3
* Licensed Materials - Property of IBM
5
* trousers - An open source TCG Software Stack
7
* (C) Copyright International Business Machines Corp. 2004-2006
16
#include "trousers/tss.h"
17
#include "trousers/trousers.h"
18
#include "trousers_types.h"
19
#include "spi_internal_types.h"
20
#include "spi_utils.h"
21
#include "capabilities.h"
25
#include "hosttable.h"
26
#include "tcsd_wrap.h"
32
Tspi_Context_Create(TSS_HCONTEXT * phContext) /* out */
34
if (phContext == NULL)
35
return TSPERR(TSS_E_BAD_PARAMETER);
37
return obj_context_add(phContext);
41
Tspi_Context_Close(TSS_HCONTEXT tspContext) /* in */
45
if (!obj_is_context(tspContext))
46
return TSPERR(TSS_E_INVALID_HANDLE);
48
/* Have the TCS do its thing */
49
result = TCS_CloseContext(tspContext);
51
/* Note: Memory that was returned to the app that was alloc'd by this
52
* context isn't free'd here. Any memory that the app doesn't explicitly
53
* free is left for it to free itself. */
55
/* Destroy all objects */
56
obj_close_context(tspContext);
58
/* close the ps file */
61
/* We're not a connected context, so just exit */
66
Tspi_Context_Connect(TSS_HCONTEXT tspContext, /* in */
67
UNICODE *wszDestination) /* in */
70
BYTE *machine_name = NULL;
72
UINT32 string_len = 0;
74
if (wszDestination == NULL) {
75
if ((result = obj_context_get_machine_name(tspContext,
80
if ((result = TCS_OpenContext_RPC(tspContext, machine_name,
81
CONNECTION_TYPE_TCP_PERSISTANT)))
85
Trspi_UNICODE_To_Native((BYTE *)wszDestination, NULL)) == NULL) {
86
LogError("Error converting hostname to UTF-8");
87
return TSPERR(TSS_E_INTERNAL_ERROR);
90
if ((result = TCS_OpenContext_RPC(tspContext, machine_name,
91
CONNECTION_TYPE_TCP_PERSISTANT)))
94
if ((result = obj_context_set_machine_name(tspContext, machine_name,
95
strlen((char *)machine_name)+1)))
99
if ((obj_tpm_add(tspContext, &hTpm))) {
100
TCS_CloseContext(tspContext);
101
return TSPERR(TSS_E_INTERNAL_ERROR);
108
Tspi_Context_FreeMemory(TSS_HCONTEXT tspContext, /* in */
109
BYTE * rgbMemory) /* in */
111
if (!obj_is_context(tspContext))
112
return TSPERR(TSS_E_INVALID_HANDLE);
114
return free_tspi(tspContext, rgbMemory);
118
Tspi_Context_GetDefaultPolicy(TSS_HCONTEXT tspContext, /* in */
119
TSS_HPOLICY * phPolicy) /* out */
121
if (phPolicy == NULL )
122
return TSPERR(TSS_E_BAD_PARAMETER);
124
if (!obj_is_context(tspContext))
125
return TSPERR(TSS_E_INVALID_HANDLE);
127
return obj_context_get_policy(tspContext, phPolicy);
131
Tspi_Context_CreateObject(TSS_HCONTEXT tspContext, /* in */
132
TSS_FLAG objectType, /* in */
133
TSS_FLAG initFlags, /* in */
134
TSS_HOBJECT * phObject) /* out */
138
if (phObject == NULL)
139
return TSPERR(TSS_E_BAD_PARAMETER);
141
if (!obj_is_context(tspContext))
