xref: /openbmc/u-boot/lib/tpm-v1.c (revision ecab65e4)
1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3  * Copyright (c) 2013 The Chromium OS Authors.
4  * Coypright (c) 2013 Guntermann & Drunck GmbH
5  */
6 
7 #define LOG_CATEGORY UCLASS_TPM
8 
9 #include <common.h>
10 #include <dm.h>
11 #include <asm/unaligned.h>
12 #include <u-boot/sha1.h>
13 #include <tpm-common.h>
14 #include <tpm-v1.h>
15 #include "tpm-utils.h"
16 
17 #ifdef CONFIG_TPM_AUTH_SESSIONS
18 
19 #ifndef CONFIG_SHA1
20 #error "TPM_AUTH_SESSIONS require SHA1 to be configured, too"
21 #endif /* !CONFIG_SHA1 */
22 
23 struct session_data {
24 	int		valid;
25 	u32	handle;
26 	u8		nonce_even[DIGEST_LENGTH];
27 	u8		nonce_odd[DIGEST_LENGTH];
28 };
29 
30 static struct session_data oiap_session = {0, };
31 
32 #endif /* CONFIG_TPM_AUTH_SESSIONS */
33 
34 u32 tpm_startup(struct udevice *dev, enum tpm_startup_type mode)
35 {
36 	const u8 command[12] = {
37 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x99, 0x0, 0x0,
38 	};
39 	const size_t mode_offset = 10;
40 	u8 buf[COMMAND_BUFFER_SIZE];
41 
42 	if (pack_byte_string(buf, sizeof(buf), "sw",
43 			     0, command, sizeof(command),
44 			     mode_offset, mode))
45 		return TPM_LIB_ERROR;
46 
47 	return tpm_sendrecv_command(dev, buf, NULL, NULL);
48 }
49 
50 u32 tpm_resume(struct udevice *dev)
51 {
52 	return tpm_startup(dev, TPM_ST_STATE);
53 }
54 
55 u32 tpm_self_test_full(struct udevice *dev)
56 {
57 	const u8 command[10] = {
58 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x50,
59 	};
60 	return tpm_sendrecv_command(dev, command, NULL, NULL);
61 }
62 
63 u32 tpm_continue_self_test(struct udevice *dev)
64 {
65 	const u8 command[10] = {
66 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x53,
67 	};
68 	return tpm_sendrecv_command(dev, command, NULL, NULL);
69 }
70 
71 u32 tpm_clear_and_reenable(struct udevice *dev)
72 {
73 	u32 ret;
74 
75 	log_info("TPM: Clear and re-enable\n");
76 	ret = tpm_force_clear(dev);
77 	if (ret != TPM_SUCCESS) {
78 		log_err("Can't initiate a force clear\n");
79 		return ret;
80 	}
81 
82 	if (tpm_get_version(dev) == TPM_V1) {
83 		ret = tpm_physical_enable(dev);
84 		if (ret != TPM_SUCCESS) {
85 			log_err("TPM: Can't set enabled state\n");
86 			return ret;
87 		}
88 
89 		ret = tpm_physical_set_deactivated(dev, 0);
90 		if (ret != TPM_SUCCESS) {
91 			log_err("TPM: Can't set deactivated state\n");
92 			return ret;
93 		}
94 	}
95 
96 	return TPM_SUCCESS;
97 }
98 
99 u32 tpm_nv_define_space(struct udevice *dev, u32 index, u32 perm, u32 size)
100 {
101 	const u8 command[101] = {
102 		0x0, 0xc1,		/* TPM_TAG */
103 		0x0, 0x0, 0x0, 0x65,	/* parameter size */
104 		0x0, 0x0, 0x0, 0xcc,	/* TPM_COMMAND_CODE */
105 		/* TPM_NV_DATA_PUBLIC->... */
106 		0x0, 0x18,		/* ...->TPM_STRUCTURE_TAG */
107 		0, 0, 0, 0,		/* ...->TPM_NV_INDEX */
108 		/* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */
109 		0x0, 0x3,
110 		0, 0, 0,
111 		0x1f,
112 		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
113 		/* TPM_NV_DATA_PUBLIC->TPM_PCR_INFO_SHORT */
114 		0x0, 0x3,
115 		0, 0, 0,
116 		0x1f,
117 		0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
118 		/* TPM_NV_ATTRIBUTES->... */
119 		0x0, 0x17,		/* ...->TPM_STRUCTURE_TAG */
120 		0, 0, 0, 0,		/* ...->attributes */
121 		/* End of TPM_NV_ATTRIBUTES */
122 		0,			/* bReadSTClear */
123 		0,			/* bWriteSTClear */
124 		0,			/* bWriteDefine */
125 		0, 0, 0, 0,		/* size */
126 	};
127 	const size_t index_offset = 12;
128 	const size_t perm_offset = 70;
129 	const size_t size_offset = 77;
130 	u8 buf[COMMAND_BUFFER_SIZE];
131 
132 	if (pack_byte_string(buf, sizeof(buf), "sddd",
133 			     0, command, sizeof(command),
134 			     index_offset, index,
135 			     perm_offset, perm,
136 			     size_offset, size))
137 		return TPM_LIB_ERROR;
138 
139 	return tpm_sendrecv_command(dev, buf, NULL, NULL);
140 }
141 
142 u32 tpm_nv_set_locked(struct udevice *dev)
143 {
144 	return tpm_nv_define_space(dev, TPM_NV_INDEX_LOCK, 0, 0);
