xref: /netbsd-src/crypto/external/cpl/trousers/dist/src/tspi/rpc/tcstp/rpc_ek.c (revision 2d5f7628c5531eb583b9313ac2fd1cf8582b4479) 
1 
2 /*
3  * Licensed Materials - Property of IBM
4  *
5  * trousers - An open source TCG Software Stack
6  *
7  * (C) Copyright International Business Machines Corp. 2004-2007
8  *
9  */
10 
11 #include <stdlib.h>
12 #include <stdio.h>
13 #include <string.h>
14 #include <assert.h>
15 
16 #include "trousers/tss.h"
17 #include "trousers/trousers.h"
18 #include "trousers_types.h"
19 #include "spi_utils.h"
20 #include "capabilities.h"
21 #include "tsplog.h"
22 #include "hosttable.h"
23 #include "tcsd_wrap.h"
24 #include "obj.h"
25 #include "rpc_tcstp_tsp.h"
26 
27 
28 TSS_RESULT
RPC_CreateEndorsementKeyPair_TP(struct host_table_entry * hte,TCPA_NONCE antiReplay,UINT32 endorsementKeyInfoSize,BYTE * endorsementKeyInfo,UINT32 * endorsementKeySize,BYTE ** endorsementKey,TCPA_DIGEST * checksum)29 RPC_CreateEndorsementKeyPair_TP(struct host_table_entry *hte,
30 					     TCPA_NONCE antiReplay,	/* in */
31 					     UINT32 endorsementKeyInfoSize,	/* in */
32 					     BYTE * endorsementKeyInfo,	/* in */
33 					     UINT32 * endorsementKeySize,	/* out */
34 					     BYTE ** endorsementKey,	/* out */
35 					     TCPA_DIGEST * checksum	/* out */
36     ) {
37 
38 	TSS_RESULT result;
39 
40 	initData(&hte->comm, 4);
41 	hte->comm.hdr.u.ordinal = TCSD_ORD_CREATEENDORSEMENTKEYPAIR;
42 	LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
43 
44 	if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
45 		return TSPERR(TSS_E_INTERNAL_ERROR);
46 	if (setData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &hte->comm))
47 		return TSPERR(TSS_E_INTERNAL_ERROR);
48 	if (setData(TCSD_PACKET_TYPE_UINT32, 2, &endorsementKeyInfoSize, 0, &hte->comm))
49 		return TSPERR(TSS_E_INTERNAL_ERROR);
50 	if (setData(TCSD_PACKET_TYPE_PBYTE, 3, endorsementKeyInfo, endorsementKeyInfoSize, &hte->comm))
51 		return TSPERR(TSS_E_INTERNAL_ERROR);
52 
53 	result = sendTCSDPacket(hte);
54 
55 	if (result == TSS_SUCCESS)
56 		result = hte->comm.hdr.u.result;
57 
58 	if (result == TSS_SUCCESS) {
59 		if (getData(TCSD_PACKET_TYPE_UINT32, 0, endorsementKeySize, 0, &hte->comm)) {
60 			result = TSPERR(TSS_E_INTERNAL_ERROR);
61 			goto done;
62 		}
63 
64 		*endorsementKey = (BYTE *) malloc(*endorsementKeySize);
65 		if (*endorsementKey == NULL) {
66 			LogError("malloc of %u bytes failed.", *endorsementKeySize);
67 			result = TSPERR(TSS_E_OUTOFMEMORY);
68 			goto done;
69 		}
70 		if (getData(TCSD_PACKET_TYPE_PBYTE, 1, *endorsementKey, *endorsementKeySize, &hte->comm)) {
71 			free(*endorsementKey);
72 			result = TSPERR(TSS_E_INTERNAL_ERROR);
73 			goto done;
74 		}
75 		if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &(checksum->digest), 0, &hte->comm)) {
76 			free(*endorsementKey);
77 			result = TSPERR(TSS_E_INTERNAL_ERROR);
78 		}
79 	}
80 
81 done:
82 	return result;
83 }
84 
85 TSS_RESULT
RPC_ReadPubek_TP(struct host_table_entry * hte,TCPA_NONCE antiReplay,UINT32 * pubEndorsementKeySize,BYTE ** pubEndorsementKey,TCPA_DIGEST * checksum)86 RPC_ReadPubek_TP(struct host_table_entry *hte,
87 			      TCPA_NONCE antiReplay,	/* in */
88 			      UINT32 * pubEndorsementKeySize,	/* out */
89 			      BYTE ** pubEndorsementKey,	/* out */
90 			      TCPA_DIGEST * checksum	/* out */
91     ) {
92 	TSS_RESULT result;
93 
94 	initData(&hte->comm, 2);
95 	hte->comm.hdr.u.ordinal = TCSD_ORD_READPUBEK;
96 	LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
97 	/*      &hte->comm.numParms = 2; */
98 
99 	if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
100 		return TSPERR(TSS_E_INTERNAL_ERROR);
101 	if (setData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &hte->comm))
102 		return TSPERR(TSS_E_INTERNAL_ERROR);
103 
104 	result = sendTCSDPacket(hte);
105 
