1 2 /* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2007 8 * 9 */ 10 11 12 #include <stdlib.h> 13 #include <stdio.h> 14 #include <string.h> 15 16 #include "trousers/tss.h" 17 #include "trousers/trousers.h" 18 #include "trousers_types.h" 19 #include "trousers_types.h" 20 #include "spi_utils.h" 21 #include "capabilities.h" 22 #include "tsplog.h" 23 #include "tcs_tsp.h" 24 #include "tspps.h" 25 #include "hosttable.h" 26 #include "tcsd_wrap.h" 27 #include "tcsd.h" 28 #include "obj.h" 29 30 31 TSS_RESULT 32 Tspi_Context_Create(TSS_HCONTEXT * phContext) /* out */ 33 { 34 if (phContext == NULL) 35 return TSPERR(TSS_E_BAD_PARAMETER); 36 37 return obj_context_add(phContext); 38 } 39 40 TSS_RESULT 41 Tspi_Context_Close(TSS_HCONTEXT tspContext) /* in */ 42 { 43 if (!obj_is_context(tspContext)) 44 return TSPERR(TSS_E_INVALID_HANDLE); 45 46 obj_context_close(tspContext); 47 48 /* Have the TCS do its thing */ 49 RPC_CloseContext(tspContext); 50 51 /* Note: Memory that was returned to the app that was alloc'd by this 52 * context isn't free'd here. Any memory that the app doesn't explicitly 53 * free is left for it to free itself. */ 54 55 /* Destroy all objects */ 56 obj_close_context(tspContext); 57 58 Tspi_Context_FreeMemory(tspContext, NULL); 59 60 /* close the ps file */ 61 PS_close(); 62 63 /* We're not a connected context, so just exit */ 64 return TSS_SUCCESS; 65 } 66 67 TSS_RESULT 68 Tspi_Context_Connect(TSS_HCONTEXT tspContext, /* in */ 69 TSS_UNICODE *wszDestination) /* in */ 70 { 71 TSS_RESULT result; 72 BYTE *machine_name = NULL; 73 TSS_HOBJECT hTpm; 74 UINT32 string_len = 0; 75 76 77 if (wszDestination == NULL) { 78 if ((result = obj_context_get_machine_name(tspContext, 79 &string_len, 80 &machine_name))) 81 return result; 82 83 if ((result = RPC_OpenContext(tspContext, machine_name, 84 CONNECTION_TYPE_TCP_PERSISTANT))) 85 return result; 86 } else { 87 if ((machine_name = 88 Trspi_UNICODE_To_Native((BYTE *)wszDestination, NULL)) == NULL) { 89 LogError("Error converting hostname to UTF-8"); 90 return TSPERR(TSS_E_INTERNAL_ERROR); 91 } 92 93 if ((result = RPC_OpenContext(tspContext, machine_name, 94 CONNECTION_TYPE_TCP_PERSISTANT))) 95 return result; 96 97 if ((result = obj_context_set_machine_name(tspContext, machine_name, 98 strlen((char *)machine_name)+1))) 99 return result; 100 } 101 102 if ((obj_tpm_add(tspContext, &hTpm))) 103 return TSPERR(TSS_E_INTERNAL_ERROR); 104 105 return TSS_SUCCESS; 106 } 107 108 TSS_RESULT 109 Tspi_Context_FreeMemory(TSS_HCONTEXT tspContext, /* in */ 110 BYTE * rgbMemory) /* in */ 111 { 112 if (!obj_is_context(tspContext)) 113 return TSPERR(TSS_E_INVALID_HANDLE); 114 115 return free_tspi(tspContext, rgbMemory); 116 } 117 118 TSS_RESULT 119 Tspi_Context_GetDefaultPolicy(TSS_HCONTEXT tspContext, /* in */ 120 TSS_HPOLICY * phPolicy) /* out */ 121 { 122 if (phPolicy == NULL ) 123 return TSPERR(TSS_E_BAD_PARAMETER); 124 125 if (!obj_is_context(tspContext)) 126 return TSPERR(TSS_E_INVALID_HANDLE); 127 128 return obj_context_get_policy(tspContext, TSS_POLICY_USAGE, phPolicy); 129 } 130 131 TSS_RESULT 132 Tspi_Context_CreateObject(TSS_HCONTEXT tspContext, /* in */ 133 TSS_FLAG objectType, /* in */ 134 TSS_FLAG initFlags, /* in */ 135 TSS_HOBJECT * phObject) /* out */ 136 { 137 TSS_RESULT result; 138 139 if (phObject == NULL) 140 return