« back to all changes in this revision
Viewing changes to src/tspi/obj_rsakey.c
- browse files at revision 1
- compare with another revision
- download diff
- download tarball
- view history from revision 1
- Committer: Bazaar Package Importer
- Author(s): William Lima
- Date: 2007-04-18 16:39:38 UTC
- Revision ID: james.westby@ubuntu.com-20070418163938-opscl2mvvi76jiec
Tags: upstream-0.2.9.1
ImportĀ upstreamĀ versionĀ 0.2.9.1
- files added:
- autom4te.cache
- dist
- dist/fedora
- doc
- man
- man/man3
- man/man5
- man/man8
- src
- src/include
- src/include/linux
- src/include/trousers
- src/include/tss
- src/tcs
- src/tcs/ps
- src/tcsd
- src/tcsd_api
- src/tddl
- src/trspi
- src/trspi/crypto
- src/trspi/crypto/openssl
- src/tspi
- src/tspi/gtk
- src/tspi/ps
- tools
added
removed
src/tspi/obj_rsakey.c
1
2
/*
3
* Licensed Materials - Property of IBM
4
*
5
* trousers - An open source TCG Software Stack
6
*
7
* (C) Copyright International Business Machines Corp. 2005
8
*
9
*/
10
11
12
#include <stdlib.h>
13
#include <stdio.h>
14
#include <errno.h>
15
#include <string.h>
16
#include <pthread.h>
17
#include <inttypes.h>
18
19
#include "trousers/tss.h"
20
#include "trousers/trousers.h"
21
#include "spi_internal_types.h"
22
#include "spi_utils.h"
23
#include "capabilities.h"
24
#include "tsplog.h"
25
#include "obj.h"
26
27
TSS_RESULT
28
obj_rsakey_add(TSS_HCONTEXT tspContext, TSS_FLAG initFlags, TSS_HOBJECT *phObject)
29
{
30
UINT64 offset;
31
TSS_RESULT result;
32
TCPA_RSA_KEY_PARMS rsaKeyParms;
33
TSS_FLAG flags = 0;
34
struct tr_rsakey_obj *rsakey = calloc(1, sizeof(struct tr_rsakey_obj));
35
TCPA_VERSION ver = { 1, 1, 0, 0 }; // Must be 1.1.0.0 for 1.2 TPMs
36
37
if (rsakey == NULL) {
38
LogError("malloc of %zd bytes failed.",
39
sizeof(struct tr_rsakey_obj));
40
return TSPERR(TSS_E_OUTOFMEMORY);
41
}
42
43
memset(&rsaKeyParms, 0, sizeof(TCPA_RSA_KEY_PARMS));
44
45
#ifdef TSS_COPY_POLICY_OBJECTS
46
/* add usage policy */
47
if ((result = obj_policy_add(tspContext, TSS_POLICY_USAGE,
48
&rsakey->usagePolicy))) {
49
free(rsakey);
50
return result;
51
}
52
53
/* add migration policy */
54
if ((result = obj_policy_add(tspContext, TSS_POLICY_MIGRATION,
55
&rsakey->migPolicy))) {
56
obj_policy_remove(rsakey->usagePolicy, tspContext);
57
free(rsakey);
58
return result;
59
}
60
#else
61
if ((result = obj_context_get_policy(tspContext, &rsakey->usagePolicy))) {
62
free(rsakey);
63
return result;
64
}
65
#endif
66
67
if (initFlags & TSS_KEY_EMPTY_KEY)
68
goto add_key;
69
70
memcpy(&rsakey->tcpaKey.ver, &ver, sizeof(TCPA_VERSION));
71
72
rsakey->tcpaKey.algorithmParms.algorithmID = TCPA_ALG_RSA;
73
rsakey->tcpaKey.algorithmParms.parmSize = sizeof(TCPA_RSA_KEY_PARMS);
74
rsakey->tcpaKey.algorithmParms.parms = calloc(1, sizeof(TCPA_RSA_KEY_PARMS));
75
76
if (rsakey->tcpaKey.algorithmParms.parms == NULL) {
77
LogError("calloc of %d bytes failed.",
78
rsakey->tcpaKey.algorithmParms.parmSize);
79
#ifdef TSS_COPY_POLICY_OBJECTS
80
obj_policy_remove(rsakey->usagePolicy, tspContext);
81
obj_policy_remove(rsakey->migPolicy, tspContext);
82
#endif
83
free(rsakey);
84
return TSPERR(TSS_E_OUTOFMEMORY);
85
}
86
rsaKeyParms.exponentSize = 0;
87
rsaKeyParms.numPrimes = 2;
88
memset(&rsakey->tcpaKey.keyFlags, 0, sizeof(TCPA_KEY_FLAGS));
89
90
rsakey->tcpaKey.pubKey.keyLength = 0;
91
rsakey->tcpaKey.encSize = 0;
92
rsakey->tcpaKey.PCRInfoSize = 0;
93
94
/* End of all the default stuff */
95
96
if (initFlags & TSS_KEY_VOLATILE)
97
rsakey->tcpaKey.keyFlags |= volatileKey;
98
if (initFlags & TSS_KEY_MIGRATABLE)
99
rsakey->tcpaKey.keyFlags |= migratable;
100
if (initFlags & TSS_KEY_AUTHORIZATION) {
101
rsakey->tcpaKey.authDataUsage = TPM_AUTH_ALWAYS;
102
flags |= TSS_OBJ_FLAG_USAGEAUTH;
103
}
104
105
106
/* set the key length */
107
if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_512) {
108
rsaKeyParms.keyLength = 512;
109
} else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_1024) {
110
rsaKeyParms.keyLength = 1024;
111
} else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_2048) {
112
rsaKeyParms.keyLength = 2048;
113
} else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_4096) {
114
rsaKeyParms.keyLength = 4096;
115
} else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_8192) {
116
rsaKeyParms.keyLength = 8192;
117
} else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_16384) {
118
rsaKeyParms.keyLength = 16384;
119
}
120
121
/* assign encryption and signature schemes */
122
if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_SIGNING) {
123
rsakey->tcpaKey.keyUsage = TPM_KEY_SIGNING;
124
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_NONE;
125
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
126
} else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_BIND) {
127
rsakey->tcpaKey.keyUsage = TPM_KEY_BIND;
128
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
129
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_NONE;
130
} else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_LEGACY) {
131
rsakey->tcpaKey.keyUsage = TPM_KEY_LEGACY;
132
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
133
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
134
} else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_STORAGE) {
135
rsakey->tcpaKey.keyUsage = TPM_KEY_STORAGE;
136
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
137
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_NONE;
138
} else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_IDENTITY) {
139
rsakey->tcpaKey.keyUsage = TPM_KEY_IDENTITY;
140
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_NONE;
141
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
142
} else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_AUTHCHANGE) {
143
rsakey->tcpaKey.keyUsage = TPM_KEY_AUTHCHANGE;
144
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
145
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_NONE;
146
}
147
148
/* Load the RSA key parms into the blob in the TCPA_KEY_PARMS pointer.
