VirtualBox

source: vbox/trunk/include/iprt/formats/tpm.h@ 104923

Last change on this file since 104923 was 104923, checked in by vboxsync, 7 months ago

Devices/Trace: Some more TPM trace decoding, bugref:10701

  • Property svn:eol-style set to native
  • Property svn:keywords set to Author Date Id Revision
File size: 31.8 KB
Line 
1/* $Id: tpm.h 104923 2024-06-14 15:15:25Z vboxsync $ */
2/** @file
3 * IPRT, TPM common definitions (this is actually a protocol and not a format).
4 */
5
6/*
7 * Copyright (C) 2021-2024 Oracle and/or its affiliates.
8 *
9 * This file is part of VirtualBox base platform packages, as
10 * available from https://www.virtualbox.org.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation, in version 3 of the
15 * License.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 * General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License
23 * along with this program; if not, see <https://www.gnu.org/licenses>.
24 *
25 * The contents of this file may alternatively be used under the terms
26 * of the Common Development and Distribution License Version 1.0
27 * (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
28 * in the VirtualBox distribution, in which case the provisions of the
29 * CDDL are applicable instead of those of the GPL.
30 *
31 * You may elect to license modified versions of this file under the
32 * terms and conditions of either the GPL or the CDDL or both.
33 *
34 * SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
35 */
36
37#ifndef IPRT_INCLUDED_formats_tpm_h
38#define IPRT_INCLUDED_formats_tpm_h
39#ifndef RT_WITHOUT_PRAGMA_ONCE
40# pragma once
41#endif
42
43#include <iprt/asm.h>
44#include <iprt/cdefs.h>
45#include <iprt/types.h>
46#include <iprt/assertcompile.h>
47#include <iprt/string.h>
48
49
50/** A TPM generic handle (TPM_HANDLE). */
51typedef uint32_t TPMHANDLE;
52/** TPM interface object handle. */
53typedef TPMHANDLE TPMIDHOBJECT;
54
55/** A TPM boolean value (TPMI_YES_NO). */
56typedef uint8_t TPMYESNO;
57/** A No aka False value for TPMYESNO. */
58#define TPMYESNO_NO 0
59/** A Yes aka True value for TPMYESNO. */
60#define TPMYESNO_YES 1
61
62/** A TPM capability value (TPM_CAP). */
63typedef uint32_t TPMCAP;
64
65
66/**
67 * TPM sized buffer.
68 */
69#pragma pack(1)
70typedef struct TPMBUF
71{
72 /** Size of the buffer in bytes - can be 0. */
73 uint16_t u16Size;
74 /** Buffer area. */
75 uint8_t abBuf[RT_FLEXIBLE_ARRAY_NESTED];
76} TPMBUF;
77#pragma pack()
78/** Pointer to a TPM buffer. */
79typedef TPMBUF *PTPMBUF;
80/** Pointer to a const TPM buffer. */
81typedef const TPMBUF *PCTPMBUF;
82
83
84
85/**
86 * TPM request header (everything big endian).
87 */
88#pragma pack(1)
89typedef struct TPMREQHDR
90{
91 /** The tag for this request. */
92 uint16_t u16Tag;
93 /** Size of the request in bytes. */
94 uint32_t cbReq;
95 /** The request ordinal to execute. */
96 uint32_t u32Ordinal;
97} TPMREQHDR;
98#pragma pack()
99AssertCompileSize(TPMREQHDR, 2 + 4 + 4);
100/** Pointer to a TPM request header. */
101typedef TPMREQHDR *PTPMREQHDR;
102/** Pointer to a const TPM request header. */
103typedef const TPMREQHDR *PCTPMREQHDR;
104
105
106/**
107 * TPM response header (everything big endian).
108 */
109#pragma pack(1)
110typedef struct TPMRESPHDR
111{
112 /** The tag for this request. */
113 uint16_t u16Tag;
114 /** Size of the response in bytes. */
115 uint32_t cbResp;
116 /** The error code for the response. */
117 uint32_t u32ErrCode;
118} TPMRESPHDR;
119#pragma pack()
120AssertCompileSize(TPMRESPHDR, 2 + 4 + 4);
121/** Pointer to a TPM response header. */
122typedef TPMRESPHDR *PTPMRESPHDR;
123/** Pointer to a const TPM response header. */
124typedef const TPMRESPHDR *PCTPMRESPHDR;
125
126
127/** @name TPM 1.2 request tags
128 * @{ */
129/** Command with no authentication. */
130#define TPM_TAG_RQU_COMMAND UINT16_C(0x00c1)
131/** An authenticated command with one authentication handle. */
132#define TPM_TAG_RQU_AUTH1_COMMAND UINT16_C(0x00c2)
133/** An authenticated command with two authentication handles. */
134#define TPM_TAG_RQU_AUTH2_COMMAND UINT16_C(0x00c3)
135/** @} */
136
137
138/** @name TPM 2.0 request/response tags
139 * @{ */
140/** Command with no associated session. */
141#define TPM2_ST_NO_SESSIONS UINT16_C(0x8001)
142/** Command with an associated session. */
143#define TPM2_ST_SESSIONS UINT16_C(0x8002)
144/** @} */
145
146
147/** @name TPM 1.2 request ordinals.
