1 2 /* 3 * Licensed Materials - Property of IBM 4 * 5 * trousers - An open source TCG Software Stack 6 * 7 * (C) Copyright International Business Machines Corp. 2004-2007 8 * 9 */ 10 11 #include <stdlib.h> 12 #include <stdio.h> 13 #include <syslog.h> 14 #include <string.h> 15 #include <netdb.h> 16 17 #include "trousers/tss.h" 18 #include "trousers_types.h" 19 #include "tcs_tsp.h" 20 #include "tcs_utils.h" 21 #include "tcs_int_literals.h" 22 #include "capabilities.h" 23 #include "tcslog.h" 24 #include "tcsd_wrap.h" 25 #include "tcsd.h" 26 #include "tcs_utils.h" 27 #include "rpc_tcstp_tcs.h" 28 29 30 TSS_RESULT 31 tcs_wrap_EstablishTransport(struct tcsd_thread_data *data) 32 { 33 TCS_CONTEXT_HANDLE hContext; 34 TCS_KEY_HANDLE hEncKey, hTransSession; 35 UINT32 ulTransControlFlags, ulTransSessionInfoSize, ulSecretSize, ulCurrentTicks, i; 36 BYTE *rgbTransSessionInfo, *rgbSecret, *prgbCurrentTicks; 37 TPM_MODIFIER_INDICATOR pbLocality; 38 TPM_AUTH pEncKeyAuth, *pAuth; 39 TPM_NONCE pTransNonce; 40 TSS_RESULT result; 41 42 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 43 return TCSERR(TSS_E_INTERNAL_ERROR); 44 45 if ((result = ctx_verify_context(hContext))) 46 goto done; 47 48 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 49 50 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &ulTransControlFlags, 0, &data->comm)) 51 return TCSERR(TSS_E_INTERNAL_ERROR); 52 if (getData(TCSD_PACKET_TYPE_UINT32, 2, &hEncKey, 0, &data->comm)) 53 return TCSERR(TSS_E_INTERNAL_ERROR); 54 if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulTransSessionInfoSize, 0, &data->comm)) 55 return TCSERR(TSS_E_INTERNAL_ERROR); 56 57 rgbTransSessionInfo = malloc(ulTransSessionInfoSize); 58 if (rgbTransSessionInfo == NULL) { 59 LogError("malloc of %u bytes failed.", ulTransSessionInfoSize); 60 return TCSERR(TSS_E_INTERNAL_ERROR); 61 } 62 if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbTransSessionInfo, ulTransSessionInfoSize, 63 &data->comm)) { 64 free(rgbTransSessionInfo); 65 return TCSERR(TSS_E_INTERNAL_ERROR); 66 } 67 68 if (getData(TCSD_PACKET_TYPE_UINT32, 5, &ulSecretSize, 0, &data->comm)) { 69 free(rgbTransSessionInfo); 70 return TCSERR(TSS_E_INTERNAL_ERROR); 71 } 72 73 rgbSecret = malloc(ulSecretSize); 74 if (rgbSecret == NULL) { 75 free(rgbTransSessionInfo); 76 LogError("malloc of %u bytes failed.", ulSecretSize); 77 return TCSERR(TSS_E_INTERNAL_ERROR); 78 } 79 if (getData(TCSD_PACKET_TYPE_PBYTE, 6, rgbSecret, ulSecretSize, &data->comm)) { 80 free(rgbTransSessionInfo); 81 free(rgbSecret); 82 return TCSERR(TSS_E_INTERNAL_ERROR); 83 } 84 if (getData(TCSD_PACKET_TYPE_AUTH, 7, &pEncKeyAuth, 0, &data->comm)) 85 pAuth = NULL; 86 else 87 pAuth = &pEncKeyAuth; 88 89 MUTEX_LOCK(tcsp_lock); 90 91 result = TCSP_EstablishTransport_Internal(hContext, ulTransControlFlags, hEncKey, 92 ulTransSessionInfoSize, rgbTransSessionInfo, 93 ulSecretSize, rgbSecret, pAuth, &pbLocality, 94 &hTransSession, &ulCurrentTicks, 95 &prgbCurrentTicks, &pTransNonce); 96 97 MUTEX_UNLOCK(tcsp_lock); 98 99 free(rgbSecret); 100 free(rgbTransSessionInfo); 101 102 if (result == TSS_SUCCESS) { 103 i = 0; 104 initData(&data->comm, 6); 105 if (pAuth) { 106 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) { 107 free(prgbCurrentTicks); 108 return TCSERR(TSS_E_INTERNAL_ERROR); 