1
2 /*
3 * Licensed Materials - Property of IBM
4 *
5 * trousers - An open source TCG Software Stack
6 *
7 * (C) Copyright International Business Machines Corp. 2004-2006
8 *
9 */
10
11 #include <stdlib.h>
12 #include <stdio.h>
13 #include <string.h>
14 #include <assert.h>
15
16 #include "trousers/tss.h"
17 #include "trousers/trousers.h"
18 #include "trousers_types.h"
19 #include "spi_utils.h"
20 #include "capabilities.h"
21 #include "tsplog.h"
22 #include "hosttable.h"
23 #include "tcsd_wrap.h"
24 #include "obj.h"
25 #include "rpc_tcstp_tsp.h"
26
27
28 TSS_RESULT
common_Seal_TP(UINT32 sealOrdinal,struct host_table_entry * hte,TCS_KEY_HANDLE keyHandle,TCPA_ENCAUTH * encAuth,UINT32 pcrInfoSize,BYTE * PcrInfo,UINT32 inDataSize,BYTE * inData,TPM_AUTH * pubAuth,UINT32 * SealedDataSize,BYTE ** SealedData)29 common_Seal_TP(UINT32 sealOrdinal,
30 struct host_table_entry *hte,
31 TCS_KEY_HANDLE keyHandle, /* in */
32 TCPA_ENCAUTH *encAuth, /* in */
33 UINT32 pcrInfoSize, /* in */
34 BYTE * PcrInfo, /* in */
35 UINT32 inDataSize, /* in */
36 BYTE * inData, /* in */
37 TPM_AUTH * pubAuth, /* in, out */
38 UINT32 * SealedDataSize, /* out */
39 BYTE ** SealedData /* out */
40 ) {
41 TSS_RESULT result;
42 int i = 0;
43
44 initData(&hte->comm, 8);
45 hte->comm.hdr.u.ordinal = sealOrdinal;
46 LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
47
48 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &hte->tcsContext, 0, &hte->comm))
49 return TSPERR(TSS_E_INTERNAL_ERROR);
50 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &keyHandle, 0, &hte->comm))
51 return TSPERR(TSS_E_INTERNAL_ERROR);
52 if (setData(TCSD_PACKET_TYPE_ENCAUTH, i++, encAuth, 0, &hte->comm))
53 return TSPERR(TSS_E_INTERNAL_ERROR);
54 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcrInfoSize, 0, &hte->comm))
55 return TSPERR(TSS_E_INTERNAL_ERROR);
56 if (pcrInfoSize > 0) {
57 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, PcrInfo, pcrInfoSize, &hte->comm))
58 return TSPERR(TSS_E_INTERNAL_ERROR);
59 }
60 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &inDataSize, 0, &hte->comm))
61 return TSPERR(TSS_E_INTERNAL_ERROR);
62 if (inDataSize > 0) {
63 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, inData, inDataSize, &hte->comm))
64 return TSPERR(TSS_E_INTERNAL_ERROR);
65 }
66
67 if (setData(TCSD_PACKET_TYPE_AUTH, i, pubAuth, 0, &hte->comm))
68 return TSPERR(TSS_E_INTERNAL_ERROR);
69
70 result = sendTCSDPacket(hte);
71
72 if (result == TSS_SUCCESS)
73 result = hte->comm.hdr.u.result;
74
75 if (hte->comm.hdr.u.result == TSS_SUCCESS) {
76 if (getData(TCSD_PACKET_TYPE_AUTH, 0, pubAuth, 0, &hte->comm)) {
77 result = TSPERR(TSS_E_INTERNAL_ERROR);
78 goto done;
79 }
80
81 if (getData(TCSD_PACKET_TYPE_UINT32, 1, SealedDataSize, 0, &hte->comm)) {
82 result = TSPERR(TSS_E_INTERNAL_ERROR);
83 goto done;
84 }
85
86 *SealedData = (BYTE *) malloc(*SealedDataSize);
87 if (*SealedData == NULL) {
88 LogError("malloc of %u bytes failed.", *SealedDataSize);
89 result = TSPERR(TSS_E_OUTOFMEMORY);
90 goto done;
91 }
92 if (getData(TCSD_PACKET_TYPE_PBYTE, 2, *SealedData, *SealedDataSize, &hte->comm)) {
93 free(*SealedData);
94 result = TSPERR(TSS_E_INTERNAL_ERROR);
95 }
96 }
97
98 done:
99 return result;
100 }
101
102 TSS_RESULT
RPC_Seal_TP(struct host_table_entry * hte,TCS_KEY_HANDLE keyHandle,TCPA_ENCAUTH * encAuth,UINT32 pcrInfoSize,BYTE * PcrInfo,UINT32 inDataSize,BYTE * inData,TPM_AUTH * pubAuth,UINT32 * SealedDataSize,BYTE ** SealedData)103 RPC_Seal_TP(struct host_table_entry *hte,
104 TCS_KEY_HANDLE keyHandle, /* in */
105 TCPA_ENCAUTH *encAuth, /* in */
