This commit adds the necessary TPM2 types and structs as the preparation for the TPM2 Software Stack (TSS2) support. The Marshal/Unmarshal functions are also added to handle the data structure to be submitted to TPM2 commands and to be received from the response.
Cc: Stefan Berger <stef...@linux.ibm.com> Signed-off-by: Hernan Gatta <hega...@linux.microsoft.com> Signed-off-by: Gary Lin <g...@suse.com> Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com> --- grub-core/lib/tss2/tss2_mu.c | 1174 +++++++++++++++++++++++++++++ grub-core/lib/tss2/tss2_mu.h | 397 ++++++++++ grub-core/lib/tss2/tss2_structs.h | 773 +++++++++++++++++++ grub-core/lib/tss2/tss2_types.h | 404 ++++++++++ 4 files changed, 2748 insertions(+) create mode 100644 grub-core/lib/tss2/tss2_mu.c create mode 100644 grub-core/lib/tss2/tss2_mu.h create mode 100644 grub-core/lib/tss2/tss2_structs.h create mode 100644 grub-core/lib/tss2/tss2_types.h diff --git a/grub-core/lib/tss2/tss2_mu.c b/grub-core/lib/tss2/tss2_mu.c new file mode 100644 index 000000000..86134cc0a --- /dev/null +++ b/grub-core/lib/tss2/tss2_mu.c @@ -0,0 +1,1174 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2022 Microsoft Corporation + * Copyright (C) 2024 Free Software Foundation, Inc. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see <http://www.gnu.org/licenses/>. + */ + +#include <grub/misc.h> + +#include <tss2_mu.h> + +void +grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_AUTH_COMMAND_t *authCommand) +{ + grub_uint32_t start; + grub_uint32_t tmp; + + grub_tpm2_buffer_pack_u32 (buffer, 0); + start = buffer->size; + + grub_tpm2_buffer_pack_u32 (buffer, authCommand->sessionHandle); + + grub_tpm2_buffer_pack_u16 (buffer, authCommand->nonce.size); + grub_tpm2_buffer_pack (buffer, authCommand->nonce.buffer, authCommand->nonce.size); + + grub_tpm2_buffer_pack_u8 (buffer, *((const grub_uint8_t *) &authCommand->sessionAttributes)); + + grub_tpm2_buffer_pack_u16 (buffer, authCommand->hmac.size); + grub_tpm2_buffer_pack (buffer, authCommand->hmac.buffer, authCommand->hmac.size); + + tmp = grub_cpu_to_be32 (buffer->size - start); + grub_memcpy (&buffer->data[start - sizeof (grub_uint32_t)], &tmp, sizeof (tmp)); +} + +void +grub_Tss2_MU_TPM2B_Marshal (grub_tpm2_buffer_t buffer, + const grub_uint16_t size, + const grub_uint8_t *b) +{ + grub_uint16_t i; + + grub_tpm2_buffer_pack_u16 (buffer, size); + + for (i = 0; i < size; i++) + grub_tpm2_buffer_pack_u8 (buffer, b[i]); +} + +void +grub_Tss2_MU_TPMU_SYM_KEY_BITS_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_SYM_OBJECT_t algorithm, + const TPMU_SYM_KEY_BITS_t *p) +{ + switch (algorithm) + { + case TPM_ALG_AES: + case TPM_ALG_SM4: + case TPM_ALG_CAMELLIA: + case TPM_ALG_XOR: + grub_tpm2_buffer_pack_u16 (buffer, *((const grub_uint16_t *) p)); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMU_SYM_MODE_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_SYM_OBJECT_t algorithm, + const TPMU_SYM_MODE_t *p) +{ + switch (algorithm) + { + case TPM_ALG_AES: + case TPM_ALG_SM4: + case TPM_ALG_CAMELLIA: + grub_tpm2_buffer_pack_u16 (buffer, *((const grub_uint16_t *) p)); + break; + case TPM_ALG_XOR: + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_SYM_DEF_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SYM_DEF_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->algorithm); + grub_Tss2_MU_TPMU_SYM_KEY_BITS_Marshal (buffer, p->algorithm, &p->keyBits); + grub_Tss2_MU_TPMU_SYM_MODE_Marshal (buffer, p->algorithm, &p->mode); +} + +void +grub_Tss2_MU_TPMS_PCR_SELECTION_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_PCR_SELECTION_t *pcrSelection) +{ + grub_uint32_t i; + + grub_tpm2_buffer_pack_u16 (buffer, pcrSelection->hash); + grub_tpm2_buffer_pack_u8 (buffer, pcrSelection->sizeOfSelect); + + for (i = 0; i < pcrSelection->sizeOfSelect; i++) + grub_tpm2_buffer_pack_u8 (buffer, pcrSelection->pcrSelect[i]); +} + +void +grub_Tss2_MU_TPML_PCR_SELECTION_Marshal (grub_tpm2_buffer_t buffer, + const TPML_PCR_SELECTION_t *pcrSelection) +{ + grub_uint32_t i; + + grub_tpm2_buffer_pack_u32 (buffer, pcrSelection->count); + + for (i = 0; i < pcrSelection->count; i++) + grub_Tss2_MU_TPMS_PCR_SELECTION_Marshal (buffer, &pcrSelection->pcrSelections[i]); +} + +void +grub_Tss2_MU_TPMA_OBJECT_Marshal (grub_tpm2_buffer_t buffer, + const TPMA_OBJECT_t *p) +{ + grub_tpm2_buffer_pack_u32 (buffer, *((const grub_uint32_t *) p)); +} + +void +grub_Tss2_MU_TPMS_SCHEME_XOR_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SCHEME_XOR_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->hashAlg); + grub_tpm2_buffer_pack_u16 (buffer, p->kdf); +} + +void +grub_Tss2_MU_TPMS_SCHEME_HMAC_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SCHEME_HMAC_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->hashAlg); +} + +void +grub_Tss2_MU_TPMU_SCHEME_KEYEDHASH_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_KEYEDHASH_SCHEME_t scheme, + const TPMU_SCHEME_KEYEDHASH_t *p) +{ + switch (scheme) + { + case TPM_ALG_HMAC: + grub_Tss2_MU_TPMS_SCHEME_HMAC_Marshal (buffer, &p->hmac); + break; + case TPM_ALG_XOR: + grub_Tss2_MU_TPMS_SCHEME_XOR_Marshal (buffer, &p->exclusiveOr); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_KEYEDHASH_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_KEYEDHASH_SCHEME_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->scheme); + grub_Tss2_MU_TPMU_SCHEME_KEYEDHASH_Marshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMS_KEYEDHASH_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_KEYEDHASH_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_KEYEDHASH_SCHEME_Marshal (buffer, &p->scheme); +} + +void +grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SYM_DEF_OBJECT_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->algorithm); + grub_Tss2_MU_TPMU_SYM_KEY_BITS_Marshal (buffer, p->algorithm, &p->keyBits); + grub_Tss2_MU_TPMU_SYM_MODE_Marshal (buffer, p->algorithm, &p->mode); +} + +void +grub_Tss2_MU_TPMU_ASYM_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_RSA_DECRYPT_t scheme, + const TPMU_ASYM_SCHEME_t *p __attribute__ ((unused))) +{ + switch (scheme) + { + case TPM_ALG_NULL: + break; + default: + /* Unsupported */ + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_RSA_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_RSA_SCHEME_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->scheme); + grub_Tss2_MU_TPMU_ASYM_SCHEME_Marshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMS_RSA_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_RSA_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Marshal (buffer, &p->symmetric); + grub_Tss2_MU_TPMT_RSA_SCHEME_Marshal (buffer, &p->scheme); + grub_tpm2_buffer_pack_u16 (buffer, p->keyBits); + grub_tpm2_buffer_pack_u32 (buffer, p->exponent); +} + +void +grub_Tss2_MU_TPMS_SYMCIPHER_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SYMCIPHER_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Marshal (buffer, &p->sym); +} + +void +grub_Tss2_MU_TPMT_ECC_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_ECC_SCHEME_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->scheme); + grub_Tss2_MU_TPMU_ASYM_SCHEME_Marshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMU_KDF_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_KDF_t scheme, + const TPMU_KDF_SCHEME_t *p) +{ + switch (scheme) + { + case TPM_ALG_MGF1: + grub_tpm2_buffer_pack_u16 (buffer, p->mgf1.hashAlg); + break; + case TPM_ALG_KDF1_SP800_56A: + grub_tpm2_buffer_pack_u16 (buffer, p->kdf1_sp800_56a.hashAlg); + break; + case TPM_ALG_KDF2: + grub_tpm2_buffer_pack_u16 (buffer, p->kdf2.hashAlg); + break; + case TPM_ALG_KDF1_SP800_108: + grub_tpm2_buffer_pack_u16 (buffer, p->kdf1_sp800_108.hashAlg); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_KDF_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_KDF_SCHEME_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->scheme); + grub_Tss2_MU_TPMU_KDF_SCHEME_Marshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMS_ECC_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_ECC_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Marshal (buffer, &p->symmetric); + grub_Tss2_MU_TPMT_ECC_SCHEME_Marshal (buffer, &p->scheme); + grub_tpm2_buffer_pack_u16 (buffer, p->curveID); + grub_Tss2_MU_TPMT_KDF_SCHEME_Marshal (buffer, &p->kdf); +} + +void +grub_Tss2_MU_TPMU_PUBLIC_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const grub_uint32_t type, + const TPMU_PUBLIC_PARMS_t *p) +{ + switch (type) + { + case TPM_ALG_KEYEDHASH: + grub_Tss2_MU_TPMS_KEYEDHASH_PARMS_Marshal (buffer, &p->keyedHashDetail); + break; + case TPM_ALG_SYMCIPHER: + grub_Tss2_MU_TPMS_SYMCIPHER_PARMS_Marshal (buffer, &p->symDetail); + break; + case TPM_ALG_RSA: + grub_Tss2_MU_TPMS_RSA_PARMS_Marshal (buffer, &p->rsaDetail); + break; + case TPM_ALG_ECC: + grub_Tss2_MU_TPMS_ECC_PARMS_Marshal (buffer, &p->eccDetail); + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMS_ECC_POINT_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_ECC_POINT_t *p) +{ + grub_Tss2_MU_TPM2B_Marshal (buffer, p->x.size, p->x.buffer); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->y.size, p->y.buffer); +} + +void +grub_Tss2_MU_TPMU_PUBLIC_ID_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_PUBLIC_t type, + const TPMU_PUBLIC_ID_t *p) +{ + switch(type) + { + case TPM_ALG_KEYEDHASH: + grub_Tss2_MU_TPM2B_Marshal (buffer, p->keyedHash.size, p->keyedHash.buffer); + break; + case TPM_ALG_SYMCIPHER: + grub_Tss2_MU_TPM2B_Marshal (buffer, p->sym.size, p->sym.buffer); + break; + case TPM_ALG_RSA: + grub_Tss2_MU_TPM2B_Marshal (buffer, p->rsa.size, p->rsa.buffer); + break; + case TPM_ALG_ECC: + grub_Tss2_MU_TPMS_ECC_POINT_Marshal (buffer, &p->ecc); + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_PUBLIC_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_PUBLIC_PARMS_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->type); + grub_Tss2_MU_TPMU_PUBLIC_PARMS_Marshal (buffer, p->type, &p->parameters); +} + +void +grub_Tss2_MU_TPMT_PUBLIC_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_PUBLIC_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->type); + grub_tpm2_buffer_pack_u16 (buffer, p->nameAlg); + grub_Tss2_MU_TPMA_OBJECT_Marshal (buffer, &p->objectAttributes); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->authPolicy.size, p->authPolicy.buffer); + grub_Tss2_MU_TPMU_PUBLIC_PARMS_Marshal (buffer, p->type, &p->parameters); + grub_Tss2_MU_TPMU_PUBLIC_ID_Marshal (buffer, p->type, &p->unique); +} + +void +grub_Tss2_MU_TPM2B_PUBLIC_Marshal (grub_tpm2_buffer_t buffer, + const TPM2B_PUBLIC_t *p) +{ + grub_uint32_t start; + grub_uint16_t size; + + if (p) + { + grub_tpm2_buffer_pack_u16 (buffer, p->size); + + start = buffer->size; + grub_Tss2_MU_TPMT_PUBLIC_Marshal (buffer, &p->publicArea); + size = grub_cpu_to_be16 (buffer->size - start); + grub_memcpy (&buffer->data[start - sizeof (grub_uint16_t)], &size, sizeof (size)); + } + else + grub_tpm2_buffer_pack_u16 (buffer, 0); +} + +void +grub_Tss2_MU_TPMS_SENSITIVE_CREATE_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SENSITIVE_CREATE_t *p) +{ + grub_Tss2_MU_TPM2B_Marshal (buffer, p->userAuth.size, p->userAuth.buffer); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->data.size, p->data.buffer); +} + +void +grub_Tss2_MU_TPMU_SENSITIVE_COMPOSITE_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_PUBLIC_t type, + const TPMU_SENSITIVE_COMPOSITE_t *p) +{ + switch(type) + { + case TPM_ALG_RSA: + grub_Tss2_MU_TPM2B_Marshal (buffer, p->rsa.size, p->rsa.buffer); + break; + case TPM_ALG_ECC: + grub_Tss2_MU_TPM2B_Marshal (buffer, p->ecc.size, p->ecc.buffer); + break; + case TPM_ALG_KEYEDHASH: + grub_Tss2_MU_TPM2B_Marshal (buffer, p->bits.size, p->bits.buffer); + break; + case TPM_ALG_SYMCIPHER: + grub_Tss2_MU_TPM2B_Marshal (buffer, p->sym.size, p->sym.buffer); + break; + default: + buffer->error = 1; + } +} + +void +grub_Tss2_MU_TPMT_SENSITIVE_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SENSITIVE_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->sensitiveType); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->authValue.size, p->authValue.buffer); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->seedValue.size, p->seedValue.buffer); + grub_Tss2_MU_TPMU_SENSITIVE_COMPOSITE_Marshal (buffer, p->sensitiveType, &p->sensitive); +} + +void +grub_Tss2_MU_TPM2B_SENSITIVE_Marshal (grub_tpm2_buffer_t buffer, + const TPM2B_SENSITIVE_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->size); + grub_Tss2_MU_TPMT_SENSITIVE_Marshal (buffer, &p->sensitiveArea); +} + +void +grub_Tss2_MU_TPM2B_SENSITIVE_CREATE_Marshal (grub_tpm2_buffer_t buffer, + const TPM2B_SENSITIVE_CREATE_t *sensitiveCreate) +{ + grub_uint32_t start; + grub_uint16_t size; + + if (sensitiveCreate) + { + grub_tpm2_buffer_pack_u16 (buffer, sensitiveCreate->size); + start = buffer->size; + grub_Tss2_MU_TPMS_SENSITIVE_CREATE_Marshal (buffer, &sensitiveCreate->sensitive); + size = grub_cpu_to_be16 (buffer->size - start); + + grub_memcpy (&buffer->data[start - sizeof (grub_uint16_t)], &size, sizeof (size)); + } + else + grub_tpm2_buffer_pack_u16 (buffer, 0); +} + +void +grub_Tss2_MU_TPMS_SIGNATURE_RSA_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SIGNATURE_RSA_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->hash); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->sig.size, p->sig.buffer); +} + +void +grub_Tss2_MU_TPMS_SIGNATURE_ECC_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SIGNATURE_ECC_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->hash); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->signatureR.size, p->signatureR.buffer); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->signatureS.size, p->signatureS.buffer); +} + +void +grub_Tss2_MU_TPMU_HA_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_HASH_t hashAlg, + const TPMU_HA_t *p) +{ + grub_uint16_t i; + + switch (hashAlg) + { + case TPM_ALG_SHA1: + for (i = 0; i < TPM_SHA1_DIGEST_SIZE; i++) + grub_tpm2_buffer_pack_u8 (buffer, p->sha1[i]); + break; + case TPM_ALG_SHA256: + for (i = 0; i < TPM_SHA256_DIGEST_SIZE; i++) + grub_tpm2_buffer_pack_u8 (buffer, p->sha256[i]); + break; + case TPM_ALG_SHA384: + for (i = 0; i < TPM_SHA384_DIGEST_SIZE; i++) + grub_tpm2_buffer_pack_u8 (buffer, p->sha384[i]); + break; + case TPM_ALG_SHA512: + for (i = 0; i < TPM_SHA512_DIGEST_SIZE; i++) + grub_tpm2_buffer_pack_u8 (buffer, p->sha512[i]); + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_HA_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_HA_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->hashAlg); + grub_Tss2_MU_TPMU_HA_Marshal (buffer, p->hashAlg, &p->digest); +} + +void +grub_Tss2_MU_TPMU_SIGNATURE_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_SIG_SCHEME_t sigAlg, + const TPMU_SIGNATURE_t *p) +{ + switch (sigAlg) + { + case TPM_ALG_RSASSA: + grub_Tss2_MU_TPMS_SIGNATURE_RSA_Marshal (buffer, (TPMS_SIGNATURE_RSA_t *) &p->rsassa); + break; + case TPM_ALG_RSAPSS: + grub_Tss2_MU_TPMS_SIGNATURE_RSA_Marshal (buffer, (TPMS_SIGNATURE_RSA_t *) &p->rsapss); + break; + case TPM_ALG_ECDSA: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC_t *) &p->ecdsa); + break; + case TPM_ALG_ECDAA: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC_t *) &p->ecdaa); + break; + case TPM_ALG_SM2: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC_t *) &p->sm2); + break; + case TPM_ALG_ECSCHNORR: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC_t *) &p->ecschnorr); + break; + case TPM_ALG_HMAC: + grub_Tss2_MU_TPMT_HA_Marshal (buffer, &p->hmac); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_SIGNATURE_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SIGNATURE_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->sigAlg); + grub_Tss2_MU_TPMU_SIGNATURE_Marshal (buffer, p->sigAlg, &p->signature); +} + +void +grub_Tss2_MU_TPMT_TK_VERIFIED_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_TK_VERIFIED_t *p) +{ + grub_tpm2_buffer_pack_u16 (buffer, p->tag); + grub_tpm2_buffer_pack_u32 (buffer, p->hierarchy); + grub_Tss2_MU_TPM2B_Marshal (buffer, p->digest.size, p->digest.buffer); +} + +static void +__Tss2_MU_TPM2B_BUFFER_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_t *p, grub_uint16_t bound) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->size); + + if (p->size > bound) + { + buffer->error = 1; + return; + } + + grub_tpm2_buffer_unpack (buffer, &p->buffer, p->size); +} + +#define TPM2B_BUFFER_UNMARSHAL(buffer, type, data) \ + __Tss2_MU_TPM2B_BUFFER_Unmarshal(buffer, (TPM2B_t *)data, sizeof(type) - sizeof(grub_uint16_t)) + +void +grub_Tss2_MU_TPMS_AUTH_RESPONSE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_AUTH_RESPONSE_t *p) +{ + grub_uint8_t tmp; + grub_uint32_t tmp32; + + grub_tpm2_buffer_unpack_u16 (buffer, &p->nonce.size); + + if (p->nonce.size) + grub_tpm2_buffer_unpack (buffer, &p->nonce.buffer, p->nonce.size); + + grub_tpm2_buffer_unpack_u8 (buffer, &tmp); + tmp32 = tmp; + grub_memcpy (&p->sessionAttributes, &tmp32, sizeof (grub_uint32_t)); + + grub_tpm2_buffer_unpack_u16 (buffer, &p->hmac.size); + + if (p->hmac.size) + grub_tpm2_buffer_unpack (buffer, &p->hmac.buffer, p->hmac.size); +} + +void +grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_DIGEST_t *digest) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_DIGEST_t, digest); +} + +void +grub_Tss2_MU_TPM2B_NONCE_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_NONCE_t *nonce) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_NONCE_t, nonce); +} + +void +grub_Tss2_MU_TPM2B_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_DATA_t *data) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_DATA_t, data); +} + +void +grub_Tss2_MU_TPMS_CREATION_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_CREATION_DATA_t *data) +{ + grub_Tss2_MU_TPML_PCR_SELECTION_Unmarshal (buffer, &data->pcrSelect); + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &data->pcrDigest); + grub_tpm2_buffer_unpack_u8 (buffer, (grub_uint8_t *)&data->locality); + grub_tpm2_buffer_unpack_u16 (buffer, &data->parentNameAlg); + grub_Tss2_MU_TPM2B_NAME_Unmarshal (buffer, &data->parentName); + grub_Tss2_MU_TPM2B_NAME_Unmarshal (buffer, &data->parentQualifiedName); + grub_Tss2_MU_TPM2B_DATA_Unmarshal (buffer, &data->outsideInfo); +} + +void +grub_Tss2_MU_TPM2B_CREATION_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_CREATION_DATA_t *data) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &data->size); + grub_Tss2_MU_TPMS_CREATION_DATA_Unmarshal (buffer, &data->creationData); +} + +void +grub_Tss2_MU_TPM2B_PRIVATE_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_PRIVATE_t *private) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_PRIVATE_t, private); +} + +void +grub_Tss2_MU_TPM2B_SENSITIVE_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_SENSITIVE_DATA_t *data) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_SENSITIVE_DATA_t, data); +} + +void +grub_Tss2_MU_TPM2B_PUBLIC_KEY_RSA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_PUBLIC_KEY_RSA_t *rsa) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_PUBLIC_KEY_RSA_t, rsa); +} + +void +grub_Tss2_MU_TPM2B_ECC_PARAMETER_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_ECC_PARAMETER_t *param) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_ECC_PARAMETER_t, param); +} + +void +grub_Tss2_MU_TPMA_OBJECT_Unmarshal (grub_tpm2_buffer_t buffer, + TPMA_OBJECT_t *p) +{ + grub_tpm2_buffer_unpack_u32 (buffer, (grub_uint32_t *) p); +} + +void +grub_Tss2_MU_TPMS_SCHEME_HMAC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SCHEME_HMAC_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->hashAlg); +} + +void +grub_Tss2_MU_TPMS_SCHEME_XOR_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SCHEME_XOR_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->hashAlg); + grub_tpm2_buffer_unpack_u16 (buffer, &p->kdf); +} + +void +grub_Tss2_MU_TPMU_SCHEME_KEYEDHASH_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_KEYEDHASH_SCHEME_t scheme, + TPMU_SCHEME_KEYEDHASH_t *p) +{ + switch (scheme) + { + case TPM_ALG_HMAC: + grub_Tss2_MU_TPMS_SCHEME_HMAC_Unmarshal (buffer, &p->hmac); + break; + case TPM_ALG_XOR: + grub_Tss2_MU_TPMS_SCHEME_XOR_Unmarshal (buffer, &p->exclusiveOr); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_KEYEDHASH_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_KEYEDHASH_SCHEME_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->scheme); + grub_Tss2_MU_TPMU_SCHEME_KEYEDHASH_Unmarshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMS_KEYEDHASH_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_KEYEDHASH_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_KEYEDHASH_SCHEME_Unmarshal (buffer, &p->scheme); +} + +void +grub_Tss2_MU_TPMU_SYM_KEY_BITS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_SYM_OBJECT_t algorithm, + TPMU_SYM_KEY_BITS_t *p) +{ + switch (algorithm) + { + case TPM_ALG_AES: + case TPM_ALG_SM4: + case TPM_ALG_CAMELLIA: + case TPM_ALG_XOR: + grub_tpm2_buffer_unpack_u16 (buffer, (grub_uint16_t *) p); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMU_SYM_MODE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_SYM_OBJECT_t algorithm, + TPMU_SYM_MODE_t *p) +{ + switch (algorithm) + { + case TPM_ALG_AES: + case TPM_ALG_SM4: + case TPM_ALG_CAMELLIA: + grub_tpm2_buffer_unpack_u16 (buffer, (grub_uint16_t *) p); + break; + case TPM_ALG_XOR: + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_SYM_DEF_OBJECT_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->algorithm); + grub_Tss2_MU_TPMU_SYM_KEY_BITS_Unmarshal (buffer, p->algorithm, &p->keyBits); + grub_Tss2_MU_TPMU_SYM_MODE_Unmarshal (buffer, p->algorithm, &p->mode); +} + +void +grub_Tss2_MU_TPMS_SYMCIPHER_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SYMCIPHER_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Unmarshal (buffer, &p->sym); +} + +void +grub_Tss2_MU_TPMU_ASYM_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_RSA_DECRYPT_t scheme, + TPMU_ASYM_SCHEME_t *p __attribute__((unused))) +{ + switch (scheme) + { + case TPM_ALG_NULL: + break; + default: + /* Unsupported */ + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_RSA_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_RSA_SCHEME_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->scheme); + grub_Tss2_MU_TPMU_ASYM_SCHEME_Unmarshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMS_RSA_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_RSA_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Unmarshal (buffer, &p->symmetric); + grub_Tss2_MU_TPMT_RSA_SCHEME_Unmarshal (buffer, &p->scheme); + grub_tpm2_buffer_unpack_u16 (buffer, &p->keyBits); + grub_tpm2_buffer_unpack_u32 (buffer, &p->exponent); +} + +void +grub_Tss2_MU_TPMT_ECC_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_ECC_SCHEME_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->scheme); + grub_Tss2_MU_TPMU_ASYM_SCHEME_Unmarshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMU_KDF_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_KDF_t scheme, + TPMU_KDF_SCHEME_t *p) +{ + switch (scheme) + { + case TPM_ALG_MGF1: + grub_tpm2_buffer_unpack_u16 (buffer, &p->mgf1.hashAlg); + break; + case TPM_ALG_KDF1_SP800_56A: + grub_tpm2_buffer_unpack_u16 (buffer, &p->kdf1_sp800_56a.hashAlg); + break; + case TPM_ALG_KDF2: + grub_tpm2_buffer_unpack_u16 (buffer, &p->kdf2.hashAlg); + break; + case TPM_ALG_KDF1_SP800_108: + grub_tpm2_buffer_unpack_u16 (buffer, &p->kdf1_sp800_108.hashAlg); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_KDF_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_KDF_SCHEME_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->scheme); + grub_Tss2_MU_TPMU_KDF_SCHEME_Unmarshal (buffer, p->scheme, &p->details); +} + +void +grub_Tss2_MU_TPMS_ECC_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_ECC_PARMS_t *p) +{ + grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Unmarshal (buffer, &p->symmetric); + grub_Tss2_MU_TPMT_ECC_SCHEME_Unmarshal (buffer, &p->scheme ); + grub_tpm2_buffer_unpack_u16 (buffer, &p->curveID); + grub_Tss2_MU_TPMT_KDF_SCHEME_Unmarshal (buffer, &p->kdf); +} + +void +grub_Tss2_MU_TPMU_PUBLIC_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + grub_uint32_t type, + TPMU_PUBLIC_PARMS_t *p) +{ + switch (type) + { + case TPM_ALG_KEYEDHASH: + grub_Tss2_MU_TPMS_KEYEDHASH_PARMS_Unmarshal (buffer, &p->keyedHashDetail); + break; + case TPM_ALG_SYMCIPHER: + grub_Tss2_MU_TPMS_SYMCIPHER_PARMS_Unmarshal (buffer, &p->symDetail); + break; + case TPM_ALG_RSA: + grub_Tss2_MU_TPMS_RSA_PARMS_Unmarshal (buffer, &p->rsaDetail); + break; + case TPM_ALG_ECC: + grub_Tss2_MU_TPMS_ECC_PARMS_Unmarshal (buffer, &p->eccDetail); + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMS_ECC_POINT_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_ECC_POINT_t *p) +{ + grub_Tss2_MU_TPM2B_ECC_PARAMETER_Unmarshal (buffer, &p->x); + grub_Tss2_MU_TPM2B_ECC_PARAMETER_Unmarshal (buffer, &p->y); +} + +void +grub_Tss2_MU_TPMU_PUBLIC_ID_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_PUBLIC_t type, + TPMU_PUBLIC_ID_t *p) +{ + switch(type) + { + case TPM_ALG_KEYEDHASH: + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &p->keyedHash); + break; + case TPM_ALG_SYMCIPHER: + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &p->sym); + break; + case TPM_ALG_RSA: + grub_Tss2_MU_TPM2B_PUBLIC_KEY_RSA_Unmarshal (buffer, &p->rsa); + break; + case TPM_ALG_ECC: + grub_Tss2_MU_TPMS_ECC_POINT_Unmarshal (buffer, &p->ecc); + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_PUBLIC_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->type); + grub_tpm2_buffer_unpack_u16 (buffer, &p->nameAlg); + grub_Tss2_MU_TPMA_OBJECT_Unmarshal (buffer, &p->objectAttributes); + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &p->authPolicy); + grub_Tss2_MU_TPMU_PUBLIC_PARMS_Unmarshal (buffer, p->type, &p->parameters); + grub_Tss2_MU_TPMU_PUBLIC_ID_Unmarshal (buffer, p->type, &p->unique); +} + +void +grub_Tss2_MU_TPM2B_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_PUBLIC_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->size); + grub_Tss2_MU_TPMT_PUBLIC_Unmarshal (buffer, &p->publicArea); +} + +void +grub_Tss2_MU_TPMS_NV_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_NV_PUBLIC_t *p) +{ + grub_tpm2_buffer_unpack_u32 (buffer, &p->nvIndex); + grub_tpm2_buffer_unpack_u16 (buffer, &p->nameAlg); + grub_tpm2_buffer_unpack_u32 (buffer, &p->attributes); + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &p->authPolicy); + grub_tpm2_buffer_unpack_u16 (buffer, &p->dataSize); +} + +void +grub_Tss2_MU_TPM2B_NV_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_NV_PUBLIC_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->size); + grub_Tss2_MU_TPMS_NV_PUBLIC_Unmarshal (buffer, &p->nvPublic); +} + +void +grub_Tss2_MU_TPM2B_NAME_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_NAME_t *n) +{ + TPM2B_BUFFER_UNMARSHAL (buffer, TPM2B_NAME_t, n); +} + +void +grub_Tss2_MU_TPMS_TAGGED_PROPERTY_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_TAGGED_PROPERTY_t *property) +{ + grub_tpm2_buffer_unpack_u32 (buffer, &property->property); + grub_tpm2_buffer_unpack_u32 (buffer, &property->value); +} + +void +grub_Tss2_MU_TPMT_TK_CREATION_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_TK_CREATION_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->tag); + grub_tpm2_buffer_unpack_u32 (buffer, &p->hierarchy); + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &p->digest); +} + +void +grub_Tss2_MU_TPMT_TK_HASHCHECK_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_TK_HASHCHECK_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->tag); + grub_tpm2_buffer_unpack_u32 (buffer, &p->hierarchy); + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &p->digest); +} + +void +grub_Tss2_MU_TPMT_TK_VERIFIED_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_TK_VERIFIED_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->tag); + grub_tpm2_buffer_unpack_u32 (buffer, &p->hierarchy); + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &p->digest); +} + +void +grub_Tss2_MU_TPMS_PCR_SELECTION_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_PCR_SELECTION_t *pcrSelection) +{ + grub_uint32_t i; + + grub_tpm2_buffer_unpack_u16 (buffer, &pcrSelection->hash); + grub_tpm2_buffer_unpack_u8 (buffer, &pcrSelection->sizeOfSelect); + + if (pcrSelection->sizeOfSelect > TPM_PCR_SELECT_MAX) + { + buffer->error = 1; + return; + } + + for (i = 0; i < pcrSelection->sizeOfSelect; i++) + grub_tpm2_buffer_unpack_u8 (buffer, &pcrSelection->pcrSelect[i]); +} + +void +grub_Tss2_MU_TPML_PCR_SELECTION_Unmarshal (grub_tpm2_buffer_t buffer, + TPML_PCR_SELECTION_t *pcrSelection) +{ + grub_uint32_t i; + + grub_tpm2_buffer_unpack_u32 (buffer, &pcrSelection->count); + + if (pcrSelection->count > TPM_NUM_PCR_BANKS) + { + buffer->error = 1; + return; + } + + for (i = 0; i < pcrSelection->count; i++) + grub_Tss2_MU_TPMS_PCR_SELECTION_Unmarshal (buffer, &pcrSelection->pcrSelections[i]); +} + +void +grub_Tss2_MU_TPML_DIGEST_Unmarshal (grub_tpm2_buffer_t buffer, + TPML_DIGEST_t *digest) +{ + grub_uint32_t i; + + grub_tpm2_buffer_unpack_u32 (buffer, &digest->count); + + if (digest->count > 8) + { + buffer->error = 1; + return; + } + + for (i = 0; i < digest->count; i++) + grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (buffer, &digest->digests[i]); +} + +void +grub_Tss2_MU_TPMS_SIGNATURE_RSA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SIGNATURE_RSA_t *rsa) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &rsa->hash); + grub_Tss2_MU_TPM2B_PUBLIC_KEY_RSA_Unmarshal (buffer, &rsa->sig); +} + +void +grub_Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SIGNATURE_ECC_t *ecc) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &ecc->hash); + grub_Tss2_MU_TPM2B_ECC_PARAMETER_Unmarshal (buffer, &ecc->signatureR); + grub_Tss2_MU_TPM2B_ECC_PARAMETER_Unmarshal (buffer, &ecc->signatureS); +} + +void +grub_Tss2_MU_TPMU_HA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_HASH_t hashAlg, + TPMU_HA_t *p) +{ + switch (hashAlg) + { + case TPM_ALG_SHA1: + grub_tpm2_buffer_unpack (buffer, &p->sha1, TPM_SHA1_DIGEST_SIZE); + break; + case TPM_ALG_SHA256: + grub_tpm2_buffer_unpack (buffer, &p->sha256, TPM_SHA256_DIGEST_SIZE); + break; + case TPM_ALG_SHA384: + grub_tpm2_buffer_unpack (buffer, &p->sha384, TPM_SHA384_DIGEST_SIZE); + break; + case TPM_ALG_SHA512: + grub_tpm2_buffer_unpack (buffer, &p->sha512, TPM_SHA512_DIGEST_SIZE); + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_HA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_HA_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->hashAlg); + grub_Tss2_MU_TPMU_HA_Unmarshal (buffer, p->hashAlg, &p->digest); +} + +void +grub_Tss2_MU_TPMU_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_SIG_SCHEME_t sigAlg, + TPMU_SIGNATURE_t *p) +{ + switch (sigAlg) + { + case TPM_ALG_RSASSA: + grub_Tss2_MU_TPMS_SIGNATURE_RSA_Unmarshal (buffer, (TPMS_SIGNATURE_RSA_t *)&p->rsassa); + break; + case TPM_ALG_RSAPSS: + grub_Tss2_MU_TPMS_SIGNATURE_RSA_Unmarshal (buffer, (TPMS_SIGNATURE_RSA_t *)&p->rsapss); + break; + case TPM_ALG_ECDSA: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC_t *)&p->ecdsa); + break; + case TPM_ALG_ECDAA: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC_t *)&p->ecdaa); + break; + case TPM_ALG_SM2: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC_t *)&p->sm2); + break; + case TPM_ALG_ECSCHNORR: + grub_Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC_t *)&p->ecschnorr); + break; + case TPM_ALG_HMAC: + grub_Tss2_MU_TPMT_HA_Unmarshal (buffer, &p->hmac); + break; + case TPM_ALG_NULL: + break; + default: + buffer->error = 1; + break; + } +} + +void +grub_Tss2_MU_TPMT_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_SIGNATURE_t *p) +{ + grub_tpm2_buffer_unpack_u16 (buffer, &p->sigAlg); + grub_Tss2_MU_TPMU_SIGNATURE_Unmarshal (buffer, p->sigAlg, &p->signature); +} diff --git a/grub-core/lib/tss2/tss2_mu.h b/grub-core/lib/tss2/tss2_mu.h new file mode 100644 index 000000000..8f82126e1 --- /dev/null +++ b/grub-core/lib/tss2/tss2_mu.h @@ -0,0 +1,397 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2022 Microsoft Corporation + * Copyright (C) 2024 Free Software Foundation, Inc. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef GRUB_TPM2_MU_HEADER +#define GRUB_TPM2_MU_HEADER 1 + +#include <tss2_buffer.h> +#include <tss2_structs.h> + +extern void +grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_AUTH_COMMAND_t *authCommand); + +extern void +grub_Tss2_MU_TPM2B_Marshal (grub_tpm2_buffer_t buffer, + const grub_uint16_t size, + const grub_uint8_t *b); + +extern void +grub_Tss2_MU_TPMU_SYM_KEY_BITS_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_SYM_OBJECT_t algorithm, + const TPMU_SYM_KEY_BITS_t *p); + +extern void +grub_Tss2_MU_TPMU_SYM_MODE_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_SYM_OBJECT_t algorithm, + const TPMU_SYM_MODE_t *p); + +extern void +grub_Tss2_MU_TPMT_SYM_DEF_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SYM_DEF_t *p); + +extern void +grub_Tss2_MU_TPMS_PCR_SELECTION_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_PCR_SELECTION_t *pcrSelection); + +extern void +grub_Tss2_MU_TPML_PCR_SELECTION_Marshal (grub_tpm2_buffer_t buffer, + const TPML_PCR_SELECTION_t *pcrSelection); + +extern void +grub_Tss2_MU_TPMA_OBJECT_Marshal (grub_tpm2_buffer_t buffer, + const TPMA_OBJECT_t *p); + +extern void +grub_Tss2_MU_TPMS_SCHEME_XOR_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SCHEME_XOR_t *p); + +extern void +grub_Tss2_MU_TPMS_SCHEME_HMAC_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SCHEME_HMAC_t *p); + +extern void +grub_Tss2_MU_TPMU_SCHEME_KEYEDHASH_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_KEYEDHASH_SCHEME_t scheme, + const TPMU_SCHEME_KEYEDHASH_t *p); + +extern void +grub_Tss2_MU_TPMT_KEYEDHASH_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_KEYEDHASH_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMS_KEYEDHASH_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_KEYEDHASH_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SYM_DEF_OBJECT_t *p); + +extern void +grub_Tss2_MU_TPMU_ASYM_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_RSA_DECRYPT_t scheme, + const TPMU_ASYM_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMT_RSA_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_RSA_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMS_RSA_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_RSA_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMS_SYMCIPHER_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SYMCIPHER_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMT_ECC_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_ECC_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMU_KDF_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_KDF_t scheme, + const TPMU_KDF_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMT_KDF_SCHEME_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_KDF_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMS_ECC_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_ECC_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMU_PUBLIC_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const grub_uint32_t type, + const TPMU_PUBLIC_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMS_ECC_POINT_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_ECC_POINT_t *p); + +extern void +grub_Tss2_MU_TPMU_PUBLIC_ID_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_PUBLIC_t type, + const TPMU_PUBLIC_ID_t *p); + +extern void +grub_Tss2_MU_TPMT_PUBLIC_PARMS_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_PUBLIC_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMT_PUBLIC_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_PUBLIC_t *p); + +extern void +grub_Tss2_MU_TPM2B_PUBLIC_Marshal (grub_tpm2_buffer_t buffer, + const TPM2B_PUBLIC_t *p); + +extern void +grub_Tss2_MU_TPMS_SENSITIVE_CREATE_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SENSITIVE_CREATE_t *p); + +extern void +grub_Tss2_MU_TPM2B_SENSITIVE_CREATE_Marshal (grub_tpm2_buffer_t buffer, + const TPM2B_SENSITIVE_CREATE_t *sensitiveCreate); + +extern void +grub_Tss2_MU_TPMU_SENSITIVE_COMPOSITE_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_PUBLIC_t type, + const TPMU_SENSITIVE_COMPOSITE_t *p); +extern void +grub_Tss2_MU_TPMT_SENSITIVE_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SENSITIVE_t *p); + +extern void +grub_Tss2_MU_TPM2B_SENSITIVE_Marshal (grub_tpm2_buffer_t buffer, + const TPM2B_SENSITIVE_t *p); + +extern void +grub_Tss2_MU_TPMS_SIGNATURE_RSA_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SIGNATURE_RSA_t *p); + +extern void +grub_Tss2_MU_TPMS_SIGNATURE_ECC_Marshal (grub_tpm2_buffer_t buffer, + const TPMS_SIGNATURE_ECC_t *p); + +extern void +grub_Tss2_MU_TPMU_HA_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_HASH_t hashAlg, + const TPMU_HA_t *p); + +extern void +grub_Tss2_MU_TPMT_HA_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_HA_t *p); + +extern void +grub_Tss2_MU_TPMU_SIGNATURE_Marshal (grub_tpm2_buffer_t buffer, + const TPMI_ALG_SIG_SCHEME_t sigAlg, + const TPMU_SIGNATURE_t *p); + +extern void +grub_Tss2_MU_TPMT_SIGNATURE_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_SIGNATURE_t *p); + +extern void +grub_Tss2_MU_TPMT_TK_VERIFIED_Marshal (grub_tpm2_buffer_t buffer, + const TPMT_TK_VERIFIED_t *p); + +extern void +grub_Tss2_MU_TPMS_AUTH_RESPONSE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_AUTH_RESPONSE_t *p); + +extern void +grub_Tss2_MU_TPM2B_DIGEST_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_DIGEST_t *digest); + +extern void +grub_Tss2_MU_TPM2B_NONCE_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_NONCE_t *nonce); + +extern void +grub_Tss2_MU_TPM2B_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_DATA_t *data); + +extern void +grub_Tss2_MU_TPMS_CREATION_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_CREATION_DATA_t *data); + +extern void +grub_Tss2_MU_TPM2B_CREATION_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_CREATION_DATA_t *data); + +extern void +grub_Tss2_MU_TPM2B_PRIVATE_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_PRIVATE_t *private); + +extern void +grub_Tss2_MU_TPM2B_SENSITIVE_DATA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_SENSITIVE_DATA_t *data); + +extern void +grub_Tss2_MU_TPM2B_PUBLIC_KEY_RSA_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_PUBLIC_KEY_RSA_t *rsa); + +extern void +grub_Tss2_MU_TPM2B_ECC_PARAMETER_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_ECC_PARAMETER_t *param); + +extern void +grub_Tss2_MU_TPMA_OBJECT_Unmarshal (grub_tpm2_buffer_t buffer, + TPMA_OBJECT_t *p); + +extern void +grub_Tss2_MU_TPMS_SCHEME_HMAC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SCHEME_HMAC_t *p); + +extern void +grub_Tss2_MU_TPMS_SCHEME_XOR_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SCHEME_XOR_t *p); + +extern void +grub_Tss2_MU_TPMU_SCHEME_KEYEDHASH_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_KEYEDHASH_SCHEME_t scheme, + TPMU_SCHEME_KEYEDHASH_t *p); + +extern void +grub_Tss2_MU_TPMT_KEYEDHASH_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_KEYEDHASH_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMS_KEYEDHASH_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_KEYEDHASH_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMU_SYM_KEY_BITS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_SYM_OBJECT_t