diff options
Diffstat (limited to 'src/tcs/rpc/tcstp')
34 files changed, 8555 insertions, 0 deletions
diff --git a/src/tcs/rpc/tcstp/rpc.c b/src/tcs/rpc/tcstp/rpc.c new file mode 100644 index 0000000..7660675 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc.c @@ -0,0 +1,628 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> +#if (defined (__OpenBSD__) || defined (__FreeBSD__)) +#include <sys/types.h> +#include <sys/socket.h> +#endif +#include <errno.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "rpc_tcstp_tcs.h" + + +/* Lock is not static because we need to reference it in the auth manager */ +MUTEX_DECLARE_INIT(tcsp_lock); + + +void +LoadBlob_Auth_Special(UINT64 *offset, BYTE *blob, TPM_AUTH *auth) +{ + LoadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, auth->NonceEven.nonce); + LoadBlob_BOOL(offset, auth->fContinueAuthSession, blob); + LoadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, (BYTE *)&auth->HMAC); +} + +void +UnloadBlob_Auth_Special(UINT64 *offset, BYTE *blob, TPM_AUTH *auth) +{ + UnloadBlob_UINT32(offset, &auth->AuthHandle, blob); + UnloadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, auth->NonceOdd.nonce); + UnloadBlob_BOOL(offset, &auth->fContinueAuthSession, blob); + UnloadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, (BYTE *)&auth->HMAC); +} + +int +recv_from_socket(int sock, void *buffer, int size) +{ + int recv_size = 0, recv_total = 0; + + while (recv_total < size) { + errno = 0; + if ((recv_size = recv(sock, buffer+recv_total, size-recv_total, 0)) <= 0) { + if (recv_size < 0) { + if (errno == EINTR) + continue; + LogError("Socket receive connection error: %s.", strerror(errno)); + } else { + LogDebug("Socket connection closed."); + } + + return -1; + } + recv_total += recv_size; + } + + return recv_total; +} + +int +send_to_socket(int sock, void *buffer, int size) +{ + int send_size = 0, send_total = 0; + + while (send_total < size) { + if ((send_size = send(sock, buffer+send_total, size-send_total, 0)) < 0) { + LogError("Socket send connection error: %s.", strerror(errno)); + return -1; + } + send_total += send_size; + } + + return send_total; +} + + +void +initData(struct tcsd_comm_data *comm, int parm_count) +{ + /* min packet size should be the size of the header */ + memset(&comm->hdr, 0, sizeof(struct tcsd_packet_hdr)); + comm->hdr.packet_size = sizeof(struct tcsd_packet_hdr); + if (parm_count > 0) { + comm->hdr.type_offset = sizeof(struct tcsd_packet_hdr); + comm->hdr.parm_offset = comm->hdr.type_offset + + (sizeof(TCSD_PACKET_TYPE) * parm_count); + comm->hdr.packet_size = comm->hdr.parm_offset; + } + + memset(comm->buf, 0, comm->buf_size); +} + +int +loadData(UINT64 *offset, TCSD_PACKET_TYPE data_type, void *data, int data_size, BYTE *blob) +{ + switch (data_type) { + case TCSD_PACKET_TYPE_BYTE: + LoadBlob_BYTE(offset, *((BYTE *) (data)), blob); + break; + case TCSD_PACKET_TYPE_BOOL: + LoadBlob_BOOL(offset, *((TSS_BOOL *) (data)), blob); + break; + case TCSD_PACKET_TYPE_UINT16: + LoadBlob_UINT16(offset, *((UINT16 *) (data)), blob); + break; + case TCSD_PACKET_TYPE_UINT32: + LoadBlob_UINT32(offset, *((UINT32 *) (data)), blob); + break; + case TCSD_PACKET_TYPE_UINT64: + LoadBlob_UINT64(offset, *((UINT64 *) (data)), blob); + break; + case TCSD_PACKET_TYPE_PBYTE: + LoadBlob(offset, data_size, blob, data); + break; + case TCSD_PACKET_TYPE_NONCE: + LoadBlob(offset, sizeof(TCPA_NONCE), blob, ((TCPA_NONCE *)data)->nonce); + break; + case TCSD_PACKET_TYPE_DIGEST: + LoadBlob(offset, sizeof(TCPA_DIGEST), blob, ((TCPA_DIGEST *)data)->digest); + break; + case TCSD_PACKET_TYPE_AUTH: + LoadBlob_Auth_Special(offset, blob, ((TPM_AUTH *)data)); + break; +#ifdef TSS_BUILD_PS + case TCSD_PACKET_TYPE_UUID: + LoadBlob_UUID(offset, blob, *((TSS_UUID *)data)); + break; + case TCSD_PACKET_TYPE_KM_KEYINFO: + LoadBlob_KM_KEYINFO(offset, blob, ((TSS_KM_KEYINFO *)data)); + break; + case TCSD_PACKET_TYPE_KM_KEYINFO2: + LoadBlob_KM_KEYINFO2(offset, blob, ((TSS_KM_KEYINFO2 *)data)); + break; + case TCSD_PACKET_TYPE_LOADKEY_INFO: + LoadBlob_LOADKEY_INFO(offset, blob, ((TCS_LOADKEY_INFO *)data)); + break; +#endif + case TCSD_PACKET_TYPE_ENCAUTH: + LoadBlob(offset, sizeof(TCPA_ENCAUTH), blob, + ((TCPA_ENCAUTH *)data)->authdata); + break; + case TCSD_PACKET_TYPE_VERSION: + LoadBlob_VERSION(offset, blob, ((TPM_VERSION *)data)); + break; +#ifdef TSS_BUILD_PCR_EVENTS + case TCSD_PACKET_TYPE_PCR_EVENT: + LoadBlob_PCR_EVENT(offset, blob, ((TSS_PCR_EVENT *)data)); + break; +#endif + case TCSD_PACKET_TYPE_SECRET: + LoadBlob(offset, sizeof(TCPA_SECRET), blob, + ((TCPA_SECRET *)data)->authdata); + break; + default: + LogError("TCSD packet type unknown! (0x%x)", data_type & 0xff); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + return TSS_SUCCESS; +} + + +int +setData(TCSD_PACKET_TYPE dataType, + unsigned int index, + void *theData, + int theDataSize, + struct tcsd_comm_data *comm) +{ + UINT64 old_offset, offset; + TSS_RESULT result; + TCSD_PACKET_TYPE *type; + + /* Calculate the size of the area needed (use NULL for blob address) */ + offset = 0; + if ((result = loadData(&offset, dataType, theData, theDataSize, NULL)) != TSS_SUCCESS) + return result; + + if ((comm->hdr.packet_size + offset) > comm->buf_size) { + /* reallocate the buffer */ + BYTE *buffer; + int buffer_size = comm->hdr.packet_size + offset; + + LogDebug("Increasing communication buffer to %d bytes.", buffer_size); + buffer = realloc(comm->buf, buffer_size); + if (buffer == NULL) { + LogError("realloc of %d bytes failed.", buffer_size); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + comm->buf_size = buffer_size; + comm->buf = buffer; + } + + offset = old_offset = comm->hdr.parm_offset + comm->hdr.parm_size; + if ((result = loadData(&offset, dataType, theData, theDataSize, comm->buf)) != TSS_SUCCESS) + return result; + type = (TCSD_PACKET_TYPE *)(comm->buf + comm->hdr.type_offset) + index; + *type = dataType; + comm->hdr.type_size += sizeof(TCSD_PACKET_TYPE); + comm->hdr.parm_size += (offset - old_offset); + + comm->hdr.packet_size = offset; + comm->hdr.num_parms++; + + return TSS_SUCCESS; +} + +UINT32 +getData(TCSD_PACKET_TYPE dataType, + unsigned int index, + void *theData, + int theDataSize, + struct tcsd_comm_data *comm) +{ + UINT64 old_offset, offset; + TCSD_PACKET_TYPE *type; + + if ((comm->hdr.type_offset + index) > comm->buf_size) + return TSS_TCP_RPC_BAD_PACKET_TYPE; + + type = (comm->buf + comm->hdr.type_offset) + index; + + if ((UINT32)index >= comm->hdr.num_parms || dataType != *type) { + LogDebug("Data type of TCS packet element %d doesn't match.", index); + return TSS_TCP_RPC_BAD_PACKET_TYPE; + } + old_offset = offset = comm->hdr.parm_offset; + switch (dataType) { + case TCSD_PACKET_TYPE_BYTE: + if (old_offset + sizeof(BYTE) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob_BYTE(&offset, (BYTE *) (theData), comm->buf); + break; + case TCSD_PACKET_TYPE_BOOL: + if (old_offset + sizeof(TSS_BOOL) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob_BOOL(&offset, (TSS_BOOL *) (theData), comm->buf); + break; + case TCSD_PACKET_TYPE_UINT16: + if (old_offset + sizeof(UINT16) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob_UINT16(&offset, (UINT16 *) (theData), comm->buf); + break; + case TCSD_PACKET_TYPE_UINT32: + if (old_offset + sizeof(UINT32) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob_UINT32(&offset, (UINT32 *) (theData), comm->buf); + break; + case TCSD_PACKET_TYPE_PBYTE: + if (old_offset + theDataSize > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob(&offset, theDataSize, comm->buf, theData); + break; + case TCSD_PACKET_TYPE_NONCE: + if (old_offset + sizeof(TPM_NONCE) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob(&offset, sizeof(TCPA_NONCE), comm->buf, + ((TCPA_NONCE *) (theData))->nonce); + break; + case TCSD_PACKET_TYPE_DIGEST: + if (old_offset + sizeof(TPM_DIGEST) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob(&offset, sizeof(TCPA_DIGEST), comm->buf, + ((TCPA_DIGEST *) (theData))->digest); + break; + case TCSD_PACKET_TYPE_AUTH: + if ((old_offset + sizeof(TCS_AUTHHANDLE) + + sizeof(TPM_BOOL) + + (2 * sizeof(TPM_NONCE))) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob_Auth_Special(&offset, comm->buf, ((TPM_AUTH *) theData)); + break; + case TCSD_PACKET_TYPE_ENCAUTH: + if (old_offset + sizeof(TPM_ENCAUTH) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob(&offset, sizeof(TCPA_ENCAUTH), comm->buf, + ((TCPA_ENCAUTH *) theData)->authdata); + break; + case TCSD_PACKET_TYPE_VERSION: + if (old_offset + sizeof(TPM_VERSION) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob_VERSION(&offset, comm->buf, ((TPM_VERSION *) theData)); + break; +#ifdef TSS_BUILD_PS + case TCSD_PACKET_TYPE_KM_KEYINFO: + UnloadBlob_KM_KEYINFO(&old_offset, comm->buf, NULL); + + if (old_offset > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + old_offset = offset; + UnloadBlob_KM_KEYINFO(&offset, comm->buf, ((TSS_KM_KEYINFO *)theData)); + break; + case TCSD_PACKET_TYPE_LOADKEY_INFO: + UnloadBlob_LOADKEY_INFO(&old_offset, comm->buf, NULL); + + if (old_offset > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + old_offset = offset; + UnloadBlob_LOADKEY_INFO(&offset, comm->buf, ((TCS_LOADKEY_INFO *)theData)); + break; + case TCSD_PACKET_TYPE_UUID: + if (old_offset + sizeof(TSS_UUID) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob_UUID(&offset, comm->buf, (TSS_UUID *) theData); + break; +#endif +#ifdef TSS_BUILD_PCR_EVENTS + case TCSD_PACKET_TYPE_PCR_EVENT: + { + TSS_RESULT result; + + (void)UnloadBlob_PCR_EVENT(&old_offset, comm->buf, NULL); + + if (old_offset > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + old_offset = offset; + if ((result = UnloadBlob_PCR_EVENT(&offset, comm->buf, + ((TSS_PCR_EVENT *)theData)))) + return result; + break; + } +#endif + case TCSD_PACKET_TYPE_SECRET: + if (old_offset + sizeof(TPM_SECRET) > comm->hdr.packet_size) + return TCSERR(TSS_E_INTERNAL_ERROR); + + UnloadBlob(&offset, sizeof(TCPA_SECRET), comm->buf, + ((TCPA_SECRET *) theData)->authdata); + break; + default: + LogError("TCSD packet type unknown! (0x%x)", dataType & 0xff); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + comm->hdr.parm_offset = offset; + comm->hdr.parm_size -= (offset - old_offset); + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Error(struct tcsd_thread_data *data) +{ + LogError("%s reached.", __FUNCTION__); + + initData(&data->comm, 0); + + data->comm.hdr.u.result = TCSERR(TSS_E_FAIL); + + return TSS_SUCCESS; + +} + +/* Dispatch */ +typedef struct tdDispatchTable { + TSS_RESULT (*Func) (struct tcsd_thread_data *); + const char *name; +} DispatchTable; + +DispatchTable tcs_func_table[TCSD_MAX_NUM_ORDS] = { + {tcs_wrap_Error,"Error"}, /* 0 */ + {tcs_wrap_OpenContext,"OpenContext"}, + {tcs_wrap_CloseContext,"CloseContext"}, + {tcs_wrap_Error,"Error"}, + {tcs_wrap_TCSGetCapability,"TCSGetCapability"}, + {tcs_wrap_RegisterKey,"RegisterKey"}, /* 5 */ + {tcs_wrap_UnregisterKey,"UnregisterKey"}, + {tcs_wrap_EnumRegisteredKeys,"EnumRegisteredKeys"}, + {tcs_wrap_Error,"Error"}, + {tcs_wrap_GetRegisteredKeyBlob,"GetRegisteredKeyBlob"}, + {tcs_wrap_GetRegisteredKeyByPublicInfo,"GetRegisteredKeyByPublicInfo"}, /* 10 */ + {tcs_wrap_LoadKeyByBlob,"LoadKeyByBlob"}, + {tcs_wrap_LoadKeyByUUID,"LoadKeyByUUID"}, + {tcs_wrap_EvictKey,"EvictKey"}, + {tcs_wrap_CreateWrapKey,"CreateWrapKey"}, + {tcs_wrap_GetPubkey,"GetPubkey"}, /* 15 */ + {tcs_wrap_MakeIdentity,"MakeIdentity"}, + {tcs_wrap_LogPcrEvent,"LogPcrEvent"}, + {tcs_wrap_GetPcrEvent,"GetPcrEvent"}, + {tcs_wrap_GetPcrEventsByPcr,"GetPcrEventsByPcr"}, + {tcs_wrap_GetPcrEventLog,"GetPcrEventLog"}, /* 20 */ + {tcs_wrap_SetOwnerInstall,"SetOwnerInstall"}, + {tcs_wrap_TakeOwnership,"TakeOwnership"}, + {tcs_wrap_OIAP,"OIAP"}, + {tcs_wrap_OSAP,"OSAP"}, + {tcs_wrap_ChangeAuth,"ChangeAuth"}, /* 25 */ + {tcs_wrap_ChangeAuthOwner,"ChangeAuthOwner"}, + {tcs_wrap_Error,"Error"}, + {tcs_wrap_Error,"Error"}, + {tcs_wrap_TerminateHandle,"TerminateHandle"}, + {tcs_wrap_ActivateIdentity,"ActivateIdentity"}, /* 30 */ + {tcs_wrap_Extend,"Extend"}, + {tcs_wrap_PcrRead,"PcrRead"}, + {tcs_wrap_Quote,"Quote"}, + {tcs_wrap_DirWriteAuth,"DirWriteAuth"}, + {tcs_wrap_DirRead,"DirRead"}, /* 35 */ + {tcs_wrap_Seal,"Seal"}, + {tcs_wrap_UnSeal,"UnSeal"}, + {tcs_wrap_UnBind,"UnBind"}, + {tcs_wrap_CreateMigrationBlob,"CreateMigrationBlob"}, + {tcs_wrap_ConvertMigrationBlob,"ConvertMigrationBlob"}, /* 40 */ + {tcs_wrap_AuthorizeMigrationKey,"AuthorizeMigrationKey"}, + {tcs_wrap_CertifyKey,"CertifyKey"}, + {tcs_wrap_Sign,"Sign"}, + {tcs_wrap_GetRandom,"GetRandom"}, + {tcs_wrap_StirRandom,"StirRandom"}, /* 45 */ + {tcs_wrap_GetCapability,"GetCapability"}, + {tcs_wrap_Error,"Error"}, + {tcs_wrap_GetCapabilityOwner,"GetCapabilityOwner"}, + {tcs_wrap_CreateEndorsementKeyPair,"CreateEndorsementKeyPair"}, + {tcs_wrap_ReadPubek,"ReadPubek"}, /* 50 */ + {tcs_wrap_DisablePubekRead,"DisablePubekRead"}, + {tcs_wrap_OwnerReadPubek,"OwnerReadPubek"}, + {tcs_wrap_SelfTestFull,"SelfTestFull"}, + {tcs_wrap_CertifySelfTest,"CertifySelfTest"}, + {tcs_wrap_Error,"Error"}, /* 55 */ + {tcs_wrap_GetTestResult,"GetTestResult"}, + {tcs_wrap_OwnerSetDisable,"OwnerSetDisable"}, + {tcs_wrap_OwnerClear,"OwnerClear"}, + {tcs_wrap_DisableOwnerClear,"DisableOwnerClear"}, + {tcs_wrap_ForceClear,"ForceClear"}, /* 60 */ + {tcs_wrap_DisableForceClear,"DisableForceClear"}, + {tcs_wrap_PhysicalDisable,"PhysicalDisable"}, + {tcs_wrap_PhysicalEnable,"PhysicalEnable"}, + {tcs_wrap_PhysicalSetDeactivated,"PhysicalSetDeactivated"}, + {tcs_wrap_SetTempDeactivated,"SetTempDeactivated"}, /* 65 */ + {tcs_wrap_PhysicalPresence,"PhysicalPresence"}, + {tcs_wrap_Error,"Error"}, + {tcs_wrap_Error,"Error"}, + {tcs_wrap_CreateMaintenanceArchive,"CreateMaintenanceArchive"}, + {tcs_wrap_LoadMaintenanceArchive,"LoadMaintenanceArchive"}, /* 70 */ + {tcs_wrap_KillMaintenanceFeature,"KillMaintenanceFeature"}, + {tcs_wrap_LoadManuMaintPub,"LoadManuMaintPub"}, + {tcs_wrap_ReadManuMaintPub,"ReadManuMaintPub"}, + {tcs_wrap_DaaJoin,"DaaJoin"}, + {tcs_wrap_DaaSign,"DaaSign"}, /* 75 */ + {tcs_wrap_SetCapability,"SetCapability"}, + {tcs_wrap_ResetLockValue,"ResetLockValue"}, + {tcs_wrap_PcrReset,"PcrReset"}, + {tcs_wrap_ReadCounter,"ReadCounter"}, + {tcs_wrap_CreateCounter,"CreateCounter"}, /* 80 */ + {tcs_wrap_IncrementCounter,"IncrementCounter"}, + {tcs_wrap_ReleaseCounter,"ReleaseCounter"}, + {tcs_wrap_ReleaseCounterOwner,"ReleaseCounterOwner"}, + {tcs_wrap_ReadCurrentTicks,"ReadCurrentTicks"}, + {tcs_wrap_TickStampBlob,"TicksStampBlob"}, /* 85 */ + {tcs_wrap_GetCredential,"GetCredential"}, + {tcs_wrap_NV_DefineOrReleaseSpace,"NVDefineOrReleaseSpace"}, + {tcs_wrap_NV_WriteValue,"NVWriteValue"}, + {tcs_wrap_NV_WriteValueAuth,"NVWriteValueAuth"}, + {tcs_wrap_NV_ReadValue,"NVReadValue"}, /* 90 */ + {tcs_wrap_NV_ReadValueAuth,"NVReadValueAuth"}, + {tcs_wrap_EstablishTransport,"EstablishTransport"}, + {tcs_wrap_ExecuteTransport,"ExecuteTransport"}, + {tcs_wrap_ReleaseTransportSigned,"ReleaseTransportSigned"}, + {tcs_wrap_SetOrdinalAuditStatus,"SetOrdinalAuditStatus"}, /* 95 */ + {tcs_wrap_GetAuditDigest,"GetAuditDigest"}, + {tcs_wrap_GetAuditDigestSigned,"GetAuditDigestSigned"}, + {tcs_wrap_Sealx,"Sealx"}, + {tcs_wrap_SetOperatorAuth,"SetOperatorAuth"}, + {tcs_wrap_OwnerReadInternalPub,"OwnerReadInternalPub"}, /* 100 */ + {tcs_wrap_EnumRegisteredKeys2,"EnumRegisteredKeys2"}, + {tcs_wrap_SetTempDeactivated2,"SetTempDeactivated2"}, + {tcs_wrap_Delegate_Manage,"Delegate_Manage"}, + {tcs_wrap_Delegate_CreateKeyDelegation,"Delegate_CreateKeyDelegation"}, + {tcs_wrap_Delegate_CreateOwnerDelegation,"Delegate_CreateOwnerDelegation"}, /* 105 */ + {tcs_wrap_Delegate_LoadOwnerDelegation,"Delegate_LoadOwnerDelegation"}, + {tcs_wrap_Delegate_ReadTable,"Delegate_ReadTable"}, + {tcs_wrap_Delegate_UpdateVerificationCount,"Delegate_UpdateVerificationCount"}, + {tcs_wrap_Delegate_VerifyDelegation,"Delegate_VerifyDelegation"}, + {tcs_wrap_CreateRevocableEndorsementKeyPair,"CreateRevocableEndorsementKeyPair"}, /* 110 */ + {tcs_wrap_RevokeEndorsementKeyPair,"RevokeEndorsementKeyPair"}, + {tcs_wrap_Error,"Error - was MakeIdentity2"}, + {tcs_wrap_Quote2,"Quote2"}, + {tcs_wrap_CMK_SetRestrictions,"CMK_SetRestrictions"}, + {tcs_wrap_CMK_ApproveMA,"CMK_ApproveMA"}, /* 115 */ + {tcs_wrap_CMK_CreateKey,"CMK_CreateKey"}, + {tcs_wrap_CMK_CreateTicket,"CMK_CreateTicket"}, + {tcs_wrap_CMK_CreateBlob,"CMK_CreateBlob"}, + {tcs_wrap_CMK_ConvertMigration,"CMK_ConvertMigration"}, + {tcs_wrap_FlushSpecific,"FlushSpecific"}, /* 120 */ + {tcs_wrap_KeyControlOwner, "KeyControlOwner"}, + {tcs_wrap_DSAP, "DSAP"} +}; + +int +access_control(struct tcsd_thread_data *thread_data) +{ + int i = 0; + struct hostent *local_hostent = NULL; + static char *localhostname = NULL; + static int localhostname_len = 0; + + if (!localhostname) { + if ((local_hostent = gethostbyname("localhost")) == NULL) { + LogError("Error resolving localhost: %s", hstrerror(h_errno)); + return 1; + } + + LogDebugFn("Cached local hostent:"); + LogDebugFn("h_name: %s", local_hostent->h_name); + for (i = 0; local_hostent->h_aliases[i]; i++) { + LogDebugFn("h_aliases[%d]: %s", i, local_hostent->h_aliases[i]); + } + LogDebugFn("h_addrtype: %s", + (local_hostent->h_addrtype == AF_INET6 ? "AF_INET6" : "AF_INET")); + + localhostname_len = strlen(local_hostent->h_name); + if ((localhostname = strdup(local_hostent->h_name)) == NULL) { + LogError("malloc of %d bytes failed.", localhostname_len); + return TCSERR(TSS_E_OUTOFMEMORY); + } + } + + /* if the request comes from localhost, or is in the accepted ops list, + * approve it */ + if (!strncmp(thread_data->hostname, localhostname, + MIN((size_t)localhostname_len, strlen(thread_data->hostname)))) { + return 0; + } else { + while (tcsd_options.remote_ops[i]) { + if ((UINT32)tcsd_options.remote_ops[i] == thread_data->comm.hdr.u.ordinal) { + LogInfo("Accepted %s operation from %s", + tcs_func_table[thread_data->comm.hdr.u.ordinal].name, + thread_data->hostname); + return 0; + } + i++; + } + } + + return 1; +} + +TSS_RESULT +dispatchCommand(struct tcsd_thread_data *data) +{ + UINT64 offset; + TSS_RESULT result; + + /* First, check the ordinal bounds */ + if (data->comm.hdr.u.ordinal >= TCSD_MAX_NUM_ORDS) { + LogError("Illegal TCSD Ordinal"); + return TCSERR(TSS_E_FAIL); + } + + LogDebug("Dispatching ordinal %u", data->comm.hdr.u.ordinal); + /* We only need to check access_control if there are remote operations that are defined + * in the config file, which means we allow remote connections */ + if (tcsd_options.remote_ops[0] && access_control(data)) { + LogWarn("Denied %s operation from %s", + tcs_func_table[data->comm.hdr.u.ordinal].name, data->hostname); + + /* set platform header */ + memset(&data->comm.hdr, 0, sizeof(data->comm.hdr)); + data->comm.hdr.packet_size = sizeof(struct tcsd_packet_hdr); + data->comm.hdr.u.result = TCSERR(TSS_E_FAIL); + + /* set the comm buffer */ + memset(data->comm.buf, 0, data->comm.buf_size); + offset = 0; + LoadBlob_UINT32(&offset, data->comm.hdr.packet_size, data->comm.buf); + LoadBlob_UINT32(&offset, data->comm.hdr.u.result, data->comm.buf); + + return TSS_SUCCESS; + } + + /* Now, dispatch */ + if ((result = tcs_func_table[data->comm.hdr.u.ordinal].Func(data)) == TSS_SUCCESS) { + /* set