142
return TSPERR(TSS_E_INVALID_HANDLE);
144
switch (objectType) {
145
case TSS_OBJECT_TYPE_POLICY:
147
case TSS_POLICY_MIGRATION:
149
case TSS_POLICY_USAGE:
152
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
155
result = obj_policy_add(tspContext, initFlags, phObject);
157
case TSS_OBJECT_TYPE_RSAKEY:
158
/* If other flags are set that disagree with the SRK, this will
159
* help catch that conflict in the later steps */
160
if (initFlags & TSS_KEY_TSP_SRK) {
161
initFlags |= (TSS_KEY_TYPE_STORAGE | TSS_KEY_NOT_MIGRATABLE |
162
TSS_KEY_NON_VOLATILE | TSS_KEY_SIZE_2048);
165
/* Set default key flags */
167
/* Default key size = 2k */
168
if ((initFlags & TSS_KEY_SIZE_MASK) == 0)
169
initFlags |= TSS_KEY_SIZE_2048;
171
/* Default key type = storage */
172
if ((initFlags & TSS_KEY_TYPE_MASK) == 0)
173
initFlags |= TSS_KEY_TYPE_STORAGE;
175
/* Check the key flags */
176
switch (initFlags & TSS_KEY_SIZE_MASK) {
177
case TSS_KEY_SIZE_512:
179
case TSS_KEY_SIZE_1024:
181
case TSS_KEY_SIZE_2048:
183
case TSS_KEY_SIZE_4096:
185
case TSS_KEY_SIZE_8192:
187
case TSS_KEY_SIZE_16384:
190
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
193
switch (initFlags & TSS_KEY_TYPE_MASK) {
194
case TSS_KEY_TYPE_STORAGE:
196
case TSS_KEY_TYPE_SIGNING:
198
case TSS_KEY_TYPE_BIND:
200
case TSS_KEY_TYPE_AUTHCHANGE:
202
case TSS_KEY_TYPE_LEGACY:
204
case TSS_KEY_TYPE_IDENTITY:
207
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
210
result = obj_rsakey_add(tspContext, initFlags, phObject);
212
case TSS_OBJECT_TYPE_ENCDATA:
213
switch (initFlags & TSS_ENCDATA_TYPE_MASK) {
214
case TSS_ENCDATA_LEGACY:
216
case TSS_ENCDATA_SEAL:
218
case TSS_ENCDATA_BIND:
221
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
224
result = obj_encdata_add(tspContext, (initFlags & TSS_ENCDATA_TYPE_MASK),
227
case TSS_OBJECT_TYPE_PCRS:
228
/* There are no valid flags for a PCRs object */
229
if (initFlags & ~(0UL))
230
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
232
result = obj_pcrs_add(tspContext, phObject);
234
case TSS_OBJECT_TYPE_HASH:
236
case TSS_HASH_DEFAULT:
243
return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
246
result = obj_hash_add(tspContext, initFlags, phObject);
249
LogDebug("Invalid Object type");
250
return TSPERR(TSS_E_INVALID_OBJECT_TYPE);
258
Tspi_Context_CloseObject(TSS_HCONTEXT tspContext, /* in */
259
TSS_HOBJECT hObject) /* in */
263
if (!obj_is_context(tspContext))
264
return TSPERR(TSS_E_INVALID_HANDLE);
266
if (obj_is_pcrs(hObject)) {
267
result = obj_pcrs_remove(hObject, tspContext);
268
} else if (obj_is_encdata(hObject)) {
269
result = obj_encdata_remove(hObject, tspContext);
270
} else if (obj_is_hash(hObject)) {
271
