1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2007 8 * 9 */ 10 11#include <stdlib.h> 12#include <stdio.h> 13#include <syslog.h> 14#include <string.h> 15#include <netdb.h> 16 17#include "trousers/tss.h" 18#include "trousers_types.h" 19#include "tcs_tsp.h" 20#include "tcs_utils.h" 21#include "tcs_int_literals.h" 22#include "capabilities.h" 23#include "tcslog.h" 24#include "tcsd_wrap.h" 25#include "tcsd.h" 26#include "tcs_utils.h" 27#include "rpc_tcstp_tcs.h" 28 29 30TSS_RESULT 31tcs_wrap_EstablishTransport(struct tcsd_thread_data *data) 32{ 33 TCS_CONTEXT_HANDLE hContext; 34 TCS_KEY_HANDLE hEncKey, hTransSession; 35 UINT32 ulTransControlFlags, ulTransSessionInfoSize, ulSecretSize, ulCurrentTicks, i; 36 BYTE *rgbTransSessionInfo, *rgbSecret, *prgbCurrentTicks; 37 TPM_MODIFIER_INDICATOR pbLocality; 38 TPM_AUTH pEncKeyAuth, *pAuth; 39 TPM_NONCE pTransNonce; 40 TSS_RESULT result; 41 42 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 43 return TCSERR(TSS_E_INTERNAL_ERROR); 44 45 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 46 47 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &ulTransControlFlags, 0, &data->comm)) 48 return TCSERR(TSS_E_INTERNAL_ERROR); 49 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &hEncKey, 0, &data->comm)) 50 return TCSERR(TSS_E_INTERNAL_ERROR); 51 if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulTransSessionInfoSize, 0, &data->comm)) 52 return TCSERR(TSS_E_INTERNAL_ERROR); 53 54 rgbTransSessionInfo = malloc(ulTransSessionInfoSize); 55 if (rgbTransSessionInfo == NULL) { 56 LogError("malloc of %u bytes failed.", ulTransSessionInfoSize); 57 return TCSERR(TSS_E_INTERNAL_ERROR); 58 } 59 if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbTransSessionInfo, ulTransSessionInfoSize, 60 &data->comm)) { 61 free(rgbTransSessionInfo); 62 return TCSERR(TSS_E_INTERNAL_ERROR); 63 } 64 65 if (getData(TCSD_PACKET_TYPE_UINT32, 5, &ulSecretSize, 0, &data->comm)) { 66 free(rgbTransSessionInfo); 67 return TCSERR(TSS_E_INTERNAL_ERROR); 68 } 69 70 rgbSecret = malloc(ulSecretSize); 71 if (rgbSecret == NULL) { 72 free(rgbTransSessionInfo); 73 LogError("malloc of %u bytes failed.", ulSecretSize); 74 return TCSERR(TSS_E_INTERNAL_ERROR); 75 } 76 if (getData(TCSD_PACKET_TYPE_PBYTE, 6, rgbSecret, ulSecretSize, &data->comm)) { 77 free(rgbTransSessionInfo); 78 free(rgbSecret); 79 return TCSERR(TSS_E_INTERNAL_ERROR); 80 } 81 if (getData(TCSD_PACKET_TYPE_AUTH, 7, &pEncKeyAuth, 0, &data->comm)) 82 pAuth = NULL; 83 else 84 pAuth = &pEncKeyAuth; 85 86 MUTEX_LOCK(tcsp_lock); 87 88 result = TCSP_EstablishTransport_Internal(hContext, ulTransControlFlags, hEncKey, 89 ulTransSessionInfoSize, rgbTransSessionInfo, 90 ulSecretSize, rgbSecret, pAuth, &pbLocality, 91 &hTransSession, &ulCurrentTicks, 92 &prgbCurrentTicks, &pTransNonce); 93 94 MUTEX_UNLOCK(tcsp_lock); 95 96 free(rgbSecret); 97 free(rgbTransSessionInfo); 98 99 if (result == TSS_SUCCESS) { 100 i = 0; 101 initData(&data->comm, 6); 102 if (pAuth) { 103 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { 104 free(prgbCurrentTicks); 105 return TCSERR(TSS_E_INTERNAL_ERROR); 106 } 107 } 108 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) { 109 