source: trunk/packages/xen-3.1/xen-3.1/tools/vtpm_manager/util/tcg.h @ 34

Last change on this file since 34 was 34, checked in by hartmans, 17 years ago

Add xen and xen-common
  • Property svn:mime-type set to text/cpp
File size: 23.2 KB
RevLine 
[34]1// ===================================================================
2//
3// Copyright (c) 2005, Intel Corp.
4// All rights reserved.
5//
6// Redistribution and use in source and binary forms, with or without
7// modification, are permitted provided that the following conditions
8// are met:
9//
10//   * Redistributions of source code must retain the above copyright
11//     notice, this list of conditions and the following disclaimer.
12//   * Redistributions in binary form must reproduce the above
13//     copyright notice, this list of conditions and the following
14//     disclaimer in the documentation and/or other materials provided
15//     with the distribution.
16//   * Neither the name of Intel Corporation nor the names of its
17//     contributors may be used to endorse or promote products derived
18//     from this software without specific prior written permission.
19//
20// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31// OF THE POSSIBILITY OF SUCH DAMAGE.
32// ===================================================================
33//
34// tcg.h
35//
36//  This file contains all the structure and type definitions
37//
38// ==================================================================
39
40#ifndef __TCG_H__
41#define __TCG_H__
42
43// This pragma is used to disallow structure padding
44#pragma pack(push, 1)
45
46// *************************** TYPEDEFS *********************************
47typedef unsigned char BYTE;
48typedef unsigned char BOOL;
49typedef unsigned short UINT16;
50typedef unsigned int UINT32;
51typedef unsigned long long UINT64;
52
53typedef UINT32 TPM_RESULT;
54typedef UINT32 TPM_PCRINDEX;
55typedef UINT32 TPM_DIRINDEX;
56typedef UINT32 TPM_HANDLE;
57typedef TPM_HANDLE TPM_AUTHHANDLE;
58typedef TPM_HANDLE TCPA_HASHHANDLE;
59typedef TPM_HANDLE TCPA_HMACHANDLE;
60typedef TPM_HANDLE TCPA_ENCHANDLE;
61typedef TPM_HANDLE TPM_KEY_HANDLE;
62typedef TPM_HANDLE TCPA_ENTITYHANDLE;
63typedef UINT32 TPM_RESOURCE_TYPE;
64typedef UINT32 TPM_COMMAND_CODE;
65typedef UINT16 TPM_PROTOCOL_ID;
66typedef BYTE TPM_AUTH_DATA_USAGE;
67typedef UINT16 TPM_ENTITY_TYPE;
68typedef UINT32 TPM_ALGORITHM_ID;
69typedef UINT16 TPM_KEY_USAGE;
70typedef UINT16 TPM_STARTUP_TYPE;
71typedef UINT32 TPM_CAPABILITY_AREA;
72typedef UINT16 TPM_ENC_SCHEME;
73typedef UINT16 TPM_SIG_SCHEME;
74typedef UINT16 TPM_MIGRATE_SCHEME;
75typedef UINT16 TPM_PHYSICAL_PRESENCE;
76typedef UINT32 TPM_KEY_FLAGS;
77
78#define TPM_DIGEST_SIZE 20  // Don't change this
79typedef BYTE TPM_AUTHDATA[TPM_DIGEST_SIZE];
80typedef TPM_AUTHDATA TPM_SECRET;
81typedef TPM_AUTHDATA TPM_ENCAUTH;
82typedef BYTE TPM_PAYLOAD_TYPE;
83typedef UINT16 TPM_TAG;
84
85// Data Types of the TCS
