1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2006 8 * 9 */ 10 11#include <stdlib.h> 12#include <stdio.h> 13#include <syslog.h> 14#include <string.h> 15#include <netdb.h> 16 17#include "trousers/tss.h" 18#include "trousers_types.h" 19#include "tcs_tsp.h" 20#include "tcs_utils.h" 21#include "tcs_int_literals.h" 22#include "capabilities.h" 23#include "tcslog.h" 24#include "tcsd_wrap.h" 25#include "tcsd.h" 26#include "tcs_utils.h" 27#include "rpc_tcstp_tcs.h" 28 29 30TSS_RESULT 31tcs_wrap_CreateMigrationBlob(struct tcsd_thread_data *data) 32{ 33 TCS_CONTEXT_HANDLE hContext; 34 TSS_RESULT result; 35 TCS_KEY_HANDLE parentHandle; 36 TSS_MIGRATE_SCHEME migrationType; 37 UINT32 MigrationKeyAuthSize, encDataSize, randomSize, outDataSize; 38 BYTE *MigrationKeyAuth, *encData, *random, *outData; 39 TPM_AUTH auth1, auth2, *pParentAuth, *pEntityAuth; 40 UINT32 i; 41 42 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 43 return TCSERR(TSS_E_INTERNAL_ERROR); 44 45 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 46 47 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) 48 return TCSERR(TSS_E_INTERNAL_ERROR); 49 if (getData(TCSD_PACKET_TYPE_UINT16, 2, &migrationType, 0, &data->comm)) 50 return TCSERR(TSS_E_INTERNAL_ERROR); 51 52 if (getData(TCSD_PACKET_TYPE_UINT32, 3, &MigrationKeyAuthSize, 0, &data->comm)) 53 return TCSERR(TSS_E_INTERNAL_ERROR); 54 55 MigrationKeyAuth = (BYTE *)malloc(MigrationKeyAuthSize); 56 if (MigrationKeyAuth == NULL) { 57 LogError("malloc of %d bytes failed.", MigrationKeyAuthSize); 58 return TCSERR(TSS_E_INTERNAL_ERROR); 59 } 60 if (getData(TCSD_PACKET_TYPE_PBYTE, 4, MigrationKeyAuth, MigrationKeyAuthSize, &data->comm)) { 61 free(MigrationKeyAuth); 62 return TCSERR(TSS_E_INTERNAL_ERROR); 63 } 64 65 if (getData(TCSD_PACKET_TYPE_UINT32, 5, &encDataSize, 0, &data->comm)) { 66 free(MigrationKeyAuth); 67 return TCSERR(TSS_E_INTERNAL_ERROR); 68 } 69 70 encData = (BYTE *)malloc(encDataSize); 71 if (encData == NULL) { 72 free(MigrationKeyAuth); 73 LogError("malloc of %d bytes failed.", encDataSize); 74 return TCSERR(TSS_E_INTERNAL_ERROR); 75 } 76 if (getData(TCSD_PACKET_TYPE_PBYTE, 6, encData, encDataSize, &data->comm)) { 77 free(MigrationKeyAuth); 78 free(encData); 79 return TCSERR(TSS_E_INTERNAL_ERROR); 80 } 81 82 if (getData(TCSD_PACKET_TYPE_AUTH, 7, &auth1, 0, &data->comm)) { 83 free(MigrationKeyAuth); 84 free(encData); 85 return TCSERR(TSS_E_INTERNAL_ERROR); 86 } 87 88 if (getData(TCSD_PACKET_TYPE_AUTH, 8, &auth2, 0, &data->comm)) { 89 /* If loading the 2nd auth fails, the first one was entity auth */ 90 pParentAuth = NULL; 91 pEntityAuth = &auth1; 92 } else { 93 /* If loading the 2nd auth succeeds, the first one was parent auth */ 94 pParentAuth = &auth1; 95 pEntityAuth = &auth2; 96 } 97 98 MUTEX_LOCK(tcsp_lock); 99 100 result = TCSP_CreateMigrationBlob_Internal(hContext, parentHandle, migrationType, 101 MigrationKeyAuthSize, MigrationKeyAuth, 102 encDataSize, encData, pParentAuth, pEntityAuth, 103 &randomSize, &random, &outDataSize, &outData); 104 105 MUTEX_UNLOCK(tcsp_lock); 106 107 free(MigrationKeyAuth); 108 free(encData); 109 if (result == TSS_SUCCESS) { 110 i = 0; 111 initData(&data->comm, 6); 112 if (pParentAuth) { 113 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) { 114 free(random); 115 free(outData); 116 return TCSERR(TSS_E_INTERNAL_ERROR); 117 } 118 } 119 120 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pEntityAuth, 0, &data->comm)) { 121 free(random); 122 free(outData); 123 return TCSERR(TSS_E_INTERNAL_ERROR); 124 } 125 126 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &randomSize, 0, &data->comm)) { 127 free(random); 128 free(outData); 129 return TCSERR(TSS_E_INTERNAL_ERROR); 130 } 131 if (randomSize > 0) { 132 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, random, randomSize, &data->comm)) { 133 free(random); 134 free(outData); 135 return TCSERR(TSS_E_INTERNAL_ERROR); 136 } 137 } 138 139 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { 140 free(random); 141 free(outData); 142 return TCSERR(TSS_E_INTERNAL_ERROR); 143 } 144 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { 145 free(random); 146 free(outData); 147 return TCSERR(TSS_E_INTERNAL_ERROR); 148 } 149 150 free(random); 151 free(outData); 152 } else 153 initData(&data->comm, 0); 154 155 data->comm.hdr.u.result = result; 156 157 return TSS_SUCCESS; 158} 159 160TSS_RESULT 161tcs_wrap_ConvertMigrationBlob(struct tcsd_thread_data *data) 162{ 163 TCS_CONTEXT_HANDLE hContext; 164 TSS_RESULT result; 165 TCS_KEY_HANDLE parentHandle; 166 UINT32 