1*723e4046Schristos
2*723e4046Schristos /*
3*723e4046Schristos * Licensed Materials - Property of IBM
4*723e4046Schristos *
5*723e4046Schristos * trousers - An open source TCG Software Stack
6*723e4046Schristos *
7*723e4046Schristos * (C) Copyright International Business Machines Corp. 2004-2007
8*723e4046Schristos *
9*723e4046Schristos */
10*723e4046Schristos
11*723e4046Schristos
12*723e4046Schristos #include <stdlib.h>
13*723e4046Schristos #include <stdio.h>
14*723e4046Schristos #include <string.h>
15*723e4046Schristos
16*723e4046Schristos #include "trousers/tss.h"
17*723e4046Schristos #include "trousers_types.h"
18*723e4046Schristos #include "tcs_tsp.h"
19*723e4046Schristos #include "tcs_utils.h"
20*723e4046Schristos #include "tcs_int_literals.h"
21*723e4046Schristos #include "capabilities.h"
22*723e4046Schristos #include "tcslog.h"
23*723e4046Schristos #include "tcsps.h"
24*723e4046Schristos #include "req_mgr.h"
25*723e4046Schristos
26*723e4046Schristos
27*723e4046Schristos TSS_RESULT
TCSP_LoadKeyByBlob_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hUnwrappingKey,UINT32 cWrappedKeyBlobSize,BYTE * rgbWrappedKeyBlob,TPM_AUTH * pAuth,TCS_KEY_HANDLE * phKeyTCSI,TCS_KEY_HANDLE * phKeyHMAC)28*723e4046Schristos TCSP_LoadKeyByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
29*723e4046Schristos TCS_KEY_HANDLE hUnwrappingKey, /* in */
30*723e4046Schristos UINT32 cWrappedKeyBlobSize, /* in */
31*723e4046Schristos BYTE * rgbWrappedKeyBlob, /* in */
32*723e4046Schristos TPM_AUTH * pAuth, /* in, out */
33*723e4046Schristos TCS_KEY_HANDLE * phKeyTCSI, /* out */
34*723e4046Schristos TCS_KEY_HANDLE * phKeyHMAC) /* out */
35*723e4046Schristos {
36*723e4046Schristos return LoadKeyByBlob_Internal(TPM_ORD_LoadKey, hContext, hUnwrappingKey,
37*723e4046Schristos cWrappedKeyBlobSize, rgbWrappedKeyBlob, pAuth, phKeyTCSI,
38*723e4046Schristos phKeyHMAC);
39*723e4046Schristos }
40*723e4046Schristos
41*723e4046Schristos TSS_RESULT
TCSP_LoadKey2ByBlob_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hUnwrappingKey,UINT32 cWrappedKeyBlobSize,BYTE * rgbWrappedKeyBlob,TPM_AUTH * pAuth,TCS_KEY_HANDLE * phKeyTCSI)42*723e4046Schristos TCSP_LoadKey2ByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
43*723e4046Schristos TCS_KEY_HANDLE hUnwrappingKey, /* in */
44*723e4046Schristos UINT32 cWrappedKeyBlobSize, /* in */
45*723e4046Schristos BYTE * rgbWrappedKeyBlob, /* in */
46*723e4046Schristos TPM_AUTH * pAuth, /* in, out */
47*723e4046Schristos TCS_KEY_HANDLE * phKeyTCSI) /* out */
48*723e4046Schristos {
49*723e4046Schristos return LoadKeyByBlob_Internal(TPM_ORD_LoadKey2, hContext, hUnwrappingKey,
50*723e4046Schristos cWrappedKeyBlobSize, rgbWrappedKeyBlob, pAuth, phKeyTCSI,
51*723e4046Schristos NULL);
52*723e4046Schristos }
53*723e4046Schristos
54*723e4046Schristos TSS_RESULT
LoadKeyByBlob_Internal(UINT32 ord,TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hUnwrappingKey,UINT32 cWrappedKeyBlobSize,BYTE * rgbWrappedKeyBlob,TPM_AUTH * pAuth,TCS_KEY_HANDLE * phKeyTCSI,TCS_KEY_HANDLE * phKeyHMAC)55*723e4046Schristos LoadKeyByBlob_Internal(UINT32 ord, /* The ordinal to use, LoadKey or LoadKey2 */
56*723e4046Schristos TCS_CONTEXT_HANDLE hContext, /* in */
57*723e4046Schristos TCS_KEY_HANDLE hUnwrappingKey, /* in */
