ia64/xen-unstable

changeset 8130:3399f4b9396a

Removes the carriage returns from some of the vtpm
source files that were edited in windows at some point.

Signed-off-by: Vinnie Scarlata <vincent.r.scarlata@intel.com>
author kaf24@firebug.cl.cam.ac.uk
date Wed Nov 30 12:07:28 2005 +0100 (2005-11-30)
parents d963256dc3e0
children 72f79d68e86c
files tools/vtpm_manager/crypto/Makefile tools/vtpm_manager/manager/Makefile tools/vtpm_manager/manager/tpmpassthrough.c tools/vtpm_manager/manager/vtpm_manager.h tools/vtpm_manager/manager/vtpmd.c tools/vtpm_manager/manager/vtpmpriv.h tools/vtpm_manager/manager/vtsp.c tools/vtpm_manager/manager/vtsp.h tools/vtpm_manager/util/Makefile
line diff
     1.1 --- a/tools/vtpm_manager/crypto/Makefile	Wed Nov 30 11:36:57 2005 +0100
     1.2 +++ b/tools/vtpm_manager/crypto/Makefile	Wed Nov 30 12:07:28 2005 +0100
     1.3 @@ -1,19 +1,19 @@
     1.4 -XEN_ROOT = ../../..
     1.5 -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
     1.6 -
     1.7 -BIN		= libtcpaCrypto.a
     1.8 -
     1.9 -all: build
    1.10 -
    1.11 -build: $(BIN)
    1.12 -
    1.13 -install: build
    1.14 -
    1.15 -clean:
    1.16 -	rm -f *.a *.so *.o *.rpm $(DEP_FILES)
    1.17 -
    1.18 -mrproper: clean
    1.19 -	rm -f *~
    1.20 -
    1.21 -$(BIN): $(OBJS)
    1.22 -	$(AR) rcs $(BIN) $(OBJS)
    1.23 +XEN_ROOT = ../../..
    1.24 +include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
    1.25 +
    1.26 +BIN		= libtcpaCrypto.a
    1.27 +
    1.28 +all: build
    1.29 +
    1.30 +build: $(BIN)
    1.31 +
    1.32 +install: build
    1.33 +
    1.34 +clean:
    1.35 +	rm -f *.a *.so *.o *.rpm $(DEP_FILES)
    1.36 +
    1.37 +mrproper: clean
    1.38 +	rm -f *~
    1.39 +
    1.40 +$(BIN): $(OBJS)
    1.41 +	$(AR) rcs $(BIN) $(OBJS)
     2.1 --- a/tools/vtpm_manager/manager/Makefile	Wed Nov 30 11:36:57 2005 +0100
     2.2 +++ b/tools/vtpm_manager/manager/Makefile	Wed Nov 30 12:07:28 2005 +0100
     2.3 @@ -1,27 +1,27 @@
     2.4 -XEN_ROOT = ../../..
     2.5 -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
     2.6 -
     2.7 -BIN		= vtpm_managerd
     2.8 -
     2.9 -all: build
    2.10 -
    2.11 -build: $(BIN)
    2.12 -
    2.13 -install: build
    2.14 -	if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \
    2.15 -		then mkdir -p $(DESTDIR)/var/vtpm/fifos; \
    2.16 -	fi
    2.17 -	$(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
    2.18 -
    2.19 -clean:
    2.20 -	rm -f *.a *.so *.o *.rpm $(DEP_FILES)
    2.21 -
    2.22 -mrproper: clean
    2.23 -	rm -f $(BIN) *~
    2.24 -
    2.25 -$(BIN): $(OBJS)
    2.26 -	$(CC) $(LDFLAGS) $^ $(LIBS) -o $@
    2.27 -
    2.28 -# libraries
    2.29 -LIBS += ../tcs/libTCS.a ../util/libTCGUtils.a ../crypto/libtcpaCrypto.a
    2.30 -LIBS += -lcrypto -lpthread -lrt -lm
    2.31 +XEN_ROOT = ../../..
    2.32 +include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
    2.33 +
    2.34 +BIN		= vtpm_managerd
    2.35 +
    2.36 +all: build
    2.37 +
    2.38 +build: $(BIN)
    2.39 +
    2.40 +install: build
    2.41 +	if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \
    2.42 +		then mkdir -p $(DESTDIR)/var/vtpm/fifos; \
    2.43 +	fi
    2.44 +	$(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR)
    2.45 +
    2.46 +clean:
    2.47 +	rm -f *.a *.so *.o *.rpm $(DEP_FILES)
    2.48 +
    2.49 +mrproper: clean
    2.50 +	rm -f $(BIN) *~
    2.51 +
    2.52 +$(BIN): $(OBJS)
    2.53 +	$(CC) $(LDFLAGS) $^ $(LIBS) -o $@
    2.54 +
    2.55 +# libraries
    2.56 +LIBS += ../tcs/libTCS.a ../util/libTCGUtils.a ../crypto/libtcpaCrypto.a
    2.57 +LIBS += -lcrypto -lpthread -lrt -lm
     3.1 --- a/tools/vtpm_manager/manager/tpmpassthrough.c	Wed Nov 30 11:36:57 2005 +0100
     3.2 +++ b/tools/vtpm_manager/manager/tpmpassthrough.c	Wed Nov 30 12:07:28 2005 +0100
     3.3 @@ -1,110 +1,110 @@
     3.4 -// ===================================================================
     3.5 -// 
     3.6 -// Copyright (c) 2005, Intel Corp.
     3.7 -// All rights reserved.
     3.8 -//
     3.9 -// Redistribution and use in source and binary forms, with or without 
    3.10 -// modification, are permitted provided that the following conditions 
    3.11 -// are met:
    3.12 -//
    3.13 -//   * Redistributions of source code must retain the above copyright 
    3.14 -//     notice, this list of conditions and the following disclaimer.
    3.15 -//   * Redistributions in binary form must reproduce the above 
    3.16 -//     copyright notice, this list of conditions and the following 
    3.17 -//     disclaimer in the documentation and/or other materials provided 
    3.18 -//     with the distribution.
    3.19 -//   * Neither the name of Intel Corporation nor the names of its 
    3.20 -//     contributors may be used to endorse or promote products derived
    3.21 -//     from this software without specific prior written permission.
    3.22 -//
    3.23 -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
    3.24 -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
    3.25 -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
    3.26 -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
    3.27 -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
    3.28 -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    3.29 -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
    3.30 -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    3.31 -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
    3.32 -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
    3.33 -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    3.34 -// OF THE POSSIBILITY OF SUCH DAMAGE.
    3.35 -// ===================================================================
    3.36 -// 
    3.37 -// tpmpassthrough.c
    3.38 -// 
    3.39 -//  Functions regarding passing DMI requests to HWTPM
    3.40 -//
    3.41 -// ==================================================================
    3.42 -
    3.43 -#include "tcg.h"
    3.44 -#include "vtpm_manager.h"
    3.45 -#include "vtpmpriv.h"
    3.46 -#include "vtsp.h"
    3.47 -#include "log.h"
    3.48 -
    3.49 -TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi,
    3.50 -				    buffer_t *inbuf,  
    3.51 -				    buffer_t *outbuf) {
    3.52 -  
    3.53 -  TPM_RESULT status = TPM_SUCCESS;
    3.54 -  TPM_COMMAND_CODE *ord;               
    3.55 -  
    3.56 -  ord = (TPM_COMMAND_CODE *) (inbuf->bytes + sizeof(TPM_TAG) + sizeof(UINT32));
    3.57 -  
    3.58 -  switch (*ord) {
    3.59 -    
    3.60 -    // Forbidden for DMI use
    3.61 -  case TPM_ORD_TakeOwnership:
    3.62 -  case TPM_ORD_ChangeAuthOwner:
    3.63 -  case TPM_ORD_DirWriteAuth:
    3.64 -  case TPM_ORD_DirRead:
    3.65 -  case TPM_ORD_AuthorizeMigrationKey:
    3.66 -  case TPM_ORD_CreateMaintenanceArchive:
    3.67 -  case TPM_ORD_LoadMaintenanceArchive:
    3.68 -  case TPM_ORD_KillMaintenanceFeature:
    3.69 -  case TPM_ORD_LoadManuMaintPub:
    3.70 -  case TPM_ORD_ReadManuMaintPub:
    3.71 -  case TPM_ORD_SelfTestFull:
    3.72 -  case TPM_ORD_SelfTestStartup:
    3.73 -  case TPM_ORD_CertifySelfTest:
    3.74 -  case TPM_ORD_ContinueSelfTest:
    3.75 -  case TPM_ORD_GetTestResult:
    3.76 -  case TPM_ORD_Reset:
    3.77 -  case TPM_ORD_OwnerClear:
    3.78 -  case TPM_ORD_DisableOwnerClear:
    3.79 -  case TPM_ORD_ForceClear:
    3.80 -  case TPM_ORD_DisableForceClear:
    3.81 -  case TPM_ORD_GetCapabilityOwner:
    3.82 -  case TPM_ORD_OwnerSetDisable:
    3.83 -  case TPM_ORD_PhysicalEnable:
    3.84 -  case TPM_ORD_PhysicalDisable:
    3.85 -  case TPM_ORD_SetOwnerInstall:
    3.86 -  case TPM_ORD_PhysicalSetDeactivated:
    3.87 -  case TPM_ORD_SetTempDeactivated:
    3.88 -  case TPM_ORD_CreateEndorsementKeyPair:
    3.89 -  case TPM_ORD_GetAuditEvent:
    3.90 -  case TPM_ORD_GetAuditEventSigned:
    3.91 -  case TPM_ORD_GetOrdinalAuditStatus:
    3.92 -  case TPM_ORD_SetOrdinalAuditStatus:
    3.93 -  case TPM_ORD_SetRedirection:
    3.94 -  case TPM_ORD_FieldUpgrade:
    3.95 -  case TSC_ORD_PhysicalPresence:
    3.96 -    status = TPM_DISABLED_CMD;
    3.97 -    goto abort_egress;
    3.98 -    break;
    3.99 -    
   3.100 -  } // End ORD Switch
   3.101 -  
   3.102 -  // Call TCS with command
   3.103 -  
   3.104 -  TPMTRY(TPM_IOERROR, VTSP_RawTransmit( dmi->TCSContext,inbuf, outbuf) );
   3.105 -  
   3.106 -  goto egress;
   3.107 -  
   3.108 - abort_egress:
   3.109 -  vtpmloginfo(VTPM_LOG_VTPM, "TPM Command Failed in tpmpassthrough.\n");
   3.110 - egress:
   3.111 -  
   3.112 -  return status;
   3.113 -}
   3.114 +// ===================================================================
   3.115 +// 
   3.116 +// Copyright (c) 2005, Intel Corp.
   3.117 +// All rights reserved.
   3.118 +//
   3.119 +// Redistribution and use in source and binary forms, with or without 
   3.120 +// modification, are permitted provided that the following conditions 
   3.121 +// are met:
   3.122 +//
   3.123 +//   * Redistributions of source code must retain the above copyright 
   3.124 +//     notice, this list of conditions and the following disclaimer.
   3.125 +//   * Redistributions in binary form must reproduce the above 
   3.126 +//     copyright notice, this list of conditions and the following 
   3.127 +//     disclaimer in the documentation and/or other materials provided 
   3.128 +//     with the distribution.
   3.129 +//   * Neither the name of Intel Corporation nor the names of its 
   3.130 +//     contributors may be used to endorse or promote products derived
   3.131 +//     from this software without specific prior written permission.
   3.132 +//
   3.133 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
   3.134 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
   3.135 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
   3.136 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
   3.137 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
   3.138 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   3.139 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
   3.140 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   3.141 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
   3.142 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
   3.143 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   3.144 +// OF THE POSSIBILITY OF SUCH DAMAGE.
   3.145 +// ===================================================================
   3.146 +// 
   3.147 +// tpmpassthrough.c
   3.148 +// 
   3.149 +//  Functions regarding passing DMI requests to HWTPM
   3.150 +//
   3.151 +// ==================================================================
   3.152 +
   3.153 +#include "tcg.h"
   3.154 +#include "vtpm_manager.h"
   3.155 +#include "vtpmpriv.h"
   3.156 +#include "vtsp.h"
   3.157 +#include "log.h"
   3.158 +
   3.159 +TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi,
   3.160 +				    buffer_t *inbuf,  
   3.161 +				    buffer_t *outbuf) {
   3.162 +  
   3.163 +  TPM_RESULT status = TPM_SUCCESS;
   3.164 +  TPM_COMMAND_CODE *ord;               
   3.165 +  
   3.166 +  ord = (TPM_COMMAND_CODE *) (inbuf->bytes + sizeof(TPM_TAG) + sizeof(UINT32));
   3.167 +  
   3.168 +  switch (*ord) {
   3.169 +    
   3.170 +    // Forbidden for DMI use
   3.171 +  case TPM_ORD_TakeOwnership:
   3.172 +  case TPM_ORD_ChangeAuthOwner:
   3.173 +  case TPM_ORD_DirWriteAuth:
   3.174 +  case TPM_ORD_DirRead:
   3.175 +  case TPM_ORD_AuthorizeMigrationKey:
   3.176 +  case TPM_ORD_CreateMaintenanceArchive:
   3.177 +  case TPM_ORD_LoadMaintenanceArchive:
   3.178 +  case TPM_ORD_KillMaintenanceFeature:
   3.179 +  case TPM_ORD_LoadManuMaintPub:
   3.180 +  case TPM_ORD_ReadManuMaintPub:
   3.181 +  case TPM_ORD_SelfTestFull:
   3.182 +  case TPM_ORD_SelfTestStartup:
   3.183 +  case TPM_ORD_CertifySelfTest:
   3.184 +  case TPM_ORD_ContinueSelfTest:
   3.185 +  case TPM_ORD_GetTestResult:
   3.186 +  case TPM_ORD_Reset:
   3.187 +  case TPM_ORD_OwnerClear:
   3.188 +  case TPM_ORD_DisableOwnerClear:
   3.189 +  case TPM_ORD_ForceClear:
   3.190 +  case TPM_ORD_DisableForceClear:
   3.191 +  case TPM_ORD_GetCapabilityOwner:
   3.192 +  case TPM_ORD_OwnerSetDisable:
   3.193 +  case TPM_ORD_PhysicalEnable:
   3.194 +  case TPM_ORD_PhysicalDisable:
   3.195 +  case TPM_ORD_SetOwnerInstall:
   3.196 +  case TPM_ORD_PhysicalSetDeactivated:
   3.197 +  case TPM_ORD_SetTempDeactivated:
   3.198 +  case TPM_ORD_CreateEndorsementKeyPair:
   3.199 +  case TPM_ORD_GetAuditEvent:
   3.200 +  case TPM_ORD_GetAuditEventSigned:
   3.201 +  case TPM_ORD_GetOrdinalAuditStatus:
   3.202 +  case TPM_ORD_SetOrdinalAuditStatus:
   3.203 +  case TPM_ORD_SetRedirection:
   3.204 +  case TPM_ORD_FieldUpgrade:
   3.205 +  case TSC_ORD_PhysicalPresence:
   3.206 +    status = TPM_DISABLED_CMD;
   3.207 +    goto abort_egress;
   3.208 +    break;
   3.209 +    
   3.210 +  } // End ORD Switch
   3.211 +  
   3.212 +  // Call TCS with command
   3.213 +  
   3.214 +  TPMTRY(TPM_IOERROR, VTSP_RawTransmit( dmi->TCSContext,inbuf, outbuf) );
   3.215 +  
   3.216 +  goto egress;
   3.217 +  
   3.218 + abort_egress:
   3.219 +  vtpmloginfo(VTPM_LOG_VTPM, "TPM Command Failed in tpmpassthrough.\n");
   3.220 + egress:
   3.221 +  
   3.222 +  return status;
   3.223 +}
     4.1 --- a/tools/vtpm_manager/manager/vtpm_manager.h	Wed Nov 30 11:36:57 2005 +0100
     4.2 +++ b/tools/vtpm_manager/manager/vtpm_manager.h	Wed Nov 30 12:07:28 2005 +0100
     4.3 @@ -1,137 +1,137 @@
     4.4 -// ===================================================================
     4.5 -// 
     4.6 -// Copyright (c) 2005, Intel Corp.
     4.7 -// All rights reserved.
     4.8 -//
     4.9 -// Redistribution and use in source and binary forms, with or without 
    4.10 -// modification, are permitted provided that the following conditions 
    4.11 -// are met:
    4.12 -//
    4.13 -//   * Redistributions of source code must retain the above copyright 
    4.14 -//     notice, this list of conditions and the following disclaimer.
    4.15 -//   * Redistributions in binary form must reproduce the above 
    4.16 -//     copyright notice, this list of conditions and the following 
    4.17 -//     disclaimer in the documentation and/or other materials provided 
    4.18 -//     with the distribution.
    4.19 -//   * Neither the name of Intel Corporation nor the names of its 
    4.20 -//     contributors may be used to endorse or promote products derived
    4.21 -//     from this software without specific prior written permission.
    4.22 -//
    4.23 -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
    4.24 -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
    4.25 -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
    4.26 -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
    4.27 -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
    4.28 -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    4.29 -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
    4.30 -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    4.31 -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
    4.32 -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
    4.33 -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    4.34 -// OF THE POSSIBILITY OF SUCH DAMAGE.
    4.35 -// ===================================================================
    4.36 -// 
    4.37 -// vtpm_manager.h
    4.38 -// 
    4.39 -//  Public Interface header for VTPM Manager
    4.40 -//
    4.41 -// ==================================================================
    4.42 -
    4.43 -#ifndef __VTPM_MANAGER_H__
    4.44 -#define __VTPM_MANAGER_H__
    4.45 -
    4.46 -#include "tcg.h"
    4.47 -
    4.48 -#define VTPM_TAG_REQ 0x01c1
    4.49 -#define VTPM_TAG_RSP 0x01c4
    4.50 -#define COMMAND_BUFFER_SIZE 4096
    4.51 -
    4.52 -// Header sizes. Note Header MAY include the DMI
    4.53 -#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
    4.54 -#define VTPM_COMMAND_HEADER_SIZE_CLT (                  sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
    4.55 -
    4.56 -// ********************** Public Functions *************************
    4.57 -TPM_RESULT VTPM_Init_Service(); // Start VTPM Service
    4.58 -void VTPM_Stop_Service();  // Stop VTPM Service
    4.59 -#ifdef VTPM_MULTI_VM
    4.60 -int VTPM_Service_Handler();
    4.61 -#else
    4.62 -void *VTPM_Service_Handler(void *threadTypePtr);
    4.63 -#endif
    4.64 -
    4.65 -//************************ Command Codes ****************************
    4.66 -#define VTPM_ORD_OPEN              1   // ULM Creates New DMI
    4.67 -#define VTPM_ORD_CLOSE             2   // ULM Closes a DMI
    4.68 -#define VTPM_ORD_DELETE            3   // ULM Permemently Deletes DMI
    4.69 -#define VTPM_ORD_SAVENVM          4   // DMI requests Secrets Unseal
    4.70 -#define VTPM_ORD_LOADNVM          5   // DMI requests Secrets Saved
    4.71 -#define VTPM_ORD_TPMCOMMAND       6   // DMI issues HW TPM Command
    4.72 -
    4.73 -//************************ Return Codes ****************************
    4.74 -#define VTPM_SUCCESS               0
    4.75 -#define VTPM_FAIL                  1
    4.76 -#define VTPM_UNSUPPORTED           2
    4.77 -#define VTPM_FORBIDDEN             3
    4.78 -#define VTPM_RESTORE_CONTEXT_FAILED    4
    4.79 -#define VTPM_INVALID_REQUEST       5
    4.80 -
    4.81 -/******************* Command Parameter API *************************
    4.82 -
    4.83 -VTPM Command Format
    4.84 -  dmi: 4 bytes                  // Source of message. 
