Stefan Thom
TCG TIS 1.3 compliant TPM driver to use the TPM as hardware crypto library.
The TPM 2.0 architecture, commands and structures are defined in the set of 4 Trusted Platform Module Library Specification, Family "2.0" specifications that that can be found at http://www.trustedcomputinggroup.org/resources/tpm_library_specification
The "PC Client Specific TPM Interface Specification (TIS), Version 1.3" that was used for this implementation can be found at http://www.trustedcomputinggroup.org/resources/pc_client_work_group_pc_client_specific_tpm_interface_specification_tis
All the information to get going is in SPITIS_TPM20.h!
Diff: SPITIS_TPM20.h
- Revision:
- 3:4b9ad18eae02
- Parent:
- 2:526bf792254d
- Child:
- 4:77fecfe49437
--- a/SPITIS_TPM20.h Tue Apr 07 19:13:09 2015 +0000
+++ b/SPITIS_TPM20.h Sat Apr 11 04:01:54 2015 +0000
@@ -52,30 +52,130 @@
int main()
{
uint32_t result = 0;
+
result = tpm.InitializeTis();
- printf("TIS.InitializeTis = 0x%08x\n\r", result);
+ printf("TIS.InitializeTis= 0x%08x\n\r", result);
+ if(((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) ||
+ ((result = tpm.TPM2_Startup(TPM_SU_CLEAR)) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) ||
+ ((result = tpm.EndSession()) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE))
+ {
+ printf("TPM2_Startup= 0x%08x\n\r", result);
+ }
+ else
+ {
+ printf("TPM2_Startup= OK\n\r");
+ }
+
while(1)
{
if(mybutton == 0)
{
-
- TPM2B_DIGEST random = {0};
printf("Button!\n\r");
-
- result = tpm.TPM2_Startup(TPM_SU_CLEAR);
- printf("TPM2_Startup = 0x%08x\n\r", result);
- random.t.size = 32;
- result = tpm.TPM2_GetRandom(&random);
- printf("TPM2_GetRandom = 0x%08x\n\r", result);
- printf("Random = ");
- for(uint16_t n = 0; n < random.t.size; n++) printf("%02x", random.t.buffer[n]);
- printf("\n\r");
- result = tpm.TPM2_StirRandom(&random);
- printf("TPM2_StirRandom = 0x%08x\n\r", result);
- result = tpm.TPM2_Shutdown(TPM_SU_CLEAR);
- printf("TPM2_Shutdown = 0x%08x\n\r", result);
+
+ if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE)
+ {
+ TPM2B_AUTH auth = {0};
+ TPMI_DH_OBJECT hashHandle = 0;
+ TPML_DIGEST_VALUES values = {0};
+
+ result = tpm.TPM2_HashSequenceStart(&auth, TPM_ALG_NULL, &hashHandle);
+ printf("TPM2_HashSequenceStart= 0x%08x\n\r", result);
+ for(uint32_t n = 0; n < 0x80000; n += 1024)
+ {
+ if((result = tpm.TPM2_SequenceUpdate(hashHandle, &auth, (uint8_t*)(0x08000000 + n), 1024)) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE)
+ {
+ printf("TPM2_SequenceUpdate(%d)= 0x%08x\n\r", n, result);
+ }
+ }
+ result = tpm.TPM2_EventSequenceComplete((TPM_HC)(HR_PCR + 0), &auth, hashHandle, &auth, &values);
+ printf("TPM2_EventSequenceComplete= 0x%08x\n\r", result);
+ for(uint32_t n = 0; n < values.count; n++)
+ {
+ printf("Digest(0x%04x)= ", (uint16_t)values.digests[n].hashAlg);
+ switch(values.digests[n].hashAlg)
