grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v8 14/22] tpm2: Add more marshal/unmarshal functions


From: Gary Lin
Subject: [PATCH v8 14/22] tpm2: Add more marshal/unmarshal functions
Date: Tue, 16 Jan 2024 17:20:52 +0800

Add a few more marshal/unmarshal functions to support authorized policy.

* Marshal:
  grub_tpm2_mu_TPMU_SENSITIVE_COMPOSITE_Marshal()
  grub_tpm2_mu_TPMT_SENSITIVE_Marshal()
  grub_tpm2_mu_TPM2B_SENSITIVE_Marshal()
  grub_tpm2_mu_TPMS_SIGNATURE_RSA_Marshal()
  grub_tpm2_mu_TPMS_SIGNATURE_ECC_Marshal()
  grub_tpm2_mu_TPMU_HA_Marshal()
  grub_tpm2_mu_TPMT_HA_Marshal()
  grub_tpm2_mu_TPMU_SIGNATURE_Marshal()
  grub_tpm2_mu_TPMT_SIGNATURE_Marshal()
  grub_tpm2_mu_TPMT_TK_VERIFIED_Marshal()

* Unmarshal:
  grub_tpm2_mu_TPMT_TK_HASHCHECK_Unmarshal()
  grub_tpm2_mu_TPMT_TK_VERIFIED_Unmarshal()
  grub_tpm2_mu_TPMS_SIGNATURE_RSA_Unmarshal()
  grub_tpm2_mu_TPMS_SIGNATURE_ECC_Unmarshal()
  grub_tpm2_mu_TPMU_HA_Unmarshal()
  grub_tpm2_mu_TPMT_HA_Unmarshal()
  grub_tpm2_mu_TPMU_SIGNATURE_Unmarshal()
  grub_tpm2_mu_TPMT_SIGNATURE_Unmarshal()

Signed-off-by: Gary Lin <glin@suse.com>
---
 grub-core/tpm2/mu.c    | 262 +++++++++++++++++++++++++++++++++++++++++
 include/grub/tpm2/mu.h |  75 ++++++++++++
 2 files changed, 337 insertions(+)

diff --git a/grub-core/tpm2/mu.c b/grub-core/tpm2/mu.c
index 1617f37cd..3a9a3c1be 100644
--- a/grub-core/tpm2/mu.c
+++ b/grub-core/tpm2/mu.c
@@ -383,6 +383,49 @@ grub_tpm2_mu_TPMS_SENSITIVE_CREATE_Marshal 
(grub_tpm2_buffer_t buffer,
   grub_tpm2_mu_TPM2B_Marshal (buffer, p->data.size, p->data.buffer);
 }
 
+void
+grub_tpm2_mu_TPMU_SENSITIVE_COMPOSITE_Marshal (grub_tpm2_buffer_t buffer,
+                                               const TPMI_ALG_PUBLIC type,
+                                               const TPMU_SENSITIVE_COMPOSITE 
*p)
+{
+  switch(type)
+    {
+    case TPM_ALG_RSA:
+      grub_tpm2_mu_TPM2B_Marshal (buffer, p->rsa.size, p->rsa.buffer);
+      break;
+    case TPM_ALG_ECC:
+      grub_tpm2_mu_TPM2B_Marshal (buffer, p->ecc.size, p->ecc.buffer);
+      break;
+    case TPM_ALG_KEYEDHASH:
+      grub_tpm2_mu_TPM2B_Marshal (buffer, p->bits.size, p->bits.buffer);
+      break;
+    case TPM_ALG_SYMCIPHER:
+      grub_tpm2_mu_TPM2B_Marshal (buffer, p->sym.size, p->sym.buffer);
+      break;
+    default:
+      buffer->error = 1;
+    }
+}
+
+void
+grub_tpm2_mu_TPMT_SENSITIVE_Marshal (grub_tpm2_buffer_t buffer,
+                                     const TPMT_SENSITIVE *p)
+{
+  grub_tpm2_buffer_pack_u16 (buffer, p->sensitiveType);
+  grub_tpm2_mu_TPM2B_Marshal (buffer, p->authValue.size, p->authValue.buffer);
+  grub_tpm2_mu_TPM2B_Marshal (buffer, p->seedValue.size, p->seedValue.buffer);
+  grub_tpm2_mu_TPMU_SENSITIVE_COMPOSITE_Marshal (buffer, p->sensitiveType,
+                                                 &p->sensitive);
+}
+
+void
+grub_tpm2_mu_TPM2B_SENSITIVE_Marshal (grub_tpm2_buffer_t buffer,
+                                      const TPM2B_SENSITIVE *p)
+{
+  grub_tpm2_buffer_pack_u16 (buffer, p->size);
+  grub_tpm2_mu_TPMT_SENSITIVE_Marshal (buffer, &p->sensitiveArea);
+}
+
 void
 grub_tpm2_mu_TPM2B_SENSITIVE_CREATE_Marshal (grub_tpm2_buffer_t buffer,
                                             const TPM2B_SENSITIVE_CREATE 
*sensitiveCreate)
@@ -405,6 +448,113 @@ grub_tpm2_mu_TPM2B_SENSITIVE_CREATE_Marshal 
(grub_tpm2_buffer_t buffer,
     grub_tpm2_buffer_pack_u16 (buffer, 0);
 }
 
