Add support for SHA3 type of algorithms that a TPM2 may support
some time in the future.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
src/std/tcg.h | 9 +++++++++
src/tcgbios.c | 22 +++++++++++++++++++---
2 files changed, 28 insertions(+), 3 deletions(-)
diff --git a/src/std/tcg.h b/src/std/tcg.h
index 1c9eeb4..98cca49 100644
--- a/src/std/tcg.h
+++ b/src/std/tcg.h
@@ -8,6 +8,9 @@
#define SHA384_BUFSIZE 48
#define SHA512_BUFSIZE 64
#define SM3_256_BUFSIZE 32
+#define SHA3_256_BUFSIZE 32
+#define SHA3_384_BUFSIZE 48
+#define SHA3_512_BUFSIZE 64
/****************************************************************
@@ -335,12 +338,18 @@ struct tpm_res_sha1complete {
#define TPM2_ALG_SHA384 0x000c
#define TPM2_ALG_SHA512 0x000d
#define TPM2_ALG_SM3_256 0x0012
+#define TPM2_ALG_SHA3_256 0x0027
+#define TPM2_ALG_SHA3_384 0x0028
+#define TPM2_ALG_SHA3_512 0x0029
#define TPM2_ALG_SHA1_FLAG (1 << 0)
#define TPM2_ALG_SHA256_FLAG (1 << 1)
#define TPM2_ALG_SHA384_FLAG (1 << 2)
#define TPM2_ALG_SHA512_FLAG (1 << 3)
#define TPM2_ALG_SM3_256_FLAG (1 << 4)
+#define TPM2_ALG_SHA3_256_FLAG (1 << 5)
+#define TPM2_ALG_SHA3_384_FLAG (1 << 6)
+#define TPM2_ALG_SHA3_512_FLAG (1 << 7)
/* TPM 2 command tags */
#define TPM2_ST_NO_SESSIONS 0x8001
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 99005b9..25ae0c8 100644
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -156,9 +156,10 @@ static struct tpml_pcr_selection *tpm20_pcr_selection;
struct tpm_log_entry {
struct tpm_log_header hdr;
u8 pad[sizeof(struct tpm2_digest_values)
- + 5 * sizeof(struct tpm2_digest_value)
+ + 8 * sizeof(struct tpm2_digest_value)
+ SHA1_BUFSIZE + SHA256_BUFSIZE + SHA384_BUFSIZE
- + SHA512_BUFSIZE + SM3_256_BUFSIZE];
+ + SHA512_BUFSIZE + SM3_256_BUFSIZE + SHA3_256_BUFSIZE
+ + SHA3_384_BUFSIZE + SHA3_512_BUFSIZE];
} PACKED;
static const struct hash_parameters {
@@ -192,6 +193,21 @@ static const struct hash_parameters {
.hashalg_flag = TPM2_ALG_SM3_256_FLAG,
.hash_buffersize = SM3_256_BUFSIZE,
.name = "SM3-256",
+ }, {
+ .hashalg = TPM2_ALG_SHA3_256,
+ .hashalg_flag = TPM2_ALG_SHA3_256_FLAG,
+ .hash_buffersize = SHA3_256_BUFSIZE,
+ .name = "SHA3-256",
+ }, {
+ .hashalg = TPM2_ALG_SHA3_384,
+ .hashalg_flag = TPM2_ALG_SHA3_384_FLAG,
+ .hash_buffersize = SHA3_384_BUFSIZE,
+ .name = "SHA3-384",
+ }, {
+ .hashalg = TPM2_ALG_SHA3_512,
+ .hashalg_flag = TPM2_ALG_SHA3_512_FLAG,
+ .hash_buffersize = SHA3_512_BUFSIZE,
+ .name = "SHA3-512",
}
};
@@ -252,7 +268,7 @@ tpm20_write_EfiSpecIdEventStruct(void)
struct {
struct TCG_EfiSpecIdEventStruct hdr;
- u8 pad[256];
+ u8 pad[sizeof(struct tpm_log_entry)];
} event = {
.hdr.signature = "Spec ID Event03",
.hdr.platformClass = TPM_TCPA_ACPI_CLASS_CLIENT,
--
2.24.1
_______________________________________________
SeaBIOS mailing list -- seabios@seabios.org
To unsubscribe send an email to seabios-leave@seabios.org
On 3/27/20 11:27 PM, Stefan Berger wrote:
> Add support for SHA3 type of algorithms that a TPM2 may support
> some time in the future.
