1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
/*
* Copyright (C) 2016 Andreas Steffen
* HSR Hochschule fuer Technik Rapperswil
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the
* Free Software Foundation; either version 2 of the License, or (at your
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* for more details.
*/
/**
* @defgroup libtpmtss libtpmtss
*
* @addtogroup libtpmtss
* @{
*/
#ifndef TPM_TSS_H_
#define TPM_TSS_H_
#include "tpm_tss_quote_info.h"
#include <library.h>
#include <crypto/hashers/hasher.h>
typedef enum tpm_version_t tpm_version_t;
typedef struct tpm_tss_t tpm_tss_t;
/**
* TPM Versions
*/
enum tpm_version_t {
TPM_VERSION_ANY,
TPM_VERSION_1_2,
TPM_VERSION_2_0,
};
/**
* TPM access via TSS public interface
*/
struct tpm_tss_t {
/**
* Get TPM version supported by TSS
*
* @return TPM version
*/
tpm_version_t (*get_version)(tpm_tss_t *this);
/**
* Get TPM version info (TPM 1.2 only)
*
* @return TPM version info struct
*/
chunk_t (*get_version_info)(tpm_tss_t *this);
/**
* Generate AIK key pair bound to TPM (TPM 1.2 only)
*
* @param ca_modulus RSA modulus of CA public key
* @param aik_blob AIK private key blob
* @param aik_pubkey AIK public key
* @return TRUE if AIK key generation succeeded
*/
bool (*generate_aik)(tpm_tss_t *this, chunk_t ca_modulus,
chunk_t *aik_blob, chunk_t *aik_pubkey,
chunk_t *identity_req);
/**
* Get public key from TPM using its object handle (TPM 2.0 only)
*
* @param handle key object handle
* @return public key in PKCS#1 format
*/
chunk_t (*get_public)(tpm_tss_t *this, uint32_t handle);
/**
* Retrieve the current value of a PCR register in a given PCR bank
*
* @param pcr_num PCR number
* @param pcr_value PCR value returned
* @param alg hash algorithm, selects PCR bank (TPM 2.0 only)
* @return TRUE if PCR value retrieval succeeded
*/
bool (*read_pcr)(tpm_tss_t *this, uint32_t pcr_num, chunk_t *pcr_value,
hash_algorithm_t alg);
/**
* Extend a PCR register in a given PCR bank with a hash value
*
* @param pcr_num PCR number
* @param pcr_value extended PCR value returned
* @param hash data to be extended into the PCR
* @param alg hash algorithm, selects PCR bank (TPM 2.0 only)
* @return TRUE if PCR extension succeeded
*/
bool (*extend_pcr)(tpm_tss_t *this, uint32_t pcr_num, chunk_t *pcr_value,
chunk_t data, hash_algorithm_t alg);
/**
* Do a quote signature over a selection of PCR registers
*
* @param aik_handle object handle of AIK to be used for quote signature
* @param pcr_sel selection of PCR registers
* @param alg hash algorithm to be used for quote signature
* @param data additional data to be hashed into the quote
* @param quote_mode define current and legacy TPM quote modes
* @param quote_info returns various info covered by quote signature
* @param quote_sig returns quote signature
* @return TRUE if quote signature succeeded
*/
bool (*quote)(tpm_tss_t *this, uint32_t aik_handle, uint32_t pcr_sel,
hash_algorithm_t alg, chunk_t data,
tpm_quote_mode_t *quote_mode,
tpm_tss_quote_info_t **quote_info, chunk_t *quote_sig);
/**
* Destroy a tpm_tss_t.
*/
void (*destroy)(tpm_tss_t *this);
};
/**
* Create a tpm_tss instance.
*
* @param version TPM version that must be supported by TSS
*/
tpm_tss_t *tpm_tss_probe(tpm_version_t version);
/**
* Dummy libtpmtss initialization function needed for integrity test
*/
void libtpmtss_init(void);
#endif /** TPM_TSS_H_ @}*/
|
