xref: /aosp_15_r20/external/vboot_reference/firmware/include/tpm1_tss_constants.h (revision 8617a60d3594060b7ecbd21bc622a7c14f3cf2bc) 
1 /* Copyright 2016 The ChromiumOS Authors
2  * Use of this source code is governed by a BSD-style license that can be
3  * found in the LICENSE file.
4  *
5  * Some TPM constants and type definitions for standalone compilation for use
6  * in the firmware
7  */
8 
9 #ifndef VBOOT_REFERENCE_TPM1_TSS_CONSTANTS_H_
10 #define VBOOT_REFERENCE_TPM1_TSS_CONSTANTS_H_
11 
12 #include <stdint.h>
13 
14 #ifdef __cplusplus
15 extern "C" {
16 #endif  /* __cplusplus */
17 
18 #define TPM_MAX_COMMAND_SIZE 4096
19 #define TPM_LARGE_ENOUGH_COMMAND_SIZE 256  /* saves space in the firmware */
20 #define TPM_PUBEK_SIZE 256
21 #define TPM_PCR_DIGEST 20
22 
23 #define TPM_NV_INDEX0            ((uint32_t) 0x00000000)
24 #define TPM_NV_INDEX_LOCK        ((uint32_t) 0xffffffff)
25 #define TPM_NV_INDEX_TRIAL       ((uint32_t) 0x0000f004)
26 
27 #define TPM_NV_PER_READ_STCLEAR        (((uint32_t)1) << 31)
28 #define TPM_NV_PER_AUTHREAD            (((uint32_t)1) << 18)
29 #define TPM_NV_PER_OWNERREAD           (((uint32_t)1) << 17)
30 #define TPM_NV_PER_PPREAD              (((uint32_t)1) << 16)
31 #define TPM_NV_PER_GLOBALLOCK          (((uint32_t)1) << 15)
32 #define TPM_NV_PER_WRITE_STCLEAR       (((uint32_t)1) << 14)
33 #define TPM_NV_PER_WRITEDEFINE         (((uint32_t)1) << 13)
34 #define TPM_NV_PER_WRITEALL            (((uint32_t)1) << 12)
35 #define TPM_NV_PER_AUTHWRITE           (((uint32_t)1) << 2)
36 #define TPM_NV_PER_OWNERWRITE          (((uint32_t)1) << 1)
37 #define TPM_NV_PER_PPWRITE             (((uint32_t)1) << 0)
38 
39 #define TPM_TAG_NV_ATTRIBUTES          ((uint16_t) 0x0017)
40 #define TPM_TAG_NV_DATA_PUBLIC         ((uint16_t) 0x0018)
41 #define TPM_TAG_KEY12                  ((uint16_t) 0x0028)
42 
43 #define TPM_TAG_RQU_COMMAND       ((uint16_t) 0xc1)
44 #define TPM_TAG_RQU_AUTH1_COMMAND ((uint16_t) 0xc2)
45 #define TPM_TAG_RQU_AUTH2_COMMAND ((uint16_t) 0xc3)
46 
47 #define TPM_TAG_RSP_COMMAND       ((uint16_t) 0xc4)
48 #define TPM_TAG_RSP_AUTH1_COMMAND ((uint16_t) 0xc5)
49 #define TPM_TAG_RSP_AUTH2_COMMAND ((uint16_t) 0xc6)
50 
51 typedef uint8_t TSS_BOOL;
52 typedef uint8_t TPM_BOOL;
53 typedef uint16_t TPM_TAG;
54 typedef uint16_t TPM_STRUCTURE_TAG;
55 typedef uint32_t TPM_NV_INDEX;
56 typedef uint32_t TPM_NV_PER_ATTRIBUTES;
57 typedef uint8_t TPM_LOCALITY_SELECTION;
