3
* Licensed Materials - Property of IBM
5
* trousers - An open source TCG Software Stack
7
* (C) Copyright International Business Machines Corp. 2004, 2005
16
#include <netinet/in.h> // for endian routines
20
TCS_KEY_HANDLE tcs_handle;
27
struct key_mem_cache *parent;
28
struct key_mem_cache *next;
31
extern struct key_mem_cache *key_mem_cache_head;
32
extern pthread_mutex_t mem_cache_lock;
34
#define MIN(a,b) ((a) < (b) ? (a) : (b))
36
#define BOOL(x) ((x) == 0) ? FALSE : TRUE
37
#define INVBOOL(x) ((x) == 0) ? TRUE : FALSE
42
UINT32 UnicodeToArray(BYTE *, UNICODE *);
43
UINT32 ArrayToUnicode(BYTE *, UINT32, UNICODE *);
44
UINT32 StringToUnicodeArray(char *, BYTE *);
46
TSS_RESULT internal_GetRandomNonce(TCS_CONTEXT_HANDLE, TCPA_NONCE *);
48
void *calloc_tspi(TSS_HCONTEXT, UINT32);
49
TSS_RESULT free_tspi(TSS_HCONTEXT, void *);
50
TSS_RESULT add_mem_entry(TSS_HCONTEXT, void *);
54
TSS_RESULT policy_UsesAuth(TSS_HPOLICY, TSS_BOOL *);
56
TSS_RESULT secret_PerformAuth_OIAP(TSS_HOBJECT, UINT32, TSS_HPOLICY, TCPA_DIGEST *,
58
TSS_RESULT secret_PerformXOR_OSAP(TSS_HPOLICY, TSS_HPOLICY, TSS_HPOLICY, TSS_HOBJECT,
59
UINT16, UINT32, TCPA_ENCAUTH *, TCPA_ENCAUTH *,
60
BYTE *, TPM_AUTH *, TCPA_NONCE *);
61
TSS_RESULT secret_PerformAuth_OSAP(TSS_HOBJECT, UINT32, TSS_HPOLICY,
62
TSS_HPOLICY, TSS_HPOLICY, BYTE *,
63
TPM_AUTH *, BYTE *, TCPA_NONCE *);
65
TSS_RESULT secret_ValidateAuth_OSAP(TSS_HOBJECT, UINT32, TSS_HPOLICY,
66
TSS_HPOLICY, TSS_HPOLICY, BYTE *,
67
TPM_AUTH *, BYTE *, TCPA_NONCE *);
69
TSS_RESULT secret_TakeOwnership(TSS_HKEY, TSS_HTPM, TSS_HKEY, TPM_AUTH *,
70
UINT32 *, BYTE *, UINT32 *, BYTE *);
72
#define next( x ) x = x->next
76
UINT16 get_num_pcrs(TCS_CONTEXT_HANDLE);
77
void free_key_refs(TCPA_KEY *);
79
#define UI_MAX_SECRET_STRING_LENGTH 256
80
#define UI_MAX_POPUP_STRING_LENGTH 256
83
#define DisplayPINWindow(a,b,c) \
87
#define DisplayNewPINWindow(a,b,c) \
92
TSS_RESULT DisplayPINWindow(BYTE *, UINT32 *, BYTE *);
93
TSS_RESULT DisplayNewPINWindow(BYTE *, UINT32 *, BYTE *);
96
TSS_RESULT merge_key_hierarchies(TSS_HCONTEXT, UINT32, TSS_KM_KEYINFO *, UINT32, TSS_KM_KEYINFO *,
97
UINT32 *, TSS_KM_KEYINFO **);
99
int pin_mem(void *, size_t);
100
int unpin_mem(void *, size_t);
103
TSS_RESULT internal_GetMachineName(UNICODE *, int);
104
TSS_RESULT internal_GetCap(TSS_HCONTEXT, TSS_FLAG, UINT32, UINT32 *, BYTE **);
106
TSS_RESULT ConnectGuts(TSS_HCONTEXT, UNICODE *, TCS_CONTEXT_HANDLE);
108
/* For an unconnected context that wants to do PCR operations, assume that
109
* the TPM has TSS_DEFAULT_NUM_PCRS pcrs */
110
#define TSS_DEFAULT_NUM_PCRS 16
111
#define TSS_LOCAL_RANDOM_DEVICE "/dev/urandom"
112
#define TSS_LOCALHOST_STRING "localhost"
113
TSS_RESULT get_local_random(TSS_HCONTEXT, UINT32, BYTE **);
115
short get_port(void);
117
#define AUTH_RETRY_NANOSECS 500000000