86typedef UINT32 TCS_AUTHHANDLE;  // Handle addressing a authorization session
87typedef UINT32 TCS_CONTEXT_HANDLE; // Basic context handle
88typedef UINT32 TCS_KEY_HANDLE;  // Basic key handle
89
90// ************************* STRUCTURES **********************************
91
92typedef struct TPM_VERSION {
93  BYTE major;
94  BYTE minor;
95  BYTE revMajor;
96  BYTE revMinor;
97} TPM_VERSION;
98 
99static const TPM_VERSION TPM_STRUCT_VER_1_1 = { 1,1,0,0 };
100
101typedef struct TPM_DIGEST {
102  BYTE digest[TPM_DIGEST_SIZE];
103} TPM_DIGEST;
104
105typedef TPM_DIGEST TPM_PCRVALUE;
106typedef TPM_DIGEST TPM_COMPOSITE_HASH;
107typedef TPM_DIGEST TPM_DIRVALUE;
108typedef TPM_DIGEST TPM_HMAC;
109typedef TPM_DIGEST TPM_CHOSENID_HASH;
110
111typedef struct TPM_NONCE {
112  BYTE nonce[TPM_DIGEST_SIZE];
113} TPM_NONCE;
114
115typedef struct TPM_KEY_PARMS {
116  TPM_ALGORITHM_ID algorithmID;
117  TPM_ENC_SCHEME encScheme;
118  TPM_SIG_SCHEME sigScheme;
119  UINT32 parmSize;
120  BYTE* parms;
121} TPM_KEY_PARMS;
122
123typedef struct TPM_RSA_KEY_PARMS { 
124  UINT32 keyLength;
125  UINT32 numPrimes;
126  UINT32 exponentSize;
127  BYTE* exponent;
128} TPM_RSA_KEY_PARMS;
129
130typedef struct TPM_STORE_PUBKEY {
131  UINT32 keyLength;
132  BYTE* key;
133} TPM_STORE_PUBKEY;
134
135typedef struct TPM_PUBKEY {
136  TPM_KEY_PARMS algorithmParms;
137  TPM_STORE_PUBKEY pubKey;
138} TPM_PUBKEY;
139
140typedef struct TPM_KEY {
141  TPM_VERSION         ver;
142  TPM_KEY_USAGE       keyUsage;
143  TPM_KEY_FLAGS       keyFlags;
144  TPM_AUTH_DATA_USAGE authDataUsage;
145  TPM_KEY_PARMS       algorithmParms;
146  UINT32              PCRInfoSize;
147  BYTE*               PCRInfo; // this should be a TPM_PCR_INFO, or NULL
148  TPM_STORE_PUBKEY    pubKey;
149  UINT32              encDataSize;
150  BYTE*               encData;
151} TPM_KEY;
152
153typedef struct TPM_PCR_SELECTION {
154  UINT16 sizeOfSelect;        /// in bytes
155  BYTE* pcrSelect;
156} TPM_PCR_SELECTION;
157
158typedef struct TPM_PCR_COMPOSITE {
159  TPM_PCR_SELECTION select;
160  UINT32 valueSize;
161  TPM_PCRVALUE* pcrValue;
162} TPM_PCR_COMPOSITE;
163
164
165typedef struct TPM_PCR_INFO {
166  TPM_PCR_SELECTION pcrSelection;
167  TPM_COMPOSITE_HASH digestAtRelease;
168  TPM_COMPOSITE_HASH digestAtCreation;
169} TPM_PCR_INFO;
170
171
172typedef struct TPM_BOUND_DATA {
173  TPM_VERSION ver;
174  TPM_PAYLOAD_TYPE payload;
175  BYTE* payloadData;
176} TPM_BOUND_DATA;
177
178typedef struct TPM_STORED_DATA {
179  TPM_VERSION ver;
180  UINT32 sealInfoSize;
181  BYTE* sealInfo;
182  UINT32 encDataSize;
183  BYTE* encData;
184} TPM_STORED_DATA;
185
186typedef struct TCS_AUTH {
187  TCS_AUTHHANDLE  AuthHandle;
188  TPM_NONCE   NonceOdd;   // system
189  TPM_NONCE   NonceEven;   // TPM
190  BOOL   fContinueAuthSession;
191  TPM_AUTHDATA  HMAC;
192} TCS_AUTH;
193
194// structures for dealing with sizes followed by buffers in all the
195// TCG structure.
