mirror of https://github.com/wolfSSL/wolfTPM.git
807 lines
23 KiB
C
807 lines
23 KiB
C
/* tpm2_types.h
|
|
*
|
|
* Copyright (C) 2006-2024 wolfSSL Inc.
|
|
*
|
|
* This file is part of wolfTPM.
|
|
*
|
|
* wolfTPM is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* wolfTPM is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
|
*/
|
|
|
|
#ifndef __TPM2_TYPES_H__
|
|
#define __TPM2_TYPES_H__
|
|
|
|
#include <wolftpm/visibility.h>
|
|
#include <stdint.h>
|
|
|
|
#if defined(USE_HAL_DRIVER) && !defined(HAVE_CONFIG_H)
|
|
/* STM Configuration File (generated by CubeMX) */
|
|
#include "wolfSSL.I-CUBE-wolfTPM_conf.h"
|
|
#elif !defined(WOLFTPM_USER_SETTINGS)
|
|
/* use generated options.h or a custom one */
|
|
#include <wolftpm/options.h>
|
|
#endif
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#ifdef WOLFTPM_WINAPI
|
|
#ifdef _WIN32
|
|
#include <winsock2.h>
|
|
#endif
|
|
#include <windows.h>
|
|
#endif
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* TPM TYPES */
|
|
/* ---------------------------------------------------------------------------*/
|
|
|
|
typedef uint8_t UINT8;
|
|
typedef uint8_t BYTE;
|
|
typedef int8_t INT8;
|
|
#if !defined(BOOL) && !defined(HAVE_BOOL)
|
|
typedef int BOOL;
|
|
#endif
|
|
typedef uint16_t UINT16;
|
|
typedef int16_t INT16;
|
|
typedef uint32_t UINT32;
|
|
typedef int32_t INT32;
|
|
|
|
#ifndef _W64
|
|
typedef uint64_t UINT64;
|
|
typedef int64_t INT64;
|
|
#endif
|
|
|
|
#ifndef YES
|
|
#define YES 1
|
|
#endif
|
|
#ifndef NO
|
|
#define NO 0
|
|
#endif
|
|
|
|
/* Debug build options */
|
|
#if defined(WOLFTPM_DEBUG_VERBOSE) && !defined(DEBUG_WOLFTPM)
|
|
#define DEBUG_WOLFTPM
|
|
#endif
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* WOLFCRYPT */
|
|
/* ---------------------------------------------------------------------------*/
|
|
|
|
#ifndef WOLFTPM2_NO_WOLFCRYPT
|
|
#ifndef WOLFSSL_USER_SETTINGS
|
|
#include <wolfssl/options.h>
|
|
#endif
|
|
/* enforce NO_THREAD_LS within wolfTPM */
|
|
#ifdef NO_THREAD_LS
|
|
#undef HAVE_THREAD_LS
|
|
#endif
|
|
#include <wolfssl/wolfcrypt/settings.h>
|
|
#include <wolfssl/wolfcrypt/types.h>
|
|
#include <wolfssl/wolfcrypt/logging.h>
|
|
#include <wolfssl/wolfcrypt/error-crypt.h>
|
|
#include <wolfssl/wolfcrypt/hash.h>
|
|
#include <wolfssl/wolfcrypt/rsa.h>
|
|
#include <wolfssl/wolfcrypt/ecc.h>
|
|
#if defined(HAVE_PK_CALLBACKS) && !defined(NO_RSA) && defined(WC_RSA_PSS)
|
|
#include <wolfssl/wolfcrypt/asn.h> /* for enum Hash_Sum */
|
|
#endif
|
|
#include <wolfssl/wolfcrypt/asn_public.h>
|
|
#include <wolfssl/wolfcrypt/hmac.h>
|
|
#include <wolfssl/wolfcrypt/aes.h>
|
|
#ifdef WOLF_CRYPTO_CB
|
|
#include <wolfssl/wolfcrypt/cryptocb.h>
|
|
#elif defined(WOLF_CRYPTO_DEV)
|
|
/* old name for crypto callback support */
|
|
#include <wolfssl/wolfcrypt/cryptodev.h>
|
|
#endif
|
|
#ifndef WOLFCRYPT_ONLY
|
|
/* for additional error codes */
|
|
#include <wolfssl/ssl.h> /* for wolfSSL_ERR_reason_error_string */
|
|
#endif
|
|
|
|
#ifdef DEBUG_WOLFTPM
|
|
#include <stdio.h>
|
|
#endif
|
|
|
|
