Changes to allow compilation of CryptUtil.c
BUG=none
TEST=compilation succeeds:
cc -Wall -Werror -c -o /dev/null CryptUtil.c
Change-Id: Ic3597350f5ebe1871a842b7cb75653531eb99ee2
Signed-off-by: Vadim Bendebury <[email protected]>
Reviewed-on: https://chromium-review.googlesource.com/274007
Reviewed-by: Utkarsh Sanghi <[email protected]>
diff --git a/AlgorithmCap_fp.h b/AlgorithmCap_fp.h
index e69de29..96e1420 100644
--- a/AlgorithmCap_fp.h
+++ b/AlgorithmCap_fp.h
@@ -0,0 +1,14 @@
+/*
+ * Copyright 2015 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef __TPM2_ALGORITHMCAP_FP_H
+#define __TPM2_ALGORITHMCAP_FP_H
+
+void AlgorithmGetImplementedVector(
+ ALGORITHM_VECTOR *implemented // OUT: the implemented bits are SET
+ );
+
+#endif // __TPM2_ALGORITHMCAP_FP_H
diff --git a/CpriCryptPri_fp.h b/CpriCryptPri_fp.h
index e69de29..681b30e 100644
--- a/CpriCryptPri_fp.h
+++ b/CpriCryptPri_fp.h
@@ -0,0 +1,20 @@
+/*
+ * Copyright 2015 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef __TPM2_CPRICRYPTPRI_FP_H
+#define __TPM2_CPRICRYPTPRI_FP_H
+
+LIB_EXPORT CRYPT_RESULT _cpri__InitCryptoUnits(
+ FAIL_FUNCTION failFunction
+ );
+LIB_EXPORT BOOL _cpri__Startup(
+ void
+ );
+LIB_EXPORT void _cpri__StopCryptoUnits(
+ void
+ );
+
+#endif // __TPM2_CPRICRYPTPRI_FP_H
diff --git a/CpriECC_fp.h b/CpriECC_fp.h
index 58d4433..a9dd0b4 100644
--- a/CpriECC_fp.h
+++ b/CpriECC_fp.h
@@ -7,10 +7,99 @@
#ifndef __TPM2_CPRIECC_FP_H
#define __TPM2_CPRIECC_FP_H
+LIB_EXPORT CRYPT_RESULT _cpri__C_2_2_KeyExchange(
+ TPMS_ECC_POINT *outZ1, // OUT: a computed point
+ TPMS_ECC_POINT *outZ2, // OUT: and optional second point
+ TPM_ECC_CURVE curveId, // IN: the curve for the computations
+ TPM_ALG_ID scheme, // IN: the key exchange scheme
+ TPM2B_ECC_PARAMETER *dsA, // IN: static private TPM key
+ TPM2B_ECC_PARAMETER *deA, // IN: ephemeral private TPM key
+ TPMS_ECC_POINT *QsB, // IN: static public party B key
+ TPMS_ECC_POINT *QeB // IN: ephemeral public party B key
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__C_2_2_KeyExchange(
+ TPMS_ECC_POINT *outZ1, // OUT: a computed point
+ TPMS_ECC_POINT *outZ2, // OUT: and optional second point
+ TPM_ECC_CURVE curveId, // IN: the curve for the computations
+ TPM_ALG_ID scheme, // IN: the key exchange scheme
+ TPM2B_ECC_PARAMETER *dsA, // IN: static private TPM key
+ TPM2B_ECC_PARAMETER *deA, // IN: ephemeral private TPM key
+ TPMS_ECC_POINT *QsB, // IN: static public party B key
+ TPMS_ECC_POINT *QeB // IN: ephemeral public party B key
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__EccCommitCompute(
+ TPMS_ECC_POINT *K, // OUT: [d]B or [r]Q
+ TPMS_ECC_POINT *L, // OUT: [r]B
+ TPMS_ECC_POINT *E, // OUT: [r]M
+ TPM_ECC_CURVE curveId, // IN: the curve for the computations
+ TPMS_ECC_POINT *M, // IN: M (optional)
+ TPMS_ECC_POINT *B, // IN: B (optional)
+ TPM2B_ECC_PARAMETER *d, // IN: d (required)
+ TPM2B_ECC_PARAMETER *r // IN: the computed r value (required)
+ );
+LIB_EXPORT UINT32 _cpri__EccGetCurveCount(
+ void
+ );
+LIB_EXPORT const ECC_CURVE * _cpri__EccGetParametersByCurveId(
+ TPM_ECC_CURVE curveId // IN: the curveID
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__EccPointMultiply(
+ TPMS_ECC_POINT *Rout, // OUT: the product point R
+ TPM_ECC_CURVE curveId, // IN: the curve to use
+ TPM2B_ECC_PARAMETER *dIn, // IN: value to multiply against the
+ // curve generator
+ TPMS_ECC_POINT *Qin, // IN: point Q
+ TPM2B_ECC_PARAMETER *uIn // IN: scalar value for the multiplier
+ // of Q
+ );
LIB_EXPORT BOOL _cpri__EccIsPointOnCurve(
TPM_ECC_CURVE curveId, // IN: the curve selector
TPMS_ECC_POINT *Q // IN: the point.