106 	if (result == TSS_SUCCESS)
107 		result = hte->comm.hdr.u.result;
108 
109 	if (result == TSS_SUCCESS) {
110 		if (getData(TCSD_PACKET_TYPE_UINT32, 0, pubEndorsementKeySize, 0, &hte->comm)) {
111 			result = TSPERR(TSS_E_INTERNAL_ERROR);
112 			goto done;
113 		}
114 
115 		*pubEndorsementKey = (BYTE *) malloc(*pubEndorsementKeySize);
116 		if (*pubEndorsementKey == NULL) {
117 			LogError("malloc of %u bytes failed.", *pubEndorsementKeySize);
118 			result = TSPERR(TSS_E_OUTOFMEMORY);
119 			goto done;
120 		}
121 		if (getData(TCSD_PACKET_TYPE_PBYTE, 1, *pubEndorsementKey, *pubEndorsementKeySize, &hte->comm)) {
122 			free(*pubEndorsementKey);
123 			result = TSPERR(TSS_E_INTERNAL_ERROR);
124 			goto done;
125 		}
126 		if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &(checksum->digest), 0, &hte->comm)) {
127 			free(*pubEndorsementKey);
128 			result = TSPERR(TSS_E_INTERNAL_ERROR);
129 		}
130 	}
131 done:
132 	return result;
133 }
134 
135 TSS_RESULT
RPC_DisablePubekRead_TP(struct host_table_entry * hte,TPM_AUTH * ownerAuth)136 RPC_DisablePubekRead_TP(struct host_table_entry *hte,
137 				     TPM_AUTH * ownerAuth	/* in, out */
138     ) {
139 	TSS_RESULT result;
140 
141 	initData(&hte->comm, 2);
142 	hte->comm.hdr.u.ordinal = TCSD_ORD_DISABLEPUBEKREAD;
143 	LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
144 
145         if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
146                 return TSPERR(TSS_E_INTERNAL_ERROR);
147 
148 	if (setData(TCSD_PACKET_TYPE_AUTH, 1, ownerAuth, 0, &hte->comm))
149 		return TSPERR(TSS_E_INTERNAL_ERROR);
150 
151         result = sendTCSDPacket(hte);
152 
153         if (result == TSS_SUCCESS)
154                 result = hte->comm.hdr.u.result;
155 
156 	if (result == TSS_SUCCESS) {
157 		if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm))
158 			result = TSPERR(TSS_E_INTERNAL_ERROR);
159 	}
160 
161 	return result;
162 }
163 
164 TSS_RESULT
RPC_OwnerReadPubek_TP(struct host_table_entry * hte,TPM_AUTH * ownerAuth,UINT32 * pubEndorsementKeySize,BYTE ** pubEndorsementKey)165 RPC_OwnerReadPubek_TP(struct host_table_entry *hte,
166 				   TPM_AUTH * ownerAuth,	/* in, out */
167 				   UINT32 * pubEndorsementKeySize,	/* out */
168 				   BYTE ** pubEndorsementKey	/* out */
169     ) {
170 
171         TSS_RESULT result;
172 
173 	initData(&hte->comm, 2);
174         hte->comm.hdr.u.ordinal = TCSD_ORD_OWNERREADPUBEK;
175 	LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
176 
177         if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
178                 return TSPERR(TSS_E_INTERNAL_ERROR);
179         if (setData(TCSD_PACKET_TYPE_AUTH, 1, ownerAuth, 0, &hte->comm))
180                 return TSPERR(TSS_E_INTERNAL_ERROR);
181 
182         result = sendTCSDPacket(hte);
183 
184         if (result == TSS_SUCCESS)
185                 result = hte->comm.hdr.u.result;
186 
187         if (result == TSS_SUCCESS) {
188                 if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm)){
189 			free(*pubEndorsementKey);
190                         result = TSPERR(TSS_E_INTERNAL_ERROR);
191 		}
192 
193                 if (getData(TCSD_PACKET_TYPE_UINT32, 1, pubEndorsementKeySize, 0, &hte->comm)) {
194                         result = TSPERR(TSS_E_INTERNAL_ERROR);
195                         goto done;
196                 }
197 
198                 *pubEndorsementKey = (BYTE *) malloc(*pubEndorsementKeySize);
199                 if (*pubEndorsementKey == NULL) {
200                         LogError("malloc of %u bytes failed.", *pubEndorsementKeySize);
201                         result = TSPERR(TSS_E_OUTOFMEMORY);
202                         goto done;
203                 }
204 
205                 if (getData(TCSD_PACKET_TYPE_PBYTE, 2, *pubEndorsementKey, *pubEndorsementKeySize, &hte->comm)) {
