1
2 /*
3 * Licensed Materials - Property of IBM
4 *
5 * trousers - An open source TCG Software Stack
6 *
7 * (C) Copyright International Business Machines Corp. 2007
8 *
9 */
10
11
12 #include <stdlib.h>
13 #include <stdio.h>
14 #include <string.h>
15
16 #include "trousers/tss.h"
17 #include "trousers_types.h"
18 #include "tcs_utils.h"
19 #include "tcslog.h"
20 #include "req_mgr.h"
21
22 TSS_RESULT
TCSP_Delegate_Manage_Internal(TCS_CONTEXT_HANDLE hContext,TPM_FAMILY_ID familyID,TPM_FAMILY_OPERATION opFlag,UINT32 opDataSize,BYTE * opData,TPM_AUTH * ownerAuth,UINT32 * retDataSize,BYTE ** retData)23 TCSP_Delegate_Manage_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
24 TPM_FAMILY_ID familyID, /* in */
25 TPM_FAMILY_OPERATION opFlag, /* in */
26 UINT32 opDataSize, /* in */
27 BYTE *opData, /* in */
28 TPM_AUTH *ownerAuth, /* in/out */
29 UINT32 *retDataSize, /* out */
30 BYTE **retData) /* out */
31 {
32 TSS_RESULT result;
33 UINT64 offset = 0;
34 UINT32 paramSize;
35 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
36
37 LogDebugFn("Enter");
38
39 if ((result = ctx_verify_context(hContext)))
40 return result;
41
42 if (ownerAuth) {
43 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
44 return result;
45 }
46
47 if ((result = tpm_rqu_build(TPM_ORD_Delegate_Manage, &offset, txBlob, familyID, opFlag,
48 opDataSize, opData, ownerAuth)))
49 goto done;
50
51 if ((result = req_mgr_submit_req(txBlob)))
52 goto done;
53
54 result = UnloadBlob_Header(txBlob, ¶mSize);
55 if (!result) {
56 result = tpm_rsp_parse(TPM_ORD_Delegate_Manage, txBlob, paramSize, retDataSize,
57 retData, ownerAuth, NULL);
58 }
59
60 LogResult("Delegate_Manage", result);
61
62 done:
63 auth_mgr_release_auth(ownerAuth, NULL, hContext);
64
65 return result;
66 }
67
68 TSS_RESULT
TCSP_Delegate_CreateKeyDelegation_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hKey,UINT32 publicInfoSize,BYTE * publicInfo,TPM_ENCAUTH * encDelAuth,TPM_AUTH * keyAuth,UINT32 * blobSize,BYTE ** blob)69 TCSP_Delegate_CreateKeyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
70 TCS_KEY_HANDLE hKey, /* in */
71 UINT32 publicInfoSize, /* in */
72 BYTE *publicInfo, /* in */
73 TPM_ENCAUTH *encDelAuth, /* in */
74 TPM_AUTH *keyAuth, /* in, out */
75 UINT32 *blobSize, /* out */
76 BYTE **blob) /* out */
77 {
78 TSS_RESULT result;
79 TCPA_KEY_HANDLE keySlot;
80 UINT64 offset = 0;
81 UINT32 paramSize;
82 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
83
84 LogDebugFn("Enter");
85
86 if ((result = ctx_verify_context(hContext)))
87 return result;
88
89 if (keyAuth) {
90 if ((result = auth_mgr_check(hContext, &keyAuth->AuthHandle)))
91 return result;
92 }
93
94 if ((result = ensureKeyIsLoaded(hContext, hKey, &keySlot)))
95 goto done;
96
97 if ((result = tpm_rqu_build(TPM_ORD_Delegate_CreateKeyDelegation, &offset, txBlob, keySlot,
98 publicInfoSize, publicInfo, encDelAuth, keyAuth)))
99 goto done;
100
101 if ((result = req_mgr_submit_req(txBlob)))
102 goto done;
103
104 result = UnloadBlob_Header(txBlob, ¶mSize);
105 if (!result) {
106 result = tpm_rsp_parse(TPM_ORD_Delegate_CreateKeyDelegation, txBlob, paramSize,
107 blobSize, blob, keyAuth, NULL);
108 }
109
110 LogResult("Delegate_CreateKeyDelegation", result);
111
112 done:
113 auth_mgr_release_auth(keyAuth, NULL, hContext);
114
115 return result;
116 }
117
118 TSS_RESULT
TCSP_Delegate_CreateOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext,TSS_BOOL increment,UINT32 publicInfoSize,BYTE * publicInfo,TPM_ENCAUTH * encDelAuth,TPM_AUTH * ownerAuth,UINT32 * blobSize,BYTE ** blob)119 TCSP_Delegate_CreateOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
120 TSS_BOOL increment, /* in */
121 UINT32 publicInfoSize, /* in */
122 BYTE *publicInfo, /* in */
