From da493c3535f60be1315511d31d86358a01fc6f69 Mon Sep 17 00:00:00 2001 From: Javier Almansa Sobrino Date: Tue, 14 Jul 2020 17:50:07 +0100 Subject: [PATCH] Catch up the ARM32 TA fTPM implementation with master. Signed-off-by: Javier Almansa Sobrino --- .../fTPM/include/Wolf/TpmToWolfHash.h | 199 +++ .../fTPM/include/Wolf/TpmToWolfMath.h | 91 ++ .../optee_ta/fTPM/include/Wolf/TpmToWolfSym.h | 120 ++ .../fTPM/include/Wolf/user_settings.h | 108 ++ .../optee_ta/fTPM/include/fTPM.h | 4 +- .../optee_ta/fTPM/lib/tpm/sub.mk | 338 ++--- .../optee_ta/fTPM/lib/wolf/sub.mk | 13 +- .../optee_ta/fTPM/platform/PlatformACT.c | 345 +++++ .../optee_ta/fTPM/platform/PlatformData.c | 2 +- .../optee_ta/fTPM/platform/include/Admin.h | 2 +- .../optee_ta/fTPM/platform/include/Platform.h | 52 + .../fTPM/platform/include/PlatformData.h | 2 +- .../fTPM/platform/include/Platform_fp.h | 80 +- .../optee_ta/fTPM/reference/RuntimeSupport.c | 2 +- .../fTPM/reference/include/Implementation.h | 1179 ----------------- .../fTPM/reference/include/TpmProfile.h | 810 +++++++++++ .../ARM32-FirmwareTPM/optee_ta/fTPM/sub.mk | 21 +- TPMCmd/Platform/include/PlatformClock.h | 3 +- external/wolfssl | 2 +- 19 files changed, 2009 insertions(+), 1364 deletions(-) create mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfHash.h create mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfMath.h create mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfSym.h create mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/user_settings.h create mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformACT.c create mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform.h delete mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/Implementation.h create mode 100644 Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/TpmProfile.h diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfHash.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfHash.h new file mode 100644 index 00000000..23d0cdda --- /dev/null +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfHash.h @@ -0,0 +1,199 @@ +/* Microsoft Reference Implementation for TPM 2.0 + * + * The copyright in this software is being made available under the BSD License, + * included below. This software may be subject to other third party and + * contributor rights, including patent rights, and no such rights are granted + * under this license. + * + * Copyright (c) Microsoft Corporation + * + * All rights reserved. + * + * BSD License + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this list + * of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, this + * list of conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +//** Introduction +// +// This header file is used to 'splice' the wolfcrypt hash code into the TPM code. +// +#ifndef HASH_LIB_DEFINED +#define HASH_LIB_DEFINED + +#define HASH_LIB_WOLF + +#define HASH_ALIGNMENT RADIX_BYTES + +#ifndef WOLFSSL_USER_SETTINGS +#define WOLFSSL_USER_SETTINGS +#endif + +#if ALG_SHA384 || ALG_SHA512 +#define WOLFSSL_SHA512 +#endif + +#if ALG_SM3_256 +#undef ALG_SM3_256 +#define ALG_SM3_256 ALG_NO +//#error "SM3 is not available" +#endif + +#include +#include +#include + + +//*************************************************************** +//** Links to the wolfcrypt HASH code +//*************************************************************** + +// Redefine the internal name used for each of the hash state structures to the +// name used by the library. +// These defines need to be known in all parts of the TPM so that the structure +// sizes can be properly computed when needed. + +#define tpmHashStateSHA1_t wc_Sha +#define tpmHashStateSHA256_t wc_Sha256 +#define tpmHashStateSHA384_t wc_Sha512 +#define tpmHashStateSHA512_t wc_Sha512 + +#if ALG_SM3 +# error "The version of WolfCrypt used by this code does not support SM3" +#endif + +// The defines below are only needed when compiling CryptHash.c or CryptSmac.c. +// This isolation is primarily to avoid name space collision. However, if there +// is a real collision, it will likely show up when the linker tries to put things +// together. + +#ifdef _CRYPT_HASH_C_ + +typedef BYTE *PBYTE; +typedef const BYTE *PCBYTE; + +// Define the interface between CryptHash.c to the functions provided by the +// library. For each method, define the calling parameters of the method and then +// define how the method is invoked in CryptHash.c. +// +// All hashes are required to have the same calling sequence. If they don't, create +// a simple adaptation function that converts from the "standard" form of the call +// to the form used by the specific hash (and then send a nasty letter to the +// person who wrote the hash function for the library). +// +// The macro that calls the method also defines how the +// parameters get swizzled between the default form (in CryptHash.c)and the +// library form. +// +// Initialize the hash context +#define HASH_START_METHOD_DEF void (HASH_START_METHOD)(PANY_HASH_STATE state) +#define HASH_START(hashState) \ + ((hashState)->def->method.start)(&(hashState)->state); + +// Add data to the hash +#define HASH_DATA_METHOD_DEF \ + void (HASH_DATA_METHOD)(PANY_HASH_STATE state, \ + PCBYTE buffer, \ + size_t size) +#define HASH_DATA(hashState, dInSize, dIn) \ + ((hashState)->def->method.data)(&(hashState)->state, dIn, dInSize) + +// Finalize the hash and get the digest +#define HASH_END_METHOD_DEF \ + void (HASH_END_METHOD)(PANY_HASH_STATE state, BYTE *buffer) +#define HASH_END(hashState, buffer) \ + ((hashState)->def->method.end)(&(hashState)->state, buffer) + +// Copy the hash context +// Note: For import, export, and copy, memcpy() is used since there is no +// reformatting necessary between the internal and external forms. +#define HASH_STATE_COPY_METHOD_DEF \ + void (HASH_STATE_COPY_METHOD)(PANY_HASH_STATE to, \ + PCANY_HASH_STATE from, \ + size_t size) +#define HASH_STATE_COPY(hashStateOut, hashStateIn) \ + ((hashStateIn)->def->method.copy)(&(hashStateOut)->state, \ + &(hashStateIn)->state, \ + (hashStateIn)->def->contextSize) + +// Copy (with reformatting when necessary) an internal hash structure to an +// external blob +#define HASH_STATE_EXPORT_METHOD_DEF \ + void (HASH_STATE_EXPORT_METHOD)(BYTE *to, \ + PCANY_HASH_STATE from, \ + size_t size) +#define HASH_STATE_EXPORT(to, hashStateFrom) \ + ((hashStateFrom)->def->method.copyOut) \ + (&(((BYTE *)(to))[offsetof(HASH_STATE, state)]), \ + &(hashStateFrom)->state, \ + (hashStateFrom)->def->contextSize) + +// Copy from an external blob to an internal formate (with reformatting when +// necessary +#define HASH_STATE_IMPORT_METHOD_DEF \ + void (HASH_STATE_IMPORT_METHOD)(PANY_HASH_STATE to, \ + const BYTE *from, \ + size_t size) +#define HASH_STATE_IMPORT(hashStateTo, from) \ + ((hashStateTo)->def->method.copyIn) \ + (&(hashStateTo)->state, \ + &(((const BYTE *)(from))[offsetof(HASH_STATE, state)]),\ + (hashStateTo)->def->contextSize) + + +// Function aliases. The code in CryptHash.c uses the internal designation for the +// functions. These need to be translated to the function names of the library. +// Internal External +// Designation Designation +#define tpmHashStart_SHA1 wc_InitSha // external name of the + // initialization method +#define tpmHashData_SHA1 wc_ShaUpdate +#define tpmHashEnd_SHA1 wc_ShaFinal +#define tpmHashStateCopy_SHA1 memcpy +#define tpmHashStateExport_SHA1 memcpy +#define tpmHashStateImport_SHA1 memcpy +#define tpmHashStart_SHA256 wc_InitSha256 +#define tpmHashData_SHA256 wc_Sha256Update +#define tpmHashEnd_SHA256 wc_Sha256Final +#define tpmHashStateCopy_SHA256 memcpy +#define tpmHashStateExport_SHA256 memcpy +#define tpmHashStateImport_SHA256 memcpy +#define tpmHashStart_SHA384 wc_InitSha384 +#define tpmHashData_SHA384 wc_Sha384Update +#define tpmHashEnd_SHA384 wc_Sha384Final +#define tpmHashStateCopy_SHA384 memcpy +#define tpmHashStateExport_SHA384 memcpy +#define tpmHashStateImport_SHA384 memcpy +#define tpmHashStart_SHA512 wc_InitSha512 +#define tpmHashData_SHA512 wc_Sha512Update +#define tpmHashEnd_SHA512 wc_Sha512Final +#define tpmHashStateCopy_SHA512 memcpy +#define tpmHashStateExport_SHA512 memcpy +#define tpmHashStateImport_SHA512 memcpy + +#endif // _CRYPT_HASH_C_ + +#define LibHashInit() +// This definition would change if there were something to report +#define HashLibSimulationEnd() + +#endif // HASH_LIB_DEFINED diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfMath.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfMath.h new file mode 100644 index 00000000..18b48b93 --- /dev/null +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfMath.h @@ -0,0 +1,91 @@ +/* Microsoft Reference Implementation for TPM 2.0 + * + * The copyright in this software is being made available under the BSD License, + * included below. This software may be subject to other third party and + * contributor rights, including patent rights, and no such rights are granted + * under this license. + * + * Copyright (c) Microsoft Corporation + * + * All rights reserved. + * + * BSD License + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this list + * of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, this + * list of conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +//** Introduction +// This file contains the structure definitions used for ECC in the LibTomCrypt +// version of the code. These definitions would change, based on the library. +// The ECC-related structures that cross the TPM interface are defined +// in TpmTypes.h +// + +#ifndef MATH_LIB_DEFINED +#define MATH_LIB_DEFINED + +#define MATH_LIB_WOLF + +#if ALG_ECC +#define HAVE_ECC +#endif + +#include +#include + +#define MP_VAR(name) \ + mp_int _##name; \ + mp_int *name = MpInitialize(&_##name); + +// Allocate a mp_int and initialize with the values in a mp_int* initializer +#define MP_INITIALIZED(name, initializer) \ + MP_VAR(name); \ + BnToWolf(name, initializer); + +#define POINT_CREATE(name, initializer) \ + ecc_point *name = EcPointInitialized(initializer); + +#define POINT_DELETE(name) \ + wc_ecc_del_point(name); \ + name = NULL; + +typedef ECC_CURVE_DATA bnCurve_t; + +typedef bnCurve_t *bigCurve; + +#define AccessCurveData(E) (E) + +#define CURVE_INITIALIZED(name, initializer) \ + bnCurve_t *name = (ECC_CURVE_DATA *)GetCurveData(initializer) + +#define CURVE_FREE(E) + +#include "TpmToWolfSupport_fp.h" + +#define WOLF_ENTER() + +#define WOLF_LEAVE() + +// This definition would change if there were something to report +#define MathLibSimulationEnd() + +#endif // MATH_LIB_DEFINED diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfSym.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfSym.h new file mode 100644 index 00000000..e91df2dd --- /dev/null +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/TpmToWolfSym.h @@ -0,0 +1,120 @@ +/* Microsoft Reference Implementation for TPM 2.0 + * + * The copyright in this software is being made available under the BSD License, + * included below. This software may be subject to other third party and + * contributor rights, including patent rights, and no such rights are granted + * under this license. + * + * Copyright (c) Microsoft Corporation + * + * All rights reserved. + * + * BSD License + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this list + * of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, this + * list of conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +//** Introduction +// +// This header file is used to 'splice' the wolfcrypt library into the TPM code. + +#ifndef SYM_LIB_DEFINED +#define SYM_LIB_DEFINED + +#define SYM_LIB_WOLF + +#define SYM_ALIGNMENT RADIX_BYTES + +#include +#include + +//*************************************************************** +//** Links to the wolfCrypt AES code +//*************************************************************** +#if ALG_SM4 +#undef ALG_SM4 +#define ALG_SM4 ALG_NO +//#error "SM4 is not available" +#endif + +#if ALG_CAMELLIA +#undef ALG_CAMELLIA +#define ALG_CAMELLIA ALG_NO +//#error "Camellia is not available" +#endif + +// Define the order of parameters to the library functions that do block encryption +// and decryption. +typedef void(*TpmCryptSetSymKeyCall_t)( + void *keySchedule, + BYTE *out, + const BYTE *in + ); + +// The Crypt functions that call the block encryption function use the parameters +// in the order: +// 1) keySchedule +// 2) in buffer +// 3) out buffer +// Since wolfcrypt uses the order in encryptoCall_t above, need to swizzle the +// values to the order required by the library. +#define SWIZZLE(keySchedule, in, out) \ + (void *)(keySchedule), (BYTE *)(out), (const BYTE *)(in) + +// Macros to set up the encryption/decryption key schedules +// +// AES: +#define TpmCryptSetEncryptKeyAES(key, keySizeInBits, schedule) \ + wc_AesSetKeyDirect((tpmKeyScheduleAES *)(schedule), key, BITS_TO_BYTES(keySizeInBits), 0, AES_ENCRYPTION) +#define TpmCryptSetDecryptKeyAES(key, keySizeInBits, schedule) \ + wc_AesSetKeyDirect((tpmKeyScheduleAES *)(schedule), key, BITS_TO_BYTES(keySizeInBits), 0, AES_DECRYPTION) + +// TDES: +#define TpmCryptSetEncryptKeyTDES(key, keySizeInBits, schedule) \ + TDES_setup_encrypt_key((key), (keySizeInBits), (tpmKeyScheduleTDES *)(schedule)) +#define TpmCryptSetDecryptKeyTDES(key, keySizeInBits, schedule) \ + TDES_setup_decrypt_key((key), (keySizeInBits), (tpmKeyScheduleTDES *)(schedule)) + +// Macros to alias encryption calls to specific algorithms. This should be used +// sparingly. Currently, only used by CryptRand.c +// +// When using these calls, to call the AES block encryption code, the caller +// should use: +// TpmCryptEncryptAES(SWIZZLE(keySchedule, in, out)); +#define TpmCryptEncryptAES wc_AesEncryptDirect +#define TpmCryptDecryptAES wc_AesDecryptDirect +#define tpmKeyScheduleAES Aes + +#define TpmCryptEncryptTDES TDES_encrypt +#define TpmCryptDecryptTDES TDES_decrypt +#define tpmKeyScheduleTDES Des3 + +typedef union tpmCryptKeySchedule_t tpmCryptKeySchedule_t; + +#if ALG_TDES +#include "TpmToWolfDesSupport_fp.h" +#endif + +// This definition would change if there were something to report +#define SymLibSimulationEnd() + +#endif // SYM_LIB_DEFINED diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/user_settings.