diff mbox series

[v2,3/3] tcgbios: Add support for SHA3 type of algorithms

Message ID 20200330121029.866011-4-stefanb@linux.vnet.ibm.com
State New
Headers show
Series Some tcgbios related fixes and updates | expand

Commit Message

Stefan Berger March 30, 2020, 12:10 p.m. UTC
From: Stefan Berger <stefanb@linux.ibm.com>

Add support for SHA3 type of algorithms that the vTPM may support
some time in the future.

The algorithms are assigned in "TCG Algorithm Registry"
https://trustedcomputinggroup.org/resource/tcg-algorithm-registry/

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 lib/libtpm/tcgbios.c     | 26 +++++++++++++++++++++++---
 lib/libtpm/tcgbios_int.h |  6 ++++++
 2 files changed, 29 insertions(+), 3 deletions(-)

Comments

Alexey Kardashevskiy May 8, 2020, 1:01 a.m. UTC | #1
On 30/03/2020 23:10, Stefan Berger wrote:
> From: Stefan Berger <stefanb@linux.ibm.com>
> 
> Add support for SHA3 type of algorithms that the vTPM may support
> some time in the future.
> 
> The algorithms are assigned in "TCG Algorithm Registry"
> https://trustedcomputinggroup.org/resource/tcg-algorithm-registry/
> 
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
>  lib/libtpm/tcgbios.c     | 26 +++++++++++++++++++++++---
>  lib/libtpm/tcgbios_int.h |  6 ++++++
>  2 files changed, 29 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
> index c0e1b45..7d1bd15 100644
> --- a/lib/libtpm/tcgbios.c
> +++ b/lib/libtpm/tcgbios.c
> @@ -69,6 +69,9 @@ static struct {
>  #define TPM2_ALG_SHA384_FLAG        (1 << 2)
>  #define TPM2_ALG_SHA512_FLAG        (1 << 3)
>  #define TPM2_ALG_SM3_256_FLAG       (1 << 4)
> +#define TPM2_ALG_SHA3_256_FLAG      (1 << 5)
> +#define TPM2_ALG_SHA3_384_FLAG      (1 << 6)
> +#define TPM2_ALG_SHA3_512_FLAG      (1 << 7)
>  
>  static const uint8_t ZeroGuid[16] = { 0 };
>  
> @@ -115,9 +118,10 @@ static void probe_tpm(void)
>  struct tpm_log_entry {
>  	TCG_PCR_EVENT2_Header hdr;
>  	uint8_t pad[sizeof(struct TPML_DIGEST_VALUES)
> -	   + 5 * sizeof(struct TPMT_HA)
> +	   + 8 * sizeof(struct TPMT_HA)
>  	   + SHA1_BUFSIZE + SHA256_BUFSIZE + SHA384_BUFSIZE
> -	   + SHA512_BUFSIZE + SM3_256_BUFSIZE];
> +	   + SHA512_BUFSIZE + SM3_256_BUFSIZE + SHA3_256_BUFSIZE
> +	   + SHA3_384_BUFSIZE + SHA3_512_BUFSIZE];
>  } __attribute__((packed));
>  
>  static const struct hash_parameters {
> @@ -152,6 +156,21 @@ static const struct hash_parameters {
>  		.hashalg_flag = TPM2_ALG_SM3_256_FLAG,
>  		.hash_buffersize = SM3_256_BUFSIZE,
>  		.name = "SM3-256",
> +	}, {
> +		.hashalg = TPM2_ALG_SHA3_256,
> +		.hashalg_flag = TPM2_ALG_SHA3_256_FLAG,
> +		.hash_buffersize = SHA3_256_BUFSIZE,
> +		.name = "SHA3-256",
> +	}, {
> +		.hashalg = TPM2_ALG_SHA3_384,
> +		.hashalg_flag = TPM2_ALG_SHA3_384_FLAG,
> +		.hash_buffersize = SHA3_384_BUFSIZE,
> +		.name = "SHA3-384",
> +	}, {
> +		.hashalg = TPM2_ALG_SHA3_512,
> +		.hashalg_flag = TPM2_ALG_SHA3_512_FLAG,
> +		.hash_buffersize = SHA3_512_BUFSIZE,
> +		.name = "SHA3-512",
>  	}
>  };
>  
> @@ -635,7 +654,8 @@ static int tpm20_write_EfiSpecIdEventStruct(void)
>  {
>  	struct {
>  		struct TCG_EfiSpecIdEventStruct hdr;
> -		uint32_t pad[256];
> +		uint32_t pad[sizeof(struct tpm_log_entry) +
> +		             sizeof(uint8_t)];

Why this change? It was 256 and now it is 365 which is not even even.


