Generated files from "arm-generic-codesearch" build 0, revision 625d8f475f7aea50f88d62c987680200deaf893c
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/autotest/hardware_TPM/hardware_TPM.py b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/autotest/hardware_TPM/hardware_TPM.py
new file mode 100644
index 0000000..cc35816
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/autotest/hardware_TPM/hardware_TPM.py
@@ -0,0 +1,75 @@
+# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+import os, re
+
+from autotest_lib.client.bin import test, utils
+from autotest_lib.client.common_lib import error
+
+class hardware_TPM(test.test):
+ version = 1
+ preserve_srcdir = True
+ # Tests that we don't want to run for various reasons.
+ exclusions = {'context': r'GetRegisteredKeys.*|LoadKeyByUUID03|'
+ r'UnregisterKey03',
+ 'hash': r'TickStampBlob.*',
+ 'init': r'.*',
+ 'nv': r'DefineSpace04',
+ 'tpm': r'GetEventLog.*|CertifySelfTest.*|SetStatus.*',
+ 'transport': r'GetPubEndorsementKey.*|NV_WriteValue.*|'
+ r'NV_ReadValue.*|Key_UnloadKey.*|'
+ r'Maintenance.*|VerifyDelegation.*|'
+ r'GetAuditDigest.*|OwnerGetSRKPubKey.*|'
+ r'SetOperatorAuth.*|SetStatus.*',
+ 'tspi': r'ChangeAuthAsym.*'}
+ # Tests that require TPM owner credentials.
+ owner_required = {'context': r'CloseSignTransport.*',
+ 'cmk': r'.*',
+ 'delegation': r'.*',
+ 'key': r'CreateMigrationBlob.*|ConvertMigrationBlob.*',
+ 'nv': r'.*',
+ 'policy': r'policy_check_lifetime.*',
+ 'transport': r'.*',
+ 'tpm': r'AuthorizeMigrationTicket.*|'
+ r'CollateIdentityRequest.*|'
+ r'CreateMaintenanceArchive.*|Delegate.*|'
+ r'DirWrite.*|GetAuditDigest.*|'
+ r'GetPubEndorsementKey.*|GetStatus.*|'
+ r'KeyControlOwner.*|KillMaintenanceFeature.*|'
+ r'OwnerGetSRKPubKey.*|TakeOwnership.*',
+ 'tspi': r'ChangeAuth05.*|ChangeAuth06.*|'
+ r'SetAttribUint3208.*'}
+
+ def setup(self):
+ os.chdir(self.srcdir)
+ utils.make('clean')
+ utils.make('all')
+
+ def run_once(self, suite, owner_secret, test_filter):
+ excluded_tests_re = None
+ owner_tests_re = None
+ test_filter_re = None
+ if suite in self.exclusions:
+ excluded_tests_re = re.compile(self.exclusions[suite])
+ if suite in self.owner_required:
+ owner_tests_re = re.compile(self.owner_required[suite])
+ if test_filter:
+ test_filter_re = re.compile(test_filter)
+ if owner_secret:
+ os.environ['TESTSUITE_OWNER_SECRET'] = owner_secret
+ exclude_owner = not owner_secret
+ suite_path = '%s/src/tests/%s' % (self.bindir, suite)
+ tests = sorted(os.listdir(suite_path))
+ for test in tests:
+ # Skip excluded tests.
+ if excluded_tests_re and excluded_tests_re.search(test):
+ continue
+ # Skip tests requiring an owner secret if we don't have one.
+ if exclude_owner and owner_tests_re and owner_tests_re.search(test):
+ continue
+ # Skip filtered tests.
+ if test_filter_re and not test_filter_re.search(test):
+ continue
+ utils.system('%s/%s -v 1.2 1>&2' % (suite_path, test))
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/doc/TSS_programming_SNAFUs.txt b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/doc/TSS_programming_SNAFUs.txt
new file mode 100644
index 0000000..d196bba
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/doc/TSS_programming_SNAFUs.txt
@@ -0,0 +1,15 @@
+
+Tspi_TPM_GetEvents
+
+ Events in the TCS event log are 0 indexed. So, a call such as:
+
+ UINT32 five = 5;
+ Tspi_TPM_GetEvents(hTPM, ulPcrIndex, 1, &five, &prgbPcrEvents);
+
+ will get you 5 events (assuming at least 6 events have happened on the PCR) which
+ will be the 2nd through 6th events on the PCR. (Since the 1st event is at index 0).
+ This is probably what you want:
+
+ UINT32 five = 5;
+ Tspi_TPM_GetEvents(hTPM, ulPcrIndex, 0, &five, &prgbPcrEvents);
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/auth_mgr.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/auth_mgr.h
new file mode 100644
index 0000000..14ced98
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/auth_mgr.h
@@ -0,0 +1,49 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _AUTH_MGR_H_
+#define _AUTH_MGR_H_
+
+struct auth_map
+{
+ TSS_BOOL full;
+ TPM_AUTHHANDLE tpm_handle;
+ TCS_CONTEXT_HANDLE tcs_ctx;
+ BYTE *swap; /* These 'swap' variables manage blobs received from TPM_SaveAuthContext */
+ UINT32 swap_size;
+};
+
+/*
+ * it appears that there's no way to query a v1.1 TPM for the
+ * max number of simultaneous auth sessions. We'll make the
+ * default relatively large and let the TPM return
+ * TCPA_RESOURCES to tell us when we cross the line.
+ */
+#define TSS_DEFAULT_AUTH_TABLE_SIZE 16
+#define TSS_DEFAULT_OVERFLOW_AUTHS 16
+
+struct _auth_mgr
+{
+ short max_auth_sessions;
+ short open_auth_sessions;
+ UINT32 sleeping_threads;
+ COND_VAR **overflow; /* queue of TCS contexts waiting for an auth session to become
+ * available */
+ unsigned int of_head, of_tail; /* head and tail of the overflow queue */
+ struct auth_map *auth_mapper; /* table of currently tracked auth sessions */
+ UINT32 auth_mapper_size, overflow_size;
+} auth_mgr;
+
+MUTEX_DECLARE_INIT(auth_mgr_lock);
+
+TSS_RESULT TPM_SaveAuthContext(TPM_AUTHHANDLE, UINT32 *, BYTE **);
+TSS_RESULT TPM_LoadAuthContext(UINT32, BYTE *, TPM_AUTHHANDLE *);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/authsess.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/authsess.h
new file mode 100644
index 0000000..7615015
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/authsess.h
@@ -0,0 +1,59 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#ifndef _AUTHSESS_H_
+#define _AUTHSESS_H_
+
+struct authsess {
+ TPM_AUTH *pAuth;
+ TPM_AUTH auth;
+
+ /* XOR masks created before each use of an OSAP session */
+ TPM_ENCAUTH encAuthUse;
+ TPM_ENCAUTH encAuthMig;
+
+ TSS_HCONTEXT tspContext;
+ TPM_COMMAND_CODE command;
+
+ TSS_HOBJECT obj_parent;
+ TSS_HPOLICY hUsageParent;
+ UINT32 parentMode;
+ TPM_SECRET parentSecret;
+ TSS_CALLBACK cb_xor, cb_hmac, cb_sealx;
+
+ TPM_ENTITY_TYPE entity_type;
+ UINT32 entityValueSize;
+ BYTE *entityValue;
+
+ TSS_HOBJECT obj_child;
+ TSS_HPOLICY hUsageChild, hMigChild;
+ UINT32 uMode, mMode;
+
+ /* Created during OSAP or DSAP protocol initiation */
+ TPM_NONCE nonceOddxSAP;
+ TPM_NONCE nonceEvenxSAP;
+ TPM_HMAC sharedSecret;
+
+ //MUTEX_DECLARE(lock);
+ //struct authsess *next;
+};
+
+TSS_RESULT authsess_oiap_get(TSS_HOBJECT, TPM_COMMAND_CODE, TPM_DIGEST *, TPM_AUTH *);
+TSS_RESULT authsess_oiap_put(TPM_AUTH *, TPM_DIGEST *);
+
+TSS_RESULT authsess_xsap_init(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_BOOL, TPM_COMMAND_CODE, TPM_ENTITY_TYPE, struct authsess **);
+TSS_RESULT authsess_xsap_hmac(struct authsess *, TPM_DIGEST *);
+TSS_RESULT authsess_xsap_verify(struct authsess *, TPM_DIGEST *);
+void authsess_free(struct authsess *);
+
+#define TSS_AUTH_POLICY_REQUIRED TRUE
+#define TSS_AUTH_POLICY_NOT_REQUIRED FALSE
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/biosem.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/biosem.h
new file mode 100644
index 0000000..ec6e7f5
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/biosem.h
@@ -0,0 +1,34 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef _BIOSEM_H_
+#define _BIOSEM_H_
+
+int bios_open(void *, FILE **);
+TSS_RESULT bios_get_entries_by_pcr(FILE *, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **);
+TSS_RESULT bios_get_entry(FILE *, UINT32, UINT32 *, TSS_PCR_EVENT **);
+int bios_close(FILE *);
+
+extern struct ext_log_source bios_source;
+
+/* this should be large if we're reading out of /proc */
+#define BIOS_READ_SIZE 4096
+
+typedef struct {
+ UINT32 pcrIndex;
+ UINT32 eventType;
+ BYTE digest[20];
+ UINT32 eventDataSize;
+ BYTE event[0];/* (eventSize) bytes of event data follows */
+} TCG_PCClientPCREventStruc;
+
+#define EVLOG_SOURCE_BIOS 1
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/capabilities.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/capabilities.h
new file mode 100644
index 0000000..1482956
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/capabilities.h
@@ -0,0 +1,63 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _CAPABILITIES_H_
+#define _CAPABILITIES_H_
+
+/* This header has all of the software capabilities that are returned either via
+ * Tspi_Context_GetCapability or TCS_GetCapability.
+ */
+
+/* TSP */
+/* BOOL */
+#define INTERNAL_CAP_TSP_ALG_RSA TRUE
+#define INTERNAL_CAP_TSP_ALG_SHA TRUE
+#define INTERNAL_CAP_TSP_ALG_3DES FALSE
+#define INTERNAL_CAP_TSP_ALG_DES FALSE
+#define INTERNAL_CAP_TSP_ALG_HMAC TRUE
+#define INTERNAL_CAP_TSP_ALG_AES TRUE
+#define INTERNAL_CAP_TSP_PERSSTORAGE TRUE
+
+/* UINT32 */
+#define INTERNAL_CAP_TSP_ALG_DEFAULT TSS_ALG_RSA
+#define INTERNAL_CAP_TSP_ALG_DEFAULT_SIZE TSS_KEY_SIZEVAL_2048BIT
+
+/* 1 indicates byte-stream return values, 0 indicates ASN.1 encoded return values */
+#define INTERNAL_CAP_TSP_RETURNVALUE_INFO 1
+
+/* 0 is unknown platform version/type. Currently the spec is too vague on possible values for this
+ * information to define anything here. */
+#define INTERNAL_CAP_TSP_PLATFORM_VERSION 0
+#define INTERNAL_CAP_TSP_PLATFORM_TYPE 0
+
+/* TCS */
+/* BOOL */
+#define INTERNAL_CAP_TCS_ALG_RSA FALSE
+#define INTERNAL_CAP_TCS_ALG_AES FALSE
+#define INTERNAL_CAP_TCS_ALG_3DES FALSE
+#define INTERNAL_CAP_TCS_ALG_DES FALSE
+#define INTERNAL_CAP_TCS_ALG_SHA TRUE
+#define INTERNAL_CAP_TCS_ALG_HMAC FALSE
+#define INTERNAL_CAP_TCS_PERSSTORAGE TRUE
+#define INTERNAL_CAP_TCS_CACHING_KEYCACHE FALSE
+#define INTERNAL_CAP_TCS_CACHING_AUTHCACHE TRUE
+
+/* UINT32 */
+#define INTERNAL_CAP_TCS_ALG_DEFAULT TSS_ALG_RSA
+#define INTERNAL_CAP_TCS_ALG_DEFAULT_SIZE TSS_KEY_SIZEVAL_2048BIT
+
+/* Common between both TSP and TCS */
+#define INTERNAL_CAP_VERSION { 1, 2, TSS_VER_MAJOR, TSS_VER_MINOR }
+
+#define INTERNAL_CAP_MANUFACTURER_ID 0x49424D00
+#define INTERNAL_CAP_MANUFACTURER_STR { 'I', 0, 'B', 0, 'M', 0, 0, 0 }
+#define INTERNAL_CAP_MANUFACTURER_STR_LEN 8
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/anonymity_revocation.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/anonymity_revocation.h
new file mode 100644
index 0000000..383346d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/anonymity_revocation.h
@@ -0,0 +1,62 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef ANONYMITY_REVOCATION_H_
+#define ANONYMITY_REVOCATION_H_
+
+#include "bi.h"
+#include "daa_structs.h"
+
+/**
+ * Cramer Shoup public key (CSPublicKey.java)
+ */
+typedef struct tdCS_PUBLIC_KEY {
+ bi_ptr eta;
+ bi_ptr lambda1;
+ bi_ptr lambda2;
+ bi_ptr lambda3;
+} CS_PUBLIC_KEY;
+
+typedef struct tdCS_ENCRYPTION_RESULT {
+ bi_ptr c1;
+ bi_ptr c2;
+ bi_ptr c3;
+ bi_ptr c4;
+} CS_ENCRYPTION_RESULT;
+
+CS_ENCRYPTION_RESULT *create_CS_ENCRYPTION_RESULT( bi_ptr c1, bi_ptr c2, bi_ptr c3, bi_ptr c4);
+
+/*
+ * Cramer-Shoup Encryption Result including randomness.
+ *
+ * from com.ibm.zurich.tcg.daa.anonymityrevocationCSEncryptionResultRandomness
+*/
+typedef struct tdCS_ENCRYPTION_RESULT_RANDOMNESS {
+ bi_ptr randomness;
+ CS_ENCRYPTION_RESULT *result;
+} CS_ENCRYPTION_RESULT_RANDOMNESS;
+
+/*
+ * Cramer-Shoup EncryptionProof
+ * from com.ibm.zurich.tcg.daa.anonymityrevocation.CSEncryptionProof
+ */
+CS_ENCRYPTION_RESULT_RANDOMNESS *compute_ecryption_proof(
+ const bi_ptr msg,
+ const bi_ptr delta1,
+ const bi_ptr delta2,
+ const bi_ptr delta3,
+ const bi_ptr randomness,
+ const CS_PUBLIC_KEY *key,
+ const struct tdTSS_DAA_PK_internal *daa_key,
+ const BYTE *condition,
+ const int conditionLength,
+ const EVP_MD *messageDigest);
+
+#endif /*ANONYMITY_REVOCATION_H_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi.h
new file mode 100644
index 0000000..4d69ed3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi.h
@@ -0,0 +1,380 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef BI_H_
+#define BI_H_
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+// for the BIGNUM definition
+#include <openssl/bn.h>
+
+#include "list.h"
+
+#define INLINE
+#undef INLINE_DECL
+#define INLINE_DECL static inline
+
+void * (*bi_alloc)(size_t size);
+
+// keep the list of allocated memory, usually used for the format functions
+extern list_ptr allocs;
+
+/************************************************************************************
+ TYPE DEF
+*************************************************************************************/
+
+#ifdef BI_GMP
+#include "bi_gmp.h"
+#endif
+
+#ifdef BI_OPENSSL
+#include "bi_openssl.h"
+#endif
+
+/************************************************************************************
+ TYPE DEF
+*************************************************************************************/
+
+struct _bi_array{
+ bi_ptr *array;
+ int length;
+};
+
+typedef struct _bi_array bi_array[1];
+typedef struct _bi_array *bi_array_ptr;
+
+/***********************************************************************************
+ CONSTANT
+*************************************************************************************/
+
+extern bi_t bi_0;
+extern bi_t bi_1;
+extern bi_t bi_2;
+
+/***********************************************************************************
+ TEMPORARY (WORK)
+*************************************************************************************/
+
+/*
+extern bi_t bi_tmp;
+extern bi_t bi_tmp1;
+extern bi_t bi_tmp2;
+extern bi_t bi_tmp3;
+extern bi_t bi_tmp4;
+extern bi_t bi_tmp5;
+extern bi_t bi_tmp6;
+extern bi_t bi_tmp7;
+extern bi_t bi_tmp8;
+extern bi_t bi_tmp9;
+*/
+
+/***********************************************************************************
+ MACROS
+*************************************************************************************/
+#define ALLOC_BI_ARRAY() (bi_array_ptr)malloc( sizeof( bi_array))
+
+#if 0
+#define BI_SAVE( a, b) do { bi_save( a, #a, b); } while(0);
+#define BI_SAVE_ARRAY( a, b) do { bi_save_array( a, #a, b); } while(0);
+#define BI_LOAD( a, b) do { bi_load( a, b); } while(0);
+#define BI_LOAD_ARRAY( a, b) do { bi_load_array( a, b); } while(0);
+#endif
+
+#ifdef BI_DEBUG
+#define DUMP_BI(field) do { \
+ fprintf(stderr, "%s=%s [%ld]\n", #field, bi_2_hex_char( field), bi_nbin_size(field));\
+ } while(0);
+
+#define DUMP_BI_ARRAY(field) do { dump_bi_array( #field, field); } while(0);
+
+#else
+#define DUMP_BI(field)
+
+#define DUMP_BI_ARRAY(field)
+#endif
+
+/* to free only defines bi_ptr */
+#define FREE_BI(a) do { if( (a) != NULL) bi_free_ptr( a); } while(0);
+
+/***********************************************************************************
+ DUMP LIB
+*************************************************************************************/
+
+char *dump_byte_array(int len, unsigned char *array);
+
+/* convert <strings> and return it into a byte array <result> of length <length> */
+unsigned char *retrieve_byte_array( int *len, const char *strings);
+
+/***********************************************************************************
+ LIBRARY MANAGEMENT
+*************************************************************************************/
+/*
+ initialize the library
+ bi_alloc_p allocation function used only for exporting a bi struct, so for bi_2_nbin
+ if define as NULL, a stdlib malloc() will be used
+*/
+void bi_init( void * (*bi_alloc_p)(size_t size));
+
+/* release resources used by the library */
+void bi_release(void);
+
+/* return >0 if the library was initialized */
+int bi_is_initialized(void);
+
+/* free the list of internally allocated memory, usually used for the format functions */
+void bi_flush_memory(void);
+
+/***********************************************************************************
+ ALLOCATION & BASIC SETTINGS
+*************************************************************************************/
+
+/* create a big integer */
+bi_ptr bi_new( bi_ptr result);
+
+/* create a big integer pointer */
+bi_ptr bi_new_ptr(void);
+
+/* free resources allocated to the big integer <i> */
+void bi_free(const bi_ptr i);
+
+/* free resources allocated to the big integer pointer <i> */
+void bi_free_ptr(const bi_ptr i);
+
+/* return the current number of bits of the number */
+long bi_length( const bi_ptr res);
+
+/* create a <big integer> array */
+void bi_new_array( bi_array_ptr array, const int length);
+
+/* create a <big integer> array */
+void bi_new_array2( bi_array_ptr array, const int length);
+
+/* free resources allocated to the big integer <i> */
+void bi_free_array(bi_array_ptr array);
+
+/* copy length pointers from the array <src, offset_src> to array <dest, offset_dest> */
+void bi_copy_array(bi_array_ptr src,
+ int offset_src,
+ bi_array_ptr dest,
+ int offset_dest,
+ int length);
+
+// for debugging
+void dump_bi_array( char *field, const bi_array_ptr array);
+
+/***********************************************************************************
+ SAFE RANDOM
+*************************************************************************************/
+
+bi_ptr compute_random_number( bi_ptr result, const bi_ptr element);
+
+#if 0
+/***********************************************************************************
+ SAVE / LOAD
+*************************************************************************************/
+
+/* load an big integer in the already open ("r") file */
+void bi_load( bi_ptr bi, FILE *file);
+
+/* load an big integer array in the already open ("r") file */
+void bi_load_array( bi_array_ptr array, FILE *file);
+
+/* save an big integer array in the already open ("w") file */
+void bi_save_array( const bi_array_ptr array, const char *name, FILE *file);
+
+/* save an big integer in the already open ("w") file */
+void bi_save( const bi_ptr bi,const char *name, FILE *file);
+#endif
+
+/***********************************************************************************
+ CONVERSION
+*************************************************************************************/
+
+/* dump the big integer as hexadecimal */
+char *bi_2_hex_char(const bi_ptr i);
+
+ /* dump the big integer as decimal */
+char *bi_2_dec_char(const bi_ptr i);
+
+ /* set <i> to the same value as <value> */
+ /* <i> := <value> */
+bi_ptr bi_set( bi_ptr i, const bi_ptr value);
+
+/* set <i> with the value represented by given hexadecimal <value> */
+ /* <i> := <value> */
+bi_ptr bi_set_as_hex( bi_ptr i, const char *value);
+
+/* set <i> with the value represented by given decimal <value> */
+ /* <i> := <value> */
+bi_ptr bi_set_as_dec( bi_ptr i, const char *value);
+
+/* set <i> with the value represented by unsigned int <value> */
+ /* <i> := <value> */
+bi_ptr bi_set_as_si( bi_ptr result, const int value);
+
+/* return (long)bi_t */
+long bi_get_si(const bi_ptr i);
+
+/* return the size of a network byte order representation of <i> */
+long bi_nbin_size(const bi_ptr i);
+
+/* return a BYTE * - in network byte order - and update the length <length> */
+/* the result is allocated internally */
+unsigned char *bi_2_nbin( int *length, const bi_ptr i);
+
+/* return a BYTE * - in network byte order - and update the length <length> */
+/* different from bi_2_nbin: you should reserve enough memory for the storage */
+void bi_2_nbin1( int *length, unsigned char *, const bi_ptr i);
+
+/* return a bi_ptr that correspond to the big endian encoded BYTE array of length <n_length> */
+bi_ptr bi_set_as_nbin( const unsigned long length, const unsigned char *buffer);
+
+/*
+ convert <bi> to a byte array of length result,
+ the beginning of this buffer is feel with '0' if needed
+*/
+void bi_2_byte_array( unsigned char *result, int length, bi_ptr bi);
+
+/* convert a bi to a openssl BIGNUM struct */
+BIGNUM *bi_2_BIGNUM( const bi_ptr);
+
+
+/***********************************************************************************
+ BITS OPERATION
+*************************************************************************************/
+/* set the bit to 1 */
+bi_ptr bi_setbit( bi_ptr result, const int bit);
+
+/* <result> := <i> << <n> */
+bi_ptr bi_shift_left( bi_ptr result, const bi_ptr i, const int n);
+
+/* <result> := <i> >> <n> */
+bi_ptr bi_shift_right( bi_ptr result, const bi_ptr i, const int n);
+
+/***********************************************************************************
+ NUMBER THEORIE OPERATION
+*************************************************************************************/
+/* create a random of length <length> bits */
+/* res := random( length) */
+bi_ptr bi_urandom( bi_ptr res, const long length);
+
+/* res := <n> mod <m> */
+bi_ptr bi_mod(bi_ptr res, const bi_ptr n, const bi_ptr m);
+
+/* res := <n> mod <m> */
+bi_ptr bi_mod_si(bi_ptr res, const bi_ptr n, const long m);
+
+/* generate prime number of <length> bits */
+bi_ptr bi_generate_prime( bi_ptr i, const long length);
+
+/*
+return true (>0, bigger is better, but this is contextual to the plugin)
+if <i> is a probably prime
+*/
+int bi_is_probable_prime( const bi_ptr i);
+
+/* result := (inverse of <i>) mod <m> */
+/* if the inverse exist, return >0, otherwise 0 */
+int bi_invert_mod( bi_ptr result, const bi_ptr i, const bi_ptr m);
+
+/* generate a safe prime number of <length> bits */
+/* by safe we mean a prime p so that (p-1)/2 is also prime */
+bi_ptr bi_generate_safe_prime( bi_ptr result, const long bit_length);
+
+/* return in <result> the greatest common divisor of <a> and <b> */
+/* <result> := gcd( <a>, <b>) */
+bi_ptr bi_gcd( bi_ptr result, bi_ptr a, bi_ptr b);
+
+/***********************************************************************************
+ BASIC MATH OPERATION
+*************************************************************************************/
+
+/* <result> := result++ */
+bi_ptr bi_inc(bi_ptr result);
+
+/* <result> := result-- */
+bi_ptr bi_dec(bi_ptr result);
+
+/* <result> := - <result> */
+bi_ptr bi_negate( bi_ptr result);
+
+/* set <result> by the multiplication of <i> by the long <n> */
+/* <result> := <i> * <n> */
+bi_ptr bi_mul_si( bi_ptr result, const bi_ptr i, const long n);
+
+/* <result> := <i> * <n> */
+bi_ptr bi_mul( bi_ptr result, const bi_ptr i, const bi_ptr n);
+
+/* set <result> by the division of <i> by the long <n> */
+/* <result> := <i> / <n> */
+bi_ptr bi_div_si( bi_ptr result, const bi_ptr i, const long n);
+
+/* <result> := <i> / <n> */
+bi_ptr bi_div( bi_ptr result, const bi_ptr i, const bi_ptr n);
+
+/* set <result> by the addition of <i> by the long <n> */
+/* <result> := <i> + <n> */
+bi_ptr bi_add_si( bi_ptr result, const bi_ptr i, const long n);
+
+/* <result> := <i> + <n> */
+bi_ptr bi_add( bi_ptr result, const bi_ptr i, const bi_ptr n);
+
+/* <result> := <i> - <n> */
+bi_ptr bi_sub_si( bi_ptr result, const bi_ptr i, const long n);
+
+/* <result> := <i> - <n> */
+bi_ptr bi_sub( bi_ptr result, const bi_ptr i, const bi_ptr n);
+
+/* <result> := ( <g> ^ <e> ) mod <m> */
+bi_ptr bi_mod_exp_si( bi_ptr result, const bi_ptr g, const bi_ptr e, const long m);
+
+/* <result> := ( <g> ^ <e> ) mod <m> */
+bi_ptr bi_mod_exp( bi_ptr result, const bi_ptr g, const bi_ptr e, const bi_ptr m);
+
+/*
+multiple-exponentiation
+<result> := mod( Multi( <g>i, <e>i), number of byte <m>) with 0 <= i <= <n>
+bi_t[] is used for commodity (bi-ptr[] need allocation for each bi_ptr, something made
+in the stack with bi_t)
+*/
+bi_ptr bi_multi_mod_exp( bi_ptr result,
+ const int n,
+ const bi_t g[],
+ const long e[],
+ const int m);
+
+/***********************************************************************************
+ COMPARAISON
+*************************************************************************************/
+/* n1<n2 return negative value
+ n1 = n2 return 0
+ n1>n2 return positive value
+*/
+int bi_cmp( const bi_ptr n1, const bi_ptr n2);
+
+/* n1<n2 return negative value
+ n1 = n2 return 0
+ n1>n2 return positive value
+*/
+int bi_cmp_si( const bi_ptr n1, const int n2);
+
+/* n1 == n2 return 1 (true)
+ else return 0
+*/
+int bi_equals( const bi_ptr n1, const bi_ptr n2);
+
+/* n1 == n2 return 1 (true)
+ else return 0
+*/
+int bi_equals_si( const bi_ptr n1, const int n2);
+
+#endif /*BI_H_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi_gmp.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi_gmp.h
new file mode 100644
index 0000000..8e0f611
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi_gmp.h
@@ -0,0 +1,295 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef BI_GMP_
+#define BI_GMP_
+
+#include <gmp.h>
+// needed for OPENSSL_free
+#include <openssl/crypto.h>
+
+typedef mpz_t bi_t;
+typedef mpz_ptr bi_ptr;
+
+extern gmp_randstate_t state;
+
+/* initialized the given big integer */
+INLINE_DECL bi_ptr bi_new(bi_t i) {
+ mpz_init( i);
+ return i;
+}
+
+/* create a big integer pointer */
+INLINE_DECL bi_ptr bi_new_ptr(void) {
+ mpz_ptr res;
+
+ res = (mpz_ptr)malloc( sizeof( mpz_t));
+ if( res == NULL) return NULL;
+ mpz_init( res);
+ return res;
+}
+
+/* free resources allocated to the big integer <i> */
+INLINE_DECL void bi_free(const bi_ptr i) {
+ mpz_clear( i);
+}
+
+/* free resources allocated to the big integer pointer <i> */
+INLINE_DECL void bi_free_ptr(const bi_ptr i) {
+ mpz_clear( i);
+ free( i);
+}
+
+/* return the current number of bits of the number */
+INLINE_DECL long bi_length( const bi_ptr res) {
+ return mpz_sizeinbase( res, 2);
+}
+
+/***********************************************************************************
+ CONVERSIONS
+*************************************************************************************/
+
+
+/* return an hex dump of the given big integer */
+INLINE_DECL char *bi_2_hex_char(const bi_ptr i) {
+ char *ret;
+
+ gmp_asprintf( &ret, "%ZX", i);
+ list_add( allocs, ret);
+ return ret;
+}
+
+/* return an hex dump of the given big integer */
+INLINE_DECL char *bi_2_dec_char(const bi_ptr i) {
+ char *ret;
+
+ gmp_asprintf( &ret, "%Zd", i);
+ list_add( allocs, ret);
+ return ret;
+}
+
+/* set <i> to the same value as the big integer <value> */
+INLINE_DECL bi_ptr bi_set( bi_ptr result, const bi_ptr value) {
+ mpz_set( result, value);
+ return result;
+}
+
+/* set the initialized variable to the value represented by the given hex format stirng */
+INLINE_DECL bi_ptr bi_set_as_hex( bi_ptr result, const char *value) {
+ mpz_set_str( result, value, 16);
+ return result;
+}
+
+/* set the initialized variable to the value represented by the given hex format stirng */
+INLINE_DECL bi_ptr bi_set_as_dec( bi_ptr result, const char *value) {
+ mpz_set_str( result, value, 10);
+ return result;
+}
+
+/* set <i> with the value represented by unsigned int <value> */
+/* <i> := <value> */
+INLINE_DECL bi_ptr bi_set_as_si( bi_ptr result, const int value) {
+ mpz_set_si( result, value);
+ return result;
+}
+
+/* return (long)bi_t */
+INLINE_DECL long bi_get_si(const bi_ptr i) {
+ return mpz_get_si( i);
+}
+
+/* convert a bi type to a openssl BIGNUM struct */
+INLINE_DECL BIGNUM *bi_2_BIGNUM( const bi_ptr i) {
+ BIGNUM *result;
+ char *value = bi_2_hex_char( i);
+
+ BN_hex2bn( &result, value);
+ return result;
+}
+
+/* set <i> with the value represented by the given openssl BIGNUM struct */
+INLINE_DECL bi_ptr bi_set_as_BIGNUM( bi_ptr i, BIGNUM *bn) {
+ char *value = BN_bn2hex( bn);
+
+ if( value == NULL) return NULL;
+ bi_set_as_hex( i, value);
+ OPENSSL_free( value);
+ return i;
+}
+
+/***********************************************************************************
+ BASIC MATH OPERATION
+*************************************************************************************/
+
+/* <result> := result + 1 */
+INLINE_DECL bi_ptr bi_inc(bi_ptr result) {
+ mpz_add_ui( result, result, 1);
+ return result;
+}
+
+/* <result> := result - 1 */
+INLINE_DECL bi_ptr bi_dec(bi_ptr result) {
+ mpz_sub_ui( result, result, 1);
+ return result;
+}
+
+/* set <result> by the division of <i> by the long <n> */
+/* <result> := <i> / <n> */
+INLINE_DECL bi_ptr bi_div_si( bi_ptr result, const bi_ptr i, const long n) {
+ mpz_div_ui( result, i, n);
+ return result;
+}
+
+/* <result> := <i> / <n> */
+INLINE_DECL bi_ptr bi_div( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ mpz_div( result, i, n);
+ return result;
+}
+
+/* <result> := - <result> */
+INLINE_DECL bi_ptr bi_negate( bi_ptr result) {
+ mpz_neg( result, result);
+ return result;
+}
+
+/* multiply the given big integer <i> by the give long <n> and return the result in <result> */
+INLINE_DECL bi_ptr bi_mul_si( bi_ptr result, const bi_ptr i, const long n) {
+ mpz_mul_si( result, i, n);
+ return result;
+}
+
+ /* <result> := <i> * <n> */
+INLINE_DECL bi_ptr bi_mul( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ mpz_mul( result, i, n);
+ return result;
+}
+
+/* <result> := <i> + <n> */
+INLINE_DECL bi_ptr bi_add_si( bi_ptr result, const bi_ptr i, const long n) {