58*723e4046Schristos UINT32 cWrappedKeyBlobSize, /* in */
59*723e4046Schristos BYTE * rgbWrappedKeyBlob, /* in */
60*723e4046Schristos TPM_AUTH * pAuth, /* in, out */
61*723e4046Schristos TCS_KEY_HANDLE * phKeyTCSI, /* out */
62*723e4046Schristos TCS_KEY_HANDLE * phKeyHMAC) /* out */
63*723e4046Schristos {
64*723e4046Schristos UINT64 offset;
65*723e4046Schristos TSS_RESULT result;
66*723e4046Schristos UINT32 paramSize;
67*723e4046Schristos TPM_KEY_HANDLE parentSlot, newSlot;
68*723e4046Schristos TCS_KEY_HANDLE newHandle = NULL_TCS_HANDLE;
69*723e4046Schristos TSS_BOOL canLoad;
70*723e4046Schristos TSS_KEY key;
71*723e4046Schristos BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
72*723e4046Schristos
73*723e4046Schristos if ((result = ctx_verify_context(hContext)))
74*723e4046Schristos return result;
75*723e4046Schristos
76*723e4046Schristos LogDebugFn("Enter");
77*723e4046Schristos LogDebugUnrollKey(rgbWrappedKeyBlob);
78*723e4046Schristos
79*723e4046Schristos if ((result = get_slot(hContext, hUnwrappingKey, &parentSlot)))
80*723e4046Schristos return result;
81*723e4046Schristos
82*723e4046Schristos offset = 0;
83*723e4046Schristos memset(&key, 0, sizeof(TSS_KEY));
84*723e4046Schristos if ((result = UnloadBlob_TSS_KEY(&offset, rgbWrappedKeyBlob, &key)))
85*723e4046Schristos return result;
86*723e4046Schristos
87*723e4046Schristos if (!pAuth) {
88*723e4046Schristos LogDebugFn("Checking if LoadKeyByBlob can be avoided by using existing key");
89*723e4046Schristos
90*723e4046Schristos if ((newHandle = mc_get_handle_by_pub(&key.pubKey, hUnwrappingKey))) {
91*723e4046Schristos LogDebugFn("tcs key handle exists");
92*723e4046Schristos
93*723e4046Schristos newSlot = mc_get_slot_by_handle(newHandle);
94*723e4046Schristos if (newSlot && (isKeyLoaded(newSlot) == TRUE)) {
95*723e4046Schristos LogDebugFn("Don't need to reload this key.");
96*723e4046Schristos *phKeyTCSI = newHandle;
97*723e4046Schristos if (phKeyHMAC)
98*723e4046Schristos *phKeyHMAC = newSlot;
99*723e4046Schristos return TSS_SUCCESS;
100*723e4046Schristos }
101*723e4046Schristos }
102*723e4046Schristos }
103*723e4046Schristos
104*723e4046Schristos LogDebugFn("calling canILoadThisKey");
105*723e4046Schristos if ((result = canILoadThisKey(&(key.algorithmParms), &canLoad)))
106*723e4046Schristos goto error;
107*723e4046Schristos
108*723e4046Schristos if (canLoad == FALSE) {
109*723e4046Schristos LogDebugFn("calling evictFirstKey");
110*723e4046Schristos /* Evict a key that isn't the parent */
111*723e4046Schristos if ((result = evictFirstKey(hUnwrappingKey)))
112*723e4046Schristos goto error;
113*723e4046Schristos }
114*723e4046Schristos
115*723e4046Schristos offset = 0;
116*723e4046Schristos if ((result = tpm_rqu_build(ord, &offset, txBlob, parentSlot, cWrappedKeyBlobSize,
117*723e4046Schristos rgbWrappedKeyBlob, pAuth, NULL)))
118*723e4046Schristos goto error;
119*723e4046Schristos
120*723e4046Schristos LogDebugFn("Submitting request to the TPM");
121*723e4046Schristos if ((result = req_mgr_submit_req(txBlob)))
122*723e4046Schristos goto error;
123*723e4046Schristos
124*723e4046Schristos if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
125*723e4046Schristos LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
126*723e4046Schristos goto error;
