Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(215)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: mtm/mtm_structures.h

Issue 660204: Upgrade to tpm-emulator version 0.7. (Closed)
Patch Set: Created 10 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « mtm/mtm_marshalling.c ('k') | mtm/mtm_verification.c » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 /* Software-based Mobile Trusted Module (MTM) Emulator
2 * Copyright (C) 2004-2010 Mario Strasser <mast@gmx.net>
3 *
4 * This module is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published
6 * by the Free Software Foundation; either version 2 of the License,
7 * or (at your option) any later version.
8 *
9 * This module is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * $Id$
15 */
16
17 #ifndef _MTM_STRUCTURES_H_
18 #define _MTM_STRUCTURES_H_
19
20 #include "tpm/tpm_structures.h"
21 #include "crypto/sha1.h"
22
23 /*
24 * Ordinals
25 * The command ordinals provide the index value for each command.
26 */
27 #define MTM_ORD_InstallRIM (66 + TPM_PROTECTED_COMMAND)
28 #define MTM_ORD_LoadVerificationKey (67 + TPM_PROTECTED_COMMAND)
29 #define MTM_ORD_LoadVerificationRootKeyDisable (68 + TPM_PROTECTED_COMMAND)
30 #define MTM_ORD_VerifyRIMCert (69 + TPM_PROTECTED_COMMAND)
31 #define MTM_ORD_VerifyRIMCertAndExtend (72 + TPM_PROTECTED_COMMAND)
32 #define MTM_ORD_IncrementBootstrapCounter (73 + TPM_PROTECTED_COMMAND)
33 #define MTM_ORD_SetVerifiedPCRSelection (74 + TPM_PROTECTED_COMMAND)
34
35 /*
36 * TPM_CAPABILITY_AREA Values for TPM_GetCapability
37 */
38 #define TPM_CAP_MTM_PERMANENT_DATA 0x0000000A
39
40 /*
41 * MTM_COUNTER_REFERENCE ([MTM], Section 5.1)
42 * MTM counter reference structure
43 */
44 #define MTM_COUNTER_SELECT_NONE 0
45 #define MTM_COUNTER_SELECT_BOOTSTRAP 1
46 #define MTM_COUNTER_SELECT_RIMPROTECT 2
47 #define MTM_COUNTER_SELECT_STORAGEPROTECT 3
48 #define MTM_COUNTER_SELECT_MAX 3
49 typedef struct MTM_COUNTER_REFERENCE_STRUCT {
50 BYTE counterSelection;
51 TPM_ACTUAL_COUNT counterValue;
52 } MTM_COUNTER_REFERENCE;
53 #define sizeof_MTM_COUNTER_REFERENCE(s) (1 + 4)
54
55 /*
56 * TPM_VERIFICATION_KEY_ID ([MTM], Section 5.3)
57 */
58 typedef UINT32 TPM_VERIFICATION_KEY_ID;
59 #define TPM_VERIFICATION_KEY_ID_NONE 0xFFFFFFFF
60 #define TPM_VERIFICATION_KEY_ID_INTERNAL 0xFFFFFFFE
61
62 /*
63 * TPM_VERIFICATION_KEY_USAGE ([MTM], Section 5.3)
64 */
65 #define TPM_VERIFICATION_KEY_USAGE_MTM_MASK 0x00ff
66 #define TPM_VERIFICATION_KEY_USAGE_AGENT_MASK 0x0f00
67 #define TPM_VERIFICATION_KEY_USAGE_VENDOR_MASK 0xf000
68 #define TPM_VERIFICATION_KEY_USAGE_SIGN_RIMCERT 0x0001
69 #define TPM_VERIFICATION_KEY_USAGE_SIGN_RIMAUTH 0x0002
70 #define TPM_VERIFICATION_KEY_USAGE_INCREMENT_BOOTSTRAP 0x0004
71
72 /*
73 * TPM_VERIFICATION_KEY_HANDLE ([MTM], Section 5.3)
74 * Handle used to refer to TPM_VERIFICATION_KEY structures
75 */
76 typedef UINT32 TPM_VERIFICATION_KEY_HANDLE;
77
78 /*
79 * TPM_VERIFICATION_KEY ([MTM], Section 5.3)
80 * The TPM_VERIFICATION_KEY structure is used for representing keys in
81 * the authorization hierarchy used to authorize RIM_Certs for a MTM.
