1 
2 /*
3  * Licensed Materials - Property of IBM
4  *
5  * trousers - An open source TCG Software Stack
6  *
7  * (C) Copyright International Business Machines Corp. 2007
8  *
9  */
10 
11 
12 #include <stdlib.h>
13 #include <string.h>
14 
15 #include "trousers/tss.h"
16 #include "trousers/trousers.h"
17 #include "trousers_types.h"
18 #include "spi_utils.h"
19 #include "capabilities.h"
20 #include "tsplog.h"
21 #include "obj.h"
22 
23 
24 #ifdef TSS_BUILD_TRANSPORT
25 TSS_RESULT
Transport_GetCapabilityOwner(TSS_HCONTEXT tspContext,TPM_AUTH * pOwnerAuth,TCPA_VERSION * pVersion,UINT32 * pNonVolatileFlags,UINT32 * pVolatileFlags)26 Transport_GetCapabilityOwner(TSS_HCONTEXT tspContext,      /* in */
27                                    TPM_AUTH * pOwnerAuth,        /* in/out */
28                                    TCPA_VERSION * pVersion,      /* out */
29                                    UINT32 * pNonVolatileFlags,   /* out */
30                                    UINT32 * pVolatileFlags)      /* out */
31 {
32           UINT64 offset;
33           TSS_RESULT result;
34           UINT32 handlesLen = 0, decLen;
35           BYTE *dec;
36 
37           if ((result = obj_context_transport_init(tspContext)))
38                     return result;
39 
40           LogDebugFn("Executing in a transport session");
41 
42           if ((result = obj_context_transport_execute(tspContext, TPM_ORD_GetCapabilityOwner, 0, NULL,
43                                                                 NULL, &handlesLen, NULL, pOwnerAuth, NULL,
44                                                                 &decLen, &dec)))
45                     return result;
46 
47           offset = 0;
48           Trspi_UnloadBlob_TCPA_VERSION(&offset, dec, pVersion);
49           Trspi_UnloadBlob_UINT32(&offset, pNonVolatileFlags, dec);
50           Trspi_UnloadBlob_UINT32(&offset, pVolatileFlags, dec);
51 
52           free(dec);
53 
54           return result;
55 }
56 
57 TSS_RESULT
Transport_SetOwnerInstall(TSS_HCONTEXT tspContext,TSS_BOOL state)58 Transport_SetOwnerInstall(TSS_HCONTEXT tspContext, /* in */
59                                 TSS_BOOL state)  /* in */
60 {
61           TSS_RESULT result;
62           UINT32 handlesLen = 0;
63 
64           if ((result = obj_context_transport_init(tspContext)))
65                     return result;
66 
67           LogDebugFn("Executing in a transport session");
68 
69           result = obj_context_transport_execute(tspContext, TPM_ORD_SetOwnerInstall,
70                                                          sizeof(TSS_BOOL), (BYTE *)&state, NULL, &handlesLen,
71                                                          NULL, NULL, NULL, NULL, NULL);
72 
73           return result;
74 }
75 
76 TSS_RESULT
Transport_DisableOwnerClear(TSS_HCONTEXT tspContext,TPM_AUTH * ownerAuth)77 Transport_DisableOwnerClear(TSS_HCONTEXT tspContext,       /* in */
78                                   TPM_AUTH * ownerAuth)  /* in, out */
79 {
80           TSS_RESULT result;
81           UINT32 handlesLen = 0;
82 
83           if ((result = obj_context_transport_init(tspContext)))
84                     return result;
85 
86           LogDebugFn("Executing in a transport session");
87 
88           result = obj_context_transport_execute(tspContext, TPM_ORD_DisableOwnerClear, 0, NULL, NULL,
89                                                          &handlesLen, NULL, ownerAuth, NULL, NULL, NULL);
90 
91           return result;
92 }
93 
94 TSS_RESULT
Transport_DisableForceClear(TSS_HCONTEXT tspContext)95 Transport_DisableForceClear(TSS_HCONTEXT tspContext)       /* in */
96 {
97           TSS_RESULT result;
98           UINT32 handlesLen = 0;
99 
100           if ((result = obj_context_transport_init(tspContext)))
101                     return result;
102 
103           LogDebugFn("Executing in a transport session");
104 
105           result = obj_context_transport_execute(tspContext, TPM_ORD_DisableForceClear, 0, NULL, NULL,
106                                                          &handlesLen, NULL, NULL, NULL, NULL, NULL);
107 