127*723e4046Schristos }
128*723e4046Schristos
129*723e4046Schristos if ((result = tpm_rsp_parse(ord, txBlob, paramSize, &newSlot, pAuth)))
130*723e4046Schristos goto error;
131*723e4046Schristos
132*723e4046Schristos if ((result = load_key_final(hContext, hUnwrappingKey, &newHandle, rgbWrappedKeyBlob,
133*723e4046Schristos newSlot)))
134*723e4046Schristos goto error;
135*723e4046Schristos
136*723e4046Schristos /* Setup the outHandles */
137*723e4046Schristos *phKeyTCSI = newHandle;
138*723e4046Schristos if (phKeyHMAC)
139*723e4046Schristos *phKeyHMAC = newSlot;
140*723e4046Schristos
141*723e4046Schristos LogDebugFn("Key handles for loadKeyByBlob slot:%.8X tcshandle:%.8X", newSlot, newHandle);
142*723e4046Schristos error:
143*723e4046Schristos auth_mgr_release_auth(pAuth, NULL, hContext);
144*723e4046Schristos return result;
145*723e4046Schristos }
146*723e4046Schristos
147*723e4046Schristos TSS_RESULT
TCSP_EvictKey_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hKey)148*723e4046Schristos TCSP_EvictKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
149*723e4046Schristos TCS_KEY_HANDLE hKey) /* in */
150*723e4046Schristos {
151*723e4046Schristos TSS_RESULT result;
152*723e4046Schristos TCPA_KEY_HANDLE tpm_handle;
153*723e4046Schristos
154*723e4046Schristos if ((result = ctx_verify_context(hContext)))
155*723e4046Schristos return result;
156*723e4046Schristos
157*723e4046Schristos tpm_handle = mc_get_slot_by_handle(hKey);
158*723e4046Schristos if (tpm_handle == NULL_TPM_HANDLE)
159*723e4046Schristos return TSS_SUCCESS; /*let's call this success if the key is already evicted */
160*723e4046Schristos
161*723e4046Schristos if ((result = internal_EvictByKeySlot(tpm_handle)))
162*723e4046Schristos return result;
163*723e4046Schristos
164*723e4046Schristos result = mc_set_slot_by_slot(tpm_handle, NULL_TPM_HANDLE);
165*723e4046Schristos
166*723e4046Schristos return result;
167*723e4046Schristos }
168*723e4046Schristos
169*723e4046Schristos TSS_RESULT
TCSP_CreateWrapKey_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hWrappingKey,TCPA_ENCAUTH KeyUsageAuth,TCPA_ENCAUTH KeyMigrationAuth,UINT32 keyInfoSize,BYTE * keyInfo,UINT32 * keyDataSize,BYTE ** keyData,TPM_AUTH * pAuth)170*723e4046Schristos TCSP_CreateWrapKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
171*723e4046Schristos TCS_KEY_HANDLE hWrappingKey, /* in */
172*723e4046Schristos TCPA_ENCAUTH KeyUsageAuth, /* in */
173*723e4046Schristos TCPA_ENCAUTH KeyMigrationAuth, /* in */
174*723e4046Schristos UINT32 keyInfoSize, /* in */
175*723e4046Schristos BYTE * keyInfo, /* in */
176*723e4046Schristos UINT32 * keyDataSize, /* out */
177*723e4046Schristos BYTE ** keyData, /* out */
178*723e4046Schristos TPM_AUTH * pAuth) /* in, out */
179*723e4046Schristos {
180*723e4046Schristos UINT64 offset = 0;
181*723e4046Schristos UINT32 paramSize;
182*723e4046Schristos TSS_RESULT result;
183*723e4046Schristos TCPA_KEY_HANDLE parentSlot;
184*723e4046Schristos BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
185*723e4046Schristos
186*723e4046Schristos LogDebug("Entering Create Wrap Key");
187*723e4046Schristos
188*723e4046Schristos if ((result = ctx_verify_context(hContext)))
189*723e4046Schristos goto done;
190*723e4046Schristos
