diff options
author | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-06-05 20:39:41 +0200 |
---|---|---|
committer | Andreas Steffen <andreas.steffen@strongswan.org> | 2016-06-22 15:33:44 +0200 |
commit | 30d4989aec57ff5e53d6cb63d02eb65ccb6043bf (patch) | |
tree | d2b8dbd7cfcdf295925bd0650951d61a0adf71a5 /src/libtpmtss/tpm_tss.h | |
parent | 8301dc859caa9f542a491f3ee17763bac3ff44ae (diff) | |
download | strongswan-30d4989aec57ff5e53d6cb63d02eb65ccb6043bf.tar.bz2 strongswan-30d4989aec57ff5e53d6cb63d02eb65ccb6043bf.tar.xz |
libimcv: migrate pts to tpm_tss
Diffstat (limited to 'src/libtpmtss/tpm_tss.h')
-rw-r--r-- | src/libtpmtss/tpm_tss.h | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/src/libtpmtss/tpm_tss.h b/src/libtpmtss/tpm_tss.h index ad630e3a0..82cb4c60f 100644 --- a/src/libtpmtss/tpm_tss.h +++ b/src/libtpmtss/tpm_tss.h @@ -24,6 +24,7 @@ #include <library.h> typedef enum tpm_version_t tpm_version_t; +typedef enum tpm_quote_mode_t tpm_quote_mode_t; typedef struct tpm_tss_t tpm_tss_t; /** @@ -36,6 +37,15 @@ enum tpm_version_t { }; /** + * TPM Quote Modes + */ +enum tpm_quote_mode_t { + TPM_QUOTE, + TPM_QUOTE2, + TPM_QUOTE2_VERSION_INFO +}; + +/** * TPM access via TSS public interface */ struct tpm_tss_t { @@ -75,6 +85,45 @@ struct tpm_tss_t { chunk_t (*get_public)(tpm_tss_t *this, uint32_t handle); /** + * Retrieve the current value of a PCR register in a given PCR bank + * + * @param pcr_num PCR number + * @param pcr_value PCR value returned + * @param alg hash algorithm, selects PCR bank (TPM 2.0 only) + * @return TRUE if PCR value retrieval succeeded + */ + bool (*read_pcr)(tpm_tss_t *this, uint32_t pcr_num, chunk_t *pcr_value, + hash_algorithm_t alg); + + /** + * Extend a PCR register in a given PCR bank with a hash value + * + * @param pcr_num PCR number + * @param pcr_value extended PCR value returned + * @param hash data to be extended into the PCR + * @param alg hash algorithm, selects PCR bank (TPM 2.0 only) + * @return TRUE if PCR extension succeeded + */ + bool (*extend_pcr)(tpm_tss_t *this, uint32_t pcr_num, chunk_t *pcr_value, + chunk_t data, hash_algorithm_t alg); + + /** + * Do a quote signature over a selection of PCR registers + * + * @param aik_handle object handle of AIK to be used for quote signature + * @param pcr_sel selection of PCR registers + * @param alg hash algorithm to be used for quote signature + * @param data additional data to be hashed into the quote + * @param mode define current and legacy TPM quote modes + * @param pcr_comp returns hash of PCR composite + * @param sig returns quote signature + * @return TRUE if quote signature succeeded + */ + bool (*quote)(tpm_tss_t *this, uint32_t aik_handle, uint32_t pcr_sel, + hash_algorithm_t alg, chunk_t data, tpm_quote_mode_t mode, + chunk_t *pcr_comp, chunk_t *quote_sig); + + /** * Destroy a tpm_tss_t. */ void (*destroy)(tpm_tss_t *this); |