diff --git a/eltt2.c b/eltt2.c index b56f9c0..c482f7d 100644 --- a/eltt2.c +++ b/eltt2.c @@ -1,7 +1,7 @@ /** - * @brief Embedded Linux TPM Toolbox 2 (ELTT2) - * @details eltt2.c implements some basic methods to communicate with the Infineon TPM 2.0 without the TDDL lib. - * @file eltt2.c + * @brief Embedded Linux TPM Toolbox 2 (ELTT2) + * @details eltt2.c implements some basic methods to communicate with the Infineon TPM 2.0 without the TDDL lib. + * @file eltt2.c * @copyright Copyright (c) 2014 - 2017 Infineon Technologies AG ( www.infineon.com ).\n * All rights reserved.\n * \n @@ -27,37 +27,37 @@ #include "eltt2.h" /** - * @brief Main entry point of the application. - * @details Handles the command line input and starts the communication with the TPM. - * @param [in] argc Counter for input parameters. - * @param [in] **argv Input parameters. - * @return One of the listed return codes, the TPM return code or the error code stored in the global errno system variable. - * @retval EXIT_SUCCESS In case of success. - * @retval ERR_BAD_CMD In case an invalid command line option. - * @retval value of errno In case of memory allocation error. - * @retval tpmtool_transmit All error codes from tpmtool_transmit. - * @retval return_error_handling All error codes from return_error_handling. - * @retval response_print All error codes from response_print. - * @retval create_hash_sequence All error codes from create_hash_sequence. - * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. - * @retval pcr_extend All error codes from pcr_extend. - * @retval get_random All error codes from get_random. - * @retval pcr_read All error codes from pcr_read. - * @retval create_hash All error codes from create_hash. - * @retval pcr_reset All error codes from pcr_reset. + * @brief Main entry point of the application. + * @details Handles the command line input and starts the communication with the TPM. + * @param [in] argc Counter for input parameters. + * @param [in] **argv Input parameters. + * @return One of the listed return codes, the TPM return code or the error code stored in the global errno system variable. + * @retval EXIT_SUCCESS In case of success. + * @retval ERR_BAD_CMD In case an invalid command line option. + * @retval value of errno In case of memory allocation error. + * @retval tpmtool_transmit All error codes from tpmtool_transmit. + * @retval return_error_handling All error codes from return_error_handling. + * @retval response_print All error codes from response_print. + * @retval create_hash_sequence All error codes from create_hash_sequence. + * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. + * @retval pcr_extend All error codes from pcr_extend. + * @retval get_random All error codes from get_random. + * @retval pcr_read All error codes from pcr_read. + * @retval create_hash All error codes from create_hash. + * @retval pcr_reset All error codes from pcr_reset. */ int main(int argc, char **argv) { // ---------- Local declarations ---------- - int ret_val = EXIT_SUCCESS; // Return value. - uint8_t *tpm_response_buf = NULL; // Buffer for TPM response. - ssize_t tpm_response_buf_size = 0; // Size of tpm_response_buf. - int i = 0; // Command line parsing counter. - int option = 0; // Command line option. - uint8_t *input_bytes = NULL; // Custom command bytes for transmit in case of command line options -b and -E. - size_t input_bytes_size = 0; // Size of input_bytes. - int no_transmission = 0; // Flag to skip the transmission call, e.g. in case of command line option -h. - int tpm_error = 0; // Flag to indicate whether a TPM response has returned a TPM error code or not. + int ret_val = EXIT_SUCCESS; // Return value. + uint8_t *tpm_response_buf = NULL; // Buffer for TPM response. + ssize_t tpm_response_buf_size = 0; // Size of tpm_response_buf. + int i = 0; // Command line parsing counter. + int option = 0; // Command line option. + uint8_t *input_bytes = NULL; // Custom command bytes for transmit in case of command line options -b and -E. + size_t input_bytes_size = 0; // Size of input_bytes. + int no_transmission = 0; // Flag to skip the transmission call, e.g. in case of command line option -h. + int tpm_error = 0; // Flag to indicate whether a TPM response has returned a TPM error code or not. // ---------- Program flow ---------- printf("\n"); @@ -381,9 +381,9 @@ int main(int argc, char **argv) int tpmtool_transmit(const uint8_t *buf, ssize_t length, uint8_t *response, ssize_t *resp_length) { // ---------- Transmit command given in buf to device with handle given in dev_tpm ---------- - int ret_val = EXIT_SUCCESS; // Return value. - int dev_tpm = -1; // TPM device handle. - ssize_t transmit_size = 0; // Amount of bytes sent to / received from the TPM. + int ret_val = EXIT_SUCCESS; // Return value. + int dev_tpm = -1; // TPM device handle. + ssize_t transmit_size = 0; // Amount of bytes sent to / received from the TPM. do { @@ -391,7 +391,7 @@ int tpmtool_transmit(const uint8_t *buf, ssize_t length, uint8_t *response, ssiz NULL_POINTER_CHECK(buf); NULL_POINTER_CHECK(response); NULL_POINTER_CHECK(resp_length); - + if (0 >= length) { ret_val = EINVAL; @@ -521,7 +521,7 @@ static int response_print(uint8_t *response_buf, size_t resp_size, int option) do { NULL_POINTER_CHECK(response_buf); - + if (0 >= resp_size) { ret_val = EINVAL; @@ -603,14 +603,14 @@ static int response_print(uint8_t *response_buf, size_t resp_size, int option) static int print_response_buf(uint8_t *response_buf, size_t resp_size, uint32_t offset, int format) { - int ret_val = EXIT_SUCCESS; // Return value. - uint32_t i = 0; // Loop variable. - uint64_t data_size = 0; // Size of response data. + int ret_val = EXIT_SUCCESS; // Return value. + uint32_t i = 0; // Loop variable. + uint64_t data_size = 0; // Size of response data. do { NULL_POINTER_CHECK(response_buf); - + if (0 >= resp_size) { ret_val = EINVAL; @@ -754,10 +754,10 @@ static void print_help() static int print_capability_flags(uint8_t *response_buf, uint8_t cap_selector) { - int ret_val = EXIT_SUCCESS; // Return value. - uint64_t propertyValue = 0; // Value of the read property. - uint64_t propertyKey = 0; // Key of the property. - int tmp = 0; // Temporary buffer. + int ret_val = EXIT_SUCCESS; // Return value. + uint64_t propertyValue = 0; // Value of the read property. + uint64_t propertyKey = 0; // Key of the property. + int tmp = 0; // Temporary buffer. do { @@ -894,7 +894,7 @@ static int print_capability_flags(uint8_t *response_buf, uint8_t