1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
|
/*
* Copyright 2015 The Chromium OS Authors. All rights reserved.
* Use of this source code is governed by a BSD-style license that can be
* found in the LICENSE file.
*/
#ifndef __SOURCE_CRYPTUTIL_FP_H
#define __SOURCE_CRYPTUTIL_FP_H
BOOL CryptAreKeySizesConsistent(
TPMT_PUBLIC *publicArea // IN: the public area to check
);
TPMI_YES_NO CryptCapGetECCCurve(
TPM_ECC_CURVE curveID, // IN: the starting ECC curve
UINT32 maxCount, // IN: count of returned curve
TPML_ECC_CURVE *curveList // OUT: ECC curve list
);
UINT32 CryptCapGetEccCurveNumber(void);
UINT16 CryptCommit(void);
LIB_EXPORT int CryptCompare(const UINT32 aSize, // IN: size of a
const BYTE *a, // IN: a buffer
const UINT32 bSize, // IN: size of b
const BYTE *b // IN: b buffer
);
TPM_RC CryptCommitCompute(
TPMS_ECC_POINT *K, // OUT: [d]B
TPMS_ECC_POINT *L, // OUT: [r]B
TPMS_ECC_POINT *E, // OUT: [r]M
TPM_ECC_CURVE curveID, // IN: The curve for the computation
TPMS_ECC_POINT *M, // IN: M (P1)
TPMS_ECC_POINT *B, // IN: B (x2, y2)
TPM2B_ECC_PARAMETER *d, // IN: the private scalar
TPM2B_ECC_PARAMETER *r // IN: the computed r value
);
int CryptCompareSigned(UINT32 aSize, // IN: size of a
BYTE *a, // IN: a buffer
UINT32 bSize, // IN: size of b
BYTE *b // IN: b buffer
);
void CryptComputeSymmetricUnique(
TPMI_ALG_HASH nameAlg, // IN: object name algorithm
TPMT_SENSITIVE *sensitive, // IN: sensitive area
TPM2B_DIGEST *unique // OUT: unique buffer
);
LIB_EXPORT UINT16
CryptCompleteHMAC2B(HMAC_STATE *hmacState, // IN: the state of HMAC stack
TPM2B *digest // OUT: HMAC
);
LIB_EXPORT UINT16
CryptCompleteHash(void *state, // IN: the state of hash stack
UINT16 digestSize, // IN: size of digest buffer
BYTE *digest // OUT: hash digest
);
UINT16 CryptCompleteHash2B(
void *state, // IN: the state of hash stack
TPM2B *digest // IN: the size of the buffer Out: requested number of byte
);
TPM_RC CryptCreateObject(
TPM_HANDLE parentHandle, // IN/OUT: indication of the seed source
TPMT_PUBLIC *publicArea, // IN/OUT: public area
TPMS_SENSITIVE_CREATE *sensitiveCreate, // IN: sensitive creation
TPMT_SENSITIVE *sensitive // OUT: sensitive area
);
void CryptDrbgGetPutState(GET_PUT direction // IN: Get from or put to DRBG
);
TPM_RC CryptDecryptRSA(
UINT16 *dataOutSize, // OUT: size of plain text in byte
BYTE *dataOut, // OUT: plain text
OBJECT *rsaKey, // IN: internal RSA key
TPMT_RSA_DECRYPT *scheme, // IN: selects the padding scheme
UINT16 cipherInSize, // IN: size of cipher text in byte
BYTE *cipherIn, // IN: cipher text
const char *label // IN: a label, when needed
);
TPM_RC CryptDivide(
TPM2B *numerator, // IN: numerator
TPM2B *denominator, // IN: denominator
TPM2B *quotient, // OUT: quotient = numerator / denominator.
TPM2B *remainder // OUT: numerator mod denominator.
);
void CryptDrbgGetPutState(GET_PUT direction // IN: Get from or put to DRBG
);
//
//
// 10.2.6.3 CryptEccGetKeySizeBytes()
//
// This macro returns the size of the ECC key in bytes. It uses
// CryptEccGetKeySizeInBits().
