obj_rsakey.c revision 1.1
118334Speter 218334Speter/* 318334Speter * Licensed Materials - Property of IBM 418334Speter * 518334Speter * trousers - An open source TCG Software Stack 618334Speter * 718334Speter * (C) Copyright International Business Machines Corp. 2005, 2007 818334Speter * 918334Speter */ 1018334Speter 1118334Speter 1218334Speter#include <stdlib.h> 1318334Speter#include <stdio.h> 1418334Speter#include <errno.h> 1518334Speter#include <string.h> 1618334Speter#include <inttypes.h> 1718334Speter 1818334Speter#include "trousers/tss.h" 1918334Speter#include "trousers/trousers.h" 2018334Speter#include "trousers_types.h" 2118334Speter#include "spi_utils.h" 2218334Speter#include "capabilities.h" 2318334Speter#include "tsplog.h" 2418334Speter#include "obj.h" 2518334Speter 2618334SpeterTSS_RESULT 2718334Speterobj_rsakey_add(TSS_HCONTEXT tspContext, TSS_FLAG initFlags, TSS_HOBJECT *phObject) 2818334Speter{ 2918334Speter UINT64 offset; 3018334Speter TSS_RESULT result; 3118334Speter TCPA_RSA_KEY_PARMS rsaKeyParms; 3218334Speter TSS_FLAG flags = 0; 3318334Speter struct tr_rsakey_obj *rsakey = calloc(1, sizeof(struct tr_rsakey_obj)); 3418334Speter TPM_STRUCT_VER ver = { 1, 1, 0, 0 }; // Must be 1.1.0.0 for 1.2 TPMs 3518334Speter UINT32 ctx_ver; 3618334Speter 3718334Speter if (rsakey == NULL) { 3818334Speter LogError("malloc of %zd bytes failed.", sizeof(struct tr_rsakey_obj)); 3918334Speter return TSPERR(TSS_E_OUTOFMEMORY); 4018334Speter } 4118334Speter 4218334Speter if ((result = obj_context_get_policy(tspContext, TSS_POLICY_USAGE, &rsakey->usagePolicy))) { 4318334Speter free(rsakey); 4418334Speter return result; 4518334Speter } 4618334Speter 4718334Speter if ((initFlags & TSS_KEY_STRUCT_BITMASK) == TSS_KEY_STRUCT_DEFAULT) { 4818334Speter /* Its not set, go with the context's default */ 4918334Speter if ((result = obj_context_get_connection_version(tspContext, &ctx_ver))) { 5018334Speter free(rsakey); 5118334Speter return result; 5218334Speter } 5318334Speter 5418334Speter switch (ctx_ver) { 5518334Speter case TSS_TSPATTRIB_CONTEXT_VERSION_V1_2: 5618334Speter initFlags |= TSS_KEY_STRUCT_KEY12; 5718334Speter break; 5818334Speter case TSS_TSPATTRIB_CONTEXT_VERSION_V1_1: 5918334Speter /* fall through */ 6018334Speter default: 6118334Speter initFlags |= TSS_KEY_STRUCT_KEY; 6218334Speter break; 6318334Speter } 6418334Speter } 6518334Speter 6618334Speter offset = 0; 6718334Speter switch (initFlags & TSS_KEY_STRUCT_BITMASK) { 6818334Speter case TSS_KEY_STRUCT_KEY: 6918334Speter rsakey->key.hdr.key11.ver = ver; 7018334Speter rsakey->type = TSS_KEY_STRUCT_KEY; 7118334Speter rsakey->pcrInfoType = TSS_PCRS_STRUCT_INFO; 7218334Speter rsakey->key.keyFlags = 0; 7318334Speter break; 7418334Speter case TSS_KEY_STRUCT_KEY12: 7518334Speter rsakey->key.hdr.key12.tag = TPM_TAG_KEY12; 7618334Speter rsakey->key.hdr.key12.fill = 0; 7718334Speter rsakey->type = TSS_KEY_STRUCT_KEY12; 7818334Speter rsakey->pcrInfoType = TSS_PCRS_STRUCT_INFO_LONG; 7918334Speter rsakey->key.keyFlags = TPM_PCRIGNOREDONREAD; 8018334Speter break; 8118334Speter default: 8218334Speter free(rsakey); 8318334Speter return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG); 8418334Speter break; 8518334Speter } 8618334Speter 8718334Speter if (initFlags == TSS_KEY_EMPTY_KEY) 8818334Speter goto add_key; 8918334Speter 9018334Speter memset(&rsaKeyParms, 0, sizeof(TCPA_RSA_KEY_PARMS)); 9118334Speter 9218334Speter rsakey->key.algorithmParms.algorithmID = TCPA_ALG_RSA; 9318334Speter rsakey->key.algorithmParms.parmSize = sizeof(TCPA_RSA_KEY_PARMS); 9418334Speter 9518334Speter rsakey->key.algorithmParms.parms = calloc(1, sizeof(TCPA_RSA_KEY_PARMS)); 9618334Speter if (rsakey->key.algorithmParms.parms == NULL) { 9718334Speter LogError("calloc of %u bytes failed.", rsakey->key.algorithmParms.parmSize); 9818334Speter free(rsakey); 9918334Speter return TSPERR(TSS_E_OUTOFMEMORY); 10018334Speter } 10118334Speter rsaKeyParms.exponentSize = 0; 10218334Speter rsaKeyParms.numPrimes = 2; 10318334Speter 10418334Speter rsakey->key.pubKey.keyLength = 0; 10518334Speter rsakey->key.encSize = 0; 10618334Speter rsakey->key.PCRInfoSize = 0; 10718334Speter 10818334Speter /* End of all the default stuff */ 10918334Speter 11018334Speter if (initFlags & TSS_KEY_VOLATILE) 11118334Speter rsakey->key.keyFlags |= TPM_VOLATILE; 11218334Speter if (initFlags & TSS_KEY_MIGRATABLE) 11318334Speter rsakey->key.keyFlags |= TPM_MIGRATABLE; 11418334Speter if (initFlags & TSS_KEY_AUTHORIZATION) { 11518334Speter rsakey->key.authDataUsage = TPM_AUTH_ALWAYS; 11618334Speter flags |= TSS_OBJ_FLAG_USAGEAUTH; 11718334Speter } 11818334Speter 11918334Speter#ifdef TSS_BUILD_CMK 12018334Speter if (initFlags & TSS_KEY_CERTIFIED_MIGRATABLE) { 12118334Speter if (rsakey->type == TSS_KEY_STRUCT_KEY) { 12218334Speter free(rsakey); 12318334Speter return TSPERR(TSS_E_BAD_PARAMETER); 12418334Speter } 12518334Speter rsakey->key.keyFlags |= TPM_MIGRATEAUTHORITY; 12618334Speter } 12718334Speter#endif 12818334Speter 12918334Speter /* set the key length */ 13018334Speter if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_512) { 13118334Speter rsaKeyParms.keyLength = 512; 13218334Speter } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_1024) { 13318334Speter rsaKeyParms.keyLength = 1024; 13418334Speter } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_2048) { 13518334Speter rsaKeyParms.keyLength = 2048; 13618334Speter } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_4096) { 13718334Speter rsaKeyParms.keyLength = 4096; 13818334Speter } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_8192) { 13918334Speter rsaKeyParms.keyLength = 8192; 14018334Speter } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_16384) { 14118334Speter rsaKeyParms.keyLength = 16384; 14218334Speter } 14318334Speter 14418334Speter /* assign encryption and signature schemes */ 14518334Speter if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_SIGNING) { 14618334Speter rsakey->key.keyUsage = TPM_KEY_SIGNING; 14718334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_NONE; 14818334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1; 14918334Speter } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_BIND) { 15018334Speter rsakey->key.keyUsage = TPM_KEY_BIND; 15118334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1; 15218334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE; 15318334Speter } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_LEGACY) { 15418334Speter rsakey->key.keyUsage = TPM_KEY_LEGACY; 15518334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1; 15618334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1; 15718334Speter } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_STORAGE) { 15818334Speter rsakey->key.keyUsage = TPM_KEY_STORAGE; 15918334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1; 16018334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE; 16118334Speter } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_IDENTITY) { 16218334Speter rsakey->key.keyUsage = TPM_KEY_IDENTITY; 16318334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_NONE; 16418334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1; 16518334Speter } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_AUTHCHANGE) { 16618334Speter rsakey->key.keyUsage = TPM_KEY_AUTHCHANGE; 16718334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1; 16818334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE; 16918334Speter } 17018334Speter 17118334Speter /* Load the RSA key parms into the blob in the TCPA_KEY_PARMS pointer. 17218334Speter * If the exponent is left NULL, the parmSize variable will change 17318334Speter * here */ 17418334Speter offset = 0; 17518334Speter Trspi_LoadBlob_RSA_KEY_PARMS(&offset, rsakey->key.algorithmParms.parms, &rsaKeyParms); 17618334Speter rsakey->key.algorithmParms.parmSize = offset; 17718334Speter 17818334Speteradd_key: 17918334Speter if ((result = obj_list_add(&rsakey_list, tspContext, flags, rsakey, phObject))) { 18018334Speter free(rsakey->key.algorithmParms.parms); 18118334Speter free(rsakey); 18218334Speter return result; 18318334Speter } 18418334Speter 18518334Speter return TSS_SUCCESS; 18618334Speter} 18718334Speter 18818334Speter/* Add a new rsakey to the list when its pulled from user PS */ 18918334SpeterTSS_RESULT 19018334Speterobj_rsakey_add_by_key(TSS_HCONTEXT tspContext, TSS_UUID *uuid, BYTE *key, TSS_FLAG flags, 19118334Speter TSS_HKEY *phKey) 19218334Speter{ 19318334Speter TSS_RESULT result; 19418334Speter UINT64 offset; 19518334Speter struct tr_rsakey_obj *rsakey = calloc(1, sizeof(struct tr_rsakey_obj)); 19618334Speter 19718334Speter if (rsakey == NULL) { 19818334Speter LogError("malloc of %zd bytes failed.", sizeof(struct tr_rsakey_obj)); 19918334Speter return TSPERR(TSS_E_OUTOFMEMORY); 20018334Speter } 20118334Speter 20218334Speter memcpy(&rsakey->uuid, uuid, sizeof(TSS_UUID)); 20318334Speter 20418334Speter offset = 0; 20518334Speter if ((result = UnloadBlob_TSS_KEY(&offset, key, &rsakey->key))) { 20618334Speter free(rsakey); 20718334Speter return result; 20818334Speter } 20918334Speter if (rsakey->key.hdr.key12.tag == TPM_TAG_KEY12) 21018334Speter rsakey->type = TSS_KEY_STRUCT_KEY12; 21118334Speter else 21218334Speter rsakey->type = TSS_KEY_STRUCT_KEY; 21318334Speter 21418334Speter flags |= TSS_OBJ_FLAG_KEY_SET; 21518334Speter if (rsakey->key.authDataUsage) 21618334Speter flags |= TSS_OBJ_FLAG_USAGEAUTH; 21718334Speter 21818334Speter if ((result = obj_context_get_policy(tspContext, TSS_POLICY_USAGE, &rsakey->usagePolicy))) { 21918334Speter free(rsakey); 22018334Speter return result; 22118334Speter } 22218334Speter 22318334Speter if ((result = obj_list_add(&rsakey_list, tspContext, flags, rsakey, phKey))) { 22418334Speter free_key_refs(&rsakey->key); 22518334Speter free(rsakey); 22618334Speter return result; 22718334Speter } 22818334Speter 22918334Speter return TSS_SUCCESS; 23018334Speter} 23118334Speter 23218334SpeterTSS_BOOL 23318334Speterobj_is_rsakey(TSS_HOBJECT hObject) 23418334Speter{ 23518334Speter TSS_BOOL answer = FALSE; 23618334Speter 23718334Speter if ((obj_list_get_obj(&rsakey_list, hObject))) { 