| Vadim Bendebury | c4b77e0 | 2015-05-27 15:29:50 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2015 The Chromium OS Authors. All rights reserved. |
| 3 | * Use of this source code is governed by a BSD-style license that can be |
| 4 | * found in the LICENSE file. |
| 5 | */ |
| 6 | |
| 7 | #ifndef __TPM2_OBJECT_SPT_FP_H |
| 8 | #define __TPM2_OBJECT_SPT_FP_H |
| 9 | |
| Vadim Bendebury | bde479a | 2015-05-29 22:48:02 -0700 | [diff] [blame] | 10 | BOOL AreAttributesForParent( |
| 11 | OBJECT *parentObject // IN: parent handle |
| 12 | ); |
| Vadim Bendebury | c4b77e0 | 2015-05-27 15:29:50 -0700 | [diff] [blame] | 13 | TPM_RC CredentialToSecret( |
| 14 | TPM2B_ID_OBJECT *inIDObject, // IN: input credential blob |
| 15 | TPM2B_NAME *name, // IN: the name of the object |
| 16 | TPM2B_SEED *seed, // IN: an external seed. |
| 17 | TPM_HANDLE protector, // IN: The protector's handle |
| 18 | TPM2B_DIGEST *secret // OUT: secret information |
| 19 | ); |
| Vadim Bendebury | fffe7e7 | 2015-05-29 23:05:11 -0700 | [diff] [blame] | 20 | TPM_RC DuplicateToSensitive( |
| 21 | TPM2B_PRIVATE *inPrivate, // IN: input private structure |
| 22 | TPM2B_NAME *name, // IN: the name of the object |
| 23 | TPM_HANDLE parentHandle, // IN: The parent's handle |
| 24 | TPM_ALG_ID nameAlg, // IN: hash algorithm in public area. |
| 25 | TPM2B_SEED *seed, // IN: an external seed may be provided. |
| 26 | // If external seed is provided with |
| 27 | // size of 0, no outer wrap is |
| 28 | // applied |
| 29 | TPMT_SYM_DEF_OBJECT *symDef, // IN: Symmetric key definition. If the |
| 30 | // symmetric key algorithm is NULL, |
| 31 | // no inner wrap is applied |
| 32 | TPM2B_DATA *innerSymKey, // IN: a symmetric key may be provided |
| 33 | // to decrypt the inner wrap of a |
| 34 | // duplication blob. |
| 35 | TPMT_SENSITIVE *sensitive // OUT: sensitive structure |
| 36 | ); |
| Vadim Bendebury | bde479a | 2015-05-29 22:48:02 -0700 | [diff] [blame] | 37 | void FillInCreationData( |
| 38 | TPMI_DH_OBJECT parentHandle, // IN: handle of parent |
| 39 | TPMI_ALG_HASH nameHashAlg, // IN: name hash algorithm |
| 40 | TPML_PCR_SELECTION *creationPCR, // IN: PCR selection |
| 41 | TPM2B_DATA *outsideData, // IN: outside data |
| 42 | TPM2B_CREATION_DATA *outCreation, // OUT: creation data for output |
| 43 | TPM2B_DIGEST *creationDigest // OUT: creation digest |
| 44 | ); |
| Vadim Bendebury | fe7bde4 | 2015-06-01 10:55:46 -0700 | [diff] [blame] | 45 | TPM2B_SEED* GetSeedForKDF( |
| 46 | TPM_HANDLE protectorHandle, // IN: the protector handle |
| 47 | TPM2B_SEED *seedIn // IN: the optional input seed |
| 48 | ); |
| Vadim Bendebury | 5bb7b9f | 2015-05-29 23:06:15 -0700 | [diff] [blame] | 49 | TPM_RC PrivateToSensitive( |
| 50 | TPM2B_PRIVATE *inPrivate, // IN: input private structure |
| 51 | TPM2B_NAME *name, // IN: the name of the object |
| 52 | TPM_HANDLE parentHandle, // IN: The parent's handle |
| 53 | TPM_ALG_ID nameAlg, // IN: hash algorithm in public area. It is |
| 54 | // passed separately because we only pass |
| 55 | // name, rather than the whole public area |
| 56 | // of the object. This parameter is used in |
| 57 | // the following two cases: 1. primary |
| 58 | // objects. 2. duplication blob with inner |
| 59 | // wrap. In other cases, this parameter |
| 60 | // will be ignored |
| 61 | TPMT_SENSITIVE *sensitive // OUT: sensitive structure |
| 62 | ); |
| Vadim Bendebury | b209ce1 | 2015-06-01 17:47:52 -0700 | [diff] [blame] | 63 | UINT16 ProduceOuterWrap( |
| 64 | TPM_HANDLE protector, // IN: The handle of the object that provides |
| 65 | // protection. For object, it is parent |
| 66 | // handle. For credential, it is the handle |
| 67 | // of encrypt object. |
| 68 | TPM2B_NAME *name, // IN: the name of the object |
| 69 | TPM_ALG_ID hashAlg, // IN: hash algorithm for outer wrap |
| 70 | TPM2B_SEED *seed, // IN: an external seed may be provided for |
| 71 | // duplication blob. For non duplication |
| 72 | // blob, this parameter should be NULL |
| 73 | BOOL useIV, // IN: indicate if an IV is used |
