1 2 /* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2006 8 * 9 */ 10 11 #include <stdlib.h> 12 #include <stdio.h> 13 #include <syslog.h> 14 #include <string.h> 15 #include <netdb.h> 16 17 #include "trousers/tss.h" 18 #include "trousers_types.h" 19 #include "tcs_tsp.h" 20 #include "tcs_utils.h" 21 #include "tcs_int_literals.h" 22 #include "capabilities.h" 23 #include "tcslog.h" 24 #include "tcsd_wrap.h" 25 #include "tcsd.h" 26 #include "tcs_utils.h" 27 #include "rpc_tcstp_tcs.h" 28 29 30 TSS_RESULT 31 tcs_wrap_EvictKey(struct tcsd_thread_data *data) 32 { 33 TCS_CONTEXT_HANDLE hContext; 34 TCS_KEY_HANDLE hKey; 35 TSS_RESULT result; 36 37 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 38 return TCSERR(TSS_E_INTERNAL_ERROR); 39 40 if ((result = ctx_verify_context(hContext))) 41 goto done; 42 43 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 44 45 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) 46 return TCSERR(TSS_E_INTERNAL_ERROR); 47 48 MUTEX_LOCK(tcsp_lock); 49 50 result = key_mgr_evict(hContext, hKey); 51 52 MUTEX_UNLOCK(tcsp_lock); 53 done: 54 initData(&data->comm, 0); 55 data->comm.hdr.u.result = result; 56 57 return TSS_SUCCESS; 58 } 59 60 TSS_RESULT 61 tcs_wrap_GetPubkey(struct tcsd_thread_data *data) 62 { 63 TCS_CONTEXT_HANDLE hContext; 64 TCS_KEY_HANDLE hKey; 65 TPM_AUTH auth; 66 TPM_AUTH *pAuth; 67 UINT32 pubKeySize; 68 BYTE *pubKey; 69 TSS_RESULT result; 70 int i; 71 72 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 73 return TCSERR(TSS_E_INTERNAL_ERROR); 74 75 if ((result = ctx_verify_context(hContext))) 76 goto done; 77 78 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 79 80 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) 81 return TCSERR(TSS_E_INTERNAL_ERROR); 82 83 result = getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm); 84 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) 85 pAuth = NULL; 86 else if (result) 87 return result; 88 else 89 pAuth = &auth; 90 91 MUTEX_LOCK(tcsp_lock); 92 93 result = TCSP_GetPubKey_Internal(hContext, hKey, pAuth, &pubKeySize, &pubKey); 94 95 MUTEX_UNLOCK(tcsp_lock); 96 97 if (result == TSS_SUCCESS) { 98 i = 0; 99 initData(&data->comm, 3); 100 if (pAuth != NULL) 101 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { 102 free(pubKey); 103 return TCSERR(TSS_E_INTERNAL_ERROR); 104 } 105 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pubKeySize, 0, &data->comm)) { 106 free(pubKey); 107 return TCSERR(TSS_E_INTERNAL_ERROR); 108 } 109 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, pubKey, pubKeySize, &data->comm)) { 110 free(pubKey); 111 return TCSERR(TSS_E_INTERNAL_ERROR); 112 } 113 free(pubKey); 114 } else 115 done: initData(&data->comm, 0); 116 117 data->comm.hdr.u.result = result; 118 return TSS_SUCCESS; 119 } 120 121 TSS_RESULT 122 tcs_wrap_TerminateHandle(struct tcsd_thread_data *data) 123 { 124 TCS_CONTEXT_HANDLE hContext; 125 TCS_AUTHHANDLE authHandle; 126 TSS_RESULT result; 127 128 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 129 return TCSERR(TSS_E_INTERNAL_ERROR); 130 131 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 132 133 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &authHandle, 0, &data->comm)) 134 return TCSERR(TSS_E_INTERNAL_ERROR); 135 136 MUTEX_LOCK(tcsp_lock); 137 138 result = TCSP_TerminateHandle_Internal(hContext, authHandle); 139 140 MUTEX_UNLOCK(tcsp_lock); 141 142 initData(&data->comm, 0); 143 data->comm.hdr.u.result = result; 144 145 return TSS_SUCCESS; 146 } 147 148 TSS_RESULT 149 tcs_wrap_LoadKeyByBlob(struct tcsd_thread_data *data) 150 { 151 TCS_CONTEXT_HANDLE hContext; 152 TCS_KEY_HANDLE hUnwrappingKey; 153 UINT32 cWrappedKeyBlob; 154 BYTE *rgbWrappedKeyBlob; 155 156 TPM_AUTH auth; 157 158 TCS_KEY_HANDLE phKeyTCSI; 159 TCS_KEY_HANDLE phKeyHMAC; 160 161 TPM_AUTH *pAuth; 162 TSS_RESULT result; 163 int i; 164 165 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 166 return TCSERR(TSS_E_INTERNAL_ERROR); 167 168 if ((result = ctx_verify_context(hContext))) 169 goto done; 170 171 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 172 173 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hUnwrappingKey, 0, &data->comm)) 174 return TCSERR(TSS_E_INTERNAL_ERROR); 175 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &cWrappedKeyBlob, 0, &data->comm)) 176 return TCSERR(TSS_E_INTERNAL_ERROR); 177 178 rgbWrappedKeyBlob = calloc(1, cWrappedKeyBlob); 179 if (rgbWrappedKeyBlob == NULL) { 180 LogError("malloc of %d bytes failed.", cWrappedKeyBlob); 181 return TCSERR(TSS_E_OUTOFMEMORY); 182 } 183 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbWrappedKeyBlob, cWrappedKeyBlob, &data->comm)) { 184 free(rgbWrappedKeyBlob); 185 return TCSERR(TSS_E_INTERNAL_ERROR); 186 } 187 result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm); 188 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) 189 pAuth = NULL; 190 else if (result) { 191 free(rgbWrappedKeyBlob); 192 return result; 193 } else 194 pAuth = &auth; 195 196 MUTEX_LOCK(tcsp_lock); 197 198 result = key_mgr_load_by_blob(hContext, hUnwrappingKey, cWrappedKeyBlob, rgbWrappedKeyBlob, 199 pAuth, &phKeyTCSI, &phKeyHMAC); 200 201 if (!result) 202 result = ctx_mark_key_loaded(hContext, phKeyTCSI); 203 204 MUTEX_UNLOCK(tcsp_lock); 205 206 free(rgbWrappedKeyBlob); 207 208 if (result == TSS_SUCCESS) { 209 i = 0; 210 initData(&data->comm, 3); 211 if (pAuth != NULL) { 212 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { 213 return TCSERR(TSS_E_INTERNAL_ERROR); 214 } 215 } 216 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyTCSI, 0, &data->comm)) { 217 return TCSERR(TSS_E_INTERNAL_ERROR); 218 } 219 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyHMAC, 0, &data->comm)) { 220 return TCSERR(TSS_E_INTERNAL_ERROR); 221 } 222 } else 223 done: initData(&data->comm, 0); 224 225 data->comm.hdr.u.result = result; 226 227 return TSS_SUCCESS; 228 } 229 230 #ifdef TSS_BUILD_TSS12 231 TSS_RESULT 232 tcs_wrap_LoadKey2ByBlob(struct tcsd_thread_data *data) 233 { 234 TCS_CONTEXT_HANDLE hContext; 235 TCS_KEY_HANDLE hUnwrappingKey; 236 UINT32 cWrappedKeyBlob; 237 BYTE *rgbWrappedKeyBlob; 238 TPM_AUTH auth; 239 TCS_KEY_HANDLE phKeyTCSI; 240 TPM_AUTH *pAuth; 241 TSS_RESULT result; 242 int i; 243 244 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 245 return TCSERR(TSS_E_INTERNAL_ERROR); 246 247 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 248 249 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hUnwrappingKey, 0, &data->comm)) 250 return TCSERR(TSS_E_INTERNAL_ERROR); 251 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &cWrappedKeyBlob, 0, &data->comm)) 252 return TCSERR(TSS_E_INTERNAL_ERROR); 253 254 rgbWrappedKeyBlob = calloc(1, cWrappedKeyBlob); 255 if (rgbWrappedKeyBlob == NULL) { 256 LogError("malloc of %d bytes failed.", cWrappedKeyBlob); 257 return TCSERR(TSS_E_OUTOFMEMORY); 258 } 259 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbWrappedKeyBlob, cWrappedKeyBlob, &data->comm)) { 260 free(rgbWrappedKeyBlob); 261 return TCSERR(TSS_E_INTERNAL_ERROR); 262 } 263 result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm); 264 