>
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
> src/std/tcg.h | 9 +++++++++
> src/tcgbios.c | 22 +++++++++++++++++++---
> 2 files changed, 28 insertions(+), 3 deletions(-)
>
> diff --git a/src/std/tcg.h b/src/std/tcg.h
> index 1c9eeb4..98cca49 100644
> --- a/src/std/tcg.h
> +++ b/src/std/tcg.h
> @@ -8,6 +8,9 @@
> #define SHA384_BUFSIZE 48
> #define SHA512_BUFSIZE 64
> #define SM3_256_BUFSIZE 32
> +#define SHA3_256_BUFSIZE 32
> +#define SHA3_384_BUFSIZE 48
> +#define SHA3_512_BUFSIZE 64
>
>
> /****************************************************************
> @@ -335,12 +338,18 @@ struct tpm_res_sha1complete {
> #define TPM2_ALG_SHA384 0x000c
> #define TPM2_ALG_SHA512 0x000d
> #define TPM2_ALG_SM3_256 0x0012
> +#define TPM2_ALG_SHA3_256 0x0027
> +#define TPM2_ALG_SHA3_384 0x0028
> +#define TPM2_ALG_SHA3_512 0x0029
>
> #define TPM2_ALG_SHA1_FLAG (1 << 0)
> #define TPM2_ALG_SHA256_FLAG (1 << 1)
> #define TPM2_ALG_SHA384_FLAG (1 << 2)
> #define TPM2_ALG_SHA512_FLAG (1 << 3)
> #define TPM2_ALG_SM3_256_FLAG (1 << 4)
> +#define TPM2_ALG_SHA3_256_FLAG (1 << 5)
> +#define TPM2_ALG_SHA3_384_FLAG (1 << 6)
> +#define TPM2_ALG_SHA3_512_FLAG (1 << 7)
>
> /* TPM 2 command tags */
> #define TPM2_ST_NO_SESSIONS 0x8001
> diff --git a/src/tcgbios.c b/src/tcgbios.c
> index 99005b9..25ae0c8 100644
> --- a/src/tcgbios.c
> +++ b/src/tcgbios.c
> @@ -156,9 +156,10 @@ static struct tpml_pcr_selection *tpm20_pcr_selection;
> struct tpm_log_entry {
> struct tpm_log_header hdr;
> u8 pad[sizeof(struct tpm2_digest_values)
> - + 5 * sizeof(struct tpm2_digest_value)
> + + 8 * sizeof(struct tpm2_digest_value)
> + SHA1_BUFSIZE + SHA256_BUFSIZE + SHA384_BUFSIZE
> - + SHA512_BUFSIZE + SM3_256_BUFSIZE];
> + + SHA512_BUFSIZE + SM3_256_BUFSIZE + SHA3_256_BUFSIZE
> + + SHA3_384_BUFSIZE + SHA3_512_BUFSIZE];
> } PACKED;
>
> static const struct hash_parameters {
> @@ -192,6 +193,21 @@ static const struct hash_parameters {
> .hashalg_flag = TPM2_ALG_SM3_256_FLAG,
> .hash_buffersize = SM3_256_BUFSIZE,
> .name = "SM3-256",
> + }, {
> + .hashalg = TPM2_ALG_SHA3_256,
> + .hashalg_flag = TPM2_ALG_SHA3_256_FLAG,
> + .hash_buffersize = SHA3_256_BUFSIZE,
> + .name = "SHA3-256",
> + }, {
> + .hashalg = TPM2_ALG_SHA3_384,
> + .hashalg_flag = TPM2_ALG_SHA3_384_FLAG,
> + .hash_buffersize = SHA3_384_BUFSIZE,
> + .name = "SHA3-384",
> + }, {
> + .hashalg = TPM2_ALG_SHA3_512,
> + .hashalg_flag = TPM2_ALG_SHA3_512_FLAG,
> + .hash_buffersize = SHA3_512_BUFSIZE,
> + .name = "SHA3-512",
> }
> };
>
> @@ -252,7 +268,7 @@ tpm20_write_EfiSpecIdEventStruct(void)
>
> struct {
> struct TCG_EfiSpecIdEventStruct hdr;
> - u8 pad[256];
> + u8 pad[sizeof(struct tpm_log_entry)];
This is missing a '+ sizeof(u8)' for the vendorInfoSize field. I'll post
v2 tomorrow. Also, I posted a similar series of patches on SLOF mailing
list as well.
