diff options
Diffstat (limited to 'src/include')
87 files changed, 17741 insertions, 0 deletions
diff --git a/src/include/Makefile.am b/src/include/Makefile.am new file mode 100644 index 0000000..2adec8a --- /dev/null +++ b/src/include/Makefile.am @@ -0,0 +1,43 @@ +tssincludedir = $(includedir)/tss +trousersincludedir = $(includedir)/trousers + +tssinclude_HEADERS = tss/tcpa_error.h \ + tss/tcs_error.h \ + tss/tcs_defines.h \ + tss/tcs.h \ + tss/tddlapi_error.h \ + tss/tspi.h \ + tss/tss_error.h \ + tss/platform.h \ + tss/tcpa_struct.h \ + tss/tcs_structs.h \ + tss/tddl_error.h \ + tss/tss_defines.h \ + tss/tss_structs.h \ + tss/tcpa_defines.h \ + tss/tcpa_typedef.h \ + tss/tcs_typedef.h \ + tss/tddli.h \ + tss/tss_error_basics.h \ + tss/tss_typedef.h \ + tss/compat11b.h \ + tss/tpm.h \ + tss/tpm_error.h \ + tss/tpm_ordinal.h +trousersinclude_HEADERS = trousers/tss.h trousers/trousers.h + +noinst_HEADERS = auth_mgr.h authsess.h biosem.h capabilities.h \ + hosttable.h imaem.h memmgr.h obj_context.h \ + obj_daaarakey.h obj_daacred.h obj_daa.h \ + obj_daaissuerkey.h obj_delfamily.h obj_encdata.h \ + obj.h obj_hash.h obj_migdata.h obj_nv.h \ + obj_pcrs.h obj_policy.h obj_rsakey.h \ + obj_tpm.h req_mgr.h rpc_tcstp.h rpc_tcstp_tcs.h \ + rpc_tcstp_tsp.h spi_utils.h tcs_aik.h \ + tcs_context.h tcsd.h tcsd_ops.h tcsd_wrap.h \ + tcsem.h tcs_int_literals.h tcs_key_ps.h \ + tcslog.h tcsps.h tcs_tsp.h tcs_utils.h \ + tddl.h threads.h trousers_types.h tsp_audit.h \ + tsp_delegate.h tsplog.h tspps.h tsp_seal.h \ + linux/tpm.h + diff --git a/src/include/Makefile.in b/src/include/Makefile.in new file mode 100644 index 0000000..0b36197 --- /dev/null +++ b/src/include/Makefile.in @@ -0,0 +1,530 @@ +# Makefile.in generated by automake 1.11.1 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +target_triplet = @target@ +subdir = src/include +DIST_COMMON = $(noinst_HEADERS) $(srcdir)/Makefile.am \ + $(srcdir)/Makefile.in $(trousersinclude_HEADERS) \ + $(tssinclude_HEADERS) +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +SOURCES = +DIST_SOURCES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(trousersincludedir)" \ + "$(DESTDIR)$(tssincludedir)" +HEADERS = $(noinst_HEADERS) $(trousersinclude_HEADERS) \ + $(tssinclude_HEADERS) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CRYPTOLIB = @CRYPTOLIB@ +CRYPTO_PACKAGE = @CRYPTO_PACKAGE@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLTOOL = @DLLTOOL@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GREP = @GREP@ +GTK_CFLAGS = @GTK_CFLAGS@ +GTK_LIBS = @GTK_LIBS@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MKDIR_P = @MKDIR_P@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OPENSSL_LIB_DIR = @OPENSSL_LIB_DIR@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PKG_CONFIG = @PKG_CONFIG@ +PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ +PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ +RANLIB = @RANLIB@ +RPC = @RPC@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +TCSD_DEFAULT_PORT = @TCSD_DEFAULT_PORT@ +VERSION = @VERSION@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target = @target@ +target_alias = @target_alias@ +target_cpu = @target_cpu@ +target_os = @target_os@ +target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +tssincludedir = $(includedir)/tss +trousersincludedir = $(includedir)/trousers +tssinclude_HEADERS = tss/tcpa_error.h \ + tss/tcs_error.h \ + tss/tcs_defines.h \ + tss/tcs.h \ + tss/tddlapi_error.h \ + tss/tspi.h \ + tss/tss_error.h \ + tss/platform.h \ + tss/tcpa_struct.h \ + tss/tcs_structs.h \ + tss/tddl_error.h \ + tss/tss_defines.h \ + tss/tss_structs.h \ + tss/tcpa_defines.h \ + tss/tcpa_typedef.h \ + tss/tcs_typedef.h \ + tss/tddli.h \ + tss/tss_error_basics.h \ + tss/tss_typedef.h \ + tss/compat11b.h \ + tss/tpm.h \ + tss/tpm_error.h \ + tss/tpm_ordinal.h + +trousersinclude_HEADERS = trousers/tss.h trousers/trousers.h +noinst_HEADERS = auth_mgr.h authsess.h biosem.h capabilities.h \ + hosttable.h imaem.h memmgr.h obj_context.h \ + obj_daaarakey.h obj_daacred.h obj_daa.h \ + obj_daaissuerkey.h obj_delfamily.h obj_encdata.h \ + obj.h obj_hash.h obj_migdata.h obj_nv.h \ + obj_pcrs.h obj_policy.h obj_rsakey.h \ + obj_tpm.h req_mgr.h rpc_tcstp.h rpc_tcstp_tcs.h \ + rpc_tcstp_tsp.h spi_utils.h tcs_aik.h \ + tcs_context.h tcsd.h tcsd_ops.h tcsd_wrap.h \ + tcsem.h tcs_int_literals.h tcs_key_ps.h \ + tcslog.h tcsps.h tcs_tsp.h tcs_utils.h \ + tddl.h threads.h trousers_types.h tsp_audit.h \ + tsp_delegate.h tsplog.h tspps.h tsp_seal.h \ + linux/tpm.h + +all: all-am + +.SUFFIXES: +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign src/include/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign src/include/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-trousersincludeHEADERS: $(trousersinclude_HEADERS) + @$(NORMAL_INSTALL) + test -z "$(trousersincludedir)" || $(MKDIR_P) "$(DESTDIR)$(trousersincludedir)" + @list='$(trousersinclude_HEADERS)'; test -n "$(trousersincludedir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(trousersincludedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(trousersincludedir)" || exit $$?; \ + done + +uninstall-trousersincludeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(trousersinclude_HEADERS)'; test -n "$(trousersincludedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(trousersincludedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(trousersincludedir)" && rm -f $$files +install-tssincludeHEADERS: $(tssinclude_HEADERS) + @$(NORMAL_INSTALL) + test -z "$(tssincludedir)" || $(MKDIR_P) "$(DESTDIR)$(tssincludedir)" + @list='$(tssinclude_HEADERS)'; test -n "$(tssincludedir)" || list=; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(tssincludedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(tssincludedir)" || exit $$?; \ + done + +uninstall-tssincludeHEADERS: + @$(NORMAL_UNINSTALL) + @list='$(tssinclude_HEADERS)'; test -n "$(tssincludedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + test -n "$$files" || exit 0; \ + echo " ( cd '$(DESTDIR)$(tssincludedir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(tssincludedir)" && rm -f $$files + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(HEADERS) +installdirs: + for dir in "$(DESTDIR)$(trousersincludedir)" "$(DESTDIR)$(tssincludedir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool mostlyclean-am + +distclean: distclean-am + -rm -f Makefile +distclean-am: clean-am distclean-generic distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-trousersincludeHEADERS \ + install-tssincludeHEADERS + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-generic mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-trousersincludeHEADERS \ + uninstall-tssincludeHEADERS + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool ctags distclean distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-pdf install-pdf-am \ + install-ps install-ps-am install-strip \ + install-trousersincludeHEADERS install-tssincludeHEADERS \ + installcheck installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-trousersincludeHEADERS \ + uninstall-tssincludeHEADERS + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/include/auth_mgr.h b/src/include/auth_mgr.h new file mode 100644 index 0000000..14ced98 --- /dev/null +++ b/src/include/auth_mgr.h @@ -0,0 +1,49 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +#ifndef _AUTH_MGR_H_ +#define _AUTH_MGR_H_ + +struct auth_map +{ + TSS_BOOL full; + TPM_AUTHHANDLE tpm_handle; + TCS_CONTEXT_HANDLE tcs_ctx; + BYTE *swap; /* These 'swap' variables manage blobs received from TPM_SaveAuthContext */ + UINT32 swap_size; +}; + +/* + * it appears that there's no way to query a v1.1 TPM for the + * max number of simultaneous auth sessions. We'll make the + * default relatively large and let the TPM return + * TCPA_RESOURCES to tell us when we cross the line. + */ +#define TSS_DEFAULT_AUTH_TABLE_SIZE 16 +#define TSS_DEFAULT_OVERFLOW_AUTHS 16 + +struct _auth_mgr +{ + short max_auth_sessions; + short open_auth_sessions; + UINT32 sleeping_threads; + COND_VAR **overflow; /* queue of TCS contexts waiting for an auth session to become + * available */ + unsigned int of_head, of_tail; /* head and tail of the overflow queue */ + struct auth_map *auth_mapper; /* table of currently tracked auth sessions */ + UINT32 auth_mapper_size, overflow_size; +} auth_mgr; + +MUTEX_DECLARE_INIT(auth_mgr_lock); + +TSS_RESULT TPM_SaveAuthContext(TPM_AUTHHANDLE, UINT32 *, BYTE **); +TSS_RESULT TPM_LoadAuthContext(UINT32, BYTE *, TPM_AUTHHANDLE *); + +#endif diff --git a/src/include/authsess.h b/src/include/authsess.h new file mode 100644 index 0000000..7615015 --- /dev/null +++ b/src/include/authsess.h @@ -0,0 +1,59 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#ifndef _AUTHSESS_H_ +#define _AUTHSESS_H_ + +struct authsess { + TPM_AUTH *pAuth; + TPM_AUTH auth; + + /* XOR masks created before each use of an OSAP session */ + TPM_ENCAUTH encAuthUse; + TPM_ENCAUTH encAuthMig; + + TSS_HCONTEXT tspContext; + TPM_COMMAND_CODE command; + + TSS_HOBJECT obj_parent; + TSS_HPOLICY hUsageParent; + UINT32 parentMode; + TPM_SECRET parentSecret; + TSS_CALLBACK cb_xor, cb_hmac, cb_sealx; + + TPM_ENTITY_TYPE entity_type; + UINT32 entityValueSize; + BYTE *entityValue; + + TSS_HOBJECT obj_child; + TSS_HPOLICY hUsageChild, hMigChild; + UINT32 uMode, mMode; + + /* Created during OSAP or DSAP protocol initiation */ + TPM_NONCE nonceOddxSAP; + TPM_NONCE nonceEvenxSAP; + TPM_HMAC sharedSecret; + + //MUTEX_DECLARE(lock); + //struct authsess *next; +}; + +TSS_RESULT authsess_oiap_get(TSS_HOBJECT, TPM_COMMAND_CODE, TPM_DIGEST *, TPM_AUTH *); +TSS_RESULT authsess_oiap_put(TPM_AUTH *, TPM_DIGEST *); + +TSS_RESULT authsess_xsap_init(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_BOOL, TPM_COMMAND_CODE, TPM_ENTITY_TYPE, struct authsess **); +TSS_RESULT authsess_xsap_hmac(struct authsess *, TPM_DIGEST *); +TSS_RESULT authsess_xsap_verify(struct authsess *, TPM_DIGEST *); +void authsess_free(struct authsess *); + +#define TSS_AUTH_POLICY_REQUIRED TRUE +#define TSS_AUTH_POLICY_NOT_REQUIRED FALSE + +#endif diff --git a/src/include/biosem.h b/src/include/biosem.h new file mode 100644 index 0000000..ec6e7f5 --- /dev/null +++ b/src/include/biosem.h @@ -0,0 +1,34 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef _BIOSEM_H_ +#define _BIOSEM_H_ + +int bios_open(void *, FILE **); +TSS_RESULT bios_get_entries_by_pcr(FILE *, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **); +TSS_RESULT bios_get_entry(FILE *, UINT32, UINT32 *, TSS_PCR_EVENT **); +int bios_close(FILE *); + +extern struct ext_log_source bios_source; + +/* this should be large if we're reading out of /proc */ +#define BIOS_READ_SIZE 4096 + +typedef struct { + UINT32 pcrIndex; + UINT32 eventType; + BYTE digest[20]; + UINT32 eventDataSize; + BYTE event[0];/* (eventSize) bytes of event data follows */ +} TCG_PCClientPCREventStruc; + +#define EVLOG_SOURCE_BIOS 1 + +#endif diff --git a/src/include/capabilities.h b/src/include/capabilities.h new file mode 100644 index 0000000..1482956 --- /dev/null +++ b/src/include/capabilities.h @@ -0,0 +1,63 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _CAPABILITIES_H_ +#define _CAPABILITIES_H_ + +/* This header has all of the software capabilities that are returned either via + * Tspi_Context_GetCapability or TCS_GetCapability. + */ + +/* TSP */ +/* BOOL */ +#define INTERNAL_CAP_TSP_ALG_RSA TRUE +#define INTERNAL_CAP_TSP_ALG_SHA TRUE +#define INTERNAL_CAP_TSP_ALG_3DES FALSE +#define INTERNAL_CAP_TSP_ALG_DES FALSE +#define INTERNAL_CAP_TSP_ALG_HMAC TRUE +#define INTERNAL_CAP_TSP_ALG_AES TRUE +#define INTERNAL_CAP_TSP_PERSSTORAGE TRUE + +/* UINT32 */ +#define INTERNAL_CAP_TSP_ALG_DEFAULT TSS_ALG_RSA +#define INTERNAL_CAP_TSP_ALG_DEFAULT_SIZE TSS_KEY_SIZEVAL_2048BIT + +/* 1 indicates byte-stream return values, 0 indicates ASN.1 encoded return values */ +#define INTERNAL_CAP_TSP_RETURNVALUE_INFO 1 + +/* 0 is unknown platform version/type. Currently the spec is too vague on possible values for this + * information to define anything here. */ +#define INTERNAL_CAP_TSP_PLATFORM_VERSION 0 +#define INTERNAL_CAP_TSP_PLATFORM_TYPE 0 + +/* TCS */ +/* BOOL */ +#define INTERNAL_CAP_TCS_ALG_RSA FALSE +#define INTERNAL_CAP_TCS_ALG_AES FALSE +#define INTERNAL_CAP_TCS_ALG_3DES FALSE +#define INTERNAL_CAP_TCS_ALG_DES FALSE +#define INTERNAL_CAP_TCS_ALG_SHA TRUE +#define INTERNAL_CAP_TCS_ALG_HMAC FALSE +#define INTERNAL_CAP_TCS_PERSSTORAGE TRUE +#define INTERNAL_CAP_TCS_CACHING_KEYCACHE FALSE +#define INTERNAL_CAP_TCS_CACHING_AUTHCACHE TRUE + +/* UINT32 */ +#define INTERNAL_CAP_TCS_ALG_DEFAULT TSS_ALG_RSA +#define INTERNAL_CAP_TCS_ALG_DEFAULT_SIZE TSS_KEY_SIZEVAL_2048BIT + +/* Common between both TSP and TCS */ +#define INTERNAL_CAP_VERSION { 1, 2, TSS_VER_MAJOR, TSS_VER_MINOR } + +#define INTERNAL_CAP_MANUFACTURER_ID 0x49424D00 +#define INTERNAL_CAP_MANUFACTURER_STR { 'I', 0, 'B', 0, 'M', 0, 0, 0 } +#define INTERNAL_CAP_MANUFACTURER_STR_LEN 8 + +#endif diff --git a/src/include/daa/anonymity_revocation.h b/src/include/daa/anonymity_revocation.h new file mode 100644 index 0000000..383346d --- /dev/null +++ b/src/include/daa/anonymity_revocation.h @@ -0,0 +1,62 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef ANONYMITY_REVOCATION_H_ +#define ANONYMITY_REVOCATION_H_ + +#include "bi.h" +#include "daa_structs.h" + +/** + * Cramer Shoup public key (CSPublicKey.java) + */ +typedef struct tdCS_PUBLIC_KEY { + bi_ptr eta; + bi_ptr lambda1; + bi_ptr lambda2; + bi_ptr lambda3; +} CS_PUBLIC_KEY; + +typedef struct tdCS_ENCRYPTION_RESULT { + bi_ptr c1; + bi_ptr c2; + bi_ptr c3; + bi_ptr c4; +} CS_ENCRYPTION_RESULT; + +CS_ENCRYPTION_RESULT *create_CS_ENCRYPTION_RESULT( bi_ptr c1, bi_ptr c2, bi_ptr c3, bi_ptr c4); + +/* + * Cramer-Shoup Encryption Result including randomness. + * + * from com.ibm.zurich.tcg.daa.anonymityrevocationCSEncryptionResultRandomness +*/ +typedef struct tdCS_ENCRYPTION_RESULT_RANDOMNESS { + bi_ptr randomness; + CS_ENCRYPTION_RESULT *result; +} CS_ENCRYPTION_RESULT_RANDOMNESS; + +/* + * Cramer-Shoup EncryptionProof + * from com.ibm.zurich.tcg.daa.anonymityrevocation.CSEncryptionProof + */ +CS_ENCRYPTION_RESULT_RANDOMNESS *compute_ecryption_proof( + const bi_ptr msg, + const bi_ptr delta1, + const bi_ptr delta2, + const bi_ptr delta3, + const bi_ptr randomness, + const CS_PUBLIC_KEY *key, + const struct tdTSS_DAA_PK_internal *daa_key, + const BYTE *condition, + const int conditionLength, + const EVP_MD *messageDigest); + +#endif /*ANONYMITY_REVOCATION_H_*/ diff --git a/src/include/daa/bi.h b/src/include/daa/bi.h new file mode 100644 index 0000000..4d69ed3 --- /dev/null +++ b/src/include/daa/bi.h @@ -0,0 +1,380 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef BI_H_ +#define BI_H_ + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +// for the BIGNUM definition +#include <openssl/bn.h> + +#include "list.h" + +#define INLINE +#undef INLINE_DECL +#define INLINE_DECL static inline + +void * (*bi_alloc)(size_t size); + +// keep the list of allocated memory, usually used for the format functions +extern list_ptr allocs; + +/************************************************************************************ + TYPE DEF +*************************************************************************************/ + +#ifdef BI_GMP +#include "bi_gmp.h" +#endif + +#ifdef BI_OPENSSL +#include "bi_openssl.h" +#endif + +/************************************************************************************ + TYPE DEF +*************************************************************************************/ + +struct _bi_array{ + bi_ptr *array; + int length; +}; + +typedef struct _bi_array bi_array[1]; +typedef struct _bi_array *bi_array_ptr; + +/*********************************************************************************** + CONSTANT +*************************************************************************************/ + +extern bi_t bi_0; +extern bi_t bi_1; +extern bi_t bi_2; + +/*********************************************************************************** + TEMPORARY (WORK) +*************************************************************************************/ + +/* +extern bi_t bi_tmp; +extern bi_t bi_tmp1; +extern bi_t bi_tmp2; +extern bi_t bi_tmp3; +extern bi_t bi_tmp4; +extern bi_t bi_tmp5; +extern bi_t bi_tmp6; +extern bi_t bi_tmp7; +extern bi_t bi_tmp8; +extern bi_t bi_tmp9; +*/ + +/*********************************************************************************** + MACROS +*************************************************************************************/ +#define ALLOC_BI_ARRAY() (bi_array_ptr)malloc( sizeof( bi_array)) + +#if 0 +#define BI_SAVE( a, b) do { bi_save( a, #a, b); } while(0); +#define BI_SAVE_ARRAY( a, b) do { bi_save_array( a, #a, b); } while(0); +#define BI_LOAD( a, b) do { bi_load( a, b); } while(0); +#define BI_LOAD_ARRAY( a, b) do { bi_load_array( a, b); } while(0); +#endif + +#ifdef BI_DEBUG +#define DUMP_BI(field) do { \ + fprintf(stderr, "%s=%s [%ld]\n", #field, bi_2_hex_char( field), bi_nbin_size(field));\ + } while(0); + +#define DUMP_BI_ARRAY(field) do { dump_bi_array( #field, field); } while(0); + +#else +#define DUMP_BI(field) + +#define DUMP_BI_ARRAY(field) +#endif + +/* to free only defines bi_ptr */ +#define FREE_BI(a) do { if( (a) != NULL) bi_free_ptr( a); } while(0); + +/*********************************************************************************** + DUMP LIB +*************************************************************************************/ + +char *dump_byte_array(int len, unsigned char *array); + +/* convert <strings> and return it into a byte array <result> of length <length> */ +unsigned char *retrieve_byte_array( int *len, const char *strings); + +/*********************************************************************************** + LIBRARY MANAGEMENT +*************************************************************************************/ +/* + initialize the library + bi_alloc_p allocation function used only for exporting a bi struct, so for bi_2_nbin + if define as NULL, a stdlib malloc() will be used +*/ +void bi_init( void * (*bi_alloc_p)(size_t size)); + +/* release resources used by the library */ +void bi_release(void); + +/* return >0 if the library was initialized */ +int bi_is_initialized(void); + +/* free the list of internally allocated memory, usually used for the format functions */ +void bi_flush_memory(void); + +/*********************************************************************************** + ALLOCATION & BASIC SETTINGS +*************************************************************************************/ + +/* create a big integer */ +bi_ptr bi_new( bi_ptr result); + +/* create a big integer pointer */ +bi_ptr bi_new_ptr(void); + +/* free resources allocated to the big integer <i> */ +void bi_free(const bi_ptr i); + +/* free resources allocated to the big integer pointer <i> */ +void bi_free_ptr(const bi_ptr i); + +/* return the current number of bits of the number */ +long bi_length( const bi_ptr res); + +/* create a <big integer> array */ +void bi_new_array( bi_array_ptr array, const int length); + +/* create a <big integer> array */ +void bi_new_array2( bi_array_ptr array, const int length); + +/* free resources allocated to the big integer <i> */ +void bi_free_array(bi_array_ptr array); + +/* copy length pointers from the array <src, offset_src> to array <dest, offset_dest> */ +void bi_copy_array(bi_array_ptr src, + int offset_src, + bi_array_ptr dest, + int offset_dest, + int length); + +// for debugging +void dump_bi_array( char *field, const bi_array_ptr array); + +/*********************************************************************************** + SAFE RANDOM +*************************************************************************************/ + +bi_ptr compute_random_number( bi_ptr result, const bi_ptr element); + +#if 0 +/*********************************************************************************** + SAVE / LOAD +*************************************************************************************/ + +/* load an big integer in the already open ("r") file */ +void bi_load( bi_ptr bi, FILE *file); + +/* load an big integer array in the already open ("r") file */ +void bi_load_array( bi_array_ptr array, FILE *file); + +/* save an big integer array in the already open ("w") file */ +void bi_save_array( const bi_array_ptr array, const char *name, FILE *file); + +/* save an big integer in the already open ("w") file */ +void bi_save( const bi_ptr bi,const char *name, FILE *file); +#endif + +/*********************************************************************************** + CONVERSION +*************************************************************************************/ + +/* dump the big integer as hexadecimal */ +char *bi_2_hex_char(const bi_ptr i); + + /* dump the big integer as decimal */ +char *bi_2_dec_char(const bi_ptr i); + + /* set <i> to the same value as <value> */ + /* <i> := <value> */ +bi_ptr bi_set( bi_ptr i, const bi_ptr value); + +/* set <i> with the value represented by given hexadecimal <value> */ + /* <i> := <value> */ +bi_ptr bi_set_as_hex( bi_ptr i, const char *value); + +/* set <i> with the value represented by given decimal <value> */ + /* <i> := <value> */ +bi_ptr bi_set_as_dec( bi_ptr i, const char *value); + +/* set <i> with the value represented by unsigned int <value> */ + /* <i> := <value> */ +bi_ptr bi_set_as_si( bi_ptr result, const int value); + +/* return (long)bi_t */ +long bi_get_si(const bi_ptr i); + +/* return the size of a network byte order representation of <i> */ +long bi_nbin_size(const bi_ptr i); + +/* return a BYTE * - in network byte order - and update the length <length> */ +/* the result is allocated internally */ +unsigned char *bi_2_nbin( int *length, const bi_ptr i); + +/* return a BYTE * - in network byte order - and update the length <length> */ +/* different from bi_2_nbin: you should reserve enough memory for the storage */ +void bi_2_nbin1( int *length, unsigned char *, const bi_ptr i); + +/* return a bi_ptr that correspond to the big endian encoded BYTE array of length <n_length> */ +bi_ptr bi_set_as_nbin( const unsigned long length, const unsigned char *buffer); + +/* + convert <bi> to a byte array of length result, + the beginning of this buffer is feel with '0' if needed +*/ +void bi_2_byte_array( unsigned char *result, int length, bi_ptr bi); + +/* convert a bi to a openssl BIGNUM struct */ +BIGNUM *bi_2_BIGNUM( const bi_ptr); + + +/*********************************************************************************** + BITS OPERATION +*************************************************************************************/ +/* set the bit to 1 */ +bi_ptr bi_setbit( bi_ptr result, const int bit); + +/* <result> := <i> << <n> */ +bi_ptr bi_shift_left( bi_ptr result, const bi_ptr i, const int n); + +/* <result> := <i> >> <n> */ +bi_ptr bi_shift_right( bi_ptr result, const bi_ptr i, const int n); + +/*********************************************************************************** + NUMBER THEORIE OPERATION +*************************************************************************************/ +/* create a random of length <length> bits */ +/* res := random( length) */ +bi_ptr bi_urandom( bi_ptr res, const long length); + +/* res := <n> mod <m> */ +bi_ptr bi_mod(bi_ptr res, const bi_ptr n, const bi_ptr m); + +/* res := <n> mod <m> */ +bi_ptr bi_mod_si(bi_ptr res, const bi_ptr n, const long m); + +/* generate prime number of <length> bits */ +bi_ptr bi_generate_prime( bi_ptr i, const long length); + +/* +return true (>0, bigger is better, but this is contextual to the plugin) +if <i> is a probably prime +*/ +int bi_is_probable_prime( const bi_ptr i); + +/* result := (inverse of <i>) mod <m> */ +/* if the inverse exist, return >0, otherwise 0 */ +int bi_invert_mod( bi_ptr result, const bi_ptr i, const bi_ptr m); + +/* generate a safe prime number of <length> bits */ +/* by safe we mean a prime p so that (p-1)/2 is also prime */ +bi_ptr bi_generate_safe_prime( bi_ptr result, const long bit_length); + +/* return in <result> the greatest common divisor of <a> and <b> */ +/* <result> := gcd( <a>, <b>) */ +bi_ptr bi_gcd( bi_ptr result, bi_ptr a, bi_ptr b); + +/*********************************************************************************** + BASIC MATH OPERATION +*************************************************************************************/ + +/* <result> := result++ */ +bi_ptr bi_inc(bi_ptr result); + +/* <result> := result-- */ +bi_ptr bi_dec(bi_ptr result); + +/* <result> := - <result> */ +bi_ptr bi_negate( bi_ptr result); + +/* set <result> by the multiplication of <i> by the long <n> */ +/* <result> := <i> * <n> */ +bi_ptr bi_mul_si( bi_ptr result, const bi_ptr i, const long n); + +/* <result> := <i> * <n> */ +bi_ptr bi_mul( bi_ptr result, const bi_ptr i, const bi_ptr n); + +/* set <result> by the division of <i> by the long <n> */ +/* <result> := <i> / <n> */ +bi_ptr bi_div_si( bi_ptr result, const bi_ptr i, const long n); + +/* <result> := <i> / <n> */ +bi_ptr bi_div( bi_ptr result, const bi_ptr i, const bi_ptr n); + +/* set <result> by the addition of <i> by the long <n> */ +/* <result> := <i> + <n> */ +bi_ptr bi_add_si( bi_ptr result, const bi_ptr i, const long n); + +/* <result> := <i> + <n> */ +bi_ptr bi_add( bi_ptr result, const bi_ptr i, const bi_ptr n); + +/* <result> := <i> - <n> */ +bi_ptr bi_sub_si( bi_ptr result, const bi_ptr i, const long n); + +/* <result> := <i> - <n> */ +bi_ptr bi_sub( bi_ptr result, const bi_ptr i, const bi_ptr n); + +/* <result> := ( <g> ^ <e> ) mod <m> */ +bi_ptr bi_mod_exp_si( bi_ptr result, const bi_ptr g, const bi_ptr e, const long m); + +/* <result> := ( <g> ^ <e> ) mod <m> */ +bi_ptr bi_mod_exp( bi_ptr result, const bi_ptr g, const bi_ptr e, const bi_ptr m); + +/* +multiple-exponentiation +<result> := mod( Multi( <g>i, <e>i), number of byte <m>) with 0 <= i <= <n> +bi_t[] is used for commodity (bi-ptr[] need allocation for each bi_ptr, something made +in the stack with bi_t) +*/ +bi_ptr bi_multi_mod_exp( bi_ptr result, + const int n, + const bi_t g[], + const long e[], + const int m); + +/*********************************************************************************** + COMPARAISON +*************************************************************************************/ +/* n1<n2 return negative value + n1 = n2 return 0 + n1>n2 return positive value +*/ +int bi_cmp( const bi_ptr n1, const bi_ptr n2); + +/* n1<n2 return negative value + n1 = n2 return 0 + n1>n2 return positive value +*/ +int bi_cmp_si( const bi_ptr n1, const int n2); + +/* n1 == n2 return 1 (true) + else return 0 +*/ +int bi_equals( const bi_ptr n1, const bi_ptr n2); + +/* n1 == n2 return 1 (true) + else return 0 +*/ +int bi_equals_si( const bi_ptr n1, const int n2); + +#endif /*BI_H_*/ diff --git a/src/include/daa/bi_gmp.h b/src/include/daa/bi_gmp.h new file mode 100644 index 0000000..8e0f611 --- /dev/null +++ b/src/include/daa/bi_gmp.h @@ -0,0 +1,295 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef BI_GMP_ +#define BI_GMP_ + +#include <gmp.h> +// needed for OPENSSL_free +#include <openssl/crypto.h> + +typedef mpz_t bi_t; +typedef mpz_ptr bi_ptr; + +extern gmp_randstate_t state; + +/* initialized the given big integer */ +INLINE_DECL bi_ptr bi_new(bi_t i) { + mpz_init( i); + return i; +} + +/* create a big integer pointer */ +INLINE_DECL bi_ptr bi_new_ptr(void) { + mpz_ptr res; + + res = (mpz_ptr)malloc( sizeof( mpz_t)); + if( res == NULL) return NULL; + mpz_init( res); + return res; +} + +/* free resources allocated to the big integer <i> */ +INLINE_DECL void bi_free(const bi_ptr i) { + mpz_clear( i); +} + +/* free resources allocated to the big integer pointer <i> */ +INLINE_DECL void bi_free_ptr(const bi_ptr i) { + mpz_clear( i); + free( i); +} + +/* return the current number of bits of the number */ +INLINE_DECL long bi_length( const bi_ptr res) { + return mpz_sizeinbase( res, 2); +} + +/*********************************************************************************** + CONVERSIONS +*************************************************************************************/ + + +/* return an hex dump of the given big integer */ +INLINE_DECL char *bi_2_hex_char(const bi_ptr i) { + char *ret; + + gmp_asprintf( &ret, "%ZX", i); + list_add( allocs, ret); + return ret; +} + +/* return an hex dump of the given big integer */ +INLINE_DECL char *bi_2_dec_char(const bi_ptr i) { + char *ret; + + gmp_asprintf( &ret, "%Zd", i); + list_add( allocs, ret); + return ret; +} + +/* set <i> to the same value as the big integer <value> */ +INLINE_DECL bi_ptr bi_set( bi_ptr result, const bi_ptr value) { + mpz_set( result, value); + return result; +} + +/* set the initialized variable to the value represented by the given hex format stirng */ +INLINE_DECL bi_ptr bi_set_as_hex( bi_ptr result, const char *value) { + mpz_set_str( result, value, 16); + return result; +} + +/* set the initialized variable to the value represented by the given hex format stirng */ +INLINE_DECL bi_ptr bi_set_as_dec( bi_ptr result, const char *value) { + mpz_set_str( result, value, 10); + return result; +} + +/* set <i> with the value represented by unsigned int <value> */ +/* <i> := <value> */ +INLINE_DECL bi_ptr bi_set_as_si( bi_ptr result, const int value) { + mpz_set_si( result, value); + return result; +} + +/* return (long)bi_t */ +INLINE_DECL long bi_get_si(const bi_ptr i) { + return mpz_get_si( i); +} + +/* convert a bi type to a openssl BIGNUM struct */ +INLINE_DECL BIGNUM *bi_2_BIGNUM( const bi_ptr i) { + BIGNUM *result; + char *value = bi_2_hex_char( i); + + BN_hex2bn( &result, value); + return result; +} + +/* set <i> with the value represented by the given openssl BIGNUM struct */ +INLINE_DECL bi_ptr bi_set_as_BIGNUM( bi_ptr i, BIGNUM *bn) { + char *value = BN_bn2hex( bn); + + if( value == NULL) return NULL; + bi_set_as_hex( i, value); + OPENSSL_free( value); + return i; +} + +/*********************************************************************************** + BASIC MATH OPERATION +*************************************************************************************/ + +/* <result> := result + 1 */ +INLINE_DECL bi_ptr bi_inc(bi_ptr result) { + mpz_add_ui( result, result, 1); + return result; +} + +/* <result> := result - 1 */ +INLINE_DECL bi_ptr bi_dec(bi_ptr result) { + mpz_sub_ui( result, result, 1); + return result; +} + +/* set <result> by the division of <i> by the long <n> */ +/* <result> := <i> / <n> */ +INLINE_DECL bi_ptr bi_div_si( bi_ptr result, const bi_ptr i, const long n) { + mpz_div_ui( result, i, n); + return result; +} + +/* <result> := <i> / <n> */ +INLINE_DECL bi_ptr bi_div( bi_ptr result, const bi_ptr i, const bi_ptr n) { + mpz_div( result, i, n); + return result; +} + +/* <result> := - <result> */ +INLINE_DECL bi_ptr bi_negate( bi_ptr result) { + mpz_neg( result, result); + return result; +} + +/* multiply the given big integer <i> by the give long <n> and return the result in <result> */ +INLINE_DECL bi_ptr bi_mul_si( bi_ptr result, const bi_ptr i, const long n) { + mpz_mul_si( result, i, n); + return result; +} + + /* <result> := <i> * <n> */ +INLINE_DECL bi_ptr bi_mul( bi_ptr result, const bi_ptr i, const bi_ptr n) { + mpz_mul( result, i, n); + return result; +} + +/* <result> := <i> + <n> */ +INLINE_DECL bi_ptr bi_add_si( bi_ptr result, const bi_ptr i, const long n) { + mpz_add_ui( result, i, n); + return result; +} + +/* <result> := <i> + <n> */ +INLINE_DECL bi_ptr bi_add( bi_ptr result, const bi_ptr i, const bi_ptr n) { + mpz_add( result, i, n); + return result; +} + +/* <result> := <i> - <n> */ +INLINE_DECL bi_ptr bi_sub_si( bi_ptr result, const bi_ptr i, const long n) { + // n should be unsigned + mpz_sub_ui( result, i, n); + return result; +} + +/* <result> := <i> - <n> */ +INLINE_DECL bi_ptr bi_sub( bi_ptr result, const bi_ptr i, const bi_ptr n) { + mpz_sub( result, result, n); + return result; +} + +/* <result> := ( <g> ^ <e> ) mod <m> */ +INLINE_DECL bi_ptr bi_mod_exp( bi_ptr result, const bi_ptr g, const bi_ptr e, const bi_ptr m) { + mpz_powm( result, g, e, m); + return result; +} + +/* <result> := ( <g> ^ <e> ) mod <m> */ +INLINE_DECL bi_ptr bi_mod_exp_si( bi_ptr result, const bi_ptr g, const bi_ptr e, const long m) { + mpz_t bi_m; + + mpz_init( bi_m); + mpz_set_si( bi_m, m); + mpz_powm( result, g, e, bi_m); + mpz_clear( bi_m); + return result; +} + +/*********************************************************************************** + BITS OPERATION +*************************************************************************************/ +/* set the bit to 1 */ +INLINE_DECL bi_ptr bi_setbit(bi_ptr result, const int bit) { + mpz_setbit( result, bit); + return result; +} + +/* <result> := <i> << <n> */ +INLINE_DECL bi_ptr bi_shift_left( bi_ptr result, const bi_ptr i, const int n) { + mpz_mul_2exp( result, i, n); + return result; +} + +/* <result> := <i> >> <n> */ +INLINE_DECL bi_ptr bi_shift_right( bi_ptr result, const bi_ptr i, const int n) { + mpz_div_2exp( result, i, n); + return result; +} + +/*********************************************************************************** + COMPARAISON +*************************************************************************************/ +/* n1<n2 return negative value + * n1 = n2 return 0 + * n1>n2 return positive value +*/ +INLINE_DECL int bi_cmp( const bi_ptr n1, const bi_ptr n2) { + return mpz_cmp( n1, n2); +} + +/* n1<n2 return negative value + * n1 = n2 return 0 + * n1>n2 return positive value +*/ +INLINE_DECL int bi_cmp_si( const bi_ptr n1, const int n2) { + return mpz_cmp_ui( n1, n2); +} + +/* n1 == n2 return 1 (true) + * else return 0 +*/ +INLINE_DECL int bi_equals( const bi_ptr n1, const bi_ptr n2) { + return mpz_cmp( n1, n2) == 0 ? 1 : 0; +} + +/* n1 == n2 return 1 (true) + * else return 0 +*/ +INLINE_DECL int bi_equals_si( const bi_ptr n1, const int n2) { + return mpz_cmp_ui( n1, n2) == 0 ? 1 : 0; +} + +/* create a random of length <length> bits */ +/* res := random( length) */ +INLINE_DECL bi_ptr bi_urandom( bi_ptr result, const long length) { + mpz_urandomb( result, state, length); + return result; +} + +/* res := <n> mod <m> */ +INLINE_DECL bi_ptr bi_mod_si( bi_ptr result, const bi_ptr n, const long m) { + mpz_mod_ui( result, n, m); + return result; +} + +/* res := <n> mod <m> */ +INLINE_DECL bi_ptr bi_mod( bi_ptr result, const bi_ptr n, const bi_ptr m) { + mpz_mod( result, n, m); + return result; +} + +/* result := (inverse of <i>) mod <m> */ +/* if the inverse exist, return >0, otherwise 0 */ +INLINE_DECL int bi_invert_mod( bi_ptr result, const bi_ptr i, const bi_ptr m) { + return mpz_invert( result, i, m); +} + +#endif /*BI_GMP_*/ diff --git a/src/include/daa/bi_openssl.h b/src/include/daa/bi_openssl.h new file mode 100644 index 0000000..8bd3f1d --- /dev/null +++ b/src/include/daa/bi_openssl.h @@ -0,0 +1,352 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef BI_OPENSSL_ +#define BI_OPENSSL_ + +#include <openssl/bn.h> +#include <openssl/engine.h> + +typedef struct bignum_st bi_t[1]; + +typedef struct bignum_st *bi_ptr; + +extern BN_CTX *context; + + +INLINE_DECL bi_ptr bi_new(bi_ptr result) { + BN_init( result); + return result; +} + +/* create a big integer pointer */ +INLINE_DECL bi_ptr bi_new_ptr(void) { + return BN_new(); +} + +/* free resources allocated to the big integer <i> */ +INLINE_DECL void bi_free(const bi_ptr i) { + BN_free( i); +} + +/* free resources allocated to the big integer pointer <i> */ +INLINE_DECL void bi_free_ptr(const bi_ptr i) { + BN_free( i); +} + +/* <result> := result++ */ +INLINE_DECL bi_ptr bi_inc(bi_ptr result) { + BN_add_word( result, 1); + return result; +} + +/* <result> := result-- */ +INLINE_DECL bi_ptr bi_dec(bi_ptr result) { + BN_sub_word( result, 1); + return result; +} + +/* return the current number of bits of the number */ +INLINE_DECL long bi_length( const bi_ptr res) { + return BN_num_bits( res); +} + +/*********************************************************************************** + BASIC MATH OPERATION +*************************************************************************************/ +/* <result> := - <result> */ +INLINE_DECL bi_ptr bi_negate( bi_ptr result) { + BIGNUM *n = result; + n->neg = ( n->neg == 0 ? 1 : 0); + return result; +} + +INLINE_DECL bi_ptr bi_mul_si( bi_ptr result, const bi_ptr i, const long n) { + BN_copy( result, i); + BN_mul_word( result, n); + return result; +} + +/* <result> := <i> * <n> */ +INLINE_DECL bi_ptr bi_mul( bi_ptr result, const bi_ptr i, const bi_ptr n) { + BN_mul( result, i, n, context); + return result; +} + +INLINE_DECL bi_ptr bi_add_si( bi_ptr result, const bi_ptr i, const long n) { + BN_copy( result, i); + BN_add_word( result, n); + return result; +} + +/* <result> := <i> + <n> */ +INLINE_DECL bi_ptr bi_add( bi_ptr result, const bi_ptr i, const bi_ptr n) { + BN_add( result, i, n); + return result; +} + +/* <result> := <i> - <n> */ +INLINE_DECL bi_ptr bi_sub_si( bi_ptr result, const bi_ptr i, const long n) { + // n should be unsigned + BN_copy( result, i); // result := i + BN_sub_word( result, n); // result := result - n + return result; +} + +/* <result> := <i> - <n> */ +INLINE_DECL bi_ptr bi_sub( bi_ptr result, const bi_ptr i, const bi_ptr n) { + BN_sub( result, i, n); + return result; +} + +/* <result> := ( <g> ^ <e> ) mod <m> */ +INLINE_DECL bi_ptr bi_mod_exp( bi_ptr result, const bi_ptr g, const bi_ptr e, const bi_ptr m) { + BN_mod_exp( result, g, e, m, context); // result := (g ^ e) mod bi_m + return result; +} + +/* set <result> by the division of <i> by the long <n> */ +/* <result> := <i> / <n> */ +INLINE_DECL bi_ptr bi_div_si( bi_ptr result, const bi_ptr i, const long n) { + BN_copy( result, i); + BN_div_word( result, n); + return result; +} + +/* <result> := <i> / <n> */ +INLINE_DECL bi_ptr bi_div( bi_ptr result, const bi_ptr i, const bi_ptr n) { + BN_div( result, NULL, i, n, context); + return result; +} + +/*********************************************************************************** + COMPARAISON +*************************************************************************************/ +/* n1<n2 return negative value + * n1 = n2 return 0 + * n1>n2 return positive value +*/ +INLINE_DECL int bi_cmp( const bi_ptr n1, const bi_ptr n2) { + return BN_cmp( n1, n2); +} + +/* n1<n2 return negative value + * n1 = n2 return 0 + * n1>n2 return positive value +*/ +INLINE_DECL int bi_cmp_si( const bi_ptr n1, const int n2) { + BIGNUM *temp = BN_new(); + BN_set_word( temp, n2); + int res = BN_cmp( n1, temp); + BN_free( temp); + return res; +} + +/* n1 == n2 return 1 (true) + * else return 0 +*/ +INLINE_DECL int bi_equals( const bi_ptr n1, const bi_ptr n2) { + return BN_cmp( n1, n2) == 0 ? 1 :0; +} + +/* n1 == n2 return 1 (true) + * else return 0 +*/ +INLINE_DECL int bi_equals_si( const bi_ptr n1, const int n2) { + return BN_is_word( n1, n2); +} + +/*********************************************************************************** + CONVERSIONS +*************************************************************************************/ + +INLINE_DECL char *bi_2_hex_char(const bi_ptr i) { + char *result = BN_bn2hex( i); + + if( result == NULL) { + return NULL; + } + list_add( allocs, result); + return result; +} + +INLINE_DECL char *bi_2_dec_char(const bi_ptr i) { + char *result = BN_bn2dec( i); + + if( result == NULL) { + return NULL; + } + list_add( allocs, result); + return result; +} + +INLINE_DECL bi_ptr bi_set( bi_ptr result, const bi_ptr value) { + BN_copy( result, value); + return result; +} + +INLINE_DECL bi_ptr bi_set_as_hex( bi_ptr result, const char *value) { + BN_hex2bn( &result, value); + return result; +} + +INLINE_DECL bi_ptr bi_set_as_dec( bi_ptr result, const char *value) { + BN_dec2bn( &result, value); + return result; +} + +/* set <i> with the value represented by unsigned int <value> */ + /* <i> := <value> */ +INLINE_DECL bi_ptr bi_set_as_si( bi_ptr result, const int value) { + if( value < 0) { + BN_set_word( result, -value); + result->neg=1; + } else + BN_set_word( result, value); + return result; +} + +/* return (long)bi_t */ +INLINE_DECL long bi_get_si(const bi_ptr i) { + long result = BN_get_word( i); + + if( i->neg == 1) { + return -result; + } + return result; +} + +/* return the size of a network byte order representation of <i> */ +INLINE_DECL long bi_nbin_size(const bi_ptr i) { + return BN_num_bytes( i); +} + +/* return a BYTE * in network byte order - big endian - and update the length <length> */ +INLINE_DECL unsigned char *bi_2_nbin( int *length, const bi_ptr i) { + unsigned char *ret; + + *length = BN_num_bytes( i); + ret = (unsigned char *)bi_alloc( *length * 2); + if( ret == NULL) return NULL; + BN_bn2bin( i, ret); + return ret; +} + +/* return a BYTE * - in network byte order - and update the length <length> */ +/* different from bi_2_nbin: you should reserve enough memory for the storage */ +INLINE_DECL void bi_2_nbin1( int *length, unsigned char *buffer, const bi_ptr i) { + *length = BN_num_bytes( i); + BN_bn2bin( i, buffer); +} + +/* return a bi_ptr that correspond to the big endian encoded BYTE array of length <n_length> */ +INLINE_DECL bi_ptr bi_set_as_nbin( const unsigned long length, const unsigned char *buffer) { + bi_ptr ret_bi = bi_new_ptr(); + + if( ret_bi == NULL) return NULL; + if( BN_bin2bn( buffer, length, ret_bi) == NULL) { + bi_free( ret_bi); + return NULL; + } + return ret_bi; +} + +/* convert a bi to a openssl BIGNUM struct */ +INLINE_DECL BIGNUM *bi_2_BIGNUM( const bi_ptr i) { + return i; +} + +/* set <i> with the value represented by the given openssl BIGNUM struct */ +INLINE_DECL bi_ptr bi_set_as_BIGNUM( bi_ptr i, BIGNUM *bn) { + return bi_set( i, bn); +} + +/*********************************************************************************** + BITS OPERATION +*************************************************************************************/ +/* set the bit to 1 */ +INLINE_DECL bi_ptr bi_setbit(bi_ptr result, const int bit) { + BN_set_bit( result, bit); + return result; +} + +/* <result> := <i> << <n> */ +INLINE_DECL bi_ptr bi_shift_left( bi_ptr result, const bi_ptr i, const int n) { + BN_lshift( result, i, n); + return result; +} + +/* <result> := <i> >> <n> */ +INLINE_DECL bi_ptr bi_shift_right( bi_ptr result, const bi_ptr i, const int n) { + BN_rshift( result, i, n); + return result; +} + +/* create a random of length <length> bits */ +/* res := random( length) */ +INLINE_DECL bi_ptr bi_urandom( bi_ptr result, const long length) { + /* + * <result> will be a generated cryptographically strong pseudo-random number of length + * <length> + */ + BN_rand( result, length, -1, 0); + return result; +} + + +/* res := <n> mod <m> */ +INLINE_DECL bi_ptr bi_mod_si( bi_ptr result, const bi_ptr n, const long m) { + BIGNUM *mod = BN_new(); + BN_set_word( mod, m); + BN_mod( result, n, mod, context); + BN_free( mod); + return result; +} + +/* res := <n> mod <m> */ +INLINE_DECL bi_ptr bi_mod( bi_ptr result, const bi_ptr n, const bi_ptr m) { + BN_mod( result, n, m, context); + if( result->neg == 1) { + result->neg=0; + BN_sub( result, m, result); + } + return result; +} + +/* result := (inverse of <i>) mod <m> */ +/* if the inverse exist, return >0, otherwise 0 */ +INLINE_DECL int bi_invert_mod( bi_ptr result, const bi_ptr i, const bi_ptr m) { + while( ERR_get_error() != 0); + BN_mod_inverse( result, i, m, context); + return ERR_get_error() == 0 ? 1 : 0; +} + +/* generate a prime number of <length> bits */ +INLINE_DECL bi_ptr bi_generate_prime( bi_ptr result, const long bit_length) { + BN_generate_prime(result, bit_length, 0, NULL, NULL, NULL, NULL); + return result; +} + +/* generate a safe prime number of <length> bits */ +/* by safe we mean a prime p so that (p-1)/2 is also prime */ +INLINE_DECL bi_ptr bi_generate_safe_prime( bi_ptr result, const long bit_length) { + BN_generate_prime(result, bit_length, 1, NULL, NULL, NULL, NULL); + return result; +} + +/* return in <result> the greatest common divisor of <a> and <b> */ +/* <result> := gcd( <a>, <b>) */ +INLINE_DECL bi_ptr bi_gcd( bi_ptr result, bi_ptr a, bi_ptr b) { + BN_gcd( result, a, b, context); + return result; +} + + +#endif /*BI_OPENSSL_*/ diff --git a/src/include/daa/daa_parameter.h b/src/include/daa/daa_parameter.h new file mode 100644 index 0000000..f1f3447 --- /dev/null +++ b/src/include/daa/daa_parameter.h @@ -0,0 +1,87 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef DAA_PARAMETER_H_ +#define DAA_PARAMETER_H_ + +// for message digest +//#include <openssl/evp.h> +#include "trousers/tss.h" +//#include "spi_internal_types.h" +#include "spi_utils.h" + +#define DAA_PARAM_TSS_VERSION_LENGTH (4) +static const BYTE DAA_PARAM_TSS_VERSION[] = { 1, 2, 0, 0 }; + +#define DAA_PARAM_DEFAULT_CRYPTO_PROVIDER_NAME "BC" + +// Name of default hash function +#define DAA_PARAM_MESSAGE_DIGEST_ALGORITHM "SHA1" + +// Name of hash function used independently in TSS +#define DAA_PARAM_MESSAGE_DIGEST_ALGORITHM_TSS "SHA1" + +// l_n (bits) +#define DAA_PARAM_SIZE_RSA_MODULUS (2048) + +// l_f (bits) +#define DAA_PARAM_SIZE_F_I (104) + +// l_q (2 * SIZE_F_I) +#define DAA_PARAM_SIZE_RHO (208) + +// l_e +#define DAA_PARAM_SIZE_EXPONENT_CERTIFICATE (368) + +// lPrime_e +#define DAA_PARAM_SIZE_INTERVAL_EXPONENT_CERTIFICATE (120) + +// l_zero +#define DAA_PARAM_SAFETY_MARGIN (80) + +// Byte length of TPM message digest (sha-1) +#define DAA_PARAM_LENGTH_MESSAGE_DIGEST (20) + +// Byte length of TSS message digest (sha-256) +#define DAA_PARAM_LENGTH_MESSAGE_DIGEST_TSS (32) + +// l_H depends on the message digest algo +#define DAA_PARAM_SIZE_MESSAGE_DIGEST (160) +// 8 * LENGTH_MESSAGE_DIGEST; + +// l_GAMMA +#define DAA_PARAM_SIZE_MODULUS_GAMMA (1632) + +#define DAA_PARAM_SIZE_SPLIT_EXPONENT (1024) + +// TPM asym key size (bits) +#define DAA_PARAM_KEY_SIZE (2048) + +// Default RSA public key exponent (Fermat 4) +#define DAA_PARAM_LENGTH_MFG1_ANONYMITY_REVOCATION (25) +// (SIZE_RHO-1)/8; + +#define DAA_PARAM_LENGTH_MFG1_GAMMA (214) +// (SIZE_MODULUS_GAMMA + SIZE_SAFETY_MARGIN)/8; + +#define DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE (2536) + +// (bits) +#define DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES (DAA_PARAM_SIZE_F_I+DAA_PARAM_SAFETY_MARGIN+DAA_PARAM_SIZE_MESSAGE_DIGEST) + +#define TSS_FLAG_DAA_SIGN_IDENTITY_KEY 0 +#define TSS_FLAG_DAA_SIGN_MESSAGE_HASH 1 + + +extern EVP_MD *DAA_PARAM_get_message_digest(void); + +extern char *err_string(TSS_RESULT r); + +#endif /*DAA_PARAMETER_H_*/ diff --git a/src/include/daa/daa_structs.h b/src/include/daa/daa_structs.h new file mode 100644 index 0000000..5b06762 --- /dev/null +++ b/src/include/daa/daa_structs.h @@ -0,0 +1,385 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef DAA_STRUCT_H_ +#define DAA_STRUCT_H_ + +#include <string.h> +#include <stdlib.h> +#include <malloc.h> + +#include "tss/tcs.h" +#include "bi.h" +#include "arpa/inet.h" + +// for message digest +#include <openssl/evp.h> + +#define init_tss_version(b) \ +do {\ + (b)->versionInfo.bMajor = DAA_PARAM_TSS_VERSION[0];\ + (b)->versionInfo.bMinor = DAA_PARAM_TSS_VERSION[1];\ + (b)->versionInfo.bRevMajor = DAA_PARAM_TSS_VERSION[2];\ + (b)->versionInfo.bRevMinor = DAA_PARAM_TSS_VERSION[3];\ +} while(0); + +BYTE *convert_alloc( TCS_CONTEXT_HANDLE tcsContext, + UINT32 length, + BYTE *source); + +BYTE *copy_alloc( TCS_CONTEXT_HANDLE tcsContext, + UINT32 length, + BYTE *source); + +void store_bi( UINT32 *length, + BYTE **buffer, + const bi_ptr i, + void * (*daa_alloc)(size_t size, TSS_HOBJECT object), + TSS_HOBJECT object); + +/* length is in network format: big indian */ +void dump_field( int length, BYTE *buffer); + +/******************************************************************************************** + TSS_DAA_ATTRIB_COMMIT + ********************************************************************************************/ + +typedef struct tdTSS_DAA_ATTRIB_COMMIT_internal { + bi_ptr beta; + bi_ptr sMu; +} TSS_DAA_ATTRIB_COMMIT_internal; + +TSS_DAA_ATTRIB_COMMIT_internal *create_TSS_DAA_ATTRIB_COMMIT( bi_ptr beta, bi_ptr sMu); + +/******************************************************************************************** + * TSS_DAA_SELECTED_ATTRIB + * this struct is used internally and externally, only a call to internal_2_DAA_SELECTED_ATTRIB + * DAA_SELECTED_ATTRIB_2_internal will change the struct to be internal or external + ********************************************************************************************/ + +void i_2_e_TSS_DAA_SELECTED_ATTRIB( TSS_DAA_SELECTED_ATTRIB *selected_attrib); + +void e_2_i_TSS_DAA_SELECTED_ATTRIB( TSS_DAA_SELECTED_ATTRIB *selected_attrib); + +/* work ONLY with internal format */ +BYTE *to_bytes_TSS_DAA_SELECTED_ATTRIB_internal( int *length, TSS_DAA_SELECTED_ATTRIB *selected_attrib); + +/* +create a TSS_DAA_SELECTED_ATTRIB of length <length> with given selected attributes. +example of selections of the second and third attributes upon 5: +create_TSS_DAA_SELECTED_ATTRIB( &selected_attrib, 5, 0, 1, 1, 0, 0); +*/ +void create_TSS_DAA_SELECTED_ATTRIB( TSS_DAA_SELECTED_ATTRIB *attrib, int length, ...); + +/******************************************************************************************** + * DAA PRIVATE KEY + ********************************************************************************************/ + +/** + * DAA private key. Contains p', q' and the product of it, where n = p*q, p = + * 2*p'+1 and q = 2*q'+1. n is part of the public key. + * (from com.ibm.zurich.tcg.daa.issuer.DAAPrivateKey.java) + */ +typedef struct { + bi_ptr p_prime; + bi_ptr q_prime; + bi_ptr productPQprime; +} DAA_PRIVATE_KEY_internal; + +/** + * allocate: ret->p_prime + * ret->q_prime + * ret->productPQprime + */ +DAA_PRIVATE_KEY_internal *create_TSS_DAA_PRIVATE_KEY( + bi_ptr pPrime, + bi_ptr qPrime +); +#if 0 +int save_DAA_PRIVATE_KEY( + FILE *file, + const DAA_PRIVATE_KEY_internal *private_key +); + +DAA_PRIVATE_KEY_internal *load_DAA_PRIVATE_KEY( + FILE *file +); +TSS_DAA_PRIVATE_KEY* i_2_e_TSS_DAA_PRIVATE_KEY( + DAA_PRIVATE_KEY_internal *private_key_internal, + void * (*daa_alloc)(size_t size, TSS_HOBJECT object), + TSS_HOBJECT object +); + +DAA_PRIVATE_KEY_internal *e_2_i_TSS_DAA_PRIVATE_KEY( + TSS_DAA_PRIVATE_KEY *private_key +); + +#endif +/******************************************************************************************** + * TSS_DAA_PK + ********************************************************************************************/ + +typedef struct tdTSS_DAA_PK_internal { + bi_ptr modulus; + bi_ptr capitalS; + bi_ptr capitalZ; + bi_ptr capitalR0; + bi_ptr capitalR1; + bi_ptr gamma; + bi_ptr capitalGamma; + bi_ptr rho; + bi_array_ptr capitalRReceiver; + bi_array_ptr capitalRIssuer; + bi_array_ptr capitalY; + int issuerBaseNameLength; + BYTE *issuerBaseName; + // capitalSprime calculated at each init of this structure as : + // (capitalS ^ ( 1 << DAA_PARAM_SIZE_SPLIT_EXPONENT)) % modulus + bi_ptr capitalSprime; +} TSS_DAA_PK_internal; + +TSS_DAA_PK_internal *create_DAA_PK( + const bi_ptr modulus, + const bi_ptr capitalS, + const bi_ptr capitalZ, + const bi_ptr capitalR0, + const bi_ptr capitalR1, + const bi_ptr gamma, + const bi_ptr capitalGamma, + const bi_ptr rho, + const bi_array_ptr capitalRReceiver, + const bi_array_ptr capitalRIssuer, + int issuerBaseNameLength, + BYTE * const issuerBaseName); + +/* + * create anf feel a TSS_DAA_PK structures + */ +TSS_DAA_PK_internal *e_2_i_TSS_DAA_PK( + TSS_DAA_PK *pk +); + +TSS_DAA_PK *i_2_e_TSS_DAA_PK( + TSS_DAA_PK_internal *pk_internal, + void * (*daa_alloc)(size_t size, TSS_HOBJECT object), + TSS_HOBJECT param_alloc +); +#if 0 + +/* moved to daa_debug.h */ +int save_DAA_PK_internal( + FILE *file, + const TSS_DAA_PK_internal *pk_internal +); + +TSS_DAA_PK_internal *load_DAA_PK_internal( + FILE *file +); + +#endif + +void dump_DAA_PK_internal( + char *name, + TSS_DAA_PK_internal *pk_internal +); + +TPM_DAA_ISSUER *convert2issuer_settings( + TSS_DAA_PK_internal *pk_internal +); + +void free_TSS_DAA_PK_internal( + TSS_DAA_PK_internal *pk_internal +); + +void free_TSS_DAA_PK( TSS_DAA_PK *pk); + +BYTE *issuer_2_byte_array( + TPM_DAA_ISSUER *tpm_daa_issuer, + int *length +); + +/******************************************************************************************** + * TSS_DAA_PK_PROOF + ********************************************************************************************/ + +typedef struct tdTSS_DAA_PK_PROOF_internal { + BYTE *challenge; + int length_challenge; + bi_array_ptr *response; + int length_response; +} TSS_DAA_PK_PROOF_internal; + +TSS_DAA_PK_PROOF_internal *create_DAA_PK_PROOF( + BYTE* const challenge, + const int length_challenge, + bi_array_ptr *response, + int length_reponse); + +/* + * create anf feel a TSS_DAA_PK structures + */ +TSS_DAA_PK *TSS_convert_DAA_PK_PROOF( + TSS_DAA_PK_PROOF_internal *proof +); +#if 0 +int save_DAA_PK_PROOF_internal( + FILE *file, + TSS_DAA_PK_PROOF_internal *pk_internal +); + +TSS_DAA_PK_PROOF_internal *load_DAA_PK_PROOF_internal( + FILE *file +); +#endif +TSS_DAA_PK_PROOF_internal *e_2_i_TSS_DAA_PK_PROOF( + TSS_DAA_PK_PROOF *pk_proof +); + +TSS_DAA_PK_PROOF *i_2_e_TSS_DAA_PK_PROOF( + TSS_DAA_PK_PROOF_internal*pk_internal_proof, + void * (*daa_alloc)(size_t size, TSS_HOBJECT object), + TSS_HOBJECT param_alloc +); + +/* + * Encode the DAA_PK like java.security.Key#getEncoded + */ +BYTE *encoded_DAA_PK_internal( + int *result_length, + const TSS_DAA_PK_internal *pk +); + +/******************************************************************************************** + * KEY PAIR WITH PROOF + ********************************************************************************************/ + +typedef struct tdKEY_PAIR_WITH_PROOF_internal { + TSS_DAA_PK_internal *pk; + DAA_PRIVATE_KEY_internal *private_key; + TSS_DAA_PK_PROOF_internal *proof; +} KEY_PAIR_WITH_PROOF_internal; + +#if 0 + +/* moved to daa_debug.h */ + +int save_KEY_PAIR_WITH_PROOF( + FILE *file, + KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof +); + +KEY_PAIR_WITH_PROOF_internal *load_KEY_PAIR_WITH_PROOF( + FILE *file +); + +#endif + +TSS_DAA_KEY_PAIR *get_TSS_DAA_KEY_PAIR( + KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof, + void * (*daa_alloc)(size_t size, TSS_HOBJECT object), + TSS_HOBJECT param_alloc +); + + +/******************************************************************************************** + * TSS_DAA_PSEUDONYM_PLAIN + ********************************************************************************************/ + +typedef struct { + bi_ptr nV; +} TSS_DAA_PSEUDONYM_PLAIN_internal; + +TSS_DAA_PSEUDONYM_PLAIN_internal *create_TSS_DAA_PSEUDONYM_PLAIN( + bi_ptr nV +); + +/******************************************************************************************** + * TSS_DAA_PSEUDONYM_ENCRYPTED + ********************************************************************************************/ + +typedef struct { + bi_ptr sTau; + struct tdCS_ENCRYPTION_RESULT *cs_enc_result; +} TSS_DAA_PSEUDONYM_ENCRYPTED_internal; + + +/******************************************************************************************** + * TSS_DAA_SIGNATURE + ********************************************************************************************/ + +typedef struct { + bi_ptr zeta; + bi_ptr capitalT; + int challenge_length; + BYTE *challenge; + int nonce_tpm_length; + BYTE *nonce_tpm; + bi_ptr sV; + bi_ptr sF0; + bi_ptr sF1; + bi_ptr sE; + int sA_length; + bi_array_ptr sA; +} TSS_DAA_SIGNATURE_internal; + +TSS_DAA_SIGNATURE_internal *e_2_i_TSS_DAA_SIGNATURE( + TSS_DAA_SIGNATURE*signature +); + +void free_TSS_DAA_SIGNATURE_internal( + TSS_DAA_SIGNATURE_internal *signature +); + +/******************************************************************************************** + * TSS_DAA_JOIN_ISSUER_SESSION + ********************************************************************************************/ + +typedef struct td_TSS_DAA_JOIN_ISSUER_SESSION_internal { + TPM_DAA_ISSUER *issuerAuthKey; + TSS_DAA_PK_PROOF_internal *issuerKeyPair; + TSS_DAA_IDENTITY_PROOF *identityProof; + bi_ptr capitalUprime; + int daaCounter; + int nonceIssuerLength; + BYTE *nonceIssuer; + int nonceEncryptedLength; + BYTE *nonceEncrypted; +} TSS_DAA_JOIN_ISSUER_SESSION_internal; + + +/******************************************************************************************** + TSS_DAA_CRED_ISSUER +********************************************************************************************/ +#if 0 +TSS_DAA_CRED_ISSUER *load_TSS_DAA_CRED_ISSUER( FILE *file); + +int save_TSS_DAA_CRED_ISSUER( FILE *file, TSS_DAA_CRED_ISSUER *credential); + +#endif +/******************************************************************************************** + TSS_DAA_CREDENTIAL +********************************************************************************************/ +#if 0 +TSS_DAA_CREDENTIAL *load_TSS_DAA_CREDENTIAL( FILE *file); + +int save_TSS_DAA_CREDENTIAL( + FILE *file, + TSS_DAA_CREDENTIAL *credential +); + +#endif + +/******************************************************************************************** + TPM_DAA_ISSUER +********************************************************************************************/ + +void free_TPM_DAA_ISSUER( TPM_DAA_ISSUER *tpm_daa_issuer); + +#endif /*DAA_STRUCT_H_*/ diff --git a/src/include/daa/issuer.h b/src/include/daa/issuer.h new file mode 100644 index 0000000..59b6a71 --- /dev/null +++ b/src/include/daa/issuer.h @@ -0,0 +1,71 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006-2007 + * + */ +#ifndef __ISSUER_H__ +#define __ISSUER_H__ + +#include "daa/daa_structs.h" +#include "daa/daa_parameter.h" +#include "tsplog.h" + + +TSS_RESULT +generate_key_pair(int num_attributes_issuer, + int num_attributes_receiver, + int base_nameLength, + BYTE *base_name, + KEY_PAIR_WITH_PROOF_internal **key_pair_with_proof +); + +TSS_DAA_PK_PROOF_internal *generate_proof( + const bi_ptr product_PQ_prime, + const TSS_DAA_PK_internal *public_key, + const bi_ptr xz, + const bi_ptr x0, + const bi_ptr x1, + bi_array_ptr x); + +#if 0 +TSPICALL +Tspi_DAA_IssueInit_internal( + TSS_HDAA hDAA, // in + TSS_HKEY issuerAuthPK, // in + TSS_HKEY issuerKeyPair, // in + TSS_DAA_IDENTITY_PROOF identityProof, // in + UINT32 capitalUprimeLength, // in + BYTE* capitalUprime, // in + UINT32 daaCounter, // in + UINT32* nonceIssuerLength, // out + BYTE** nonceIssuer, // out + UINT32* authenticationChallengeLength, // out + BYTE** authenticationChallenge, // out + TSS_DAA_JOIN_ISSUER_SESSION* joinSession // out +); + +TSPICALL +Tspi_DAA_IssueCredential_internal( + TSS_HDAA hDAA, // in + UINT32 attributesIssuerLength, // in + BYTE** attributesIssuer, // in + TSS_DAA_CREDENTIAL_REQUEST credentialRequest, // in + TSS_DAA_JOIN_ISSUER_SESSION joinSession, // in + TSS_DAA_CRED_ISSUER* credIssuer // out +); +#endif +TSS_RESULT +compute_join_challenge_issuer( TSS_DAA_PK_internal *pk_intern, + bi_ptr v_prime_prime, + bi_ptr capitalA, + bi_ptr capital_Atilde, + UINT32 nonceReceiverLength, + BYTE *nonceReceiver, + UINT32 *c_primeLength, + BYTE **c_prime); // out allocation + +#endif diff --git a/src/include/daa/key_correct.h b/src/include/daa/key_correct.h new file mode 100644 index 0000000..a6ce7d9 --- /dev/null +++ b/src/include/daa/key_correct.h @@ -0,0 +1,31 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef KEY_CORRECT_H_ +#define KEY_CORRECT_H_ + +#include "daa/daa_structs.h" +#include "daa/daa_parameter.h" +#include "tsplog.h" + + /** + * Verifies if the parameters Z,R0,R1,RReceiver and RIssuer of the public key + * were correctly computed. + * + * @param pk + * the public key, which one wants to verfy. + */ +TSS_RESULT +is_pk_correct( TSS_DAA_PK_internal *public_key, + TSS_DAA_PK_PROOF_internal *proof, + int *isCorrect +); + +#endif /*KEY_CORRECTNESS_PROOF_H_*/ diff --git a/src/include/daa/list.h b/src/include/daa/list.h new file mode 100644 index 0000000..27071d5 --- /dev/null +++ b/src/include/daa/list.h @@ -0,0 +1,40 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +#ifndef LIST_H_ +#define LIST_H_ + +/* simple linked list template */ +struct _list_t { + void *obj; + struct _list_t *next; // pointer to next node +}; + +typedef struct _list_t node_t; // each link is a list "node" + +typedef struct { + node_t *head; // pointer to first node + node_t *current; + node_t *previous; +} list_struct; + +typedef list_struct* list_ptr; +typedef list_struct list_t[1]; + + +list_ptr list_new(); + +void list_add(list_ptr list, void * obj); + +void list_dump(list_ptr list); + +void list_freeall(list_ptr list); + +#endif /*LIST_H_*/ diff --git a/src/include/daa/platform.h b/src/include/daa/platform.h new file mode 100644 index 0000000..e494742 --- /dev/null +++ b/src/include/daa/platform.h @@ -0,0 +1,115 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef PLATFORM_H_ +#define PLATFORM_H_ + +#include "bi.h" +#include "daa_structs.h" + +#if 0 +// for RSA key +#include <openssl/rsa.h> + +TSPICALL +Tspi_TPM_DAA_Sign_internal(TSS_HDAA hDAA, // in + TSS_HTPM hTPM, // in + TSS_HKEY hDaaCredential, // in + TSS_DAA_SELECTED_ATTRIB revealAttributes, // in + UINT32 verifierBaseNameLength, // in + BYTE* verifierBaseName, // in + UINT32 verifierNonceLength, // in + BYTE* verifierNonce, // in + TSS_DAA_SIGN_DATA signData, // in + TSS_DAA_SIGNATURE* daaSignature // out +); + +TSS_RESULT +Tspi_TPM_DAA_JoinInit_internal(TSS_HDAA hDAA, + TSS_HTPM hTPM, + int daa_counter, + TSS_DAA_PK *issuer_pk, + int issuer_authentication_PKLengh, + RSA **issuer_authentication_PK, + int issuer_authentication_PK_signaturesLength, + BYTE **issuer_authentication_PK_signatures, + int *capital_UprimeLength, + BYTE **capital_Uprime, + TSS_DAA_IDENTITY_PROOF *identity_proof, + TSS_DAA_JOIN_SESSION *joinSession +); + +TSPICALL Tspi_TPM_DAA_JoinCreateDaaPubKey_internal +( + TSS_HDAA hDAA, // in + TSS_HTPM hTPM, // in + UINT32 authenticationChallengeLength, // in + BYTE* authenticationChallenge, // in + UINT32 nonceIssuerLength, // in + BYTE* nonceIssuer, // in + UINT32 attributesPlatformLength, // in + BYTE** attributesPlatform, // in + TSS_DAA_JOIN_SESSION* joinSession, // in, out + TSS_DAA_CREDENTIAL_REQUEST* credentialRequest // out +); + +// allocation: endorsementKey as BYTE * +TSS_RESULT get_public_EK( + TSS_HDAA hDAA, + UINT32 *endorsementKeyLength, + BYTE **endorsementKey +); + +#endif + +TSS_RESULT +compute_join_challenge_host(TSS_HDAA_CREDENTIAL,//TSS_HDAA hDAA, + TSS_DAA_PK_internal *pk_internal, + bi_ptr capitalU, + bi_ptr capital_Uprime, + bi_ptr capital_utilde, + bi_ptr capital_utilde_prime, + bi_ptr capital_ni, + bi_ptr capital_ni_tilde, + UINT32 commitments_proofLength, + TSS_DAA_ATTRIB_COMMIT_internal * + commitments_proof, + UINT32 nonceIssuerLength, + BYTE* nonceIssuer, + UINT32 *resultLength, + BYTE **result +); + +#if 0 + +TSPICALL +Tspi_TPM_DAA_JoinStoreCredential_internal(TSS_HDAA hDAA, // in + TSS_HTPM hTPM, // in + TSS_DAA_CRED_ISSUER credIssuer, // in + TSS_DAA_JOIN_SESSION joinSession, // in + TSS_HKEY* hDaaCredential // out +); + +TSPICALL +Tspi_TPM_DAA_Sign_internal(TSS_HDAA hDAA, // in + TSS_HTPM hTPM, // in + TSS_HKEY hDaaCredential, // in + TSS_DAA_SELECTED_ATTRIB revealAttributes, // in + UINT32 verifierBaseNameLength, // in + BYTE* verifierBaseName, // in + UINT32 verifierNonceLength, // in + BYTE* verifierNonce, // in + TSS_DAA_SIGN_DATA signData, // in + TSS_DAA_SIGNATURE* daaSignature // out +); + +#endif + +#endif diff --git a/src/include/daa/verifier.h b/src/include/daa/verifier.h new file mode 100644 index 0000000..f177948 --- /dev/null +++ b/src/include/daa/verifier.h @@ -0,0 +1,110 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef VERIFIER_H_ +#define VERIFIER_H_ + +#include "bi.h" +#include "daa_structs.h" +#include "anonymity_revocation.h" +#include "daa_parameter.h" +#include "tsplog.h" + +/* + * Transaction of a DAA Verifier to verify a signature (VerifierTransaction.java) + */ +typedef struct { + BYTE *baseName; + int baseName_length; + EVP_MD *digest; + BYTE *nonce; + int nonce_length; + int is_anonymity_revocation_enabled; // boolean + BYTE *anonymity_revocation_condition; + int anonymity_revocation_condition_length; + CS_PUBLIC_KEY *anonymity_revocator_pk; + // private TssDaaSelectedAttrib[] selectedAttributes2Commit; + TSS_DAA_SELECTED_ATTRIB **selected_attributes2commit; + int selected_attributes2commitLength; +} DAA_VERIFIER_TRANSACTION; + +/* the return (BYTE *) should be free after usage */ +BYTE *compute_bytes( int seedLength, BYTE *seed, int length, const EVP_MD *digest); + +bi_ptr compute_zeta( int nameLength, unsigned char *name, TSS_DAA_PK_internal *issuer_pk); + +bi_ptr project_into_group_gamma( bi_ptr base, TSS_DAA_PK_internal *issuer_pk); +#if 0 +TSPICALL Tspi_DAA_VerifyInit_internal +( + TSS_HDAA hDAA, // in + UINT32* nonceVerifierLength, // out + BYTE** nonceVerifier, // out + UINT32 baseNameLength, // out + BYTE ** baseName // out +); + +TSPICALL Tspi_DAA_VerifySignature_internal +( TSS_HDAA hDAA, // in + TSS_DAA_SIGNATURE signature, // in + TSS_HKEY hPubKeyIssuer, // in + TSS_DAA_SIGN_DATA sign_data, // in + UINT32 attributes_length, // in + BYTE **attributes, // in + UINT32 nonce_verifierLength, // out + BYTE *nonce_verifier, // out + UINT32 base_nameLength, // out + BYTE *base_name, // out + TSS_BOOL *isCorrect // out +); +#else +TSS_RESULT +Tspi_DAA_VerifySignature +( + TSS_HDAA_CREDENTIAL hDAACredential, // in + TSS_HDAA_ISSUER_KEY hIssuerKey, // in + TSS_HDAA_ARA_KEY hARAKey, // in + TSS_HHASH hARACondition, // in + UINT32 attributesLength, // in + UINT32 attributesLength2, // in + BYTE** attributes, // in + UINT32 verifierNonceLength, // in + BYTE* verifierNonce, // in + UINT32 verifierBaseNameLength, // in + BYTE* verifierBaseName, // in + TSS_HOBJECT signData, // in + TSS_DAA_SIGNATURE* daaSignature, // in + TSS_BOOL* isCorrect // out +); + +#endif + +BYTE *compute_sign_challenge_host( + int *result_length, + EVP_MD *digest, + TSS_DAA_PK_internal *issuer_pk, + int nonce_verifierLength, + BYTE *nonce_verifier, + int selected_attributes2commitLength, + TSS_DAA_SELECTED_ATTRIB **selected_attributes2commit, + int is_anonymity_revocation_enabled, + bi_ptr zeta, + bi_ptr capital_t, + bi_ptr capital_tilde, + int attribute_commitmentsLength, + TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitments, + TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitment_proofs, + bi_ptr capital_nv, + bi_ptr capital_tilde_v, + CS_PUBLIC_KEY *anonymity_revocator_pk, + CS_ENCRYPTION_RESULT *encryption_result_rand, + CS_ENCRYPTION_RESULT *encryption_result_proof); + +#endif /*VERIFIER_H_*/ diff --git a/src/include/hosttable.h b/src/include/hosttable.h new file mode 100644 index 0000000..edc820b --- /dev/null +++ b/src/include/hosttable.h @@ -0,0 +1,43 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#ifndef _HOSTTABLE_H_ +#define _HOSTTABLE_H_ + +#include "rpc_tcstp.h" +#include "threads.h" + + +#define CONNECTION_TYPE_TCP_PERSISTANT 1 + +struct host_table_entry { + struct host_table_entry *next; + TSS_HCONTEXT tspContext; + TCS_CONTEXT_HANDLE tcsContext; + BYTE *hostname; + int type; + int socket; + struct tcsd_comm_data comm; + MUTEX_DECLARE(lock); +}; + +struct host_table { + struct host_table_entry *entries; + MUTEX_DECLARE(lock); +}; + +extern struct host_table *ht; +struct host_table_entry *get_table_entry(TCS_CONTEXT_HANDLE); +void put_table_entry(struct host_table_entry *); +TSS_RESULT __tspi_add_table_entry(TSS_HCONTEXT, BYTE *, int, struct host_table_entry **); +void remove_table_entry(TCS_CONTEXT_HANDLE); + + +#endif diff --git a/src/include/imaem.h b/src/include/imaem.h new file mode 100644 index 0000000..1d12128 --- /dev/null +++ b/src/include/imaem.h @@ -0,0 +1,35 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +#ifndef _IMAEM_H_ +#define _IMAEM_H_ + +int ima_open(void *, FILE **); +TSS_RESULT ima_get_entries_by_pcr(FILE *, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **); +TSS_RESULT ima_get_entry(FILE *, UINT32, UINT32 *, TSS_PCR_EVENT **); +int ima_close(FILE *); + +extern struct ext_log_source ima_source; + +/* 4 bytes binary [PCR value] + * 20 bytes binary [SHA1 value] + * 4 bytes binary [event type] + * 255 bytes of ascii (MAX) [event name] + * 1 byte -> '\0' [separator ] + */ +#define IMA_MIN_EVENT_SIZE 29 +#define IMA_MAX_EVENT_SIZE 284 + +/* this should be large if we're reading out of /proc */ +#define IMA_READ_SIZE (4096 + IMA_MAX_EVENT_SIZE) + +#define EVLOG_SOURCE_IMA 1 + +#endif diff --git a/src/include/linux/tpm.h b/src/include/linux/tpm.h new file mode 100644 index 0000000..ee32c4d --- /dev/null +++ b/src/include/linux/tpm.h @@ -0,0 +1,41 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +/* + * include/linux/tpm.h + * + * Device driver for TCPA TPM (trusted platform module). + */ +#ifndef _TPM_H_ +#define _TPM_H_ + +#if (defined (__linux) || defined (linux)) +#include <linux/ioctl.h> +#elif (defined (__OpenBSD__) || defined (__FreeBSD__)) +#include <sys/ioctl.h> +#endif + +/* ioctl commands */ +#define TPMIOC_CANCEL _IO('T', 0x00) +#define TPMIOC_TRANSMIT _IO('T', 0x01) + +#if defined(__KERNEL__) +extern ssize_t tpm_transmit(const char *buf, size_t bufsiz); +extern ssize_t tpm_extend(int index, u8 *digest); +extern ssize_t tpm_pcrread(int index, u8 *hash); +extern ssize_t tpm_dirread(int index, u8 *hash); +extern ssize_t tpm_cap_version(int *maj, int *min, int *ver, int *rev); +extern ssize_t tpm_cap_pcr(int *pcrs); +extern ssize_t tpm_cap_dir(int *dirs); +extern ssize_t tpm_cap_manufacturer(int *manufacturer); +extern ssize_t tpm_cap_slot(int *slots); +#endif /* __KERNEL__ */ + +#endif diff --git a/src/include/memmgr.h b/src/include/memmgr.h new file mode 100644 index 0000000..f78395f --- /dev/null +++ b/src/include/memmgr.h @@ -0,0 +1,37 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +#ifndef _MEMMGR_H_ +#define _MEMMGR_H_ + +/* + * For each TSP context, there is one memTable, which holds a list of memEntry's, + * each of which holds a pointer to some malloc'd memory that's been returned to + * the user. The memTable also can point to other memTable's which would be + * created if multiple TSP contexts were opened. + * + */ + +struct memEntry { + void *memPointer; + struct memEntry *nextEntry; +}; + +struct memTable { + TSS_HCONTEXT tspContext; + struct memEntry *entries; + struct memTable *nextTable; +}; + +MUTEX_DECLARE_INIT(memtable_lock); + +struct memTable *SpiMemoryTable = NULL; + +#endif diff --git a/src/include/obj.h b/src/include/obj.h