12e19e101SSumit Garg // SPDX-License-Identifier: GPL-2.0-only
22e19e101SSumit Garg /*
32e19e101SSumit Garg * Copyright (C) 2004 IBM Corporation
42e19e101SSumit Garg * Copyright (C) 2014 Intel Corporation
52e19e101SSumit Garg */
62e19e101SSumit Garg
7f2219745SJames Bottomley #include <linux/asn1_encoder.h>
8f2219745SJames Bottomley #include <linux/oid_registry.h>
92e19e101SSumit Garg #include <linux/string.h>
102e19e101SSumit Garg #include <linux/err.h>
112e19e101SSumit Garg #include <linux/tpm.h>
122e19e101SSumit Garg #include <linux/tpm_command.h>
132e19e101SSumit Garg
142e19e101SSumit Garg #include <keys/trusted-type.h>
152e19e101SSumit Garg #include <keys/trusted_tpm.h>
162e19e101SSumit Garg
17f2219745SJames Bottomley #include <asm/unaligned.h>
18f2219745SJames Bottomley
19f2219745SJames Bottomley #include "tpm2key.asn1.h"
20f2219745SJames Bottomley
212e19e101SSumit Garg static struct tpm2_hash tpm2_hash_map[] = {
222e19e101SSumit Garg {HASH_ALGO_SHA1, TPM_ALG_SHA1},
232e19e101SSumit Garg {HASH_ALGO_SHA256, TPM_ALG_SHA256},
242e19e101SSumit Garg {HASH_ALGO_SHA384, TPM_ALG_SHA384},
252e19e101SSumit Garg {HASH_ALGO_SHA512, TPM_ALG_SHA512},
262e19e101SSumit Garg {HASH_ALGO_SM3_256, TPM_ALG_SM3_256},
272e19e101SSumit Garg };
282e19e101SSumit Garg
29f2219745SJames Bottomley static u32 tpm2key_oid[] = { 2, 23, 133, 10, 1, 5 };
30f2219745SJames Bottomley
tpm2_key_encode(struct trusted_key_payload * payload,struct trusted_key_options * options,u8 * src,u32 len)31f2219745SJames Bottomley static int tpm2_key_encode(struct trusted_key_payload *payload,
32f2219745SJames Bottomley struct trusted_key_options *options,
33f2219745SJames Bottomley u8 *src, u32 len)
34f2219745SJames Bottomley {
35f2219745SJames Bottomley const int SCRATCH_SIZE = PAGE_SIZE;
36f2219745SJames Bottomley u8 *scratch = kmalloc(SCRATCH_SIZE, GFP_KERNEL);
37f2219745SJames Bottomley u8 *work = scratch, *work1;
38f2219745SJames Bottomley u8 *end_work = scratch + SCRATCH_SIZE;
39f2219745SJames Bottomley u8 *priv, *pub;
40f2219745SJames Bottomley u16 priv_len, pub_len;
41e6283526SJarkko Sakkinen int ret;
42f2219745SJames Bottomley
43f2219745SJames Bottomley priv_len = get_unaligned_be16(src) + 2;
44f2219745SJames Bottomley priv = src;
45f2219745SJames Bottomley
46f2219745SJames Bottomley src += priv_len;
47f2219745SJames Bottomley
48f2219745SJames Bottomley pub_len = get_unaligned_be16(src) + 2;
49f2219745SJames Bottomley pub = src;
50f2219745SJames Bottomley
51f2219745SJames Bottomley if (!scratch)
52f2219745SJames Bottomley return -ENOMEM;
53f2219745SJames Bottomley
54f2219745SJames Bottomley work = asn1_encode_oid(work, end_work, tpm2key_oid,
55f2219745SJames Bottomley asn1_oid_len(tpm2key_oid));
56f2219745SJames Bottomley
57f2219745SJames Bottomley if (options->blobauth_len == 0) {
58f2219745SJames Bottomley unsigned char bool[3], *w = bool;
59f2219745SJames Bottomley /* tag 0 is emptyAuth */
60f2219745SJames Bottomley w = asn1_encode_boolean(w, w + sizeof(bool), true);
61e6283526SJarkko Sakkinen if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) {
62e6283526SJarkko Sakkinen ret = PTR_ERR(w);
63e6283526SJarkko Sakkinen goto err;
64e6283526SJarkko Sakkinen }
65f2219745SJames Bottomley work = asn1_encode_tag(work, end_work, 0, bool, w - bool);
66f2219745SJames Bottomley }
67f2219745SJames Bottomley
68f2219745SJames Bottomley /*