    4.85 -                                // WARNING: This is prepended by the channel. 
    4.86 -                                // Thus it is received by VTPM Manager, 
    4.87 -                                // but not sent by DMI
    4.88 -  tpm tag: 2 bytes
    4.89 -  command size: 4 bytes         // Size of command including header but not DMI
    4.90 -  ord: 4 bytes                  // Command ordinal above
    4.91 -  parameters: size - 10 bytes   // Command Parameter
    4.92 -
    4.93 -VTPM Response Format
    4.94 -  tpm tag: 2 bytes
    4.95 -  response_size: 4 bytes
    4.96 -  status: 4 bytes         
    4.97 -  parameters: size - 10 bytes
    4.98 -
    4.99 -
   4.100 -VTPM_Open:
   4.101 -  Input Parameters:
   4.102 -    Domain_type: 1 byte
   4.103 -    domain_id: 4 bytes
   4.104 -    instance_id: 4 bytes
   4.105 -  Output Parameters:
   4.106 -    None
   4.107 -    
   4.108 -VTPM_Close
   4.109 -  Input Parameters:
   4.110 -    instance_id: 4 bytes
   4.111 -  Output Parameters:
   4.112 -    None
   4.113 -
   4.114 -VTPM_Delete
   4.115 -  Input Parameters:
   4.116 -    instance_id: 4 bytes
   4.117 -  Output Parameters:
   4.118 -    None
   4.119 -
   4.120 -VTPM_SaveNVM
   4.121 -  Input Parameters:
   4.122 -    data: n bytes (Header indicates size of data)
   4.123 -  Output Parameters:
   4.124 -    None
   4.125 -
   4.126 -VTPM_LoadNVM
   4.127 -  Input Parameters:
   4.128 -    None
   4.129 -  Output Parameters:
   4.130 -    data: n bytes (Header indicates size of data)
   4.131 -
   4.132 -VTPM_TPMCommand
   4.133 -  Input Parameters:
   4.134 -    TPM Command Byte Stream: n bytes 
   4.135 -  Output Parameters:
   4.136 -    TPM Reponse Byte Stream: n bytes 
   4.137 -
   4.138 -*********************************************************************/
   4.139 -
   4.140 -#endif //_VTPM_MANAGER_H_
   4.141 +// ===================================================================
   4.142 +// 
   4.143 +// Copyright (c) 2005, Intel Corp.
   4.144 +// All rights reserved.
   4.145 +//
   4.146 +// Redistribution and use in source and binary forms, with or without 
   4.147 +// modification, are permitted provided that the following conditions 
   4.148 +// are met:
   4.149 +//
   4.150 +//   * Redistributions of source code must retain the above copyright 
   4.151 +//     notice, this list of conditions and the following disclaimer.
   4.152 +//   * Redistributions in binary form must reproduce the above 
   4.153 +//     copyright notice, this list of conditions and the following 
   4.154 +//     disclaimer in the documentation and/or other materials provided 
   4.155 +//     with the distribution.
   4.156 +//   * Neither the name of Intel Corporation nor the names of its 
   4.157 +//     contributors may be used to endorse or promote products derived
   4.158 +//     from this software without specific prior written permission.
   4.159 +//
   4.160 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
   4.161 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
   4.162 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
   4.163 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
   4.164 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
   4.165 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   4.166 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
   4.167 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   4.168 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
   4.169 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
   4.170 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   4.171 +// OF THE POSSIBILITY OF SUCH DAMAGE.
   4.172 +// ===================================================================
   4.173 +// 
   4.174 +// vtpm_manager.h
   4.175 +// 
   4.176 +//  Public Interface header for VTPM Manager
   4.177 +//
   4.178 +// ==================================================================
   4.179 +
   4.180 +#ifndef __VTPM_MANAGER_H__
   4.181 +#define __VTPM_MANAGER_H__
   4.182 +
   4.183 +#include "tcg.h"
   4.184 +
   4.185 +#define VTPM_TAG_REQ 0x01c1
   4.186 +#define VTPM_TAG_RSP 0x01c4
   4.187 +#define COMMAND_BUFFER_SIZE 4096
   4.188 +
   4.189 +// Header sizes. Note Header MAY include the DMI
   4.190 +#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
   4.191 +#define VTPM_COMMAND_HEADER_SIZE_CLT (                  sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE))
   4.192 +
   4.193 +// ********************** Public Functions *************************
   4.194 +TPM_RESULT VTPM_Init_Service(); // Start VTPM Service
   4.195 +void VTPM_Stop_Service();  // Stop VTPM Service
   4.196 +#ifdef VTPM_MULTI_VM
   4.197 +int VTPM_Service_Handler();
   4.198 +#else
   4.199 +void *VTPM_Service_Handler(void *threadTypePtr);
   4.200 +#endif
   4.201 +
   4.202 +//************************ Command Codes ****************************
   4.203 +#define VTPM_ORD_OPEN              1   // ULM Creates New DMI
   4.204 +#define VTPM_ORD_CLOSE             2   // ULM Closes a DMI
   4.205 +#define VTPM_ORD_DELETE            3   // ULM Permemently Deletes DMI
   4.206 +#define VTPM_ORD_SAVENVM          4   // DMI requests Secrets Unseal
   4.207 +#define VTPM_ORD_LOADNVM          5   // DMI requests Secrets Saved
   4.208 +#define VTPM_ORD_TPMCOMMAND       6   // DMI issues HW TPM Command
   4.209 +
   4.210 +//************************ Return Codes ****************************
   4.211 +#define VTPM_SUCCESS               0
   4.212 +#define VTPM_FAIL                  1
   4.213 +#define VTPM_UNSUPPORTED           2
   4.214 +#define VTPM_FORBIDDEN             3
   4.215 +#define VTPM_RESTORE_CONTEXT_FAILED    4
   4.216 +#define VTPM_INVALID_REQUEST       5
   4.217 +
   4.218 +/******************* Command Parameter API *************************
   4.219 +
   4.220 +VTPM Command Format
   4.221 +  dmi: 4 bytes                  // Source of message. 
   4.222 +                                // WARNING: This is prepended by the channel. 
   4.223 +                                // Thus it is received by VTPM Manager, 
   4.224 +                                // but not sent by DMI
   4.225 +  tpm tag: 2 bytes
   4.226 +  command size: 4 bytes         // Size of command including header but not DMI
   4.227 +  ord: 4 bytes                  // Command ordinal above
   4.228 +  parameters: size - 10 bytes   // Command Parameter
   4.229 +
   4.230 +VTPM Response Format
   4.231 +  tpm tag: 2 bytes
   4.232 +  response_size: 4 bytes
   4.233 +  status: 4 bytes         
   4.234 +  parameters: size - 10 bytes
   4.235 +
   4.236 +
   4.237 +VTPM_Open:
   4.238 +  Input Parameters:
   4.239 +    Domain_type: 1 byte
   4.240 +    domain_id: 4 bytes
   4.241 +    instance_id: 4 bytes
   4.242 +  Output Parameters:
   4.243 +    None
   4.244 +    
   4.245 +VTPM_Close
   4.246 +  Input Parameters:
   4.247 +    instance_id: 4 bytes
   4.248 +  Output Parameters:
   4.249 +    None
   4.250 +
   4.251 +VTPM_Delete
   4.252 +  Input Parameters:
   4.253 +    instance_id: 4 bytes
   4.254 +  Output Parameters:
   4.255 +    None
   4.256 +
   4.257 +VTPM_SaveNVM
   4.258 +  Input Parameters:
   4.259 +    data: n bytes (Header indicates size of data)
   4.260 +  Output Parameters:
   4.261 +    None
   4.262 +
   4.263 +VTPM_LoadNVM
   4.264 +  Input Parameters:
   4.265 +    None
   4.266 +  Output Parameters:
   4.267 +    data: n bytes (Header indicates size of data)
   4.268 +
   4.269 +VTPM_TPMCommand
   4.270 +  Input Parameters:
   4.271 +    TPM Command Byte Stream: n bytes 
   4.272 +  Output Parameters:
   4.273 +    TPM Reponse Byte Stream: n bytes 
   4.274 +
   4.275 +*********************************************************************/
   4.276 +
   4.277 +#endif //_VTPM_MANAGER_H_
     5.1 --- a/tools/vtpm_manager/manager/vtpmd.c	Wed Nov 30 11:36:57 2005 +0100
     5.2 +++ b/tools/vtpm_manager/manager/vtpmd.c	Wed Nov 30 12:07:28 2005 +0100
     5.3 @@ -1,134 +1,134 @@
     5.4 -// ===================================================================
     5.5 -// 
     5.6 -// Copyright (c) 2005, Intel Corp.
     5.7 -// All rights reserved.
     5.8 -//
     5.9 -// Redistribution and use in source and binary forms, with or without 
    5.10 -// modification, are permitted provided that the following conditions 
    5.11 -// are met:
    5.12 -//
    5.13 -//   * Redistributions of source code must retain the above copyright 
    5.14 -//     notice, this list of conditions and the following disclaimer.
    5.15 -//   * Redistributions in binary form must reproduce the above 
    5.16 -//     copyright notice, this list of conditions and the following 
    5.17 -//     disclaimer in the documentation and/or other materials provided 
    5.18 -//     with the distribution.
    5.19 -//   * Neither the name of Intel Corporation nor the names of its 
    5.20 -//     contributors may be used to endorse or promote products derived
    5.21 -//     from this software without specific prior written permission.
    5.22 -//
    5.23 -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
    5.24 -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
    5.25 -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
    5.26 -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
    5.27 -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
    5.28 -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    5.29 -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
    5.30 -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    5.31 -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
    5.32 -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
    5.33 -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    5.34 -// OF THE POSSIBILITY OF SUCH DAMAGE.
    5.35 -// ===================================================================
    5.36 -// 
    5.37 -// vtpmd.c
    5.38 -// 
    5.39 -//  Application
    5.40 -//
    5.41 -// ===================================================================
    5.42 -
    5.43 -#include <stdio.h>
    5.44 -#include <signal.h>
    5.45 -#include <sys/types.h>
    5.46 -#include <unistd.h>
    5.47 -#include "vtpm_manager.h"
    5.48 -#include "vtpmpriv.h"
    5.49 -#include "tcg.h"
    5.50 -#include "log.h"
    5.51 -
    5.52 -#ifndef VTPM_MULTI_VM
    5.53 - #include <pthread.h>
    5.54 -#endif
    5.55 -
    5.56 -void signal_handler(int reason) {
    5.57 -#ifndef VTPM_MULTI_VM
    5.58 -
    5.59 -  if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) {
    5.60 -    if (reason >= 0) { // Reason is a signal
    5.61 -      vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal %d.\n", reason);
    5.62 -    } else  {// Reason is a TPM_RESULT * -1
    5.63 -      vtpmloginfo(VTPM_LOG_VTPM,"VTPM Manager shuting down for: %s\n", tpm_get_error_name(-1 * reason) );
    5.64 -    }
    5.65 -    
    5.66 -    return;
    5.67 -  } else {
    5.68 -    vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n");
    5.69 -    pthread_exit(NULL);
    5.70 -  }
    5.71 -#else
    5.72 -  VTPM_Stop_Service();
    5.73 -  exit(-1);
    5.74 -#endif
    5.75 -}
    5.76 -
    5.77 -struct sigaction ctl_c_handler;
    5.78 -
    5.79 -int main(int argc, char **argv) {
    5.80 -
    5.81 -  vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n");
    5.82 -  
    5.83 -  if (VTPM_Init_Service() != TPM_SUCCESS) {
    5.84 -    vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during startup.\n");
    5.85 -    return -1;
    5.86 -  }
    5.87 -  
    5.88 -  ctl_c_handler.sa_handler = signal_handler;
    5.89 -  sigemptyset(&ctl_c_handler.sa_mask);
    5.90 -  ctl_c_handler.sa_flags = 0;    
    5.91 -  
    5.92 -  if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1) 
    5.93 -    vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break will not stop service gently.\n");
    5.94 -  
    5.95 -  // For easier debuggin with gdb
    5.96 -  if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1) 
    5.97 -    vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break will not stop service gently.\n");    
    5.98 -  
    5.99 -#ifdef VTPM_MULTI_VM
   5.100 -  TPM_RESULT status = VTPM_Service_Handler();
   5.101 -    
   5.102 -  if (status != TPM_SUCCESS) 
   5.103 -    vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager exited with status %s. It never should exit.\n", tpm_get_error_name(status));
   5.104 -  
   5.105 -  return -1;
   5.106 -#else
   5.107 -  sigset_t sig_mask;
   5.108 -      
   5.109 -  sigemptyset(&sig_mask);
   5.110 -  sigaddset(&sig_mask, SIGPIPE);
   5.111 -  sigprocmask(SIG_BLOCK, &sig_mask, NULL);
   5.112 -  //pthread_mutex_init(&vtpm_globals->dmi_mutex, NULL);
   5.113 -  pthread_t be_thread, dmi_thread;
   5.114 -  int betype_be, dmitype_dmi;
   5.115 -  
   5.116 -  vtpm_globals->master_pid = pthread_self();
   5.117 -  
   5.118 -  betype_be = BE_LISTENER_THREAD;
   5.119 -  if (pthread_create(&be_thread, NULL, VTPM_Service_Handler, &betype_be) != 0) {
   5.120 -    vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n");
   5.121 -    exit(-1);
   5.122 -  }
   5.123 -  
   5.124 -  dmitype_dmi = DMI_LISTENER_THREAD;
   5.125 -  if (pthread_create(&dmi_thread, NULL, VTPM_Service_Handler, &dmitype_dmi) != 0) {
   5.126 -    vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n");
   5.127 -    exit(-1);
   5.128 -  }
   5.129 -  
   5.130 -  //Join the other threads until exit time.
   5.131 -  pthread_join(be_thread, NULL);
   5.132 -  pthread_join(dmi_thread, NULL);
   5.133 -  
   5.134 -  VTPM_Stop_Service();
   5.135 -  return 0;
   5.136 -#endif
   5.137 -}
   5.138 +// ===================================================================
   5.139 +// 
   5.140 +// Copyright (c) 2005, Intel Corp.
   5.141 +// All rights reserved.
   5.142 +//
   5.143 +// Redistribution and use in source and binary forms, with or without 
   5.144 +// modification, are permitted provided that the following conditions 
   5.145 +// are met:
   5.146 +//
   5.147 +//   * Redistributions of source code must retain the above copyright 
   5.148 +//     notice, this list of conditions and the following disclaimer.
   5.149 +//   * Redistributions in binary form must reproduce the above 
   5.150 +//     copyright notice, this list of conditions and the following 
   5.151 +//     disclaimer in the documentation and/or other materials provided 
   5.152 +//     with the distribution.
   5.153 +//   * Neither the name of Intel Corporation nor the names of its 
   5.154 +//     contributors may be used to endorse or promote products derived
   5.155 +//     from this software without specific prior written permission.
   5.156 +//
   5.157 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
   5.158 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
   5.159 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
   5.160 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
   5.161 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
   5.162 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   5.163 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
   5.164 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   5.165 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
   5.166 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
   5.167 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   5.168 +// OF THE POSSIBILITY OF SUCH DAMAGE.
   5.169 +// ===================================================================
   5.170 +// 
   5.171 +// vtpmd.c
   5.172 +// 
   5.173 +//  Application
   5.174 +//
   5.175 +// ===================================================================
   5.176 +
   5.177 +#include <stdio.h>
   5.178 +#include <signal.h>
   5.179 +#include <sys/types.h>
   5.180 +#include <unistd.h>
   5.181 +#include "vtpm_manager.h"
   5.182 +#include "vtpmpriv.h"
   5.183 +#include "tcg.h"
   5.184 +#include "log.h"
   5.185 +
   5.186 +#ifndef VTPM_MULTI_VM
   5.187 + #include <pthread.h>
   5.188 +#endif
   5.189 +
   5.190 +void signal_handler(int reason) {
   5.191 +#ifndef VTPM_MULTI_VM
   5.192 +
   5.193 +  if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) {
   5.194 +    if (reason >= 0) { // Reason is a signal
   5.195 +      vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal %d.\n", reason);
   5.196 +    } else  {// Reason is a TPM_RESULT * -1
   5.197 +      vtpmloginfo(VTPM_LOG_VTPM,"VTPM Manager shuting down for: %s\n", tpm_get_error_name(-1 * reason) );
   5.198 +    }
   5.199 +    
   5.200 +    return;
   5.201 +  } else {
   5.202 +    vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n");
   5.203 +    pthread_exit(NULL);
   5.204 +  }
   5.205 +#else
   5.206 +  VTPM_Stop_Service();
   5.207 +  exit(-1);
   5.208 +#endif
   5.209 +}
   5.210 +
   5.211 +struct sigaction ctl_c_handler;
   5.212 +
   5.213 +int main(int argc, char **argv) {
   5.214 +
   5.215 +  vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n");
   5.216 +  
   5.217 +  if (VTPM_Init_Service() != TPM_SUCCESS) {
   5.218 +    vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during startup.\n");
   5.219 +    return -1;
   5.220 +  }
   5.221 +  
   5.222 +  ctl_c_handler.sa_handler = signal_handler;
   5.223 +  sigemptyset(&ctl_c_handler.sa_mask);
   5.224 +  ctl_c_handler.sa_flags = 0;    
   5.225 +  
   5.226 +  if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1) 
   5.227 +    vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break will not stop service gently.\n");
   5.228 +  
   5.229 +  // For easier debuggin with gdb
   5.230 +  if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1) 
   5.231 +    vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break will not stop service gently.\n");    
   5.232 +  
   5.233 +#ifdef VTPM_MULTI_VM
   5.234 +  TPM_RESULT status = VTPM_Service_Handler();
   5.235 +    
   5.236 +  if (status != TPM_SUCCESS) 
   5.237 +    vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager exited with status %s. It never should exit.\n", tpm_get_error_name(status));
   5.238 +  
   5.239 +  return -1;
   5.240 +#else
   5.241 +  sigset_t sig_mask;
   5.242 +      
   5.243 +  sigemptyset(&sig_mask);
   5.244 +  sigaddset(&sig_mask, SIGPIPE);
   5.245 +  sigprocmask(SIG_BLOCK, &sig_mask, NULL);
   5.246 +  //pthread_mutex_init(&vtpm_globals->dmi_mutex, NULL);
   5.247 +  pthread_t be_thread, dmi_thread;
   5.248 +  int betype_be, dmitype_dmi;
   5.249 +  
   5.250 +  vtpm_globals->master_pid = pthread_self();
   5.251 +  
   5.252 +  betype_be = BE_LISTENER_THREAD;
   5.253 +  if (pthread_create(&be_thread, NULL, VTPM_Service_Handler, &betype_be) != 0) {
   5.254 +    vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n");
   5.255 +    exit(-1);
   5.256 +  }
   5.257 +  
   5.258 +  dmitype_dmi = DMI_LISTENER_THREAD;
   5.259 +  if (pthread_create(&dmi_thread, NULL, VTPM_Service_Handler, &dmitype_dmi) != 0) {
   5.260 +    vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n");
   5.261 +    exit(-1);
   5.262 +  }
   5.263 +  
   5.264 +  //Join the other threads until exit time.