);
+LIB_EXPORT CRYPT_RESULT _cpri__GenerateKeyEcc(
+ TPMS_ECC_POINT *Qout, // OUT: the public point
+ TPM2B_ECC_PARAMETER *dOut, // OUT: the private scalar
+ TPM_ECC_CURVE curveId, // IN: the curve identifier
+ TPM_ALG_ID hashAlg, // IN: hash algorithm to use in the key
+ // generation process
+ TPM2B *seed, // IN: the seed to use
+ const char *label, // IN: A label for the generation
+ // process.
+ TPM2B *extra, // IN: Party 1 data for the KDF
+ UINT32 *counter // IN/OUT: Counter value to allow KDF
+ // iteration to be propagated across
+ // multiple functions
+ );
+LIB_EXPORT TPM_ECC_CURVE _cpri__GetCurveIdByIndex(
+ UINT16 i
+);
+LIB_EXPORT CRYPT_RESULT _cpri__GetEphemeralEcc(
+ TPMS_ECC_POINT *Qout, // OUT: the public point
+ TPM2B_ECC_PARAMETER *dOut, // OUT: the private scalar
+ TPM_ECC_CURVE curveId // IN: the curve for the key
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__SignEcc(
+ TPM2B_ECC_PARAMETER *rOut, // OUT: r component of the signature
+ TPM2B_ECC_PARAMETER *sOut, // OUT: s component of the signature
+ TPM_ALG_ID scheme, // IN: the scheme selector
+ TPM_ALG_ID hashAlg, // IN: the hash algorithm if need
+ TPM_ECC_CURVE curveId, // IN: the curve used in the signature
+ // process
+ TPM2B_ECC_PARAMETER *dIn, // IN: the private key
+ TPM2B *digest, // IN: the digest to sign
+ TPM2B_ECC_PARAMETER *kIn // IN: k for input
+ );
LIB_EXPORT BOOL _cpri__EccStartup(void);
+LIB_EXPORT CRYPT_RESULT _cpri__ValidateSignatureEcc(
+ TPM2B_ECC_PARAMETER *rIn, // IN: r component of the signature
+ TPM2B_ECC_PARAMETER *sIn, // IN: s component of the signature
+ TPM_ALG_ID scheme, // IN: the scheme selector
+ TPM_ALG_ID hashAlg, // IN: the hash algorithm used (not used
+ // in all schemes)
+ TPM_ECC_CURVE curveId, // IN: the curve used in the signature
+ // process
+ TPMS_ECC_POINT *Qin, // IN: the public point of the key
+ TPM2B *digest // IN: the digest that was signed
+ );
#endif // __TPM2_CPRIECC_FP_H
diff --git a/CpriHash_fp.h b/CpriHash_fp.h
index 18518a6..06047a9 100644
--- a/CpriHash_fp.h
+++ b/CpriHash_fp.h
@@ -46,6 +46,16 @@
// FALSE if iteration count determined by
// "sizeInBits"
);
+LIB_EXPORT UINT16
+_cpri__KDFe(
+ TPM_ALG_ID hashAlg, // IN: hash algorithm used in HMAC
+ TPM2B *Z, // IN: Z
+ const char *label, // IN: a 0 terminated label using in KDF
+ TPM2B *partyUInfo, // IN: PartyUInfo
+ TPM2B *partyVInfo, // IN: PartyVInfo
+ UINT32 sizeInBits, // IN: size of generated key in bit
+ BYTE *keyStream // OUT: key buffer
+);
LIB_EXPORT CRYPT_RESULT _cpri__MGF1(
UINT32 mSize, // IN: length of the mask to be produced
BYTE *mask, // OUT: buffer to receive the mask
@@ -75,3 +85,24 @@
);
#endif // __TPM2_CPRIHASH_FP_H
+LIB_EXPORT UINT16 _cpri__CompleteHMAC(
+ CPRI_HASH_STATE *hashState, // IN: the state of hash stack
+ TPM2B *oPadKey, // IN: the HMAC key in oPad format
+ UINT32 dOutSize, // IN: size of digest buffer
+ BYTE *dOut // OUT: hash digest
+ );
+LIB_EXPORT TPM_ALG_ID _cpri__GetContextAlg(
+ CPRI_HASH_STATE *hashState // IN: the hash context
+ );
+LIB_EXPORT TPM_ALG_ID _cpri__GetHashAlgByIndex(
+ UINT32 index // IN: the index
+ );
+LIB_EXPORT UINT16 _cpri__GetHashBlockSize(
+ TPM_ALG_ID hashAlg // IN: hash algorithm to look up
+ );
+LIB_EXPORT void _cpri__ImportExportHashState(
+ CPRI_HASH_STATE *osslFmt, // IN/OUT: the hash state formated for use
+ // by openSSL
+ EXPORT_HASH_STATE *externalFmt, // IN/OUT: the exported hash state
+ IMPORT_EXPORT direction //
+ );
diff --git a/CpriRNG_fp.h b/CpriRNG_fp.h
index 24a9f58..585101f 100644
--- a/CpriRNG_fp.h
+++ b/CpriRNG_fp.h
@@ -7,10 +7,28 @@
#ifndef __TPM2_CPRIRNG_FP_H
#define __TPM2_CPRIRNG_FP_H
+LIB_EXPORT CRYPT_RESULT _cpri__DrbgGetPutState(
+ GET_PUT direction,
+ int bufferSize,
+ BYTE *buffer
+ );
LIB_EXPORT UINT16 _cpri__GenerateRandom(
INT32 randomSize,
BYTE *buffer
);
+LIB_EXPORT UINT16 _cpri__GenerateSeededRandom(
+ INT32 randomSize, // IN: the size of the request
+ BYTE *random, // OUT: receives the data