Stefan
> } event = {
> .hdr.signature = "Spec ID Event03",
> .hdr.platformClass = TPM_TCPA_ACPI_CLASS_CLIENT,
_______________________________________________
SeaBIOS mailing list -- seabios@seabios.org
To unsubscribe send an email to seabios-leave@seabios.org
On Sun, Mar 29, 2020 at 07:21:41PM -0400, Stefan Berger wrote:
> On 3/27/20 11:27 PM, Stefan Berger wrote:
> > Add support for SHA3 type of algorithms that a TPM2 may support
> > some time in the future.
> >
> > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> > ---
> > src/std/tcg.h | 9 +++++++++
> > src/tcgbios.c | 22 +++++++++++++++++++---
> > 2 files changed, 28 insertions(+), 3 deletions(-)
> >
> > diff --git a/src/std/tcg.h b/src/std/tcg.h
> > index 1c9eeb4..98cca49 100644
> > --- a/src/std/tcg.h
> > +++ b/src/std/tcg.h
> > @@ -8,6 +8,9 @@
> > #define SHA384_BUFSIZE 48
> > #define SHA512_BUFSIZE 64
> > #define SM3_256_BUFSIZE 32
> > +#define SHA3_256_BUFSIZE 32
> > +#define SHA3_384_BUFSIZE 48
> > +#define SHA3_512_BUFSIZE 64
> > /****************************************************************
> > @@ -335,12 +338,18 @@ struct tpm_res_sha1complete {
> > #define TPM2_ALG_SHA384 0x000c
> > #define TPM2_ALG_SHA512 0x000d
> > #define TPM2_ALG_SM3_256 0x0012
> > +#define TPM2_ALG_SHA3_256 0x0027
> > +#define TPM2_ALG_SHA3_384 0x0028
> > +#define TPM2_ALG_SHA3_512 0x0029
> > #define TPM2_ALG_SHA1_FLAG (1 << 0)
> > #define TPM2_ALG_SHA256_FLAG (1 << 1)
> > #define TPM2_ALG_SHA384_FLAG (1 << 2)
> > #define TPM2_ALG_SHA512_FLAG (1 << 3)
> > #define TPM2_ALG_SM3_256_FLAG (1 << 4)
> > +#define TPM2_ALG_SHA3_256_FLAG (1 << 5)
> > +#define TPM2_ALG_SHA3_384_FLAG (1 << 6)
> > +#define TPM2_ALG_SHA3_512_FLAG (1 << 7)
> > /* TPM 2 command tags */
> > #define TPM2_ST_NO_SESSIONS 0x8001
> > diff --git a/src/tcgbios.c b/src/tcgbios.c
> > index 99005b9..25ae0c8 100644
> > --- a/src/tcgbios.c
> > +++ b/src/tcgbios.c
