From e03f2793a6f0efb00692cedfc15f52ce04749ae4 Mon Sep 17 00:00:00 2001 From: Fergus Dall Date: Mon, 29 May 2023 02:20:23 +1000 Subject: [PATCH] mu: Fill in missing TPMU variants This introduces support (at the marshal/unmarshal level) for: - the SHA3 family of hash algorithms - the SHAKE256-derived family of hash algorithms - SHA256/192 - the EDDSA and EDDSA_PH signing schemes, used by curve25519 and curve448 - the tag TPM_ST_ATTEST_NV_DIGEST, for the new form of TPM2_NV_Certify that certifies a hash of the NV area - the legacy block cipher 3DES - the key derivation function KDF2 This also pulls in constants from the algorithm registry up to revision 01.33, except for the new hash-based signature schemes, TPM2_ALG_LMS and TPM2_ALG_XMSS, as these don't yet have defined structs for their scheme parameters and signatures. Signed-off-by: Fergus Dall --- include/tss2/tss2_tpm2_types.h | 67 +++++++++-- src/tss2-mu/tpmu-types.c | 208 ++++++++++++++++----------------- 2 files changed, 156 insertions(+), 119 deletions(-) diff --git a/include/tss2/tss2_tpm2_types.h b/include/tss2/tss2_tpm2_types.h index 063ac8c12..1a20d7bdd 100644 --- a/include/tss2/tss2_tpm2_types.h +++ b/include/tss2/tss2_tpm2_types.h @@ -29,12 +29,19 @@ #define TPM2_MAX_CONTEXT_SIZE 5120 /* Hash algorithm sizes */ -#define TPM2_SHA_DIGEST_SIZE 20 -#define TPM2_SHA1_DIGEST_SIZE 20 -#define TPM2_SHA256_DIGEST_SIZE 32 -#define TPM2_SHA384_DIGEST_SIZE 48 -#define TPM2_SHA512_DIGEST_SIZE 64 -#define TPM2_SM3_256_DIGEST_SIZE 32 +#define TPM2_SHA_DIGEST_SIZE 20 +#define TPM2_SHA1_DIGEST_SIZE 20 +#define TPM2_SHA256_DIGEST_SIZE 32 +#define TPM2_SHA384_DIGEST_SIZE 48 +#define TPM2_SHA512_DIGEST_SIZE 64 +#define TPM2_SHA256_192_DIGEST_SIZE 24 +#define TPM2_SM3_256_DIGEST_SIZE 32 +#define TPM2_SHA3_256_DIGEST_SIZE 32 +#define TPM2_SHA3_384_DIGEST_SIZE 48 +#define TPM2_SHA3_512_DIGEST_SIZE 64 +#define TPM2_SHAKE256_192_DIGEST_SIZE 24 +#define TPM2_SHAKE256_256_DIGEST_SIZE 32 +#define TPM2_SHAKE256_512_DIGEST_SIZE 64 /* Encryption algorithm sizes */ #define TPM2_MAX_SYM_BLOCK_SIZE 16 @@ -86,6 +93,7 @@ typedef UINT16 TPM2_ALG_ID; #define TPM2_ALG_SHA256 ((TPM2_ALG_ID) 0x000B) #define TPM2_ALG_SHA384 ((TPM2_ALG_ID) 0x000C) #define TPM2_ALG_SHA512 ((TPM2_ALG_ID) 0x000D) +#define TPM2_ALG_SHA256_192 ((TPM2_ALG_ID) 0x000E) #define TPM2_ALG_NULL ((TPM2_ALG_ID) 0x0010) #define TPM2_ALG_SM3_256 ((TPM2_ALG_ID) 0x0012) #define TPM2_ALG_SM4 ((TPM2_ALG_ID) 0x0013) @@ -105,17 +113,29 @@ typedef UINT16 TPM2_ALG_ID; #define TPM2_ALG_ECC ((TPM2_ALG_ID) 0x0023) #define TPM2_ALG_SYMCIPHER ((TPM2_ALG_ID) 0x0025) #define TPM2_ALG_CAMELLIA ((TPM2_ALG_ID) 0x0026) -#define TPM2_ALG_CMAC ((TPM2_ALG_ID) 0x003F) -#define TPM2_ALG_CTR ((TPM2_ALG_ID) 0x0040) #define TPM2_ALG_SHA3_256 ((TPM2_ALG_ID) 0x0027) #define TPM2_ALG_SHA3_384 ((TPM2_ALG_ID) 0x0028) #define TPM2_ALG_SHA3_512 ((TPM2_ALG_ID) 0x0029) +#define TPM2_ALG_SHAKE128 ((TPM2_ALG_ID) 0x002A) +#define TPM2_ALG_SHAKE256 ((TPM2_ALG_ID) 0x002B) +#define TPM2_ALG_SHAKE256_192 ((TPM2_ALG_ID) 0x002C) +#define TPM2_ALG_SHAKE256_256 ((TPM2_ALG_ID) 0x002D) +#define TPM2_ALG_SHAKE256_512 ((TPM2_ALG_ID) 0x002E) +#define