148 * @{ */
149/** Perform a full self test. */
150#define TPM_ORD_SELFTESTFULL UINT32_C(80)
151/** Continue the selftest. */
152#define TPM_ORD_CONTINUESELFTEST UINT32_C(83)
153/** Return the test result. */
154#define TPM_ORD_GETTESTRESULT UINT32_C(84)
155/** Get a capability. */
156#define TPM_ORD_GETCAPABILITY UINT32_C(101)
157/** @} */
158
159
160/** @name TPM 2.0 Algorithm ID codes.
161 * @{ */
162/** Invalid algorithm ID - should not occur. */
163#define TPM2_ALG_ERROR UINT16_C(0x0000)
164/** RSA algorithm ID. */
165#define TPM2_ALG_RSA UINT16_C(0x0001)
166/** TDES (Triple Data Encryption Standard) algorithm ID. */
167#define TPM2_ALG_TDES UINT16_C(0x0003)
168/** SHA1 algorithm ID. */
169#define TPM2_ALG_SHA1 UINT16_C(0x0004)
170/** HMAC (Hash Message Authentication Code) algorithm ID. */
171#define TPM2_ALG_HMAC UINT16_C(0x0005)
172/** AES algorithm ID. */
173#define TPM2_ALG_AES UINT16_C(0x0006)
174/** Hash-based mask-generation function algorithm ID. */
175#define TPM2_ALG_MGF1 UINT16_C(0x0007)
176/** Object type that may use XOR for encryption or an HMAC for signing. */
177#define TPM2_ALG_KEYEDHASH UINT16_C(0x0008)
178/** XOR algorithm ID. */
179#define TPM2_ALG_XOR UINT16_C(0x000a)
180/** SHA256 algorithm ID. */
181#define TPM2_ALG_SHA256 UINT16_C(0x000b)
182/** SHA384 algorithm ID. */
183#define TPM2_ALG_SHA384 UINT16_C(0x000c)
184/** SHA512 algorithm ID. */
185#define TPM2_ALG_SHA512 UINT16_C(0x000d)
186/** SHA256 with only 192 most significant bits algorithm ID. */
187#define TPM2_ALG_SHA256_192 UINT16_C(0x000e)
188/** Null algorithm ID. */
189#define TPM2_ALG_NULL UINT16_C(0x0010)
190/** SM3 hash algorithm ID. */
191#define TPM2_ALG_SM3_256 UINT16_C(0x0012)
192/** SM4 symmetric block cipher algorithm ID. */
193#define TPM2_ALG_SM4 UINT16_C(0x0013)
194/** RSASSA-PKCS1-v1_5 signature algorithm ID. */
195#define TPM2_ALG_RSASSA UINT16_C(0x0014)
196/** RSAES-PKCS1-v1_5 padding algorithm ID. */
197#define TPM2_ALG_RSAES UINT16_C(0x0015)
198/** RSASSA-PSS signature algorithm ID. */
199#define TPM2_ALG_RSAPSS UINT16_C(0x0016)
200/** RSAES_OAEP padding algorithm ID. */
201#define TPM2_ALG_OAEP UINT16_C(0x0017)
202/** Elliptic curve cryptography signature algorithm ID. */
203#define TPM2_ALG_ECDSA UINT16_C(0x0018)
204/** Secret sharing using ECC algorithm ID. */
205#define TPM2_ALG_ECDH UINT16_C(0x0019)
206/** Elliptic curve based anonymous signing scheme algorithm ID. */
207#define TPM2_ALG_ECDAA UINT16_C(0x001a)
208/** SM2 algorithm ID. */
209#define TPM2_ALG_SM2 UINT16_C(0x001b)
210/** Elliptic-curve based Schnorr signature algorithm ID. */
211#define TPM2_ALG_ECSCHNORR UINT16_C(0x001c)
212/** Two phase elliptic curve key exchange algorithm ID. */
213#define TPM2_ALG_ECMQV UINT16_C(0x001d)
214/** NIST SP800-56A Concatenation key derivation function algorithm ID. */
215#define TPM2_ALG_KDF1_SP800_56A UINT16_C(0x0020)
216/** Key derivation function KDF2 algorithm ID. */
217#define TPM2_ALG_KDF2 UINT16_C(0x0021)
218/** NIST SP800-108 key derivation function algorithm ID. */
219#define TPM2_ALG_KDF1_SP800_108 UINT16_C(0x0022)
220/** Prime field ECC algorithm ID. */
221#define TPM2_ALG_ECC UINT16_C(0x0023)
222/** Object type for a symmetric block cipher algorithm ID. */
223#define TPM2_ALG_SYMCIPHER UINT16_C(0x0025)
224/** Camellia symmetric block cipher algorithm ID. */
225#define TPM2_ALG_CAMELLIA UINT16_C(0x0026)
226/** SHA3 hash algorithm ID - produces 256-bit digest. */
227#define TPM2_ALG_SHA3_256 UINT16_C(0x0027)
228/** SHA3 hash algorithm ID - produces 384-bit digest. */
229#define TPM2_ALG_SHA3_384 UINT16_C(0x0028)
230/** SHA3 hash algorithm ID - produces 512-bit digest. */
231#define TPM2_ALG_SHA3_512 UINT16_C(0x0029)
232/** ISO/IEC 10118-3 extendable output function algorithm ID - provides 128-bits of collision and preimage resistance. */
233#define TPM2_ALG_SHAKE128 UINT16_C(0x002a)
