3
* Licensed Materials - Property of IBM
5
* trousers - An open source TCG Software Stack
7
* (C) Copyright International Business Machines Corp. 2004
17
#include "trousers/tss.h"
18
#include "trousers_types.h"
20
#include "tcs_utils.h"
21
#include "tcs_int_literals.h"
22
#include "capabilities.h"
30
TCSP_MakeIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
31
TCPA_ENCAUTH identityAuth, /* in */
32
TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
33
UINT32 idKeyInfoSize, /* in */
34
BYTE * idKeyInfo, /* in */
35
TPM_AUTH * pSrkAuth, /* in, out */
36
TPM_AUTH * pOwnerAuth, /* in, out */
37
UINT32 * idKeySize, /* out */
38
BYTE ** idKey, /* out */
39
UINT32 * pcIdentityBindingSize, /* out */
40
BYTE ** prgbIdentityBinding, /* out */
41
UINT32 * pcEndorsementCredentialSize, /* out */
42
BYTE ** prgbEndorsementCredential, /* out */
43
UINT32 * pcPlatformCredentialSize, /* out */
44
BYTE ** prgbPlatformCredential, /* out */
45
UINT32 * pcConformanceCredentialSize, /* out */
46
BYTE ** prgbConformanceCredential) /* out */
51
BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
53
if ((result = ctx_verify_context(hContext)))
56
if (pSrkAuth != NULL) {
57
LogDebug("SRK Auth Used");
58
if ((result = auth_mgr_check(hContext, &pSrkAuth->AuthHandle)))
61
LogDebug("No SRK Auth");
64
if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
68
if ((result = tpm_rqu_build(TPM_ORD_MakeIdentity, &offset, txBlob, identityAuth.authdata,
69
IDLabel_PrivCAHash.digest, idKeyInfoSize, idKeyInfo, pSrkAuth,
73
if ((result = req_mgr_submit_req(txBlob)))
76
result = UnloadBlob_Header(txBlob, ¶mSize);
78
if ((result = tpm_rsp_parse(TPM_ORD_MakeIdentity, txBlob, paramSize, idKeySize,
79
idKey, pcIdentityBindingSize, prgbIdentityBinding,
80
pSrkAuth, pOwnerAuth)))
83
/* If an error occurs, these will return NULL */
84
get_credential(TSS_TCS_CREDENTIAL_PLATFORMCERT, pcPlatformCredentialSize,
85
prgbPlatformCredential);
86
get_credential(TSS_TCS_CREDENTIAL_TPM_CC, pcConformanceCredentialSize,
87
prgbConformanceCredential);
88
get_credential(TSS_TCS_CREDENTIAL_EKCERT, pcEndorsementCredentialSize,
89
prgbEndorsementCredential);
91
LogResult("Make Identity", result);
93
auth_mgr_release_auth(pSrkAuth, pOwnerAuth, hContext);
98
TCSP_ActivateTPMIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
99
TCS_KEY_HANDLE idKey, /* in */
100
UINT32 blobSize, /* in */
101
BYTE * blob, /* in */
102
TPM_AUTH * idKeyAuth, /* in, out */
103
TPM_AUTH * ownerAuth, /* in, out */
104
UINT32 * SymmetricKeySize, /* out */
105
BYTE ** SymmetricKey) /* out */
111
BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
113
LogDebug("TCSP_ActivateTPMIdentity");
115
if ((result = ctx_verify_context(hContext)))
118
if (idKeyAuth != NULL) {
119
if ((result = auth_mgr_check(hContext, &idKeyAuth->AuthHandle)))
122
if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
125
if ((result = ensureKeyIsLoaded(hContext, idKey, &keySlot)))
129
if ((result = tpm_rqu_build(TPM_ORD_ActivateIdentity, &offset, txBlob, keySlot, blobSize,
130
blob, idKeyAuth, ownerAuth)))
133
if ((result = req_mgr_submit_req(txBlob)))
136
result = UnloadBlob_Header(txBlob, ¶mSize);
138
if ((result = tpm_rsp_parse(TPM_ORD_ActivateIdentity, txBlob, paramSize,
139
SymmetricKeySize, SymmetricKey, idKeyAuth, ownerAuth)))
144
auth_mgr_release_auth(idKeyAuth, ownerAuth, hContext);
149
TCS_GetCredential_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
150
UINT32 ulCredentialType, /* in */
151
UINT32 ulCredentialAccessMode, /* in */
152
UINT32 * pulCredentialSize, /* out */
153
BYTE ** prgbCredentialData) /* out */
157
if ((result = ctx_verify_context(hContext)))
160
if ((ulCredentialType != TSS_TCS_CREDENTIAL_EKCERT) &&
161
(ulCredentialType != TSS_TCS_CREDENTIAL_TPM_CC) &&
162
(ulCredentialType != TSS_TCS_CREDENTIAL_PLATFORMCERT)) {
163
LogError("GetCredential - Unsupported Credential Type");
164
return TCSERR(TSS_E_BAD_PARAMETER);
167
if (ulCredentialAccessMode == TSS_TCS_CERT_ACCESS_AUTO) {
168
get_credential(ulCredentialType, pulCredentialSize, prgbCredentialData);
170
LogError("GetCredential - Unsupported Credential Access Mode");
171
return TCSERR(TSS_E_FAIL);
178
TCSP_MakeIdentity2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
179
TCPA_ENCAUTH identityAuth, /* in */
180
TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
181
UINT32 idKeyInfoSize, /* in */
182
BYTE * idKeyInfo, /* in */
183
TPM_AUTH * pSrkAuth, /* in, out */
184
TPM_AUTH * pOwnerAuth, /* in, out */
185
UINT32 * idKeySize, /* out */
186
BYTE ** idKey, /* out */
187
UINT32 * pcIdentityBindingSize, /* out */
188
BYTE ** prgbIdentityBinding) /* out */
193
BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
195
if ((result = ctx_verify_context(hContext)))
199
if ((result = auth_mgr_check(hContext, &pSrkAuth->AuthHandle)))
203
if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
207
if ((result = tpm_rqu_build(TPM_ORD_MakeIdentity, &offset, txBlob, identityAuth.authdata,
208
IDLabel_PrivCAHash.digest, idKeyInfoSize, idKeyInfo, pSrkAuth,
212
if ((result = req_mgr_submit_req(txBlob)))
215
result = UnloadBlob_Header(txBlob, ¶mSize);
217
if ((result = tpm_rsp_parse(TPM_ORD_MakeIdentity, txBlob, paramSize, idKeySize,
218
idKey, pcIdentityBindingSize, prgbIdentityBinding,
219
pSrkAuth, pOwnerAuth)))
222
LogResult("Make Identity", result);
224
auth_mgr_release_auth(pSrkAuth, pOwnerAuth, hContext);