new file mode 100644 index 0000000..109a1ae --- /dev/null +++ b/src/include/obj.h @@ -0,0 +1,92 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_H_ +#define _OBJ_H_ + +#include "threads.h" + +/* definitions */ + +/* When TRUE, the object has PCRs associated with it */ +#define TSS_OBJ_FLAG_PCRS 0x00000001 +/* When TRUE, the object has a usage auth secret associated with it */ +#define TSS_OBJ_FLAG_USAGEAUTH 0x00000002 +/* When TRUE, the object has a migration auth secret associated with it */ +#define TSS_OBJ_FLAG_MIGAUTH 0x00000004 +/* When TRUE, the object has previously been registered in USER PS */ +#define TSS_OBJ_FLAG_USER_PS 0x00000008 +/* When TRUE, the object has previously been registered in SYSTEM PS */ +#define TSS_OBJ_FLAG_SYSTEM_PS 0x00000010 +/* When TRUE, the key has been created and cannot be altered */ +#define TSS_OBJ_FLAG_KEY_SET 0x00000020 + +/* structures */ +struct tsp_object { + UINT32 handle; + UINT32 tspContext; + TSS_FLAG flags; + void *data; + struct tsp_object *next; +}; + +struct obj_list { + struct tsp_object *head; + MUTEX_DECLARE(lock); +}; + +/* prototypes */ +TSS_RESULT obj_getTpmObject(UINT32, TSS_HOBJECT *); +TSS_HOBJECT obj_GetPolicyOfObject(UINT32, UINT32); +void __tspi_obj_list_init(); +TSS_HOBJECT obj_get_next_handle(); +TSS_RESULT obj_list_add(struct obj_list *, UINT32, TSS_FLAG, void *, TSS_HOBJECT *); +TSS_RESULT obj_list_remove(struct obj_list *, void (*)(void *), TSS_HOBJECT, TSS_HCONTEXT); +void obj_list_put(struct obj_list *); +struct tsp_object *obj_list_get_obj(struct obj_list *, UINT32); +struct tsp_object *obj_list_get_tspcontext(struct obj_list *, UINT32); +void obj_list_close(struct obj_list *, void (*)(void *), TSS_HCONTEXT); +void obj_connectContext(TSS_HCONTEXT, TCS_CONTEXT_HANDLE); +void obj_close_context(TSS_HCONTEXT); +void obj_lists_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT); + +/* prototypes for functions that may traverse more than one list */ +TSS_RESULT obj_tcskey_get_pubkeyhash(TCS_KEY_HANDLE, BYTE *); + +#include "obj_tpm.h" +#include "obj_context.h" +#include "obj_hash.h" +#include "obj_pcrs.h" +#include "obj_policy.h" +#include "obj_rsakey.h" +#include "obj_encdata.h" +#include "obj_daacred.h" +#include "obj_daaarakey.h" +#include "obj_daaissuerkey.h" +#include "obj_nv.h" +#include "obj_delfamily.h" +#include "obj_migdata.h" + + +TPM_LIST_DECLARE_EXTERN; +CONTEXT_LIST_DECLARE_EXTERN; +HASH_LIST_DECLARE_EXTERN; +PCRS_LIST_DECLARE_EXTERN; +POLICY_LIST_DECLARE_EXTERN; +RSAKEY_LIST_DECLARE_EXTERN; +ENCDATA_LIST_DECLARE_EXTERN; +DAACRED_LIST_DECLARE_EXTERN; +DAAARAKEY_LIST_DECLARE_EXTERN; +DAAISSUERKEY_LIST_DECLARE_EXTERN; +NVSTORE_LIST_DECLARE_EXTERN; +DELFAMILY_LIST_DECLARE_EXTERN; +MIGDATA_LIST_DECLARE_EXTERN; + +#endif diff --git a/src/include/obj_context.h b/src/include/obj_context.h new file mode 100644 index 0000000..855e7d4 --- /dev/null +++ b/src/include/obj_context.h @@ -0,0 +1,93 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_CONTEXT_H_ +#define _OBJ_CONTEXT_H_ + +#define TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED 0x01 +#define TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT 0x02 +#define TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC 0x04 +#define TSS_CONTEXT_FLAGS_TRANSPORT_EXCLUSIVE 0x08 +#define TSS_CONTEXT_FLAGS_TRANSPORT_STATIC_AUTH 0x10 +#define TSS_CONTEXT_FLAGS_TRANSPORT_ESTABLISHED 0x20 +#define TSS_CONTEXT_FLAGS_TRANSPORT_MASK 0x3f + +#define TSS_CONTEXT_FLAGS_TPM_VERSION_1 0x40 +#define TSS_CONTEXT_FLAGS_TPM_VERSION_2 0x80 +#define TSS_CONTEXT_FLAGS_TPM_VERSION_MASK 0xc0 + +/* structures */ +struct tr_context_obj { + TSS_FLAG silentMode, flags; + UINT32 hashMode; + TSS_HPOLICY policy; + BYTE *machineName; + UINT32 machineNameLength; + UINT32 connection_policy, current_connection; + struct tcs_api_table *tcs_api; +#ifdef TSS_BUILD_TRANSPORT + /* transport session support */ + TSS_HKEY transKey; + TPM_TRANSPORT_PUBLIC transPub; + TPM_MODIFIER_INDICATOR transMod; + TPM_TRANSPORT_AUTH transSecret; + TPM_AUTH transAuth; + TPM_TRANSPORT_LOG_IN transLogIn; + TPM_TRANSPORT_LOG_OUT transLogOut; + TPM_DIGEST transLogDigest; +#endif +}; + +/* obj_context.c */ +void __tspi_obj_context_free(void *data); +TSS_BOOL obj_is_context(TSS_HOBJECT); +TSS_RESULT obj_context_get_policy(TSS_HCONTEXT, UINT32, TSS_HPOLICY *); +TSS_BOOL obj_context_is_silent(TSS_HCONTEXT); +TSS_RESULT obj_context_get_machine_name(TSS_HCONTEXT, UINT32 *, BYTE **); +TSS_RESULT obj_context_get_machine_name_attrib(TSS_HCONTEXT, UINT32 *, BYTE **); +TSS_RESULT obj_context_set_machine_name(TSS_HCONTEXT, BYTE *, UINT32); +TSS_RESULT obj_context_add(TSS_HOBJECT *); +TSS_RESULT obj_context_set_mode(TSS_HCONTEXT, UINT32); +TSS_RESULT obj_context_get_mode(TSS_HCONTEXT, UINT32 *); +TSS_BOOL obj_context_has_popups(TSS_HCONTEXT); +TSS_RESULT obj_context_get_hash_mode(TSS_HCONTEXT, UINT32 *); +TSS_RESULT obj_context_set_hash_mode(TSS_HCONTEXT, UINT32); +TSS_RESULT obj_context_get_connection_version(TSS_HCONTEXT, UINT32 *); +TSS_RESULT obj_context_set_connection_policy(TSS_HCONTEXT, UINT32); +#ifdef TSS_BUILD_TRANSPORT +TSS_RESULT obj_context_set_transport_key(TSS_HCONTEXT, TSS_HKEY); +TSS_RESULT obj_context_transport_get_control(TSS_HCONTEXT, UINT32, UINT32 *); +TSS_RESULT obj_context_transport_set_control(TSS_HCONTEXT, UINT32); +TSS_RESULT obj_context_transport_get_mode(TSS_HCONTEXT, UINT32, UINT32 *); +TSS_RESULT obj_context_transport_set_mode(TSS_HCONTEXT, UINT32); +TSS_RESULT obj_context_transport_init(TSS_HCONTEXT); +TSS_RESULT obj_context_transport_establish(TSS_HCONTEXT, struct tr_context_obj *); +TSS_RESULT obj_context_transport_execute(TSS_HCONTEXT, TPM_COMMAND_CODE, UINT32, BYTE*, TPM_DIGEST*, + UINT32*, TCS_HANDLE**, TPM_AUTH*, TPM_AUTH*, UINT32*, + BYTE**); +TSS_RESULT obj_context_transport_close(TSS_HCONTEXT, TSS_HKEY, TSS_HPOLICY, TSS_BOOL, + TPM_SIGN_INFO*, UINT32*, BYTE**); +#endif +TSS_RESULT obj_context_set_tpm_version(TSS_HCONTEXT, UINT32); +TSS_RESULT obj_context_get_tpm_version(TSS_HCONTEXT, UINT32 *); +TSS_RESULT obj_context_get_loadkey_ordinal(TSS_HCONTEXT, TPM_COMMAND_CODE *); +void obj_context_close(TSS_HCONTEXT); + +struct tcs_api_table *obj_context_get_tcs_api(TSS_HCONTEXT); +#define TCS_API(c) obj_context_get_tcs_api(c) + + +#define CONTEXT_LIST_DECLARE struct obj_list context_list +#define CONTEXT_LIST_DECLARE_EXTERN extern struct obj_list context_list +#define CONTEXT_LIST_INIT() list_init(&context_list) +#define CONTEXT_LIST_CONNECT(a,b) obj_connectContext_list(&context_list, a, b) +#define CONTEXT_LIST_CLOSE(a) obj_list_close(&context_list, &__tspi_obj_context_free, a) + +#endif diff --git a/src/include/obj_daa.h b/src/include/obj_daa.h new file mode 100644 index 0000000..d7e21a9 --- /dev/null +++ b/src/include/obj_daa.h @@ -0,0 +1,51 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_DAA_H_ +#define _OBJ_DAA_H_ + +#ifdef TSS_BUILD_DAA + +/* structures */ +struct tr_daa_obj { + UINT32 session_handle; // set by [join|sign] stage 0. + TPM_HANDLE tpm_handle; +}; + +/* obj_daa.c */ +void daa_free(void *data); +TSS_RESULT obj_daa_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject); +TSS_RESULT obj_daa_remove(TSS_HOBJECT, TSS_HCONTEXT); +TSS_BOOL obj_is_daa(TSS_HOBJECT); +TSS_RESULT obj_daa_get_tsp_context(TSS_HDAA, TSS_HCONTEXT *); +TSS_RESULT obj_daa_get_handle_tpm(TSS_HDAA, TPM_HANDLE *); +TSS_RESULT obj_daa_set_handle_tpm(TSS_HDAA, TPM_HANDLE); +TSS_RESULT obj_daa_get_session_handle(TSS_HDAA, UINT32 *); +TSS_RESULT obj_daa_set_session_handle(TSS_HDAA, UINT32); + +#define DAA_LIST_DECLARE struct obj_list daa_list +#define DAA_LIST_DECLARE_EXTERN extern struct obj_list daa_list +#define DAA_LIST_INIT() list_init(&daa_list) +#define DAA_LIST_CONNECT(a,b) obj_connectContext_list(&daa_list, a, b) +#define DAA_LIST_CLOSE(a) obj_list_close(&daa_list, &daa_free, a) + +#else + +#define obj_is_daa(a) FALSE + +#define DAA_LIST_DECLARE +#define DAA_LIST_DECLARE_EXTERN +#define DAA_LIST_INIT() +#define DAA_LIST_CONNECT(a,b) +#define DAA_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_daaarakey.h b/src/include/obj_daaarakey.h new file mode 100644 index 0000000..9997f09 --- /dev/null +++ b/src/include/obj_daaarakey.h @@ -0,0 +1,51 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_DAAARAKEY_H_ +#define _OBJ_DAAARAKEY_H_ + +#ifdef TSS_BUILD_DAA + +/* structures */ +struct tr_daaarakey_obj { + UINT32 session_handle; + TPM_HANDLE tpm_handle; +}; + +/* prototypes */ +void daaarakey_free(void *data); +TSS_RESULT obj_daaarakey_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject); +TSS_RESULT obj_daaarakey_remove(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT); +TSS_BOOL obj_is_daaarakey(TSS_HDAA_ISSUER_KEY); +TSS_RESULT obj_daaarakey_get_tsp_context(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT *); +TSS_RESULT obj_daaarakey_get_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE *); +TSS_RESULT obj_daaarakey_set_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE); +TSS_RESULT obj_daaarakey_get_session_handle(TSS_HDAA_ISSUER_KEY, UINT32 *); +TSS_RESULT obj_daaarakey_set_session_handle(TSS_HDAA_ISSUER_KEY, UINT32); + +#define DAAARAKEY_LIST_DECLARE struct obj_list daaarakey_list +#define DAAARAKEY_LIST_DECLARE_EXTERN extern struct obj_list daaarakey_list +#define DAAARAKEY_LIST_INIT() list_init(&daaarakey_list) +#define DAAARAKEY_LIST_CONNECT(a,b) obj_connectContext_list(&daaarakey_list, a, b) +#define DAAARAKEY_LIST_CLOSE(a) obj_list_close(&daaarakey_list, &daaarakey_free, a) + +#else + +#define obj_is_daaarakey(a) FALSE + +#define DAAARAKEY_LIST_DECLARE +#define DAAARAKEY_LIST_DECLARE_EXTERN +#define DAAARAKEY_LIST_INIT() +#define DAAARAKEY_LIST_CONNECT(a,b) +#define DAAARAKEY_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_daacred.h b/src/include/obj_daacred.h new file mode 100644 index 0000000..4e1aa17 --- /dev/null +++ b/src/include/obj_daacred.h @@ -0,0 +1,51 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_DAACRED_H_ +#define _OBJ_DAACRED_H_ + +#ifdef TSS_BUILD_DAA + +/* structures */ +struct tr_daacred_obj { + UINT32 session_handle; // set by [join|sign] stage 0. + TPM_HANDLE tpm_handle; +}; + +/* prototypes */ +void daacred_free(void *data); +TSS_RESULT obj_daacred_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject); +TSS_RESULT obj_daacred_remove(TSS_HDAA_CREDENTIAL, TSS_HCONTEXT); +TSS_BOOL obj_is_daacred(TSS_HDAA_CREDENTIAL); +TSS_RESULT obj_daacred_get_tsp_context(TSS_HDAA_CREDENTIAL, TSS_HCONTEXT *); +TSS_RESULT obj_daacred_get_handle_tpm(TSS_HDAA_CREDENTIAL, TPM_HANDLE *); +TSS_RESULT obj_daacred_set_handle_tpm(TSS_HDAA_CREDENTIAL, TPM_HANDLE); +TSS_RESULT obj_daacred_get_session_handle(TSS_HDAA_CREDENTIAL, UINT32 *); +TSS_RESULT obj_daacred_set_session_handle(TSS_HDAA_CREDENTIAL, UINT32); + +#define DAACRED_LIST_DECLARE struct obj_list daacred_list +#define DAACRED_LIST_DECLARE_EXTERN extern struct obj_list daacred_list +#define DAACRED_LIST_INIT() list_init(&daacred_list) +#define DAACRED_LIST_CONNECT(a,b) obj_connectContext_list(&daacred_list, a, b) +#define DAACRED_LIST_CLOSE(a) obj_list_close(&daacred_list, &daacred_free, a) + +#else + +#define obj_is_daacred(a) FALSE + +#define DAACRED_LIST_DECLARE +#define DAACRED_LIST_DECLARE_EXTERN +#define DAACRED_LIST_INIT() +#define DAACRED_LIST_CONNECT(a,b) +#define DAACRED_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_daaissuerkey.h b/src/include/obj_daaissuerkey.h new file mode 100644 index 0000000..5a1e5ab --- /dev/null +++ b/src/include/obj_daaissuerkey.h @@ -0,0 +1,52 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_DAAISSUERKEY_H_ +#define _OBJ_DAAISSUERKEY_H_ + +#ifdef TSS_BUILD_DAA + +/* structures */ +struct tr_daaissuerkey_obj { + UINT32 session_handle; + TPM_HANDLE tpm_handle; +}; + +/* prototypes */ +void daaissuerkey_free(void *data); +TSS_RESULT obj_daaissuerkey_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject); +TSS_RESULT obj_daaissuerkey_remove(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT); +TSS_BOOL obj_is_daaissuerkey(TSS_HDAA_ISSUER_KEY); +TSS_RESULT obj_daaissuerkey_get_tsp_context(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT *); +TSS_RESULT obj_daaissuerkey_get_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE *); +TSS_RESULT obj_daaissuerkey_set_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE); +TSS_RESULT obj_daaissuerkey_get_session_handle(TSS_HDAA_ISSUER_KEY, UINT32 *); +TSS_RESULT obj_daaissuerkey_set_session_handle(TSS_HDAA_ISSUER_KEY, UINT32); + +#define DAAISSUERKEY_LIST_DECLARE struct obj_list daaissuerkey_list +#define DAAISSUERKEY_LIST_DECLARE_EXTERN extern struct obj_list daaissuerkey_list +#define DAAISSUERKEY_LIST_INIT() list_init(&daaissuerkey_list) +#define DAAISSUERKEY_LIST_CONNECT(a,b) obj_connectContext_list(&daaissuerkey_list, a, b) +#define DAAISSUERKEY_LIST_CLOSE(a) obj_list_close(&daaissuerkey_list, \ + &daaissuerkey_free, a) + +#else + +#define obj_is_daaissuerkey(a) FALSE + +#define DAAISSUERKEY_LIST_DECLARE +#define DAAISSUERKEY_LIST_DECLARE_EXTERN +#define DAAISSUERKEY_LIST_INIT() +#define DAAISSUERKEY_LIST_CONNECT(a,b) +#define DAAISSUERKEY_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_delfamily.h b/src/include/obj_delfamily.h new file mode 100644 index 0000000..238bd56 --- /dev/null +++ b/src/include/obj_delfamily.h @@ -0,0 +1,64 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#ifndef _OBJ_DELFAMILY_H_ +#define _OBJ_DELFAMILY_H_ + +#ifdef TSS_BUILD_DELEGATION + +#define TSS_DELFAMILY_FLAGS_STATE_ENABLED (((UINT32)1)<<0) +#define TSS_DELFAMILY_FLAGS_STATE_LOCKED (((UINT32)1)<<1) + +/* structures */ +struct tr_delfamily_obj { + UINT32 stateFlags; + UINT32 verCount; + UINT32 familyID; + BYTE label; +}; + +/* obj_delfamily.c */ +void delfamily_free(void *data); +TSS_BOOL obj_is_delfamily(TSS_HOBJECT); +TSS_RESULT obj_delfamily_add(TSS_HCONTEXT, TSS_HOBJECT *); +TSS_RESULT obj_delfamily_remove(TSS_HDELFAMILY, TSS_HOBJECT); +void obj_delfamily_find_by_familyid(TSS_HOBJECT, UINT32, TSS_HDELFAMILY *); +TSS_RESULT obj_delfamily_get_tsp_context(TSS_HDELFAMILY, TSS_HCONTEXT *); +TSS_RESULT obj_delfamily_set_locked(TSS_HDELFAMILY, TSS_BOOL, TSS_BOOL); +TSS_RESULT obj_delfamily_get_locked(TSS_HDELFAMILY, TSS_BOOL *); +TSS_RESULT obj_delfamily_set_enabled(TSS_HDELFAMILY, TSS_BOOL, TSS_BOOL); +TSS_RESULT obj_delfamily_get_enabled(TSS_HDELFAMILY, TSS_BOOL *); +TSS_RESULT obj_delfamily_set_vercount(TSS_HDELFAMILY, UINT32); +TSS_RESULT obj_delfamily_get_vercount(TSS_HDELFAMILY, UINT32 *); +TSS_RESULT obj_delfamily_set_familyid(TSS_HDELFAMILY, UINT32); +TSS_RESULT obj_delfamily_get_familyid(TSS_HDELFAMILY, UINT32 *); +TSS_RESULT obj_delfamily_set_label(TSS_HDELFAMILY, BYTE); +TSS_RESULT obj_delfamily_get_label(TSS_HDELFAMILY, BYTE *); + + +#define DELFAMILY_LIST_DECLARE struct obj_list delfamily_list +#define DELFAMILY_LIST_DECLARE_EXTERN extern struct obj_list delfamily_list +#define DELFAMILY_LIST_INIT() list_init(&delfamily_list) +#define DELFAMILY_LIST_CONNECT(a,b) obj_connectContext_list(&delfamily_list, a, b) +#define DELFAMILY_LIST_CLOSE(a) obj_list_close(&delfamily_list, &delfamily_free, a) + +#else + +#define obj_is_delfamily(a) FALSE + +#define DELFAMILY_LIST_DECLARE +#define DELFAMILY_LIST_DECLARE_EXTERN +#define DELFAMILY_LIST_INIT() +#define DELFAMILY_LIST_CONNECT(a,b) +#define DELFAMILY_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_encdata.h b/src/include/obj_encdata.h new file mode 100644 index 0000000..922a07a --- /dev/null +++ b/src/include/obj_encdata.h @@ -0,0 +1,71 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_ENCDATA_H_ +#define _OBJ_ENCDATA_H_ + +#ifdef TSS_BUILD_ENCDATA_LIST + +/* structures */ +struct tr_encdata_obj { + TSS_HPOLICY usagePolicy; + UINT32 encryptedDataLength; + BYTE *encryptedData; + union { + TPM_PCR_INFO info11; + TPM_PCR_INFO_LONG infolong; + } pcrInfo; + UINT32 pcrInfoType; + UINT32 type; +#ifdef TSS_BUILD_SEALX + UINT32 protectMode; +#endif +}; + +/* obj_encdata.c */ +void encdata_free(void *data); +TSS_BOOL obj_is_encdata(TSS_HOBJECT); +TSS_RESULT obj_encdata_set_policy(TSS_HKEY, TSS_HPOLICY); +TSS_RESULT obj_encdata_set_data(TSS_HENCDATA, UINT32, BYTE *); +TSS_RESULT obj_encdata_remove(TSS_HOBJECT, TSS_HCONTEXT); +TSS_RESULT obj_encdata_get_tsp_context(TSS_HENCDATA, TSS_HCONTEXT *); +TSS_RESULT obj_encdata_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *); +TSS_RESULT obj_encdata_get_data(TSS_HENCDATA, UINT32 *, BYTE **); +TSS_RESULT obj_encdata_get_pcr_selection(TSS_HENCDATA, TSS_FLAG, TSS_FLAG, UINT32 *, BYTE **); +TSS_RESULT obj_encdata_get_pcr_locality(TSS_HENCDATA, TSS_FLAG, UINT32 *); +TSS_RESULT obj_encdata_get_pcr_digest(TSS_HENCDATA, TSS_FLAG, TSS_FLAG, UINT32 *, BYTE **); +TSS_RESULT obj_encdata_set_pcr_info(TSS_HENCDATA, UINT32, BYTE *); +TSS_RESULT obj_encdata_get_policy(TSS_HENCDATA, UINT32, TSS_HPOLICY *); +void obj_encdata_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT); +#ifdef TSS_BUILD_SEALX +TSS_RESULT obj_encdata_set_seal_protect_mode(TSS_HENCDATA, UINT32); +TSS_RESULT obj_encdata_get_seal_protect_mode(TSS_HENCDATA, UINT32 *); +#endif + + +#define ENCDATA_LIST_DECLARE struct obj_list encdata_list +#define ENCDATA_LIST_DECLARE_EXTERN extern struct obj_list encdata_list +#define ENCDATA_LIST_INIT() list_init(&encdata_list) +#define ENCDATA_LIST_CONNECT(a,b) obj_connectContext_list(&encdata_list, a, b) +#define ENCDATA_LIST_CLOSE(a) obj_list_close(&encdata_list, &encdata_free, a) + +#else + +#define obj_is_encdata(a) FALSE + +#define ENCDATA_LIST_DECLARE +#define ENCDATA_LIST_DECLARE_EXTERN +#define ENCDATA_LIST_INIT() +#define ENCDATA_LIST_CONNECT(a,b) +#define ENCDATA_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_hash.h b/src/include/obj_hash.h new file mode 100644 index 0000000..a835f7a --- /dev/null +++ b/src/include/obj_hash.h @@ -0,0 +1,53 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_HASH_H_ +#define _OBJ_HASH_H_ + +#ifdef TSS_BUILD_HASH_LIST + +/* structures */ +struct tr_hash_obj { + UINT32 type; + BYTE *hashData; + UINT32 hashSize; + UINT32 hashUpdateSize; + BYTE *hashUpdateBuffer; +}; + +/* obj_hash.c */ +void __tspi_hash_free(void *data); +TSS_RESULT obj_hash_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *); +TSS_BOOL obj_is_hash(TSS_HOBJECT); +TSS_RESULT obj_hash_remove(TSS_HOBJECT, TSS_HCONTEXT); +TSS_RESULT obj_hash_get_tsp_context(TSS_HHASH, TSS_HCONTEXT *); +TSS_RESULT obj_hash_set_value(TSS_HHASH, UINT32, BYTE *); +TSS_RESULT obj_hash_get_value(TSS_HHASH, UINT32 *, BYTE **); +TSS_RESULT obj_hash_update_value(TSS_HHASH, UINT32, BYTE *); + +#define HASH_LIST_DECLARE struct obj_list hash_list +#define HASH_LIST_DECLARE_EXTERN extern struct obj_list hash_list +#define HASH_LIST_INIT() list_init(&hash_list) +#define HASH_LIST_CONNECT(a,b) obj_connectContext_list(&hash_list, a, b) +#define HASH_LIST_CLOSE(a) obj_list_close(&hash_list, &__tspi_hash_free, a) + +#else + +#define obj_is_hash(a) FALSE + +#define HASH_LIST_DECLARE +#define HASH_LIST_DECLARE_EXTERN +#define HASH_LIST_INIT() +#define HASH_LIST_CONNECT(a,b) +#define HASH_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_migdata.h b/src/include/obj_migdata.h new file mode 100644 index 0000000..2432797 --- /dev/null +++ b/src/include/obj_migdata.h @@ -0,0 +1,137 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#ifndef _OBJ_MIGDATA_H_ +#define _OBJ_MIGDATA_H_ + +#ifdef TSS_BUILD_CMK + +/* structures */ +struct tr_migdata_obj { + /* TSS_MIGATTRIB_MIGRATIONTICKET (from AuthorizeMigrationTicket) */ + UINT32 migTicketSize; + BYTE *migTicket; + + /* TSS_MIGATTRIB_AUTHORITY_DATA/TSS_MIGATTRIB_AUTHORITY_MSALIST + - Recalculate the msaDigest + or + TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_MSALIST_PUBKEY_BLOB + - Create a digest from the pubkey blob and append to the list + - Recalculate the msaDigest */ + TPM_MSA_COMPOSITE msaList; + /* TSS_MIGATTRIB_AUTHORITY_DATA/TSS_MIGATTRIB_AUTHORITY_DIGEST */ + TPM_DIGEST msaDigest; + /* TSS_MIGATTRIB_AUTHORITY_DATA/TSS_MIGATTRIB_AUTHORITY_APPROVAL_HMAC */ + TPM_HMAC msaHmac; + + /* TSS_MIGATTRIB_MIG_AUTH_DATA/TSS_MIGATTRIB_MIG_AUTH_AUTHORITY_DIGEST + or + TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_AUTHORITY_PUBKEY_BLOB + - Create a digest from the pubkey blob */ + TPM_DIGEST maDigest; + /* TSS_MIGATTRIB_MIG_AUTH_DATA/TSS_MIGATTRIB_MIG_AUTH_DESTINATION_DIGEST + or + TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_DESTINATION_PUBKEY_BLOB + - Create a digest from the pubkey blob */ + TPM_DIGEST destDigest; + /* TSS_MIGATTRIB_MIG_AUTH_DATA/TSS_MIGATTRIB_MIG_AUTH_SOURCE_DIGEST + or + TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_SOURCE_PUBKEY_BLOB + - Create a digest from the pubkey blob */ + TPM_DIGEST srcDigest; + + /* TSS_MIGATTRIB_TICKET_DATA/TSS_MIGATTRIB_TICKET_SIG_DIGEST */ + TPM_DIGEST sigData; + /* TSS_MIGATTRIB_TICKET_DATA/TSS_MIGATTRIB_TICKET_SIG_VALUE */ + UINT32 sigValueSize; + BYTE *sigValue; + /* TSS_MIGATTRIB_TICKET_DATA/TSS_MIGATTRIB_TICKET_SIG_TICKET */ + TPM_HMAC sigTicket; + + /* TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIGRATION_XOR_BLOB */ + UINT32 blobSize; + BYTE *blob; +}; + +/* obj_migdata.c */ +void migdata_free(void *data); +TSS_BOOL obj_is_migdata(TSS_HOBJECT); +TSS_RESULT obj_migdata_add(TSS_HCONTEXT, TSS_HOBJECT *); +TSS_RESULT obj_migdata_remove(TSS_HMIGDATA, TSS_HOBJECT); +TSS_RESULT obj_migdata_get_tsp_context(TSS_HMIGDATA, TSS_HCONTEXT *); + +TSS_RESULT obj_migdata_set_migrationblob(TSS_HMIGDATA, UINT32, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_migrationblob(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_authoritydata(TSS_HMIGDATA, UINT32, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_authoritydata(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_migauthdata(TSS_HMIGDATA, UINT32, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_migauthdata(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_ticketdata(TSS_HMIGDATA, UINT32, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_ticketdata(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **); + +TSS_RESULT obj_migdata_set_ticket_blob(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_ticket_blob(TSS_HMIGDATA, UINT32 *, BYTE **); + +TSS_RESULT obj_migdata_set_msa_list(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_msa_list(TSS_HMIGDATA, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_msa_pubkey(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_set_msa_digest(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_msa_digest(TSS_HMIGDATA, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_get_msa_list_blob(TSS_HMIGDATA, UINT32 *, BYTE **); + +TSS_RESULT obj_migdata_set_msa_hmac(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_msa_hmac(TSS_HMIGDATA, UINT32 *, BYTE **); + +TSS_RESULT obj_migdata_set_ma_pubkey(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_set_ma_digest(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_ma_digest(TSS_HMIGDATA, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_dest_pubkey(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_set_dest_digest(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_dest_digest(TSS_HMIGDATA, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_src_pubkey(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_set_src_digest(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_src_digest(TSS_HMIGDATA, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_cmk_auth(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_cmk_auth(TSS_HMIGDATA, TPM_CMK_AUTH *); +TSS_RESULT obj_migdata_get_cmk_auth_blob(TSS_HMIGDATA, UINT32 *, BYTE **); + +TSS_RESULT obj_migdata_set_sig_data(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_sig_data(TSS_HMIGDATA, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_sig_value(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_sig_value(TSS_HMIGDATA, UINT32 *, BYTE **); +TSS_RESULT obj_migdata_set_sig_ticket(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_sig_ticket(TSS_HMIGDATA, UINT32 *, BYTE **); + +TSS_RESULT obj_migdata_set_blob(TSS_HMIGDATA, UINT32, BYTE *); +TSS_RESULT obj_migdata_get_blob(TSS_HMIGDATA, UINT32 *, BYTE **); + +TSS_RESULT obj_migdata_calc_pubkey_digest(UINT32, BYTE *, TPM_DIGEST *); +TSS_RESULT obj_migdata_calc_msa_digest(struct tr_migdata_obj *); +TSS_RESULT obj_migdata_calc_sig_data_digest(struct tr_migdata_obj *); + +#define MIGDATA_LIST_DECLARE struct obj_list migdata_list +#define MIGDATA_LIST_DECLARE_EXTERN extern struct obj_list migdata_list +#define MIGDATA_LIST_INIT() list_init(&migdata_list) +#define MIGDATA_LIST_CONNECT(a,b) obj_connectContext_list(&migdata_list, a, b) +#define MIGDATA_LIST_CLOSE(a) obj_list_close(&migdata_list, &migdata_free, a) + +#else + +#define obj_is_migdata(a) FALSE + +#define MIGDATA_LIST_DECLARE +#define MIGDATA_LIST_DECLARE_EXTERN +#define MIGDATA_LIST_INIT() +#define MIGDATA_LIST_CONNECT(a,b) +#define MIGDATA_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_nv.h b/src/include/obj_nv.h new file mode 100644 index 0000000..53e6665 --- /dev/null +++ b/src/include/obj_nv.h @@ -0,0 +1,97 @@ +/* + * The Initial Developer of the Original Code is Intel Corporation. + * Portions created by Intel Corporation are Copyright (C) 2007 Intel Corporation. + * All Rights Reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the Common Public License as published by + * IBM Corporation; either version 1 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Common Public License for more details. + * + * You should have received a copy of the Common Public License + * along with this program; if not, a copy can be viewed at + * http://www.opensource.org/licenses/cpl1.0.php. + * + * trousers - An open source TCG Software Stack + * + * Author: james.xu@intel.com Rossey.liu@intel.com + * + */ + +#ifndef _OBJ_NVSTORE_H_ +#define _OBJ_NVSTORE_H_ + +#ifdef TSS_BUILD_NV + +#define MAX_PUBLIC_DATA_SIZE 1024 +#define TSS_LOCALITY_MASK 0x1f + +typedef struct objNV_DATA_PUBLIC +{ + TPM_STRUCTURE_TAG tag; + TPM_NV_INDEX nvIndex; + TPM_NV_ATTRIBUTES permission; + TPM_BOOL bReadSTClear; + TPM_BOOL bWriteSTClear; + TPM_BOOL bWriteDefine; + UINT32 dataSize; +}NV_DATA_PUBLIC; + +/* structures */ +struct tr_nvstore_obj { + TPM_STRUCTURE_TAG tag; + TPM_NV_INDEX nvIndex; + TPM_NV_ATTRIBUTES permission; + TPM_BOOL bReadSTClear; + TPM_BOOL bWriteSTClear; + TPM_BOOL bWriteDefine; + UINT32 dataSize; + TSS_HPOLICY policy; +}; + +/* obj_nv.c */ +void nvstore_free(void *data); +TSS_RESULT obj_nvstore_add(TSS_HCONTEXT, TSS_HOBJECT *); +TSS_BOOL obj_is_nvstore(TSS_HOBJECT tspContext); +TSS_RESULT obj_nvstore_remove(TSS_HOBJECT, TSS_HCONTEXT); +TSS_RESULT obj_nvstore_get_tsp_context(TSS_HNVSTORE, TSS_HCONTEXT *); +TSS_RESULT obj_nvstore_set_index(TSS_HNVSTORE, UINT32); +TSS_RESULT obj_nvstore_get_index(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_set_datasize(TSS_HNVSTORE, UINT32); +TSS_RESULT obj_nvstore_get_datasize(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_set_permission(TSS_HNVSTORE, UINT32); +TSS_RESULT obj_nvstore_get_permission_from_tpm(TSS_HNVSTORE hNvstore, UINT32 * permission); +TSS_RESULT obj_nvstore_get_permission(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_set_policy(TSS_HNVSTORE, TSS_HPOLICY); +TSS_RESULT obj_nvstore_get_policy(TSS_HNVSTORE, UINT32, TSS_HPOLICY *); +TSS_RESULT obj_nvstore_get_datapublic(TSS_HNVSTORE, UINT32 *, BYTE *); +TSS_RESULT obj_nvstore_get_readdigestatrelease(TSS_HNVSTORE, UINT32 *, BYTE **); +TSS_RESULT obj_nvstore_get_readpcrselection(TSS_HNVSTORE, UINT32 *, BYTE **); +TSS_RESULT obj_nvstore_get_writedigestatrelease(TSS_HNVSTORE, UINT32 *, BYTE **); +TSS_RESULT obj_nvstore_get_writepcrselection(TSS_HNVSTORE, UINT32 *, BYTE **); +TSS_RESULT obj_nvstore_get_state_readstclear(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_get_state_writedefine(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_get_state_writestclear(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_get_readlocalityatrelease(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_get_writelocalityatrelease(TSS_HNVSTORE, UINT32 *); +TSS_RESULT obj_nvstore_create_pcrshortinfo(TSS_HNVSTORE, TSS_HPCRS, UINT32 *, BYTE **); + +#define NVSTORE_LIST_DECLARE struct obj_list nvstore_list +#define NVSTORE_LIST_DECLARE_EXTERN extern struct obj_list nvstore_list +#define NVSTORE_LIST_INIT() list_init(&nvstore_list) +#define NVSTORE_LIST_CONNECT(a,b) obj_connectContext_list(&nvstore_list, a, b) +#define NVSTORE_LIST_CLOSE(a) obj_list_close(&nvstore_list, &nvstore_free, a) +#else +#define NVSTORE_LIST_DECLARE +#define NVSTORE_LIST_DECLARE_EXTERN +#define NVSTORE_LIST_INIT() +#define NVSTORE_LIST_CONNECT(a,b) +#define NVSTORE_LIST_CLOSE(a) +#endif +#endif + diff --git a/src/include/obj_pcrs.h b/src/include/obj_pcrs.h new file mode 100644 index 0000000..f6cc081 --- /dev/null +++ b/src/include/obj_pcrs.h @@ -0,0 +1,67 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_PCRS_H_ +#define _OBJ_PCRS_H_ + +#ifdef TSS_BUILD_PCRS_LIST + +/* structures */ +struct tr_pcrs_obj { + UINT32 type; + union { + TPM_PCR_INFO info11; + TPM_PCR_INFO_SHORT infoshort; + TPM_PCR_INFO_LONG infolong; + } info; + TPM_PCRVALUE *pcrs; +}; + +/* obj_pcrs.c */ +void pcrs_free(void *data); +TSS_BOOL obj_is_pcrs(TSS_HOBJECT); +TSS_RESULT obj_pcrs_get_tsp_context(TSS_HPCRS, TSS_HCONTEXT *); +TSS_RESULT obj_pcrs_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *); +TSS_RESULT obj_pcrs_remove(TSS_HOBJECT, TSS_HCONTEXT); +TSS_RESULT obj_pcrs_get_type(TSS_HPCRS, UINT32 *); +TSS_RESULT obj_pcrs_select_index(TSS_HPCRS, UINT32); +TSS_RESULT obj_pcrs_select_index_ex(TSS_HPCRS, UINT32, UINT32); +TSS_RESULT obj_pcrs_get_value(TSS_HPCRS, UINT32, UINT32 *, BYTE **); +TSS_RESULT obj_pcrs_set_value(TSS_HPCRS, UINT32, UINT32, BYTE *); +TSS_RESULT obj_pcrs_set_values(TSS_HPCRS hPcrs, TCPA_PCR_COMPOSITE *); +TSS_RESULT obj_pcrs_get_selection(TSS_HPCRS, UINT32 *, BYTE *); +TSS_RESULT obj_pcrs_get_digest_at_release(TSS_HPCRS, UINT32 *, BYTE **); +TSS_RESULT obj_pcrs_set_digest_at_release(TSS_HPCRS, TPM_COMPOSITE_HASH); +TSS_RESULT obj_pcrs_create_info_type(TSS_HPCRS, UINT32 *, UINT32 *, BYTE **); +TSS_RESULT obj_pcrs_create_info(TSS_HPCRS, UINT32 *, BYTE **); +TSS_RESULT obj_pcrs_create_info_long(TSS_HPCRS, UINT32 *, BYTE **); +TSS_RESULT obj_pcrs_create_info_short(TSS_HPCRS, UINT32 *, BYTE **); +TSS_RESULT obj_pcrs_get_locality(TSS_HPCRS, UINT32 *); +TSS_RESULT obj_pcrs_set_locality(TSS_HPCRS, UINT32); + +#define PCRS_LIST_DECLARE struct obj_list pcrs_list +#define PCRS_LIST_DECLARE_EXTERN extern struct obj_list pcrs_list +#define PCRS_LIST_INIT() list_init(&pcrs_list) +#define PCRS_LIST_CONNECT(a,b) obj_connectContext_list(&pcrs_list, a, b) +#define PCRS_LIST_CLOSE(a) obj_list_close(&pcrs_list, &pcrs_free, a) + +#else + +#define obj_is_pcrs(a) FALSE + +#define PCRS_LIST_DECLARE +#define PCRS_LIST_DECLARE_EXTERN +#define PCRS_LIST_INIT() +#define PCRS_LIST_CONNECT(a,b) +#define PCRS_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_policy.h b/src/include/obj_policy.h new file mode 100644 index 0000000..9686275 --- /dev/null +++ b/src/include/obj_policy.h @@ -0,0 +1,185 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_POLICY_H_ +#define _OBJ_POLICY_H_ + +/* structures */ +struct tr_policy_obj { + BYTE SecretLifetime; + TSS_BOOL SecretSet; + UINT32 SecretMode; + UINT32 SecretCounter; + UINT32 SecretTimeStamp; + UINT32 SecretSize; + BYTE Secret[20]; + UINT32 type; + BYTE *popupString; + UINT32 popupStringLength; + UINT32 hashMode; + TSS_ALGORITHM_ID hmacAlg; + TSS_ALGORITHM_ID xorAlg; + TSS_ALGORITHM_ID takeownerAlg; + TSS_ALGORITHM_ID changeauthAlg; +#ifdef TSS_BUILD_SEALX + TSS_ALGORITHM_ID sealxAlg; +#endif + PVOID hmacAppData; + PVOID xorAppData; + PVOID takeownerAppData; + PVOID changeauthAppData; +#ifdef TSS_BUILD_SEALX + PVOID sealxAppData; +#endif +#ifdef TSS_BUILD_DELEGATION + /* The per1 and per2 are only used when creating a delegation. + After that, the blob or index is used to retrieve the information */ + UINT32 delegationPer1; + UINT32 delegationPer2; + + UINT32 delegationType; + TSS_BOOL delegationIndexSet; /* Since 0 is a valid index value */ + UINT32 delegationIndex; + UINT32 delegationBlobLength; + BYTE *delegationBlob; +#endif + TSS_RESULT (*Tspicb_CallbackHMACAuth)( + PVOID lpAppData, + TSS_HOBJECT hAuthorizedObject, + TSS_BOOL ReturnOrVerify, + UINT32 ulPendingFunction, + TSS_BOOL ContinueUse, + UINT32 ulSizeNonces, + BYTE *rgbNonceEven, + BYTE *rgbNonceOdd, + BYTE *rgbNonceEvenOSAP, + BYTE *rgbNonceOddOSAP, + UINT32 ulSizeDigestHmac, + BYTE *rgbParamDigest, + BYTE *rgbHmacData); + TSS_RESULT (*Tspicb_CallbackXorEnc)( + PVOID lpAppData, + TSS_HOBJECT hOSAPObject, + TSS_HOBJECT hObject, + TSS_FLAG PurposeSecret, + UINT32 ulSizeNonces, + BYTE *rgbNonceEven, + BYTE *rgbNonceOdd, + BYTE *rgbNonceEvenOSAP, + BYTE *rgbNonceOddOSAP, + UINT32 ulSizeEncAuth, + BYTE *rgbEncAuthUsage, + BYTE *rgbEncAuthMigration); + TSS_RESULT (*Tspicb_CallbackTakeOwnership)( + PVOID lpAppData, + TSS_HOBJECT hObject, + TSS_HKEY hObjectPubKey, + UINT32 ulSizeEncAuth, + BYTE *rgbEncAuth); + TSS_RESULT (*Tspicb_CallbackChangeAuthAsym)( + PVOID lpAppData, + TSS_HOBJECT hObject, + TSS_HKEY hObjectPubKey, + UINT32 ulSizeEncAuth, + UINT32 ulSizeAithLink, + BYTE *rgbEncAuth, + BYTE *rgbAuthLink); +#ifdef TSS_BUILD_SEALX + TSS_RESULT (*Tspicb_CallbackSealxMask)( + PVOID lpAppData, + TSS_HKEY hKey, + TSS_HENCDATA hEncData, + TSS_ALGORITHM_ID algID, + UINT32 ulSizeNonces, + BYTE *rgbNonceEven, + BYTE *rgbNonceOdd, + BYTE *rgbNonceEvenOSAP, + BYTE *rgbNonceOddOSAP, + UINT32 ulDataLength, + BYTE *rgbDataToMask, + BYTE *rgbMaskedData); +#endif +}; + +/* obj_policy.c */ +void __tspi_policy_free(void *data); +TSS_BOOL anyPopupPolicies(TSS_HCONTEXT); +TSS_BOOL obj_is_policy(TSS_HOBJECT); +TSS_RESULT obj_policy_get_tsp_context(TSS_HPOLICY, TSS_HCONTEXT *); +/* One of these 2 flags should be passed to obj_policy_get_secret so that if a popup must + * be executed to get the secret, we know whether or not the new dialog should be displayed, + * which will ask for confirmation */ +#define TR_SECRET_CTX_NEW TRUE +#define TR_SECRET_CTX_NOT_NEW FALSE +TSS_RESULT obj_policy_get_secret(TSS_HPOLICY, TSS_BOOL, TCPA_SECRET *); +TSS_RESULT obj_policy_flush_secret(TSS_HPOLICY); +TSS_RESULT obj_policy_set_secret_object(TSS_HPOLICY, TSS_FLAG, UINT32, + TCPA_DIGEST *, TSS_BOOL); +TSS_RESULT obj_policy_set_secret(TSS_HPOLICY, TSS_FLAG, UINT32, BYTE *); +TSS_RESULT obj_policy_get_type(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_remove(TSS_HOBJECT, TSS_HCONTEXT); +TSS_RESULT obj_policy_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *); +TSS_RESULT obj_policy_set_type(TSS_HPOLICY, UINT32); +TSS_RESULT obj_policy_set_cb12(TSS_HPOLICY, TSS_FLAG, BYTE *); +TSS_RESULT obj_policy_get_cb12(TSS_HPOLICY, TSS_FLAG, UINT32 *, BYTE **); +TSS_RESULT obj_policy_set_cb11(TSS_HPOLICY, TSS_FLAG, TSS_FLAG, UINT32); +TSS_RESULT obj_policy_get_cb11(TSS_HPOLICY, TSS_FLAG, UINT32 *); +TSS_RESULT obj_policy_get_lifetime(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_set_lifetime(TSS_HPOLICY, UINT32, UINT32); +TSS_RESULT obj_policy_get_counter(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_get_string(TSS_HPOLICY, UINT32 *size, BYTE **); +TSS_RESULT obj_policy_set_string(TSS_HPOLICY, UINT32 size, BYTE *); +TSS_RESULT obj_policy_get_secs_until_expired(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_has_expired(TSS_HPOLICY, TSS_BOOL *); +TSS_RESULT obj_policy_get_mode(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_dec_counter(TSS_HPOLICY); +TSS_RESULT obj_policy_do_hmac(TSS_HPOLICY, TSS_HOBJECT, TSS_BOOL, UINT32, + TSS_BOOL, UINT32, BYTE *, BYTE *, BYTE *, BYTE *, + UINT32, BYTE *, BYTE *); +TSS_RESULT obj_policy_do_xor(TSS_HPOLICY, TSS_HOBJECT, TSS_HOBJECT, TSS_FLAG, + UINT32, BYTE *, BYTE *, BYTE *, BYTE *, UINT32, BYTE *, BYTE *); +TSS_RESULT obj_policy_do_takeowner(TSS_HPOLICY, TSS_HOBJECT, TSS_HKEY, UINT32, BYTE *); +TSS_RESULT obj_policy_validate_auth_oiap(TSS_HPOLICY, TCPA_DIGEST *, TPM_AUTH *); +TSS_RESULT obj_policy_get_hash_mode(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_set_hash_mode(TSS_HPOLICY, UINT32); +TSS_RESULT obj_policy_get_xsap_params(TSS_HPOLICY, TPM_COMMAND_CODE, TPM_ENTITY_TYPE *, UINT32 *, + BYTE **, BYTE *, TSS_CALLBACK *, TSS_CALLBACK *, + TSS_CALLBACK *, UINT32 *, TSS_BOOL); +TSS_RESULT obj_policy_is_secret_set(TSS_HPOLICY, TSS_BOOL *); +#ifdef TSS_BUILD_DELEGATION +TSS_RESULT obj_policy_set_delegation_type(TSS_HPOLICY, UINT32); +TSS_RESULT obj_policy_get_delegation_type(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_set_delegation_index(TSS_HPOLICY, UINT32); +TSS_RESULT obj_policy_get_delegation_index(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_set_delegation_per1(TSS_HPOLICY, UINT32); +TSS_RESULT obj_policy_get_delegation_per1(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_set_delegation_per2(TSS_HPOLICY, UINT32); +TSS_RESULT obj_policy_get_delegation_per2(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_set_delegation_blob(TSS_HPOLICY, UINT32, UINT32, BYTE *); +TSS_RESULT obj_policy_get_delegation_blob(TSS_HPOLICY, UINT32, UINT32 *, BYTE **); +TSS_RESULT obj_policy_get_delegation_label(TSS_HPOLICY, BYTE *); +TSS_RESULT obj_policy_get_delegation_familyid(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_get_delegation_vercount(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_get_delegation_pcr_locality(TSS_HPOLICY, UINT32 *); +TSS_RESULT obj_policy_get_delegation_pcr_digest(TSS_HPOLICY, UINT32 *, BYTE **); +TSS_RESULT obj_policy_get_delegation_pcr_selection(TSS_HPOLICY, UINT32 *, BYTE **); +TSS_RESULT obj_policy_is_delegation_index_set(TSS_HPOLICY, TSS_BOOL *); + +void obj_policy_clear_delegation(struct tr_policy_obj *); +TSS_RESULT obj_policy_get_delegate_public(struct tsp_object *, TPM_DELEGATE_PUBLIC *); +#endif + +#define POLICY_LIST_DECLARE struct obj_list policy_list +#define POLICY_LIST_DECLARE_EXTERN extern struct obj_list policy_list +#define POLICY_LIST_INIT() list_init(&policy_list) +#define POLICY_LIST_CONNECT(a,b) obj_connectContext_list(&policy_list, a, b) +#define POLICY_LIST_CLOSE(a) obj_list_close(&policy_list, &__tspi_policy_free, a) + +#endif diff --git a/src/include/obj_rsakey.h b/src/include/obj_rsakey.h new file mode 100644 index 0000000..48c0931 --- /dev/null +++ b/src/include/obj_rsakey.h @@ -0,0 +1,129 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_RSAKEY_H_ +#define _OBJ_RSAKEY_H_ + +#ifdef TSS_BUILD_RSAKEY_LIST + +/* rsakey specific flags */ +#define TSS_RSAKEY_FLAG_OWNEREVICT (0x00000001) + +/* structures */ +struct tr_rsakey_obj { + int type; + TSS_KEY key; + TSS_FLAG flags; + TSS_HPOLICY usagePolicy; + TSS_HPOLICY migPolicy; + TSS_UUID uuid; + TCS_KEY_HANDLE tcsHandle; +#ifdef TSS_BUILD_CMK + TPM_HMAC msaApproval; + TPM_DIGEST msaDigest; +#endif + union { + TPM_PCR_INFO info11; + TPM_PCR_INFO_LONG infolong; + } pcrInfo; + UINT32 pcrInfoType; +}; + +/* obj_rsakey.c */ +void __tspi_rsakey_free(void *data); +TSS_BOOL obj_is_rsakey(TSS_HOBJECT); +TSS_RESULT obj_rsakey_add(TSS_HCONTEXT, TSS_FLAG, TSS_HOBJECT *); +TSS_RESULT obj_rsakey_add_by_key(TSS_HCONTEXT, TSS_UUID *, BYTE *, TSS_FLAG, TSS_HKEY *); +TSS_RESULT obj_rsakey_set_policy(TSS_HKEY, TSS_HPOLICY); +TSS_RESULT obj_rsakey_remove(TSS_HOBJECT, TSS_HCONTEXT); +TSS_RESULT obj_rsakey_get_tsp_context(TSS_HKEY, TSS_HCONTEXT *); +TSS_RESULT obj_rsakey_set_pstype(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_pstype(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_get_usage(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_usage(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_set_migratable(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_set_redirected(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_set_volatile(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_authdata_usage(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_authdata_usage(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_alg(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_alg(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_es(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_es(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_ss(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_ss(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_set_num_primes(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_num_primes(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_flags(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_flags(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_size(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_get_size(TSS_HKEY, UINT32 *); +TSS_BOOL obj_rsakey_is_migratable(TSS_HKEY); +TSS_BOOL obj_rsakey_is_redirected(TSS_HKEY); +TSS_BOOL obj_rsakey_is_volatile(TSS_HKEY); +TSS_RESULT obj_rsakey_get_policy(TSS_HKEY, UINT32, TSS_HPOLICY *, TSS_BOOL *); +TSS_RESULT obj_rsakey_get_policies(TSS_HKEY, TSS_HPOLICY *, TSS_HPOLICY *, TSS_BOOL *); +TSS_RESULT obj_rsakey_get_blob(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_get_priv_blob(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_get_pub_blob(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_get_version(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_get_exponent(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_set_exponent(TSS_HKEY, UINT32, BYTE *); +TSS_RESULT obj_rsakey_get_modulus(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_set_modulus(TSS_HKEY, UINT32, BYTE *); +TSS_RESULT obj_rsakey_get_uuid(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_get_parent_uuid(TSS_HKEY, TSS_FLAG *, TSS_UUID *); +TSS_RESULT obj_rsakey_set_uuids(TSS_HKEY, TSS_FLAG, TSS_UUID *, TSS_FLAG, TSS_UUID *); +TSS_RESULT obj_rsakey_set_uuid(TSS_HKEY, TSS_FLAG, TSS_UUID *); +TSS_RESULT obj_rsakey_set_tcpakey(TSS_HKEY, UINT32 , BYTE *); +TSS_RESULT obj_rsakey_get_pcr_digest(TSS_HKEY, UINT32, TSS_FLAG, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_get_pcr_selection(TSS_HKEY, UINT32, TSS_FLAG, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_get_pcr_locality(TSS_HKEY, TSS_FLAG, UINT32 *); +TSS_RESULT obj_rsakey_set_pubkey(TSS_HKEY, UINT32, BYTE *); +TSS_RESULT obj_rsakey_set_privkey(TSS_HKEY, UINT32, UINT32, BYTE *); +TSS_RESULT obj_rsakey_set_pcr_data(TSS_HKEY, TSS_HPOLICY); +TSS_RESULT obj_rsakey_set_key_parms(TSS_HKEY, TCPA_KEY_PARMS *); +TSS_RESULT obj_rsakey_get_by_uuid(TSS_UUID *, TSS_HKEY *); +TSS_RESULT obj_rsakey_get_by_pub(UINT32, BYTE *, TSS_HKEY *); +TSS_RESULT obj_rsakey_get_tcs_handle(TSS_HKEY, TCS_KEY_HANDLE *); +TSS_RESULT obj_rsakey_set_tcs_handle(TSS_HKEY, TCS_KEY_HANDLE); +void obj_rsakey_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT); +TSS_RESULT obj_rsakey_get_transport_attribs(TSS_HKEY, TCS_KEY_HANDLE *, TPM_DIGEST *); +#ifdef TSS_BUILD_CMK +TSS_BOOL obj_rsakey_is_cmk(TSS_HKEY); +TSS_RESULT obj_rsakey_set_cmk(TSS_HKEY, UINT32); +TSS_RESULT obj_rsakey_set_msa_approval(TSS_HKEY, UINT32, BYTE *); +TSS_RESULT obj_rsakey_get_msa_approval(TSS_HKEY, UINT32 *, BYTE **); +TSS_RESULT obj_rsakey_set_msa_digest(TSS_HKEY, UINT32, BYTE *); +TSS_RESULT obj_rsakey_get_msa_digest(TSS_HKEY, UINT32 *, BYTE **); +#endif +TSS_RESULT obj_rsakey_get_ownerevict(TSS_HKEY, UINT32 *); +TSS_RESULT obj_rsakey_set_ownerevict(TSS_HKEY, TSS_BOOL); +TSS_RESULT obj_rsakey_set_srk_pubkey(BYTE *); + +#define RSAKEY_LIST_DECLARE struct obj_list rsakey_list +#define RSAKEY_LIST_DECLARE_EXTERN extern struct obj_list rsakey_list +#define RSAKEY_LIST_INIT() list_init(&rsakey_list) +#define RSAKEY_LIST_CONNECT(a,b) obj_connectContext_list(&rsakey_list, a, b) +#define RSAKEY_LIST_CLOSE(a) obj_list_close(&rsakey_list, &__tspi_rsakey_free, a) + +#else + +#define obj_is_rsakey(a) FALSE + +#define RSAKEY_LIST_DECLARE +#define RSAKEY_LIST_DECLARE_EXTERN +#define RSAKEY_LIST_INIT() +#define RSAKEY_LIST_CONNECT(a,b) +#define RSAKEY_LIST_CLOSE(a) + +#endif + +#endif diff --git a/src/include/obj_tpm.h b/src/include/obj_tpm.h new file mode 100644 index 0000000..9eb1db7 --- /dev/null +++ b/src/include/obj_tpm.h @@ -0,0 +1,78 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _OBJ_TPM_H_ +#define _OBJ_TPM_H_ + +/* structures */ +struct tr_tpm_obj { + TSS_HPOLICY policy; +#ifdef TSS_BUILD_TSS12 + TSS_HPOLICY operatorPolicy; +#endif + TSS_ALGORITHM_ID collateAlg; + TSS_ALGORITHM_ID activateAlg; + PVOID collateAppData; + PVOID activateAppData; + TSS_RESULT (*Tspicb_CollateIdentity)( + PVOID lpAppData, + UINT32 ulTCPAPlainIdentityProofLength, + BYTE *rgbTCPAPlainIdentityProof, + TSS_ALGORITHM_ID algID, + UINT32* ulSessionKeyLength, + BYTE *rgbSessionKey, + UINT32 *pulTCPAIdentityProofLength, + BYTE *rgbTCPAIdentityProof); + TSS_RESULT (*Tspicb_ActivateIdentity)( + PVOID lpAppData, + UINT32 ulSessionKeyLength, + BYTE *rgbSessionKey, + UINT32 ulSymCAAttestationBlobLength, + BYTE *rgbSymCAAttestationBlob, + UINT32 *pulCredentialLength, + BYTE *rgbCredential); + TSS_COUNTER_ID ctr_id; + UINT32 EndorsementCredSize; + BYTE *EndorsementCred; + UINT32 PlatformCredSize; + BYTE *PlatformCred; + UINT32 PlatformConfCredSize; + BYTE *PlatformConfCred; + UINT32 ConformanceCredSize; + BYTE *ConformanceCred; +}; + +/* prototypes */ +TSS_RESULT obj_getTpmObject(UINT32, TSS_HOBJECT *); + +/* obj_tpm.c */ +void tpm_free(void *); +TSS_BOOL obj_is_tpm(TSS_HOBJECT); +TSS_RESULT obj_tpm_get_tsp_context(TSS_HTPM, TSS_HCONTEXT *); +TSS_RESULT obj_tpm_get(TSS_HCONTEXT, TSS_HTPM *); +TSS_RESULT obj_tpm_set_policy(TSS_HTPM, TSS_HPOLICY); +TSS_RESULT obj_tpm_add(TSS_HCONTEXT, TSS_HOBJECT *); +TSS_RESULT obj_tpm_get_policy(TSS_HTPM, UINT32, TSS_HPOLICY *); +TSS_RESULT obj_tpm_set_cb12(TSS_HTPM, TSS_FLAG, BYTE *); +TSS_RESULT obj_tpm_get_cb12(TSS_HTPM, TSS_FLAG, UINT32 *, BYTE **); +TSS_RESULT obj_tpm_set_cb11(TSS_HTPM, TSS_FLAG, TSS_FLAG, UINT32); +TSS_RESULT obj_tpm_get_cb11(TSS_HTPM, TSS_FLAG, UINT32 *); +void obj_tpm_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT); +TSS_RESULT obj_tpm_get_current_counter(TSS_HTPM, TSS_COUNTER_ID *); +TSS_RESULT obj_tpm_set_cred(TSS_HTPM, TSS_FLAG, UINT32, BYTE *); +TSS_RESULT obj_tpm_get_cred(TSS_HTPM, TSS_FLAG, UINT32 *, BYTE **); + +#define TPM_LIST_DECLARE struct obj_list tpm_list +#define TPM_LIST_DECLARE_EXTERN extern struct obj_list tpm_list +#define TPM_LIST_INIT() list_init(&tpm_list) +#define TPM_LIST_CONNECT(a,b) obj_connectContext_list(&tpm_list, a, b) +#define TPM_LIST_CLOSE(a) obj_list_close(&tpm_list, &tpm_free, a) + +#endif diff --git a/src/include/req_mgr.h b/src/include/req_mgr.h new file mode 100644 index 0000000..3804896 --- /dev/null +++ b/src/include/req_mgr.h @@ -0,0 +1,26 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + + +#ifndef _REQ_MGR_H_ +#define _REQ_MGR_H_ + +#include "threads.h" + +struct tpm_req_mgr +{ + MUTEX_DECLARE(queue_lock); +}; + +TSS_RESULT req_mgr_init(); +TSS_RESULT req_mgr_final(); +TSS_RESULT req_mgr_submit_req(BYTE *); + +#endif diff --git a/src/include/rpc_tcstp.h b/src/include/rpc_tcstp.h new file mode 100644 index 0000000..50859e2 --- /dev/null +++ b/src/include/rpc_tcstp.h @@ -0,0 +1,40 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#ifndef _RPC_TCSTP_H_ +#define _RPC_TCSTP_H_ + +#include "tcs_tsp.h" + +typedef unsigned char TCSD_PACKET_TYPE; + +/* Packet header used for TCSD communication */ +struct tcsd_packet_hdr { + UINT32 packet_size; + union { + UINT32 ordinal; + UINT32 result; + } u; + UINT32 num_parms; + UINT32 type_size; + UINT32 type_offset; + UINT32 parm_size; + UINT32 parm_offset; +} STRUCTURE_PACKING_ATTRIBUTE; + +struct tcsd_comm_data { + BYTE *buf; + UINT32 buf_size; + struct tcsd_packet_hdr hdr; +} STRUCTURE_PACKING_ATTRIBUTE; + +#define TCSD_INIT_TXBUF_SIZE 1024 + +#endif diff --git a/src/include/rpc_tcstp_tcs.h b/src/include/rpc_tcstp_tcs.h new file mode 100644 index 0000000..57eab27 --- /dev/null +++ b/src/include/rpc_tcstp_tcs.h @@ -0,0 +1,406 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _RPC_TCSTP_TCS_H_ +#define _RPC_TCSTP_TCS_H_ + +#include "rpc_tcstp.h" + +#define DECLARE_TCSTP_FUNC(x) \ + TSS_RESULT tcs_wrap_##x(struct tcsd_thread_data *) +/* Auth session, context and TPM caps support are always compiled in. TPM caps + * are necessary so that the TCSD can know what type of TPM its talking to */ +DECLARE_TCSTP_FUNC(OpenContext); +DECLARE_TCSTP_FUNC(CloseContext); +DECLARE_TCSTP_FUNC(OIAP); +DECLARE_TCSTP_FUNC(OSAP); +DECLARE_TCSTP_FUNC(GetCapability); +DECLARE_TCSTP_FUNC(GetCapabilityOwner); +DECLARE_TCSTP_FUNC(SetCapability); + +#ifdef TSS_BUILD_RANDOM +DECLARE_TCSTP_FUNC(GetRandom); +DECLARE_TCSTP_FUNC(StirRandom); +#else +#define tcs_wrap_GetRandom tcs_wrap_Error +#define tcs_wrap_StirRandom tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_EK +DECLARE_TCSTP_FUNC(CreateEndorsementKeyPair); +DECLARE_TCSTP_FUNC(ReadPubek); +DECLARE_TCSTP_FUNC(OwnerReadPubek); +DECLARE_TCSTP_FUNC(DisablePubekRead); +#ifdef TSS_BUILD_TSS12 +DECLARE_TCSTP_FUNC(CreateRevocableEndorsementKeyPair); +DECLARE_TCSTP_FUNC(RevokeEndorsementKeyPair); +#else +#define tcs_wrap_CreateRevocableEndorsementKeyPair tcs_wrap_Error +#define tcs_wrap_RevokeEndorsementKeyPair tcs_wrap_Error +#endif +#else +#define tcs_wrap_CreateEndorsementKeyPair tcs_wrap_Error +#define tcs_wrap_ReadPubek tcs_wrap_Error +#define tcs_wrap_OwnerReadPubek tcs_wrap_Error +#define tcs_wrap_DisablePubekRead tcs_wrap_Error +#define tcs_wrap_CreateRevocableEndorsementKeyPair tcs_wrap_Error +#define tcs_wrap_RevokeEndorsementKeyPair tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_KEY +DECLARE_TCSTP_FUNC(EvictKey); +DECLARE_TCSTP_FUNC(GetPubkey); +DECLARE_TCSTP_FUNC(TerminateHandle); +DECLARE_TCSTP_FUNC(LoadKeyByBlob); +DECLARE_TCSTP_FUNC(CreateWrapKey); +#ifdef TSS_BUILD_TSS12 +DECLARE_TCSTP_FUNC(KeyControlOwner); +DECLARE_TCSTP_FUNC(OwnerReadInternalPub); +#else +#define tcs_wrap_KeyControlOwner tcs_wrap_Error +#define tcs_wrap_OwnerReadInternalPub tcs_wrap_Error +#endif +#else +#define tcs_wrap_EvictKey tcs_wrap_Error +#define tcs_wrap_GetPubkey tcs_wrap_Error +#define tcs_wrap_TerminateHandle tcs_wrap_Error +#define tcs_wrap_LoadKeyByBlob tcs_wrap_Error +#define tcs_wrap_CreateWrapKey tcs_wrap_Error +#define tcs_wrap_KeyControlOwner tcs_wrap_Error + +#endif + +#ifdef TSS_BUILD_PCR_EXTEND +DECLARE_TCSTP_FUNC(Extend); +DECLARE_TCSTP_FUNC(PcrRead); +DECLARE_TCSTP_FUNC(PcrReset); +#else +#define tcs_wrap_Extend tcs_wrap_Error +#define tcs_wrap_PcrRead tcs_wrap_Error +#define tcs_wrap_PcrReset tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_CAPS +DECLARE_TCSTP_FUNC(TCSGetCapability); +#else +#define tcs_wrap_TCSGetCapability tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_OWN +DECLARE_TCSTP_FUNC(TakeOwnership); +DECLARE_TCSTP_FUNC(OwnerClear); +#else +#define tcs_wrap_TakeOwnership tcs_wrap_Error +#define tcs_wrap_OwnerClear tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_PS +DECLARE_TCSTP_FUNC(RegisterKey); +DECLARE_TCSTP_FUNC(UnregisterKey); +DECLARE_TCSTP_FUNC(GetRegisteredKeyBlob); +DECLARE_TCSTP_FUNC(LoadKeyByUUID); +DECLARE_TCSTP_FUNC(GetRegisteredKeyByPublicInfo); +DECLARE_TCSTP_FUNC(EnumRegisteredKeys); +DECLARE_TCSTP_FUNC(EnumRegisteredKeys2); +#else +#define tcs_wrap_RegisterKey tcs_wrap_Error +#define tcs_wrap_UnregisterKey tcs_wrap_Error +#define tcs_wrap_GetRegisteredKeyBlob tcs_wrap_Error +#define tcs_wrap_LoadKeyByUUID tcs_wrap_Error +#define tcs_wrap_GetRegisteredKeyByPublicInfo tcs_wrap_Error +#define tcs_wrap_EnumRegisteredKeys tcs_wrap_Error +#define tcs_wrap_EnumRegisteredKeys2 tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_SIGN +DECLARE_TCSTP_FUNC(Sign); +#else +#define tcs_wrap_Sign tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_DIR +DECLARE_TCSTP_FUNC(DirWriteAuth); +DECLARE_TCSTP_FUNC(DirRead); +#else +#define tcs_wrap_DirWriteAuth tcs_wrap_Error +#define tcs_wrap_DirRead tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_SEAL +DECLARE_TCSTP_FUNC(Seal); +DECLARE_TCSTP_FUNC(UnSeal); +#else +#define tcs_wrap_Seal tcs_wrap_Error +#define tcs_wrap_UnSeal tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_SEALX +DECLARE_TCSTP_FUNC(Sealx); +#else +#define tcs_wrap_Sealx tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_BIND +DECLARE_TCSTP_FUNC(UnBind); +#else +#define tcs_wrap_UnBind tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_CHANGEAUTH +DECLARE_TCSTP_FUNC(ChangeAuth); +DECLARE_TCSTP_FUNC(ChangeAuthOwner); +#else +#define tcs_wrap_ChangeAuth tcs_wrap_Error +#define tcs_wrap_ChangeAuthOwner tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_QUOTE +DECLARE_TCSTP_FUNC(Quote); +#else +#define tcs_wrap_Quote tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_QUOTE2 +DECLARE_TCSTP_FUNC(Quote2); +#else +#define tcs_wrap_Quote2 tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_PCR_EVENTS +DECLARE_TCSTP_FUNC(LogPcrEvent); +DECLARE_TCSTP_FUNC(GetPcrEvent); +DECLARE_TCSTP_FUNC(GetPcrEventsByPcr); +DECLARE_TCSTP_FUNC(GetPcrEventLog); +#else +#define tcs_wrap_LogPcrEvent tcs_wrap_Error +#define tcs_wrap_GetPcrEvent tcs_wrap_Error +#define tcs_wrap_GetPcrEventsByPcr tcs_wrap_Error +#define tcs_wrap_GetPcrEventLog tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_SELFTEST +DECLARE_TCSTP_FUNC(SelfTestFull); +DECLARE_TCSTP_FUNC(CertifySelfTest); +DECLARE_TCSTP_FUNC(GetTestResult); +#else +#define tcs_wrap_SelfTestFull tcs_wrap_Error +#define tcs_wrap_CertifySelfTest tcs_wrap_Error +#define tcs_wrap_GetTestResult tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_ADMIN +DECLARE_TCSTP_FUNC(DisableOwnerClear); +DECLARE_TCSTP_FUNC(ForceClear); +DECLARE_TCSTP_FUNC(DisableForceClear); +DECLARE_TCSTP_FUNC(PhysicalEnable); +DECLARE_TCSTP_FUNC(PhysicalSetDeactivated); +DECLARE_TCSTP_FUNC(SetOwnerInstall); +DECLARE_TCSTP_FUNC(OwnerSetDisable); +DECLARE_TCSTP_FUNC(PhysicalDisable); +DECLARE_TCSTP_FUNC(PhysicalPresence); +DECLARE_TCSTP_FUNC(SetTempDeactivated); +#ifdef TSS_BUILD_TSS12 +DECLARE_TCSTP_FUNC(SetTempDeactivated2); +DECLARE_TCSTP_FUNC(ResetLockValue); +#else +#define tcs_wrap_SetTempDeactivated2 tcs_wrap_Error +#define tcs_wrap_ResetLockValue tcs_wrap_Error +#endif +#else +#define tcs_wrap_DisableOwnerClear tcs_wrap_Error +#define tcs_wrap_ForceClear tcs_wrap_Error +#define tcs_wrap_DisableForceClear tcs_wrap_Error +#define tcs_wrap_PhysicalEnable tcs_wrap_Error +#define tcs_wrap_PhysicalSetDeactivated tcs_wrap_Error +#define tcs_wrap_SetOwnerInstall tcs_wrap_Error +#define tcs_wrap_OwnerSetDisable tcs_wrap_Error +#define tcs_wrap_PhysicalDisable tcs_wrap_Error +#define tcs_wrap_PhysicalPresence tcs_wrap_Error +#define tcs_wrap_SetTempDeactivated tcs_wrap_Error +#define tcs_wrap_SetTempDeactivated2 tcs_wrap_Error +#define tcs_wrap_ResetLockValue tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_CERTIFY +DECLARE_TCSTP_FUNC(CertifyKey); +#else +#define tcs_wrap_CertifyKey tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_AIK +DECLARE_TCSTP_FUNC(MakeIdentity); +DECLARE_TCSTP_FUNC(ActivateIdentity); +#ifdef TSS_BUILD_TSS12 +DECLARE_TCSTP_FUNC(GetCredential); +#else +#define tcs_wrap_GetCredential tcs_wrap_Error +#endif +#else +#define tcs_wrap_MakeIdentity tcs_wrap_Error +#define tcs_wrap_ActivateIdentity tcs_wrap_Error +#define tcs_wrap_GetCredential tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_MIGRATION +DECLARE_TCSTP_FUNC(CreateMigrationBlob); +DECLARE_TCSTP_FUNC(ConvertMigrationBlob); +DECLARE_TCSTP_FUNC(AuthorizeMigrationKey); +#else +#define tcs_wrap_CreateMigrationBlob tcs_wrap_Error +#define tcs_wrap_ConvertMigrationBlob tcs_wrap_Error +#define tcs_wrap_AuthorizeMigrationKey tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_MAINT +DECLARE_TCSTP_FUNC(KillMaintenanceFeature); +DECLARE_TCSTP_FUNC(CreateMaintenanceArchive); +DECLARE_TCSTP_FUNC(LoadMaintenanceArchive); +DECLARE_TCSTP_FUNC(LoadManuMaintPub); +DECLARE_TCSTP_FUNC(ReadManuMaintPub); +#else +#define tcs_wrap_KillMaintenanceFeature tcs_wrap_Error +#define tcs_wrap_CreateMaintenanceArchive tcs_wrap_Error +#define tcs_wrap_LoadMaintenanceArchive tcs_wrap_Error +#define tcs_wrap_LoadManuMaintPub tcs_wrap_Error +#define tcs_wrap_ReadManuMaintPub tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_DAA +DECLARE_TCSTP_FUNC(DaaJoin); +DECLARE_TCSTP_FUNC(DaaSign); +#else +#define tcs_wrap_DaaJoin tcs_wrap_Error +#define tcs_wrap_DaaSign tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_NV +DECLARE_TCSTP_FUNC(NV_DefineOrReleaseSpace); +DECLARE_TCSTP_FUNC(NV_WriteValue); +DECLARE_TCSTP_FUNC(NV_WriteValueAuth); +DECLARE_TCSTP_FUNC(NV_ReadValue); +DECLARE_TCSTP_FUNC(NV_ReadValueAuth); +#else +#define tcs_wrap_NV_DefineOrReleaseSpace tcs_wrap_Error +#define tcs_wrap_NV_WriteValue tcs_wrap_Error +#define tcs_wrap_NV_WriteValueAuth tcs_wrap_Error +#define tcs_wrap_NV_ReadValue tcs_wrap_Error +#define tcs_wrap_NV_ReadValueAuth tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_COUNTER +DECLARE_TCSTP_FUNC(ReadCounter); +DECLARE_TCSTP_FUNC(CreateCounter); +DECLARE_TCSTP_FUNC(IncrementCounter); +DECLARE_TCSTP_FUNC(ReleaseCounter); +DECLARE_TCSTP_FUNC(ReleaseCounterOwner); +#else +#define tcs_wrap_ReadCounter tcs_wrap_Error +#define tcs_wrap_CreateCounter tcs_wrap_Error +#define tcs_wrap_IncrementCounter tcs_wrap_Error +#define tcs_wrap_ReleaseCounter tcs_wrap_Error +#define tcs_wrap_ReleaseCounterOwner tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_TICK +DECLARE_TCSTP_FUNC(ReadCurrentTicks); +DECLARE_TCSTP_FUNC(TickStampBlob); +#else +#define tcs_wrap_ReadCurrentTicks tcs_wrap_Error +#define tcs_wrap_TickStampBlob tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_TRANSPORT +DECLARE_TCSTP_FUNC(EstablishTransport); +DECLARE_TCSTP_FUNC(ExecuteTransport); +DECLARE_TCSTP_FUNC(ReleaseTransportSigned); +#else +#define tcs_wrap_EstablishTransport tcs_wrap_Error +#define tcs_wrap_ExecuteTransport tcs_wrap_Error +#define tcs_wrap_ReleaseTransportSigned tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_AUDIT +DECLARE_TCSTP_FUNC(SetOrdinalAuditStatus); +DECLARE_TCSTP_FUNC(GetAuditDigest); +DECLARE_TCSTP_FUNC(GetAuditDigestSigned); +#else +#define tcs_wrap_SetOrdinalAuditStatus tcs_wrap_Error +#define tcs_wrap_GetAuditDigest tcs_wrap_Error +#define tcs_wrap_GetAuditDigestSigned tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_TSS12 +DECLARE_TCSTP_FUNC(SetOperatorAuth); +DECLARE_TCSTP_FUNC(FlushSpecific); +#else +#define tcs_wrap_SetOperatorAuth tcs_wrap_Error +#define tcs_wrap_FlushSpecific tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_DELEGATION +DECLARE_TCSTP_FUNC(Delegate_Manage); +DECLARE_TCSTP_FUNC(Delegate_CreateKeyDelegation); +DECLARE_TCSTP_FUNC(Delegate_CreateOwnerDelegation); +DECLARE_TCSTP_FUNC(Delegate_LoadOwnerDelegation); +DECLARE_TCSTP_FUNC(Delegate_ReadTable); +DECLARE_TCSTP_FUNC(Delegate_UpdateVerificationCount); +DECLARE_TCSTP_FUNC(Delegate_VerifyDelegation); +DECLARE_TCSTP_FUNC(DSAP); +#else +#define tcs_wrap_Delegate_Manage tcs_wrap_Error +#define tcs_wrap_Delegate_CreateKeyDelegation tcs_wrap_Error +#define tcs_wrap_Delegate_CreateOwnerDelegation tcs_wrap_Error +#define tcs_wrap_Delegate_LoadOwnerDelegation tcs_wrap_Error +#define tcs_wrap_Delegate_ReadTable tcs_wrap_Error +#define tcs_wrap_Delegate_UpdateVerificationCount tcs_wrap_Error +#define tcs_wrap_Delegate_VerifyDelegation tcs_wrap_Error +#define tcs_wrap_DSAP tcs_wrap_Error +#endif + +#ifdef TSS_BUILD_CMK +DECLARE_TCSTP_FUNC(CMK_SetRestrictions); +DECLARE_TCSTP_FUNC(CMK_ApproveMA); +DECLARE_TCSTP_FUNC(CMK_CreateKey); +DECLARE_TCSTP_FUNC(CMK_CreateTicket); +DECLARE_TCSTP_FUNC(CMK_CreateBlob); +DECLARE_TCSTP_FUNC(CMK_ConvertMigration); +#else +#define tcs_wrap_CMK_SetRestrictions tcs_wrap_Error +#define tcs_wrap_CMK_ApproveMA tcs_wrap_Error +#define tcs_wrap_CMK_CreateKey tcs_wrap_Error +#define tcs_wrap_CMK_CreateTicket tcs_wrap_Error +#define tcs_wrap_CMK_CreateBlob tcs_wrap_Error +#define tcs_wrap_CMK_ConvertMigration tcs_wrap_Error +#endif + +DECLARE_TCSTP_FUNC(dispatchCommand); + +void LoadBlob_Auth_Special(UINT64 *, BYTE *, TPM_AUTH *); +void UnloadBlob_Auth_Special(UINT64 *, BYTE *, TPM_AUTH *); +void LoadBlob_KM_KEYINFO(UINT64 *, BYTE *, TSS_KM_KEYINFO *); +void LoadBlob_KM_KEYINFO2(UINT64 *, BYTE *, TSS_KM_KEYINFO2 *); +void UnloadBlob_KM_KEYINFO(UINT64 *, BYTE *, TSS_KM_KEYINFO *); +void UnloadBlob_KM_KEYINFO2(UINT64 *, BYTE *, TSS_KM_KEYINFO2 *); +void LoadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *); +void UnloadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *); +void LoadBlob_PCR_EVENT(UINT64 *, BYTE *, TSS_PCR_EVENT *); +TSS_RESULT UnloadBlob_PCR_EVENT(UINT64 *, BYTE *, TSS_PCR_EVENT *); +int setData(TCSD_PACKET_TYPE, unsigned int, void *, int, struct tcsd_comm_data *); +UINT32 getData(TCSD_PACKET_TYPE, unsigned int, void *, int, struct tcsd_comm_data *); +void initData(struct tcsd_comm_data *, int); +int recv_from_socket(int, void *, int); +int send_to_socket(int, void *, int); +TSS_RESULT getTCSDPacket(struct tcsd_thread_data *); + +MUTEX_DECLARE_EXTERN(tcsp_lock); + +#endif + + diff --git a/src/include/rpc_tcstp_tsp.h b/src/include/rpc_tcstp_tsp.h new file mode 100644 index 0000000..79f5e9f --- /dev/null +++ b/src/include/rpc_tcstp_tsp.h @@ -0,0 +1,411 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _RPC_TCSTP_TSP_H_ +#define _RPC_TCSTP_TSP_H_ + +#include "hosttable.h" +#include "rpc_tcstp.h" +#include "tcsd_wrap.h" +#include "tcsd.h" + +int setData(TCSD_PACKET_TYPE,int,void *,int,struct tcsd_comm_data *); +UINT32 getData(TCSD_PACKET_TYPE,int,void *,int,struct tcsd_comm_data *); +void initData(struct tcsd_comm_data *, int); +TSS_RESULT sendTCSDPacket(struct host_table_entry *); +TSS_RESULT send_init(struct host_table_entry *); +TSS_RESULT tcs_sendit(struct host_table_entry *); +short get_port(); + +/* Context commands always included */ +TSS_RESULT RPC_OpenContext_TP(struct host_table_entry *, UINT32 *, TCS_CONTEXT_HANDLE *); +TSS_RESULT RPC_CloseContext_TP(struct host_table_entry *); +TSS_RESULT RPC_FreeMemory_TP(struct host_table_entry *,BYTE *); + +#ifdef TSS_BUILD_AUTH +TSS_RESULT RPC_OIAP_TP(struct host_table_entry *,TCS_AUTHHANDLE *,TCPA_NONCE *); +TSS_RESULT RPC_OSAP_TP(struct host_table_entry *,TCPA_ENTITY_TYPE,UINT32,TCPA_NONCE*,TCS_AUTHHANDLE *,TCPA_NONCE *,TCPA_NONCE *); +#else +#define RPC_OIAP_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_OSAP_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_PCR_EVENTS +TSS_RESULT RPC_LogPcrEvent_TP(struct host_table_entry *,TSS_PCR_EVENT,UINT32 *); +TSS_RESULT RPC_GetPcrEvent_TP(struct host_table_entry *,UINT32,UINT32 *,TSS_PCR_EVENT **); +TSS_RESULT RPC_GetPcrEventLog_TP(struct host_table_entry *,UINT32 *,TSS_PCR_EVENT **); +TSS_RESULT RPC_GetPcrEventsByPcr_TP(struct host_table_entry *,UINT32,UINT32,UINT32 *,TSS_PCR_EVENT **); +#else +#define RPC_LogPcrEvent_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetPcrEvent_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetPcrEventLog_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetPcrEventsByPcr_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_PS +TSS_RESULT RPC_GetRegisteredKeyByPublicInfo_TP(struct host_table_entry * tcsContext,TCPA_ALGORITHM_ID algID,UINT32,BYTE *,UINT32 *,BYTE **); +TSS_RESULT RPC_RegisterKey_TP(struct host_table_entry *,TSS_UUID,TSS_UUID,UINT32,BYTE *,UINT32,BYTE *); +TSS_RESULT RPC_UnregisterKey_TP(struct host_table_entry *,TSS_UUID); +TSS_RESULT RPC_EnumRegisteredKeys_TP(struct host_table_entry *,TSS_UUID *,UINT32 *,TSS_KM_KEYINFO **); +TSS_RESULT RPC_EnumRegisteredKeys2_TP(struct host_table_entry *,TSS_UUID *,UINT32 *,TSS_KM_KEYINFO2 **); +TSS_RESULT RPC_GetRegisteredKey_TP(struct host_table_entry *,TSS_UUID,TSS_KM_KEYINFO **); +TSS_RESULT RPC_GetRegisteredKeyBlob_TP(struct host_table_entry *,TSS_UUID,UINT32 *,BYTE **); +TSS_RESULT RPC_LoadKeyByUUID_TP(struct host_table_entry *,TSS_UUID,TCS_LOADKEY_INFO *,TCS_KEY_HANDLE *); +#else +#define RPC_GetRegisteredKeyByPublicInfo_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_RegisterKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_UnregisterKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_EnumRegisteredKeys_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_EnumRegisteredKeys2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetRegisteredKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetRegisteredKeyBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_LoadKeyByUUID_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_KEY +TSS_RESULT RPC_LoadKeyByBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,TCS_KEY_HANDLE *,TCS_KEY_HANDLE *); +TSS_RESULT RPC_EvictKey_TP(struct host_table_entry *,TCS_KEY_HANDLE); +TSS_RESULT RPC_CreateWrapKey_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_ENCAUTH *,TCPA_ENCAUTH *,UINT32,BYTE *,UINT32 *,BYTE **,TPM_AUTH *); +TSS_RESULT RPC_GetPubKey_TP(struct host_table_entry *,TCS_KEY_HANDLE,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_TerminateHandle_TP(struct host_table_entry *,TCS_AUTHHANDLE); +TSS_RESULT RPC_OwnerReadInternalPub_TP(struct host_table_entry *, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **); +#ifdef TSS_BUILD_TSS12 +TSS_RESULT RPC_KeyControlOwner_TP(struct host_table_entry *, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, TSS_BOOL, TPM_AUTH *, TSS_UUID *); +#else +#define RPC_KeyControlOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif +#else +#define RPC_LoadKeyByBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_EvictKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CreateWrapKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetPubKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_TerminateHandle_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_OwnerReadInternalPub_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_KeyControlOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_AIK +TSS_RESULT RPC_MakeIdentity_TP(struct host_table_entry *,TCPA_ENCAUTH,TCPA_CHOSENID_HASH,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **); +TSS_RESULT RPC_GetCredential_TP(struct host_table_entry *,UINT32 ,UINT32 ,UINT32 *,BYTE **); +TSS_RESULT RPC_ActivateTPMIdentity_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **); +#else +#define RPC_MakeIdentity_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetCredential_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ActivateTPMIdentity_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_ADMIN +TSS_RESULT RPC_SetOwnerInstall_TP(struct host_table_entry *,TSS_BOOL); +TSS_RESULT RPC_DisableOwnerClear_TP(struct host_table_entry *,TPM_AUTH *); +TSS_RESULT RPC_ForceClear_TP(struct host_table_entry * hContext); +TSS_RESULT RPC_DisableForceClear_TP(struct host_table_entry * hContext); +TSS_RESULT RPC_PhysicalDisable_TP(struct host_table_entry * hContext); +TSS_RESULT RPC_PhysicalEnable_TP(struct host_table_entry * hContext); +TSS_RESULT RPC_PhysicalSetDeactivated_TP(struct host_table_entry *,TSS_BOOL); +TSS_RESULT RPC_PhysicalPresence_TP(struct host_table_entry *,TCPA_PHYSICAL_PRESENCE); +TSS_RESULT RPC_SetTempDeactivated_TP(struct host_table_entry * hContext); +#ifdef TSS_BUILD_TSS12 +TSS_RESULT RPC_SetTempDeactivated2_TP(struct host_table_entry *, TPM_AUTH *); +#else +#define RPC_SetTempDeactivated2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif +TSS_RESULT RPC_FieldUpgrade_TP(struct host_table_entry *,UINT32,BYTE *,UINT32 *,BYTE **,TPM_AUTH *); +TSS_RESULT RPC_SetRedirection_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,UINT32,TPM_AUTH *); +TSS_RESULT RPC_OwnerSetDisable_TP(struct host_table_entry *,TSS_BOOL,TPM_AUTH *); +TSS_RESULT RPC_ResetLockValue_TP(struct host_table_entry *, TPM_AUTH *); +#else +#define RPC_SetOwnerInstall_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_DisableOwnerClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ForceClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_DisableForceClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_PhysicalDisable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_PhysicalEnable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_PhysicalSetDeactivated_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_PhysicalPresence_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_SetTempDeactivated_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_SetTempDeactivated2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_FieldUpgrade_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_SetRedirection_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_OwnerSetDisable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ResetLockValue_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_OWN +TSS_RESULT RPC_TakeOwnership_TP(struct host_table_entry *,UINT16,UINT32,BYTE *,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_OwnerClear_TP(struct host_table_entry *,TPM_AUTH *); +#else +#define RPC_TakeOwnership_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_OwnerClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_CHANGEAUTH +TSS_RESULT RPC_ChangeAuth_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_PROTOCOL_ID,TCPA_ENCAUTH *,TCPA_ENTITY_TYPE,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_ChangeAuthOwner_TP(struct host_table_entry *,TCPA_PROTOCOL_ID,TCPA_ENCAUTH *,TCPA_ENTITY_TYPE,TPM_AUTH *); +TSS_RESULT RPC_ChangeAuthAsymStart_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **,TCS_KEY_HANDLE *); +TSS_RESULT RPC_ChangeAuthAsymFinish_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCS_KEY_HANDLE,TCPA_ENTITY_TYPE,TCPA_HMAC,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **,TCPA_SALT_NONCE *,TCPA_DIGEST *); +#else +#define RPC_ChangeAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ChangeAuthOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ChangeAuthAsymStart_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ChangeAuthAsymFinish_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_PCR_EXTEND +TSS_RESULT RPC_Extend_TP(struct host_table_entry *,TCPA_PCRINDEX,TCPA_DIGEST,TCPA_PCRVALUE *); +TSS_RESULT RPC_PcrRead_TP(struct host_table_entry *,TCPA_PCRINDEX,TCPA_PCRVALUE *); +TSS_RESULT RPC_PcrReset_TP(struct host_table_entry *,UINT32,BYTE *); +#else +#define RPC_Extend_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_PcrRead_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_PcrReset_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_QUOTE +TSS_RESULT RPC_Quote_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **); +#else +#define RPC_Quote_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_QUOTE2 +TSS_RESULT RPC_Quote2_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE *,UINT32,BYTE *,TSS_BOOL,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **); +#else +#define RPC_Quote2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_DIR +TSS_RESULT RPC_DirWriteAuth_TP(struct host_table_entry *,TCPA_DIRINDEX,TCPA_DIRVALUE *,TPM_AUTH *); +TSS_RESULT RPC_DirRead_TP(struct host_table_entry *,TCPA_DIRINDEX,TCPA_DIRVALUE *); +#else +#define RPC_DirWriteAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_DirRead_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_SEAL +TSS_RESULT RPC_Seal_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_ENCAUTH *,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_Unseal_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **); +#else +#define RPC_Seal_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_Unseal_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_SEALX +TSS_RESULT RPC_Sealx_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_ENCAUTH *,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +#else +#define RPC_Sealx_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_BIND +TSS_RESULT RPC_UnBind_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +#else +#define RPC_UnBind_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_MIGRATION +TSS_RESULT RPC_CreateMigrationBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_MIGRATE_SCHEME,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **); +TSS_RESULT RPC_ConvertMigrationBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_AuthorizeMigrationKey_TP(struct host_table_entry *,TCPA_MIGRATE_SCHEME,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +#else +#define RPC_CreateMigrationBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ConvertMigrationBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_AuthorizeMigrationKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_CERTIFY +TSS_RESULT RPC_CertifyKey_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCS_KEY_HANDLE,TPM_NONCE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **); +#else +#define RPC_CertifyKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_SIGN +TSS_RESULT RPC_Sign_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +#else +#define RPC_Sign_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_RANDOM +TSS_RESULT RPC_GetRandom_TP(struct host_table_entry *,UINT32,BYTE **); +TSS_RESULT RPC_StirRandom_TP(struct host_table_entry *,UINT32,BYTE *); +#else +#define RPC_GetRandom_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_StirRandom_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_CAPS_TPM +TSS_RESULT RPC_GetTPMCapability_TP(struct host_table_entry *,TCPA_CAPABILITY_AREA,UINT32,BYTE *,UINT32 *,BYTE **); +TSS_RESULT RPC_GetCapabilitySigned_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE,TCPA_CAPABILITY_AREA,UINT32,BYTE *,TPM_AUTH *,TCPA_VERSION *,UINT32 *,BYTE **,UINT32 *,BYTE **); +TSS_RESULT RPC_GetCapabilityOwner_TP(struct host_table_entry *,TPM_AUTH *,TCPA_VERSION *,UINT32 *,UINT32 *); +TSS_RESULT RPC_SetCapability_TP(struct host_table_entry *,TCPA_CAPABILITY_AREA,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *); +#else +#define RPC_GetTPMCapability_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetCapabilitySigned_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetCapabilityOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_SetCapability_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_CAPS +TSS_RESULT RPC_GetCapability_TP(struct host_table_entry *,TCPA_CAPABILITY_AREA,UINT32,BYTE *,UINT32 *,BYTE **); +#else +#define RPC_GetCapability_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_EK +TSS_RESULT RPC_CreateEndorsementKeyPair_TP(struct host_table_entry *,TCPA_NONCE,UINT32,BYTE *,UINT32 *,BYTE **,TCPA_DIGEST *); +TSS_RESULT RPC_ReadPubek_TP(struct host_table_entry *,TCPA_NONCE,UINT32 *,BYTE **,TCPA_DIGEST *); +TSS_RESULT RPC_OwnerReadPubek_TP(struct host_table_entry *,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_DisablePubekRead_TP(struct host_table_entry *,TPM_AUTH *); +#ifdef TSS_BUILD_TSS12 +TSS_RESULT RPC_CreateRevocableEndorsementKeyPair_TP(struct host_table_entry *,TPM_NONCE,UINT32,BYTE *,TSS_BOOL,TPM_DIGEST *,UINT32 *,BYTE **,TPM_DIGEST *); +TSS_RESULT RPC_RevokeEndorsementKeyPair_TP(struct host_table_entry *,TPM_DIGEST *); +#else +#define RPC_CreateRevocableEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_RevokeEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif +#else +#define RPC_DisablePubekRead_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CreateEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ReadPubek_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_OwnerReadPubek_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CreateRevocableEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_RevokeEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_SELFTEST +TSS_RESULT RPC_SelfTestFull_TP(struct host_table_entry * hContext); +TSS_RESULT RPC_CertifySelfTest_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_GetTestResult_TP(struct host_table_entry *,UINT32 *,BYTE **); +#else +#define RPC_SelfTestFull_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CertifySelfTest_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetTestResult_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_MAINT +TSS_RESULT RPC_CreateMaintenanceArchive_TP(struct host_table_entry *,TSS_BOOL,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **); +TSS_RESULT RPC_LoadMaintenanceArchive_TP(struct host_table_entry *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_KillMaintenanceFeature_TP(struct host_table_entry *,TPM_AUTH *); +TSS_RESULT RPC_LoadManuMaintPub_TP(struct host_table_entry *,TCPA_NONCE,UINT32,BYTE *,TCPA_DIGEST *); +TSS_RESULT RPC_ReadManuMaintPub_TP(struct host_table_entry *,TCPA_NONCE,TCPA_DIGEST *); +#else +#define RPC_CreateMaintenanceArchive_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_LoadMaintenanceArchive_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_KillMaintenanceFeature_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_LoadManuMaintPub_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ReadManuMaintPub_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_DAA +TSS_RESULT RPC_DaaJoin_TP(struct host_table_entry *,TPM_HANDLE,BYTE,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +TSS_RESULT RPC_DaaSign_TP(struct host_table_entry *,TPM_HANDLE,BYTE,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **); +#else +#define RPC_DaaJoin_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_DaaSign_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_COUNTER +TSS_RESULT RPC_ReadCounter_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_COUNTER_VALUE *); +TSS_RESULT RPC_CreateCounter_TP(struct host_table_entry *,UINT32,BYTE *,TPM_ENCAUTH,TPM_AUTH *,TSS_COUNTER_ID *,TPM_COUNTER_VALUE *); +TSS_RESULT RPC_IncrementCounter_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_AUTH *,TPM_COUNTER_VALUE *); +TSS_RESULT RPC_ReleaseCounter_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_AUTH *); +TSS_RESULT RPC_ReleaseCounterOwner_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_AUTH *); +#else +#define RPC_ReadCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CreateCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_IncrementCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ReleaseCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ReleaseCounterOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_TICK +TSS_RESULT RPC_ReadCurrentTicks_TP(struct host_table_entry *,UINT32 *,BYTE **); +TSS_RESULT RPC_TickStampBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,TPM_NONCE *,TPM_DIGEST *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **); +#else +#define RPC_ReadCurrentTicks_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_TickStampBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_TRANSPORT +TSS_RESULT RPC_EstablishTransport_TP(struct host_table_entry *, UINT32, TCS_KEY_HANDLE, UINT32, BYTE*, UINT32, BYTE*, TPM_AUTH*, TPM_MODIFIER_INDICATOR*, TCS_HANDLE*, UINT32*, BYTE**, TPM_NONCE*); +TSS_RESULT RPC_ExecuteTransport_TP(struct host_table_entry *,TPM_COMMAND_CODE, UINT32, BYTE*, UINT32*, TCS_HANDLE**, TPM_AUTH*, TPM_AUTH*, TPM_AUTH*, UINT64*, TPM_MODIFIER_INDICATOR*, TPM_RESULT*, UINT32*, BYTE**); +TSS_RESULT RPC_ReleaseTransportSigned_TP(struct host_table_entry *, TCS_KEY_HANDLE, TPM_NONCE *, TPM_AUTH*, TPM_AUTH*, TPM_MODIFIER_INDICATOR*, UINT32*, BYTE**, UINT32*, BYTE**); +#else +#define RPC_EstablishTransport_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ExecuteTransport_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_ReleaseTransportSigned_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_NV +TSS_RESULT RPC_NV_DefineOrReleaseSpace_TP(struct host_table_entry *hte, UINT32, BYTE *, TCPA_ENCAUTH, TPM_AUTH *); +TSS_RESULT RPC_NV_WriteValue_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT RPC_NV_WriteValueAuth_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT RPC_NV_ReadValue_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **); +TSS_RESULT RPC_NV_ReadValueAuth_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **); +#else +#define RPC_NV_DefineOrReleaseSpace_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_NV_WriteValue_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_NV_WriteValueAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_NV_ReadValue_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_NV_ReadValueAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_AUDIT +TSS_RESULT RPC_SetOrdinalAuditStatus_TP(struct host_table_entry *hte, TPM_AUTH *, UINT32, TSS_BOOL); +TSS_RESULT RPC_GetAuditDigest_TP(struct host_table_entry *hte, UINT32, TPM_DIGEST *, UINT32 *, BYTE **, TSS_BOOL *, UINT32 *, UINT32 **); +TSS_RESULT RPC_GetAuditDigestSigned_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *, TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *, TPM_DIGEST *, UINT32 *, BYTE **); +#else +#define RPC_SetOrdinalAuditStatus_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetAuditDigest_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_GetAuditDigestSigned_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_TSS12 +TSS_RESULT RPC_SetOperatorAuth_TP(struct host_table_entry *hte, TCPA_SECRET *); +TSS_RESULT RPC_FlushSpecific_TP(struct host_table_entry *hte, TCS_HANDLE, TPM_RESOURCE_TYPE); +#else +#define RPC_SetOperatorAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_FlushSpecific_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_DELEGATION +TSS_RESULT RPC_Delegate_Manage_TP(struct host_table_entry *hte, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_CreateKeyDelegation_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_CreateOwnerDelegation_TP(struct host_table_entry *hte, TSS_BOOL, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_LoadOwnerDelegation_TP(struct host_table_entry *hte, TPM_DELEGATE_INDEX, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT RPC_Delegate_ReadTable_TP(struct host_table_entry *hte, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_UpdateVerificationCount_TP(struct host_table_entry *hte, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_VerifyDelegation_TP(struct host_table_entry *hte, UINT32, BYTE *); +TSS_RESULT RPC_DSAP_TP(struct host_table_entry *hte, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32, BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *); +#else +#define RPC_Delegate_Manage_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_Delegate_CreateKeyDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_Delegate_CreateOwnerDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_Delegate_LoadOwnerDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_Delegate_ReadTable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_Delegate_UpdateVerificationCount_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_Delegate_VerifyDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_DSAP_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#ifdef TSS_BUILD_CMK +TSS_RESULT RPC_CMK_SetRestrictions_TP(struct host_table_entry *hte, TSS_CMK_DELEGATE, TPM_AUTH *); +TSS_RESULT RPC_CMK_ApproveMA_TP(struct host_table_entry *hte, TPM_DIGEST, TPM_AUTH *, TPM_HMAC *); +TSS_RESULT RPC_CMK_CreateKey_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TPM_ENCAUTH *, TPM_HMAC *, TPM_DIGEST *, UINT32 *, BYTE **, TPM_AUTH *); +TSS_RESULT RPC_CMK_CreateTicket_TP(struct host_table_entry *hte, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, TPM_AUTH *, TPM_HMAC *); +TSS_RESULT RPC_CMK_CreateBlob_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TSS_MIGRATE_SCHEME, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_CMK_ConvertMigration_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TPM_CMK_AUTH, TPM_HMAC, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +#else +#define RPC_CMK_SetRestrictions_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CMK_ApproveMA_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CMK_CreateKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CMK_CreateTicket_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CMK_CreateBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#define RPC_CMK_ConvertMigration_TP(...) TSPERR(TSS_E_INTERNAL_ERROR) +#endif + +#endif diff --git a/src/include/spi_utils.h b/src/include/spi_utils.h new file mode 100644 index 0000000..f93e877 --- /dev/null +++ b/src/include/spi_utils.h @@ -0,0 +1,632 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004, 2007 + * + */ + + +#ifndef _SPI_UTILS_H_ +#define _SPI_UTILS_H_ + +#include "threads.h" +#include <netinet/in.h> // for endian routines + +#include "trousers_types.h" +#include "trousers/trousers.h" + +struct key_mem_cache +{ + TCS_KEY_HANDLE tcs_handle; + TSS_HKEY tsp_handle; + UINT16 flags; + UINT32 time_stamp; + TSS_UUID uuid; + TSS_UUID p_uuid; + TSS_KEY *blob; + struct key_mem_cache *parent; + struct key_mem_cache *next; +}; + +extern struct key_mem_cache *key_mem_cache_head; +MUTEX_DECLARE_EXTERN(mem_cache_lock); + +#ifndef MIN +#define MIN(a,b) ((a) < (b) ? (a) : (b)) +#endif + +#define BOOL(x) ((x) == 0) ? FALSE : TRUE +#define INVBOOL(x) ((x) == 0) ? TRUE : FALSE + +#define TSS_PSFILE_INCREMENT_NUM_KEYS 1 +#define TSS_PSFILE_DECREMENT_NUM_KEYS 0 + +void *calloc_tspi(TSS_HCONTEXT, UINT32); +TSS_RESULT free_tspi(TSS_HCONTEXT, void *); +TSS_RESULT __tspi_add_mem_entry(TSS_HCONTEXT, void *); + +/* secrets.c */ + +TSS_RESULT policy_UsesAuth(TSS_HPOLICY, TSS_BOOL *); + +TSS_RESULT secret_PerformAuth_OIAP(TSS_HOBJECT, UINT32, TSS_HPOLICY, TSS_BOOL, TCPA_DIGEST *, + TPM_AUTH *); +#if 0 +TSS_RESULT secret_PerformXOR_OSAP(TSS_HPOLICY, TSS_HPOLICY, TSS_HPOLICY, TSS_HOBJECT, + UINT16, UINT32, TCPA_ENCAUTH *, TCPA_ENCAUTH *, + BYTE *, TPM_AUTH *, TCPA_NONCE *); +TSS_RESULT secret_PerformAuth_OSAP(TSS_HOBJECT, UINT32, TSS_HPOLICY, + TSS_HPOLICY, TSS_HPOLICY, BYTE *, + TPM_AUTH *, BYTE *, TCPA_NONCE *); + +TSS_RESULT secret_ValidateAuth_OSAP(TSS_HOBJECT, UINT32, TSS_HPOLICY, + TSS_HPOLICY, TSS_HPOLICY, BYTE *, + TPM_AUTH *, BYTE *, TCPA_NONCE *); +#endif +TSS_RESULT secret_TakeOwnership(TSS_HKEY, TSS_HTPM, TSS_HKEY, TPM_AUTH *, + UINT32 *, BYTE *, UINT32 *, BYTE *); + +TSS_RESULT changeauth_owner(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY); +TSS_RESULT changeauth_srk(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY); +TSS_RESULT changeauth_key(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY); +TSS_RESULT changeauth_encdata(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY); + +TSS_RESULT sealx_mask_cb(PVOID, TSS_HKEY, TSS_HENCDATA, TSS_ALGORITHM_ID, UINT32, BYTE *, BYTE *, + BYTE *, BYTE *, UINT32, BYTE *, BYTE *); + +TSS_RESULT __tspi_free_resource(TSS_HCONTEXT, UINT32, UINT32); +TSS_RESULT owner_get_pubek(TSS_HCONTEXT, TSS_HTPM, TSS_HKEY *); + +#define next( x ) x = x->next + +/* spi_utils.c */ + +UINT16 get_num_pcrs(TSS_HCONTEXT); +void free_key_refs(TSS_KEY *); + +#define UI_MAX_SECRET_STRING_LENGTH 256 +#define UI_MAX_POPUP_STRING_LENGTH 256 + +#ifdef TSS_NO_GUI +#define DisplayPINWindow(a,b,c) \ + do { \ + *(b) = 0; \ + } while (0) +#define DisplayNewPINWindow(a,b,c) \ + do { \ + *(b) = 0; \ + } while (0) +#else +TSS_RESULT DisplayPINWindow(BYTE *, UINT32 *, BYTE *); +TSS_RESULT DisplayNewPINWindow(BYTE *, UINT32 *, BYTE *); +#endif + +TSS_RESULT merge_key_hierarchies(TSS_HCONTEXT, UINT32, TSS_KM_KEYINFO *, UINT32, TSS_KM_KEYINFO *, + UINT32 *, TSS_KM_KEYINFO **); +TSS_RESULT merge_key_hierarchies2(TSS_HCONTEXT, UINT32, TSS_KM_KEYINFO2 *, UINT32, TSS_KM_KEYINFO2 *, + UINT32 *, TSS_KM_KEYINFO2 **); + + +int pin_mem(void *, size_t); +int unpin_mem(void *, size_t); + + +#define TSS_MAX_SYM_BLOCK_SIZE 16 + +TSS_RESULT internal_GetCap(TSS_HCONTEXT, TSS_FLAG, UINT32, UINT32 *, BYTE **); + +/* For an unconnected context that wants to do PCR operations, assume that + * the TPM has TSS_DEFAULT_NUM_PCRS pcrs */ +#define TSS_DEFAULT_NUM_PCRS 16 +#define TSS_LOCAL_RANDOM_DEVICE "/dev/urandom" +#define TSS_LOCALHOST_STRING "localhost" +TSS_RESULT get_local_random(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE **); + +#define AUTH_RETRY_NANOSECS 500000000 +#define AUTH_RETRY_COUNT 5 +#define TPM_AUTH_RQU_SIZE (sizeof(TPM_AUTHHANDLE) + sizeof(TPM_NONCE) \ + + sizeof(TPM_BOOL) + sizeof(TPM_AUTHDATA)) +#define TPM_AUTH_RSP_SIZE (sizeof(TPM_NONCE) + sizeof(TPM_BOOL) + sizeof(TPM_AUTHDATA)) + +#define endian32(x) htonl(x) +#define endian16(x) htons(x) + +extern TSS_VERSION VERSION_1_1; + +TSS_RESULT __tspi_rsa_encrypt(TSS_HKEY, UINT32, BYTE*, UINT32*, BYTE*); +TSS_RESULT __tspi_rsa_verify(TSS_HKEY, UINT32, UINT32, BYTE*, UINT32, BYTE*); + +TSS_RESULT Init_AuthNonce(TCS_CONTEXT_HANDLE, TSS_BOOL, TPM_AUTH *); +TSS_BOOL validateReturnAuth(BYTE *, BYTE *, TPM_AUTH *); +void HMAC_Auth(BYTE *, BYTE *, TPM_AUTH *); +TSS_RESULT OSAP_Calc(TCS_CONTEXT_HANDLE, UINT16, UINT32, BYTE *, BYTE *, BYTE *, + TCPA_ENCAUTH *, TCPA_ENCAUTH *, BYTE *, TPM_AUTH *); + +void UINT64ToArray(UINT64, BYTE *); +void UINT32ToArray(UINT32, BYTE *); +void UINT16ToArray(UINT16, BYTE *); +UINT16 Decode_UINT16(BYTE *); +UINT32 Decode_UINT32(BYTE *); +UINT64 Decode_UINT64(BYTE *); + +TSS_RESULT popup_GetSecret(UINT32, UINT32, BYTE *, void *); + +TSS_RESULT get_tpm_flags(TSS_HCONTEXT, TSS_HTPM, UINT32 *, UINT32 *); +TSS_RESULT pcrs_calc_composite(TCPA_PCR_SELECTION *, TCPA_PCRVALUE *, TCPA_DIGEST *); +struct tr_pcrs_obj; +TSS_RESULT pcrs_sanity_check_selection(TCS_CONTEXT_HANDLE, struct tr_pcrs_obj *, TPM_PCR_SELECTION *); + +void LoadBlob_AUTH(UINT64 *, BYTE *, TPM_AUTH *); +void UnloadBlob_AUTH(UINT64 *, BYTE *, TPM_AUTH *); +void LoadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *); +void UnloadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *); +void LoadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *); +TSS_RESULT UnloadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *); +TSS_RESULT Hash_TSS_KEY(Trspi_HashCtx *, TSS_KEY *); +void LoadBlob_TSS_PRIVKEY_DIGEST(UINT64 *, BYTE *, TSS_KEY *); +TSS_RESULT Hash_TSS_PRIVKEY_DIGEST(Trspi_HashCtx *, TSS_KEY *); + +TSS_RESULT TSP_SetCapability(TSS_HCONTEXT, TSS_HTPM, TSS_HPOLICY, TPM_CAPABILITY_AREA, + UINT32, TSS_BOOL); + +TSS_RESULT RPC_OpenContext(TSS_HCONTEXT, BYTE *, int); +TSS_RESULT RPC_FreeMemory(TSS_HCONTEXT, BYTE *); +TSS_RESULT RPC_GetRegisteredKeyByPublicInfo(TSS_HCONTEXT, TCPA_ALGORITHM_ID, UINT32, + BYTE *, UINT32 *, BYTE **); +TSS_RESULT RPC_CloseContext(TSS_HCONTEXT); +TSS_RESULT RPC_GetCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *, BYTE **); +TSS_RESULT RPC_GetTPMCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *, BYTE **); +TSS_RESULT Transport_GetTPMCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *, BYTE **); +TSS_RESULT RPC_SetCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT Transport_SetCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *); +TSS_RESULT RPC_LoadKeyByBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, + TCS_KEY_HANDLE *, TCS_KEY_HANDLE *); +TSS_RESULT Transport_LoadKeyByBlob(TSS_HCONTEXT, TSS_HKEY, UINT32, BYTE *, + TPM_AUTH *, TCS_KEY_HANDLE *, TPM_KEY_HANDLE *); +TSS_RESULT RPC_LoadKeyByUUID(TSS_HCONTEXT, TSS_UUID, TCS_LOADKEY_INFO *, TCS_KEY_HANDLE *); +TSS_RESULT RPC_GetRegisteredKey(TSS_HCONTEXT, TSS_UUID, TSS_KM_KEYINFO **); +TSS_RESULT RPC_GetRegisteredKeyBlob(TSS_HCONTEXT, TSS_UUID, UINT32 *, BYTE **); +TSS_RESULT RPC_RegisterKey(TSS_HCONTEXT, TSS_UUID, TSS_UUID, UINT32, BYTE *, UINT32, BYTE *); +TSS_RESULT RPC_UnregisterKey(TSS_HCONTEXT, TSS_UUID); +TSS_RESULT RPC_EnumRegisteredKeys(TSS_HCONTEXT, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO **); +TSS_RESULT RPC_EnumRegisteredKeys2(TSS_HCONTEXT, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO2 **); +TSS_RESULT RPC_ChangeAuth(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, + TCPA_ENTITY_TYPE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, + UINT32 *, BYTE **); +TSS_RESULT Transport_ChangeAuth(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, + TCPA_ENTITY_TYPE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, + UINT32 *, BYTE **); +TSS_RESULT RPC_ChangeAuthOwner(TSS_HCONTEXT, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, TCPA_ENTITY_TYPE, + TPM_AUTH *); +TSS_RESULT Transport_ChangeAuthOwner(TSS_HCONTEXT, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, TCPA_ENTITY_TYPE, + TPM_AUTH *); +TSS_RESULT RPC_TerminateHandle(TSS_HCONTEXT, TCS_AUTHHANDLE); +TSS_RESULT Transport_TerminateHandle(TSS_HCONTEXT, TCS_AUTHHANDLE); +TSS_RESULT RPC_GetRandom(TSS_HCONTEXT, UINT32, BYTE **); +TSS_RESULT Transport_GetRandom(TSS_HCONTEXT, UINT32, BYTE **); +TSS_RESULT RPC_ChangeAuthAsymStart(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, + BYTE **, TCS_KEY_HANDLE *); +TSS_RESULT RPC_ChangeAuthAsymFinish(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, + TCPA_ENTITY_TYPE, TCPA_HMAC, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **, TCPA_SALT_NONCE *, + TCPA_DIGEST *); +TSS_RESULT RPC_GetPubKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_GetPubKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_CreateWrapKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, TCPA_ENCAUTH *, + UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *); +TSS_RESULT Transport_CreateWrapKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, TCPA_ENCAUTH *, + UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *); +TSS_RESULT RPC_CertifyKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, TPM_NONCE *, TPM_AUTH *, + TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_CertifyKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, TPM_NONCE *, + TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_CreateMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_MIGRATE_SCHEME, UINT32, + BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *, + BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_CreateMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_MIGRATE_SCHEME, UINT32, + BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *, + BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_ConvertMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_ConvertMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_PcrRead(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_PCRVALUE *); +TSS_RESULT Transport_PcrRead(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_PCRVALUE *); +TSS_RESULT RPC_PcrReset(TSS_HCONTEXT, UINT32, BYTE *); +TSS_RESULT Transport_PcrReset(TSS_HCONTEXT, UINT32, BYTE *); +TSS_RESULT RPC_OSAP(TSS_HCONTEXT, TCPA_ENTITY_TYPE, UINT32, TPM_NONCE *, TCS_AUTHHANDLE *, + TCPA_NONCE *, TCPA_NONCE *); +TSS_RESULT Transport_OSAP(TSS_HCONTEXT, TCPA_ENTITY_TYPE, UINT32, TPM_NONCE *, TCS_AUTHHANDLE *, + TCPA_NONCE *, TCPA_NONCE *); +TSS_RESULT RPC_GetCapabilityOwner(TSS_HCONTEXT, TPM_AUTH *, TCPA_VERSION *, UINT32 *, UINT32 *); +TSS_RESULT Transport_GetCapabilityOwner(TSS_HCONTEXT, TPM_AUTH *, TCPA_VERSION *, UINT32 *, UINT32 *); +TSS_RESULT RPC_OIAP(TSS_HCONTEXT, TCS_AUTHHANDLE *, TCPA_NONCE *); +TSS_RESULT Transport_OIAP(TSS_HCONTEXT, TCS_AUTHHANDLE *, TCPA_NONCE *); +TSS_RESULT RPC_Seal(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_Seal(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Sealx(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_Sealx(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Unseal(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, + UINT32 *, BYTE **); +TSS_RESULT Transport_Unseal(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, + UINT32 *, BYTE **); +TSS_RESULT RPC_UnBind(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, + BYTE **); +TSS_RESULT Transport_UnBind(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, + BYTE **); +TSS_RESULT RPC_Sign(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_Sign(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_CreateEndorsementKeyPair(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, UINT32 *, + BYTE **, TCPA_DIGEST *); +TSS_RESULT RPC_ReadPubek(TSS_HCONTEXT, TCPA_NONCE, UINT32 *, BYTE **, TCPA_DIGEST *); +TSS_RESULT RPC_OwnerReadPubek(TSS_HCONTEXT, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_TakeOwnership(TSS_HCONTEXT, UINT16, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_CreateRevocableEndorsementKeyPair(TSS_HCONTEXT, TPM_NONCE, UINT32, BYTE *, TSS_BOOL, TPM_DIGEST *, UINT32 *, BYTE **, TPM_DIGEST *); +TSS_RESULT RPC_RevokeEndorsementKeyPair(TSS_HCONTEXT, TPM_DIGEST *); +TSS_RESULT RPC_MakeIdentity(TSS_HCONTEXT, TCPA_ENCAUTH, TCPA_CHOSENID_HASH, UINT32, BYTE *, + TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, + BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_MakeIdentity2(TSS_HCONTEXT, TCPA_ENCAUTH, TCPA_CHOSENID_HASH, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_ActivateTPMIdentity(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_ActivateTPMIdentity(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_OwnerClear(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT Transport_OwnerClear(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT RPC_ForceClear(TSS_HCONTEXT); +TSS_RESULT Transport_ForceClear(TSS_HCONTEXT); +TSS_RESULT RPC_DisableOwnerClear(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT Transport_DisableOwnerClear(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT RPC_DisableForceClear(TSS_HCONTEXT); +TSS_RESULT Transport_DisableForceClear(TSS_HCONTEXT); +TSS_RESULT RPC_PhysicalDisable(TSS_HCONTEXT); +TSS_RESULT Transport_PhysicalDisable(TSS_HCONTEXT); +TSS_RESULT RPC_PhysicalEnable(TSS_HCONTEXT); +TSS_RESULT Transport_PhysicalEnable(TSS_HCONTEXT); +TSS_RESULT RPC_PhysicalSetDeactivated(TSS_HCONTEXT, TSS_BOOL); +TSS_RESULT Transport_PhysicalSetDeactivated(TSS_HCONTEXT, TSS_BOOL); +TSS_RESULT RPC_PhysicalPresence(TSS_HCONTEXT, TCPA_PHYSICAL_PRESENCE); +TSS_RESULT Transport_PhysicalPresence(TSS_HCONTEXT, TCPA_PHYSICAL_PRESENCE); +TSS_RESULT RPC_SetTempDeactivated(TSS_HCONTEXT); +TSS_RESULT Transport_SetTempDeactivated(TSS_HCONTEXT); +TSS_RESULT RPC_SetTempDeactivated2(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT Transport_SetTempDeactivated2(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT RPC_OwnerSetDisable(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *); +TSS_RESULT Transport_OwnerSetDisable(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *); +TSS_RESULT RPC_ResetLockValue(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT Transport_ResetLockValue(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT RPC_SetOwnerInstall(TSS_HCONTEXT, TSS_BOOL); +TSS_RESULT Transport_SetOwnerInstall(TSS_HCONTEXT, TSS_BOOL); +TSS_RESULT RPC_DisablePubekRead(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT Transport_DisablePubekRead(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT RPC_SelfTestFull(TSS_HCONTEXT); +TSS_RESULT Transport_SelfTestFull(TSS_HCONTEXT); +TSS_RESULT RPC_CertifySelfTest(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *, UINT32 *, + BYTE **); +TSS_RESULT Transport_CertifySelfTest(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *, UINT32 *, + BYTE **); +TSS_RESULT RPC_GetTestResult(TSS_HCONTEXT, UINT32 *, BYTE **); +TSS_RESULT Transport_GetTestResult(TSS_HCONTEXT, UINT32 *, BYTE **); +TSS_RESULT RPC_StirRandom(TSS_HCONTEXT, UINT32, BYTE *); +TSS_RESULT Transport_StirRandom(TSS_HCONTEXT, UINT32, BYTE *); +TSS_RESULT RPC_AuthorizeMigrationKey(TSS_HCONTEXT, TCPA_MIGRATE_SCHEME, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_AuthorizeMigrationKey(TSS_HCONTEXT, TCPA_MIGRATE_SCHEME, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_GetPcrEvent(TSS_HCONTEXT, UINT32, UINT32 *, TSS_PCR_EVENT **); +TSS_RESULT RPC_GetPcrEventsByPcr(TSS_HCONTEXT, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **); +TSS_RESULT RPC_GetPcrEventLog(TSS_HCONTEXT, UINT32 *, TSS_PCR_EVENT **); +TSS_RESULT RPC_Quote(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TPM_AUTH *, + UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_Quote(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TPM_AUTH *, + UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_Quote2(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TSS_BOOL, TPM_AUTH *, + UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_Quote2(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TSS_BOOL, + TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_Extend(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_DIGEST, TCPA_PCRVALUE *); +TSS_RESULT Transport_Extend(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_DIGEST, TCPA_PCRVALUE *); +TSS_RESULT RPC_DirWriteAuth(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *, TPM_AUTH *); +TSS_RESULT Transport_DirWriteAuth(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *, TPM_AUTH *); +TSS_RESULT RPC_DirRead(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *); +TSS_RESULT Transport_DirRead(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *); +TSS_RESULT RPC_LogPcrEvent(TSS_HCONTEXT, TSS_PCR_EVENT, UINT32 *); +TSS_RESULT RPC_EvictKey(TSS_HCONTEXT, TCS_KEY_HANDLE); +TSS_RESULT Transport_EvictKey(TSS_HCONTEXT, TCS_KEY_HANDLE); +TSS_RESULT RPC_CreateMaintenanceArchive(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_CreateMaintenanceArchive(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_KillMaintenanceFeature(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT Transport_KillMaintenanceFeature(TSS_HCONTEXT, TPM_AUTH *); +TSS_RESULT RPC_LoadMaintenanceArchive(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_LoadMaintenanceArchive(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_LoadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, TCPA_DIGEST *); +TSS_RESULT Transport_LoadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, TCPA_DIGEST *); +TSS_RESULT RPC_ReadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, TCPA_DIGEST *); +TSS_RESULT Transport_ReadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, TCPA_DIGEST *); +TSS_RESULT RPC_DaaJoin(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE *, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_DaaSign(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE *, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_ReadCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_COUNTER_VALUE *); +TSS_RESULT Transport_ReadCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_COUNTER_VALUE *); +TSS_RESULT RPC_CreateCounter(TSS_HCONTEXT, UINT32, BYTE *, TPM_ENCAUTH, TPM_AUTH *, + TSS_COUNTER_ID *, TPM_COUNTER_VALUE *); +TSS_RESULT RPC_IncrementCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH *, TPM_COUNTER_VALUE *); +TSS_RESULT RPC_ReleaseCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH *); +TSS_RESULT RPC_ReleaseCounterOwner(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH *); +TSS_RESULT RPC_ReadCurrentTicks(TSS_HCONTEXT, UINT32 *, BYTE **); +TSS_RESULT Transport_ReadCurrentTicks(TSS_HCONTEXT, UINT32 *, BYTE **); +TSS_RESULT RPC_TickStampBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE *, TPM_DIGEST *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_TickStampBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE *, TPM_DIGEST *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_EstablishTransport(TSS_HCONTEXT, UINT32, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_MODIFIER_INDICATOR *, TCS_HANDLE *, UINT32 *, BYTE **, TPM_NONCE *); +TSS_RESULT RPC_ExecuteTransport(TSS_HCONTEXT, TPM_COMMAND_CODE, UINT32, BYTE *, UINT32 *, TCS_HANDLE **, TPM_AUTH *, TPM_AUTH *, TPM_AUTH *, UINT64 *, TPM_MODIFIER_INDICATOR *, TPM_RESULT *, UINT32 *, BYTE **); +TSS_RESULT RPC_ReleaseTransportSigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE *, TPM_AUTH *, TPM_AUTH *, TPM_MODIFIER_INDICATOR *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_NV_DefineOrReleaseSpace(TSS_HCONTEXT, UINT32, BYTE *, TCPA_ENCAUTH, TPM_AUTH *); +TSS_RESULT Transport_NV_DefineOrReleaseSpace(TSS_HCONTEXT, UINT32, BYTE *, TCPA_ENCAUTH, TPM_AUTH *); +TSS_RESULT RPC_NV_WriteValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT Transport_NV_WriteValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT RPC_NV_WriteValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT Transport_NV_WriteValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT RPC_NV_ReadValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **); +TSS_RESULT Transport_NV_ReadValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **); +TSS_RESULT RPC_NV_ReadValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **); +TSS_RESULT Transport_NV_ReadValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **); +TSS_RESULT RPC_SetOrdinalAuditStatus(TSS_HCONTEXT, TPM_AUTH *, UINT32, TSS_BOOL); +TSS_RESULT Transport_SetOrdinalAuditStatus(TSS_HCONTEXT, TPM_AUTH *, UINT32, TSS_BOOL); +TSS_RESULT RPC_GetAuditDigest(TSS_HCONTEXT, UINT32, TPM_DIGEST *, UINT32 *, BYTE **, TSS_BOOL *, UINT32 *, UINT32 **); +TSS_RESULT Transport_GetAuditDigest(TSS_HCONTEXT, UINT32, TPM_DIGEST *, UINT32 *, BYTE **, TSS_BOOL *, UINT32 *, UINT32 **); +TSS_RESULT RPC_GetAuditDigestSigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *, + TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *, TPM_DIGEST *, + UINT32 *, BYTE **); +TSS_RESULT Transport_GetAuditDigestSigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *, + TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *, TPM_DIGEST *, + UINT32 *, BYTE **); +TSS_RESULT RPC_SetOperatorAuth(TSS_HCONTEXT, TCPA_SECRET *); +TSS_RESULT Transport_SetOperatorAuth(TSS_HCONTEXT, TCPA_SECRET *); +TSS_RESULT RPC_OwnerReadInternalPub(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_OwnerReadInternalPub(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_KeyControlOwner(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, TSS_BOOL, TPM_AUTH *, TSS_UUID *); +TSS_RESULT RPC_GetCredential(TSS_HCONTEXT, UINT32, UINT32, UINT32 *, BYTE **); +TSS_RESULT RPC_GetCapabilitySigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TCPA_CAPABILITY_AREA, UINT32, BYTE *, TPM_AUTH *, TCPA_VERSION *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_FieldUpgrade(TSS_HCONTEXT, UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *); +TSS_RESULT RPC_SetRedirection(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, UINT32, TPM_AUTH *); +TSS_RESULT RPC_Delegate_Manage(TSS_HCONTEXT, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_Delegate_Manage(TSS_HCONTEXT, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_CreateKeyDelegation(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_Delegate_CreateKeyDelegation(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_CreateOwnerDelegation(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_Delegate_CreateOwnerDelegation(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_LoadOwnerDelegation(TSS_HCONTEXT, TPM_DELEGATE_INDEX, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT Transport_Delegate_LoadOwnerDelegation(TSS_HCONTEXT, TPM_DELEGATE_INDEX, UINT32, BYTE *, TPM_AUTH *); +TSS_RESULT RPC_Delegate_ReadTable(TSS_HCONTEXT, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_Delegate_ReadTable(TSS_HCONTEXT, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_UpdateVerificationCount(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_Delegate_UpdateVerificationCount(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_Delegate_VerifyDelegation(TSS_HCONTEXT, UINT32, BYTE *); +TSS_RESULT Transport_Delegate_VerifyDelegation(TSS_HCONTEXT, UINT32, BYTE *); +TSS_RESULT RPC_DSAP(TSS_HCONTEXT, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32, BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *); +TSS_RESULT Transport_DSAP(TSS_HCONTEXT, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32, BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *); +TSS_RESULT RPC_CMK_SetRestrictions(TSS_HCONTEXT, TSS_CMK_DELEGATE, TPM_AUTH *); +TSS_RESULT Transport_CMK_SetRestrictions(TSS_HCONTEXT, TSS_CMK_DELEGATE, TPM_AUTH *); +TSS_RESULT RPC_CMK_ApproveMA(TSS_HCONTEXT, TPM_DIGEST, TPM_AUTH *, TPM_HMAC *); +TSS_RESULT Transport_CMK_ApproveMA(TSS_HCONTEXT, TPM_DIGEST, TPM_AUTH *, TPM_HMAC *); +TSS_RESULT RPC_CMK_CreateKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_ENCAUTH *, TPM_HMAC *, TPM_DIGEST *, UINT32 *, BYTE **, TPM_AUTH *); +TSS_RESULT Transport_CMK_CreateKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_ENCAUTH, TPM_HMAC, TPM_DIGEST, UINT32 *, BYTE **, TPM_AUTH *); +TSS_RESULT RPC_CMK_CreateTicket(TSS_HCONTEXT, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, TPM_AUTH *, TPM_HMAC *); +TSS_RESULT Transport_CMK_CreateTicket(TSS_HCONTEXT, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, TPM_AUTH *, TPM_HMAC *); +TSS_RESULT RPC_CMK_CreateBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_MIGRATE_SCHEME, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT Transport_CMK_CreateBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_MIGRATE_SCHEME, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +TSS_RESULT RPC_CMK_ConvertMigration(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_CMK_AUTH, TPM_HMAC, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT Transport_CMK_ConvertMigration(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_CMK_AUTH, TPM_HMAC, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **); +TSS_RESULT RPC_FlushSpecific(TSS_HCONTEXT, TCS_HANDLE, TPM_RESOURCE_TYPE); +TSS_RESULT Transport_FlushSpecific(TSS_HCONTEXT, TCS_HANDLE, TPM_RESOURCE_TYPE); + +TSS_RESULT RPC_Error(TSS_HCONTEXT, ...); + +struct tcs_api_table { +#ifdef TSS_BUILD_KEY + TSS_RESULT (*LoadKeyByBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, + TCS_KEY_HANDLE *, TCS_KEY_HANDLE *); + TSS_RESULT (*EvictKey)(TSS_HCONTEXT, TCS_KEY_HANDLE); + TSS_RESULT (*CreateWrapKey)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, TCPA_ENCAUTH *, + UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *); + TSS_RESULT (*GetPubKey)(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **); + TSS_RESULT (*OwnerReadInternalPub)(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH*, UINT32*, + BYTE**); +#ifdef TSS_BUILD_CERTIFY + TSS_RESULT (*CertifyKey)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, TPM_NONCE *, + TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **); +#endif +#endif +#ifdef TSS_BUILD_OWN + TSS_RESULT (*OwnerClear)(TSS_HCONTEXT, TPM_AUTH *); + TSS_RESULT (*ForceClear)(TSS_HCONTEXT); +#endif +#ifdef TSS_BUILD_AUTH + TSS_RESULT (*OIAP)(TSS_HCONTEXT, TCS_AUTHHANDLE *, TCPA_NONCE *); + TSS_RESULT (*OSAP)(TSS_HCONTEXT, TCPA_ENTITY_TYPE, UINT32, TPM_NONCE *, TCS_AUTHHANDLE *, + TCPA_NONCE *, TCPA_NONCE *); + TSS_RESULT (*TerminateHandle)(TSS_HCONTEXT, TCS_AUTHHANDLE); +#endif +#ifdef TSS_BUILD_CHANGEAUTH + TSS_RESULT (*ChangeAuth)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, + TCPA_ENTITY_TYPE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *, + BYTE **); + TSS_RESULT (*ChangeAuthOwner)(TSS_HCONTEXT, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, + TCPA_ENTITY_TYPE, TPM_AUTH *); + TSS_RESULT (*ChangeAuthAsymStart)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, + UINT32 *, BYTE **, TCS_KEY_HANDLE *); + TSS_RESULT (*ChangeAuthAsymFinish)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, + TCPA_ENTITY_TYPE, TCPA_HMAC, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **, TPM_NONCE *, + TCPA_DIGEST *); +#endif +#ifdef TSS_BUILD_AIK + TSS_RESULT (*ActivateTPMIdentity)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, + TPM_AUTH *, UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_PCR_EXTEND + TSS_RESULT (*Extend)(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_DIGEST, TCPA_PCRVALUE *); + TSS_RESULT (*PcrRead)(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_PCRVALUE *); + TSS_RESULT (*PcrReset)(TSS_HCONTEXT, UINT32, BYTE *); +#endif +#ifdef TSS_BUILD_QUOTE + TSS_RESULT (*Quote)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TPM_AUTH *, + UINT32 *, BYTE **, UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_QUOTE2 + TSS_RESULT (*Quote2)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TSS_BOOL, + TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_DIR + TSS_RESULT (*DirWriteAuth)(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *, TPM_AUTH *); + TSS_RESULT (*DirRead)(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *); +#endif +#ifdef TSS_BUILD_SEAL + TSS_RESULT (*Seal)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); + TSS_RESULT (*Sealx)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); + TSS_RESULT (*Unseal)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, + UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_BIND + TSS_RESULT (*UnBind)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, + BYTE **); +#endif +#ifdef TSS_BUILD_MIGRATION + TSS_RESULT (*CreateMigrationBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_MIGRATE_SCHEME, + UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, + UINT32 *, BYTE **, UINT32 *, BYTE **); + TSS_RESULT (*ConvertMigrationBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); + TSS_RESULT (*AuthorizeMigrationKey)(TSS_HCONTEXT, TCPA_MIGRATE_SCHEME, UINT32, BYTE *, + TPM_AUTH *, UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_SIGN + TSS_RESULT (*Sign)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, + BYTE **); +#endif +#ifdef TSS_BUILD_RANDOM + TSS_RESULT (*GetRandom)(TSS_HCONTEXT, UINT32, BYTE **); + TSS_RESULT (*StirRandom)(TSS_HCONTEXT, UINT32, BYTE *); +#endif +#ifdef TSS_BUILD_CAPS_TPM + TSS_RESULT (*GetTPMCapability)(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *, + BYTE **); + TSS_RESULT (*SetCapability)(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32, + BYTE *, TPM_AUTH *); + TSS_RESULT (*GetCapabilityOwner)(TSS_HCONTEXT, TPM_AUTH *, TCPA_VERSION *, UINT32 *, + UINT32 *); +#endif +#ifdef TSS_BUILD_EK + TSS_RESULT (*CreateEndorsementKeyPair)(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, UINT32 *, + BYTE **, TCPA_DIGEST *); + TSS_RESULT (*ReadPubek)(TSS_HCONTEXT, TCPA_NONCE, UINT32 *, BYTE **, TCPA_DIGEST *); + TSS_RESULT (*OwnerReadPubek)(TSS_HCONTEXT, TPM_AUTH *, UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_SELFTEST + TSS_RESULT (*SelfTestFull)(TSS_HCONTEXT); + TSS_RESULT (*CertifySelfTest)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *, + UINT32 *, BYTE **); + TSS_RESULT (*GetTestResult)(TSS_HCONTEXT, UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_ADMIN + TSS_RESULT (*DisablePubekRead)(TSS_HCONTEXT, TPM_AUTH *); + TSS_RESULT (*SetOwnerInstall)(TSS_HCONTEXT, TSS_BOOL); + TSS_RESULT (*OwnerSetDisable)(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *); + TSS_RESULT (*ResetLockValue)(TSS_HCONTEXT, TPM_AUTH *); + TSS_RESULT (*DisableOwnerClear)(TSS_HCONTEXT, TPM_AUTH *); + TSS_RESULT (*DisableForceClear)(TSS_HCONTEXT); + TSS_RESULT (*PhysicalDisable)(TSS_HCONTEXT); + TSS_RESULT (*PhysicalEnable)(TSS_HCONTEXT); + TSS_RESULT (*PhysicalSetDeactivated)(TSS_HCONTEXT, TSS_BOOL); + TSS_RESULT (*PhysicalPresence)(TSS_HCONTEXT, TCPA_PHYSICAL_PRESENCE); + TSS_RESULT (*SetTempDeactivated)(TSS_HCONTEXT); + TSS_RESULT (*SetTempDeactivated2)(TSS_HCONTEXT, TPM_AUTH *); +#endif +#ifdef TSS_BUILD_MAINT + TSS_RESULT (*CreateMaintenanceArchive)(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *, UINT32 *, + BYTE **, UINT32 *, BYTE **); + TSS_RESULT (*LoadMaintenanceArchive)(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, + BYTE **); + TSS_RESULT (*KillMaintenanceFeature)(TSS_HCONTEXT, TPM_AUTH *); + TSS_RESULT (*LoadManuMaintPub)(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, TCPA_DIGEST *); + TSS_RESULT (*ReadManuMaintPub)(TSS_HCONTEXT, TCPA_NONCE, TCPA_DIGEST *); +#endif +#ifdef TSS_BUILD_DAA + TSS_RESULT (*DaaJoin)(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE*, UINT32, BYTE*, + TPM_AUTH*, UINT32*, BYTE**); + TSS_RESULT (*DaaSign)(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE*, UINT32, BYTE*, + TPM_AUTH*, UINT32*, BYTE**); +#endif +#ifdef TSS_BUILD_COUNTER + TSS_RESULT (*ReadCounter)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_COUNTER_VALUE*); + TSS_RESULT (*CreateCounter)(TSS_HCONTEXT, UINT32, BYTE*, TPM_ENCAUTH, TPM_AUTH*, + TSS_COUNTER_ID*, TPM_COUNTER_VALUE*); + TSS_RESULT (*IncrementCounter)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH*, TPM_COUNTER_VALUE*); + TSS_RESULT (*ReleaseCounter)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH*); + TSS_RESULT (*ReleaseCounterOwner)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH*); +#endif +#ifdef TSS_BUILD_TICK + TSS_RESULT (*ReadCurrentTicks)(TSS_HCONTEXT, UINT32*, BYTE**); + TSS_RESULT (*TickStampBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE*, TPM_DIGEST*, + TPM_AUTH*, UINT32*, BYTE**,UINT32*, BYTE**); +#endif +#ifdef TSS_BUILD_NV + TSS_RESULT (*NV_DefineOrReleaseSpace)(TSS_HCONTEXT, UINT32, BYTE*, TCPA_ENCAUTH, TPM_AUTH*); + TSS_RESULT (*NV_WriteValue)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE*, TPM_AUTH*); + TSS_RESULT (*NV_WriteValueAuth)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE*, + TPM_AUTH*); + TSS_RESULT (*NV_ReadValue)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32*, TPM_AUTH*, BYTE**); + TSS_RESULT (*NV_ReadValueAuth)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32*, TPM_AUTH*, + BYTE**); +#endif +#ifdef TSS_BUILD_AUDIT + TSS_RESULT (*SetOrdinalAuditStatus)(TSS_HCONTEXT, TPM_AUTH *, UINT32, TSS_BOOL); + TSS_RESULT (*GetAuditDigest)(TSS_HCONTEXT, UINT32, TPM_DIGEST *, UINT32 *, BYTE **, + TSS_BOOL *, UINT32 *, UINT32 **); + TSS_RESULT (*GetAuditDigestSigned)(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *, + TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *, + TPM_DIGEST *, UINT32 *, BYTE **); +#endif +#ifdef TSS_BUILD_TSS12 + TSS_RESULT (*SetOperatorAuth)(TSS_HCONTEXT, TPM_SECRET *); + TSS_RESULT (*FlushSpecific)(TSS_HCONTEXT, TCS_HANDLE, TPM_RESOURCE_TYPE); +#endif +#ifdef TSS_BUILD_DELEGATION + TSS_RESULT (*Delegate_Manage)(TSS_HCONTEXT, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32, + BYTE *, TPM_AUTH *, UINT32 *, BYTE **); + TSS_RESULT (*Delegate_CreateKeyDelegation)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, + TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); + TSS_RESULT (*Delegate_CreateOwnerDelegation)(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE *, + TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **); + TSS_RESULT (*Delegate_LoadOwnerDelegation)(TSS_HCONTEXT, TPM_DELEGATE_INDEX, UINT32, BYTE *, + TPM_AUTH *); + TSS_RESULT (*Delegate_ReadTable)(TSS_HCONTEXT, UINT32 *, BYTE **, UINT32 *, BYTE **); + TSS_RESULT (*Delegate_UpdateVerificationCount)(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, + UINT32 *, BYTE **); + TSS_RESULT (*Delegate_VerifyDelegation)(TSS_HCONTEXT, UINT32, BYTE *); + TSS_RESULT (*DSAP)(TSS_HCONTEXT, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32, + BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *); +#endif + TSS_RESULT (*FieldUpgrade)(TSS_HCONTEXT, UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *); + TSS_RESULT (*SetRedirection)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, UINT32, TPM_AUTH *); +}; + +extern struct tcs_api_table tcs_normal_api; +#ifdef TSS_BUILD_TRANSPORT +extern struct tcs_api_table tcs_transport_api; +#endif + +#endif diff --git a/src/include/tcs_aik.h b/src/include/tcs_aik.h new file mode 100644 index 0000000..af49eae --- /dev/null +++ b/src/include/tcs_aik.h @@ -0,0 +1,16 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006-2007 + * + */ + +#ifndef _TCS_AIK_H_ +#define _TCS_AIK_H_ + +void get_credential(UINT32, UINT32 *, BYTE **); + +#endif diff --git a/src/include/tcs_context.h b/src/include/tcs_context.h new file mode 100644 index 0000000..c72944f --- /dev/null +++ b/src/include/tcs_context.h @@ -0,0 +1,36 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +#ifndef _TCS_CONTEXT_H_ +#define _TCS_CONTEXT_H_ + +#include "threads.h" + +struct keys_loaded +{ + TCS_KEY_HANDLE key_handle; + struct keys_loaded *next; +}; + +#define TSS_CONTEXT_FLAG_TRANSPORT_EXCLUSIVE 0x1 +#define TSS_CONTEXT_FLAG_TRANSPORT_ENCRYPTED 0x2 +#define TSS_CONTEXT_FLAG_TRANSPORT_ENABLED 0x4 + +struct tcs_context { + TSS_FLAG flags; + TPM_TRANSHANDLE transHandle; + TCS_CONTEXT_HANDLE handle; + COND_VAR cond; /* used in waiting for an auth ctx to become available */ + struct keys_loaded *keys; + struct tcs_context *next; +}; + +#endif + diff --git a/src/include/tcs_int_literals.h b/src/include/tcs_int_literals.h new file mode 100644 index 0000000..8f06432 --- /dev/null +++ b/src/include/tcs_int_literals.h @@ -0,0 +1,28 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +#ifndef _TCS_INT_LITERALS_H_ +#define _TCS_INT_LITERALS_H_ + +#define TPM_VENDOR_UNKNOWN 0 +#define TPM_VENDOR_ATMEL 1 +#define TPM_VENDOR_IFX 2 +#define TPM_VENDOR_NATL 3 + +#define TPM_PARAMSIZE_OFFSET 0x02 + +#define NULL_TPM_HANDLE ((TCPA_KEY_HANDLE)-1) +#define NULL_TCS_HANDLE ((TCS_KEY_HANDLE)-1) +#define SRK_TPM_HANDLE (0x40000000) +#define EK_TPM_HANDLE (0x40000001) + +#define FIXED_TCS_MANUFACTURER "IBM " + +#endif diff --git a/src/include/tcs_key_ps.h b/src/include/tcs_key_ps.h new file mode 100644 index 0000000..42cba89 --- /dev/null +++ b/src/include/tcs_key_ps.h @@ -0,0 +1,29 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#ifndef _TCS_KEY_PS_H_ +#define _TCS_KEY_PS_H_ + +TSS_RESULT ps_init_disk_cache(); +void ps_close_disk_cache(); +TSS_BOOL ps_is_key_registered(TCPA_STORE_PUBKEY *); +TSS_RESULT getParentUUIDByUUID(TSS_UUID *, TSS_UUID *); +TSS_RESULT isUUIDRegistered(TSS_UUID *, TSS_BOOL *); +void disk_cache_shift(struct key_disk_cache *); +TSS_RESULT ps_remove_key(TSS_UUID *); +TSS_RESULT clean_disk_cache(int); +TSS_RESULT ps_get_key_by_uuid(TSS_UUID *, BYTE *, UINT16 *); +TSS_RESULT ps_get_key_by_cache_entry(struct key_disk_cache *, BYTE *, UINT16 *); +TSS_RESULT ps_is_pub_registered(TCPA_STORE_PUBKEY *); +TSS_RESULT ps_get_uuid_by_pub(TCPA_STORE_PUBKEY *, TSS_UUID **); +TSS_RESULT ps_get_key_by_pub(TCPA_STORE_PUBKEY *, UINT32 *, BYTE **); +TSS_RESULT ps_write_key(TSS_UUID *, TSS_UUID *, BYTE *, UINT32, BYTE *, UINT32); + +#endif diff --git a/src/include/tcs_tsp.h b/src/include/tcs_tsp.h new file mode 100644 index 0000000..fdca21e --- /dev/null +++ b/src/include/tcs_tsp.h @@ -0,0 +1,98 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + + +#ifndef _TCS_TSP_H_ +#define _TCS_TSP_H_ + +/* Structures and defines needed to be known by the + * TSP layer and the TCS layer. + */ + +/* + * disk store format: + * + * [type name ] cached? + * -------------------------------------- + * [BYTE TrouSerS PS version] no + * [UINT32 num_keys_on_disk ] no + * [TSS_UUID uuid0 ] yes + * [TSS_UUID uuid_parent0 ] yes + * [UINT16 pub_data_size0 ] yes + * [UINT16 blob_size0 ] yes + * [UINT32 vendor_data_size0 ] yes + * [UINT16 cache_flags0 ] yes + * [BYTE[] pub_data0 ] no + * [BYTE[] blob0 ] no + * [BYTE[] vendor_data0 ] no + * [...] + * + */ + + +/* + * PS disk cache flags + */ +/* A key may be written to disk, in cache and yet be invalid if it has + * since been unregistered. */ +#define CACHE_FLAG_VALID 0x0001 +/* set if the key's parent is stored in system PS */ +#define CACHE_FLAG_PARENT_PS_SYSTEM 0x0002 + +/* the structure that makes up the in-memory PS disk cache */ +struct key_disk_cache +{ + unsigned int offset; + UINT16 pub_data_size; + UINT16 blob_size; + UINT16 flags; + UINT32 vendor_data_size; + TSS_UUID uuid; + TSS_UUID parent_uuid; + struct key_disk_cache *next; +}; + +/* The current PS version */ +#define TSSPS_VERSION 1 + +/* offsets into each key on disk. These should be passed a (struct key_disk_cache *) */ +#define TSSPS_VERSION_OFFSET (0) +#define TSSPS_NUM_KEYS_OFFSET (TSSPS_VERSION_OFFSET + sizeof(BYTE)) +#define TSSPS_KEYS_OFFSET (TSSPS_NUM_KEYS_OFFSET + sizeof(UINT32)) +#define TSSPS_UUID_OFFSET(c) ((c)->offset) +#define TSSPS_PARENT_UUID_OFFSET(c) ((c)->offset + sizeof(TSS_UUID)) +#define TSSPS_PUB_DATA_SIZE_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID))) +#define TSSPS_BLOB_SIZE_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + sizeof(UINT16)) +#define TSSPS_VENDOR_SIZE_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (2 * sizeof(UINT16))) +#define TSSPS_CACHE_FLAGS_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (2 * sizeof(UINT16)) + sizeof(UINT32)) +#define TSSPS_PUB_DATA_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (3 * sizeof(UINT16)) + sizeof(UINT32)) +#define TSSPS_BLOB_DATA_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (3 * sizeof(UINT16)) + sizeof(UINT32) + (c)->pub_data_size) +#define TSSPS_VENDOR_DATA_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (3 * sizeof(UINT16)) + sizeof(UINT32) + (c)->pub_data_size + (c)->blob_size) + +/* XXX Get rid of this, there's no reason to set an arbitrary limit */ +#define MAX_KEY_CHILDREN 10 + +#define STRUCTURE_PACKING_ATTRIBUTE __attribute__((packed)) + +#ifdef TSS_DEBUG +#define DBG_ASSERT(x) assert(x) +#else +#define DBG_ASSERT(x) +#endif + +/* needed by execute transport in the TSP */ +#define TSS_TPM_TXBLOB_HDR_LEN (sizeof(UINT16) + (2 * sizeof(UINT32))) + +#define TSS_TPM_TXBLOB_SIZE (4096) +#define TSS_TXBLOB_WRAPPEDCMD_OFFSET (TSS_TPM_TXBLOB_HDR_LEN + sizeof(UINT32)) +#define TSS_MAX_AUTHS_CAP (1024) +#define TSS_REQ_MGR_MAX_RETRIES (5) + +#endif diff --git a/src/include/tcs_utils.h b/src/include/tcs_utils.h new file mode 100644 index 0000000..0f0f4ce --- /dev/null +++ b/src/include/tcs_utils.h @@ -0,0 +1,1203 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _TCS_UTILS_H_ +#define _TCS_UTILS_H_ + +#include <assert.h> + +#include "threads.h" +#include "tcs_context.h" +#include "tcs_tsp.h" +#include "trousers_types.h" + +struct key_mem_cache +{ + TCPA_KEY_HANDLE tpm_handle; + TCS_KEY_HANDLE tcs_handle; + UINT16 flags; + int ref_cnt; + UINT32 time_stamp; + TSS_UUID uuid; + TSS_UUID p_uuid; + TSS_KEY *blob; + struct key_mem_cache *parent; + struct key_mem_cache *next, *prev; +}; + +extern struct key_mem_cache *key_mem_cache_head; +MUTEX_DECLARE_EXTERN(mem_cache_lock); + +struct tpm_properties +{ + UINT32 num_pcrs; + UINT32 num_dirs; + UINT32 num_keys; + UINT32 num_auths; + TSS_BOOL authctx_swap; + TSS_BOOL keyctx_swap; + TPM_VERSION version; + BYTE manufacturer[16]; +}; + +extern struct tpm_properties tpm_metrics; + +#define TPM_VERSION_IS(maj, min) \ + ((tpm_metrics.version.major == maj) && (tpm_metrics.version.minor == min)) + +#define TSS_UUID_IS_OWNEREVICT(uuid) \ + ((!uuid->ulTimeLow) && (!uuid->usTimeMid) && (!uuid->usTimeHigh) && \ + (!uuid->bClockSeqHigh) && (!uuid->bClockSeqLow) && (!uuid->rgbNode[0]) && \ + (!uuid->rgbNode[1]) && (!uuid->rgbNode[2]) && (!uuid->rgbNode[3]) && \ + (uuid->rgbNode[4] == 1)) + +#ifndef MIN +#define MIN(a,b) ((a) < (b) ? (a) : (b)) +#endif +#ifndef MAX +#define MAX(a,b) ((a) > (b) ? (a) : (b)) +#endif + +TSS_RESULT get_tpm_metrics(struct tpm_properties *); + +TSS_RESULT auth_mgr_init(); +TSS_RESULT auth_mgr_final(); +TSS_RESULT auth_mgr_check(TCS_CONTEXT_HANDLE, TPM_AUTHHANDLE *); +TSS_RESULT auth_mgr_release_auth_handle(TCS_AUTHHANDLE, TCS_CONTEXT_HANDLE, TSS_BOOL); +void auth_mgr_release_auth(TPM_AUTH *, TPM_AUTH *, TCS_CONTEXT_HANDLE); +TSS_RESULT auth_mgr_oiap(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE *, TCPA_NONCE *); +TSS_RESULT auth_mgr_osap(TCS_CONTEXT_HANDLE, TCPA_ENTITY_TYPE, UINT32, TCPA_NONCE, + TCS_AUTHHANDLE *, TCPA_NONCE *, TCPA_NONCE *); +TSS_RESULT auth_mgr_close_context(TCS_CONTEXT_HANDLE); +TSS_RESULT auth_mgr_swap_out(TCS_CONTEXT_HANDLE); +TSS_BOOL auth_mgr_req_new(TCS_CONTEXT_HANDLE); +TSS_RESULT auth_mgr_add(TCS_CONTEXT_HANDLE, TPM_AUTHHANDLE); + +TSS_RESULT event_log_init(); +TSS_RESULT event_log_final(); +TSS_RESULT owner_evict_init(); + +#ifdef TSS_BUILD_PCR_EVENTS +#define EVENT_LOG_init() event_log_init() +#define EVENT_LOG_final() event_log_final() +#else +#define EVENT_LOG_init() (TSS_SUCCESS) +#define EVENT_LOG_final() +#endif + +#define next( x ) x = x->next + +TSS_RESULT key_mgr_dec_ref_count(TCS_KEY_HANDLE); +TSS_RESULT key_mgr_inc_ref_count(TCS_KEY_HANDLE); +void key_mgr_ref_count(); +TSS_RESULT key_mgr_load_by_uuid(TCS_CONTEXT_HANDLE, TSS_UUID *, TCS_LOADKEY_INFO *, + TCS_KEY_HANDLE *); +TSS_RESULT key_mgr_load_by_blob(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, + TPM_AUTH *, TCS_KEY_HANDLE *, TCS_KEY_HANDLE *); +TSS_RESULT key_mgr_evict(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE); + + +extern TCS_CONTEXT_HANDLE InternalContext; + +TSS_RESULT mc_update_time_stamp(TCPA_KEY_HANDLE); +TCS_KEY_HANDLE getNextTcsKeyHandle(); +TCPA_STORE_PUBKEY *getParentPubBySlot(TCPA_KEY_HANDLE slot); +TCPA_STORE_PUBKEY *mc_get_pub_by_slot(TCPA_KEY_HANDLE); +TCPA_STORE_PUBKEY *mc_get_pub_by_handle(TCS_KEY_HANDLE); +TSS_UUID *mc_get_uuid_by_pub(TCPA_STORE_PUBKEY *); +TSS_RESULT mc_get_handles_by_uuid(TSS_UUID *, TCS_KEY_HANDLE *, TCPA_KEY_HANDLE *); +TCS_KEY_HANDLE mc_get_handle_by_encdata(BYTE *); +TSS_RESULT mc_update_encdata(BYTE *, BYTE *); +TSS_RESULT mc_find_next_ownerevict_uuid(TSS_UUID *); +TSS_RESULT mc_set_uuid(TCS_KEY_HANDLE, TSS_UUID *); + +TSS_RESULT initDiskCache(void); +void replaceEncData_PS(TSS_UUID, BYTE *encData, BYTE *newEncData); + +TSS_RESULT mc_add_entry(TCS_KEY_HANDLE, TCPA_KEY_HANDLE, TSS_KEY *); +TSS_RESULT mc_add_entry_init(TCS_KEY_HANDLE, TCPA_KEY_HANDLE, TSS_KEY *, TSS_UUID *); +TSS_RESULT mc_remove_entry(TCS_KEY_HANDLE); +TSS_RESULT mc_set_slot_by_slot(TCPA_KEY_HANDLE, TCPA_KEY_HANDLE); +TSS_RESULT mc_set_slot_by_handle(TCS_KEY_HANDLE, TCPA_KEY_HANDLE); +TCPA_KEY_HANDLE mc_get_slot_by_handle(TCS_KEY_HANDLE); +TCPA_KEY_HANDLE mc_get_slot_by_handle_lock(TCS_KEY_HANDLE); +TCPA_KEY_HANDLE mc_get_slot_by_pub(TCPA_STORE_PUBKEY *); +TCS_KEY_HANDLE mc_get_handle_by_pub(TCPA_STORE_PUBKEY *, TCS_KEY_HANDLE); +TCPA_STORE_PUBKEY *mc_get_parent_pub_by_pub(TCPA_STORE_PUBKEY *); +TSS_BOOL isKeyRegistered(TCPA_STORE_PUBKEY *); +TSS_RESULT mc_get_blob_by_pub(TCPA_STORE_PUBKEY *, TSS_KEY **); +TSS_RESULT evictFirstKey(TCS_KEY_HANDLE); +TSS_RESULT getParentUUIDByUUID(TSS_UUID *, TSS_UUID *); +TSS_RESULT getRegisteredKeyByUUID(TSS_UUID *, BYTE *, UINT16 *); +TSS_RESULT isPubRegistered(TCPA_STORE_PUBKEY *); +TSS_RESULT getRegisteredUuidByPub(TCPA_STORE_PUBKEY *, TSS_UUID **); +TSS_RESULT getRegisteredKeyByPub(TCPA_STORE_PUBKEY *, UINT32 *, BYTE **); +TSS_BOOL isKeyLoaded(TCPA_KEY_HANDLE); +TSS_RESULT LoadKeyShim(TCS_CONTEXT_HANDLE, TCPA_STORE_PUBKEY *, TSS_UUID *,TCPA_KEY_HANDLE *); +TSS_RESULT mc_set_parent_by_handle(TCS_KEY_HANDLE, TCS_KEY_HANDLE); +TSS_RESULT isUUIDRegistered(TSS_UUID *, TSS_BOOL *); +void destroy_key_refs(TSS_KEY *); + +/* cxt.c */ +TSS_RESULT context_close_auth(TCS_CONTEXT_HANDLE); +TSS_RESULT checkContextForAuth(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE); +TSS_RESULT addContextForAuth(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE); +TSS_RESULT ctx_verify_context(TCS_CONTEXT_HANDLE); +COND_VAR *ctx_get_cond_var(TCS_CONTEXT_HANDLE); +TSS_RESULT ctx_mark_key_loaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE); +TSS_RESULT ctx_remove_key_loaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE); +TSS_BOOL ctx_has_key_loaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE); +void ctx_ref_count_keys(struct tcs_context *); +struct tcs_context *get_context(TCS_CONTEXT_HANDLE); +TSS_RESULT ctx_req_exclusive_transport(TCS_CONTEXT_HANDLE); +TSS_RESULT ctx_set_transport_enabled(TCS_CONTEXT_HANDLE, TPM_TRANSHANDLE); +TSS_RESULT ctx_set_transport_disabled(TCS_CONTEXT_HANDLE, TCS_HANDLE *); + +#ifdef TSS_BUILD_KEY +#define CTX_ref_count_keys(c) ctx_ref_count_keys(c) +#define KEY_MGR_ref_count() key_mgr_ref_count() +TSS_RESULT ensureKeyIsLoaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_KEY_HANDLE *); +#else +#define CTX_ref_count_keys(c) +#define KEY_MGR_ref_count() +#define ensureKeyIsLoaded(...) (1 /* XXX non-zero return will indicate failure */) +#endif + + +TCS_CONTEXT_HANDLE make_context(); +void destroy_context(TCS_CONTEXT_HANDLE); + +/* tcs_utils.c */ +TSS_RESULT get_current_version(TPM_VERSION *); +void LogData(char *string, UINT32 data); +void LogResult(char *string, TSS_RESULT result); +TSS_RESULT canILoadThisKey(TCPA_KEY_PARMS *parms, TSS_BOOL *); +TSS_RESULT internal_EvictByKeySlot(TCPA_KEY_HANDLE slot); + +TSS_RESULT clearKeysFromChip(TCS_CONTEXT_HANDLE hContext); +TSS_RESULT clearUnknownKeys(TCS_CONTEXT_HANDLE, UINT32 *); + +void UINT64ToArray(UINT64, BYTE *); +void UINT32ToArray(UINT32, BYTE *); +void UINT16ToArray(UINT16, BYTE *); +UINT64 Decode_UINT64(BYTE *); +UINT32 Decode_UINT32(BYTE *); +UINT16 Decode_UINT16(BYTE *); +void LoadBlob_UINT64(UINT64 *, UINT64, BYTE *); +void LoadBlob_UINT32(UINT64 *, UINT32, BYTE *); +void LoadBlob_UINT16(UINT64 *, UINT16, BYTE *); +void UnloadBlob_UINT64(UINT64 *, UINT64 *, BYTE *); +void UnloadBlob_UINT32(UINT64 *, UINT32 *, BYTE *); +void UnloadBlob_UINT16(UINT64 *, UINT16 *, BYTE *); +void LoadBlob_BYTE(UINT64 *, BYTE, BYTE *); +void UnloadBlob_BYTE(UINT64 *, BYTE *, BYTE *); +void LoadBlob_BOOL(UINT64 *, TSS_BOOL, BYTE *); +void UnloadBlob_BOOL(UINT64 *, TSS_BOOL *, BYTE *); +void LoadBlob(UINT64 *, UINT32, BYTE *, BYTE *); +void UnloadBlob(UINT64 *, UINT32, BYTE *, BYTE *); +void LoadBlob_Header(UINT16, UINT32, UINT32, BYTE *); +#ifdef TSS_DEBUG +#define UnloadBlob_Header(b,u) LogUnloadBlob_Header(b,u, __FILE__, __LINE__) +TSS_RESULT LogUnloadBlob_Header(BYTE *, UINT32 *, char *, int); +#else +TSS_RESULT UnloadBlob_Header(BYTE *, UINT32 *); +#endif +TSS_RESULT UnloadBlob_MIGRATIONKEYAUTH(UINT64 *, BYTE *, TCPA_MIGRATIONKEYAUTH *); +void LoadBlob_Auth(UINT64 *, BYTE *, TPM_AUTH *); +void UnloadBlob_Auth(UINT64 *, BYTE *, TPM_AUTH *); +void LoadBlob_KEY_PARMS(UINT64 *, BYTE *, TCPA_KEY_PARMS *); +TSS_RESULT UnloadBlob_KEY_PARMS(UINT64 *, BYTE *, TCPA_KEY_PARMS *); +TSS_RESULT UnloadBlob_STORE_PUBKEY(UINT64 *, BYTE *, TCPA_STORE_PUBKEY *); +void LoadBlob_STORE_PUBKEY(UINT64 *, BYTE *, TCPA_STORE_PUBKEY *); +void UnloadBlob_VERSION(UINT64 *, BYTE *, TPM_VERSION *); +void LoadBlob_VERSION(UINT64 *, BYTE *, TPM_VERSION *); +void UnloadBlob_TCPA_VERSION(UINT64 *, BYTE *, TCPA_VERSION *); +void LoadBlob_TCPA_VERSION(UINT64 *, BYTE *, TCPA_VERSION *); +TSS_RESULT UnloadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *); +void LoadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *); +void LoadBlob_PUBKEY(UINT64 *, BYTE *, TCPA_PUBKEY *); +TSS_RESULT UnloadBlob_PUBKEY(UINT64 *, BYTE *, TCPA_PUBKEY *); +void LoadBlob_SYMMETRIC_KEY(UINT64 *, BYTE *, TCPA_SYMMETRIC_KEY *); +TSS_RESULT UnloadBlob_SYMMETRIC_KEY(UINT64 *, BYTE *, TCPA_SYMMETRIC_KEY *); +TSS_RESULT UnloadBlob_PCR_SELECTION(UINT64 *, BYTE *, TCPA_PCR_SELECTION *); +void LoadBlob_PCR_SELECTION(UINT64 *, BYTE *, TCPA_PCR_SELECTION); +TSS_RESULT UnloadBlob_PCR_COMPOSITE(UINT64 *, BYTE *, TCPA_PCR_COMPOSITE *); +void LoadBlob_PCR_INFO(UINT64 *, BYTE *, TCPA_PCR_INFO *); +TSS_RESULT UnloadBlob_PCR_INFO(UINT64 *, BYTE *, TCPA_PCR_INFO *); +TSS_RESULT UnloadBlob_STORED_DATA(UINT64 *, BYTE *, TCPA_STORED_DATA *); +void LoadBlob_STORED_DATA(UINT64 *, BYTE *, TCPA_STORED_DATA *); +void LoadBlob_KEY_FLAGS(UINT64 *, BYTE *, TCPA_KEY_FLAGS *); +void UnloadBlob_KEY_FLAGS(UINT64 *, BYTE *, TCPA_KEY_FLAGS *); +TSS_RESULT UnloadBlob_CERTIFY_INFO(UINT64 *, BYTE *, TCPA_CERTIFY_INFO *); +TSS_RESULT UnloadBlob_KEY_HANDLE_LIST(UINT64 *, BYTE *, TCPA_KEY_HANDLE_LIST *); +void LoadBlob_UUID(UINT64 *, BYTE *, TSS_UUID); +void UnloadBlob_UUID(UINT64 *, BYTE *, TSS_UUID *); +void LoadBlob_COUNTER_VALUE(UINT64 *, BYTE *, TPM_COUNTER_VALUE *); +void UnloadBlob_COUNTER_VALUE(UINT64 *, BYTE *, TPM_COUNTER_VALUE *); +void LoadBlob_DIGEST(UINT64 *, BYTE *, TPM_DIGEST *); +void UnloadBlob_DIGEST(UINT64 *, BYTE *, TPM_DIGEST *); +void LoadBlob_NONCE(UINT64 *, BYTE *, TPM_NONCE *); +void UnloadBlob_NONCE(UINT64 *, BYTE *, TPM_NONCE *); +void LoadBlob_AUTHDATA(UINT64 *, BYTE *, TPM_AUTHDATA *); +void UnloadBlob_AUTHDATA(UINT64 *, BYTE *, TPM_AUTHDATA *); +#define LoadBlob_ENCAUTH(a, b, c) LoadBlob_AUTHDATA(a, b, c) +#define UnloadBlob_ENCAUTH(a, b, c) UnloadBlob_AUTHDATA(a, b, c) + +void UnloadBlob_CURRENT_TICKS(UINT64 *, BYTE *, TPM_CURRENT_TICKS *); +TSS_RESULT UnloadBlob_PCR_INFO_SHORT(UINT64 *, BYTE *, TPM_PCR_INFO_SHORT *); + +TSS_RESULT Hash(UINT32, UINT32, BYTE *, BYTE *); +void free_external_events(UINT32, TSS_PCR_EVENT *); + +TSS_RESULT internal_TerminateHandle(TCS_AUTHHANDLE handle); +UINT32 get_pcr_event_size(TSS_PCR_EVENT *); +TSS_RESULT fill_key_info(struct key_disk_cache *, struct key_mem_cache *, TSS_KM_KEYINFO *); +TSS_RESULT fill_key_info2(struct key_disk_cache *, struct key_mem_cache *, TSS_KM_KEYINFO2 *); + +char platform_get_runlevel(); +TSS_RESULT tpm_rsp_parse(TPM_COMMAND_CODE, BYTE *, UINT32, ...); +TSS_RESULT tpm_rqu_build(TPM_COMMAND_CODE, UINT64 *, BYTE *, ...); +TSS_RESULT tpm_preload_check(TCS_CONTEXT_HANDLE, TPM_COMMAND_CODE ordinal, ...); +TSS_RESULT getKeyByCacheEntry(struct key_disk_cache *, BYTE *, UINT16 *); +TSS_RESULT add_cache_entry(TCS_CONTEXT_HANDLE, BYTE *, TCS_KEY_HANDLE, TPM_KEY_HANDLE, TCS_KEY_HANDLE *); +TSS_RESULT get_slot(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TPM_KEY_HANDLE *); +TSS_RESULT get_slot_lite(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TPM_KEY_HANDLE *); +TSS_RESULT load_key_init(TPM_COMMAND_CODE, TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE*, TSS_BOOL, TPM_AUTH*, TSS_BOOL*, UINT64*, BYTE*, TCS_KEY_HANDLE*, TPM_KEY_HANDLE*); +TSS_RESULT load_key_final(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCS_KEY_HANDLE *, BYTE *, TPM_KEY_HANDLE); +TSS_RESULT LoadKeyByBlob_Internal(UINT32,TCS_CONTEXT_HANDLE,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *, + TCS_KEY_HANDLE *,TCS_KEY_HANDLE *); +TSS_RESULT TSC_PhysicalPresence_Internal(UINT16 physPres); +TSS_RESULT TCSP_FlushSpecific_Common(UINT32, TPM_RESOURCE_TYPE); + + TSS_RESULT TCSP_GetRegisteredKeyByPublicInfo_Internal(TCS_CONTEXT_HANDLE tcsContext, TCPA_ALGORITHM_ID algID, /* in */ + UINT32 ulPublicInfoLength, /* in */ + BYTE * rgbPublicInfo, /* in */ + UINT32 * keySize, BYTE ** keyBlob); + + TSS_RESULT TCS_OpenContext_Internal(TCS_CONTEXT_HANDLE * hContext /* out */ + ); + + TSS_RESULT TCS_CloseContext_Internal(TCS_CONTEXT_HANDLE hContext /* in */ + ); + + TSS_RESULT TCS_FreeMemory_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + BYTE * pMemory /* in */ + ); + + TSS_RESULT TCS_LogPcrEvent_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_PCR_EVENT Event, /* in */ + UINT32 * pNumber /* out */ + ); + + TSS_RESULT TCS_GetPcrEvent_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 PcrIndex, /* in */ + UINT32 * pNumber, /* in, out */ + TSS_PCR_EVENT ** ppEvent /* out */ + ); + + TSS_RESULT TCS_GetPcrEventsByPcr_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 PcrIndex, /* in */ + UINT32 FirstEvent, /* in */ + UINT32 * pEventCount, /* in,out */ + TSS_PCR_EVENT ** ppEvents /* out */ + ); + + TSS_RESULT TCS_GetPcrEventLog_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 * pEventCount, /* out */ + TSS_PCR_EVENT ** ppEvents /* out */ + ); + + TSS_RESULT TCS_RegisterKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_UUID *WrappingKeyUUID, /* in */ + TSS_UUID *KeyUUID, /* in */ + UINT32 cKeySize, /* in */ + BYTE * rgbKey, /* in */ + UINT32 cVendorData, /* in */ + BYTE * gbVendorData /* in */ + ); + + TSS_RESULT TCS_UnregisterKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_UUID KeyUUID /* in */ + ); + + TSS_RESULT TCS_EnumRegisteredKeys_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_UUID * pKeyUUID, /* in */ + UINT32 * pcKeyHierarchySize, /* out */ + TSS_KM_KEYINFO ** ppKeyHierarchy /* out */ + ); + + TSS_RESULT TCS_EnumRegisteredKeys_Internal2(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_UUID * pKeyUUID, /* in */ + UINT32 * pcKeyHierarchySize, /* out */ + TSS_KM_KEYINFO2 ** ppKeyHierarchy /* out */ + ); + + TSS_RESULT TCS_GetRegisteredKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_UUID *KeyUUID, /* in */ + TSS_KM_KEYINFO ** ppKeyInfo /* out */ + ); + + TSS_RESULT TCS_GetRegisteredKeyBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_UUID *KeyUUID, /* in */ + UINT32 * pcKeySize, /* out */ + BYTE ** prgbKey /* out */ + ); + + TSS_RESULT TCSP_LoadKeyByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hUnwrappingKey, /* in */ + UINT32 cWrappedKeyBlobSize, /* in */ + BYTE * rgbWrappedKeyBlob, /* in */ + TPM_AUTH * pAuth, /* in, out */ + TCS_KEY_HANDLE * phKeyTCSI, /* out */ + TCS_KEY_HANDLE * phKeyHMAC /* out */ + ); + + TSS_RESULT TCSP_LoadKey2ByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hUnwrappingKey, /* in */ + UINT32 cWrappedKeyBlobSize, /* in */ + BYTE * rgbWrappedKeyBlob, /* in */ + TPM_AUTH * pAuth, /* in, out */ + TCS_KEY_HANDLE * phKeyTCSI /* out */ + ); + + TSS_RESULT TCSP_LoadKeyByUUID_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_UUID *KeyUUID, /* in */ + TCS_LOADKEY_INFO * pLoadKeyInfo, /* in, out */ + TCS_KEY_HANDLE * phKeyTCSI /* out */ + ); + + TSS_RESULT TCSP_EvictKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hKey /* in */ + ); + + TSS_RESULT TCSP_CreateWrapKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hWrappingKey, /* in */ + TCPA_ENCAUTH KeyUsageAuth, /* in */ + TCPA_ENCAUTH KeyMigrationAuth, /* in */ + UINT32 keyInfoSize, /* in */ + BYTE * keyInfo, /* in */ + UINT32 * keyDataSize, /* out */ + BYTE ** keyData, /* out */ + TPM_AUTH * pAuth /* in, out */ + ); + + TSS_RESULT TCSP_GetPubKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hKey, /* in */ + TPM_AUTH * pAuth, /* in, out */ + UINT32 * pcPubKeySize, /* out */ + BYTE ** prgbPubKey /* out */ + ); + TSS_RESULT TCSP_MakeIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_ENCAUTH identityAuth, /* in */ + TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */ + UINT32 idKeyInfoSize, /*in */ + BYTE * idKeyInfo, /*in */ + TPM_AUTH * pSrkAuth, /* in, out */ + TPM_AUTH * pOwnerAuth, /* in, out */ + UINT32 * idKeySize, /* out */ + BYTE ** idKey, /* out */ + UINT32 * pcIdentityBindingSize, /* out */ + BYTE ** prgbIdentityBinding, /* out */ + UINT32 * pcEndorsementCredentialSize, /* out */ + BYTE ** prgbEndorsementCredential, /* out */ + UINT32 * pcPlatformCredentialSize, /* out */ + BYTE ** prgbPlatformCredential, /* out */ + UINT32 * pcConformanceCredentialSize, /* out */ + BYTE ** prgbConformanceCredential /* out */ + ); + + TSS_RESULT TCSP_MakeIdentity2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_ENCAUTH identityAuth, /* in */ + TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */ + UINT32 idKeyInfoSize, /*in */ + BYTE * idKeyInfo, /*in */ + TPM_AUTH * pSrkAuth, /* in, out */ + TPM_AUTH * pOwnerAuth, /* in, out */ + UINT32 * idKeySize, /* out */ + BYTE ** idKey, /* out */ + UINT32 * pcIdentityBindingSize, /* out */ + BYTE ** prgbIdentityBinding /* out */ + ); + + TSS_RESULT TCS_GetCredential_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 ulCredentialType, /* in */ + UINT32 ulCredentialAccessMode, /* in */ + UINT32 * pulCredentialSize, /* out */ + BYTE ** prgbCredentialData /* out */ + ); + + TSS_RESULT TCSP_SetOwnerInstall_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_BOOL state /* in */ + ); + + TSS_RESULT TCSP_TakeOwnership_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT16 protocolID, /* in */ + UINT32 encOwnerAuthSize, /* in */ + BYTE * encOwnerAuth, /* in */ + UINT32 encSrkAuthSize, /* in */ + BYTE * encSrkAuth, /* in */ + UINT32 srkInfoSize, /*in */ + BYTE * srkInfo, /*in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 * srkKeySize, /*out */ + BYTE ** srkKey /*out */ + ); + + TSS_RESULT TCSP_OIAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_AUTHHANDLE * authHandle, /* out */ + TCPA_NONCE * nonce0 /* out */ + ); + + TSS_RESULT TCSP_OSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_ENTITY_TYPE entityType, /* in */ + UINT32 entityValue, /* in */ + TCPA_NONCE nonceOddOSAP, /* in */ + TCS_AUTHHANDLE * authHandle, /* out */ + TCPA_NONCE * nonceEven, /* out */ + TCPA_NONCE * nonceEvenOSAP /* out */ + ); + + TSS_RESULT TCSP_ChangeAuth_Internal(TCS_CONTEXT_HANDLE contextHandle, /* in */ + TCS_KEY_HANDLE parentHandle, /* in */ + TCPA_PROTOCOL_ID protocolID, /* in */ + TCPA_ENCAUTH newAuth, /* in */ + TCPA_ENTITY_TYPE entityType, /* in */ + UINT32 encDataSize, /* in */ + BYTE * encData, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + TPM_AUTH * entityAuth, /* in, out */ + UINT32 * outDataSize, /* out */ + BYTE ** outData /* out */ + ); + + TSS_RESULT TCSP_ChangeAuthOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_PROTOCOL_ID protocolID, /* in */ + TCPA_ENCAUTH newAuth, /* in */ + TCPA_ENTITY_TYPE entityType, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_ChangeAuthAsymStart_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE idHandle, /* in */ + TCPA_NONCE antiReplay, /* in */ + UINT32 KeySizeIn, /* in */ + BYTE * KeyDataIn, /* in */ + TPM_AUTH * pAuth, /* in, out */ + UINT32 * KeySizeOut, /* out */ + BYTE ** KeyDataOut, /* out */ + UINT32 * CertifyInfoSize, /* out */ + BYTE ** CertifyInfo, /* out */ + UINT32 * sigSize, /* out */ + BYTE ** sig, /* out */ + TCS_KEY_HANDLE * ephHandle /* out */ + ); + + TSS_RESULT TCSP_ChangeAuthAsymFinish_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE parentHandle, /* in */ + TCS_KEY_HANDLE ephHandle, /* in */ + TCPA_ENTITY_TYPE entityType, /* in */ + TCPA_HMAC newAuthLink, /* in */ + UINT32 newAuthSize, /* in */ + BYTE * encNewAuth, /* in */ + UINT32 encDataSizeIn, /* in */ + BYTE * encDataIn, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 * encDataSizeOut, /* out */ + BYTE ** encDataOut, /* out */ + TCPA_NONCE * saltNonce, /* out */ + TCPA_DIGEST * changeProof /* out */ + ); + + TSS_RESULT TCSP_TerminateHandle_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_AUTHHANDLE handle /* in */ + ); + + TSS_RESULT TCSP_ActivateTPMIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE idKey, /* in */ + UINT32 blobSize, /* in */ + BYTE * blob, /* in */ + TPM_AUTH * idKeyAuth, /* in, out */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 * SymmetricKeySize, /* out */ + BYTE ** SymmetricKey /* out */ + ); + + TSS_RESULT TCSP_Extend_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_PCRINDEX pcrNum, /* in */ + TCPA_DIGEST inDigest, /* in */ + TCPA_PCRVALUE * outDigest /* out */ + ); + + TSS_RESULT TCSP_PcrRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_PCRINDEX pcrNum, /* in */ + TCPA_PCRVALUE * outDigest /* out */ + ); + + TSS_RESULT TCSP_PcrReset_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 pcrDataSizeIn, /* in */ + BYTE * pcrData /* in */ + ); + + TSS_RESULT TCSP_Quote_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + TCPA_NONCE antiReplay, /* in */ + UINT32 pcrDataSizeIn, /* in */ + BYTE * pcrDataIn, /* in */ + TPM_AUTH * privAuth, /* in, out */ + UINT32 * pcrDataSizeOut, /* out */ + BYTE ** pcrDataOut, /* out */ + UINT32 * sigSize, /* out */ + BYTE ** sig /* out */ + ); + + TSS_RESULT TCSP_Quote2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + TCPA_NONCE antiReplay, /* in */ + UINT32 pcrDataSizeIn, /* in */ + BYTE * pcrDataIn, /* in */ + TSS_BOOL addVersion, /* in */ + TPM_AUTH * privAuth, /* in, out */ + UINT32 * pcrDataSizeOut, /* out */ + BYTE ** pcrDataOut, /* out */ + UINT32 * versionInfoSize, /* out */ + BYTE ** versionInfo, /* out */ + UINT32 * sigSize, /* out */ + BYTE ** sig /* out */ + ); + + TSS_RESULT TCSP_DirWriteAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_DIRINDEX dirIndex, /* in */ + TCPA_DIRVALUE newContents, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_DirRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_DIRINDEX dirIndex, /* in */ + TCPA_DIRVALUE * dirValue /* out */ + ); + + /* Since only the ordinal differs between Seal and Sealx (from an API point of view), + use a common Seal function specifying the ordinal to be sent to the TPM. */ + TSS_RESULT TCSP_Seal_Internal(UINT32 sealOrdinal, /* in */ + TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + TCPA_ENCAUTH encAuth, /* in */ + UINT32 pcrInfoSize, /* in */ + BYTE * PcrInfo, /* in */ + UINT32 inDataSize, /* in */ + BYTE * inData, /* in */ + TPM_AUTH * pubAuth, /* in, out */ + UINT32 * SealedDataSize, /* out */ + BYTE ** SealedData /* out */ + ); + + TSS_RESULT TCSP_Unseal_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE parentHandle, /* in */ + UINT32 SealedDataSize, /* in */ + BYTE * SealedData, /* in */ + TPM_AUTH * parentAuth, /* in, out */ + TPM_AUTH * dataAuth, /* in, out */ + UINT32 * DataSize, /* out */ + BYTE ** Data /* out */ + ); + + TSS_RESULT TCSP_UnBind_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + UINT32 inDataSize, /* in */ + BYTE * inData, /* in */ + TPM_AUTH * privAuth, /* in, out */ + UINT32 * outDataSize, /* out */ + BYTE ** outData /* out */ + ); + TSS_RESULT TCSP_CreateMigrationBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE parentHandle, /* in */ + TCPA_MIGRATE_SCHEME migrationType, /* in */ + UINT32 MigrationKeyAuthSize, /* in */ + BYTE * MigrationKeyAuth, /* in */ + UINT32 encDataSize, /* in */ + BYTE * encData, /* in */ + TPM_AUTH * parentAuth, /* in, out */ + TPM_AUTH * entityAuth, /* in, out */ + UINT32 * randomSize, /* out */ + BYTE ** random, /* out */ + UINT32 * outDataSize, /* out */ + BYTE ** outData /* out */ + ); + + TSS_RESULT TCSP_ConvertMigrationBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE parentHandle, /* in */ + UINT32 inDataSize, /* in */ + BYTE * inData, /* in */ + UINT32 randomSize, /* in */ + BYTE * random, /* in */ + TPM_AUTH * parentAuth, /* in, out */ + UINT32 * outDataSize, /* out */ + BYTE ** outData /* out */ + ); + + TSS_RESULT TCSP_AuthorizeMigrationKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_MIGRATE_SCHEME migrateScheme, /* in */ + UINT32 MigrationKeySize, /* in */ + BYTE * MigrationKey, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 * MigrationKeyAuthSize, /* out */ + BYTE ** MigrationKeyAuth /* out */ + ); + + TSS_RESULT TCSP_CertifyKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE certHandle, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + TCPA_NONCE antiReplay, /* in */ + TPM_AUTH * certAuth, /* in, out */ + TPM_AUTH * keyAuth, /* in, out */ + UINT32 * CertifyInfoSize, /* out */ + BYTE ** CertifyInfo, /* out */ + UINT32 * outDataSize, /* out */ + BYTE ** outData /* out */ + ); + + TSS_RESULT TCSP_Sign_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + UINT32 areaToSignSize, /* in */ + BYTE * areaToSign, /* in */ + TPM_AUTH * privAuth, /* in, out */ + UINT32 * sigSize, /* out */ + BYTE ** sig /* out */ + ); + + TSS_RESULT TCSP_GetRandom_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 * bytesRequested, /* in, out */ + BYTE ** randomBytes /* out */ + ); + + TSS_RESULT TCSP_StirRandom_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 inDataSize, /* in */ + BYTE * inData /* in */ + ); + + TSS_RESULT TCS_GetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_CAPABILITY_AREA capArea, /* in */ + UINT32 subCapSize, /* in */ + BYTE * subCap, /* in */ + UINT32 * respSize, /* out */ + BYTE ** resp /* out */ + ); + + TSS_RESULT TCSP_GetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_CAPABILITY_AREA capArea, /* in */ + UINT32 subCapSize, /* in */ + BYTE * subCap, /* in */ + UINT32 * respSize, /* out */ + BYTE ** resp /* out */ + ); + TSS_RESULT TCSP_SetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_CAPABILITY_AREA capArea, /* in */ + UINT32 subCapSize, /* in */ + BYTE * subCap, /* in */ + UINT32 valueSize, /* in */ + BYTE * value, /* in */ + TPM_AUTH * pOwnerAuth /* in, out */ + ); + TSS_RESULT TCSP_GetCapabilityOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * pOwnerAuth, /* out */ + TCPA_VERSION * pVersion, /* out */ + UINT32 * pNonVolatileFlags, /* out */ + UINT32 * pVolatileFlags /* out */ + ); + + TSS_RESULT TCSP_CreateEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_NONCE antiReplay, /* in */ + UINT32 endorsementKeyInfoSize, /* in */ + BYTE * endorsementKeyInfo, /* in */ + UINT32 * endorsementKeySize, /* out */ + BYTE ** endorsementKey, /* out */ + TCPA_DIGEST * checksum /* out */ + ); + + TSS_RESULT TCSP_ReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_NONCE antiReplay, /* in */ + UINT32 * pubEndorsementKeySize, /* out */ + BYTE ** pubEndorsementKey, /* out */ + TCPA_DIGEST * checksum /* out */ + ); + + TSS_RESULT TCSP_DisablePubekRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_OwnerReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 * pubEndorsementKeySize, /* out */ + BYTE ** pubEndorsementKey /* out */ + ); + + TSS_RESULT TCSP_CreateRevocableEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_NONCE antiReplay, /* in */ + UINT32 endorsementKeyInfoSize, /* in */ + BYTE * endorsementKeyInfo, /* in */ + TSS_BOOL genResetAuth, /* in */ + TPM_DIGEST * eKResetAuth, /* in, out */ + UINT32 * endorsementKeySize, /* out */ + BYTE ** endorsementKey, /* out */ + TPM_DIGEST * checksum /* out */ + ); + + TSS_RESULT TCSP_RevokeEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_DIGEST EKResetAuth /* in */ + ); + + TSS_RESULT TCSP_SelfTestFull_Internal(TCS_CONTEXT_HANDLE hContext /* in */ + ); + + TSS_RESULT TCSP_CertifySelfTest_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + TCPA_NONCE antiReplay, /* in */ + TPM_AUTH * privAuth, /* in, out */ + UINT32 * sigSize, /* out */ + BYTE ** sig /* out */ + ); + + TSS_RESULT TCSP_GetTestResult_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 * outDataSize, /* out */ + BYTE ** outData /* out */ + ); + + TSS_RESULT TCSP_OwnerSetDisable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_BOOL disableState, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_ResetLockValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_OwnerClear_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_DisableOwnerClear_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_ForceClear_Internal(TCS_CONTEXT_HANDLE hContext /* in */ + ); + + TSS_RESULT TCSP_DisableForceClear_Internal(TCS_CONTEXT_HANDLE hContext /* in */ + ); + + TSS_RESULT TCSP_PhysicalPresence_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_PHYSICAL_PRESENCE fPhysicalPresence /* in */ + ); + + TSS_RESULT TCSP_PhysicalDisable_Internal(TCS_CONTEXT_HANDLE hContext /* in */ + ); + + TSS_RESULT TCSP_PhysicalEnable_Internal(TCS_CONTEXT_HANDLE hContext /* in */ + ); + + TSS_RESULT TCSP_PhysicalSetDeactivated_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_BOOL state /* in */ + ); + + TSS_RESULT TCSP_SetTempDeactivated_Internal(TCS_CONTEXT_HANDLE hContext /* in */ + ); + + TSS_RESULT TCSP_SetTempDeactivated2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * operatorAuth /* in, out */ + ); + + TSS_RESULT TCSP_FieldUpgrade_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 dataInSize, /* in */ + BYTE * dataIn, /* in */ + UINT32 * dataOutSize, /* out */ + BYTE ** dataOut, /* out */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_SetRedirection_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + UINT32 c1, /* in */ + UINT32 c2, /* in */ + TPM_AUTH * privAuth /* in, out */ + ); + + TSS_RESULT TCSP_CreateMaintenanceArchive_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_BOOL generateRandom, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 * randomSize, /* out */ + BYTE ** random, /* out */ + UINT32 * archiveSize, /* out */ + BYTE ** archive /* out */ + ); + + TSS_RESULT TCSP_LoadMaintenanceArchive_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 dataInSize, /* in */ + BYTE * dataIn, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 * dataOutSize, /* out */ + BYTE ** dataOut /* out */ + ); + + TSS_RESULT TCSP_KillMaintenanceFeature_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH * ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_LoadManuMaintPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_NONCE antiReplay, /* in */ + UINT32 PubKeySize, /* in */ + BYTE * PubKey, /* in */ + TCPA_DIGEST * checksum /* out */ + ); + + TSS_RESULT TCSP_ReadManuMaintPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_NONCE antiReplay, /* in */ + TCPA_DIGEST * checksum /* out */ + ); + TSS_RESULT TCSP_Reset_Internal(TCS_CONTEXT_HANDLE hContext + ); + TSS_RESULT TCSP_DaaJoin_internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_HANDLE handle, /* in */ + BYTE stage, /* in */ + UINT32 inputSize0, /* in */ + BYTE *inputData0, /* in */ + UINT32 inputSize1, /* in */ + BYTE *inputData1, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 *outputSize, /* out */ + BYTE **outputData /* out */ + ); + + TSS_RESULT TCSP_DaaSign_internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_HANDLE handle, /* in */ + BYTE stage, /* in */ + UINT32 inputSize0, /* in */ + BYTE *inputData0, /* in */ + UINT32 inputSize1, /* in */ + BYTE *inputData1, /* in */ + TPM_AUTH * ownerAuth, /* in, out */ + UINT32 *outputSize, /* out */ + BYTE **outputData /* out */ + ); + + + TSS_RESULT TCSP_ReadCounter_Internal(TCS_CONTEXT_HANDLE hContext, + TSS_COUNTER_ID idCounter, + TPM_COUNTER_VALUE* counterValue + ); + + TSS_RESULT TCSP_CreateCounter_Internal(TCS_CONTEXT_HANDLE hContext, + UINT32 LabelSize, + BYTE* pLabel, + TPM_ENCAUTH CounterAuth, + TPM_AUTH* pOwnerAuth, + TSS_COUNTER_ID* idCounter, + TPM_COUNTER_VALUE* counterValue + ); + + TSS_RESULT TCSP_IncrementCounter_Internal(TCS_CONTEXT_HANDLE hContext, + TSS_COUNTER_ID idCounter, + TPM_AUTH* pCounterAuth, + TPM_COUNTER_VALUE* counterValue + ); + + TSS_RESULT TCSP_ReleaseCounter_Internal(TCS_CONTEXT_HANDLE hContext, + TSS_COUNTER_ID idCounter, + TPM_AUTH* pCounterAuth + ); + + TSS_RESULT TCSP_ReleaseCounterOwner_Internal(TCS_CONTEXT_HANDLE hContext, + TSS_COUNTER_ID idCounter, + TPM_AUTH* pOwnerAuth + ); + TSS_RESULT TCSP_ReadCurrentTicks_Internal(TCS_CONTEXT_HANDLE hContext, + UINT32* pulCurrentTime, + BYTE** prgbCurrentTime + ); + TSS_RESULT TCSP_TickStampBlob_Internal(TCS_CONTEXT_HANDLE hContext, + TCS_KEY_HANDLE hKey, + TPM_NONCE* antiReplay, + TPM_DIGEST* digestToStamp, + TPM_AUTH* privAuth, + UINT32* pulSignatureLength, + BYTE** prgbSignature, + UINT32* pulTickCountLength, + BYTE** prgbTickCount + ); + TSS_RESULT TCSP_EstablishTransport_Internal(TCS_CONTEXT_HANDLE hContext, + UINT32 ulTransControlFlags, + TCS_KEY_HANDLE hEncKey, + UINT32 ulTransSessionInfoSize, + BYTE* rgbTransSessionInfo, + UINT32 ulSecretSize, + BYTE* rgbSecret, + TPM_AUTH* pEncKeyAuth, + TPM_MODIFIER_INDICATOR* pbLocality, + TCS_HANDLE* hTransSession, + UINT32* ulCurrentTicksSize, + BYTE** prgbCurrentTicks, + TPM_NONCE* pTransNonce + ); + + TSS_RESULT TCSP_ExecuteTransport_Internal(TCS_CONTEXT_HANDLE hContext, + TPM_COMMAND_CODE unWrappedCommandOrdinal, + UINT32 ulWrappedCmdParamInSize, + BYTE* rgbWrappedCmdParamIn, + UINT32* pulHandleListSize, + TCS_HANDLE** rghHandles, + TPM_AUTH* pWrappedCmdAuth1, + TPM_AUTH* pWrappedCmdAuth2, + TPM_AUTH* pTransAuth, + UINT64* punCurrentTicks, + TPM_MODIFIER_INDICATOR* pbLocality, + TPM_RESULT* pulWrappedCmdReturnCode, + UINT32* ulWrappedCmdParamOutSize, + BYTE** rgbWrappedCmdParamOut + ); + TSS_RESULT TCSP_ReleaseTransportSigned_Internal(TCS_CONTEXT_HANDLE hContext, + TCS_KEY_HANDLE hSignatureKey, + TPM_NONCE* AntiReplayNonce, + TPM_AUTH* pKeyAuth, + TPM_AUTH* pTransAuth, + TPM_MODIFIER_INDICATOR* pbLocality, + UINT32* pulCurrentTicksSize, + BYTE** prgbCurrentTicks, + UINT32* pulSignatureSize, + BYTE** prgbSignature + ); + + TSS_RESULT TCSP_NV_DefineOrReleaseSpace_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 cPubInfoSize, /* in */ + BYTE* pPubInfo, /* in */ + TPM_ENCAUTH encAuth, /* in */ + TPM_AUTH* pAuth /* in, out */ + ); + + TSS_RESULT TCSP_NV_WriteValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_NV_INDEX hNVStore, /* in */ + UINT32 offset, /* in */ + UINT32 ulDataLength, /* in */ + BYTE* rgbDataToWrite, /* in */ + TPM_AUTH* privAuth /* in, out */ + ); + + TSS_RESULT TCSP_NV_WriteValueAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_NV_INDEX hNVStore, /* in */ + UINT32 offset, /* in */ + UINT32 ulDataLength, /* in */ + BYTE* rgbDataToWrite, /* in */ + TPM_AUTH* NVAuth /* in, out */ + ); + + TSS_RESULT TCSP_NV_ReadValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_NV_INDEX hNVStore, /* in */ + UINT32 offset, /* in */ + UINT32* pulDataLength, /* in, out */ + TPM_AUTH* privAuth, /* in, out */ + BYTE** rgbDataRead /* out */ + ); + + TSS_RESULT TCSP_NV_ReadValueAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_NV_INDEX hNVStore, /* in */ + UINT32 offset, /* in */ + UINT32* pulDataLength, /* in, out */ + TPM_AUTH* NVAuth, /* in, out */ + BYTE** rgbDataRead /* out */ + ); + + TSS_RESULT TCSP_SetOrdinalAuditStatus_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_AUTH* ownerAuth, /* in, out */ + UINT32 ulOrdinal, /* in */ + TSS_BOOL bAuditState /* in */ + ); + + TSS_RESULT TCSP_GetAuditDigest_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 startOrdinal, /* in */ + TPM_DIGEST* auditDigest, /* out */ + UINT32* counterValueSize, /* out */ + BYTE** counterValue, /* out */ + TSS_BOOL* more, /* out */ + UINT32* ordSize, /* out */ + UINT32** ordList /* out */ + ); + + TSS_RESULT TCSP_GetAuditDigestSigned_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE keyHandle, /* in */ + TSS_BOOL closeAudit, /* in */ + TPM_NONCE antiReplay, /* in */ + TPM_AUTH* privAuth, /* in, out */ + UINT32* counterValueSize, /* out */ + BYTE** counterValue, /* out */ + TPM_DIGEST* auditDigest, /* out */ + TPM_DIGEST* ordinalDigest, /* out */ + UINT32* sigSize, /* out */ + BYTE** sig /* out */ + ); + + TSS_RESULT TCSP_SetOperatorAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCPA_SECRET* operatorAuth /* in */ + ); + + TSS_RESULT TCSP_OwnerReadInternalPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hKey, /* in */ + TPM_AUTH* pOwnerAuth, /*in, out*/ + UINT32* punPubKeySize, /* out */ + BYTE** ppbPubKeyData /* out */ + ); + + TSS_RESULT TCSP_Delegate_Manage_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_FAMILY_ID familyID, /* in */ + TPM_FAMILY_OPERATION opFlag, /* in */ + UINT32 opDataSize, /* in */ + BYTE* opData, /* in */ + TPM_AUTH* ownerAuth, /* in, out */ + UINT32* retDataSize, /* out */ + BYTE** retData /* out */ + ); + + TSS_RESULT TCSP_Delegate_CreateKeyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hKey, /* in */ + UINT32 publicInfoSize, /* in */ + BYTE* publicInfo, /* in */ + TPM_ENCAUTH* encDelAuth, /* in */ + TPM_AUTH* keyAuth, /* in, out */ + UINT32* blobSize, /* out */ + BYTE** blob /* out */ + ); + + TSS_RESULT TCSP_Delegate_CreateOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_BOOL increment, /* in */ + UINT32 publicInfoSize, /* in */ + BYTE* publicInfo, /* in */ + TPM_ENCAUTH* encDelAuth, /* in */ + TPM_AUTH* ownerAuth, /* in, out */ + UINT32* blobSize, /* out */ + BYTE** blob /* out */ + ); + + TSS_RESULT TCSP_Delegate_LoadOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_DELEGATE_INDEX index, /* in */ + UINT32 blobSize, /* in */ + BYTE* blob, /* in */ + TPM_AUTH* ownerAuth /* in, out */ + ); + + TSS_RESULT TCSP_Delegate_ReadTable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32* pulFamilyTableSize, /* out */ + BYTE** ppFamilyTable, /* out */ + UINT32* pulDelegateTableSize, /* out */ + BYTE** ppDelegateTable /* out */ + ); + + TSS_RESULT TCSP_Delegate_UpdateVerificationCount_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 inputSize, /* in */ + BYTE* input, /* in */ + TPM_AUTH* ownerAuth, /* in, out */ + UINT32* outputSize, /* out */ + BYTE** output /* out */ + ); + + TSS_RESULT TCSP_Delegate_VerifyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 delegateSize, /* in */ + BYTE* delegate /* in */ + ); + + TSS_RESULT TCSP_CMK_SetRestrictions_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TSS_CMK_DELEGATE Restriction, /* in */ + TPM_AUTH* ownerAuth /* in */ + ); + + TSS_RESULT TCSP_CMK_ApproveMA_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_DIGEST migAuthorityDigest, /* in */ + TPM_AUTH* ownerAuth, /* in, out */ + TPM_HMAC* HmacMigAuthDigest /* out */ + ); + + TSS_RESULT TCSP_CMK_CreateKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hWrappingKey, /* in */ + TPM_ENCAUTH KeyUsageAuth, /* in */ + TPM_HMAC MigAuthApproval, /* in */ + TPM_DIGEST MigAuthorityDigest, /* in */ + UINT32* keyDataSize, /* in, out */ + BYTE** prgbKeyData, /* in, out */ + TPM_AUTH* pAuth /* in, out */ + ); + + TSS_RESULT TCSP_CMK_CreateTicket_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + UINT32 PublicVerifyKeySize, /* in */ + BYTE* PublicVerifyKey, /* in */ + TPM_DIGEST SignedData, /* in */ + UINT32 SigValueSize, /* in */ + BYTE* SigValue, /* in */ + TPM_AUTH* pOwnerAuth, /* in, out */ + TPM_HMAC* SigTicket /* out */ + ); + + TSS_RESULT TCSP_CMK_CreateBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE parentHandle, /* in */ + TSS_MIGRATE_SCHEME migrationType, /* in */ + UINT32 MigrationKeyAuthSize, /* in */ + BYTE* MigrationKeyAuth, /* in */ + TPM_DIGEST PubSourceKeyDigest, /* in */ + UINT32 msaListSize, /* in */ + BYTE* msaList, /* in */ + UINT32 restrictTicketSize, /* in */ + BYTE* restrictTicket, /* in */ + UINT32 sigTicketSize, /* in */ + BYTE* sigTicket, /* in */ + UINT32 encDataSize, /* in */ + BYTE* encData, /* in */ + TPM_AUTH* parentAuth, /* in, out */ + UINT32* randomSize, /* out */ + BYTE** random, /* out */ + UINT32* outDataSize, /* out */ + BYTE** outData /* out */ + ); + + TSS_RESULT TCSP_CMK_ConvertMigration_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE parentHandle, /* in */ + TPM_CMK_AUTH restrictTicket, /* in */ + TPM_HMAC sigTicket, /* in */ + UINT32 keyDataSize, /* in */ + BYTE* prgbKeyData, /* in */ + UINT32 msaListSize, /* in */ + BYTE* msaList, /* in */ + UINT32 randomSize, /* in */ + BYTE* random, /* in */ + TPM_AUTH* parentAuth, /* in, out */ + UINT32* outDataSize, /* out */ + BYTE** outData /* out */ + ); + TSS_RESULT TCSP_FlushSpecific_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_HANDLE hResHandle, /* in */ + TPM_RESOURCE_TYPE resourceType /* in */ + ); + + TSS_RESULT TCSP_KeyControlOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TCS_KEY_HANDLE hKey, /* in */ + UINT32 ulPubKeyLength, /* in */ + BYTE* rgbPubKey, /* in */ + UINT32 attribName, /* in */ + TSS_BOOL attribValue, /* in */ + TPM_AUTH* pOwnerAuth, /* in,out */ + TSS_UUID* pUuidData /* out */ + ); + + TSS_RESULT TCSP_DSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ + TPM_ENTITY_TYPE entityType, /* in */ + TCS_KEY_HANDLE hKey, /* in */ + TPM_NONCE *nonceOddDSAP, /* in */ + UINT32 entityValueSize, /* in */ + BYTE* entityValue, /* in */ + TCS_AUTHHANDLE *authHandle, /* out */ + TPM_NONCE *nonceEven, /* out */ + TPM_NONCE *nonceEvenDSAP /* out */ + ); + +#endif /*_TCS_UTILS_H_ */ diff --git a/src/include/tcsd.h b/src/include/tcsd.h new file mode 100644 index 0000000..e5a8852 --- /dev/null +++ b/src/include/tcsd.h @@ -0,0 +1,163 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + + +#ifndef _TCSD_H_ +#define _TCSD_H_ + +#include <signal.h> + +#include "rpc_tcstp.h" + +/* Platform Class structures */ +struct platform_class +{ + unsigned int simpleID; /* Platform specific spec identifier */ + unsigned int classURISize; /* Size of the classURI */ + char *classURI; /* Specific spec. Can be NULL */ + struct platform_class *next; +}; + +/* config structures */ +struct tcsd_config +{ + int port; /* port the TCSD will listen on */ + unsigned int num_threads; /* max number of threads the TCSD allows simultaneously */ + char *system_ps_dir; /* the directory the system PS file sits in */ + char *system_ps_file; /* the name of the system PS file */ + char *firmware_log_file;/* the name of the firmware PCR event file */ + char *kernel_log_file; /* the name of the kernel PCR event file */ + unsigned int kernel_pcrs; /* bitmask of PCRs the kernel controls */ + unsigned int firmware_pcrs; /* bitmask of PCRs the firmware controls */ + char *platform_cred; /* location of the platform credential */ + char *conformance_cred; /* location of the conformance credential */ + char *endorsement_cred; /* location of the endorsement credential */ + int remote_ops[TCSD_MAX_NUM_ORDS]; /* array of ordinals executable by remote hosts */ + unsigned int unset; /* bitmask of options which are still unset */ + int exclusive_transport; /* allow applications to open exclusive transport sessions with + the TPM and enforce their exclusivity (possible DOS issue) */ + struct platform_class *host_platform_class; /* Host platform class of this TCS System */ + struct platform_class *all_platform_classes; /* List of platform classes + of this TCS System */ +}; + +#define TCSD_DEFAULT_CONFIG_FILE ETC_PREFIX "/tcsd.conf" +extern char *tcsd_config_file; + +#define TSS_USER_NAME "tss" +#define TSS_GROUP_NAME "tss" + +#define TCSD_DEFAULT_MAX_THREADS 10 +#define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX "/lib/tpm/system.data" +#define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX "/lib/tpm" +#define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/sys/kernel/security/tpm0/binary_bios_measurements" +#define TCSD_DEFAULT_KERNEL_LOG_FILE "/sys/kernel/security/ima/binary_runtime_measurements" +#define TCSD_DEFAULT_FIRMWARE_PCRS 0x00000000 +#define TCSD_DEFAULT_KERNEL_PCRS 0x00000000 + +/* This will change when a system with more than 32 PCR's exists */ +#define TCSD_MAX_PCRS 32 + +/* this is the 2nd param passed to the listen() system call */ +#define TCSD_MAX_SOCKETS_QUEUED 50 +#define TCSD_TXBUF_SIZE 1024 + +/* The Available Tcs Platform Classes */ +struct tcg_platform_spec { + char *name; + TPM_PLATFORM_SPECIFIC specNo; + char *specURI; +}; + +/* The Specific URI's for the platforms specs on TCG website */ +#define TPM_PS_PC_11_URI "https://www.trustedcomputinggroup.org/groups/pc_client/TCG_PCSpecificSpecification_v1_1.pdf" +#define TPM_PS_PC_12_URI "https://www.trustedcomputinggroup.org/specs/PCClient/TCG_PCClientImplementationforBIOS_1-20_1-00.pdf" +#define TPM_PS_PDA_12_URI "https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf" +#define TPM_PS_Server_12_URI "https://www.trustedcomputinggroup.org/specs/Server/TCG_Generic_Server_Specification_v1_0_rev0_8.pdf" +#define TPM_PS_Mobile_12_URI "https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf" + +/* for detecting whether an option has been set */ +#define TCSD_OPTION_PORT 0x0001 +#define TCSD_OPTION_MAX_THREADS 0x0002 +#define TCSD_OPTION_FIRMWARE_PCRS 0x0004 +#define TCSD_OPTION_KERNEL_PCRS 0x0008 +#define TCSD_OPTION_SYSTEM_PSFILE 0x0010 +#define TCSD_OPTION_KERNEL_LOGFILE 0x0020 +#define TCSD_OPTION_FIRMWARE_LOGFILE 0x0040 +#define TCSD_OPTION_PLATFORM_CRED 0x0080 +#define TCSD_OPTION_CONFORMANCE_CRED 0x0100 +#define TCSD_OPTION_ENDORSEMENT_CRED 0x0200 +#define TCSD_OPTION_REMOTE_OPS 0x0400 +#define TCSD_OPTION_EXCLUSIVE_TRANSPORT 0x0800 +#define TCSD_OPTION_HOST_PLATFORM_CLASS 0x1000 + +#define TSS_TCP_RPC_MAX_DATA_LEN 1048576 +#define TSS_TCP_RPC_BAD_PACKET_TYPE 0x10000000 + +enum tcsd_config_option_code { + opt_port = 1, + opt_max_threads, + opt_system_ps_file, + opt_firmware_log, + opt_kernel_log, + opt_firmware_pcrs, + opt_kernel_pcrs, + opt_platform_cred, + opt_conformance_cred, + opt_endorsement_cred, + opt_remote_ops, + opt_exclusive_transport, + opt_host_platform_class, + opt_all_platform_classes +}; + +struct tcsd_config_options { + char *name; + enum tcsd_config_option_code option; +}; + +extern struct tcsd_config tcsd_options; + +TSS_RESULT conf_file_init(struct tcsd_config *); +void conf_file_final(struct tcsd_config *); +TSS_RESULT ps_dirs_init(); +void tcsd_signal_handler(int); + +/* threading structures */ +struct tcsd_thread_data +{ + int sock; + UINT32 context; + THREAD_TYPE *thread_id; + char *hostname; + struct tcsd_comm_data comm; +}; + +struct tcsd_thread_mgr +{ + MUTEX_DECLARE(lock); + struct tcsd_thread_data *thread_data; + + int shutdown; + UINT32 num_active_threads; + UINT32 max_threads; +}; + +TSS_RESULT tcsd_threads_init(); +TSS_RESULT tcsd_threads_final(); +TSS_RESULT tcsd_thread_create(int, char *); +void *tcsd_thread_run(void *); +void thread_signal_init(); + +/* signal handling */ +struct sigaction tcsd_sa_int; +struct sigaction tcsd_sa_chld; + +#endif diff --git a/src/include/tcsd_ops.h b/src/include/tcsd_ops.h new file mode 100644 index 0000000..82df484 --- /dev/null +++ b/src/include/tcsd_ops.h @@ -0,0 +1,164 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2005, 2007 + * + */ + + +#ifndef _TCSD_COMMANDS_H_ +#define _TCSD_COMMANDS_H_ + +#include "tcsd_wrap.h" + +#define OPENCONTEXT TCSD_ORD_OPENCONTEXT +#define CLOSECONTEXT TCSD_ORD_CLOSECONTEXT +#define FREEMEMORY TCSD_ORD_FREEMEMORY +#define TCSGETCAPABILITY TCSD_ORD_TCSGETCAPABILITY +#define REGISTERKEY TCSD_ORD_REGISTERKEY +#define UNREGISTERKEY TCSD_ORD_UNREGISTERKEY +#define GETREGISTEREDKEYBLOB TCSD_ORD_GETREGISTEREDKEYBLOB +#define GETREGISTEREDKEYBYPUBLICINFO TCSD_ORD_GETREGISTEREDKEYBYPUBLICINFO +#define GETPUBKEY TCSD_ORD_GETPUBKEY +#define LOADKEYBYBLOB TCSD_ORD_LOADKEYBYBLOB +#define LOADKEYBYUUID TCSD_ORD_LOADKEYBYUUID +#define CREATEWRAPKEY TCSD_ORD_CREATEWRAPKEY +#define GETPCREVENTLOG TCSD_ORD_GETPCREVENTLOG +#define OIAP TCSD_ORD_OIAP +#define OSAP TCSD_ORD_OSAP +#define TERMINATEHANDLE TCSD_ORD_TERMINATEHANDLE +#define PCRREAD TCSD_ORD_PCRREAD +#define PCRRESET TCSD_ORD_PCRRESET +#define QUOTE TCSD_ORD_QUOTE +#define SEAL TCSD_ORD_SEAL +#define UNSEAL TCSD_ORD_UNSEAL +#define UNBIND TCSD_ORD_UNBIND +#define CERTIFYKEY TCSD_ORD_CERTIFYKEY +#define SIGN TCSD_ORD_SIGN +#define GETRANDOM TCSD_ORD_GETRANDOM +#define STIRRANDOM TCSD_ORD_STIRRANDOM +#define GETCAPABILITY TCSD_ORD_GETCAPABILITY +#define READPUBEK TCSD_ORD_READPUBEK +#define SELFTESTFULL TCSD_ORD_SELFTESTFULL +#define CERTIFYSELFTEST TCSD_ORD_CERTIFYSELFTEST +#define CONTINUESELFTEST TCSD_ORD_CONTINUESELFTEST +#define GETTESTRESULT TCSD_ORD_GETTESTRESULT +/* below this line are ordinals that probably shouldn't be allowed for non-localhosts */ +#if 0 +#define OWNERREADPUBEK TCSD_ORD_OWNERREADPUBEK +#define GETPCREVENT TCSD_ORD_GETPCREVENT +#define GETPCREVENTBYPCR TCSD_ORD_GETPCREVENTBYPCR +#define GETCAPABILITYSIGNED TCSD_ORD_GETCAPABILITYSIGNED +#define ENUMREGISTEREDKEYS TCSD_ORD_ENUMREGISTEREDKEYS +#define ENUMREGISTEREDKEYS2 TCSD_ORD_ENUMREGISTEREDKEYS2 +#define GETREGISTEREDKEY TCSD_ORD_GETREGISTEREDKEY +#define EXTEND TCSD_ORD_EXTEND +#define LOGPCREVENT TCSD_ORD_LOGPCREVENT +#define EVICTKEY TCSD_ORD_EVICTKEY +#define DISABLEPUBEKREAD TCSD_ORD_DISABLEPUBEKREAD +#define SETOWNERINSTALL TCSD_ORD_SETOWNERINSTALL +#define MAKEIDENTITY TCSD_ORD_MAKEIDENTITY +#define MAKEIDENTITY2 TCSD_ORD_MAKEIDENTITY2 +#define TAKEOWNERSHIP TCSD_ORD_TAKEOWNERSHIP +#define CREATEENDORSEMENTKEYPAIR TCSD_ORD_CREATEENDORSEMENTKEYPAIR +#define GETCAPABILITYOWNER TCSD_ORD_GETCAPABILITYOWNER +#define ACTIVATETPMIDENTITY TCSD_ORD_ACTIVATETPMIDENTITY +#define AUTHORIZEMIGRATIONKEY TCSD_ORD_AUTHORIZEMIGRATIONKEY +#define CHANGEAUTH TCSD_ORD_CHANGEAUTH +#define CHANGEAUTHOWNER TCSD_ORD_CHANGEAUTHOWNER +#define CHANGEAUTHASYMSTART TCSD_ORD_CHANGEAUTHASYMSTART +#define CHANGEAUTHASYMFINISH TCSD_ORD_CHANGEAUTHASYMFINISH +#define DIRREAD TCSD_ORD_DIRREAD +#define DIRWRITEAUTH TCSD_ORD_DIRWRITEAUTH +#define CREATEMIGRATIONBLOB TCSD_ORD_CREATEMIGRATIONBLOB +#define CONVERTMIGRATIONBLOB TCSD_ORD_CONVERTMIGRATIONBLOB +#define OWNERSETDISABLE TCSD_ORD_OWNERSETDISABLE +#define OWNERCLEAR TCSD_ORD_OWNERCLEAR +#define DISABLEOWNERCLEAR TCSD_ORD_DISABLEOWNERCLEAR +#define FORCECLEAR TCSD_ORD_FORCECLEAR +#define DISABLEFORCECLEAR TCSD_ORD_DISABLEFORCECLEAR +#define PHYSICALDISABLE TCSD_ORD_PHYSICALDISABLE +#define PHYSICALENABLE TCSD_ORD_PHYSICALENABLE +#define PHYSICALSETDEACTIVATED TCSD_ORD_PHYSICALSETDEACTIVATED +#define SETTEMPDEACTIVATED TCSD_ORD_SETTEMPDEACTIVATED +#define PHYSICALPRESENCE TCSD_ORD_PHYSICALPRESENCE +#define FIELDUPGRADE TCSD_ORD_FIELDUPGRADE +#define SETRIDIRECTION TCSD_ORD_SETRIDIRECTION +#define CREATEMAINTENANCEARCHIVE TCSD_ORD_CREATEMAINTENANCEARCHIVE +#define LOADMAINTENANCEARCHIVE TCSD_ORD_LOADMAINTENANCEARCHIVE +#define KILLMAINTENANCEFEATURE TCSD_ORD_KILLMAINTENANCEFEATURE +#define LOADMANUFECTURERMAINTENANCEPUB TCSD_ORD_LOADMANUFECTURERMAINTENANCEPUB +#define READMANUFECTURERMAINTENANCEPUB TCSD_ORD_READMANUFECTURERMAINTENANCEPUB +#define SETTEMPDEACTIVATED2 TCSD_ORD_SETTEMPDEACTIVATED2 +#endif + +/* TCSD ordinal sub-command sets */ +#define SUBOP_CONTEXT OPENCONTEXT, CLOSECONTEXT +#define SUBOP_RANDOM STIRRANDOM, GETRANDOM +#define SUBOP_AUTHSESS OIAP, OSAP, TERMINATEHANDLE +#define SUBOP_LOADKEYBYUUID LOADKEYBYUUID, GETREGISTEREDKEYBLOB, FREEMEMORY +#define SUBOP_SELFTEST SELFTESTFULL, CERTIFYSELFTEST, CONTINUESELFTEST, GETTESTRESULT + +/* Top level TCSD operations which can be enabled to be used by remote hosts. Each of these + * should have a corresponding on/off switch in the tcsd.conf file + */ +#define TCSD_OP_SEAL SEAL, SUBOP_LOADKEYBYUUID, SUBOP_RANDOM, SUBOP_AUTHSESS, SUBOP_CONTEXT, 0 +#define TCSD_OP_UNSEAL UNSEAL, SUBOP_LOADKEYBYUUID, SUBOP_RANDOM, SUBOP_AUTHSESS, SUBOP_CONTEXT, 0 +#define TCSD_OP_GETREGISTEREDKEYBYPUBLICINFO GETREGISTEREDKEYBYPUBLICINFO, SUBOP_CONTEXT, 0 +#define TCSD_OP_GETPUBKEY GETPUBKEY, SUBOP_RANDOM, SUBOP_AUTHSESS, SUBOP_CONTEXT, 0 +#define TCSD_OP_LOADKEY LOADKEYBYBLOB, SUBOP_LOADKEYBYUUID, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0 +#define TCSD_OP_REGISTERKEY REGISTERKEY, SUBOP_CONTEXT, SUBOP_LOADKEYBYUUID, LOADKEYBYBLOB, 0 +#define TCSD_OP_UNREGISTERKEY UNREGISTERKEY, SUBOP_CONTEXT, 0 +#define TCSD_OP_CREATEKEY CREATEWRAPKEY, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_LOADKEYBYUUID, SUBOP_RANDOM, 0 +#define TCSD_OP_SIGN SIGN, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, FREEMEMORY, 0 +#define TCSD_OP_RANDOM SUBOP_RANDOM, SUBOP_CONTEXT, FREEMEMORY, 0 +#define TCSD_OP_GETCAPABILITY GETCAPABILITY, TCSGETCAPABILITY, SUBOP_CONTEXT, FREEMEMORY, 0 +#define TCSD_OP_UNBIND UNBIND, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0 +#define TCSD_OP_QUOTE QUOTE, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0 +#define TCSD_OP_READPUBEK READPUBEK, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0 +#define TCSD_OP_SELFTEST SUBOP_SELFTEST, SUBOP_CONTEXT, FREEMEMORY, 0 + +struct tcsd_op { + char *name; + int op[]; +}; + +struct tcsd_op tcsd_op_seal = {"seal", {TCSD_OP_SEAL}}; +struct tcsd_op tcsd_op_unseal = {"unseal", {TCSD_OP_UNSEAL}}; +struct tcsd_op tcsd_op_registerkey = {"registerkey", {TCSD_OP_REGISTERKEY}}; +struct tcsd_op tcsd_op_unregisterkey = {"unregisterkey", {TCSD_OP_UNREGISTERKEY}}; +struct tcsd_op tcsd_op_getregisteredkeybypublicinfo = {"getregisteredkeybypublicinfo", {TCSD_OP_GETREGISTEREDKEYBYPUBLICINFO}}; +struct tcsd_op tcsd_op_getpubkey = {"getpubkey", {TCSD_OP_GETPUBKEY}}; +struct tcsd_op tcsd_op_loadkey = {"loadkey", {TCSD_OP_LOADKEY}}; +struct tcsd_op tcsd_op_createkey = {"createkey", {TCSD_OP_CREATEKEY}}; +struct tcsd_op tcsd_op_sign = {"sign", {TCSD_OP_SIGN}}; +struct tcsd_op tcsd_op_random = {"random", {TCSD_OP_RANDOM}}; +struct tcsd_op tcsd_op_getcapability = {"getcapability", {TCSD_OP_GETCAPABILITY}}; +struct tcsd_op tcsd_op_unbind = {"unbind", {TCSD_OP_UNBIND}}; +struct tcsd_op tcsd_op_quote = {"quote", {TCSD_OP_QUOTE}}; +struct tcsd_op tcsd_op_readpubek = {"readpubek", {TCSD_OP_READPUBEK}}; +struct tcsd_op tcsd_op_selftest = {"selftest", {TCSD_OP_SELFTEST}}; + +struct tcsd_op *tcsd_ops[] = { + &tcsd_op_seal, + &tcsd_op_unseal, + &tcsd_op_registerkey, + &tcsd_op_unregisterkey, + &tcsd_op_getregisteredkeybypublicinfo, + &tcsd_op_getpubkey, + &tcsd_op_loadkey, + &tcsd_op_createkey, + &tcsd_op_sign, + &tcsd_op_random, + &tcsd_op_getcapability, + &tcsd_op_unbind, + &tcsd_op_quote, + &tcsd_op_readpubek, + &tcsd_op_selftest, + NULL +}; + +#endif diff --git a/src/include/tcsd_wrap.h b/src/include/tcsd_wrap.h new file mode 100644 index 0000000..b320d74 --- /dev/null +++ b/src/include/tcsd_wrap.h @@ -0,0 +1,194 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _TCSD_WRAP_H_ +#define _TCSD_WRAP_H_ + +#include "tcs_tsp.h" + +enum TCSP_PACKET_TYPE { + TCSD_PACKET_TYPE_BYTE, + TCSD_PACKET_TYPE_BOOL, + TCSD_PACKET_TYPE_UINT16, + TCSD_PACKET_TYPE_UINT32, + TCSD_PACKET_TYPE_PBYTE, + TCSD_PACKET_TYPE_KEY, + TCSD_PACKET_TYPE_NONCE, + TCSD_PACKET_TYPE_AUTH, + TCSD_PACKET_TYPE_DIGEST, + TCSD_PACKET_TYPE_UUID, + TCSD_PACKET_TYPE_ENCAUTH, + TCSD_PACKET_TYPE_VERSION, + /*2004-05-12 Seiji Munetoh added */ + TCSD_PACKET_TYPE_KM_KEYINFO, + TCSD_PACKET_TYPE_KM_KEYINFO2, + TCSD_PACKET_TYPE_LOADKEY_INFO, + TCSD_PACKET_TYPE_PCR_EVENT, + TCSD_PACKET_TYPE_COUNTER_VALUE, + TCSD_PACKET_TYPE_UINT64, + TCSD_PACKET_TYPE_SECRET +}; + +enum TCSD_ORD { + TCSD_ORD_ERROR = 0, + /* 4.5 TCS Contest Manager */ + TCSD_ORD_OPENCONTEXT = 1, + TCSD_ORD_CLOSECONTEXT = 2, + TCSD_ORD_FREEMEMORY = 3, + TCSD_ORD_TCSGETCAPABILITY = 4, /* Tcsi_GatCapability */ + /* 4.6 TCS Key Credential Manager */ + TCSD_ORD_REGISTERKEY = 5, + TCSD_ORD_UNREGISTERKEY = 6, + TCSD_ORD_ENUMREGISTEREDKEYS = 7, + TCSD_ORD_GETREGISTEREDKEY = 8, + TCSD_ORD_GETREGISTEREDKEYBLOB = 9, + TCSD_ORD_GETREGISTEREDKEYBYPUBLICINFO = 10, + TCSD_ORD_LOADKEYBYBLOB = 11, + TCSD_ORD_LOADKEYBYUUID = 12, + TCSD_ORD_EVICTKEY = 13, + TCSD_ORD_CREATEWRAPKEY = 14, + TCSD_ORD_GETPUBKEY = 15, + TCSD_ORD_MAKEIDENTITY = 16, + /* 4.7 TCS Event Manager */ + TCSD_ORD_LOGPCREVENT = 17, + TCSD_ORD_GETPCREVENT = 18, + TCSD_ORD_GETPCREVENTBYPCR = 19, + TCSD_ORD_GETPCREVENTLOG = 20, + /* 4.8 TCS Audit Manager */ + /* 4.9 TCS TPM Parametor Block Generator */ + TCSD_ORD_SETOWNERINSTALL = 21, + TCSD_ORD_TAKEOWNERSHIP = 22, + TCSD_ORD_OIAP = 23, + TCSD_ORD_OSAP = 24, + TCSD_ORD_CHANGEAUTH = 25, + TCSD_ORD_CHANGEAUTHOWNER = 26, + TCSD_ORD_CHANGEAUTHASYMSTART = 27, + TCSD_ORD_CHANGEAUTHASYMFINISH = 28, + TCSD_ORD_TERMINATEHANDLE = 29, + TCSD_ORD_ACTIVATETPMIDENTITY = 30, + + TCSD_ORD_EXTEND = 31, + TCSD_ORD_PCRREAD= 32, + TCSD_ORD_QUOTE = 33, + TCSD_ORD_DIRWRITEAUTH = 34, + TCSD_ORD_DIRREAD = 35, + TCSD_ORD_SEAL = 36, + TCSD_ORD_UNSEAL = 37, + TCSD_ORD_UNBIND = 38, + TCSD_ORD_CREATEMIGRATIONBLOB = 39, + TCSD_ORD_CONVERTMIGRATIONBLOB = 40, + TCSD_ORD_AUTHORIZEMIGRATIONKEY = 41, + + TCSD_ORD_CERTIFYKEY = 42, + TCSD_ORD_SIGN = 43, + TCSD_ORD_GETRANDOM =44, + TCSD_ORD_STIRRANDOM =45, + TCSD_ORD_GETCAPABILITY =46, /* Tcsip_GatCapability */ + TCSD_ORD_GETCAPABILITYSIGNED = 47, + TCSD_ORD_GETCAPABILITYOWNER = 48, + + TCSD_ORD_CREATEENDORSEMENTKEYPAIR = 49, + TCSD_ORD_READPUBEK = 50, + TCSD_ORD_DISABLEPUBEKREAD = 51, + TCSD_ORD_OWNERREADPUBEK =52, + + TCSD_ORD_SELFTESTFULL = 53, + TCSD_ORD_CERTIFYSELFTEST = 54, + TCSD_ORD_CONTINUESELFTEST = 55, + TCSD_ORD_GETTESTRESULT = 56, + TCSD_ORD_OWNERSETDISABLE = 57, + TCSD_ORD_OWNERCLEAR = 58, + TCSD_ORD_DISABLEOWNERCLEAR = 59, + TCSD_ORD_FORCECLEAR = 60, + TCSD_ORD_DISABLEFORCECLEAR = 61, + TCSD_ORD_PHYSICALDISABLE = 62, + TCSD_ORD_PHYSICALENABLE = 63, + TCSD_ORD_PHYSICALSETDEACTIVATED = 64, + TCSD_ORD_SETTEMPDEACTIVATED = 65, + TCSD_ORD_PHYSICALPRESENCE = 66, + TCSD_ORD_FIELDUPGRADE = 67, + TCSD_ORD_SETRIDIRECTION = 68, + + TCSD_ORD_CREATEMAINTENANCEARCHIVE = 69, + TCSD_ORD_LOADMAINTENANCEARCHIVE = 70, + TCSD_ORD_KILLMAINTENANCEFEATURE = 71, + TCSD_ORD_LOADMANUFACTURERMAINTENANCEPUB = 72, + TCSD_ORD_READMANUFACTURERMAINTENANCEPUB = 73, + /* DAA */ + TCSD_ORD_DAAJOIN = 74, + TCSD_ORD_DAASIGN = 75, + TCSD_ORD_SETCAPABILITY = 76, + TCSD_ORD_RESETLOCKVALUE = 77, + + TCSD_ORD_PCRRESET = 78, + TCSD_ORD_READCOUNTER = 79, + TCSD_ORD_CREATECOUNTER = 80, + TCSD_ORD_INCREMENTCOUNTER = 81, + TCSD_ORD_RELEASECOUNTER = 82, + TCSD_ORD_RELEASECOUNTEROWNER = 83, + TCSD_ORD_READCURRENTTICKS = 84, + TCSD_ORD_TICKSTAMPBLOB = 85, + TCSD_ORD_GETCREDENTIAL = 86, + /* NV */ + TCSD_ORD_NVDEFINEORRELEASESPACE = 87, + TCSD_ORD_NVWRITEVALUE = 88, + TCSD_ORD_NVWRITEVALUEAUTH = 89, + TCSD_ORD_NVREADVALUE = 90, + TCSD_ORD_NVREADVALUEAUTH = 91, + + TCSD_ORD_ESTABLISHTRANSPORT = 92, + TCSD_ORD_EXECUTETRANSPORT = 93, + TCSD_ORD_RELEASETRANSPORTSIGNED = 94, + /* Audit */ + TCSD_ORD_SETORDINALAUDITSTATUS = 95, + TCSD_ORD_GETAUDITDIGEST = 96, + TCSD_ORD_GETAUDITDIGESTSIGNED = 97, + TCSD_ORD_SEALX = 98, + + TCSD_ORD_SETOPERATORAUTH = 99, + TCSD_ORD_OWNERREADINTERNALPUB = 100, + TCSD_ORD_ENUMREGISTEREDKEYS2 = 101, + TCSD_ORD_SETTEMPDEACTIVATED2 = 102, + + /* Delegation */ + TCSD_ORD_DELEGATE_MANAGE = 103, + TCSD_ORD_DELEGATE_CREATEKEYDELEGATION = 104, + TCSD_ORD_DELEGATE_CREATEOWNERDELEGATION = 105, + TCSD_ORD_DELEGATE_LOADOWNERDELEGATION = 106, + TCSD_ORD_DELEGATE_READTABLE = 107, + TCSD_ORD_DELEGATE_UPDATEVERIFICATIONCOUNT = 108, + TCSD_ORD_DELEGATE_VERIFYDELEGATION = 109, + + TCSD_ORD_CREATEREVOCABLEENDORSEMENTKEYPAIR = 110, + TCSD_ORD_REVOKEENDORSEMENTKEYPAIR = 111, + + TCSD_ORD_MAKEIDENTITY2 = 112, + TCSD_ORD_QUOTE2 = 113, + + /* CMK */ + TCSD_ORD_CMK_SETRESTRICTIONS = 114, + TCSD_ORD_CMK_APPROVEMA = 115, + TCSD_ORD_CMK_CREATEKEY = 116, + TCSD_ORD_CMK_CREATETICKET = 117, + TCSD_ORD_CMK_CREATEBLOB = 118, + TCSD_ORD_CMK_CONVERTMIGRATION = 119, + + TCSD_ORD_FLUSHSPECIFIC = 120, + TCSD_ORD_KEYCONTROLOWNER = 121, + TCSD_ORD_DSAP = 122, + + /* Last */ + TCSD_LAST_ORD = 123 +}; +#define TCSD_MAX_NUM_ORDS TCSD_LAST_ORD + +#include "tcsd.h" + +#endif diff --git a/src/include/tcsem.h b/src/include/tcsem.h new file mode 100644 index 0000000..4b1f215 --- /dev/null +++ b/src/include/tcsem.h @@ -0,0 +1,62 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#ifndef _TCSEM_H_ +#define _TCSEM_H_ + +struct ext_log_source { + int (*open)(void *, FILE **); + TSS_RESULT (*get_entries_by_pcr)(FILE *, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **); + TSS_RESULT (*get_entry)(FILE *, UINT32, UINT32 *, TSS_PCR_EVENT **); + int (*close)(FILE *); +}; + +struct event_wrapper { + TSS_PCR_EVENT event; + struct event_wrapper *next; +}; + +struct event_log { + MUTEX_DECLARE(lock); + struct ext_log_source *firmware_source; + struct ext_log_source *kernel_source; + struct event_wrapper **lists; +}; + +/* include the compiled-in log sources and struct references here */ +#include "imaem.h" +#include "biosem.h" + +#ifdef EVLOG_SOURCE_IMA +#define EVLOG_IMA_SOURCE &ima_source +#else +#define EVLOG_IMA_SOURCE NULL +#endif + +#ifdef EVLOG_SOURCE_BIOS +#define EVLOG_BIOS_SOURCE &bios_source +#else +#define EVLOG_BIOS_SOURCE NULL +#endif + + +TSS_RESULT event_log_init(); +TSS_RESULT event_log_final(); +TSS_RESULT copy_pcr_event(TSS_PCR_EVENT *, TSS_PCR_EVENT *); +TSS_RESULT event_log_add(TSS_PCR_EVENT *, UINT32 *); +TSS_PCR_EVENT *get_pcr_event(UINT32, UINT32); +UINT32 get_num_events(UINT32); +TSS_PCR_EVENT *concat_pcr_events(TSS_PCR_EVENT **, UINT32, TSS_PCR_EVENT *, UINT32); +UINT32 get_pcr_event_size(TSS_PCR_EVENT *); +void free_external_events(UINT32, TSS_PCR_EVENT *); + +extern struct event_log *tcs_event_log; + +#endif diff --git a/src/include/tcslog.h b/src/include/tcslog.h new file mode 100644 index 0000000..36fdce0 --- /dev/null +++ b/src/include/tcslog.h @@ -0,0 +1,96 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + + +#ifndef _TCSLOG_H_ +#define _TCSLOG_H_ + +#include <stdio.h> +#include <syslog.h> + +/* log to syslog -- change your syslog destination here */ +#define TSS_SYSLOG_LVL LOG_LOCAL5 + +#ifndef __FUNCTION__ +#define __FUNCTION__ __func__ +#endif + +#define LogMessage(dest, priority, layer, fmt, ...) \ + do { \ + if (getenv("TCSD_FOREGROUND") != NULL) { \ + fprintf(dest, "%s " fmt "\n", layer, ## __VA_ARGS__); \ + } else { \ + openlog(layer, LOG_NDELAY|LOG_PID, TSS_SYSLOG_LVL); \ + syslog(priority, "TrouSerS " fmt "\n", ## __VA_ARGS__); \ + } \ + } while (0) + +/* Debug logging */ +#ifdef TSS_DEBUG +#define LogDebug(fmt, ...) LogMessage(stdout, LOG_DEBUG, APPID, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__) +#define LogDebugFn(fmt, ...) LogMessage(stdout, LOG_DEBUG, APPID, "%s:%d %s: " fmt, __FILE__, __LINE__, __FUNCTION__, ##__VA_ARGS__) +#define LogBlob(sz,blb) LogBlobData(APPID, sz, blb) +#define LogDebugKey(k) \ + do { \ + if (k.hdr.key12.tag == TPM_TAG_KEY12) \ + LogDebugFn("Tag: %hu", k.hdr.key12.tag); \ + else \ + LogDebugFn("Version: %hhu.%hhu.%hhu.%hhu", \ + k.hdr.key11.ver.major, k.hdr.key11.ver.minor, \ + k.hdr.key11.ver.revMajor, k.hdr.key11.ver.revMinor); \ + LogDebugFn("keyUsage: 0x%hx", k.keyUsage); \ + LogDebugFn("keyFlags: 0x%x", k.keyFlags); \ + LogDebugFn("authDatausage: %hhu", k.authDataUsage); \ + LogDebugFn("pcrInfosize: %u", k.PCRInfoSize); \ + LogDebugFn("encDataSize: %u", k.encSize); \ + } while (0) +#define LogDebugUnrollKey(b) \ + do { \ + TSS_KEY tmpkey; \ + UINT64 offset = 0; \ + if (!UnloadBlob_TSS_KEY(&offset, b, &tmpkey)) { \ + LogDebugKey(tmpkey); \ + destroy_key_refs(&tmpkey); \ + } else { \ + LogDebugFn("*** ERROR UNLOADING DEBUGGING KEY BLOB ***"); \ + } \ + } while (0) + +#define LogError(fmt, ...) LogMessage(stderr, LOG_ERR, APPID, "ERROR: %s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__) +#define LogWarn(fmt, ...) LogMessage(stdout, LOG_WARNING, APPID, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__) +#define LogInfo(fmt, ...) LogMessage(stdout, LOG_INFO, APPID, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__) + +/* Return Value logging */ +TSS_RESULT LogTCSERR(TSS_RESULT, char *, int); +TSS_RESULT LogTDDLERR(TSS_RESULT, char *, int); +void LogTPMERR(TSS_RESULT, char *, int); + +#else +#define LogDebug(fmt, ...) +#define LogDebugFn(fmt, ...) +#define LogBlob(sz,blb) +#define LogDebugKey(s) +#define LogDebugUnrollKey(b) + +/* Error logging */ +#define LogError(fmt, ...) LogMessage(stderr, LOG_ERR, APPID, "ERROR: " fmt, ##__VA_ARGS__) + +/* Warn logging */ +#define LogWarn(fmt, ...) LogMessage(stdout, LOG_WARNING, APPID, fmt, ##__VA_ARGS__) + +/* Info Logging */ +#define LogInfo(fmt, ...) LogMessage(stdout, LOG_INFO, APPID, fmt, ##__VA_ARGS__) + +#define LogTPMERR(a,b,c) +#endif + +void LogBlobData(char *appid, unsigned long sizeOfBlob, unsigned char *blob); + +#endif diff --git a/src/include/tcsps.h b/src/include/tcsps.h new file mode 100644 index 0000000..8754296 --- /dev/null +++ b/src/include/tcsps.h @@ -0,0 +1,73 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004 + * + */ + +#ifndef _TCSPS_H_ +#define _TCSPS_H_ + +#include "threads.h" + +extern struct key_disk_cache *key_disk_cache_head; +/* file handles for the persistent stores */ +extern int system_ps_fd; +/* The lock that surrounds all manipulations of the disk cache */ +MUTEX_DECLARE_EXTERN(disk_cache_lock); + +int get_file(); +int put_file(int); +void close_file(int); +void ps_destroy(); +#ifdef SOLARIS +TSS_RESULT read_data(int, void *, UINT32); +TSS_RESULT write_data(int, void *, UINT32); +#else +inline TSS_RESULT read_data(int, void *, UINT32); +inline TSS_RESULT write_data(int, void *, UINT32); +#endif +int write_key_init(int, UINT32, UINT32, UINT32); +TSS_RESULT cache_key(UINT32, UINT16, TSS_UUID *, TSS_UUID *, UINT16, UINT32, UINT32); +TSS_RESULT UnloadBlob_KEY_PS(UINT16 *, BYTE *, TSS_KEY *); +TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *); +TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *); +TSS_RESULT psfile_get_key_by_uuid(int, TSS_UUID *, BYTE *, UINT16 *); +TSS_RESULT psfile_get_key_by_cache_entry(int, struct key_disk_cache *, BYTE *, UINT16 *); +TSS_RESULT psfile_get_ps_type_by_uuid(int, TSS_UUID *, UINT32 *); +TSS_RESULT psfile_get_vendor_data(int, struct key_disk_cache *, UINT32 *, BYTE **); +TSS_RESULT psfile_is_pub_registered(int, TCPA_STORE_PUBKEY *, TSS_BOOL *); +TSS_RESULT psfile_get_uuid_by_pub(int, TCPA_STORE_PUBKEY *, TSS_UUID **); +TSS_RESULT psfile_write_key(int, TSS_UUID *, TSS_UUID *, UINT32 *, BYTE *, UINT32, BYTE *, UINT16); +TSS_RESULT psfile_remove_key(int, struct key_disk_cache *); +TCPA_STORE_PUBKEY *psfile_get_pub_by_tpm_handle(int, TCPA_KEY_HANDLE); +TSS_RESULT psfile_get_tpm_handle_by_pub(int, TCPA_STORE_PUBKEY *, TCPA_KEY_HANDLE *); +TSS_RESULT psfile_get_tcs_handle_by_pub(int, TCPA_STORE_PUBKEY *, TCS_KEY_HANDLE *); +TSS_RESULT psfile_get_parent_tcs_handle_by_pub(int, TCPA_STORE_PUBKEY *, TCS_KEY_HANDLE *); +TCPA_STORE_PUBKEY *psfile_get_pub_by_tcs_handle(int, TCS_KEY_HANDLE); +TSS_RESULT psfile_get_key_by_pub(int, TCPA_STORE_PUBKEY *, UINT32 *, BYTE **); +TSS_RESULT ps_remove_key(TSS_UUID *); +int init_disk_cache(int); +int close_disk_cache(int); +TSS_RESULT clean_disk_cache(int); + +TSS_RESULT ps_write_key(TSS_UUID *, TSS_UUID *, BYTE *, UINT32, BYTE *, UINT32); +TSS_RESULT ps_get_key_by_uuid(TSS_UUID *, BYTE *, UINT16 *); +TSS_RESULT ps_get_key_by_cache_entry(struct key_disk_cache *, BYTE *, UINT16 *); +TSS_RESULT ps_get_vendor_data(struct key_disk_cache *, UINT32 *, BYTE **); +TSS_RESULT ps_init_disk_cache(); +void ps_close_disk_cache(); +TSS_RESULT ps_get_key_by_pub(TCPA_STORE_PUBKEY *, UINT32 *, BYTE **); + +#ifdef TSS_BUILD_PS +#define PS_init_disk_cache() ps_init_disk_cache() +#define PS_close_disk_cache() ps_close_disk_cache() +#else +#define PS_init_disk_cache() (TSS_SUCCESS) +#define PS_close_disk_cache() +#endif + +#endif diff --git a/src/include/tddl.h b/src/include/tddl.h new file mode 100644 index 0000000..cf5bb3a --- /dev/null +++ b/src/include/tddl.h @@ -0,0 +1,39 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004, 2005 + * + */ + + +#ifndef _TDDL_H_ +#define _TDDL_H_ + +#include <threads.h> +#include "tcsd_wrap.h" +#include "tcsd.h" + +struct tpm_device_node { + char *path; +#define TDDL_TRANSMIT_IOCTL 1 +#define TDDL_TRANSMIT_RW 2 + int transmit; + int fd; +}; + +#define TDDL_TXBUF_SIZE 2048 +#define TDDL_UNDEF -1 + +TSS_RESULT Tddli_Open(void); + +TSS_RESULT Tddli_TransmitData(BYTE *pTransmitBuf, + UINT32 TransmitBufLen, + BYTE *pReceiveBuf, + UINT32 *pReceiveBufLen); + +TSS_RESULT Tddli_Close(void); + +#endif diff --git a/src/include/threads.h b/src/include/threads.h new file mode 100644 index 0000000..3c57144 --- /dev/null +++ b/src/include/threads.h @@ -0,0 +1,52 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef __THREADS_H__ +#define __THREADS_H__ + +#ifdef HAVE_PTHREAD_H + +#include <pthread.h> + +/* mutex abstractions */ +#define MUTEX_INIT(m) pthread_mutex_init(&m, NULL) +#define MUTEX_LOCK(m) pthread_mutex_lock(&m) +#define MUTEX_UNLOCK(m) pthread_mutex_unlock(&m) +#define MUTEX_DECLARE(m) pthread_mutex_t m +#define MUTEX_DECLARE_INIT(m) pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER +#define MUTEX_DECLARE_EXTERN(m) extern pthread_mutex_t m + +/* condition variable abstractions */ +#define COND_DECLARE(c) pthread_cond_t c +#define COND_INIT(c) pthread_cond_init(&c, NULL) +#define COND_VAR pthread_cond_t +#define COND_WAIT(c,m) pthread_cond_wait(c,m) +#define COND_SIGNAL(c) pthread_cond_signal(c) + +/* thread abstractions */ +#define THREAD_ID ((THREAD_TYPE)pthread_self()) +#define THREAD_TYPE pthread_t +#define THREAD_JOIN pthread_join +#define THREAD_DETACH pthread_detach +#define THREAD_ATTR_DECLARE(a) pthread_attr_t a +#define THREAD_ATTR_INIT(a) pthread_attr_init(&a) +#define THREAD_ATTR_SETJOINABLE(a) pthread_attr_setdetachstate(&a, PTHREAD_CREATE_JOINABLE) +#define THREAD_EXIT pthread_exit +#define THREAD_CREATE(a,b,c,d) pthread_create(a,b,c,d) +#define THREAD_SET_SIGNAL_MASK pthread_sigmask +#define THREAD_NULL (THREAD_TYPE *)0 + +#else + +#error No threading library defined! (Cannot find pthread.h) + +#endif + +#endif diff --git a/src/include/trousers/trousers.h b/src/include/trousers/trousers.h new file mode 100644 index 0000000..10136d5 --- /dev/null +++ b/src/include/trousers/trousers.h @@ -0,0 +1,283 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#ifndef _TROUSERS_H_ +#define _TROUSERS_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * Utility functions offered by trousers for use in your TSS app. + * + * All functions listed here are specific to the trousers TSS and should not be + * used in applications that are intended to be portable. + * + */ + +/* Blob unloading functions */ +void Trspi_UnloadBlob(UINT64 *offset, size_t size, BYTE *container, BYTE *object); +void Trspi_UnloadBlob_BYTE(UINT64 *offset, BYTE *dataOut, BYTE *blob); +void Trspi_UnloadBlob_BOOL(UINT64 *offset, TSS_BOOL *dataOut, BYTE *blob); +void Trspi_UnloadBlob_UINT64(UINT64 *offset, UINT64 *out, BYTE *blob); +void Trspi_UnloadBlob_UINT32(UINT64 *offset, UINT32 *out, BYTE *blob); +void Trspi_UnloadBlob_UINT16(UINT64 *offset, UINT16 *out, BYTE *blob); +void Trspi_UnloadBlob_TSS_VERSION(UINT64 *offset, BYTE *blob, TSS_VERSION *out); +void Trspi_UnloadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION *out); +TSS_RESULT Trspi_UnloadBlob_PCR_INFO(UINT64 *offset, BYTE *blob, TCPA_PCR_INFO *pcr); +TSS_RESULT Trspi_UnloadBlob_PCR_INFO_LONG(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_LONG *pcr); +TSS_RESULT Trspi_UnloadBlob_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_SHORT *pcr); +TSS_RESULT Trspi_UnloadBlob_PCR_SELECTION(UINT64 *offset, BYTE *blob, TCPA_PCR_SELECTION *pcr); +TSS_RESULT Trspi_UnloadBlob_PCR_COMPOSITE(UINT64 *offset, BYTE *blob, TCPA_PCR_COMPOSITE *out); +TSS_RESULT Trspi_UnloadBlob_STORED_DATA(UINT64 *offset, BYTE *blob, TCPA_STORED_DATA *data); +void Trspi_UnloadBlob_KEY_FLAGS(UINT64 *offset, BYTE *blob, TCPA_KEY_FLAGS *flags); +TSS_RESULT Trspi_UnloadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyParms); +void Trspi_UnloadBlob_UUID(UINT64 *offset, BYTE *blob, TSS_UUID *uuid); +TSS_RESULT Trspi_UnloadBlob_STORE_PUBKEY(UINT64 *, BYTE *, TCPA_STORE_PUBKEY *); +void Trspi_UnloadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest); +TSS_RESULT Trspi_UnloadBlob_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_PUBKEY *pubKey); +TSS_RESULT Trspi_UnloadBlob_KEY(UINT64 *offset, BYTE *blob, TCPA_KEY *key); +TSS_RESULT Trspi_UnloadBlob_KEY12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key); +TSS_RESULT Trspi_UnloadBlob_MIGRATIONKEYAUTH(UINT64 *offset, BYTE *blob, TPM_MIGRATIONKEYAUTH *migAuth); +TSS_RESULT Trspi_UnloadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event); +TSS_RESULT Trspi_UnloadBlob_KM_KEYINFO(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO *info); +TSS_RESULT Trspi_UnloadBlob_KM_KEYINFO2(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO2 *info); +TSS_RESULT Trspi_UnloadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key); +TSS_RESULT Trspi_UnloadBlob_SYM_CA_ATTESTATION(UINT64 *offset, BYTE *blob, TCPA_SYM_CA_ATTESTATION *sym); +TSS_RESULT Trspi_UnloadBlob_ASYM_CA_CONTENTS(UINT64 *offset, BYTE *blob, TCPA_ASYM_CA_CONTENTS *asym); +TSS_RESULT Trspi_UnloadBlob_IDENTITY_REQ(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_REQ *req); +TSS_RESULT Trspi_UnloadBlob_IDENTITY_PROOF(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_PROOF *proof); +void Trspi_UnloadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr); +void Trspi_UnloadBlob_CURRENT_TICKS(UINT64 *offset, BYTE *blob, TPM_CURRENT_TICKS *ticks); +void Trspi_UnloadBlob_TRANSPORT_PUBLIC(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_PUBLIC *t); +void Trspi_UnloadBlob_NONCE(UINT64 *offset, BYTE* blob, TPM_NONCE *n); +TSS_RESULT Trspi_UnloadBlob_CERTIFY_INFO(UINT64 *offset, BYTE* blob, TPM_CERTIFY_INFO *c); +void Trspi_UnloadBlob_TPM_FAMILY_LABEL(UINT64 *offset, BYTE *blob, TPM_FAMILY_LABEL *label); +void Trspi_UnloadBlob_TPM_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TPM_FAMILY_TABLE_ENTRY *entry); +void Trspi_UnloadBlob_TPM_DELEGATE_LABEL(UINT64 *offset, BYTE *blob, TPM_DELEGATE_LABEL *label); +void Trspi_UnloadBlob_TPM_DELEGATIONS(UINT64 *offset, BYTE *blob, TPM_DELEGATIONS *delegations); +TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(UINT64 *offset, BYTE *blob, TPM_DELEGATE_PUBLIC *pub); +TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_OWNER_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_OWNER_BLOB *owner); +TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_KEY_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_KEY_BLOB *key); +void Trspi_UnloadBlob_TSS_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_FAMILY_TABLE_ENTRY *entry); +TSS_RESULT Trspi_UnloadBlob_TSS_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TSS_PCR_INFO_SHORT *pcr); +TSS_RESULT Trspi_UnloadBlob_TSS_DELEGATION_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_DELEGATION_TABLE_ENTRY *entry); +TSS_RESULT Trspi_UnloadBlob_TSS_PLATFORM_CLASS(UINT64 *offset, BYTE *blob, TSS_PLATFORM_CLASS *platClass); +TSS_RESULT Trspi_UnloadBlob_CAP_VERSION_INFO(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v); +TSS_RESULT Trspi_UnloadBlob_NV_INDEX(UINT64 *offset, BYTE *blob, TPM_NV_INDEX *v); +TSS_RESULT Trspi_UnloadBlob_NV_ATTRIBUTES(UINT64 *offset, BYTE *blob, TPM_NV_ATTRIBUTES *v); +TSS_RESULT Trspi_UnloadBlob_NV_DATA_PUBLIC(UINT64 *offset, BYTE *blob, TPM_NV_DATA_PUBLIC *v); + +/* Blob loading functions */ +void Trspi_LoadBlob_BOUND_DATA(UINT64 *, TCPA_BOUND_DATA, UINT32, BYTE *); +void Trspi_LoadBlob_CHANGEAUTH_VALIDATE(UINT64 *, BYTE *, TPM_CHANGEAUTH_VALIDATE *); +void Trspi_LoadBlob(UINT64 *offset, size_t size, BYTE *to, BYTE *from); +void Trspi_LoadBlob_UINT32(UINT64 *offset, UINT32 in, BYTE *blob); +void Trspi_LoadBlob_UINT16(UINT64 *offset, UINT16 in, BYTE *blob); +void Trspi_LoadBlob_BYTE(UINT64 *offset, BYTE data, BYTE *blob); +void Trspi_LoadBlob_BOOL(UINT64 *offset, TSS_BOOL data, BYTE *blob); +void Trspi_LoadBlob_RSA_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_RSA_KEY_PARMS *parms); +void Trspi_LoadBlob_TSS_VERSION(UINT64 *offset, BYTE *blob, TSS_VERSION version); +void Trspi_LoadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION version); +void Trspi_LoadBlob_PCR_INFO(UINT64 *offset, BYTE *blob, TCPA_PCR_INFO *pcr); +void Trspi_LoadBlob_PCR_INFO_LONG(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_LONG *pcr); +void Trspi_LoadBlob_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_SHORT *pcr); +void Trspi_LoadBlob_PCR_SELECTION(UINT64 *offset, BYTE *blob, TCPA_PCR_SELECTION *pcr); +void Trspi_LoadBlob_STORED_DATA(UINT64 *offset, BYTE *blob, TCPA_STORED_DATA *data); +void Trspi_LoadBlob_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_PUBKEY *pubKey); +void Trspi_LoadBlob_KEY(UINT64 *offset, BYTE *blob, TCPA_KEY *key); +void Trspi_LoadBlob_KEY12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key); +void Trspi_LoadBlob_KEY_FLAGS(UINT64 *offset, BYTE *blob, TCPA_KEY_FLAGS *flags); +void Trspi_LoadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyInfo); +void Trspi_LoadBlob_STORE_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_STORE_PUBKEY *store); +void Trspi_LoadBlob_UUID(UINT64 *offset, BYTE *blob, TSS_UUID uuid); +void Trspi_LoadBlob_CERTIFY_INFO(UINT64 *offset, BYTE *blob, TCPA_CERTIFY_INFO *certify); +void Trspi_LoadBlob_STORE_ASYMKEY(UINT64 *offset, BYTE *blob, TCPA_STORE_ASYMKEY *store); +void Trspi_LoadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event); +void Trspi_LoadBlob_PRIVKEY_DIGEST(UINT64 *offset, BYTE *blob, TCPA_KEY *key); +void Trspi_LoadBlob_PRIVKEY_DIGEST12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key); +void Trspi_LoadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key); +void Trspi_LoadBlob_SYM_CA_ATTESTATION(UINT64 *offset, BYTE *blob, TCPA_SYM_CA_ATTESTATION *sym); +void Trspi_LoadBlob_ASYM_CA_CONTENTS(UINT64 *offset, BYTE *blob, TCPA_ASYM_CA_CONTENTS *asym); +void Trspi_LoadBlob_IDENTITY_REQ(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_REQ *req); +void Trspi_LoadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr); +void Trspi_LoadBlob_TRANSPORT_PUBLIC(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_PUBLIC *t); +void Trspi_LoadBlob_TRANSPORT_AUTH(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_AUTH *t); +void Trspi_LoadBlob_SIGN_INFO(UINT64 *offset, BYTE *blob, TPM_SIGN_INFO *s); +void Trspi_LoadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest); +void Trspi_LoadBlob_NONCE(UINT64 *offset, BYTE *blob, TPM_NONCE *n); +void Trspi_LoadBlob_TPM_FAMILY_LABEL(UINT64 *offset, BYTE *blob, TPM_FAMILY_LABEL *label); +void Trspi_LoadBlob_TPM_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TPM_FAMILY_TABLE_ENTRY *entry); +void Trspi_LoadBlob_TPM_DELEGATE_LABEL(UINT64 *offset, BYTE *blob, TPM_DELEGATE_LABEL *label); +void Trspi_LoadBlob_TPM_DELEGATIONS(UINT64 *offset, BYTE *blob, TPM_DELEGATIONS *delegations); +void Trspi_LoadBlob_TPM_DELEGATE_PUBLIC(UINT64 *offset, BYTE *blob, TPM_DELEGATE_PUBLIC *pub); +void Trspi_LoadBlob_TPM_DELEGATE_OWNER_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_OWNER_BLOB *owner); +void Trspi_LoadBlob_TPM_DELEGATE_KEY_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_KEY_BLOB *key); +void Trspi_LoadBlob_TSS_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_FAMILY_TABLE_ENTRY *entry); +void Trspi_LoadBlob_TSS_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TSS_PCR_INFO_SHORT *pcr); +void Trspi_LoadBlob_TSS_DELEGATION_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_DELEGATION_TABLE_ENTRY *entry); +void Trspi_LoadBlob_MIGRATIONKEYAUTH(UINT64 *offset, BYTE *blob, TPM_MIGRATIONKEYAUTH *migAuth); +void Trspi_LoadBlob_MSA_COMPOSITE(UINT64 *offset, BYTE *blob, TPM_MSA_COMPOSITE *msaComp); +void Trspi_LoadBlob_CMK_AUTH(UINT64 *offset, BYTE *blob, TPM_CMK_AUTH *cmkAuth); +void Trspi_LoadBlob_CAP_VERSION_INFO(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v); + +/* Cryptographic Functions */ + +/* Hash @BufSize bytes at location @Buf using the algorithm @HashType. Currently only + * TSS_HASH_SHA1 is a suported type, so 20 bytes will be written to @Digest */ +TSS_RESULT Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE *Buf, BYTE *Digest); + +typedef struct _Trspi_HashCtx { + void *ctx; +} Trspi_HashCtx; + +TSS_RESULT Trspi_HashInit(Trspi_HashCtx *c, UINT32 type); +TSS_RESULT Trspi_HashUpdate(Trspi_HashCtx *c, UINT32 size, BYTE *data); +TSS_RESULT Trspi_HashFinal(Trspi_HashCtx *c, BYTE *out_digest); + +/* Functions to support incremental hashing */ +TSS_RESULT Trspi_Hash_UINT16(Trspi_HashCtx *c, UINT16 i); +TSS_RESULT Trspi_Hash_UINT32(Trspi_HashCtx *c, UINT32 i); +TSS_RESULT Trspi_Hash_UINT64(Trspi_HashCtx *c, UINT64 i); +TSS_RESULT Trspi_Hash_DAA_PK(Trspi_HashCtx *c, TSS_DAA_PK *pk); +TSS_RESULT Trspi_Hash_PUBKEY(Trspi_HashCtx *c, TCPA_PUBKEY *pubKey); +TSS_RESULT Trspi_Hash_BYTE(Trspi_HashCtx *c, BYTE data); +TSS_RESULT Trspi_Hash_BOOL(Trspi_HashCtx *c, TSS_BOOL data); +TSS_RESULT Trspi_Hash_RSA_KEY_PARMS(Trspi_HashCtx *c, TCPA_RSA_KEY_PARMS *parms); +TSS_RESULT Trspi_Hash_VERSION(Trspi_HashCtx *c, TSS_VERSION *version); +TSS_RESULT Trspi_Hash_STORED_DATA(Trspi_HashCtx *c, TCPA_STORED_DATA *data); +TSS_RESULT Trspi_Hash_PCR_SELECTION(Trspi_HashCtx *c, TCPA_PCR_SELECTION *pcr); +TSS_RESULT Trspi_Hash_KEY(Trspi_HashCtx *c, TCPA_KEY *key); +TSS_RESULT Trspi_Hash_KEY12(Trspi_HashCtx *c, TPM_KEY12 *key); +TSS_RESULT Trspi_Hash_KEY_FLAGS(Trspi_HashCtx *c, TCPA_KEY_FLAGS *flags); +TSS_RESULT Trspi_Hash_KEY_PARMS(Trspi_HashCtx *c, TCPA_KEY_PARMS *keyInfo); +TSS_RESULT Trspi_Hash_STORE_PUBKEY(Trspi_HashCtx *c, TCPA_STORE_PUBKEY *store); +TSS_RESULT Trspi_Hash_UUID(Trspi_HashCtx *c, TSS_UUID uuid); +TSS_RESULT Trspi_Hash_PCR_EVENT(Trspi_HashCtx *c, TSS_PCR_EVENT *event); +TSS_RESULT Trspi_Hash_PRIVKEY_DIGEST(Trspi_HashCtx *c, TCPA_KEY *key); +TSS_RESULT Trspi_Hash_PRIVKEY_DIGEST12(Trspi_HashCtx *c, TPM_KEY12 *key); +TSS_RESULT Trspi_Hash_SYMMETRIC_KEY(Trspi_HashCtx *c, TCPA_SYMMETRIC_KEY *key); +TSS_RESULT Trspi_Hash_IDENTITY_REQ(Trspi_HashCtx *c, TCPA_IDENTITY_REQ *req); +TSS_RESULT Trspi_Hash_CHANGEAUTH_VALIDATE(Trspi_HashCtx *c, TPM_CHANGEAUTH_VALIDATE *caValidate); +TSS_RESULT Trspi_Hash_SYM_CA_ATTESTATION(Trspi_HashCtx *c, TCPA_SYM_CA_ATTESTATION *sym); +TSS_RESULT Trspi_Hash_ASYM_CA_CONTENTS(Trspi_HashCtx *c, TCPA_ASYM_CA_CONTENTS *asym); +TSS_RESULT Trspi_Hash_BOUND_DATA(Trspi_HashCtx *c, TCPA_BOUND_DATA *bd, UINT32 payloadLength); +TSS_RESULT Trspi_Hash_TRANSPORT_AUTH(Trspi_HashCtx *c, TPM_TRANSPORT_AUTH *a); +TSS_RESULT Trspi_Hash_TRANSPORT_LOG_IN(Trspi_HashCtx *c, TPM_TRANSPORT_LOG_IN *l); +TSS_RESULT Trspi_Hash_TRANSPORT_LOG_OUT(Trspi_HashCtx *c, TPM_TRANSPORT_LOG_OUT *l); +TSS_RESULT Trspi_Hash_CURRENT_TICKS(Trspi_HashCtx *c, TPM_CURRENT_TICKS *t); +TSS_RESULT Trspi_Hash_SIGN_INFO(Trspi_HashCtx *c, TPM_SIGN_INFO *s); +TSS_RESULT Trspi_Hash_MSA_COMPOSITE(Trspi_HashCtx *c, TPM_MSA_COMPOSITE *m); +#define Trspi_Hash_DIGEST(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d) +#define Trspi_Hash_NONCE(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d) +#define Trspi_Hash_ENCAUTH(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d) +#define Trspi_Hash_HMAC(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d) +#define Trspi_Hash_SECRET(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d) + + +UINT32 Trspi_HMAC(UINT32 HashType, UINT32 SecretSize, BYTE*Secret, UINT32 BufSize, BYTE*Buf, BYTE*hmacOut); + +/* RSA encrypt @dataToEncryptLen bytes at location @dataToEncrypt using public key + * @publicKey of size @keysize. This data will be encrypted using OAEP padding in + * the openssl library using the OAEP padding parameter "TCPA". This will allow + * data encrypted with this function to be decrypted by a TPM using non-legacy keys */ +int Trspi_RSA_Encrypt(unsigned char *dataToEncrypt, + unsigned int dataToEncryptLen, + unsigned char *encryptedData, + unsigned int *encryptedDataLen, + unsigned char *publicKey, + unsigned int keysize); + +TSS_RESULT Trspi_Verify(UINT32 HashType, BYTE *pHash, UINT32 iHashLength, + unsigned char *pModulus, int iKeyLength, + BYTE *pSignature, UINT32 sig_len); + +int Trspi_RSA_Public_Encrypt(unsigned char *in, unsigned int inlen, + unsigned char *out, unsigned int *outlen, + unsigned char *pubkey, unsigned int pubsize, + unsigned int e, int padding); + +#define TR_RSA_PKCS1_PADDING 1 +#define TR_RSA_PKCS1_OAEP_PADDING 2 +#define TR_RSA_NO_PADDING 3 + +#define Trspi_RSA_PKCS15_Encrypt(in,inlen,out,outlen,pubKey,pubSize) \ + Trspi_RSA_Public_Encrypt(in,inlen,out,outlen,pubKey,pubSize,65537,TR_RSA_PKCS1_PADDING) + +#define Trspi_RSA_OAEP_Encrypt(in,inlen,out,outlen,pubKey,pubSize) \ + Trspi_RSA_Public_Encrypt(in,inlen,out,outlen,pubKey,pubSize,65537, \ + TR_RSA_PKCS1_OAEP_PADDING) + +#define Trspi_TPM_RSA_OAEP_Encrypt(in,inlen,out,outlen,pubKey,pubSize) \ + Trspi_RSA_Encrypt(in,inlen,out,outlen,pubKey,pubSize) + +/* Symmetric Encryption */ + +TSS_RESULT Trspi_Encrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, + BYTE *out, UINT32 *out_len); +TSS_RESULT Trspi_Decrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, + BYTE *out, UINT32 *out_len); + +#define TR_SYM_MODE_ECB 1 +#define TR_SYM_MODE_CBC 2 +#define TR_SYM_MODE_CTR 3 +#define TR_SYM_MODE_OFB 4 + +TSS_RESULT Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 in_len, + BYTE *out, UINT32 *out_len); +TSS_RESULT Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 in_len, + BYTE *out, UINT32 *out_len); + +TSS_RESULT Trspi_MGF1(UINT32 alg, UINT32 seedLen, BYTE *seed, UINT32 outLen, BYTE *out); + +/* String Functions */ + +/* Below UNICODE is in reference to the TSS type of that name, which is + * actually UTF-16. */ + +/* Convert @string to a UNICODE string. On error, NULL is returned. If len + * is non-NULL, *len will be set to the size of the returned buffer. */ +BYTE *Trspi_Native_To_UNICODE(BYTE *string, unsigned *len); + +/* convert UNICODE @string to a string from the current codeset. If len + * is non-NULL, *len will be set to the size of the returned buffer. */ +BYTE *Trspi_UNICODE_To_Native(BYTE *string, unsigned *len); + +/* Error Functions */ + +/* return a human readable string based on the result */ +char *Trspi_Error_String(TSS_RESULT); + +/* return a human readable error layer ( "tpm", "tddl", etc...) */ +char *Trspi_Error_Layer(TSS_RESULT); + +/* return just the error code bits of the result */ +TSS_RESULT Trspi_Error_Code(TSS_RESULT); + +#ifdef __cplusplus +} +#endif + +/* masks */ +#define TSS_KEY_SIZE_MASK 0x00000F00 +#define TSS_KEY_TYPE_MASK 0x000000F0 +#define TSS_ENCDATA_TYPE_MASK 0x0000000F + +/* These should be passed an TSS_FLAG parameter as to + * Tspi_Context_CreateObject + */ +#define TSS_KEY_SIZE(x) (x & TSS_KEY_SIZE_MASK) +#define TSS_KEY_TYPE(x) (x & TSS_KEY_TYPE_MASK) +#define TSS_ENCDATA_TYPE(x) (x & TSS_ENCDATA_TYPE_MASK) + +#define TSS_LOCALITY_ALL (TPM_LOC_ZERO|TPM_LOC_ONE|TPM_LOC_TWO|TPM_LOC_THREE|TPM_LOC_FOUR) + +#endif diff --git a/src/include/trousers/tss.h b/src/include/trousers/tss.h new file mode 100644 index 0000000..d0897af --- /dev/null +++ b/src/include/trousers/tss.h @@ -0,0 +1,33 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#ifndef _TSS_H_ +#define _TSS_H_ + +#include <stdlib.h> + +#include <tss/platform.h> +#include <tss/tss_error_basics.h> +#include <tss/tddl_error.h> +#include <tss/tcs_typedef.h> +#include <tss/tss_typedef.h> +#include <tss/tss_structs.h> +#include <tss/tcs_structs.h> +#include <tss/tcs_error.h> +#include <tss/tcs.h> +#include <tss/tss_error.h> + +#include <tss/tddlapi_error.h> +#include <tss/tcs_defines.h> +#include <tss/tss_defines.h> +#include <tss/tddli.h> +#include <tss/tspi.h> + +#endif diff --git a/src/include/trousers_types.h b/src/include/trousers_types.h new file mode 100644 index 0000000..1c1d79f --- /dev/null +++ b/src/include/trousers_types.h @@ -0,0 +1,128 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004, 2005, 2007 + * + */ + +#ifndef _TROUSERS_TYPES_H_ +#define _TROUSERS_TYPES_H_ + +#define TCPA_NONCE_SIZE sizeof(TCPA_NONCE) +#define TCPA_DIGEST_SIZE sizeof(TCPA_DIGEST) +#define TCPA_ENCAUTH_SIZE sizeof(TCPA_ENCAUTH) +#define TCPA_DIRVALUE_SIZE sizeof(TCPA_DIRVALUE) +#define TCPA_AUTHDATA_SIZE sizeof(TCPA_AUTHDATA) +#define TPM_NONCE_SIZE TCPA_NONCE_SIZE +#define TPM_DIGEST_SIZE TCPA_DIGEST_SIZE +#define TPM_ENCAUTH_SIZE TCPA_ENCAUTH_SIZE +#define TPM_DIRVALUE_SIZE TCPA_DIRVALUE_SIZE +#define TPM_AUTHDATA_SIZE TCPA_AUTHDATA_SIZE + +#define TSS_FLAG_MIGRATABLE (migratable) +#define TSS_FLAG_VOLATILE (volatileKey) +#define TSS_FLAG_REDIRECTION (redirection) + +/* return codes */ +#define TCPA_E_INAPPROPRIATE_ENC TCPA_E_NEED_SELFTEST + +#define TSS_ERROR_LAYER(x) (x & 0x3000) +#define TSS_ERROR_CODE(x) (x & TSS_MAX_ERROR) + +#ifdef TSS_DEBUG +#define TSPERR(x) LogTSPERR(x, __FILE__, __LINE__) +#define TCSERR(x) LogTCSERR(x, __FILE__, __LINE__) +#define TDDLERR(x) LogTDDLERR(x, __FILE__, __LINE__) +#else +#define TSPERR(x) (x | TSS_LAYER_TSP) +#define TCSERR(x) (x | TSS_LAYER_TCS) +#define TDDLERR(x) (x | TSS_LAYER_TDDL) +#endif + +extern TSS_UUID NULL_UUID; +extern TSS_UUID SRK_UUID; + +#define NULL_HOBJECT 0 +#define NULL_HCONTEXT NULL_HOBJECT +#define NULL_HPCRS NULL_HOBJECT +#define NULL_HENCDATA NULL_HOBJECT +#define NULL_HKEY NULL_HOBJECT +#define NULL_HTPM NULL_HOBJECT +#define NULL_HHASH NULL_HOBJECT +#define NULL_HPOLICY NULL_HOBJECT +#define NULL_HDELFAMILY NULL_HOBJECT +#define NULL_HMIGDATA NULL_HOBJECT + +#define TSS_OBJECT_TYPE_CONTEXT (0x0e) +#define TSS_OBJECT_TYPE_TPM (0x0f) + +#define TSS_PS_TYPE_NO (0) + +/* Derived Types */ +#define TSS_MIGRATION_SCHEME TSS_MIGRATE_SCHEME + +// The TPM's non-volatile flags (TPM_PERMANENT_FLAGS) +#define TSS_TPM_PF_DISABLE_BIT (1 << (TPM_PF_DISABLE - 1)) +#define TSS_TPM_PF_OWNERSHIP_BIT (1 << (TPM_PF_OWNERSHIP - 1)) +#define TSS_TPM_PF_DEACTIVATED_BIT (1 << (TPM_PF_DEACTIVATED - 1)) +#define TSS_TPM_PF_READPUBEK_BIT (1 << (TPM_PF_READPUBEK - 1)) +#define TSS_TPM_PF_DISABLEOWNERCLEAR_BIT (1 << (TPM_PF_DISABLEOWNERCLEAR - 1)) +#define TSS_TPM_PF_ALLOWMAINTENANCE_BIT (1 << (TPM_PF_ALLOWMAINTENANCE - 1)) +#define TSS_TPM_PF_PHYSICALPRESENCELIFETIMELOCK_BIT (1 << (TPM_PF_PHYSICALPRESENCELIFETIMELOCK - 1)) +#define TSS_TPM_PF_PHYSICALPRESENCEHWENABLE_BIT (1 << (TPM_PF_PHYSICALPRESENCEHWENABLE - 1)) +#define TSS_TPM_PF_PHYSICALPRESENCECMDENABLE_BIT (1 << (TPM_PF_PHYSICALPRESENCECMDENABLE - 1)) +#define TSS_TPM_PF_CEKPUSED_BIT (1 << (TPM_PF_CEKPUSED - 1)) +#define TSS_TPM_PF_TPMPOST_BIT (1 << (TPM_PF_TPMPOST - 1)) +#define TSS_TPM_PF_TPMPOSTLOCK_BIT (1 << (TPM_PF_TPMPOSTLOCK - 1)) +#define TSS_TPM_PF_FIPS_BIT (1 << (TPM_PF_FIPS - 1)) +#define TSS_TPM_PF_OPERATOR_BIT (1 << (TPM_PF_OPERATOR - 1)) +#define TSS_TPM_PF_ENABLEREVOKEEK_BIT (1 << (TPM_PF_ENABLEREVOKEEK - 1)) +#define TSS_TPM_PF_NV_LOCKED_BIT (1 << (TPM_PF_NV_LOCKED - 1)) +#define TSS_TPM_PF_READSRKPUB_BIT (1 << (TPM_PF_READSRKPUB - 1)) +#define TSS_TPM_PF_RESETESTABLISHMENTBIT_BIT (1 << (TPM_PF_RESETESTABLISHMENTBIT - 1)) +#define TSS_TPM_PF_MAINTENANCEDONE_BIT (1 << (TPM_PF_MAINTENANCEDONE - 1)) + +// The TPM's volatile flags (TPM_STCLEAR_FLAGS) +#define TSS_TPM_SF_DEACTIVATED_BIT (1 << (TPM_SF_DEACTIVATED - 1)) +#define TSS_TPM_SF_DISABLEFORCECLEAR_BIT (1 << (TPM_SF_DISABLEFORCECLEAR - 1)) +#define TSS_TPM_SF_PHYSICALPRESENCE_BIT (1 << (TPM_SF_PHYSICALPRESENCE - 1)) +#define TSS_TPM_SF_PHYSICALPRESENCELOCK_BIT (1 << (TPM_SF_PHYSICALPRESENCELOCK - 1)) +#define TSS_TPM_SF_GLOBALLOCK_BIT (1 << (TPM_SF_GLOBALLOCK - 1)) + +// Trousers key formats to ease use of the different TPM_KEY structs +typedef struct tdTSS_KEY11_HDR { + TPM_STRUCT_VER ver; +} TSS_KEY11_HDR; + +typedef struct tdTSS_KEY12_HDR { + TPM_STRUCTURE_TAG tag; + UINT16 fill; +} __attribute__((packed)) TSS_KEY12_HDR; + +typedef struct tdTSS_KEY { + union { + TSS_KEY11_HDR key11; + TSS_KEY12_HDR key12; + } hdr; + TPM_KEY_USAGE keyUsage; + TPM_KEY_FLAGS keyFlags; + TPM_AUTH_DATA_USAGE authDataUsage; + TPM_KEY_PARMS algorithmParms; + UINT32 PCRInfoSize; + BYTE *PCRInfo; + TPM_STORE_PUBKEY pubKey; + UINT32 encSize; + BYTE *encData; +} TSS_KEY; + +#if (defined (__linux) || defined (linux) || defined (SOLARIS) || defined (__GLIBC__)) +#define BSD_CONST +#elif (defined (__OpenBSD__) || defined (__FreeBSD__)) +#define BSD_CONST const +#endif + + +#endif diff --git a/src/include/tsp_audit.h b/src/include/tsp_audit.h new file mode 100644 index 0000000..71bf8c4 --- /dev/null +++ b/src/include/tsp_audit.h @@ -0,0 +1,16 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#ifndef _TSP_AUDIT_H_ +#define _TSP_AUDIT_H_ + +TSS_RESULT __tspi_audit_set_ordinal_audit_status(TSS_HTPM, TSS_FLAG, TSS_FLAG, UINT32); + +#endif diff --git a/src/include/tsp_delegate.h b/src/include/tsp_delegate.h new file mode 100644 index 0000000..ce93d2d --- /dev/null +++ b/src/include/tsp_delegate.h @@ -0,0 +1,23 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#ifndef _TSP_DELEGATE_H_ +#define _TSP_DELEGATE_H_ + +TSS_RESULT do_delegate_manage(TSS_HTPM hTpm, UINT32 familyID, UINT32 opFlag, + UINT32 opDataSize, BYTE *opData, UINT32 *outDataSize, BYTE **outData); +TSS_RESULT create_key_delegation(TSS_HKEY, BYTE, UINT32, TSS_HPCRS, TSS_HDELFAMILY, TSS_HPOLICY); +TSS_RESULT create_owner_delegation(TSS_HTPM, BYTE, UINT32, TSS_HPCRS, TSS_HDELFAMILY, TSS_HPOLICY); + +TSS_RESULT update_delfamily_object(TSS_HTPM, UINT32); +TSS_RESULT get_delegate_index(TSS_HCONTEXT, UINT32, TPM_DELEGATE_PUBLIC *); +TSS_RESULT __tspi_build_delegate_public_info(BYTE, TSS_HPCRS, TSS_HDELFAMILY, TSS_HPOLICY, UINT32 *, BYTE **); + +#endif diff --git a/src/include/tsp_seal.h b/src/include/tsp_seal.h new file mode 100644 index 0000000..05956c1 --- /dev/null +++ b/src/include/tsp_seal.h @@ -0,0 +1,16 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#ifndef _TSP_SEAL_H_ +#define _TSP_SEAL_H_ + +TSS_RESULT sealx_mask_cb(UINT32, BYTE *, UINT32, BYTE *, BYTE *, UINT32, BYTE *, BYTE *); + +#endif diff --git a/src/include/tsplog.h b/src/include/tsplog.h new file mode 100644 index 0000000..bb2fa6b --- /dev/null +++ b/src/include/tsplog.h @@ -0,0 +1,52 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + + +#ifndef _TSPLOG_H_ +#define _TSPLOG_H_ + +#include <stdio.h> +#include <syslog.h> +#include <stdlib.h> + +/* Debug logging */ +#ifdef TSS_DEBUG +/* log to stdout */ +#define LogMessage(dest, priority, layer, fmt, ...) \ + do { \ + if (getenv("TSS_DEBUG_OFF") == NULL) { \ + fprintf(dest, "%s %s %s:%d " fmt "\n", priority, layer, __FILE__, __LINE__, ## __VA_ARGS__); \ + } \ + } while (0) + +#define LogDebug(fmt, ...) LogMessage(stdout, "LOG_DEBUG", APPID, fmt, ##__VA_ARGS__) +#define LogDebugFn(fmt, ...) LogMessage(stdout, "LOG_DEBUG", APPID, "%s: " fmt, __FUNCTION__, ##__VA_ARGS__) +#define LogDebugData(sz,blb) LogBlobData(APPID, sz, blb) + +/* Error logging */ +#define LogError(fmt, ...) LogMessage(stderr, "LOG_ERR", APPID, "ERROR: " fmt, ##__VA_ARGS__) +/* Warn logging */ +#define LogWarn(fmt, ...) LogMessage(stdout, "LOG_WARNING", APPID, "WARNING: " fmt, ##__VA_ARGS__) +/* Info Logging */ +#define LogInfo(fmt, ...) LogMessage(stdout, "LOG_INFO", APPID, fmt, ##__VA_ARGS__) +/* Return Value logging */ +extern TSS_RESULT LogTSPERR(TSS_RESULT, char *, int); +#else +#define LogDebug(fmt, ...) +#define LogDebugFn(fmt, ...) +#define LogDebugData(sz,blb) +#define LogError(fmt, ...) +#define LogWarn(fmt, ...) +#define LogInfo(fmt, ...) +#endif + +void LogBlobData(char *appid, unsigned long sizeOfBlob, unsigned char *blob); + +#endif diff --git a/src/include/tspps.h b/src/include/tspps.h new file mode 100644 index 0000000..17b0aab --- /dev/null +++ b/src/include/tspps.h @@ -0,0 +1,59 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2006 + * + */ + +#ifndef _TSPPS_H_ +#define _TSPPS_H_ + +#define PASSWD_BUFSIZE 4096 + +#define TSS_USER_PS_DIR ".trousers" +#define TSS_USER_PS_FILE "user.data" + +TSS_RESULT get_file(int *); +int put_file(int); +inline TSS_RESULT read_data(int, void *, UINT32); +inline TSS_RESULT write_data(int, void *, UINT32); +UINT32 psfile_get_num_keys(int); +TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *); +TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *); +TSS_RESULT psfile_get_key_by_uuid(int, TSS_UUID *, BYTE *); +TSS_RESULT psfile_get_ps_type_by_uuid(int, TSS_UUID *, UINT32 *); +TSS_RESULT psfile_is_pub_registered(int, TCPA_STORE_PUBKEY *, TSS_BOOL *); +TSS_RESULT psfile_is_key_registered(int, TSS_UUID *, TSS_BOOL *); +TSS_RESULT psfile_get_uuid_by_pub(int, UINT32, BYTE *, TSS_UUID *); +TSS_RESULT psfile_write_key(int, TSS_UUID *, TSS_UUID *, UINT32, BYTE *, UINT16); +TSS_RESULT psfile_get_key_by_pub(int, TSS_UUID *, UINT32, BYTE *, BYTE *); +TSS_RESULT psfile_get_registered_keys(int, TSS_UUID *, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO **); +TSS_RESULT psfile_get_registered_keys2(int, TSS_UUID *, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO2 **); +TSS_RESULT psfile_remove_key(int, TSS_UUID *); +TSS_RESULT psfile_get_parent_ps_type(int, TSS_UUID *, UINT32 *); +TSS_RESULT psfile_get_cache_entry_by_uuid(int, TSS_UUID *, struct key_disk_cache *); +TSS_RESULT psfile_get_cache_entry_by_pub(int, UINT32, BYTE *, struct key_disk_cache *); +void psfile_close(int); + +TSS_RESULT ps_remove_key(TSS_UUID *); +TSS_RESULT ps_write_key(TSS_UUID *, TSS_UUID *, UINT32, UINT32, BYTE *); +TSS_RESULT ps_get_key_by_uuid(TSS_HCONTEXT, TSS_UUID *, TSS_HKEY *); +TSS_RESULT ps_init_disk_cache(); +TSS_RESULT ps_close(); +TSS_RESULT ps_get_key_by_pub(TSS_HCONTEXT, UINT32, BYTE *, TSS_HKEY *); +TSS_RESULT ps_get_parent_uuid_by_uuid(TSS_UUID *, TSS_UUID *); +TSS_RESULT ps_get_parent_ps_type_by_uuid(TSS_UUID *, UINT32 *); +TSS_RESULT ps_is_key_registered(TSS_UUID *, TSS_BOOL *); +TSS_RESULT ps_get_registered_keys(TSS_UUID *uuid, TSS_UUID *, UINT32 *size, TSS_KM_KEYINFO **); +TSS_RESULT ps_get_registered_keys2(TSS_UUID *uuid, TSS_UUID *, UINT32 *size, TSS_KM_KEYINFO2 **); + +#ifdef TSS_BUILD_PS +#define PS_close() ps_close() +#else +#define PS_close() +#endif + +#endif diff --git a/src/include/tss/TSP.idl b/src/include/tss/TSP.idl new file mode 100644 index 0000000..40f95b7 --- /dev/null +++ b/src/include/tss/TSP.idl @@ -0,0 +1,762 @@ +/*++
+
++++TSP.idl
+
+ Interface declarations for the TSS Service Provider
+ - COM interface for Windows based platforms
+
+--*/
+import "oaidl.idl"; // include ODL base types
+import "ocidl.idl";
+
+//import the header files from TSS v1.2
+import "tss_typedef.h";
+import "tss_structs.h";
+
+// forward declaration
+interface ITCPAPolicy;
+interface ITCPAKey;
+
+/*
+Missing:
+TSS_RESULT Tspi_Context_Create
+TSS_RESULT Tspi_Context_Close
+TSS_RESULT Tspi_Context_FreeMemory
+*/
+
+ //ITCPAAttrib Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C2E-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAAttrib Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAAttrib : IUnknown
+ {
+ [helpstring("method SetAttribUint32")]
+ HRESULT SetAttribUint32([in] TSS_FLAG attribFlag,
+ [in] TSS_FLAG subFlags,
+ [in] UINT32 ulAttrib);
+
+ [helpstring("method GetAttribUint32")]
+ HRESULT GetAttribUint32([in] TSS_FLAG attribFlag,
+ [in] TSS_FLAG subFlags,
+ [out] UINT32* pulAttrib);
+
+ [helpstring("method SetAttribData")]
+ HRESULT SetAttribData([in] TSS_FLAG attribFlag,
+ [in] TSS_FLAG subFlags,
+ [in] UINT32 ulAttribDataSize,
+ [in, ptr, size_is(ulAttribDataSize)] BYTE* pbAttribData);
+
+ [helpstring("method GetAttribData")]
+ HRESULT GetAttribData([in] TSS_FLAG attribFlag,
+ [in] TSS_FLAG subFlags,
+ [out] UINT32* pulAttribDataSize,
+ [out, size_is(, *pulAttribDataSize)] BYTE** ppbAttribData);
+ }
+
+ //ITCPAAuth Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C2F-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAAuth Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAAuth : IUnknown
+ {
+ [helpstring("method GetPolicyObject")]
+ HRESULT GetPolicyObject([in] TSS_FLAG PolicyType,
+ [out] ITCPAPolicy** ppPolicyObject);
+
+ [helpstring("method ChangeAuth")]
+ HRESULT ChangeAuth([in] IUnknown* PpParentObject,
+ [in] ITCPAPolicy* PpNewPolicy);
+
+// HRESULT ChangeAuthAsym
+
+ };
+
+ [
+ object,
+ uuid(FBCD9C2D-72CB-47BB-99DD-2317551491DE),
+ helpstring("ITCPAPcrs Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAPcrs : IUnknown
+ {
+ [helpstring("method SetPcrValue")]
+ HRESULT SetPcrValue([in] UINT32 ulPCRIndex,
+ [in] UINT32 ulPcrValueLength,
+ [in, size_is(ulPcrValueLength)] BYTE* pbPcrValue);
+
+ [helpstring("method GetPcrValue")]
+ HRESULT GetPcrValue([in] UINT32 ulPCRIndex,
+ [out] UINT32* pulPcrValueLength,
+ [out, size_is(, *pulPcrValueLength)] BYTE** ppbPcrValue);
+
+ [helpstring("method SelectPcrIndex")]
+ HRESULT SelectPcrIndex([in] UINT32 ulPCRIndex);
+
+ };
+
+ //ITCPAKey Interface
+ [
+ object,
+ uuid(FBCD9C27-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAKey Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAKey : IUnknown
+ {
+ [helpstring("method LoadKey")]
+ HRESULT LoadKey([in] ITCPAKey* pUnwrappingKey);
+
+ [helpstring("method CreateKey")]
+ HRESULT CreateKey([in] ITCPAKey* pUnwrappingKey,
+ [in] ITCPAPcrs* pPcrComosite);
+
+ [helpstring("method WrapKey")]
+ HRESULT WrapKey([in] ITCPAKey* pWrappinKey,
+ [in] ITCPAPcrs* pPcrComposite);
+
+ [helpstring("method CertifyKey")]
+ HRESULT CertifyKey([in] ITCPAKey* pCertifyingKey,
+ [in, out, ptr] TSS_VALIDATION* pValidation);
+
+ [helpstring("method GetPubKey")]
+ HRESULT GetPubKey([out] UINT32* pulPubKeyLength,
+ [out, size_is(, *pulPubKeyLength)] BYTE** ppbPubKey);
+
+ [helpstring("method UnLoadKey")]
+ HRESULT UnLoadKey();
+ };
+
+ // ITCPAMigration
+ [
+ local,
+ object,
+ uuid(FBCD9C30-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAMigration Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAMigration : IUnknown
+ {
+ [helpstring("method CreateMigrationBlob")]
+ HRESULT CreateMigrationBlob([in] ITCPAKey *pParentKey,
+ [in] UINT32 ulMigTicketLength,
+ [in, size_is(ulMigTicketLength)] BYTE* rgbMigTicket,
+ [out] UINT32 *pulRandomLength,
+ [out, size_is(, *pulRandomLength)] BYTE **prgbRandom,
+ [out] UINT32 *pulMigrationBlobLength,
+ [out, size_is(, *pulMigrationBlobLength)] BYTE **prgbMigBlob);
+
+ [helpstring("method ConvertMigrationBlob")]
+ HRESULT ConvertMigrationBlob([in] ITCPAKey *pParentKey,
+ [in] UINT32 ulRandomLength,
+ [in, size_is(ulRandomLength)] BYTE *rgbRandom,
+ [in] UINT32 ulMigrationBlobLength,
+ [in, size_is(ulMigrationBlobLength)] BYTE *rgbMigBlob);
+ };
+
+ //ITCPAEncData Interface
+ [
+ uuid(FBCD9C29-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAEncData Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAEncData : IUnknown
+ {
+ [helpstring("method Seal")]
+ HRESULT Seal([in] ITCPAKey* pEncKey,
+ [in] UINT32 ulDataLength,
+ [in, size_is(ulDataLength)] BYTE* pbData,
+ [in] ITCPAPcrs* pPcrComposite);
+
+ [helpstring("method Unseal")]
+ HRESULT Unseal([in] ITCPAKey* pKey,
+ [out] UINT32* pulUnsealedDataLength,
+ [out, size_is(, *pulUnsealedDataLength)] BYTE** ppbData);
+
+ [helpstring("method Bind")]
+ HRESULT Bind([in] ITCPAKey* pEncKey,
+ [in] UINT32 ulDataLength,
+ [in, size_is(ulDataLength)] BYTE* pbData);
+
+ [helpstring("method Unbind")]
+ HRESULT Unbind([in] ITCPAKey* pKey,
+ [out] UINT32* pulUnboundDataLength,
+ [out, size_is(, *pulUnboundDataLength)] BYTE** ppbData);
+
+ };
+
+ //ITCPAHash Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C2B-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAHash Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAHash : IUnknown
+ {
+ [helpstring("method SetHashValue")]
+ HRESULT SetHashValue([in] UINT32 ulHashValueLength,
+ [in, size_is(ulHashValueLength)] BYTE* pbHash);
+
+ [helpstring("method GetHashValue")]
+ HRESULT GetHashValue([out] UINT32* pulHashValueLength,
+ [out, size_is(, *pulHashValueLength)] BYTE** ppbHash);
+
+ [helpstring("method UpdateHashValue")]
+ HRESULT UpdateHashValue([in] UINT32 ulDataLength,
+ [in, size_is(ulDataLength)] BYTE* pbData);
+
+ [helpstring("method Sign")]
+ HRESULT Sign([in] ITCPAKey* pKey,
+ [out] UINT32* pulSignatureLength,
+ [out, size_is(, *pulSignatureLength)] BYTE** ppbSignature);
+
+ [helpstring("method VerifySignature")]
+ HRESULT VerifySignature([in] ITCPAKey* pKey,
+ [in] UINT32 ulSignatureLength,
+ [in, size_is(ulSignatureLength)] BYTE* pbSignature);
+
+ };
+
+ //ITCPAPolicy Interface
+ [
+ uuid(FBCD9C1E-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAPolicy Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAPolicy : IUnknown
+ {
+ [helpstring("method SetSecret")]
+ HRESULT SetSecret([in] TSS_FLAG SecretMode,
+ [in] UINT32 ulSecretLength,
+ [in, ptr, size_is(ulSecretLength)] BYTE* pbSecret);
+
+ [helpstring("method FlushSecret")]
+ HRESULT FlushSecret();
+
+ [helpstring("method AssignToObject")]
+ HRESULT AssignToObject([in] IUnknown* pUnkObject);
+
+ };
+
+ //ITCPAAdministration Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C24-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAAdministration Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAAdministration : IUnknown
+ {
+ [helpstring("method SelfTestFull")]
+ HRESULT SelfTestFull();
+
+ [helpstring("method GetTestResult")]
+ HRESULT GetTestResult([out] UINT32* pulTestResultLength,
+ [out, size_is(, *pulTestResultLength)] BYTE** ppbTestResult);
+
+ [helpstring("method CertifySelfTest")]
+ HRESULT CertifySelfTest([in] ITCPAKey* phKey,
+ [in, out, ptr] TSS_VALIDATION* pValidationData);
+
+ [helpstring("method CreateEndorsementKey")]
+ HRESULT CreateEndorsementKey([in] ITCPAKey* pEndorsementKey,
+ [in, out, ptr] TSS_VALIDATION* pValidation);
+
+ [helpstring("method GetPubEndorsementKey")]
+ HRESULT GetPubEndorsementKey([in] BOOL fOwnerAuthorized,
+ [in, out, ptr] TSS_VALIDATION* pValidation,
+ [out] ITCPAKey** ppEndorsementKey);
+
+ [helpstring("method TakeOwnerShip")]
+ HRESULT TakeOwnerShip([in] ITCPAKey* pKeySRK,
+ [in] ITCPAKey* pEndorsementKeyPubKey);
+
+ [helpstring("method ClearOwner")]
+ HRESULT ClearOwner([in] BOOL fForcedClear);
+
+ [helpstring("method SetStatus")]
+ HRESULT SetStatus([in] TSS_FLAG statusFlag,
+ [in] BOOL fTpmState);
+
+ [helpstring("method GetStatus")]
+ HRESULT GetStatus([in] TSS_FLAG statusFlag,
+ [out] BOOL* pfTpmState);
+
+ [helpstring("method AuthorizeMigrationTicket")]
+ HRESULT AuthorizeMigrationTicket([in] ITCPAKey* pMigrationKey,
+ [in] UINT32 MigrationScheme,
+ [out] UINT32* pulMigTicketLength,
+ [out, size_is(, *pulMigTicketLength)] BYTE** ppbMigTicket);
+ }
+
+ //ITCPAIntegrity Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C22-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAIntegrity Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAIntegrity : IUnknown
+ {
+ [helpstring("method PcrExtend")]
+ HRESULT PcrExtend([in] UINT32 ulPcrIndex,
+ [in] UINT32 ulPcrDataLength,
+ [in, size_is(ulPcrDataLength)] BYTE* pbPcrData,
+ [in, ptr] TSS_PCR_EVENT* pEventInfo,
+ [out] UINT32* pulPcrValueLength,
+ [out, size_is(, *pulPcrValueLength)] BYTE** ppbPcrValue);
+
+ [helpstring("method PcrRead")]
+ HRESULT PcrRead([in] UINT32 ulPcrIndex,
+ [out] UINT32* pulPcrValueLength,
+ [out, size_is(, *pulPcrValueLength)] BYTE** ppbPcrValue);
+
+ [helpstring("method DirWrite")]
+ HRESULT DirWrite([in] UINT32 ulDirIndex,
+ [in] UINT32 ulDirDataLength,
+ [in, size_is(ulDirDataLength)] BYTE* pbDirData);
+
+ [helpstring("method DirRead")]
+ HRESULT DirRead([in] UINT32 ulDirIndex,
+ [out] UINT32* pulDirDataLength,
+ [out, size_is(, *pulDirDataLength)] BYTE** pbDirData);
+
+ [helpstring("method Quote")]
+ HRESULT Quote([in] ITCPAKey* pIdentKey,
+ [in] ITCPAPcrs* pPcrComposite,
+ [in, out, ptr] TSS_VALIDATION* pValidation);
+ };
+
+ //ITCPAIdentityCreation Interface
+ [
+ object,
+ uuid(FBCD9C23-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAIdentityCreation Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAIdentityCreation: IUnknown
+ {
+ [helpstring("method CollateIdentityRequest")]
+ HRESULT CollateIdentityRequest([in] ITCPAKey* pKeySRK,
+ [in] ITCPAKey* pCAPubKey,
+ [in] UINT32 ulIdentityLabelLength,
+ [in, size_is(ulIdentityLabelLength)] BYTE* rgbIdentityLabelData,
+ [in] ITCPAKey* pIdentityKey,
+ [in] TSS_ALGORITHM_ID algID,
+ [out] UINT32* pulTCPAIdentityReqLength,
+ [out, size_is(, *pulTCPAIdentityReqLength)] BYTE** prgbTCPAIdentityReq);
+
+ [helpstring("method ActivateIdentity")]
+ HRESULT ActivateIdentity([in] ITCPAKey* pIdentityKey,
+ [in] UINT32 ulAsymCAContentsBlobLength,
+ [in, size_is(ulAsymCAContentsBlobLength)] BYTE* rgbAsymCAContentsBlob,
+ [in] UINT32 ulSymCAAttestationBlobLength,
+ [in, size_is(ulSymCAAttestationBlobLength)] BYTE* rgbSymCAAttestationBlob,
+ [out] UINT32* pulCredentialLength,
+ [out, size_is(, *pulCredentialLength)] BYTE** prgbCredential);
+
+ }; // end of ITCPAIdentityCreation
+
+ //ITCPAMaintenance Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C25-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAMaintenance Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAMaintenance: IUnknown
+ {
+
+// HRESULT CreateMaintenanceArchive
+// HRESULT KillMaintenanceFeature
+// HRESULT LoadMaintenancePubKey
+// HRESULT CheckMaintenancePubKey
+
+ };
+
+ //ITCPATpm Interface
+ [
+ uuid(FBCD9C21-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPATpm Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPATpm : IUnknown
+ {
+ [helpstring("method GetRandom")]
+ HRESULT GetRandom([in] UINT32 ulRandomDataLength,
+ [out, size_is(, ulRandomDataLength)] BYTE** ppbData);
+
+ [helpstring("method StirRandom")]
+ HRESULT StirRandom([in] UINT32 ulEntropyDataLength,
+ [in, size_is(ulEntropyDataLength)] BYTE* pbData);
+
+ [helpstring("method GetCapability")]
+ HRESULT GetCapability([in] TSS_FLAG CapArea,
+ [in] UINT32 ulSubCapLength,
+ [in, ptr, size_is(ulSubCapLength)] BYTE* pbSubCap,
+ [out] UINT32* pulRespDataLength,
+ [out, size_is(, *pulRespDataLength)] BYTE** ppbRespData);
+
+ [helpstring("method GetCapabilitySigned")]
+ HRESULT GetCapabilitySigned([in] ITCPAKey* pKey,
+ [in] TSS_FLAG CapArea,
+ [in] UINT32 ulSubCapLength,
+ [in, ptr, size_is(ulSubCapLength)] BYTE* pbSubCap,
+ [in, out, ptr] TSS_VALIDATION *pValidation,
+ [out] UINT32* pulRespDataLength,
+ [out, size_is(, *pulRespDataLength)] BYTE** ppbRespData);
+
+// HRESULT GetEvent
+// HRESULT GetEvents
+// HRESULT GetEventLog
+
+ };
+
+ //ITCPAPersistentStorage Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C1C-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAPersistentStorage Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAPersistentStorage: IUnknown
+ {
+ [helpstring("method LoadKeyByUUID")]
+ HRESULT LoadKeyByUUID([in] TSS_FLAG persistentStorageType,
+ [in] TSS_UUID uuidData,
+ [out] ITCPAKey** ppKey);
+
+ [helpstring("method RegisterKey")]
+ HRESULT RegisterKey([in] ITCPAKey* pKey,
+ [in] TSS_FLAG persistentStorageType,
+ [in] TSS_UUID uuidKey,
+ [in] TSS_FLAG persistentStorageTypeParent,
+ [in] TSS_UUID uuidParentKey);
+
+ [helpstring("method UnregisterKey")]
+ HRESULT UnregisterKey([in] TSS_FLAG persistentStorageType,
+ [in] TSS_UUID uuidKey,
+ [out] ITCPAKey** ppKey);
+
+ [helpstring("method DeleteKeyByUUID")]
+ HRESULT DeleteKeyByUUID([in] TSS_FLAG persistentStorageType,
+ [in] TSS_UUID uuidData);
+
+ [helpstring("method GetKeyByUUID")]
+ HRESULT GetKeyByUUID([in] TSS_FLAG persistentStorageType,
+ [in] TSS_UUID uuidData,
+ [out] ITCPAKey** ppKey);
+
+ [helpstring("method GetKeyByPublicInfo")]
+ HRESULT GetKeyByPublicInfo([in] TSS_FLAG persistentStorageType,
+ [in] TSS_ALGORITHM_ID ulAlgId,
+ [in] UINT32 ulPublicInfoLength,
+ [in, size_is(ulPublicInfoLength)] BYTE* pbPublicInfo,
+ [out] ITCPAKey** ppKey);
+
+ [helpstring("method GetRegisteredKeysByUUID")]
+ HRESULT GetRegisteredKeysByUUID([in] TSS_FLAG ulPersistentStorageType,
+ [in] LPOLESTR wszKeyGuid,
+ [out] UINT32* pulKeyHierarchySize,
+ [out, size_is(, *pulKeyHierarchySize)] TSS_KM_KEYINFO** ppKeyHierarchy);
+ }
+
+ //ITCPAContext Interface
+ [
+ local,
+ object,
+ uuid(FBCD9C1B-72CB-47BB-99DD-2317551491DE),
+
+ helpstring("ITCPAContext Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPAContext : IUnknown
+ {
+ [helpstring("method Connect")]
+ HRESULT Connect([in, ptr] LPOLESTR wszRemoteMachine);
+
+ [helpstring("method CreateObject")]
+ HRESULT CreateObject([in] UINT32 ulObjectType,
+ [in] UINT32 ulInitFlags,
+ [out] IUnknown** ppUnkObject);
+
+// HRESULT CloseObject
+
+
+ [helpstring("method LoadKeyByBlob")]
+ HRESULT LoadKeyByBlob([in] ITCPAKey* pUnwrappingKey,
+ [in] UINT32 ulBlobLength,
+ [in, size_is(ulBlobLength)] BYTE* pbBlobData,
+ [out] ITCPAKey** ppKey);
+
+ [helpstring("method GetTPMObject")]
+ HRESULT GetTPMObject([out] ITCPATpm** ppTPMObject);
+
+ [helpstring("method GetDefaultPolicy")]
+ HRESULT GetDefaultPolicy([out] ITCPAPolicy** ppPolicyObject);
+
+ [helpstring("method GetCapability")]
+ HRESULT GetCapability([in] TSS_FLAG ulCapArea,
+ [in] UINT32 ulSubCapLength,
+ [in, ptr, size_is(ulSubCapLength)] BYTE* pbSubCap,
+ [out] UINT32* pulRespDataLength,
+ [out, size_is(, *pulRespDataLength)] BYTE** ppbRespData);
+ };
+
+ //ITCPANonVolatileStorage Interface
+ [
+ object,
+ uuid(4730c51b-8998-43f6-993b-80befea1d404),
+
+ helpstring("ITCPANonVolatileStorage Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPANonVolatileStorage : IUnknown
+ {
+ [helpstring("method DefineSpace")]
+ HRESULT DefineSpace([in] ITCPAPcrs* pPCRsRead,
+ [in] ITCPAPcrs* pPCRsWrite);
+
+ [helpstring("method ReleaseSpace")]
+ HRESULT ReleaseSpace();
+
+ [helpstring("method WriteValue")]
+ HRESULT WriteValue([in] UINT32 ulOffset,
+ [in] UINT32 ulDataLength,
+ [in, size_is(ulDataLength)] BYTE* rgbData);
+
+ [helpstring("method ReadValue")]
+ HRESULT ReadValue([in] UINT32 ulOffset,
+ [in, out] UINT32* pulDataLength,
+ [out, size_is(, *pulDataLength)] BYTE** prgbData);
+ };
+
+ //ITCPATransport Interface
+ [
+ object,
+ uuid(4730c51d-8998-43f6-993b-80befea1d404),
+
+ helpstring("ITCPATransport Interface"),
+ pointer_default(unique)
+ ]
+ interface ITCPATransport : IUnknown
+ {
+ [helpstring("method SetTransEncryptionKey")]
+ HRESULT SetTransEncryptionKey([in] ITCPAKey* pKey);
+
+ [helpstring("method CloseSignTransport")]
+ HRESULT CloseSignTransport([in] ITCPAKey* pSigningKey,
+ [in, out, ptr] TSS_VALIDATION* pValidationData);
+ };
+
+[
+ uuid(FBCD9C19-72CB-47BB-99DD-2317551491DE),
+ version(1.0),
+ helpstring("TSS Service Provider 1.0 Type Library")
+]
+library TSPLib
+{
+ importlib("stdole32.tlb");
+ importlib("stdole2.tlb");
+
+ interface ITCPAContext;
+ //TCPAContext Class
+ [
+ uuid(FBCD9C1A-72CB-47BB-99DD-2317551491DE),
+ helpstring("TCPAContext Class")
+ ]
+ coclass TCPAContext
+ {
+ [default] interface ITCPAContext;
+ interface ITCPAAttrib;
+ interface ITCPAPersistentStorage;
+ };
+
+ //TCPAContext2 Class extensions for TSS v1.2
+ [
+ uuid(4730C51E-8998-43F6-993B-80BEFEA1D404),
+ helpstring("TCPAContext2 Class")
+ ]
+ coclass TCPAContext2
+ {
+ [default] interface ITCPAContext;
+ interface ITCPAAttrib;
+ interface ITCPAPersistentStorage;
+ interface ITCPATransport;
+ };
+
+ // _ITCPACallback Interface for TCPAPolicy Class
+ [
+ uuid(FBCD9C1F-72CB-47BB-99DD-2317551491DE),
+ helpstring("_ITCPACallback Interface"),
+ pointer_default(unique)
+ ]
+ interface _ITCPACallback : IUnknown
+ {
+ [helpstring("method Tspicb_CallbackHMACAuth"), callback]
+ HRESULT Tspicb_CallbackHMACAuth([in] UINT32 PulAppData,
+ [in] IUnknown *PpAuthorizedObject,
+ [in] BOOL PfReturnOrVerify,
+ [in] UINT32 PulPendingFunction,
+ [in] BOOL PfContinueUse,
+ [in] UINT32 PulSizeNonces,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceEven,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceOdd,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceEvenOSAP,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceOddOSAP,
+ [in] UINT32 PulSizeDigestHmac,
+ [in, size_is(PulSizeDigestHmac)] BYTE* PrgbParamDigest,
+ [in, out, size_is(PulSizeDigestHmac)] BYTE* PrgbHmacData);
+
+ [helpstring("method Tspicb_CallbackXorEnc"), callback]
+ HRESULT Tspicb_CallbackXorEnc([in] UINT32 PulAppData,
+ [in] IUnknown *PpOSAPObject,
+ [in] IUnknown *PpObject,
+ [in] BOOL PfPurposeSecret,
+ [in] UINT32 PulSizeNonces,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceEven,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceOdd,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceEvenOSAP,
+ [in, size_is(PulSizeNonces)] BYTE* PrgbNonceOddOSAP,
+ [in] UINT32 PulSizeEncAuth,
+ [out, size_is(PulSizeEncAuth)] BYTE* PrgbEncAuthUsage,
+ [out, size_is(PulSizeEncAuth)] BYTE* PrgbEncAuthMigration);
+
+ [helpstring("method Tspicb_CallbackTakeOwnership"), callback]
+ HRESULT Tspicb_CallbackTakeOwnership([in] UINT32 PulAppData,
+ [in] IUnknown *PpObject,
+ [in] IUnknown *PpObjectPubKey,
+ [in] UINT32 PulSizeEncAuth,
+ [out, size_is(PulSizeEncAuth)] BYTE* PrgbEncAuth );
+
+ [helpstring("method Tspicb_CallbackChangeAuthAsym"), callback]
+ HRESULT Tspicb_CallbackChangeAuthAsym([in] UINT32 PulAppData,
+ [in] IUnknown *PpObject,
+ [in] IUnknown *PpObjectPubKey,
+ [in] UINT32 PulSizeEncAuth,
+ [in] UINT32 PulSizeAuthLink,
+ [out, size_is(PulSizeEncAuth)] BYTE* PrgbEncAuth,
+ [out, size_is(PulSizeAuthLink)] BYTE* PrgbAuthLink);
+ }; // end of _ITCPACallback
+
+ //TCPAPolicy Class
+ [
+ uuid(FBCD9C1D-72CB-47BB-99DD-2317551491DE),
+ helpstring("TCPAPolicy Class"),
+ noncreatable
+ ]
+
+ coclass TCPAPolicy
+ {
+ [default] interface ITCPAPolicy;
+ interface ITCPAAttrib;
+ [default, source] interface _ITCPACallback;
+ };
+
+ //TCPATpm Class
+ [
+ uuid(FBCD9C20-72CB-47BB-99DD-2317551491DE),
+ helpstring("TCPATpm Class"),
+ noncreatable
+ ]
+ coclass TCPATpm
+ {
+ [default] interface ITCPATpm;
+ interface ITCPAAttrib;
+ interface ITCPAAuth;
+ interface ITCPAIntegrity;
+ interface ITCPAAdministration;
+ interface ITCPAIdentityCreation;
+ interface ITCPAMaintenance;
+ };
+
+ //TCPAKey Class
+ [
+ uuid(FBCD9C26-72CB-47BB-99DD-2317551491DE),
+ helpstring("TCPAKey Class"),
+ noncreatable
+ ]
+ coclass TCPAKey
+ {
+ [default] interface ITCPAKey;
+ interface ITCPAAttrib;
+ interface ITCPAAuth;
+ interface ITCPAMigration;
+ };
+
+ //TCPAEncData Class
+ [
+ uuid(FBCD9C28-72CB-47BB-99DD-2317551491DE),
+ helpstring("TCPAEncData Class"),
+ noncreatable
+ ]
+ coclass TCPAEncData
+ {
+ [default] interface ITCPAEncData;
+ interface ITCPAAttrib;
+ interface ITCPAAuth;
+ };
+
+ //TCPAHash Class
+ [
+ uuid(FBCD9C2A-72CB-47BB-99DD-2317551491DE),
+ helpstring("TCPAHash Class"),
+ noncreatable
+ ]
+ coclass TCPAHash
+ {
+ [default] interface ITCPAHash;
+ interface ITCPAAttrib;
+ };
+
+ //TCPAPcrs Class
+ [
+ uuid(FBCD9C2C-72CB-47BB-99DD-2317551491DE),
+ helpstring("TCPAPcrs Class"),
+ noncreatable
+ ]
+ coclass TCPAPcrs
+ {
+ [default] interface ITCPAPcrs;
+ };
+
+ //TCPANonVolatileStorage Class
+ [
+ uuid(4730c51c-8998-43f6-993b-80befea1d404),
+ helpstring("TCPANonVolatileStorage Class"),
+ noncreatable
+ ]
+ coclass TCPANonVolatileStorage
+ {
+ [default] interface ITCPANonVolatileStorage;
+ interface ITCPAAttrib;
+ interface ITCPAAuth;
+ };
+
+}; // end of library TSPLib
diff --git a/src/include/tss/compat11b.h b/src/include/tss/compat11b.h new file mode 100644 index 0000000..28c7304 --- /dev/null +++ b/src/include/tss/compat11b.h @@ -0,0 +1,200 @@ +
+#ifndef __COMPAT11B_H__
+#define __COMPAT11B_H__
+
+#include <tss/tpm.h>
+
+#define TCPA_Vendor_Specific32 TPM_Vendor_Specific32
+#define TCPA_Vendor_Specific8 TPM_Vendor_Specific8
+
+typedef TSS_UNICODE UNICODE;
+typedef TPM_DIGEST TCPA_DIGEST;
+typedef TPM_NONCE TCPA_NONCE;
+typedef TPM_NONCE TCPA_SALT_NONCE;
+typedef TPM_PUBKEY TCPA_PUBKEY;
+typedef TPM_SECRET TCPA_SECRET;
+typedef TPM_KEY TCPA_KEY;
+typedef TPM_DIRVALUE TCPA_DIRVALUE;
+typedef TPM_COMMAND_CODE TCPA_COMMAND_CODE;
+typedef TPM_BOUND_DATA TCPA_BOUND_DATA;
+typedef TPM_STRUCT_VER TCPA_VERSION;
+typedef TPM_RESULT TCPA_RESULT;
+typedef TPM_PAYLOAD_TYPE TCPA_PAYLOAD_TYPE;
+typedef TPM_STORE_PRIVKEY TCPA_STORE_PRIVKEY;
+typedef TPM_CHOSENID_HASH TCPA_CHOSENID_HASH;
+typedef TPM_SYMMETRIC_KEY TCPA_SYMMETRIC_KEY;
+typedef TPM_PCR_INFO TCPA_PCR_INFO;
+typedef TPM_PCR_SELECTION TCPA_PCR_SELECTION;
+typedef TPM_STORED_DATA TCPA_STORED_DATA;
+typedef TPM_SEALED_DATA TCPA_SEALED_DATA;
+typedef TPM_KEY_FLAGS TCPA_KEY_FLAGS;
+typedef TPM_KEY_PARMS TCPA_KEY_PARMS;
+typedef TPM_STORE_PUBKEY TCPA_STORE_PUBKEY;
+typedef TPM_MIGRATIONKEYAUTH TCPA_MIGRATIONKEYAUTH;
+typedef TPM_RSA_KEY_PARMS TCPA_RSA_KEY_PARMS;
+typedef TPM_CERTIFY_INFO TCPA_CERTIFY_INFO;
+typedef TPM_STORE_ASYMKEY TCPA_STORE_ASYMKEY;
+typedef TPM_ENCAUTH TCPA_ENCAUTH;
+typedef TPM_PCRINDEX TCPA_PCRINDEX;
+typedef TPM_PCRVALUE TCPA_PCRVALUE;
+typedef TPM_DIRINDEX TCPA_DIRINDEX;
+typedef TPM_PROTOCOL_ID TCPA_PROTOCOL_ID;
+typedef TPM_ALGORITHM_ID TCPA_ALGORITHM_ID;
+typedef TPM_ENTITY_TYPE TCPA_ENTITY_TYPE;
+typedef TPM_CAPABILITY_AREA TCPA_CAPABILITY_AREA;
+typedef TPM_HMAC TCPA_HMAC;
+typedef TPM_MIGRATE_SCHEME TCPA_MIGRATE_SCHEME;
+typedef TPM_PHYSICAL_PRESENCE TCPA_PHYSICAL_PRESENCE;
+typedef TPM_KEY_HANDLE TCPA_KEY_HANDLE;
+typedef TPM_KEY_HANDLE_LIST TCPA_KEY_HANDLE_LIST;
+typedef TPM_PCR_COMPOSITE TCPA_PCR_COMPOSITE;
+typedef TPM_AUTH_DATA_USAGE TCPA_AUTH_DATA_USAGE;
+typedef TPM_AUTHDATA TCPA_AUTHDATA;
+typedef TPM_KEY_USAGE TCPA_KEY_USAGE;
+typedef TPM_COMPOSITE_HASH TCPA_COMPOSITE_HASH;
+typedef TPM_QUOTE_INFO TCPA_QUOTE_INFO;
+typedef TPM_TAG TCPA_TAG;
+typedef TPM_ENC_SCHEME TCPA_ENC_SCHEME;
+typedef TPM_SIG_SCHEME TCPA_SIG_SCHEME;
+typedef TPM_STARTUP_TYPE TCPA_STARTUP_TYPE;
+typedef TPM_AUTHHANDLE TCPA_AUTHHANDLE;
+typedef TPM_SYM_CA_ATTESTATION TCPA_SYM_CA_ATTESTATION;
+typedef TPM_ASYM_CA_CONTENTS TCPA_ASYM_CA_CONTENTS;
+typedef TPM_IDENTITY_REQ TCPA_IDENTITY_REQ;
+typedef TPM_IDENTITY_PROOF TCPA_IDENTITY_PROOF;
+
+// These were removed from the 1.2 TPM spec
+typedef UINT32 TCPA_ENCHANDLE;
+typedef UINT32 TCPA_EVENTTYPE;
+typedef struct tdTCPA_AUDIT_EVENT {
+ TCPA_COMMAND_CODE ordinal;
+ TCPA_RESULT returncode;
+} TCPA_AUDIT_EVENT;
+
+#define TCPA_SHA1_160_HASH_LEN TPM_SHA1_160_HASH_LEN
+#define TCPA_SHA1BASED_NONCE_LEN TPM_SHA1BASED_NONCE_LEN
+
+#define redirection TSS_KEYFLAG_REDIRECTION
+#define migratable TSS_KEYFLAG_MIGRATABLE
+#define volatileKey TSS_KEYFLAG_VOLATILEKEY
+
+#define TCPA_ET_KEYHANDLE TPM_ET_KEYHANDLE
+#define TCPA_ET_KEY TPM_ET_KEY
+#define TCPA_ET_OWNER TPM_ET_OWNER
+#define TCPA_ET_SRK TPM_ET_SRK
+#define TCPA_ET_DATA TPM_ET_DATA
+
+#define TCPA_PID_OIAP TPM_PID_OIAP
+#define TCPA_PID_OSAP TPM_PID_OSAP
+#define TCPA_PID_ADIP TPM_PID_ADIP
+#define TCPA_PID_ADCP TPM_PID_ADCP
+#define TCPA_PID_OWNER TPM_PID_OWNER
+
+#define TCPA_PT_ASYM TPM_PT_ASYM
+#define TCPA_PT_BIND TPM_PT_BIND
+#define TCPA_PT_MIGRATE TPM_PT_MIGRATE
+#define TCPA_PT_MAINT TPM_PT_MAINT
+#define TCPA_PT_SEAL TPM_PT_SEAL
+
+#define TCPA_CAP_ALG TPM_CAP_ALG
+#define TCPA_CAP_ORD TPM_CAP_ORD
+#define TCPA_CAP_PID TPM_CAP_PID
+#define TCPA_CAP_FLAG TPM_CAP_FLAG
+#define TCPA_CAP_VERSION TPM_CAP_VERSION
+#define TCPA_CAP_PROPERTY TPM_CAP_PROPERTY
+#define TCPA_CAP_KEY_HANDLE TPM_CAP_KEY_HANDLE
+#define TCPA_CAP_CHECK_LOADED TPM_CAP_CHECK_LOADED
+
+#define TCPA_ALG_RSA TPM_ALG_RSA
+#define TCPA_ALG_DES TPM_ALG_DES
+#define TCPA_ALG_3DES TPM_ALG_3DES
+#define TCPA_ALG_SHA TPM_ALG_SHA
+#define TCPA_ALG_HMAC TPM_ALG_HMAC
+#define TCPA_ALG_AES TPM_ALG_AES
+
+#define TCPA_PROTECTED_ORDINAL TPM_PROTECTED_ORDINAL
+#define TCPA_UNPROTECTED_ORDINAL TPM_UNPROTECTED_ORDINAL
+#define TCPA_CONNECTION_ORDINAL TPM_CONNECTION_ORDINAL
+
+#define TCPA_PROTECTED_COMMAND TPM_PROTECTED_COMMAND
+#define TCPA_UNPROTECTED_COMMAND TPM_UNPROTECTED_COMMAND
+#define TCPA_CONNECTION_COMMAND TPM_CONNECTION_COMMAND
+#define TCPA_VENDOR_COMMAND TPM_VENDOR_COMMAND
+
+#define TCPA_MAIN TPM_MAIN
+#define TCPA_PC TPM_PC
+#define TCPA_PDA TPM_PDA
+#define TCPA_CELL_PHONE TPM_CELL_PHONE
+
+#define TCPA_MS_MIGRATE TPM_MS_MIGRATE
+#define TCPA_MS_REWRAP TPM_MS_REWRAP
+#define TCPA_MS_MAINT TPM_MS_MAINT
+
+#define TCPA_ES_NONE TPM_ES_NONE
+#define TCPA_ES_RSAESPKCSv15 TPM_ES_RSAESPKCSv15
+#define TCPA_ES_RSAESOAEP_SHA1_MGF1 TPM_ES_RSAESOAEP_SHA1_MGF1
+
+#define TCPA_SS_NONE TPM_SS_NONE
+#define TCPA_SS_RSASSAPKCS1v15_SHA1 TPM_SS_RSASSAPKCS1v15_SHA1
+#define TCPA_SS_RSASSAPKCS1v15_DER TPM_SS_RSASSAPKCS1v15_DER
+#define TCPA_SS_RSASSAPKCS1v15_INFO TPM_SS_RSASSAPKCS1v15_INFO
+
+#define TCPA_PHYSICAL_PRESENCE_LIFETIME_LOCK TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK
+#define TCPA_PHYSICAL_PRESENCE_HW_ENABLE TPM_PHYSICAL_PRESENCE_HW_ENABLE
+#define TCPA_PHYSICAL_PRESENCE_CMD_ENABLE TPM_PHYSICAL_PRESENCE_CMD_ENABLE
+#define TCPA_PHYSICAL_PRESENCE_LOCK TPM_PHYSICAL_PRESENCE_LOCK
+#define TCPA_PHYSICAL_PRESENCE_PRESENT TPM_PHYSICAL_PRESENCE_PRESENT
+#define TCPA_PHYSICAL_PRESENCE_NOTPRESENT TPM_PHYSICAL_PRESENCE_NOTPRESENT
+
+#define TCPA_SUCCESS TPM_SUCCESS
+#define TCPA_E_BASE TPM_E_BASE
+#define TCPA_E_NON_FATAL TPM_E_NON_FATAL
+#define TCPA_E_AUTHFAIL TPM_E_AUTHFAIL
+#define TCPA_E_BAD_PARAMETER TPM_E_BAD_PARAMETER
+#define TCPA_E_BADINDEX TPM_E_BADINDEX
+#define TCPA_E_AUDITFAILURE TPM_E_AUDITFAILURE
+#define TCPA_E_CLEAR_DISABLED TPM_E_CLEAR_DISABLED
+#define TCPA_E_DEACTIVATED TPM_E_DEACTIVATED
+#define TCPA_E_DISABLED TPM_E_DISABLED
+#define TCPA_E_DISABLED_CMD TPM_E_DISABLED_CMD
+#define TCPA_E_FAIL TPM_E_FAIL
+#define TCPA_E_INACTIVE TPM_E_BAD_ORDINAL
+#define TCPA_E_INSTALL_DISABLED TPM_E_INSTALL_DISABLED
+#define TCPA_E_INVALID_KEYHANDLE TPM_E_INVALID_KEYHANDLE
+#define TCPA_E_KEYNOTFOUND TPM_E_KEYNOTFOUND
+#define TCPA_E_NEED_SELFTEST TPM_E_INAPPROPRIATE_ENC
+#define TCPA_E_MIGRATEFAIL TPM_E_MIGRATEFAIL
+#define TCPA_E_NO_PCR_INFO TPM_E_INVALID_PCR_INFO
+#define TCPA_E_NOSPACE TPM_E_NOSPACE
+#define TCPA_E_NOSRK TPM_E_NOSRK
+#define TCPA_E_NOTSEALED_BLOB TPM_E_NOTSEALED_BLOB
+#define TCPA_E_OWNER_SET TPM_E_OWNER_SET
+#define TCPA_E_RESOURCES TPM_E_RESOURCES
+#define TCPA_E_SHORTRANDOM TPM_E_SHORTRANDOM
+#define TCPA_E_SIZE TPM_E_SIZE
+#define TCPA_E_WRONGPCRVAL TPM_E_WRONGPCRVAL
+#define TCPA_E_BAD_PARAM_SIZE TPM_E_BAD_PARAM_SIZE
+#define TCPA_E_SHA_THREAD TPM_E_SHA_THREAD
+#define TCPA_E_SHA_ERROR TPM_E_SHA_ERROR
+#define TCPA_E_FAILEDSELFTEST TPM_E_FAILEDSELFTEST
+#define TCPA_E_AUTH2FAIL TPM_E_AUTH2FAIL
+#define TCPA_E_BADTAG TPM_E_BADTAG
+#define TCPA_E_IOERROR TPM_E_IOERROR
+#define TCPA_E_ENCRYPT_ERROR TPM_E_ENCRYPT_ERROR
+#define TCPA_E_DECRYPT_ERROR TPM_E_DECRYPT_ERROR
+#define TCPA_E_INVALID_AUTHHANDLE TPM_E_INVALID_AUTHHANDLE
+#define TCPA_E_NO_ENDORSEMENT TPM_E_NO_ENDORSEMENT
+#define TCPA_E_INVALID_KEYUSAGE TPM_E_INVALID_KEYUSAGE
+#define TCPA_E_WRONG_ENTITYTYPE TPM_E_WRONG_ENTITYTYPE
+#define TCPA_E_INVALID_POSTINIT TPM_E_INVALID_POSTINIT
+#define TCPA_E_INAPPROPRIATE_SIG TPM_E_INAPPROPRIATE_SIG
+#define TCPA_E_BAD_KEY_PROPERTY TPM_E_BAD_KEY_PROPERTY
+#define TCPA_E_BAD_MIGRATION TPM_E_BAD_MIGRATION
+#define TCPA_E_BAD_SCHEME TPM_E_BAD_SCHEME
+#define TCPA_E_BAD_DATASIZE TPM_E_BAD_DATASIZE
+#define TCPA_E_BAD_MODE TPM_E_BAD_MODE
+#define TCPA_E_BAD_PRESENCE TPM_E_BAD_PRESENCE
+#define TCPA_E_BAD_VERSION TPM_E_BAD_VERSION
+#define TCPA_E_RETRY TPM_E_RETRY
+
+#endif
diff --git a/src/include/tss/platform.h b/src/include/tss/platform.h new file mode 100644 index 0000000..495afc7 --- /dev/null +++ b/src/include/tss/platform.h @@ -0,0 +1,46 @@ +/*++
+
+There are platform dependent and general defines.
+
+--*/
+
+#ifndef TSS_PLATFORM_H
+#define TSS_PLATFORM_H
+
+
+/* The default implementation is to use stdint.h, a part of the C99 standard.
+ * Systems that don't support this are handled on a case-by-case basis.
+ */
+
+#if !defined(WIN32)
+#include <stdint.h>
+ typedef uint8_t BYTE;
+ typedef int8_t TSS_BOOL;
+ typedef uint16_t UINT16;
+ typedef uint32_t UINT32;
+ typedef uint64_t UINT64;
+
+ typedef uint16_t TSS_UNICODE;
+ typedef void* PVOID;
+
+#elif defined(WIN32)
+#include <basetsd.h>
+ typedef unsigned char BYTE;
+ typedef signed char TSS_BOOL;
+#ifndef _BASETSD_H_
+ // basetsd.h provides definitions of UINT16, UINT32 and UINT64.
+ typedef unsigned short UINT16;
+ typedef unsigned long UINT32;
+ typedef unsigned __int64 UINT64;
+#endif
+ typedef unsigned short TSS_UNICODE;
+ typedef void* PVOID;
+#endif
+
+
+/* Include this so that applications that use names as defined in the
+ * 1.1 TSS specification can still compile
+ */
+#include <tss/compat11b.h>
+
+#endif // TSS_PLATFORM_H
diff --git a/src/include/tss/tcpa_defines.h b/src/include/tss/tcpa_defines.h new file mode 100644 index 0000000..ea0a994 --- /dev/null +++ b/src/include/tss/tcpa_defines.h @@ -0,0 +1,7 @@ +
+#ifndef __TCPA_DEFINES_H__
+#define __TCPA_DEFINES_H__
+
+#warning including deprecated header file tcpa_defines.h
+
+#endif
diff --git a/src/include/tss/tcpa_error.h b/src/include/tss/tcpa_error.h new file mode 100644 index 0000000..6391227 --- /dev/null +++ b/src/include/tss/tcpa_error.h @@ -0,0 +1,7 @@ +
+#ifndef __TCPA_ERROR_H__
+#define __TCPA_ERROR_H__
+
+#warning including deprecated header file tcpa_error.h
+
+#endif
diff --git a/src/include/tss/tcpa_struct.h b/src/include/tss/tcpa_struct.h new file mode 100644 index 0000000..8ba7db7 --- /dev/null +++ b/src/include/tss/tcpa_struct.h @@ -0,0 +1,7 @@ +
+#ifndef __TCPA_STRUCT_H__
+#define __TCPA_STRUCT_H__
+
+#warning including deprecated header file tcpa_struct.h
+
+#endif
diff --git a/src/include/tss/tcpa_typedef.h b/src/include/tss/tcpa_typedef.h new file mode 100644 index 0000000..9bcac88 --- /dev/null +++ b/src/include/tss/tcpa_typedef.h @@ -0,0 +1,7 @@ +
+#ifndef __TCPA_TYPEDEF_H__
+#define __TCPA_TYPEDEF_H__
+
+#warning including deprecated header file tcpa_typedef.h
+
+#endif
diff --git a/src/include/tss/tcs.h b/src/include/tss/tcs.h new file mode 100644 index 0000000..f2ec7f4 --- /dev/null +++ b/src/include/tss/tcs.h @@ -0,0 +1,1129 @@ +#ifndef TCS_H
+#define TCS_H
+#include <tss/platform.h>
+#include <tss/tss_structs.h>
+#include <tss/tcs_typedef.h>
+#include <tss/tcs_defines.h>
+#include <tss/tcs_structs.h>
+#include <tss/tcs_error.h>
+#include <tss/tpm.h>
+
+#if defined __cplusplus
+extern "C" {
+#endif
+
+extern TSS_RESULT Tcsi_OpenContext
+(
+ TCS_CONTEXT_HANDLE* hContext // out
+);
+extern TSS_RESULT Tcsi_CloseContext
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsi_FreeMemory
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ BYTE* pMemory // in
+);
+extern TSS_RESULT Tcsi_GetCapability
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ UINT32* respSize, // out
+ BYTE** resp // out
+);
+extern TSS_RESULT Tcsi_RegisterKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID WrappingKeyUUID, // in
+ TSS_UUID KeyUUID, // in
+ UINT32 cKeySize, // in
+ BYTE* rgbKey, // in
+ UINT32 cVendorDataSize, // in
+ BYTE* gbVendorData // in
+);
+extern TSS_RESULT Tcsip_UnregisterKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID // in
+);
+extern TSS_RESULT Tcsip_KeyControlOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ UINT32 ulPubKeyLength, // in
+ BYTE* prgbPubKey, // in
+ UINT32 attribName, // in
+ TSS_BOOL attribValue, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TSS_UUID* pUuidData // out
+);
+extern TSS_RESULT Tcsi_EnumRegisteredKeys
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID* pKeyUUID, // in
+ UINT32* pcKeyHierarchySize, // out
+ TSS_KM_KEYINFO** ppKeyHierarchy // out
+);
+extern TSS_RESULT Tcsi_GetRegisteredKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID, // in
+ TSS_KM_KEYINFO** ppKeyInfo // out
+);
+extern TSS_RESULT Tcsi_GetRegisteredKeyBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID, // in
+ UINT32* pcKeySize, // out
+ BYTE** prgbKey // out
+);
+extern TSS_RESULT Tcsip_GetRegisteredKeyByPublicInfo
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulPublicInfoLength, // in
+ BYTE* rgbPublicInfo, // in
+ UINT32* keySize, // out
+ BYTE** keyBlob // out
+);
+extern TSS_RESULT Tcsip_LoadKeyByBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hUnwrappingKey, // in
+ UINT32 cWrappedKeyBlobSize, // in
+ BYTE* rgbWrappedKeyBlob, // in
+ TPM_AUTH* pAuth, // in, out
+ TCS_KEY_HANDLE* phKeyTCSI, // out
+ TCS_KEY_HANDLE* phKeyHMAC // out
+);
+extern TSS_RESULT Tcsip_LoadKeyByUUID
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID, // in
+ TCS_LOADKEY_INFO* pLoadKeyInfo, // in, out
+ TCS_KEY_HANDLE* phKeyTCSI // out
+);
+extern TSS_RESULT Tcsip_EvictKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey // in
+);
+extern TSS_RESULT Tcsip_CreateWrapKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hWrappingKey, // in
+ TPM_ENCAUTH KeyUsageAuth, // in
+ TPM_ENCAUTH KeyMigrationAuth, // in
+ UINT32 keyInfoSize, // in
+ BYTE* keyInfo, // in
+ TPM_AUTH* pAuth, // in, out
+ UINT32* keyDataSize, // out
+ BYTE** keyData // out
+);
+extern TSS_RESULT Tcsip_GetPubKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ TPM_AUTH* pAuth, // in, out
+ UINT32* pcPubKeySize, // out
+ BYTE** prgbPubKey // out
+);
+extern TSS_RESULT Tcsip_MakeIdentity
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENCAUTH identityAuth, // in
+ TPM_CHOSENID_HASH IDLabel_PrivCAHash, // in
+ UINT32 idIdentityKeyInfoSize, // in
+ BYTE* idIdentityKeyInfo, // in
+ TPM_AUTH* pSrkAuth, // in, out
+ TPM_AUTH* pOwnerAuth, // in, out
+ UINT32* idIdentityKeySize, // out
+ BYTE** idIdentityKey, // out
+ UINT32* pcIdentityBindingSize, // out
+ BYTE** prgbIdentityBinding, // out
+ UINT32* pcEndorsementCredentialSize, // out
+ BYTE** prgbEndorsementCredential, // out
+ UINT32* pcPlatformCredentialSize, // out
+ BYTE** prgbPlatformCredential, // out
+ UINT32* pcConformanceCredentialSize, // out
+ BYTE** prgbConformanceCredential // out
+);
+extern TSS_RESULT Tcsip_MakeIdentity2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENCAUTH identityAuth, // in
+ TPM_CHOSENID_HASH IDLabel_PrivCAHash, // in
+ UINT32 idIdentityKeyInfoSize, // in
+ BYTE* idIdentityKeyInfo, // in
+ TPM_AUTH* pSrkAuth, // in, out
+ TPM_AUTH* pOwnerAuth, // in, out
+ UINT32* idIdentityKeySize, // out
+ BYTE** idIdentityKey, // out
+ UINT32* pcIdentityBindingSize, // out
+ BYTE** prgbIdentityBinding // out
+);
+extern TSS_RESULT Tcsi_LogPcrEvent
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_PCR_EVENT Event, // in
+ UINT32* pNumber // out
+);
+extern TSS_RESULT Tcsi_GetPcrEvent
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 PcrIndex, // in
+ UINT32* pNumber, // in, out
+ TSS_PCR_EVENT** ppEvent // out
+);
+extern TSS_RESULT Tcsi_GetPcrEventsByPcr
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 PcrIndex, // in
+ UINT32 FirstEvent, // in
+ UINT32* pEventCount, // in, out
+ TSS_PCR_EVENT** ppEvents // out
+);
+extern TSS_RESULT Tcsi_GetPcrEventLog
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* pEventCount, // out
+ TSS_PCR_EVENT** ppEvents // out
+);
+extern TSS_RESULT Tcsip_SetOwnerInstall
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL state // in
+);
+extern TSS_RESULT Tcsip_TakeOwnership
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT16 protocolID, // in
+ UINT32 encOwnerAuthSize, // in
+ BYTE* encOwnerAuth, // in
+ UINT32 encSrkAuthSize, // in
+ BYTE* encSrkAuth, // in
+ UINT32 srkKeyInfoSize, // in
+ BYTE* srkKeyInfo, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* srkKeyDataSize, // out
+ BYTE** srkKeyData // out
+);
+extern TSS_RESULT Tcsip_SetOperatorAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_SECRET operatorAuth // in
+);
+extern TSS_RESULT Tcsip_OIAP
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_AUTHHANDLE* authHandle, // out
+ TPM_NONCE* nonce0 // out
+);
+extern TSS_RESULT Tcsip_OSAP
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENTITY_TYPE entityType, // in
+ UINT32 entityValue, // in
+ TPM_NONCE nonceOddOSAP, // in
+ TCS_AUTHHANDLE* authHandle, // out
+ TPM_NONCE* nonceEven, // out
+ TPM_NONCE* nonceEvenOSAP // out
+);
+extern TSS_RESULT Tcsip_ChangeAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TPM_PROTOCOL_ID protocolID, // in
+ TPM_ENCAUTH newAuth, // in
+ TPM_ENTITY_TYPE entityType, // in
+ UINT32 encDataSize, // in
+ BYTE* encData, // in
+ TPM_AUTH* ownerAuth, // in, out
+ TPM_AUTH* entityAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_ChangeAuthOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PROTOCOL_ID protocolID, // in
+ TPM_ENCAUTH newAuth, // in
+ TPM_ENTITY_TYPE entityType, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_ChangeAuthAsymStart
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE idHandle, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 TempKeyInfoSize, // in
+ BYTE* TempKeyInfoData, // in
+ TPM_AUTH* pAuth, // in, out
+ UINT32* TempKeySize, // out
+ BYTE** TempKeyData, // out
+ UINT32* CertifyInfoSize, // out
+ BYTE** CertifyInfo, // out
+ UINT32* sigSize, // out
+ BYTE** sig, // out
+ TCS_KEY_HANDLE* ephHandle // out
+);
+extern TSS_RESULT Tcsip_ChangeAuthAsymFinish
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TCS_KEY_HANDLE ephHandle, // in
+ TPM_ENTITY_TYPE entityType, // in
+ TPM_HMAC newAuthLink, // in
+ UINT32 newAuthSize, // in
+ BYTE* encNewAuth, // in
+ UINT32 encDataSizeIn, // in
+ BYTE* encDataIn, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* encDataSizeOut, // out
+ BYTE** encDataOut, // out
+ TPM_NONCE* saltNonce, // out
+ TPM_DIGEST* changeProof // out
+);
+extern TSS_RESULT Tcsip_TerminateHandle
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_AUTHHANDLE handle // in
+);
+extern TSS_RESULT Tcsip_ActivateTPMIdentity
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE idKey, // in
+ UINT32 blobSize, // in
+ BYTE* blob, // in
+ TPM_AUTH* idKeyAuth, // in, out
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* SymmetricKeySize, // out
+ BYTE** SymmetricKey // out
+);
+extern TSS_RESULT Tcsip_EstablishTransport
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ulTransControlFlags, // in
+ TCS_KEY_HANDLE hEncKey, // in
+ UINT32 ulTransSessionInfoSize, // in
+ BYTE* rgbTransSessionInfo, // in
+ UINT32 ulSecretSize, // in
+ BYTE* rgbSecret, // in
+ TPM_AUTH* pEncKeyAuth, // in, out
+ TPM_MODIFIER_INDICATOR* pbLocality, // out
+ TCS_HANDLE* hTransSession, // out
+ UINT32* ulCurrentTicksSize, // out
+ BYTE** prgbCurrentTicks, // out
+ TPM_NONCE* pTransNonce // out
+);
+extern TSS_RESULT Tcsip_ExecuteTransport
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_COMMAND_CODE unWrappedCommandOrdinal, // in
+ UINT32 ulWrappedCmdParamInSize, // in
+ BYTE* rgbWrappedCmdParamIn, // in
+ UINT32* pulHandleListSize, // in, out
+ TCS_HANDLE** rghHandles, // in, out
+ TPM_AUTH* pWrappedCmdAuth1, // in, out
+ TPM_AUTH* pWrappedCmdAuth2, // in, out
+ TPM_AUTH* pTransAuth, // in, out
+ UINT64* punCurrentTicks, // out
+ TPM_MODIFIER_INDICATOR* pbLocality, // out
+ TPM_RESULT* pulWrappedCmdReturnCode, // out
+ UINT32* ulWrappedCmdParamOutSize, // out
+ BYTE** rgbWrappedCmdParamOut // out
+);
+extern TSS_RESULT Tcsip_ReleaseTransportSigned
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hSignatureKey, // in
+ TPM_NONCE AntiReplayNonce, // in
+ TPM_AUTH* pKeyAuth, // in, out
+ TPM_AUTH* pTransAuth, // in, out
+ TPM_MODIFIER_INDICATOR* pbLocality, // out
+ UINT32* pulCurrentTicksSize, // out
+ BYTE** prgbCurrentTicks, // out
+ UINT32* pulSignatureSize, // out
+ BYTE** prgbSignature // out
+);
+extern TSS_RESULT Tcsip_Extend
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PCRINDEX pcrNum, // in
+ TPM_DIGEST inDigest, // in
+ TPM_PCRVALUE* outDigest // out
+);
+extern TSS_RESULT Tcsip_PcrRead
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PCRINDEX pcrNum, // in
+ TPM_PCRVALUE* outDigest // out
+);
+extern TSS_RESULT Tcsip_Quote
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 pcrTargetSize, // in
+ BYTE* pcrTarget, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* pcrDataSize, // out
+ BYTE** pcrData, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_Quote2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 pcrTargetSize, // in
+ BYTE* pcrTarget, // in
+ TSS_BOOL addVersion, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* pcrDataSize, // out
+ BYTE** pcrData, // out
+ UINT32* versionInfoSize, // out
+ BYTE** versionInfo, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_DirWriteAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIRINDEX dirIndex, // in
+ TPM_DIRVALUE newContents, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_DirRead
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIRINDEX dirIndex, // in
+ TPM_DIRVALUE* dirValue // out
+);
+extern TSS_RESULT Tcsip_Seal
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_ENCAUTH encAuth, // in
+ UINT32 pcrInfoSize, // in
+ BYTE* PcrInfo, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* pubAuth, // in, out
+ UINT32* SealedDataSize, // out
+ BYTE** SealedData // out
+);
+extern TSS_RESULT Tcsip_Unseal
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 SealedDataSize, // in
+ BYTE* SealedData, // in
+ TPM_AUTH* keyAuth, // in, out
+ TPM_AUTH* dataAuth, // in, out
+ UINT32* DataSize, // out
+ BYTE** Data // out
+);
+extern TSS_RESULT Tcsip_UnBind
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_Sealx
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_ENCAUTH encAuth, // in
+ UINT32 pcrInfoSize, // in
+ BYTE* PcrInfo, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* pubAuth, // in, out
+ UINT32* SealedDataSize, // out
+ BYTE** SealedData // out
+);
+extern TSS_RESULT Tcsip_LoadKey2ByBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hUnwrappingKey, // in
+ UINT32 cWrappedKeyBlobSize, // in
+ BYTE* rgbWrappedKeyBlob, // in
+ TPM_AUTH* pAuth, // in, out
+ TCS_KEY_HANDLE* phKeyTCSI // out
+);
+extern TSS_RESULT Tcsip_CreateMigrationBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TSS_MIGRATE_SCHEME migrationType, // in
+ UINT32 MigrationKeyAuthSize, // in
+ BYTE* MigrationKeyAuth, // in
+ UINT32 encDataSize, // in
+ BYTE* encData, // in
+ TPM_AUTH* parentAuth, // in, out
+ TPM_AUTH* entityAuth, // in, out
+ UINT32* randomSize, // out
+ BYTE** random, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_ConvertMigrationBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ UINT32 randomSize, // in
+ BYTE* random, // in
+ TPM_AUTH* parentAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_AuthorizeMigrationKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_MIGRATE_SCHEME migrateScheme, // in
+ UINT32 MigrationKeySize, // in
+ BYTE* MigrationKey, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* MigrationKeyAuthSize, // out
+ BYTE** MigrationKeyAuth // out
+);
+extern TSS_RESULT Tcsip_CertifyKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE certHandle, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* certAuth, // in, out
+ TPM_AUTH* keyAuth, // in, out
+ UINT32* CertifyInfoSize, // out
+ BYTE** CertifyInfo, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_CertifyKey2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE certHandle, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_DIGEST MSAdigest, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* certAuth, // in, out
+ TPM_AUTH* keyAuth, // in, out
+ UINT32* CertifyInfoSize, // out
+ BYTE** CertifyInfo, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_Sign
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 areaToSignSize, // in
+ BYTE* areaToSign, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_GetRandom
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* bytesRequested, // in, out
+ BYTE** randomBytes // out
+);
+extern TSS_RESULT Tcsip_StirRandom
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 inDataSize, // in
+ BYTE* inData // in
+);
+extern TSS_RESULT Tcsip_GetCapability
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ UINT32* respSize, // out
+ BYTE** resp // out
+);
+extern TSS_RESULT Tcsip_GetCapabilitySigned
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ TPM_AUTH* privAuth, // in, out
+ TPM_VERSION* Version, // out
+ UINT32* respSize, // out
+ BYTE** resp, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_GetCapabilityOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TPM_VERSION* pVersion, // out
+ UINT32* pNonVolatileFlags, // out
+ UINT32* pVolatileFlags // out
+);
+extern TSS_RESULT Tcsip_CreateEndorsementKeyPair
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 endorsementKeyInfoSize, // in
+ BYTE* endorsementKeyInfo, // in
+ UINT32* endorsementKeySize, // out
+ BYTE** endorsementKey, // out
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_ReadPubek
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32* pubEndorsementKeySize, // out
+ BYTE** pubEndorsementKey, // out
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_DisablePubekRead
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_OwnerReadPubek
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* pubEndorsementKeySize, // out
+ BYTE** pubEndorsementKey // out
+);
+extern TSS_RESULT Tcsip_SelfTestFull
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_CertifySelfTest
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_ContinueSelfTest
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_GetTestResult
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_OwnerSetDisable
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL disableState, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_OwnerClear
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_DisableOwnerClear
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_ForceClear
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_DisableForceClear
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_PhysicalDisable
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_PhysicalEnable
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_PhysicalSetDeactivated
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL state // in
+);
+extern TSS_RESULT Tcsip_SetTempDeactivated
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_SetTempDeactivated2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* pOperatorAuth // in, out
+);
+extern TSS_RESULT Tcsip_OwnerReadInternalPub
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ UINT32* punPubKeySize, // out
+ BYTE** ppbPubKeyData // out
+);
+extern TSS_RESULT Tcsip_PhysicalPresence
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PHYSICAL_PRESENCE fPhysicalPresence // in
+);
+extern TSS_RESULT Tcsip_FieldUpgrade
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 dataInSize, // in
+ BYTE* dataIn, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* dataOutSize, // out
+ BYTE** dataOut // out
+);
+extern TSS_RESULT Tcsip_ResetLockValue
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_FlushSpecific
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_HANDLE hResHandle, // in
+ TPM_RESOURCE_TYPE resourceType // in
+);
+extern TSS_RESULT Tcsip_SetRedirection
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 c1, // in
+ UINT32 c2, // in
+ TPM_AUTH* privAuth // in, out
+);
+extern TSS_RESULT Tcsip_DSAP
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENTITY_TYPE entityType, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE nonceOddDSAP, // in
+ UINT32 entityValueSize, // in
+ BYTE* entityValue, // in
+ TCS_AUTHHANDLE* authHandle, // out
+ TPM_NONCE* nonceEven, // out
+ TPM_NONCE* nonceEvenDSAP // out
+);
+extern TSS_RESULT Tcsip_Delegate_Manage
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_FAMILY_ID familyID, // in
+ TPM_FAMILY_OPERATION opFlag, // in
+ UINT32 opDataSize, // in
+ BYTE* opData, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* retDataSize, // out
+ BYTE** retData // out
+);
+extern TSS_RESULT Tcsip_Delegate_CreateKeyDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ UINT32 publicInfoSize, // in
+ BYTE* publicInfo, // in
+ TPM_ENCAUTH encDelAuth, // in
+ TPM_AUTH* keyAuth, // in, out
+ UINT32* blobSize, // out
+ BYTE** blob // out
+);
+extern TSS_RESULT Tcsip_Delegate_CreateOwnerDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL increment, // in
+ UINT32 publicInfoSize, // in
+ BYTE* publicInfo, // in
+ TPM_ENCAUTH encDelAuth, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* blobSize, // out
+ BYTE** blob // out
+);
+extern TSS_RESULT Tcsip_Delegate_LoadOwnerDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DELEGATE_INDEX index, // in
+ UINT32 blobSize, // in
+ BYTE* blob, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_Delegate_UpdateVerificationCount
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 inputSize, // in
+ BYTE* input, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outputSize, // out
+ BYTE** output // out
+);
+extern TSS_RESULT Tcsip_Delegate_VerifyDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 delegateSize, // in
+ BYTE* delegate // in
+);
+extern TSS_RESULT Tcsip_Delegate_ReadTable
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* pulFamilyTableSize, // out
+ BYTE** ppFamilyTable, // out
+ UINT32* pulDelegateTableSize, // out
+ BYTE** ppDelegateTable // out
+);
+extern TSS_RESULT Tcsip_NV_DefineOrReleaseSpace
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 cPubInfoSize, // in
+ BYTE* pPubInfo, // in
+ TPM_ENCAUTH encAuth, // in
+ TPM_AUTH* pAuth // in, out
+);
+extern TSS_RESULT Tcsip_NV_WriteValue
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToWrite, // in
+ TPM_AUTH* privAuth // in, out
+);
+extern TSS_RESULT Tcsip_NV_WriteValueAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToWrite, // in
+ TPM_AUTH* NVAuth // in, out
+);
+extern TSS_RESULT Tcsip_NV_ReadValue
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32* pulDataLength, // in, out
+ TPM_AUTH* privAuth, // in, out
+ BYTE** rgbDataRead // out
+);
+extern TSS_RESULT Tcsip_NV_ReadValueAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32* pulDataLength, // in, out
+ TPM_AUTH* NVAuth, // in, out
+ BYTE** rgbDataRead // out
+);
+extern TSS_RESULT Tcsip_CreateMaintenanceArchive
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL generateRandom, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* randomSize, // out
+ BYTE** random, // out
+ UINT32* archiveSize, // out
+ BYTE** archive // out
+);
+extern TSS_RESULT Tcsip_LoadMaintenanceArchive
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 dataInSize, // in
+ BYTE* dataIn, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* dataOutSize, // out
+ BYTE** dataOut // out
+);
+extern TSS_RESULT Tcsip_KillMaintenanceFeature
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_LoadManuMaintPub
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 PubKeySize, // in
+ BYTE* PubKey, // in
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_ReadManuMaintPub
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_CreateRevocableEndorsementKeyPair
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 endorsementKeyInfoSize, // in
+ BYTE* endorsementKeyInfo, // in
+ TSS_BOOL GenResetAuth, // in
+ TPM_DIGEST* EKResetAuth, // in, out
+ UINT32* endorsementKeySize, // out
+ BYTE** endorsementKey, // out
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_RevokeEndorsementKeyPair
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIGEST EKResetAuth // in
+);
+extern TSS_RESULT Tcsip_PcrReset
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 pcrTargetSize, // in
+ BYTE* pcrTarget // in
+);
+extern TSS_RESULT Tcsip_ReadCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_COUNTER_VALUE* counterValue // out
+);
+extern TSS_RESULT Tcsip_CreateCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 LabelSize, // in (=4)
+ BYTE* pLabel, // in
+ TPM_ENCAUTH CounterAuth, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TSS_COUNTER_ID* idCounter, // out
+ TPM_COUNTER_VALUE* counterValue // out
+);
+extern TSS_RESULT Tcsip_IncrementCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_AUTH* pCounterAuth, // in, out
+ TPM_COUNTER_VALUE* counterValue // out
+);
+extern TSS_RESULT Tcsip_ReleaseCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_AUTH* pCounterAuth // in, out
+);
+extern TSS_RESULT Tcsip_ReleaseCounterOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_AUTH* pOwnerAuth // in, out
+);
+extern TSS_RESULT Tcsip_ReadCurrentTicks
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* pulCurrentTimeSize, // out
+ BYTE** prgbCurrentTime // out
+);
+extern TSS_RESULT Tcsip_TickStampBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ TPM_NONCE antiReplay, // in
+ TPM_DIGEST digestToStamp, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* pulSignatureLength, // out
+ BYTE** prgbSignature, // out
+ UINT32* pulTickCountSize, // out
+ BYTE** prgbTickCount // out
+);
+extern TSS_RESULT Tcsip_TPM_DAA_Join
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_HANDLE handle, // in
+ BYTE stage, // in
+ UINT32 inputSize0, // in
+ BYTE* inputData0, // in
+ UINT32 inputSize1, // in
+ BYTE* inputData1, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outputSize, // out
+ BYTE** outputData // out
+);
+extern TSS_RESULT Tcsip_TPM_DAA_Sign
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_HANDLE handle, // in
+ BYTE stage, // in
+ UINT32 inputSize0, // in
+ BYTE* inputData0, // in
+ UINT32 inputSize1, // in
+ BYTE* inputData1, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outputSize, // out
+ BYTE** outputData // out
+);
+extern TSS_RESULT Tcsip_MigrateKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hMaKey, // in
+ UINT32 PublicKeySize, // in
+ BYTE* PublicKey, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_CMK_SetRestrictions
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_CMK_DELEGATE Restriction, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_CMK_ApproveMA
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIGEST migAuthorityDigest, // in
+ TPM_AUTH* ownerAuth, // in, out
+ TPM_HMAC* HmacMigAuthDigest // out
+);
+extern TSS_RESULT Tcsip_CMK_CreateKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hWrappingKey, // in
+ TPM_ENCAUTH KeyUsageAuth, // in
+ TPM_HMAC MigAuthApproval, // in
+ TPM_DIGEST MigAuthorityDigest, // in
+ UINT32* keyDataSize, // in, out
+ BYTE** prgbKeyData, // in, out
+ TPM_AUTH* pAuth // in, out
+);
+extern TSS_RESULT Tcsip_CMK_CreateTicket
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 PublicVerifyKeySize, // in
+ BYTE* PublicVerifyKey, // in
+ TPM_DIGEST SignedData, // in
+ UINT32 SigValueSize, // in
+ BYTE* SigValue, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TPM_HMAC* SigTicket // out
+);
+extern TSS_RESULT Tcsip_CMK_CreateBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TSS_MIGRATE_SCHEME migrationType, // in
+ UINT32 MigrationKeyAuthSize, // in
+ BYTE* MigrationKeyAuth, // in
+ TPM_DIGEST PubSourceKeyDigest, // in
+ UINT32 msaListSize, // in
+ BYTE* msaList, // in
+ UINT32 restrictTicketSize, // in
+ BYTE* restrictTicket, // in
+ UINT32 sigTicketSize, // in
+ BYTE* sigTicket, // in
+ UINT32 encDataSize, // in
+ BYTE* encData, // in
+ TPM_AUTH* parentAuth, // in, out
+ UINT32* randomSize, // out
+ BYTE** random, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_CMK_ConvertMigration
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TPM_CMK_AUTH restrictTicket, // in
+ TPM_HMAC sigTicket, // in
+ UINT32 keyDataSize, // in
+ BYTE* prgbKeyData, // in
+ UINT32 msaListSize, // in
+ BYTE* msaList, // in
+ UINT32 randomSize, // in
+ BYTE* random, // in
+ TPM_AUTH* parentAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_SetCapability
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ UINT32 valueSize, // in
+ BYTE* value, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_GetAuditDigest
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 startOrdinal, // in
+ TPM_DIGEST* auditDigest, // out
+ UINT32* counterValueSize, // out
+ BYTE** counterValue, // out
+ TSS_BOOL* more, // out
+ UINT32* ordSize, // out
+ UINT32** ordList // out
+);
+extern TSS_RESULT Tcsip_GetAuditDigestSigned
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TSS_BOOL closeAudit, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* counterValueSize, // out
+ BYTE** counterValue, // out
+ TPM_DIGEST* auditDigest, // out
+ TPM_DIGEST* ordinalDigest, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_SetOrdinalAuditStatus
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ordinalToAudit, // in
+ TSS_BOOL auditState, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsi_Admin_TSS_SessionsPerLocality
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ulLocality, // in
+ UINT32 ulSessions, // in
+ TPM_AUTH* pOwnerAuth // in, out
+);
+extern TSS_RESULT Tcsi_GetCredential
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ulCredentialType, // in
+ UINT32 ulCredentialAccessMode, // in
+ UINT32* pulCredentialSize, // out
+ BYTE** prgbCredentialData // out
+);
+
+#if defined __cplusplus
+} // extern "C"
+#endif
+
+#endif /* TCS_H */
diff --git a/src/include/tss/tcs_defines.h b/src/include/tss/tcs_defines.h new file mode 100644 index 0000000..5b0d192 --- /dev/null +++ b/src/include/tss/tcs_defines.h @@ -0,0 +1,28 @@ +/*++
+
+TSS Core Service structures
+
+*/
+
+#ifndef __TCS_DEFINES_H__
+#define __TCS_DEFINES_H__
+
+#define TSS_TCSATTRIB_TRANSPORT_DEFAULT ((UINT32)(0x00000000))
+#define TSS_TCSATTRIB_TRANSPORT_EXCLUSIVE ((UINT32)(0x00000001))
+
+
+// Values for the ulCredentialType parameter to Tcsi_GetCredential
+#define TSS_TCS_CREDENTIAL_EKCERT ((UINT32)0x00000001)
+#define TSS_TCS_CREDENTIAL_TPM_CC ((UINT32)0x00000002)
+#define TSS_TCS_CREDENTIAL_PLATFORMCERT ((UINT32)0x00000003)
+
+
+// Values for the ulCredentialAccessMode parameter to Tcsi_GetCredential
+// TSS_TCS_CERT_ACCESS_AUTO triggers the default behavior.