TPM2_ALG_CMAC ((TPM2_ALG_ID) 0x003F) +#define TPM2_ALG_CTR ((TPM2_ALG_ID) 0x0040) #define TPM2_ALG_OFB ((TPM2_ALG_ID) 0x0041) #define TPM2_ALG_CBC ((TPM2_ALG_ID) 0x0042) #define TPM2_ALG_CFB ((TPM2_ALG_ID) 0x0043) #define TPM2_ALG_ECB ((TPM2_ALG_ID) 0x0044) +#define TPM2_ALG_CCM ((TPM2_ALG_ID) 0x0050) +#define TPM2_ALG_GCM ((TPM2_ALG_ID) 0x0051) +#define TPM2_ALG_KW ((TPM2_ALG_ID) 0x0052) +#define TPM2_ALG_KWP ((TPM2_ALG_ID) 0x0053) +#define TPM2_ALG_EAX ((TPM2_ALG_ID) 0x0054) +#define TPM2_ALG_EDDSA ((TPM2_ALG_ID) 0x0060) +#define TPM2_ALG_EDDSA_PH ((TPM2_ALG_ID) 0x0061) #define TPM2_ALG_FIRST ((TPM2_ALG_ID) 0x0001) -#define TPM2_ALG_LAST ((TPM2_ALG_ID) 0x0044) +#define TPM2_ALG_LAST ((TPM2_ALG_ID) 0x0061) /* From TCG Algorithm Registry: Definition of TPM2_ECC_CURVE Constants */ typedef UINT16 TPM2_ECC_CURVE; @@ -128,6 +148,11 @@ typedef UINT16 TPM2_ECC_CURVE; #define TPM2_ECC_BN_P256 ((TPM2_ECC_CURVE) 0x0010) #define TPM2_ECC_BN_P638 ((TPM2_ECC_CURVE) 0x0011) #define TPM2_ECC_SM2_P256 ((TPM2_ECC_CURVE) 0x0020) +#define TPM2_ECC_BP_P256_R1 ((TPM2_ECC_CURVE) 0x0030) +#define TPM2_ECC_BP_P384_R1 ((TPM2_ECC_CURVE) 0x0031) +#define TPM2_ECC_BP_P512_R1 ((TPM2_ECC_CURVE) 0x0032) +#define TPM2_ECC_CURVE_25519 ((TPM2_ECC_CURVE) 0x0040) +#define TPM2_ECC_CURVE_448 ((TPM2_ECC_CURVE) 0x0041) /* From TPM 2.0 Part 2: Definition of TPM2_CC Constants */ typedef UINT32 TPM2_CC; @@ -439,6 +464,7 @@ typedef UINT16 TPM2_ST; #define TPM2_ST_ATTEST_TIME ((TPM2_ST) 0x8019) /* tag for an attestation structure */ #define TPM2_ST_ATTEST_CREATION ((TPM2_ST) 0x801A) /* tag for an attestation structure */ #define TPM2_ST_RESERVED3 ((TPM2_ST) 0x801B) /* do not use . NOTE This was previously assigned to TPM2_ST_ATTEST_NV. The tag is changed because the structure has changed */ +#define TPM2_ST_ATTEST_NV_DIGEST ((TPM2_ST) 0x801C) /* tag for an attestation structure */ #define TPM2_ST_CREATION ((TPM2_ST) 0x8021) /* tag for a ticket type */ #define TPM2_ST_VERIFIED ((TPM2_ST) 0x8022) /* tag for a ticket type */ #define TPM2_ST_AUTH_SECRET ((TPM2_ST) 0x8023) /* tag for a ticket type */ @@ -945,7 +971,14 @@ union TPMU_HA { BYTE sha256[TPM2_SHA256_DIGEST_SIZE]; BYTE sha384[TPM2_SHA384_DIGEST_SIZE]; BYTE sha512[TPM2_SHA512_DIGEST_SIZE]; + BYTE sha256_192[TPM2_SHA256_192_DIGEST_SIZE]; BYTE sm3_256[TPM2_SM3_256_DIGEST_SIZE]; + BYTE sha3_256[TPM2_SHA3_256_DIGEST_SIZE]; + BYTE sha3_384[TPM2_SHA3_384_DIGEST_SIZE]; + BYTE sha3_512[TPM2_SHA3_512_DIGEST_SIZE]; + BYTE shake256_192[TPM2_SHAKE256_192_DIGEST_SIZE]; + BYTE shake256_256[TPM2_SHAKE256_256_DIGEST_SIZE]; + BYTE shake256_512[TPM2_SHAKE256_512_DIGEST_SIZE]; }; /* Definition of TPMT_HA Structure */ @@ -1318,6 +1351,7 @@ union TPMU_ATTEST { TPMS_SESSION_AUDIT_INFO sessionAudit; TPMS_TIME_ATTEST_INFO time; TPMS_NV_CERTIFY_INFO nv; + TPMS_NV_DIGEST_CERTIFY_INFO nvDigest; }; /* Definition of TPMS_ATTEST Structure */ @@ -1365,12 +1399,16 @@ typedef TPM2_KEY_BITS TPMI_SM4_KEY_BITS; /* Definition of CAMELLIA TPM2_KEY_BITS TPMI_CAMELLIA_KEY_BITS Type */ typedef TPM2_KEY_BITS TPMI_CAMELLIA_KEY_BITS; +/* Definition of TDES TPM2_KEY_BITS TPMI_TDES_KEY_BITS Type */ +typedef