1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2007 8 * 9 */ 10 11#include <stdlib.h> 12#include <stdio.h> 13#include <syslog.h> 14#include <string.h> 15#include <netdb.h> 16 17#include "trousers/tss.h" 18#include "trousers_types.h" 19#include "tcs_tsp.h" 20#include "tcs_utils.h" 21#include "tcs_int_literals.h" 22#include "capabilities.h" 23#include "tcslog.h" 24#include "tcsd_wrap.h" 25#include "tcsd.h" 26#include "tcs_utils.h" 27#include "rpc_tcstp_tcs.h" 28 29 30TSS_RESULT 31tcs_wrap_CreateEndorsementKeyPair(struct tcsd_thread_data *data) 32{ 33 TCS_CONTEXT_HANDLE hContext; 34 TCPA_NONCE antiReplay; 35 UINT32 eKPtrSize; 36 BYTE *eKPtr; 37 UINT32 eKSize; 38 BYTE* eK; 39 TCPA_DIGEST checksum; 40 TSS_RESULT result; 41 42 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 43 return TCSERR(TSS_E_INTERNAL_ERROR); 44 45 if ((result = ctx_verify_context(hContext))) 46 goto done; 47 48 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 49 50 if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) 51 return TCSERR(TSS_E_INTERNAL_ERROR); 52 53 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm)) 54 return TCSERR(TSS_E_INTERNAL_ERROR); 55 56 eKPtr = calloc(1, eKPtrSize); 57 if (eKPtr == NULL) { 58 LogError("malloc of %u bytes failed.", eKPtrSize); 59 return TCSERR(TSS_E_OUTOFMEMORY); 60 } 61 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) { 62 free(eKPtr); 63 return TCSERR(TSS_E_INTERNAL_ERROR); 64 } 65 66 MUTEX_LOCK(tcsp_lock); 67 68 result = TCSP_CreateEndorsementKeyPair_Internal(hContext, antiReplay, eKPtrSize, eKPtr, 69 &eKSize, &eK, &checksum); 70 71 MUTEX_UNLOCK(tcsp_lock); 72 73 free(eKPtr); 74 75 if (result == TSS_SUCCESS) { 76 initData(&data->comm, 3); 77 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eKSize, 0, &data->comm)) { 78 free(eK); 79 return TCSERR(TSS_E_INTERNAL_ERROR); 80 } 81 if (setData(TCSD_PACKET_TYPE_PBYTE, 1, eK, eKSize, &data->comm)) { 82 free(eK); 83 return TCSERR(TSS_E_INTERNAL_ERROR); 84 } 85 free(eK); 86 if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) { 87 return TCSERR(TSS_E_INTERNAL_ERROR); 88 } 89 } else 90done: initData(&data->comm, 0); 91 92 data->comm.hdr.u.result = result; 93 return TSS_SUCCESS; 94} 95 96TSS_RESULT 97tcs_wrap_ReadPubek(struct tcsd_thread_data *data) 98{ 99 TCS_CONTEXT_HANDLE hContext; 100 TCPA_NONCE antiReplay; 101 UINT32 pubEKSize; 102 BYTE *pubEK; 103 TCPA_DIGEST checksum; 104 TSS_RESULT result; 105 106 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 107 return TCSERR(TSS_E_INTERNAL_ERROR); 108 109 if ((result = ctx_verify_context(hContext))) 110 goto done; 111 112 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 113 114 if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) 115 return TCSERR(TSS_E_INTERNAL_ERROR); 116 117 MUTEX_LOCK(tcsp_lock); 118 119 result = TCSP_ReadPubek_Internal(hContext, antiReplay, &pubEKSize, &pubEK, &checksum); 120 121 MUTEX_UNLOCK(tcsp_lock); 122 123 if (result == TSS_SUCCESS) { 124 initData(&data->comm, 3); 125 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pubEKSize, 0, &data->comm)) { 126 free(pubEK); 127 return TCSERR(TSS_E_INTERNAL_ERROR); 128 } 129 if (setData(TCSD_PACKET_TYPE_PBYTE, 1, pubEK, pubEKSize, &data->comm)) { 130 free(pubEK); 131 return TCSERR(TSS_E_INTERNAL_ERROR); 132 } 133 free(pubEK); 134 if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) { 135 return TCSERR(TSS_E_INTERNAL_ERROR); 136 } 137 } else 138done: initData(&data->comm, 0); 139 140 data->comm.hdr.u.result = result; 141 return TSS_SUCCESS; 142} 143 144TSS_RESULT 145tcs_wrap_OwnerReadPubek(struct tcsd_thread_data *data) 146{ 147 TCS_CONTEXT_HANDLE hContext; 148 UINT32 pubEKSize; 149 BYTE *pubEK; 150 TSS_RESULT result; 151 TPM_AUTH auth; 152 153 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 154 return TCSERR(TSS_E_INTERNAL_ERROR); 155 156 if ((result = ctx_verify_context(hContext))) 157 goto done; 158 159 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 160 161 if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) 162 return TCSERR(TSS_E_INTERNAL_ERROR); 163 164 MUTEX_LOCK(tcsp_lock); 165 166 result = TCSP_OwnerReadPubek_Internal(hContext, &auth, &pubEKSize, &pubEK); 167 168 MUTEX_UNLOCK(tcsp_lock); 169 170 if (result == TSS_SUCCESS) { 171 initData(&data->comm, 3); 172 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { 173 free(pubEK); 174 return TCSERR(TSS_E_INTERNAL_ERROR); 175 } 176 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &pubEKSize, 0, &data->comm)) { 177 free(pubEK); 178 return TCSERR(TSS_E_INTERNAL_ERROR); 179 } 180 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, pubEK, pubEKSize, &data->comm)) { 181 free(pubEK); 182 return TCSERR(TSS_E_INTERNAL_ERROR); 183 } 184 free(pubEK); 185 } else 186done: initData(&data->comm, 0); 187 188 data->comm.hdr.u.result = result; 189 return TSS_SUCCESS; 190} 191 192TSS_RESULT 193tcs_wrap_DisablePubekRead(struct tcsd_thread_data *data) 194{ 195 TCS_CONTEXT_HANDLE hContext; 196 TSS_RESULT result; 197 TPM_AUTH auth; 198 199 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 200 return TCSERR(TSS_E_INTERNAL_ERROR); 201 202 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 203 204 if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) 205 return TCSERR(TSS_E_INTERNAL_ERROR); 206 207 MUTEX_LOCK(tcsp_lock); 208 209 result = TCSP_DisablePubekRead_Internal(hContext, &auth); 210 211 MUTEX_UNLOCK(tcsp_lock); 212 213 if (result == TSS_SUCCESS) { 214 initData(&data->comm, 1); 215 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { 216 return TCSERR(TSS_E_INTERNAL_ERROR); 217 } 218 } else 219 initData(&data->comm, 0); 220 221 data->comm.hdr.u.result = result; 222 return TSS_SUCCESS; 223} 224 225#ifdef TSS_BUILD_TSS12 226TSS_RESULT 227tcs_wrap_CreateRevocableEndorsementKeyPair(struct tcsd_thread_data *data) 228{ 229 TCS_CONTEXT_HANDLE hContext; 230 TPM_NONCE antiReplay; 231 UINT32 eKPtrSize; 232 BYTE *eKPtr; 233 TSS_BOOL genResetAuth; 234 TPM_DIGEST eKResetAuth; 235 UINT32 eKSize; 236 BYTE* eK; 237 TPM_DIGEST checksum; 238 TSS_RESULT result; 239 240 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 241 return TCSERR(TSS_E_INTERNAL_ERROR); 242 243 if ((result = ctx_verify_context(hContext))) 244 goto done; 245 246 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 247 248 if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) 249 return TCSERR(TSS_E_INTERNAL_ERROR); 250 251 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm)) 252 return TCSERR(TSS_E_INTERNAL_ERROR); 253 254 eKPtr = calloc(1, eKPtrSize); 255 if (eKPtr == NULL) { 256 LogError("malloc of %d bytes failed.", eKPtrSize); 257 return TCSERR(TSS_E_OUTOFMEMORY); 258 } 259 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) { 260 free(eKPtr); 261 return TCSERR(TSS_E_INTERNAL_ERROR); 262 } 263 264 if (getData(TCSD_PACKET_TYPE_BOOL, 4, &genResetAuth, 0, &data->comm)) { 265 free(eKPtr); 266 return TCSERR(TSS_E_INTERNAL_ERROR); 267 } 268 269 if (getData(TCSD_PACKET_TYPE_DIGEST, 5, &eKResetAuth, 0, &data->comm)) { 270 free(eKPtr); 271 return TCSERR(TSS_E_INTERNAL_ERROR); 272 } 273 274 MUTEX_LOCK(tcsp_lock); 275 276 result = TCSP_CreateRevocableEndorsementKeyPair_Internal(hContext, antiReplay, 277 eKPtrSize, eKPtr, genResetAuth, &eKResetAuth, &eKSize, &eK, &checksum); 278 279 MUTEX_UNLOCK(tcsp_lock); 280 281 free(eKPtr); 282 283 if (result == TSS_SUCCESS) { 284 initData(&data->comm, 4); 285 if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &eKResetAuth, 0, &data->comm)) { 286 free(eK); 287 return TCSERR(TSS_E_INTERNAL_ERROR); 288 } 289 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &eKSize, 0, &data->comm)) { 290 free(eK); 291 return TCSERR(TSS_E_INTERNAL_ERROR); 292 } 293 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, eK, eKSize, &data->comm)) { 294 free(eK); 295 return TCSERR(TSS_E_INTERNAL_ERROR); 296 } 297 free(eK); 298 if (setData(TCSD_PACKET_TYPE_DIGEST, 3, &checksum, 0, &data->comm)) { 299 return TCSERR(TSS_E_INTERNAL_ERROR); 300 } 301 } else 302done: initData(&data->comm, 0); 303 304 data->comm.hdr.u.result = result; 305 306 return TSS_SUCCESS; 307} 308 309TSS_RESULT 310tcs_wrap_RevokeEndorsementKeyPair(struct tcsd_thread_data *data) 311{ 312 TCS_CONTEXT_HANDLE hContext; 313 TPM_DIGEST eKResetAuth; 314 TSS_RESULT result; 315 316 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 317 return TCSERR(TSS_E_INTERNAL_ERROR); 318 319 if ((result = ctx_verify_context(hContext))) 320 goto done; 321 322 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 323 324 if (getData(TCSD_PACKET_TYPE_DIGEST, 1, &eKResetAuth, 0, &data->comm)) 325 return TCSERR(TSS_E_INTERNAL_ERROR); 326 327 MUTEX_LOCK(tcsp_lock); 328 329 result = TCSP_RevokeEndorsementKeyPair_Internal(hContext, eKResetAuth); 330 331 MUTEX_UNLOCK(tcsp_lock); 332done: 333 initData(&data->comm, 0); 334 335 data->comm.hdr.u.result = result; 336 337 return TSS_SUCCESS; 338} 339#endif 340