58 typedef uint32_t TPM_COMMAND_CODE;
59 typedef uint16_t TPM_PHYSICAL_PRESENCE;
60 typedef uint16_t TPM_STARTUP_TYPE;
61 typedef uint32_t TPM_CAPABILITY_AREA;
62 typedef uint8_t TPM_FAMILY_LABEL;
63 typedef uint32_t TPM_FAMILY_ID;
64 typedef uint32_t TPM_FAMILY_VERIFICATION;
65 typedef uint32_t TPM_FAMILY_FLAGS;
66 
67 #define TPM_CAP_FLAG           ((uint32_t) 0x00000004)
68 #define TPM_CAP_FLAG_PERMANENT ((uint32_t) 0x00000108)
69 #define TPM_CAP_FLAG_VOLATILE  ((uint32_t) 0x00000109)
70 
71 #define TPM_CAP_PROPERTY        ((uint32_t) 0x00000005)
72 #define TPM_CAP_PROP_OWNER      ((uint32_t) 0x00000111)
73 #define TPM_CAP_NV_INDEX        ((uint32_t) 0x00000011)
74 #define TPM_CAP_GET_VERSION_VAL ((uint32_t) 0x0000001a)
75 
76 #define TPM_AUTH_ALWAYS  ((uint8_t) 0x01)
77 
78 #define TPM_KEY_USAGE_STORAGE ((uint16_t) 0x0011)
79 
80 #define TPM_ALG_RSA ((uint16_t)0x0001)
81 
82 #define TPM_ES_RSAESOAEP_SHA1_MGF1 ((uint16_t)0x0003)
83 
84 #define TPM_SS_NONE ((uint16_t)0x0001)
85 
86 #define TPM_PID_OWNER ((uint16_t) 0x0005)
87 
88 #define TPM_ET_OWNER ((uint32_t) 0x02)
89 
90 #define TPM_FAMILY_CREATE ((uint32_t) 0x00000001)
91 
92 #define TPM_ST_CLEAR       ((uint16_t) 0x0001)
93 #define TPM_ST_STATE       ((uint16_t) 0x0002)
94 #define TPM_ST_DEACTIVATED ((uint16_t) 0x0003)
95 
96 #define TPM_LOC_FOUR   (((uint32_t)1)<<4)
97 #define TPM_LOC_THREE  (((uint32_t)1)<<3)
98 #define TPM_LOC_TWO    (((uint32_t)1)<<2)
99 #define TPM_LOC_ONE    (((uint32_t)1)<<1)
100 #define TPM_LOC_ZERO   (((uint32_t)1)<<0)
101 
102 #define TPM_ALL_LOCALITIES (TPM_LOC_ZERO | TPM_LOC_ONE | TPM_LOC_TWO    \
103 			    | TPM_LOC_THREE | TPM_LOC_FOUR)  /* 0x1f */
104 
105 #define TPM_PHYSICAL_PRESENCE_LOCK          ((uint16_t) 0x0004)
106 #define TPM_PHYSICAL_PRESENCE_PRESENT       ((uint16_t) 0x0008)
107 #define TPM_PHYSICAL_PRESENCE_NOTPRESENT    ((uint16_t) 0x0010)
108 #define TPM_PHYSICAL_PRESENCE_CMD_ENABLE    ((uint16_t) 0x0020)
109 #define TPM_PHYSICAL_PRESENCE_HW_ENABLE     ((uint16_t) 0x0040)
110 #define TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ((uint16_t) 0x0080)
111 #define TPM_PHYSICAL_PRESENCE_CMD_DISABLE   ((uint16_t) 0x0100)
112 #define TPM_PHYSICAL_PRESENCE_HW_DISABLE    ((uint16_t) 0x0200)
113 
114 #define TPM_SHA1_160_HASH_LEN    0x14
115 #define TPM_SHA1BASED_NONCE_LEN  TPM_SHA1_160_HASH_LEN
116 
117 #define TPM_AUTH_DATA_LEN    0x14
118 
119 #define TPM_RSA_2048_LEN    0x100
120 
