1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3  * Copyright 2017-2018, Fraunhofer SIT sponsored by Infineon Technologies AG
4  * All rights reserved.
5  *******************************************************************************/
6 
7 #ifndef ESYS_TYPES_H
8 #define ESYS_TYPES_H
9 
10 #define ESYS_MAX_SIZE_METADATA 3072
11 
12 typedef UINT32 TSS2_ESYS_RC;
13 
14 
15 #ifndef TSS2_RC_SUCCESS
16 #define TSS2_RC_SUCCESS 0
17 #endif
18 
19 
20 /** Type of resource
21  */
22 typedef UINT32 IESYSC_RESOURCE_TYPE_CONSTANT;
23 #define IESYSC_KEY_RSRC                1    /**< Tag for key resource */
24 #define IESYSC_NV_RSRC                 2    /**< Tag for NV Ram resource */
25 #define IESYSC_SESSION_RSRC            3    /**< Tag for session resources */
26 #define IESYSC_DEGRADED_SESSION_RSRC   4    /**< Tag for degraded session resources */
27 #define IESYSC_WITHOUT_MISC_RSRC       0    /**< Tag for other resources, e.g. PCR register, hierarchies */
28 
29 /** Type to indicate parameter encryption (by TPM)
30  */
31 typedef UINT32 IESYSC_PARAM_ENCRYPT;
32 #define ENCRYPT                        1    /**< Parameter encryption by TPM */
33 #define NO_ENCRYPT                     0    /**< No parameter encryption by TPM */
34 
35 /** Type to indicate parameter decryption (by TPM)
36  */
37 typedef UINT32 IESYSC_PARAM_DECRYPT;
38 #define DECRYPT                        1    /**< Parameter decryption by TPM */
39 #define NO_DECRYPT                     0    /**< No parameter decryption by TPM */
40 
41 /** Type of policy authorization
42  */
43 typedef UINT32 IESYSC_TYPE_POLICY_AUTH;
44 #define POLICY_PASSWORD                2    /**< Marker to include auth value of the authorized object */
45 #define POLICY_AUTH                    1    /**< Marker to include the auth value in the HMAC key */
46 #define NO_POLICY_AUTH                 0    /**< no special handling */
47 
48 
49 /** Type for representing TPM-Session
50  */
51 typedef struct {
52     TPM2B_NAME                             bound_entity;    /**< Entity to which the session is bound */
53     TPM2B_ENCRYPTED_SECRET                encryptedSalt;    /**< Encrypted salt which can be provided by application */
54     TPM2B_DATA                                     salt;    /**< Salt computed if no encrypted salt is provided */
55     TPMT_SYM_DEF                              symmetric;    /**< Algorithm selection for parameter encryption */
56     TPMI_ALG_HASH                              authHash;    /**< Hashalg used for authorization */
57     TPM2B_DIGEST                             sessionKey;    /**< sessionKey used for KDFa to compute symKey */
58     TPM2_SE                                 sessionType;    /**< Type of the session (HMAC, Policy) */
59     TPMA_SESSION                      sessionAttributes;    /**< Flags which define the session behaviour */
60     TPMA_SESSION                  origSessionAttributes;    /**< Copy of flags which define the session behaviour */
61     TPM2B_NONCE                             nonceCaller;    /**< Nonce computed by the ESAPI for every session call */
62     TPM2B_NONCE                                nonceTPM;    /**< Nonce which is returned by the TPM for every session call */
63     IESYSC_PARAM_ENCRYPT                        encrypt;    /**< Indicate parameter encryption by the TPM */
64     IESYSC_PARAM_DECRYPT                        decrypt;    /**< Indicate parameter decryption by the TPM */
65     IESYSC_TYPE_POLICY_AUTH         type_policy_session;    /**< Field to store markers for policy sessions */
66     UINT16                             sizeSessionValue;    /**< Size of sessionKey plus optionally authValue */
67     BYTE                 sessionValue [2*sizeof(TPMU_HA)];    /**< sessionKey || AuthValue */
68     UINT16                                sizeHmacValue;    /**< Size of sessionKey plus optionally authValue */
69 } IESYS_SESSION;
70 
71 /** Selector type for esys resources
72  */
73 typedef UINT32                  IESYSC_RESOURCE_TYPE;
74 
75 /** Type for representing public info of a TPM-Resource
76  */
77 typedef union {
78     TPM2B_PUBLIC                           rsrc_key_pub;    /**< Public info for key objects */
79     TPM2B_NV_PUBLIC                         rsrc_nv_pub;    /**< Public info for NV ram objects */
80     IESYS_SESSION                          rsrc_session;    /**< Internal esapi session information */
81     TPMS_EMPTY                               rsrc_empty;    /**< no specialized date for resource */
82 } IESYS_RSRC_UNION;
83 
84 /** Type for representing TPM-Resource
85  */
86 typedef struct {
87     TPM2_HANDLE                                  handle;    /**< Handle used by TPM */
88     TPM2B_NAME                                     name;    /**< TPM name of the object */
89     IESYSC_RESOURCE_TYPE                       rsrcType;    /**< Selector for resource type */
90     IESYS_RSRC_UNION                               misc;    /**< Resource specific information */
91 } IESYS_RESOURCE;
92 
93 /**  Esys resource with size field
94  */
95 typedef struct {
96     UINT16                                         size;    /**< size of the operand buffer */
97     IESYS_RESOURCE                                 data;    /**< Esys resource data */
98 
99 } IESYS_METADATA;
100 
101 /** Type for representing ESYS metadata
102  */
103 typedef struct {
104     UINT32                                     reserved;    /**< Must allways be zero */
105     TPM2B_CONTEXT_DATA                       tpmContext;    /**< Context information computed by tpm */
106     IESYS_METADATA                         esysMetadata;    /**< Meta data of the ESY_TR object */
107 } IESYS_CONTEXT_DATA;
108 
109 #endif /* ESYS_TYPES_H */
110