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/user_settings.h new file mode 100644 index 00000000..de0dfd32 --- /dev/null +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/Wolf/user_settings.h @@ -0,0 +1,108 @@ +/* Microsoft Reference Implementation for TPM 2.0 + * + * The copyright in this software is being made available under the BSD License, + * included below. This software may be subject to other third party and + * contributor rights, including patent rights, and no such rights are granted + * under this license. + * + * Copyright (c) Microsoft Corporation + * + * All rights reserved. + * + * BSD License + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this list + * of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, this + * list of conditions and the following disclaimer in the documentation and/or other + * materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + + +/* TPM specific preprocessor flags for wolfcrypt */ + + +#ifndef WOLF_CRYPT_USER_SETTINGS_H +#define WOLF_CRYPT_USER_SETTINGS_H + +#include + +/* Remove the automatic setting of the default I/O functions EmbedSend() + and EmbedReceive(). */ +#define WOLFSSL_USER_IO + +/* Avoid naming conflicts */ +#define NO_OLD_WC_NAMES + +/* Use stack based fast math for all big integer math */ +#define USE_FAST_MATH +#define TFM_TIMING_RESISTANT + +/* Expose direct encryption functions */ +#define WOLFSSL_AES_DIRECT + +/* Enable/Disable algorithm support based on TPM implementation header */ +#if ALG_SHA256 + #define WOLFSSL_SHA256 +#endif +#if ALG_SHA384 || ALG_SHA512 + #define WOLFSSL_SHA384 + #define WOLFSSL_SHA512 +#endif +#if ALG_TDES + #define WOLFSSL_DES_ECB +#endif +#if ALG_RSA + /* Turn on RSA key generation functionality */ + #define WOLFSSL_KEY_GEN +#endif +#if ALG_ECC || defined(WOLFSSL_LIB) + #define HAVE_ECC + + /* Expose additional ECC primitives */ + #define WOLFSSL_PUBLIC_ECC_ADD_DBL + #define ECC_TIMING_RESISTANT + + /* Enables Shamir calc method */ + #define ECC_SHAMIR + + /* The TPM only needs low level ECC crypto */ + #define NO_ECC_SIGN + #define NO_ECC_VERIFY + #define NO_ECC_SECP + + #undef ECC_BN_P256 + #undef ECC_SM2_P256 + #undef ECC_BN_P638 + #define ECC_BN_P256 NO + #define ECC_SM2_P256 NO + #define ECC_BN_P638 NO + +#endif + +/* Disable explicit RSA. The TPM support for RSA is dependent only on TFM */ +#define NO_RSA +#define NO_RC4 +#define NO_ASN + +/* Enable debug wolf library check */ +//#define LIBRARY_COMPATIBILITY_CHECK + +#define WOLFSSL_ + +#endif // WOLF_CRYPT_USER_SETTINGS_H diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/fTPM.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/fTPM.h index 7b1192ad..6d6b1a0f 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/fTPM.h +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/fTPM.h @@ -36,7 +36,7 @@ #ifndef FTPM_TA_H #define FTPM_TA_H -#include +#include /* This UUID is generated with uuidgen */ #define TA_FTPM_UUID { 0xBC50D971, 0xD4C9, 0x42C4, \ @@ -47,7 +47,7 @@ #define TA_FTPM_EMULATE_PPI (1) // -// These must match values from reference/TPM/include/Implementation.h +// These must match values from reference/TPM/include/TpmProfile.h // #define MAX_COMMAND_SIZE 4096 #define MAX_RESPONSE_SIZE 4096 diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/tpm/sub.mk b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/tpm/sub.mk index ac472b38..68bdfe27 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/tpm/sub.mk +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/tpm/sub.mk @@ -1,4 +1,4 @@ -FTPM_FLAGS = -DGCC -DUSE_WOLFCRYPT -DSIMULATION=NO -DUSE_PLATFORM_EPS -DVTPM +FTPM_FLAGS = -DGCC -DUSE_WOLFCRYPT -DSIMULATION=NO -DVTPM -D_ARM_ FTPM_DEBUG = -DCOMPILER_CHECKS=YES -DfTPMDebug -DRUNTIME_SIZE_CHECKS -DLIBRARY_COMPATIBILITY_CHECK FTPM_RELEASE = -DCOMPILER_CHECKS=NO -DRUNTIME_SIZE_CHECKS=NO -DLIBRARY_COMPATIBILITY_CHECK=NO @@ -8,13 +8,21 @@ FTPM_RELEASE = -DCOMPILER_CHECKS=NO -DRUNTIME_SIZE_CHECKS=NO -DLIBRARY_COMPATIBI # system which makes it brittle. Force including these files here will make sure the correct files are used first. # -FTPM_INCLUDES = -include ./reference/include/VendorString.h -include ./reference/include/Implementation.h +FTPM_INCLUDES = -include ./reference/include/VendorString.h \ + -include ./reference/include/TpmProfile.h \ + -include ./platform/include/Platform.h # # The TPM causes a few warnings when compiled with GCC which are not critical. # -FTPM_WARNING_SUPPRESS = -Wno-cast-align -Wno-switch-default -Wno-suggest-attribute=noreturn -Wno-missing-braces -Wno-sign-compare +FTPM_WARNING_SUPPRESS = -Wno-cast-align \ + -Wno-cast-function-type \ + -Wno-implicit-fallthrough \ + -Wno-missing-braces \ + -Wno-sign-compare \ + -Wno-suggest-attribute=noreturn \ + -Wno-switch-default cflags-y += $(FTPM_FLAGS) $(WOLF_SSL_FLAGS) $(FTPM_INCLUDES) $(FTPM_WARNING_SUPPRESS) @@ -50,205 +58,217 @@ remove_tpm_symlink: fi global-incdirs-y += tpm_symlink/TPMCmd/tpm/include -global-incdirs-y += tpm_symlink/TPMCmd/tpm/include/ltc +global-incdirs-y += tpm_symlink/TPMCmd/tpm/include/Ltc global-incdirs-y += tpm_symlink/TPMCmd/tpm/include/prototypes -global-incdirs-y += tpm_symlink/TPMCmd/tpm/include/wolf +global-incdirs-y += tpm_symlink/TPMCmd/Platform/include # # Generated in WSL using: -# find -name *.c | while read line; do echo XXXX$line; done | sed -e 's/XXXX.\//srcs-y += tpm_symlink/TPMCmd/tpm/src//g' -# This may need to be updated if there are any changes to the reference implementation. -# +# find -name *.c | while read line; do echo XXXX$line; done | \ +# sed -e 's/XXXX.\//srcs-y += tpm_symlink\/TPMCmd\/tpm\/src\//g' +# This may need to be updated if there are any changes to the reference +# implementation. -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECC_Parameters.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECDH_KeyGen.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECDH_ZGen.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/EC_Ephemeral.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/RSA_Decrypt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/RSA_Encrypt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ZGen_2Phase.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/AC_GetCapability.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/AC_Send.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/AC_spt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/Policy_AC_SendSelect.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/X509/X509_ECC.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/X509/X509_RSA.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/X509/TpmASN1.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/X509/X509_spt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/CertifyX509.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/GetCommandAuditDigest.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/GetSessionAuditDigest.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/Attest_spt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/Quote.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/Certify.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/CertifyCreation.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/GetCommandAuditDigest.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/GetSessionAuditDigest.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/GetTime.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Attestation/Quote.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Capability/GetCapability.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Random/GetRandom.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Random/StirRandom.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_WriteLock.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_ReadPublic.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_spt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Increment.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_ChangeAuth.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_UndefineSpaceSpecial.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_SetBits.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Write.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_GlobalWriteLock.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Read.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Extend.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Certify.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_ReadLock.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_DefineSpace.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_UndefineSpace.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/HashSequenceStart.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/SequenceUpdate.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/MAC_Start.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/EventSequenceComplete.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/HMAC_Start.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/SequenceComplete.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Vendor/Vendor_TCG_Test.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Ecdaa/Commit.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Startup/Startup.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Startup/Shutdown.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/FieldUpgrade/FieldUpgradeData.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/FieldUpgrade/FirmwareRead.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/FieldUpgrade/FieldUpgradeStart.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Capability/TestParms.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Capability/GetCapability.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/ClockTimer/ACT_spt.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/ClockTimer/ClockRateAdjust.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/ClockTimer/ACT_SetTimeout.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/ClockTimer/ClockSet.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/ClockTimer/ReadClock.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/CommandAudit/SetCommandCodeAuditStatus.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/ContextLoad.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/ContextSave.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/Context_spt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/EvictControl.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/FlushContext.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/DA/DictionaryAttackLockReset.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/DA/DictionaryAttackParameters.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Duplication/Duplicate.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Duplication/Import.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Duplication/Rewrap.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyAuthorize.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyAuthorizeNV.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyAuthValue.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyCommandCode.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyCounterTimer.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyCpHash.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Session/PolicyRestart.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Session/StartAuthSession.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyDuplicationSelect.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyPCR.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicySecret.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyTicket.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyTemplate.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyNV.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyGetDigest.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyCpHash.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyOR.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/Policy_spt.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyLocality.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyAuthorize.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyAuthorizeNV.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyPassword.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyCounterTimer.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyAuthValue.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicySigned.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyNameHash.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyNV.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyNvWritten.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyOR.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyPassword.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyPCR.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyPhysicalPresence.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicySecret.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicySigned.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyTemplate.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyTicket.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/Policy_spt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Ecdaa/Commit.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/FieldUpgrade/FieldUpgradeData.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/FieldUpgrade/FieldUpgradeStart.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/FieldUpgrade/FirmwareRead.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/EventSequenceComplete.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/HashSequenceStart.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/HMAC_Start.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/MAC_Start.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/SequenceComplete.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/HashHMAC/SequenceUpdate.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/ChangeEPS.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/EA/PolicyCommandCode.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/ChangePPS.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/Clear.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/ClearControl.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/CreatePrimary.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/HierarchyChangeAuth.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/HierarchyControl.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/HierarchyChangeAuth.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/ChangeEPS.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/ClearControl.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/Clear.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/SetPrimaryPolicy.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Misc/PP_Commands.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Misc/SetAlgorithmSet.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Certify.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_ChangeAuth.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_DefineSpace.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Extend.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_GlobalWriteLock.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Increment.