← Back to branch summary

~ubuntu-branches/ubuntu/hardy/trousers/hardy-proposed

« back to all changes in this revision

Viewing changes to src/tcs/tcsi_aik.c

  • Committer: Bazaar Package Importer
  • Author(s): Daniel Baumann
  • Date: 2008-01-23 22:03:00 UTC
  • mfrom: (1.1.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20080123220300-fhtqja3c0oq0gp6z
Tags: 0.3.1-4
http://bugs.debian.org/457400
http://bugs.debian.org/459682
* Added patch from Aaron M. Ucko <ucko@debian.org> to allow trousers to
  build successfully on amd64, and presumably also other 64-bit
  architectures (Closes: #457400).
* Including udev rule for /dev/tpm from William Lima
  <wlima.amadeus@gmail.com> as suggested by David Smith <dds@google.com>
  (Closes: #459682).
* Added lintian overrides.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/tcs/tcsi_aik.c
 
1
 
 
2
/*
 
3
 * Licensed Materials - Property of IBM
 
4
 *
 
5
 * trousers - An open source TCG Software Stack
 
6
 *
 
7
 * (C) Copyright International Business Machines Corp. 2004
 
8
 *
 
9
 */
 
10
 
 
11
 
 
12
#include <stdlib.h>
 
13
#include <stdio.h>
 
14
#include <string.h>
 
15
#include <inttypes.h>
 
16
 
 
17
#include "trousers/tss.h"
 
18
#include "trousers_types.h"
 
19
#include "tcs_tsp.h"
 
20
#include "tcs_utils.h"
 
21
#include "tcs_int_literals.h"
 
22
#include "capabilities.h"
 
23
#include "tcslog.h"
 
24
#include "tcsps.h"
 
25
#include "req_mgr.h"
 
26
#include "tcs_aik.h"
 
27
 
 
28
 
 
29
TSS_RESULT
 
30
TCSP_MakeIdentity_Internal(TCS_CONTEXT_HANDLE hContext,                 /* in  */
 
31
                           TCPA_ENCAUTH identityAuth,                   /* in */
 
32
                           TCPA_CHOSENID_HASH IDLabel_PrivCAHash,       /* in */
 
33
                           UINT32 idKeyInfoSize,                        /* in */
 
34
                           BYTE * idKeyInfo,                            /* in */
 
35
                           TPM_AUTH * pSrkAuth,                         /* in, out */
 
36
                           TPM_AUTH * pOwnerAuth,                       /* in, out */
 
37
                           UINT32 * idKeySize,                          /* out */
 
38
                           BYTE ** idKey,                               /* out */
 
39
                           UINT32 * pcIdentityBindingSize,              /* out */
 
40
                           BYTE ** prgbIdentityBinding,                 /* out */
 
41
                           UINT32 * pcEndorsementCredentialSize,        /* out */
 
42
                           BYTE ** prgbEndorsementCredential,           /* out */
 
43
                           UINT32 * pcPlatformCredentialSize,           /* out */
 
44
                           BYTE ** prgbPlatformCredential,              /* out */
 
45
                           UINT32 * pcConformanceCredentialSize,        /* out */
 
46
                           BYTE ** prgbConformanceCredential)           /* out */
 
47
{
 
48
        UINT64 offset;
 
49
        UINT32 paramSize;
 
50
        TSS_RESULT result;
 
51
        BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
 
52
 
 
53
        if ((result = ctx_verify_context(hContext)))
 
54
                goto done;
 
55
 
 
56
        if (pSrkAuth != NULL) {
 
57
                LogDebug("SRK Auth Used");
 
58
                if ((result = auth_mgr_check(hContext, &pSrkAuth->AuthHandle)))
 
59
                        goto done;
 
60
        } else {
 
61
                LogDebug("No SRK Auth");
 
62
        }
 
63
 
 
64
        if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
 
65
                goto done;
 
66
 
 
67
        offset = 0;
 
68
        if ((result = tpm_rqu_build(TPM_ORD_MakeIdentity, &offset, txBlob, identityAuth.authdata,
 