#include <wolfssl/version.h>
|
|
#if defined(LIBWOLFSSL_VERSION_HEX) && LIBWOLFSSL_VERSION_HEX < 0x03015004
|
|
/* The wc_HashFree was added in v3.15.4, so use stub to allow building */
|
|
#define wc_HashFree(h, t) (0)
|
|
#endif
|
|
|
|
#define ENCODING_TYPE_PEM 1 /* CTC_FILETYPE_PEM */
|
|
#define ENCODING_TYPE_ASN1 2 /* CTC_FILETYPE_ASN1 */
|
|
|
|
#else
|
|
|
|
#include <stdio.h>
|
|
#include <stdlib.h>
|
|
#include <string.h>
|
|
|
|
#ifdef WOLFTPM_USER_SETTINGS
|
|
#include "user_settings.h"
|
|
#endif
|
|
|
|
typedef uint8_t byte;
|
|
typedef uint16_t word16;
|
|
typedef uint32_t word32;
|
|
typedef uint64_t word64;
|
|
|
|
/* Errors from wolfssl/wolfcrypt/error-crypt.h */
|
|
#define BAD_MUTEX_E -106 /* Bad mutex operation */
|
|
#define WC_TIMEOUT_E -107 /* timeout error */
|
|
#define MEMORY_E -125 /* out of memory error */
|
|
#define BUFFER_E -132 /* output buffer too small or input too large */
|
|
#define BAD_FUNC_ARG -173 /* Bad function argument provided */
|
|
#define NOT_COMPILED_IN -174 /* Feature not compiled in */
|
|
#define LENGTH_ONLY_E -202 /* Returning output length only */
|
|
|
|
#define ENCODING_TYPE_PEM CTC_FILETYPE_PEM
|
|
#define ENCODING_TYPE_ASN1 CTC_FILETYPE_ASN1
|
|
|
|
#ifndef WOLFTPM_CUSTOM_TYPES
|
|
#ifndef WOLFTPM2_NO_HEAP
|
|
#define XMALLOC(s, h, t) malloc((size_t)(s))
|
|
#define XFREE(p, h, t) free(p)
|
|
#endif
|
|
#define XMEMCPY(d,s,l) memcpy((d),(s),(l))
|
|
#define XMEMSET(b,c,l) memset((b),(c),(l))
|
|
#define XMEMCMP(s1,s2,n) memcmp((s1),(s2),(n))
|
|
#define XSTRLEN(s1) strlen((s1))
|
|
#define XSTRCMP(s1,s2) strcmp((s1),(s2))
|
|
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
|
|
#define XSTRSTR(s1,s2) strstr((s1),(s2))
|
|
#define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n))
|
|
#endif /* !WOLFTPM_CUSTOM_TYPES */
|
|
|
|
/* Endianess */
|
|
#ifndef BIG_ENDIAN_ORDER
|
|
#define LITTLE_ENDIAN_ORDER
|
|
#endif
|
|
|
|
#ifndef OFFSETOF
|
|
#if defined(__clang__) || (defined(__GNUC__) && (__GNUC__ >= 4))
|
|
#define OFFSETOF(type, field) __builtin_offsetof(type, field)
|
|
#else
|
|
#define OFFSETOF(type, field) ((size_t)&(((type *)0)->field))
|
|
#endif
|
|
#endif
|
|
|
|
/* GCC Version */
|
|
#ifndef __GNUC_PREREQ
|
|
#if defined(__GNUC__) && defined(__GNUC_MINOR__)
|
|
#define __GNUC_PREREQ(maj, min) \
|
|
((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
|
|
#else
|
|
#define __GNUC_PREREQ(maj, min) (0) /* not GNUC */
|
|
#endif
|
|
#endif
|
|
|
|
#if !defined(WOLFTPM_CUSTOM_STDIO) && !defined(NO_FILESYSTEM)
|
|
/* stdio, default case */
|
|
#define XFILE FILE*
|
|
#define XFOPEN fopen
|
|
#define XFSEEK fseek
|
|
#define XFTELL ftell
|
|
#define XREWIND rewind
|
|
#define XFREAD fread
|
|
#define XFWRITE fwrite
|
|
#define XFCLOSE fclose
|
|
#define XSEEK_END SEEK_END
|
|
#define XBADFILE NULL
|
|
#define XFGETS fgets
|
|
#define XFEOF feof
|
|
#endif
|
|
|
|
/* set up thread local storage if available */
|
|
#ifdef HAVE_THREAD_LS
|
|
#if defined(_MSC_VER)
|
|
#define THREAD_LS_T __declspec(thread)
|
|
/* Thread local storage only in FreeRTOS v8.2.1 and higher */