   5.265 +  pthread_join(be_thread, NULL);
   5.266 +  pthread_join(dmi_thread, NULL);
   5.267 +  
   5.268 +  VTPM_Stop_Service();
   5.269 +  return 0;
   5.270 +#endif
   5.271 +}
     6.1 --- a/tools/vtpm_manager/manager/vtpmpriv.h	Wed Nov 30 11:36:57 2005 +0100
     6.2 +++ b/tools/vtpm_manager/manager/vtpmpriv.h	Wed Nov 30 12:07:28 2005 +0100
     6.3 @@ -1,151 +1,151 @@
     6.4 -// ===================================================================
     6.5 -// 
     6.6 -// Copyright (c) 2005, Intel Corp.
     6.7 -// All rights reserved.
     6.8 -//
     6.9 -// Redistribution and use in source and binary forms, with or without 
    6.10 -// modification, are permitted provided that the following conditions 
    6.11 -// are met:
    6.12 -//
    6.13 -//   * Redistributions of source code must retain the above copyright 
    6.14 -//     notice, this list of conditions and the following disclaimer.
    6.15 -//   * Redistributions in binary form must reproduce the above 
    6.16 -//     copyright notice, this list of conditions and the following 
    6.17 -//     disclaimer in the documentation and/or other materials provided 
    6.18 -//     with the distribution.
    6.19 -//   * Neither the name of Intel Corporation nor the names of its 
    6.20 -//     contributors may be used to endorse or promote products derived
    6.21 -//     from this software without specific prior written permission.
    6.22 -//
    6.23 -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
    6.24 -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
    6.25 -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
    6.26 -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
    6.27 -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
    6.28 -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    6.29 -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
    6.30 -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    6.31 -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
    6.32 -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
    6.33 -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    6.34 -// OF THE POSSIBILITY OF SUCH DAMAGE.
    6.35 -// ===================================================================
    6.36 -// 
    6.37 -// vtpmpriv.h
    6.38 -// 
    6.39 -//  Structures and functions private to the manager
    6.40 -//
    6.41 -// ==================================================================
    6.42 -
    6.43 -#ifndef __VTPMPRIV_H__
    6.44 -#define __VTPMPRIV_H__
    6.45 -
    6.46 -#include "tcg.h"
    6.47 -#include "tcs.h"
    6.48 -#include "buffer.h"
    6.49 -#include "crypto.h"
    6.50 -
    6.51 -#define STATE_FILE    "/var/vtpm/VTPM"
    6.52 -#define DMI_NVM_FILE  "/var/vtpm/vtpm_dm_%d.data"
    6.53 -#define VTPM_BE_DEV   "/dev/vtpm0"
    6.54 -#define VTPM_CTL_DM   0
    6.55 -
    6.56 -#ifndef VTPM_MUTLI_VM
    6.57 - #include <sys/types.h>
    6.58 - #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo"
    6.59 - #define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo"
    6.60 -
    6.61 - #define VTPM_TX_FIFO  "/var/vtpm/fifos/vtpm-to-%d.fifo"
    6.62 - #define VTPM_RX_FIFO  "/var/vtpm/fifos/vtpm-from-all.fifo"
    6.63 -
    6.64 - #define BE_LISTENER_THREAD 1
    6.65 - #define DMI_LISTENER_THREAD 2
    6.66 -
    6.67 - // Seconds until DMI timeout. Timeouts result in DMI being out
    6.68 - // of sync, which may require a reboot of DMI and guest to recover
    6.69 - // from. Don't set this to low. Also note that DMI may issue a TPM
    6.70 - // call so we should expect time to process at DMI + TPM processing.
    6.71 - #define DMI_TIMEOUT 90 
    6.72 -#endif
    6.73 -
    6.74 -
    6.75 -// ------------------------ Private Structures -----------------------
    6.76 -typedef struct VTPM_DMI_RESOURCE_T {
    6.77 -  // I/O info for Manager to talk to DMI's over FIFOs
    6.78 -#ifndef VTPM_MUTLI_VM
    6.79 -  int                   guest_tx_fh;          // open GUEST_TX_FIFO
    6.80 -  int                   vtpm_tx_fh;           // open VTPM_TX_FIFO
    6.81 -  char                  *guest_tx_fname;      // open GUEST_TX_FIFO
    6.82 -  char                  *vtpm_tx_fname;       // open VTPM_TX_FIFO
    6.83 -  
    6.84 -  pid_t                 dmi_pid;
    6.85 -#endif
    6.86 -  // Non-persistent Information
    6.87 -  bool                  connected;
    6.88 -  UINT32                dmi_domain_id;
    6.89 -  TCS_CONTEXT_HANDLE    TCSContext;     // TCS Handle
    6.90 -  char                  *NVMLocation;   // NULL term string indicating location
    6.91 -                                        // of NVM.
    6.92 -  // Persistent Information about DMI
    6.93 -  UINT32                dmi_id;
    6.94 -  TPM_DIGEST            NVM_measurement;  // Equal to the SHA1 of the blob
    6.95 -  TPM_DIGEST            DMI_measurement;  // Correct measurement of the owning DMI
    6.96 -} VTPM_DMI_RESOURCE;
    6.97 -
    6.98 -typedef struct tdVTPM_GLOBALS {
    6.99 -  // Non-persistent data
   6.100 -  int                 be_fh;                  // File handle to ipc used to communicate with backend
   6.101 -#ifndef VTPM_MULTI_VM
   6.102 -  int                 vtpm_rx_fh;
   6.103 -  int                 guest_rx_fh;
   6.104 -  
   6.105 -  pid_t               master_pid;
   6.106 -#endif
   6.107 -  struct hashtable    *dmi_map;               // Table of all DMI's known indexed by persistent instance #
   6.108 -#ifndef VTPM_MULTI_VM
   6.109 -  pthread_mutex_t     dmi_map_mutex;          // 
   6.110 -#endif
   6.111 -  TCS_CONTEXT_HANDLE  manager_tcs_handle;     // TCS Handle used by manager
   6.112 -  TPM_HANDLE          storageKeyHandle;       // Key used by persistent store
   6.113 -  CRYPTO_INFO         storageKey;             // For software encryption
   6.114 -  TCS_AUTH            keyAuth;                // OIAP session for storageKey 
   6.115 -  BOOL                DMI_table_dirty;        // Indicates that a command
   6.116 -                                              // has updated the DMI table
   6.117 -
   6.118 -    
   6.119 -  // Persistent Data
   6.120 -  TPM_AUTHDATA        owner_usage_auth;       // OwnerAuth of real TPM
   6.121 -  TPM_AUTHDATA        srk_usage_auth;         // SRK Auth of real TPM    
   6.122 -  buffer_t            storageKeyWrap;         // Wrapped copy of storageKey
   6.123 -
   6.124 -  TPM_AUTHDATA        storage_key_usage_auth; 
   6.125 -    
   6.126 -}VTPM_GLOBALS;
   6.127 -
   6.128 -//Global dmi map
   6.129 -extern VTPM_GLOBALS *vtpm_globals;
   6.130 -
   6.131 -// ********************** Command Handler Prototypes ***********************
   6.132 -TPM_RESULT VTPM_Handle_Load_NVM(       VTPM_DMI_RESOURCE *myDMI, 
   6.133 -                                        const buffer_t *inbuf, 
   6.134 -                                        buffer_t *outbuf);
   6.135 -
   6.136 -TPM_RESULT VTPM_Handle_Save_NVM(       VTPM_DMI_RESOURCE *myDMI, 
   6.137 -                                        const buffer_t *inbuf, 
   6.138 -                                        buffer_t *outbuf);
   6.139 -
   6.140 -TPM_RESULT VTPM_Handle_TPM_Command(    VTPM_DMI_RESOURCE *dmi, 
   6.141 -                                        buffer_t *inbuf, 
   6.142 -                                        buffer_t *outbuf);
   6.143 -
   6.144 -TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf);
   6.145 -                                
   6.146 -TPM_RESULT VTPM_Handle_Close_DMI(const buffer_t *param_buf);
   6.147 -                                   
   6.148 -TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf);
   6.149 -
   6.150 -TPM_RESULT VTPM_SaveService(void);
   6.151 -TPM_RESULT VTPM_LoadService(void);
   6.152 -
   6.153 -TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res);
   6.154 -#endif // __VTPMPRIV_H__
   6.155 +// ===================================================================
   6.156 +// 
   6.157 +// Copyright (c) 2005, Intel Corp.
   6.158 +// All rights reserved.
   6.159 +//
   6.160 +// Redistribution and use in source and binary forms, with or without 
   6.161 +// modification, are permitted provided that the following conditions 
   6.162 +// are met:
   6.163 +//
   6.164 +//   * Redistributions of source code must retain the above copyright 
   6.165 +//     notice, this list of conditions and the following disclaimer.
   6.166 +//   * Redistributions in binary form must reproduce the above 
   6.167 +//     copyright notice, this list of conditions and the following 
   6.168 +//     disclaimer in the documentation and/or other materials provided 
   6.169 +//     with the distribution.
   6.170 +//   * Neither the name of Intel Corporation nor the names of its 
   6.171 +//     contributors may be used to endorse or promote products derived
   6.172 +//     from this software without specific prior written permission.
   6.173 +//
   6.174 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
   6.175 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
   6.176 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
   6.177 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
   6.178 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
   6.179 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   6.180 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
   6.181 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   6.182 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
   6.183 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
   6.184 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   6.185 +// OF THE POSSIBILITY OF SUCH DAMAGE.
   6.186 +// ===================================================================
   6.187 +// 
   6.188 +// vtpmpriv.h
   6.189 +// 
   6.190 +//  Structures and functions private to the manager
   6.191 +//
   6.192 +// ==================================================================
   6.193 +
   6.194 +#ifndef __VTPMPRIV_H__
   6.195 +#define __VTPMPRIV_H__
   6.196 +
   6.197 +#include "tcg.h"
   6.198 +#include "tcs.h"
   6.199 +#include "buffer.h"
   6.200 +#include "crypto.h"
   6.201 +
   6.202 +#define STATE_FILE    "/var/vtpm/VTPM"
   6.203 +#define DMI_NVM_FILE  "/var/vtpm/vtpm_dm_%d.data"
   6.204 +#define VTPM_BE_DEV   "/dev/vtpm0"
   6.205 +#define VTPM_CTL_DM   0
   6.206 +
   6.207 +#ifndef VTPM_MUTLI_VM
   6.208 + #include <sys/types.h>
   6.209 + #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo"
   6.210 + #define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo"
   6.211 +
   6.212 + #define VTPM_TX_FIFO  "/var/vtpm/fifos/vtpm-to-%d.fifo"
   6.213 + #define VTPM_RX_FIFO  "/var/vtpm/fifos/vtpm-from-all.fifo"
   6.214 +
   6.215 + #define BE_LISTENER_THREAD 1
   6.216 + #define DMI_LISTENER_THREAD 2
   6.217 +
   6.218 + // Seconds until DMI timeout. Timeouts result in DMI being out
   6.219 + // of sync, which may require a reboot of DMI and guest to recover
   6.220 + // from. Don't set this to low. Also note that DMI may issue a TPM
   6.221 + // call so we should expect time to process at DMI + TPM processing.
   6.222 + #define DMI_TIMEOUT 90 
   6.223 +#endif
   6.224 +
   6.225 +
   6.226 +// ------------------------ Private Structures -----------------------
   6.227 +typedef struct VTPM_DMI_RESOURCE_T {
   6.228 +  // I/O info for Manager to talk to DMI's over FIFOs
   6.229 +#ifndef VTPM_MUTLI_VM
   6.230 +  int                   guest_tx_fh;          // open GUEST_TX_FIFO
   6.231 +  int                   vtpm_tx_fh;           // open VTPM_TX_FIFO
   6.232 +  char                  *guest_tx_fname;      // open GUEST_TX_FIFO
   6.233 +  char                  *vtpm_tx_fname;       // open VTPM_TX_FIFO
   6.234 +  
   6.235 +  pid_t                 dmi_pid;
   6.236 +#endif
   6.237 +  // Non-persistent Information
   6.238 +  bool                  connected;
   6.239 +  UINT32                dmi_domain_id;
   6.240 +  TCS_CONTEXT_HANDLE    TCSContext;     // TCS Handle
   6.241 +  char                  *NVMLocation;   // NULL term string indicating location
   6.242 +                                        // of NVM.
   6.243 +  // Persistent Information about DMI
   6.244 +  UINT32                dmi_id;
   6.245 +  TPM_DIGEST            NVM_measurement;  // Equal to the SHA1 of the blob
   6.246 +  TPM_DIGEST            DMI_measurement;  // Correct measurement of the owning DMI
   6.247 +} VTPM_DMI_RESOURCE;
   6.248 +
   6.249 +typedef struct tdVTPM_GLOBALS {
   6.250 +  // Non-persistent data
   6.251 +  int                 be_fh;                  // File handle to ipc used to communicate with backend
   6.252 +#ifndef VTPM_MULTI_VM
   6.253 +  int                 vtpm_rx_fh;
   6.254 +  int                 guest_rx_fh;
   6.255 +  
   6.256 +  pid_t               master_pid;
   6.257 +#endif
   6.258 +  struct hashtable    *dmi_map;               // Table of all DMI's known indexed by persistent instance #
   6.259 +#ifndef VTPM_MULTI_VM
   6.260 +  pthread_mutex_t     dmi_map_mutex;          // 
   6.261 +#endif
   6.262 +  TCS_CONTEXT_HANDLE  manager_tcs_handle;     // TCS Handle used by manager
   6.263 +  TPM_HANDLE          storageKeyHandle;       // Key used by persistent store
   6.264 +  CRYPTO_INFO         storageKey;             // For software encryption
   6.265 +  TCS_AUTH            keyAuth;                // OIAP session for storageKey 
   6.266 +  BOOL                DMI_table_dirty;        // Indicates that a command
   6.267 +                                              // has updated the DMI table
   6.268 +
   6.269 +    
   6.270 +  // Persistent Data
   6.271 +  TPM_AUTHDATA        owner_usage_auth;       // OwnerAuth of real TPM
   6.272 +  TPM_AUTHDATA        srk_usage_auth;         // SRK Auth of real TPM    
   6.273 +  buffer_t            storageKeyWrap;         // Wrapped copy of storageKey
   6.274 +
   6.275 +  TPM_AUTHDATA        storage_key_usage_auth; 
   6.276 +    
   6.277 +}VTPM_GLOBALS;
   6.278 +
   6.279 +//Global dmi map
   6.280 +extern VTPM_GLOBALS *vtpm_globals;
   6.281 +
   6.282 +// ********************** Command Handler Prototypes ***********************
   6.283 +TPM_RESULT VTPM_Handle_Load_NVM(       VTPM_DMI_RESOURCE *myDMI, 
   6.284 +                                        const buffer_t *inbuf, 
   6.285 +                                        buffer_t *outbuf);
   6.286 +
   6.287 +TPM_RESULT VTPM_Handle_Save_NVM(       VTPM_DMI_RESOURCE *myDMI, 
   6.288 +                                        const buffer_t *inbuf, 
   6.289 +                                        buffer_t *outbuf);
   6.290 +
   6.291 +TPM_RESULT VTPM_Handle_TPM_Command(    VTPM_DMI_RESOURCE *dmi, 
   6.292 +                                        buffer_t *inbuf, 
   6.293 +                                        buffer_t *outbuf);
   6.294 +
   6.295 +TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf);
   6.296 +                                
   6.297 +TPM_RESULT VTPM_Handle_Close_DMI(const buffer_t *param_buf);
   6.298 +                                   
   6.299 +TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf);
   6.300 +
   6.301 +TPM_RESULT VTPM_SaveService(void);
   6.302 +TPM_RESULT VTPM_LoadService(void);
   6.303 +
   6.304 +TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res);
   6.305 +#endif // __VTPMPRIV_H__
     7.1 --- a/tools/vtpm_manager/manager/vtsp.c	Wed Nov 30 11:36:57 2005 +0100
     7.2 +++ b/tools/vtpm_manager/manager/vtsp.c	Wed Nov 30 12:07:28 2005 +0100
     7.3 @@ -1,810 +1,810 @@
     7.4 -// ===================================================================
     7.5 -// 
     7.6 -// Copyright (c) 2005, Intel Corp.
     7.7 -// All rights reserved.
     7.8 -//
     7.9 -// Redistribution and use in source and binary forms, with or without 
    7.10 -// modification, are permitted provided that the following conditions 
    7.11 -// are met:
    7.12 -//
    7.13 -//   * Redistributions of source code must retain the above copyright 
    7.14 -//     notice, this list of conditions and the following disclaimer.
    7.15 -//   * Redistributions in binary form must reproduce the above 
    7.16 -//     copyright notice, this list of conditions and the following 
    7.17 -//     disclaimer in the documentation and/or other materials provided 
    7.18 -//     with the distribution.
    7.19 -//   * Neither the name of Intel Corporation nor the names of its 
    7.20 -//     contributors may be used to endorse or promote products derived
    7.21 -//     from this software without specific prior written permission.