+ {
+ case TPM_ALG_SHA1:
+ for(uint16_t m = 0; m < sizeof(values.digests[n].digest.sha1); m++) printf("%02x", values.digests[n].digest.sha1[m]);
+ break;
+ case TPM_ALG_SHA256:
+ for(uint16_t m = 0; m < sizeof(values.digests[n].digest.sha256); m++) printf("%02x", values.digests[n].digest.sha256[m]);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ }
+ printf("\n\r");
+ }
+ tpm.EndSession();
+ printf("\n\r");
+ }
- wait(2);
+ if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE)
+ {
+ TPML_PCR_SELECTION pcrSelection = {0};
+ uint32_t pcrUpdateCounter = 0;
+ TPML_DIGEST pcrValues = {0};
+
+ pcrSelection.count = 2;
+ pcrSelection.pcrSelections[0].hash = TPM_ALG_SHA1;
+ pcrSelection.pcrSelections[0].sizeofSelect = 3;
+ pcrSelection.pcrSelections[0].pcrSelect[0] = 0x01;
+ pcrSelection.pcrSelections[0].pcrSelect[1] = 0x00;
+ pcrSelection.pcrSelections[0].pcrSelect[2] = 0x00;
+ pcrSelection.pcrSelections[1].hash = TPM_ALG_SHA256;
+ pcrSelection.pcrSelections[1].sizeofSelect = 3;
+ pcrSelection.pcrSelections[1].pcrSelect[0] = 0x01;
+ pcrSelection.pcrSelections[1].pcrSelect[1] = 0x00;
+ pcrSelection.pcrSelections[1].pcrSelect[2] = 0x00;
+ result = tpm.TPM2_PCR_Read(&pcrSelection, &pcrUpdateCounter, &pcrSelection, &pcrValues);
+ printf("TPM2_PCR_Read= 0x%08x\n\r", result);
+ for(uint32_t n = 0; n < pcrValues.count; n++)
+ {
+ printf("PCR[0](0x%04x)= ", (uint16_t)pcrSelection.pcrSelections[n].hash);
+ for(uint16_t m = 0; m < pcrValues.digests[n].t.size; m++) printf("%02x", pcrValues.digests[n].t.buffer[m]);
+ printf("\n\r");
+ }
+ tpm.EndSession();
+ printf("\n\r");
+ }
+
+ if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE)
+ {
+ TPM2B_AUTH auth = {0};
+ TPMI_DH_OBJECT hashHandle = 0;
+ TPM2B_DIGEST digest = {0};
+ TPMT_TK_HASHCHECK validation = {0};
+
+ uint8_t testVector[] = "The quick brown fox jumps over the lazy dog";
+ result = tpm.TPM2_HashSequenceStart(&auth, TPM_ALG_SHA256, &hashHandle);
+ printf("TPM2_HashSequenceStart= 0x%08x\n\r", result);
+ result = tpm.TPM2_SequenceUpdate(hashHandle, &auth, testVector, sizeof(testVector) - 1);
+ printf("TPM2_SequenceUpdate= 0x%08x\n\r", result);
+ result = tpm.TPM2_SequenceComplete(hashHandle, &auth, TPM_RH_NULL, &digest, &validation);
+ printf("TPM2_HashSequenceComplete= 0x%08x\n\r", result);
+ printf("Digest= ");
+ for(uint16_t n = 0; n < digest.t.size; n++) printf("%02x", digest.t.buffer[n]);
+ printf("\n\r");
+ printf("Ref= d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592\n\r");
+ tpm.EndSession();
+ printf("\n\r");
+ }
+
+ if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE)
+ {
+ TPM2B_DIGEST random = {0};
+ random.t.size = 32;
+ result = tpm.TPM2_GetRandom(&random);
+ printf("TPM2_GetRandom = 0x%08x\n\r", result);
+ printf("Random = ");
+ for(uint16_t n = 0; n < random.t.size; n++) printf("%02x", random.t.buffer[n]);