+// Values with TSS_TCS_CERT_VENDOR_SPECIFIC_BIT set trigger
+// vendor specific behavior.
+#define TSS_TCS_CERT_ACCESS_AUTO ((UINT32)0x00000001)
+
+#define TSS_TCS_CERT_VENDOR_SPECIFIC_BIT ((UINT32)0x80000000)
+
+#endif // __TCS_DEFINES_H__
diff --git a/src/include/tss/tcs_error.h b/src/include/tss/tcs_error.h new file mode 100644 index 0000000..2a64c34 --- /dev/null +++ b/src/include/tss/tcs_error.h @@ -0,0 +1,56 @@ +/*++
+
+TSS Core Service error return codes
+
+--*/
+
+#ifndef __TCS_ERROR_H__
+#define __TCS_ERROR_H__
+
+
+#ifndef TSS_E_BASE
+#define TSS_E_BASE 0x00000000L
+#endif // TSS_E_BASE
+
+// The context handle supplied is invalid.
+#define TCS_E_INVALID_CONTEXTHANDLE (UINT32)(TSS_E_BASE + 0x0C1L)
+
+// The key handle supplied is invalid.
+#define TCS_E_INVALID_KEYHANDLE (UINT32)(TSS_E_BASE + 0x0C2L)
+
+// The authorization session handle supplied is invalid.
+#define TCS_E_INVALID_AUTHHANDLE (UINT32)(TSS_E_BASE + 0x0C3L)
+
+// the auth session has been closed by the TPM
+#define TCS_E_INVALID_AUTHSESSION (UINT32)(TSS_E_BASE + 0x0C4L)
+
+// the key has been unloaded
+#define TCS_E_INVALID_KEY (UINT32)(TSS_E_BASE + 0x0C5L)
+
+// Key addressed by the application key handle does not match the key addressed
+// by the given UUID.
+#define TCS_E_KEY_MISMATCH (UINT32)(TSS_E_BASE + 0x0C8L)
+
+// Key adressed by Key's UUID cannot be loaded because one of the required
+// parent keys needs authorization.
+#define TCS_E_KM_LOADFAILED (UINT32)(TSS_E_BASE + 0x0CAL)
+
+// The Key Cache Manager could not reload the key into the TPM.
+#define TCS_E_KEY_CONTEXT_RELOAD (UINT32)(TSS_E_BASE + 0x0CCL)
+
+// Bad memory index
+#define TCS_E_BAD_INDEX (UINT32)(TSS_E_BASE + 0x0CDL)
+
+
+// These TCS_E_ macros are defined by name in the TSS spec, however
+// they are defined to have the same values as the TSS_E_ equivalents.
+#define TCS_SUCCESS TSS_SUCCESS
+#define TCS_E_KEY_ALREADY_REGISTERED TSS_E_KEY_ALREADY_REGISTERED
+#define TCS_E_KEY_NOT_REGISTERED TSS_E_KEY_NOT_REGISTERED
+#define TCS_E_BAD_PARAMETER TSS_E_BAD_PARAMETER
+#define TCS_E_OUTOFMEMORY TSS_E_OUTOFMEMORY
+#define TCS_E_SIZE TSS_E_SIZE
+#define TCS_E_NOTIMPL TSS_E_NOTIMPL
+#define TCS_E_INTERNAL_ERROR TSS_E_INTERNAL_ERROR
+
+#endif // __TCS_ERROR_H__
diff --git a/src/include/tss/tcs_structs.h b/src/include/tss/tcs_structs.h new file mode 100644 index 0000000..30b3fb9 --- /dev/null +++ b/src/include/tss/tcs_structs.h @@ -0,0 +1,40 @@ +/*++
+
+TSS Core Service structures
+
+*/
+
+#ifndef __TCS_STRUCT_H__
+#define __TCS_STRUCT_H__
+
+#include <tss/tpm.h>
+#include <tss/tss_structs.h>
+#include <tss/tcs_typedef.h>
+
+typedef struct tdTCS_AUTH
+{
+ TCS_AUTHHANDLE AuthHandle;
+ TPM_NONCE NonceOdd; // system
+ TPM_NONCE NonceEven; // TPM
+ TSS_BOOL fContinueAuthSession;
+ TPM_AUTHDATA HMAC;
+} TCS_AUTH;
+
+// This is kept for legacy compatibility
+typedef TCS_AUTH TPM_AUTH;
+
+
+typedef struct tdTCS_LOADKEY_INFO
+{
+ TSS_UUID keyUUID;
+ TSS_UUID parentKeyUUID;
+ TPM_DIGEST paramDigest; // SHA1 digest of the TPM_LoadKey
+ // Command input parameters
+ // As defined in TPM Main Specification
+ TPM_AUTH authData; // Data regarding a valid auth
+ // Session including the
+ // HMAC digest
+} TCS_LOADKEY_INFO;
+
+#endif // __TCS_STRUCT_H__
+
diff --git a/src/include/tss/tcs_typedef.h b/src/include/tss/tcs_typedef.h new file mode 100644 index 0000000..0c89839 --- /dev/null +++ b/src/include/tss/tcs_typedef.h @@ -0,0 +1,32 @@ +/*++
+
+Global typedefs for TSS Core Service
+
+*/
+
+#ifndef __TCS_TYPEDEF_H__
+#define __TCS_TYPEDEF_H__
+
+#include <tss/tss_structs.h>
+#include <tss/tpm.h>
+
+typedef UINT32 TCS_AUTHHANDLE;
+typedef UINT32 TCS_CONTEXT_HANDLE;
+typedef UINT32 TCS_KEY_HANDLE;
+typedef UINT32 TCS_HANDLE;
+
+
+// Substitution definitions for TCS-IDL
+typedef TPM_ENCAUTH TCG_ENCAUTH;
+typedef TPM_NONCE TCG_NONCE;
+typedef TPM_ENTITY_TYPE TCG_ENTITY_TYPE;
+typedef TPM_PCRINDEX TCG_PCRINDEX;
+typedef TPM_DIGEST TCG_DIGEST;
+typedef TPM_PCRVALUE TCG_PCRVALUE;
+typedef TPM_DIRVALUE TCG_DIRVALUE;
+typedef TPM_DIRINDEX TCG_DIRINDEX;
+
+
+
+#endif // __TCS_TYPEDEF_H__
+
diff --git a/src/include/tss/tddl_error.h b/src/include/tss/tddl_error.h new file mode 100644 index 0000000..b63ca11 --- /dev/null +++ b/src/include/tss/tddl_error.h @@ -0,0 +1,51 @@ +/*++
+
+TPM Device Driver Library error return codes
+
+--*/
+
+#ifndef __TDDL_ERROR_H__
+#define __TDDL_ERROR_H__
+
+#include <tss/tss_error_basics.h>
+#include <tss/tss_error.h>
+
+
+#ifndef TSS_E_BASE
+#define TSS_E_BASE 0x00000000L
+#endif // TSS_E_BASE
+
+
+//
+// specific error codes returned by the TPM device driver library
+// offset TSS_TDDL_OFFSET
+//
+#define TDDL_E_FAIL TSS_E_FAIL
+#define TDDL_E_TIMEOUT TSS_E_TIMEOUT
+
+// The connection was already established.
+#define TDDL_E_ALREADY_OPENED (UINT32)(TSS_E_BASE + 0x081L)
+
+// The device was not connected.
+#define TDDL_E_ALREADY_CLOSED (UINT32)(TSS_E_BASE + 0x082L)
+
+// The receive buffer is too small.
+#define TDDL_E_INSUFFICIENT_BUFFER (UINT32)(TSS_E_BASE + 0x083L)
+
+// The command has already completed.
+#define TDDL_E_COMMAND_COMPLETED (UINT32)(TSS_E_BASE + 0x084L)
+
+// TPM aborted processing of command.
+#define TDDL_E_COMMAND_ABORTED (UINT32)(TSS_E_BASE + 0x085L)
+
+// The request could not be performed because of an I/O device error.
+#define TDDL_E_IOERROR (UINT32)(TSS_E_BASE + 0x087L)
+
+// Unsupported TAG is requested
+#define TDDL_E_BADTAG (UINT32)(TSS_E_BASE + 0x088L)
+
+// the requested TPM component was not found
+#define TDDL_E_COMPONENT_NOT_FOUND (UINT32)(TSS_E_BASE + 0x089L)
+
+#endif // __TDDL_ERROR_H__
+
diff --git a/src/include/tss/tddlapi_error.h b/src/include/tss/tddlapi_error.h new file mode 100644 index 0000000..f021150 --- /dev/null +++ b/src/include/tss/tddlapi_error.h @@ -0,0 +1,54 @@ +/*++
+
+TDDL error return codes for the TPM Device Driver Library Interface (TDDLI)
+
+--*/
+
+#ifndef __TDDLAPI_ERROR_H__
+#define __TDDLAPI_ERROR_H__
+
+
+//
+// error coding scheme for a Microsoft Windows platform -
+// refer to the TSS Specification Parts
+//
+// Values are 32 bit values layed out as follows:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// +---+-+-+-----------------------+-------+-----------------------+
+// |Lev|C|R| Facility | Layer | Code |
+// +---+-+-+-----------------------+-------+-----------------------+
+// | Platform specific coding | TSS error coding system |
+// +---+-+-+-----------------------+-------+-----------------------+
+//
+// Lev - is the Level code
+//
+// 00 - Success
+// 01 - Informational
+// 10 - Warning
+// 11 - Error
+//
+// C - is the Customer code flag (must actually be set)
+//
+// R - is a reserved bit (unused)
+//
+// Facility - is the facility code: TCPA: proposal 0x028
+//
+// Code - is the facility's status code
+//
+
+
+// no macros are used below intentionally
+// for a better error code recognition by the reader
+
+// note that the values of TPM_E_BASE and TSS_E_BASE, TSS_W_BASE and TSS_I_BASE
+// have to be adjusted for a platform other than Windows
+
+//
+// TPM specific error codes (layer nibble set to TPM layer TSS_LAYER_TPM)
+//
+
+
+#endif // __TDDLAPI_ERROR_H__
+
diff --git a/src/include/tss/tddli.h b/src/include/tss/tddli.h new file mode 100644 index 0000000..bfd6045 --- /dev/null +++ b/src/include/tss/tddli.h @@ -0,0 +1,94 @@ +/*++
+
+TPM Device Driver Library interface
+
+--*/
+
+#ifndef __TDDLI_H__
+#define __TDDLI_H__
+
+#include <tss/tss_typedef.h>
+#include <tss/tddl_error.h>
+
+#if !defined(TDDLI)
+#ifdef WIN32
+// --- This should be used on Windows platforms
+#ifdef TDDLI_EXPORTS
+#define TDDLI __declspec(dllexport)
+#else
+#define TDDLI __declspec(dllimport)
+#endif
+#else
+#define TDDLI
+#endif
+#endif /* !defined(TDDLI) */
+
+
+#define TDDL_CAP_VERSION 0x0100
+#define TDDL_CAP_VER_DRV 0x0101
+#define TDDL_CAP_VER_FW 0x0102
+#define TDDL_CAP_VER_FW_DATE 0x0103
+
+#define TDDL_CAP_PROPERTY 0x0200
+#define TDDL_CAP_PROP_MANUFACTURER 0x0201
+#define TDDL_CAP_PROP_MODULE_TYPE 0x0202
+#define TDDL_CAP_PROP_GLOBAL_STATE 0x0203
+
+
+//--------------------------------------------------------------------
+// TDDL specific helper redefinitions
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+ //establish a connection to the TPM device driver
+ TDDLI TSS_RESULT Tddli_Open(void);
+
+ //close a open connection to the TPM device driver
+ TDDLI TSS_RESULT Tddli_Close(void);
+
+ //cancels the last outstanding TPM command
+ TDDLI TSS_RESULT Tddli_Cancel(void);
+
+ // read the attributes returned by the TPM HW/FW
+ TDDLI TSS_RESULT Tddli_GetCapability(
+ UINT32 CapArea,
+ UINT32 SubCap,
+ BYTE *pCapBuf,
+ UINT32 *puntCapBufLen);
+
+ // set parameters to the TPM HW/FW
+ TDDLI TSS_RESULT Tddli_SetCapability(
+ UINT32 CapArea,
+ UINT32 SubCap,
+ BYTE *pCapBuf,
+ UINT32 puntCapBufLen);
+
+ // get status of the TPM driver and device
+ TDDLI TSS_RESULT Tddli_GetStatus(
+ UINT32 ReqStatusType,
+ UINT32 *puntStatus);
+
+ // send any data to the TPM module
+ TDDLI TSS_RESULT Tddli_TransmitData(
+ BYTE *pTransmitBuf,
+ UINT32 TransmitBufLen,
+ BYTE *pReceiveBuf,
+ UINT32 *puntReceiveBufLen);
+
+ TDDLI TSS_RESULT Tddli_SetPowerManagement(
+ TSS_BOOL SendSaveStateCommand, // in
+ UINT32 *QuerySetNewTPMPowerState); // in, out
+
+ TDDLI TSS_RESULT Tddli_PowerManagementControl(
+ TSS_BOOL SendPowerManager, // in
+ UINT32 *DriverManagesPowerStates); // out
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // __TDDLI_H__
+
diff --git a/src/include/tss/tpm.h b/src/include/tss/tpm.h new file mode 100644 index 0000000..a9057f3 --- /dev/null +++ b/src/include/tss/tpm.h @@ -0,0 +1,1663 @@ +/*++
+ *
+ * TPM structures extracted from the TPM specification 1.2,
+ * Part 2 (Structures), rev 85.
+ *
+ * Errata:
+ *
+ * *) The individual bits of TPM_STARTUP_EFFECTS were not given names in
+ * the TPM spec so they are not defined in tpm.h.
+ *
+ * *) A few typedefs not present in the TPM 1.2 specification have been
+ * added. This was generally done when the TPM 1.2 spec defined a set of
+ * related values (either bitmasks or enumeration values) but did not
+ * define an associated type to hold these values. The typedefs have been
+ * added and structure fields that were to hold those values have been
+ * switched from generic UINT* types to the more specific types. This was
+ * done to highlight exactly where those #defined values were to be used.
+ * The types that have been added are:
+ * TPM_NV_PER_ATTRIBUTES
+ * TPM_DELEGATE_TYPE
+ *
+ * *) The layout of bitfields within a structure are compiler-dependent
+ * and the use of structure bitfields has been avoided where possible. In
+ * cases where a value is a collection of independent bits the type is
+ * given a name (typedeffed to UINT16 or UINT32 as appropriate) and masks
+ * are #defined to access the individual bits. This is not possible for
+ * TPM_VERSION_BYTE because the fields are 4-bit values. A best attempt
+ * has been made to make this compiler independent but it has only been
+ * checked on GCC and Visual C++ on little-endian machines.
+ *
+ * *) The TPM_DELEGATIONS per1 and per2 fields field are a bitmask but
+ * are defined as a UINT32 because the bitfields have different meaning
+ * based on the type of delegation blob.
+ *
+ * *) The definitions of TPM_PERMANENT_DATA, TPM_STCLEAR_DATA,
+ * TPM_STANY_DATA, and TPM_DELEGATE_TABLE_ROW are commented out. These
+ * structures are internal to the TPM and are not directly accessible by
+ * external software so this should not be a problem.
+ *
+ * *) The definitions of TPM_FAMILY_TABLE and TPM_DELEGATE_TABLE are
+ * commented out because they are variable length arrays internal to the
+ * TPM. As above they are not directly accessible by external software
+ * so this should not be a problem.
+ */
+
+#ifndef __TPM_H__
+#define __TPM_H__
+
+#ifdef __midl
+#define SIZEIS(x) [size_is(x)]
+#else
+#define SIZEIS(x)
+#endif
+
+#include <tss/platform.h>
+
+//-------------------------------------------------------------------
+// Part 2, section 2.1: Basic data types
+typedef BYTE TPM_BOOL;
+#ifndef FALSE
+#define FALSE 0x00
+#define TRUE 0x01
+#endif /* ifndef FALSE */
+
+//-------------------------------------------------------------------
+// Part 2, section 2.3: Helper Redefinitions
+// Many of the helper redefinitions appear later in this file
+// so that they are declared next to the list of valid values
+// they may hold.
+typedef BYTE TPM_LOCALITY_MODIFIER;
+typedef UINT32 TPM_COMMAND_CODE; /* 1.1b */
+typedef UINT32 TPM_COUNT_ID;
+typedef UINT32 TPM_REDIT_COMMAND;
+typedef UINT32 TPM_HANDLE;
+typedef UINT32 TPM_AUTHHANDLE;
+typedef UINT32 TPM_TRANSHANDLE;
+typedef UINT32 TPM_KEYHANDLE;
+typedef UINT32 TPM_DIRINDEX;
+typedef UINT32 TPM_PCRINDEX;
+typedef UINT32 TPM_RESULT;
+typedef UINT32 TPM_MODIFIER_INDICATOR;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 2.2.4: Vendor Specific
+#define TPM_Vendor_Specific32 0x00000400
+#define TPM_Vendor_Specific8 0x80
+
+
+//-------------------------------------------------------------------
+// Part 2, section 3: Structure Tags
+typedef UINT16 TPM_STRUCTURE_TAG;
+#define TPM_TAG_CONTEXTBLOB ((UINT16)0x0001)
+#define TPM_TAG_CONTEXT_SENSITIVE ((UINT16)0x0002)
+#define TPM_TAG_CONTEXTPOINTER ((UINT16)0x0003)
+#define TPM_TAG_CONTEXTLIST ((UINT16)0x0004)
+#define TPM_TAG_SIGNINFO ((UINT16)0x0005)
+#define TPM_TAG_PCR_INFO_LONG ((UINT16)0x0006)
+#define TPM_TAG_PERSISTENT_FLAGS ((UINT16)0x0007)
+#define TPM_TAG_VOLATILE_FLAGS ((UINT16)0x0008)
+#define TPM_TAG_PERSISTENT_DATA ((UINT16)0x0009)
+#define TPM_TAG_VOLATILE_DATA ((UINT16)0x000a)
+#define TPM_TAG_SV_DATA ((UINT16)0x000b)
+#define TPM_TAG_EK_BLOB ((UINT16)0x000c)
+#define TPM_TAG_EK_BLOB_AUTH ((UINT16)0x000d)
+#define TPM_TAG_COUNTER_VALUE ((UINT16)0x000e)
+#define TPM_TAG_TRANSPORT_INTERNAL ((UINT16)0x000f)
+#define TPM_TAG_TRANSPORT_LOG_IN ((UINT16)0x0010)
+#define TPM_TAG_TRANSPORT_LOG_OUT ((UINT16)0x0011)
+#define TPM_TAG_AUDIT_EVENT_IN ((UINT16)0x0012)
+#define TPM_TAG_AUDIT_EVENT_OUT ((UINT16)0x0013)
+#define TPM_TAG_CURRENT_TICKS ((UINT16)0x0014)
+#define TPM_TAG_KEY ((UINT16)0x0015)
+#define TPM_TAG_STORED_DATA12 ((UINT16)0x0016)
+#define TPM_TAG_NV_ATTRIBUTES ((UINT16)0x0017)
+#define TPM_TAG_NV_DATA_PUBLIC ((UINT16)0x0018)
+#define TPM_TAG_NV_DATA_SENSITIVE ((UINT16)0x0019)
+#define TPM_TAG_DELEGATIONS ((UINT16)0x001a)
+#define TPM_TAG_DELEGATE_PUBLIC ((UINT16)0x001b)
+#define TPM_TAG_DELEGATE_TABLE_ROW ((UINT16)0x001c)
+#define TPM_TAG_TRANSPORT_AUTH ((UINT16)0x001d)
+#define TPM_TAG_TRANSPORT_PUBLIC ((UINT16)0x001e)
+#define TPM_TAG_PERMANENT_FLAGS ((UINT16)0x001f)
+#define TPM_TAG_STCLEAR_FLAGS ((UINT16)0x0020)
+#define TPM_TAG_STANY_FLAGS ((UINT16)0x0021)
+#define TPM_TAG_PERMANENT_DATA ((UINT16)0x0022)
+#define TPM_TAG_STCLEAR_DATA ((UINT16)0x0023)
+#define TPM_TAG_STANY_DATA ((UINT16)0x0024)
+#define TPM_TAG_FAMILY_TABLE_ENTRY ((UINT16)0x0025)
+#define TPM_TAG_DELEGATE_SENSITIVE ((UINT16)0x0026)
+#define TPM_TAG_DELG_KEY_BLOB ((UINT16)0x0027)
+#define TPM_TAG_KEY12 ((UINT16)0x0028)
+#define TPM_TAG_CERTIFY_INFO2 ((UINT16)0x0029)
+#define TPM_TAG_DELEGATE_OWNER_BLOB ((UINT16)0x002a)
+#define TPM_TAG_EK_BLOB_ACTIVATE ((UINT16)0x002b)
+#define TPM_TAG_DAA_BLOB ((UINT16)0x002c)
+#define TPM_TAG_DAA_CONTEXT ((UINT16)0x002d)
+#define TPM_TAG_DAA_ENFORCE ((UINT16)0x002e)
+#define TPM_TAG_DAA_ISSUER ((UINT16)0x002f)
+#define TPM_TAG_CAP_VERSION_INFO ((UINT16)0x0030)
+#define TPM_TAG_DAA_SENSITIVE ((UINT16)0x0031)
+#define TPM_TAG_DAA_TPM ((UINT16)0x0032)
+#define TPM_TAG_CMK_MIGAUTH ((UINT16)0x0033)
+#define TPM_TAG_CMK_SIGTICKET ((UINT16)0x0034)
+#define TPM_TAG_CMK_MA_APPROVAL ((UINT16)0x0035)
+#define TPM_TAG_QUOTE_INFO2 ((UINT16)0x0036)
+#define TPM_TAG_DA_INFO ((UINT16)0x0037)
+#define TPM_TAG_DA_INFO_LIMITED ((UINT16)0x0038)
+#define TPM_TAG_DA_ACTION_TYPE ((UINT16)0x0039)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 4: Types
+typedef UINT32 TPM_RESOURCE_TYPE;
+#define TPM_RT_KEY ((UINT32)0x00000001)
+#define TPM_RT_AUTH ((UINT32)0x00000002)
+#define TPM_RT_HASH ((UINT32)0x00000003)
+#define TPM_RT_TRANS ((UINT32)0x00000004)
+#define TPM_RT_CONTEXT ((UINT32)0x00000005)
+#define TPM_RT_COUNTER ((UINT32)0x00000006)
+#define TPM_RT_DELEGATE ((UINT32)0x00000007)
+#define TPM_RT_DAA_TPM ((UINT32)0x00000008)
+#define TPM_RT_DAA_V0 ((UINT32)0x00000009)
+#define TPM_RT_DAA_V1 ((UINT32)0x0000000a)
+
+
+typedef BYTE TPM_PAYLOAD_TYPE; /* 1.1b */
+#define TPM_PT_ASYM ((BYTE)0x01) /* 1.1b */
+#define TPM_PT_BIND ((BYTE)0x02) /* 1.1b */
+#define TPM_PT_MIGRATE ((BYTE)0x03) /* 1.1b */
+#define TPM_PT_MAINT ((BYTE)0x04) /* 1.1b */
+#define TPM_PT_SEAL ((BYTE)0x05) /* 1.1b */
+#define TPM_PT_MIGRATE_RESTRICTED ((BYTE)0x06)
+#define TPM_PT_MIGRATE_EXTERNAL ((BYTE)0x07)
+#define TPM_PT_CMK_MIGRATE ((BYTE)0x08)
+
+
+typedef UINT16 TPM_ENTITY_TYPE; /* 1.1b */
+#define TPM_ET_KEYHANDLE ((UINT16)0x0001) /* 1.1b */
+#define TPM_ET_OWNER ((UINT16)0x0002) /* 1.1b */
+#define TPM_ET_DATA ((UINT16)0x0003) /* 1.1b */
+#define TPM_ET_SRK ((UINT16)0x0004) /* 1.1b */
+#define TPM_ET_KEY ((UINT16)0x0005) /* 1.1b */
+#define TPM_ET_REVOKE ((UINT16)0x0006)
+#define TPM_ET_DEL_OWNER_BLOB ((UINT16)0x0007)
+#define TPM_ET_DEL_ROW ((UINT16)0x0008)
+#define TPM_ET_DEL_KEY_BLOB ((UINT16)0x0009)
+#define TPM_ET_COUNTER ((UINT16)0x000a)
+#define TPM_ET_NV ((UINT16)0x000b)
+#define TPM_ET_OPERATOR ((UINT16)0x000c)
+#define TPM_ET_RESERVED_HANDLE ((UINT16)0x0040)
+
+/* The following values may be ORed into the MSB of the TPM_ENTITY_TYPE
+ * to indicate particular encryption scheme
+ */
+#define TPM_ET_XOR ((BYTE)0x00)
+#define TPM_ET_AES ((BYTE)0x06)
+
+typedef UINT32 TPM_KEY_HANDLE; /* 1.1b */
+#define TPM_KH_SRK ((UINT32)0x40000000)
+#define TPM_KH_OWNER ((UINT32)0x40000001)
+#define TPM_KH_REVOKE ((UINT32)0x40000002)
+#define TPM_KH_TRANSPORT ((UINT32)0x40000003)
+#define TPM_KH_OPERATOR ((UINT32)0x40000004)
+#define TPM_KH_ADMIN ((UINT32)0x40000005)
+#define TPM_KH_EK ((UINT32)0x40000006)
+/* 1.1b used different names, but the same values */
+#define TPM_KEYHND_SRK (TPM_KH_SRK) /* 1.1b */
+#define TPM_KEYHND_OWNER (TPM_KH_OWNER) /* 1.1b */
+
+
+typedef UINT16 TPM_STARTUP_TYPE; /* 1.1b */
+#define TPM_ST_CLEAR ((UINT16)0x0001) /* 1.1b */
+#define TPM_ST_STATE ((UINT16)0x0002) /* 1.1b */
+#define TPM_ST_DEACTIVATED ((UINT16)0x0003) /* 1.1b */
+
+
+//typedef UINT32 TPM_STARTUP_EFFECTS;
+// 32-bit mask, see spec for meaning. Names not currently defined.
+// bits 0-8 have meaning
+
+typedef UINT16 TPM_PROTOCOL_ID; /* 1.1b */
+#define TPM_PID_OIAP ((UINT16)0x0001) /* 1.1b */
+#define TPM_PID_OSAP ((UINT16)0x0002) /* 1.1b */
+#define TPM_PID_ADIP ((UINT16)0x0003) /* 1.1b */
+#define TPM_PID_ADCP ((UINT16)0x0004) /* 1.1b */
+#define TPM_PID_OWNER ((UINT16)0x0005) /* 1.1b */
+#define TPM_PID_DSAP ((UINT16)0x0006)
+#define TPM_PID_TRANSPORT ((UINT16)0x0007)
+
+
+// Note in 1.2 rev 104, DES and 3DES are eliminated
+typedef UINT32 TPM_ALGORITHM_ID; /* 1.1b */
+#define TPM_ALG_RSA ((UINT32)0x00000001) /* 1.1b */
+#define TPM_ALG_DES ((UINT32)0x00000002) /* 1.1b */
+#define TPM_ALG_3DES ((UINT32)0x00000003) /* 1.1b */
+#define TPM_ALG_SHA ((UINT32)0x00000004) /* 1.1b */
+#define TPM_ALG_HMAC ((UINT32)0x00000005) /* 1.1b */
+#define TPM_ALG_AES ((UINT32)0x00000006) /* 1.1b */
+#define TPM_ALG_AES128 (TPM_ALG_AES)
+#define TPM_ALG_MGF1 ((UINT32)0x00000007)
+#define TPM_ALG_AES192 ((UINT32)0x00000008)
+#define TPM_ALG_AES256 ((UINT32)0x00000009)
+#define TPM_ALG_XOR ((UINT32)0x0000000a)
+
+
+typedef UINT16 TPM_PHYSICAL_PRESENCE; /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_LOCK ((UINT16)0x0004) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_PRESENT ((UINT16)0x0008) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_NOTPRESENT ((UINT16)0x0010) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_CMD_ENABLE ((UINT16)0x0020) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_HW_ENABLE ((UINT16)0x0040) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ((UINT16)0x0080) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_CMD_DISABLE ((UINT16)0x0100)
+#define TPM_PHYSICAL_PRESENCE_HW_DISABLE ((UINT16)0x0200)
+
+
+typedef UINT16 TPM_MIGRATE_SCHEME; /* 1.1b */
+#define TPM_MS_MIGRATE ((UINT16)0x0001) /* 1.1b */
+#define TPM_MS_REWRAP ((UINT16)0x0002) /* 1.1b */
+#define TPM_MS_MAINT ((UINT16)0x0003) /* 1.1b */
+#define TPM_MS_RESTRICT_MIGRATE ((UINT16)0x0004)
+#define TPM_MS_RESTRICT_APPROVE_DOUBLE ((UINT16)0x0005)
+
+
+typedef UINT16 TPM_EK_TYPE;
+#define TPM_EK_TYPE_ACTIVATE ((UINT16)0x0001)
+#define TPM_EK_TYPE_AUTH ((UINT16)0x0002)
+
+
+typedef UINT16 TPM_PLATFORM_SPECIFIC;
+#define TPM_PS_PC_11 ((UINT16)0x0001)
+#define TPM_PS_PC_12 ((UINT16)0x0002)
+#define TPM_PS_PDA_12 ((UINT16)0x0003)
+#define TPM_PS_Server_12 ((UINT16)0x0004)
+#define TPM_PS_Mobile_12 ((UINT16)0x0005)
+
+//-------------------------------------------------------------------
+// Part 2, section 5: Basic Structures
+
+typedef struct tdTPM_STRUCT_VER
+{
+ BYTE major;
+ BYTE minor;
+ BYTE revMajor;
+ BYTE revMinor;
+} TPM_STRUCT_VER;
+
+typedef struct tdTPM_VERSION_BYTE
+{
+ // This needs to be made compiler-independent.
+ int leastSigVer : 4; // least significant 4 bits
+ int mostSigVer : 4; // most significant 4 bits
+} TPM_VERSION_BYTE;
+
+typedef struct tdTPM_VERSION
+{
+ BYTE major; // Should really be a TPM_VERSION_BYTE
+ BYTE minor; // Should really be a TPM_VERSION_BYTE
+ BYTE revMajor;
+ BYTE revMinor;
+} TPM_VERSION;
+
+
+// Put this in the right place:
+// byte size definition for 160 bit SHA1 hash value
+#define TPM_SHA1_160_HASH_LEN 0x14
+#define TPM_SHA1BASED_NONCE_LEN TPM_SHA1_160_HASH_LEN
+
+typedef struct tdTPM_DIGEST
+{
+ BYTE digest[TPM_SHA1_160_HASH_LEN];
+} TPM_DIGEST;
+
+typedef TPM_DIGEST TPM_CHOSENID_HASH;
+typedef TPM_DIGEST TPM_COMPOSITE_HASH;
+typedef TPM_DIGEST TPM_DIRVALUE;
+typedef TPM_DIGEST TPM_HMAC;
+typedef TPM_DIGEST TPM_PCRVALUE;
+typedef TPM_DIGEST TPM_AUDITDIGEST;
+
+typedef struct tdTPM_NONCE /* 1.1b */
+{
+ BYTE nonce[TPM_SHA1BASED_NONCE_LEN];
+} TPM_NONCE;
+
+typedef TPM_NONCE TPM_DAA_TPM_SEED;
+typedef TPM_NONCE TPM_DAA_CONTEXT_SEED;
+
+typedef struct tdTPM_AUTHDATA /* 1.1b */
+{
+ BYTE authdata[TPM_SHA1_160_HASH_LEN];
+} TPM_AUTHDATA;
+
+typedef TPM_AUTHDATA TPM_SECRET;
+typedef TPM_AUTHDATA TPM_ENCAUTH;
+
+
+typedef struct tdTPM_KEY_HANDLE_LIST /* 1.1b */
+{
+ UINT16 loaded;
+ SIZEIS(loaded)
+ TPM_KEY_HANDLE *handle;
+} TPM_KEY_HANDLE_LIST;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.8: Key usage values
+
+typedef UINT16 TPM_KEY_USAGE; /* 1.1b */
+#define TPM_KEY_SIGNING ((UINT16)0x0010) /* 1.1b */
+#define TPM_KEY_STORAGE ((UINT16)0x0011) /* 1.1b */
+#define TPM_KEY_IDENTITY ((UINT16)0x0012) /* 1.1b */
+#define TPM_KEY_AUTHCHANGE ((UINT16)0x0013) /* 1.1b */
+#define TPM_KEY_BIND ((UINT16)0x0014) /* 1.1b */
+#define TPM_KEY_LEGACY ((UINT16)0x0015) /* 1.1b */
+#define TPM_KEY_MIGRATE ((UINT16)0x0016)
+
+typedef UINT16 TPM_SIG_SCHEME; /* 1.1b */
+#define TPM_SS_NONE ((UINT16)0x0001) /* 1.1b */
+#define TPM_SS_RSASSAPKCS1v15_SHA1 ((UINT16)0x0002) /* 1.1b */
+#define TPM_SS_RSASSAPKCS1v15_DER ((UINT16)0x0003) /* 1.1b */
+#define TPM_SS_RSASSAPKCS1v15_INFO ((UINT16)0x0004)
+
+typedef UINT16 TPM_ENC_SCHEME; /* 1.1b */
+#define TPM_ES_NONE ((UINT16)0x0001) /* 1.1b */
+#define TPM_ES_RSAESPKCSv15 ((UINT16)0x0002) /* 1.1b */
+#define TPM_ES_RSAESOAEP_SHA1_MGF1 ((UINT16)0x0003) /* 1.1b */
+#define TPM_ES_SYM_CNT ((UINT16)0x0004)
+#define TPM_ES_SYM_CTR TPM_ES_SYM_CNT
+#define TPM_ES_SYM_OFB ((UINT16)0x0005)
+#define TPM_ES_SYM_CBC_PKCS5PAD ((UINT16)0x00ff)
+
+//-------------------------------------------------------------------
+// Part 2, section 5.9: TPM_AUTH_DATA_USAGE values
+
+typedef BYTE TPM_AUTH_DATA_USAGE; /* 1.1b */
+#define TPM_AUTH_NEVER ((BYTE)0x00) /* 1.1b */
+#define TPM_AUTH_ALWAYS ((BYTE)0x01) /* 1.1b */
+#define TPM_AUTH_PRIV_USE_ONLY ((BYTE)0x11)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.10: TPM_KEY_FLAGS flags
+
+typedef UINT32 TPM_KEY_FLAGS; /* 1.1b */
+#define TPM_REDIRECTION ((UINT32)0x00000001) /* 1.1b */
+#define TPM_MIGRATABLE ((UINT32)0x00000002) /* 1.1b */
+#define TPM_VOLATILE ((UINT32)0x00000004) /* 1.1b */
+#define TPM_PCRIGNOREDONREAD ((UINT32)0x00000008)
+#define TPM_MIGRATEAUTHORITY ((UINT32)0x00000010)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.11: TPM_CHANGEAUTH_VALIDATE
+
+typedef struct tdTPM_CHANGEAUTH_VALIDATE
+{
+ TPM_SECRET newAuthSecret;
+ TPM_NONCE n1;
+} TPM_CHANGEAUTH_VALIDATE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH
+// declared after section 10 to catch declaration of TPM_PUBKEY
+
+//-------------------------------------------------------------------
+// Part 2, section 5.13: TPM_COUNTER_VALUE;
+
+typedef UINT32 TPM_ACTUAL_COUNT;
+typedef struct tdTPM_COUNTER_VALUE
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE label[4];
+ TPM_ACTUAL_COUNT counter;
+} TPM_COUNTER_VALUE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.14: TPM_SIGN_INFO structure
+
+typedef struct tdTPM_SIGN_INFO
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE fixed[4];
+ TPM_NONCE replay;
+ UINT32 dataLen;
+ SIZEIS(dataLen)
+ BYTE *data;
+} TPM_SIGN_INFO;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.15: TPM_MSA_COMPOSITE
+
+typedef struct tdTPM_MSA_COMPOSITE
+{
+ UINT32 MSAlist;
+ SIZEIS(MSAlist)
+ TPM_DIGEST *migAuthDigest;
+} TPM_MSA_COMPOSITE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.16: TPM_CMK_AUTH
+
+typedef struct tdTPM_CMK_AUTH
+{
+ TPM_DIGEST migrationAuthorityDigest;
+ TPM_DIGEST destinationKeyDigest;
+ TPM_DIGEST sourceKeyDigest;
+} TPM_CMK_AUTH;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.17: TPM_CMK_DELEGATE
+
+typedef UINT32 TPM_CMK_DELEGATE;
+#define TPM_CMK_DELEGATE_SIGNING (((UINT32)1)<<31)
+#define TPM_CMK_DELEGATE_STORAGE (((UINT32)1)<<30)
+#define TPM_CMK_DELEGATE_BIND (((UINT32)1)<<29)
+#define TPM_CMK_DELEGATE_LEGACY (((UINT32)1)<<28)
+#define TPM_CMK_DELEGATE_MIGRATE (((UINT32)1)<<27)
+
+//-------------------------------------------------------------------
+// Part 2, section 5.18: TPM_SELECT_SIZE
+
+typedef struct tdTPM_SELECT_SIZE
+{
+ BYTE major;
+ BYTE minor;
+ UINT16 reqSize;
+} TPM_SELECT_SIZE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.19: TPM_CMK_MIGAUTH
+
+typedef struct tdTPM_CMK_MIGAUTH
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST msaDigest;
+ TPM_DIGEST pubKeyDigest;
+} TPM_CMK_MIGAUTH;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.20: TPM_CMK_SIGTICKET
+
+typedef struct tdTPM_CMK_SIGTICKET
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST verKeyDigest;
+ TPM_DIGEST signedData;
+} TPM_CMK_SIGTICKET;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.21: TPM_CMK_MA_APPROVAL
+
+typedef struct tdTPM_CMK_MA_APPROVAL
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST migrationAuthorityDigest;
+} TPM_CMK_MA_APPROVAL;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 6: Command Tags
+
+typedef UINT16 TPM_TAG; /* 1.1b */
+#define TPM_TAG_RQU_COMMAND ((UINT16)0x00c1)
+#define TPM_TAG_RQU_AUTH1_COMMAND ((UINT16)0x00c2)
+#define TPM_TAG_RQU_AUTH2_COMMAND ((UINT16)0x00c3)
+#define TPM_TAG_RSP_COMMAND ((UINT16)0x00c4)
+#define TPM_TAG_RSP_AUTH1_COMMAND ((UINT16)0x00c5)
+#define TPM_TAG_RSP_AUTH2_COMMAND ((UINT16)0x00c6)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.1: TPM_PERMANENT_FLAGS
+
+typedef struct tdTPM_PERMANENT_FLAGS
+{
+ TPM_STRUCTURE_TAG tag;
+ TSS_BOOL disable;
+ TSS_BOOL ownership;
+ TSS_BOOL deactivated;
+ TSS_BOOL readPubek;
+ TSS_BOOL disableOwnerClear;
+ TSS_BOOL allowMaintenance;
+ TSS_BOOL physicalPresenceLifetimeLock;
+ TSS_BOOL physicalPresenceHWEnable;
+ TSS_BOOL physicalPresenceCMDEnable;
+ TSS_BOOL CEKPUsed;
+ TSS_BOOL TPMpost;
+ TSS_BOOL TPMpostLock;
+ TSS_BOOL FIPS;
+ TSS_BOOL Operator;
+ TSS_BOOL enableRevokeEK;
+ TSS_BOOL nvLocked;
+ TSS_BOOL readSRKPub;
+ TSS_BOOL tpmEstablished;
+ TSS_BOOL maintenanceDone;
+ TSS_BOOL disableFullDALogicInfo;
+} TPM_PERMANENT_FLAGS;
+
+#define TPM_PF_DISABLE ((UINT32)0x00000001)
+#define TPM_PF_OWNERSHIP ((UINT32)0x00000002)
+#define TPM_PF_DEACTIVATED ((UINT32)0x00000003)
+#define TPM_PF_READPUBEK ((UINT32)0x00000004)
+#define TPM_PF_DISABLEOWNERCLEAR ((UINT32)0x00000005)
+#define TPM_PF_ALLOWMAINTENANCE ((UINT32)0x00000006)
+#define TPM_PF_PHYSICALPRESENCELIFETIMELOCK ((UINT32)0x00000007)
+#define TPM_PF_PHYSICALPRESENCEHWENABLE ((UINT32)0x00000008)
+#define TPM_PF_PHYSICALPRESENCECMDENABLE ((UINT32)0x00000009)
+#define TPM_PF_CEKPUSED ((UINT32)0x0000000A)
+#define TPM_PF_TPMPOST ((UINT32)0x0000000B)
+#define TPM_PF_TPMPOSTLOCK ((UINT32)0x0000000C)
+#define TPM_PF_FIPS ((UINT32)0x0000000D)
+#define TPM_PF_OPERATOR ((UINT32)0x0000000E)
+#define TPM_PF_ENABLEREVOKEEK ((UINT32)0x0000000F)
+#define TPM_PF_NV_LOCKED ((UINT32)0x00000010)
+#define TPM_PF_READSRKPUB ((UINT32)0x00000011)
+#define TPM_PF_RESETESTABLISHMENTBIT ((UINT32)0x00000012)
+#define TPM_PF_MAINTENANCEDONE ((UINT32)0x00000013)
+#define TPM_PF_DISABLEFULLDALOGICINFO ((UINT32)0x00000014)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.2: TPM_STCLEAR_FLAGS
+
+typedef struct tdTPM_STCLEAR_FLAGS
+{
+ TPM_STRUCTURE_TAG tag;
+ TSS_BOOL deactivated;
+ TSS_BOOL disableForceClear;
+ TSS_BOOL physicalPresence;
+ TSS_BOOL physicalPresenceLock;
+ TSS_BOOL bGlobalLock;
+} TPM_STCLEAR_FLAGS;
+
+#define TPM_SF_DEACTIVATED ((UINT32)0x00000001)
+#define TPM_SF_DISABLEFORCECLEAR ((UINT32)0x00000002)
+#define TPM_SF_PHYSICALPRESENCE ((UINT32)0x00000003)
+#define TPM_SF_PHYSICALPRESENCELOCK ((UINT32)0x00000004)
+#define TPM_SF_GLOBALLOCK ((UINT32)0x00000005)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.3: TPM_STANY_FLAGS
+
+typedef struct tdTPM_STANY_FLAGS
+{
+ TPM_STRUCTURE_TAG tag;
+ TSS_BOOL postInitialise;
+ TPM_MODIFIER_INDICATOR localityModifier;
+ TSS_BOOL transportExclusive;
+ TSS_BOOL TOSPresent;
+} TPM_STANY_FLAGS;
+
+#define TPM_AF_POSTINITIALIZE ((UINT32)0x00000001)
+#define TPM_AF_LOCALITYMODIFIER ((UINT32)0x00000002)
+#define TPM_AF_TRANSPORTEXCLUSIVE ((UINT32)0x00000003)
+#define TPM_AF_TOSPRESENT ((UINT32)0x00000004)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.4: TPM_PERMANENT_DATA
+// available inside TPM only
+//
+//#define TPM_MIN_COUNTERS 4
+//#define TPM_NUM_PCR 16
+//#define TPM_MAX_NV_WRITE_NOOWNER 64
+//
+//typedef struct tdTPM_PERMANENT_DATA
+//{
+// TPM_STRUCTURE_TAG tag;
+// BYTE revMajor;
+// BYTE revMinor;
+// TPM_NONCE tpmProof;
+// TPM_NONCE ekReset;
+// TPM_SECRET ownerAuth;
+// TPM_SECRET operatorAuth;
+// TPM_DIRVALUE authDIR[1];
+// TPM_PUBKEY manuMaintPub;
+// TPM_KEY endorsementKey;
+// TPM_KEY srk;
+// TPM_KEY contextKey;
+// TPM_KEY delegateKey;
+// TPM_COUNTER_VALUE auditMonotonicCounter;
+// TPM_COUNTER_VALUE monitonicCounter[TPM_MIN_COUNTERS];
+// TPM_PCR_ATTRIBUTES pcrAttrib[TPM_NUM_PCR];
+// BYTE ordinalAuditStatus[];
+// BYTE *rngState;
+// TPM_FAMILY_TABLE familyTable;
+// TPM_DELEGATE_TABLE delegateTable;
+// UINT32 maxNVBufSize;
+// UINT32 lastFamilyID;
+// UINT32 noOwnerNVWrite;
+// TPM_CMK_DELEGATE restrictDelegate;
+// TPM_DAA_TPM_SEED tpmDAASeed;
+// TPM_NONCE daaProof;
+// TPM_NONCE daaBlobKey;
+//} TPM_PERMANENT_DATA;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.5: TPM_STCLEAR_DATA
+// available inside TPM only
+//
+//typedef struct tdTPM_STCLEAR_DATA
+//{
+// TPM_STRUCTURE_TAG tag;
+// TPM_NONCE contextNonceKey;
+// TPM_COUNT_ID countID;
+// UINT32 ownerReference;
+// TPM_BOOL disableResetLock;
+// TPM_PCRVALUE PCR[TPM_NUM_PCR];
+// UINT32 deferredPhysicalPresence;
+//} TPM_STCLEAR_DATA;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.5: TPM_STANY_DATA
+// available inside TPM only
+//
+//typedef struct tdTPM_STANY_DATA
+//{
+// TPM_STRUCTURE_TAG tag;
+// TPM_NONCE contextNonceSession;
+// TPM_DIGEST auditDigest;
+// TPM_CURRENT_TICKS currentTicks;
+// UINT32 contextCount;
+// UINT32 contextList[TPM_MIN_SESSION_LIST];
+// TPM_SESSION_DATA sessions[TPM_MIN_SESSIONS];
+// // The following appear in section 22.6 but not in 7.5
+// TPM_DAA_ISSUER DAA_issuerSettings;
+// TPM_DAA_TPM DAA_tpmSpecific;
+// TPM_DAA_CONTEXT DAA_session;
+// TPM_DAA_JOINDATA DAA_joinSession;
+//} TPM_STANY_DATA;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 8: PCR Structures
+
+typedef BYTE TPM_LOCALITY_SELECTION;
+#define TPM_LOC_FOUR (((UINT32)1)<<4)
+#define TPM_LOC_THREE (((UINT32)1)<<3)
+#define TPM_LOC_TWO (((UINT32)1)<<2)
+#define TPM_LOC_ONE (((UINT32)1)<<1)
+#define TPM_LOC_ZERO (((UINT32)1)<<0)
+
+typedef struct tdTPM_PCR_SELECTION /* 1.1b */
+{
+ UINT16 sizeOfSelect;
+ SIZEIS(sizeOfSelect)
+ BYTE *pcrSelect;
+} TPM_PCR_SELECTION;
+
+typedef struct tdTPM_PCR_COMPOSITE /* 1.1b */
+{
+ TPM_PCR_SELECTION select;
+ UINT32 valueSize;
+ SIZEIS(valueSize)
+ TPM_PCRVALUE *pcrValue;
+} TPM_PCR_COMPOSITE;
+
+typedef struct tdTPM_PCR_INFO /* 1.1b */
+{
+ TPM_PCR_SELECTION pcrSelection;
+ TPM_COMPOSITE_HASH digestAtRelease;
+ TPM_COMPOSITE_HASH digestAtCreation;
+} TPM_PCR_INFO;
+
+typedef struct tdTPM_PCR_INFO_LONG
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_LOCALITY_SELECTION localityAtCreation;
+ TPM_LOCALITY_SELECTION localityAtRelease;
+ TPM_PCR_SELECTION creationPCRSelection;
+ TPM_PCR_SELECTION releasePCRSelection;
+ TPM_COMPOSITE_HASH digestAtCreation;
+ TPM_COMPOSITE_HASH digestAtRelease;
+} TPM_PCR_INFO_LONG;
+
+typedef struct tdTPM_PCR_INFO_SHORT
+{
+ TPM_PCR_SELECTION pcrSelection;
+ TPM_LOCALITY_SELECTION localityAtRelease;
+ TPM_COMPOSITE_HASH digestAtRelease;
+} TPM_PCR_INFO_SHORT;
+
+typedef struct tdTPM_PCR_ATTRIBUTES
+{
+ BYTE pcrReset;
+ TPM_LOCALITY_SELECTION pcrExtendLocal;
+ TPM_LOCALITY_SELECTION pcrResetLocal;
+} TPM_PCR_ATTRIBUTES;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 9:
+
+typedef struct tdTPM_STORED_DATA /* 1.1b */
+{
+ TPM_STRUCT_VER ver;
+ UINT32 sealInfoSize;
+ SIZEIS(sealInfoSize)
+ BYTE *sealInfo;
+ UINT32 encDataSize;
+ SIZEIS(encDataSize)
+ BYTE *encData;
+} TPM_STORED_DATA;
+
+typedef struct tdTPM_STORED_DATA12
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_ENTITY_TYPE et;
+ UINT32 sealInfoSize;
+ SIZEIS(sealInfoSize)
+ BYTE *sealInfo;
+ UINT32 encDataSize;
+ SIZEIS(encDataSize)
+ BYTE *encData;
+} TPM_STORED_DATA12;
+
+typedef struct tdTPM_SEALED_DATA /* 1.1b */
+{
+ TPM_PAYLOAD_TYPE payload;
+ TPM_SECRET authData;
+ TPM_NONCE tpmProof;
+ TPM_DIGEST storedDigest;
+ UINT32 dataSize;
+ SIZEIS(dataSize)
+ BYTE *data;
+} TPM_SEALED_DATA;
+
+typedef struct tdTPM_SYMMETRIC_KEY /* 1.1b */
+{
+ TPM_ALGORITHM_ID algId;
+ TPM_ENC_SCHEME encScheme;
+ UINT16 size;
+ SIZEIS(size)
+ BYTE *data;
+} TPM_SYMMETRIC_KEY;
+
+typedef struct tdTPM_BOUND_DATA
+{
+ TPM_STRUCT_VER ver;
+ TPM_PAYLOAD_TYPE payload;
+ BYTE *payloadData; // length is implied
+} TPM_BOUND_DATA;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 10: TPM_KEY complex
+
+typedef struct tdTPM_KEY_PARMS /* 1.1b */
+{
+ TPM_ALGORITHM_ID algorithmID;
+ TPM_ENC_SCHEME encScheme;
+ TPM_SIG_SCHEME sigScheme;
+ UINT32 parmSize;
+ SIZEIS(parmSize)
+ BYTE *parms;
+} TPM_KEY_PARMS;
+
+typedef struct tdTPM_RSA_KEY_PARMS /* 1.1b */
+{
+ UINT32 keyLength;
+ UINT32 numPrimes;
+ UINT32 exponentSize;
+ SIZEIS(exponentSize)
+ BYTE *exponent;
+} TPM_RSA_KEY_PARMS;
+
+typedef struct tdTPM_SYMMETRIC_KEY_PARMS
+{
+ UINT32 keyLength;
+ UINT32 blockSize;
+ UINT32 ivSize;
+ SIZEIS(ivSize)
+ BYTE *IV;
+} TPM_SYMMETRIC_KEY_PARMS;
+
+typedef struct tdTPM_STORE_PUBKEY /* 1.1b */
+{
+ UINT32 keyLength;
+ SIZEIS(keyLength)
+ BYTE *key;
+} TPM_STORE_PUBKEY;
+
+typedef struct tdTPM_PUBKEY /* 1.1b */
+{
+ TPM_KEY_PARMS algorithmParms;
+ TPM_STORE_PUBKEY pubKey;
+} TPM_PUBKEY;
+
+typedef struct tdTPM_STORE_PRIVKEY /* 1.1b */
+{
+ UINT32 keyLength;
+ SIZEIS(keyLength)
+ BYTE *key;
+} TPM_STORE_PRIVKEY;
+
+typedef struct tdTPM_STORE_ASYMKEY /* 1.1b */
+{
+ TPM_PAYLOAD_TYPE payload;
+ TPM_SECRET usageAuth;
+ TPM_SECRET migrationAuth;
+ TPM_DIGEST pubDataDigest;
+ TPM_STORE_PRIVKEY privKey;
+} TPM_STORE_ASYMKEY;
+
+typedef struct tdTPM_KEY /* 1.1b */
+{
+ TPM_STRUCT_VER ver;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+ TPM_STORE_PUBKEY pubKey;
+ UINT32 encSize;
+ SIZEIS(encSize)
+ BYTE *encData;
+} TPM_KEY;
+
+typedef struct tdTPM_KEY12
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT16 fill;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+ TPM_STORE_PUBKEY pubKey;
+ UINT32 encSize;
+ SIZEIS(encSize)
+ BYTE *encData;
+} TPM_KEY12;
+
+typedef struct tdTPM_MIGRATE_ASYMKEY
+{
+ TPM_PAYLOAD_TYPE payload;
+ TPM_SECRET usageAuth;
+ TPM_DIGEST pubDataDigest;
+ UINT32 partPrivKeyLen;
+ SIZEIS(partPrivKeyLen)
+ BYTE *partPrivKey;
+} TPM_MIGRATE_ASYMKEY;
+
+
+typedef UINT32 TPM_KEY_CONTROL;
+#define TPM_KEY_CONTROL_OWNER_EVICT ((UINT32)0x00000001)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH
+
+typedef struct tdTPM_MIGRATIONKEYAUTH /* 1.1b */
+{
+ TPM_PUBKEY migrationKey;
+ TPM_MIGRATE_SCHEME migrationScheme;
+ TPM_DIGEST digest;
+} TPM_MIGRATIONKEYAUTH;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 11: Signed Structures
+
+typedef struct tdTPM_CERTIFY_INFO /* 1.1b */
+{
+ TPM_STRUCT_VER version;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ TPM_DIGEST pubkeyDigest;
+ TPM_NONCE data;
+ TPM_BOOL parentPCRStatus;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+} TPM_CERTIFY_INFO;
+
+typedef struct tdTPM_CERTIFY_INFO2
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE fill;
+ TPM_PAYLOAD_TYPE payloadType;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ TPM_DIGEST pubkeyDigest;
+ TPM_NONCE data;
+ TPM_BOOL parentPCRStatus;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+ UINT32 migrationAuthoritySize;
+ SIZEIS(migrationAuthoritySize)
+ BYTE *migrationAuthority;
+} TPM_CERTIFY_INFO2;
+
+typedef struct tdTPM_QUOTE_INFO /* 1.1b */
+{
+ TPM_STRUCT_VER version;
+ BYTE fixed[4];
+ TPM_COMPOSITE_HASH compositeHash; /* in 1.2 TPM spec, named digestValue */
+ TPM_NONCE externalData;
+} TPM_QUOTE_INFO;
+
+typedef struct tdTPM_QUOTE_INFO2
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE fixed[4];
+ TPM_NONCE externalData;
+ TPM_PCR_INFO_SHORT infoShort;
+} TPM_QUOTE_INFO2;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 12: Identity Structures
+
+
+typedef struct tdTPM_EK_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_EK_TYPE ekType;
+ UINT32 blobSize;
+ SIZEIS(blobSize)
+ BYTE *blob;
+} TPM_EK_BLOB;
+
+typedef struct tdTPM_EK_BLOB_ACTIVATE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_SYMMETRIC_KEY sessionKey;
+ TPM_DIGEST idDigest;
+ TPM_PCR_INFO_SHORT pcrInfo;
+} TPM_EK_BLOB_ACTIVATE;
+
+typedef struct tdTPM_EK_BLOB_AUTH
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_SECRET authValue;
+} TPM_EK_BLOB_AUTH;
+
+
+typedef struct tdTPM_IDENTITY_CONTENTS
+{
+ TPM_STRUCT_VER ver;
+ UINT32 ordinal;
+ TPM_CHOSENID_HASH labelPrivCADigest;
+ TPM_PUBKEY identityPubKey;
+} TPM_IDENTITY_CONTENTS;
+
+typedef struct tdTPM_IDENTITY_REQ /* 1.1b */
+{
+ UINT32 asymSize;
+ UINT32 symSize;
+ TPM_KEY_PARMS asymAlgorithm;
+ TPM_KEY_PARMS symAlgorithm;
+ SIZEIS(asymSize)
+ BYTE *asymBlob;
+ SIZEIS(symSize)
+ BYTE *symBlob;
+} TPM_IDENTITY_REQ;
+
+typedef struct tdTPM_IDENTITY_PROOF /* 1.1b */
+{
+ TPM_STRUCT_VER ver;
+ UINT32 labelSize;
+ UINT32 identityBindingSize;
+ UINT32 endorsementSize;
+ UINT32 platformSize;
+ UINT32 conformanceSize;
+ TPM_PUBKEY identityKey;
+ SIZEIS(labelSize)
+ BYTE *labelArea;
+ SIZEIS(identityBindingSize)
+ BYTE *identityBinding;
+ SIZEIS(endorsementSize)
+ BYTE *endorsementCredential;
+ SIZEIS(platformSize)
+ BYTE *platformCredential;
+ SIZEIS(conformanceSize)
+ BYTE *conformanceCredential;
+} TPM_IDENTITY_PROOF;
+
+typedef struct tdTPM_ASYM_CA_CONTENTS /* 1.1b */
+{
+ TPM_SYMMETRIC_KEY sessionKey;
+ TPM_DIGEST idDigest;
+} TPM_ASYM_CA_CONTENTS;
+
+typedef struct tdTPM_SYM_CA_ATTESTATION
+{
+ UINT32 credSize;
+ TPM_KEY_PARMS algorithm;
+ SIZEIS(credSize)
+ BYTE *credential;
+} TPM_SYM_CA_ATTESTATION;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 15: Tick Structures
+// Placed here out of order because definitions are used in section 13.
+
+typedef struct tdTPM_CURRENT_TICKS
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT64 currentTicks;
+ UINT16 tickRate;
+ TPM_NONCE tickNonce;
+} TPM_CURRENT_TICKS;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 13: Transport structures
+
+typedef UINT32 TPM_TRANSPORT_ATTRIBUTES;
+#define TPM_TRANSPORT_ENCRYPT ((UINT32)0x00000001)
+#define TPM_TRANSPORT_LOG ((UINT32)0x00000002)
+#define TPM_TRANSPORT_EXCLUSIVE ((UINT32)0x00000004)
+
+typedef struct tdTPM_TRANSPORT_PUBLIC
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_TRANSPORT_ATTRIBUTES transAttributes;
+ TPM_ALGORITHM_ID algId;
+ TPM_ENC_SCHEME encScheme;
+} TPM_TRANSPORT_PUBLIC;
+
+typedef struct tdTPM_TRANSPORT_INTERNAL
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_AUTHDATA authData;
+ TPM_TRANSPORT_PUBLIC transPublic;
+ TPM_TRANSHANDLE transHandle;
+ TPM_NONCE transNonceEven;
+ TPM_DIGEST transDigest;
+} TPM_TRANSPORT_INTERNAL;
+
+typedef struct tdTPM_TRANSPORT_LOG_IN
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST parameters;
+ TPM_DIGEST pubKeyHash;
+} TPM_TRANSPORT_LOG_IN;
+
+typedef struct tdTPM_TRANSPORT_LOG_OUT
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_CURRENT_TICKS currentTicks;
+ TPM_DIGEST parameters;
+ TPM_MODIFIER_INDICATOR locality;
+} TPM_TRANSPORT_LOG_OUT;
+
+typedef struct tdTPM_TRANSPORT_AUTH
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_AUTHDATA authData;
+} TPM_TRANSPORT_AUTH;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 14: Audit Structures
+
+typedef struct tdTPM_AUDIT_EVENT_IN
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST inputParms;
+ TPM_COUNTER_VALUE auditCount;
+} TPM_AUDIT_EVENT_IN;
+
+typedef struct tdTPM_AUDIT_EVENT_OUT
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_COMMAND_CODE ordinal;
+ TPM_DIGEST outputParms;
+ TPM_COUNTER_VALUE auditCount;
+ TPM_RESULT returnCode;
+} TPM_AUDIT_EVENT_OUT;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 16: Return codes
+
+#include <tss/tpm_error.h>
+
+
+//-------------------------------------------------------------------
+// Part 2, section 17: Ordinals
+
+#include <tss/tpm_ordinal.h>
+
+//-------------------------------------------------------------------
+// Part 2, section 18: Context structures
+
+typedef struct tdTPM_CONTEXT_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_RESOURCE_TYPE resourceType;
+ TPM_HANDLE handle;
+ BYTE label[16];
+ UINT32 contextCount;
+ TPM_DIGEST integrityDigest;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalData;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveData;
+} TPM_CONTEXT_BLOB;
+
+typedef struct tdTPM_CONTEXT_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NONCE contextNonce;
+ UINT32 internalSize;
+ SIZEIS(internalSize)
+ BYTE *internalData;
+} TPM_CONTEXT_SENSITIVE;
+
+//-------------------------------------------------------------------
+// Part 2, section 19: NV Structures
+
+typedef UINT32 TPM_NV_INDEX;
+#define TPM_NV_INDEX_LOCK ((UINT32)0xffffffff)
+#define TPM_NV_INDEX0 ((UINT32)0x00000000)
+#define TPM_NV_INDEX_DIR ((UINT32)0x10000001)
+#define TPM_NV_INDEX_EKCert ((UINT32)0x0000f000)
+#define TPM_NV_INDEX_TPM_CC ((UINT32)0x0000f001)
+#define TPM_NV_INDEX_PlatformCert ((UINT32)0x0000f002)
+#define TPM_NV_INDEX_Platform_CC ((UINT32)0x0000f003)
+// The following define ranges of reserved indices.
+#define TPM_NV_INDEX_TSS_BASE ((UINT32)0x00011100)
+#define TPM_NV_INDEX_PC_BASE ((UINT32)0x00011200)
+#define TPM_NV_INDEX_SERVER_BASE ((UINT32)0x00011300)
+#define TPM_NV_INDEX_MOBILE_BASE ((UINT32)0x00011400)
+#define TPM_NV_INDEX_PERIPHERAL_BASE ((UINT32)0x00011500)
+#define TPM_NV_INDEX_GROUP_RESV_BASE ((UINT32)0x00010000)
+
+
+typedef UINT32 TPM_NV_PER_ATTRIBUTES;
+#define TPM_NV_PER_READ_STCLEAR (((UINT32)1)<<31)
+#define TPM_NV_PER_AUTHREAD (((UINT32)1)<<18)
+#define TPM_NV_PER_OWNERREAD (((UINT32)1)<<17)
+#define TPM_NV_PER_PPREAD (((UINT32)1)<<16)
+#define TPM_NV_PER_GLOBALLOCK (((UINT32)1)<<15)
+#define TPM_NV_PER_WRITE_STCLEAR (((UINT32)1)<<14)
+#define TPM_NV_PER_WRITEDEFINE (((UINT32)1)<<13)
+#define TPM_NV_PER_WRITEALL (((UINT32)1)<<12)
+#define TPM_NV_PER_AUTHWRITE (((UINT32)1)<<2)
+#define TPM_NV_PER_OWNERWRITE (((UINT32)1)<<1)
+#define TPM_NV_PER_PPWRITE (((UINT32)1)<<0)
+
+typedef struct tdTPM_NV_ATTRIBUTES
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_PER_ATTRIBUTES attributes;
+} TPM_NV_ATTRIBUTES;
+
+
+typedef struct tdTPM_NV_DATA_PUBLIC
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_INDEX nvIndex;
+ TPM_PCR_INFO_SHORT pcrInfoRead;
+ TPM_PCR_INFO_SHORT pcrInfoWrite;
+ TPM_NV_ATTRIBUTES permission;
+ TPM_BOOL bReadSTClear;
+ TPM_BOOL bWriteSTClear;
+ TPM_BOOL bWriteDefine;
+ UINT32 dataSize;
+} TPM_NV_DATA_PUBLIC;
+
+
+#if 0
+// Internal to TPM:
+typedef struct tdTPM_NV_DATA_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_DATA_PUBLIC pubInfo;
+ TPM_AUTHDATA authValue;
+ SIZEIS(pubInfo.dataSize)
+ BYTE *data;
+} TPM_NV_DATA_SENSITIVE;
+#endif
+
+
+//-------------------------------------------------------------------
+// Part 2, section 20: Delegation
+
+//-------------------------------------------------------------------
+// Part 2, section 20.3: Owner Permissions Settings for per1 bits
+#define TPM_DELEGATE_SetOrdinalAuditStatus (((UINT32)1)<<30)
+#define TPM_DELEGATE_DirWriteAuth (((UINT32)1)<<29)
+#define TPM_DELEGATE_CMK_ApproveMA (((UINT32)1)<<28)
+#define TPM_DELEGATE_NV_WriteValue (((UINT32)1)<<27)
+#define TPM_DELEGATE_CMK_CreateTicket (((UINT32)1)<<26)
+#define TPM_DELEGATE_NV_ReadValue (((UINT32)1)<<25)
+#define TPM_DELEGATE_Delegate_LoadOwnerDelegation (((UINT32)1)<<24)
+#define TPM_DELEGATE_DAA_Join (((UINT32)1)<<23)
+#define TPM_DELEGATE_AuthorizeMigrationKey (((UINT32)1)<<22)
+#define TPM_DELEGATE_CreateMaintenanceArchive (((UINT32)1)<<21)
+#define TPM_DELEGATE_LoadMaintenanceArchive (((UINT32)1)<<20)
+#define TPM_DELEGATE_KillMaintenanceFeature (((UINT32)1)<<19)
+#define TPM_DELEGATE_OwnerReadInternalPub (((UINT32)1)<<18)
+#define TPM_DELEGATE_ResetLockValue (((UINT32)1)<<17)
+#define TPM_DELEGATE_OwnerClear (((UINT32)1)<<16)
+#define TPM_DELEGATE_DisableOwnerClear (((UINT32)1)<<15)
+#define TPM_DELEGATE_NV_DefineSpace (((UINT32)1)<<14)
+#define TPM_DELEGATE_OwnerSetDisable (((UINT32)1)<<13)
+#define TPM_DELEGATE_SetCapability (((UINT32)1)<<12)
+#define TPM_DELEGATE_MakeIdentity (((UINT32)1)<<11)
+#define TPM_DELEGATE_ActivateIdentity (((UINT32)1)<<10)
+#define TPM_DELEGATE_OwnerReadPubek (((UINT32)1)<<9)
+#define TPM_DELEGATE_DisablePubekRead (((UINT32)1)<<8)
+#define TPM_DELEGATE_SetRedirection (((UINT32)1)<<7)
+#define TPM_DELEGATE_FieldUpgrade (((UINT32)1)<<6)
+#define TPM_DELEGATE_Delegate_UpdateVerification (((UINT32)1)<<5)
+#define TPM_DELEGATE_CreateCounter (((UINT32)1)<<4)
+#define TPM_DELEGATE_ReleaseCounterOwner (((UINT32)1)<<3)
+#define TPM_DELEGATE_DelegateManage (((UINT32)1)<<2)
+#define TPM_DELEGATE_Delegate_CreateOwnerDelegation (((UINT32)1)<<1)
+#define TPM_DELEGATE_DAA_Sign (((UINT32)1)<<0)
+
+//-------------------------------------------------------------------
+// Part 2, section 20.3: Key Permissions Settings for per1 bits
+#define TPM_KEY_DELEGATE_CMK_ConvertMigration (((UINT32)1)<<28)
+#define TPM_KEY_DELEGATE_TickStampBlob (((UINT32)1)<<27)
+#define TPM_KEY_DELEGATE_ChangeAuthAsymStart (((UINT32)1)<<26)
+#define TPM_KEY_DELEGATE_ChangeAuthAsymFinish (((UINT32)1)<<25)
+#define TPM_KEY_DELEGATE_CMK_CreateKey (((UINT32)1)<<24)
+#define TPM_KEY_DELEGATE_MigrateKey (((UINT32)1)<<23)
+#define TPM_KEY_DELEGATE_LoadKey2 (((UINT32)1)<<22)
+#define TPM_KEY_DELEGATE_EstablishTransport (((UINT32)1)<<21)
+#define TPM_KEY_DELEGATE_ReleaseTransportSigned (((UINT32)1)<<20)
+#define TPM_KEY_DELEGATE_Quote2 (((UINT32)1)<<19)
+#define TPM_KEY_DELEGATE_Sealx (((UINT32)1)<<18)
+#define TPM_KEY_DELEGATE_MakeIdentity (((UINT32)1)<<17)
+#define TPM_KEY_DELEGATE_ActivateIdentity (((UINT32)1)<<16)
+#define TPM_KEY_DELEGATE_GetAuditDigestSigned (((UINT32)1)<<15)
+#define TPM_KEY_DELEGATE_Sign (((UINT32)1)<<14)
+#define TPM_KEY_DELEGATE_CertifyKey2 (((UINT32)1)<<13)
+#define TPM_KEY_DELEGATE_CertifyKey (((UINT32)1)<<12)
+#define TPM_KEY_DELEGATE_CreateWrapKey (((UINT32)1)<<11)
+#define TPM_KEY_DELEGATE_CMK_CreateBlob (((UINT32)1)<<10)
+#define TPM_KEY_DELEGATE_CreateMigrationBlob (((UINT32)1)<<9)
+#define TPM_KEY_DELEGATE_ConvertMigrationBlob (((UINT32)1)<<8)
+#define TPM_KEY_DELEGATE_CreateKeyDelegation (((UINT32)1)<<7)
+#define TPM_KEY_DELEGATE_ChangeAuth (((UINT32)1)<<6)
+#define TPM_KEY_DELEGATE_GetPubKey (((UINT32)1)<<5)
+#define TPM_KEY_DELEGATE_UnBind (((UINT32)1)<<4)
+#define TPM_KEY_DELEGATE_Quote (((UINT32)1)<<3)
+#define TPM_KEY_DELEGATE_Unseal (((UINT32)1)<<2)
+#define TPM_KEY_DELEGATE_Seal (((UINT32)1)<<1)
+#define TPM_KEY_DELEGATE_LoadKey (((UINT32)1)<<0)
+
+typedef UINT32 TPM_FAMILY_VERIFICATION;
+
+typedef UINT32 TPM_FAMILY_ID;
+
+typedef UINT32 TPM_DELEGATE_INDEX;
+
+typedef UINT32 TPM_FAMILY_OPERATION;
+#define TPM_FAMILY_CREATE ((UINT32)0x00000001)
+#define TPM_FAMILY_ENABLE ((UINT32)0x00000002)
+#define TPM_FAMILY_ADMIN ((UINT32)0x00000003)
+#define TPM_FAMILY_INVALIDATE ((UINT32)0x00000004)
+
+typedef UINT32 TPM_FAMILY_FLAGS;
+#define TPM_FAMFLAG_DELEGATE_ADMIN_LOCK (((UINT32)1)<<1)
+#define TPM_FAMFLAG_ENABLE (((UINT32)1)<<0)
+
+typedef struct tdTPM_FAMILY_LABEL
+{
+ BYTE label;
+} TPM_FAMILY_LABEL;
+
+typedef struct tdTPM_FAMILY_TABLE_ENTRY
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_FAMILY_LABEL label;
+ TPM_FAMILY_ID familyID;
+ TPM_FAMILY_VERIFICATION verificationCount;
+ TPM_FAMILY_FLAGS flags;
+} TPM_FAMILY_TABLE_ENTRY;
+
+
+#define TPM_FAMILY_TABLE_ENTRY_MIN 8
+//typedef struct tdTPM_FAMILY_TABLE
+//{
+// TPM_FAMILY_TABLE_ENTRY FamTableRow[TPM_NUM_FAMILY_TABLE_ENTRY_MIN];
+//} TPM_FAMILY_TABLE;
+
+
+typedef struct tdTPM_DELEGATE_LABEL
+{
+ BYTE label;
+} TPM_DELEGATE_LABEL;
+
+
+typedef UINT32 TPM_DELEGATE_TYPE;
+#define TPM_DEL_OWNER_BITS ((UINT32)0x00000001)
+#define TPM_DEL_KEY_BITS ((UINT32)0x00000002)
+
+typedef struct tdTPM_DELEGATIONS
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_TYPE delegateType;
+ UINT32 per1;
+ UINT32 per2;
+} TPM_DELEGATIONS;
+
+typedef struct tdTPM_DELEGATE_PUBLIC
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_LABEL label;
+ TPM_PCR_INFO_SHORT pcrInfo;
+ TPM_DELEGATIONS permissions;
+ TPM_FAMILY_ID familyID;
+ TPM_FAMILY_VERIFICATION verificationCount;
+} TPM_DELEGATE_PUBLIC;
+
+typedef struct tdTPM_DELEGATE_TABLE_ROW
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_PUBLIC pub;
+ TPM_SECRET authValue;
+} TPM_DELEGATE_TABLE_ROW;
+
+
+#define TPM_NUM_DELEGATE_TABLE_ENTRY_MIN 2
+//typedef struct tdTPM_DELEGATE_TABLE
+//{
+// TPM_DELEGATE_TABLE_ROW delRow[TPM_NUM_DELEGATE_TABLE_ENTRY_MIN];
+//} TPM_DELEGATE_TABLE;
+
+typedef struct tdTPM_DELEGATE_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_SECRET authValue;
+} TPM_DELEGATE_SENSITIVE;
+
+typedef struct tdTPM_DELEGATE_OWNER_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_PUBLIC pub;
+ TPM_DIGEST integrityDigest;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalArea;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveArea;
+} TPM_DELEGATE_OWNER_BLOB;
+
+typedef struct tdTPM_DELEGATE_KEY_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_PUBLIC pub;
+ TPM_DIGEST integrityDigest;
+ TPM_DIGEST pubKeyDigest;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalArea;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveArea;
+} TPM_DELEGATE_KEY_BLOB;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 21.1: TPM_CAPABILITY_AREA
+
+typedef UINT32 TPM_CAPABILITY_AREA; /* 1.1b */
+#define TPM_CAP_ORD ((UINT32)0x00000001) /* 1.1b */
+#define TPM_CAP_ALG ((UINT32)0x00000002) /* 1.1b */
+#define TPM_CAP_PID ((UINT32)0x00000003) /* 1.1b */
+#define TPM_CAP_FLAG ((UINT32)0x00000004) /* 1.1b */
+#define TPM_CAP_PROPERTY ((UINT32)0x00000005) /* 1.1b */
+#define TPM_CAP_VERSION ((UINT32)0x00000006) /* 1.1b */
+#define TPM_CAP_KEY_HANDLE ((UINT32)0x00000007) /* 1.1b */
+#define TPM_CAP_CHECK_LOADED ((UINT32)0x00000008) /* 1.1b */
+#define TPM_CAP_SYM_MODE ((UINT32)0x00000009)
+#define TPM_CAP_KEY_STATUS ((UINT32)0x0000000C)
+#define TPM_CAP_NV_LIST ((UINT32)0x0000000D)
+#define TPM_CAP_MFR ((UINT32)0x00000010)
+#define TPM_CAP_NV_INDEX ((UINT32)0x00000011)
+#define TPM_CAP_TRANS_ALG ((UINT32)0x00000012)
+#define TPM_CAP_HANDLE ((UINT32)0x00000014)
+#define TPM_CAP_TRANS_ES ((UINT32)0x00000015)
+#define TPM_CAP_AUTH_ENCRYPT ((UINT32)0x00000017)
+#define TPM_CAP_SELECT_SIZE ((UINT32)0x00000018)
+#define TPM_CAP_DA_LOGIC ((UINT32)0x00000019)
+#define TPM_CAP_VERSION_VAL ((UINT32)0x0000001A)
+
+// Part 2, section 21.1: Subcap values for CAP_FLAG
+#define TPM_CAP_FLAG_PERMANENT ((UINT32)0x00000108)
+#define TPM_CAP_FLAG_VOLATILE ((UINT32)0x00000109)
+
+//-------------------------------------------------------------------
+// Part 2, section 21.2: Subcap values for CAP_PROPERTY
+
+#define TPM_CAP_PROP_PCR ((UINT32)0x00000101) /* 1.1b */
+#define TPM_CAP_PROP_DIR ((UINT32)0x00000102) /* 1.1b */
+#define TPM_CAP_PROP_MANUFACTURER ((UINT32)0x00000103) /* 1.1b */
+#define TPM_CAP_PROP_KEYS ((UINT32)0x00000104)
+#define TPM_CAP_PROP_SLOTS (TPM_CAP_PROP_KEYS)
+#define TPM_CAP_PROP_MIN_COUNTER ((UINT32)0x00000107)
+#define TPM_CAP_PROP_AUTHSESS ((UINT32)0x0000010A)
+#define TPM_CAP_PROP_TRANSSESS ((UINT32)0x0000010B)
+#define TPM_CAP_PROP_COUNTERS ((UINT32)0x0000010C)
+#define TPM_CAP_PROP_MAX_AUTHSESS ((UINT32)0x0000010D)
+#define TPM_CAP_PROP_MAX_TRANSSESS ((UINT32)0x0000010E)
+#define TPM_CAP_PROP_MAX_COUNTERS ((UINT32)0x0000010F)
+#define TPM_CAP_PROP_MAX_KEYS ((UINT32)0x00000110)
+#define TPM_CAP_PROP_OWNER ((UINT32)0x00000111)
+#define TPM_CAP_PROP_CONTEXT ((UINT32)0x00000112)
+#define TPM_CAP_PROP_MAX_CONTEXT ((UINT32)0x00000113)
+#define TPM_CAP_PROP_FAMILYROWS ((UINT32)0x00000114)
+#define TPM_CAP_PROP_TIS_TIMEOUT ((UINT32)0x00000115)
+#define TPM_CAP_PROP_STARTUP_EFFECT ((UINT32)0x00000116)
+#define TPM_CAP_PROP_DELEGATE_ROW ((UINT32)0x00000117)
+#define TPM_CAP_PROP_MAX_DAASESS ((UINT32)0x00000119)
+#define TPM_CAP_PROP_DAA_MAX TPM_CAP_PROP_MAX_DAASESS
+#define TPM_CAP_PROP_DAASESS ((UINT32)0x0000011A)
+#define TPM_CAP_PROP_SESSION_DAA TPM_CAP_PROP_DAASESS
+#define TPM_CAP_PROP_CONTEXT_DIST ((UINT32)0x0000011B)
+#define TPM_CAP_PROP_DAA_INTERRUPT ((UINT32)0x0000011C)
+#define TPM_CAP_PROP_SESSIONS ((UINT32)0x0000011D)
+#define TPM_CAP_PROP_MAX_SESSIONS ((UINT32)0x0000011E)
+#define TPM_CAP_PROP_CMK_RESTRICTION ((UINT32)0x0000011F)
+#define TPM_CAP_PROP_DURATION ((UINT32)0x00000120)
+#define TPM_CAP_PROP_ACTIVE_COUNTER ((UINT32)0x00000122)
+#define TPM_CAP_PROP_NV_AVAILABLE ((UINT32)0x00000123)
+#define TPM_CAP_PROP_INPUT_BUFFER ((UINT32)0x00000124)
+
+
+// Part 2, section 21.4: SetCapability Values
+#define TPM_SET_PERM_FLAGS ((UINT32)0x00000001)
+#define TPM_SET_PERM_DATA ((UINT32)0x00000002)
+#define TPM_SET_STCLEAR_FLAGS ((UINT32)0x00000003)
+#define TPM_SET_STCLEAR_DATA ((UINT32)0x00000004)
+#define TPM_SET_STANY_FLAGS ((UINT32)0x00000005)
+#define TPM_SET_STANY_DATA ((UINT32)0x00000006)
+#define TPM_SET_VENDOR ((UINT32)0x00000007)
+
+
+// Part 2, section 21.6: TPM_CAP_VERSION_INFO
+typedef struct tdTPM_CAP_VERSION_INFO
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_VERSION version;
+ UINT16 specLevel;
+ BYTE errataRev;
+ BYTE tpmVendorID[4];
+ UINT16 vendorSpecificSize;
+ SIZEIS(vendorSpecificSize)
+ BYTE *vendorSpecific;
+} TPM_CAP_VERSION_INFO;
+
+
+// Part 2, section 21.9: TPM_DA_STATE
+// out of order to make it available for structure definitions
+typedef BYTE TPM_DA_STATE;
+#define TPM_DA_STATE_INACTIVE (0x00)
+#define TPM_DA_STATE_ACTIVE (0x01)
+
+// Part 2, section 21.10: TPM_DA_ACTION_TYPE
+typedef struct tdTPM_DA_ACTION_TYPE
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT32 actions;
+} TPM_DA_ACTION_TYPE;
+#define TPM_DA_ACTION_TIMEOUT ((UINT32)0x00000001)
+#define TPM_DA_ACTION_DISABLE ((UINT32)0x00000002)
+#define TPM_DA_ACTION_DEACTIVATE ((UINT32)0x00000004)
+#define TPM_DA_ACTION_FAILURE_MODE ((UINT32)0x00000008)
+
+// Part 2, section 21.7: TPM_DA_INFO
+typedef struct tdTPM_DA_INFO
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DA_STATE state;
+ UINT16 currentCount;
+ UINT16 threshholdCount;
+ TPM_DA_ACTION_TYPE actionAtThreshold;
+ UINT32 actionDependValue;
+ UINT32 vendorDataSize;
+ SIZEIS(vendorDataSize)
+ BYTE *vendorData;
+} TPM_DA_INFO;
+
+// Part 2, section 21.8: TPM_DA_INFO_LIMITED
+typedef struct tdTPM_DA_INFO_LIMITED
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DA_STATE state;
+ TPM_DA_ACTION_TYPE actionAtThreshold;
+ UINT32 vendorDataSize;
+ SIZEIS(vendorDataSize)
+ BYTE *vendorData;
+} TPM_DA_INFO_LIMITED;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 22: DAA Structures
+
+#define TPM_DAA_SIZE_r0 (43)
+#define TPM_DAA_SIZE_r1 (43)
+#define TPM_DAA_SIZE_r2 (128)
+#define TPM_DAA_SIZE_r3 (168)
+#define TPM_DAA_SIZE_r4 (219)
+#define TPM_DAA_SIZE_NT (20)
+#define TPM_DAA_SIZE_v0 (128)
+#define TPM_DAA_SIZE_v1 (192)
+#define TPM_DAA_SIZE_NE (256)
+#define TPM_DAA_SIZE_w (256)
+#define TPM_DAA_SIZE_issuerModulus (256)
+#define TPM_DAA_power0 (104)
+#define TPM_DAA_power1 (1024)
+
+typedef struct tdTPM_DAA_ISSUER
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST DAA_digest_R0;
+ TPM_DIGEST DAA_digest_R1;
+ TPM_DIGEST DAA_digest_S0;
+ TPM_DIGEST DAA_digest_S1;
+ TPM_DIGEST DAA_digest_n;
+ TPM_DIGEST DAA_digest_gamma;
+ BYTE DAA_generic_q[26];
+} TPM_DAA_ISSUER;
+
+
+typedef struct tdTPM_DAA_TPM
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST DAA_digestIssuer;
+ TPM_DIGEST DAA_digest_v0;
+ TPM_DIGEST DAA_digest_v1;
+ TPM_DIGEST DAA_rekey;
+ UINT32 DAA_count;
+} TPM_DAA_TPM;
+
+typedef struct tdTPM_DAA_CONTEXT
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST DAA_digestContext;
+ TPM_DIGEST DAA_digest;
+ TPM_DAA_CONTEXT_SEED DAA_contextSeed;
+ BYTE DAA_scratch[256];
+ BYTE DAA_stage;
+} TPM_DAA_CONTEXT;
+
+typedef struct tdTPM_DAA_JOINDATA
+{
+ BYTE DAA_join_u0[128];
+ BYTE DAA_join_u1[138];
+ TPM_DIGEST DAA_digest_n0;
+} TPM_DAA_JOINDATA;
+
+typedef struct tdTPM_DAA_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_RESOURCE_TYPE resourceType;
+ BYTE label[16];
+ TPM_DIGEST blobIntegrity;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalData;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveData;
+} TPM_DAA_BLOB;
+
+typedef struct tdTPM_DAA_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT32 internalSize;
+ SIZEIS(internalSize)
+ BYTE *internalData;
+} TPM_DAA_SENSITIVE;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 23: Redirection
+
+// This section of the TPM spec defines exactly one value but does not
+// give it a name. The definition of TPM_SetRedirection in Part3
+// refers to exactly one name but does not give its value. We join
+// them here.
