From 43b0682dd8f398aa59e193563204ab8c92ebd7f9 Mon Sep 17 00:00:00 2001 From: David Garske Date: Wed, 14 Feb 2018 14:11:01 -0800 Subject: [PATCH] Fixes for proper handling of `TPMT_SYM_DEF` or `TPMT_SYM_DEF_OBJECT` when `TPM_ALG_NULL` (don't append keyBits and mode). Refactor of the param details and scheme. Refactor of the session information into TPM context. --- examples/tpm/tpm2_demo.c | 13 ++- src/tpm2.c | 210 ++++++++++++++++++--------------------- wolftpm/tpm2.h | 18 ++-- 3 files changed, 109 insertions(+), 132 deletions(-) diff --git a/examples/tpm/tpm2_demo.c b/examples/tpm/tpm2_demo.c index 4c40e9d..678e9f1 100644 --- a/examples/tpm/tpm2_demo.c +++ b/examples/tpm/tpm2_demo.c @@ -89,7 +89,11 @@ static void print_bin(const byte* buffer, word32 length) print_bin(buffer + LINE_LEN, length - LINE_LEN); } #else -static void print_bin(const byte* buffer, word32 length) { return 0; } +static void print_bin(const byte* buffer, word32 length) { + (void)buffer; + (void)length; + return; +} #endif @@ -149,9 +153,9 @@ static TPM_RC TPM2_IoCb(TPM2_CTX* ctx, const byte* txBuf, byte* rxBuf, #endif #ifdef DEBUG_WOLFTPM - printf("TPM2_IoCb: %d\n", xferSz); - print_bin(txBuf, xferSz); - print_bin(rxBuf, xferSz); + //printf("TPM2_IoCb: %d\n", xferSz); + //print_bin(txBuf, xferSz); + //print_bin(rxBuf, xferSz); #endif (void)ctx; @@ -321,7 +325,6 @@ int TPM2_Demo(void* userCtx) pcrIndex = 0; XMEMSET(&cmdIn.pcrExtend, 0, sizeof(cmdIn.pcrExtend)); cmdIn.pcrExtend.pcrHandle = pcrIndex; - cmdIn.pcrExtend.auth.sessionHandle = TPM_RS_PW; cmdIn.pcrExtend.digests.count = 1; cmdIn.pcrExtend.digests.digests[0].hashAlg = TPM_ALG_SHA256; for (i=0; ipcrSelections[i].sizeofSelect); } } -static void TPM2_Packet_AppendPublic(TPM2_Packet* packet, TPM2B_PUBLIC* public) { +static void TPM2_Packet_AppendSymmetric(TPM2_Packet* packet, TPMT_SYM_DEF* symmetric) +{ + TPM2_Packet_AppendU16(packet, symmetric->algorithm); + if (symmetric->algorithm != TPM_ALG_NULL) { + TPM2_Packet_AppendU16(packet, symmetric->keyBits.sym); + TPM2_Packet_AppendU16(packet, symmetric->mode.sym); + } +} +static void TPM2_Packet_AppendSigScheme(TPM2_Packet* packet, TPMT_SIG_SCHEME* scheme) +{ + TPM2_Packet_AppendU16(packet, scheme->scheme); + TPM2_Packet_AppendU16(packet, scheme->details.any.hashAlg); +} +#define TPM2_Packet_AppendEccScheme TPM2_Packet_AppendSigScheme +static void TPM2_Packet_AppendRsaScheme(TPM2_Packet* packet, TPMT_RSA_SCHEME* scheme) +{ + TPM2_Packet_AppendU16(packet, scheme->scheme); + TPM2_Packet_AppendU16(packet, scheme->details.anySig.hashAlg); +} +static void TPM2_Packet_AppendKeyedHashScheme(TPM2_Packet* packet, TPMT_KEYEDHASH_SCHEME* scheme) +{ + TPM2_Packet_AppendU16(packet, scheme->scheme); + TPM2_Packet_AppendU16(packet, scheme->details.hmac.hashAlg); +} +static void TPM2_Packet_AppendKdfScheme(TPM2_Packet* packet, TPMT_KDF_SCHEME* scheme) +{ + TPM2_Packet_AppendU16(packet, scheme->scheme); + TPM2_Packet_AppendU16(packet, scheme->details.any.hashAlg); +} +static void TPM2_Packet_AppendAsymScheme(TPM2_Packet* packet, TPMT_ASYM_SCHEME* scheme) +{ + TPM2_Packet_AppendU16(packet, scheme->scheme); + TPM2_Packet_AppendU16(packet, scheme->details.anySig.hashAlg); +} + +static void TPM2_Packet_AppendPublicParms(TPM2_Packet* packet, TPMI_ALG_PUBLIC type, + TPMU_PUBLIC_PARMS* parameters) +{ + switch (type) { + case TPM_ALG_KEYEDHASH: + TPM2_Packet_AppendKeyedHashScheme(packet, ¶meters->keyedHashDetail.scheme); + break; + case