| Index: mtm/mtm_structures.h
|
| diff --git a/mtm/mtm_structures.h b/mtm/mtm_structures.h
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..33b9dcbf14823100e64318e1cae4f2d939b2635e
|
| --- /dev/null
|
| +++ b/mtm/mtm_structures.h
|
| @@ -0,0 +1,241 @@
|
| +/* Software-based Mobile Trusted Module (MTM) Emulator
|
| + * Copyright (C) 2004-2010 Mario Strasser <mast@gmx.net>
|
| + *
|
| + * This module is free software; you can redistribute it and/or modify
|
| + * it under the terms of the GNU General Public License as published
|
| + * by the Free Software Foundation; either version 2 of the License,
|
| + * or (at your option) any later version.
|
| + *
|
| + * This module is distributed in the hope that it will be useful,
|
| + * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
| + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
| + * GNU General Public License for more details.
|
| + *
|
| + * $Id$
|
| + */
|
| +
|
| +#ifndef _MTM_STRUCTURES_H_
|
| +#define _MTM_STRUCTURES_H_
|
| +
|
| +#include "tpm/tpm_structures.h"
|
| +#include "crypto/sha1.h"
|
| +
|
| +/*
|
| + * Ordinals
|
| + * The command ordinals provide the index value for each command.
|
| + */
|
| +#define MTM_ORD_InstallRIM (66 + TPM_PROTECTED_COMMAND)
|
| +#define MTM_ORD_LoadVerificationKey (67 + TPM_PROTECTED_COMMAND)
|
| +#define MTM_ORD_LoadVerificationRootKeyDisable (68 + TPM_PROTECTED_COMMAND)
|
| +#define MTM_ORD_VerifyRIMCert (69 + TPM_PROTECTED_COMMAND)
|
| +#define MTM_ORD_VerifyRIMCertAndExtend (72 + TPM_PROTECTED_COMMAND)
|
| +#define MTM_ORD_IncrementBootstrapCounter (73 + TPM_PROTECTED_COMMAND)
|
| +#define MTM_ORD_SetVerifiedPCRSelection (74 + TPM_PROTECTED_COMMAND)
|
| +
|
| +/*
|
| + * TPM_CAPABILITY_AREA Values for TPM_GetCapability
|
| + */
|
| +#define TPM_CAP_MTM_PERMANENT_DATA 0x0000000A
|
| +
|
| +/*
|
| + * MTM_COUNTER_REFERENCE ([MTM], Section 5.1)
|
| + * MTM counter reference structure
|
| + */
|
| +#define MTM_COUNTER_SELECT_NONE 0
|
| +#define MTM_COUNTER_SELECT_BOOTSTRAP 1
|
| +#define MTM_COUNTER_SELECT_RIMPROTECT 2
|
| +#define MTM_COUNTER_SELECT_STORAGEPROTECT 3
|
| +#define MTM_COUNTER_SELECT_MAX 3
|
| +typedef struct MTM_COUNTER_REFERENCE_STRUCT {
|
| + BYTE counterSelection;
|
| + TPM_ACTUAL_COUNT counterValue;
|
| +} MTM_COUNTER_REFERENCE;
|
| +#define sizeof_MTM_COUNTER_REFERENCE(s) (1 + 4)
|
| +
|
| +/*
|
| + * TPM_VERIFICATION_KEY_ID ([MTM], Section 5.3)
|
| + */
|
| +typedef UINT32 TPM_VERIFICATION_KEY_ID;
|
| +#define TPM_VERIFICATION_KEY_ID_NONE 0xFFFFFFFF
|
| +#define TPM_VERIFICATION_KEY_ID_INTERNAL 0xFFFFFFFE
|
| +
|
| +/*
|
| + * TPM_VERIFICATION_KEY_USAGE ([MTM], Section 5.3)
|
| + */
|
| +#define TPM_VERIFICATION_KEY_USAGE_MTM_MASK 0x00ff
|
| +#define TPM_VERIFICATION_KEY_USAGE_AGENT_MASK 0x0f00
|
| +#define TPM_VERIFICATION_KEY_USAGE_VENDOR_MASK 0xf000
|
| +#define TPM_VERIFICATION_KEY_USAGE_SIGN_RIMCERT 0x0001
|
| +#define TPM_VERIFICATION_KEY_USAGE_SIGN_RIMAUTH 0x0002
|
| +#define TPM_VERIFICATION_KEY_USAGE_INCREMENT_BOOTSTRAP 0x0004
|
| +
|
| +/*
|
| + * TPM_VERIFICATION_KEY_HANDLE ([MTM], Section 5.3)
|
| + * Handle used to refer to TPM_VERIFICATION_KEY structures
|
| + */
|
| +typedef UINT32 TPM_VERIFICATION_KEY_HANDLE;
|
| +
|
| +/*
|
| + * TPM_VERIFICATION_KEY ([MTM], Section 5.3)
|
| + * The TPM_VERIFICATION_KEY structure is used for representing keys in
|
| + * the authorization hierarchy used to authorize RIM_Certs for a MTM.
