# HG changeset patch
# User kaf24@xxxxxxxxxxxxxxxxxxxx
# Node ID 3399f4b9396a907890d2bc86e0b918d1ac7d7ab6
# Parent d963256dc3e0e823f1bf1842d5c4b83d698df1b9
Removes the carriage returns from some of the vtpm
source files that were edited in windows at some point.
Signed-off-by: Vinnie Scarlata <vincent.r.scarlata@xxxxxxxxx>
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/crypto/Makefile
--- a/tools/vtpm_manager/crypto/Makefile Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/crypto/Makefile Wed Nov 30 11:07:28 2005
@@ -1,19 +1,19 @@
-XEN_ROOT = ../../..
-include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
-
-BIN = libtcpaCrypto.a
-
-all: build
-
-build: $(BIN)
-
-install: build
-
-clean:
- rm -f *.a *.so *.o *.rpm $(DEP_FILES)
-
-mrproper: clean
- rm -f *~
-
-$(BIN): $(OBJS)
- $(AR) rcs $(BIN) $(OBJS)
+XEN_ROOT = ../../..
+include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
+
+BIN = libtcpaCrypto.a
+
+all: build
+
+build: $(BIN)
+
+install: build
+
+clean:
+ rm -f *.a *.so *.o *.rpm $(DEP_FILES)
+
+mrproper: clean
+ rm -f *~
+
+$(BIN): $(OBJS)
+ $(AR) rcs $(BIN) $(OBJS)
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/Makefile
--- a/tools/vtpm_manager/manager/Makefile Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/manager/Makefile Wed Nov 30 11:07:28 2005
@@ -1,27 +1,27 @@
-XEN_ROOT = ../../..
-include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
-
-BIN = vtpm_managerd
-
-all: build
-
-build: $(BIN)
-
-install: build
- if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \
- then mkdir -p $(DESTDIR)/var/vtpm/fifos; \
- fi
- $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
-
-clean:
- rm -f *.a *.so *.o *.rpm $(DEP_FILES)
-
-mrproper: clean
- rm -f $(BIN) *~
-
-$(BIN): $(OBJS)
- $(CC) $(LDFLAGS) $^ $(LIBS) -o $@
-
-# libraries
-LIBS += ../tcs/libTCS.a ../util/libTCGUtils.a ../crypto/libtcpaCrypto.a
-LIBS += -lcrypto -lpthread -lrt -lm
+XEN_ROOT = ../../..
+include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
+
+BIN = vtpm_managerd
+
+all: build
+
+build: $(BIN)
+
+install: build
+ if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \
+ then mkdir -p $(DESTDIR)/var/vtpm/fifos; \
+ fi
+ $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
+
+clean:
+ rm -f *.a *.so *.o *.rpm $(DEP_FILES)
+
+mrproper: clean
+ rm -f $(BIN) *~
+
+$(BIN): $(OBJS)
+ $(CC) $(LDFLAGS) $^ $(LIBS) -o $@
+
+# libraries
+LIBS += ../tcs/libTCS.a ../util/libTCGUtils.a ../crypto/libtcpaCrypto.a
+LIBS += -lcrypto -lpthread -lrt -lm
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/tpmpassthrough.c
--- a/tools/vtpm_manager/manager/tpmpassthrough.c Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/manager/tpmpassthrough.c Wed Nov 30 11:07:28 2005
@@ -1,110 +1,110 @@
-// ===================================================================
-//
-// Copyright (c) 2005, Intel Corp.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions
-// are met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following
-// disclaimer in the documentation and/or other materials provided
-// with the distribution.
-// * Neither the name of Intel Corporation nor the names of its
-// contributors may be used to endorse or promote products derived
-// from this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-// OF THE POSSIBILITY OF SUCH DAMAGE.
-// ===================================================================
-//
-// tpmpassthrough.c
-//
-// Functions regarding passing DMI requests to HWTPM
-//
-// ==================================================================
-
-#include "tcg.h"
-#include "vtpm_manager.h"
-#include "vtpmpriv.h"
-#include "vtsp.h"
-#include "log.h"
-
-TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi,
- buffer_t *inbuf,
- buffer_t *outbuf) {
-
- TPM_RESULT status = TPM_SUCCESS;
- TPM_COMMAND_CODE *ord;
-
- ord = (TPM_COMMAND_CODE *) (inbuf->bytes + sizeof(TPM_TAG) + sizeof(UINT32));
-
- switch (*ord) {
-
- // Forbidden for DMI use
- case TPM_ORD_TakeOwnership:
- case TPM_ORD_ChangeAuthOwner:
- case TPM_ORD_DirWriteAuth:
- case TPM_ORD_DirRead:
- case TPM_ORD_AuthorizeMigrationKey:
- case TPM_ORD_CreateMaintenanceArchive:
- case TPM_ORD_LoadMaintenanceArchive:
- case TPM_ORD_KillMaintenanceFeature:
- case TPM_ORD_LoadManuMaintPub:
- case TPM_ORD_ReadManuMaintPub:
- case TPM_ORD_SelfTestFull:
- case TPM_ORD_SelfTestStartup:
- case TPM_ORD_CertifySelfTest:
- case TPM_ORD_ContinueSelfTest:
- case TPM_ORD_GetTestResult:
- case TPM_ORD_Reset:
- case TPM_ORD_OwnerClear:
- case TPM_ORD_DisableOwnerClear:
- case TPM_ORD_ForceClear:
- case TPM_ORD_DisableForceClear:
- case TPM_ORD_GetCapabilityOwner:
- case TPM_ORD_OwnerSetDisable:
- case TPM_ORD_PhysicalEnable:
- case TPM_ORD_PhysicalDisable:
- case TPM_ORD_SetOwnerInstall:
- case TPM_ORD_PhysicalSetDeactivated:
- case TPM_ORD_SetTempDeactivated:
- case TPM_ORD_CreateEndorsementKeyPair:
- case TPM_ORD_GetAuditEvent:
- case TPM_ORD_GetAuditEventSigned:
- case TPM_ORD_GetOrdinalAuditStatus:
- case TPM_ORD_SetOrdinalAuditStatus:
- case TPM_ORD_SetRedirection:
- case TPM_ORD_FieldUpgrade:
- case TSC_ORD_PhysicalPresence:
- status = TPM_DISABLED_CMD;
- goto abort_egress;
- break;
-
- } // End ORD Switch
-
- // Call TCS with command
-
- TPMTRY(TPM_IOERROR, VTSP_RawTransmit( dmi->TCSContext,inbuf, outbuf) );
-
- goto egress;
-
- abort_egress:
- vtpmloginfo(VTPM_LOG_VTPM, "TPM Command Failed in tpmpassthrough.\n");
- egress:
-
- return status;
-}
+// ===================================================================
+//
+// Copyright (c) 2005, Intel Corp.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Intel Corporation nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+// OF THE POSSIBILITY OF SUCH DAMAGE.
+// ===================================================================
+//
+// tpmpassthrough.c
+//
+// Functions regarding passing DMI requests to HWTPM
+//
+// ==================================================================
+
+#include "tcg.h"
+#include "vtpm_manager.h"
+#include "vtpmpriv.h"
+#include "vtsp.h"
+#include "log.h"
+
+TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi,
+ buffer_t *inbuf,
+ buffer_t *outbuf) {
+
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE *ord;
+
+ ord = (TPM_COMMAND_CODE *) (inbuf->bytes + sizeof(TPM_TAG) + sizeof(UINT32));
+
+ switch (*ord) {
+
+ // Forbidden for DMI use
+ case TPM_ORD_TakeOwnership:
+ case TPM_ORD_ChangeAuthOwner:
+ case TPM_ORD_DirWriteAuth:
+ case TPM_ORD_DirRead:
+ case TPM_ORD_AuthorizeMigrationKey:
+ case TPM_ORD_CreateMaintenanceArchive:
+ case TPM_ORD_LoadMaintenanceArchive:
+ case TPM_ORD_KillMaintenanceFeature:
+ case TPM_ORD_LoadManuMaintPub:
+ case TPM_ORD_ReadManuMaintPub:
+ case TPM_ORD_SelfTestFull:
+ case TPM_ORD_SelfTestStartup:
+ case TPM_ORD_CertifySelfTest:
+ case TPM_ORD_ContinueSelfTest:
+ case TPM_ORD_GetTestResult:
+ case TPM_ORD_Reset:
+ case TPM_ORD_OwnerClear:
+ case TPM_ORD_DisableOwnerClear:
+ case TPM_ORD_ForceClear:
+ case TPM_ORD_DisableForceClear:
+ case TPM_ORD_GetCapabilityOwner:
+ case TPM_ORD_OwnerSetDisable:
+ case TPM_ORD_PhysicalEnable:
+ case TPM_ORD_PhysicalDisable:
+ case TPM_ORD_SetOwnerInstall:
+ case TPM_ORD_PhysicalSetDeactivated:
+ case TPM_ORD_SetTempDeactivated:
+ case TPM_ORD_CreateEndorsementKeyPair:
+ case TPM_ORD_GetAuditEvent:
+ case TPM_ORD_GetAuditEventSigned:
+ case TPM_ORD_GetOrdinalAuditStatus:
+ case TPM_ORD_SetOrdinalAuditStatus:
+ case TPM_ORD_SetRedirection:
+ case TPM_ORD_FieldUpgrade:
+ case TSC_ORD_PhysicalPresence:
+ status = TPM_DISABLED_CMD;
+ goto abort_egress;
+ break;
+
+ } // End ORD Switch
+
+ // Call TCS with command
+
+ TPMTRY(TPM_IOERROR, VTSP_RawTransmit( dmi->TCSContext,inbuf, outbuf) );
+
+ goto egress;
+
+ abort_egress:
+ vtpmloginfo(VTPM_LOG_VTPM, "TPM Command Failed in tpmpassthrough.\n");
+ egress:
+
+ return status;
+}
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtpm_manager.h
--- a/tools/vtpm_manager/manager/vtpm_manager.h Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/manager/vtpm_manager.h Wed Nov 30 11:07:28 2005
@@ -1,137 +1,137 @@
-// ===================================================================
-//
-// Copyright (c) 2005, Intel Corp.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions
-// are met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following
-// disclaimer in the documentation and/or other materials provided
-// with the distribution.
-// * Neither the name of Intel Corporation nor the names of its
-// contributors may be used to endorse or promote products derived
-// from this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-// OF THE POSSIBILITY OF SUCH DAMAGE.
-// ===================================================================
-//
-// vtpm_manager.h
-//
-// Public Interface header for VTPM Manager
-//
-// ==================================================================
-
-#ifndef __VTPM_MANAGER_H__
-#define __VTPM_MANAGER_H__
-
-#include "tcg.h"
-
-#define VTPM_TAG_REQ 0x01c1
-#define VTPM_TAG_RSP 0x01c4
-#define COMMAND_BUFFER_SIZE 4096
-
-// Header sizes. Note Header MAY include the DMI
-#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) +
sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
-#define VTPM_COMMAND_HEADER_SIZE_CLT ( sizeof(TPM_TAG) +
sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
-
-// ********************** Public Functions *************************
-TPM_RESULT VTPM_Init_Service(); // Start VTPM Service
-void VTPM_Stop_Service(); // Stop VTPM Service
-#ifdef VTPM_MULTI_VM
-int VTPM_Service_Handler();
-#else
-void *VTPM_Service_Handler(void *threadTypePtr);
-#endif
-
-//************************ Command Codes ****************************
-#define VTPM_ORD_OPEN 1 // ULM Creates New DMI
-#define VTPM_ORD_CLOSE 2 // ULM Closes a DMI
-#define VTPM_ORD_DELETE 3 // ULM Permemently Deletes DMI
-#define VTPM_ORD_SAVENVM 4 // DMI requests Secrets Unseal
-#define VTPM_ORD_LOADNVM 5 // DMI requests Secrets Saved
-#define VTPM_ORD_TPMCOMMAND 6 // DMI issues HW TPM Command
-
-//************************ Return Codes ****************************
-#define VTPM_SUCCESS 0
-#define VTPM_FAIL 1
-#define VTPM_UNSUPPORTED 2
-#define VTPM_FORBIDDEN 3
-#define VTPM_RESTORE_CONTEXT_FAILED 4
-#define VTPM_INVALID_REQUEST 5
-
-/******************* Command Parameter API *************************
-
-VTPM Command Format
- dmi: 4 bytes // Source of message.