196typedef struct pack_buf_t {
197  UINT32 size;
198  BYTE * data;
199} pack_buf_t;
200
201typedef struct pack_constbuf_t {
202  UINT32 size;
203  const BYTE* data;
204} pack_constbuf_t;
205
206
207
208// **************************** CONSTANTS *********************************
209
210// BOOL values
211#define TRUE 0x01
212#define FALSE 0x00
213
214#define TCPA_MAX_BUFFER_LENGTH 0x2000
215
216//
217// TPM_COMMAND_CODE values
218#define TPM_PROTECTED_ORDINAL 0x00000000UL
219#define TPM_UNPROTECTED_ORDINAL 0x80000000UL
220#define TPM_CONNECTION_ORDINAL 0x40000000UL
221#define TPM_VENDOR_ORDINAL 0x20000000UL
222
223#define TPM_ORD_OIAP                     (10UL + TPM_PROTECTED_ORDINAL)
224#define TPM_ORD_OSAP                     (11UL + TPM_PROTECTED_ORDINAL)
225#define TPM_ORD_ChangeAuth               (12UL + TPM_PROTECTED_ORDINAL)
226#define TPM_ORD_TakeOwnership            (13UL + TPM_PROTECTED_ORDINAL)
227#define TPM_ORD_ChangeAuthAsymStart      (14UL + TPM_PROTECTED_ORDINAL)
228#define TPM_ORD_ChangeAuthAsymFinish     (15UL + TPM_PROTECTED_ORDINAL)
229#define TPM_ORD_ChangeAuthOwner          (16UL + TPM_PROTECTED_ORDINAL)
230#define TPM_ORD_Extend                   (20UL + TPM_PROTECTED_ORDINAL)
231#define TPM_ORD_PcrRead                  (21UL + TPM_PROTECTED_ORDINAL)
232#define TPM_ORD_Quote                    (22UL + TPM_PROTECTED_ORDINAL)
233#define TPM_ORD_Seal                     (23UL + TPM_PROTECTED_ORDINAL)
234#define TPM_ORD_Unseal                   (24UL + TPM_PROTECTED_ORDINAL)
235#define TPM_ORD_DirWriteAuth             (25UL + TPM_PROTECTED_ORDINAL)
236#define TPM_ORD_DirRead                  (26UL + TPM_PROTECTED_ORDINAL)
237#define TPM_ORD_UnBind                   (30UL + TPM_PROTECTED_ORDINAL)
238#define TPM_ORD_CreateWrapKey            (31UL + TPM_PROTECTED_ORDINAL)
239#define TPM_ORD_LoadKey                  (32UL + TPM_PROTECTED_ORDINAL)
240#define TPM_ORD_GetPubKey                (33UL + TPM_PROTECTED_ORDINAL)
241#define TPM_ORD_EvictKey                 (34UL + TPM_PROTECTED_ORDINAL)
242#define TPM_ORD_CreateMigrationBlob      (40UL + TPM_PROTECTED_ORDINAL)
243#define TPM_ORD_ReWrapKey                (41UL + TPM_PROTECTED_ORDINAL)
244#define TPM_ORD_ConvertMigrationBlob     (42UL + TPM_PROTECTED_ORDINAL)
245#define TPM_ORD_AuthorizeMigrationKey    (43UL + TPM_PROTECTED_ORDINAL)
246#define TPM_ORD_CreateMaintenanceArchive (44UL + TPM_PROTECTED_ORDINAL)
247#define TPM_ORD_LoadMaintenanceArchive   (45UL + TPM_PROTECTED_ORDINAL)
248#define TPM_ORD_KillMaintenanceFeature   (46UL + TPM_PROTECTED_ORDINAL)
249#define TPM_ORD_LoadManuMaintPub         (47UL + TPM_PROTECTED_ORDINAL)
250#define TPM_ORD_ReadManuMaintPub         (48UL + TPM_PROTECTED_ORDINAL)
251#define TPM_ORD_CertifyKey               (50UL + TPM_PROTECTED_ORDINAL)
252#define TPM_ORD_Sign                     (60UL + TPM_PROTECTED_ORDINAL)
253#define TPM_ORD_GetRandom                (70UL + TPM_PROTECTED_ORDINAL)