cap_selector) printf("\nTPM capability information of variable properties:\n"); for(int x = 0x13; x= length) { @@ -1064,11 +1064,11 @@ static int buf_to_uint64(uint8_t *input_buffer, uint32_t offset, uint32_t length static int hexstr_to_bytearray(char *byte_string, uint8_t *byte_values, size_t byte_values_size) { - int ret_val = EXIT_SUCCESS; // Return value. - char hex_byte[3] = {0}; // Temporary buffer for input bytes. - char* invalidChars = NULL; // Pointer to target buffer where method stores invalid characters. - uint32_t i = 0; // Loop variable. - uint32_t unStrLen = 0; // Temporary store for byte string length. + int ret_val = EXIT_SUCCESS; // Return value. + char hex_byte[3] = {0}; // Temporary buffer for input bytes. + char* invalidChars = NULL; // Pointer to target buffer where method stores invalid characters. + uint32_t i = 0; // Loop variable. + uint32_t unStrLen = 0; // Temporary store for byte string length. do { @@ -1077,19 +1077,19 @@ static int hexstr_to_bytearray(char *byte_string, uint8_t *byte_values, size_t b if (0 >= byte_values_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter 'byte_values_size' must be larger than 0.\n"); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter 'byte_values_size' must be larger than 0.\n"); + break; } if (INT_MAX < byte_values_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter 'byte_values_size' must be smaller or equal to %u.\n", INT_MAX); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter 'byte_values_size' must be smaller or equal to %u.\n", INT_MAX); + break; } memset(byte_values, 0, byte_values_size); - + unStrLen = strlen(byte_string); if ((unStrLen / HEX_BYTE_STRING_LENGTH + unStrLen % HEX_BYTE_STRING_LENGTH) > (uint32_t)byte_values_size) { @@ -1140,23 +1140,23 @@ static int hexstr_to_bytearray(char *byte_string, uint8_t *byte_values, size_t b static int int_to_bytearray(uint64_t input, uint32_t input_size, uint8_t *output_byte) { - int ret_val = EXIT_SUCCESS; // Return value. - uint32_t i; // For-while-loop counter. + int ret_val = EXIT_SUCCESS; // Return value. + uint32_t i; // For-while-loop counter. do { NULL_POINTER_CHECK(output_byte); if (0 >= input_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter 'input_size' must be larger than 0.\n"); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter 'input_size' must be larger than 0.\n"); + break; } if (sizeof(uint64_t) < input_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter 'input_size' must be smaller or equal to %zu.\n", sizeof(uint64_t)); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter 'input_size' must be smaller or equal to %zu.\n", sizeof(uint64_t)); + break; } for (i = 0; i < input_size; i++) @@ -1170,9 +1170,9 @@ static int int_to_bytearray(uint64_t input, uint32_t input_size, uint8_t *output static int get_random(char *data_length_string, uint8_t *response_buf) { - int ret_val = EXIT_SUCCESS; // Return value. - uint8_t bytes_requested = 0; // Amount of random bytes requested by the user. - size_t byte_string_size = 0; // Size of user input. + int ret_val = EXIT_SUCCESS; // Return value. + uint8_t bytes_requested = 0; // Amount of random bytes requested by the user. + size_t byte_string_size = 0; // Size of user input. do { @@ -1206,20 +1206,20 @@ static int get_random(char *data_length_string, uint8_t *response_buf) } while (0); return ret_val; - } +} static int create_hash(char *data_string, char option, uint8_t *hash_cmd_buf, uint32_t hash_cmd_buf_size) { - int ret_val = EXIT_SUCCESS; // Return value. - uint32_t offset = 0; // Helper offset for generating command request. - uint16_t data_string_size = 0; // Size of user input data. - const uint8_t *tpm_hash_alg = NULL; // Pointer to hash algorithm identifier. + int ret_val = EXIT_SUCCESS; // Return value. + uint32_t offset = 0; // Helper offset for generating command request. + uint16_t data_string_size = 0; // Size of user input data. + const uint8_t *tpm_hash_alg = NULL; // Pointer to hash algorithm identifier. do { NULL_POINTER_CHECK(data_string); NULL_POINTER_CHECK(hash_cmd_buf); - + if ('s' != option && 'S' != option) { ret_val = EINVAL; @@ -1229,15 +1229,15 @@ static int create_hash(char *data_string, char option, uint8_t *hash_cmd_buf, ui if (TPM_REQ_MAX_SIZE < hash_cmd_buf_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter 'hash_cmd_buf_size' must be smaller or equal to %u.\n", TPM_REQ_MAX_SIZE); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter 'hash_cmd_buf_size' must be smaller or equal to %u.\n", TPM_REQ_MAX_SIZE); + break; } if (sizeof(tpm2_hash) > hash_cmd_buf_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter 'hash_cmd_buf_size' must be at least %zu.\n", sizeof(tpm2_hash)); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter 'hash_cmd_buf_size' must be at least %zu.\n", sizeof(tpm2_hash)); + break; } data_string_size = strlen(data_string) / HEX_BYTE_STRING_LENGTH + strlen(data_string) % HEX_BYTE_STRING_LENGTH; if (0 == data_string_size) @@ -1294,34 +1294,34 @@ static int create_hash(char *data_string, char option, uint8_t *hash_cmd_buf, ui static int create_hash_sequence(char *data_string, char option, uint8_t *tpm_response_buf, ssize_t *tpm_response_buf_size) { - int ret_val = EXIT_SUCCESS; // Return value. - uint16_t data_string_bytes_size = 0; // Size of user input data string in bytes. - uint8_t *data_string_bytes = NULL; // Buffer for user input data string as bytes. - uint32_t update_request_size = 0; // Size of user input string. - uint16_t transfer_bytes = 0; // Amount of bytes to be transmitted to the TPM. - uint16_t remaining_bytes = 0; // Amount of bytes not yet transmitted to the TPM. - uint32_t offset = 0; // Helper offset for generating command request. - uint64_t tpm_rc = TPM_RC_SUCCESS; // TPM return code. - uint8_t *update_request = NULL; // Buffer for update sequence command. - uint8_t sequence_handle[4]; // Buffer for sequence handle. - ssize_t original_response_buf_size = 0; // Backup of the original response buffer size. - ssize_t minimum_response_buf_size = - TPM_CMD_HEADER_SIZE + sizeof(sequence_handle); // Minimum success response buffer size (TPM command header + sequence handle) + int ret_val = EXIT_SUCCESS; // Return value. + uint16_t data_string_bytes_size = 0; // Size of user input data string in bytes. + uint8_t *data_string_bytes = NULL; // Buffer for user input data string as bytes. + uint32_t update_request_size = 0; // Size of user input string. + uint16_t transfer_bytes = 0; // Amount of