+ TPM_ALG_ID hashAlg, // IN: used by KDF version but not here
+ TPM2B *seed, // IN: the seed value
+ const char *label, // IN: a label string (optional)
+ TPM2B *partyU, // IN: other data (oprtional)
+ TPM2B *partyV // IN: still more (optional)
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__StirRandom(
+ INT32 entropySize,
+ BYTE *entropy
+ );
LIB_EXPORT BOOL _cpri__RngStartup(void);
#endif // __TPM2_CPRIRNG_FP_H
diff --git a/CpriRSA_fp.h b/CpriRSA_fp.h
index 6cc4ec8..a8bb4ca 100644
--- a/CpriRSA_fp.h
+++ b/CpriRSA_fp.h
@@ -10,3 +10,65 @@
LIB_EXPORT BOOL _cpri__RsaStartup(void);
#endif // __TPM2_CPRIRSA_FP_H
+LIB_EXPORT CRYPT_RESULT _cpri__DecryptRSA(
+ UINT32 *dOutSize, // OUT: the size of the decrypted data
+ BYTE *dOut, // OUT: the decrypted data
+ RSA_KEY *key, // IN: the key to use for decryption
+ TPM_ALG_ID padType, // IN: the type of padding
+ UINT32 cInSize, // IN: the amount of data to decrypt
+ BYTE *cIn, // IN: the data to decrypt
+ TPM_ALG_ID hashAlg, // IN: in case this is needed for the scheme
+ const char *label // IN: in case it is needed for the scheme
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__EncryptRSA(
+ UINT32 *cOutSize, // OUT: the size of the encrypted data
+ BYTE *cOut, // OUT: the encrypted data
+ RSA_KEY *key, // IN: the key to use for encryption
+ TPM_ALG_ID padType, // IN: the type of padding
+ UINT32 dInSize, // IN: the amount of data to encrypt
+ BYTE *dIn, // IN: the data to encrypt
+ TPM_ALG_ID hashAlg, // IN: in case this is needed
+ const char *label // IN: in case it is needed
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__GenerateKeyRSA(
+ TPM2B *n, // OUT: The public modulu
+ TPM2B *p, // OUT: One of the prime factors of n
+ UINT16 keySizeInBits, // IN: Size of the public modulus in bit
+ UINT32 e, // IN: The public exponent
+ TPM_ALG_ID hashAlg, // IN: hash algorithm to use in the key
+ // generation proce
+ TPM2B *seed, // IN: the seed to use
+ const char *label, // IN: A label for the generation process.
+ TPM2B *extra, // IN: Party 1 data for the KDF
+ UINT32 *counter // IN/OUT: Counter value to allow KFD iteration
+ // to be propagated across multiple routine
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__SignRSA(
+ UINT32 *sigOutSize, // OUT: size of signature
+ BYTE *sigOut, // OUT: signature
+ RSA_KEY *key, // IN: key to use
+ TPM_ALG_ID scheme, // IN: the scheme to use
+ TPM_ALG_ID hashAlg, // IN: hash algorithm for PKSC1v1_5
+ UINT32 hInSize, // IN: size of digest to be signed
+ BYTE *hIn // IN: digest buffer
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__TestKeyRSA(
+ TPM2B *d, // OUT: the address to receive the private
+ // exponent
+ UINT32 exponent, // IN: the public modulu
+ TPM2B *publicKey, // IN/OUT: an input if only one prime is
+ // provided. an output if both primes are
+ // provided
+ TPM2B *prime1, // IN: a first prime
+ TPM2B *prime2 // IN: an optional second prime
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__ValidateSignatureRSA(
+ RSA_KEY *key, // IN: key to use
+ TPM_ALG_ID scheme, // IN: the scheme to use
+ TPM_ALG_ID hashAlg, // IN: hash algorithm
+ UINT32 hInSize, // IN: size of digest to be checked
+ BYTE *hIn, // IN: digest buffer
+ UINT32 sigInSize, // IN: size of signature
+ BYTE *sigIn, // IN: signature
+ UINT16 saltSize // IN: salt size for PSS
+ );
diff --git a/CpriSym_fp.h b/CpriSym_fp.h
index 91c5b25..6d4815a 100644
--- a/CpriSym_fp.h
+++ b/CpriSym_fp.h
@@ -7,6 +7,25 @@
#ifndef __TPM2_CPRISYM_FP_H
#define __TPM2_CPRISYM_FP_H
+LIB_EXPORT CRYPT_RESULT _cpri__AESDecryptCBC(
+ BYTE *dOut, // OUT: the decrypted data
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ BYTE *iv, // IN/OUT: IV for decryption. The size of this
+ // buffer is 16 byte
+ UINT32 dInSize, // IN: data size
+ BYTE *dIn // IN: data buffer
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__AESDecryptCFB(
+ BYTE *dOut, // OUT: the decrypted data
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ BYTE *iv, // IN/OUT: IV for decryption.