118
#define AUTH_RETRY_COUNT 5
120
#define endian32(x) htonl(x)
121
#define endian16(x) htons(x)
123
extern TSS_VERSION VERSION_1_1;
127
#define DEBUG_print_openssl_errors() \
129
ERR_load_crypto_strings(); \
130
ERR_print_errors_fp(stderr); \
133
#define DEBUG_print_openssl_errors()
137
TSS_RESULT Init_AuthNonce(TCS_CONTEXT_HANDLE, TPM_AUTH *);
138
TSS_BOOL validateReturnAuth(BYTE *, BYTE *, TPM_AUTH *);
139
void HMAC_Auth(BYTE *, BYTE *, TPM_AUTH *);
140
TSS_RESULT OSAP_Calc(TCS_CONTEXT_HANDLE, UINT16, UINT32, BYTE *, BYTE *, BYTE *,
141
TCPA_ENCAUTH *, TCPA_ENCAUTH *, BYTE *, TPM_AUTH *);
143
UINT16 Decode_UINT16(BYTE *);
144
void UINT32ToArray(UINT32, BYTE *);
145
void UINT16ToArray(UINT16, BYTE *);
146
UINT32 Decode_UINT32(BYTE *);
148
TSS_RESULT popup_GetSecret(UINT32, UINT32, BYTE *, void *);
150
TSS_BOOL check_flagset_collision(TSS_FLAG, UINT32);
151
TSS_RESULT get_tpm_flags(TCS_CONTEXT_HANDLE, TSS_HTPM, UINT32 *, UINT32 *);
152
TSS_RESULT calc_composite_from_object(TCPA_PCR_SELECTION *, TCPA_PCRVALUE *, TCPA_DIGEST *);
154
void LoadBlob_AUTH(UINT64 *, BYTE *, TPM_AUTH *);
155
void UnloadBlob_AUTH(UINT64 *, BYTE *, TPM_AUTH *);
156
void LoadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *);
157
void UnloadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *);
158
void Trspi_LoadBlob_BOUND_DATA(UINT64 *, TCPA_BOUND_DATA, UINT32, BYTE *);
159
void Trspi_LoadBlob_CHANGEAUTH_VALIDATE(UINT64 *, BYTE *, TCPA_CHANGEAUTH_VALIDATE *);
162
TSS_RESULT TCS_CloseContext(TCS_CONTEXT_HANDLE);
163
TSS_RESULT TCS_OpenContext_RPC(TSS_HCONTEXT, BYTE *, int);
164
TSS_RESULT TCS_GetCapability(TCS_CONTEXT_HANDLE, TCPA_CAPABILITY_AREA, UINT32, BYTE *,
166
TSS_RESULT TCSP_GetCapability(TCS_CONTEXT_HANDLE, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *,
168
TSS_RESULT TCSP_LoadKeyByBlob(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *,
169
TCS_KEY_HANDLE *, TCS_KEY_HANDLE *);
170
TSS_RESULT TCSP_LoadKeyByUUID(TCS_CONTEXT_HANDLE, TSS_UUID, TCS_LOADKEY_INFO *, TCS_KEY_HANDLE *);
171
TSS_RESULT TCS_GetRegisteredKeyBlob(TCS_CONTEXT_HANDLE, TSS_UUID, UINT32 *, BYTE **);
172
TSS_RESULT TCS_RegisterKey(TCS_CONTEXT_HANDLE, TSS_UUID, TSS_UUID, UINT32, BYTE *, UINT32, BYTE *);
173
TSS_RESULT TCSP_UnregisterKey(TCS_CONTEXT_HANDLE, TSS_UUID);
174
TSS_RESULT TCS_EnumRegisteredKeys(TCS_CONTEXT_HANDLE, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO **);
175
TSS_RESULT TCSP_GetRegisteredKeyByPublicInfo(TCS_CONTEXT_HANDLE, TCPA_ALGORITHM_ID, UINT32,
176
BYTE *, UINT32 *, BYTE **);
177
TSS_RESULT TCSP_ChangeAuth(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH,
178
TCPA_ENTITY_TYPE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
180
TSS_RESULT TCSP_ChangeAuthOwner(TCS_CONTEXT_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH, TCPA_ENTITY_TYPE,
182