result = obj_hash_remove(hObject, tspContext);
272
} else if (obj_is_rsakey(hObject)) {
273
result = obj_rsakey_remove(hObject, tspContext);
274
} else if (obj_is_policy(hObject)) {
275
result = obj_policy_remove(hObject, tspContext);
277
result = TSPERR(TSS_E_INVALID_HANDLE);
284
Tspi_Context_GetTpmObject(TSS_HCONTEXT tspContext, /* in */
285
TSS_HTPM * phTPM) /* out */
288
return TSPERR(TSS_E_BAD_PARAMETER);
290
if (!obj_is_context(tspContext))
291
return TSPERR(TSS_E_INVALID_HANDLE);
293
return obj_tpm_get(tspContext, phTPM);
297
Tspi_Context_GetCapability(TSS_HCONTEXT tspContext, /* in */
298
TSS_FLAG capArea, /* in */
299
UINT32 ulSubCapLength, /* in */
300
BYTE * rgbSubCap, /* in */
301
UINT32 * pulRespDataLength, /* out */
302
BYTE ** prgbRespData) /* out */
307
if (prgbRespData == NULL || pulRespDataLength == NULL )
308
return TSPERR(TSS_E_BAD_PARAMETER);
310
if (rgbSubCap == NULL && ulSubCapLength != 0)
311
return TSPERR(TSS_E_BAD_PARAMETER);
313
if (ulSubCapLength > sizeof(UINT32))
314
return TSPERR(TSS_E_BAD_PARAMETER);
316
if (!obj_is_context(tspContext))
317
return TSPERR(TSS_E_INVALID_HANDLE);
321
case TSS_TSPCAP_VERSION:
322
case TSS_TSPCAP_PERSSTORAGE:
323
if (capArea == TSS_TSPCAP_ALG) {
324
if (ulSubCapLength != sizeof(UINT32) || !rgbSubCap)
325
return TSPERR(TSS_E_BAD_PARAMETER);
328
result = internal_GetCap(tspContext, capArea,
329
rgbSubCap ? *(UINT32 *)rgbSubCap : 0,
334
case TSS_TCSCAP_VERSION:
335
case TSS_TCSCAP_CACHING:
336
case TSS_TCSCAP_PERSSTORAGE:
337
case TSS_TCSCAP_MANUFACTURER:
338
if (capArea == TSS_TCSCAP_ALG) {
339
if (ulSubCapLength != sizeof(UINT32) || !rgbSubCap)
340
return TSPERR(TSS_E_BAD_PARAMETER);
343
subCap = rgbSubCap ? endian32(*(UINT32 *)rgbSubCap) : 0;
345
result = TCS_GetCapability(tspContext, capArea, ulSubCapLength,
346
(BYTE *)&subCap, pulRespDataLength,
350
result = TSPERR(TSS_E_BAD_PARAMETER);
358
Tspi_Context_LoadKeyByBlob(TSS_HCONTEXT tspContext, /* in */
359
TSS_HKEY hUnwrappingKey, /* in */
360
UINT32 ulBlobLength, /* in */
361
BYTE * rgbBlobData, /* in */
362
TSS_HKEY * phKey) /* out */
371
TCS_KEY_HANDLE parentTCSKeyHandle;
372
TCS_KEY_HANDLE myTCSKeyHandle;
373
TCPA_KEY keyContainer;
377
UINT16 realKeyBlobSize;
378
TCPA_KEY_USAGE keyUsage;
381
if (phKey == NULL || rgbBlobData == NULL )
382
return TSPERR(TSS_E_BAD_PARAMETER);
384
if (!obj_is_context(tspContext) || !obj_is_rsakey(hUnwrappingKey))
385
return TSPERR(TSS_E_INVALID_HANDLE);
387
/* Get the Parent Handle */
388
if ((result = obj_rsakey_get_tcs_handle(hUnwrappingKey, &parentTCSKeyHandle)))
392
if ((result = Trspi_UnloadBlob_KEY(&offset, rgbBlobData, &keyContainer)))
394
realKeyBlobSize = offset;
395
pubLen = keyContainer.pubKey.keyLength;
396
keyUsage = keyContainer.keyUsage;