69
                                    IDLabel_PrivCAHash.digest, idKeyInfoSize, idKeyInfo, pSrkAuth,
 
70
                                    pOwnerAuth)))
 
71
                goto done;
 
72
 
 
73
        if ((result = req_mgr_submit_req(txBlob)))
 
74
                goto done;
 
75
 
 
76
        result = UnloadBlob_Header(txBlob, &paramSize);
 
77
        if (!result) {
 
78
                if ((result = tpm_rsp_parse(TPM_ORD_MakeIdentity, txBlob, paramSize, idKeySize,
 
79
                                            idKey, pcIdentityBindingSize, prgbIdentityBinding,
 
80
                                            pSrkAuth, pOwnerAuth)))
 
81
                        goto done;
 
82
 
 
83
                /* If an error occurs, these will return NULL */
 
84
                get_credential(TSS_TCS_CREDENTIAL_PLATFORMCERT, pcPlatformCredentialSize,
 
85
                               prgbPlatformCredential);
 
86
                get_credential(TSS_TCS_CREDENTIAL_TPM_CC, pcConformanceCredentialSize,
 
87
                               prgbConformanceCredential);
 
88
                get_credential(TSS_TCS_CREDENTIAL_EKCERT, pcEndorsementCredentialSize,
 
89
                               prgbEndorsementCredential);
 
90
        }
 
91
        LogResult("Make Identity", result);
 
92
done:
 
93
        auth_mgr_release_auth(pSrkAuth, pOwnerAuth, hContext);
 
94
        return result;
 
95
}
 
96
 
 
97
TSS_RESULT
 
98
TCSP_ActivateTPMIdentity_Internal(TCS_CONTEXT_HANDLE hContext,  /* in */
 
99
                                  TCS_KEY_HANDLE idKey, /* in */
 
100
                                  UINT32 blobSize,      /* in */
 
101
                                  BYTE * blob,  /* in */
 
102
                                  TPM_AUTH * idKeyAuth, /* in, out */
 
103
                                  TPM_AUTH * ownerAuth, /* in, out */
 
104
                                  UINT32 * SymmetricKeySize,    /* out */
 
105
                                  BYTE ** SymmetricKey) /* out */
 
106
{
 
107
        UINT64 offset;
 
108
        TSS_RESULT result;
 
109
        UINT32 paramSize;
 
110
        UINT32 keySlot;
 
111
        BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
 
112
 
 
113
        LogDebug("TCSP_ActivateTPMIdentity");
 
114
 
 
115
        if ((result = ctx_verify_context(hContext)))
 
116
                goto done;
 
117
 
 
118
        if (idKeyAuth != NULL) {
 
119
                if ((result = auth_mgr_check(hContext, &idKeyAuth->AuthHandle)))
 
120
                        goto done;
 
121
        }
 
122
        if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
 
123
                goto done;
 
124
 
 
125
        if ((result = ensureKeyIsLoaded(hContext, idKey, &keySlot)))
 
126
                goto done;
 
127
 
 
128
        offset = 0;
 
129
        if ((result = tpm_rqu_build(TPM_ORD_ActivateIdentity, &offset, txBlob, keySlot, blobSize,
 
130
                                    blob, idKeyAuth, ownerAuth)))
 
131
                goto done;
 
132
 
 
133
        if ((result = req_mgr_submit_req(txBlob)))
 
134
                goto done;
 
135
 
 
136
        result = UnloadBlob_Header(txBlob, &paramSize);
 
137
        if (!result) {
 
138
                if ((result = tpm_rsp_parse(TPM_ORD_ActivateIdentity, txBlob, paramSize,
 
139
                                            SymmetricKeySize, SymmetricKey, idKeyAuth, ownerAuth)))
 
140
                        goto done;
 
141
        }
 
142
 
 
143
done:
 
144
        auth_mgr_release_auth(idKeyAuth, ownerAuth, hContext);
 
145
        return result;
 