82 */
83 #define TPM_TAG_VERIFICATION_KEY 0x0301
84 typedef struct TPM_VERIFICATION_KEY_STRUCT {
85 TPM_STRUCTURE_TAG tag;
86 UINT16 usageFlags;
87 TPM_VERIFICATION_KEY_ID parentId;
88 TPM_VERIFICATION_KEY_ID myId;
89 MTM_COUNTER_REFERENCE referenceCounter;
90 TPM_ALGORITHM_ID keyAlgorithm;
91 TPM_SIG_SCHEME keyScheme;
92 BYTE extensionDigestSize;
93 BYTE* extensionDigestData;
94 UINT32 keySize;
95 BYTE* keyData;
96 UINT32 integrityCheckSize;
97 BYTE* integrityCheckData;
98 } TPM_VERIFICATION_KEY;
99 #define sizeof_TPM_VERIFICATION_KEY(s) (2 + 2 + 4 + 4 \
100 + sizeof_MTM_COUNTER_REFERENCE(s.referenceCounter) + 4 + 2 + 1 \
101 + s.extensionDigestSize + 4 + s.keySize + 4 + s.integrityCheckSize)
102 #define free_TPM_VERIFICATION_KEY(s) { \
103 if (s.extensionDigestSize > 0) tpm_free(s.extensionDigestData); \
104 if (s.keySize > 0) tpm_free(s.keyData); \
105 if (s.integrityCheckSize > 0) tpm_free(s.integrityCheckData); }
106
107 /*
108 * TPM_RIM_CERTIFICATE ([MTM], Section 5.2)
109 * A RIM Certificate is a structure authorizing a measurement value
110 * that is extended using MTM_VerifyRIMCertAndExtend into a PCR
111 * defined in the RIM Certificate.
112 */
113 #define TPM_TAG_RIM_CERTIFICATE 0x0302
114 typedef struct TPM_RIM_CERTIFICATE_STRUCT {
115 TPM_STRUCTURE_TAG tag;
116 BYTE label[8];
117 UINT32 rimVersion;
118 MTM_COUNTER_REFERENCE referenceCounter;
119 TPM_PCR_INFO_SHORT state;
120 UINT32 measurementPcrIndex;
121 TPM_PCRVALUE measurementValue;
122 TPM_VERIFICATION_KEY_ID parentId;
123 BYTE extensionDigestSize;
124 BYTE *extensionDigestData;
125 UINT32 integrityCheckSize;
126 BYTE *integrityCheckData;
127 } TPM_RIM_CERTIFICATE;
128 #define sizeof_TPM_RIM_CERTIFICATE(s) (2 + 8 + 4 \
129 + sizeof_MTM_COUNTER_REFERENCE(s.referenceCounter) \
130 + sizeof_TPM_PCR_INFO_SHORT(s.state) \
131 + 4 + 20 + 4 + 1 + s.extensionDigestSize \
132 + 4 + s.integrityCheckSize)
133 #define free_TPM_RIM_CERTIFICATE(s) { \
134 if (s.extensionDigestSize > 0) tpm_free(s.extensionDigestData); \
135 if (s.integrityCheckSize > 0) tpm_free(s.integrityCheckData); }
136
137 /*
138 * TPM_VERIFICATION_KEY_LOAD_METHODS ([MTM], Section 5.4)
139 * Methods to load a TPM_VERIFICATION_KEY
140 */
141 typedef BYTE TPM_VERIFICATION_KEY_LOAD_METHODS;
142 #define TPM_VERIFICATION_KEY_ROOT_LOAD 0x01
143 #define TPM_VERIFICATION_KEY_INTEGRITY_CHECK_ROOT_DATA_LOAD 0x02
144 #define TPM_VERIFICATION_KEY_OWNER_AUTHORIZED_LOAD 0x04
145 #define TPM_VERIFICATION_KEY_CHAIN_AUTHORIZED_LOAD 0x08
146
147 /*
148 * MTM_KEY_DATA
149 * This structure contains the data for stored MTM verification keys.
