diff --git a/TPMCmd/tpm/include/Global.h b/TPMCmd/tpm/include/Global.h index 8ac80889..438cb425 100644 --- a/TPMCmd/tpm/include/Global.h +++ b/TPMCmd/tpm/include/Global.h @@ -33,10 +33,6 @@ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ -#if !defined _TPM_H_ -#error "Should not be called" -#endif - //** Description // This file contains internal global type definitions and data declarations that @@ -52,6 +48,10 @@ // data is private to the module but is collected here to simplify the management // of the instance data. // All the data is instanced in Global.c. +#if !defined _TPM_H_ +#error "Should not be called" +#endif + //** Includes @@ -104,6 +104,10 @@ typedef BYTE TIME_INFO[sizeof(TPMS_TIME_INFO)]; // A NAME is a BYTE array that can contain a TPMU_NAME typedef BYTE NAME[sizeof(TPMU_NAME)]; +// Definition for a PROOF value +TPM2B_TYPE(PROOF, PROOF_SIZE); + + // A CLOCK_NONCE is used to tag the time value in the authorization session and // in the ticket computation so that the ticket expires when there is a time // discontinuity. When the clock stops during normal operation, the nonce is @@ -518,7 +522,9 @@ extern TPM_HANDLE g_exclusiveAuditSession; //*** g_time // This is the value in which we keep the current command time. This is initialized -// at the start of each command. The time is in mS. +// at the start of each command. The time is the accumulated time since the last +// time that the TPM's timer was last powered up. Clock is the accumulated time +// since the last time that the TPM was cleared. g_time is in mS. extern UINT64 g_time; //*** g_timeEpoch @@ -715,9 +721,9 @@ typedef struct // Note there is a nullSeed in the state_reset memory. // Hierarchy proofs - TPM2B_AUTH phProof; - TPM2B_AUTH shProof; - TPM2B_AUTH ehProof; + TPM2B_PROOF phProof; + TPM2B_PROOF shProof; + TPM2B_PROOF ehProof; // Note there is a nullProof in the state_reset memory. //********************************************************************************* @@ -944,7 +950,7 @@ typedef struct state_reset_data //***************************************************************************** // Hierarchy Control //***************************************************************************** - TPM2B_AUTH nullProof; // The proof value associated with + TPM2B_PROOF nullProof; // The proof value associated with // the TPM_RH_NULL hierarchy. The // default reset value is from the RNG. diff --git a/TPMCmd/tpm/include/GpMacros.h b/TPMCmd/tpm/include/GpMacros.h index c755864f..a96282f6 100644 --- a/TPMCmd/tpm/include/GpMacros.h +++ b/TPMCmd/tpm/include/GpMacros.h @@ -210,8 +210,72 @@ #define CONTEXT_INTEGRITY_HASH_SIZE CONCAT(CONTEXT_HASH_ALGORITHM, _DIGEST_SIZE) #endif +#ifdef TPM_ALG_RSA +#define RSA_SECURITY_STRENGTH (MAX_RSA_KEY_BITS >= 15360 ? 256 : \ + (MAX_RSA_KEY_BITS >= 7680 ? 192 : \ + (MAX_RSA_KEY_BITS >= 3072 ? 128 : \ + (MAX_RSA_KEY_BITS >= 2048 ? 112 : \ + (MAX_RSA_KEY_BITS >= 1024 ? 80 : 0))))) +#else +#define RSA_SECURITY_STRENGTH 0 +#endif + +#ifdef TPM_ALG_ECC +#define ECC_SECURITY_STRENGTH (MAX_ECC_KEY_BITS >= 521 ? 