+void
+grub_tpm2_mu_TPMS_SIGNATURE_RSA_Marshal (grub_tpm2_buffer_t buffer,
+                                         const TPMS_SIGNATURE_RSA *p)
+{
+  grub_tpm2_buffer_pack_u16 (buffer, p->hash);
+  grub_tpm2_mu_TPM2B_Marshal (buffer, p->sig.size, p->sig.buffer);
+}
+
+void
+grub_tpm2_mu_TPMS_SIGNATURE_ECC_Marshal (grub_tpm2_buffer_t buffer,
+                                         const TPMS_SIGNATURE_ECC *p)
+{
+  grub_tpm2_buffer_pack_u16 (buffer, p->hash);
+  grub_tpm2_mu_TPM2B_Marshal (buffer, p->signatureR.size, 
p->signatureR.buffer);
+  grub_tpm2_mu_TPM2B_Marshal (buffer, p->signatureS.size, 
p->signatureS.buffer);
+}
+
+void
+grub_tpm2_mu_TPMU_HA_Marshal (grub_tpm2_buffer_t buffer,
+                              const TPMI_ALG_HASH hashAlg,
+                              const TPMU_HA *p)
+{
+  switch (hashAlg)
+    {
+    case TPM_ALG_SHA1:
+      for (grub_uint16_t i = 0; i < TPM_SHA1_DIGEST_SIZE; i++)
+        grub_tpm2_buffer_pack_u8 (buffer, p->sha1[i]);
+      break;
+    case TPM_ALG_SHA256:
+      for (grub_uint16_t i = 0; i < TPM_SHA256_DIGEST_SIZE; i++)
+        grub_tpm2_buffer_pack_u8 (buffer, p->sha256[i]);
+      break;
+    case TPM_ALG_SHA384:
+      for (grub_uint16_t i = 0; i < TPM_SHA384_DIGEST_SIZE; i++)
+        grub_tpm2_buffer_pack_u8 (buffer, p->sha384[i]);
+      break;
+    case TPM_ALG_SHA512:
+      for (grub_uint16_t i = 0; i < TPM_SHA512_DIGEST_SIZE; i++)
+        grub_tpm2_buffer_pack_u8 (buffer, p->sha512[i]);
+      break;
+    default:
+      buffer->error = 1;
+      break;
+    }
+}
+
+void
+grub_tpm2_mu_TPMT_HA_Marshal (grub_tpm2_buffer_t buffer,
+                              const TPMT_HA *p)
+{
+  grub_tpm2_buffer_pack_u16 (buffer, p->hashAlg);
+  grub_tpm2_mu_TPMU_HA_Marshal (buffer, p->hashAlg, &p->digest);
+}
+
+void
+grub_tpm2_mu_TPMU_SIGNATURE_Marshal (grub_tpm2_buffer_t buffer,
+                                     const TPMI_ALG_SIG_SCHEME sigAlg,
+                                     const TPMU_SIGNATURE *p)
+{
+  switch (sigAlg)
+    {
+    case TPM_ALG_RSASSA:
+      grub_tpm2_mu_TPMS_SIGNATURE_RSA_Marshal (buffer, (TPMS_SIGNATURE_RSA 
*)&p->rsassa);
+      break;
+    case TPM_ALG_RSAPSS:
+      grub_tpm2_mu_TPMS_SIGNATURE_RSA_Marshal (buffer, (TPMS_SIGNATURE_RSA 
*)&p->rsapss);
+      break;
+    case TPM_ALG_ECDSA:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->ecdsa);
+      break;
+    case TPM_ALG_ECDAA:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->ecdaa);
+      break;
+    case TPM_ALG_SM2:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->sm2);
+      break;
+    case TPM_ALG_ECSCHNORR:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Marshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->ecschnorr);
+      break;
+    case TPM_ALG_HMAC:
+      grub_tpm2_mu_TPMT_HA_Marshal (buffer, &p->hmac);
+      break;
+    case TPM_ALG_NULL:
+      break;
+    default:
+      buffer->error = 1;
+      break;
+    }
+}
+
+void
+grub_tpm2_mu_TPMT_SIGNATURE_Marshal (grub_tpm2_buffer_t buffer,
+                                     const TPMT_SIGNATURE *p)
+{
+  grub_tpm2_buffer_pack_u16 (buffer, p->sigAlg);
+  grub_tpm2_mu_TPMU_SIGNATURE_Marshal (buffer, p->sigAlg, &p->signature);
+}
+
+void
+grub_tpm2_mu_TPMT_TK_VERIFIED_Marshal (grub_tpm2_buffer_t buffer,
+                                       const TPMT_TK_VERIFIED *p)
+{
+  grub_tpm2_buffer_pack_u16 (buffer, p->tag);
+  grub_tpm2_buffer_pack_u32 (buffer, p->hierarchy);
+  grub_tpm2_mu_TPM2B_Marshal (buffer, p->digest.size, p->digest.buffer);
+}
+
 void
 grub_tpm2_mu_TPM2B_Unmarshal (grub_tpm2_buffer_t buffer,
                              TPM2B* p)
@@ -775,6 +925,24 @@ grub_tpm2_mu_TPMT_TK_CREATION_Unmarshal 
(grub_tpm2_buffer_t buffer,
   grub_tpm2_mu_TPM2B_Unmarshal (buffer, (TPM2B*) &p->digest);
 }
 