108           return result;
109 }
110 
111 TSS_RESULT
Transport_OwnerSetDisable(TSS_HCONTEXT tspContext,TSS_BOOL disableState,TPM_AUTH * ownerAuth)112 Transport_OwnerSetDisable(TSS_HCONTEXT tspContext, /* in */
113                                 TSS_BOOL disableState,   /* in */
114                                 TPM_AUTH * ownerAuth)    /* in, out */
115 {
116           TSS_RESULT result;
117           UINT32 handlesLen = 0;
118 
119           if ((result = obj_context_transport_init(tspContext)))
120                     return result;
121 
122           LogDebugFn("Executing in a transport session");
123 
124           result = obj_context_transport_execute(tspContext, TPM_ORD_OwnerSetDisable,
125                                                          sizeof(TSS_BOOL), (BYTE *)&disableState, NULL,
126                                                          &handlesLen, NULL, ownerAuth, NULL, NULL, NULL);
127 
128           return result;
129 }
130 
131 TSS_RESULT
Transport_PhysicalDisable(TSS_HCONTEXT tspContext)132 Transport_PhysicalDisable(TSS_HCONTEXT tspContext) /* in */
133 {
134           TSS_RESULT result;
135           UINT32 handlesLen = 0;
136 
137           if ((result = obj_context_transport_init(tspContext)))
138                     return result;
139 
140           LogDebugFn("Executing in a transport session");
141 
142           result = obj_context_transport_execute(tspContext, TPM_ORD_PhysicalDisable, 0, NULL, NULL,
143                                                          &handlesLen, NULL, NULL, NULL, NULL, NULL);
144 
145           return result;
146 }
147 
148 TSS_RESULT
Transport_PhysicalEnable(TSS_HCONTEXT tspContext)149 Transport_PhysicalEnable(TSS_HCONTEXT tspContext)  /* in */
150 {
151           TSS_RESULT result;
152           UINT32 handlesLen = 0;
153 
154           if ((result = obj_context_transport_init(tspContext)))
155                     return result;
156 
157           LogDebugFn("Executing in a transport session");
158 
159           result = obj_context_transport_execute(tspContext, TPM_ORD_PhysicalEnable, 0, NULL, NULL,
160                                                          &handlesLen, NULL, NULL, NULL, NULL, NULL);
161 
162           return result;
163 }
164 
165 TSS_RESULT
Transport_PhysicalSetDeactivated(TSS_HCONTEXT tspContext,TSS_BOOL state)166 Transport_PhysicalSetDeactivated(TSS_HCONTEXT tspContext,  /* in */
167                                          TSS_BOOL state)   /* in */
168 {
169           TSS_RESULT result;
170           UINT32 handlesLen = 0;
171 
172           if ((result = obj_context_transport_init(tspContext)))
173                     return result;
174 
175           LogDebugFn("Executing in a transport session");
176 
177           result = obj_context_transport_execute(tspContext, TPM_ORD_PhysicalSetDeactivated,
178                                                          sizeof(TSS_BOOL), (BYTE *)&state, NULL, &handlesLen,
179                                                          NULL, NULL, NULL, NULL, NULL);
180 
181           return result;
182 }
183 
184 TSS_RESULT
Transport_SetTempDeactivated(TSS_HCONTEXT tspContext)185 Transport_SetTempDeactivated(TSS_HCONTEXT tspContext)      /* in */
186 {
187           TSS_RESULT result;
188           UINT32 handlesLen = 0;
189 
190           if ((result = obj_context_transport_init(tspContext)))
191                     return result;
192 
193           LogDebugFn("Executing in a transport session");
194 
195           result = obj_context_transport_execute(tspContext, TPM_ORD_SetTempDeactivated, 0, NULL,
196                                                          NULL, &handlesLen, NULL, NULL, NULL, NULL, NULL);
197 
198           return result;
199 }
200 
201 TSS_RESULT
Transport_SetTempDeactivated2(TSS_HCONTEXT tspContext,TPM_AUTH * operatorAuth)202 Transport_SetTempDeactivated2(TSS_HCONTEXT tspContext,     /* in */
203                                     TPM_AUTH *operatorAuth)      /* in, out */
204 {
205           TSS_RESULT result;
206           UINT32 handlesLen = 0;
207 
208           if ((result = obj_context_transport_init(tspContext)))