145 }
146 
147 u32 tpm_nv_read_value(struct udevice *dev, u32 index, void *data, u32 count)
148 {
149 	const u8 command[22] = {
150 		0x0, 0xc1, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x0, 0xcf,
151 	};
152 	const size_t index_offset = 10;
153 	const size_t length_offset = 18;
154 	const size_t data_size_offset = 10;
155 	const size_t data_offset = 14;
156 	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
157 	size_t response_length = sizeof(response);
158 	u32 data_size;
159 	u32 err;
160 
161 	if (pack_byte_string(buf, sizeof(buf), "sdd",
162 			     0, command, sizeof(command),
163 			     index_offset, index,
164 			     length_offset, count))
165 		return TPM_LIB_ERROR;
166 	err = tpm_sendrecv_command(dev, buf, response, &response_length);
167 	if (err)
168 		return err;
169 	if (unpack_byte_string(response, response_length, "d",
170 			       data_size_offset, &data_size))
171 		return TPM_LIB_ERROR;
172 	if (data_size > count)
173 		return TPM_LIB_ERROR;
174 	if (unpack_byte_string(response, response_length, "s",
175 			       data_offset, data, data_size))
176 		return TPM_LIB_ERROR;
177 
178 	return 0;
179 }
180 
181 u32 tpm_nv_write_value(struct udevice *dev, u32 index, const void *data,
182 		       u32 length)
183 {
184 	const u8 command[256] = {
185 		0x0, 0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd,
186 	};
187 	const size_t command_size_offset = 2;
188 	const size_t index_offset = 10;
189 	const size_t length_offset = 18;
190 	const size_t data_offset = 22;
191 	const size_t write_info_size = 12;
192 	const u32 total_length =
193 		TPM_REQUEST_HEADER_LENGTH + write_info_size + length;
194 	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
195 	size_t response_length = sizeof(response);
196 	u32 err;
197 
198 	if (pack_byte_string(buf, sizeof(buf), "sddds",
199 			     0, command, sizeof(command),
200 			     command_size_offset, total_length,
201 			     index_offset, index,
202 			     length_offset, length,
203 			     data_offset, data, length))
204 		return TPM_LIB_ERROR;
205 	err = tpm_sendrecv_command(dev, buf, response, &response_length);
206 	if (err)
207 		return err;
208 
209 	return 0;
210 }
211 
212 uint32_t tpm_set_global_lock(struct udevice *dev)
213 {
214 	u32 x;
215 
216 	return tpm_nv_write_value(dev, TPM_NV_INDEX_0, (uint8_t *)&x, 0);
217 }
218 
219 u32 tpm_extend(struct udevice *dev, u32 index, const void *in_digest,
220 	       void *out_digest)
221 {
222 	const u8 command[34] = {
223 		0x0, 0xc1, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x0, 0x14,
224 	};
225 	const size_t index_offset = 10;
226 	const size_t in_digest_offset = 14;
227 	const size_t out_digest_offset = 10;
228 	u8 buf[COMMAND_BUFFER_SIZE];
229 	u8 response[TPM_RESPONSE_HEADER_LENGTH + PCR_DIGEST_LENGTH];
230 	size_t response_length = sizeof(response);
231 	u32 err;
232 
233 	if (pack_byte_string(buf, sizeof(buf), "sds",
234 			     0, command, sizeof(command),
235 			     index_offset, index,
236 			     in_digest_offset, in_digest,
237 			     PCR_DIGEST_LENGTH))
238 		return TPM_LIB_ERROR;
239 	err = tpm_sendrecv_command(dev, buf, response, &response_length);
240 	if (err)
241 		return err;
242 
243 	if (unpack_byte_string(response, response_length, "s",
244 			       out_digest_offset, out_digest,
245 			       PCR_DIGEST_LENGTH))
246 		return TPM_LIB_ERROR;
247 
248 	return 0;
249 }
250 
251 u32 tpm_pcr_read(struct udevice *dev, u32 index, void *data, size_t count)
252 {
253 	const u8 command[14] = {
254 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x15,
255 	};
256 	const size_t index_offset = 10;
257 	const size_t out_digest_offset = 10;
258 	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
259 	size_t response_length = sizeof(response);
260 	u32 err;
261 
262 	if (count < PCR_DIGEST_LENGTH)
263 		return TPM_LIB_ERROR;
264 
265 	if (pack_byte_string(buf, sizeof(buf), "sd",
266 			     0, command, sizeof(command),
267 			     index_offset, index))
