Skip to content

Commit

Permalink
Errata 2 to rev. 1.38
Browse files Browse the repository at this point in the history
  • Loading branch information
amarochk committed Jun 30, 2017
1 parent 83a9376 commit 2d5660a
Show file tree
Hide file tree
Showing 12 changed files with 136 additions and 54 deletions.
24 changes: 15 additions & 9 deletions TPMCmd/tpm/include/Global.h
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,6 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

#if !defined _TPM_H_
#error "Should not be called"
#endif

//** Description

// This file contains internal global type definitions and data declarations that
Expand All @@ -52,6 +48,10 @@
// data is private to the module but is collected here to simplify the management
// of the instance data.
// All the data is instanced in Global.c.
#if !defined _TPM_H_
#error "Should not be called"
#endif


//** Includes

Expand Down Expand Up @@ -104,6 +104,10 @@ typedef BYTE TIME_INFO[sizeof(TPMS_TIME_INFO)];
// A NAME is a BYTE array that can contain a TPMU_NAME
typedef BYTE NAME[sizeof(TPMU_NAME)];

// Definition for a PROOF value
TPM2B_TYPE(PROOF, PROOF_SIZE);


// A CLOCK_NONCE is used to tag the time value in the authorization session and
// in the ticket computation so that the ticket expires when there is a time
// discontinuity. When the clock stops during normal operation, the nonce is
Expand Down Expand Up @@ -518,7 +522,9 @@ extern TPM_HANDLE g_exclusiveAuditSession;

//*** g_time
// This is the value in which we keep the current command time. This is initialized
// at the start of each command. The time is in mS.
// at the start of each command. The time is the accumulated time since the last
// time that the TPM's timer was last powered up. Clock is the accumulated time
// since the last time that the TPM was cleared. g_time is in mS.
extern UINT64 g_time;

//*** g_timeEpoch
Expand Down Expand Up @@ -715,9 +721,9 @@ typedef struct
// Note there is a nullSeed in the state_reset memory.

// Hierarchy proofs
TPM2B_AUTH phProof;
TPM2B_AUTH shProof;
TPM2B_AUTH ehProof;
TPM2B_PROOF phProof;
TPM2B_PROOF shProof;
TPM2B_PROOF ehProof;
// Note there is a nullProof in the state_reset memory.

//*********************************************************************************
Expand Down Expand Up @@ -944,7 +950,7 @@ typedef struct state_reset_data
//*****************************************************************************
// Hierarchy Control
//*****************************************************************************
TPM2B_AUTH nullProof; // The proof value associated with
TPM2B_PROOF nullProof; // The proof value associated with
// the TPM_RH_NULL hierarchy. The
// default reset value is from the RNG.

Expand Down
74 changes: 69 additions & 5 deletions TPMCmd/tpm/include/GpMacros.h
Original file line number Diff line number Diff line change
Expand Up @@ -210,8 +210,72 @@
#define CONTEXT_INTEGRITY_HASH_SIZE CONCAT(CONTEXT_HASH_ALGORITHM, _DIGEST_SIZE)
#endif

#ifdef TPM_ALG_RSA
#define RSA_SECURITY_STRENGTH (MAX_RSA_KEY_BITS >= 15360 ? 256 : \
(MAX_RSA_KEY_BITS >= 7680 ? 192 : \
(MAX_RSA_KEY_BITS >= 3072 ? 128 : \
(MAX_RSA_KEY_BITS >= 2048 ? 112 : \
(MAX_RSA_KEY_BITS >= 1024 ? 80 : 0)))))
#else
#define RSA_SECURITY_STRENGTH 0
#endif

#ifdef TPM_ALG_ECC
#define ECC_SECURITY_STRENGTH (MAX_ECC_KEY_BITS >= 521 ? 256 : \
(MAX_ECC_KEY_BITS >= 384 ? 192 : \
(MAX_ECC_KEY_BITS >= 256 ? 128 : 0)))
#else
#define ECC_SECURITY_STRENGTH 0
#endif // TPM_AGL_ECC

#define MAX_ASYM_SECURITY_STRENGTH \
MAX(RSA_SECURITY_STRENGTH, ECC_SECURITY_STRENGTH)

#define MAX_HASH_SECURITY_STRENGTH ((CONTEXT_INTEGRITY_HASH_SIZE * 8) / 2)

// Unless some algorithm is broken...
#define MAX_SYM_SECURITY_STRENGTH MAX_SYM_KEY_BITS

#define MAX_SECURITY_STRENGTH_BITS \
MAX(MAX_ASYM_SECURITY_STRENGTH, \
MAX(MAX_SYM_SECURITY_STRENGTH, \
MAX_HASH_SECURITY_STRENGTH))

// This is the size that was used before the 1.38 errata requiring that P1.14.4 be
// followed
#define PROOF_SIZE CONTEXT_INTEGRITY_HASH_SIZE

// As required by P1.14.4
#define COMPLIANT_PROOF_SIZE \
(MAX(CONTEXT_INTEGRITY_HASH_SIZE, (2 * MAX_SYM_KEY_BYTES)))