- // WARNING: This is prepended by the channel.
- // Thus it is received by VTPM Manager,
- // but not sent by DMI
- tpm tag: 2 bytes
- command size: 4 bytes // Size of command including header but not DMI
- ord: 4 bytes // Command ordinal above
- parameters: size - 10 bytes // Command Parameter
-
-VTPM Response Format
- tpm tag: 2 bytes
- response_size: 4 bytes
- status: 4 bytes
- parameters: size - 10 bytes
-
-
-VTPM_Open:
- Input Parameters:
- Domain_type: 1 byte
- domain_id: 4 bytes
- instance_id: 4 bytes
- Output Parameters:
- None
-
-VTPM_Close
- Input Parameters:
- instance_id: 4 bytes
- Output Parameters:
- None
-
-VTPM_Delete
- Input Parameters:
- instance_id: 4 bytes
- Output Parameters:
- None
-
-VTPM_SaveNVM
- Input Parameters:
- data: n bytes (Header indicates size of data)
- Output Parameters:
- None
-
-VTPM_LoadNVM
- Input Parameters:
- None
- Output Parameters:
- data: n bytes (Header indicates size of data)
-
-VTPM_TPMCommand
- Input Parameters:
- TPM Command Byte Stream: n bytes
- Output Parameters:
- TPM Reponse Byte Stream: n bytes
-
-*********************************************************************/
-
-#endif //_VTPM_MANAGER_H_
+// ===================================================================
+//
+// Copyright (c) 2005, Intel Corp.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Intel Corporation nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+// OF THE POSSIBILITY OF SUCH DAMAGE.
+// ===================================================================
+//
+// vtpm_manager.h
+//
+// Public Interface header for VTPM Manager
+//
+// ==================================================================
+
+#ifndef __VTPM_MANAGER_H__
+#define __VTPM_MANAGER_H__
+
+#include "tcg.h"
+
+#define VTPM_TAG_REQ 0x01c1
+#define VTPM_TAG_RSP 0x01c4
+#define COMMAND_BUFFER_SIZE 4096
+
+// Header sizes. Note Header MAY include the DMI
+#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) +
sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
+#define VTPM_COMMAND_HEADER_SIZE_CLT ( sizeof(TPM_TAG) +
sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
+
+// ********************** Public Functions *************************
+TPM_RESULT VTPM_Init_Service(); // Start VTPM Service
+void VTPM_Stop_Service(); // Stop VTPM Service
+#ifdef VTPM_MULTI_VM
+int VTPM_Service_Handler();
+#else
+void *VTPM_Service_Handler(void *threadTypePtr);
+#endif
+
+//************************ Command Codes ****************************
+#define VTPM_ORD_OPEN 1 // ULM Creates New DMI
+#define VTPM_ORD_CLOSE 2 // ULM Closes a DMI
+#define VTPM_ORD_DELETE 3 // ULM Permemently Deletes DMI
+#define VTPM_ORD_SAVENVM 4 // DMI requests Secrets Unseal
+#define VTPM_ORD_LOADNVM 5 // DMI requests Secrets Saved
+#define VTPM_ORD_TPMCOMMAND 6 // DMI issues HW TPM Command
+
+//************************ Return Codes ****************************
+#define VTPM_SUCCESS 0
+#define VTPM_FAIL 1
+#define VTPM_UNSUPPORTED 2
+#define VTPM_FORBIDDEN 3
+#define VTPM_RESTORE_CONTEXT_FAILED 4
+#define VTPM_INVALID_REQUEST 5
+
+/******************* Command Parameter API *************************
+
+VTPM Command Format
+ dmi: 4 bytes // Source of message.
+ // WARNING: This is prepended by the channel.
+ // Thus it is received by VTPM Manager,
+ // but not sent by DMI
+ tpm tag: 2 bytes
+ command size: 4 bytes // Size of command including header but not DMI
+ ord: 4 bytes // Command ordinal above
+ parameters: size - 10 bytes // Command Parameter
+
+VTPM Response Format
+ tpm tag: 2 bytes
+ response_size: 4 bytes
+ status: 4 bytes
+ parameters: size - 10 bytes
+
+
+VTPM_Open:
+ Input Parameters:
+ Domain_type: 1 byte
+ domain_id: 4 bytes
+ instance_id: 4 bytes
+ Output Parameters:
+ None
+
+VTPM_Close
+ Input Parameters:
+ instance_id: 4 bytes
+ Output Parameters:
+ None
+
+VTPM_Delete
+ Input Parameters:
+ instance_id: 4 bytes
+ Output Parameters:
+ None
+
+VTPM_SaveNVM
+ Input Parameters:
+ data: n bytes (Header indicates size of data)
+ Output Parameters:
+ None
+
+VTPM_LoadNVM
+ Input Parameters:
+ None
+ Output Parameters:
+ data: n bytes (Header indicates size of data)
+
+VTPM_TPMCommand
+ Input Parameters:
+ TPM Command Byte Stream: n bytes
+ Output Parameters:
+ TPM Reponse Byte Stream: n bytes
+
+*********************************************************************/
+
+#endif //_VTPM_MANAGER_H_
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtpmd.c
--- a/tools/vtpm_manager/manager/vtpmd.c Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/manager/vtpmd.c Wed Nov 30 11:07:28 2005
@@ -1,134 +1,134 @@
-// ===================================================================
-//
-// Copyright (c) 2005, Intel Corp.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions
-// are met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following
-// disclaimer in the documentation and/or other materials provided
-// with the distribution.
-// * Neither the name of Intel Corporation nor the names of its
-// contributors may be used to endorse or promote products derived
-// from this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-// OF THE POSSIBILITY OF SUCH DAMAGE.
-// ===================================================================
-//
-// vtpmd.c
-//
-// Application
-//
-// ===================================================================
-
-#include <stdio.h>
-#include <signal.h>
-#include <sys/types.h>
-#include <unistd.h>
-#include "vtpm_manager.h"
-#include "vtpmpriv.h"
-#include "tcg.h"
-#include "log.h"
-
-#ifndef VTPM_MULTI_VM
- #include <pthread.h>
-#endif
-
-void signal_handler(int reason) {
-#ifndef VTPM_MULTI_VM
-
- if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) {
- if (reason >= 0) { // Reason is a signal
- vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal
%d.\n", reason);
- } else {// Reason is a TPM_RESULT * -1
- vtpmloginfo(VTPM_LOG_VTPM,"VTPM Manager shuting down for: %s\n",
tpm_get_error_name(-1 * reason) );
- }
-
- return;
- } else {
- vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n");
- pthread_exit(NULL);
- }
-#else
- VTPM_Stop_Service();
- exit(-1);
-#endif
-}
-
-struct sigaction ctl_c_handler;
-
-int main(int argc, char **argv) {
-
- vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n");
-
- if (VTPM_Init_Service() != TPM_SUCCESS) {
- vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during
startup.\n");
- return -1;
- }
-
- ctl_c_handler.sa_handler = signal_handler;
- sigemptyset(&ctl_c_handler.sa_mask);
- ctl_c_handler.sa_flags = 0;
-
- if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1)
- vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break
will not stop service gently.\n");
-
- // For easier debuggin with gdb
- if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1)
- vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break
will not stop service gently.\n");
-
-#ifdef VTPM_MULTI_VM
- TPM_RESULT status = VTPM_Service_Handler();
-
- if (status != TPM_SUCCESS)
- vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager exited with status %s. It never
should exit.\n", tpm_get_error_name(status));
-
- return -1;
-#else
- sigset_t sig_mask;
-
- sigemptyset(&sig_mask);
- sigaddset(&sig_mask, SIGPIPE);
- sigprocmask(SIG_BLOCK, &sig_mask, NULL);
- //pthread_mutex_init(&vtpm_globals->dmi_mutex, NULL);
- pthread_t be_thread, dmi_thread;
- int betype_be, dmitype_dmi;
-
- vtpm_globals->master_pid = pthread_self();
-
- betype_be = BE_LISTENER_THREAD;
- if (pthread_create(&be_thread, NULL, VTPM_Service_Handler, &betype_be) != 0)
{
- vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n");
- exit(-1);
- }
-
- dmitype_dmi = DMI_LISTENER_THREAD;
- if (pthread_create(&dmi_thread, NULL, VTPM_Service_Handler, &dmitype_dmi) !=
0) {
- vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n");
- exit(-1);
- }
-
- //Join the other threads until exit time.
- pthread_join(be_thread, NULL);
- pthread_join(dmi_thread, NULL);
-
- VTPM_Stop_Service();
- return 0;
-#endif
-}
+// ===================================================================
+//
+// Copyright (c) 2005, Intel Corp.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Intel Corporation nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+// OF THE POSSIBILITY OF SUCH DAMAGE.
+// ===================================================================
+//
+// vtpmd.c
+//
+// Application
+//
+// ===================================================================
+
+#include <stdio.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include "vtpm_manager.h"
+#include "vtpmpriv.h"
+#include "tcg.h"
+#include "log.h"
+
+#ifndef VTPM_MULTI_VM
+ #include <pthread.h>
+#endif
+
+void signal_handler(int reason) {
+#ifndef VTPM_MULTI_VM
+
+ if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) {
+ if (reason >= 0) { // Reason is a signal
+ vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal
%d.\n", reason);
+ } else {// Reason is a TPM_RESULT * -1
+ vtpmloginfo(VTPM_LOG_VTPM,"VTPM Manager shuting down for: %s\n",
tpm_get_error_name(-1 * reason) );
+ }
+
+ return;
+ } else {
+ vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n");
+ pthread_exit(NULL);
+ }
+#else
+ VTPM_Stop_Service();
+ exit(-1);
+#endif
+}
+
+struct sigaction ctl_c_handler;
+
+int main(int argc, char **argv) {
+
+ vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n");
+
+ if (VTPM_Init_Service() != TPM_SUCCESS) {
+ vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during
startup.\n");
+ return -1;
+ }
+
+ ctl_c_handler.sa_handler = signal_handler;
+ sigemptyset(&ctl_c_handler.sa_mask);
+ ctl_c_handler.sa_flags = 0;
+
+ if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1)
+ vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break
will not stop service gently.\n");
+
+ // For easier debuggin with gdb
+ if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1)
+ vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break
will not stop service gently.\n");
+
+#ifdef VTPM_MULTI_VM
+ TPM_RESULT status = VTPM_Service_Handler();
+
+ if (status != TPM_SUCCESS)
+ vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager exited with status %s. It never
should exit.\n", tpm_get_error_name(status));
+
+ return -1;
+#else
+ sigset_t sig_mask;
+
+ sigemptyset(&sig_mask);
+ sigaddset(&sig_mask, SIGPIPE);
+ sigprocmask(SIG_BLOCK, &sig_mask, NULL);
+ //pthread_mutex_init(&vtpm_globals->dmi_mutex, NULL);
+ pthread_t be_thread, dmi_thread;
+ int betype_be, dmitype_dmi;
+
+ vtpm_globals->master_pid = pthread_self();
+
+ betype_be = BE_LISTENER_THREAD;
+ if (pthread_create(&be_thread, NULL, VTPM_Service_Handler, &betype_be) != 0)
{
+ vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n");
+ exit(-1);
+ }
+
+ dmitype_dmi = DMI_LISTENER_THREAD;
+ if (pthread_create(&dmi_thread, NULL, VTPM_Service_Handler, &dmitype_dmi) !=
0) {
+ vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n");
+ exit(-1);
+ }
+
+ //Join the other threads until exit time.