268 		return TPM_LIB_ERROR;
269 	err = tpm_sendrecv_command(dev, buf, response, &response_length);
270 	if (err)
271 		return err;
272 	if (unpack_byte_string(response, response_length, "s",
273 			       out_digest_offset, data, PCR_DIGEST_LENGTH))
274 		return TPM_LIB_ERROR;
275 
276 	return 0;
277 }
278 
279 u32 tpm_tsc_physical_presence(struct udevice *dev, u16 presence)
280 {
281 	const u8 command[12] = {
282 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x0, 0x0,
283 	};
284 	const size_t presence_offset = 10;
285 	u8 buf[COMMAND_BUFFER_SIZE];
286 
287 	if (pack_byte_string(buf, sizeof(buf), "sw",
288 			     0, command, sizeof(command),
289 			     presence_offset, presence))
290 		return TPM_LIB_ERROR;
291 
292 	return tpm_sendrecv_command(dev, buf, NULL, NULL);
293 }
294 
295 u32 tpm_finalise_physical_presence(struct udevice *dev)
296 {
297 	const u8 command[12] = {
298 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xc, 0x40, 0x0, 0x0, 0xa, 0x2, 0xa0,
299 	};
300 
301 	return tpm_sendrecv_command(dev, command, NULL, NULL);
302 }
303 
304 u32 tpm_read_pubek(struct udevice *dev, void *data, size_t count)
305 {
306 	const u8 command[30] = {
307 		0x0, 0xc1, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x7c,
308 	};
309 	const size_t response_size_offset = 2;
310 	const size_t data_offset = 10;
311 	const size_t header_and_checksum_size = TPM_RESPONSE_HEADER_LENGTH + 20;
312 	u8 response[COMMAND_BUFFER_SIZE + TPM_PUBEK_SIZE];
313 	size_t response_length = sizeof(response);
314 	u32 data_size;
315 	u32 err;
316 
317 	err = tpm_sendrecv_command(dev, command, response, &response_length);
318 	if (err)
319 		return err;
320 	if (unpack_byte_string(response, response_length, "d",
321 			       response_size_offset, &data_size))
322 		return TPM_LIB_ERROR;
323 	if (data_size < header_and_checksum_size)
324 		return TPM_LIB_ERROR;
325 	data_size -= header_and_checksum_size;
326 	if (data_size > count)
327 		return TPM_LIB_ERROR;
328 	if (unpack_byte_string(response, response_length, "s",
329 			       data_offset, data, data_size))
330 		return TPM_LIB_ERROR;
331 
332 	return 0;
333 }
334 
335 u32 tpm_force_clear(struct udevice *dev)
336 {
337 	const u8 command[10] = {
338 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x5d,
339 	};
340 
341 	return tpm_sendrecv_command(dev, command, NULL, NULL);
342 }
343 
344 u32 tpm_physical_enable(struct udevice *dev)
345 {
346 	const u8 command[10] = {
347 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x6f,
348 	};
349 
350 	return tpm_sendrecv_command(dev, command, NULL, NULL);
351 }
352 
353 u32 tpm_physical_disable(struct udevice *dev)
354 {
355 	const u8 command[10] = {
356 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x70,
357 	};
358 
359 	return tpm_sendrecv_command(dev, command, NULL, NULL);
360 }
361 
362 u32 tpm_physical_set_deactivated(struct udevice *dev, u8 state)
363 {
364 	const u8 command[11] = {
365 		0x0, 0xc1, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x72,
366 	};
367 	const size_t state_offset = 10;
368 	u8 buf[COMMAND_BUFFER_SIZE];
369 
370 	if (pack_byte_string(buf, sizeof(buf), "sb",
371 			     0, command, sizeof(command),
372 			     state_offset, state))
373 		return TPM_LIB_ERROR;
374 
375 	return tpm_sendrecv_command(dev, buf, NULL, NULL);
376 }
377 
378 u32 tpm_get_capability(struct udevice *dev, u32 cap_area, u32 sub_cap,
379 		       void *cap, size_t count)
380 {
381 	const u8 command[22] = {
382 		0x0, 0xc1,		/* TPM_TAG */
383 		0x0, 0x0, 0x0, 0x16,	/* parameter size */
384 		0x0, 0x0, 0x0, 0x65,	/* TPM_COMMAND_CODE */
385 		0x0, 0x0, 0x0, 0x0,	/* TPM_CAPABILITY_AREA */
386 		0x0, 0x0, 0x0, 0x4,	/* subcap size */
387 		0x0, 0x0, 0x0, 0x0,	/* subcap value */
388 	};
389 	const size_t cap_area_offset = 10;
390 	const size_t sub_cap_offset = 18;
391 	const size_t cap_offset = 14;
392 	const size_t cap_size_offset = 10;
393 	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
394 	size_t response_length = sizeof(response);