+ mpz_add_ui( result, i, n);
+ return result;
+}
+
+/* <result> := <i> + <n> */
+INLINE_DECL bi_ptr bi_add( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ mpz_add( result, i, n);
+ return result;
+}
+
+/* <result> := <i> - <n> */
+INLINE_DECL bi_ptr bi_sub_si( bi_ptr result, const bi_ptr i, const long n) {
+ // n should be unsigned
+ mpz_sub_ui( result, i, n);
+ return result;
+}
+
+/* <result> := <i> - <n> */
+INLINE_DECL bi_ptr bi_sub( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ mpz_sub( result, result, n);
+ return result;
+}
+
+/* <result> := ( <g> ^ <e> ) mod <m> */
+INLINE_DECL bi_ptr bi_mod_exp( bi_ptr result, const bi_ptr g, const bi_ptr e, const bi_ptr m) {
+ mpz_powm( result, g, e, m);
+ return result;
+}
+
+/* <result> := ( <g> ^ <e> ) mod <m> */
+INLINE_DECL bi_ptr bi_mod_exp_si( bi_ptr result, const bi_ptr g, const bi_ptr e, const long m) {
+ mpz_t bi_m;
+
+ mpz_init( bi_m);
+ mpz_set_si( bi_m, m);
+ mpz_powm( result, g, e, bi_m);
+ mpz_clear( bi_m);
+ return result;
+}
+
+/***********************************************************************************
+ BITS OPERATION
+*************************************************************************************/
+/* set the bit to 1 */
+INLINE_DECL bi_ptr bi_setbit(bi_ptr result, const int bit) {
+ mpz_setbit( result, bit);
+ return result;
+}
+
+/* <result> := <i> << <n> */
+INLINE_DECL bi_ptr bi_shift_left( bi_ptr result, const bi_ptr i, const int n) {
+ mpz_mul_2exp( result, i, n);
+ return result;
+}
+
+/* <result> := <i> >> <n> */
+INLINE_DECL bi_ptr bi_shift_right( bi_ptr result, const bi_ptr i, const int n) {
+ mpz_div_2exp( result, i, n);
+ return result;
+}
+
+/***********************************************************************************
+ COMPARAISON
+*************************************************************************************/
+/* n1<n2 return negative value
+ * n1 = n2 return 0
+ * n1>n2 return positive value
+*/
+INLINE_DECL int bi_cmp( const bi_ptr n1, const bi_ptr n2) {
+ return mpz_cmp( n1, n2);
+}
+
+/* n1<n2 return negative value
+ * n1 = n2 return 0
+ * n1>n2 return positive value
+*/
+INLINE_DECL int bi_cmp_si( const bi_ptr n1, const int n2) {
+ return mpz_cmp_ui( n1, n2);
+}
+
+/* n1 == n2 return 1 (true)
+ * else return 0
+*/
+INLINE_DECL int bi_equals( const bi_ptr n1, const bi_ptr n2) {
+ return mpz_cmp( n1, n2) == 0 ? 1 : 0;
+}
+
+/* n1 == n2 return 1 (true)
+ * else return 0
+*/
+INLINE_DECL int bi_equals_si( const bi_ptr n1, const int n2) {
+ return mpz_cmp_ui( n1, n2) == 0 ? 1 : 0;
+}
+
+/* create a random of length <length> bits */
+/* res := random( length) */
+INLINE_DECL bi_ptr bi_urandom( bi_ptr result, const long length) {
+ mpz_urandomb( result, state, length);
+ return result;
+}
+
+/* res := <n> mod <m> */
+INLINE_DECL bi_ptr bi_mod_si( bi_ptr result, const bi_ptr n, const long m) {
+ mpz_mod_ui( result, n, m);
+ return result;
+}
+
+/* res := <n> mod <m> */
+INLINE_DECL bi_ptr bi_mod( bi_ptr result, const bi_ptr n, const bi_ptr m) {
+ mpz_mod( result, n, m);
+ return result;
+}
+
+/* result := (inverse of <i>) mod <m> */
+/* if the inverse exist, return >0, otherwise 0 */
+INLINE_DECL int bi_invert_mod( bi_ptr result, const bi_ptr i, const bi_ptr m) {
+ return mpz_invert( result, i, m);
+}
+
+#endif /*BI_GMP_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi_openssl.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi_openssl.h
new file mode 100644
index 0000000..8bd3f1d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/bi_openssl.h
@@ -0,0 +1,352 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef BI_OPENSSL_
+#define BI_OPENSSL_
+
+#include <openssl/bn.h>
+#include <openssl/engine.h>
+
+typedef struct bignum_st bi_t[1];
+
+typedef struct bignum_st *bi_ptr;
+
+extern BN_CTX *context;
+
+
+INLINE_DECL bi_ptr bi_new(bi_ptr result) {
+ BN_init( result);
+ return result;
+}
+
+/* create a big integer pointer */
+INLINE_DECL bi_ptr bi_new_ptr(void) {
+ return BN_new();
+}
+
+/* free resources allocated to the big integer <i> */
+INLINE_DECL void bi_free(const bi_ptr i) {
+ BN_free( i);
+}
+
+/* free resources allocated to the big integer pointer <i> */
+INLINE_DECL void bi_free_ptr(const bi_ptr i) {
+ BN_free( i);
+}
+
+/* <result> := result++ */
+INLINE_DECL bi_ptr bi_inc(bi_ptr result) {
+ BN_add_word( result, 1);
+ return result;
+}
+
+/* <result> := result-- */
+INLINE_DECL bi_ptr bi_dec(bi_ptr result) {
+ BN_sub_word( result, 1);
+ return result;
+}
+
+/* return the current number of bits of the number */
+INLINE_DECL long bi_length( const bi_ptr res) {
+ return BN_num_bits( res);
+}
+
+/***********************************************************************************
+ BASIC MATH OPERATION
+*************************************************************************************/
+/* <result> := - <result> */
+INLINE_DECL bi_ptr bi_negate( bi_ptr result) {
+ BIGNUM *n = result;
+ n->neg = ( n->neg == 0 ? 1 : 0);
+ return result;
+}
+
+INLINE_DECL bi_ptr bi_mul_si( bi_ptr result, const bi_ptr i, const long n) {
+ BN_copy( result, i);
+ BN_mul_word( result, n);
+ return result;
+}
+
+/* <result> := <i> * <n> */
+INLINE_DECL bi_ptr bi_mul( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ BN_mul( result, i, n, context);
+ return result;
+}
+
+INLINE_DECL bi_ptr bi_add_si( bi_ptr result, const bi_ptr i, const long n) {
+ BN_copy( result, i);
+ BN_add_word( result, n);
+ return result;
+}
+
+/* <result> := <i> + <n> */
+INLINE_DECL bi_ptr bi_add( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ BN_add( result, i, n);
+ return result;
+}
+
+/* <result> := <i> - <n> */
+INLINE_DECL bi_ptr bi_sub_si( bi_ptr result, const bi_ptr i, const long n) {
+ // n should be unsigned
+ BN_copy( result, i); // result := i
+ BN_sub_word( result, n); // result := result - n
+ return result;
+}
+
+/* <result> := <i> - <n> */
+INLINE_DECL bi_ptr bi_sub( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ BN_sub( result, i, n);
+ return result;
+}
+
+/* <result> := ( <g> ^ <e> ) mod <m> */
+INLINE_DECL bi_ptr bi_mod_exp( bi_ptr result, const bi_ptr g, const bi_ptr e, const bi_ptr m) {
+ BN_mod_exp( result, g, e, m, context); // result := (g ^ e) mod bi_m
+ return result;
+}
+
+/* set <result> by the division of <i> by the long <n> */
+/* <result> := <i> / <n> */
+INLINE_DECL bi_ptr bi_div_si( bi_ptr result, const bi_ptr i, const long n) {
+ BN_copy( result, i);
+ BN_div_word( result, n);
+ return result;
+}
+
+/* <result> := <i> / <n> */
+INLINE_DECL bi_ptr bi_div( bi_ptr result, const bi_ptr i, const bi_ptr n) {
+ BN_div( result, NULL, i, n, context);
+ return result;
+}
+
+/***********************************************************************************
+ COMPARAISON
+*************************************************************************************/
+/* n1<n2 return negative value
+ * n1 = n2 return 0
+ * n1>n2 return positive value
+*/
+INLINE_DECL int bi_cmp( const bi_ptr n1, const bi_ptr n2) {
+ return BN_cmp( n1, n2);
+}
+
+/* n1<n2 return negative value
+ * n1 = n2 return 0
+ * n1>n2 return positive value
+*/
+INLINE_DECL int bi_cmp_si( const bi_ptr n1, const int n2) {
+ BIGNUM *temp = BN_new();
+ BN_set_word( temp, n2);
+ int res = BN_cmp( n1, temp);
+ BN_free( temp);
+ return res;
+}
+
+/* n1 == n2 return 1 (true)
+ * else return 0
+*/
+INLINE_DECL int bi_equals( const bi_ptr n1, const bi_ptr n2) {
+ return BN_cmp( n1, n2) == 0 ? 1 :0;
+}
+
+/* n1 == n2 return 1 (true)
+ * else return 0
+*/
+INLINE_DECL int bi_equals_si( const bi_ptr n1, const int n2) {
+ return BN_is_word( n1, n2);
+}
+
+/***********************************************************************************
+ CONVERSIONS
+*************************************************************************************/
+
+INLINE_DECL char *bi_2_hex_char(const bi_ptr i) {
+ char *result = BN_bn2hex( i);
+
+ if( result == NULL) {
+ return NULL;
+ }
+ list_add( allocs, result);
+ return result;
+}
+
+INLINE_DECL char *bi_2_dec_char(const bi_ptr i) {
+ char *result = BN_bn2dec( i);
+
+ if( result == NULL) {
+ return NULL;
+ }
+ list_add( allocs, result);
+ return result;
+}
+
+INLINE_DECL bi_ptr bi_set( bi_ptr result, const bi_ptr value) {
+ BN_copy( result, value);
+ return result;
+}
+
+INLINE_DECL bi_ptr bi_set_as_hex( bi_ptr result, const char *value) {
+ BN_hex2bn( &result, value);
+ return result;
+}
+
+INLINE_DECL bi_ptr bi_set_as_dec( bi_ptr result, const char *value) {
+ BN_dec2bn( &result, value);
+ return result;
+}
+
+/* set <i> with the value represented by unsigned int <value> */
+ /* <i> := <value> */
+INLINE_DECL bi_ptr bi_set_as_si( bi_ptr result, const int value) {
+ if( value < 0) {
+ BN_set_word( result, -value);
+ result->neg=1;
+ } else
+ BN_set_word( result, value);
+ return result;
+}
+
+/* return (long)bi_t */
+INLINE_DECL long bi_get_si(const bi_ptr i) {
+ long result = BN_get_word( i);
+
+ if( i->neg == 1) {
+ return -result;
+ }
+ return result;
+}
+
+/* return the size of a network byte order representation of <i> */
+INLINE_DECL long bi_nbin_size(const bi_ptr i) {
+ return BN_num_bytes( i);
+}
+
+/* return a BYTE * in network byte order - big endian - and update the length <length> */
+INLINE_DECL unsigned char *bi_2_nbin( int *length, const bi_ptr i) {
+ unsigned char *ret;
+
+ *length = BN_num_bytes( i);
+ ret = (unsigned char *)bi_alloc( *length * 2);
+ if( ret == NULL) return NULL;
+ BN_bn2bin( i, ret);
+ return ret;
+}
+
+/* return a BYTE * - in network byte order - and update the length <length> */
+/* different from bi_2_nbin: you should reserve enough memory for the storage */
+INLINE_DECL void bi_2_nbin1( int *length, unsigned char *buffer, const bi_ptr i) {
+ *length = BN_num_bytes( i);
+ BN_bn2bin( i, buffer);
+}
+
+/* return a bi_ptr that correspond to the big endian encoded BYTE array of length <n_length> */
+INLINE_DECL bi_ptr bi_set_as_nbin( const unsigned long length, const unsigned char *buffer) {
+ bi_ptr ret_bi = bi_new_ptr();
+
+ if( ret_bi == NULL) return NULL;
+ if( BN_bin2bn( buffer, length, ret_bi) == NULL) {
+ bi_free( ret_bi);
+ return NULL;
+ }
+ return ret_bi;
+}
+
+/* convert a bi to a openssl BIGNUM struct */
+INLINE_DECL BIGNUM *bi_2_BIGNUM( const bi_ptr i) {
+ return i;
+}
+
+/* set <i> with the value represented by the given openssl BIGNUM struct */
+INLINE_DECL bi_ptr bi_set_as_BIGNUM( bi_ptr i, BIGNUM *bn) {
+ return bi_set( i, bn);
+}
+
+/***********************************************************************************
+ BITS OPERATION
+*************************************************************************************/
+/* set the bit to 1 */
+INLINE_DECL bi_ptr bi_setbit(bi_ptr result, const int bit) {
+ BN_set_bit( result, bit);
+ return result;
+}
+
+/* <result> := <i> << <n> */
+INLINE_DECL bi_ptr bi_shift_left( bi_ptr result, const bi_ptr i, const int n) {
+ BN_lshift( result, i, n);
+ return result;
+}
+
+/* <result> := <i> >> <n> */
+INLINE_DECL bi_ptr bi_shift_right( bi_ptr result, const bi_ptr i, const int n) {
+ BN_rshift( result, i, n);
+ return result;
+}
+
+/* create a random of length <length> bits */
+/* res := random( length) */
+INLINE_DECL bi_ptr bi_urandom( bi_ptr result, const long length) {
+ /*
+ * <result> will be a generated cryptographically strong pseudo-random number of length
+ * <length>
+ */
+ BN_rand( result, length, -1, 0);
+ return result;
+}
+
+
+/* res := <n> mod <m> */
+INLINE_DECL bi_ptr bi_mod_si( bi_ptr result, const bi_ptr n, const long m) {
+ BIGNUM *mod = BN_new();
+ BN_set_word( mod, m);
+ BN_mod( result, n, mod, context);
+ BN_free( mod);
+ return result;
+}
+
+/* res := <n> mod <m> */
+INLINE_DECL bi_ptr bi_mod( bi_ptr result, const bi_ptr n, const bi_ptr m) {
+ BN_mod( result, n, m, context);
+ if( result->neg == 1) {
+ result->neg=0;
+ BN_sub( result, m, result);
+ }
+ return result;
+}
+
+/* result := (inverse of <i>) mod <m> */
+/* if the inverse exist, return >0, otherwise 0 */
+INLINE_DECL int bi_invert_mod( bi_ptr result, const bi_ptr i, const bi_ptr m) {
+ while( ERR_get_error() != 0);
+ BN_mod_inverse( result, i, m, context);
+ return ERR_get_error() == 0 ? 1 : 0;
+}
+
+/* generate a prime number of <length> bits */
+INLINE_DECL bi_ptr bi_generate_prime( bi_ptr result, const long bit_length) {
+ BN_generate_prime(result, bit_length, 0, NULL, NULL, NULL, NULL);
+ return result;
+}
+
+/* generate a safe prime number of <length> bits */
+/* by safe we mean a prime p so that (p-1)/2 is also prime */
+INLINE_DECL bi_ptr bi_generate_safe_prime( bi_ptr result, const long bit_length) {
+ BN_generate_prime(result, bit_length, 1, NULL, NULL, NULL, NULL);
+ return result;
+}
+
+/* return in <result> the greatest common divisor of <a> and <b> */
+/* <result> := gcd( <a>, <b>) */
+INLINE_DECL bi_ptr bi_gcd( bi_ptr result, bi_ptr a, bi_ptr b) {
+ BN_gcd( result, a, b, context);
+ return result;
+}
+
+
+#endif /*BI_OPENSSL_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/daa_parameter.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/daa_parameter.h
new file mode 100644
index 0000000..f1f3447
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/daa_parameter.h
@@ -0,0 +1,87 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef DAA_PARAMETER_H_
+#define DAA_PARAMETER_H_
+
+// for message digest
+//#include <openssl/evp.h>
+#include "trousers/tss.h"
+//#include "spi_internal_types.h"
+#include "spi_utils.h"
+
+#define DAA_PARAM_TSS_VERSION_LENGTH (4)
+static const BYTE DAA_PARAM_TSS_VERSION[] = { 1, 2, 0, 0 };
+
+#define DAA_PARAM_DEFAULT_CRYPTO_PROVIDER_NAME "BC"
+
+// Name of default hash function
+#define DAA_PARAM_MESSAGE_DIGEST_ALGORITHM "SHA1"
+
+// Name of hash function used independently in TSS
+#define DAA_PARAM_MESSAGE_DIGEST_ALGORITHM_TSS "SHA1"
+
+// l_n (bits)
+#define DAA_PARAM_SIZE_RSA_MODULUS (2048)
+
+// l_f (bits)
+#define DAA_PARAM_SIZE_F_I (104)
+
+// l_q (2 * SIZE_F_I)
+#define DAA_PARAM_SIZE_RHO (208)
+
+// l_e
+#define DAA_PARAM_SIZE_EXPONENT_CERTIFICATE (368)
+
+// lPrime_e
+#define DAA_PARAM_SIZE_INTERVAL_EXPONENT_CERTIFICATE (120)
+
+// l_zero
+#define DAA_PARAM_SAFETY_MARGIN (80)
+
+// Byte length of TPM message digest (sha-1)
+#define DAA_PARAM_LENGTH_MESSAGE_DIGEST (20)
+
+// Byte length of TSS message digest (sha-256)
+#define DAA_PARAM_LENGTH_MESSAGE_DIGEST_TSS (32)
+
+// l_H depends on the message digest algo
+#define DAA_PARAM_SIZE_MESSAGE_DIGEST (160)
+// 8 * LENGTH_MESSAGE_DIGEST;
+
+// l_GAMMA
+#define DAA_PARAM_SIZE_MODULUS_GAMMA (1632)
+
+#define DAA_PARAM_SIZE_SPLIT_EXPONENT (1024)
+
+// TPM asym key size (bits)
+#define DAA_PARAM_KEY_SIZE (2048)
+
+// Default RSA public key exponent (Fermat 4)
+#define DAA_PARAM_LENGTH_MFG1_ANONYMITY_REVOCATION (25)
+// (SIZE_RHO-1)/8;
+
+#define DAA_PARAM_LENGTH_MFG1_GAMMA (214)
+// (SIZE_MODULUS_GAMMA + SIZE_SAFETY_MARGIN)/8;
+
+#define DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE (2536)
+
+// (bits)
+#define DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES (DAA_PARAM_SIZE_F_I+DAA_PARAM_SAFETY_MARGIN+DAA_PARAM_SIZE_MESSAGE_DIGEST)
+
+#define TSS_FLAG_DAA_SIGN_IDENTITY_KEY 0
+#define TSS_FLAG_DAA_SIGN_MESSAGE_HASH 1
+
+
+extern EVP_MD *DAA_PARAM_get_message_digest(void);
+
+extern char *err_string(TSS_RESULT r);
+
+#endif /*DAA_PARAMETER_H_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/daa_structs.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/daa_structs.h
new file mode 100644
index 0000000..5b06762
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/daa_structs.h
@@ -0,0 +1,385 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef DAA_STRUCT_H_
+#define DAA_STRUCT_H_
+
+#include <string.h>
+#include <stdlib.h>
+#include <malloc.h>
+
+#include "tss/tcs.h"
+#include "bi.h"
+#include "arpa/inet.h"
+
+// for message digest
+#include <openssl/evp.h>
+
+#define init_tss_version(b) \
+do {\
+ (b)->versionInfo.bMajor = DAA_PARAM_TSS_VERSION[0];\
+ (b)->versionInfo.bMinor = DAA_PARAM_TSS_VERSION[1];\
+ (b)->versionInfo.bRevMajor = DAA_PARAM_TSS_VERSION[2];\
+ (b)->versionInfo.bRevMinor = DAA_PARAM_TSS_VERSION[3];\
+} while(0);
+
+BYTE *convert_alloc( TCS_CONTEXT_HANDLE tcsContext,
+ UINT32 length,
+ BYTE *source);
+
+BYTE *copy_alloc( TCS_CONTEXT_HANDLE tcsContext,
+ UINT32 length,
+ BYTE *source);
+
+void store_bi( UINT32 *length,
+ BYTE **buffer,
+ const bi_ptr i,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT object);
+
+/* length is in network format: big indian */
+void dump_field( int length, BYTE *buffer);
+
+/********************************************************************************************
+ TSS_DAA_ATTRIB_COMMIT
+ ********************************************************************************************/
+
+typedef struct tdTSS_DAA_ATTRIB_COMMIT_internal {
+ bi_ptr beta;
+ bi_ptr sMu;
+} TSS_DAA_ATTRIB_COMMIT_internal;
+
+TSS_DAA_ATTRIB_COMMIT_internal *create_TSS_DAA_ATTRIB_COMMIT( bi_ptr beta, bi_ptr sMu);
+
+/********************************************************************************************
+ * TSS_DAA_SELECTED_ATTRIB
+ * this struct is used internally and externally, only a call to internal_2_DAA_SELECTED_ATTRIB
+ * DAA_SELECTED_ATTRIB_2_internal will change the struct to be internal or external
+ ********************************************************************************************/
+
+void i_2_e_TSS_DAA_SELECTED_ATTRIB( TSS_DAA_SELECTED_ATTRIB *selected_attrib);
+
+void e_2_i_TSS_DAA_SELECTED_ATTRIB( TSS_DAA_SELECTED_ATTRIB *selected_attrib);
+
+/* work ONLY with internal format */
+BYTE *to_bytes_TSS_DAA_SELECTED_ATTRIB_internal( int *length, TSS_DAA_SELECTED_ATTRIB *selected_attrib);
+
+/*
+create a TSS_DAA_SELECTED_ATTRIB of length <length> with given selected attributes.
+example of selections of the second and third attributes upon 5:
+create_TSS_DAA_SELECTED_ATTRIB( &selected_attrib, 5, 0, 1, 1, 0, 0);
+*/
+void create_TSS_DAA_SELECTED_ATTRIB( TSS_DAA_SELECTED_ATTRIB *attrib, int length, ...);
+
+/********************************************************************************************
+ * DAA PRIVATE KEY
+ ********************************************************************************************/
+
+/**
+ * DAA private key. Contains p', q' and the product of it, where n = p*q, p =
+ * 2*p'+1 and q = 2*q'+1. n is part of the public key.
+ * (from com.ibm.zurich.tcg.daa.issuer.DAAPrivateKey.java)
+ */
+typedef struct {
+ bi_ptr p_prime;
+ bi_ptr q_prime;
+ bi_ptr productPQprime;
+} DAA_PRIVATE_KEY_internal;
+
+/**
+ * allocate: ret->p_prime
+ * ret->q_prime
+ * ret->productPQprime
+ */
+DAA_PRIVATE_KEY_internal *create_TSS_DAA_PRIVATE_KEY(
+ bi_ptr pPrime,
+ bi_ptr qPrime
+);
+#if 0
+int save_DAA_PRIVATE_KEY(
+ FILE *file,
+ const DAA_PRIVATE_KEY_internal *private_key
+);
+
+DAA_PRIVATE_KEY_internal *load_DAA_PRIVATE_KEY(
+ FILE *file
+);
+TSS_DAA_PRIVATE_KEY* i_2_e_TSS_DAA_PRIVATE_KEY(
+ DAA_PRIVATE_KEY_internal *private_key_internal,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT object
+);
+
+DAA_PRIVATE_KEY_internal *e_2_i_TSS_DAA_PRIVATE_KEY(
+ TSS_DAA_PRIVATE_KEY *private_key
+);
+
+#endif
+/********************************************************************************************
+ * TSS_DAA_PK
+ ********************************************************************************************/
+
+typedef struct tdTSS_DAA_PK_internal {
+ bi_ptr modulus;
+ bi_ptr capitalS;
+ bi_ptr capitalZ;
+ bi_ptr capitalR0;
+ bi_ptr capitalR1;
+ bi_ptr gamma;
+ bi_ptr capitalGamma;
+ bi_ptr rho;
+ bi_array_ptr capitalRReceiver;
+ bi_array_ptr capitalRIssuer;
+ bi_array_ptr capitalY;
+ int issuerBaseNameLength;
+ BYTE *issuerBaseName;
+ // capitalSprime calculated at each init of this structure as :
+ // (capitalS ^ ( 1 << DAA_PARAM_SIZE_SPLIT_EXPONENT)) % modulus
+ bi_ptr capitalSprime;
+} TSS_DAA_PK_internal;
+
+TSS_DAA_PK_internal *create_DAA_PK(
+ const bi_ptr modulus,
+ const bi_ptr capitalS,
+ const bi_ptr capitalZ,
+ const bi_ptr capitalR0,
+ const bi_ptr capitalR1,
+ const bi_ptr gamma,
+ const bi_ptr capitalGamma,
+ const bi_ptr rho,
+ const bi_array_ptr capitalRReceiver,
+ const bi_array_ptr capitalRIssuer,
+ int issuerBaseNameLength,
+ BYTE * const issuerBaseName);
+
+/*
+ * create anf feel a TSS_DAA_PK structures
+ */
+TSS_DAA_PK_internal *e_2_i_TSS_DAA_PK(
+ TSS_DAA_PK *pk
+);
+
+TSS_DAA_PK *i_2_e_TSS_DAA_PK(
+ TSS_DAA_PK_internal *pk_internal,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT param_alloc
+);
+#if 0
+
+/* moved to daa_debug.h */
+int save_DAA_PK_internal(
+ FILE *file,
+ const TSS_DAA_PK_internal *pk_internal
+);
+
+TSS_DAA_PK_internal *load_DAA_PK_internal(
+ FILE *file
+);
+
+#endif
+
+void dump_DAA_PK_internal(
+ char *name,
+ TSS_DAA_PK_internal *pk_internal
+);
+
+TPM_DAA_ISSUER *convert2issuer_settings(
+ TSS_DAA_PK_internal *pk_internal
+);
+
+void free_TSS_DAA_PK_internal(
+ TSS_DAA_PK_internal *pk_internal
+);
+
+void free_TSS_DAA_PK( TSS_DAA_PK *pk);
+
+BYTE *issuer_2_byte_array(
+ TPM_DAA_ISSUER *tpm_daa_issuer,
+ int *length
+);
+
+/********************************************************************************************
+ * TSS_DAA_PK_PROOF
+ ********************************************************************************************/
+
+typedef struct tdTSS_DAA_PK_PROOF_internal {
+ BYTE *challenge;
+ int length_challenge;
+ bi_array_ptr *response;
+ int length_response;
+} TSS_DAA_PK_PROOF_internal;
+
+TSS_DAA_PK_PROOF_internal *create_DAA_PK_PROOF(
+ BYTE* const challenge,
+ const int length_challenge,
+ bi_array_ptr *response,
+ int length_reponse);
+
+/*
+ * create anf feel a TSS_DAA_PK structures
+ */
+TSS_DAA_PK *TSS_convert_DAA_PK_PROOF(
+ TSS_DAA_PK_PROOF_internal *proof
+);
+#if 0
+int save_DAA_PK_PROOF_internal(
+ FILE *file,
+ TSS_DAA_PK_PROOF_internal *pk_internal
+);
+
+TSS_DAA_PK_PROOF_internal *load_DAA_PK_PROOF_internal(
+ FILE *file
+);
+#endif
+TSS_DAA_PK_PROOF_internal *e_2_i_TSS_DAA_PK_PROOF(
+ TSS_DAA_PK_PROOF *pk_proof
+);
+
+TSS_DAA_PK_PROOF *i_2_e_TSS_DAA_PK_PROOF(
+ TSS_DAA_PK_PROOF_internal*pk_internal_proof,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT param_alloc
+);
+
+/*
+ * Encode the DAA_PK like java.security.Key#getEncoded
+ */
+BYTE *encoded_DAA_PK_internal(
+ int *result_length,
+ const TSS_DAA_PK_internal *pk
+);
+
+/********************************************************************************************
+ * KEY PAIR WITH PROOF
+ ********************************************************************************************/
+
+typedef struct tdKEY_PAIR_WITH_PROOF_internal {
+ TSS_DAA_PK_internal *pk;
+ DAA_PRIVATE_KEY_internal *private_key;
+ TSS_DAA_PK_PROOF_internal *proof;
+} KEY_PAIR_WITH_PROOF_internal;
+
+#if 0
+
+/* moved to daa_debug.h */
+
+int save_KEY_PAIR_WITH_PROOF(
+ FILE *file,
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof
+);
+
+KEY_PAIR_WITH_PROOF_internal *load_KEY_PAIR_WITH_PROOF(
+ FILE *file
+);
+
+#endif
+
+TSS_DAA_KEY_PAIR *get_TSS_DAA_KEY_PAIR(
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT param_alloc
+);
+
+
+/********************************************************************************************
+ * TSS_DAA_PSEUDONYM_PLAIN
+ ********************************************************************************************/
+
+typedef struct {
+ bi_ptr nV;
+} TSS_DAA_PSEUDONYM_PLAIN_internal;
+
+TSS_DAA_PSEUDONYM_PLAIN_internal *create_TSS_DAA_PSEUDONYM_PLAIN(
+ bi_ptr nV
+);
+
+/********************************************************************************************
+ * TSS_DAA_PSEUDONYM_ENCRYPTED
+ ********************************************************************************************/
+
+typedef struct {
+ bi_ptr sTau;
+ struct tdCS_ENCRYPTION_RESULT *cs_enc_result;
+} TSS_DAA_PSEUDONYM_ENCRYPTED_internal;
+
+
+/********************************************************************************************
+ * TSS_DAA_SIGNATURE
+ ********************************************************************************************/
+
+typedef struct {
+ bi_ptr zeta;
+ bi_ptr capitalT;
+ int challenge_length;
+ BYTE *challenge;
+ int nonce_tpm_length;
+ BYTE *nonce_tpm;
+ bi_ptr sV;
+ bi_ptr sF0;
+ bi_ptr sF1;
+ bi_ptr sE;
+ int sA_length;
+ bi_array_ptr sA;
+} TSS_DAA_SIGNATURE_internal;
+
+TSS_DAA_SIGNATURE_internal *e_2_i_TSS_DAA_SIGNATURE(
+ TSS_DAA_SIGNATURE*signature
+);
+
+void free_TSS_DAA_SIGNATURE_internal(
+ TSS_DAA_SIGNATURE_internal *signature
+);
+
+/********************************************************************************************
+ * TSS_DAA_JOIN_ISSUER_SESSION
+ ********************************************************************************************/
+
+typedef struct td_TSS_DAA_JOIN_ISSUER_SESSION_internal {
+ TPM_DAA_ISSUER *issuerAuthKey;
+ TSS_DAA_PK_PROOF_internal *issuerKeyPair;
+ TSS_DAA_IDENTITY_PROOF *identityProof;
+ bi_ptr capitalUprime;
+ int daaCounter;
+ int nonceIssuerLength;
+ BYTE *nonceIssuer;
+ int nonceEncryptedLength;
+ BYTE *nonceEncrypted;
+} TSS_DAA_JOIN_ISSUER_SESSION_internal;
+
+
+/********************************************************************************************
+ TSS_DAA_CRED_ISSUER
+********************************************************************************************/
+#if 0
+TSS_DAA_CRED_ISSUER *load_TSS_DAA_CRED_ISSUER( FILE *file);
+
+int save_TSS_DAA_CRED_ISSUER( FILE *file, TSS_DAA_CRED_ISSUER *credential);
+
+#endif
+/********************************************************************************************
+ TSS_DAA_CREDENTIAL
+********************************************************************************************/
+#if 0
+TSS_DAA_CREDENTIAL *load_TSS_DAA_CREDENTIAL( FILE *file);
+
+int save_TSS_DAA_CREDENTIAL(
+ FILE *file,
+ TSS_DAA_CREDENTIAL *credential
+);
+
+#endif
+
+/********************************************************************************************
+ TPM_DAA_ISSUER
+********************************************************************************************/
+
+void free_TPM_DAA_ISSUER( TPM_DAA_ISSUER *tpm_daa_issuer);
+
+#endif /*DAA_STRUCT_H_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/issuer.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/issuer.h
new file mode 100644
index 0000000..59b6a71
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/issuer.h
@@ -0,0 +1,71 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006-2007
+ *
+ */
+#ifndef __ISSUER_H__
+#define __ISSUER_H__
+
+#include "daa/daa_structs.h"
+#include "daa/daa_parameter.h"
+#include "tsplog.h"
+
+
+TSS_RESULT
+generate_key_pair(int num_attributes_issuer,
+ int num_attributes_receiver,
+ int base_nameLength,
+ BYTE *base_name,
+ KEY_PAIR_WITH_PROOF_internal **key_pair_with_proof
+);
+
+TSS_DAA_PK_PROOF_internal *generate_proof(
+ const bi_ptr product_PQ_prime,
+ const TSS_DAA_PK_internal *public_key,
+ const bi_ptr xz,
+ const bi_ptr x0,
+ const bi_ptr x1,
+ bi_array_ptr x);
+
+#if 0
+TSPICALL
+Tspi_DAA_IssueInit_internal(
+ TSS_HDAA hDAA, // in
+ TSS_HKEY issuerAuthPK, // in
+ TSS_HKEY issuerKeyPair, // in
+ TSS_DAA_IDENTITY_PROOF identityProof, // in
+ UINT32 capitalUprimeLength, // in
+ BYTE* capitalUprime, // in
+ UINT32 daaCounter, // in
+ UINT32* nonceIssuerLength, // out
+ BYTE** nonceIssuer, // out
+ UINT32* authenticationChallengeLength, // out
+ BYTE** authenticationChallenge, // out
+ TSS_DAA_JOIN_ISSUER_SESSION* joinSession // out
+);
+
+TSPICALL
+Tspi_DAA_IssueCredential_internal(
+ TSS_HDAA hDAA, // in
+ UINT32 attributesIssuerLength, // in
+ BYTE** attributesIssuer, // in
+ TSS_DAA_CREDENTIAL_REQUEST credentialRequest, // in
+ TSS_DAA_JOIN_ISSUER_SESSION joinSession, // in
+ TSS_DAA_CRED_ISSUER* credIssuer // out
+);
+#endif
+TSS_RESULT
+compute_join_challenge_issuer( TSS_DAA_PK_internal *pk_intern,
+ bi_ptr v_prime_prime,
+ bi_ptr capitalA,
+ bi_ptr capital_Atilde,
+ UINT32 nonceReceiverLength,
+ BYTE *nonceReceiver,
+ UINT32 *c_primeLength,
+ BYTE **c_prime); // out allocation
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/key_correct.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/key_correct.h
new file mode 100644
index 0000000..a6ce7d9
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/key_correct.h
@@ -0,0 +1,31 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef KEY_CORRECT_H_
+#define KEY_CORRECT_H_
+
+#include "daa/daa_structs.h"
+#include "daa/daa_parameter.h"
+#include "tsplog.h"
+
+ /**
+ * Verifies if the parameters Z,R0,R1,RReceiver and RIssuer of the public key
+ * were correctly computed.
+ *
+ * @param pk
+ * the public key, which one wants to verfy.
