Xen project Mailing List

[Xen-changelog] Removes the carriage returns from some of the vtpm

From: Xen patchbot -unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>

Date: Wed, 30 Nov 2005 13:20:06 +0000

Delivery-date: Wed, 30 Nov 2005 13:20:21 +0000

List-id: BK change log <xen-changelog.lists.xensource.com>

# HG changeset patch # User kaf24@xxxxxxxxxxxxxxxxxxxx # Node ID 3399f4b9396a907890d2bc86e0b918d1ac7d7ab6 # Parent d963256dc3e0e823f1bf1842d5c4b83d698df1b9 Removes the carriage returns from some of the vtpm source files that were edited in windows at some point. Signed-off-by: Vinnie Scarlata <vincent.r.scarlata@xxxxxxxxx> diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/crypto/Makefile --- a/tools/vtpm_manager/crypto/Makefile Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/crypto/Makefile Wed Nov 30 11:07:28 2005 @@ -1,19 +1,19 @@ -XEN_ROOT = ../../.. -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk - -BIN = libtcpaCrypto.a - -all: build - -build: $(BIN) - -install: build - -clean: - rm -f *.a *.so *.o *.rpm $(DEP_FILES) - -mrproper: clean - rm -f *~ - -$(BIN): $(OBJS) - $(AR) rcs $(BIN) $(OBJS) +XEN_ROOT = ../../.. +include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk + +BIN = libtcpaCrypto.a + +all: build + +build: $(BIN) + +install: build + +clean: + rm -f *.a *.so *.o *.rpm $(DEP_FILES) + +mrproper: clean + rm -f *~ + +$(BIN): $(OBJS) + $(AR) rcs $(BIN) $(OBJS) diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/Makefile --- a/tools/vtpm_manager/manager/Makefile Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/manager/Makefile Wed Nov 30 11:07:28 2005 @@ -1,27 +1,27 @@ -XEN_ROOT = ../../.. -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk - -BIN = vtpm_managerd - -all: build - -build: $(BIN) - -install: build - if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \ - then mkdir -p $(DESTDIR)/var/vtpm/fifos; \ - fi - $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR) - -clean: - rm -f *.a *.so *.o *.rpm $(DEP_FILES) - -mrproper: clean - rm -f $(BIN) *~ - -$(BIN): $(OBJS) - $(CC) $(LDFLAGS) $^ $(LIBS) -o $@ - -# libraries -LIBS += ../tcs/libTCS.a ../util/libTCGUtils.a ../crypto/libtcpaCrypto.a -LIBS += -lcrypto -lpthread -lrt -lm +XEN_ROOT = ../../.. +include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk + +BIN = vtpm_managerd + +all: build + +build: $(BIN) + +install: build + if [ ! -d "$(DESTDIR)/var/vtpm/fifos" ]; \ + then mkdir -p $(DESTDIR)/var/vtpm/fifos; \ + fi + $(INSTALL_PROG) $(BIN) $(TOOLS_INSTALL_DIR) + +clean: + rm -f *.a *.so *.o *.rpm $(DEP_FILES) + +mrproper: clean + rm -f $(BIN) *~ + +$(BIN): $(OBJS) + $(CC) $(LDFLAGS) $^ $(LIBS) -o $@ + +# libraries +LIBS += ../tcs/libTCS.a ../util/libTCGUtils.a ../crypto/libtcpaCrypto.a +LIBS += -lcrypto -lpthread -lrt -lm diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/tpmpassthrough.c --- a/tools/vtpm_manager/manager/tpmpassthrough.c Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/manager/tpmpassthrough.c Wed Nov 30 11:07:28 2005 @@ -1,110 +1,110 @@ -// =================================================================== -// -// Copyright (c) 2005, Intel Corp. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// * Neither the name of Intel Corporation nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. -// =================================================================== -// -// tpmpassthrough.c -// -// Functions regarding passing DMI requests to HWTPM -// -// ================================================================== - -#include "tcg.h" -#include "vtpm_manager.h" -#include "vtpmpriv.h" -#include "vtsp.h" -#include "log.h" - -TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi, - buffer_t *inbuf, - buffer_t *outbuf) { - - TPM_RESULT status = TPM_SUCCESS; - TPM_COMMAND_CODE *ord; - - ord = (TPM_COMMAND_CODE *) (inbuf->bytes + sizeof(TPM_TAG) + sizeof(UINT32)); - - switch (*ord) { - - // Forbidden for DMI use - case TPM_ORD_TakeOwnership: - case TPM_ORD_ChangeAuthOwner: - case TPM_ORD_DirWriteAuth: - case TPM_ORD_DirRead: - case TPM_ORD_AuthorizeMigrationKey: - case TPM_ORD_CreateMaintenanceArchive: - case TPM_ORD_LoadMaintenanceArchive: - case TPM_ORD_KillMaintenanceFeature: - case TPM_ORD_LoadManuMaintPub: - case TPM_ORD_ReadManuMaintPub: - case TPM_ORD_SelfTestFull: - case TPM_ORD_SelfTestStartup: - case TPM_ORD_CertifySelfTest: - case TPM_ORD_ContinueSelfTest: - case TPM_ORD_GetTestResult: - case TPM_ORD_Reset: - case TPM_ORD_OwnerClear: - case TPM_ORD_DisableOwnerClear: - case TPM_ORD_ForceClear: - case TPM_ORD_DisableForceClear: - case TPM_ORD_GetCapabilityOwner: - case TPM_ORD_OwnerSetDisable: - case TPM_ORD_PhysicalEnable: - case TPM_ORD_PhysicalDisable: - case TPM_ORD_SetOwnerInstall: - case TPM_ORD_PhysicalSetDeactivated: - case TPM_ORD_SetTempDeactivated: - case TPM_ORD_CreateEndorsementKeyPair: - case TPM_ORD_GetAuditEvent: - case TPM_ORD_GetAuditEventSigned: - case TPM_ORD_GetOrdinalAuditStatus: - case TPM_ORD_SetOrdinalAuditStatus: - case TPM_ORD_SetRedirection: - case TPM_ORD_FieldUpgrade: - case TSC_ORD_PhysicalPresence: - status = TPM_DISABLED_CMD; - goto abort_egress; - break; - - } // End ORD Switch - - // Call TCS with command - - TPMTRY(TPM_IOERROR, VTSP_RawTransmit( dmi->TCSContext,inbuf, outbuf) ); - - goto egress; - - abort_egress: - vtpmloginfo(VTPM_LOG_VTPM, "TPM Command Failed in tpmpassthrough.\n"); - egress: - - return status; -} +// =================================================================== +// +// Copyright (c) 2005, Intel Corp. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Intel Corporation nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. +// =================================================================== +// +// tpmpassthrough.c +// +// Functions regarding passing DMI requests to HWTPM +// +// ================================================================== + +#include "tcg.h" +#include "vtpm_manager.h" +#include "vtpmpriv.h" +#include "vtsp.h" +#include "log.h" + +TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi, + buffer_t *inbuf, + buffer_t *outbuf) { + + TPM_RESULT status = TPM_SUCCESS; + TPM_COMMAND_CODE *ord; + + ord = (TPM_COMMAND_CODE *) (inbuf->bytes + sizeof(TPM_TAG) + sizeof(UINT32)); + + switch (*ord) { + + // Forbidden for DMI use + case TPM_ORD_TakeOwnership: + case TPM_ORD_ChangeAuthOwner: + case TPM_ORD_DirWriteAuth: + case TPM_ORD_DirRead: + case TPM_ORD_AuthorizeMigrationKey: + case TPM_ORD_CreateMaintenanceArchive: + case TPM_ORD_LoadMaintenanceArchive: + case TPM_ORD_KillMaintenanceFeature: + case TPM_ORD_LoadManuMaintPub: + case TPM_ORD_ReadManuMaintPub: + case TPM_ORD_SelfTestFull: + case TPM_ORD_SelfTestStartup: + case TPM_ORD_CertifySelfTest: + case TPM_ORD_ContinueSelfTest: + case TPM_ORD_GetTestResult: + case TPM_ORD_Reset: + case TPM_ORD_OwnerClear: + case TPM_ORD_DisableOwnerClear: + case TPM_ORD_ForceClear: + case TPM_ORD_DisableForceClear: + case TPM_ORD_GetCapabilityOwner: + case TPM_ORD_OwnerSetDisable: + case TPM_ORD_PhysicalEnable: + case TPM_ORD_PhysicalDisable: + case TPM_ORD_SetOwnerInstall: + case TPM_ORD_PhysicalSetDeactivated: + case TPM_ORD_SetTempDeactivated: + case TPM_ORD_CreateEndorsementKeyPair: + case TPM_ORD_GetAuditEvent: + case TPM_ORD_GetAuditEventSigned: + case TPM_ORD_GetOrdinalAuditStatus: + case TPM_ORD_SetOrdinalAuditStatus: + case TPM_ORD_SetRedirection: + case TPM_ORD_FieldUpgrade: + case TSC_ORD_PhysicalPresence: + status = TPM_DISABLED_CMD; + goto abort_egress; + break; + + } // End ORD Switch + + // Call TCS with command + + TPMTRY(TPM_IOERROR, VTSP_RawTransmit( dmi->TCSContext,inbuf, outbuf) ); + + goto egress; + + abort_egress: + vtpmloginfo(VTPM_LOG_VTPM, "TPM Command Failed in tpmpassthrough.\n"); + egress: + + return status; +} diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtpm_manager.h --- a/tools/vtpm_manager/manager/vtpm_manager.h Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/manager/vtpm_manager.h Wed Nov 30 11:07:28 2005 @@ -1,137 +1,137 @@ -// =================================================================== -// -// Copyright (c) 2005, Intel Corp. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// * Neither the name of Intel Corporation nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. -// =================================================================== -// -// vtpm_manager.h -// -// Public Interface header for VTPM Manager -// -// ================================================================== - -#ifndef __VTPM_MANAGER_H__ -#define __VTPM_MANAGER_H__ - -#include "tcg.h" - -#define VTPM_TAG_REQ 0x01c1 -#define VTPM_TAG_RSP 0x01c4 -#define COMMAND_BUFFER_SIZE 4096 - -// Header sizes. Note Header MAY include the DMI -#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) -#define VTPM_COMMAND_HEADER_SIZE_CLT ( sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) - -// ********************** Public Functions ************************* -TPM_RESULT VTPM_Init_Service(); // Start VTPM Service -void VTPM_Stop_Service(); // Stop VTPM Service -#ifdef VTPM_MULTI_VM -int VTPM_Service_Handler(); -#else -void *VTPM_Service_Handler(void *threadTypePtr); -#endif - -//************************ Command Codes **************************** -#define VTPM_ORD_OPEN 1 // ULM Creates New DMI -#define VTPM_ORD_CLOSE 2 // ULM Closes a DMI -#define VTPM_ORD_DELETE 3 // ULM Permemently Deletes DMI -#define VTPM_ORD_SAVENVM 4 // DMI requests Secrets Unseal -#define VTPM_ORD_LOADNVM 5 // DMI requests Secrets Saved -#define VTPM_ORD_TPMCOMMAND 6 // DMI issues HW TPM Command - -//************************ Return Codes **************************** -#define VTPM_SUCCESS 0 -#define VTPM_FAIL 1 -#define VTPM_UNSUPPORTED 2 -#define VTPM_FORBIDDEN 3 -#define VTPM_RESTORE_CONTEXT_FAILED 4 -#define VTPM_INVALID_REQUEST 5 - -/******************* Command Parameter API ************************* - -VTPM Command Format - dmi: 4 bytes // Source of message. - // WARNING: This is prepended by the channel. - // Thus it is received by VTPM Manager, - // but not sent by DMI - tpm tag: 2 bytes - command size: 4 bytes // Size of command including header but not DMI - ord: 4 bytes // Command ordinal above - parameters: size - 10 bytes // Command Parameter - -VTPM Response Format - tpm tag: 2 bytes - response_size: 4 bytes - status: 4 bytes - parameters: size - 10 bytes - - -VTPM_Open: - Input Parameters: - Domain_type: 1 byte - domain_id: 4 bytes - instance_id: 4 bytes - Output Parameters: - None - -VTPM_Close - Input Parameters: - instance_id: 4 bytes - Output Parameters: - None - -VTPM_Delete - Input Parameters: - instance_id: 4 bytes - Output Parameters: - None - -VTPM_SaveNVM - Input Parameters: - data: n bytes (Header indicates size of data) - Output Parameters: - None - -VTPM_LoadNVM - Input Parameters: - None - Output Parameters: - data: n bytes (Header indicates size of data) - -VTPM_TPMCommand - Input Parameters: - TPM Command Byte Stream: n bytes - Output Parameters: - TPM Reponse Byte Stream: n bytes - -*********************************************************************/ - -#endif //_VTPM_MANAGER_H_ +// =================================================================== +// +// Copyright (c) 2005, Intel Corp. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Intel Corporation nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. +// =================================================================== +// +// vtpm_manager.h +// +// Public Interface header for VTPM Manager +// +// ================================================================== + +#ifndef __VTPM_MANAGER_H__ +#define __VTPM_MANAGER_H__ + +#include "tcg.h" + +#define VTPM_TAG_REQ 0x01c1 +#define VTPM_TAG_RSP 0x01c4 +#define COMMAND_BUFFER_SIZE 4096 + +// Header sizes. Note Header MAY include the DMI +#define VTPM_COMMAND_HEADER_SIZE_SRV ( sizeof(UINT32) + sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) +#define VTPM_COMMAND_HEADER_SIZE_CLT ( sizeof(TPM_TAG) + sizeof(UINT32) + sizeof(TPM_COMMAND_CODE)) + +// ********************** Public Functions ************************* +TPM_RESULT VTPM_Init_Service(); // Start VTPM Service +void VTPM_Stop_Service(); // Stop VTPM Service +#ifdef VTPM_MULTI_VM +int VTPM_Service_Handler(); +#else +void *VTPM_Service_Handler(void *threadTypePtr); +#endif + +//************************ Command Codes **************************** +#define VTPM_ORD_OPEN 1 // ULM Creates New DMI +#define VTPM_ORD_CLOSE 2 // ULM Closes a DMI +#define VTPM_ORD_DELETE 3 // ULM Permemently Deletes DMI +#define VTPM_ORD_SAVENVM 4 // DMI requests Secrets Unseal +#define VTPM_ORD_LOADNVM 5 // DMI requests Secrets Saved +#define VTPM_ORD_TPMCOMMAND 6 // DMI issues HW TPM Command + +//************************ Return Codes **************************** +#define VTPM_SUCCESS 0 +#define VTPM_FAIL 1 +#define VTPM_UNSUPPORTED 2 +#define VTPM_FORBIDDEN 3 +#define VTPM_RESTORE_CONTEXT_FAILED 4 +#define VTPM_INVALID_REQUEST 5 + +/******************* Command Parameter API ************************* + +VTPM Command Format + dmi: 4 bytes // Source of message. + // WARNING: This is prepended by the channel. + // Thus it is received by VTPM Manager, + // but not sent by DMI + tpm tag: 2 bytes + command size: 4 bytes // Size of command including header but not DMI + ord: 4 bytes // Command ordinal above + parameters: size - 10 bytes // Command Parameter + +VTPM Response Format + tpm tag: 2 bytes + response_size: 4 bytes + status: 4 bytes + parameters: size - 10 bytes + + +VTPM_Open: + Input Parameters: + Domain_type: 1 byte + domain_id: 4 bytes + instance_id: 4 bytes + Output Parameters: + None + +VTPM_Close + Input Parameters: + instance_id: 4 bytes + Output Parameters: + None + +VTPM_Delete + Input Parameters: + instance_id: 4 bytes + Output Parameters: + None + +VTPM_SaveNVM + Input Parameters: + data: n bytes (Header indicates size of data) + Output Parameters: + None + +VTPM_LoadNVM + Input Parameters: + None + Output Parameters: + data: n bytes (Header indicates size of data) + +VTPM_TPMCommand + Input Parameters: + TPM Command Byte Stream: n bytes + Output Parameters: + TPM Reponse Byte Stream: n bytes + +*********************************************************************/ + +#endif //_VTPM_MANAGER_H_ diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtpmd.c --- a/tools/vtpm_manager/manager/vtpmd.c Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/manager/vtpmd.c Wed Nov 30 11:07:28 2005 @@ -1,134 +1,134 @@ -// =================================================================== -// -// Copyright (c) 2005, Intel Corp. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// * Neither the name of Intel Corporation nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. -// =================================================================== -// -// vtpmd.c -// -// Application -// -// =================================================================== - -#include <stdio.h> -#include <signal.h> -#include <sys/types.h> -#include <unistd.h> -#include "vtpm_manager.h" -#include "vtpmpriv.h" -#include "tcg.h" -#include "log.h" - -#ifndef VTPM_MULTI_VM - #include <pthread.h> -#endif - -void signal_handler(int reason) { -#ifndef VTPM_MULTI_VM - - if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) { - if (reason >= 0) { // Reason is a signal - vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal %d.\n", reason); - } else {// Reason is a TPM_RESULT * -1 - vtpmloginfo(VTPM_LOG_VTPM,"VTPM Manager shuting down for: %s\n", tpm_get_error_name(-1 * reason) ); - } - - return; - } else { - vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n"); - pthread_exit(NULL); - } -#else - VTPM_Stop_Service(); - exit(-1); -#endif -} - -struct sigaction ctl_c_handler; - -int main(int argc, char **argv) { - - vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n"); - - if (VTPM_Init_Service() != TPM_SUCCESS) { - vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during startup.\n"); - return -1; - } - - ctl_c_handler.sa_handler = signal_handler; - sigemptyset(&ctl_c_handler.sa_mask); - ctl_c_handler.sa_flags = 0; - - if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1) - vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break will not stop service gently.\n"); - - // For easier debuggin with gdb - if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1) - vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break will not stop service gently.\n"); - -#ifdef VTPM_MULTI_VM - TPM_RESULT status = VTPM_Service_Handler(); - - if (status != TPM_SUCCESS) - vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager exited with status %s. It never should exit.\n", tpm_get_error_name(status)); - - return -1; -#else - sigset_t sig_mask; - - sigemptyset(&sig_mask); - sigaddset(&sig_mask, SIGPIPE); - sigprocmask(SIG_BLOCK, &sig_mask, NULL); - //pthread_mutex_init(&vtpm_globals->dmi_mutex, NULL); - pthread_t be_thread, dmi_thread; - int betype_be, dmitype_dmi; - - vtpm_globals->master_pid = pthread_self(); - - betype_be = BE_LISTENER_THREAD; - if (pthread_create(&be_thread, NULL, VTPM_Service_Handler, &betype_be) != 0) { - vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n"); - exit(-1); - } - - dmitype_dmi = DMI_LISTENER_THREAD; - if (pthread_create(&dmi_thread, NULL, VTPM_Service_Handler, &dmitype_dmi) != 0) { - vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n"); - exit(-1); - } - - //Join the other threads until exit time. - pthread_join(be_thread, NULL); - pthread_join(dmi_thread, NULL); - - VTPM_Stop_Service(); - return 0; -#endif -} +// =================================================================== +// +// Copyright (c) 2005, Intel Corp. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Intel Corporation nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. +// =================================================================== +// +// vtpmd.c +// +// Application +// +// =================================================================== + +#include <stdio.h> +#include <signal.h> +#include <sys/types.h> +#include <unistd.h> +#include "vtpm_manager.h" +#include "vtpmpriv.h" +#include "tcg.h" +#include "log.h" + +#ifndef VTPM_MULTI_VM + #include <pthread.h> +#endif + +void signal_handler(int reason) { +#ifndef VTPM_MULTI_VM + + if (pthread_equal(pthread_self(), vtpm_globals->master_pid)) { + if (reason >= 0) { // Reason is a signal + vtpmloginfo(VTPM_LOG_VTPM, "VTPM Manager shutting down for signal %d.\n", reason); + } else {// Reason is a TPM_RESULT * -1 + vtpmloginfo(VTPM_LOG_VTPM,"VTPM Manager shuting down for: %s\n", tpm_get_error_name(-1 * reason) ); + } + + return; + } else { + vtpmloginfo(VTPM_LOG_VTPM, "Child shutting down\n"); + pthread_exit(NULL); + } +#else + VTPM_Stop_Service(); + exit(-1); +#endif +} + +struct sigaction ctl_c_handler; + +int main(int argc, char **argv) { + + vtpmloginfo(VTPM_LOG_VTPM, "Starting VTPM.\n"); + + if (VTPM_Init_Service() != TPM_SUCCESS) { + vtpmlogerror(VTPM_LOG_VTPM, "Closing vtpmd due to error during startup.\n"); + return -1; + } + + ctl_c_handler.sa_handler = signal_handler; + sigemptyset(&ctl_c_handler.sa_mask); + ctl_c_handler.sa_flags = 0; + + if (sigaction(SIGINT, &ctl_c_handler, NULL) == -1) + vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGINT handler. Ctl+break will not stop service gently.\n"); + + // For easier debuggin with gdb + if (sigaction(SIGHUP, &ctl_c_handler, NULL) == -1) + vtpmlogerror(VTPM_LOG_VTPM, "Could not install SIGHUP handler. Ctl+break will not stop service gently.\n"); + +#ifdef VTPM_MULTI_VM + TPM_RESULT status = VTPM_Service_Handler(); + + if (status != TPM_SUCCESS) + vtpmlogerror(VTPM_LOG_VTPM, "VTPM Manager exited with status %s. It never should exit.