/*

 * COPYRIGHT (c) International Business Machines Corp. 2005-2017

 *

 * This program is provided under the terms of the Common Public License,

 * version 1.0 (CPL-1.0). Any use, reproduction or distribution for this

 * software constitutes recipient's acceptance of CPL-1.0 terms which can be

 * found in the file LICENSE file or at

 * https://opensource.org/licenses/cpl1.0.php

 */

#ifndef _TPM_SPECIFIC_H_

#define _TPM_SPECIFIC_H_

#include <openssl/rsa.h>

/* TSS key type helper */

#define TPMTOK_TSS_KEY_TYPE_MASK    0x000000F0

#define TPMTOK_TSS_KEY_TYPE(x)      (x & TPMTOK_TSS_KEY_TYPE_MASK)

#define TPMTOK_TSS_KEY_MIG_TYPE(x)  (x & TSS_KEY_MIGRATABLE)

#define TPMTOK_TSS_MAX_ERROR        0x00000FFF

#define TPMTOK_TSS_ERROR_CODE(x)    (x & TPMTOK_TSS_MAX_ERROR)

/* key types in the TPM token */

#define TPMTOK_PRIVATE_ROOT_KEY     1

#define TPMTOK_PRIVATE_LEAF_KEY     2

#define TPMTOK_PUBLIC_ROOT_KEY      3

#define TPMTOK_PUBLIC_LEAF_KEY      4

/* key identifiers for the PKCS#11 objects */

#define TPMTOK_PRIVATE_ROOT_KEY_ID  "PRIVATE ROOT KEY"

#define TPMTOK_PRIVATE_LEAF_KEY_ID  "PRIVATE LEAF KEY"

#define TPMTOK_PUBLIC_ROOT_KEY_ID   "PUBLIC ROOT KEY"

#define TPMTOK_PUBLIC_LEAF_KEY_ID   "PUBLIC LEAF KEY"

#define TPMTOK_PRIVATE_ROOT_KEY_ID_SIZE strlen(TPMTOK_PRIVATE_ROOT_KEY_ID)

#define TPMTOK_PRIVATE_LEAF_KEY_ID_SIZE strlen(TPMTOK_PRIVATE_LEAF_KEY_ID)

#define TPMTOK_PUBLIC_ROOT_KEY_ID_SIZE  strlen(TPMTOK_PUBLIC_ROOT_KEY_ID)

#define TPMTOK_PUBLIC_LEAF_KEY_ID_SIZE  strlen(TPMTOK_PUBLIC_LEAF_KEY_ID)

#define TPMTOK_PUB_ROOT_KEY_FILE    "PUBLIC_ROOT_KEY.pem"

#define TPMTOK_PRIV_ROOT_KEY_FILE   "PRIVATE_ROOT_KEY.pem"

/* TPM token specific return codes */

#define CKR_KEY_NOT_FOUND   CKR_VENDOR_DEFINED + 0x0f000000

#define CKR_FILE_NOT_FOUND  CKR_VENDOR_DEFINED + 0x0f000001

#define TPMTOK_MASTERKEY_PRIVATE "MK_PRIVATE"

#ifdef DEBUG

#define DEBUG_openssl_print_errors()    openssl_print_errors()

#else

#define DEBUG_openssl_print_errors()

#endif

/* retry count for generating software RSA keys */

#define KEYGEN_RETRY    5

RSA *openssl_gen_key(STDLL_TokData_t *);

int openssl_write_key(STDLL_TokData_t *, RSA *, char *, CK_BYTE *);

CK_RV openssl_read_key(STDLL_TokData_t *, char *, CK_BYTE *, RSA **);

int openssl_get_modulus_and_prime(RSA *, unsigned int *, unsigned char *,

                                  unsigned int *, unsigned char *);

int util_set_file_mode(char *, mode_t);

CK_BYTE *util_create_id(int);

CK_RV util_set_username(char **);

unsigned int util_get_keysize_flag(CK_ULONG);

CK_ULONG util_check_public_exponent(TEMPLATE *);

#define NULL_HKEY       0

#define NULL_HENCDATA   0

#define NULL_HPOLICY    0

#define NULL_HCONTEXT   0

#define NULL_HPCRS      0

/* CKA_ENC_AUTHDATA will be used to store the encrypted SHA-1 hashes of auth

 * data passed in for TPM keys. The authdata will be encrypted using either the

 * public leaf key or the private leaf key */

#define CKA_ENC_AUTHDATA        CKA_VENDOR_DEFINED + 0x01000001

#define MK_SIZE (AES_KEY_SIZE_256)

struct srk_info {

    char *secret;

    int mode;

    int len;

};

int get_srk_info(struct srk_info *srk);

#endif