395 	u32 cap_size;
396 	u32 err;
397 
398 	if (pack_byte_string(buf, sizeof(buf), "sdd",
399 			     0, command, sizeof(command),
400 			     cap_area_offset, cap_area,
401 			     sub_cap_offset, sub_cap))
402 		return TPM_LIB_ERROR;
403 	err = tpm_sendrecv_command(dev, buf, response, &response_length);
404 	if (err)
405 		return err;
406 	if (unpack_byte_string(response, response_length, "d",
407 			       cap_size_offset, &cap_size))
408 		return TPM_LIB_ERROR;
409 	if (cap_size > response_length || cap_size > count)
410 		return TPM_LIB_ERROR;
411 	if (unpack_byte_string(response, response_length, "s",
412 			       cap_offset, cap, cap_size))
413 		return TPM_LIB_ERROR;
414 
415 	return 0;
416 }
417 
418 u32 tpm_get_permanent_flags(struct udevice *dev,
419 			    struct tpm_permanent_flags *pflags)
420 {
421 	const u8 command[22] = {
422 		0x0, 0xc1,		/* TPM_TAG */
423 		0x0, 0x0, 0x0, 0x16,	/* parameter size */
424 		0x0, 0x0, 0x0, 0x65,	/* TPM_COMMAND_CODE */
425 		0x0, 0x0, 0x0, 0x4,	/* TPM_CAP_FLAG_PERM */
426 		0x0, 0x0, 0x0, 0x4,	/* subcap size */
427 		0x0, 0x0, 0x1, 0x8,	/* subcap value */
428 	};
429 	const size_t data_size_offset = TPM_HEADER_SIZE;
430 	const size_t data_offset = TPM_HEADER_SIZE + sizeof(u32);
431 	u8 response[COMMAND_BUFFER_SIZE];
432 	size_t response_length = sizeof(response);
433 	u32 err;
434 	u32 data_size;
435 
436 	err = tpm_sendrecv_command(dev, command, response, &response_length);
437 	if (err)
438 		return err;
439 	if (unpack_byte_string(response, response_length, "d",
440 			       data_size_offset, &data_size)) {
441 		log_err("Cannot unpack data size\n");
442 		return TPM_LIB_ERROR;
443 	}
444 	if (data_size < sizeof(*pflags)) {
445 		log_err("Data size too small\n");
446 		return TPM_LIB_ERROR;
447 	}
448 	if (unpack_byte_string(response, response_length, "s",
449 			       data_offset, pflags, sizeof(*pflags))) {
450 		log_err("Cannot unpack pflags\n");
451 		return TPM_LIB_ERROR;
452 	}
453 
454 	return 0;
455 }
456 
457 u32 tpm_get_permissions(struct udevice *dev, u32 index, u32 *perm)
458 {
459 	const u8 command[22] = {
460 		0x0, 0xc1,		/* TPM_TAG */
461 		0x0, 0x0, 0x0, 0x16,	/* parameter size */
462 		0x0, 0x0, 0x0, 0x65,	/* TPM_COMMAND_CODE */
463 		0x0, 0x0, 0x0, 0x11,
464 		0x0, 0x0, 0x0, 0x4,
465 	};
466 	const size_t index_offset = 18;
467 	const size_t perm_offset = 60;
468 	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
469 	size_t response_length = sizeof(response);
470 	u32 err;
471 
472 	if (pack_byte_string(buf, sizeof(buf), "d", 0, command, sizeof(command),
473 			     index_offset, index))
474 		return TPM_LIB_ERROR;
475 	err = tpm_sendrecv_command(dev, buf, response, &response_length);
476 	if (err)
477 		return err;
478 	if (unpack_byte_string(response, response_length, "d",
479 			       perm_offset, perm))
480 		return TPM_LIB_ERROR;
481 
482 	return 0;
483 }
484 
485 #ifdef CONFIG_TPM_FLUSH_RESOURCES
486 u32 tpm_flush_specific(struct udevice *dev, u32 key_handle, u32 resource_type)
487 {
488 	const u8 command[18] = {
489 		0x00, 0xc1,             /* TPM_TAG */
490 		0x00, 0x00, 0x00, 0x12, /* parameter size */
491 		0x00, 0x00, 0x00, 0xba, /* TPM_COMMAND_CODE */
492 		0x00, 0x00, 0x00, 0x00, /* key handle */
493 		0x00, 0x00, 0x00, 0x00, /* resource type */
494 	};
495 	const size_t key_handle_offset = 10;
496 	const size_t resource_type_offset = 14;
497 	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
498 	size_t response_length = sizeof(response);
499 	u32 err;
500 
501 	if (pack_byte_string(buf, sizeof(buf), "sdd",
502 			     0, command, sizeof(command),
503 			     key_handle_offset, key_handle,
504 			     resource_type_offset, resource_type))
505 		return TPM_LIB_ERROR;
506 
507 	err = tpm_sendrecv_command(dev, buf, response, &response_length);
508 	if (err)
509 		return err;
510 	return 0;
511 }
512 #endif /* CONFIG_TPM_FLUSH_RESOURCES */
513 
514 #ifdef CONFIG_TPM_AUTH_SESSIONS
515 
516 /**
517  * Fill an authentication block in a request.
