← Back to branch summary

~ubuntu-branches/ubuntu/jaunty/trousers/jaunty

« back to all changes in this revision

Viewing changes to src/tcs/tcsi_seal.c

  • Committer: Bazaar Package Importer
  • Author(s): Daniel Baumann
  • Date: 2008-01-23 22:03:00 UTC
  • mfrom: (1.1.1 upstream)
  • Revision ID: james.westby@ubuntu.com-20080123220300-fhtqja3c0oq0gp6z
Tags: 0.3.1-4
http://bugs.debian.org/457400
http://bugs.debian.org/459682
* Added patch from Aaron M. Ucko <ucko@debian.org> to allow trousers to
  build successfully on amd64, and presumably also other 64-bit
  architectures (Closes: #457400).
* Including udev rule for /dev/tpm from William Lima
  <wlima.amadeus@gmail.com> as suggested by David Smith <dds@google.com>
  (Closes: #459682).
* Added lintian overrides.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/tcs/tcsi_seal.c
 
1
 
 
2
/*
 
3
 * Licensed Materials - Property of IBM
 
4
 *
 
5
 * trousers - An open source TCG Software Stack
 
6
 *
 
7
 * (C) Copyright International Business Machines Corp. 2004
 
8
 *
 
9
 */
 
10
 
 
11
 
 
12
#include <stdlib.h>
 
13
#include <stdio.h>
 
14
#include <string.h>
 
15
#include <inttypes.h>
 
16
 
 
17
#include "trousers/tss.h"
 
18
#include "trousers_types.h"
 
19
#include "tcs_tsp.h"
 
20
#include "tcsps.h"
 
21
#include "tcs_utils.h"
 
22
#include "tcs_int_literals.h"
 
23
#include "capabilities.h"
 
24
#include "tcslog.h"
 
25
#include "req_mgr.h"
 
26
#include "tcsd_wrap.h"
 
27
#include "tcsd.h"
 
28
 
 
29
TSS_RESULT
 
30
TCSP_Seal_Internal(UINT32 sealOrdinal,          /* in */
 
31
                   TCS_CONTEXT_HANDLE hContext, /* in */
 
32
                   TCS_KEY_HANDLE keyHandle,    /* in */
 
33
                   TCPA_ENCAUTH encAuth,        /* in */
 
34
                   UINT32 pcrInfoSize,  /* in */
 
35
                   BYTE * PcrInfo,      /* in */
 
36
                   UINT32 inDataSize,   /* in */
 
37
                   BYTE * inData,       /* in */
 
38
                   TPM_AUTH * pubAuth,  /* in, out */
 
39
                   UINT32 * SealedDataSize,     /* out */
 
40
                   BYTE ** SealedData)  /* out */
 
41
{
 
42
        UINT64 offset = 0;
 
43
        TSS_RESULT result;
 
44
        UINT32 paramSize;
 
45
        TCPA_KEY_HANDLE keySlot;
 
46
        BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
 
47
 
 
48
        LogDebug("Entering Seal");
 
49
        if (!pubAuth)
 
50
                return TCSERR(TSS_E_BAD_PARAMETER);
 
51
 
 
52
        if ((result = ctx_verify_context(hContext)))
 
53
                goto done;
 
54
 
 
55
        if ((result = auth_mgr_check(hContext, &pubAuth->AuthHandle)))
 
56
                goto done;
 
57
 
 
58
        if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
 
59
                goto done;
 
60
 
 
61
        /* XXX What's this check for? */
 
62
        if (keySlot == 0) {
 
63
                result = TCSERR(TSS_E_FAIL);
 
64
                goto done;
 
65
        }
 
66
 
 
67
        if ((result = tpm_rqu_build(sealOrdinal, &offset, txBlob, keySlot, encAuth.authdata,
 
68
                                    pcrInfoSize, PcrInfo, inDataSize, inData, pubAuth)))
 
69
                return result;
 
70
 
 
71
        if ((result = req_mgr_submit_req(txBlob)))
 
72
                goto done;
 
73
 
 
74
        offset = 10;
 
75
        result = UnloadBlob_Header(txBlob, &paramSize);
 
76
 
 
77
        if (!result) {
 
78
                result = tpm_rsp_parse(sealOrdinal, txBlob, paramSize, SealedDataSize,
 
79
                                       SealedData, pubAuth);
 
80
        }
 
81
        LogResult("Seal", result);
 
82
done:
 
83
        auth_mgr_release_auth(pubAuth, NULL, hContext);
 
84
        return result;
 
85
}
 
86
 
 
87
TSS_RESULT
 
88
TCSP_Unseal_Internal(TCS_CONTEXT_HANDLE hContext,       /* in */
 
89
                     TCS_KEY_HANDLE parentHandle,       /* in */
 
90
                     UINT32 SealedDataSize,     /* in */
 
91
                     BYTE * SealedData, /* in */
 
92
                     TPM_AUTH * parentAuth,     /* in, out */
 
93
                     TPM_AUTH * dataAuth,       /* in, out */
 
94
                     UINT32 * DataSize, /* out */
 
95
                     BYTE ** Data)      /* out */
 
96
{
 
97
        UINT64 offset = 0;
 
98
        UINT32 paramSize;
 
99
        TSS_RESULT result;
 
100
        TCPA_KEY_HANDLE keySlot;
 
101
        BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
 
102
 
 
103
        LogDebug("Entering Unseal");
 
104
 
 
105
        if (dataAuth == NULL)
 
106
                return TCSERR(TSS_E_BAD_PARAMETER);
 
107
 
 
108
        if ((result = ctx_verify_context(hContext)))
 
109
                goto done;
 
110
 
 
111
        if (parentAuth != NULL) {
 
112
                LogDebug("Auth used");
 
113
                if ((result = auth_mgr_check(hContext, &parentAuth->AuthHandle)))
 
114
                        goto done;
 
115
        } else {
 
116
                LogDebug("No Auth");
 
117
        }
 
118
 
 
119
        if ((result = auth_mgr_check(hContext, &dataAuth->AuthHandle)))
 
120
                goto done;
 
121
 
 
122
        if ((result = ensureKeyIsLoaded(hContext, parentHandle, &keySlot)))
 
123
                goto done;
 
124
 
 
125
        /* XXX What's this check for? */
 
126
        if (keySlot == 0) {
 
127
                result = TCSERR(TSS_E_FAIL);
 
128
                goto done;
 
129
        }
 
130
 
 
131
        if ((result = tpm_rqu_build(TPM_ORD_Unseal, &offset, txBlob, keySlot, SealedDataSize,
 
132
                                    SealedData, parentAuth, dataAuth)))
 
133
                return result;
 
134
 
 
135
        if ((result = req_mgr_submit_req(txBlob)))
 
136
                goto done;
 
137
 
 
138
        offset = 10;
 
139
        result = UnloadBlob_Header(txBlob, &paramSize);
 
140
 
 
141
        if (!result) {
 
142
                result = tpm_rsp_parse(TPM_ORD_Unseal, txBlob, paramSize, DataSize, Data,
 
143
                                       parentAuth, dataAuth);
 
144
        }
 
145
        LogResult("Unseal", result);
 
146
done:
 
147
        auth_mgr_release_auth(parentAuth, dataAuth, hContext);
 
148
        return result;
 
149
}