254#define TPM_ORD_StirRandom               (71UL + TPM_PROTECTED_ORDINAL)
255#define TPM_ORD_SelfTestFull             (80UL + TPM_PROTECTED_ORDINAL)
256#define TPM_ORD_SelfTestStartup          (81UL + TPM_PROTECTED_ORDINAL)
257#define TPM_ORD_CertifySelfTest          (82UL + TPM_PROTECTED_ORDINAL)
258#define TPM_ORD_ContinueSelfTest         (83UL + TPM_PROTECTED_ORDINAL)
259#define TPM_ORD_GetTestResult            (84UL + TPM_PROTECTED_ORDINAL)
260#define TPM_ORD_Reset                    (90UL + TPM_PROTECTED_ORDINAL)
261#define TPM_ORD_OwnerClear               (91UL + TPM_PROTECTED_ORDINAL)
262#define TPM_ORD_DisableOwnerClear        (92UL + TPM_PROTECTED_ORDINAL)
263#define TPM_ORD_ForceClear               (93UL + TPM_PROTECTED_ORDINAL)
264#define TPM_ORD_DisableForceClear        (94UL + TPM_PROTECTED_ORDINAL)
265#define TPM_ORD_GetCapabilitySigned      (100UL + TPM_PROTECTED_ORDINAL)
266#define TPM_ORD_GetCapability            (101UL + TPM_PROTECTED_ORDINAL)
267#define TPM_ORD_GetCapabilityOwner       (102UL + TPM_PROTECTED_ORDINAL)
268#define TPM_ORD_OwnerSetDisable          (110UL + TPM_PROTECTED_ORDINAL)
269#define TPM_ORD_PhysicalEnable           (111UL + TPM_PROTECTED_ORDINAL)
270#define TPM_ORD_PhysicalDisable          (112UL + TPM_PROTECTED_ORDINAL)
271#define TPM_ORD_SetOwnerInstall          (113UL + TPM_PROTECTED_ORDINAL)
272#define TPM_ORD_PhysicalSetDeactivated   (114UL + TPM_PROTECTED_ORDINAL)
273#define TPM_ORD_SetTempDeactivated       (115UL + TPM_PROTECTED_ORDINAL)
274#define TPM_ORD_CreateEndorsementKeyPair (120UL + TPM_PROTECTED_ORDINAL)
275#define TPM_ORD_MakeIdentity             (121UL + TPM_PROTECTED_ORDINAL)
276#define TPM_ORD_ActivateIdentity         (122UL + TPM_PROTECTED_ORDINAL)
277#define TPM_ORD_ReadPubek                (124UL + TPM_PROTECTED_ORDINAL)
278#define TPM_ORD_OwnerReadPubek           (125UL + TPM_PROTECTED_ORDINAL)
279#define TPM_ORD_DisablePubekRead         (126UL + TPM_PROTECTED_ORDINAL)
280#define TPM_ORD_GetAuditEvent            (130UL + TPM_PROTECTED_ORDINAL)
281#define TPM_ORD_GetAuditEventSigned      (131UL + TPM_PROTECTED_ORDINAL)
282#define TPM_ORD_GetOrdinalAuditStatus    (140UL + TPM_PROTECTED_ORDINAL)
283#define TPM_ORD_SetOrdinalAuditStatus    (141UL + TPM_PROTECTED_ORDINAL)
284#define TPM_ORD_Terminate_Handle         (150UL + TPM_PROTECTED_ORDINAL)
285#define TPM_ORD_Init                     (151UL + TPM_PROTECTED_ORDINAL)
286#define TPM_ORD_SaveState                (152UL + TPM_PROTECTED_ORDINAL)
287#define TPM_ORD_Startup                  (153UL + TPM_PROTECTED_ORDINAL)
288#define TPM_ORD_SetRedirection           (154UL + TPM_PROTECTED_ORDINAL)
289#define TPM_ORD_SHA1Start                (160UL + TPM_PROTECTED_ORDINAL)
290#define TPM_ORD_SHA1Update               (161UL + TPM_PROTECTED_ORDINAL)
291#define TPM_ORD_SHA1Complete             (162UL + TPM_PROTECTED_ORDINAL)
292#define TPM_ORD_SHA1CompleteExtend       (163UL + TPM_PROTECTED_ORDINAL)
