/* * Licensed Materials - Property of IBM * * trousers - An open source TCG Software Stack * * (C) Copyright International Business Machines Corp. 2007 * */ #include #include #include #include "trousers/tss.h" #include "trousers_types.h" #include "tcs_utils.h" #include "tcslog.h" #include "req_mgr.h" TSS_RESULT TCSP_Delegate_Manage_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ TPM_FAMILY_ID familyID, /* in */ TPM_FAMILY_OPERATION opFlag, /* in */ UINT32 opDataSize, /* in */ BYTE *opData, /* in */ TPM_AUTH *ownerAuth, /* in/out */ UINT32 *retDataSize, /* out */ BYTE **retData) /* out */ { TSS_RESULT result; UINT64 offset = 0; UINT32 paramSize; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if (ownerAuth) { if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle))) return result; } if ((result = tpm_rqu_build(TPM_ORD_Delegate_Manage, &offset, txBlob, familyID, opFlag, opDataSize, opData, ownerAuth))) goto done; if ((result = req_mgr_submit_req(txBlob))) goto done; result = UnloadBlob_Header(txBlob, ¶mSize); if (!result) { result = tpm_rsp_parse(TPM_ORD_Delegate_Manage, txBlob, paramSize, retDataSize, retData, ownerAuth, NULL); } LogResult("Delegate_Manage", result); done: auth_mgr_release_auth(ownerAuth, NULL, hContext); return result; } TSS_RESULT TCSP_Delegate_CreateKeyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ TCS_KEY_HANDLE hKey, /* in */ UINT32 publicInfoSize, /* in */ BYTE *publicInfo, /* in */ TPM_ENCAUTH *encDelAuth, /* in */ TPM_AUTH *keyAuth, /* in, out */ UINT32 *blobSize, /* out */ BYTE **blob) /* out */ { TSS_RESULT result; TCPA_KEY_HANDLE keySlot; UINT64 offset = 0; UINT32 paramSize; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if (keyAuth) { if ((result = auth_mgr_check(hContext, &keyAuth->AuthHandle))) return result; } if ((result = ensureKeyIsLoaded(hContext, hKey, &keySlot))) goto done; if ((result = tpm_rqu_build(TPM_ORD_Delegate_CreateKeyDelegation, &offset, txBlob, keySlot, publicInfoSize, publicInfo, encDelAuth, keyAuth))) goto done; if ((result = req_mgr_submit_req(txBlob))) goto done; result = UnloadBlob_Header(txBlob, ¶mSize); if (!result) { result = tpm_rsp_parse(TPM_ORD_Delegate_CreateKeyDelegation, txBlob, paramSize, blobSize, blob, keyAuth, NULL); } LogResult("Delegate_CreateKeyDelegation", result); done: auth_mgr_release_auth(keyAuth, NULL, hContext); return result; } TSS_RESULT TCSP_Delegate_CreateOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ TSS_BOOL increment, /* in */ UINT32 publicInfoSize, /* in */ BYTE *publicInfo, /* in */ TPM_ENCAUTH *encDelAuth, /* in */ TPM_AUTH *ownerAuth, /* in, out */ UINT32 *blobSize, /* out */ BYTE **blob) /* out */ { TSS_RESULT result; UINT64 offset = 0; UINT32 paramSize; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if (ownerAuth) { if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle))) return result; } if ((result = tpm_rqu_build(TPM_ORD_Delegate_CreateOwnerDelegation, &offset, txBlob, increment, publicInfoSize, publicInfo, encDelAuth, ownerAuth))) goto done; if ((result = req_mgr_submit_req(txBlob))) goto done; result = UnloadBlob_Header(txBlob, ¶mSize); if (!result) { result = tpm_rsp_parse(TPM_ORD_Delegate_CreateOwnerDelegation, txBlob, paramSize, blobSize, blob, ownerAuth, NULL); } LogResult("Delegate_CreateOwnerDelegation", result); done: auth_mgr_release_auth(ownerAuth, NULL, hContext); return result; } TSS_RESULT TCSP_Delegate_LoadOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ TPM_DELEGATE_INDEX index, /* in */ UINT32 blobSize, /* in */ BYTE *blob, /* in */ TPM_AUTH *ownerAuth) /* in, out */ { TSS_RESULT result; UINT64 offset = 0; UINT32 paramSize; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if (ownerAuth) { if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle))) return result; } if ((result = tpm_rqu_build(TPM_ORD_Delegate_LoadOwnerDelegation, &offset, txBlob, index, blobSize, blob, ownerAuth))) goto