234/** ISO/IEC 10118-3 extendable output function algorithm ID - provides 256-bits of collision and preimage resistance. */
235#define TPM2_ALG_SHAKE256 UINT16_C(0x002b)
236/** ISO/IEC 10118-3 extendable output function algorithm ID - the first 192 bits of SHAKE256 output. */
237#define TPM2_ALG_SHAKE256_192 UINT16_C(0x002c)
238/** ISO/IEC 10118-3 extendable output function algorithm ID - the first 256 bits of SHAKE256 output. */
239#define TPM2_ALG_SHAKE256_256 UINT16_C(0x002d)
240/** ISO/IEC 10118-3 extendable output function algorithm ID - the first 512 bits of SHAKE256 output. */
241#define TPM2_ALG_SHAKE256_512 UINT16_C(0x002e)
242/** ISO/IEC 9797-1:2011 Block Cipher based Message Authentication Code algorithm ID. */
243#define TPM2_ALG_CMAC UINT16_C(0x003f)
244/** ISO/IEC 10116 Counter mode for symmetric block ciphers algorithm ID. */
245#define TPM2_ALG_CTR UINT16_C(0x0040)
246/** ISO/IEC 10116 Output feedback mode for symmetric block ciphers algorithm ID. */
247#define TPM2_ALG_OFB UINT16_C(0x0041)
248/** ISO/IEC 10116 Cipher Block Chaining mode for symmetric block ciphers algorithm ID. */
249#define TPM2_ALG_CBC UINT16_C(0x0042)
250/** ISO/IEC 10116 Cipher Feedback mode for symmetric block ciphers algorithm ID. */
251#define TPM2_ALG_CFB UINT16_C(0x0043)
252/** ISO/IEC 10116 Electronic codebook mode for symmetric block ciphers algorithm ID. */
253#define TPM2_ALG_ECB UINT16_C(0x0044)
254/** NIST SP800-38C Counter with Cipher Block Chaining Message Authentication Code algorithm ID. */
255#define TPM2_ALG_CCM UINT16_C(0x0050)
256/** NIST SP800-38D Galois/Counter Mode algorithm ID. */
257#define TPM2_ALG_GCM UINT16_C(0x0051)
258/** NIST SP800-38F AES Key Wrap (KW) algorithm ID. */
259#define TPM2_ALG_KW UINT16_C(0x0052)
260/** NIST SP800-38F AES Key Wrap with Padding (KWP) algorithm ID. */
261#define TPM2_ALG_KWP UINT16_C(0x0053)
262/** ISO/IEC 19772 Authentication Encryption Mode algorithm ID. */
263#define TPM2_ALG_EAX UINT16_C(0x0054)
264/** IETF RFC 8083 Edwards curve Digital Signature Algorithm (PureEdDSA) algorithm ID. */
265#define TPM2_ALG_EDDSA UINT16_C(0x0060)
266/** IETF RFC 8082 Edwards curve Digital Signature Algorithm (HashEdDSA) algorithm ID. */
267#define TPM2_ALG_EDDSA_PH UINT16_C(0x0061)
268/** NIST SP800-208 Leighton-Micali Signatures algorithm ID. */
269#define TPM2_ALG_LMS UINT16_C(0x0070)
270/** NIST SP800-208 eXtended Merkle Signature Scheme algorithm ID. */
271#define TPM2_ALG_XMSS UINT16_C(0x0071)
272/** Keyed XOF algorithm ID. */
273#define TPM2_ALG_KEYEDXOF UINT16_C(0x0080)
274/** NIST SP800-185 Keyed XOF providing 128-bit security strength algorithm ID. */
275#define TPM2_ALG_KMACXOF128 UINT16_C(0x0081)
276/** NIST SP800-185 Keyed XOF providing 256-bit security strength algorithm ID. */
277#define TPM2_ALG_KMACXOF256 UINT16_C(0x0082)
278/** NIST SP800-185 Variable length MAC providing 128-bit security strength algorithm ID. */
279#define TPM2_ALG_KMAC128 UINT16_C(0x0090)
280/** NIST SP800-185 Variable length MAC providing 256-bit security strength algorithm ID. */
281#define TPM2_ALG_KMAC256 UINT16_C(0x0091)
282/** @} */
283
284
285/** @name TPM 2.0 ECC Curve codes.
286 * @{ */
287#define TPM2_ECC_NONE UINT16_C(0x0000)
288#define TPM2_ECC_NIST_P192 UINT16_C(0x0001)
289#define TPM2_ECC_NIST_P224 UINT16_C(0x0002)
290#define TPM2_ECC_NIST_P256 UINT16_C(0x0003)
291#define TPM2_ECC_NIST_P384 UINT16_C(0x0004)
292#define TPM2_ECC_NIST_P521 UINT16_C(0x0005)
293#define TPM2_ECC_BN_P256 UINT16_C(0x0010)
294#define TPM2_ECC_BN_P638 UINT16_C(0x0011)
295#define TPM2_ECC_SM2_P256 UINT16_C(0x0020)
296#define TPM2_ECC_BP_P256_R1 UINT16_C(0x0030)
297#define TPM2_ECC_BP_P384_R1 UINT16_C(0x0031)
298#define TPM2_ECC_BP_P512_R1 UINT16_C(0x0032)
299#define TPM2_ECC_CURVE_25519 UINT16_C(0x0040)
300#define TPM2_ECC_CURVE_448 UINT16_C(0x0041)
301/** @} */
302
303
304/** @name TPM 2.0 command codes.