+ pthread_join(be_thread, NULL);
+ pthread_join(dmi_thread, NULL);
+
+ VTPM_Stop_Service();
+ return 0;
+#endif
+}
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtpmpriv.h
--- a/tools/vtpm_manager/manager/vtpmpriv.h Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/manager/vtpmpriv.h Wed Nov 30 11:07:28 2005
@@ -1,151 +1,151 @@
-// ===================================================================
-//
-// Copyright (c) 2005, Intel Corp.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions
-// are met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following
-// disclaimer in the documentation and/or other materials provided
-// with the distribution.
-// * Neither the name of Intel Corporation nor the names of its
-// contributors may be used to endorse or promote products derived
-// from this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-// OF THE POSSIBILITY OF SUCH DAMAGE.
-// ===================================================================
-//
-// vtpmpriv.h
-//
-// Structures and functions private to the manager
-//
-// ==================================================================
-
-#ifndef __VTPMPRIV_H__
-#define __VTPMPRIV_H__
-
-#include "tcg.h"
-#include "tcs.h"
-#include "buffer.h"
-#include "crypto.h"
-
-#define STATE_FILE "/var/vtpm/VTPM"
-#define DMI_NVM_FILE "/var/vtpm/vtpm_dm_%d.data"
-#define VTPM_BE_DEV "/dev/vtpm0"
-#define VTPM_CTL_DM 0
-
-#ifndef VTPM_MUTLI_VM
- #include <sys/types.h>
- #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo"
- #define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo"
-
- #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm-to-%d.fifo"
- #define VTPM_RX_FIFO "/var/vtpm/fifos/vtpm-from-all.fifo"
-
- #define BE_LISTENER_THREAD 1
- #define DMI_LISTENER_THREAD 2
-
- // Seconds until DMI timeout. Timeouts result in DMI being out
- // of sync, which may require a reboot of DMI and guest to recover
- // from. Don't set this to low. Also note that DMI may issue a TPM
- // call so we should expect time to process at DMI + TPM processing.
- #define DMI_TIMEOUT 90
-#endif
-
-
-// ------------------------ Private Structures -----------------------
-typedef struct VTPM_DMI_RESOURCE_T {
- // I/O info for Manager to talk to DMI's over FIFOs
-#ifndef VTPM_MUTLI_VM
- int guest_tx_fh; // open GUEST_TX_FIFO
- int vtpm_tx_fh; // open VTPM_TX_FIFO
- char *guest_tx_fname; // open GUEST_TX_FIFO
- char *vtpm_tx_fname; // open VTPM_TX_FIFO
-
- pid_t dmi_pid;
-#endif
- // Non-persistent Information
- bool connected;
- UINT32 dmi_domain_id;
- TCS_CONTEXT_HANDLE TCSContext; // TCS Handle
- char *NVMLocation; // NULL term string indicating location
- // of NVM.
- // Persistent Information about DMI
- UINT32 dmi_id;
- TPM_DIGEST NVM_measurement; // Equal to the SHA1 of the blob
- TPM_DIGEST DMI_measurement; // Correct measurement of the owning
DMI
-} VTPM_DMI_RESOURCE;
-
-typedef struct tdVTPM_GLOBALS {
- // Non-persistent data
- int be_fh; // File handle to ipc used to
communicate with backend
-#ifndef VTPM_MULTI_VM
- int vtpm_rx_fh;
- int guest_rx_fh;
-
- pid_t master_pid;
-#endif
- struct hashtable *dmi_map; // Table of all DMI's known
indexed by persistent instance #
-#ifndef VTPM_MULTI_VM
- pthread_mutex_t dmi_map_mutex; //
-#endif
- TCS_CONTEXT_HANDLE manager_tcs_handle; // TCS Handle used by manager
- TPM_HANDLE storageKeyHandle; // Key used by persistent store
- CRYPTO_INFO storageKey; // For software encryption
- TCS_AUTH keyAuth; // OIAP session for storageKey
- BOOL DMI_table_dirty; // Indicates that a command
- // has updated the DMI table
-
-
- // Persistent Data
- TPM_AUTHDATA owner_usage_auth; // OwnerAuth of real TPM
- TPM_AUTHDATA srk_usage_auth; // SRK Auth of real TPM
- buffer_t storageKeyWrap; // Wrapped copy of storageKey
-
- TPM_AUTHDATA storage_key_usage_auth;
-
-}VTPM_GLOBALS;
-
-//Global dmi map
-extern VTPM_GLOBALS *vtpm_globals;
-
-// ********************** Command Handler Prototypes ***********************
-TPM_RESULT VTPM_Handle_Load_NVM( VTPM_DMI_RESOURCE *myDMI,
- const buffer_t *inbuf,
- buffer_t *outbuf);
-
-TPM_RESULT VTPM_Handle_Save_NVM( VTPM_DMI_RESOURCE *myDMI,
- const buffer_t *inbuf,
- buffer_t *outbuf);
-
-TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi,
- buffer_t *inbuf,
- buffer_t *outbuf);
-
-TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf);
-
-TPM_RESULT VTPM_Handle_Close_DMI(const buffer_t *param_buf);
-
-TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf);
-
-TPM_RESULT VTPM_SaveService(void);
-TPM_RESULT VTPM_LoadService(void);
-
-TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res);
-#endif // __VTPMPRIV_H__
+// ===================================================================
+//
+// Copyright (c) 2005, Intel Corp.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Intel Corporation nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+// OF THE POSSIBILITY OF SUCH DAMAGE.
+// ===================================================================
+//
+// vtpmpriv.h
+//
+// Structures and functions private to the manager
+//
+// ==================================================================
+
+#ifndef __VTPMPRIV_H__
+#define __VTPMPRIV_H__
+
+#include "tcg.h"
+#include "tcs.h"
+#include "buffer.h"
+#include "crypto.h"
+
+#define STATE_FILE "/var/vtpm/VTPM"
+#define DMI_NVM_FILE "/var/vtpm/vtpm_dm_%d.data"
+#define VTPM_BE_DEV "/dev/vtpm0"
+#define VTPM_CTL_DM 0
+
+#ifndef VTPM_MUTLI_VM
+ #include <sys/types.h>
+ #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo"
+ #define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo"
+
+ #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm-to-%d.fifo"
+ #define VTPM_RX_FIFO "/var/vtpm/fifos/vtpm-from-all.fifo"
+
+ #define BE_LISTENER_THREAD 1
+ #define DMI_LISTENER_THREAD 2
+
+ // Seconds until DMI timeout. Timeouts result in DMI being out
+ // of sync, which may require a reboot of DMI and guest to recover
+ // from. Don't set this to low. Also note that DMI may issue a TPM
+ // call so we should expect time to process at DMI + TPM processing.
+ #define DMI_TIMEOUT 90
+#endif
+
+
+// ------------------------ Private Structures -----------------------
+typedef struct VTPM_DMI_RESOURCE_T {
+ // I/O info for Manager to talk to DMI's over FIFOs
+#ifndef VTPM_MUTLI_VM
+ int guest_tx_fh; // open GUEST_TX_FIFO
+ int vtpm_tx_fh; // open VTPM_TX_FIFO
+ char *guest_tx_fname; // open GUEST_TX_FIFO
+ char *vtpm_tx_fname; // open VTPM_TX_FIFO
+
+ pid_t dmi_pid;
+#endif
+ // Non-persistent Information
+ bool connected;
+ UINT32 dmi_domain_id;
+ TCS_CONTEXT_HANDLE TCSContext; // TCS Handle
+ char *NVMLocation; // NULL term string indicating location
+ // of NVM.
+ // Persistent Information about DMI
+ UINT32 dmi_id;
+ TPM_DIGEST NVM_measurement; // Equal to the SHA1 of the blob
+ TPM_DIGEST DMI_measurement; // Correct measurement of the owning
DMI
+} VTPM_DMI_RESOURCE;
+
+typedef struct tdVTPM_GLOBALS {
+ // Non-persistent data
+ int be_fh; // File handle to ipc used to
communicate with backend
+#ifndef VTPM_MULTI_VM
+ int vtpm_rx_fh;
+ int guest_rx_fh;
+
+ pid_t master_pid;
+#endif
+ struct hashtable *dmi_map; // Table of all DMI's known
indexed by persistent instance #
+#ifndef VTPM_MULTI_VM
+ pthread_mutex_t dmi_map_mutex; //
+#endif
+ TCS_CONTEXT_HANDLE manager_tcs_handle; // TCS Handle used by manager
+ TPM_HANDLE storageKeyHandle; // Key used by persistent store
+ CRYPTO_INFO storageKey; // For software encryption
+ TCS_AUTH keyAuth; // OIAP session for storageKey
+ BOOL DMI_table_dirty; // Indicates that a command
+ // has updated the DMI table
+
+
+ // Persistent Data
+ TPM_AUTHDATA owner_usage_auth; // OwnerAuth of real TPM
+ TPM_AUTHDATA srk_usage_auth; // SRK Auth of real TPM
+ buffer_t storageKeyWrap; // Wrapped copy of storageKey
+
+ TPM_AUTHDATA storage_key_usage_auth;
+
+}VTPM_GLOBALS;
+
+//Global dmi map
+extern VTPM_GLOBALS *vtpm_globals;
+
+// ********************** Command Handler Prototypes ***********************
+TPM_RESULT VTPM_Handle_Load_NVM( VTPM_DMI_RESOURCE *myDMI,
+ const buffer_t *inbuf,
+ buffer_t *outbuf);
+
+TPM_RESULT VTPM_Handle_Save_NVM( VTPM_DMI_RESOURCE *myDMI,
+ const buffer_t *inbuf,
+ buffer_t *outbuf);
+
+TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi,
+ buffer_t *inbuf,
+ buffer_t *outbuf);
+
+TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf);
+
+TPM_RESULT VTPM_Handle_Close_DMI(const buffer_t *param_buf);
+
+TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf);
+
+TPM_RESULT VTPM_SaveService(void);
+TPM_RESULT VTPM_LoadService(void);
+
+TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res);
+#endif // __VTPMPRIV_H__
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtsp.c
--- a/tools/vtpm_manager/manager/vtsp.c Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/manager/vtsp.c Wed Nov 30 11:07:28 2005
@@ -1,810 +1,810 @@
-// ===================================================================
-//
-// Copyright (c) 2005, Intel Corp.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions
-// are met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following
-// disclaimer in the documentation and/or other materials provided
-// with the distribution.
-// * Neither the name of Intel Corporation nor the names of its
-// contributors may be used to endorse or promote products derived
-// from this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-// OF THE POSSIBILITY OF SUCH DAMAGE.
-// ===================================================================
-//
-// vtsp.c
-//
-// Higher level interface to TCS for use in service.