+void
+grub_tpm2_mu_TPMT_TK_HASHCHECK_Unmarshal (grub_tpm2_buffer_t buffer,
+                                          TPMT_TK_HASHCHECK *p)
+{
+  grub_tpm2_buffer_unpack_u16 (buffer, &p->tag);
+  grub_tpm2_buffer_unpack_u32 (buffer, &p->hierarchy);
+  grub_tpm2_mu_TPM2B_Unmarshal (buffer, (TPM2B*) &p->digest);
+}
+
+void
+grub_tpm2_mu_TPMT_TK_VERIFIED_Unmarshal (grub_tpm2_buffer_t buffer,
+                                         TPMT_TK_VERIFIED *p)
+{
+  grub_tpm2_buffer_unpack_u16 (buffer, &p->tag);
+  grub_tpm2_buffer_unpack_u32 (buffer, &p->hierarchy);
+  grub_tpm2_mu_TPM2B_Unmarshal (buffer, (TPM2B*) &p->digest);
+}
+
 void
 grub_tpm2_mu_TPMS_PCR_SELECTION_Unmarshal (grub_tpm2_buffer_t buf,
                                           TPMS_PCR_SELECTION* pcrSelection)
@@ -805,3 +973,97 @@ grub_tpm2_mu_TPML_DIGEST_Unmarshal (grub_tpm2_buffer_t buf,
   for (grub_uint32_t i = 0; i < digest->count; i++)
     grub_tpm2_mu_TPM2B_DIGEST_Unmarshal (buf, &digest->digests[i]);
 }
+
+void
+grub_tpm2_mu_TPMS_SIGNATURE_RSA_Unmarshal (grub_tpm2_buffer_t buffer,
+                                           TPMS_SIGNATURE_RSA *rsa)
+{
+  grub_tpm2_buffer_unpack_u16 (buffer, &rsa->hash);
+  grub_tpm2_mu_TPM2B_Unmarshal (buffer, (TPM2B*)&rsa->sig);
+}
+
+void
+grub_tpm2_mu_TPMS_SIGNATURE_ECC_Unmarshal (grub_tpm2_buffer_t buffer,
+                                           TPMS_SIGNATURE_ECC *ecc)
+{
+  grub_tpm2_buffer_unpack_u16 (buffer, &ecc->hash);
+  grub_tpm2_mu_TPM2B_Unmarshal (buffer, (TPM2B*)&ecc->signatureR);
+  grub_tpm2_mu_TPM2B_Unmarshal (buffer, (TPM2B*)&ecc->signatureS);
+}
+
+void
+grub_tpm2_mu_TPMU_HA_Unmarshal (grub_tpm2_buffer_t buffer,
+                                TPMI_ALG_HASH hashAlg,
+                                TPMU_HA *p)
+{
+  switch (hashAlg)
+    {
+    case TPM_ALG_SHA1:
+      grub_tpm2_buffer_unpack (buffer, &p->sha1, TPM_SHA1_DIGEST_SIZE);
+      break;
+    case TPM_ALG_SHA256:
+      grub_tpm2_buffer_unpack (buffer, &p->sha256, TPM_SHA256_DIGEST_SIZE);
+      break;
+    case TPM_ALG_SHA384:
+      grub_tpm2_buffer_unpack (buffer, &p->sha384, TPM_SHA384_DIGEST_SIZE);
+      break;
+    case TPM_ALG_SHA512:
+      grub_tpm2_buffer_unpack (buffer, &p->sha512, TPM_SHA512_DIGEST_SIZE);
+      break;
+    default:
+      buffer->error = 1;
+      break;
+    }
+}
+
+void
+grub_tpm2_mu_TPMT_HA_Unmarshal (grub_tpm2_buffer_t buffer,
+                                TPMT_HA *p)
+{
+  grub_tpm2_buffer_unpack_u16 (buffer, &p->hashAlg);
+  grub_tpm2_mu_TPMU_HA_Unmarshal (buffer, p->hashAlg, &p->digest);
+}
+
+void
+grub_tpm2_mu_TPMU_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buffer,
+                                       TPMI_ALG_SIG_SCHEME sigAlg,
+                                       TPMU_SIGNATURE *p)
+{
+  switch (sigAlg)
+    {
+    case TPM_ALG_RSASSA:
+      grub_tpm2_mu_TPMS_SIGNATURE_RSA_Unmarshal (buffer, (TPMS_SIGNATURE_RSA 
*)&p->rsassa);
+      break;
+    case TPM_ALG_RSAPSS:
+      grub_tpm2_mu_TPMS_SIGNATURE_RSA_Unmarshal (buffer, (TPMS_SIGNATURE_RSA 
*)&p->rsapss);
+      break;
+    case TPM_ALG_ECDSA:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->ecdsa);
+      break;
+    case TPM_ALG_ECDAA:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->ecdaa);
+      break;
+    case TPM_ALG_SM2:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->sm2);
+      break;
+    case TPM_ALG_ECSCHNORR:
+      grub_tpm2_mu_TPMS_SIGNATURE_ECC_Unmarshal (buffer, (TPMS_SIGNATURE_ECC 
*)&p->ecschnorr);
+      break;
+    case TPM_ALG_HMAC:
+      grub_tpm2_mu_TPMT_HA_Unmarshal (buffer, &p->hmac);
+      break;
+    case TPM_ALG_NULL:
+      break;
+    default:
+      buffer->error = 1;
+      break;
+    }
+}
+
+void
+grub_tpm2_mu_TPMT_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buffer,
+                                       TPMT_SIGNATURE *p)
+{
+  grub_tpm2_buffer_unpack_u16 (buffer, &p->sigAlg);
+  grub_tpm2_mu_TPMU_SIGNATURE_Unmarshal (buffer, p->sigAlg, &p->signature);
+}
diff --git a/include/grub/tpm2/mu.h b/include/grub/tpm2/mu.h
index c545976db..afb842ab5 100644
--- a/include/grub/tpm2/mu.h
+++ b/include/grub/tpm2/mu.h
@@ -147,6 +147,47 @@ grub_tpm2_mu_TPM2B_SENSITIVE_CREATE_Marshal 
(grub_tpm2_buffer_t buf,
                                             const TPM2B_SENSITIVE_CREATE 
*sensitiveCreate);
 
