147f9c279SSumit Garg /* SPDX-License-Identifier: GPL-2.0 */
247f9c279SSumit Garg #ifndef __TRUSTED_TPM_H
347f9c279SSumit Garg #define __TRUSTED_TPM_H
447f9c279SSumit Garg
547f9c279SSumit Garg #include <keys/trusted-type.h>
647f9c279SSumit Garg #include <linux/tpm_command.h>
747f9c279SSumit Garg
847f9c279SSumit Garg /* implementation specific TPM constants */
947f9c279SSumit Garg #define MAX_BUF_SIZE 1024
1047f9c279SSumit Garg #define TPM_GETRANDOM_SIZE 14
1147f9c279SSumit Garg #define TPM_SIZE_OFFSET 2
1247f9c279SSumit Garg #define TPM_RETURN_OFFSET 6
1347f9c279SSumit Garg #define TPM_DATA_OFFSET 10
1447f9c279SSumit Garg
1547f9c279SSumit Garg #define LOAD32(buffer, offset) (ntohl(*(uint32_t *)&buffer[offset]))
1647f9c279SSumit Garg #define LOAD32N(buffer, offset) (*(uint32_t *)&buffer[offset])
1747f9c279SSumit Garg #define LOAD16(buffer, offset) (ntohs(*(uint16_t *)&buffer[offset]))
1847f9c279SSumit Garg
19*5d0682beSSumit Garg extern struct trusted_key_ops trusted_key_tpm_ops;
20*5d0682beSSumit Garg
2147f9c279SSumit Garg struct osapsess {
2247f9c279SSumit Garg uint32_t handle;
2347f9c279SSumit Garg unsigned char secret[SHA1_DIGEST_SIZE];
2447f9c279SSumit Garg unsigned char enonce[TPM_NONCE_SIZE];
2547f9c279SSumit Garg };
2647f9c279SSumit Garg
2747f9c279SSumit Garg /* discrete values, but have to store in uint16_t for TPM use */
2847f9c279SSumit Garg enum {
2947f9c279SSumit Garg SEAL_keytype = 1,
3047f9c279SSumit Garg SRK_keytype = 4
3147f9c279SSumit Garg };
3247f9c279SSumit Garg
3347f9c279SSumit Garg int TSS_authhmac(unsigned char *digest, const unsigned char *key,
3447f9c279SSumit Garg unsigned int keylen, unsigned char *h1,
3547f9c279SSumit Garg unsigned char *h2, unsigned int h3, ...);
3647f9c279SSumit Garg int TSS_checkhmac1(unsigned char *buffer,
3747f9c279SSumit Garg const uint32_t command,
3847f9c279SSumit Garg const unsigned char *ononce,
3947f9c279SSumit Garg const unsigned char *key,
4047f9c279SSumit Garg unsigned int keylen, ...);
4147f9c279SSumit Garg
4247f9c279SSumit Garg int trusted_tpm_send(unsigned char *cmd, size_t buflen);
4347f9c279SSumit Garg int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
4447f9c279SSumit Garg
452e19e101SSumit Garg int tpm2_seal_trusted(struct tpm_chip *chip,
462e19e101SSumit Garg struct trusted_key_payload *payload,
472e19e101SSumit Garg struct trusted_key_options *options);
482e19e101SSumit Garg int tpm2_unseal_trusted(struct tpm_chip *chip,
492e19e101SSumit Garg struct trusted_key_payload *payload,
502e19e101SSumit Garg struct trusted_key_options *options);
512e19e101SSumit Garg
5247f9c279SSumit Garg #define TPM_DEBUG 0
5347f9c279SSumit Garg
5447f9c279SSumit Garg #if TPM_DEBUG
dump_options(struct trusted_key_options * o)5547f9c279SSumit Garg static inline void dump_options(struct trusted_key_options *o)
5647f9c279SSumit Garg {
57*5d0682beSSumit Garg pr_info("sealing key type %d\n", o->keytype);
58*5d0682beSSumit Garg pr_info("sealing key handle %0X\n", o->keyhandle);
59*5d0682beSSumit Garg pr_info("pcrlock %d\n", o->pcrlock);
60*5d0682beSSumit Garg pr_info("pcrinfo %d\n", o->pcrinfo_len);
6147f9c279SSumit Garg print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
6247f9c279SSumit Garg 16, 1, o->pcrinfo, o->pcrinfo_len, 0);
6347f9c279SSumit Garg }
6447f9c279SSumit Garg
dump_sess(struct osapsess * s)6547f9c279SSumit Garg static inline void dump_sess(struct osapsess *s)
6647f9c279SSumit Garg {
6747f9c279SSumit Garg print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
6847f9c279SSumit Garg 16, 1, &s->handle, 4, 0);
69*5d0682beSSumit Garg pr_info("secret:\n");
7047f9c279SSumit Garg print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
7147f9c279SSumit Garg 16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
7247f9c279SSumit Garg pr_info("trusted-key: enonce:\n");
7347f9c279SSumit Garg print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
7447f9c279SSumit Garg 16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
7547f9c279SSumit Garg }
7647f9c279SSumit Garg
dump_tpm_buf(unsigned char * buf)7747f9c279SSumit Garg static inline void dump_tpm_buf(unsigned char *buf)
7847f9c279SSumit Garg {
7947f9c279SSumit Garg int len;
8047f9c279SSumit Garg
81*5d0682beSSumit Garg pr_info("\ntpm buffer\n");
8247f9c279SSumit Garg len = LOAD32(buf, TPM_SIZE_OFFSET);
8347f9c279SSumit Garg print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
8447f9c279SSumit Garg }
8547f9c279SSumit Garg #else
dump_options(struct trusted_key_options * o)8647f9c279SSumit Garg static inline void dump_options(struct trusted_key_options *o)
8747f9c279SSumit Garg {
8847f9c279SSumit Garg }
8947f9c279SSumit Garg
dump_sess(struct osapsess * s)9047f9c279SSumit Garg static inline void dump_sess(struct osapsess *s)
9147f9c279SSumit Garg {
9247f9c279SSumit Garg }
9347f9c279SSumit Garg
dump_tpm_buf(unsigned char * buf)9447f9c279SSumit Garg static inline void dump_tpm_buf(unsigned char *buf)
9547f9c279SSumit Garg {
9647f9c279SSumit Garg }
9747f9c279SSumit Garg #endif
9847f9c279SSumit Garg #endif
99