the comm buffer */ + offset = 0; + LoadBlob_UINT32(&offset, data->comm.hdr.packet_size, data->comm.buf); + LoadBlob_UINT32(&offset, data->comm.hdr.u.result, data->comm.buf); + LoadBlob_UINT32(&offset, data->comm.hdr.num_parms, data->comm.buf); + LoadBlob_UINT32(&offset, data->comm.hdr.type_size, data->comm.buf); + LoadBlob_UINT32(&offset, data->comm.hdr.type_offset, data->comm.buf); + LoadBlob_UINT32(&offset, data->comm.hdr.parm_size, data->comm.buf); + LoadBlob_UINT32(&offset, data->comm.hdr.parm_offset, data->comm.buf); + } + + return result; + +} + +TSS_RESULT +getTCSDPacket(struct tcsd_thread_data *data) +{ + /* make sure the all the data is present */ + if (data->comm.hdr.num_parms > 0 && + data->comm.hdr.packet_size != + (UINT32)(data->comm.hdr.parm_offset + data->comm.hdr.parm_size)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + /* dispatch the command to the TCS */ + return dispatchCommand(data); +} diff --git a/src/tcs/rpc/tcstp/rpc_admin.c b/src/tcs/rpc/tcstp/rpc_admin.c new file mode 100644 index 0000000..4f357c3 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_admin.c @@ -0,0 +1,404 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_PhysicalSetDeactivated(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_BOOL state; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_BOOL, 1, &state, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_PhysicalSetDeactivated_Internal(hContext, state); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_DisableOwnerClear(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TPM_AUTH auth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DisableOwnerClear_Internal(hContext, &auth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ForceClear(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ForceClear_Internal(hContext); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_DisableForceClear(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DisableForceClear_Internal(hContext); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_PhysicalEnable(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_PhysicalEnable_Internal(hContext); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_SetOwnerInstall(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_BOOL state; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_BOOL, 1, &state, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_SetOwnerInstall_Internal(hContext, state); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_OwnerSetDisable(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_BOOL disableState; + TPM_AUTH ownerAuth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_BOOL, 1, &disableState, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_OwnerSetDisable_Internal(hContext, disableState, &ownerAuth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_PhysicalDisable(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_PhysicalDisable_Internal(hContext); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_PhysicalPresence(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TCPA_PHYSICAL_PRESENCE phyPresFlags; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT16, 1, &phyPresFlags, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_PhysicalPresence_Internal(hContext, phyPresFlags); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_SetTempDeactivated(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_SetTempDeactivated_Internal(hContext); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +#ifdef TSS_BUILD_TSS12 +TSS_RESULT +tcs_wrap_SetTempDeactivated2(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_AUTH operatorAuth, nullAuth, *pAuth; + TSS_RESULT result; + + memset(&operatorAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &operatorAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (memcmp(&nullAuth, &operatorAuth, sizeof(TPM_AUTH))) + pAuth = &operatorAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_SetTempDeactivated2_Internal(hContext, pAuth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ResetLockValue(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_AUTH ownerAuth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ResetLockValue_Internal(hContext, &ownerAuth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_FlushSpecific(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_HANDLE hResHandle; + TPM_RESOURCE_TYPE resourceType; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hResHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &resourceType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_FlushSpecific_Internal(hContext, hResHandle, resourceType); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} +#endif diff --git a/src/tcs/rpc/tcstp/rpc_aik.c b/src/tcs/rpc/tcstp/rpc_aik.c new file mode 100644 index 0000000..0f758f9 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_aik.c @@ -0,0 +1,285 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_MakeIdentity(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_ENCAUTH identityAuth; + TCPA_CHOSENID_HASH privCAHash; + UINT32 idKeyInfoSize; + BYTE *idKeyInfo = NULL; + + TPM_AUTH auth1, auth2; + TPM_AUTH *pSRKAuth, *pOwnerAuth; + + UINT32 idKeySize; + BYTE *idKey = NULL; + UINT32 pcIDBindSize; + BYTE *prgbIDBind = NULL; + UINT32 pcECSize; + BYTE *prgbEC = NULL; + UINT32 pcPlatCredSize; + BYTE *prgbPlatCred = NULL; + UINT32 pcConfCredSize; + BYTE *prgbConfCred = NULL; + TSS_RESULT result; + + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 1, &identityAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &privCAHash, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &idKeyInfoSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + idKeyInfo = (BYTE *) calloc(1, idKeyInfoSize); + if (idKeyInfo == NULL) { + LogError("malloc of %d bytes failed.", idKeyInfoSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, idKeyInfo, idKeyInfoSize, &data->comm)) { + free(idKeyInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 5, &auth1, 0, &data->comm)) { + free(idKeyInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + result = getData(TCSD_PACKET_TYPE_AUTH, 6, &auth2, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) { + pOwnerAuth = &auth1; + pSRKAuth = NULL; + } else if (result) { + free(idKeyInfo); + return result; + } else { + pOwnerAuth = &auth2; + pSRKAuth = &auth1; + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_MakeIdentity_Internal(hContext, identityAuth, privCAHash, + idKeyInfoSize, idKeyInfo, pSRKAuth, + pOwnerAuth, &idKeySize, &idKey, + &pcIDBindSize, &prgbIDBind, &pcECSize, + &prgbEC, &pcPlatCredSize, &prgbPlatCred, + &pcConfCredSize, &prgbConfCred); + + MUTEX_UNLOCK(tcsp_lock); + free(idKeyInfo); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 12); + if (pSRKAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pSRKAuth, 0, &data->comm)) + goto internal_error; + } + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &idKeySize, 0, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, idKey, idKeySize, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcIDBindSize, 0, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbIDBind, pcIDBindSize, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcECSize, 0, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbEC, pcECSize, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcPlatCredSize, 0, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbPlatCred, pcPlatCredSize, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcConfCredSize, 0, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbConfCred, pcConfCredSize, &data->comm)) + goto internal_error; + + free(idKey); + free(prgbIDBind); + free(prgbEC); + free(prgbPlatCred); + free(prgbConfCred); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; + +internal_error: + free(idKey); + free(prgbIDBind); + free(prgbEC); + free(prgbPlatCred); + free(prgbConfCred); + return TCSERR(TSS_E_INTERNAL_ERROR); +} + +TSS_RESULT +tcs_wrap_ActivateIdentity(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE idKeyHandle; + TPM_AUTH *pIdKeyAuth = NULL, *pOwnerAuth = NULL, auth1, auth2; + UINT32 SymmetricKeySize, blobSize; + BYTE *SymmetricKey, *blob; + TSS_RESULT result; + UINT32 i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idKeyHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &blobSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if ((blob = malloc(blobSize)) == NULL) + return TCSERR(TSS_E_OUTOFMEMORY); + + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, blob, blobSize, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &auth1, 0, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + result = getData(TCSD_PACKET_TYPE_AUTH, 5, &auth2, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pOwnerAuth = &auth1; + else if (result) { + free(blob); + return result; + } else { + pIdKeyAuth = &auth1; + pOwnerAuth = &auth2; + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ActivateTPMIdentity_Internal(hContext, idKeyHandle, blobSize, + blob, pIdKeyAuth, pOwnerAuth, + &SymmetricKeySize, + &SymmetricKey); + + MUTEX_UNLOCK(tcsp_lock); + free(blob); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 4); + if (pIdKeyAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pIdKeyAuth, 0, &data->comm)) { + free(SymmetricKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) { + free(SymmetricKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &SymmetricKeySize, 0, &data->comm)) { + free(SymmetricKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, SymmetricKey, SymmetricKeySize, &data->comm)) { + free(SymmetricKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(SymmetricKey); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +#ifdef TSS_BUILD_TSS12 +TSS_RESULT +tcs_wrap_GetCredential(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 CredType; + UINT32 CredAccessMode; + UINT32 CredSize; + BYTE *CredData = NULL; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &CredType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &CredAccessMode, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + result = TCS_GetCredential_Internal(hContext, CredType, CredAccessMode, + &CredSize, &CredData); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &CredSize, 0, &data->comm)) + goto internal_error; + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, CredData, CredSize, &data->comm)) + goto internal_error; + + free(CredData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; + +internal_error: + free(CredData); + return TCSERR(TSS_E_INTERNAL_ERROR); +} +#endif diff --git a/src/tcs/rpc/tcstp/rpc_audit.c b/src/tcs/rpc/tcstp/rpc_audit.c new file mode 100644 index 0000000..0fcfd18 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_audit.c @@ -0,0 +1,230 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_SetOrdinalAuditStatus(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_AUTH ownerAuth; + UINT32 ulOrdinal; + TSS_BOOL bAuditState; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &ulOrdinal, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_BOOL, 2, &bAuditState, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_SetOrdinalAuditStatus_Internal(hContext, &ownerAuth, ulOrdinal, bAuditState); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetAuditDigest(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 startOrdinal; + TPM_DIGEST auditDigest; + UINT32 counterValueSize; + BYTE *counterValue; + TSS_BOOL more; + UINT32 ordSize; + UINT32 *ordList; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &startOrdinal, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_GetAuditDigest_Internal(hContext, startOrdinal, &auditDigest, &counterValueSize, &counterValue, + &more, &ordSize, &ordList); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 6); + if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &auditDigest, 0, &data->comm)) { + free(counterValue); + free(ordList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &counterValueSize, 0, &data->comm)) { + free(counterValue); + free(ordList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, counterValue, counterValueSize, &data->comm)) { + free(counterValue); + free(ordList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(counterValue); + if (setData(TCSD_PACKET_TYPE_BOOL, 3, &more, 0, &data->comm)) { + free(ordList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 4, &ordSize, 0, &data->comm)) { + free(ordList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 5, ordList, ordSize * sizeof(UINT32), &data->comm)) { + free(ordList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(ordList); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetAuditDigestSigned(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE keyHandle; + TSS_BOOL closeAudit; + TPM_NONCE antiReplay; + TPM_AUTH privAuth, nullAuth, *pAuth; + UINT32 counterValueSize; + BYTE *counterValue; + TPM_DIGEST auditDigest; + TPM_DIGEST ordinalDigest; + UINT32 sigSize; + BYTE *sig; + TSS_RESULT result; + int i; + + memset(&privAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &keyHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_BOOL, 2, &closeAudit, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 3, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &privAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (memcmp(&nullAuth, &privAuth, sizeof(TPM_AUTH))) + pAuth = &privAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_GetAuditDigestSigned_Internal(hContext, keyHandle, closeAudit, antiReplay, + pAuth, &counterValueSize, &counterValue, + &auditDigest, &ordinalDigest, + &sigSize, &sig); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 7); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(counterValue); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &counterValueSize, 0, &data->comm)) { + free(counterValue); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, counterValue, counterValueSize, &data->comm)) { + free(counterValue); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(counterValue); + if (setData(TCSD_PACKET_TYPE_DIGEST, i++, &auditDigest, 0, &data->comm)) { + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_DIGEST, i++, &ordinalDigest, 0, &data->comm)) { + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) { + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) { + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(sig); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_auth.c b/src/tcs/rpc/tcstp/rpc_auth.c new file mode 100644 index 0000000..2437c6b --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_auth.c @@ -0,0 +1,113 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_OIAP(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_AUTHHANDLE authHandle; + TCPA_NONCE n0; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = auth_mgr_oiap(hContext, &authHandle, &n0); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &authHandle, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_NONCE, 1, &n0, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_OSAP(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_ENTITY_TYPE entityType; + UINT32 entityValue; + TCPA_NONCE nonceOddOSAP; + + TCS_AUTHHANDLE authHandle; + TCPA_NONCE nonceEven; + TCPA_NONCE nonceEvenOSAP; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT16, 1, &entityType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &entityValue, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 3, &nonceOddOSAP, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = auth_mgr_osap(hContext, entityType, entityValue, nonceOddOSAP, + &authHandle, &nonceEven, &nonceEvenOSAP); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &authHandle, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_NONCE, 1, &nonceEven, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_NONCE, 2, &nonceEvenOSAP, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_bind.c b/src/tcs/rpc/tcstp/rpc_bind.c new file mode 100644 index 0000000..92eee24 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_bind.c @@ -0,0 +1,105 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_UnBind(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE keyHandle; + UINT32 inDataSize; + BYTE *inData; + + TPM_AUTH privAuth; + TPM_AUTH *pPrivAuth; + + UINT32 outDataSize; + BYTE *outData; + TSS_RESULT result; + + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &keyHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + inData = calloc(1, inDataSize); + if (inData == NULL) { + LogError("malloc of %u bytes failed.", inDataSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) { + free(inData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + result = getData(TCSD_PACKET_TYPE_AUTH, 4, &privAuth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pPrivAuth = NULL; + else if (result) { + free(inData); + return result; + } else + pPrivAuth = &privAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_UnBind_Internal(hContext, keyHandle, inDataSize, inData, + pPrivAuth, &outDataSize, &outData); + + MUTEX_UNLOCK(tcsp_lock); + free(inData); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pPrivAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_caps.c b/src/tcs/rpc/tcstp/rpc_caps.c new file mode 100644 index 0000000..4fd2c11 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_caps.c @@ -0,0 +1,81 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_TCSGetCapability(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_CAPABILITY_AREA capArea; + UINT32 subCapSize; + BYTE *subCap; + UINT32 respSize; + BYTE *resp; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + subCap = calloc(1, subCapSize); + if (subCap == NULL) { + LogError("malloc of %u bytes failed.", subCapSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &data->comm)) { + free(subCap); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + result = TCS_GetCapability_Internal(hContext, capArea, subCapSize, subCap, + &respSize, &resp); + free(subCap); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &respSize, 0, &data->comm)) { + free(resp); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, resp, respSize, &data->comm)) { + free(resp); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(resp); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_caps_tpm.c b/src/tcs/rpc/tcstp/rpc_caps_tpm.c new file mode 100644 index 0000000..2bcac27 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_caps_tpm.c @@ -0,0 +1,220 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_GetCapability(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_CAPABILITY_AREA capArea; + UINT32 subCapSize; + BYTE *subCap; + UINT32 respSize; + BYTE *resp; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ldd context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (subCapSize == 0) + subCap = NULL; + else { + subCap = calloc(1, subCapSize); + if (subCap == NULL) { + LogError("malloc of %u bytes failed.", subCapSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &data->comm)) { + free(subCap); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_GetCapability_Internal(hContext, capArea, subCapSize, subCap, &respSize, + &resp); + + MUTEX_UNLOCK(tcsp_lock); + free(subCap); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &respSize, 