-//
-// ==================================================================
-
-#include <string.h>
-#include "tcg.h"
-#include "tcs.h"
-#include "bsg.h"
-#include "log.h"
-#include "crypto.h"
-#include "vtsp.h"
-#include "buffer.h"
-
-#define RSA_KEY_SIZE 0x0800
-
-/***********************************************************************************
- * GenerateAuth: Generate authorization info to be sent back to application
- *
- * Parameters: outParamDigestText The concatenation of output parameters to
be SHA1ed
- * outParamDigestTextSize Size of inParamDigestText
- * HMACkey Key to be used for HMACing
- * For OIAP use key.authUsage or PersistStore.ownerAuth
- * For OSAP use shared secret
- * pAuth Authorization information from the application
- *
- * Return: TPM_SUCCESS Authorization data created
- * TPM_AUTHFAIL Invalid (NULL) HMACkey presented for OSAP
-
*************************************************************************************/
-TPM_RESULT GenerateAuth( /*[IN]*/ const BYTE *inParamDigestText,
- /*[IN]*/ UINT32 inParamDigestTextSize,
- /*[IN]*/ const TPM_SECRET *HMACkey,
- /*[IN,OUT]*/ TCS_AUTH *auth) {
-
- if (inParamDigestText == NULL || auth == NULL)
- return (TPM_AUTHFAIL);
- else {
-
- //Generate new OddNonce
- Crypto_GetRandom(auth->NonceOdd.nonce, sizeof(TPM_NONCE));
-
- // Create SHA1 inParamDigest
- TPM_DIGEST inParamDigest;
- Crypto_SHA1Full(inParamDigestText, inParamDigestTextSize, (BYTE *)
&inParamDigest);
-
- // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
- BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
-
- BSG_PackList( hmacText, 4,
- BSG_TPM_DIGEST, &inParamDigest,
- BSG_TPM_NONCE, &(auth->NonceEven),
- BSG_TPM_NONCE, &(auth->NonceOdd),
- BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
-
- Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), (BYTE *) HMACkey,
sizeof(TPM_DIGEST), (BYTE *) &(auth->HMAC));
-
- return(TPM_SUCCESS);
-
- }
-}
-
-/***********************************************************************************
- * VerifyAuth: Verify the authdata for a command requiring authorization
- *
- * Parameters: inParamDigestText The concatenation of parameters to be SHA1ed
- * inParamDigestTextSize Size of inParamDigestText
- * authDataUsage AuthDataUsage for the Entity being used
- * Key->authDataUsage or TPM_AUTH_OWNER
- * HMACkey Key to be used for HMACing
- * For OIAP use key.authUsage or PersistStore.ownerAuth
- * For OSAP use NULL (It will be aquired from the Auth Session)
- * If unknown (default), assume OIAP
- * sessionAuth A TCS_AUTH info for the session
- * pAuth Authorization information from the application
- * hContext If specified, on failed Auth, VerifyAuth will
- * generate a new OIAP session in place
of themselves
- * destroyed session.
- *
- * Return: TPM_SUCCESS Authorization Verified
- * TPM_AUTHFAIL Authorization Failed
- * TPM_FAIL Failure during SHA1 routines
-
*************************************************************************************/
-TPM_RESULT VerifyAuth( /*[IN]*/ const BYTE *outParamDigestText,
- /*[IN]*/ UINT32 outParamDigestTextSize,
- /*[IN]*/ const TPM_SECRET *HMACkey,
- /*[IN,OUT]*/ TCS_AUTH *auth,
- /*[IN]*/ TCS_CONTEXT_HANDLE hContext) {
- if (outParamDigestText == NULL || auth == NULL)
- return (TPM_AUTHFAIL);
-
-
- // Create SHA1 inParamDigest
- TPM_DIGEST outParamDigest;
- Crypto_SHA1Full(outParamDigestText, outParamDigestTextSize, (BYTE *)
&outParamDigest);
-
- // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
- TPM_DIGEST hm;
- BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
-
- BSG_PackList( hmacText, 4,
- BSG_TPM_DIGEST, &outParamDigest,
- BSG_TPM_NONCE, &(auth->NonceEven),
- BSG_TPM_NONCE, &(auth->NonceOdd),
- BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
-
- Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText),
- (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &hm);
-
- // Compare correct HMAC with provided one.
- if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0) // 0 indicates
equality
- return (TPM_SUCCESS);
- else {
- VTSP_OIAP( hContext, auth);
- return (TPM_AUTHFAIL);
- }
-}
-
-TPM_RESULT VTSP_OIAP(const TCS_CONTEXT_HANDLE hContext,
- TCS_AUTH *auth) {
-
- vtpmloginfo(VTPM_LOG_VTSP, "OIAP.\n");
- TPM_RESULT status = TPM_SUCCESS;
- TPMTRYRETURN( TCSP_OIAP(hContext,
- &auth->AuthHandle,
- &auth->NonceEven) );
- goto egress;
-
- abort_egress:
-
- egress:
-
- return status;
-}
-
-TPM_RESULT VTSP_OSAP(const TCS_CONTEXT_HANDLE hContext,
- const TPM_ENTITY_TYPE entityType,
- const UINT32 entityValue,
- const TPM_AUTHDATA *usageAuth,
- TPM_SECRET *sharedSecret,
- TCS_AUTH *auth) {
-
- vtpmloginfo(VTPM_LOG_VTSP, "OSAP.\n");
- TPM_RESULT status = TPM_SUCCESS;
- TPM_NONCE nonceEvenOSAP, nonceOddOSAP;
-
- Crypto_GetRandom((BYTE *) &nonceOddOSAP, sizeof(TPM_NONCE) );
-
- TPMTRYRETURN( TCSP_OSAP( hContext,
- entityType,
- entityValue,
- nonceOddOSAP,
- &auth->AuthHandle,
- &auth->NonceEven,
- &nonceEvenOSAP) );
-
- // Calculating Session Secret
- BYTE sharedSecretText[TPM_DIGEST_SIZE * 2];
-
- BSG_PackList( sharedSecretText, 2,
- BSG_TPM_NONCE, &nonceEvenOSAP,
- BSG_TPM_NONCE, &nonceOddOSAP);
-
- Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) usageAuth,
TPM_DIGEST_SIZE, (BYTE *) sharedSecret);
-
- goto egress;
-
- abort_egress:
-
- egress:
-
- return status;
-}
-
-
-
-TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext,
- CRYPTO_INFO *crypto_info) {
-
- TPM_RESULT status;
- TPM_NONCE antiReplay;
- TPM_DIGEST checksum;
- BYTE *pubEKtext;
- UINT32 pubEKtextsize;
-
- vtpmloginfo(VTPM_LOG_VTSP, "Reading Public EK.\n");
-
- // GenerateAuth new nonceOdd
- Crypto_GetRandom(&antiReplay, sizeof(TPM_NONCE) );
-
-
- TPMTRYRETURN( TCSP_ReadPubek( hContext,
- antiReplay,
- &pubEKtextsize,
- &pubEKtext,
- &checksum) );
-
-
- // Extract the remaining output parameters
- TPM_PUBKEY pubEK;
-
- BSG_Unpack(BSG_TPM_PUBKEY, pubEKtext, (BYTE *) &pubEK);
-
- // Build CryptoInfo for the bindingKey
- TPM_RSA_KEY_PARMS rsaKeyParms;
-
- BSG_Unpack(BSG_TPM_RSA_KEY_PARMS,
- pubEK.algorithmParms.parms,
- &rsaKeyParms);
-
- Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize,
- rsaKeyParms.exponent,
- pubEK.pubKey.keyLength,
- pubEK.pubKey.key,
- crypto_info);
-
- // Destroy rsaKeyParms
- BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
-
- // Set encryption scheme
- crypto_info->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
- //crypto_info->encScheme = pubEK.algorithmParms.encScheme;
- crypto_info->algorithmID = pubEK.algorithmParms.algorithmID;
-
- goto egress;
-
- abort_egress:
-
- egress:
-
- return status;
-}
-
-TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext,
- const TPM_AUTHDATA *ownerAuth,
- const TPM_AUTHDATA *srkAuth,
- CRYPTO_INFO *ek_cryptoInfo,
- TCS_AUTH *auth) {
-
- vtpmloginfo(VTPM_LOG_VTSP, "Taking Ownership of TPM.\n");
-
- TPM_RESULT status = TPM_SUCCESS;
- TPM_COMMAND_CODE command = TPM_ORD_TakeOwnership;
- TPM_PROTOCOL_ID proto_id = TPM_PID_OWNER;
- BYTE *new_srk;
-
- BYTE *paramText; // Digest to make Auth.
- UINT32 paramTextSize;
-
- // vars for srkpubkey parameter
- TPM_KEY srkPub;
- TPM_KEY_PARMS srkKeyInfo = {TPM_ALG_RSA, TPM_ES_RSAESOAEP_SHA1_MGF1,
TPM_SS_NONE, 12, 0};
- BYTE srkRSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00,
0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00};
- srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo;
-
- struct pack_buf_t srkText;
-
- // GenerateAuth new nonceOdd
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
- //These values are accurate for an enc(AuthData).
- struct pack_buf_t encOwnerAuth, encSrkAuth;
-
- encOwnerAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
- encSrkAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
-
- if (encOwnerAuth.data == NULL || encSrkAuth.data == NULL) {
- vtpmloginfo(VTPM_LOG_VTSP, "Could not malloc encrypted auths.\n");
- status = TPM_RESOURCES;
- goto abort_egress;
- }
-
- Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) ownerAuth,
&encOwnerAuth.size, encOwnerAuth.data);
- Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) srkAuth,
&encSrkAuth.size, encSrkAuth.data);
-
-
- // Build srk public key struct
- srkPub.ver = TPM_STRUCT_VER_1_1;
- srkPub.keyUsage = TPM_KEY_STORAGE;
- srkPub.keyFlags = 0x00;
- srkPub.authDataUsage = TPM_AUTH_ALWAYS;
- memcpy(&srkPub.algorithmParms, &srkKeyInfo, sizeof(TPM_KEY_PARMS));
- srkPub.PCRInfoSize = 0;
- srkPub.PCRInfo = 0;
- srkPub.pubKey.keyLength= 0;
- srkPub.encDataSize = 0;
-
- srkText.data = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
- srkText.size = BSG_Pack(BSG_TPM_KEY, (BYTE *) &srkPub, srkText.data);
-
- paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
-
- paramTextSize = BSG_PackList(paramText, 5,
- BSG_TPM_COMMAND_CODE,&command,
- BSG_TPM_PROTOCOL_ID, &proto_id,
- BSG_TPM_SIZE32_DATA, &encOwnerAuth,
- BSG_TPM_SIZE32_DATA, &encSrkAuth,
- BSG_TPM_KEY, &srkPub);
-
- TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, ownerAuth, auth) );
-
- new_srk = srkText.data;
- TPMTRYRETURN( TCSP_TakeOwnership ( hContext,
- proto_id,
- encOwnerAuth.size,
- encOwnerAuth.data,
- encSrkAuth.size,
- encSrkAuth.data,
- &srkText.size,
- &new_srk,
- auth ) );
-
-
- paramTextSize = BSG_PackList(paramText, 2,
- BSG_TPM_RESULT, &status,
- BSG_TPM_COMMAND_CODE, &command);
- memcpy(paramText + paramTextSize, new_srk, srkText.size);
- paramTextSize += srkText.size;
-
-
- TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
- ownerAuth, auth,
- hContext) );
-
- goto egress;
-
- abort_egress:
-
- egress:
-
- free(srkText.data);
- free(encSrkAuth.data);
- free(encOwnerAuth.data);
- free(paramText);
-
- TCS_FreeMemory(hContext, new_srk);
-
- return status;
-}
-
-TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext,
- const TPM_AUTHDATA *ownerAuth,
- TCS_AUTH *auth) {
-
- vtpmloginfo(VTPM_LOG_VTSP, "Disabling Pubek Read.\n");
-
- TPM_RESULT status = TPM_SUCCESS;
- TPM_COMMAND_CODE command = TPM_ORD_DisablePubekRead;
-
- BYTE *paramText; // Digest to make Auth.
