1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*******************************************************************************
3  * Copyright 2017, Fraunhofer SIT sponsored by Infineon Technologies AG
4  * All rights reserved.
5  *******************************************************************************/
6 #ifndef ESYS_INT_H
7 #define ESYS_INT_H
8 
9 #include <stdint.h>
10 #include "esys_types.h"
11 
12 #ifdef __cplusplus
13 extern "C" {
14 #endif
15 
16 /** Linked list type for object meta data.
17  *
18  * This structure represents a linked list to store meta data information of
19  * type IESYS_RESOURCE.
20  */
21 typedef struct RSRC_NODE_T {
22     ESYS_TR esys_handle;        /**< The ESYS_TR handle used by the application
23                                      to reference this entry. */
24     TPM2B_AUTH auth;            /**< The authValue for this resource object. */
25     IESYS_RESOURCE rsrc;        /**< The meta data for this resource object. */
26     struct RSRC_NODE_T * next;  /**< The next object in the linked list. */
27 } RSRC_NODE_T;
28 
29 typedef struct {
30     ESYS_TR tpmKey;
31     ESYS_TR bind;
32     TPM2_SE sessionType;
33     TPMI_ALG_HASH authHash;
34     TPM2B_NONCE *nonceCaller;
35     TPM2B_NONCE nonceCallerData;
36     TPMT_SYM_DEF *symmetric;
37     TPMT_SYM_DEF symmetricData;
38 } StartAuthSession_IN;
39 
40 typedef struct {
41     TPM2B_SENSITIVE_CREATE *inSensitive;
42     TPM2B_SENSITIVE_CREATE inSensitiveData;
43 } CreatePrimary_IN;
44 
45 typedef struct {
46     TPM2B_SENSITIVE_CREATE *inSensitive;
47     TPM2B_SENSITIVE_CREATE inSensitiveData;
48 } Create_IN;
49 
50 typedef struct {
51     ESYS_TR saveHandle;
52 } ContextSave_IN;
53 
54 typedef struct {
55     TPMS_CONTEXT *context;
56     TPMS_CONTEXT contextData;
57 } ContextLoad_IN;
58 
59 typedef struct {
60     TPM2B_PUBLIC *inPublic;
61     TPM2B_PUBLIC inPublicData;
62 } Load_IN;
63 
64 typedef struct {
65     TPM2B_PUBLIC *inPublic;
66     TPM2B_PUBLIC inPublicData;
67 } LoadExternal_IN;
68 
69 typedef struct {
70     TPM2B_SENSITIVE_CREATE *inSensitive;
71     TPM2B_SENSITIVE_CREATE inSensitiveData;
72     TPM2B_TEMPLATE *inPublic;
73     TPM2B_TEMPLATE inPublicData;
74 } CreateLoaded_IN;
75 
76 typedef struct {
77     ESYS_TR objectHandle;
78     TPMI_DH_PERSISTENT persistentHandle;
79 } EvictControl_IN;
80 
81 typedef struct {
82     TPM2B_AUTH *auth;
83     TPM2B_AUTH authData;
84 } HMAC_Start_IN;
85 
86 typedef struct {
87     ESYS_TR authHandle;
88     TPM2B_AUTH *newAuth;
89     TPM2B_AUTH newAuthData;
90 } HierarchyChangeAuth_IN;
91 
92 typedef struct {
93     ESYS_TR sequenceHandle;
94 } SequenceComplete_IN;
95 
96 typedef struct {
97     ESYS_TR policySession;
98 } Policy_IN;
99 
100 typedef struct {
101     ESYS_TR nvIndex;
102     TPM2B_AUTH *auth;
103     TPM2B_AUTH authData;
104     TPM2B_NV_PUBLIC *publicInfo;
105     TPM2B_NV_PUBLIC publicInfoData;
106 } NV_IN;
107 
108 typedef struct {
109     ESYS_TR flushHandle;
110 } FlushContext_IN;
111 
112 /** Union for input parameters.
113  *
114  * The input parameters of a command need to be stored if they are needed
115  * in corresponding _Finish() function.