 void
+grub_tpm2_mu_TPMU_SENSITIVE_COMPOSITE_Marshal (grub_tpm2_buffer_t buf,
+                                               const TPMI_ALG_PUBLIC type,
+                                               const TPMU_SENSITIVE_COMPOSITE 
*p);
+void
+grub_tpm2_mu_TPMT_SENSITIVE_Marshal (grub_tpm2_buffer_t buf,
+                                     const TPMT_SENSITIVE *p);
+
+void
+grub_tpm2_mu_TPM2B_SENSITIVE_Marshal (grub_tpm2_buffer_t buf,
+                                      const TPM2B_SENSITIVE *p);
+
+void
+grub_tpm2_mu_TPMS_SIGNATURE_RSA_Marshal (grub_tpm2_buffer_t buf,
+                                         const TPMS_SIGNATURE_RSA *p);
+
+void
+grub_tpm2_mu_TPMS_SIGNATURE_ECC_Marshal (grub_tpm2_buffer_t buf,
+                                         const TPMS_SIGNATURE_ECC *p);
+
+void
+grub_tpm2_mu_TPMU_HA_Marshal (grub_tpm2_buffer_t buf,
+                              const TPMI_ALG_HASH hashAlg,
+                              const TPMU_HA *p);
+
+void
+grub_tpm2_mu_TPMT_HA_Marshal (grub_tpm2_buffer_t buf,
+                              const TPMT_HA *p);
+
+void
+grub_tpm2_mu_TPMU_SIGNATURE_Marshal (grub_tpm2_buffer_t buf,
+                                     const TPMI_ALG_SIG_SCHEME sigAlg,
+                                     const TPMU_SIGNATURE *p);
+
+void
+grub_tpm2_mu_TPMT_SIGNATURE_Marshal (grub_tpm2_buffer_t buf,
+                                     const TPMT_SIGNATURE *p);
+
+void
+grub_tpm2_mu_TPMT_TK_VERIFIED_Marshal (grub_tpm2_buffer_t buf,
+                                       const TPMT_TK_VERIFIED *p);
+void
 grub_tpm2_mu_TPM2B_Unmarshal (grub_tpm2_buffer_t buf,
                              TPM2B* p);
 
