1
2 /*
3 * Licensed Materials - Property of IBM
4 *
5 * trousers - An open source TCG Software Stack
6 *
7 * (C) Copyright International Business Machines Corp. 2004-2007
8 *
9 */
10
11
12 #include <stdlib.h>
13 #include <stdio.h>
14 #include <string.h>
15
16 #include "trousers/tss.h"
17 #include "trousers/trousers.h"
18 #include "trousers_types.h"
19 #include "trousers_types.h"
20 #include "spi_utils.h"
21 #include "capabilities.h"
22 #include "tsplog.h"
23 #include "tcs_tsp.h"
24 #include "tspps.h"
25 #include "hosttable.h"
26 #include "tcsd_wrap.h"
27 #include "tcsd.h"
28 #include "obj.h"
29
30
31 TSS_RESULT
Tspi_Context_Create(TSS_HCONTEXT * phContext)32 Tspi_Context_Create(TSS_HCONTEXT * phContext) /* out */
33 {
34 if (phContext == NULL)
35 return TSPERR(TSS_E_BAD_PARAMETER);
36
37 return obj_context_add(phContext);
38 }
39
40 TSS_RESULT
Tspi_Context_Close(TSS_HCONTEXT tspContext)41 Tspi_Context_Close(TSS_HCONTEXT tspContext) /* in */
42 {
43 if (!obj_is_context(tspContext))
44 return TSPERR(TSS_E_INVALID_HANDLE);
45
46 obj_context_close(tspContext);
47
48 /* Have the TCS do its thing */
49 RPC_CloseContext(tspContext);
50
51 /* Note: Memory that was returned to the app that was alloc'd by this
52 * context isn't free'd here. Any memory that the app doesn't explicitly
53 * free is left for it to free itself. */
54
55 /* Destroy all objects */
56 obj_close_context(tspContext);
57
58 /* close the ps file */
59 PS_close();
60
61 /* We're not a connected context, so just exit */
62 return TSS_SUCCESS;
63 }
64
65 TSS_RESULT
Tspi_Context_Connect(TSS_HCONTEXT tspContext,TSS_UNICODE * wszDestination)66 Tspi_Context_Connect(TSS_HCONTEXT tspContext, /* in */
67 TSS_UNICODE *wszDestination) /* in */
68 {
69 TSS_RESULT result;
70 BYTE *machine_name = NULL;
71 TSS_HOBJECT hTpm;
72 UINT32 string_len = 0;
73
74
75 if (wszDestination == NULL) {
76 if ((result = obj_context_get_machine_name(tspContext,
77 &string_len,
78 &machine_name)))
79 return result;
80
81 if ((result = RPC_OpenContext(tspContext, machine_name,
82 CONNECTION_TYPE_TCP_PERSISTANT))) {
83 free(machine_name);
84 return result;
85 }
86
87 } else {
88 if ((machine_name =
89 Trspi_UNICODE_To_Native((BYTE *)wszDestination, NULL)) == NULL) {
90 LogError("Error converting hostname to UTF-8");
91 return TSPERR(TSS_E_INTERNAL_ERROR);
92 }
93
94 if ((result = RPC_OpenContext(tspContext, machine_name,
95 CONNECTION_TYPE_TCP_PERSISTANT))) {
96 free(machine_name);
97 return result;
98 }
99
100 if ((result = obj_context_set_machine_name(tspContext, machine_name,
101 strlen((char *)machine_name)+1))) {
102 free(machine_name);
103 return result;
104 }
105
106 }
107
108 free(machine_name);
109
110 if ((obj_tpm_add(tspContext, &hTpm)))
111 return TSPERR(TSS_E_INTERNAL_ERROR);
112
113 return TSS_SUCCESS;
114 }
115
116 TSS_RESULT
Tspi_Context_FreeMemory(TSS_HCONTEXT tspContext,BYTE * rgbMemory)117 Tspi_Context_FreeMemory(TSS_HCONTEXT tspContext, /* in */
118 BYTE * rgbMemory) /* in */
119 {
120 if (!obj_is_context(tspContext))
121 return TSPERR(TSS_E_INVALID_HANDLE);
122
123 return free_tspi(tspContext, rgbMemory);
124 }
125
126 TSS_RESULT
Tspi_Context_GetDefaultPolicy(TSS_HCONTEXT tspContext,TSS_HPOLICY * phPolicy)127 Tspi_Context_GetDefaultPolicy(TSS_HCONTEXT tspContext, /* in */
128 TSS_HPOLICY * phPolicy) /* out */
129 {
130 if (phPolicy == NULL )
131 return TSPERR(TSS_E_BAD_PARAMETER);
132
133 if (!obj_is_context(tspContext))
134 return TSPERR(TSS_E_INVALID_HANDLE);
135
136 return obj_context_get_policy(tspContext, TSS_POLICY_USAGE, phPolicy);
137 }
138
139 TSS_RESULT