bytes to be transmitted to the TPM. + uint16_t remaining_bytes = 0; // Amount of bytes not yet transmitted to the TPM. + uint32_t offset = 0; // Helper offset for generating command request. + uint64_t tpm_rc = TPM_RC_SUCCESS; // TPM return code. + uint8_t *update_request = NULL; // Buffer for update sequence command. + uint8_t sequence_handle[4]; // Buffer for sequence handle. + ssize_t original_response_buf_size = 0; // Backup of the original response buffer size. + // Minimum success response buffer size (TPM command header + sequence handle) + ssize_t minimum_response_buf_size = TPM_CMD_HEADER_SIZE + sizeof(sequence_handle); do { NULL_POINTER_CHECK(tpm_response_buf); NULL_POINTER_CHECK(data_string); NULL_POINTER_CHECK(tpm_response_buf_size); - + memset(tpm_response_buf, 0, *tpm_response_buf_size); memset(sequence_handle, 0, 4); - + if (TPM_RESP_MAX_SIZE < *tpm_response_buf_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter '*tpm_response_buf_size' must be smaller or equal to %u.\n", TPM_RESP_MAX_SIZE); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter '*tpm_response_buf_size' must be smaller or equal to %u.\n", TPM_RESP_MAX_SIZE); + break; } if (minimum_response_buf_size > *tpm_response_buf_size) { @@ -1329,7 +1329,7 @@ static int create_hash_sequence(char *data_string, char option, uint8_t *tpm_res fprintf(stderr, "Bad parameter. Value of parameter '*tpm_response_buf_size' must be at least %zu.\n", minimum_response_buf_size); break; } - + if ('a' != option && 'A' != option) { ret_val = EINVAL; @@ -1465,21 +1465,21 @@ static int create_hash_sequence(char *data_string, char option, uint8_t *tpm_res static int pcr_extend(char *pcr_index_str, char *pcr_digest_str, uint8_t *pcr_cmd_buf, size_t pcr_cmd_buf_size, char option) { - int ret_val = EXIT_SUCCESS; // Return value. - uint8_t pcr_index = 0; // PCR index user input byte. - uint32_t pcr_digest_size = 0; // Sizeof PCR digest user input. + int ret_val = EXIT_SUCCESS; // Return value. + uint8_t pcr_index = 0; // PCR index user input byte. + uint32_t pcr_digest_size = 0; // Sizeof PCR digest user input. do { NULL_POINTER_CHECK(pcr_index_str); NULL_POINTER_CHECK(pcr_digest_str); NULL_POINTER_CHECK(pcr_cmd_buf); - + if (TPM_REQ_MAX_SIZE < pcr_cmd_buf_size) { - ret_val = EINVAL; - fprintf(stderr, "Bad parameter. Value of parameter 'pcr_cmd_buf_size' size must be smaller or equal to %u.\n", TPM_REQ_MAX_SIZE); - break; + ret_val = EINVAL; + fprintf(stderr, "Bad parameter. Value of parameter 'pcr_cmd_buf_size' size must be smaller or equal to %u.\n", TPM_REQ_MAX_SIZE); + break; } if (sizeof(tpm2_pcr_extend) > pcr_cmd_buf_size) { @@ -1487,9 +1487,9 @@ static int pcr_extend(char *pcr_index_str, char *pcr_digest_str, uint8_t *pcr_cm fprintf(stderr, "Bad parameter. Value of parameter 'pcr_cmd_buf_size' must be at least %zu.\n", sizeof(tpm2_pcr_extend)); break; } - + memset(pcr_cmd_buf, 0, pcr_cmd_buf_size); - + if ('e' != option && 'E' != option) { ret_val = EINVAL; @@ -1560,10 +1560,10 @@ static int pcr_extend(char *pcr_index_str, char *pcr_digest_str, uint8_t *pcr_cm static int pcr_read(char *pcr_index_str, uint8_t *pcr_cmd_buf, char option) { - int ret_val = EXIT_SUCCESS; // Return value. - int pcr_byte_index = 0; // The location for pcr_select on pcr_cmd_buf. - uint8_t pcr_select = 0; // PCR index as mapped bit value. - uint8_t pcr_index = 0; // PCR user input byte. + int ret_val = EXIT_SUCCESS; // Return value. + int pcr_byte_index = 0; // The location for pcr_select on pcr_cmd_buf. + uint8_t pcr_select = 0; // PCR index as mapped bit value. + uint8_t pcr_index = 0; // PCR user input byte. do { @@ -1627,14 +1627,14 @@ static int pcr_read(char *pcr_index_str, uint8_t *pcr_cmd_buf, char option) static int pcr_reset(char *pcr_index_str, uint8_t *pcr_cmd_buf) { - int ret_val = EXIT_SUCCESS; // Return value. - uint8_t pcr_index = 0; // PCR user input byte. + int ret_val = EXIT_SUCCESS; // Return value. + uint8_t pcr_index = 0; // PCR user input byte. do { NULL_POINTER_CHECK(pcr_index_str); NULL_POINTER_CHECK(pcr_cmd_buf); - + memset(pcr_cmd_buf, 0, 27); // Convert the command line input to bytes. diff --git a/eltt2.h b/eltt2.h index 31e2c68..06df1c6 100644 --- a/eltt2.h +++ b/eltt2.h @@ -2,7 +2,7 @@ #define _ELTT2_H_ /** * @brief Infineon Embedded Linux TPM Toolbox 2 (ELTT2) for TPM 2.0 - * @details eltt2.h implements all TPM byte commands and the prototype declarations for eltt2.c. + * @details eltt2.h implements all TPM byte commands and the prototype declarations for eltt2.c. * @file eltt2.h * @date 2014/06/26 * @copyright Copyright (c) 2014 - 2017 Infineon Technologies AG ( www.infineon.com ).\n @@ -74,328 +74,331 @@ #include //-------------"Defines"------------- -#define TPM_RESP_MAX_SIZE 4096 ///< This is the maximum possible TPM response size in bytes. -#define TPM_REQ_MAX_SIZE 1024 ///< This is the maximum possible TPM request size in bytes. TBD: Find out correct value. -#define ERR_COMMUNICATION -1 ///< Return error check for read and write to the TPM. -#define ERR_BAD_CMD -2 ///< Error code for a bad command line argument or option. -#define TPM_SHA1_DIGEST_SIZE 20 ///< For all SHA-1 operations the digest's size is always 20 bytes. -#define TPM_SHA256_DIGEST_SIZE 32 ///< For all SHA-256 operations the digest's size is always 32 bytes. -#define TPM_CMD_HEADER_SIZE 10 ///< The size of a standard TPM command header is 10 bytes. -#define TPM_CMD_SIZE_OFFSET 2 ///< The offset of a TPM command's size value is 2 bytes. -#define HEX_BYTE_STRING_LENGTH 2 ///< A byte can be represented by two hexadecimal characters. +#define TPM_RESP_MAX_SIZE 4096 ///< This is the maximum possible TPM response size in bytes. +#define TPM_REQ_MAX_SIZE 1024 ///< This is the maximum possible TPM request size in bytes. TBD: Find out correct value. +#define ERR_COMMUNICATION -1 ///< Return error check for read and write to the TPM. +#define ERR_BAD_CMD -2 ///< Error code for a bad command line argument or option. +#define TPM_SHA1_DIGEST_SIZE 20 ///< For all SHA-1 operations the digest's size is always 20 bytes. +#define TPM_SHA256_DIGEST_SIZE 32 ///< For all SHA-256 operations the digest's size is always 32 bytes. +#define TPM_CMD_HEADER_SIZE 10 ///< The size of a standard TPM command header is 10 bytes. +#define TPM_CMD_SIZE_OFFSET 2 ///< The offset of a TPM command's size value is 2 bytes. +#define HEX_BYTE_STRING_LENGTH 2 ///< A byte can be represented by two hexadecimal characters. #ifndef INT_MAX -#define INT_MAX 0x7FFFFFF ///< The maximum