149
* If the exponent is left NULL, the parmSize variable will change
150
* here */
151
offset = 0;
152
Trspi_LoadBlob_RSA_KEY_PARMS(&offset, rsakey->tcpaKey.algorithmParms.parms,
153
&rsaKeyParms);
154
rsakey->tcpaKey.algorithmParms.parmSize = offset;
155
156
add_key:
157
if ((result = obj_list_add(&rsakey_list, tspContext, flags, rsakey, phObject))) {
158
#ifdef TSS_COPY_POLICY_OBJECTS
159
obj_policy_remove(rsakey->usagePolicy, tspContext);
160
obj_policy_remove(rsakey->migPolicy, tspContext);
161
#endif
162
free(rsakey->tcpaKey.algorithmParms.parms);
163
free(rsakey);
164
return result;
165
}
166
167
return TSS_SUCCESS;
168
}
169
170
/* Add a new rsakey to the list when its pulled from user PS */
171
TSS_RESULT
172
obj_rsakey_add_by_key(TSS_HCONTEXT tspContext, TSS_UUID *uuid, BYTE *key, TSS_FLAG flags,
173
TSS_HKEY *phKey)
174
{
175
TSS_RESULT result;
176
UINT64 offset;
177
struct tr_rsakey_obj *rsakey = calloc(1, sizeof(struct tr_rsakey_obj));
178
179
if (rsakey == NULL) {
180
LogError("malloc of %zd bytes failed.", sizeof(struct tr_rsakey_obj));
181
return TSPERR(TSS_E_OUTOFMEMORY);
182
}
183
184
memcpy(&rsakey->uuid, uuid, sizeof(TSS_UUID));
185
186
offset = 0;
187
if ((result = Trspi_UnloadBlob_KEY(&offset, key, &rsakey->tcpaKey))) {
188
free(rsakey);
189
return result;
190
}
191
192
flags |= TSS_OBJ_FLAG_KEY_SET;
193
if (rsakey->tcpaKey.authDataUsage)
194
flags |= TSS_OBJ_FLAG_USAGEAUTH;
195
196
#ifdef TSS_COPY_POLICY_OBJECTS
197
/* add usage policy */
198
if ((result = obj_policy_add(tspContext, TSS_POLICY_USAGE, &rsakey->usagePolicy))) {
199
free_key_refs(&rsakey->tcpaKey);
200
free(rsakey);
201
return result;
202
}
203
204
/* add migration policy */
205
if ((result = obj_policy_add(tspContext, TSS_POLICY_MIGRATION, &rsakey->migPolicy))) {
206
free_key_refs(&rsakey->tcpaKey);
207
obj_policy_remove(rsakey->usagePolicy, tspContext);
208
free(rsakey);
209
return result;
210
}
211
#else
212
if ((result = obj_context_get_policy(tspContext, &rsakey->usagePolicy))) {
213
free(rsakey);
214
return result;
215
}
216
#endif
217
218
if ((result = obj_list_add(&rsakey_list, tspContext, flags, rsakey, phKey))) {
219
free_key_refs(&rsakey->tcpaKey);
220
#ifdef TSS_COPY_POLICY_OBJECTS
221
obj_policy_remove(rsakey->usagePolicy, tspContext);
222
obj_policy_remove(rsakey->migPolicy, tspContext);
223
#endif
224
free(rsakey);
225
return result;
226
}
227
228
return TSS_SUCCESS;
229
}
230
231
TSS_BOOL
232
obj_is_rsakey(TSS_HOBJECT hObject)
233
{
234
TSS_BOOL answer = FALSE;
235
236
if ((obj_list_get_obj(&rsakey_list, hObject))) {
237
answer = TRUE;
238
obj_list_put(&rsakey_list);
239
}
240
241
return answer;
242
}
243
244
TSS_RESULT
245
obj_rsakey_set_flags(TSS_HKEY hKey, UINT32 flags)
246
{
247
struct tsp_object *obj;
248
struct tr_rsakey_obj *rsakey;
249
TSS_RESULT result = TSS_SUCCESS;
250
251
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
252
return TSPERR(TSS_E_INVALID_HANDLE);
253
254
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
255
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
256
goto done;
257
}
258
259
rsakey = (struct tr_rsakey_obj *)obj->data;
260
rsakey->tcpaKey.keyFlags = flags;
261
done:
262
obj_list_put(&rsakey_list);
263
264
return result;
265
}
266
267
TSS_RESULT
268
obj_rsakey_set_size(TSS_HKEY hKey, UINT32 len)
269
{
270
struct tsp_object *obj;
271
struct tr_rsakey_obj *rsakey;
272
TSS_RESULT result = TSS_SUCCESS;
273
274
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
275
return TSPERR(TSS_E_INVALID_HANDLE);
276
277
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
278
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
279
goto done;
280
}
281
282
rsakey = (struct tr_rsakey_obj *)obj->data;
283
rsakey->tcpaKey.pubKey.keyLength = len/8;
284
done:
285
obj_list_put(&rsakey_list);
286
287
return result;
288
}
289
290
TSS_RESULT
291
obj_rsakey_set_key_parms(TSS_HKEY hKey, TCPA_KEY_PARMS *parms)
292
{
293
struct tsp_object *obj;
294
struct tr_rsakey_obj *rsakey;
295
TSS_RESULT result = TSS_SUCCESS;
296
297
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
298
return TSPERR(TSS_E_INVALID_HANDLE);
299
300
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
301
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
302
goto done;
303
}
304
305
rsakey = (struct tr_rsakey_obj *)obj->data;
306
307
free(rsakey->tcpaKey.algorithmParms.parms);
308
309
memcpy(&rsakey->tcpaKey.algorithmParms, parms, sizeof(TCPA_KEY_PARMS));
310
311
if (parms->parmSize > 0) {
312
if ((rsakey->tcpaKey.algorithmParms.parms =
313
malloc(parms->parmSize)) == NULL) {
314
LogError("calloc of %d bytes failed.", parms->parmSize);
315
result = TSPERR(TSS_E_OUTOFMEMORY);
316
goto done;
317
}
318
319
memcpy(rsakey->tcpaKey.algorithmParms.parms, parms->parms,
320
parms->parmSize);
321
} else {
322
rsakey->tcpaKey.algorithmParms.parms = NULL;
323
}
324
325
done:
326
obj_list_put(&rsakey_list);
327
328
return result;
329
}
330
331
TSS_RESULT
332
obj_rsakey_set_policy(TSS_HKEY hKey, UINT32 type, TSS_HPOLICY hPolicy)
333
{
334
struct tsp_object *obj;
335
struct tr_rsakey_obj *rsakey;
336
337
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
338
return TSPERR(TSS_E_INVALID_HANDLE);
339
340
rsakey = (struct tr_rsakey_obj *)obj->data;
341
342
if (type == TSS_POLICY_USAGE)
343
rsakey->usagePolicy = hPolicy;
344
else
345
rsakey->migPolicy = hPolicy;
346
347
obj_list_put(&rsakey_list);
348
349
return TSS_SUCCESS;
350
}
351
352
TSS_RESULT
353
obj_rsakey_set_pstype(TSS_HKEY hKey, UINT32 type)
354
{
355
struct tsp_object *obj;
356
357
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
358
return TSPERR(TSS_E_INVALID_HANDLE);
359
360
switch (type) {
361
case TSS_PS_TYPE_USER:
362
obj->flags |= TSS_OBJ_FLAG_USER_PS;
363
obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
364
break;
365
case TSS_PS_TYPE_SYSTEM:
366
obj->flags |= TSS_OBJ_FLAG_SYSTEM_PS;
367
obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
368
break;
369
case TSS_PS_TYPE_NO:
370
default:
371
obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
372
obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
373
break;
374
}
375
376
obj_list_put(&rsakey_list);
377
378
return TSS_SUCCESS;
379
}
380
381
/* WARN: Nobody should call this function directly except for the
382
* Get/Set Attrib functions. The TCPA_KEY structure wants values
383
* for keyUsage to be TPM_KEY_* values, and this function translates
384
* to TSS_KEYUSAGE_* values for passing to an app. */
385
TSS_RESULT
386
obj_rsakey_get_usage(TSS_HKEY hKey, UINT32 *usage)
