3
* Licensed Materials - Property of IBM
5
* trousers - An open source TCG Software Stack
7
* (C) Copyright International Business Machines Corp. 2007
16
#include "trousers/tss.h"
17
#include "trousers/trousers.h"
18
#include "trousers_types.h"
19
#include "spi_utils.h"
25
sealx_mask_cb(PVOID lpAppData,
27
TSS_HENCDATA hEncData,
28
TSS_ALGORITHM_ID algId,
32
BYTE *rgbNonceEvenOSAP,
33
BYTE *rgbNonceOddOSAP,
38
UINT32 mgf1SeedLen, sharedSecretLen = sizeof(TPM_DIGEST);
39
BYTE *mgf1Seed, *mgf1Buffer;
42
struct authsess *sess = (struct authsess *)lpAppData;
44
mgf1SeedLen = (ulSizeNonces * 2) + strlen("XOR") + sharedSecretLen;
45
if ((mgf1Seed = (BYTE *)calloc(1, mgf1SeedLen)) == NULL) {
46
LogError("malloc of %u bytes failed.", mgf1SeedLen);
47
return TSPERR(TSS_E_OUTOFMEMORY);
49
mgf1Buffer = mgf1Seed;
50
memcpy(mgf1Buffer, rgbNonceEven, ulSizeNonces);
51
mgf1Buffer += ulSizeNonces;
52
memcpy(mgf1Buffer, rgbNonceOdd, ulSizeNonces);
53
mgf1Buffer += ulSizeNonces;
54
memcpy(mgf1Buffer, "XOR", strlen("XOR"));
55
mgf1Buffer += strlen("XOR");
56
memcpy(mgf1Buffer, sess->sharedSecret.digest, sharedSecretLen);
58
if ((result = Trspi_MGF1(TSS_HASH_SHA1, mgf1SeedLen, mgf1Seed, ulDataLength,
62
for (i = 0; i < ulDataLength; i++)
63
rgbMaskedData[i] ^= rgbDataToMask[i];
71
#ifdef TSS_BUILD_TRANSPORT
73
Transport_Seal(TSS_HCONTEXT tspContext, /* in */
74
TCS_KEY_HANDLE keyHandle, /* in */
75
TCPA_ENCAUTH *encAuth, /* in */
76
UINT32 pcrInfoSize, /* in */
77
BYTE * PcrInfo, /* in */
78
UINT32 inDataSize, /* in */
79
BYTE * inData, /* in */
80
TPM_AUTH * pubAuth, /* in, out */
81
UINT32 * SealedDataSize, /* out */
82
BYTE ** SealedData) /* out */
85
UINT32 handlesLen, decLen, dataLen;
86
TCS_HANDLE *handles, handle;
87
TPM_DIGEST pubKeyHash;
88
Trspi_HashCtx hashCtx;
93
if ((result = obj_context_transport_init(tspContext)))
96
LogDebugFn("Executing in a transport session");
98
if ((result = obj_tcskey_get_pubkeyhash(keyHandle, pubKeyHash.digest)))
101
result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
102
result |= Trspi_Hash_DIGEST(&hashCtx, pubKeyHash.digest);
103
if ((result |= Trspi_HashFinal(&hashCtx, pubKeyHash.digest)))
110
dataLen = (2 * sizeof(UINT32)) + sizeof(TPM_ENCAUTH) + pcrInfoSize + inDataSize;
111
if ((data = malloc(dataLen)) == NULL) {
112
LogError("malloc of %u bytes failed", dataLen);
113
return TSPERR(TSS_E_OUTOFMEMORY);
117
Trspi_LoadBlob_DIGEST(&offset, data, (TPM_DIGEST *)encAuth);
118
Trspi_LoadBlob_UINT32(&offset, pcrInfoSize, data);
119
Trspi_LoadBlob(&offset, pcrInfoSize, data, PcrInfo);
120
Trspi_LoadBlob_UINT32(&offset, inDataSize, data);
121
Trspi_LoadBlob(&offset, inDataSize, data, inData);
123
if ((result = obj_context_transport_execute(tspContext, TPM_ORD_Seal, dataLen, data,
124
&pubKeyHash, &handlesLen, &handles, pubAuth,
125
NULL, &decLen, &dec)))
128
*SealedDataSize = decLen;