    7.22 -//
    7.23 -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
    7.24 -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
    7.25 -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
    7.26 -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
    7.27 -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
    7.28 -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    7.29 -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
    7.30 -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    7.31 -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
    7.32 -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
    7.33 -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    7.34 -// OF THE POSSIBILITY OF SUCH DAMAGE.
    7.35 -// ===================================================================
    7.36 -// 
    7.37 -// vtsp.c
    7.38 -// 
    7.39 -//  Higher level interface to TCS for use in service.
    7.40 -//
    7.41 -// ==================================================================
    7.42 -
    7.43 -#include <string.h>
    7.44 -#include "tcg.h"
    7.45 -#include "tcs.h"
    7.46 -#include "bsg.h"
    7.47 -#include "log.h"
    7.48 -#include "crypto.h"
    7.49 -#include "vtsp.h"
    7.50 -#include "buffer.h"
    7.51 -
    7.52 -#define  RSA_KEY_SIZE 0x0800
    7.53 -
    7.54 -/***********************************************************************************
    7.55 - * GenerateAuth: Generate authorization info to be sent back to application
    7.56 - *
    7.57 - * Parameters: outParamDigestText  The concatenation of output parameters to be SHA1ed
    7.58 - *    outParamDigestTextSize Size of inParamDigestText
    7.59 - *    HMACkey     Key to be used for HMACing
    7.60 - *          For OIAP use key.authUsage or PersistStore.ownerAuth
    7.61 - *          For OSAP use shared secret
    7.62 - *    pAuth     Authorization information from the application
    7.63 - *
    7.64 - * Return:  TPM_SUCCESS   Authorization data created
    7.65 - *    TPM_AUTHFAIL   Invalid (NULL) HMACkey presented for OSAP
    7.66 - *************************************************************************************/
    7.67 -TPM_RESULT GenerateAuth( /*[IN]*/ const BYTE *inParamDigestText,
    7.68 -			 /*[IN]*/ UINT32 inParamDigestTextSize,
    7.69 -			 /*[IN]*/ const TPM_SECRET *HMACkey,  
    7.70 -			 /*[IN,OUT]*/ TCS_AUTH *auth) {
    7.71 -    
    7.72 -  if (inParamDigestText == NULL || auth == NULL) 
    7.73 -    return (TPM_AUTHFAIL);
    7.74 -  else {
    7.75 -    
    7.76 -    //Generate new OddNonce
    7.77 -    Crypto_GetRandom(auth->NonceOdd.nonce, sizeof(TPM_NONCE));
    7.78 -    
    7.79 -    // Create SHA1 inParamDigest
    7.80 -    TPM_DIGEST inParamDigest;
    7.81 -    Crypto_SHA1Full(inParamDigestText, inParamDigestTextSize, (BYTE *) &inParamDigest);
    7.82 -    
    7.83 -    // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
    7.84 -    BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
    7.85 -    
    7.86 -    BSG_PackList(   hmacText, 4, 
    7.87 -		    BSG_TPM_DIGEST, &inParamDigest,
    7.88 -		    BSG_TPM_NONCE, &(auth->NonceEven),
    7.89 -		    BSG_TPM_NONCE, &(auth->NonceOdd), 
    7.90 -		    BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
    7.91 -    
    7.92 -    Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &(auth->HMAC));
    7.93 -    
    7.94 -    return(TPM_SUCCESS);
    7.95 -    
    7.96 -  }
    7.97 -}
    7.98 -
    7.99 -/***********************************************************************************
   7.100 - * VerifyAuth: Verify the authdata for a command requiring authorization
   7.101 - *
   7.102 - * Parameters: inParamDigestText  The concatenation of parameters to be SHA1ed
   7.103 - *    inParamDigestTextSize Size of inParamDigestText
   7.104 - *    authDataUsage   AuthDataUsage for the Entity being used
   7.105 - *          Key->authDataUsage or TPM_AUTH_OWNER
   7.106 - *    HMACkey     Key to be used for HMACing
   7.107 - *          For OIAP use key.authUsage or PersistStore.ownerAuth
   7.108 - *          For OSAP use NULL (It will be aquired from the Auth Session)
   7.109 - *          If unknown (default), assume OIAP
   7.110 - *    sessionAuth    A TCS_AUTH info for the session
   7.111 - *    pAuth     Authorization information from the application
   7.112 - *              hContext        If specified, on failed Auth, VerifyAuth will
   7.113 - *                                      generate a new OIAP session in place of themselves
   7.114 - *                                      destroyed session.
   7.115 - *
   7.116 - * Return:  TPM_SUCCESS   Authorization Verified
   7.117 - *    TPM_AUTHFAIL   Authorization Failed
   7.118 - *    TPM_FAIL    Failure during SHA1 routines
   7.119 - *************************************************************************************/
   7.120 -TPM_RESULT VerifyAuth( /*[IN]*/ const BYTE *outParamDigestText,
   7.121 -		       /*[IN]*/ UINT32 outParamDigestTextSize,
   7.122 -		       /*[IN]*/ const TPM_SECRET *HMACkey,  
   7.123 -		       /*[IN,OUT]*/ TCS_AUTH *auth,
   7.124 -		       /*[IN]*/  TCS_CONTEXT_HANDLE hContext) {
   7.125 -  if (outParamDigestText == NULL || auth == NULL) 
   7.126 -    return (TPM_AUTHFAIL);
   7.127 -  
   7.128 -  
   7.129 -  // Create SHA1 inParamDigest
   7.130 -  TPM_DIGEST outParamDigest;
   7.131 -  Crypto_SHA1Full(outParamDigestText, outParamDigestTextSize, (BYTE *) &outParamDigest);
   7.132 -  
   7.133 -  // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
   7.134 -  TPM_DIGEST hm;
   7.135 -  BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
   7.136 -  
   7.137 -  BSG_PackList(   hmacText, 4, 
   7.138 -		  BSG_TPM_DIGEST, &outParamDigest,
   7.139 -		  BSG_TPM_NONCE, &(auth->NonceEven),
   7.140 -		  BSG_TPM_NONCE, &(auth->NonceOdd), 
   7.141 -		  BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
   7.142 -  
   7.143 -  Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText),
   7.144 -	      (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &hm);
   7.145 -    
   7.146 -  // Compare correct HMAC with provided one.
   7.147 -  if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0)  // 0 indicates equality
   7.148 -    return (TPM_SUCCESS);
   7.149 -  else {
   7.150 -    VTSP_OIAP( hContext, auth);
   7.151 -    return (TPM_AUTHFAIL);
   7.152 -  }
   7.153 -}
   7.154 -
   7.155 -TPM_RESULT VTSP_OIAP(const TCS_CONTEXT_HANDLE hContext,
   7.156 -		     TCS_AUTH *auth) {
   7.157 -  
   7.158 -  vtpmloginfo(VTPM_LOG_VTSP, "OIAP.\n");
   7.159 -  TPM_RESULT status = TPM_SUCCESS;                           
   7.160 -  TPMTRYRETURN( TCSP_OIAP(hContext,
   7.161 -			  &auth->AuthHandle,
   7.162 -			  &auth->NonceEven) );
   7.163 -  goto egress;
   7.164 -  
   7.165 - abort_egress:
   7.166 -  
   7.167 - egress:
   7.168 -  
   7.169 -  return status;
   7.170 -}
   7.171 -
   7.172 -TPM_RESULT VTSP_OSAP(const TCS_CONTEXT_HANDLE hContext,
   7.173 -		     const TPM_ENTITY_TYPE entityType,
   7.174 -		     const UINT32 entityValue,
   7.175 -		     const TPM_AUTHDATA *usageAuth,
   7.176 -		     TPM_SECRET *sharedSecret, 
   7.177 -		     TCS_AUTH *auth) {
   7.178 -  
   7.179 -  vtpmloginfo(VTPM_LOG_VTSP, "OSAP.\n");
   7.180 -  TPM_RESULT status = TPM_SUCCESS;
   7.181 -  TPM_NONCE nonceEvenOSAP, nonceOddOSAP;
   7.182 -  
   7.183 -  Crypto_GetRandom((BYTE *) &nonceOddOSAP, sizeof(TPM_NONCE) ); 
   7.184 -  
   7.185 -  TPMTRYRETURN( TCSP_OSAP(    hContext,
   7.186 -			      entityType,
   7.187 -			      entityValue, 
   7.188 -			      nonceOddOSAP,
   7.189 -			      &auth->AuthHandle, 
   7.190 -			      &auth->NonceEven, 
   7.191 -			      &nonceEvenOSAP) );
   7.192 -  
   7.193 -  // Calculating Session Secret
   7.194 -  BYTE sharedSecretText[TPM_DIGEST_SIZE * 2];
   7.195 -  
   7.196 -  BSG_PackList(  sharedSecretText, 2,
   7.197 -		 BSG_TPM_NONCE, &nonceEvenOSAP,
   7.198 -		 BSG_TPM_NONCE, &nonceOddOSAP);
   7.199 -  
   7.200 -  Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) usageAuth, TPM_DIGEST_SIZE, (BYTE *) sharedSecret);       
   7.201 -    
   7.202 -  goto egress;
   7.203 -  
   7.204 - abort_egress:
   7.205 -  
   7.206 - egress:
   7.207 -  
   7.208 -  return status;
   7.209 -}
   7.210 -
   7.211 -
   7.212 -
   7.213 -TPM_RESULT VTSP_ReadPubek(   const TCS_CONTEXT_HANDLE hContext,
   7.214 -                             CRYPTO_INFO *crypto_info) {
   7.215 -  
   7.216 -  TPM_RESULT status;
   7.217 -  TPM_NONCE antiReplay;
   7.218 -  TPM_DIGEST   checksum;
   7.219 -  BYTE *pubEKtext;
   7.220 -  UINT32 pubEKtextsize;
   7.221 -  
   7.222 -  vtpmloginfo(VTPM_LOG_VTSP, "Reading Public EK.\n");
   7.223 -  
   7.224 -  // GenerateAuth new nonceOdd    
   7.225 -  Crypto_GetRandom(&antiReplay, sizeof(TPM_NONCE) );
   7.226 -  
   7.227 -  
   7.228 -  TPMTRYRETURN( TCSP_ReadPubek(  hContext,
   7.229 -				 antiReplay,
   7.230 -				 &pubEKtextsize,
   7.231 -				 &pubEKtext,
   7.232 -				 &checksum) );
   7.233 -  
   7.234 -  
   7.235 -  // Extract the remaining output parameters
   7.236 -  TPM_PUBKEY pubEK;
   7.237 -  
   7.238 -  BSG_Unpack(BSG_TPM_PUBKEY, pubEKtext, (BYTE *) &pubEK);
   7.239 -  
   7.240 -  // Build CryptoInfo for the bindingKey
   7.241 -  TPM_RSA_KEY_PARMS rsaKeyParms;
   7.242 -  
   7.243 -  BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, 
   7.244 -	     pubEK.algorithmParms.parms, 
   7.245 -	     &rsaKeyParms);
   7.246 -  
   7.247 -  Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, 
   7.248 -				  rsaKeyParms.exponent, 
   7.249 -				  pubEK.pubKey.keyLength, 
   7.250 -				  pubEK.pubKey.key, 
   7.251 -				  crypto_info);
   7.252 -    
   7.253 -  // Destroy rsaKeyParms
   7.254 -  BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
   7.255 -
   7.256 -  // Set encryption scheme
   7.257 -  crypto_info->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
   7.258 -  //crypto_info->encScheme = pubEK.algorithmParms.encScheme;
   7.259 -  crypto_info->algorithmID = pubEK.algorithmParms.algorithmID;
   7.260 -  
   7.261 -  goto egress;
   7.262 -  
   7.263 - abort_egress:
   7.264 -  
   7.265 - egress:
   7.266 -  
   7.267 -  return status;
   7.268 -}
   7.269 -
   7.270 -TPM_RESULT VTSP_TakeOwnership(   const TCS_CONTEXT_HANDLE hContext,
   7.271 -                                 const TPM_AUTHDATA *ownerAuth, 
   7.272 -                                 const TPM_AUTHDATA *srkAuth,
   7.273 -                                 CRYPTO_INFO *ek_cryptoInfo,
   7.274 -                                 TCS_AUTH *auth) {
   7.275 -  
   7.276 -  vtpmloginfo(VTPM_LOG_VTSP, "Taking Ownership of TPM.\n");
   7.277 -  
   7.278 -  TPM_RESULT status = TPM_SUCCESS;
   7.279 -  TPM_COMMAND_CODE command = TPM_ORD_TakeOwnership;
   7.280 -  TPM_PROTOCOL_ID proto_id = TPM_PID_OWNER;
   7.281 -  BYTE *new_srk;
   7.282 -  
   7.283 -  BYTE *paramText;        // Digest to make Auth.
   7.284 -  UINT32 paramTextSize;
   7.285 -  
   7.286 -  // vars for srkpubkey parameter
   7.287 -  TPM_KEY srkPub;
   7.288 -  TPM_KEY_PARMS srkKeyInfo = {TPM_ALG_RSA, TPM_ES_RSAESOAEP_SHA1_MGF1, TPM_SS_NONE, 12, 0};
   7.289 -  BYTE srkRSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00,   0x00, 0x00, 0x00, 0x02,   0x00, 0x00, 0x00, 0x00};
   7.290 -  srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo;
   7.291 -  
   7.292 -  struct pack_buf_t srkText;
   7.293 -  
   7.294 -  // GenerateAuth new nonceOdd    
   7.295 -  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
   7.296 -  
   7.297 -  //These values are accurate for an enc(AuthData).
   7.298 -  struct pack_buf_t encOwnerAuth, encSrkAuth;
   7.299 -  
   7.300 -  encOwnerAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
   7.301 -  encSrkAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
   7.302 -  
   7.303 -  if (encOwnerAuth.data == NULL || encSrkAuth.data == NULL) {
   7.304 -    vtpmloginfo(VTPM_LOG_VTSP, "Could not malloc encrypted auths.\n");
   7.305 -    status = TPM_RESOURCES;
   7.306 -    goto abort_egress;
   7.307 -  }
   7.308 -  
   7.309 -  Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) ownerAuth, &encOwnerAuth.size, encOwnerAuth.data);
   7.310 -  Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) srkAuth, &encSrkAuth.size, encSrkAuth.data);
   7.311 -  
   7.312 -  
   7.313 -  // Build srk public key struct
   7.314 -  srkPub.ver = TPM_STRUCT_VER_1_1;
   7.315 -  srkPub.keyUsage = TPM_KEY_STORAGE;
   7.316 -  srkPub.keyFlags = 0x00;
   7.317 -  srkPub.authDataUsage = TPM_AUTH_ALWAYS;
   7.318 -  memcpy(&srkPub.algorithmParms, &srkKeyInfo, sizeof(TPM_KEY_PARMS));
   7.319 -  srkPub.PCRInfoSize = 0;
   7.320 -  srkPub.PCRInfo = 0;
   7.321 -  srkPub.pubKey.keyLength= 0;
   7.322 -  srkPub.encDataSize = 0;
   7.323 -  
   7.324 -  srkText.data = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
   7.325 -  srkText.size = BSG_Pack(BSG_TPM_KEY, (BYTE *) &srkPub, srkText.data);
   7.326 -  
   7.327 -  paramText = (BYTE *) malloc(sizeof(BYTE) *  TCPA_MAX_BUFFER_LENGTH);
   7.328 -  
   7.329 -  paramTextSize = BSG_PackList(paramText, 5,
   7.330 -			       BSG_TPM_COMMAND_CODE,&command,
   7.331 -			       BSG_TPM_PROTOCOL_ID, &proto_id,
   7.332 -			       BSG_TPM_SIZE32_DATA, &encOwnerAuth,
   7.333 -			       BSG_TPM_SIZE32_DATA, &encSrkAuth,
   7.334 -			       BSG_TPM_KEY, &srkPub);
   7.335 -  
   7.336 -  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, ownerAuth, auth) );
   7.337 -  
   7.338 -  new_srk = srkText.data;
   7.339 -  TPMTRYRETURN( TCSP_TakeOwnership ( hContext,
   7.340 -				     proto_id,
   7.341 -				     encOwnerAuth.size, 
   7.342 -				     encOwnerAuth.data,
   7.343 -				     encSrkAuth.size,
   7.344 -				     encSrkAuth.data,
   7.345 -				     &srkText.size,
   7.346 -				     &new_srk, 
   7.347 -				     auth ) );
   7.348 -  
   7.349 -  
   7.350 -  paramTextSize = BSG_PackList(paramText, 2, 
   7.351 -			       BSG_TPM_RESULT, &status,
   7.352 -			       BSG_TPM_COMMAND_CODE, &command);
   7.353 -  memcpy(paramText + paramTextSize, new_srk, srkText.size);
   7.354 -  paramTextSize += srkText.size;
   7.355 -  
   7.356 -  
   7.357 -  TPMTRYRETURN( VerifyAuth(  paramText, paramTextSize,
   7.358 -			     ownerAuth, auth, 
   7.359 -			     hContext) );
   7.360 -  
   7.361 -  goto egress;
   7.362 -  
   7.363 - abort_egress:
   7.364 -  
   7.365 - egress:
   7.366 -  
   7.367 -  free(srkText.data);
   7.368 -  free(encSrkAuth.data);
   7.369 -  free(encOwnerAuth.data);
   7.370 -  free(paramText);
   7.371 -  
   7.372 -  TCS_FreeMemory(hContext, new_srk);
   7.373 -  
   7.374 -  return status;
   7.375 -}
   7.376 -
   7.377 -TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE    hContext,
   7.378 -                                  const TPM_AUTHDATA          *ownerAuth, 
   7.379 -                                  TCS_AUTH                    *auth) {
   7.380 -  
   7.381 -  vtpmloginfo(VTPM_LOG_VTSP, "Disabling Pubek Read.\n");
   7.382 -  
   7.383 -  TPM_RESULT status = TPM_SUCCESS;
   7.384 -  TPM_COMMAND_CODE command = TPM_ORD_DisablePubekRead;
   7.385 -  
   7.386 -  BYTE *paramText;        // Digest to make Auth.
