1
2 /*
3 * Licensed Materials - Property of IBM
4 *
5 * trousers - An open source TCG Software Stack
6 *
7 * (C) Copyright International Business Machines Corp. 2004, 2007
8 *
9 */
10
11
12 #include <stdlib.h>
13 #include <stdio.h>
14 #include <string.h>
15 #include <inttypes.h>
16
17 #include "trousers/tss.h"
18 #include "trousers_types.h"
19 #include "tcs_tsp.h"
20 #include "tcsps.h"
21 #include "tcs_utils.h"
22 #include "tcs_int_literals.h"
23 #include "capabilities.h"
24 #include "tcslog.h"
25 #include "req_mgr.h"
26 #include "tcsd_wrap.h"
27 #include "tcsd.h"
28
29 TSS_RESULT
TCSP_CreateEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext,TCPA_NONCE antiReplay,UINT32 endorsementKeyInfoSize,BYTE * endorsementKeyInfo,UINT32 * endorsementKeySize,BYTE ** endorsementKey,TCPA_DIGEST * checksum)30 TCSP_CreateEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
31 TCPA_NONCE antiReplay, /* in */
32 UINT32 endorsementKeyInfoSize, /* in */
33 BYTE * endorsementKeyInfo, /* in */
34 UINT32 * endorsementKeySize, /* out */
35 BYTE ** endorsementKey, /* out */
36 TCPA_DIGEST * checksum) /* out */
37 {
38 UINT64 offset = 0;
39 UINT32 paramSize;
40 TSS_RESULT result;
41 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
42
43 if ((result = ctx_verify_context(hContext)))
44 return result;
45
46 if ((result = tpm_rqu_build(TPM_ORD_CreateEndorsementKeyPair, &offset, txBlob,
47 antiReplay.nonce, endorsementKeyInfoSize,
48 endorsementKeyInfo)))
49 return result;
50
51 if ((result = req_mgr_submit_req(txBlob)))
52 return result;
53
54 result = UnloadBlob_Header(txBlob, ¶mSize);
55 if (!result) {
56 result = tpm_rsp_parse(TPM_ORD_CreateEndorsementKeyPair, txBlob, paramSize,
57 endorsementKeySize, endorsementKey, checksum->digest);
58 }
59 LogDebug("Leaving CreateEKPair with result: 0x%x", result);
60 return result;
61 }
62
63 TSS_RESULT
TCSP_ReadPubek_Internal(TCS_CONTEXT_HANDLE hContext,TCPA_NONCE antiReplay,UINT32 * pubEndorsementKeySize,BYTE ** pubEndorsementKey,TCPA_DIGEST * checksum)64 TCSP_ReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
65 TCPA_NONCE antiReplay, /* in */
66 UINT32 * pubEndorsementKeySize, /* out */
67 BYTE ** pubEndorsementKey, /* out */
68 TCPA_DIGEST * checksum) /* out */
69 {
70 UINT64 offset = 0;
71 UINT32 paramSize;
72 TSS_RESULT result;
73 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
74
75 LogDebugFn("Enter");
76
77 if ((result = ctx_verify_context(hContext)))
78 return result;
79
80 if ((result = tpm_rqu_build(TPM_ORD_ReadPubek, &offset, txBlob, TPM_NONCE_SIZE,
81 antiReplay.nonce)))
82 return result;
83
84 if ((result = req_mgr_submit_req(txBlob)))
85 return result;
86
87 result = UnloadBlob_Header(txBlob, ¶mSize);
88 if (!result) {
89 result = tpm_rsp_parse(TPM_ORD_ReadPubek, txBlob, paramSize, pubEndorsementKeySize,
90 pubEndorsementKey, checksum->digest);
91 }
92 LogDebugFn("result: 0x%x", result);
93 return result;
94 }
95
96 TSS_RESULT
TCSP_DisablePubekRead_Internal(TCS_CONTEXT_HANDLE hContext,TPM_AUTH * ownerAuth)97 TCSP_DisablePubekRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
98 TPM_AUTH * ownerAuth) /* in, out */
99 {
100 UINT64 offset = 0;
101 UINT32 paramSize;
102 TSS_RESULT result;
103 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
104
105 LogDebug("DisablePubekRead");
106
107 if ((result = ctx_verify_context(hContext)))
108 goto done;
109
110 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
111 goto done;
112
113 if ((result = tpm_rqu_build(TPM_ORD_DisablePubekRead, &offset, txBlob, ownerAuth)))
114 goto done;
115
116 if ((result = req_mgr_submit_req(txBlob)))
117 goto done;
118
119 result = UnloadBlob_Header(txBlob, ¶mSize);