TPM_ALG_SYMCIPHER: + TPM2_Packet_AppendU16(packet, parameters->symDetail.sym.algorithm); + TPM2_Packet_AppendU16(packet, parameters->symDetail.sym.keyBits.sym); + TPM2_Packet_AppendU16(packet, parameters->symDetail.sym.mode.sym); + break; + case TPM_ALG_RSA: + TPM2_Packet_AppendSymmetric(packet, ¶meters->rsaDetail.symmetric); + TPM2_Packet_AppendRsaScheme(packet, ¶meters->rsaDetail.scheme); + TPM2_Packet_AppendU16(packet, parameters->rsaDetail.keyBits); + TPM2_Packet_AppendU32(packet, parameters->rsaDetail.exponent); + break; + case TPM_ALG_ECC: + TPM2_Packet_AppendSymmetric(packet, ¶meters->eccDetail.symmetric); + TPM2_Packet_AppendEccScheme(packet, ¶meters->eccDetail.scheme); + TPM2_Packet_AppendU16(packet, parameters->eccDetail.curveID); + TPM2_Packet_AppendKdfScheme(packet, ¶meters->eccDetail.kdf); + break; + default: + TPM2_Packet_AppendSymmetric(packet, ¶meters->asymDetail.symmetric); + TPM2_Packet_AppendAsymScheme(packet, ¶meters->asymDetail.scheme); + break; + } +} + +static void TPM2_Packet_AppendPublic(TPM2_Packet* packet, TPM2B_PUBLIC* public) +{ TPM2_Packet_AppendU16(packet, public->size); TPM2_Packet_AppendU16(packet, public->publicArea.type); TPM2_Packet_AppendU16(packet, public->publicArea.nameAlg); @@ -554,51 +621,22 @@ static void TPM2_Packet_AppendPublic(TPM2_Packet* packet, TPM2B_PUBLIC* public) TPM2_Packet_AppendU16(packet, public->publicArea.authPolicy.size); TPM2_Packet_AppendBytes(packet, public->publicArea.authPolicy.buffer, public->publicArea.authPolicy.size); + + TPM2_Packet_AppendPublicParms(packet, public->publicArea.type, &public->publicArea.parameters); + switch (public->publicArea.type) { case TPM_ALG_KEYEDHASH: - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.keyedHashDetail.scheme.scheme); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.keyedHashDetail.scheme.details.hmac.hashAlg); - TPM2_Packet_AppendU16(packet, public->publicArea.unique.keyedHash.size); - TPM2_Packet_AppendBytes(packet, public->publicArea.unique.keyedHash.buffer, public->publicArea.unique.keyedHash.size); + TPM2_Packet_AppendBytes(packet, public->publicArea.unique.keyedHash.buffer, + public->publicArea.unique.keyedHash.size); break; case TPM_ALG_SYMCIPHER: - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.symDetail.sym.algorithm); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.symDetail.sym.keyBits.sym); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.symDetail.sym.mode.sym); break; case TPM_ALG_RSA: - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.rsaDetail.symmetric.algorithm); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.rsaDetail.symmetric.keyBits.sym); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.rsaDetail.symmetric.mode.sym); - - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.rsaDetail.scheme.scheme); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.rsaDetail.scheme.details.anySig.hashAlg); - - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.rsaDetail.keyBits); - - TPM2_Packet_AppendU32(packet, public->publicArea.parameters.rsaDetail.exponent); break; case TPM_ALG_ECC: - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.symmetric.algorithm); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.symmetric.keyBits.sym); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.symmetric.mode.sym); - - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.scheme.scheme); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.scheme.details.any.hashAlg); - - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.curveID); - - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.kdf.scheme); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.eccDetail.kdf.details.any.hashAlg); break; default: - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.asymDetail.symmetric.algorithm); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.asymDetail.symmetric.keyBits.sym); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.asymDetail.symmetric.mode.sym); - - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.asymDetail.scheme.scheme); - TPM2_Packet_AppendU16(packet, public->publicArea.parameters.asymDetail.scheme.details.anySig.hashAlg); break; } } @@ -723,9 +761,7 @@ static void TPM2_Packet_ParsePublic(TPM2_Packet* packet, TPM2B_PUBLIC* public) { TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.symDetail.sym.mode.sym); break; case TPM_ALG_RSA: - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.rsaDetail.symmetric.algorithm); - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.rsaDetail.symmetric.keyBits.sym); - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.rsaDetail.symmetric.mode.sym); + TPM2_Packet_AppendSymmetric(packet, &public->publicArea.parameters.rsaDetail.symmetric); TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.rsaDetail.scheme.scheme); TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.rsaDetail.scheme.details.anySig.hashAlg); @@ -735,9 +771,7 @@ static void TPM2_Packet_ParsePublic(TPM2_Packet* packet, TPM2B_PUBLIC* public) { TPM2_Packet_ParseU32(packet, &public->publicArea.parameters.rsaDetail.exponent); break; case TPM_ALG_ECC: - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.eccDetail.symmetric.algorithm); - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.eccDetail.symmetric.keyBits.sym); - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.eccDetail.symmetric.mode.sym); + TPM2_Packet_AppendSymmetric(packet, &public->publicArea.parameters.eccDetail.symmetric); TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.eccDetail.scheme.scheme); TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.eccDetail.scheme.details.any.hashAlg); @@ -748,9 +782,7 @@ static void TPM2_Packet_ParsePublic(TPM2_Packet* packet, TPM2B_PUBLIC* public) { TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.eccDetail.kdf.details.any.hashAlg); break; default: - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.asymDetail.symmetric.algorithm); - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.asymDetail.symmetric.keyBits.sym); - TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.asymDetail.symmetric.mode.sym); + TPM2_Packet_AppendSymmetric(packet, &public->publicArea.parameters.asymDetail.symmetric); TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.asymDetail.scheme.scheme); TPM2_Packet_ParseU16(packet, &public->publicArea.parameters.asymDetail.scheme.details.anySig.hashAlg); @@ -797,6 +829,9 @@ TPM_RC TPM2_Init(TPM2_CTX* ctx, TPM2HalIoCb ioCb, void* userCtx) ctx->ioCb = ioCb; ctx->userCtx = userCtx; + /* Setup default auth session */ + ctx->auth.sessionHandle = TPM_RS_PW; + #ifndef SINGLE_THREADED if (wc_InitMutex(&ctx->hwLock) != 0) { WOLFSSL_MSG("TPM Mutex Init failed"); @@ -1132,7 +1167,7 @@ TPM_RC TPM2_PCR_Extend(PCR_Extend_In* in) TPM2_Packet