+#define TPM_REDIR_GPIO (0x00000001)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 24.6: TPM_SYM_MODE
+// Deprecated by TPM 1.2 spec
+
+typedef UINT32 TPM_SYM_MODE;
+#define TPM_SYM_MODE_ECB (0x00000001)
+#define TPM_SYM_MODE_CBC (0x00000002)
+#define TPM_SYM_MODE_CFB (0x00000003)
+
+#endif // __TPM_H__
+
diff --git a/src/include/tss/tpm_error.h b/src/include/tss/tpm_error.h new file mode 100644 index 0000000..ccd4af4 --- /dev/null +++ b/src/include/tss/tpm_error.h @@ -0,0 +1,963 @@ +/*
+ * The TPM error codes extracted from the TPM main specification
+ * version 1.2 revision 85.
+ */
+
+#ifndef __TPM_ERROR_H__
+#define __TPM_ERROR_H__
+
+
+#ifndef TPM_E_BASE
+#define TPM_E_BASE ((UINT32)0)
+#endif
+
+#ifndef TPM_E_NON_FATAL
+#define TPM_E_NON_FATAL ((UINT32)0x00000800)
+#endif
+
+
+// Successful completion of the TPM operation.
+#define TPM_SUCCESS TPM_E_BASE
+
+//
+// MessageId: TPM_E_AUTHFAIL
+//
+// MessageText:
+//
+// Authentication failed
+//
+#define TPM_E_AUTHFAIL ((UINT32)(TPM_E_BASE + 0x00000001))
+
+//
+// MessageId: TPM_E_BADINDEX
+//
+// MessageText:
+//
+// The index to a PCR, DIR or other register is incorrect
+//
+#define TPM_E_BADINDEX ((UINT32)(TPM_E_BASE + 0x00000002))
+
+//
+// MessageId: TPM_E_BAD_PARAMETER
+//
+// MessageText:
+//
+// One or more parameter is bad
+//
+#define TPM_E_BAD_PARAMETER ((UINT32)(TPM_E_BASE + 0x00000003))
+
+//
+// MessageId: TPM_E_AUDITFAILURE
+//
+// MessageText:
+//
+// An operation completed successfully but the auditing of that
+// operation failed.
+//
+#define TPM_E_AUDITFAILURE ((UINT32)(TPM_E_BASE + 0x00000004))
+
+//
+// MessageId: TPM_E_CLEAR_DISABLED
+//
+// MessageText:
+//
+// The clear disable flag is set and all clear operations now require
+// physical access
+//
+#define TPM_E_CLEAR_DISABLED ((UINT32)(TPM_E_BASE + 0x00000005))
+
+//
+// MessageId: TPM_E_DEACTIVATED
+//
+// MessageText:
+//
+// The TPM is deactivated
+//
+#define TPM_E_DEACTIVATED ((UINT32)(TPM_E_BASE + 0x00000006))
+
+//
+// MessageId: TPM_E_DISABLED
+//
+// MessageText:
+//
+// The TPM is disabled
+//
+#define TPM_E_DISABLED ((UINT32)(TPM_E_BASE + 0x00000007))
+
+//
+// MessageId: TPM_E_DISABLED_CMD
+//
+// MessageText:
+//
+// The target command has been disabled
+//
+#define TPM_E_DISABLED_CMD ((UINT32)(TPM_E_BASE + 0x00000008))
+
+//
+// MessageId: TPM_E_FAIL
+//
+// MessageText:
+//
+// The operation failed
+//
+#define TPM_E_FAIL ((UINT32)(TPM_E_BASE + 0x00000009))
+
+//
+// MessageId: TPM_E_BAD_ORDINAL
+//
+// MessageText:
+//
+// The ordinal was unknown or inconsistent
+//
+#define TPM_E_BAD_ORDINAL ((UINT32)(TPM_E_BASE + 0x0000000a))
+
+//
+// MessageId: TPM_E_INSTALL_DISABLED
+//
+// MessageText:
+//
+// The ability to install an owner is disabled
+//
+#define TPM_E_INSTALL_DISABLED ((UINT32)(TPM_E_BASE + 0x0000000b))
+
+//
+// MessageId: TPM_E_INVALID_KEYHANDLE
+//
+// MessageText:
+//
+// The key handle can not be interpreted
+//
+#define TPM_E_INVALID_KEYHANDLE ((UINT32)(TPM_E_BASE + 0x0000000c))
+
+//
+// MessageId: TPM_E_KEYNOTFOUND
+//
+// MessageText:
+//
+// The key handle points to an invalid key
+//
+#define TPM_E_KEYNOTFOUND ((UINT32)(TPM_E_BASE + 0x0000000d))
+
+//
+// MessageId: TPM_E_INAPPROPRIATE_ENC
+//
+// MessageText:
+//
+// Unacceptable encryption scheme
+//
+#define TPM_E_INAPPROPRIATE_ENC ((UINT32)(TPM_E_BASE + 0x0000000e))
+
+//
+// MessageId: TPM_E_MIGRATEFAIL
+//
+// MessageText:
+//
+// Migration authorization failed
+//
+#define TPM_E_MIGRATEFAIL ((UINT32)(TPM_E_BASE + 0x0000000f))
+
+//
+// MessageId: TPM_E_INVALID_PCR_INFO
+//
+// MessageText:
+//
+// PCR information could not be interpreted
+//
+#define TPM_E_INVALID_PCR_INFO ((UINT32)(TPM_E_BASE + 0x00000010))
+
+//
+// MessageId: TPM_E_NOSPACE
+//
+// MessageText:
+//
+// No room to load key.
+//
+#define TPM_E_NOSPACE ((UINT32)(TPM_E_BASE + 0x00000011))
+
+//
+// MessageId: TPM_E_NOSRK
+//
+// MessageText:
+//
+// There is no SRK set
+//
+#define TPM_E_NOSRK ((UINT32)(TPM_E_BASE + 0x00000012))
+
+//
+// MessageId: TPM_E_NOTSEALED_BLOB
+//
+// MessageText:
+//
+// An encrypted blob is invalid or was not created by this TPM
+//
+#define TPM_E_NOTSEALED_BLOB ((UINT32)(TPM_E_BASE + 0x00000013))
+
+//
+// MessageId: TPM_E_OWNER_SET
+//
+// MessageText:
+//
+// There is already an Owner
+//
+#define TPM_E_OWNER_SET ((UINT32)(TPM_E_BASE + 0x00000014))
+
+//
+// MessageId: TPM_E_RESOURCES
+//
+// MessageText:
+//
+// The TPM has insufficient internal resources to perform the
+// requested action.
+//
+#define TPM_E_RESOURCES ((UINT32)(TPM_E_BASE + 0x00000015))
+
+//
+// MessageId: TPM_E_SHORTRANDOM
+//
+// MessageText:
+//
+// A random string was too short
+//
+#define TPM_E_SHORTRANDOM ((UINT32)(TPM_E_BASE + 0x00000016))
+
+//
+// MessageId: TPM_E_SIZE
+//
+// MessageText:
+//
+// The TPM does not have the space to perform the operation.
+//
+#define TPM_E_SIZE ((UINT32)(TPM_E_BASE + 0x00000017))
+
+//
+// MessageId: TPM_E_WRONGPCRVAL
+//
+// MessageText:
+//
+// The named PCR value does not match the current PCR value.
+//
+#define TPM_E_WRONGPCRVAL ((UINT32)(TPM_E_BASE + 0x00000018))
+
+//
+// MessageId: TPM_E_BAD_PARAM_SIZE
+//
+// MessageText:
+//
+// The paramSize argument to the command has the incorrect value
+//
+#define TPM_E_BAD_PARAM_SIZE ((UINT32)(TPM_E_BASE + 0x00000019))
+
+//
+// MessageId: TPM_E_SHA_THREAD
+//
+// MessageText:
+//
+// There is no existing SHA-1 thread.
+//
+#define TPM_E_SHA_THREAD ((UINT32)(TPM_E_BASE + 0x0000001a))
+
+//
+// MessageId: TPM_E_SHA_ERROR
+//
+// MessageText:
+//
+// The calculation is unable to proceed because the existing SHA-1
+// thread has already encountered an error.
+//
+#define TPM_E_SHA_ERROR ((UINT32)(TPM_E_BASE + 0x0000001b))
+
+//
+// MessageId: TPM_E_FAILEDSELFTEST
+//
+// MessageText:
+//
+// Self-test has failed and the TPM has shutdown.
+//
+#define TPM_E_FAILEDSELFTEST ((UINT32)(TPM_E_BASE + 0x0000001c))
+
+//
+// MessageId: TPM_E_AUTH2FAIL
+//
+// MessageText:
+//
+// The authorization for the second key in a 2 key function failed
+// authorization
+//
+#define TPM_E_AUTH2FAIL ((UINT32)(TPM_E_BASE + 0x0000001d))
+
+//
+// MessageId: TPM_E_BADTAG
+//
+// MessageText:
+//
+// The tag value sent to for a command is invalid
+//
+#define TPM_E_BADTAG ((UINT32)(TPM_E_BASE + 0x0000001e))
+
+//
+// MessageId: TPM_E_IOERROR
+//
+// MessageText:
+//
+// An IO error occurred transmitting information to the TPM
+//
+#define TPM_E_IOERROR ((UINT32)(TPM_E_BASE + 0x0000001f))
+
+//
+// MessageId: TPM_E_ENCRYPT_ERROR
+//
+// MessageText:
+//
+// The encryption process had a problem.
+//
+#define TPM_E_ENCRYPT_ERROR ((UINT32)(TPM_E_BASE + 0x00000020))
+
+//
+// MessageId: TPM_E_DECRYPT_ERROR
+//
+// MessageText:
+//
+// The decryption process did not complete.
+//
+#define TPM_E_DECRYPT_ERROR ((UINT32)(TPM_E_BASE + 0x00000021))
+
+//
+// MessageId: TPM_E_INVALID_AUTHHANDLE
+//
+// MessageText:
+//
+// An invalid handle was used.
+//
+#define TPM_E_INVALID_AUTHHANDLE ((UINT32)(TPM_E_BASE + 0x00000022))
+
+//
+// MessageId: TPM_E_NO_ENDORSEMENT
+//
+// MessageText:
+//
+// The TPM does not a EK installed
+//
+#define TPM_E_NO_ENDORSEMENT ((UINT32)(TPM_E_BASE + 0x00000023))
+
+//
+// MessageId: TPM_E_INVALID_KEYUSAGE
+//
+// MessageText:
+//
+// The usage of a key is not allowed
+//
+#define TPM_E_INVALID_KEYUSAGE ((UINT32)(TPM_E_BASE + 0x00000024))
+
+//
+// MessageId: TPM_E_WRONG_ENTITYTYPE
+//
+// MessageText:
+//
+// The submitted entity type is not allowed
+//
+#define TPM_E_WRONG_ENTITYTYPE ((UINT32)(TPM_E_BASE + 0x00000025))
+
+//
+// MessageId: TPM_E_INVALID_POSTINIT
+//
+// MessageText:
+//
+// The command was received in the wrong sequence relative to TPM_Init
+// and a subsequent TPM_Startup
+//
+#define TPM_E_INVALID_POSTINIT ((UINT32)(TPM_E_BASE + 0x00000026))
+
+//
+// MessageId: TPM_E_INAPPROPRIATE_SIG
+//
+// MessageText:
+//
+// Signed data cannot include additional DER information
+//
+#define TPM_E_INAPPROPRIATE_SIG ((UINT32)(TPM_E_BASE + 0x00000027))
+
+//
+// MessageId: TPM_E_BAD_KEY_PROPERTY
+//
+// MessageText:
+//
+// The key properties in TPM_KEY_PARMs are not supported by this TPM
+//
+#define TPM_E_BAD_KEY_PROPERTY ((UINT32)(TPM_E_BASE + 0x00000028))
+
+//
+// MessageId: TPM_E_BAD_MIGRATION
+//
+// MessageText:
+//
+// The migration properties of this key are incorrect.
+//
+#define TPM_E_BAD_MIGRATION ((UINT32)(TPM_E_BASE + 0x00000029))
+
+//
+// MessageId: TPM_E_BAD_SCHEME
+//
+// MessageText:
+//
+// The signature or encryption scheme for this key is incorrect or not
+// permitted in this situation.
+//
+#define TPM_E_BAD_SCHEME ((UINT32)(TPM_E_BASE + 0x0000002a))
+
+//
+// MessageId: TPM_E_BAD_DATASIZE
+//
+// MessageText:
+//
+// The size of the data (or blob) parameter is bad or inconsistent
+// with the referenced key
+//
+#define TPM_E_BAD_DATASIZE ((UINT32)(TPM_E_BASE + 0x0000002b))
+
+//
+// MessageId: TPM_E_BAD_MODE
+//
+// MessageText:
+//
+// A mode parameter is bad, such as capArea or subCapArea for
+// TPM_GetCapability, physicalPresence parameter for
+// TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob.
+//
+#define TPM_E_BAD_MODE ((UINT32)(TPM_E_BASE + 0x0000002c))
+
+//
+// MessageId: TPM_E_BAD_PRESENCE
+//
+// MessageText:
+//
+// Either the physicalPresence or physicalPresenceLock bits have the
+// wrong value
+//
+#define TPM_E_BAD_PRESENCE ((UINT32)(TPM_E_BASE + 0x0000002d))
+
+//
+// MessageId: TPM_E_BAD_VERSION
+//
+// MessageText:
+//
+// The TPM cannot perform this version of the capability
+//
+#define TPM_E_BAD_VERSION ((UINT32)(TPM_E_BASE + 0x0000002e))
+
+//
+// MessageId: TPM_E_NO_WRAP_TRANSPORT
+//
+// MessageText:
+//
+// The TPM does not allow for wrapped transport sessions
+//
+#define TPM_E_NO_WRAP_TRANSPORT ((UINT32)(TPM_E_BASE + 0x0000002f))
+
+//
+// MessageId: TPM_E_AUDITFAIL_UNSUCCESSFUL
+//
+// MessageText:
+//
+// TPM audit construction failed and the underlying command was
+// returning a failure code also
+//
+#define TPM_E_AUDITFAIL_UNSUCCESSFUL ((UINT32)(TPM_E_BASE + 0x00000030))
+
+//
+// MessageId: TPM_E_AUDITFAIL_SUCCESSFUL
+//
+// MessageText:
+//
+// TPM audit construction failed and the underlying command was
+// returning success
+//
+#define TPM_E_AUDITFAIL_SUCCESSFUL ((UINT32)(TPM_E_BASE + 0x00000031))
+
+//
+// MessageId: TPM_E_NOTRESETABLE
+//
+// MessageText:
+//
+// Attempt to reset a PCR register that does not have the resettable
+// attribute
+//
+#define TPM_E_NOTRESETABLE ((UINT32)(TPM_E_BASE + 0x00000032))
+
+//
+// MessageId: TPM_E_NOTLOCAL
+//
+// MessageText:
+//
+// Attempt to reset a PCR register that requires locality and locality
+// modifier not part of command transport
+//
+#define TPM_E_NOTLOCAL ((UINT32)(TPM_E_BASE + 0x00000033))
+
+//
+// MessageId: TPM_E_BAD_TYPE
+//
+// MessageText:
+//
+// Make identity blob not properly typed
+//
+#define TPM_E_BAD_TYPE ((UINT32)(TPM_E_BASE + 0x00000034))
+
+//
+// MessageId: TPM_E_INVALID_RESOURCE
+//
+// MessageText:
+//
+// When saving context identified resource type does not match actual
+// resource
+//
+#define TPM_E_INVALID_RESOURCE ((UINT32)(TPM_E_BASE + 0x00000035))
+
+//
+// MessageId: TPM_E_NOTFIPS
+//
+// MessageText:
+//
+// The TPM is attempting to execute a command only available when in
+// FIPS mode
+//
+#define TPM_E_NOTFIPS ((UINT32)(TPM_E_BASE + 0x00000036))
+
+//
+// MessageId: TPM_E_INVALID_FAMILY
+//
+// MessageText:
+//
+// The command is attempting to use an invalid family ID
+//
+#define TPM_E_INVALID_FAMILY ((UINT32)(TPM_E_BASE + 0x00000037))
+
+//
+// MessageId: TPM_E_NO_NV_PERMISSION
+//
+// MessageText:
+//
+// The permission to manipulate the NV storage is not available
+//
+#define TPM_E_NO_NV_PERMISSION ((UINT32)(TPM_E_BASE + 0x00000038))
+
+//
+// MessageId: TPM_E_REQUIRES_SIGN
+//
+// MessageText:
+//
+// The operation requires a signed command
+//
+#define TPM_E_REQUIRES_SIGN ((UINT32)(TPM_E_BASE + 0x00000039))
+
+//
+// MessageId: TPM_E_KEY_NOTSUPPORTED
+//
+// MessageText:
+//
+// Wrong operation to load an NV key
+//
+#define TPM_E_KEY_NOTSUPPORTED ((UINT32)(TPM_E_BASE + 0x0000003a))
+
+//
+// MessageId: TPM_E_AUTH_CONFLICT
+//
+// MessageText:
+//
+// NV_LoadKey blob requires both owner and blob authorization
+//
+#define TPM_E_AUTH_CONFLICT ((UINT32)(TPM_E_BASE + 0x0000003b))
+
+//
+// MessageId: TPM_E_AREA_LOCKED
+//
+// MessageText:
+//
+// The NV area is locked and not writable
+//
+#define TPM_E_AREA_LOCKED ((UINT32)(TPM_E_BASE + 0x0000003c))
+
+//
+// MessageId: TPM_E_BAD_LOCALITY
+//
+// MessageText:
+//
+// The locality is incorrect for the attempted operation
+//
+#define TPM_E_BAD_LOCALITY ((UINT32)(TPM_E_BASE + 0x0000003d))
+
+//
+// MessageId: TPM_E_READ_ONLY
+//
+// MessageText:
+//
+// The NV area is read only and can't be written to
+//
+#define TPM_E_READ_ONLY ((UINT32)(TPM_E_BASE + 0x0000003e))
+
+//
+// MessageId: TPM_E_PER_NOWRITE
+//
+// MessageText:
+//
+// There is no protection on the write to the NV area
+//
+#define TPM_E_PER_NOWRITE ((UINT32)(TPM_E_BASE + 0x0000003f))
+
+//
+// MessageId: TPM_E_FAMILYCOUNT
+//
+// MessageText:
+//
+// The family count value does not match
+//
+#define TPM_E_FAMILYCOUNT ((UINT32)(TPM_E_BASE + 0x00000040))
+
+//
+// MessageId: TPM_E_WRITE_LOCKED
+//
+// MessageText:
+//
+// The NV area has already been written to
+//
+#define TPM_E_WRITE_LOCKED ((UINT32)(TPM_E_BASE + 0x00000041))
+
+//
+// MessageId: TPM_E_BAD_ATTRIBUTES
+//
+// MessageText:
+//
+// The NV area attributes conflict
+//
+#define TPM_E_BAD_ATTRIBUTES ((UINT32)(TPM_E_BASE + 0x00000042))
+
+//
+// MessageId: TPM_E_INVALID_STRUCTURE
+//
+// MessageText:
+//
+// The structure tag and version are invalid or inconsistent
+//
+#define TPM_E_INVALID_STRUCTURE ((UINT32)(TPM_E_BASE + 0x00000043))
+
+//
+// MessageId: TPM_E_KEY_OWNER_CONTROL
+//
+// MessageText:
+//
+// The key is under control of the TPM Owner and can only be evicted
+// by the TPM Owner.
+//
+#define TPM_E_KEY_OWNER_CONTROL ((UINT32)(TPM_E_BASE + 0x00000044))
+
+//
+// MessageId: TPM_E_BAD_COUNTER
+//
+// MessageText:
+//
+// The counter handle is incorrect
+//
+#define TPM_E_BAD_COUNTER ((UINT32)(TPM_E_BASE + 0x00000045))
+
+//
+// MessageId: TPM_E_NOT_FULLWRITE
+//
+// MessageText:
+//
+// The write is not a complete write of the area
+//
+#define TPM_E_NOT_FULLWRITE ((UINT32)(TPM_E_BASE + 0x00000046))
+
+//
+// MessageId: TPM_E_CONTEXT_GAP
+//
+// MessageText:
+//
+// The gap between saved context counts is too large
+//
+#define TPM_E_CONTEXT_GAP ((UINT32)(TPM_E_BASE + 0x00000047))
+
+//
+// MessageId: TPM_E_MAXNVWRITES
+//
+// MessageText:
+//
+// The maximum number of NV writes without an owner has been exceeded
+//
+#define TPM_E_MAXNVWRITES ((UINT32)(TPM_E_BASE + 0x00000048))
+
+//
+// MessageId: TPM_E_NOOPERATOR
+//
+// MessageText:
+//
+// No operator AuthData value is set
+//
+#define TPM_E_NOOPERATOR ((UINT32)(TPM_E_BASE + 0x00000049))
+
+//
+// MessageId: TPM_E_RESOURCEMISSING
+//
+// MessageText:
+//
+// The resource pointed to by context is not loaded
+//
+#define TPM_E_RESOURCEMISSING ((UINT32)(TPM_E_BASE + 0x0000004a))
+
+//
+// MessageId: TPM_E_DELEGATE_LOCK
+//
+// MessageText:
+//
+// The delegate administration is locked
+//
+#define TPM_E_DELEGATE_LOCK ((UINT32)(TPM_E_BASE + 0x0000004b))
+
+//
+// MessageId: TPM_E_DELEGATE_FAMILY
+//
+// MessageText:
+//
+// Attempt to manage a family other then the delegated family
+//
+#define TPM_E_DELEGATE_FAMILY ((UINT32)(TPM_E_BASE + 0x0000004c))
+
+//
+// MessageId: TPM_E_DELEGATE_ADMIN
+//
+// MessageText:
+//
+// Delegation table management not enabled
+//
+#define TPM_E_DELEGATE_ADMIN ((UINT32)(TPM_E_BASE + 0x0000004d))
+
+//
+// MessageId: TPM_E_TRANSPORT_NOTEXCLUSIVE
+//
+// MessageText:
+//
+// There was a command executed outside of an exclusive transport session
+//
+#define TPM_E_TRANSPORT_NOTEXCLUSIVE ((UINT32)(TPM_E_BASE + 0x0000004e))
+
+//
+// MessageId: TPM_E_OWNER_CONTROL
+//
+// MessageText:
+//
+// Attempt to context save a owner evict controlled key
+//
+#define TPM_E_OWNER_CONTROL ((UINT32)(TPM_E_BASE + 0x0000004f))
+
+//
+// MessageId: TPM_E_DAA_RESOURCES
+//
+// MessageText:
+//
+// The DAA command has no resources available to execute the command
+//
+#define TPM_E_DAA_RESOURCES ((UINT32)(TPM_E_BASE + 0x00000050))
+
+//
+// MessageId: TPM_E_DAA_INPUT_DATA0
+//
+// MessageText:
+//
+// The consistency check on DAA parameter inputData0 has failed.
+//
+#define TPM_E_DAA_INPUT_DATA0 ((UINT32)(TPM_E_BASE + 0x00000051))
+
+//
+// MessageId: TPM_E_DAA_INPUT_DATA1
+//
+// MessageText:
+//
+// The consistency check on DAA parameter inputData1 has failed.
+//
+#define TPM_E_DAA_INPUT_DATA1 ((UINT32)(TPM_E_BASE + 0x00000052))
+
+//
+// MessageId: TPM_E_DAA_ISSUER_SETTINGS
+//
+// MessageText:
+//
+// The consistency check on DAA_issuerSettings has failed.
+//
+#define TPM_E_DAA_ISSUER_SETTINGS ((UINT32)(TPM_E_BASE + 0x00000053))
+
+//
+// MessageId: TPM_E_DAA_TPM_SETTINGS
+//
+// MessageText:
+//
+// The consistency check on DAA_tpmSpecific has failed.
+//
+#define TPM_E_DAA_TPM_SETTINGS ((UINT32)(TPM_E_BASE + 0x00000054))
+
+//
+// MessageId: TPM_E_DAA_STAGE
+//
+// MessageText:
+//
+// The atomic process indicated by the submitted DAA command is not
+// the expected process.
+//
+#define TPM_E_DAA_STAGE ((UINT32)(TPM_E_BASE + 0x00000055))
+
+//
+// MessageId: TPM_E_DAA_ISSUER_VALIDITY
+//
+// MessageText:
+//
+// The issuer's validity check has detected an inconsistency
+//
+#define TPM_E_DAA_ISSUER_VALIDITY ((UINT32)(TPM_E_BASE + 0x00000056))
+
+//
+// MessageId: TPM_E_DAA_WRONG_W
+//
+// MessageText:
+//
+// The consistency check on w has failed.
+//
+#define TPM_E_DAA_WRONG_W ((UINT32)(TPM_E_BASE + 0x00000057))
+
+//
+// MessageId: TPM_E_BAD_HANDLE
+//
+// MessageText:
+//
+// The handle is incorrect
+//
+#define TPM_E_BAD_HANDLE ((UINT32)(TPM_E_BASE + 0x00000058))
+
+//
+// MessageId: TPM_E_BAD_DELEGATE
+//
+// MessageText:
+//
+// Delegation is not correct
+//
+#define TPM_E_BAD_DELEGATE ((UINT32)(TPM_E_BASE + 0x00000059))
+
+//
+// MessageId: TPM_E_BADCONTEXT
+//
+// MessageText:
+//
+// The context blob is invalid
+//
+#define TPM_E_BADCONTEXT ((UINT32)(TPM_E_BASE + 0x0000005a))
+
+//
+// MessageId: TPM_E_TOOMANYCONTEXTS
+//
+// MessageText:
+//
+// Too many contexts held by the TPM
+//
+#define TPM_E_TOOMANYCONTEXTS ((UINT32)(TPM_E_BASE + 0x0000005b))
+
+//
+// MessageId: TPM_E_MA_TICKET_SIGNATURE
+//
+// MessageText:
+//
+// Migration authority signature validation failure
+//
+#define TPM_E_MA_TICKET_SIGNATURE ((UINT32)(TPM_E_BASE + 0x0000005c))
+
+//
+// MessageId: TPM_E_MA_DESTINATION
+//
+// MessageText:
+//
+// Migration destination not authenticated
+//
+#define TPM_E_MA_DESTINATION ((UINT32)(TPM_E_BASE + 0x0000005d))
+
+//
+// MessageId: TPM_E_MA_SOURCE
+//
+// MessageText:
+//
+// Migration source incorrect
+//
+#define TPM_E_MA_SOURCE ((UINT32)(TPM_E_BASE + 0x0000005e))
+
+//
+// MessageId: TPM_E_MA_AUTHORITY
+//
+// MessageText:
+//
+// Incorrect migration authority
+//
+#define TPM_E_MA_AUTHORITY ((UINT32)(TPM_E_BASE + 0x0000005f))
+
+//
+// MessageId: TPM_E_PERMANENTEK
+//
+// MessageText:
+//
+// Attempt to revoke the EK and the EK is not revocable
+//
+#define TPM_E_PERMANENTEK ((UINT32)(TPM_E_BASE + 0x00000061))
+
+//
+// MessageId: TPM_E_BAD_SIGNATURE
+//
+// MessageText:
+//
+// Bad signature of CMK ticket
+//
+#define TPM_E_BAD_SIGNATURE ((UINT32)(TPM_E_BASE + 0x00000062))
+
+//
+// MessageId: TPM_E_NOCONTEXTSPACE
+//
+// MessageText:
+//
+// There is no room in the context list for additional contexts
+//
+#define TPM_E_NOCONTEXTSPACE ((UINT32)(TPM_E_BASE + 0x00000063))
+
+
+//
+// MessageId: TPM_E_RETRY
+//
+// MessageText:
+//
+// The TPM is too busy to respond to the command immediately, but the
+// command could be resubmitted at a later time. The TPM MAY return
+// TPM_Retry for any command at any time.
+//
+#define TPM_E_RETRY ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL))
+
+//
+// MessageId: TPM_E_NEEDS_SELFTEST
+//
+// MessageText:
+//
+// SelfTestFull has not been run
+//
+#define TPM_E_NEEDS_SELFTEST ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL + 1))
+
+//
+// MessageId: TPM_E_DOING_SELFTEST
+//
+// MessageText:
+//
+// The TPM is currently executing a full selftest
+//
+#define TPM_E_DOING_SELFTEST ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL + 2))
+
+//
+// MessageId: TPM_E_DEFEND_LOCK_RUNNING
+//
+// MessageText:
+//
+// The TPM is defending against dictionary attacks and is in some
+// time-out period.
+//
+#define TPM_E_DEFEND_LOCK_RUNNING ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL + 3))
+
+#endif /* __TPM_ERROR_H__ */
diff --git a/src/include/tss/tpm_ordinal.h b/src/include/tss/tpm_ordinal.h new file mode 100644 index 0000000..9df9959 --- /dev/null +++ b/src/include/tss/tpm_ordinal.h @@ -0,0 +1,151 @@ +/*
+ * TPM Ordinal definitions extracted from the TPM 1.2 specification, rev 85.
+ */
+
+#ifndef __TPM_ORDINAL_H__
+#define __TPM_ORDINAL_H__
+
+#define TPM_PROTECTED_COMMAND ((UINT32)(0x00000000))
+#define TPM_UNPROTECTED_COMMAND ((UINT32)(0x80000000))
+#define TPM_CONNECTION_COMMAND ((UINT32)(0x40000000))
+#define TPM_VENDOR_COMMAND ((UINT32)(0x20000000))
+
+#define TPM_MAIN ((UINT16)(0x0000))
+#define TPM_PC ((UINT16)(0x0001))
+#define TPM_PDA ((UINT16)(0x0002))
+#define TPM_CELL_PHONE ((UINT16)(0x0003))
+#define TPM_SERVER ((UINT16)(0x0004))
+
+#define TPM_PROTECTED_ORDINAL (TPM_MAIN | TPM_PROTECTED_COMMAND)
+#define TPM_UNPROTECTED_ORDINAL (TPM_MAIN | TPM_UNPROTECTED_COMMAND)
+#define TPM_CONNECTION_ORDINAL (TPM_MAIN | TPM_CONNECTION_COMMAND)
+
+
+#define TPM_ORD_OIAP ((UINT32)0x0000000A)
+#define TPM_ORD_OSAP ((UINT32)0x0000000B)
+#define TPM_ORD_ChangeAuth ((UINT32)0x0000000C)
+#define TPM_ORD_TakeOwnership ((UINT32)0x0000000D)
+#define TPM_ORD_ChangeAuthAsymStart ((UINT32)0x0000000E)
+#define TPM_ORD_ChangeAuthAsymFinish ((UINT32)0x0000000F)
+#define TPM_ORD_ChangeAuthOwner ((UINT32)0x00000010)
+#define TPM_ORD_DSAP ((UINT32)0x00000011)
+#define TPM_ORD_CMK_CreateTicket ((UINT32)0x00000012)
+#define TPM_ORD_CMK_CreateKey ((UINT32)0x00000013)
+#define TPM_ORD_Extend ((UINT32)0x00000014)
+#define TPM_ORD_PcrRead ((UINT32)0x00000015)
+#define TPM_ORD_Quote ((UINT32)0x00000016)
+#define TPM_ORD_Seal ((UINT32)0x00000017)
+#define TPM_ORD_Unseal ((UINT32)0x00000018)
+#define TPM_ORD_DirWriteAuth ((UINT32)0x00000019)
+#define TPM_ORD_DirRead ((UINT32)0x0000001A)
+#define TPM_ORD_CMK_CreateBlob ((UINT32)0x0000001B)
+#define TPM_ORD_CMK_SetRestrictions ((UINT32)0x0000001C)
+#define TPM_ORD_CMK_ApproveMA ((UINT32)0x0000001D)
+#define TPM_ORD_UnBind ((UINT32)0x0000001E)
+#define TPM_ORD_CreateWrapKey ((UINT32)0x0000001F)
+#define TPM_ORD_LoadKey ((UINT32)0x00000020)
+#define TPM_ORD_GetPubKey ((UINT32)0x00000021)
+#define TPM_ORD_EvictKey ((UINT32)0x00000022)
+#define TPM_ORD_KeyControlOwner ((UINT32)0x00000023)
+#define TPM_ORD_CMK_ConvertMigration ((UINT32)0x00000024)
+#define TPM_ORD_MigrateKey ((UINT32)0x00000025)
+#define TPM_ORD_CreateMigrationBlob ((UINT32)0x00000028)
+#define TPM_ORD_DAA_Join ((UINT32)0x00000029)
+#define TPM_ORD_ConvertMigrationBlob ((UINT32)0x0000002A)
+#define TPM_ORD_AuthorizeMigrationKey ((UINT32)0x0000002B)
+#define TPM_ORD_CreateMaintenanceArchive ((UINT32)0x0000002C)
+#define TPM_ORD_LoadMaintenanceArchive ((UINT32)0x0000002D)
+#define TPM_ORD_KillMaintenanceFeature ((UINT32)0x0000002E)
+#define TPM_ORD_LoadManuMaintPub ((UINT32)0x0000002F)
+#define TPM_ORD_ReadManuMaintPub ((UINT32)0x00000030)
+#define TPM_ORD_DAA_Sign ((UINT32)0x00000031)
+#define TPM_ORD_CertifyKey ((UINT32)0x00000032)
+#define TPM_ORD_CertifyKey2 ((UINT32)0x00000033)
+#define TPM_ORD_Sign ((UINT32)0x0000003C)
+#define TPM_ORD_Sealx ((UINT32)0x0000003D)
+#define TPM_ORD_Quote2 ((UINT32)0x0000003E)
+#define TPM_ORD_SetCapability ((UINT32)0x0000003F)
+#define TPM_ORD_ResetLockValue ((UINT32)0x00000040)
+#define TPM_ORD_LoadKey2 ((UINT32)0x00000041)
+#define TPM_ORD_GetRandom ((UINT32)0x00000046)
+#define TPM_ORD_StirRandom ((UINT32)0x00000047)
+#define TPM_ORD_SelfTestFull ((UINT32)0x00000050)
+#define TPM_ORD_CertifySelfTest ((UINT32)0x00000052)
+#define TPM_ORD_ContinueSelfTest ((UINT32)0x00000053)
+#define TPM_ORD_GetTestResult ((UINT32)0x00000054)
+#define TPM_ORD_Reset ((UINT32)0x0000005A)
+#define TPM_ORD_OwnerClear ((UINT32)0x0000005B)
+#define TPM_ORD_DisableOwnerClear ((UINT32)0x0000005C)
+#define TPM_ORD_ForceClear ((UINT32)0x0000005D)
+#define TPM_ORD_DisableForceClear ((UINT32)0x0000005E)
+#define TPM_ORD_GetCapabilitySigned ((UINT32)0x00000064)
+#define TPM_ORD_GetCapability ((UINT32)0x00000065)
+#define TPM_ORD_GetCapabilityOwner ((UINT32)0x00000066)
+#define TPM_ORD_OwnerSetDisable ((UINT32)0x0000006E)
+#define TPM_ORD_PhysicalEnable ((UINT32)0x0000006F)
+#define TPM_ORD_PhysicalDisable ((UINT32)0x00000070)
+#define TPM_ORD_SetOwnerInstall ((UINT32)0x00000071)
+#define TPM_ORD_PhysicalSetDeactivated ((UINT32)0x00000072)
+#define TPM_ORD_SetTempDeactivated ((UINT32)0x00000073)
+#define TPM_ORD_SetOperatorAuth ((UINT32)0x00000074)
+#define TPM_ORD_SetOwnerPointer ((UINT32)0x00000075)
+#define TPM_ORD_CreateEndorsementKeyPair ((UINT32)0x00000078)
+#define TPM_ORD_MakeIdentity ((UINT32)0x00000079)
+#define TPM_ORD_ActivateIdentity ((UINT32)0x0000007A)
+#define TPM_ORD_ReadPubek ((UINT32)0x0000007C)
+#define TPM_ORD_OwnerReadPubek ((UINT32)0x0000007D)
+#define TPM_ORD_DisablePubekRead ((UINT32)0x0000007E)
+#define TPM_ORD_CreateRevocableEK ((UINT32)0x0000007F)
+#define TPM_ORD_RevokeTrust ((UINT32)0x00000080)
+#define TPM_ORD_OwnerReadInternalPub ((UINT32)0x00000081)
+#define TPM_ORD_GetAuditEvent ((UINT32)0x00000082)
+#define TPM_ORD_GetAuditEventSigned ((UINT32)0x00000083)
+#define TPM_ORD_GetAuditDigest ((UINT32)0x00000085)
+#define TPM_ORD_GetAuditDigestSigned ((UINT32)0x00000086)
+#define TPM_ORD_GetOrdinalAuditStatus ((UINT32)0x0000008C)
+#define TPM_ORD_SetOrdinalAuditStatus ((UINT32)0x0000008D)
+#define TPM_ORD_Terminate_Handle ((UINT32)0x00000096)
+#define TPM_ORD_Init ((UINT32)0x00000097)
+#define TPM_ORD_SaveState ((UINT32)0x00000098)
+#define TPM_ORD_Startup ((UINT32)0x00000099)
+#define TPM_ORD_SetRedirection ((UINT32)0x0000009A)
+#define TPM_ORD_SHA1Start ((UINT32)0x000000A0)
+#define TPM_ORD_SHA1Update ((UINT32)0x000000A1)
+#define TPM_ORD_SHA1Complete ((UINT32)0x000000A2)
+#define TPM_ORD_SHA1CompleteExtend ((UINT32)0x000000A3)
+#define TPM_ORD_FieldUpgrade ((UINT32)0x000000AA)
+#define TPM_ORD_SaveKeyContext ((UINT32)0x000000B4)
+#define TPM_ORD_LoadKeyContext ((UINT32)0x000000B5)
+#define TPM_ORD_SaveAuthContext ((UINT32)0x000000B6)
+#define TPM_ORD_LoadAuthContext ((UINT32)0x000000B7)
+#define TPM_ORD_SaveContext ((UINT32)0x000000B8)
+#define TPM_ORD_LoadContext ((UINT32)0x000000B9)
+#define TPM_ORD_FlushSpecific ((UINT32)0x000000BA)
+#define TPM_ORD_PCR_Reset ((UINT32)0x000000C8)
+#define TPM_ORD_NV_DefineSpace ((UINT32)0x000000CC)
+#define TPM_ORD_NV_WriteValue ((UINT32)0x000000CD)
+#define TPM_ORD_NV_WriteValueAuth ((UINT32)0x000000CE)
+#define TPM_ORD_NV_ReadValue ((UINT32)0x000000CF)
+#define TPM_ORD_NV_ReadValueAuth ((UINT32)0x000000D0)
+#define TPM_ORD_Delegate_UpdateVerification ((UINT32)0x000000D1)
+#define TPM_ORD_Delegate_Manage ((UINT32)0x000000D2)
+#define TPM_ORD_Delegate_CreateKeyDelegation ((UINT32)0x000000D4)
+#define TPM_ORD_Delegate_CreateOwnerDelegation ((UINT32)0x000000D5)
+#define TPM_ORD_Delegate_VerifyDelegation ((UINT32)0x000000D6)
+#define TPM_ORD_Delegate_LoadOwnerDelegation ((UINT32)0x000000D8)
+#define TPM_ORD_Delegate_ReadTable ((UINT32)0x000000DB)
+#define TPM_ORD_CreateCounter ((UINT32)0x000000DC)
+#define TPM_ORD_IncrementCounter ((UINT32)0x000000DD)
+#define TPM_ORD_ReadCounter ((UINT32)0x000000DE)
+#define TPM_ORD_ReleaseCounter ((UINT32)0x000000DF)
+#define TPM_ORD_ReleaseCounterOwner ((UINT32)0x000000E0)
+#define TPM_ORD_EstablishTransport ((UINT32)0x000000E6)
+#define TPM_ORD_ExecuteTransport ((UINT32)0x000000E7)
+#define TPM_ORD_ReleaseTransportSigned ((UINT32)0x000000E8)
+#define TPM_ORD_GetTicks ((UINT32)0x000000F1)
+#define TPM_ORD_TickStampBlob ((UINT32)0x000000F2)
+
+#define TSC_ORD_PhysicalPresence ((UINT32)0x4000000A)
+#define TSC_ORD_ResetEstablishmentBit ((UINT32)0x4000000B)
+
+#endif // __TPM_ORDINAL_H__
diff --git a/src/include/tss/tspi.h b/src/include/tss/tspi.h new file mode 100644 index 0000000..1d188f7 --- /dev/null +++ b/src/include/tss/tspi.h @@ -0,0 +1,1198 @@ +#if !defined(_TSPI_H_)
+#define _TSPI_H_
+
+#include <tss/tss_defines.h>
+#include <tss/tss_typedef.h>
+#include <tss/tss_structs.h>
+#include <tss/tss_error.h>
+#include <tss/tss_error_basics.h>
+
+#if !defined( TSPICALL )
+ #if !defined(WIN32) || defined (TSP_STATIC)
+ // Linux, or a Win32 static library
+ #define TSPICALL extern TSS_RESULT
+ #elif defined (TSPDLL_EXPORTS)
+ // Win32 DLL build
+ #define TSPICALL extern __declspec(dllexport) TSS_RESULT
+ #else
+ // Win32 DLL import
+ #define TSPICALL extern __declspec(dllimport) TSS_RESULT
+ #endif
+#endif /* TSPICALL */
+
+#if defined ( __cplusplus )
+extern "C" {
+#endif /* __cplusplus */
+
+
+// Class-independent ASN.1 conversion functions
+TSPICALL Tspi_EncodeDER_TssBlob
+(
+ UINT32 rawBlobSize, // in
+ BYTE* rawBlob, // in
+ UINT32 blobType, // in
+ UINT32* derBlobSize, // in, out
+ BYTE* derBlob // out
+);
+
+TSPICALL Tspi_DecodeBER_TssBlob
+(
+ UINT32 berBlobSize, // in
+ BYTE* berBlob, // in
+ UINT32* blobType, // out
+ UINT32* rawBlobSize, // in, out
+ BYTE* rawBlob // out
+);
+
+
+
+// Common Methods
+TSPICALL Tspi_SetAttribUint32
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32 ulAttrib // in
+);
+
+TSPICALL Tspi_GetAttribUint32
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32* pulAttrib // out
+);
+
+TSPICALL Tspi_SetAttribData
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32 ulAttribDataSize, // in
+ BYTE* rgbAttribData // in
+);
+
+TSPICALL Tspi_GetAttribData
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32* pulAttribDataSize, // out
+ BYTE** prgbAttribData // out
+);
+
+TSPICALL Tspi_ChangeAuth
+(
+ TSS_HOBJECT hObjectToChange, // in
+ TSS_HOBJECT hParentObject, // in
+ TSS_HPOLICY hNewPolicy // in
+);
+
+TSPICALL Tspi_ChangeAuthAsym
+(
+ TSS_HOBJECT hObjectToChange, // in
+ TSS_HOBJECT hParentObject, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_HPOLICY hNewPolicy // in
+);
+
+TSPICALL Tspi_GetPolicyObject
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG policyType, // in
+ TSS_HPOLICY* phPolicy // out
+);
+
+
+
+// Tspi_Context Class Definitions
+TSPICALL Tspi_Context_Create
+(
+ TSS_HCONTEXT* phContext // out
+);
+
+TSPICALL Tspi_Context_Close
+(
+ TSS_HCONTEXT hContext // in
+);
+
+TSPICALL Tspi_Context_Connect
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_UNICODE* wszDestination // in
+);
+
+TSPICALL Tspi_Context_FreeMemory
+(
+ TSS_HCONTEXT hContext, // in
+ BYTE* rgbMemory // in
+);
+
+TSPICALL Tspi_Context_GetDefaultPolicy
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HPOLICY* phPolicy // out
+);
+
+TSPICALL Tspi_Context_CreateObject
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG objectType, // in
+ TSS_FLAG initFlags, // in
+ TSS_HOBJECT* phObject // out
+);
+
+TSPICALL Tspi_Context_CloseObject
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HOBJECT hObject // in
+);
+
+TSPICALL Tspi_Context_GetCapability
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG capArea, // in
+ UINT32 ulSubCapLength, // in
+ BYTE* rgbSubCap, // in
+ UINT32* pulRespDataLength, // out
+ BYTE** prgbRespData // out
+);
+
+TSPICALL Tspi_Context_GetTpmObject
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HTPM* phTPM // out
+);
+
+TSPICALL Tspi_Context_SetTransEncryptionKey
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hKey // in
+);
+
+TSPICALL Tspi_Context_CloseSignTransport
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hSigningKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_Context_LoadKeyByBlob
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hUnwrappingKey, // in
+ UINT32 ulBlobLength, // in
+ BYTE* rgbBlobData, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_LoadKeyByUUID
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidData, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_RegisterKey
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hKey, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidKey, // in
+ TSS_FLAG persistentStorageTypeParent, // in
+ TSS_UUID uuidParentKey // in
+);
+
+TSPICALL Tspi_Context_UnregisterKey
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidKey, // in
+ TSS_HKEY* phkey // out
+);
+
+TSPICALL Tspi_Context_GetKeyByUUID
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidData, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_GetKeyByPublicInfo
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulPublicInfoLength, // in
+ BYTE* rgbPublicInfo, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_GetRegisteredKeysByUUID
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID* pUuidData, // in
+ UINT32* pulKeyHierarchySize, // out
+ TSS_KM_KEYINFO** ppKeyHierarchy // out
+);
+
+TSPICALL Tspi_Context_GetRegisteredKeysByUUID2
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID* pUuidData, // in
+ UINT32* pulKeyHierarchySize, // out
+ TSS_KM_KEYINFO2** ppKeyHierarchy // out
+);
+
+
+// Policy class definitions
+TSPICALL Tspi_Policy_SetSecret
+(
+ TSS_HPOLICY hPolicy, // in
+ TSS_FLAG secretMode, // in
+ UINT32 ulSecretLength, // in
+ BYTE* rgbSecret // in
+);
+
+TSPICALL Tspi_Policy_FlushSecret
+(
+ TSS_HPOLICY hPolicy // in
+);
+
+TSPICALL Tspi_Policy_AssignToObject
+(
+ TSS_HPOLICY hPolicy, // in
+ TSS_HOBJECT hObject // in
+);
+
+
+
+// TPM Class Definitions
+TSPICALL Tspi_TPM_KeyControlOwner
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ UINT32 attribName, // in
+ TSS_BOOL attribValue, // in
+ TSS_UUID* pUuidData // out
+);
+
+TSPICALL Tspi_TPM_CreateEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_CreateRevocableEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ UINT32* pulEkResetDataLength, // in, out
+ BYTE** rgbEkResetData // in, out
+);
+
+TSPICALL Tspi_TPM_RevokeEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulEkResetDataLength, // in
+ BYTE* rgbEkResetData // in
+);
+
+TSPICALL Tspi_TPM_GetPubEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_BOOL fOwnerAuthorized, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ TSS_HKEY* phEndorsementPubKey // out
+);
+
+TSPICALL Tspi_TPM_OwnerGetSRKPubKey
+(
+ TSS_HTPM hTPM, // in
+ UINT32* pulPubKeyLength, // out
+ BYTE** prgbPubKey // out
+);
+
+TSPICALL Tspi_TPM_TakeOwnership
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKeySRK, // in
+ TSS_HKEY hEndorsementPubKey // in
+);
+
+TSPICALL Tspi_TPM_ClearOwner
+(
+ TSS_HTPM hTPM, // in
+ TSS_BOOL fForcedClear // in
+);
+
+TSPICALL Tspi_TPM_CollateIdentityRequest
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKeySRK, // in
+ TSS_HKEY hCAPubKey, // in
+ UINT32 ulIdentityLabelLength, // in
+ BYTE* rgbIdentityLabelData, // in
+ TSS_HKEY hIdentityKey, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32* pulTCPAIdentityReqLength, // out
+ BYTE** prgbTCPAIdentityReq // out
+);
+
+TSPICALL Tspi_TPM_ActivateIdentity
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hIdentKey, // in
+ UINT32 ulAsymCAContentsBlobLength, // in
+ BYTE* rgbAsymCAContentsBlob, // in
+ UINT32 ulSymCAAttestationBlobLength, // in
+ BYTE* rgbSymCAAttestationBlob, // in
+ UINT32* pulCredentialLength, // out
+ BYTE** prgbCredential // out
+);
+
+TSPICALL Tspi_TPM_CreateMaintenanceArchive
+(
+ TSS_HTPM hTPM, // in
+ TSS_BOOL fGenerateRndNumber, // in
+ UINT32* pulRndNumberLength, // out
+ BYTE** prgbRndNumber, // out
+ UINT32* pulArchiveDataLength, // out
+ BYTE** prgbArchiveData // out
+);
+
+TSPICALL Tspi_TPM_KillMaintenanceFeature
+(
+ TSS_HTPM hTPM // in
+);
+
+TSPICALL Tspi_TPM_LoadMaintenancePubKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hMaintenanceKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_CheckMaintenancePubKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hMaintenanceKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_SetOperatorAuth
+(
+ TSS_HTPM hTPM, // in
+ TSS_HPOLICY hOperatorPolicy // in
+);
+
+TSPICALL Tspi_TPM_SetStatus
+(
+ TSS_HTPM hTPM, // in
+ TSS_FLAG statusFlag, // in
+ TSS_BOOL fTpmState // in
+);
+
+TSPICALL Tspi_TPM_GetStatus
+(
+ TSS_HTPM hTPM, // in
+ TSS_FLAG statusFlag, // in
+ TSS_BOOL* pfTpmState // out
+);
+
+TSPICALL Tspi_TPM_GetCapability
+(
+ TSS_HTPM hTPM, // in
+ TSS_FLAG capArea, // in
+ UINT32 ulSubCapLength, // in
+ BYTE* rgbSubCap, // in
+ UINT32* pulRespDataLength, // out
+ BYTE** prgbRespData // out
+);
+
+TSPICALL Tspi_TPM_GetCapabilitySigned
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_FLAG capArea, // in
+ UINT32 ulSubCapLength, // in
+ BYTE* rgbSubCap, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ UINT32* pulRespDataLength, // out
+ BYTE** prgbRespData // out
+);
+
+TSPICALL Tspi_TPM_SelfTestFull
+(
+ TSS_HTPM hTPM // in
+);
+
+TSPICALL Tspi_TPM_CertifySelfTest
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_GetTestResult
+(
+ TSS_HTPM hTPM, // in
+ UINT32* pulTestResultLength, // out
+ BYTE** prgbTestResult // out
+);
+
+TSPICALL Tspi_TPM_GetRandom
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulRandomDataLength, // in
+ BYTE** prgbRandomData // out
+);
+
+TSPICALL Tspi_TPM_StirRandom
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulEntropyDataLength, // in
+ BYTE* rgbEntropyData // in
+);
+
+TSPICALL Tspi_TPM_GetEvent
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulEventNumber, // in
+ TSS_PCR_EVENT* pPcrEvent // out
+);
+
+TSPICALL Tspi_TPM_GetEvents
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulStartNumber, // in
+ UINT32* pulEventNumber, // in, out
+ TSS_PCR_EVENT** prgPcrEvents // out
+);
+
+TSPICALL Tspi_TPM_GetEventLog
+(
+ TSS_HTPM hTPM, // in
+ UINT32* pulEventNumber, // out
+ TSS_PCR_EVENT** prgPcrEvents // out
+);
+
+TSPICALL Tspi_TPM_Quote
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_HPCRS hPcrComposite, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_Quote2
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_BOOL fAddVersion, // in
+ TSS_HPCRS hPcrComposite, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ UINT32* versionInfoSize, // out
+ BYTE** versionInfo // out
+);
+
+TSPICALL Tspi_TPM_PcrExtend
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulPcrDataLength, // in
+ BYTE* pbPcrData, // in
+ TSS_PCR_EVENT* pPcrEvent, // in
+ UINT32* pulPcrValueLength, // out
+ BYTE** prgbPcrValue // out
+);
+
+TSPICALL Tspi_TPM_PcrRead
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32* pulPcrValueLength, // out
+ BYTE** prgbPcrValue // out
+);
+
+TSPICALL Tspi_TPM_PcrReset
+(
+ TSS_HTPM hTPM, // in
+ TSS_HPCRS hPcrComposite // in
+);
+
+TSPICALL Tspi_TPM_AuthorizeMigrationTicket
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hMigrationKey, // in
+ TSS_MIGRATE_SCHEME migrationScheme, // in
+ UINT32* pulMigTicketLength, // out
+ BYTE** prgbMigTicket // out
+);
+
+TSPICALL Tspi_TPM_CMKSetRestrictions
+(
+ TSS_HTPM hTPM, // in
+ TSS_CMK_DELEGATE CmkDelegate // in
+);
+
+TSPICALL Tspi_TPM_CMKApproveMA
+(
+ TSS_HTPM hTPM, // in
+ TSS_HMIGDATA hMaAuthData // in
+);
+
+TSPICALL Tspi_TPM_CMKCreateTicket
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hVerifyKey, // in
+ TSS_HMIGDATA hSigData // in
+);
+
+TSPICALL Tspi_TPM_ReadCounter
+(
+ TSS_HTPM hTPM, // in
+ UINT32* counterValue // out
+);
+
+TSPICALL Tspi_TPM_ReadCurrentTicks
+(
+ TSS_HTPM hTPM, // in
+ TPM_CURRENT_TICKS* tickCount // out
+);
+
+TSPICALL Tspi_TPM_DirWrite
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulDirIndex, // in
+ UINT32 ulDirDataLength, // in
+ BYTE* rgbDirData // in
+);
+
+TSPICALL Tspi_TPM_DirRead
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulDirIndex, // in
+ UINT32* pulDirDataLength, // out
+ BYTE** prgbDirData // out
+);
+
+TSPICALL Tspi_TPM_Delegate_AddFamily
+(
+ TSS_HTPM hTPM, // in, must not be NULL
+ BYTE bLabel, // in
+ TSS_HDELFAMILY* phFamily // out
+);
+
+TSPICALL Tspi_TPM_Delegate_GetFamily
+(
+ TSS_HTPM hTPM, // in, must not NULL
+ UINT32 ulFamilyID, // in
+ TSS_HDELFAMILY* phFamily // out
+);
+
+TSPICALL Tspi_TPM_Delegate_InvalidateFamily
+(
+ TSS_HTPM hTPM, // in, must not be NULL
+ TSS_HDELFAMILY hFamily // in
+);
+
+TSPICALL Tspi_TPM_Delegate_CreateDelegation
+(
+ TSS_HOBJECT hObject, // in
+ BYTE bLabel, // in
+ UINT32 ulFlags, // in
+ TSS_HPCRS hPcr, // in, may be NULL
+ TSS_HDELFAMILY hFamily, // in
+ TSS_HPOLICY hDelegation // in, out
+);
+
+TSPICALL Tspi_TPM_Delegate_CacheOwnerDelegation
+(
+ TSS_HTPM hTPM, // in, must not be NULL
+ TSS_HPOLICY hDelegation, // in, out
+ UINT32 ulIndex, // in
+ UINT32 ulFlags // in
+);
+
+TSPICALL Tspi_TPM_Delegate_UpdateVerificationCount
+(
+ TSS_HTPM hTPM, // in
+ TSS_HPOLICY hDelegation // in, out
+);
+
+TSPICALL Tspi_TPM_Delegate_VerifyDelegation
+(
+ TSS_HPOLICY hDelegation // in, out
+);
+
+TSPICALL Tspi_TPM_Delegate_ReadTables
+(
+ TSS_HCONTEXT hContext, // in
+ UINT32* pulFamilyTableSize, // out
+ TSS_FAMILY_TABLE_ENTRY** ppFamilyTable, // out
+ UINT32* pulDelegateTableSize, // out
+ TSS_DELEGATION_TABLE_ENTRY** ppDelegateTable // out
+);
+
+TSPICALL Tspi_TPM_DAA_JoinInit
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ UINT32 daaCounter, // in
+ UINT32 issuerAuthPKsLength, // in
+ TSS_HKEY* issuerAuthPKs, // in
+ UINT32 issuerAuthPKSignaturesLength, // in
+ UINT32 issuerAuthPKSignaturesLength2, // in
+ BYTE** issuerAuthPKSignatures, // in
+ UINT32* capitalUprimeLength, // out
+ BYTE** capitalUprime, // out
+ TSS_DAA_IDENTITY_PROOF** identityProof, // out
+ UINT32* joinSessionLength, // out
+ BYTE** joinSession // out
+);
+
+TSPICALL Tspi_TPM_DAA_JoinCreateDaaPubKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ UINT32 authenticationChallengeLength, // in
+ BYTE* authenticationChallenge, // in
+ UINT32 nonceIssuerLength, // in
+ BYTE* nonceIssuer, // in
+ UINT32 attributesPlatformLength, // in
+ UINT32 attributesPlatformLength2, // in
+ BYTE** attributesPlatform, // in
+ UINT32 joinSessionLength, // in
+ BYTE* joinSession, // in
+ TSS_DAA_CREDENTIAL_REQUEST** credentialRequest // out
+);
+
+TSPICALL Tspi_TPM_DAA_JoinStoreCredential
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_DAA_CRED_ISSUER* credIssuer, // in
+ UINT32 joinSessionLength, // in
+ BYTE* joinSession // in
+);
+
+TSPICALL Tspi_TPM_DAA_Sign
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_HDAA_ARA_KEY hARAKey, // in
+ TSS_DAA_SELECTED_ATTRIB* revealAttributes, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ TSS_HOBJECT signData, // in
+ TSS_DAA_SIGNATURE** daaSignature // out
+);
+
+TSPICALL Tspi_TPM_GetAuditDigest
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_BOOL closeAudit, // in
+ UINT32* pulAuditDigestSize, // out
+ BYTE** prgbAuditDigest, // out
+ TPM_COUNTER_VALUE* pCounterValue, // out
+ TSS_VALIDATION* pValidationData, // out
+ UINT32* ordSize, // out
+ UINT32** ordList // out
+);
+
+
+
+// PcrComposite Class Definitions
+TSPICALL Tspi_PcrComposite_SelectPcrIndex
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex // in
+);
+
+TSPICALL Tspi_PcrComposite_SelectPcrIndexEx
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 direction // in
+);
+
+TSPICALL Tspi_PcrComposite_SetPcrValue
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulPcrValueLength, // in
+ BYTE* rgbPcrValue // in
+);
+
+TSPICALL Tspi_PcrComposite_GetPcrValue
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex, // in
+ UINT32* pulPcrValueLength, // out
+ BYTE** prgbPcrValue // out
+);
+
+TSPICALL Tspi_PcrComposite_SetPcrLocality
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 LocalityValue // in
+);
+
+TSPICALL Tspi_PcrComposite_GetPcrLocality
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32* pLocalityValue // out
+);
+
+TSPICALL Tspi_PcrComposite_GetCompositeHash
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32* pLen, // in
+ BYTE** ppbHashData // out
+);
+
+
+
+// Key Class Definition
+TSPICALL Tspi_Key_LoadKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hUnwrappingKey // in
+);
+
+TSPICALL Tspi_Key_UnloadKey
+(
+ TSS_HKEY hKey // in
+);
+
+TSPICALL Tspi_Key_GetPubKey
+(
+ TSS_HKEY hKey, // in
+ UINT32* pulPubKeyLength, // out
+ BYTE** prgbPubKey // out
+);
+
+TSPICALL Tspi_Key_CertifyKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hCertifyingKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_Key_CreateKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hWrappingKey, // in
+ TSS_HPCRS hPcrComposite // in, may be NULL
+);
+
+TSPICALL Tspi_Key_WrapKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hWrappingKey, // in
+ TSS_HPCRS hPcrComposite // in, may be NULL
+);
+
+TSPICALL Tspi_Key_CreateMigrationBlob
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ UINT32 ulMigTicketLength, // in
+ BYTE* rgbMigTicket, // in
+ UINT32* pulRandomLength, // out
+ BYTE** prgbRandom, // out
+ UINT32* pulMigrationBlobLength, // out
+ BYTE** prgbMigrationBlob // out
+);
+
+TSPICALL Tspi_Key_ConvertMigrationBlob
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ UINT32 ulRandomLength, // in
+ BYTE* rgbRandom, // in
+ UINT32 ulMigrationBlobLength, // in
+ BYTE* rgbMigrationBlob // in
+);
+
+TSPICALL Tspi_Key_MigrateKey
+(
+ TSS_HKEY hMaKey, // in
+ TSS_HKEY hPublicKey, // in
+ TSS_HKEY hMigData // in
+);
+
+TSPICALL Tspi_Key_CMKCreateBlob
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ TSS_HMIGDATA hMigrationData, // in
+ UINT32* pulRandomLength, // out
+ BYTE** prgbRandom // out
+);
+
+TSPICALL Tspi_Key_CMKConvertMigration
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ TSS_HMIGDATA hMigrationData, // in
+ UINT32 ulRandomLength, // in
+ BYTE* rgbRandom // in
+);
+
+
+
+// Hash Class Definition
+TSPICALL Tspi_Hash_Sign
+(
+ TSS_HHASH hHash, // in
+ TSS_HKEY hKey, // in
+ UINT32* pulSignatureLength, // out
+ BYTE** prgbSignature // out
+);
+
+TSPICALL Tspi_Hash_VerifySignature
+(
+ TSS_HHASH hHash, // in
+ TSS_HKEY hKey, // in
+ UINT32 ulSignatureLength, // in
+ BYTE* rgbSignature // in
+);
+
+TSPICALL Tspi_Hash_SetHashValue
+(
+ TSS_HHASH hHash, // in
+ UINT32 ulHashValueLength, // in
+ BYTE* rgbHashValue // in
+);
+
+TSPICALL Tspi_Hash_GetHashValue
+(
+ TSS_HHASH hHash, // in
+ UINT32* pulHashValueLength, // out
+ BYTE** prgbHashValue // out
+);
+
+TSPICALL Tspi_Hash_UpdateHashValue
+(
+ TSS_HHASH hHash, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbData // in
+);
+
+TSPICALL Tspi_Hash_TickStampBlob
+(
+ TSS_HHASH hHash, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_VALIDATION* pValidationData // in
+);
+
+
+
+// EncData Class Definition
+TSPICALL Tspi_Data_Bind
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hEncKey, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToBind // in
+);
+
+TSPICALL Tspi_Data_Unbind
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hKey, // in
+ UINT32* pulUnboundDataLength, // out
+ BYTE** prgbUnboundData // out
+);
+
+TSPICALL Tspi_Data_Seal
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hEncKey, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToSeal, // in
+ TSS_HPCRS hPcrComposite // in
+);
+
+TSPICALL Tspi_Data_Unseal
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hKey, // in
+ UINT32* pulUnsealedDataLength, // out
+ BYTE** prgbUnsealedData // out
+);
+
+
+
+// NV Class Definition
+TSPICALL Tspi_NV_DefineSpace
+(
+ TSS_HNVSTORE hNVStore, // in
+ TSS_HPCRS hReadPcrComposite, // in, may be NULL
+ TSS_HPCRS hWritePcrComposite // in, may be NULL
+);
+
+TSPICALL Tspi_NV_ReleaseSpace
+(
+ TSS_HNVSTORE hNVStore // in
+);
+
+TSPICALL Tspi_NV_WriteValue
+(
+ TSS_HNVSTORE hNVStore, // in
+ UINT32 offset, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToWrite // in
+);
+
+TSPICALL Tspi_NV_ReadValue
+(
+ TSS_HNVSTORE hNVStore, // in
+ UINT32 offset, // in
+ UINT32* ulDataLength, // in, out
+ BYTE** rgbDataRead // out
+);
+
+
+// DAA Utility functions (optional, do not require a TPM or TCS)
+TSPICALL Tspi_DAA_IssuerKeyVerify
+(
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_BOOL* isCorrect // out
+);
+
+TSPICALL Tspi_DAA_Issuer_GenerateKey
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ UINT32 issuerBaseNameLength, // in
+ BYTE* issuerBaseName // in
+);
+
+TSPICALL Tspi_DAA_Issuer_InitCredential
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_HKEY issuerAuthPK, // in
+ TSS_DAA_IDENTITY_PROOF* identityProof, // in
+ UINT32 capitalUprimeLength, // in
+ BYTE* capitalUprime, // in
+ UINT32 daaCounter, // in
+ UINT32* nonceIssuerLength, // out
+ BYTE** nonceIssuer, // out
+ UINT32* authenticationChallengeLength, // out
+ BYTE** authenticationChallenge, // out
+ UINT32* joinSessionLength, // out
+ BYTE** joinSession // out
+);
+
+TSPICALL Tspi_DAA_Issuer_IssueCredential
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_DAA_CREDENTIAL_REQUEST* credentialRequest, // in
+ UINT32 issuerJoinSessionLength, // in
+ BYTE* issuerJoinSession, // in
+ TSS_DAA_CRED_ISSUER** credIssuer // out
+);
+
+TSPICALL Tspi_DAA_Verifier_Init
+(
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ UINT32* nonceVerifierLength, // out
+ BYTE** nonceVerifier, // out
+ UINT32* baseNameLength, // out
+ BYTE** baseName // out
+);
+
+TSPICALL Tspi_DAA_VerifySignature
+(
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_HDAA_ARA_KEY hARAKey, // in
+ TSS_HHASH hARACondition, // in
+ UINT32 attributesLength, // in
+ UINT32 attributesLength2, // in
+ BYTE** attributes, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ TSS_HOBJECT signData, // in
+ TSS_DAA_SIGNATURE* daaSignature, // in
+ TSS_BOOL* isCorrect // out
+);
+
+TSPICALL Tspi_DAA_ARA_GenerateKey
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_HDAA_ARA_KEY hARAKey // in
+);
+
+TSPICALL Tspi_DAA_ARA_RevokeAnonymity
+(
+ TSS_HDAA_ARA_KEY hARAKey, // in
+ TSS_HHASH hARACondition, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_DAA_PSEUDONYM_ENCRYPTED* encryptedPseudonym, // in
+ TSS_DAA_PSEUDONYM_PLAIN** pseudonym // out
+);
+
+
+
+// Callback typedefs
+typedef TSS_RESULT (*Tspicb_CallbackHMACAuth)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hAuthorizedObject, // in
+ TSS_BOOL ReturnOrVerify, // in
+ UINT32 ulPendingFunction, // in
+ TSS_BOOL ContinueUse, // in
+ UINT32 ulSizeNonces, // in
+ BYTE* rgbNonceEven, // in
+ BYTE* rgbNonceOdd, // in
+ BYTE* rgbNonceEvenOSAP, // in
+ BYTE* rgbNonceOddOSAP, // in
+ UINT32 ulSizeDigestHmac, // in
+ BYTE* rgbParamDigest, // in
+ BYTE* rgbHmacData // in, out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackXorEnc)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hOSAPObject, // in
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG PurposeSecret, // in
+ UINT32 ulSizeNonces, // in
+ BYTE* rgbNonceEven, // in
+ BYTE* rgbNonceOdd, // in
+ BYTE* rgbNonceEvenOSAP, // in
+ BYTE* rgbNonceOddOSAP, // in
+ UINT32 ulSizeEncAuth, // in
+ BYTE* rgbEncAuthUsage, // out
+ BYTE* rgbEncAuthMigration // out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackTakeOwnership)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hObject, // in
+ TSS_HKEY hObjectPubKey, // in
+ UINT32 ulSizeEncAuth, // in
+ BYTE* rgbEncAuth // out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackSealxMask)
+(
+ PVOID lpAppData, // in
+ TSS_HKEY hKey, // in
+ TSS_HENCDATA hEncData, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulSizeNonces, // in
+ BYTE* rgbNonceEven, // in
+ BYTE* rgbNonceOdd, // in
+ BYTE* rgbNonceEvenOSAP, // in
+ BYTE* rgbNonceOddOSAP, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToMask, // in
+ BYTE* rgbMaskedData // out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackChangeAuthAsym)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hObject, // in
+ TSS_HKEY hObjectPubKey, // in
+ UINT32 ulSizeEncAuth, // in
+ UINT32 ulSizeAuthLink, // in
+ BYTE* rgbEncAuth, // out
+ BYTE* rgbAuthLink // out
+);
+
+typedef TSS_RESULT (*Tspicb_CollateIdentity)
+(
+ PVOID lpAppData, // in
+ UINT32 ulTCPAPlainIdentityProofLength, // in
+ BYTE* rgbTCPAPlainIdentityProof, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulSessionKeyLength, // out
+ BYTE* rgbSessionKey, // out
+ UINT32* pulTCPAIdentityProofLength, // out
+ BYTE* rgbTCPAIdentityProof // out
+);
+
+
+typedef TSS_RESULT (*Tspicb_ActivateIdentity)
+(
+ PVOID lpAppData, // in
+ UINT32 ulSessionKeyLength, // in
+ BYTE* rgbSessionKey, // in
+ UINT32 ulSymCAAttestationBlobLength, // in
+ BYTE* rgbSymCAAttestationBlob, // in
+ UINT32* pulCredentialLength, // out
+ BYTE* rgbCredential // out
+);
+
+
+typedef TSS_RESULT (*Tspicb_DAA_Sign)
+(
+ PVOID lpAppData, // in
+ TSS_HDAA_ISSUER_KEY daaPublicKey, // in
+ UINT32 gammasLength, // in
+ BYTE** gammas, // in
+ UINT32 attributesLength, // in
+ BYTE** attributes, // in
+ UINT32 randomAttributesLength, // in
+ BYTE** randomAttributes, // in
+ UINT32 attributeCommitmentsLength,// in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments, // in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitmentsProof, // in
+ TSS_DAA_PSEUDONYM_PLAIN* pseudonym, // in
+ TSS_DAA_PSEUDONYM_PLAIN* pseudonymTilde, // in
+ TSS_DAA_PSEUDONYM_ENCRYPTED* pseudonymEncrypted, // in
+ TSS_DAA_PSEUDONYM_ENCRYPTED* pseudonymEncProof, // in
+ TSS_DAA_SIGN_CALLBACK** additionalProof // out
+);
+
+typedef TSS_RESULT (*Tspicb_DAA_VerifySignature)
+(
+ PVOID lpAppData, // in
+ UINT32 challengeLength, // in
+ BYTE* challenge, // in
+ TSS_DAA_SIGN_CALLBACK* additionalProof, // in
+ TSS_HDAA_ISSUER_KEY daaPublicKey, // in
+ UINT32 gammasLength, // in
+ BYTE** gammas, // in
+ UINT32 sAttributesLength, // in
+ BYTE** sAttributes, // in
+ UINT32 attributeCommitmentsLength,// in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments, // in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitmentsProof, // in
+ UINT32 zetaLength, // in
+ BYTE* zeta, // in
+ UINT32 sFLength, // in
+ BYTE* sF, // in
+ TSS_DAA_PSEUDONYM* pseudonym, // in
+ TSS_DAA_PSEUDONYM* pseudonymProof, // in
+ TSS_BOOL* isCorrect // out
+);
+
+
+#if defined ( __cplusplus )
+}
+#endif /* __cplusplus */
+
+
+#endif /* _TSPI_H_ */
diff --git a/src/include/tss/tss_defines.h b/src/include/tss/tss_defines.h new file mode 100644 index 0000000..a525a6a --- /dev/null +++ b/src/include/tss/tss_defines.h @@ -0,0 +1,1288 @@ +/*++
+
+Global defines for TSS.
+
+--*/
+
+#ifndef __TSS_DEFINES_H__
+#define __TSS_DEFINES_H__
+
+#include <tss/platform.h>
+#include <tss/tpm.h>
+
+
+//////////////////////////////////////////////////////////////////////////
+// Object types:
+//////////////////////////////////////////////////////////////////////////
+
+//
+// definition of the object types that can be created via CreateObject
+//
+#define TSS_OBJECT_TYPE_POLICY (0x01) // Policy object
+#define TSS_OBJECT_TYPE_RSAKEY (0x02) // RSA-Key object
+#define TSS_OBJECT_TYPE_ENCDATA (0x03) // Encrypted data object
+#define TSS_OBJECT_TYPE_PCRS (0x04) // PCR composite object
+#define TSS_OBJECT_TYPE_HASH (0x05) // Hash object
+#define TSS_OBJECT_TYPE_DELFAMILY (0x06) // Delegation Family object
+#define TSS_OBJECT_TYPE_NV (0x07) // NV object
+#define TSS_OBJECT_TYPE_MIGDATA (0x08) // CMK Migration data object
+#define TSS_OBJECT_TYPE_DAA_CERTIFICATE (0x09) // DAA credential
+#define TSS_OBJECT_TYPE_DAA_ISSUER_KEY (0x0a) // DAA cred. issuer keypair
+#define TSS_OBJECT_TYPE_DAA_ARA_KEY (0x0b) // DAA anonymity revocation
+ // authority keypair
+
+
+//////////////////////////////////////////////////////////////////////////
+// CreateObject: Flags
+//////////////////////////////////////////////////////////////////////////
+
+
+//************************************
+// Flags for creating RSAKEY object: *
+//************************************
+
+//
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+// |x x|Auth
+// |x| Volatility
+// |x| Migration
+// |x x x x| Type
+// |x x x x| Size
+// |x x| CMK
+// |x x x| Version
+// |0 0 0 0 0 0 0 0 0| Reserved
+// |x x x x x x| Fixed Type
+//
+
+// Authorization:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Never |0 0|
+// Always |0 1|
+// Private key always |1 0|
+//
+#define TSS_KEY_NO_AUTHORIZATION (0x00000000) // no auth needed
+ // for this key
+#define TSS_KEY_AUTHORIZATION (0x00000001) // key needs auth
+ // for all ops
+#define TSS_KEY_AUTHORIZATION_PRIV_USE_ONLY (0x00000002) // key needs auth
+ // for privkey ops,
+ // noauth for pubkey
+
+//
+// Volatility
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Non Volatile |0|
+// Volatile |1|
+//
+#define TSS_KEY_NON_VOLATILE (0x00000000) // Key is non-volatile
+#define TSS_KEY_VOLATILE (0x00000004) // Key is volatile
+
+//
+// Migration
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Non Migratable |0|
+// Migratable |1|
+//
+#define TSS_KEY_NOT_MIGRATABLE (0x00000000) // key is not migratable
+#define TSS_KEY_MIGRATABLE (0x00000008) // key is migratable
+
+//
+// Usage
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Default (Legacy) |0 0 0 0|
+// Signing |0 0 0 1|
+// Storage |0 0 1 0|
+// Identity |0 0 1 1|
+// AuthChange |0 1 0 0|
+// Bind |0 1 0 1|
+// Legacy |0 1 1 0|
+//
+#define TSS_KEY_TYPE_DEFAULT (0x00000000) // indicate a default key
+ // (Legacy-Key)
+#define TSS_KEY_TYPE_SIGNING (0x00000010) // indicate a signing key
+#define TSS_KEY_TYPE_STORAGE (0x00000020) // used as storage key
+#define TSS_KEY_TYPE_IDENTITY (0x00000030) // indicate an idendity key
+#define TSS_KEY_TYPE_AUTHCHANGE (0x00000040) // indicate an ephemeral key
+#define TSS_KEY_TYPE_BIND (0x00000050) // indicate a key for TPM_Bind
+#define TSS_KEY_TYPE_LEGACY (0x00000060) // indicate a key that can
+ // perform signing and binding
+#define TSS_KEY_TYPE_MIGRATE (0x00000070) // indicate a key that can
+ // act as a CMK MA
+#define TSS_KEY_TYPE_BITMASK (0x000000F0) // mask to extract key type
+
+//
+// Key size
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// DEFAULT |0 0 0 0|
+// 512 |0 0 0 1|
+// 1024 |0 0 1 0|
+// 2048 |0 0 1 1|
+// 4096 |0 1 0 0|
+// 8192 |0 1 0 1|
+// 16384 |0 1 1 0|
+//
+#define TSS_KEY_SIZE_DEFAULT (UINT32)(0x00000000) // indicate tpm-specific size
+#define TSS_KEY_SIZE_512 (UINT32)(0x00000100) // indicate a 512-bit key
+#define TSS_KEY_SIZE_1024 (UINT32)(0x00000200) // indicate a 1024-bit key
+#define TSS_KEY_SIZE_2048 (UINT32)(0x00000300) // indicate a 2048-bit key
+#define TSS_KEY_SIZE_4096 (UINT32)(0x00000400) // indicate a 4096-bit key
+#define TSS_KEY_SIZE_8192 (UINT32)(0x00000500) // indicate a 8192-bit key
+#define TSS_KEY_SIZE_16384 (UINT32)(0x00000600) // indicate a 16384-bit key
+#define TSS_KEY_SIZE_BITMASK (UINT32)(0x00000F00) // mask to extract key size
+
+//
+// Certified Migratability
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// DEFAULT |0 0|
+// Not Certified Migratable |0 0|
+// Certified Migratable |0 1|
+//
+#define TSS_KEY_NOT_CERTIFIED_MIGRATABLE (UINT32)(0x00000000)
+#define TSS_KEY_CERTIFIED_MIGRATABLE (UINT32)(0x00001000)
+
+//
+// Specification version
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Context default |0 0 0|
+// TPM_KEY 1.1b key |0 0 1|
+// TPM_KEY12 1.2 key |0 1 0|
+//
+#define TSS_KEY_STRUCT_DEFAULT (UINT32)(0x00000000)
+#define TSS_KEY_STRUCT_KEY (UINT32)(0x00004000)
+#define TSS_KEY_STRUCT_KEY12 (UINT32)(0x00008000)
+#define TSS_KEY_STRUCT_BITMASK (UINT32)(0x0001C000)
+
+
+//
+// fixed KeyTypes (templates)
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// |0 0 0 0 0 0| Empty Key
+// |0 0 0 0 0 1| Storage Root Key
+//
+#define TSS_KEY_EMPTY_KEY (0x00000000) // no TPM key template
+ // (empty TSP key object)
+#define TSS_KEY_TSP_SRK (0x04000000) // use a TPM SRK template
+ // (TSP key object for SRK)
+#define TSS_KEY_TEMPLATE_BITMASK (0xFC000000) // bitmask to extract key
+ // template
+
+
+//*************************************
+// Flags for creating ENCDATA object: *
+//*************************************
+
+//
+// Type
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Seal |0 0 1|
+// Bind |0 1 0|
+// Legacy |0 1 1|
+//
+// ENCDATA Reserved:
+// |x x x x x x x x x x x x x x x x x x x x x x x x x x x x x|
+//
+#define TSS_ENCDATA_SEAL (0x00000001) // data for seal operation
+#define TSS_ENCDATA_BIND (0x00000002) // data for bind operation
+#define TSS_ENCDATA_LEGACY (0x00000003) // data for legacy bind operation
+
+
+//**********************************
+// Flags for creating HASH object: *
+//**********************************
+
+//
+// Algorithm
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// DEFAULT
+// |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0|
+// SHA1
+// |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1|
+// OTHER
+// |1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1|
+//
+#define TSS_HASH_DEFAULT (0x00000000) // Default hash algorithm
+#define TSS_HASH_SHA1 (0x00000001) // SHA-1 with 20 bytes
+#define TSS_HASH_OTHER (0xFFFFFFFF) // Not-specified hash algorithm
+
+
+//************************************
+// Flags for creating POLICY object: *
+//************************************
+
+//
+// Type
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Usage |0 0 1|
+// Migration |0 1 0|
+// Operator |0 1 1|
+//
+// POLICY Reserved:
+// |x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x|
+
+#define TSS_POLICY_USAGE (0x00000001) // usage policy object
+#define TSS_POLICY_MIGRATION (0x00000002) // migration policy object
+#define TSS_POLICY_OPERATOR (0x00000003) // migration policy object
+
+
+//******************************************
+// Flags for creating PCRComposite object: *
+//******************************************
+
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+// |x x| Struct
+// |x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x| Reserved
+//
+
+// PCRComposite Version:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+// TPM_PCR_DEFAULT |0 0 0|
+// TPM_PCR_INFO |0 0 1|
+// TPM_PCR_INFO_LONG |0 1 0|
+// TPM_PCR_INFO_SHORT |0 1 1|
+//
+
+#define TSS_PCRS_STRUCT_DEFAULT (0x00000000) // depends on context
+#define TSS_PCRS_STRUCT_INFO (0x00000001) // TPM_PCR_INFO
+#define TSS_PCRS_STRUCT_INFO_LONG (0x00000002) // TPM_PCR_INFO_LONG
+#define TSS_PCRS_STRUCT_INFO_SHORT (0x00000003) // TPM_PCR_INFO_SHORT
+
+
+
+//////////////////////////////////////////////////////////////////////////
+// Attribute Flags, Subflags, and Values
+//////////////////////////////////////////////////////////////////////////
+
+
+//******************
+// Context object: *
+//******************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_CONTEXT_SILENT_MODE (0x00000001)
+ // dialog display control
+#define TSS_TSPATTRIB_CONTEXT_MACHINE_NAME (0x00000002)
+ // remote machine name
+#define TSS_TSPATTRIB_CONTEXT_VERSION_MODE (0x00000003)
+ // context version
+#define TSS_TSPATTRIB_CONTEXT_TRANSPORT (0x00000004)
+ // transport control
+#define TSS_TSPATTRIB_CONTEXT_CONNECTION_VERSION (0x00000005)
+ // connection version
+#define TSS_TSPATTRIB_SECRET_HASH_MODE (0x00000006)
+ // flag indicating whether
+ // NUL is included in the
+ // hash of the password
+//
+// SubFlags for Flag TSS_TSPATTRIB_CONTEXT_TRANSPORT
+//
+#define TSS_TSPATTRIB_CONTEXTTRANS_CONTROL (0x00000008)
+#define TSS_TSPATTRIB_CONTEXTTRANS_MODE (0x00000010)
+
+//
+// Values for the TSS_TSPATTRIB_CONTEXT_SILENT_MODE attribute
+//
+#define TSS_TSPATTRIB_CONTEXT_NOT_SILENT (0x00000000) // TSP dialogs enabled
+#define TSS_TSPATTRIB_CONTEXT_SILENT (0x00000001) // TSP dialogs disabled
+
+//
+// Values for the TSS_TSPATTRIB_CONTEXT_VERSION_MODE attribute
+//
+#define TSS_TSPATTRIB_CONTEXT_VERSION_AUTO (0x00000001)
+#define TSS_TSPATTRIB_CONTEXT_VERSION_V1_1 (0x00000002)
+#define TSS_TSPATTRIB_CONTEXT_VERSION_V1_2 (0x00000003)
+
+//
+// Values for the subflag TSS_TSPATTRIB_CONTEXT_TRANS_CONTROL
+//
+#define TSS_TSPATTRIB_DISABLE_TRANSPORT (0x00000016)
+#define TSS_TSPATTRIB_ENABLE_TRANSPORT (0x00000032)
+
+//
+// Values for the subflag TSS_TSPATTRIB_CONTEXT_TRANS_MODE
+//
+#define TSS_TSPATTRIB_TRANSPORT_NO_DEFAULT_ENCRYPTION (0x00000000)
+#define TSS_TSPATTRIB_TRANSPORT_DEFAULT_ENCRYPTION (0x00000001)
+#define TSS_TSPATTRIB_TRANSPORT_AUTHENTIC_CHANNEL (0x00000002)
+#define TSS_TSPATTRIB_TRANSPORT_EXCLUSIVE (0x00000004)
+#define TSS_TSPATTRIB_TRANSPORT_STATIC_AUTH (0x00000008)
+
+//
+// Values for the TSS_TSPATTRIB_CONTEXT_CONNECTION_VERSION attribute
+//
+#define TSS_CONNECTION_VERSION_1_1 (0x00000001)
+#define TSS_CONNECTION_VERSION_1_2 (0x00000002)
+
+
+//
+// Subflags of TSS_TSPATTRIB_SECRET_HASH_MODE
+//
+#define TSS_TSPATTRIB_SECRET_HASH_MODE_POPUP (0x00000001)
+
+//
+// Values for TSS_TSPATTRIB_SECRET_HASH_MODE_POPUP subflag
+//
+#define TSS_TSPATTRIB_HASH_MODE_NOT_NULL (0x00000000)
+#define TSS_TSPATTRIB_HASH_MODE_NULL (0x00000001)
+
+
+// *************
+// TPM object: *
+// *************
+
+//
+// Attributes:
+//
+#define TSS_TSPATTRIB_TPM_CALLBACK_COLLATEIDENTITY 0x00000001
+#define TSS_TSPATTRIB_TPM_CALLBACK_ACTIVATEIDENTITY 0x00000002
+#define TSS_TSPATTRIB_TPM_ORDINAL_AUDIT_STATUS 0x00000003
+#define TSS_TSPATTRIB_TPM_CREDENTIAL 0x00001000
+
+//
+// Subflags for TSS_TSPATTRIB_TPM_ORDINAL_AUDIT_STATUS
+//
+#define TPM_CAP_PROP_TPM_CLEAR_ORDINAL_AUDIT 0x00000000
+#define TPM_CAP_PROP_TPM_SET_ORDINAL_AUDIT 0x00000001
+
+//
+// Subflags for TSS_TSPATTRIB_TPM_CREDENTIAL
+//
+#define TSS_TPMATTRIB_EKCERT 0x00000001
+#define TSS_TPMATTRIB_TPM_CC 0x00000002
+#define TSS_TPMATTRIB_PLATFORMCERT 0x00000003
+#define TSS_TPMATTRIB_PLATFORM_CC 0x00000004
+
+
+//*****************
+// Policy object: *
+//*****************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_POLICY_CALLBACK_HMAC (0x00000080)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_CALLBACK_XOR_ENC (0x00000100)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_CALLBACK_TAKEOWNERSHIP (0x00000180)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_CALLBACK_CHANGEAUTHASYM (0x00000200)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_SECRET_LIFETIME (0x00000280)
+ // set lifetime mode for policy secret
+
+#define TSS_TSPATTRIB_POLICY_POPUPSTRING (0x00000300)
+ // set a NULL terminated UNICODE string
+ // which is displayed in the TSP policy
+ // popup dialog
+#define TSS_TSPATTRIB_POLICY_CALLBACK_SEALX_MASK (0x00000380)
+ // enable/disable callback function
+#if 0
+/* This attribute flag is defined earlier with the context attributes.
+ * It is valid for both context and policy objects. It is copied
+ * here as a reminder to avoid collisions.