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Read.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_ReadLock.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_ReadPublic.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_SetBits.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_spt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_UndefineSpace.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_UndefineSpaceSpecial.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_Write.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/NVStorage/NV_WriteLock.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/ActivateCredential.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/Create.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/CreateLoaded.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Hierarchy/CreatePrimary.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/CommandAudit/SetCommandCodeAuditStatus.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/Object_spt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/ReadPublic.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/Load.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/LoadExternal.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/MakeCredential.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/ObjectChangeAuth.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/Object_spt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/ReadPublic.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/Unseal.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Allocate.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Event.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Extend.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Read.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Reset.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_SetAuthPolicy.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_SetAuthValue.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Random/GetRandom.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Random/StirRandom.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Session/PolicyRestart.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Session/StartAuthSession.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Signature/Sign.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/CreateLoaded.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/ObjectChangeAuth.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/ActivateCredential.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Object/Create.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/AC_GetCapability.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/AC_spt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/AC_Send.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/AttachedComponent/Policy_AC_SendSelect.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Signature/VerifySignature.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Startup/Shutdown.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Startup/Startup.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/EncryptDecrypt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Signature/Sign.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Duplication/Import.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Duplication/Rewrap.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Duplication/Duplicate.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/EncryptDecrypt2.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/EncryptDecrypt_spt.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/Hash.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/HMAC.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/Hash.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/EncryptDecrypt.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Symmetric/MAC.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/ContextSave.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/FlushContext.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/Context_spt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/ContextLoad.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Context/EvictControl.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Reset.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Allocate.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Extend.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_SetAuthValue.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Event.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_SetAuthPolicy.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/PCR/PCR_Read.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/DA/DictionaryAttackParameters.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/DA/DictionaryAttackLockReset.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Misc/PP_Commands.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Misc/SetAlgorithmSet.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Testing/GetTestResult.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Testing/IncrementalSelfTest.c srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Testing/SelfTest.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Vendor/Vendor_TCG_Test.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/AlgorithmTests.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/BnConvert.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/BnMath.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/BnMemory.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptCmac.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptDes.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Testing/IncrementalSelfTest.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECC_Parameters.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/RSA_Encrypt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECDH_ZGen.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECDH_KeyGen.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ZGen_2Phase.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECC_Decrypt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/RSA_Decrypt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/EC_Ephemeral.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/command/Asymmetric/ECC_Encrypt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/DA.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/NvDynamic.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Object.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/PP.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Session.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/NvReserved.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Hierarchy.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Time.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/PCR.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/CommandAudit.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Hash_Start.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Init.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Hash_Data.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Hash_End.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptSmac.c srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptEccData.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptEccKeyExchange.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptEccMain.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptCmac.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/BnMath.c srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptEccSignature.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptHash.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptHashData.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptPrime.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/wolf/TpmToWolfDesSupport.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/wolf/TpmToWolfMath.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/wolf/TpmToWolfSupport.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/AlgorithmTests.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptSelfTest.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/Ticket.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptDes.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/BnMemory.c srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptPrimeSieve.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ossl/TpmToOsslSupport.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ossl/TpmToOsslDesSupport.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ossl/TpmToOsslMath.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptEccKeyExchange.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/BnConvert.c srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptRand.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptRsa.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptSelfTest.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptSmac.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptSym.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptUtil.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ltc/TpmToLtcSupport.c srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ltc/TpmToLtcDesSupport.c srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ltc/TpmToLtcMath.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ltc/TpmToLtcSupport.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ossl/TpmToOsslDesSupport.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ossl/TpmToOsslMath.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/ossl/TpmToOsslSupport.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/PrimeData.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptEccMain.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptSym.c srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/RsaKeyCache.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/Ticket.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/wolf/TpmToWolfDesSupport.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/wolf/TpmToWolfMath.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/wolf/TpmToWolfSupport.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Hash_Data.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Hash_End.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Hash_Start.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/events/_TPM_Init.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/main/CommandDispatcher.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/main/ExecCommand.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/main/SessionProcess.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/CommandAudit.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/DA.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Hierarchy.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/NvDynamic.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/NvReserved.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Object.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/PCR.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/PP.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Session.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/subsystem/Time.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/AlgorithmCap.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Bits.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/CommandCodeAttributes.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Entity.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Global.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Handle.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/IoBuffers.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Locality.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Manufacture.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptUtil.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptEccCrypt.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptRsa.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptPrime.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/PrimeData.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/crypt/CryptHash.c srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Marshal.c srcs-y += tpm_symlink/TPMCmd/tpm/src/support/MathOnByteBuffers.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Memory.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Power.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/TableDrivenMarshal.c srcs-y += tpm_symlink/TPMCmd/tpm/src/support/PropertyCap.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Locality.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/TableMarshalData.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Memory.c srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Response.c srcs-y += tpm_symlink/TPMCmd/tpm/src/support/ResponseCodeProcessing.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Global.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Power.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/AlgorithmCap.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/CommandCodeAttributes.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Entity.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Handle.c srcs-y += tpm_symlink/TPMCmd/tpm/src/support/TpmFail.c -srcs-y += tpm_symlink/TPMCmd/tpm/src/support/TpmSizeChecks.c \ No newline at end of file +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/TpmSizeChecks.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Manufacture.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/IoBuffers.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/support/Bits.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/main/SessionProcess.