146
}
 
147
 
 
148
TSS_RESULT
 
149
TCS_GetCredential_Internal(TCS_CONTEXT_HANDLE hContext,         /* in  */
 
150
                           UINT32 ulCredentialType,             /* in */
 
151
                           UINT32 ulCredentialAccessMode,       /* in */
 
152
                           UINT32 * pulCredentialSize,          /* out */
 
153
                           BYTE ** prgbCredentialData)          /* out */
 
154
{
 
155
        TSS_RESULT result;
 
156
 
 
157
        if ((result = ctx_verify_context(hContext)))
 
158
                return result;
 
159
 
 
160
        if ((ulCredentialType != TSS_TCS_CREDENTIAL_EKCERT) &&
 
161
            (ulCredentialType != TSS_TCS_CREDENTIAL_TPM_CC) &&
 
162
            (ulCredentialType != TSS_TCS_CREDENTIAL_PLATFORMCERT)) {
 
163
                LogError("GetCredential - Unsupported Credential Type");
 
164
                return TCSERR(TSS_E_BAD_PARAMETER);
 
165
        }
 
166
 
 
167
        if (ulCredentialAccessMode == TSS_TCS_CERT_ACCESS_AUTO) {
 
168
                get_credential(ulCredentialType, pulCredentialSize, prgbCredentialData);
 
169
        } else {
 
170
                LogError("GetCredential - Unsupported Credential Access Mode");
 
171
                return TCSERR(TSS_E_FAIL);
 
172
        }
 
173
 
 
174
        return TSS_SUCCESS;
 
175
}
 
176
 
 
177
TSS_RESULT
 
178
TCSP_MakeIdentity2_Internal(TCS_CONTEXT_HANDLE hContext,                /* in  */
 
179
                            TCPA_ENCAUTH identityAuth,                  /* in */
 
180
                            TCPA_CHOSENID_HASH IDLabel_PrivCAHash,      /* in */
 
181
                            UINT32 idKeyInfoSize,                       /* in */
 
182
                            BYTE * idKeyInfo,                           /* in */
 
183
                            TPM_AUTH * pSrkAuth,                        /* in, out */
 
184
                            TPM_AUTH * pOwnerAuth,                      /* in, out */
 
185
                            UINT32 * idKeySize,                         /* out */
 
186
                            BYTE ** idKey,                              /* out */
 
187
                            UINT32 * pcIdentityBindingSize,             /* out */
 
188
                            BYTE ** prgbIdentityBinding)                /* out */
 
189
{
 
190
        UINT64 offset;
 
191
        UINT32 paramSize;
 
192
        TSS_RESULT result;
 
193
        BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
 
194
 
 
195
        if ((result = ctx_verify_context(hContext)))
 
196
                goto done;
 
197
 
 
198
        if (pSrkAuth) {
 
199
                if ((result = auth_mgr_check(hContext, &pSrkAuth->AuthHandle)))
 
200
                        goto done;
 
201
        }
 
202
 
 
203
        if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
 
204
                goto done;
 
205
 
 
206
        offset = 0;
 
207
        if ((result = tpm_rqu_build(TPM_ORD_MakeIdentity, &offset, txBlob, identityAuth.authdata,
 
208
                                    IDLabel_PrivCAHash.digest, idKeyInfoSize, idKeyInfo, pSrkAuth,
 
209
                                    pOwnerAuth)))
 
210
                goto done;
 
211
 
 
212
        if ((result = req_mgr_submit_req(txBlob)))
 
213
                goto done;
 
214
 
 
215
        result = UnloadBlob_Header(txBlob, &paramSize);
 
216
        if (!result) {
 
217
                if ((result = tpm_rsp_parse(TPM_ORD_MakeIdentity, txBlob, paramSize, idKeySize,
 
218
                                            idKey, pcIdentityBindingSize, prgbIdentityBinding,
 
219
                                            pSrkAuth, pOwnerAuth)))
 
220
                        goto done;
 
221
        }
 
222
        LogResult("Make Identity", result);
 
223
done:
 
224
        auth_mgr_release_auth(pSrkAuth, pOwnerAuth, hContext);
 
225
        return result;
 
226
}
 
227