algorithm, + TPMU_SYM_KEY_BITS_t *p); + +extern void +grub_Tss2_MU_TPMU_SYM_MODE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_SYM_OBJECT_t algorithm, + TPMU_SYM_MODE_t *p); + +extern void +grub_Tss2_MU_TPMT_SYM_DEF_OBJECT_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_SYM_DEF_OBJECT_t *p); + +extern void +grub_Tss2_MU_TPMS_SYMCIPHER_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SYMCIPHER_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMU_ASYM_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_RSA_DECRYPT_t scheme, + TPMU_ASYM_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMT_RSA_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_RSA_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMS_RSA_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_RSA_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMT_ECC_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_ECC_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMU_KDF_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_KDF_t scheme, + TPMU_KDF_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMT_KDF_SCHEME_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_KDF_SCHEME_t *p); + +extern void +grub_Tss2_MU_TPMS_ECC_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_ECC_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMU_PUBLIC_PARMS_Unmarshal (grub_tpm2_buffer_t buffer, + grub_uint32_t type, + TPMU_PUBLIC_PARMS_t *p); + +extern void +grub_Tss2_MU_TPMS_ECC_POINT_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_ECC_POINT_t *p); + +extern void +grub_Tss2_MU_TPMU_PUBLIC_ID_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_PUBLIC_t type, + TPMU_PUBLIC_ID_t *p); + +extern void +grub_Tss2_MU_TPMT_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_PUBLIC_t *p); + +extern void +grub_Tss2_MU_TPM2B_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_PUBLIC_t *p); + +extern void +grub_Tss2_MU_TPMS_NV_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_NV_PUBLIC_t *p); + +extern void +grub_Tss2_MU_TPM2B_NV_PUBLIC_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_NV_PUBLIC_t *p); + +extern void +grub_Tss2_MU_TPM2B_NAME_Unmarshal (grub_tpm2_buffer_t buffer, + TPM2B_NAME_t *n); + +extern void +grub_Tss2_MU_TPMS_TAGGED_PROPERTY_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_TAGGED_PROPERTY_t *property); + +extern void +grub_Tss2_MU_TPMT_TK_CREATION_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_TK_CREATION_t *p); + +extern void +grub_Tss2_MU_TPMT_TK_HASHCHECK_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_TK_HASHCHECK_t *p); + +extern void +grub_Tss2_MU_TPMT_TK_VERIFIED_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_TK_VERIFIED_t *p); + +extern void +grub_Tss2_MU_TPMS_PCR_SELECTION_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_PCR_SELECTION_t *pcrSelection); + +extern void +grub_Tss2_MU_TPML_PCR_SELECTION_Unmarshal (grub_tpm2_buffer_t buffer, + TPML_PCR_SELECTION_t *pcrSelection); + +extern void +grub_Tss2_MU_TPML_DIGEST_Unmarshal (grub_tpm2_buffer_t buffer, + TPML_DIGEST_t *digest); + +extern void +grub_Tss2_MU_TPMS_SIGNATURE_RSA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SIGNATURE_RSA_t *p); + +extern void +grub_Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal (grub_tpm2_buffer_t buffer, + TPMS_SIGNATURE_ECC_t *p); + +extern void +grub_Tss2_MU_TPMU_HA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_HASH_t hashAlg, + TPMU_HA_t *p); + +extern void +grub_Tss2_MU_TPMT_HA_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_HA_t *p); + +extern void +grub_Tss2_MU_TPMU_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMI_ALG_SIG_SCHEME_t sigAlg, + TPMU_SIGNATURE_t *p); + +extern void +grub_Tss2_MU_TPMT_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buffer, + TPMT_SIGNATURE_t *p); + +#endif /* ! GRUB_TPM2_MU_HEADER */ diff --git a/grub-core/lib/tss2/tss2_structs.h b/grub-core/lib/tss2/tss2_structs.h new file mode 100644 index 000000000..3f6ace3f9 --- /dev/null +++ b/grub-core/lib/tss2/tss2_structs.h @@ -0,0 +1,773 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2022 Microsoft Corporation + * Copyright (C) 2024 Free Software Foundation, Inc. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef GRUB_TPM2_INTERNAL_STRUCTS_HEADER +#define GRUB_TPM2_INTERNAL_STRUCTS_HEADER 1 + +#include <tss2_types.h> + +/* TPMS_TAGGED_PROPERTY Structure */ +struct TPMS_TAGGED_PROPERTY +{ + TPM_PT_t property; + grub_uint32_t value; +}; +typedef struct TPMS_TAGGED_PROPERTY TPMS_TAGGED_PROPERTY_t; + +/* TPML_TAGGED_TPM_PROPERTY Structure */ +struct TPML_TAGGED_TPM_PROPERTY +{ + grub_uint32_t count; + TPMS_TAGGED_PROPERTY_t tpmProperty[TPM_MAX_TPM_PROPERTIES]; +}; +typedef struct TPML_TAGGED_TPM_PROPERTY TPML_TAGGED_TPM_PROPERTY_t; + +/* TPMU_CAPABILITIES Structure */ +union TPMU_CAPABILITIES +{ + TPML_TAGGED_TPM_PROPERTY_t tpmProperties; +}; +typedef union TPMU_CAPABILITIES TPMU_CAPABILITIES_t; + +/* TPMS_CAPABILITY_DATA Structure */ +struct TPMS_CAPABILITY_DATA +{ + TPM_CAP_t capability; + TPMU_CAPABILITIES_t data; +}; +typedef struct TPMS_CAPABILITY_DATA TPMS_CAPABILITY_DATA_t; + +/* TPMS_PCR_SELECT Structure */ +struct TPMS_PCR_SELECT +{ + grub_uint8_t sizeOfSelect; + grub_uint8_t pcrSelect[TPM_PCR_SELECT_MAX]; +}; +typedef struct TPMS_PCR_SELECT TPMS_PCR_SELECT_t; + +/* TPMS_PCR_SELECTION Structure */ +struct TPMS_PCR_SELECTION +{ + TPMI_ALG_HASH_t hash; + grub_uint8_t sizeOfSelect; + grub_uint8_t pcrSelect[TPM_PCR_SELECT_MAX]; +}; +typedef struct TPMS_PCR_SELECTION TPMS_PCR_SELECTION_t; + +static inline void TPMS_PCR_SELECTION_SelectPCR(TPMS_PCR_SELECTION_t *self, grub_uint32_t n) +{ + self->pcrSelect[(n / 8)] |= (1 << (n % 8)); +} + +/* TPML_PCR_SELECTION Structure */ +struct TPML_PCR_SELECTION +{ + grub_uint32_t count; + TPMS_PCR_SELECTION_t pcrSelections[TPM_NUM_PCR_BANKS]; +}; +typedef struct TPML_PCR_SELECTION TPML_PCR_SELECTION_t; + +/* TPMU_HA Structure */ +union TPMU_HA +{ + grub_uint8_t sha1[TPM_SHA1_DIGEST_SIZE]; + grub_uint8_t sha256[TPM_SHA256_DIGEST_SIZE]; + grub_uint8_t sha384[TPM_SHA384_DIGEST_SIZE]; + grub_uint8_t sha512[TPM_SHA512_DIGEST_SIZE]; + grub_uint8_t sm3_256[TPM_SM3_256_DIGEST_SIZE]; +}; +typedef union TPMU_HA TPMU_HA_t; + +/* TPM2B Structure */ +struct TPM2B +{ + grub_uint16_t size; + grub_uint8_t buffer[1]; +}; +typedef struct TPM2B TPM2B_t; + +/* TPM2B_DIGEST Structure */ +struct TPM2B_DIGEST +{ + grub_uint16_t size; + grub_uint8_t buffer[sizeof(TPMU_HA_t)]; +}; +typedef struct TPM2B_DIGEST TPM2B_DIGEST_t; + +/* TPML_DIGEST Structure */ +struct TPML_DIGEST +{ + grub_uint32_t count; + TPM2B_DIGEST_t digests[8]; +}; +typedef struct TPML_DIGEST TPML_DIGEST_t; + +/* TPM2B_NONCE Type */ +typedef TPM2B_DIGEST_t TPM2B_NONCE_t; + +/* TPMA_SESSION Structure */ +struct TPMA_SESSION +{ + grub_uint8_t continueSession:1; + grub_uint8_t auditExclusive:1; + grub_uint8_t auditReset:1; + grub_uint8_t reserved:2; + grub_uint8_t decrypt:1; + grub_uint8_t encrypt:1; + grub_uint8_t audit:1; +}; +typedef struct TPMA_SESSION TPMA_SESSION_t; + +/* TPM2B_AUTH Type */ +typedef TPM2B_DIGEST_t TPM2B_AUTH_t; + +/* TPMS_AUTH_COMMAND Structure */ +struct TPMS_AUTH_COMMAND +{ + TPMI_SH_AUTH_SESSION_t sessionHandle; + TPM2B_NONCE_t nonce; + TPMA_SESSION_t sessionAttributes; + TPM2B_AUTH_t hmac; +}; +typedef struct TPMS_AUTH_COMMAND TPMS_AUTH_COMMAND_t; + +/* TPMS_AUTH_RESPONSE Structure */ +struct TPMS_AUTH_RESPONSE +{ + TPM2B_NONCE_t nonce; + TPMA_SESSION_t sessionAttributes; + TPM2B_AUTH_t hmac; +}; +typedef struct TPMS_AUTH_RESPONSE TPMS_AUTH_RESPONSE_t; + +/* TPM2B_SENSITIVE_DATA Structure */ +struct TPM2B_SENSITIVE_DATA +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_MAX_SYM_DATA]; +}; +typedef struct TPM2B_SENSITIVE_DATA TPM2B_SENSITIVE_DATA_t; + +/* TPMS_SENSITIVE_CREATE Structure */ +struct TPMS_SENSITIVE_CREATE +{ + TPM2B_AUTH_t userAuth; + TPM2B_SENSITIVE_DATA_t data; +}; +typedef struct TPMS_SENSITIVE_CREATE TPMS_SENSITIVE_CREATE_t; + +/* TPM2B_SENSITIVE_CREATE Structure */ +struct TPM2B_SENSITIVE_CREATE +{ + grub_uint16_t size; + TPMS_SENSITIVE_CREATE_t sensitive; +}; +typedef struct TPM2B_SENSITIVE_CREATE TPM2B_SENSITIVE_CREATE_t; + +/* TPMA_OBJECT Structure */ +struct TPMA_OBJECT +{ + grub_uint32_t reserved1:1; + grub_uint32_t fixedTPM:1; + grub_uint32_t stClear:1; + grub_uint32_t reserved2:1; + grub_uint32_t fixedParent:1; + grub_uint32_t sensitiveDataOrigin:1; + grub_uint32_t userWithAuth:1; + grub_uint32_t adminWithPolicy:1; + grub_uint32_t reserved3:2; + grub_uint32_t noDA:1; + grub_uint32_t encryptedDuplication:1; + grub_uint32_t reserved4:4; + grub_uint32_t restricted:1; + grub_uint32_t decrypt:1; + grub_uint32_t sign:1; + grub_uint32_t reserved5:13; +}; +typedef struct TPMA_OBJECT TPMA_OBJECT_t; + +/* TPMS_SCHEME_HASH Structure */ +struct TPMS_SCHEME_HASH +{ + TPMI_ALG_HASH_t hashAlg; +}; +typedef struct TPMS_SCHEME_HASH TPMS_SCHEME_HASH_t; + +/* TPMS_SCHEME_HASH Types */ +typedef TPMS_SCHEME_HASH_t TPMS_KEY_SCHEME_ECDH_t; +typedef TPMS_SCHEME_HASH_t TPMS_KEY_SCHEME_ECMQV_t; +typedef TPMS_SCHEME_HASH_t TPMS_SIG_SCHEME_RSASSA_t; +typedef TPMS_SCHEME_HASH_t TPMS_SIG_SCHEME_RSAPSS_t; +typedef TPMS_SCHEME_HASH_t TPMS_SIG_SCHEME_ECDSA_t; +typedef TPMS_SCHEME_HASH_t TPMS_SIG_SCHEME_ECDAA_t; +typedef TPMS_SCHEME_HASH_t TPMS_SIG_SCHEME_SM2_t; +typedef TPMS_SCHEME_HASH_t TPMS_SIG_SCHEME_ECSCHNORR_t; +typedef TPMS_SCHEME_HASH_t TPMS_ENC_SCHEME_RSAES_t; +typedef TPMS_SCHEME_HASH_t TPMS_ENC_SCHEME_OAEP_t; +typedef TPMS_SCHEME_HASH_t TPMS_SCHEME_KDF2_t; +typedef TPMS_SCHEME_HASH_t TPMS_SCHEME_MGF1_t; +typedef TPMS_SCHEME_HASH_t TPMS_SCHEME_KDF1_SP800_56A_t; +typedef TPMS_SCHEME_HASH_t TPMS_SCHEME_KDF2_t; +typedef TPMS_SCHEME_HASH_t