>  	} event = {
>  		.hdr.signature = "Spec ID Event03",
>  		.hdr.platformClass = TPM_TCPA_ACPI_CLASS_CLIENT,
> diff --git a/lib/libtpm/tcgbios_int.h b/lib/libtpm/tcgbios_int.h
> index 1a88402..22df31d 100644
> --- a/lib/libtpm/tcgbios_int.h
> +++ b/lib/libtpm/tcgbios_int.h
> @@ -50,6 +50,9 @@
>  #define SHA384_BUFSIZE                  48
>  #define SHA512_BUFSIZE                  64
>  #define SM3_256_BUFSIZE                 32
> +#define SHA3_256_BUFSIZE		32
> +#define SHA3_384_BUFSIZE		48
> +#define SHA3_512_BUFSIZE		64
>  
>  /*
>   * Logging for TPM 2 is specified in TCG spec "TCG PC Client Platform
> @@ -169,6 +172,9 @@ struct tpm_rsp_header {
>  #define TPM2_ALG_SHA384             0x000c
>  #define TPM2_ALG_SHA512             0x000d
>  #define TPM2_ALG_SM3_256            0x0012
> +#define TPM2_ALG_SHA3_256           0x0027
> +#define TPM2_ALG_SHA3_384           0x0028
> +#define TPM2_ALG_SHA3_512           0x0029
>  
>  /* TPM 2 command tags */
>  #define TPM2_ST_NO_SESSIONS         0x8001
>
Stefan Berger May 8, 2020, 7:15 p.m. UTC | #2
On 5/7/20 9:01 PM, Alexey Kardashevskiy wrote:
>
> On 30/03/2020 23:10, Stefan Berger wrote:
>> From: Stefan Berger <stefanb@linux.ibm.com>
>>
>> Add support for SHA3 type of algorithms that the vTPM may support
>> some time in the future.
>>
>> The algorithms are assigned in "TCG Algorithm Registry"
>> https://trustedcomputinggroup.org/resource/tcg-algorithm-registry/
>>
>> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
>> ---
>>   lib/libtpm/tcgbios.c     | 26 +++++++++++++++++++++++---
>>   lib/libtpm/tcgbios_int.h |  6 ++++++
>>   2 files changed, 29 insertions(+), 3 deletions(-)
>>
>>
>>   
>> @@ -635,7 +654,8 @@ static int tpm20_write_EfiSpecIdEventStruct(void)
>>   {
>>   	struct {
>>   		struct TCG_EfiSpecIdEventStruct hdr;
>> -		uint32_t pad[256];
>> +		uint32_t pad[sizeof(struct tpm_log_entry) +
>> +		             sizeof(uint8_t)];
> Why this change? It was 256 and now it is 365 which is not even even.


This is due to the expansion of 'struct tpm_log_entry' above. It doesn't 
need to be even. Also, it wasn't really supposed to be a hard coded 256 
but was big enough at that time.