518  * This func can create the first as well as the second auth block (for
519  * double authorized commands).
520  *
521  * @param request	pointer to the request (w/ uninitialised auth data)
522  * @param request_len0	length of the request without auth data
523  * @param handles_len	length of the handles area in request
524  * @param auth_session	pointer to the (valid) auth session to be used
525  * @param request_auth	pointer to the auth block of the request to be filled
526  * @param auth		authentication data (HMAC key)
527  */
528 static u32 create_request_auth(const void *request, size_t request_len0,
529 			       size_t handles_len,
530 			       struct session_data *auth_session,
531 			       void *request_auth, const void *auth)
532 {
533 	u8 hmac_data[DIGEST_LENGTH * 3 + 1];
534 	sha1_context hash_ctx;
535 	const size_t command_code_offset = 6;
536 	const size_t auth_nonce_odd_offset = 4;
537 	const size_t auth_continue_offset = 24;
538 	const size_t auth_auth_offset = 25;
539 
540 	if (!auth_session || !auth_session->valid)
541 		return TPM_LIB_ERROR;
542 
543 	sha1_starts(&hash_ctx);
544 	sha1_update(&hash_ctx, request + command_code_offset, 4);
545 	if (request_len0 > TPM_REQUEST_HEADER_LENGTH + handles_len)
546 		sha1_update(&hash_ctx,
547 			    request + TPM_REQUEST_HEADER_LENGTH + handles_len,
548 			    request_len0 - TPM_REQUEST_HEADER_LENGTH
549 			    - handles_len);
550 	sha1_finish(&hash_ctx, hmac_data);
551 
552 	sha1_starts(&hash_ctx);
553 	sha1_update(&hash_ctx, auth_session->nonce_odd, DIGEST_LENGTH);
554 	sha1_update(&hash_ctx, hmac_data, sizeof(hmac_data));
555 	sha1_finish(&hash_ctx, auth_session->nonce_odd);
556 
557 	if (pack_byte_string(request_auth, TPM_REQUEST_AUTH_LENGTH, "dsb",
558 			     0, auth_session->handle,
559 			     auth_nonce_odd_offset, auth_session->nonce_odd,
560 			     DIGEST_LENGTH,
561 			     auth_continue_offset, 1))
562 		return TPM_LIB_ERROR;
563 	if (pack_byte_string(hmac_data, sizeof(hmac_data), "ss",
564 			     DIGEST_LENGTH,
565 			     auth_session->nonce_even,
566 			     DIGEST_LENGTH,
567 			     2 * DIGEST_LENGTH,
568 			     request_auth + auth_nonce_odd_offset,
569 			     DIGEST_LENGTH + 1))
570 		return TPM_LIB_ERROR;
571 	sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data),
572 		  request_auth + auth_auth_offset);
573 
574 	return TPM_SUCCESS;
575 }
576 
577 /**
578  * Verify an authentication block in a response.
579  * Since this func updates the nonce_even in the session data it has to be
580  * called when receiving a succesfull AUTH response.
581  * This func can verify the first as well as the second auth block (for
582  * double authorized commands).