387
{
388
TSS_RESULT result = TSS_SUCCESS;
389
struct tsp_object *obj;
390
struct tr_rsakey_obj *rsakey;
391
392
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
393
return TSPERR(TSS_E_INVALID_HANDLE);
394
395
rsakey = (struct tr_rsakey_obj *)obj->data;
396
397
switch (rsakey->tcpaKey.keyUsage) {
398
case TPM_KEY_SIGNING:
399
*usage = TSS_KEYUSAGE_SIGN;
400
break;
401
case TPM_KEY_BIND:
402
*usage = TSS_KEYUSAGE_BIND;
403
break;
404
case TPM_KEY_LEGACY:
405
*usage = TSS_KEYUSAGE_LEGACY;
406
break;
407
case TPM_KEY_AUTHCHANGE:
408
*usage = TSS_KEYUSAGE_AUTHCHANGE;
409
break;
410
case TPM_KEY_IDENTITY:
411
*usage = TSS_KEYUSAGE_IDENTITY;
412
break;
413
case TPM_KEY_STORAGE:
414
*usage = TSS_KEYUSAGE_STORAGE;
415
break;
416
default:
417
result = TSPERR(TSS_E_INVALID_ATTRIB_DATA);
418
break;
419
}
420
421
obj_list_put(&rsakey_list);
422
423
return result;
424
}
425
426
/* WARN: Nobody should call this function directly except for the
427
* Get/Set Attrib functions. The TCPA_KEY structure wants values
428
* for keyUsage to be TPM_KEY_* values, and this function translates
429
* to TSS_KEYUSAGE_* values for passing to an app. */
430
TSS_RESULT
431
obj_rsakey_set_usage(TSS_HKEY hKey, UINT32 usage)
432
{
433
TSS_RESULT result = TSS_SUCCESS;
434
struct tsp_object *obj;
435
struct tr_rsakey_obj *rsakey;
436
437
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
438
return TSPERR(TSS_E_INVALID_HANDLE);
439
440
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
441
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
442
goto done;
443
}
444
445
rsakey = (struct tr_rsakey_obj *)obj->data;
446
447
switch (usage) {
448
case TSS_KEYUSAGE_SIGN:
449
rsakey->tcpaKey.keyUsage = TPM_KEY_SIGNING;
450
break;
451
case TSS_KEYUSAGE_BIND:
452
rsakey->tcpaKey.keyUsage = TPM_KEY_BIND;
453
break;
454
case TSS_KEYUSAGE_LEGACY:
455
rsakey->tcpaKey.keyUsage = TPM_KEY_LEGACY;
456
break;
457
case TSS_KEYUSAGE_AUTHCHANGE:
458
rsakey->tcpaKey.keyUsage = TPM_KEY_AUTHCHANGE;
459
break;
460
case TSS_KEYUSAGE_IDENTITY:
461
rsakey->tcpaKey.keyUsage = TPM_KEY_IDENTITY;
462
break;
463
case TSS_KEYUSAGE_STORAGE:
464
rsakey->tcpaKey.keyUsage = TPM_KEY_STORAGE;
465
break;
466
default:
467
result = TSPERR(TSS_E_INVALID_ATTRIB_DATA);
468
break;
469
}
470
done:
471
obj_list_put(&rsakey_list);
472
473
return result;
474
}
475
476
TSS_RESULT
477
obj_rsakey_set_migratable(TSS_HKEY hKey, UINT32 mig)
478
{
479
struct tsp_object *obj;
480
struct tr_rsakey_obj *rsakey;
481
TSS_RESULT result = TSS_SUCCESS;
482
483
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
484
return TSPERR(TSS_E_INVALID_HANDLE);
485
486
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
487
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
488
goto done;
489
}
490
491
rsakey = (struct tr_rsakey_obj *)obj->data;
492
if (mig)
493
rsakey->tcpaKey.keyFlags |= migratable;
494
else
495
rsakey->tcpaKey.keyFlags &= (~migratable);
496
done:
497
obj_list_put(&rsakey_list);
498
499
return result;
500
}
501
502
TSS_RESULT
503
obj_rsakey_set_redirected(TSS_HKEY hKey, UINT32 redir)
504
{
505
struct tsp_object *obj;
506
struct tr_rsakey_obj *rsakey;
507
TSS_RESULT result = TSS_SUCCESS;
508
509
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
510
return TSPERR(TSS_E_INVALID_HANDLE);
511
512
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
513
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
514
goto done;
515
}
516
517
rsakey = (struct tr_rsakey_obj *)obj->data;
518
if (redir)
519
rsakey->tcpaKey.keyFlags |= redirection;
520
else
521
rsakey->tcpaKey.keyFlags &= (~redirection);
522
done:
523
obj_list_put(&rsakey_list);
524
525
return result;
526
}
527
528
TSS_RESULT
529
obj_rsakey_set_volatile(TSS_HKEY hKey, UINT32 vol)
530
{
531
struct tsp_object *obj;
532
struct tr_rsakey_obj *rsakey;
533
TSS_RESULT result = TSS_SUCCESS;
534
535
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
536
return TSPERR(TSS_E_INVALID_HANDLE);
537
538
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
539
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
540
goto done;
541
}
542
543
rsakey = (struct tr_rsakey_obj *)obj->data;
544
if (vol)
545
rsakey->tcpaKey.keyFlags |= volatileKey;
546
else
547
rsakey->tcpaKey.keyFlags &= (~volatileKey);
548
done:
549
obj_list_put(&rsakey_list);
550
551
return result;
552
}
553
554
TSS_RESULT
555
obj_rsakey_get_authdata_usage(TSS_HKEY hKey, UINT32 *usage)
556
{
557
struct tsp_object *obj;
558
struct tr_rsakey_obj *rsakey;
559
560
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
561
return TSPERR(TSS_E_INVALID_HANDLE);
562
563
rsakey = (struct tr_rsakey_obj *)obj->data;
564
*usage = (UINT32)rsakey->tcpaKey.authDataUsage ? TRUE : FALSE;
565
566
obj_list_put(&rsakey_list);
567
568
return TSS_SUCCESS;
569
}
570
571
TSS_RESULT
572
obj_rsakey_set_authdata_usage(TSS_HKEY hKey, UINT32 usage)
573
{
574
struct tsp_object *obj;
575
struct tr_rsakey_obj *rsakey;
576
TSS_RESULT result = TSS_SUCCESS;
577
578
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
579
return TSPERR(TSS_E_INVALID_HANDLE);
580
581
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
582
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
583
goto done;
584
}
585
586
rsakey = (struct tr_rsakey_obj *)obj->data;
587
588
rsakey->tcpaKey.authDataUsage = (BYTE)usage;
589
if (usage)
590
obj->flags |= TSS_OBJ_FLAG_USAGEAUTH;
591
else
592
obj->flags &= ~TSS_OBJ_FLAG_USAGEAUTH;
593
done:
594
obj_list_put(&rsakey_list);
595
596
return result;
597
}
598
599
TSS_RESULT
600
obj_rsakey_get_alg(TSS_HKEY hKey, UINT32 *alg)
601
{
602
struct tsp_object *obj;
603
struct tr_rsakey_obj *rsakey;
604
605
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
606
return TSPERR(TSS_E_INVALID_HANDLE);
607
608
rsakey = (struct tr_rsakey_obj *)obj->data;
609
610
switch (rsakey->tcpaKey.algorithmParms.algorithmID) {
611
case TCPA_ALG_RSA:
612
*alg = TSS_ALG_RSA;
613
break;
614
default:
615
*alg = rsakey->tcpaKey.algorithmParms.algorithmID;
616
break;
617
}
618
619
obj_list_put(&rsakey_list);
620
621
return TSS_SUCCESS;
622
}
623
624
TSS_RESULT
625
obj_rsakey_set_alg(TSS_HKEY hKey, UINT32 alg)
626
{
627
struct tsp_object *obj;
628
struct tr_rsakey_obj *rsakey;
629
TSS_RESULT result = TSS_SUCCESS;
630
631
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
632
return TSPERR(TSS_E_INVALID_HANDLE);
633
634
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
635
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
636
goto done;
637
}
638
639
rsakey = (struct tr_rsakey_obj *)obj->data;