116  */
117 typedef union {
118     StartAuthSession_IN StartAuthSession;
119     CreatePrimary_IN CreatePrimary;
120     Create_IN Create;
121     ContextSave_IN ContextSave;
122     ContextLoad_IN ContextLoad;
123     Load_IN Load;
124     LoadExternal_IN LoadExternal;
125     CreateLoaded_IN CreateLoaded;
126     EvictControl_IN EvictControl;
127     HMAC_Start_IN HMAC_Start;
128     HierarchyChangeAuth_IN HierarchyChangeAuth;
129     SequenceComplete_IN SequenceComplete;
130     Policy_IN Policy;
131     NV_IN NV;
132     FlushContext_IN FlushContext;
133 } IESYS_CMD_IN_PARAM;
134 
135 /** The states for the ESAPI's internal state machine */
136 enum _ESYS_STATE {
137     _ESYS_STATE_INIT = 0,     /**< The initial state after creation or after
138                                    finishing a command. A new command can only
139                                    be issued in this state. */
140     _ESYS_STATE_SENT,         /**< The state after sending a command to the TPM
141                                    before receiving a response. */
142     _ESYS_STATE_RESUBMISSION, /**< The state after receiving a response from the
143                                    TPM that requires resending of the command.*/
144     _ESYS_STATE_INTERNALERROR /**< A non-recoverable error occured within the
145                                    ESAPI code. */
146 };
147 
148 /** The data structure holding internal state information.
149  *
150  * Each ESYS_CONTEXT respresents a logically independent connection to the TPM.
151  * It stores meta data information about object in order to calculate session
152  * auths and similar things.
153  */
154 struct ESYS_CONTEXT {
155     enum _ESYS_STATE state;      /**< The current state of the ESAPI context. */
156     TSS2_SYS_CONTEXT *sys;       /**< The SYS context used internally to talk to
157                                       the TPM. */
158     ESYS_TR esys_handle_cnt;     /**< The next free ESYS_TR number. */
159     RSRC_NODE_T *rsrc_list;      /**< The linked list of all ESYS_TR objects. */
160     int32_t timeout;             /**< The timeout to be used during
161                                       Tss2_Sys_ExecuteFinish. */
162     ESYS_TR session_type[3];     /**< The list of TPM session handles in the
163                                       current command execution. */
164     RSRC_NODE_T *session_tab[3]; /**< The list of TPM session meta data in the
165                                       current command execution. */
166     int encryptNonceIdx;         /**< The index of the encrypt session. */
167     TPM2B_NONCE *encryptNonce;   /**< The nonce of the encrypt session, or NULL
168                                       if no encrypt session exists. */
169     int authsCount;              /**< The number of session provided during the
170                                       command. */
171     int submissionCount;         /**< The current number of submissions of this
172                                       command to the TPM. */
173     TPM2B_DATA salt;             /**< The salt used during a StartAuthSession.*/
174     IESYS_CMD_IN_PARAM in;       /**< Temporary storage for Input parameters
175                                       needed in corresponding _Finish function*/
176     ESYS_TR esys_handle;         /**< Temporary storage for the object's TPM
177                                       handle during Esys_TR_FromTPMPublic. */
178     TSS2_TCTI_CONTEXT *tcti_app_param;/**< The TCTI context provided by the
179                                            application during Esys_Initialize()
180                                            to be returned from Esys_GetTcti().*/
181     void *dlhandle;              /**< The handle of dlopen if the tcti was
182                                       automatically loaded. */
183     IESYS_SESSION *enc_session;  /**< Ptr to the enc param session.
184                                       Used to restore session attributes */
185 };
186 
187 /** The number of authomatic resubmissions.
188  *
189  * The number of resubmissions before a TPM's TPM2_RC_YIELDED is forwarded to
190  * the application.
191  */
192 #define _ESYS_MAX_SUBMISSIONS 5
193 
194 /** Makro testing parameters against null.
195  */
196 #define _ESYS_ASSERT_NON_NULL(x) \
197     if (x == NULL) { \
198         LOG_ERROR(str(x) " == NULL."); \
199         return TSS2_ESYS_RC_BAD_REFERENCE; \
200     }
201 
202 #ifdef __cplusplus
203 }
204 #endif
205 #endif /* ESYS_INT_H */
206