TPM2_KEY_BITS TPMI_TDES_KEY_BITS; + /* Definition of TPMU_SYM_KEY_BITS Union */ typedef union TPMU_SYM_KEY_BITS TPMU_SYM_KEY_BITS; union TPMU_SYM_KEY_BITS { TPMI_AES_KEY_BITS aes; /* all symmetric algorithms */ TPMI_SM4_KEY_BITS sm4; /* all symmetric algorithms */ TPMI_CAMELLIA_KEY_BITS camellia; /* all symmetric algorithms */ + TPMI_TDES_KEY_BITS tdes; /* all symmetric algorithms */ TPM2_KEY_BITS sym; /* when selector may be any of the symmetric block ciphers */ TPMI_ALG_HASH exclusiveOr; /* overload for using xor. NOTE TPM2_ALG_NULL is not allowed */ TPMS_EMPTY null; /* TPM2_ALG_NULL */ @@ -1382,6 +1420,7 @@ union TPMU_SYM_MODE { TPMI_ALG_SYM_MODE aes; TPMI_ALG_SYM_MODE sm4; TPMI_ALG_SYM_MODE camellia; + TPMI_ALG_SYM_MODE tdes; TPMI_ALG_SYM_MODE sym; /* when selector may be any of the symmetric block ciphers */ TPMS_EMPTY exclusiveOr; /* TPM2_ALG_XOR */ TPMS_EMPTY null; /* TPM2_ALG_NULL */ @@ -1515,6 +1554,8 @@ typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_ECDSA; /* all asymmetric signing s typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_SM2; /* all asymmetric signing schemes */ typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_ECSCHNORR; /* all asymmetric signing schemes */ typedef TPMS_SCHEME_ECDAA TPMS_SIG_SCHEME_ECDAA; /* schemes that need a hash and a count */ +typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_EDDSA; /* all asymmetric signing schemes */ +typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_EDDSA_PH; /* all asymmetric signing schemes */ /* Definition of TPMU_SIG_SCHEME Union */ typedef union TPMU_SIG_SCHEME TPMU_SIG_SCHEME; @@ -1525,6 +1566,8 @@ union TPMU_SIG_SCHEME { TPMS_SIG_SCHEME_ECDAA ecdaa; /* all signing schemes including anonymous schemes */ TPMS_SIG_SCHEME_SM2 sm2; /* all signing schemes including anonymous schemes */ TPMS_SIG_SCHEME_ECSCHNORR ecschnorr; /* all signing schemes including anonymous schemes */ + TPMS_SIG_SCHEME_EDDSA eddsa; /* all signing schemes including anonymous schemes */ + TPMS_SIG_SCHEME_EDDSA_PH eddsa_ph; /* all signing schemes including anonymous schemes */ TPMS_SCHEME_HMAC hmac; /* the HMAC scheme */ TPMS_SCHEME_HASH any; /* selector that allows access to digest for any signing scheme */ TPMS_EMPTY null; /* TPM2_ALG_NULL */ @@ -1582,6 +1625,8 @@ union TPMU_ASYM_SCHEME { TPMS_SIG_SCHEME_ECDAA ecdaa; /* signing and anonymous signing */ TPMS_SIG_SCHEME_SM2 sm2; /* signing and anonymous signing */ TPMS_SIG_SCHEME_ECSCHNORR ecschnorr; /* signing and anonymous signing */ + TPMS_SIG_SCHEME_EDDSA eddsa; /* signing and anonymous signing */ + TPMS_SIG_SCHEME_EDDSA_PH eddsa_ph; /* signing and anonymous signing */ TPMS_ENC_SCHEME_RSAES rsaes; /* schemes with no hash */ TPMS_ENC_SCHEME_OAEP oaep; /* schemes with no hash */ TPMS_SCHEME_HASH anySig; @@ -1706,6 +1751,8 @@ typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_ECDSA; typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_ECDAA; typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_SM2; typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_ECSCHNORR; +typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_EDDSA; +typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_EDDSA_PH; /* Definition