packet; TPM2_Packet_Init(ctx, &packet); TPM2_Packet_AppendU32(&packet, in->pcrHandle); - TPM2_Packet_AppendAuth(&packet, &in->auth); + TPM2_Packet_AppendAuth(&packet, &ctx->auth); TPM2_Packet_AppendU32(&packet, in->digests.count); for (i=0; i<(int)in->digests.count; i++) { UINT16 hashAlg = in->digests.digests[i].hashAlg; @@ -1168,7 +1203,7 @@ TPM_RC TPM2_Create(Create_In* in, Create_Out* out) TPM2_Packet packet; TPM2_Packet_Init(ctx, &packet); TPM2_Packet_AppendU32(&packet, in->parentHandle); - TPM2_Packet_AppendAuth(&packet, &in->auth); + TPM2_Packet_AppendAuth(&packet, &ctx->auth); TPM2_Packet_AppendU16(&packet, in->inSensitive.size); TPM2_Packet_AppendU16(&packet, in->inSensitive.sensitive.userAuth.size); @@ -1332,7 +1367,7 @@ TPM_RC TPM2_Load(Load_In* in, Load_Out* out) TPM2_Packet packet; TPM2_Packet_Init(ctx, &packet); TPM2_Packet_AppendU32(&packet, in->parentHandle); - TPM2_Packet_AppendAuth(&packet, &in->auth); + TPM2_Packet_AppendAuth(&packet, &ctx->auth); TPM2_Packet_AppendU16(&packet, in->inPrivate.size); TPM2_Packet_AppendBytes(&packet, in->inPrivate.buffer, in->inPrivate.size); @@ -1395,7 +1430,7 @@ TPM_RC TPM2_Unseal(Unseal_In* in, Unseal_Out* out) TPM2_Packet packet; TPM2_Packet_Init(ctx, &packet); TPM2_Packet_AppendU32(&packet, in->itemHandle); - TPM2_Packet_AppendAuth(&packet, &in->auth); + TPM2_Packet_AppendAuth(&packet, &ctx->auth); TPM2_Packet_Finalize(&packet, TPM_ST_NO_SESSIONS, TPM_CC_Unseal); /* send command */ @@ -1440,9 +1475,7 @@ TPM_RC TPM2_StartAuthSession(StartAuthSession_In* in, StartAuthSession_Out* out) TPM2_Packet_AppendU8(&packet, in->sessionType); - TPM2_Packet_AppendU16(&packet, in->symmetric.algorithm); - TPM2_Packet_AppendU16(&packet, in->symmetric.keyBits.sym); - TPM2_Packet_AppendU16(&packet, in->symmetric.mode.sym); + TPM2_Packet_AppendSymmetric(&packet, &in->symmetric); TPM2_Packet_AppendU16(&packet, in->authHash); @@ -1793,9 +1826,7 @@ TPM_RC TPM2_Import(Import_In* in, Import_Out* out) TPM2_Packet_AppendU16(&packet, in->inSymSeed.size); TPM2_Packet_AppendBytes(&packet, in->inSymSeed.secret, in->inSymSeed.size); - TPM2_Packet_AppendU16(&packet, in->symmetricAlg.algorithm); - TPM2_Packet_AppendU16(&packet, in->symmetricAlg.keyBits.sym); - TPM2_Packet_AppendU16(&packet, in->symmetricAlg.mode.sym); + TPM2_Packet_AppendSymmetric(&packet, &in->symmetricAlg); TPM2_Packet_Finalize(&packet, TPM_ST_NO_SESSIONS, TPM_CC_Import); @@ -1975,6 +2006,7 @@ TPM_RC TPM2_ECC_Parameters(ECC_Parameters_In* in, TPM2_Packet_ParseU16(&packet, &out->parameters.curveID); TPM2_Packet_ParseU16(&packet, &out->parameters.keySize); + TPM2_Packet_ParseU16(&packet, &out->parameters.kdf.scheme); TPM2_Packet_ParseU16(&packet, &out->parameters.kdf.details.any.hashAlg); @@ -2404,8 +2436,7 @@ TPM_RC TPM2_Certify(Certify_In* in, Certify_Out* out) TPM2_Packet_AppendU16(&packet, in->qualifyingData.size); TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer, in->qualifyingData.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_Finalize(&packet, TPM_ST_NO_SESSIONS, TPM_CC_Certify); @@ -2448,8 +2479,7 @@ TPM_RC TPM2_CertifyCreation(CertifyCreation_In* in, CertifyCreation_Out* out) TPM2_Packet_AppendU16(&packet, in->creationHash.size); TPM2_Packet_AppendBytes(&packet, in->creationHash.buffer, in->creationHash.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_AppendU16(&packet, in->creationTicket.tag); TPM2_Packet_AppendU32(&packet, in->creationTicket.hierarchy); @@ -2495,8 +2525,7 @@ TPM_RC TPM2_Quote(Quote_In* in, Quote_Out* out) TPM2_Packet_AppendU16(&packet, in->qualifyingData.size); TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer, in->qualifyingData.