1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2006 8 * 9 */ 10 11#include <stdlib.h> 12#include <stdio.h> 13#include <syslog.h> 14#include <string.h> 15#include <netdb.h> 16 17#include "trousers/tss.h" 18#include "trousers_types.h" 19#include "tcs_tsp.h" 20#include "tcs_utils.h" 21#include "tcs_int_literals.h" 22#include "capabilities.h" 23#include "tcslog.h" 24#include "tcsd_wrap.h" 25#include "tcsd.h" 26#include "tcs_utils.h" 27#include "rpc_tcstp_tcs.h" 28 29 30TSS_RESULT 31tcs_common_Seal(UINT32 sealOrdinal, 32 struct tcsd_thread_data *data) 33{ 34 TSS_RESULT result; 35 TCS_CONTEXT_HANDLE hContext; 36 TCS_KEY_HANDLE keyHandle; 37 TCPA_ENCAUTH KeyUsageAuth; 38 UINT32 PCRInfoSize, inDataSize; 39 BYTE *PCRInfo = NULL, *inData = NULL; 40 TPM_AUTH emptyAuth, pubAuth, *pAuth; 41 UINT32 outDataSize; 42 BYTE *outData; 43 44 int i = 0; 45 46 memset(&emptyAuth, 0, sizeof(TPM_AUTH)); 47 memset(&pubAuth, 0, sizeof(TPM_AUTH)); 48 49 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm)) 50 return TCSERR(TSS_E_INTERNAL_ERROR); 51 52 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 53 54 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &keyHandle, 0, &data->comm)) 55 return TCSERR(TSS_E_INTERNAL_ERROR); 56 if (getData(TCSD_PACKET_TYPE_ENCAUTH, i++, &KeyUsageAuth, 0, &data->comm)) 57 return TCSERR(TSS_E_INTERNAL_ERROR); 58 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &PCRInfoSize, 0, &data->comm)) 59 return TCSERR(TSS_E_INTERNAL_ERROR); 60 61 if (PCRInfoSize > 0) { 62 PCRInfo = calloc(1, PCRInfoSize); 63 if (PCRInfo == NULL) { 64 LogError("malloc of %u bytes failed.", PCRInfoSize); 65 return TCSERR(TSS_E_OUTOFMEMORY); 66 } 67 68 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, PCRInfo, PCRInfoSize, &data->comm)) { 69 free(PCRInfo); 70 return TCSERR(TSS_E_INTERNAL_ERROR); 71 } 72 } 73 74 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &inDataSize, 0, &data->comm)) { 75 free(PCRInfo); 76 return TCSERR(TSS_E_INTERNAL_ERROR); 77 } 78 79 if (inDataSize > 0) { 80 inData = calloc(1, inDataSize); 81 if (inData == NULL) { 82 LogError("malloc of %u bytes failed.", inDataSize); 83 free(PCRInfo); 84 return TCSERR(TSS_E_OUTOFMEMORY); 85 } 86 87 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, inData, inDataSize, &data->comm)) { 88 free(inData); 89 free(PCRInfo); 90 return TCSERR(TSS_E_INTERNAL_ERROR); 91 } 92 } 93 94 result = getData(TCSD_PACKET_TYPE_AUTH, i++, &pubAuth, 0, &data->comm); 95 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) 96 pAuth = NULL; 97 else if (result) { 98 free(inData); 99 free(PCRInfo); 100 return result; 101 } else 102 pAuth = &pubAuth; 103 104 MUTEX_LOCK(tcsp_lock); 105 106 result = TCSP_Seal_Internal(sealOrdinal, hContext, keyHandle, KeyUsageAuth, PCRInfoSize, 107 PCRInfo, inDataSize, inData, pAuth, &outDataSize, &outData); 108 109 MUTEX_UNLOCK(tcsp_lock); 110 free(inData); 111 free(PCRInfo); 112 113 if (result == TSS_SUCCESS) { 114 initData(&data->comm, 3); 115 if (pAuth != NULL) { 116 if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { 117 free(outData); 118 return TCSERR(TSS_E_INTERNAL_ERROR); 119 } 120 } 121 122 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &outDataSize, 0, &data->comm)) { 123 free(outData); 124 return TCSERR(TSS_E_INTERNAL_ERROR); 125 } 126 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, outData, outDataSize, &data->comm)) { 