106 UINT32 pcrInfoSize, /* in */
107 BYTE * PcrInfo, /* in */
108 UINT32 inDataSize, /* in */
109 BYTE * inData, /* in */
110 TPM_AUTH * pubAuth, /* in, out */
111 UINT32 * SealedDataSize, /* out */
112 BYTE ** SealedData /* out */
113 ) {
114 return common_Seal_TP(TCSD_ORD_SEAL, hte, keyHandle, encAuth, pcrInfoSize, PcrInfo,
115 inDataSize, inData, pubAuth, SealedDataSize, SealedData);
116 }
117
118 #ifdef TSS_BUILD_SEALX
119 TSS_RESULT
RPC_Sealx_TP(struct host_table_entry * hte,TCS_KEY_HANDLE keyHandle,TCPA_ENCAUTH * encAuth,UINT32 pcrInfoSize,BYTE * PcrInfo,UINT32 inDataSize,BYTE * inData,TPM_AUTH * pubAuth,UINT32 * SealedDataSize,BYTE ** SealedData)120 RPC_Sealx_TP(struct host_table_entry *hte,
121 TCS_KEY_HANDLE keyHandle, /* in */
122 TCPA_ENCAUTH *encAuth, /* in */
123 UINT32 pcrInfoSize, /* in */
124 BYTE * PcrInfo, /* in */
125 UINT32 inDataSize, /* in */
126 BYTE * inData, /* in */
127 TPM_AUTH * pubAuth, /* in, out */
128 UINT32 * SealedDataSize, /* out */
129 BYTE ** SealedData /* out */
130 ) {
131 return common_Seal_TP(TCSD_ORD_SEALX, hte, keyHandle, encAuth, pcrInfoSize, PcrInfo,
132 inDataSize, inData, pubAuth, SealedDataSize, SealedData);
133 }
134 #endif
135
136 TSS_RESULT
RPC_Unseal_TP(struct host_table_entry * hte,TCS_KEY_HANDLE parentHandle,UINT32 SealedDataSize,BYTE * SealedData,TPM_AUTH * parentAuth,TPM_AUTH * dataAuth,UINT32 * DataSize,BYTE ** Data)137 RPC_Unseal_TP(struct host_table_entry *hte,
138 TCS_KEY_HANDLE parentHandle, /* in */
139 UINT32 SealedDataSize, /* in */
140 BYTE * SealedData, /* in */
141 TPM_AUTH * parentAuth, /* in, out */
142 TPM_AUTH * dataAuth, /* in, out */
143 UINT32 * DataSize, /* out */
144 BYTE ** Data /* out */
145 ) {
146 TSS_RESULT result;
147
148 initData(&hte->comm, 6);
149 hte->comm.hdr.u.ordinal = TCSD_ORD_UNSEAL;
150 LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
151
152 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
153 return TSPERR(TSS_E_INTERNAL_ERROR);
154 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &hte->comm))
155 return TSPERR(TSS_E_INTERNAL_ERROR);
156 if (setData(TCSD_PACKET_TYPE_UINT32, 2, &SealedDataSize, 0, &hte->comm))
157 return TSPERR(TSS_E_INTERNAL_ERROR);
158 if (setData(TCSD_PACKET_TYPE_PBYTE, 3, SealedData, SealedDataSize, &hte->comm))
159 return TSPERR(TSS_E_INTERNAL_ERROR);
160
161 if (parentAuth != NULL) {
162 if (setData(TCSD_PACKET_TYPE_AUTH, 4, parentAuth, 0, &hte->comm))
163 return TSPERR(TSS_E_INTERNAL_ERROR);
164 }
165
166 if (setData(TCSD_PACKET_TYPE_AUTH, 5, dataAuth, 0, &hte->comm))
167 return TSPERR(TSS_E_INTERNAL_ERROR);
168
169 result = sendTCSDPacket(hte);
170
171 if (result == TSS_SUCCESS)
172 result = hte->comm.hdr.u.result;
173
174 if (result == TSS_SUCCESS) {
175 if (parentAuth != NULL) {
176 if (getData(TCSD_PACKET_TYPE_AUTH, 0, parentAuth, 0, &hte->comm)) {
177 result = TSPERR(TSS_E_INTERNAL_ERROR);
178 goto done;
179 }
180 }
181
182 if (getData(TCSD_PACKET_TYPE_AUTH, 1, dataAuth, 0, &hte->comm)) {
183 result = TSPERR(TSS_E_INTERNAL_ERROR);
184 goto done;
185 }
186
187 if (getData(TCSD_PACKET_TYPE_UINT32, 2, DataSize, 0, &hte->comm)) {
188 result = TSPERR(TSS_E_INTERNAL_ERROR);
189 goto done;
190 }
191
192 *Data = (BYTE *) malloc(*DataSize);
193 if (*Data == NULL) {
194 LogError("malloc of %u bytes failed.", *DataSize);
195 result = TSPERR(TSS_E_OUTOFMEMORY);
196 goto done;
197 }
198 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, *Data, *DataSize, &hte->comm)) {
199 free(*Data);
200 result = TSPERR(TSS_E_INTERNAL_ERROR);
201 }
202 }
203
204 done:
205 return result;
206 }
207