209                     return result;
210 
211           LogDebugFn("Executing in a transport session");
212 
213           result = obj_context_transport_execute(tspContext, TPM_ORD_SetTempDeactivated, 0, NULL,
214                                                          NULL, &handlesLen, NULL, operatorAuth, NULL, NULL,
215                                                          NULL);
216 
217           return result;
218 }
219 
220 TSS_RESULT
Transport_DisablePubekRead(TSS_HCONTEXT tspContext,TPM_AUTH * ownerAuth)221 Transport_DisablePubekRead(TSS_HCONTEXT tspContext,        /* in */
222                                  TPM_AUTH * ownerAuth)   /* in, out */
223 {
224           TSS_RESULT result;
225           UINT32 handlesLen = 0;
226 
227           if ((result = obj_context_transport_init(tspContext)))
228                     return result;
229 
230           LogDebugFn("Executing in a transport session");
231 
232           result = obj_context_transport_execute(tspContext, TPM_ORD_DisablePubekRead, 0, NULL, NULL,
233                                                          &handlesLen, NULL, ownerAuth, NULL, NULL, NULL);
234 
235           return result;
236 }
237 
238 TSS_RESULT
Transport_ResetLockValue(TSS_HCONTEXT tspContext,TPM_AUTH * ownerAuth)239 Transport_ResetLockValue(TSS_HCONTEXT tspContext,  /* in */
240                                TPM_AUTH * ownerAuth)     /* in, out */
241 {
242           TSS_RESULT result;
243           UINT32 handlesLen = 0;
244 
245           if ((result = obj_context_transport_init(tspContext)))
246                     return result;
247 
248           LogDebugFn("Executing in a transport session");
249 
250           result = obj_context_transport_execute(tspContext, TPM_ORD_ResetLockValue, 0, NULL, NULL,
251                                                          &handlesLen, NULL, ownerAuth, NULL, NULL, NULL);
252 
253           return result;
254 }
255 
256 TSS_RESULT
Transport_PhysicalPresence(TSS_HCONTEXT tspContext,TCPA_PHYSICAL_PRESENCE fPhysicalPresence)257 Transport_PhysicalPresence(TSS_HCONTEXT tspContext,        /* in */
258                                  TCPA_PHYSICAL_PRESENCE fPhysicalPresence)       /* in */
259 {
260           TSS_RESULT result;
261           UINT32 handlesLen = 0;
262 
263           if ((result = obj_context_transport_init(tspContext)))
264                     return result;
265 
266           LogDebugFn("Executing in a transport session");
267 
268           result = obj_context_transport_execute(tspContext, TSC_ORD_PhysicalPresence,
269                                                          sizeof(TCPA_PHYSICAL_PRESENCE),
270                                                          (BYTE *)&fPhysicalPresence, NULL, &handlesLen, NULL,
271                                                          NULL, NULL, NULL, NULL);
272 
273           return result;
274 }
275 
276 TSS_RESULT
Transport_FlushSpecific(TSS_HCONTEXT tspContext,TCS_HANDLE hResHandle,TPM_RESOURCE_TYPE resourceType)277 Transport_FlushSpecific(TSS_HCONTEXT tspContext, /* in */
278                               TCS_HANDLE hResHandle, /* in */
279                               TPM_RESOURCE_TYPE resourceType) /* in */
280 {
281           UINT64 offset;
282           TSS_RESULT result;
283           UINT32 handlesLen = 1;
284           TCS_HANDLE *handles, handle;
285           BYTE data[sizeof(UINT32)];
286 
287           if ((result = obj_context_transport_init(tspContext)))
288                     return result;
289 
290           LogDebugFn("Executing in a transport session");
291 
292           handle = hResHandle;
293           handles = &handle;
294 
295           offset = 0;
296           Trspi_LoadBlob_UINT32(&offset, resourceType, data);
297 
298           result = obj_context_transport_execute(tspContext, TPM_ORD_FlushSpecific, sizeof(data),
299                                                          data, NULL, &handlesLen, &handles, NULL, NULL, NULL,
300                                                          NULL);
301 
302           return result;
303 }
304 #endif
305 
306