640
switch (alg) {
641
case TSS_ALG_RSA:
642
rsakey->tcpaKey.algorithmParms.algorithmID = TCPA_ALG_RSA;
643
break;
644
default:
645
rsakey->tcpaKey.algorithmParms.algorithmID = alg;
646
break;
647
}
648
done:
649
obj_list_put(&rsakey_list);
650
651
return result;
652
}
653
654
TSS_RESULT
655
obj_rsakey_get_es(TSS_HKEY hKey, UINT32 *es)
656
{
657
struct tsp_object *obj;
658
struct tr_rsakey_obj *rsakey;
659
660
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
661
return TSPERR(TSS_E_INVALID_HANDLE);
662
663
rsakey = (struct tr_rsakey_obj *)obj->data;
664
665
/* translate TPM numbers to TSS numbers */
666
switch (rsakey->tcpaKey.algorithmParms.encScheme) {
667
case TCPA_ES_NONE:
668
*es = TSS_ES_NONE;
669
break;
670
case TCPA_ES_RSAESPKCSv15:
671
*es = TSS_ES_RSAESPKCSV15;
672
break;
673
case TCPA_ES_RSAESOAEP_SHA1_MGF1:
674
*es = TSS_ES_RSAESOAEP_SHA1_MGF1;
675
break;
676
default:
677
*es = rsakey->tcpaKey.algorithmParms.encScheme;
678
break;
679
}
680
681
obj_list_put(&rsakey_list);
682
683
return TSS_SUCCESS;
684
}
685
686
TSS_RESULT
687
obj_rsakey_set_es(TSS_HKEY hKey, UINT32 es)
688
{
689
struct tsp_object *obj;
690
struct tr_rsakey_obj *rsakey;
691
TSS_RESULT result = TSS_SUCCESS;
692
693
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
694
return TSPERR(TSS_E_INVALID_HANDLE);
695
696
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
697
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
698
goto done;
699
}
700
701
rsakey = (struct tr_rsakey_obj *)obj->data;
702
703
/* translate TSS numbers to TPM numbers */
704
switch (es) {
705
case TSS_ES_NONE:
706
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_NONE;
707
break;
708
case TSS_ES_RSAESPKCSV15:
709
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_RSAESPKCSv15;
710
break;
711
case TSS_ES_RSAESOAEP_SHA1_MGF1:
712
rsakey->tcpaKey.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
713
break;
714
default:
715
rsakey->tcpaKey.algorithmParms.encScheme = es;
716
break;
717
}
718
done:
719
obj_list_put(&rsakey_list);
720
721
return result;
722
}
723
724
TSS_RESULT
725
obj_rsakey_get_ss(TSS_HKEY hKey, UINT32 *ss)
726
{
727
struct tsp_object *obj;
728
struct tr_rsakey_obj *rsakey;
729
730
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
731
return TSPERR(TSS_E_INVALID_HANDLE);
732
733
rsakey = (struct tr_rsakey_obj *)obj->data;
734
735
/* translate TPM numbers to TSS numbers */
736
switch (rsakey->tcpaKey.algorithmParms.sigScheme) {
737
case TCPA_SS_NONE:
738
*ss = TSS_SS_NONE;
739
break;
740
case TCPA_SS_RSASSAPKCS1v15_SHA1:
741
*ss = TSS_SS_RSASSAPKCS1V15_SHA1;
742
break;
743
case TCPA_SS_RSASSAPKCS1v15_DER:
744
*ss = TSS_SS_RSASSAPKCS1V15_DER;
745
break;
746
default:
747
*ss = rsakey->tcpaKey.algorithmParms.sigScheme;
748
break;
749
}
750
751
752
obj_list_put(&rsakey_list);
753
754
return TSS_SUCCESS;
755
}
756
757
TSS_RESULT
758
obj_rsakey_set_ss(TSS_HKEY hKey, UINT32 ss)
759
{
760
struct tsp_object *obj;
761
struct tr_rsakey_obj *rsakey;
762
TSS_RESULT result = TSS_SUCCESS;
763
764
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
765
return TSPERR(TSS_E_INVALID_HANDLE);
766
767
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
768
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
769
goto done;
770
}
771
772
rsakey = (struct tr_rsakey_obj *)obj->data;
773
774
/* translate TSS numbers to TPM numbers */
775
switch (ss) {
776
case TSS_SS_NONE:
777
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_NONE;
778
break;
779
case TSS_SS_RSASSAPKCS1V15_SHA1:
780
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
781
break;
782
case TSS_SS_RSASSAPKCS1V15_DER:
783
rsakey->tcpaKey.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_DER;
784
break;
785
default:
786
rsakey->tcpaKey.algorithmParms.sigScheme = ss;
787
break;
788
}
789
done:
790
obj_list_put(&rsakey_list);
791
792
return result;
793
}
794
795
TSS_RESULT
796
obj_rsakey_set_num_primes(TSS_HKEY hKey, UINT32 num)
797
{
798
struct tsp_object *obj;
799
struct tr_rsakey_obj *rsakey;
800
TSS_RESULT result = TSS_SUCCESS;
801
802
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
803
return TSPERR(TSS_E_INVALID_HANDLE);
804
805
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
806
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
807
goto done;
808
}
809
810
rsakey = (struct tr_rsakey_obj *)obj->data;
811
UINT32ToArray(num, &rsakey->tcpaKey.algorithmParms.parms[4]);
812
done:
813
obj_list_put(&rsakey_list);
814
815
return result;
816
}
817
818
TSS_RESULT
819
obj_rsakey_get_num_primes(TSS_HKEY hKey, UINT32 *num)
820
{
821
struct tsp_object *obj;
822
struct tr_rsakey_obj *rsakey;
823
TCPA_RSA_KEY_PARMS *parms;
824
825
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
826
return TSPERR(TSS_E_INVALID_HANDLE);
827
828
rsakey = (struct tr_rsakey_obj *)obj->data;
829
parms = (TCPA_RSA_KEY_PARMS *)rsakey->tcpaKey.algorithmParms.parms;
830
*num = endian32(parms->numPrimes);
831
832
obj_list_put(&rsakey_list);
833
834
return TSS_SUCCESS;
835
}
836
837
TSS_RESULT
838
obj_rsakey_get_flags(TSS_HKEY hKey, UINT32 *flags)
839
{
840
struct tsp_object *obj;
841
struct tr_rsakey_obj *rsakey;
842
843
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
844
return TSPERR(TSS_E_INVALID_HANDLE);
845
846
rsakey = (struct tr_rsakey_obj *)obj->data;
847
*flags = rsakey->tcpaKey.keyFlags;
848
849
obj_list_put(&rsakey_list);
850
851
return TSS_SUCCESS;
852
}
853
854
TSS_RESULT
855
obj_rsakey_get_size(TSS_HKEY hKey, UINT32 *len)
856
{
857
struct tsp_object *obj;
858
struct tr_rsakey_obj *rsakey;
859
860
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
861
return TSPERR(TSS_E_INVALID_HANDLE);
862
863
rsakey = (struct tr_rsakey_obj *)obj->data;
864
865
switch (rsakey->tcpaKey.pubKey.keyLength) {
866
case 512/8:
867
*len = TSS_KEY_SIZEVAL_512BIT;
868
break;
869
case 1024/8:
870
*len = TSS_KEY_SIZEVAL_1024BIT;
871
break;
872
case 2048/8:
873
*len = TSS_KEY_SIZEVAL_2048BIT;
874
break;
875
default:
876
*len = rsakey->tcpaKey.pubKey.keyLength * 8;
877
break;
878
}
879
880
obj_list_put(&rsakey_list);
881
882
return TSS_SUCCESS;
883
}
884
885
TSS_RESULT
886
obj_rsakey_get_pstype(TSS_HKEY hKey, UINT32 *type)
887
{
888
struct tsp_object *obj;
889
890
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
891
return TSPERR(TSS_E_INVALID_HANDLE);
892
893
if (obj->flags & TSS_OBJ_FLAG_SYSTEM_PS)
894
*type = TSS_PS_TYPE_SYSTEM;
895
else if (obj->flags & TSS_OBJ_FLAG_USER_PS)
896
*type = TSS_PS_TYPE_USER;
897
else
898
*type = TSS_PS_TYPE_NO;
899
900
obj_list_put(&rsakey_list);