+ */
+TSS_RESULT
+is_pk_correct( TSS_DAA_PK_internal *public_key,
+ TSS_DAA_PK_PROOF_internal *proof,
+ int *isCorrect
+);
+
+#endif /*KEY_CORRECTNESS_PROOF_H_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/list.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/list.h
new file mode 100644
index 0000000..27071d5
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/list.h
@@ -0,0 +1,40 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef LIST_H_
+#define LIST_H_
+
+/* simple linked list template */
+struct _list_t {
+ void *obj;
+ struct _list_t *next; // pointer to next node
+};
+
+typedef struct _list_t node_t; // each link is a list "node"
+
+typedef struct {
+ node_t *head; // pointer to first node
+ node_t *current;
+ node_t *previous;
+} list_struct;
+
+typedef list_struct* list_ptr;
+typedef list_struct list_t[1];
+
+
+list_ptr list_new();
+
+void list_add(list_ptr list, void * obj);
+
+void list_dump(list_ptr list);
+
+void list_freeall(list_ptr list);
+
+#endif /*LIST_H_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/platform.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/platform.h
new file mode 100644
index 0000000..e494742
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/platform.h
@@ -0,0 +1,115 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef PLATFORM_H_
+#define PLATFORM_H_
+
+#include "bi.h"
+#include "daa_structs.h"
+
+#if 0
+// for RSA key
+#include <openssl/rsa.h>
+
+TSPICALL
+Tspi_TPM_DAA_Sign_internal(TSS_HDAA hDAA, // in
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hDaaCredential, // in
+ TSS_DAA_SELECTED_ATTRIB revealAttributes, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ TSS_DAA_SIGN_DATA signData, // in
+ TSS_DAA_SIGNATURE* daaSignature // out
+);
+
+TSS_RESULT
+Tspi_TPM_DAA_JoinInit_internal(TSS_HDAA hDAA,
+ TSS_HTPM hTPM,
+ int daa_counter,
+ TSS_DAA_PK *issuer_pk,
+ int issuer_authentication_PKLengh,
+ RSA **issuer_authentication_PK,
+ int issuer_authentication_PK_signaturesLength,
+ BYTE **issuer_authentication_PK_signatures,
+ int *capital_UprimeLength,
+ BYTE **capital_Uprime,
+ TSS_DAA_IDENTITY_PROOF *identity_proof,
+ TSS_DAA_JOIN_SESSION *joinSession
+);
+
+TSPICALL Tspi_TPM_DAA_JoinCreateDaaPubKey_internal
+(
+ TSS_HDAA hDAA, // in
+ TSS_HTPM hTPM, // in
+ UINT32 authenticationChallengeLength, // in
+ BYTE* authenticationChallenge, // in
+ UINT32 nonceIssuerLength, // in
+ BYTE* nonceIssuer, // in
+ UINT32 attributesPlatformLength, // in
+ BYTE** attributesPlatform, // in
+ TSS_DAA_JOIN_SESSION* joinSession, // in, out
+ TSS_DAA_CREDENTIAL_REQUEST* credentialRequest // out
+);
+
+// allocation: endorsementKey as BYTE *
+TSS_RESULT get_public_EK(
+ TSS_HDAA hDAA,
+ UINT32 *endorsementKeyLength,
+ BYTE **endorsementKey
+);
+
+#endif
+
+TSS_RESULT
+compute_join_challenge_host(TSS_HDAA_CREDENTIAL,//TSS_HDAA hDAA,
+ TSS_DAA_PK_internal *pk_internal,
+ bi_ptr capitalU,
+ bi_ptr capital_Uprime,
+ bi_ptr capital_utilde,
+ bi_ptr capital_utilde_prime,
+ bi_ptr capital_ni,
+ bi_ptr capital_ni_tilde,
+ UINT32 commitments_proofLength,
+ TSS_DAA_ATTRIB_COMMIT_internal *
+ commitments_proof,
+ UINT32 nonceIssuerLength,
+ BYTE* nonceIssuer,
+ UINT32 *resultLength,
+ BYTE **result
+);
+
+#if 0
+
+TSPICALL
+Tspi_TPM_DAA_JoinStoreCredential_internal(TSS_HDAA hDAA, // in
+ TSS_HTPM hTPM, // in
+ TSS_DAA_CRED_ISSUER credIssuer, // in
+ TSS_DAA_JOIN_SESSION joinSession, // in
+ TSS_HKEY* hDaaCredential // out
+);
+
+TSPICALL
+Tspi_TPM_DAA_Sign_internal(TSS_HDAA hDAA, // in
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hDaaCredential, // in
+ TSS_DAA_SELECTED_ATTRIB revealAttributes, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ TSS_DAA_SIGN_DATA signData, // in
+ TSS_DAA_SIGNATURE* daaSignature // out
+);
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/verifier.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/verifier.h
new file mode 100644
index 0000000..f177948
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/daa/verifier.h
@@ -0,0 +1,110 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef VERIFIER_H_
+#define VERIFIER_H_
+
+#include "bi.h"
+#include "daa_structs.h"
+#include "anonymity_revocation.h"
+#include "daa_parameter.h"
+#include "tsplog.h"
+
+/*
+ * Transaction of a DAA Verifier to verify a signature (VerifierTransaction.java)
+ */
+typedef struct {
+ BYTE *baseName;
+ int baseName_length;
+ EVP_MD *digest;
+ BYTE *nonce;
+ int nonce_length;
+ int is_anonymity_revocation_enabled; // boolean
+ BYTE *anonymity_revocation_condition;
+ int anonymity_revocation_condition_length;
+ CS_PUBLIC_KEY *anonymity_revocator_pk;
+ // private TssDaaSelectedAttrib[] selectedAttributes2Commit;
+ TSS_DAA_SELECTED_ATTRIB **selected_attributes2commit;
+ int selected_attributes2commitLength;
+} DAA_VERIFIER_TRANSACTION;
+
+/* the return (BYTE *) should be free after usage */
+BYTE *compute_bytes( int seedLength, BYTE *seed, int length, const EVP_MD *digest);
+
+bi_ptr compute_zeta( int nameLength, unsigned char *name, TSS_DAA_PK_internal *issuer_pk);
+
+bi_ptr project_into_group_gamma( bi_ptr base, TSS_DAA_PK_internal *issuer_pk);
+#if 0
+TSPICALL Tspi_DAA_VerifyInit_internal
+(
+ TSS_HDAA hDAA, // in
+ UINT32* nonceVerifierLength, // out
+ BYTE** nonceVerifier, // out
+ UINT32 baseNameLength, // out
+ BYTE ** baseName // out
+);
+
+TSPICALL Tspi_DAA_VerifySignature_internal
+( TSS_HDAA hDAA, // in
+ TSS_DAA_SIGNATURE signature, // in
+ TSS_HKEY hPubKeyIssuer, // in
+ TSS_DAA_SIGN_DATA sign_data, // in
+ UINT32 attributes_length, // in
+ BYTE **attributes, // in
+ UINT32 nonce_verifierLength, // out
+ BYTE *nonce_verifier, // out
+ UINT32 base_nameLength, // out
+ BYTE *base_name, // out
+ TSS_BOOL *isCorrect // out
+);
+#else
+TSS_RESULT
+Tspi_DAA_VerifySignature
+(
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_HDAA_ARA_KEY hARAKey, // in
+ TSS_HHASH hARACondition, // in
+ UINT32 attributesLength, // in
+ UINT32 attributesLength2, // in
+ BYTE** attributes, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ TSS_HOBJECT signData, // in
+ TSS_DAA_SIGNATURE* daaSignature, // in
+ TSS_BOOL* isCorrect // out
+);
+
+#endif
+
+BYTE *compute_sign_challenge_host(
+ int *result_length,
+ EVP_MD *digest,
+ TSS_DAA_PK_internal *issuer_pk,
+ int nonce_verifierLength,
+ BYTE *nonce_verifier,
+ int selected_attributes2commitLength,
+ TSS_DAA_SELECTED_ATTRIB **selected_attributes2commit,
+ int is_anonymity_revocation_enabled,
+ bi_ptr zeta,
+ bi_ptr capital_t,
+ bi_ptr capital_tilde,
+ int attribute_commitmentsLength,
+ TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitments,
+ TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitment_proofs,
+ bi_ptr capital_nv,
+ bi_ptr capital_tilde_v,
+ CS_PUBLIC_KEY *anonymity_revocator_pk,
+ CS_ENCRYPTION_RESULT *encryption_result_rand,
+ CS_ENCRYPTION_RESULT *encryption_result_proof);
+
+#endif /*VERIFIER_H_*/
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/hosttable.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/hosttable.h
new file mode 100644
index 0000000..be5dd1c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/hosttable.h
@@ -0,0 +1,42 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#ifndef _HOSTTABLE_H_
+#define _HOSTTABLE_H_
+
+#include "rpc_tcstp.h"
+#include "threads.h"
+
+
+#define CONNECTION_TYPE_TCP_PERSISTANT 1
+
+struct host_table_entry {
+ struct host_table_entry *next;
+ TSS_HCONTEXT tspContext;
+ TCS_CONTEXT_HANDLE tcsContext;
+ BYTE *hostname;
+ int type;
+ int socket;
+ struct tcsd_comm_data comm;
+ MUTEX_DECLARE(lock);
+};
+
+struct host_table {
+ struct host_table_entry *entries;
+ MUTEX_DECLARE(lock);
+};
+
+struct host_table_entry *get_table_entry(TCS_CONTEXT_HANDLE);
+void put_table_entry(struct host_table_entry *);
+TSS_RESULT __tspi_add_table_entry(TSS_HCONTEXT, BYTE *, int, struct host_table_entry **);
+void remove_table_entry(TCS_CONTEXT_HANDLE);
+
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/imaem.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/imaem.h
new file mode 100644
index 0000000..1d12128
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/imaem.h
@@ -0,0 +1,35 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _IMAEM_H_
+#define _IMAEM_H_
+
+int ima_open(void *, FILE **);
+TSS_RESULT ima_get_entries_by_pcr(FILE *, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **);
+TSS_RESULT ima_get_entry(FILE *, UINT32, UINT32 *, TSS_PCR_EVENT **);
+int ima_close(FILE *);
+
+extern struct ext_log_source ima_source;
+
+/* 4 bytes binary [PCR value]
+ * 20 bytes binary [SHA1 value]
+ * 4 bytes binary [event type]
+ * 255 bytes of ascii (MAX) [event name]
+ * 1 byte -> '\0' [separator ]
+ */
+#define IMA_MIN_EVENT_SIZE 29
+#define IMA_MAX_EVENT_SIZE 284
+
+/* this should be large if we're reading out of /proc */
+#define IMA_READ_SIZE (4096 + IMA_MAX_EVENT_SIZE)
+
+#define EVLOG_SOURCE_IMA 1
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/linux/tpm.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/linux/tpm.h
new file mode 100644
index 0000000..ee32c4d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/linux/tpm.h
@@ -0,0 +1,41 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+/*
+ * include/linux/tpm.h
+ *
+ * Device driver for TCPA TPM (trusted platform module).
+ */
+#ifndef _TPM_H_
+#define _TPM_H_
+
+#if (defined (__linux) || defined (linux))
+#include <linux/ioctl.h>
+#elif (defined (__OpenBSD__) || defined (__FreeBSD__))
+#include <sys/ioctl.h>
+#endif
+
+/* ioctl commands */
+#define TPMIOC_CANCEL _IO('T', 0x00)
+#define TPMIOC_TRANSMIT _IO('T', 0x01)
+
+#if defined(__KERNEL__)
+extern ssize_t tpm_transmit(const char *buf, size_t bufsiz);
+extern ssize_t tpm_extend(int index, u8 *digest);
+extern ssize_t tpm_pcrread(int index, u8 *hash);
+extern ssize_t tpm_dirread(int index, u8 *hash);
+extern ssize_t tpm_cap_version(int *maj, int *min, int *ver, int *rev);
+extern ssize_t tpm_cap_pcr(int *pcrs);
+extern ssize_t tpm_cap_dir(int *dirs);
+extern ssize_t tpm_cap_manufacturer(int *manufacturer);
+extern ssize_t tpm_cap_slot(int *slots);
+#endif /* __KERNEL__ */
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/memmgr.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/memmgr.h
new file mode 100644
index 0000000..f78395f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/memmgr.h
@@ -0,0 +1,37 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _MEMMGR_H_
+#define _MEMMGR_H_
+
+/*
+ * For each TSP context, there is one memTable, which holds a list of memEntry's,
+ * each of which holds a pointer to some malloc'd memory that's been returned to
+ * the user. The memTable also can point to other memTable's which would be
+ * created if multiple TSP contexts were opened.
+ *
+ */
+
+struct memEntry {
+ void *memPointer;
+ struct memEntry *nextEntry;
+};
+
+struct memTable {
+ TSS_HCONTEXT tspContext;
+ struct memEntry *entries;
+ struct memTable *nextTable;
+};
+
+MUTEX_DECLARE_INIT(memtable_lock);
+
+struct memTable *SpiMemoryTable = NULL;
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj.h
new file mode 100644
index 0000000..109a1ae
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj.h
@@ -0,0 +1,92 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_H_
+#define _OBJ_H_
+
+#include "threads.h"
+
+/* definitions */
+
+/* When TRUE, the object has PCRs associated with it */
+#define TSS_OBJ_FLAG_PCRS 0x00000001
+/* When TRUE, the object has a usage auth secret associated with it */
+#define TSS_OBJ_FLAG_USAGEAUTH 0x00000002
+/* When TRUE, the object has a migration auth secret associated with it */
+#define TSS_OBJ_FLAG_MIGAUTH 0x00000004
+/* When TRUE, the object has previously been registered in USER PS */
+#define TSS_OBJ_FLAG_USER_PS 0x00000008
+/* When TRUE, the object has previously been registered in SYSTEM PS */
+#define TSS_OBJ_FLAG_SYSTEM_PS 0x00000010
+/* When TRUE, the key has been created and cannot be altered */
+#define TSS_OBJ_FLAG_KEY_SET 0x00000020
+
+/* structures */
+struct tsp_object {
+ UINT32 handle;
+ UINT32 tspContext;
+ TSS_FLAG flags;
+ void *data;
+ struct tsp_object *next;
+};
+
+struct obj_list {
+ struct tsp_object *head;
+ MUTEX_DECLARE(lock);
+};
+
+/* prototypes */
+TSS_RESULT obj_getTpmObject(UINT32, TSS_HOBJECT *);
+TSS_HOBJECT obj_GetPolicyOfObject(UINT32, UINT32);
+void __tspi_obj_list_init();
+TSS_HOBJECT obj_get_next_handle();
+TSS_RESULT obj_list_add(struct obj_list *, UINT32, TSS_FLAG, void *, TSS_HOBJECT *);
+TSS_RESULT obj_list_remove(struct obj_list *, void (*)(void *), TSS_HOBJECT, TSS_HCONTEXT);
+void obj_list_put(struct obj_list *);
+struct tsp_object *obj_list_get_obj(struct obj_list *, UINT32);
+struct tsp_object *obj_list_get_tspcontext(struct obj_list *, UINT32);
+void obj_list_close(struct obj_list *, void (*)(void *), TSS_HCONTEXT);
+void obj_connectContext(TSS_HCONTEXT, TCS_CONTEXT_HANDLE);
+void obj_close_context(TSS_HCONTEXT);
+void obj_lists_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT);
+
+/* prototypes for functions that may traverse more than one list */
+TSS_RESULT obj_tcskey_get_pubkeyhash(TCS_KEY_HANDLE, BYTE *);
+
+#include "obj_tpm.h"
+#include "obj_context.h"
+#include "obj_hash.h"
+#include "obj_pcrs.h"
+#include "obj_policy.h"
+#include "obj_rsakey.h"
+#include "obj_encdata.h"
+#include "obj_daacred.h"
+#include "obj_daaarakey.h"
+#include "obj_daaissuerkey.h"
+#include "obj_nv.h"
+#include "obj_delfamily.h"
+#include "obj_migdata.h"
+
+
+TPM_LIST_DECLARE_EXTERN;
+CONTEXT_LIST_DECLARE_EXTERN;
+HASH_LIST_DECLARE_EXTERN;
+PCRS_LIST_DECLARE_EXTERN;
+POLICY_LIST_DECLARE_EXTERN;
+RSAKEY_LIST_DECLARE_EXTERN;
+ENCDATA_LIST_DECLARE_EXTERN;
+DAACRED_LIST_DECLARE_EXTERN;
+DAAARAKEY_LIST_DECLARE_EXTERN;
+DAAISSUERKEY_LIST_DECLARE_EXTERN;
+NVSTORE_LIST_DECLARE_EXTERN;
+DELFAMILY_LIST_DECLARE_EXTERN;
+MIGDATA_LIST_DECLARE_EXTERN;
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_context.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_context.h
new file mode 100644
index 0000000..d864d11
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_context.h
@@ -0,0 +1,93 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_CONTEXT_H_
+#define _OBJ_CONTEXT_H_
+
+#define TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED 0x01
+#define TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT 0x02
+#define TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC 0x04
+#define TSS_CONTEXT_FLAGS_TRANSPORT_EXCLUSIVE 0x08
+#define TSS_CONTEXT_FLAGS_TRANSPORT_STATIC_AUTH 0x10
+#define TSS_CONTEXT_FLAGS_TRANSPORT_ESTABLISHED 0x20
+#define TSS_CONTEXT_FLAGS_TRANSPORT_MASK 0x3f
+
+#define TSS_CONTEXT_FLAGS_TPM_VERSION_1 0x40
+#define TSS_CONTEXT_FLAGS_TPM_VERSION_2 0x80
+#define TSS_CONTEXT_FLAGS_TPM_VERSION_MASK 0xc0
+
+/* structures */
+struct tr_context_obj {
+ TSS_FLAG silentMode, flags;
+ UINT32 hashMode;
+ TSS_HPOLICY policy;
+ BYTE *machineName;
+ UINT32 machineNameLength;
+ UINT32 connection_policy, current_connection;
+ struct tcs_api_table *tcs_api;
+#ifdef TSS_BUILD_TRANSPORT
+ /* transport session support */
+ TSS_HKEY transKey;
+ TPM_TRANSPORT_PUBLIC transPub;
+ TPM_MODIFIER_INDICATOR transMod;
+ TPM_TRANSPORT_AUTH transSecret;
+ TPM_AUTH transAuth;
+ TPM_TRANSPORT_LOG_IN transLogIn;
+ TPM_TRANSPORT_LOG_OUT transLogOut;
+ TPM_DIGEST transLogDigest;
+#endif
+};
+
+/* obj_context.c */
+void __tspi_obj_context_free(void *data);
+TSS_BOOL obj_is_context(TSS_HOBJECT);
+TSS_RESULT obj_context_get_policy(TSS_HCONTEXT, UINT32, TSS_HPOLICY *);
+TSS_BOOL obj_context_is_silent(TSS_HCONTEXT);
+TSS_RESULT obj_context_get_machine_name(TSS_HCONTEXT, UINT32 *, BYTE **);
+TSS_RESULT obj_context_get_machine_name_attrib(TSS_HCONTEXT, UINT32 *, BYTE **);
+TSS_RESULT obj_context_set_machine_name(TSS_HCONTEXT, BYTE *, UINT32);
+TSS_RESULT obj_context_add(TSS_HOBJECT *);
+TSS_RESULT obj_context_set_mode(TSS_HCONTEXT, UINT32);
+TSS_RESULT obj_context_get_mode(TSS_HCONTEXT, UINT32 *);
+TSS_BOOL obj_context_has_popups(TSS_HCONTEXT);
+TSS_RESULT obj_context_get_hash_mode(TSS_HCONTEXT, UINT32 *);
+TSS_RESULT obj_context_set_hash_mode(TSS_HCONTEXT, UINT32);
+TSS_RESULT obj_context_get_connection_version(TSS_HCONTEXT, UINT32 *);
+TSS_RESULT obj_context_set_connection_policy(TSS_HCONTEXT, UINT32);
+#ifdef TSS_BUILD_TRANSPORT
+TSS_RESULT obj_context_set_transport_key(TSS_HCONTEXT, TSS_HKEY);
+TSS_RESULT obj_context_transport_get_control(TSS_HCONTEXT, UINT32, UINT32 *);
+TSS_RESULT obj_context_transport_set_control(TSS_HCONTEXT, UINT32);
+TSS_RESULT obj_context_transport_get_mode(TSS_HCONTEXT, UINT32, UINT32 *);
+TSS_RESULT obj_context_transport_set_mode(TSS_HCONTEXT, UINT32);
+TSS_RESULT obj_context_transport_init(TSS_HCONTEXT);
+TSS_RESULT obj_context_transport_establish(TSS_HCONTEXT, struct tr_context_obj *);
+TSS_RESULT obj_context_transport_execute(TSS_HCONTEXT, TPM_COMMAND_CODE, UINT32, BYTE*, TPM_DIGEST*,
+ UINT32*, TCS_HANDLE**, TPM_AUTH*, TPM_AUTH*, UINT32*,
+ BYTE**);
+TSS_RESULT obj_context_transport_close(TSS_HCONTEXT, TSS_HKEY, TSS_HPOLICY, TSS_BOOL,
+ TPM_SIGN_INFO*, UINT32*, BYTE**);
+#endif
+TSS_RESULT obj_context_set_tpm_version(TSS_HCONTEXT, UINT32);
+TSS_RESULT obj_context_get_tpm_version(TSS_HCONTEXT, UINT32 *);
+TSS_RESULT obj_context_get_loadkey_ordinal(TSS_HCONTEXT, TPM_COMMAND_CODE *);
+void obj_context_close(TSS_HCONTEXT);
+
+struct tcs_api_table *obj_context_get_tcs_api(TSS_HCONTEXT);
+#define TCS_API(c) obj_context_get_tcs_api(c)
+
+
+#define CONTEXT_LIST_DECLARE struct obj_list context_list
+#define CONTEXT_LIST_DECLARE_EXTERN extern struct obj_list context_list
+#define CONTEXT_LIST_INIT() tspi_list_init(&context_list)
+#define CONTEXT_LIST_CONNECT(a,b) obj_connectContext_list(&context_list, a, b)
+#define CONTEXT_LIST_CLOSE(a) obj_list_close(&context_list, &__tspi_obj_context_free, a)
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daa.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daa.h
new file mode 100644
index 0000000..d25f7c7
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daa.h
@@ -0,0 +1,51 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_DAA_H_
+#define _OBJ_DAA_H_
+
+#ifdef TSS_BUILD_DAA
+
+/* structures */
+struct tr_daa_obj {
+ UINT32 session_handle; // set by [join|sign] stage 0.
+ TPM_HANDLE tpm_handle;
+};
+
+/* obj_daa.c */
+void daa_free(void *data);
+TSS_RESULT obj_daa_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject);
+TSS_RESULT obj_daa_remove(TSS_HOBJECT, TSS_HCONTEXT);
+TSS_BOOL obj_is_daa(TSS_HOBJECT);
+TSS_RESULT obj_daa_get_tsp_context(TSS_HDAA, TSS_HCONTEXT *);
+TSS_RESULT obj_daa_get_handle_tpm(TSS_HDAA, TPM_HANDLE *);
+TSS_RESULT obj_daa_set_handle_tpm(TSS_HDAA, TPM_HANDLE);
+TSS_RESULT obj_daa_get_session_handle(TSS_HDAA, UINT32 *);
+TSS_RESULT obj_daa_set_session_handle(TSS_HDAA, UINT32);
+
+#define DAA_LIST_DECLARE struct obj_list daa_list
+#define DAA_LIST_DECLARE_EXTERN extern struct obj_list daa_list
+#define DAA_LIST_INIT() tspi_list_init(&daa_list)
+#define DAA_LIST_CONNECT(a,b) obj_connectContext_list(&daa_list, a, b)
+#define DAA_LIST_CLOSE(a) obj_list_close(&daa_list, &daa_free, a)
+
+#else
+
+#define obj_is_daa(a) FALSE
+
+#define DAA_LIST_DECLARE
+#define DAA_LIST_DECLARE_EXTERN
+#define DAA_LIST_INIT()
+#define DAA_LIST_CONNECT(a,b)
+#define DAA_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daaarakey.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daaarakey.h
new file mode 100644
index 0000000..99e906d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daaarakey.h
@@ -0,0 +1,51 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_DAAARAKEY_H_
+#define _OBJ_DAAARAKEY_H_
+
+#ifdef TSS_BUILD_DAA
+
+/* structures */
+struct tr_daaarakey_obj {
+ UINT32 session_handle;
+ TPM_HANDLE tpm_handle;
+};
+
+/* prototypes */
+void daaarakey_free(void *data);
+TSS_RESULT obj_daaarakey_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject);
+TSS_RESULT obj_daaarakey_remove(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT);
+TSS_BOOL obj_is_daaarakey(TSS_HDAA_ISSUER_KEY);
+TSS_RESULT obj_daaarakey_get_tsp_context(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT *);
+TSS_RESULT obj_daaarakey_get_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE *);
+TSS_RESULT obj_daaarakey_set_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE);
+TSS_RESULT obj_daaarakey_get_session_handle(TSS_HDAA_ISSUER_KEY, UINT32 *);
+TSS_RESULT obj_daaarakey_set_session_handle(TSS_HDAA_ISSUER_KEY, UINT32);
+
+#define DAAARAKEY_LIST_DECLARE struct obj_list daaarakey_list
+#define DAAARAKEY_LIST_DECLARE_EXTERN extern struct obj_list daaarakey_list
+#define DAAARAKEY_LIST_INIT() tspi_list_init(&daaarakey_list)
+#define DAAARAKEY_LIST_CONNECT(a,b) obj_connectContext_list(&daaarakey_list, a, b)
+#define DAAARAKEY_LIST_CLOSE(a) obj_list_close(&daaarakey_list, &daaarakey_free, a)
+
+#else
+
+#define obj_is_daaarakey(a) FALSE
+
+#define DAAARAKEY_LIST_DECLARE
+#define DAAARAKEY_LIST_DECLARE_EXTERN
+#define DAAARAKEY_LIST_INIT()
+#define DAAARAKEY_LIST_CONNECT(a,b)
+#define DAAARAKEY_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daacred.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daacred.h
new file mode 100644
index 0000000..357a23e
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daacred.h
@@ -0,0 +1,51 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_DAACRED_H_
+#define _OBJ_DAACRED_H_
+
+#ifdef TSS_BUILD_DAA
+
+/* structures */
+struct tr_daacred_obj {
+ UINT32 session_handle; // set by [join|sign] stage 0.
+ TPM_HANDLE tpm_handle;
+};
+
+/* prototypes */
+void daacred_free(void *data);
+TSS_RESULT obj_daacred_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject);
+TSS_RESULT obj_daacred_remove(TSS_HDAA_CREDENTIAL, TSS_HCONTEXT);
+TSS_BOOL obj_is_daacred(TSS_HDAA_CREDENTIAL);
+TSS_RESULT obj_daacred_get_tsp_context(TSS_HDAA_CREDENTIAL, TSS_HCONTEXT *);
+TSS_RESULT obj_daacred_get_handle_tpm(TSS_HDAA_CREDENTIAL, TPM_HANDLE *);
+TSS_RESULT obj_daacred_set_handle_tpm(TSS_HDAA_CREDENTIAL, TPM_HANDLE);
+TSS_RESULT obj_daacred_get_session_handle(TSS_HDAA_CREDENTIAL, UINT32 *);
+TSS_RESULT obj_daacred_set_session_handle(TSS_HDAA_CREDENTIAL, UINT32);
+
+#define DAACRED_LIST_DECLARE struct obj_list daacred_list
+#define DAACRED_LIST_DECLARE_EXTERN extern struct obj_list daacred_list
+#define DAACRED_LIST_INIT() tspi_list_init(&daacred_list)
+#define DAACRED_LIST_CONNECT(a,b) obj_connectContext_list(&daacred_list, a, b)
+#define DAACRED_LIST_CLOSE(a) obj_list_close(&daacred_list, &daacred_free, a)
+
+#else
+
+#define obj_is_daacred(a) FALSE
+
+#define DAACRED_LIST_DECLARE
+#define DAACRED_LIST_DECLARE_EXTERN
+#define DAACRED_LIST_INIT()
+#define DAACRED_LIST_CONNECT(a,b)
+#define DAACRED_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daaissuerkey.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daaissuerkey.h
new file mode 100644
index 0000000..9eb69df
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_daaissuerkey.h
@@ -0,0 +1,52 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_DAAISSUERKEY_H_
+#define _OBJ_DAAISSUERKEY_H_
+
+#ifdef TSS_BUILD_DAA
+
+/* structures */
+struct tr_daaissuerkey_obj {
+ UINT32 session_handle;
+ TPM_HANDLE tpm_handle;
+};
+
+/* prototypes */
+void daaissuerkey_free(void *data);
+TSS_RESULT obj_daaissuerkey_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject);
+TSS_RESULT obj_daaissuerkey_remove(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT);
+TSS_BOOL obj_is_daaissuerkey(TSS_HDAA_ISSUER_KEY);
+TSS_RESULT obj_daaissuerkey_get_tsp_context(TSS_HDAA_ISSUER_KEY, TSS_HCONTEXT *);
+TSS_RESULT obj_daaissuerkey_get_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE *);
+TSS_RESULT obj_daaissuerkey_set_handle_tpm(TSS_HDAA_ISSUER_KEY, TPM_HANDLE);
+TSS_RESULT obj_daaissuerkey_get_session_handle(TSS_HDAA_ISSUER_KEY, UINT32 *);
+TSS_RESULT obj_daaissuerkey_set_session_handle(TSS_HDAA_ISSUER_KEY, UINT32);
+
+#define DAAISSUERKEY_LIST_DECLARE struct obj_list daaissuerkey_list
+#define DAAISSUERKEY_LIST_DECLARE_EXTERN extern struct obj_list daaissuerkey_list
+#define DAAISSUERKEY_LIST_INIT() tspi_list_init(&daaissuerkey_list)
+#define DAAISSUERKEY_LIST_CONNECT(a,b) obj_connectContext_list(&daaissuerkey_list, a, b)
+#define DAAISSUERKEY_LIST_CLOSE(a) obj_list_close(&daaissuerkey_list, \
+ &daaissuerkey_free, a)
+
+#else
+
+#define obj_is_daaissuerkey(a) FALSE
+
+#define DAAISSUERKEY_LIST_DECLARE
+#define DAAISSUERKEY_LIST_DECLARE_EXTERN
+#define DAAISSUERKEY_LIST_INIT()
+#define DAAISSUERKEY_LIST_CONNECT(a,b)
+#define DAAISSUERKEY_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_delfamily.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_delfamily.h
new file mode 100644
index 0000000..4c91a84
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_delfamily.h
@@ -0,0 +1,64 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#ifndef _OBJ_DELFAMILY_H_
+#define _OBJ_DELFAMILY_H_
+
+#ifdef TSS_BUILD_DELEGATION
+
+#define TSS_DELFAMILY_FLAGS_STATE_ENABLED (((UINT32)1)<<0)
+#define TSS_DELFAMILY_FLAGS_STATE_LOCKED (((UINT32)1)<<1)
+
+/* structures */
+struct tr_delfamily_obj {
+ UINT32 stateFlags;
+ UINT32 verCount;
+ UINT32 familyID;
+ BYTE label;
+};
+
+/* obj_delfamily.c */
+void delfamily_free(void *data);
+TSS_BOOL obj_is_delfamily(TSS_HOBJECT);
+TSS_RESULT obj_delfamily_add(TSS_HCONTEXT, TSS_HOBJECT *);
+TSS_RESULT obj_delfamily_remove(TSS_HDELFAMILY, TSS_HOBJECT);
+void obj_delfamily_find_by_familyid(TSS_HOBJECT, UINT32, TSS_HDELFAMILY *);
+TSS_RESULT obj_delfamily_get_tsp_context(TSS_HDELFAMILY, TSS_HCONTEXT *);
+TSS_RESULT obj_delfamily_set_locked(TSS_HDELFAMILY, TSS_BOOL, TSS_BOOL);
+TSS_RESULT obj_delfamily_get_locked(TSS_HDELFAMILY, TSS_BOOL *);
+TSS_RESULT obj_delfamily_set_enabled(TSS_HDELFAMILY, TSS_BOOL, TSS_BOOL);
+TSS_RESULT obj_delfamily_get_enabled(TSS_HDELFAMILY, TSS_BOOL *);
+TSS_RESULT obj_delfamily_set_vercount(TSS_HDELFAMILY, UINT32);
+TSS_RESULT obj_delfamily_get_vercount(TSS_HDELFAMILY, UINT32 *);
+TSS_RESULT obj_delfamily_set_familyid(TSS_HDELFAMILY, UINT32);
+TSS_RESULT obj_delfamily_get_familyid(TSS_HDELFAMILY, UINT32 *);
+TSS_RESULT obj_delfamily_set_label(TSS_HDELFAMILY, BYTE);
+TSS_RESULT obj_delfamily_get_label(TSS_HDELFAMILY, BYTE *);
+
+
+#define DELFAMILY_LIST_DECLARE struct obj_list delfamily_list
+#define DELFAMILY_LIST_DECLARE_EXTERN extern struct obj_list delfamily_list
+#define DELFAMILY_LIST_INIT() tspi_list_init(&delfamily_list)
+#define DELFAMILY_LIST_CONNECT(a,b) obj_connectContext_list(&delfamily_list, a, b)
+#define DELFAMILY_LIST_CLOSE(a) obj_list_close(&delfamily_list, &delfamily_free, a)
+
+#else
+
+#define obj_is_delfamily(a) FALSE
+
+#define DELFAMILY_LIST_DECLARE
+#define DELFAMILY_LIST_DECLARE_EXTERN
+#define DELFAMILY_LIST_INIT()
+#define DELFAMILY_LIST_CONNECT(a,b)
+#define DELFAMILY_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_encdata.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_encdata.h
new file mode 100644
index 0000000..ad7f28c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_encdata.h
@@ -0,0 +1,71 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_ENCDATA_H_
+#define _OBJ_ENCDATA_H_
+
+#ifdef TSS_BUILD_ENCDATA_LIST
+
+/* structures */
+struct tr_encdata_obj {
+ TSS_HPOLICY usagePolicy;
+ UINT32 encryptedDataLength;
+ BYTE *encryptedData;
+ union {
+ TPM_PCR_INFO info11;
+ TPM_PCR_INFO_LONG infolong;
+ } pcrInfo;
+ UINT32 pcrInfoType;
+ UINT32 type;
+#ifdef TSS_BUILD_SEALX
+ UINT32 protectMode;
+#endif
+};
+
+/* obj_encdata.c */
+void encdata_free(void *data);
+TSS_BOOL obj_is_encdata(TSS_HOBJECT);
+TSS_RESULT obj_encdata_set_policy(TSS_HKEY, TSS_HPOLICY);
+TSS_RESULT obj_encdata_set_data(TSS_HENCDATA, UINT32, BYTE *);
+TSS_RESULT obj_encdata_remove(TSS_HOBJECT, TSS_HCONTEXT);
+TSS_RESULT obj_encdata_get_tsp_context(TSS_HENCDATA, TSS_HCONTEXT *);
+TSS_RESULT obj_encdata_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *);
+TSS_RESULT obj_encdata_get_data(TSS_HENCDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_encdata_get_pcr_selection(TSS_HENCDATA, TSS_FLAG, TSS_FLAG, UINT32 *, BYTE **);
+TSS_RESULT obj_encdata_get_pcr_locality(TSS_HENCDATA, TSS_FLAG, UINT32 *);
+TSS_RESULT obj_encdata_get_pcr_digest(TSS_HENCDATA, TSS_FLAG, TSS_FLAG, UINT32 *, BYTE **);
+TSS_RESULT obj_encdata_set_pcr_info(TSS_HENCDATA, UINT32, BYTE *);
+TSS_RESULT obj_encdata_get_policy(TSS_HENCDATA, UINT32, TSS_HPOLICY *);
+void obj_encdata_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT);
+#ifdef TSS_BUILD_SEALX
+TSS_RESULT obj_encdata_set_seal_protect_mode(TSS_HENCDATA, UINT32);
+TSS_RESULT obj_encdata_get_seal_protect_mode(TSS_HENCDATA, UINT32 *);
+#endif
+
+
+#define ENCDATA_LIST_DECLARE struct obj_list encdata_list
+#define ENCDATA_LIST_DECLARE_EXTERN extern struct obj_list encdata_list
+#define ENCDATA_LIST_INIT() tspi_list_init(&encdata_list)
+#define ENCDATA_LIST_CONNECT(a,b) obj_connectContext_list(&encdata_list, a, b)
+#define ENCDATA_LIST_CLOSE(a) obj_list_close(&encdata_list, &encdata_free, a)
+
+#else
+
+#define obj_is_encdata(a) FALSE
+
+#define ENCDATA_LIST_DECLARE
+#define ENCDATA_LIST_DECLARE_EXTERN
+#define ENCDATA_LIST_INIT()
+#define ENCDATA_LIST_CONNECT(a,b)
+#define ENCDATA_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_hash.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_hash.h
new file mode 100644
index 0000000..d621138
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_hash.h
@@ -0,0 +1,53 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_HASH_H_
+#define _OBJ_HASH_H_
+
+#ifdef TSS_BUILD_HASH_LIST
+
+/* structures */
+struct tr_hash_obj {
+ UINT32 type;
+ BYTE *hashData;
+ UINT32 hashSize;
+ UINT32 hashUpdateSize;
+ BYTE *hashUpdateBuffer;
+};
+
+/* obj_hash.c */
+void __tspi_hash_free(void *data);
+TSS_RESULT obj_hash_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *);
+TSS_BOOL obj_is_hash(TSS_HOBJECT);
+TSS_RESULT obj_hash_remove(TSS_HOBJECT, TSS_HCONTEXT);
+TSS_RESULT obj_hash_get_tsp_context(TSS_HHASH, TSS_HCONTEXT *);
+TSS_RESULT obj_hash_set_value(TSS_HHASH, UINT32, BYTE *);
+TSS_RESULT obj_hash_get_value(TSS_HHASH, UINT32 *, BYTE **);
+TSS_RESULT obj_hash_update_value(TSS_HHASH, UINT32, BYTE *);
+
+#define HASH_LIST_DECLARE struct obj_list hash_list
+#define HASH_LIST_DECLARE_EXTERN extern struct obj_list hash_list
+#define HASH_LIST_INIT() tspi_list_init(&hash_list)
+#define HASH_LIST_CONNECT(a,b) obj_connectContext_list(&hash_list, a, b)
+#define HASH_LIST_CLOSE(a) obj_list_close(&hash_list, &__tspi_hash_free, a)
+
+#else
+
+#define obj_is_hash(a) FALSE
+
+#define HASH_LIST_DECLARE
+#define HASH_LIST_DECLARE_EXTERN
+#define HASH_LIST_INIT()
+#define HASH_LIST_CONNECT(a,b)
+#define HASH_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_migdata.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_migdata.h
new file mode 100644
index 0000000..d082aea
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_migdata.h
@@ -0,0 +1,137 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#ifndef _OBJ_MIGDATA_H_
+#define _OBJ_MIGDATA_H_
+
+#ifdef TSS_BUILD_CMK
+
+/* structures */
+struct tr_migdata_obj {
+ /* TSS_MIGATTRIB_MIGRATIONTICKET (from AuthorizeMigrationTicket) */
+ UINT32 migTicketSize;
+ BYTE *migTicket;
+
+ /* TSS_MIGATTRIB_AUTHORITY_DATA/TSS_MIGATTRIB_AUTHORITY_MSALIST
+ - Recalculate the msaDigest
+ or
+ TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_MSALIST_PUBKEY_BLOB
+ - Create a digest from the pubkey blob and append to the list
+ - Recalculate the msaDigest */
+ TPM_MSA_COMPOSITE msaList;
+ /* TSS_MIGATTRIB_AUTHORITY_DATA/TSS_MIGATTRIB_AUTHORITY_DIGEST */
+ TPM_DIGEST msaDigest;
+ /* TSS_MIGATTRIB_AUTHORITY_DATA/TSS_MIGATTRIB_AUTHORITY_APPROVAL_HMAC */
+ TPM_HMAC msaHmac;
+
+ /* TSS_MIGATTRIB_MIG_AUTH_DATA/TSS_MIGATTRIB_MIG_AUTH_AUTHORITY_DIGEST
+ or
+ TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_AUTHORITY_PUBKEY_BLOB
+ - Create a digest from the pubkey blob */
+ TPM_DIGEST maDigest;
+ /* TSS_MIGATTRIB_MIG_AUTH_DATA/TSS_MIGATTRIB_MIG_AUTH_DESTINATION_DIGEST
+ or
+ TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_DESTINATION_PUBKEY_BLOB
+ - Create a digest from the pubkey blob */
+ TPM_DIGEST destDigest;
+ /* TSS_MIGATTRIB_MIG_AUTH_DATA/TSS_MIGATTRIB_MIG_AUTH_SOURCE_DIGEST
+ or
+ TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIG_SOURCE_PUBKEY_BLOB
+ - Create a digest from the pubkey blob */
+ TPM_DIGEST srcDigest;
+
+ /* TSS_MIGATTRIB_TICKET_DATA/TSS_MIGATTRIB_TICKET_SIG_DIGEST */
+ TPM_DIGEST sigData;
+ /* TSS_MIGATTRIB_TICKET_DATA/TSS_MIGATTRIB_TICKET_SIG_VALUE */
+ UINT32 sigValueSize;
+ BYTE *sigValue;
+ /* TSS_MIGATTRIB_TICKET_DATA/TSS_MIGATTRIB_TICKET_SIG_TICKET */
+ TPM_HMAC sigTicket;
+
+ /* TSS_MIGATTRIB_MIGRATIONBLOB/TSS_MIGATTRIB_MIGRATION_XOR_BLOB */
+ UINT32 blobSize;
+ BYTE *blob;
+};
+
+/* obj_migdata.c */
+void migdata_free(void *data);
+TSS_BOOL obj_is_migdata(TSS_HOBJECT);
+TSS_RESULT obj_migdata_add(TSS_HCONTEXT, TSS_HOBJECT *);
+TSS_RESULT obj_migdata_remove(TSS_HMIGDATA, TSS_HOBJECT);
+TSS_RESULT obj_migdata_get_tsp_context(TSS_HMIGDATA, TSS_HCONTEXT *);
+
+TSS_RESULT obj_migdata_set_migrationblob(TSS_HMIGDATA, UINT32, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_migrationblob(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_authoritydata(TSS_HMIGDATA, UINT32, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_authoritydata(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_migauthdata(TSS_HMIGDATA, UINT32, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_migauthdata(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_ticketdata(TSS_HMIGDATA, UINT32, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_ticketdata(TSS_HMIGDATA, UINT32, UINT32 *, BYTE **);
+
+TSS_RESULT obj_migdata_set_ticket_blob(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_ticket_blob(TSS_HMIGDATA, UINT32 *, BYTE **);
+
+TSS_RESULT obj_migdata_set_msa_list(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_msa_list(TSS_HMIGDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_msa_pubkey(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_set_msa_digest(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_msa_digest(TSS_HMIGDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_get_msa_list_blob(TSS_HMIGDATA, UINT32 *, BYTE **);
+
+TSS_RESULT obj_migdata_set_msa_hmac(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_msa_hmac(TSS_HMIGDATA, UINT32 *, BYTE **);
+
+TSS_RESULT obj_migdata_set_ma_pubkey(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_set_ma_digest(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_ma_digest(TSS_HMIGDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_dest_pubkey(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_set_dest_digest(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_dest_digest(TSS_HMIGDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_src_pubkey(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_set_src_digest(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_src_digest(TSS_HMIGDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_cmk_auth(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_cmk_auth(TSS_HMIGDATA, TPM_CMK_AUTH *);
+TSS_RESULT obj_migdata_get_cmk_auth_blob(TSS_HMIGDATA, UINT32 *, BYTE **);
+
+TSS_RESULT obj_migdata_set_sig_data(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_sig_data(TSS_HMIGDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_sig_value(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_sig_value(TSS_HMIGDATA, UINT32 *, BYTE **);
+TSS_RESULT obj_migdata_set_sig_ticket(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_sig_ticket(TSS_HMIGDATA, UINT32 *, BYTE **);
+
+TSS_RESULT obj_migdata_set_blob(TSS_HMIGDATA, UINT32, BYTE *);
+TSS_RESULT obj_migdata_get_blob(TSS_HMIGDATA, UINT32 *, BYTE **);
+
+TSS_RESULT obj_migdata_calc_pubkey_digest(UINT32, BYTE *, TPM_DIGEST *);
+TSS_RESULT obj_migdata_calc_msa_digest(struct tr_migdata_obj *);
+TSS_RESULT obj_migdata_calc_sig_data_digest(struct tr_migdata_obj *);
+
+#define MIGDATA_LIST_DECLARE struct obj_list migdata_list
+#define MIGDATA_LIST_DECLARE_EXTERN extern struct obj_list migdata_list
+#define MIGDATA_LIST_INIT() tspi_list_init(&migdata_list)
+#define MIGDATA_LIST_CONNECT(a,b) obj_connectContext_list(&migdata_list, a, b)
+#define MIGDATA_LIST_CLOSE(a) obj_list_close(&migdata_list, &migdata_free, a)
+
+#else
+
+#define obj_is_migdata(a) FALSE
+
+#define MIGDATA_LIST_DECLARE
+#define MIGDATA_LIST_DECLARE_EXTERN
+#define MIGDATA_LIST_INIT()
+#define MIGDATA_LIST_CONNECT(a,b)
+#define MIGDATA_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_nv.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_nv.h
new file mode 100644
index 0000000..088b999
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_nv.h
@@ -0,0 +1,82 @@
+/*
+ * The Initial Developer of the Original Code is Intel Corporation.
