1 2 /* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2006 8 * 9 */ 10 11 #include <stdlib.h> 12 #include <stdio.h> 13 #include <syslog.h> 14 #include <string.h> 15 #include <netdb.h> 16 17 #include "trousers/tss.h" 18 #include "trousers_types.h" 19 #include "tcs_tsp.h" 20 #include "tcs_utils.h" 21 #include "tcs_int_literals.h" 22 #include "capabilities.h" 23 #include "tcslog.h" 24 #include "tcsd_wrap.h" 25 #include "tcsd.h" 26 #include "tcs_utils.h" 27 #include "rpc_tcstp_tcs.h" 28 29 30 TSS_RESULT 31 tcs_wrap_MakeIdentity(struct tcsd_thread_data *data) 32 { 33 TCS_CONTEXT_HANDLE hContext; 34 TCPA_ENCAUTH identityAuth; 35 TCPA_CHOSENID_HASH privCAHash; 36 UINT32 idKeyInfoSize; 37 BYTE *idKeyInfo = NULL; 38 39 TPM_AUTH auth1, auth2; 40 TPM_AUTH *pSRKAuth, *pOwnerAuth; 41 42 UINT32 idKeySize; 43 BYTE *idKey = NULL; 44 UINT32 pcIDBindSize; 45 BYTE *prgbIDBind = NULL; 46 UINT32 pcECSize; 47 BYTE *prgbEC = NULL; 48 UINT32 pcPlatCredSize; 49 BYTE *prgbPlatCred = NULL; 50 UINT32 pcConfCredSize; 51 BYTE *prgbConfCred = NULL; 52 TSS_RESULT result; 53 54 int i; 55 56 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 57 return TCSERR(TSS_E_INTERNAL_ERROR); 58 59 if ((result = ctx_verify_context(hContext))) 60 goto done; 61 62 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 63 64 if (getData(TCSD_PACKET_TYPE_ENCAUTH, 1, &identityAuth, 0, &data->comm)) 65 return TCSERR(TSS_E_INTERNAL_ERROR); 66 if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &privCAHash, 0, &data->comm)) 67 return TCSERR(TSS_E_INTERNAL_ERROR); 68 69 if (getData(TCSD_PACKET_TYPE_UINT32, 3, &idKeyInfoSize, 0, &data->comm)) 70 return TCSERR(TSS_E_INTERNAL_ERROR); 71 idKeyInfo = (BYTE *) calloc(1, idKeyInfoSize); 72 if (idKeyInfo == NULL) { 73 LogError("malloc of %d bytes failed.", idKeyInfoSize); 74 return TCSERR(TSS_E_OUTOFMEMORY); 75 } 76 if (getData(TCSD_PACKET_TYPE_PBYTE, 4, idKeyInfo, idKeyInfoSize, &data->comm)) { 77 free(idKeyInfo); 78 return TCSERR(TSS_E_INTERNAL_ERROR); 79 } 80 if (getData(TCSD_PACKET_TYPE_AUTH, 5, &auth1, 0, &data->comm)) { 81 free(idKeyInfo); 82 return TCSERR(TSS_E_INTERNAL_ERROR); 83 } 84 85 result = getData(TCSD_PACKET_TYPE_AUTH, 6, &auth2, 0, &data->comm); 86 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) { 87 pOwnerAuth = &auth1; 88 pSRKAuth = NULL; 89 } else if (result) { 90 free(idKeyInfo); 91 return result; 92 } else { 93 pOwnerAuth = &auth2; 94 pSRKAuth = &auth1; 95 } 96 97 MUTEX_LOCK(tcsp_lock); 98 99 result = TCSP_MakeIdentity_Internal(hContext, identityAuth, privCAHash, 100 idKeyInfoSize, idKeyInfo, pSRKAuth, 101 pOwnerAuth, &idKeySize, &idKey, 102 &pcIDBindSize, &prgbIDBind, &pcECSize, 103 &prgbEC, &pcPlatCredSize, &prgbPlatCred, 104 &pcConfCredSize, &prgbConfCred); 105 106 MUTEX_UNLOCK(tcsp_lock); 107 free(idKeyInfo); 108 109 if (result == TSS_SUCCESS) { 110 i = 0; 111 initData(&data->comm, 12); 112 if (pSRKAuth) { 113 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pSRKAuth, 0, &data->comm)) 114 goto internal_error; 115 } 116 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) 117 goto internal_error; 118 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &idKeySize, 0, &data->comm)) 119 goto internal_error; 120 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, idKey, idKeySize, &data->comm)) 121 goto internal_error; 122 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcIDBindSize, 0, &data->comm)) 123 goto internal_error; 124 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbIDBind, pcIDBindSize, &data->comm)) 125 goto internal_error; 126 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcECSize, 0, &data->comm)) 127 goto internal_error; 128 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbEC, pcECSize, &data->comm)) 129 goto internal_error; 130 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcPlatCredSize, 0, &data->comm)) 131 goto internal_error; 132 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbPlatCred, pcPlatCredSize, &data->comm)) 133 goto internal_error; 134 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcConfCredSize, 0, &data->comm)) 135 goto internal_error; 136 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbConfCred, pcConfCredSize, &data->comm)) 137 goto internal_error; 138 139 free(idKey); 140 free(prgbIDBind); 141 free(prgbEC); 142 free(prgbPlatCred); 143 free(prgbConfCred); 