23818334Speter answer = TRUE; 23918334Speter obj_list_put(&rsakey_list); 24018334Speter } 24118334Speter 24218334Speter return answer; 24318334Speter} 24418334Speter 24518334SpeterTSS_RESULT 24618334Speterobj_rsakey_set_flags(TSS_HKEY hKey, UINT32 flags) 24718334Speter{ 24818334Speter struct tsp_object *obj; 24918334Speter struct tr_rsakey_obj *rsakey; 25018334Speter TSS_RESULT result = TSS_SUCCESS; 25118334Speter 25218334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 25318334Speter return TSPERR(TSS_E_INVALID_HANDLE); 25418334Speter 25518334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 25618334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 25718334Speter goto done; 25818334Speter } 25918334Speter 26018334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 26118334Speter rsakey->key.keyFlags = flags; 26218334Speterdone: 26318334Speter obj_list_put(&rsakey_list); 26418334Speter 26518334Speter return result; 26618334Speter} 26718334Speter 26818334SpeterTSS_RESULT 26918334Speterobj_rsakey_set_size(TSS_HKEY hKey, UINT32 len) 27018334Speter{ 27118334Speter struct tsp_object *obj; 27218334Speter struct tr_rsakey_obj *rsakey; 27318334Speter TSS_RESULT result = TSS_SUCCESS; 27418334Speter 27518334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 27618334Speter return TSPERR(TSS_E_INVALID_HANDLE); 27718334Speter 27818334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 27918334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 28018334Speter goto done; 28118334Speter } 28218334Speter 28318334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 28418334Speter rsakey->key.pubKey.keyLength = len/8; 28518334Speterdone: 28618334Speter obj_list_put(&rsakey_list); 28718334Speter 28818334Speter return result; 28918334Speter} 29018334Speter 29118334SpeterTSS_RESULT 29218334Speterobj_rsakey_set_key_parms(TSS_HKEY hKey, TCPA_KEY_PARMS *parms) 29318334Speter{ 29418334Speter struct tsp_object *obj; 29518334Speter struct tr_rsakey_obj *rsakey; 29618334Speter TSS_RESULT result = TSS_SUCCESS; 29718334Speter 29818334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 29918334Speter return TSPERR(TSS_E_INVALID_HANDLE); 30018334Speter 30118334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 30218334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 30318334Speter goto done; 30418334Speter } 30518334Speter 30618334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 30718334Speter 30818334Speter free(rsakey->key.algorithmParms.parms); 30918334Speter 31018334Speter memcpy(&rsakey->key.algorithmParms, parms, sizeof(TCPA_KEY_PARMS)); 31118334Speter 31218334Speter if (parms->parmSize > 0) { 31318334Speter if ((rsakey->key.algorithmParms.parms = 31418334Speter malloc(parms->parmSize)) == NULL) { 31518334Speter LogError("calloc of %d bytes failed.", parms->parmSize); 31618334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 31718334Speter goto done; 31818334Speter } 31918334Speter 32018334Speter memcpy(rsakey->key.algorithmParms.parms, parms->parms, 32118334Speter parms->parmSize); 32218334Speter } else { 32318334Speter rsakey->key.algorithmParms.parms = NULL; 32418334Speter } 32518334Speter 32618334Speterdone: 32718334Speter obj_list_put(&rsakey_list); 32818334Speter 32918334Speter return result; 33018334Speter} 33118334Speter 33218334SpeterTSS_RESULT 33318334Speterobj_rsakey_set_policy(TSS_HKEY hKey, TSS_HPOLICY hPolicy) 33418334Speter{ 33518334Speter struct tsp_object *obj; 33618334Speter struct tr_rsakey_obj *rsakey; 33718334Speter UINT32 policyType; 33818334Speter TSS_RESULT result = TSS_SUCCESS; 33918334Speter 34018334Speter if ((result = obj_policy_get_type(hPolicy, &policyType))) 34118334Speter return result; 34218334Speter 34318334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 34418334Speter return TSPERR(TSS_E_INVALID_HANDLE); 34518334Speter 34618334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 34718334Speter 34818334Speter switch (policyType) { 34918334Speter case TSS_POLICY_USAGE: 35018334Speter rsakey->usagePolicy = hPolicy; 35118334Speter break; 35218334Speter case TSS_POLICY_MIGRATION: 35318334Speter rsakey->migPolicy = hPolicy; 35418334Speter break; 35518334Speter default: 35618334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 35718334Speter } 35818334Speter 35918334Speter obj_list_put(&rsakey_list); 36018334Speter 36118334Speter return result; 36218334Speter} 36318334Speter 36418334SpeterTSS_RESULT 36518334Speterobj_rsakey_set_pstype(TSS_HKEY hKey, UINT32 type) 36618334Speter{ 36718334Speter struct tsp_object *obj; 36818334Speter 36918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 37018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 37118334Speter 37218334Speter switch (type) { 37318334Speter case TSS_PS_TYPE_USER: 37418334Speter obj->flags |= TSS_OBJ_FLAG_USER_PS; 37518334Speter obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS; 37618334Speter break; 37718334Speter case TSS_PS_TYPE_SYSTEM: 37818334Speter obj->flags |= TSS_OBJ_FLAG_SYSTEM_PS; 37918334Speter obj->flags &= ~TSS_OBJ_FLAG_USER_PS; 38018334Speter break; 38118334Speter case TSS_PS_TYPE_NO: 38218334Speter default: 38318334Speter obj->flags &= ~TSS_OBJ_FLAG_USER_PS; 38418334Speter obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS; 38518334Speter break; 38618334Speter } 38718334Speter 38818334Speter obj_list_put(&rsakey_list); 38918334Speter 39018334Speter return TSS_SUCCESS; 39118334Speter} 39218334Speter 39318334Speter/* WARN: Nobody should call this function directly except for the 39418334Speter * Get/Set Attrib functions. The TCPA_KEY structure wants values 39518334Speter * for keyUsage to be TPM_KEY_* values, and this function translates 39618334Speter * to TSS_KEYUSAGE_* values for passing to an app. */ 39718334SpeterTSS_RESULT 39818334Speterobj_rsakey_get_usage(TSS_HKEY hKey, UINT32 *usage) 39918334Speter{ 40018334Speter TSS_RESULT result = TSS_SUCCESS; 40118334Speter struct tsp_object *obj; 40218334Speter struct tr_rsakey_obj *rsakey; 40318334Speter 40418334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 40518334Speter return TSPERR(TSS_E_INVALID_HANDLE); 40618334Speter 40718334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 40818334Speter 40918334Speter switch (rsakey->key.keyUsage) { 41018334Speter case TPM_KEY_SIGNING: 41118334Speter *usage = TSS_KEYUSAGE_SIGN; 41218334Speter break; 41318334Speter case TPM_KEY_BIND: 41418334Speter *usage = TSS_KEYUSAGE_BIND; 41518334Speter break; 41618334Speter case TPM_KEY_LEGACY: 41718334Speter *usage = TSS_KEYUSAGE_LEGACY; 41818334Speter break; 41918334Speter case TPM_KEY_AUTHCHANGE: 42018334Speter *usage = TSS_KEYUSAGE_AUTHCHANGE; 42118334Speter break; 42218334Speter case TPM_KEY_IDENTITY: 42318334Speter *usage = TSS_KEYUSAGE_IDENTITY; 42418334Speter break; 42518334Speter case TPM_KEY_STORAGE: 42618334Speter *usage = TSS_KEYUSAGE_STORAGE; 42718334Speter break; 42818334Speter default: 42918334Speter result = TSPERR(TSS_E_INVALID_ATTRIB_DATA); 43018334Speter break; 43118334Speter } 43218334Speter 43318334Speter obj_list_put(&rsakey_list); 43418334Speter 43518334Speter return result; 43618334Speter} 43718334Speter 43818334Speter/* WARN: Nobody should call this function directly except for the 43918334Speter * Get/Set Attrib functions. The TCPA_KEY structure wants values 44018334Speter * for keyUsage to be TPM_KEY_* values, and this function translates 44118334Speter * to TSS_KEYUSAGE_* values for passing to an app. */ 44218334SpeterTSS_RESULT 44318334Speterobj_rsakey_set_usage(TSS_HKEY hKey, UINT32 usage) 44418334Speter{ 44518334Speter TSS_RESULT result = TSS_SUCCESS; 44618334Speter struct tsp_object *obj; 44718334Speter struct tr_rsakey_obj *rsakey; 44818334Speter 44918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 45018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 45118334Speter 45218334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 45318334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 45418334Speter goto done; 45518334Speter } 45618334Speter 45718334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 45818334Speter 45918334Speter switch (usage) { 46018334Speter case TSS_KEYUSAGE_SIGN: 46118334Speter rsakey->key.keyUsage = TPM_KEY_SIGNING; 46218334Speter break; 46318334Speter case TSS_KEYUSAGE_BIND: 46418334Speter rsakey->key.keyUsage = TPM_KEY_BIND; 46518334Speter break; 46618334Speter case TSS_KEYUSAGE_LEGACY: 46718334Speter rsakey->key.keyUsage = TPM_KEY_LEGACY; 46818334Speter break; 46918334Speter case TSS_KEYUSAGE_AUTHCHANGE: 47018334Speter rsakey->key.keyUsage = TPM_KEY_AUTHCHANGE; 47118334Speter break; 47218334Speter case TSS_KEYUSAGE_IDENTITY: 47318334Speter rsakey->key.keyUsage = TPM_KEY_IDENTITY; 47418334Speter break; 47518334Speter case TSS_KEYUSAGE_STORAGE: 47618334Speter rsakey->key.keyUsage = TPM_KEY_STORAGE; 47718334Speter break; 47818334Speter default: 47918334Speter result = TSPERR(TSS_E_INVALID_ATTRIB_DATA); 48018334Speter break; 48118334Speter } 48218334Speterdone: 48318334Speter obj_list_put(&rsakey_list); 48418334Speter 48518334Speter return result; 48618334Speter} 48718334Speter 48818334SpeterTSS_RESULT 48918334Speterobj_rsakey_set_migratable(TSS_HKEY hKey, UINT32 mig) 49018334Speter{ 49118334Speter struct tsp_object *obj; 49218334Speter struct tr_rsakey_obj *rsakey; 49318334Speter TSS_RESULT result = TSS_SUCCESS; 49418334Speter 49518334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 49618334Speter return TSPERR(TSS_E_INVALID_HANDLE); 49718334Speter 49818334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 49918334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 50018334Speter goto done; 50118334Speter } 50218334Speter 50318334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 50418334Speter if (mig) 50518334Speter rsakey->key.keyFlags |= TPM_MIGRATABLE; 50618334Speter else 50718334Speter rsakey->key.keyFlags &= (~TPM_MIGRATABLE); 50818334Speterdone: 50918334Speter obj_list_put(&rsakey_list); 51018334Speter 51118334Speter return result; 51218334Speter} 51318334Speter 51418334SpeterTSS_RESULT 51518334Speterobj_rsakey_set_redirected(TSS_HKEY hKey, UINT32 redir) 51618334Speter{ 