+ * Portions created by Intel Corporation are Copyright (C) 2007 Intel Corporation.
+ * All Rights Reserved.
+ * trousers - An open source TCG Software Stack
+ *
+ * Author: [email protected] [email protected]
+ *
+ */
+
+#ifndef _OBJ_NVSTORE_H_
+#define _OBJ_NVSTORE_H_
+
+#ifdef TSS_BUILD_NV
+
+#define MAX_PUBLIC_DATA_SIZE 1024
+#define TSS_LOCALITY_MASK 0x1f
+
+typedef struct objNV_DATA_PUBLIC
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_INDEX nvIndex;
+ TPM_NV_ATTRIBUTES permission;
+ TPM_BOOL bReadSTClear;
+ TPM_BOOL bWriteSTClear;
+ TPM_BOOL bWriteDefine;
+ UINT32 dataSize;
+}NV_DATA_PUBLIC;
+
+/* structures */
+struct tr_nvstore_obj {
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_INDEX nvIndex;
+ TPM_NV_ATTRIBUTES permission;
+ TPM_BOOL bReadSTClear;
+ TPM_BOOL bWriteSTClear;
+ TPM_BOOL bWriteDefine;
+ UINT32 dataSize;
+ TSS_HPOLICY policy;
+};
+
+/* obj_nv.c */
+void nvstore_free(void *data);
+TSS_RESULT obj_nvstore_add(TSS_HCONTEXT, TSS_HOBJECT *);
+TSS_BOOL obj_is_nvstore(TSS_HOBJECT tspContext);
+TSS_RESULT obj_nvstore_remove(TSS_HOBJECT, TSS_HCONTEXT);
+TSS_RESULT obj_nvstore_get_tsp_context(TSS_HNVSTORE, TSS_HCONTEXT *);
+TSS_RESULT obj_nvstore_set_index(TSS_HNVSTORE, UINT32);
+TSS_RESULT obj_nvstore_get_index(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_set_datasize(TSS_HNVSTORE, UINT32);
+TSS_RESULT obj_nvstore_get_datasize(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_set_permission(TSS_HNVSTORE, UINT32);
+TSS_RESULT obj_nvstore_get_permission_from_tpm(TSS_HNVSTORE hNvstore, UINT32 * permission);
+TSS_RESULT obj_nvstore_get_permission(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_set_policy(TSS_HNVSTORE, TSS_HPOLICY);
+TSS_RESULT obj_nvstore_get_policy(TSS_HNVSTORE, UINT32, TSS_HPOLICY *);
+TSS_RESULT obj_nvstore_get_datapublic(TSS_HNVSTORE, UINT32 *, BYTE *);
+TSS_RESULT obj_nvstore_get_readdigestatrelease(TSS_HNVSTORE, UINT32 *, BYTE **);
+TSS_RESULT obj_nvstore_get_readpcrselection(TSS_HNVSTORE, UINT32 *, BYTE **);
+TSS_RESULT obj_nvstore_get_writedigestatrelease(TSS_HNVSTORE, UINT32 *, BYTE **);
+TSS_RESULT obj_nvstore_get_writepcrselection(TSS_HNVSTORE, UINT32 *, BYTE **);
+TSS_RESULT obj_nvstore_get_state_readstclear(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_get_state_writedefine(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_get_state_writestclear(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_get_readlocalityatrelease(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_get_writelocalityatrelease(TSS_HNVSTORE, UINT32 *);
+TSS_RESULT obj_nvstore_create_pcrshortinfo(TSS_HNVSTORE, TSS_HPCRS, UINT32 *, BYTE **);
+
+#define NVSTORE_LIST_DECLARE struct obj_list nvstore_list
+#define NVSTORE_LIST_DECLARE_EXTERN extern struct obj_list nvstore_list
+#define NVSTORE_LIST_INIT() tspi_list_init(&nvstore_list)
+#define NVSTORE_LIST_CONNECT(a,b) obj_connectContext_list(&nvstore_list, a, b)
+#define NVSTORE_LIST_CLOSE(a) obj_list_close(&nvstore_list, &nvstore_free, a)
+#else
+#define NVSTORE_LIST_DECLARE
+#define NVSTORE_LIST_DECLARE_EXTERN
+#define NVSTORE_LIST_INIT()
+#define NVSTORE_LIST_CONNECT(a,b)
+#define NVSTORE_LIST_CLOSE(a)
+#endif
+#endif
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_pcrs.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_pcrs.h
new file mode 100644
index 0000000..44981b1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_pcrs.h
@@ -0,0 +1,67 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_PCRS_H_
+#define _OBJ_PCRS_H_
+
+#ifdef TSS_BUILD_PCRS_LIST
+
+/* structures */
+struct tr_pcrs_obj {
+ UINT32 type;
+ union {
+ TPM_PCR_INFO info11;
+ TPM_PCR_INFO_SHORT infoshort;
+ TPM_PCR_INFO_LONG infolong;
+ } info;
+ TPM_PCRVALUE *pcrs;
+};
+
+/* obj_pcrs.c */
+void pcrs_free(void *data);
+TSS_BOOL obj_is_pcrs(TSS_HOBJECT);
+TSS_RESULT obj_pcrs_get_tsp_context(TSS_HPCRS, TSS_HCONTEXT *);
+TSS_RESULT obj_pcrs_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *);
+TSS_RESULT obj_pcrs_remove(TSS_HOBJECT, TSS_HCONTEXT);
+TSS_RESULT obj_pcrs_get_type(TSS_HPCRS, UINT32 *);
+TSS_RESULT obj_pcrs_select_index(TSS_HPCRS, UINT32);
+TSS_RESULT obj_pcrs_select_index_ex(TSS_HPCRS, UINT32, UINT32);
+TSS_RESULT obj_pcrs_get_value(TSS_HPCRS, UINT32, UINT32 *, BYTE **);
+TSS_RESULT obj_pcrs_set_value(TSS_HPCRS, UINT32, UINT32, BYTE *);
+TSS_RESULT obj_pcrs_set_values(TSS_HPCRS hPcrs, TCPA_PCR_COMPOSITE *);
+TSS_RESULT obj_pcrs_get_selection(TSS_HPCRS, UINT32 *, BYTE *);
+TSS_RESULT obj_pcrs_get_digest_at_release(TSS_HPCRS, UINT32 *, BYTE **);
+TSS_RESULT obj_pcrs_set_digest_at_release(TSS_HPCRS, TPM_COMPOSITE_HASH);
+TSS_RESULT obj_pcrs_create_info_type(TSS_HPCRS, UINT32 *, UINT32 *, BYTE **);
+TSS_RESULT obj_pcrs_create_info(TSS_HPCRS, UINT32 *, BYTE **);
+TSS_RESULT obj_pcrs_create_info_long(TSS_HPCRS, UINT32 *, BYTE **);
+TSS_RESULT obj_pcrs_create_info_short(TSS_HPCRS, UINT32 *, BYTE **);
+TSS_RESULT obj_pcrs_get_locality(TSS_HPCRS, UINT32 *);
+TSS_RESULT obj_pcrs_set_locality(TSS_HPCRS, UINT32);
+
+#define PCRS_LIST_DECLARE struct obj_list pcrs_list
+#define PCRS_LIST_DECLARE_EXTERN extern struct obj_list pcrs_list
+#define PCRS_LIST_INIT() tspi_list_init(&pcrs_list)
+#define PCRS_LIST_CONNECT(a,b) obj_connectContext_list(&pcrs_list, a, b)
+#define PCRS_LIST_CLOSE(a) obj_list_close(&pcrs_list, &pcrs_free, a)
+
+#else
+
+#define obj_is_pcrs(a) FALSE
+
+#define PCRS_LIST_DECLARE
+#define PCRS_LIST_DECLARE_EXTERN
+#define PCRS_LIST_INIT()
+#define PCRS_LIST_CONNECT(a,b)
+#define PCRS_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_policy.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_policy.h
new file mode 100644
index 0000000..d42cc41
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_policy.h
@@ -0,0 +1,185 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_POLICY_H_
+#define _OBJ_POLICY_H_
+
+/* structures */
+struct tr_policy_obj {
+ BYTE SecretLifetime;
+ TSS_BOOL SecretSet;
+ UINT32 SecretMode;
+ UINT32 SecretCounter;
+ UINT32 SecretTimeStamp;
+ UINT32 SecretSize;
+ BYTE Secret[20];
+ UINT32 type;
+ BYTE *popupString;
+ UINT32 popupStringLength;
+ UINT32 hashMode;
+ TSS_ALGORITHM_ID hmacAlg;
+ TSS_ALGORITHM_ID xorAlg;
+ TSS_ALGORITHM_ID takeownerAlg;
+ TSS_ALGORITHM_ID changeauthAlg;
+#ifdef TSS_BUILD_SEALX
+ TSS_ALGORITHM_ID sealxAlg;
+#endif
+ PVOID hmacAppData;
+ PVOID xorAppData;
+ PVOID takeownerAppData;
+ PVOID changeauthAppData;
+#ifdef TSS_BUILD_SEALX
+ PVOID sealxAppData;
+#endif
+#ifdef TSS_BUILD_DELEGATION
+ /* The per1 and per2 are only used when creating a delegation.
+ After that, the blob or index is used to retrieve the information */
+ UINT32 delegationPer1;
+ UINT32 delegationPer2;
+
+ UINT32 delegationType;
+ TSS_BOOL delegationIndexSet; /* Since 0 is a valid index value */
+ UINT32 delegationIndex;
+ UINT32 delegationBlobLength;
+ BYTE *delegationBlob;
+#endif
+ TSS_RESULT (*Tspicb_CallbackHMACAuth)(
+ PVOID lpAppData,
+ TSS_HOBJECT hAuthorizedObject,
+ TSS_BOOL ReturnOrVerify,
+ UINT32 ulPendingFunction,
+ TSS_BOOL ContinueUse,
+ UINT32 ulSizeNonces,
+ BYTE *rgbNonceEven,
+ BYTE *rgbNonceOdd,
+ BYTE *rgbNonceEvenOSAP,
+ BYTE *rgbNonceOddOSAP,
+ UINT32 ulSizeDigestHmac,
+ BYTE *rgbParamDigest,
+ BYTE *rgbHmacData);
+ TSS_RESULT (*Tspicb_CallbackXorEnc)(
+ PVOID lpAppData,
+ TSS_HOBJECT hOSAPObject,
+ TSS_HOBJECT hObject,
+ TSS_FLAG PurposeSecret,
+ UINT32 ulSizeNonces,
+ BYTE *rgbNonceEven,
+ BYTE *rgbNonceOdd,
+ BYTE *rgbNonceEvenOSAP,
+ BYTE *rgbNonceOddOSAP,
+ UINT32 ulSizeEncAuth,
+ BYTE *rgbEncAuthUsage,
+ BYTE *rgbEncAuthMigration);
+ TSS_RESULT (*Tspicb_CallbackTakeOwnership)(
+ PVOID lpAppData,
+ TSS_HOBJECT hObject,
+ TSS_HKEY hObjectPubKey,
+ UINT32 ulSizeEncAuth,
+ BYTE *rgbEncAuth);
+ TSS_RESULT (*Tspicb_CallbackChangeAuthAsym)(
+ PVOID lpAppData,
+ TSS_HOBJECT hObject,
+ TSS_HKEY hObjectPubKey,
+ UINT32 ulSizeEncAuth,
+ UINT32 ulSizeAithLink,
+ BYTE *rgbEncAuth,
+ BYTE *rgbAuthLink);
+#ifdef TSS_BUILD_SEALX
+ TSS_RESULT (*Tspicb_CallbackSealxMask)(
+ PVOID lpAppData,
+ TSS_HKEY hKey,
+ TSS_HENCDATA hEncData,
+ TSS_ALGORITHM_ID algID,
+ UINT32 ulSizeNonces,
+ BYTE *rgbNonceEven,
+ BYTE *rgbNonceOdd,
+ BYTE *rgbNonceEvenOSAP,
+ BYTE *rgbNonceOddOSAP,
+ UINT32 ulDataLength,
+ BYTE *rgbDataToMask,
+ BYTE *rgbMaskedData);
+#endif
+};
+
+/* obj_policy.c */
+void __tspi_policy_free(void *data);
+TSS_BOOL anyPopupPolicies(TSS_HCONTEXT);
+TSS_BOOL obj_is_policy(TSS_HOBJECT);
+TSS_RESULT obj_policy_get_tsp_context(TSS_HPOLICY, TSS_HCONTEXT *);
+/* One of these 2 flags should be passed to obj_policy_get_secret so that if a popup must
+ * be executed to get the secret, we know whether or not the new dialog should be displayed,
+ * which will ask for confirmation */
+#define TR_SECRET_CTX_NEW TRUE
+#define TR_SECRET_CTX_NOT_NEW FALSE
+TSS_RESULT obj_policy_get_secret(TSS_HPOLICY, TSS_BOOL, TCPA_SECRET *);
+TSS_RESULT obj_policy_flush_secret(TSS_HPOLICY);
+TSS_RESULT obj_policy_set_secret_object(TSS_HPOLICY, TSS_FLAG, UINT32,
+ TCPA_DIGEST *, TSS_BOOL);
+TSS_RESULT obj_policy_set_secret(TSS_HPOLICY, TSS_FLAG, UINT32, BYTE *);
+TSS_RESULT obj_policy_get_type(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_remove(TSS_HOBJECT, TSS_HCONTEXT);
+TSS_RESULT obj_policy_add(TSS_HCONTEXT, UINT32, TSS_HOBJECT *);
+TSS_RESULT obj_policy_set_type(TSS_HPOLICY, UINT32);
+TSS_RESULT obj_policy_set_cb12(TSS_HPOLICY, TSS_FLAG, BYTE *);
+TSS_RESULT obj_policy_get_cb12(TSS_HPOLICY, TSS_FLAG, UINT32 *, BYTE **);
+TSS_RESULT obj_policy_set_cb11(TSS_HPOLICY, TSS_FLAG, TSS_FLAG, UINT32);
+TSS_RESULT obj_policy_get_cb11(TSS_HPOLICY, TSS_FLAG, UINT32 *);
+TSS_RESULT obj_policy_get_lifetime(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_set_lifetime(TSS_HPOLICY, UINT32, UINT32);
+TSS_RESULT obj_policy_get_counter(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_get_string(TSS_HPOLICY, UINT32 *size, BYTE **);
+TSS_RESULT obj_policy_set_string(TSS_HPOLICY, UINT32 size, BYTE *);
+TSS_RESULT obj_policy_get_secs_until_expired(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_has_expired(TSS_HPOLICY, TSS_BOOL *);
+TSS_RESULT obj_policy_get_mode(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_dec_counter(TSS_HPOLICY);
+TSS_RESULT obj_policy_do_hmac(TSS_HPOLICY, TSS_HOBJECT, TSS_BOOL, UINT32,
+ TSS_BOOL, UINT32, BYTE *, BYTE *, BYTE *, BYTE *,
+ UINT32, BYTE *, BYTE *);
+TSS_RESULT obj_policy_do_xor(TSS_HPOLICY, TSS_HOBJECT, TSS_HOBJECT, TSS_FLAG,
+ UINT32, BYTE *, BYTE *, BYTE *, BYTE *, UINT32, BYTE *, BYTE *);
+TSS_RESULT obj_policy_do_takeowner(TSS_HPOLICY, TSS_HOBJECT, TSS_HKEY, UINT32, BYTE *);
+TSS_RESULT obj_policy_validate_auth_oiap(TSS_HPOLICY, TCPA_DIGEST *, TPM_AUTH *);
+TSS_RESULT obj_policy_get_hash_mode(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_set_hash_mode(TSS_HPOLICY, UINT32);
+TSS_RESULT obj_policy_get_xsap_params(TSS_HPOLICY, TPM_COMMAND_CODE, TPM_ENTITY_TYPE *, UINT32 *,
+ BYTE **, BYTE *, TSS_CALLBACK *, TSS_CALLBACK *,
+ TSS_CALLBACK *, UINT32 *, TSS_BOOL);
+TSS_RESULT obj_policy_is_secret_set(TSS_HPOLICY, TSS_BOOL *);
+#ifdef TSS_BUILD_DELEGATION
+TSS_RESULT obj_policy_set_delegation_type(TSS_HPOLICY, UINT32);
+TSS_RESULT obj_policy_get_delegation_type(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_set_delegation_index(TSS_HPOLICY, UINT32);
+TSS_RESULT obj_policy_get_delegation_index(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_set_delegation_per1(TSS_HPOLICY, UINT32);
+TSS_RESULT obj_policy_get_delegation_per1(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_set_delegation_per2(TSS_HPOLICY, UINT32);
+TSS_RESULT obj_policy_get_delegation_per2(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_set_delegation_blob(TSS_HPOLICY, UINT32, UINT32, BYTE *);
+TSS_RESULT obj_policy_get_delegation_blob(TSS_HPOLICY, UINT32, UINT32 *, BYTE **);
+TSS_RESULT obj_policy_get_delegation_label(TSS_HPOLICY, BYTE *);
+TSS_RESULT obj_policy_get_delegation_familyid(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_get_delegation_vercount(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_get_delegation_pcr_locality(TSS_HPOLICY, UINT32 *);
+TSS_RESULT obj_policy_get_delegation_pcr_digest(TSS_HPOLICY, UINT32 *, BYTE **);
+TSS_RESULT obj_policy_get_delegation_pcr_selection(TSS_HPOLICY, UINT32 *, BYTE **);
+TSS_RESULT obj_policy_is_delegation_index_set(TSS_HPOLICY, TSS_BOOL *);
+
+void obj_policy_clear_delegation(struct tr_policy_obj *);
+TSS_RESULT obj_policy_get_delegate_public(struct tsp_object *, TPM_DELEGATE_PUBLIC *);
+#endif
+
+#define POLICY_LIST_DECLARE struct obj_list policy_list
+#define POLICY_LIST_DECLARE_EXTERN extern struct obj_list policy_list
+#define POLICY_LIST_INIT() tspi_list_init(&policy_list)
+#define POLICY_LIST_CONNECT(a,b) obj_connectContext_list(&policy_list, a, b)
+#define POLICY_LIST_CLOSE(a) obj_list_close(&policy_list, &__tspi_policy_free, a)
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_rsakey.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_rsakey.h
new file mode 100644
index 0000000..4f15d25
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_rsakey.h
@@ -0,0 +1,129 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_RSAKEY_H_
+#define _OBJ_RSAKEY_H_
+
+#ifdef TSS_BUILD_RSAKEY_LIST
+
+/* rsakey specific flags */
+#define TSS_RSAKEY_FLAG_OWNEREVICT (0x00000001)
+
+/* structures */
+struct tr_rsakey_obj {
+ int type;
+ TSS_KEY key;
+ TSS_FLAG flags;
+ TSS_HPOLICY usagePolicy;
+ TSS_HPOLICY migPolicy;
+ TSS_UUID uuid;
+ TCS_KEY_HANDLE tcsHandle;
+#ifdef TSS_BUILD_CMK
+ TPM_HMAC msaApproval;
+ TPM_DIGEST msaDigest;
+#endif
+ union {
+ TPM_PCR_INFO info11;
+ TPM_PCR_INFO_LONG infolong;
+ } pcrInfo;
+ UINT32 pcrInfoType;
+};
+
+/* obj_rsakey.c */
+void __tspi_rsakey_free(void *data);
+TSS_BOOL obj_is_rsakey(TSS_HOBJECT);
+TSS_RESULT obj_rsakey_add(TSS_HCONTEXT, TSS_FLAG, TSS_HOBJECT *);
+TSS_RESULT obj_rsakey_add_by_key(TSS_HCONTEXT, TSS_UUID *, BYTE *, TSS_FLAG, TSS_HKEY *);
+TSS_RESULT obj_rsakey_set_policy(TSS_HKEY, TSS_HPOLICY);
+TSS_RESULT obj_rsakey_remove(TSS_HOBJECT, TSS_HCONTEXT);
+TSS_RESULT obj_rsakey_get_tsp_context(TSS_HKEY, TSS_HCONTEXT *);
+TSS_RESULT obj_rsakey_set_pstype(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_pstype(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_get_usage(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_usage(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_set_migratable(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_set_redirected(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_set_volatile(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_authdata_usage(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_authdata_usage(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_alg(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_alg(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_es(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_es(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_ss(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_ss(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_set_num_primes(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_num_primes(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_flags(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_flags(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_size(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_get_size(TSS_HKEY, UINT32 *);
+TSS_BOOL obj_rsakey_is_migratable(TSS_HKEY);
+TSS_BOOL obj_rsakey_is_redirected(TSS_HKEY);
+TSS_BOOL obj_rsakey_is_volatile(TSS_HKEY);
+TSS_RESULT obj_rsakey_get_policy(TSS_HKEY, UINT32, TSS_HPOLICY *, TSS_BOOL *);
+TSS_RESULT obj_rsakey_get_policies(TSS_HKEY, TSS_HPOLICY *, TSS_HPOLICY *, TSS_BOOL *);
+TSS_RESULT obj_rsakey_get_blob(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_get_priv_blob(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_get_pub_blob(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_get_version(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_get_exponent(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_set_exponent(TSS_HKEY, UINT32, BYTE *);
+TSS_RESULT obj_rsakey_get_modulus(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_set_modulus(TSS_HKEY, UINT32, BYTE *);
+TSS_RESULT obj_rsakey_get_uuid(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_get_parent_uuid(TSS_HKEY, TSS_FLAG *, TSS_UUID *);
+TSS_RESULT obj_rsakey_set_uuids(TSS_HKEY, TSS_FLAG, TSS_UUID *, TSS_FLAG, TSS_UUID *);
+TSS_RESULT obj_rsakey_set_uuid(TSS_HKEY, TSS_FLAG, TSS_UUID *);
+TSS_RESULT obj_rsakey_set_tcpakey(TSS_HKEY, UINT32 , BYTE *);
+TSS_RESULT obj_rsakey_get_pcr_digest(TSS_HKEY, UINT32, TSS_FLAG, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_get_pcr_selection(TSS_HKEY, UINT32, TSS_FLAG, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_get_pcr_locality(TSS_HKEY, TSS_FLAG, UINT32 *);
+TSS_RESULT obj_rsakey_set_pubkey(TSS_HKEY, UINT32, BYTE *);
+TSS_RESULT obj_rsakey_set_privkey(TSS_HKEY, UINT32, UINT32, BYTE *);
+TSS_RESULT obj_rsakey_set_pcr_data(TSS_HKEY, TSS_HPOLICY);
+TSS_RESULT obj_rsakey_set_key_parms(TSS_HKEY, TCPA_KEY_PARMS *);
+TSS_RESULT obj_rsakey_get_by_uuid(TSS_UUID *, TSS_HKEY *);
+TSS_RESULT obj_rsakey_get_by_pub(UINT32, BYTE *, TSS_HKEY *);
+TSS_RESULT obj_rsakey_get_tcs_handle(TSS_HKEY, TCS_KEY_HANDLE *);
+TSS_RESULT obj_rsakey_set_tcs_handle(TSS_HKEY, TCS_KEY_HANDLE);
+void obj_rsakey_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT);
+TSS_RESULT obj_rsakey_get_transport_attribs(TSS_HKEY, TCS_KEY_HANDLE *, TPM_DIGEST *);
+#ifdef TSS_BUILD_CMK
+TSS_BOOL obj_rsakey_is_cmk(TSS_HKEY);
+TSS_RESULT obj_rsakey_set_cmk(TSS_HKEY, UINT32);
+TSS_RESULT obj_rsakey_set_msa_approval(TSS_HKEY, UINT32, BYTE *);
+TSS_RESULT obj_rsakey_get_msa_approval(TSS_HKEY, UINT32 *, BYTE **);
+TSS_RESULT obj_rsakey_set_msa_digest(TSS_HKEY, UINT32, BYTE *);
+TSS_RESULT obj_rsakey_get_msa_digest(TSS_HKEY, UINT32 *, BYTE **);
+#endif
+TSS_RESULT obj_rsakey_get_ownerevict(TSS_HKEY, UINT32 *);
+TSS_RESULT obj_rsakey_set_ownerevict(TSS_HKEY, TSS_BOOL);
+TSS_RESULT obj_rsakey_set_srk_pubkey(BYTE *);
+
+#define RSAKEY_LIST_DECLARE struct obj_list rsakey_list
+#define RSAKEY_LIST_DECLARE_EXTERN extern struct obj_list rsakey_list
+#define RSAKEY_LIST_INIT() tspi_list_init(&rsakey_list)
+#define RSAKEY_LIST_CONNECT(a,b) obj_connectContext_list(&rsakey_list, a, b)
+#define RSAKEY_LIST_CLOSE(a) obj_list_close(&rsakey_list, &__tspi_rsakey_free, a)
+
+#else
+
+#define obj_is_rsakey(a) FALSE
+
+#define RSAKEY_LIST_DECLARE
+#define RSAKEY_LIST_DECLARE_EXTERN
+#define RSAKEY_LIST_INIT()
+#define RSAKEY_LIST_CONNECT(a,b)
+#define RSAKEY_LIST_CLOSE(a)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_tpm.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_tpm.h
new file mode 100644
index 0000000..b90812f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/obj_tpm.h
@@ -0,0 +1,78 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _OBJ_TPM_H_
+#define _OBJ_TPM_H_
+
+/* structures */
+struct tr_tpm_obj {
+ TSS_HPOLICY policy;
+#ifdef TSS_BUILD_TSS12
+ TSS_HPOLICY operatorPolicy;
+#endif
+ TSS_ALGORITHM_ID collateAlg;
+ TSS_ALGORITHM_ID activateAlg;
+ PVOID collateAppData;
+ PVOID activateAppData;
+ TSS_RESULT (*Tspicb_CollateIdentity)(
+ PVOID lpAppData,
+ UINT32 ulTCPAPlainIdentityProofLength,
+ BYTE *rgbTCPAPlainIdentityProof,
+ TSS_ALGORITHM_ID algID,
+ UINT32* ulSessionKeyLength,
+ BYTE *rgbSessionKey,
+ UINT32 *pulTCPAIdentityProofLength,
+ BYTE *rgbTCPAIdentityProof);
+ TSS_RESULT (*Tspicb_ActivateIdentity)(
+ PVOID lpAppData,
+ UINT32 ulSessionKeyLength,
+ BYTE *rgbSessionKey,
+ UINT32 ulSymCAAttestationBlobLength,
+ BYTE *rgbSymCAAttestationBlob,
+ UINT32 *pulCredentialLength,
+ BYTE *rgbCredential);
+ TSS_COUNTER_ID ctr_id;
+ UINT32 EndorsementCredSize;
+ BYTE *EndorsementCred;
+ UINT32 PlatformCredSize;
+ BYTE *PlatformCred;
+ UINT32 PlatformConfCredSize;
+ BYTE *PlatformConfCred;
+ UINT32 ConformanceCredSize;
+ BYTE *ConformanceCred;
+};
+
+/* prototypes */
+TSS_RESULT obj_getTpmObject(UINT32, TSS_HOBJECT *);
+
+/* obj_tpm.c */
+void tpm_free(void *);
+TSS_BOOL obj_is_tpm(TSS_HOBJECT);
+TSS_RESULT obj_tpm_get_tsp_context(TSS_HTPM, TSS_HCONTEXT *);
+TSS_RESULT obj_tpm_get(TSS_HCONTEXT, TSS_HTPM *);
+TSS_RESULT obj_tpm_set_policy(TSS_HTPM, TSS_HPOLICY);
+TSS_RESULT obj_tpm_add(TSS_HCONTEXT, TSS_HOBJECT *);
+TSS_RESULT obj_tpm_get_policy(TSS_HTPM, UINT32, TSS_HPOLICY *);
+TSS_RESULT obj_tpm_set_cb12(TSS_HTPM, TSS_FLAG, BYTE *);
+TSS_RESULT obj_tpm_get_cb12(TSS_HTPM, TSS_FLAG, UINT32 *, BYTE **);
+TSS_RESULT obj_tpm_set_cb11(TSS_HTPM, TSS_FLAG, TSS_FLAG, UINT32);
+TSS_RESULT obj_tpm_get_cb11(TSS_HTPM, TSS_FLAG, UINT32 *);
+void obj_tpm_remove_policy_refs(TSS_HPOLICY, TSS_HCONTEXT);
+TSS_RESULT obj_tpm_get_current_counter(TSS_HTPM, TSS_COUNTER_ID *);
+TSS_RESULT obj_tpm_set_cred(TSS_HTPM, TSS_FLAG, UINT32, BYTE *);
+TSS_RESULT obj_tpm_get_cred(TSS_HTPM, TSS_FLAG, UINT32 *, BYTE **);
+
+#define TPM_LIST_DECLARE struct obj_list tpm_list
+#define TPM_LIST_DECLARE_EXTERN extern struct obj_list tpm_list
+#define TPM_LIST_INIT() tspi_list_init(&tpm_list)
+#define TPM_LIST_CONNECT(a,b) obj_connectContext_list(&tpm_list, a, b)
+#define TPM_LIST_CLOSE(a) obj_list_close(&tpm_list, &tpm_free, a)
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/req_mgr.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/req_mgr.h
new file mode 100644
index 0000000..3804896
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/req_mgr.h
@@ -0,0 +1,26 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#ifndef _REQ_MGR_H_
+#define _REQ_MGR_H_
+
+#include "threads.h"
+
+struct tpm_req_mgr
+{
+ MUTEX_DECLARE(queue_lock);
+};
+
+TSS_RESULT req_mgr_init();
+TSS_RESULT req_mgr_final();
+TSS_RESULT req_mgr_submit_req(BYTE *);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp.h
new file mode 100644
index 0000000..20328ee
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp.h
@@ -0,0 +1,41 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#ifndef _RPC_TCSTP_H_
+#define _RPC_TCSTP_H_
+
+#include "tcs_tsp.h"
+
+typedef unsigned char TCSD_PACKET_TYPE;
+
+/* Packet header used for TCSD communication */
+struct tcsd_packet_hdr {
+ UINT32 packet_size;
+ union {
+ UINT32 ordinal;
+ UINT32 result;
+ } u;
+ UINT32 num_parms;
+ UINT32 type_size;
+ UINT32 type_offset;
+ UINT32 parm_size;
+ UINT32 parm_offset;
+} STRUCTURE_PACKING_ATTRIBUTE;
+
+struct tcsd_comm_data {
+ BYTE *buf;
+ UINT32 buf_size;
+ struct tcsd_packet_hdr hdr;
+} STRUCTURE_PACKING_ATTRIBUTE;
+
+#define TCSD_INIT_TXBUF_SIZE 1024
+#define TCSD_INCR_TXBUF_SIZE 4096
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp_tcs.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp_tcs.h
new file mode 100644
index 0000000..0521fe6
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp_tcs.h
@@ -0,0 +1,408 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _RPC_TCSTP_TCS_H_
+#define _RPC_TCSTP_TCS_H_
+
+#include "rpc_tcstp.h"
+
+#define DECLARE_TCSTP_FUNC(x) \
+ TSS_RESULT tcs_wrap_##x(struct tcsd_thread_data *)
+/* Auth session, context and TPM caps support are always compiled in. TPM caps
+ * are necessary so that the TCSD can know what type of TPM its talking to */
+DECLARE_TCSTP_FUNC(OpenContext);
+DECLARE_TCSTP_FUNC(CloseContext);
+DECLARE_TCSTP_FUNC(OIAP);
+DECLARE_TCSTP_FUNC(OSAP);
+DECLARE_TCSTP_FUNC(GetCapability);
+DECLARE_TCSTP_FUNC(GetCapabilityOwner);
+DECLARE_TCSTP_FUNC(SetCapability);
+
+#ifdef TSS_BUILD_RANDOM
+DECLARE_TCSTP_FUNC(GetRandom);
+DECLARE_TCSTP_FUNC(StirRandom);
+#else
+#define tcs_wrap_GetRandom tcs_wrap_Error
+#define tcs_wrap_StirRandom tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_EK
+DECLARE_TCSTP_FUNC(CreateEndorsementKeyPair);
+DECLARE_TCSTP_FUNC(ReadPubek);
+DECLARE_TCSTP_FUNC(OwnerReadPubek);
+DECLARE_TCSTP_FUNC(DisablePubekRead);
+#ifdef TSS_BUILD_TSS12
+DECLARE_TCSTP_FUNC(CreateRevocableEndorsementKeyPair);
+DECLARE_TCSTP_FUNC(RevokeEndorsementKeyPair);
+#else
+#define tcs_wrap_CreateRevocableEndorsementKeyPair tcs_wrap_Error
+#define tcs_wrap_RevokeEndorsementKeyPair tcs_wrap_Error
+#endif
+#else
+#define tcs_wrap_CreateEndorsementKeyPair tcs_wrap_Error
+#define tcs_wrap_ReadPubek tcs_wrap_Error
+#define tcs_wrap_OwnerReadPubek tcs_wrap_Error
+#define tcs_wrap_DisablePubekRead tcs_wrap_Error
+#define tcs_wrap_CreateRevocableEndorsementKeyPair tcs_wrap_Error
+#define tcs_wrap_RevokeEndorsementKeyPair tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_KEY
+DECLARE_TCSTP_FUNC(EvictKey);
+DECLARE_TCSTP_FUNC(GetPubkey);
+DECLARE_TCSTP_FUNC(TerminateHandle);
+DECLARE_TCSTP_FUNC(LoadKeyByBlob);
+DECLARE_TCSTP_FUNC(CreateWrapKey);
+#ifdef TSS_BUILD_TSS12
+DECLARE_TCSTP_FUNC(KeyControlOwner);
+DECLARE_TCSTP_FUNC(OwnerReadInternalPub);
+#else
+#define tcs_wrap_KeyControlOwner tcs_wrap_Error
+#define tcs_wrap_OwnerReadInternalPub tcs_wrap_Error
+#endif
+#else
+#define tcs_wrap_EvictKey tcs_wrap_Error
+#define tcs_wrap_GetPubkey tcs_wrap_Error
+#define tcs_wrap_TerminateHandle tcs_wrap_Error
+#define tcs_wrap_LoadKeyByBlob tcs_wrap_Error
+#define tcs_wrap_CreateWrapKey tcs_wrap_Error
+#define tcs_wrap_KeyControlOwner tcs_wrap_Error
+
+#endif
+
+#ifdef TSS_BUILD_PCR_EXTEND
+DECLARE_TCSTP_FUNC(Extend);
+DECLARE_TCSTP_FUNC(PcrRead);
+DECLARE_TCSTP_FUNC(PcrReset);
+#else
+#define tcs_wrap_Extend tcs_wrap_Error
+#define tcs_wrap_PcrRead tcs_wrap_Error
+#define tcs_wrap_PcrReset tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_CAPS
+DECLARE_TCSTP_FUNC(TCSGetCapability);
+#else
+#define tcs_wrap_TCSGetCapability tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_OWN
+DECLARE_TCSTP_FUNC(TakeOwnership);
+DECLARE_TCSTP_FUNC(OwnerClear);
+#else
+#define tcs_wrap_TakeOwnership tcs_wrap_Error
+#define tcs_wrap_OwnerClear tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_PS
+DECLARE_TCSTP_FUNC(RegisterKey);
+DECLARE_TCSTP_FUNC(UnregisterKey);
+DECLARE_TCSTP_FUNC(GetRegisteredKeyBlob);
+DECLARE_TCSTP_FUNC(LoadKeyByUUID);
+DECLARE_TCSTP_FUNC(GetRegisteredKeyByPublicInfo);
+DECLARE_TCSTP_FUNC(EnumRegisteredKeys);
+DECLARE_TCSTP_FUNC(EnumRegisteredKeys2);
+#else
+#define tcs_wrap_RegisterKey tcs_wrap_Error
+#define tcs_wrap_UnregisterKey tcs_wrap_Error
+#define tcs_wrap_GetRegisteredKeyBlob tcs_wrap_Error
+#define tcs_wrap_LoadKeyByUUID tcs_wrap_Error
+#define tcs_wrap_GetRegisteredKeyByPublicInfo tcs_wrap_Error
+#define tcs_wrap_EnumRegisteredKeys tcs_wrap_Error
+#define tcs_wrap_EnumRegisteredKeys2 tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_SIGN
+DECLARE_TCSTP_FUNC(Sign);
+#else
+#define tcs_wrap_Sign tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_DIR
+DECLARE_TCSTP_FUNC(DirWriteAuth);
+DECLARE_TCSTP_FUNC(DirRead);
+#else
+#define tcs_wrap_DirWriteAuth tcs_wrap_Error
+#define tcs_wrap_DirRead tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_SEAL
+DECLARE_TCSTP_FUNC(Seal);
+DECLARE_TCSTP_FUNC(UnSeal);
+#else
+#define tcs_wrap_Seal tcs_wrap_Error
+#define tcs_wrap_UnSeal tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_SEALX
+DECLARE_TCSTP_FUNC(Sealx);
+#else
+#define tcs_wrap_Sealx tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_BIND