0, &data->comm)) { + free(resp); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, resp, respSize, &data->comm)) { + free(resp); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(resp); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetCapabilityOwner(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_AUTH ownerAuth; + TCPA_VERSION version; + UINT32 nonVol; + UINT32 vol; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_GetCapabilityOwner_Internal(hContext, &ownerAuth, &version, &nonVol, &vol); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 4); + if (setData(TCSD_PACKET_TYPE_VERSION, 0, &version, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &nonVol, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 2, &vol, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_SetCapability(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_CAPABILITY_AREA capArea; + UINT32 subCapSize; + BYTE *subCap; + UINT32 valueSize; + BYTE *value; + TSS_RESULT result; + TPM_AUTH ownerAuth, *pOwnerAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (subCapSize == 0) + subCap = NULL; + else { + subCap = calloc(1, subCapSize); + if (subCap == NULL) { + LogError("malloc of %u bytes failed.", subCapSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &data->comm)) { + free(subCap); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &valueSize, 0, &data->comm)) { + free(subCap); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (valueSize == 0) + value = NULL; + else { + value = calloc(1, valueSize); + if (value == NULL) { + free(subCap); + LogError("malloc of %u bytes failed.", valueSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 5, value, valueSize, &data->comm)) { + free(subCap); + free(value); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 6, &ownerAuth, 0, &data->comm)) + pOwnerAuth = NULL; + else + pOwnerAuth = &ownerAuth; + + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_SetCapability_Internal(hContext, capArea, subCapSize, subCap, valueSize, + value, pOwnerAuth); + + MUTEX_UNLOCK(tcsp_lock); + free(subCap); + free(value); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (pOwnerAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pOwnerAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_certify.c b/src/tcs/rpc/tcstp/rpc_certify.c new file mode 100644 index 0000000..85c9321 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_certify.c @@ -0,0 +1,120 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_CertifyKey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE certHandle, keyHandle; + TPM_AUTH *pCertAuth = NULL, *pKeyAuth = NULL, certAuth, keyAuth, nullAuth; + UINT32 CertifyInfoSize, outDataSize; + BYTE *CertifyInfo, *outData; + TCPA_NONCE antiReplay; + TSS_RESULT result; + UINT32 i; + + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + memset(&certAuth, 0, sizeof(TPM_AUTH)); + memset(&keyAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &certHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &keyHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 3, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &certAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 5, &keyAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (memcmp(&nullAuth, &certAuth, sizeof(TPM_AUTH))) + pCertAuth = &certAuth; + + if (memcmp(&nullAuth, &keyAuth, sizeof(TPM_AUTH))) + pKeyAuth = &keyAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CertifyKey_Internal(hContext, certHandle, keyHandle, antiReplay, pCertAuth, + pKeyAuth, &CertifyInfoSize, &CertifyInfo, &outDataSize, + &outData); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 6); + if (pCertAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pCertAuth, 0, &data->comm)) { + free(CertifyInfo); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (pKeyAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pKeyAuth, 0, &data->comm)) { + free(CertifyInfo); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &CertifyInfoSize, 0, &data->comm)) { + free(CertifyInfo); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, CertifyInfo, CertifyInfoSize, &data->comm)) { + free(CertifyInfo); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(CertifyInfo); + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_changeauth.c b/src/tcs/rpc/tcstp/rpc_changeauth.c new file mode 100644 index 0000000..97af192 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_changeauth.c @@ -0,0 +1,158 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_ChangeAuth(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE parentHandle; + TCPA_PROTOCOL_ID protocolID; + TCPA_ENCAUTH newAuth; + TCPA_ENTITY_TYPE entityType; + UINT32 encDataSize; + BYTE *encData; + + TPM_AUTH ownerAuth; + TPM_AUTH entityAuth; + + UINT32 outDataSize; + BYTE *outData; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT16, 2, &protocolID, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &newAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT16, 4, &entityType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 5, &encDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + encData = calloc(1, encDataSize); + if (encData == NULL) { + LogError("malloc of %d bytes failed.", encDataSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 6, encData, encDataSize, &data->comm)) { + free(encData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 7, &ownerAuth, 0, &data->comm)) { + free(encData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 8, &entityAuth, 0, &data->comm)) { + free(encData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ChangeAuth_Internal(hContext, parentHandle, protocolID, newAuth, entityType, + encDataSize, encData, &ownerAuth, &entityAuth, + &outDataSize, &outData); + + MUTEX_UNLOCK(tcsp_lock); + free(encData); + if (result == TSS_SUCCESS) { + initData(&data->comm, 4); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_AUTH, 1, &entityAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 2, &outDataSize, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 3, outData, outDataSize, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ChangeAuthOwner(struct tcsd_thread_data *data) +{ + + TCS_CONTEXT_HANDLE hContext; + TCPA_PROTOCOL_ID protocolID; + TCPA_ENCAUTH newAuth; + TCPA_ENTITY_TYPE entityType; + + TPM_AUTH ownerAuth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT16, 1, &protocolID, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 2, &newAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT16, 3, &entityType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ChangeAuthOwner_Internal(hContext, protocolID, newAuth, entityType, + &ownerAuth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_cmk.c b/src/tcs/rpc/tcstp/rpc_cmk.c new file mode 100644 index 0000000..3d00c13 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_cmk.c @@ -0,0 +1,617 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_CMK_SetRestrictions(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_CMK_DELEGATE restriction; + TPM_AUTH ownerAuth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &restriction, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CMK_SetRestrictions_Internal(hContext, restriction, &ownerAuth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CMK_ApproveMA(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_DIGEST migAuthorityDigest; + TPM_AUTH ownerAuth; + TPM_HMAC migAuthorityApproval; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_DIGEST, 1, &migAuthorityDigest, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CMK_ApproveMA_Internal(hContext, migAuthorityDigest, &ownerAuth, + &migAuthorityApproval); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (setData(TCSD_PACKET_TYPE_DIGEST, 1, &migAuthorityApproval, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CMK_CreateKey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TPM_ENCAUTH keyUsageAuth; + TPM_HMAC migAuthorityApproval; + TPM_DIGEST migAuthorityDigest; + UINT32 keyDataSize; + BYTE *keyData; + TPM_AUTH parentAuth, nullAuth, *pAuth; + TSS_RESULT result; + + memset(&parentAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 2, &keyUsageAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &migAuthorityApproval, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_DIGEST, 4, &migAuthorityDigest, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 5, &keyDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + keyData = malloc(keyDataSize); + if (keyData == NULL) { + LogError("malloc of %u bytes failed.", keyDataSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 6, keyData, keyDataSize, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 7, &parentAuth, 0, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &parentAuth, sizeof(TPM_AUTH))) + pAuth = &parentAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CMK_CreateKey_Internal(hContext, hKey, keyUsageAuth, migAuthorityApproval, + migAuthorityDigest, &keyDataSize, &keyData, pAuth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &keyDataSize, 0, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, keyData, keyDataSize, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(keyData); + + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 2, pAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CMK_CreateTicket(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 publicVerifyKeySize; + BYTE *publicVerifyKey; + TPM_DIGEST signedData; + UINT32 sigValueSize; + BYTE *sigValue; + TPM_AUTH ownerAuth; + TPM_HMAC sigTicket; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &publicVerifyKeySize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + publicVerifyKey = malloc(publicVerifyKeySize); + if (publicVerifyKey == NULL) { + LogError("malloc of %u bytes failed.", publicVerifyKeySize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, publicVerifyKey, publicVerifyKeySize, &data->comm)) { + free(publicVerifyKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &signedData, 0, &data->comm)) { + free(publicVerifyKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &sigValueSize, 0, &data->comm)) { + free(publicVerifyKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + sigValue = malloc(sigValueSize); + if (sigValue == NULL) { + LogError("malloc of %u bytes failed.", sigValueSize); + free(publicVerifyKey); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 5, sigValue, sigValueSize, &data->comm)) { + free(publicVerifyKey); + free(sigValue); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 6, &ownerAuth, 0, &data->comm)) { + free(publicVerifyKey); + free(sigValue); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CMK_CreateTicket_Internal(hContext, publicVerifyKeySize, publicVerifyKey, + signedData, sigValueSize, sigValue, &ownerAuth, &sigTicket); + + MUTEX_UNLOCK(tcsp_lock); + free(publicVerifyKey); + free(sigValue); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (setData(TCSD_PACKET_TYPE_DIGEST, 1, &sigTicket, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CMK_CreateBlob(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + UINT16 migrationType; + UINT32 migKeyAuthSize; + BYTE *migKeyAuth; + TPM_DIGEST pubSourceKeyDigest; + UINT32 msaListSize, restrictTicketSize, sigTicketSize, encDataSize; + BYTE *msaList, *restrictTicket, *sigTicket, *encData; + TPM_AUTH parentAuth, nullAuth, *pAuth; + UINT32 randomSize, outDataSize; + BYTE *random, *outData; + TSS_RESULT result; + int i; + + memset(&parentAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT16, 2, &migrationType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &migKeyAuthSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + migKeyAuth = malloc(migKeyAuthSize); + if (migKeyAuth == NULL) { + LogError("malloc of %u bytes failed.", migKeyAuthSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, migKeyAuth, migKeyAuthSize, &data->comm)) { + free(migKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_DIGEST, 5, &pubSourceKeyDigest, 0, &data->comm)) { + free(migKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 6, &msaListSize, 0, &data->comm)) { + free(migKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + msaList = malloc(msaListSize); + if (msaList == NULL) { + LogError("malloc of %u bytes failed.", msaListSize); + free(migKeyAuth); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 7, msaList, msaListSize, &data->comm)) { + free(migKeyAuth); + free(msaList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 8, &restrictTicketSize, 0, &data->comm)) { + free(migKeyAuth); + free(msaList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + restrictTicket = malloc(restrictTicketSize); + if (restrictTicket == NULL) { + LogError("malloc of %u bytes failed.", restrictTicketSize); + free(migKeyAuth); + free(msaList); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 9, restrictTicket, restrictTicketSize, &data->comm)) { + free(migKeyAuth); + free(msaList); + free(restrictTicket); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 10, &sigTicketSize, 0, &data->comm)) { + free(migKeyAuth); + free(msaList); + free(restrictTicket); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + sigTicket = malloc(sigTicketSize); + if (sigTicket == NULL) { + LogError("malloc of %u bytes failed.", sigTicketSize); + free(migKeyAuth); + free(msaList); + free(restrictTicket); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 11, sigTicket, sigTicketSize, &data->comm)) { + free(migKeyAuth); + free(msaList); + free(restrictTicket); + free(sigTicket); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 12, &encDataSize, 0, &data->comm)) { + free(migKeyAuth); + free(msaList); + free(restrictTicket); + free(sigTicket); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + encData = malloc(encDataSize); + if (encData == NULL) { + LogError("malloc of %u bytes failed.", encDataSize); + free(migKeyAuth); + free(msaList); + free(restrictTicket); + free(sigTicket); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 13, encData, encDataSize, &data->comm)) { + free(migKeyAuth); + free(msaList); + free(restrictTicket); + free(sigTicket); + free(encData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 14, &parentAuth, 0, &data->comm)) { + free(migKeyAuth); + free(msaList); + free(restrictTicket); + free(sigTicket); + free(encData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &parentAuth, sizeof(TPM_AUTH))) + pAuth = &parentAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CMK_CreateBlob_Internal(hContext, hKey, migrationType, migKeyAuthSize, + migKeyAuth, pubSourceKeyDigest, msaListSize, msaList, restrictTicketSize, + restrictTicket, sigTicketSize, sigTicket, encDataSize, encData, pAuth, + &randomSize, &random, &outDataSize, &outData); + + MUTEX_UNLOCK(tcsp_lock); + free(migKeyAuth); + free(msaList); + free(restrictTicket); + free(sigTicket); + free(encData); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 5); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &randomSize, 0, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, random, randomSize, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(random); + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CMK_ConvertMigration(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TPM_CMK_AUTH restrictTicket; + TPM_HMAC sigTicket; + UINT32 keyDataSize, msaListSize, randomSize; + BYTE *keyData, *msaList, *random; + TPM_AUTH parentAuth, nullAuth, *pAuth; + UINT32 outDataSize; + BYTE *outData; + TSS_RESULT result; + int i; + + memset(&parentAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, &restrictTicket, sizeof(restrictTicket), &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &sigTicket, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &keyDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + keyData = malloc(keyDataSize); + if (keyData == NULL) { + LogError("malloc of %u bytes failed.", keyDataSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 5, keyData, keyDataSize, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 6, &msaListSize, 0, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + msaList = malloc(msaListSize); + if (msaList == NULL) { + LogError("malloc of %u bytes failed.", msaListSize); + free(keyData); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 7, msaList, msaListSize, &data->comm)) { + free(keyData); + free(msaList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 8, &randomSize, 0, &data->comm)) { + free(keyData); + free(msaList); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + random = malloc(randomSize); + if (random == NULL) { + LogError("malloc of %u bytes failed.", randomSize); + free(keyData); + free(msaList); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 9, random, randomSize, &data->comm)) { + free(keyData); + free(msaList); + free(random); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 10, &parentAuth, 0, &data->comm)) { + free(keyData); + free(msaList); + free(random); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &parentAuth, sizeof(TPM_AUTH))) + pAuth = &parentAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CMK_ConvertMigration_Internal(hContext, hKey, restrictTicket, sigTicket, + keyDataSize, keyData, msaListSize, msaList, randomSize, random, + pAuth, &outDataSize, &outData); + + MUTEX_UNLOCK(tcsp_lock); + free(keyData); + free(msaList); + free(random); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + diff --git a/src/tcs/rpc/tcstp/rpc_context.c b/src/tcs/rpc/tcstp/rpc_context.c new file mode 100644 index 0000000..b04449e --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_context.c @@ -0,0 +1,81 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_OpenContext(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + UINT32 tpm_version = tpm_metrics.version.minor; + + LogDebugFn("thread %ld", THREAD_ID); + + result = TCS_OpenContext_Internal(&hContext); + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &tpm_version, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + /* Set the context in the thread's object. Later, if something goes wrong + * and the connection can't be closed cleanly, we'll still have a reference + * to what resources need to be freed. */ + data->context = hContext; + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CloseContext(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + result = TCS_CloseContext_Internal(hContext); + + /* This will signal the thread that the connection has been closed cleanly */ + if (result == TSS_SUCCESS) + data->context = NULL_TCS_HANDLE; + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_counter.c b/src/tcs/rpc/tcstp/rpc_counter.c new file mode 100644 index 0000000..6bb654e --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_counter.c @@ -0,0 +1,231 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_ReadCounter(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_COUNTER_ID idCounter; + TPM_COUNTER_VALUE counterValue; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ReadCounter_Internal(hContext, idCounter, &counterValue); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_COUNTER_VALUE, 0, &counterValue, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CreateCounter(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_COUNTER_ID idCounter; + TPM_COUNTER_VALUE counterValue; + TPM_AUTH