293#define TPM_ORD_FieldUpgrade             (170UL + TPM_PROTECTED_ORDINAL)
294#define TPM_ORD_SaveKeyContext           (180UL + TPM_PROTECTED_ORDINAL)
295#define TPM_ORD_LoadKeyContext           (181UL + TPM_PROTECTED_ORDINAL)
296#define TPM_ORD_SaveAuthContext          (182UL + TPM_PROTECTED_ORDINAL)
297#define TPM_ORD_LoadAuthContext          (183UL + TPM_PROTECTED_ORDINAL)
298#define TSC_ORD_PhysicalPresence         (10UL + TPM_CONNECTION_ORDINAL)
299
300
301
302//
303// TPM_RESULT values
304//
305// just put in the whole table from spec 1.2
306             
307#define TPM_BASE   0x0 // The start of TPM return codes
308#define TPM_VENDOR_ERROR 0x00000400 // Mask to indicate that the error code is vendor specific for vendor specific commands
309#define TPM_NON_FATAL  0x00000800 // Mask to indicate that the error code is a non-fatal failure.
310
311#define TPM_SUCCESS   TPM_BASE // Successful completion of the operation
312#define TPM_AUTHFAIL      TPM_BASE + 1 // Authentication failed
313#define TPM_BADINDEX      TPM_BASE + 2 // The index to a PCR, DIR or other register is incorrect
314#define TPM_BAD_PARAMETER     TPM_BASE + 3 // One or more parameter is bad
315#define TPM_AUDITFAILURE     TPM_BASE + 4 // An operation completed successfully but the auditing of that operation failed.
316#define TPM_CLEAR_DISABLED     TPM_BASE + 5 // The clear disable flag is set and all clear operations now require physical access
317#define TPM_DEACTIVATED     TPM_BASE + 6 // The TPM is deactivated
318#define TPM_DISABLED      TPM_BASE + 7 // The TPM is disabled
319#define TPM_DISABLED_CMD     TPM_BASE + 8 // The target command has been disabled
320#define TPM_FAIL       TPM_BASE + 9 // The operation failed
321#define TPM_BAD_ORDINAL     TPM_BASE + 10 // The ordinal was unknown or inconsistent
322#define TPM_INSTALL_DISABLED   TPM_BASE + 11 // The ability to install an owner is disabled
323#define TPM_INVALID_KEYHANDLE  TPM_BASE + 12 // The key handle presented was invalid
324#define TPM_KEYNOTFOUND     TPM_BASE + 13 // The target key was not found
325#define TPM_INAPPROPRIATE_ENC  TPM_BASE + 14 // Unacceptable encryption scheme
326#define TPM_MIGRATEFAIL     TPM_BASE + 15 // Migration authorization failed
327#define TPM_INVALID_PCR_INFO   TPM_BASE + 16 // PCR information could not be interpreted
328#define TPM_NOSPACE      TPM_BASE + 17 // No room to load key.
329#define TPM_NOSRK       TPM_BASE + 18 // There is no SRK set
330#define TPM_NOTSEALED_BLOB     TPM_BASE + 19 // An encrypted blob is invalid or was not created by this TPM
331#define TPM_OWNER_SET      TPM_BASE + 20 // There is already an Owner
332#define TPM_RESOURCES      TPM_BASE + 21 // The TPM has insufficient internal resources to perform the requested action.
333#define TPM_SHORTRANDOM     TPM_BASE + 22 // A random string was too short
334#define TPM_SIZE       TPM_BASE + 23 // The TPM does not have the space to perform the operation.