done; if ((result = req_mgr_submit_req(txBlob))) goto done; result = UnloadBlob_Header(txBlob, ¶mSize); if (!result) { result = tpm_rsp_parse(TPM_ORD_Delegate_LoadOwnerDelegation, txBlob, paramSize, ownerAuth); } LogResult("Delegate_LoadOwnerDelegation", result); done: auth_mgr_release_auth(ownerAuth, NULL, hContext); return result; } TSS_RESULT TCSP_Delegate_ReadTable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ UINT32 *familyTableSize, /* out */ BYTE **familyTable, /* out */ UINT32 *delegateTableSize, /* out */ BYTE **delegateTable) /* out */ { TSS_RESULT result; UINT64 offset = 0; UINT32 paramSize; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if ((result = tpm_rqu_build(TPM_ORD_Delegate_ReadTable, &offset, txBlob, NULL))) return result; if ((result = req_mgr_submit_req(txBlob))) return result; result = UnloadBlob_Header(txBlob, ¶mSize); if (!result) { result = tpm_rsp_parse(TPM_ORD_Delegate_ReadTable, txBlob, paramSize, familyTableSize, familyTable, delegateTableSize, delegateTable, NULL, NULL); } LogResult("Delegate_ReadTable", result); return result; } TSS_RESULT TCSP_Delegate_UpdateVerificationCount_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ UINT32 inputSize, /* in */ BYTE *input, /* in */ TPM_AUTH *ownerAuth, /* in, out */ UINT32 *outputSize, /* out */ BYTE **output) /* out */ { TSS_RESULT result; UINT64 offset = 0; UINT32 paramSize; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if (ownerAuth) { if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle))) return result; } if ((result = tpm_rqu_build(TPM_ORD_Delegate_UpdateVerification, &offset, txBlob, inputSize, inputSize, input, ownerAuth, NULL))) goto done; if ((result = req_mgr_submit_req(txBlob))) goto done; result = UnloadBlob_Header(txBlob, ¶mSize); if (!result) { result = tpm_rsp_parse(TPM_ORD_Delegate_UpdateVerification, txBlob, paramSize, outputSize, output, ownerAuth, NULL); } LogResult("Delegate_UpdateVerificationCount", result); done: auth_mgr_release_auth(ownerAuth, NULL, hContext); return result; } TSS_RESULT TCSP_Delegate_VerifyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ UINT32 delegateSize, /* in */ BYTE *delegate) /* in */ { TSS_RESULT result; UINT64 offset = 0; UINT32 paramSize; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if ((result = tpm_rqu_build(TPM_ORD_Delegate_VerifyDelegation, &offset, txBlob, delegateSize, delegateSize, delegate, NULL, NULL))) return result; if ((result = req_mgr_submit_req(txBlob))) return result; result = UnloadBlob_Header(txBlob, ¶mSize); LogResult("Delegate_VerifyDelegation", result); return result; } TSS_RESULT TCSP_DSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ TPM_ENTITY_TYPE entityType, /* in */ TCS_KEY_HANDLE keyHandle, /* in */ TPM_NONCE *nonceOddDSAP, /* in */ UINT32 entityValueSize, /* in */ BYTE *entityValue, /* in */ TCS_AUTHHANDLE *authHandle, /* out */ TPM_NONCE *nonceEven, /* out */ TPM_NONCE *nonceEvenDSAP) /* out */ { TSS_RESULT result; UINT64 offset = 0; UINT32 paramSize; TPM_KEY_HANDLE tpmKeyHandle; BYTE txBlob[TSS_TPM_TXBLOB_SIZE]; LogDebugFn("Enter"); if ((result = ctx_verify_context(hContext))) return result; if (ensureKeyIsLoaded(hContext, keyHandle, &tpmKeyHandle)) return TCSERR(TSS_E_KEY_NOT_LOADED); /* are the maximum number of auth sessions open? */ if (auth_mgr_req_new(hContext) == FALSE) { if ((result = auth_mgr_swap_out(hContext))) goto done; } if ((result = tpm_rqu_build(TPM_ORD_DSAP, &offset, txBlob, entityType, tpmKeyHandle, nonceOddDSAP, entityValueSize, entityValue))) return result; if ((result = req_mgr_submit_req(txBlob))) return result; result = UnloadBlob_Header(txBlob, ¶mSize); if (!result) { if ((result = tpm_rsp_parse(TPM_ORD_DSAP, txBlob, paramSize, authHandle, nonceEven->nonce, nonceEvenDSAP->nonce))) goto done; /* success, add an entry to the table */ result = auth_mgr_add(hContext, *authHandle); } done: LogResult("DSAP", result); return result; }