109 } 110 } 111 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) { 112 free(prgbCurrentTicks); 113 return TCSERR(TSS_E_INTERNAL_ERROR); 114 } 115 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &hTransSession, 0, &data->comm)) { 116 free(prgbCurrentTicks); 117 return TCSERR(TSS_E_INTERNAL_ERROR); 118 } 119 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulCurrentTicks, 0, &data->comm)) { 120 free(prgbCurrentTicks); 121 return TCSERR(TSS_E_INTERNAL_ERROR); 122 } 123 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbCurrentTicks, ulCurrentTicks, 124 &data->comm)) { 125 free(prgbCurrentTicks); 126 return TCSERR(TSS_E_INTERNAL_ERROR); 127 } 128 free(prgbCurrentTicks); 129 if (setData(TCSD_PACKET_TYPE_NONCE, i++, &pTransNonce, 0, &data->comm)) 130 return TCSERR(TSS_E_INTERNAL_ERROR); 131 } else 132 done: initData(&data->comm, 0); 133 134 data->comm.hdr.u.result = result; 135 return TSS_SUCCESS; 136 } 137 138 TSS_RESULT 139 tcs_wrap_ExecuteTransport(struct tcsd_thread_data *data) 140 { 141 TCS_CONTEXT_HANDLE hContext; 142 TPM_COMMAND_CODE unWrappedCommandOrdinal; 143 TCS_HANDLE *rghHandles = NULL, handles[2]; 144 UINT32 ulWrappedCmdDataInSize, pulHandleListSize, ulWrappedCmdDataOutSize, i = 0; 145 BYTE *rgbWrappedCmdDataIn, *rgbWrappedCmdDataOut; 146 TPM_MODIFIER_INDICATOR pbLocality; 147 TPM_AUTH pWrappedCmdAuth1, pWrappedCmdAuth2, pTransAuth, *pAuth1, *pAuth2, null_auth; 148 UINT64 punCurrentTicks; 149 TSS_RESULT result, pulWrappedCmdReturnCode; 150 151 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm)) 152 return TCSERR(TSS_E_INTERNAL_ERROR); 153 154 if ((result = ctx_verify_context(hContext))) 155 goto done; 156 157 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 158 159 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &unWrappedCommandOrdinal, 0, &data->comm)) 160 return TCSERR(TSS_E_INTERNAL_ERROR); 161 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataInSize, 0, &data->comm)) 162 return TCSERR(TSS_E_INTERNAL_ERROR); 163 164 rgbWrappedCmdDataIn = malloc(ulWrappedCmdDataInSize); 165 if (rgbWrappedCmdDataIn == NULL) { 166 LogError("malloc of %u bytes failed", ulWrappedCmdDataInSize); 167 return TCSERR(TSS_E_INTERNAL_ERROR); 168 } 169 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataIn, ulWrappedCmdDataInSize, 170 &data->comm)) { 171 free(rgbWrappedCmdDataIn); 172 return TCSERR(TSS_E_INTERNAL_ERROR); 173 } 174 if (getData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) { 175 free(rgbWrappedCmdDataIn); 176 return TCSERR(TSS_E_INTERNAL_ERROR); 177 } 178 179 if (pulHandleListSize > 2) { 180 free(rgbWrappedCmdDataIn); 181 return TCSERR(TSS_E_BAD_PARAMETER); 182 } 183 184 if (pulHandleListSize) { 185 if (getData(TCSD_PACKET_TYPE_PBYTE, i++, handles, 186 pulHandleListSize * sizeof(UINT32), &data->comm)) { 187 free(rgbWrappedCmdDataIn); 188 return TCSERR(TSS_E_INTERNAL_ERROR); 189 } 190 } 191 rghHandles = handles; 192 193 memset(&null_auth, 0, sizeof(TPM_AUTH)); 194 memset(&pWrappedCmdAuth1, 0, sizeof(TPM_AUTH)); 195 memset(&pWrappedCmdAuth2, 0, sizeof(TPM_AUTH)); 196 197 if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth1, 0, &data->comm)) { 198 free(rgbWrappedCmdDataIn); 199 return TCSERR(TSS_E_INTERNAL_ERROR); 200 } 201 if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth2, 