TSS_RESULT TCSP_TerminateHandle(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE);
183
TSS_RESULT TCSP_GetRandom(TCS_CONTEXT_HANDLE, UINT32, BYTE **);
184
TSS_RESULT TCSP_ChangeAuthAsymStart(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_NONCE, UINT32, BYTE *,
185
TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *,
186
BYTE **, TCS_KEY_HANDLE *);
187
TSS_RESULT TCSP_ChangeAuthAsymFinish(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCS_KEY_HANDLE,
188
TCPA_ENTITY_TYPE, TCPA_HMAC, UINT32, BYTE *, UINT32,
189
BYTE *, TPM_AUTH *, UINT32 *, BYTE **, TCPA_SALT_NONCE *,
191
TSS_RESULT TCSP_GetPubKey(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
192
TSS_RESULT TCSP_CreateWrapKey(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_ENCAUTH, TCPA_ENCAUTH,
193
UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *);
194
TSS_RESULT TCSP_CertifyKey(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *,
195
TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
196
TSS_RESULT TCSP_CreateMigrationBlob(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_MIGRATE_SCHEME, UINT32,
197
BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *,
198
BYTE **, UINT32 *, BYTE **);
199
TSS_RESULT TCSP_ConvertMigrationBlob(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32,
200
BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
201
TSS_RESULT TCSP_PcrRead(TCS_CONTEXT_HANDLE, TCPA_PCRINDEX, TCPA_PCRVALUE *);
202
TSS_RESULT TCSP_OSAP(TCS_CONTEXT_HANDLE, TCPA_ENTITY_TYPE, UINT32, TCPA_NONCE, TCS_AUTHHANDLE *,
203
TCPA_NONCE *, TCPA_NONCE *);
204
TSS_RESULT TCSP_GetCapabilityOwner(TCS_CONTEXT_HANDLE, TPM_AUTH *, TCPA_VERSION *, UINT32 *, UINT32 *);
205
TSS_RESULT TCSP_OIAP(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE *, TCPA_NONCE *);
206
TSS_RESULT TCSP_Seal(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_ENCAUTH, UINT32, BYTE *, UINT32, BYTE *,
207
TPM_AUTH *, UINT32 *, BYTE **);
208
TSS_RESULT TCSP_Unseal(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
210
TSS_RESULT TCSP_UnBind(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *,
212
TSS_RESULT TCSP_Sign(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
213
TSS_RESULT TCSP_CreateEndorsementKeyPair(TCS_CONTEXT_HANDLE, TCPA_NONCE, UINT32, BYTE *, UINT32 *,
214
BYTE **, TCPA_DIGEST *);
215
TSS_RESULT TCSP_ReadPubek(TCS_CONTEXT_HANDLE, TCPA_NONCE, UINT32 *, BYTE **, TCPA_DIGEST *);
216
TSS_RESULT TCSP_OwnerReadPubek(TCS_CONTEXT_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
217
TSS_RESULT TCSP_TakeOwnership(TCS_CONTEXT_HANDLE, UINT16, UINT32, BYTE *, UINT32, BYTE *, UINT32,
218
BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
219
TSS_RESULT TCSP_MakeIdentity(TCS_CONTEXT_HANDLE, TCPA_ENCAUTH, TCPA_CHOSENID_HASH, UINT32, BYTE *,
220
TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *,