> > @@ -156,9 +156,10 @@ static struct tpml_pcr_selection *tpm20_pcr_selection;
> > struct tpm_log_entry {
> > struct tpm_log_header hdr;
> > u8 pad[sizeof(struct tpm2_digest_values)
> > - + 5 * sizeof(struct tpm2_digest_value)
> > + + 8 * sizeof(struct tpm2_digest_value)
> > + SHA1_BUFSIZE + SHA256_BUFSIZE + SHA384_BUFSIZE
> > - + SHA512_BUFSIZE + SM3_256_BUFSIZE];
> > + + SHA512_BUFSIZE + SM3_256_BUFSIZE + SHA3_256_BUFSIZE
> > + + SHA3_384_BUFSIZE + SHA3_512_BUFSIZE];
> > } PACKED;
> > static const struct hash_parameters {
> > @@ -192,6 +193,21 @@ static const struct hash_parameters {
> > .hashalg_flag = TPM2_ALG_SM3_256_FLAG,
> > .hash_buffersize = SM3_256_BUFSIZE,
> > .name = "SM3-256",
> > + }, {
> > + .hashalg = TPM2_ALG_SHA3_256,
> > + .hashalg_flag = TPM2_ALG_SHA3_256_FLAG,
> > + .hash_buffersize = SHA3_256_BUFSIZE,
> > + .name = "SHA3-256",
> > + }, {
> > + .hashalg = TPM2_ALG_SHA3_384,
> > + .hashalg_flag = TPM2_ALG_SHA3_384_FLAG,
> > + .hash_buffersize = SHA3_384_BUFSIZE,
> > + .name = "SHA3-384",
> > + }, {
> > + .hashalg = TPM2_ALG_SHA3_512,
> > + .hashalg_flag = TPM2_ALG_SHA3_512_FLAG,
> > + .hash_buffersize = SHA3_512_BUFSIZE,
> > + .name = "SHA3-512",
> > }
> > };
> > @@ -252,7 +268,7 @@ tpm20_write_EfiSpecIdEventStruct(void)
> > struct {
> > struct TCG_EfiSpecIdEventStruct hdr;
> > - u8 pad[256];
> > + u8 pad[sizeof(struct tpm_log_entry)];
>
>
> This is missing a '+ sizeof(u8)' for the vendorInfoSize field. I'll post v2
> tomorrow. Also, I posted a similar series of patches on SLOF mailing list
> as well.
Okay, thanks. FYI, the patch series looks fine to me.
-Kevin
_______________________________________________
SeaBIOS mailing list -- seabios@seabios.org
To unsubscribe send an email to seabios-leave@seabios.org
On Sat, Mar 28, 2020 at 5:26 AM Stefan Berger
<stefanb@linux.vnet.ibm.com> wrote:
>
> Add support for SHA3 type of algorithms that a TPM2 may support
> some time in the future.