397
/* free these now, since they're not used below */
398
free_key_refs(&keyContainer);
400
if ((result = obj_rsakey_get_policy(hUnwrappingKey, TSS_POLICY_USAGE,
401
&hPolicy, &useAuth)))
405
/* --- Create the Authorization */
407
Trspi_LoadBlob_UINT32(&offset, TPM_ORD_LoadKey, blob);
408
Trspi_LoadBlob(&offset, ulBlobLength, blob, rgbBlobData);
409
Trspi_Hash(TSS_HASH_SHA1, offset, blob, digest.digest);
411
if ((result = secret_PerformAuth_OIAP(hUnwrappingKey, TPM_ORD_LoadKey,
412
hPolicy, &digest, &auth)))
420
if ((result = TCSP_LoadKeyByBlob(tspContext, parentTCSKeyHandle, ulBlobLength, rgbBlobData,
421
pAuth, &myTCSKeyHandle, &keyslot)))
425
/* --- Validate return auth */
427
Trspi_LoadBlob_UINT32(&offset, result, blob);
428
Trspi_LoadBlob_UINT32(&offset, TPM_ORD_LoadKey, blob);
429
Trspi_LoadBlob_UINT32(&offset, keyslot, blob);
430
Trspi_Hash(TSS_HASH_SHA1, offset, blob, digest.digest);
432
if ((result = obj_policy_validate_auth_oiap(hPolicy, &digest, &auth)))
436
/* --- Create a new Object */
439
initFlags |= TSS_KEY_SIZE_2048;
440
else if (pubLen == 0x80)
441
initFlags |= TSS_KEY_SIZE_1024;
442
else if (pubLen == 0x40)
443
initFlags |= TSS_KEY_SIZE_512;
445
/* clear the key type field */
446
initFlags &= ~TSS_KEY_TYPE_MASK;
448
if (keyUsage == TPM_KEY_STORAGE)
449
initFlags |= TSS_KEY_TYPE_STORAGE;
451
initFlags |= TSS_KEY_TYPE_SIGNING; /* loading the blob
456
if ((result = obj_rsakey_add(tspContext, initFlags, phKey))) {
457
LogDebug("Failed create object");
458
return TSPERR(TSS_E_INTERNAL_ERROR);
461
if ((result = obj_rsakey_set_tcpakey(*phKey,realKeyBlobSize, rgbBlobData))) {
462
LogDebug("Key loaded but failed to setup the key object"
464
return TSPERR(TSS_E_INTERNAL_ERROR);
467
return obj_rsakey_set_tcs_handle(*phKey, myTCSKeyHandle);
471
Tspi_Context_LoadKeyByUUID(TSS_HCONTEXT tspContext, /* in */
472
TSS_FLAG persistentStorageType, /* in */
473
TSS_UUID uuidData, /* in */
474
TSS_HKEY * phKey) /* out */
478
UINT32 keyBlobSize, parentPSType;
479
BYTE *keyBlob = NULL;
480
TCS_KEY_HANDLE tcsKeyHandle;
481
TSS_HKEY parentTspHandle;
482
TCS_LOADKEY_INFO info;
485
return TSPERR(TSS_E_BAD_PARAMETER);
487
if (!obj_is_context(tspContext))
488
return TSPERR(TSS_E_INVALID_HANDLE);
490
/* This key is in the System Persistant storage */
491
if (persistentStorageType == TSS_PS_TYPE_SYSTEM) {
492
memset(&info, 0, sizeof(TCS_LOADKEY_INFO));
494
result = TCSP_LoadKeyByUUID(tspContext, uuidData, &info, &tcsKeyHandle);
496
if (TSS_ERROR_CODE(result) == TCS_E_KM_LOADFAILED) {
500
/* load failed, due to some key in the chain needing auth
501
* which doesn't yet exist at the TCS level. However, the
502
* auth may already be set in policies at the TSP level.