|
|
#elif defined(FREERTOS) || defined(FREERTOS_TCP) || \
|
|
defined(WOLFSSL_ZEPHYR)
|
|
#define THREAD_LS_T
|
|
#else
|
|
#define THREAD_LS_T __thread
|
|
#endif
|
|
#else
|
|
#define THREAD_LS_T
|
|
#endif
|
|
|
|
#endif /* !WOLFTPM2_NO_WOLFCRYPT */
|
|
|
|
#ifndef WOLFTPM_CUSTOM_TYPES
|
|
#include <stdlib.h>
|
|
|
|
#define XSTRTOUL(s,e,b) strtoul((s),(e),(b))
|
|
#define XATOI(s) atoi((s))
|
|
#endif
|
|
|
|
/* make sure file IO macros are available for examples */
|
|
#ifndef XFEOF /* used in pcr/extend example */
|
|
#define XFEOF feof
|
|
#endif
|
|
#ifndef XREWIND /* used in tpm_test_keys.c */
|
|
#define XREWIND rewind
|
|
#endif
|
|
|
|
/* enable way for customer to override printf */
|
|
#ifdef XPRINTF
|
|
#undef printf
|
|
#define printf XPRINTF
|
|
#endif
|
|
|
|
/* check if locking / mutex should be enabled */
|
|
#if defined(SINGLE_THREADED)
|
|
#undef WOLFTPM_NO_LOCK
|
|
#define WOLFTPM_NO_LOCK
|
|
#endif
|
|
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* TPM HARDWARE TYPE */
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* Microchip ATTPM20 */
|
|
/* #define WOLFTPM_MICROCHIP */
|
|
/* #define WOLFTPM_MCHP (old) - for backwards compatibility */
|
|
#if defined(WOLFTPM_MCHP) && !defined(WOLFTPM_MICROCHIP)
|
|
#define WOLFTPM_MICROCHIP
|
|
#endif
|
|
|
|
/* ST ST33TP TPM 2.0 */
|
|
/* #define WOLFTPM_ST33 */
|
|
|
|
/* Nuvoton NPCT75x TPM 2.0 module */
|
|
/* #define WOLFTPM_NUVOTON */
|
|
|
|
/* Infineon SLB9670 TPM 2.0 (default) */
|
|
/* #define WOLFTPM_SLB9670 */
|
|
/* #define WOLFTPM_SLB9672 */
|
|
|
|
|
|
/* Chip Specific Settings */
|
|
#ifdef WOLFTPM_MICROCHIP
|
|
/* Microchip ATTPM20 */
|
|
/* Requires SPI wait states */
|
|
#ifndef WOLFTPM_CHECK_WAIT_STATE
|
|
#define WOLFTPM_CHECK_WAIT_STATE
|
|
#endif
|
|
/* Max: 36MHz (has issues so using 33MHz) */
|
|
#define TPM2_SPI_MAX_HZ_MICROCHIP 33000000
|
|
#ifndef TPM2_SPI_MAX_HZ
|
|
#define TPM2_SPI_MAX_HZ TPM2_SPI_MAX_HZ_MICROCHIP
|
|
#endif
|
|
#elif defined(WOLFTPM_ST33)
|
|
/* ST ST33TPM20 modules */
|
|
/* Requires wait state support */
|
|
#ifndef WOLFTPM_CHECK_WAIT_STATE
|
|
#define WOLFTPM_CHECK_WAIT_STATE
|
|
#endif
|
|
/* Max: 33MHz */
|
|
#define TPM2_SPI_MAX_HZ_ST 33000000
|
|
#ifndef TPM2_SPI_MAX_HZ
|
|
#define TPM2_SPI_MAX_HZ TPM2_SPI_MAX_HZ_ST
|
|
#endif
|
|
#elif defined(WOLFTPM_NUVOTON)
|
|
/* Nuvoton NPCT75x module */
|
|
/* Requires wait state support */
|
|
#ifndef WOLFTPM_CHECK_WAIT_STATE
|
|
#define WOLFTPM_CHECK_WAIT_STATE
|
|
#endif
|
|
#define TPM2_SPI_MAX_HZ_NUVOTON 43000000
|
|
#ifndef TPM2_SPI_MAX_HZ
|
|
/* Max: 43MHz */
|
|
#define TPM2_SPI_MAX_HZ TPM2_SPI_MAX_HZ_NUVOTON
|
|
#endif
|
|
#else
|
|
/* Infineon OPTIGA SLB9670/SLB9672/SLB9673 */
|
|
#ifdef WOLFTPM_SLB9670
|
|
/* Max: 43MHz */
|
|
#define TPM2_SPI_MAX_HZ_INFINEON 43000000
|
|
#elif !defined(WOLFTPM_AUTODETECT)
|
|
#ifdef WOLFTPM_I2C
|
|
#undef WOLFTPM_SLB9673
|
|
#define WOLFTPM_SLB9673
|
|
#else
|
|
#undef WOLFTPM_SLB9672
|
|
#define WOLFTPM_SLB9672
|
|
#endif
|
|
|
|
/* Max: 33MHz */
|
|