auth; + TPM_ENCAUTH encauth; + UINT32 LabelSize; + BYTE *pLabel = NULL; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &LabelSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if ((pLabel = calloc(1, LabelSize)) == NULL) { + LogError("malloc of %u bytes failed.", LabelSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, &pLabel, LabelSize, &data->comm)) { + free(pLabel); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &encauth, 0, &data->comm)) { + free(pLabel); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm)) { + free(pLabel); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CreateCounter_Internal(hContext, LabelSize, pLabel, encauth, &auth, + &idCounter, &counterValue); + + MUTEX_UNLOCK(tcsp_lock); + + free(pLabel); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_COUNTER_VALUE, 2, &counterValue, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_IncrementCounter(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_COUNTER_ID idCounter; + TPM_COUNTER_VALUE counterValue; + TPM_AUTH auth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_IncrementCounter_Internal(hContext, idCounter, &auth, &counterValue); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_COUNTER_VALUE, 1, &counterValue, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ReleaseCounter(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_COUNTER_ID idCounter; + TPM_AUTH auth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ReleaseCounter_Internal(hContext, idCounter, &auth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ReleaseCounterOwner(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_COUNTER_ID idCounter; + TPM_AUTH auth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ReleaseCounterOwner_Internal(hContext, idCounter, &auth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_daa.c b/src/tcs/rpc/tcstp/rpc_daa.c new file mode 100644 index 0000000..6b9c1c6 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_daa.c @@ -0,0 +1,238 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_DaaJoin(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_HANDLE hDAA; + BYTE stage; + UINT32 inputSize0, inputSize1, outputSize, i; + BYTE *inputData0 = NULL, *inputData1 = NULL,*outputData; + TSS_RESULT result; + TPM_AUTH ownerAuth, *pOwnerAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hDAA, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + LogDebugFn("thread %ld hDAA %x", THREAD_ID, hDAA); + + if (getData(TCSD_PACKET_TYPE_BYTE, 2, &stage, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + LogDebug("getData 2 (stage=%d)", (int)stage); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &inputSize0, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + LogDebug("getData 3 inputSize0=%d", inputSize0); + + inputData0 = calloc(1, inputSize0); + if (inputData0 == NULL) { + LogError("malloc of %d bytes failed.", inputSize0); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + LogDebug("getData 4 inputData0"); + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, inputData0, inputSize0, &data->comm)) { + free(inputData0); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + LogDebug("getData 5"); + if (getData(TCSD_PACKET_TYPE_UINT32, 5, &inputSize1, 0, &data->comm)) { + free( inputData0); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + LogDebug("getData 5 inputSize1=%d", inputSize1); + + if( inputSize1 > 0) { + inputData1 = calloc(1, inputSize1); + if (inputData1 == NULL) { + LogError("malloc of %d bytes failed.", inputSize1); + free( inputData0); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + LogDebug("getData 6 inputData1"); + if (getData(TCSD_PACKET_TYPE_PBYTE, 6, inputData1, inputSize1, &data->comm)) { + free(inputData0); + free(inputData1); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + LogDebug("getData 7"); + if (getData(TCSD_PACKET_TYPE_AUTH, 7, &ownerAuth, 0, &data->comm)) { + pOwnerAuth = NULL; + } else { + pOwnerAuth = &ownerAuth; + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DaaJoin_internal(hContext, hDAA, stage, inputSize0, inputData0, inputSize1, + inputData1, pOwnerAuth, &outputSize, &outputData); + + MUTEX_UNLOCK(tcsp_lock); + + free(inputData0); + if( inputData1 != NULL) free(inputData1); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if ( pOwnerAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) { + free(outputData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outputSize, 0, &data->comm)) { + free(outputData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outputData, outputSize, &data->comm)) { + free(outputData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outputData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_DaaSign(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_HANDLE hDAA; + BYTE stage; + UINT32 inputSize0, inputSize1, outputSize, i; + BYTE *inputData0 = NULL, *inputData1 = NULL,*outputData; + TSS_RESULT result; + TPM_AUTH ownerAuth, *pOwnerAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hDAA, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + LogDebugFn("thread %ld hDAA %x", THREAD_ID, hDAA); + + if (getData(TCSD_PACKET_TYPE_BYTE, 2, &stage, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + LogDebugFn("getData 2 (stage=%d)", (int)stage); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &inputSize0, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + LogDebug("getData 3 inputSize0=%d", inputSize0); + + inputData0 = calloc(1, inputSize0); + if (inputData0 == NULL) { + LogError("malloc of %d bytes failed.", inputSize0); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + LogDebug("getData 4 inputData0"); + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, inputData0, inputSize0, &data->comm)) { + free(inputData0); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + LogDebug("getData 5"); + if (getData(TCSD_PACKET_TYPE_UINT32, 5, &inputSize1, 0, &data->comm)) { + free( inputData0); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + LogDebug("getData 5 inputSize1=%d", inputSize1); + + if( inputSize1 > 0) { + inputData1 = calloc(1, inputSize1); + if (inputData1 == NULL) { + LogError("malloc of %d bytes failed.", inputSize1); + free( inputData0); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + LogDebug("getData 6 inputData1"); + if (getData(TCSD_PACKET_TYPE_PBYTE, 6, inputData1, inputSize1, &data->comm)) { + free(inputData0); + free(inputData1); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + LogDebug("getData 7"); + if (getData(TCSD_PACKET_TYPE_AUTH, 7, &ownerAuth, 0, &data->comm)) { + pOwnerAuth = NULL; + } else { + pOwnerAuth = &ownerAuth; + } + + LogDebugFn("-> TCSP_DaaSign_internal"); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DaaSign_internal(hContext, hDAA, stage, inputSize0, inputData0, inputSize1, + inputData1, pOwnerAuth, &outputSize, &outputData); + + MUTEX_UNLOCK(tcsp_lock); + + LogDebugFn("<- TCSP_DaaSign_internal"); + + free(inputData0); + if( inputData1 != NULL) free(inputData1); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if ( pOwnerAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) { + free(outputData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outputSize, 0, &data->comm)) { + free(outputData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outputData, outputSize, &data->comm)) { + free(outputData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outputData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_delegate.c b/src/tcs/rpc/tcstp/rpc_delegate.c new file mode 100644 index 0000000..5bd0cd8 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_delegate.c @@ -0,0 +1,590 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_Delegate_Manage(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_FAMILY_ID familyId; + TPM_FAMILY_OPERATION opFlag; + UINT32 opDataSize; + BYTE *opData; + TPM_AUTH ownerAuth, nullAuth, *pAuth; + UINT32 retDataSize; + BYTE *retData; + TSS_RESULT result; + int i; + + memset(&ownerAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &familyId, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &opFlag, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &opDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + opData = malloc(opDataSize); + if (opData == NULL) { + LogError("malloc of %u bytes failed.", opDataSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, opData, opDataSize, &data->comm)) { + free(opData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 5, &ownerAuth, 0, &data->comm)) { + free(opData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH))) + pAuth = &ownerAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Delegate_Manage_Internal(hContext, familyId, opFlag, + opDataSize, opData, pAuth, &retDataSize, &retData); + + MUTEX_UNLOCK(tcsp_lock); + free(opData); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(retData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &retDataSize, 0, &data->comm)) { + free(retData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, retData, retDataSize, &data->comm)) { + free(retData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(retData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Delegate_CreateKeyDelegation(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + UINT32 publicInfoSize; + BYTE *publicInfo; + TPM_ENCAUTH encDelAuth; + TPM_AUTH keyAuth, nullAuth, *pAuth; + UINT32 blobSize; + BYTE *blob; + TSS_RESULT result; + int i; + + memset(&keyAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &publicInfoSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + publicInfo = malloc(publicInfoSize); + if (publicInfo == NULL) { + LogError("malloc of %u bytes failed.", publicInfoSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, publicInfo, publicInfoSize, &data->comm)) { + free(publicInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 4, &encDelAuth, 0, &data->comm)) { + free(publicInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 5, &keyAuth, 0, &data->comm)) { + free(publicInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &keyAuth, sizeof(TPM_AUTH))) + pAuth = &keyAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Delegate_CreateKeyDelegation_Internal(hContext, hKey, + publicInfoSize, publicInfo, &encDelAuth, pAuth, &blobSize, &blob); + + MUTEX_UNLOCK(tcsp_lock); + free(publicInfo); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &blobSize, 0, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, blob, blobSize, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(blob); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Delegate_CreateOwnerDelegation(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_BOOL increment; + UINT32 publicInfoSize; + BYTE *publicInfo; + TPM_ENCAUTH encDelAuth; + TPM_AUTH ownerAuth, nullAuth, *pAuth; + UINT32 blobSize; + BYTE *blob; + TSS_RESULT result; + int i; + + memset(&ownerAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_BOOL, 1, &increment, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &publicInfoSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + publicInfo = malloc(publicInfoSize); + if (publicInfo == NULL) { + LogError("malloc of %u bytes failed.", publicInfoSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, publicInfo, publicInfoSize, &data->comm)) { + free(publicInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 4, &encDelAuth, 0, &data->comm)) { + free(publicInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 5, &ownerAuth, 0, &data->comm)) { + free(publicInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH))) + pAuth = &ownerAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Delegate_CreateOwnerDelegation_Internal(hContext, increment, + publicInfoSize, publicInfo, &encDelAuth, pAuth, &blobSize, &blob); + + MUTEX_UNLOCK(tcsp_lock); + free(publicInfo); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &blobSize, 0, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, blob, blobSize, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(blob); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Delegate_LoadOwnerDelegation(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_DELEGATE_INDEX index; + UINT32 blobSize; + BYTE *blob; + TPM_AUTH ownerAuth, nullAuth, *pAuth; + TSS_RESULT result; + + memset(&ownerAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &index, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &blobSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + blob = malloc(blobSize); + if (blob == NULL) { + LogError("malloc of %u bytes failed.", blobSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, blob, blobSize, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm)) { + free(blob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH))) + pAuth = &ownerAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Delegate_LoadOwnerDelegation_Internal(hContext, index, blobSize, blob, + pAuth); + + MUTEX_UNLOCK(tcsp_lock); + free(blob); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Delegate_ReadTable(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 familyTableSize; + BYTE *familyTable; + UINT32 delegateTableSize; + BYTE *delegateTable; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Delegate_ReadTable_Internal(hContext, &familyTableSize, &familyTable, + &delegateTableSize, &delegateTable); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 4); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &familyTableSize, 0, &data->comm)) { + free(familyTable); + free(delegateTable); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, familyTable, familyTableSize, &data->comm)) { + free(familyTable); + free(delegateTable); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(familyTable); + + if (setData(TCSD_PACKET_TYPE_UINT32, 2, &delegateTableSize, 0, &data->comm)) { + free(delegateTable); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 3, delegateTable, delegateTableSize, &data->comm)) { + free(delegateTable); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(delegateTable); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Delegate_UpdateVerificationCount(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 inputSize; + BYTE *input; + TPM_AUTH ownerAuth, nullAuth, *pAuth; + UINT32 outputSize; + BYTE *output; + TSS_RESULT result; + int i; + + memset(&ownerAuth, 0, sizeof(TPM_AUTH)); + memset(&nullAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &inputSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + input = malloc(inputSize); + if (input == NULL) { + LogError("malloc of %u bytes failed.", inputSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, input, inputSize, &data->comm)) { + free(input); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) { + free(input); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH))) + pAuth = &ownerAuth; + else + pAuth = NULL; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Delegate_UpdateVerificationCount_Internal(hContext, inputSize, input, + pAuth, &outputSize, &output); + + MUTEX_UNLOCK(tcsp_lock); + free(input); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(output); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outputSize, 0, &data->comm)) { + free(output); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, output, outputSize, &data->comm)) { + free(output); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(output); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Delegate_VerifyDelegation(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 delegateSize; + BYTE *delegate; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &delegateSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + delegate = malloc(delegateSize); + if (delegate == NULL) { + LogError("malloc of %u bytes failed.", delegateSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, delegate, delegateSize, &data->comm)) { + free(delegate); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Delegate_VerifyDelegation_Internal(hContext, delegateSize, delegate); + + MUTEX_UNLOCK(tcsp_lock); + free(delegate); + + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_DSAP(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT16 entityType; + TCS_KEY_HANDLE keyHandle; + TPM_NONCE nonceOddDSAP, nonceEven, nonceEvenDSAP; + UINT32 entityValueSize; + BYTE *entityValue; + TCS_AUTHHANDLE authHandle; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT16, 1, &entityType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &keyHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 3, &nonceOddDSAP, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &entityValueSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + entityValue = malloc(entityValueSize); + if (entityValue == NULL) { + LogError("malloc of %u bytes failed.", entityValueSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 5, entityValue, entityValueSize, &data->comm)) { + free(entityValue); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DSAP_Internal(hContext, entityType, keyHandle, &nonceOddDSAP, entityValueSize, + entityValue, &authHandle, &nonceEven, &nonceEvenDSAP); + + MUTEX_UNLOCK(tcsp_lock); + free(entityValue); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &authHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_NONCE, 1, &nonceEven, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_NONCE, 2, &nonceEvenDSAP, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + diff --git a/src/tcs/rpc/tcstp/rpc_dir.c b/src/tcs/rpc/tcstp/rpc_dir.c new file mode 100644 index 0000000..47baec6 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_dir.c @@ -0,0 +1,103 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_DirWriteAuth(struct tcsd_thread_data *data) +{ + TSS_RESULT result; + TSS_HCONTEXT hContext; + TCPA_DIRINDEX dirIndex; + TCPA_DIGEST dirDigest; + TPM_AUTH auth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &dirIndex, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &dirDigest, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 3, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DirWriteAuth_Internal(hContext, dirIndex, dirDigest, &auth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_DirRead(struct tcsd_thread_data *data) +{ + TSS_RESULT result; + TSS_HCONTEXT hContext; + TCPA_DIRINDEX dirIndex; + TCPA_DIRVALUE dirValue; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &dirIndex, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DirRead_Internal(hContext, dirIndex, &dirValue); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &dirValue, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_ek.c b/src/tcs/rpc/tcstp/rpc_ek.c new file mode 100644 index 0000000..0b49718 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_ek.c @@ -0,0 +1,324 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_CreateEndorsementKeyPair(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_NONCE antiReplay; + UINT32 eKPtrSize; + BYTE *eKPtr; + UINT32 eKSize; + BYTE* eK; + TCPA_DIGEST checksum; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + eKPtr = calloc(1, eKPtrSize); + if (eKPtr == NULL) { + LogError("malloc of %u bytes failed.", eKPtrSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) { + free(eKPtr); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CreateEndorsementKeyPair_Internal(hContext, antiReplay, eKPtrSize, eKPtr, + &eKSize, &eK, &checksum); + + MUTEX_UNLOCK(tcsp_lock); + + free(eKPtr); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eKSize, 