+ UINT32 dInSize, // IN: data size
+ BYTE *dIn // IN: data buffer
+ );
//
// _cpri__AESDecryptCTR()
//
@@ -22,6 +41,14 @@
((UINT32)dInSize), \
((BYTE *)dIn) \
)
+LIB_EXPORT CRYPT_RESULT _cpri__AESDecryptECB(
+ BYTE *dOut, // OUT: the clear text data
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ UINT32 dInSize, // IN: data size
+ BYTE *dIn // IN: cipher text buffer
+ );
//
// _cpri__AESDecryptOFB()
@@ -65,7 +92,7 @@
// _cpri__SM4EncrytOFB().
//
#define _cpri__SM4DecryptOFB(dOut,keySizeInBits, key, iv, dInSize, dIn) \
- _cpri__SM4EncryptOFB ( \
+ _cpri__SM4EncryptOFB ( \
((BYTE *)dOut), \
((UINT32)keySizeInBits), \
((BYTE *)key), \
@@ -74,7 +101,56 @@
((BYTE *)dIn) \
)
-
+LIB_EXPORT CRYPT_RESULT _cpri__AESEncryptCBC(
+ BYTE *dOut, // OUT:
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ BYTE *iv, // IN/OUT: IV for decryption.
+ UINT32 dInSize, // IN: data size (is required to be a multiple
+ // of 16 bytes)
+ BYTE *dIn // IN: data buffer
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__AESEncryptCFB(
+ BYTE *dOut, // OUT: the encrypted
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ BYTE *iv, // IN/OUT: IV for decryption.
+ UINT32 dInSize, // IN: data size
+ BYTE *dIn // IN: data buffer
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__AESEncryptCTR(
+ BYTE *dOut, // OUT: the encrypted data
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ BYTE *iv, // IN/OUT: IV for decryption.
+ UINT32 dInSize, // IN: data size
+ BYTE *dIn // IN: data buffer
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__AESEncryptECB(
+ BYTE *dOut, // OUT: encrypted data
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ UINT32 dInSize, // IN: data size
+ BYTE *dIn // IN: clear text buffer
+ );
+LIB_EXPORT CRYPT_RESULT _cpri__AESEncryptOFB(
+ BYTE *dOut, // OUT: the encrypted/decrypted data
+ UINT32 keySizeInBits, // IN: key size in bit
+ BYTE *key, // IN: key buffer. The size of this buffer in
+ // bytes is (keySizeInBits + 7) / 8
+ BYTE *iv, // IN/OUT: IV for decryption. The size of this
+ // buffer is 16 byte
+ UINT32 dInSize, // IN: data size
+ BYTE *dIn // IN: data buffer
+ );
+LIB_EXPORT INT16 _cpri__GetSymmetricBlockSize(
+ TPM_ALG_ID symmetricAlg, // IN: the symmetric algorithm
+ UINT16 keySizeInBits // IN: the key size
+ );
LIB_EXPORT BOOL _cpri__SymStartup(void);
#endif // __TPM2_CPRISYM_FP_H
diff --git a/CryptSelfTest_fp.h b/CryptSelfTest_fp.h
index e20bbde..69239c8 100644
--- a/CryptSelfTest_fp.h
+++ b/CryptSelfTest_fp.h
@@ -7,6 +7,9 @@
#ifndef __TPM2_CRYPTSELFTEST_FP_H
#define __TPM2_CRYPTSELFTEST_FP_H
+void CryptInitializeToTest(
+ void
+ );
TPM_RC CryptTestAlgorithm(
TPM_ALG_ID alg,
ALGORITHM_VECTOR *toTest
diff --git a/CryptUtil.c b/CryptUtil.c
index 1a05bc9..b90854a 100644
--- a/CryptUtil.c
+++ b/CryptUtil.c
@@ -741,55 +741,6 @@
}
//
//
-//
-// 10.2.4.23 CryptKDFa()
-//
-// This function generates a key using the KDFa() formulation in Part 1 of the TPM specification. In this
-// implementation, this is a macro invocation of _cpri__KDFa() in the hash module of the CryptoEngine().
-// This macro sets once to FALSE so that KDFa() will iterate as many times as necessary to generate
-// sizeInBits number of bits.
-//
-//%#define CryptKDFa(hashAlg, key, label, contextU, contextV, \
-//% sizeInBits, keyStream, counterInOut) \
-//% TEST_HASH(hashAlg); \
-//% _cpri__KDFa( \
-//% ((TPM_ALG_ID)hashAlg), \
-//% ((TPM2B *)key), \
-//% ((const char *)label), \
-//% ((TPM2B *)contextU), \
-//% ((TPM2B *)contextV), \
-//% ((UINT32)sizeInBits), \
-//% ((BYTE *)keyStream), \
-//% ((UINT32 *)counterInOut), \
-//% ((BOOL) FALSE) \
-//% )
-//%
-//
-//
-// 10.2.4.24 CryptKDFaOnce()
-//
-// This function generates a key using the KDFa() formulation in Part 1 of the TPM specification. In this
-// implementation, this is a macro invocation of _cpri__KDFa() in the hash module of the CryptoEngine().
-// This macro will call _cpri__KDFa() with once TRUE so that only one iteration is performed, regardless of
-// sizeInBits.
