar
                             TPMS_ECC_POINT *pIn        //   IN: optional point
                             );
BOOL CryptEccIsPointOnCurve(TPM_ECC_CURVE curveID,  // IN: ECC curve ID
                            TPMS_ECC_POINT *Q       // IN: ECC point
                            );
void CryptEndCommit(UINT16 c  // IN: the counter value of the commitment
                    );
BOOL CryptGenerateR(
    TPM2B_ECC_PARAMETER *r,  //   OUT: the generated random value
    UINT16 *c,               //   IN/OUT: count value.
    TPMI_ECC_CURVE curveID,  //   IN: the curve for the value
    TPM2B_NAME *name  //   IN: optional name of a key to associate with 'r'
    );
UINT16 CryptGenerateRandom(UINT16 randomSize,  // IN: size of random number
                           BYTE *buffer        // OUT: buffer of random number
                           );
void CryptGenerateNewSymmetric(
    TPMS_SENSITIVE_CREATE *sensitiveCreate,  //   IN: sensitive creation data
    TPMT_SENSITIVE *sensitive,               //   OUT: sensitive area
    TPM_ALG_ID hashAlg,                      //   IN: hash algorithm for the KDF
    TPM2B_SEED *seed,                        //   IN: seed used in creation
    TPM2B_NAME *name                         //   IN: name of the object
    );
const TPMT_ECC_SCHEME *CryptGetCurveSignScheme(
    TPM_ECC_CURVE curveId  // IN: The curve selector
    );
LIB_EXPORT UINT16
CryptGetHashDigestSize(TPM_ALG_ID hashAlg  // IN: hash algorithm
                       );
TPMI_ALG_HASH CryptGetSignHashAlg(TPMT_SIGNATURE *auth  // IN: signature
                                  );
INT16 CryptGetSymmetricBlockSize(
    TPMI_ALG_SYM algorithm,  // IN: symmetric algorithm
    UINT16 keySize           // IN: key size in bit
    );
TPM_RC CryptGetTestResult(TPM2B_MAX_BUFFER *outData  // OUT: test result data
                          );
LIB_EXPORT UINT16
CryptHashBlock(TPM_ALG_ID algId,  //   IN: the hash algorithm to use
               UINT16 blockSize,  //   IN: size of the data block
               BYTE *block,       //   IN: address of the block to hash
               UINT16 retSize,    //   IN: size of the return buffer
               BYTE *ret          //   OUT: address of the buffer
               );
//
//
//
//      10.2.4.23 CryptKDFa()
//
// This function generates a key using the KDFa() formulation in Part 1 of the
// TPM specification. In this implementation, this is a macro invocation of
// _cpri__KDFa() in the hash module of the CryptoEngine(). This macro sets
// once to FALSE so that KDFa() will iterate as many times as necessary to
// generate sizeInBits number of bits.
//
#define CryptKDFa(hashAlg, key, label, contextU, contextV, sizeInBits,        \
                  keyStream, counterInOut)                                    \
  TEST_HASH(hashAlg);                                                         \
  _cpri__KDFa(((TPM_ALG_ID)hashAlg), ((TPM2B *)key), ((const char *)label),   \
              ((TPM2B *)contextU), ((TPM2B *)contextV), ((UINT32)sizeInBits), \
              ((BYTE *)keyStream), ((UINT32 *)counterInOut), ((BOOL)FALSE))

//
//
//      10.2.4.24 CryptKDFaOnce()
//
// This function generates a key using the KDFa() formulation in Part 1 of the
// TPM specification. In this implementation, this is a macro invocation of
// _cpri__KDFa() in the hash module of the CryptoEngine(). This macro will
// call _cpri__KDFa() with once TRUE so that only one iteration is performed,
// regardless of sizeInBits.
//
#define CryptKDFaOnce(hashAlg, key, label, contextU, contextV, sizeInBits,    \
                      keyStream, counterInOut)                                \
  TEST_HASH(hashAlg);                                                         \
  _cpri__KDFa(((TPM_ALG_ID)hashAlg), ((TPM2B *)key), ((const char *)label),   \
              ((TPM2B *)contextU), ((TPM2B *)contextV), ((UINT32)sizeInBits), \
              ((BYTE *)keyStream), ((UINT32 *)counterInOut), ((BOOL)TRUE))

//
//
//    10.2.4.26 CryptKDFe()
//
//  This function generates a key using the KDFa() formulation in Part 1 of
//  the TPM specification. In this implementation, this is a macro invocation
//  of _cpri__KDFe() in the hash module of the CryptoEngine().