335#define TPM_WRONGPCRVAL     TPM_BASE + 24 // The named PCR value does not match the current PCR value.
336#define TPM_BAD_PARAM_SIZE     TPM_BASE + 25 // The paramSize argument to the command has the incorrect value
337#define TPM_SHA_THREAD      TPM_BASE + 26 // There is no existing SHA-1 thread.
338#define TPM_SHA_ERROR      TPM_BASE + 27 // The calculation is unable to proceed because the existing SHA-1 thread has already encountered an error.
339#define TPM_FAILEDSELFTEST     TPM_BASE + 28 // Self-test has failed and the TPM has shutdown.
340#define TPM_AUTH2FAIL      TPM_BASE + 29 // The authorization for the second key in a 2 key function failed authorization
341#define TPM_BADTAG       TPM_BASE + 30 // The tag value sent to for a command is invalid
342#define TPM_IOERROR      TPM_BASE + 31 // An IO error occurred transmitting information to the TPM
343#define TPM_ENCRYPT_ERROR     TPM_BASE + 32 // The encryption process had a problem.
344#define TPM_DECRYPT_ERROR     TPM_BASE + 33 // The decryption process did not complete.
345#define TPM_INVALID_AUTHHANDLE TPM_BASE + 34 // An invalid handle was used.
346#define TPM_NO_ENDORSEMENT     TPM_BASE + 35 // The TPM does not a EK installed
347#define TPM_INVALID_KEYUSAGE   TPM_BASE + 36 // The usage of a key is not allowed
348#define TPM_WRONG_ENTITYTYPE   TPM_BASE + 37 // The submitted entity type is not allowed
349#define TPM_INVALID_POSTINIT   TPM_BASE + 38 // The command was received in the wrong sequence relative to TPM_Init and a subsequent TPM_Startup
350#define TPM_INAPPROPRIATE_SIG  TPM_BASE + 39 // Signed data cannot include additional DER information
351#define TPM_BAD_KEY_PROPERTY   TPM_BASE + 40 // The key properties in TPM_KEY_PARMs are not supported by this TPM
352
353#define TPM_BAD_MIGRATION      TPM_BASE + 41 // The migration properties of this key are incorrect.
354#define TPM_BAD_SCHEME       TPM_BASE + 42 // The signature or encryption scheme for this key is incorrect or not permitted in this situation.
355#define TPM_BAD_DATASIZE      TPM_BASE + 43 // The size of the data (or blob) parameter is bad or inconsistent with the referenced key
356#define TPM_BAD_MODE       TPM_BASE + 44 // A mode parameter is bad, such as capArea or subCapArea for TPM_GetCapability, phsicalPresence parameter for TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob.
357#define TPM_BAD_PRESENCE      TPM_BASE + 45 // Either the physicalPresence or physicalPresenceLock bits have the wrong value
358#define TPM_BAD_VERSION      TPM_BASE + 46 // The TPM cannot perform this version of the capability
359#define TPM_NO_WRAP_TRANSPORT     TPM_BASE + 47 // The TPM does not allow for wrapped transport sessions
360#define TPM_AUDITFAIL_UNSUCCESSFUL TPM_BASE + 48 // TPM audit construction failed and the underlying command was returning a failure code also
361#define TPM_AUDITFAIL_SUCCESSFUL   TPM_BASE + 49 // TPM audit construction failed and the underlying command was returning success
362#define TPM_NOTRESETABLE      TPM_BASE + 50 // Attempt to reset a PCR register that does not have the resettable attribute
363#define TPM_NOTLOCAL       TPM_BASE + 51 // Attempt to reset a PCR register that requires locality and locality modifier not part of command transport
364#define TPM_BAD_TYPE       TPM_BASE + 52 // Make identity blob not properly typed
