1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2006 8 * 9 */ 10 11#include <stdlib.h> 12#include <stdio.h> 13#include <string.h> 14 15// for message digest 16#include <openssl/evp.h> 17 18#include <stdlib.h> 19#include "daa_structs.h" 20#include "daa_parameter.h" 21#include "trousers/tss.h" 22#include "spi_internal_types.h" 23#include "spi_utils.h" 24#include <trousers/trousers.h> 25#include <spi_utils.h> 26#include <obj.h> 27#include "tsplog.h" 28#include "tss/tcs.h" 29 30/* 31Verifies if the key is a valid endorsement key of a TPM. (TPM is good) 32return 0 if correct 33 */ 34int verify_ek_and_daaCounter( 35 UINT32 endorsementLength, 36 BYTE *endorsementCredential, 37 UINT32 daaCounter 38) { 39 // TODO 40 return 0; 41} 42 43 44TSS_RESULT Tspi_DAA_IssueInit_internal( 45 TSS_HDAA hDAA, // in 46 TSS_HKEY issuerAuthPK, // in 47 TSS_HKEY issuerKeyPair, // in (TSS_DAA_KEY_PAIR *) 48 TSS_DAA_IDENTITY_PROOF identityProof, // in 49 UINT32 capitalUprimeLength, // in 50 BYTE* capitalUprime, // in 51 UINT32 daaCounter, // in 52 UINT32* nonceIssuerLength, // out 53 BYTE** nonceIssuer, // out 54 UINT32* authenticationChallengeLength, // out 55 BYTE** authenticationChallenge, // out 56 TSS_DAA_JOIN_ISSUER_SESSION* joinSession // out 57) { 58 TCS_CONTEXT_HANDLE tcsContext; 59 TSS_RESULT result; 60 BYTE *ne, *buffer; 61 bi_t random; 62 int length_ne; 63 64 if( (result = obj_daa_get_tsp_context( hDAA, &tcsContext)) != TSS_SUCCESS) 65 return result; 66 // 1 & 2 : verify EK (and associated credentials) of the platform 67 if( verify_ek_and_daaCounter( identityProof.endorsementLength, 68 identityProof.endorsementCredential, daaCounter) != 0) { 69 LogError("EK verification failed"); 70 return TSS_E_INTERNAL_ERROR; 71 } 72 73 // 3 : choose a random nonce for the platform (ni) 74 bi_new( random); 75 bi_urandom( random, DAA_PARAM_LENGTH_MESSAGE_DIGEST * 8); 76 buffer = bi_2_nbin( nonceIssuerLength, random); 77 if( buffer == NULL) { 78 LogError("malloc of %d bytes failed", *nonceIssuerLength); 79 return TSPERR(TSS_E_OUTOFMEMORY); 80 } 81 *nonceIssuer = convert_alloc( tcsContext, *nonceIssuerLength, buffer); 82 if (*nonceIssuer == NULL) { 83 LogError("malloc of %d bytes failed", *nonceIssuerLength); 84 free( buffer); 85 return TSPERR(TSS_E_OUTOFMEMORY); 86 } 87 88 LogDebug("nonce Issuer[%d:%d]:%s", DAA_PARAM_LENGTH_MESSAGE_DIGEST, 89 *nonceIssuerLength, 90 dump_byte_array( *nonceIssuerLength , *nonceIssuer)); 91 92 // 4 : choose a random nonce ne and encrypt it under EK 93 bi_urandom( random, DAA_PARAM_LENGTH_MESSAGE_DIGEST * 8); 94 ne = convert_alloc( tcsContext, length_ne, bi_2_nbin( &length_ne, random)); 95 if (ne == NULL) { 96 LogError("malloc of %d bytes failed", length_ne); 97 free( buffer); 98 free( nonceIssuer); 99 return TSPERR(TSS_E_OUTOFMEMORY); 100 } 101 102 bi_free( random); 103 *authenticationChallenge = (BYTE *)calloc_tspi( tcsContext, 256); // 256: RSA size 104 if (*authenticationChallenge == NULL) { 105 LogError("malloc of %d bytes failed", 256); 106 free( buffer); 107 free( nonceIssuer); 108 free( ne); 109 return TSPERR(TSS_E_OUTOFMEMORY); 110 } 111 result = Trspi_RSA_Encrypt( 112 ne, // message to encrypt 113 length_ne, // length message to encrypt 114 *authenticationChallenge, // destination 115 authenticationChallengeLength, // length destination 116 identityProof.endorsementCredential, // public key 117 identityProof.endorsementLength); // public key size 118 if( result != TSS_SUCCESS) { 119 LogError("Can not encrypt the Authentication Challenge"); 120 free( buffer); 121 free( nonceIssuer); 122 free( ne); 123 return TSS_E_INTERNAL_ERROR; 124 } 125 LogDebug("authenticationChallenge[%d:%d]:%s", DAA_PARAM_LENGTH_MESSAGE_DIGEST, 126 *authenticationChallengeLength, 127 dump_byte_array( *authenticationChallengeLength , *authenticationChallenge)); 128 129 // 5 : save PK, PKDAA, (p', q'), U', daaCounter, ni, ne in joinSession 130 // EK is not a member of joinSession but is already saved in identityProof 131 joinSession->issuerAuthPK = issuerAuthPK; 132 joinSession->issuerKeyPair = issuerKeyPair; 133 memcpy( &(joinSession->identityProof), &identityProof, sizeof(TSS_DAA_IDENTITY_PROOF)); 134 joinSession->capitalUprimeLength = capitalUprimeLength; 135 joinSession->capitalUprime = capitalUprime; 136 joinSession->daaCounter = daaCounter; 137 joinSession->nonceIssuerLength = *nonceIssuerLength; 138 joinSession->nonceIssuer = *nonceIssuer; 139 joinSession->nonceEncryptedLength = length_ne; 140 joinSession->nonceEncrypted = ne; 141 return result; 142} 143