of TPMU_SIGNATURE Union */ typedef union TPMU_SIGNATURE TPMU_SIGNATURE; @@ -1716,6 +1763,8 @@ union TPMU_SIGNATURE { TPMS_SIGNATURE_ECDAA ecdaa; /* all asymmetric signatures */ TPMS_SIGNATURE_SM2 sm2; /* all asymmetric signatures */ TPMS_SIGNATURE_ECSCHNORR ecschnorr; /* all asymmetric signatures */ + TPMS_SIGNATURE_EDDSA eddsa; /* all asymmetric signatures */ + TPMS_SIGNATURE_EDDSA_PH eddsa_ph; /* all asymmetric signatures */ TPMT_HA hmac; /* HMAC signature required to be supported */ TPMS_SCHEME_HASH any; /* used to access the hash */ TPMS_EMPTY null; /* TPM2_ALG_NULL */ diff --git a/src/tss2-mu/tpmu-types.c b/src/tss2-mu/tpmu-types.c index a615a9baf..2a4f38971 100644 --- a/src/tss2-mu/tpmu-types.c +++ b/src/tss2-mu/tpmu-types.c @@ -64,60 +64,36 @@ static TSS2_RC marshal_tab(BYTE const *src, uint8_t buffer[], return TSS2_RC_SUCCESS; } -static TSS2_RC marshal_hash_sha(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, TPM2_SHA1_DIGEST_SIZE); -} - -static TSS2_RC marshal_hash_sha256(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, TPM2_SHA256_DIGEST_SIZE); -} - -static TSS2_RC marshal_hash_sha384(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, TPM2_SHA384_DIGEST_SIZE); -} - -static TSS2_RC marshal_hash_sha512(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, TPM2_SHA512_DIGEST_SIZE); -} - -static TSS2_RC marshal_sm3_256(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, TPM2_SM3_256_DIGEST_SIZE); +#define MARSHAL_TAB(name, size) \ +static TSS2_RC marshal_##name(BYTE const *src, uint8_t buffer[], \ + size_t buffer_size, size_t *offset) \ +{ \ + return marshal_tab(src, buffer, buffer_size, offset, size); \ } -static TSS2_RC marshal_ecc(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, sizeof(TPMS_ECC_POINT)); -} +#define MARSHAL_HASH(ALG) MARSHAL_TAB(hash_##ALG, TPM2_##ALG##_DIGEST_SIZE) -static TSS2_RC marshal_rsa(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, TPM2_MAX_RSA_KEY_BYTES); -} +MARSHAL_HASH(SHA1) +MARSHAL_HASH(SHA256) +MARSHAL_HASH(SHA384) +MARSHAL_HASH(SHA512) +MARSHAL_HASH(SHA256_192) +MARSHAL_HASH(SM3_256) +MARSHAL_HASH(SHA3_256) +MARSHAL_HASH(SHA3_384) +MARSHAL_HASH(SHA3_512) +MARSHAL_HASH(SHAKE256_192) +MARSHAL_HASH(SHAKE256_256) +MARSHAL_HASH(SHAKE256_512) -static TSS2_RC marshal_symmetric(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, sizeof(TPM2B_DIGEST)); -} +#undef MARSHAL_HASH -static TSS2_RC marshal_keyedhash(BYTE const *src, uint8_t buffer[], - size_t buffer_size, size_t *offset) -{ - return marshal_tab(src, buffer, buffer_size, offset, sizeof(TPM2B_DIGEST)); -} +MARSHAL_TAB(ecc, sizeof(TPMS_ECC_POINT)) +MARSHAL_TAB(rsa, TPM2_MAX_RSA_KEY_BYTES) +MARSHAL_TAB(symmetric, sizeof(TPM2B_DIGEST)) +MARSHAL_TAB(keyedhash, sizeof(TPM2B_DIGEST)) +#undef MARSHAL_TAB static TSS2_RC marshal_null(void const *src, uint8_t buffer[], size_t buffer_size, size_t *offset) @@ -167,59 +143,36 @@ static TSS2_RC unmarshal_tab(uint8_t const buffer[], size_t buffer_size, return TSS2_RC_SUCCESS; } -static TSS2_RC unmarshal_hash_sha(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, TPM2_SHA1_DIGEST_SIZE); -} - -static