120 if (!result) {
121 result = tpm_rsp_parse(TPM_ORD_DisablePubekRead, txBlob, paramSize, ownerAuth);
122 }
123 done:
124 auth_mgr_release_auth(ownerAuth, NULL, hContext);
125 return result;
126 }
127
128 TSS_RESULT
TCSP_OwnerReadPubek_Internal(TCS_CONTEXT_HANDLE hContext,TPM_AUTH * ownerAuth,UINT32 * pubEndorsementKeySize,BYTE ** pubEndorsementKey)129 TCSP_OwnerReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
130 TPM_AUTH * ownerAuth, /* in, out */
131 UINT32 * pubEndorsementKeySize, /* out */
132 BYTE ** pubEndorsementKey) /* out */
133 {
134 UINT32 paramSize;
135 TSS_RESULT result;
136 UINT64 offset = 0;
137 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
138
139 LogDebug("Entering OwnerReadPubek");
140
141 if ((result = ctx_verify_context(hContext)))
142 goto done;
143
144 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
145 goto done;
146
147 if ((result = tpm_rqu_build(TPM_ORD_OwnerReadPubek, &offset, txBlob, ownerAuth)))
148 goto done;
149
150 if ((result = req_mgr_submit_req(txBlob)))
151 goto done;
152
153 result = UnloadBlob_Header(txBlob, ¶mSize);
154
155 if (!result) {
156 result = tpm_rsp_parse(TPM_ORD_OwnerReadPubek, txBlob, paramSize,
157 pubEndorsementKeySize, pubEndorsementKey, ownerAuth);
158 }
159 LogResult("Owner Read Pubek", result);
160 done:
161 auth_mgr_release_auth(ownerAuth, NULL, hContext);
162 return result;
163 }
164
165 TSS_RESULT
TCSP_CreateRevocableEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext,TPM_NONCE antiReplay,UINT32 endorsementKeyInfoSize,BYTE * endorsementKeyInfo,TSS_BOOL genResetAuth,TPM_DIGEST * eKResetAuth,UINT32 * endorsementKeySize,BYTE ** endorsementKey,TPM_DIGEST * checksum)166 TCSP_CreateRevocableEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
167 TPM_NONCE antiReplay, /* in */
168 UINT32 endorsementKeyInfoSize, /* in */
169 BYTE * endorsementKeyInfo, /* in */
170 TSS_BOOL genResetAuth, /* in */
171 TPM_DIGEST * eKResetAuth, /* in, out */
172 UINT32 * endorsementKeySize, /* out */
173 BYTE ** endorsementKey, /* out */
174 TPM_DIGEST * checksum) /* out */
175 {
176 UINT64 offset = 0;
177 UINT32 paramSize;
178 TSS_RESULT result;
179 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
180
181 if ((result = ctx_verify_context(hContext)))
182 return result;
183
184 if ((result = tpm_rqu_build(TPM_ORD_CreateRevocableEK, &offset, txBlob,
185 antiReplay.nonce, endorsementKeyInfoSize,
186 endorsementKeyInfo, genResetAuth, eKResetAuth->digest)))
187 return result;
188
189 if ((result = req_mgr_submit_req(txBlob)))
190 return result;
191
192 result = UnloadBlob_Header(txBlob, ¶mSize);
193 if (!result) {
194 result = tpm_rsp_parse(TPM_ORD_CreateRevocableEK, txBlob, paramSize,
195 endorsementKeySize, endorsementKey, checksum->digest,
196 eKResetAuth->digest);
197 }
198
199 LogDebug("Leaving CreateRevocableEKPair with result: 0x%x", result);
200 return result;
201 }
202
203 TSS_RESULT
TCSP_RevokeEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext,TPM_DIGEST EKResetAuth)204 TCSP_RevokeEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
205 TPM_DIGEST EKResetAuth) /* in */
206 {
207 UINT64 offset = 0;
208 UINT32 paramSize;
209 TSS_RESULT result;
210 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
211
212 if ((result = ctx_verify_context(hContext)))
213 return result;
214
215 if ((result = tpm_rqu_build(TPM_ORD_RevokeTrust, &offset, txBlob, EKResetAuth.digest)))
216 return result;
217
218 if ((result = req_mgr_submit_req(txBlob)))
219 return result;
220
221 result = UnloadBlob_Header(txBlob, ¶mSize);
222
223 LogDebug("Leaving RevokeEKPair with result: 0x%x", result);
224 return result;
225 }
226
227