#define TPM2_SPI_MAX_HZ_INFINEON 33000000
|
|
#endif
|
|
#ifndef TPM2_SPI_MAX_HZ
|
|
#define TPM2_SPI_MAX_HZ TPM2_SPI_MAX_HZ_INFINEON
|
|
#endif
|
|
#endif
|
|
|
|
/* Auto-chip detection requires SPI wait state support and safe SPI bus speed */
|
|
#ifdef WOLFTPM_AUTODETECT
|
|
/* SPI wait state checking must be enabled */
|
|
#undef WOLFTPM_CHECK_WAIT_STATE
|
|
#define WOLFTPM_CHECK_WAIT_STATE
|
|
|
|
/* use a safe MHz (minimum of above) */
|
|
#undef TPM2_SPI_MAX_HZ
|
|
#define TPM2_SPI_MAX_HZ 33000000
|
|
|
|
/* always perform self-test (some chips require) */
|
|
#undef WOLFTPM_PERFORM_SELFTEST
|
|
#define WOLFTPM_PERFORM_SELFTEST
|
|
#endif
|
|
|
|
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* ALGORITHMS */
|
|
/* ---------------------------------------------------------------------------*/
|
|
#define TPM_MD5_DIGEST_SIZE 16
|
|
#define TPM_SHA_DIGEST_SIZE 20
|
|
#define TPM_SHA224_DIGEST_SIZE 28
|
|
#define TPM_SHA256_DIGEST_SIZE 32
|
|
#define TPM_SHA384_DIGEST_SIZE 48
|
|
#define TPM_SHA512_DIGEST_SIZE 64
|
|
|
|
#ifndef MAX_ECC_KEY_BYTES
|
|
#define MAX_ECC_KEY_BYTES 66
|
|
#endif
|
|
|
|
#ifndef TPM_MAX_BLOCK_SIZE
|
|
#define TPM_MAX_BLOCK_SIZE 128
|
|
#endif
|
|
|
|
#ifndef TPM_MAX_DIGEST_SIZE
|
|
#define TPM_MAX_DIGEST_SIZE TPM_SHA512_DIGEST_SIZE
|
|
#endif
|
|
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* CONFIGURABLE LIMITS */
|
|
/* ---------------------------------------------------------------------------*/
|
|
|
|
#ifndef MAX_SPI_FRAMESIZE
|
|
#define MAX_SPI_FRAMESIZE 64
|
|
#endif
|
|
|
|
#ifndef TPM_STARTUP_TEST_TRIES
|
|
#define TPM_STARTUP_TEST_TRIES 2
|
|
#endif
|
|
|
|
#ifndef TPM_TIMEOUT_TRIES
|
|
#if defined(WOLFTPM_LINUX_DEV) || defined(WOLFTPM_SWTPM) || defined(WOLFTPM_WINAPI)
|
|
#define TPM_TIMEOUT_TRIES 0
|
|
#else
|
|
#define TPM_TIMEOUT_TRIES 1000000
|
|
#endif
|
|
#endif
|
|
|
|
#ifndef TPM_SPI_WAIT_RETRY
|
|
#define TPM_SPI_WAIT_RETRY 50
|
|
#endif
|
|
|
|
#ifndef MAX_SYM_BLOCK_SIZE
|
|
#define MAX_SYM_BLOCK_SIZE 20
|
|
#endif
|
|
#ifndef MAX_SYM_KEY_BYTES
|
|
#define MAX_SYM_KEY_BYTES 256
|
|
#endif
|
|
#ifndef LABEL_MAX_BUFFER
|
|
#define LABEL_MAX_BUFFER 128
|
|
#endif
|
|
#ifndef MAX_RSA_KEY_BITS
|
|
#define MAX_RSA_KEY_BITS 2048
|
|
#endif
|
|
#ifndef MAX_RSA_KEY_BYTES
|
|
#define MAX_RSA_KEY_BYTES (((MAX_RSA_KEY_BITS+7)/8)*2)
|
|
#endif
|
|
|
|
#ifndef MAX_ECC_KEY_BITS
|
|
#define MAX_ECC_KEY_BITS 521
|
|
#endif
|
|
#ifndef MAX_ECC_KEY_BYTES
|
|
#define MAX_ECC_KEY_BYTES (((MAX_ECC_KEY_BITS+7)/8)*2)
|
|
#endif
|
|
|
|
#ifndef MAX_AES_KEY_BITS
|
|
#define MAX_AES_KEY_BITS 128
|
|
#endif
|
|
#ifndef MAX_AES_BLOCK_SIZE_BYTES
|
|
#define MAX_AES_BLOCK_SIZE_BYTES 16
|
|
#endif
|
|
#ifndef MAX_AES_KEY_BYTES
|
|
#define MAX_AES_KEY_BYTES (MAX_AES_KEY_BITS/8)
|
|
#endif
|
|
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* IMPLEMENTATION SPECIFIC VALUES */
|
|
/* ---------------------------------------------------------------------------*/
|
|
|
|
/* Optional delay between polling */
|
|
#if defined(__linux__) && !defined(XTPM_WAIT)
|
|
/* Avoid excessive polling.