|
| + */
|
| +#define TPM_TAG_VERIFICATION_KEY 0x0301
|
| +typedef struct TPM_VERIFICATION_KEY_STRUCT {
|
| + TPM_STRUCTURE_TAG tag;
|
| + UINT16 usageFlags;
|
| + TPM_VERIFICATION_KEY_ID parentId;
|
| + TPM_VERIFICATION_KEY_ID myId;
|
| + MTM_COUNTER_REFERENCE referenceCounter;
|
| + TPM_ALGORITHM_ID keyAlgorithm;
|
| + TPM_SIG_SCHEME keyScheme;
|
| + BYTE extensionDigestSize;
|
| + BYTE* extensionDigestData;
|
| + UINT32 keySize;
|
| + BYTE* keyData;
|
| + UINT32 integrityCheckSize;
|
| + BYTE* integrityCheckData;
|
| +} TPM_VERIFICATION_KEY;
|
| +#define sizeof_TPM_VERIFICATION_KEY(s) (2 + 2 + 4 + 4 \
|
| + + sizeof_MTM_COUNTER_REFERENCE(s.referenceCounter) + 4 + 2 + 1 \
|
| + + s.extensionDigestSize + 4 + s.keySize + 4 + s.integrityCheckSize)
|
| +#define free_TPM_VERIFICATION_KEY(s) { \
|
| + if (s.extensionDigestSize > 0) tpm_free(s.extensionDigestData); \
|
| + if (s.keySize > 0) tpm_free(s.keyData); \
|
| + if (s.integrityCheckSize > 0) tpm_free(s.integrityCheckData); }
|
| +
|
| +/*
|
| + * TPM_RIM_CERTIFICATE ([MTM], Section 5.2)
|
| + * A RIM Certificate is a structure authorizing a measurement value
|
| + * that is extended using MTM_VerifyRIMCertAndExtend into a PCR
|
| + * defined in the RIM Certificate.
|
| + */
|
| +#define TPM_TAG_RIM_CERTIFICATE 0x0302
|
| +typedef struct TPM_RIM_CERTIFICATE_STRUCT {
|
| + TPM_STRUCTURE_TAG tag;
|
| + BYTE label[8];
|
| + UINT32 rimVersion;
|
| + MTM_COUNTER_REFERENCE referenceCounter;
|
| + TPM_PCR_INFO_SHORT state;
|
| + UINT32 measurementPcrIndex;
|
| + TPM_PCRVALUE measurementValue;
|
| + TPM_VERIFICATION_KEY_ID parentId;
|
| + BYTE extensionDigestSize;
|
| + BYTE *extensionDigestData;
|
| + UINT32 integrityCheckSize;
|
| + BYTE *integrityCheckData;
|
| +} TPM_RIM_CERTIFICATE;
|
| +#define sizeof_TPM_RIM_CERTIFICATE(s) (2 + 8 + 4 \
|
| + + sizeof_MTM_COUNTER_REFERENCE(s.referenceCounter) \
|
| + + sizeof_TPM_PCR_INFO_SHORT(s.state) \
|
| + + 4 + 20 + 4 + 1 + s.extensionDigestSize \
|
| + + 4 + s.integrityCheckSize)
|
| +#define free_TPM_RIM_CERTIFICATE(s) { \
|
| + if (s.extensionDigestSize > 0) tpm_free(s.extensionDigestData); \
|
| + if (s.integrityCheckSize > 0) tpm_free(s.integrityCheckData); }
|
| +
|
| +/*
|
| + * TPM_VERIFICATION_KEY_LOAD_METHODS ([MTM], Section 5.4)
|
| + * Methods to load a TPM_VERIFICATION_KEY
|
| + */
|
| +typedef BYTE TPM_VERIFICATION_KEY_LOAD_METHODS;
|
| +#define TPM_VERIFICATION_KEY_ROOT_LOAD 0x01
|
| +#define TPM_VERIFICATION_KEY_INTEGRITY_CHECK_ROOT_DATA_LOAD 0x02
|
| +#define TPM_VERIFICATION_KEY_OWNER_AUTHORIZED_LOAD 0x04
|
| +#define TPM_VERIFICATION_KEY_CHAIN_AUTHORIZED_LOAD 0x08
|
| +
|
| +/*
|
| + * MTM_KEY_DATA
|
| + * This structure contains the data for stored MTM verification keys.