//
#define CryptKDFe(hashAlg, Z, label, partyUInfo, partyVInfo, sizeInBits,  \
                  keyStream)                                              \
  TEST_HASH(hashAlg);                                                     \
  _cpri__KDFe(((TPM_ALG_ID)hashAlg), ((TPM2B *)Z), ((const char *)label), \
              ((TPM2B *)partyUInfo), ((TPM2B *)partyVInfo),               \
              ((UINT32)sizeInBits), ((BYTE *)keyStream))

void CryptHashStateImportExport(
    HASH_STATE *internalFmt,  // IN: state to LIB_EXPORT
    HASH_STATE *externalFmt,  // OUT: exported state
    IMPORT_EXPORT direction);
void CryptInitUnits(void);
BOOL CryptIsAsymAlgorithm(TPM_ALG_ID algID  // IN: algorithm ID
                          );
BOOL CryptIsDecryptScheme(TPMI_ALG_ASYM_SCHEME scheme);
BOOL CryptIsSchemeAnonymous(
    TPM_ALG_ID scheme  // IN: the scheme algorithm to test
    );
BOOL CryptIsSignScheme(TPMI_ALG_ASYM_SCHEME scheme);
BOOL CryptIsSplitSign(TPM_ALG_ID scheme  // IN: the algorithm selector
                      );
TPM_RC CryptNewEccKey(TPM_ECC_CURVE curveID,          // IN: ECC curve
                      TPMS_ECC_POINT *publicPoint,    // OUT: public point
                      TPM2B_ECC_PARAMETER *sensitive  // OUT: private area
                      );
BOOL CryptObjectIsPublicConsistent(TPMT_PUBLIC *publicArea  // IN: public area
                                   );
TPM_RC CryptObjectPublicPrivateMatch(OBJECT *object  // IN: the object to check
                                     );
TPM_RC CryptParameterDecryption(
    TPM_HANDLE handle,   //   IN: encrypted session handle
    TPM2B *nonceCaller,  //   IN: nonce caller
    UINT32 bufferSize,   //   IN: size of parameter buffer
    UINT16
        leadingSizeInByte,  //   IN: the size of the leading size field in byte
    TPM2B_AUTH *extraKey,   //   IN: the authValue
    BYTE *buffer            //   IN/OUT: parameter buffer to be decrypted
    );
void CryptParameterEncryption(
    TPM_HANDLE handle,         // IN: encrypt session handle
    TPM2B *nonceCaller,        // IN: nonce caller
    UINT16 leadingSizeInByte,  // IN: the size of the leading size field in byte
    TPM2B_AUTH *
        extraKey,  // IN: additional key material other than session auth
    BYTE *buffer   // IN/OUT: parameter buffer to be encrypted
    );
TPM_RC CryptSecretDecrypt(
    TPM_HANDLE tpmKey,         // IN: decrypt key
    TPM2B_NONCE *nonceCaller,  // IN: nonceCaller. It is needed for symmetric
                               // decryption. For asymmetric decryption, this
                               // parameter is NULL
    const char *label,         // IN: a null-terminated string as L
    TPM2B_ENCRYPTED_SECRET *secret,  // IN: input secret
    TPM2B_DATA *data                 // OUT: decrypted secret value
    );
TPM_RC CryptSecretEncrypt(
    TPMI_DH_OBJECT keyHandle,       //   IN: encryption key handle
    const char *label,              //   IN: a null-terminated string as L
    TPM2B_DATA *data,               //   OUT: secret value
    TPM2B_ENCRYPTED_SECRET *secret  //   OUT: secret structure
    );
TPMT_RSA_DECRYPT *CryptSelectRSAScheme(
    TPMI_DH_OBJECT rsaHandle,  // IN: handle of sign key
    TPMT_RSA_DECRYPT *scheme   // IN: a sign or decrypt scheme
    );
TPM_RC CryptSelectSignScheme(
    TPMI_DH_OBJECT signHandle,  // IN: handle of signing key
    TPMT_SIG_SCHEME *scheme     // IN/OUT: signing scheme
    );
TPM_RC CryptSign(TPMI_DH_OBJECT signHandle,    //   IN: The handle of sign key
                 TPMT_SIG_SCHEME *signScheme,  //   IN: sign scheme.