191*723e4046Schristos if (pAuth) {
192*723e4046Schristos if ((result = auth_mgr_check(hContext, &pAuth->AuthHandle)))
193*723e4046Schristos goto done;
194*723e4046Schristos }
195*723e4046Schristos
196*723e4046Schristos /* Since hWrappingKey must already be loaded, we can fail immediately if
197*723e4046Schristos * mc_get_slot_by_handle_lock() fails.*/
198*723e4046Schristos parentSlot = mc_get_slot_by_handle_lock(hWrappingKey);
199*723e4046Schristos if (parentSlot == NULL_TPM_HANDLE) {
200*723e4046Schristos result = TCSERR(TSS_E_FAIL);
201*723e4046Schristos goto done;
202*723e4046Schristos }
203*723e4046Schristos
204*723e4046Schristos if ((result = tpm_rqu_build(TPM_ORD_CreateWrapKey, &offset, txBlob, parentSlot,
205*723e4046Schristos KeyUsageAuth.authdata, KeyMigrationAuth.authdata, keyInfoSize,
206*723e4046Schristos keyInfo, pAuth)))
207*723e4046Schristos goto done;
208*723e4046Schristos
209*723e4046Schristos if ((result = req_mgr_submit_req(txBlob)))
210*723e4046Schristos goto done;
211*723e4046Schristos
212*723e4046Schristos result = UnloadBlob_Header(txBlob, ¶mSize);
213*723e4046Schristos if (!result) {
214*723e4046Schristos result = tpm_rsp_parse(TPM_ORD_CreateWrapKey, txBlob, paramSize, keyDataSize,
215*723e4046Schristos keyData, pAuth);
216*723e4046Schristos }
217*723e4046Schristos LogResult("Create Wrap Key", result);
218*723e4046Schristos
219*723e4046Schristos done:
220*723e4046Schristos auth_mgr_release_auth(pAuth, NULL, hContext);
221*723e4046Schristos return result;
222*723e4046Schristos }
223*723e4046Schristos
224*723e4046Schristos TSS_RESULT
TCSP_GetPubKey_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hKey,TPM_AUTH * pAuth,UINT32 * pcPubKeySize,BYTE ** prgbPubKey)225*723e4046Schristos TCSP_GetPubKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
226*723e4046Schristos TCS_KEY_HANDLE hKey, /* in */
227*723e4046Schristos TPM_AUTH * pAuth, /* in, out */
228*723e4046Schristos UINT32 * pcPubKeySize, /* out */
229*723e4046Schristos BYTE ** prgbPubKey) /* out */
230*723e4046Schristos {
231*723e4046Schristos UINT64 offset = 0;
232*723e4046Schristos UINT32 paramSize;
233*723e4046Schristos TSS_RESULT result;
234*723e4046Schristos TCPA_KEY_HANDLE keySlot;
235*723e4046Schristos BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
236*723e4046Schristos
237*723e4046Schristos LogDebug("Entering Get pub key");
238*723e4046Schristos if ((result = ctx_verify_context(hContext)))
239*723e4046Schristos goto done;
240*723e4046Schristos
241*723e4046Schristos if (pAuth != NULL) {
242*723e4046Schristos LogDebug("Auth Used");
243*723e4046Schristos if ((result = auth_mgr_check(hContext, &pAuth->AuthHandle)))
244*723e4046Schristos goto done;
245*723e4046Schristos } else {
246*723e4046Schristos LogDebug("No Auth");
247*723e4046Schristos }
248*723e4046Schristos
249*723e4046Schristos if (ensureKeyIsLoaded(hContext, hKey, &keySlot)) {
250*723e4046Schristos result = TCSERR(TCS_E_KM_LOADFAILED);
251*723e4046Schristos goto done;
252*723e4046Schristos }
253*723e4046Schristos
254*723e4046Schristos LogDebug("GetPubKey: handle: 0x%x, slot: 0x%x", hKey, keySlot);
255*723e4046Schristos if ((result = tpm_rqu_build(TPM_ORD_GetPubKey, &offset, txBlob, keySlot, pAuth)))
256*723e4046Schristos goto done;
257*723e4046Schristos