69f2219745SJames Bottomley * Assume both octet strings will encode to a 2 byte definite length
70f2219745SJames Bottomley *
71f2219745SJames Bottomley * Note: For a well behaved TPM, this warning should never
72f2219745SJames Bottomley * trigger, so if it does there's something nefarious going on
73f2219745SJames Bottomley */
74f2219745SJames Bottomley if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE,
75e6283526SJarkko Sakkinen "BUG: scratch buffer is too small")) {
76e6283526SJarkko Sakkinen ret = -EINVAL;
77e6283526SJarkko Sakkinen goto err;
78e6283526SJarkko Sakkinen }
79f2219745SJames Bottomley
80f2219745SJames Bottomley work = asn1_encode_integer(work, end_work, options->keyhandle);
81f2219745SJames Bottomley work = asn1_encode_octet_string(work, end_work, pub, pub_len);
82f2219745SJames Bottomley work = asn1_encode_octet_string(work, end_work, priv, priv_len);
83f2219745SJames Bottomley
84f2219745SJames Bottomley work1 = payload->blob;
85f2219745SJames Bottomley work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob),
86f2219745SJames Bottomley scratch, work - scratch);
871c652e1eSJarkko Sakkinen if (IS_ERR(work1)) {
88e6283526SJarkko Sakkinen ret = PTR_ERR(work1);
891c652e1eSJarkko Sakkinen pr_err("BUG: ASN.1 encoder failed with %d\n", ret);
90e6283526SJarkko Sakkinen goto err;
91e6283526SJarkko Sakkinen }
92f2219745SJames Bottomley
93e6283526SJarkko Sakkinen kfree(scratch);
94f2219745SJames Bottomley return work1 - payload->blob;
95e6283526SJarkko Sakkinen
96e6283526SJarkko Sakkinen err:
97e6283526SJarkko Sakkinen kfree(scratch);
98e6283526SJarkko Sakkinen return ret;
99f2219745SJames Bottomley }
100f2219745SJames Bottomley
101f2219745SJames Bottomley struct tpm2_key_context {
102f2219745SJames Bottomley u32 parent;
103f2219745SJames Bottomley const u8 *pub;
104f2219745SJames Bottomley u32 pub_len;
105f2219745SJames Bottomley const u8 *priv;
106f2219745SJames Bottomley u32 priv_len;
107f2219745SJames Bottomley };
108f2219745SJames Bottomley
tpm2_key_decode(struct trusted_key_payload * payload,struct trusted_key_options * options,u8 ** buf)109f2219745SJames Bottomley static int tpm2_key_decode(struct trusted_key_payload *payload,
110f2219745SJames Bottomley struct trusted_key_options *options,
111f2219745SJames Bottomley u8 **buf)
112f2219745SJames Bottomley {
113f2219745SJames Bottomley int ret;
114f2219745SJames Bottomley struct tpm2_key_context ctx;
115f2219745SJames Bottomley u8 *blob;
116f2219745SJames Bottomley
117f2219745SJames Bottomley memset(&ctx, 0, sizeof(ctx));
118f2219745SJames Bottomley
119f2219745SJames Bottomley ret = asn1_ber_decoder(&tpm2key_decoder, &ctx, payload->blob,
120f2219745SJames Bottomley payload->blob_len);
121f2219745SJames Bottomley if (ret < 0)
122f2219745SJames Bottomley return ret;
123f2219745SJames Bottomley
124f2219745SJames Bottomley if (ctx.priv_len + ctx.pub_len > MAX_BLOB_SIZE)
125f2219745SJames Bottomley return -EINVAL;
126f2219745SJames Bottomley
127f2219745SJames Bottomley blob = kmalloc(ctx.priv_len + ctx.pub_len + 4, GFP_KERNEL);
128f2219745SJames Bottomley if (!blob)
129f2219745SJames Bottomley return -ENOMEM;
130f2219745SJames Bottomley
131f2219745SJames Bottomley *buf = blob;
132f2219745SJames Bottomley options->keyhandle = ctx.parent;
133f2219745SJames Bottomley
134f2219745SJames Bottomley memcpy(blob, ctx.priv, ctx.priv_len);