| 74 | UINT16 dataSize, // IN: the size of sensitive data, excluding the |
| 75 | // leading integrity buffer size or the |
| 76 | // optional iv size |
| 77 | BYTE *outerBuffer // IN/OUT: outer buffer with sensitive data in |
| 78 | // it |
| 79 | ); |
| Vadim Bendebury | bde479a | 2015-05-29 22:48:02 -0700 | [diff] [blame] | 80 | TPM_RC PublicAttributesValidation( |
| 81 | BOOL load, // IN: TRUE if load checks, FALSE if |
| 82 | // TPM2_Create() |
| 83 | TPMI_DH_OBJECT parentHandle, // IN: input parent handle |
| 84 | TPMT_PUBLIC *publicArea // IN: public area of the object |
| 85 | ); |
| Vadim Bendebury | 762a65d | 2015-05-29 23:07:01 -0700 | [diff] [blame] | 86 | TPM_RC SchemeChecks( |
| 87 | BOOL load, // IN: TRUE if load checks, FALSE if |
| 88 | // TPM2_Create() |
| 89 | TPMI_DH_OBJECT parentHandle, // IN: input parent handle |
| 90 | TPMT_PUBLIC *publicArea // IN: public area of the object |
| 91 | ); |
| Vadim Bendebury | 9d998c6 | 2015-05-29 23:07:44 -0700 | [diff] [blame] | 92 | void SecretToCredential( |
| 93 | TPM2B_DIGEST *secret, // IN: secret information |
| 94 | TPM2B_NAME *name, // IN: the name of the object |
| 95 | TPM2B_SEED *seed, // IN: an external seed. |
| 96 | TPM_HANDLE protector, // IN: The protector's handle |
| 97 | TPM2B_ID_OBJECT *outIDObject // OUT: output credential |
| 98 | ); |
| Vadim Bendebury | 30f6dee | 2015-05-29 22:51:10 -0700 | [diff] [blame] | 99 | void SensitiveToDuplicate( |
| 100 | TPMT_SENSITIVE *sensitive, // IN: sensitive structure |
| 101 | TPM2B_NAME *name, // IN: the name of the object |
| 102 | TPM_HANDLE parentHandle, // IN: The new parent's handle |
| 103 | TPM_ALG_ID nameAlg, // IN: hash algorithm in public area. It |
| 104 | // is passed separately because we |
| 105 | // only pass name, rather than the |
| 106 | // whole public area of the object. |
| 107 | TPM2B_SEED *seed, // IN: the external seed. If external |
| 108 | // seed is provided with size of 0, |
| 109 | // no outer wrap should be applied |
| 110 | // to duplication blob. |
| 111 | TPMT_SYM_DEF_OBJECT *symDef, // IN: Symmetric key definition. If the |
| 112 | // symmetric key algorithm is NULL, |
| 113 | // no inner wrap should be applied. |
| 114 | TPM2B_DATA *innerSymKey, // IN/OUT: a symmetric key may be |
| 115 | // provided to encrypt the inner |
| 116 | // wrap of a duplication blob. May |
| 117 | // be generated here if needed. |
| 118 | TPM2B_PRIVATE *outPrivate // OUT: output private structure |
| 119 | ); |
| Vadim Bendebury | bde479a | 2015-05-29 22:48:02 -0700 | [diff] [blame] | 120 | void SensitiveToPrivate( |
| 121 | TPMT_SENSITIVE *sensitive, // IN: sensitive structure |
| 122 | TPM2B_NAME *name, // IN: the name of the object |
| 123 | TPM_HANDLE parentHandle, // IN: The parent's handle |
| 124 | TPM_ALG_ID nameAlg, // IN: hash algorithm in public area. This |
| 125 | // parameter is used when parentHandle is |
| 126 | // NULL, in which case the object is |
| 127 | // temporary. |
| 128 | TPM2B_PRIVATE *outPrivate // OUT: output private structure |
| 129 | ); |
| Vadim Bendebury | b209ce1 | 2015-06-01 17:47:52 -0700 | [diff] [blame] | 130 | TPM_RC UnwrapOuter( |
| 131 | TPM_HANDLE protector, // IN: The handle of the object that provides |
| 132 | // protection. For object, it is parent |
| 133 | // handle. For credential, it is the handle |
| 134 | // of encrypt object. |
| 135 | TPM2B_NAME *name, // IN: the name of the object |
| 136 | TPM_ALG_ID hashAlg, // IN: hash algorithm for outer wrap |
| 137 | TPM2B_SEED *seed, // IN: an external seed may be provided for |
| 138 | // duplication blob. For non duplication |
| 139 | // blob, this parameter should be NULL. |
| 140 | BOOL useIV, // IN: indicates if an IV is used |
| 141 | UINT16 dataSize, // IN: size of sensitive data in outerBuffer, |
| 142 | // including the leading integrity buffer |
| 143 | // size, and an optional iv area |
| 144 | BYTE *outerBuffer // IN/OUT: sensitive data |
| 145 | ); |
| Vadim Bendebury | c4b77e0 | 2015-05-27 15:29:50 -0700 | [diff] [blame] | 146 | |
| 147 | #endif // __TPM2_OBJECT_SPT_FP_H |