206                         free(*pubEndorsementKey);
207                         result = TSPERR(TSS_E_INTERNAL_ERROR);
208 			goto done;
209                 }
210         }
211 
212 done:
213 	return result;
214 }
215 
216 #ifdef TSS_BUILD_TSS12
217 TSS_RESULT
RPC_CreateRevocableEndorsementKeyPair_TP(struct host_table_entry * hte,TPM_NONCE antiReplay,UINT32 endorsementKeyInfoSize,BYTE * endorsementKeyInfo,TSS_BOOL genResetAuth,TPM_DIGEST * eKResetAuth,UINT32 * endorsementKeySize,BYTE ** endorsementKey,TPM_DIGEST * checksum)218 RPC_CreateRevocableEndorsementKeyPair_TP(struct host_table_entry *hte,
219 					 TPM_NONCE antiReplay,		/* in */
220 					 UINT32 endorsementKeyInfoSize,/* in */
221 					 BYTE * endorsementKeyInfo,	/* in */
222 					 TSS_BOOL genResetAuth,	/* in */
223 					 TPM_DIGEST * eKResetAuth,	/* in, out */
224 					 UINT32 * endorsementKeySize,	/* out */
225 					 BYTE ** endorsementKey,	/* out */
226 					 TPM_DIGEST * checksum)	/* out */
227 {
228 	TSS_RESULT result;
229 
230 	initData(&hte->comm, 6);
231 	hte->comm.hdr.u.ordinal = TCSD_ORD_CREATEREVOCABLEENDORSEMENTKEYPAIR;
232 	LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
233 
234 	if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
235 		return TSPERR(TSS_E_INTERNAL_ERROR);
236 	if (setData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &hte->comm))
237 		return TSPERR(TSS_E_INTERNAL_ERROR);
238 	if (setData(TCSD_PACKET_TYPE_UINT32, 2, &endorsementKeyInfoSize, 0, &hte->comm))
239 		return TSPERR(TSS_E_INTERNAL_ERROR);
240 	if (setData(TCSD_PACKET_TYPE_PBYTE, 3, endorsementKeyInfo, endorsementKeyInfoSize, &hte->comm))
241 		return TSPERR(TSS_E_INTERNAL_ERROR);
242 	if (setData(TCSD_PACKET_TYPE_BOOL, 4, &genResetAuth, 0, &hte->comm))
243 		return TSPERR(TSS_E_INTERNAL_ERROR);
244 	if (setData(TCSD_PACKET_TYPE_DIGEST, 5, eKResetAuth, 0, &hte->comm))
245 		return TSPERR(TSS_E_INTERNAL_ERROR);
246 
247 	result = sendTCSDPacket(hte);
248 
249 	if (result == TSS_SUCCESS)
250 		result = hte->comm.hdr.u.result;
251 
252 	if (result == TSS_SUCCESS) {
253 		if (getData(TCSD_PACKET_TYPE_DIGEST, 0, &(eKResetAuth->digest), 0, &hte->comm)) {
254 			result = TSPERR(TSS_E_INTERNAL_ERROR);
255 			goto done;
256 		}
257 		if (getData(TCSD_PACKET_TYPE_UINT32, 1, endorsementKeySize, 0, &hte->comm)) {
258 			result = TSPERR(TSS_E_INTERNAL_ERROR);
259 			goto done;
260 		}
261 		*endorsementKey = (BYTE *) malloc(*endorsementKeySize);
262 		if (*endorsementKey == NULL) {
263 			LogError("malloc of %u bytes failed.", *endorsementKeySize);
264 			result = TSPERR(TSS_E_OUTOFMEMORY);
265 			goto done;
266 		}
267 		if (getData(TCSD_PACKET_TYPE_PBYTE, 2, *endorsementKey, *endorsementKeySize, &hte->comm)) {
268 			free(*endorsementKey);
269 			result = TSPERR(TSS_E_INTERNAL_ERROR);
270 			goto done;
271 		}
272 		if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &(checksum->digest), 0, &hte->comm)) {
273 			free(*endorsementKey);
274 			result = TSPERR(TSS_E_INTERNAL_ERROR);
275 		}
276 	}
277 
278 done:
279 	return result;
280 }
281 
282 TSS_RESULT
RPC_RevokeEndorsementKeyPair_TP(struct host_table_entry * hte,TPM_DIGEST * EKResetAuth)283 RPC_RevokeEndorsementKeyPair_TP(struct host_table_entry *hte,
284 				TPM_DIGEST *EKResetAuth)	/* in */
285 {
286 	TSS_RESULT result;
287 
288 	initData(&hte->comm, 2);
289 	hte->comm.hdr.u.ordinal = TCSD_ORD_REVOKEENDORSEMENTKEYPAIR;
290 	LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
291 
292 	if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
293 		return TSPERR(TSS_E_INTERNAL_ERROR);
294 	if (setData(TCSD_PACKET_TYPE_DIGEST, 1, EKResetAuth, 0, &hte->comm))
295 		return TSPERR(TSS_E_INTERNAL_ERROR);
296 
297 	result = sendTCSDPacket(hte);
298 
299 	if (result == TSS_SUCCESS)
300 		result = hte->comm.hdr.u.result;
301 
302 	return result;
303 }
304 #endif
305