TSPERR(TSS_E_BAD_PARAMETER); 141 142 if (!obj_is_context(tspContext)) 143 return TSPERR(TSS_E_INVALID_HANDLE); 144 145 switch (objectType) { 146 case TSS_OBJECT_TYPE_POLICY: 147 switch (initFlags) { 148 #ifdef TSS_BUILD_TSS12 149 case TSS_POLICY_OPERATOR: 150 /* fall through */ 151 #endif 152 case TSS_POLICY_MIGRATION: 153 /* fall through */ 154 case TSS_POLICY_USAGE: 155 break; 156 default: 157 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 158 } 159 160 result = obj_policy_add(tspContext, initFlags, phObject); 161 break; 162 #ifdef TSS_BUILD_RSAKEY_LIST 163 case TSS_OBJECT_TYPE_RSAKEY: 164 /* If other flags are set that disagree with the SRK, this will 165 * help catch that conflict in the later steps */ 166 if (initFlags & TSS_KEY_TSP_SRK) { 167 initFlags |= (TSS_KEY_TYPE_STORAGE | TSS_KEY_NOT_MIGRATABLE | 168 TSS_KEY_NON_VOLATILE | TSS_KEY_SIZE_2048); 169 } 170 171 /* Set default key flags */ 172 173 /* Default key size = 2k */ 174 if ((initFlags & TSS_KEY_SIZE_MASK) == 0) 175 initFlags |= TSS_KEY_SIZE_2048; 176 177 /* Default key type = storage */ 178 if ((initFlags & TSS_KEY_TYPE_MASK) == 0) 179 initFlags |= TSS_KEY_TYPE_STORAGE; 180 181 /* Check the key flags */ 182 switch (initFlags & TSS_KEY_SIZE_MASK) { 183 case TSS_KEY_SIZE_512: 184 /* fall through */ 185 case TSS_KEY_SIZE_1024: 186 /* fall through */ 187 case TSS_KEY_SIZE_2048: 188 /* fall through */ 189 case TSS_KEY_SIZE_4096: 190 /* fall through */ 191 case TSS_KEY_SIZE_8192: 192 /* fall through */ 193 case TSS_KEY_SIZE_16384: 194 break; 195 default: 196 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 197 } 198 199 switch (initFlags & TSS_KEY_TYPE_MASK) { 200 case TSS_KEY_TYPE_STORAGE: 201 /* fall through */ 202 case TSS_KEY_TYPE_SIGNING: 203 /* fall through */ 204 case TSS_KEY_TYPE_BIND: 205 /* fall through */ 206 case TSS_KEY_TYPE_AUTHCHANGE: 207 /* fall through */ 208 case TSS_KEY_TYPE_LEGACY: 209 /* fall through */ 210 case TSS_KEY_TYPE_IDENTITY: 211 break; 212 default: 213 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 214 } 215 216 result = obj_rsakey_add(tspContext, initFlags, phObject); 217 break; 218 #endif 219 #ifdef TSS_BUILD_ENCDATA_LIST 220 case TSS_OBJECT_TYPE_ENCDATA: 221 switch (initFlags & TSS_ENCDATA_TYPE_MASK) { 222 case TSS_ENCDATA_LEGACY: 223 /* fall through */ 224 case TSS_ENCDATA_SEAL: 225 /* fall through */ 226 case TSS_ENCDATA_BIND: 227 break; 228 default: 229 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 230 } 231 232 result = obj_encdata_add(tspContext, (initFlags & TSS_ENCDATA_TYPE_MASK), phObject); 233 break; 234 #endif 235 #ifdef TSS_BUILD_PCRS_LIST 236 case TSS_OBJECT_TYPE_PCRS: 237 switch (initFlags) { 238 case TSS_PCRS_STRUCT_DEFAULT: 239 /* fall through */ 240 case TSS_PCRS_STRUCT_INFO: 241 /* fall through */ 242 case TSS_PCRS_STRUCT_INFO_LONG: 243 /* fall through */ 244 case TSS_PCRS_STRUCT_INFO_SHORT: 245 /* fall through */ 246 break; 247 default: 248 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 249 } 250 251 result = obj_pcrs_add(tspContext, initFlags, phObject); 252 break; 253 #endif 254 #ifdef TSS_BUILD_HASH_LIST 255 case TSS_OBJECT_TYPE_HASH: 256 switch (initFlags) { 257 case TSS_HASH_DEFAULT: 258 /* fall through */ 259 case TSS_HASH_SHA1: 260 /* fall through */ 261 case TSS_HASH_OTHER: 262 break; 263 default: 264 