51718334Speter struct tsp_object *obj; 51818334Speter struct tr_rsakey_obj *rsakey; 51918334Speter TSS_RESULT result = TSS_SUCCESS; 52018334Speter 52118334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 52218334Speter return TSPERR(TSS_E_INVALID_HANDLE); 52318334Speter 52418334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 52518334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 52618334Speter goto done; 52718334Speter } 52818334Speter 52918334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 53018334Speter if (redir) 53118334Speter rsakey->key.keyFlags |= TPM_REDIRECTION; 53218334Speter else 53318334Speter rsakey->key.keyFlags &= (~TPM_REDIRECTION); 53418334Speterdone: 53518334Speter obj_list_put(&rsakey_list); 53618334Speter 53718334Speter return result; 53818334Speter} 53918334Speter 54018334SpeterTSS_RESULT 54118334Speterobj_rsakey_set_volatile(TSS_HKEY hKey, UINT32 vol) 54218334Speter{ 54318334Speter struct tsp_object *obj; 54418334Speter struct tr_rsakey_obj *rsakey; 54518334Speter TSS_RESULT result = TSS_SUCCESS; 54618334Speter 54718334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 54818334Speter return TSPERR(TSS_E_INVALID_HANDLE); 54918334Speter 55018334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 55118334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 55218334Speter goto done; 55318334Speter } 55418334Speter 55518334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 55618334Speter if (vol) 55718334Speter rsakey->key.keyFlags |= TPM_VOLATILE; 55818334Speter else 55918334Speter rsakey->key.keyFlags &= (~TPM_VOLATILE); 56018334Speterdone: 56118334Speter obj_list_put(&rsakey_list); 56218334Speter 56318334Speter return result; 56418334Speter} 56518334Speter 56618334SpeterTSS_RESULT 56718334Speterobj_rsakey_get_authdata_usage(TSS_HKEY hKey, UINT32 *usage) 56818334Speter{ 56918334Speter struct tsp_object *obj; 57018334Speter struct tr_rsakey_obj *rsakey; 57118334Speter 57218334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 57318334Speter return TSPERR(TSS_E_INVALID_HANDLE); 57418334Speter 57518334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 57618334Speter *usage = (UINT32)rsakey->key.authDataUsage ? TRUE : FALSE; 57718334Speter 57818334Speter obj_list_put(&rsakey_list); 57918334Speter 58018334Speter return TSS_SUCCESS; 58118334Speter} 58218334Speter 58318334SpeterTSS_RESULT 58418334Speterobj_rsakey_set_authdata_usage(TSS_HKEY hKey, UINT32 usage) 58518334Speter{ 58618334Speter struct tsp_object *obj; 58718334Speter struct tr_rsakey_obj *rsakey; 58818334Speter TSS_RESULT result = TSS_SUCCESS; 58918334Speter 59018334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 59118334Speter return TSPERR(TSS_E_INVALID_HANDLE); 59218334Speter 59318334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 59418334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 59518334Speter goto done; 59618334Speter } 59718334Speter 59818334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 59918334Speter 60018334Speter rsakey->key.authDataUsage = (BYTE)usage; 60118334Speter if (usage) 60218334Speter obj->flags |= TSS_OBJ_FLAG_USAGEAUTH; 60318334Speter else 60418334Speter obj->flags &= ~TSS_OBJ_FLAG_USAGEAUTH; 60518334Speterdone: 60618334Speter obj_list_put(&rsakey_list); 60718334Speter 60818334Speter return result; 60918334Speter} 61018334Speter 61118334SpeterTSS_RESULT 61218334Speterobj_rsakey_get_alg(TSS_HKEY hKey, UINT32 *alg) 61318334Speter{ 61418334Speter struct tsp_object *obj; 61518334Speter struct tr_rsakey_obj *rsakey; 61618334Speter 61718334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 61818334Speter return TSPERR(TSS_E_INVALID_HANDLE); 61918334Speter 62018334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 62118334Speter 62218334Speter switch (rsakey->key.algorithmParms.algorithmID) { 62318334Speter case TCPA_ALG_RSA: 62418334Speter *alg = TSS_ALG_RSA; 62518334Speter break; 62618334Speter default: 62718334Speter *alg = rsakey->key.algorithmParms.algorithmID; 62818334Speter break; 62918334Speter } 63018334Speter 63118334Speter obj_list_put(&rsakey_list); 63218334Speter 63318334Speter return TSS_SUCCESS; 63418334Speter} 63518334Speter 63618334SpeterTSS_RESULT 63718334Speterobj_rsakey_set_alg(TSS_HKEY hKey, UINT32 alg) 63818334Speter{ 63918334Speter struct tsp_object *obj; 64018334Speter struct tr_rsakey_obj *rsakey; 64118334Speter TSS_RESULT result = TSS_SUCCESS; 64218334Speter 64318334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 64418334Speter return TSPERR(TSS_E_INVALID_HANDLE); 64518334Speter 64618334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 64718334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 64818334Speter goto done; 64918334Speter } 65018334Speter 65118334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 65218334Speter switch (alg) { 65318334Speter case TSS_ALG_RSA: 65418334Speter rsakey->key.algorithmParms.algorithmID = TCPA_ALG_RSA; 65518334Speter break; 65618334Speter default: 65718334Speter rsakey->key.algorithmParms.algorithmID = alg; 65818334Speter break; 65918334Speter } 66018334Speterdone: 66118334Speter obj_list_put(&rsakey_list); 66218334Speter 66318334Speter return result; 66418334Speter} 66518334Speter 66618334SpeterTSS_RESULT 66718334Speterobj_rsakey_get_es(TSS_HKEY hKey, UINT32 *es) 66818334Speter{ 66918334Speter struct tsp_object *obj; 67018334Speter struct tr_rsakey_obj *rsakey; 67118334Speter 67218334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 67318334Speter return TSPERR(TSS_E_INVALID_HANDLE); 67418334Speter 67518334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 67618334Speter 67718334Speter /* translate TPM numbers to TSS numbers */ 67818334Speter switch (rsakey->key.algorithmParms.encScheme) { 67918334Speter case TCPA_ES_NONE: 68018334Speter *es = TSS_ES_NONE; 68118334Speter break; 68218334Speter case TCPA_ES_RSAESPKCSv15: 68318334Speter *es = TSS_ES_RSAESPKCSV15; 68418334Speter break; 68518334Speter case TCPA_ES_RSAESOAEP_SHA1_MGF1: 68618334Speter *es = TSS_ES_RSAESOAEP_SHA1_MGF1; 68718334Speter break; 68818334Speter default: 68918334Speter *es = rsakey->key.algorithmParms.encScheme; 69018334Speter break; 69118334Speter } 69218334Speter 69318334Speter obj_list_put(&rsakey_list); 69418334Speter 69518334Speter return TSS_SUCCESS; 69618334Speter} 69718334Speter 69818334SpeterTSS_RESULT 69918334Speterobj_rsakey_set_es(TSS_HKEY hKey, UINT32 es) 70018334Speter{ 70118334Speter struct tsp_object *obj; 70218334Speter struct tr_rsakey_obj *rsakey; 70318334Speter TSS_RESULT result = TSS_SUCCESS; 70418334Speter 70518334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 70618334Speter return TSPERR(TSS_E_INVALID_HANDLE); 70718334Speter 70818334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 70918334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 71018334Speter goto done; 71118334Speter } 71218334Speter 71318334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 71418334Speter 71518334Speter /* translate TSS numbers to TPM numbers */ 71618334Speter switch (es) { 71718334Speter case TSS_ES_NONE: 71818334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_NONE; 71918334Speter break; 72018334Speter case TSS_ES_RSAESPKCSV15: 72118334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESPKCSv15; 72218334Speter break; 72318334Speter case TSS_ES_RSAESOAEP_SHA1_MGF1: 72418334Speter rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1; 72518334Speter break; 72618334Speter default: 72718334Speter rsakey->key.algorithmParms.encScheme = es; 72818334Speter break; 72918334Speter } 73018334Speterdone: 73118334Speter obj_list_put(&rsakey_list); 73218334Speter 73318334Speter return result; 73418334Speter} 73518334Speter 73618334SpeterTSS_RESULT 73718334Speterobj_rsakey_get_ss(TSS_HKEY hKey, UINT32 *ss) 73818334Speter{ 73918334Speter struct tsp_object *obj; 74018334Speter struct tr_rsakey_obj *rsakey; 74118334Speter 74218334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 74318334Speter return TSPERR(TSS_E_INVALID_HANDLE); 74418334Speter 74518334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 74618334Speter 74718334Speter /* translate TPM numbers to TSS numbers */ 74818334Speter switch (rsakey->key.algorithmParms.sigScheme) { 74918334Speter case TCPA_SS_NONE: 75018334Speter *ss = TSS_SS_NONE; 75118334Speter break; 75218334Speter case TCPA_SS_RSASSAPKCS1v15_SHA1: 75318334Speter *ss = TSS_SS_RSASSAPKCS1V15_SHA1; 75418334Speter break; 75518334Speter case TCPA_SS_RSASSAPKCS1v15_DER: 75618334Speter *ss = TSS_SS_RSASSAPKCS1V15_DER; 75718334Speter break; 75818334Speter case TCPA_SS_RSASSAPKCS1v15_INFO: 75918334Speter *ss = TSS_SS_RSASSAPKCS1V15_INFO; 76018334Speter break; 76118334Speter default: 76218334Speter *ss = rsakey->key.algorithmParms.sigScheme; 76318334Speter break; 76418334Speter } 76518334Speter 76618334Speter 76718334Speter obj_list_put(&rsakey_list); 76818334Speter 76918334Speter return TSS_SUCCESS; 77018334Speter} 77118334Speter 77218334SpeterTSS_RESULT 77318334Speterobj_rsakey_set_ss(TSS_HKEY hKey, UINT32 ss) 77418334Speter{ 77518334Speter struct tsp_object *obj; 77618334Speter struct tr_rsakey_obj *rsakey; 77718334Speter TSS_RESULT result = TSS_SUCCESS; 77818334Speter 77918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 78018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 78118334Speter 78218334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 78318334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 78418334Speter goto done; 78518334Speter } 78618334Speter 78718334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 78818334Speter 78918334Speter /* translate TSS numbers to TPM numbers */ 79018334Speter switch (ss) { 79118334Speter case TSS_SS_NONE: 79218334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE; 79318334Speter break; 79418334Speter case TSS_SS_RSASSAPKCS1V15_SHA1: 79518334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1; 79618334Speter break; 79718334Speter case TSS_SS_RSASSAPKCS1V15_DER: 79818334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_DER; 79918334Speter break; 80018334Speter case TSS_SS_RSASSAPKCS1V15_INFO: 80118334Speter rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_INFO; 80218334Speter break; 80318334Speter default: 80418334Speter rsakey->key.algorithmParms.sigScheme = ss; 80518334Speter break; 80618334Speter } 80718334Speterdone: 80818334Speter obj_list_put(&rsakey_list); 80918334Speter 81018334Speter return result; 81118334Speter} 81218334Speter 81318334SpeterTSS_RESULT 81418334Speterobj_rsakey_set_num_primes(TSS_HKEY hKey, UINT32 num) 81518334Speter{ 81618334Speter struct tsp_object *obj; 81718334Speter struct tr_rsakey_obj *rsakey; 81818334Speter TSS_RESULT result = TSS_SUCCESS; 81918334Speter 82018334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 82118334Speter return TSPERR(TSS_E_INVALID_HANDLE); 82218334Speter 82318334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 82418334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 82518334Speter goto done; 82618334Speter } 82718334Speter 82818334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 82918334Speter UINT32ToArray(num, &rsakey->key.algorithmParms.parms[4]); 83018334Speterdone: 83118334Speter obj_list_put(&rsakey_list); 83218334Speter 83318334Speter return result; 83418334Speter} 83518334Speter 83618334SpeterTSS_RESULT 83718334Speterobj_rsakey_get_num_primes(TSS_HKEY hKey, UINT32 *num) 83818334Speter{ 83918334Speter struct tsp_object *obj; 84018334Speter struct tr_rsakey_obj *rsakey; 84118334Speter TCPA_RSA_KEY_PARMS *parms; 84218334Speter 84318334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 84418334Speter return TSPERR(TSS_E_INVALID_HANDLE); 84518334Speter 84618334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 84718334Speter parms = (TCPA_RSA_KEY_PARMS *)rsakey->key.algorithmParms.parms; 84818334Speter *num = endian32(parms->numPrimes); 84918334Speter 85018334Speter obj_list_put(&rsakey_list); 85118334Speter 85218334Speter return TSS_SUCCESS; 85318334Speter} 85418334Speter 85518334SpeterTSS_RESULT 85618334Speterobj_rsakey_get_flags(TSS_HKEY hKey, UINT32 *flags) 85718334Speter{ 85818334Speter struct tsp_object *obj; 85918334Speter struct tr_rsakey_obj *rsakey; 86018334Speter 86118334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 86218334Speter return TSPERR(TSS_E_INVALID_HANDLE); 86318334Speter 86418334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 86518334Speter *flags = rsakey->key.keyFlags; 86618334Speter 86718334Speter obj_list_put(&rsakey_list); 86818334Speter 86918334Speter return TSS_SUCCESS; 87018334Speter} 87118334Speter 87218334SpeterTSS_RESULT 87318334Speterobj_rsakey_get_size(TSS_HKEY hKey, UINT32 *len) 87418334Speter{ 87518334Speter struct tsp_object *obj; 87618334Speter struct tr_rsakey_obj *rsakey; 87718334Speter 87818334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 87918334Speter return TSPERR(TSS_E_INVALID_HANDLE); 88018334Speter 88118334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 88218334Speter 88318334Speter switch (rsakey->key.pubKey.keyLength) { 88418334Speter case 512/8: 88518334Speter *len = TSS_KEY_SIZEVAL_512BIT; 88618334Speter break; 88718334Speter case 1024/8: 88818334Speter *len = TSS_KEY_SIZEVAL_1024BIT; 88918334Speter break; 89018334Speter case 2048/8: 89118334Speter *len = TSS_KEY_SIZEVAL_2048BIT; 89218334Speter break; 89318334Speter default: 89418334Speter *len = rsakey->key.pubKey.keyLength * 8; 89518334Speter break; 89618334Speter } 89718334Speter 89818334Speter obj_list_put(&rsakey_list); 89918334Speter 90018334Speter return TSS_SUCCESS; 90118334Speter} 90218334Speter 90318334SpeterTSS_RESULT 90418334Speterobj_rsakey_get_pstype(TSS_HKEY hKey, UINT32 *type) 90518334Speter{ 90618334Speter struct tsp_object *obj; 90718334Speter 90818334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 90918334Speter return TSPERR(TSS_E_INVALID_HANDLE); 91018334Speter 91118334Speter if (obj->flags & TSS_OBJ_FLAG_SYSTEM_PS) 91218334Speter *type = TSS_PS_TYPE_SYSTEM; 91318334Speter else if (obj->flags & TSS_OBJ_FLAG_USER_PS) 91418334Speter *type = TSS_PS_TYPE_USER; 91518334Speter else 91618334Speter *type = TSS_PS_TYPE_NO; 91718334Speter 91818334Speter obj_list_put(&rsakey_list); 91918334Speter 92018334Speter return TSS_SUCCESS; 92118334Speter} 92218334Speter 92318334SpeterTSS_BOOL 92418334Speterobj_rsakey_is_migratable(TSS_HKEY hKey) 92518334Speter{ 92618334Speter struct tsp_object *obj; 92718334Speter struct tr_rsakey_obj *rsakey; 92818334Speter TSS_BOOL answer = FALSE; 92918334Speter 93018334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 93118334Speter return answer; 93218334Speter 93318334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 93418334Speter if (rsakey->key.keyFlags & TPM_MIGRATABLE) 93518334Speter answer = TRUE; 93618334Speter 93718334Speter obj_list_put(&rsakey_list); 93818334Speter 93918334Speter return answer; 94018334Speter} 94118334Speter 94218334SpeterTSS_BOOL 94318334Speterobj_rsakey_is_redirected(TSS_HKEY hKey) 94418334Speter{ 94518334Speter struct tsp_object *obj; 94618334Speter struct tr_rsakey_obj *rsakey; 94718334Speter TSS_BOOL answer = FALSE; 94818334Speter 94918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 95018334Speter return answer; 95118334Speter 95218334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 95318334Speter if (rsakey->key.keyFlags & TPM_REDIRECTION) 95418334Speter answer = TRUE; 95518334Speter 95618334Speter obj_list_put(&rsakey_list); 95718334Speter 95818334Speter return answer; 95918334Speter} 96018334Speter 96118334SpeterTSS_BOOL 96218334Speterobj_rsakey_is_volatile(TSS_HKEY hKey) 96318334Speter{ 96418334Speter struct tsp_object *obj; 96518334Speter struct tr_rsakey_obj *rsakey; 96618334Speter TSS_BOOL answer = FALSE; 96718334Speter 96818334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 96918334Speter return answer; 97018334Speter 97118334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 97218334Speter if (rsakey->key.keyFlags & TPM_VOLATILE) 97318334Speter answer = TRUE; 97418334Speter 97518334Speter obj_list_put(&rsakey_list); 97618334Speter 97718334Speter return answer; 97818334Speter} 97918334Speter 98018334SpeterTSS_RESULT 98118334Speterobj_rsakey_get_tsp_context(TSS_HKEY hKey, TSS_HCONTEXT *tspContext) 98218334Speter{ 98318334Speter struct tsp_object *obj; 98418334Speter 98518334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 98618334Speter return TSPERR(TSS_E_INVALID_HANDLE); 98718334Speter 98818334Speter *tspContext = obj->tspContext; 98918334Speter 99018334Speter obj_list_put(&rsakey_list); 99118334Speter 99218334Speter return TSS_SUCCESS; 99318334Speter} 99418334Speter 99518334SpeterTSS_RESULT 99618334Speterobj_rsakey_get_policies(TSS_HKEY hKey, TSS_HPOLICY *usage, TSS_HPOLICY *mig, TSS_BOOL *auth) 99718334Speter{ 99818334Speter struct tsp_object *obj; 99918334Speter struct tr_rsakey_obj *rsakey; 100018334Speter 100118334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 100218334Speter return TSPERR(TSS_E_INVALID_HANDLE); 100318334Speter 100418334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 100518334Speter 100618334Speter *mig = rsakey->migPolicy; 100718334Speter *usage = rsakey->usagePolicy; 100818334Speter *auth = rsakey->key.authDataUsage ? TRUE : FALSE; 100918334Speter 101018334Speter obj_list_put(&rsakey_list); 101118334Speter 101218334Speter return TSS_SUCCESS; 101318334Speter} 101418334Speter 101518334SpeterTSS_RESULT 101618334Speterobj_rsakey_get_policy(TSS_HKEY hKey, UINT32 policyType, 101718334Speter TSS_HPOLICY *phPolicy, TSS_BOOL *auth) 101818334Speter{ 101918334Speter struct tsp_object *obj; 102018334Speter struct tr_rsakey_obj *rsakey; 102118334Speter TSS_RESULT result = TSS_SUCCESS; 102218334Speter 102318334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 102418334Speter return TSPERR(TSS_E_INVALID_HANDLE); 102518334Speter 102618334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 102718334Speter 102818334Speter switch (policyType) { 102918334Speter case TSS_POLICY_USAGE: 103018334Speter *phPolicy = rsakey->usagePolicy; 103118334Speter if (auth != NULL) { 103218334Speter if (obj->flags & TSS_OBJ_FLAG_USAGEAUTH) 103318334Speter *auth = TRUE; 103418334Speter else 103518334Speter *auth = FALSE; 103618334Speter } 103718334Speter break; 103818334Speter case TSS_POLICY_MIGRATION: 103918334Speter if (!rsakey->migPolicy) { 104018334Speter result = TSPERR(TSS_E_KEY_NO_MIGRATION_POLICY); 104118334Speter break; 104218334Speter } 104318334Speter 104418334Speter *phPolicy = rsakey->migPolicy; 104518334Speter if (auth != NULL) { 104618334Speter if (obj->flags & TSS_OBJ_FLAG_MIGAUTH) 104718334Speter *auth = TRUE; 104818334Speter else 104918334Speter *auth = FALSE; 105018334Speter } 105118334Speter break; 105218334Speter default: 105318334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 105418334Speter } 105518334Speter 105618334Speter obj_list_put(&rsakey_list); 105718334Speter 105818334Speter return result; 105918334Speter} 106018334Speter 106118334SpeterTSS_RESULT 106218334Speterobj_rsakey_get_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data) 106318334Speter{ 106418334Speter struct tsp_object *obj; 106518334Speter struct tr_rsakey_obj *rsakey; 106618334Speter TSS_RESULT result = TSS_SUCCESS; 106718334Speter UINT64 offset; 106818334Speter 106918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 107018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 107118334Speter 107218334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 107318334Speter 107418334Speter offset = 0; 107518334Speter LoadBlob_TSS_KEY(&offset, NULL, &rsakey->key); 107618334Speter 107718334Speter *data = calloc_tspi(obj->tspContext, offset); 107818334Speter if (*data == NULL) { 107918334Speter LogError("malloc of %" PRIu64 " bytes failed.", offset); 108018334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 108118334Speter goto done; 108218334Speter } 108318334Speter 108418334Speter offset = 0; 108518334Speter LoadBlob_TSS_KEY(&offset, *data, &rsakey->key); 108618334Speter *size = offset; 108718334Speter 108818334Speterdone: 108918334Speter obj_list_put(&rsakey_list); 109018334Speter 109118334Speter return result; 109218334Speter} 109318334Speter 109418334SpeterTSS_RESULT 