-//
-//%#define CryptKDFaOnce(hashAlg, key, label, contextU, contextV, \
-//% sizeInBits, keyStream, counterInOut) \
-//% TEST_HASH(hashAlg); \
-//% _cpri__KDFa( \
-//% ((TPM_ALG_ID)hashAlg), \
-//% ((TPM2B *)key), \
-//% ((const char *)label), \
-//% ((TPM2B *)contextU), \
-//% ((TPM2B *)contextV), \
-//% ((UINT32)sizeInBits), \
-//% ((BYTE *)keyStream), \
-//% ((UINT32 *)counterInOut), \
-//% ((BOOL) TRUE) \
-//% )
-//%
-//
-//
// 10.2.4.25 KDFa()
//
// This function is used by functions outside of CryptUtil() to access _cpri_KDFa().
@@ -811,26 +762,6 @@
CryptKDFa(hash, key, label, contextU, contextV, sizeInBits,
keyStream, counterInOut);
}
-//
-//
-// 10.2.4.26 CryptKDFe()
-//
-// This function generates a key using the KDFa() formulation in Part 1 of the TPM specification. In this
-// implementation, this is a macro invocation of _cpri__KDFe() in the hash module of the CryptoEngine().
-//
-//%#define CryptKDFe(hashAlg, Z, label, partyUInfo, partyVInfo, \
-//% sizeInBits, keyStream) \
-//% TEST_HASH(hashAlg); \
-//% _cpri__KDFe( \
-//% ((TPM_ALG_ID)hashAlg), \
-//% ((TPM2B *)Z), \
-//% ((const char *)label), \
-//% ((TPM2B *)partyUInfo), \
-//% ((TPM2B *)partyVInfo), \
-//% ((UINT32)sizeInBits), \
-//% ((BYTE *)keyStream) \
-//% )
-//%
#endif //TPM_ALG_KEYEDHASH //% 1
//
//
@@ -1311,15 +1242,6 @@
}
//
//
-// 10.2.6.3 CryptEccGetKeySizeBytes()
-//
-// This macro returns the size of the ECC key in bytes. It uses CryptEccGetKeySizeInBits().
-//
-// The next lines will be placed in CyrptUtil_fp.h with the //% removed
-//% #define CryptEccGetKeySizeInBytes(curve) \
-//% ((CryptEccGetKeySizeInBits(curve)+7)/8)
-//
-//
// 10.2.6.4 CryptEccGetParameter()
//
// This function returns a pointer to an ECC curve parameter. The parameter is selected by a single
@@ -1624,7 +1546,7 @@
{
// This holds the marshaled g_commitCounter.
TPM2B_TYPE(8B, 8);
- TPM2B_8B cntr = {8,{0}};
+ TPM2B_8B cntr = {.b.size = 8};
UINT32 iterations;
const TPM2B *n;
UINT64 currentCount = gr.commitCounter;
@@ -2019,19 +1941,19 @@
if(publicArea->objectAttributes.sensitiveDataOrigin == CLEAR)
{
if( (sensitiveCreate->data.t.size * 8)
- != publicArea->parameters.symDetail.sym.keyBits.sym)
+ != publicArea->parameters.symDetail.keyBits.sym)
return TPM_RC_KEY_SIZE;
// Make sure that the key size is OK.
// This implementation only supports symmetric key sizes that are
// multiples of 8
- if(publicArea->parameters.symDetail.sym.keyBits.sym % 8 != 0)
+ if(publicArea->parameters.symDetail.keyBits.sym % 8 != 0)
return TPM_RC_KEY_SIZE;
}
else
{
// TPM is going to generate the key so set the size
sensitive->sensitive.sym.t.size
- = publicArea->parameters.symDetail.sym.keyBits.sym / 8;
+ = publicArea->parameters.symDetail.keyBits.sym / 8;
sensitiveCreate->data.t.size = 0;
}
// Fill in the sensitive area
@@ -2240,7 +2162,7 @@
BYTE *data // IN/OUT: data buffer
)
{
- TPM2B_IV defaultIv = {0};
+ TPM2B_IV defaultIv = {};
TPM2B_IV *iv = (ivIn != NULL) ? ivIn : &defaultIv;
TEST(algorithm);
pAssert(encrypted != NULL && key != NULL);
@@ -2481,7 +2403,7 @@
// Create secret data from RNG
CryptGenerateRandom(data->t.size, data->t.buffer);
// Encrypt the data by RSA OAEP into encrypted secret
- result = CryptEncryptRSA(&secret->t.size, secret->t.secret,
+ result = CryptEncryptRSA(&secret->t.size, secret->t.buffer,
encryptKey, &scheme,
data->t.size, data->t.buffer, label);
}
@@ -2493,7 +2415,7 @@
TPMS_ECC_POINT eccPublic;
TPM2B_ECC_PARAMETER eccPrivate;
TPMS_ECC_POINT eccSecret;
- BYTE *buffer = secret->t.secret;
+ BYTE *buffer = secret->t.buffer;
// Need to make sure that the public point of the key is on the
// curve defined by the key.
