xref: /netbsd-src/crypto/external/cpl/trousers/dist/src/tcs/tcsi_certify.c (revision 7e30e94394d0994ab9534f68a8f91665045c91ce)
1 
2 /*
3  * Licensed Materials - Property of IBM
4  *
5  * trousers - An open source TCG Software Stack
6  *
7  * (C) Copyright International Business Machines Corp. 2004
8  *
9  */
10 
11 
12 #include <stdlib.h>
13 #include <stdio.h>
14 #include <string.h>
15 #include <inttypes.h>
16 
17 #include "trousers/tss.h"
18 #include "trousers_types.h"
19 #include "tcs_tsp.h"
20 #include "tcsps.h"
21 #include "tcs_utils.h"
22 #include "tcs_int_literals.h"
23 #include "capabilities.h"
24 #include "tcslog.h"
25 #include "req_mgr.h"
26 #include "tcsd_wrap.h"
27 #include "tcsd.h"
28 
29 
30 TSS_RESULT
31 TCSP_CertifyKey_Internal(TCS_CONTEXT_HANDLE hContext,	/* in */
32 			 TCS_KEY_HANDLE certHandle,	/* in */
33 			 TCS_KEY_HANDLE keyHandle,	/* in */
34 			 TCPA_NONCE antiReplay,	/* in */
35 			 TPM_AUTH * certAuth,	/* in, out */
36 			 TPM_AUTH * keyAuth,	/* in, out */
37 			 UINT32 * CertifyInfoSize,	/* out */
38 			 BYTE ** CertifyInfo,	/* out */
39 			 UINT32 * outDataSize,	/* out */
40 			 BYTE ** outData)	/* out */
41 {
42 	UINT64 offset = 0;
43 	UINT32 paramSize;
44 	TSS_RESULT result;
45 	TCPA_KEY_HANDLE certKeySlot, keySlot;
46 	BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
47 
48 	LogDebug("Entering Certify Key");
49 	if ((result = ctx_verify_context(hContext)))
50 		goto done;
51 
52 	if (certAuth != NULL) {
53 		LogDebug("Auth Used for Cert signing key");
54 		if ((result = auth_mgr_check(hContext, &certAuth->AuthHandle)))
55 			goto done;
56 	} else {
57 		LogDebug("No Auth used for Cert signing key");
58 	}
59 
60 	if (keyAuth != NULL) {
61 		LogDebug("Auth Used for Key being signed");
62 		if ((result = auth_mgr_check(hContext, &keyAuth->AuthHandle)))
63 			goto done;
64 	} else {
65 		LogDebug("No Auth used for Key being signed");
66 	}
67 
68 	if ((result = ensureKeyIsLoaded(hContext, certHandle, &certKeySlot)))
69 		goto done;
70 
71 	if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
72 		goto done;
73 
74 	if ((result = tpm_rqu_build(TPM_ORD_CertifyKey, &offset, txBlob, certKeySlot, keySlot,
75 				    antiReplay.nonce, certAuth, keyAuth)))
76 		goto done;
77 
78 	if ((result = req_mgr_submit_req(txBlob)))
79 		goto done;
80 
81 	result = UnloadBlob_Header(txBlob, &paramSize);
82 	if (!result) {
83 		result = tpm_rsp_parse(TPM_ORD_CertifyKey, txBlob, paramSize, CertifyInfoSize,
84 				       CertifyInfo, outDataSize, outData, certAuth, keyAuth);
85 	}
86 	LogResult("Certify Key", result);
87 done:
88 	auth_mgr_release_auth(certAuth, keyAuth, hContext);
89 	return result;
90 }
91