365#define TPM_INVALID_RESOURCE     TPM_BASE + 53 // When saving context identified resource type does not match actual resource
366#define TPM_NOTFIPS       TPM_BASE + 54 // The TPM is attempting to execute a command only available when in FIPS mode
367#define TPM_INVALID_FAMILY      TPM_BASE + 55 // The command is attempting to use an invalid family ID
368#define TPM_NO_NV_PERMISSION     TPM_BASE + 56 // The permission to manipulate the NV storage is not available
369#define TPM_REQUIRES_SIGN      TPM_BASE + 57 // The operation requires a signed command
370#define TPM_KEY_NOTSUPPORTED     TPM_BASE + 58 // Wrong operation to load an NV key
371#define TPM_AUTH_CONFLICT      TPM_BASE + 59 // NV_LoadKey blob requires both owner and blob authorization
372#define TPM_AREA_LOCKED      TPM_BASE + 60 // The NV area is locked and not writtable
373#define TPM_BAD_LOCALITY      TPM_BASE + 61 // The locality is incorrect for the attempted operation
374#define TPM_READ_ONLY       TPM_BASE + 62 // The NV area is read only and can't be written to
375#define TPM_PER_NOWRITE      TPM_BASE + 63 // There is no protection on the write to the NV area
376#define TPM_FAMILYCOUNT      TPM_BASE + 64 // The family count value does not match
377#define TPM_WRITE_LOCKED      TPM_BASE + 65 // The NV area has already been written to
378#define TPM_BAD_ATTRIBUTES      TPM_BASE + 66 // The NV area attributes conflict
379#define TPM_INVALID_STRUCTURE     TPM_BASE + 67 // The structure tag and version are invalid or inconsistent
380#define TPM_KEY_OWNER_CONTROL     TPM_BASE + 68 // The key is under control of the TPM Owner and can only be evicted by the TPM Owner.
381#define TPM_BAD_COUNTER      TPM_BASE + 69 // The counter handle is incorrect
382#define TPM_NOT_FULLWRITE      TPM_BASE + 70 // The write is not a complete write of the area
383#define TPM_CONTEXT_GAP      TPM_BASE + 71 // The gap between saved context counts is too large
384#define TPM_MAXNVWRITES      TPM_BASE + 72 // The maximum number of NV writes without an owner has been exceeded
385#define TPM_NOOPERATOR       TPM_BASE + 73 // No operator authorization value is set
386#define TPM_RESOURCEMISSING     TPM_BASE + 74 // The resource pointed to by context is not loaded
387#define TPM_DELEGATE_LOCK      TPM_BASE + 75 // The delegate administration is locked
388#define TPM_DELEGATE_FAMILY     TPM_BASE + 76 // Attempt to manage a family other then the delegated family
389#define TPM_DELEGATE_ADMIN      TPM_BASE + 77 // Delegation table management not enabled
390#define TPM_TRANSPORT_EXCLUSIVE    TPM_BASE + 78 // There was a command executed outside of an exclusive transport session
391
392// TPM_STARTUP_TYPE values
393#define TPM_ST_CLEAR 0x0001
394#define TPM_ST_STATE 0x0002
395#define TPM_ST_DEACTIVATED 0x003
396
397// TPM_TAG values
398#define TPM_TAG_RQU_COMMAND 0x00c1
399#define TPM_TAG_RQU_AUTH1_COMMAND 0x00c2
400#define TPM_TAG_RQU_AUTH2_COMMAND 0x00c3
401#define TPM_TAG_RSP_COMMAND 0x00c4
402#define TPM_TAG_RSP_AUTH1_COMMAND 0x00c5
403#define TPM_TAG_RSP_AUTH2_COMMAND 0x00c6
404
405// TPM_PAYLOAD_TYPE values
406#define TPM_PT_ASYM 0x01
407#define TPM_PT_BIND 0x02
408#define TPM_PT_MIGRATE 0x03
409#define TPM_PT_MAINT 0x04
410#define TPM_PT_SEAL 0x05
411
412// TPM_ENTITY_TYPE values