free(prgbCurrentTicks); 110 return TCSERR(TSS_E_INTERNAL_ERROR); 111 } 112 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &hTransSession, 0, &data->comm)) { 113 free(prgbCurrentTicks); 114 return TCSERR(TSS_E_INTERNAL_ERROR); 115 } 116 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulCurrentTicks, 0, &data->comm)) { 117 free(prgbCurrentTicks); 118 return TCSERR(TSS_E_INTERNAL_ERROR); 119 } 120 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbCurrentTicks, ulCurrentTicks, 121 &data->comm)) { 122 free(prgbCurrentTicks); 123 return TCSERR(TSS_E_INTERNAL_ERROR); 124 } 125 free(prgbCurrentTicks); 126 if (setData(TCSD_PACKET_TYPE_NONCE, i++, &pTransNonce, 0, &data->comm)) 127 return TCSERR(TSS_E_INTERNAL_ERROR); 128 } else 129 initData(&data->comm, 0); 130 131 data->comm.hdr.u.result = result; 132 return TSS_SUCCESS; 133} 134 135TSS_RESULT 136tcs_wrap_ExecuteTransport(struct tcsd_thread_data *data) 137{ 138 TCS_CONTEXT_HANDLE hContext; 139 TPM_COMMAND_CODE unWrappedCommandOrdinal; 140 TCS_HANDLE *rghHandles = NULL, handles[2]; 141 UINT32 ulWrappedCmdDataInSize, pulHandleListSize, ulWrappedCmdDataOutSize, i = 0; 142 BYTE *rgbWrappedCmdDataIn, *rgbWrappedCmdDataOut; 143 TPM_MODIFIER_INDICATOR pbLocality; 144 TPM_AUTH pWrappedCmdAuth1, pWrappedCmdAuth2, pTransAuth, *pAuth1, *pAuth2, null_auth; 145 UINT64 punCurrentTicks; 146 TSS_RESULT result, pulWrappedCmdReturnCode; 147 148 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm)) 149 return TCSERR(TSS_E_INTERNAL_ERROR); 150 151 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 152 153 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &unWrappedCommandOrdinal, 0, &data->comm)) 154 return TCSERR(TSS_E_INTERNAL_ERROR); 155 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataInSize, 0, &data->comm)) 156 return TCSERR(TSS_E_INTERNAL_ERROR); 157 158 rgbWrappedCmdDataIn = malloc(ulWrappedCmdDataInSize); 159 if (rgbWrappedCmdDataIn == NULL) { 160 LogError("malloc of %u bytes failed", ulWrappedCmdDataInSize); 161 return TCSERR(TSS_E_INTERNAL_ERROR); 162 } 163 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataIn, ulWrappedCmdDataInSize, 164 &data->comm)) { 165 free(rgbWrappedCmdDataIn); 166 return TCSERR(TSS_E_INTERNAL_ERROR); 167 } 168 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) { 169 free(rgbWrappedCmdDataIn); 170 return TCSERR(TSS_E_INTERNAL_ERROR); 171 } 172 173 if (pulHandleListSize > 2) { 174 free(rgbWrappedCmdDataIn); 175 return TCSERR(TSS_E_BAD_PARAMETER); 176 } 177 178 if (pulHandleListSize) { 179 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, handles, 180 pulHandleListSize * sizeof(UINT32), &data->comm)) { 181 free(rgbWrappedCmdDataIn); 182 return TCSERR(TSS_E_INTERNAL_ERROR); 183 } 184 } 185 rghHandles = handles; 186 187 memset(&null_auth, 0, sizeof(TPM_AUTH)); 188 memset(&pWrappedCmdAuth1, 0, sizeof(TPM_AUTH)); 189 memset(&pWrappedCmdAuth2, 0, sizeof(TPM_AUTH)); 190 191 if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth1, 0, &data->comm)) { 192 free(rgbWrappedCmdDataIn); 193 return TCSERR(TSS_E_INTERNAL_ERROR); 194 } 195 if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth2, 0, &data->comm)) { 196 free(rgbWrappedCmdDataIn); 197 