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_AppendPCR(&packet, &in->PCRselect); @@ -2540,8 +2569,7 @@ TPM_RC TPM2_GetSessionAuditDigest(GetSessionAuditDigest_In* in, TPM2_Packet_AppendU16(&packet, in->qualifyingData.size); TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer, in->qualifyingData.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_Finalize(&packet, TPM_ST_NO_SESSIONS, TPM_CC_GetSessionAuditDigest); @@ -2582,8 +2610,7 @@ TPM_RC TPM2_GetCommandAuditDigest(GetCommandAuditDigest_In* in, TPM2_Packet_AppendU16(&packet, in->qualifyingData.size); TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer, in->qualifyingData.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_Finalize(&packet, TPM_ST_NO_SESSIONS, TPM_CC_GetCommandAuditDigest); @@ -2623,8 +2650,7 @@ TPM_RC TPM2_GetTime(GetTime_In* in, GetTime_Out* out) TPM2_Packet_AppendU16(&packet, in->qualifyingData.size); TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer, in->qualifyingData.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_Finalize(&packet, TPM_ST_NO_SESSIONS, TPM_CC_GetTime); @@ -2774,8 +2800,7 @@ TPM_RC TPM2_Sign(Sign_In* in, Sign_Out* out) TPM2_Packet_AppendU16(&packet, in->digest.size); TPM2_Packet_AppendBytes(&packet, in->digest.buffer, in->digest.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_AppendU16(&packet, in->validation.tag); TPM2_Packet_AppendU32(&packet, in->validation.hierarchy); @@ -4258,51 +4283,7 @@ TPM_RC TPM2_TestParms(TestParms_In* in) TPM2_Packet packet; TPM2_Packet_Init(ctx, &packet); TPM2_Packet_AppendU16(&packet, in->parameters.type); - switch (in->parameters.type) { - case TPM_ALG_KEYEDHASH: - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.keyedHashDetail.scheme.scheme); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.keyedHashDetail.scheme.details.hmac.hashAlg); - break; - case TPM_ALG_SYMCIPHER: - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.symDetail.sym.algorithm); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.symDetail.sym.keyBits.sym); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.symDetail.sym.mode.sym); - break; - case TPM_ALG_RSA: - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.rsaDetail.symmetric.algorithm); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.rsaDetail.symmetric.keyBits.sym); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.rsaDetail.symmetric.mode.sym); - - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.rsaDetail.scheme.scheme); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.rsaDetail.scheme.details.anySig.hashAlg); - - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.rsaDetail.keyBits); - - TPM2_Packet_AppendU32(&packet, in->parameters.parameters.rsaDetail.exponent); - break; - case TPM_ALG_ECC: - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.symmetric.algorithm); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.symmetric.keyBits.sym); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.symmetric.mode.sym); - - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.scheme.scheme); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.scheme.details.any.hashAlg); - - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.curveID); - - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.kdf.scheme); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.eccDetail.kdf.details.any.hashAlg); - break; - default: - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.asymDetail.symmetric.algorithm); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.asymDetail.symmetric.keyBits.sym); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.asymDetail.symmetric.mode.sym); - - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.asymDetail.scheme.scheme); - TPM2_Packet_AppendU16(&packet, in->parameters.parameters.asymDetail.scheme.details.anySig.hashAlg); - break; - } - + TPM2_Packet_AppendPublicParms(&packet, in->parameters.type, &in->parameters.parameters); TPM2_Packet_Finalize(&packet, TPM_ST_NO_SESSIONS, TPM_CC_TestParms); /* send command */ @@ -4755,8 +4736,7 @@ TPM_RC TPM2_NV_Certify(NV_Certify_In* in, NV_Certify_Out* out) TPM2_Packet_AppendU16(&packet, in->qualifyingData.size); TPM2_Packet_AppendBytes(&packet, in->qualifyingData.buffer, in->qualifyingData.size); - TPM2_Packet_AppendU16(&packet, in->inScheme.scheme); - TPM2_Packet_AppendU16(&packet, in->inScheme.details.any.hashAlg); + TPM2_Packet_AppendSigScheme(&packet, &in->inScheme); TPM2_Packet_AppendU16(&packet, in->size); TPM2_Packet_AppendU16(&packet, in->offset); diff --git a/wolftpm/tpm2.h b/wolftpm/tpm2.h index 116bcc5..ff1a0ab 100644 --- a/wolftpm/tpm2.h +++ b/wolftpm/tpm2.h @@ -33,7 +33,7 @@ #endif #ifndef TPM_TIMEOUT_TRIES -#define TPM_TIMEOUT_TRIES 100000 +#define TPM_TIMEOUT_TRIES 10000 #endif #ifndef MAX_SYM_BLOCK_SIZE @@ -1335,12 +1335,7 @@ typedef struct TPMT_SYM_DEF { //TPMU_SYM_DETAILS details; } TPMT_SYM_DEF; -typedef struct TPMT_SYM_DEF_OBJECT { - TPMI_ALG_SYM_OBJECT algorithm; - TPMU_SYM_KEY_BITS keyBits; - TPMU_SYM_MODE mode; - //TPMU_SYM_DETAILS details; -} TPMT_SYM_DEF_OBJECT; +typedef TPMT_SYM_DEF TPMT_SYM_DEF_OBJECT; typedef struct TPM2B_SYM_KEY { UINT16 size; @@ -1826,6 +1821,9 @@ typedef struct TPM2_CTX { word32 did_vid; byte rid; + /* Current TPM auth session */ + TPMS_AUTH_COMMAND auth; + /* Command Buffer */ byte cmdBuf[MAX_COMMAND_SIZE]; } TPM2_CTX; @@ -1907,7 +1905,6 @@ WOLFTPM_API TPM_RC TPM2_PCR_Read(PCR_Read_In* in, PCR_Read_Out* out); typedef struct { TPMI_DH_PCR pcrHandle; - TPMS_AUTH_COMMAND auth; TPML_DIGEST_VALUES digests; } PCR_Extend_In; WOLFTPM_API TPM_RC TPM2_PCR_Extend(PCR_Extend_In* in); @@ -1915,7 +1912,6 @@ WOLFTPM_API TPM_RC TPM2_PCR_Extend(PCR_Extend_In* in); typedef struct { TPMI_DH_OBJECT parentHandle; - TPMS_AUTH_COMMAND auth; TPM2B_SENSITIVE_CREATE inSensitive; TPM2B_PUBLIC inPublic; TPM2B_DATA outsideInfo; @@ -1932,7 +1928,6 @@ WOLFTPM_API TPM_RC TPM2_Create(Create_In* in, Create_Out* out); typedef struct { TPMI_DH_OBJECT parentHandle; - TPMS_AUTH_COMMAND auth; TPM2B_SENSITIVE_CREATE inSensitive; TPM2B_PUBLIC inPublic; } CreateLoaded_In; @@ -1966,7 +1961,6 @@ WOLFTPM_API TPM_RC TPM2_CreatePrimary(CreatePrimary_In* in, typedef struct { TPMI_DH_OBJECT parentHandle; - TPMS_AUTH_COMMAND auth; TPM2B_PRIVATE inPrivate; TPM2B_PUBLIC inPublic; } Load_In; @@ -1985,7 +1979,6 @@ WOLFTPM_API TPM_RC TPM2_FlushContext(FlushContext_In* in); typedef struct { TPMI_DH_OBJECT itemHandle; - TPMS_AUTH_COMMAND auth; } Unseal_In; typedef struct { TPM2B_SENSITIVE_DATA outData; @@ -2882,4 +2875,5 @@ WOLFTPM_API const char* TPM2_GetAlgName(TPM_ALG_ID alg); WOLFTPM_API const char* TPM2_GetRCString(TPM_RC rc); WOLFTPM_API void TPM2_SetupPCRSel(TPML_PCR_SELECTION* pcr, TPM_ALG_ID alg, int pcrIndex); + #endif /* __TPM2_H__ */