413#define TPM_ET_KEYHANDLE 0x0001
414#define TPM_ET_OWNER 0x0002
415#define TPM_ET_DATA 0x0003
416#define TPM_ET_SRK 0x0004
417#define TPM_ET_KEY 0x0005
418
419/// TPM_ResourceTypes
420#define TPM_RT_KEY      0x00000001
421#define TPM_RT_AUTH     0x00000002
422#define TPM_RT_TRANS    0x00000004
423#define TPM_RT_CONTEXT  0x00000005
424
425// TPM_PROTOCOL_ID values
426#define TPM_PID_OIAP 0x0001
427#define TPM_PID_OSAP 0x0002
428#define TPM_PID_ADIP 0x0003
429#define TPM_PID_ADCP 0x0004
430#define TPM_PID_OWNER 0x0005
431
432// TPM_ALGORITHM_ID values
433#define TPM_ALG_RSA 0x00000001
434#define TPM_ALG_DES 0x00000002
435#define TPM_ALG_3DES 0X00000003
436#define TPM_ALG_SHA 0x00000004
437#define TPM_ALG_HMAC 0x00000005
438#define TCPA_ALG_AES 0x00000006
439
440// TPM_ENC_SCHEME values
441#define TPM_ES_NONE 0x0001
442#define TPM_ES_RSAESPKCSv15 0x0002
443#define TPM_ES_RSAESOAEP_SHA1_MGF1 0x0003
444
445// TPM_SIG_SCHEME values
446#define TPM_SS_NONE 0x0001
447#define TPM_SS_RSASSAPKCS1v15_SHA1 0x0002
448#define TPM_SS_RSASSAPKCS1v15_DER 0x0003
449
450// TPM_KEY_USAGE values
451#define TPM_KEY_EK 0x0000
452#define TPM_KEY_SIGNING 0x0010
453#define TPM_KEY_STORAGE 0x0011
454#define TPM_KEY_IDENTITY 0x0012
455#define TPM_KEY_AUTHCHANGE 0X0013
456#define TPM_KEY_BIND 0x0014
457#define TPM_KEY_LEGACY 0x0015
458
459// TPM_AUTH_DATA_USAGE values
460#define TPM_AUTH_NEVER 0x00
461#define TPM_AUTH_ALWAYS 0x01
462
463// Key Handle of owner and srk
464#define TPM_OWNER_KEYHANDLE 0x40000001
465#define TPM_SRK_KEYHANDLE 0x40000000
466
467// ---------------------- Functions for checking TPM_RESULTs -----------------
468
469#include <stdio.h>
470
471// FIXME: Review use of these and delete unneeded ones.
472
473// these are really badly dependent on local structure:
474// DEPENDS: local var 'status' of type TPM_RESULT
475// DEPENDS: label 'abort_egress' which cleans up and returns the status
476#define ERRORDIE(s) do { status = s; \
477                         fprintf (stderr, "*** ERRORDIE in %s at %s: %i\n", __func__, __FILE__, __LINE__); \
478                         goto abort_egress; } \
479                    while (0)
480
481// DEPENDS: local var 'status' of type TPM_RESULT
482// DEPENDS: label 'abort_egress' which cleans up and returns the status
483// Try command c. If it fails, set status to s and goto abort.
484#define TPMTRY(s,c) if (c != TPM_SUCCESS) { \
485                       status = s; \
486                       printf("ERROR in %s at %s:%i code: %s.\n", __func__, __FILE__, __LINE__, tpm_get_error_name(status)); \
487                       goto abort_egress; \
488                    } else {\
489                       status = c; \
490                    }
491
492// Try command c. If it fails, print error message, set status to actual return code. Goto abort
493#define TPMTRYRETURN(c) do { status = c; \
494                             if (status != TPM_SUCCESS) { \
495                               fprintf(stderr, "ERROR in %s at %s:%i code: %s.\n", __func__, __FILE__, __LINE__, tpm_get_error_name(status)); \
496                               goto abort_egress; \
497                             } \
498                        } while(0)   
499
500
501#pragma pack(pop)
502
503#endif //__TCPA_H__
Note: See TracBrowser for help on using the repository browser.