256 : \ + (MAX_ECC_KEY_BITS >= 384 ? 192 : \ + (MAX_ECC_KEY_BITS >= 256 ? 128 : 0))) +#else +#define ECC_SECURITY_STRENGTH 0 +#endif // TPM_AGL_ECC + +#define MAX_ASYM_SECURITY_STRENGTH \ + MAX(RSA_SECURITY_STRENGTH, ECC_SECURITY_STRENGTH) + +#define MAX_HASH_SECURITY_STRENGTH ((CONTEXT_INTEGRITY_HASH_SIZE * 8) / 2) + +// Unless some algorithm is broken... +#define MAX_SYM_SECURITY_STRENGTH MAX_SYM_KEY_BITS + +#define MAX_SECURITY_STRENGTH_BITS \ + MAX(MAX_ASYM_SECURITY_STRENGTH, \ + MAX(MAX_SYM_SECURITY_STRENGTH, \ + MAX_HASH_SECURITY_STRENGTH)) + +// This is the size that was used before the 1.38 errata requiring that P1.14.4 be +// followed +#define PROOF_SIZE CONTEXT_INTEGRITY_HASH_SIZE + +// As required by P1.14.4 +#define COMPLIANT_PROOF_SIZE \ + (MAX(CONTEXT_INTEGRITY_HASH_SIZE, (2 * MAX_SYM_KEY_BYTES))) + +// As required by P1.14.3.1 +#define COMPLIANT_PRIMARY_SEED_SIZE \ + BITS_TO_BYTES(MAX_SECURITY_STRENGTH_BITS * 2) + +// This is the pre-errata version +#ifndef PRIMARY_SEED_SIZE +# define PRIMARY_SEED_SIZE PROOF_SIZE +#endif + +#ifdef USE_SPEC_COMPLIANT_PROOFS +# undef PROOF_SIZE +# define PROOF_SIZE COMPLIANT_PROOF_SIZE +# undef PRIMARY_SEED_SIZE +# define PRIMARY_SEED_SIZE COMPLIANT_PRIMARY_SEED_SIZE +#endif // USE_SPEC_COMPLIANT_PROOFS || !defined PRIMARY_SEED_SIZE + +#ifndef SKIP_PROOF_ERRORS +# if PROOF_SIZE < COMPLIANT_PROOF_SIZE +# error "PROOF_SIZE is not compliant with TPM specification" +# endif +# if PRIMARY_SEED_SIZE < COMPLIANT_PRIMARY_SEED_SIZE +# error "Implementation.h specifies a non-compliant PRIMARY_SEED_SIZE" +# endif +#endif + + -#define PROOF_SIZE CONTEXT_INTEGRITY_HASH_SIZE // If CONTEXT_ENCRYP_ALG is defined, then the vendor is using the old style table #ifndef CONTEXT_ENCRYPT_ALG @@ -221,10 +285,10 @@ #define CONTEXT_ENCRYPT_KEY_BYTES ((CONTEXT_ENCRYPT_KEY_BITS+7)/8) #endif -#if ALG_ECC -# define LABEL_MAX_BUFFER MAX_ECC_KEY_BYTES -#else -# define LABEL_MAX_BUFFER MAX_DIGEST_SIZE +// This is updated to follow the requirement of P2 that the label not be larger +// than 32 bytes. +#ifndef LABEL_MAX_BUFFER +#define LABEL_MAX_BUFFER MIN(32, MIN(MAX_ECC_KEY_BYTES, MAX_DIGEST_SIZE)) #endif // This bit is used to indicate that an authorization ticket expires on TPM Reset diff --git a/TPMCmd/tpm/include/TpmBuildSwitches.h b/TPMCmd/tpm/include/TpmBuildSwitches.h index 86e5bc3f..de60f910 100644 --- a/TPMCmd/tpm/include/TpmBuildSwitches.h +++ b/TPMCmd/tpm/include/TpmBuildSwitches.h @@ -190,4 +190,17 @@ #define ACCUMULATE_SELF_HEAL_TIMER #endif // ACCUMULATE_SELF_HEAL_TIMER +// If the implementation is to compute the sizes of the proof and primary seed size +// values based on the implemented algorithms, then use this define. +#ifndef USE_SPEC_COMPLIANT_PROOFS +#define USE_SPEC_COMPLIANT_PROOFS +#endif + +// Comment this out to allow compile to continue even though the chosen proof values +// do not match the compliant values. This is written so that someone would +// have to proactively ignore errors. +#ifndef SKIP_PROOF_ERRORS +//#define SKIP_PROOF_ERRORS +#endif + #endif // _TPM_BUILD_SWITCHES_H_ \ No newline at end of file diff --git a/TPMCmd/tpm/include/TpmTypes.h b/TPMCmd/tpm/include/TpmTypes.h index 5ae3d4e6..0f4ed088 100644 --- a/TPMCmd/tpm/include/TpmTypes.h +++ b/TPMCmd/tpm/include/TpmTypes.h @@ -60,7 +60,7 @@ typedef UINT32 TPM_SPEC; #define TPM_SPEC_VERSION (TPM_SPEC)(SPEC_VERSION) #define SPEC_YEAR 2017 #define TPM_SPEC_YEAR (TPM_SPEC)(SPEC_YEAR) -#define SPEC_DAY_OF_YEAR 61 +#define SPEC_DAY_OF_YEAR 107 #define TPM_SPEC_DAY_OF_YEAR (TPM_SPEC)(SPEC_DAY_OF_YEAR) // Table 2:7 - Definition of TPM_GENERATED Constants (EnumTable) diff --git a/TPMCmd/tpm/include/VendorString.h b/TPMCmd/tpm/include/VendorString.h index cfc4e59c..7b8b8402 100644 --- a/TPMCmd/tpm/include/VendorString.h +++ b/TPMCmd/tpm/include/VendorString.h @@ -75,7 +75,7 @@ string. // A vendor-specific FIRMWARE_V1 is required here. It is // the more significant 32-bits of a vendor-specific value // indicating the version of the firmware -//#define FIRMWARE_V1 (0x20170302) +//#define FIRMWARE_V1 (0x20170417) // A vendor-specific FIRMWARE_V2 may be provided here. If present, it is the less // significant 32-bits of the version of the firmware. diff --git a/TPMCmd/tpm/include/prototypes/Hierarchy_fp.h b/TPMCmd/tpm/include/prototypes/Hierarchy_fp.h index e9562996..825e6700 100644 --- a/TPMCmd/tpm/include/prototypes/Hierarchy_fp.h +++ b/TPMCmd/tpm/include/prototypes/Hierarchy_fp.h @@ -34,7 +34,7 @@ */ /*(Auto) Automatically Generated by TpmPrototypes version 2.2 February 10, 2016 - Date: Sep 22, 2016 Time: 05:27:05 PM + Date: Sep 9, 2016 Time: 01:03:57 PM */ #ifndef _HIERARCHY_FP_H_ @@ -61,7 +61,7 @@ HierarchyStartup( //*** HierarchyGetProof() // This function finds the proof value associated with a hierarchy.It returns a // pointer to the proof value. -TPM2B_AUTH * +TPM2B_PROOF * HierarchyGetProof( TPMI_RH_HIERARCHY hierarchy // IN: hierarchy constant ); diff --git a/TPMCmd/tpm/src/command/Context/Context_spt.c b/TPMCmd/tpm/src/command/Context/Context_spt.c index 362ab683..481727a1 100644 --- a/TPMCmd/tpm/src/command/Context/Context_spt.c +++ b/TPMCmd/tpm/src/command/Context/Context_spt.c @@ -68,7 +68,7 @@ ComputeContextProtectionKey( { UINT16 symKeyBits; // number of bits in the parent's // symmetric key - TPM2B_AUTH *proof = NULL; // the proof value to use. Is null for + TPM2B_PROOF *proof = NULL; // the proof value to use. Is null for // everything but a primary object in // the Endorsement Hierarchy @@ -144,7 +144,7 @@ ComputeContextIntegrity( ) { HMAC_STATE hmacState; - TPM2B_AUTH *proof; + TPM2B_PROOF *proof; UINT16 integritySize; // Get proof value diff --git a/TPMCmd/tpm/src/command/Hierarchy/ChangeEPS.c b/TPMCmd/tpm/src/command/Hierarchy/ChangeEPS.c index e8b47428..1c586655 100644 --- a/TPMCmd/tpm/src/command/Hierarchy/ChangeEPS.c +++ b/TPMCmd/tpm/src/command/Hierarchy/ChangeEPS.c @@ -57,10 +57,10 @@ TPM2_ChangeEPS( // Internal Data Update // Reset endorsement hierarchy seed from RNG - CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.EPSeed.t.buffer); + CryptRandomGenerate(sizeof(gp.EPSeed.t.buffer), gp.EPSeed.t.buffer); // Create