- UINT32 paramTextSize;
-
- // Generate HMAC
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
- paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
-
- paramTextSize = BSG_PackList(paramText, 1,
- BSG_TPM_COMMAND_CODE, &command);
-
- TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
- ownerAuth, auth) );
-
- // Call TCS
- TPMTRYRETURN( TCSP_DisablePubekRead ( hContext, // in
- auth) );
-
- // Verify Auth
- paramTextSize = BSG_PackList(paramText, 2,
- BSG_TPM_RESULT, &status,
- BSG_TPM_COMMAND_CODE, &command);
-
- TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
- ownerAuth, auth,
- hContext) );
- goto egress;
-
- abort_egress:
- egress:
- free(paramText);
- return status;
-}
-
-TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext,
- const TPM_KEY_USAGE usage,
- const TPM_AUTHDATA *newKeyAuth,
- const TCS_KEY_HANDLE parentHandle,
- const TPM_AUTHDATA *osapSharedSecret,
- buffer_t *pubKeyBuf,
- TCS_AUTH *auth) {
-
- int i;
- TPM_RESULT status = TPM_SUCCESS;
- TPM_COMMAND_CODE command = TPM_ORD_CreateWrapKey;
-
- vtpmloginfo(VTPM_LOG_VTSP, "Creating new key of type %d.\n", usage);
-
- // vars for Calculate encUsageAuth
- BYTE *paramText;
- UINT32 paramTextSize;
-
- // vars for Calculate encUsageAuth
- BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)];
- TPM_DIGEST XORKey1;
- UINT32 XORbufferSize;
- TPM_SECRET encUsageAuth, encMigrationAuth;
-
- // vars for Flatten newKey prototype
- BYTE *flatKey = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
- UINT32 flatKeySize = TCPA_MAX_BUFFER_LENGTH;
- struct pack_buf_t newKeyText;
-
- // Fill in newKey
- TPM_KEY newKey;
-
- BYTE RSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, 0x00,
0x00, 0x02, 0x00, 0x00, 0x00, 0x00};
- newKey.algorithmParms.algorithmID = TPM_ALG_RSA;
- newKey.algorithmParms.parms = (BYTE *) &RSAkeyInfo;
- newKey.algorithmParms.parmSize = 12;
-
- switch (usage) {
- case TPM_KEY_SIGNING:
- vtpmloginfo(VTPM_LOG_VTSP, "Creating Signing Key...\n");
- newKey.keyUsage = TPM_KEY_SIGNING;
- newKey.algorithmParms.encScheme = TPM_ES_NONE;
- newKey.algorithmParms.sigScheme = TPM_SS_RSASSAPKCS1v15_SHA1;
- break;
- case TPM_KEY_STORAGE:
- vtpmloginfo(VTPM_LOG_VTSP, "Creating Storage Key...\n");
- newKey.keyUsage = TPM_KEY_STORAGE;
- newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
- newKey.algorithmParms.sigScheme = TPM_SS_NONE;
- break;
- case TPM_KEY_BIND:
- vtpmloginfo(VTPM_LOG_VTSP, "Creating Binding Key...\n");
- newKey.keyUsage = TPM_KEY_BIND;
- newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
- newKey.algorithmParms.sigScheme = TPM_SS_NONE;
- break;
- default:
- vtpmloginfo(VTPM_LOG_VTSP, "Cannot create key. Invalid Key Type.\n");
- status = TPM_BAD_PARAMETER;
- goto abort_egress;
- }
-
-
- newKey.ver = TPM_STRUCT_VER_1_1;
-
- newKey.keyFlags = 0;
- newKey.authDataUsage = TPM_AUTH_ALWAYS;
- newKey.pubKey.keyLength= 0;
- newKey.encDataSize = 0;
- newKey.encData = NULL;
-
- // FIXME: Support PCR bindings
- newKey.PCRInfoSize = 0;
- newKey.PCRInfo = NULL;
-
- // Calculate encUsageAuth
- XORbufferSize = BSG_PackList( XORbuffer, 2,
- BSG_TPM_SECRET, osapSharedSecret,
- BSG_TPM_NONCE, &auth->NonceEven);
- Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey1);
-
- // FIXME: No support for migratable keys.
- for (i=0; i < TPM_DIGEST_SIZE; i++)
- ((BYTE *) &encUsageAuth)[i] = ((BYTE *) &XORKey1)[i] ^ ((BYTE *)
newKeyAuth)[i];
-
- // Flatten newKey prototype
- flatKeySize = BSG_Pack(BSG_TPM_KEY, (BYTE *) &newKey, flatKey);
- newKeyText.data = flatKey;
- newKeyText.size = flatKeySize;
-
- // GenerateAuth new nonceOdd
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
- // Generate HMAC
- paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
-
- paramTextSize = BSG_PackList(paramText, 3,
- BSG_TPM_COMMAND_CODE, &command,
- BSG_TPM_AUTHDATA, &encUsageAuth,
- BSG_TPM_AUTHDATA, &encMigrationAuth);
- memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
- paramTextSize += newKeyText.size;
-
-
- TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
- osapSharedSecret, auth) );
-
- // Call TCS
- TPMTRYRETURN( TCSP_CreateWrapKey( hContext,
- parentHandle,
- encUsageAuth,
- encMigrationAuth,
- &newKeyText.size,
- &newKeyText.data,
- auth) );
-
- // Verify Auth
- paramTextSize = BSG_PackList(paramText, 2,
- BSG_TPM_RESULT, &status,
- BSG_TPM_COMMAND_CODE, &command);
- memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
- paramTextSize += newKeyText.size;
-
- TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
- osapSharedSecret, auth, 0) );
-
- // Unpack/return key structure
- TPMTRYRETURN(buffer_init(pubKeyBuf, 0, 0) );
- TPMTRYRETURN(buffer_append_raw(pubKeyBuf, newKeyText.size, newKeyText.data)
);
-
- goto egress;
-
- abort_egress:
-
- egress:
-
- free(flatKey);
- free(paramText);
- TCS_FreeMemory(hContext, newKeyText.data);
-
- return status;
-}
-
-TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext,
- const TCS_KEY_HANDLE hUnwrappingKey,
- const buffer_t *rgbWrappedKeyBlob,
- const TPM_AUTHDATA *parentAuth,
- TPM_HANDLE *newKeyHandle,
- TCS_AUTH *auth,
- CRYPTO_INFO *cryptoinfo /*= NULL*/) {
-
-
- vtpmloginfo(VTPM_LOG_VTSP, "Loading Key.\n%s","");
-
- TPM_RESULT status = TPM_SUCCESS;
- TPM_COMMAND_CODE command = TPM_ORD_LoadKey;
-
- BYTE *paramText; // Digest to make Auth.
- UINT32 paramTextSize;
-
- if ((rgbWrappedKeyBlob == NULL) || (parentAuth == NULL) ||
- (newKeyHandle==NULL) || (auth==NULL)) {
- status = TPM_BAD_PARAMETER;
- goto abort_egress;
- }
-
- // Generate Extra TCS Parameters
- TPM_HANDLE phKeyHMAC;
-
- // Generate HMAC
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
- paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
-
- paramTextSize = BSG_PackList(paramText, 1,
- BSG_TPM_COMMAND_CODE, &command);
-
- memcpy(paramText + paramTextSize, rgbWrappedKeyBlob->bytes,
buffer_len(rgbWrappedKeyBlob));
- paramTextSize += buffer_len(rgbWrappedKeyBlob);
-
- TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
- parentAuth, auth) );
-
- // Call TCS
- TPMTRYRETURN( TCSP_LoadKeyByBlob( hContext,
- hUnwrappingKey,
- buffer_len(rgbWrappedKeyBlob),
- rgbWrappedKeyBlob->bytes,
- auth,
- newKeyHandle,
- &phKeyHMAC) );
-
- // Verify Auth
- paramTextSize = BSG_PackList(paramText, 3,
- BSG_TPM_RESULT, &status,
- BSG_TPM_COMMAND_CODE, &command,
- BSG_TPM_HANDLE, newKeyHandle);
-
- TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
- parentAuth, auth,
- hContext) );
-
- // Unpack/return key structure
- if (cryptoinfo != NULL) {
- TPM_KEY newKey;
-
- BSG_Unpack(BSG_TPM_KEY, rgbWrappedKeyBlob->bytes , &newKey);
- TPM_RSA_KEY_PARMS rsaKeyParms;
-
- BSG_Unpack(BSG_TPM_RSA_KEY_PARMS,
- newKey.algorithmParms.parms,
- &rsaKeyParms);
-
- Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize,
- rsaKeyParms.exponent,
- newKey.pubKey.keyLength,
- newKey.pubKey.key,
- cryptoinfo);
-
- // Destroy rsaKeyParms
- BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
-
- // Set encryption scheme
- cryptoinfo->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
- }
-
- goto egress;
-
- abort_egress:
-
- egress:
-
- free(paramText);
- return status;
-}
-
-TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext,
- const TPM_KEY_HANDLE key_handle,
- const buffer_t *bound_data,
- const TPM_AUTHDATA *usage_auth,
- buffer_t *clear_data,
- TCS_AUTH *auth) {
-
- vtpmloginfo(VTPM_LOG_VTSP, "Unbinding %d bytes of data.\n",
buffer_len(bound_data));
-
- TPM_RESULT status = TPM_SUCCESS;
- TPM_COMMAND_CODE command = TPM_ORD_UnBind;
-
- BYTE *paramText; // Digest to make Auth.
- UINT32 paramTextSize;
-
- // Generate Extra TCS Parameters
- struct pack_buf_t clear_data32;
- BYTE *clear_data_text;
- UINT32 clear_data_size;
-
- // Generate HMAC
- Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
-
- struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes};
-
- paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
-
- paramTextSize = BSG_PackList(paramText, 2,
- BSG_TPM_COMMAND_CODE, &command,
- BSG_TPM_SIZE32_DATA, &bound_data32);
-
- TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
- usage_auth, auth) );
-
- // Call TCS
- TPMTRYRETURN( TCSP_UnBind( hContext,
- key_handle,
- buffer_len(bound_data),
- bound_data->bytes,
- auth,
- &clear_data_size,
- &clear_data_text) );
-
-
- // Verify Auth
- clear_data32.size = clear_data_size;
- clear_data32.data = clear_data_text;
- paramTextSize = BSG_PackList(paramText, 3,
- BSG_TPM_RESULT, &status,
- BSG_TPM_COMMAND_CODE, &command,
- BSG_TPM_SIZE32_DATA, &clear_data32);
-
- TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
- usage_auth, auth,
- hContext) );
-
- // Unpack/return key structure
- TPMTRYRETURN(buffer_init(clear_data, 0, 0));
- TPMTRYRETURN(buffer_append_raw (clear_data, clear_data_size,
clear_data_text) );
-
- goto egress;
-
- abort_egress:
-
- egress:
-
- free(paramText);
- TCS_FreeMemory(hContext, clear_data_text);
-
- return status;
-}
-
-TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo,
- const buffer_t *inData,
- buffer_t *outData)
-{
- vtpmloginfo(VTPM_LOG_VTSP, "Binding %d bytes of data.\n",
buffer_len(inData));
- TPM_BOUND_DATA boundData;
- UINT32 i;
-
- // Fill boundData's accessory information
- boundData.ver = TPM_STRUCT_VER_1_1;
- boundData.payload = TPM_PT_BIND;
- boundData.payloadData = inData->bytes;
-
- // Pack boundData before encryption
- BYTE* flatBoundData = (BYTE *)malloc(sizeof(BYTE) *
- (sizeof(TPM_VERSION) +
- sizeof(TPM_PAYLOAD_TYPE) +
- buffer_len(inData)));
- if (flatBoundData == NULL) {
- return TPM_NOSPACE;
- }
- UINT32 flatBoundDataSize = 0;
- flatBoundDataSize = BSG_PackList( flatBoundData, 2,
- BSG_TPM_VERSION, &boundData.ver,
- BSG_TYPE_BYTE, &boundData.payload);
-
- memcpy(flatBoundData+flatBoundDataSize, inData->bytes, buffer_len(inData));
- flatBoundDataSize += buffer_len(inData);
-
- BYTE out_tmp[RSA_KEY_SIZE/8]; // RSAEnc does not do blocking, So this is
what will come out.
- UINT32 out_tmp_size;
-
- // Encrypt flatBoundData
- Crypto_RSAEnc( cryptoInfo,
- flatBoundDataSize,
- flatBoundData,
- &out_tmp_size,
- out_tmp);
-
- if (out_tmp_size > RSA_KEY_SIZE/8) {
- // The result of RSAEnc should be a fixed size based on key size.
