xref: /netbsd-src/crypto/external/cpl/trousers/dist/src/tspi/tsp_certify.c (revision fdd524d4ccd2bb0c6f67401e938dabf773eb0372) 
1 
2 /*
3  * Licensed Materials - Property of IBM
4  *
5  * trousers - An open source TCG Software Stack
6  *
7  * (C) Copyright International Business Machines Corp. 2007
8  *
9  */
10 
11 
12 #include <stdlib.h>
13 #include <string.h>
14 
15 #include "trousers/tss.h"
16 #include "trousers/trousers.h"
17 #include "trousers_types.h"
18 #include "spi_utils.h"
19 #include "capabilities.h"
20 #include "tsplog.h"
21 #include "obj.h"
22 
23 
24 #ifdef TSS_BUILD_TRANSPORT
25 TSS_RESULT
26 Transport_CertifyKey(TSS_HCONTEXT tspContext,	/* in */
27 		     TCS_KEY_HANDLE certHandle,	/* in */
28 		     TCS_KEY_HANDLE keyHandle,	/* in */
29 		     TPM_NONCE * antiReplay,	/* in */
30 		     TPM_AUTH * certAuth,	/* in, out */
31 		     TPM_AUTH * keyAuth,	/* in, out */
32 		     UINT32 * CertifyInfoSize,	/* out */
33 		     BYTE ** CertifyInfo,	/* out */
34 		     UINT32 * outDataSize,	/* out */
35 		     BYTE ** outData)		/* out */
36 {
37 	TSS_RESULT result;
38 	UINT32 handlesLen, decLen;
39 	TCS_HANDLE *handles, handle[2];
40 	BYTE *dec = NULL;
41 	TPM_DIGEST pubKeyHash1, pubKeyHash2;
42 	Trspi_HashCtx hashCtx;
43 	UINT64 offset;
44 	BYTE data[sizeof(TPM_NONCE)];
45 
46 
47 	if ((result = obj_context_transport_init(tspContext)))
48 		return result;
49 
50 	LogDebugFn("Executing in a transport session");
51 
52 	if ((result = obj_tcskey_get_pubkeyhash(certHandle, pubKeyHash1.digest)))
53 		return result;
54 
55 	if ((result = obj_tcskey_get_pubkeyhash(keyHandle, pubKeyHash2.digest)))
56 		return result;
57 
58 	result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
59 	result |= Trspi_Hash_DIGEST(&hashCtx, pubKeyHash1.digest);
60 	result |= Trspi_Hash_DIGEST(&hashCtx, pubKeyHash2.digest);
61 	if ((result |= Trspi_HashFinal(&hashCtx, pubKeyHash1.digest)))
62 		return result;
63 
64 	handlesLen = 2;
65 	handle[0] = certHandle;
66 	handle[1] = keyHandle;
67 	handles = &handle[0];
68 
69 	offset = 0;
70 	Trspi_LoadBlob_NONCE(&offset, data, antiReplay);
71 
72 	if ((result = obj_context_transport_execute(tspContext, TPM_ORD_CertifyKey, sizeof(data),
73 						    data, &pubKeyHash1, &handlesLen, &handles,
74 						    certAuth, keyAuth, &decLen, &dec)))
75 		return result;
76 
77 	offset = 0;
78 	Trspi_UnloadBlob_CERTIFY_INFO(&offset, dec, NULL);
79 	*CertifyInfoSize = offset;
80 
81 	if ((*CertifyInfo = malloc(*CertifyInfoSize)) == NULL) {
82 		free(dec);
83 		LogError("malloc of %u bytes failed", *CertifyInfoSize);
84 		*CertifyInfoSize = 0;
85 		return TSPERR(TSS_E_OUTOFMEMORY);
86 	}
87 
88 	offset = 0;
89 	Trspi_UnloadBlob(&offset, *CertifyInfoSize, dec, *CertifyInfo);
90 	Trspi_UnloadBlob_UINT32(&offset, outDataSize, dec);
91 
92 	if ((*outData = malloc(*outDataSize)) == NULL) {
93 		free(*CertifyInfo);
94 		*CertifyInfo = NULL;
95 		*CertifyInfoSize = 0;
96 		free(dec);
97 		LogError("malloc of %u bytes failed", *outDataSize);
98 		*outDataSize = 0;
99 		return TSPERR(TSS_E_OUTOFMEMORY);
100 	}
101 	Trspi_UnloadBlob(&offset, *outDataSize, dec, *outData);
102 
103 	free(dec);
104 
105 	return result;
106 }
107 #endif
108 
109