123 TPM_ENCAUTH *encDelAuth, /* in */
124 TPM_AUTH *ownerAuth, /* in, out */
125 UINT32 *blobSize, /* out */
126 BYTE **blob) /* out */
127 {
128 TSS_RESULT result;
129 UINT64 offset = 0;
130 UINT32 paramSize;
131 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
132
133 LogDebugFn("Enter");
134
135 if ((result = ctx_verify_context(hContext)))
136 return result;
137
138 if (ownerAuth) {
139 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
140 return result;
141 }
142
143 if ((result = tpm_rqu_build(TPM_ORD_Delegate_CreateOwnerDelegation, &offset, txBlob,
144 increment, publicInfoSize, publicInfo, encDelAuth, ownerAuth)))
145 goto done;
146
147 if ((result = req_mgr_submit_req(txBlob)))
148 goto done;
149
150 result = UnloadBlob_Header(txBlob, ¶mSize);
151 if (!result) {
152 result = tpm_rsp_parse(TPM_ORD_Delegate_CreateOwnerDelegation, txBlob, paramSize,
153 blobSize, blob, ownerAuth, NULL);
154 }
155
156 LogResult("Delegate_CreateOwnerDelegation", result);
157
158 done:
159 auth_mgr_release_auth(ownerAuth, NULL, hContext);
160
161 return result;
162 }
163
164 TSS_RESULT
TCSP_Delegate_LoadOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext,TPM_DELEGATE_INDEX index,UINT32 blobSize,BYTE * blob,TPM_AUTH * ownerAuth)165 TCSP_Delegate_LoadOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
166 TPM_DELEGATE_INDEX index, /* in */
167 UINT32 blobSize, /* in */
168 BYTE *blob, /* in */
169 TPM_AUTH *ownerAuth) /* in, out */
170 {
171 TSS_RESULT result;
172 UINT64 offset = 0;
173 UINT32 paramSize;
174 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
175
176 LogDebugFn("Enter");
177
178 if ((result = ctx_verify_context(hContext)))
179 return result;
180
181 if (ownerAuth) {
182 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
183 return result;
184 }
185
186 if ((result = tpm_rqu_build(TPM_ORD_Delegate_LoadOwnerDelegation, &offset, txBlob, index,
187 blobSize, blob, ownerAuth)))
188 goto done;
189
190 if ((result = req_mgr_submit_req(txBlob)))
191 goto done;
192
193 result = UnloadBlob_Header(txBlob, ¶mSize);
194 if (!result) {
195 result = tpm_rsp_parse(TPM_ORD_Delegate_LoadOwnerDelegation, txBlob, paramSize,
196 ownerAuth);
197 }
198
199 LogResult("Delegate_LoadOwnerDelegation", result);
200
201 done:
202 auth_mgr_release_auth(ownerAuth, NULL, hContext);
203
204 return result;
205 }
206
207 TSS_RESULT
TCSP_Delegate_ReadTable_Internal(TCS_CONTEXT_HANDLE hContext,UINT32 * familyTableSize,BYTE ** familyTable,UINT32 * delegateTableSize,BYTE ** delegateTable)208 TCSP_Delegate_ReadTable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
209 UINT32 *familyTableSize, /* out */
210 BYTE **familyTable, /* out */
211 UINT32 *delegateTableSize, /* out */
212 BYTE **delegateTable) /* out */
213 {
214 TSS_RESULT result;
215 UINT64 offset = 0;
216 UINT32 paramSize;
217 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
218
219 LogDebugFn("Enter");
220
221 if ((result = ctx_verify_context(hContext)))
222 return result;
223
224 if ((result = tpm_rqu_build(TPM_ORD_Delegate_ReadTable, &offset, txBlob, NULL)))
225 return result;
226
227 if ((result = req_mgr_submit_req(txBlob)))
228 return result;
229
230 result = UnloadBlob_Header(txBlob, ¶mSize);
231 if (!result) {
232 result = tpm_rsp_parse(TPM_ORD_Delegate_ReadTable, txBlob, paramSize,
233 familyTableSize, familyTable, delegateTableSize,
234 delegateTable, NULL, NULL);
235 }
236
237 LogResult("Delegate_ReadTable", result);
238
239 return result;
240 }
241
242 TSS_RESULT
TCSP_Delegate_UpdateVerificationCount_Internal(TCS_CONTEXT_HANDLE hContext,UINT32 inputSize,BYTE * input,TPM_AUTH * ownerAuth,UINT32 * outputSize,BYTE ** output)243 TCSP_Delegate_UpdateVerificationCount_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