outDataSize, randomSize, inDataSize; 167 BYTE *outData, *random, *inData; 168 TPM_AUTH parentAuth, *pParentAuth; 169 UINT32 i; 170 171 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 172 return TCSERR(TSS_E_INTERNAL_ERROR); 173 174 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 175 176 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) 177 return TCSERR(TSS_E_INTERNAL_ERROR); 178 179 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm)) 180 return TCSERR(TSS_E_INTERNAL_ERROR); 181 182 inData = (BYTE *)malloc(inDataSize); 183 if (inData == NULL) { 184 LogError("malloc of %d bytes failed.", inDataSize); 185 return TCSERR(TSS_E_INTERNAL_ERROR); 186 } 187 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) { 188 free(inData); 189 return TCSERR(TSS_E_INTERNAL_ERROR); 190 } 191 192 if (getData(TCSD_PACKET_TYPE_UINT32, 4, &randomSize, 0, &data->comm)) { 193 free(inData); 194 return TCSERR(TSS_E_INTERNAL_ERROR); 195 } 196 197 random = (BYTE *)malloc(randomSize); 198 if (random == NULL) { 199 free(inData); 200 LogError("malloc of %d bytes failed.", randomSize); 201 return TCSERR(TSS_E_INTERNAL_ERROR); 202 } 203 if (getData(TCSD_PACKET_TYPE_PBYTE, 5, random, randomSize, &data->comm)) { 204 free(inData); 205 free(random); 206 return TCSERR(TSS_E_INTERNAL_ERROR); 207 } 208 209 if (getData(TCSD_PACKET_TYPE_AUTH, 6, &parentAuth, 0, &data->comm)) 210 pParentAuth = NULL; 211 else 212 pParentAuth = &parentAuth; 213 214 215 MUTEX_LOCK(tcsp_lock); 216 217 result = TCSP_ConvertMigrationBlob_Internal(hContext, parentHandle, inDataSize, inData, 218 randomSize, random, pParentAuth, &outDataSize, 219 &outData); 220 221 MUTEX_UNLOCK(tcsp_lock); 222 223 free(inData); 224 free(random); 225 if (result == TSS_SUCCESS) { 226 i = 0; 227 initData(&data->comm, 3); 228 if (pParentAuth) { 229 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) { 230 free(outData); 231 return TCSERR(TSS_E_INTERNAL_ERROR); 232 } 233 } 234 235 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { 236 free(outData); 237 return TCSERR(TSS_E_INTERNAL_ERROR); 238 } 239 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { 240 free(outData); 241 return TCSERR(TSS_E_INTERNAL_ERROR); 242 } 243 244 free(outData); 245 } else 246 initData(&data->comm, 0); 247 248 data->comm.hdr.u.result = result; 249 250 return TSS_SUCCESS; 251} 252 253TSS_RESULT 254tcs_wrap_AuthorizeMigrationKey(struct tcsd_thread_data *data) 255{ 256 TCS_CONTEXT_HANDLE hContext; 257 TSS_RESULT result; 258 TSS_MIGRATE_SCHEME migrateScheme; 259 UINT32 MigrationKeySize, MigrationKeyAuthSize; 260 BYTE *MigrationKey, *MigrationKeyAuth; 261 TPM_AUTH ownerAuth; 262 263 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 264 return TCSERR(TSS_E_INTERNAL_ERROR); 265 266 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 267 268 if (getData(TCSD_PACKET_TYPE_UINT16, 1, &migrateScheme, 0, &data->comm)) 269 return TCSERR(TSS_E_INTERNAL_ERROR); 270 271 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &MigrationKeySize, 0, &data->comm)) 272 return TCSERR(TSS_E_INTERNAL_ERROR); 273 274 MigrationKey = (BYTE *)malloc(MigrationKeySize); 275 if (MigrationKey == NULL) { 276 LogError("malloc of %d bytes failed.", MigrationKeySize); 277 return TCSERR(TSS_E_INTERNAL_ERROR); 278 } 279 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, MigrationKey, MigrationKeySize, &data->comm)) { 280 free(MigrationKey); 281 return TCSERR(TSS_E_INTERNAL_ERROR); 282 } 283 284 if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm)) { 285 free(MigrationKey); 286 return TCSERR(TSS_E_INTERNAL_ERROR); 287 } 288 289 MUTEX_LOCK(tcsp_lock); 290 291 result = TCSP_AuthorizeMigrationKey_Internal(hContext, migrateScheme, MigrationKeySize, 292 MigrationKey, &ownerAuth, 293 &MigrationKeyAuthSize, &MigrationKeyAuth); 294 295 MUTEX_UNLOCK(tcsp_lock); 296 297 free(MigrationKey); 298 if (result == TSS_SUCCESS) { 299 initData(&data->comm, 3); 300 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { 301 free(MigrationKeyAuth); 302 return TCSERR(TSS_E_INTERNAL_ERROR); 303 } 304 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &MigrationKeyAuthSize, 0, &data->comm)) { 305 free(MigrationKeyAuth); 306 return TCSERR(TSS_E_INTERNAL_ERROR); 307 } 308 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, MigrationKeyAuth, MigrationKeyAuthSize, 309 &data->comm)) { 310 free(MigrationKeyAuth); 311 return TCSERR(TSS_E_INTERNAL_ERROR); 312 } 313 314 free(MigrationKeyAuth); 315 } else 316 initData(&data->comm, 0); 317 318 data->comm.hdr.u.result = result; 319 320 return TSS_SUCCESS; 321} 322