- vtpmlogerror(VTPM_LOG_VTSP, "Enc buffer just overflowed.\n");
- }
-
- buffer_init(outData, 0, NULL);
- buffer_append_raw(outData, out_tmp_size, out_tmp);
-
- vtpmloginfo(VTPM_LOG_TXDATA, "Bind Generated[%d] = 0x", out_tmp_size);
- for(i = 0 ; i < out_tmp_size ; i++) {
- vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out_tmp[i]);
- }
- vtpmloginfomore(VTPM_LOG_TXDATA, "\n");
-
- // Free flatBoundData
- free(flatBoundData);
-
- return TPM_SUCCESS;
-}
-
-// Function Reaches into unsupported TCS command, beware.
-TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext,
- const buffer_t *inbuf,
- buffer_t *outbuf ) {
-
- vtpmloginfo(VTPM_LOG_VTSP, "Passthrough in use.\n");
- TPM_RESULT status = TPM_SUCCESS;
-
- // Generate Extra TCS Parameters
- BYTE *resultText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
- UINT32 resultTextSize = TCPA_MAX_BUFFER_LENGTH;
-
- // Call TCS
- TPMTRYRETURN( TCSP_RawTransmitData(buffer_len(inbuf), inbuf->bytes,
- &resultTextSize, resultText) );
-
- // Unpack/return key structure
- TPMTRYRETURN(buffer_init (outbuf, resultTextSize, resultText) );
- goto egress;
-
- abort_egress:
-
- egress:
- TCS_FreeMemory(hContext, resultText);
- free(resultText);
- return status;
-}
+// ===================================================================
+//
+// Copyright (c) 2005, Intel Corp.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Intel Corporation nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+// OF THE POSSIBILITY OF SUCH DAMAGE.
+// ===================================================================
+//
+// vtsp.c
+//
+// Higher level interface to TCS for use in service.
+//
+// ==================================================================
+
+#include <string.h>
+#include "tcg.h"
+#include "tcs.h"
+#include "bsg.h"
+#include "log.h"
+#include "crypto.h"
+#include "vtsp.h"
+#include "buffer.h"
+
+#define RSA_KEY_SIZE 0x0800
+
+/***********************************************************************************
+ * GenerateAuth: Generate authorization info to be sent back to application
+ *
+ * Parameters: outParamDigestText The concatenation of output parameters to
be SHA1ed
+ * outParamDigestTextSize Size of inParamDigestText
+ * HMACkey Key to be used for HMACing
+ * For OIAP use key.authUsage or PersistStore.ownerAuth
+ * For OSAP use shared secret
+ * pAuth Authorization information from the application
+ *
+ * Return: TPM_SUCCESS Authorization data created
+ * TPM_AUTHFAIL Invalid (NULL) HMACkey presented for OSAP
+
*************************************************************************************/
+TPM_RESULT GenerateAuth( /*[IN]*/ const BYTE *inParamDigestText,
+ /*[IN]*/ UINT32 inParamDigestTextSize,
+ /*[IN]*/ const TPM_SECRET *HMACkey,
+ /*[IN,OUT]*/ TCS_AUTH *auth) {
+
+ if (inParamDigestText == NULL || auth == NULL)
+ return (TPM_AUTHFAIL);
+ else {
+
+ //Generate new OddNonce
+ Crypto_GetRandom(auth->NonceOdd.nonce, sizeof(TPM_NONCE));
+
+ // Create SHA1 inParamDigest
+ TPM_DIGEST inParamDigest;
+ Crypto_SHA1Full(inParamDigestText, inParamDigestTextSize, (BYTE *)
&inParamDigest);
+
+ // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
+ BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
+
+ BSG_PackList( hmacText, 4,
+ BSG_TPM_DIGEST, &inParamDigest,
+ BSG_TPM_NONCE, &(auth->NonceEven),
+ BSG_TPM_NONCE, &(auth->NonceOdd),
+ BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
+
+ Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), (BYTE *) HMACkey,
sizeof(TPM_DIGEST), (BYTE *) &(auth->HMAC));
+
+ return(TPM_SUCCESS);
+
+ }
+}
+
+/***********************************************************************************
+ * VerifyAuth: Verify the authdata for a command requiring authorization
+ *
+ * Parameters: inParamDigestText The concatenation of parameters to be SHA1ed
+ * inParamDigestTextSize Size of inParamDigestText
+ * authDataUsage AuthDataUsage for the Entity being used
+ * Key->authDataUsage or TPM_AUTH_OWNER
+ * HMACkey Key to be used for HMACing
+ * For OIAP use key.authUsage or PersistStore.ownerAuth
+ * For OSAP use NULL (It will be aquired from the Auth Session)
+ * If unknown (default), assume OIAP
+ * sessionAuth A TCS_AUTH info for the session
+ * pAuth Authorization information from the application
+ * hContext If specified, on failed Auth, VerifyAuth will
+ * generate a new OIAP session in place
of themselves
+ * destroyed session.
+ *
+ * Return: TPM_SUCCESS Authorization Verified
+ * TPM_AUTHFAIL Authorization Failed
+ * TPM_FAIL Failure during SHA1 routines
+
*************************************************************************************/
+TPM_RESULT VerifyAuth( /*[IN]*/ const BYTE *outParamDigestText,
+ /*[IN]*/ UINT32 outParamDigestTextSize,
+ /*[IN]*/ const TPM_SECRET *HMACkey,
+ /*[IN,OUT]*/ TCS_AUTH *auth,
+ /*[IN]*/ TCS_CONTEXT_HANDLE hContext) {
+ if (outParamDigestText == NULL || auth == NULL)
+ return (TPM_AUTHFAIL);
+
+
+ // Create SHA1 inParamDigest
+ TPM_DIGEST outParamDigest;
+ Crypto_SHA1Full(outParamDigestText, outParamDigestTextSize, (BYTE *)
&outParamDigest);
+
+ // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
+ TPM_DIGEST hm;
+ BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
+
+ BSG_PackList( hmacText, 4,
+ BSG_TPM_DIGEST, &outParamDigest,
+ BSG_TPM_NONCE, &(auth->NonceEven),
+ BSG_TPM_NONCE, &(auth->NonceOdd),
+ BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
+
+ Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText),
+ (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &hm);
+
+ // Compare correct HMAC with provided one.
+ if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0) // 0 indicates
equality
+ return (TPM_SUCCESS);
+ else {
+ VTSP_OIAP( hContext, auth);
+ return (TPM_AUTHFAIL);
+ }
+}
+
+TPM_RESULT VTSP_OIAP(const TCS_CONTEXT_HANDLE hContext,
+ TCS_AUTH *auth) {
+
+ vtpmloginfo(VTPM_LOG_VTSP, "OIAP.\n");
+ TPM_RESULT status = TPM_SUCCESS;
+ TPMTRYRETURN( TCSP_OIAP(hContext,
+ &auth->AuthHandle,
+ &auth->NonceEven) );
+ goto egress;
+
+ abort_egress:
+
+ egress:
+
+ return status;
+}
+
+TPM_RESULT VTSP_OSAP(const TCS_CONTEXT_HANDLE hContext,
+ const TPM_ENTITY_TYPE entityType,
+ const UINT32 entityValue,
+ const TPM_AUTHDATA *usageAuth,
+ TPM_SECRET *sharedSecret,
+ TCS_AUTH *auth) {
+
+ vtpmloginfo(VTPM_LOG_VTSP, "OSAP.\n");
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_NONCE nonceEvenOSAP, nonceOddOSAP;
+
+ Crypto_GetRandom((BYTE *) &nonceOddOSAP, sizeof(TPM_NONCE) );
+
+ TPMTRYRETURN( TCSP_OSAP( hContext,
+ entityType,
+ entityValue,
+ nonceOddOSAP,
+ &auth->AuthHandle,
+ &auth->NonceEven,
+ &nonceEvenOSAP) );
+
+ // Calculating Session Secret
+ BYTE sharedSecretText[TPM_DIGEST_SIZE * 2];
+
+ BSG_PackList( sharedSecretText, 2,
+ BSG_TPM_NONCE, &nonceEvenOSAP,
+ BSG_TPM_NONCE, &nonceOddOSAP);
+
+ Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) usageAuth,
TPM_DIGEST_SIZE, (BYTE *) sharedSecret);
+
+ goto egress;
+
+ abort_egress:
+
+ egress:
+
+ return status;
+}
+
+
+
+TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext,
+ CRYPTO_INFO *crypto_info) {
+
+ TPM_RESULT status;
+ TPM_NONCE antiReplay;
+ TPM_DIGEST checksum;
+ BYTE *pubEKtext;
+ UINT32 pubEKtextsize;
+
+ vtpmloginfo(VTPM_LOG_VTSP, "Reading Public EK.\n");
+
+ // GenerateAuth new nonceOdd
+ Crypto_GetRandom(&antiReplay, sizeof(TPM_NONCE) );
+
+
+ TPMTRYRETURN( TCSP_ReadPubek( hContext,
+ antiReplay,
+ &pubEKtextsize,
+ &pubEKtext,
+ &checksum) );
+
+
+ // Extract the remaining output parameters
+ TPM_PUBKEY pubEK;
+
+ BSG_Unpack(BSG_TPM_PUBKEY, pubEKtext, (BYTE *) &pubEK);
+
+ // Build CryptoInfo for the bindingKey
+ TPM_RSA_KEY_PARMS rsaKeyParms;
+
+ BSG_Unpack(BSG_TPM_RSA_KEY_PARMS,
+ pubEK.algorithmParms.parms,
+ &rsaKeyParms);
+
+ Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize,
+ rsaKeyParms.exponent,
+ pubEK.pubKey.keyLength,
+ pubEK.pubKey.key,
+ crypto_info);
+
+ // Destroy rsaKeyParms
+ BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
+
+ // Set encryption scheme
+ crypto_info->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
+ //crypto_info->encScheme = pubEK.algorithmParms.encScheme;
+ crypto_info->algorithmID = pubEK.algorithmParms.algorithmID;
+
+ goto egress;
+
+ abort_egress:
+
+ egress:
+
+ return status;
+}
+
+TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_AUTHDATA *ownerAuth,
+ const TPM_AUTHDATA *srkAuth,
+ CRYPTO_INFO *ek_cryptoInfo,
+ TCS_AUTH *auth) {
+
+ vtpmloginfo(VTPM_LOG_VTSP, "Taking Ownership of TPM.\n");
+
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE command = TPM_ORD_TakeOwnership;
+ TPM_PROTOCOL_ID proto_id = TPM_PID_OWNER;
+ BYTE *new_srk;
+
+ BYTE *paramText; // Digest to make Auth.
+ UINT32 paramTextSize;
+
+ // vars for srkpubkey parameter
+ TPM_KEY srkPub;
+ TPM_KEY_PARMS srkKeyInfo = {TPM_ALG_RSA, TPM_ES_RSAESOAEP_SHA1_MGF1,
TPM_SS_NONE, 12, 0};
+ BYTE srkRSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00,
0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00};
+ srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo;
+
+ struct pack_buf_t srkText;
+
+ // GenerateAuth new nonceOdd
+ Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
+
+ //These values are accurate for an enc(AuthData).
