← Back to branch summary

~ubuntu-branches/ubuntu/hardy/trousers/hardy-proposed

« back to all changes in this revision

Viewing changes to src/tspi/tspi_transport.c

  • Committer: Bazaar Package Importer
  • Author(s): Daniel Baumann
  • Date: 2008-01-23 22:03:00 UTC
  • mfrom: (1.1.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20080123220300-fhtqja3c0oq0gp6z
Tags: 0.3.1-4
http://bugs.debian.org/457400
http://bugs.debian.org/459682
* Added patch from Aaron M. Ucko <ucko@debian.org> to allow trousers to
  build successfully on amd64, and presumably also other 64-bit
  architectures (Closes: #457400).
* Including udev rule for /dev/tpm from William Lima
  <wlima.amadeus@gmail.com> as suggested by David Smith <dds@google.com>
  (Closes: #459682).
* Added lintian overrides.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/tspi/tspi_transport.c
 
1
 
 
2
/*
 
3
 * Licensed Materials - Property of IBM
 
4
 *
 
5
 * trousers - An open source TCG Software Stack
 
6
 *
 
7
 * (C) Copyright International Business Machines Corp. 2004-2007
 
8
 *
 
9
 */
 
10
 
 
11
 
 
12
#include <stdlib.h>
 
13
#include <stdio.h>
 
14
#include <string.h>
 
15
#include <inttypes.h>
 
16
 
 
17
#include "trousers/tss.h"
 
18
#include "trousers/trousers.h"
 
19
#include "trousers_types.h"
 
20
#include "spi_utils.h"
 
21
#include "capabilities.h"
 
22
#include "tsplog.h"
 
23
#include "obj.h"
 
24
 
 
25
 
 
26
TSS_RESULT
 
27
Tspi_Context_SetTransEncryptionKey(TSS_HCONTEXT hContext,       /* in */
 
28
                                   TSS_HKEY     hIdentKey)      /* in */
 
29
{
 
30
        if (!obj_is_rsakey(hIdentKey))
 
31
                return TSPERR(TSS_E_INVALID_HANDLE);
 
32
 
 
33
        return obj_context_set_transport_key(hContext, hIdentKey);
 
34
}
 
35
 
 
36
TSS_RESULT
 
37
Tspi_Context_CloseSignTransport(TSS_HCONTEXT    hContext,               /* in */
 
38
                                TSS_HKEY        hSigningKey,            /* in */
 
39
                                TSS_VALIDATION* pValidationData)        /* in, out */
 
40
{
 
41
        TSS_RESULT result;
 
42
        TSS_HPOLICY hPolicy;
 
43
        TSS_BOOL usesAuth;
 
44
        UINT32 sigLen;
 
45
        BYTE *sig;
 
46
        UINT64 offset;
 
47
        Trspi_HashCtx hashCtx;
 
48
        TPM_DIGEST digest;
 
49
        TPM_SIGN_INFO signInfo;
 
50
 
 
51
        if (!obj_is_context(hContext))
 
52
                return TSPERR(TSS_E_INVALID_HANDLE);
 
53
 
 
54
        if ((result = obj_rsakey_get_policy(hSigningKey, TSS_POLICY_USAGE, &hPolicy, &usesAuth)))
 
55
                return result;
 
56
 
 
57
        if (pValidationData) {
 
58
                if (pValidationData->ulExternalDataLength != sizeof(TPM_NONCE))
 
59
                        return TSPERR(TSS_E_BAD_PARAMETER);
 
60
 
 
61
                memcpy(signInfo.replay.nonce, pValidationData->rgbExternalData, sizeof(TPM_NONCE));
 
62
        } else {
 
63
                if ((result = get_local_random(hContext, FALSE, sizeof(TPM_NONCE),
 
64
                                               (BYTE **)&signInfo.replay.nonce)))
 
65
                        return result;
 
66
        }
 
67
 
 
68
        /* the transport sessions properties are kept in the context object itself, so just pass
 
69
         * in what this function provides and let it call ReleaseTransportSigned */
 
70
        if ((result = obj_context_transport_close(hContext, hSigningKey, hPolicy, usesAuth,
 
71
                                                  &signInfo, &sigLen, &sig)))
 
72
                return result;
 
73
 
 
74
        /* inside obj_context_transport_close we set up all the fields of the sign info structure
 
75
         * other than the tag and 'fixed' */
 
76
        signInfo.tag = TPM_TAG_SIGNINFO;
 
77
        signInfo.fixed[0] = 'T';
 
78
        signInfo.fixed[1] = 'R';
 
79
        signInfo.fixed[2] = 'A';
 
80
        signInfo.fixed[3] = 'N';
 
81
 
 
82
        /* hash the sign info struct for use in verifying the TPM's signature */
 
83
        result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
 
84
        result |= Trspi_Hash_SIGN_INFO(&hashCtx, &signInfo);
 
85
        if ((result |= Trspi_HashFinal(&hashCtx, digest.digest))) {
 
86
                free(sig);
 
87
                return TSPERR(TSS_E_INTERNAL_ERROR);
 
88
        }
 
89
 
 
90
        offset = 0;
 
91
        if (pValidationData) {
 
92
                /* tag the returned allocated memory as alloc'd by the TSP */
 
93
                if ((result = add_mem_entry(hContext, sig))) {
 
94
                        free(sig);
 
95
                        return TSPERR(TSS_E_INTERNAL_ERROR);
 
96
                }
 
97
                pValidationData->rgbValidationData = sig;
 
98
                pValidationData->ulValidationDataLength = sigLen;
 
99
 
 
100
                /* passing a NULL blob here puts the exact size of TPM_SIGN_INFO into offset */
 
101
                Trspi_LoadBlob_SIGN_INFO(&offset, NULL, &signInfo);
 
102
                pValidationData->rgbData = calloc_tspi(hContext, offset);
 
103
                if (pValidationData->rgbData == NULL) {
 
104
                        LogError("malloc of %" PRIu64 " bytes failed.", offset);
 
105
                        free_tspi(hContext, pValidationData->rgbValidationData);
 
106
                        pValidationData->rgbValidationData = NULL;
 
107
                        pValidationData->ulValidationDataLength = 0;
 
108
                        return TSPERR(TSS_E_OUTOFMEMORY);
 
109
                }
 
110
                pValidationData->ulDataLength = (UINT32)offset;
 
111
 
 
112
                offset = 0;
 
113
                Trspi_LoadBlob_SIGN_INFO(&offset, pValidationData->rgbData, &signInfo);
 
114
        } else
 
115
                result = rsa_verify(hSigningKey, TSS_HASH_SHA1, sizeof(TPM_DIGEST), digest.digest,
 
116
                                    sigLen, sig);
 
117
 
 
118
        return result;
 
119
}