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/main/CommandDispatcher.c +srcs-y += tpm_symlink/TPMCmd/tpm/src/main/ExecCommand.c diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/wolf/sub.mk b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/wolf/sub.mk index 7eaeb876..0a43f46e 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/wolf/sub.mk +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/lib/wolf/sub.mk @@ -1,5 +1,14 @@ -WOLF_SSL_FLAGS = -DSINGLE_THREADED -DNO_WOLFSSL_CLIENT -DNO_WOLFSSL_SERVER -DOPENSSL_EXTRA -DNO_FILESYSTEM -DWOLFSSL_USER_SETTINGS -DTIME_OVERRIDES -DSTRING_USER -DCTYPE_USER +WOLF_SSL_FLAGS = -DSINGLE_THREADED \ + -DNO_WOLFSSL_CLIENT \ + -DNO_WOLFSSL_SERVER \ + -DOPENSSL_EXTRA \ + -DNO_FILESYSTEM \ + -DWOLFSSL_USER_SETTINGS \ + -DTIME_OVERRIDES \ + -DSTRING_USER \ + -DCTYPE_USER \ + -DCERTIFYX509_DEBUG=NO # # Wolfcrypt has multiple unused functions, unfortunately the OPTEE build system can only turn off compiler flags for @@ -46,4 +55,4 @@ srcs-y += wolf_symlink/wolfcrypt/src/sha512.c srcs-y += wolf_symlink/wolfcrypt/src/tfm.c srcs-y += wolf_symlink/wolfcrypt/src/wolfmath.c srcs-y += wolf_symlink/wolfcrypt/src/des3.c -srcs-y += wolf_symlink/wolfcrypt/src/random.c \ No newline at end of file +srcs-y += wolf_symlink/wolfcrypt/src/random.c diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformACT.c b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformACT.c new file mode 100644 index 00000000..947b4477 --- /dev/null +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformACT.c @@ -0,0 +1,345 @@ +/* Microsoft Reference Implementation for TPM 2.0 + * + * The copyright in this software is being made available under the BSD License, + * included below. This software may be subject to other third party and + * contributor rights, including patent rights, and no such rights are granted + * under this license. + * + * Copyright (c) Microsoft Corporation + * + * All rights reserved. + * + * BSD License + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this list + * of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, this + * list of conditions and the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +//** Includes +#include "Platform.h" + +//** Global variables +#define DEFINE_ACT(N) ACT_DATA ACT_##N; +FOR_EACH_ACT(DEFINE_ACT) + +int actTicksAllowed; + +//** Functions + +//*** ActSignal() +// Function called when there is an ACT event to signal or unsignal +static void +ActSignal( + P_ACT_DATA actData, + int on +) +{ + if(actData == NULL) + return; + // If this is to turn a signal on, don't do anything if it is already on. If this + // is to turn the signal off, do it anyway because this might be for + // initialization. + if(on && (actData->signaled == TRUE)) + return; + actData->signaled = (uint8_t)on; + + // If there is an action, then replace the "Do something" with the correct action. + // It should test 'on' to see if it is turning the signal on or off. + switch(actData->number) + { +#if RH_ACT_0 + case 0: // Do something + return; +#endif +#if RH_ACT_1 + case 1: // Do something + return; +#endif +#if RH_ACT_2 + case 2: // Do something + return; +#endif +#if RH_ACT_3 + case 3: // Do something + return; +#endif +#if RH_ACT_4 + case 4: // Do something + return; +#endif +#if RH_ACT_5 + case 5: // Do something + return; +#endif +#if RH_ACT_6 + case 6: // Do something + return; +#endif +#if RH_ACT_7 + case 7: // Do something + return; +#endif +#if RH_ACT_8 + case 8: // Do something + return; +#endif +#if RH_ACT_9 + case 9: // Do something + return; +#endif +#if RH_ACT_A + case 0xA: // Do something + return; +#endif +#if RH_ACT_B + case 0xB: + // Do something + return; +#endif +#if RH_ACT_C + case 0xC: // Do something + return; +#endif +#if RH_ACT_D + case 0xD: // Do something + return; +#endif +#if RH_ACT_E + case 0xE: // Do something + return; +#endif +#if RH_ACT_F + case 0xF: // Do something + return; +#endif + default: + return; + } +} + +//*** ActGetDataPointer() +static P_ACT_DATA +ActGetDataPointer( + uint32_t act +) +{ + +#define RETURN_ACT_POINTER(N) if(0x##N == act) return &ACT_##N; + + FOR_EACH_ACT(RETURN_ACT_POINTER) + + return (P_ACT_DATA)NULL; +} + +//*** _plat__ACT_GetImplemented() +// This function tests to see if an ACT is implemented. It is a belt and suspenders +// function because the TPM should not be calling to manipulate an ACT that is not +// implemented. However, this could help the simulator code which doesn't necessarily +// know if an ACT is implemented or not. +LIB_EXPORT int +_plat__ACT_GetImplemented( + uint32_t act +) +{ + return (ActGetDataPointer(act) != NULL); +} + +//*** _plat__ACT_GetRemaining() +// This function returns the remaining time. If an update is pending, 'newValue' is +// returned. Otherwise, the current counter value is returned. Note that since the +// timers keep running, the returned value can get stale immediately. The actual count +// value will be no greater than the returned value. +LIB_EXPORT uint32_t +_plat__ACT_GetRemaining( + uint32_t act //IN: the ACT selector +) +{ + P_ACT_DATA actData = ActGetDataPointer(act); + uint32_t remain; +// + if(actData == NULL) + return 0; + remain = actData->remaining; + if(actData->pending) + remain = actData->newValue; + return remain; +} + +//*** _plat__ACT_GetSignaled() +LIB_EXPORT int +_plat__ACT_GetSignaled( + uint32_t act //IN: number of ACT to check +) +{ + P_ACT_DATA actData = ActGetDataPointer(act); +// + if(actData == NULL) + return 0; + return (int )actData->signaled; +} + +//*** _plat__ACT_SetSignaled() +LIB_EXPORT void +_plat__ACT_SetSignaled( + uint32_t act, + int on +) +{ + ActSignal(ActGetDataPointer(act), on); +} + +//*** _plat__ACT_GetPending() +LIB_EXPORT int +_plat__ACT_GetPending( + uint32_t act //IN: number of ACT to check +) +{ + P_ACT_DATA actData = ActGetDataPointer(act); +// + if(actData == NULL) + return 0; + return (int )actData->pending; +} + + +//*** _plat__ACT_UpdateCounter() +// This function is used to write the newValue for the counter. If an update is +// pending, then no update occurs and the function returns FALSE. If 'setSignaled' +// is TRUE, then the ACT signaled state is SET and if 'newValue' is 0, nothing +// is posted. +LIB_EXPORT int +_plat__ACT_UpdateCounter( + uint32_t act, // IN: ACT to update + uint32_t newValue // IN: the value to post +) +{ + P_ACT_DATA actData = ActGetDataPointer(act); + // + if(actData == NULL) + // actData doesn't exist but pretend update is pending rather than indicate + // that a retry is necessary. + return TRUE; + // if an update is pending then return FALSE so that there will be a retry + if(actData->pending != 0) + return FALSE; + actData->newValue = newValue; + actData->pending = TRUE; + + return TRUE; +} + +//***_plat__ACT_EnableTicks() +// This enables and disables the processing of the once-per-second ticks. This should +// be turned off ('enable' = FALSE) by _TPM_Init and turned on ('enable' = TRUE) by +// TPM2_Startup() after all the initializations have completed. +LIB_EXPORT void +_plat__ACT_EnableTicks( + int enable +) +{ + actTicksAllowed = enable; +} + +//*** ActDecrement() +// If 'newValue' is non-zero it is copied to 'remaining' and then 'newValue' is +// set to zero. Then 'remaining' is decremented by one if it is not already zero. If +// the value is decremented to zero, then the associated event is signaled. If setting +// 'remaining' causes it to be greater than 1, then the signal associated with the ACT +// is turned off. +static void +ActDecrement( + P_ACT_DATA actData +) +{ + // Check to see if there is an update pending + if(actData->pending) + { + // If this update will cause the count to go from non-zero to zero, set + // the newValue to 1 so that it will timeout when decremented below. + if((actData->newValue == 0) && (actData->remaining != 0)) + actData->newValue = 1; + actData->remaining = actData->newValue; + + // Update processed + actData->pending = 0; + } + // no update so countdown if the count is non-zero but not max + if((actData->remaining != 0) && (actData->remaining != UINT32_MAX)) + { + // If this countdown causes the count to go to zero, then turn the signal for + // the ACT on. + if((actData->remaining -= 1) == 0) + ActSignal(actData, TRUE); + } + // If the current value of the counter is non-zero, then the signal should be + // off. + if(actData->signaled && (actData->remaining > 0)) + ActSignal(actData, FALSE); +} + +//*** _plat__ACT_Tick() +// This processes the once-per-second clock tick from the hardware. This is set up +// for the simulator to use the control interface to send ticks to the TPM. These +// ticks do not have to be on a per second basis. They can be as slow or as fast as +// desired so that the simulation can be tested. +LIB_EXPORT void +_plat__ACT_Tick( + void +) +{ + // Ticks processing is turned off at certain times just to make sure that nothing + // strange is happening before pointers and things are + if(actTicksAllowed) + { + // Handle the update for each counter. +#define DECREMENT_COUNT(N) ActDecrement(&ACT_##N); + + FOR_EACH_ACT(DECREMENT_COUNT) + } +} + +//*** ActZero() +// This function initializes a single ACT +static void +ActZero( + uint32_t act, + P_ACT_DATA actData +) +{ + actData->remaining = 0; + actData->newValue = 0; + actData->pending = 0; + actData->number = (uint8_t)act; + ActSignal(actData, FALSE); +} + +//***_plat__ACT_Initialize() +// This function initializes the ACT hardware and data structures +LIB_EXPORT int +_plat__ACT_Initialize( + void +) +{ + actTicksAllowed = 0; +#define ZERO_ACT(N) ActZero(0x##N, &ACT_##N); + FOR_EACH_ACT(ZERO_ACT) + + return TRUE; +} diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformData.c b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformData.c index ee2656d6..fbab517b 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformData.c +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/PlatformData.c @@ -37,7 +37,7 @@ // descriptions for these variables are in Global.h for this project. //** Includes -#include "Implementation.h" +#include "TpmProfile.h" #include "PlatformData.h" // From Cancel.c diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Admin.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Admin.h index ffda1aff..84efcaf7 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Admin.h +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Admin.h @@ -45,7 +45,7 @@ #include #include #include "swap.h" -#include "Implementation.h" +#include "TpmProfile.h" #include "TpmSal.h" #include "TpmError.h" diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform.h new file mode 100644 index 00000000..d4aa9fcd --- /dev/null +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform.h @@ -0,0 +1,52 @@ +/* Microsoft Reference Implementation for TPM 2.0 + * + * The copyright in this software is being made available under the BSD License, + * included below. This software may be subject to other third party and + * contributor rights, including patent rights, and no such rights are granted + * under this license. + * + * Copyright (c) Microsoft Corporation + * + * All rights reserved. + * + * BSD License + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this list + * of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, this + * list of conditions and the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _PLATFORM_H_ +#define _PLATFORM_H_ + +#include "TpmBuildSwitches.h" +#include "BaseTypes.h" +#include "TPMB.h" +#include "MinMax.h" + +#include "TpmProfile.h" + +#include "PlatformACT.h" +#include "PlatformClock.h" +#include "PlatformData.h" +#include "Platform_fp.h" + + +#endif // _PLATFORM_H_ diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/PlatformData.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/PlatformData.h index aa06c9a3..c077c38c 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/PlatformData.h +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/PlatformData.h @@ -39,7 +39,7 @@ #define _PLATFORM_DATA_H_ -#include "Implementation.h" +#include "TpmProfile.h" // From Cancel.c // Cancel flag. It is initialized as FALSE, which indicate the command is not diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform_fp.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform_fp.h index 011a441b..3a18e757 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform_fp.h +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/platform/include/Platform_fp.h @@ -45,7 +45,7 @@ LIB_EXPORT void _plat__GetEPS(UINT16 Size, uint8_t *EndorsementSeed); -//** From Cancel.c +//** From Cancel.c //***_plat__IsCanceled() // Check if the cancel flag is set @@ -71,7 +71,7 @@ _plat__ClearCancel( ); -//** From Clock.c +//** From Clock.c //***_plat__TimerReset() // This function sets current system clock time as t0 for counting TPM time. @@ -150,7 +150,7 @@ _plat__ClockAdjustRate( ); -//** From Entropy.c +//** From Entropy.c //** _plat__GetEntropy() // This function is used to get available hardware entropy. In a hardware @@ -167,7 +167,7 @@ _plat__GetEntropy( ); -//** From LocalityPlat.c +//** From LocalityPlat.c //***_plat__LocalityGet() // Get the most recent command locality in locality value form. @@ -186,7 +186,7 @@ _plat__LocalitySet( ); -//** From NVMem.c +//** From NVMem.c //*** _plat__NvErrors() // This function is used by the simulator to set the error flags in the NV @@ -264,7 +264,7 @@ _plat__NvIsDifferent( // NOTE: A useful optimization would be for this code to compare the current // contents of NV with the local copy and note the blocks that have changed. Then // only write those blocks when _plat__NvCommit() is called. -LIB_EXPORT void +LIB_EXPORT int _plat__NvMemoryWrite( unsigned int startOffset, // IN: write start unsigned int size, // IN: size of bytes to write @@ -319,7 +319,7 @@ _plat__ClearNvAvail( ); -//** From PowerPlat.c +//** From PowerPlat.c //***_plat__Signal_PowerOn() // Signal platform power on @@ -360,7 +360,7 @@ _plat__Signal_PowerOff( ); -//** From PPPlat.c +//** From PPPlat.c //***_plat__PhysicalPresenceAsserted() // Check if physical presence is signaled @@ -387,7 +387,67 @@ _plat__Signal_PhysicalPresenceOff( ); -//** From RunCommand.c +//*** _plat__ACT_UpdateCounter() +// This function is used to write the newValue for the counter. If an update is +// pending, then no update occurs and the function returns FALSE. If 'setSignaled' +// is TRUE, then the ACT signaled state is SET and if 'newValue' is 0, nothing +// is posted. +LIB_EXPORT int +_plat__ACT_UpdateCounter( + uint32_t act, // IN: ACT to update + uint32_t newValue // IN: the value to post +); + +//*** _plat__ACT_SetSignaled() +LIB_EXPORT void +_plat__ACT_SetSignaled( + uint32_t act, + int on +); + +//***_plat__ACT_Initialize() +// This function initializes the ACT hardware and data structures +LIB_EXPORT int +_plat__ACT_Initialize( + void +); + +//***_plat__ACT_EnableTicks() +// This enables and disables the processing of the once-per-second ticks. This should +// be turned off ('enable' = FALSE) by _TPM_Init and turned on ('enable' = TRUE) by +// TPM2_Startup() after all the initializations have completed. +LIB_EXPORT void +_plat__ACT_EnableTicks( + int enable +); + +//*** _plat__ACT_GetRemaining() +// This function returns the remaining time. If an update is pending, 'newValue' is +// returned. Otherwise, the current counter value is returned. Note that since the +// timers keep running, the returned value can get stale immediately. The actual count +// value will be no greater than the returned value. +LIB_EXPORT uint32_t +_plat__ACT_GetRemaining( + uint32_t act //IN: the ACT selector +); + +//*** _plat__ACT_GetSignaled() +LIB_EXPORT int +_plat__ACT_GetSignaled( + uint32_t act //IN: number of ACT to check +); + +//*** _plat__ACT_GetImplemented() +// This function tests to see if an ACT is implemented. It is a belt and suspenders +// function because the TPM should not be calling to manipulate an ACT that is not +// implemented. However, this could help the simulator code which doesn't necessarily +// know if an ACT is implemented or not. +LIB_EXPORT int +_plat__ACT_GetImplemented( + uint32_t act +); + +//** From RunCommand.c //***_plat__RunCommand() // This version of RunCommand will set up a jum_buf and call ExecuteCommand(). If @@ -412,7 +472,7 @@ _plat__Fail( ); -//** From Unique.c +//** From Unique.c //** _plat__GetUnique() // This function is used to access the platform-specific unique value. diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/RuntimeSupport.c b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/RuntimeSupport.c index a2d1cfa4..3a9107ca 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/RuntimeSupport.c +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/RuntimeSupport.c @@ -33,7 +33,7 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#include +#include /** * Implementation of tolower() commonly found in ctype.h diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/Implementation.