901
902
return TSS_SUCCESS;
903
}
904
905
TSS_BOOL
906
obj_rsakey_is_migratable(TSS_HKEY hKey)
907
{
908
struct tsp_object *obj;
909
struct tr_rsakey_obj *rsakey;
910
TSS_BOOL answer = FALSE;
911
912
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
913
return answer;
914
915
rsakey = (struct tr_rsakey_obj *)obj->data;
916
if (rsakey->tcpaKey.keyFlags & migratable)
917
answer = TRUE;
918
919
obj_list_put(&rsakey_list);
920
921
return answer;
922
}
923
924
TSS_BOOL
925
obj_rsakey_is_redirected(TSS_HKEY hKey)
926
{
927
struct tsp_object *obj;
928
struct tr_rsakey_obj *rsakey;
929
TSS_BOOL answer = FALSE;
930
931
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
932
return answer;
933
934
rsakey = (struct tr_rsakey_obj *)obj->data;
935
if (rsakey->tcpaKey.keyFlags & redirection)
936
answer = TRUE;
937
938
obj_list_put(&rsakey_list);
939
940
return answer;
941
}
942
943
TSS_BOOL
944
obj_rsakey_is_volatile(TSS_HKEY hKey)
945
{
946
struct tsp_object *obj;
947
struct tr_rsakey_obj *rsakey;
948
TSS_BOOL answer = FALSE;
949
950
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
951
return answer;
952
953
rsakey = (struct tr_rsakey_obj *)obj->data;
954
if (rsakey->tcpaKey.keyFlags & volatileKey)
955
answer = TRUE;
956
957
obj_list_put(&rsakey_list);
958
959
return answer;
960
}
961
962
TSS_RESULT
963
obj_rsakey_get_tsp_context(TSS_HKEY hKey, TSS_HCONTEXT *tspContext)
964
{
965
struct tsp_object *obj;
966
967
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
968
return TSPERR(TSS_E_INVALID_HANDLE);
969
970
*tspContext = obj->tspContext;
971
972
obj_list_put(&rsakey_list);
973
974
if (!obj_is_context(*tspContext))
975
return TSPERR(TSS_E_INVALID_HANDLE);
976
977
return TSS_SUCCESS;
978
}
979
980
TSS_RESULT
981
obj_rsakey_get_policy(TSS_HKEY hKey, TSS_FLAG policyType,
982
TSS_HPOLICY *phPolicy, TSS_BOOL *auth)
983
{
984
struct tsp_object *obj;
985
struct tr_rsakey_obj *rsakey;
986
TSS_RESULT result = TSS_SUCCESS;
987
988
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
989
return TSPERR(TSS_E_INVALID_HANDLE);
990
991
rsakey = (struct tr_rsakey_obj *)obj->data;
992
993
if (policyType == TSS_POLICY_USAGE) {
994
*phPolicy = rsakey->usagePolicy;
995
if (auth != NULL) {
996
if (obj->flags & TSS_OBJ_FLAG_USAGEAUTH)
997
*auth = TRUE;
998
else
999
*auth = FALSE;
1000
}
1001
} else {
1002
#ifndef TSS_COPY_POLICY_OBJECTS
1003
if (!rsakey->migPolicy) {
1004
result = TSPERR(TSS_E_KEY_NO_MIGRATION_POLICY);
1005
goto done;
1006
}
1007
#endif
1008
*phPolicy = rsakey->migPolicy;
1009
if (auth != NULL) {
1010
if (obj->flags & TSS_OBJ_FLAG_MIGAUTH)
1011
*auth = TRUE;
1012
else
1013
*auth = FALSE;
1014
}
1015
}
1016
#ifndef TSS_COPY_POLICY_OBJECTS
1017
done:
1018
#endif
1019
obj_list_put(&rsakey_list);
1020
1021
return result;
1022
}
1023
1024
TSS_RESULT
1025
obj_rsakey_get_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1026
{
1027
struct tsp_object *obj;
1028
struct tr_rsakey_obj *rsakey;
1029
TSS_RESULT result = TSS_SUCCESS;
1030
UINT64 offset;
1031
BYTE temp[2048];
1032
1033
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1034
return TSPERR(TSS_E_INVALID_HANDLE);
1035
1036
rsakey = (struct tr_rsakey_obj *)obj->data;
1037
1038
offset = 0;
1039
Trspi_LoadBlob_KEY(&offset, temp, &rsakey->tcpaKey);
1040
1041
if (offset > 2048) {
1042
LogError("memory corruption");
1043
result = TSPERR(TSS_E_INTERNAL_ERROR);
1044
goto done;
1045
} else {
1046
*data = calloc_tspi(obj->tspContext, offset);
1047
if (*data == NULL) {
1048
LogError("malloc of %" PRIu64 " bytes failed.", offset);
1049
result = TSPERR(TSS_E_OUTOFMEMORY);
1050
goto done;
1051
}
1052
*size = offset;
1053
memcpy(*data, temp, offset);
1054
}
1055
1056
done:
1057
obj_list_put(&rsakey_list);
1058
1059
return result;
1060
}
1061
1062
TSS_RESULT
1063
obj_rsakey_get_priv_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1064
{
1065
struct tsp_object *obj;
1066
struct tr_rsakey_obj *rsakey;
1067
TSS_RESULT result = TSS_SUCCESS;
1068
UINT32 offset;
1069
1070
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1071
return TSPERR(TSS_E_INVALID_HANDLE);
1072
1073
rsakey = (struct tr_rsakey_obj *)obj->data;
1074
1075
offset = rsakey->tcpaKey.encSize;
1076
1077
*data = calloc_tspi(obj->tspContext, offset);
1078
if (*data == NULL) {
1079
LogError("malloc of %u bytes failed.", offset);
1080
result = TSPERR(TSS_E_OUTOFMEMORY);
1081
goto done;
1082
}
1083
*size = offset;
1084
memcpy(*data, rsakey->tcpaKey.encData, offset);
1085
1086
done:
1087
obj_list_put(&rsakey_list);
1088
1089
return result;
1090
}
1091
1092
TSS_RESULT
1093
obj_rsakey_get_modulus(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1094
{
1095
struct tsp_object *obj;
1096
struct tr_rsakey_obj *rsakey;
1097
TSS_RESULT result = TSS_SUCCESS;
1098
UINT32 offset;
1099
1100
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1101
return TSPERR(TSS_E_INVALID_HANDLE);
1102
1103
rsakey = (struct tr_rsakey_obj *)obj->data;
1104
1105
offset = rsakey->tcpaKey.pubKey.keyLength;
1106
1107
/* if this key object represents the SRK and the public key
1108
* data here is all 0's, then we shouldn't return it, we
1109
* should return TSS_E_BAD_PARAMETER. This is part of protecting
1110
* the SRK public key. */
1111
if (rsakey->tcsHandle == TPM_KEYHND_SRK) {
1112
BYTE zeroBlob[2048] = { 0, };
1113
1114
if (!memcmp(rsakey->tcpaKey.pubKey.key, zeroBlob, offset)) {
1115
result = TSPERR(TSS_E_BAD_PARAMETER);
1116
goto done;
1117
}
1118
}
1119
1120
*data = calloc_tspi(obj->tspContext, offset);
1121
if (*data == NULL) {
1122
LogError("malloc of %u bytes failed.", offset);
1123
result = TSPERR(TSS_E_OUTOFMEMORY);
1124
goto done;
1125
}
1126
*size = offset;
1127
memcpy(*data, rsakey->tcpaKey.pubKey.key, offset);
1128
1129
done:
1130
obj_list_put(&rsakey_list);
1131
1132
return result;
1133
}
1134
1135
TSS_RESULT
1136
obj_rsakey_set_modulus(TSS_HKEY hKey, UINT32 size, BYTE *data)
1137
{
1138
struct tsp_object *obj;
1139
struct tr_rsakey_obj *rsakey;
1140
TSS_RESULT result = TSS_SUCCESS;
1141
BYTE *free_ptr;
1142
1143
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1144
return TSPERR(TSS_E_INVALID_HANDLE);
1145
1146
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
1147
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
1148
goto done;
1149
}
1150
1151
rsakey = (struct tr_rsakey_obj *)obj->data;
1152
1153
free_ptr = rsakey->tcpaKey.pubKey.key;
1154
1155
rsakey->tcpaKey.pubKey.key = malloc(size);
1156
if (rsakey->tcpaKey.pubKey.key == NULL) {
1157
rsakey->tcpaKey.pubKey.key = free_ptr; // restore