+ */
+#define TSS_TSPATTRIB_SECRET_HASH_MODE (0x00000006)
+ // flag indicating whether
+ // NUL is included in the
+ // hash of the password
+#endif
+
+
+#define TSS_TSPATTRIB_POLICY_DELEGATION_INFO (0x00000001)
+#define TSS_TSPATTRIB_POLICY_DELEGATION_PCR (0x00000002)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_POLICY_SECRET_LIFETIME
+//
+#define TSS_SECRET_LIFETIME_ALWAYS (0x00000001) // secret will not be
+ // invalidated
+#define TSS_SECRET_LIFETIME_COUNTER (0x00000002) // secret lifetime
+ // controlled by counter
+#define TSS_SECRET_LIFETIME_TIMER (0x00000003) // secret lifetime
+ // controlled by time
+#define TSS_TSPATTRIB_POLSECRET_LIFETIME_ALWAYS TSS_SECRET_LIFETIME_ALWAYS
+#define TSS_TSPATTRIB_POLSECRET_LIFETIME_COUNTER TSS_SECRET_LIFETIME_COUNTER
+#define TSS_TSPATTRIB_POLSECRET_LIFETIME_TIMER TSS_SECRET_LIFETIME_TIMER
+
+// Alternate names misspelled in the 1.1 TSS spec.
+#define TSS_TSPATTRIB_POLICYSECRET_LIFETIME_ALWAYS TSS_SECRET_LIFETIME_ALWAYS
+#define TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER TSS_SECRET_LIFETIME_COUNTER
+#define TSS_TSPATTRIB_POLICYSECRET_LIFETIME_TIMER TSS_SECRET_LIFETIME_TIMER
+
+//
+// Subflags of TSS_TSPATTRIB_POLICY_DELEGATION_INFO
+//
+#define TSS_TSPATTRIB_POLDEL_TYPE (0x00000001)
+#define TSS_TSPATTRIB_POLDEL_INDEX (0x00000002)
+#define TSS_TSPATTRIB_POLDEL_PER1 (0x00000003)
+#define TSS_TSPATTRIB_POLDEL_PER2 (0x00000004)
+#define TSS_TSPATTRIB_POLDEL_LABEL (0x00000005)
+#define TSS_TSPATTRIB_POLDEL_FAMILYID (0x00000006)
+#define TSS_TSPATTRIB_POLDEL_VERCOUNT (0x00000007)
+#define TSS_TSPATTRIB_POLDEL_OWNERBLOB (0x00000008)
+#define TSS_TSPATTRIB_POLDEL_KEYBLOB (0x00000009)
+
+//
+// Subflags of TSS_TSPATTRIB_POLICY_DELEGATION_PCR
+//
+#define TSS_TSPATTRIB_POLDELPCR_LOCALITY (0x00000001)
+#define TSS_TSPATTRIB_POLDELPCR_DIGESTATRELEASE (0x00000002)
+#define TSS_TSPATTRIB_POLDELPCR_SELECTION (0x00000003)
+
+//
+// Values for the Policy TSS_TSPATTRIB_POLDEL_TYPE attribute
+//
+#define TSS_DELEGATIONTYPE_NONE (0x00000001)
+#define TSS_DELEGATIONTYPE_OWNER (0x00000002)
+#define TSS_DELEGATIONTYPE_KEY (0x00000003)
+
+
+
+//
+// Flags used for the 'mode' parameter in Tspi_Policy_SetSecret()
+//
+#define TSS_SECRET_MODE_NONE (0x00000800) // No authorization will be
+ // processed
+#define TSS_SECRET_MODE_SHA1 (0x00001000) // Secret string will not be
+ // touched by TSP
+#define TSS_SECRET_MODE_PLAIN (0x00001800) // Secret string will be hashed
+ // using SHA1
+#define TSS_SECRET_MODE_POPUP (0x00002000) // TSS SP will ask for a secret
+#define TSS_SECRET_MODE_CALLBACK (0x00002800) // Application has to provide a
+ // call back function
+
+
+
+//******************
+// EncData object: *
+//******************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_ENCDATA_BLOB (0x00000008)
+#define TSS_TSPATTRIB_ENCDATA_PCR (0x00000010)
+#define TSS_TSPATTRIB_ENCDATA_PCR_LONG (0x00000018)
+#define TSS_TSPATTRIB_ENCDATA_SEAL (0x00000020)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_ENCDATA_BLOB
+//
+#define TSS_TSPATTRIB_ENCDATABLOB_BLOB (0x00000001) // encrypted data blob
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_ENCDATA_PCR
+//
+#define TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATCREATION (0x00000002)
+#define TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATRELEASE (0x00000003)
+#define TSS_TSPATTRIB_ENCDATAPCR_SELECTION (0x00000004)
+// support typo from 1.1 headers
+#define TSS_TSPATTRIB_ENCDATAPCR_DIGEST_RELEASE \
+ TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATRELEASE
+
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_LOCALITY_ATCREATION (0x00000005)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_LOCALITY_ATRELEASE (0x00000006)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_CREATION_SELECTION (0x00000007)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_RELEASE_SELECTION (0x00000008)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_DIGEST_ATCREATION (0x00000009)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_DIGEST_ATRELEASE (0x0000000A)
+
+
+//
+// Attribute subflags TSS_TSPATTRIB_ENCDATA_SEAL
+//
+#define TSS_TSPATTRIB_ENCDATASEAL_PROTECT_MODE (0x00000001)
+
+//
+// Attribute values for
+// TSS_TSPATTRIB_ENCDATA_SEAL/TSS_TSPATTRIB_ENCDATASEAL_PROTECT_MODE
+//
+#define TSS_TSPATTRIB_ENCDATASEAL_NOPROTECT (0x00000000)
+#define TSS_TSPATTRIB_ENCDATASEAL_PROTECT (0x00000001)
+
+// Accounting for typos in original header files
+#define TSS_TSPATTRIB_ENCDATASEAL_NO_PROTECT \
+ TSS_TSPATTRIB_ENCDATASEAL_NOPROTECT
+
+//*************
+// NV object: *
+//*************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_NV_INDEX (0x00000001)
+#define TSS_TSPATTRIB_NV_PERMISSIONS (0x00000002)
+#define TSS_TSPATTRIB_NV_STATE (0x00000003)
+#define TSS_TSPATTRIB_NV_DATASIZE (0x00000004)
+#define TSS_TSPATTRIB_NV_PCR (0x00000005)
+
+#define TSS_TSPATTRIB_NVSTATE_READSTCLEAR (0x00100000)
+#define TSS_TSPATTRIB_NVSTATE_WRITESTCLEAR (0x00200000)
+#define TSS_TSPATTRIB_NVSTATE_WRITEDEFINE (0x00300000)
+
+#define TSS_TSPATTRIB_NVPCR_READPCRSELECTION (0x01000000)
+#define TSS_TSPATTRIB_NVPCR_READDIGESTATRELEASE (0x02000000)
+#define TSS_TSPATTRIB_NVPCR_READLOCALITYATRELEASE (0x03000000)
+#define TSS_TSPATTRIB_NVPCR_WRITEPCRSELECTION (0x04000000)
+#define TSS_TSPATTRIB_NVPCR_WRITEDIGESTATRELEASE (0x05000000)
+#define TSS_TSPATTRIB_NVPCR_WRITELOCALITYATRELEASE (0x06000000)
+
+/* NV index flags
+ *
+ * From the TPM spec, Part 2, Section 19.1.
+ *
+ * 3 2 1
+ * 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * |T|P|U|D| resvd | Purview | Index |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+#define TSS_NV_TPM (0x80000000) // TPM mfr reserved bit
+#define TSS_NV_PLATFORM (0x40000000) // Platform mfr reserved bit
+#define TSS_NV_USER (0x20000000) // User reserved bit
+#define TSS_NV_DEFINED (0x10000000) // "Defined permanently" flag
+#define TSS_NV_MASK_TPM (0x80000000) // mask to extract 'T'
+#define TSS_NV_MASK_PLATFORM (0x40000000) // mask to extract 'P'
+#define TSS_NV_MASK_USER (0x20000000) // mask to extract 'U'
+#define TSS_NV_MASK_DEFINED (0x10000000) // mask to extract 'D'
+#define TSS_NV_MASK_RESERVED (0x0f000000) // mask to extract reserved bits
+#define TSS_NV_MASK_PURVIEW (0x00ff0000) // mask to extract purview byte
+#define TSS_NV_MASK_INDEX (0x0000ffff) // mask to extract index byte
+
+// This is the index of the NV storage area where the number of sessions
+// per locality is stored.
+#define TSS_NV_INDEX_SESSIONS (0x00011101)
+
+
+//******************
+// MigData object: *
+//******************
+
+//
+// Attributes
+//
+#define TSS_MIGATTRIB_MIGRATIONBLOB (0x00000010)
+#define TSS_MIGATTRIB_MIGRATIONTICKET (0x00000020)
+#define TSS_MIGATTRIB_AUTHORITY_DATA (0x00000030)
+#define TSS_MIGATTRIB_MIG_AUTH_DATA (0x00000040)
+#define TSS_MIGATTRIB_TICKET_DATA (0x00000050)
+#define TSS_MIGATTRIB_PAYLOAD_TYPE (0x00000060)
+
+//
+// Attribute subflags TSS_MIGATTRIB_MIGRATIONBLOB
+//
+#define TSS_MIGATTRIB_MIGRATION_XOR_BLOB (0x00000101)
+#define TSS_MIGATTRIB_MIGRATION_REWRAPPED_BLOB (0x00000102)
+#define TSS_MIGATTRIB_MIG_MSALIST_PUBKEY_BLOB (0x00000103)
+#define TSS_MIGATTRIB_MIG_AUTHORITY_PUBKEY_BLOB (0x00000104)
+#define TSS_MIGATTRIB_MIG_DESTINATION_PUBKEY_BLOB (0x00000105)
+#define TSS_MIGATTRIB_MIG_SOURCE_PUBKEY_BLOB (0x00000106)
+#define TSS_MIGATTRIB_MIG_REWRAPPED_BLOB TSS_MIGATTRIB_MIGRATION_REWRAPPED_BLOB
+#define TSS_MIGATTRIB_MIG_XOR_BLOB TSS_MIGATTRIB_MIGRATION_XOR_BLOB
+
+//
+// Attribute subflags TSS_MIGATTRIB_MIGRATIONTICKET
+//
+// none
+
+//
+// Attribute subflags TSS_MIGATTRIB_AUTHORITY_DATA
+//
+#define TSS_MIGATTRIB_AUTHORITY_DIGEST (0x00000301)
+#define TSS_MIGATTRIB_AUTHORITY_APPROVAL_HMAC (0x00000302)
+#define TSS_MIGATTRIB_AUTHORITY_MSALIST (0x00000303)
+
+//
+// Attribute subflags TSS_MIGATTRIB_MIG_AUTH_DATA
+//
+#define TSS_MIGATTRIB_MIG_AUTH_AUTHORITY_DIGEST (0x00000401)
+#define TSS_MIGATTRIB_MIG_AUTH_DESTINATION_DIGEST (0x00000402)
+#define TSS_MIGATTRIB_MIG_AUTH_SOURCE_DIGEST (0x00000403)
+
+//
+// Attribute subflags TSS_MIGATTRIB_TICKET_DATA
+//
+#define TSS_MIGATTRIB_TICKET_SIG_DIGEST (0x00000501)
+#define TSS_MIGATTRIB_TICKET_SIG_VALUE (0x00000502)
+#define TSS_MIGATTRIB_TICKET_SIG_TICKET (0x00000503)
+#define TSS_MIGATTRIB_TICKET_RESTRICT_TICKET (0x00000504)
+
+//
+// Attribute subflags TSS_MIGATTRIB_PAYLOAD_TYPE
+//
+#define TSS_MIGATTRIB_PT_MIGRATE_RESTRICTED (0x00000601)
+#define TSS_MIGATTRIB_PT_MIGRATE_EXTERNAL (0x00000602)
+
+
+
+
+//***************
+// Hash object: *
+//***************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_HASH_IDENTIFIER (0x00001000) // Hash algorithm identifier
+#define TSS_TSPATTRIB_ALG_IDENTIFIER (0x00002000) // ASN.1 alg identifier
+
+
+
+//***************
+// PCRs object: *
+//***************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_PCRS_INFO (0x00000001) // info
+
+//
+// Subflags for TSS_TSPATTRIB_PCRS_INFO flag
+//
+#define TSS_TSPATTRIB_PCRSINFO_PCRSTRUCT (0x00000001) // type of pcr struct
+ // TSS_PCRS_STRUCT_TYPE_XX
+
+//****************************
+// Delegation Family object: *
+//****************************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_DELFAMILY_STATE (0x00000001)
+#define TSS_TSPATTRIB_DELFAMILY_INFO (0x00000002)
+
+// DELFAMILY_STATE sub-attributes
+#define TSS_TSPATTRIB_DELFAMILYSTATE_LOCKED (0x00000001)
+#define TSS_TSPATTRIB_DELFAMILYSTATE_ENABLED (0x00000002)
+
+// DELFAMILY_INFO sub-attributes
+#define TSS_TSPATTRIB_DELFAMILYINFO_LABEL (0x00000003)
+#define TSS_TSPATTRIB_DELFAMILYINFO_VERCOUNT (0x00000004)
+#define TSS_TSPATTRIB_DELFAMILYINFO_FAMILYID (0x00000005)
+
+// Bitmasks for the 'ulFlags' argument to Tspi_TPM_Delegate_CreateDelegation.
+// Only one bit used for now.
+#define TSS_DELEGATE_INCREMENTVERIFICATIONCOUNT ((UINT32)1)
+
+// Bitmasks for the 'ulFlags' argument to
+// Tspi_TPM_Delegate_CacheOwnerDelegation. Only 1 bit is used for now.
+#define TSS_DELEGATE_CACHEOWNERDELEGATION_OVERWRITEEXISTING ((UINT32)1)
+
+
+
+//*************************
+// DAA Credential Object: *
+//*************************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_DAACRED_COMMIT (0x00000001)
+#define TSS_TSPATTRIB_DAACRED_ATTRIB_GAMMAS (0x00000002)
+#define TSS_TSPATTRIB_DAACRED_CREDENTIAL_BLOB (0x00000003)
+#define TSS_TSPATTRIB_DAACRED_CALLBACK_SIGN (0x00000004)
+#define TSS_TSPATTRIB_DAACRED_CALLBACK_VERIFYSIGNATURE (0x00000005)
+
+//
+// Subflags for TSS_TSPATTRIB_DAACRED_COMMIT
+//
+#define TSS_TSPATTRIB_DAACOMMIT_NUMBER (0x00000001)
+#define TSS_TSPATTRIB_DAACOMMIT_SELECTION (0x00000002)
+#define TSS_TSPATTRIB_DAACOMMIT_COMMITMENTS (0x00000003)
+
+//
+// Subflags for TSS_TSPATTRIB_DAACRED_ATTRIB_GAMMAS
+//
+#define TSS_TSPATTRIB_DAAATTRIBGAMMAS_BLOB (0xffffffff)
+
+
+
+//*************************
+// DAA Issuer Key Object: *
+//*************************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_DAAISSUERKEY_BLOB (0x00000001)
+#define TSS_TSPATTRIB_DAAISSUERKEY_PUBKEY (0x00000002)
+
+//
+// Subflags for TSS_TSPATTRIB_DAAISSUERKEY_BLOB
+//
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_PUBLIC_KEY (0x00000001)
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_SECRET_KEY (0x00000002)
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_KEYBLOB (0x00000003)
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_PROOF (0x00000004)
+
+//
+// Subflags for TSS_TSPATTRIB_DAAISSUERKEY_PUBKEY
+//
+#define TSS_TSPATTRIB_DAAISSUERKEYPUBKEY_NUM_ATTRIBS (0x00000001)
+#define TSS_TSPATTRIB_DAAISSUERKEYPUBKEY_NUM_PLATFORM_ATTRIBS (0x00000002)
+#define TSS_TSPATTRIB_DAAISSUERKEYPUBKEY_NUM_ISSUER_ATTRIBS (0x00000003)
+
+
+
+//***************************************
+// DAA Anonymity Revocation Key Object: *
+//***************************************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_DAAARAKEY_BLOB (0x00000001)
+
+//
+// Subflags for TSS_TSPATTRIB_DAAARAKEY_BLOB
+//
+#define TSS_TSPATTRIB_DAAARAKEYBLOB_PUBLIC_KEY (0x00000001)
+#define TSS_TSPATTRIB_DAAARAKEYBLOB_SECRET_KEY (0x00000002)
+#define TSS_TSPATTRIB_DAAARAKEYBLOB_KEYBLOB (0x00000003)
+
+
+
+//
+// Structure payload flags for TSS_DAA_PSEUDONYM,
+// (TSS_DAA_PSEUDONYM.payloadFlag)
+//
+#define TSS_FLAG_DAA_PSEUDONYM_PLAIN (0x00000000)
+#define TSS_FLAG_DAA_PSEUDONYM_ENCRYPTED (0x00000001)
+
+
+//**************
+// Key Object: *
+//**************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_KEY_BLOB (0x00000040) // key info as blob data
+#define TSS_TSPATTRIB_KEY_INFO (0x00000080) // keyparam info as blob data
+#define TSS_TSPATTRIB_KEY_UUID (0x000000C0) // key UUID info as blob data
+#define TSS_TSPATTRIB_KEY_PCR (0x00000100) // composite digest value for
+ // the key
+#define TSS_TSPATTRIB_RSAKEY_INFO (0x00000140) // public key info
+#define TSS_TSPATTRIB_KEY_REGISTER (0x00000180) // register location
+#define TSS_TSPATTRIB_KEY_PCR_LONG (0x000001c0) // PCR_INFO_LONG for the key
+#define TSS_TSPATTRIB_KEY_CONTROLBIT (0x00000200) // key control flags
+#define TSS_TSPATTRIB_KEY_CMKINFO (0x00000400) // CMK info
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_BLOB
+//
+#define TSS_TSPATTRIB_KEYBLOB_BLOB (0x00000008) // key info using the
+ // key blob
+#define TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY (0x00000010) // public key info
+ // using the blob
+#define TSS_TSPATTRIB_KEYBLOB_PRIVATE_KEY (0x00000028) // encrypted private key
+ // blob
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_INFO
+//
+#define TSS_TSPATTRIB_KEYINFO_SIZE (0x00000080) // key size in bits
+#define TSS_TSPATTRIB_KEYINFO_USAGE (0x00000100) // key usage info
+#define TSS_TSPATTRIB_KEYINFO_KEYFLAGS (0x00000180) // key flags
+#define TSS_TSPATTRIB_KEYINFO_AUTHUSAGE (0x00000200) // key auth usage info
+#define TSS_TSPATTRIB_KEYINFO_ALGORITHM (0x00000280) // key algorithm ID
+#define TSS_TSPATTRIB_KEYINFO_SIGSCHEME (0x00000300) // key sig scheme
+#define TSS_TSPATTRIB_KEYINFO_ENCSCHEME (0x00000380) // key enc scheme
+#define TSS_TSPATTRIB_KEYINFO_MIGRATABLE (0x00000400) // if true then key is
+ // migratable
+#define TSS_TSPATTRIB_KEYINFO_REDIRECTED (0x00000480) // key is redirected
+#define TSS_TSPATTRIB_KEYINFO_VOLATILE (0x00000500) // if true key is
+ // volatile
+#define TSS_TSPATTRIB_KEYINFO_AUTHDATAUSAGE (0x00000580) // if true auth is
+ // required
+#define TSS_TSPATTRIB_KEYINFO_VERSION (0x00000600) // version info as TSS
+ // version struct
+#define TSS_TSPATTRIB_KEYINFO_CMK (0x00000680) // if true then key
+ // is certified
+ // migratable
+#define TSS_TSPATTRIB_KEYINFO_KEYSTRUCT (0x00000700) // type of key struct
+ // used for this key
+ // (TPM_KEY or
+ // TPM_KEY12)
+#define TSS_TSPATTRIB_KEYCONTROL_OWNEREVICT (0x00000780) // Get current status
+ // of owner evict flag
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_RSAKEY_INFO
+//
+#define TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT (0x00001000)
+#define TSS_TSPATTRIB_KEYINFO_RSA_MODULUS (0x00002000)
+#define TSS_TSPATTRIB_KEYINFO_RSA_KEYSIZE (0x00003000)
+#define TSS_TSPATTRIB_KEYINFO_RSA_PRIMES (0x00004000)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_PCR
+//
+#define TSS_TSPATTRIB_KEYPCR_DIGEST_ATCREATION (0x00008000)
+#define TSS_TSPATTRIB_KEYPCR_DIGEST_ATRELEASE (0x00010000)
+#define TSS_TSPATTRIB_KEYPCR_SELECTION (0x00018000)
+
+//
+// SubFlags for TSS_TSPATTRIB_KEY_REGISTER
+//
+#define TSS_TSPATTRIB_KEYREGISTER_USER (0x02000000)
+#define TSS_TSPATTRIB_KEYREGISTER_SYSTEM (0x04000000)
+#define TSS_TSPATTRIB_KEYREGISTER_NO (0x06000000)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_PCR_LONG
+//
+#define TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATCREATION (0x00040000) /* UINT32 */
+#define TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATRELEASE (0x00080000) /* UINT32 */
+#define TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION (0x000C0000) /* DATA */
+#define TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION (0x00100000) /* DATA */
+#define TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION (0x00140000) /* DATA */
+#define TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE (0x00180000) /* DATA */
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_CMKINFO
+//
+#define TSS_TSPATTRIB_KEYINFO_CMK_MA_APPROVAL (0x00000010)
+#define TSS_TSPATTRIB_KEYINFO_CMK_MA_DIGEST (0x00000020)
+
+
+//
+// Attribute Values
+//
+
+//
+// key size definitions
+//
+#define TSS_KEY_SIZEVAL_512BIT (0x0200)
+#define TSS_KEY_SIZEVAL_1024BIT (0x0400)
+#define TSS_KEY_SIZEVAL_2048BIT (0x0800)
+#define TSS_KEY_SIZEVAL_4096BIT (0x1000)
+#define TSS_KEY_SIZEVAL_8192BIT (0x2000)
+#define TSS_KEY_SIZEVAL_16384BIT (0x4000)
+
+//
+// key usage definitions
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_KEYUSAGE_BIND (0x00)
+#define TSS_KEYUSAGE_IDENTITY (0x01)
+#define TSS_KEYUSAGE_LEGACY (0x02)
+#define TSS_KEYUSAGE_SIGN (0x03)
+#define TSS_KEYUSAGE_STORAGE (0x04)
+#define TSS_KEYUSAGE_AUTHCHANGE (0x05)
+#define TSS_KEYUSAGE_MIGRATE (0x06)
+
+//
+// key flag definitions
+//
+#define TSS_KEYFLAG_REDIRECTION (0x00000001)
+#define TSS_KEYFLAG_MIGRATABLE (0x00000002)
+#define TSS_KEYFLAG_VOLATILEKEY (0x00000004)
+#define TSS_KEYFLAG_CERTIFIED_MIGRATABLE (0x00000008)
+
+//
+// algorithm ID definitions
+//
+// This table defines the algo id's
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_ALG_RSA (0x20)
+#define TSS_ALG_DES (0x21)
+#define TSS_ALG_3DES (0x22)
+#define TSS_ALG_SHA (0x23)
+#define TSS_ALG_HMAC (0x24)
+#define TSS_ALG_AES128 (0x25)
+#define TSS_ALG_AES192 (0x26)
+#define TSS_ALG_AES256 (0x27)
+#define TSS_ALG_XOR (0x28)
+#define TSS_ALG_MGF1 (0x29)
+
+#define TSS_ALG_AES TSS_ALG_AES128
+
+// Special values for
+// Tspi_Context_GetCapability(TSS_TSPCAP_ALG)
+// Tspi_Context_GetCapability(TSS_TCSCAP_ALG)
+#define TSS_ALG_DEFAULT (0xfe)
+#define TSS_ALG_DEFAULT_SIZE (0xff)
+
+
+//
+// key signature scheme definitions
+//
+#define TSS_SS_NONE (0x10)
+#define TSS_SS_RSASSAPKCS1V15_SHA1 (0x11)
+#define TSS_SS_RSASSAPKCS1V15_DER (0x12)
+#define TSS_SS_RSASSAPKCS1V15_INFO (0x13)
+
+//
+// key encryption scheme definitions
+//
+#define TSS_ES_NONE (0x10)
+#define TSS_ES_RSAESPKCSV15 (0x11)
+#define TSS_ES_RSAESOAEP_SHA1_MGF1 (0x12)
+#define TSS_ES_SYM_CNT (0x13)
+#define TSS_ES_SYM_OFB (0x14)
+#define TSS_ES_SYM_CBC_PKCS5PAD (0x15)
+
+
+//
+// persistent storage registration definitions
+//
+#define TSS_PS_TYPE_USER (1) // Key is registered persistantly in the user
+ // storage database.
+#define TSS_PS_TYPE_SYSTEM (2) // Key is registered persistantly in the system
+ // storage database.
+
+//
+// migration scheme definitions
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_MS_MIGRATE (0x20)
+#define TSS_MS_REWRAP (0x21)
+#define TSS_MS_MAINT (0x22)
+#define TSS_MS_RESTRICT_MIGRATE (0x23)
+#define TSS_MS_RESTRICT_APPROVE_DOUBLE (0x24)
+#define TSS_MS_RESTRICT_MIGRATE_EXTERNAL (0x25)
+
+//
+// TPM key authorization
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_KEYAUTH_AUTH_NEVER (0x10)
+#define TSS_KEYAUTH_AUTH_ALWAYS (0x11)
+#define TSS_KEYAUTH_AUTH_PRIV_USE_ONLY (0x12)
+
+
+//
+// Flags for TPM status information (GetStatus and SetStatus)
+//
+#define TSS_TPMSTATUS_DISABLEOWNERCLEAR (0x00000001) // persistent flag
+#define TSS_TPMSTATUS_DISABLEFORCECLEAR (0x00000002) // volatile flag
+#define TSS_TPMSTATUS_DISABLED (0x00000003) // persistent flag
+#define TSS_TPMSTATUS_DEACTIVATED (0x00000004) // volatile flag
+#define TSS_TPMSTATUS_OWNERSETDISABLE (0x00000005) // persistent flag
+ // for SetStatus
+ // (disable flag)
+#define TSS_TPMSTATUS_SETOWNERINSTALL (0x00000006) // persistent flag
+ // (ownership flag)
+#define TSS_TPMSTATUS_DISABLEPUBEKREAD (0x00000007) // persistent flag
+#define TSS_TPMSTATUS_ALLOWMAINTENANCE (0x00000008) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_LIFETIMELOCK (0x00000009) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_HWENABLE (0x0000000A) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_CMDENABLE (0x0000000B) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_LOCK (0x0000000C) // volatile flag
+#define TSS_TPMSTATUS_PHYSPRESENCE (0x0000000D) // volatile flag
+#define TSS_TPMSTATUS_PHYSICALDISABLE (0x0000000E) // persistent flag
+ // (SetStatus
+ // disable flag)
+#define TSS_TPMSTATUS_CEKP_USED (0x0000000F) // persistent flag
+#define TSS_TPMSTATUS_PHYSICALSETDEACTIVATED (0x00000010) // persistent flag
+ // (deactivated flag)
+#define TSS_TPMSTATUS_SETTEMPDEACTIVATED (0x00000011) // volatile flag
+ // (deactivated flag)
+#define TSS_TPMSTATUS_POSTINITIALISE (0x00000012) // volatile flag
+#define TSS_TPMSTATUS_TPMPOST (0x00000013) // persistent flag
+#define TSS_TPMSTATUS_TPMPOSTLOCK (0x00000014) // persistent flag
+#define TSS_TPMSTATUS_DISABLEPUBSRKREAD (0x00000016) // persistent flag
+#define TSS_TPMSTATUS_MAINTENANCEUSED (0x00000017) // persistent flag
+#define TSS_TPMSTATUS_OPERATORINSTALLED (0x00000018) // persistent flag
+#define TSS_TPMSTATUS_OPERATOR_INSTALLED (TSS_TPMSTATUS_OPERATORINSTALLED)
+#define TSS_TPMSTATUS_FIPS (0x00000019) // persistent flag
+#define TSS_TPMSTATUS_ENABLEREVOKEEK (0x0000001A) // persistent flag
+#define TSS_TPMSTATUS_ENABLE_REVOKEEK (TSS_TPMSTATUS_ENABLEREVOKEEK)
+#define TSS_TPMSTATUS_NV_LOCK (0x0000001B) // persistent flag
+#define TSS_TPMSTATUS_TPM_ESTABLISHED (0x0000001C) // persistent flag
+#define TSS_TPMSTATUS_RESETLOCK (0x0000001D) // volatile flag
+#define TSS_TPMSTATUS_DISABLE_FULL_DA_LOGIC_INFO (0x0000001D) //persistent flag
+
+
+//
+// Capability flag definitions
+//
+// TPM capabilities
+//
+#define TSS_TPMCAP_ORD (0x10)
+#define TSS_TPMCAP_ALG (0x11)
+#define TSS_TPMCAP_FLAG (0x12)
+#define TSS_TPMCAP_PROPERTY (0x13)
+#define TSS_TPMCAP_VERSION (0x14)
+#define TSS_TPMCAP_VERSION_VAL (0x15)
+#define TSS_TPMCAP_NV_LIST (0x16)
+#define TSS_TPMCAP_NV_INDEX (0x17)
+#define TSS_TPMCAP_MFR (0x18)
+#define TSS_TPMCAP_SYM_MODE (0x19)
+#define TSS_TPMCAP_HANDLE (0x1a)
+#define TSS_TPMCAP_TRANS_ES (0x1b)
+#define TSS_TPMCAP_AUTH_ENCRYPT (0x1c)
+#define TSS_TPMCAP_SET_PERM_FLAGS (0x1d) // cf. TPM_SET_PERM_FLAGS
+#define TSS_TPMCAP_SET_VENDOR (0x1e) // cf. TPM_SET_VENDOR
+#define TSS_TPMCAP_DA_LOGIC (0x1f)
+
+//
+// Sub-Capability Flags for TSS_TPMCAP_PROPERTY
+//
+#define TSS_TPMCAP_PROP_PCR (0x10)
+#define TSS_TPMCAP_PROP_DIR (0x11)
+#define TSS_TPMCAP_PROP_MANUFACTURER (0x12)
+#define TSS_TPMCAP_PROP_SLOTS (0x13)
+#define TSS_TPMCAP_PROP_KEYS TSS_TPMCAP_PROP_SLOTS
+#define TSS_TPMCAP_PROP_FAMILYROWS (0x14)
+#define TSS_TPMCAP_PROP_DELEGATEROWS (0x15)
+#define TSS_TPMCAP_PROP_OWNER (0x16)
+#define TSS_TPMCAP_PROP_MAXKEYS (0x18)
+#define TSS_TPMCAP_PROP_AUTHSESSIONS (0x19)
+#define TSS_TPMCAP_PROP_MAXAUTHSESSIONS (0x1a)
+#define TSS_TPMCAP_PROP_TRANSESSIONS (0x1b)
+#define TSS_TPMCAP_PROP_MAXTRANSESSIONS (0x1c)
+#define TSS_TPMCAP_PROP_SESSIONS (0x1d)
+#define TSS_TPMCAP_PROP_MAXSESSIONS (0x1e)
+#define TSS_TPMCAP_PROP_CONTEXTS (0x1f)
+#define TSS_TPMCAP_PROP_MAXCONTEXTS (0x20)
+#define TSS_TPMCAP_PROP_DAASESSIONS (0x21)
+#define TSS_TPMCAP_PROP_MAXDAASESSIONS (0x22)
+#define TSS_TPMCAP_PROP_DAA_INTERRUPT (0x23)
+#define TSS_TPMCAP_PROP_COUNTERS (0x24)
+#define TSS_TPMCAP_PROP_MAXCOUNTERS (0x25)
+#define TSS_TPMCAP_PROP_ACTIVECOUNTER (0x26)
+#define TSS_TPMCAP_PROP_MIN_COUNTER (0x27)
+#define TSS_TPMCAP_PROP_TISTIMEOUTS (0x28)
+#define TSS_TPMCAP_PROP_STARTUPEFFECTS (0x29)
+#define TSS_TPMCAP_PROP_MAXCONTEXTCOUNTDIST (0x2a)
+#define TSS_TPMCAP_PROP_CMKRESTRICTION (0x2b)
+#define TSS_TPMCAP_PROP_DURATION (0x2c)
+#define TSS_TPMCAP_PROP_MAXNVAVAILABLE (0x2d)
+#define TSS_TPMCAP_PROP_INPUTBUFFERSIZE (0x2e)
+#define TSS_TPMCAP_PROP_REVISION (0x2f)
+#define TSS_TPMCAP_PROP_LOCALITIES_AVAIL (0x32)
+
+//
+// Resource type flags
+// Sub-Capability Flags for TSS_TPMCAP_HANDLE
+//
+#define TSS_RT_KEY ((UINT32)0x00000010)
+#define TSS_RT_AUTH ((UINT32)0x00000020)
+#define TSS_RT_TRANS ((UINT32)0x00000030)
+#define TSS_RT_COUNTER ((UINT32)0x00000040)
+
+
+//
+// TSS Core Service Capabilities
+//
+#define TSS_TCSCAP_ALG (0x00000001)
+#define TSS_TCSCAP_VERSION (0x00000002)
+#define TSS_TCSCAP_CACHING (0x00000003)
+#define TSS_TCSCAP_PERSSTORAGE (0x00000004)
+#define TSS_TCSCAP_MANUFACTURER (0x00000005)
+#define TSS_TCSCAP_PLATFORM_CLASS (0x00000006)
+#define TSS_TCSCAP_TRANSPORT (0x00000007)
+#define TSS_TCSCAP_PLATFORM_INFO (0x00000008)
+
+//
+// Sub-Capability Flags TSS-CoreService-Capabilities
+//
+#define TSS_TCSCAP_PROP_KEYCACHE (0x00000100)
+#define TSS_TCSCAP_PROP_AUTHCACHE (0x00000101)
+#define TSS_TCSCAP_PROP_MANUFACTURER_STR (0x00000102)
+#define TSS_TCSCAP_PROP_MANUFACTURER_ID (0x00000103)
+#define TSS_TCSCAP_PLATFORM_VERSION (0x00001100)
+#define TSS_TCSCAP_PLATFORM_TYPE (0x00001101)
+#define TSS_TCSCAP_TRANS_EXCLUSIVE (0x00002100)
+#define TSS_TCSCAP_PROP_HOST_PLATFORM (0x00003001)
+#define TSS_TCSCAP_PROP_ALL_PLATFORMS (0x00003002)
+
+//
+// TSS Service Provider Capabilities
+//
+#define TSS_TSPCAP_ALG (0x00000010)
+#define TSS_TSPCAP_VERSION (0x00000011)
+#define TSS_TSPCAP_PERSSTORAGE (0x00000012)
+#define TSS_TSPCAP_MANUFACTURER (0x00000013)
+#define TSS_TSPCAP_RETURNVALUE_INFO (0x00000015)
+#define TSS_TSPCAP_PLATFORM_INFO (0x00000016)
+
+// Sub-Capability Flags for TSS_TSPCAP_MANUFACTURER
+//
+#define TSS_TSPCAP_PROP_MANUFACTURER_STR (0x00000102)
+#define TSS_TSPCAP_PROP_MANUFACTURER_ID (0x00000103)
+
+// Sub-Capability Flags for TSS_TSPCAP_PLATFORM_INFO
+//
+#define TSS_TSPCAP_PLATFORM_TYPE (0x00000201)
+#define TSS_TSPCAP_PLATFORM_VERSION (0x00000202)
+
+
+
+// Sub-Capability Flags for TSS_TSPCAP_RETURNVALUE_INFO
+//
+#define TSS_TSPCAP_PROP_RETURNVALUE_INFO (0x00000201)
+
+//
+// Event type definitions
+//
+#define TSS_EV_CODE_CERT (0x00000001)
+#define TSS_EV_CODE_NOCERT (0x00000002)
+#define TSS_EV_XML_CONFIG (0x00000003)
+#define TSS_EV_NO_ACTION (0x00000004)
+#define TSS_EV_SEPARATOR (0x00000005)
+#define TSS_EV_ACTION (0x00000006)
+#define TSS_EV_PLATFORM_SPECIFIC (0x00000007)
+
+
+//
+// TSP random number limits
+//
+#define TSS_TSPCAP_RANDOMLIMIT (0x00001000) // Errata: Missing from spec
+
+//
+// UUIDs
+//
+// Errata: This are not in the spec
+#define TSS_UUID_SRK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 1}} // Storage root key
+#define TSS_UUID_SK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 2}} // System key
+#define TSS_UUID_RK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 3}} // roaming key
+#define TSS_UUID_CRK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 8}} // CMK roaming key
+#define TSS_UUID_USK1 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 4}} // user storage key 1
+#define TSS_UUID_USK2 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 5}} // user storage key 2
+#define TSS_UUID_USK3 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 6}} // user storage key 3
+#define TSS_UUID_USK4 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 7}} // user storage key 4
+#define TSS_UUID_USK5 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 9}} // user storage key 5
+#define TSS_UUID_USK6 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 10}}// user storage key 6
+
+// macro to derive UUIDs for keys whose "OwnerEvict" key is set.
+#define TSS_UUID_OWNEREVICT(i) {0, 0, 0, 0, 0, {0, 0, 0, 0, 1, (i)}}
+
+
+//
+// TPM well-known secret
+//
+#define TSS_WELL_KNOWN_SECRET \
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
+
+
+// Values for the "direction" parameters in the Tspi_PcrComposite_XX functions.
+#define TSS_PCRS_DIRECTION_CREATION ((UINT32)1)
+#define TSS_PCRS_DIRECTION_RELEASE ((UINT32)2)
+
+
+//
+// TSS blob version definition for ASN.1 blobs
+//
+#define TSS_BLOB_STRUCT_VERSION 0x01
+
+//
+// TSS blob type definitions for ASN.1 blobs
+//
+#define TSS_BLOB_TYPE_KEY 0x01
+#define TSS_BLOB_TYPE_PUBKEY 0x02
+#define TSS_BLOB_TYPE_MIGKEY 0x03
+#define TSS_BLOB_TYPE_SEALEDDATA 0x04
+#define TSS_BLOB_TYPE_BOUNDDATA 0x05
+#define TSS_BLOB_TYPE_MIGTICKET 0x06
+#define TSS_BLOB_TYPE_PRIVATEKEY 0x07
+#define TSS_BLOB_TYPE_PRIVATEKEY_MOD1 0x08
+#define TSS_BLOB_TYPE_RANDOM_XOR 0x09
+#define TSS_BLOB_TYPE_CERTIFY_INFO 0x0A
+#define TSS_BLOB_TYPE_KEY_1_2 0x0B
+#define TSS_BLOB_TYPE_CERTIFY_INFO_2 0x0C
+#define TSS_BLOB_TYPE_CMK_MIG_KEY 0x0D
+#define TSS_BLOB_TYPE_CMK_BYTE_STREAM 0x0E
+
+
+
+//
+// Values for TPM_CMK_DELEGATE bitmasks
+// For now these are exactly the same values as the corresponding
+// TPM_CMK_DELEGATE_* bitmasks.
+//
+#define TSS_CMK_DELEGATE_SIGNING (((UINT32)1)<<31)
+#define TSS_CMK_DELEGATE_STORAGE (((UINT32)1)<<30)
+#define TSS_CMK_DELEGATE_BIND (((UINT32)1)<<29)
+#define TSS_CMK_DELEGATE_LEGACY (((UINT32)1)<<28)
+#define TSS_CMK_DELEGATE_MIGRATE (((UINT32)1)<<27)
+
+
+//
+// Constants for DAA
+//
+#define TSS_DAA_LENGTH_N 256 // Length of the RSA Modulus (2048 bits)
+#define TSS_DAA_LENGTH_F 13 // Length of the f_i's (information encoded into the certificate, 104 bits)
+#define TSS_DAA_LENGTH_E 46 // Length of the e's (exponents, part of certificate, 386 bits)
+#define TSS_DAA_LENGTH_E_PRIME 15 // Length of the interval the e's are chosen from (120 bits)
+#define TSS_DAA_LENGTH_V 317 // Length of the v's (random value, part of certificate, 2536 bits)
+#define TSS_DAA_LENGTH_SAFETY 10 // Length of the security parameter controlling the statistical zero-knowledge property (80 bits)
+#define TSS_DAA_LENGTH_HASH TPM_SHA1_160_HASH_LEN // Length of the output of the hash function SHA-1 used for the Fiat-Shamir heuristic(160 bits)
+#define TSS_DAA_LENGTH_S 128 // Length of the split large exponent for easier computations on the TPM (1024 bits)
+#define TSS_DAA_LENGTH_GAMMA 204 // Length of the modulus 'Gamma' (1632 bits)
+#define TSS_DAA_LENGTH_RHO 26 // Length of the order 'rho' of the sub group of Z*_Gamma that is used for roggue tagging (208 bits)
+#define TSS_DAA_LENGTH_MFG1_GAMMA 214 // Length of the output of MGF1 in conjunction with the modulus Gamma (1712 bits)
+#define TSS_DAA_LENGTH_MGF1_AR 25 // Length of the output of MGF1 used for anonymity revocation (200 bits)
+
+
+#endif // __TSS_DEFINES_H__
diff --git a/src/include/tss/tss_error.h b/src/include/tss/tss_error.h new file mode 100644 index 0000000..3330a9b --- /dev/null +++ b/src/include/tss/tss_error.h @@ -0,0 +1,687 @@ +/*++
+
+TSS error return codes
+
+--*/
+
+#ifndef __TSS_ERROR_H__
+#define __TSS_ERROR_H__
+
+#include <tss/platform.h>
+
+//
+// error coding scheme for a Microsoft Windows platform -
+// refer to the TSS Specification Parts
+//
+// Values are 32 bit values layed out as follows:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// +---+-+-+-----------------------+-------+-----------------------+
+// |Lev|C|R| Facility | Layer | Code |
+// +---+-+-+-----------------------+-------+-----------------------+
+// | Platform specific coding | TSS error coding system |
+// +---+-+-+-----------------------+-------+-----------------------+
+//
+// Lev - is the Level code
+//
+// 00 - Success
+// 01 - Informational
+// 10 - Warning
+// 11 - Error
+//
+// C - is the Customer code flag (must actually be set)
+//
+// R - is a reserved bit (unused)
+//
+// Facility - is the facility code: TCPA: proposal 0x028
+//
+// Code - is the facility's status code
+//
+
+//
+// definitions for the code level information
+//
+#define TSS_LEVEL_SUCCESS 0x00 // code level success
+#define TSS_LEVEL_INFO 0x40000000L // code level information
+#define TSS_LEVEL_WARNING 0x80000000L // code level warning
+#define TSS_LEVEL_ERROR 0xC0000000L // code level error
+
+//
+// some defines for the platform specific information
+//
+#define FACILITY_TSS 0x28L // facility number for TCPA return codes
+#define FACILITY_TSS_CODEPOS (FACILITY_TSS << 16) // shift the facility info to the code
+ // position
+
+#define TSS_CUSTOM_CODEFLAG 0x20000000L // bit position for the custom flag in
+ // return code
+
+//
+//
+// TSS error return codes
+//
+//
+#ifndef TSS_E_BASE
+#define TSS_E_BASE 0x00000000L
+#endif // TSS_E_BASE
+#ifndef TSS_W_BASE
+#define TSS_W_BASE 0x00000000L
+#endif // TSS_W_BASE
+#ifndef TSS_I_BASE
+#define TSS_I_BASE 0x00000000L
+#endif // TSS_I_BASE
+
+//
+// basic error return codes common to all TSS Service Provider Interface methods
+// and returned by all TSS SW stack components
+//
+
+//
+// MessageId: TSS_SUCCESS
+//
+// MessageText:
+//
+// Successful completion of the operation.
+//
+#define TSS_SUCCESS (UINT32)(0x00000000L)
+
+//
+// MessageId: TSS_E_FAIL
+//
+// MessageText:
+//
+// An internal error has been detected, but the source is unknown.
+//
+#define TSS_E_FAIL (UINT32)(TSS_E_BASE + 0x002L)
+
+//
+// MessageId: TSS_E_BAD_PARAMETER
+//
+// MessageText:
+//
+// One or more parameter is bad.
+//
+#define TSS_E_BAD_PARAMETER (UINT32)(TSS_E_BASE + 0x003L)
+
+//
+// MessageId: TSS_E_INTERNAL_ERROR
+//
+// MessageText:
+//
+// An internal SW error has been detected.
+//
+#define TSS_E_INTERNAL_ERROR (UINT32)(TSS_E_BASE + 0x004L)
+
+//
+// MessageId: TSS_E_OUTOFMEMORY
+//
+// MessageText:
+//
+// Ran out of memory.
+//
+#define TSS_E_OUTOFMEMORY (UINT32)(TSS_E_BASE + 0x005L)
+
+//
+// MessageId: TSS_E_NOTIMPL
+//
+// MessageText:
+//
+// Not implemented.
+//
+#define TSS_E_NOTIMPL (UINT32)(TSS_E_BASE + 0x006L)
+
+//
+// MessageId: TSS_E_KEY_ALREADY_REGISTERED
+//
+// MessageText:
+//
+// Key is already registered
+//
+#define TSS_E_KEY_ALREADY_REGISTERED (UINT32)(TSS_E_BASE + 0x008L)
+
+
+//
+// MessageId: TSS_E_TPM_UNEXPECTED
+//
+// MessageText:
+//
+// An unexpected TPM error has occurred.
+//
+#define TSS_E_TPM_UNEXPECTED (UINT32)(TSS_E_BASE + 0x010L)
+
+//
+// MessageId: TSS_E_COMM_FAILURE
+//
+// MessageText:
+//
+// A communications error with the TPM has been detected.
+//
+#define TSS_E_COMM_FAILURE (UINT32)(TSS_E_BASE + 0x011L)
+
+//
+// MessageId: TSS_E_TIMEOUT
+//
+// MessageText:
+//
+// The operation has timed out.
+//
+#define TSS_E_TIMEOUT (UINT32)(TSS_E_BASE + 0x012L)
+
+//
+// MessageId: TSS_E_TPM_UNSUPPORTED_FEATURE
+//
+// MessageText:
+//
+// The TPM does not support the requested feature.
+//
+#define TSS_E_TPM_UNSUPPORTED_FEATURE (UINT32)(TSS_E_BASE + 0x014L)
+
+//
+// MessageId: TSS_E_CANCELED
+//
+// MessageText:
+//
+// The action was canceled by request.
+//
+#define TSS_E_CANCELED (UINT32)(TSS_E_BASE + 0x016L)
+
+//
+// MessageId: TSS_E_PS_KEY_NOTFOUND
+//
+// MessageText:
+//
+// The key cannot be found in the persistent storage database.
+//
+#define TSS_E_PS_KEY_NOTFOUND (UINT32)(TSS_E_BASE + 0x020L)
+//
+// MessageId: TSS_E_PS_KEY_EXISTS
+//
+// MessageText:
+//
+// The key already exists in the persistent storage database.
+//
+#define TSS_E_PS_KEY_EXISTS (UINT32)(TSS_E_BASE + 0x021L)
+
+//
+// MessageId: TSS_E_PS_BAD_KEY_STATE
+//
+// MessageText:
+//
+// The key data set not valid in the persistent storage database.
+//
+#define TSS_E_PS_BAD_KEY_STATE (UINT32)(TSS_E_BASE + 0x022L)
+
+
+//
+// error codes returned by specific TSS Service Provider Interface methods
+// offset TSS_TSPI_OFFSET
+//
+
+//
+// MessageId: TSS_E_INVALID_OBJECT_TYPE
+//
+// MessageText:
+//
+// Object type not valid for this operation.
+//
+#define TSS_E_INVALID_OBJECT_TYPE (UINT32)(TSS_E_BASE + 0x101L)
+
+//
+// MessageId: TSS_E_NO_CONNECTION
+//
+// MessageText:
+//
+// Core Service connection doesn't exist.
+//
+#define TSS_E_NO_CONNECTION (UINT32)(TSS_E_BASE + 0x102L)
+
+//
+// MessageId: TSS_E_CONNECTION_FAILED
+//
+// MessageText:
+//
+// Core Service connection failed.
+//
+#define TSS_E_CONNECTION_FAILED (UINT32)(TSS_E_BASE + 0x103L)
+
+//
+// MessageId: TSS_E_CONNECTION_BROKEN
+//
+// MessageText:
+//
+// Communication with Core Service failed.
+//
+#define TSS_E_CONNECTION_BROKEN (UINT32)(TSS_E_BASE + 0x104L)
+
+//
+// MessageId: TSS_E_HASH_INVALID_ALG
+//
+// MessageText:
+//
+// Invalid hash algorithm.
+//
+#define TSS_E_HASH_INVALID_ALG (UINT32)(TSS_E_BASE + 0x105L)
+
+//
+// MessageId: TSS_E_HASH_INVALID_LENGTH
+//
+// MessageText:
+//
+// Hash length is inconsistent with hash algorithm.
+//
+#define TSS_E_HASH_INVALID_LENGTH (UINT32)(TSS_E_BASE + 0x106L)
+
+//
+// MessageId: TSS_E_HASH_NO_DATA
+//
+// MessageText:
+//
+// Hash object has no internal hash value.
+//
+#define TSS_E_HASH_NO_DATA (UINT32)(TSS_E_BASE + 0x107L)
+
+
+//
+// MessageId: TSS_E_INVALID_ATTRIB_FLAG
+//
+// MessageText:
+//
+// Flag value for attrib-functions inconsistent.
+//
+#define TSS_E_INVALID_ATTRIB_FLAG (UINT32)(TSS_E_BASE + 0x109L)
+
+//
+// MessageId: TSS_E_INVALID_ATTRIB_SUBFLAG
+//
+// MessageText:
+//
+// Subflag value for attrib-functions inconsistent.
+//
+#define TSS_E_INVALID_ATTRIB_SUBFLAG (UINT32)(TSS_E_BASE + 0x10AL)
+
+//
+// MessageId: TSS_E_INVALID_ATTRIB_DATA
+//
+// MessageText:
+//
+// Data for attrib-functions invalid.
+//
+#define TSS_E_INVALID_ATTRIB_DATA (UINT32)(TSS_E_BASE + 0x10BL)
+
+//
+// MessageId: TSS_E_INVALID_OBJECT_INITFLAG
+//
+// MessageText:
+//
+// Wrong flag information for object creation.
+//
+// The alternate spelling is supported to be compatible with a typo
+// in the 1.1b header files.
+//
+#define TSS_E_INVALID_OBJECT_INIT_FLAG (UINT32)(TSS_E_BASE + 0x10CL)
+#define TSS_E_INVALID_OBJECT_INITFLAG TSS_E_INVALID_OBJECT_INIT_FLAG
+
+//
+// MessageId: TSS_E_NO_PCRS_SET
+//
+// MessageText:
+//
+// No PCR register are selected or set.
+//
+#define TSS_E_NO_PCRS_SET (UINT32)(TSS_E_BASE + 0x10DL)
+
+//
+// MessageId: TSS_E_KEY_NOT_LOADED
+//
+// MessageText:
+//
+// The addressed key is currently not loaded.
+//
+#define TSS_E_KEY_NOT_LOADED (UINT32)(TSS_E_BASE + 0x10EL)
+
+//
+// MessageId: TSS_E_KEY_NOT_SET
+//
+// MessageText:
+//
+// No key information is currently available.
+//
+#define TSS_E_KEY_NOT_SET (UINT32)(TSS_E_BASE + 0x10FL)
+
+//
+// MessageId: TSS_E_VALIDATION_FAILED
+//
+// MessageText:
+//
+// Internal validation of data failed.
+//
+#define TSS_E_VALIDATION_FAILED (UINT32)(TSS_E_BASE + 0x110L)
+
+//
+// MessageId: TSS_E_TSP_AUTHREQUIRED
+//
+// MessageText:
+//
+// Authorization is required.
+//
+#define TSS_E_TSP_AUTHREQUIRED (UINT32)(TSS_E_BASE + 0x111L)
+
+//
+// MessageId: TSS_E_TSP_AUTH2REQUIRED
+//
+// MessageText:
+//
+// Multiple authorization is required.
+//
+#define TSS_E_TSP_AUTH2REQUIRED (UINT32)(TSS_E_BASE + 0x112L)
+
+//
+// MessageId: TSS_E_TSP_AUTHFAIL
+//
+// MessageText:
+//
+// Authorization failed.
+//
+#define TSS_E_TSP_AUTHFAIL (UINT32)(TSS_E_BASE + 0x113L)
+
+//
+// MessageId: TSS_E_TSP_AUTH2FAIL
+//
+// MessageText:
+//
+// Multiple authorization failed.
+//
+#define TSS_E_TSP_AUTH2FAIL (UINT32)(TSS_E_BASE + 0x114L)
+
+//
+// MessageId: TSS_E_KEY_NO_MIGRATION_POLICY
+//
+// MessageText:
+//
+// There's no migration policy object set for the addressed key.
+//
+#define TSS_E_KEY_NO_MIGRATION_POLICY (UINT32)(TSS_E_BASE + 0x115L)
+
+//
+// MessageId: TSS_E_POLICY_NO_SECRET
+//
+// MessageText:
+//
+// No secret information is currently available for the addressed policy object.
+//
+#define TSS_E_POLICY_NO_SECRET (UINT32)(TSS_E_BASE + 0x116L)
+
+//
+// MessageId: TSS_E_INVALID_OBJ_ACCESS
+//
+// MessageText:
+//
+// The operation failed due to an invalid object status.
+//
+#define TSS_E_INVALID_OBJ_ACCESS (UINT32)(TSS_E_BASE + 0x117L)
+
+//
+// MessageId: TSS_E_INVALID_ENCSCHEME
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_INVALID_ENCSCHEME (UINT32)(TSS_E_BASE + 0x118L)
+
+
+//
+// MessageId: TSS_E_INVALID_SIGSCHEME
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_INVALID_SIGSCHEME (UINT32)(TSS_E_BASE + 0x119L)
+
+//
+// MessageId: TSS_E_ENC_INVALID_LENGTH
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_ENC_INVALID_LENGTH (UINT32)(TSS_E_BASE + 0x120L)
+
+
+//
+// MessageId: TSS_E_ENC_NO_DATA
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_ENC_NO_DATA (UINT32)(TSS_E_BASE + 0x121L)
+
+//
+// MessageId: TSS_E_ENC_INVALID_TYPE
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_ENC_INVALID_TYPE (UINT32)(TSS_E_BASE + 0x122L)
+
+
+//
+// MessageId: TSS_E_INVALID_KEYUSAGE
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_INVALID_KEYUSAGE (UINT32)(TSS_E_BASE + 0x123L)
+
+//
+// MessageId: TSS_E_VERIFICATION_FAILED
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_VERIFICATION_FAILED (UINT32)(TSS_E_BASE + 0x124L)
+
+//
+// MessageId: TSS_E_HASH_NO_IDENTIFIER
+//
+// MessageText:
+//
+// Hash algorithm identifier not set.
+//
+#define TSS_E_HASH_NO_IDENTIFIER (UINT32)(TSS_E_BASE + 0x125L)
+
+//
+// MessageId: TSS_E_INVALID_HANDLE
+//
+// MessageText:
+//
+// An invalid handle
+//
+#define TSS_E_INVALID_HANDLE (UINT32)(TSS_E_BASE + 0x126L)
+
+//
+// MessageId: TSS_E_SILENT_CONTEXT
+//
+// MessageText:
+//
+// A silent context requires user input
+//
+#define TSS_E_SILENT_CONTEXT (UINT32)(TSS_E_BASE + 0x127L)
+
+//
+// MessageId: TSS_E_EK_CHECKSUM
+//
+// MessageText:
+//
+// TSP is instructed to verify the EK checksum and it does not verify.
+//
+#define TSS_E_EK_CHECKSUM (UINT32)(TSS_E_BASE + 0x128L)
+
+
+//
+// MessageId: TSS_E_DELGATION_NOTSET
+//
+// MessageText:
+//
+// The Policy object does not have a delegation blob set.
+//
+#define TSS_E_DELEGATION_NOTSET (UINT32)(TSS_E_BASE + 0x129L)
+
+//
+// MessageId: TSS_E_DELFAMILY_NOTFOUND
+//
+// MessageText:
+//
+// The specified delegation family was not found
+//
+#define TSS_E_DELFAMILY_NOTFOUND (UINT32)(TSS_E_BASE + 0x130L)
+
+//
+// MessageId: TSS_E_DELFAMILY_ROWEXISTS
+//
+// MessageText:
+//
+// The specified delegation family table row is already in use and
+// the command flags does not allow the TSS to overwrite the existing
+// entry.
+//
+#define TSS_E_DELFAMILY_ROWEXISTS (UINT32)(TSS_E_BASE + 0x131L)
+
+//
+// MessageId: TSS_E_VERSION_MISMATCH
+//
+// MessageText:
+//
+// The specified delegation family table row is already in use and
+// the command flags does not allow the TSS to overwrite the existing
+// entry.
+//
+#define TSS_E_VERSION_MISMATCH (UINT32)(TSS_E_BASE + 0x132L)
+
+//
+// MessageId: TSS_E_DAA_AR_DECRYPTION_ERROR
+//
+// Decryption of the encrypted pseudonym has failed, due to
+// either a wrong secret key or a wrong decryption condition.
+//
+#define TSS_E_DAA_AR_DECRYPTION_ERROR (UINT32)(TSS_E_BASE + 0x133L)
+
+//
+// MessageId: TSS_E_DAA_AUTHENTICATION_ERROR
+//
+// The TPM could not be authenticated by the DAA Issuer.
+//
+#define TSS_E_DAA_AUTHENTICATION_ERROR (UINT32)(TSS_E_BASE + 0x134L)
+
+//
+// MessageId: TSS_E_DAA_CHALLENGE_RESPONSE_ERROR
+//
+// DAA Challenge response error.
+//
+#define TSS_E_DAA_CHALLENGE_RESPONSE_ERROR (UINT32)(TSS_E_BASE + 0x135L)
+
+//
+// MessageId: TSS_E_DAA_CREDENTIAL_PROOF_ERROR
+//
+// Verification of the credential TSS_DAA_CRED_ISSUER issued by
+// the DAA Issuer has failed.
+//
+#define TSS_E_DAA_CREDENTIAL_PROOF_ERROR (UINT32)(TSS_E_BASE + 0x136L)
+
+//
+// MessageId: TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR
+//
+// Verification of the platform's credential request
+// TSS_DAA_CREDENTIAL_REQUEST has failed.
+//
+#define TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR (UINT32)(TSS_E_BASE + 0x137L)
+
+//
+// MessageId: TSS_E_DAA_ISSUER_KEY_ERROR
+//
+// DAA Issuer's authentication key chain could not be verified or
+// is not correct.
+//
+#define TSS_E_DAA_ISSUER_KEY_ERROR (UINT32)(TSS_E_BASE + 0x138L)
+
+//
+// MessageId: TSS_E_DAA_PSEUDONYM_ERROR
+//
+// While verifying the pseudonym of the TPM, the private key of the
+// TPM was found on the rogue list.
+//
+#define TSS_E_DAA_PSEUDONYM_ERROR (UINT32)(TSS_E_BASE + 0x139L)
+
+//
+// MessageId: TSS_E_INVALID_RESOURCE
+//
+// Pointer to memory wrong.
+//
+#define TSS_E_INVALID_RESOURCE (UINT32)(TSS_E_BASE + 0x13AL)
+
+//
+// MessageId: TSS_E_NV_AREA_EXIST
+//
+// The NV area referenced already exists
+//
+#define TSS_E_NV_AREA_EXIST (UINT32)(TSS_E_BASE + 0x13BL)
+
+//
+// MessageId: TSS_E_NV_AREA_NOT_EXIST
+//
+// The NV area referenced doesn't exist
+//
+#define TSS_E_NV_AREA_NOT_EXIST (UINT32)(TSS_E_BASE + 0x13CL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_AUTHFAIL
+//
+// The transport session authorization failed
+//
+#define TSS_E_TSP_TRANS_AUTHFAIL (UINT32)(TSS_E_BASE + 0x13DL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_AUTHREQUIRED
+//
+// Authorization for transport is required
+//
+#define TSS_E_TSP_TRANS_AUTHREQUIRED (UINT32)(TSS_E_BASE + 0x13EL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_NOT_EXCLUSIVE
+//
+// A command was executed outside of an exclusive transport session.
+//
+#define TSS_E_TSP_TRANS_NOTEXCLUSIVE (UINT32)(TSS_E_BASE + 0x13FL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_FAIL
+//
+// Generic transport protection error.
+//
+#define TSS_E_TSP_TRANS_FAIL (UINT32)(TSS_E_BASE + 0x140L)
+
+//
+// MessageId: TSS_E_TSP_TRANS_NO_PUBKEY
+//
+// A command could not be executed through a logged transport session
+// because the command used a key and the key's public key is not
+// known to the TSP.
+//
+#define TSS_E_TSP_TRANS_NO_PUBKEY (UINT32)(TSS_E_BASE + 0x141L)
+
+//
+// MessageId: TSS_E_NO_ACTIVE_COUNTER
+//
+// The TPM active counter has not been set yet.
+//
+#define TSS_E_NO_ACTIVE_COUNTER (UINT32)(TSS_E_BASE + 0x142L)
+
+
+#endif // __TSS_ERROR_H__
diff --git a/src/include/tss/tss_error_basics.h b/src/include/tss/tss_error_basics.h new file mode 100644 index 0000000..b9e965c --- /dev/null +++ b/src/include/tss/tss_error_basics.h @@ -0,0 +1,59 @@ +/*++
+
+Basic defines for TSS error return codes
+
+--*/
+
+#ifndef __TSS_ERROR_BASICS_H__
+#define __TSS_ERROR_BASICS_H__
+
+
+//
+// definitions for the various TSS-SW layers
+//
+#ifndef TSS_LAYER_TPM
+#define TSS_LAYER_TPM 0x0000L // definition for TPM layer
+#endif // TSS_LAYER_TPM
+
+#define TSS_LAYER_TDDL 0x1000L // definition for TDDL layer
+#define TSS_LAYER_TCS 0x2000L // definition for TCS layer
+
+#ifndef TSS_LAYER_TSP
+#define TSS_LAYER_TSP 0x3000L // definition for TSP layer
+#endif // TSS_LAYER_TSP
+
+
+//
+// definitions for the start points of layer specific error codes
+//
+#ifndef TSS_COMMON_OFFSET
+#define TSS_COMMON_OFFSET 0x000L
+#endif // TSS_COMMON_OFFSET
+
+#define TSS_TDDL_OFFSET 0x080L
+#define TSS_TCSI_OFFSET 0x0C0L
+
+#ifndef TSS_TSPI_OFFSET
+#define TSS_TSPI_OFFSET 0x100L
+#endif // TSS_TSPI_OFFSET
+
+#ifndef TSS_VENDOR_OFFSET
+#define TSS_VENDOR_OFFSET 0x800L
+#endif // TSS_VENDOR_OFFSET
+
+// do not exceed TSS_MAX_ERROR for vendor specific code values:
+#ifndef TSS_MAX_ERROR
+#define TSS_MAX_ERROR 0xFFFL
+#endif // TSS_MAX_ERROR
+
+
+/* Macros for the construction and interpretation of error codes */
+#define TPM_ERROR(code) (code)
+#define TDDL_ERROR(code) ((code) ? (TSS_LAYER_TDDL | (code)) : (code))
+#define TCS_ERROR(code) ((code) ? (TSS_LAYER_TCS | (code)) : (code))
+#define TSP_ERROR(code) ((code) ? (TSS_LAYER_TSP | (code)) : (code))
+#define ERROR_LAYER(error) ((error) & 0xf000)
+#define ERROR_CODE(error) ((error) & 0x0fff)
+
+#endif // __TSS_ERROR_BASICS_H__
+
diff --git a/src/include/tss/tss_structs.h b/src/include/tss/tss_structs.h new file mode 100644 index 0000000..fa4c4b3 --- /dev/null +++ b/src/include/tss/tss_structs.h @@ -0,0 +1,653 @@ +/*++
+
+TSS structures for TSS
+
+*/
+
+#ifndef __TSS_STRUCTS_H__
+#define __TSS_STRUCTS_H__
+
+#include <tss/platform.h>
+#include <tss/tss_typedef.h>
+#include <tss/tpm.h>
+
+typedef struct tdTSS_VERSION
+{
+ BYTE bMajor;
+ BYTE bMinor;
+ BYTE bRevMajor;
+ BYTE bRevMinor;
+} TSS_VERSION;
+
+typedef struct tdTSS_PCR_EVENT
+{
+ TSS_VERSION versionInfo;
+ UINT32 ulPcrIndex;
+ TSS_EVENTTYPE eventType;
+ UINT32 ulPcrValueLength;
+#ifdef __midl
+ [size_is(ulPcrValueLength)]
+#endif
+ BYTE* rgbPcrValue;
+ UINT32 ulEventLength;
+#ifdef __midl
+ [size_is(ulEventLength)]
+#endif
+ BYTE* rgbEvent;
+} TSS_PCR_EVENT;
+
+
+typedef struct tdTSS_EVENT_CERT
+{
+ TSS_VERSION versionInfo;
+ UINT32 ulCertificateHashLength;
+#ifdef __midl
+ [size_is(ulCertificateHashLength)]
+#endif
+ BYTE* rgbCertificateHash;
+ UINT32 ulEntityDigestLength;
+#ifdef __midl
+ [size_is(ulEntityDigestLength)]
+#endif
+ BYTE* rgbentityDigest;
+ TSS_BOOL fDigestChecked;
+ TSS_BOOL fDigestVerified;
+ UINT32 ulIssuerLength;
+#ifdef __midl
+ [size_is(ulIssuerLength)]
+#endif
+ BYTE* rgbIssuer;
+} TSS_EVENT_CERT;
+
+typedef struct tdTSS_UUID
+{
+ UINT32 ulTimeLow;
+ UINT16 usTimeMid;
+ UINT16 usTimeHigh;
+ BYTE bClockSeqHigh;
+ BYTE bClockSeqLow;
+ BYTE rgbNode[6];
+} TSS_UUID;
+
+typedef struct tdTSS_KM_KEYINFO
+{
+ TSS_VERSION versionInfo;
+ TSS_UUID keyUUID;
+ TSS_UUID parentKeyUUID;
+ BYTE bAuthDataUsage; // whether auth is needed to load child keys
+ TSS_BOOL fIsLoaded; // TRUE: actually loaded in TPM
+ UINT32 ulVendorDataLength; // may be 0
+#ifdef __midl
+ [size_is(ulVendorDataLength)]
+#endif
+ BYTE *rgbVendorData; // may be NULL
+} TSS_KM_KEYINFO;
+
+
+typedef struct tdTSS_KM_KEYINFO2
+{
+ TSS_VERSION versionInfo;
+ TSS_UUID keyUUID;
+ TSS_UUID parentKeyUUID;
+ BYTE bAuthDataUsage; // whether auth is needed to load child keys
+ TSS_FLAG persistentStorageType;
+ TSS_FLAG persistentStorageTypeParent;
+ TSS_BOOL fIsLoaded; // TRUE: actually loaded in TPM
+ UINT32 ulVendorDataLength; // may be 0
+#ifdef __midl
+ [size_is(ulVendorDataLength)]
+#endif
+ BYTE *rgbVendorData; // may be NULL
+} TSS_KM_KEYINFO2;
+
+
+typedef struct tdTSS_NONCE
+{
+ BYTE nonce[TPM_SHA1BASED_NONCE_LEN];
+} TSS_NONCE;
+
+
+typedef struct tdTSS_VALIDATION
+{
+ TSS_VERSION versionInfo;
+ UINT32 ulExternalDataLength;
+#ifdef __midl
+ [size_is(ulExternalDataLength)]
+#endif
+ BYTE* rgbExternalData;
+ UINT32 ulDataLength;
+#ifdef __midl
+ [size_is(ulDataLength)]
+#endif
+ BYTE* rgbData;
+ UINT32 ulValidationDataLength;
+#ifdef __midl
+ [size_is(ulValidationDataLength)]
+#endif
+ BYTE* rgbValidationData;
+} TSS_VALIDATION;
+
+
+typedef struct tdTSS_CALLBACK
+{
+ PVOID callback;
+ PVOID appData;
+ TSS_ALGORITHM_ID alg;
+} TSS_CALLBACK;
+
+
+typedef struct tdTSS_DAA_PK
+{
+ TSS_VERSION versionInfo;
+ UINT32 modulusLength;
+#ifdef __midl
+ [size_is(modulusLength)]
+#endif
+ BYTE* modulus;
+ UINT32 capitalSLength;
+#ifdef __midl
+ [size_is(capitalSLength)]
+#endif
+ BYTE* capitalS;
+ UINT32 capitalZLength;
+#ifdef __midl
+ [size_is(capitalZLength)]
+#endif
+ BYTE* capitalZ;
+ UINT32 capitalR0Length;
+#ifdef __midl
+ [size_is(capitalR0Length)]
+#endif
+ BYTE* capitalR0;
+ UINT32 capitalR1Length;
+#ifdef __midl
+ [size_is(capitalR1Length)]
+#endif
+ BYTE* capitalR1;
+ UINT32 gammaLength;
+#ifdef __midl
+ [size_is(gammaLength)]
+#endif
+ BYTE* gamma;
+ UINT32 capitalGammaLength;
+#ifdef __midl
+ [size_is(capitalGammaLength)]
+#endif
+ BYTE* capitalGamma;
+ UINT32 rhoLength;
+#ifdef __midl
+ [size_is(rhoLength)]
+#endif
+ BYTE* rho;
+ UINT32 capitalYLength; // Length of first dimenstion
+ UINT32 capitalYLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(capitalYLength,capitalYLength2)]
+#endif
+ BYTE** capitalY;
+ UINT32 capitalYPlatformLength;
+ UINT32 issuerBaseNameLength;
+#ifdef __midl
+ [size_is(issuerBaseName)]
+#endif
+ BYTE* issuerBaseName;
+ UINT32 numPlatformAttributes;
+ UINT32 numIssuerAttributes;
+} TSS_DAA_PK;
+
+typedef struct tdTSS_DAA_PK_PROOF
+{
+ TSS_VERSION versionInfo;
+ UINT32 challengeLength;
+#ifdef __midl
+ [size_is(challengeLength)]
+#endif
+ BYTE* challenge;
+ UINT32 responseLength; // Length of first dimension
+ UINT32 responseLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(responseLength,responseLength2)]
+#endif
+ BYTE** response;
+} TSS_DAA_PK_PROOF;
+
+typedef struct tdTSS_DAA_SK
+{
+ TSS_VERSION versionInfo;
+ UINT32 productPQprimeLength;
+#ifdef __midl
+ [size_is(productPQprimeLength)]
+#endif
+ BYTE* productPQprime;
+} TSS_DAA_SK;
+
+
+typedef struct tdTSS_DAA_KEY_PAIR
+{
+ TSS_VERSION versionInfo;
+ TSS_DAA_SK secretKey;
+ TSS_DAA_PK publicKey;
+} TSS_DAA_KEY_PAIR;
+
+typedef struct tdTSS_DAA_AR_PK
+{
+ TSS_VERSION versionInfo;
+ UINT32 etaLength;
+#ifdef __midl
+ [size_is(etaLength)]
+#endif
+ BYTE* eta;
+ UINT32 lambda1Length;
+#ifdef __midl
+ [size_is(lambda1Length)]
+#endif
+ BYTE* lambda1;
+ UINT32 lambda2Length;
+#ifdef __midl
+ [size_is(lambda2Length)]
+#endif
+ BYTE* lambda2;
+ UINT32 lambda3Length;
+#ifdef __midl
+ [size_is(lambda3Length)]
+#endif
+ BYTE* lambda3;
+} TSS_DAA_AR_PK;
+
+typedef struct tdTSS_DAA_AR_SK
+{
+ TSS_VERSION versionInfo;
+ UINT32 x0Length;
+#ifdef __midl
+ [size_is(x0Length)]
+#endif
+ BYTE* x0;
+ UINT32 x1Length;
+#ifdef __midl
+ [size_is(x1Length)]
+#endif
+ BYTE* x1;
+ UINT32 x2Length;
+#ifdef __midl
+ [size_is(x2Length)]
+#endif
+ BYTE* x2;
+ UINT32 x3Length;
+#ifdef __midl
+ [size_is(x3Length)]
+#endif
+ BYTE* x3;
+ UINT32 x4Length;
+#ifdef __midl
+ [size_is(x4Length)]
+#endif
+ BYTE* x4;
+ UINT32 x5Length;
+#ifdef __midl
+ [size_is(x5Length)]
+#endif
+ BYTE* x5;
+} TSS_DAA_AR_SK;
+
+typedef struct tdTSS_DAA_AR_KEY_PAIR
+{
+ TSS_VERSION versionInfo;
+ TSS_DAA_AR_SK secretKey;
+ TSS_DAA_AR_PK publicKey;
+} TSS_DAA_AR_KEY_PAIR;
+
+typedef struct tdTSS_DAA_CRED_ISSUER
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalALength;
+#ifdef __midl
+ [size_is(capitalALength)]
+#endif
+ BYTE* capitalA;
+ UINT32 eLength;
+#ifdef __midl
+ [size_is(eLength)]
+#endif
+ BYTE* e;
+ UINT32 vPrimePrimeLength;
+#ifdef __midl
+ [size_is(vPrimePrimeLength)]
+#endif
+ BYTE* vPrimePrime;
+ UINT32 attributesIssuerLength; // Length of first dimension
+ UINT32 attributesIssuerLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(attributesIssuerLength,attributesIssuerLength2)]
+#endif
+ BYTE** attributesIssuer;
+ UINT32 cPrimeLength;
+#ifdef __midl
+ [size_is(cPrimeLength)]
+#endif
+ BYTE* cPrime;
+ UINT32 sELength;
+#ifdef __midl
+ [size_is(sELength)]
+#endif
+ BYTE* sE;
+} TSS_DAA_CRED_ISSUER;
+
+typedef struct tdTSS_DAA_CREDENTIAL
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalALength;
+#ifdef __midl
+ [size_is(capitalALength)]
+#endif
+ BYTE* capitalA;
+ UINT32 exponentLength;
+#ifdef __midl
+ [size_is(exponentLength)]
+#endif
+ BYTE* exponent;
+ UINT32 vBar0Length;
+#ifdef __midl
+ [size_is(vBar0Length)]
+#endif
+ BYTE* vBar0;
+ UINT32 vBar1Length;
+#ifdef __midl
+ [size_is(vBar1Length)]
+#endif
+ BYTE* vBar1;
+ UINT32 attributesLength; // Length of first dimension
+ UINT32 attributesLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(attributesLength,attributesLength2)]
+#endif
+ BYTE** attributes;
+ TSS_DAA_PK issuerPK;
+ UINT32 tpmSpecificEncLength;
+#ifdef __midl
+ [size_is(tpmSpecificEncLength)]
+#endif
+ BYTE* tpmSpecificEnc;
+ UINT32 daaCounter;
+} TSS_DAA_CREDENTIAL;
+
+typedef struct tdTSS_DAA_ATTRIB_COMMIT
+{
+ TSS_VERSION versionInfo;
+ UINT32 betaLength;
+#ifdef __midl
+ [size_is(betaLength)]
+#endif
+ BYTE* beta;
+ UINT32 sMuLength;
+#ifdef __midl
+ [size_is(sMuLength)]
+#endif
+ BYTE* sMu;
+} TSS_DAA_ATTRIB_COMMIT;
+
+typedef struct tdTSS_DAA_CREDENTIAL_REQUEST
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalULength;
+#ifdef __midl
+ [size_is(capitalULength)]
+#endif
+ BYTE* capitalU;
+ UINT32 capitalNiLength;
+#ifdef __midl
+ [size_is(capitalNiLength)]
+#endif
+ BYTE* capitalNi;
+ UINT32 authenticationProofLength;
+#ifdef __midl
+ [size_is(authenticationProofLength)]
+#endif
+ BYTE* authenticationProof;
+ UINT32 challengeLength;
+#ifdef __midl
+ [size_is(challengeLength)]
+#endif
+ BYTE* challenge;
+ UINT32 nonceTpmLength;
+#ifdef __midl
+ [size_is(nonceTpmLength)]
+#endif
+ BYTE* nonceTpm;
+ UINT32 noncePlatformLength;
+#ifdef __midl
+ [size_is(noncePlatformLength)]
+#endif
+ BYTE* noncePlatform;
+ UINT32 sF0Length;
+#ifdef __midl
+ [size_is(sF0Length)]
+#endif
+ BYTE* sF0;
+ UINT32 sF1Length;
+#ifdef __midl
+ [size_is(sF1Length)]
+#endif
+ BYTE* sF1;
+ UINT32 sVprimeLength;
+#ifdef __midl
+ [size_is(sVprimeLength)]
+#endif
+ BYTE* sVprime;
+ UINT32 sVtildePrimeLength;
+#ifdef __midl
+ [size_is(sVtildePrimeLength)]
+#endif
+ BYTE* sVtildePrime;
+ UINT32 sALength; // Length of first dimension
+ UINT32 sALength2; // Length of second dimension
+#ifdef __midl
+ [size_is(sALength,sALength2)]
+#endif
+ BYTE** sA;
+ UINT32 attributeCommitmentsLength;
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments;
+} TSS_DAA_CREDENTIAL_REQUEST;
+
+typedef struct tdTSS_DAA_SELECTED_ATTRIB
+{
+ TSS_VERSION versionInfo;
+ UINT32 indicesListLength;
+#ifdef __midl
+ [size_is(indicesListLength)]
+#endif
+ TSS_BOOL* indicesList;
+} TSS_DAA_SELECTED_ATTRIB;
+
+typedef struct tdTSS_DAA_PSEUDONYM
+{
+ TSS_VERSION versionInfo;
+ TSS_FLAG payloadFlag;
+ UINT32 payloadLength;
+#ifdef __midl
+ [size_is(payloadLength)]
+#endif
+ BYTE* payload;
+} TSS_DAA_PSEUDONYM;
+
+typedef struct tdTSS_DAA_PSEUDONYM_PLAIN
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalNvLength;
+#ifdef __midl
+ [size_is(capitalNvLength)]
+#endif
+ BYTE* capitalNv;
+} TSS_DAA_PSEUDONYM_PLAIN;
+
+typedef struct tdTSS_DAA_PSEUDONYM_ENCRYPTED
+{
+ TSS_VERSION versionInfo;
+ UINT32 delta1Length;
+#ifdef __midl
+ [size_is(delta1Length)]
+#endif
+ BYTE* delta1;
+ UINT32 delta2Length;
+#ifdef __midl
+ [size_is(delta2Length)]
+#endif
+ BYTE* delta2;
+ UINT32 delta3Length;
+#ifdef __midl
+ [size_is(delta3Length)]
+#endif
+ BYTE* delta3;
+ UINT32 delta4Length;
+#ifdef __midl
+ [size_is(delta4Length)]
+#endif
+ BYTE* delta4;
+ UINT32 sTauLength;
+#ifdef __midl
+ [size_is(sTauLength)]
+#endif
+ BYTE* sTau;
+} TSS_DAA_PSEUDONYM_ENCRYPTED;
+
+typedef struct tdTSS_DAA_SIGN_CALLBACK
+{
+ TSS_VERSION versionInfo;
+ TSS_HHASH challenge;
+ TSS_FLAG payloadFlag;
+ UINT32 payloadLength;
+#ifdef __midl
+ [size_is(payloadLength)]
+#endif
+ BYTE* payload;
+} TSS_DAA_SIGN_CALLBACK;
+
+typedef struct tdTSS_DAA_SIGNATURE
+{
+ TSS_VERSION versionInfo;
+ UINT32 zetaLength;
+#ifdef __midl
+ [size_is(zetaLength)]
+#endif
+ BYTE* zeta;
+ UINT32 capitalTLength;
+#ifdef __midl
+ [size_is(capitalTLength)]
+#endif
+ BYTE* capitalT;
+ UINT32 challengeLength;
+#ifdef __midl
+ [size_is(challengeLength)]
+#endif
+ BYTE* challenge;
+ UINT32 nonceTpmLength;
+#ifdef __midl
+ [size_is(nonceTpmLength)]
+#endif
+ BYTE* nonceTpm;
+ UINT32 sVLength;
+#ifdef __midl
+ [size_is(sVLength)]
+#endif
+ BYTE* sV;
+ UINT32 sF0Length;
+#ifdef __midl
+ [size_is(sF0Length)]
+#endif
+ BYTE* sF0;
+ UINT32 sF1Length;
+#ifdef __midl
+ [size_is(sF1Length)]
+#endif
+ BYTE* sF1;
+ UINT32 sELength;
+#ifdef __midl
+ [size_is(sELength)]
+#endif
+ BYTE* sE;
+ UINT32 sALength; // Length of first dimension
+ UINT32 sALength2; // Length of second dimension
+#ifdef __midl
+ [size_is(sALength,sALength2)]
+#endif
+ BYTE** sA;
+ UINT32 attributeCommitmentsLength;
+#ifdef __midl
+ [size_is(attributeCommitmentsLength)]
+#endif
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments;
+ TSS_DAA_PSEUDONYM signedPseudonym;
+ TSS_DAA_SIGN_CALLBACK callbackResult;
+} TSS_DAA_SIGNATURE;
+
+typedef struct tdTSS_DAA_IDENTITY_PROOF
+{
+ TSS_VERSION versionInfo;
+ UINT32 endorsementLength;
+#ifdef __midl
+ [size_is(endorsementLength)]
+#endif
+ BYTE* endorsementCredential;
+ UINT32 platformLength;
+#ifdef __midl
+ [size_is(platformLength)]
+#endif
+ BYTE* platform;
+ UINT32 conformanceLength;
+#ifdef __midl
+ [size_is(conformanceLength)]
+#endif
+ BYTE* conformance;
+} TSS_DAA_IDENTITY_PROOF;
+
+
+////////////////////////////////////////////////////////////////////
+
+typedef UINT32 TSS_FAMILY_ID;
+typedef BYTE TSS_DELEGATION_LABEL;
+// Values are TSS_DELEGATIONTYPE_KEY or TSS_DELEGATIONTYPE_OWNER
+typedef UINT32 TSS_DELEGATION_TYPE;
+
+typedef struct tdTSS_PCR_INFO_SHORT
+{
+ UINT32 sizeOfSelect;
+#ifdef __midl
+ [size_is(sizeOfSelect)]
+#endif
+ BYTE *selection;
+ BYTE localityAtRelease;
+ UINT32 sizeOfDigestAtRelease;
+#ifdef __midl
+ [size_is(sizeOfDigestAtRelease)]
+#endif
+ BYTE *digestAtRelease;
+} TSS_PCR_INFO_SHORT;
+
+typedef struct tdTSS_FAMILY_TABLE_ENTRY
+{
+ TSS_FAMILY_ID familyID;
+ TSS_DELEGATION_LABEL label;
+ UINT32 verificationCount;
+ TSS_BOOL enabled;
+ TSS_BOOL locked;
+} TSS_FAMILY_TABLE_ENTRY;
+
+typedef struct tdTSS_DELEGATION_TABLE_ENTRY
+{
+ UINT32 tableIndex;
+ TSS_DELEGATION_LABEL label;
+ TSS_PCR_INFO_SHORT pcrInfo;
+ UINT32 per1;
+ UINT32 per2;
+ TSS_FAMILY_ID familyID;
+ UINT32 verificationCount;
+} TSS_DELEGATION_TABLE_ENTRY;
+
+typedef struct tdTSS_PLATFORM_CLASS
+{
+ UINT32 platformClassSimpleIdentifier;
+ UINT32 platformClassURISize;
+ BYTE* pPlatformClassURI;
+} TSS_PLATFORM_CLASS;
+
+#endif // __TSS_STRUCTS_H__
+
diff --git a/src/include/tss/tss_typedef.h b/src/include/tss/tss_typedef.h new file mode 100644 index 0000000..c23ef09 --- /dev/null +++ b/src/include/tss/tss_typedef.h @@ -0,0 +1,48 @@ +/*++
+
+Global typedefs for TSS
+
+*/
+
+#ifndef __TSS_TYPEDEF_H__
+#define __TSS_TYPEDEF_H__
+
+#include <tss/platform.h>
+
+//--------------------------------------------------------------------
+// definitions for TSS Service Provider (TSP)
+//
+typedef UINT32 TSS_HANDLE;
+
+typedef UINT32 TSS_FLAG; // object attributes
+typedef UINT32 TSS_RESULT; // the return code from a TSS function
+
+typedef UINT32 TSS_HOBJECT; // basic object handle
+typedef TSS_HOBJECT TSS_HCONTEXT; // context object handle
+typedef TSS_HOBJECT TSS_HPOLICY; // policy object handle
+typedef TSS_HOBJECT TSS_HTPM; // TPM object handle
+typedef TSS_HOBJECT TSS_HKEY; // key object handle
+typedef TSS_HOBJECT TSS_HENCDATA; // encrypted data object handle
+typedef TSS_HOBJECT TSS_HPCRS; // PCR composite object handle
+typedef TSS_HOBJECT TSS_HHASH; // hash object handle
+typedef TSS_HOBJECT TSS_HNVSTORE; // NV storage object handle
+typedef TSS_HOBJECT TSS_HMIGDATA; // migration data utility obj handle
+typedef TSS_HOBJECT TSS_HDELFAMILY; // delegation family object handle
+typedef TSS_HOBJECT TSS_HDAA_CREDENTIAL; // daa credential
+typedef TSS_HOBJECT TSS_HDAA_ISSUER_KEY; // daa credential issuer keypair
+typedef TSS_HOBJECT TSS_HDAA_ARA_KEY; // daa anonymity revocation
+ // authority keypair
+
+typedef UINT32 TSS_EVENTTYPE;
+typedef UINT16 TSS_MIGRATE_SCHEME;
+typedef UINT32 TSS_ALGORITHM_ID;
+typedef UINT32 TSS_KEY_USAGE_ID;
+typedef UINT16 TSS_KEY_ENC_SCHEME;
+typedef UINT16 TSS_KEY_SIG_SCHEME;
+typedef BYTE TSS_KEY_AUTH_DATA_USAGE;
+typedef UINT32 TSS_CMK_DELEGATE;
+typedef UINT32 TSS_NV_INDEX;
+typedef UINT32 TSS_COUNTER_ID;
+
+#endif // __TSS_TYPEDEF_H__
+
|