value of a signed 32-bit integer. +#define INT_MAX 0x7FFFFFF ///< The maximum value of a signed 32-bit integer. #endif // TPM Return codes -#define TPM_RC_SUCCESS 0x00000000 ///< The response error code for TPM_SUCCESS. -#define TPM_RC_BAD_TAG 0x0000001E ///< The response error code for TPM_RC_BAD_TAG. -#define TPM_RC_SIZE 0x00000095 ///< The response error code for TPM_RC_SIZE. -#define TPM_RC_INITIALIZE 0x00000100 ///< The response error code for TPM_RC_INITIALIZE. -#define TPM_RC_FAILURE 0x00000101 ///< The response error code for TPM_RC_FAILURE. -#define TPM_RC_LOCALITY 0x00000907 ///< The response error code for TPM_RC_LOCALITY. -#define FU_FIRMWARE_VALID_FLAG 4 ///< If this flag is set, the firmware is valid. -#define FU_OWNER_FLAG 1 ///< If this flag is set, the owner is set. +#define TPM_RC_SUCCESS 0x00000000 ///< The response error code for TPM_SUCCESS. +#define TPM_RC_BAD_TAG 0x0000001E ///< The response error code for TPM_RC_BAD_TAG. +#define TPM_RC_SIZE 0x00000095 ///< The response error code for TPM_RC_SIZE. +#define TPM_RC_INITIALIZE 0x00000100 ///< The response error code for TPM_RC_INITIALIZE. +#define TPM_RC_FAILURE 0x00000101 ///< The response error code for TPM_RC_FAILURE. +#define TPM_RC_LOCALITY 0x00000907 ///< The response error code for TPM_RC_LOCALITY. +#define FU_FIRMWARE_VALID_FLAG 4 ///< If this flag is set, the firmware is valid. +#define FU_OWNER_FLAG 1 ///< If this flag is set, the owner is set. // print_response_buf options -#define PRINT_RESPONSE_CLEAR 1 ///< Prints response unformatted. -#define PRINT_RESPONSE_HEADERBLOCKS 2 ///< Prints response in commented blocks. -#define PRINT_RESPONSE_HEX_BLOCK 3 ///< Prints response in rows of 16 bytes and shows the line number. -#define PRINT_RESPONSE_HASH 4 ///< Prints response of Hash +#define PRINT_RESPONSE_CLEAR 1 ///< Prints response unformatted. +#define PRINT_RESPONSE_HEADERBLOCKS 2 ///< Prints response in commented blocks. +#define PRINT_RESPONSE_HEX_BLOCK 3 ///< Prints response in rows of 16 bytes and shows the line number. +#define PRINT_RESPONSE_HASH 4 ///< Prints response of Hash #define PRINT_RESPONSE_WITHOUT_HEADER 12 ///< Prints the response buffer from byte 12. #define PRINT_RESPONSE_HASH_WITHOUT_HEADER 16 ///< Prints the response buffer from byte 16. -#define PRINT_RESPONSE_WITH_HEADER 0 ///< Prints the response buffer from byte 0. +#define PRINT_RESPONSE_WITH_HEADER 0 ///< Prints the response buffer from byte 0. #define PRINT_RESPONSE_PCR_WITHOUT_HEADER 30 ///< Prints the pcr buffer from pcr_read. // time conversion -#define YEAR_SECONDS 31536000 ///< Number of seconds in one year -#define DAY_SECONDS 86400 ///< Number of seconds in one day -#define HOUR_SECONDS 3600 ///< Number of seconds in one hour -#define MINUTE_SECONDS 60 ///< Number of seconds in one minute -#define MILISECOND_TO_SECOND 1000 ///< Convertion from miliseconds to seconds +#define YEAR_SECONDS 31536000 ///< Number of seconds in one year +#define DAY_SECONDS 86400 ///< Number of seconds in one day +#define HOUR_SECONDS 3600 ///< Number of seconds in one hour +#define MINUTE_SECONDS 60 ///< Number of seconds in one minute +#define MILISECOND_TO_SECOND 1000 ///< Convertion from miliseconds to seconds // hash -#define STD_CC_HASH_SIZE 18 ///< Hash command size +#define STD_CC_HASH_SIZE 18 ///< Hash command size // TPM_PT constants -#define PT_FIXED_SELECTOR 1 -#define PT_VAR_SELECTOR 2 +#define PT_FIXED_SELECTOR 1 ///< Fixed GetCapability Flags +#define PT_VAR_SELECTOR 2 ///< Variable GetCapability Flags //-------------"Macros"------------- // Null pointer check #define NULL_POINTER_CHECK(x) if (NULL == x) { ret_val = EINVAL; fprintf(stderr, "Error: Invalid argument.\n"); break; } ///< Argument NULL check. -#define MALLOC_ERROR_CHECK(x) if (NULL == x) { ret_val = errno; fprintf(stderr, "Error (re)allocating memory.\n"); break; } ///< Malloc error check. +#define MALLOC_ERROR_CHECK(x) if (NULL == x) { ret_val = errno; fprintf(stderr, "Error (re)allocating memory.\n"); break; } ///< Malloc error check. #define MEMSET_FREE(x, y) if (NULL != x) { memset(x, 0, y); free(x); x = NULL; } ///< Sets memory to 0, frees memory and sets pointer to NULL. // Return value check #define RET_VAL_CHECK(x) if (EXIT_SUCCESS != x) { break; } ///< Return value check //-------------"Methods"------------- /** - * @brief Convert (max.) 8 byte buffer to an unsigned 64-bit integer. - * @param [in] *input_buffer Input buffer. Make sure that its size is at least as high as offset + length. - * @param [in] offset Start byte for conversion. - * @param [in] length Amount of bytes to be converted. - * @param [out] *output_value Return the converted unsigned 64-bit integer. - * @param [in] input_buffer_size Size of input_buffer in bytes. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer or length is greater than 8. - * @retval EXIT_SUCCESS In case of success. - * @date 2014/06/26 + * @brief Convert (max.) 8 byte buffer to an unsigned 64-bit integer. + * @param [in] *input_buffer Input buffer. Make sure that its size is at least as high as offset + length. + * @param [in] offset Start byte for conversion. + * @param [in] length Amount of bytes to be converted. + * @param [out] *output_value Return the converted unsigned 64-bit integer. + * @param [in] input_buffer_size Size of input_buffer in bytes. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer or length is greater than 8. + * @retval EXIT_SUCCESS In case of success. + * @date 2014/06/26 */ static int buf_to_uint64(uint8_t *input_buffer, uint32_t offset, uint32_t length, uint64_t *output_value, uint32_t input_buffer_size); /** - * @brief Convert a hexadecimal string representation of bytes like "0A1F" and returns an array containing the actual byte values as an array (e.g. { 0x0A, 0x1F }). - * @param [in] *byte_string Incoming bytes as string. - * @param [out] *byte_values Byte array representation of given input string. Must be allocated by caller with the length given in byte_values_size. - * @param [in] byte_values_size Size of byte_values array. - * @return One of the listed return codes. - * @retval EXIT_SUCCESS In case of success. - * @retval EINVAL In case of a NULL pointer. - * @retval value of errno In case parsing error. - * @date 2014/06/26 + * @brief Convert a hexadecimal string representation of bytes like "0A1F" and + returns an array containing the actual byte values as an array (e.g. { 0x0A, 0x1F }). + * @param [in] *byte_string Incoming bytes as string. + * @param [out] *byte_values Byte array representation of given input string. + * Must be allocated by caller with the length given in byte_values_size. + * @param [in] byte_values_size Size of byte_values array. + * @return One of the listed return codes. + * @retval EXIT_SUCCESS In case of success. + * @retval EINVAL In case of a NULL pointer. + * @retval value of errno In case parsing error. + * @date 2014/06/26 */ static int hexstr_to_bytearray(char *byte_string, uint8_t *byte_values, size_t byte_values_size); /** - * @brief Convert a number to a byte buffer. - * @param [in] input User input. - * @param [in] input_size Size of input data type in bytes. - * @param [out] *output_byte Return buffer for the converted integer. Must be allocated by the caller with at least a size of 'input_size'. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @date 2014/06/26 + * @brief Convert a number to a byte buffer. + * @param [in] input User input. + * @param [in] input_size Size of input data type in bytes. + * @param [out] *output_byte Return buffer for the converted integer. + Must be allocated by the caller with at least a size of 'input_size'. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @date 2014/06/26 */ static int int_to_bytearray(uint64_t input, uint32_t input_size, uint8_t *output_byte); /** - * @brief Create the PCR_Extend command. - * @param [in] *pcr_index_str User input string for PCR index. - * @param [in] *pcr_digest_str User input string of value to extend the selected PCR with. - * @param [out] *pcr_cmd_buf Return buffer for the complete command. Must be allocated by caller. - * @param [in] *pcr_cmd_buf_size Size of memory allocated at pcr_cmd_buf in bytes. - * @param [in] *option Set to 'e' for extending with SHA-1 and to 'E' for SHA-256. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer or an invalid option. - * @retval EXIT_SUCCESS In case of success. - * @retval ERR_BAD_CMD In case of bad user input. - * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. - * @date 2014/06/26 + * @brief Create the PCR_Extend command. + * @param [in] *pcr_index_str User input string for PCR index. + * @param [in] *pcr_digest_str User input string of value to extend the selected PCR with. + * @param [out] *pcr_cmd_buf Return buffer for the complete command. Must be allocated by caller. + * @param [in] *pcr_cmd_buf_size Size of memory allocated at pcr_cmd_buf in bytes. + * @param [in] *option Set to 'e' for extending with SHA-1 and to 'E' for SHA-256. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer or an invalid option. + * @retval EXIT_SUCCESS In case of success. + * @retval ERR_BAD_CMD In case of bad user input. + * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. + * @date 2014/06/26 */ static int pcr_extend(char *pcr_index_str, char *pcr_digest_str, uint8_t *pcr_cmd_buf, size_t pcr_cmd_buf_size, char option); /** - * @brief Create the PCR_Read command. - * @param [in] *pcr_index_str User input string for PCR index. - * @param [out] *pcr_cmd_buf Return buffer for the complete command. - * @param [in] *option Set to 'r' for reading with SHA-1 and to 'R' for SHA-256. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer or an invalid option. - * @retval EXIT_SUCCESS In case of success. - * @retval ERR_BAD_CMD In case of bad user input. - * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. - * @date 2014/06/26 + * @brief Create the PCR_Read command. + * @param [in] *pcr_index_str User input string for PCR index. + * @param [out] *pcr_cmd_buf Return buffer for the complete command. + * @param [in] *option Set to 'r' for reading with SHA-1 and to 'R' for SHA-256. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer or an invalid option. + * @retval EXIT_SUCCESS In case of success. + * @retval ERR_BAD_CMD In case of bad user input. + * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. + * @date 2014/06/26 */ static int pcr_read(char *pcr_index_str, uint8_t *pcr_cmd_buf, char option); /** - * @brief Create the PCR_Reset command. - * @param [in] *pcr_index_str User input string for PCR index. - * @param [out] *pcr_cmd_buf Return buffer for the complete command. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @retval ERR_BAD_CMD In case of bad user input. - * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. - * @date 2014/06/26 + * @brief Create the PCR_Reset command. + * @param [in] *pcr_index_str User input string for PCR index. + * @param [out] *pcr_cmd_buf Return buffer for the complete command. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @retval ERR_BAD_CMD In case of bad user input. + * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. + * @date 2014/06/26 */ static int pcr_reset(char *pcr_index_str, uint8_t *pcr_cmd_buf); /** - * @brief Print the command line usage and switches. - * @date 2014/06/26 + * @brief Print the command line usage and switches. + * @date 2014/06/26 */ static void print_help(); /** - * @brief Print the response buffer in different formats. - * @param [in] *response_buf TPM response. - * @param [in] resp_size TPM response size. - * @param [in] offset Starting point for printing buffer. - * @param [in] format Select the output format. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer or an unknown output format has been transfered. - * @retval EXIT_SUCCESS In case of success. - * @retval buf_to_uint64 All error codes from buf_to_uint64. - * @date 2014/06/26 + * @brief Print the response buffer in different formats. + * @param [in] *response_buf TPM response. + * @param [in] resp_size TPM response size. + * @param [in] offset Starting point for printing buffer. + * @param [in] format Select the output format. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer or an unknown output format has been transfered. + * @retval EXIT_SUCCESS In case of success. + * @retval buf_to_uint64 All error codes from buf_to_uint64. + * @date 2014/06/26 */ static int print_response_buf(uint8_t *response_buf, size_t resp_size, uint32_t offset, int format); /** - * @brief Print a TPM response. - * @param [in] *response_buf TPM response. - * @param [in] resp_size TPM response size. - * @param [in] option Defines appearance of output. Can have the following values:\n - - PRINT_RESPONSE_CLEAR - - PRINT_RESPONSE_HEADERBLOCKS - - PRINT_RESPONSE_HEX_BLOCK - - PRINT_RESPONSE_WITHOUT_HEADER - - PRINT_RESPONSE_WITH_HEADER - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @retval print_response_buf All error codes from print_response_buf. - * @retval print_clock_info All error codes from print_clock_info. - * @retval print_capability_flags All error codes from print_capability_flags. - * @date 2014/06/26 + * @brief Print a TPM response. + * @param [in] *response_buf TPM response. + * @param [in] resp_size TPM response size. + * @param [in] option Defines appearance of output. Can have the following values:\n + - PRINT_RESPONSE_CLEAR + - PRINT_RESPONSE_HEADERBLOCKS + - PRINT_RESPONSE_HEX_BLOCK + - PRINT_RESPONSE_WITHOUT_HEADER + - PRINT_RESPONSE_WITH_HEADER + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @retval print_response_buf All error codes from print_response_buf. + * @retval print_clock_info All error codes from print_clock_info. + * @retval print_capability_flags All error codes from print_capability_flags. + * @date 2014/06/26 */ static int response_print(uint8_t *response_buf, size_t resp_size, int option); /** - * @brief Check a TPM response for errors. - * @param [in] *response_buf TPM response. Must have at least a size of TPM_CMD_HEADER_SIZE bytes. - * @return Returns the TPM return code extracted from the given TPM response or one of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval buf_to_uint64 All error codes from buf_to_uint64. - * @retval EXIT_SUCCESS In case of success. - * @date 2014/06/26 + * @brief Check a TPM response for errors. + * @param [in] *response_buf TPM response. Must have at least a size of TPM_CMD_HEADER_SIZE bytes. + * @return Returns the TPM return code extracted from the given TPM response or one of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval buf_to_uint64 All error codes from buf_to_uint64. + * @retval EXIT_SUCCESS In case of success. + * @date 2014/06/26 */ static int return_error_handling(uint8_t *response_buf); /** - * @brief Transmit TPM command to /dev/tpm0 and get the response. - * @param [in] *buf TPM request. - * @param [in] length TPM request length. - * @param [out] *response TPM response. - * @param [out] *resp_length TPM response length. - * @return One of the listed return codes or the error code stored in the global errno system variable. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @date 2014/06/26 + * @brief Transmit TPM command to /dev/tpm0 and get the response. + * @param [in] *buf TPM request. + * @param [in] length TPM request length. + * @param [out] *response TPM response. + * @param [out] *resp_length TPM response length. + * @return One of the listed return codes or the error code stored in the global errno system variable. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @date 2014/06/26 */ static int tpmtool_transmit(const uint8_t *buf, ssize_t length, uint8_t *response, ssize_t *resp_length); /** - * @brief Print the capability flags. - * @param [in] *response_buf TPM response. - * @param [in] cap_selector Type of capabilities to print. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @retval buf_to_uint64 All error codes from buf_to_uint64. - * @date 2014/06/26 + * @brief Print the capability flags. + * @param [in] *response_buf TPM response. + * @param [in] cap_selector Type of capabilities to print. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @retval buf_to_uint64 All error codes from buf_to_uint64. + * @date 2014/06/26 */ static int print_capability_flags(uint8_t *response_buf, uint8_t cap_selector); /** - * @brief Print the clock info. - * @param [in] *response_buf TPM response. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @retval buf_to_uint64 All error codes from buf_to_uint64. - * @date 2014/06/26 + * @brief Print the clock info. + * @param [in] *response_buf TPM response. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @retval buf_to_uint64 All error codes from buf_to_uint64. + * @date 2014/06/26 */ static int print_clock_info(uint8_t *response_buf); /** - * @brief Create the get_random command. - * @param [in] *data_length_string User input string for random data length. - * @param [out] *response_buf Return buffer for the complete command. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @retval ERR_BAD_CMD In case of bad user input. - * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. - * @date 2014/06/26 + * @brief Create the get_random command. + * @param [in] *data_length_string User input string for random data length. + * @param [out] *response_buf Return buffer for the complete command. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @retval ERR_BAD_CMD In case of bad user input. + * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. + * @date 2014/06/26 */ static int get_random(char *data_length_string, uint8_t *response_buf); /** - * @brief Create the simple hash command. - * @param [in] *data_string User input string of data to be hashed. - * @param [in] option Set to 's' for hashing with SHA-1 and to 'S' for SHA-256. - * @param [out] *hash_cmd_buf Return buffer for the complete command. - * @param [in] hash_cmd_buf_size Return buffer size. - * @return One of the listed return codes. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. - * @retval int_to_bytearray All error codes from int_to_bytearray. - * @date 2014/06/26 + * @brief Create the simple hash command. + * @param [in] *data_string User input string of data to be hashed. + * @param [in] option Set to 's' for hashing with SHA-1 and to 'S' for SHA-256. + * @param [out] *hash_cmd_buf Return buffer for the complete command. + * @param [in] hash_cmd_buf_size Return buffer size. + * @return One of the listed return codes. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. + * @retval int_to_bytearray All error codes from int_to_bytearray. + * @date 2014/06/26 */ static int create_hash(char *data_string, char option, uint8_t *hash_cmd_buf, uint32_t hash_cmd_buf_size); /** - * @brief Create and transmit a sequence of TPM commands for hashing larger amounts of data. - * @param [in] *data_string User input string of data to be hashed. - * @param [in] option Set to 'a' for hashing with SHA-1 and to 'A' for SHA-256. - * @param [out] *tpm_response_buf TPM response. - * @param [out] *tpm_response_buf_size Size of tpm_response_buf. - * @return One of the listed return codes or the error code stored in the global errno system variable. - * @retval EINVAL In case of a NULL pointer. - * @retval EXIT_SUCCESS In case of success. - * @retval value of errno In case of memory allocation error. - * @retval buf_to_uint64 All error codes from buf_to_uint64. - * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. - * @retval