//
#define CryptEccGetKeySizeInBytes(curve) \
((CryptEccGetKeySizeInBits(curve) + 7) / 8)
TPM_RC CryptEcc2PhaseKeyExchange(
TPMS_ECC_POINT *outZ1, // OUT: the computed point
TPMS_ECC_POINT *outZ2, // OUT: optional second point
TPM_ALG_ID scheme, // IN: the key exchange scheme
TPM_ECC_CURVE curveId, // IN: the curve for the computation
TPM2B_ECC_PARAMETER *dsA, // IN: static private TPM key
TPM2B_ECC_PARAMETER *deA, // IN: ephemeral private TPM key
TPMS_ECC_POINT *QsB, // IN: static public party B key
TPMS_ECC_POINT *QeB // IN: ephemeral public party B key
);
TPM_RC CryptEncryptRSA(
UINT16 *cipherOutSize, // OUT: size of cipher text in byte
BYTE *cipherOut, // OUT: cipher text
OBJECT *rsaKey, // IN: internal RSA key
TPMT_RSA_DECRYPT *scheme, // IN: selects the padding scheme
UINT16 dataInSize, // IN: size of plain text in byte
BYTE *dataIn, // IN: plain text
const char *label // IN: an optional label
);
TPM_ALG_ID CryptGetContextAlg(void *state // IN: the context to check
);
LIB_EXPORT TPM_ALG_ID CryptGetHashAlgByIndex(UINT32 index // IN: the index
);
LIB_EXPORT UINT16
CryptGetHashDigestSize(TPM_ALG_ID hashAlg // IN: hash algorithm
);
LIB_EXPORT const TPM2B *CryptEccGetParameter(
char p, // IN: the parameter selector
TPM_ECC_CURVE curveId // IN: the curve id
);
BOOL CryptEccGetParameters(
TPM_ECC_CURVE curveId, // IN: ECC curve ID
TPMS_ALGORITHM_DETAIL_ECC *parameters // OUT: ECC parameter
);
TPM_RC CryptEccPointMultiply(TPMS_ECC_POINT *pOut, // OUT: output point
TPM_ECC_CURVE curveId, // IN: curve selector
TPM2B_ECC_PARAMETER *dIn, // IN: public scalar
TPMS_ECC_POINT *pIn // IN: optional point
);
BOOL CryptEccIsPointOnCurve(TPM_ECC_CURVE curveID, // IN: ECC curve ID
TPMS_ECC_POINT *Q // IN: ECC point
);
void CryptEndCommit(UINT16 c // IN: the counter value of the commitment
);
BOOL CryptGenerateR(
TPM2B_ECC_PARAMETER *r, // OUT: the generated random value
UINT16 *c, // IN/OUT: count value.
TPMI_ECC_CURVE curveID, // IN: the curve for the value
TPM2B_NAME *name // IN: optional name of a key to associate with 'r'
);
UINT16 CryptGenerateRandom(UINT16 randomSize, // IN: size of random number
BYTE *buffer // OUT: buffer of random number
);
void CryptGenerateNewSymmetric(
TPMS_SENSITIVE_CREATE *sensitiveCreate, // IN: sensitive creation data
TPMT_SENSITIVE *sensitive, // OUT: sensitive area
TPM_ALG_ID hashAlg, // IN: hash algorithm for the KDF
TPM2B_SEED *seed, // IN: seed used in creation
TPM2B_NAME *name // IN: name of the object
);
const TPMT_ECC_SCHEME *CryptGetCurveSignScheme(
TPM_ECC_CURVE curveId // IN: The curve selector
);
LIB_EXPORT UINT16
CryptGetHashDigestSize(TPM_ALG_ID hashAlg // IN: hash algorithm
);
TPMI_ALG_HASH CryptGetSignHashAlg(TPMT_SIGNATURE *auth // IN: signature
);
INT16 CryptGetSymmetricBlockSize(
TPMI_ALG_SYM algorithm, // IN: symmetric algorithm
UINT16 keySize // IN: key size in bit
);
TPM_RC CryptGetTestResult(TPM2B_MAX_BUFFER *outData // OUT: test result data
);
LIB_EXPORT UINT16
CryptHashBlock(TPM_ALG_ID algId, // IN: the hash algorithm to use
UINT16 blockSize, // IN: size of the data block
BYTE *block, // IN: address of the block to hash
UINT16 retSize, // IN: size of the return buffer
BYTE *ret // OUT: address of the buffer
);
//
//
//
// 10.2.4.23 CryptKDFa()
//
// This function generates a key using the KDFa() formulation in Part 1 of the
// TPM specification. In this implementation, this is a macro invocation of
// _cpri__KDFa() in the hash module of the CryptoEngine(). This macro sets
// once to FALSE so that KDFa() will iterate as many times as necessary to
// generate sizeInBits number of bits.