+ printf("\n\r");
+ result = tpm.TPM2_StirRandom(&random);
+ printf("TPM2_StirRandom = 0x%08x\n\r", result);
+ tpm.EndSession();
+ printf("\n\r");
+ }
+
+ wait(1);
}
}
}
@@ -95,6 +195,7 @@
#include "mbed.h"
#include "TPM20.h"
#include "GizmosNGadgets.h"
+#include "Marshal.h"
//#define TPM_TIS_DEBUG_OUTPUT 1
//#define TPM_TIS_INTERFACE_DEBUG_OUTPUT 1
@@ -152,11 +253,16 @@
}
TIS_RESULT InitializeTis();
+
+ // Session management
+ TIS_RESULT StartSession(TIS_TPM20::TIS_LOCALITY locality = TIS_TPM20::TIS_LOCALITY_0);
+ TIS_RESULT EndSession();
// Submit a command
TIS_RESULT SendCommand(uint8_t* pbCmd,
uint32_t cbCmd,
- TIS_TPM20::TIS_LOCALITY locality = TIS_TPM20::TIS_LOCALITY_0);
+ uint8_t* pbTrailingData = NULL,
+ uint32_t cbTrailingData = 0);
// Retrieve the response
TIS_RESULT RetrieveResponse(uint8_t* pbRsp,
@@ -164,17 +270,19 @@
uint32_t* pcbRsp);
// Attempt to abort the current command
- void Abort()
- {
- // Best effort abort;
- AbortCommand();
- ReleaseLocality();
- }
+ TIS_TPM20::TIS_RESULT AbortCommand();
- uint32_t TPM2_Startup(uint16_t startupType);
- uint32_t TPM2_Shutdown(uint16_t shutdownType);
- uint32_t TPM2_GetRandom(TPM2B_DIGEST* random);
- uint32_t TPM2_StirRandom(TPM2B_DIGEST* seed);
+ // TPM sample commands
+ TPM_RC TPM2_Startup(uint16_t startupType);
+ TPM_RC TPM2_Shutdown(uint16_t shutdownType);
+ TPM_RC TPM2_GetRandom(TPM2B_DIGEST* random);
+ TPM_RC TPM2_StirRandom(TPM2B_DIGEST* seed);
+ TPM_RC TPM2_HMAC_Start(TPMI_DH_OBJECT handle, TPM2B_AUTH* handleAuth, TPM2B_AUTH* auth, TPMI_ALG_HASH hashAlg, TPMI_DH_OBJECT* sequenceHandle);
+ TPM_RC TPM2_HashSequenceStart(TPM2B_AUTH* auth, TPMI_ALG_HASH hashAlg, TPMI_DH_OBJECT* sequenceHandle);
+ TPM_RC TPM2_SequenceUpdate(TPMI_DH_OBJECT sequenceHandle, TPM2B_AUTH* sequenceHandleAuth, uint8_t* pbData, uint16_t cbData);
+ TPM_RC TPM2_SequenceComplete(TPMI_DH_OBJECT sequenceHandle, TPM2B_AUTH* sequenceHandleAuth, TPMI_RH_HIERARCHY hierarchy, TPM2B_DIGEST* result, TPMT_TK_HASHCHECK* validation);
+ TPM_RC TPM2_EventSequenceComplete(TPMI_DH_PCR pcrHandle, TPM2B_AUTH* pcrAuth, TPMI_DH_OBJECT sequenceHandle, TPM2B_AUTH* handleAuth, TPML_DIGEST_VALUES* results);
+ TPM_RC TPM2_PCR_Read(TPML_PCR_SELECTION* pcrSelectionIn, uint32_t* pcrUpdateCounter, TPML_PCR_SELECTION* pcrSelectionOut, TPML_DIGEST* pcrValues);
private:
// TIS registers addresses
@@ -298,11 +406,11 @@
bool TpmInteruptOn(uint32_t intEnable);
bool RequestLocality(TIS_TPM20::TIS_LOCALITY locality);
bool ReleaseLocality();
- bool AbortCommand();
// Top interface to caller
#ifndef TPM_TIS_NO_COMMAND_FILTERING
TIS_RESULT ApplyFilter(TIS_TPM20::TIS_LOCALITY locality, uint8_t* pbCmd, uint32_t cbCmd);
#endif
- TPM_RC ParseResponseHeader(uint8_t* pbRsp, uint32_t cbRsp, uint16_t* rspTag, uint32_t* rspSize);
+ TPM_RC ParseResponseHeader(TPM_ST* tag, UINT32* rspSize, uint8_t** buffer, int32_t* size);
};
+