Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1)

Unified Diff: mtm/mtm_structures.h

Issue 660204: Upgrade to tpm-emulator version 0.7. (Closed)
Patch Set: Created 10 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « mtm/mtm_marshalling.c ('k') | mtm/mtm_verification.c » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: mtm/mtm_structures.h
diff --git a/mtm/mtm_structures.h b/mtm/mtm_structures.h
new file mode 100644
index 0000000000000000000000000000000000000000..33b9dcbf14823100e64318e1cae4f2d939b2635e
--- /dev/null
+++ b/mtm/mtm_structures.h
@@ -0,0 +1,241 @@
+/* Software-based Mobile Trusted Module (MTM) Emulator
+ * Copyright (C) 2004-2010 Mario Strasser <mast@gmx.net>
+ *
+ * This module is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published
+ * by the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * This module is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * $Id$
+ */
+
+#ifndef _MTM_STRUCTURES_H_
+#define _MTM_STRUCTURES_H_
+
+#include "tpm/tpm_structures.h"
+#include "crypto/sha1.h"
+
+/*
+ * Ordinals
+ * The command ordinals provide the index value for each command.
+ */
+#define MTM_ORD_InstallRIM (66 + TPM_PROTECTED_COMMAND)
+#define MTM_ORD_LoadVerificationKey (67 + TPM_PROTECTED_COMMAND)
+#define MTM_ORD_LoadVerificationRootKeyDisable (68 + TPM_PROTECTED_COMMAND)
+#define MTM_ORD_VerifyRIMCert (69 + TPM_PROTECTED_COMMAND)
+#define MTM_ORD_VerifyRIMCertAndExtend (72 + TPM_PROTECTED_COMMAND)
+#define MTM_ORD_IncrementBootstrapCounter (73 + TPM_PROTECTED_COMMAND)
+#define MTM_ORD_SetVerifiedPCRSelection (74 + TPM_PROTECTED_COMMAND)
+
+/*
+ * TPM_CAPABILITY_AREA Values for TPM_GetCapability
+ */
+#define TPM_CAP_MTM_PERMANENT_DATA 0x0000000A
+
+/*
+ * MTM_COUNTER_REFERENCE ([MTM], Section 5.1)
+ * MTM counter reference structure
+ */
+#define MTM_COUNTER_SELECT_NONE 0
+#define MTM_COUNTER_SELECT_BOOTSTRAP 1
+#define MTM_COUNTER_SELECT_RIMPROTECT 2
+#define MTM_COUNTER_SELECT_STORAGEPROTECT 3
+#define MTM_COUNTER_SELECT_MAX 3
+typedef struct MTM_COUNTER_REFERENCE_STRUCT {
+ BYTE counterSelection;
+ TPM_ACTUAL_COUNT counterValue;
+} MTM_COUNTER_REFERENCE;
+#define sizeof_MTM_COUNTER_REFERENCE(s) (1 + 4)
+
+/*
+ * TPM_VERIFICATION_KEY_ID ([MTM], Section 5.3)
+ */
+typedef UINT32 TPM_VERIFICATION_KEY_ID;
+#define TPM_VERIFICATION_KEY_ID_NONE 0xFFFFFFFF
+#define TPM_VERIFICATION_KEY_ID_INTERNAL 0xFFFFFFFE
+
+/*
+ * TPM_VERIFICATION_KEY_USAGE ([MTM], Section 5.3)
+ */
+#define TPM_VERIFICATION_KEY_USAGE_MTM_MASK 0x00ff
+#define TPM_VERIFICATION_KEY_USAGE_AGENT_MASK 0x0f00
+#define TPM_VERIFICATION_KEY_USAGE_VENDOR_MASK 0xf000
+#define TPM_VERIFICATION_KEY_USAGE_SIGN_RIMCERT 0x0001
+#define TPM_VERIFICATION_KEY_USAGE_SIGN_RIMAUTH 0x0002
+#define TPM_VERIFICATION_KEY_USAGE_INCREMENT_BOOTSTRAP 0x0004
+
+/*
+ * TPM_VERIFICATION_KEY_HANDLE ([MTM], Section 5.3)
+ * Handle used to refer to TPM_VERIFICATION_KEY structures
+ */
+typedef UINT32 TPM_VERIFICATION_KEY_HANDLE;
+
+/*
+ * TPM_VERIFICATION_KEY ([MTM], Section 5.3)
+ * The TPM_VERIFICATION_KEY structure is used for representing keys in
+ * the authorization hierarchy used to authorize RIM_Certs for a MTM.