// As required by P1.14.3.1
#define COMPLIANT_PRIMARY_SEED_SIZE \
BITS_TO_BYTES(MAX_SECURITY_STRENGTH_BITS * 2)

// This is the pre-errata version
#ifndef PRIMARY_SEED_SIZE
# define PRIMARY_SEED_SIZE PROOF_SIZE
#endif

#ifdef USE_SPEC_COMPLIANT_PROOFS
# undef PROOF_SIZE
# define PROOF_SIZE COMPLIANT_PROOF_SIZE
# undef PRIMARY_SEED_SIZE
# define PRIMARY_SEED_SIZE COMPLIANT_PRIMARY_SEED_SIZE
#endif // USE_SPEC_COMPLIANT_PROOFS || !defined PRIMARY_SEED_SIZE

#ifndef SKIP_PROOF_ERRORS
# if PROOF_SIZE < COMPLIANT_PROOF_SIZE
# error "PROOF_SIZE is not compliant with TPM specification"
# endif
# if PRIMARY_SEED_SIZE < COMPLIANT_PRIMARY_SEED_SIZE
# error "Implementation.h specifies a non-compliant PRIMARY_SEED_SIZE"
# endif
#endif



#define PROOF_SIZE CONTEXT_INTEGRITY_HASH_SIZE

// If CONTEXT_ENCRYP_ALG is defined, then the vendor is using the old style table
#ifndef CONTEXT_ENCRYPT_ALG
Expand All @@ -221,10 +285,10 @@
#define CONTEXT_ENCRYPT_KEY_BYTES ((CONTEXT_ENCRYPT_KEY_BITS+7)/8)
#endif

#if ALG_ECC
# define LABEL_MAX_BUFFER MAX_ECC_KEY_BYTES
#else
# define LABEL_MAX_BUFFER MAX_DIGEST_SIZE
// This is updated to follow the requirement of P2 that the label not be larger
// than 32 bytes.
#ifndef LABEL_MAX_BUFFER
#define LABEL_MAX_BUFFER MIN(32, MIN(MAX_ECC_KEY_BYTES, MAX_DIGEST_SIZE))
#endif

// This bit is used to indicate that an authorization ticket expires on TPM Reset
Expand Down
13 changes: 13 additions & 0 deletions TPMCmd/tpm/include/TpmBuildSwitches.h
Original file line number Diff line number Diff line change
Expand Up @@ -190,4 +190,17 @@
#define ACCUMULATE_SELF_HEAL_TIMER
#endif // ACCUMULATE_SELF_HEAL_TIMER

// If the implementation is to compute the sizes of the proof and primary seed size
// values based on the implemented algorithms, then use this define.
#ifndef USE_SPEC_COMPLIANT_PROOFS
#define USE_SPEC_COMPLIANT_PROOFS
#endif

// Comment this out to allow compile to continue even though the chosen proof values
// do not match the compliant values. This is written so that someone would
// have to proactively ignore errors.
#ifndef SKIP_PROOF_ERRORS
//#define SKIP_PROOF_ERRORS
#endif

#endif // _TPM_BUILD_SWITCHES_H_
2 changes: 1 addition & 1 deletion TPMCmd/tpm/include/TpmTypes.h
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ typedef UINT32 TPM_SPEC;
#define TPM_SPEC_VERSION (TPM_SPEC)(SPEC_VERSION)
#define SPEC_YEAR 2017
#define TPM_SPEC_YEAR (TPM_SPEC)(SPEC_YEAR)
#define SPEC_DAY_OF_YEAR 61
#define SPEC_DAY_OF_YEAR 107
#define TPM_SPEC_DAY_OF_YEAR (TPM_SPEC)(SPEC_DAY_OF_YEAR)

// Table 2:7 - Definition of TPM_GENERATED Constants (EnumTable)
Expand Down
2 changes: 1 addition & 1 deletion TPMCmd/tpm/include/VendorString.h
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ string.
// A vendor-specific FIRMWARE_V1 is required here. It is
// the more significant 32-bits of a vendor-specific value
// indicating the version of the firmware
//#define FIRMWARE_V1 (0x20170302)
//#define FIRMWARE_V1 (0x20170417)

// A vendor-specific FIRMWARE_V2 may be provided here. If present, it is the less
// significant 32-bits of the version of the firmware.
Expand Down
4 changes: 2 additions & 2 deletions TPMCmd/tpm/include/prototypes/Hierarchy_fp.h
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@
*/
/*(Auto)
Automatically Generated by TpmPrototypes version 2.2 February 10, 2016
Date: Sep 22, 2016 Time: 05:27:05 PM
Date: Sep 9, 2016 Time: 01:03:57 PM
*/