305 * @{ */
306#define TPM2_CC_NV_UNDEFINE_SPACE_SPECIAL UINT32_C(0x11f)
307#define TPM2_CC_EVICT_CONTROL UINT32_C(0x120)
308#define TPM2_CC_HIERARCHY_CONTROL UINT32_C(0x121)
309#define TPM2_CC_NV_UNDEFINE_SPACE UINT32_C(0x122)
310#define TPM2_CC_CHANGE_EPS UINT32_C(0x124)
311#define TPM2_CC_CHANGE_PPS UINT32_C(0x125)
312#define TPM2_CC_CLEAR UINT32_C(0x126)
313#define TPM2_CC_CLEAR_CONTROL UINT32_C(0x127)
314#define TPM2_CC_CLOCK_SET UINT32_C(0x128)
315#define TPM2_CC_HIERARCHY_CHANGE_AUTH UINT32_C(0x129)
316#define TPM2_CC_NV_DEFINE_SPACE UINT32_C(0x12a)
317#define TPM2_CC_PCR_ALLOCATE UINT32_C(0x12b)
318#define TPM2_CC_PCR_SET_AUTH_POLICY UINT32_C(0x12c)
319#define TPM2_CC_PP_COMMANDS UINT32_C(0x12d)
320#define TPM2_CC_SET_PRIMARY_POLICY UINT32_C(0x12e)
321#define TPM2_CC_FIELD_UPGRADE_START UINT32_C(0x12f)
322#define TPM2_CC_CLOCK_RATE_ADJUST UINT32_C(0x130)
323#define TPM2_CC_CREATE_PRIMARY UINT32_C(0x131)
324#define TPM2_CC_NV_GLOBAL_WRITE_LOCK UINT32_C(0x132)
325#define TPM2_CC_GET_COMMAND_AUDIT_DIGEST UINT32_C(0x133)
326#define TPM2_CC_NV_INCREMENT UINT32_C(0x134)
327#define TPM2_CC_NV_SET_BITS UINT32_C(0x135)
328#define TPM2_CC_NV_EXTEND UINT32_C(0x136)
329#define TPM2_CC_NV_WRITE UINT32_C(0x137)
330#define TPM2_CC_NV_WRITE_LOCK UINT32_C(0x138)
331#define TPM2_CC_DICTIONARY_ATTACK_LOCK_RESET UINT32_C(0x139)
332#define TPM2_CC_DICTIONARY_ATTACK_PARAMETERS UINT32_C(0x13a)
333#define TPM2_CC_NV_CHANGE_AUTH UINT32_C(0x13b)
334#define TPM2_CC_PCR_EVENT UINT32_C(0x13c)
335#define TPM2_CC_PCR_RESET UINT32_C(0x13d)
336#define TPM2_CC_SEQUENCE_COMPLETE UINT32_C(0x13e)
337#define TPM2_CC_SET_ALGORITHM_SET UINT32_C(0x13f)
338#define TPM2_CC_SET_COMMAND_CODE_AUDIT_STATUS UINT32_C(0x140)
339#define TPM2_CC_FIELD_UPGRADE_DATA UINT32_C(0x141)
340#define TPM2_CC_INCREMENTAL_SELF_TEST UINT32_C(0x142)
341#define TPM2_CC_SELF_TEST UINT32_C(0x143)
342#define TPM2_CC_STARTUP UINT32_C(0x144)
343#define TPM2_CC_SHUTDOWN UINT32_C(0x145)
344#define TPM2_CC_STIR_RANDOM UINT32_C(0x146)
345#define TPM2_CC_ACTIVATE_CREDENTIAL UINT32_C(0x147)
346#define TPM2_CC_CERTIFY UINT32_C(0x148)
347#define TPM2_CC_POLICY_NV UINT32_C(0x149)
348#define TPM2_CC_CERTIFY_CREATION UINT32_C(0x14a)
349#define TPM2_CC_DUPLICATE UINT32_C(0x14b)
350#define TPM2_CC_GET_TIME UINT32_C(0x14c)
351#define TPM2_CC_GET_SESSION_AUDIT_DIGEST UINT32_C(0x14d)
352#define TPM2_CC_NV_READ UINT32_C(0x14e)
353#define TPM2_CC_NV_READ_LOCK UINT32_C(0x14f)
354#define TPM2_CC_OBJECT_CHANGE_AUTH UINT32_C(0x150)
355#define TPM2_CC_POLICY_SECRET UINT32_C(0x151)
356#define TPM2_CC_REWRAP UINT32_C(0x152)
357#define TPM2_CC_CREATE UINT32_C(0x153)
358#define TPM2_CC_ECDH_ZGEN UINT32_C(0x154)
359#define TPM2_CC_HMAC_MAC UINT32_C(0x155)
360#define TPM2_CC_IMPORT UINT32_C(0x156)
361#define TPM2_CC_LOAD UINT32_C(0x157)
362#define TPM2_CC_QUOTE UINT32_C(0x158)
363#define TPM2_CC_RSA_DECRYPT UINT32_C(0x159)
364#define TPM2_CC_HMAC_MAC_START UINT32_C(0x15b)
365#define TPM2_CC_SEQUENCE_UPDATE UINT32_C(0x15c)
366#define TPM2_CC_SIGN UINT32_C(0x15d)
367#define TPM2_CC_UNSEAL UINT32_C(0x15e)
368#define TPM2_CC_POLICY_SIGNED UINT32_C(0x160)