244 UINT32 inputSize, /* in */
245 BYTE *input, /* in */
246 TPM_AUTH *ownerAuth, /* in, out */
247 UINT32 *outputSize, /* out */
248 BYTE **output) /* out */
249 {
250 TSS_RESULT result;
251 UINT64 offset = 0;
252 UINT32 paramSize;
253 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
254
255 LogDebugFn("Enter");
256
257 if ((result = ctx_verify_context(hContext)))
258 return result;
259
260 if (ownerAuth) {
261 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
262 return result;
263 }
264
265 if ((result = tpm_rqu_build(TPM_ORD_Delegate_UpdateVerification, &offset, txBlob, inputSize,
266 inputSize, input, ownerAuth, NULL)))
267 goto done;
268
269 if ((result = req_mgr_submit_req(txBlob)))
270 goto done;
271
272 result = UnloadBlob_Header(txBlob, ¶mSize);
273 if (!result) {
274 result = tpm_rsp_parse(TPM_ORD_Delegate_UpdateVerification, txBlob, paramSize,
275 outputSize, output, ownerAuth, NULL);
276 }
277
278 LogResult("Delegate_UpdateVerificationCount", result);
279
280 done:
281 auth_mgr_release_auth(ownerAuth, NULL, hContext);
282
283 return result;
284 }
285
286 TSS_RESULT
TCSP_Delegate_VerifyDelegation_Internal(TCS_CONTEXT_HANDLE hContext,UINT32 delegateSize,BYTE * delegate)287 TCSP_Delegate_VerifyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
288 UINT32 delegateSize, /* in */
289 BYTE *delegate) /* in */
290 {
291 TSS_RESULT result;
292 UINT64 offset = 0;
293 UINT32 paramSize;
294 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
295
296 LogDebugFn("Enter");
297
298 if ((result = ctx_verify_context(hContext)))
299 return result;
300
301 if ((result = tpm_rqu_build(TPM_ORD_Delegate_VerifyDelegation, &offset, txBlob,
302 delegateSize, delegateSize, delegate, NULL, NULL)))
303 return result;
304
305 if ((result = req_mgr_submit_req(txBlob)))
306 return result;
307
308 result = UnloadBlob_Header(txBlob, ¶mSize);
309
310 LogResult("Delegate_VerifyDelegation", result);
311
312 return result;
313 }
314
315 TSS_RESULT
TCSP_DSAP_Internal(TCS_CONTEXT_HANDLE hContext,TPM_ENTITY_TYPE entityType,TCS_KEY_HANDLE keyHandle,TPM_NONCE * nonceOddDSAP,UINT32 entityValueSize,BYTE * entityValue,TCS_AUTHHANDLE * authHandle,TPM_NONCE * nonceEven,TPM_NONCE * nonceEvenDSAP)316 TCSP_DSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
317 TPM_ENTITY_TYPE entityType, /* in */
318 TCS_KEY_HANDLE keyHandle, /* in */
319 TPM_NONCE *nonceOddDSAP, /* in */
320 UINT32 entityValueSize, /* in */
321 BYTE *entityValue, /* in */
322 TCS_AUTHHANDLE *authHandle, /* out */
323 TPM_NONCE *nonceEven, /* out */
324 TPM_NONCE *nonceEvenDSAP) /* out */
325 {
326 TSS_RESULT result;
327 UINT64 offset = 0;
328 UINT32 paramSize;
329 TPM_KEY_HANDLE tpmKeyHandle;
330 BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
331
332 LogDebugFn("Enter");
333
334 if ((result = ctx_verify_context(hContext)))
335 return result;
336
337 if (ensureKeyIsLoaded(hContext, keyHandle, &tpmKeyHandle))
338 return TCSERR(TSS_E_KEY_NOT_LOADED);
339
340 /* are the maximum number of auth sessions open? */
341 if (auth_mgr_req_new(hContext) == FALSE) {
342 if ((result = auth_mgr_swap_out(hContext)))
343 goto done;
344 }
345
346 if ((result = tpm_rqu_build(TPM_ORD_DSAP, &offset, txBlob, entityType, tpmKeyHandle,
347 nonceOddDSAP, entityValueSize, entityValue)))
348 return result;
349
350 if ((result = req_mgr_submit_req(txBlob)))
351 return result;
352
353 result = UnloadBlob_Header(txBlob, ¶mSize);
354 if (!result) {
355 if ((result = tpm_rsp_parse(TPM_ORD_DSAP, txBlob, paramSize, authHandle,
356 nonceEven->nonce, nonceEvenDSAP->nonce)))
357 goto done;
358
359 /* success, add an entry to the table */
360 result = auth_mgr_add(hContext, *authHandle);
361 }
362 done:
363 LogResult("DSAP", result);
364
365 return result;
366 }
367