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/Implementation.h deleted file mode 100644 index 58861fde..00000000 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/Implementation.h +++ /dev/null @@ -1,1179 +0,0 @@ -/* Microsoft Reference Implementation for TPM 2.0 - * - * The copyright in this software is being made available under the BSD License, - * included below. This software may be subject to other third party and - * contributor rights, including patent rights, and no such rights are granted - * under this license. - * - * Copyright (c) Microsoft Corporation - * - * All rights reserved. - * - * BSD License - * - * Redistribution and use in source and binary forms, with or without modification, - * are permitted provided that the following conditions are met: - * - * Redistributions of source code must retain the above copyright notice, this list - * of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above copyright notice, this - * list of conditions and the following disclaimer in the documentation and/or - * other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR - * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON - * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS - * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _IMPLEMENTATION_H_ -#define _IMPLEMENTATION_H_ - -#include "RuntimeSupport.h" - -#include -#include -#include - -#undef TRUE -#undef FALSE - -#undef MAX -#define MAX(a, b) ((a) > (b) ? (a) : (b)) - -#undef MIN -#define MIN(a, b) ((a) < (b) ? (a) : (b)) - -// Table 2:3 - Definition of Base Types -// Base Types are in BaseTypes.h - -// Table 2:4 - Defines for Logic Values -#define TRUE 1 -#define FALSE 0 -#define YES 1 -#define NO 0 -#define SET 1 -#define CLEAR 0 - -// Table 0:1 - Defines for Processor Values -#ifndef BIG_ENDIAN_TPM -#define BIG_ENDIAN_TPM NO -#endif // BIG_ENDIAN_TPM -#define LITTLE_ENDIAN_TPM !BIG_ENDIAN_TPM -#ifndef MOST_SIGNIFICANT_BIT_0 -#define MOST_SIGNIFICANT_BIT_0 NO -#endif // MOST_SIGNIFICANT_BIT_0 -#define LEAST_SIGNIFICANT_BIT_0 !MOST_SIGNIFICANT_BIT_0 -#ifndef AUTO_ALIGN -#define AUTO_ALIGN NO -#endif // AUTO_ALIGN - -// Table 0:3 - Defines for Key Size Constants -#define RSA_KEY_SIZES_BITS {1024,2048} -#define RSA_KEY_SIZE_BITS_1024 RSA_ALLOWED_KEY_SIZE_1024 -#define RSA_KEY_SIZE_BITS_2048 RSA_ALLOWED_KEY_SIZE_2048 -#define MAX_RSA_KEY_BITS 2048 -#define MAX_RSA_KEY_BYTES 256 - -#define TDES_KEY_SIZES_BITS {128,192} -#define TDES_KEY_SIZE_BITS_128 TDES_ALLOWED_KEY_SIZE_128 -#define TDES_KEY_SIZE_BITS_192 TDES_ALLOWED_KEY_SIZE_192 -#define MAX_TDES_KEY_BITS 192 -#define MAX_TDES_KEY_BYTES 24 -#define MAX_TDES_BLOCK_SIZE_BYTES \ - MAX(TDES_128_BLOCK_SIZE_BYTES, MAX(TDES_192_BLOCK_SIZE_BYTES, 0)) - -#define AES_KEY_SIZES_BITS {128,256} -#define AES_KEY_SIZE_BITS_128 AES_ALLOWED_KEY_SIZE_128 -#define AES_KEY_SIZE_BITS_256 AES_ALLOWED_KEY_SIZE_256 -#define MAX_AES_KEY_BITS 256 -#define MAX_AES_KEY_BYTES 32 -#define MAX_AES_BLOCK_SIZE_BYTES \ - MAX(AES_128_BLOCK_SIZE_BYTES, MAX(AES_256_BLOCK_SIZE_BYTES, 0)) - -#define SM4_KEY_SIZES_BITS {128} -#define SM4_KEY_SIZE_BITS_128 SM4_ALLOWED_KEY_SIZE_128 -#define MAX_SM4_KEY_BITS 128 -#define MAX_SM4_KEY_BYTES 16 -#define MAX_SM4_BLOCK_SIZE_BYTES MAX(SM4_128_BLOCK_SIZE_BYTES, 0) - -#define CAMELLIA_KEY_SIZES_BITS {128} -#define CAMELLIA_KEY_SIZE_BITS_128 CAMELLIA_ALLOWED_KEY_SIZE_128 -#define MAX_CAMELLIA_KEY_BITS 128 -#define MAX_CAMELLIA_KEY_BYTES 16 -#define MAX_CAMELLIA_BLOCK_SIZE_BYTES MAX(CAMELLIA_128_BLOCK_SIZE_BYTES, 0) - -// Table 0:4 - Defines for Implemented Curves -#define ECC_NIST_P192 NO -#define ECC_NIST_P224 NO -#define ECC_NIST_P256 YES -#define ECC_NIST_P384 YES -#define ECC_NIST_P521 YES -#ifdef USE_WOLFCRYPT -#define ECC_BN_P256 NO -#define ECC_SM2_P256 NO -#else -#define ECC_BN_P256 YES -#define ECC_SM2_P256 YES -#endif -#define ECC_BN_P638 NO -#define ECC_CURVES \ - {TPM_ECC_BN_P256, TPM_ECC_BN_P638, TPM_ECC_NIST_P192, \ - TPM_ECC_NIST_P224, TPM_ECC_NIST_P256, TPM_ECC_NIST_P384, \ - TPM_ECC_NIST_P521, TPM_ECC_SM2_P256} -#define ECC_CURVE_COUNT \ - (ECC_BN_P256 + ECC_BN_P638 + ECC_NIST_P192 + ECC_NIST_P224 + \ - ECC_NIST_P256 + ECC_NIST_P384 + ECC_NIST_P521 + ECC_SM2_P256) -#define MAX_ECC_KEY_BITS \ - MAX(ECC_BN_P256 * 256, MAX(ECC_BN_P638 * 638, \ - MAX(ECC_NIST_P192 * 192, MAX(ECC_NIST_P224 * 224, \ - MAX(ECC_NIST_P256 * 256, MAX(ECC_NIST_P384 * 384, \ - MAX(ECC_NIST_P521 * 521, MAX(ECC_SM2_P256 * 256, \ - 0)))))))) -#define MAX_ECC_KEY_BYTES BITS_TO_BYTES(MAX_ECC_KEY_BITS) - -// Table 0:6 - Defines for PLATFORM Values -#define PLATFORM_FAMILY TPM_SPEC_FAMILY -#define PLATFORM_LEVEL TPM_SPEC_LEVEL -#define PLATFORM_VERSION TPM_SPEC_VERSION -#define PLATFORM_YEAR TPM_SPEC_YEAR -#define PLATFORM_DAY_OF_YEAR TPM_SPEC_DAY_OF_YEAR - -// Table 0:7 - Defines for Implementation Values -#define FIELD_UPGRADE_IMPLEMENTED NO -#define RADIX_BITS 32 -#define HASH_ALIGNMENT 4 -#define SYMMETRIC_ALIGNMENT 4 -#ifdef USE_WOLFCRYPT -#define HASH_LIB WOLF -#define SYM_LIB WOLF -#define MATH_LIB WOLF -#else -#define HASH_LIB OSSL -#define SYM_LIB OSSL -#define MATH_LIB OSSL -#endif -#define BSIZE UINT16 -#define IMPLEMENTATION_PCR 24 -#define PLATFORM_PCR 24 -#define DRTM_PCR 17 -#define HCRTM_PCR 0 -#define NUM_LOCALITIES 5 -#define MAX_HANDLE_NUM 3 -#define MAX_ACTIVE_SESSIONS 64 -#define CONTEXT_SLOT UINT16 -#define CONTEXT_COUNTER UINT64 -#define MAX_LOADED_SESSIONS 3 -#define MAX_SESSION_NUM 3 -#define MAX_LOADED_OBJECTS 3 -#define MIN_EVICT_OBJECTS 2 -#define NUM_POLICY_PCR_GROUP 1 -#define NUM_AUTHVALUE_PCR_GROUP 1 -#define MAX_CONTEXT_SIZE 2474 -#define MAX_DIGEST_BUFFER 1024 -#define MAX_NV_INDEX_SIZE 2048 -#define MAX_NV_BUFFER_SIZE 1024 -#define MAX_CAP_BUFFER 1024 -#define NV_MEMORY_SIZE 16384 -#define MIN_COUNTER_INDICES 8 -#define NUM_STATIC_PCR 16 -#define MAX_ALG_LIST_SIZE 64 -#define PRIMARY_SEED_SIZE 32 -#define CONTEXT_ENCRYPT_ALGORITHM AES -#define NV_CLOCK_UPDATE_INTERVAL 12 -#define NUM_POLICY_PCR 1 -#define MAX_COMMAND_SIZE 4096 -#define MAX_RESPONSE_SIZE 4096 -#define ORDERLY_BITS 8 -#define MAX_SYM_DATA 128 -#define MAX_RNG_ENTROPY_SIZE 64 -#define RAM_INDEX_SPACE 512 -#define RSA_DEFAULT_PUBLIC_EXPONENT 0x00010001 -#define ENABLE_PCR_NO_INCREMENT YES -#define CRT_FORMAT_RSA YES -#define VENDOR_COMMAND_COUNT 0 -#define MAX_VENDOR_BUFFER_SIZE 1024 -#define TPM_MAX_DERIVATION_BITS 8192 - -// Table 0:2 - Defines for Implemented Algorithms -#define ALG_AES ALG_YES -#define ALG_CAMELLIA ALG_NO /* Not specified by vendor */ -#define ALG_CBC ALG_YES -#define ALG_CFB ALG_YES -#define ALG_CMAC ALG_YES -#define ALG_CTR ALG_YES -#define ALG_ECB ALG_YES -#define ALG_ECC ALG_YES -#define ALG_ECDAA (ALG_YES && ALG_ECC) -#define ALG_ECDH (ALG_YES && ALG_ECC) -#define ALG_ECDSA (ALG_YES && ALG_ECC) -#define ALG_ECMQV (ALG_NO && ALG_ECC) -#define ALG_ECSCHNORR (ALG_YES && ALG_ECC) -#define ALG_HMAC ALG_YES -#define ALG_KDF1_SP800_108 ALG_YES -#define ALG_KDF1_SP800_56A (ALG_YES && ALG_ECC) -#define ALG_KDF2 ALG_NO -#define ALG_KEYEDHASH ALG_YES -#define ALG_MGF1 ALG_YES -#define ALG_OAEP (ALG_YES && ALG_RSA) -#define ALG_OFB ALG_YES -#define ALG_RSA ALG_YES -#define ALG_RSAES (ALG_YES && ALG_RSA) -#define ALG_RSAPSS (ALG_YES && ALG_RSA) -#define ALG_RSASSA (ALG_YES && ALG_RSA) -#define ALG_SHA ALG_NO /* Not specified by vendor */ -#define ALG_SHA1 ALG_YES -#define ALG_SHA256 ALG_YES -#define ALG_SHA384 ALG_YES -#define ALG_SHA512 ALG_YES -#define ALG_SM2 (ALG_NO && ALG_ECC) -#define ALG_SM3_256 ALG_NO -#define ALG_SM4 ALG_NO -#define ALG_SYMCIPHER ALG_YES -#define ALG_TDES ALG_NO -#define ALG_XOR ALG_YES - -// Table 1:2 - Definition of TPM_ALG_ID Constants -typedef UINT16 TPM_ALG_ID; -#define ALG_ERROR_VALUE 0x0000 -#define TPM_ALG_ERROR (TPM_ALG_ID)(ALG_ERROR_VALUE) -#define ALG_RSA_VALUE 0x0001 -#if ALG_RSA -#define TPM_ALG_RSA (TPM_ALG_ID)(ALG_RSA_VALUE) -#endif // ALG_RSA -#define ALG_TDES_VALUE 0x0003 -#if ALG_TDES -#define TPM_ALG_TDES (TPM_ALG_ID)(ALG_TDES_VALUE) -#endif // ALG_TDES -#define ALG_SHA_VALUE 0x0004 -#if ALG_SHA -#define TPM_ALG_SHA (TPM_ALG_ID)(ALG_SHA_VALUE) -#endif // ALG_SHA -#define ALG_SHA1_VALUE 0x0004 -#if ALG_SHA1 -#define TPM_ALG_SHA1 (TPM_ALG_ID)(ALG_SHA1_VALUE) -#endif // ALG_SHA1 -#define ALG_HMAC_VALUE 0x0005 -#if ALG_HMAC -#define TPM_ALG_HMAC (TPM_ALG_ID)(ALG_HMAC_VALUE) -#endif // ALG_HMAC -#define ALG_AES_VALUE 0x0006 -#if ALG_AES -#define TPM_ALG_AES (TPM_ALG_ID)(ALG_AES_VALUE) -#endif // ALG_AES -#define ALG_MGF1_VALUE 0x0007 -#if ALG_MGF1 -#define TPM_ALG_MGF1 (TPM_ALG_ID)(ALG_MGF1_VALUE) -#endif // ALG_MGF1 -#define ALG_KEYEDHASH_VALUE 0x0008 -#if ALG_KEYEDHASH -#define TPM_ALG_KEYEDHASH (TPM_ALG_ID)(ALG_KEYEDHASH_VALUE) -#endif // ALG_KEYEDHASH -#define ALG_XOR_VALUE 0x000A -#if ALG_XOR -#define TPM_ALG_XOR (TPM_ALG_ID)(ALG_XOR_VALUE) -#endif // ALG_XOR -#define ALG_SHA256_VALUE 0x000B -#if ALG_SHA256 -#define TPM_ALG_SHA256 (TPM_ALG_ID)(ALG_SHA256_VALUE) -#endif // ALG_SHA256 -#define ALG_SHA384_VALUE 0x000C -#if ALG_SHA384 -#define TPM_ALG_SHA384 (TPM_ALG_ID)(ALG_SHA384_VALUE) -#endif // ALG_SHA384 -#define ALG_SHA512_VALUE 0x000D -#if ALG_SHA512 -#define TPM_ALG_SHA512 (TPM_ALG_ID)(ALG_SHA512_VALUE) -#endif // ALG_SHA512 -#define ALG_NULL_VALUE 0x0010 -#define TPM_ALG_NULL (TPM_ALG_ID)(ALG_NULL_VALUE) -#define ALG_SM3_256_VALUE 0x0012 -#if ALG_SM3_256 -#define TPM_ALG_SM3_256 (TPM_ALG_ID)(ALG_SM3_256_VALUE) -#endif // ALG_SM3_256 -#define ALG_SM4_VALUE 0x0013 -#if ALG_SM4 -#define TPM_ALG_SM4 (TPM_ALG_ID)(ALG_SM4_VALUE) -#endif // ALG_SM4 -#define ALG_RSASSA_VALUE 0x0014 -#if ALG_RSASSA -#define TPM_ALG_RSASSA (TPM_ALG_ID)(ALG_RSASSA_VALUE) -#endif // ALG_RSASSA -#define ALG_RSAES_VALUE 0x0015 -#if ALG_RSAES -#define TPM_ALG_RSAES (TPM_ALG_ID)(ALG_RSAES_VALUE) -#endif // ALG_RSAES -#define ALG_RSAPSS_VALUE 0x0016 -#if ALG_RSAPSS -#define TPM_ALG_RSAPSS (TPM_ALG_ID)(ALG_RSAPSS_VALUE) -#endif // ALG_RSAPSS -#define ALG_OAEP_VALUE 0x0017 -#if ALG_OAEP -#define TPM_ALG_OAEP (TPM_ALG_ID)(ALG_OAEP_VALUE) -#endif // ALG_OAEP -#define ALG_ECDSA_VALUE 0x0018 -#if ALG_ECDSA -#define TPM_ALG_ECDSA (TPM_ALG_ID)(ALG_ECDSA_VALUE) -#endif // ALG_ECDSA -#define ALG_ECDH_VALUE 0x0019 -#if ALG_ECDH -#define TPM_ALG_ECDH (TPM_ALG_ID)(ALG_ECDH_VALUE) -#endif // ALG_ECDH -#define ALG_ECDAA_VALUE 0x001A -#if ALG_ECDAA -#define TPM_ALG_ECDAA (TPM_ALG_ID)(ALG_ECDAA_VALUE) -#endif // ALG_ECDAA -#define ALG_SM2_VALUE 0x001B -#if ALG_SM2 -#define TPM_ALG_SM2 (TPM_ALG_ID)(ALG_SM2_VALUE) -#endif // ALG_SM2 -#define ALG_ECSCHNORR_VALUE 0x001C -#if ALG_ECSCHNORR -#define TPM_ALG_ECSCHNORR (TPM_ALG_ID)(ALG_ECSCHNORR_VALUE) -#endif // ALG_ECSCHNORR -#define ALG_ECMQV_VALUE 0x001D -#if ALG_ECMQV -#define TPM_ALG_ECMQV (TPM_ALG_ID)(ALG_ECMQV_VALUE) -#endif // ALG_ECMQV -#define ALG_KDF1_SP800_56A_VALUE 0x0020 -#if ALG_KDF1_SP800_56A -#define TPM_ALG_KDF1_SP800_56A (TPM_ALG_ID)(ALG_KDF1_SP800_56A_VALUE) -#endif // ALG_KDF1_SP800_56A -#define ALG_KDF2_VALUE 0x0021 -#if ALG_KDF2 -#define TPM_ALG_KDF2 (TPM_ALG_ID)(ALG_KDF2_VALUE) -#endif // ALG_KDF2 -#define ALG_KDF1_SP800_108_VALUE 0x0022 -#if ALG_KDF1_SP800_108 -#define TPM_ALG_KDF1_SP800_108 (TPM_ALG_ID)(ALG_KDF1_SP800_108_VALUE) -#endif // ALG_KDF1_SP800_108 -#define ALG_ECC_VALUE 0x0023 -#if ALG_ECC -#define TPM_ALG_ECC (TPM_ALG_ID)(ALG_ECC_VALUE) -#endif // ALG_ECC -#define ALG_SYMCIPHER_VALUE 0x0025 -#if ALG_SYMCIPHER -#define TPM_ALG_SYMCIPHER (TPM_ALG_ID)(ALG_SYMCIPHER_VALUE) -#endif // ALG_SYMCIPHER -#define ALG_CAMELLIA_VALUE 0x0026 -#if ALG_CAMELLIA -#define TPM_ALG_CAMELLIA (TPM_ALG_ID)(ALG_CAMELLIA_VALUE) -#endif // ALG_CAMELLIA -#define ALG_CMAC_VALUE 0x003F -#if ALG_CMAC -#define TPM_ALG_CMAC (TPM_ALG_ID)(ALG_CMAC_VALUE) -#endif // ALG_CMAC -#define ALG_CTR_VALUE 0x0040 -#if ALG_CTR -#define TPM_ALG_CTR (TPM_ALG_ID)(ALG_CTR_VALUE) -#endif // ALG_CTR -#define ALG_OFB_VALUE 0x0041 -#if ALG_OFB -#define TPM_ALG_OFB (TPM_ALG_ID)(ALG_OFB_VALUE) -#endif // ALG_OFB -#define ALG_CBC_VALUE 0x0042 -#if ALG_CBC -#define TPM_ALG_CBC (TPM_ALG_ID)(ALG_CBC_VALUE) -#endif // ALG_CBC -#define ALG_CFB_VALUE 0x0043 -#if ALG_CFB -#define TPM_ALG_CFB (TPM_ALG_ID)(ALG_CFB_VALUE) -#endif // ALG_CFB -#define ALG_ECB_VALUE 0x0044 -#if ALG_ECB -#define TPM_ALG_ECB (TPM_ALG_ID)(ALG_ECB_VALUE) -#endif // ALG_ECB -// Values derived from Table 1:2 -#define ALG_FIRST_VALUE 0x0001 -#define TPM_ALG_FIRST (TPM_ALG_ID)(ALG_FIRST_VALUE) -#define ALG_LAST_VALUE 0x0044 -#define TPM_ALG_LAST (TPM_ALG_ID)(ALG_LAST_VALUE) - -// Table 1:3 - Definition of TPM_ECC_CURVE Constants -typedef UINT16 TPM_ECC_CURVE; -#define TPM_ECC_NONE (TPM_ECC_CURVE)(0x0000) -#define TPM_ECC_NIST_P192 (TPM_ECC_CURVE)(0x0001) -#define TPM_ECC_NIST_P224 (TPM_ECC_CURVE)(0x0002) -#define TPM_ECC_NIST_P256 (TPM_ECC_CURVE)(0x0003) -#define TPM_ECC_NIST_P384 (TPM_ECC_CURVE)(0x0004) -#define TPM_ECC_NIST_P521 (TPM_ECC_CURVE)(0x0005) -#define TPM_ECC_BN_P256 (TPM_ECC_CURVE)(0x0010) -#define TPM_ECC_BN_P638 (TPM_ECC_CURVE)(0x0011) -#define TPM_ECC_SM2_P256 (TPM_ECC_CURVE)(0x0020) - -// Table 1:12 - Defines for SHA1 Hash Values -#define SHA1_DIGEST_SIZE 20 -#define SHA1_BLOCK_SIZE 64 -#define SHA1_DER_SIZE 15 -#define SHA1_DER \ - 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2B, 0x0E, \ - 0x03, 0x02, 0x1A, 0x05, 0x00, 0x04, 0x14 - -// Table 1:13 - Defines for SHA256 Hash Values -#define SHA256_DIGEST_SIZE 32 -#define SHA256_BLOCK_SIZE 64 -#define SHA256_DER_SIZE 19 -#define SHA256_DER \ - 0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, \ - 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, \ - 0x00, 0x04, 0x20 - -// Table 1:14 - Defines for SHA384 Hash Values -#define SHA384_DIGEST_SIZE 48 -#define SHA384_BLOCK_SIZE 128 -#define