|
|
* For Infineon SLB9670 and SLB9672 adding 10us delay improves performance
|
|
* and prevents issue with rapid use at higher speeds */
|
|
#ifndef XTPM_WAIT_POLLING_US
|
|
#define XTPM_WAIT_POLLING_US 10 /* 0.01ms */
|
|
#endif
|
|
#include <unistd.h>
|
|
#define XTPM_WAIT() usleep(XTPM_WAIT_POLLING_US);
|
|
#endif
|
|
#ifndef XTPM_WAIT
|
|
#define XTPM_WAIT() /* just poll without delay by default */
|
|
#endif
|
|
|
|
/* sleep helper, used in firmware update */
|
|
#ifndef XSLEEP_MS
|
|
#ifdef WIN32
|
|
#include <windows.h>
|
|
#define XSLEEP_MS(ms) Sleep(ms)
|
|
#elif defined(FREERTOS)
|
|
#define XSLEEP_MS(ms) vTaskDelay(ms)
|
|
#elif defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 199309L
|
|
#include <time.h>
|
|
#define XSLEEP_MS(ms) ({ \
|
|
struct timespec ts; \
|
|
ts.tv_sec = ms / 1000; \
|
|
ts.tv_nsec = (ms % 1000) * 1000000; \
|
|
nanosleep(&ts, NULL); \
|
|
})
|
|
#else
|
|
#include <unistd.h>
|
|
#define XSLEEP_MS(ms) ({ \
|
|
if (ms >= 1000) \
|
|
sleep(ms / 1000); \
|
|
usleep((ms % 1000) * 1000); \
|
|
})
|
|
#endif
|
|
#endif
|
|
|
|
#ifndef BUFFER_ALIGNMENT
|
|
#define BUFFER_ALIGNMENT 4
|
|
#endif
|
|
#ifndef IMPLEMENTATION_PCR
|
|
#define IMPLEMENTATION_PCR 24
|
|
#endif
|
|
#ifndef PLATFORM_PCR
|
|
#define PLATFORM_PCR 24
|
|
#endif
|
|
#ifndef DRTM_PCR
|
|
#define DRTM_PCR 17
|
|
#endif
|
|
#ifndef HCRTM_PCR
|
|
#define HCRTM_PCR 0
|
|
#endif
|
|
#ifndef NUM_LOCALITIES
|
|
#define NUM_LOCALITIES 1
|
|
#endif
|
|
#ifndef MAX_HANDLE_NUM
|
|
#define MAX_HANDLE_NUM 3
|
|
#endif
|
|
#ifndef MAX_ACTIVE_SESSIONS
|
|
#define MAX_ACTIVE_SESSIONS 64
|
|
#endif
|
|
#ifndef MAX_LOADED_SESSIONS
|
|
#define MAX_LOADED_SESSIONS 3
|
|
#endif
|
|
#ifndef MAX_SESSION_NUM
|
|
#define MAX_SESSION_NUM 3
|
|
#endif
|
|
#ifndef MAX_LOADED_OBJECTS
|
|
#define MAX_LOADED_OBJECTS 3
|
|
#endif
|
|
#ifndef MIN_EVICT_OBJECTS
|
|
#define MIN_EVICT_OBJECTS 2
|
|
#endif
|
|
#ifndef PCR_SELECT_MIN
|
|
#define PCR_SELECT_MIN ((PLATFORM_PCR+7)/8)
|
|
#endif
|
|
#ifndef PCR_SELECT_MAX
|
|
#define PCR_SELECT_MAX ((IMPLEMENTATION_PCR+7)/8)
|
|
#endif
|
|
#ifndef MAX_CONTEXT_SIZE
|
|
#define MAX_CONTEXT_SIZE 2048
|
|
#endif
|
|
#ifndef MAX_DIGEST_BUFFER
|
|
#define MAX_DIGEST_BUFFER 1024
|
|
#endif
|
|
#ifndef MAX_NV_INDEX_SIZE
|
|
#define MAX_NV_INDEX_SIZE 2048
|
|
#endif
|
|
#ifndef MAX_NV_BUFFER_SIZE
|
|
#define MAX_NV_BUFFER_SIZE 768
|
|
#endif
|
|
#ifndef MAX_CAP_BUFFER