return TCSERR(TSS_E_INTERNAL_ERROR); 198 } 199 if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) { 200 free(rgbWrappedCmdDataIn); 201 return TCSERR(TSS_E_INTERNAL_ERROR); 202 } 203 204 if (!memcmp(&pWrappedCmdAuth1, &null_auth, sizeof(TPM_AUTH))) 205 pAuth1 = NULL; 206 else 207 pAuth1 = &pWrappedCmdAuth1; 208 209 if (!memcmp(&pWrappedCmdAuth2, &null_auth, sizeof(TPM_AUTH))) 210 pAuth2 = NULL; 211 else 212 pAuth2 = &pWrappedCmdAuth2; 213 214 MUTEX_LOCK(tcsp_lock); 215 216 result = TCSP_ExecuteTransport_Internal(hContext, unWrappedCommandOrdinal, 217 ulWrappedCmdDataInSize, rgbWrappedCmdDataIn, 218 &pulHandleListSize, &rghHandles, pAuth1, pAuth2, 219 &pTransAuth, &punCurrentTicks, &pbLocality, 220 &pulWrappedCmdReturnCode, &ulWrappedCmdDataOutSize, 221 &rgbWrappedCmdDataOut); 222 223 MUTEX_UNLOCK(tcsp_lock); 224 225 free(rgbWrappedCmdDataIn); 226 227 if (result == TSS_SUCCESS) { 228 i = 0; 229 initData(&data->comm, 10); 230 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) { 231 free(rgbWrappedCmdDataOut); 232 return TCSERR(TSS_E_INTERNAL_ERROR); 233 } 234 if (pulHandleListSize) { 235 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rghHandles, 236 pulHandleListSize * sizeof(UINT32), &data->comm)) { 237 free(rgbWrappedCmdDataOut); 238 return TCSERR(TSS_E_INTERNAL_ERROR); 239 } 240 } 241 if (pAuth1) { 242 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth1, 0, &data->comm)) { 243 free(rgbWrappedCmdDataOut); 244 return TCSERR(TSS_E_INTERNAL_ERROR); 245 } 246 } else { 247 if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) { 248 free(rgbWrappedCmdDataOut); 249 return TCSERR(TSS_E_INTERNAL_ERROR); 250 } 251 } 252 if (pAuth2) { 253 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth2, 0, &data->comm)) { 254 free(rgbWrappedCmdDataOut); 255 return TCSERR(TSS_E_INTERNAL_ERROR); 256 } 257 } else { 258 if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) { 259 free(rgbWrappedCmdDataOut); 260 return TCSERR(TSS_E_INTERNAL_ERROR); 261 } 262 } 263 if (setData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) { 264 free(rgbWrappedCmdDataOut); 265 return TCSERR(TSS_E_INTERNAL_ERROR); 266 } 267 if (setData(TCSD_PACKET_TYPE_UINT64, i++, &punCurrentTicks, 0, &data->comm)) { 268 free(rgbWrappedCmdDataOut); 269 return TCSERR(TSS_E_INTERNAL_ERROR); 270 } 271 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) { 272 free(rgbWrappedCmdDataOut); 273 return TCSERR(TSS_E_INTERNAL_ERROR); 274 } 275 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulWrappedCmdReturnCode, 0, 276 &data->comm)) { 277 free(rgbWrappedCmdDataOut); 278 return TCSERR(TSS_E_INTERNAL_ERROR); 279 } 280 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataOutSize, 0, 281 &data->comm)) { 282 free(rgbWrappedCmdDataOut); 283 return TCSERR(TSS_E_INTERNAL_ERROR); 284 } 285 if (ulWrappedCmdDataOutSize) { 286 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataOut, 287 ulWrappedCmdDataOutSize, &data->comm)) { 288 free(rgbWrappedCmdDataOut); 289 return TCSERR(TSS_E_INTERNAL_ERROR); 290 } 291 } 292 free(rgbWrappedCmdDataOut); 293 } else 294 initData(&data->comm, 0); 295 296 data->comm.hdr.u.result = result; 297 return TSS_SUCCESS; 298} 299 