\n", tpm_get_error_name(status)); + + return -1; +#else + sigset_t sig_mask; + + sigemptyset(&sig_mask); + sigaddset(&sig_mask, SIGPIPE); + sigprocmask(SIG_BLOCK, &sig_mask, NULL); + //pthread_mutex_init(&vtpm_globals->dmi_mutex, NULL); + pthread_t be_thread, dmi_thread; + int betype_be, dmitype_dmi; + + vtpm_globals->master_pid = pthread_self(); + + betype_be = BE_LISTENER_THREAD; + if (pthread_create(&be_thread, NULL, VTPM_Service_Handler, &betype_be) != 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch BE Thread.\n"); + exit(-1); + } + + dmitype_dmi = DMI_LISTENER_THREAD; + if (pthread_create(&dmi_thread, NULL, VTPM_Service_Handler, &dmitype_dmi) != 0) { + vtpmlogerror(VTPM_LOG_VTPM, "Failed to launch DMI Thread.\n"); + exit(-1); + } + + //Join the other threads until exit time. + pthread_join(be_thread, NULL); + pthread_join(dmi_thread, NULL); + + VTPM_Stop_Service(); + return 0; +#endif +} diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtpmpriv.h --- a/tools/vtpm_manager/manager/vtpmpriv.h Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/manager/vtpmpriv.h Wed Nov 30 11:07:28 2005 @@ -1,151 +1,151 @@ -// =================================================================== -// -// Copyright (c) 2005, Intel Corp. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// * Neither the name of Intel Corporation nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. -// =================================================================== -// -// vtpmpriv.h -// -// Structures and functions private to the manager -// -// ================================================================== - -#ifndef __VTPMPRIV_H__ -#define __VTPMPRIV_H__ - -#include "tcg.h" -#include "tcs.h" -#include "buffer.h" -#include "crypto.h" - -#define STATE_FILE "/var/vtpm/VTPM" -#define DMI_NVM_FILE "/var/vtpm/vtpm_dm_%d.data" -#define VTPM_BE_DEV "/dev/vtpm0" -#define VTPM_CTL_DM 0 - -#ifndef VTPM_MUTLI_VM - #include <sys/types.h> - #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo" - #define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo" - - #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm-to-%d.fifo" - #define VTPM_RX_FIFO "/var/vtpm/fifos/vtpm-from-all.fifo" - - #define BE_LISTENER_THREAD 1 - #define DMI_LISTENER_THREAD 2 - - // Seconds until DMI timeout. Timeouts result in DMI being out - // of sync, which may require a reboot of DMI and guest to recover - // from. Don't set this to low. Also note that DMI may issue a TPM - // call so we should expect time to process at DMI + TPM processing. - #define DMI_TIMEOUT 90 -#endif - - -// ------------------------ Private Structures ----------------------- -typedef struct VTPM_DMI_RESOURCE_T { - // I/O info for Manager to talk to DMI's over FIFOs -#ifndef VTPM_MUTLI_VM - int guest_tx_fh; // open GUEST_TX_FIFO - int vtpm_tx_fh; // open VTPM_TX_FIFO - char *guest_tx_fname; // open GUEST_TX_FIFO - char *vtpm_tx_fname; // open VTPM_TX_FIFO - - pid_t dmi_pid; -#endif - // Non-persistent Information - bool connected; - UINT32 dmi_domain_id; - TCS_CONTEXT_HANDLE TCSContext; // TCS Handle - char *NVMLocation; // NULL term string indicating location - // of NVM. - // Persistent Information about DMI - UINT32 dmi_id; - TPM_DIGEST NVM_measurement; // Equal to the SHA1 of the blob - TPM_DIGEST DMI_measurement; // Correct measurement of the owning DMI -} VTPM_DMI_RESOURCE; - -typedef struct tdVTPM_GLOBALS { - // Non-persistent data - int be_fh; // File handle to ipc used to communicate with backend -#ifndef VTPM_MULTI_VM - int vtpm_rx_fh; - int guest_rx_fh; - - pid_t master_pid; -#endif - struct hashtable *dmi_map; // Table of all DMI's known indexed by persistent instance # -#ifndef VTPM_MULTI_VM - pthread_mutex_t dmi_map_mutex; // -#endif - TCS_CONTEXT_HANDLE manager_tcs_handle; // TCS Handle used by manager - TPM_HANDLE storageKeyHandle; // Key used by persistent store - CRYPTO_INFO storageKey; // For software encryption - TCS_AUTH keyAuth; // OIAP session for storageKey - BOOL DMI_table_dirty; // Indicates that a command - // has updated the DMI table - - - // Persistent Data - TPM_AUTHDATA owner_usage_auth; // OwnerAuth of real TPM - TPM_AUTHDATA srk_usage_auth; // SRK Auth of real TPM - buffer_t storageKeyWrap; // Wrapped copy of storageKey - - TPM_AUTHDATA storage_key_usage_auth; - -}VTPM_GLOBALS; - -//Global dmi map -extern VTPM_GLOBALS *vtpm_globals; - -// ********************** Command Handler Prototypes *********************** -TPM_RESULT VTPM_Handle_Load_NVM( VTPM_DMI_RESOURCE *myDMI, - const buffer_t *inbuf, - buffer_t *outbuf); - -TPM_RESULT VTPM_Handle_Save_NVM( VTPM_DMI_RESOURCE *myDMI, - const buffer_t *inbuf, - buffer_t *outbuf); - -TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi, - buffer_t *inbuf, - buffer_t *outbuf); - -TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf); - -TPM_RESULT VTPM_Handle_Close_DMI(const buffer_t *param_buf); - -TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf); - -TPM_RESULT VTPM_SaveService(void); -TPM_RESULT VTPM_LoadService(void); - -TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res); -#endif // __VTPMPRIV_H__ +// =================================================================== +// +// Copyright (c) 2005, Intel Corp. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Intel Corporation nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. +// =================================================================== +// +// vtpmpriv.h +// +// Structures and functions private to the manager +// +// ================================================================== + +#ifndef __VTPMPRIV_H__ +#define __VTPMPRIV_H__ + +#include "tcg.h" +#include "tcs.h" +#include "buffer.h" +#include "crypto.h" + +#define STATE_FILE "/var/vtpm/VTPM" +#define DMI_NVM_FILE "/var/vtpm/vtpm_dm_%d.data" +#define VTPM_BE_DEV "/dev/vtpm0" +#define VTPM_CTL_DM 0 + +#ifndef VTPM_MUTLI_VM + #include <sys/types.h> + #define GUEST_TX_FIFO "/var/vtpm/fifos/guest-to-%d.fifo" + #define GUEST_RX_FIFO "/var/vtpm/fifos/guest-from-all.fifo" + + #define VTPM_TX_FIFO "/var/vtpm/fifos/vtpm-to-%d.fifo" + #define VTPM_RX_FIFO "/var/vtpm/fifos/vtpm-from-all.fifo" + + #define BE_LISTENER_THREAD 1 + #define DMI_LISTENER_THREAD 2 + + // Seconds until DMI timeout. Timeouts result in DMI being out + // of sync, which may require a reboot of DMI and guest to recover + // from. Don't set this to low. Also note that DMI may issue a TPM + // call so we should expect time to process at DMI + TPM processing. + #define DMI_TIMEOUT 90 +#endif + + +// ------------------------ Private Structures ----------------------- +typedef struct VTPM_DMI_RESOURCE_T { + // I/O info for Manager to talk to DMI's over FIFOs +#ifndef VTPM_MUTLI_VM + int guest_tx_fh; // open GUEST_TX_FIFO + int vtpm_tx_fh; // open VTPM_TX_FIFO + char *guest_tx_fname; // open GUEST_TX_FIFO + char *vtpm_tx_fname; // open VTPM_TX_FIFO + + pid_t dmi_pid; +#endif + // Non-persistent Information + bool connected; + UINT32 dmi_domain_id; + TCS_CONTEXT_HANDLE TCSContext; // TCS Handle + char *NVMLocation; // NULL term string indicating location + // of NVM. + // Persistent Information about DMI + UINT32 dmi_id; + TPM_DIGEST NVM_measurement; // Equal to the SHA1 of the blob + TPM_DIGEST DMI_measurement; // Correct measurement of the owning DMI +} VTPM_DMI_RESOURCE; + +typedef struct tdVTPM_GLOBALS { + // Non-persistent data + int be_fh; // File handle to ipc used to communicate with backend +#ifndef VTPM_MULTI_VM + int vtpm_rx_fh; + int guest_rx_fh; + + pid_t master_pid; +#endif + struct hashtable *dmi_map; // Table of all DMI's known indexed by persistent instance # +#ifndef VTPM_MULTI_VM + pthread_mutex_t dmi_map_mutex; // +#endif + TCS_CONTEXT_HANDLE manager_tcs_handle; // TCS Handle used by manager + TPM_HANDLE storageKeyHandle; // Key used by persistent store + CRYPTO_INFO storageKey; // For software encryption + TCS_AUTH keyAuth; // OIAP session for storageKey + BOOL DMI_table_dirty; // Indicates that a command + // has updated the DMI table + + + // Persistent Data + TPM_AUTHDATA owner_usage_auth; // OwnerAuth of real TPM + TPM_AUTHDATA srk_usage_auth; // SRK Auth of real TPM + buffer_t storageKeyWrap; // Wrapped copy of storageKey + + TPM_AUTHDATA storage_key_usage_auth; + +}VTPM_GLOBALS; + +//Global dmi map +extern VTPM_GLOBALS *vtpm_globals; + +// ********************** Command Handler Prototypes *********************** +TPM_RESULT VTPM_Handle_Load_NVM( VTPM_DMI_RESOURCE *myDMI, + const buffer_t *inbuf, + buffer_t *outbuf); + +TPM_RESULT VTPM_Handle_Save_NVM( VTPM_DMI_RESOURCE *myDMI, + const buffer_t *inbuf, + buffer_t *outbuf); + +TPM_RESULT VTPM_Handle_TPM_Command( VTPM_DMI_RESOURCE *dmi, + buffer_t *inbuf, + buffer_t *outbuf); + +TPM_RESULT VTPM_Handle_New_DMI(const buffer_t *param_buf); + +TPM_RESULT VTPM_Handle_Close_DMI(const buffer_t *param_buf); + +TPM_RESULT VTPM_Handle_Delete_DMI(const buffer_t *param_buf); + +TPM_RESULT VTPM_SaveService(void); +TPM_RESULT VTPM_LoadService(void); + +TPM_RESULT close_dmi( VTPM_DMI_RESOURCE *dmi_res); +#endif // __VTPMPRIV_H__ diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtsp.c --- a/tools/vtpm_manager/manager/vtsp.c Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/manager/vtsp.c Wed Nov 30 11:07:28 2005 @@ -1,810 +1,810 @@ -// =================================================================== -// -// Copyright (c) 2005, Intel Corp. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// * Neither the name of Intel Corporation nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. -// =================================================================== -// -// vtsp.c -// -// Higher level interface to TCS for use in service. -// -// ================================================================== - -#include <string.h> -#include "tcg.h" -#include "tcs.h" -#include "bsg.h" -#include "log.h" -#include "crypto.h" -#include "vtsp.h" -#include "buffer.h" - -#define RSA_KEY_SIZE 0x0800 - -/*********************************************************************************** - * GenerateAuth: Generate authorization info to be sent back to application - * - * Parameters: outParamDigestText The concatenation of output parameters to be SHA1ed - * outParamDigestTextSize Size of inParamDigestText - * HMACkey Key to be used for HMACing - * For OIAP use key.authUsage or PersistStore.ownerAuth - * For OSAP use shared secret - * pAuth Authorization information from the application - * - * Return: TPM_SUCCESS Authorization data created - * TPM_AUTHFAIL Invalid (NULL) HMACkey presented for OSAP - *************************************************************************************/ -TPM_RESULT GenerateAuth( /*[IN]*/ const BYTE *inParamDigestText, - /*[IN]*/ UINT32 inParamDigestTextSize, - /*[IN]*/ const TPM_SECRET *HMACkey, - /*[IN,OUT]*/ TCS_AUTH *auth) { - - if (inParamDigestText == NULL || auth == NULL) - return (TPM_AUTHFAIL); - else { - - //Generate new OddNonce - Crypto_GetRandom(auth->NonceOdd.nonce, sizeof(TPM_NONCE)); - - // Create SHA1 inParamDigest - TPM_DIGEST inParamDigest; - Crypto_SHA1Full(inParamDigestText, inParamDigestTextSize, (BYTE *) &inParamDigest); - - // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). - BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; - - BSG_PackList( hmacText, 4, - BSG_TPM_DIGEST, &inParamDigest, - BSG_TPM_NONCE, &(auth->NonceEven), - BSG_TPM_NONCE, &(auth->NonceOdd), - BSG_TYPE_BOOL, &(auth->fContinueAuthSession) ); - - Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &(auth->HMAC)); - - return(TPM_SUCCESS); - - } -} - -/*********************************************************************************** - * VerifyAuth: Verify the authdata for a command requiring authorization - * - * Parameters: inParamDigestText The concatenation of parameters to be SHA1ed - * inParamDigestTextSize Size of inParamDigestText - * authDataUsage AuthDataUsage for the Entity being used - * Key->authDataUsage or TPM_AUTH_OWNER - * HMACkey Key to be used for HMACing - * For OIAP use key.authUsage or PersistStore.ownerAuth - * For OSAP use NULL (It will be aquired from the Auth Session) - * If unknown (default), assume OIAP - * sessionAuth A TCS_AUTH info for the session - * pAuth Authorization information from the application - * hContext If specified, on failed Auth, VerifyAuth will - * generate a new OIAP session in place of themselves - * destroyed session. - * - * Return: TPM_SUCCESS Authorization Verified - * TPM_AUTHFAIL Authorization Failed - * TPM_FAIL Failure during SHA1 routines - *************************************************************************************/ -TPM_RESULT VerifyAuth( /*[IN]*/ const BYTE *outParamDigestText, - /*[IN]*/ UINT32 outParamDigestTextSize, - /*[IN]*/ const TPM_SECRET *HMACkey, - /*[IN,OUT]*/ TCS_AUTH *auth, - /*[IN]*/ TCS_CONTEXT_HANDLE hContext) { - if (outParamDigestText == NULL || auth == NULL) - return (TPM_AUTHFAIL); - - - // Create SHA1 inParamDigest - TPM_DIGEST outParamDigest; - Crypto_SHA1Full(outParamDigestText, outParamDigestTextSize, (BYTE *) &outParamDigest); - - // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). - TPM_DIGEST hm; - BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; - - BSG_PackList( hmacText, 4, - BSG_TPM_DIGEST, &outParamDigest, - BSG_TPM_NONCE, &(auth->NonceEven), - BSG_TPM_NONCE, &(auth->NonceOdd), - BSG_TYPE_BOOL, &(auth->fContinueAuthSession) ); - - Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), - (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &hm); - - // Compare correct HMAC with provided one. - if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0) // 0 indicates equality - return (TPM_SUCCESS); - else { - VTSP_OIAP( hContext, auth); - return (TPM_AUTHFAIL); - } -} - -TPM_RESULT VTSP_OIAP(const TCS_CONTEXT_HANDLE hContext, - TCS_AUTH *auth) { - - vtpmloginfo(VTPM_LOG_VTSP, "OIAP.\n"); - TPM_RESULT status = TPM_SUCCESS; - TPMTRYRETURN( TCSP_OIAP(hContext, - &auth->AuthHandle, - &auth->NonceEven) ); - goto egress; - - abort_egress: - - egress: - - return status; -} - -TPM_RESULT VTSP_OSAP(const TCS_CONTEXT_HANDLE hContext, - const TPM_ENTITY_TYPE entityType, - const UINT32 entityValue, - const TPM_AUTHDATA *usageAuth, - TPM_SECRET *sharedSecret, - TCS_AUTH *auth) { - - vtpmloginfo(VTPM_LOG_VTSP, "OSAP.\n"); - TPM_RESULT status = TPM_SUCCESS; - TPM_NONCE nonceEvenOSAP, nonceOddOSAP; - - Crypto_GetRandom((BYTE *) &nonceOddOSAP, sizeof(TPM_NONCE) ); - - TPMTRYRETURN( TCSP_OSAP( hContext, - entityType, - entityValue, - nonceOddOSAP, - &auth->AuthHandle, - &auth->NonceEven, - &nonceEvenOSAP) ); - - // Calculating Session Secret - BYTE sharedSecretText[TPM_DIGEST_SIZE * 2]; - - BSG_PackList( sharedSecretText, 2, - BSG_TPM_NONCE, &nonceEvenOSAP, - BSG_TPM_NONCE, &nonceOddOSAP); - - Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) usageAuth, TPM_DIGEST_SIZE, (BYTE *) sharedSecret); - - goto egress; - - abort_egress: - - egress: - - return status; -} - - - -TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext, - CRYPTO_INFO *crypto_info) { - - TPM_RESULT status; - TPM_NONCE antiReplay; - TPM_DIGEST checksum; - BYTE *pubEKtext; - UINT32 pubEKtextsize; - - vtpmloginfo(VTPM_LOG_VTSP, "Reading Public EK.\n"); - - // GenerateAuth new nonceOdd - Crypto_GetRandom(&antiReplay, sizeof(TPM_NONCE) ); - - - TPMTRYRETURN( TCSP_ReadPubek( hContext, - antiReplay, - &pubEKtextsize, - &pubEKtext, - &checksum) ); - - - // Extract the remaining output parameters - TPM_PUBKEY pubEK; - - BSG_Unpack(BSG_TPM_PUBKEY, pubEKtext, (BYTE *) &pubEK); - - // Build CryptoInfo for the bindingKey - TPM_RSA_KEY_PARMS rsaKeyParms; - - BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, - pubEK.algorithmParms.parms, - &rsaKeyParms); - - Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, - rsaKeyParms.exponent, - pubEK.pubKey.keyLength, - pubEK.pubKey.key, - crypto_info); - - // Destroy rsaKeyParms - BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms); - - // Set encryption scheme - crypto_info->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1; - //crypto_info->encScheme = pubEK.algorithmParms.encScheme; - crypto_info->algorithmID = pubEK.algorithmParms.algorithmID; - - goto egress; - - abort_egress: - - egress: - - return status; -} - -TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext, - const TPM_AUTHDATA *ownerAuth, - const TPM_AUTHDATA *srkAuth, - CRYPTO_INFO *ek_cryptoInfo, - TCS_AUTH *auth) { - - vtpmloginfo(VTPM_LOG_VTSP, "Taking Ownership of TPM.\n"); - - TPM_RESULT status = TPM_SUCCESS; - TPM_COMMAND_CODE command = TPM_ORD_TakeOwnership; - TPM_PROTOCOL_ID proto_id = TPM_PID_OWNER; - BYTE *new_srk; - - BYTE *paramText; // Digest to make Auth. - UINT32 paramTextSize; - - // vars for srkpubkey parameter - TPM_KEY srkPub; - TPM_KEY_PARMS srkKeyInfo = {TPM_ALG_RSA, TPM_ES_RSAESOAEP_SHA1_MGF1, TPM_SS_NONE, 12, 0}; - BYTE srkRSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00}; - srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo; - - struct pack_buf_t srkText; - - // GenerateAuth new nonceOdd - Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); - - //These values are accurate for an enc(AuthData). - struct pack_buf_t encOwnerAuth, encSrkAuth; - - encOwnerAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256); - encSrkAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256); - - if (encOwnerAuth.data == NULL || encSrkAuth.data == NULL) { - vtpmloginfo(VTPM_LOG_VTSP, "Could not malloc encrypted auths.\n"); - status = TPM_RESOURCES; - goto abort_egress; - } - - Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) ownerAuth, &encOwnerAuth.size, encOwnerAuth.data); - Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) srkAuth, &encSrkAuth.size, encSrkAuth.data); - - - // Build srk public key struct - srkPub.ver = TPM_STRUCT_VER_1_1; - srkPub.keyUsage = TPM_KEY_STORAGE; - srkPub.keyFlags = 0x00; - srkPub.authDataUsage = TPM_AUTH_ALWAYS; - memcpy(&srkPub.algorithmParms, &srkKeyInfo, sizeof(TPM_KEY_PARMS)); - srkPub.PCRInfoSize = 0; - srkPub.PCRInfo = 0; - srkPub.pubKey.keyLength= 0; - srkPub.encDataSize = 0; - - srkText.data = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - srkText.size = BSG_Pack(BSG_TPM_KEY, (BYTE *) &srkPub, srkText.data); - - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - - paramTextSize = BSG_PackList(paramText, 5, - BSG_TPM_COMMAND_CODE,&command, - BSG_TPM_PROTOCOL_ID, &proto_id, - BSG_TPM_SIZE32_DATA, &encOwnerAuth, - BSG_TPM_SIZE32_DATA, &encSrkAuth, - BSG_TPM_KEY, &srkPub); - - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, ownerAuth, auth) ); - - new_srk = srkText.data; - TPMTRYRETURN( TCSP_TakeOwnership ( hContext, - proto_id, - encOwnerAuth.size, - encOwnerAuth.data, - encSrkAuth.size, - encSrkAuth.data, - &srkText.size, - &new_srk, - auth ) ); - - - paramTextSize = BSG_PackList(paramText, 2, - BSG_TPM_RESULT, &status, - BSG_TPM_COMMAND_CODE, &command); - memcpy(paramText + paramTextSize, new_srk, srkText.size); - paramTextSize += srkText.size; - - - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, - ownerAuth, auth, - hContext) ); - - goto egress; - - abort_egress: - - egress: - - free(srkText.data); - free(encSrkAuth.data); - free(encOwnerAuth.data); - free(paramText); - - TCS_FreeMemory(hContext, new_srk); - - return status; -} - -TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext, - const TPM_AUTHDATA *ownerAuth, - TCS_AUTH *auth) { - - vtpmloginfo(VTPM_LOG_VTSP, "Disabling Pubek Read.