if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) 265 pAuth = NULL; 266 else if (result) { 267 free(rgbWrappedKeyBlob); 268 return result; 269 } else 270 pAuth = &auth; 271 272 MUTEX_LOCK(tcsp_lock); 273 274 result = key_mgr_load_by_blob(hContext, hUnwrappingKey, cWrappedKeyBlob, rgbWrappedKeyBlob, 275 pAuth, &phKeyTCSI, NULL); 276 277 if (!result) 278 result = ctx_mark_key_loaded(hContext, phKeyTCSI); 279 280 MUTEX_UNLOCK(tcsp_lock); 281 282 free(rgbWrappedKeyBlob); 283 284 if (result == TSS_SUCCESS) { 285 i = 0; 286 initData(&data->comm, 2); 287 if (pAuth != NULL) { 288 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { 289 return TCSERR(TSS_E_INTERNAL_ERROR); 290 } 291 } 292 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyTCSI, 0, &data->comm)) { 293 return TCSERR(TSS_E_INTERNAL_ERROR); 294 } 295 } else 296 initData(&data->comm, 0); 297 298 data->comm.hdr.u.result = result; 299 300 return TSS_SUCCESS; 301 } 302 #endif 303 304 TSS_RESULT 305 tcs_wrap_CreateWrapKey(struct tcsd_thread_data *data) 306 { 307 TCS_CONTEXT_HANDLE hContext; 308 TCS_KEY_HANDLE hWrappingKey; 309 TCPA_ENCAUTH KeyUsageAuth; 310 TCPA_ENCAUTH KeyMigrationAuth; 311 UINT32 keyInfoSize; 312 BYTE *keyInfo; 313 314 TPM_AUTH *pAuth, auth; 315 316 UINT32 keyDataSize; 317 BYTE *keyData; 318 TSS_RESULT result; 319 320 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 321 return TCSERR(TSS_E_INTERNAL_ERROR); 322 323 if ((result = ctx_verify_context(hContext))) 324 goto done; 325 326 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 327 328 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hWrappingKey, 0, &data->comm)) 329 return TCSERR(TSS_E_INTERNAL_ERROR); 330 if (getData(TCSD_PACKET_TYPE_ENCAUTH, 2, &KeyUsageAuth, 0, &data->comm)) 331 return TCSERR(TSS_E_INTERNAL_ERROR); 332 if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &KeyMigrationAuth, 0, &data->comm)) 333 return TCSERR(TSS_E_INTERNAL_ERROR); 334 if (getData(TCSD_PACKET_TYPE_UINT32, 4, &keyInfoSize, 0, &data->comm)) 335 return TCSERR(TSS_E_INTERNAL_ERROR); 336 337 keyInfo = calloc(1, keyInfoSize); 338 if (keyInfo == NULL) { 339 LogError("malloc of %d bytes failed.", keyInfoSize); 340 return TCSERR(TSS_E_OUTOFMEMORY); 341 } 342 if (getData(TCSD_PACKET_TYPE_PBYTE, 5, keyInfo, keyInfoSize, &data->comm)) { 343 free(keyInfo); 344 return TCSERR(TSS_E_INTERNAL_ERROR); 345 } 346 if (getData(TCSD_PACKET_TYPE_AUTH, 6, &auth, 0, &data->comm)) 347 pAuth = NULL; 348 else 349 pAuth = &auth; 350 351 MUTEX_LOCK(tcsp_lock); 352 353 result = TCSP_CreateWrapKey_Internal(hContext, hWrappingKey, KeyUsageAuth, KeyMigrationAuth, 354 keyInfoSize, keyInfo, &keyDataSize, &keyData, pAuth); 355 356 MUTEX_UNLOCK(tcsp_lock); 357 358 free(keyInfo); 359 if (result == TSS_SUCCESS) { 360 initData(&data->comm, 3); 361 if (setData(TCSD_PACKET_TYPE_UINT32, 0, &keyDataSize, 0, &data->comm)) { 362 free(keyData); 363 return TCSERR(TSS_E_INTERNAL_ERROR); 364 } 365 if (setData(TCSD_PACKET_TYPE_PBYTE, 1, keyData, keyDataSize, &data->comm)) { 366 free(keyData); 367 return TCSERR(TSS_E_INTERNAL_ERROR); 368 } 369 free(keyData); 370 if (pAuth) { 371 if (setData(TCSD_PACKET_TYPE_AUTH, 2, pAuth, 0, &data->comm)) 372 return TCSERR(TSS_E_INTERNAL_ERROR); 373 } 374 } else 375 done: initData(&data->comm, 0); 376 377 data->comm.hdr.u.result = result; 378 379 return TSS_SUCCESS; 380 } 381 382 #ifdef TSS_BUILD_TSS12 383 TSS_RESULT 384 tcs_wrap_OwnerReadInternalPub(struct tcsd_thread_data *data) 385 { 386 TCS_CONTEXT_HANDLE hContext; 387 TCS_KEY_HANDLE hKey; 388 TPM_AUTH ownerAuth; 389 UINT32 pubKeySize; 