+ */
+#define TPM_TAG_VERIFICATION_KEY 0x0301
+typedef struct TPM_VERIFICATION_KEY_STRUCT {
+ TPM_STRUCTURE_TAG tag;
+ UINT16 usageFlags;
+ TPM_VERIFICATION_KEY_ID parentId;
+ TPM_VERIFICATION_KEY_ID myId;
+ MTM_COUNTER_REFERENCE referenceCounter;
+ TPM_ALGORITHM_ID keyAlgorithm;
+ TPM_SIG_SCHEME keyScheme;
+ BYTE extensionDigestSize;
+ BYTE* extensionDigestData;
+ UINT32 keySize;
+ BYTE* keyData;
+ UINT32 integrityCheckSize;
+ BYTE* integrityCheckData;
+} TPM_VERIFICATION_KEY;
+#define sizeof_TPM_VERIFICATION_KEY(s) (2 + 2 + 4 + 4 \
+ + sizeof_MTM_COUNTER_REFERENCE(s.referenceCounter) + 4 + 2 + 1 \
+ + s.extensionDigestSize + 4 + s.keySize + 4 + s.integrityCheckSize)
+#define free_TPM_VERIFICATION_KEY(s) { \
+ if (s.extensionDigestSize > 0) tpm_free(s.extensionDigestData); \
+ if (s.keySize > 0) tpm_free(s.keyData); \
+ if (s.integrityCheckSize > 0) tpm_free(s.integrityCheckData); }
+
+/*
+ * TPM_RIM_CERTIFICATE ([MTM], Section 5.2)
+ * A RIM Certificate is a structure authorizing a measurement value
+ * that is extended using MTM_VerifyRIMCertAndExtend into a PCR
+ * defined in the RIM Certificate.
+ */
+#define TPM_TAG_RIM_CERTIFICATE 0x0302
+typedef struct TPM_RIM_CERTIFICATE_STRUCT {
+ TPM_STRUCTURE_TAG tag;
+ BYTE label[8];
+ UINT32 rimVersion;
+ MTM_COUNTER_REFERENCE referenceCounter;
+ TPM_PCR_INFO_SHORT state;
+ UINT32 measurementPcrIndex;
+ TPM_PCRVALUE measurementValue;
+ TPM_VERIFICATION_KEY_ID parentId;
+ BYTE extensionDigestSize;
+ BYTE *extensionDigestData;
+ UINT32 integrityCheckSize;
+ BYTE *integrityCheckData;
+} TPM_RIM_CERTIFICATE;
+#define sizeof_TPM_RIM_CERTIFICATE(s) (2 + 8 + 4 \
+ + sizeof_MTM_COUNTER_REFERENCE(s.referenceCounter) \
+ + sizeof_TPM_PCR_INFO_SHORT(s.state) \
+ + 4 + 20 + 4 + 1 + s.extensionDigestSize \
+ + 4 + s.integrityCheckSize)
+#define free_TPM_RIM_CERTIFICATE(s) { \
+ if (s.extensionDigestSize > 0) tpm_free(s.extensionDigestData); \
+ if (s.integrityCheckSize > 0) tpm_free(s.integrityCheckData); }
+
+/*
+ * TPM_VERIFICATION_KEY_LOAD_METHODS ([MTM], Section 5.4)
+ * Methods to load a TPM_VERIFICATION_KEY
+ */
+typedef BYTE TPM_VERIFICATION_KEY_LOAD_METHODS;
+#define TPM_VERIFICATION_KEY_ROOT_LOAD 0x01
+#define TPM_VERIFICATION_KEY_INTEGRITY_CHECK_ROOT_DATA_LOAD 0x02
+#define TPM_VERIFICATION_KEY_OWNER_AUTHORIZED_LOAD 0x04
+#define TPM_VERIFICATION_KEY_CHAIN_AUTHORIZED_LOAD 0x08
+
+/*
+ * MTM_KEY_DATA
+ * This structure contains the data for stored MTM verification keys.