TPMS_SCHEME_KDF1_SP800_108_t; + +/* TPMS_SCHEME_HMAC Type */ +typedef TPMS_SCHEME_HASH_t TPMS_SCHEME_HMAC_t; + +/* TPMS_SCHEME_XOR Structure */ +struct TPMS_SCHEME_XOR +{ + TPMI_ALG_HASH_t hashAlg; + TPMI_ALG_KDF_t kdf; +}; +typedef struct TPMS_SCHEME_XOR TPMS_SCHEME_XOR_t; + +/* TPMU_SCHEME_KEYEDHASH Union */ +union TPMU_SCHEME_KEYEDHASH +{ + TPMS_SCHEME_HMAC_t hmac; + TPMS_SCHEME_XOR_t exclusiveOr; +}; +typedef union TPMU_SCHEME_KEYEDHASH TPMU_SCHEME_KEYEDHASH_t; + +/* TPMT_KEYEDHASH_SCHEME Structure */ +struct TPMT_KEYEDHASH_SCHEME +{ + TPMI_ALG_KEYEDHASH_SCHEME_t scheme; + TPMU_SCHEME_KEYEDHASH_t details; +}; +typedef struct TPMT_KEYEDHASH_SCHEME TPMT_KEYEDHASH_SCHEME_t; + +/* TPMS_KEYEDHASH_PARMS Structure */ +struct TPMS_KEYEDHASH_PARMS +{ + TPMT_KEYEDHASH_SCHEME_t scheme; +}; +typedef struct TPMS_KEYEDHASH_PARMS TPMS_KEYEDHASH_PARMS_t; + +/* TPMU_SYM_KEY_BITS Union */ +union TPMU_SYM_KEY_BITS +{ + TPM_KEY_BITS_t aes; + TPM_KEY_BITS_t exclusiveOr; + TPM_KEY_BITS_t sm4; + TPM_KEY_BITS_t camellia; +}; +typedef union TPMU_SYM_KEY_BITS TPMU_SYM_KEY_BITS_t; + +/* TPMU_SYM_MODE Union */ +union TPMU_SYM_MODE +{ + TPMI_ALG_SYM_MODE_t aes; + TPMI_ALG_SYM_MODE_t sm4; + TPMI_ALG_SYM_MODE_t camellia; + TPMI_ALG_SYM_MODE_t sym; +}; +typedef union TPMU_SYM_MODE TPMU_SYM_MODE_t; + +/* TPMT_SYM_DEF_OBJECT Structure */ +struct TPMT_SYM_DEF_OBJECT +{ + TPMI_ALG_SYM_OBJECT_t algorithm; + TPMU_SYM_KEY_BITS_t keyBits; + TPMU_SYM_MODE_t mode; +}; +typedef struct TPMT_SYM_DEF_OBJECT TPMT_SYM_DEF_OBJECT_t; + +/* TPMS_SYMCIPHER_PARMS Structure */ +struct TPMS_SYMCIPHER_PARMS +{ + TPMT_SYM_DEF_OBJECT_t sym; +}; +typedef struct TPMS_SYMCIPHER_PARMS TPMS_SYMCIPHER_PARMS_t; + +/* TPMU_ASYM_SCHEME Union */ +union TPMU_ASYM_SCHEME +{ + TPMS_KEY_SCHEME_ECDH_t ecdh; + TPMS_KEY_SCHEME_ECMQV_t ecmqv; + TPMS_SIG_SCHEME_RSASSA_t rsassa; + TPMS_SIG_SCHEME_RSAPSS_t rsapss; + TPMS_SIG_SCHEME_ECDSA_t ecdsa; + TPMS_SIG_SCHEME_ECDAA_t ecdaa; + TPMS_SIG_SCHEME_SM2_t sm2; + TPMS_SIG_SCHEME_ECSCHNORR_t ecschnorr; + TPMS_ENC_SCHEME_RSAES_t rsaes; + TPMS_ENC_SCHEME_OAEP_t oaep; + TPMS_SCHEME_HASH_t anySig; + unsigned char padding[4]; +}; +typedef union TPMU_ASYM_SCHEME TPMU_ASYM_SCHEME_t; + +/* TPMT_RSA_SCHEME Structure */ +struct TPMT_RSA_SCHEME +{ + TPMI_ALG_RSA_SCHEME_t scheme; + TPMU_ASYM_SCHEME_t details; +}; +typedef struct TPMT_RSA_SCHEME TPMT_RSA_SCHEME_t; + +/* TPMS_RSA_PARMS Structure */ +struct TPMS_RSA_PARMS +{ + TPMT_SYM_DEF_OBJECT_t symmetric; + TPMT_RSA_SCHEME_t scheme; + TPM_KEY_BITS_t keyBits; + grub_uint32_t exponent; +}; +typedef struct TPMS_RSA_PARMS TPMS_RSA_PARMS_t; + +/* TPMT_ECC_SCHEME Structure */ +struct TPMT_ECC_SCHEME +{ + TPMI_ALG_ECC_SCHEME_t scheme; + TPMU_ASYM_SCHEME_t details; +}; +typedef struct TPMT_ECC_SCHEME TPMT_ECC_SCHEME_t; + +/* TPMU_KDF_SCHEME Union */ +union TPMU_KDF_SCHEME +{ + TPMS_SCHEME_MGF1_t mgf1; + TPMS_SCHEME_KDF1_SP800_56A_t kdf1_sp800_56a; + TPMS_SCHEME_KDF2_t kdf2; + TPMS_SCHEME_KDF1_SP800_108_t kdf1_sp800_108; +}; +typedef union TPMU_KDF_SCHEME TPMU_KDF_SCHEME_t; + +/* TPMT_KDF_SCHEME Structure */ +struct TPMT_KDF_SCHEME +{ + TPMI_ALG_KDF_t scheme; + TPMU_KDF_SCHEME_t details; +}; +typedef struct TPMT_KDF_SCHEME TPMT_KDF_SCHEME_t; + +/* TPMS_ECC_PARMS Structure */ +struct TPMS_ECC_PARMS +{ + TPMT_SYM_DEF_OBJECT_t symmetric; + TPMT_ECC_SCHEME_t scheme; + TPMI_ECC_CURVE_t curveID; + TPMT_KDF_SCHEME_t kdf; +}; +typedef struct TPMS_ECC_PARMS TPMS_ECC_PARMS_t; + +/* TPMT_ASYM_SCHEME Structure */ +struct TPMT_ASYM_SCHEME +{ + TPMI_ALG_ASYM_SCHEME_t scheme; + TPMU_ASYM_SCHEME_t details; +}; +typedef struct TPMT_ASYM_SCHEME TPMT_ASYM_SCHEME_t; + +/* TPMS_ASYM_PARMS Structure */ +struct TPMS_ASYM_PARMS +{ + TPMT_SYM_DEF_OBJECT_t symmetric; + TPMT_ASYM_SCHEME_t scheme; +}; +typedef struct TPMS_ASYM_PARMS TPMS_ASYM_PARMS_t; + +/* TPMU_PUBLIC_PARMS Union */ +union TPMU_PUBLIC_PARMS +{ + TPMS_KEYEDHASH_PARMS_t keyedHashDetail; + TPMS_SYMCIPHER_PARMS_t symDetail; + TPMS_RSA_PARMS_t rsaDetail; + TPMS_ECC_PARMS_t eccDetail; + TPMS_ASYM_PARMS_t asymDetail; +}; +typedef union TPMU_PUBLIC_PARMS TPMU_PUBLIC_PARMS_t; + +/* TPMT_PUBLIC_PARMS Structure */ +struct TPMT_PUBLIC_PARMS { + TPMI_ALG_PUBLIC_t type; + TPMU_PUBLIC_PARMS_t parameters; +}; +typedef struct TPMT_PUBLIC_PARMS TPMT_PUBLIC_PARMS_t; + +/* TPM2B_PUBLIC_KEY_RSA Structure */ +struct TPM2B_PUBLIC_KEY_RSA +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_MAX_RSA_KEY_BYTES]; +}; +typedef struct TPM2B_PUBLIC_KEY_RSA TPM2B_PUBLIC_KEY_RSA_t; + +/* TPM2B_ECC_PARAMETER Structure */ +struct TPM2B_ECC_PARAMETER +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_MAX_ECC_KEY_BYTES]; +}; +typedef struct TPM2B_ECC_PARAMETER TPM2B_ECC_PARAMETER_t; + +/* TPMS_ECC_POINT Structure */ +struct TPMS_ECC_POINT +{ + TPM2B_ECC_PARAMETER_t x; + TPM2B_ECC_PARAMETER_t y; +}; +typedef struct TPMS_ECC_POINT TPMS_ECC_POINT_t; + +/* TPMU_ENCRYPTED_SECRET Union */ +union TPMU_ENCRYPTED_SECRET +{ + grub_uint8_t ecc[sizeof(TPMS_ECC_POINT_t)]; + grub_uint8_t rsa[TPM_MAX_RSA_KEY_BYTES]; + grub_uint8_t symmetric[sizeof(TPM2B_DIGEST_t)]; + grub_uint8_t keyedHash[sizeof(TPM2B_DIGEST_t)]; +}; +typedef union TPMU_ENCRYPTED_SECRET TPMU_ENCRYPTED_SECRET_t; + +/* TPM2B_ENCRYPTED_SECRET Structure */ +struct TPM2B_ENCRYPTED_SECRET +{ + grub_uint16_t size; + grub_uint8_t secret[sizeof(TPMU_ENCRYPTED_SECRET_t)]; +}; +typedef struct TPM2B_ENCRYPTED_SECRET TPM2B_ENCRYPTED_SECRET_t; + +/* TPMU_PUBLIC_ID Union */ +union TPMU_PUBLIC_ID +{ + TPM2B_DIGEST_t keyedHash; + TPM2B_DIGEST_t sym; + TPM2B_PUBLIC_KEY_RSA_t rsa; + TPMS_ECC_POINT_t ecc; +}; +typedef union TPMU_PUBLIC_ID TPMU_PUBLIC_ID_t; + +/* TPMT_PUBLIC Structure */ +struct TPMT_PUBLIC +{ + TPMI_ALG_PUBLIC_t type; + TPMI_ALG_HASH_t nameAlg; + TPMA_OBJECT_t objectAttributes; + TPM2B_DIGEST_t authPolicy; + TPMU_PUBLIC_PARMS_t parameters; + TPMU_PUBLIC_ID_t unique; +}; +typedef struct TPMT_PUBLIC TPMT_PUBLIC_t; + +/* TPM2B_PUBLIC Structure */ +struct TPM2B_PUBLIC +{ + grub_uint16_t size; + TPMT_PUBLIC_t publicArea; +}; +typedef struct TPM2B_PUBLIC TPM2B_PUBLIC_t; + +/* TPMT_HA Structure */ +struct TPMT_HA +{ + TPMI_ALG_HASH_t hashAlg; + TPMU_HA_t digest; +}; +typedef struct TPMT_HA TPMT_HA_t; + +/* TPM2B_DATA Structure */ +struct TPM2B_DATA +{ + grub_uint16_t size; + grub_uint8_t buffer[sizeof(TPMT_HA_t)]; +}; +typedef struct TPM2B_DATA TPM2B_DATA_t; + +/* TPMA_LOCALITY Structure */ +struct TPMA_LOCALITY +{ + grub_uint8_t TPM_LOC_ZERO:1; + grub_uint8_t TPM_LOC_ONE:1; + grub_uint8_t TPM_LOC_TWO:1; + grub_uint8_t TPM_LOC_THREE:1; + grub_uint8_t TPM_LOC_FOUR:1; + grub_uint8_t Extended:3; +}; +typedef struct TPMA_LOCALITY TPMA_LOCALITY_t; + +/* TPMU_NAME Union */ +union TPMU_NAME +{ + TPMT_HA_t digest; + TPM_HANDLE_t handle; +}; +typedef union TPMU_NAME TPMU_NAME_t; + +/* TPM2B_NAME Structure */ +struct TPM2B_NAME +{ + grub_uint16_t size; + grub_uint8_t name[sizeof(TPMU_NAME_t)]; +}; +typedef struct TPM2B_NAME TPM2B_NAME_t; + +/* TPMS_CREATION_DATA Structure */ +struct TPMS_CREATION_DATA +{ + TPML_PCR_SELECTION_t pcrSelect; + TPM2B_DIGEST_t pcrDigest; + TPMA_LOCALITY_t locality; + TPM_ALG_ID_t parentNameAlg; + TPM2B_NAME_t parentName; + TPM2B_NAME_t parentQualifiedName; + TPM2B_DATA_t outsideInfo; +}; +typedef struct TPMS_CREATION_DATA TPMS_CREATION_DATA_t; + +/* TPM2B_CREATION_DATA Structure */ +struct TPM2B_CREATION_DATA +{ + grub_uint16_t size; + TPMS_CREATION_DATA_t creationData; +}; +typedef struct TPM2B_CREATION_DATA TPM2B_CREATION_DATA_t; + +/* TPMT_SYM_DEF Structure */ +struct TPMT_SYM_DEF +{ + TPMI_ALG_SYM_t algorithm; + TPMU_SYM_KEY_BITS_t keyBits; + TPMU_SYM_MODE_t mode; +}; +typedef struct TPMT_SYM_DEF TPMT_SYM_DEF_t; + +/* TPM2B_MAX_BUFFER Structure */ +struct TPM2B_MAX_BUFFER +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_MAX_DIGEST_BUFFER]; +}; +typedef struct TPM2B_MAX_BUFFER TPM2B_MAX_BUFFER_t; + +/* TPMT_TK_HASHCHECK Structure */ +struct TPMT_TK_HASHCHECK +{ + TPM_ST_t tag; + TPMI_RH_HIERARCHY_t hierarchy; + TPM2B_DIGEST_t digest; +}; +typedef struct TPMT_TK_HASHCHECK TPMT_TK_HASHCHECK_t; + +/* TPM2B_SYM_KEY Structure */ +struct TPM2B_SYM_KEY +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_MAX_SYM_KEY_BYTES]; +}; +typedef struct TPM2B_SYM_KEY TPM2B_SYM_KEY_t; + +/* TPM2B_PRIVATE_KEY_RSA Structure */ +struct TPM2B_PRIVATE_KEY_RSA +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_MAX_RSA_KEY_BYTES/2]; +}; +typedef struct TPM2B_PRIVATE_KEY_RSA TPM2B_PRIVATE_KEY_RSA_t; + +/* TPM2B_PRIVATE_VENDOR_SPECIFIC Structure */ +struct TPM2B_PRIVATE_VENDOR_SPECIFIC +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_PRIVATE_VENDOR_SPECIFIC_BYTES]; +}; +typedef struct TPM2B_PRIVATE_VENDOR_SPECIFIC TPM2B_PRIVATE_VENDOR_SPECIFIC_t; + +/* TPM2B_PRIVATE_VENDOR_SPECIFIC Union */ +union TPMU_SENSITIVE_COMPOSITE +{ + TPM2B_PRIVATE_KEY_RSA_t rsa; + TPM2B_ECC_PARAMETER_t ecc; + TPM2B_SENSITIVE_DATA_t bits; + TPM2B_SYM_KEY_t sym; + TPM2B_PRIVATE_VENDOR_SPECIFIC_t any; +}; +typedef union TPMU_SENSITIVE_COMPOSITE TPMU_SENSITIVE_COMPOSITE_t; + +/* TPMT_SENSITIVE Structure */ +struct TPMT_SENSITIVE +{ + TPMI_ALG_PUBLIC_t sensitiveType; + TPM2B_AUTH_t authValue; + TPM2B_DIGEST_t seedValue; + TPMU_SENSITIVE_COMPOSITE_t sensitive; +}; +typedef struct TPMT_SENSITIVE TPMT_SENSITIVE_t; + +/* TPM2B_SENSITIVE Structure */ +struct TPM2B_SENSITIVE +{ + grub_uint16_t size; + TPMT_SENSITIVE_t sensitiveArea; +}; +typedef struct TPM2B_SENSITIVE TPM2B_SENSITIVE_t; + +/* + * _PRIVATE Structure + * + * Although '_PRIVATE' is the name defined in the TPM2 SPEC, it is too generic, + * so here we add the '__TPM2B' prefix to make the struct specific for 'TPM2B_PRIVATE'. + */ +struct __TPM2B_PRIVATE +{ + TPM2B_DIGEST_t integrityOuter; + TPM2B_DIGEST_t integrityInner; + TPM2B_SENSITIVE_t sensitive; +}; +typedef struct __TPM2B_PRIVATE __TPM2B_PRIVATE_t; + +/* TPM2B_PRIVATE Structure */ +struct TPM2B_PRIVATE +{ + grub_uint16_t size; + grub_uint8_t buffer[sizeof(__TPM2B_PRIVATE_t)]; +}; +typedef struct TPM2B_PRIVATE TPM2B_PRIVATE_t; + +/* TPML_DIGEST_VALUES Structure */ +struct TPML_DIGEST_VALUES +{ + grub_uint16_t count; + TPMT_HA_t digests[TPM_NUM_PCR_BANKS]; +}; +typedef struct TPML_DIGEST_VALUES TPML_DIGEST_VALUES_t; + +/* TPM2B_MAX_NV_BUFFER Structure */ +struct TPM2B_MAX_NV_BUFFER +{ + grub_uint16_t size; + grub_uint8_t buffer[TPM_MAX_NV_BUFFER_SIZE]; +}; +typedef struct TPM2B_MAX_NV_BUFFER TPM2B_MAX_NV_BUFFER_t; + +/* TPMS_NV_PUBLIC Structure */ +struct TPMS_NV_PUBLIC +{ + TPMI_RH_NV_INDEX_t nvIndex; + TPMI_ALG_HASH_t nameAlg; + TPMA_NV_t attributes; + TPM2B_DIGEST_t authPolicy; + grub_uint16_t dataSize; +}; +typedef struct TPMS_NV_PUBLIC TPMS_NV_PUBLIC_t; + +/* TPM2B_NV_PUBLIC Structure */ +struct TPM2B_NV_PUBLIC +{ + grub_uint16_t size; + TPMS_NV_PUBLIC_t nvPublic; +}; +typedef struct TPM2B_NV_PUBLIC TPM2B_NV_PUBLIC_t; + +/* TPMT_TK_CREATION Structure */ +struct TPMT_TK_CREATION +{ + TPM_ST_t tag; + TPMI_RH_HIERARCHY_t hierarchy; + TPM2B_DIGEST_t digest; +}; +typedef struct TPMT_TK_CREATION TPMT_TK_CREATION_t; + +/* TPMS_EMPTY Structure */ +struct TPMS_EMPTY { + grub_uint8_t empty[1]; /* a structure with no member */ +}; +typedef struct TPMS_EMPTY TPMS_EMPTY_t; + +/* TPMS_SIGNATURE_RSA Structure */ +struct TPMS_SIGNATURE_RSA { + TPMI_ALG_HASH_t hash; + TPM2B_PUBLIC_KEY_RSA_t sig; +}; +typedef struct TPMS_SIGNATURE_RSA TPMS_SIGNATURE_RSA_t; + +/* Definition of Types for RSA Signature */ +typedef TPMS_SIGNATURE_RSA_t TPMS_SIGNATURE_RSASSA_t; +typedef TPMS_SIGNATURE_RSA_t TPMS_SIGNATURE_RSAPSS_t; + +/* TPMS_SIGNATURE_ECC Structure */ +struct TPMS_SIGNATURE_ECC { + TPMI_ALG_HASH_t hash; + TPM2B_ECC_PARAMETER_t signatureR; + TPM2B_ECC_PARAMETER_t signatureS; +}; +typedef struct TPMS_SIGNATURE_ECC TPMS_SIGNATURE_ECC_t; + +/* Definition of Types for ECC TPMS_SIGNATURE_ECC */ +typedef TPMS_SIGNATURE_ECC_t TPMS_SIGNATURE_ECDSA_t; +typedef TPMS_SIGNATURE_ECC_t TPMS_SIGNATURE_ECDAA_t; +typedef TPMS_SIGNATURE_ECC_t TPMS_SIGNATURE_SM2_t; +typedef TPMS_SIGNATURE_ECC_t TPMS_SIGNATURE_ECSCHNORR_t; + +/* TPMU_SIGNATURE Structure */ +union TPMU_SIGNATURE { + TPMS_SIGNATURE_RSASSA_t rsassa; + TPMS_SIGNATURE_RSAPSS_t rsapss; + TPMS_SIGNATURE_ECDSA_t ecdsa; + TPMS_SIGNATURE_ECDAA_t ecdaa; + TPMS_SIGNATURE_SM2_t sm2; + TPMS_SIGNATURE_ECSCHNORR_t ecschnorr; + TPMT_HA_t hmac; + TPMS_SCHEME_HASH_t any; + TPMS_EMPTY_t null; +}; +typedef union TPMU_SIGNATURE TPMU_SIGNATURE_t; + +/* TPMT_SIGNATURE Structure */ +struct TPMT_SIGNATURE { + TPMI_ALG_SIG_SCHEME_t sigAlg; + TPMU_SIGNATURE_t signature; +}; +typedef struct TPMT_SIGNATURE TPMT_SIGNATURE_t; + +static inline TPMI_ALG_HASH_t +TPMT_SIGNATURE_get_hash_alg (TPMT_SIGNATURE_t *sig) +{ + switch (sig->sigAlg) + { + case TPM_ALG_RSASSA: + return sig->signature.rsassa.hash; + case TPM_ALG_RSAPSS: + return sig->signature.rsapss.hash; + case TPM_ALG_ECDSA: + return sig->signature.ecdsa.hash; + case TPM_ALG_ECDAA: + return sig->signature.ecdaa.hash; + case TPM_ALG_SM2: + return sig->signature.sm2.hash; + case TPM_ALG_ECSCHNORR: + return sig->signature.ecschnorr.hash; + case TPM_ALG_HMAC: + return sig->signature.hmac.hashAlg; + default: + break; + } + + return TPM_ALG_NULL; +} + +/* TPMT_TK_VERIFIED Structure */ +struct TPMT_TK_VERIFIED { + TPM_ST_t tag; + TPMI_RH_HIERARCHY_t hierarchy; + TPM2B_DIGEST_t digest; +}; +typedef struct TPMT_TK_VERIFIED TPMT_TK_VERIFIED_t; + +#endif /* ! GRUB_TPM2_INTERNAL_STRUCTS_HEADER */ diff --git a/grub-core/lib/tss2/tss2_types.h b/grub-core/lib/tss2/tss2_types.h new file mode 100644 index 000000000..a8f040b29 --- /dev/null +++ b/grub-core/lib/tss2/tss2_types.h @@ -0,0 +1,404 @@ +/* + * GRUB -- GRand Unified Bootloader + * Copyright (C) 2022 Microsoft Corporation + * Copyright (C) 2024 Free Software Foundation, Inc. + * + * GRUB is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * GRUB is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with GRUB. If not, see <http://www.gnu.org/licenses/>. + */ + +#ifndef GRUB_TPM2_INTERNAL_TYPES_HEADER +#define GRUB_TPM2_INTERNAL_TYPES_HEADER 1 + +#include <grub/types.h> + +/* TPM2_RC Constants */ +typedef grub_uint32_t TPM_RC_t; + +#define TPM_RC_1 ((TPM_RC_t) 0x100) +#define TPM_RC_2 ((TPM_RC_t) 0x200) +#define TPM_RC_3 ((TPM_RC_t) 0x300) +#define TPM_RC_4 ((TPM_RC_t) 0x400) +#define TPM_RC_5 ((TPM_RC_t) 0x500) +#define TPM_RC_6 ((TPM_RC_t) 0x600) +#define TPM_RC_7 ((TPM_RC_t) 0x700) +#define TPM_RC_8 ((TPM_RC_t) 0x800) +#define TPM_RC_9 ((TPM_RC_t) 0x900) +#define TPM_RC_A ((TPM_RC_t) 0xA00) +#define TPM_RC_ASYMMETRIC ((TPM_RC_t) 0x081) +#define TPM_RC_ATTRIBUTES ((TPM_RC_t) 0x082) +#define TPM_RC_AUTH_CONTEXT ((TPM_RC_t) 0x145) +#define TPM_RC_AUTH_FAIL ((TPM_RC_t) 0x08E) +#define TPM_RC_AUTH_MISSING ((TPM_RC_t) 0x125) +#define TPM_RC_AUTHSIZE ((TPM_RC_t) 0x144) +#define TPM_RC_AUTH_TYPE ((TPM_RC_t) 0x124) +#define TPM_RC_AUTH_UNAVAILABLE ((TPM_RC_t) 0x12F) +#define TPM_RC_B ((TPM_RC_t) 0xB00) +#define TPM_RC_BAD_AUTH ((TPM_RC_t) 0x0A2) +#define TPM_RC_BAD_CONTEXT ((TPM_RC_t) 0x150) +#define TPM_RC_BAD_TAG ((TPM_RC_t) 0x01E) +#define TPM_RC_BINDING ((TPM_RC_t) 0x0A5) +#define TPM_RC_C ((TPM_RC_t) 0xC00) +#define TPM_RC_CANCELED ((TPM_RC_t) 0x909) +#define TPM_RC_COMMAND_CODE ((TPM_RC_t) 0x143) +#define TPM_RC_COMMAND_SIZE ((TPM_RC_t) 0x142) +#define TPM_RC_CONTEXT_GAP ((TPM_RC_t) 0x901) +#define TPM_RC_CPHASH ((TPM_RC_t) 0x151) +#define TPM_RC_CURVE ((TPM_RC_t) 0x0A6) +#define TPM_RC_D ((TPM_RC_t) 0xD00) +#define TPM_RC_DISABLED ((TPM_RC_t) 0x120) +#define TPM_RC_E ((TPM_RC_t) 0xE00) +#define TPM_RC_ECC_POINT ((TPM_RC_t) 0x0A7) +#define TPM_RC_EXCLUSIVE ((TPM_RC_t) 0x121) +#define TPM_RC_EXPIRED ((TPM_RC_t) 0x0A3) +#define TPM_RC_F ((TPM_RC_t) 0xF00) +#define TPM_RC_FAILURE ((TPM_RC_t) 0x101) +#define TPM_RC_H ((TPM_RC_t) 0x000) +#define TPM_RC_HANDLE ((TPM_RC_t) 0x08B) +#define TPM_RC_HASH ((TPM_RC_t) 0x083) +#define TPM_RC_HIERARCHY ((TPM_RC_t) 0x085) +#define TPM_RC_HMAC ((TPM_RC_t) 0x119) +#define TPM_RC_INITIALIZE ((TPM_RC_t) 0x100) +#define TPM_RC_INSUFFICIENT ((TPM_RC_t) 0x09A) +#define TPM_RC_INTEGRITY ((TPM_RC_t) 0x09F) +#define TPM_RC_KDF ((TPM_RC_t) 0x08C) +#define TPM_RC_KEY ((TPM_RC_t) 0x09C) +#define TPM_RC_KEY_SIZE ((TPM_RC_t) 0x087) +#define TPM_RC_LOCALITY ((TPM_RC_t) 0x907) +#define TPM_RC_LOCKOUT ((TPM_RC_t) 0x921) +#define TPM_RC_MEMORY ((TPM_RC_t) 0x904) +#define TPM_RC_MGF ((TPM_RC_t) 0x088) +#define TPM_RC_MODE ((TPM_RC_t) 0x089) +#define TPM_RC_NEEDS_TEST ((TPM_RC_t) 0x153) +#define TPM_RC_N_MASK ((TPM_RC_t) 0xF00) +#define TPM_RC_NONCE ((TPM_RC_t) 0x08F) +#define TPM_RC_NO_RESULT ((TPM_RC_t) 0x154) +#define TPM_RC_NOT_USED ((TPM_RC_t) 0x97F) +#define TPM_RC_NV_AUTHORIZATION ((TPM_RC_t) 0x149) +#define TPM_RC_NV_DEFINED ((TPM_RC_t) 0x14C) +#define TPM_RC_NV_LOCKED ((TPM_RC_t) 0x148) +#define TPM_RC_NV_RANGE ((TPM_RC_t) 0x146) +#define TPM_RC_NV_RATE ((TPM_RC_t) 0x920) +#define TPM_RC_NV_SIZE ((TPM_RC_t) 0x147) +#define TPM_RC_NV_SPACE ((TPM_RC_t) 0x14B) +#define TPM_RC_NV_UNAVAILABLE ((TPM_RC_t) 0x923) +#define TPM_RC_NV_UNINITIALIZED ((TPM_RC_t) 0x14A) +#define TPM_RC_OBJECT_HANDLES ((TPM_RC_t) 0x906) +#define TPM_RC_OBJECT_MEMORY ((TPM_RC_t) 0x902) +#define TPM_RC_P ((TPM_RC_t) 0x040) +#define TPM_RC_PARENT ((TPM_RC_t) 0x152) +#define TPM_RC_PCR ((TPM_RC_t) 0x127) +#define TPM_RC_PCR_CHANGED ((TPM_RC_t) 0x128) +#define TPM_RC_POLICY ((TPM_RC_t) 0x126) +#define TPM_RC_POLICY_CC ((TPM_RC_t) 0x0A4) +#define TPM_RC_POLICY_FAIL ((TPM_RC_t) 0x09D) +#define TPM_RC_PP ((TPM_RC_t) 0x090) +#define TPM_RC_PRIVATE ((TPM_RC_t) 0x10B) +#define TPM_RC_RANGE ((TPM_RC_t) 0x08D) +#define TPM_RC_REBOOT ((TPM_RC_t) 0x130) +#define TPM_RC_REFERENCE_H0 ((TPM_RC_t) 0x910) +#define TPM_RC_REFERENCE_H1 ((TPM_RC_t) 0x911) +#define TPM_RC_REFERENCE_H2 ((TPM_RC_t) 0x912) +#define TPM_RC_REFERENCE_H3 ((TPM_RC_t) 0x913) +#define TPM_RC_REFERENCE_H4 ((TPM_RC_t) 0x914) +#define TPM_RC_REFERENCE_H5 ((TPM_RC_t) 0x915) +#define TPM_RC_REFERENCE_H6 ((TPM_RC_t) 0x916) +#define TPM_RC_REFERENCE_S0 ((TPM_RC_t) 0x918) +#define TPM_RC_REFERENCE_S1 ((TPM_RC_t) 0x919) +#define TPM_RC_REFERENCE_S2 ((TPM_RC_t) 0x91A) +#define TPM_RC_REFERENCE_S3 ((TPM_RC_t) 0x91B) +#define TPM_RC_REFERENCE_S4 ((TPM_RC_t) 0x91C) +#define TPM_RC_REFERENCE_S5 ((TPM_RC_t) 0x91D) +#define TPM_RC_REFERENCE_S6 ((TPM_RC_t) 0x91E) +#define TPM_RC_RESERVED_BITS ((TPM_RC_t) 0x0A1) +#define TPM_RC_RETRY ((TPM_RC_t) 0x922) +#define TPM_RC_S ((TPM_RC_t) 0x800) +#define TPM_RC_SCHEME ((TPM_RC_t) 0x092) +#define TPM_RC_SELECTOR ((TPM_RC_t) 0x098) +#define TPM_RC_SENSITIVE ((TPM_RC_t) 0x155) +#define TPM_RC_SEQUENCE ((TPM_RC_t) 0x103) +#define TPM_RC_SESSION_HANDLES ((TPM_RC_t) 0x905) +#define TPM_RC_SESSION_MEMORY ((TPM_RC_t) 0x903) +#define TPM_RC_SIGNATURE ((TPM_RC_t) 0x09B) +#define TPM_RC_SIZE ((TPM_RC_t) 0x095) +#define TPM_RC_SUCCESS ((TPM_RC_t) 0x000) +#define TPM_RC_SYMMETRIC ((TPM_RC_t) 0x096) +#define TPM_RC_TAG ((TPM_RC_t) 0x097) +#define TPM_RC_TESTING ((TPM_RC_t) 0x90A) +#define TPM_RC_TICKET ((TPM_RC_t) 0x0A0) +#define TPM_RC_TOO_MANY_CONTEXTS ((TPM_RC_t) 0x12E) +#define TPM_RC_TYPE ((TPM_RC_t) 0x08A) +#define TPM_RC_UNBALANCED ((TPM_RC_t) 0x131) +#define TPM_RC_UPGRADE ((TPM_RC_t) 0x12D) +#define TPM_RC_VALUE ((TPM_RC_t) 0x084) +#define TPM_RC_YIELDED ((TPM_RC_t) 0x908) + +/* TPMA_NV_t Constants */ +typedef grub_uint32_t TPMA_NV_t; + +#define TPMA_NV_PPWRITE ((TPMA_NV_t) 0x00000001) +#define TPMA_NV_OWNERWRITE ((TPMA_NV_t) 0x00000002) +#define TPMA_NV_AUTHWRITE ((TPMA_NV_t) 0x00000004) +#define TPMA_NV_POLICYWRITE ((TPMA_NV_t) 0x00000008) +#define TPMA_NV_TPM2_NT_MASK ((TPMA_NV_t) 0x000000F0) +#define TPMA_NV_TPM2_NT_SHIFT (4) +#define TPMA_NV_RESERVED1_MASK ((TPMA_NV_t) 0x00000300) +#define TPMA_NV_POLICY_DELETE ((TPMA_NV_t) 0x00000400) +#define TPMA_NV_WRITELOCKED ((TPMA_NV_t) 0x00000800) +#define TPMA_NV_WRITEALL ((TPMA_NV_t) 0x00001000) +#define TPMA_NV_WRITEDEFINE ((TPMA_NV_t) 0x00002000) +#define TPMA_NV_WRITE_STCLEAR ((TPMA_NV_t) 0x00004000) +#define TPMA_NV_GLOBALLOCK ((TPMA_NV_t) 0x00008000) +#define TPMA_NV_PPREAD ((TPMA_NV_t) 0x00010000) +#define TPMA_NV_OWNERREAD ((TPMA_NV_t) 0x00020000) +#define TPMA_NV_AUTHREAD ((TPMA_NV_t) 0x00040000) +#define TPMA_NV_POLICYREAD ((TPMA_NV_t) 0x00080000) +#define TPMA_NV_RESERVED2_MASK ((TPMA_NV_t) 0x01F00000) +#define TPMA_NV_NO_DA ((TPMA_NV_t) 0x02000000) +#define TPMA_NV_ORDERLY ((TPMA_NV_t) 0x04000000) +#define TPMA_NV_CLEAR_STCLEAR ((TPMA_NV_t) 0x08000000) +#define TPMA_NV_READLOCKED ((TPMA_NV_t) 0x10000000) +#define TPMA_NV_WRITTEN ((TPMA_NV_t) 0x20000000) +#define TPMA_NV_PLATFORMCREATE ((TPMA_NV_t) 0x40000000) +#define TPMA_NV_READ_STCLEAR ((TPMA_NV_t) 0x80000000) + +/* TPM_ALG_ID_t Constants */ +typedef grub_uint16_t TPM_ALG_ID_t; + +#define TPM_ALG_ERROR ((TPM_ALG_ID_t) 0x0000) +#define TPM_ALG_AES ((TPM_ALG_ID_t) 0x0006) +#define TPM_ALG_CAMELLIA ((TPM_ALG_ID_t) 0x0026) +#define TPM_ALG_CBC ((TPM_ALG_ID_t) 0x0042) +#define TPM_ALG_CFB ((TPM_ALG_ID_t) 0x0043) +#define TPM_ALG_ECB ((TPM_ALG_ID_t) 0x0044) +#define TPM_ALG_ECC ((TPM_ALG_ID_t) 0x0023) +#define TPM_ALG_ECDAA ((TPM_ALG_ID_t) 0x001A) +#define TPM_ALG_ECDSA ((TPM_ALG_ID_t) 0x0018) +#define TPM_ALG_ECSCHNORR ((TPM_ALG_ID_t) 0x001C) +#define TPM_ALG_HMAC ((TPM_ALG_ID_t) 0x0005) +#define TPM_ALG_KDF1_SP800_108 ((TPM_ALG_ID_t) 0x0022) +#define TPM_ALG_KDF1_SP800_56A ((TPM_ALG_ID_t) 0x0020) +#define TPM_ALG_KDF2 ((TPM_ALG_ID_t) 0x0021) +#define TPM_ALG_KEYEDHASH ((TPM_ALG_ID_t) 0x0008) +#define TPM_ALG_MGF1 ((TPM_ALG_ID_t) 0x0007) +#define TPM_ALG_NULL ((TPM_ALG_ID_t) 0x0010) +#define TPM_ALG_RSA ((TPM_ALG_ID_t) 0x0001) +#define TPM_ALG_RSASSA ((TPM_ALG_ID_t) 0x0014) +#define TPM_ALG_RSAPSS ((TPM_ALG_ID_t) 0x0016) +#define TPM_ALG_SHA1 ((TPM_ALG_ID_t) 0x0004) +#define TPM_ALG_SHA256 ((TPM_ALG_ID_t) 0x000B) +#define TPM_ALG_SHA384 ((TPM_ALG_ID_t) 0x000C) +#define TPM_ALG_SHA512 ((TPM_ALG_ID_t) 0x000D) +#define TPM_ALG_SM2 ((TPM_ALG_ID_t) 0x001B) +#define TPM_ALG_SM3_256 ((TPM_ALG_ID_t) 0x0012) +#define TPM_ALG_SM4 ((TPM_ALG_ID_t) 0x0013) +#define TPM_ALG_SYMCIPHER ((TPM_ALG_ID_t) 0x0025) +#define TPM_ALG_XOR ((TPM_ALG_ID_t) 0x000A) + +/* TPM_CAP_t Constants */ +typedef grub_uint32_t TPM_CAP_t; + +#define TPM_CAP_FIRST ((TPM_CAP_t) 0x00000000) +#define TPM_CAP_ALGS ((TPM_CAP_t) 0x00000000) +#define TPM_CAP_HANDLES ((TPM_CAP_t) 0x00000001) +#define TPM_CAP_COMMANDS ((TPM_CAP_t) 0x00000002) +#define TPM_CAP_PP_COMMANDS ((TPM_CAP_t) 0x00000003) +#define TPM_CAP_AUDIT_COMMANDS ((TPM_CAP_t) 0x00000004) +#define TPM_CAP_PCRS ((TPM_CAP_t) 0x00000005) +#define TPM_CAP_TPM_PROPERTIES ((TPM_CAP_t) 0x00000006) +#define TPM_CAP_PCR_PROPERTIES ((TPM_CAP_t) 0x00000007) +#define TPM_CAP_ECC_CURVES ((TPM_CAP_t) 0x00000008) +#define TPM_CAP_LAST ((TPM_CAP_t) 0x00000008) +#define TPM_CAP_VENDOR_PROPERTY ((TPM_CAP_t) 0x00000100) + +/* TPM_PT_t Constants */ +typedef grub_uint32_t TPM_PT_t; + +#define TPM_PT_NONE ((TPM_PT_t) 0x00000000) +#define PT_GROUP ((TPM_PT_t) 0x00000100) +#define PT_FIXED ((TPM_PT_t) (PT_GROUP * 1)) +#define TPM_PT_FAMILY_INDICATOR ((TPM_PT_t) (PT_FIXED + 0)) +#define TPM_PT_LEVEL ((TPM_PT_t) (PT_FIXED + 1)) +#define TPM_PT_REVISION ((TPM_PT_t) (PT_FIXED + 2)) +#define TPM_PT_DAY_OF_YEAR ((TPM_PT_t) (PT_FIXED + 3)) +#define TPM_PT_YEAR ((TPM_PT_t) (PT_FIXED + 4)) +#define TPM_PT_PCR_COUNT ((TPM_PT_t) (PT_FIXED + 18)) + +/* TPM_SE_t Constants */ +typedef grub_uint8_t TPM_SE_t; + +#define TPM_SE_HMAC ((TPM_SE_t) 0x00) +#define TPM_SE_POLICY ((TPM_SE_t) 0x01) +#define TPM_SE_TRIAL ((TPM_SE_t) 0x03) + +/* TPMI_YES_NO_t Constants */ +typedef grub_uint8_t TPMI_YES_NO_t; + +#define TPM_NO ((TPMI_YES_NO_t)0) +#define TPM_YES ((TPMI_YES_NO_t)1) + +/* TPM_ST_t Constants */ +typedef grub_uint16_t TPM_ST_t; +typedef TPM_ST_t TPMI_ST_COMMAND_TAG_t; + +#define TPM_ST_NO_SESSIONS ((TPMI_ST_COMMAND_TAG_t) 0x8001) +#define TPM_ST_SESSIONS ((TPMI_ST_COMMAND_TAG_t) 0x8002) + +/* TPM_HANDLE_t Types */ +typedef grub_uint32_t TPM_HANDLE_t; + +typedef TPM_HANDLE_t TPMI_RH_HIERARCHY_t; +typedef TPM_HANDLE_t TPMI_RH_LOCKOUT_t; +typedef TPM_HANDLE_t TPMI_SH_AUTH_SESSION_t; +typedef TPM_HANDLE_t TPMI_DH_CONTEXT_t; +typedef TPM_HANDLE_t TPMI_DH_OBJECT_t; +typedef TPM_HANDLE_t TPMI_DH_ENTITY_t; +typedef TPM_HANDLE_t TPMI_SH_POLICY_t; +typedef TPM_HANDLE_t TPMI_DH_PCR_t; +typedef TPM_HANDLE_t TPMI_RH_NV_AUTH_t; +typedef TPM_HANDLE_t TPMI_RH_NV_INDEX_t; + +/* TPM_HT_t Constants */ +typedef grub_uint8_t TPM_HT_t; +#define TPM_HT_PERMANENT ((TPM_HT_t) 0x40) +#define TPM_HT_PERSISTENT ((TPM_HT_t) 0x81) + +/* TPM_RH_t Constants */ +typedef TPM_HANDLE_t TPM_RH_t; + +#define TPM_RH_FIRST ((TPM_RH_t) 0x40000000) +#define TPM_RH_SRK ((TPM_RH_t) 0x40000000) +#define TPM_RH_OWNER ((TPM_RH_t) 0x40000001) +#define TPM_RH_REVOKE ((TPM_RH_t) 0x40000002) +#define TPM_RH_TRANSPORT ((TPM_RH_t) 0x40000003) +#define TPM_RH_OPERATOR ((TPM_RH_t) 0x40000004) +#define TPM_RH_ADMIN ((TPM_RH_t) 0x40000005) +#define TPM_RH_EK ((TPM_RH_t) 0x40000006) +#define TPM_RH_NULL ((TPM_RH_t) 0x40000007) +#define TPM_RH_UNASSIGNED ((TPM_RH_t) 0x40000008) +#define TPM_RS_PW ((TPM_RH_t) 0x40000009) +#define TPM_RH_LOCKOUT ((TPM_RH_t) 0x4000000A) +#define TPM_RH_ENDORSEMENT ((TPM_RH_t) 0x4000000B) +#define TPM_RH_PLATFORM ((TPM_RH_t) 0x4000000C) +#define TPM_RH_PLATFORM_NV ((TPM_RH_t) 0x4000000D) +#define TPM_RH_AUTH_00 ((TPM_RH_t) 0x40000010) +#define TPM_RH_AUTH_FF ((TPM_RH_t) 0x4000010F) +#define TPM_RH_LAST ((TPM_RH_t) 0x4000010F) + +/* TPM_HC_t Constants */ +typedef TPM_HANDLE_t TPM_HC_t; +#define TPM_HR_HANDLE_MASK ((TPM_HC_t) 0x00FFFFFF) +#define TPM_HR_RANGE_MASK ((TPM_HC_t) 0xFF000000) +#define TPM_HR_SHIFT ((TPM_HC_t) 24) +#define TPM_HR_PERSISTENT ((TPM_HC_t) (TPM_HT_PERSISTENT << TPM_HR_SHIFT)) +#define TPM_HR_PERMANENT ((TPM_HC_t) (TPM_HT_PERMANENT << TPM_HR_SHIFT)) +#define TPM_PERSISTENT_FIRST ((TPM_HC_t) (TPM_HR_PERSISTENT + 0)) +#define TPM_PERSISTENT_LAST ((TPM_HC_t) (TPM_PERSISTENT_FIRST + 0x00FFFFFF)) +#define TPM_PERMANENT_FIRST ((TPM_HC_t) TPM_RH_FIRST) +#define TPM_PERMANENT_LAST ((TPM_HC_t) TPM_RH_LAST) + +/* TPM Handle Type Checks */ +#define TPM_HT_IS_PERMANENT(HANDLE) (((HANDLE) >> TPM_HR_SHIFT) == TPM_HT_PERMANENT) +#define TPM_HT_IS_PERSISTENT(HANDLE) (((HANDLE) >> TPM_HR_SHIFT) == TPM_HT_PERSISTENT) + +/* TPM_ECC_CURVE_t Constants */ +typedef grub_uint16_t TPM_ECC_CURVE_t; + +#define TPM_ECC_NONE ((TPM_ECC_CURVE_t) 0x0000) +#define TPM_ECC_NIST_P192 ((TPM_ECC_CURVE_t) 0x0001) +#define TPM_ECC_NIST_P224 ((TPM_ECC_CURVE_t) 0x0002) +#define TPM_ECC_NIST_P256 ((TPM_ECC_CURVE_t) 0x0003) +#define TPM_ECC_NIST_P384 ((TPM_ECC_CURVE_t) 0x0004) +#define TPM_ECC_NIST_P521 ((TPM_ECC_CURVE_t) 0x0005) +#define TPM_ECC_BN_P256 ((TPM_ECC_CURVE_t) 0x0010) +#define TPM_ECC_BN_P638 ((TPM_ECC_CURVE_t) 0x0011) +#define TPM_ECC_SM2_P256 ((TPM_ECC_CURVE_t) 0x0020) + +/* TPM_CC_t Constants */ +typedef grub_uint32_t TPM_CC_t; + +#define TPM_CC_EvictControl ((TPM_CC_t) 0x00000120) +#define TPM_CC_CreatePrimary ((TPM_CC_t) 0x00000131) +#define TPM_CC_Create ((TPM_CC_t) 0x00000153) +#define TPM_CC_FlushContext ((TPM_CC_t) 0x00000165) +#define TPM_CC_ReadPublic ((TPM_CC_t) 0x00000173) +#define TPM_CC_StartAuthSession ((TPM_CC_t) 0x00000176) +#define TPM_CC_PolicyPCR ((TPM_CC_t) 0x0000017f) +#define TPM_CC_NV_Read ((TPM_CC_t) 0x0000014e) +#define TPM_CC_NV_ReadPublic ((TPM_CC_t) 0x00000169) +#define TPM_CC_GetCapability ((TPM_CC_t) 0x0000017a) +#define TPM_CC_PCR_Read ((TPM_CC_t) 0x0000017e) +#define TPM_CC_Load ((TPM_CC_t) 0x00000157) +#define TPM_CC_LoadExternal ((TPM_CC_t) 0x00000167) +#define TPM_CC_Unseal ((TPM_CC_t) 0x0000015e) +#define TPM_CC_PolicyGetDigest ((TPM_CC_t) 0x00000189) +#define TPM_CC_Hash ((TPM_CC_t) 0x0000017d) +#define TPM_CC_VerifySignature ((TPM_CC_t) 0x00000177) +#define TPM_CC_PolicyAuthorize ((TPM_CC_t) 0x0000016a) +#define TPM_CC_TestParms ((TPM_CC_t) 0x0000018a) + +/* Hash algorithm sizes */ +#define TPM_SHA1_DIGEST_SIZE 20 +#define TPM_SHA256_DIGEST_SIZE 32 +#define TPM_SM3_256_DIGEST_SIZE 32 +#define TPM_SHA384_DIGEST_SIZE 48 +#define TPM_SHA512_DIGEST_SIZE 64 + +/* Encryption algorithm sizes */ +#define TPM_MAX_SYM_BLOCK_SIZE 16 +#define TPM_MAX_SYM_DATA 256 +#define TPM_MAX_ECC_KEY_BYTES 128 +#define TPM_MAX_SYM_KEY_BYTES 32 +#define TPM_MAX_RSA_KEY_BYTES 512 + +/* Buffer Size Constants */ +#define TPM_MAX_PCRS 32 +#define TPM_NUM_PCR_BANKS 16 +#define TPM_PCR_SELECT_MAX ((TPM_MAX_PCRS + 7) / 8) +#define TPM_MAX_DIGEST_BUFFER 1024 +#define TPM_MAX_TPM_PROPERTIES 8 +#define TPM_MAX_NV_BUFFER_SIZE 2048 +#define TPM_PRIVATE_VENDOR_SPECIFIC_BYTES 1280 + +/* TPM_GENERATED_t Constants */ +typedef grub_uint32_t TPM_GENERATED_t; + +#define TPM_GENERATED_VALUE ((TPM_GENERATED_t) 0xff544347) + +/* TPM_ALG_ID_t Types */ +typedef TPM_ALG_ID_t TPMI_ALG_PUBLIC_t; +typedef TPM_ALG_ID_t TPMI_ALG_HASH_t; +typedef TPM_ALG_ID_t TPMI_ALG_KEYEDHASH_SCHEME_t; +typedef TPM_ALG_ID_t TPMI_ALG_KDF_t; +typedef TPM_ALG_ID_t TPMI_ALG_SYM_OBJECT_t; +typedef TPM_ALG_ID_t TPMI_ALG_SYM_MODE_t; +typedef TPM_ALG_ID_t TPMI_ALG_RSA_DECRYPT_t; +typedef TPM_ALG_ID_t TPMI_ALG_ECC_SCHEME_t; +typedef TPM_ALG_ID_t TPMI_ALG_ASYM_SCHEME_t; +typedef TPM_ALG_ID_t TPMI_ALG_RSA_SCHEME_t; +typedef TPM_ALG_ID_t TPMI_ALG_SYM_t; +typedef TPM_ALG_ID_t TPMI_ALG_SIG_SCHEME_t; + +/* TPM_KEY_BITS_t Type */ +typedef grub_uint16_t TPM_KEY_BITS_t; + +/* TPMI_ECC_CURVE_t Types */ +typedef TPM_ECC_CURVE_t TPMI_ECC_CURVE_t; + +/* TPMI_RH_PROVISION_t Type */ +typedef TPM_HANDLE_t TPMI_RH_PROVISION_t; + +/* TPMI_RH_PROVISION_t Type */ +typedef TPM_HANDLE_t TPMI_DH_PERSISTENT_t; + +#endif /* ! GRUB_TPM2_INTERNAL_TYPES_HEADER */ -- 2.35.3 _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