int_to_bytearray All error codes from int_to_bytearray. - * @retval tpmtool_transmit All error codes from tpmtool_transmit. - * @retval print_response_buf All error codes from print_response_buf - * @date 2014/06/26 + * @brief Create and transmit a sequence of TPM commands for hashing larger amounts of data. + * @param [in] *data_string User input string of data to be hashed. + * @param [in] option Set to 'a' for hashing with SHA-1 and to 'A' for SHA-256. + * @param [out] *tpm_response_buf TPM response. + * @param [out] *tpm_response_buf_size Size of tpm_response_buf. + * @return One of the listed return codes or the error code stored in the global errno system variable. + * @retval EINVAL In case of a NULL pointer. + * @retval EXIT_SUCCESS In case of success. + * @retval value of errno In case of memory allocation error. + * @retval buf_to_uint64 All error codes from buf_to_uint64. + * @retval hexstr_to_bytearray All error codes from hexstr_to_bytearray. + * @retval int_to_bytearray All error codes from int_to_bytearray. + * @retval tpmtool_transmit All error codes from tpmtool_transmit. + * @retval print_response_buf All error codes from print_response_buf + * @date 2014/06/26 */ static int create_hash_sequence(char *data_string, char option, uint8_t *tpm_response_buf, ssize_t *tpm_response_buf_size); //-------------"command bytes"------------- static const uint8_t tpm2_startup_clear[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0C, // commandSize - 0x00, 0x00, 0x01, 0x44, // TPM_CC_Startup - 0x00, 0x00 // TPM_ST_CLEAR + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0C, // commandSize + 0x00, 0x00, 0x01, 0x44, // TPM_CC_Startup + 0x00, 0x00 // TPM_ST_CLEAR }; static const uint8_t tpm2_startup_state[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0C, // commandSize - 0x00, 0x00, 0x01, 0x44, // TPM_CC_Startup - 0x00, 0x01 // TPM_ST_STATE + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0C, // commandSize + 0x00, 0x00, 0x01, 0x44, // TPM_CC_Startup + 0x00, 0x01 // TPM_ST_STATE }; static const uint8_t tpm_cc_shutdown_clear[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0C, // commandSize - 0x00, 0x00, 0x01, 0x45, // TPM_CC_Shutdown - 0x00, 0x00 // TPM_SU_CLEAR + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0C, // commandSize + 0x00, 0x00, 0x01, 0x45, // TPM_CC_Shutdown + 0x00, 0x00 // TPM_SU_CLEAR }; static const uint8_t tpm_cc_shutdown_state[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0C, // commandSize - 0x00, 0x00, 0x01, 0x45, // TPM_CC_Shutdown - 0x00, 0x01 // TPM_SU_STATE + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0C, // commandSize + 0x00, 0x00, 0x01, 0x45, // TPM_CC_Shutdown + 0x00, 0x01 // TPM_SU_STATE }; static const uint8_t tpm2_self_test[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0B, // commandSize - 0x00, 0x00, 0x01, 0x43, // TPM_CC_SelfTest - 0x00 // fullTest=No + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0B, // commandSize + 0x00, 0x00, 0x01, 0x43, // TPM_CC_SelfTest + 0x00 // fullTest=No }; static const uint8_t tpm2_self_test_full[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0B, // commandSize - 0x00, 0x00, 0x01, 0x43, // TPM_CC_SelfTest - 0x01 // fullTest=Yes + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0B, // commandSize + 0x00, 0x00, 0x01, 0x43, // TPM_CC_SelfTest + 0x01 // fullTest=Yes }; static const uint8_t tpm_cc_get_test_result[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0A, // commandSize - 0x00, 0x00, 0x01, 0x7C // TPM_CC_GetTestResult + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0A, // commandSize + 0x00, 0x00, 0x01, 0x7C // TPM_CC_GetTestResult }; static const uint8_t tpm2_self_test_incremental[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x2A, // commandSize - 0x00, 0x00, 0x01, 0x42, // TPM_CC_IncrementalSelfTest - 0x00, 0x00, 0x00, 0x0E, // Count of Algorithm - 0x00, 0x01, 0x00, 0x04, // Algorithm two per line + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x2A, // commandSize + 0x00, 0x00, 0x01, 0x42, // TPM_CC_IncrementalSelfTest + 0x00, 0x00, 0x00, 0x0E, // Count of Algorithm + 0x00, 0x01, 0x00, 0x04, // Algorithm two per line 0x00, 0x05, 0x00, 0x06, 0x00, 0x08, 0x00, 0x0A, 0x00, 0x0B, 0x00, 0x14, @@ -405,133 +408,133 @@ static const uint8_t tpm2_self_test_incremental[] = { }; static const uint8_t tpm2_getrandom[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0C, // commandSize - 0x00, 0x00, 0x01, 0x7B, // TPM_CC_GetRandom - 0x00, 0x00 // bytesRequested (will be set later) + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0C, // commandSize + 0x00, 0x00, 0x01, 0x7B, // TPM_CC_GetRandom + 0x00, 0x00 // bytesRequested (will be set later) }; static const uint8_t tpm_cc_readclock[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0A, // commandSize - 0x00, 0x00, 0x01, 0x81 // TPM_CC_ReadClock + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0A, // commandSize + 0x00, 0x00, 0x01, 0x81 // TPM_CC_ReadClock }; static const uint8_t tpm2_getcapability_fixed[] ={ - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x16, // commandSize - 0x00, 0x00, 0x01, 0x7A, // TPM_CC_GetCapability - 0x00, 0x00, 0x00, 0x06, // TPM_CAP_TPM_PROPERTIES (Property Type: TPM_PT) - 0x00, 0x00, 0x01, 0x00, // Property: TPM_PT_FAMILY_INDICATOR: PT_GROUP * 1 + 0 - 0x00, 0x00, 0x00, 0x2D // PropertyCount 2D (from 100 - 201) + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x16, // commandSize + 0x00, 0x00, 0x01, 0x7A, // TPM_CC_GetCapability + 0x00, 0x00, 0x00, 0x06, // TPM_CAP_TPM_PROPERTIES (Property Type: TPM_PT) + 0x00, 0x00, 0x01, 0x00, // Property: TPM_PT_FAMILY_INDICATOR: PT_GROUP * 1 + 0 + 0x00, 0x00, 0x00, 0x2D // PropertyCount 2D (from 100 - 201) }; static const uint8_t tpm2_getcapability_var[] ={ - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x16, // commandSize - 0x00, 0x00, 0x01, 0x7A, // TPM_CC_GetCapability - 0x00, 0x00, 0x00, 0x06, // TPM_CAP_TPM_PROPERTIES (Property Type: TPM_PT) - 0x00, 0x00, 0x02, 0x00, // Property: TPM_PT_FAMILY_INDICATOR: PT_GROUP * 2 + 0 - 0x00, 0x00, 0x00, 0x2D // PropertyCount 2D (from 200 - 301) + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x16, // commandSize + 0x00, 0x00, 0x01, 0x7A, // TPM_CC_GetCapability + 0x00, 0x00, 0x00, 0x06, // TPM_CAP_TPM_PROPERTIES (Property Type: TPM_PT) + 0x00, 0x00, 0x02, 0x00, // Property: TPM_PT_FAMILY_INDICATOR: PT_GROUP * 2 + 0 + 0x00, 0x00, 0x00, 0x2D // PropertyCount 2D (from 200 - 301) }; // Hash static const uint8_t