1158
LogError("malloc of %u bytes failed.", size);
1159
result = TSPERR(TSS_E_OUTOFMEMORY);
1160
goto done;
1161
}
1162
rsakey->tcpaKey.pubKey.keyLength = size;
1163
memcpy(rsakey->tcpaKey.pubKey.key, data, size);
1164
1165
done:
1166
obj_list_put(&rsakey_list);
1167
1168
return result;
1169
}
1170
1171
TSS_RESULT
1172
obj_rsakey_get_pub_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1173
{
1174
struct tsp_object *obj;
1175
struct tr_rsakey_obj *rsakey;
1176
TSS_RESULT result = TSS_SUCCESS;
1177
BYTE blob[1024];
1178
UINT64 offset;
1179
1180
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1181
return TSPERR(TSS_E_INVALID_HANDLE);
1182
1183
rsakey = (struct tr_rsakey_obj *)obj->data;
1184
1185
offset = rsakey->tcpaKey.pubKey.keyLength;
1186
1187
/* if this key object represents the SRK and the public key
1188
* data here is all 0's, then we shouldn't return it, we
1189
* should return TSS_E_BAD_PARAMETER. This is part of protecting
1190
* the SRK public key. */
1191
if (rsakey->tcsHandle == TPM_KEYHND_SRK) {
1192
BYTE zeroBlob[2048] = { 0, };
1193
1194
if (!memcmp(rsakey->tcpaKey.pubKey.key, zeroBlob, offset)) {
1195
result = TSPERR(TSS_E_BAD_PARAMETER);
1196
goto done;
1197
}
1198
}
1199
1200
offset = 0;
1201
Trspi_LoadBlob_KEY_PARMS(&offset, blob, &rsakey->tcpaKey.algorithmParms);
1202
Trspi_LoadBlob_STORE_PUBKEY(&offset, blob, &rsakey->tcpaKey.pubKey);
1203
1204
*data = calloc_tspi(obj->tspContext, offset);
1205
if (*data == NULL) {
1206
LogError("malloc of %" PRIu64 " bytes failed.", offset);
1207
result = TSPERR(TSS_E_OUTOFMEMORY);
1208
goto done;
1209
}
1210
*size = offset;
1211
memcpy(*data, blob, offset);
1212
1213
done:
1214
obj_list_put(&rsakey_list);
1215
1216
return result;
1217
}
1218
1219
TSS_RESULT
1220
obj_rsakey_get_version(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1221
{
1222
struct tsp_object *obj;
1223
struct tr_rsakey_obj *rsakey;
1224
TSS_RESULT result = TSS_SUCCESS;
1225
UINT64 offset;
1226
BYTE temp[128];
1227
1228
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1229
return TSPERR(TSS_E_INVALID_HANDLE);
1230
1231
rsakey = (struct tr_rsakey_obj *)obj->data;
1232
1233
offset = 0;
1234
Trspi_LoadBlob_TCPA_VERSION(&offset, temp, rsakey->tcpaKey.ver);
1235
1236
if (offset > 128) {
1237
LogError("memory corruption");
1238
result = TSPERR(TSS_E_INTERNAL_ERROR);
1239
goto done;
1240
} else {
1241
*data = calloc_tspi(obj->tspContext, offset);
1242
if (*data == NULL) {
1243
LogError("malloc of %" PRIu64 " bytes failed.", offset);
1244
result = TSPERR(TSS_E_OUTOFMEMORY);
1245
goto done;
1246
}
1247
*size = offset;
1248
memcpy(*data, temp, offset);
1249
}
1250
1251
done:
1252
obj_list_put(&rsakey_list);
1253
1254
return result;
1255
}
1256
1257
TSS_RESULT
1258
obj_rsakey_get_exponent(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1259
{
1260
struct tsp_object *obj;
1261
struct tr_rsakey_obj *rsakey;
1262
TSS_RESULT result = TSS_SUCCESS;
1263
TCPA_RSA_KEY_PARMS *parms;
1264
BYTE default_exp[3] = { 0x1, 0x0, 0x1 };
1265
UINT32 offset;
1266
1267
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1268
return TSPERR(TSS_E_INVALID_HANDLE);
1269
1270
rsakey = (struct tr_rsakey_obj *)obj->data;
1271
parms = (TCPA_RSA_KEY_PARMS *)rsakey->tcpaKey.algorithmParms.parms;
1272
offset = parms->exponentSize;
1273
1274
/* see TPM 1.1b spec pg. 51. If exponentSize is 0, we're using the
1275
* default exponent of 2^16 + 1. */
1276
if (offset == 0) {
1277
offset = 3;
1278
*data = calloc_tspi(obj->tspContext, offset);
1279
if (*data == NULL) {
1280
LogError("malloc of %d bytes failed.", offset);
1281
result = TSPERR(TSS_E_OUTOFMEMORY);
1282
goto done;
1283
}
1284
*size = offset;
1285
memcpy(*data, default_exp, offset);
1286
} else {
1287
*data = calloc_tspi(obj->tspContext, offset);
1288
if (*data == NULL) {
1289
LogError("malloc of %d bytes failed.", offset);
1290
result = TSPERR(TSS_E_OUTOFMEMORY);
1291
goto done;
1292
}
1293
*size = offset;
1294
memcpy(*data, parms->exponent, offset);
1295
}
1296
1297
done:
1298
obj_list_put(&rsakey_list);
1299
1300
return result;
1301
}
1302
1303
TSS_RESULT
1304
obj_rsakey_set_exponent(TSS_HKEY hKey, UINT32 size, BYTE *data)
1305
{
1306
struct tsp_object *obj;
1307
struct tr_rsakey_obj *rsakey;
1308
TSS_RESULT result = TSS_SUCCESS;
1309
TCPA_RSA_KEY_PARMS *parms;
1310
BYTE *free_ptr;
1311
1312
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1313
return TSPERR(TSS_E_INVALID_HANDLE);
1314
1315
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
1316
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
1317
goto done;
1318
}
1319
1320
rsakey = (struct tr_rsakey_obj *)obj->data;
1321
parms = (TCPA_RSA_KEY_PARMS *)rsakey->tcpaKey.algorithmParms.parms;
1322
1323
free_ptr = parms->exponent;
1324
1325
parms->exponent = malloc(size);
1326
if (parms->exponent == NULL) {
1327
parms->exponent = free_ptr; // restore
1328
LogError("malloc of %u bytes failed.", size);
1329
result = TSPERR(TSS_E_OUTOFMEMORY);
1330
goto done;
1331
}
1332
parms->exponentSize = size;
1333
memcpy(parms->exponent, data, size);
1334
done:
1335
obj_list_put(&rsakey_list);
1336
1337
return result;
1338
}
1339
1340
TSS_RESULT
1341
obj_rsakey_get_uuid(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1342
{
1343
struct tsp_object *obj;
1344
struct tr_rsakey_obj *rsakey;
1345
TSS_RESULT result = TSS_SUCCESS;
1346
BYTE temp[128];
1347
UINT64 offset;
1348
1349
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1350
return TSPERR(TSS_E_INVALID_HANDLE);
1351
1352
rsakey = (struct tr_rsakey_obj *)obj->data;
1353
1354
offset = 0;
1355
Trspi_LoadBlob_UUID(&offset, temp, rsakey->uuid);
1356
1357
if (offset > 128) {
1358
LogError("memory corruption");
1359
result = TSPERR(TSS_E_INTERNAL_ERROR);
1360
goto done;
1361
}
1362
1363
*data = calloc_tspi(obj->tspContext, offset);
1364
if (*data == NULL) {
1365
LogError("malloc of %" PRIu64 " bytes failed.", offset);
1366
result = TSPERR(TSS_E_OUTOFMEMORY);
1367
goto done;
1368
}
1369
*size = offset;
1370
memcpy(*data, temp, offset);
1371
1372
done:
1373
obj_list_put(&rsakey_list);
1374
1375
return result;
1376
}
1377
1378
TSS_RESULT
1379
obj_rsakey_set_uuid(TSS_HKEY hKey, TSS_FLAG ps_type, TSS_UUID *uuid)
1380
{
1381
struct tsp_object *obj;
1382
struct tr_rsakey_obj *rsakey;
1383
1384
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1385
return TSPERR(TSS_E_INVALID_HANDLE);
1386
1387
rsakey = (struct tr_rsakey_obj *)obj->data;
1388
memcpy(&rsakey->uuid, uuid, sizeof(TSS_UUID));
1389
1390
switch (ps_type) {
1391