SHA384_DER_SIZE 19 -#define SHA384_DER \ - 0x30, 0x41, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, \ - 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, \ - 0x00, 0x04, 0x30 - -// Table 1:15 - Defines for SHA512 Hash Values -#define SHA512_DIGEST_SIZE 64 -#define SHA512_BLOCK_SIZE 128 -#define SHA512_DER_SIZE 19 -#define SHA512_DER \ - 0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, \ - 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, \ - 0x00, 0x04, 0x40 - -// Table 1:16 - Defines for SM3_256 Hash Values -#define SM3_256_DIGEST_SIZE 32 -#define SM3_256_BLOCK_SIZE 64 -#define SM3_256_DER_SIZE 18 -#define SM3_256_DER \ - 0x30, 0x30, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x81, \ - 0x1C, 0x81, 0x45, 0x01, 0x83, 0x11, 0x05, 0x00, \ - 0x04, 0x20 - -// Table 1:17 - Defines for AES Symmetric Cipher Algorithm Constants -#define AES_ALLOWED_KEY_SIZE_128 YES -#define AES_ALLOWED_KEY_SIZE_192 YES -#define AES_ALLOWED_KEY_SIZE_256 YES -#define AES_128_BLOCK_SIZE_BYTES 16 -#define AES_192_BLOCK_SIZE_BYTES 16 -#define AES_256_BLOCK_SIZE_BYTES 16 - -// Table 1:18 - Defines for SM4 Symmetric Cipher Algorithm Constants -#define SM4_ALLOWED_KEY_SIZE_128 YES -#define SM4_128_BLOCK_SIZE_BYTES 16 - -// Table 1:19 - Defines for CAMELLIA Symmetric Cipher Algorithm Constants -#define CAMELLIA_ALLOWED_KEY_SIZE_128 YES -#define CAMELLIA_ALLOWED_KEY_SIZE_192 YES -#define CAMELLIA_ALLOWED_KEY_SIZE_256 YES -#define CAMELLIA_128_BLOCK_SIZE_BYTES 16 -#define CAMELLIA_192_BLOCK_SIZE_BYTES 16 -#define CAMELLIA_256_BLOCK_SIZE_BYTES 16 - -// Table 1:17 - Defines for TDES Symmetric Cipher Algorithm Constants -#define TDES_ALLOWED_KEY_SIZE_128 YES -#define TDES_ALLOWED_KEY_SIZE_192 YES -#define TDES_128_BLOCK_SIZE_BYTES 8 -#define TDES_192_BLOCK_SIZE_BYTES 8 - -// Table 0:5 - Defines for Implemented Commands -#define CC_AC_GetCapability CC_YES -#define CC_AC_Send CC_YES -#define CC_ActivateCredential CC_YES -#define CC_Certify CC_YES -#define CC_CertifyCreation CC_YES -#define CC_ChangeEPS CC_YES -#define CC_ChangePPS CC_YES -#define CC_Clear CC_YES -#define CC_ClearControl CC_YES -#define CC_ClockRateAdjust CC_YES -#define CC_ClockSet CC_YES -#define CC_Commit (CC_YES && ALG_ECC) -#define CC_ContextLoad CC_YES -#define CC_ContextSave CC_YES -#define CC_Create CC_YES -#define CC_CreateLoaded CC_YES -#define CC_CreatePrimary CC_YES -#define CC_DictionaryAttackLockReset CC_YES -#define CC_DictionaryAttackParameters CC_YES -#define CC_Duplicate CC_YES -#define CC_ECC_Parameters (CC_YES && ALG_ECC) -#define CC_ECDH_KeyGen (CC_YES && ALG_ECC) -#define CC_ECDH_ZGen (CC_YES && ALG_ECC) -#define CC_EC_Ephemeral (CC_YES && ALG_ECC) -#define CC_EncryptDecrypt CC_YES -#define CC_EncryptDecrypt2 CC_YES -#define CC_EventSequenceComplete CC_YES -#define CC_EvictControl CC_YES -#define CC_FieldUpgradeData CC_NO -#define CC_FieldUpgradeStart CC_NO -#define CC_FirmwareRead CC_NO -#define CC_FlushContext CC_YES -#define CC_GetCapability CC_YES -#define CC_GetCommandAuditDigest CC_YES -#define CC_GetRandom CC_YES -#define CC_GetSessionAuditDigest CC_YES -#define CC_GetTestResult CC_YES -#define CC_GetTime CC_YES -#define CC_HMAC (CC_YES && !ALG_CMAC) -#define CC_HMAC_Start (CC_YES && !ALG_CMAC) -#define CC_Hash CC_YES -#define CC_HashSequenceStart CC_YES -#define CC_HierarchyChangeAuth CC_YES -#define CC_HierarchyControl CC_YES -#define CC_Import CC_YES -#define CC_IncrementalSelfTest CC_YES -#define CC_Load CC_YES -#define CC_LoadExternal CC_YES -#define CC_MAC (CC_YES && ALG_CMAC) -#define CC_MAC_Start (CC_YES && ALG_CMAC) -#define CC_MakeCredential CC_YES -#define CC_NV_Certify CC_YES -#define CC_NV_ChangeAuth CC_YES -#define CC_NV_DefineSpace CC_YES -#define CC_NV_Extend CC_YES -#define CC_NV_GlobalWriteLock CC_YES -#define CC_NV_Increment CC_YES -#define CC_NV_Read CC_YES -#define CC_NV_ReadLock CC_YES -#define CC_NV_ReadPublic CC_YES -#define CC_NV_SetBits CC_YES -#define CC_NV_UndefineSpace CC_YES -#define CC_NV_UndefineSpaceSpecial CC_YES -#define CC_NV_Write CC_YES -#define CC_NV_WriteLock CC_YES -#define CC_ObjectChangeAuth CC_YES -#define CC_PCR_Allocate CC_YES -#define CC_PCR_Event CC_YES -#define CC_PCR_Extend CC_YES -#define CC_PCR_Read CC_YES -#define CC_PCR_Reset CC_YES -#define CC_PCR_SetAuthPolicy CC_YES -#define CC_PCR_SetAuthValue CC_YES -#define CC_PP_Commands CC_YES -#define CC_PolicyAuthValue CC_YES -#define CC_PolicyAuthorize CC_YES -#define CC_PolicyAuthorizeNV CC_YES -#define CC_PolicyCommandCode CC_YES -#define CC_PolicyCounterTimer CC_YES -#define CC_PolicyCpHash CC_YES -#define CC_PolicyDuplicationSelect CC_YES -#define CC_PolicyGetDigest CC_YES -#define CC_PolicyLocality CC_YES -#define CC_PolicyNV CC_YES -#define CC_PolicyNameHash CC_YES -#define CC_PolicyNvWritten CC_YES -#define CC_PolicyOR CC_YES -#define CC_PolicyPCR CC_YES -#define CC_PolicyPassword CC_YES -#define CC_PolicyPhysicalPresence CC_YES -#define CC_PolicyRestart CC_YES -#define CC_PolicySecret CC_YES -#define CC_PolicySigned CC_YES -#define CC_PolicyTemplate CC_YES -#define CC_PolicyTicket CC_YES -#define CC_Policy_AC_SendSelect CC_YES -#define CC_Quote CC_YES -#define CC_RSA_Decrypt (CC_YES && ALG_RSA) -#define CC_RSA_Encrypt (CC_YES && ALG_RSA) -#define CC_ReadClock CC_YES -#define CC_ReadPublic CC_YES -#define CC_Rewrap CC_YES -#define CC_SelfTest CC_YES -#define CC_SequenceComplete CC_YES -#define CC_SequenceUpdate CC_YES -#define CC_SetAlgorithmSet CC_YES -#define CC_SetCommandCodeAuditStatus CC_YES -#define CC_SetPrimaryPolicy CC_YES -#define CC_Shutdown CC_YES -#define CC_Sign CC_YES -#define CC_StartAuthSession CC_YES -#define CC_Startup CC_YES -#define CC_StirRandom CC_YES -#define CC_TestParms CC_YES -#define CC_Unseal CC_YES -#define CC_Vendor_TCG_Test CC_YES -#define CC_VerifySignature CC_YES -#define CC_ZGen_2Phase (CC_YES && ALG_ECC) - -// Table 2:12 - Definition of TPM_CC Constants -typedef UINT32 TPM_CC; -#if CC_NV_UndefineSpaceSpecial -#define TPM_CC_NV_UndefineSpaceSpecial (TPM_CC)(0x0000011F) -#endif -#if CC_EvictControl -#define TPM_CC_EvictControl (TPM_CC)(0x00000120) -#endif -#if CC_HierarchyControl -#define TPM_CC_HierarchyControl (TPM_CC)(0x00000121) -#endif -#if CC_NV_UndefineSpace -#define TPM_CC_NV_UndefineSpace (TPM_CC)(0x00000122) -#endif -#if CC_ChangeEPS -#define TPM_CC_ChangeEPS (TPM_CC)(0x00000124) -#endif -#if CC_ChangePPS -#define TPM_CC_ChangePPS (TPM_CC)(0x00000125) -#endif -#if CC_Clear -#define TPM_CC_Clear (TPM_CC)(0x00000126) -#endif -#if CC_ClearControl -#define TPM_CC_ClearControl (TPM_CC)(0x00000127) -#endif -#if CC_ClockSet -#define TPM_CC_ClockSet (TPM_CC)(0x00000128) -#endif -#if CC_HierarchyChangeAuth -#define TPM_CC_HierarchyChangeAuth (TPM_CC)(0x00000129) -#endif -#if CC_NV_DefineSpace -#define TPM_CC_NV_DefineSpace (TPM_CC)(0x0000012A) -#endif -#if CC_PCR_Allocate -#define TPM_CC_PCR_Allocate (TPM_CC)(0x0000012B) -#endif -#if CC_PCR_SetAuthPolicy -#define TPM_CC_PCR_SetAuthPolicy (TPM_CC)(0x0000012C) -#endif -#if CC_PP_Commands -#define TPM_CC_PP_Commands (TPM_CC)(0x0000012D) -#endif -#if CC_SetPrimaryPolicy -#define TPM_CC_SetPrimaryPolicy (TPM_CC)(0x0000012E) -#endif -#if CC_FieldUpgradeStart -#define TPM_CC_FieldUpgradeStart (TPM_CC)(0x0000012F) -#endif -#if CC_ClockRateAdjust -#define TPM_CC_ClockRateAdjust (TPM_CC)(0x00000130) -#endif -#if CC_CreatePrimary -#define TPM_CC_CreatePrimary (TPM_CC)(0x00000131) -#endif -#if CC_NV_GlobalWriteLock -#define TPM_CC_NV_GlobalWriteLock (TPM_CC)(0x00000132) -#endif -#if CC_GetCommandAuditDigest -#define TPM_CC_GetCommandAuditDigest (TPM_CC)(0x00000133) -#endif -#if CC_NV_Increment -#define TPM_CC_NV_Increment (TPM_CC)(0x00000134) -#endif -#if CC_NV_SetBits -#define TPM_CC_NV_SetBits (TPM_CC)(0x00000135) -#endif -#if CC_NV_Extend -#define TPM_CC_NV_Extend (TPM_CC)(0x00000136) -#endif -#if CC_NV_Write -#define TPM_CC_NV_Write (TPM_CC)(0x00000137) -#endif -#if CC_NV_WriteLock -#define TPM_CC_NV_WriteLock (TPM_CC)(0x00000138) -#endif -#if CC_DictionaryAttackLockReset -#define TPM_CC_DictionaryAttackLockReset (TPM_CC)(0x00000139) -#endif -#if CC_DictionaryAttackParameters -#define TPM_CC_DictionaryAttackParameters (TPM_CC)(0x0000013A) -#endif -#if CC_NV_ChangeAuth -#define TPM_CC_NV_ChangeAuth (TPM_CC)(0x0000013B) -#endif -#if CC_PCR_Event -#define TPM_CC_PCR_Event (TPM_CC)(0x0000013C) -#endif -#if CC_PCR_Reset -#define TPM_CC_PCR_Reset (TPM_CC)(0x0000013D) -#endif -#if CC_SequenceComplete -#define TPM_CC_SequenceComplete (TPM_CC)(0x0000013E) -#endif -#if CC_SetAlgorithmSet -#define TPM_CC_SetAlgorithmSet (TPM_CC)(0x0000013F) -#endif -#if CC_SetCommandCodeAuditStatus -#define TPM_CC_SetCommandCodeAuditStatus (TPM_CC)(0x00000140) -#endif -#if CC_FieldUpgradeData -#define TPM_CC_FieldUpgradeData (TPM_CC)(0x00000141) -#endif -#if CC_IncrementalSelfTest -#define TPM_CC_IncrementalSelfTest (TPM_CC)(0x00000142) -#endif -#if CC_SelfTest -#define TPM_CC_SelfTest (TPM_CC)(0x00000143) -#endif -#if CC_Startup -#define TPM_CC_Startup (TPM_CC)(0x00000144) -#endif -#if CC_Shutdown -#define TPM_CC_Shutdown (TPM_CC)(0x00000145) -#endif -#if CC_StirRandom -#define TPM_CC_StirRandom (TPM_CC)(0x00000146) -#endif -#if CC_ActivateCredential -#define TPM_CC_ActivateCredential (TPM_CC)(0x00000147) -#endif -#if CC_Certify -#define TPM_CC_Certify (TPM_CC)(0x00000148) -#endif -#if CC_PolicyNV -#define TPM_CC_PolicyNV (TPM_CC)(0x00000149) -#endif -#if CC_CertifyCreation -#define TPM_CC_CertifyCreation (TPM_CC)(0x0000014A) -#endif -#if CC_Duplicate -#define TPM_CC_Duplicate (TPM_CC)(0x0000014B) -#endif -#if CC_GetTime -#define TPM_CC_GetTime (TPM_CC)(0x0000014C) -#endif -#if CC_GetSessionAuditDigest -#define TPM_CC_GetSessionAuditDigest (TPM_CC)(0x0000014D) -#endif -#if CC_NV_Read -#define TPM_CC_NV_Read (TPM_CC)(0x0000014E) -#endif -#if CC_NV_ReadLock -#define TPM_CC_NV_ReadLock (TPM_CC)(0x0000014F) -#endif -#if CC_ObjectChangeAuth -#define TPM_CC_ObjectChangeAuth (TPM_CC)(0x00000150) -#endif -#if CC_PolicySecret -#define TPM_CC_PolicySecret (TPM_CC)(0x00000151) -#endif -#if CC_Rewrap -#define TPM_CC_Rewrap (TPM_CC)(0x00000152) -#endif -#if CC_Create -#define TPM_CC_Create (TPM_CC)(0x00000153) -#endif -#if CC_ECDH_ZGen -#define TPM_CC_ECDH_ZGen (TPM_CC)(0x00000154) -#endif -#if CC_HMAC -#define TPM_CC_HMAC (TPM_CC)(0x00000155) -#endif -#if CC_MAC -#define TPM_CC_MAC (TPM_CC)(0x00000155) -#endif -#if CC_Import -#define TPM_CC_Import (TPM_CC)(0x00000156) -#endif -#if CC_Load -#define TPM_CC_Load (TPM_CC)(0x00000157) -#endif -#if CC_Quote -#define TPM_CC_Quote (TPM_CC)(0x00000158) -#endif -#if CC_RSA_Decrypt -#define TPM_CC_RSA_Decrypt (TPM_CC)(0x00000159) -#endif -#if CC_HMAC_Start -#define TPM_CC_HMAC_Start (TPM_CC)(0x0000015B) -#endif -#if CC_MAC_Start -#define TPM_CC_MAC_Start (TPM_CC)(0x0000015B) -#endif -#if CC_SequenceUpdate -#define TPM_CC_SequenceUpdate (TPM_CC)(0x0000015C) -#endif -#if CC_Sign -#define TPM_CC_Sign (TPM_CC)(0x0000015D) -#endif -#if CC_Unseal -#define TPM_CC_Unseal (TPM_CC)(0x0000015E) -#endif -#if CC_PolicySigned -#define TPM_CC_PolicySigned (TPM_CC)(0x00000160) -#endif -#if CC_ContextLoad -#define TPM_CC_ContextLoad (TPM_CC)(0x00000161) -#endif -#if CC_ContextSave -#define TPM_CC_ContextSave (TPM_CC)(0x00000162) -#endif -#if CC_ECDH_KeyGen -#define TPM_CC_ECDH_KeyGen (TPM_CC)(0x00000163) -#endif -#if CC_EncryptDecrypt -#define TPM_CC_EncryptDecrypt (TPM_CC)(0x00000164) -#endif -#if CC_FlushContext -#define TPM_CC_FlushContext (TPM_CC)(0x00000165) -#endif -#if CC_LoadExternal -#define TPM_CC_LoadExternal (TPM_CC)(0x00000167) -#endif -#if CC_MakeCredential -#define TPM_CC_MakeCredential (TPM_CC)(0x00000168) -#endif -#if CC_NV_ReadPublic -#define TPM_CC_NV_ReadPublic (TPM_CC)(0x00000169) -#endif -#if CC_PolicyAuthorize -#define TPM_CC_PolicyAuthorize (TPM_CC)(0x0000016A) -#endif -#if CC_PolicyAuthValue -#define TPM_CC_PolicyAuthValue (TPM_CC)(0x0000016B) -#endif -#if CC_PolicyCommandCode -#define TPM_CC_PolicyCommandCode (TPM_CC)(0x0000016C) -#endif -#if CC_PolicyCounterTimer -#define TPM_CC_PolicyCounterTimer (TPM_CC)(0x0000016D) -#endif -#if CC_PolicyCpHash -#define TPM_CC_PolicyCpHash (TPM_CC)(0x0000016E) -#endif -#if CC_PolicyLocality -#define TPM_CC_PolicyLocality (TPM_CC)(0x0000016F) -#endif -#if CC_PolicyNameHash -#define TPM_CC_PolicyNameHash (TPM_CC)(0x00000170) -#endif -#if CC_PolicyOR -#define TPM_CC_PolicyOR (TPM_CC)(0x00000171) -#endif -#if CC_PolicyTicket -#define TPM_CC_PolicyTicket (TPM_CC)(0x00000172) -#endif -#if CC_ReadPublic -#define TPM_CC_ReadPublic (TPM_CC)(0x00000173) -#endif -#if CC_RSA_Encrypt -#define TPM_CC_RSA_Encrypt (TPM_CC)(0x00000174) -#endif -#if CC_StartAuthSession -#define TPM_CC_StartAuthSession (TPM_CC)(0x00000176) -#endif -#if CC_VerifySignature -#define TPM_CC_VerifySignature (TPM_CC)(0x00000177) -#endif -#if CC_ECC_Parameters -#define TPM_CC_ECC_Parameters (TPM_CC)(0x00000178) -#endif -#if CC_FirmwareRead -#define TPM_CC_FirmwareRead (TPM_CC)(0x00000179) -#endif -#if CC_GetCapability -#define TPM_CC_GetCapability (TPM_CC)(0x0000017A) -#endif -#if CC_GetRandom -#define TPM_CC_GetRandom (TPM_CC)(0x0000017B) -#endif -#if CC_GetTestResult -#define TPM_CC_GetTestResult (TPM_CC)(0x0000017C) -#endif -#if CC_Hash -#define TPM_CC_Hash (TPM_CC)(0x0000017D) -#endif -#if CC_PCR_Read -#define TPM_CC_PCR_Read (TPM_CC)(0x0000017E) -#endif -#if CC_PolicyPCR -#define TPM_CC_PolicyPCR (TPM_CC)(0x0000017F) -#endif -#if CC_PolicyRestart -#define TPM_CC_PolicyRestart (TPM_CC)(0x00000180) -#endif -#if CC_ReadClock -#define TPM_CC_ReadClock (TPM_CC)(0x00000181) -#endif -#if CC_PCR_Extend -#define TPM_CC_PCR_Extend (TPM_CC)(0x00000182) -#endif -#if CC_PCR_SetAuthValue -#define TPM_CC_PCR_SetAuthValue (TPM_CC)(0x00000183) -#endif -#if CC_NV_Certify -#define TPM_CC_NV_Certify (TPM_CC)(0x00000184) -#endif -#if CC_EventSequenceComplete -#define TPM_CC_EventSequenceComplete (TPM_CC)(0x00000185) -#endif -#if CC_HashSequenceStart -#define TPM_CC_HashSequenceStart (TPM_CC)(0x00000186) -#endif -#if CC_PolicyPhysicalPresence -#define TPM_CC_PolicyPhysicalPresence (TPM_CC)(0x00000187) -#endif -#if CC_PolicyDuplicationSelect -#define TPM_CC_PolicyDuplicationSelect (TPM_CC)(0x00000188) -#endif -#if CC_PolicyGetDigest -#define TPM_CC_PolicyGetDigest (TPM_CC)(0x00000189) -#endif -#if CC_TestParms -#define TPM_CC_TestParms (TPM_CC)(0x0000018A) -#endif -#if CC_Commit -#define TPM_CC_Commit (TPM_CC)(0x0000018B) -#endif -#if CC_PolicyPassword -#define TPM_CC_PolicyPassword (TPM_CC)(0x0000018C) -#endif -#if CC_ZGen_2Phase -#define TPM_CC_ZGen_2Phase (TPM_CC)(0x0000018D) -#endif -#if CC_EC_Ephemeral -#define TPM_CC_EC_Ephemeral (TPM_CC)(0x0000018E) -#endif -#if CC_PolicyNvWritten -#define TPM_CC_PolicyNvWritten (TPM_CC)(0x0000018F) -#endif -#if CC_PolicyTemplate -#define TPM_CC_PolicyTemplate (TPM_CC)(0x00000190) -#endif -#if CC_CreateLoaded -#define TPM_CC_CreateLoaded (TPM_CC)(0x00000191) -#endif -#if