109518334Speterobj_rsakey_get_priv_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data) 109618334Speter{ 109718334Speter struct tsp_object *obj; 109818334Speter struct tr_rsakey_obj *rsakey; 109918334Speter TSS_RESULT result = TSS_SUCCESS; 110018334Speter 110118334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 110218334Speter return TSPERR(TSS_E_INVALID_HANDLE); 110318334Speter 110418334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 110518334Speter 110618334Speter *data = calloc_tspi(obj->tspContext, rsakey->key.encSize); 110718334Speter if (*data == NULL) { 110818334Speter LogError("malloc of %u bytes failed.", rsakey->key.encSize); 110918334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 111018334Speter goto done; 111118334Speter } 111218334Speter *size = rsakey->key.encSize; 111318334Speter memcpy(*data, rsakey->key.encData, rsakey->key.encSize); 111418334Speter 111518334Speterdone: 111618334Speter obj_list_put(&rsakey_list); 111718334Speter 111818334Speter return result; 111918334Speter} 112018334Speter 112118334SpeterTSS_RESULT 112218334Speterobj_rsakey_get_modulus(TSS_HKEY hKey, UINT32 *size, BYTE **data) 112318334Speter{ 112418334Speter struct tsp_object *obj; 112518334Speter struct tr_rsakey_obj *rsakey; 112618334Speter TSS_RESULT result = TSS_SUCCESS; 112718334Speter 112818334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 112918334Speter return TSPERR(TSS_E_INVALID_HANDLE); 113018334Speter 113118334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 113218334Speter 113318334Speter /* if this key object represents the SRK and the public key 113418334Speter * data here is all 0's, then we shouldn't return it, we 113518334Speter * should return TSS_E_BAD_PARAMETER. This is part of protecting 113618334Speter * the SRK public key. */ 113718334Speter if (rsakey->tcsHandle == TPM_KEYHND_SRK) { 113818334Speter BYTE zeroBlob[2048] = { 0, }; 113918334Speter 114018334Speter if (!memcmp(rsakey->key.pubKey.key, zeroBlob, rsakey->key.pubKey.keyLength)) { 114118334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 114218334Speter goto done; 114318334Speter } 114418334Speter } 114518334Speter 114618334Speter *data = calloc_tspi(obj->tspContext, rsakey->key.pubKey.keyLength); 114718334Speter if (*data == NULL) { 114818334Speter LogError("malloc of %u bytes failed.", rsakey->key.pubKey.keyLength); 114918334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 115018334Speter goto done; 115118334Speter } 115218334Speter *size = rsakey->key.pubKey.keyLength; 115318334Speter memcpy(*data, rsakey->key.pubKey.key, rsakey->key.pubKey.keyLength); 115418334Speter 115518334Speterdone: 115618334Speter obj_list_put(&rsakey_list); 115718334Speter 115818334Speter return result; 115918334Speter} 116018334Speter 116118334SpeterTSS_RESULT 116218334Speterobj_rsakey_set_modulus(TSS_HKEY hKey, UINT32 size, BYTE *data) 116318334Speter{ 116418334Speter struct tsp_object *obj; 116518334Speter struct tr_rsakey_obj *rsakey; 116618334Speter TSS_RESULT result = TSS_SUCCESS; 116718334Speter BYTE *free_ptr; 116818334Speter 116918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 117018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 117118334Speter 117218334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 117318334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 117418334Speter goto done; 117518334Speter } 117618334Speter 117718334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 117818334Speter 117918334Speter free_ptr = rsakey->key.pubKey.key; 118018334Speter 118118334Speter rsakey->key.pubKey.key = malloc(size); 118218334Speter if (rsakey->key.pubKey.key == NULL) { 118318334Speter rsakey->key.pubKey.key = free_ptr; // restore 118418334Speter LogError("malloc of %u bytes failed.", size); 118518334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 118618334Speter goto done; 118718334Speter } 118818334Speter rsakey->key.pubKey.keyLength = size; 118918334Speter memcpy(rsakey->key.pubKey.key, data, size); 119018334Speter 119118334Speterdone: 119218334Speter obj_list_put(&rsakey_list); 119318334Speter 119418334Speter return result; 119518334Speter} 119618334Speter 119718334SpeterTSS_RESULT 119818334Speterobj_rsakey_get_pub_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data) 119918334Speter{ 120018334Speter struct tsp_object *obj; 120118334Speter struct tr_rsakey_obj *rsakey; 120218334Speter TSS_RESULT result = TSS_SUCCESS; 120318334Speter UINT64 offset; 120418334Speter 120518334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 120618334Speter return TSPERR(TSS_E_INVALID_HANDLE); 120718334Speter 120818334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 120918334Speter 121018334Speter /* if this key object represents the SRK and the public key 121118334Speter * data here is all 0's, then we shouldn't return it, we 121218334Speter * should return TSS_E_BAD_PARAMETER. This is part of protecting 121318334Speter * the SRK public key. */ 121418334Speter if (rsakey->tcsHandle == TPM_KEYHND_SRK) { 121518334Speter BYTE zeroBlob[2048] = { 0, }; 121618334Speter 121718334Speter if (!memcmp(rsakey->key.pubKey.key, zeroBlob, rsakey->key.pubKey.keyLength)) { 121818334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 121918334Speter goto done; 122018334Speter } 122118334Speter } 122218334Speter 122318334Speter offset = 0; 122418334Speter Trspi_LoadBlob_KEY_PARMS(&offset, NULL, &rsakey->key.algorithmParms); 122518334Speter Trspi_LoadBlob_STORE_PUBKEY(&offset, NULL, &rsakey->key.pubKey); 122618334Speter 122718334Speter *data = calloc_tspi(obj->tspContext, offset); 122818334Speter if (*data == NULL) { 122918334Speter LogError("malloc of %" PRIu64 " bytes failed.", offset); 123018334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 123118334Speter goto done; 123218334Speter } 123318334Speter 123418334Speter offset = 0; 123518334Speter Trspi_LoadBlob_KEY_PARMS(&offset, *data, &rsakey->key.algorithmParms); 123618334Speter Trspi_LoadBlob_STORE_PUBKEY(&offset, *data, &rsakey->key.pubKey); 123718334Speter *size = offset; 123818334Speter 123918334Speterdone: 124018334Speter obj_list_put(&rsakey_list); 124118334Speter 124218334Speter return result; 124318334Speter} 124418334Speter 124518334SpeterTSS_RESULT 124618334Speterobj_rsakey_get_version(TSS_HKEY hKey, UINT32 *size, BYTE **data) 124718334Speter{ 124818334Speter struct tsp_object *obj; 124918334Speter struct tr_rsakey_obj *rsakey; 125018334Speter TSS_RESULT result = TSS_SUCCESS; 125118334Speter UINT64 offset; 125218334Speter TPM_STRUCT_VER ver = {1, 2, 0, 0}, *pVer; 125318334Speter 125418334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 125518334Speter return TSPERR(TSS_E_INVALID_HANDLE); 125618334Speter 125718334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 125818334Speter 125918334Speter if (rsakey->key.hdr.key12.tag == TPM_TAG_KEY12) 126018334Speter pVer = &ver; 126118334Speter else 126218334Speter pVer = &rsakey->key.hdr.key11.ver; 126318334Speter 126418334Speter offset = 0; 126518334Speter Trspi_LoadBlob_TCPA_VERSION(&offset, NULL, *pVer); 126618334Speter 126718334Speter *data = calloc_tspi(obj->tspContext, offset); 126818334Speter if (*data == NULL) { 126918334Speter LogError("malloc of %" PRIu64 " bytes failed.", offset); 127018334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 127118334Speter goto done; 127218334Speter } 127318334Speter 127418334Speter offset = 0; 127518334Speter Trspi_LoadBlob_TCPA_VERSION(&offset, *data, *pVer); 127618334Speter *size = offset; 127718334Speter 127818334Speterdone: 127918334Speter obj_list_put(&rsakey_list); 128018334Speter 128118334Speter return result; 128218334Speter} 128318334Speter 128418334SpeterTSS_RESULT 128518334Speterobj_rsakey_get_exponent(TSS_HKEY hKey, UINT32 *size, BYTE **data) 128618334Speter{ 128718334Speter struct tsp_object *obj; 128818334Speter struct tr_rsakey_obj *rsakey; 128918334Speter TSS_RESULT result = TSS_SUCCESS; 129018334Speter TCPA_RSA_KEY_PARMS *parms; 129118334Speter BYTE default_exp[3] = { 0x1, 0x0, 0x1 }; 129218334Speter UINT32 offset; 129318334Speter 129418334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 129518334Speter return TSPERR(TSS_E_INVALID_HANDLE); 129618334Speter 129718334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 129818334Speter parms = (TCPA_RSA_KEY_PARMS *)rsakey->key.algorithmParms.parms; 129918334Speter offset = parms->exponentSize; 130018334Speter 130118334Speter /* see TPM 1.1b spec pg. 51. If exponentSize is 0, we're using the 130218334Speter * default exponent of 2^16 + 1. */ 130318334Speter if (offset == 0) { 130418334Speter offset = 3; 130518334Speter *data = calloc_tspi(obj->tspContext, offset); 130618334Speter if (*data == NULL) { 130718334Speter LogError("malloc of %u bytes failed.", offset); 130818334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 130918334Speter goto done; 131018334Speter } 131118334Speter *size = offset; 131218334Speter memcpy(*data, default_exp, offset); 131318334Speter } else { 131418334Speter *data = calloc_tspi(obj->tspContext, offset); 131518334Speter if (*data == NULL) { 131618334Speter LogError("malloc of %u bytes failed.", offset); 131718334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 131818334Speter goto done; 131918334Speter } 132018334Speter *size = offset; 132118334Speter memcpy(*data, parms->exponent, offset); 132218334Speter } 132318334Speter 132418334Speterdone: 132518334Speter obj_list_put(&rsakey_list); 132618334Speter 132718334Speter return result; 132818334Speter} 132918334Speter 133018334SpeterTSS_RESULT 133118334Speterobj_rsakey_set_exponent(TSS_HKEY hKey, UINT32 size, BYTE *data) 133218334Speter{ 133318334Speter struct tsp_object *obj; 133418334Speter struct tr_rsakey_obj *rsakey; 133518334Speter TSS_RESULT result = TSS_SUCCESS; 133618334Speter TCPA_RSA_KEY_PARMS *parms; 133718334Speter BYTE *free_ptr; 133818334Speter 133918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 134018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 134118334Speter 134218334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 134318334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 134418334Speter goto done; 134518334Speter } 