|
|
#define MAX_CAP_BUFFER 1024
|
|
#endif
|
|
#ifndef NV_MEMORY_SIZE
|
|
#define NV_MEMORY_SIZE 16384
|
|
#endif
|
|
#ifndef NUM_STATIC_PCR
|
|
#define NUM_STATIC_PCR 16
|
|
#endif
|
|
#ifndef MAX_ALG_LIST_SIZE
|
|
#define MAX_ALG_LIST_SIZE 64
|
|
#endif
|
|
#ifndef TIMER_PRESCALE
|
|
#define TIMER_PRESCALE 100000
|
|
#endif
|
|
#ifndef PRIMARY_SEED_SIZE
|
|
#define PRIMARY_SEED_SIZE 32
|
|
#endif
|
|
#ifndef CONTEXT_ENCRYPT_ALG
|
|
#define CONTEXT_ENCRYPT_ALG TPM_ALG_AES
|
|
#endif
|
|
#ifndef CONTEXT_ENCRYPT_KEY_BITS
|
|
#define CONTEXT_ENCRYPT_KEY_BITS MAX_SYM_KEY_BITS
|
|
#endif
|
|
#ifndef CONTEXT_ENCRYPT_KEY_BYTES
|
|
#define CONTEXT_ENCRYPT_KEY_BYTES ((CONTEXT_ENCRYPT_KEY_BITS+7 )/8)
|
|
#endif
|
|
#ifndef CONTEXT_INTEGRITY_HASH_ALG
|
|
#define CONTEXT_INTEGRITY_HASH_ALG TPM_ALG_SHA256
|
|
#endif
|
|
#ifndef CONTEXT_INTEGRITY_HASH_SIZE
|
|
#define CONTEXT_INTEGRITY_HASH_SIZE SHA256_DIGEST_SIZE
|
|
#endif
|
|
#ifndef PROOF_SIZE
|
|
#define PROOF_SIZE CONTEXT_INTEGRITY_HASH_SIZE
|
|
#endif
|
|
#ifndef NV_CLOCK_UPDATE_INTERVAL
|
|
#define NV_CLOCK_UPDATE_INTERVAL 12
|
|
#endif
|
|
#ifndef NUM_POLICY_PCR
|
|
#define NUM_POLICY_PCR 1
|
|
#endif
|
|
#ifndef MAX_COMMAND_SIZE
|
|
#define MAX_COMMAND_SIZE 4096
|
|
#endif
|
|
#ifndef MAX_RESPONSE_SIZE
|
|
#define MAX_RESPONSE_SIZE 4096
|
|
#endif
|
|
#ifndef ORDERLY_BITS
|
|
#define ORDERLY_BITS 8
|
|
#endif
|
|
#ifndef MAX_ORDERLY_COUNT
|
|
#define MAX_ORDERLY_COUNT ((1 << ORDERLY_BITS) - 1)
|
|
#endif
|
|
#ifndef ALG_ID_FIRST
|
|
#define ALG_ID_FIRST TPM_ALG_FIRST
|
|
#endif
|
|
#ifndef ALG_ID_LAST
|
|
#define ALG_ID_LAST TPM_ALG_LAST
|
|
#endif
|
|
#ifndef MAX_SYM_DATA
|
|
#define MAX_SYM_DATA 128
|
|
#endif
|
|
#ifndef MAX_RNG_ENTROPY_SIZE
|
|
#define MAX_RNG_ENTROPY_SIZE 64
|
|
#endif
|
|
#ifndef MAX_RNG_REQ_SIZE
|
|
#define MAX_RNG_REQ_SIZE 32 /* ST33 and SLB9670 max is 32-bytes */
|
|
#endif
|
|
#ifndef RAM_INDEX_SPACE
|
|
#define RAM_INDEX_SPACE 512
|
|
#endif
|
|
#ifndef RSA_DEFAULT_PUBLIC_EXPONENT
|
|
#define RSA_DEFAULT_PUBLIC_EXPONENT 0x00010001
|
|
#endif
|
|
#ifndef ENABLE_PCR_NO_INCREMENT
|
|
#define ENABLE_PCR_NO_INCREMENT 1
|
|
#endif
|
|
#ifndef CRT_FORMAT_RSA
|
|
#define CRT_FORMAT_RSA 1
|
|
#endif
|
|
#ifndef PRIVATE_VENDOR_SPECIFIC_BYTES
|
|
#define PRIVATE_VENDOR_SPECIFIC_BYTES ((MAX_RSA_KEY_BYTES/2) * (3 + CRT_FORMAT_RSA * 2))
|
|
#endif
|
|
#ifndef MAX_CAP_CC
|
|
#define MAX_CAP_CC ((TPM_CC_LAST - TPM_CC_FIRST) + 1)