369#define TPM2_CC_CONTEXT_LOAD UINT32_C(0x161)
370#define TPM2_CC_CONTEXT_SAVE UINT32_C(0x162)
371#define TPM2_CC_ECDH_KEY_GEN UINT32_C(0x163)
372#define TPM2_CC_ENCRYPT_DECRYPT UINT32_C(0x164)
373#define TPM2_CC_FLUSH_CONTEXT UINT32_C(0x165)
374#define TPM2_CC_LOAD_EXTERNAL UINT32_C(0x167)
375#define TPM2_CC_MAKE_CREDENTIAL UINT32_C(0x168)
376#define TPM2_CC_NV_READ_PUBLIC UINT32_C(0x169)
377#define TPM2_CC_POLICY_AUTHORIZE UINT32_C(0x16a)
378#define TPM2_CC_POLICY_AUTH_VALUE UINT32_C(0x16b)
379#define TPM2_CC_POLICY_COMMAND_CODE UINT32_C(0x16c)
380#define TPM2_CC_POLICY_COUNTER_TIMER UINT32_C(0x16d)
381#define TPM2_CC_POLICY_CP_HASH UINT32_C(0x16e)
382#define TPM2_CC_POLICY_LOCALITY UINT32_C(0x16f)
383#define TPM2_CC_POLICY_NAME_HASH UINT32_C(0x170)
384#define TPM2_CC_POLICY_OR UINT32_C(0x171)
385#define TPM2_CC_POLICY_TICKET UINT32_C(0x172)
386#define TPM2_CC_READ_PUBLIC UINT32_C(0x173)
387#define TPM2_CC_RSA_ENCRYPT UINT32_C(0x174)
388#define TPM2_CC_START_AUTH_SESSION UINT32_C(0x176)
389#define TPM2_CC_VERIFY_SIGNATURE UINT32_C(0x177)
390#define TPM2_CC_ECC_PARAMETERS UINT32_C(0x178)
391#define TPM2_CC_FIRMWARE_READ UINT32_C(0x179)
392#define TPM2_CC_GET_CAPABILITY UINT32_C(0x17a)
393#define TPM2_CC_GET_RANDOM UINT32_C(0x17b)
394#define TPM2_CC_GET_TEST_RESULT UINT32_C(0x17c)
395#define TPM2_CC_GET_HASH UINT32_C(0x17d)
396#define TPM2_CC_PCR_READ UINT32_C(0x17e)
397#define TPM2_CC_POLICY_PCR UINT32_C(0x17f)
398#define TPM2_CC_POLICY_RESTART UINT32_C(0x180)
399#define TPM2_CC_READ_CLOCK UINT32_C(0x181)
400#define TPM2_CC_PCR_EXTEND UINT32_C(0x182)
401#define TPM2_CC_PCR_SET_AUTH_VALUE UINT32_C(0x183)
402#define TPM2_CC_NV_CERTIFY UINT32_C(0x184)
403#define TPM2_CC_EVENT_SEQUENCE_COMPLETE UINT32_C(0x185)
404#define TPM2_CC_HASH_SEQUENCE_START UINT32_C(0x186)
405#define TPM2_CC_POLICY_PHYSICAL_PRESENCE UINT32_C(0x187)
406#define TPM2_CC_POLICY_DUPLICATION_SELECT UINT32_C(0x188)
407#define TPM2_CC_POLICY_GET_DIGEST UINT32_C(0x189)
408#define TPM2_CC_TEST_PARMS UINT32_C(0x18a)
409#define TPM2_CC_COMMIT UINT32_C(0x18b)
410#define TPM2_CC_POLICY_PASSWORD UINT32_C(0x18c)
411#define TPM2_CC_ZGEN_2PHASE UINT32_C(0x18d)
412#define TPM2_CC_EC_EPHEMERAL UINT32_C(0x18e)
413#define TPM2_CC_POLICY_NV_WRITTEN UINT32_C(0x18f)
414#define TPM2_CC_POLICY_TEMPLATE UINT32_C(0x190)
415#define TPM2_CC_CREATE_LOADED UINT32_C(0x191)
416#define TPM2_CC_POLICY_AUTHORIZE_NV UINT32_C(0x192)
417#define TPM2_CC_ENCRYPT_DECRYPT_2 UINT32_C(0x193)
418#define TPM2_CC_AC_GET_CAPABILITY UINT32_C(0x194)
419#define TPM2_CC_AC_SEND UINT32_C(0x195)
420#define TPM2_CC_POLICY_AC_SEND_SELECT UINT32_C(0x196)
421#define TPM2_CC_CERTIFY_X509 UINT32_C(0x197)
422#define TPM2_CC_ACT_SET_TIMEOUT UINT32_C(0x198)
423#define TPM2_CC_ECC_ENCRYPT UINT32_C(0x199)
424#define TPM2_CC_ECC_DECRYPT UINT32_C(0x19a)
425#define TPM2_CC_POLICY_CAPABILITY UINT32_C(0x19b)
426#define TPM2_CC_POLICY_PARAMETERS UINT32_C(0x19c)
427#define TPM2_CC_NV_DEFINE_SPACE_2 UINT32_C(0x19d)
428#define TPM2_CC_NV_READ_PUBLIC_2 UINT32_C(0x19e)
429#define TPM2_CC_SET_CAPABILITY UINT32_C(0x19f)
430/** @} */
431
432
433/** @name Defines related to TPM_ORD_GETCAPABILITY.