503
* To find out, get the key handle of the key requiring
504
* auth. First, look at the list of keys in memory. */
505
if ((obj_rsakey_get_by_uuid(&info.parentKeyUUID, &keyHandle))) {
506
/* If that failed, look on disk, in User PS. */
507
if (ps_get_key_by_uuid(tspContext, &info.parentKeyUUID,
512
if (obj_rsakey_get_policy(keyHandle, TSS_POLICY_USAGE,
516
if (secret_PerformAuth_OIAP(keyHandle,
518
hPolicy, &info.paramDigest,
522
if ((result = TCSP_LoadKeyByUUID(tspContext, uuidData, &info,
528
if ((result = TCS_GetRegisteredKeyBlob(tspContext, uuidData, &keyBlobSize,
532
if ((result = obj_rsakey_add_by_key(tspContext, &uuidData, keyBlob,
533
TSS_OBJ_FLAG_SYSTEM_PS, phKey))) {
538
result = obj_rsakey_set_tcs_handle(*phKey, tcsKeyHandle);
541
} else if (persistentStorageType == TSS_PS_TYPE_USER) {
542
if ((result = ps_get_parent_uuid_by_uuid(&uuidData, &parentUUID)))
545
/* If the parent is not in memory, recursively call ourselves on it */
546
if (obj_rsakey_get_by_uuid(&parentUUID, &parentTspHandle) != TSS_SUCCESS) {
547
if ((result = ps_get_parent_ps_type_by_uuid(&uuidData, &parentPSType)))
550
if ((result = Tspi_Context_LoadKeyByUUID(tspContext, parentPSType,
551
parentUUID, &parentTspHandle)))
555
if ((result = ps_get_key_by_uuid(tspContext, &uuidData, phKey)))
558
/* The parent is loaded and we have the parent key handle, so call the TCS to
559
* actually load the child. */
560
return Tspi_Key_LoadKey(*phKey, parentTspHandle);
562
return TSPERR(TSS_E_BAD_PARAMETER);
569
Tspi_Context_RegisterKey(TSS_HCONTEXT tspContext, /* in */
570
TSS_HKEY hKey, /* in */
571
TSS_FLAG persistentStorageType, /* in */
572
TSS_UUID uuidKey, /* in */
573
TSS_FLAG persistentStorageTypeParent, /* in */
574
TSS_UUID uuidParentKey) /* in */
581
if (!obj_is_context(tspContext) || !obj_is_rsakey(hKey))
582
return TSPERR(TSS_E_INVALID_HANDLE);
584
if (persistentStorageType == TSS_PS_TYPE_SYSTEM) {
585
if (persistentStorageTypeParent == TSS_PS_TYPE_USER) {
586
return TSPERR(TSS_E_NOTIMPL);
587
} else if (persistentStorageTypeParent == TSS_PS_TYPE_SYSTEM) {
588
if ((result = obj_rsakey_get_blob(hKey, &keyBlobSize,
592
if ((result = TCS_RegisterKey(tspContext, uuidParentKey, uuidKey,
593
keyBlobSize, keyBlob,
594
strlen(PACKAGE_STRING) + 1,
595
(BYTE *)PACKAGE_STRING)))
598
return TSPERR(TSS_E_BAD_PARAMETER);
600
} else if (persistentStorageType == TSS_PS_TYPE_USER) {
601
if ((result = ps_is_key_registered(&uuidKey, &answer)))
605
return TSPERR(TSS_E_KEY_ALREADY_REGISTERED);
607
if ((result = obj_rsakey_get_blob (hKey, &keyBlobSize, &keyBlob)))
610
if ((result = ps_write_key(&uuidKey, &uuidParentKey,
611
persistentStorageTypeParent,
612
keyBlobSize, keyBlob)))
615
return TSPERR(TSS_E_BAD_PARAMETER);
618
if ((result = obj_rsakey_set_uuid(hKey, persistentStorageType, &uuidKey)))
625
Tspi_Context_UnregisterKey(TSS_HCONTEXT tspContext, /* in */
626
TSS_FLAG persistentStorageType, /* in */
627
TSS_UUID uuidKey, /* in */
628
TSS_HKEY *phKey) /* out */
