[PATCH] tpm: add TPM2_GetRandom command support
Dhananjay Phadke
dphadke at linux.microsoft.com
Fri Jun 5 01:43:59 CEST 2020
Add support for TPM2 GetRandom command
Signed-off-by: Dhananjay Phadke <dphadke at linux.microsoft.com>
---
include/tpm-v2.h | 13 +++++++++++++
lib/tpm-v2.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 57 insertions(+)
diff --git a/include/tpm-v2.h b/include/tpm-v2.h
index ae00803f6d..513697e9a1 100644
--- a/include/tpm-v2.h
+++ b/include/tpm-v2.h
@@ -70,6 +70,7 @@ enum tpm2_handles {
* @TPM2_CC_DAM_RESET: TPM2_DictionaryAttackLockReset().
* @TPM2_CC_DAM_PARAMETERS: TPM2_DictionaryAttackParameters().
* @TPM2_CC_GET_CAPABILITY: TPM2_GetCapibility().
+ * @TPM2_CC_GET_RANDOM: TPM2_GetRandom().
* @TPM2_CC_PCR_READ: TPM2_PCR_Read().
* @TPM2_CC_PCR_EXTEND: TPM2_PCR_Extend().
* @TPM2_CC_PCR_SETAUTHVAL: TPM2_PCR_SetAuthValue().
@@ -85,6 +86,7 @@ enum tpm2_command_codes {
TPM2_CC_DAM_PARAMETERS = 0x013A,
TPM2_CC_NV_READ = 0x014E,
TPM2_CC_GET_CAPABILITY = 0x017A,
+ TPM2_CC_GET_RANDOM = 0x017B,
TPM2_CC_PCR_READ = 0x017E,
TPM2_CC_PCR_EXTEND = 0x0182,
TPM2_CC_PCR_SETAUTHVAL = 0x0183,
@@ -308,4 +310,15 @@ u32 tpm2_pcr_setauthvalue(struct udevice *dev, const char *pw,
const ssize_t pw_sz, u32 index, const char *key,
const ssize_t key_sz);
+/**
+ * Issue a TPM2_GetRandom command.
+ *
+ * @dev TPM device
+ * @param data output buffer for the random bytes
+ * @param count size of output buffer
+ *
+ * @return return code of the operation
+ */
+u32 tpm2_get_random(struct udevice *dev, void *data, u32 count);
+
#endif /* __TPM_V2_H */
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index f89592d6e2..9d078877bc 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -421,3 +421,47 @@ u32 tpm2_pcr_setauthvalue(struct udevice *dev, const char *pw,
return tpm_sendrecv_command(dev, command_v2, NULL, NULL);
}
+
+u32 tpm2_get_random(struct udevice *dev, void *data, u32 count)
+{
+ const u8 command_v2[10] = {
+ tpm_u16(TPM2_ST_NO_SESSIONS),
+ tpm_u32(12),
+ tpm_u32(TPM2_CC_GET_RANDOM),
+ };
+ u8 buf[COMMAND_BUFFER_SIZE], response[COMMAND_BUFFER_SIZE];
+
+ const size_t data_size_offset = 10;
+ const size_t data_offset = 12;
+ size_t response_length = sizeof(response);
+ u32 data_size;
+ u8 *out = data;
+
+ while (count > 0) {
+ u32 this_bytes = min((size_t)count,
+ sizeof(response) - data_offset);
+ u32 err;
+
+ if (pack_byte_string(buf, sizeof(buf), "sw",
+ 0, command_v2, sizeof(command_v2),
+ sizeof(command_v2), this_bytes))
+ return TPM_LIB_ERROR;
+ err = tpm_sendrecv_command(dev, buf, response,
+ &response_length);
+ if (err)
+ return err;
+ if (unpack_byte_string(response, response_length, "w",
+ data_size_offset, &data_size))
+ return TPM_LIB_ERROR;
+ if (data_size > this_bytes)
+ return TPM_LIB_ERROR;
+ if (unpack_byte_string(response, response_length, "s",
+ data_offset, out, data_size))
+ return TPM_LIB_ERROR;
+
+ count -= data_size;
+ out += data_size;
+ }
+
+ return 0;
+}
--
2.17.1
More information about the U-Boot
mailing list