>
> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Those were assigned in "TCG Algorithm Registry" 1.27, 09.26.2017
https://trustedcomputinggroup.org/resource/tcg-algorithm-registry/
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
> src/std/tcg.h | 9 +++++++++
> src/tcgbios.c | 22 +++++++++++++++++++---
> 2 files changed, 28 insertions(+), 3 deletions(-)
>
> diff --git a/src/std/tcg.h b/src/std/tcg.h
> index 1c9eeb4..98cca49 100644
> --- a/src/std/tcg.h
> +++ b/src/std/tcg.h
> @@ -8,6 +8,9 @@
> #define SHA384_BUFSIZE 48
> #define SHA512_BUFSIZE 64
> #define SM3_256_BUFSIZE 32
> +#define SHA3_256_BUFSIZE 32
> +#define SHA3_384_BUFSIZE 48
> +#define SHA3_512_BUFSIZE 64
>
>
> /****************************************************************
> @@ -335,12 +338,18 @@ struct tpm_res_sha1complete {
> #define TPM2_ALG_SHA384 0x000c
> #define TPM2_ALG_SHA512 0x000d
> #define TPM2_ALG_SM3_256 0x0012
> +#define TPM2_ALG_SHA3_256 0x0027
> +#define TPM2_ALG_SHA3_384 0x0028
> +#define TPM2_ALG_SHA3_512 0x0029
>
> #define TPM2_ALG_SHA1_FLAG (1 << 0)
> #define TPM2_ALG_SHA256_FLAG (1 << 1)
> #define TPM2_ALG_SHA384_FLAG (1 << 2)
> #define TPM2_ALG_SHA512_FLAG (1 << 3)
> #define TPM2_ALG_SM3_256_FLAG (1 << 4)
> +#define TPM2_ALG_SHA3_256_FLAG (1 << 5)
> +#define TPM2_ALG_SHA3_384_FLAG (1 << 6)
> +#define TPM2_ALG_SHA3_512_FLAG (1 << 7)
>
> /* TPM 2 command tags */
> #define TPM2_ST_NO_SESSIONS 0x8001
> diff --git a/src/tcgbios.c b/src/tcgbios.c
> index 99005b9..25ae0c8 100644
> --- a/src/tcgbios.c
> +++ b/src/tcgbios.c
> @@ -156,9 +156,10 @@ static struct tpml_pcr_selection *tpm20_pcr_selection;
> struct tpm_log_entry {
> struct tpm_log_header hdr;
> u8 pad[sizeof(struct tpm2_digest_values)
> - + 5 * sizeof(struct tpm2_digest_value)
> + + 8 * sizeof(struct tpm2_digest_value)
> + SHA1_BUFSIZE + SHA256_BUFSIZE + SHA384_BUFSIZE
> - + SHA512_BUFSIZE + SM3_256_BUFSIZE];
> + + SHA512_BUFSIZE + SM3_256_BUFSIZE + SHA3_256_BUFSIZE
> + + SHA3_384_BUFSIZE + SHA3_512_BUFSIZE];
> } PACKED;
>
> static const struct hash_parameters {
> @@ -192,6 +193,21 @@ static const struct hash_parameters {
> .hashalg_flag = TPM2_ALG_SM3_256_FLAG,
> .hash_buffersize = SM3_256_BUFSIZE,
> .name = "SM3-256",
> + }, {
> + .hashalg = TPM2_ALG_SHA3_256,
> + .hashalg_flag = TPM2_ALG_SHA3_256_FLAG,
> + .hash_buffersize = SHA3_256_BUFSIZE,
> + .name = "SHA3-256",
> + }, {
> + .hashalg = TPM2_ALG_SHA3_384,
> + .hashalg_flag = TPM2_ALG_SHA3_384_FLAG,
> + .hash_buffersize = SHA3_384_BUFSIZE,
> + .name = "SHA3-384",
> + }, {
> + .hashalg = TPM2_ALG_SHA3_512,
> + .hashalg_flag = TPM2_ALG_SHA3_512_FLAG,
> + .hash_buffersize = SHA3_512_BUFSIZE,
> + .name = "SHA3-512",
> }
> };
>
> @@ -252,7 +268,7 @@ tpm20_write_EfiSpecIdEventStruct(void)
>
> struct {
> struct TCG_EfiSpecIdEventStruct hdr;
> - u8 pad[256];
> + u8 pad[sizeof(struct tpm_log_entry)];
> } event = {
> .hdr.signature = "Spec ID Event03",
> .hdr.platformClass = TPM_TCPA_ACPI_CLASS_CLIENT,
> --
> 2.24.1
> _______________________________________________
> SeaBIOS mailing list -- seabios@seabios.org
> To unsubscribe send an email to seabios-leave@seabios.org
>
_______________________________________________
SeaBIOS mailing list -- seabios@seabios.org
To unsubscribe send an email to seabios-leave@seabios.org
© 2016 - 2026 Red Hat, Inc.