if(!_cpri__EccIsPointOnCurve(
@@ -2601,7 +2523,7 @@
// Decrypt seed by RSA OAEP
result = CryptDecryptRSA(&data->t.size, data->t.buffer, decryptKey,
&scheme,
- secret->t.size, secret->t.secret,label);
+ secret->t.size, secret->t.buffer,label);
if( (result == TPM_RC_SUCCESS)
&& (data->t.size
> CryptGetHashDigestSize(decryptKey->publicArea.nameAlg)))
@@ -2614,7 +2536,7 @@
{
TPMS_ECC_POINT eccPublic;
TPMS_ECC_POINT eccSecret;
- BYTE *buffer = secret->t.secret;
+ BYTE *buffer = secret->t.buffer;
INT32 size = secret->t.size;
// Retrieve ECC point from secret buffer
result = TPMS_ECC_POINT_Unmarshal(&eccPublic, &buffer, &size);
@@ -2674,14 +2596,14 @@
CryptXORObfuscation(decryptKey->publicArea.nameAlg,
&decryptKey->sensitive.sensitive.bits.b,
&nonceCaller->b, NULL,
- secret->t.size, secret->t.secret);
+ secret->t.size, secret->t.buffer);
// Copy decrypted seed
MemoryCopy2B(&data->b, &secret->b, sizeof(data->t.buffer));
}
break;
case TPM_ALG_SYMCIPHER:
{
- TPM2B_IV iv = {0};
+ TPM2B_IV iv = {};
TPMT_SYM_DEF_OBJECT *symDef;
// The seed size can not be bigger than the digest size of nameAlg
if(secret->t.size >
@@ -2689,7 +2611,7 @@
result = TPM_RC_VALUE;
else
{
- symDef = &decryptKey->publicArea.parameters.symDetail.sym;
+ symDef = &decryptKey->publicArea.parameters.symDetail;
iv.t.size = CryptGetSymmetricBlockSize(symDef->algorithm,
symDef->keyBits.sym);
pAssert(iv.t.size != 0);
@@ -2700,10 +2622,10 @@
MemoryCopy(iv.b.buffer, nonceCaller->t.buffer,
nonceCaller->t.size, sizeof(iv.t.buffer));
// CFB decrypt in place, using nonceCaller as iv
- CryptSymmetricDecrypt(secret->t.secret, symDef->algorithm,
+ CryptSymmetricDecrypt(secret->t.buffer, symDef->algorithm,
symDef->keyBits.sym, TPM_ALG_CFB,
decryptKey->sensitive.sensitive.sym.t.buffer,
- &iv, secret->t.size, secret->t.secret);
+ &iv, secret->t.size, secret->t.buffer);
// Copy decrypted seed
MemoryCopy2B(&data->b, &secret->b, sizeof(data->t.buffer));
}
@@ -3176,7 +3098,7 @@
case TPM_ALG_KEYEDHASH:
break;
case TPM_ALG_SYMCIPHER:
- if( (publicArea->parameters.symDetail.sym.keyBits.sym + 7)/8
+ if( (publicArea->parameters.symDetail.keyBits.sym + 7)/8
!= sensitive->sensitive.sym.t.size)
result = TPM_RC_BINDING;
break;
diff --git a/CryptUtil_fp.h b/CryptUtil_fp.h
index 9b4fd36..b8230a4 100644
--- a/CryptUtil_fp.h
+++ b/CryptUtil_fp.h
@@ -7,7 +7,16 @@
#ifndef __SOURCE_CRYPTUTIL_FP_H
#define __SOURCE_CRYPTUTIL_FP_H
+BOOL CryptAreKeySizesConsistent(
+ TPMT_PUBLIC *publicArea // IN: the public area to check
+ );
UINT16 CryptCommit(void);
+LIB_EXPORT int CryptCompare(
+ const UINT32 aSize, // IN: size of a
+ const BYTE *a, // IN: a buffer
+ const UINT32 bSize, // IN: size of b
+ const BYTE *b // IN: b buffer
+ );
TPM_RC CryptCommitCompute(
TPMS_ECC_POINT *K, // OUT: [d]B
TPMS_ECC_POINT *L, // OUT: [r]B
@@ -18,6 +27,11 @@
TPM2B_ECC_PARAMETER *d, // IN: the private scalar
TPM2B_ECC_PARAMETER *r // IN: the computed r value
);
+void CryptComputeSymmetricUnique(
+ TPMI_ALG_HASH nameAlg, // IN: object name algorithm
+ TPMT_SENSITIVE *sensitive, // IN: sensitive area
+ TPM2B_DIGEST *unique // OUT: unique buffer
+ );
LIB_EXPORT UINT16 CryptCompleteHMAC2B(
HMAC_STATE *hmacState, // IN: the state of HMAC stack
TPM2B *digest // OUT: HMAC
@@ -55,6 +69,16 @@
void CryptDrbgGetPutState(
GET_PUT direction // IN: Get from or put to DRBG
);
+//
+//
+// 10.2.6.3 CryptEccGetKeySizeBytes()
+//
+// This macro returns the size of the ECC key in bytes. It uses
+// CryptEccGetKeySizeInBits().
+//
+#define CryptEccGetKeySizeInBytes(curve) \
+ ((CryptEccGetKeySizeInBits(curve)+7)/8)
+
LIB_EXPORT const TPM2B * CryptEccGetParameter(
char p, // IN: the parameter selector
TPM_ECC_CURVE curveId // IN: the curve id
@@ -63,6 +87,9 @@
TPM_ECC_CURVE curveID, // IN: ECC curve ID
TPMS_ECC_POINT *Q // IN: ECC point
);
+void CryptEndCommit(
+ UINT16 c // IN: the counter value of the commitment
+ );
BOOL CryptGenerateR(
TPM2B_ECC_PARAMETER *r, // OUT: the generated random value
UINT16 *c, // IN/OUT: count value.