221
BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **);
222
TSS_RESULT TCSP_ActivateTPMIdentity(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *,
223
TPM_AUTH *, UINT32 *, BYTE **);
224
TSS_RESULT TCSP_OwnerClear(TCS_CONTEXT_HANDLE, TPM_AUTH *);
225
TSS_RESULT TCSP_DisableOwnerClear(TCS_CONTEXT_HANDLE, TPM_AUTH *);
226
TSS_RESULT TCSP_ForceClear(TCS_CONTEXT_HANDLE);
227
TSS_RESULT TCSP_DisableForceClear(TCS_CONTEXT_HANDLE);
228
TSS_RESULT TCSP_PhysicalDisable(TCS_CONTEXT_HANDLE);
229
TSS_RESULT TCSP_PhysicalEnable(TCS_CONTEXT_HANDLE);
230
TSS_RESULT TCSP_PhysicalSetDeactivated(TCS_CONTEXT_HANDLE, TSS_BOOL);
231
TSS_RESULT TCSP_PhysicalPresence(TCS_CONTEXT_HANDLE, TCPA_PHYSICAL_PRESENCE);
232
TSS_RESULT TCSP_SetTempDeactivated(TCS_CONTEXT_HANDLE);
233
TSS_RESULT TCSP_OwnerSetDisable(TCS_CONTEXT_HANDLE, TSS_BOOL, TPM_AUTH *);
234
TSS_RESULT TCSP_SetOwnerInstall(TCS_CONTEXT_HANDLE, TSS_BOOL);
235
TSS_RESULT TCSP_DisablePubekRead(TCS_CONTEXT_HANDLE, TPM_AUTH *);
236
TSS_RESULT TCSP_SelfTestFull(TCS_CONTEXT_HANDLE);
237
TSS_RESULT TCSP_CertifySelfTest(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *, UINT32 *,
239
TSS_RESULT TCSP_GetTestResult(TCS_CONTEXT_HANDLE, UINT32 *, BYTE **);
240
TSS_RESULT TCSP_StirRandom(TCS_CONTEXT_HANDLE, UINT32, BYTE *);
241
TSS_RESULT TCSP_AuthorizeMigrationKey(TCS_CONTEXT_HANDLE, TCPA_MIGRATE_SCHEME, UINT32, BYTE *,
242
TPM_AUTH *, UINT32 *, BYTE **);
243
TSS_RESULT TCS_GetPcrEvent(TCS_CONTEXT_HANDLE, UINT32, UINT32 *, TSS_PCR_EVENT **);
244
TSS_RESULT TCS_GetPcrEventsByPcr(TCS_CONTEXT_HANDLE, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **);
245
TSS_RESULT TCS_GetPcrEventLog(TCS_CONTEXT_HANDLE, UINT32 *, TSS_PCR_EVENT **);
246
TSS_RESULT TCSP_Quote(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_NONCE, UINT32, BYTE *, TPM_AUTH *,
247
UINT32 *, BYTE **, UINT32 *, BYTE **);
248
TSS_RESULT TCSP_Extend(TCS_CONTEXT_HANDLE, TCPA_PCRINDEX, TCPA_DIGEST, TCPA_PCRVALUE *);
249
TSS_RESULT TCSP_DirWriteAuth(TCS_CONTEXT_HANDLE, TCPA_DIRINDEX, TCPA_DIRVALUE, TPM_AUTH *);
250
TSS_RESULT TCSP_DirRead(TCS_CONTEXT_HANDLE, TCPA_DIRINDEX, TCPA_DIRVALUE *);
251
TSS_RESULT TCS_LogPcrEvent(TCS_CONTEXT_HANDLE, TSS_PCR_EVENT, UINT32 *);
252
TSS_RESULT TCSP_EvictKey(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE);
253
TSS_RESULT TCSP_CreateMaintenanceArchive(TCS_CONTEXT_HANDLE, TSS_BOOL, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
254
TSS_RESULT TCSP_KillMaintenanceFeature(TCS_CONTEXT_HANDLE, TPM_AUTH *);
255
TSS_RESULT TCSP_LoadMaintenanceArchive(TCS_CONTEXT_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
256
TSS_RESULT TCSP_LoadManuMaintPub(TCS_CONTEXT_HANDLE, TCPA_NONCE, UINT32, BYTE *, TCPA_DIGEST *);
257
TSS_RESULT TCSP_ReadManuMaintPub(TCS_CONTEXT_HANDLE, TCPA_NONCE, TCPA_DIGEST *);