+DECLARE_TCSTP_FUNC(UnBind);
+#else
+#define tcs_wrap_UnBind tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_CHANGEAUTH
+DECLARE_TCSTP_FUNC(ChangeAuth);
+DECLARE_TCSTP_FUNC(ChangeAuthOwner);
+#else
+#define tcs_wrap_ChangeAuth tcs_wrap_Error
+#define tcs_wrap_ChangeAuthOwner tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_QUOTE
+DECLARE_TCSTP_FUNC(Quote);
+#else
+#define tcs_wrap_Quote tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_QUOTE2
+DECLARE_TCSTP_FUNC(Quote2);
+#else
+#define tcs_wrap_Quote2 tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_PCR_EVENTS
+DECLARE_TCSTP_FUNC(LogPcrEvent);
+DECLARE_TCSTP_FUNC(GetPcrEvent);
+DECLARE_TCSTP_FUNC(GetPcrEventsByPcr);
+DECLARE_TCSTP_FUNC(GetPcrEventLog);
+#else
+#define tcs_wrap_LogPcrEvent tcs_wrap_Error
+#define tcs_wrap_GetPcrEvent tcs_wrap_Error
+#define tcs_wrap_GetPcrEventsByPcr tcs_wrap_Error
+#define tcs_wrap_GetPcrEventLog tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_SELFTEST
+DECLARE_TCSTP_FUNC(SelfTestFull);
+DECLARE_TCSTP_FUNC(CertifySelfTest);
+DECLARE_TCSTP_FUNC(GetTestResult);
+#else
+#define tcs_wrap_SelfTestFull tcs_wrap_Error
+#define tcs_wrap_CertifySelfTest tcs_wrap_Error
+#define tcs_wrap_GetTestResult tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_ADMIN
+DECLARE_TCSTP_FUNC(DisableOwnerClear);
+DECLARE_TCSTP_FUNC(ForceClear);
+DECLARE_TCSTP_FUNC(DisableForceClear);
+DECLARE_TCSTP_FUNC(PhysicalEnable);
+DECLARE_TCSTP_FUNC(PhysicalSetDeactivated);
+DECLARE_TCSTP_FUNC(SetOwnerInstall);
+DECLARE_TCSTP_FUNC(OwnerSetDisable);
+DECLARE_TCSTP_FUNC(PhysicalDisable);
+DECLARE_TCSTP_FUNC(PhysicalPresence);
+DECLARE_TCSTP_FUNC(SetTempDeactivated);
+DECLARE_TCSTP_FUNC(FieldUpgrade);
+#ifdef TSS_BUILD_TSS12
+DECLARE_TCSTP_FUNC(SetTempDeactivated2);
+DECLARE_TCSTP_FUNC(ResetLockValue);
+#else
+#define tcs_wrap_SetTempDeactivated2 tcs_wrap_Error
+#define tcs_wrap_ResetLockValue tcs_wrap_Error
+#endif
+#else
+#define tcs_wrap_DisableOwnerClear tcs_wrap_Error
+#define tcs_wrap_ForceClear tcs_wrap_Error
+#define tcs_wrap_DisableForceClear tcs_wrap_Error
+#define tcs_wrap_PhysicalEnable tcs_wrap_Error
+#define tcs_wrap_PhysicalSetDeactivated tcs_wrap_Error
+#define tcs_wrap_SetOwnerInstall tcs_wrap_Error
+#define tcs_wrap_OwnerSetDisable tcs_wrap_Error
+#define tcs_wrap_PhysicalDisable tcs_wrap_Error
+#define tcs_wrap_PhysicalPresence tcs_wrap_Error
+#define tcs_wrap_SetTempDeactivated tcs_wrap_Error
+#define tcs_wrap_SetTempDeactivated2 tcs_wrap_Error
+#define tcs_wrap_ResetLockValue tcs_wrap_Error
+#define tcs_wrap_FieldUpgrade tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_CERTIFY
+DECLARE_TCSTP_FUNC(CertifyKey);
+#else
+#define tcs_wrap_CertifyKey tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_AIK
+DECLARE_TCSTP_FUNC(MakeIdentity);
+DECLARE_TCSTP_FUNC(ActivateIdentity);
+#ifdef TSS_BUILD_TSS12
+DECLARE_TCSTP_FUNC(GetCredential);
+#else
+#define tcs_wrap_GetCredential tcs_wrap_Error
+#endif
+#else
+#define tcs_wrap_MakeIdentity tcs_wrap_Error
+#define tcs_wrap_ActivateIdentity tcs_wrap_Error
+#define tcs_wrap_GetCredential tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_MIGRATION
+DECLARE_TCSTP_FUNC(CreateMigrationBlob);
+DECLARE_TCSTP_FUNC(ConvertMigrationBlob);
+DECLARE_TCSTP_FUNC(AuthorizeMigrationKey);
+#else
+#define tcs_wrap_CreateMigrationBlob tcs_wrap_Error
+#define tcs_wrap_ConvertMigrationBlob tcs_wrap_Error
+#define tcs_wrap_AuthorizeMigrationKey tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_MAINT
+DECLARE_TCSTP_FUNC(KillMaintenanceFeature);
+DECLARE_TCSTP_FUNC(CreateMaintenanceArchive);
+DECLARE_TCSTP_FUNC(LoadMaintenanceArchive);
+DECLARE_TCSTP_FUNC(LoadManuMaintPub);
+DECLARE_TCSTP_FUNC(ReadManuMaintPub);
+#else
+#define tcs_wrap_KillMaintenanceFeature tcs_wrap_Error
+#define tcs_wrap_CreateMaintenanceArchive tcs_wrap_Error
+#define tcs_wrap_LoadMaintenanceArchive tcs_wrap_Error
+#define tcs_wrap_LoadManuMaintPub tcs_wrap_Error
+#define tcs_wrap_ReadManuMaintPub tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_DAA
+DECLARE_TCSTP_FUNC(DaaJoin);
+DECLARE_TCSTP_FUNC(DaaSign);
+#else
+#define tcs_wrap_DaaJoin tcs_wrap_Error
+#define tcs_wrap_DaaSign tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_NV
+DECLARE_TCSTP_FUNC(NV_DefineOrReleaseSpace);
+DECLARE_TCSTP_FUNC(NV_WriteValue);
+DECLARE_TCSTP_FUNC(NV_WriteValueAuth);
+DECLARE_TCSTP_FUNC(NV_ReadValue);
+DECLARE_TCSTP_FUNC(NV_ReadValueAuth);
+#else
+#define tcs_wrap_NV_DefineOrReleaseSpace tcs_wrap_Error
+#define tcs_wrap_NV_WriteValue tcs_wrap_Error
+#define tcs_wrap_NV_WriteValueAuth tcs_wrap_Error
+#define tcs_wrap_NV_ReadValue tcs_wrap_Error
+#define tcs_wrap_NV_ReadValueAuth tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_COUNTER
+DECLARE_TCSTP_FUNC(ReadCounter);
+DECLARE_TCSTP_FUNC(CreateCounter);
+DECLARE_TCSTP_FUNC(IncrementCounter);
+DECLARE_TCSTP_FUNC(ReleaseCounter);
+DECLARE_TCSTP_FUNC(ReleaseCounterOwner);
+#else
+#define tcs_wrap_ReadCounter tcs_wrap_Error
+#define tcs_wrap_CreateCounter tcs_wrap_Error
+#define tcs_wrap_IncrementCounter tcs_wrap_Error
+#define tcs_wrap_ReleaseCounter tcs_wrap_Error
+#define tcs_wrap_ReleaseCounterOwner tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_TICK
+DECLARE_TCSTP_FUNC(ReadCurrentTicks);
+DECLARE_TCSTP_FUNC(TickStampBlob);
+#else
+#define tcs_wrap_ReadCurrentTicks tcs_wrap_Error
+#define tcs_wrap_TickStampBlob tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_TRANSPORT
+DECLARE_TCSTP_FUNC(EstablishTransport);
+DECLARE_TCSTP_FUNC(ExecuteTransport);
+DECLARE_TCSTP_FUNC(ReleaseTransportSigned);
+#else
+#define tcs_wrap_EstablishTransport tcs_wrap_Error
+#define tcs_wrap_ExecuteTransport tcs_wrap_Error
+#define tcs_wrap_ReleaseTransportSigned tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_AUDIT
+DECLARE_TCSTP_FUNC(SetOrdinalAuditStatus);
+DECLARE_TCSTP_FUNC(GetAuditDigest);
+DECLARE_TCSTP_FUNC(GetAuditDigestSigned);
+#else
+#define tcs_wrap_SetOrdinalAuditStatus tcs_wrap_Error
+#define tcs_wrap_GetAuditDigest tcs_wrap_Error
+#define tcs_wrap_GetAuditDigestSigned tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_TSS12
+DECLARE_TCSTP_FUNC(SetOperatorAuth);
+DECLARE_TCSTP_FUNC(FlushSpecific);
+#else
+#define tcs_wrap_SetOperatorAuth tcs_wrap_Error
+#define tcs_wrap_FlushSpecific tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_DELEGATION
+DECLARE_TCSTP_FUNC(Delegate_Manage);
+DECLARE_TCSTP_FUNC(Delegate_CreateKeyDelegation);
+DECLARE_TCSTP_FUNC(Delegate_CreateOwnerDelegation);
+DECLARE_TCSTP_FUNC(Delegate_LoadOwnerDelegation);
+DECLARE_TCSTP_FUNC(Delegate_ReadTable);
+DECLARE_TCSTP_FUNC(Delegate_UpdateVerificationCount);
+DECLARE_TCSTP_FUNC(Delegate_VerifyDelegation);
+DECLARE_TCSTP_FUNC(DSAP);
+#else
+#define tcs_wrap_Delegate_Manage tcs_wrap_Error
+#define tcs_wrap_Delegate_CreateKeyDelegation tcs_wrap_Error
+#define tcs_wrap_Delegate_CreateOwnerDelegation tcs_wrap_Error
+#define tcs_wrap_Delegate_LoadOwnerDelegation tcs_wrap_Error
+#define tcs_wrap_Delegate_ReadTable tcs_wrap_Error
+#define tcs_wrap_Delegate_UpdateVerificationCount tcs_wrap_Error
+#define tcs_wrap_Delegate_VerifyDelegation tcs_wrap_Error
+#define tcs_wrap_DSAP tcs_wrap_Error
+#endif
+
+#ifdef TSS_BUILD_CMK
+DECLARE_TCSTP_FUNC(CMK_SetRestrictions);
+DECLARE_TCSTP_FUNC(CMK_ApproveMA);
+DECLARE_TCSTP_FUNC(CMK_CreateKey);
+DECLARE_TCSTP_FUNC(CMK_CreateTicket);
+DECLARE_TCSTP_FUNC(CMK_CreateBlob);
+DECLARE_TCSTP_FUNC(CMK_ConvertMigration);
+#else
+#define tcs_wrap_CMK_SetRestrictions tcs_wrap_Error
+#define tcs_wrap_CMK_ApproveMA tcs_wrap_Error
+#define tcs_wrap_CMK_CreateKey tcs_wrap_Error
+#define tcs_wrap_CMK_CreateTicket tcs_wrap_Error
+#define tcs_wrap_CMK_CreateBlob tcs_wrap_Error
+#define tcs_wrap_CMK_ConvertMigration tcs_wrap_Error
+#endif
+
+DECLARE_TCSTP_FUNC(dispatchCommand);
+
+void LoadBlob_Auth_Special(UINT64 *, BYTE *, TPM_AUTH *);
+void UnloadBlob_Auth_Special(UINT64 *, BYTE *, TPM_AUTH *);
+void LoadBlob_KM_KEYINFO(UINT64 *, BYTE *, TSS_KM_KEYINFO *);
+void LoadBlob_KM_KEYINFO2(UINT64 *, BYTE *, TSS_KM_KEYINFO2 *);
+void UnloadBlob_KM_KEYINFO(UINT64 *, BYTE *, TSS_KM_KEYINFO *);
+void UnloadBlob_KM_KEYINFO2(UINT64 *, BYTE *, TSS_KM_KEYINFO2 *);
+void LoadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *);
+void UnloadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *);
+void LoadBlob_PCR_EVENT(UINT64 *, BYTE *, TSS_PCR_EVENT *);
+TSS_RESULT UnloadBlob_PCR_EVENT(UINT64 *, BYTE *, TSS_PCR_EVENT *);
+int setData(TCSD_PACKET_TYPE, unsigned int, void *, int, struct tcsd_comm_data *);
+UINT32 getData(TCSD_PACKET_TYPE, unsigned int, void *, int, struct tcsd_comm_data *);
+void initData(struct tcsd_comm_data *, int);
+int recv_from_socket(int, void *, int);
+int send_to_socket(int, void *, int);
+TSS_RESULT getTCSDPacket(struct tcsd_thread_data *);
+
+MUTEX_DECLARE_EXTERN(tcsp_lock);
+
+#endif
+
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp_tsp.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp_tsp.h
new file mode 100644
index 0000000..3996f18
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/rpc_tcstp_tsp.h
@@ -0,0 +1,417 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _RPC_TCSTP_TSP_H_
+#define _RPC_TCSTP_TSP_H_
+
+#include "hosttable.h"
+#include "rpc_tcstp.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+int setData(TCSD_PACKET_TYPE,int,void *,int,struct tcsd_comm_data *);
+UINT32 getData(TCSD_PACKET_TYPE,int,void *,int,struct tcsd_comm_data *);
+void initData(struct tcsd_comm_data *, int);
+TSS_RESULT sendTCSDPacket(struct host_table_entry *);
+#ifndef FUZZED_TPM
+TSS_RESULT send_init(struct host_table_entry *);
+TSS_RESULT tcs_sendit(struct host_table_entry *);
+#endif
+
+#ifndef FUZZED_TPM
+/* Underlying socket-related calls */
+TSS_RESULT get_socket(struct host_table_entry *hte, int *sd);
+#endif
+
+/* Context commands always included */
+TSS_RESULT RPC_OpenContext_TP(struct host_table_entry *, UINT32 *, TCS_CONTEXT_HANDLE *);
+TSS_RESULT RPC_CloseContext_TP(struct host_table_entry *);
+TSS_RESULT RPC_FreeMemory_TP(struct host_table_entry *,BYTE *);
+
+#ifdef TSS_BUILD_AUTH
+TSS_RESULT RPC_OIAP_TP(struct host_table_entry *,TCS_AUTHHANDLE *,TCPA_NONCE *);
+TSS_RESULT RPC_OSAP_TP(struct host_table_entry *,TCPA_ENTITY_TYPE,UINT32,TCPA_NONCE*,TCS_AUTHHANDLE *,TCPA_NONCE *,TCPA_NONCE *);
+#else
+#define RPC_OIAP_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_OSAP_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_PCR_EVENTS
+TSS_RESULT RPC_LogPcrEvent_TP(struct host_table_entry *,TSS_PCR_EVENT,UINT32 *);
+TSS_RESULT RPC_GetPcrEvent_TP(struct host_table_entry *,UINT32,UINT32 *,TSS_PCR_EVENT **);
+TSS_RESULT RPC_GetPcrEventLog_TP(struct host_table_entry *,UINT32 *,TSS_PCR_EVENT **);
+TSS_RESULT RPC_GetPcrEventsByPcr_TP(struct host_table_entry *,UINT32,UINT32,UINT32 *,TSS_PCR_EVENT **);
+#else
+#define RPC_LogPcrEvent_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetPcrEvent_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetPcrEventLog_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetPcrEventsByPcr_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_PS
+TSS_RESULT RPC_GetRegisteredKeyByPublicInfo_TP(struct host_table_entry * tcsContext,TCPA_ALGORITHM_ID algID,UINT32,BYTE *,UINT32 *,BYTE **);
+TSS_RESULT RPC_RegisterKey_TP(struct host_table_entry *,TSS_UUID,TSS_UUID,UINT32,BYTE *,UINT32,BYTE *);
+TSS_RESULT RPC_UnregisterKey_TP(struct host_table_entry *,TSS_UUID);
+TSS_RESULT RPC_EnumRegisteredKeys_TP(struct host_table_entry *,TSS_UUID *,UINT32 *,TSS_KM_KEYINFO **);
+TSS_RESULT RPC_EnumRegisteredKeys2_TP(struct host_table_entry *,TSS_UUID *,UINT32 *,TSS_KM_KEYINFO2 **);
+TSS_RESULT RPC_GetRegisteredKey_TP(struct host_table_entry *,TSS_UUID,TSS_KM_KEYINFO **);
+TSS_RESULT RPC_GetRegisteredKeyBlob_TP(struct host_table_entry *,TSS_UUID,UINT32 *,BYTE **);
+TSS_RESULT RPC_LoadKeyByUUID_TP(struct host_table_entry *,TSS_UUID,TCS_LOADKEY_INFO *,TCS_KEY_HANDLE *);
+#else
+#define RPC_GetRegisteredKeyByPublicInfo_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_RegisterKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_UnregisterKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_EnumRegisteredKeys_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_EnumRegisteredKeys2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetRegisteredKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetRegisteredKeyBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_LoadKeyByUUID_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_KEY
+TSS_RESULT RPC_LoadKeyByBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,TCS_KEY_HANDLE *,TCS_KEY_HANDLE *);
+TSS_RESULT RPC_EvictKey_TP(struct host_table_entry *,TCS_KEY_HANDLE);
+TSS_RESULT RPC_CreateWrapKey_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_ENCAUTH *,TCPA_ENCAUTH *,UINT32,BYTE *,UINT32 *,BYTE **,TPM_AUTH *);
+TSS_RESULT RPC_GetPubKey_TP(struct host_table_entry *,TCS_KEY_HANDLE,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_TerminateHandle_TP(struct host_table_entry *,TCS_AUTHHANDLE);
+TSS_RESULT RPC_OwnerReadInternalPub_TP(struct host_table_entry *, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_KeyControlOwner_TP(struct host_table_entry *, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, TSS_BOOL, TPM_AUTH *, TSS_UUID *);
+#else
+#define RPC_KeyControlOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+#else
+#define RPC_LoadKeyByBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_EvictKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CreateWrapKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetPubKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_TerminateHandle_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_OwnerReadInternalPub_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_KeyControlOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_AIK
+TSS_RESULT RPC_MakeIdentity_TP(struct host_table_entry *,TCPA_ENCAUTH,TCPA_CHOSENID_HASH,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **);
+TSS_RESULT RPC_GetCredential_TP(struct host_table_entry *,UINT32 ,UINT32 ,UINT32 *,BYTE **);
+TSS_RESULT RPC_ActivateTPMIdentity_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **);
+#else
+#define RPC_MakeIdentity_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetCredential_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ActivateTPMIdentity_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_ADMIN
+TSS_RESULT RPC_SetOwnerInstall_TP(struct host_table_entry *,TSS_BOOL);
+TSS_RESULT RPC_DisableOwnerClear_TP(struct host_table_entry *,TPM_AUTH *);
+TSS_RESULT RPC_ForceClear_TP(struct host_table_entry * hContext);
+TSS_RESULT RPC_DisableForceClear_TP(struct host_table_entry * hContext);
+TSS_RESULT RPC_PhysicalDisable_TP(struct host_table_entry * hContext);
+TSS_RESULT RPC_PhysicalEnable_TP(struct host_table_entry * hContext);
+TSS_RESULT RPC_PhysicalSetDeactivated_TP(struct host_table_entry *,TSS_BOOL);
+TSS_RESULT RPC_PhysicalPresence_TP(struct host_table_entry *,TCPA_PHYSICAL_PRESENCE);
+TSS_RESULT RPC_SetTempDeactivated_TP(struct host_table_entry * hContext);
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_SetTempDeactivated2_TP(struct host_table_entry *, TPM_AUTH *);
+#else
+#define RPC_SetTempDeactivated2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+TSS_RESULT RPC_FieldUpgrade_TP(struct host_table_entry *,UINT32,BYTE *,UINT32 *,BYTE **,TPM_AUTH *);
+TSS_RESULT RPC_SetRedirection_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,UINT32,TPM_AUTH *);
+TSS_RESULT RPC_OwnerSetDisable_TP(struct host_table_entry *,TSS_BOOL,TPM_AUTH *);
+TSS_RESULT RPC_ResetLockValue_TP(struct host_table_entry *, TPM_AUTH *);
+#else
+#define RPC_SetOwnerInstall_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_DisableOwnerClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ForceClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_DisableForceClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_PhysicalDisable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_PhysicalEnable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_PhysicalSetDeactivated_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_PhysicalPresence_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_SetTempDeactivated_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_SetTempDeactivated2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_FieldUpgrade_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_SetRedirection_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_OwnerSetDisable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ResetLockValue_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_OWN
+TSS_RESULT RPC_TakeOwnership_TP(struct host_table_entry *,UINT16,UINT32,BYTE *,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_OwnerClear_TP(struct host_table_entry *,TPM_AUTH *);
+#else
+#define RPC_TakeOwnership_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_OwnerClear_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_CHANGEAUTH
+TSS_RESULT RPC_ChangeAuth_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_PROTOCOL_ID,TCPA_ENCAUTH *,TCPA_ENTITY_TYPE,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_ChangeAuthOwner_TP(struct host_table_entry *,TCPA_PROTOCOL_ID,TCPA_ENCAUTH *,TCPA_ENTITY_TYPE,TPM_AUTH *);
+TSS_RESULT RPC_ChangeAuthAsymStart_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **,TCS_KEY_HANDLE *);
+TSS_RESULT RPC_ChangeAuthAsymFinish_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCS_KEY_HANDLE,TCPA_ENTITY_TYPE,TCPA_HMAC,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **,TCPA_SALT_NONCE *,TCPA_DIGEST *);
+#else
+#define RPC_ChangeAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ChangeAuthOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ChangeAuthAsymStart_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ChangeAuthAsymFinish_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_PCR_EXTEND
+TSS_RESULT RPC_Extend_TP(struct host_table_entry *,TCPA_PCRINDEX,TCPA_DIGEST,TCPA_PCRVALUE *);
+TSS_RESULT RPC_PcrRead_TP(struct host_table_entry *,TCPA_PCRINDEX,TCPA_PCRVALUE *);
+TSS_RESULT RPC_PcrReset_TP(struct host_table_entry *,UINT32,BYTE *);
+#else
+#define RPC_Extend_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_PcrRead_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_PcrReset_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_QUOTE
+TSS_RESULT RPC_Quote_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **);
+#else
+#define RPC_Quote_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_QUOTE2
+TSS_RESULT RPC_Quote2_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE *,UINT32,BYTE *,TSS_BOOL,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **,UINT32 *,BYTE **);
+#else
+#define RPC_Quote2_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_DIR
+TSS_RESULT RPC_DirWriteAuth_TP(struct host_table_entry *,TCPA_DIRINDEX,TCPA_DIRVALUE *,TPM_AUTH *);
+TSS_RESULT RPC_DirRead_TP(struct host_table_entry *,TCPA_DIRINDEX,TCPA_DIRVALUE *);
+#else
+#define RPC_DirWriteAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_DirRead_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_SEAL
+TSS_RESULT RPC_Seal_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_ENCAUTH *,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_Unseal_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **);
+#else
+#define RPC_Seal_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_Unseal_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_SEALX
+TSS_RESULT RPC_Sealx_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_ENCAUTH *,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+#else
+#define RPC_Sealx_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_BIND
+TSS_RESULT RPC_UnBind_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+#else
+#define RPC_UnBind_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_MIGRATION
+TSS_RESULT RPC_CreateMigrationBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_MIGRATE_SCHEME,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **);
+TSS_RESULT RPC_ConvertMigrationBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_AuthorizeMigrationKey_TP(struct host_table_entry *,TCPA_MIGRATE_SCHEME,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+#else
+#define RPC_CreateMigrationBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ConvertMigrationBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_AuthorizeMigrationKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_CERTIFY
+TSS_RESULT RPC_CertifyKey_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCS_KEY_HANDLE,TPM_NONCE *,TPM_AUTH *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **);
+#else
+#define RPC_CertifyKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_SIGN
+TSS_RESULT RPC_Sign_TP(struct host_table_entry *,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+#else
+#define RPC_Sign_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_RANDOM
+TSS_RESULT RPC_GetRandom_TP(struct host_table_entry *,UINT32,BYTE **);
+TSS_RESULT RPC_StirRandom_TP(struct host_table_entry *,UINT32,BYTE *);
+#else
+#define RPC_GetRandom_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_StirRandom_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_CAPS_TPM
+TSS_RESULT RPC_GetTPMCapability_TP(struct host_table_entry *,TCPA_CAPABILITY_AREA,UINT32,BYTE *,UINT32 *,BYTE **);
+TSS_RESULT RPC_GetCapabilitySigned_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE,TCPA_CAPABILITY_AREA,UINT32,BYTE *,TPM_AUTH *,TCPA_VERSION *,UINT32 *,BYTE **,UINT32 *,BYTE **);
+TSS_RESULT RPC_GetCapabilityOwner_TP(struct host_table_entry *,TPM_AUTH *,TCPA_VERSION *,UINT32 *,UINT32 *);
+TSS_RESULT RPC_SetCapability_TP(struct host_table_entry *,TCPA_CAPABILITY_AREA,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *);
+#else
+#define RPC_GetTPMCapability_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetCapabilitySigned_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetCapabilityOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_SetCapability_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_CAPS
+TSS_RESULT RPC_GetCapability_TP(struct host_table_entry *,TCPA_CAPABILITY_AREA,UINT32,BYTE *,UINT32 *,BYTE **);
+#else
+#define RPC_GetCapability_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_EK
+TSS_RESULT RPC_CreateEndorsementKeyPair_TP(struct host_table_entry *,TCPA_NONCE,UINT32,BYTE *,UINT32 *,BYTE **,TCPA_DIGEST *);
+TSS_RESULT RPC_ReadPubek_TP(struct host_table_entry *,TCPA_NONCE,UINT32 *,BYTE **,TCPA_DIGEST *);
+TSS_RESULT RPC_OwnerReadPubek_TP(struct host_table_entry *,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_DisablePubekRead_TP(struct host_table_entry *,TPM_AUTH *);
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_CreateRevocableEndorsementKeyPair_TP(struct host_table_entry *,TPM_NONCE,UINT32,BYTE *,TSS_BOOL,TPM_DIGEST *,UINT32 *,BYTE **,TPM_DIGEST *);
+TSS_RESULT RPC_RevokeEndorsementKeyPair_TP(struct host_table_entry *,TPM_DIGEST *);
+#else
+#define RPC_CreateRevocableEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_RevokeEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+#else
+#define RPC_DisablePubekRead_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CreateEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ReadPubek_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_OwnerReadPubek_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CreateRevocableEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_RevokeEndorsementKeyPair_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_SELFTEST
+TSS_RESULT RPC_SelfTestFull_TP(struct host_table_entry * hContext);
+TSS_RESULT RPC_CertifySelfTest_TP(struct host_table_entry *,TCS_KEY_HANDLE,TCPA_NONCE,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_GetTestResult_TP(struct host_table_entry *,UINT32 *,BYTE **);
+#else
+#define RPC_SelfTestFull_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CertifySelfTest_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetTestResult_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_MAINT
+TSS_RESULT RPC_CreateMaintenanceArchive_TP(struct host_table_entry *,TSS_BOOL,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **);
+TSS_RESULT RPC_LoadMaintenanceArchive_TP(struct host_table_entry *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_KillMaintenanceFeature_TP(struct host_table_entry *,TPM_AUTH *);
+TSS_RESULT RPC_LoadManuMaintPub_TP(struct host_table_entry *,TCPA_NONCE,UINT32,BYTE *,TCPA_DIGEST *);
+TSS_RESULT RPC_ReadManuMaintPub_TP(struct host_table_entry *,TCPA_NONCE,TCPA_DIGEST *);
+#else
+#define RPC_CreateMaintenanceArchive_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_LoadMaintenanceArchive_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_KillMaintenanceFeature_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_LoadManuMaintPub_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ReadManuMaintPub_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_DAA
+TSS_RESULT RPC_DaaJoin_TP(struct host_table_entry *,TPM_HANDLE,BYTE,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+TSS_RESULT RPC_DaaSign_TP(struct host_table_entry *,TPM_HANDLE,BYTE,UINT32,BYTE *,UINT32,BYTE *,TPM_AUTH *,UINT32 *,BYTE **);
+#else
+#define RPC_DaaJoin_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_DaaSign_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_COUNTER
+TSS_RESULT RPC_ReadCounter_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_COUNTER_VALUE *);
+TSS_RESULT RPC_CreateCounter_TP(struct host_table_entry *,UINT32,BYTE *,TPM_ENCAUTH,TPM_AUTH *,TSS_COUNTER_ID *,TPM_COUNTER_VALUE *);
+TSS_RESULT RPC_IncrementCounter_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_AUTH *,TPM_COUNTER_VALUE *);
+TSS_RESULT RPC_ReleaseCounter_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_AUTH *);
+TSS_RESULT RPC_ReleaseCounterOwner_TP(struct host_table_entry *,TSS_COUNTER_ID,TPM_AUTH *);
+#else
+#define RPC_ReadCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CreateCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_IncrementCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ReleaseCounter_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ReleaseCounterOwner_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_TICK
+TSS_RESULT RPC_ReadCurrentTicks_TP(struct host_table_entry *,UINT32 *,BYTE **);
+TSS_RESULT RPC_TickStampBlob_TP(struct host_table_entry *,TCS_KEY_HANDLE,TPM_NONCE *,TPM_DIGEST *,TPM_AUTH *,UINT32 *,BYTE **,UINT32 *,BYTE **);
+#else
+#define RPC_ReadCurrentTicks_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_TickStampBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_TRANSPORT
+TSS_RESULT RPC_EstablishTransport_TP(struct host_table_entry *, UINT32, TCS_KEY_HANDLE, UINT32, BYTE*, UINT32, BYTE*, TPM_AUTH*, TPM_MODIFIER_INDICATOR*, TCS_HANDLE*, UINT32*, BYTE**, TPM_NONCE*);
+TSS_RESULT RPC_ExecuteTransport_TP(struct host_table_entry *,TPM_COMMAND_CODE, UINT32, BYTE*, UINT32*, TCS_HANDLE**, TPM_AUTH*, TPM_AUTH*, TPM_AUTH*, UINT64*, TPM_MODIFIER_INDICATOR*, TPM_RESULT*, UINT32*, BYTE**);