0, &data->comm)) { 202 free(rgbWrappedCmdDataIn); 203 return TCSERR(TSS_E_INTERNAL_ERROR); 204 } 205 if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) { 206 free(rgbWrappedCmdDataIn); 207 return TCSERR(TSS_E_INTERNAL_ERROR); 208 } 209 210 if (!memcmp(&pWrappedCmdAuth1, &null_auth, sizeof(TPM_AUTH))) 211 pAuth1 = NULL; 212 else 213 pAuth1 = &pWrappedCmdAuth1; 214 215 if (!memcmp(&pWrappedCmdAuth2, &null_auth, sizeof(TPM_AUTH))) 216 pAuth2 = NULL; 217 else 218 pAuth2 = &pWrappedCmdAuth2; 219 220 MUTEX_LOCK(tcsp_lock); 221 222 result = TCSP_ExecuteTransport_Internal(hContext, unWrappedCommandOrdinal, 223 ulWrappedCmdDataInSize, rgbWrappedCmdDataIn, 224 &pulHandleListSize, &rghHandles, pAuth1, pAuth2, 225 &pTransAuth, &punCurrentTicks, &pbLocality, 226 &pulWrappedCmdReturnCode, &ulWrappedCmdDataOutSize, 227 &rgbWrappedCmdDataOut); 228 229 MUTEX_UNLOCK(tcsp_lock); 230 231 free(rgbWrappedCmdDataIn); 232 233 if (result == TSS_SUCCESS) { 234 i = 0; 235 initData(&data->comm, 10); 236 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) { 237 free(rgbWrappedCmdDataOut); 238 return TCSERR(TSS_E_INTERNAL_ERROR); 239 } 240 if (pulHandleListSize) { 241 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rghHandles, 242 pulHandleListSize * sizeof(UINT32), &data->comm)) { 243 free(rgbWrappedCmdDataOut); 244 return TCSERR(TSS_E_INTERNAL_ERROR); 245 } 246 } 247 if (pAuth1) { 248 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth1, 0, &data->comm)) { 249 free(rgbWrappedCmdDataOut); 250 return TCSERR(TSS_E_INTERNAL_ERROR); 251 } 252 } else { 253 if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) { 254 free(rgbWrappedCmdDataOut); 255 return TCSERR(TSS_E_INTERNAL_ERROR); 256 } 257 } 258 if (pAuth2) { 259 if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth2, 0, &data->comm)) { 260 free(rgbWrappedCmdDataOut); 261 return TCSERR(TSS_E_INTERNAL_ERROR); 262 } 263 } else { 264 if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) { 265 free(rgbWrappedCmdDataOut); 266 return TCSERR(TSS_E_INTERNAL_ERROR); 267 } 268 } 269 if (setData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) { 270 free(rgbWrappedCmdDataOut); 271 return TCSERR(TSS_E_INTERNAL_ERROR); 272 } 273 if (setData(TCSD_PACKET_TYPE_UINT64, i++, &punCurrentTicks, 0, &data->comm)) { 274 free(rgbWrappedCmdDataOut); 275 return TCSERR(TSS_E_INTERNAL_ERROR); 276 } 277 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) { 278 free(rgbWrappedCmdDataOut); 279 return TCSERR(TSS_E_INTERNAL_ERROR); 280 } 281 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulWrappedCmdReturnCode, 0, 282 &data->comm)) { 283 free(rgbWrappedCmdDataOut); 284 return TCSERR(TSS_E_INTERNAL_ERROR); 285 } 286 if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataOutSize, 0, 287 &data->comm)) { 288 free(rgbWrappedCmdDataOut); 289 return TCSERR(TSS_E_INTERNAL_ERROR); 290 } 291 if (ulWrappedCmdDataOutSize) { 292 if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataOut, 293 ulWrappedCmdDataOutSize, &data->comm)) { 294 free(rgbWrappedCmdDataOut); 295 return TCSERR(TSS_E_INTERNAL_ERROR); 296 } 297 } 298 free(rgbWrappedCmdDataOut); 299 } else 300 done: initData(&data->comm, 0); 301 302 data->comm.hdr.u.result = result; 303 return TSS_SUCCESS; 304 } 305 306 TSS_RESULT 307 