1 
2 /*
3  * Licensed Materials - Property of IBM
4  *
5  * trousers - An open source TCG Software Stack
6  *
7  * (C) Copyright International Business Machines Corp. 2007
8  *
9  */
10 
11 
12 #include <stdlib.h>
13 #include <string.h>
14 #include <limits.h>
15 
16 #include "trousers/tss.h"
17 #include "trousers/trousers.h"
18 #include "trousers_types.h"
19 #include "spi_utils.h"
20 #include "capabilities.h"
21 #include "tsplog.h"
22 #include "obj.h"
23 
24 
25 #ifdef TSS_BUILD_TRANSPORT
26 TSS_RESULT
Transport_ActivateTPMIdentity(TSS_HCONTEXT tspContext,TCS_KEY_HANDLE idKey,UINT32 blobSize,BYTE * blob,TPM_AUTH * idKeyAuth,TPM_AUTH * ownerAuth,UINT32 * SymmetricKeySize,BYTE ** SymmetricKey)27 Transport_ActivateTPMIdentity(TSS_HCONTEXT tspContext,
28                                     TCS_KEY_HANDLE idKey,        /* in */
29                                     UINT32 blobSize,     /* in */
30                                     BYTE * blob, /* in */
31                                     TPM_AUTH * idKeyAuth,        /* in, out */
32                                     TPM_AUTH * ownerAuth,        /* in, out */
33                                     UINT32 * SymmetricKeySize,   /* out */
34                                     BYTE ** SymmetricKey)        /* out */
35 {
36           TSS_RESULT result;
37           UINT32 handlesLen, decLen;
38           TCS_HANDLE *handles, handle;
39           TPM_DIGEST pubKeyHash;
40           Trspi_HashCtx hashCtx;
41           BYTE *dec;
42 
43           if ((result = obj_context_transport_init(tspContext)))
44                     return result;
45 
46           LogDebugFn("Executing in a transport session");
47 
48           if ((result = obj_tcskey_get_pubkeyhash(idKey, pubKeyHash.digest)))
49                     return result;
50 
51           result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
52           result |= Trspi_Hash_DIGEST(&hashCtx, pubKeyHash.digest);
53           if ((result |= Trspi_HashFinal(&hashCtx, pubKeyHash.digest)))
54                     return result;
55 
56           handlesLen = 1;
57           handle = idKey;
58           handles = &handle;
59 
60           if ((result = obj_context_transport_execute(tspContext, TPM_ORD_ActivateIdentity, blobSize,
61                                                                 blob, &pubKeyHash, &handlesLen, &handles,
62                                                                 idKeyAuth, ownerAuth, &decLen, &dec)))
63                     return result;
64 
65           *SymmetricKeySize = decLen;
66           *SymmetricKey = dec;
67 
68           return result;
69 }
70 
71 TSS_RESULT
Transport_MakeIdentity2(TSS_HCONTEXT tspContext,TCPA_ENCAUTH identityAuth,TCPA_CHOSENID_HASH IDLabel_PrivCAHash,UINT32 idKeyInfoSize,BYTE * idKeyInfo,TPM_AUTH * pSrkAuth,TPM_AUTH * pOwnerAuth,UINT32 * idKeySize,BYTE ** idKey,UINT32 * pcIdentityBindingSize,BYTE ** prgbIdentityBinding)72 Transport_MakeIdentity2(TSS_HCONTEXT tspContext,
73                               TCPA_ENCAUTH identityAuth, /* in */
74                               TCPA_CHOSENID_HASH IDLabel_PrivCAHash,     /* in */
75                               UINT32 idKeyInfoSize,      /* in */
76                               BYTE * idKeyInfo,  /* in */
77                               TPM_AUTH * pSrkAuth,       /* in, out */
78                               TPM_AUTH * pOwnerAuth,     /* in, out */
79                               UINT32 * idKeySize,        /* out */
80                               BYTE ** idKey,     /* out */
81                               UINT32 * pcIdentityBindingSize,    /* out */
82                               BYTE ** prgbIdentityBinding)       /* out */
83 {
84           UINT64 offset;
85           TSS_RESULT result;
86           UINT32 handlesLen = 0, decLen, dataLen;
87           BYTE *dec, *data;
88 
89           if ((result = obj_context_transport_init(tspContext)))
90                     return result;
91 
92           LogDebugFn("Executing in a transport session");
93 
94           dataLen = sizeof(TCPA_ENCAUTH) + sizeof(TCPA_CHOSENID_HASH) + idKeyInfoSize;
95           if ((data = malloc(dataLen)) == NULL) {
96                     LogError("malloc of %u bytes failed", dataLen);
97                     return TSPERR(TSS_E_OUTOFMEMORY);
98           }
99 
100           offset = 0;
101           Trspi_LoadBlob(&offset, sizeof(TCPA_ENCAUTH), data, identityAuth.authdata);
102           Trspi_LoadBlob(&offset, sizeof(TCPA_CHOSENID_HASH), data, IDLabel_PrivCAHash.digest);
103           Trspi_LoadBlob(&offset, idKeyInfoSize, data, idKeyInfo);
104 
105           if ((result = obj_context_transport_execute(tspContext, TPM_ORD_MakeIdentity, dataLen,
106                                                                 data, NULL, &handlesLen, NULL, pSrkAuth,
107                                                                 pOwnerAuth, &decLen, &dec))) {
108                     free(data);
109                     return result;
110           }
111           free(data);
112 
113           offset = 0;
114           UnloadBlob_TSS_KEY(&offset, dec, NULL);
115           *idKeySize = offset;
116 
117           if ((*idKey = malloc(*idKeySize)) == NULL) {
118                     free(dec);
119                     LogError("malloc of %u bytes failed", *idKeySize);
120                     *idKeySize = 0;
121                     return TSPERR(TSS_E_OUTOFMEMORY);
122           }
123 
124           offset = 0;
125           Trspi_UnloadBlob(&offset, *idKeySize, dec, *idKey);
126 
127           Trspi_UnloadBlob_UINT32(&offset, pcIdentityBindingSize, dec);
128           if ((*prgbIdentityBinding = malloc(*pcIdentityBindingSize)) == NULL) {
129                     free(dec);
130                     free(*idKey);
131                     *idKey = NULL;
132                     *idKeySize = 0;
133                     LogError("malloc of %u bytes failed", *pcIdentityBindingSize);
134                     *pcIdentityBindingSize = 0;
135                     return TSPERR(TSS_E_OUTOFMEMORY);
136           }
137           Trspi_UnloadBlob(&offset, *pcIdentityBindingSize, dec, *prgbIdentityBinding);
138           free(dec);
139 
140           return result;
141 }
142 #endif
143 
144