258*723e4046Schristos if ((result = req_mgr_submit_req(txBlob)))
259*723e4046Schristos goto done;
260*723e4046Schristos
261*723e4046Schristos offset = 10;
262*723e4046Schristos result = UnloadBlob_Header(txBlob, ¶mSize);
263*723e4046Schristos
264*723e4046Schristos if (!result) {
265*723e4046Schristos result = tpm_rsp_parse(TPM_ORD_GetPubKey, txBlob, paramSize, pcPubKeySize,
266*723e4046Schristos prgbPubKey, pAuth);
267*723e4046Schristos }
268*723e4046Schristos LogResult("Get Public Key", result);
269*723e4046Schristos done:
270*723e4046Schristos auth_mgr_release_auth(pAuth, NULL, hContext);
271*723e4046Schristos return result;
272*723e4046Schristos }
273*723e4046Schristos
274*723e4046Schristos TSS_RESULT
TCSP_OwnerReadInternalPub_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hKey,TPM_AUTH * pOwnerAuth,UINT32 * punPubKeySize,BYTE ** ppbPubKeyData)275*723e4046Schristos TCSP_OwnerReadInternalPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
276*723e4046Schristos TCS_KEY_HANDLE hKey, /* in */
277*723e4046Schristos TPM_AUTH * pOwnerAuth, /* in, out */
278*723e4046Schristos UINT32 * punPubKeySize, /* out */
279*723e4046Schristos BYTE ** ppbPubKeyData) /* out */
280*723e4046Schristos {
281*723e4046Schristos UINT64 offset = 0;
282*723e4046Schristos UINT32 paramSize;
283*723e4046Schristos TSS_RESULT result;
284*723e4046Schristos BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
285*723e4046Schristos
286*723e4046Schristos LogDebug("Entering OwnerReadInternalPub");
287*723e4046Schristos if ((result = ctx_verify_context(hContext)))
288*723e4046Schristos goto done;
289*723e4046Schristos
290*723e4046Schristos LogDebug("OwnerReadInternalPub: handle: 0x%x", hKey);
291*723e4046Schristos if (hKey != TPM_KH_SRK && hKey != TPM_KH_EK) {
292*723e4046Schristos result = TCSERR(TSS_E_FAIL);
293*723e4046Schristos LogDebug("OwnerReadInternalPub - Unsupported Key Handle");
294*723e4046Schristos goto done;
295*723e4046Schristos }
296*723e4046Schristos
297*723e4046Schristos if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
298*723e4046Schristos goto done;
299*723e4046Schristos
300*723e4046Schristos if ((result = tpm_rqu_build(TPM_ORD_OwnerReadInternalPub, &offset, txBlob, hKey,
301*723e4046Schristos pOwnerAuth)))
302*723e4046Schristos goto done;
303*723e4046Schristos
304*723e4046Schristos if ((result = req_mgr_submit_req(txBlob)))
305*723e4046Schristos goto done;
306*723e4046Schristos
307*723e4046Schristos result = UnloadBlob_Header(txBlob, ¶mSize);
308*723e4046Schristos if (!result) {
309*723e4046Schristos result = tpm_rsp_parse(TPM_ORD_OwnerReadInternalPub, txBlob, paramSize,
310*723e4046Schristos punPubKeySize, ppbPubKeyData, pOwnerAuth);
311*723e4046Schristos }
312*723e4046Schristos LogResult("OwnerReadInternalPub", result);
313*723e4046Schristos done:
314*723e4046Schristos auth_mgr_release_auth(pOwnerAuth, NULL, hContext);
315*723e4046Schristos return result;
316*723e4046Schristos }
317*723e4046Schristos
318*723e4046Schristos TSS_RESULT
TCSP_KeyControlOwner_Internal(TCS_CONTEXT_HANDLE hContext,TCS_KEY_HANDLE hTcsKey,UINT32 ulPubKeyLength,BYTE * rgbPubKey,UINT32 attribName,TSS_BOOL attribValue,TPM_AUTH * pOwnerAuth,TSS_UUID * pUuidData)319*723e4046Schristos TCSP_KeyControlOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