   7.387 -  UINT32 paramTextSize;
   7.388 -    
   7.389 -  // Generate HMAC   
   7.390 -  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
   7.391 -  
   7.392 -  paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
   7.393 -  
   7.394 -  paramTextSize = BSG_PackList(paramText, 1,
   7.395 -			       BSG_TPM_COMMAND_CODE, &command);
   7.396 -  
   7.397 -  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
   7.398 -			      ownerAuth, auth) );
   7.399 -  
   7.400 -  // Call TCS
   7.401 -  TPMTRYRETURN( TCSP_DisablePubekRead ( hContext, // in
   7.402 -                                        auth) );
   7.403 -  
   7.404 -  // Verify Auth
   7.405 -  paramTextSize = BSG_PackList(paramText, 2,
   7.406 -			       BSG_TPM_RESULT, &status,
   7.407 -			       BSG_TPM_COMMAND_CODE, &command);
   7.408 -  
   7.409 -  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
   7.410 -			    ownerAuth, auth, 
   7.411 -			    hContext) );
   7.412 -  goto egress;
   7.413 -  
   7.414 - abort_egress:
   7.415 - egress:
   7.416 -  free(paramText);
   7.417 -  return status;
   7.418 -}
   7.419 -
   7.420 -TPM_RESULT VTSP_CreateWrapKey(  const TCS_CONTEXT_HANDLE hContext,
   7.421 -                                const TPM_KEY_USAGE      usage,
   7.422 -                                const TPM_AUTHDATA       *newKeyAuth,
   7.423 -                                const TCS_KEY_HANDLE     parentHandle, 
   7.424 -                                const TPM_AUTHDATA       *osapSharedSecret,
   7.425 -                                buffer_t                 *pubKeyBuf,
   7.426 -                                TCS_AUTH                 *auth) {
   7.427 -  
   7.428 -  int i;
   7.429 -  TPM_RESULT status = TPM_SUCCESS;
   7.430 -  TPM_COMMAND_CODE command = TPM_ORD_CreateWrapKey;
   7.431 -  
   7.432 -  vtpmloginfo(VTPM_LOG_VTSP, "Creating new key of type %d.\n", usage);
   7.433 -  
   7.434 -  // vars for Calculate encUsageAuth
   7.435 -  BYTE *paramText;      
   7.436 -  UINT32 paramTextSize;
   7.437 -  
   7.438 -  // vars for Calculate encUsageAuth
   7.439 -  BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)];
   7.440 -  TPM_DIGEST XORKey1;
   7.441 -  UINT32 XORbufferSize;
   7.442 -  TPM_SECRET encUsageAuth, encMigrationAuth;
   7.443 -  
   7.444 -  // vars for Flatten newKey prototype
   7.445 -  BYTE *flatKey = (BYTE *) malloc(sizeof(BYTE) *  TCPA_MAX_BUFFER_LENGTH);
   7.446 -  UINT32 flatKeySize = TCPA_MAX_BUFFER_LENGTH;                                    
   7.447 -  struct pack_buf_t newKeyText;
   7.448 -  
   7.449 -  // Fill in newKey
   7.450 -  TPM_KEY newKey;
   7.451 -  
   7.452 -  BYTE RSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00,   0x00, 0x00, 0x00, 0x02,   0x00, 0x00, 0x00, 0x00};
   7.453 -  newKey.algorithmParms.algorithmID = TPM_ALG_RSA;
   7.454 -  newKey.algorithmParms.parms = (BYTE *) &RSAkeyInfo;
   7.455 -  newKey.algorithmParms.parmSize = 12;
   7.456 -  
   7.457 -  switch (usage) {
   7.458 -  case TPM_KEY_SIGNING:
   7.459 -    vtpmloginfo(VTPM_LOG_VTSP, "Creating Signing Key...\n");
   7.460 -    newKey.keyUsage = TPM_KEY_SIGNING;
   7.461 -    newKey.algorithmParms.encScheme = TPM_ES_NONE;
   7.462 -    newKey.algorithmParms.sigScheme = TPM_SS_RSASSAPKCS1v15_SHA1;
   7.463 -    break;
   7.464 -  case TPM_KEY_STORAGE:
   7.465 -    vtpmloginfo(VTPM_LOG_VTSP, "Creating Storage Key...\n");
   7.466 -    newKey.keyUsage = TPM_KEY_STORAGE;
   7.467 -    newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
   7.468 -    newKey.algorithmParms.sigScheme = TPM_SS_NONE;
   7.469 -    break;
   7.470 -  case TPM_KEY_BIND:
   7.471 -    vtpmloginfo(VTPM_LOG_VTSP, "Creating Binding Key...\n");
   7.472 -    newKey.keyUsage = TPM_KEY_BIND;
   7.473 -    newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
   7.474 -    newKey.algorithmParms.sigScheme = TPM_SS_NONE;
   7.475 -    break;
   7.476 -  default:
   7.477 -    vtpmloginfo(VTPM_LOG_VTSP, "Cannot create key. Invalid Key Type.\n");
   7.478 -    status = TPM_BAD_PARAMETER;
   7.479 -    goto abort_egress;
   7.480 -  }
   7.481 -  
   7.482 -  
   7.483 -  newKey.ver = TPM_STRUCT_VER_1_1;
   7.484 -  
   7.485 -  newKey.keyFlags = 0;
   7.486 -  newKey.authDataUsage = TPM_AUTH_ALWAYS;
   7.487 -  newKey.pubKey.keyLength= 0;
   7.488 -  newKey.encDataSize = 0;
   7.489 -  newKey.encData = NULL;
   7.490 -  
   7.491 -  // FIXME: Support PCR bindings
   7.492 -  newKey.PCRInfoSize = 0;
   7.493 -  newKey.PCRInfo = NULL;
   7.494 -  
   7.495 -  // Calculate encUsageAuth                                    
   7.496 -  XORbufferSize = BSG_PackList(  XORbuffer, 2, 
   7.497 -				 BSG_TPM_SECRET, osapSharedSecret,
   7.498 -				 BSG_TPM_NONCE, &auth->NonceEven);
   7.499 -  Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey1);
   7.500 -  
   7.501 -  // FIXME: No support for migratable keys.
   7.502 -  for (i=0; i < TPM_DIGEST_SIZE; i++) 
   7.503 -    ((BYTE *) &encUsageAuth)[i] = ((BYTE *) &XORKey1)[i] ^ ((BYTE *) newKeyAuth)[i];
   7.504 -  
   7.505 -  // Flatten newKey prototype
   7.506 -  flatKeySize = BSG_Pack(BSG_TPM_KEY, (BYTE *) &newKey, flatKey);
   7.507 -  newKeyText.data = flatKey;
   7.508 -  newKeyText.size = flatKeySize;
   7.509 -  
   7.510 -  // GenerateAuth new nonceOdd    
   7.511 -  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
   7.512 -  
   7.513 -  // Generate HMAC
   7.514 -  paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
   7.515 -  
   7.516 -  paramTextSize = BSG_PackList(paramText, 3,
   7.517 -			       BSG_TPM_COMMAND_CODE, &command,
   7.518 -			       BSG_TPM_AUTHDATA, &encUsageAuth,
   7.519 -			       BSG_TPM_AUTHDATA, &encMigrationAuth);
   7.520 -  memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
   7.521 -  paramTextSize += newKeyText.size;
   7.522 -  
   7.523 -  
   7.524 -  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
   7.525 -			      osapSharedSecret, auth) );
   7.526 -  
   7.527 -  // Call TCS
   7.528 -  TPMTRYRETURN( TCSP_CreateWrapKey(  hContext, 
   7.529 -				     parentHandle,
   7.530 -				     encUsageAuth,
   7.531 -				     encMigrationAuth,
   7.532 -				     &newKeyText.size,
   7.533 -				     &newKeyText.data,
   7.534 -				     auth) );
   7.535 -  
   7.536 -  // Verify Auth
   7.537 -  paramTextSize = BSG_PackList(paramText, 2,
   7.538 -			       BSG_TPM_RESULT, &status,
   7.539 -			       BSG_TPM_COMMAND_CODE, &command);
   7.540 -  memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
   7.541 -  paramTextSize += newKeyText.size;
   7.542 -  
   7.543 -  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
   7.544 -			    osapSharedSecret, auth, 0) );
   7.545 -  
   7.546 -  // Unpack/return key structure
   7.547 -  TPMTRYRETURN(buffer_init(pubKeyBuf, 0, 0) );
   7.548 -  TPMTRYRETURN(buffer_append_raw(pubKeyBuf, newKeyText.size, newKeyText.data) );
   7.549 -  
   7.550 -  goto egress;
   7.551 -  
   7.552 - abort_egress:
   7.553 -  
   7.554 - egress:
   7.555 -  
   7.556 -  free(flatKey);
   7.557 -  free(paramText);
   7.558 -  TCS_FreeMemory(hContext, newKeyText.data);
   7.559 -  
   7.560 -  return status;
   7.561 -}
   7.562 -
   7.563 -TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE    hContext,
   7.564 -                        const TCS_KEY_HANDLE        hUnwrappingKey,
   7.565 -                        const buffer_t              *rgbWrappedKeyBlob,
   7.566 -                        const TPM_AUTHDATA          *parentAuth,
   7.567 -                        TPM_HANDLE                  *newKeyHandle,
   7.568 -                        TCS_AUTH                    *auth,
   7.569 -                        CRYPTO_INFO                 *cryptoinfo /*= NULL*/) {
   7.570 -  
   7.571 -  
   7.572 -  vtpmloginfo(VTPM_LOG_VTSP, "Loading Key.\n%s","");
   7.573 -  
   7.574 -  TPM_RESULT status = TPM_SUCCESS;
   7.575 -  TPM_COMMAND_CODE command = TPM_ORD_LoadKey;
   7.576 -  
   7.577 -  BYTE *paramText;        // Digest to make Auth.
   7.578 -  UINT32 paramTextSize;
   7.579 -  
   7.580 -  if ((rgbWrappedKeyBlob == NULL) || (parentAuth == NULL) || 
   7.581 -      (newKeyHandle==NULL) || (auth==NULL)) {
   7.582 -    status = TPM_BAD_PARAMETER;
   7.583 -    goto abort_egress;
   7.584 -  }
   7.585 -  
   7.586 -  // Generate Extra TCS Parameters
   7.587 -  TPM_HANDLE phKeyHMAC;
   7.588 -  
   7.589 -  // Generate HMAC
   7.590 -  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
   7.591 -  
   7.592 -  paramText = (BYTE *) malloc(sizeof(BYTE) *  TCPA_MAX_BUFFER_LENGTH);
   7.593 -  
   7.594 -  paramTextSize = BSG_PackList(paramText, 1,
   7.595 -			       BSG_TPM_COMMAND_CODE, &command);
   7.596 -  
   7.597 -  memcpy(paramText + paramTextSize, rgbWrappedKeyBlob->bytes, buffer_len(rgbWrappedKeyBlob));
   7.598 -  paramTextSize += buffer_len(rgbWrappedKeyBlob);
   7.599 -  
   7.600 -  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
   7.601 -			      parentAuth, auth) );
   7.602 -  
   7.603 -  // Call TCS
   7.604 -  TPMTRYRETURN( TCSP_LoadKeyByBlob(  hContext,
   7.605 -				     hUnwrappingKey,
   7.606 -				     buffer_len(rgbWrappedKeyBlob),
   7.607 -				     rgbWrappedKeyBlob->bytes,
   7.608 -				     auth,
   7.609 -				     newKeyHandle,
   7.610 -				     &phKeyHMAC) );
   7.611 -  
   7.612 -  // Verify Auth
   7.613 -  paramTextSize = BSG_PackList(paramText, 3,
   7.614 -			       BSG_TPM_RESULT, &status,
   7.615 -			       BSG_TPM_COMMAND_CODE, &command,
   7.616 -			       BSG_TPM_HANDLE, newKeyHandle);
   7.617 -  
   7.618 -  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
   7.619 -			    parentAuth, auth, 
   7.620 -			    hContext) );
   7.621 -  
   7.622 -  // Unpack/return key structure
   7.623 -  if (cryptoinfo != NULL) {
   7.624 -    TPM_KEY newKey;
   7.625 -    
   7.626 -    BSG_Unpack(BSG_TPM_KEY, rgbWrappedKeyBlob->bytes , &newKey);
   7.627 -    TPM_RSA_KEY_PARMS rsaKeyParms;
   7.628 -    
   7.629 -    BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, 
   7.630 -	       newKey.algorithmParms.parms, 
   7.631 -	       &rsaKeyParms);
   7.632 -    
   7.633 -    Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, 
   7.634 -				    rsaKeyParms.exponent, 
   7.635 -				    newKey.pubKey.keyLength, 
   7.636 -				    newKey.pubKey.key, 
   7.637 -				    cryptoinfo);
   7.638 -    
   7.639 -    // Destroy rsaKeyParms
   7.640 -    BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
   7.641 -    
   7.642 -    // Set encryption scheme
   7.643 -    cryptoinfo->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
   7.644 -  }
   7.645 -  
   7.646 -  goto egress;
   7.647 -  
   7.648 - abort_egress:
   7.649 -  
   7.650 - egress:
   7.651 -  
   7.652 -  free(paramText);
   7.653 -  return status;
   7.654 -}
   7.655 -
   7.656 -TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE    hContext,
   7.657 -                        const TPM_KEY_HANDLE        key_handle,
   7.658 -                        const buffer_t              *bound_data,
   7.659 -                        const TPM_AUTHDATA          *usage_auth,
   7.660 -                        buffer_t                    *clear_data,
   7.661 -                        TCS_AUTH                    *auth) {
   7.662 -  
   7.663 -  vtpmloginfo(VTPM_LOG_VTSP, "Unbinding %d bytes of data.\n", buffer_len(bound_data));
   7.664 -  
   7.665 -  TPM_RESULT status = TPM_SUCCESS;
   7.666 -  TPM_COMMAND_CODE command = TPM_ORD_UnBind;
   7.667 -  
   7.668 -  BYTE *paramText;        // Digest to make Auth.
   7.669 -  UINT32 paramTextSize;
   7.670 -  
   7.671 -  // Generate Extra TCS Parameters
   7.672 -  struct pack_buf_t clear_data32;
   7.673 -  BYTE *clear_data_text;
   7.674 -  UINT32 clear_data_size;
   7.675 -  
   7.676 -  // Generate HMAC   
   7.677 -  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
   7.678 -  
   7.679 -  struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes};
   7.680 -  
   7.681 -  paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
   7.682 -  
   7.683 -  paramTextSize = BSG_PackList(paramText, 2,
   7.684 -			       BSG_TPM_COMMAND_CODE, &command,
   7.685 -			       BSG_TPM_SIZE32_DATA, &bound_data32);
   7.686 -  
   7.687 -  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
   7.688 -			      usage_auth, auth) );
   7.689 -  
   7.690 -  // Call TCS
   7.691 -  TPMTRYRETURN( TCSP_UnBind( hContext,
   7.692 -			     key_handle,
   7.693 -			     buffer_len(bound_data),
   7.694 -			     bound_data->bytes,
   7.695 -			     auth,
   7.696 -			     &clear_data_size,
   7.697 -			     &clear_data_text) );
   7.698 -  
   7.699 -  
   7.700 -  // Verify Auth
   7.701 -  clear_data32.size = clear_data_size;
   7.702 -  clear_data32.data = clear_data_text;
   7.703 -  paramTextSize = BSG_PackList(paramText, 3,
   7.704 -			       BSG_TPM_RESULT, &status,
   7.705 -			       BSG_TPM_COMMAND_CODE, &command,
   7.706 -			       BSG_TPM_SIZE32_DATA, &clear_data32);
   7.707 -  
   7.708 -  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
   7.709 -			    usage_auth, auth, 
   7.710 -			    hContext) );
   7.711 -  
   7.712 -  // Unpack/return key structure
   7.713 -  TPMTRYRETURN(buffer_init(clear_data, 0, 0));
   7.714 -  TPMTRYRETURN(buffer_append_raw (clear_data, clear_data_size, clear_data_text) );
   7.715 -  
   7.716 -  goto egress;
   7.717 -  
   7.718 - abort_egress:
   7.719 -  
   7.720 - egress:
   7.721 -  
   7.722 -  free(paramText);
   7.723 -  TCS_FreeMemory(hContext, clear_data_text);
   7.724 -  
   7.725 -  return status;
   7.726 -}
   7.727 -
   7.728 -TPM_RESULT VTSP_Bind(   CRYPTO_INFO *cryptoInfo, 
   7.729 -			const buffer_t *inData, 
   7.730 -			buffer_t *outData)               
   7.731 -{
   7.732 -  vtpmloginfo(VTPM_LOG_VTSP, "Binding %d bytes of data.\n", buffer_len(inData));
   7.733 -  TPM_BOUND_DATA boundData;
   7.734 -  UINT32 i;
   7.735 -  
   7.736 -  // Fill boundData's accessory information
   7.737 -  boundData.ver = TPM_STRUCT_VER_1_1;
   7.738 -  boundData.payload = TPM_PT_BIND;
   7.739 -  boundData.payloadData = inData->bytes;
   7.740 -  
   7.741 -  // Pack boundData before encryption
   7.742 -  BYTE* flatBoundData = (BYTE *)malloc(sizeof(BYTE) * 
   7.743 -				       (sizeof(TPM_VERSION) +
   7.744 -					sizeof(TPM_PAYLOAD_TYPE) +
   7.745 -					buffer_len(inData)));
   7.746 -  if (flatBoundData == NULL) {
   7.747 -    return TPM_NOSPACE;
   7.748 -  }
   7.749 -  UINT32 flatBoundDataSize = 0;
   7.750 -  flatBoundDataSize = BSG_PackList(  flatBoundData, 2, 
   7.751 -				     BSG_TPM_VERSION, &boundData.ver, 
   7.752 -				     BSG_TYPE_BYTE, &boundData.payload);
   7.753 -  
   7.754 -  memcpy(flatBoundData+flatBoundDataSize, inData->bytes, buffer_len(inData));
   7.755 -  flatBoundDataSize += buffer_len(inData);
   7.756 -  
   7.757 -  BYTE out_tmp[RSA_KEY_SIZE/8]; // RSAEnc does not do blocking, So this is what will come out.
   7.758 -  UINT32 out_tmp_size;
   7.759 -  
   7.760 -  // Encrypt flatBoundData
   7.761 -  Crypto_RSAEnc( cryptoInfo, 
   7.762 -		 flatBoundDataSize, 
   7.763 -		 flatBoundData, 
   7.764 -		 &out_tmp_size, 
   7.765 -		 out_tmp);
   7.766 -  
   7.767 -  if (out_tmp_size > RSA_KEY_SIZE/8) {
   7.768 -    // The result of RSAEnc should be a fixed size based on key size.