135f2219745SJames Bottomley blob += ctx.priv_len;
136f2219745SJames Bottomley
137f2219745SJames Bottomley memcpy(blob, ctx.pub, ctx.pub_len);
138f2219745SJames Bottomley
139f2219745SJames Bottomley return 0;
140f2219745SJames Bottomley }
141f2219745SJames Bottomley
tpm2_key_parent(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)142f2219745SJames Bottomley int tpm2_key_parent(void *context, size_t hdrlen,
143f2219745SJames Bottomley unsigned char tag,
144f2219745SJames Bottomley const void *value, size_t vlen)
145f2219745SJames Bottomley {
146f2219745SJames Bottomley struct tpm2_key_context *ctx = context;
147f2219745SJames Bottomley const u8 *v = value;
148f2219745SJames Bottomley int i;
149f2219745SJames Bottomley
150f2219745SJames Bottomley ctx->parent = 0;
151f2219745SJames Bottomley for (i = 0; i < vlen; i++) {
152f2219745SJames Bottomley ctx->parent <<= 8;
153f2219745SJames Bottomley ctx->parent |= v[i];
154f2219745SJames Bottomley }
155f2219745SJames Bottomley
156f2219745SJames Bottomley return 0;
157f2219745SJames Bottomley }
158f2219745SJames Bottomley
tpm2_key_type(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)159f2219745SJames Bottomley int tpm2_key_type(void *context, size_t hdrlen,
160f2219745SJames Bottomley unsigned char tag,
161f2219745SJames Bottomley const void *value, size_t vlen)
162f2219745SJames Bottomley {
163f2219745SJames Bottomley enum OID oid = look_up_OID(value, vlen);
164f2219745SJames Bottomley
165f2219745SJames Bottomley if (oid != OID_TPMSealedData) {
166f2219745SJames Bottomley char buffer[50];
167f2219745SJames Bottomley
168f2219745SJames Bottomley sprint_oid(value, vlen, buffer, sizeof(buffer));
169f2219745SJames Bottomley pr_debug("OID is \"%s\" which is not TPMSealedData\n",
170f2219745SJames Bottomley buffer);
171f2219745SJames Bottomley return -EINVAL;
172f2219745SJames Bottomley }
173f2219745SJames Bottomley
174f2219745SJames Bottomley return 0;
175f2219745SJames Bottomley }
176f2219745SJames Bottomley
tpm2_key_pub(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)177f2219745SJames Bottomley int tpm2_key_pub(void *context, size_t hdrlen,
178f2219745SJames Bottomley unsigned char tag,
179f2219745SJames Bottomley const void *value, size_t vlen)
180f2219745SJames Bottomley {
181f2219745SJames Bottomley struct tpm2_key_context *ctx = context;
182f2219745SJames Bottomley
183f2219745SJames Bottomley ctx->pub = value;
184f2219745SJames Bottomley ctx->pub_len = vlen;
185f2219745SJames Bottomley
186f2219745SJames Bottomley return 0;
187f2219745SJames Bottomley }
188f2219745SJames Bottomley
tpm2_key_priv(void * context,size_t hdrlen,unsigned char tag,const void * value,size_t vlen)189f2219745SJames Bottomley int tpm2_key_priv(void *context, size_t hdrlen,
190f2219745SJames Bottomley unsigned char tag,
191f2219745SJames Bottomley const void *value, size_t vlen)
192f2219745SJames Bottomley {
193f2219745SJames Bottomley struct tpm2_key_context *ctx = context;
194f2219745SJames Bottomley
195f2219745SJames Bottomley ctx->priv = value;
196f2219745SJames Bottomley ctx->priv_len = vlen;
197f2219745SJames Bottomley
198f2219745SJames Bottomley return 0;
199f2219745SJames Bottomley }
200f2219745SJames Bottomley
2012e19e101SSumit Garg /**
2022a415274SJiapeng Chong * tpm2_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer.