320*723e4046Schristos TCS_KEY_HANDLE hTcsKey, /* in */
321*723e4046Schristos UINT32 ulPubKeyLength, /* in */
322*723e4046Schristos BYTE* rgbPubKey, /* in */
323*723e4046Schristos UINT32 attribName, /* in */
324*723e4046Schristos TSS_BOOL attribValue, /* in */
325*723e4046Schristos TPM_AUTH* pOwnerAuth, /* in,out */
326*723e4046Schristos TSS_UUID* pUuidData) /* out */
327*723e4046Schristos {
328*723e4046Schristos UINT64 offset = 0;
329*723e4046Schristos UINT32 paramSize;
330*723e4046Schristos TSS_RESULT result;
331*723e4046Schristos TPM_KEY_HANDLE hTpmKey;
332*723e4046Schristos BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
333*723e4046Schristos
334*723e4046Schristos LogDebugFn("Enter");
335*723e4046Schristos if ((result = ctx_verify_context(hContext))) {
336*723e4046Schristos LogDebug("Invalid TSS Context");
337*723e4046Schristos goto done;
338*723e4046Schristos }
339*723e4046Schristos
340*723e4046Schristos if ((result = get_slot_lite(hContext, hTcsKey, &hTpmKey))) {
341*723e4046Schristos LogDebug("Can't get TPM Keyhandle for TCS key 0x%x", hTcsKey);
342*723e4046Schristos goto done;
343*723e4046Schristos }
344*723e4046Schristos LogDebugFn("TCS hKey=0x%x, TPM hKey=0x%x", hTcsKey, hTpmKey);
345*723e4046Schristos
346*723e4046Schristos if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle))) {
347*723e4046Schristos LogDebug("Owner Authentication failed");
348*723e4046Schristos goto done;
349*723e4046Schristos }
350*723e4046Schristos
351*723e4046Schristos if ((result = mc_find_next_ownerevict_uuid(pUuidData))) {
352*723e4046Schristos LogDebugFn("mc_find_next_ownerevict_uuid failed: rc=0x%x", result);
353*723e4046Schristos goto done;
354*723e4046Schristos }
355*723e4046Schristos
356*723e4046Schristos if ((result = tpm_rqu_build(TPM_ORD_KeyControlOwner, &offset, txBlob, hTpmKey,
357*723e4046Schristos ulPubKeyLength, rgbPubKey, attribName, attribValue,
358*723e4046Schristos pOwnerAuth))) {
359*723e4046Schristos LogDebugFn("rqu build failed");
360*723e4046Schristos goto done;
361*723e4046Schristos }
362*723e4046Schristos
363*723e4046Schristos if ((result = req_mgr_submit_req(txBlob))) {
364*723e4046Schristos LogDebugFn("Request submission failed");
365*723e4046Schristos goto done;
366*723e4046Schristos }
367*723e4046Schristos
368*723e4046Schristos if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
369*723e4046Schristos LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
370*723e4046Schristos goto done;
371*723e4046Schristos }
372*723e4046Schristos
373*723e4046Schristos if ((result = tpm_rsp_parse(TPM_ORD_KeyControlOwner, txBlob, paramSize, pOwnerAuth))) {
374*723e4046Schristos LogDebugFn("tpm_rsp_parse failed: rc=0x%x", result);
375*723e4046Schristos goto done;
376*723e4046Schristos }
377*723e4046Schristos
378*723e4046Schristos if ((result = mc_set_uuid(hTcsKey, pUuidData))){
379*723e4046Schristos LogDebugFn("mc_set_uuid failed: rc=0x%x", result);
380*723e4046Schristos goto done;
381*723e4046Schristos }
382*723e4046Schristos
383*723e4046Schristos LogResult("KeyControlOwner", result);
384*723e4046Schristos done:
385*723e4046Schristos auth_mgr_release_auth(pOwnerAuth, NULL, hContext);
386*723e4046Schristos return result;
387*723e4046Schristos }
388*723e4046Schristos
389