//
#define CryptKDFa(hashAlg, key, label, contextU, contextV, sizeInBits, \
keyStream, counterInOut) \
TEST_HASH(hashAlg); \
_cpri__KDFa(((TPM_ALG_ID)hashAlg), ((TPM2B *)key), ((const char *)label), \
((TPM2B *)contextU), ((TPM2B *)contextV), ((UINT32)sizeInBits), \
((BYTE *)keyStream), ((UINT32 *)counterInOut), ((BOOL)FALSE))
//
//
// 10.2.4.24 CryptKDFaOnce()
//
// This function generates a key using the KDFa() formulation in Part 1 of the
// TPM specification. In this implementation, this is a macro invocation of
// _cpri__KDFa() in the hash module of the CryptoEngine(). This macro will
// call _cpri__KDFa() with once TRUE so that only one iteration is performed,
// regardless of sizeInBits.
//
#define CryptKDFaOnce(hashAlg, key, label, contextU, contextV, sizeInBits, \
keyStream, counterInOut) \
TEST_HASH(hashAlg); \
_cpri__KDFa(((TPM_ALG_ID)hashAlg), ((TPM2B *)key), ((const char *)label), \
((TPM2B *)contextU), ((TPM2B *)contextV), ((UINT32)sizeInBits), \
((BYTE *)keyStream), ((UINT32 *)counterInOut), ((BOOL)TRUE))
//
//
// 10.2.4.26 CryptKDFe()
//
// This function generates a key using the KDFa() formulation in Part 1 of
// the TPM specification. In this implementation, this is a macro invocation
// of _cpri__KDFe() in the hash module of the CryptoEngine().
//
#define CryptKDFe(hashAlg, Z, label, partyUInfo, partyVInfo, sizeInBits, \
keyStream) \
TEST_HASH(hashAlg); \
_cpri__KDFe(((TPM_ALG_ID)hashAlg), ((TPM2B *)Z), ((const char *)label), \
((TPM2B *)partyUInfo), ((TPM2B *)partyVInfo), \
((UINT32)sizeInBits), ((BYTE *)keyStream))
void CryptHashStateImportExport(
HASH_STATE *internalFmt, // IN: state to LIB_EXPORT
HASH_STATE *externalFmt, // OUT: exported state
IMPORT_EXPORT direction);
void CryptInitUnits(void);
BOOL CryptIsAsymAlgorithm(TPM_ALG_ID algID // IN: algorithm ID
);
BOOL CryptIsDecryptScheme(TPMI_ALG_ASYM_SCHEME scheme);
BOOL CryptIsSchemeAnonymous(
TPM_ALG_ID scheme // IN: the scheme algorithm to test
);
BOOL CryptIsSignScheme(TPMI_ALG_ASYM_SCHEME scheme);
BOOL CryptIsSplitSign(TPM_ALG_ID scheme // IN: the algorithm selector
);
TPM_RC CryptNewEccKey(TPM_ECC_CURVE curveID, // IN: ECC curve
TPMS_ECC_POINT *publicPoint, // OUT: public point
TPM2B_ECC_PARAMETER *sensitive // OUT: private area
);
BOOL CryptObjectIsPublicConsistent(TPMT_PUBLIC *publicArea // IN: public area
);
TPM_RC CryptObjectPublicPrivateMatch(OBJECT *object // IN: the object to check
);
TPM_RC CryptParameterDecryption(
TPM_HANDLE handle, // IN: encrypted session handle
TPM2B *nonceCaller, // IN: nonce caller
UINT32 bufferSize, // IN: size of parameter buffer
UINT16
leadingSizeInByte, // IN: the size of the leading size field in byte
TPM2B_AUTH *extraKey, // IN: the authValue
BYTE *buffer // IN/OUT: parameter buffer to be decrypted
);
void CryptParameterEncryption(
TPM_HANDLE handle, // IN: encrypt session handle
TPM2B *nonceCaller, // IN: nonce caller
UINT16 leadingSizeInByte, // IN: the size of the leading size field in byte
TPM2B_AUTH *
extraKey, // IN: additional key material other than session auth
BYTE *buffer // IN/OUT: parameter buffer to be encrypted
);
TPM_RC CryptSecretDecrypt(
TPM_HANDLE tpmKey, // IN: decrypt key
TPM2B_NONCE *nonceCaller, // IN: nonceCaller. It is needed for symmetric
// decryption. For asymmetric decryption, this
// parameter is NULL
const char *label, // IN: a null-terminated string as L
TPM2B_ENCRYPTED_SECRET *secret, // IN: input secret
TPM2B_DATA *data // OUT: decrypted secret value
);
TPM_RC CryptSecretEncrypt(
TPMI_DH_OBJECT keyHandle, // IN: encryption key handle
const char *label, // IN: a null-terminated string as L
TPM2B_DATA *data, // OUT: secret value
TPM2B_ENCRYPTED_SECRET *secret // OUT: secret structure
);
TPMT_RSA_DECRYPT *CryptSelectRSAScheme(
TPMI_DH_OBJECT rsaHandle, // IN: handle of sign key
TPMT_RSA_DECRYPT *scheme // IN: a sign or decrypt scheme
);
TPM_RC CryptSelectSignScheme(
TPMI_DH_OBJECT signHandle, // IN: handle of signing key
TPMT_SIG_SCHEME *scheme // IN/OUT: signing scheme
);
TPM_RC CryptSign(TPMI_DH_OBJECT signHandle, // IN: The handle of sign key
TPMT_SIG_SCHEME *signScheme, // IN: sign scheme.