434 * @{ */
435/** Return a TPM related property. */
436#define TPM_CAP_PROPERTY UINT32_C(5)
437
438/** Returns the size of the input buffer. */
439#define TPM_CAP_PROP_INPUT_BUFFER UINT32_C(0x124)
440
441/**
442 * TPM_ORD_GETCAPABILITY request.
443 */
444#pragma pack(1)
445typedef struct TPMREQGETCAPABILITY
446{
447 /** Request header. */
448 TPMREQHDR Hdr;
449 /** The capability group to query. */
450 uint32_t u32Cap;
451 /** Length of the capability. */
452 uint32_t u32Length;
453 /** The sub capability to query. */
454 uint32_t u32SubCap;
455} TPMREQGETCAPABILITY;
456#pragma pack()
457/** Pointer to a TPM_ORD_GETCAPABILITY request. */
458typedef TPMREQGETCAPABILITY *PTPMREQGETCAPABILITY;
459/** Pointer to a const TPM_ORD_GETCAPABILITY request. */
460typedef const TPMREQGETCAPABILITY *PCTPMREQGETCAPABILITY;
461/** @} */
462
463
464/** @name Defines related to TPM2_CC_STARTUP
465 * @{ */
466#define TPM2_SU_CLEAR UINT16_C(0x0000)
467#define TPM2_SU_STATE UINT16_C(0x0001)
468/** @} */
469
470/** @name Defines related to TPM2_CC_GET_CAPABILITY.
471 * @{ */
472#define TPM2_CAP_ALGS UINT32_C(0x00000000)
473#define TPM2_CAP_HANDLES UINT32_C(0x00000001)
474#define TPM2_CAP_COMMANDS UINT32_C(0x00000002)
475#define TPM2_CAP_PP_COMMANDS UINT32_C(0x00000003)
476#define TPM2_CAP_AUDIT_COMMANDS UINT32_C(0x00000004)
477#define TPM2_CAP_PCRS UINT32_C(0x00000005)
478#define TPM2_CAP_ALGS UINT32_C(0x00000000)
479/** Return a TPM related property. */
480#define TPM2_CAP_TPM_PROPERTIES UINT32_C(0x00000006)
481#define TPM2_CAP_PCR_PROPERTIES UINT32_C(0x00000007)
482#define TPM2_CAP_ECC_CURVES UINT32_C(0x00000008)
483#define TPM2_CAP_AUTH_POLICIES UINT32_C(0x00000009)
484#define TPM2_CAP_ACT UINT32_C(0x0000000a)
485
486
487#define TPM2_PT_FAMILY_INDICATOR UINT32_C(0x00000100)
488#define TPM2_PT_LEVEL UINT32_C(0x00000101)
489#define TPM2_PT_REVISION UINT32_C(0x00000102)
490#define TPM2_PT_DAY_OF_YEAR UINT32_C(0x00000103)
491#define TPM2_PT_YEAR UINT32_C(0x00000104)
492#define TPM2_PT_MANUFACTURER UINT32_C(0x00000105)
493#define TPM2_PT_VENDOR_STRING_1 UINT32_C(0x00000106)
494#define TPM2_PT_VENDOR_STRING_2 UINT32_C(0x00000107)
495#define TPM2_PT_VENDOR_STRING_3 UINT32_C(0x00000108)
496#define TPM2_PT_VENDOR_STRING_4 UINT32_C(0x00000109)
497#define TPM2_PT_VENDOR_TPM_TYPE UINT32_C(0x0000010a)
498#define TPM2_PT_FIRMWARE_VERSION_1 UINT32_C(0x0000010b)
499#define TPM2_PT_FIRMWARE_VERSION_2 UINT32_C(0x0000010c)
500/** Returns the size of the input buffer. */
501#define TPM2_PT_INPUT_BUFFER UINT32_C(0x0000010d)
502#define TPM2_PT_HR_TRANSIENT_MIN UINT32_C(0x0000010e)
503#define TPM2_PT_HR_PERSISTENT_MIN UINT32_C(0x0000010f)
504#define TPM2_PT_HR_LOADED_MIN UINT32_C(0x00000110)
505#define TPM2_PT_ACTIVE_SESSIONS_MAX UINT32_C(0x00000111)
506#define TPM2_PT_PCR_COUNT UINT32_C(0x00000112)
507#define TPM2_PT_PCR_SELECT_MIN UINT32_C(0x00000113)
508#define TPM2_PT_CONTEXT_GAP_MAX UINT32_C(0x00000114)
509#define TPM2_PT_RESERVED UINT32_C(0x00000115)
510#define TPM2_PT_NV_COUNTERS_MAX UINT32_C(0x00000116)
511#define TPM2_PT_NV_INDEX UINT32_C(0x00000117)
512#define TPM2_PT_MEMORY UINT32_C(0x00000118)
513#define TPM2_PT_CLOCK_UPDATE UINT32_C(0x00000119)
514#define TPM2_PT_CONTEXT_HASH UINT32_C(0x0000011a)
515#define TPM2_PT_CONTEXT_SYM UINT32_C(0x0000011b)
516#define TPM2_PT_CONTEXT_SYM_SIZE UINT32_C(0x0000011c)
517#define TPM2_PT_ORDERLY_COUNT UINT32_C(0x0000011d)
518#define TPM2_PT_MAX_COMMAND_SIZE UINT32_C(0x0000011e)