@@ -74,6 +101,13 @@
UINT16 randomSize, // IN: size of random number
BYTE *buffer // OUT: buffer of random number
);
+void CryptGenerateNewSymmetric(
+ TPMS_SENSITIVE_CREATE *sensitiveCreate, // IN: sensitive creation data
+ TPMT_SENSITIVE *sensitive, // OUT: sensitive area
+ TPM_ALG_ID hashAlg, // IN: hash algorithm for the KDF
+ TPM2B_SEED *seed, // IN: seed used in creation
+ TPM2B_NAME *name // IN: name of the object
+ );
LIB_EXPORT UINT16 CryptGetHashDigestSize(
TPM_ALG_ID hashAlg // IN: hash algorithm
);
@@ -88,6 +122,78 @@
UINT16 retSize, // IN: size of the return buffer
BYTE *ret // OUT: address of the buffer
);
+//
+//
+//
+// 10.2.4.23 CryptKDFa()
+//
+// This function generates a key using the KDFa() formulation in Part 1 of the
+// TPM specification. In this implementation, this is a macro invocation of
+// _cpri__KDFa() in the hash module of the CryptoEngine(). This macro sets
+// once to FALSE so that KDFa() will iterate as many times as necessary to
+// generate sizeInBits number of bits.
+//
+#define CryptKDFa(hashAlg, key, label, contextU, contextV, \
+ sizeInBits, keyStream, counterInOut) \
+ TEST_HASH(hashAlg); \
+ _cpri__KDFa( \
+ ((TPM_ALG_ID)hashAlg), \
+ ((TPM2B *)key), \
+ ((const char *)label), \
+ ((TPM2B *)contextU), \
+ ((TPM2B *)contextV), \
+ ((UINT32)sizeInBits), \
+ ((BYTE *)keyStream), \
+ ((UINT32 *)counterInOut), \
+ ((BOOL) FALSE) \
+ )
+
+//
+//
+// 10.2.4.24 CryptKDFaOnce()
+//
+// This function generates a key using the KDFa() formulation in Part 1 of the
+// TPM specification. In this implementation, this is a macro invocation of
+// _cpri__KDFa() in the hash module of the CryptoEngine(). This macro will
+// call _cpri__KDFa() with once TRUE so that only one iteration is performed,
+// regardless of sizeInBits.
+//
+#define CryptKDFaOnce(hashAlg, key, label, contextU, contextV, \
+ sizeInBits, keyStream, counterInOut) \
+ TEST_HASH(hashAlg); \
+ _cpri__KDFa( \
+ ((TPM_ALG_ID)hashAlg), \
+ ((TPM2B *)key), \
+ ((const char *)label), \
+ ((TPM2B *)contextU), \
+ ((TPM2B *)contextV), \
+ ((UINT32)sizeInBits), \
+ ((BYTE *)keyStream), \
+ ((UINT32 *)counterInOut), \
+ ((BOOL) TRUE) \
+ )
+
+//
+//
+// 10.2.4.26 CryptKDFe()
+//
+// This function generates a key using the KDFa() formulation in Part 1 of
+// the TPM specification. In this implementation, this is a macro invocation
+// of _cpri__KDFe() in the hash module of the CryptoEngine().
+//
+#define CryptKDFe(hashAlg, Z, label, partyUInfo, partyVInfo, \
+ sizeInBits, keyStream) \
+ TEST_HASH(hashAlg); \
+ _cpri__KDFe( \
+ ((TPM_ALG_ID)hashAlg), \
+ ((TPM2B *)Z), \
+ ((const char *)label), \
+ ((TPM2B *)partyUInfo), \
+ ((TPM2B *)partyVInfo), \
+ ((UINT32)sizeInBits), \
+ ((BYTE *)keyStream) \
+ )
+
void CryptHashStateImportExport(
HASH_STATE *internalFmt, // IN: state to LIB_EXPORT
HASH_STATE *externalFmt, // OUT: exported state
@@ -99,6 +205,9 @@
BOOL CryptIsSchemeAnonymous(
TPM_ALG_ID scheme // IN: the scheme algorithm to test
);
+BOOL CryptIsSplitSign(
+ TPM_ALG_ID scheme // IN: the algorithm selector
+ );
TPM_RC CryptSecretDecrypt(
TPM_HANDLE tpmKey, // IN: decrypt key
TPM2B_NONCE *nonceCaller, // IN: nonceCaller. It is needed for
diff --git a/MathFunctions_fp.h b/MathFunctions_fp.h
index 8a34c61..c83fdfa 100644
--- a/MathFunctions_fp.h
+++ b/MathFunctions_fp.h
@@ -7,6 +7,12 @@
#ifndef __TPM2_MATHFUNCTIONS_FP_H
#define __TPM2_MATHFUNCTIONS_FP_H
+LIB_EXPORT int _math__Comp(
+ const UINT32 aSize, // IN: size of a
+ const BYTE *a, // IN: a buffer
+ const UINT32 bSize, // IN: size of b
+ const BYTE *b // IN: b buffer
+ );
LIB_EXPORT CRYPT_RESULT _math__Div(
const TPM2B *n, // IN: numerator
const TPM2B *d, // IN: denominator
diff --git a/MemoryLib_fp.h b/MemoryLib_fp.h
index 5d68bba..ae9b706 100644
--- a/MemoryLib_fp.h
+++ b/MemoryLib_fp.h
@@ -34,3 +34,14 @@
);
#endif
+LIB_EXPORT void MemoryConcat2B(
+ TPM2B *aInOut, // IN/OUT: destination 2B
+ TPM2B *bIn, // IN: second 2B
+ UINT16 aSize // IN: The size of aInOut.buffer (max values for
+ // aInOut.size)
+ );
+LIB_EXPORT BOOL MemoryEqual(
+ const void *buffer1, // IN: compare buffer1
+ const void *buffer2, // IN: compare buffer2
+ UINT32 size // IN: size of bytes being compared
+ );
diff --git a/RSAKeySieve_fp.h b/RSAKeySieve_fp.h
new file mode 100644
index 0000000..6303111
--- /dev/null
+++ b/RSAKeySieve_fp.h
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2015 The Chromium OS Authors. All rights reserved.