case TSS_PS_TYPE_SYSTEM:
1392
obj->flags |= TSS_OBJ_FLAG_SYSTEM_PS;
1393
obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
1394
break;
1395
case TSS_PS_TYPE_USER:
1396
obj->flags |= TSS_OBJ_FLAG_USER_PS;
1397
obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
1398
break;
1399
case TSS_PS_TYPE_NO:
1400
default:
1401
obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
1402
obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
1403
break;
1404
}
1405
1406
obj_list_put(&rsakey_list);
1407
1408
return TSS_SUCCESS;
1409
}
1410
1411
TSS_RESULT
1412
obj_rsakey_set_tcs_handle(TSS_HKEY hKey, TCS_KEY_HANDLE tcsHandle)
1413
{
1414
struct tsp_object *obj;
1415
struct tr_rsakey_obj *rsakey;
1416
1417
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1418
return TSPERR(TSS_E_INVALID_HANDLE);
1419
1420
rsakey = (struct tr_rsakey_obj *)obj->data;
1421
rsakey->tcsHandle = tcsHandle;
1422
1423
obj_list_put(&rsakey_list);
1424
1425
return TSS_SUCCESS;
1426
}
1427
1428
TSS_RESULT
1429
obj_rsakey_get_tcs_handle(TSS_HKEY hKey, TCS_KEY_HANDLE *tcsHandle)
1430
{
1431
struct tsp_object *obj;
1432
struct tr_rsakey_obj *rsakey;
1433
TSS_RESULT result = TSS_SUCCESS;
1434
1435
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1436
return TSPERR(TSS_E_INVALID_HANDLE);
1437
1438
rsakey = (struct tr_rsakey_obj *)obj->data;
1439
if (rsakey->tcsHandle)
1440
*tcsHandle = rsakey->tcsHandle;
1441
else
1442
result = TSPERR(TSS_E_KEY_NOT_LOADED);
1443
1444
obj_list_put(&rsakey_list);
1445
1446
return TSS_SUCCESS;
1447
}
1448
1449
TSS_RESULT
1450
obj_rsakey_set_tcpakey(TSS_HKEY hKey, UINT32 size, BYTE *data)
1451
{
1452
struct tsp_object *obj;
1453
struct tr_rsakey_obj *rsakey;
1454
UINT64 offset;
1455
TSS_RESULT result = TSS_SUCCESS;
1456
1457
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1458
return TSPERR(TSS_E_INVALID_HANDLE);
1459
1460
rsakey = (struct tr_rsakey_obj *)obj->data;
1461
1462
offset = 0;
1463
if ((result = Trspi_UnloadBlob_KEY(&offset, data, &rsakey->tcpaKey)))
1464
goto done;
1465
1466
if (rsakey->tcpaKey.authDataUsage)
1467
obj->flags |= TSS_OBJ_FLAG_USAGEAUTH;
1468
else
1469
obj->flags &= ~TSS_OBJ_FLAG_USAGEAUTH;
1470
1471
obj->flags |= TSS_OBJ_FLAG_KEY_SET;
1472
1473
done:
1474
obj_list_put(&rsakey_list);
1475
1476
return result;
1477
}
1478
1479
TSS_RESULT
1480
obj_rsakey_get_pcr_atcreation(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1481
{
1482
struct tsp_object *obj;
1483
struct tr_rsakey_obj *rsakey;
1484
TSS_RESULT result = TSS_SUCCESS;
1485
UINT64 offset;
1486
TCPA_PCR_INFO *info;
1487
1488
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1489
return TSPERR(TSS_E_INVALID_HANDLE);
1490
1491
rsakey = (struct tr_rsakey_obj *)obj->data;
1492
1493
if (rsakey->tcpaKey.PCRInfo == NULL) {
1494
*data = NULL;
1495
*size = 0;
1496
} else {
1497
*data = calloc_tspi(obj->tspContext, sizeof(TCPA_DIGEST));
1498
if (*data == NULL) {
1499
LogError("malloc of %zd bytes failed.", sizeof(TCPA_DIGEST));
1500
result = TSPERR(TSS_E_OUTOFMEMORY);
1501
goto done;
1502
}
1503
*size = sizeof(TCPA_DIGEST);
1504
info = (TCPA_PCR_INFO *)rsakey->tcpaKey.PCRInfo;
1505
offset = 0;
1506
Trspi_LoadBlob(&offset, sizeof(TCPA_DIGEST), *data,
1507
(BYTE *)&info->digestAtCreation);
1508
}
1509
1510
done:
1511
obj_list_put(&rsakey_list);
1512
1513
return result;
1514
}
1515
1516
TSS_RESULT
1517
obj_rsakey_get_pcr_atrelease(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1518
{
1519
struct tsp_object *obj;
1520
struct tr_rsakey_obj *rsakey;
1521
TSS_RESULT result = TSS_SUCCESS;
1522
UINT64 offset;
1523
TCPA_PCR_INFO *info;
1524
1525
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1526
return TSPERR(TSS_E_INVALID_HANDLE);
1527
1528
rsakey = (struct tr_rsakey_obj *)obj->data;
1529
1530
if (rsakey->tcpaKey.PCRInfo == NULL) {
1531
*data = NULL;
1532
*size = 0;
1533
} else {
1534
*data = calloc_tspi(obj->tspContext, sizeof(TCPA_DIGEST));
1535
if (*data == NULL) {
1536
LogError("malloc of %zd bytes failed.", sizeof(TCPA_DIGEST));
1537
result = TSPERR(TSS_E_OUTOFMEMORY);
1538
goto done;
1539
}
1540
*size = sizeof(TCPA_DIGEST);
1541
info = (TCPA_PCR_INFO *)rsakey->tcpaKey.PCRInfo;
1542
offset = 0;
1543
Trspi_LoadBlob(&offset, sizeof(TCPA_DIGEST), *data,
1544
(BYTE *)&info->digestAtRelease);
1545
}
1546
1547
done:
1548
obj_list_put(&rsakey_list);
1549
1550
return result;
1551
}
1552
1553
TSS_RESULT
1554
obj_rsakey_get_pcr_selection(TSS_HKEY hKey, UINT32 *size, BYTE **data)
1555
{
1556
struct tsp_object *obj;
1557
struct tr_rsakey_obj *rsakey;
1558
TSS_RESULT result = TSS_SUCCESS;
1559
UINT64 offset;
1560
TCPA_PCR_INFO *info;
1561
1562
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1563
return TSPERR(TSS_E_INVALID_HANDLE);
1564
1565
rsakey = (struct tr_rsakey_obj *)obj->data;
1566
1567
if (rsakey->tcpaKey.PCRInfo == NULL) {
1568
*data = NULL;
1569
*size = 0;
1570
} else {
1571
info = (TCPA_PCR_INFO *)rsakey->tcpaKey.PCRInfo;
1572
offset = info->pcrSelection.sizeOfSelect;
1573
*data = calloc_tspi(obj->tspContext, offset);
1574
if (*data == NULL) {
1575
LogError("malloc of %" PRIu64 " bytes failed.", offset);
1576
result = TSPERR(TSS_E_OUTOFMEMORY);
1577
goto done;
1578
}
1579
*size = offset;
1580
memcpy(*data, &info->pcrSelection.pcrSelect, *size);
1581
}
1582
1583
done:
1584
obj_list_put(&rsakey_list);
1585
1586
return result;
1587
}
1588
1589
1590
/* Expect a TPM_PUBKEY as is explained in the portable data section of the spec */
1591
TSS_RESULT
1592
obj_rsakey_set_pubkey(TSS_HKEY hKey, UINT32 force, BYTE *data)
1593
{
1594
struct tsp_object *obj;
1595
struct tr_rsakey_obj *rsakey;
1596
TSS_RESULT result;
1597
UINT64 offset = 0;
1598
TCPA_PUBKEY pub;
1599
1600
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1601
return TSPERR(TSS_E_INVALID_HANDLE);
1602
1603
rsakey = (struct tr_rsakey_obj *)obj->data;
1604
1605
if (!force && (obj->flags & TSS_OBJ_FLAG_KEY_SET)) {
1606
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
1607
goto done;
1608
}
1609
1610
if ((result = Trspi_UnloadBlob_PUBKEY(&offset, data, &pub)))
1611
return result;
1612
1613
free(rsakey->tcpaKey.pubKey.key);
1614
free(rsakey->tcpaKey.algorithmParms.parms);
1615
1616
memcpy(&rsakey->tcpaKey.pubKey, &pub.pubKey, sizeof(TCPA_STORE_PUBKEY));
1617
memcpy(&rsakey->tcpaKey.algorithmParms, &pub.algorithmParms, sizeof(TCPA_KEY_PARMS));
1618
done:
1619
obj_list_put(&rsakey_list);
1620
1621
return result;
1622
}
1623
1624
TSS_RESULT
1625
obj_rsakey_set_privkey(TSS_HKEY hKey, UINT32 force, UINT32 size, BYTE *data)
1626
{
1627