The uint8 stems from the vendorInfoSize field. (see also here where I 
forgotten it initially: 
https://mail.coreboot.org/hyperkitty/list/seabios@seabios.org/thread/5WTDAKLZIDFTQFCI2R3OUTI6GD5KGXUD/)



    Stefan
diff mbox series

Patch

diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
index c0e1b45..7d1bd15 100644
--- a/lib/libtpm/tcgbios.c
+++ b/lib/libtpm/tcgbios.c
@@ -69,6 +69,9 @@  static struct {
 #define TPM2_ALG_SHA384_FLAG        (1 << 2)
 #define TPM2_ALG_SHA512_FLAG        (1 << 3)
 #define TPM2_ALG_SM3_256_FLAG       (1 << 4)
+#define TPM2_ALG_SHA3_256_FLAG      (1 << 5)
+#define TPM2_ALG_SHA3_384_FLAG      (1 << 6)
+#define TPM2_ALG_SHA3_512_FLAG      (1 << 7)
 
 static const uint8_t ZeroGuid[16] = { 0 };
 
@@ -115,9 +118,10 @@  static void probe_tpm(void)
 struct tpm_log_entry {
 	TCG_PCR_EVENT2_Header hdr;
 	uint8_t pad[sizeof(struct TPML_DIGEST_VALUES)
-	   + 5 * sizeof(struct TPMT_HA)
+	   + 8 * sizeof(struct TPMT_HA)
 	   + SHA1_BUFSIZE + SHA256_BUFSIZE + SHA384_BUFSIZE
-	   + SHA512_BUFSIZE + SM3_256_BUFSIZE];
+	   + SHA512_BUFSIZE + SM3_256_BUFSIZE + SHA3_256_BUFSIZE
+	   + SHA3_384_BUFSIZE + SHA3_512_BUFSIZE];
 } __attribute__((packed));
 
 static const struct hash_parameters {
@@ -152,6 +156,21 @@  static const struct hash_parameters {
 		.hashalg_flag = TPM2_ALG_SM3_256_FLAG,
 		.hash_buffersize = SM3_256_BUFSIZE,
 		.name = "SM3-256",
+	}, {
+		.hashalg = TPM2_ALG_SHA3_256,
+		.hashalg_flag = TPM2_ALG_SHA3_256_FLAG,
+		.hash_buffersize = SHA3_256_BUFSIZE,
+		.name = "SHA3-256",
+	}, {
+		.hashalg = TPM2_ALG_SHA3_384,
+		.hashalg_flag = TPM2_ALG_SHA3_384_FLAG,
+		.hash_buffersize = SHA3_384_BUFSIZE,
+		.name = "SHA3-384",
+	}, {
+		.hashalg = TPM2_ALG_SHA3_512,
+		.hashalg_flag = TPM2_ALG_SHA3_512_FLAG,
+		.hash_buffersize = SHA3_512_BUFSIZE,
+		.name = "SHA3-512",
 	}
 };
 
@@ -635,7 +654,8 @@  static int tpm20_write_EfiSpecIdEventStruct(void)
 {
 	struct {
 		struct TCG_EfiSpecIdEventStruct hdr;
-		uint32_t pad[256];
+		uint32_t pad[sizeof(struct tpm_log_entry) +
+		             sizeof(uint8_t)];
 	} event = {
 		.hdr.signature = "Spec ID Event03",
 		.hdr.platformClass = TPM_TCPA_ACPI_CLASS_CLIENT,
diff --git a/lib/libtpm/tcgbios_int.h b/lib/libtpm/tcgbios_int.h
index 1a88402..22df31d 100644
--- a/lib/libtpm/tcgbios_int.h
+++ b/lib/libtpm/tcgbios_int.h
@@ -50,6 +50,9 @@ 
 #define SHA384_BUFSIZE                  48
 #define SHA512_BUFSIZE                  64
 #define SM3_256_BUFSIZE                 32
+#define SHA3_256_BUFSIZE		32
+#define SHA3_384_BUFSIZE		48
+#define SHA3_512_BUFSIZE		64
 
 /*
  * Logging for TPM 2 is specified in TCG spec "TCG PC Client Platform
@@ -169,6 +172,9 @@  struct tpm_rsp_header {
 #define TPM2_ALG_SHA384             0x000c
 #define TPM2_ALG_SHA512             0x000d
 #define TPM2_ALG_SM3_256            0x0012
+#define TPM2_ALG_SHA3_256           0x0027
+#define TPM2_ALG_SHA3_384           0x0028
+#define TPM2_ALG_SHA3_512           0x0029
 
 /* TPM 2 command tags */
 #define TPM2_ST_NO_SESSIONS         0x8001