1 2/* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004, 2007 8 * 9 */ 10 11 12#include <stdlib.h> 13#include <stdio.h> 14#include <string.h> 15#include <inttypes.h> 16 17#include "trousers/tss.h" 18#include "trousers_types.h" 19#include "tcs_tsp.h" 20#include "tcsps.h" 21#include "tcs_utils.h" 22#include "tcs_int_literals.h" 23#include "capabilities.h" 24#include "tcslog.h" 25#include "req_mgr.h" 26#include "tcsd_wrap.h" 27#include "tcsd.h" 28 29TSS_RESULT 30TCSP_CreateEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ 31 TCPA_NONCE antiReplay, /* in */ 32 UINT32 endorsementKeyInfoSize, /* in */ 33 BYTE * endorsementKeyInfo, /* in */ 34 UINT32 * endorsementKeySize, /* out */ 35 BYTE ** endorsementKey, /* out */ 36 TCPA_DIGEST * checksum) /* out */ 37{ 38 UINT64 offset = 0; 39 UINT32 paramSize; 40 TSS_RESULT result; 41 BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; 42 43 if ((result = ctx_verify_context(hContext))) 44 return result; 45 46 if ((result = tpm_rqu_build(TPM_ORD_CreateEndorsementKeyPair, &offset, txBlob, 47 antiReplay.nonce, endorsementKeyInfoSize, 48 endorsementKeyInfo))) 49 return result; 50 51 if ((result = req_mgr_submit_req(txBlob))) 52 return result; 53 54 result = UnloadBlob_Header(txBlob, ¶mSize); 55 if (!result) { 56 result = tpm_rsp_parse(TPM_ORD_CreateEndorsementKeyPair, txBlob, paramSize, 57 endorsementKeySize, endorsementKey, checksum->digest); 58 } 59 LogDebug("Leaving CreateEKPair with result: 0x%x", result); 60 return result; 61} 62 63TSS_RESULT 64TCSP_ReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ 65 TCPA_NONCE antiReplay, /* in */ 66 UINT32 * pubEndorsementKeySize, /* out */ 67 BYTE ** pubEndorsementKey, /* out */ 68 TCPA_DIGEST * checksum) /* out */ 69{ 70 UINT64 offset = 0; 71 UINT32 paramSize; 72 TSS_RESULT result; 73 BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; 74 75 LogDebugFn("Enter"); 76 77 if ((result = ctx_verify_context(hContext))) 78 return result; 79 80 if ((result = tpm_rqu_build(TPM_ORD_ReadPubek, &offset, txBlob, TPM_NONCE_SIZE, 81 antiReplay.nonce))) 82 return result; 83 84 if ((result = req_mgr_submit_req(txBlob))) 85 return result; 86 87 result = UnloadBlob_Header(txBlob, ¶mSize); 88 if (!result) { 89 result = tpm_rsp_parse(TPM_ORD_ReadPubek, txBlob, paramSize, pubEndorsementKeySize, 90 pubEndorsementKey, checksum->digest); 91 } 92 LogDebugFn("result: 0x%x", result); 93 return result; 94} 95 96TSS_RESULT 97TCSP_DisablePubekRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ 98 TPM_AUTH * ownerAuth) /* in, out */ 99{ 100 UINT64 offset = 0; 101 UINT32 paramSize; 102 TSS_RESULT result; 103 BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; 104 105 LogDebug("DisablePubekRead"); 106 107 if ((result = ctx_verify_context(hContext))) 108 goto done; 109 110 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle))) 111 goto done; 112 113 if ((result = tpm_rqu_build(TPM_ORD_DisablePubekRead, &offset, txBlob, ownerAuth))) 114 goto done; 115 116 if ((result = req_mgr_submit_req(txBlob))) 117 goto done; 118 119 result = UnloadBlob_Header(txBlob, ¶mSize); 120 if (!result) { 121 result = tpm_rsp_parse(TPM_ORD_DisablePubekRead, txBlob, paramSize, ownerAuth); 122 } 123done: 124 auth_mgr_release_auth(ownerAuth, NULL, hContext); 125 return result; 126} 127 128TSS_RESULT 129TCSP_OwnerReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ 130 TPM_AUTH * ownerAuth, /* in, out */ 131 UINT32 * pubEndorsementKeySize, /* out */ 132 BYTE ** pubEndorsementKey) /* out */ 133{ 134 UINT32 paramSize; 135 TSS_RESULT result; 136 UINT64 offset = 0; 137 BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; 138 139 LogDebug("Entering OwnerReadPubek"); 140 141 if ((result = ctx_verify_context(hContext))) 142 goto done; 143 144 if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle))) 145 goto done; 146 147 if ((result = tpm_rqu_build(TPM_ORD_OwnerReadPubek, &offset, txBlob, ownerAuth))) 148 goto done; 149 150 if ((result = req_mgr_submit_req(txBlob))) 151 goto done; 152 153 result = UnloadBlob_Header(txBlob, ¶mSize); 154 155 if (!result) { 156 result = tpm_rsp_parse(TPM_ORD_OwnerReadPubek, txBlob, paramSize, 157 pubEndorsementKeySize, pubEndorsementKey, ownerAuth); 158 } 159 LogResult("Owner Read Pubek", result); 160done: 161 auth_mgr_release_auth(ownerAuth, NULL, hContext); 162 return result; 163} 164 165TSS_RESULT 166TCSP_CreateRevocableEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ 167 TPM_NONCE antiReplay, /* in */ 168 UINT32 endorsementKeyInfoSize, /* in */ 169 BYTE * endorsementKeyInfo, /* in */ 170 TSS_BOOL genResetAuth, /* in */ 171 TPM_DIGEST * eKResetAuth, /* in, out */ 172 UINT32 * endorsementKeySize, /* out */ 173 BYTE ** endorsementKey, /* out */ 174 TPM_DIGEST * checksum) /* out */ 175{ 176 UINT64 offset = 0; 177 UINT32 paramSize; 178 TSS_RESULT result; 179 BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; 180 181 if ((result = ctx_verify_context(hContext))) 182 return result; 183 184 if ((result = tpm_rqu_build(TPM_ORD_CreateRevocableEK, &offset, txBlob, 185 antiReplay.nonce, endorsementKeyInfoSize, 186 endorsementKeyInfo, genResetAuth, eKResetAuth->digest))) 187 return result; 188 189 if ((result = req_mgr_submit_req(txBlob))) 190 return result; 191 192 result = UnloadBlob_Header(txBlob, ¶mSize); 193 if (!result) { 194 result = tpm_rsp_parse(TPM_ORD_CreateRevocableEK, txBlob, paramSize, 195 endorsementKeySize, endorsementKey, checksum->digest, 196 eKResetAuth->digest); 197 } 198 199 LogDebug("Leaving CreateRevocableEKPair with result: 0x%x", result); 200 return result; 201} 202 203TSS_RESULT 204TCSP_RevokeEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ 205 TPM_DIGEST EKResetAuth) /* in */ 206{ 207 UINT64 offset = 0; 208 UINT32 paramSize; 209 TSS_RESULT result; 210 BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; 211 212 if ((result = ctx_verify_context(hContext))) 213 return result; 214 215 if ((result = tpm_rqu_build(TPM_ORD_RevokeTrust, &offset, txBlob, EKResetAuth.digest))) 216 return result; 217 218 if ((result = req_mgr_submit_req(txBlob))) 219 return result; 220 221 result = UnloadBlob_Header(txBlob, ¶mSize); 222 223 LogDebug("Leaving RevokeEKPair with result: 0x%x", result); 224 return result; 225} 226 227