+TSS_RESULT RPC_ReleaseTransportSigned_TP(struct host_table_entry *, TCS_KEY_HANDLE, TPM_NONCE *, TPM_AUTH*, TPM_AUTH*, TPM_MODIFIER_INDICATOR*, UINT32*, BYTE**, UINT32*, BYTE**);
+#else
+#define RPC_EstablishTransport_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ExecuteTransport_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_ReleaseTransportSigned_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_NV
+TSS_RESULT RPC_NV_DefineOrReleaseSpace_TP(struct host_table_entry *hte, UINT32, BYTE *, TCPA_ENCAUTH, TPM_AUTH *);
+TSS_RESULT RPC_NV_WriteValue_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT RPC_NV_WriteValueAuth_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT RPC_NV_ReadValue_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **);
+TSS_RESULT RPC_NV_ReadValueAuth_TP(struct host_table_entry *hte, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **);
+#else
+#define RPC_NV_DefineOrReleaseSpace_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_NV_WriteValue_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_NV_WriteValueAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_NV_ReadValue_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_NV_ReadValueAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_AUDIT
+TSS_RESULT RPC_SetOrdinalAuditStatus_TP(struct host_table_entry *hte, TPM_AUTH *, UINT32, TSS_BOOL);
+TSS_RESULT RPC_GetAuditDigest_TP(struct host_table_entry *hte, UINT32, TPM_DIGEST *, UINT32 *, BYTE **, TSS_BOOL *, UINT32 *, UINT32 **);
+TSS_RESULT RPC_GetAuditDigestSigned_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *, TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *, TPM_DIGEST *, UINT32 *, BYTE **);
+#else
+#define RPC_SetOrdinalAuditStatus_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetAuditDigest_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_GetAuditDigestSigned_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_SetOperatorAuth_TP(struct host_table_entry *hte, TCPA_SECRET *);
+TSS_RESULT RPC_FlushSpecific_TP(struct host_table_entry *hte, TCS_HANDLE, TPM_RESOURCE_TYPE);
+#else
+#define RPC_SetOperatorAuth_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_FlushSpecific_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_DELEGATION
+TSS_RESULT RPC_Delegate_Manage_TP(struct host_table_entry *hte, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_CreateKeyDelegation_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_CreateOwnerDelegation_TP(struct host_table_entry *hte, TSS_BOOL, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_LoadOwnerDelegation_TP(struct host_table_entry *hte, TPM_DELEGATE_INDEX, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT RPC_Delegate_ReadTable_TP(struct host_table_entry *hte, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_UpdateVerificationCount_TP(struct host_table_entry *hte, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_VerifyDelegation_TP(struct host_table_entry *hte, UINT32, BYTE *);
+TSS_RESULT RPC_DSAP_TP(struct host_table_entry *hte, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32, BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *);
+#else
+#define RPC_Delegate_Manage_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_Delegate_CreateKeyDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_Delegate_CreateOwnerDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_Delegate_LoadOwnerDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_Delegate_ReadTable_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_Delegate_UpdateVerificationCount_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_Delegate_VerifyDelegation_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_DSAP_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#ifdef TSS_BUILD_CMK
+TSS_RESULT RPC_CMK_SetRestrictions_TP(struct host_table_entry *hte, TSS_CMK_DELEGATE, TPM_AUTH *);
+TSS_RESULT RPC_CMK_ApproveMA_TP(struct host_table_entry *hte, TPM_DIGEST, TPM_AUTH *, TPM_HMAC *);
+TSS_RESULT RPC_CMK_CreateKey_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TPM_ENCAUTH *, TPM_HMAC *, TPM_DIGEST *, UINT32 *, BYTE **, TPM_AUTH *);
+TSS_RESULT RPC_CMK_CreateTicket_TP(struct host_table_entry *hte, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, TPM_AUTH *, TPM_HMAC *);
+TSS_RESULT RPC_CMK_CreateBlob_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TSS_MIGRATE_SCHEME, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_CMK_ConvertMigration_TP(struct host_table_entry *hte, TCS_KEY_HANDLE, TPM_CMK_AUTH, TPM_HMAC, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+#else
+#define RPC_CMK_SetRestrictions_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CMK_ApproveMA_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CMK_CreateKey_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CMK_CreateTicket_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CMK_CreateBlob_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#define RPC_CMK_ConvertMigration_TP(...) TSPERR(TSS_E_INTERNAL_ERROR)
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/spi_utils.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/spi_utils.h
new file mode 100644
index 0000000..858bc6a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/spi_utils.h
@@ -0,0 +1,642 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2007
+ *
+ */
+
+
+#ifndef _SPI_UTILS_H_
+#define _SPI_UTILS_H_
+
+#include "threads.h"
+#include <netinet/in.h> // for endian routines
+
+#include "trousers_types.h"
+#include "trousers/trousers.h"
+
+struct key_mem_cache
+{
+ TCS_KEY_HANDLE tcs_handle;
+ TSS_HKEY tsp_handle;
+ UINT16 flags;
+ UINT32 time_stamp;
+ TSS_UUID uuid;
+ TSS_UUID p_uuid;
+ TSS_KEY *blob;
+ struct key_mem_cache *parent;
+ struct key_mem_cache *next;
+};
+
+extern struct key_mem_cache *key_mem_cache_head;
+MUTEX_DECLARE_EXTERN(mem_cache_lock);
+
+#ifndef MIN
+#define MIN(a,b) ((a) < (b) ? (a) : (b))
+#endif
+
+#define BOOL(x) ((x) == 0) ? FALSE : TRUE
+#define INVBOOL(x) ((x) == 0) ? TRUE : FALSE
+
+#define TSS_PSFILE_INCREMENT_NUM_KEYS 1
+#define TSS_PSFILE_DECREMENT_NUM_KEYS 0
+
+#ifdef __clang__
+# define __no_optimize __attribute__((optnone))
+#elif defined(__GNUC__)
+# define __no_optimize __attribute__((optimize("O0")))
+#else
+# define __no_optimize
+#endif
+
+void *calloc_tspi(TSS_HCONTEXT, UINT32);
+TSS_RESULT free_tspi(TSS_HCONTEXT, void *);
+TSS_RESULT __tspi_add_mem_entry(TSS_HCONTEXT, void *);
+void * __no_optimize __tspi_memset(void *, int, size_t);
+
+/* secrets.c */
+
+TSS_RESULT policy_UsesAuth(TSS_HPOLICY, TSS_BOOL *);
+
+TSS_RESULT secret_PerformAuth_OIAP(TSS_HOBJECT, UINT32, TSS_HPOLICY, TSS_BOOL, TCPA_DIGEST *,
+ TPM_AUTH *);
+#if 0
+TSS_RESULT secret_PerformXOR_OSAP(TSS_HPOLICY, TSS_HPOLICY, TSS_HPOLICY, TSS_HOBJECT,
+ UINT16, UINT32, TCPA_ENCAUTH *, TCPA_ENCAUTH *,
+ BYTE *, TPM_AUTH *, TCPA_NONCE *);
+TSS_RESULT secret_PerformAuth_OSAP(TSS_HOBJECT, UINT32, TSS_HPOLICY,
+ TSS_HPOLICY, TSS_HPOLICY, BYTE *,
+ TPM_AUTH *, BYTE *, TCPA_NONCE *);
+
+TSS_RESULT secret_ValidateAuth_OSAP(TSS_HOBJECT, UINT32, TSS_HPOLICY,
+ TSS_HPOLICY, TSS_HPOLICY, BYTE *,
+ TPM_AUTH *, BYTE *, TCPA_NONCE *);
+#endif
+TSS_RESULT secret_TakeOwnership(TSS_HKEY, TSS_HTPM, TSS_HKEY, TPM_AUTH *,
+ UINT32 *, BYTE *, UINT32 *, BYTE *);
+
+TSS_RESULT changeauth_owner(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY);
+TSS_RESULT changeauth_srk(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY);
+TSS_RESULT changeauth_key(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY);
+TSS_RESULT changeauth_encdata(TSS_HCONTEXT, TSS_HOBJECT, TSS_HOBJECT, TSS_HPOLICY);
+
+TSS_RESULT sealx_mask_cb(PVOID, TSS_HKEY, TSS_HENCDATA, TSS_ALGORITHM_ID, UINT32, BYTE *, BYTE *,
+ BYTE *, BYTE *, UINT32, BYTE *, BYTE *);
+
+TSS_RESULT __tspi_free_resource(TSS_HCONTEXT, UINT32, UINT32);
+TSS_RESULT owner_get_pubek(TSS_HCONTEXT, TSS_HTPM, TSS_HKEY *);
+
+#define next( x ) x = x->next
+
+/* spi_utils.c */
+
+UINT16 get_num_pcrs(TSS_HCONTEXT);
+void free_key_refs(TSS_KEY *);
+
+#define UI_MAX_SECRET_STRING_LENGTH 256
+#define UI_MAX_POPUP_STRING_LENGTH 256
+
+#ifdef TSS_NO_GUI
+#define DisplayPINWindow(a,b,c) \
+ do { \
+ *(b) = 0; \
+ } while (0)
+#define DisplayNewPINWindow(a,b,c) \
+ do { \
+ *(b) = 0; \
+ } while (0)
+#else
+TSS_RESULT DisplayPINWindow(BYTE *, UINT32 *, BYTE *);
+TSS_RESULT DisplayNewPINWindow(BYTE *, UINT32 *, BYTE *);
+#endif
+
+TSS_RESULT merge_key_hierarchies(TSS_HCONTEXT, UINT32, TSS_KM_KEYINFO *, UINT32, TSS_KM_KEYINFO *,
+ UINT32 *, TSS_KM_KEYINFO **);
+TSS_RESULT merge_key_hierarchies2(TSS_HCONTEXT, UINT32, TSS_KM_KEYINFO2 *, UINT32, TSS_KM_KEYINFO2 *,
+ UINT32 *, TSS_KM_KEYINFO2 **);
+
+
+int pin_mem(void *, size_t);
+int unpin_mem(void *, size_t);
+
+
+#define TSS_MAX_SYM_BLOCK_SIZE 16
+
+TSS_RESULT internal_GetCap(TSS_HCONTEXT, TSS_FLAG, UINT32, UINT32 *, BYTE **);
+
+/* For an unconnected context that wants to do PCR operations, assume that
+ * the TPM has TSS_DEFAULT_NUM_PCRS pcrs */
+#define TSS_DEFAULT_NUM_PCRS 16
+#define TSS_LOCAL_RANDOM_DEVICE "/dev/urandom"
+#define TSS_LOCALHOST_STRING "localhost"
+TSS_RESULT get_local_random(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE **);
+
+#define AUTH_RETRY_NANOSECS 500000000
+#define AUTH_RETRY_COUNT 5
+#define TPM_AUTH_RQU_SIZE (sizeof(TPM_AUTHHANDLE) + sizeof(TPM_NONCE) \
+ + sizeof(TPM_BOOL) + sizeof(TPM_AUTHDATA))
+#define TPM_AUTH_RSP_SIZE (sizeof(TPM_NONCE) + sizeof(TPM_BOOL) + sizeof(TPM_AUTHDATA))
+
+#define endian32(x) htonl(x)
+#define endian16(x) htons(x)
+
+extern TSS_VERSION VERSION_1_1;
+
+TSS_RESULT __tspi_rsa_encrypt(TSS_HKEY, UINT32, BYTE*, UINT32*, BYTE*);
+TSS_RESULT __tspi_rsa_verify(TSS_HKEY, UINT32, UINT32, BYTE*, UINT32, BYTE*);
+
+TSS_RESULT Init_AuthNonce(TCS_CONTEXT_HANDLE, TSS_BOOL, TPM_AUTH *);
+TSS_BOOL validateReturnAuth(BYTE *, BYTE *, TPM_AUTH *);
+void HMAC_Auth(BYTE *, BYTE *, TPM_AUTH *);
+TSS_RESULT OSAP_Calc(TCS_CONTEXT_HANDLE, UINT16, UINT32, BYTE *, BYTE *, BYTE *,
+ TCPA_ENCAUTH *, TCPA_ENCAUTH *, BYTE *, TPM_AUTH *);
+
+void UINT64ToArray(UINT64, BYTE *);
+void UINT32ToArray(UINT32, BYTE *);
+void UINT16ToArray(UINT16, BYTE *);
+UINT16 Decode_UINT16(BYTE *);
+UINT32 Decode_UINT32(BYTE *);
+UINT64 Decode_UINT64(BYTE *);
+
+TSS_RESULT popup_GetSecret(UINT32, UINT32, BYTE *, void *);
+
+TSS_RESULT get_tpm_flags(TSS_HCONTEXT, TSS_HTPM, UINT32 *, UINT32 *);
+TSS_RESULT pcrs_calc_composite(TCPA_PCR_SELECTION *, TCPA_PCRVALUE *, TCPA_DIGEST *);
+struct tr_pcrs_obj;
+TSS_RESULT pcrs_sanity_check_selection(TCS_CONTEXT_HANDLE, struct tr_pcrs_obj *, TPM_PCR_SELECTION *);
+
+void LoadBlob_AUTH(UINT64 *, BYTE *, TPM_AUTH *);
+void UnloadBlob_AUTH(UINT64 *, BYTE *, TPM_AUTH *);
+void LoadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *);
+void UnloadBlob_LOADKEY_INFO(UINT64 *, BYTE *, TCS_LOADKEY_INFO *);
+void LoadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *);
+TSS_RESULT UnloadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *);
+TSS_RESULT UnloadBlob_TSS_KEY_s(UINT64 *, BYTE *, UINT64, TSS_KEY *);
+TSS_RESULT Hash_TSS_KEY(Trspi_HashCtx *, TSS_KEY *);
+void LoadBlob_TSS_PRIVKEY_DIGEST(UINT64 *, BYTE *, TSS_KEY *);
+TSS_RESULT Hash_TSS_PRIVKEY_DIGEST(Trspi_HashCtx *, TSS_KEY *);
+
+TSS_RESULT TSP_SetCapability(TSS_HCONTEXT, TSS_HTPM, TSS_HPOLICY, TPM_CAPABILITY_AREA,
+ UINT32, TSS_BOOL);
+
+TSS_RESULT RPC_OpenContext(TSS_HCONTEXT, BYTE *, int);
+TSS_RESULT RPC_FreeMemory(TSS_HCONTEXT, BYTE *);
+TSS_RESULT RPC_GetRegisteredKeyByPublicInfo(TSS_HCONTEXT, TCPA_ALGORITHM_ID, UINT32,
+ BYTE *, UINT32 *, BYTE **);
+TSS_RESULT RPC_CloseContext(TSS_HCONTEXT);
+TSS_RESULT RPC_GetCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *, BYTE **);
+TSS_RESULT RPC_GetTPMCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *, BYTE **);
+TSS_RESULT Transport_GetTPMCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *, BYTE **);
+TSS_RESULT RPC_SetCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT Transport_SetCapability(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *);
+TSS_RESULT RPC_LoadKeyByBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *,
+ TCS_KEY_HANDLE *, TCS_KEY_HANDLE *);
+TSS_RESULT Transport_LoadKeyByBlob(TSS_HCONTEXT, TSS_HKEY, UINT32, BYTE *,
+ TPM_AUTH *, TCS_KEY_HANDLE *, TPM_KEY_HANDLE *);
+TSS_RESULT RPC_LoadKeyByUUID(TSS_HCONTEXT, TSS_UUID, TCS_LOADKEY_INFO *, TCS_KEY_HANDLE *);
+TSS_RESULT RPC_GetRegisteredKey(TSS_HCONTEXT, TSS_UUID, TSS_KM_KEYINFO **);
+TSS_RESULT RPC_GetRegisteredKeyBlob(TSS_HCONTEXT, TSS_UUID, UINT32 *, BYTE **);
+TSS_RESULT RPC_RegisterKey(TSS_HCONTEXT, TSS_UUID, TSS_UUID, UINT32, BYTE *, UINT32, BYTE *);
+TSS_RESULT RPC_UnregisterKey(TSS_HCONTEXT, TSS_UUID);
+TSS_RESULT RPC_EnumRegisteredKeys(TSS_HCONTEXT, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO **);
+TSS_RESULT RPC_EnumRegisteredKeys2(TSS_HCONTEXT, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO2 **);
+TSS_RESULT RPC_ChangeAuth(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *,
+ TCPA_ENTITY_TYPE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
+ UINT32 *, BYTE **);
+TSS_RESULT Transport_ChangeAuth(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *,
+ TCPA_ENTITY_TYPE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
+ UINT32 *, BYTE **);
+TSS_RESULT RPC_ChangeAuthOwner(TSS_HCONTEXT, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, TCPA_ENTITY_TYPE,
+ TPM_AUTH *);
+TSS_RESULT Transport_ChangeAuthOwner(TSS_HCONTEXT, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *, TCPA_ENTITY_TYPE,
+ TPM_AUTH *);
+TSS_RESULT RPC_TerminateHandle(TSS_HCONTEXT, TCS_AUTHHANDLE);
+TSS_RESULT Transport_TerminateHandle(TSS_HCONTEXT, TCS_AUTHHANDLE);
+TSS_RESULT RPC_GetRandom(TSS_HCONTEXT, UINT32, BYTE **);
+TSS_RESULT Transport_GetRandom(TSS_HCONTEXT, UINT32, BYTE **);
+TSS_RESULT RPC_ChangeAuthAsymStart(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *,
+ BYTE **, TCS_KEY_HANDLE *);
+TSS_RESULT RPC_ChangeAuthAsymFinish(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE,
+ TCPA_ENTITY_TYPE, TCPA_HMAC, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **, TCPA_SALT_NONCE *,
+ TCPA_DIGEST *);
+TSS_RESULT RPC_GetPubKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_GetPubKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_CreateWrapKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, TCPA_ENCAUTH *,
+ UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *);
+TSS_RESULT Transport_CreateWrapKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, TCPA_ENCAUTH *,
+ UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *);
+TSS_RESULT RPC_CertifyKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, TPM_NONCE *, TPM_AUTH *,
+ TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_CertifyKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, TPM_NONCE *,
+ TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_CreateMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_MIGRATE_SCHEME, UINT32,
+ BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *,
+ BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_CreateMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_MIGRATE_SCHEME, UINT32,
+ BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *,
+ BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_ConvertMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_ConvertMigrationBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_PcrRead(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_PCRVALUE *);
+TSS_RESULT Transport_PcrRead(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_PCRVALUE *);
+TSS_RESULT RPC_PcrReset(TSS_HCONTEXT, UINT32, BYTE *);
+TSS_RESULT Transport_PcrReset(TSS_HCONTEXT, UINT32, BYTE *);
+TSS_RESULT RPC_OSAP(TSS_HCONTEXT, TCPA_ENTITY_TYPE, UINT32, TPM_NONCE *, TCS_AUTHHANDLE *,
+ TCPA_NONCE *, TCPA_NONCE *);
+TSS_RESULT Transport_OSAP(TSS_HCONTEXT, TCPA_ENTITY_TYPE, UINT32, TPM_NONCE *, TCS_AUTHHANDLE *,
+ TCPA_NONCE *, TCPA_NONCE *);
+TSS_RESULT RPC_GetCapabilityOwner(TSS_HCONTEXT, TPM_AUTH *, TCPA_VERSION *, UINT32 *, UINT32 *);
+TSS_RESULT Transport_GetCapabilityOwner(TSS_HCONTEXT, TPM_AUTH *, TCPA_VERSION *, UINT32 *, UINT32 *);
+TSS_RESULT RPC_OIAP(TSS_HCONTEXT, TCS_AUTHHANDLE *, TCPA_NONCE *);
+TSS_RESULT Transport_OIAP(TSS_HCONTEXT, TCS_AUTHHANDLE *, TCPA_NONCE *);
+TSS_RESULT RPC_Seal(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_Seal(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Sealx(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_Sealx(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Unseal(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
+ UINT32 *, BYTE **);
+TSS_RESULT Transport_Unseal(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
+ UINT32 *, BYTE **);
+TSS_RESULT RPC_UnBind(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *,
+ BYTE **);
+TSS_RESULT Transport_UnBind(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *,
+ BYTE **);
+TSS_RESULT RPC_Sign(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_Sign(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_CreateEndorsementKeyPair(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, UINT32 *,
+ BYTE **, TCPA_DIGEST *);
+TSS_RESULT RPC_ReadPubek(TSS_HCONTEXT, TCPA_NONCE, UINT32 *, BYTE **, TCPA_DIGEST *);
+TSS_RESULT RPC_OwnerReadPubek(TSS_HCONTEXT, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_TakeOwnership(TSS_HCONTEXT, UINT16, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_CreateRevocableEndorsementKeyPair(TSS_HCONTEXT, TPM_NONCE, UINT32, BYTE *, TSS_BOOL, TPM_DIGEST *, UINT32 *, BYTE **, TPM_DIGEST *);
+TSS_RESULT RPC_RevokeEndorsementKeyPair(TSS_HCONTEXT, TPM_DIGEST *);
+TSS_RESULT RPC_MakeIdentity(TSS_HCONTEXT, TCPA_ENCAUTH, TCPA_CHOSENID_HASH, UINT32, BYTE *,
+ TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *,
+ BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_MakeIdentity2(TSS_HCONTEXT, TCPA_ENCAUTH, TCPA_CHOSENID_HASH, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_ActivateTPMIdentity(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_ActivateTPMIdentity(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_OwnerClear(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT Transport_OwnerClear(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT RPC_ForceClear(TSS_HCONTEXT);
+TSS_RESULT Transport_ForceClear(TSS_HCONTEXT);
+TSS_RESULT RPC_DisableOwnerClear(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT Transport_DisableOwnerClear(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT RPC_DisableForceClear(TSS_HCONTEXT);
+TSS_RESULT Transport_DisableForceClear(TSS_HCONTEXT);
+TSS_RESULT RPC_PhysicalDisable(TSS_HCONTEXT);
+TSS_RESULT Transport_PhysicalDisable(TSS_HCONTEXT);
+TSS_RESULT RPC_PhysicalEnable(TSS_HCONTEXT);
+TSS_RESULT Transport_PhysicalEnable(TSS_HCONTEXT);
+TSS_RESULT RPC_PhysicalSetDeactivated(TSS_HCONTEXT, TSS_BOOL);
+TSS_RESULT Transport_PhysicalSetDeactivated(TSS_HCONTEXT, TSS_BOOL);
+TSS_RESULT RPC_PhysicalPresence(TSS_HCONTEXT, TCPA_PHYSICAL_PRESENCE);
+TSS_RESULT Transport_PhysicalPresence(TSS_HCONTEXT, TCPA_PHYSICAL_PRESENCE);
+TSS_RESULT RPC_SetTempDeactivated(TSS_HCONTEXT);
+TSS_RESULT Transport_SetTempDeactivated(TSS_HCONTEXT);
+TSS_RESULT RPC_SetTempDeactivated2(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT Transport_SetTempDeactivated2(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT RPC_OwnerSetDisable(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *);
+TSS_RESULT Transport_OwnerSetDisable(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *);
+TSS_RESULT RPC_ResetLockValue(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT Transport_ResetLockValue(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT RPC_SetOwnerInstall(TSS_HCONTEXT, TSS_BOOL);
+TSS_RESULT Transport_SetOwnerInstall(TSS_HCONTEXT, TSS_BOOL);
+TSS_RESULT RPC_DisablePubekRead(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT Transport_DisablePubekRead(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT RPC_SelfTestFull(TSS_HCONTEXT);
+TSS_RESULT Transport_SelfTestFull(TSS_HCONTEXT);
+TSS_RESULT RPC_CertifySelfTest(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *, UINT32 *,
+ BYTE **);
+TSS_RESULT Transport_CertifySelfTest(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *, UINT32 *,
+ BYTE **);
+TSS_RESULT RPC_GetTestResult(TSS_HCONTEXT, UINT32 *, BYTE **);
+TSS_RESULT Transport_GetTestResult(TSS_HCONTEXT, UINT32 *, BYTE **);
+TSS_RESULT RPC_StirRandom(TSS_HCONTEXT, UINT32, BYTE *);
+TSS_RESULT Transport_StirRandom(TSS_HCONTEXT, UINT32, BYTE *);
+TSS_RESULT RPC_AuthorizeMigrationKey(TSS_HCONTEXT, TCPA_MIGRATE_SCHEME, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_AuthorizeMigrationKey(TSS_HCONTEXT, TCPA_MIGRATE_SCHEME, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_GetPcrEvent(TSS_HCONTEXT, UINT32, UINT32 *, TSS_PCR_EVENT **);
+TSS_RESULT RPC_GetPcrEventsByPcr(TSS_HCONTEXT, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **);
+TSS_RESULT RPC_GetPcrEventLog(TSS_HCONTEXT, UINT32 *, TSS_PCR_EVENT **);
+TSS_RESULT RPC_Quote(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TPM_AUTH *,
+ UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_Quote(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TPM_AUTH *,
+ UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_Quote2(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TSS_BOOL, TPM_AUTH *,
+ UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_Quote2(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TSS_BOOL,
+ TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_Extend(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_DIGEST, TCPA_PCRVALUE *);
+TSS_RESULT Transport_Extend(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_DIGEST, TCPA_PCRVALUE *);
+TSS_RESULT RPC_DirWriteAuth(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *, TPM_AUTH *);
+TSS_RESULT Transport_DirWriteAuth(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *, TPM_AUTH *);
+TSS_RESULT RPC_DirRead(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *);
+TSS_RESULT Transport_DirRead(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *);
+TSS_RESULT RPC_LogPcrEvent(TSS_HCONTEXT, TSS_PCR_EVENT, UINT32 *);
+TSS_RESULT RPC_EvictKey(TSS_HCONTEXT, TCS_KEY_HANDLE);
+TSS_RESULT Transport_EvictKey(TSS_HCONTEXT, TCS_KEY_HANDLE);
+TSS_RESULT RPC_CreateMaintenanceArchive(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_CreateMaintenanceArchive(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_KillMaintenanceFeature(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT Transport_KillMaintenanceFeature(TSS_HCONTEXT, TPM_AUTH *);
+TSS_RESULT RPC_LoadMaintenanceArchive(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_LoadMaintenanceArchive(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_LoadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, TCPA_DIGEST *);
+TSS_RESULT Transport_LoadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, TCPA_DIGEST *);
+TSS_RESULT RPC_ReadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, TCPA_DIGEST *);
+TSS_RESULT Transport_ReadManuMaintPub(TSS_HCONTEXT, TCPA_NONCE, TCPA_DIGEST *);
+TSS_RESULT RPC_DaaJoin(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE *, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_DaaSign(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE *, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_ReadCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_COUNTER_VALUE *);
+TSS_RESULT Transport_ReadCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_COUNTER_VALUE *);
+TSS_RESULT RPC_CreateCounter(TSS_HCONTEXT, UINT32, BYTE *, TPM_ENCAUTH, TPM_AUTH *,
+ TSS_COUNTER_ID *, TPM_COUNTER_VALUE *);
+TSS_RESULT RPC_IncrementCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH *, TPM_COUNTER_VALUE *);
+TSS_RESULT RPC_ReleaseCounter(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH *);
+TSS_RESULT RPC_ReleaseCounterOwner(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH *);
+TSS_RESULT RPC_ReadCurrentTicks(TSS_HCONTEXT, UINT32 *, BYTE **);
+TSS_RESULT Transport_ReadCurrentTicks(TSS_HCONTEXT, UINT32 *, BYTE **);
+TSS_RESULT RPC_TickStampBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE *, TPM_DIGEST *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_TickStampBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE *, TPM_DIGEST *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_EstablishTransport(TSS_HCONTEXT, UINT32, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_MODIFIER_INDICATOR *, TCS_HANDLE *, UINT32 *, BYTE **, TPM_NONCE *);
+TSS_RESULT RPC_ExecuteTransport(TSS_HCONTEXT, TPM_COMMAND_CODE, UINT32, BYTE *, UINT32 *, TCS_HANDLE **, TPM_AUTH *, TPM_AUTH *, TPM_AUTH *, UINT64 *, TPM_MODIFIER_INDICATOR *, TPM_RESULT *, UINT32 *, BYTE **);
+TSS_RESULT RPC_ReleaseTransportSigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE *, TPM_AUTH *, TPM_AUTH *, TPM_MODIFIER_INDICATOR *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_NV_DefineOrReleaseSpace(TSS_HCONTEXT, UINT32, BYTE *, TCPA_ENCAUTH, TPM_AUTH *);
+TSS_RESULT Transport_NV_DefineOrReleaseSpace(TSS_HCONTEXT, UINT32, BYTE *, TCPA_ENCAUTH, TPM_AUTH *);
+TSS_RESULT RPC_NV_WriteValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT Transport_NV_WriteValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT RPC_NV_WriteValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT Transport_NV_WriteValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT RPC_NV_ReadValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **);
+TSS_RESULT Transport_NV_ReadValue(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **);
+TSS_RESULT RPC_NV_ReadValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **);
+TSS_RESULT Transport_NV_ReadValueAuth(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32 *, TPM_AUTH *, BYTE **);
+TSS_RESULT RPC_SetOrdinalAuditStatus(TSS_HCONTEXT, TPM_AUTH *, UINT32, TSS_BOOL);
+TSS_RESULT Transport_SetOrdinalAuditStatus(TSS_HCONTEXT, TPM_AUTH *, UINT32, TSS_BOOL);
+TSS_RESULT RPC_GetAuditDigest(TSS_HCONTEXT, UINT32, TPM_DIGEST *, UINT32 *, BYTE **, TSS_BOOL *, UINT32 *, UINT32 **);
+TSS_RESULT Transport_GetAuditDigest(TSS_HCONTEXT, UINT32, TPM_DIGEST *, UINT32 *, BYTE **, TSS_BOOL *, UINT32 *, UINT32 **);
+TSS_RESULT RPC_GetAuditDigestSigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *,
+ TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *, TPM_DIGEST *,
+ UINT32 *, BYTE **);
+TSS_RESULT Transport_GetAuditDigestSigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *,
+ TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *, TPM_DIGEST *,
+ UINT32 *, BYTE **);
+TSS_RESULT RPC_SetOperatorAuth(TSS_HCONTEXT, TCPA_SECRET *);
+TSS_RESULT Transport_SetOperatorAuth(TSS_HCONTEXT, TCPA_SECRET *);
+TSS_RESULT RPC_OwnerReadInternalPub(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_OwnerReadInternalPub(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_KeyControlOwner(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32, TSS_BOOL, TPM_AUTH *, TSS_UUID *);
