sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
2ccefa32a65164da2ec74e8a1e81f90257967c7f
system76-edk2/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c
Michael Kubacki c411b485b6 SecurityPkg: Apply uncrustify changes 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the SecurityPkg package

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2021-12-07 17:24:28 +00:00

216 lines
7.1 KiB
C
Raw Blame History

/** @file
Implement TPM2 DictionaryAttack related command.
Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <IndustryStandard/UefiTcgPlatform.h>
#include <Library/Tpm2CommandLib.h>
#include <Library/Tpm2DeviceLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#pragma pack(1)
typedef struct {
TPM2_COMMAND_HEADER Header;
TPMI_RH_LOCKOUT LockHandle;
UINT32 AuthSessionSize;
TPMS_AUTH_COMMAND AuthSession;
} TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND;
typedef struct {
TPM2_RESPONSE_HEADER Header;
UINT32 AuthSessionSize;
TPMS_AUTH_RESPONSE AuthSession;
} TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE;
typedef struct {
TPM2_COMMAND_HEADER Header;
TPMI_RH_LOCKOUT LockHandle;
UINT32 AuthSessionSize;
TPMS_AUTH_COMMAND AuthSession;
UINT32 NewMaxTries;
UINT32 NewRecoveryTime;
UINT32 LockoutRecovery;
} TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND;
typedef struct {
TPM2_RESPONSE_HEADER Header;
UINT32 AuthSessionSize;
TPMS_AUTH_RESPONSE AuthSession;
} TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE;
#pragma pack()
/**
This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
If this command is properly authorized, the lockout counter is set to zero.
@param[in] LockHandle TPM_RH_LOCKOUT
@param[in] AuthSession Auth Session context
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2DictionaryAttackLockReset (
IN TPMI_RH_LOCKOUT LockHandle,
IN TPMS_AUTH_COMMAND *AuthSession
)
{
EFI_STATUS Status;
TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND SendBuffer;
TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE RecvBuffer;
UINT32 SendBufferSize;
UINT32 RecvBufferSize;
UINT8 *Buffer;
UINT32 SessionInfoSize;
//
// Construct command
//
SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_DictionaryAttackLockReset);
SendBuffer.LockHandle = SwapBytes32 (LockHandle);
//
// Add in Auth session
//
Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackLockReset - RecvBufferSize Error - %x\n", RecvBufferSize));
Status = EFI_DEVICE_ERROR;
goto Done;
}
if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
Done:
//
// Clear AuthSession Content
//
ZeroMem (&SendBuffer, sizeof (SendBuffer));
ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
/**
This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
If this command is properly authorized, the lockout counter is set to zero.
@param[in] LockHandle TPM_RH_LOCKOUT
@param[in] AuthSession Auth Session context
@param[in] NewMaxTries Count of authorization failures before the lockout is imposed
@param[in] NewRecoveryTime Time in seconds before the authorization failure count is automatically decremented
@param[in] LockoutRecovery Time in seconds after a lockoutAuth failure before use of lockoutAuth is allowed
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2DictionaryAttackParameters (
IN TPMI_RH_LOCKOUT LockHandle,
IN TPMS_AUTH_COMMAND *AuthSession,
IN UINT32 NewMaxTries,
IN UINT32 NewRecoveryTime,
IN UINT32 LockoutRecovery
)
{
EFI_STATUS Status;
TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND SendBuffer;
TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE RecvBuffer;
UINT32 SendBufferSize;
UINT32 RecvBufferSize;
UINT8 *Buffer;
UINT32 SessionInfoSize;
//
// Construct command
//
SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_DictionaryAttackParameters);
SendBuffer.LockHandle = SwapBytes32 (LockHandle);
//
// Add in Auth session
//
Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
Buffer += SessionInfoSize;
SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
//
// Real data
//
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (NewMaxTries));
Buffer += sizeof (UINT32);
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (NewRecoveryTime));
Buffer += sizeof (UINT32);
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (LockoutRecovery));
Buffer += sizeof (UINT32);
SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackParameters - RecvBufferSize Error - %x\n", RecvBufferSize));
Status = EFI_DEVICE_ERROR;
goto Done;
}
if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
Done:
//
// Clear AuthSession Content
//
ZeroMem (&SendBufferSize, sizeof (SendBufferSize));
ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
Reference in New Issue View Git Blame Copy Permalink