struct tsp_object *obj;
1628
struct tr_rsakey_obj *rsakey;
1629
TSS_RESULT result = TSS_SUCCESS;
1630
void *to_free;
1631
1632
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1633
return TSPERR(TSS_E_INVALID_HANDLE);
1634
1635
if (!force && (obj->flags & TSS_OBJ_FLAG_KEY_SET)) {
1636
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
1637
goto done;
1638
}
1639
1640
rsakey = (struct tr_rsakey_obj *)obj->data;
1641
1642
to_free = rsakey->tcpaKey.encData;
1643
1644
rsakey->tcpaKey.encData = calloc(1, size);
1645
if (rsakey->tcpaKey.encData == NULL) {
1646
rsakey->tcpaKey.encData = to_free; // restore
1647
LogError("malloc of %u bytes failed.", size);
1648
result = TSPERR(TSS_E_OUTOFMEMORY);
1649
goto done;
1650
}
1651
1652
free(to_free);
1653
rsakey->tcpaKey.encSize = size;
1654
memcpy(rsakey->tcpaKey.encData, data, size);
1655
done:
1656
obj_list_put(&rsakey_list);
1657
1658
return result;
1659
}
1660
1661
TSS_RESULT
1662
obj_rsakey_set_pcr_data(TSS_HKEY hKey, TSS_HPCRS hPcrComposite)
1663
{
1664
struct tsp_object *obj;
1665
struct tr_rsakey_obj *rsakey;
1666
TSS_RESULT result = TSS_SUCCESS;
1667
TCPA_PCR_SELECTION pcrSelect;
1668
TCPA_PCRVALUE pcrComposite;
1669
BYTE pcrBlob[1024];
1670
UINT64 offset;
1671
void *to_free;
1672
1673
memset(pcrBlob, 0, sizeof(pcrBlob));
1674
1675
if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
1676
return TSPERR(TSS_E_INVALID_HANDLE);
1677
1678
if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
1679
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
1680
goto done;
1681
}
1682
1683
rsakey = (struct tr_rsakey_obj *)obj->data;
1684
1685
to_free = rsakey->tcpaKey.PCRInfo;
1686
1687
if ((result = obj_pcrs_get_composite(hPcrComposite, &pcrComposite)))
1688
goto done;
1689
1690
if ((result = obj_pcrs_get_selection(hPcrComposite, &pcrSelect)))
1691
goto done;
1692
1693
offset = 0;
1694
Trspi_LoadBlob_PCR_SELECTION(&offset, pcrBlob, &pcrSelect);
1695
memcpy(&pcrBlob[offset], &pcrComposite.digest, TCPA_SHA1_160_HASH_LEN);
1696
offset += TCPA_SHA1_160_HASH_LEN * 2; // skip over digestAtRelease
1697
1698
/* --- Stuff it into the key container */
1699
rsakey->tcpaKey.PCRInfo = calloc(1, offset);
1700
if (rsakey->tcpaKey.PCRInfo == NULL) {
1701
rsakey->tcpaKey.PCRInfo = to_free; // restore
1702
LogError("malloc of %" PRIu64 " bytes failed.", offset);
1703
result = TSPERR(TSS_E_OUTOFMEMORY);
1704
goto done;
1705
}
1706
/* free the info that may already be set */
1707
free(to_free);
1708
rsakey->tcpaKey.PCRInfoSize = offset;
1709
memcpy(rsakey->tcpaKey.PCRInfo, pcrBlob, offset);
1710
1711
done:
1712
obj_list_put(&rsakey_list);
1713
1714
return result;
1715
}
1716
1717
void
1718
rsakey_free(struct tr_rsakey_obj *rsakey)
1719
{
1720
free(rsakey->tcpaKey.algorithmParms.parms);
1721
free(rsakey->tcpaKey.encData);
1722
free(rsakey->tcpaKey.PCRInfo);
1723
free(rsakey->tcpaKey.pubKey.key);
1724
free(rsakey);
1725
}
1726
1727
/* Remove an individual rsakey object from the rsakey list with handle
1728
* equal to hObject. Clean up the TSP's key handle table. */
1729
TSS_RESULT
1730
obj_rsakey_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
1731
{
1732
struct tsp_object *obj, *prev = NULL;
1733
struct obj_list *list = &rsakey_list;
1734
TSS_RESULT result = TSPERR(TSS_E_INVALID_HANDLE);
1735
1736
pthread_mutex_lock(&list->lock);
1737
1738
for (obj = list->head; obj; prev = obj, obj = obj->next) {
1739
if (obj->handle == hObject) {
1740
/* validate tspContext */
1741
if (obj->tspContext != tspContext)
1742
break;
1743
1744
rsakey_free(obj->data);
1745
if (prev)
1746
prev->next = obj->next;
1747
else
1748
list->head = obj->next;
1749
free(obj);
1750
result = TSS_SUCCESS;
1751
break;
1752
}
1753
}
1754
1755
pthread_mutex_unlock(&list->lock);
1756
1757
return result;
1758
}
1759
1760
void
1761
obj_list_rsakey_close(struct obj_list *list, TSS_HCONTEXT tspContext)
1762
{
1763
struct tsp_object *index;
1764
struct tsp_object *next = NULL;
1765
struct tsp_object *toKill;
1766
struct tsp_object *prev = NULL;
1767
1768
pthread_mutex_lock(&list->lock);
1769
1770
for (index = list->head; index; ) {
1771
next = index->next;
1772
if (index->tspContext == tspContext) {
1773
toKill = index;
1774
if (prev == NULL) {
1775
list->head = toKill->next;
1776
} else {
1777
prev->next = toKill->next;
1778
}
1779
1780
rsakey_free(toKill->data);
1781
free(toKill);
1782
1783
index = next;
1784
} else {
1785
prev = index;
1786
index = next;
1787
}
1788
}
1789
1790
pthread_mutex_unlock(&list->lock);
1791
}
1792
1793
TSS_RESULT
1794
obj_rsakey_get_by_pub(UINT32 pub_size, BYTE *pub, TSS_HKEY *hKey)
1795
{
1796
struct obj_list *list = &rsakey_list;
1797
struct tsp_object *obj;
1798
struct tr_rsakey_obj *rsakey;
1799
TSS_RESULT result = TSS_SUCCESS;
1800
1801
pthread_mutex_lock(&list->lock);
1802
1803
for (obj = list->head; obj; obj = obj->next) {
1804
rsakey = (struct tr_rsakey_obj *)obj->data;
1805
1806
if (rsakey->tcpaKey.pubKey.keyLength == pub_size &&
1807
!memcmp(&rsakey->tcpaKey.pubKey.key, pub, pub_size)) {
1808
*hKey = obj->handle;
1809
goto done;
1810
}
1811
}
1812
1813
*hKey = 0;
1814
done:
1815
pthread_mutex_unlock(&list->lock);
1816
1817
return result;
1818
}
1819
1820
TSS_RESULT
1821
obj_rsakey_get_by_uuid(TSS_UUID *uuid, TSS_HKEY *hKey)
1822
{
1823
struct obj_list *list = &rsakey_list;
1824
struct tsp_object *obj;
1825
struct tr_rsakey_obj *rsakey;
1826
TSS_RESULT result = TSS_SUCCESS;
1827
1828
pthread_mutex_lock(&list->lock);
1829
1830
for (obj = list->head; obj; obj = obj->next) {
1831
rsakey = (struct tr_rsakey_obj *)obj->data;
1832
1833
if (!memcmp(&rsakey->uuid, uuid, sizeof(TSS_UUID))) {
1834
*hKey = obj->handle;
1835
goto done;
1836
}
1837
}
1838
1839
result = TSPERR(TSS_E_PS_KEY_NOTFOUND);
1840
done:
1841
pthread_mutex_unlock(&list->lock);
1842
1843
return result;
1844
}
1845
1846
void
1847
obj_rsakey_remove_policy_refs(TSS_HPOLICY hPolicy, TSS_HCONTEXT tspContext)
1848
{
1849
struct tsp_object *obj, *prev = NULL;
1850
struct obj_list *list = &rsakey_list;
1851
struct tr_rsakey_obj *rsakey;
1852
1853
pthread_mutex_lock(&list->lock);
1854
1855
for (obj = list->head; obj; prev = obj, obj = obj->next) {
1856
if (obj->tspContext != tspContext)
1857
continue;
1858
1859
rsakey = (struct tr_rsakey_obj *)obj->data;
1860
if (rsakey->usagePolicy == hPolicy)
1861
rsakey->usagePolicy = NULL_HPOLICY;
1862
1863
if (rsakey->migPolicy == hPolicy)
1864
rsakey->migPolicy = NULL_HPOLICY;
1865
}
1866
1867
pthread_mutex_unlock(&list->lock);
1868
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.1