CC_PolicyAuthorizeNV -#define TPM_CC_PolicyAuthorizeNV (TPM_CC)(0x00000192) -#endif -#if CC_EncryptDecrypt2 -#define TPM_CC_EncryptDecrypt2 (TPM_CC)(0x00000193) -#endif -#if CC_AC_GetCapability -#define TPM_CC_AC_GetCapability (TPM_CC)(0x00000194) -#endif -#if CC_AC_Send -#define TPM_CC_AC_Send (TPM_CC)(0x00000195) -#endif -#if CC_Policy_AC_SendSelect -#define TPM_CC_Policy_AC_SendSelect (TPM_CC)(0x00000196) -#endif -#define CC_VEND 0x20000000 -#if CC_Vendor_TCG_Test -#define TPM_CC_Vendor_TCG_Test (TPM_CC)(0x20000000) -#endif - -// Additional values for benefit of code -#define TPM_CC_FIRST 0x0000011F -#define TPM_CC_LAST 0x00000196 - - -#if COMPRESSED_LISTS -#define ADD_FILL 0 -#else -#define ADD_FILL 1 -#endif - -// Size the array of library commands based on whether or not -// the array is packed (only defined commands) or dense -// (having entries for unimplemented commands) -#define LIBRARY_COMMAND_ARRAY_SIZE (0 \ - + (ADD_FILL || CC_NV_UndefineSpaceSpecial) /* 0x0000011F */ \ - + (ADD_FILL || CC_EvictControl) /* 0x00000120 */ \ - + (ADD_FILL || CC_HierarchyControl) /* 0x00000121 */ \ - + (ADD_FILL || CC_NV_UndefineSpace) /* 0x00000122 */ \ - + ADD_FILL /* 0x00000123 */ \ - + (ADD_FILL || CC_ChangeEPS) /* 0x00000124 */ \ - + (ADD_FILL || CC_ChangePPS) /* 0x00000125 */ \ - + (ADD_FILL || CC_Clear) /* 0x00000126 */ \ - + (ADD_FILL || CC_ClearControl) /* 0x00000127 */ \ - + (ADD_FILL || CC_ClockSet) /* 0x00000128 */ \ - + (ADD_FILL || CC_HierarchyChangeAuth) /* 0x00000129 */ \ - + (ADD_FILL || CC_NV_DefineSpace) /* 0x0000012A */ \ - + (ADD_FILL || CC_PCR_Allocate) /* 0x0000012B */ \ - + (ADD_FILL || CC_PCR_SetAuthPolicy) /* 0x0000012C */ \ - + (ADD_FILL || CC_PP_Commands) /* 0x0000012D */ \ - + (ADD_FILL || CC_SetPrimaryPolicy) /* 0x0000012E */ \ - + (ADD_FILL || CC_FieldUpgradeStart) /* 0x0000012F */ \ - + (ADD_FILL || CC_ClockRateAdjust) /* 0x00000130 */ \ - + (ADD_FILL || CC_CreatePrimary) /* 0x00000131 */ \ - + (ADD_FILL || CC_NV_GlobalWriteLock) /* 0x00000132 */ \ - + (ADD_FILL || CC_GetCommandAuditDigest) /* 0x00000133 */ \ - + (ADD_FILL || CC_NV_Increment) /* 0x00000134 */ \ - + (ADD_FILL || CC_NV_SetBits) /* 0x00000135 */ \ - + (ADD_FILL || CC_NV_Extend) /* 0x00000136 */ \ - + (ADD_FILL || CC_NV_Write) /* 0x00000137 */ \ - + (ADD_FILL || CC_NV_WriteLock) /* 0x00000138 */ \ - + (ADD_FILL || CC_DictionaryAttackLockReset) /* 0x00000139 */ \ - + (ADD_FILL || CC_DictionaryAttackParameters) /* 0x0000013A */ \ - + (ADD_FILL || CC_NV_ChangeAuth) /* 0x0000013B */ \ - + (ADD_FILL || CC_PCR_Event) /* 0x0000013C */ \ - + (ADD_FILL || CC_PCR_Reset) /* 0x0000013D */ \ - + (ADD_FILL || CC_SequenceComplete) /* 0x0000013E */ \ - + (ADD_FILL || CC_SetAlgorithmSet) /* 0x0000013F */ \ - + (ADD_FILL || CC_SetCommandCodeAuditStatus) /* 0x00000140 */ \ - + (ADD_FILL || CC_FieldUpgradeData) /* 0x00000141 */ \ - + (ADD_FILL || CC_IncrementalSelfTest) /* 0x00000142 */ \ - + (ADD_FILL || CC_SelfTest) /* 0x00000143 */ \ - + (ADD_FILL || CC_Startup) /* 0x00000144 */ \ - + (ADD_FILL || CC_Shutdown) /* 0x00000145 */ \ - + (ADD_FILL || CC_StirRandom) /* 0x00000146 */ \ - + (ADD_FILL || CC_ActivateCredential) /* 0x00000147 */ \ - + (ADD_FILL || CC_Certify) /* 0x00000148 */ \ - + (ADD_FILL || CC_PolicyNV) /* 0x00000149 */ \ - + (ADD_FILL || CC_CertifyCreation) /* 0x0000014A */ \ - + (ADD_FILL || CC_Duplicate) /* 0x0000014B */ \ - + (ADD_FILL || CC_GetTime) /* 0x0000014C */ \ - + (ADD_FILL || CC_GetSessionAuditDigest) /* 0x0000014D */ \ - + (ADD_FILL || CC_NV_Read) /* 0x0000014E */ \ - + (ADD_FILL || CC_NV_ReadLock) /* 0x0000014F */ \ - + (ADD_FILL || CC_ObjectChangeAuth) /* 0x00000150 */ \ - + (ADD_FILL || CC_PolicySecret) /* 0x00000151 */ \ - + (ADD_FILL || CC_Rewrap) /* 0x00000152 */ \ - + (ADD_FILL || CC_Create) /* 0x00000153 */ \ - + (ADD_FILL || CC_ECDH_ZGen) /* 0x00000154 */ \ - + (ADD_FILL || CC_HMAC || CC_MAC) /* 0x00000155 */ \ - + (ADD_FILL || CC_Import) /* 0x00000156 */ \ - + (ADD_FILL || CC_Load) /* 0x00000157 */ \ - + (ADD_FILL || CC_Quote) /* 0x00000158 */ \ - + (ADD_FILL || CC_RSA_Decrypt) /* 0x00000159 */ \ - + ADD_FILL /* 0x0000015A */ \ - + (ADD_FILL || CC_HMAC_Start || CC_MAC_Start) /* 0x0000015B */ \ - + (ADD_FILL || CC_SequenceUpdate) /* 0x0000015C */ \ - + (ADD_FILL || CC_Sign) /* 0x0000015D */ \ - + (ADD_FILL || CC_Unseal) /* 0x0000015E */ \ - + ADD_FILL /* 0x0000015F */ \ - + (ADD_FILL || CC_PolicySigned) /* 0x00000160 */ \ - + (ADD_FILL || CC_ContextLoad) /* 0x00000161 */ \ - + (ADD_FILL || CC_ContextSave) /* 0x00000162 */ \ - + (ADD_FILL || CC_ECDH_KeyGen) /* 0x00000163 */ \ - + (ADD_FILL || CC_EncryptDecrypt) /* 0x00000164 */ \ - + (ADD_FILL || CC_FlushContext) /* 0x00000165 */ \ - + ADD_FILL /* 0x00000166 */ \ - + (ADD_FILL || CC_LoadExternal) /* 0x00000167 */ \ - + (ADD_FILL || CC_MakeCredential) /* 0x00000168 */ \ - + (ADD_FILL || CC_NV_ReadPublic) /* 0x00000169 */ \ - + (ADD_FILL || CC_PolicyAuthorize) /* 0x0000016A */ \ - + (ADD_FILL || CC_PolicyAuthValue) /* 0x0000016B */ \ - + (ADD_FILL || CC_PolicyCommandCode) /* 0x0000016C */ \ - + (ADD_FILL || CC_PolicyCounterTimer) /* 0x0000016D */ \ - + (ADD_FILL || CC_PolicyCpHash) /* 0x0000016E */ \ - + (ADD_FILL || CC_PolicyLocality) /* 0x0000016F */ \ - + (ADD_FILL || CC_PolicyNameHash) /* 0x00000170 */ \ - + (ADD_FILL || CC_PolicyOR) /* 0x00000171 */ \ - + (ADD_FILL || CC_PolicyTicket) /* 0x00000172 */ \ - + (ADD_FILL || CC_ReadPublic) /* 0x00000173 */ \ - + (ADD_FILL || CC_RSA_Encrypt) /* 0x00000174 */ \ - + ADD_FILL /* 0x00000175 */ \ - + (ADD_FILL || CC_StartAuthSession) /* 0x00000176 */ \ - + (ADD_FILL || CC_VerifySignature) /* 0x00000177 */ \ - + (ADD_FILL || CC_ECC_Parameters) /* 0x00000178 */ \ - + (ADD_FILL || CC_FirmwareRead) /* 0x00000179 */ \ - + (ADD_FILL || CC_GetCapability) /* 0x0000017A */ \ - + (ADD_FILL || CC_GetRandom) /* 0x0000017B */ \ - + (ADD_FILL || CC_GetTestResult) /* 0x0000017C */ \ - + (ADD_FILL || CC_Hash) /* 0x0000017D */ \ - + (ADD_FILL || CC_PCR_Read) /* 0x0000017E */ \ - + (ADD_FILL || CC_PolicyPCR) /* 0x0000017F */ \ - + (ADD_FILL || CC_PolicyRestart) /* 0x00000180 */ \ - + (ADD_FILL || CC_ReadClock) /* 0x00000181 */ \ - + (ADD_FILL || CC_PCR_Extend) /* 0x00000182 */ \ - + (ADD_FILL || CC_PCR_SetAuthValue) /* 0x00000183 */ \ - + (ADD_FILL || CC_NV_Certify) /* 0x00000184 */ \ - + (ADD_FILL || CC_EventSequenceComplete) /* 0x00000185 */ \ - + (ADD_FILL || CC_HashSequenceStart) /* 0x00000186 */ \ - + (ADD_FILL || CC_PolicyPhysicalPresence) /* 0x00000187 */ \ - + (ADD_FILL || CC_PolicyDuplicationSelect) /* 0x00000188 */ \ - + (ADD_FILL || CC_PolicyGetDigest) /* 0x00000189 */ \ - + (ADD_FILL || CC_TestParms) /* 0x0000018A */ \ - + (ADD_FILL || CC_Commit) /* 0x0000018B */ \ - + (ADD_FILL || CC_PolicyPassword) /* 0x0000018C */ \ - + (ADD_FILL || CC_ZGen_2Phase) /* 0x0000018D */ \ - + (ADD_FILL || CC_EC_Ephemeral) /* 0x0000018E */ \ - + (ADD_FILL || CC_PolicyNvWritten) /* 0x0000018F */ \ - + (ADD_FILL || CC_PolicyTemplate) /* 0x00000190 */ \ - + (ADD_FILL || CC_CreateLoaded) /* 0x00000191 */ \ - + (ADD_FILL || CC_PolicyAuthorizeNV) /* 0x00000192 */ \ - + (ADD_FILL || CC_EncryptDecrypt2) /* 0x00000193 */ \ - + (ADD_FILL || CC_AC_GetCapability) /* 0x00000194 */ \ - + (ADD_FILL || CC_AC_Send) /* 0x00000195 */ \ - + (ADD_FILL || CC_Policy_AC_SendSelect) /* 0x00000196 */ \ - ) - -#define VENDOR_COMMAND_ARRAY_SIZE (0 + CC_Vendor_TCG_Test) - -#define COMMAND_COUNT (LIBRARY_COMMAND_ARRAY_SIZE + VENDOR_COMMAND_ARRAY_SIZE) - -#define HASH_COUNT \ - (ALG_SHA1 + ALG_SHA256 + ALG_SHA384 + ALG_SHA512 + ALG_SM3_256) - -#define MAX_HASH_BLOCK_SIZE \ - (MAX(ALG_SHA1 * SHA1_BLOCK_SIZE, \ - MAX(ALG_SHA256 * SHA256_BLOCK_SIZE, \ - MAX(ALG_SHA384 * SHA384_BLOCK_SIZE, \ - MAX(ALG_SHA512 * SHA512_BLOCK_SIZE, \ - MAX(ALG_SM3_256 * SM3_256_BLOCK_SIZE, \ - 0)))))) - -#define MAX_DIGEST_SIZE \ - (MAX(ALG_SHA1 * SHA1_DIGEST_SIZE, \ - MAX(ALG_SHA256 * SHA256_DIGEST_SIZE, \ - MAX(ALG_SHA384 * SHA384_DIGEST_SIZE, \ - MAX(ALG_SHA512 * SHA512_DIGEST_SIZE, \ - MAX(ALG_SM3_256 * SM3_256_DIGEST_SIZE, \ - 0)))))) - - -#if MAX_DIGEST_SIZE == 0 || MAX_HASH_BLOCK_SIZE == 0 -#error "Hash data not valid" -#endif - -// Define the 2B structure that would hold any hash block -TPM2B_TYPE(MAX_HASH_BLOCK, MAX_HASH_BLOCK_SIZE); - -// Following typedef is for some old code -typedef TPM2B_MAX_HASH_BLOCK TPM2B_HASH_BLOCK; - -/* AddSymmetricConstants */ -#ifndef ALG_AES -#define ALG_AES NO -#endif -#ifndef MAX_AES_KEY_BITS -#define MAX_AES_KEY_BITS 0 -#define MAX_AES_BLOCK_SIZE_BYTES 0 -#endif -#ifndef ALG_CAMELLIA -#define ALG_CAMELLIA NO -#endif -#ifndef MAX_CAMELLIA_KEY_BITS -#define MAX_CAMELLIA_KEY_BITS 0 -#define MAX_CAMELLIA_BLOCK_SIZE_BYTES 0 -#endif -#ifndef ALG_SM4 -#define ALG_SM4 NO -#endif -#ifndef MAX_SM4_KEY_BITS -#define MAX_SM4_KEY_BITS 0 -#define MAX_SM4_BLOCK_SIZE_BYTES 0 -#endif -#ifndef ALG_TDES -#define ALG_TDES NO -#endif -#ifndef MAX_TDES_KEY_BITS -#define MAX_TDES_KEY_BITS 0 -#define MAX_TDES_BLOCK_SIZE_BYTES 0 -#endif -#define MAX_SYM_KEY_BITS \ - (MAX(ALG_AES * MAX_AES_KEY_BITS, \ - MAX(ALG_CAMELLIA * MAX_CAMELLIA_KEY_BITS, \ - MAX(ALG_SM4 * MAX_SM4_KEY_BITS, \ - MAX(ALG_TDES * MAX_TDES_KEY_BITS, \ - 0))))) - -#define MAX_SYM_KEY_BYTES ((MAX_SYM_KEY_BITS + 7) / 8) - -#define MAX_SYM_BLOCK_SIZE \ - (MAX(ALG_AES * MAX_AES_BLOCK_SIZE_BYTES, \ - MAX(ALG_CAMELLIA * MAX_CAMELLIA_BLOCK_SIZE_BYTES, \ - MAX(ALG_SM4 * MAX_SM4_BLOCK_SIZE_BYTES, \ - MAX(ALG_TDES * MAX_TDES_BLOCK_SIZE_BYTES, \ - 0))))) - -#if MAX_SYM_KEY_BITS == 0 || MAX_SYM_BLOCK_SIZE == 0 -# error Bad size for MAX_SYM_KEY_BITS or MAX_SYM_BLOCK_SIZE -#endif - -#endif // _IMPLEMENTATION_H_ diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/TpmProfile.h b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/TpmProfile.h new file mode 100644 index 00000000..c3e352c2 --- /dev/null +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/reference/include/TpmProfile.h @@ -0,0 +1,810 @@ +/* Microsoft Reference Implementation for TPM 2.0 + * + * The copyright in this software is being made available under the BSD License, + * included below. This software may be subject to other third party and + * contributor rights, including patent rights, and no such rights are granted + * under this license. + * + * Copyright (c) Microsoft Corporation + * + * All rights reserved. + * + * BSD License + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this list + * of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, this + * list of conditions and the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS"" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR + * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +/*(Auto-generated) + * Created by TpmStructures; Version 4.4 Mar 26, 2019 + * Date: Mar 4, 2020 Time: 02:36:43PM + */ + +#ifndef _TPM_PROFILE_H_ +#define _TPM_PROFILE_H_ + +#include "RuntimeSupport.h" + +#include +#include +#include + +#undef MAX +#define MAX(a, b) ((a) > (b) ? (a) : (b)) + +#undef MIN +#define MIN(a, b) ((a) < (b) ? (a) : (b)) + +// Table 2:4 - Defines for Logic Values +#undef TRUE +#define TRUE 1 +#undef FALSE +#define FALSE 0 +#undef YES +#define YES 1 +#undef NO +#define NO 0 +#undef SET +#define SET 1 +#undef CLEAR +#define CLEAR 0 + +// Table 0:1 - Defines for Processor Values +#ifndef BIG_ENDIAN_TPM +#define BIG_ENDIAN_TPM NO +#endif +#ifndef LITTLE_ENDIAN_TPM +#define LITTLE_ENDIAN_TPM !BIG_ENDIAN_TPM +#endif +#ifndef MOST_SIGNIFICANT_BIT_0 +#define MOST_SIGNIFICANT_BIT_0 NO +#endif +#ifndef LEAST_SIGNIFICANT_BIT_0 +#define LEAST_SIGNIFICANT_BIT_0 !MOST_SIGNIFICANT_BIT_0 +#endif +#ifndef AUTO_ALIGN +#define AUTO_ALIGN NO +#endif + +// Table 0:4 - Defines for Implemented Curves +#ifndef ECC_NIST_P192 +#define ECC_NIST_P192 NO +#endif +#ifndef ECC_NIST_P224 +#define ECC_NIST_P224 NO +#endif +#ifndef ECC_NIST_P256 +#define ECC_NIST_P256 YES +#endif +#ifndef ECC_NIST_P384 +#define ECC_NIST_P384 YES +#endif +#ifndef ECC_NIST_P521 +#define ECC_NIST_P521 NO +#endif +#ifndef ECC_BN_P256 +#define ECC_BN_P256 YES +#endif +#ifndef ECC_BN_P638 +#define ECC_BN_P638 NO +#endif +#ifndef ECC_SM2_P256 +#define ECC_SM2_P256 YES +#endif + +// Table 0:6 - Defines for Implemented ACT +#ifndef RH_ACT_0 +#define RH_ACT_0 YES +#endif +#ifndef RH_ACT_1 +#define RH_ACT_1 NO +#endif +#ifndef RH_ACT_A +#define RH_ACT_A YES +#endif + +// Table 0:7 - Defines for Implementation Values +#ifdef USE_WOLFCRYPT +#define HASH_LIB Wolf +#define SYM_LIB Wolf +#define MATH_LIB Wolf +#else +#define HASH_LIB Ossl +#define SYM_LIB Ossl +#define MATH_LIB Ossl +#endif + +typedef UINT32 TPM_CC; + +// Table 0:7 - Defines for Implementation Values +#ifndef FIELD_UPGRADE_IMPLEMENTED +#define FIELD_UPGRADE_IMPLEMENTED NO +#endif +#ifdef USE_WOLFCRYPT +#define HASH_LIB Wolf +#define SYM_LIB Wolf +#define MATH_LIB Wolf +#else +#define HASH_LIB Ossl +#define SYM_LIB Ossl +#define MATH_LIB Ossl +#endif +#ifndef IMPLEMENTATION_PCR +#define IMPLEMENTATION_PCR 24 +#endif +#ifndef PLATFORM_PCR +#define PLATFORM_PCR 24 +#endif +#ifndef DRTM_PCR +#define DRTM_PCR 17 +#endif +#ifndef HCRTM_PCR +#define HCRTM_PCR 0 +#endif +#ifndef NUM_LOCALITIES +#define NUM_LOCALITIES 5 +#endif +#ifndef MAX_HANDLE_NUM +#define MAX_HANDLE_NUM 3 +#endif +#ifndef MAX_ACTIVE_SESSIONS +#define MAX_ACTIVE_SESSIONS 64 +#endif +#ifndef CONTEXT_SLOT +#define CONTEXT_SLOT UINT16 +#endif +#ifndef MAX_LOADED_SESSIONS +#define MAX_LOADED_SESSIONS 3 +#endif +#ifndef MAX_SESSION_NUM +#define MAX_SESSION_NUM 3 +#endif +#ifndef MAX_LOADED_OBJECTS +#define MAX_LOADED_OBJECTS 3 +#endif +#ifndef MIN_EVICT_OBJECTS +#define MIN_EVICT_OBJECTS 2 +#endif +#ifndef NUM_POLICY_PCR_GROUP +#define NUM_POLICY_PCR_GROUP 1 +#endif +#ifndef NUM_AUTHVALUE_PCR_GROUP +#define NUM_AUTHVALUE_PCR_GROUP 1 +#endif +#ifndef MAX_CONTEXT_SIZE +#define MAX_CONTEXT_SIZE 1344 +#endif +#ifndef MAX_DIGEST_BUFFER +#define MAX_DIGEST_BUFFER 1024 +#endif +#ifndef MAX_NV_INDEX_SIZE +#define MAX_NV_INDEX_SIZE 2048 +#endif +#ifndef MAX_NV_BUFFER_SIZE +#define MAX_NV_BUFFER_SIZE 1024 +#endif +#ifndef MAX_CAP_BUFFER +#define MAX_CAP_BUFFER 1024 +#endif +#ifndef NV_MEMORY_SIZE +#define NV_MEMORY_SIZE 16384 +#endif +#ifndef MIN_COUNTER_INDICES +#define MIN_COUNTER_INDICES 8 +#endif +#ifndef NUM_STATIC_PCR +#define NUM_STATIC_PCR 16 +#endif +#ifndef MAX_ALG_LIST_SIZE +#define MAX_ALG_LIST_SIZE 64 +#endif +#ifndef PRIMARY_SEED_SIZE +#define PRIMARY_SEED_SIZE 32 +#endif +#ifndef CONTEXT_ENCRYPT_ALGORITHM +#define CONTEXT_ENCRYPT_ALGORITHM AES +#endif +#ifndef NV_CLOCK_UPDATE_INTERVAL +#define NV_CLOCK_UPDATE_INTERVAL 12 +#endif +#ifndef NUM_POLICY_PCR +#define NUM_POLICY_PCR 1 +#endif +#ifndef MAX_COMMAND_SIZE +#define MAX_COMMAND_SIZE 4096 +#endif +#ifndef MAX_RESPONSE_SIZE +#define MAX_RESPONSE_SIZE 4096 +#endif +#ifndef ORDERLY_BITS +#define ORDERLY_BITS 8 +#endif +#ifndef MAX_SYM_DATA +#define MAX_SYM_DATA 128 +#endif +#ifndef MAX_RNG_ENTROPY_SIZE +#define