TSS2_RC unmarshal_hash_sha256(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, TPM2_SHA256_DIGEST_SIZE); -} - -static TSS2_RC unmarshal_hash_sha384(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, TPM2_SHA384_DIGEST_SIZE); -} - -static TSS2_RC unmarshal_hash_sha512(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, TPM2_SHA512_DIGEST_SIZE); +#define UNMARSHAL_TAB(name, size) \ +static TSS2_RC unmarshal_##name(uint8_t const buffer[], size_t buffer_size, \ + size_t *offset, BYTE *dest) \ +{ \ + return unmarshal_tab(buffer, buffer_size, offset, dest, size); \ } -static TSS2_RC unmarshal_sm3_256(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, TPM2_SM3_256_DIGEST_SIZE); -} +#define UNMARSHAL_HASH(ALG) UNMARSHAL_TAB(hash_##ALG, TPM2_##ALG##_DIGEST_SIZE) -static TSS2_RC unmarshal_ecc(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, sizeof(TPMS_ECC_POINT)); -} +UNMARSHAL_HASH(SHA1) +UNMARSHAL_HASH(SHA256) +UNMARSHAL_HASH(SHA384) +UNMARSHAL_HASH(SHA512) +UNMARSHAL_HASH(SHA256_192) +UNMARSHAL_HASH(SM3_256) +UNMARSHAL_HASH(SHA3_256) +UNMARSHAL_HASH(SHA3_384) +UNMARSHAL_HASH(SHA3_512) +UNMARSHAL_HASH(SHAKE256_192) +UNMARSHAL_HASH(SHAKE256_256) +UNMARSHAL_HASH(SHAKE256_512) -static TSS2_RC unmarshal_rsa(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, TPM2_MAX_RSA_KEY_BYTES); -} +#undef UNMARSHAL_HASH -static TSS2_RC unmarshal_symmetric(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, sizeof(TPM2B_DIGEST)); -} +UNMARSHAL_TAB(ecc, sizeof(TPMS_ECC_POINT)) +UNMARSHAL_TAB(rsa, TPM2_MAX_RSA_KEY_BYTES) +UNMARSHAL_TAB(symmetric, sizeof(TPM2B_DIGEST)) +UNMARSHAL_TAB(keyedhash, sizeof(TPM2B_DIGEST)) -static TSS2_RC unmarshal_keyedhash(uint8_t const buffer[], size_t buffer_size, - size_t *offset, BYTE *dest) -{ - return unmarshal_tab(buffer, buffer_size, offset, dest, sizeof(TPM2B_DIGEST)); -} +#undef UNMARSHAL_TAB static TSS2_RC unmarshal_null(uint8_t const buffer[], size_t buffer_size, size_t *offset, void *dest) @@ -451,17 +404,31 @@ TSS2_RC Tss2_MU_##type##_Unmarshal(uint8_t const buffer[], size_t buffer_size, \ * 3-tuple per line for the TPMU_UNMARSHAL2 macro. */ TPMU_MARSHAL2(TPMU_HA, - TPM2_ALG_SHA1, ADDR, sha1[0], marshal_hash_sha, - TPM2_ALG_SHA256, ADDR, sha256[0], marshal_hash_sha256, - TPM2_ALG_SHA384, ADDR, sha384[0], marshal_hash_sha384, - TPM2_ALG_SHA512, ADDR, sha512[0], marshal_hash_sha512, - TPM2_ALG_SM3_256, ADDR, sm3_256[0], marshal_sm3_256) + TPM2_ALG_SHA1, ADDR, sha1[0], marshal_hash_SHA1, + TPM2_ALG_SHA256, ADDR, sha256[0], marshal_hash_SHA256, + TPM2_ALG_SHA384, ADDR, sha384[0], marshal_hash_SHA384, + TPM2_ALG_SHA512, ADDR, sha512[0], marshal_hash_SHA512, + TPM2_ALG_SHA256_192, ADDR, sha256_192[0], marshal_hash_SHA256_192, + TPM2_ALG_SM3_256, ADDR, sm3_256[0], marshal_hash_SM3_256, + TPM2_ALG_SHA3_256, ADDR, sha3_256[0], marshal_hash_SHA3_256, + TPM2_ALG_SHA3_384, ADDR, sha3_384[0], marshal_hash_SHA3_384, + TPM2_ALG_SHA3_512, ADDR, sha3_512[0], marshal_hash_SHA3_512, + TPM2_ALG_SHAKE256_192, ADDR, shake256_192[0], marshal_hash_SHAKE256_192, + TPM2_ALG_SHAKE256_256, ADDR, shake256_256[0], marshal_hash_SHAKE256_256, + TPM2_ALG_SHAKE256_512, ADDR, shake256_512[0], marshal_hash_SHAKE256_512) TPMU_UNMARSHAL2(TPMU_HA, - TPM2_ALG_SHA1, sha1[0], unmarshal_hash_sha, - TPM2_ALG_SHA256, sha256[0], unmarshal_hash_sha256, - TPM2_ALG_SHA384, sha384[0], unmarshal_hash_sha384, - TPM2_ALG_SHA512, sha512[0], unmarshal_hash_sha512, - TPM2_ALG_SM3_256, sm3_256[0], unmarshal_sm3_256) + TPM2_ALG_SHA1, sha1[0], unmarshal_hash_SHA1, + TPM2_ALG_SHA256, sha256[0], unmarshal_hash_SHA256, + TPM2_ALG_SHA384, sha384[0], unmarshal_hash_SHA384, + TPM2_ALG_SHA512, sha512[0], unmarshal_hash_SHA512, + TPM2_ALG_SHA256_192, sha256_192[0], unmarshal_hash_SHA256_192, + TPM2_ALG_SM3_256, sm3_256[0], unmarshal_hash_SM3_256, + TPM2_ALG_SHA3_256, sha3_256[0], unmarshal_hash_SHA3_256, + TPM2_ALG_SHA3_384, sha3_384[0], unmarshal_hash_SHA3_384, + TPM2_ALG_SHA3_512, sha3_512[0], unmarshal_hash_SHA3_512, + TPM2_ALG_SHAKE256_192, shake256_192[0], unmarshal_hash_SHAKE256_192, + TPM2_ALG_SHAKE256_256, shake256_256[0], unmarshal_hash_SHAKE256_256, + TPM2_ALG_SHAKE256_512, shake256_512[0], unmarshal_hash_SHAKE256_512) TPMU_MARSHAL2(TPMU_CAPABILITIES, TPM2_CAP_ALGS, ADDR, algorithms, Tss2_MU_TPML_ALG_PROPERTY_Marshal, @@ -476,7 +443,6 @@ TPMU_MARSHAL2(TPMU_CAPABILITIES, TPM2_CAP_AUTH_POLICIES, ADDR, authPolicies, Tss2_MU_TPML_TAGGED_POLICY_Marshal, TPM2_CAP_ACT, ADDR, actData, Tss2_MU_TPML_ACT_DATA_Marshal, TPM2_CAP_VENDOR_PROPERTY, ADDR, vendor, Tss2_MU_TPM2B_MAX_CAP_BUFFER_Marshal) - TPMU_UNMARSHAL2(TPMU_CAPABILITIES, TPM2_CAP_ALGS, algorithms, Tss2_MU_TPML_ALG_PROPERTY_Unmarshal, TPM2_CAP_HANDLES, handles, Tss2_MU_TPML_HANDLE_Unmarshal, @@ -498,7 +464,8 @@ TPMU_MARSHAL2(TPMU_ATTEST, TPM2_ST_ATTEST_COMMAND_AUDIT, ADDR, commandAudit, Tss2_MU_TPMS_COMMAND_AUDIT_INFO_Marshal, TPM2_ST_ATTEST_SESSION_AUDIT, ADDR, sessionAudit, Tss2_MU_TPMS_SESSION_AUDIT_INFO_Marshal, TPM2_ST_ATTEST_TIME, ADDR, time, Tss2_MU_TPMS_TIME_ATTEST_INFO_Marshal, - TPM2_ST_ATTEST_NV, ADDR, nv, Tss2_MU_TPMS_NV_CERTIFY_INFO_Marshal) + TPM2_ST_ATTEST_NV, ADDR, nv, Tss2_MU_TPMS_NV_CERTIFY_INFO_Marshal, + TPM2_ST_ATTEST_NV_DIGEST, ADDR, nvDigest, Tss2_MU_TPMS_NV_DIGEST_CERTIFY_INFO_Marshal) TPMU_UNMARSHAL2(TPMU_ATTEST, TPM2_ST_ATTEST_CERTIFY, certify, Tss2_MU_TPMS_CERTIFY_INFO_Unmarshal, TPM2_ST_ATTEST_CREATION, creation, Tss2_MU_TPMS_CREATION_INFO_Unmarshal, @@ -506,18 +473,21 @@ TPMU_UNMARSHAL2(TPMU_ATTEST, TPM2_ST_ATTEST_COMMAND_AUDIT, commandAudit, Tss2_MU_TPMS_COMMAND_AUDIT_INFO_Unmarshal, TPM2_ST_ATTEST_SESSION_AUDIT, sessionAudit, Tss2_MU_TPMS_SESSION_AUDIT_INFO_Unmarshal, TPM2_ST_ATTEST_TIME, time, Tss2_MU_TPMS_TIME_ATTEST_INFO_Unmarshal, - TPM2_ST_ATTEST_NV, nv, Tss2_MU_TPMS_NV_CERTIFY_INFO_Unmarshal) + TPM2_ST_ATTEST_NV, nv, Tss2_MU_TPMS_NV_CERTIFY_INFO_Unmarshal, + TPM2_ST_ATTEST_NV_DIGEST, nvDigest, Tss2_MU_TPMS_NV_DIGEST_CERTIFY_INFO_Unmarshal) TPMU_MARSHAL2(TPMU_SYM_KEY_BITS, TPM2_ALG_AES, VAL, aes, Tss2_MU_UINT16_Marshal, TPM2_ALG_SM4, VAL, sm4, Tss2_MU_UINT16_Marshal, TPM2_ALG_CAMELLIA, VAL, camellia, Tss2_MU_UINT16_Marshal, + TPM2_ALG_TDES, VAL, tdes, Tss2_MU_UINT16_Marshal, TPM2_ALG_XOR, VAL, exclusiveOr, Tss2_MU_UINT16_Marshal, TPM2_ALG_SYMCIPHER, VAL, sym, Tss2_MU_UINT16_Marshal) TPMU_UNMARSHAL2(TPMU_SYM_KEY_BITS, TPM2_ALG_AES, aes, Tss2_MU_UINT16_Unmarshal, TPM2_ALG_SM4, sm4, Tss2_MU_UINT16_Unmarshal, TPM2_ALG_CAMELLIA, camellia, Tss2_MU_UINT16_Unmarshal, + TPM2_ALG_TDES, tdes, Tss2_MU_UINT16_Unmarshal, TPM2_ALG_XOR, exclusiveOr, Tss2_MU_UINT16_Unmarshal, TPM2_ALG_SYMCIPHER, sym, Tss2_MU_UINT16_Unmarshal) @@ -525,12 +495,14 @@ TPMU_MARSHAL2(TPMU_SYM_MODE, TPM2_ALG_AES, VAL, aes, Tss2_MU_UINT16_Marshal, TPM2_ALG_SM4, VAL, sm4, Tss2_MU_UINT16_Marshal, TPM2_ALG_CAMELLIA, VAL, camellia, Tss2_MU_UINT16_Marshal, + TPM2_ALG_TDES, VAL, tdes, Tss2_MU_UINT16_Marshal, TPM2_ALG_XOR, ADDR, sym, marshal_null, TPM2_ALG_SYMCIPHER, VAL, sym, Tss2_MU_UINT16_Marshal) TPMU_UNMARSHAL2(TPMU_SYM_MODE, TPM2_ALG_AES, aes, Tss2_MU_UINT16_Unmarshal, TPM2_ALG_SM4, sm4, Tss2_MU_UINT16_Unmarshal, TPM2_ALG_CAMELLIA, camellia, Tss2_MU_UINT16_Unmarshal, + TPM2_ALG_TDES, tdes, Tss2_MU_UINT16_Unmarshal, TPM2_ALG_XOR, sym, unmarshal_null, TPM2_ALG_SYMCIPHER, sym, Tss2_MU_UINT16_Unmarshal) @@ -541,6 +513,8 @@ TPMU_MARSHAL2(TPMU_SIG_SCHEME, TPM2_ALG_ECDAA, ADDR, ecdaa, Tss2_MU_TPMS_SCHEME_ECDAA_Marshal, TPM2_ALG_SM2, ADDR, sm2, Tss2_MU_TPMS_SCHEME_HASH_Marshal, TPM2_ALG_ECSCHNORR, ADDR, ecschnorr, Tss2_MU_TPMS_SCHEME_HASH_Marshal, + TPM2_ALG_EDDSA, ADDR, eddsa, Tss2_MU_TPMS_SCHEME_HASH_Marshal, + TPM2_ALG_EDDSA_PH, ADDR, eddsa_ph, Tss2_MU_TPMS_SCHEME_HASH_Marshal, TPM2_ALG_HMAC, ADDR, hmac, Tss2_MU_TPMS_SCHEME_HASH_Marshal) TPMU_UNMARSHAL2(TPMU_SIG_SCHEME, TPM2_ALG_RSASSA, rsassa, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, @@ -549,16 +523,20 @@ TPMU_UNMARSHAL2(TPMU_SIG_SCHEME, TPM2_ALG_ECDAA, ecdaa, Tss2_MU_TPMS_SCHEME_ECDAA_Unmarshal, TPM2_ALG_SM2, sm2, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, TPM2_ALG_ECSCHNORR, ecschnorr, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, + TPM2_ALG_EDDSA, eddsa, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, + TPM2_ALG_EDDSA_PH, eddsa_ph, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, TPM2_ALG_HMAC, hmac, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal) TPMU_MARSHAL2(TPMU_KDF_SCHEME, TPM2_ALG_MGF1, ADDR, mgf1, Tss2_MU_TPMS_SCHEME_HASH_Marshal, TPM2_ALG_KDF1_SP800_56A, ADDR, kdf1_sp800_56a, Tss2_MU_TPMS_SCHEME_HASH_Marshal, - TPM2_ALG_KDF1_SP800_108, ADDR, kdf1_sp800_108, Tss2_MU_TPMS_SCHEME_HASH_Marshal) + TPM2_ALG_KDF1_SP800_108, ADDR, kdf1_sp800_108, Tss2_MU_TPMS_SCHEME_HASH_Marshal, + TPM2_ALG_KDF2, ADDR, kdf2, Tss2_MU_TPMS_SCHEME_HASH_Marshal) TPMU_UNMARSHAL2(TPMU_KDF_SCHEME, TPM2_ALG_MGF1, mgf1, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, TPM2_ALG_KDF1_SP800_56A, kdf1_sp800_56a, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, - TPM2_ALG_KDF1_SP800_108, kdf1_sp800_108, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal) + TPM2_ALG_KDF1_SP800_108, kdf1_sp800_108, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, + TPM2_ALG_KDF2, kdf2, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal) TPMU_MARSHAL2(TPMU_ASYM_SCHEME, TPM2_ALG_ECDH, ADDR, ecdh, Tss2_MU_TPMS_SCHEME_HASH_Marshal, @@ -569,6 +547,8 @@ TPMU_MARSHAL2(TPMU_ASYM_SCHEME, TPM2_ALG_ECDAA, ADDR, ecdaa, Tss2_MU_TPMS_SCHEME_ECDAA_Marshal, TPM2_ALG_SM2, ADDR, sm2, Tss2_MU_TPMS_SCHEME_HASH_Marshal, TPM2_ALG_ECSCHNORR, ADDR, ecschnorr, Tss2_MU_TPMS_SCHEME_HASH_Marshal, + TPM2_ALG_EDDSA, ADDR, eddsa, Tss2_MU_TPMS_SCHEME_HASH_Marshal, + TPM2_ALG_EDDSA_PH, ADDR, eddsa_ph, Tss2_MU_TPMS_SCHEME_HASH_Marshal, TPM2_ALG_RSAES, ADDR, rsaes, marshal_null, TPM2_ALG_OAEP, ADDR, oaep, Tss2_MU_TPMS_SCHEME_HASH_Marshal) TPMU_UNMARSHAL2(TPMU_ASYM_SCHEME, @@ -580,6 +560,8 @@ TPMU_UNMARSHAL2(TPMU_ASYM_SCHEME, TPM2_ALG_ECDAA, ecdaa, Tss2_MU_TPMS_SCHEME_ECDAA_Unmarshal, TPM2_ALG_SM2, sm2, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, TPM2_ALG_ECSCHNORR, ecschnorr, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, + TPM2_ALG_EDDSA, eddsa, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, + TPM2_ALG_EDDSA_PH, eddsa_ph, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal, TPM2_ALG_RSAES, rsaes, unmarshal_null, TPM2_ALG_OAEP, oaep, Tss2_MU_TPMS_SCHEME_HASH_Unmarshal) @@ -597,6 +579,8 @@ TPMU_MARSHAL2(TPMU_SIGNATURE, TPM2_ALG_ECDAA, ADDR, ecdaa, Tss2_MU_TPMS_SIGNATURE_ECC_Marshal, TPM2_ALG_SM2, ADDR, sm2, Tss2_MU_TPMS_SIGNATURE_ECC_Marshal, TPM2_ALG_ECSCHNORR, ADDR, ecschnorr, Tss2_MU_TPMS_SIGNATURE_ECC_Marshal, + TPM2_ALG_EDDSA, ADDR, eddsa, Tss2_MU_TPMS_SIGNATURE_ECC_Marshal, + TPM2_ALG_EDDSA_PH, ADDR, eddsa_ph, Tss2_MU_TPMS_SIGNATURE_ECC_Marshal, TPM2_ALG_HMAC, ADDR, hmac, Tss2_MU_TPMT_HA_Marshal) TPMU_UNMARSHAL2(TPMU_SIGNATURE, TPM2_ALG_RSASSA, rsassa, Tss2_MU_TPMS_SIGNATURE_RSA_Unmarshal, @@ -605,6 +589,8 @@ TPMU_UNMARSHAL2(TPMU_SIGNATURE, TPM2_ALG_ECDAA, ecdaa, Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal, TPM2_ALG_SM2, sm2, Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal, TPM2_ALG_ECSCHNORR, ecschnorr, Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal, + TPM2_ALG_EDDSA, eddsa, Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal, + TPM2_ALG_EDDSA_PH, eddsa_ph, Tss2_MU_TPMS_SIGNATURE_ECC_Unmarshal, TPM2_ALG_HMAC, hmac, Tss2_MU_TPMT_HA_Unmarshal) TPMU_MARSHAL2(TPMU_SENSITIVE_COMPOSITE, @@ -654,12 +640,14 @@ TPMU_UNMARSHAL2(TPMU_PUBLIC_PARMS, TPMU_MARSHAL2(TPMU_NAME, sizeof(TPM2_HANDLE), VAL, handle, Tss2_MU_UINT32_Marshal, sizeof(TPM2_ALG_ID) + TPM2_SHA1_DIGEST_SIZE, ADDR, digest, Tss2_MU_TPMT_HA_Marshal, + sizeof(TPM2_ALG_ID) + TPM2_SHA256_192_DIGEST_SIZE, ADDR, digest, Tss2_MU_TPMT_HA_Marshal, sizeof(TPM2_ALG_ID) + TPM2_SHA256_DIGEST_SIZE, ADDR, digest, Tss2_MU_TPMT_HA_Marshal, sizeof(TPM2_ALG_ID) + TPM2_SHA384_DIGEST_SIZE, ADDR, digest, Tss2_MU_TPMT_HA_Marshal, sizeof(TPM2_ALG_ID) + TPM2_SHA512_DIGEST_SIZE, ADDR, digest, Tss2_MU_TPMT_HA_Marshal) TPMU_UNMARSHAL2(TPMU_NAME, sizeof(TPM2_HANDLE), handle, Tss2_MU_UINT32_Unmarshal, sizeof(TPM2_ALG_ID) + TPM2_SHA1_DIGEST_SIZE, digest, Tss2_MU_TPMT_HA_Unmarshal, + sizeof(TPM2_ALG_ID) + TPM2_SHA256_192_DIGEST_SIZE, digest, Tss2_MU_TPMT_HA_Unmarshal, sizeof(TPM2_ALG_ID) + TPM2_SHA256_DIGEST_SIZE, digest, Tss2_MU_TPMT_HA_Unmarshal, sizeof(TPM2_ALG_ID) + TPM2_SHA384_DIGEST_SIZE, digest, Tss2_MU_TPMT_HA_Unmarshal, sizeof(TPM2_ALG_ID) + TPM2_SHA512_DIGEST_SIZE, digest, Tss2_MU_TPMT_HA_Unmarshal)