\n"); - - TPM_RESULT status = TPM_SUCCESS; - TPM_COMMAND_CODE command = TPM_ORD_DisablePubekRead; - - BYTE *paramText; // Digest to make Auth. - UINT32 paramTextSize; - - // Generate HMAC - Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); - - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - - paramTextSize = BSG_PackList(paramText, 1, - BSG_TPM_COMMAND_CODE, &command); - - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, - ownerAuth, auth) ); - - // Call TCS - TPMTRYRETURN( TCSP_DisablePubekRead ( hContext, // in - auth) ); - - // Verify Auth - paramTextSize = BSG_PackList(paramText, 2, - BSG_TPM_RESULT, &status, - BSG_TPM_COMMAND_CODE, &command); - - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, - ownerAuth, auth, - hContext) ); - goto egress; - - abort_egress: - egress: - free(paramText); - return status; -} - -TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext, - const TPM_KEY_USAGE usage, - const TPM_AUTHDATA *newKeyAuth, - const TCS_KEY_HANDLE parentHandle, - const TPM_AUTHDATA *osapSharedSecret, - buffer_t *pubKeyBuf, - TCS_AUTH *auth) { - - int i; - TPM_RESULT status = TPM_SUCCESS; - TPM_COMMAND_CODE command = TPM_ORD_CreateWrapKey; - - vtpmloginfo(VTPM_LOG_VTSP, "Creating new key of type %d.\n", usage); - - // vars for Calculate encUsageAuth - BYTE *paramText; - UINT32 paramTextSize; - - // vars for Calculate encUsageAuth - BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)]; - TPM_DIGEST XORKey1; - UINT32 XORbufferSize; - TPM_SECRET encUsageAuth, encMigrationAuth; - - // vars for Flatten newKey prototype - BYTE *flatKey = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - UINT32 flatKeySize = TCPA_MAX_BUFFER_LENGTH; - struct pack_buf_t newKeyText; - - // Fill in newKey - TPM_KEY newKey; - - BYTE RSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00}; - newKey.algorithmParms.algorithmID = TPM_ALG_RSA; - newKey.algorithmParms.parms = (BYTE *) &RSAkeyInfo; - newKey.algorithmParms.parmSize = 12; - - switch (usage) { - case TPM_KEY_SIGNING: - vtpmloginfo(VTPM_LOG_VTSP, "Creating Signing Key...\n"); - newKey.keyUsage = TPM_KEY_SIGNING; - newKey.algorithmParms.encScheme = TPM_ES_NONE; - newKey.algorithmParms.sigScheme = TPM_SS_RSASSAPKCS1v15_SHA1; - break; - case TPM_KEY_STORAGE: - vtpmloginfo(VTPM_LOG_VTSP, "Creating Storage Key...\n"); - newKey.keyUsage = TPM_KEY_STORAGE; - newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; - newKey.algorithmParms.sigScheme = TPM_SS_NONE; - break; - case TPM_KEY_BIND: - vtpmloginfo(VTPM_LOG_VTSP, "Creating Binding Key...\n"); - newKey.keyUsage = TPM_KEY_BIND; - newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; - newKey.algorithmParms.sigScheme = TPM_SS_NONE; - break; - default: - vtpmloginfo(VTPM_LOG_VTSP, "Cannot create key. Invalid Key Type.\n"); - status = TPM_BAD_PARAMETER; - goto abort_egress; - } - - - newKey.ver = TPM_STRUCT_VER_1_1; - - newKey.keyFlags = 0; - newKey.authDataUsage = TPM_AUTH_ALWAYS; - newKey.pubKey.keyLength= 0; - newKey.encDataSize = 0; - newKey.encData = NULL; - - // FIXME: Support PCR bindings - newKey.PCRInfoSize = 0; - newKey.PCRInfo = NULL; - - // Calculate encUsageAuth - XORbufferSize = BSG_PackList( XORbuffer, 2, - BSG_TPM_SECRET, osapSharedSecret, - BSG_TPM_NONCE, &auth->NonceEven); - Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey1); - - // FIXME: No support for migratable keys. - for (i=0; i < TPM_DIGEST_SIZE; i++) - ((BYTE *) &encUsageAuth)[i] = ((BYTE *) &XORKey1)[i] ^ ((BYTE *) newKeyAuth)[i]; - - // Flatten newKey prototype - flatKeySize = BSG_Pack(BSG_TPM_KEY, (BYTE *) &newKey, flatKey); - newKeyText.data = flatKey; - newKeyText.size = flatKeySize; - - // GenerateAuth new nonceOdd - Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); - - // Generate HMAC - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - - paramTextSize = BSG_PackList(paramText, 3, - BSG_TPM_COMMAND_CODE, &command, - BSG_TPM_AUTHDATA, &encUsageAuth, - BSG_TPM_AUTHDATA, &encMigrationAuth); - memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size); - paramTextSize += newKeyText.size; - - - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, - osapSharedSecret, auth) ); - - // Call TCS - TPMTRYRETURN( TCSP_CreateWrapKey( hContext, - parentHandle, - encUsageAuth, - encMigrationAuth, - &newKeyText.size, - &newKeyText.data, - auth) ); - - // Verify Auth - paramTextSize = BSG_PackList(paramText, 2, - BSG_TPM_RESULT, &status, - BSG_TPM_COMMAND_CODE, &command); - memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size); - paramTextSize += newKeyText.size; - - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, - osapSharedSecret, auth, 0) ); - - // Unpack/return key structure - TPMTRYRETURN(buffer_init(pubKeyBuf, 0, 0) ); - TPMTRYRETURN(buffer_append_raw(pubKeyBuf, newKeyText.size, newKeyText.data) ); - - goto egress; - - abort_egress: - - egress: - - free(flatKey); - free(paramText); - TCS_FreeMemory(hContext, newKeyText.data); - - return status; -} - -TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext, - const TCS_KEY_HANDLE hUnwrappingKey, - const buffer_t *rgbWrappedKeyBlob, - const TPM_AUTHDATA *parentAuth, - TPM_HANDLE *newKeyHandle, - TCS_AUTH *auth, - CRYPTO_INFO *cryptoinfo /*= NULL*/) { - - - vtpmloginfo(VTPM_LOG_VTSP, "Loading Key.\n%s",""); - - TPM_RESULT status = TPM_SUCCESS; - TPM_COMMAND_CODE command = TPM_ORD_LoadKey; - - BYTE *paramText; // Digest to make Auth. - UINT32 paramTextSize; - - if ((rgbWrappedKeyBlob == NULL) || (parentAuth == NULL) || - (newKeyHandle==NULL) || (auth==NULL)) { - status = TPM_BAD_PARAMETER; - goto abort_egress; - } - - // Generate Extra TCS Parameters - TPM_HANDLE phKeyHMAC; - - // Generate HMAC - Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); - - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - - paramTextSize = BSG_PackList(paramText, 1, - BSG_TPM_COMMAND_CODE, &command); - - memcpy(paramText + paramTextSize, rgbWrappedKeyBlob->bytes, buffer_len(rgbWrappedKeyBlob)); - paramTextSize += buffer_len(rgbWrappedKeyBlob); - - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, - parentAuth, auth) ); - - // Call TCS - TPMTRYRETURN( TCSP_LoadKeyByBlob( hContext, - hUnwrappingKey, - buffer_len(rgbWrappedKeyBlob), - rgbWrappedKeyBlob->bytes, - auth, - newKeyHandle, - &phKeyHMAC) ); - - // Verify Auth - paramTextSize = BSG_PackList(paramText, 3, - BSG_TPM_RESULT, &status, - BSG_TPM_COMMAND_CODE, &command, - BSG_TPM_HANDLE, newKeyHandle); - - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, - parentAuth, auth, - hContext) ); - - // Unpack/return key structure - if (cryptoinfo != NULL) { - TPM_KEY newKey; - - BSG_Unpack(BSG_TPM_KEY, rgbWrappedKeyBlob->bytes , &newKey); - TPM_RSA_KEY_PARMS rsaKeyParms; - - BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, - newKey.algorithmParms.parms, - &rsaKeyParms); - - Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, - rsaKeyParms.exponent, - newKey.pubKey.keyLength, - newKey.pubKey.key, - cryptoinfo); - - // Destroy rsaKeyParms - BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms); - - // Set encryption scheme - cryptoinfo->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1; - } - - goto egress; - - abort_egress: - - egress: - - free(paramText); - return status; -} - -TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext, - const TPM_KEY_HANDLE key_handle, - const buffer_t *bound_data, - const TPM_AUTHDATA *usage_auth, - buffer_t *clear_data, - TCS_AUTH *auth) { - - vtpmloginfo(VTPM_LOG_VTSP, "Unbinding %d bytes of data.\n", buffer_len(bound_data)); - - TPM_RESULT status = TPM_SUCCESS; - TPM_COMMAND_CODE command = TPM_ORD_UnBind; - - BYTE *paramText; // Digest to make Auth. - UINT32 paramTextSize; - - // Generate Extra TCS Parameters - struct pack_buf_t clear_data32; - BYTE *clear_data_text; - UINT32 clear_data_size; - - // Generate HMAC - Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); - - struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes}; - - paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - - paramTextSize = BSG_PackList(paramText, 2, - BSG_TPM_COMMAND_CODE, &command, - BSG_TPM_SIZE32_DATA, &bound_data32); - - TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, - usage_auth, auth) ); - - // Call TCS - TPMTRYRETURN( TCSP_UnBind( hContext, - key_handle, - buffer_len(bound_data), - bound_data->bytes, - auth, - &clear_data_size, - &clear_data_text) ); - - - // Verify Auth - clear_data32.size = clear_data_size; - clear_data32.data = clear_data_text; - paramTextSize = BSG_PackList(paramText, 3, - BSG_TPM_RESULT, &status, - BSG_TPM_COMMAND_CODE, &command, - BSG_TPM_SIZE32_DATA, &clear_data32); - - TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, - usage_auth, auth, - hContext) ); - - // Unpack/return key structure - TPMTRYRETURN(buffer_init(clear_data, 0, 0)); - TPMTRYRETURN(buffer_append_raw (clear_data, clear_data_size, clear_data_text) ); - - goto egress; - - abort_egress: - - egress: - - free(paramText); - TCS_FreeMemory(hContext, clear_data_text); - - return status; -} - -TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo, - const buffer_t *inData, - buffer_t *outData) -{ - vtpmloginfo(VTPM_LOG_VTSP, "Binding %d bytes of data.\n", buffer_len(inData)); - TPM_BOUND_DATA boundData; - UINT32 i; - - // Fill boundData's accessory information - boundData.ver = TPM_STRUCT_VER_1_1; - boundData.payload = TPM_PT_BIND; - boundData.payloadData = inData->bytes; - - // Pack boundData before encryption - BYTE* flatBoundData = (BYTE *)malloc(sizeof(BYTE) * - (sizeof(TPM_VERSION) + - sizeof(TPM_PAYLOAD_TYPE) + - buffer_len(inData))); - if (flatBoundData == NULL) { - return TPM_NOSPACE; - } - UINT32 flatBoundDataSize = 0; - flatBoundDataSize = BSG_PackList( flatBoundData, 2, - BSG_TPM_VERSION, &boundData.ver, - BSG_TYPE_BYTE, &boundData.payload); - - memcpy(flatBoundData+flatBoundDataSize, inData->bytes, buffer_len(inData)); - flatBoundDataSize += buffer_len(inData); - - BYTE out_tmp[RSA_KEY_SIZE/8]; // RSAEnc does not do blocking, So this is what will come out. - UINT32 out_tmp_size; - - // Encrypt flatBoundData - Crypto_RSAEnc( cryptoInfo, - flatBoundDataSize, - flatBoundData, - &out_tmp_size, - out_tmp); - - if (out_tmp_size > RSA_KEY_SIZE/8) { - // The result of RSAEnc should be a fixed size based on key size. - vtpmlogerror(VTPM_LOG_VTSP, "Enc buffer just overflowed.\n"); - } - - buffer_init(outData, 0, NULL); - buffer_append_raw(outData, out_tmp_size, out_tmp); - - vtpmloginfo(VTPM_LOG_TXDATA, "Bind Generated[%d] = 0x", out_tmp_size); - for(i = 0 ; i < out_tmp_size ; i++) { - vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out_tmp[i]); - } - vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); - - // Free flatBoundData - free(flatBoundData); - - return TPM_SUCCESS; -} - -// Function Reaches into unsupported TCS command, beware. -TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext, - const buffer_t *inbuf, - buffer_t *outbuf ) { - - vtpmloginfo(VTPM_LOG_VTSP, "Passthrough in use.\n"); - TPM_RESULT status = TPM_SUCCESS; - - // Generate Extra TCS Parameters - BYTE *resultText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); - UINT32 resultTextSize = TCPA_MAX_BUFFER_LENGTH; - - // Call TCS - TPMTRYRETURN( TCSP_RawTransmitData(buffer_len(inbuf), inbuf->bytes, - &resultTextSize, resultText) ); - - // Unpack/return key structure - TPMTRYRETURN(buffer_init (outbuf, resultTextSize, resultText) ); - goto egress; - - abort_egress: - - egress: - TCS_FreeMemory(hContext, resultText); - free(resultText); - return status; -} +// =================================================================== +// +// Copyright (c) 2005, Intel Corp. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Intel Corporation nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. +// =================================================================== +// +// vtsp.c +// +// Higher level interface to TCS for use in service. +// +// ================================================================== + +#include <string.h> +#include "tcg.h" +#include "tcs.h" +#include "bsg.h" +#include "log.h" +#include "crypto.h" +#include "vtsp.h" +#include "buffer.h" + +#define RSA_KEY_SIZE 0x0800 + +/*********************************************************************************** + * GenerateAuth: Generate authorization info to be sent back to application + * + * Parameters: outParamDigestText The concatenation of output parameters to be SHA1ed + * outParamDigestTextSize Size of inParamDigestText + * HMACkey Key to be used for HMACing + * For OIAP use key.authUsage or PersistStore.ownerAuth + * For OSAP use shared secret + * pAuth Authorization information from the application + * + * Return: TPM_SUCCESS Authorization data created + * TPM_AUTHFAIL Invalid (NULL) HMACkey presented for OSAP + *************************************************************************************/ +TPM_RESULT GenerateAuth( /*[IN]*/ const BYTE *inParamDigestText, + /*[IN]*/ UINT32 inParamDigestTextSize, + /*[IN]*/ const TPM_SECRET *HMACkey, + /*[IN,OUT]*/ TCS_AUTH *auth) { + + if (inParamDigestText == NULL || auth == NULL) + return (TPM_AUTHFAIL); + else { + + //Generate new OddNonce + Crypto_GetRandom(auth->NonceOdd.nonce, sizeof(TPM_NONCE)); + + // Create SHA1 inParamDigest + TPM_DIGEST inParamDigest; + Crypto_SHA1Full(inParamDigestText, inParamDigestTextSize, (BYTE *) &inParamDigest); + + // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). + BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; + + BSG_PackList( hmacText, 4, + BSG_TPM_DIGEST, &inParamDigest, + BSG_TPM_NONCE, &(auth->NonceEven), + BSG_TPM_NONCE, &(auth->NonceOdd), + BSG_TYPE_BOOL, &(auth->fContinueAuthSession) ); + + Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &(auth->HMAC)); + + return(TPM_SUCCESS); + + } +} + +/*********************************************************************************** + * VerifyAuth: Verify the authdata for a command requiring authorization + * + * Parameters: inParamDigestText The concatenation of parameters to be SHA1ed + * inParamDigestTextSize Size of inParamDigestText + * authDataUsage AuthDataUsage for the Entity being used + * Key->authDataUsage or TPM_AUTH_OWNER + * HMACkey Key to be used for HMACing + * For OIAP use key.authUsage or PersistStore.ownerAuth + * For OSAP use NULL (It will be aquired from the Auth Session) + * If unknown (default), assume OIAP + * sessionAuth A TCS_AUTH info for the session + * pAuth Authorization information from the application + * hContext If specified, on failed Auth, VerifyAuth will + * generate a new OIAP session in place of themselves + * destroyed session. + * + * Return: TPM_SUCCESS Authorization Verified + * TPM_AUTHFAIL Authorization Failed + * TPM_FAIL Failure during SHA1 routines + *************************************************************************************/ +TPM_RESULT VerifyAuth( /*[IN]*/ const BYTE *outParamDigestText, + /*[IN]*/ UINT32 outParamDigestTextSize, + /*[IN]*/ const TPM_SECRET *HMACkey, + /*[IN,OUT]*/ TCS_AUTH *auth, + /*[IN]*/ TCS_CONTEXT_HANDLE hContext) { + if (outParamDigestText == NULL || auth == NULL) + return (TPM_AUTHFAIL); + + + // Create SHA1 inParamDigest + TPM_DIGEST outParamDigest; + Crypto_SHA1Full(outParamDigestText, outParamDigestTextSize, (BYTE *) &outParamDigest); + + // Create HMAC text. (Concat inParamsDigest with inAuthSetupParams). + TPM_DIGEST hm; + BYTE hmacText[sizeof(TPM_DIGEST) + (2 * sizeof(TPM_NONCE)) + sizeof(BOOL)]; + + BSG_PackList( hmacText, 4, + BSG_TPM_DIGEST, &outParamDigest, + BSG_TPM_NONCE, &(auth->NonceEven), + BSG_TPM_NONCE, &(auth->NonceOdd), + BSG_TYPE_BOOL, &(auth->fContinueAuthSession) ); + + Crypto_HMAC((BYTE *) hmacText, sizeof(hmacText), + (BYTE *) HMACkey, sizeof(TPM_DIGEST), (BYTE *) &hm); + + // Compare correct HMAC with provided one. + if (memcmp (&hm, &(auth->HMAC), sizeof(TPM_DIGEST)) == 0) // 0 indicates equality + return (TPM_SUCCESS); + else { + VTSP_OIAP( hContext, auth); + return (TPM_AUTHFAIL); + } +} + +TPM_RESULT VTSP_OIAP(const TCS_CONTEXT_HANDLE hContext, + TCS_AUTH *auth) { + + vtpmloginfo(VTPM_LOG_VTSP, "OIAP.\n"); + TPM_RESULT status = TPM_SUCCESS; + TPMTRYRETURN( TCSP_OIAP(hContext, + &auth->AuthHandle, + &auth->NonceEven) ); + goto egress; + + abort_egress: + + egress: + + return status; +} + +TPM_RESULT VTSP_OSAP(const TCS_CONTEXT_HANDLE hContext, + const TPM_ENTITY_TYPE entityType, + const UINT32 entityValue, + const TPM_AUTHDATA *usageAuth, + TPM_SECRET *sharedSecret, + TCS_AUTH *auth) { + + vtpmloginfo(VTPM_LOG_VTSP, "OSAP.\n"); + TPM_RESULT status = TPM_SUCCESS; + TPM_NONCE nonceEvenOSAP, nonceOddOSAP; + + Crypto_GetRandom((BYTE *) &nonceOddOSAP, sizeof(TPM_NONCE) ); + + TPMTRYRETURN( TCSP_OSAP( hContext, + entityType, + entityValue, + nonceOddOSAP, + &auth->AuthHandle, + &auth->NonceEven, + &nonceEvenOSAP) ); + + // Calculating Session Secret + BYTE sharedSecretText[TPM_DIGEST_SIZE * 2]; + + BSG_PackList( sharedSecretText, 2, + BSG_TPM_NONCE, &nonceEvenOSAP, + BSG_TPM_NONCE, &nonceOddOSAP); + + Crypto_HMAC(sharedSecretText, sizeof(sharedSecretText), (BYTE *) usageAuth, TPM_DIGEST_SIZE, (BYTE *) sharedSecret); + + goto egress; + + abort_egress: + + egress: + + return status; +} + + + +TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext, + CRYPTO_INFO *crypto_info) { + + TPM_RESULT status; + TPM_NONCE antiReplay; + TPM_DIGEST checksum; + BYTE *pubEKtext; + UINT32 pubEKtextsize; + + vtpmloginfo(VTPM_LOG_VTSP, "Reading Public EK.\n"); + + // GenerateAuth new nonceOdd + Crypto_GetRandom(&antiReplay, sizeof(TPM_NONCE) ); + + + TPMTRYRETURN( TCSP_ReadPubek( hContext, + antiReplay, + &pubEKtextsize, + &pubEKtext, + &checksum) ); + + + // Extract the remaining output parameters + TPM_PUBKEY pubEK; + + BSG_Unpack(BSG_TPM_PUBKEY, pubEKtext, (BYTE *) &pubEK); + + // Build CryptoInfo for the bindingKey + TPM_RSA_KEY_PARMS rsaKeyParms; + + BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, + pubEK.algorithmParms.parms, + &rsaKeyParms); + + Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, + rsaKeyParms.exponent, + pubEK.pubKey.keyLength, + pubEK.pubKey.key, + crypto_info); + + // Destroy rsaKeyParms + BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms); + + // Set encryption scheme + crypto_info->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1; + //crypto_info->encScheme = pubEK.algorithmParms.encScheme; + crypto_info->algorithmID = pubEK.algorithmParms.algorithmID; + + goto egress; + + abort_egress: + + egress: + + return status; +} + +TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext, + const TPM_AUTHDATA *ownerAuth, + const TPM_AUTHDATA *srkAuth, + CRYPTO_INFO *ek_cryptoInfo, + TCS_AUTH *auth) { + + vtpmloginfo(VTPM_LOG_VTSP, "Taking Ownership of TPM.\n"); + + TPM_RESULT status = TPM_SUCCESS; + TPM_COMMAND_CODE command = TPM_ORD_TakeOwnership; + TPM_PROTOCOL_ID proto_id = TPM_PID_OWNER; + BYTE *new_srk; + + BYTE *paramText; // Digest to make Auth. + UINT32 paramTextSize; + + // vars for srkpubkey parameter + TPM_KEY srkPub; + TPM_KEY_PARMS srkKeyInfo = {TPM_ALG_RSA, TPM_ES_RSAESOAEP_SHA1_MGF1, TPM_SS_NONE, 12, 0}; + BYTE srkRSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00}; + srkKeyInfo.parms = (BYTE *) &srkRSAkeyInfo; + + struct pack_buf_t srkText; + + // GenerateAuth new nonceOdd + Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); + + //These values are accurate for an enc(AuthData). + struct pack_buf_t encOwnerAuth, encSrkAuth; + + encOwnerAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256); + encSrkAuth.data = (BYTE *)malloc(sizeof(BYTE) * 256); + + if (encOwnerAuth.data == NULL || encSrkAuth.data == NULL) { + vtpmloginfo(VTPM_LOG_VTSP, "Could not malloc encrypted auths.