1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2007 8 * 9 */ 10 11#include <stdlib.h> 12#include <stdio.h> 13#include <syslog.h> 14#include <string.h> 15#include <netdb.h> 16 17#include "trousers/tss.h" 18#include "trousers_types.h" 19#include "tcs_tsp.h" 20#include "tcs_utils.h" 21#include "tcs_int_literals.h" 22#include "capabilities.h" 23#include "tcslog.h" 24#include "tcsd_wrap.h" 25#include "tcsd.h" 26#include "tcs_utils.h" 27#include "rpc_tcstp_tcs.h" 28 29 30TSS_RESULT 31tcs_wrap_CreateEndorsementKeyPair(struct tcsd_thread_data *data) 32{ 33 TCS_CONTEXT_HANDLE hContext; 34 TCPA_NONCE antiReplay; 35 UINT32 eKPtrSize; 36 BYTE *eKPtr; 37 UINT32 eKSize; 38 BYTE* eK; 39 TCPA_DIGEST checksum; 40 TSS_RESULT result; 41 42 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 43 return TCSERR(TSS_E_INTERNAL_ERROR); 44 45 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 46 47 if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) 48 return TCSERR(TSS_E_INTERNAL_ERROR); 49 50 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm)) 51 return TCSERR(TSS_E_INTERNAL_ERROR); 52 53 eKPtr = calloc(1, eKPtrSize); 54 if (eKPtr == NULL) { 55 LogError("malloc of %u bytes failed.", eKPtrSize); 56 return TCSERR(TSS_E_OUTOFMEMORY); 57 } 58 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) { 59 free(eKPtr); 60 return TCSERR(TSS_E_INTERNAL_ERROR); 61 } 62 63 MUTEX_LOCK(tcsp_lock); 64 65 result = TCSP_CreateEndorsementKeyPair_Internal(hContext, antiReplay, eKPtrSize, eKPtr, 66 &eKSize, &eK, &checksum); 67 68 MUTEX_UNLOCK(tcsp_lock); 69 70 free(eKPtr); 71 72 if (result == TSS_SUCCESS) { 73 initData(&data->comm, 3); 74 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eKSize, 0, &data->comm)) { 75 free(eK); 76 return TCSERR(TSS_E_INTERNAL_ERROR); 77 } 78 if (setData(TCSD_PACKET_TYPE_PBYTE, 1, eK, eKSize, &data->comm)) { 79 free(eK); 80 return TCSERR(TSS_E_INTERNAL_ERROR); 81 } 82 free(eK); 83 if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) { 84 return TCSERR(TSS_E_INTERNAL_ERROR); 85 } 86 } else 87 initData(&data->comm, 0); 88 89 data->comm.hdr.u.result = result; 90 return TSS_SUCCESS; 91} 92 93TSS_RESULT 94tcs_wrap_ReadPubek(struct tcsd_thread_data *data) 95{ 96 TCS_CONTEXT_HANDLE hContext; 97 TCPA_NONCE antiReplay; 98 UINT32 pubEKSize; 99 BYTE *pubEK; 100 TCPA_DIGEST checksum; 101 TSS_RESULT result; 102 103 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 104 return TCSERR(TSS_E_INTERNAL_ERROR); 105 106 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 107 108 if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) 109 return TCSERR(TSS_E_INTERNAL_ERROR); 110 111 MUTEX_LOCK(tcsp_lock); 112 113 result = TCSP_ReadPubek_Internal(hContext, antiReplay, &pubEKSize, &pubEK, &checksum); 114 115 MUTEX_UNLOCK(tcsp_lock); 116 117 if (result == TSS_SUCCESS) { 118 initData(&data->comm, 3); 119 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pubEKSize, 0, &data->comm)) { 120 free(pubEK); 121 return TCSERR(TSS_E_INTERNAL_ERROR); 122 } 123 if (setData(TCSD_PACKET_TYPE_PBYTE, 1, pubEK, pubEKSize, &data->comm)) { 124 free(pubEK); 125 return TCSERR(TSS_E_INTERNAL_ERROR); 126 } 127 free(pubEK); 128 if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) { 129 return TCSERR(TSS_E_INTERNAL_ERROR); 130 } 131 } else 132 initData(&data->comm, 0); 133 134 data->comm.hdr.u.result = result; 135 return TSS_SUCCESS; 136} 137 138TSS_RESULT 139tcs_wrap_OwnerReadPubek(struct tcsd_thread_data *data) 140{ 141 TCS_CONTEXT_HANDLE hContext; 142 UINT32 pubEKSize; 143 BYTE *pubEK; 144 TSS_RESULT result; 145 TPM_AUTH auth; 146 147 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 148 return TCSERR(TSS_E_INTERNAL_ERROR); 149 150 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 151 152 if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) 153 return TCSERR(TSS_E_INTERNAL_ERROR); 154 155 MUTEX_LOCK(tcsp_lock); 156 157 result = TCSP_OwnerReadPubek_Internal(hContext, &auth, &pubEKSize, &pubEK); 158 159 MUTEX_UNLOCK(tcsp_lock); 160 161 if (result == TSS_SUCCESS) { 162 initData(&data->comm, 3); 163 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { 164 free(pubEK); 165 return TCSERR(TSS_E_INTERNAL_ERROR); 166 } 167 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &pubEKSize, 