+ struct pack_buf_t encOwnerAuth, encSrkAuth;
+
+ encOwnerAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
+ encSrkAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
+
+ if (encOwnerAuth.data == NULL || encSrkAuth.data == NULL) {
+ vtpmloginfo(VTPM_LOG_VTSP, "Could not malloc encrypted auths.\n");
+ status = TPM_RESOURCES;
+ goto abort_egress;
+ }
+
+ Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) ownerAuth,
&encOwnerAuth.size, encOwnerAuth.data);
+ Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) srkAuth,
&encSrkAuth.size, encSrkAuth.data);
+
+
+ // Build srk public key struct
+ srkPub.ver = TPM_STRUCT_VER_1_1;
+ srkPub.keyUsage = TPM_KEY_STORAGE;
+ srkPub.keyFlags = 0x00;
+ srkPub.authDataUsage = TPM_AUTH_ALWAYS;
+ memcpy(&srkPub.algorithmParms, &srkKeyInfo, sizeof(TPM_KEY_PARMS));
+ srkPub.PCRInfoSize = 0;
+ srkPub.PCRInfo = 0;
+ srkPub.pubKey.keyLength= 0;
+ srkPub.encDataSize = 0;
+
+ srkText.data = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+ srkText.size = BSG_Pack(BSG_TPM_KEY, (BYTE *) &srkPub, srkText.data);
+
+ paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+
+ paramTextSize = BSG_PackList(paramText, 5,
+ BSG_TPM_COMMAND_CODE,&command,
+ BSG_TPM_PROTOCOL_ID, &proto_id,
+ BSG_TPM_SIZE32_DATA, &encOwnerAuth,
+ BSG_TPM_SIZE32_DATA, &encSrkAuth,
+ BSG_TPM_KEY, &srkPub);
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, ownerAuth, auth) );
+
+ new_srk = srkText.data;
+ TPMTRYRETURN( TCSP_TakeOwnership ( hContext,
+ proto_id,
+ encOwnerAuth.size,
+ encOwnerAuth.data,
+ encSrkAuth.size,
+ encSrkAuth.data,
+ &srkText.size,
+ &new_srk,
+ auth ) );
+
+
+ paramTextSize = BSG_PackList(paramText, 2,
+ BSG_TPM_RESULT, &status,
+ BSG_TPM_COMMAND_CODE, &command);
+ memcpy(paramText + paramTextSize, new_srk, srkText.size);
+ paramTextSize += srkText.size;
+
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ ownerAuth, auth,
+ hContext) );
+
+ goto egress;
+
+ abort_egress:
+
+ egress:
+
+ free(srkText.data);
+ free(encSrkAuth.data);
+ free(encOwnerAuth.data);
+ free(paramText);
+
+ TCS_FreeMemory(hContext, new_srk);
+
+ return status;
+}
+
+TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_AUTHDATA *ownerAuth,
+ TCS_AUTH *auth) {
+
+ vtpmloginfo(VTPM_LOG_VTSP, "Disabling Pubek Read.\n");
+
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE command = TPM_ORD_DisablePubekRead;
+
+ BYTE *paramText; // Digest to make Auth.
+ UINT32 paramTextSize;
+
+ // Generate HMAC
+ Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
+
+ paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+
+ paramTextSize = BSG_PackList(paramText, 1,
+ BSG_TPM_COMMAND_CODE, &command);
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
+ ownerAuth, auth) );
+
+ // Call TCS
+ TPMTRYRETURN( TCSP_DisablePubekRead ( hContext, // in
+ auth) );
+
+ // Verify Auth
+ paramTextSize = BSG_PackList(paramText, 2,
+ BSG_TPM_RESULT, &status,
+ BSG_TPM_COMMAND_CODE, &command);
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ ownerAuth, auth,
+ hContext) );
+ goto egress;
+
+ abort_egress:
+ egress:
+ free(paramText);
+ return status;
+}
+
+TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_USAGE usage,
+ const TPM_AUTHDATA *newKeyAuth,
+ const TCS_KEY_HANDLE parentHandle,
+ const TPM_AUTHDATA *osapSharedSecret,
+ buffer_t *pubKeyBuf,
+ TCS_AUTH *auth) {
+
+ int i;
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE command = TPM_ORD_CreateWrapKey;
+
+ vtpmloginfo(VTPM_LOG_VTSP, "Creating new key of type %d.\n", usage);
+
+ // vars for Calculate encUsageAuth
+ BYTE *paramText;
+ UINT32 paramTextSize;
+
+ // vars for Calculate encUsageAuth
+ BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)];
+ TPM_DIGEST XORKey1;
+ UINT32 XORbufferSize;
+ TPM_SECRET encUsageAuth, encMigrationAuth;
+
+ // vars for Flatten newKey prototype
+ BYTE *flatKey = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+ UINT32 flatKeySize = TCPA_MAX_BUFFER_LENGTH;
+ struct pack_buf_t newKeyText;
+
+ // Fill in newKey
+ TPM_KEY newKey;
+
+ BYTE RSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, 0x00,
0x00, 0x02, 0x00, 0x00, 0x00, 0x00};
+ newKey.algorithmParms.algorithmID = TPM_ALG_RSA;
+ newKey.algorithmParms.parms = (BYTE *) &RSAkeyInfo;
+ newKey.algorithmParms.parmSize = 12;
+
+ switch (usage) {
+ case TPM_KEY_SIGNING:
+ vtpmloginfo(VTPM_LOG_VTSP, "Creating Signing Key...\n");
+ newKey.keyUsage = TPM_KEY_SIGNING;
+ newKey.algorithmParms.encScheme = TPM_ES_NONE;
+ newKey.algorithmParms.sigScheme = TPM_SS_RSASSAPKCS1v15_SHA1;
+ break;
+ case TPM_KEY_STORAGE:
+ vtpmloginfo(VTPM_LOG_VTSP, "Creating Storage Key...\n");
+ newKey.keyUsage = TPM_KEY_STORAGE;
+ newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
+ newKey.algorithmParms.sigScheme = TPM_SS_NONE;
+ break;
+ case TPM_KEY_BIND:
+ vtpmloginfo(VTPM_LOG_VTSP, "Creating Binding Key...\n");
+ newKey.keyUsage = TPM_KEY_BIND;
+ newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
+ newKey.algorithmParms.sigScheme = TPM_SS_NONE;
+ break;
+ default:
+ vtpmloginfo(VTPM_LOG_VTSP, "Cannot create key. Invalid Key Type.\n");
+ status = TPM_BAD_PARAMETER;
+ goto abort_egress;
+ }
+
+
+ newKey.ver = TPM_STRUCT_VER_1_1;
+
+ newKey.keyFlags = 0;
+ newKey.authDataUsage = TPM_AUTH_ALWAYS;
+ newKey.pubKey.keyLength= 0;
+ newKey.encDataSize = 0;
+ newKey.encData = NULL;
+
+ // FIXME: Support PCR bindings
+ newKey.PCRInfoSize = 0;
+ newKey.PCRInfo = NULL;
+
+ // Calculate encUsageAuth
+ XORbufferSize = BSG_PackList( XORbuffer, 2,
+ BSG_TPM_SECRET, osapSharedSecret,
+ BSG_TPM_NONCE, &auth->NonceEven);
+ Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey1);
+
+ // FIXME: No support for migratable keys.
+ for (i=0; i < TPM_DIGEST_SIZE; i++)
+ ((BYTE *) &encUsageAuth)[i] = ((BYTE *) &XORKey1)[i] ^ ((BYTE *)
newKeyAuth)[i];
+
+ // Flatten newKey prototype
+ flatKeySize = BSG_Pack(BSG_TPM_KEY, (BYTE *) &newKey, flatKey);
+ newKeyText.data = flatKey;
+ newKeyText.size = flatKeySize;
+
+ // GenerateAuth new nonceOdd
+ Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
+
+ // Generate HMAC
+ paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+
+ paramTextSize = BSG_PackList(paramText, 3,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_AUTHDATA, &encUsageAuth,
+ BSG_TPM_AUTHDATA, &encMigrationAuth);
+ memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
+ paramTextSize += newKeyText.size;
+
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
+ osapSharedSecret, auth) );
+
+ // Call TCS
+ TPMTRYRETURN( TCSP_CreateWrapKey( hContext,
+ parentHandle,
+ encUsageAuth,
+ encMigrationAuth,
+ &newKeyText.size,
+ &newKeyText.data,
+ auth) );
+
+ // Verify Auth
+ paramTextSize = BSG_PackList(paramText, 2,
+ BSG_TPM_RESULT, &status,
+ BSG_TPM_COMMAND_CODE, &command);
+ memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
+ paramTextSize += newKeyText.size;
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ osapSharedSecret, auth, 0) );
+
+ // Unpack/return key structure
+ TPMTRYRETURN(buffer_init(pubKeyBuf, 0, 0) );
+ TPMTRYRETURN(buffer_append_raw(pubKeyBuf, newKeyText.size, newKeyText.data)
);
+
+ goto egress;
+
+ abort_egress:
+
+ egress:
+
+ free(flatKey);
+ free(paramText);
+ TCS_FreeMemory(hContext, newKeyText.data);
+
+ return status;
+}
+
+TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext,
+ const TCS_KEY_HANDLE hUnwrappingKey,
+ const buffer_t *rgbWrappedKeyBlob,
+ const TPM_AUTHDATA *parentAuth,
+ TPM_HANDLE *newKeyHandle,
+ TCS_AUTH *auth,
+ CRYPTO_INFO *cryptoinfo /*= NULL*/) {
+
+
+ vtpmloginfo(VTPM_LOG_VTSP, "Loading Key.\n%s","");
+
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE command = TPM_ORD_LoadKey;
+
+ BYTE *paramText; // Digest to make Auth.
+ UINT32 paramTextSize;
+
+ if ((rgbWrappedKeyBlob == NULL) || (parentAuth == NULL) ||
+ (newKeyHandle==NULL) || (auth==NULL)) {
+ status = TPM_BAD_PARAMETER;
+ goto abort_egress;
+ }
+
+ // Generate Extra TCS Parameters
+ TPM_HANDLE phKeyHMAC;
+
+ // Generate HMAC
+ Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
+
+ paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+
+ paramTextSize = BSG_PackList(paramText, 1,
+ BSG_TPM_COMMAND_CODE, &command);
+
+ memcpy(paramText + paramTextSize, rgbWrappedKeyBlob->bytes,
buffer_len(rgbWrappedKeyBlob));
+ paramTextSize += buffer_len(rgbWrappedKeyBlob);
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
+ parentAuth, auth) );
+
+ // Call TCS
+ TPMTRYRETURN( TCSP_LoadKeyByBlob( hContext,
+ hUnwrappingKey,
+ buffer_len(rgbWrappedKeyBlob),
+ rgbWrappedKeyBlob->bytes,
+ auth,
+ newKeyHandle,
+ &phKeyHMAC) );
+
+ // Verify Auth
+ paramTextSize = BSG_PackList(paramText, 3,
+ BSG_TPM_RESULT, &status,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_HANDLE, newKeyHandle);
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ parentAuth, auth,
+ hContext) );
+
+ // Unpack/return key structure
+ if (cryptoinfo != NULL) {
+ TPM_KEY newKey;
+
+ BSG_Unpack(BSG_TPM_KEY, rgbWrappedKeyBlob->bytes , &newKey);
+ TPM_RSA_KEY_PARMS rsaKeyParms;
+
+ BSG_Unpack(BSG_TPM_RSA_KEY_PARMS,
+ newKey.algorithmParms.parms,
+ &rsaKeyParms);
+
+ Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize,
+ rsaKeyParms.exponent,
+ newKey.pubKey.keyLength,
+ newKey.pubKey.key,
+ cryptoinfo);
+
+ // Destroy rsaKeyParms
+ BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
+
+ // Set encryption scheme
+ cryptoinfo->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
+ }
+
+ goto egress;
+
+ abort_egress:
+
+ egress:
+
+ free(paramText);
+ return status;
+}
+
+TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_HANDLE key_handle,
+ const buffer_t *bound_data,
+ const TPM_AUTHDATA *usage_auth,
+ buffer_t *clear_data,
+ TCS_AUTH *auth) {
+
+ vtpmloginfo(VTPM_LOG_VTSP, "Unbinding %d bytes of data.\n",
buffer_len(bound_data));
+
+ TPM_RESULT status = TPM_SUCCESS;
+ TPM_COMMAND_CODE command = TPM_ORD_UnBind;
+
+ BYTE *paramText; // Digest to make Auth.