   7.769 -    vtpmlogerror(VTPM_LOG_VTSP, "Enc buffer just overflowed.\n");
   7.770 -  }
   7.771 -  
   7.772 -  buffer_init(outData, 0, NULL);
   7.773 -  buffer_append_raw(outData, out_tmp_size, out_tmp);
   7.774 -  
   7.775 -  vtpmloginfo(VTPM_LOG_TXDATA, "Bind Generated[%d] = 0x", out_tmp_size);
   7.776 -  for(i = 0 ; i < out_tmp_size ; i++) {
   7.777 -    vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out_tmp[i]);
   7.778 -  }
   7.779 -  vtpmloginfomore(VTPM_LOG_TXDATA, "\n");
   7.780 -  
   7.781 -  // Free flatBoundData
   7.782 -  free(flatBoundData);
   7.783 -  
   7.784 -  return TPM_SUCCESS;
   7.785 -}
   7.786 -
   7.787 -// Function Reaches into unsupported TCS command, beware.
   7.788 -TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE    hContext,
   7.789 -                            const buffer_t *inbuf,
   7.790 -                            buffer_t *outbuf ) {
   7.791 -  
   7.792 -  vtpmloginfo(VTPM_LOG_VTSP, "Passthrough in use.\n");
   7.793 -  TPM_RESULT status = TPM_SUCCESS;
   7.794 -  
   7.795 -  // Generate Extra TCS Parameters
   7.796 -  BYTE *resultText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
   7.797 -  UINT32 resultTextSize =  TCPA_MAX_BUFFER_LENGTH;
   7.798 -  
   7.799 -  // Call TCS                          
   7.800 -  TPMTRYRETURN( TCSP_RawTransmitData(buffer_len(inbuf), inbuf->bytes, 
   7.801 -				     &resultTextSize, resultText) );
   7.802 -  
   7.803 -  // Unpack/return key structure
   7.804 -  TPMTRYRETURN(buffer_init (outbuf, resultTextSize, resultText) );                                
   7.805 -  goto egress;
   7.806 -  
   7.807 - abort_egress:
   7.808 -  
   7.809 - egress:
   7.810 -  TCS_FreeMemory(hContext, resultText);
   7.811 -  free(resultText);
   7.812 -  return status;
   7.813 -}
   7.814 +// ===================================================================
   7.815 +// 
   7.816 +// Copyright (c) 2005, Intel Corp.
   7.817 +// All rights reserved.
   7.818 +//
   7.819 +// Redistribution and use in source and binary forms, with or without 
   7.820 +// modification, are permitted provided that the following conditions 
   7.821 +// are met:
   7.822 +//
   7.823 +//   * Redistributions of source code must retain the above copyright 
   7.824 +//     notice, this list of conditions and the following disclaimer.
   7.825 +//   * Redistributions in binary form must reproduce the above 
   7.826 +//     copyright notice, this list of conditions and the following 
   7.827 +//     disclaimer in the documentation and/or other materials provided 
   7.828 +//     with the distribution.
   7.829 +//   * Neither the name of Intel Corporation nor the names of its 
   7.830 +//     contributors may be used to endorse or promote products derived
   7.831 +//     from this software without specific prior written permission.
   7.832 +//
   7.833 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
   7.834 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
   7.835 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
   7.836 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
   7.837 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
   7.838 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   7.839 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
   7.840 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   7.841 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
   7.842 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
   7.843 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   7.844 +// OF THE POSSIBILITY OF SUCH DAMAGE.
   7.845 +// ===================================================================
   7.846 +// 
   7.847 +// vtsp.c
   7.848 +// 
   7.849 +//  Higher level interface to TCS for use in service.
   7.850 +//
   7.851 +// ==================================================================
   7.852 +
   7.853 +#include <string.h>
   7.854 +#include "tcg.h"
   7.855 +#include "tcs.h"
   7.856 +#include "bsg.h"
   7.857 +#include "log.h"
   7.858 +#include "crypto.h"
   7.859 +#include "vtsp.h"
   7.860 +#include "buffer.h"
   7.861 +
   7.862 +#define  RSA_KEY_SIZE 0x0800
   7.863 +
   7.864 +/***********************************************************************************
   7.865 + * GenerateAuth: Generate authorization info to be sent back to application
   7.866 + *
   7.867 + * Parameters: outParamDigestText  The concatenation of output parameters to be SHA1ed
   7.868 + *    outParamDigestTextSize Size of inParamDigestText
   7.869 + *    HMACkey     Key to be used for HMACing
   7.870 + *          For OIAP use key.authUsage or PersistStore.ownerAuth
   7.871 + *          For OSAP use shared secret
   7.872 + *    pAuth     Authorization information from the application
   7.873 + *
   7.874 + * Return:  TPM_SUCCESS   Authorization data created
   7.875 + *    TPM_AUTHFAIL   Invalid (NULL) HMACkey presented for OSAP
   7.876 + *************************************************************************************/
   7.877 +TPM_RESULT GenerateAuth( /*[IN]*/ const BYTE *inParamDigestText,
   7.878 +			 /*[IN]*/ UINT32 inParamDigestTextSize,
   7.879 +			 /*[IN]*/ const TPM_SECRET *HMACkey,  
   7.880 +			 /*[IN,OUT]*/ TCS_AUTH *auth) {
   7.881 +    
   7.882 +  if (inParamDigestText == NULL || auth == NULL) 
   7.883 +    return (TPM_AUTHFAIL);
   7.884 +  else {
   7.885 +    
   7.886 +    //Generate new OddNonce
   7.887 +    Crypto_GetRandom(auth->NonceOdd.nonce, sizeof(TPM_NONCE));
   7.888 +    
   7.889 +    // Create SHA1 inParamDigest
   7.890 +    TPM_DIGEST inParamDigest;
   7.891 +    Crypto_SHA1Full(inParamDigestText, inParamDigestTextSize, (BYTE *) &inParamDigest);
   7.892 +    
   7.893 +    // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
   7.894 +    BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
   7.895 +    
   7.896 +    BSG_PackList(   hmacText, 4, 
   7.897 +		    BSG_TPM_DIGEST, &inParamDigest,
   7.898 +		    BSG_TPM_NONCE, &(auth->NonceEven),
   7.899 +		    BSG_TPM_NONCE, &(auth->NonceOdd), 
   7.900 +		    BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
   7.901 +    
   7.902 +    Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &(auth->HMAC));
   7.903 +    
   7.904 +    return(TPM_SUCCESS);
   7.905 +    
   7.906 +  }
   7.907 +}
   7.908 +
   7.909 +/***********************************************************************************
   7.910 + * VerifyAuth: Verify the authdata for a command requiring authorization
   7.911 + *
   7.912 + * Parameters: inParamDigestText  The concatenation of parameters to be SHA1ed
   7.913 + *    inParamDigestTextSize Size of inParamDigestText
   7.914 + *    authDataUsage   AuthDataUsage for the Entity being used
   7.915 + *          Key->authDataUsage or TPM_AUTH_OWNER
   7.916 + *    HMACkey     Key to be used for HMACing
   7.917 + *          For OIAP use key.authUsage or PersistStore.ownerAuth
   7.918 + *          For OSAP use NULL (It will be aquired from the Auth Session)
   7.919 + *          If unknown (default), assume OIAP
   7.920 + *    sessionAuth    A TCS_AUTH info for the session
   7.921 + *    pAuth     Authorization information from the application
   7.922 + *              hContext        If specified, on failed Auth, VerifyAuth will
   7.923 + *                                      generate a new OIAP session in place of themselves
   7.924 + *                                      destroyed session.
   7.925 + *
   7.926 + * Return:  TPM_SUCCESS   Authorization Verified
   7.927 + *    TPM_AUTHFAIL   Authorization Failed
   7.928 + *    TPM_FAIL    Failure during SHA1 routines
   7.929 + *************************************************************************************/
   7.930 +TPM_RESULT VerifyAuth( /*[IN]*/ const BYTE *outParamDigestText,
   7.931 +		       /*[IN]*/ UINT32 outParamDigestTextSize,
   7.932 +		       /*[IN]*/ const TPM_SECRET *HMACkey,  
   7.933 +		       /*[IN,OUT]*/ TCS_AUTH *auth,
   7.934 +		       /*[IN]*/  TCS_CONTEXT_HANDLE hContext) {
   7.935 +  if (outParamDigestText == NULL || auth == NULL) 
   7.936 +    return (TPM_AUTHFAIL);
   7.937 +  
   7.938 +  
   7.939 +  // Create SHA1 inParamDigest
   7.940 +  TPM_DIGEST outParamDigest;
   7.941 +  Crypto_SHA1Full(outParamDigestText, outParamDigestTextSize, (BYTE *) &outParamDigest);
   7.942 +  
   7.943 +  // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams).
   7.944 +  TPM_DIGEST hm;
   7.945 +  BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)];
   7.946 +  
   7.947 +  BSG_PackList(   hmacText, 4, 
   7.948 +		  BSG_TPM_DIGEST, &outParamDigest,
   7.949 +		  BSG_TPM_NONCE, &(auth->NonceEven),
   7.950 +		  BSG_TPM_NONCE, &(auth->NonceOdd), 
   7.951 +		  BSG_TYPE_BOOL, &(auth->fContinueAuthSession) );
   7.952 +  
   7.953 +  Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText),
   7.954 +	      (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &hm);
   7.955 +    
   7.956 +  // Compare correct HMAC with provided one.
   7.957 +  if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0)  // 0 indicates equality
   7.958 +    return (TPM_SUCCESS);
   7.959 +  else {
   7.960 +    VTSP_OIAP( hContext, auth);
   7.961 +    return (TPM_AUTHFAIL);
   7.962 +  }
   7.963 +}
   7.964 +
   7.965 +TPM_RESULT VTSP_OIAP(const TCS_CONTEXT_HANDLE hContext,
   7.966 +		     TCS_AUTH *auth) {
   7.967 +  
   7.968 +  vtpmloginfo(VTPM_LOG_VTSP, "OIAP.\n");
   7.969 +  TPM_RESULT status = TPM_SUCCESS;                           
   7.970 +  TPMTRYRETURN( TCSP_OIAP(hContext,
   7.971 +			  &auth->AuthHandle,
   7.972 +			  &auth->NonceEven) );
   7.973 +  goto egress;
   7.974 +  
   7.975 + abort_egress:
   7.976 +  
   7.977 + egress:
   7.978 +  
   7.979 +  return status;
   7.980 +}
   7.981 +
   7.982 +TPM_RESULT VTSP_OSAP(const TCS_CONTEXT_HANDLE hContext,
   7.983 +		     const TPM_ENTITY_TYPE entityType,
   7.984 +		     const UINT32 entityValue,
   7.985 +		     const TPM_AUTHDATA *usageAuth,
   7.986 +		     TPM_SECRET *sharedSecret, 
   7.987 +		     TCS_AUTH *auth) {
   7.988 +  
   7.989 +  vtpmloginfo(VTPM_LOG_VTSP, "OSAP.\n");
   7.990 +  TPM_RESULT status = TPM_SUCCESS;
   7.991 +  TPM_NONCE nonceEvenOSAP, nonceOddOSAP;
   7.992 +  
   7.993 +  Crypto_GetRandom((BYTE *) &nonceOddOSAP, sizeof(TPM_NONCE) ); 
   7.994 +  
   7.995 +  TPMTRYRETURN( TCSP_OSAP(    hContext,
   7.996 +			      entityType,
   7.997 +			      entityValue, 
   7.998 +			      nonceOddOSAP,
   7.999 +			      &auth->AuthHandle, 
  7.1000 +			      &auth->NonceEven, 
  7.1001 +			      &nonceEvenOSAP) );
  7.1002 +  
  7.1003 +  // Calculating Session Secret
  7.1004 +  BYTE sharedSecretText[TPM_DIGEST_SIZE * 2];
  7.1005 +  
  7.1006 +  BSG_PackList(  sharedSecretText, 2,
  7.1007 +		 BSG_TPM_NONCE, &nonceEvenOSAP,
  7.1008 +		 BSG_TPM_NONCE, &nonceOddOSAP);
  7.1009 +  
  7.1010 +  Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) usageAuth, TPM_DIGEST_SIZE, (BYTE *) sharedSecret);       
  7.1011 +    
  7.1012 +  goto egress;
  7.1013 +  
  7.1014 + abort_egress:
  7.1015 +  
  7.1016 + egress:
  7.1017 +  
  7.1018 +  return status;
  7.1019 +}
  7.1020 +
  7.1021 +
  7.1022 +
  7.1023 +TPM_RESULT VTSP_ReadPubek(   const TCS_CONTEXT_HANDLE hContext,
  7.1024 +                             CRYPTO_INFO *crypto_info) {
  7.1025 +  
  7.1026 +  TPM_RESULT status;
  7.1027 +  TPM_NONCE antiReplay;
  7.1028 +  TPM_DIGEST   checksum;
  7.1029 +  BYTE *pubEKtext;
  7.1030 +  UINT32 pubEKtextsize;
  7.1031 +  
  7.1032 +  vtpmloginfo(VTPM_LOG_VTSP, "Reading Public EK.\n");
  7.1033 +  
  7.1034 +  // GenerateAuth new nonceOdd    
  7.1035 +  Crypto_GetRandom(&antiReplay, sizeof(TPM_NONCE) );
  7.1036 +  
  7.1037 +  
  7.1038 +  TPMTRYRETURN( TCSP_ReadPubek(  hContext,
  7.1039 +				 antiReplay,
  7.1040 +				 &pubEKtextsize,
  7.1041 +				 &pubEKtext,
  7.1042 +				 &checksum) );
  7.1043 +  
  7.1044 +  
  7.1045 +  // Extract the remaining output parameters
  7.1046 +  TPM_PUBKEY pubEK;
  7.1047 +  
  7.1048 +  BSG_Unpack(BSG_TPM_PUBKEY, pubEKtext, (BYTE *) &pubEK);
  7.1049 +  
  7.1050 +  // Build CryptoInfo for the bindingKey
  7.1051 +  TPM_RSA_KEY_PARMS rsaKeyParms;
  7.1052 +  
  7.1053 +  BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, 
  7.1054 +	     pubEK.algorithmParms.parms, 
  7.1055 +	     &rsaKeyParms);
  7.1056 +  
  7.1057 +  Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, 
  7.1058 +				  rsaKeyParms.exponent, 
  7.1059 +				  pubEK.pubKey.keyLength, 
  7.1060 +				  pubEK.pubKey.key, 
  7.1061 +				  crypto_info);
  7.1062 +    
  7.1063 +  // Destroy rsaKeyParms
  7.1064 +  BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
  7.1065 +
  7.1066 +  // Set encryption scheme
  7.1067 +  crypto_info->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
  7.1068 +  //crypto_info->encScheme = pubEK.algorithmParms.encScheme;
  7.1069 +  crypto_info->algorithmID = pubEK.algorithmParms.algorithmID;
  7.1070 +  
  7.1071 +  goto egress;
  7.1072 +  
  7.1073 + abort_egress:
  7.1074 +  
  7.1075 + egress:
  7.1076 +  
  7.1077 +  return status;
  7.1078 +}
  7.1079 +
  7.1080 +TPM_RESULT VTSP_TakeOwnership(   const TCS_CONTEXT_HANDLE hContext,
  7.1081 +                                 const TPM_AUTHDATA *ownerAuth, 
  7.1082 +                                 const TPM_AUTHDATA *srkAuth,
  7.1083 +                                 CRYPTO_INFO *ek_cryptoInfo,
  7.1084 +                                 TCS_AUTH *auth) {
  7.1085 +  
  7.1086 +  vtpmloginfo(VTPM_LOG_VTSP, "Taking Ownership of TPM.\n");
  7.1087 +  
  7.1088 +  TPM_RESULT status = TPM_SUCCESS;
  7.1089 +  TPM_COMMAND_CODE command = TPM_ORD_TakeOwnership;
  7.1090 +  TPM_PROTOCOL_ID proto_id = TPM_PID_OWNER;
  7.1091 +  BYTE *new_srk;
  7.1092 +  
  7.1093 +  BYTE *paramText;        // Digest to make Auth.
  7.1094 +  UINT32 paramTextSize;
  7.1095 +  
  7.1096 +  // vars for srkpubkey parameter
  7.1097 +  TPM_KEY srkPub;
  7.1098 +  TPM_KEY_PARMS srkKeyInfo = {TPM_ALG_RSA, TPM_ES_RSAESOAEP_SHA1_MGF1, TPM_SS_NONE, 12, 0};
  7.1099 +  BYTE srkRSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00,   0x00, 0x00, 0x00, 0x02,   0x00, 0x00, 0x00, 0x00};
  7.1100 +  srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo;
  7.1101 +  
  7.1102 +  struct pack_buf_t srkText;
  7.1103 +  
  7.1104 +  // GenerateAuth new nonceOdd    
  7.1105 +  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
  7.1106 +  
  7.1107 +  //These values are accurate for an enc(AuthData).