121 typedef struct tdTPM_DIGEST
122 {
123 	uint8_t  digest[TPM_SHA1_160_HASH_LEN];
124 } TPM_DIGEST;
125 
126 typedef TPM_DIGEST TPM_COMPOSITE_HASH;
127 
128 typedef struct tdTPM_PCR_SELECTION
129 {
130 	uint16_t  sizeOfSelect;
131 	uint8_t   pcrSelect[3];
132 } __attribute__((packed)) TPM_PCR_SELECTION;
133 
134 typedef struct tdTPM_NV_ATTRIBUTES
135 {
136 	TPM_STRUCTURE_TAG     tag;
137 	TPM_NV_PER_ATTRIBUTES attributes;
138 } __attribute__((packed)) TPM_NV_ATTRIBUTES;
139 
140 typedef struct tdTPM_PCR_INFO_SHORT
141 {
142 	TPM_PCR_SELECTION      pcrSelection;
143 	TPM_LOCALITY_SELECTION localityAtRelease;
144 	TPM_COMPOSITE_HASH     digestAtRelease;
145 } __attribute__((packed)) TPM_PCR_INFO_SHORT;
146 
147 typedef struct tdTPM_PERMANENT_FLAGS
148 {
149 	TPM_STRUCTURE_TAG tag;
150 	TSS_BOOL disable;
151 	TSS_BOOL ownership;
152 	TSS_BOOL deactivated;
153 	TSS_BOOL readPubek;
154 	TSS_BOOL disableOwnerClear;
155 	TSS_BOOL allowMaintenance;
156 	TSS_BOOL physicalPresenceLifetimeLock;
157 	TSS_BOOL physicalPresenceHWEnable;
158 	TSS_BOOL physicalPresenceCMDEnable;
159 	TSS_BOOL CEKPUsed;
160 	TSS_BOOL TPMpost;
161 	TSS_BOOL TPMpostLock;
162 	TSS_BOOL FIPS;
163 	TSS_BOOL Operator;
164 	TSS_BOOL enableRevokeEK;
165 	TSS_BOOL nvLocked;
166 	TSS_BOOL readSRKPub;
167 	TSS_BOOL tpmEstablished;
168 	TSS_BOOL maintenanceDone;
169 	TSS_BOOL disableFullDALogicInfo;
170 } TPM_PERMANENT_FLAGS;
171 
172 typedef struct tdTPM_STCLEAR_FLAGS{
173 	TPM_STRUCTURE_TAG tag;
174 	TSS_BOOL deactivated;
175 	TSS_BOOL disableForceClear;
176 	TSS_BOOL physicalPresence;
177 	TSS_BOOL physicalPresenceLock;
178 	TSS_BOOL bGlobalLock;
179 } TPM_STCLEAR_FLAGS;
180 
181 typedef struct tdTPM_NV_DATA_PUBLIC
182 {
183 	TPM_STRUCTURE_TAG  tag;
184 	TPM_NV_INDEX       nvIndex;
185 	TPM_PCR_INFO_SHORT pcrInfoRead;
186 	TPM_PCR_INFO_SHORT pcrInfoWrite;
187 	TPM_NV_ATTRIBUTES  permission;
188 	TPM_BOOL           bReadSTClear;
189 	TPM_BOOL           bWriteSTClear;
190 	TPM_BOOL           bWriteDefine;
191 	uint32_t           dataSize;
192 } TPM_NV_DATA_PUBLIC;
193 
194 typedef struct tdTPM_NONCE
195 {
196 	uint8_t nonce[TPM_SHA1BASED_NONCE_LEN];
197 } TPM_NONCE;
198 
199 typedef struct tdTPM_FAMILY_TABLE_ENTRY
200 {
201 	TPM_STRUCTURE_TAG tag;
202 	TPM_FAMILY_LABEL familyLabel;
203 	TPM_FAMILY_ID familyID;
204 	TPM_FAMILY_VERIFICATION verificationCount;
205 	TPM_FAMILY_FLAGS flags;
206 } TPM_FAMILY_TABLE_ENTRY;
207 
