1 2 /* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2006 8 * 9 */ 10 11 #include <stdlib.h> 12 #include <stdio.h> 13 #include <syslog.h> 14 #include <string.h> 15 #include <netdb.h> 16 17 #include "trousers/tss.h" 18 #include "trousers_types.h" 19 #include "tcs_tsp.h" 20 #include "tcs_utils.h" 21 #include "tcs_int_literals.h" 22 #include "capabilities.h" 23 #include "tcslog.h" 24 #include "tcsd_wrap.h" 25 #include "tcsd.h" 26 #include "tcs_utils.h" 27 #include "rpc_tcstp_tcs.h" 28 29 30 TSS_RESULT 31 tcs_wrap_CreateMigrationBlob(struct tcsd_thread_data *data) 32 { 33 TCS_CONTEXT_HANDLE hContext; 34 TSS_RESULT result; 35 TCS_KEY_HANDLE parentHandle; 36 TSS_MIGRATE_SCHEME migrationType; 37 UINT32 MigrationKeyAuthSize, encDataSize, randomSize, outDataSize; 38 BYTE *MigrationKeyAuth, *encData, *random, *outData; 39 TPM_AUTH auth1, auth2, *pParentAuth, *pEntityAuth; 40 UINT32 i; 41 42 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 43 return TCSERR(TSS_E_INTERNAL_ERROR); 44 45 if ((result = ctx_verify_context(hContext))) 46 goto done; 47 48 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 49 50 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) 51 return TCSERR(TSS_E_INTERNAL_ERROR); 52 if (getData(TCSD_PACKET_TYPE_UINT16, 2, &migrationType, 0, &data->comm)) 53 return TCSERR(TSS_E_INTERNAL_ERROR); 54 55 if (getData(TCSD_PACKET_TYPE_UINT32, 3, &MigrationKeyAuthSize, 0, &data->comm)) 56 return TCSERR(TSS_E_INTERNAL_ERROR); 57 58 MigrationKeyAuth = (BYTE *)malloc(MigrationKeyAuthSize); 59 if (MigrationKeyAuth == NULL) { 60 LogError("malloc of %d bytes failed.", MigrationKeyAuthSize); 61 return TCSERR(TSS_E_INTERNAL_ERROR); 62 } 63 if (getData(TCSD_PACKET_TYPE_PBYTE, 4, MigrationKeyAuth, MigrationKeyAuthSize, &data->comm)) { 64 free(MigrationKeyAuth); 65 return TCSERR(TSS_E_INTERNAL_ERROR); 66 } 67 68 if (getData(TCSD_PACKET_TYPE_UINT32, 5, &encDataSize, 0, &data->comm)) { 69 free(MigrationKeyAuth); 70 return TCSERR(TSS_E_INTERNAL_ERROR); 71 } 72 73 encData = (BYTE *)malloc(encDataSize); 74 if (encData == NULL) { 75 free(MigrationKeyAuth); 76 LogError("malloc of %d bytes failed.", encDataSize); 77 return TCSERR(TSS_E_INTERNAL_ERROR); 78 } 79 if (getData(TCSD_PACKET_TYPE_PBYTE, 6, encData, encDataSize, &data->comm)) { 80 free(MigrationKeyAuth); 81 free(encData); 82 return TCSERR(TSS_E_INTERNAL_ERROR); 83 } 84 85 if (getData(TCSD_PACKET_TYPE_AUTH, 7, &auth1, 0, &data->comm)) { 86 free(MigrationKeyAuth); 87 free(encData); 88 return TCSERR(TSS_E_INTERNAL_ERROR); 89 } 90 91 if (getData(TCSD_PACKET_TYPE_AUTH, 8, &auth2, 0, &data->comm)) { 92 /* If loading the 2nd auth fails, the first one was entity auth */ 93 pParentAuth = NULL; 94 pEntityAuth = &auth1; 95 } else { 96 /* If loading the 2nd auth succeeds, the first one was parent auth */ 97 pParentAuth = &auth1; 98 pEntityAuth = &auth2; 99 } 100 101 MUTEX_LOCK(tcsp_lock); 102 103 result = TCSP_CreateMigrationBlob_Internal(hContext, parentHandle, migrationType, 104 MigrationKeyAuthSize, MigrationKeyAuth, 105 encDataSize, encData, pParentAuth, pEntityAuth, 106 &randomSize, &random, &outDataSize, &outData); 107 108 MUTEX_UNLOCK(tcsp_lock); 