  7.1108 +  struct pack_buf_t encOwnerAuth, encSrkAuth;
  7.1109 +  
  7.1110 +  encOwnerAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
  7.1111 +  encSrkAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256);
  7.1112 +  
  7.1113 +  if (encOwnerAuth.data == NULL || encSrkAuth.data == NULL) {
  7.1114 +    vtpmloginfo(VTPM_LOG_VTSP, "Could not malloc encrypted auths.\n");
  7.1115 +    status = TPM_RESOURCES;
  7.1116 +    goto abort_egress;
  7.1117 +  }
  7.1118 +  
  7.1119 +  Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) ownerAuth, &encOwnerAuth.size, encOwnerAuth.data);
  7.1120 +  Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) srkAuth, &encSrkAuth.size, encSrkAuth.data);
  7.1121 +  
  7.1122 +  
  7.1123 +  // Build srk public key struct
  7.1124 +  srkPub.ver = TPM_STRUCT_VER_1_1;
  7.1125 +  srkPub.keyUsage = TPM_KEY_STORAGE;
  7.1126 +  srkPub.keyFlags = 0x00;
  7.1127 +  srkPub.authDataUsage = TPM_AUTH_ALWAYS;
  7.1128 +  memcpy(&srkPub.algorithmParms, &srkKeyInfo, sizeof(TPM_KEY_PARMS));
  7.1129 +  srkPub.PCRInfoSize = 0;
  7.1130 +  srkPub.PCRInfo = 0;
  7.1131 +  srkPub.pubKey.keyLength= 0;
  7.1132 +  srkPub.encDataSize = 0;
  7.1133 +  
  7.1134 +  srkText.data = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
  7.1135 +  srkText.size = BSG_Pack(BSG_TPM_KEY, (BYTE *) &srkPub, srkText.data);
  7.1136 +  
  7.1137 +  paramText = (BYTE *) malloc(sizeof(BYTE) *  TCPA_MAX_BUFFER_LENGTH);
  7.1138 +  
  7.1139 +  paramTextSize = BSG_PackList(paramText, 5,
  7.1140 +			       BSG_TPM_COMMAND_CODE,&command,
  7.1141 +			       BSG_TPM_PROTOCOL_ID, &proto_id,
  7.1142 +			       BSG_TPM_SIZE32_DATA, &encOwnerAuth,
  7.1143 +			       BSG_TPM_SIZE32_DATA, &encSrkAuth,
  7.1144 +			       BSG_TPM_KEY, &srkPub);
  7.1145 +  
  7.1146 +  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, ownerAuth, auth) );
  7.1147 +  
  7.1148 +  new_srk = srkText.data;
  7.1149 +  TPMTRYRETURN( TCSP_TakeOwnership ( hContext,
  7.1150 +				     proto_id,
  7.1151 +				     encOwnerAuth.size, 
  7.1152 +				     encOwnerAuth.data,
  7.1153 +				     encSrkAuth.size,
  7.1154 +				     encSrkAuth.data,
  7.1155 +				     &srkText.size,
  7.1156 +				     &new_srk, 
  7.1157 +				     auth ) );
  7.1158 +  
  7.1159 +  
  7.1160 +  paramTextSize = BSG_PackList(paramText, 2, 
  7.1161 +			       BSG_TPM_RESULT, &status,
  7.1162 +			       BSG_TPM_COMMAND_CODE, &command);
  7.1163 +  memcpy(paramText + paramTextSize, new_srk, srkText.size);
  7.1164 +  paramTextSize += srkText.size;
  7.1165 +  
  7.1166 +  
  7.1167 +  TPMTRYRETURN( VerifyAuth(  paramText, paramTextSize,
  7.1168 +			     ownerAuth, auth, 
  7.1169 +			     hContext) );
  7.1170 +  
  7.1171 +  goto egress;
  7.1172 +  
  7.1173 + abort_egress:
  7.1174 +  
  7.1175 + egress:
  7.1176 +  
  7.1177 +  free(srkText.data);
  7.1178 +  free(encSrkAuth.data);
  7.1179 +  free(encOwnerAuth.data);
  7.1180 +  free(paramText);
  7.1181 +  
  7.1182 +  TCS_FreeMemory(hContext, new_srk);
  7.1183 +  
  7.1184 +  return status;
  7.1185 +}
  7.1186 +
  7.1187 +TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE    hContext,
  7.1188 +                                  const TPM_AUTHDATA          *ownerAuth, 
  7.1189 +                                  TCS_AUTH                    *auth) {
  7.1190 +  
  7.1191 +  vtpmloginfo(VTPM_LOG_VTSP, "Disabling Pubek Read.\n");
  7.1192 +  
  7.1193 +  TPM_RESULT status = TPM_SUCCESS;
  7.1194 +  TPM_COMMAND_CODE command = TPM_ORD_DisablePubekRead;
  7.1195 +  
  7.1196 +  BYTE *paramText;        // Digest to make Auth.
  7.1197 +  UINT32 paramTextSize;
  7.1198 +    
  7.1199 +  // Generate HMAC   
  7.1200 +  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
  7.1201 +  
  7.1202 +  paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
  7.1203 +  
  7.1204 +  paramTextSize = BSG_PackList(paramText, 1,
  7.1205 +			       BSG_TPM_COMMAND_CODE, &command);
  7.1206 +  
  7.1207 +  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
  7.1208 +			      ownerAuth, auth) );
  7.1209 +  
  7.1210 +  // Call TCS
  7.1211 +  TPMTRYRETURN( TCSP_DisablePubekRead ( hContext, // in
  7.1212 +                                        auth) );
  7.1213 +  
  7.1214 +  // Verify Auth
  7.1215 +  paramTextSize = BSG_PackList(paramText, 2,
  7.1216 +			       BSG_TPM_RESULT, &status,
  7.1217 +			       BSG_TPM_COMMAND_CODE, &command);
  7.1218 +  
  7.1219 +  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
  7.1220 +			    ownerAuth, auth, 
  7.1221 +			    hContext) );
  7.1222 +  goto egress;
  7.1223 +  
  7.1224 + abort_egress:
  7.1225 + egress:
  7.1226 +  free(paramText);
  7.1227 +  return status;
  7.1228 +}
  7.1229 +
  7.1230 +TPM_RESULT VTSP_CreateWrapKey(  const TCS_CONTEXT_HANDLE hContext,
  7.1231 +                                const TPM_KEY_USAGE      usage,
  7.1232 +                                const TPM_AUTHDATA       *newKeyAuth,
  7.1233 +                                const TCS_KEY_HANDLE     parentHandle, 
  7.1234 +                                const TPM_AUTHDATA       *osapSharedSecret,
  7.1235 +                                buffer_t                 *pubKeyBuf,
  7.1236 +                                TCS_AUTH                 *auth) {
  7.1237 +  
  7.1238 +  int i;
  7.1239 +  TPM_RESULT status = TPM_SUCCESS;
  7.1240 +  TPM_COMMAND_CODE command = TPM_ORD_CreateWrapKey;
  7.1241 +  
  7.1242 +  vtpmloginfo(VTPM_LOG_VTSP, "Creating new key of type %d.\n", usage);
  7.1243 +  
  7.1244 +  // vars for Calculate encUsageAuth
  7.1245 +  BYTE *paramText;      
  7.1246 +  UINT32 paramTextSize;
  7.1247 +  
  7.1248 +  // vars for Calculate encUsageAuth
  7.1249 +  BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)];
  7.1250 +  TPM_DIGEST XORKey1;
  7.1251 +  UINT32 XORbufferSize;
  7.1252 +  TPM_SECRET encUsageAuth, encMigrationAuth;
  7.1253 +  
  7.1254 +  // vars for Flatten newKey prototype
  7.1255 +  BYTE *flatKey = (BYTE *) malloc(sizeof(BYTE) *  TCPA_MAX_BUFFER_LENGTH);
  7.1256 +  UINT32 flatKeySize = TCPA_MAX_BUFFER_LENGTH;                                    
  7.1257 +  struct pack_buf_t newKeyText;
  7.1258 +  
  7.1259 +  // Fill in newKey
  7.1260 +  TPM_KEY newKey;
  7.1261 +  
  7.1262 +  BYTE RSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00,   0x00, 0x00, 0x00, 0x02,   0x00, 0x00, 0x00, 0x00};
  7.1263 +  newKey.algorithmParms.algorithmID = TPM_ALG_RSA;
  7.1264 +  newKey.algorithmParms.parms = (BYTE *) &RSAkeyInfo;
  7.1265 +  newKey.algorithmParms.parmSize = 12;
  7.1266 +  
  7.1267 +  switch (usage) {
  7.1268 +  case TPM_KEY_SIGNING:
  7.1269 +    vtpmloginfo(VTPM_LOG_VTSP, "Creating Signing Key...\n");
  7.1270 +    newKey.keyUsage = TPM_KEY_SIGNING;
  7.1271 +    newKey.algorithmParms.encScheme = TPM_ES_NONE;
  7.1272 +    newKey.algorithmParms.sigScheme = TPM_SS_RSASSAPKCS1v15_SHA1;
  7.1273 +    break;
  7.1274 +  case TPM_KEY_STORAGE:
  7.1275 +    vtpmloginfo(VTPM_LOG_VTSP, "Creating Storage Key...\n");
  7.1276 +    newKey.keyUsage = TPM_KEY_STORAGE;
  7.1277 +    newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
  7.1278 +    newKey.algorithmParms.sigScheme = TPM_SS_NONE;
  7.1279 +    break;
  7.1280 +  case TPM_KEY_BIND:
  7.1281 +    vtpmloginfo(VTPM_LOG_VTSP, "Creating Binding Key...\n");
  7.1282 +    newKey.keyUsage = TPM_KEY_BIND;
  7.1283 +    newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1;
  7.1284 +    newKey.algorithmParms.sigScheme = TPM_SS_NONE;
  7.1285 +    break;
  7.1286 +  default:
  7.1287 +    vtpmloginfo(VTPM_LOG_VTSP, "Cannot create key. Invalid Key Type.\n");
  7.1288 +    status = TPM_BAD_PARAMETER;
  7.1289 +    goto abort_egress;
  7.1290 +  }
  7.1291 +  
  7.1292 +  
  7.1293 +  newKey.ver = TPM_STRUCT_VER_1_1;
  7.1294 +  
  7.1295 +  newKey.keyFlags = 0;
  7.1296 +  newKey.authDataUsage = TPM_AUTH_ALWAYS;
  7.1297 +  newKey.pubKey.keyLength= 0;
  7.1298 +  newKey.encDataSize = 0;
  7.1299 +  newKey.encData = NULL;
  7.1300 +  
  7.1301 +  // FIXME: Support PCR bindings
  7.1302 +  newKey.PCRInfoSize = 0;
  7.1303 +  newKey.PCRInfo = NULL;
  7.1304 +  
  7.1305 +  // Calculate encUsageAuth                                    
  7.1306 +  XORbufferSize = BSG_PackList(  XORbuffer, 2, 
  7.1307 +				 BSG_TPM_SECRET, osapSharedSecret,
  7.1308 +				 BSG_TPM_NONCE, &auth->NonceEven);
  7.1309 +  Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey1);
  7.1310 +  
  7.1311 +  // FIXME: No support for migratable keys.
  7.1312 +  for (i=0; i < TPM_DIGEST_SIZE; i++) 
  7.1313 +    ((BYTE *) &encUsageAuth)[i] = ((BYTE *) &XORKey1)[i] ^ ((BYTE *) newKeyAuth)[i];
  7.1314 +  
  7.1315 +  // Flatten newKey prototype
  7.1316 +  flatKeySize = BSG_Pack(BSG_TPM_KEY, (BYTE *) &newKey, flatKey);
  7.1317 +  newKeyText.data = flatKey;
  7.1318 +  newKeyText.size = flatKeySize;
  7.1319 +  
  7.1320 +  // GenerateAuth new nonceOdd    
  7.1321 +  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
  7.1322 +  
  7.1323 +  // Generate HMAC
  7.1324 +  paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
  7.1325 +  
  7.1326 +  paramTextSize = BSG_PackList(paramText, 3,
  7.1327 +			       BSG_TPM_COMMAND_CODE, &command,
  7.1328 +			       BSG_TPM_AUTHDATA, &encUsageAuth,
  7.1329 +			       BSG_TPM_AUTHDATA, &encMigrationAuth);
  7.1330 +  memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
  7.1331 +  paramTextSize += newKeyText.size;
  7.1332 +  
  7.1333 +  
  7.1334 +  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
  7.1335 +			      osapSharedSecret, auth) );
  7.1336 +  
  7.1337 +  // Call TCS
  7.1338 +  TPMTRYRETURN( TCSP_CreateWrapKey(  hContext, 
  7.1339 +				     parentHandle,
  7.1340 +				     encUsageAuth,
  7.1341 +				     encMigrationAuth,
  7.1342 +				     &newKeyText.size,
  7.1343 +				     &newKeyText.data,
  7.1344 +				     auth) );
  7.1345 +  
  7.1346 +  // Verify Auth
  7.1347 +  paramTextSize = BSG_PackList(paramText, 2,
  7.1348 +			       BSG_TPM_RESULT, &status,
  7.1349 +			       BSG_TPM_COMMAND_CODE, &command);
  7.1350 +  memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size);
  7.1351 +  paramTextSize += newKeyText.size;
  7.1352 +  
  7.1353 +  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
  7.1354 +			    osapSharedSecret, auth, 0) );
  7.1355 +  
  7.1356 +  // Unpack/return key structure
  7.1357 +  TPMTRYRETURN(buffer_init(pubKeyBuf, 0, 0) );
  7.1358 +  TPMTRYRETURN(buffer_append_raw(pubKeyBuf, newKeyText.size, newKeyText.data) );
  7.1359 +  
  7.1360 +  goto egress;
  7.1361 +  
  7.1362 + abort_egress:
  7.1363 +  
  7.1364 + egress:
  7.1365 +  
  7.1366 +  free(flatKey);
  7.1367 +  free(paramText);
  7.1368 +  TCS_FreeMemory(hContext, newKeyText.data);
  7.1369 +  
  7.1370 +  return status;
  7.1371 +}
  7.1372 +
  7.1373 +TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE    hContext,
  7.1374 +                        const TCS_KEY_HANDLE        hUnwrappingKey,
  7.1375 +                        const buffer_t              *rgbWrappedKeyBlob,
  7.1376 +                        const TPM_AUTHDATA          *parentAuth,
  7.1377 +                        TPM_HANDLE                  *newKeyHandle,
  7.1378 +                        TCS_AUTH                    *auth,
  7.1379 +                        CRYPTO_INFO                 *cryptoinfo /*= NULL*/) {
  7.1380 +  
  7.1381 +  
  7.1382 +  vtpmloginfo(VTPM_LOG_VTSP, "Loading Key.\n%s","");
  7.1383 +  
  7.1384 +  TPM_RESULT status = TPM_SUCCESS;
  7.1385 +  TPM_COMMAND_CODE command = TPM_ORD_LoadKey;
  7.1386 +  
  7.1387 +  BYTE *paramText;        // Digest to make Auth.
  7.1388 +  UINT32 paramTextSize;
  7.1389 +  
  7.1390 +  if ((rgbWrappedKeyBlob == NULL) || (parentAuth == NULL) || 
  7.1391 +      (newKeyHandle==NULL) || (auth==NULL)) {
  7.1392 +    status = TPM_BAD_PARAMETER;
  7.1393 +    goto abort_egress;
  7.1394 +  }
  7.1395 +  
  7.1396 +  // Generate Extra TCS Parameters
  7.1397 +  TPM_HANDLE phKeyHMAC;
  7.1398 +  
  7.1399 +  // Generate HMAC
  7.1400 +  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
  7.1401 +  
  7.1402 +  paramText = (BYTE *) malloc(sizeof(BYTE) *  TCPA_MAX_BUFFER_LENGTH);
  7.1403 +  
  7.1404 +  paramTextSize = BSG_PackList(paramText, 1,
  7.1405 +			       BSG_TPM_COMMAND_CODE, &command);
  7.1406 +  
  7.1407 +  memcpy(paramText + paramTextSize, rgbWrappedKeyBlob->bytes, buffer_len(rgbWrappedKeyBlob));
  7.1408 +  paramTextSize += buffer_len(rgbWrappedKeyBlob);
  7.1409 +  
  7.1410 +  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
  7.1411 +			      parentAuth, auth) );
  7.1412 +  
  7.1413 +  // Call TCS
  7.1414 +  TPMTRYRETURN( TCSP_LoadKeyByBlob(  hContext,
  7.1415 +				     hUnwrappingKey,
  7.1416 +				     buffer_len(rgbWrappedKeyBlob),
  7.1417 +				     rgbWrappedKeyBlob->bytes,
  7.1418 +				     auth,
  7.1419 +				     newKeyHandle,
  7.1420 +				     &phKeyHMAC) );
  7.1421 +  
  7.1422 +  // Verify Auth
  7.1423 +  paramTextSize = BSG_PackList(paramText, 3,
  7.1424 +			       BSG_TPM_RESULT, &status,
  7.1425 +			       BSG_TPM_COMMAND_CODE, &command,
  7.1426 +			       BSG_TPM_HANDLE, newKeyHandle);
  7.1427 +  
  7.1428 +  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
  7.1429 +			    parentAuth, auth, 
  7.1430 +			    hContext) );
  7.1431 +  
  7.1432 +  // Unpack/return key structure
  7.1433 +  if (cryptoinfo != NULL) {
  7.1434 +    TPM_KEY newKey;
  7.1435 +    
  7.1436 +    BSG_Unpack(BSG_TPM_KEY, rgbWrappedKeyBlob->bytes , &newKey);
  7.1437 +    TPM_RSA_KEY_PARMS rsaKeyParms;
  7.1438 +    
  7.1439 +    BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, 
  7.1440 +	       newKey.algorithmParms.parms, 
  7.1441 +	       &rsaKeyParms);
  7.1442 +    
  7.1443 +    Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, 
  7.1444 +				    rsaKeyParms.exponent, 
  7.1445 +				    newKey.pubKey.keyLength, 
  7.1446 +				    newKey.pubKey.key, 
  7.1447 +				    cryptoinfo);
  7.1448 +    
  7.1449 +    // Destroy rsaKeyParms
  7.1450 +    BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms);
  7.1451 +    
  7.1452 +    // Set encryption scheme
  7.1453 +    cryptoinfo->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1;
  7.1454 +  }
  7.1455 +  
  7.1456 +  goto egress;
  7.1457 +  
  7.1458 + abort_egress:
  7.1459 +  
  7.1460 + egress:
  7.1461 +  
  7.1462 +  free(paramText);
  7.1463 +  return status;
  7.1464 +}
  7.1465 +
  7.1466 +TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE    hContext,
  7.1467 +                        const TPM_KEY_HANDLE        key_handle,
  7.1468 +                        const buffer_t              *bound_data,
  7.1469 +                        const TPM_AUTHDATA          *usage_auth,
  7.1470 +                        buffer_t                    *clear_data,
  7.1471 +                        TCS_AUTH                    *auth) {
  7.1472 +  
  7.1473 +  vtpmloginfo(VTPM_LOG_VTSP, "Unbinding %d bytes of data.\n", buffer_len(bound_data));
  7.1474 +  
  7.1475 +  TPM_RESULT status = TPM_SUCCESS;
  7.1476 +  TPM_COMMAND_CODE command = TPM_ORD_UnBind;
  7.1477 +  
  7.1478 +  BYTE *paramText;        // Digest to make Auth.
