3
* Licensed Materials - Property of IBM
5
* trousers - An open source TCG Software Stack
7
* (C) Copyright International Business Machines Corp. 2004-2006
17
#include "trousers/tss.h"
18
#include "trousers_types.h"
20
#include "tcs_utils.h"
21
#include "tcs_int_literals.h"
22
#include "capabilities.h"
24
#include "tcsd_wrap.h"
26
#include "tcs_utils.h"
27
#include "rpc_tcstp_tcs.h"
31
tcs_common_Seal(UINT32 sealOrdinal,
32
struct tcsd_thread_data *data)
35
TCS_CONTEXT_HANDLE hContext;
36
TCS_KEY_HANDLE keyHandle;
37
TCPA_ENCAUTH KeyUsageAuth;
38
UINT32 PCRInfoSize, inDataSize;
39
BYTE *PCRInfo = NULL, *inData = NULL;
40
TPM_AUTH emptyAuth, pubAuth, *pAuth;
46
memset(&emptyAuth, 0, sizeof(TPM_AUTH));
47
memset(&pubAuth, 0, sizeof(TPM_AUTH));
49
if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm))
50
return TCSERR(TSS_E_INTERNAL_ERROR);
52
LogDebugFn("thread %zd context %x", THREAD_ID, hContext);
54
if (getData(TCSD_PACKET_TYPE_UINT32, i++, &keyHandle, 0, &data->comm))
55
return TCSERR(TSS_E_INTERNAL_ERROR);
56
if (getData(TCSD_PACKET_TYPE_ENCAUTH, i++, &KeyUsageAuth, 0, &data->comm))
57
return TCSERR(TSS_E_INTERNAL_ERROR);
58
if (getData(TCSD_PACKET_TYPE_UINT32, i++, &PCRInfoSize, 0, &data->comm))
59
return TCSERR(TSS_E_INTERNAL_ERROR);
61
if (PCRInfoSize > 0) {
62
PCRInfo = calloc(1, PCRInfoSize);
63
if (PCRInfo == NULL) {
64
LogError("malloc of %u bytes failed.", PCRInfoSize);
65
return TCSERR(TSS_E_OUTOFMEMORY);
68
if (getData(TCSD_PACKET_TYPE_PBYTE, i++, PCRInfo, PCRInfoSize, &data->comm)) {
70
return TCSERR(TSS_E_INTERNAL_ERROR);
74
if (getData(TCSD_PACKET_TYPE_UINT32, i++, &inDataSize, 0, &data->comm)) {
76
return TCSERR(TSS_E_INTERNAL_ERROR);
80
inData = calloc(1, inDataSize);
82
LogError("malloc of %u bytes failed.", inDataSize);
84
return TCSERR(TSS_E_OUTOFMEMORY);
87
if (getData(TCSD_PACKET_TYPE_PBYTE, i++, inData, inDataSize, &data->comm)) {
90
return TCSERR(TSS_E_INTERNAL_ERROR);
94
result = getData(TCSD_PACKET_TYPE_AUTH, i++, &pubAuth, 0, &data->comm);
95
if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
104
MUTEX_LOCK(tcsp_lock);
106
result = TCSP_Seal_Internal(sealOrdinal, hContext, keyHandle, KeyUsageAuth, PCRInfoSize,
107
PCRInfo, inDataSize, inData, pAuth, &outDataSize, &outData);
109
MUTEX_UNLOCK(tcsp_lock);
113
if (result == TSS_SUCCESS) {
114
initData(&data->comm, 3);
116
if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
118
return TCSERR(TSS_E_INTERNAL_ERROR);
122
if (setData(TCSD_PACKET_TYPE_UINT32, 1, &outDataSize, 0, &data->comm)) {
124
return TCSERR(TSS_E_INTERNAL_ERROR);
126
if (setData(TCSD_PACKET_TYPE_PBYTE, 2, outData, outDataSize, &data->comm)) {
128
return TCSERR(TSS_E_INTERNAL_ERROR);
132
initData(&data->comm, 0);
134
data->comm.hdr.u.result = result;
140
tcs_wrap_Seal(struct tcsd_thread_data *data)
142
return tcs_common_Seal(TPM_ORD_Seal, data);
145
#ifdef TSS_BUILD_SEALX
147
tcs_wrap_Sealx(struct tcsd_thread_data *data)
149
return tcs_common_Seal(TPM_ORD_Sealx, data);
154
tcs_wrap_UnSeal(struct tcsd_thread_data *data)
156
TCS_CONTEXT_HANDLE hContext;
157
TCS_KEY_HANDLE parentHandle;
161
TPM_AUTH parentAuth, dataAuth, emptyAuth;
162
TPM_AUTH *pParentAuth, *pDataAuth;
168
memset(&emptyAuth, 0, sizeof(TPM_AUTH));
170
if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
171
return TCSERR(TSS_E_INTERNAL_ERROR);
173
LogDebugFn("thread %zd context %x", THREAD_ID, hContext);
175
if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm))
176
return TCSERR(TSS_E_INTERNAL_ERROR);
177
if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm))
178
return TCSERR(TSS_E_INTERNAL_ERROR);
180
inData = calloc(1, inDataSize);
181
if (inData == NULL) {
182
LogError("malloc of %d bytes failed.", inDataSize);
183
return TCSERR(TSS_E_OUTOFMEMORY);
186
if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) {
188
return TCSERR(TSS_E_INTERNAL_ERROR);
191
result = getData(TCSD_PACKET_TYPE_AUTH, 4, &parentAuth, 0, &data->comm);
192
if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
198
pParentAuth = &parentAuth;
200
result = getData(TCSD_PACKET_TYPE_AUTH, 5, &dataAuth, 0, &data->comm);
201
if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) {
202
pDataAuth = pParentAuth;
208
pDataAuth = &dataAuth;
210
MUTEX_LOCK(tcsp_lock);
212
result = TCSP_Unseal_Internal(hContext, parentHandle, inDataSize, inData, pParentAuth,
213
pDataAuth, &outDataSize, &outData);
215
MUTEX_UNLOCK(tcsp_lock);
218
if (result == TSS_SUCCESS) {
219
initData(&data->comm, 4);
220
if (pParentAuth != NULL) {
221
if (setData(TCSD_PACKET_TYPE_AUTH, 0, pParentAuth, 0, &data->comm)) {
223
return TCSERR(TSS_E_INTERNAL_ERROR);
226
if (setData(TCSD_PACKET_TYPE_AUTH, 0, &emptyAuth, 0, &data->comm)) {
228
return TCSERR(TSS_E_INTERNAL_ERROR);
232
if (setData(TCSD_PACKET_TYPE_AUTH, 1, &dataAuth, 0, &data->comm)) {
234
return TCSERR(TSS_E_INTERNAL_ERROR);
236
if (setData(TCSD_PACKET_TYPE_UINT32, 2, &outDataSize, 0, &data->comm)) {
238
return TCSERR(TSS_E_INTERNAL_ERROR);
240
if (setData(TCSD_PACKET_TYPE_PBYTE, 3, outData, outDataSize, &data->comm)) {
242
return TCSERR(TSS_E_INTERNAL_ERROR);
246
initData(&data->comm, 0);
248
data->comm.hdr.u.result = result;