xref: /aosp_15_r20/external/tpm2-tss/test/integration/sapi-util.h (revision 758e9fba6fc9adbf15340f70c73baee7b168b1c9)

/* SPDX-License-Identifier: BSD-2-Clause */
/***********************************************************************
 * Copyright (c) 2017-2018, Intel Corporation
 *
 * All rights reserved.
 ***********************************************************************/
#ifndef TEST_INTEGRATION_SAPI_UTIL_H
#define TEST_INTEGRATION_SAPI_UTIL_H

#include "tss2_tpm2_types.h"
#include "tss2_sys.h"
#include "util/tpm2b.h"

/*
 * This macro is like the GNU TEMP_FAILURE_RETRY macro for the
 * TPM2_RC_RETRY response code.
 */
#define TSS2_RETRY_EXP(expression)                         \
    ({                                                     \
        TSS2_RC __result = 0;                              \
        do {                                               \
            __result = (expression);                       \
        } while ((__result & 0x0000ffff) == TPM2_RC_RETRY); \
        __result;                                          \
    })
/*
 * tpm2b default initializers, these set the size to the max for the default
 * structure and zero's the data area.
 */
#define TPM2B_SIZE(type) (sizeof (type) - 2)
#define TPM2B_NAMED_INIT(type, field) \
    { \
        .size = TPM2B_SIZE (type), \
        .field = { 0 } \
    }
#define TPM2B_DIGEST_INIT TPM2B_NAMED_INIT (TPM2B_DIGEST, buffer)
#define TPM2B_NAME_INIT TPM2B_NAMED_INIT (TPM2B_NAME, name)
#define TPM2B_PRIVATE_INIT TPM2B_NAMED_INIT (TPM2B_PRIVATE, buffer)

#define TPM2B_MAX_BUFFER_INIT { .size = TPM2_MAX_DIGEST_BUFFER }
#define TPM2B_IV_INIT { .size = TPM2_MAX_SYM_BLOCK_SIZE }

#define BUFFER_SIZE(type, field) (sizeof((((type *)NULL)->t.field)))
#define TPM2B_TYPE_INIT(type, field) { .size = BUFFER_SIZE(type, field), }
/*
 * Use te provide SAPI context to create & load a primary key. The key will
 * be a 2048 bit (restricted decryption) RSA key. The associated symmetric
 * key is a 128 bit AES (CFB mode) key.
 */
TSS2_RC
create_primary_rsa_2048_aes_128_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPM2_HANDLE       *handle);
/*
 * This function creates a 128 bit symmetric AES key in cbc mode. This key will
 * be created as the child of the parameter 'handle_parent'. The handle for the
 * newly created AND loaded key is returned in the parameter 'handle'.
 */
TSS2_RC
create_aes_128_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPM2_HANDLE        handle_parent,
    TPM2_HANDLE       *handle);

/*
 * This function creates a RSA key of KEYEDHASH type.
 */
TSS2_RC
create_keyedhash_key (
    TSS2_SYS_CONTEXT *sapi_context,
    TPM2_HANDLE       handle_parent,
    TPM2_HANDLE      *handle);

/*
 * This function will decrypt or encrypt the 'data_in' buffer and return the
 * results in the 'data_out' parameter. Decrypt or encrypt is selected using
 * the 'decrypt' TPMI_YES_NO parameter. The key used for the operation is
 * provided in the 'handle' parameter.
 * Under the covers this function uses an IV of all zeros and so it can not
 * be used for streaming. It can only be used to encrypt or decrypt a single
 * buffer. This function uses tpm to perform encryption.
 */
TSS2_RC
tpm_encrypt_decrypt_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPMI_DH_OBJECT    handle,
    TPMI_YES_NO       decrypt,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *data_out);
/*
 * This is a convenience wrapper around the encrypt_decrypt_cfb function.
 * This function uses tpm to perform encryption.
 */
TSS2_RC
tpm_encrypt_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPMI_DH_OBJECT    handle,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *data_out);
/*
 * This is a convenience wrapper around the encrypt_decrypt_cfb function.
 * This function uses tpm to perform encryption.
 */
TSS2_RC
tpm_decrypt_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPMI_DH_OBJECT    handle,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *data_out);
/*
 * This function is identical to the encrypt_decrypt_cfb function but under
 * the covers it uses the EncryptDecrypt2 function instead of EncryptDecrypt.
 * This function uses tpm to perform encryption.
 */
TSS2_RC
tpm_encrypt_decrypt_2_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPMI_DH_OBJECT    handle,
    TPMI_YES_NO       decrypt,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *data_out);
/*
 * This is a convenience wrapper around the encrypt_decrypt_2_cfb function.
 * This function uses tpm to perform encryption.
 */
TSS2_RC
tpm_encrypt_2_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPMI_DH_OBJECT    handle,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *data_out);
/*
 * This is a convenience wrapper around the encrypt_decrypt_2_cfb function.
 * This function uses tpm to perform encryption.
 */
TSS2_RC
tpm_decrypt_2_cfb (
    TSS2_SYS_CONTEXT *sapi_context,
    TPMI_DH_OBJECT    handle,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *data_out);
/*
 * This helper function uses software to perform decryption.
 */
TSS2_RC
decrypt_cfb (
    TPM2B_MAX_BUFFER *data_out,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *key,
    TPM2B_IV *iv);
/*
 * This helper function uses software to perform encryption.
 */
TSS2_RC
encrypt_cfb (
    TPM2B_MAX_BUFFER *data_out,
    TPM2B_MAX_BUFFER *data_in,
    TPM2B_MAX_BUFFER *key,
    TPM2B_IV *iv);

/*
 * This is a helper function for digest calculation.
 * alg can be TPM2_ALG_SHA1, TPM2_ALG_SHA256, TPM2_ALG_SHA384,
 * and TPM2_ALG_SHA512
 */
TSS2_RC
hash (
    TPM2_ALG_ID alg,
    const void *data,
    int size,
    TPM2B_DIGEST *out);

/*
 * This is a helper function for calculating HMAC.
 * alg can be TPM2_ALG_SHA1, TPM2_ALG_SHA256, TPM2_ALG_SHA384,
 * and TPM2_ALG_SHA512
 */
TSS2_RC
hmac(
    TPM2_ALG_ID alg,
    const void *key,
    int key_len,
    TPM2B_DIGEST **buffer_list,
    TPM2B_DIGEST *out);

/*
 * Returns digest size for a give hash alg
 */
UINT16
GetDigestSize(TPM2_ALG_ID hash);

TSS2_RC
CompareSizedByteBuffer(
        TPM2B *buffer1,
        TPM2B *buffer2);

TSS2_RC
ConcatSizedByteBuffer(
        TPM2B_MAX_BUFFER *result,
        TPM2B *buf);

void
CatSizedByteBuffer(
        TPM2B *dest,
        TPM2B *src);

UINT16
CopySizedByteBuffer(
        TPM2B *dest,
        const TPM2B *src);

TSS2_RC
DefineNvIndex (
    TSS2_SYS_CONTEXT *sys_ctx,
    TPMI_RH_PROVISION authHandle,
    TPM2B_AUTH *auth,
    const TPM2B_DIGEST *authPolicy,
    TPMI_RH_NV_INDEX nvIndex,
    TPMI_ALG_HASH nameAlg,
    TPMA_NV attributes,
    UINT16 size);

#endif /* TEST_INTEGRATION_SAPI_UTIL_H */