109 110 free(MigrationKeyAuth); 111 free(encData); 112 if (result == TSS_SUCCESS) { 113 i = 0; 114 initData(&data->comm, 6); 115 if (pParentAuth) { 116 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) { 117 free(random); 118 free(outData); 119 return TCSERR(TSS_E_INTERNAL_ERROR); 120 } 121 } 122 123 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pEntityAuth, 0, &data->comm)) { 124 free(random); 125 free(outData); 126 return TCSERR(TSS_E_INTERNAL_ERROR); 127 } 128 129 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &randomSize, 0, &data->comm)) { 130 free(random); 131 free(outData); 132 return TCSERR(TSS_E_INTERNAL_ERROR); 133 } 134 if (randomSize > 0) { 135 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, random, randomSize, &data->comm)) { 136 free(random); 137 free(outData); 138 return TCSERR(TSS_E_INTERNAL_ERROR); 139 } 140 } 141 142 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { 143 free(random); 144 free(outData); 145 return TCSERR(TSS_E_INTERNAL_ERROR); 146 } 147 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { 148 free(random); 149 free(outData); 150 return TCSERR(TSS_E_INTERNAL_ERROR); 151 } 152 153 free(random); 154 free(outData); 155 } else 156 done: initData(&data->comm, 0); 157 158 data->comm.hdr.u.result = result; 159 160 return TSS_SUCCESS; 161 } 162 163 TSS_RESULT 164 tcs_wrap_ConvertMigrationBlob(struct tcsd_thread_data *data) 165 { 166 TCS_CONTEXT_HANDLE hContext; 167 TSS_RESULT result; 168 TCS_KEY_HANDLE parentHandle; 169 UINT32 outDataSize, randomSize, inDataSize; 170 BYTE *outData, *random, *inData; 171 TPM_AUTH parentAuth, *pParentAuth; 172 UINT32 i; 173 174 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 175 return TCSERR(TSS_E_INTERNAL_ERROR); 176 177 if ((result = ctx_verify_context(hContext))) 178 goto done; 179 180 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 181 182 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm)) 183 return TCSERR(TSS_E_INTERNAL_ERROR); 184 185 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm)) 186 return TCSERR(TSS_E_INTERNAL_ERROR); 187 188 inData = (BYTE *)malloc(inDataSize); 189 if (inData == NULL) { 190 LogError("malloc of %d bytes failed.", inDataSize); 191 return TCSERR(TSS_E_INTERNAL_ERROR); 192 } 193 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) { 194 free(inData); 195 return TCSERR(TSS_E_INTERNAL_ERROR); 196 } 197 198 if (getData(TCSD_PACKET_TYPE_UINT32, 4, &randomSize, 0, &data->comm)) { 199 free(inData); 200 return TCSERR(TSS_E_INTERNAL_ERROR); 201 } 202 203 random = (BYTE *)malloc(randomSize); 204 if (random == NULL) { 205 free(inData); 206 LogError("malloc of %d bytes failed.", randomSize); 207 return TCSERR(TSS_E_INTERNAL_ERROR); 208 } 209 if (getData(TCSD_PACKET_TYPE_PBYTE, 5, random, randomSize, &data->comm)) { 210 free(inData); 211 free(random); 212 return TCSERR(TSS_E_INTERNAL_ERROR); 213 } 214 215 if (getData(TCSD_PACKET_TYPE_AUTH, 6, &parentAuth, 0, &data->comm)) 216 pParentAuth = NULL; 217 else 218 pParentAuth = &parentAuth; 219 220 221 MUTEX_LOCK(tcsp_lock); 222 223 result = TCSP_ConvertMigrationBlob_Internal(hContext, parentHandle, inDataSize, inData, 