2032e19e101SSumit Garg *
2042e19e101SSumit Garg * @buf: an allocated tpm_buf instance
2052e19e101SSumit Garg * @session_handle: session handle
2062e19e101SSumit Garg * @nonce: the session nonce, may be NULL if not used
2072e19e101SSumit Garg * @nonce_len: the session nonce length, may be 0 if not used
2082e19e101SSumit Garg * @attributes: the session attributes
2092e19e101SSumit Garg * @hmac: the session HMAC or password, may be NULL if not used
2102e19e101SSumit Garg * @hmac_len: the session HMAC or password length, maybe 0 if not used
2112e19e101SSumit Garg */
tpm2_buf_append_auth(struct tpm_buf * buf,u32 session_handle,const u8 * nonce,u16 nonce_len,u8 attributes,const u8 * hmac,u16 hmac_len)2122e19e101SSumit Garg static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle,
2132e19e101SSumit Garg const u8 *nonce, u16 nonce_len,
2142e19e101SSumit Garg u8 attributes,
2152e19e101SSumit Garg const u8 *hmac, u16 hmac_len)
2162e19e101SSumit Garg {
2172e19e101SSumit Garg tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len);
2182e19e101SSumit Garg tpm_buf_append_u32(buf, session_handle);
2192e19e101SSumit Garg tpm_buf_append_u16(buf, nonce_len);
2202e19e101SSumit Garg
2212e19e101SSumit Garg if (nonce && nonce_len)
2222e19e101SSumit Garg tpm_buf_append(buf, nonce, nonce_len);
2232e19e101SSumit Garg
2242e19e101SSumit Garg tpm_buf_append_u8(buf, attributes);
2252e19e101SSumit Garg tpm_buf_append_u16(buf, hmac_len);
2262e19e101SSumit Garg
2272e19e101SSumit Garg if (hmac && hmac_len)
2282e19e101SSumit Garg tpm_buf_append(buf, hmac, hmac_len);
2292e19e101SSumit Garg }
2302e19e101SSumit Garg
2312e19e101SSumit Garg /**
2322e19e101SSumit Garg * tpm2_seal_trusted() - seal the payload of a trusted key
2332e19e101SSumit Garg *
2342e19e101SSumit Garg * @chip: TPM chip to use
2352e19e101SSumit Garg * @payload: the key data in clear and encrypted form
2362e19e101SSumit Garg * @options: authentication values and other options
2372e19e101SSumit Garg *
2382e19e101SSumit Garg * Return: < 0 on error and 0 on success.
2392e19e101SSumit Garg */
tpm2_seal_trusted(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options)2402e19e101SSumit Garg int tpm2_seal_trusted(struct tpm_chip *chip,
2412e19e101SSumit Garg struct trusted_key_payload *payload,
2422e19e101SSumit Garg struct trusted_key_options *options)
2432e19e101SSumit Garg {
244f2219745SJames Bottomley int blob_len = 0;
2452e19e101SSumit Garg struct tpm_buf buf;
2462e19e101SSumit Garg u32 hash;
247e5fb5d2cSJames Bottomley u32 flags;
2482e19e101SSumit Garg int i;
2492e19e101SSumit Garg int rc;
2502e19e101SSumit Garg
2512e19e101SSumit Garg for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
2522e19e101SSumit Garg if (options->hash == tpm2_hash_map[i].crypto_id) {
2532e19e101SSumit Garg hash = tpm2_hash_map[i].tpm_id;
2542e19e101SSumit Garg break;
2552e19e101SSumit Garg }
2562e19e101SSumit Garg }
2572e19e101SSumit Garg
2582e19e101SSumit Garg if (i == ARRAY_SIZE(tpm2_hash_map))
2592e19e101SSumit Garg return -EINVAL;
2602e19e101SSumit Garg
261f2219745SJames Bottomley if (!options->keyhandle)
262f2219745SJames Bottomley return -EINVAL;
263f2219745SJames Bottomley
2649d5171eaSJames Bottomley rc = tpm_try_get_ops(chip);
2652e19e101SSumit Garg if (rc)
2662e19e101SSumit Garg return rc;
2672e19e101SSumit Garg
2688c657a05SJarkko Sakkinen rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
2698c657a05SJarkko Sakkinen if (rc) {
2708c657a05SJarkko Sakkinen tpm_put_ops(chip);
2718c657a05SJarkko Sakkinen return rc;
2728c657a05SJarkko Sakkinen }
2738c657a05SJarkko Sakkinen
2742e19e101SSumit Garg tpm_buf_append_u32(&buf, options->keyhandle);
2752e19e101SSumit Garg tpm2_buf_append_auth(&buf, TPM2_RS_PW,
2762e19e101SSumit Garg NULL /* nonce */, 0,
2772e19e101SSumit Garg 0 /* session_attributes */,
2782e19e101SSumit Garg options->keyauth /* hmac */,
2792e19e101SSumit Garg TPM_DIGEST_SIZE);
2802e19e101SSumit Garg
2812e19e101SSumit Garg /* sensitive */
282e5fb5d2cSJames Bottomley tpm_buf_append_u16(&buf, 4 + options->blobauth_len + payload->key_len);
2832e19e101SSumit Garg
284de66514dSJames Bottomley tpm_buf_append_u16(&buf, options->blobauth_len);
285de66514dSJames Bottomley if (options->blobauth_len)
286de66514dSJames Bottomley tpm_buf_append(&buf, options->blobauth, options->blobauth_len);
287de66514dSJames Bottomley
288e5fb5d2cSJames Bottomley tpm_buf_append_u16(&buf, payload->key_len);
2892e19e101SSumit Garg tpm_buf_append(&buf, payload->key, payload->key_len);
2902e19e101SSumit Garg
2912e19e101SSumit Garg /* public */
2922e19e101SSumit Garg tpm_buf_append_u16(&buf, 14 + options->policydigest_len);
2932e19e101SSumit Garg tpm_buf_append_u16(&buf, TPM_ALG_KEYEDHASH);
2942e19e101SSumit Garg tpm_buf_append_u16(&buf, hash);
2952e19e101SSumit Garg
296e5fb5d2cSJames Bottomley /* key properties */
297e5fb5d2cSJames Bottomley flags = 0;
298e5fb5d2cSJames Bottomley flags |= options->policydigest_len ? 0 : TPM2_OA_USER_WITH_AUTH;
299dda53843SDavid Safford flags |= payload->migratable ? 0 : (TPM2_OA_FIXED_TPM |
300dda53843SDavid Safford TPM2_OA_FIXED_PARENT);
301e5fb5d2cSJames Bottomley tpm_buf_append_u32(&buf, flags);
302e5fb5d2cSJames Bottomley
3032e19e101SSumit Garg /* policy */
3042e19e101SSumit Garg tpm_buf_append_u16(&buf, options->policydigest_len);
305e5fb5d2cSJames Bottomley if (options->policydigest_len)
3062e19e101SSumit Garg tpm_buf_append(&buf, options->policydigest,
3072e19e101SSumit Garg options->policydigest_len);
3082e19e101SSumit Garg
3092e19e101SSumit Garg /* public parameters */
3102e19e101SSumit Garg tpm_buf_append_u16(&buf, TPM_ALG_NULL);
3112e19e101SSumit Garg tpm_buf_append_u16(&buf, 0);
3122e19e101SSumit Garg
3132e19e101SSumit Garg /* outside info */
3142e19e101SSumit Garg tpm_buf_append_u16(&buf, 0);
3152e19e101SSumit Garg
3162e19e101SSumit Garg /* creation PCR */
3172e19e101SSumit Garg tpm_buf_append_u32(&buf, 0);
3182e19e101SSumit Garg
3192e19e101SSumit Garg if (buf.flags & TPM_BUF_OVERFLOW) {
3202e19e101SSumit Garg rc = -E2BIG;
3212e19e101SSumit Garg goto out;
3222e19e101SSumit Garg }
3232e19e101SSumit Garg
3248c657a05SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &buf, 4, "sealing data");
3252e19e101SSumit Garg if (rc)
3262e19e101SSumit Garg goto out;
3272e19e101SSumit Garg
3282e19e101SSumit Garg blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]);
3292e19e101SSumit Garg if (blob_len > MAX_BLOB_SIZE) {
3302e19e101SSumit Garg rc = -E2BIG;
3312e19e101SSumit Garg goto out;
3322e19e101SSumit Garg }
3332e19e101SSumit Garg if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 4 + blob_len) {
3342e19e101SSumit Garg rc = -EFAULT;
3352e19e101SSumit Garg goto out;
3362e19e101SSumit Garg }
3372e19e101SSumit Garg
338f2219745SJames Bottomley blob_len = tpm2_key_encode(payload, options,
339f2219745SJames Bottomley &buf.data[TPM_HEADER_SIZE + 4],
340f2219745SJames Bottomley blob_len);
3412e19e101SSumit Garg
3422e19e101SSumit Garg out:
3432e19e101SSumit Garg tpm_buf_destroy(&buf);
3442e19e101SSumit Garg
3452e19e101SSumit Garg if (rc > 0) {
3462e19e101SSumit Garg if (tpm2_rc_value(rc) == TPM2_RC_HASH)
3472e19e101SSumit Garg rc = -EINVAL;
3482e19e101SSumit Garg else
3492e19e101SSumit Garg rc = -EPERM;
3502e19e101SSumit Garg }
351f2219745SJames Bottomley if (blob_len < 0)
352b3ad7855SBen Boeckel rc = blob_len;
353b3ad7855SBen Boeckel else
354f2219745SJames Bottomley payload->blob_len = blob_len;
3552e19e101SSumit Garg
3568c657a05SJarkko Sakkinen tpm_put_ops(chip);
3572e19e101SSumit Garg return rc;
3582e19e101SSumit Garg }
3592e19e101SSumit Garg
3602e19e101SSumit Garg /**
3612e19e101SSumit Garg * tpm2_load_cmd() - execute a TPM2_Load command
3622e19e101SSumit Garg *
3632e19e101SSumit Garg * @chip: TPM chip to use
3642e19e101SSumit Garg * @payload: the key data in clear and encrypted form
3652e19e101SSumit Garg * @options: authentication values and other options
3662e19e101SSumit Garg * @blob_handle: returned blob handle
3672e19e101SSumit Garg *
3682e19e101SSumit Garg * Return: 0 on success.
3692e19e101SSumit Garg * -E2BIG on wrong payload size.
3702e19e101SSumit Garg * -EPERM on tpm error status.
3712e19e101SSumit Garg * < 0 error from tpm_send.
3722e19e101SSumit Garg */
tpm2_load_cmd(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options,u32 * blob_handle)3732e19e101SSumit Garg static int tpm2_load_cmd(struct tpm_chip *chip,
3742e19e101SSumit Garg struct trusted_key_payload *payload,
3752e19e101SSumit Garg struct trusted_key_options *options,
3762e19e101SSumit Garg u32 *blob_handle)
3772e19e101SSumit Garg {
3782e19e101SSumit Garg struct tpm_buf buf;
3792e19e101SSumit Garg unsigned int private_len;
3802e19e101SSumit Garg unsigned int public_len;
3812e19e101SSumit Garg unsigned int blob_len;
382e5fb5d2cSJames Bottomley u8 *blob, *pub;
3832e19e101SSumit Garg int rc;
384e5fb5d2cSJames Bottomley u32 attrs;
3852e19e101SSumit Garg
386f2219745SJames Bottomley rc = tpm2_key_decode(payload, options, &blob);
387f2219745SJames Bottomley if (rc) {
388f2219745SJames Bottomley /* old form */
389f2219745SJames Bottomley blob = payload->blob;
390f2219745SJames Bottomley payload->old_format = 1;
391f2219745SJames Bottomley }
392f2219745SJames Bottomley
393f2219745SJames Bottomley /* new format carries keyhandle but old format doesn't */
394f2219745SJames Bottomley if (!options->keyhandle)
395f2219745SJames Bottomley return -EINVAL;
396f2219745SJames Bottomley
397f2219745SJames Bottomley /* must be big enough for at least the two be16 size counts */
398f2219745SJames Bottomley if (payload->blob_len < 4)
399f2219745SJames Bottomley return -EINVAL;
400f2219745SJames Bottomley
401f2219745SJames Bottomley private_len = get_unaligned_be16(blob);
402f2219745SJames Bottomley
403f2219745SJames Bottomley /* must be big enough for following public_len */
404f2219745SJames Bottomley if (private_len + 2 + 2 > (payload->blob_len))
4052e19e101SSumit Garg return -E2BIG;
4062e19e101SSumit Garg
407f2219745SJames Bottomley public_len = get_unaligned_be16(blob + 2 + private_len);
408f2219745SJames Bottomley if (private_len + 2 + public_len + 2 > payload->blob_len)
409f2219745SJames Bottomley return -E2BIG;
410f2219745SJames Bottomley
411e5fb5d2cSJames Bottomley pub = blob + 2 + private_len + 2;
412e5fb5d2cSJames Bottomley /* key attributes are always at offset 4 */
413e5fb5d2cSJames Bottomley attrs = get_unaligned_be32(pub + 4);
414e5fb5d2cSJames Bottomley
415e5fb5d2cSJames Bottomley if ((attrs & (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT)) ==
416e5fb5d2cSJames Bottomley (TPM2_OA_FIXED_TPM | TPM2_OA_FIXED_PARENT))
417e5fb5d2cSJames Bottomley payload->migratable = 0;
418e5fb5d2cSJames Bottomley else
419e5fb5d2cSJames Bottomley payload->migratable = 1;
420e5fb5d2cSJames Bottomley
4212e19e101SSumit Garg blob_len = private_len + public_len + 4;
4222e19e101SSumit Garg if (blob_len > payload->blob_len)
4232e19e101SSumit Garg return -E2BIG;
4242e19e101SSumit Garg
4252e19e101SSumit Garg rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD);
4262e19e101SSumit Garg if (rc)
4272e19e101SSumit Garg return rc;
4282e19e101SSumit Garg
4292e19e101SSumit Garg tpm_buf_append_u32(&buf, options->keyhandle);
4302e19e101SSumit Garg tpm2_buf_append_auth(&buf, TPM2_RS_PW,
4312e19e101SSumit Garg NULL /* nonce */, 0,
4322e19e101SSumit Garg 0 /* session_attributes */,
4332e19e101SSumit Garg options->keyauth /* hmac */,
4342e19e101SSumit Garg TPM_DIGEST_SIZE);
4352e19e101SSumit Garg
436f2219745SJames Bottomley tpm_buf_append(&buf, blob, blob_len);
4372e19e101SSumit Garg
4382e19e101SSumit Garg if (buf.flags & TPM_BUF_OVERFLOW) {
4392e19e101SSumit Garg rc = -E2BIG;
4402e19e101SSumit Garg goto out;
4412e19e101SSumit Garg }
4422e19e101SSumit Garg
4438c657a05SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &buf, 4, "loading blob");
4442e19e101SSumit Garg if (!rc)
4452e19e101SSumit Garg *blob_handle = be32_to_cpup(
4462e19e101SSumit Garg (__be32 *) &buf.data[TPM_HEADER_SIZE]);
4472e19e101SSumit Garg
4482e19e101SSumit Garg out:
449f2219745SJames Bottomley if (blob != payload->blob)
450f2219745SJames Bottomley kfree(blob);
4512e19e101SSumit Garg tpm_buf_destroy(&buf);
4522e19e101SSumit Garg
4532e19e101SSumit Garg if (rc > 0)
4542e19e101SSumit Garg rc = -EPERM;
4552e19e101SSumit Garg
4562e19e101SSumit Garg return rc;
4572e19e101SSumit Garg }
4582e19e101SSumit Garg
4592e19e101SSumit Garg /**
4602e19e101SSumit Garg * tpm2_unseal_cmd() - execute a TPM2_Unload command
4612e19e101SSumit Garg *
4622e19e101SSumit Garg * @chip: TPM chip to use
4632e19e101SSumit Garg * @payload: the key data in clear and encrypted form
4642e19e101SSumit Garg * @options: authentication values and other options
4652e19e101SSumit Garg * @blob_handle: blob handle
4662e19e101SSumit Garg *
4672e19e101SSumit Garg * Return: 0 on success
4682e19e101SSumit Garg * -EPERM on tpm error status
4692e19e101SSumit Garg * < 0 error from tpm_send
4702e19e101SSumit Garg */
tpm2_unseal_cmd(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options,u32 blob_handle)4712e19e101SSumit Garg static int tpm2_unseal_cmd(struct tpm_chip *chip,
4722e19e101SSumit Garg struct trusted_key_payload *payload,
4732e19e101SSumit Garg struct trusted_key_options *options,
4742e19e101SSumit Garg u32 blob_handle)
4752e19e101SSumit Garg {
4762e19e101SSumit Garg struct tpm_buf buf;
4772e19e101SSumit Garg u16 data_len;
4782e19e101SSumit Garg u8 *data;
4792e19e101SSumit Garg int rc;
4802e19e101SSumit Garg
4812e19e101SSumit Garg rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL);
4822e19e101SSumit Garg if (rc)
4832e19e101SSumit Garg return rc;
4842e19e101SSumit Garg
4852e19e101SSumit Garg tpm_buf_append_u32(&buf, blob_handle);
4862e19e101SSumit Garg tpm2_buf_append_auth(&buf,
4872e19e101SSumit Garg options->policyhandle ?
4882e19e101SSumit Garg options->policyhandle : TPM2_RS_PW,
4892e19e101SSumit Garg NULL /* nonce */, 0,
4902e19e101SSumit Garg TPM2_SA_CONTINUE_SESSION,
4912e19e101SSumit Garg options->blobauth /* hmac */,
492de66514dSJames Bottomley options->blobauth_len);
4932e19e101SSumit Garg
4948c657a05SJarkko Sakkinen rc = tpm_transmit_cmd(chip, &buf, 6, "unsealing");
4952e19e101SSumit Garg if (rc > 0)
4962e19e101SSumit Garg rc = -EPERM;
4972e19e101SSumit Garg
4982e19e101SSumit Garg if (!rc) {
4992e19e101SSumit Garg data_len = be16_to_cpup(
5002e19e101SSumit Garg (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]);
501e5fb5d2cSJames Bottomley if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE) {
5022e19e101SSumit Garg rc = -EFAULT;
5032e19e101SSumit Garg goto out;
5042e19e101SSumit Garg }
5052e19e101SSumit Garg
5062e19e101SSumit Garg if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) {
5072e19e101SSumit Garg rc = -EFAULT;
5082e19e101SSumit Garg goto out;
5092e19e101SSumit Garg }
5102e19e101SSumit Garg data = &buf.data[TPM_HEADER_SIZE + 6];
5112e19e101SSumit Garg
512e5fb5d2cSJames Bottomley if (payload->old_format) {
513e5fb5d2cSJames Bottomley /* migratable flag is at the end of the key */
5142e19e101SSumit Garg memcpy(payload->key, data, data_len - 1);
5152e19e101SSumit Garg payload->key_len = data_len - 1;
5162e19e101SSumit Garg payload->migratable = data[data_len - 1];
517e5fb5d2cSJames Bottomley } else {
518e5fb5d2cSJames Bottomley /*
519e5fb5d2cSJames Bottomley * migratable flag already collected from key
520e5fb5d2cSJames Bottomley * attributes
521e5fb5d2cSJames Bottomley */
522e5fb5d2cSJames Bottomley memcpy(payload->key, data, data_len);
523e5fb5d2cSJames Bottomley payload->key_len = data_len;
524e5fb5d2cSJames Bottomley }
5252e19e101SSumit Garg }
5262e19e101SSumit Garg
5272e19e101SSumit Garg out:
5282e19e101SSumit Garg tpm_buf_destroy(&buf);
5292e19e101SSumit Garg return rc;
5302e19e101SSumit Garg }
5312e19e101SSumit Garg
5322e19e101SSumit Garg /**
5332e19e101SSumit Garg * tpm2_unseal_trusted() - unseal the payload of a trusted key
5342e19e101SSumit Garg *
5352e19e101SSumit Garg * @chip: TPM chip to use
5362e19e101SSumit Garg * @payload: the key data in clear and encrypted form
5372e19e101SSumit Garg * @options: authentication values and other options
5382e19e101SSumit Garg *
5392e19e101SSumit Garg * Return: Same as with tpm_send.
5402e19e101SSumit Garg */
tpm2_unseal_trusted(struct tpm_chip * chip,struct trusted_key_payload * payload,struct trusted_key_options * options)5412e19e101SSumit Garg int tpm2_unseal_trusted(struct tpm_chip *chip,
5422e19e101SSumit Garg struct trusted_key_payload *payload,
5432e19e101SSumit Garg struct trusted_key_options *options)
5442e19e101SSumit Garg {
5452e19e101SSumit Garg u32 blob_handle;
5462e19e101SSumit Garg int rc;
5472e19e101SSumit Garg
5488c657a05SJarkko Sakkinen rc = tpm_try_get_ops(chip);
5492e19e101SSumit Garg if (rc)
5502e19e101SSumit Garg return rc;
5512e19e101SSumit Garg
5528c657a05SJarkko Sakkinen rc = tpm2_load_cmd(chip, payload, options, &blob_handle);
5538c657a05SJarkko Sakkinen if (rc)
5548c657a05SJarkko Sakkinen goto out;
5558c657a05SJarkko Sakkinen
5562e19e101SSumit Garg rc = tpm2_unseal_cmd(chip, payload, options, blob_handle);
55745477b3fSJames Bottomley tpm2_flush_context(chip, blob_handle);
5582e19e101SSumit Garg
5598c657a05SJarkko Sakkinen out:
5608c657a05SJarkko Sakkinen tpm_put_ops(chip);
5618c657a05SJarkko Sakkinen
5622e19e101SSumit Garg return rc;
5632e19e101SSumit Garg }
564