+ */
+typedef struct MTM_KEY_DATA_STRUCT {
+ BOOL valid;
+ UINT16 usageFlags;
+ TPM_VERIFICATION_KEY_ID parentId;
+ TPM_VERIFICATION_KEY_ID myId;
+ TPM_ALGORITHM_ID keyAlgorithm;
+ TPM_SIG_SCHEME keyScheme;
+ tpm_rsa_public_key_t key;
+} MTM_KEY_DATA;
+#define sizeof_MTM_KEY_DATA(s) ( \
+ 1 + 2 + 4 + 4 + 4 + 2 + sizeof_RSAPub(s.key))
+#define free_MTM_KEY_DATA(s) { tpm_rsa_release_public_key(&s.key); }
+
+/*
+ * MTM_PERMANENT_DATA ([MTM], Section 5.4)
+ * The MTM_PERMANENT_DATA structure contains the permanent data associated
+ * with a MTM that are used by the MTM commands. Note that there is an
+ * alternative where there is only AIK but no EK defined.
+ */
+#define MTM_TAG_PERMANENT_DATA 0x0303
+#define MTM_MAX_KEYS 10
+typedef struct MTM_PERMANENT_DATA_STRUCT {
+ TPM_STRUCTURE_TAG tag;
+ BYTE specMajor;
+ BYTE specMinor;
+ /* TPM_KEY aik; - not needed as the EK is always present */
+ TPM_PCR_SELECTION verifiedPCRs;
+ TPM_COUNT_ID counterRimProtectId;
+ TPM_COUNT_ID counterStorageProtectId;
+ TPM_VERIFICATION_KEY_LOAD_METHODS loadVerificationKeyMethods;
+ BOOL integrityCheckRootValid;
+ BYTE integrityCheckRootData[SHA1_DIGEST_LENGTH];
+ TPM_SECRET internalVerificationKey;
+ /* TPM_SECRET verificationAuth; - is a mirror of the ownerAuth */
+ MTM_KEY_DATA keys[MTM_MAX_KEYS];
+} MTM_PERMANENT_DATA;
+
+static inline int sizeof_MTM_PERMANENT_DATA(MTM_PERMANENT_DATA *s)
+{
+ int i, size = 2 + 1 + 1 + 4 + 4 + 1 + 1 + 20;
+ size += sizeof_TPM_PCR_SELECTION(s->verifiedPCRs);
+ size += sizeof(s->integrityCheckRootData);
+ for (i = 0; i < MTM_MAX_KEYS; i++) {
+ if (s->keys[i].valid) {
+ size += sizeof_MTM_KEY_DATA(s->keys[i]);
+ } else {
+ size += 1;
+ }
+ }
+ return size;
+}
+
+static inline void free_MTM_PERMANENT_DATA(MTM_PERMANENT_DATA *s)
+{
+ int i;
+ for (i = 0; i < MTM_MAX_KEYS; i++) {
+ if (s->keys[i].valid) free_MTM_KEY_DATA(s->keys[i]);
+ }
+}
+
+/*
+ * The MTM_STANY_FLAGS structure houses additional flags that are
+ * initialized by TPM_Init when the MTM boots.
+ */
+#define MTM_TAG_STANY_FLAGS 0x0304
+typedef struct MTM_STANY_FLAGS_STRUCT {
+ TPM_TAG tag;
+ BOOL loadVerificationRootKeyEnabled;
+} MTM_STANY_FLAGS;
+#define sizeof_MTM_STANY_FLAGS(s) (2 + 1)
+
+/*
+ * MTM_DATA
+ * Internal data of the MTM
+ */
+typedef struct tdMTM_DATA {
+ struct {
+ MTM_PERMANENT_DATA data;
+ } permanent;
+ struct {
+ } stclear;
+ struct {
+ MTM_STANY_FLAGS flags;
+ } stany;
+} MTM_DATA;
+#define sizeof_MTM_DATA(s) (sizeof_MTM_PERMANENT_DATA(&s.permanent.data) \
+ + sizeof_MTM_STANY_FLAGS(s.stany.flags))
+#define free_MTM_DATA(s) { free_MTM_PERMANENT_DATA(&s.permanent.data); }
+
+#endif /* _MTM_STRUCTURES_H */
+
« no previous file with comments | « mtm/mtm_marshalling.c ('k') | mtm/mtm_verification.c » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698