+ UINT32 paramTextSize;
+
+ // Generate Extra TCS Parameters
+ struct pack_buf_t clear_data32;
+ BYTE *clear_data_text;
+ UINT32 clear_data_size;
+
+ // Generate HMAC
+ Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
+
+ struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes};
+
+ paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+
+ paramTextSize = BSG_PackList(paramText, 2,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_SIZE32_DATA, &bound_data32);
+
+ TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
+ usage_auth, auth) );
+
+ // Call TCS
+ TPMTRYRETURN( TCSP_UnBind( hContext,
+ key_handle,
+ buffer_len(bound_data),
+ bound_data->bytes,
+ auth,
+ &clear_data_size,
+ &clear_data_text) );
+
+
+ // Verify Auth
+ clear_data32.size = clear_data_size;
+ clear_data32.data = clear_data_text;
+ paramTextSize = BSG_PackList(paramText, 3,
+ BSG_TPM_RESULT, &status,
+ BSG_TPM_COMMAND_CODE, &command,
+ BSG_TPM_SIZE32_DATA, &clear_data32);
+
+ TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
+ usage_auth, auth,
+ hContext) );
+
+ // Unpack/return key structure
+ TPMTRYRETURN(buffer_init(clear_data, 0, 0));
+ TPMTRYRETURN(buffer_append_raw (clear_data, clear_data_size,
clear_data_text) );
+
+ goto egress;
+
+ abort_egress:
+
+ egress:
+
+ free(paramText);
+ TCS_FreeMemory(hContext, clear_data_text);
+
+ return status;
+}
+
+TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo,
+ const buffer_t *inData,
+ buffer_t *outData)
+{
+ vtpmloginfo(VTPM_LOG_VTSP, "Binding %d bytes of data.\n",
buffer_len(inData));
+ TPM_BOUND_DATA boundData;
+ UINT32 i;
+
+ // Fill boundData's accessory information
+ boundData.ver = TPM_STRUCT_VER_1_1;
+ boundData.payload = TPM_PT_BIND;
+ boundData.payloadData = inData->bytes;
+
+ // Pack boundData before encryption
+ BYTE* flatBoundData = (BYTE *)malloc(sizeof(BYTE) *
+ (sizeof(TPM_VERSION) +
+ sizeof(TPM_PAYLOAD_TYPE) +
+ buffer_len(inData)));
+ if (flatBoundData == NULL) {
+ return TPM_NOSPACE;
+ }
+ UINT32 flatBoundDataSize = 0;
+ flatBoundDataSize = BSG_PackList( flatBoundData, 2,
+ BSG_TPM_VERSION, &boundData.ver,
+ BSG_TYPE_BYTE, &boundData.payload);
+
+ memcpy(flatBoundData+flatBoundDataSize, inData->bytes, buffer_len(inData));
+ flatBoundDataSize += buffer_len(inData);
+
+ BYTE out_tmp[RSA_KEY_SIZE/8]; // RSAEnc does not do blocking, So this is
what will come out.
+ UINT32 out_tmp_size;
+
+ // Encrypt flatBoundData
+ Crypto_RSAEnc( cryptoInfo,
+ flatBoundDataSize,
+ flatBoundData,
+ &out_tmp_size,
+ out_tmp);
+
+ if (out_tmp_size > RSA_KEY_SIZE/8) {
+ // The result of RSAEnc should be a fixed size based on key size.
+ vtpmlogerror(VTPM_LOG_VTSP, "Enc buffer just overflowed.\n");
+ }
+
+ buffer_init(outData, 0, NULL);
+ buffer_append_raw(outData, out_tmp_size, out_tmp);
+
+ vtpmloginfo(VTPM_LOG_TXDATA, "Bind Generated[%d] = 0x", out_tmp_size);
+ for(i = 0 ; i < out_tmp_size ; i++) {
+ vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out_tmp[i]);
+ }
+ vtpmloginfomore(VTPM_LOG_TXDATA, "\n");
+
+ // Free flatBoundData
+ free(flatBoundData);
+
+ return TPM_SUCCESS;
+}
+
+// Function Reaches into unsupported TCS command, beware.
+TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext,
+ const buffer_t *inbuf,
+ buffer_t *outbuf ) {
+
+ vtpmloginfo(VTPM_LOG_VTSP, "Passthrough in use.\n");
+ TPM_RESULT status = TPM_SUCCESS;
+
+ // Generate Extra TCS Parameters
+ BYTE *resultText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
+ UINT32 resultTextSize = TCPA_MAX_BUFFER_LENGTH;
+
+ // Call TCS
+ TPMTRYRETURN( TCSP_RawTransmitData(buffer_len(inbuf), inbuf->bytes,
+ &resultTextSize, resultText) );
+
+ // Unpack/return key structure
+ TPMTRYRETURN(buffer_init (outbuf, resultTextSize, resultText) );
+ goto egress;
+
+ abort_egress:
+
+ egress:
+ TCS_FreeMemory(hContext, resultText);
+ free(resultText);
+ return status;
+}
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtsp.h
--- a/tools/vtpm_manager/manager/vtsp.h Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/manager/vtsp.h Wed Nov 30 11:07:28 2005
@@ -1,102 +1,102 @@
-// ===================================================================
-//
-// Copyright (c) 2005, Intel Corp.
-// All rights reserved.
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions
-// are met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following
-// disclaimer in the documentation and/or other materials provided
-// with the distribution.
-// * Neither the name of Intel Corporation nor the names of its
-// contributors may be used to endorse or promote products derived
-// from this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
-// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
-// OF THE POSSIBILITY OF SUCH DAMAGE.
-// ===================================================================
-//
-// vtsp.h
-//
-// Higher level interface to TCS.
-//
-// ==================================================================
-
-#ifndef __VTSP_H__
-#define __VTSP_H__
-
-#include "tcg.h"
-#include "tcs.h"
-
-#define KEY_BUFFER_SIZE 2048
-
-TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext,
- const buffer_t *inbuf,
- buffer_t *outbuf );
-
-TPM_RESULT VTSP_OIAP( const TCS_CONTEXT_HANDLE hContext,
- TCS_AUTH *auth);
-
-TPM_RESULT VTSP_OSAP( const TCS_CONTEXT_HANDLE hContext,
- const TPM_ENTITY_TYPE entityType,
- const UINT32 entityValue,
- const TPM_AUTHDATA *usageAuth,
- TPM_SECRET *sharedsecret,
- TCS_AUTH *auth);
-
-TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext,
- CRYPTO_INFO *cypto_info);
-
-TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext,
- const TPM_AUTHDATA *ownerAuth,
- const TPM_AUTHDATA *srkAuth,
- CRYPTO_INFO *ek_cryptoInfo,
- TCS_AUTH *auth);
-
-TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext,
- const TPM_AUTHDATA *ownerAuth,
- TCS_AUTH *auth);
-
-TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext,
- const TPM_KEY_USAGE usage,
- const TPM_AUTHDATA *newKeyAuth,
- const TCS_KEY_HANDLE parentHandle,
- const TPM_AUTHDATA *osapSharedSecret,
- buffer_t *pubKeyBuf,
- TCS_AUTH *auth);
-
-TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext,
- const TCS_KEY_HANDLE hUnwrappingKey,
- const buffer_t *rgbWrappedKeyBlob,
- const TPM_AUTHDATA *parentAuth,
- TPM_HANDLE *newKeyHandle,
- TCS_AUTH *pAuth,
- CRYPTO_INFO *cryptoinfo);
-
-TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext,
- const TPM_KEY_HANDLE key_handle,
- const buffer_t *bound_data,
- const TPM_AUTHDATA *usage_auth,
- buffer_t *clear_data,
- TCS_AUTH *auth);
-
-TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo,
- const buffer_t *inData,
- buffer_t *outData);
-
-#endif //_VTSP_H_
+// ===================================================================
+//
+// Copyright (c) 2005, Intel Corp.
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions
+// are met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Intel Corporation nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+// OF THE POSSIBILITY OF SUCH DAMAGE.
+// ===================================================================
+//
+// vtsp.h
+//
+// Higher level interface to TCS.
+//
+// ==================================================================
+
+#ifndef __VTSP_H__
+#define __VTSP_H__
+
+#include "tcg.h"
+#include "tcs.h"
+
+#define KEY_BUFFER_SIZE 2048
+
+TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext,
+ const buffer_t *inbuf,
+ buffer_t *outbuf );
+
+TPM_RESULT VTSP_OIAP( const TCS_CONTEXT_HANDLE hContext,
+ TCS_AUTH *auth);
+
+TPM_RESULT VTSP_OSAP( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_ENTITY_TYPE entityType,
+ const UINT32 entityValue,
+ const TPM_AUTHDATA *usageAuth,
+ TPM_SECRET *sharedsecret,
+ TCS_AUTH *auth);
+
+TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext,
+ CRYPTO_INFO *cypto_info);
+
+TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_AUTHDATA *ownerAuth,
+ const TPM_AUTHDATA *srkAuth,
+ CRYPTO_INFO *ek_cryptoInfo,
+ TCS_AUTH *auth);
+
+TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_AUTHDATA *ownerAuth,
+ TCS_AUTH *auth);
+
+TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_USAGE usage,
+ const TPM_AUTHDATA *newKeyAuth,
+ const TCS_KEY_HANDLE parentHandle,
+ const TPM_AUTHDATA *osapSharedSecret,
+ buffer_t *pubKeyBuf,
+ TCS_AUTH *auth);
+
+TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext,
+ const TCS_KEY_HANDLE hUnwrappingKey,
+ const buffer_t *rgbWrappedKeyBlob,
+ const TPM_AUTHDATA *parentAuth,
+ TPM_HANDLE *newKeyHandle,
+ TCS_AUTH *pAuth,
+ CRYPTO_INFO *cryptoinfo);
+
+TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext,
+ const TPM_KEY_HANDLE key_handle,
+ const buffer_t *bound_data,
+ const TPM_AUTHDATA *usage_auth,
+ buffer_t *clear_data,
+ TCS_AUTH *auth);
+
+TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo,
+ const buffer_t *inData,
+ buffer_t *outData);
+
+#endif //_VTSP_H_
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/util/Makefile
--- a/tools/vtpm_manager/util/Makefile Wed Nov 30 10:36:57 2005
+++ b/tools/vtpm_manager/util/Makefile Wed Nov 30 11:07:28 2005
@@ -1,19 +1,19 @@
-XEN_ROOT = ../../..
-include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
-
-BIN = libTCGUtils.a
-
-all: build
-
-build: $(BIN)
-
-install: build
-
-clean:
- rm -f *.a *.so *.o *.rpm $(DEP_FILES)
-
-mrproper: clean
- rm -f *~
-
-$(BIN): $(OBJS)
- $(AR) rcs $(BIN) $(OBJS)
+XEN_ROOT = ../../..
+include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
+
+BIN = libTCGUtils.a
+
+all: build
+
+build: $(BIN)
+
+install: build
+
+clean:
+ rm -f *.a *.so *.o *.rpm $(DEP_FILES)
+
+mrproper: clean
+ rm -f *~
+
+$(BIN): $(OBJS)
+ $(AR) rcs $(BIN) $(OBJS)
diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/util/depend
--- a/tools/vtpm_manager/util/depend Wed Nov 30 10:36:57 2005
+++ /dev/null Wed Nov 30 11:07:28 2005
@@ -1,7 +0,0 @@
-hashtable.o: hashtable.c hashtable.h hashtable_private.h
-hashtable_itr.o: hashtable_itr.c hashtable.h hashtable_private.h \
- hashtable_itr.h
-bsg.o: bsg.c tcg.h ../crypto/crypto.h ../crypto/sym_crypto.h buffer.h \
- bsg.h log.h
-log.o: log.c buffer.h tcg.h
-buffer.o: buffer.c tcg.h bsg.h buffer.h
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
Home