tpm2_hash[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0e, // commandSize - 0x00, 0x00, 0x01, 0x7D, // TPM_CC_Hash - 0x00, 0x00, // size (will be set later) - // buffer (will be added later) - 0x00, 0x00, // hashAlg (will be added later) - 0x00, 0x00, 0x00, 0x00 // hierarchy of the ticket (TPM_RH_NULL; will be added later) + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0e, // commandSize + 0x00, 0x00, 0x01, 0x7D, // TPM_CC_Hash + 0x00, 0x00, // size (will be set later) + // buffer (will be added later) + 0x00, 0x00, // hashAlg (will be added later) + 0x00, 0x00, 0x00, 0x00 // hierarchy of the ticket (TPM_RH_NULL; will be added later) }; // HashSequence static uint8_t tpm2_hash_sequence_start[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x0e, // commandSize - 0x00, 0x00, 0x01, 0x86, // TPM_CC_HashSequenceStart - 0x00, 0x00, // authSize (NULL Password) - // null (indicate a NULL Password) - 0x00, 0x00 // hashAlg (will be set later) + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x0e, // commandSize + 0x00, 0x00, 0x01, 0x86, // TPM_CC_HashSequenceStart + 0x00, 0x00, // authSize (NULL Password) + // null (indicate a NULL Password) + 0x00, 0x00 // hashAlg (will be set later) }; static uint8_t tpm2_sequence_update[] = { - 0x80, 0x02, // TPM_ST_SESSIONS - 0x00, 0x00, 0x00, 0x00, // commandSize (will be set later) - 0x00, 0x00, 0x01, 0x5c, // TPM_CC_SequenceUpdate - 0x00, 0x00, 0x00, 0x00, // sequenceHandle (will be set later) - 0x00, 0x00, // authSize (NULL Password) - // null (indicate a NULL Password) - 0x00, 0x09, // authSize (password authorization session) - 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) + 0x80, 0x02, // TPM_ST_SESSIONS + 0x00, 0x00, 0x00, 0x00, // commandSize (will be set later) + 0x00, 0x00, 0x01, 0x5c, // TPM_CC_SequenceUpdate + 0x00, 0x00, 0x00, 0x00, // sequenceHandle (will be set later) + 0x00, 0x00, // authSize (NULL Password) + // null (indicate a NULL Password) + 0x00, 0x09, // authSize (password authorization session) + 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00, 0x00 // size (will be set later) - // buffer (will be added later) + 0x00, 0x00 // size (will be set later) + // buffer (will be added later) }; static uint8_t tpm2_sequence_complete[] = { - 0x80, 0x02, // TPM_ST_SESSIONS - 0x00, 0x00, 0x00, 0x21, // commandSize - 0x00, 0x00, 0x01, 0x3e, // TPM_CC_SequenceComplete - 0x00, 0x00, 0x00, 0x00, // sequenceHandle (will be set later) - 0x00, 0x00, // authSize (NULL Password) - // null (indicate a NULL Password) - 0x00, 0x09, // authSize (password authorization session) - 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) + 0x80, 0x02, // TPM_ST_SESSIONS + 0x00, 0x00, 0x00, 0x21, // commandSize + 0x00, 0x00, 0x01, 0x3e, // TPM_CC_SequenceComplete + 0x00, 0x00, 0x00, 0x00, // sequenceHandle (will be set later) + 0x00, 0x00, // authSize (NULL Password) + // null (indicate a NULL Password) + 0x00, 0x09, // authSize (password authorization session) + 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00, 0x00, // size (NULL buffer) - // null (indicate an empty buffer buffer) - 0x40, 0x00, 0x00, 0x07 // hierarchy of the ticket (TPM_RH_NULL) + 0x00, 0x00, // size (NULL buffer) + // null (indicate an empty buffer buffer) + 0x40, 0x00, 0x00, 0x07 // hierarchy of the ticket (TPM_RH_NULL) }; static const uint8_t sha1_alg[] = { - 0x00, 0x04 // command for sha1 alg + 0x00, 0x04 // command for sha1 alg }; static const uint8_t sha256_alg[] = { - 0x00, 0x0B // command for sha256 alg + 0x00, 0x0B // command for sha256 alg }; static const uint8_t tpm_cc_hash_hierarchy[] = { - 0x40, 0x00, 0x00, 0x07 // hierarchy of the ticket (TPM_RH_NULL) + 0x40, 0x00, 0x00, 0x07 // hierarchy of the ticket (TPM_RH_NULL) }; //PCR_Command static const uint8_t tpm2_pcr_read[] = { - 0x80, 0x01, // TPM_ST_NO_SESSIONS - 0x00, 0x00, 0x00, 0x14, // commandSize - 0x00, 0x00, 0x01, 0x7E, // TPM_CC_PCR_Read - 0x00, 0x00, 0x00, 0x01, // count (TPML_PCR_SELECTION) - 0x00, 0x00, // hash (TPMS_PCR_SELECTION; will be set later) - 0x03, // sizeofSelect (TPMS_PCR_SELECTION) - 0x00, 0x00, 0x00 // pcrSelect (TPMS_PCR_SELECTION) + 0x80, 0x01, // TPM_ST_NO_SESSIONS + 0x00, 0x00, 0x00, 0x14, // commandSize + 0x00, 0x00, 0x01, 0x7E, // TPM_CC_PCR_Read + 0x00, 0x00, 0x00, 0x01, // count (TPML_PCR_SELECTION) + 0x00, 0x00, // hash (TPMS_PCR_SELECTION; will be set later) + 0x03, // sizeofSelect (TPMS_PCR_SELECTION) + 0x00, 0x00, 0x00 // pcrSelect (TPMS_PCR_SELECTION) }; static const uint8_t tpm2_pcr_extend[] = { - 0x80, 0x02, // TPM_ST_SESSIONS - 0x00, 0x00, 0x00, 0x00, // commandSize (will be set later) - 0x00, 0x00, 0x01, 0x82, // TPM_CC_PCR_Extend - 0x00, 0x00, 0x00, 0x00, // {PCR_FIRST:PCR_LAST} (TPMI_DH_PCR) - 0x00, 0x00, // authSize (NULL Password) - // null (indicate a NULL Password) - 0x00, 0x09, // authSize (password authorization session) - 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) + 0x80, 0x02, // TPM_ST_SESSIONS + 0x00, 0x00, 0x00, 0x00, // commandSize (will be set later) + 0x00, 0x00, 0x01, 0x82, // TPM_CC_PCR_Extend + 0x00, 0x00, 0x00, 0x00, // {PCR_FIRST:PCR_LAST} (TPMI_DH_PCR) + 0x00, 0x00, // authSize (NULL Password) + // null (indicate a NULL Password) + 0x00, 0x09, // authSize (password authorization session) + 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) 0x00, 0x00, 0x01, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x01, // count (TPML_DIGEST_VALUES) - 0x00, 0x00 // hashAlg (TPMT_HA; will be set later) - // digest (TPMT_HA; will be added later) + 0x00, 0x00, 0x00, 0x01, // count (TPML_DIGEST_VALUES) + 0x00, 0x00 // hashAlg (TPMT_HA; will be set later) + // digest (TPMT_HA; will be added later) }; static const uint8_t tpm2_pcr_reset[] = { - 0x80, 0x02, // TPM_ST_SESSIONS - 0x00, 0x00, 0x00, 0x1B, // commandSize - 0x00, 0x00, 0x01, 0x3D, // TPM_CC_PCR_Reset - 0x00, 0x00, 0x00, 0x00, // {PCR_FIRST:PCR_LAST} (TPMI_DH_PCR) - 0x00, 0x00, // authSize (NULL Password) - // null (indicate a NULL Password) - 0x00, 0x09, // authSize (password authorization session) - 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) + 0x80, 0x02, // TPM_ST_SESSIONS + 0x00, 0x00, 0x00, 0x1B, // commandSize + 0x00, 0x00, 0x01, 0x3D, // TPM_CC_PCR_Reset + 0x00, 0x00, 0x00, 0x00, // {PCR_FIRST:PCR_LAST} (TPMI_DH_PCR) + 0x00, 0x00, // authSize (NULL Password) + // null (indicate a NULL Password) + 0x00, 0x09, // authSize (password authorization session) + 0x40, 0x00, 0x00, 0x09, // TPM_RS_PW (indicate a password authorization session) 0x00, 0x00, 0x01, 0x00, 0x00 };