1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
|
/*
* Licensed Materials - Property of IBM
*
* trousers - An open source TCG Software Stack
*
* (C) Copyright International Business Machines Corp. 2004-2007
*
*/
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include "trousers/tss.h"
#include "trousers/trousers.h"
#include "trousers_types.h"
#include "trousers_types.h"
#include "spi_utils.h"
#include "capabilities.h"
#include "tsplog.h"
#include "tcs_tsp.h"
#include "tspps.h"
#include "hosttable.h"
#include "tcsd_wrap.h"
#include "tcsd.h"
#include "obj.h"
TSS_RESULT
Tspi_Context_Create(TSS_HCONTEXT * phContext) /* out */
{
if (phContext == NULL)
return TSPERR(TSS_E_BAD_PARAMETER);
return obj_context_add(phContext);
}
TSS_RESULT
Tspi_Context_Close(TSS_HCONTEXT tspContext) /* in */
{
if (!obj_is_context(tspContext))
return TSPERR(TSS_E_INVALID_HANDLE);
obj_context_close(tspContext);
/* Have the TCS do its thing */
RPC_CloseContext(tspContext);
/* Note: Memory that was returned to the app that was alloc'd by this
* context isn't free'd here. Any memory that the app doesn't explicitly
* free is left for it to free itself. */
/* Destroy all objects */
obj_close_context(tspContext);
Tspi_Context_FreeMemory(tspContext, NULL);
/* close the ps file */
PS_close();
/* We're not a connected context, so just exit */
return TSS_SUCCESS;
}
TSS_RESULT
Tspi_Context_Connect(TSS_HCONTEXT tspContext, /* in */
TSS_UNICODE *wszDestination) /* in */
{
TSS_RESULT result;
BYTE *machine_name = NULL;
TSS_HOBJECT hTpm;
UINT32 string_len = 0;
if (wszDestination == NULL) {
if ((result = obj_context_get_machine_name(tspContext,
&string_len,
&machine_name)))
return result;
if ((result = RPC_OpenContext(tspContext, machine_name,
CONNECTION_TYPE_TCP_PERSISTANT)))
return result;
} else {
if ((machine_name =
Trspi_UNICODE_To_Native((BYTE *)wszDestination, NULL)) == NULL) {
LogError("Error converting hostname to UTF-8");
return TSPERR(TSS_E_INTERNAL_ERROR);
}
if ((result = RPC_OpenContext(tspContext, machine_name,
CONNECTION_TYPE_TCP_PERSISTANT)))
return result;
if ((result = obj_context_set_machine_name(tspContext, machine_name,
strlen((char *)machine_name)+1)))
return result;
}
if ((obj_tpm_add(tspContext, &hTpm)))
return TSPERR(TSS_E_INTERNAL_ERROR);
return TSS_SUCCESS;
}
TSS_RESULT
Tspi_Context_FreeMemory(TSS_HCONTEXT tspContext, /* in */
BYTE * rgbMemory) /* in */
{
if (!obj_is_context(tspContext))
return TSPERR(TSS_E_INVALID_HANDLE);
return free_tspi(tspContext, rgbMemory);
}
TSS_RESULT
Tspi_Context_GetDefaultPolicy(TSS_HCONTEXT tspContext, /* in */
TSS_HPOLICY * phPolicy) /* out */
{
if (phPolicy == NULL )
return TSPERR(TSS_E_BAD_PARAMETER);
if (!obj_is_context(tspContext))
return TSPERR(TSS_E_INVALID_HANDLE);
return obj_context_get_policy(tspContext, TSS_POLICY_USAGE, phPolicy);
}
TSS_RESULT
Tspi_Context_CreateObject(TSS_HCONTEXT tspContext, /* in */
TSS_FLAG objectType, /* in */
TSS_FLAG initFlags, /* in */
TSS_HOBJECT * phObject) /* out */
{
TSS_RESULT result;
if (phObject == NULL)
return TSPERR(TSS_E_BAD_PARAMETER);
if (!obj_is_context(tspContext))
return TSPERR(TSS_E_INVALID_HANDLE);
switch (objectType) {
case TSS_OBJECT_TYPE_POLICY:
switch (initFlags) {
#ifdef TSS_BUILD_TSS12
case TSS_POLICY_OPERATOR:
/* fall through */
#endif
case TSS_POLICY_MIGRATION:
/* fall through */
case TSS_POLICY_USAGE:
break;
default:
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
}
result = obj_policy_add(tspContext, initFlags, phObject);
break;
#ifdef TSS_BUILD_RSAKEY_LIST
case TSS_OBJECT_TYPE_RSAKEY:
/* If other flags are set that disagree with the SRK, this will
* help catch that conflict in the later steps */
if (initFlags & TSS_KEY_TSP_SRK) {
initFlags |= (TSS_KEY_TYPE_STORAGE | TSS_KEY_NOT_MIGRATABLE |
TSS_KEY_NON_VOLATILE | TSS_KEY_SIZE_2048);
}
/* Set default key flags */
/* Default key size = 2k */
if ((initFlags & TSS_KEY_SIZE_MASK) == 0)
initFlags |= TSS_KEY_SIZE_2048;
/* Default key type = storage */
if ((initFlags & TSS_KEY_TYPE_MASK) == 0)
initFlags |= TSS_KEY_TYPE_STORAGE;
/* Check the key flags */
switch (initFlags & TSS_KEY_SIZE_MASK) {
case TSS_KEY_SIZE_512:
/* fall through */
case TSS_KEY_SIZE_1024:
/* fall through */
case TSS_KEY_SIZE_2048:
/* fall through */
case TSS_KEY_SIZE_4096:
/* fall through */
case TSS_KEY_SIZE_8192:
/* fall through */
case TSS_KEY_SIZE_16384:
break;
default:
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
}
switch (initFlags & TSS_KEY_TYPE_MASK) {
case TSS_KEY_TYPE_STORAGE:
/* fall through */
case TSS_KEY_TYPE_SIGNING:
/* fall through */
case TSS_KEY_TYPE_BIND:
/* fall through */
case TSS_KEY_TYPE_AUTHCHANGE:
/* fall through */
case TSS_KEY_TYPE_LEGACY:
/* fall through */
case TSS_KEY_TYPE_IDENTITY:
break;
default:
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
}
result = obj_rsakey_add(tspContext, initFlags, phObject);
break;
#endif
#ifdef TSS_BUILD_ENCDATA_LIST
case TSS_OBJECT_TYPE_ENCDATA:
switch (initFlags & TSS_ENCDATA_TYPE_MASK) {
case TSS_ENCDATA_LEGACY:
/* fall through */
case TSS_ENCDATA_SEAL:
/* fall through */
case TSS_ENCDATA_BIND:
break;
default:
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
}
result = obj_encdata_add(tspContext, (initFlags & TSS_ENCDATA_TYPE_MASK), phObject);
break;
#endif
#ifdef TSS_BUILD_PCRS_LIST
case TSS_OBJECT_TYPE_PCRS:
switch (initFlags) {
case TSS_PCRS_STRUCT_DEFAULT:
/* fall through */
case TSS_PCRS_STRUCT_INFO:
/* fall through */
case TSS_PCRS_STRUCT_INFO_LONG:
/* fall through */
case TSS_PCRS_STRUCT_INFO_SHORT:
/* fall through */
break;
default:
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
}
result = obj_pcrs_add(tspContext, initFlags, phObject);
break;
#endif
#ifdef TSS_BUILD_HASH_LIST
case TSS_OBJECT_TYPE_HASH:
switch (initFlags) {
case TSS_HASH_DEFAULT:
/* fall through */
case TSS_HASH_SHA1:
/* fall through */
case TSS_HASH_OTHER:
break;
default:
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
}
result = obj_hash_add(tspContext, initFlags, phObject);
break;
#endif
#ifdef TSS_BUILD_DAA
//case TSS_OBJECT_TYPE_DAA_CREDENTIAL:
case TSS_OBJECT_TYPE_DAA_CERTIFICATE:
if (initFlags & ~(0UL))
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
result = obj_daacred_add(tspContext, phObject);
break;
case TSS_OBJECT_TYPE_DAA_ISSUER_KEY:
if (initFlags & ~(0UL))
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
result = obj_daaissuerkey_add(tspContext, phObject);
break;
case TSS_OBJECT_TYPE_DAA_ARA_KEY:
if (initFlags & ~(0UL))
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
result = obj_daaarakey_add(tspContext, phObject);
break;
#endif
#ifdef TSS_BUILD_NV
case TSS_OBJECT_TYPE_NV:
/* There are no valid flags for a NV object */
if (initFlags & ~(0UL))
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
result = obj_nvstore_add(tspContext, phObject);
break;
#endif
#ifdef TSS_BUILD_DELEGATION
case TSS_OBJECT_TYPE_DELFAMILY:
/* There are no valid flags for a DELFAMILY object */
if (initFlags & ~(0UL))
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
result = obj_delfamily_add(tspContext, phObject);
break;
#endif
#ifdef TSS_BUILD_CMK
case TSS_OBJECT_TYPE_MIGDATA:
/* There are no valid flags for a MIGDATA object */
if (initFlags & ~(0UL))
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
result = obj_migdata_add(tspContext, phObject);
break;
#endif
default:
LogDebug("Invalid Object type");
return TSPERR(TSS_E_INVALID_OBJECT_TYPE);
break;
}
return result;
}
TSS_RESULT
Tspi_Context_CloseObject(TSS_HCONTEXT tspContext, /* in */
TSS_HOBJECT hObject) /* in */
{
TSS_RESULT result;
if (!obj_is_context(tspContext))
return TSPERR(TSS_E_INVALID_HANDLE);
if (obj_is_pcrs(hObject)) {
#ifdef TSS_BUILD_PCRS_LIST
result = obj_pcrs_remove(hObject, tspContext);
#endif
} else if (obj_is_encdata(hObject)) {
#ifdef TSS_BUILD_ENCDATA_LIST
result = obj_encdata_remove(hObject, tspContext);
#endif
} else if (obj_is_hash(hObject)) {
#ifdef TSS_BUILD_HASH_LIST
result = obj_hash_remove(hObject, tspContext);
#endif
} else if (obj_is_rsakey(hObject)) {
#ifdef TSS_BUILD_RSAKEY_LIST
result = obj_rsakey_remove(hObject, tspContext);
#endif
} else if (obj_is_policy(hObject)) {
result = obj_policy_remove(hObject, tspContext);
} else if (obj_is_delfamily(hObject)) {
#ifdef TSS_BUILD_DELEGATION
result = obj_delfamily_remove(hObject, tspContext);
#endif
} else if (obj_is_migdata(hObject)) {
#ifdef TSS_BUILD_CMK
result = obj_migdata_remove(hObject, tspContext);
#endif
} else {
result = TSPERR(TSS_E_INVALID_HANDLE);
}
return result;
}
TSS_RESULT
Tspi_Context_GetTpmObject(TSS_HCONTEXT tspContext, /* in */
TSS_HTPM * phTPM) /* out */
{
if (phTPM == NULL)
return TSPERR(TSS_E_BAD_PARAMETER);
if (!obj_is_context(tspContext))
return TSPERR(TSS_E_INVALID_HANDLE);
return obj_tpm_get(tspContext, phTPM);
}
|
