TCG TIS 1.3 compliant TPM driver to use the TPM as hardware crypto library.
The TPM 2.0 architecture, commands and structures are defined in the set of 4 Trusted Platform Module Library Specification, Family "2.0" specifications that that can be found at http://www.trustedcomputinggroup.org/resources/tpm_library_specification
The "PC Client Specific TPM Interface Specification (TIS), Version 1.3" that was used for this implementation can be found at http://www.trustedcomputinggroup.org/resources/pc_client_work_group_pc_client_specific_tpm_interface_specification_tis
All the information to get going is in SPITIS_TPM20.h!
Diff: SPITIS_TPM20.h
- Revision:
- 3:4b9ad18eae02
- Parent:
- 2:526bf792254d
- Child:
- 4:77fecfe49437
--- a/SPITIS_TPM20.h Tue Apr 07 19:13:09 2015 +0000 +++ b/SPITIS_TPM20.h Sat Apr 11 04:01:54 2015 +0000 @@ -52,30 +52,130 @@ int main() { uint32_t result = 0; + result = tpm.InitializeTis(); - printf("TIS.InitializeTis = 0x%08x\n\r", result); + printf("TIS.InitializeTis= 0x%08x\n\r", result); + if(((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) || + ((result = tpm.TPM2_Startup(TPM_SU_CLEAR)) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) || + ((result = tpm.EndSession()) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE)) + { + printf("TPM2_Startup= 0x%08x\n\r", result); + } + else + { + printf("TPM2_Startup= OK\n\r"); + } + while(1) { if(mybutton == 0) { - - TPM2B_DIGEST random = {0}; printf("Button!\n\r"); - - result = tpm.TPM2_Startup(TPM_SU_CLEAR); - printf("TPM2_Startup = 0x%08x\n\r", result); - random.t.size = 32; - result = tpm.TPM2_GetRandom(&random); - printf("TPM2_GetRandom = 0x%08x\n\r", result); - printf("Random = "); - for(uint16_t n = 0; n < random.t.size; n++) printf("%02x", random.t.buffer[n]); - printf("\n\r"); - result = tpm.TPM2_StirRandom(&random); - printf("TPM2_StirRandom = 0x%08x\n\r", result); - result = tpm.TPM2_Shutdown(TPM_SU_CLEAR); - printf("TPM2_Shutdown = 0x%08x\n\r", result); + + if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) + { + TPM2B_AUTH auth = {0}; + TPMI_DH_OBJECT hashHandle = 0; + TPML_DIGEST_VALUES values = {0}; + + result = tpm.TPM2_HashSequenceStart(&auth, TPM_ALG_NULL, &hashHandle); + printf("TPM2_HashSequenceStart= 0x%08x\n\r", result); + for(uint32_t n = 0; n < 0x80000; n += 1024) + { + if((result = tpm.TPM2_SequenceUpdate(hashHandle, &auth, (uint8_t*)(0x08000000 + n), 1024)) != TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) + { + printf("TPM2_SequenceUpdate(%d)= 0x%08x\n\r", n, result); + } + } + result = tpm.TPM2_EventSequenceComplete((TPM_HC)(HR_PCR + 0), &auth, hashHandle, &auth, &values); + printf("TPM2_EventSequenceComplete= 0x%08x\n\r", result); + for(uint32_t n = 0; n < values.count; n++) + { + printf("Digest(0x%04x)= ", (uint16_t)values.digests[n].hashAlg); + switch(values.digests[n].hashAlg) + { + case