Tspi_Context_CreateObject(TSS_HCONTEXT tspContext,TSS_FLAG objectType,TSS_FLAG initFlags,TSS_HOBJECT * phObject)140 Tspi_Context_CreateObject(TSS_HCONTEXT tspContext, /* in */
141 TSS_FLAG objectType, /* in */
142 TSS_FLAG initFlags, /* in */
143 TSS_HOBJECT * phObject) /* out */
144 {
145 TSS_RESULT result;
146
147 if (phObject == NULL)
148 return TSPERR(TSS_E_BAD_PARAMETER);
149
150 if (!obj_is_context(tspContext))
151 return TSPERR(TSS_E_INVALID_HANDLE);
152
153 switch (objectType) {
154 case TSS_OBJECT_TYPE_POLICY:
155 switch (initFlags) {
156 #ifdef TSS_BUILD_TSS12
157 case TSS_POLICY_OPERATOR:
158 /* fall through */
159 #endif
160 case TSS_POLICY_MIGRATION:
161 /* fall through */
162 case TSS_POLICY_USAGE:
163 break;
164 default:
165 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
166 }
167
168 result = obj_policy_add(tspContext, initFlags, phObject);
169 break;
170 #ifdef TSS_BUILD_RSAKEY_LIST
171 case TSS_OBJECT_TYPE_RSAKEY:
172 /* If other flags are set that disagree with the SRK, this will
173 * help catch that conflict in the later steps */
174 if (initFlags & TSS_KEY_TSP_SRK) {
175 initFlags |= (TSS_KEY_TYPE_STORAGE | TSS_KEY_NOT_MIGRATABLE |
176 TSS_KEY_NON_VOLATILE | TSS_KEY_SIZE_2048);
177 }
178
179 /* Set default key flags */
180
181 /* Default key size = 2k */
182 if ((initFlags & TSS_KEY_SIZE_MASK) == 0)
183 initFlags |= TSS_KEY_SIZE_2048;
184
185 /* Default key type = storage */
186 if ((initFlags & TSS_KEY_TYPE_MASK) == 0)
187 initFlags |= TSS_KEY_TYPE_STORAGE;
188
189 /* Check the key flags */
190 switch (initFlags & TSS_KEY_SIZE_MASK) {
191 case TSS_KEY_SIZE_512:
192 /* fall through */
193 case TSS_KEY_SIZE_1024:
194 /* fall through */
195 case TSS_KEY_SIZE_2048:
196 /* fall through */
197 case TSS_KEY_SIZE_4096:
198 /* fall through */
199 case TSS_KEY_SIZE_8192:
200 /* fall through */
201 case TSS_KEY_SIZE_16384:
202 break;
203 default:
204 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
205 }
206
207 switch (initFlags & TSS_KEY_TYPE_MASK) {
208 case TSS_KEY_TYPE_STORAGE:
209 /* fall through */
210 case TSS_KEY_TYPE_SIGNING:
211 /* fall through */
212 case TSS_KEY_TYPE_BIND:
213 /* fall through */
214 case TSS_KEY_TYPE_AUTHCHANGE:
215 /* fall through */
216 case TSS_KEY_TYPE_LEGACY:
217 /* fall through */
218 case TSS_KEY_TYPE_IDENTITY:
219 break;
220 default:
221 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
222 }
223
224 result = obj_rsakey_add(tspContext, initFlags, phObject);
225 break;
226 #endif
227 #ifdef TSS_BUILD_ENCDATA_LIST
228 case TSS_OBJECT_TYPE_ENCDATA:
229 switch (initFlags & TSS_ENCDATA_TYPE_MASK) {
230 case TSS_ENCDATA_LEGACY:
231 /* fall through */
232 case TSS_ENCDATA_SEAL:
233 /* fall through */
234 case TSS_ENCDATA_BIND:
235 break;
236 default:
237 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
238 }
239
240 result = obj_encdata_add(tspContext, (initFlags & TSS_ENCDATA_TYPE_MASK), phObject);
241 break;
242 #endif
243 #ifdef TSS_BUILD_PCRS_LIST
244 case TSS_OBJECT_TYPE_PCRS:
245 switch (initFlags) {
246 case TSS_PCRS_STRUCT_DEFAULT:
247 /* fall through */
248 case TSS_PCRS_STRUCT_INFO:
249 /* fall through */
250 case TSS_PCRS_STRUCT_INFO_LONG:
251 /* fall through */
252 case TSS_PCRS_STRUCT_INFO_SHORT:
253 /* fall through */
254 break;
255 default:
256 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
257 }
258
259 result = obj_pcrs_add(tspContext, initFlags, phObject);
260 break;
261 #endif
262 #ifdef TSS_BUILD_HASH_LIST
263 case TSS_OBJECT_TYPE_HASH:
264 switch (initFlags) {
265 case TSS_HASH_DEFAULT:
266 /* fall through */
267 case TSS_HASH_SHA1:
268 /* fall through */
269 case TSS_HASH_OTHER:
270 break;
271 default:
272 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
273 }
274
275 result = obj_hash_add(tspContext, initFlags, phObject);
276 break;
277 #endif
278 #ifdef TSS_BUILD_DAA
279 //case TSS_OBJECT_TYPE_DAA_CREDENTIAL:
280 case TSS_OBJECT_TYPE_DAA_CERTIFICATE:
281 if (initFlags & ~(0UL))
282 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
283
284 result = obj_daacred_add(tspContext, phObject);
285 break;
286 case TSS_OBJECT_TYPE_DAA_ISSUER_KEY:
287 if (initFlags & ~(0UL))
288 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
289
290 result = obj_daaissuerkey_add(tspContext, phObject);
291 break;
292 case TSS_OBJECT_TYPE_DAA_ARA_KEY:
293 if (initFlags & ~(0UL))
294 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
295
296 result = obj_daaarakey_add(tspContext, phObject);
297 break;
298 #endif
299 #ifdef TSS_BUILD_NV
300 case TSS_OBJECT_TYPE_NV:
301 /* There are no valid flags for a NV object */
302 if (initFlags & ~(0UL))
303 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
304
305 result = obj_nvstore_add(tspContext, phObject);
306 break;
307 #endif
308 #ifdef TSS_BUILD_DELEGATION
309 case TSS_OBJECT_TYPE_DELFAMILY:
310 /* There are no valid flags for a DELFAMILY object */
311 if (initFlags & ~(0UL))
312 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
313
314 result = obj_delfamily_add(tspContext, phObject);
315 break;
316 #endif
317 #ifdef TSS_BUILD_CMK
318 case TSS_OBJECT_TYPE_MIGDATA:
319 /* There are no valid flags for a MIGDATA object */
320 if (initFlags & ~(0UL))
321 return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
322
323 result = obj_migdata_add(tspContext, phObject);
324 break;
325 #endif
326 default:
327 LogDebug("Invalid Object type");
328 return TSPERR(TSS_E_INVALID_OBJECT_TYPE);
329 break;
330 }
331
332 return result;
333 }
334
335 TSS_RESULT
Tspi_Context_CloseObject(TSS_HCONTEXT tspContext,TSS_HOBJECT hObject)336 Tspi_Context_CloseObject(TSS_HCONTEXT tspContext, /* in */
337 TSS_HOBJECT hObject) /* in */
338 {
339 TSS_RESULT result;
340
341 if (!obj_is_context(tspContext))
342 return TSPERR(TSS_E_INVALID_HANDLE);
343
344 if (obj_is_pcrs(hObject)) {
345 #ifdef TSS_BUILD_PCRS_LIST
346 result = obj_pcrs_remove(hObject, tspContext);
347 #endif
348 } else if (obj_is_encdata(hObject)) {
349 #ifdef TSS_BUILD_ENCDATA_LIST
350 result = obj_encdata_remove(hObject, tspContext);
351 #endif
352 } else if (obj_is_hash(hObject)) {
353 #ifdef TSS_BUILD_HASH_LIST
354 result = obj_hash_remove(hObject, tspContext);
355 #endif
356 } else if (obj_is_rsakey(hObject)) {
357 #ifdef TSS_BUILD_RSAKEY_LIST
358 result = obj_rsakey_remove(hObject, tspContext);
359 #endif
360 } else if (obj_is_policy(hObject)) {
361 result = obj_policy_remove(hObject, tspContext);
362 } else if (obj_is_delfamily(hObject)) {
363 #ifdef TSS_BUILD_DELEGATION
364 result = obj_delfamily_remove(hObject, tspContext);
365 #endif
366 } else if (obj_is_migdata(hObject)) {
367 #ifdef TSS_BUILD_CMK
368 result = obj_migdata_remove(hObject, tspContext);
369 #endif
370 } else if (obj_is_nvstore(hObject)) {
371 #ifdef TSS_BUILD_NV
372 result = obj_nvstore_remove(hObject, tspContext);
373 #endif
374 } else {
375 result = TSPERR(TSS_E_INVALID_HANDLE);
376 }
377
378 return result;
379 }
380
381 TSS_RESULT
Tspi_Context_GetTpmObject(TSS_HCONTEXT tspContext,TSS_HTPM * phTPM)382 Tspi_Context_GetTpmObject(TSS_HCONTEXT tspContext, /* in */
383 TSS_HTPM * phTPM) /* out */
384 {
385 if (phTPM == NULL)
386 return TSPERR(TSS_E_BAD_PARAMETER);
387
388 if (!obj_is_context(tspContext))
389 return TSPERR(TSS_E_INVALID_HANDLE);
390
391 return obj_tpm_get(tspContext, phTPM);
392 }
393
394