224 randomSize, random, pParentAuth, &outDataSize, 225 &outData); 226 227 MUTEX_UNLOCK(tcsp_lock); 228 229 free(inData); 230 free(random); 231 if (result == TSS_SUCCESS) { 232 i = 0; 233 initData(&data->comm, 3); 234 if (pParentAuth) { 235 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) { 236 free(outData); 237 return TCSERR(TSS_E_INTERNAL_ERROR); 238 } 239 } 240 241 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) { 242 free(outData); 243 return TCSERR(TSS_E_INTERNAL_ERROR); 244 } 245 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) { 246 free(outData); 247 return TCSERR(TSS_E_INTERNAL_ERROR); 248 } 249 250 free(outData); 251 } else 252 done: initData(&data->comm, 0); 253 254 data->comm.hdr.u.result = result; 255 256 return TSS_SUCCESS; 257 } 258 259 TSS_RESULT 260 tcs_wrap_AuthorizeMigrationKey(struct tcsd_thread_data *data) 261 { 262 TCS_CONTEXT_HANDLE hContext; 263 TSS_RESULT result; 264 TSS_MIGRATE_SCHEME migrateScheme; 265 UINT32 MigrationKeySize, MigrationKeyAuthSize; 266 BYTE *MigrationKey, *MigrationKeyAuth; 267 TPM_AUTH ownerAuth; 268 269 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 270 return TCSERR(TSS_E_INTERNAL_ERROR); 271 272 if ((result = ctx_verify_context(hContext))) 273 goto done; 274 275 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 276 277 if (getData(TCSD_PACKET_TYPE_UINT16, 1, &migrateScheme, 0, &data->comm)) 278 return TCSERR(TSS_E_INTERNAL_ERROR); 279 280 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &MigrationKeySize, 0, &data->comm)) 281 return TCSERR(TSS_E_INTERNAL_ERROR); 282 283 MigrationKey = (BYTE *)malloc(MigrationKeySize); 284 if (MigrationKey == NULL) { 285 LogError("malloc of %d bytes failed.", MigrationKeySize); 286 return TCSERR(TSS_E_INTERNAL_ERROR); 287 } 288 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, MigrationKey, MigrationKeySize, &data->comm)) { 289 free(MigrationKey); 290 return TCSERR(TSS_E_INTERNAL_ERROR); 291 } 292 293 if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm)) { 294 free(MigrationKey); 295 return TCSERR(TSS_E_INTERNAL_ERROR); 296 } 297 298 MUTEX_LOCK(tcsp_lock); 299 300 result = TCSP_AuthorizeMigrationKey_Internal(hContext, migrateScheme, MigrationKeySize, 301 MigrationKey, &ownerAuth, 302 &MigrationKeyAuthSize, &MigrationKeyAuth); 303 304 MUTEX_UNLOCK(tcsp_lock); 305 306 free(MigrationKey); 307 if (result == TSS_SUCCESS) { 308 initData(&data->comm, 3); 309 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { 310 free(MigrationKeyAuth); 311 return TCSERR(TSS_E_INTERNAL_ERROR); 312 } 313 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &MigrationKeyAuthSize, 0, &data->comm)) { 314 free(MigrationKeyAuth); 315 return TCSERR(TSS_E_INTERNAL_ERROR); 316 } 317 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, MigrationKeyAuth, MigrationKeyAuthSize, 318 &data->comm)) { 319 free(MigrationKeyAuth); 320 return TCSERR(TSS_E_INTERNAL_ERROR); 321 } 322 323 free(MigrationKeyAuth); 324 } else 325 done: initData(&data->comm, 0); 326 327 data->comm.hdr.u.result = result; 328 329 return TSS_SUCCESS; 330 } 331
Indexes created Wed Jun 17 00:25:26 UTC 2026