TPM2B_DIGEST *digest, // IN: The digest being signed
TPMT_SIGNATURE *signature // OUT: signature
);
LIB_EXPORT UINT16
CryptStartHMAC2B(TPMI_ALG_HASH hashAlg, // IN: hash algorithm
TPM2B *key, // IN: HMAC key
HMAC_STATE *hmacState // OUT: the state of HMAC stack. It will
// be used in HMAC update and completion
);
UINT16 CryptStartHMACSequence2B(TPMI_ALG_HASH hashAlg, // IN: hash algorithm
TPM2B *key, // IN: HMAC key
HMAC_STATE *hmacState // OUT: the state of HMAC
// stack. It will be used
// in HMAC update and
// completion
);
UINT16 CryptStartHashSequence(TPMI_ALG_HASH hashAlg, // IN: hash algorithm
HASH_STATE *hashState // OUT: the state of hash
// stack. It will be used
// in hash update and
// completion
);
void CryptStirRandom(UINT32 entropySize, // IN: size of entropy buffer
BYTE *buffer // IN: entropy buffer
);
void CryptStopUnits(void);
void CryptSymmetricDecrypt(
BYTE *decrypted,
TPM_ALG_ID algorithm, // IN: algorithm for encryption
UINT16 keySizeInBits, // IN: key size in bit
TPMI_ALG_SYM_MODE mode, // IN: symmetric encryption mode
BYTE *key, // IN: encryption key
TPM2B_IV *ivIn, // IN/OUT: IV for next block
UINT32 dataSize, // IN: data size in byte
BYTE *data // IN/OUT: data buffer
);
void CryptSymmetricEncrypt(
BYTE *encrypted, // OUT: the encrypted data
TPM_ALG_ID algorithm, // IN: algorithm for encryption
UINT16 keySizeInBits, // IN: key size in bit
TPMI_ALG_SYM_MODE mode, // IN: symmetric encryption mode
BYTE *key, // IN: encryption key
TPM2B_IV *ivIn, // IN/OUT: Input IV and output chaining value for the
// next block
UINT32 dataSize, // IN: data size in byte
BYTE *data // IN/OUT: data buffer
);
UINT16 CryptStartHash(TPMI_ALG_HASH hashAlg, // IN: hash algorithm
HASH_STATE *hashState // OUT: the state of hash stack. It
// will be used in hash update and
// completion
);
void CryptUpdateDigest(void *digestState, // IN: the state of hash stack
UINT32 dataSize, // IN: the size of data
BYTE *data // IN: data to be hashed
);
LIB_EXPORT void CryptUpdateDigest2B(void *digestState, // IN: the digest state
TPM2B *bIn // IN: 2B containing the data
);
void CryptUpdateDigestInt(void *state, // IN: the state of hash stack
UINT32 intSize, // IN: the size of 'intValue' in byte
void *intValue // IN: integer value to be hashed
);
BOOL CryptUtilStartup(STARTUP_TYPE type // IN: the startup type
);
TPM_RC CryptVerifySignature(
TPMI_DH_OBJECT keyHandle, // IN: The handle of sign key
TPM2B_DIGEST *digest, // IN: The digest being validated
TPMT_SIGNATURE *signature // IN: signature
);
void KDFa(TPM_ALG_ID hash, // IN: hash algorithm used in HMAC
TPM2B *key, // IN: HMAC key
const char *label, // IN: a null-terminated label for KDF
TPM2B *contextU, // IN: context U
TPM2B *contextV, // IN: context V
UINT32 sizeInBits, // IN: size of generated key in bit
BYTE *keyStream, // OUT: key buffer
UINT32 *counterInOut // IN/OUT: caller may provide the iteration
// counter for incremental operations to avoid
// large intermediate buffers.
);
#endif // __SOURCE_CRYPTUTIL_FP_H
|