390 BYTE *pubKeyData; 391 TSS_RESULT result; 392 393 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 394 return TCSERR(TSS_E_INTERNAL_ERROR); 395 396 if ((result = ctx_verify_context(hContext))) 397 goto done; 398 399 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 400 401 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) 402 return TCSERR(TSS_E_INTERNAL_ERROR); 403 if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm)) 404 return TCSERR(TSS_E_INTERNAL_ERROR); 405 406 MUTEX_LOCK(tcsp_lock); 407 408 result = TCSP_OwnerReadInternalPub_Internal(hContext, hKey, &ownerAuth, &pubKeySize, &pubKeyData); 409 410 MUTEX_UNLOCK(tcsp_lock); 411 412 if (result == TSS_SUCCESS) { 413 initData(&data->comm, 3); 414 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) 415 return TCSERR(TSS_E_INTERNAL_ERROR); 416 if (setData(TCSD_PACKET_TYPE_UINT32, 1, &pubKeySize, 0, &data->comm)) 417 return TCSERR(TSS_E_INTERNAL_ERROR); 418 if (setData(TCSD_PACKET_TYPE_PBYTE, 2, pubKeyData, pubKeySize, &data->comm)) 419 return TCSERR(TSS_E_INTERNAL_ERROR); 420 } else 421 done: initData(&data->comm, 0); 422 423 data->comm.hdr.u.result = result; 424 return TSS_SUCCESS; 425 } 426 427 TSS_RESULT 428 tcs_wrap_KeyControlOwner(struct tcsd_thread_data *data) 429 { 430 TCS_CONTEXT_HANDLE hContext; 431 TCS_KEY_HANDLE hKey; 432 UINT32 ulPublicKeyLength; 433 BYTE* rgbPublicKey = NULL; 434 UINT32 attribName; 435 TSS_BOOL attribValue; 436 TPM_AUTH ownerAuth; 437 TSS_UUID uuidData; 438 TSS_RESULT result; 439 440 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 441 return TCSERR(TSS_E_INTERNAL_ERROR); 442 443 if ((result = ctx_verify_context(hContext))) 444 goto done; 445 446 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 447 448 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm)) 449 return TCSERR(TSS_E_INTERNAL_ERROR); 450 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &ulPublicKeyLength, 0, &data->comm)) 451 return TCSERR(TSS_E_INTERNAL_ERROR); 452 453 rgbPublicKey = (BYTE *) malloc(ulPublicKeyLength); 454 if (rgbPublicKey == NULL) { 455 LogError("malloc of %u bytes failed.", ulPublicKeyLength); 456 return TCSERR(TSS_E_OUTOFMEMORY); 457 } 458 if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbPublicKey, ulPublicKeyLength, &data->comm)) { 459 free(rgbPublicKey); 460 return TCSERR(TSS_E_INTERNAL_ERROR); 461 } 462 if (getData(TCSD_PACKET_TYPE_UINT32, 4, &attribName, 0, &data->comm)) { 463 free(rgbPublicKey); 464 return TCSERR(TSS_E_INTERNAL_ERROR); 465 } 466 if (getData(TCSD_PACKET_TYPE_BOOL, 5, &attribValue, 0, &data->comm)) { 467 free(rgbPublicKey); 468 return TCSERR(TSS_E_INTERNAL_ERROR); 469 } 470 if (getData(TCSD_PACKET_TYPE_AUTH, 6, &ownerAuth, 0, &data->comm)) { 471 free(rgbPublicKey); 472 return TCSERR(TSS_E_INTERNAL_ERROR); 473 } 474 475 MUTEX_LOCK(tcsp_lock); 476 477 result = TCSP_KeyControlOwner_Internal(hContext, hKey, ulPublicKeyLength, rgbPublicKey, 478 attribName, attribValue, &ownerAuth, &uuidData); 479 480 MUTEX_UNLOCK(tcsp_lock); 481 482 if (result == TSS_SUCCESS) { 483 initData(&data->comm, 2); 484 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) { 485 free(rgbPublicKey); 486 return TCSERR(TSS_E_INTERNAL_ERROR); 487 } 488 if (setData(TCSD_PACKET_TYPE_UUID, 1, &uuidData, 0, &data->comm)) { 489 free(rgbPublicKey); 490 return TCSERR(TSS_E_INTERNAL_ERROR); 491 } 492 } else 493 done: initData(&data->comm, 0); 494 495 free(rgbPublicKey); 496 data->comm.hdr.u.result = result; 497 return TSS_SUCCESS; 498 499 } 500 #endif 501
Indexes created Sun Jun 14 00:25:39 UTC 2026