  7.1479 +  UINT32 paramTextSize;
  7.1480 +  
  7.1481 +  // Generate Extra TCS Parameters
  7.1482 +  struct pack_buf_t clear_data32;
  7.1483 +  BYTE *clear_data_text;
  7.1484 +  UINT32 clear_data_size;
  7.1485 +  
  7.1486 +  // Generate HMAC   
  7.1487 +  Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) );
  7.1488 +  
  7.1489 +  struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes};
  7.1490 +  
  7.1491 +  paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
  7.1492 +  
  7.1493 +  paramTextSize = BSG_PackList(paramText, 2,
  7.1494 +			       BSG_TPM_COMMAND_CODE, &command,
  7.1495 +			       BSG_TPM_SIZE32_DATA, &bound_data32);
  7.1496 +  
  7.1497 +  TPMTRYRETURN( GenerateAuth( paramText, paramTextSize,
  7.1498 +			      usage_auth, auth) );
  7.1499 +  
  7.1500 +  // Call TCS
  7.1501 +  TPMTRYRETURN( TCSP_UnBind( hContext,
  7.1502 +			     key_handle,
  7.1503 +			     buffer_len(bound_data),
  7.1504 +			     bound_data->bytes,
  7.1505 +			     auth,
  7.1506 +			     &clear_data_size,
  7.1507 +			     &clear_data_text) );
  7.1508 +  
  7.1509 +  
  7.1510 +  // Verify Auth
  7.1511 +  clear_data32.size = clear_data_size;
  7.1512 +  clear_data32.data = clear_data_text;
  7.1513 +  paramTextSize = BSG_PackList(paramText, 3,
  7.1514 +			       BSG_TPM_RESULT, &status,
  7.1515 +			       BSG_TPM_COMMAND_CODE, &command,
  7.1516 +			       BSG_TPM_SIZE32_DATA, &clear_data32);
  7.1517 +  
  7.1518 +  TPMTRYRETURN( VerifyAuth( paramText, paramTextSize,
  7.1519 +			    usage_auth, auth, 
  7.1520 +			    hContext) );
  7.1521 +  
  7.1522 +  // Unpack/return key structure
  7.1523 +  TPMTRYRETURN(buffer_init(clear_data, 0, 0));
  7.1524 +  TPMTRYRETURN(buffer_append_raw (clear_data, clear_data_size, clear_data_text) );
  7.1525 +  
  7.1526 +  goto egress;
  7.1527 +  
  7.1528 + abort_egress:
  7.1529 +  
  7.1530 + egress:
  7.1531 +  
  7.1532 +  free(paramText);
  7.1533 +  TCS_FreeMemory(hContext, clear_data_text);
  7.1534 +  
  7.1535 +  return status;
  7.1536 +}
  7.1537 +
  7.1538 +TPM_RESULT VTSP_Bind(   CRYPTO_INFO *cryptoInfo, 
  7.1539 +			const buffer_t *inData, 
  7.1540 +			buffer_t *outData)               
  7.1541 +{
  7.1542 +  vtpmloginfo(VTPM_LOG_VTSP, "Binding %d bytes of data.\n", buffer_len(inData));
  7.1543 +  TPM_BOUND_DATA boundData;
  7.1544 +  UINT32 i;
  7.1545 +  
  7.1546 +  // Fill boundData's accessory information
  7.1547 +  boundData.ver = TPM_STRUCT_VER_1_1;
  7.1548 +  boundData.payload = TPM_PT_BIND;
  7.1549 +  boundData.payloadData = inData->bytes;
  7.1550 +  
  7.1551 +  // Pack boundData before encryption
  7.1552 +  BYTE* flatBoundData = (BYTE *)malloc(sizeof(BYTE) * 
  7.1553 +				       (sizeof(TPM_VERSION) +
  7.1554 +					sizeof(TPM_PAYLOAD_TYPE) +
  7.1555 +					buffer_len(inData)));
  7.1556 +  if (flatBoundData == NULL) {
  7.1557 +    return TPM_NOSPACE;
  7.1558 +  }
  7.1559 +  UINT32 flatBoundDataSize = 0;
  7.1560 +  flatBoundDataSize = BSG_PackList(  flatBoundData, 2, 
  7.1561 +				     BSG_TPM_VERSION, &boundData.ver, 
  7.1562 +				     BSG_TYPE_BYTE, &boundData.payload);
  7.1563 +  
  7.1564 +  memcpy(flatBoundData+flatBoundDataSize, inData->bytes, buffer_len(inData));
  7.1565 +  flatBoundDataSize += buffer_len(inData);
  7.1566 +  
  7.1567 +  BYTE out_tmp[RSA_KEY_SIZE/8]; // RSAEnc does not do blocking, So this is what will come out.
  7.1568 +  UINT32 out_tmp_size;
  7.1569 +  
  7.1570 +  // Encrypt flatBoundData
  7.1571 +  Crypto_RSAEnc( cryptoInfo, 
  7.1572 +		 flatBoundDataSize, 
  7.1573 +		 flatBoundData, 
  7.1574 +		 &out_tmp_size, 
  7.1575 +		 out_tmp);
  7.1576 +  
  7.1577 +  if (out_tmp_size > RSA_KEY_SIZE/8) {
  7.1578 +    // The result of RSAEnc should be a fixed size based on key size.
  7.1579 +    vtpmlogerror(VTPM_LOG_VTSP, "Enc buffer just overflowed.\n");
  7.1580 +  }
  7.1581 +  
  7.1582 +  buffer_init(outData, 0, NULL);
  7.1583 +  buffer_append_raw(outData, out_tmp_size, out_tmp);
  7.1584 +  
  7.1585 +  vtpmloginfo(VTPM_LOG_TXDATA, "Bind Generated[%d] = 0x", out_tmp_size);
  7.1586 +  for(i = 0 ; i < out_tmp_size ; i++) {
  7.1587 +    vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out_tmp[i]);
  7.1588 +  }
  7.1589 +  vtpmloginfomore(VTPM_LOG_TXDATA, "\n");
  7.1590 +  
  7.1591 +  // Free flatBoundData
  7.1592 +  free(flatBoundData);
  7.1593 +  
  7.1594 +  return TPM_SUCCESS;
  7.1595 +}
  7.1596 +
  7.1597 +// Function Reaches into unsupported TCS command, beware.
  7.1598 +TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE    hContext,
  7.1599 +                            const buffer_t *inbuf,
  7.1600 +                            buffer_t *outbuf ) {
  7.1601 +  
  7.1602 +  vtpmloginfo(VTPM_LOG_VTSP, "Passthrough in use.\n");
  7.1603 +  TPM_RESULT status = TPM_SUCCESS;
  7.1604 +  
  7.1605 +  // Generate Extra TCS Parameters
  7.1606 +  BYTE *resultText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH);
  7.1607 +  UINT32 resultTextSize =  TCPA_MAX_BUFFER_LENGTH;
  7.1608 +  
  7.1609 +  // Call TCS                          
  7.1610 +  TPMTRYRETURN( TCSP_RawTransmitData(buffer_len(inbuf), inbuf->bytes, 
  7.1611 +				     &resultTextSize, resultText) );
  7.1612 +  
  7.1613 +  // Unpack/return key structure
  7.1614 +  TPMTRYRETURN(buffer_init (outbuf, resultTextSize, resultText) );                                
  7.1615 +  goto egress;
  7.1616 +  
  7.1617 + abort_egress:
  7.1618 +  
  7.1619 + egress:
  7.1620 +  TCS_FreeMemory(hContext, resultText);
  7.1621 +  free(resultText);
  7.1622 +  return status;
  7.1623 +}
     8.1 --- a/tools/vtpm_manager/manager/vtsp.h	Wed Nov 30 11:36:57 2005 +0100
     8.2 +++ b/tools/vtpm_manager/manager/vtsp.h	Wed Nov 30 12:07:28 2005 +0100
     8.3 @@ -1,102 +1,102 @@
     8.4 -// ===================================================================
     8.5 -// 
     8.6 -// Copyright (c) 2005, Intel Corp.
     8.7 -// All rights reserved.
     8.8 -//
     8.9 -// Redistribution and use in source and binary forms, with or without 
    8.10 -// modification, are permitted provided that the following conditions 
    8.11 -// are met:
    8.12 -//
    8.13 -//   * Redistributions of source code must retain the above copyright 
    8.14 -//     notice, this list of conditions and the following disclaimer.
    8.15 -//   * Redistributions in binary form must reproduce the above 
    8.16 -//     copyright notice, this list of conditions and the following 
    8.17 -//     disclaimer in the documentation and/or other materials provided 
    8.18 -//     with the distribution.
    8.19 -//   * Neither the name of Intel Corporation nor the names of its 
    8.20 -//     contributors may be used to endorse or promote products derived
    8.21 -//     from this software without specific prior written permission.
    8.22 -//
    8.23 -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
    8.24 -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
    8.25 -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
    8.26 -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
    8.27 -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
    8.28 -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    8.29 -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
    8.30 -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    8.31 -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
    8.32 -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
    8.33 -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    8.34 -// OF THE POSSIBILITY OF SUCH DAMAGE.
    8.35 -// ===================================================================
    8.36 -// 
    8.37 -// vtsp.h
    8.38 -// 
    8.39 -//  Higher level interface to TCS.
    8.40 -//
    8.41 -// ==================================================================
    8.42 -
    8.43 -#ifndef __VTSP_H__
    8.44 -#define __VTSP_H__
    8.45 -
    8.46 -#include "tcg.h"
    8.47 -#include "tcs.h"
    8.48 -
    8.49 -#define KEY_BUFFER_SIZE 2048
    8.50 -
    8.51 -TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE    hContext,
    8.52 -                            const buffer_t *inbuf,
    8.53 -                            buffer_t *outbuf );
    8.54 -
    8.55 -TPM_RESULT VTSP_OIAP(  const TCS_CONTEXT_HANDLE hContext,
    8.56 -                       TCS_AUTH *auth);
    8.57 -                       
    8.58 -TPM_RESULT VTSP_OSAP(  const TCS_CONTEXT_HANDLE hContext,
    8.59 -                       const TPM_ENTITY_TYPE entityType,
    8.60 -                       const UINT32 entityValue,
    8.61 -                       const TPM_AUTHDATA *usageAuth,
    8.62 -                       TPM_SECRET *sharedsecret, 
    8.63 -                       TCS_AUTH *auth);
    8.64 -
    8.65 -TPM_RESULT VTSP_ReadPubek(   const TCS_CONTEXT_HANDLE hContext,
    8.66 -                             CRYPTO_INFO *cypto_info);
    8.67 -
    8.68 -TPM_RESULT VTSP_TakeOwnership(   const TCS_CONTEXT_HANDLE hContext,
    8.69 -                                 const TPM_AUTHDATA *ownerAuth, 
    8.70 -                                 const TPM_AUTHDATA *srkAuth,
    8.71 -                                 CRYPTO_INFO *ek_cryptoInfo,
    8.72 -                                 TCS_AUTH *auth);
    8.73 -                               
    8.74 -TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE    hContext,
    8.75 -                                  const TPM_AUTHDATA *ownerAuth, 
    8.76 -                                  TCS_AUTH                    *auth);
    8.77 -                               
    8.78 -TPM_RESULT VTSP_CreateWrapKey(  const TCS_CONTEXT_HANDLE hContext,
    8.79 -                                const TPM_KEY_USAGE      usage,
    8.80 -                                const TPM_AUTHDATA       *newKeyAuth,
    8.81 -                                const TCS_KEY_HANDLE     parentHandle, 
    8.82 -                                const TPM_AUTHDATA       *osapSharedSecret,
    8.83 -                                buffer_t                 *pubKeyBuf,
    8.84 -                                TCS_AUTH                 *auth);
    8.85 -
    8.86 -TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE    hContext,
    8.87 -                        const TCS_KEY_HANDLE        hUnwrappingKey,
    8.88 -                        const buffer_t              *rgbWrappedKeyBlob,
    8.89 -                        const TPM_AUTHDATA          *parentAuth,
    8.90 -                        TPM_HANDLE                  *newKeyHandle,
    8.91 -                        TCS_AUTH                    *pAuth,
    8.92 -                        CRYPTO_INFO                 *cryptoinfo);
    8.93 -
    8.94 -TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE    hContext,
    8.95 -                        const TPM_KEY_HANDLE        key_handle,
    8.96 -                        const buffer_t              *bound_data,
    8.97 -                        const TPM_AUTHDATA          *usage_auth,
    8.98 -                        buffer_t                    *clear_data,
    8.99 -                        TCS_AUTH                    *auth);
   8.100 -                        
   8.101 -TPM_RESULT VTSP_Bind(   CRYPTO_INFO *cryptoInfo,
   8.102 -            const buffer_t *inData, 
   8.103 -            buffer_t *outData);
   8.104 -                        
   8.105 -#endif //_VTSP_H_
   8.106 +// ===================================================================
   8.107 +// 
   8.108 +// Copyright (c) 2005, Intel Corp.
   8.109 +// All rights reserved.
   8.110 +//
   8.111 +// Redistribution and use in source and binary forms, with or without 
   8.112 +// modification, are permitted provided that the following conditions 
   8.113 +// are met:
   8.114 +//
   8.115 +//   * Redistributions of source code must retain the above copyright 
   8.116 +//     notice, this list of conditions and the following disclaimer.
   8.117 +//   * Redistributions in binary form must reproduce the above 
   8.118 +//     copyright notice, this list of conditions and the following 
   8.119 +//     disclaimer in the documentation and/or other materials provided 
   8.120 +//     with the distribution.
   8.121 +//   * Neither the name of Intel Corporation nor the names of its 
   8.122 +//     contributors may be used to endorse or promote products derived
   8.123 +//     from this software without specific prior written permission.
   8.124 +//
   8.125 +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 
   8.126 +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 
   8.127 +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 
   8.128 +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 
   8.129 +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
   8.130 +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   8.131 +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
   8.132 +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   8.133 +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
   8.134 +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
   8.135 +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   8.136 +// OF THE POSSIBILITY OF SUCH DAMAGE.
   8.137 +// ===================================================================
   8.138 +// 
   8.139 +// vtsp.h
   8.140 +// 
   8.141 +//  Higher level interface to TCS.
   8.142 +//
   8.143 +// ==================================================================
   8.144 +
   8.145 +#ifndef __VTSP_H__
   8.146 +#define __VTSP_H__
   8.147 +
   8.148 +#include "tcg.h"
   8.149 +#include "tcs.h"
   8.150 +
   8.151 +#define KEY_BUFFER_SIZE 2048
   8.152 +
   8.153 +TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE    hContext,
   8.154 +                            const buffer_t *inbuf,
   8.155 +                            buffer_t *outbuf );
   8.156 +
   8.157 +TPM_RESULT VTSP_OIAP(  const TCS_CONTEXT_HANDLE hContext,
   8.158 +                       TCS_AUTH *auth);
   8.159 +                       
   8.160 +TPM_RESULT VTSP_OSAP(  const TCS_CONTEXT_HANDLE hContext,
   8.161 +                       const TPM_ENTITY_TYPE entityType,
   8.162 +                       const UINT32 entityValue,
   8.163 +                       const TPM_AUTHDATA *usageAuth,
   8.164 +                       TPM_SECRET *sharedsecret, 
   8.165 +                       TCS_AUTH *auth);
   8.166 +
   8.167 +TPM_RESULT VTSP_ReadPubek(   const TCS_CONTEXT_HANDLE hContext,
   8.168 +                             CRYPTO_INFO *cypto_info);
   8.169 +
   8.170 +TPM_RESULT VTSP_TakeOwnership(   const TCS_CONTEXT_HANDLE hContext,
   8.171 +                                 const TPM_AUTHDATA *ownerAuth, 
   8.172 +                                 const TPM_AUTHDATA *srkAuth,
   8.173 +                                 CRYPTO_INFO *ek_cryptoInfo,
   8.174 +                                 TCS_AUTH *auth);
   8.175 +                               
   8.176 +TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE    hContext,
   8.177 +                                  const TPM_AUTHDATA *ownerAuth, 
   8.178 +                                  TCS_AUTH                    *auth);
   8.179 +                               
   8.180 +TPM_RESULT VTSP_CreateWrapKey(  const TCS_CONTEXT_HANDLE hContext,
   8.181 +                                const TPM_KEY_USAGE      usage,
   8.182 +                                const TPM_AUTHDATA       *newKeyAuth,
   8.183 +                                const TCS_KEY_HANDLE     parentHandle, 
   8.184 +                                const TPM_AUTHDATA       *osapSharedSecret,
   8.185 +                                buffer_t                 *pubKeyBuf,
   8.186 +                                TCS_AUTH                 *auth);
   8.187 +
   8.188 +TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE    hContext,
   8.189 +                        const TCS_KEY_HANDLE        hUnwrappingKey,
   8.190 +                        const buffer_t              *rgbWrappedKeyBlob,
   8.191 +                        const TPM_AUTHDATA          *parentAuth,
   8.192 +                        TPM_HANDLE                  *newKeyHandle,
   8.193 +                        TCS_AUTH                    *pAuth,
   8.194 +                        CRYPTO_INFO                 *cryptoinfo);
   8.195 +
   8.196 +TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE    hContext,
   8.197 +                        const TPM_KEY_HANDLE        key_handle,
   8.198 +                        const buffer_t              *bound_data,
   8.199 +                        const TPM_AUTHDATA          *usage_auth,
   8.200 +                        buffer_t                    *clear_data,
   8.201 +                        TCS_AUTH                    *auth);
   8.202 +                        
   8.203 +TPM_RESULT VTSP_Bind(   CRYPTO_INFO *cryptoInfo,
   8.204 +            const buffer_t *inData, 
   8.205 +            buffer_t *outData);
   8.206 +                        
   8.207 +#endif //_VTSP_H_
     9.1 --- a/tools/vtpm_manager/util/Makefile	Wed Nov 30 11:36:57 2005 +0100
     9.2 +++ b/tools/vtpm_manager/util/Makefile	Wed Nov 30 12:07:28 2005 +0100
     9.3 @@ -1,19 +1,19 @@
     9.4 -XEN_ROOT = ../../..
     9.5 -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
     9.6 -
     9.7 -BIN		= libTCGUtils.a
     9.8 -
     9.9 -all: build
    9.10 -
    9.11 -build: $(BIN)
    9.12 -
    9.13 -install: build
    9.14 -
    9.15 -clean:
    9.16 -	rm -f *.a *.so *.o *.rpm $(DEP_FILES)
    9.17 -
    9.18 -mrproper: clean
    9.19 -	rm -f *~
    9.20 -
    9.21 -$(BIN): $(OBJS)
    9.22 -	$(AR) rcs $(BIN) $(OBJS)
    9.23 +XEN_ROOT = ../../..
    9.24 +include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk
    9.25 +
    9.26 +BIN		= libTCGUtils.a
    9.27 +
    9.28 +all: build
    9.29 +
    9.30 +build: $(BIN)
    9.31 +
    9.32 +install: build
    9.33 +
    9.34 +clean:
    9.35 +	rm -f *.a *.so *.o *.rpm $(DEP_FILES)
    9.36 +
    9.37 +mrproper: clean
    9.38 +	rm -f *~
    9.39 +
    9.40 +$(BIN): $(OBJS)
    9.41 +	$(AR) rcs $(BIN) $(OBJS)
    10.1 --- a/tools/vtpm_manager/util/depend	Wed Nov 30 11:36:57 2005 +0100
    10.2 +++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
    10.3 @@ -1,7 +0,0 @@
    10.4 -hashtable.o: hashtable.c hashtable.h hashtable_private.h
    10.5 -hashtable_itr.o: hashtable_itr.c hashtable.h hashtable_private.h \
    10.6 -  hashtable_itr.h
    10.7 -bsg.o: bsg.c tcg.h ../crypto/crypto.h ../crypto/sym_crypto.h buffer.h \
    10.8 -  bsg.h log.h
    10.9 -log.o: log.c buffer.h tcg.h
   10.10 -buffer.o: buffer.c tcg.h bsg.h buffer.h