583  *
584  * @param command_code	command code of the request
585  * @param response	pointer to the request (w/ uninitialised auth data)
586  * @param handles_len	length of the handles area in response
587  * @param auth_session	pointer to the (valid) auth session to be used
588  * @param response_auth	pointer to the auth block of the response to be verified
589  * @param auth		authentication data (HMAC key)
590  */
591 static u32 verify_response_auth(u32 command_code, const void *response,
592 				size_t response_len0, size_t handles_len,
593 				struct session_data *auth_session,
594 				const void *response_auth, const void *auth)
595 {
596 	u8 hmac_data[DIGEST_LENGTH * 3 + 1];
597 	u8 computed_auth[DIGEST_LENGTH];
598 	sha1_context hash_ctx;
599 	const size_t return_code_offset = 6;
600 	const size_t auth_continue_offset = 20;
601 	const size_t auth_auth_offset = 21;
602 	u8 auth_continue;
603 
604 	if (!auth_session || !auth_session->valid)
605 		return TPM_AUTHFAIL;
606 	if (pack_byte_string(hmac_data, sizeof(hmac_data), "d",
607 			     0, command_code))
608 		return TPM_LIB_ERROR;
609 	if (response_len0 < TPM_RESPONSE_HEADER_LENGTH)
610 		return TPM_LIB_ERROR;
611 
612 	sha1_starts(&hash_ctx);
613 	sha1_update(&hash_ctx, response + return_code_offset, 4);
614 	sha1_update(&hash_ctx, hmac_data, 4);
615 	if (response_len0 > TPM_RESPONSE_HEADER_LENGTH + handles_len)
616 		sha1_update(&hash_ctx,
617 			    response + TPM_RESPONSE_HEADER_LENGTH + handles_len,
618 			    response_len0 - TPM_RESPONSE_HEADER_LENGTH
619 			    - handles_len);
620 	sha1_finish(&hash_ctx, hmac_data);
621 
622 	memcpy(auth_session->nonce_even, response_auth, DIGEST_LENGTH);
623 	auth_continue = ((u8 *)response_auth)[auth_continue_offset];
624 	if (pack_byte_string(hmac_data, sizeof(hmac_data), "ssb",
625 			     DIGEST_LENGTH,
626 			     response_auth,
627 			     DIGEST_LENGTH,
628 			     2 * DIGEST_LENGTH,
629 			     auth_session->nonce_odd,
630 			     DIGEST_LENGTH,
631 			     3 * DIGEST_LENGTH,
632 			     auth_continue))
633 		return TPM_LIB_ERROR;
634 
635 	sha1_hmac(auth, DIGEST_LENGTH, hmac_data, sizeof(hmac_data),
636 		  computed_auth);
637 
638 	if (memcmp(computed_auth, response_auth + auth_auth_offset,
639 		   DIGEST_LENGTH))
640 		return TPM_AUTHFAIL;
641 
642 	return TPM_SUCCESS;
643 }
644 
645 u32 tpm_terminate_auth_session(struct udevice *dev, u32 auth_handle)
646 {
647 	const u8 command[18] = {
648 		0x00, 0xc1,		/* TPM_TAG */
649 		0x00, 0x00, 0x00, 0x00,	/* parameter size */
650 		0x00, 0x00, 0x00, 0xba,	/* TPM_COMMAND_CODE */
651 		0x00, 0x00, 0x00, 0x00,	/* TPM_HANDLE */
652 		0x00, 0x00, 0x00, 0x02,	/* TPM_RESOURCE_TYPE */
653 	};
654 	const size_t req_handle_offset = TPM_REQUEST_HEADER_LENGTH;
655 	u8 request[COMMAND_BUFFER_SIZE];
656 
657 	if (pack_byte_string(request, sizeof(request), "sd",
658 			     0, command, sizeof(command),
659 			     req_handle_offset, auth_handle))
660 		return TPM_LIB_ERROR;
661 	if (oiap_session.valid && oiap_session.handle == auth_handle)
662 		oiap_session.valid = 0;
663 
664 	return tpm_sendrecv_command(dev, request, NULL, NULL);
665 }
666 
667 u32 tpm_end_oiap(struct udevice *dev)
668 {
669 	u32 err = TPM_SUCCESS;
670 
671 	if (oiap_session.valid)
672 		err = tpm_terminate_auth_session(dev, oiap_session.handle);
673 	return err;
674 }
675 
676 u32 tpm_oiap(struct udevice *dev, u32 *auth_handle)
677 {
678 	const u8 command[10] = {
679 		0x00, 0xc1,		/* TPM_TAG */
680 		0x00, 0x00, 0x00, 0x0a,	/* parameter size */
681 		0x00, 0x00, 0x00, 0x0a,	/* TPM_COMMAND_CODE */
682 	};
683 	const size_t res_auth_handle_offset = TPM_RESPONSE_HEADER_LENGTH;
684 	const size_t res_nonce_even_offset = TPM_RESPONSE_HEADER_LENGTH + 4;
685 	u8 response[COMMAND_BUFFER_SIZE];
686 	size_t response_length = sizeof(response);