\n"); + status = TPM_RESOURCES; + goto abort_egress; + } + + Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) ownerAuth, &encOwnerAuth.size, encOwnerAuth.data); + Crypto_RSAEnc(ek_cryptoInfo, sizeof(TPM_SECRET), (BYTE *) srkAuth, &encSrkAuth.size, encSrkAuth.data); + + + // Build srk public key struct + srkPub.ver = TPM_STRUCT_VER_1_1; + srkPub.keyUsage = TPM_KEY_STORAGE; + srkPub.keyFlags = 0x00; + srkPub.authDataUsage = TPM_AUTH_ALWAYS; + memcpy(&srkPub.algorithmParms, &srkKeyInfo, sizeof(TPM_KEY_PARMS)); + srkPub.PCRInfoSize = 0; + srkPub.PCRInfo = 0; + srkPub.pubKey.keyLength= 0; + srkPub.encDataSize = 0; + + srkText.data = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + srkText.size = BSG_Pack(BSG_TPM_KEY, (BYTE *) &srkPub, srkText.data); + + paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + + paramTextSize = BSG_PackList(paramText, 5, + BSG_TPM_COMMAND_CODE,&command, + BSG_TPM_PROTOCOL_ID, &proto_id, + BSG_TPM_SIZE32_DATA, &encOwnerAuth, + BSG_TPM_SIZE32_DATA, &encSrkAuth, + BSG_TPM_KEY, &srkPub); + + TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, ownerAuth, auth) ); + + new_srk = srkText.data; + TPMTRYRETURN( TCSP_TakeOwnership ( hContext, + proto_id, + encOwnerAuth.size, + encOwnerAuth.data, + encSrkAuth.size, + encSrkAuth.data, + &srkText.size, + &new_srk, + auth ) ); + + + paramTextSize = BSG_PackList(paramText, 2, + BSG_TPM_RESULT, &status, + BSG_TPM_COMMAND_CODE, &command); + memcpy(paramText + paramTextSize, new_srk, srkText.size); + paramTextSize += srkText.size; + + + TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, + ownerAuth, auth, + hContext) ); + + goto egress; + + abort_egress: + + egress: + + free(srkText.data); + free(encSrkAuth.data); + free(encOwnerAuth.data); + free(paramText); + + TCS_FreeMemory(hContext, new_srk); + + return status; +} + +TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext, + const TPM_AUTHDATA *ownerAuth, + TCS_AUTH *auth) { + + vtpmloginfo(VTPM_LOG_VTSP, "Disabling Pubek Read.\n"); + + TPM_RESULT status = TPM_SUCCESS; + TPM_COMMAND_CODE command = TPM_ORD_DisablePubekRead; + + BYTE *paramText; // Digest to make Auth. + UINT32 paramTextSize; + + // Generate HMAC + Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); + + paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + + paramTextSize = BSG_PackList(paramText, 1, + BSG_TPM_COMMAND_CODE, &command); + + TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, + ownerAuth, auth) ); + + // Call TCS + TPMTRYRETURN( TCSP_DisablePubekRead ( hContext, // in + auth) ); + + // Verify Auth + paramTextSize = BSG_PackList(paramText, 2, + BSG_TPM_RESULT, &status, + BSG_TPM_COMMAND_CODE, &command); + + TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, + ownerAuth, auth, + hContext) ); + goto egress; + + abort_egress: + egress: + free(paramText); + return status; +} + +TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext, + const TPM_KEY_USAGE usage, + const TPM_AUTHDATA *newKeyAuth, + const TCS_KEY_HANDLE parentHandle, + const TPM_AUTHDATA *osapSharedSecret, + buffer_t *pubKeyBuf, + TCS_AUTH *auth) { + + int i; + TPM_RESULT status = TPM_SUCCESS; + TPM_COMMAND_CODE command = TPM_ORD_CreateWrapKey; + + vtpmloginfo(VTPM_LOG_VTSP, "Creating new key of type %d.\n", usage); + + // vars for Calculate encUsageAuth + BYTE *paramText; + UINT32 paramTextSize; + + // vars for Calculate encUsageAuth + BYTE XORbuffer[sizeof(TPM_SECRET) + sizeof(TPM_NONCE)]; + TPM_DIGEST XORKey1; + UINT32 XORbufferSize; + TPM_SECRET encUsageAuth, encMigrationAuth; + + // vars for Flatten newKey prototype + BYTE *flatKey = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + UINT32 flatKeySize = TCPA_MAX_BUFFER_LENGTH; + struct pack_buf_t newKeyText; + + // Fill in newKey + TPM_KEY newKey; + + BYTE RSAkeyInfo[12] = { 0x00, 0x00, (RSA_KEY_SIZE >> 8), 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00}; + newKey.algorithmParms.algorithmID = TPM_ALG_RSA; + newKey.algorithmParms.parms = (BYTE *) &RSAkeyInfo; + newKey.algorithmParms.parmSize = 12; + + switch (usage) { + case TPM_KEY_SIGNING: + vtpmloginfo(VTPM_LOG_VTSP, "Creating Signing Key...\n"); + newKey.keyUsage = TPM_KEY_SIGNING; + newKey.algorithmParms.encScheme = TPM_ES_NONE; + newKey.algorithmParms.sigScheme = TPM_SS_RSASSAPKCS1v15_SHA1; + break; + case TPM_KEY_STORAGE: + vtpmloginfo(VTPM_LOG_VTSP, "Creating Storage Key...\n"); + newKey.keyUsage = TPM_KEY_STORAGE; + newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; + newKey.algorithmParms.sigScheme = TPM_SS_NONE; + break; + case TPM_KEY_BIND: + vtpmloginfo(VTPM_LOG_VTSP, "Creating Binding Key...\n"); + newKey.keyUsage = TPM_KEY_BIND; + newKey.algorithmParms.encScheme = TPM_ES_RSAESOAEP_SHA1_MGF1; + newKey.algorithmParms.sigScheme = TPM_SS_NONE; + break; + default: + vtpmloginfo(VTPM_LOG_VTSP, "Cannot create key. Invalid Key Type.\n"); + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + + newKey.ver = TPM_STRUCT_VER_1_1; + + newKey.keyFlags = 0; + newKey.authDataUsage = TPM_AUTH_ALWAYS; + newKey.pubKey.keyLength= 0; + newKey.encDataSize = 0; + newKey.encData = NULL; + + // FIXME: Support PCR bindings + newKey.PCRInfoSize = 0; + newKey.PCRInfo = NULL; + + // Calculate encUsageAuth + XORbufferSize = BSG_PackList( XORbuffer, 2, + BSG_TPM_SECRET, osapSharedSecret, + BSG_TPM_NONCE, &auth->NonceEven); + Crypto_SHA1Full(XORbuffer, XORbufferSize, (BYTE *) &XORKey1); + + // FIXME: No support for migratable keys. + for (i=0; i < TPM_DIGEST_SIZE; i++) + ((BYTE *) &encUsageAuth)[i] = ((BYTE *) &XORKey1)[i] ^ ((BYTE *) newKeyAuth)[i]; + + // Flatten newKey prototype + flatKeySize = BSG_Pack(BSG_TPM_KEY, (BYTE *) &newKey, flatKey); + newKeyText.data = flatKey; + newKeyText.size = flatKeySize; + + // GenerateAuth new nonceOdd + Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); + + // Generate HMAC + paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + + paramTextSize = BSG_PackList(paramText, 3, + BSG_TPM_COMMAND_CODE, &command, + BSG_TPM_AUTHDATA, &encUsageAuth, + BSG_TPM_AUTHDATA, &encMigrationAuth); + memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size); + paramTextSize += newKeyText.size; + + + TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, + osapSharedSecret, auth) ); + + // Call TCS + TPMTRYRETURN( TCSP_CreateWrapKey( hContext, + parentHandle, + encUsageAuth, + encMigrationAuth, + &newKeyText.size, + &newKeyText.data, + auth) ); + + // Verify Auth + paramTextSize = BSG_PackList(paramText, 2, + BSG_TPM_RESULT, &status, + BSG_TPM_COMMAND_CODE, &command); + memcpy(paramText + paramTextSize, newKeyText.data, newKeyText.size); + paramTextSize += newKeyText.size; + + TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, + osapSharedSecret, auth, 0) ); + + // Unpack/return key structure + TPMTRYRETURN(buffer_init(pubKeyBuf, 0, 0) ); + TPMTRYRETURN(buffer_append_raw(pubKeyBuf, newKeyText.size, newKeyText.data) ); + + goto egress; + + abort_egress: + + egress: + + free(flatKey); + free(paramText); + TCS_FreeMemory(hContext, newKeyText.data); + + return status; +} + +TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext, + const TCS_KEY_HANDLE hUnwrappingKey, + const buffer_t *rgbWrappedKeyBlob, + const TPM_AUTHDATA *parentAuth, + TPM_HANDLE *newKeyHandle, + TCS_AUTH *auth, + CRYPTO_INFO *cryptoinfo /*= NULL*/) { + + + vtpmloginfo(VTPM_LOG_VTSP, "Loading Key.\n%s",""); + + TPM_RESULT status = TPM_SUCCESS; + TPM_COMMAND_CODE command = TPM_ORD_LoadKey; + + BYTE *paramText; // Digest to make Auth. + UINT32 paramTextSize; + + if ((rgbWrappedKeyBlob == NULL) || (parentAuth == NULL) || + (newKeyHandle==NULL) || (auth==NULL)) { + status = TPM_BAD_PARAMETER; + goto abort_egress; + } + + // Generate Extra TCS Parameters + TPM_HANDLE phKeyHMAC; + + // Generate HMAC + Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); + + paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + + paramTextSize = BSG_PackList(paramText, 1, + BSG_TPM_COMMAND_CODE, &command); + + memcpy(paramText + paramTextSize, rgbWrappedKeyBlob->bytes, buffer_len(rgbWrappedKeyBlob)); + paramTextSize += buffer_len(rgbWrappedKeyBlob); + + TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, + parentAuth, auth) ); + + // Call TCS + TPMTRYRETURN( TCSP_LoadKeyByBlob( hContext, + hUnwrappingKey, + buffer_len(rgbWrappedKeyBlob), + rgbWrappedKeyBlob->bytes, + auth, + newKeyHandle, + &phKeyHMAC) ); + + // Verify Auth + paramTextSize = BSG_PackList(paramText, 3, + BSG_TPM_RESULT, &status, + BSG_TPM_COMMAND_CODE, &command, + BSG_TPM_HANDLE, newKeyHandle); + + TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, + parentAuth, auth, + hContext) ); + + // Unpack/return key structure + if (cryptoinfo != NULL) { + TPM_KEY newKey; + + BSG_Unpack(BSG_TPM_KEY, rgbWrappedKeyBlob->bytes , &newKey); + TPM_RSA_KEY_PARMS rsaKeyParms; + + BSG_Unpack(BSG_TPM_RSA_KEY_PARMS, + newKey.algorithmParms.parms, + &rsaKeyParms); + + Crypto_RSABuildCryptoInfoPublic(rsaKeyParms.exponentSize, + rsaKeyParms.exponent, + newKey.pubKey.keyLength, + newKey.pubKey.key, + cryptoinfo); + + // Destroy rsaKeyParms + BSG_Destroy(BSG_TPM_RSA_KEY_PARMS, &rsaKeyParms); + + // Set encryption scheme + cryptoinfo->encScheme = CRYPTO_ES_RSAESOAEP_SHA1_MGF1; + } + + goto egress; + + abort_egress: + + egress: + + free(paramText); + return status; +} + +TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext, + const TPM_KEY_HANDLE key_handle, + const buffer_t *bound_data, + const TPM_AUTHDATA *usage_auth, + buffer_t *clear_data, + TCS_AUTH *auth) { + + vtpmloginfo(VTPM_LOG_VTSP, "Unbinding %d bytes of data.\n", buffer_len(bound_data)); + + TPM_RESULT status = TPM_SUCCESS; + TPM_COMMAND_CODE command = TPM_ORD_UnBind; + + BYTE *paramText; // Digest to make Auth. + UINT32 paramTextSize; + + // Generate Extra TCS Parameters + struct pack_buf_t clear_data32; + BYTE *clear_data_text; + UINT32 clear_data_size; + + // Generate HMAC + Crypto_GetRandom(&auth->NonceOdd, sizeof(TPM_NONCE) ); + + struct pack_buf_t bound_data32 = {bound_data->size, bound_data->bytes}; + + paramText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + + paramTextSize = BSG_PackList(paramText, 2, + BSG_TPM_COMMAND_CODE, &command, + BSG_TPM_SIZE32_DATA, &bound_data32); + + TPMTRYRETURN( GenerateAuth( paramText, paramTextSize, + usage_auth, auth) ); + + // Call TCS + TPMTRYRETURN( TCSP_UnBind( hContext, + key_handle, + buffer_len(bound_data), + bound_data->bytes, + auth, + &clear_data_size, + &clear_data_text) ); + + + // Verify Auth + clear_data32.size = clear_data_size; + clear_data32.data = clear_data_text; + paramTextSize = BSG_PackList(paramText, 3, + BSG_TPM_RESULT, &status, + BSG_TPM_COMMAND_CODE, &command, + BSG_TPM_SIZE32_DATA, &clear_data32); + + TPMTRYRETURN( VerifyAuth( paramText, paramTextSize, + usage_auth, auth, + hContext) ); + + // Unpack/return key structure + TPMTRYRETURN(buffer_init(clear_data, 0, 0)); + TPMTRYRETURN(buffer_append_raw (clear_data, clear_data_size, clear_data_text) ); + + goto egress; + + abort_egress: + + egress: + + free(paramText); + TCS_FreeMemory(hContext, clear_data_text); + + return status; +} + +TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo, + const buffer_t *inData, + buffer_t *outData) +{ + vtpmloginfo(VTPM_LOG_VTSP, "Binding %d bytes of data.\n", buffer_len(inData)); + TPM_BOUND_DATA boundData; + UINT32 i; + + // Fill boundData's accessory information + boundData.ver = TPM_STRUCT_VER_1_1; + boundData.payload = TPM_PT_BIND; + boundData.payloadData = inData->bytes; + + // Pack boundData before encryption + BYTE* flatBoundData = (BYTE *)malloc(sizeof(BYTE) * + (sizeof(TPM_VERSION) + + sizeof(TPM_PAYLOAD_TYPE) + + buffer_len(inData))); + if (flatBoundData == NULL) { + return TPM_NOSPACE; + } + UINT32 flatBoundDataSize = 0; + flatBoundDataSize = BSG_PackList( flatBoundData, 2, + BSG_TPM_VERSION, &boundData.ver, + BSG_TYPE_BYTE, &boundData.payload); + + memcpy(flatBoundData+flatBoundDataSize, inData->bytes, buffer_len(inData)); + flatBoundDataSize += buffer_len(inData); + + BYTE out_tmp[RSA_KEY_SIZE/8]; // RSAEnc does not do blocking, So this is what will come out. + UINT32 out_tmp_size; + + // Encrypt flatBoundData + Crypto_RSAEnc( cryptoInfo, + flatBoundDataSize, + flatBoundData, + &out_tmp_size, + out_tmp); + + if (out_tmp_size > RSA_KEY_SIZE/8) { + // The result of RSAEnc should be a fixed size based on key size. + vtpmlogerror(VTPM_LOG_VTSP, "Enc buffer just overflowed.\n"); + } + + buffer_init(outData, 0, NULL); + buffer_append_raw(outData, out_tmp_size, out_tmp); + + vtpmloginfo(VTPM_LOG_TXDATA, "Bind Generated[%d] = 0x", out_tmp_size); + for(i = 0 ; i < out_tmp_size ; i++) { + vtpmloginfomore(VTPM_LOG_TXDATA, "%2.2x ", out_tmp[i]); + } + vtpmloginfomore(VTPM_LOG_TXDATA, "\n"); + + // Free flatBoundData + free(flatBoundData); + + return TPM_SUCCESS; +} + +// Function Reaches into unsupported TCS command, beware. +TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext, + const buffer_t *inbuf, + buffer_t *outbuf ) { + + vtpmloginfo(VTPM_LOG_VTSP, "Passthrough in use.\n"); + TPM_RESULT status = TPM_SUCCESS; + + // Generate Extra TCS Parameters + BYTE *resultText = (BYTE *) malloc(sizeof(BYTE) * TCPA_MAX_BUFFER_LENGTH); + UINT32 resultTextSize = TCPA_MAX_BUFFER_LENGTH; + + // Call TCS + TPMTRYRETURN( TCSP_RawTransmitData(buffer_len(inbuf), inbuf->bytes, + &resultTextSize, resultText) ); + + // Unpack/return key structure + TPMTRYRETURN(buffer_init (outbuf, resultTextSize, resultText) ); + goto egress; + + abort_egress: + + egress: + TCS_FreeMemory(hContext, resultText); + free(resultText); + return status; +} diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/manager/vtsp.h --- a/tools/vtpm_manager/manager/vtsp.h Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/manager/vtsp.h Wed Nov 30 11:07:28 2005 @@ -1,102 +1,102 @@ -// =================================================================== -// -// Copyright (c) 2005, Intel Corp. -// All rights reserved. -// -// Redistribution and use in source and binary forms, with or without -// modification, are permitted provided that the following conditions -// are met: -// -// * Redistributions of source code must retain the above copyright -// notice, this list of conditions and the following disclaimer. -// * Redistributions in binary form must reproduce the above -// copyright notice, this list of conditions and the following -// disclaimer in the documentation and/or other materials provided -// with the distribution. -// * Neither the name of Intel Corporation nor the names of its -// contributors may be used to endorse or promote products derived -// from this software without specific prior written permission. -// -// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE -// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR -// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -// OF THE POSSIBILITY OF SUCH DAMAGE. -// =================================================================== -// -// vtsp.h -// -// Higher level interface to TCS. -// -// ================================================================== - -#ifndef __VTSP_H__ -#define __VTSP_H__ - -#include "tcg.h" -#include "tcs.h" - -#define KEY_BUFFER_SIZE 2048 - -TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext, - const buffer_t *inbuf, - buffer_t *outbuf ); - -TPM_RESULT VTSP_OIAP( const TCS_CONTEXT_HANDLE hContext, - TCS_AUTH *auth); - -TPM_RESULT VTSP_OSAP( const TCS_CONTEXT_HANDLE hContext, - const TPM_ENTITY_TYPE entityType, - const UINT32 entityValue, - const TPM_AUTHDATA *usageAuth, - TPM_SECRET *sharedsecret, - TCS_AUTH *auth); - -TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext, - CRYPTO_INFO *cypto_info); - -TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext, - const TPM_AUTHDATA *ownerAuth, - const TPM_AUTHDATA *srkAuth, - CRYPTO_INFO *ek_cryptoInfo, - TCS_AUTH *auth); - -TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext, - const TPM_AUTHDATA *ownerAuth, - TCS_AUTH *auth); - -TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext, - const TPM_KEY_USAGE usage, - const TPM_AUTHDATA *newKeyAuth, - const TCS_KEY_HANDLE parentHandle, - const TPM_AUTHDATA *osapSharedSecret, - buffer_t *pubKeyBuf, - TCS_AUTH *auth); - -TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext, - const TCS_KEY_HANDLE hUnwrappingKey, - const buffer_t *rgbWrappedKeyBlob, - const TPM_AUTHDATA *parentAuth, - TPM_HANDLE *newKeyHandle, - TCS_AUTH *pAuth, - CRYPTO_INFO *cryptoinfo); - -TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext, - const TPM_KEY_HANDLE key_handle, - const buffer_t *bound_data, - const TPM_AUTHDATA *usage_auth, - buffer_t *clear_data, - TCS_AUTH *auth); - -TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo, - const buffer_t *inData, - buffer_t *outData); - -#endif //_VTSP_H_ +// =================================================================== +// +// Copyright (c) 2005, Intel Corp. +// All rights reserved. +// +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions +// are met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Intel Corporation nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS +// FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +// COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, +// INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +// OF THE POSSIBILITY OF SUCH DAMAGE. +// =================================================================== +// +// vtsp.h +// +// Higher level interface to TCS. +// +// ================================================================== + +#ifndef __VTSP_H__ +#define __VTSP_H__ + +#include "tcg.h" +#include "tcs.h" + +#define KEY_BUFFER_SIZE 2048 + +TPM_RESULT VTSP_RawTransmit(const TCS_CONTEXT_HANDLE hContext, + const buffer_t *inbuf, + buffer_t *outbuf ); + +TPM_RESULT VTSP_OIAP( const TCS_CONTEXT_HANDLE hContext, + TCS_AUTH *auth); + +TPM_RESULT VTSP_OSAP( const TCS_CONTEXT_HANDLE hContext, + const TPM_ENTITY_TYPE entityType, + const UINT32 entityValue, + const TPM_AUTHDATA *usageAuth, + TPM_SECRET *sharedsecret, + TCS_AUTH *auth); + +TPM_RESULT VTSP_ReadPubek( const TCS_CONTEXT_HANDLE hContext, + CRYPTO_INFO *cypto_info); + +TPM_RESULT VTSP_TakeOwnership( const TCS_CONTEXT_HANDLE hContext, + const TPM_AUTHDATA *ownerAuth, + const TPM_AUTHDATA *srkAuth, + CRYPTO_INFO *ek_cryptoInfo, + TCS_AUTH *auth); + +TPM_RESULT VTSP_DisablePubekRead( const TCS_CONTEXT_HANDLE hContext, + const TPM_AUTHDATA *ownerAuth, + TCS_AUTH *auth); + +TPM_RESULT VTSP_CreateWrapKey( const TCS_CONTEXT_HANDLE hContext, + const TPM_KEY_USAGE usage, + const TPM_AUTHDATA *newKeyAuth, + const TCS_KEY_HANDLE parentHandle, + const TPM_AUTHDATA *osapSharedSecret, + buffer_t *pubKeyBuf, + TCS_AUTH *auth); + +TPM_RESULT VTSP_LoadKey(const TCS_CONTEXT_HANDLE hContext, + const TCS_KEY_HANDLE hUnwrappingKey, + const buffer_t *rgbWrappedKeyBlob, + const TPM_AUTHDATA *parentAuth, + TPM_HANDLE *newKeyHandle, + TCS_AUTH *pAuth, + CRYPTO_INFO *cryptoinfo); + +TPM_RESULT VTSP_Unbind( const TCS_CONTEXT_HANDLE hContext, + const TPM_KEY_HANDLE key_handle, + const buffer_t *bound_data, + const TPM_AUTHDATA *usage_auth, + buffer_t *clear_data, + TCS_AUTH *auth); + +TPM_RESULT VTSP_Bind( CRYPTO_INFO *cryptoInfo, + const buffer_t *inData, + buffer_t *outData); + +#endif //_VTSP_H_ diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/util/Makefile --- a/tools/vtpm_manager/util/Makefile Wed Nov 30 10:36:57 2005 +++ b/tools/vtpm_manager/util/Makefile Wed Nov 30 11:07:28 2005 @@ -1,19 +1,19 @@ -XEN_ROOT = ../../.. -include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk - -BIN = libTCGUtils.a - -all: build - -build: $(BIN) - -install: build - -clean: - rm -f *.a *.so *.o *.rpm $(DEP_FILES) - -mrproper: clean - rm -f *~ - -$(BIN): $(OBJS) - $(AR) rcs $(BIN) $(OBJS) +XEN_ROOT = ../../.. +include $(XEN_ROOT)/tools/vtpm_manager/Rules.mk + +BIN = libTCGUtils.a + +all: build + +build: $(BIN) + +install: build + +clean: + rm -f *.a *.so *.o *.rpm $(DEP_FILES) + +mrproper: clean + rm -f *~ + +$(BIN): $(OBJS) + $(AR) rcs $(BIN) $(OBJS) diff -r d963256dc3e0 -r 3399f4b9396a tools/vtpm_manager/util/depend --- a/tools/vtpm_manager/util/depend Wed Nov 30 10:36:57 2005 +++ /dev/null Wed Nov 30 11:07:28 2005 @@ -1,7 +0,0 @@ -hashtable.o: hashtable.c hashtable.h hashtable_private.h -hashtable_itr.o: hashtable_itr.c hashtable.h hashtable_private.h \ - hashtable_itr.h -bsg.o: bsg.c tcg.h ../crypto/crypto.h ../crypto/sym_crypto.h buffer.h \ - bsg.h log.h -log.o: log.c buffer.h tcg.h -buffer.o: buffer.c tcg.h bsg.h buffer.h _______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-changelog

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.