0, &data->comm)) { + free(eK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, eK, eKSize, &data->comm)) { + free(eK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(eK); + if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ReadPubek(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_NONCE antiReplay; + UINT32 pubEKSize; + BYTE *pubEK; + TCPA_DIGEST checksum; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ReadPubek_Internal(hContext, antiReplay, &pubEKSize, &pubEK, &checksum); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pubEKSize, 0, &data->comm)) { + free(pubEK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, pubEK, pubEKSize, &data->comm)) { + free(pubEK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(pubEK); + if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_OwnerReadPubek(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 pubEKSize; + BYTE *pubEK; + TSS_RESULT result; + TPM_AUTH auth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_OwnerReadPubek_Internal(hContext, &auth, &pubEKSize, &pubEK); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { + free(pubEK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &pubEKSize, 0, &data->comm)) { + free(pubEK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, pubEK, pubEKSize, &data->comm)) { + free(pubEK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(pubEK); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_DisablePubekRead(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TPM_AUTH auth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_DisablePubekRead_Internal(hContext, &auth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +#ifdef TSS_BUILD_TSS12 +TSS_RESULT +tcs_wrap_CreateRevocableEndorsementKeyPair(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_NONCE antiReplay; + UINT32 eKPtrSize; + BYTE *eKPtr; + TSS_BOOL genResetAuth; + TPM_DIGEST eKResetAuth; + UINT32 eKSize; + BYTE* eK; + TPM_DIGEST checksum; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + eKPtr = calloc(1, eKPtrSize); + if (eKPtr == NULL) { + LogError("malloc of %d bytes failed.", eKPtrSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) { + free(eKPtr); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_BOOL, 4, &genResetAuth, 0, &data->comm)) { + free(eKPtr); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_DIGEST, 5, &eKResetAuth, 0, &data->comm)) { + free(eKPtr); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CreateRevocableEndorsementKeyPair_Internal(hContext, antiReplay, + eKPtrSize, eKPtr, genResetAuth, &eKResetAuth, &eKSize, &eK, &checksum); + + MUTEX_UNLOCK(tcsp_lock); + + free(eKPtr); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 4); + if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &eKResetAuth, 0, &data->comm)) { + free(eK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &eKSize, 0, &data->comm)) { + free(eK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, eK, eKSize, &data->comm)) { + free(eK); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(eK); + if (setData(TCSD_PACKET_TYPE_DIGEST, 3, &checksum, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_RevokeEndorsementKeyPair(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_DIGEST eKResetAuth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_DIGEST, 1, &eKResetAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_RevokeEndorsementKeyPair_Internal(hContext, eKResetAuth); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} +#endif diff --git a/src/tcs/rpc/tcstp/rpc_evlog.c b/src/tcs/rpc/tcstp/rpc_evlog.c new file mode 100644 index 0000000..12c4151 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_evlog.c @@ -0,0 +1,285 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_GetPcrEvent(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_PCR_EVENT *pEvent = NULL; + TSS_RESULT result; + UINT32 pcrIndex, number; + BYTE lengthOnly; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &number, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_BYTE, 3, &lengthOnly, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (lengthOnly) + result = TCS_GetPcrEvent_Internal(hContext, pcrIndex, &number, NULL); + else + result = TCS_GetPcrEvent_Internal(hContext, pcrIndex, &number, &pEvent); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &number, 0, &data->comm)) { + if (lengthOnly == FALSE) + free_external_events(1, pEvent); + free(pEvent); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (lengthOnly == FALSE) { + if (setData(TCSD_PACKET_TYPE_PCR_EVENT, 1, pEvent, 0, &data->comm)) { + free_external_events(1, pEvent); + free(pEvent); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free_external_events(1, pEvent); + free(pEvent); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + + +TSS_RESULT +tcs_wrap_GetPcrEventsByPcr(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_PCR_EVENT *ppEvents = NULL; + TSS_RESULT result; + UINT32 firstEvent, eventCount, totalSize, pcrIndex, i, j; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &firstEvent, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &eventCount, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + result = TCS_GetPcrEventsByPcr_Internal(hContext, pcrIndex, firstEvent, &eventCount, &ppEvents); + + if (result == TSS_SUCCESS) { + /* XXX totalSize not used */ + for (i = 0, totalSize = 0; i < eventCount; i++) + totalSize += get_pcr_event_size(&(ppEvents[i])); + + initData(&data->comm, eventCount + 1); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eventCount, 0, &data->comm)) { + free_external_events(eventCount, ppEvents); + free(ppEvents); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + i = 1; + for (j = 0; j < eventCount; j++) { + if (setData(TCSD_PACKET_TYPE_PCR_EVENT, i++, &(ppEvents[j]), 0, &data->comm)) { + free_external_events(eventCount, ppEvents); + free(ppEvents); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + free_external_events(eventCount, ppEvents); + free(ppEvents); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetPcrEventLog(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_PCR_EVENT *ppEvents; + TSS_RESULT result; + UINT32 eventCount, totalSize, i, j; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + result = TCS_GetPcrEventLog_Internal(hContext, &eventCount, &ppEvents); + + if (result == TSS_SUCCESS) { + for (i = 0, totalSize = 0; i < eventCount; i++) + totalSize += get_pcr_event_size(&(ppEvents[i])); + + initData(&data->comm, eventCount + 1); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eventCount, 0, &data->comm)) { + free_external_events(eventCount, ppEvents); + free(ppEvents); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + i = 1; + for (j = 0; j < eventCount; j++) { + if (setData(TCSD_PACKET_TYPE_PCR_EVENT, i++, &(ppEvents[j]), 0, &data->comm)) { + free_external_events(eventCount, ppEvents); + free(ppEvents); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + free_external_events(eventCount, ppEvents); + free(ppEvents); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_LogPcrEvent(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_PCR_EVENT event; + TSS_RESULT result; + UINT32 number; + + /* Receive */ + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_PCR_EVENT , 1, &event, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + result = TCS_LogPcrEvent_Internal(hContext, event, &number); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &number, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +void +LoadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event) +{ + LoadBlob_VERSION(offset, blob, (TPM_VERSION *)&(event->versionInfo)); + LoadBlob_UINT32(offset, event->ulPcrIndex, blob); + LoadBlob_UINT32(offset, event->eventType, blob); + + LoadBlob_UINT32(offset, event->ulPcrValueLength, blob); + if (event->ulPcrValueLength > 0) + LoadBlob(offset, event->ulPcrValueLength, blob, event->rgbPcrValue); + + LoadBlob_UINT32(offset, event->ulEventLength, blob); + if (event->ulEventLength > 0) + LoadBlob(offset, event->ulEventLength, blob, event->rgbEvent); + +} + +TSS_RESULT +UnloadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event) +{ + if (!event) { + UINT32 ulPcrValueLength, ulEventLength; + + UnloadBlob_VERSION(offset, blob, NULL); + UnloadBlob_UINT32(offset, NULL, blob); + UnloadBlob_UINT32(offset, NULL, blob); + + UnloadBlob_UINT32(offset, &ulPcrValueLength, blob); + (*offset) += ulPcrValueLength; + + UnloadBlob_UINT32(offset, &ulEventLength, blob); + (*offset) += ulEventLength; + + return TSS_SUCCESS; + } + + UnloadBlob_VERSION(offset, blob, (TPM_VERSION *)&(event->versionInfo)); + UnloadBlob_UINT32(offset, &event->ulPcrIndex, blob); + UnloadBlob_UINT32(offset, &event->eventType, blob); + + UnloadBlob_UINT32(offset, &event->ulPcrValueLength, blob); + if (event->ulPcrValueLength > 0) { + event->rgbPcrValue = malloc(event->ulPcrValueLength); + if (event->rgbPcrValue == NULL) { + LogError("malloc of %u bytes failed.", event->ulPcrValueLength); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + UnloadBlob(offset, event->ulPcrValueLength, blob, event->rgbPcrValue); + } else { + event->rgbPcrValue = NULL; + } + + UnloadBlob_UINT32(offset, &event->ulEventLength, blob); + if (event->ulEventLength > 0) { + event->rgbEvent = malloc(event->ulEventLength); + if (event->rgbEvent == NULL) { + LogError("malloc of %u bytes failed.", event->ulEventLength); + free(event->rgbPcrValue); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + UnloadBlob(offset, event->ulEventLength, blob, event->rgbEvent); + } else { + event->rgbEvent = NULL; + } + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_key.c b/src/tcs/rpc/tcstp/rpc_key.c new file mode 100644 index 0000000..d3a5153 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_key.c @@ -0,0 +1,476 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_EvictKey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = key_mgr_evict(hContext, hKey); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetPubkey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TPM_AUTH auth; + TPM_AUTH *pAuth; + UINT32 pubKeySize; + BYTE *pubKey; + TSS_RESULT result; + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + result = getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pAuth = NULL; + else if (result) + return result; + else + pAuth = &auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_GetPubKey_Internal(hContext, hKey, pAuth, &pubKeySize, &pubKey); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth != NULL) + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(pubKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pubKeySize, 0, &data->comm)) { + free(pubKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, pubKey, pubKeySize, &data->comm)) { + free(pubKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(pubKey); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_TerminateHandle(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_AUTHHANDLE authHandle; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &authHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_TerminateHandle_Internal(hContext, authHandle); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_LoadKeyByBlob(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hUnwrappingKey; + UINT32 cWrappedKeyBlob; + BYTE *rgbWrappedKeyBlob; + + TPM_AUTH auth; + + TCS_KEY_HANDLE phKeyTCSI; + TCS_KEY_HANDLE phKeyHMAC; + + TPM_AUTH *pAuth; + TSS_RESULT result; + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hUnwrappingKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &cWrappedKeyBlob, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbWrappedKeyBlob = calloc(1, cWrappedKeyBlob); + if (rgbWrappedKeyBlob == NULL) { + LogError("malloc of %d bytes failed.", cWrappedKeyBlob); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbWrappedKeyBlob, cWrappedKeyBlob, &data->comm)) { + free(rgbWrappedKeyBlob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pAuth = NULL; + else if (result) { + free(rgbWrappedKeyBlob); + return result; + } else + pAuth = &auth; + + MUTEX_LOCK(tcsp_lock); + + result = key_mgr_load_by_blob(hContext, hUnwrappingKey, cWrappedKeyBlob, rgbWrappedKeyBlob, + pAuth, &phKeyTCSI, &phKeyHMAC); + + if (!result) + result = ctx_mark_key_loaded(hContext, phKeyTCSI); + + MUTEX_UNLOCK(tcsp_lock); + + free(rgbWrappedKeyBlob); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyTCSI, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyHMAC, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +#ifdef TSS_BUILD_TSS12 +TSS_RESULT +tcs_wrap_LoadKey2ByBlob(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hUnwrappingKey; + UINT32 cWrappedKeyBlob; + BYTE *rgbWrappedKeyBlob; + TPM_AUTH auth; + TCS_KEY_HANDLE phKeyTCSI; + TPM_AUTH *pAuth; + TSS_RESULT result; + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hUnwrappingKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &cWrappedKeyBlob, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbWrappedKeyBlob = calloc(1, cWrappedKeyBlob); + if (rgbWrappedKeyBlob == NULL) { + LogError("malloc of %d bytes failed.", cWrappedKeyBlob); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbWrappedKeyBlob, cWrappedKeyBlob, &data->comm)) { + free(rgbWrappedKeyBlob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pAuth = NULL; + else if (result) { + free(rgbWrappedKeyBlob); + return result; + } else + pAuth = &auth; + + MUTEX_LOCK(tcsp_lock); + + result = key_mgr_load_by_blob(hContext, hUnwrappingKey, cWrappedKeyBlob, rgbWrappedKeyBlob, + pAuth, &phKeyTCSI, NULL); + + if (!result) + result = ctx_mark_key_loaded(hContext, phKeyTCSI); + + MUTEX_UNLOCK(tcsp_lock); + + free(rgbWrappedKeyBlob); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 2); + if (pAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyTCSI, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} +#endif + +TSS_RESULT +tcs_wrap_CreateWrapKey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hWrappingKey; + TCPA_ENCAUTH KeyUsageAuth; + TCPA_ENCAUTH KeyMigrationAuth; + UINT32 keyInfoSize; + BYTE *keyInfo; + + TPM_AUTH *pAuth, auth; + + UINT32 keyDataSize; + BYTE *keyData; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hWrappingKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 2, &KeyUsageAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &KeyMigrationAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &keyInfoSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + keyInfo = calloc(1, keyInfoSize); + if (keyInfo == NULL) { + LogError("malloc of %d bytes failed.", keyInfoSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 5, keyInfo, keyInfoSize, &data->comm)) { + free(keyInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 6, &auth, 0, &data->comm)) + pAuth = NULL; + else + pAuth = &auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CreateWrapKey_Internal(hContext, hWrappingKey, KeyUsageAuth, KeyMigrationAuth, + keyInfoSize, keyInfo, &keyDataSize, &keyData, pAuth); + + MUTEX_UNLOCK(tcsp_lock); + + free(keyInfo); + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &keyDataSize, 0, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, keyData, keyDataSize, &data->comm)) { + free(keyData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(keyData); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 2, pAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +#ifdef TSS_BUILD_TSS12 +TSS_RESULT +tcs_wrap_OwnerReadInternalPub(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TPM_AUTH ownerAuth; + UINT32 pubKeySize; + BYTE *pubKeyData; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_OwnerReadInternalPub_Internal(hContext, hKey, &ownerAuth, &pubKeySize, &pubKeyData); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &pubKeySize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, pubKeyData, pubKeySize, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_KeyControlOwner(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + UINT32 ulPublicKeyLength; + BYTE* rgbPublicKey; + UINT32 attribName; + TSS_BOOL attribValue; + TPM_AUTH ownerAuth; + TSS_UUID uuidData; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &ulPublicKeyLength, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbPublicKey = (BYTE *) malloc(ulPublicKeyLength); + if (rgbPublicKey == NULL) { + LogError("malloc of %u bytes failed.", ulPublicKeyLength); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbPublicKey, ulPublicKeyLength, &data->comm)) { + free(rgbPublicKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &attribName, 0, &data->comm)) { + free(rgbPublicKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_BOOL, 5, &attribValue, 0, &data->comm)) { + free(rgbPublicKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 6, &ownerAuth, 0, &data->comm)) { + free(rgbPublicKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_KeyControlOwner_Internal(hContext, hKey, ulPublicKeyLength, rgbPublicKey, + attribName, attribValue, &ownerAuth, &uuidData); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (setData(TCSD_PACKET_TYPE_UUID, 1, &uuidData, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; + +} +#endif diff --git a/src/tcs/rpc/tcstp/rpc_maint.c b/src/tcs/rpc/tcstp/rpc_maint.c new file mode 100644 index 0000000..f51a4f2 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_maint.c @@ -0,0 +1,283 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_KillMaintenanceFeature(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TPM_AUTH ownerAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_KillMaintenanceFeature_Internal(hContext, &ownerAuth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CreateMaintenanceArchive(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TPM_AUTH ownerAuth; + TSS_BOOL generateRandom; + UINT32 randomSize, archiveSize; + BYTE *random, *archive; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_BOOL, 1, &generateRandom, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CreateMaintenanceArchive_Internal(hContext, generateRandom, &ownerAuth, + &randomSize, &random, &archiveSize, + &archive); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 5); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + free(random); + free(archive); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &randomSize, 0, &data->comm)) { + free(random); + free(archive); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, random, randomSize, &data->comm)) { + free(random); + free(archive); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (setData(TCSD_PACKET_TYPE_UINT32, 3, &archiveSize, 0, &data->comm)) { + free(random); + free(archive); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 4, archive, archiveSize, &data->comm)) { + free(random); + free(archive); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + free(random); + free(archive); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_LoadMaintenanceArchive(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TPM_AUTH ownerAuth; + UINT32 dataInSize, dataOutSize; + BYTE *dataIn, *dataOut; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &dataInSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + dataIn = (BYTE *)malloc(dataInSize); + if (dataIn == NULL) { + LogError("malloc of %d bytes failed.", dataInSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, dataIn, dataInSize, &data->comm)) { + free(dataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) { + free(dataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_LoadMaintenanceArchive_Internal(hContext, dataInSize, dataIn, &ownerAuth, + &dataOutSize, &dataOut); + + MUTEX_UNLOCK(tcsp_lock); + free(dataIn); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + free(dataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &dataOutSize, 0, &data->comm)) { + free(dataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, dataOut, dataOutSize, &data->comm)) { + free(dataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + free(dataOut); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_LoadManuMaintPub(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + UINT32 pubKeySize; + BYTE *pubKey; + TCPA_NONCE antiReplay; + TCPA_DIGEST checksum; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &pubKeySize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + pubKey = (BYTE *)malloc(pubKeySize); + if (pubKey == NULL) { + LogError("malloc of %d bytes failed.", pubKeySize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, pubKey, pubKeySize, &data->comm)) { + free(pubKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_LoadManuMaintPub_Internal(hContext, antiReplay, pubKeySize, pubKey, + &checksum); + + MUTEX_UNLOCK(tcsp_lock); + free(pubKey); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &checksum, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ReadManuMaintPub(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TCPA_NONCE antiReplay; + TCPA_DIGEST checksum; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ReadManuMaintPub_Internal(hContext, antiReplay, &checksum); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &checksum, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_migration.c b/src/tcs/rpc/tcstp/rpc_migration.c new file mode 100644 index 0000000..5233096 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_migration.c @@ -0,0 +1,321 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_CreateMigrationBlob(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TCS_KEY_HANDLE parentHandle; + TSS_MIGRATE_SCHEME migrationType; + UINT32 MigrationKeyAuthSize, encDataSize, randomSize, outDataSize; + BYTE *MigrationKeyAuth, *encData, *random, *outData; + TPM_AUTH auth1, auth2, *pParentAuth, *pEntityAuth; + UINT32 i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT16, 2, &migrationType, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &MigrationKeyAuthSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MigrationKeyAuth = (BYTE *)malloc(MigrationKeyAuthSize); + if (MigrationKeyAuth == NULL) { + LogError("malloc of %d bytes failed.", MigrationKeyAuthSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, MigrationKeyAuth, MigrationKeyAuthSize, &data->comm)) { + free(MigrationKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 5, &encDataSize, 0, &data->comm)) { + free(MigrationKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + encData = (BYTE *)malloc(encDataSize); + if (encData == NULL) { + free(MigrationKeyAuth); + LogError("malloc of %d bytes failed.", encDataSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 6, encData, encDataSize, &data->comm)) { + free(MigrationKeyAuth); + free(encData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 7, &auth1, 0, &data->comm)) { + free(MigrationKeyAuth); + free(encData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 8, &auth2, 0, &data->comm)) { + /* If loading the 2nd auth fails, the first one was entity auth */ + pParentAuth = NULL; + pEntityAuth = &auth1; + } else { + /* If loading the 2nd auth succeeds, the first one was parent auth */ + pParentAuth = &auth1; + pEntityAuth = &auth2; + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CreateMigrationBlob_Internal(hContext, parentHandle, migrationType, + MigrationKeyAuthSize, MigrationKeyAuth, + encDataSize, encData, pParentAuth, pEntityAuth, + &randomSize, &random, &outDataSize, &outData); + + MUTEX_UNLOCK(tcsp_lock); + + free(MigrationKeyAuth); + free(encData); + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 6); + if (pParentAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pEntityAuth, 0, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &randomSize, 0, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (randomSize > 0) { + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, random, randomSize, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { + free(random); + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + free(random); + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ConvertMigrationBlob(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TCS_KEY_HANDLE parentHandle; + UINT32 outDataSize, randomSize, inDataSize; + BYTE *outData, *random, *inData; + TPM_AUTH parentAuth, *pParentAuth; + UINT32 i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + inData = (BYTE *)malloc(inDataSize); + if (inData == NULL) { + LogError("malloc of %d bytes failed.", inDataSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) { + free(inData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &randomSize, 0, &data->comm)) { + free(inData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + random = (BYTE *)malloc(randomSize); + if (random == NULL) { + free(inData); + LogError("malloc of %d bytes failed.", randomSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 5, random, randomSize, &data->comm)) { + free(inData); + free(random); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 6, &parentAuth, 0, &data->comm)) + pParentAuth = NULL; + else + pParentAuth = &parentAuth; + + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ConvertMigrationBlob_Internal(hContext, parentHandle, inDataSize, inData, + randomSize, random, pParentAuth, &outDataSize, + &outData); + + MUTEX_UNLOCK(tcsp_lock); + + free(inData); + free(random); + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pParentAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_AuthorizeMigrationKey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TSS_MIGRATE_SCHEME migrateScheme; + UINT32 MigrationKeySize, MigrationKeyAuthSize; + BYTE *MigrationKey, *MigrationKeyAuth; + TPM_AUTH ownerAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT16, 1, &migrateScheme, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &MigrationKeySize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MigrationKey = (BYTE *)malloc(MigrationKeySize); + if (MigrationKey == NULL) { + LogError("malloc of %d bytes failed.", MigrationKeySize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, MigrationKey, MigrationKeySize, &data->comm)) { + free(MigrationKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm)) { + free(MigrationKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_AuthorizeMigrationKey_Internal(hContext, migrateScheme, MigrationKeySize, + MigrationKey, &ownerAuth, + &MigrationKeyAuthSize, &MigrationKeyAuth); + + MUTEX_UNLOCK(tcsp_lock); + + free(MigrationKey); + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + free(MigrationKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &MigrationKeyAuthSize, 0, &data->comm)) { + free(MigrationKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, MigrationKeyAuth, MigrationKeyAuthSize, + &data->comm)) { + free(MigrationKeyAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + free(MigrationKeyAuth); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_nv.c b/src/tcs/rpc/tcstp/rpc_nv.c new file mode 100644 index 0000000..71c170d --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_nv.c @@ -0,0 +1,344 @@ +/* + * The Initial Developer of the Original Code is Intel Corporation. + * Portions created by Intel Corporation are Copyright (C) 2007 Intel Corporation. + * All Rights Reserved. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the Common Public License as published by + * IBM Corporation; either version 1 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * Common Public License for more details. + * + * You should have received a copy of the Common Public License + * along with this program; if not, a copy can be viewed at + * http://www.opensource.org/licenses/cpl1.0.php. + * + * trousers - An open source TCG Software Stack + * + * Author: james.xu@intel.com Rossey.liu@intel.com + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_NV_DefineOrReleaseSpace(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 cPubInfoSize; + BYTE *pubInfo = NULL; + TSS_RESULT result; + TPM_ENCAUTH encAuth; + TPM_AUTH Auth, *pAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &cPubInfoSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + pubInfo = calloc(1, cPubInfoSize); + if (pubInfo == NULL) { + LogError("malloc of %u bytes failed.", cPubInfoSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, pubInfo, cPubInfoSize, &data->comm)) { + free(pubInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &encAuth, 0, &data->comm)) { + free(pubInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &Auth, 0, &data->comm)) + pAuth = NULL; + else + pAuth = &Auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_NV_DefineOrReleaseSpace_Internal(hContext, + cPubInfoSize, pubInfo, encAuth, pAuth); + + MUTEX_UNLOCK(tcsp_lock); + + free(pubInfo); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if ( pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_NV_WriteValue(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_NV_INDEX hNVStore; + UINT32 offset,ulDataLength; + BYTE *rgbDataToWrite = NULL; + TSS_RESULT result; + TPM_AUTH Auth, *pAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbDataToWrite = calloc(1, ulDataLength); + if (rgbDataToWrite == NULL) { + LogError("malloc of %u bytes failed.", ulDataLength); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbDataToWrite, ulDataLength, &data->comm)) { + free(rgbDataToWrite); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_AUTH, 5, &Auth, 0, &data->comm)) + pAuth = NULL; + else + pAuth = &Auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_NV_WriteValue_Internal(hContext, hNVStore, + offset, ulDataLength, rgbDataToWrite, pAuth); + + MUTEX_UNLOCK(tcsp_lock); + + free(rgbDataToWrite); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_NV_WriteValueAuth(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_NV_INDEX hNVStore; + UINT32 offset,ulDataLength; + BYTE *rgbDataToWrite = NULL; + TSS_RESULT result; + TPM_AUTH Auth, *pAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbDataToWrite = calloc(1, ulDataLength); + if (rgbDataToWrite == NULL) { + LogError("malloc of %u bytes failed.", ulDataLength); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbDataToWrite, ulDataLength, &data->comm)) { + free(rgbDataToWrite); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 5, &Auth, 0, &data->comm)) + pAuth = NULL; + else + pAuth = &Auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_NV_WriteValueAuth_Internal(hContext, hNVStore, + offset, ulDataLength, rgbDataToWrite, pAuth); + + MUTEX_UNLOCK(tcsp_lock); + + free(rgbDataToWrite); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if ( pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_NV_ReadValue(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_NV_INDEX hNVStore; + UINT32 offset,ulDataLength, i; + BYTE *rgbDataRead = NULL; + TSS_RESULT result; + TPM_AUTH Auth, *pAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &Auth, 0, &data->comm)) + pAuth = NULL; + else + pAuth = &Auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_NV_ReadValue_Internal(hContext, hNVStore, + offset, &ulDataLength, pAuth, &rgbDataRead); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if ( pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(rgbDataRead); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulDataLength, 0, &data->comm)) { + free(rgbDataRead); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbDataRead, ulDataLength, &data->comm)) { + free(rgbDataRead); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(rgbDataRead); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_NV_ReadValueAuth(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_NV_INDEX hNVStore; + UINT32 offset,ulDataLength, i; + BYTE *rgbDataRead = NULL; + TSS_RESULT result; + TPM_AUTH NVAuth, *pNVAuth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &NVAuth, 0, &data->comm)) { + pNVAuth = NULL; + } else { + pNVAuth = &NVAuth; + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_NV_ReadValueAuth_Internal(hContext, hNVStore, + offset, &ulDataLength, pNVAuth, &rgbDataRead); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if ( pNVAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pNVAuth, 0, &data->comm)) { + free(rgbDataRead); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulDataLength, 0, &data->comm)) { + free(rgbDataRead); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbDataRead, ulDataLength, &data->comm)) { + free(rgbDataRead); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(rgbDataRead); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + diff --git a/src/tcs/rpc/tcstp/rpc_oper.c b/src/tcs/rpc/tcstp/rpc_oper.c new file mode 100644 index 0000000..8e097be --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_oper.c @@ -0,0 +1,57 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_SetOperatorAuth(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCPA_SECRET operatorAuth; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_SECRET, 1, &operatorAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_SetOperatorAuth_Internal(hContext, &operatorAuth); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + diff --git a/src/tcs/rpc/tcstp/rpc_own.c b/src/tcs/rpc/tcstp/rpc_own.c new file mode 100644 index 0000000..beb2a8c --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_own.c @@ -0,0 +1,170 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_TakeOwnership(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT16 protocolID; + UINT32 encOwnerAuthSize; + BYTE *encOwnerAuth; + UINT32 encSrkAuthSize; + BYTE *encSrkAuth; + UINT32 srkInfoSize; + BYTE *srkInfo; + TPM_AUTH ownerAuth; + + UINT32 srkKeySize; + BYTE *srkKey; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT16, 1, &protocolID, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &encOwnerAuthSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + encOwnerAuth = calloc(1, encOwnerAuthSize); + if (encOwnerAuth == NULL) { + LogError("malloc of %d bytes failed.", encOwnerAuthSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, encOwnerAuth, encOwnerAuthSize, &data->comm)) { + free(encOwnerAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_UINT32, 4, &encSrkAuthSize, 0, &data->comm)) { + free(encOwnerAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + encSrkAuth = calloc(1, encSrkAuthSize); + if (encSrkAuth == NULL) { + LogError("malloc of %d bytes failed.", encSrkAuthSize); + free(encOwnerAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 5, encSrkAuth, encSrkAuthSize, &data->comm)) { + free(encOwnerAuth); + free(encSrkAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_UINT32, 6, &srkInfoSize, 0, &data->comm)) { + free(encOwnerAuth); + free(encSrkAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + srkInfo = calloc(1, srkInfoSize); + if (srkInfo == NULL) { + LogError("malloc of %d bytes failed.", srkInfoSize); + free(encOwnerAuth); + free(encSrkAuth); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 7, srkInfo, srkInfoSize, &data->comm)) { + free(encOwnerAuth); + free(encSrkAuth); + free(srkInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 8, &ownerAuth, 0, &data->comm)) { + free(encOwnerAuth); + free(encSrkAuth); + free(srkInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_TakeOwnership_Internal(hContext, protocolID, encOwnerAuthSize, encOwnerAuth, + encSrkAuthSize, encSrkAuth, srkInfoSize, srkInfo, + &ownerAuth, &srkKeySize, &srkKey); + + MUTEX_UNLOCK(tcsp_lock); + free(encOwnerAuth); + free(encSrkAuth); + free(srkInfo); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { + free(srkKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &srkKeySize, 0, &data->comm)) { + free(srkKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, srkKey, srkKeySize, &data->comm)) { + free(srkKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(srkKey); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_OwnerClear(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + TPM_AUTH auth; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_OwnerClear_Internal(hContext, &auth); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_pcr_extend.c b/src/tcs/rpc/tcstp/rpc_pcr_extend.c new file mode 100644 index 0000000..e9fd9cd --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_pcr_extend.c @@ -0,0 +1,139 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_Extend(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 pcrIndex; + TCPA_DIGEST inDigest; + TSS_RESULT result; + TCPA_DIGEST outDigest; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &inDigest, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Extend_Internal(hContext, pcrIndex, inDigest, &outDigest); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &outDigest, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_PcrRead(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 pcrIndex; + TCPA_DIGEST digest; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_PcrRead_Internal(hContext, pcrIndex, &digest); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &digest, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_PcrReset(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 pcrDataSizeIn; + BYTE *pcrDataIn; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrDataSizeIn, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + pcrDataIn = (BYTE *)malloc(pcrDataSizeIn); + if (pcrDataIn == NULL) { + LogError("malloc of %u bytes failed.", pcrDataSizeIn); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, pcrDataIn, pcrDataSizeIn, &data->comm)) { + free(pcrDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_PcrReset_Internal(hContext, pcrDataSizeIn, pcrDataIn); + + MUTEX_UNLOCK(tcsp_lock); + free(pcrDataIn); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return result; +} + diff --git a/src/tcs/rpc/tcstp/rpc_ps.c b/src/tcs/rpc/tcstp/rpc_ps.c new file mode 100644 index 0000000..3f6e5a7 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_ps.c @@ -0,0 +1,510 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_RegisterKey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_UUID WrappingKeyUUID; + TSS_UUID KeyUUID; + UINT32 cKeySize; + BYTE *rgbKey; + UINT32 cVendorData; + BYTE *gbVendorData; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UUID, 1, &WrappingKeyUUID, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UUID, 2, &KeyUUID, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &cKeySize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbKey = calloc(1, cKeySize); + if (rgbKey == NULL) { + LogError("malloc of %d bytes