#ifndef _HIERARCHY_FP_H_
Expand All @@ -61,7 +61,7 @@ HierarchyStartup(
//*** HierarchyGetProof()
// This function finds the proof value associated with a hierarchy.It returns a
// pointer to the proof value.
TPM2B_AUTH *
TPM2B_PROOF *
HierarchyGetProof(
TPMI_RH_HIERARCHY hierarchy // IN: hierarchy constant
);
Expand Down
4 changes: 2 additions & 2 deletions TPMCmd/tpm/src/command/Context/Context_spt.c
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ ComputeContextProtectionKey(
{
UINT16 symKeyBits; // number of bits in the parent's
// symmetric key
TPM2B_AUTH *proof = NULL; // the proof value to use. Is null for
TPM2B_PROOF *proof = NULL; // the proof value to use. Is null for
// everything but a primary object in
// the Endorsement Hierarchy

Expand Down Expand Up @@ -144,7 +144,7 @@ ComputeContextIntegrity(
)
{
HMAC_STATE hmacState;
TPM2B_AUTH *proof;
TPM2B_PROOF *proof;
UINT16 integritySize;

// Get proof value
Expand Down
4 changes: 2 additions & 2 deletions TPMCmd/tpm/src/command/Hierarchy/ChangeEPS.c
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,10 @@ TPM2_ChangeEPS(
// Internal Data Update

// Reset endorsement hierarchy seed from RNG
CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.EPSeed.t.buffer);
CryptRandomGenerate(sizeof(gp.EPSeed.t.buffer), gp.EPSeed.t.buffer);

// Create new ehProof value from RNG
CryptRandomGenerate(PROOF_SIZE, gp.ehProof.t.buffer);
CryptRandomGenerate(sizeof(gp.ehProof.t.buffer), gp.ehProof.t.buffer);

// Enable endorsement hierarchy
gc.ehEnable = TRUE;
Expand Down
6 changes: 3 additions & 3 deletions TPMCmd/tpm/src/command/Hierarchy/ChangePPS.c
Original file line number Diff line number Diff line change
Expand Up @@ -53,16 +53,16 @@ TPM2_ChangePPS(
RETURN_IF_NV_IS_NOT_AVAILABLE;

// Input parameter is not reference in command action
in = NULL;
NOT_REFERENCED(in);

// Internal Data Update

// Reset platform hierarchy seed from RNG
CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.PPSeed.t.buffer);
CryptRandomGenerate(sizeof(gp.PPSeed.t.buffer), gp.PPSeed.t.buffer);

// Create a new phProof value from RNG to prevent the saved platform
// hierarchy contexts being loaded
CryptRandomGenerate(PROOF_SIZE, gp.phProof.t.buffer);
CryptRandomGenerate(sizeof(gp.phProof.t.buffer), gp.phProof.t.buffer);

// Set platform authPolicy to null
gc.platformAlg = TPM_ALG_NULL;
Expand Down
6 changes: 3 additions & 3 deletions TPMCmd/tpm/src/command/Hierarchy/Clear.c
Original file line number Diff line number Diff line change
Expand Up @@ -65,11 +65,11 @@ TPM2_Clear(
// Internal Data Update

// Reset storage hierarchy seed from RNG
CryptRandomGenerate(PRIMARY_SEED_SIZE, gp.SPSeed.t.buffer);
CryptRandomGenerate(sizeof(gp.SPSeed.t.buffer), gp.SPSeed.t.buffer);

// Create new shProof and ehProof value from RNG
CryptRandomGenerate(PROOF_SIZE, gp.shProof.t.buffer);
CryptRandomGenerate(PROOF_SIZE, gp.ehProof.t.buffer);
CryptRandomGenerate(sizeof(gp.shProof.t.buffer), gp.shProof.t.buffer);
CryptRandomGenerate(sizeof(gp.ehProof.t.buffer), gp.ehProof.t.buffer);

// Enable storage and endorsement hierarchy
gc.shEnable = gc.ehEnable = TRUE;
Expand Down
8 changes: 4 additions & 4 deletions TPMCmd/tpm/src/crypt/Ticket.c
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ TicketComputeVerified(
TPMT_TK_VERIFIED *ticket // OUT: verified ticket
)
{
TPM2B_AUTH *proof;
TPM2B_PROOF *proof;
HMAC_STATE hmacState;
//
// Fill in ticket fields
Expand Down Expand Up @@ -147,7 +147,7 @@ TicketComputeAuth(
TPMT_TK_AUTH *ticket // OUT: Created ticket
)
{
TPM2B_AUTH *proof;
TPM2B_PROOF *proof;
HMAC_STATE hmacState;
//
// Get proper proof
Expand Down Expand Up @@ -206,7 +206,7 @@ TicketComputeHashCheck(
TPMT_TK_HASHCHECK *ticket // OUT: Created ticket
)
{
TPM2B_AUTH *proof;
TPM2B_PROOF *proof;
HMAC_STATE hmacState;
//
// Get proper proof
Expand Down Expand Up @@ -251,7 +251,7 @@ TicketComputeCreation(
TPMT_TK_CREATION *ticket // OUT: created ticket
)
{
TPM2B_AUTH *proof;
TPM2B_PROOF *proof;
HMAC_STATE hmacState;

// Get proper proof
Expand Down
Loading

0 comments on commit 2d5660a

Please sign in to comment.