new ehProof value from RNG - CryptRandomGenerate(PROOF_SIZE, gp.ehProof.t.buffer); + CryptRandomGenerate(sizeof(gp.ehProof.t.buffer), gp.ehProof.t.buffer); // Enable endorsement hierarchy gc.ehEnable = TRUE; diff --git a/TPMCmd/tpm/src/command/Hierarchy/ChangePPS.c b/TPMCmd/tpm/src/command/Hierarchy/ChangePPS.c index ac699989..7680cb2e 100644 --- a/TPMCmd/tpm/src/command/Hierarchy/ChangePPS.c +++ b/TPMCmd/tpm/src/command/Hierarchy/ChangePPS.c @@ -53,16 +53,16 @@ TPM2_ChangePPS( RETURN_IF_NV_IS_NOT_AVAILABLE; // Input parameter is not reference in command action - in = NULL; + NOT_REFERENCED(in); // Internal Data Update // Reset platform hierarchy seed from RNG - CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.PPSeed.t.buffer); + CryptRandomGenerate(sizeof(gp.PPSeed.t.buffer), gp.PPSeed.t.buffer); // Create a new phProof value from RNG to prevent the saved platform // hierarchy contexts being loaded - CryptRandomGenerate(PROOF_SIZE, gp.phProof.t.buffer); + CryptRandomGenerate(sizeof(gp.phProof.t.buffer), gp.phProof.t.buffer); // Set platform authPolicy to null gc.platformAlg = TPM_ALG_NULL; diff --git a/TPMCmd/tpm/src/command/Hierarchy/Clear.c b/TPMCmd/tpm/src/command/Hierarchy/Clear.c index 65dba783..959c171d 100644 --- a/TPMCmd/tpm/src/command/Hierarchy/Clear.c +++ b/TPMCmd/tpm/src/command/Hierarchy/Clear.c @@ -65,11 +65,11 @@ TPM2_Clear( // Internal Data Update // Reset storage hierarchy seed from RNG - CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.SPSeed.t.buffer); + CryptRandomGenerate(sizeof(gp.SPSeed.t.buffer), gp.SPSeed.t.buffer); // Create new shProof and ehProof value from RNG - CryptRandomGenerate(PROOF_SIZE, gp.shProof.t.buffer); - CryptRandomGenerate(PROOF_SIZE, gp.ehProof.t.buffer); + CryptRandomGenerate(sizeof(gp.shProof.t.buffer), gp.shProof.t.buffer); + CryptRandomGenerate(sizeof(gp.ehProof.t.buffer), gp.ehProof.t.buffer); // Enable storage and endorsement hierarchy gc.shEnable = gc.ehEnable = TRUE; diff --git a/TPMCmd/tpm/src/crypt/Ticket.c b/TPMCmd/tpm/src/crypt/Ticket.c index 5f2623ad..d795945a 100644 --- a/TPMCmd/tpm/src/crypt/Ticket.c +++ b/TPMCmd/tpm/src/crypt/Ticket.c @@ -93,7 +93,7 @@ TicketComputeVerified( TPMT_TK_VERIFIED *ticket // OUT: verified ticket ) { - TPM2B_AUTH *proof; + TPM2B_PROOF *proof; HMAC_STATE hmacState; // // Fill in ticket fields @@ -147,7 +147,7 @@ TicketComputeAuth( TPMT_TK_AUTH *ticket // OUT: Created ticket ) { - TPM2B_AUTH *proof; + TPM2B_PROOF *proof; HMAC_STATE hmacState; // // Get proper proof @@ -206,7 +206,7 @@ TicketComputeHashCheck( TPMT_TK_HASHCHECK *ticket // OUT: Created ticket ) { - TPM2B_AUTH *proof; + TPM2B_PROOF *proof; HMAC_STATE hmacState; // // Get proper proof @@ -251,7 +251,7 @@ TicketComputeCreation( TPMT_TK_CREATION *ticket // OUT: created ticket ) { - TPM2B_AUTH *proof; + TPM2B_PROOF *proof; HMAC_STATE hmacState; // Get proper proof diff --git a/TPMCmd/tpm/src/subsystem/Hierarchy.c b/TPMCmd/tpm/src/subsystem/Hierarchy.c index 032ae528..5479482e 100644 --- a/TPMCmd/tpm/src/subsystem/Hierarchy.c +++ b/TPMCmd/tpm/src/subsystem/Hierarchy.c @@ -57,15 +57,15 @@ HierarchyPreInstall_Init( gp.disableClear = FALSE; // Initialize Primary Seeds - gp.EPSeed.t.size = PRIMARY_SEED_SIZE; - CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.EPSeed.t.buffer); - gp.SPSeed.t.size = PRIMARY_SEED_SIZE; - CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.SPSeed.t.buffer); - gp.PPSeed.t.size = PRIMARY_SEED_SIZE; + gp.EPSeed.t.size = sizeof(gp.EPSeed.t.buffer); + gp.SPSeed.t.size = sizeof(gp.SPSeed.t.buffer); + gp.PPSeed.t.size = sizeof(gp.PPSeed.t.buffer); + CryptRandomGenerate(gp.EPSeed.t.size, gp.EPSeed.t.buffer); + CryptRandomGenerate(gp.SPSeed.t.size, gp.SPSeed.t.buffer); #ifdef USE_PLATFORM_EPS - _plat__GetEPS(PRIMARY_SEED_SIZE, gp.EPSeed.t.buffer); + _plat__GetEPS(gp.PPSeed.t.size, gp.EPSeed.t.buffer); #else - CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.PPSeed.t.buffer); + CryptRandomGenerate(gp.PPSeed.t.size, gp.PPSeed.t.buffer); #endif // Initialize owner, endorsement and lockout auth @@ -82,9 +82,9 @@ HierarchyPreInstall_Init( gp.lockoutPolicy.t.size = 0; // Initialize ehProof, shProof and phProof - gp.phProof.t.size = PROOF_SIZE; - gp.shProof.t.size = PROOF_SIZE; - gp.ehProof.t.size = PROOF_SIZE; + gp.phProof.t.size = sizeof(gp.phProof.t.buffer); + gp.shProof.t.size = sizeof(gp.shProof.t.buffer); + gp.ehProof.t.size = sizeof(gp.ehProof.t.buffer); CryptRandomGenerate(gp.phProof.t.size, gp.phProof.t.buffer); CryptRandomGenerate(gp.shProof.t.size, gp.shProof.t.buffer); CryptRandomGenerate(gp.ehProof.t.size, gp.ehProof.t.buffer); @@ -135,11 +135,10 @@ HierarchyStartup( // nullProof and nullSeed are updated at every TPM_RESET if((type != SU_RESTART) && (type != SU_RESUME)) { - gr.nullProof.t.size = PROOF_SIZE; - CryptRandomGenerate(gr.nullProof.t.size, - gr.nullProof.t.buffer); - gr.nullSeed.t.size = PRIMARY_SEED_SIZE; - CryptRandomGenerate(PRIMARY_SEED_SIZE, gr.nullSeed.t.buffer); + gr.nullProof.t.size = sizeof(gr.nullProof.t.buffer); + CryptRandomGenerate(gr.nullProof.t.size, gr.nullProof.t.buffer); + gr.nullSeed.t.size = sizeof(gr.nullProof.t.buffer); + CryptRandomGenerate(gr.nullProof.t.size, gr.nullSeed.t.buffer); } return; @@ -148,36 +147,36 @@ HierarchyStartup( //*** HierarchyGetProof() // This function finds the proof value associated with a hierarchy.It returns a // pointer to the proof value. -TPM2B_AUTH * +TPM2B_PROOF * HierarchyGetProof( TPMI_RH_HIERARCHY hierarchy // IN: hierarchy constant ) { - TPM2B_AUTH *auth = NULL; + TPM2B_PROOF *proof = NULL; switch(hierarchy) { case TPM_RH_PLATFORM: // phProof for TPM_RH_PLATFORM - auth = &gp.phProof; + proof = &gp.phProof; break; case TPM_RH_ENDORSEMENT: // ehProof for TPM_RH_ENDORSEMENT - auth = &gp.ehProof; + proof = &gp.ehProof; break; case TPM_RH_OWNER: // shProof for TPM_RH_OWNER - auth = &gp.shProof; + proof = &gp.shProof; break; case TPM_RH_NULL: // nullProof for TPM_RH_NULL - auth = &gr.nullProof; + proof = &gr.nullProof; break; default: FAIL(FATAL_ERROR_INTERNAL); break; } - return auth; + return proof; } //*** HierarchyGetPrimarySeed()