|
|
#endif
|
|
#ifndef MAX_CAP_DATA
|
|
#define MAX_CAP_DATA (MAX_CAP_BUFFER - sizeof(TPM_CAP) - sizeof(UINT32))
|
|
#endif
|
|
#ifndef MAX_CAP_HANDLES
|
|
#define MAX_CAP_HANDLES (MAX_CAP_DATA / sizeof(TPM_HANDLE))
|
|
#endif
|
|
#ifndef HASH_COUNT
|
|
#define HASH_COUNT (2) /* SHA1 and SHA256 */
|
|
#endif
|
|
#ifndef MAX_CAP_ALGS
|
|
#define MAX_CAP_ALGS (MAX_CAP_DATA / sizeof(TPMS_ALG_PROPERTY))
|
|
#endif
|
|
#ifndef MAX_TPM_PROPERTIES
|
|
#define MAX_TPM_PROPERTIES (MAX_CAP_DATA / sizeof(TPMS_TAGGED_PROPERTY))
|
|
#endif
|
|
#ifndef MAX_PCR_PROPERTIES
|
|
#define MAX_PCR_PROPERTIES (MAX_CAP_DATA / sizeof(TPMS_TAGGED_PCR_SELECT))
|
|
#endif
|
|
#ifndef MAX_ECC_CURVES
|
|
#define MAX_ECC_CURVES (MAX_CAP_DATA / sizeof(TPM_ECC_CURVE))
|
|
#endif
|
|
#ifndef MAX_TAGGED_POLICIES
|
|
#define MAX_TAGGED_POLICIES (MAX_CAP_DATA / sizeof(TPMS_TAGGED_POLICY))
|
|
#endif
|
|
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* WRAPPER CONFIGURATION */
|
|
/* ---------------------------------------------------------------------------*/
|
|
|
|
/* Defines the default digest algo type to use for the wrapper functions */
|
|
#ifndef WOLFTPM2_WRAP_DIGEST
|
|
#define WOLFTPM2_WRAP_DIGEST TPM_ALG_SHA256
|
|
#endif
|
|
|
|
/* Defines the default RSA key bits for the wrapper functions */
|
|
#ifndef WOLFTPM2_WRAP_RSA_KEY_BITS
|
|
#define WOLFTPM2_WRAP_RSA_KEY_BITS MAX_RSA_KEY_BITS
|
|
#endif
|
|
#ifndef WOLFTPM2_WRAP_RSA_EXPONENT
|
|
#define WOLFTPM2_WRAP_RSA_EXPONENT RSA_DEFAULT_PUBLIC_EXPONENT
|
|
#endif
|
|
#ifndef WOLFTPM2_WRAP_ECC_KEY_BITS
|
|
#define WOLFTPM2_WRAP_ECC_KEY_BITS (MAX_ECC_KEY_BITS*8)
|
|
#endif
|
|
|
|
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && \
|
|
(defined(WOLF_CRYPTO_DEV) || defined(WOLF_CRYPTO_CB))
|
|
/* Enable the crypto callback support */
|
|
#define WOLFTPM_CRYPTOCB
|
|
#endif
|
|
|
|
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && defined(WOLFSSL_CERT_GEN) && \
|
|
(!defined(NO_RSA) || defined(HAVE_ECC))
|
|
/* Enable the certificate generation support */
|
|
#define WOLFTPM2_CERT_GEN
|
|
#endif
|
|
|
|
#if !defined(WOLFTPM2_NO_HEAP) && defined(WOLFSSL_PEM_TO_DER) && \
|
|
(defined(WOLFSSL_CERT_EXT) || defined(WOLFSSL_PUB_PEM_TO_DER)) && \
|
|
!defined(NO_ASN)
|
|
/* Enable the certificate PEM decode support */
|
|
#define WOLFTPM2_PEM_DECODE
|
|
#endif
|
|
|
|
/* Firmware upgrade requires wolfCrypt for hashing.