150 */
151 typedef struct MTM_KEY_DATA_STRUCT {
152 BOOL valid;
153 UINT16 usageFlags;
154 TPM_VERIFICATION_KEY_ID parentId;
155 TPM_VERIFICATION_KEY_ID myId;
156 TPM_ALGORITHM_ID keyAlgorithm;
157 TPM_SIG_SCHEME keyScheme;
158 tpm_rsa_public_key_t key;
159 } MTM_KEY_DATA;
160 #define sizeof_MTM_KEY_DATA(s) ( \
161 1 + 2 + 4 + 4 + 4 + 2 + sizeof_RSAPub(s.key))
162 #define free_MTM_KEY_DATA(s) { tpm_rsa_release_public_key(&s.key); }
163
164 /*
165 * MTM_PERMANENT_DATA ([MTM], Section 5.4)
166 * The MTM_PERMANENT_DATA structure contains the permanent data associated
167 * with a MTM that are used by the MTM commands. Note that there is an
168 * alternative where there is only AIK but no EK defined.
169 */
170 #define MTM_TAG_PERMANENT_DATA 0x0303
171 #define MTM_MAX_KEYS 10
172 typedef struct MTM_PERMANENT_DATA_STRUCT {
173 TPM_STRUCTURE_TAG tag;
174 BYTE specMajor;
175 BYTE specMinor;
176 /* TPM_KEY aik; - not needed as the EK is always present */
177 TPM_PCR_SELECTION verifiedPCRs;
178 TPM_COUNT_ID counterRimProtectId;
179 TPM_COUNT_ID counterStorageProtectId;
180 TPM_VERIFICATION_KEY_LOAD_METHODS loadVerificationKeyMethods;
181 BOOL integrityCheckRootValid;
182 BYTE integrityCheckRootData[SHA1_DIGEST_LENGTH];
183 TPM_SECRET internalVerificationKey;
184 /* TPM_SECRET verificationAuth; - is a mirror of the ownerAuth */
185 MTM_KEY_DATA keys[MTM_MAX_KEYS];
186 } MTM_PERMANENT_DATA;
187
188 static inline int sizeof_MTM_PERMANENT_DATA(MTM_PERMANENT_DATA *s)
189 {
190 int i, size = 2 + 1 + 1 + 4 + 4 + 1 + 1 + 20;
191 size += sizeof_TPM_PCR_SELECTION(s->verifiedPCRs);
192 size += sizeof(s->integrityCheckRootData);
193 for (i = 0; i < MTM_MAX_KEYS; i++) {
194 if (s->keys[i].valid) {
195 size += sizeof_MTM_KEY_DATA(s->keys[i]);
196 } else {
197 size += 1;
198 }
199 }
200 return size;
201 }
202
203 static inline void free_MTM_PERMANENT_DATA(MTM_PERMANENT_DATA *s)
204 {
205 int i;
206 for (i = 0; i < MTM_MAX_KEYS; i++) {
207 if (s->keys[i].valid) free_MTM_KEY_DATA(s->keys[i]);
208 }
209 }
210
211 /*
212 * The MTM_STANY_FLAGS structure houses additional flags that are
213 * initialized by TPM_Init when the MTM boots.
214 */
215 #define MTM_TAG_STANY_FLAGS 0x0304
216 typedef struct MTM_STANY_FLAGS_STRUCT {
217 TPM_TAG tag;
218 BOOL loadVerificationRootKeyEnabled;
219 } MTM_STANY_FLAGS;
220 #define sizeof_MTM_STANY_FLAGS(s) (2 + 1)
221
222 /*
223 * MTM_DATA
224 * Internal data of the MTM
225 */
226 typedef struct tdMTM_DATA {
227 struct {
228 MTM_PERMANENT_DATA data;
229 } permanent;
230 struct {
231 } stclear;
232 struct {
233 MTM_STANY_FLAGS flags;
234 } stany;
235 } MTM_DATA;
236 #define sizeof_MTM_DATA(s) (sizeof_MTM_PERMANENT_DATA(&s.permanent.data) \
237 + sizeof_MTM_STANY_FLAGS(s.stany.flags))
238 #define free_MTM_DATA(s) { free_MTM_PERMANENT_DATA(&s.permanent.data); }
239
240 #endif /* _MTM_STRUCTURES_H */
241
OLDNEW
« no previous file with comments | « mtm/mtm_marshalling.c ('k') | mtm/mtm_verification.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698