+ * Use of this source code is governed by a BSD-style license that can be
+ * found in the LICENSE file.
+ */
+
+#ifndef __TPM2_RSAKEYSIEVE_FP_H
+#define __TPM2_RSAKEYSIEVE_FP_H
+
+LIB_EXPORT CRYPT_RESULT _cpri__GenerateKeyRSA(
+ TPM2B *n, // OUT: The public modulus
+ TPM2B *p, // OUT: One of the prime factors of n
+ UINT16 keySizeInBits, // IN: Size of the public modulus in bits
+ UINT32 e, // IN: The public exponent
+ TPM_ALG_ID hashAlg, // IN: hash algorithm to use in the key
+ // generation process
+ TPM2B *seed, // IN: the seed to use
+ const char *label, // IN: A label for the generation process.
+ TPM2B *extra, // IN: Party 1 data for the KDF
+ UINT32 *counter // IN/OUT: Counter value to allow KDF
+ // iteration to be propagated across
+ // multiple routines
+#ifdef RSA_DEBUG //%
+ ,UINT16 primes, // IN: number of primes to test
+ UINT16 fieldSize // IN: the field size to use
+#endif //%
+ );
+
+#endif // __TPM2_RSAKEYSIEVE_FP_H
diff --git a/TPM_Types.h b/TPM_Types.h
index bb97a70..6ac7607 100644
--- a/TPM_Types.h
+++ b/TPM_Types.h
@@ -25,6 +25,7 @@
#define MAX_CAP_DATA (MAX_CAP_BUFFER - sizeof(TPM_CAP) - sizeof(UINT32))
#define MAX_CAP_ALGS (MAX_CAP_DATA / sizeof(TPMS_ALG_PROPERTY))
#define MAX_CAP_CC (MAX_CAP_DATA / sizeof(TPM_CC))
+#define MAX_ECC_CURVES (MAX_CAP_DATA / sizeof(TPM_ECC_CURVE))
// Table 6 - TPM_GENERATED Constants
typedef UINT32 TPM_GENERATED;
@@ -381,6 +382,9 @@
// Table 71 - TPM2B_AUTH Types
typedef TPM2B_DIGEST TPM2B_AUTH;
+// Table 74 - TPM2B_MAX_BUFFER Structure
+TPM2B_TYPE(MAX_BUFFER, MAX_DIGEST_BUFFER);
+
// Table 75 - TPM2B_MAX_NV_BUFFER Structure
TPM2B_TYPE(MAX_NV_BUFFER, MAX_NV_INDEX_SIZE);
@@ -446,6 +450,12 @@
TPMS_ALG_PROPERTY algProperties[MAX_CAP_ALGS];
} TPML_ALG_PROPERTY;
+// Table 102 - TPML_ECC_CURVE Structure
+typedef struct {
+ UINT32 count;
+ TPM_ECC_CURVE eccCurves[MAX_ECC_CURVES];
+} TPML_ECC_CURVE;
+
// Table 105 - TPMS_CLOCK_INFO Structure
typedef struct {
UINT64 clock;
@@ -765,6 +775,21 @@
TPMU_SIG_SCHEME details;
} TPMT_ECC_SCHEME;
+// Table 167 - TPMS_ALGORITHM_DETAIL_ECC Structure
+typedef struct {
+ TPM_ECC_CURVE curveID;
+ UINT16 keySize;
+ TPMT_KDF_SCHEME kdf;
+ TPMT_ECC_SCHEME sign;
+ TPM2B_ECC_PARAMETER p;
+ TPM2B_ECC_PARAMETER a;
+ TPM2B_ECC_PARAMETER b;
+ TPM2B_ECC_PARAMETER gX;
+ TPM2B_ECC_PARAMETER gY;
+ TPM2B_ECC_PARAMETER n;
+ TPM2B_ECC_PARAMETER h;
+} TPMS_ALGORITHM_DETAIL_ECC;
+
// Table 168 - TPMS_SIGNATURE_RSASSA Structure
typedef struct {
TPMI_ALG_HASH hash;
@@ -1029,4 +1054,8 @@
RC_Create_parentHandle,
};
+enum {
+ TPM_RCS_HANDLE,
+};
+
#endif // __TPM2_TPM_TYPES_H