208 typedef struct tdTPM_IFX_FIRMWAREPACKAGE {
209 	uint32_t FwPackageIdentifier;
210 	uint32_t Version;
211 	uint32_t StaleVersion;
212 } TPM_IFX_FIRMWAREPACKAGE;
213 
214 typedef struct tdTPM_IFX_FIELDUPGRADEINFO
215 {
216 	uint16_t wMaxDataSize;
217 	TPM_IFX_FIRMWAREPACKAGE sBootloaderFirmwarePackage;
218 	TPM_IFX_FIRMWAREPACKAGE sFirmwarePackages[2];
219 	uint16_t wSecurityModuleStatus;
220 	TPM_IFX_FIRMWAREPACKAGE sProcessFirmwarePackage;
221 	uint16_t wFieldUpgradeCounter;
222 } TPM_IFX_FIELDUPGRADEINFO;
223 
224 typedef struct tdTPM_NV_AUTH_POLICY
225 {
226 	TPM_PCR_INFO_SHORT pcr_info_read;
227 	TPM_PCR_INFO_SHORT pcr_info_write;
228 } TPM_NV_AUTH_POLICY;
229 
230 #define TPM_IFX_FieldUpgradeInfoRequest2  ((uint8_t) 0x11)
231 
232 /* Ordinals */
233 
234 #define TPM_ORD_ContinueSelfTest        ((uint32_t) 0x00000053)
235 #define TPM_ORD_Delegate_Manage         ((uint32_t) 0x000000D2)
236 #define TPM_ORD_Delegate_ReadTable      ((uint32_t) 0x000000DB)
237 #define TPM_ORD_Extend                  ((uint32_t) 0x00000014)
238 #define TPM_ORD_FieldUpgrade            ((uint32_t) 0x000000AA)
239 #define TPM_ORD_ForceClear              ((uint32_t) 0x0000005D)
240 #define TPM_ORD_GetCapability           ((uint32_t) 0x00000065)
241 #define TPM_ORD_GetRandom               ((uint32_t) 0x00000046)
242 #define TPM_ORD_NV_DefineSpace          ((uint32_t) 0x000000CC)
243 #define TPM_ORD_NV_ReadValue            ((uint32_t) 0x000000CF)
244 #define TPM_ORD_NV_WriteValue           ((uint32_t) 0x000000CD)
245 #define TPM_ORD_OIAP                    ((uint32_t) 0x0000000A)
246 #define TPM_ORD_OSAP                    ((uint32_t) 0x0000000B)
247 #define TPM_ORD_PcrRead                 ((uint32_t) 0x00000015)
248 #define TPM_ORD_PhysicalEnable          ((uint32_t) 0x0000006F)
249 #define TPM_ORD_PhysicalDisable         ((uint32_t) 0x00000070)
250 #define TSC_ORD_PhysicalPresence        ((uint32_t) 0x4000000A)
251 #define TPM_ORD_PhysicalSetDeactivated  ((uint32_t) 0x00000072)
252 #define TPM_ORD_ReadPubek               ((uint32_t) 0x0000007C)
253 #define TPM_ORD_SaveState               ((uint32_t) 0x00000098)
254 #define TPM_ORD_SelfTestFull            ((uint32_t) 0x00000050)
255 #define TPM_ORD_Startup                 ((uint32_t) 0x00000099)
256 #define TPM_ORD_TakeOwnership           ((uint32_t) 0x0000000D)
257 
258 #ifdef __cplusplus
259 }
260 #endif  /* __cplusplus */
261 
262 #endif  /* VBOOT_REFERENCE_TPM1_TSS_CONSTANTS_H_ */
263