tcs_wrap_ReleaseTransportSigned(struct tcsd_thread_data *data) 308 { 309 TCS_CONTEXT_HANDLE hContext; 310 TCS_KEY_HANDLE hSignatureKey; 311 TPM_NONCE AntiReplayNonce; 312 UINT32 pulCurrentTicks, pulSignatureSize; 313 BYTE *prgbCurrentTicks, *prgbSignature; 314 TPM_MODIFIER_INDICATOR pbLocality; 315 TPM_AUTH pKeyAuth, pTransAuth, *pAuth, null_auth; 316 TSS_RESULT result; 317 318 memset(&null_auth, 0, sizeof(TPM_AUTH)); 319 memset(&pKeyAuth, 0, sizeof(TPM_AUTH)); 320 321 if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm)) 322 return TCSERR(TSS_E_INTERNAL_ERROR); 323 324 if ((result = ctx_verify_context(hContext))) 325 goto done; 326 327 LogDebugFn("thread %ld context %x", THREAD_ID, hContext); 328 329 if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hSignatureKey, 0, &data->comm)) 330 return TCSERR(TSS_E_INTERNAL_ERROR); 331 if (getData(TCSD_PACKET_TYPE_NONCE, 2, &AntiReplayNonce, 0, &data->comm)) 332 return TCSERR(TSS_E_INTERNAL_ERROR); 333 if (getData(TCSD_PACKET_TYPE_AUTH, 3, &pKeyAuth, 0, &data->comm)) 334 return TCSERR(TSS_E_INTERNAL_ERROR); 335 336 if (!memcmp(&null_auth, &pKeyAuth, sizeof(TPM_AUTH))) 337 pAuth = NULL; 338 else 339 pAuth = &pKeyAuth; 340 341 if (getData(TCSD_PACKET_TYPE_AUTH, 4, &pTransAuth, 0, &data->comm)) 342 return TCSERR(TSS_E_INTERNAL_ERROR); 343 344 345 MUTEX_LOCK(tcsp_lock); 346 347 result = TCSP_ReleaseTransportSigned_Internal(hContext, hSignatureKey, &AntiReplayNonce, 348 pAuth, &pTransAuth, &pbLocality, 349 &pulCurrentTicks, &prgbCurrentTicks, 350 &pulSignatureSize, &prgbSignature); 351 352 MUTEX_UNLOCK(tcsp_lock); 353 354 if (result == TSS_SUCCESS) { 355 initData(&data->comm, 7); 356 if (pAuth) { 357 if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) { 358 free(prgbCurrentTicks); 359 free(prgbSignature); 360 return TCSERR(TSS_E_INTERNAL_ERROR); 361 } 362 } else { 363 if (setData(TCSD_PACKET_TYPE_AUTH, 0, &null_auth, 0, &data->comm)) { 364 free(prgbCurrentTicks); 365 free(prgbSignature); 366 return TCSERR(TSS_E_INTERNAL_ERROR); 367 } 368 } 369 if (setData(TCSD_PACKET_TYPE_AUTH, 1, &pTransAuth, 0, &data->comm)) { 370 free(prgbCurrentTicks); 371 free(prgbSignature); 372 return TCSERR(TSS_E_INTERNAL_ERROR); 373 } 374 if (setData(TCSD_PACKET_TYPE_UINT32, 2, &pbLocality, 0, &data->comm)) { 375 free(prgbCurrentTicks); 376 free(prgbSignature); 377 return TCSERR(TSS_E_INTERNAL_ERROR); 378 } 379 if (setData(TCSD_PACKET_TYPE_UINT32, 3, &pulCurrentTicks, 0, &data->comm)) { 380 free(prgbCurrentTicks); 381 free(prgbSignature); 382 return TCSERR(TSS_E_INTERNAL_ERROR); 383 } 384 if (setData(TCSD_PACKET_TYPE_PBYTE, 4, prgbCurrentTicks, pulCurrentTicks, 385 &data->comm)) { 386 free(prgbCurrentTicks); 387 free(prgbSignature); 388 return TCSERR(TSS_E_INTERNAL_ERROR); 389 } 390 free(prgbCurrentTicks); 391 if (setData(TCSD_PACKET_TYPE_UINT32, 5, &pulSignatureSize, 0, &data->comm)) { 392 free(prgbSignature); 393 return TCSERR(TSS_E_INTERNAL_ERROR); 394 } 395 if (setData(TCSD_PACKET_TYPE_PBYTE, 6, prgbSignature, pulSignatureSize, 396 &data->comm)) { 397 free(prgbSignature); 398 return TCSERR(TSS_E_INTERNAL_ERROR); 399 } 400 free(prgbSignature); 401 } else 402 done: initData(&data->comm, 0); 403 404 data->comm.hdr.u.result = result; 405 return TSS_SUCCESS; 406 } 407
Indexes created Sat Jun 13 00:24:39 UTC 2026