failed.", cKeySize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbKey, cKeySize, &data->comm)) { + free(rgbKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_UINT32, 5, &cVendorData, 0, &data->comm)) { + free(rgbKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (cVendorData == 0) + gbVendorData = NULL; + else { + gbVendorData = calloc(1, cVendorData); + if (gbVendorData == NULL) { + LogError("malloc of %d bytes failed.", cVendorData); + free(rgbKey); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, 6, gbVendorData, cVendorData, &data->comm)) { + free(rgbKey); + free(gbVendorData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + result = TCS_RegisterKey_Internal(hContext, &WrappingKeyUUID, &KeyUUID, + cKeySize, rgbKey, cVendorData, + gbVendorData); + free(rgbKey); + free(gbVendorData); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_UnregisterKey(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_UUID uuid; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UUID, 1, &uuid, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + result = TCS_UnregisterKey_Internal(hContext, uuid); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetRegisteredKeyBlob(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_UUID uuid; + UINT32 pcKeySize; + BYTE *prgbKey; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UUID, 1, &uuid, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + result = TCS_GetRegisteredKeyBlob_Internal(hContext, &uuid, &pcKeySize, + &prgbKey); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pcKeySize, 0, &data->comm)) { + free(prgbKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, prgbKey, pcKeySize, &data->comm)) { + free(prgbKey); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(prgbKey); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_LoadKeyByUUID(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_UUID uuid; + TCS_LOADKEY_INFO info, *pInfo; + TCS_KEY_HANDLE phKeyTCSI; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UUID, 1, &uuid, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + result = getData(TCSD_PACKET_TYPE_LOADKEY_INFO, 2, &info, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pInfo = NULL; + else if (result) + return result; + else + pInfo = &info; + + result = key_mgr_load_by_uuid(hContext, &uuid, pInfo, &phKeyTCSI); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &phKeyTCSI, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (pInfo != NULL) { + if (setData(TCSD_PACKET_TYPE_LOADKEY_INFO, 1, pInfo, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + } else { + if (result == TCSERR(TCS_E_KM_LOADFAILED) && pInfo != NULL) { + initData(&data->comm, 1); + if (setData(TCSD_PACKET_TYPE_LOADKEY_INFO, 0, pInfo, 0, &data->comm)) { + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + } + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_EnumRegisteredKeys(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_UUID uuid, *pUuid; + UINT32 cKeyHierarchySize; + TSS_KM_KEYINFO *pKeyHierarchy; + unsigned int i, j; + TSS_RESULT result; + + /* Receive */ + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + result = getData(TCSD_PACKET_TYPE_UUID , 1, &uuid, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pUuid = NULL; + else if (result) + return result; + else + pUuid = &uuid; + + result = TCS_EnumRegisteredKeys_Internal( + hContext, + pUuid, + &cKeyHierarchySize, + &pKeyHierarchy); + + if (result == TSS_SUCCESS) { + i=0; + initData(&data->comm, cKeyHierarchySize + 1); + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &cKeyHierarchySize, 0, &data->comm)) { + free(pKeyHierarchy); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + for (j = 0; j < cKeyHierarchySize; j++) { + if (setData(TCSD_PACKET_TYPE_KM_KEYINFO, i++, &pKeyHierarchy[j], 0, &data->comm)) { + free(pKeyHierarchy); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + free(pKeyHierarchy); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_EnumRegisteredKeys2(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_UUID uuid, *pUuid; + UINT32 cKeyHierarchySize; + TSS_KM_KEYINFO2 *pKeyHierarchy; + unsigned int i, j; + TSS_RESULT result; + + /* Receive */ + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + result = getData(TCSD_PACKET_TYPE_UUID , 1, &uuid, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pUuid = NULL; + else if (result) + return result; + else + pUuid = &uuid; + + result = TCS_EnumRegisteredKeys_Internal2( + hContext, + pUuid, + &cKeyHierarchySize, + &pKeyHierarchy); + + if (result == TSS_SUCCESS) { + i=0; + initData(&data->comm, cKeyHierarchySize + 1); + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &cKeyHierarchySize, 0, &data->comm)) { + free(pKeyHierarchy); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + for (j = 0; j < cKeyHierarchySize; j++) { + if (setData(TCSD_PACKET_TYPE_KM_KEYINFO2, i++, &pKeyHierarchy[j], 0, &data->comm)) { + free(pKeyHierarchy); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + free(pKeyHierarchy); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetRegisteredKeyByPublicInfo(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + UINT32 algId, ulPublicInfoLength, keySize; + BYTE *rgbPublicInfo, *keyBlob; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &algId, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &ulPublicInfoLength, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbPublicInfo = (BYTE *)calloc(1, ulPublicInfoLength); + if (rgbPublicInfo == NULL) { + LogError("malloc of %d bytes failed.", ulPublicInfoLength); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbPublicInfo, ulPublicInfoLength, &data->comm)) { + free(rgbPublicInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + result = TCSP_GetRegisteredKeyByPublicInfo_Internal(hContext, algId, + ulPublicInfoLength, rgbPublicInfo, &keySize, &keyBlob); + + free(rgbPublicInfo); + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &keySize, 0, &data->comm)) { + free(keyBlob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, keyBlob, keySize, &data->comm)) { + free(keyBlob); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(keyBlob); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +void +LoadBlob_LOADKEY_INFO(UINT64 *offset, BYTE *blob, TCS_LOADKEY_INFO *info) +{ + LoadBlob_UUID(offset, blob, info->keyUUID); + LoadBlob_UUID(offset, blob, info->parentKeyUUID); + LoadBlob(offset, TCPA_DIGEST_SIZE, blob, info->paramDigest.digest); + LoadBlob_UINT32(offset, info->authData.AuthHandle, blob); + LoadBlob(offset, TCPA_NONCE_SIZE, blob, info->authData.NonceOdd.nonce); + LoadBlob(offset, TCPA_NONCE_SIZE, blob, info->authData.NonceEven.nonce); + LoadBlob_BOOL(offset, info->authData.fContinueAuthSession, blob); + LoadBlob(offset, TCPA_AUTHDATA_SIZE, blob, (BYTE *)&info->authData.HMAC); +} + +void +UnloadBlob_LOADKEY_INFO(UINT64 *offset, BYTE *blob, TCS_LOADKEY_INFO *info) +{ + if (!info) { + UnloadBlob_UUID(offset, blob, NULL); + UnloadBlob_UUID(offset, blob, NULL); + UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, NULL); + UnloadBlob_UINT32(offset, NULL, blob); + UnloadBlob(offset, TCPA_NONCE_SIZE, blob, NULL); + UnloadBlob(offset, TCPA_NONCE_SIZE, blob, NULL); + UnloadBlob_BOOL(offset, NULL, blob); + UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, NULL); + + return; + } + + UnloadBlob_UUID(offset, blob, &info->keyUUID); + UnloadBlob_UUID(offset, blob, &info->parentKeyUUID); + UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, info->paramDigest.digest); + UnloadBlob_UINT32(offset, &info->authData.AuthHandle, blob); + UnloadBlob(offset, TCPA_NONCE_SIZE, blob, (BYTE *)&info->authData.NonceOdd.nonce); + UnloadBlob(offset, TCPA_NONCE_SIZE, blob, (BYTE *)&info->authData.NonceEven.nonce); + UnloadBlob_BOOL(offset, &info->authData.fContinueAuthSession, blob); + UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, (BYTE *)&info->authData.HMAC); +} + +void +LoadBlob_UUID(UINT64 *offset, BYTE * blob, TSS_UUID uuid) +{ + LoadBlob_UINT32(offset, uuid.ulTimeLow, blob); + LoadBlob_UINT16(offset, uuid.usTimeMid, blob); + LoadBlob_UINT16(offset, uuid.usTimeHigh, blob); + LoadBlob_BYTE(offset, uuid.bClockSeqHigh, blob); + LoadBlob_BYTE(offset, uuid.bClockSeqLow, blob); + LoadBlob(offset, 6, blob, uuid.rgbNode); +} + +void +UnloadBlob_UUID(UINT64 *offset, BYTE * blob, TSS_UUID *uuid) +{ + if (!uuid) { + UnloadBlob_UINT32(offset, NULL, blob); + UnloadBlob_UINT16(offset, NULL, blob); + UnloadBlob_UINT16(offset, NULL, blob); + UnloadBlob_BYTE(offset, NULL, blob); + UnloadBlob_BYTE(offset, NULL, blob); + UnloadBlob(offset, 6, blob, NULL); + + return; + } + + memset(uuid, 0, sizeof(TSS_UUID)); + UnloadBlob_UINT32(offset, &uuid->ulTimeLow, blob); + UnloadBlob_UINT16(offset, &uuid->usTimeMid, blob); + UnloadBlob_UINT16(offset, &uuid->usTimeHigh, blob); + UnloadBlob_BYTE(offset, &uuid->bClockSeqHigh, blob); + UnloadBlob_BYTE(offset, &uuid->bClockSeqLow, blob); + UnloadBlob(offset, 6, blob, uuid->rgbNode); +} + +void +LoadBlob_KM_KEYINFO(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO *info) +{ + LoadBlob_VERSION(offset, blob, (TPM_VERSION *)&(info->versionInfo)); + LoadBlob_UUID(offset, blob, info->keyUUID); + LoadBlob_UUID(offset, blob, info->parentKeyUUID); + LoadBlob_BYTE(offset, info->bAuthDataUsage, blob); + LoadBlob_BOOL(offset, info->fIsLoaded, blob); + LoadBlob_UINT32(offset, info->ulVendorDataLength, blob); + LoadBlob(offset, info->ulVendorDataLength, blob, info->rgbVendorData); +} + +void +LoadBlob_KM_KEYINFO2(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO2 *info) +{ + LoadBlob_VERSION(offset, blob, (TPM_VERSION *)&(info->versionInfo)); + LoadBlob_UUID(offset, blob, info->keyUUID); + LoadBlob_UUID(offset, blob, info->parentKeyUUID); + LoadBlob_BYTE(offset, info->bAuthDataUsage, blob); + /* Load the infos of the blob regarding the new data type TSS_KM_KEYINFO2 */ + LoadBlob_UINT32(offset,info->persistentStorageType,blob); + LoadBlob_UINT32(offset, info->persistentStorageTypeParent,blob); + + LoadBlob_BOOL(offset, info->fIsLoaded, blob); + LoadBlob_UINT32(offset, info->ulVendorDataLength, blob); + LoadBlob(offset, info->ulVendorDataLength, blob, info->rgbVendorData); +} + +void +UnloadBlob_KM_KEYINFO(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO *info) +{ + if (!info) { + UINT32 ulVendorDataLength; + + UnloadBlob_VERSION(offset, blob, NULL); + UnloadBlob_UUID(offset, blob, NULL); + UnloadBlob_UUID(offset, blob, NULL); + UnloadBlob_BYTE(offset, blob, NULL); + UnloadBlob_BOOL(offset, NULL, blob); + UnloadBlob_UINT32(offset, &ulVendorDataLength, blob); + + (*offset) += ulVendorDataLength; + + return; + } + + UnloadBlob_VERSION(offset, blob, (TPM_VERSION *)&(info->versionInfo)); + UnloadBlob_UUID(offset, blob, &info->keyUUID); + UnloadBlob_UUID(offset, blob, &info->parentKeyUUID); + UnloadBlob_BYTE(offset, blob, &info->bAuthDataUsage); + UnloadBlob_BOOL(offset, &info->fIsLoaded, blob); + UnloadBlob_UINT32(offset, &info->ulVendorDataLength, blob); + UnloadBlob(offset, info->ulVendorDataLength, info->rgbVendorData, blob); +} + +#if 0 +void +UnloadBlob_KM_KEYINFO2(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO2 *info) +{ + UnloadBlob_VERSION(offset, blob, (TCPA_VERSION *)&(info->versionInfo)); + UnloadBlob_UUID(offset, blob, &info->keyUUID); + UnloadBlob_UUID(offset, blob, &info->parentKeyUUID); + UnloadBlob_BYTE(offset, blob, &info->bAuthDataUsage); + + /* Extract the infos of the blob regarding the new data type TSS_KM_KEYINFO2 */ + UnloadBlob_UINT32(offset, &info->persistentStorageType, blob); + UnloadBlob_UINT32(offset, &info->persistentStorageTypeParent, blob); + + UnloadBlob_BOOL(offset, &info->fIsLoaded, blob); + UnloadBlob_UINT32(offset, &info->ulVendorDataLength, blob); + UnloadBlob(offset, info->ulVendorDataLength, info->rgbVendorData, blob); +} +#endif diff --git a/src/tcs/rpc/tcstp/rpc_quote.c b/src/tcs/rpc/tcstp/rpc_quote.c new file mode 100644 index 0000000..aeb469c --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_quote.c @@ -0,0 +1,126 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_Quote(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TCPA_NONCE antiReplay; + UINT32 pcrDataSizeIn; + BYTE *pcrDataIn; + + TPM_AUTH privAuth; + TPM_AUTH *pPrivAuth; + + UINT32 pcrDataSizeOut; + BYTE *pcrDataOut; + UINT32 sigSize; + BYTE *sig; + TSS_RESULT result; + + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 2, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &pcrDataSizeIn, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + pcrDataIn = (BYTE *)calloc(1, pcrDataSizeIn); + if (pcrDataIn == NULL) { + LogError("malloc of %d bytes failed.", pcrDataSizeIn); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, pcrDataIn, pcrDataSizeIn, &data->comm)) { + free(pcrDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + result = getData(TCSD_PACKET_TYPE_AUTH, 5, &privAuth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pPrivAuth = NULL; + else if (result) { + free(pcrDataIn); + return result; + } else + pPrivAuth = &privAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Quote_Internal(hContext, hKey, antiReplay, pcrDataSizeIn, pcrDataIn, + pPrivAuth, &pcrDataSizeOut, &pcrDataOut, &sigSize, &sig); + + MUTEX_UNLOCK(tcsp_lock); + free(pcrDataIn); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 5); + if (pPrivAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) { + free(pcrDataOut); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcrDataSizeOut, 0, &data->comm)) { + free(pcrDataOut); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, pcrDataOut, pcrDataSizeOut, &data->comm)) { + free(pcrDataOut); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) { + free(pcrDataOut); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) { + free(pcrDataOut); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + free(pcrDataOut); + free(sig); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_quote2.c b/src/tcs/rpc/tcstp/rpc_quote2.c new file mode 100644 index 0000000..2a10ead --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_quote2.c @@ -0,0 +1,163 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_Quote2(struct tcsd_thread_data *data) +{ + /* Data to be forwarded to the next level */ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TCPA_NONCE antiReplay; + UINT32 pcrDataSizeIn; + BYTE *pcrDataIn; + TSS_BOOL addVersion; + TPM_AUTH privAuth; /* in/out */ + TPM_AUTH *pPrivAuth; + + UINT32 pcrDataSizeOut; + BYTE *pcrDataOut; + + UINT32 versionInfoSize; + BYTE * versionInfo; + + UINT32 sigSize; + BYTE *sig; + TSS_RESULT result; + + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 2, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &pcrDataSizeIn, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + pcrDataIn = (BYTE *)calloc(1, pcrDataSizeIn); + if (pcrDataIn == NULL) { + LogError("malloc of %u bytes failed.", pcrDataSizeIn); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, pcrDataIn, pcrDataSizeIn, &data->comm)) { + free(pcrDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_BOOL,5,&addVersion, 0, &data->comm)) { + free(pcrDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + result = getData(TCSD_PACKET_TYPE_AUTH, 6, &privAuth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pPrivAuth = NULL; + else if (result) { + free(pcrDataIn); + return result; + } else + pPrivAuth = &privAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Quote2_Internal(hContext, hKey, antiReplay, pcrDataSizeIn, pcrDataIn, + addVersion,pPrivAuth, &pcrDataSizeOut, &pcrDataOut, &versionInfoSize, + &versionInfo,&sigSize, &sig); + + MUTEX_UNLOCK(tcsp_lock); + free(pcrDataIn); + + if (result == TSS_SUCCESS) { + i = 0; + + initData(&data->comm,7); /* Add versionInfoSize and versionInfo */ + if (pPrivAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) { + free(pcrDataOut); + /* It's a null pointer when addVersion == FALSE */ + if (addVersion) + free(versionInfo); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcrDataSizeOut, 0, &data->comm)) { + free(pcrDataOut); + if (addVersion) + free(versionInfo); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, pcrDataOut, pcrDataSizeOut, &data->comm)) { + free(pcrDataOut); + if (addVersion) + free(versionInfo); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &versionInfoSize, 0, &data->comm)) { + free(pcrDataOut); + free(versionInfo); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (versionInfoSize > 0){ + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, versionInfo, versionInfoSize, &data->comm)) { + free(pcrDataOut); + free(versionInfo); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) { + free(pcrDataOut); + if (addVersion) + free(versionInfo); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) { + free(pcrDataOut); + if (addVersion) + free(versionInfo); + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + free(pcrDataOut); + if (versionInfoSize >0) + free(versionInfo); + free(sig); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_random.c b/src/tcs/rpc/tcstp/rpc_random.c new file mode 100644 index 0000000..6fd9606 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_random.c @@ -0,0 +1,107 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_GetRandom(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 bytesRequested; + BYTE *randomBytes = NULL; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &bytesRequested, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_GetRandom_Internal(hContext, &bytesRequested, &randomBytes); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &bytesRequested, 0, &data->comm)) { + free(randomBytes); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, randomBytes, bytesRequested, &data->comm)) { + free(randomBytes); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(randomBytes); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_StirRandom(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 inDataSize; + BYTE *inData; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &inDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + inData = calloc(1, inDataSize); + if (inData == NULL) { + LogError("malloc of %d bytes failed.", inDataSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 2, inData, inDataSize, &data->comm)) { + free(inData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_StirRandom_Internal(hContext, inDataSize, inData); + + MUTEX_UNLOCK(tcsp_lock); + free(inData); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_seal.c b/src/tcs/rpc/tcstp/rpc_seal.c new file mode 100644 index 0000000..f0dd359 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_seal.c @@ -0,0 +1,251 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_common_Seal(UINT32 sealOrdinal, + struct tcsd_thread_data *data) +{ + TSS_RESULT result; + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE keyHandle; + TCPA_ENCAUTH KeyUsageAuth; + UINT32 PCRInfoSize, inDataSize; + BYTE *PCRInfo = NULL, *inData = NULL; + TPM_AUTH emptyAuth, pubAuth, *pAuth; + UINT32 outDataSize; + BYTE *outData; + + int i = 0; + + memset(&emptyAuth, 0, sizeof(TPM_AUTH)); + memset(&pubAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &keyHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_ENCAUTH, i++, &KeyUsageAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &PCRInfoSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (PCRInfoSize > 0) { + PCRInfo = calloc(1, PCRInfoSize); + if (PCRInfo == NULL) { + LogError("malloc of %u bytes failed.", PCRInfoSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, i++, PCRInfo, PCRInfoSize, &data->comm)) { + free(PCRInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &inDataSize, 0, &data->comm)) { + free(PCRInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (inDataSize > 0) { + inData = calloc(1, inDataSize); + if (inData == NULL) { + LogError("malloc of %u bytes failed.", inDataSize); + free(PCRInfo); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, i++, inData, inDataSize, &data->comm)) { + free(inData); + free(PCRInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + result = getData(TCSD_PACKET_TYPE_AUTH, i++, &pubAuth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pAuth = NULL; + else if (result) { + free(inData); + free(PCRInfo); + return result; + } else + pAuth = &pubAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Seal_Internal(sealOrdinal, hContext, keyHandle, KeyUsageAuth, PCRInfoSize, + PCRInfo, inDataSize, inData, pAuth, &outDataSize, &outData); + + MUTEX_UNLOCK(tcsp_lock); + free(inData); + free(PCRInfo); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (pAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, 1, &outDataSize, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 2, outData, outDataSize, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_Seal(struct tcsd_thread_data *data) +{ + return tcs_common_Seal(TPM_ORD_Seal, data); +} + +#ifdef TSS_BUILD_SEALX +TSS_RESULT +tcs_wrap_Sealx(struct tcsd_thread_data *data) +{ + return tcs_common_Seal(TPM_ORD_Sealx, data); +} +#endif + +TSS_RESULT +tcs_wrap_UnSeal(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE parentHandle; + UINT32 inDataSize; + BYTE *inData; + + TPM_AUTH parentAuth, dataAuth, emptyAuth; + TPM_AUTH *pParentAuth, *pDataAuth; + + UINT32 outDataSize; + BYTE *outData; + TSS_RESULT result; + + memset(&emptyAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + inData = calloc(1, inDataSize); + if (inData == NULL) { + LogError("malloc of %d bytes failed.", inDataSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) { + free(inData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + result = getData(TCSD_PACKET_TYPE_AUTH, 4, &parentAuth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pParentAuth = NULL; + else if (result) { + free(inData); + return result; + } else + pParentAuth = &parentAuth; + + result = getData(TCSD_PACKET_TYPE_AUTH, 5, &dataAuth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) { + pDataAuth = pParentAuth; + pParentAuth = NULL; + } else if (result) { + free(inData); + return result; + } else + pDataAuth = &dataAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Unseal_Internal(hContext, parentHandle, inDataSize, inData, pParentAuth, + pDataAuth, &outDataSize, &outData); + + MUTEX_UNLOCK(tcsp_lock); + free(inData); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 4); + if (pParentAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pParentAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &emptyAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_AUTH, 1, &dataAuth, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 2, &outDataSize, 0, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 3, outData, outDataSize, &data->comm)) { + free(outData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(outData); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_selftest.c b/src/tcs/rpc/tcstp/rpc_selftest.c new file mode 100644 index 0000000..4cad0c9 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_selftest.c @@ -0,0 +1,154 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_SelfTestFull(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_SelfTestFull_Internal(hContext); + + MUTEX_UNLOCK(tcsp_lock); + + initData(&data->comm, 0); + data->comm.hdr.u.result = result; + + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_CertifySelfTest(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + UINT32 sigSize; + BYTE *sigData = NULL; + TCS_KEY_HANDLE hKey; + TCPA_NONCE antiReplay; + TPM_AUTH privAuth; + TPM_AUTH *pPrivAuth; + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 2, &antiReplay, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + result = getData(TCSD_PACKET_TYPE_AUTH, 3, &privAuth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pPrivAuth = NULL; + else if (result) + return result; + else + pPrivAuth = &privAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_CertifySelfTest_Internal(hContext, hKey, antiReplay, pPrivAuth, &sigSize, + &sigData); + + MUTEX_UNLOCK(tcsp_lock); + + i = 0; + if (result == TSS_SUCCESS) { + initData(&data->comm, 3); + if (pPrivAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) { + free(sigData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) { + free(sigData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sigData, sigSize, &data->comm)) { + free(sigData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(sigData); + } else + initData(&data->comm, 0); + + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_GetTestResult(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TSS_RESULT result; + UINT32 resultDataSize; + BYTE *resultData = NULL; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_GetTestResult_Internal(hContext, &resultDataSize, &resultData); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &resultDataSize, 0, &data->comm)) { + free(resultData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, resultData, resultDataSize, &data->comm)) { + free(resultData); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(resultData); + } else + initData(&data->comm, 0); + + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_sign.c b/src/tcs/rpc/tcstp/rpc_sign.c new file mode 100644 index 0000000..2cd2027 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_sign.c @@ -0,0 +1,106 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2006 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_Sign(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + UINT32 areaToSignSize; + BYTE *areaToSign; + + TPM_AUTH auth; + TPM_AUTH *pAuth; + + UINT32 sigSize; + BYTE *sig; + TSS_RESULT result; + + int i; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &areaToSignSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + areaToSign = calloc(1, areaToSignSize); + if (areaToSign == NULL) { + LogError("malloc of %d bytes failed.", areaToSignSize); + return TCSERR(TSS_E_OUTOFMEMORY); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 3, areaToSign, areaToSignSize, &data->comm)) { + free(areaToSign); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm); + if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) + pAuth = NULL; + else if (result) { + free(areaToSign); + return result; + } else + pAuth = &auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_Sign_Internal(hContext, hKey, areaToSignSize, areaToSign, pAuth, &sigSize, + &sig); + + MUTEX_UNLOCK(tcsp_lock); + free(areaToSign); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 3); + if (pAuth != NULL) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, &auth, 0, &data->comm)) { + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) { + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) { + free(sig); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(sig); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_tick.c b/src/tcs/rpc/tcstp/rpc_tick.c new file mode 100644 index 0000000..98e53ad --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_tick.c @@ -0,0 +1,138 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_ReadCurrentTicks(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + UINT32 pulCurrentTime; + BYTE *prgbCurrentTime; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ReadCurrentTicks_Internal(hContext, &pulCurrentTime, &prgbCurrentTime); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 2); + if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pulCurrentTime, 0, &data->comm)) { + free(prgbCurrentTime); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 1, prgbCurrentTime, pulCurrentTime, + &data->comm)) { + free(prgbCurrentTime); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(prgbCurrentTime); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_TickStampBlob(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hKey; + TPM_AUTH auth, *pAuth; + TPM_NONCE nonce; + TPM_DIGEST digest; + UINT32 sigSize, tcSize, i; + BYTE *sig, *tc; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 2, &nonce, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &digest, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm)) + pAuth = NULL; + else + pAuth = &auth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_TickStampBlob_Internal(hContext, hKey, &nonce, &digest, pAuth, &sigSize, &sig, + &tcSize, &tc); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 5); + i = 0; + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(sig); + free(tc); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) { + free(sig); + free(tc); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) { + free(sig); + free(tc); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &tcSize, 0, &data->comm)) { + free(sig); + free(tc); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, tc, tcSize, &data->comm)) { + free(sig); + free(tc); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} diff --git a/src/tcs/rpc/tcstp/rpc_transport.c b/src/tcs/rpc/tcstp/rpc_transport.c new file mode 100644 index 0000000..1993cb3 --- /dev/null +++ b/src/tcs/rpc/tcstp/rpc_transport.c @@ -0,0 +1,397 @@ + +/* + * Licensed Materials - Property of IBM + * + * trousers - An open source TCG Software Stack + * + * (C) Copyright International Business Machines Corp. 2004-2007 + * + */ + +#include <stdlib.h> +#include <stdio.h> +#include <syslog.h> +#include <string.h> +#include <netdb.h> + +#include "trousers/tss.h" +#include "trousers_types.h" +#include "tcs_tsp.h" +#include "tcs_utils.h" +#include "tcs_int_literals.h" +#include "capabilities.h" +#include "tcslog.h" +#include "tcsd_wrap.h" +#include "tcsd.h" +#include "tcs_utils.h" +#include "rpc_tcstp_tcs.h" + + +TSS_RESULT +tcs_wrap_EstablishTransport(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hEncKey, hTransSession; + UINT32 ulTransControlFlags, ulTransSessionInfoSize, ulSecretSize, ulCurrentTicks, i; + BYTE *rgbTransSessionInfo, *rgbSecret, *prgbCurrentTicks; + TPM_MODIFIER_INDICATOR pbLocality; + TPM_AUTH pEncKeyAuth, *pAuth; + TPM_NONCE pTransNonce; + TSS_RESULT result; + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &ulTransControlFlags, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 2, &hEncKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulTransSessionInfoSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbTransSessionInfo = malloc(ulTransSessionInfoSize); + if (rgbTransSessionInfo == NULL) { + LogError("malloc of %u bytes failed.", ulTransSessionInfoSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbTransSessionInfo, ulTransSessionInfoSize, + &data->comm)) { + free(rgbTransSessionInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (getData(TCSD_PACKET_TYPE_UINT32, 5, &ulSecretSize, 0, &data->comm)) { + free(rgbTransSessionInfo); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + rgbSecret = malloc(ulSecretSize); + if (rgbSecret == NULL) { + free(rgbTransSessionInfo); + LogError("malloc of %u bytes failed.", ulSecretSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, 6, rgbSecret, ulSecretSize, &data->comm)) { + free(rgbTransSessionInfo); + free(rgbSecret); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, 7, &pEncKeyAuth, 0, &data->comm)) + pAuth = NULL; + else + pAuth = &pEncKeyAuth; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_EstablishTransport_Internal(hContext, ulTransControlFlags, hEncKey, + ulTransSessionInfoSize, rgbTransSessionInfo, + ulSecretSize, rgbSecret, pAuth, &pbLocality, + &hTransSession, &ulCurrentTicks, + &prgbCurrentTicks, &pTransNonce); + + MUTEX_UNLOCK(tcsp_lock); + + free(rgbSecret); + free(rgbTransSessionInfo); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 6); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { + free(prgbCurrentTicks); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) { + free(prgbCurrentTicks); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &hTransSession, 0, &data->comm)) { + free(prgbCurrentTicks); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulCurrentTicks, 0, &data->comm)) { + free(prgbCurrentTicks); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbCurrentTicks, ulCurrentTicks, + &data->comm)) { + free(prgbCurrentTicks); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(prgbCurrentTicks); + if (setData(TCSD_PACKET_TYPE_NONCE, i++, &pTransNonce, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ExecuteTransport(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TPM_COMMAND_CODE unWrappedCommandOrdinal; + TCS_HANDLE *rghHandles = NULL, handles[2]; + UINT32 ulWrappedCmdDataInSize, pulHandleListSize, ulWrappedCmdDataOutSize, i = 0; + BYTE *rgbWrappedCmdDataIn, *rgbWrappedCmdDataOut; + TPM_MODIFIER_INDICATOR pbLocality; + TPM_AUTH pWrappedCmdAuth1, pWrappedCmdAuth2, pTransAuth, *pAuth1, *pAuth2, null_auth; + UINT64 punCurrentTicks; + TSS_RESULT result, pulWrappedCmdReturnCode; + + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &unWrappedCommandOrdinal, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataInSize, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + rgbWrappedCmdDataIn = malloc(ulWrappedCmdDataInSize); + if (rgbWrappedCmdDataIn == NULL) { + LogError("malloc of %u bytes failed", ulWrappedCmdDataInSize); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataIn, ulWrappedCmdDataInSize, + &data->comm)) { + free(rgbWrappedCmdDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) { + free(rgbWrappedCmdDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (pulHandleListSize > 2) { + free(rgbWrappedCmdDataIn); + return TCSERR(TSS_E_BAD_PARAMETER); + } + + if (pulHandleListSize) { + if (getData(TCSD_PACKET_TYPE_PBYTE, i++, handles, + pulHandleListSize * sizeof(UINT32), &data->comm)) { + free(rgbWrappedCmdDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + rghHandles = handles; + + memset(&null_auth, 0, sizeof(TPM_AUTH)); + memset(&pWrappedCmdAuth1, 0, sizeof(TPM_AUTH)); + memset(&pWrappedCmdAuth2, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth1, 0, &data->comm)) { + free(rgbWrappedCmdDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth2, 0, &data->comm)) { + free(rgbWrappedCmdDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) { + free(rgbWrappedCmdDataIn); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + + if (!memcmp(&pWrappedCmdAuth1, &null_auth, sizeof(TPM_AUTH))) + pAuth1 = NULL; + else + pAuth1 = &pWrappedCmdAuth1; + + if (!memcmp(&pWrappedCmdAuth2, &null_auth, sizeof(TPM_AUTH))) + pAuth2 = NULL; + else + pAuth2 = &pWrappedCmdAuth2; + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ExecuteTransport_Internal(hContext, unWrappedCommandOrdinal, + ulWrappedCmdDataInSize, rgbWrappedCmdDataIn, + &pulHandleListSize, &rghHandles, pAuth1, pAuth2, + &pTransAuth, &punCurrentTicks, &pbLocality, + &pulWrappedCmdReturnCode, &ulWrappedCmdDataOutSize, + &rgbWrappedCmdDataOut); + + MUTEX_UNLOCK(tcsp_lock); + + free(rgbWrappedCmdDataIn); + + if (result == TSS_SUCCESS) { + i = 0; + initData(&data->comm, 10); + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (pulHandleListSize) { + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rghHandles, + pulHandleListSize * sizeof(UINT32), &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (pAuth1) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth1, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (pAuth2) { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth2, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else { + if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT64, i++, &punCurrentTicks, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulWrappedCmdReturnCode, 0, + &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataOutSize, 0, + &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (ulWrappedCmdDataOutSize) { + if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataOut, + ulWrappedCmdDataOutSize, &data->comm)) { + free(rgbWrappedCmdDataOut); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + free(rgbWrappedCmdDataOut); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} + +TSS_RESULT +tcs_wrap_ReleaseTransportSigned(struct tcsd_thread_data *data) +{ + TCS_CONTEXT_HANDLE hContext; + TCS_KEY_HANDLE hSignatureKey; + TPM_NONCE AntiReplayNonce; + UINT32 pulCurrentTicks, pulSignatureSize; + BYTE *prgbCurrentTicks, *prgbSignature; + TPM_MODIFIER_INDICATOR pbLocality; + TPM_AUTH pKeyAuth, pTransAuth, *pAuth, null_auth; + TSS_RESULT result; + + memset(&null_auth, 0, sizeof(TPM_AUTH)); + memset(&pKeyAuth, 0, sizeof(TPM_AUTH)); + + if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + LogDebugFn("thread %ld context %x", THREAD_ID, hContext); + + if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hSignatureKey, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_NONCE, 2, &AntiReplayNonce, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + if (getData(TCSD_PACKET_TYPE_AUTH, 3, &pKeyAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + if (!memcmp(&null_auth, &pKeyAuth, sizeof(TPM_AUTH))) + pAuth = NULL; + else + pAuth = &pKeyAuth; + + if (getData(TCSD_PACKET_TYPE_AUTH, 4, &pTransAuth, 0, &data->comm)) + return TCSERR(TSS_E_INTERNAL_ERROR); + + + MUTEX_LOCK(tcsp_lock); + + result = TCSP_ReleaseTransportSigned_Internal(hContext, hSignatureKey, &AntiReplayNonce, + pAuth, &pTransAuth, &pbLocality, + &pulCurrentTicks, &prgbCurrentTicks, + &pulSignatureSize, &prgbSignature); + + MUTEX_UNLOCK(tcsp_lock); + + if (result == TSS_SUCCESS) { + initData(&data->comm, 7); + if (pAuth) { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { + free(prgbCurrentTicks); + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } else { + if (setData(TCSD_PACKET_TYPE_AUTH, 0, &null_auth, 0, &data->comm)) { + free(prgbCurrentTicks); + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + } + if (setData(TCSD_PACKET_TYPE_AUTH, 1, &pTransAuth, 0, &data->comm)) { + free(prgbCurrentTicks); + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 2, &pbLocality, 0, &data->comm)) { + free(prgbCurrentTicks); + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_UINT32, 3, &pulCurrentTicks, 0, &data->comm)) { + free(prgbCurrentTicks); + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 4, prgbCurrentTicks, pulCurrentTicks, + &data->comm)) { + free(prgbCurrentTicks); + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(prgbCurrentTicks); + if (setData(TCSD_PACKET_TYPE_UINT32, 5, &pulSignatureSize, 0, &data->comm)) { + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + if (setData(TCSD_PACKET_TYPE_PBYTE, 6, prgbSignature, pulSignatureSize, + &data->comm)) { + free(prgbSignature); + return TCSERR(TSS_E_INTERNAL_ERROR); + } + free(prgbSignature); + } else + initData(&data->comm, 0); + + data->comm.hdr.u.result = result; + return TSS_SUCCESS; +} |