134618334Speter 134718334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 134818334Speter parms = (TCPA_RSA_KEY_PARMS *)rsakey->key.algorithmParms.parms; 134918334Speter 135018334Speter free_ptr = parms->exponent; 135118334Speter 135218334Speter parms->exponent = malloc(size); 135318334Speter if (parms->exponent == NULL) { 135418334Speter parms->exponent = free_ptr; // restore 135518334Speter LogError("malloc of %u bytes failed.", size); 135618334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 135718334Speter goto done; 135818334Speter } 135918334Speter parms->exponentSize = size; 136018334Speter memcpy(parms->exponent, data, size); 136118334Speterdone: 136218334Speter obj_list_put(&rsakey_list); 136318334Speter 136418334Speter return result; 136518334Speter} 136618334Speter 136718334SpeterTSS_RESULT 136818334Speterobj_rsakey_get_uuid(TSS_HKEY hKey, UINT32 *size, BYTE **data) 136918334Speter{ 137018334Speter struct tsp_object *obj; 137118334Speter struct tr_rsakey_obj *rsakey; 137218334Speter TSS_RESULT result = TSS_SUCCESS; 137318334Speter UINT64 offset; 137418334Speter 137518334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 137618334Speter return TSPERR(TSS_E_INVALID_HANDLE); 137718334Speter 137818334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 137918334Speter 138018334Speter offset = 0; 138118334Speter Trspi_LoadBlob_UUID(&offset, NULL, rsakey->uuid); 138218334Speter 138318334Speter *data = calloc_tspi(obj->tspContext, offset); 138418334Speter if (*data == NULL) { 138518334Speter LogError("malloc of %" PRIu64 " bytes failed.", offset); 138618334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 138718334Speter goto done; 138818334Speter } 138918334Speter 139018334Speter offset = 0; 139118334Speter Trspi_LoadBlob_UUID(&offset, *data, rsakey->uuid); 139218334Speter *size = offset; 139318334Speter 139418334Speterdone: 139518334Speter obj_list_put(&rsakey_list); 139618334Speter 139718334Speter return result; 139818334Speter} 139918334Speter 140018334SpeterTSS_RESULT 140118334Speterobj_rsakey_set_uuid(TSS_HKEY hKey, TSS_FLAG ps_type, TSS_UUID *uuid) 140218334Speter{ 140318334Speter struct tsp_object *obj; 140418334Speter struct tr_rsakey_obj *rsakey; 140518334Speter 140618334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 140718334Speter return TSPERR(TSS_E_INVALID_HANDLE); 140818334Speter 140918334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 141018334Speter memcpy(&rsakey->uuid, uuid, sizeof(TSS_UUID)); 141118334Speter 141218334Speter switch (ps_type) { 141318334Speter case TSS_PS_TYPE_SYSTEM: 141418334Speter obj->flags |= TSS_OBJ_FLAG_SYSTEM_PS; 141518334Speter obj->flags &= ~TSS_OBJ_FLAG_USER_PS; 141618334Speter break; 141718334Speter case TSS_PS_TYPE_USER: 141818334Speter obj->flags |= TSS_OBJ_FLAG_USER_PS; 141918334Speter obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS; 142018334Speter break; 142118334Speter case TSS_PS_TYPE_NO: 142218334Speter default: 142318334Speter obj->flags &= ~TSS_OBJ_FLAG_USER_PS; 142418334Speter obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS; 142518334Speter break; 142618334Speter } 142718334Speter 142818334Speter obj_list_put(&rsakey_list); 142918334Speter 143018334Speter return TSS_SUCCESS; 143118334Speter} 143218334Speter 143318334SpeterTSS_RESULT 143418334Speterobj_rsakey_set_tcs_handle(TSS_HKEY hKey, TCS_KEY_HANDLE tcsHandle) 143518334Speter{ 143618334Speter struct tsp_object *obj; 143718334Speter struct tr_rsakey_obj *rsakey; 143818334Speter 143918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 144018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 144118334Speter 144218334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 144318334Speter rsakey->tcsHandle = tcsHandle; 144418334Speter 144518334Speter obj_list_put(&rsakey_list); 144618334Speter 144718334Speter return TSS_SUCCESS; 144818334Speter} 144918334Speter 145018334SpeterTSS_RESULT 145118334Speterobj_rsakey_get_tcs_handle(TSS_HKEY hKey, TCS_KEY_HANDLE *tcsHandle) 145218334Speter{ 145318334Speter struct tsp_object *obj; 145418334Speter struct tr_rsakey_obj *rsakey; 145518334Speter TSS_RESULT result = TSS_SUCCESS; 145618334Speter 145718334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 145818334Speter return TSPERR(TSS_E_INVALID_HANDLE); 145918334Speter 146018334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 146118334Speter if (rsakey->tcsHandle) 146218334Speter *tcsHandle = rsakey->tcsHandle; 146318334Speter else 146418334Speter result = TSPERR(TSS_E_KEY_NOT_LOADED); 146518334Speter 146618334Speter obj_list_put(&rsakey_list); 146718334Speter 146818334Speter return result; 146918334Speter} 147018334Speter 147118334SpeterTSS_RESULT 147218334Speterobj_rsakey_set_tcpakey(TSS_HKEY hKey, UINT32 size, BYTE *data) 147318334Speter{ 147418334Speter struct tsp_object *obj; 147518334Speter struct tr_rsakey_obj *rsakey; 147618334Speter UINT64 offset; 147718334Speter TSS_RESULT result = TSS_SUCCESS; 147818334Speter 147918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 148018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 148118334Speter 148218334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 148318334Speter 148418334Speter free_key_refs(&rsakey->key); 148518334Speter 148618334Speter offset = 0; 148718334Speter if ((result = UnloadBlob_TSS_KEY(&offset, data, &rsakey->key))) 148818334Speter goto done; 148918334Speter if (rsakey->key.hdr.key12.tag == TPM_TAG_KEY12) 149018334Speter rsakey->type = TSS_KEY_STRUCT_KEY12; 149118334Speter else 149218334Speter rsakey->type = TSS_KEY_STRUCT_KEY; 149318334Speter 149418334Speter if (rsakey->key.authDataUsage) 149518334Speter obj->flags |= TSS_OBJ_FLAG_USAGEAUTH; 149618334Speter else 149718334Speter obj->flags &= ~TSS_OBJ_FLAG_USAGEAUTH; 149818334Speter 149918334Speter if (rsakey->key.PCRInfoSize && rsakey->key.PCRInfo) { 150018334Speter offset = 0; 150118334Speter if (rsakey->type == TSS_KEY_STRUCT_KEY12) { 150218334Speter if ((result = Trspi_UnloadBlob_PCR_INFO_LONG(&offset, rsakey->key.PCRInfo, 150318334Speter &rsakey->pcrInfo.infolong))) 150418334Speter goto done; 150518334Speter } else { 150618334Speter if ((result = Trspi_UnloadBlob_PCR_INFO(&offset, rsakey->key.PCRInfo, 150718334Speter &rsakey->pcrInfo.info11))) 150818334Speter goto done; 150918334Speter } 151018334Speter } 151118334Speter 151218334Speter obj->flags |= TSS_OBJ_FLAG_KEY_SET; 151318334Speterdone: 151418334Speter obj_list_put(&rsakey_list); 151518334Speter 151618334Speter return result; 151718334Speter} 151818334Speter 151918334SpeterTSS_RESULT 152018334Speterobj_rsakey_get_pcr_digest(TSS_HKEY hKey, 152118334Speter TSS_FLAG pcrInfoType, 152218334Speter TSS_FLAG dir, 152318334Speter UINT32 *size, 152418334Speter BYTE **data) 152518334Speter{ 152618334Speter struct tsp_object *obj; 152718334Speter struct tr_rsakey_obj *rsakey; 152818334Speter TSS_RESULT result = TSS_SUCCESS; 152918334Speter TPM_DIGEST *digest = NULL; 153018334Speter UINT64 offset; 153118334Speter 153218334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 153318334Speter return TSPERR(TSS_E_INVALID_HANDLE); 153418334Speter 153518334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 153618334Speter 153718334Speter if (pcrInfoType != rsakey->pcrInfoType) { 153818334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 153918334Speter goto done; 154018334Speter } 154118334Speter 154218334Speter switch (pcrInfoType) { 154318334Speter case TSS_PCRS_STRUCT_INFO: 154418334Speter if (dir == TSS_TSPATTRIB_KEYPCR_DIGEST_ATCREATION) 154518334Speter digest = &rsakey->pcrInfo.info11.digestAtCreation; 154618334Speter else if (dir == TSS_TSPATTRIB_KEYPCR_DIGEST_ATRELEASE) 154718334Speter digest = &rsakey->pcrInfo.info11.digestAtRelease; 154818334Speter else { 154918334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 155018334Speter goto done; 155118334Speter } 155218334Speter break; 155318334Speter case TSS_PCRS_STRUCT_INFO_LONG: 155418334Speter if (dir == TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION) 155518334Speter digest = &rsakey->pcrInfo.infolong.digestAtCreation; 155618334Speter else if (dir == TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE) 155718334Speter digest = &rsakey->pcrInfo.infolong.digestAtRelease; 155818334Speter else { 155918334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 156018334Speter goto done; 156118334Speter } 156218334Speter break; 156318334Speter default: 156418334Speter result = TSPERR(TSS_E_INTERNAL_ERROR); 156518334Speter goto done; 156618334Speter } 156718334Speter 156818334Speter *size = sizeof(TPM_DIGEST); 156918334Speter 157018334Speter if ((*data = calloc_tspi(obj->tspContext, *size)) == NULL) { 157118334Speter LogError("malloc of %u bytes failed.", *size); 157218334Speter *size = 0; 157318334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 157418334Speter goto done; 157518334Speter } 157618334Speter 157718334Speter offset = 0; 157818334Speter Trspi_LoadBlob_DIGEST(&offset, *data, digest); 157918334Speterdone: 158018334Speter obj_list_put(&rsakey_list); 158118334Speter 158218334Speter return result; 158318334Speter} 158418334Speter 158518334Speter 158618334SpeterTSS_RESULT 158718334Speterobj_rsakey_get_pcr_locality(TSS_HKEY hKey, TSS_FLAG dir, UINT32 *locality) 158818334Speter{ 158918334Speter struct tsp_object *obj; 159018334Speter struct tr_rsakey_obj *rsakey; 159118334Speter TSS_RESULT result = TSS_SUCCESS; 159218334Speter 159318334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 159418334Speter return TSPERR(TSS_E_INVALID_HANDLE); 159518334Speter 159618334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 159718334Speter 159818334Speter if (rsakey->pcrInfoType == TSS_PCRS_STRUCT_INFO_LONG) { 159918334Speter if (dir == TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATCREATION) 160018334Speter *locality = rsakey->pcrInfo.infolong.localityAtCreation; 160118334Speter else if (dir == TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATRELEASE) 160218334Speter *locality = rsakey->pcrInfo.infolong.localityAtRelease; 160318334Speter else 160418334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 160518334Speter } else 160618334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 160718334Speter 160818334Speter obj_list_put(&rsakey_list); 160918334Speter 161018334Speter return result; 161118334Speter} 161218334Speter 161318334SpeterTSS_RESULT 161418334Speterobj_rsakey_get_pcr_selection(TSS_HKEY hKey, 161518334Speter UINT32 pcrInfoType, 161618334Speter TSS_FLAG dir, 161718334Speter UINT32 *size, 161818334Speter BYTE **data) 161918334Speter{ 162018334Speter struct tsp_object *obj; 162118334Speter struct tr_rsakey_obj *rsakey; 162218334Speter TSS_RESULT result = TSS_SUCCESS; 162318334Speter UINT64 offset; 162418334Speter TPM_PCR_SELECTION *selection = NULL; 162518334Speter 162618334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 162718334Speter return TSPERR(TSS_E_INVALID_HANDLE); 162818334Speter 162918334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 163018334Speter 163118334Speter if (pcrInfoType != rsakey->pcrInfoType) { 163218334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 163318334Speter goto done; 163418334Speter } 163518334Speter 163618334Speter switch (pcrInfoType) { 163718334Speter case TSS_PCRS_STRUCT_INFO: 163818334Speter if (dir == TSS_TSPATTRIB_KEYPCR_SELECTION) 163918334Speter selection = &rsakey->pcrInfo.info11.pcrSelection; 164018334Speter else { 164118334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 164218334Speter goto done; 164318334Speter } 164418334Speter break; 164518334Speter case TSS_PCRS_STRUCT_INFO_LONG: 164618334Speter if (dir == TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION) 164718334Speter selection = &rsakey->pcrInfo.infolong.creationPCRSelection; 164818334Speter else if (dir == TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION) 164918334Speter selection = &rsakey->pcrInfo.infolong.releasePCRSelection; 165018334Speter else { 165118334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 165218334Speter goto done; 165318334Speter } 165418334Speter break; 165518334Speter default: 165618334Speter result = TSPERR(TSS_E_INTERNAL_ERROR); 165718334Speter goto done; 165818334Speter } 165918334Speter 166018334Speter *size = sizeof(UINT16) + selection->sizeOfSelect; 166118334Speter 166218334Speter if ((*data = calloc_tspi(obj->tspContext, *size)) == NULL) { 166318334Speter LogError("malloc of %u bytes failed.", *size); 166418334Speter *size = 0; 166518334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 166618334Speter goto done; 166718334Speter } 166818334Speter 166918334Speter offset = 0; 167018334Speter Trspi_LoadBlob_PCR_SELECTION(&offset, *data, selection); 167118334Speter 167218334Speterdone: 167318334Speter obj_list_put(&rsakey_list); 167418334Speter 167518334Speter return result; 167618334Speter} 167718334Speter 167818334SpeterTSS_RESULT 167918334Speterrsakey_set_pubkey(struct tr_rsakey_obj *rsakey, BYTE *pubkey) 168018334Speter{ 168118334Speter TSS_RESULT result; 168218334Speter UINT64 offset = 0; 168318334Speter TPM_PUBKEY pub; 168418334Speter 168518334Speter if ((result = Trspi_UnloadBlob_PUBKEY(&offset, pubkey, &pub))) 168618334Speter return result; 168718334Speter 168818334Speter free(rsakey->key.pubKey.key); 168918334Speter free(rsakey->key.algorithmParms.parms); 169018334Speter 169118334Speter memcpy(&rsakey->key.pubKey, &pub.pubKey, sizeof(TPM_STORE_PUBKEY)); 169218334Speter memcpy(&rsakey->key.algorithmParms, &pub.algorithmParms, sizeof(TPM_KEY_PARMS)); 169318334Speter 169418334Speter return TSS_SUCCESS; 169518334Speter} 169618334Speter 169718334Speter/* Expect a TPM_PUBKEY as is explained in the portable data section of the spec */ 169818334SpeterTSS_RESULT 169918334Speterobj_rsakey_set_pubkey(TSS_HKEY hKey, UINT32 force, BYTE *data) 170018334Speter{ 170118334Speter struct tsp_object *obj; 170218334Speter struct tr_rsakey_obj *rsakey; 170318334Speter TSS_RESULT result; 170418334Speter 170518334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 170618334Speter return TSPERR(TSS_E_INVALID_HANDLE); 170718334Speter 170818334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 170918334Speter 171018334Speter if (!force && (obj->flags & TSS_OBJ_FLAG_KEY_SET)) { 171118334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 171218334Speter goto done; 171318334Speter } 171418334Speter 171518334Speter result = rsakey_set_pubkey(rsakey, data); 171618334Speterdone: 171718334Speter obj_list_put(&rsakey_list); 171818334Speter 171918334Speter return result; 172018334Speter} 172118334Speter 172218334SpeterTSS_RESULT 172318334Speterobj_rsakey_set_srk_pubkey(BYTE *pubkey) 172418334Speter{ 172518334Speter struct tsp_object *obj, *prev = NULL; 172618334Speter struct obj_list *list = &rsakey_list; 172718334Speter struct tr_rsakey_obj *rsakey; 172818334Speter TSS_RESULT result; 172918334Speter 173018334Speter MUTEX_LOCK(list->lock); 173118334Speter 173218334Speter for (obj = list->head; obj; prev = obj, obj = obj->next) { 173318334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 173418334Speter 173518334Speter /* we found the SRK, set this data as its public key */ 173618334Speter if (rsakey->tcsHandle == TPM_KEYHND_SRK) { 173718334Speter result = rsakey_set_pubkey(rsakey, pubkey); 173818334Speter MUTEX_UNLOCK(list->lock); 173918334Speter return result; 174018334Speter } 174118334Speter } 174218334Speter 174318334Speter MUTEX_UNLOCK(list->lock); 174418334Speter 174518334Speter return TSPERR(TSS_E_INVALID_HANDLE); 174618334Speter} 174718334Speter 174818334SpeterTSS_RESULT 174918334Speterobj_rsakey_set_privkey(TSS_HKEY hKey, UINT32 force, UINT32 size, BYTE *data) 175018334Speter{ 175118334Speter struct tsp_object *obj; 175218334Speter struct tr_rsakey_obj *rsakey; 175318334Speter TSS_RESULT result = TSS_SUCCESS; 175418334Speter void *to_free; 175518334Speter 175618334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 175718334Speter return TSPERR(TSS_E_INVALID_HANDLE); 175818334Speter 175918334Speter if (!force && (obj->flags & TSS_OBJ_FLAG_KEY_SET)) { 176018334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 176118334Speter goto done; 176218334Speter } 176318334Speter 176418334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 176518334Speter 176618334Speter to_free = rsakey->key.encData; 176718334Speter 176818334Speter rsakey->key.encData = calloc(1, size); 176918334Speter if (rsakey->key.encData == NULL) { 177018334Speter rsakey->key.encData = to_free; // restore 177118334Speter LogError("malloc of %u bytes failed.", size); 177218334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 177318334Speter goto done; 177418334Speter } 177518334Speter 177618334Speter free(to_free); 177718334Speter rsakey->key.encSize = size; 177818334Speter memcpy(rsakey->key.encData, data, size); 177918334Speterdone: 178018334Speter obj_list_put(&rsakey_list); 178118334Speter 178218334Speter return result; 178318334Speter} 178418334Speter 178518334SpeterTSS_RESULT 178618334Speterobj_rsakey_set_pcr_data(TSS_HKEY hKey, TSS_HPCRS hPcrComposite) 178718334Speter{ 178818334Speter struct tsp_object *obj; 178918334Speter struct tr_rsakey_obj *rsakey; 179018334Speter TSS_RESULT result = TSS_SUCCESS; 179118334Speter UINT32 pcrType, pcrSize; 179218334Speter BYTE *pcrInfo; 179318334Speter 179418334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 179518334Speter return TSPERR(TSS_E_INVALID_HANDLE); 179618334Speter 179718334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 179818334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 179918334Speter goto done; 180018334Speter } 180118334Speter 180218334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 180318334Speter 180418334Speter /* passing in a pcrType of TSS_PCRS_STRUCT_DEFAULT will tell the pcr routine to create 180518334Speter * a structure matching the type of the hPcrComposite object */ 180618334Speter pcrType = TSS_PCRS_STRUCT_DEFAULT; 180718334Speter if ((result = obj_pcrs_create_info_type(hPcrComposite, &pcrType, &pcrSize, &pcrInfo))) 180818334Speter goto done; 180918334Speter 181018334Speter rsakey->key.PCRInfo = pcrInfo; 181118334Speter rsakey->key.PCRInfoSize = pcrSize; 181218334Speterdone: 181318334Speter obj_list_put(&rsakey_list); 181418334Speter 181518334Speter return result; 181618334Speter} 181718334Speter 181818334Spetervoid 181918334Speter__tspi_rsakey_free(void *data) 182018334Speter{ 182118334Speter struct tr_rsakey_obj *rsakey = (struct tr_rsakey_obj *)data; 182218334Speter 182318334Speter free(rsakey->key.algorithmParms.parms); 182418334Speter free(rsakey->key.encData); 182518334Speter free(rsakey->key.PCRInfo); 182618334Speter free(rsakey->key.pubKey.key); 182718334Speter free(rsakey); 182818334Speter} 182918334Speter 183018334Speter/* Remove an individual rsakey object from the rsakey list with handle 183118334Speter * equal to hObject. Clean up the TSP's key handle table. */ 183218334SpeterTSS_RESULT 183318334Speterobj_rsakey_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext) 183418334Speter{ 183518334Speter TSS_RESULT result; 183618334Speter 183718334Speter if ((result = obj_list_remove(&rsakey_list, &__tspi_rsakey_free, hObject, tspContext))) 183818334Speter return result; 183918334Speter 184018334Speter return TSS_SUCCESS; 184118334Speter} 184218334Speter 184318334SpeterTSS_RESULT 184418334Speterobj_rsakey_get_by_pub(UINT32 pub_size, BYTE *pub, TSS_HKEY *hKey) 184518334Speter{ 184618334Speter struct obj_list *list = &rsakey_list; 184718334Speter struct tsp_object *obj; 184818334Speter struct tr_rsakey_obj *rsakey; 184918334Speter TSS_RESULT result = TSS_SUCCESS; 185018334Speter 185118334Speter MUTEX_LOCK(list->lock); 185218334Speter 185318334Speter for (obj = list->head; obj; obj = obj->next) { 185418334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 185518334Speter 185618334Speter if (rsakey->key.pubKey.keyLength == pub_size && 185718334Speter !memcmp(&rsakey->key.pubKey.key, pub, pub_size)) { 185818334Speter *hKey = obj->handle; 185918334Speter goto done; 186018334Speter } 186118334Speter } 186218334Speter 186318334Speter *hKey = 0; 186418334Speterdone: 186518334Speter MUTEX_UNLOCK(list->lock); 186618334Speter 186718334Speter return result; 186818334Speter} 186918334Speter 187018334SpeterTSS_RESULT 