1 /*
2 * Copyright (c) 2010-2012 United States Government, as represented by
3 * the Secretary of Defense. All rights reserved.
4 *
5 * based off of the original tools/vtpm_manager code base which is:
6 * Copyright (c) 2005, Intel Corp.
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * * Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * * Redistributions in binary form must reproduce the above
16 * copyright notice, this list of conditions and the following
17 * disclaimer in the documentation and/or other materials provided
18 * with the distribution.
19 * * Neither the name of Intel Corporation nor the names of its
20 * contributors may be used to endorse or promote products derived
21 * from this software without specific prior written permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
24 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
25 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
26 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
27 * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
28 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
29 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
30 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
31 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
32 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
33 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
34 * OF THE POSSIBILITY OF SUCH DAMAGE.
35 */
36
37 #ifndef VTPMMGR_H
38 #define VTPMMGR_H
39
40 #include <mini-os/tpmback.h>
41 #include <polarssl/entropy.h>
42 #include <polarssl/ctr_drbg.h>
43
44 #include "uuid.h"
45 #include "tcg.h"
46 #include "vtpm_manager.h"
47 #include "tpm2_types.h"
48
49 #define TPM2_EXTRA_OPT "tpm2=1"
50 #define RSA_KEY_SIZE 0x0800
51 #define RSA_CIPHER_SIZE (RSA_KEY_SIZE / 8)
52
53 enum {
54 TPM1_HARDWARE = 1,
55 TPM2_HARDWARE,
56 } tpm_version;
57
58 struct tpm_hardware_version {
59 int hw_version;
60 };
61
62 extern struct tpm_hardware_version hardware_version;
63
64 struct vtpm_globals {
65 int tpm_fd;
66 TPM_AUTH_SESSION oiap; // OIAP session for storageKey
67
68 TPM_AUTHDATA owner_auth;
69 TPM_AUTHDATA srk_auth;
70
71 entropy_context entropy;
72 ctr_drbg_context ctr_drbg;
73
74 int hw_locality;
75
76 /* TPM 2.0 */
77 TPM_AuthArea pw_auth;
78 TPM_AuthArea srk_auth_area;
79 TPM2_HANDLE srk_handle;
80 TPM2_HANDLE sk_handle;
81 TPM2B_NAME sk_name;
82 TPM2_RSA_KEY tpm2_storage_key;
83 };
84
85 struct tpm_opaque {
86 uuid_t *uuid;
87 struct mem_group *group;
88 struct mem_vtpm *vtpm;
89
90 domid_t domid;
91 unsigned int handle;
92
93 uint8_t kern_hash[20];
94 };
95
96 // --------------------------- Global Values --------------------------
97 extern struct vtpm_globals vtpm_globals; // Key info and DMI states
98
99 TPM_RESULT vtpmmgr_init(int argc, char** argv);
100 void vtpmmgr_shutdown(void);
101
102 TPM_RESULT vtpmmgr_handle_cmd(struct tpm_opaque *opq, tpmcmd_t* tpmcmd);
103
vtpmmgr_rand(unsigned char * bytes,size_t num_bytes)104 inline TPM_RESULT vtpmmgr_rand(unsigned char* bytes, size_t num_bytes) {
105 return ctr_drbg_random(&vtpm_globals.ctr_drbg, bytes, num_bytes) == 0 ? 0 : TPM_FAIL;
106 }
107
108 /* TPM 2.0 */
109 TPM_RC tpm2_take_ownership(void);
110 TPM_RC tpm2_pcr_read(int index, uint8_t *buf);
111 TPM_RESULT vtpmmgr2_create(void);
112 TPM_RESULT vtpmmgr2_init(int argc, char** argv);
113 int parse_cmdline_hw(int argc, char** argv);
114 int hw_is_tpm2(void);
115
116 #endif
117