|
Packit |
8681c6 |
/*
|
|
Packit |
8681c6 |
* COPYRIGHT (c) International Business Machines Corp. 2005-2017
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* This program is provided under the terms of the Common Public License,
|
|
Packit |
8681c6 |
* version 1.0 (CPL-1.0). Any use, reproduction or distribution for this
|
|
Packit |
8681c6 |
* software constitutes recipient's acceptance of CPL-1.0 terms which can be
|
|
Packit |
8681c6 |
* found in the file LICENSE file or at
|
|
Packit |
8681c6 |
* https://opensource.org/licenses/cpl1.0.php
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#ifndef _TPM_SPECIFIC_H_
|
|
Packit |
8681c6 |
#define _TPM_SPECIFIC_H_
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#include <openssl/rsa.h>
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* TSS key type helper */
|
|
Packit |
8681c6 |
#define TPMTOK_TSS_KEY_TYPE_MASK 0x000000F0
|
|
Packit |
8681c6 |
#define TPMTOK_TSS_KEY_TYPE(x) (x & TPMTOK_TSS_KEY_TYPE_MASK)
|
|
Packit |
8681c6 |
#define TPMTOK_TSS_KEY_MIG_TYPE(x) (x & TSS_KEY_MIGRATABLE)
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#define TPMTOK_TSS_MAX_ERROR 0x00000FFF
|
|
Packit |
8681c6 |
#define TPMTOK_TSS_ERROR_CODE(x) (x & TPMTOK_TSS_MAX_ERROR)
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* key types in the TPM token */
|
|
Packit |
8681c6 |
#define TPMTOK_PRIVATE_ROOT_KEY 1
|
|
Packit |
8681c6 |
#define TPMTOK_PRIVATE_LEAF_KEY 2
|
|
Packit |
8681c6 |
#define TPMTOK_PUBLIC_ROOT_KEY 3
|
|
Packit |
8681c6 |
#define TPMTOK_PUBLIC_LEAF_KEY 4
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* key identifiers for the PKCS#11 objects */
|
|
Packit |
8681c6 |
#define TPMTOK_PRIVATE_ROOT_KEY_ID "PRIVATE ROOT KEY"
|
|
Packit |
8681c6 |
#define TPMTOK_PRIVATE_LEAF_KEY_ID "PRIVATE LEAF KEY"
|
|
Packit |
8681c6 |
#define TPMTOK_PUBLIC_ROOT_KEY_ID "PUBLIC ROOT KEY"
|
|
Packit |
8681c6 |
#define TPMTOK_PUBLIC_LEAF_KEY_ID "PUBLIC LEAF KEY"
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#define TPMTOK_PRIVATE_ROOT_KEY_ID_SIZE strlen(TPMTOK_PRIVATE_ROOT_KEY_ID)
|
|
Packit |
8681c6 |
#define TPMTOK_PRIVATE_LEAF_KEY_ID_SIZE strlen(TPMTOK_PRIVATE_LEAF_KEY_ID)
|
|
Packit |
8681c6 |
#define TPMTOK_PUBLIC_ROOT_KEY_ID_SIZE strlen(TPMTOK_PUBLIC_ROOT_KEY_ID)
|
|
Packit |
8681c6 |
#define TPMTOK_PUBLIC_LEAF_KEY_ID_SIZE strlen(TPMTOK_PUBLIC_LEAF_KEY_ID)
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#define TPMTOK_PUB_ROOT_KEY_FILE "PUBLIC_ROOT_KEY.pem"
|
|
Packit |
8681c6 |
#define TPMTOK_PRIV_ROOT_KEY_FILE "PRIVATE_ROOT_KEY.pem"
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* TPM token specific return codes */
|
|
Packit |
8681c6 |
#define CKR_KEY_NOT_FOUND CKR_VENDOR_DEFINED + 0x0f000000
|
|
Packit |
8681c6 |
#define CKR_FILE_NOT_FOUND CKR_VENDOR_DEFINED + 0x0f000001
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#define TPMTOK_MASTERKEY_PRIVATE "MK_PRIVATE"
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#ifdef DEBUG
|
|
Packit |
8681c6 |
#define DEBUG_openssl_print_errors() openssl_print_errors()
|
|
Packit |
8681c6 |
#else
|
|
Packit |
8681c6 |
#define DEBUG_openssl_print_errors()
|
|
Packit |
8681c6 |
#endif
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* retry count for generating software RSA keys */
|
|
Packit |
8681c6 |
#define KEYGEN_RETRY 5
|
|
Packit |
8681c6 |
|
|
Packit Service |
8aa27d |
RSA *openssl_gen_key(STDLL_TokData_t *);
|
|
Packit |
8681c6 |
int openssl_write_key(STDLL_TokData_t *, RSA *, char *, CK_BYTE *);
|
|
Packit |
8681c6 |
CK_RV openssl_read_key(STDLL_TokData_t *, char *, CK_BYTE *, RSA **);
|
|
Packit |
8681c6 |
int openssl_get_modulus_and_prime(RSA *, unsigned int *, unsigned char *,
|
|
Packit |
8681c6 |
unsigned int *, unsigned char *);
|
|
Packit |
8681c6 |
int util_set_file_mode(char *, mode_t);
|
|
Packit |
8681c6 |
CK_BYTE *util_create_id(int);
|
|
Packit |
8681c6 |
CK_RV util_set_username(char **);
|
|
Packit |
8681c6 |
unsigned int util_get_keysize_flag(CK_ULONG);
|
|
Packit |
8681c6 |
CK_ULONG util_check_public_exponent(TEMPLATE *);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#define NULL_HKEY 0
|
|
Packit |
8681c6 |
#define NULL_HENCDATA 0
|
|
Packit |
8681c6 |
#define NULL_HPOLICY 0
|
|
Packit |
8681c6 |
#define NULL_HCONTEXT 0
|
|
Packit |
8681c6 |
#define NULL_HPCRS 0
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* CKA_ENC_AUTHDATA will be used to store the encrypted SHA-1 hashes of auth
|
|
Packit |
8681c6 |
* data passed in for TPM keys. The authdata will be encrypted using either the
|
|
Packit |
8681c6 |
* public leaf key or the private leaf key */
|
|
Packit |
8681c6 |
#define CKA_ENC_AUTHDATA CKA_VENDOR_DEFINED + 0x01000001
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#define MK_SIZE (AES_KEY_SIZE_256)
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
struct srk_info {
|
|
Packit |
8681c6 |
char *secret;
|
|
Packit |
8681c6 |
int mode;
|
|
Packit |
8681c6 |
int len;
|
|
Packit |
8681c6 |
};
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
int get_srk_info(struct srk_info *srk);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#endif
|