519#define TPM2_PT_MAX_RESPONSE_SIZE UINT32_C(0x0000011f)
520#define TPM2_PT_MAX_DIGEST UINT32_C(0x00000120)
521#define TPM2_PT_MAX_OBJECT_CONTEXT UINT32_C(0x00000121)
522#define TPM2_PT_MAX_SESSION_CONTEXT UINT32_C(0x00000122)
523#define TPM2_PT_PS_FAMILY_INDICATOR UINT32_C(0x00000123)
524#define TPM2_PT_PS_LEVEL UINT32_C(0x00000124)
525#define TPM2_PT_PS_REVISION UINT32_C(0x00000125)
526#define TPM2_PT_PS_DAY_OF_YEAR UINT32_C(0x00000126)
527#define TPM2_PT_PS_YEAR UINT32_C(0x00000127)
528#define TPM2_PT_SPLIT_MAX UINT32_C(0x00000128)
529#define TPM2_PT_TOTAL_COMMANDS UINT32_C(0x00000129)
530#define TPM2_PT_LIBRARY_COMMANDS UINT32_C(0x0000012a)
531#define TPM2_PT_VENDOR_COMMANDS UINT32_C(0x0000012b)
532#define TPM2_PT_NV_BUFFER_MAX UINT32_C(0x0000012c)
533#define TPM2_PT_MODES UINT32_C(0x0000012d)
534#define TPM2_PT_MAX_CAP_BUFFER UINT32_C(0x0000012e)
535#define TPM2_PT_FIRMWARE_SVN UINT32_C(0x0000012f)
536#define TPM2_PT_FIRMWARE_MAX_SVN UINT32_C(0x00000130)
537
538
539/**
540 * TPM2_CC_GET_CAPABILITY request.
541 */
542#pragma pack(1)
543typedef struct TPM2REQGETCAPABILITY
544{
545 /** Request header. */
546 TPMREQHDR Hdr;
547 /** The capability group to query. */
548 uint32_t u32Cap;
549 /** Property to query. */
550 uint32_t u32Property;
551 /** Number of values to return. */
552 uint32_t u32Count;
553} TPM2REQGETCAPABILITY;
554#pragma pack()
555/** Pointer to a TPM2_CC_GET_CAPABILITY request. */
556typedef TPM2REQGETCAPABILITY *PTPM2REQGETCAPABILITY;
557/** Pointer to a const TPM2_CC_GET_CAPABILITY request. */
558typedef const TPM2REQGETCAPABILITY *PCTPM2REQGETCAPABILITY;
559
560/**
561 * TPM2_CC_GET_CAPABILITY response.
562 */
563#pragma pack(1)
564typedef struct TPM2RESPGETCAPABILITY
565{
566 /** Request header. */
567 TPMREQHDR Hdr;
568 /** The capability group to query. */
569 TPMYESNO fMoreData;
570 /** The capability being returned (part of TPMS_CAPABILITY_DATA). */
571 TPMCAP u32Cap;
572 /** Capability data. */
573 uint8_t abCap[RT_FLEXIBLE_ARRAY_NESTED];
574} TPM2RESPGETCAPABILITY;
575#pragma pack()
576/** Pointer to a TPM2_CC_GET_CAPABILITY request. */
577typedef TPM2RESPGETCAPABILITY *PTPM2RESPGETCAPABILITY;
578/** Pointer to a const TPM2_CC_GET_CAPABILITY request. */
579typedef const TPM2RESPGETCAPABILITY *PCTPM2RESPGETCAPABILITY;
580/** @} */
581
582
583/** @name Defines related to TPM2_CC_READ_PUBLIC.
584 * @{ */
585/**
586 * TPM2_CC_READ_PUBLIC request.
587 */
588#pragma pack(1)
589typedef struct TPM2REQREADPUBLIC
590{
591 /** Request header. */
592 TPMREQHDR Hdr;
593 /** The object handle to query. */
594 TPMIDHOBJECT hObj;
595} TPM2REQREADPUBLIC;
596#pragma pack()
597/** Pointer to a TPM2_CC_READ_PUBLIC request. */
598typedef TPM2REQREADPUBLIC *PTPM2REQREADPUBLIC;
599/** Pointer to a const TPM2_CC_READ_PUBLIC request. */
600typedef const TPM2REQREADPUBLIC *PCTPM2REQREADPUBLIC;
601/** @} */
602
603
604/** @name Defines related to TPM2_CC_GET_RANDOM.
605 * @{ */
606/**
607 * TPM2_CC_GET_RANDOM request.
608 */
609#pragma pack(1)
610typedef struct TPM2REQGETRANDOM
611{
612 /** Request header. */
613 TPMREQHDR Hdr;
614 /** The number of random bytes requested. */
615 uint16_t u16RandomBytes;
616} TPM2REQGETRANDOM;
617#pragma pack()
618/** Pointer to a TPM2_CC_GET_RANDOM request. */
619typedef TPM2REQGETRANDOM *PTPM2REQGETRANDOM;
620/** Pointer to a const TPM2_CC_GET_RANDOM request. */
621typedef const TPM2REQGETRANDOM *PCTPM2REQGETRANDOM;
622
623/**
624 * TPM2_CC_GET_RANDOM response.