187118334Speterobj_rsakey_get_by_uuid(TSS_UUID *uuid, TSS_HKEY *hKey) 187218334Speter{ 187318334Speter struct obj_list *list = &rsakey_list; 187418334Speter struct tsp_object *obj; 187518334Speter struct tr_rsakey_obj *rsakey; 187618334Speter TSS_RESULT result = TSS_SUCCESS; 187718334Speter 187818334Speter MUTEX_LOCK(list->lock); 187918334Speter 188018334Speter for (obj = list->head; obj; obj = obj->next) { 188118334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 188218334Speter 188318334Speter if (!memcmp(&rsakey->uuid, uuid, sizeof(TSS_UUID))) { 188418334Speter *hKey = obj->handle; 188518334Speter goto done; 188618334Speter } 188718334Speter } 188818334Speter 188918334Speter result = TSPERR(TSS_E_PS_KEY_NOTFOUND); 189018334Speterdone: 189118334Speter MUTEX_UNLOCK(list->lock); 189218334Speter 189318334Speter return result; 189418334Speter} 189518334Speter 189618334Spetervoid 189718334Speterobj_rsakey_remove_policy_refs(TSS_HPOLICY hPolicy, TSS_HCONTEXT tspContext) 189818334Speter{ 189918334Speter struct tsp_object *obj, *prev = NULL; 190018334Speter struct obj_list *list = &rsakey_list; 190118334Speter struct tr_rsakey_obj *rsakey; 190218334Speter 190318334Speter MUTEX_LOCK(list->lock); 190418334Speter 190518334Speter for (obj = list->head; obj; prev = obj, obj = obj->next) { 190618334Speter if (obj->tspContext != tspContext) 190718334Speter continue; 190818334Speter 190918334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 191018334Speter if (rsakey->usagePolicy == hPolicy) 191118334Speter rsakey->usagePolicy = NULL_HPOLICY; 191218334Speter 191318334Speter if (rsakey->migPolicy == hPolicy) 191418334Speter rsakey->migPolicy = NULL_HPOLICY; 191518334Speter } 191618334Speter 191718334Speter MUTEX_UNLOCK(list->lock); 191818334Speter} 191918334Speter 192018334Speter#if 0 192118334SpeterTSS_RESULT 192218334Speterobj_rsakey_get_transport_attribs(TSS_HKEY hKey, TCS_KEY_HANDLE *hTCSKey, TPM_DIGEST *pubDigest) 192318334Speter{ 192418334Speter struct tsp_object *obj; 192518334Speter struct tr_rsakey_obj *rsakey; 192618334Speter TSS_RESULT result; 192718334Speter Trspi_HashCtx hashCtx; 192818334Speter 192918334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 193018334Speter return TSPERR(TSS_E_INVALID_HANDLE); 193118334Speter 193218334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 193318334Speter *hTCSKey = rsakey->tcsHandle; 193418334Speter 193518334Speter result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1); 193618334Speter result |= Trspi_Hash_STORE_PUBKEY(&hashCtx, &rsakey->key.pubKey); 193718334Speter result |= Trspi_HashFinal(&hashCtx, pubDigest->digest); 193818334Speter 193918334Speter obj_list_put(&rsakey_list); 194018334Speter 194118334Speter return result; 194218334Speter} 194318334Speter#endif 194418334Speter 194518334Speter#ifdef TSS_BUILD_CMK 194618334SpeterTSS_BOOL 194718334Speterobj_rsakey_is_cmk(TSS_HKEY hKey) 194818334Speter{ 194918334Speter struct tsp_object *obj; 195018334Speter struct tr_rsakey_obj *rsakey; 195118334Speter TSS_BOOL answer = FALSE; 195218334Speter 195318334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 195418334Speter return answer; 195518334Speter 195618334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 195718334Speter if (rsakey->type != TSS_KEY_STRUCT_KEY) { 195818334Speter if (rsakey->key.keyFlags & TPM_MIGRATEAUTHORITY) 195918334Speter answer = TRUE; 196018334Speter } 196118334Speter 196218334Speter obj_list_put(&rsakey_list); 196318334Speter 196418334Speter return answer; 196518334Speter} 196618334Speter 196718334SpeterTSS_RESULT 196818334Speterobj_rsakey_set_cmk(TSS_HKEY hKey, UINT32 cmk) 196918334Speter{ 197018334Speter struct tsp_object *obj; 197118334Speter struct tr_rsakey_obj *rsakey; 197218334Speter TSS_RESULT result = TSS_SUCCESS; 197318334Speter 197418334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 197518334Speter return TSPERR(TSS_E_INVALID_HANDLE); 197618334Speter 197718334Speter if (obj->flags & TSS_OBJ_FLAG_KEY_SET) { 197818334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 197918334Speter goto done; 198018334Speter } 198118334Speter 198218334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 198318334Speter if (rsakey->type == TSS_KEY_STRUCT_KEY) { 198418334Speter result = TSPERR(TSS_E_INVALID_OBJ_ACCESS); 198518334Speter goto done; 198618334Speter } 198718334Speter 198818334Speter if (cmk) 198918334Speter rsakey->key.keyFlags |= TPM_MIGRATEAUTHORITY; 199018334Speter else 199118334Speter rsakey->key.keyFlags &= (~TPM_MIGRATEAUTHORITY); 199218334Speter 199318334Speterdone: 199418334Speter obj_list_put(&rsakey_list); 199518334Speter 199618334Speter return result; 199718334Speter} 199818334Speter 199918334SpeterTSS_RESULT 200018334Speterobj_rsakey_set_msa_approval(TSS_HKEY hKey, UINT32 blobSize, BYTE *blob) 200118334Speter{ 200218334Speter struct tsp_object *obj; 200318334Speter struct tr_rsakey_obj *rsakey; 200418334Speter TSS_RESULT result = TSS_SUCCESS; 200518334Speter 200618334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 200718334Speter return TSPERR(TSS_E_INVALID_HANDLE); 200818334Speter 200918334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 201018334Speter 201118334Speter if (blobSize != sizeof(rsakey->msaApproval.digest)) { 201218334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 201318334Speter goto done; 201418334Speter } 201518334Speter memcpy(rsakey->msaApproval.digest, blob, sizeof(rsakey->msaApproval.digest)); 201618334Speter 201718334Speterdone: 201818334Speter obj_list_put(&rsakey_list); 201918334Speter 202018334Speter return result; 202118334Speter} 202218334Speter 202318334SpeterTSS_RESULT 202418334Speterobj_rsakey_get_msa_approval(TSS_HKEY hKey, UINT32 *blobSize, BYTE **blob) 202518334Speter{ 202618334Speter struct tsp_object *obj; 202718334Speter struct tr_rsakey_obj *rsakey; 202818334Speter TSS_RESULT result = TSS_SUCCESS; 202918334Speter 203018334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 203118334Speter return TSPERR(TSS_E_INVALID_HANDLE); 203218334Speter 203318334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 203418334Speter 203518334Speter if ((*blob = calloc_tspi(obj->tspContext, sizeof(rsakey->msaApproval.digest))) == NULL) { 203618334Speter LogError("malloc of %zd bytes failed.", sizeof(rsakey->msaApproval.digest)); 203718334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 203818334Speter goto done; 203918334Speter } 204018334Speter memcpy(*blob, rsakey->msaApproval.digest, sizeof(rsakey->msaApproval.digest)); 204118334Speter *blobSize = sizeof(rsakey->msaApproval.digest); 204218334Speter 204318334Speterdone: 204418334Speter obj_list_put(&rsakey_list); 204518334Speter 204618334Speter return result; 204718334Speter} 204818334Speter 204918334SpeterTSS_RESULT 205018334Speterobj_rsakey_set_msa_digest(TSS_HKEY hKey, UINT32 blobSize, BYTE *blob) 205118334Speter{ 205218334Speter struct tsp_object *obj; 205318334Speter struct tr_rsakey_obj *rsakey; 205418334Speter TSS_RESULT result = TSS_SUCCESS; 205518334Speter 205618334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 205718334Speter return TSPERR(TSS_E_INVALID_HANDLE); 205818334Speter 205918334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 206018334Speter 206118334Speter if (blobSize != sizeof(rsakey->msaDigest.digest)) { 206218334Speter result = TSPERR(TSS_E_BAD_PARAMETER); 206318334Speter goto done; 206418334Speter } 206518334Speter memcpy(rsakey->msaDigest.digest, blob, sizeof(rsakey->msaDigest.digest)); 206618334Speter 206718334Speterdone: 206818334Speter obj_list_put(&rsakey_list); 206918334Speter 207018334Speter return result; 207118334Speter} 207218334Speter 207318334SpeterTSS_RESULT 207418334Speterobj_rsakey_get_msa_digest(TSS_HKEY hKey, UINT32 *blobSize, BYTE **blob) 207518334Speter{ 207618334Speter struct tsp_object *obj; 207718334Speter struct tr_rsakey_obj *rsakey; 207818334Speter TSS_RESULT result = TSS_SUCCESS; 207918334Speter 208018334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 208118334Speter return TSPERR(TSS_E_INVALID_HANDLE); 208218334Speter 208318334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 208418334Speter 208518334Speter if ((*blob = calloc_tspi(obj->tspContext, sizeof(rsakey->msaDigest.digest))) == NULL) { 208618334Speter LogError("malloc of %zd bytes failed.", sizeof(rsakey->msaDigest.digest)); 208718334Speter result = TSPERR(TSS_E_OUTOFMEMORY); 208818334Speter goto done; 208918334Speter } 209018334Speter memcpy(*blob, rsakey->msaDigest.digest, sizeof(rsakey->msaDigest.digest)); 209118334Speter *blobSize = sizeof(rsakey->msaDigest.digest); 209218334Speter 209318334Speterdone: 209418334Speter obj_list_put(&rsakey_list); 209518334Speter 209618334Speter return result; 209718334Speter} 209818334Speter#endif 209918334Speter 210018334SpeterTSS_RESULT 210118334Speterobj_rsakey_get_ownerevict(TSS_HKEY hKey, UINT32 *value) 210218334Speter{ 210318334Speter struct tsp_object *obj; 210418334Speter struct tr_rsakey_obj *rsakey; 210518334Speter 210618334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 210718334Speter return TSPERR(TSS_E_INVALID_HANDLE); 210818334Speter 210918334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 211018334Speter *value = rsakey->flags & TSS_RSAKEY_FLAG_OWNEREVICT; 211118334Speter 211218334Speter obj_list_put(&rsakey_list); 211318334Speter 211418334Speter return TSS_SUCCESS; 211518334Speter} 211618334Speter 211718334SpeterTSS_RESULT 211818334Speterobj_rsakey_set_ownerevict(TSS_HKEY hKey, TSS_BOOL value) 211918334Speter{ 212018334Speter struct tsp_object *obj; 212118334Speter struct tr_rsakey_obj *rsakey; 212218334Speter 212318334Speter if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL) 212418334Speter return TSPERR(TSS_E_INVALID_HANDLE); 212518334Speter 212618334Speter rsakey = (struct tr_rsakey_obj *)obj->data; 212718334Speter 212818334Speter if (value) 212918334Speter rsakey->flags |= TSS_RSAKEY_FLAG_OWNEREVICT; 213018334Speter else 213118334Speter rsakey->flags &= ~TSS_RSAKEY_FLAG_OWNEREVICT; 213218334Speter 213318334Speter obj_list_put(&rsakey_list); 213418334Speter 213518334Speter return TSS_SUCCESS; 213618334Speter} 213718334Speter