|
|
* Supported only for Infineon SLB9672/SLB9673 */
|
|
#if defined(WOLFTPM_FIRMWARE_UPGRADE) && \
|
|
(defined(WOLFTPM2_NO_WOLFCRYPT) || \
|
|
(!defined(WOLFTPM_SLB9672) && !defined(WOLFTPM_SLB9673)))
|
|
#undef WOLFTPM_FIRMWARE_UPGRADE
|
|
#endif
|
|
|
|
#if !defined(WOLFTPM2_NO_WOLFCRYPT) && \
|
|
!defined(NO_AES) && defined(WOLFSSL_AES_CFB) && !defined(NO_HMAC)
|
|
/* Support for importing external private keys */
|
|
#define WOLFTPM2_PRIVATE_IMPORT
|
|
#endif
|
|
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* ENDIANESS HELPERS */
|
|
/* ---------------------------------------------------------------------------*/
|
|
|
|
#ifdef __ICCARM__
|
|
#include "intrinsics.h"
|
|
#endif
|
|
|
|
#ifdef INTEL_INTRINSICS
|
|
/* for non visual studio probably need no long version, 32 bit only
|
|
* i.e., _rotl and _rotr */
|
|
#include <stdlib.h> /* get intrinsic definitions */
|
|
#pragma intrinsic(_lrotl, _lrotr)
|
|
static inline word32 rotlFixed(word32 x, word32 y) {
|
|
return y ? _lrotl(x, y) : x;
|
|
}
|
|
static inline word32 rotrFixed(word32 x, word32 y) {
|
|
return y ? _lrotr(x, y) : x;
|
|
}
|
|
#elif defined(__CCRX__)
|
|
#include <builtin.h> /* get intrinsic definitions */
|
|
static inline word32 rotlFixed(word32 x, word32 y) {
|
|
return _builtin_rotl(x, y);
|
|
}
|
|
static inline word32 rotrFixed(word32 x, word32 y) {
|
|
return _builtin_rotr(x, y);
|
|
}
|
|
#else /* generic */
|
|
/* This routine performs a left circular arithmetic shift of <x> by <y> value. */
|
|
static inline word32 rotlFixed(word32 x, word32 y) {
|
|
return (x << y) | (x >> (sizeof(y) * 8 - y));
|
|
}
|
|
/* This routine performs a right circular arithmetic shift of <x> by <y> value. */
|
|
static inline word32 rotrFixed(word32 x, word32 y)
|
|
{
|
|
return (x >> y) | (x << (sizeof(y) * 8 - y));
|
|
}
|
|
#endif
|
|
|
|
static inline word16 ByteReverseWord16(word16 value)
|
|
{
|
|
#if defined(__ICCARM__)
|
|
return (word16)__REV16(value);
|
|
#elif defined(KEIL_INTRINSICS)
|
|
return (word16)__rev16(value);
|
|
#elif defined(__GNUC_PREREQ) && __GNUC_PREREQ(4, 3)
|
|
return (word16)__builtin_bswap16(value);
|
|
#else
|
|
return (value >> 8) | (value << 8);
|
|
#endif
|
|
}
|
|
|
|
static inline word32 ByteReverseWord32(word32 value)
|
|
{
|
|
#if defined(WOLF_ALLOW_BUILTIN) && defined(__GNUC_PREREQ) && __GNUC_PREREQ(4, 3)
|
|
return (word32)__builtin_bswap32(value);
|
|
#elif defined(PPC_INTRINSICS)
|
|
/* PPC: load reverse indexed instruction */
|
|
return (word32)__lwbrx(&value,0);
|
|
#elif defined(__ICCARM__)
|
|
return (word32)__REV(value);
|
|
#elif defined(KEIL_INTRINSICS)
|
|
return (word32)__rev(value);
|
|
#elif defined(__CCRX__)
|
|
return (word32)_builtin_revl(value);
|
|
#elif defined(WOLFSSL_BYTESWAP32_ASM) && defined(__GNUC__) && \
|
|
defined(__aarch64__)
|
|
__asm__ volatile (
|
|
"REV32 %0, %0 \n"
|
|
: "+r" (value)
|
|
:
|
|
);
|
|
return value;
|
|
#elif defined(WOLFSSL_BYTESWAP32_ASM) && defined(__GNUC__) && \
|
|
(defined(__thumb__) || defined(__arm__))
|
|
__asm__ volatile (
|
|
"REV %0, %0 \n"
|
|
: "+r" (value)
|
|
:
|
|
);
|
|
return value;
|
|
#elif defined(FAST_ROTATE)
|
|
/* 5 instructions with rotate instruction, 9 without */
|
|
return (rotrFixed(value, 8U) & 0xff00ff00) |
|
|
(rotlFixed(value, 8U) & 0x00ff00ff);
|
|
#else
|
|
/* 6 instructions with rotate instruction, 8 without */
|
|
value = ((value & 0xFF00FF00) >> 8) | ((value & 0x00FF00FF) << 8);
|
|
return rotlFixed(value, 16U);
|
|
#endif
|
|
}
|
|
|
|
static inline word64 ByteReverseWord64(word64 value)
|
|
{
|
|
#if defined(WOLF_ALLOW_BUILTIN) && defined(__GNUC_PREREQ) && __GNUC_PREREQ(4, 3)
|
|
return (word64)__builtin_bswap64(value);
|
|
#else
|
|
return (word64)((word64)ByteReverseWord32((word32)value)) << 32 |
|
|
(word64)ByteReverseWord32((word32)(value >> 32));
|
|
#endif
|
|
}
|
|
|
|
/* ---------------------------------------------------------------------------*/
|
|
/* INTEGER TYPE TO STORE POINTER */
|
|
/* ---------------------------------------------------------------------------*/
|
|
|
|
typedef uintptr_t wordptr;
|
|
|
|
#ifdef __cplusplus
|
|
} /* extern "C" */
|
|
#endif
|
|
|
|
#endif /* __TPM2_TYPES_H__ */
|