summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorFrans Hendriks <fhendriks@eltan.com>2019-06-28 10:18:22 +0200
committerFelix Held <felix-coreboot@felixheld.de>2019-09-03 23:48:58 +0000
commit7e220cac2d9a7065442ea0d757e424b17cd06961 (patch)
tree2aac622ab2f97f44b85d0afbf54126b43885b940 /src/security
parent63f73f2a60ab6ed8b45c0e8d3ad985f8fa4184ab (diff)
downloadcoreboot-7e220cac2d9a7065442ea0d757e424b17cd06961.tar.xz
security/tpm/tss/tcg-2.0: Use tlcl_get_hash_size_from_algo() for hash size
mashal_TPMT_HA() uses size of SHA-256 hash. Use tlcll_get_hash_size_from_algo() to determince the hash size. BUG=N/A TEST=Build binary and verified logging on Facebook FBG-1701 Change-Id: I739260e13e9cd10a61d52e13e8741b12ec868d7f Signed-off-by: Frans Hendriks <fhendriks@eltan.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/33251 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Lance Zhao <lance.zhao@gmail.com> Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/tpm/tss.h3
-rw-r--r--src/security/tpm/tss/tcg-2.0/tss.c32
-rw-r--r--src/security/tpm/tss/tcg-2.0/tss_marshaling.c2
-rw-r--r--src/security/tpm/tss/tcg-2.0/tss_structures.h28
4 files changed, 58 insertions, 7 deletions
diff --git a/src/security/tpm/tss.h b/src/security/tpm/tss.h
index 30e2a7b4b8..336935d911 100644
--- a/src/security/tpm/tss.h
+++ b/src/security/tpm/tss.h
@@ -79,6 +79,9 @@ uint32_t tlcl_get_capability(TPM_CAP capability, uint32_t property,
*/
void *tpm_process_command(TPM_CC command, void *command_body);
+/* Return digest size of hash algorithm */
+uint16_t tlcl_get_hash_size_from_algo(TPMI_ALG_HASH hash_algo);
+
#endif
/*****************************************************************************/
diff --git a/src/security/tpm/tss/tcg-2.0/tss.c b/src/security/tpm/tss/tcg-2.0/tss.c
index 08a7caa1a9..16e40fe569 100644
--- a/src/security/tpm/tss/tcg-2.0/tss.c
+++ b/src/security/tpm/tss/tcg-2.0/tss.c
@@ -352,6 +352,38 @@ uint32_t tlcl_define_space(uint32_t space_index, size_t space_size,
}
}
+uint16_t tlcl_get_hash_size_from_algo(TPMI_ALG_HASH hash_algo)
+{
+ uint16_t value;
+
+ switch (hash_algo) {
+ case TPM_ALG_ERROR:
+ value = 1;
+ break;
+ case TPM_ALG_SHA1:
+ value = SHA1_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SHA256:
+ value = SHA256_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SHA384:
+ value = SHA384_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SHA512:
+ value = SHA512_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SM3_256:
+ value = SM3_256_DIGEST_SIZE;
+ break;
+ default:
+ printk(BIOS_SPEW, "%s: unknown hash algorithm %d\n", __func__,
+ hash_algo);
+ value = 0;
+ };
+
+ return value;
+}
+
uint32_t tlcl_disable_platform_hierarchy(void)
{
struct tpm2_response *response;
diff --git a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
index 345aec5124..ec3cd8b4b2 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
+++ b/src/security/tpm/tss/tcg-2.0/tss_marshaling.c
@@ -84,7 +84,7 @@ static int marshal_TPMT_HA(struct obuf *ob, TPMT_HA *tpmtha)
rc |= marshal_TPMI_ALG_HASH(ob, tpmtha->hashAlg);
rc |= obuf_write(ob, tpmtha->digest.sha256,
- sizeof(tpmtha->digest.sha256));
+ tlcl_get_hash_size_from_algo(tpmtha->hashAlg));
return rc;
}
diff --git a/src/security/tpm/tss/tcg-2.0/tss_structures.h b/src/security/tpm/tss/tcg-2.0/tss_structures.h
index 7332739582..6a017bbb9d 100644
--- a/src/security/tpm/tss/tcg-2.0/tss_structures.h
+++ b/src/security/tpm/tss/tcg-2.0/tss_structures.h
@@ -38,12 +38,28 @@ typedef TPM_HANDLE TPMI_SH_AUTH_SESSION;
typedef TPM_HANDLE TPM_RH;
/* Some hardcoded algorithm values. */
-#define TPM_ALG_HMAC ((TPM_ALG_ID)0x0005)
-#define TPM_ALG_NULL ((TPM_ALG_ID)0x0010)
-#define TPM_ALG_SHA1 ((TPM_ALG_ID)0x0004)
-#define TPM_ALG_SHA256 ((TPM_ALG_ID)0x000b)
-
-#define SHA256_DIGEST_SIZE 32
+/* Table 7 - TPM_ALG_ID Constants */
+#define TPM_ALG_ERROR ((TPM_ALG_ID)0x0000)
+#define TPM_ALG_HMAC ((TPM_ALG_ID)0x0005)
+#define TPM_ALG_NULL ((TPM_ALG_ID)0x0010)
+#define TPM_ALG_SHA1 ((TPM_ALG_ID)0x0004)
+#define TPM_ALG_SHA256 ((TPM_ALG_ID)0x000b)
+#define TPM_ALG_SHA384 ((TPM_ALG_ID)0x000C)
+#define TPM_ALG_SHA512 ((TPM_ALG_ID)0x000D)
+#define TPM_ALG_SM3_256 ((TPM_ALG_ID)0x0012)
+
+/* Annex A Algorithm Constants */
+
+/* Table 205 - Defines for SHA1 Hash Values */
+#define SHA1_DIGEST_SIZE 20
+/* Table 206 - Defines for SHA256 Hash Values */
+#define SHA256_DIGEST_SIZE 32
+/* Table 207 - Defines for SHA384 Hash Values */
+#define SHA384_DIGEST_SIZE 48
+/* Table 208 - Defines for SHA512 Hash Values */
+#define SHA512_DIGEST_SIZE 64
+/* Table 209 - Defines for SM3_256 Hash Values */
+#define SM3_256_DIGEST_SIZE 32
/* Some hardcoded hierarchies. */
#define TPM_RH_NULL 0x40000007