+TSS_RESULT RPC_GetCredential(TSS_HCONTEXT, UINT32, UINT32, UINT32 *, BYTE **);
+TSS_RESULT RPC_GetCapabilitySigned(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TCPA_CAPABILITY_AREA, UINT32, BYTE *, TPM_AUTH *, TCPA_VERSION *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_FieldUpgrade(TSS_HCONTEXT, UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *);
+TSS_RESULT RPC_SetRedirection(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, UINT32, TPM_AUTH *);
+TSS_RESULT RPC_Delegate_Manage(TSS_HCONTEXT, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_Delegate_Manage(TSS_HCONTEXT, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_CreateKeyDelegation(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_Delegate_CreateKeyDelegation(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_CreateOwnerDelegation(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_Delegate_CreateOwnerDelegation(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE *, TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_LoadOwnerDelegation(TSS_HCONTEXT, TPM_DELEGATE_INDEX, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT Transport_Delegate_LoadOwnerDelegation(TSS_HCONTEXT, TPM_DELEGATE_INDEX, UINT32, BYTE *, TPM_AUTH *);
+TSS_RESULT RPC_Delegate_ReadTable(TSS_HCONTEXT, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_Delegate_ReadTable(TSS_HCONTEXT, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_UpdateVerificationCount(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_Delegate_UpdateVerificationCount(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_Delegate_VerifyDelegation(TSS_HCONTEXT, UINT32, BYTE *);
+TSS_RESULT Transport_Delegate_VerifyDelegation(TSS_HCONTEXT, UINT32, BYTE *);
+TSS_RESULT RPC_DSAP(TSS_HCONTEXT, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32, BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *);
+TSS_RESULT Transport_DSAP(TSS_HCONTEXT, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32, BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *);
+TSS_RESULT RPC_CMK_SetRestrictions(TSS_HCONTEXT, TSS_CMK_DELEGATE, TPM_AUTH *);
+TSS_RESULT Transport_CMK_SetRestrictions(TSS_HCONTEXT, TSS_CMK_DELEGATE, TPM_AUTH *);
+TSS_RESULT RPC_CMK_ApproveMA(TSS_HCONTEXT, TPM_DIGEST, TPM_AUTH *, TPM_HMAC *);
+TSS_RESULT Transport_CMK_ApproveMA(TSS_HCONTEXT, TPM_DIGEST, TPM_AUTH *, TPM_HMAC *);
+TSS_RESULT RPC_CMK_CreateKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_ENCAUTH *, TPM_HMAC *, TPM_DIGEST *, UINT32 *, BYTE **, TPM_AUTH *);
+TSS_RESULT Transport_CMK_CreateKey(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_ENCAUTH, TPM_HMAC, TPM_DIGEST, UINT32 *, BYTE **, TPM_AUTH *);
+TSS_RESULT RPC_CMK_CreateTicket(TSS_HCONTEXT, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, TPM_AUTH *, TPM_HMAC *);
+TSS_RESULT Transport_CMK_CreateTicket(TSS_HCONTEXT, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, TPM_AUTH *, TPM_HMAC *);
+TSS_RESULT RPC_CMK_CreateBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_MIGRATE_SCHEME, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT Transport_CMK_CreateBlob(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_MIGRATE_SCHEME, UINT32, BYTE *, TPM_DIGEST, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+TSS_RESULT RPC_CMK_ConvertMigration(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_CMK_AUTH, TPM_HMAC, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT Transport_CMK_ConvertMigration(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_CMK_AUTH, TPM_HMAC, UINT32, BYTE *, UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+TSS_RESULT RPC_FlushSpecific(TSS_HCONTEXT, TCS_HANDLE, TPM_RESOURCE_TYPE);
+TSS_RESULT Transport_FlushSpecific(TSS_HCONTEXT, TCS_HANDLE, TPM_RESOURCE_TYPE);
+
+TSS_RESULT RPC_Error(TSS_HCONTEXT, ...);
+
+struct tcs_api_table {
+#ifdef TSS_BUILD_KEY
+ TSS_RESULT (*LoadKeyByBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *,
+ TCS_KEY_HANDLE *, TCS_KEY_HANDLE *);
+ TSS_RESULT (*EvictKey)(TSS_HCONTEXT, TCS_KEY_HANDLE);
+ TSS_RESULT (*CreateWrapKey)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, TCPA_ENCAUTH *,
+ UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *);
+ TSS_RESULT (*GetPubKey)(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH *, UINT32 *, BYTE **);
+ TSS_RESULT (*OwnerReadInternalPub)(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_AUTH*, UINT32*,
+ BYTE**);
+#ifdef TSS_BUILD_CERTIFY
+ TSS_RESULT (*CertifyKey)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE, TPM_NONCE *,
+ TPM_AUTH *, TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **);
+#endif
+#endif
+#ifdef TSS_BUILD_OWN
+ TSS_RESULT (*OwnerClear)(TSS_HCONTEXT, TPM_AUTH *);
+ TSS_RESULT (*ForceClear)(TSS_HCONTEXT);
+#endif
+#ifdef TSS_BUILD_AUTH
+ TSS_RESULT (*OIAP)(TSS_HCONTEXT, TCS_AUTHHANDLE *, TCPA_NONCE *);
+ TSS_RESULT (*OSAP)(TSS_HCONTEXT, TCPA_ENTITY_TYPE, UINT32, TPM_NONCE *, TCS_AUTHHANDLE *,
+ TCPA_NONCE *, TCPA_NONCE *);
+ TSS_RESULT (*TerminateHandle)(TSS_HCONTEXT, TCS_AUTHHANDLE);
+#endif
+#ifdef TSS_BUILD_CHANGEAUTH
+ TSS_RESULT (*ChangeAuth)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *,
+ TCPA_ENTITY_TYPE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *, UINT32 *,
+ BYTE **);
+ TSS_RESULT (*ChangeAuthOwner)(TSS_HCONTEXT, TCPA_PROTOCOL_ID, TCPA_ENCAUTH *,
+ TCPA_ENTITY_TYPE, TPM_AUTH *);
+ TSS_RESULT (*ChangeAuthAsymStart)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **,
+ UINT32 *, BYTE **, TCS_KEY_HANDLE *);
+ TSS_RESULT (*ChangeAuthAsymFinish)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCS_KEY_HANDLE,
+ TCPA_ENTITY_TYPE, TCPA_HMAC, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **, TPM_NONCE *,
+ TCPA_DIGEST *);
+#endif
+#ifdef TSS_BUILD_AIK
+ TSS_RESULT (*ActivateTPMIdentity)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_PCR_EXTEND
+ TSS_RESULT (*Extend)(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_DIGEST, TCPA_PCRVALUE *);
+ TSS_RESULT (*PcrRead)(TSS_HCONTEXT, TCPA_PCRINDEX, TCPA_PCRVALUE *);
+ TSS_RESULT (*PcrReset)(TSS_HCONTEXT, UINT32, BYTE *);
+#endif
+#ifdef TSS_BUILD_QUOTE
+ TSS_RESULT (*Quote)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TPM_AUTH *,
+ UINT32 *, BYTE **, UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_QUOTE2
+ TSS_RESULT (*Quote2)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE *, UINT32, BYTE *, TSS_BOOL,
+ TPM_AUTH *, UINT32 *, BYTE **, UINT32 *, BYTE **, UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_DIR
+ TSS_RESULT (*DirWriteAuth)(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *, TPM_AUTH *);
+ TSS_RESULT (*DirRead)(TSS_HCONTEXT, TCPA_DIRINDEX, TCPA_DIRVALUE *);
+#endif
+#ifdef TSS_BUILD_SEAL
+ TSS_RESULT (*Seal)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+ TSS_RESULT (*Sealx)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_ENCAUTH *, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+ TSS_RESULT (*Unseal)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
+ UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_BIND
+ TSS_RESULT (*UnBind)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *,
+ BYTE **);
+#endif
+#ifdef TSS_BUILD_MIGRATION
+ TSS_RESULT (*CreateMigrationBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_MIGRATE_SCHEME,
+ UINT32, BYTE *, UINT32, BYTE *, TPM_AUTH *, TPM_AUTH *,
+ UINT32 *, BYTE **, UINT32 *, BYTE **);
+ TSS_RESULT (*ConvertMigrationBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+ TSS_RESULT (*AuthorizeMigrationKey)(TSS_HCONTEXT, TCPA_MIGRATE_SCHEME, UINT32, BYTE *,
+ TPM_AUTH *, UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_SIGN
+ TSS_RESULT (*Sign)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *, TPM_AUTH *, UINT32 *,
+ BYTE **);
+#endif
+#ifdef TSS_BUILD_RANDOM
+ TSS_RESULT (*GetRandom)(TSS_HCONTEXT, UINT32, BYTE **);
+ TSS_RESULT (*StirRandom)(TSS_HCONTEXT, UINT32, BYTE *);
+#endif
+#ifdef TSS_BUILD_CAPS_TPM
+ TSS_RESULT (*GetTPMCapability)(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32 *,
+ BYTE **);
+ TSS_RESULT (*SetCapability)(TSS_HCONTEXT, TCPA_CAPABILITY_AREA, UINT32, BYTE *, UINT32,
+ BYTE *, TPM_AUTH *);
+ TSS_RESULT (*GetCapabilityOwner)(TSS_HCONTEXT, TPM_AUTH *, TCPA_VERSION *, UINT32 *,
+ UINT32 *);
+#endif
+#ifdef TSS_BUILD_EK
+ TSS_RESULT (*CreateEndorsementKeyPair)(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, UINT32 *,
+ BYTE **, TCPA_DIGEST *);
+ TSS_RESULT (*ReadPubek)(TSS_HCONTEXT, TCPA_NONCE, UINT32 *, BYTE **, TCPA_DIGEST *);
+ TSS_RESULT (*OwnerReadPubek)(TSS_HCONTEXT, TPM_AUTH *, UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_SELFTEST
+ TSS_RESULT (*SelfTestFull)(TSS_HCONTEXT);
+ TSS_RESULT (*CertifySelfTest)(TSS_HCONTEXT, TCS_KEY_HANDLE, TCPA_NONCE, TPM_AUTH *,
+ UINT32 *, BYTE **);
+ TSS_RESULT (*GetTestResult)(TSS_HCONTEXT, UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_ADMIN
+ TSS_RESULT (*DisablePubekRead)(TSS_HCONTEXT, TPM_AUTH *);
+ TSS_RESULT (*SetOwnerInstall)(TSS_HCONTEXT, TSS_BOOL);
+ TSS_RESULT (*OwnerSetDisable)(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *);
+ TSS_RESULT (*ResetLockValue)(TSS_HCONTEXT, TPM_AUTH *);
+ TSS_RESULT (*DisableOwnerClear)(TSS_HCONTEXT, TPM_AUTH *);
+ TSS_RESULT (*DisableForceClear)(TSS_HCONTEXT);
+ TSS_RESULT (*PhysicalDisable)(TSS_HCONTEXT);
+ TSS_RESULT (*PhysicalEnable)(TSS_HCONTEXT);
+ TSS_RESULT (*PhysicalSetDeactivated)(TSS_HCONTEXT, TSS_BOOL);
+ TSS_RESULT (*PhysicalPresence)(TSS_HCONTEXT, TCPA_PHYSICAL_PRESENCE);
+ TSS_RESULT (*SetTempDeactivated)(TSS_HCONTEXT);
+ TSS_RESULT (*SetTempDeactivated2)(TSS_HCONTEXT, TPM_AUTH *);
+#endif
+#ifdef TSS_BUILD_MAINT
+ TSS_RESULT (*CreateMaintenanceArchive)(TSS_HCONTEXT, TSS_BOOL, TPM_AUTH *, UINT32 *,
+ BYTE **, UINT32 *, BYTE **);
+ TSS_RESULT (*LoadMaintenanceArchive)(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *, UINT32 *,
+ BYTE **);
+ TSS_RESULT (*KillMaintenanceFeature)(TSS_HCONTEXT, TPM_AUTH *);
+ TSS_RESULT (*LoadManuMaintPub)(TSS_HCONTEXT, TCPA_NONCE, UINT32, BYTE *, TCPA_DIGEST *);
+ TSS_RESULT (*ReadManuMaintPub)(TSS_HCONTEXT, TCPA_NONCE, TCPA_DIGEST *);
+#endif
+#ifdef TSS_BUILD_DAA
+ TSS_RESULT (*DaaJoin)(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE*, UINT32, BYTE*,
+ TPM_AUTH*, UINT32*, BYTE**);
+ TSS_RESULT (*DaaSign)(TSS_HCONTEXT, TPM_HANDLE, BYTE, UINT32, BYTE*, UINT32, BYTE*,
+ TPM_AUTH*, UINT32*, BYTE**);
+#endif
+#ifdef TSS_BUILD_COUNTER
+ TSS_RESULT (*ReadCounter)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_COUNTER_VALUE*);
+ TSS_RESULT (*CreateCounter)(TSS_HCONTEXT, UINT32, BYTE*, TPM_ENCAUTH, TPM_AUTH*,
+ TSS_COUNTER_ID*, TPM_COUNTER_VALUE*);
+ TSS_RESULT (*IncrementCounter)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH*, TPM_COUNTER_VALUE*);
+ TSS_RESULT (*ReleaseCounter)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH*);
+ TSS_RESULT (*ReleaseCounterOwner)(TSS_HCONTEXT, TSS_COUNTER_ID, TPM_AUTH*);
+#endif
+#ifdef TSS_BUILD_TICK
+ TSS_RESULT (*ReadCurrentTicks)(TSS_HCONTEXT, UINT32*, BYTE**);
+ TSS_RESULT (*TickStampBlob)(TSS_HCONTEXT, TCS_KEY_HANDLE, TPM_NONCE*, TPM_DIGEST*,
+ TPM_AUTH*, UINT32*, BYTE**,UINT32*, BYTE**);
+#endif
+#ifdef TSS_BUILD_NV
+ TSS_RESULT (*NV_DefineOrReleaseSpace)(TSS_HCONTEXT, UINT32, BYTE*, TCPA_ENCAUTH, TPM_AUTH*);
+ TSS_RESULT (*NV_WriteValue)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE*, TPM_AUTH*);
+ TSS_RESULT (*NV_WriteValueAuth)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32, BYTE*,
+ TPM_AUTH*);
+ TSS_RESULT (*NV_ReadValue)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32*, TPM_AUTH*, BYTE**);
+ TSS_RESULT (*NV_ReadValueAuth)(TSS_HCONTEXT, TSS_NV_INDEX, UINT32, UINT32*, TPM_AUTH*,
+ BYTE**);
+#endif
+#ifdef TSS_BUILD_AUDIT
+ TSS_RESULT (*SetOrdinalAuditStatus)(TSS_HCONTEXT, TPM_AUTH *, UINT32, TSS_BOOL);
+ TSS_RESULT (*GetAuditDigest)(TSS_HCONTEXT, UINT32, TPM_DIGEST *, UINT32 *, BYTE **,
+ TSS_BOOL *, UINT32 *, UINT32 **);
+ TSS_RESULT (*GetAuditDigestSigned)(TSS_HCONTEXT, TCS_KEY_HANDLE, TSS_BOOL, TPM_NONCE *,
+ TPM_AUTH *, UINT32 *, BYTE **, TPM_DIGEST *,
+ TPM_DIGEST *, UINT32 *, BYTE **);
+#endif
+#ifdef TSS_BUILD_TSS12
+ TSS_RESULT (*SetOperatorAuth)(TSS_HCONTEXT, TPM_SECRET *);
+ TSS_RESULT (*FlushSpecific)(TSS_HCONTEXT, TCS_HANDLE, TPM_RESOURCE_TYPE);
+#endif
+#ifdef TSS_BUILD_DELEGATION
+ TSS_RESULT (*Delegate_Manage)(TSS_HCONTEXT, TPM_FAMILY_ID, TPM_FAMILY_OPERATION, UINT32,
+ BYTE *, TPM_AUTH *, UINT32 *, BYTE **);
+ TSS_RESULT (*Delegate_CreateKeyDelegation)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, BYTE *,
+ TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+ TSS_RESULT (*Delegate_CreateOwnerDelegation)(TSS_HCONTEXT, TSS_BOOL, UINT32, BYTE *,
+ TPM_ENCAUTH *, TPM_AUTH *, UINT32 *, BYTE **);
+ TSS_RESULT (*Delegate_LoadOwnerDelegation)(TSS_HCONTEXT, TPM_DELEGATE_INDEX, UINT32, BYTE *,
+ TPM_AUTH *);
+ TSS_RESULT (*Delegate_ReadTable)(TSS_HCONTEXT, UINT32 *, BYTE **, UINT32 *, BYTE **);
+ TSS_RESULT (*Delegate_UpdateVerificationCount)(TSS_HCONTEXT, UINT32, BYTE *, TPM_AUTH *,
+ UINT32 *, BYTE **);
+ TSS_RESULT (*Delegate_VerifyDelegation)(TSS_HCONTEXT, UINT32, BYTE *);
+ TSS_RESULT (*DSAP)(TSS_HCONTEXT, TPM_ENTITY_TYPE, TCS_KEY_HANDLE, TPM_NONCE *, UINT32,
+ BYTE *, TCS_AUTHHANDLE *, TPM_NONCE *, TPM_NONCE *);
+#endif
+ TSS_RESULT (*FieldUpgrade)(TSS_HCONTEXT, UINT32, BYTE *, UINT32 *, BYTE **, TPM_AUTH *);
+ TSS_RESULT (*SetRedirection)(TSS_HCONTEXT, TCS_KEY_HANDLE, UINT32, UINT32, TPM_AUTH *);
+};
+
+extern struct tcs_api_table tcs_normal_api;
+#ifdef TSS_BUILD_TRANSPORT
+extern struct tcs_api_table tcs_transport_api;
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_aik.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_aik.h
new file mode 100644
index 0000000..af49eae
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_aik.h
@@ -0,0 +1,16 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006-2007
+ *
+ */
+
+#ifndef _TCS_AIK_H_
+#define _TCS_AIK_H_
+
+void get_credential(UINT32, UINT32 *, BYTE **);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_context.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_context.h
new file mode 100644
index 0000000..c72944f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_context.h
@@ -0,0 +1,36 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _TCS_CONTEXT_H_
+#define _TCS_CONTEXT_H_
+
+#include "threads.h"
+
+struct keys_loaded
+{
+ TCS_KEY_HANDLE key_handle;
+ struct keys_loaded *next;
+};
+
+#define TSS_CONTEXT_FLAG_TRANSPORT_EXCLUSIVE 0x1
+#define TSS_CONTEXT_FLAG_TRANSPORT_ENCRYPTED 0x2
+#define TSS_CONTEXT_FLAG_TRANSPORT_ENABLED 0x4
+
+struct tcs_context {
+ TSS_FLAG flags;
+ TPM_TRANSHANDLE transHandle;
+ TCS_CONTEXT_HANDLE handle;
+ COND_VAR cond; /* used in waiting for an auth ctx to become available */
+ struct keys_loaded *keys;
+ struct tcs_context *next;
+};
+
+#endif
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_da_reset.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_da_reset.h
new file mode 100644
index 0000000..ac9ee65
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_da_reset.h
@@ -0,0 +1,16 @@
+// Copyright 2021 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef _TCS_DA_RESET_H_
+#define _TCS_DA_RESET_H_
+
+#include "tss/tss_typedef.h"
+
+void recordFailedCommandHistory(UINT32 ordinal, UINT32 result);
+
+void handleAuthFailures();
+
+void clearCommandHistory();
+
+#endif /*_TCS_DA_RESET_H_ */
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_int_literals.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_int_literals.h
new file mode 100644
index 0000000..8f06432
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_int_literals.h
@@ -0,0 +1,28 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _TCS_INT_LITERALS_H_
+#define _TCS_INT_LITERALS_H_
+
+#define TPM_VENDOR_UNKNOWN 0
+#define TPM_VENDOR_ATMEL 1
+#define TPM_VENDOR_IFX 2
+#define TPM_VENDOR_NATL 3
+
+#define TPM_PARAMSIZE_OFFSET 0x02
+
+#define NULL_TPM_HANDLE ((TCPA_KEY_HANDLE)-1)
+#define NULL_TCS_HANDLE ((TCS_KEY_HANDLE)-1)
+#define SRK_TPM_HANDLE (0x40000000)
+#define EK_TPM_HANDLE (0x40000001)
+
+#define FIXED_TCS_MANUFACTURER "IBM "
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_key_ps.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_key_ps.h
new file mode 100644
index 0000000..42cba89
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_key_ps.h
@@ -0,0 +1,29 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#ifndef _TCS_KEY_PS_H_
+#define _TCS_KEY_PS_H_
+
+TSS_RESULT ps_init_disk_cache();
+void ps_close_disk_cache();
+TSS_BOOL ps_is_key_registered(TCPA_STORE_PUBKEY *);
+TSS_RESULT getParentUUIDByUUID(TSS_UUID *, TSS_UUID *);
+TSS_RESULT isUUIDRegistered(TSS_UUID *, TSS_BOOL *);
+void disk_cache_shift(struct key_disk_cache *);
+TSS_RESULT ps_remove_key(TSS_UUID *);
+TSS_RESULT clean_disk_cache(int);
+TSS_RESULT ps_get_key_by_uuid(TSS_UUID *, BYTE *, UINT16 *);
+TSS_RESULT ps_get_key_by_cache_entry(struct key_disk_cache *, BYTE *, UINT16 *);
+TSS_RESULT ps_is_pub_registered(TCPA_STORE_PUBKEY *);
+TSS_RESULT ps_get_uuid_by_pub(TCPA_STORE_PUBKEY *, TSS_UUID **);
+TSS_RESULT ps_get_key_by_pub(TCPA_STORE_PUBKEY *, UINT32 *, BYTE **);
+TSS_RESULT ps_write_key(TSS_UUID *, TSS_UUID *, BYTE *, UINT32, BYTE *, UINT32);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_tsp.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_tsp.h
new file mode 100644
index 0000000..fdca21e
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_tsp.h
@@ -0,0 +1,98 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#ifndef _TCS_TSP_H_
+#define _TCS_TSP_H_
+
+/* Structures and defines needed to be known by the
+ * TSP layer and the TCS layer.
+ */
+
+/*
+ * disk store format:
+ *
+ * [type name ] cached?
+ * --------------------------------------
+ * [BYTE TrouSerS PS version] no
+ * [UINT32 num_keys_on_disk ] no
+ * [TSS_UUID uuid0 ] yes
+ * [TSS_UUID uuid_parent0 ] yes
+ * [UINT16 pub_data_size0 ] yes
+ * [UINT16 blob_size0 ] yes
+ * [UINT32 vendor_data_size0 ] yes
+ * [UINT16 cache_flags0 ] yes
+ * [BYTE[] pub_data0 ] no
+ * [BYTE[] blob0 ] no
+ * [BYTE[] vendor_data0 ] no
+ * [...]
+ *
+ */
+
+
+/*
+ * PS disk cache flags
+ */
+/* A key may be written to disk, in cache and yet be invalid if it has
+ * since been unregistered. */
+#define CACHE_FLAG_VALID 0x0001
+/* set if the key's parent is stored in system PS */
+#define CACHE_FLAG_PARENT_PS_SYSTEM 0x0002
+
+/* the structure that makes up the in-memory PS disk cache */
+struct key_disk_cache
+{
+ unsigned int offset;
+ UINT16 pub_data_size;
+ UINT16 blob_size;
+ UINT16 flags;
+ UINT32 vendor_data_size;
+ TSS_UUID uuid;
+ TSS_UUID parent_uuid;
+ struct key_disk_cache *next;
+};
+
+/* The current PS version */
+#define TSSPS_VERSION 1
+
+/* offsets into each key on disk. These should be passed a (struct key_disk_cache *) */
+#define TSSPS_VERSION_OFFSET (0)
+#define TSSPS_NUM_KEYS_OFFSET (TSSPS_VERSION_OFFSET + sizeof(BYTE))
+#define TSSPS_KEYS_OFFSET (TSSPS_NUM_KEYS_OFFSET + sizeof(UINT32))
+#define TSSPS_UUID_OFFSET(c) ((c)->offset)
+#define TSSPS_PARENT_UUID_OFFSET(c) ((c)->offset + sizeof(TSS_UUID))
+#define TSSPS_PUB_DATA_SIZE_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)))
+#define TSSPS_BLOB_SIZE_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + sizeof(UINT16))
+#define TSSPS_VENDOR_SIZE_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (2 * sizeof(UINT16)))
+#define TSSPS_CACHE_FLAGS_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (2 * sizeof(UINT16)) + sizeof(UINT32))
+#define TSSPS_PUB_DATA_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (3 * sizeof(UINT16)) + sizeof(UINT32))
+#define TSSPS_BLOB_DATA_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (3 * sizeof(UINT16)) + sizeof(UINT32) + (c)->pub_data_size)
+#define TSSPS_VENDOR_DATA_OFFSET(c) ((c)->offset + (2 * sizeof(TSS_UUID)) + (3 * sizeof(UINT16)) + sizeof(UINT32) + (c)->pub_data_size + (c)->blob_size)
+
+/* XXX Get rid of this, there's no reason to set an arbitrary limit */
+#define MAX_KEY_CHILDREN 10
+
+#define STRUCTURE_PACKING_ATTRIBUTE __attribute__((packed))
+
+#ifdef TSS_DEBUG
+#define DBG_ASSERT(x) assert(x)
+#else
+#define DBG_ASSERT(x)
+#endif
+
+/* needed by execute transport in the TSP */
+#define TSS_TPM_TXBLOB_HDR_LEN (sizeof(UINT16) + (2 * sizeof(UINT32)))
+
+#define TSS_TPM_TXBLOB_SIZE (4096)
+#define TSS_TXBLOB_WRAPPEDCMD_OFFSET (TSS_TPM_TXBLOB_HDR_LEN + sizeof(UINT32))
+#define TSS_MAX_AUTHS_CAP (1024)
+#define TSS_REQ_MGR_MAX_RETRIES (5)
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_utils.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_utils.h
new file mode 100644
index 0000000..a425c9b
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcs_utils.h
@@ -0,0 +1,1205 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _TCS_UTILS_H_
+#define _TCS_UTILS_H_
+
+#include <assert.h>
+
+#include "threads.h"
+#include "tcs_context.h"
+#include "tcs_tsp.h"
+#include "trousers_types.h"
+
+struct key_mem_cache
+{
+ TCPA_KEY_HANDLE tpm_handle;
+ TCS_KEY_HANDLE tcs_handle;
+ UINT16 flags;
+ int ref_cnt;
+ UINT32 time_stamp;
+ TSS_UUID uuid;
+ TSS_UUID p_uuid;
+ TSS_KEY *blob;
+ struct key_mem_cache *parent;
+ struct key_mem_cache *next, *prev;
+};
+
+extern struct key_mem_cache *key_mem_cache_head;
+MUTEX_DECLARE_EXTERN(mem_cache_lock);
+
+struct tpm_properties
+{
+ UINT32 num_pcrs;
+ UINT32 num_dirs;
+ UINT32 num_keys;
+ UINT32 num_auths;
+ TSS_BOOL authctx_swap;
+ TSS_BOOL keyctx_swap;
+ TPM_VERSION version;
+ BYTE manufacturer[16];
+};
+
+extern struct tpm_properties tpm_metrics;
+
+#define TPM_VERSION_IS(maj, min) \
+ ((tpm_metrics.version.major == maj) && (tpm_metrics.version.minor == min))
+
+#define TSS_UUID_IS_OWNEREVICT(uuid) \
+ ((!uuid->ulTimeLow) && (!uuid->usTimeMid) && (!uuid->usTimeHigh) && \
+ (!uuid->bClockSeqHigh) && (!uuid->bClockSeqLow) && (!uuid->rgbNode[0]) && \
+ (!uuid->rgbNode[1]) && (!uuid->rgbNode[2]) && (!uuid->rgbNode[3]) && \
+ (uuid->rgbNode[4] == 1))
+
+#ifndef MIN
+#define MIN(a,b) ((a) < (b) ? (a) : (b))
+#endif
+#ifndef MAX
+#define MAX(a,b) ((a) > (b) ? (a) : (b))
+#endif
+
+TSS_RESULT get_tpm_metrics(struct tpm_properties *);
+
+TSS_RESULT auth_mgr_init();
+TSS_RESULT auth_mgr_final();
+TSS_RESULT auth_mgr_check(TCS_CONTEXT_HANDLE, TPM_AUTHHANDLE *);
+TSS_RESULT auth_mgr_release_auth_handle(TCS_AUTHHANDLE, TCS_CONTEXT_HANDLE, TSS_BOOL);
+void auth_mgr_release_auth(TPM_AUTH *, TPM_AUTH *, TCS_CONTEXT_HANDLE);
+TSS_RESULT auth_mgr_oiap(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE *, TCPA_NONCE *);
+TSS_RESULT auth_mgr_osap(TCS_CONTEXT_HANDLE, TCPA_ENTITY_TYPE, UINT32, TCPA_NONCE,
+ TCS_AUTHHANDLE *, TCPA_NONCE *, TCPA_NONCE *);
+TSS_RESULT auth_mgr_close_context(TCS_CONTEXT_HANDLE);
+TSS_RESULT auth_mgr_swap_out(TCS_CONTEXT_HANDLE);
+TSS_BOOL auth_mgr_req_new(TCS_CONTEXT_HANDLE);
+TSS_RESULT auth_mgr_add(TCS_CONTEXT_HANDLE, TPM_AUTHHANDLE);
+
+TSS_RESULT event_log_init();
+TSS_RESULT event_log_final();
+TSS_RESULT owner_evict_init();
+
+#ifdef TSS_BUILD_PCR_EVENTS
+#define EVENT_LOG_init() event_log_init()
+#define EVENT_LOG_final() event_log_final()
+#else
+#define EVENT_LOG_init() (TSS_SUCCESS)
+#define EVENT_LOG_final()
+#endif
+
+#define next( x ) x = x->next
+
+TSS_RESULT key_mgr_dec_ref_count(TCS_KEY_HANDLE);
+TSS_RESULT key_mgr_inc_ref_count(TCS_KEY_HANDLE);
+void key_mgr_ref_count();
+TSS_RESULT key_mgr_load_by_uuid(TCS_CONTEXT_HANDLE, TSS_UUID *, TCS_LOADKEY_INFO *,
+ TCS_KEY_HANDLE *);
+TSS_RESULT key_mgr_load_by_blob(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE *,
+ TPM_AUTH *, TCS_KEY_HANDLE *, TCS_KEY_HANDLE *);
+TSS_RESULT key_mgr_evict(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE);
+
+
+extern TCS_CONTEXT_HANDLE InternalContext;
+
+TSS_RESULT mc_update_time_stamp(TCPA_KEY_HANDLE);
+TCS_KEY_HANDLE getNextTcsKeyHandle();
+TCPA_STORE_PUBKEY *getParentPubBySlot(TCPA_KEY_HANDLE slot);
+TCPA_STORE_PUBKEY *mc_get_pub_by_slot(TCPA_KEY_HANDLE);
+TCPA_STORE_PUBKEY *mc_get_pub_by_handle(TCS_KEY_HANDLE);
+TSS_UUID *mc_get_uuid_by_pub(TCPA_STORE_PUBKEY *);
+TSS_RESULT mc_get_handles_by_uuid(TSS_UUID *, TCS_KEY_HANDLE *, TCPA_KEY_HANDLE *);
+TCS_KEY_HANDLE mc_get_handle_by_encdata(BYTE *);
+TSS_RESULT mc_update_encdata(BYTE *, BYTE *);
+TSS_RESULT mc_find_next_ownerevict_uuid(TSS_UUID *);
+TSS_RESULT mc_set_uuid(TCS_KEY_HANDLE, TSS_UUID *);
+
+TSS_RESULT initDiskCache(void);
+void replaceEncData_PS(TSS_UUID, BYTE *encData, BYTE *newEncData);
+
+TSS_RESULT mc_add_entry(TCS_KEY_HANDLE, TCPA_KEY_HANDLE, TSS_KEY *);
+TSS_RESULT mc_add_entry_init(TCS_KEY_HANDLE, TCPA_KEY_HANDLE, TSS_KEY *, TSS_UUID *);
+TSS_RESULT mc_remove_entry(TCS_KEY_HANDLE);
+TSS_RESULT mc_set_slot_by_slot(TCPA_KEY_HANDLE, TCPA_KEY_HANDLE);
+TSS_RESULT mc_set_slot_by_handle(TCS_KEY_HANDLE, TCPA_KEY_HANDLE);
+TCPA_KEY_HANDLE mc_get_slot_by_handle(TCS_KEY_HANDLE);
+TCPA_KEY_HANDLE mc_get_slot_by_handle_lock(TCS_KEY_HANDLE);
+TCPA_KEY_HANDLE mc_get_slot_by_pub(TCPA_STORE_PUBKEY *);
+TCS_KEY_HANDLE mc_get_handle_by_pub(TCPA_STORE_PUBKEY *, TCS_KEY_HANDLE);
+TCPA_STORE_PUBKEY *mc_get_parent_pub_by_pub(TCPA_STORE_PUBKEY *);
+TSS_BOOL isKeyRegistered(TCPA_STORE_PUBKEY *);
+TSS_RESULT mc_get_blob_by_pub(TCPA_STORE_PUBKEY *, TSS_KEY **);
+TSS_RESULT evictFirstKey(TCS_KEY_HANDLE);
+TSS_RESULT getParentUUIDByUUID(TSS_UUID *, TSS_UUID *);
+TSS_RESULT getRegisteredKeyByUUID(TSS_UUID *, BYTE *, UINT16 *);
+TSS_RESULT isPubRegistered(TCPA_STORE_PUBKEY *);
+TSS_RESULT getRegisteredUuidByPub(TCPA_STORE_PUBKEY *, TSS_UUID **);
+TSS_RESULT getRegisteredKeyByPub(TCPA_STORE_PUBKEY *, UINT32 *, BYTE **);
+TSS_BOOL isKeyLoaded(TCPA_KEY_HANDLE);
+TSS_RESULT LoadKeyShim(TCS_CONTEXT_HANDLE, TCPA_STORE_PUBKEY *, TSS_UUID *,TCPA_KEY_HANDLE *);
+TSS_RESULT mc_set_parent_by_handle(TCS_KEY_HANDLE, TCS_KEY_HANDLE);
+TSS_RESULT isUUIDRegistered(TSS_UUID *, TSS_BOOL *);
+void destroy_key_refs(TSS_KEY *);
+
+/* cxt.c */
+TSS_RESULT context_close_auth(TCS_CONTEXT_HANDLE);
+TSS_RESULT checkContextForAuth(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE);
+TSS_RESULT addContextForAuth(TCS_CONTEXT_HANDLE, TCS_AUTHHANDLE);
+TSS_RESULT ctx_verify_context(TCS_CONTEXT_HANDLE);
+COND_VAR *ctx_get_cond_var(TCS_CONTEXT_HANDLE);
+TSS_RESULT ctx_mark_key_loaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE);
+TSS_RESULT ctx_remove_key_loaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE);
+TSS_BOOL ctx_has_key_loaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE);
+void ctx_ref_count_keys(struct tcs_context *);
+struct tcs_context *get_context(TCS_CONTEXT_HANDLE);
+TSS_RESULT ctx_req_exclusive_transport(TCS_CONTEXT_HANDLE);
+TSS_RESULT ctx_set_transport_enabled(TCS_CONTEXT_HANDLE, TPM_TRANSHANDLE);
+TSS_RESULT ctx_set_transport_disabled(TCS_CONTEXT_HANDLE, TCS_HANDLE *);
+
+#ifdef TSS_BUILD_KEY
+#define CTX_ref_count_keys(c) ctx_ref_count_keys(c)
+#define KEY_MGR_ref_count() key_mgr_ref_count()
+TSS_RESULT ensureKeyIsLoaded(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCPA_KEY_HANDLE *);
+#else
+#define CTX_ref_count_keys(c)
+#define KEY_MGR_ref_count()