TPM_ALG_SHA1: + for(uint16_t m = 0; m < sizeof(values.digests[n].digest.sha1); m++) printf("%02x", values.digests[n].digest.sha1[m]); + break; + case TPM_ALG_SHA256: + for(uint16_t m = 0; m < sizeof(values.digests[n].digest.sha256); m++) printf("%02x", values.digests[n].digest.sha256[m]); + break; + case TPM_ALG_NULL: + break; + } + printf("\n\r"); + } + tpm.EndSession(); + printf("\n\r"); + } - wait(2); + if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) + { + TPML_PCR_SELECTION pcrSelection = {0}; + uint32_t pcrUpdateCounter = 0; + TPML_DIGEST pcrValues = {0}; + + pcrSelection.count = 2; + pcrSelection.pcrSelections[0].hash = TPM_ALG_SHA1; + pcrSelection.pcrSelections[0].sizeofSelect = 3; + pcrSelection.pcrSelections[0].pcrSelect[0] = 0x01; + pcrSelection.pcrSelections[0].pcrSelect[1] = 0x00; + pcrSelection.pcrSelections[0].pcrSelect[2] = 0x00; + pcrSelection.pcrSelections[1].hash = TPM_ALG_SHA256; + pcrSelection.pcrSelections[1].sizeofSelect = 3; + pcrSelection.pcrSelections[1].pcrSelect[0] = 0x01; + pcrSelection.pcrSelections[1].pcrSelect[1] = 0x00; + pcrSelection.pcrSelections[1].pcrSelect[2] = 0x00; + result = tpm.TPM2_PCR_Read(&pcrSelection, &pcrUpdateCounter, &pcrSelection, &pcrValues); + printf("TPM2_PCR_Read= 0x%08x\n\r", result); + for(uint32_t n = 0; n < pcrValues.count; n++) + { + printf("PCR[0](0x%04x)= ", (uint16_t)pcrSelection.pcrSelections[n].hash); + for(uint16_t m = 0; m < pcrValues.digests[n].t.size; m++) printf("%02x", pcrValues.digests[n].t.buffer[m]); + printf("\n\r"); + } + tpm.EndSession(); + printf("\n\r"); + } + + if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) + { + TPM2B_AUTH auth = {0}; + TPMI_DH_OBJECT hashHandle = 0; + TPM2B_DIGEST digest = {0}; + TPMT_TK_HASHCHECK validation = {0}; + + uint8_t testVector[] = "The quick brown fox jumps over the lazy dog"; + result = tpm.TPM2_HashSequenceStart(&auth, TPM_ALG_SHA256, &hashHandle); + printf("TPM2_HashSequenceStart= 0x%08x\n\r", result); + result = tpm.TPM2_SequenceUpdate(hashHandle, &auth, testVector, sizeof(testVector) - 1); + printf("TPM2_SequenceUpdate= 0x%08x\n\r", result); + result = tpm.TPM2_SequenceComplete(hashHandle, &auth, TPM_RH_NULL, &digest, &validation); + printf("TPM2_HashSequenceComplete= 0x%08x\n\r", result); + printf("Digest= "); + for(uint16_t n = 0; n < digest.t.size; n++) printf("%02x", digest.t.buffer[n]); + printf("\n\r"); + printf("Ref= d7a8fbb307d7809469ca9abcb0082e4f8d5651e46d3cdb762d02d0bf37c9e592\n\r"); + tpm.EndSession(); + printf("\n\r"); + } + + if((result = tpm.StartSession(TIS_TPM20::TIS_LOCALITY_0)) == TIS_TPM20::TIS_SESSION_RESULT_COMPLETE) + { + TPM2B_DIGEST random = {0}; + random.t.size = 32; + result = tpm.TPM2_GetRandom(&random); + printf("TPM2_GetRandom = 0x%08x\n\r", result); + printf("Random = "); + for(uint16_t n = 0; n < random.t.size; n++) printf("%02x", random.t.buffer[n]); + printf("\n\r"); + result = tpm.TPM2_StirRandom(&random); + printf("TPM2_StirRandom = 0x%08x\n\r", result); + tpm.EndSession(); + printf("\n\r"); + } + + wait(1); } } } @@ -95,6 +195,7 @@ #include "mbed.h" #include "TPM20.h" #include "GizmosNGadgets.h" +#include "Marshal.h" //#define TPM_TIS_DEBUG_OUTPUT 1 //#define TPM_TIS_INTERFACE_DEBUG_OUTPUT 1 @@ -152,11 +253,16 @@ } TIS_RESULT InitializeTis(); + + // Session management + TIS_RESULT StartSession(TIS_TPM20::TIS_LOCALITY locality = TIS_TPM20::TIS_LOCALITY_0); + TIS_RESULT EndSession(); // Submit a command TIS_RESULT SendCommand(uint8_t* pbCmd, uint32_t cbCmd, - TIS_TPM20::TIS_LOCALITY locality = TIS_TPM20::TIS_LOCALITY_0); + uint8_t* pbTrailingData = NULL, + uint32_t cbTrailingData = 0); // Retrieve the response TIS_RESULT RetrieveResponse(uint8_t* pbRsp, @@ -164,17 +270,19 @@ uint32_t* pcbRsp); // Attempt to abort the current command - void Abort() - { - // Best effort abort; - AbortCommand(); - ReleaseLocality(); - } + TIS_TPM20::TIS_RESULT AbortCommand(); - uint32_t TPM2_Startup(uint16_t startupType); - uint32_t TPM2_Shutdown(uint16_t shutdownType); - uint32_t TPM2_GetRandom(TPM2B_DIGEST* random); - uint32_t TPM2_StirRandom(TPM2B_DIGEST* seed); + // TPM sample commands + TPM_RC TPM2_Startup(uint16_t startupType); + TPM_RC TPM2_Shutdown(uint16_t shutdownType); + TPM_RC TPM2_GetRandom(TPM2B_DIGEST* random); + TPM_RC TPM2_StirRandom(TPM2B_DIGEST* seed); + TPM_RC TPM2_HMAC_Start(TPMI_DH_OBJECT handle, TPM2B_AUTH* handleAuth, TPM2B_AUTH* auth, TPMI_ALG_HASH hashAlg, TPMI_DH_OBJECT* sequenceHandle); + TPM_RC TPM2_HashSequenceStart(TPM2B_AUTH* auth, TPMI_ALG_HASH hashAlg, TPMI_DH_OBJECT* sequenceHandle); + TPM_RC TPM2_SequenceUpdate(TPMI_DH_OBJECT sequenceHandle, TPM2B_AUTH* sequenceHandleAuth, uint8_t* pbData, uint16_t cbData); + TPM_RC TPM2_SequenceComplete(TPMI_DH_OBJECT sequenceHandle, TPM2B_AUTH* sequenceHandleAuth, TPMI_RH_HIERARCHY hierarchy, TPM2B_DIGEST* result, TPMT_TK_HASHCHECK* validation); + TPM_RC TPM2_EventSequenceComplete(TPMI_DH_PCR pcrHandle, TPM2B_AUTH* pcrAuth, TPMI_DH_OBJECT sequenceHandle, TPM2B_AUTH* handleAuth, TPML_DIGEST_VALUES* results); + TPM_RC TPM2_PCR_Read(TPML_PCR_SELECTION* pcrSelectionIn, uint32_t* pcrUpdateCounter, TPML_PCR_SELECTION* pcrSelectionOut, TPML_DIGEST* pcrValues); private: // TIS registers addresses @@ -298,11 +406,11 @@ bool TpmInteruptOn(uint32_t intEnable); bool RequestLocality(TIS_TPM20::TIS_LOCALITY locality); bool ReleaseLocality(); - bool AbortCommand(); // Top interface to caller #ifndef TPM_TIS_NO_COMMAND_FILTERING TIS_RESULT ApplyFilter(TIS_TPM20::TIS_LOCALITY locality, uint8_t* pbCmd, uint32_t cbCmd); #endif - TPM_RC ParseResponseHeader(uint8_t* pbRsp, uint32_t cbRsp, uint16_t* rspTag, uint32_t* rspSize); + TPM_RC ParseResponseHeader(TPM_ST* tag, UINT32* rspSize, uint8_t** buffer, int32_t* size); }; +