MAX_RNG_ENTROPY_SIZE 64 +#endif +#ifndef RAM_INDEX_SPACE +#define RAM_INDEX_SPACE 512 +#endif +#ifndef RSA_DEFAULT_PUBLIC_EXPONENT +#define RSA_DEFAULT_PUBLIC_EXPONENT 0x00010001 +#endif +#ifndef ENABLE_PCR_NO_INCREMENT +#define ENABLE_PCR_NO_INCREMENT YES +#endif +#ifndef CRT_FORMAT_RSA +#define CRT_FORMAT_RSA YES +#endif +#ifndef VENDOR_COMMAND_COUNT +#define VENDOR_COMMAND_COUNT 0 +#endif +#ifndef MAX_VENDOR_BUFFER_SIZE +#define MAX_VENDOR_BUFFER_SIZE 1024 +#endif +#ifndef SIZE_OF_X509_SERIAL_NUMBER +#define SIZE_OF_X509_SERIAL_NUMBER 20 +#endif +#ifndef PRIVATE_VENDOR_SPECIFIC_BYTES +#define PRIVATE_VENDOR_SPECIFIC_BYTES RSA_PRIVATE_SIZE +#endif + +// Table 0:2 - Defines for Implemented Algorithms +#ifndef ALG_AES +#define ALG_AES ALG_YES +#endif +#ifndef ALG_CAMELLIA +#define ALG_CAMELLIA ALG_NO +#endif +#ifndef ALG_CBC +#define ALG_CBC ALG_YES +#endif +#ifndef ALG_CFB +#define ALG_CFB ALG_YES +#endif +#ifndef ALG_CMAC +#define ALG_CMAC ALG_YES +#endif +#ifndef ALG_CTR +#define ALG_CTR ALG_YES +#endif +#ifndef ALG_ECB +#define ALG_ECB ALG_YES +#endif +#ifndef ALG_ECC +#define ALG_ECC ALG_YES +#endif +#ifndef ALG_ECDAA +#define ALG_ECDAA (ALG_YES && ALG_ECC) +#endif +#ifndef ALG_ECDH +#define ALG_ECDH (ALG_YES && ALG_ECC) +#endif +#ifndef ALG_ECDSA +#define ALG_ECDSA (ALG_YES && ALG_ECC) +#endif +#ifndef ALG_ECMQV +#define ALG_ECMQV (ALG_NO && ALG_ECC) +#endif +#ifndef ALG_ECSCHNORR +#define ALG_ECSCHNORR (ALG_YES && ALG_ECC) +#endif +#ifndef ALG_HMAC +#define ALG_HMAC ALG_YES +#endif +#ifndef ALG_KDF1_SP800_108 +#define ALG_KDF1_SP800_108 ALG_YES +#endif +#ifndef ALG_KDF1_SP800_56A +#define ALG_KDF1_SP800_56A (ALG_YES && ALG_ECC) +#endif +#ifndef ALG_KDF2 +#define ALG_KDF2 ALG_NO +#endif +#ifndef ALG_KEYEDHASH +#define ALG_KEYEDHASH ALG_YES +#endif +#ifndef ALG_MGF1 +#define ALG_MGF1 ALG_YES +#endif +#ifndef ALG_OAEP +#define ALG_OAEP (ALG_YES && ALG_RSA) +#endif +#ifndef ALG_OFB +#define ALG_OFB ALG_YES +#endif +#ifndef ALG_RSA +#define ALG_RSA ALG_YES +#endif +#ifndef ALG_RSAES +#define ALG_RSAES (ALG_YES && ALG_RSA) +#endif +#ifndef ALG_RSAPSS +#define ALG_RSAPSS (ALG_YES && ALG_RSA) +#endif +#ifndef ALG_RSASSA +#define ALG_RSASSA (ALG_YES && ALG_RSA) +#endif +#ifndef ALG_SHA +#define ALG_SHA ALG_NO /* Not specified by vendor */ +#endif +#ifndef ALG_SHA1 +#define ALG_SHA1 ALG_YES +#endif +#ifndef ALG_SHA256 +#define ALG_SHA256 ALG_YES +#endif +#ifndef ALG_SHA384 +#define ALG_SHA384 ALG_YES +#endif +#ifndef ALG_SHA3_256 +#define ALG_SHA3_256 ALG_NO /* Not specified by vendor */ +#endif +#ifndef ALG_SHA3_384 +#define ALG_SHA3_384 ALG_NO /* Not specified by vendor */ +#endif +#ifndef ALG_SHA3_512 +#define ALG_SHA3_512 ALG_NO /* Not specified by vendor */ +#endif +#ifndef ALG_SHA512 +#define ALG_SHA512 ALG_NO +#endif +#ifndef ALG_SM2 +#define ALG_SM2 (ALG_NO && ALG_ECC) +#endif +#ifndef ALG_SM3_256 +#define ALG_SM3_256 ALG_NO +#endif +#ifndef ALG_SM4 +#define ALG_SM4 ALG_NO +#endif +#ifndef ALG_SYMCIPHER +#define ALG_SYMCIPHER ALG_YES +#endif +#ifndef ALG_TDES +#define ALG_TDES ALG_NO +#endif +#ifndef ALG_XOR +#define ALG_XOR ALG_YES +#endif + +// Table 1:3 - Defines for RSA Asymmetric Cipher Algorithm Constants +#ifndef RSA_1024 +#define RSA_1024 (ALG_RSA && YES) +#endif +#ifndef RSA_2048 +#define RSA_2048 (ALG_RSA && YES) +#endif +#ifndef RSA_3072 +#define RSA_3072 (ALG_RSA && NO) +#endif +#ifndef RSA_4096 +#define RSA_4096 (ALG_RSA && NO) +#endif +#ifndef RSA_16384 +#define RSA_16384 (ALG_RSA && NO) +#endif + +// Table 1:21 - Defines for AES Symmetric Cipher Algorithm Constants +#ifndef AES_128 +#define AES_128 (ALG_AES && YES) +#endif +#ifndef AES_192 +#define AES_192 (ALG_AES && NO) +#endif +#ifndef AES_256 +#define AES_256 (ALG_AES && YES) +#endif + +// Table 1:22 - Defines for SM4 Symmetric Cipher Algorithm Constants +#ifndef SM4_128 +#define SM4_128 (ALG_SM4 && YES) +#endif + +// Table 1:23 - Defines for CAMELLIA Symmetric Cipher Algorithm Constants +#ifndef CAMELLIA_128 +#define CAMELLIA_128 (ALG_CAMELLIA && YES) +#endif +#ifndef CAMELLIA_192 +#define CAMELLIA_192 (ALG_CAMELLIA && NO) +#endif +#ifndef CAMELLIA_256 +#define CAMELLIA_256 (ALG_CAMELLIA && YES) +#endif + +// Table 1:24 - Defines for TDES Symmetric Cipher Algorithm Constants +#ifndef TDES_128 +#define TDES_128 (ALG_TDES && YES) +#endif +#ifndef TDES_192 +#define TDES_192 (ALG_TDES && YES) +#endif + +// Table 0:5 - Defines for Implemented Commands +#ifndef CC_ACT_SetTimeout +#define CC_ACT_SetTimeout CC_YES +#endif +#ifndef CC_AC_GetCapability +#define CC_AC_GetCapability CC_YES +#endif +#ifndef CC_AC_Send +#define CC_AC_Send CC_YES +#endif +#ifndef CC_ActivateCredential +#define CC_ActivateCredential CC_YES +#endif +#ifndef CC_Certify +#define CC_Certify CC_YES +#endif +#ifndef CC_CertifyCreation +#define CC_CertifyCreation CC_YES +#endif +#ifndef CC_CertifyX509 +#define CC_CertifyX509 CC_YES +#endif +#ifndef CC_ChangeEPS +#define CC_ChangeEPS CC_YES +#endif +#ifndef CC_ChangePPS +#define CC_ChangePPS CC_YES +#endif +#ifndef CC_Clear +#define CC_Clear CC_YES +#endif +#ifndef CC_ClearControl +#define CC_ClearControl CC_YES +#endif +#ifndef CC_ClockRateAdjust +#define CC_ClockRateAdjust CC_YES +#endif +#ifndef CC_ClockSet +#define CC_ClockSet CC_YES +#endif +#ifndef CC_Commit +#define CC_Commit (CC_YES && ALG_ECC) +#endif +#ifndef CC_ContextLoad +#define CC_ContextLoad CC_YES +#endif +#ifndef CC_ContextSave +#define CC_ContextSave CC_YES +#endif +#ifndef CC_Create +#define CC_Create CC_YES +#endif +#ifndef CC_CreateLoaded +#define CC_CreateLoaded CC_YES +#endif +#ifndef CC_CreatePrimary +#define CC_CreatePrimary CC_YES +#endif +#ifndef CC_DictionaryAttackLockReset +#define CC_DictionaryAttackLockReset CC_YES +#endif +#ifndef CC_DictionaryAttackParameters +#define CC_DictionaryAttackParameters CC_YES +#endif +#ifndef CC_Duplicate +#define CC_Duplicate CC_YES +#endif +#ifndef CC_ECC_Decrypt +#define CC_ECC_Decrypt (CC_YES && ALG_ECC) +#endif +#ifndef CC_ECC_Encrypt +#define CC_ECC_Encrypt (CC_YES && ALG_ECC) +#endif +#ifndef CC_ECC_Parameters +#define CC_ECC_Parameters (CC_YES && ALG_ECC) +#endif +#ifndef CC_ECDH_KeyGen +#define CC_ECDH_KeyGen (CC_YES && ALG_ECC) +#endif +#ifndef CC_ECDH_ZGen +#define CC_ECDH_ZGen (CC_YES && ALG_ECC) +#endif +#ifndef CC_EC_Ephemeral +#define CC_EC_Ephemeral (CC_YES && ALG_ECC) +#endif +#ifndef CC_EncryptDecrypt +#define CC_EncryptDecrypt CC_YES +#endif +#ifndef CC_EncryptDecrypt2 +#define CC_EncryptDecrypt2 CC_YES +#endif +#ifndef CC_EventSequenceComplete +#define CC_EventSequenceComplete CC_YES +#endif +#ifndef CC_EvictControl +#define CC_EvictControl CC_YES +#endif +#ifndef CC_FieldUpgradeData +#define CC_FieldUpgradeData CC_NO +#endif +#ifndef CC_FieldUpgradeStart +#define CC_FieldUpgradeStart CC_NO +#endif +#ifndef CC_FirmwareRead +#define CC_FirmwareRead CC_NO +#endif +#ifndef CC_FlushContext +#define CC_FlushContext CC_YES +#endif +#ifndef CC_GetCapability +#define CC_GetCapability CC_YES +#endif +#ifndef CC_GetCommandAuditDigest +#define CC_GetCommandAuditDigest CC_YES +#endif +#ifndef CC_GetRandom +#define CC_GetRandom CC_YES +#endif +#ifndef CC_GetSessionAuditDigest +#define CC_GetSessionAuditDigest CC_YES +#endif +#ifndef CC_GetTestResult +#define CC_GetTestResult CC_YES +#endif +#ifndef CC_GetTime +#define CC_GetTime CC_YES +#endif +#ifndef CC_HMAC +#define CC_HMAC (CC_YES && !ALG_CMAC) +#endif +#ifndef CC_HMAC_Start +#define CC_HMAC_Start (CC_YES && !ALG_CMAC) +#endif +#ifndef CC_Hash +#define CC_Hash CC_YES +#endif +#ifndef CC_HashSequenceStart +#define CC_HashSequenceStart CC_YES +#endif +#ifndef CC_HierarchyChangeAuth +#define CC_HierarchyChangeAuth CC_YES +#endif +#ifndef CC_HierarchyControl +#define CC_HierarchyControl CC_YES +#endif +#ifndef CC_Import +#define CC_Import CC_YES +#endif +#ifndef CC_IncrementalSelfTest +#define CC_IncrementalSelfTest CC_YES +#endif +#ifndef CC_Load +#define CC_Load CC_YES +#endif +#ifndef CC_LoadExternal +#define CC_LoadExternal CC_YES +#endif +#ifndef CC_MAC +#define CC_MAC (CC_YES && ALG_CMAC) +#endif +#ifndef CC_MAC_Start +#define CC_MAC_Start (CC_YES && ALG_CMAC) +#endif +#ifndef CC_MakeCredential +#define CC_MakeCredential CC_YES +#endif +#ifndef CC_NV_Certify +#define CC_NV_Certify CC_YES +#endif +#ifndef CC_NV_ChangeAuth +#define CC_NV_ChangeAuth CC_YES +#endif +#ifndef CC_NV_DefineSpace +#define CC_NV_DefineSpace CC_YES +#endif +#ifndef CC_NV_Extend +#define CC_NV_Extend CC_YES +#endif +#ifndef CC_NV_GlobalWriteLock +#define CC_NV_GlobalWriteLock CC_YES +#endif +#ifndef CC_NV_Increment +#define CC_NV_Increment CC_YES +#endif +#ifndef CC_NV_Read +#define CC_NV_Read CC_YES +#endif +#ifndef CC_NV_ReadLock +#define CC_NV_ReadLock CC_YES +#endif +#ifndef CC_NV_ReadPublic +#define CC_NV_ReadPublic CC_YES +#endif +#ifndef CC_NV_SetBits +#define CC_NV_SetBits CC_YES +#endif +#ifndef CC_NV_UndefineSpace +#define CC_NV_UndefineSpace CC_YES +#endif +#ifndef CC_NV_UndefineSpaceSpecial +#define CC_NV_UndefineSpaceSpecial CC_YES +#endif +#ifndef CC_NV_Write +#define CC_NV_Write CC_YES +#endif +#ifndef CC_NV_WriteLock +#define CC_NV_WriteLock CC_YES +#endif +#ifndef CC_ObjectChangeAuth +#define CC_ObjectChangeAuth CC_YES +#endif +#ifndef CC_PCR_Allocate +#define CC_PCR_Allocate CC_YES +#endif +#ifndef CC_PCR_Event +#define CC_PCR_Event CC_YES +#endif +#ifndef CC_PCR_Extend +#define CC_PCR_Extend CC_YES +#endif +#ifndef CC_PCR_Read +#define CC_PCR_Read CC_YES +#endif +#ifndef CC_PCR_Reset +#define CC_PCR_Reset CC_YES +#endif +#ifndef CC_PCR_SetAuthPolicy +#define CC_PCR_SetAuthPolicy CC_YES +#endif +#ifndef CC_PCR_SetAuthValue +#define CC_PCR_SetAuthValue CC_YES +#endif +#ifndef CC_PP_Commands +#define CC_PP_Commands CC_YES +#endif +#ifndef CC_PolicyAuthValue +#define CC_PolicyAuthValue CC_YES +#endif +#ifndef CC_PolicyAuthorize +#define CC_PolicyAuthorize CC_YES +#endif +#ifndef CC_PolicyAuthorizeNV +#define CC_PolicyAuthorizeNV CC_YES +#endif +#ifndef CC_PolicyCommandCode +#define CC_PolicyCommandCode CC_YES +#endif +#ifndef CC_PolicyCounterTimer +#define CC_PolicyCounterTimer CC_YES +#endif +#ifndef CC_PolicyCpHash +#define CC_PolicyCpHash CC_YES +#endif +#ifndef CC_PolicyDuplicationSelect +#define CC_PolicyDuplicationSelect CC_YES +#endif +#ifndef CC_PolicyGetDigest +#define CC_PolicyGetDigest CC_YES +#endif +#ifndef CC_PolicyLocality +#define CC_PolicyLocality CC_YES +#endif +#ifndef CC_PolicyNV +#define CC_PolicyNV CC_YES +#endif +#ifndef CC_PolicyNameHash +#define CC_PolicyNameHash CC_YES +#endif +#ifndef CC_PolicyNvWritten +#define CC_PolicyNvWritten CC_YES +#endif +#ifndef CC_PolicyOR +#define CC_PolicyOR CC_YES +#endif +#ifndef CC_PolicyPCR +#define CC_PolicyPCR CC_YES +#endif +#ifndef CC_PolicyPassword +#define CC_PolicyPassword CC_YES +#endif +#ifndef CC_PolicyPhysicalPresence +#define CC_PolicyPhysicalPresence CC_YES +#endif +#ifndef CC_PolicyRestart +#define CC_PolicyRestart CC_YES +#endif +#ifndef CC_PolicySecret +#define CC_PolicySecret CC_YES +#endif +#ifndef CC_PolicySigned +#define CC_PolicySigned CC_YES +#endif +#ifndef CC_PolicyTemplate +#define CC_PolicyTemplate CC_YES +#endif +#ifndef CC_PolicyTicket +#define CC_PolicyTicket CC_YES +#endif +#ifndef CC_Policy_AC_SendSelect +#define CC_Policy_AC_SendSelect CC_YES +#endif +#ifndef CC_Quote +#define CC_Quote CC_YES +#endif +#ifndef CC_RSA_Decrypt +#define CC_RSA_Decrypt (CC_YES && ALG_RSA) +#endif +#ifndef CC_RSA_Encrypt +#define CC_RSA_Encrypt (CC_YES && ALG_RSA) +#endif +#ifndef CC_ReadClock +#define CC_ReadClock CC_YES +#endif +#ifndef CC_ReadPublic +#define CC_ReadPublic CC_YES +#endif +#ifndef CC_Rewrap +#define CC_Rewrap CC_YES +#endif +#ifndef CC_SelfTest +#define CC_SelfTest CC_YES +#endif +#ifndef CC_SequenceComplete +#define CC_SequenceComplete CC_YES +#endif +#ifndef CC_SequenceUpdate +#define CC_SequenceUpdate CC_YES +#endif +#ifndef CC_SetAlgorithmSet +#define CC_SetAlgorithmSet CC_YES +#endif +#ifndef CC_SetCommandCodeAuditStatus +#define CC_SetCommandCodeAuditStatus CC_YES +#endif +#ifndef CC_SetPrimaryPolicy +#define CC_SetPrimaryPolicy CC_YES +#endif +#ifndef CC_Shutdown +#define CC_Shutdown CC_YES +#endif +#ifndef CC_Sign +#define CC_Sign CC_YES +#endif +#ifndef CC_StartAuthSession +#define CC_StartAuthSession CC_YES +#endif +#ifndef CC_Startup +#define CC_Startup CC_YES +#endif +#ifndef CC_StirRandom +#define CC_StirRandom CC_YES +#endif +#ifndef CC_TestParms +#define CC_TestParms CC_YES +#endif +#ifndef CC_Unseal +#define CC_Unseal CC_YES +#endif +#ifndef CC_Vendor_TCG_Test +#define CC_Vendor_TCG_Test CC_YES +#endif +#ifndef CC_VerifySignature +#define CC_VerifySignature CC_YES +#endif +#ifndef CC_ZGen_2Phase +#define CC_ZGen_2Phase (CC_YES && ALG_ECC) +#endif + + +#endif // _TPM_PROFILE_H_ diff --git a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/sub.mk b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/sub.mk index b719992e..fc042e33 100644 --- a/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/sub.mk +++ b/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/sub.mk @@ -1,9 +1,16 @@ -WARNS ?= 1 -NOWERROR ?= 1 -CFG_TA_DEBUG ?= 1 -CFG_TEE_TA_LOG_LEVEL ?= 1 - -cflags-y += -DTHIRTY_TWO_BIT -DCFG_TEE_TA_LOG_LEVEL=$(CFG_TEE_TA_LOG_LEVEL) -D_ARM_ -w -Wno-strict-prototypes -mcpu=$(TA_CPU) -fstack-protector -Wstack-protector +WARNS := 0 +NOWERROR := 0 +CFG_TA_DEBUG := 0 +CFG_TEE_TA_LOG_LEVEL := 0 + +cflags-y += -DTHIRTY_TWO_BIT \ + -DCFG_TEE_TA_LOG_LEVEL=$(CFG_TEE_TA_LOG_LEVEL) \ + -D_ARM_ \ + -w \ + -Wno-strict-prototypes \ + -mcpu=$(TA_CPU) \ + -fstack-protector \ + -Wstack-protector ifeq ($(CFG_ARM64_ta_arm64),y) cflags-y += -mstrict-align @@ -32,6 +39,7 @@ clean: clean_lib_symlinks subdirs-y += lib global-incdirs-y += include +global-incdirs-y += include/Wolf global-incdirs-y += reference/include global-incdirs-y += platform/include @@ -48,6 +56,7 @@ srcs-y += platform/PPPlat.c srcs-y += platform/RunCommand.c srcs-y += platform/Unique.c srcs-y += platform/EPS.c +srcs-y += platform/PlatformACT.c srcs-y += reference/RuntimeSupport.c srcs-y += fTPM.c diff --git a/TPMCmd/Platform/include/PlatformClock.h b/TPMCmd/Platform/include/PlatformClock.h index b48a8a6a..402da2f3 100644 --- a/TPMCmd/Platform/include/PlatformClock.h +++ b/TPMCmd/Platform/include/PlatformClock.h @@ -38,6 +38,7 @@ #ifndef _PLATFORM_CLOCK_H_ #define _PLATFORM_CLOCK_H_ +#ifndef _ARM_ #ifdef _MSC_VER #include #include @@ -45,7 +46,7 @@ #include #include #endif - +#endif // CLOCK_NOMINAL is the number of hardware ticks per mS. A value of 300000 means // that the nominal clock rate used to drive the hardware clock is 30 MHz. The // adjustment rates are used to determine the conversion of the hardware ticks to diff --git a/external/wolfssl b/external/wolfssl index 74ebf510..9c87f979 160000 --- a/external/wolfssl +++ b/external/wolfssl @@ -1 +1 @@ -Subproject commit 74ebf510a3d73e98767eac26082eabdc84e19d31 +Subproject commit 9c87f979a7f1d3a6d786b260653d566c1d31a1c4