                 TPM2B_DIGEST *digest,         //   IN: The digest being signed
                 TPMT_SIGNATURE *signature     //   OUT: signature
                 );
LIB_EXPORT UINT16
CryptStartHMAC2B(TPMI_ALG_HASH hashAlg,  // IN: hash algorithm
                 TPM2B *key,             // IN: HMAC key
                 HMAC_STATE *hmacState  // OUT: the state of HMAC stack. It will
                                        // be used in HMAC update and completion
                 );
UINT16 CryptStartHMACSequence2B(TPMI_ALG_HASH hashAlg,  // IN: hash algorithm
                                TPM2B *key,             // IN: HMAC key
                                HMAC_STATE *hmacState  // OUT: the state of HMAC
                                                       // stack. It will be used
                                                       // in HMAC update and
                                                       // completion
                                );
UINT16 CryptStartHashSequence(TPMI_ALG_HASH hashAlg,  // IN: hash algorithm
                              HASH_STATE *hashState   // OUT: the state of hash
                                                      // stack. It will be used
                                                      // in hash update and
                                                      // completion
                              );
void CryptStirRandom(UINT32 entropySize,  // IN: size of entropy buffer
                     BYTE *buffer         // IN: entropy buffer
                     );
void CryptStopUnits(void);
void CryptSymmetricDecrypt(
    BYTE *decrypted,
    TPM_ALG_ID algorithm,    //   IN: algorithm for encryption
    UINT16 keySizeInBits,    //   IN: key size in bit
    TPMI_ALG_SYM_MODE mode,  //   IN: symmetric encryption mode
    BYTE *key,               //   IN: encryption key
    TPM2B_IV *ivIn,          //   IN/OUT: IV for next block
    UINT32 dataSize,         //   IN: data size in byte
    BYTE *data               //   IN/OUT: data buffer
    );
void CryptSymmetricEncrypt(
    BYTE *encrypted,         //   OUT: the encrypted data
    TPM_ALG_ID algorithm,    //   IN: algorithm for encryption
    UINT16 keySizeInBits,    //   IN: key size in bit
    TPMI_ALG_SYM_MODE mode,  //   IN: symmetric encryption mode
    BYTE *key,               //   IN: encryption key
    TPM2B_IV *ivIn,   //   IN/OUT: Input IV and output chaining value for the
                      //   next block
    UINT32 dataSize,  //   IN: data size in byte
    BYTE *data        //   IN/OUT: data buffer
    );
UINT16 CryptStartHash(TPMI_ALG_HASH hashAlg,  // IN: hash algorithm
                      HASH_STATE *hashState  // OUT: the state of hash stack. It
                                             // will be used in hash update and
                                             // completion
                      );
void CryptUpdateDigest(void *digestState,  // IN: the state of hash stack
                       UINT32 dataSize,    // IN: the size of data
                       BYTE *data          // IN: data to be hashed
                       );
LIB_EXPORT void CryptUpdateDigest2B(void *digestState,  // IN: the digest state
                                    TPM2B *bIn  // IN: 2B containing the data
                                    );
void CryptUpdateDigestInt(void *state,     // IN: the state of hash stack
                          UINT32 intSize,  // IN: the size of 'intValue' in byte
                          void *intValue   // IN: integer value to be hashed
                          );
BOOL CryptUtilStartup(STARTUP_TYPE type  // IN: the startup type
                      );
TPM_RC CryptVerifySignature(
    TPMI_DH_OBJECT keyHandle,  // IN: The handle of sign key
    TPM2B_DIGEST *digest,      // IN: The digest being validated
    TPMT_SIGNATURE *signature  // IN: signature
    );
void KDFa(TPM_ALG_ID hash,      //   IN: hash algorithm used in HMAC
          TPM2B *key,           //   IN: HMAC key
          const char *label,    //   IN: a null-terminated label for KDF
          TPM2B *contextU,      //   IN: context U
          TPM2B *contextV,      //   IN: context V
          UINT32 sizeInBits,    //   IN: size of generated key in bit
          BYTE *keyStream,      //   OUT: key buffer
          UINT32 *counterInOut  //   IN/OUT: caller may provide the iteration
                                //   counter for incremental operations to avoid
                                //   large intermediate buffers.
          );

#endif  // __SOURCE_CRYPTUTIL_FP_H