625 */
626#pragma pack(1)
627typedef struct TPM2RESPGETRANDOM
628{
629 /** Request header. */
630 TPMRESPHDR Hdr;
631 /** The buffer holding the response data. */
632 TPMBUF Buf;
633} TPM2RESPGETRANDOM;
634#pragma pack()
635/** Pointer to a TPM2_CC_GET_RANDOM response. */
636typedef TPM2RESPGETRANDOM *PTPM2RESPGETRANDOM;
637/** Pointer to a const TPM2_CC_GET_RANDOM response. */
638typedef const TPM2RESPGETRANDOM *PCTPM2RESPGETRANDOM;
639/** @} */
640
641
642/** @name TPM 1.2 response tags
643 * @{ */
644/** A response from a command with no authentication. */
645#define TPM_TAG_RSP_COMMAND UINT16_C(0x00c4)
646/** An authenticated response with one authentication handle. */
647#define TPM_TAG_RSP_AUTH1_COMMAND UINT16_C(0x00c5)
648/** An authenticated response with two authentication handles. */
649#define TPM_TAG_RSP_AUTH2_COMMAND UINT16_C(0x00c6)
650/** @} */
651
652
653/** @name TPM status codes.
654 * @{ */
655#ifndef TPM_SUCCESS
656/** Request executed successfully. */
657# define TPM_SUCCESS UINT32_C(0)
658#endif
659#ifndef TPM_AUTHFAIL
660/** Authentication failed. */
661# define TPM_AUTHFAIL UINT32_C(1)
662#endif
663#ifndef TPM_BADINDEX
664/** An index is malformed. */
665# define TPM_BADINDEX UINT32_C(2)
666#endif
667#ifndef TPM_BAD_PARAMETER
668/** A request parameter is invalid. */
669# define TPM_BAD_PARAMETER UINT32_C(3)
670#endif
671#ifndef TPM_FAIL
672/** The TPM failed to execute the request. */
673# define TPM_FAIL UINT32_C(9)
674#endif
675/** @todo Extend as need arises. */
676/** @} */
677
678
679/* Some inline helpers to account for the unaligned members of the request and response headers. */
680
681/**
682 * Returns the request tag of the given TPM request header.
683 *
684 * @returns TPM request tag in bytes.
685 * @param pTpmReqHdr Pointer to the TPM request header.
686 */
687DECLINLINE(uint16_t) RTTpmReqGetTag(PCTPMREQHDR pTpmReqHdr)
688{
689 return RT_BE2H_U16(pTpmReqHdr->u16Tag);
690}
691
692
693/**
694 * Returns the request size of the given TPM request header.
695 *
696 * @returns TPM request size in bytes.
697 * @param pTpmReqHdr Pointer to the TPM request header.
698 */
699DECLINLINE(size_t) RTTpmReqGetSz(PCTPMREQHDR pTpmReqHdr)
700{
701 uint32_t cbReq;
702 memcpy(&cbReq, &pTpmReqHdr->cbReq, sizeof(pTpmReqHdr->cbReq));
703 return RT_BE2H_U32(cbReq);
704}
705
706
707/**
708 * Returns the request ordinal of the given TPM request header.
709 *
710 * @returns TPM request ordinal in bytes.
711 * @param pTpmReqHdr Pointer to the TPM request header.
712 */
713DECLINLINE(uint32_t) RTTpmReqGetOrdinal(PCTPMREQHDR pTpmReqHdr)
714{
715 uint32_t u32Ordinal;
716 memcpy(&u32Ordinal, &pTpmReqHdr->u32Ordinal, sizeof(pTpmReqHdr->u32Ordinal));
717 return RT_BE2H_U32(u32Ordinal);
718}
719
720
721/**
722 * Returns the response tag of the given TPM response header.
723 *
724 * @returns TPM request tag in bytes.
725 * @param pTpmRespHdr Pointer to the TPM response header.
726 */
727DECLINLINE(uint16_t) RTTpmRespGetTag(PCTPMRESPHDR pTpmRespHdr)
728{
729 return RT_BE2H_U16(pTpmRespHdr->u16Tag);
730}
731
732
733/**
734 * Returns the response size included in the given TPM response header.
735 *
736 * @returns TPM response size in bytes.
737 * @param pTpmRespHdr Pointer to the TPM response header.
738 */
739DECLINLINE(size_t) RTTpmRespGetSz(PCTPMRESPHDR pTpmRespHdr)
740{
741 uint32_t cbResp;
742 memcpy(&cbResp, &pTpmRespHdr->cbResp, sizeof(pTpmRespHdr->cbResp));
743 return RT_BE2H_U32(cbResp);
744}
745
746
747/**
748 * Returns the error code of the given TPM response header.
749 *
750 * @returns TPM response error code.
751 * @param pTpmRespHdr Pointer to the TPM response header.
752 */
753DECLINLINE(uint32_t) RTTpmRespGetErrCode(PCTPMRESPHDR pTpmRespHdr)
754{
755 uint32_t u32ErrCode;
756 memcpy(&u32ErrCode, &pTpmRespHdr->u32ErrCode, sizeof(pTpmRespHdr->u32ErrCode));
757 return RT_BE2H_U32(u32ErrCode);
758}
759
760#endif /* !IPRT_INCLUDED_formats_tpm_h */
761
Note: See TracBrowser for help on using the repository browser.

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette