1
2 /*
3 * Licensed Materials - Property of IBM
4 *
5 * trousers - An open source TCG Software Stack
6 *
7 * (C) Copyright International Business Machines Corp. 2004-2007
8 *
9 */
10
11 #include <stdlib.h>
12 #include <stdio.h>
13 #include <string.h>
14 #include <assert.h>
15
16 #include "trousers/tss.h"
17 #include "trousers/trousers.h"
18 #include "trousers_types.h"
19 #include "spi_utils.h"
20 #include "capabilities.h"
21 #include "tsplog.h"
22 #include "hosttable.h"
23 #include "tcsd_wrap.h"
24 #include "obj.h"
25 #include "rpc_tcstp_tsp.h"
26
27
28 TSS_RESULT
RPC_MakeIdentity_TP(struct host_table_entry * hte,TCPA_ENCAUTH identityAuth,TCPA_CHOSENID_HASH IDLabel_PrivCAHash,UINT32 idKeyInfoSize,BYTE * idKeyInfo,TPM_AUTH * pSrkAuth,TPM_AUTH * pOwnerAuth,UINT32 * idKeySize,BYTE ** idKey,UINT32 * pcIdentityBindingSize,BYTE ** prgbIdentityBinding,UINT32 * pcEndorsementCredentialSize,BYTE ** prgbEndorsementCredential,UINT32 * pcPlatformCredentialSize,BYTE ** prgbPlatformCredential,UINT32 * pcConformanceCredentialSize,BYTE ** prgbConformanceCredential)29 RPC_MakeIdentity_TP(struct host_table_entry *hte,
30 TCPA_ENCAUTH identityAuth, /* in */
31 TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
32 UINT32 idKeyInfoSize, /* in */
33 BYTE * idKeyInfo, /* in */
34 TPM_AUTH * pSrkAuth, /* in, out */
35 TPM_AUTH * pOwnerAuth, /* in, out */
36 UINT32 * idKeySize, /* out */
37 BYTE ** idKey, /* out */
38 UINT32 * pcIdentityBindingSize, /* out */
39 BYTE ** prgbIdentityBinding, /* out */
40 UINT32 * pcEndorsementCredentialSize, /* out */
41 BYTE ** prgbEndorsementCredential, /* out */
42 UINT32 * pcPlatformCredentialSize, /* out */
43 BYTE ** prgbPlatformCredential, /* out */
44 UINT32 * pcConformanceCredentialSize, /* out */
45 BYTE ** prgbConformanceCredential) /* out */
46 {
47 TSS_RESULT result;
48 int i;
49
50 initData(&hte->comm, 7);
51 hte->comm.hdr.u.ordinal = TCSD_ORD_MAKEIDENTITY;
52 LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
53
54 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
55 return TSPERR(TSS_E_INTERNAL_ERROR);
56 if (setData(TCSD_PACKET_TYPE_ENCAUTH, 1, &identityAuth, 0, &hte->comm))
57 return TSPERR(TSS_E_INTERNAL_ERROR);
58 if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &IDLabel_PrivCAHash, 0, &hte->comm))
59 return TSPERR(TSS_E_INTERNAL_ERROR);
60 if (setData(TCSD_PACKET_TYPE_UINT32, 3, &idKeyInfoSize, 0, &hte->comm))
61 return TSPERR(TSS_E_INTERNAL_ERROR);
62 if (setData(TCSD_PACKET_TYPE_PBYTE, 4, idKeyInfo, idKeyInfoSize, &hte->comm))
63 return TSPERR(TSS_E_INTERNAL_ERROR);
64 i = 5;
65 if (pSrkAuth) {
66 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pSrkAuth, 0, &hte->comm))
67 return TSPERR(TSS_E_INTERNAL_ERROR);
68 }
69 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &hte->comm))
70 return TSPERR(TSS_E_INTERNAL_ERROR);
71
72 result = sendTCSDPacket(hte);
73
74 if (result == TSS_SUCCESS)
75 result = hte->comm.hdr.u.result;
76
77 i = 0;
78 if (result == TSS_SUCCESS) {
79 i = 0;
80 if (pSrkAuth) {
81 if (getData(TCSD_PACKET_TYPE_AUTH, i++, pSrkAuth, 0, &hte->comm)) {
82 result = TSPERR(TSS_E_INTERNAL_ERROR);
83 goto done;
84 }
85 }
86 if (getData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &hte->comm)) {
87 result = TSPERR(TSS_E_INTERNAL_ERROR);
88 goto done;
89 }
90 if (getData(TCSD_PACKET_TYPE_UINT32, i++, idKeySize, 0, &hte->comm)) {
91 result = TSPERR(TSS_E_INTERNAL_ERROR);
92 goto done;
93 }
94
95 *idKey = (BYTE *) malloc(*idKeySize);
96 if (*idKey == NULL) {
97 LogError("malloc of %u bytes failed.", *idKeySize);
98 result = TSPERR(TSS_E_OUTOFMEMORY);
99 goto done;
100 }
101 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *idKey, *idKeySize, &hte->comm)) {
102 free(*idKey);
103 result = TSPERR(TSS_E_INTERNAL_ERROR);
104 goto done;
105 }
106 if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcIdentityBindingSize, 0, &hte->comm)) {
107 free(*idKey);
108 result = TSPERR(TSS_E_INTERNAL_ERROR);
109 goto done;
110 }
111
112 *prgbIdentityBinding = (BYTE *) malloc(*pcIdentityBindingSize);
113 if (*prgbIdentityBinding == NULL) {
114 LogError("malloc of %u bytes failed.", *pcIdentityBindingSize);
115 free(*idKey);
116 result = TSPERR(TSS_E_OUTOFMEMORY);
117 goto done;
118 }
119 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbIdentityBinding, *pcIdentityBindingSize, &hte->comm)) {
120 free(*idKey);
121 free(*prgbIdentityBinding);
122 result = TSPERR(TSS_E_INTERNAL_ERROR);
123 goto done;
124 }
125 if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcEndorsementCredentialSize, 0, &hte->comm)) {
126 free(*idKey);
127 free(*prgbIdentityBinding);
128 result = TSPERR(TSS_E_INTERNAL_ERROR);
129 goto done;
130 }
131
132 *prgbEndorsementCredential = (BYTE *) malloc(*pcEndorsementCredentialSize);
133 if (*prgbEndorsementCredential == NULL) {
134 LogError("malloc of %u bytes failed.", *pcEndorsementCredentialSize);
135 free(*idKey);
136 free(*prgbIdentityBinding);
137 *prgbIdentityBinding = NULL;
138 result = TSPERR(TSS_E_OUTOFMEMORY);
139 goto done;
140 }
141 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbEndorsementCredential, *pcEndorsementCredentialSize, &hte->comm)) {
142 free(*idKey);
143 free(*prgbIdentityBinding);
144 *prgbIdentityBinding = NULL;
145 free(*prgbEndorsementCredential);
146 *prgbEndorsementCredential = NULL;
147 result = TSPERR(TSS_E_INTERNAL_ERROR);
148 goto done;
149 }
150 if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcPlatformCredentialSize, 0, &hte->comm)) {
151 free(*idKey);
152 free(*prgbIdentityBinding);
153 *prgbIdentityBinding = NULL;
154 free(*prgbEndorsementCredential);
155 *prgbEndorsementCredential = NULL;
156 result = TSPERR(TSS_E_INTERNAL_ERROR);
157 goto done;
158 }
159
160 *prgbPlatformCredential = (BYTE *) malloc(*pcPlatformCredentialSize);
161 if (*prgbPlatformCredential == NULL) {
162 LogError("malloc of %u bytes failed.", *pcPlatformCredentialSize);
163 free(*idKey);
164 free(*prgbIdentityBinding);
165 *prgbIdentityBinding = NULL;
166 free(*prgbEndorsementCredential);
167 *prgbEndorsementCredential = NULL;
168 result = TSPERR(TSS_E_OUTOFMEMORY);
169 goto done;
170 }
171 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbPlatformCredential, *pcPlatformCredentialSize, &hte->comm)) {
172 free(*idKey);
173 free(*prgbIdentityBinding);
174 *prgbIdentityBinding = NULL;
175 free(*prgbEndorsementCredential);
176 *prgbEndorsementCredential = NULL;
177 free(*prgbPlatformCredential);
178 *prgbPlatformCredential = NULL;
179 result = TSPERR(TSS_E_INTERNAL_ERROR);
180 goto done;
181 }
182 if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcConformanceCredentialSize, 0, &hte->comm)) {
183 free(*idKey);
184 free(*prgbIdentityBinding);
185 *prgbIdentityBinding = NULL;
186 free(*prgbEndorsementCredential);
187 *prgbEndorsementCredential = NULL;
188 free(*prgbPlatformCredential);
189 *prgbPlatformCredential = NULL;
190 result = TSPERR(TSS_E_INTERNAL_ERROR);
191 goto done;
192 }
193
194 *prgbConformanceCredential = (BYTE *) malloc(*pcConformanceCredentialSize);
195 if (*prgbConformanceCredential == NULL) {
196 LogError("malloc of %u bytes failed.", *pcConformanceCredentialSize);
197 free(*idKey);
198 free(*prgbIdentityBinding);
199 *prgbIdentityBinding = NULL;
200 free(*prgbEndorsementCredential);
201 *prgbEndorsementCredential = NULL;
202 free(*prgbPlatformCredential);
203 *prgbPlatformCredential = NULL;
204 result = TSPERR(TSS_E_OUTOFMEMORY);
205 goto done;
206 }
207 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbConformanceCredential, *pcConformanceCredentialSize, &hte->comm)) {
208 free(*idKey);
209 free(*prgbIdentityBinding);
210 *prgbIdentityBinding = NULL;
211 free(*prgbEndorsementCredential);
212 *prgbEndorsementCredential = NULL;
213 free(*prgbPlatformCredential);
214 *prgbPlatformCredential = NULL;
215 free(*prgbConformanceCredential);
216 *prgbConformanceCredential = NULL;
217 result = TSPERR(TSS_E_INTERNAL_ERROR);
218 }
219 }
220
221 done:
222 return result;
223 }
224
225 TSS_RESULT
RPC_GetCredential_TP(struct host_table_entry * hte,UINT32 ulCredentialType,UINT32 ulCredentialAccessMode,UINT32 * pulCredentialSize,BYTE ** prgbCredentialData)226 RPC_GetCredential_TP(struct host_table_entry *hte,
227 UINT32 ulCredentialType, /* in */
228 UINT32 ulCredentialAccessMode, /* in */
229 UINT32 * pulCredentialSize, /* out */
230 BYTE ** prgbCredentialData) /* out */
231 {
232 TSS_RESULT result;
233
234 initData(&hte->comm, 3);
235 hte->comm.hdr.u.ordinal = TCSD_ORD_GETCREDENTIAL;
236 LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
237
238 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
239 return TSPERR(TSS_E_INTERNAL_ERROR);
240 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &ulCredentialType, 0, &hte->comm))
241 return TSPERR(TSS_E_INTERNAL_ERROR);
242 if (setData(TCSD_PACKET_TYPE_UINT32, 2, &ulCredentialAccessMode, 0, &hte->comm))
243 return TSPERR(TSS_E_INTERNAL_ERROR);
244
245 result = sendTCSDPacket(hte);
246
247 if (result == TSS_SUCCESS)
248 result = hte->comm.hdr.u.result;
249
250 if (result == TSS_SUCCESS) {
251 if (getData(TCSD_PACKET_TYPE_UINT32, 0, pulCredentialSize, 0, &hte->comm)) {
252 return TSPERR(TSS_E_INTERNAL_ERROR);
253 }
254
255 *prgbCredentialData = (BYTE *) malloc(*pulCredentialSize);
256 if (*prgbCredentialData == NULL) {
257 LogError("malloc of %u bytes failed.", *pulCredentialSize);
258 return TSPERR(TSS_E_OUTOFMEMORY);
259 }
260
261 if (getData(TCSD_PACKET_TYPE_PBYTE, 1, *prgbCredentialData,
262 *pulCredentialSize, &hte->comm)) {
263 free(*prgbCredentialData);
264 result = TSPERR(TSS_E_INTERNAL_ERROR);
265 }
266 }
267 return result;
268 }
269
270 TSS_RESULT
RPC_ActivateTPMIdentity_TP(struct host_table_entry * hte,TCS_KEY_HANDLE idKey,UINT32 blobSize,BYTE * blob,TPM_AUTH * idKeyAuth,TPM_AUTH * ownerAuth,UINT32 * SymmetricKeySize,BYTE ** SymmetricKey)271 RPC_ActivateTPMIdentity_TP(struct host_table_entry *hte,
272 TCS_KEY_HANDLE idKey, /* in */
273 UINT32 blobSize, /* in */
274 BYTE * blob, /* in */
275 TPM_AUTH * idKeyAuth, /* in, out */
276 TPM_AUTH * ownerAuth, /* in, out */
277 UINT32 * SymmetricKeySize, /* out */
278 BYTE ** SymmetricKey) /* out */
279 {
280 TSS_RESULT result;
281 int i = 0;
282
283 initData(&hte->comm, 6);
284 hte->comm.hdr.u.ordinal = TCSD_ORD_ACTIVATETPMIDENTITY;
285 LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
286
287 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &hte->tcsContext, 0, &hte->comm))
288 return TSPERR(TSS_E_INTERNAL_ERROR);
289 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &idKey, 0, &hte->comm))
290 return TSPERR(TSS_E_INTERNAL_ERROR);
291 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &blobSize, 0, &hte->comm))
292 return TSPERR(TSS_E_INTERNAL_ERROR);
293 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, blob, blobSize, &hte->comm))
294 return TSPERR(TSS_E_INTERNAL_ERROR);
295
296 if (idKeyAuth) {
297 if (setData(TCSD_PACKET_TYPE_AUTH, i++, idKeyAuth, 0, &hte->comm))
298 return TSPERR(TSS_E_INTERNAL_ERROR);
299 }
300 if (setData(TCSD_PACKET_TYPE_AUTH, i++, ownerAuth, 0, &hte->comm))
301 return TSPERR(TSS_E_INTERNAL_ERROR);
302
303 result = sendTCSDPacket(hte);
304
305 if (result == TSS_SUCCESS)
306 result = hte->comm.hdr.u.result;
307
308 if (result == TSS_SUCCESS) {
309 i = 0;
310 if (idKeyAuth) {
311 if (getData(TCSD_PACKET_TYPE_AUTH, i++, idKeyAuth, 0, &hte->comm))
312 result = TSPERR(TSS_E_INTERNAL_ERROR);
313 }
314 if (getData(TCSD_PACKET_TYPE_AUTH, i++, ownerAuth, 0, &hte->comm)) {
315 result = TSPERR(TSS_E_INTERNAL_ERROR);
316 goto done;
317 }
318 if (getData(TCSD_PACKET_TYPE_UINT32, i++, SymmetricKeySize, 0, &hte->comm)) {
319 result = TSPERR(TSS_E_INTERNAL_ERROR);
320 goto done;
321 }
322
323 *SymmetricKey = malloc(*SymmetricKeySize);
324 if (*SymmetricKey == NULL) {
325 LogError("malloc of %u bytes failed.", *SymmetricKeySize);
326 result = TSPERR(TSS_E_OUTOFMEMORY);
327 goto done;
328 }
329 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *SymmetricKey, *SymmetricKeySize, &hte->comm)) {
330 free(*SymmetricKey);
331 result = TSPERR(TSS_E_INTERNAL_ERROR);
332 }
333 }
334 done:
335 return result;
336 }
337