144 } else 145 done: initData(&data->comm, 0); 146 147 data->comm.hdr.u.result = result; 148 149 return TSS_SUCCESS; 150 151 internal_error: 152 free(idKey); 153 free(prgbIDBind); 154 free(prgbEC); 155 free(prgbPlatCred); 156 free(prgbConfCred); 157 return TCSERR(TSS_E_INTERNAL_ERROR); 158 } 159 160 TSS_RESULT 161 tcs_wrap_ActivateIdentity(struct tcsd_thread_data *data) 162 { 163 TCS_CONTEXT_HANDLE hContext; 164 TCS_KEY_HANDLE idKeyHandle; 165 TPM_AUTH *pIdKeyAuth = NULL, *pOwnerAuth = NULL, auth1, auth2; 166 UINT32 SymmetricKeySize, blobSize; 167 BYTE *SymmetricKey, *blob; 168 TSS_RESULT result; 169 UINT32 i; 170 171 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 172 return TCSERR(TSS_E_INTERNAL_ERROR); 173 174 if ((result = ctx_verify_context(hContext))) 175 goto done; 176 177 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 178 179 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idKeyHandle, 0, &data->comm)) 180 return TCSERR(TSS_E_INTERNAL_ERROR); 181 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &blobSize, 0, &data->comm)) 182 return TCSERR(TSS_E_INTERNAL_ERROR); 183 184 if ((blob = malloc(blobSize)) == NULL) 185 return TCSERR(TSS_E_OUTOFMEMORY); 186 187 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, blob, blobSize, &data->comm)) { 188 free(blob); 189 return TCSERR(TSS_E_INTERNAL_ERROR); 190 } 191 192 if (getData(TCSD_PACKET_TYPE_AUTH, 4, &auth1, 0, &data->comm)) { 193 free(blob); 194 return TCSERR(TSS_E_INTERNAL_ERROR); 195 } 196 197 result = getData(TCSD_PACKET_TYPE_AUTH, 5, &auth2, 0, &data->comm); 198 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) 199 pOwnerAuth = &auth1; 200 else if (result) { 201 free(blob); 202 return result; 203 } else { 204 pIdKeyAuth = &auth1; 205 pOwnerAuth = &auth2; 206 } 207 208 MUTEX_LOCK(tcsp_lock); 209 210 result = TCSP_ActivateTPMIdentity_Internal(hContext, idKeyHandle, blobSize, 211 blob, pIdKeyAuth, pOwnerAuth, 212 &SymmetricKeySize, 213 &SymmetricKey); 214 215 MUTEX_UNLOCK(tcsp_lock); 216 free(blob); 217 218 if (result == TSS_SUCCESS) { 219 i = 0; 220 initData(&data->comm, 4); 221 if (pIdKeyAuth) { 222 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pIdKeyAuth, 0, &data->comm)) { 223 free(SymmetricKey); 224 return TCSERR(TSS_E_INTERNAL_ERROR); 225 } 226 } 227 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) { 228 free(SymmetricKey); 229 return TCSERR(TSS_E_INTERNAL_ERROR); 230 } 231 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &SymmetricKeySize, 0, &data->comm)) { 232 free(SymmetricKey); 233 return TCSERR(TSS_E_INTERNAL_ERROR); 234 } 235 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, SymmetricKey, SymmetricKeySize, &data->comm)) { 236 free(SymmetricKey); 237 return TCSERR(TSS_E_INTERNAL_ERROR); 238 } 239 free(SymmetricKey); 240 } else 241 done: initData(&data->comm, 0); 242 243 data->comm.hdr.u.result = result; 244 245 return TSS_SUCCESS; 246 } 247 248 #ifdef TSS_BUILD_TSS12 249 TSS_RESULT 250 tcs_wrap_GetCredential(struct tcsd_thread_data *data) 251 { 252 TCS_CONTEXT_HANDLE hContext; 253 UINT32 CredType; 254 UINT32 CredAccessMode; 255 UINT32 CredSize; 256 BYTE *CredData = NULL; 257 TSS_RESULT result; 258 259 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 260 return TCSERR(TSS_E_INTERNAL_ERROR); 261 262 if ((result = ctx_verify_context(hContext))) 263 goto done; 264 265 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &CredType, 0, &data->comm)) 266 return TCSERR(TSS_E_INTERNAL_ERROR); 267 268 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &CredAccessMode, 0, &data->comm)) 269 return TCSERR(TSS_E_INTERNAL_ERROR); 270 271 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 272 273 result = TCS_GetCredential_Internal(hContext, CredType, CredAccessMode, 274 &CredSize, &CredData); 275 276 if (result == TSS_SUCCESS) { 277 initData(&data->comm, 2); 278 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &CredSize, 0, &data->comm)) 279 goto internal_error; 280 if (setData(TCSD_PACKET_TYPE_PBYTE, 1, CredData, CredSize, &data->comm)) 281 goto internal_error; 282 283 free(CredData); 284 } else 285 done: initData(&data->comm, 0); 286 287 data->comm.hdr.u.result = result; 288 return TSS_SUCCESS; 289 290 internal_error: 291 free(CredData); 292 return TCSERR(TSS_E_INTERNAL_ERROR); 293 } 294 #endif 295
Indexes created Sat Jun 20 00:25:23 UTC 2026