127 free(outData); 128 return TCSERR(TSS_E_INTERNAL_ERROR); 129 } 130 free(outData); 131 } else 132 initData(&data->comm, 0); 133 134 data->comm.hdr.u.result = result; 135 136 return TSS_SUCCESS; 137} 138 139TSS_RESULT 140tcs_wrap_Seal(struct tcsd_thread_data *data) 141{ 142 return tcs_common_Seal(TPM_ORD_Seal, data); 143} 144 145#ifdef TSS_BUILD_SEALX 146TSS_RESULT 147tcs_wrap_Sealx(struct tcsd_thread_data *data) 148{ 149 return tcs_common_Seal(TPM_ORD_Sealx, data); 150} 151#endif 152 153TSS_RESULT 154tcs_wrap_UnSeal(struct tcsd_thread_data *data) 155{ 156 TCS_CONTEXT_HANDLE hContext; 157 TCS_KEY_HANDLE parentHandle; 158 UINT32 inDataSize; 159 BYTE *inData; 160 161 TPM_AUTH parentAuth, dataAuth, emptyAuth; 162 TPM_AUTH *pParentAuth, *pDataAuth; 163 164 UINT32 outDataSize; 165 BYTE *outData; 166 TSS_RESULT result; 167 168 memset(&emptyAuth, 0, sizeof(TPM_AUTH)); 169 170 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 171 return TCSERR(TSS_E_INTERNAL_ERROR); 172 173 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 174 175 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) 176 return TCSERR(TSS_E_INTERNAL_ERROR); 177 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm)) 178 return TCSERR(TSS_E_INTERNAL_ERROR); 179 180 inData = calloc(1, inDataSize); 181 if (inData == NULL) { 182 LogError("malloc of %d bytes failed.", inDataSize); 183 return TCSERR(TSS_E_OUTOFMEMORY); 184 } 185 186 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) { 187 free(inData); 188 return TCSERR(TSS_E_INTERNAL_ERROR); 189 } 190 191 result = getData(TCSD_PACKET_TYPE_AUTH, 4, &parentAuth, 0, &data->comm); 192 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) 193 pParentAuth = NULL; 194 else if (result) { 195 free(inData); 196 return result; 197 } else 198 pParentAuth = &parentAuth; 199 200 result = getData(TCSD_PACKET_TYPE_AUTH, 5, &dataAuth, 0, &data->comm); 201 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) { 202 pDataAuth = pParentAuth; 203 pParentAuth = NULL; 204 } else if (result) { 205 free(inData); 206 return result; 207 } else 208 pDataAuth = &dataAuth; 209 210 MUTEX_LOCK(tcsp_lock); 211 212 result = TCSP_Unseal_Internal(hContext, parentHandle, inDataSize, inData, pParentAuth, 213 pDataAuth, &outDataSize, &outData); 214 215 MUTEX_UNLOCK(tcsp_lock); 216 free(inData); 217 218 if (result == TSS_SUCCESS) { 219 initData(&data->comm, 4); 220 if (pParentAuth != NULL) { 221 if (setData(TCSD_PACKET_TYPE_AUTH, 0, pParentAuth, 0, &data->comm)) { 222 free(outData); 223 return TCSERR(TSS_E_INTERNAL_ERROR); 224 } 225 } else { 226 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &emptyAuth, 0, &data->comm)) { 227 free(outData); 228 return TCSERR(TSS_E_INTERNAL_ERROR); 229 } 230 } 231 232 if (setData(TCSD_PACKET_TYPE_AUTH, 1, &dataAuth, 0, &data->comm)) { 233 free(outData); 234 return TCSERR(TSS_E_INTERNAL_ERROR); 235 } 236 if (setData(TCSD_PACKET_TYPE_UINT32, 2, &outDataSize, 0, &data->comm)) { 237 free(outData); 238 return TCSERR(TSS_E_INTERNAL_ERROR); 239 } 240 if (setData(TCSD_PACKET_TYPE_PBYTE, 3, outData, outDataSize, &data->comm)) { 241 free(outData); 242 return TCSERR(TSS_E_INTERNAL_ERROR); 243 } 244 free(outData); 245 } else 246 initData(&data->comm, 0); 247 248 data->comm.hdr.u.result = result; 249 250 return TSS_SUCCESS; 251} 252