687 	u32 err;
688 
689 	if (oiap_session.valid)
690 		tpm_terminate_auth_session(dev, oiap_session.handle);
691 
692 	err = tpm_sendrecv_command(dev, command, response, &response_length);
693 	if (err)
694 		return err;
695 	if (unpack_byte_string(response, response_length, "ds",
696 			       res_auth_handle_offset, &oiap_session.handle,
697 			       res_nonce_even_offset, &oiap_session.nonce_even,
698 			       (u32)DIGEST_LENGTH))
699 		return TPM_LIB_ERROR;
700 	oiap_session.valid = 1;
701 	if (auth_handle)
702 		*auth_handle = oiap_session.handle;
703 	return 0;
704 }
705 
706 u32 tpm_load_key2_oiap(struct udevice *dev, u32 parent_handle, const void *key,
707 		       size_t key_length, const void *parent_key_usage_auth,
708 		       u32 *key_handle)
709 {
710 	const u8 command[14] = {
711 		0x00, 0xc2,		/* TPM_TAG */
712 		0x00, 0x00, 0x00, 0x00,	/* parameter size */
713 		0x00, 0x00, 0x00, 0x41,	/* TPM_COMMAND_CODE */
714 		0x00, 0x00, 0x00, 0x00,	/* parent handle */
715 	};
716 	const size_t req_size_offset = 2;
717 	const size_t req_parent_handle_offset = TPM_REQUEST_HEADER_LENGTH;
718 	const size_t req_key_offset = TPM_REQUEST_HEADER_LENGTH + 4;
719 	const size_t res_handle_offset = TPM_RESPONSE_HEADER_LENGTH;
720 	u8 request[sizeof(command) + TPM_KEY12_MAX_LENGTH +
721 		   TPM_REQUEST_AUTH_LENGTH];
722 	u8 response[COMMAND_BUFFER_SIZE];
723 	size_t response_length = sizeof(response);
724 	u32 err;
725 
726 	if (!oiap_session.valid) {
727 		err = tpm_oiap(dev, NULL);
728 		if (err)
729 			return err;
730 	}
731 	if (pack_byte_string(request, sizeof(request), "sdds",
732 			     0, command, sizeof(command),
733 			     req_size_offset,
734 			     sizeof(command) + key_length
735 			     + TPM_REQUEST_AUTH_LENGTH,
736 			     req_parent_handle_offset, parent_handle,
737 			     req_key_offset, key, key_length
738 		))
739 		return TPM_LIB_ERROR;
740 
741 	err = create_request_auth(request, sizeof(command) + key_length, 4,
742 				  &oiap_session,
743 				  request + sizeof(command) + key_length,
744 				  parent_key_usage_auth);
745 	if (err)
746 		return err;
747 	err = tpm_sendrecv_command(dev, request, response, &response_length);
748 	if (err) {
749 		if (err == TPM_AUTHFAIL)
750 			oiap_session.valid = 0;
751 		return err;
752 	}
753 
754 	err = verify_response_auth(0x00000041, response,
755 				   response_length - TPM_RESPONSE_AUTH_LENGTH,
756 				   4, &oiap_session,
757 				   response + response_length -
758 				   TPM_RESPONSE_AUTH_LENGTH,
759 				   parent_key_usage_auth);
760 	if (err)
761 		return err;
762 
763 	if (key_handle) {
764 		if (unpack_byte_string(response, response_length, "d",
765 				       res_handle_offset, key_handle))
766 			return TPM_LIB_ERROR;
767 	}
768 
769 	return 0;
770 }
771 
772 u32 tpm_get_pub_key_oiap(struct udevice *dev, u32 key_handle,
773 			 const void *usage_auth, void *pubkey,
774 			 size_t *pubkey_len)
775 {
776 	const u8 command[14] = {
777 		0x00, 0xc2,		/* TPM_TAG */
778 		0x00, 0x00, 0x00, 0x00,	/* parameter size */
779 		0x00, 0x00, 0x00, 0x21,	/* TPM_COMMAND_CODE */
780 		0x00, 0x00, 0x00, 0x00,	/* key handle */
781 	};
782 	const size_t req_size_offset = 2;
783 	const size_t req_key_handle_offset = TPM_REQUEST_HEADER_LENGTH;
784 	const size_t res_pubkey_offset = TPM_RESPONSE_HEADER_LENGTH;
785 	u8 request[sizeof(command) + TPM_REQUEST_AUTH_LENGTH];
786 	u8 response[TPM_RESPONSE_HEADER_LENGTH + TPM_PUBKEY_MAX_LENGTH +
787 		    TPM_RESPONSE_AUTH_LENGTH];
788 	size_t response_length = sizeof(response);
789 	u32 err;
790 
791 	if (!oiap_session.valid) {
792 		err = tpm_oiap(dev, NULL);
793 		if (err)
794 			return err;
795 	}
796 	if (pack_byte_string(request, sizeof(request), "sdd",
797 			     0, command, sizeof(command),
798 			     req_size_offset,
799 			     (u32)(sizeof(command)
800 			     + TPM_REQUEST_AUTH_LENGTH),
801 			     req_key_handle_offset, key_handle
802 		))
803 		return TPM_LIB_ERROR;
804 	err = create_request_auth(request, sizeof(command), 4, &oiap_session,
805 				  request + sizeof(command), usage_auth);
806 	if (err)
807 		return err;
808 	err = tpm_sendrecv_command(dev, request, response, &response_length);
809 	if (err) {
810 		if (err == TPM_AUTHFAIL)
811 			oiap_session.valid = 0;
812 		return err;
813 	}
814 	err = verify_response_auth(0x00000021, response,
815 				   response_length - TPM_RESPONSE_AUTH_LENGTH,
816 				   0, &oiap_session,
817 				   response + response_length -
818 				   TPM_RESPONSE_AUTH_LENGTH,
819 				   usage_auth);
820 	if (err)
821 		return err;
822 
823 	if (pubkey) {
824 		if ((response_length - TPM_RESPONSE_HEADER_LENGTH
825 		     - TPM_RESPONSE_AUTH_LENGTH) > *pubkey_len)
826 			return TPM_LIB_ERROR;
827 		*pubkey_len = response_length - TPM_RESPONSE_HEADER_LENGTH
828 			- TPM_RESPONSE_AUTH_LENGTH;
829 		memcpy(pubkey, response + res_pubkey_offset,
830 		       response_length - TPM_RESPONSE_HEADER_LENGTH
831 		       - TPM_RESPONSE_AUTH_LENGTH);
832 	}
833 
834 	return 0;
835 }
836 
837 #ifdef CONFIG_TPM_LOAD_KEY_BY_SHA1
838 u32 tpm_find_key_sha1(struct udevice *dev, const u8 auth[20],
839 		      const u8 pubkey_digest[20], u32 *handle)
840 {
841 	u16 key_count;
842 	u32 key_handles[10];
843 	u8 buf[288];
844 	u8 *ptr;
845 	u32 err;
846 	u8 digest[20];
847 	size_t buf_len;
848 	unsigned int i;
849 
850 	/* fetch list of already loaded keys in the TPM */
851 	err = tpm_get_capability(dev, TPM_CAP_HANDLE, TPM_RT_KEY, buf,
852 				 sizeof(buf));
853 	if (err)
854 		return -1;
855 	key_count = get_unaligned_be16(buf);
856 	ptr = buf + 2;
857 	for (i = 0; i < key_count; ++i, ptr += 4)
858 		key_handles[i] = get_unaligned_be32(ptr);
859 
860 	/* now search a(/ the) key which we can access with the given auth */
861 	for (i = 0; i < key_count; ++i) {
862 		buf_len = sizeof(buf);
863 		err = tpm_get_pub_key_oiap(key_handles[i], auth, buf, &buf_len);
864 		if (err && err != TPM_AUTHFAIL)
865 			return -1;
866 		if (err)
867 			continue;
868 		sha1_csum(buf, buf_len, digest);
869 		if (!memcmp(digest, pubkey_digest, 20)) {
870 			*handle = key_handles[i];
871 			return 0;
872 		}
873 	}
874 	return 1;
875 }
876 #endif /* CONFIG_TPM_LOAD_KEY_BY_SHA1 */
877 
878 #endif /* CONFIG_TPM_AUTH_SESSIONS */
879 
880 u32 tpm_get_random(struct udevice *dev, void *data, u32 count)
881 {
882 	const u8 command[14] = {
883 		0x0, 0xc1,		/* TPM_TAG */
884 		0x0, 0x0, 0x0, 0xe,	/* parameter size */
885 		0x0, 0x0, 0x0, 0x46,	/* TPM_COMMAND_CODE */
886 	};
887 	const size_t length_offset = 10;
888 	const size_t data_size_offset = 10;
889 	const size_t data_offset = 14;
890 	u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
891 	size_t response_length = sizeof(response);
892 	u32 data_size;
893 	u8 *out = data;
894 
895 	while (count > 0) {
896 		u32 this_bytes = min((size_t)count,
897 				     sizeof(response) - data_offset);
898 		u32 err;
899 
900 		if (pack_byte_string(buf, sizeof(buf), "sd",
901 				     0, command, sizeof(command),
902 				     length_offset, this_bytes))
903 			return TPM_LIB_ERROR;
904 		err = tpm_sendrecv_command(dev, buf, response,
905 					   &response_length);
906 		if (err)
907 			return err;
908 		if (unpack_byte_string(response, response_length, "d",
909 				       data_size_offset, &data_size))
910 			return TPM_LIB_ERROR;
911 		if (data_size > count)
912 			return TPM_LIB_ERROR;
913 		if (unpack_byte_string(response, response_length, "s",
914 				       data_offset, out, data_size))
915 			return TPM_LIB_ERROR;
916 
917 		count -= data_size;
918 		out += data_size;
919 	}
920 
921 	return 0;
922 }
923