300TSS_RESULT 301tcs_wrap_ReleaseTransportSigned(struct tcsd_thread_data *data) 302{ 303 TCS_CONTEXT_HANDLE hContext; 304 TCS_KEY_HANDLE hSignatureKey; 305 TPM_NONCE AntiReplayNonce; 306 UINT32 pulCurrentTicks, pulSignatureSize; 307 BYTE *prgbCurrentTicks, *prgbSignature; 308 TPM_MODIFIER_INDICATOR pbLocality; 309 TPM_AUTH pKeyAuth, pTransAuth, *pAuth, null_auth; 310 TSS_RESULT result; 311 312 memset(&null_auth, 0, sizeof(TPM_AUTH)); 313 memset(&pKeyAuth, 0, sizeof(TPM_AUTH)); 314 315 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 316 return TCSERR(TSS_E_INTERNAL_ERROR); 317 318 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 319 320 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hSignatureKey, 0, &data->comm)) 321 return TCSERR(TSS_E_INTERNAL_ERROR); 322 if (getData(TCSD_PACKET_TYPE_NONCE, 2, &AntiReplayNonce, 0, &data->comm)) 323 return TCSERR(TSS_E_INTERNAL_ERROR); 324 if (getData(TCSD_PACKET_TYPE_AUTH, 3, &pKeyAuth, 0, &data->comm)) 325 return TCSERR(TSS_E_INTERNAL_ERROR); 326 327 if (!memcmp(&null_auth, &pKeyAuth, sizeof(TPM_AUTH))) 328 pAuth = NULL; 329 else 330 pAuth = &pKeyAuth; 331 332 if (getData(TCSD_PACKET_TYPE_AUTH, 4, &pTransAuth, 0, &data->comm)) 333 return TCSERR(TSS_E_INTERNAL_ERROR); 334 335 336 MUTEX_LOCK(tcsp_lock); 337 338 result = TCSP_ReleaseTransportSigned_Internal(hContext, hSignatureKey, &AntiReplayNonce, 339 pAuth, &pTransAuth, &pbLocality, 340 &pulCurrentTicks, &prgbCurrentTicks, 341 &pulSignatureSize, &prgbSignature); 342 343 MUTEX_UNLOCK(tcsp_lock); 344 345 if (result == TSS_SUCCESS) { 346 initData(&data->comm, 7); 347 if (pAuth) { 348 if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { 349 free(prgbCurrentTicks); 350 free(prgbSignature); 351 return TCSERR(TSS_E_INTERNAL_ERROR); 352 } 353 } else { 354 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &null_auth, 0, &data->comm)) { 355 free(prgbCurrentTicks); 356 free(prgbSignature); 357 return TCSERR(TSS_E_INTERNAL_ERROR); 358 } 359 } 360 if (setData(TCSD_PACKET_TYPE_AUTH, 1, &pTransAuth, 0, &data->comm)) { 361 free(prgbCurrentTicks); 362 free(prgbSignature); 363 return TCSERR(TSS_E_INTERNAL_ERROR); 364 } 365 if (setData(TCSD_PACKET_TYPE_UINT32, 2, &pbLocality, 0, &data->comm)) { 366 free(prgbCurrentTicks); 367 free(prgbSignature); 368 return TCSERR(TSS_E_INTERNAL_ERROR); 369 } 370 if (setData(TCSD_PACKET_TYPE_UINT32, 3, &pulCurrentTicks, 0, &data->comm)) { 371 free(prgbCurrentTicks); 372 free(prgbSignature); 373 return TCSERR(TSS_E_INTERNAL_ERROR); 374 } 375 if (setData(TCSD_PACKET_TYPE_PBYTE, 4, prgbCurrentTicks, pulCurrentTicks, 376 &data->comm)) { 377 free(prgbCurrentTicks); 378 free(prgbSignature); 379 return TCSERR(TSS_E_INTERNAL_ERROR); 380 } 381 free(prgbCurrentTicks); 382 if (setData(TCSD_PACKET_TYPE_UINT32, 5, &pulSignatureSize, 0, &data->comm)) { 383 free(prgbSignature); 384 return TCSERR(TSS_E_INTERNAL_ERROR); 385 } 386 if (setData(TCSD_PACKET_TYPE_PBYTE, 6, prgbSignature, pulSignatureSize, 387 &data->comm)) { 388 free(prgbSignature); 389 return TCSERR(TSS_E_INTERNAL_ERROR); 390 } 391 free(prgbSignature); 392 } else 393 initData(&data->comm, 0); 394 395 data->comm.hdr.u.result = result; 396 return TSS_SUCCESS; 397} 398