tpm_lite: Implement TakeOwnership support

Add the ability to take TPM ownership. This requires two new commands:
TPM_OIAP to start an auth session and TPM_TakeOwnership to establish
ownership. TPM_TakeOwnership requires an auth session and proper
command authentication to work, which is also added.

BRANCH=None
BUG=chromium:788719
TEST=new unit tests

Change-Id: Ib70144eedb0b1c7c43b26c06529d33ccbaa51a0e
Reviewed-on: https://chromium-review.googlesource.com/790414
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Trybot-Ready: ChromeOS CL Exonerator Bot <chromiumos-cl-exonerator@appspot.gserviceaccount.com>
Trybot-Ready: Mattias Nissler <mnissler@chromium.org>

2 files changed, 19 insertions, 1 deletions

diff --git a/firmware/include/tlcl.h b/firmware/include/tlcl.h
index 685925f4..acb65309 100644
--- a/firmware/include/tlcl.h
+++ b/firmware/include/tlcl.h
@@ -240,6 +240,15 @@ uint32_t TlclReadPubek(uint32_t* public_exponent,
                        uint8_t* modulus,
                        uint32_t* modulus_size);
 
+/**
+ * Takes ownership of the TPM. [enc_owner_auth] and [enc_srk_auth] are the owner
+ * and SRK authorization secrets encrypted under the endorsement key. The clear
+ * text [owner_auth] needs to be passed as well for command auth.
+ */
+uint32_t TlclTakeOwnership(uint8_t enc_owner_auth[TPM_RSA_2048_LEN],
+                           uint8_t enc_srk_auth[TPM_RSA_2048_LEN],
+                           uint8_t owner_auth[TPM_AUTH_DATA_LEN]);
+
 #endif  /* TPM2_MODE */
 #endif  /* CHROMEOS_ENVIRONMENT */
 
diff --git a/firmware/include/tpm1_tss_constants.h b/firmware/include/tpm1_tss_constants.h
index f915fb53..625b9aea 100644
--- a/firmware/include/tpm1_tss_constants.h
+++ b/firmware/include/tpm1_tss_constants.h
@@ -25,6 +25,7 @@
 
 #define TPM_TAG_NV_ATTRIBUTES          ((uint16_t) 0x0017)
 #define TPM_TAG_NV_DATA_PUBLIC         ((uint16_t) 0x0018)
+#define TPM_TAG_KEY12                  ((uint16_t) 0x0028)
 
 #define TPM_TAG_RQU_COMMAND       ((uint16_t) 0xc1)
 #define TPM_TAG_RQU_AUTH1_COMMAND ((uint16_t) 0xc2)
@@ -55,12 +56,18 @@ typedef uint32_t TPM_CAPABILITY_AREA;
 #define TPM_CAP_NV_INDEX        ((uint32_t) 0x00000011)
 #define TPM_CAP_GET_VERSION_VAL ((uint32_t) 0x0000001a)
 
+#define TPM_AUTH_ALWAYS  ((uint8_t) 0x01)
+
+#define TPM_KEY_USAGE_STORAGE ((uint16_t) 0x0011)
+
 #define TPM_ALG_RSA ((uint16_t)0x0001)
 
 #define TPM_ES_RSAESOAEP_SHA1_MGF1 ((uint16_t)0x0003)
 
 #define TPM_SS_NONE ((uint16_t)0x0001)
 
+#define TPM_PID_OWNER ((uint16_t) 0x0005)
+
 #define TPM_ST_CLEAR       ((uint16_t) 0x0001)
 #define TPM_ST_STATE       ((uint16_t) 0x0002)
 #define TPM_ST_DEACTIVATED ((uint16_t) 0x0003)
@@ -187,12 +194,14 @@ typedef struct tdTPM_IFX_FIELDUPGRADEINFO
 
 #define TPM_ORD_ContinueSelfTest  ((uint32_t) 0x00000053)
 #define TPM_ORD_Extend            ((uint32_t) 0x00000014)
+#define TPM_ORD_FieldUpgrade      ((uint32_t) 0x000000AA)
 #define TPM_ORD_ForceClear        ((uint32_t) 0x0000005D)
 #define TPM_ORD_GetCapability     ((uint32_t) 0x00000065)
 #define TPM_ORD_GetRandom                         ((uint32_t) 0x00000046)
 #define TPM_ORD_NV_DefineSpace    ((uint32_t) 0x000000CC)
 #define TPM_ORD_NV_ReadValue      ((uint32_t) 0x000000CF)
 #define TPM_ORD_NV_WriteValue     ((uint32_t) 0x000000CD)
+#define TPM_ORD_OIAP              ((uint32_t) 0x0000000A)
 #define TPM_ORD_PcrRead           ((uint32_t) 0x00000015)
 #define TPM_ORD_PhysicalEnable    ((uint32_t) 0x0000006F)
 #define TPM_ORD_PhysicalDisable   ((uint32_t) 0x00000070)
@@ -202,6 +211,6 @@ typedef struct tdTPM_IFX_FIELDUPGRADEINFO
 #define TPM_ORD_SaveState         ((uint32_t) 0x00000098)
 #define TPM_ORD_SelfTestFull      ((uint32_t) 0x00000050)
 #define TPM_ORD_Startup           ((uint32_t) 0x00000099)
-#define TPM_ORD_FieldUpgrade      ((uint32_t) 0x000000AA)
+#define TPM_ORD_TakeOwnership     ((uint32_t) 0x0000000D)
 
 #endif  /* ! __VBOOT_REFERENCE_FIRMWARE_INCLUDE_TPM1_TSS_CONSTANTS_H */