630
BYTE *keyBlob = NULL;
635
return TSPERR(TSS_E_BAD_PARAMETER);
637
if (!obj_is_context(tspContext))
638
return TSPERR(TSS_E_INVALID_HANDLE);
640
if (persistentStorageType == TSS_PS_TYPE_SYSTEM) {
641
/* get the key first, so it doesn't disappear when we
643
if ((result = TCS_GetRegisteredKeyBlob(tspContext, uuidKey, &keyBlobSize,
647
if ((obj_rsakey_add_by_key(tspContext, &uuidKey, keyBlob, TSS_OBJ_FLAG_SYSTEM_PS,
655
/* now unregister it */
656
if ((result = TCSP_UnregisterKey(tspContext, uuidKey)))
658
} else if (persistentStorageType == TSS_PS_TYPE_USER) {
659
if (!obj_is_context(tspContext))
660
return TSPERR(TSS_E_INVALID_HANDLE);
662
/* get the key first, so it doesn't disappear when we
664
if ((result = ps_get_key_by_uuid(tspContext, &uuidKey, phKey)))
667
/* now unregister it */
668
if ((result = ps_remove_key(&uuidKey)))
671
return TSPERR(TSS_E_BAD_PARAMETER);
678
Tspi_Context_GetKeyByUUID(TSS_HCONTEXT tspContext, /* in */
679
TSS_FLAG persistentStorageType, /* in */
680
TSS_UUID uuidData, /* in */
681
TSS_HKEY * phKey) /* out */
684
UINT32 keyBlobSize = 0;
685
BYTE *keyBlob = NULL;
688
return TSPERR(TSS_E_BAD_PARAMETER);
690
if (!obj_is_context(tspContext))
691
return TSPERR(TSS_E_INVALID_HANDLE);
693
if (persistentStorageType == TSS_PS_TYPE_SYSTEM) {
694
if ((result = TCS_GetRegisteredKeyBlob(tspContext, uuidData, &keyBlobSize,
698
if ((obj_rsakey_add_by_key(tspContext, &uuidData, keyBlob, TSS_OBJ_FLAG_SYSTEM_PS,
705
} else if (persistentStorageType == TSS_PS_TYPE_USER) {
706
if (!obj_is_context(tspContext))
707
return TSPERR(TSS_E_INVALID_HANDLE);
709
if ((result = ps_get_key_by_uuid(tspContext, &uuidData, phKey)))
712
return TSPERR(TSS_E_BAD_PARAMETER);
718
Tspi_Context_GetKeyByPublicInfo(TSS_HCONTEXT tspContext, /* in */
719
TSS_FLAG persistentStorageType, /* in */
720
TSS_ALGORITHM_ID algID, /* in */
721
UINT32 ulPublicInfoLength, /* in */
722
BYTE * rgbPublicInfo, /* in */
723
TSS_HKEY * phKey) /* out */
725
TCPA_ALGORITHM_ID tcsAlgID;
729
TSS_HKEY keyOutHandle;
731
TCPA_KEY keyContainer;
735
return TSPERR(TSS_E_BAD_PARAMETER);
737
if (!obj_is_context(tspContext))
738
return TSPERR(TSS_E_INVALID_HANDLE);
742
tcsAlgID = TCPA_ALG_RSA;
745
LogError("Algorithm ID was not type RSA.");
746
return TSPERR(TSS_E_BAD_PARAMETER);
749
if (persistentStorageType == TSS_PS_TYPE_SYSTEM) {
750
if ((result = TCSP_GetRegisteredKeyByPublicInfo(tspContext, tcsAlgID,
751
ulPublicInfoLength, rgbPublicInfo,
752
&keyBlobSize, &keyBlob)))
755
} else if (persistentStorageType == TSS_PS_TYPE_USER) {
756
return ps_get_key_by_pub(tspContext, ulPublicInfoLength, rgbPublicInfo,
759
return TSPERR(TSS_E_BAD_PARAMETER);
761
/* need to setup the init flags of the create object based on
762
* the size of the blob's pubkey */
764
if ((result = Trspi_UnloadBlob_KEY(&offset, keyBlob, &keyContainer))) {
769
/* begin setting up the key object */
770
switch (keyContainer.pubKey.keyLength) {
772
flag |= TSS_KEY_SIZE_16384;
775
flag |= TSS_KEY_SIZE_8192;
778
flag |= TSS_KEY_SIZE_4096;
781
flag |= TSS_KEY_SIZE_2048;
784
flag |= TSS_KEY_SIZE_1024;
787
flag |= TSS_KEY_SIZE_512;
790
LogError("Key was not a known keylength.");
792
free_key_refs(&keyContainer);
793
return TSPERR(TSS_E_INTERNAL_ERROR);
796
if (keyContainer.keyUsage == TPM_KEY_SIGNING)
797
flag |= TSS_KEY_TYPE_SIGNING;
798
else if (keyContainer.keyUsage == TPM_KEY_STORAGE)
799
flag |= TSS_KEY_TYPE_STORAGE;
800
else if (keyContainer.keyUsage == TPM_KEY_IDENTITY)
801
flag |= TSS_KEY_TYPE_IDENTITY;
802
else if (keyContainer.keyUsage == TPM_KEY_AUTHCHANGE)
803
flag |= TSS_KEY_TYPE_AUTHCHANGE;
804
else if (keyContainer.keyUsage == TPM_KEY_BIND)
805
flag |= TSS_KEY_TYPE_BIND;
806
else if (keyContainer.keyUsage == TPM_KEY_LEGACY)
807
flag |= TSS_KEY_TYPE_LEGACY;
809
if (keyContainer.authDataUsage == TPM_AUTH_NEVER)
810
flag |= TSS_KEY_NO_AUTHORIZATION;
812
flag |= TSS_KEY_AUTHORIZATION;
814
if (keyContainer.keyFlags & migratable)
815
flag |= TSS_KEY_MIGRATABLE;
817
flag |= TSS_KEY_NOT_MIGRATABLE;
819
if (keyContainer.keyFlags & volatileKey)
820
flag |= TSS_KEY_VOLATILE;
822
flag |= TSS_KEY_NON_VOLATILE;
824
/* Create a new Key Object */
825
if ((result = obj_rsakey_add(tspContext, flag, &keyOutHandle))) {
827
free_key_refs(&keyContainer);
830
/* Stick the info into this net KeyObject */
831
if ((result = obj_rsakey_set_tcpakey(keyOutHandle, keyBlobSize, keyBlob))) {
833
free_key_refs(&keyContainer);
838
free_key_refs(&keyContainer);
839
*phKey = keyOutHandle;
845
Tspi_Context_GetRegisteredKeysByUUID(TSS_HCONTEXT tspContext, /* in */
846
TSS_FLAG persistentStorageType, /* in */
847
TSS_UUID * pUuidData, /* in */
848
UINT32 * pulKeyHierarchySize, /* out */
849
TSS_KM_KEYINFO ** ppKeyHierarchy) /* out */
852
TSS_KM_KEYINFO *tcsHier, *tspHier;
853
UINT32 tcsHierSize, tspHierSize;
856
if (pulKeyHierarchySize == NULL || ppKeyHierarchy == NULL)
857
return TSPERR(TSS_E_BAD_PARAMETER);
859
if (!obj_is_context(tspContext))
860
return TSPERR(TSS_E_INVALID_HANDLE);
863
if (persistentStorageType == TSS_PS_TYPE_SYSTEM) {
864
if ((result = TCS_EnumRegisteredKeys(tspContext, pUuidData,
868
} else if (persistentStorageType == TSS_PS_TYPE_USER) {
869
if ((result = ps_get_registered_keys(pUuidData, &tcs_uuid,
870
&tspHierSize, &tspHier)))
873
if ((result = TCS_EnumRegisteredKeys(tspContext, &tcs_uuid, &tcsHierSize,
879
result = merge_key_hierarchies(tspContext, tspHierSize, tspHier,
880
tcsHierSize, tcsHier, pulKeyHierarchySize,
885
return TSPERR(TSS_E_BAD_PARAMETER);
887
if ((result = TCS_EnumRegisteredKeys(tspContext, pUuidData, &tcsHierSize,
891
if ((result = ps_get_registered_keys(pUuidData, NULL, &tspHierSize, &tspHier))) {
896
result = merge_key_hierarchies(tspContext, tspHierSize, tspHier, tcsHierSize,
897
tcsHier, pulKeyHierarchySize, ppKeyHierarchy);
902
if ((result = add_mem_entry(tspContext, *ppKeyHierarchy))) {
903
free(*ppKeyHierarchy);
904
*ppKeyHierarchy = NULL;
905
*pulKeyHierarchySize = 0;