|
| + */
|
| +typedef struct MTM_KEY_DATA_STRUCT {
|
| + BOOL valid;
|
| + UINT16 usageFlags;
|
| + TPM_VERIFICATION_KEY_ID parentId;
|
| + TPM_VERIFICATION_KEY_ID myId;
|
| + TPM_ALGORITHM_ID keyAlgorithm;
|
| + TPM_SIG_SCHEME keyScheme;
|
| + tpm_rsa_public_key_t key;
|
| +} MTM_KEY_DATA;
|
| +#define sizeof_MTM_KEY_DATA(s) ( \
|
| + 1 + 2 + 4 + 4 + 4 + 2 + sizeof_RSAPub(s.key))
|
| +#define free_MTM_KEY_DATA(s) { tpm_rsa_release_public_key(&s.key); }
|
| +
|
| +/*
|
| + * MTM_PERMANENT_DATA ([MTM], Section 5.4)
|
| + * The MTM_PERMANENT_DATA structure contains the permanent data associated
|
| + * with a MTM that are used by the MTM commands. Note that there is an
|
| + * alternative where there is only AIK but no EK defined.
|
| + */
|
| +#define MTM_TAG_PERMANENT_DATA 0x0303
|
| +#define MTM_MAX_KEYS 10
|
| +typedef struct MTM_PERMANENT_DATA_STRUCT {
|
| + TPM_STRUCTURE_TAG tag;
|
| + BYTE specMajor;
|
| + BYTE specMinor;
|
| + /* TPM_KEY aik; - not needed as the EK is always present */
|
| + TPM_PCR_SELECTION verifiedPCRs;
|
| + TPM_COUNT_ID counterRimProtectId;
|
| + TPM_COUNT_ID counterStorageProtectId;
|
| + TPM_VERIFICATION_KEY_LOAD_METHODS loadVerificationKeyMethods;
|
| + BOOL integrityCheckRootValid;
|
| + BYTE integrityCheckRootData[SHA1_DIGEST_LENGTH];
|
| + TPM_SECRET internalVerificationKey;
|
| + /* TPM_SECRET verificationAuth; - is a mirror of the ownerAuth */
|
| + MTM_KEY_DATA keys[MTM_MAX_KEYS];
|
| +} MTM_PERMANENT_DATA;
|
| +
|
| +static inline int sizeof_MTM_PERMANENT_DATA(MTM_PERMANENT_DATA *s)
|
| +{
|
| + int i, size = 2 + 1 + 1 + 4 + 4 + 1 + 1 + 20;
|
| + size += sizeof_TPM_PCR_SELECTION(s->verifiedPCRs);
|
| + size += sizeof(s->integrityCheckRootData);
|
| + for (i = 0; i < MTM_MAX_KEYS; i++) {
|
| + if (s->keys[i].valid) {
|
| + size += sizeof_MTM_KEY_DATA(s->keys[i]);
|
| + } else {
|
| + size += 1;
|
| + }
|
| + }
|
| + return size;
|
| +}
|
| +
|
| +static inline void free_MTM_PERMANENT_DATA(MTM_PERMANENT_DATA *s)
|
| +{
|
| + int i;
|
| + for (i = 0; i < MTM_MAX_KEYS; i++) {
|
| + if (s->keys[i].valid) free_MTM_KEY_DATA(s->keys[i]);
|
| + }
|
| +}
|
| +
|
| +/*
|
| + * The MTM_STANY_FLAGS structure houses additional flags that are
|
| + * initialized by TPM_Init when the MTM boots.
|
| + */
|
| +#define MTM_TAG_STANY_FLAGS 0x0304
|
| +typedef struct MTM_STANY_FLAGS_STRUCT {
|
| + TPM_TAG tag;
|
| + BOOL loadVerificationRootKeyEnabled;
|
| +} MTM_STANY_FLAGS;
|
| +#define sizeof_MTM_STANY_FLAGS(s) (2 + 1)
|
| +
|
| +/*
|
| + * MTM_DATA
|
| + * Internal data of the MTM
|
| + */
|
| +typedef struct tdMTM_DATA {
|
| + struct {
|
| + MTM_PERMANENT_DATA data;
|
| + } permanent;
|
| + struct {
|
| + } stclear;
|
| + struct {
|
| + MTM_STANY_FLAGS flags;
|
| + } stany;
|
| +} MTM_DATA;
|
| +#define sizeof_MTM_DATA(s) (sizeof_MTM_PERMANENT_DATA(&s.permanent.data) \
|
| + + sizeof_MTM_STANY_FLAGS(s.stany.flags))
|
| +#define free_MTM_DATA(s) { free_MTM_PERMANENT_DATA(&s.permanent.data); }
|
| +
|
| +#endif /* _MTM_STRUCTURES_H */
|
| +
|
|
|
Chromium Code Reviews
Issue 660204:
Upgrade to tpm-emulator version 0.7. (Closed)