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 265 } 266 267 result = obj_hash_add(tspContext, initFlags, phObject); 268 break; 269 #endif 270 #ifdef TSS_BUILD_DAA 271 //case TSS_OBJECT_TYPE_DAA_CREDENTIAL: 272 case TSS_OBJECT_TYPE_DAA_CERTIFICATE: 273 if (initFlags & ~(0UL)) 274 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 275 276 result = obj_daacred_add(tspContext, phObject); 277 break; 278 case TSS_OBJECT_TYPE_DAA_ISSUER_KEY: 279 if (initFlags & ~(0UL)) 280 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 281 282 result = obj_daaissuerkey_add(tspContext, phObject); 283 break; 284 case TSS_OBJECT_TYPE_DAA_ARA_KEY: 285 if (initFlags & ~(0UL)) 286 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 287 288 result = obj_daaarakey_add(tspContext, phObject); 289 break; 290 #endif 291 #ifdef TSS_BUILD_NV 292 case TSS_OBJECT_TYPE_NV: 293 /* There are no valid flags for a NV object */ 294 if (initFlags & ~(0UL)) 295 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 296 297 result = obj_nvstore_add(tspContext, phObject); 298 break; 299 #endif 300 #ifdef TSS_BUILD_DELEGATION 301 case TSS_OBJECT_TYPE_DELFAMILY: 302 /* There are no valid flags for a DELFAMILY object */ 303 if (initFlags & ~(0UL)) 304 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 305 306 result = obj_delfamily_add(tspContext, phObject); 307 break; 308 #endif 309 #ifdef TSS_BUILD_CMK 310 case TSS_OBJECT_TYPE_MIGDATA: 311 /* There are no valid flags for a MIGDATA object */ 312 if (initFlags & ~(0UL)) 313 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 314 315 result = obj_migdata_add(tspContext, phObject); 316 break; 317 #endif 318 default: 319 LogDebug("Invalid Object type"); 320 return TSPERR(TSS_E_INVALID_OBJECT_TYPE); 321 break; 322 } 323 324 return result; 325 } 326 327 TSS_RESULT 328 Tspi_Context_CloseObject(TSS_HCONTEXT tspContext, /* in */ 329 TSS_HOBJECT hObject) /* in */ 330 { 331 TSS_RESULT result; 332 333 if (!obj_is_context(tspContext)) 334 return TSPERR(TSS_E_INVALID_HANDLE); 335 336 if (obj_is_pcrs(hObject)) { 337 #ifdef TSS_BUILD_PCRS_LIST 338 result = obj_pcrs_remove(hObject, tspContext); 339 #endif 340 } else if (obj_is_encdata(hObject)) { 341 #ifdef TSS_BUILD_ENCDATA_LIST 342 result = obj_encdata_remove(hObject, tspContext); 343 #endif 344 } else if (obj_is_hash(hObject)) { 345 #ifdef TSS_BUILD_HASH_LIST 346 result = obj_hash_remove(hObject, tspContext); 347 #endif 348 } else if (obj_is_rsakey(hObject)) { 349 #ifdef TSS_BUILD_RSAKEY_LIST 350 result = obj_rsakey_remove(hObject, tspContext); 351 #endif 352 } else if (obj_is_policy(hObject)) { 353 result = obj_policy_remove(hObject, tspContext); 354 } else if (obj_is_delfamily(hObject)) { 355 #ifdef TSS_BUILD_DELEGATION 356 result = obj_delfamily_remove(hObject, tspContext); 357 #endif 358 } else if (obj_is_migdata(hObject)) { 359 #ifdef TSS_BUILD_CMK 360 result = obj_migdata_remove(hObject, tspContext); 361 #endif 362 } else { 363 result = TSPERR(TSS_E_INVALID_HANDLE); 364 } 365 366 return result; 367 } 368 369 TSS_RESULT 370 Tspi_Context_GetTpmObject(TSS_HCONTEXT tspContext, /* in */ 371 TSS_HTPM * phTPM) /* out */ 372 { 373 if (phTPM == NULL) 374 return TSPERR(TSS_E_BAD_PARAMETER); 375 376 if (!obj_is_context(tspContext)) 377 return TSPERR(TSS_E_INVALID_HANDLE); 378 379 return obj_tpm_get(tspContext, phTPM); 380 } 381 382