@@ -277,6 +318,14 @@ void
 grub_tpm2_mu_TPMT_TK_CREATION_Unmarshal (grub_tpm2_buffer_t buf,
                                         TPMT_TK_CREATION *p);
 
+void
+grub_tpm2_mu_TPMT_TK_HASHCHECK_Unmarshal (grub_tpm2_buffer_t buf,
+                                          TPMT_TK_HASHCHECK *p);
+
+void
+grub_tpm2_mu_TPMT_TK_VERIFIED_Unmarshal (grub_tpm2_buffer_t buf,
+                                         TPMT_TK_VERIFIED *p);
+
 void
 grub_tpm2_mu_TPMS_PCR_SELECTION_Unmarshal (grub_tpm2_buffer_t buf,
                                           TPMS_PCR_SELECTION* pcrSelection);
@@ -289,4 +338,30 @@ void
 grub_tpm2_mu_TPML_DIGEST_Unmarshal (grub_tpm2_buffer_t buf,
                                    TPML_DIGEST* digest);
 
+void
+grub_tpm2_mu_TPMS_SIGNATURE_RSA_Unmarshal (grub_tpm2_buffer_t buf,
+                                           TPMS_SIGNATURE_RSA *p);
+
+void
+grub_tpm2_mu_TPMS_SIGNATURE_ECC_Unmarshal (grub_tpm2_buffer_t buf,
+                                           TPMS_SIGNATURE_ECC *p);
+
+void
+grub_tpm2_mu_TPMU_HA_Unmarshal (grub_tpm2_buffer_t buf,
+                                TPMI_ALG_HASH hashAlg,
+                                TPMU_HA *p);
+
+void
+grub_tpm2_mu_TPMT_HA_Unmarshal (grub_tpm2_buffer_t buf,
+                                TPMT_HA *p);
+
+void
+grub_tpm2_mu_TPMU_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buf,
+                                       TPMI_ALG_SIG_SCHEME sigAlg,
+                                       TPMU_SIGNATURE *p);
+
+void
+grub_tpm2_mu_TPMT_SIGNATURE_Unmarshal (grub_tpm2_buffer_t buf,
+                                       TPMT_SIGNATURE *p);
+
 #endif /* ! GRUB_TPM2_MU_HEADER */
-- 
2.35.3




reply via email to

[Prev in Thread] Current Thread [Next in Thread]