0, &data->comm)) { 168 free(pubEK); 169 return TCSERR(TSS_E_INTERNAL_ERROR); 170 } 171 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, pubEK, pubEKSize, &data->comm)) { 172 free(pubEK); 173 return TCSERR(TSS_E_INTERNAL_ERROR); 174 } 175 free(pubEK); 176 } else 177 initData(&data->comm, 0); 178 179 data->comm.hdr.u.result = result; 180 return TSS_SUCCESS; 181} 182 183TSS_RESULT 184tcs_wrap_DisablePubekRead(struct tcsd_thread_data *data) 185{ 186 TCS_CONTEXT_HANDLE hContext; 187 TSS_RESULT result; 188 TPM_AUTH auth; 189 190 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 191 return TCSERR(TSS_E_INTERNAL_ERROR); 192 193 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 194 195 if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) 196 return TCSERR(TSS_E_INTERNAL_ERROR); 197 198 MUTEX_LOCK(tcsp_lock); 199 200 result = TCSP_DisablePubekRead_Internal(hContext, &auth); 201 202 MUTEX_UNLOCK(tcsp_lock); 203 204 if (result == TSS_SUCCESS) { 205 initData(&data->comm, 1); 206 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { 207 return TCSERR(TSS_E_INTERNAL_ERROR); 208 } 209 } else 210 initData(&data->comm, 0); 211 212 data->comm.hdr.u.result = result; 213 return TSS_SUCCESS; 214} 215 216#ifdef TSS_BUILD_TSS12 217TSS_RESULT 218tcs_wrap_CreateRevocableEndorsementKeyPair(struct tcsd_thread_data *data) 219{ 220 TCS_CONTEXT_HANDLE hContext; 221 TPM_NONCE antiReplay; 222 UINT32 eKPtrSize; 223 BYTE *eKPtr; 224 TSS_BOOL genResetAuth; 225 TPM_DIGEST eKResetAuth; 226 UINT32 eKSize; 227 BYTE* eK; 228 TPM_DIGEST checksum; 229 TSS_RESULT result; 230 231 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 232 return TCSERR(TSS_E_INTERNAL_ERROR); 233 234 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 235 236 if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) 237 return TCSERR(TSS_E_INTERNAL_ERROR); 238 239 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm)) 240 return TCSERR(TSS_E_INTERNAL_ERROR); 241 242 eKPtr = calloc(1, eKPtrSize); 243 if (eKPtr == NULL) { 244 LogError("malloc of %d bytes failed.", eKPtrSize); 245 return TCSERR(TSS_E_OUTOFMEMORY); 246 } 247 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) { 248 free(eKPtr); 249 return TCSERR(TSS_E_INTERNAL_ERROR); 250 } 251 252 if (getData(TCSD_PACKET_TYPE_BOOL, 4, &genResetAuth, 0, &data->comm)) { 253 free(eKPtr); 254 return TCSERR(TSS_E_INTERNAL_ERROR); 255 } 256 257 if (getData(TCSD_PACKET_TYPE_DIGEST, 5, &eKResetAuth, 0, &data->comm)) { 258 free(eKPtr); 259 return TCSERR(TSS_E_INTERNAL_ERROR); 260 } 261 262 MUTEX_LOCK(tcsp_lock); 263 264 result = TCSP_CreateRevocableEndorsementKeyPair_Internal(hContext, antiReplay, 265 eKPtrSize, eKPtr, genResetAuth, &eKResetAuth, &eKSize, &eK, &checksum); 266 267 MUTEX_UNLOCK(tcsp_lock); 268 269 free(eKPtr); 270 271 if (result == TSS_SUCCESS) { 272 initData(&data->comm, 4); 273 if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &eKResetAuth, 0, &data->comm)) { 274 free(eK); 275 return TCSERR(TSS_E_INTERNAL_ERROR); 276 } 277 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &eKSize, 0, &data->comm)) { 278 free(eK); 279 return TCSERR(TSS_E_INTERNAL_ERROR); 280 } 281 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, eK, eKSize, &data->comm)) { 282 free(eK); 283 return TCSERR(TSS_E_INTERNAL_ERROR); 284 } 285 free(eK); 286 if (setData(TCSD_PACKET_TYPE_DIGEST, 3, &checksum, 0, &data->comm)) { 287 return TCSERR(TSS_E_INTERNAL_ERROR); 288 } 289 } else 290 initData(&data->comm, 0); 291 292 data->comm.hdr.u.result = result; 293 294 return TSS_SUCCESS; 295} 296 297TSS_RESULT 298tcs_wrap_RevokeEndorsementKeyPair(struct tcsd_thread_data *data) 299{ 300 TCS_CONTEXT_HANDLE hContext; 301 TPM_DIGEST eKResetAuth; 302 TSS_RESULT result; 303 304 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 305 return TCSERR(TSS_E_INTERNAL_ERROR); 306 307 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 308 309 if (getData(TCSD_PACKET_TYPE_DIGEST, 1, &eKResetAuth, 0, &data->comm)) 310 return TCSERR(TSS_E_INTERNAL_ERROR); 311 312 MUTEX_LOCK(tcsp_lock); 313 314 result = TCSP_RevokeEndorsementKeyPair_Internal(hContext, eKResetAuth); 315 316 MUTEX_UNLOCK(tcsp_lock); 317 318 initData(&data->comm, 0); 319 320 data->comm.hdr.u.result = result; 321 322 return TSS_SUCCESS; 323} 324#endif 325