135
Transport_Sealx(TSS_HCONTEXT tspContext, /* in */
136
TCS_KEY_HANDLE keyHandle, /* in */
137
TCPA_ENCAUTH *encAuth, /* in */
138
UINT32 pcrInfoSize, /* in */
139
BYTE * PcrInfo, /* in */
140
UINT32 inDataSize, /* in */
141
BYTE * inData, /* in */
142
TPM_AUTH * pubAuth, /* in, out */
143
UINT32 * SealedDataSize, /* out */
144
BYTE ** SealedData) /* out */
147
UINT32 handlesLen, decLen, dataLen;
148
TCS_HANDLE *handles, handle;
149
TPM_DIGEST pubKeyHash;
150
Trspi_HashCtx hashCtx;
155
if ((result = obj_context_transport_init(tspContext)))
158
LogDebugFn("Executing in a transport session");
160
if ((result = obj_tcskey_get_pubkeyhash(keyHandle, pubKeyHash.digest)))
163
result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
164
result |= Trspi_Hash_DIGEST(&hashCtx, pubKeyHash.digest);
165
if ((result |= Trspi_HashFinal(&hashCtx, pubKeyHash.digest)))
172
dataLen = (2 * sizeof(UINT32)) + sizeof(TPM_ENCAUTH) + pcrInfoSize + inDataSize;
173
if ((data = malloc(dataLen)) == NULL) {
174
LogError("malloc of %u bytes failed", dataLen);
175
return TSPERR(TSS_E_OUTOFMEMORY);
179
Trspi_LoadBlob(&offset, sizeof(TPM_ENCAUTH), data, encAuth->authdata);
180
Trspi_LoadBlob_UINT32(&offset, pcrInfoSize, data);
181
Trspi_LoadBlob(&offset, pcrInfoSize, data, PcrInfo);
182
Trspi_LoadBlob_UINT32(&offset, inDataSize, data);
183
Trspi_LoadBlob(&offset, inDataSize, data, inData);
185
if ((result = obj_context_transport_execute(tspContext, TPM_ORD_Sealx, dataLen, data,
186
&pubKeyHash, &handlesLen, &handles, pubAuth,
187
NULL, &decLen, &dec)))
190
*SealedDataSize = decLen;
197
Transport_Unseal(TSS_HCONTEXT tspContext, /* in */
198
TCS_KEY_HANDLE parentHandle, /* in */
199
UINT32 SealedDataSize, /* in */
200
BYTE * SealedData, /* in */
201
TPM_AUTH * parentAuth, /* in, out */
202
TPM_AUTH * dataAuth, /* in, out */
203
UINT32 * DataSize, /* out */
204
BYTE ** Data) /* out */
208
UINT32 handlesLen, decLen;
209
TCS_HANDLE *handles, handle;
210
TPM_DIGEST pubKeyHash;
211
Trspi_HashCtx hashCtx;
215
if ((result = obj_context_transport_init(tspContext)))
218
LogDebugFn("Executing in a transport session");
220
if ((result = obj_tcskey_get_pubkeyhash(parentHandle, pubKeyHash.digest)))
223
result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
224
result |= Trspi_Hash_DIGEST(&hashCtx, pubKeyHash.digest);
225
if ((result |= Trspi_HashFinal(&hashCtx, pubKeyHash.digest)))
229
handle = parentHandle;
232
if ((result = obj_context_transport_execute(tspContext, TPM_ORD_Unseal, SealedDataSize,
233
SealedData, &pubKeyHash, &handlesLen, &handles,
234
parentAuth, dataAuth, &decLen, &dec)))
238
Trspi_UnloadBlob_UINT32(&offset, DataSize, dec);
240
if ((*Data = malloc(*DataSize)) == NULL) {
242
LogError("malloc of %u bytes failed", *DataSize);
243
return TSPERR(TSS_E_OUTOFMEMORY);
245
Trspi_UnloadBlob(&offset, *DataSize, dec, *Data);