+#define ensureKeyIsLoaded(...) (1 /* XXX non-zero return will indicate failure */)
+#endif
+
+
+TCS_CONTEXT_HANDLE make_context();
+void destroy_context(TCS_CONTEXT_HANDLE);
+
+/* tcs_utils.c */
+TSS_RESULT get_current_version(TPM_VERSION *);
+void LogData(char *string, UINT32 data);
+void LogResult(char *string, TSS_RESULT result);
+TSS_RESULT canILoadThisKey(TCPA_KEY_PARMS *parms, TSS_BOOL *);
+TSS_RESULT internal_EvictByKeySlot(TCPA_KEY_HANDLE slot);
+
+TSS_RESULT clearKeysFromChip(TCS_CONTEXT_HANDLE hContext);
+TSS_RESULT clearUnknownKeys(TCS_CONTEXT_HANDLE, UINT32 *);
+
+void UINT64ToArray(UINT64, BYTE *);
+void UINT32ToArray(UINT32, BYTE *);
+void UINT16ToArray(UINT16, BYTE *);
+UINT64 Decode_UINT64(BYTE *);
+UINT32 Decode_UINT32(BYTE *);
+UINT16 Decode_UINT16(BYTE *);
+void LoadBlob_UINT64(UINT64 *, UINT64, BYTE *);
+void LoadBlob_UINT32(UINT64 *, UINT32, BYTE *);
+void LoadBlob_UINT16(UINT64 *, UINT16, BYTE *);
+void UnloadBlob_UINT64(UINT64 *, UINT64 *, BYTE *);
+void UnloadBlob_UINT32(UINT64 *, UINT32 *, BYTE *);
+void UnloadBlob_UINT16(UINT64 *, UINT16 *, BYTE *);
+void LoadBlob_BYTE(UINT64 *, BYTE, BYTE *);
+void UnloadBlob_BYTE(UINT64 *, BYTE *, BYTE *);
+void LoadBlob_BOOL(UINT64 *, TSS_BOOL, BYTE *);
+void UnloadBlob_BOOL(UINT64 *, TSS_BOOL *, BYTE *);
+void LoadBlob(UINT64 *, UINT32, BYTE *, BYTE *);
+void UnloadBlob(UINT64 *, UINT32, BYTE *, BYTE *);
+void LoadBlob_Header(UINT16, UINT32, UINT32, BYTE *);
+#ifdef TSS_DEBUG
+#define UnloadBlob_Header(b,u) LogUnloadBlob_Header(b,u, __FILE__, __LINE__)
+TSS_RESULT LogUnloadBlob_Header(BYTE *, UINT32 *, char *, int);
+#else
+TSS_RESULT UnloadBlob_Header(BYTE *, UINT32 *);
+#endif
+TSS_RESULT UnloadBlob_MIGRATIONKEYAUTH(UINT64 *, BYTE *, TCPA_MIGRATIONKEYAUTH *);
+void LoadBlob_Auth(UINT64 *, BYTE *, TPM_AUTH *);
+void UnloadBlob_Auth(UINT64 *, BYTE *, TPM_AUTH *);
+void LoadBlob_KEY_PARMS(UINT64 *, BYTE *, TCPA_KEY_PARMS *);
+TSS_RESULT UnloadBlob_KEY_PARMS(UINT64 *, BYTE *, TCPA_KEY_PARMS *);
+TSS_RESULT UnloadBlob_STORE_PUBKEY(UINT64 *, BYTE *, TCPA_STORE_PUBKEY *);
+void LoadBlob_STORE_PUBKEY(UINT64 *, BYTE *, TCPA_STORE_PUBKEY *);
+void UnloadBlob_VERSION(UINT64 *, BYTE *, TPM_VERSION *);
+void LoadBlob_VERSION(UINT64 *, BYTE *, TPM_VERSION *);
+void UnloadBlob_TCPA_VERSION(UINT64 *, BYTE *, TCPA_VERSION *);
+void LoadBlob_TCPA_VERSION(UINT64 *, BYTE *, TCPA_VERSION *);
+TSS_RESULT UnloadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *);
+void LoadBlob_TSS_KEY(UINT64 *, BYTE *, TSS_KEY *);
+void LoadBlob_PUBKEY(UINT64 *, BYTE *, TCPA_PUBKEY *);
+TSS_RESULT UnloadBlob_PUBKEY(UINT64 *, BYTE *, TCPA_PUBKEY *);
+void LoadBlob_SYMMETRIC_KEY(UINT64 *, BYTE *, TCPA_SYMMETRIC_KEY *);
+TSS_RESULT UnloadBlob_SYMMETRIC_KEY(UINT64 *, BYTE *, TCPA_SYMMETRIC_KEY *);
+TSS_RESULT UnloadBlob_PCR_SELECTION(UINT64 *, BYTE *, TCPA_PCR_SELECTION *);
+void LoadBlob_PCR_SELECTION(UINT64 *, BYTE *, TCPA_PCR_SELECTION);
+TSS_RESULT UnloadBlob_PCR_COMPOSITE(UINT64 *, BYTE *, TCPA_PCR_COMPOSITE *);
+void LoadBlob_PCR_INFO(UINT64 *, BYTE *, TCPA_PCR_INFO *);
+TSS_RESULT UnloadBlob_PCR_INFO(UINT64 *, BYTE *, TCPA_PCR_INFO *);
+TSS_RESULT UnloadBlob_STORED_DATA(UINT64 *, BYTE *, TCPA_STORED_DATA *);
+void LoadBlob_STORED_DATA(UINT64 *, BYTE *, TCPA_STORED_DATA *);
+void LoadBlob_KEY_FLAGS(UINT64 *, BYTE *, TCPA_KEY_FLAGS *);
+void UnloadBlob_KEY_FLAGS(UINT64 *, BYTE *, TCPA_KEY_FLAGS *);
+TSS_RESULT UnloadBlob_CERTIFY_INFO(UINT64 *, BYTE *, TCPA_CERTIFY_INFO *);
+TSS_RESULT UnloadBlob_KEY_HANDLE_LIST(UINT64 *, BYTE *, TCPA_KEY_HANDLE_LIST *);
+void LoadBlob_UUID(UINT64 *, BYTE *, TSS_UUID);
+void UnloadBlob_UUID(UINT64 *, BYTE *, TSS_UUID *);
+void LoadBlob_COUNTER_VALUE(UINT64 *, BYTE *, TPM_COUNTER_VALUE *);
+void UnloadBlob_COUNTER_VALUE(UINT64 *, BYTE *, TPM_COUNTER_VALUE *);
+void LoadBlob_DIGEST(UINT64 *, BYTE *, TPM_DIGEST *);
+void UnloadBlob_DIGEST(UINT64 *, BYTE *, TPM_DIGEST *);
+void LoadBlob_NONCE(UINT64 *, BYTE *, TPM_NONCE *);
+void UnloadBlob_NONCE(UINT64 *, BYTE *, TPM_NONCE *);
+void LoadBlob_AUTHDATA(UINT64 *, BYTE *, TPM_AUTHDATA *);
+void UnloadBlob_AUTHDATA(UINT64 *, BYTE *, TPM_AUTHDATA *);
+#define LoadBlob_ENCAUTH(a, b, c) LoadBlob_AUTHDATA(a, b, c)
+#define UnloadBlob_ENCAUTH(a, b, c) UnloadBlob_AUTHDATA(a, b, c)
+
+void UnloadBlob_CURRENT_TICKS(UINT64 *, BYTE *, TPM_CURRENT_TICKS *);
+TSS_RESULT UnloadBlob_PCR_INFO_SHORT(UINT64 *, BYTE *, TPM_PCR_INFO_SHORT *);
+
+TSS_RESULT Hash(UINT32, UINT32, BYTE *, BYTE *);
+void free_external_events(UINT32, TSS_PCR_EVENT *);
+
+TSS_RESULT internal_TerminateHandle(TCS_AUTHHANDLE handle);
+UINT32 get_pcr_event_size(TSS_PCR_EVENT *);
+TSS_RESULT fill_key_info(struct key_disk_cache *, struct key_mem_cache *, TSS_KM_KEYINFO *);
+TSS_RESULT fill_key_info2(struct key_disk_cache *, struct key_mem_cache *, TSS_KM_KEYINFO2 *);
+
+char platform_get_runlevel();
+TSS_RESULT tpm_rsp_parse(TPM_COMMAND_CODE, BYTE *, UINT32, ...);
+TSS_RESULT tpm_rqu_build_internal(TPM_COMMAND_CODE, UINT64 *, BYTE *, va_list);
+TSS_RESULT tpm_rqu_build(TPM_COMMAND_CODE, UINT64 *, BYTE *, ...);
+TSS_RESULT tpm_rqu_build_checked(TPM_COMMAND_CODE, UINT64 *, UINT64, BYTE *, ...);
+TSS_RESULT tpm_preload_check(TCS_CONTEXT_HANDLE, TPM_COMMAND_CODE ordinal, ...);
+TSS_RESULT getKeyByCacheEntry(struct key_disk_cache *, BYTE *, UINT16 *);
+TSS_RESULT add_cache_entry(TCS_CONTEXT_HANDLE, BYTE *, TCS_KEY_HANDLE, TPM_KEY_HANDLE, TCS_KEY_HANDLE *);
+TSS_RESULT get_slot(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TPM_KEY_HANDLE *);
+TSS_RESULT get_slot_lite(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TPM_KEY_HANDLE *);
+TSS_RESULT load_key_init(TPM_COMMAND_CODE, TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, UINT32, BYTE*, TSS_BOOL, TPM_AUTH*, TSS_BOOL*, UINT64*, BYTE*, TCS_KEY_HANDLE*, TPM_KEY_HANDLE*);
+TSS_RESULT load_key_final(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, TCS_KEY_HANDLE *, BYTE *, TPM_KEY_HANDLE);
+TSS_RESULT LoadKeyByBlob_Internal(UINT32,TCS_CONTEXT_HANDLE,TCS_KEY_HANDLE,UINT32,BYTE *,TPM_AUTH *,
+ TCS_KEY_HANDLE *,TCS_KEY_HANDLE *);
+TSS_RESULT TSC_PhysicalPresence_Internal(UINT16 physPres);
+TSS_RESULT TCSP_FlushSpecific_Common(UINT32, TPM_RESOURCE_TYPE);
+
+ TSS_RESULT TCSP_GetRegisteredKeyByPublicInfo_Internal(TCS_CONTEXT_HANDLE tcsContext, TCPA_ALGORITHM_ID algID, /* in */
+ UINT32 ulPublicInfoLength, /* in */
+ BYTE * rgbPublicInfo, /* in */
+ UINT32 * keySize, BYTE ** keyBlob);
+
+ TSS_RESULT TCS_OpenContext_Internal(TCS_CONTEXT_HANDLE * hContext /* out */
+ );
+
+ TSS_RESULT TCS_CloseContext_Internal(TCS_CONTEXT_HANDLE hContext /* in */
+ );
+
+ TSS_RESULT TCS_FreeMemory_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ BYTE * pMemory /* in */
+ );
+
+ TSS_RESULT TCS_LogPcrEvent_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_PCR_EVENT Event, /* in */
+ UINT32 * pNumber /* out */
+ );
+
+ TSS_RESULT TCS_GetPcrEvent_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 PcrIndex, /* in */
+ UINT32 * pNumber, /* in, out */
+ TSS_PCR_EVENT ** ppEvent /* out */
+ );
+
+ TSS_RESULT TCS_GetPcrEventsByPcr_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 PcrIndex, /* in */
+ UINT32 FirstEvent, /* in */
+ UINT32 * pEventCount, /* in,out */
+ TSS_PCR_EVENT ** ppEvents /* out */
+ );
+
+ TSS_RESULT TCS_GetPcrEventLog_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 * pEventCount, /* out */
+ TSS_PCR_EVENT ** ppEvents /* out */
+ );
+
+ TSS_RESULT TCS_RegisterKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *WrappingKeyUUID, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ UINT32 cKeySize, /* in */
+ BYTE * rgbKey, /* in */
+ UINT32 cVendorData, /* in */
+ BYTE * gbVendorData /* in */
+ );
+
+ TSS_RESULT TCS_UnregisterKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID KeyUUID /* in */
+ );
+
+ TSS_RESULT TCS_EnumRegisteredKeys_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID * pKeyUUID, /* in */
+ UINT32 * pcKeyHierarchySize, /* out */
+ TSS_KM_KEYINFO ** ppKeyHierarchy /* out */
+ );
+
+ TSS_RESULT TCS_EnumRegisteredKeys_Internal2(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID * pKeyUUID, /* in */
+ UINT32 * pcKeyHierarchySize, /* out */
+ TSS_KM_KEYINFO2 ** ppKeyHierarchy /* out */
+ );
+
+ TSS_RESULT TCS_GetRegisteredKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ TSS_KM_KEYINFO ** ppKeyInfo /* out */
+ );
+
+ TSS_RESULT TCS_GetRegisteredKeyBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ UINT32 * pcKeySize, /* out */
+ BYTE ** prgbKey /* out */
+ );
+
+ TSS_RESULT TCSP_LoadKeyByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hUnwrappingKey, /* in */
+ UINT32 cWrappedKeyBlobSize, /* in */
+ BYTE * rgbWrappedKeyBlob, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI, /* out */
+ TCS_KEY_HANDLE * phKeyHMAC /* out */
+ );
+
+ TSS_RESULT TCSP_LoadKey2ByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hUnwrappingKey, /* in */
+ UINT32 cWrappedKeyBlobSize, /* in */
+ BYTE * rgbWrappedKeyBlob, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI /* out */
+ );
+
+ TSS_RESULT TCSP_LoadKeyByUUID_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ TCS_LOADKEY_INFO * pLoadKeyInfo, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI /* out */
+ );
+
+ TSS_RESULT TCSP_EvictKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey /* in */
+ );
+
+ TSS_RESULT TCSP_CreateWrapKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hWrappingKey, /* in */
+ TCPA_ENCAUTH KeyUsageAuth, /* in */
+ TCPA_ENCAUTH KeyMigrationAuth, /* in */
+ UINT32 keyInfoSize, /* in */
+ BYTE * keyInfo, /* in */
+ UINT32 * keyDataSize, /* out */
+ BYTE ** keyData, /* out */
+ TPM_AUTH * pAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_GetPubKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ UINT32 * pcPubKeySize, /* out */
+ BYTE ** prgbPubKey /* out */
+ );
+ TSS_RESULT TCSP_MakeIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_ENCAUTH identityAuth, /* in */
+ TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
+ UINT32 idKeyInfoSize, /*in */
+ BYTE * idKeyInfo, /*in */
+ TPM_AUTH * pSrkAuth, /* in, out */
+ TPM_AUTH * pOwnerAuth, /* in, out */
+ UINT32 * idKeySize, /* out */
+ BYTE ** idKey, /* out */
+ UINT32 * pcIdentityBindingSize, /* out */
+ BYTE ** prgbIdentityBinding, /* out */
+ UINT32 * pcEndorsementCredentialSize, /* out */
+ BYTE ** prgbEndorsementCredential, /* out */
+ UINT32 * pcPlatformCredentialSize, /* out */
+ BYTE ** prgbPlatformCredential, /* out */
+ UINT32 * pcConformanceCredentialSize, /* out */
+ BYTE ** prgbConformanceCredential /* out */
+ );
+
+ TSS_RESULT TCSP_MakeIdentity2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_ENCAUTH identityAuth, /* in */
+ TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
+ UINT32 idKeyInfoSize, /*in */
+ BYTE * idKeyInfo, /*in */
+ TPM_AUTH * pSrkAuth, /* in, out */
+ TPM_AUTH * pOwnerAuth, /* in, out */
+ UINT32 * idKeySize, /* out */
+ BYTE ** idKey, /* out */
+ UINT32 * pcIdentityBindingSize, /* out */
+ BYTE ** prgbIdentityBinding /* out */
+ );
+
+ TSS_RESULT TCS_GetCredential_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 ulCredentialType, /* in */
+ UINT32 ulCredentialAccessMode, /* in */
+ UINT32 * pulCredentialSize, /* out */
+ BYTE ** prgbCredentialData /* out */
+ );
+
+ TSS_RESULT TCSP_SetOwnerInstall_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL state /* in */
+ );
+
+ TSS_RESULT TCSP_TakeOwnership_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT16 protocolID, /* in */
+ UINT32 encOwnerAuthSize, /* in */
+ BYTE * encOwnerAuth, /* in */
+ UINT32 encSrkAuthSize, /* in */
+ BYTE * encSrkAuth, /* in */
+ UINT32 srkInfoSize, /*in */
+ BYTE * srkInfo, /*in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * srkKeySize, /*out */
+ BYTE ** srkKey /*out */
+ );
+
+ TSS_RESULT TCSP_OIAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_AUTHHANDLE * authHandle, /* out */
+ TCPA_NONCE * nonce0 /* out */
+ );
+
+ TSS_RESULT TCSP_OSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 entityValue, /* in */
+ TCPA_NONCE nonceOddOSAP, /* in */
+ TCS_AUTHHANDLE * authHandle, /* out */
+ TCPA_NONCE * nonceEven, /* out */
+ TCPA_NONCE * nonceEvenOSAP /* out */
+ );
+
+ TSS_RESULT TCSP_ChangeAuth_Internal(TCS_CONTEXT_HANDLE contextHandle, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE * encData, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ TPM_AUTH * entityAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ );
+
+ TSS_RESULT TCSP_ChangeAuthOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_ChangeAuthAsymStart_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE idHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 KeySizeIn, /* in */
+ BYTE * KeyDataIn, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ UINT32 * KeySizeOut, /* out */
+ BYTE ** KeyDataOut, /* out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig, /* out */
+ TCS_KEY_HANDLE * ephHandle /* out */
+ );
+
+ TSS_RESULT TCSP_ChangeAuthAsymFinish_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCS_KEY_HANDLE ephHandle, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TCPA_HMAC newAuthLink, /* in */
+ UINT32 newAuthSize, /* in */
+ BYTE * encNewAuth, /* in */
+ UINT32 encDataSizeIn, /* in */
+ BYTE * encDataIn, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * encDataSizeOut, /* out */
+ BYTE ** encDataOut, /* out */
+ TCPA_NONCE * saltNonce, /* out */
+ TCPA_DIGEST * changeProof /* out */
+ );
+
+ TSS_RESULT TCSP_TerminateHandle_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_AUTHHANDLE handle /* in */
+ );
+
+ TSS_RESULT TCSP_ActivateTPMIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE idKey, /* in */
+ UINT32 blobSize, /* in */
+ BYTE * blob, /* in */
+ TPM_AUTH * idKeyAuth, /* in, out */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * SymmetricKeySize, /* out */
+ BYTE ** SymmetricKey /* out */
+ );
+
+ TSS_RESULT TCSP_Extend_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PCRINDEX pcrNum, /* in */
+ TCPA_DIGEST inDigest, /* in */
+ TCPA_PCRVALUE * outDigest /* out */
+ );
+
+ TSS_RESULT TCSP_PcrRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PCRINDEX pcrNum, /* in */
+ TCPA_PCRVALUE * outDigest /* out */
+ );
+
+ TSS_RESULT TCSP_PcrReset_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrData /* in */
+ );
+
+ TSS_RESULT TCSP_Quote_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * pcrDataSizeOut, /* out */
+ BYTE ** pcrDataOut, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig /* out */
+ );
+
+ TSS_RESULT TCSP_Quote2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn, /* in */
+ TSS_BOOL addVersion, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * pcrDataSizeOut, /* out */
+ BYTE ** pcrDataOut, /* out */
+ UINT32 * versionInfoSize, /* out */
+ BYTE ** versionInfo, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig /* out */
+ );
+
+ TSS_RESULT TCSP_DirWriteAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_DIRINDEX dirIndex, /* in */
+ TCPA_DIRVALUE newContents, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_DirRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_DIRINDEX dirIndex, /* in */
+ TCPA_DIRVALUE * dirValue /* out */
+ );
+
+ /* Since only the ordinal differs between Seal and Sealx (from an API point of view),
+ use a common Seal function specifying the ordinal to be sent to the TPM. */
+ TSS_RESULT TCSP_Seal_Internal(UINT32 sealOrdinal, /* in */
+ TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_ENCAUTH encAuth, /* in */
+ UINT32 pcrInfoSize, /* in */
+ BYTE * PcrInfo, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * pubAuth, /* in, out */
+ UINT32 * SealedDataSize, /* out */
+ BYTE ** SealedData /* out */
+ );
+
+ TSS_RESULT TCSP_Unseal_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ UINT32 SealedDataSize, /* in */
+ BYTE * SealedData, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ TPM_AUTH * dataAuth, /* in, out */
+ UINT32 * DataSize, /* out */
+ BYTE ** Data /* out */
+ );
+
+ TSS_RESULT TCSP_UnBind_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ );
+ TSS_RESULT TCSP_CreateMigrationBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCPA_MIGRATE_SCHEME migrationType, /* in */
+ UINT32 MigrationKeyAuthSize, /* in */
+ BYTE * MigrationKeyAuth, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE * encData, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ TPM_AUTH * entityAuth, /* in, out */
+ UINT32 * randomSize, /* out */
+ BYTE ** random, /* out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ );
+
+ TSS_RESULT TCSP_ConvertMigrationBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ UINT32 randomSize, /* in */
+ BYTE * random, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ );
+
+ TSS_RESULT TCSP_AuthorizeMigrationKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_MIGRATE_SCHEME migrateScheme, /* in */
+ UINT32 MigrationKeySize, /* in */
+ BYTE * MigrationKey, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * MigrationKeyAuthSize, /* out */
+ BYTE ** MigrationKeyAuth /* out */
+ );
+
+ TSS_RESULT TCSP_CertifyKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE certHandle, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TPM_AUTH * certAuth, /* in, out */
+ TPM_AUTH * keyAuth, /* in, out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ );
+
+ TSS_RESULT TCSP_Sign_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 areaToSignSize, /* in */
+ BYTE * areaToSign, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig /* out */
+ );
+
+ TSS_RESULT TCSP_GetRandom_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 * bytesRequested, /* in, out */
+ BYTE ** randomBytes /* out */
+ );
+
+ TSS_RESULT TCSP_StirRandom_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData /* in */
+ );
+
+ TSS_RESULT TCS_GetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp /* out */
+ );
+
+ TSS_RESULT TCSP_GetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp /* out */
+ );
+ TSS_RESULT TCSP_SetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 valueSize, /* in */
+ BYTE * value, /* in */
+ TPM_AUTH * pOwnerAuth /* in, out */
+ );
+ TSS_RESULT TCSP_GetCapabilityOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * pOwnerAuth, /* out */
+ TCPA_VERSION * pVersion, /* out */
+ UINT32 * pNonVolatileFlags, /* out */
+ UINT32 * pVolatileFlags /* out */
+ );
+
+ TSS_RESULT TCSP_CreateEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 endorsementKeyInfoSize, /* in */
+ BYTE * endorsementKeyInfo, /* in */
+ UINT32 * endorsementKeySize, /* out */
+ BYTE ** endorsementKey, /* out */
+ TCPA_DIGEST * checksum /* out */
+ );
+
+ TSS_RESULT TCSP_ReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 * pubEndorsementKeySize, /* out */
+ BYTE ** pubEndorsementKey, /* out */
+ TCPA_DIGEST * checksum /* out */
+ );
+
+ TSS_RESULT TCSP_DisablePubekRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_OwnerReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * pubEndorsementKeySize, /* out */
+ BYTE ** pubEndorsementKey /* out */
+ );
+
+ TSS_RESULT TCSP_CreateRevocableEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_NONCE antiReplay, /* in */
+ UINT32 endorsementKeyInfoSize, /* in */
+ BYTE * endorsementKeyInfo, /* in */
+ TSS_BOOL genResetAuth, /* in */
+ TPM_DIGEST * eKResetAuth, /* in, out */
+ UINT32 * endorsementKeySize, /* out */
+ BYTE ** endorsementKey, /* out */
+ TPM_DIGEST * checksum /* out */
+ );
+
+ TSS_RESULT TCSP_RevokeEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_DIGEST EKResetAuth /* in */
+ );
+
+ TSS_RESULT TCSP_SelfTestFull_Internal(TCS_CONTEXT_HANDLE hContext /* in */
+ );
+
+ TSS_RESULT TCSP_CertifySelfTest_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig /* out */
+ );
+
+ TSS_RESULT TCSP_GetTestResult_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ );
+
+ TSS_RESULT TCSP_OwnerSetDisable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL disableState, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_ResetLockValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_OwnerClear_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_DisableOwnerClear_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_ForceClear_Internal(TCS_CONTEXT_HANDLE hContext /* in */
+ );
+
+ TSS_RESULT TCSP_DisableForceClear_Internal(TCS_CONTEXT_HANDLE hContext /* in */
+ );
+
+ TSS_RESULT TCSP_PhysicalPresence_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PHYSICAL_PRESENCE fPhysicalPresence /* in */
+ );
+
+ TSS_RESULT TCSP_PhysicalDisable_Internal(TCS_CONTEXT_HANDLE hContext /* in */
+ );
+
+ TSS_RESULT TCSP_PhysicalEnable_Internal(TCS_CONTEXT_HANDLE hContext /* in */
+ );
+
+ TSS_RESULT TCSP_PhysicalSetDeactivated_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL state /* in */
+ );
+
+ TSS_RESULT TCSP_SetTempDeactivated_Internal(TCS_CONTEXT_HANDLE hContext /* in */
+ );
+
+ TSS_RESULT TCSP_SetTempDeactivated2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * operatorAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_FieldUpgrade_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 dataInSize, /* in */
+ BYTE * dataIn, /* in */
+ UINT32 * dataOutSize, /* out */
+ BYTE ** dataOut, /* out */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_SetRedirection_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 c1, /* in */
+ UINT32 c2, /* in */
+ TPM_AUTH * privAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_CreateMaintenanceArchive_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL generateRandom, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * randomSize, /* out */
+ BYTE ** random, /* out */
+ UINT32 * archiveSize, /* out */
+ BYTE ** archive /* out */
+ );
+
+ TSS_RESULT TCSP_LoadMaintenanceArchive_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 dataInSize, /* in */
+ BYTE * dataIn, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * dataOutSize, /* out */
+ BYTE ** dataOut /* out */
+ );
+
+ TSS_RESULT TCSP_KillMaintenanceFeature_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_LoadManuMaintPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 PubKeySize, /* in */
+ BYTE * PubKey, /* in */
+ TCPA_DIGEST * checksum /* out */
+ );
+
+ TSS_RESULT TCSP_ReadManuMaintPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TCPA_DIGEST * checksum /* out */
+ );
+ TSS_RESULT TCSP_Reset_Internal(TCS_CONTEXT_HANDLE hContext
+ );
+ TSS_RESULT TCSP_DaaJoin_internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_HANDLE handle, /* in */
+ BYTE stage, /* in */
+ UINT32 inputSize0, /* in */
+ BYTE *inputData0, /* in */
+ UINT32 inputSize1, /* in */
+ BYTE *inputData1, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 *outputSize, /* out */
+ BYTE **outputData /* out */
+ );
+
+ TSS_RESULT TCSP_DaaSign_internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_HANDLE handle, /* in */
+ BYTE stage, /* in */
+ UINT32 inputSize0, /* in */
+ BYTE *inputData0, /* in */
+ UINT32 inputSize1, /* in */
+ BYTE *inputData1, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 *outputSize, /* out */
+ BYTE **outputData /* out */
+ );
+
+
+ TSS_RESULT TCSP_ReadCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_COUNTER_VALUE* counterValue
+ );
+
+ TSS_RESULT TCSP_CreateCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ UINT32 LabelSize,
+ BYTE* pLabel,
+ TPM_ENCAUTH CounterAuth,
+ TPM_AUTH* pOwnerAuth,
+ TSS_COUNTER_ID* idCounter,
+ TPM_COUNTER_VALUE* counterValue
+ );
+
+ TSS_RESULT TCSP_IncrementCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_AUTH* pCounterAuth,
+ TPM_COUNTER_VALUE* counterValue
+ );
+
+ TSS_RESULT TCSP_ReleaseCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_AUTH* pCounterAuth
+ );
+
+ TSS_RESULT TCSP_ReleaseCounterOwner_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_AUTH* pOwnerAuth
+ );
+ TSS_RESULT TCSP_ReadCurrentTicks_Internal(TCS_CONTEXT_HANDLE hContext,
+ UINT32* pulCurrentTime,
+ BYTE** prgbCurrentTime
+ );
+ TSS_RESULT TCSP_TickStampBlob_Internal(TCS_CONTEXT_HANDLE hContext,
+ TCS_KEY_HANDLE hKey,
+ TPM_NONCE* antiReplay,
+ TPM_DIGEST* digestToStamp,
+ TPM_AUTH* privAuth,
+ UINT32* pulSignatureLength,
+ BYTE** prgbSignature,
+ UINT32* pulTickCountLength,
+ BYTE** prgbTickCount
+ );
+ TSS_RESULT TCSP_EstablishTransport_Internal(TCS_CONTEXT_HANDLE hContext,
+ UINT32 ulTransControlFlags,
+ TCS_KEY_HANDLE hEncKey,
+ UINT32 ulTransSessionInfoSize,
+ BYTE* rgbTransSessionInfo,
+ UINT32 ulSecretSize,
+ BYTE* rgbSecret,
+ TPM_AUTH* pEncKeyAuth,
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ TCS_HANDLE* hTransSession,
+ UINT32* ulCurrentTicksSize,
+ BYTE** prgbCurrentTicks,
+ TPM_NONCE* pTransNonce
+ );
+
+ TSS_RESULT TCSP_ExecuteTransport_Internal(TCS_CONTEXT_HANDLE hContext,
+ TPM_COMMAND_CODE unWrappedCommandOrdinal,
+ UINT32 ulWrappedCmdParamInSize,
+ BYTE* rgbWrappedCmdParamIn,
+ UINT32* pulHandleListSize,
+ TCS_HANDLE** rghHandles,
+ TPM_AUTH* pWrappedCmdAuth1,
+ TPM_AUTH* pWrappedCmdAuth2,
+ TPM_AUTH* pTransAuth,
+ UINT64* punCurrentTicks,
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ TPM_RESULT* pulWrappedCmdReturnCode,
+ UINT32* ulWrappedCmdParamOutSize,
+ BYTE** rgbWrappedCmdParamOut
+ );
+ TSS_RESULT TCSP_ReleaseTransportSigned_Internal(TCS_CONTEXT_HANDLE hContext,
+ TCS_KEY_HANDLE hSignatureKey,
+ TPM_NONCE* AntiReplayNonce,
+ TPM_AUTH* pKeyAuth,
+ TPM_AUTH* pTransAuth,
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ UINT32* pulCurrentTicksSize,
+ BYTE** prgbCurrentTicks,
+ UINT32* pulSignatureSize,
+ BYTE** prgbSignature
+ );
+
+ TSS_RESULT TCSP_NV_DefineOrReleaseSpace_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 cPubInfoSize, /* in */
+ BYTE* pPubInfo, /* in */
+ TPM_ENCAUTH encAuth, /* in */
+ TPM_AUTH* pAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_NV_WriteValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 ulDataLength, /* in */
+ BYTE* rgbDataToWrite, /* in */
+ TPM_AUTH* privAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_NV_WriteValueAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 ulDataLength, /* in */
+ BYTE* rgbDataToWrite, /* in */
+ TPM_AUTH* NVAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_NV_ReadValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32* pulDataLength, /* in, out */
+ TPM_AUTH* privAuth, /* in, out */
+ BYTE** rgbDataRead /* out */
+ );
+
+ TSS_RESULT TCSP_NV_ReadValueAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32* pulDataLength, /* in, out */
+ TPM_AUTH* NVAuth, /* in, out */
+ BYTE** rgbDataRead /* out */
+ );
+
+ TSS_RESULT TCSP_SetOrdinalAuditStatus_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ UINT32 ulOrdinal, /* in */
+ TSS_BOOL bAuditState /* in */
+ );
+
+ TSS_RESULT TCSP_GetAuditDigest_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 startOrdinal, /* in */
+ TPM_DIGEST* auditDigest, /* out */
+ UINT32* counterValueSize, /* out */
+ BYTE** counterValue, /* out */
+ TSS_BOOL* more, /* out */
+ UINT32* ordSize, /* out */
+ UINT32** ordList /* out */
+ );
+
+ TSS_RESULT TCSP_GetAuditDigestSigned_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TSS_BOOL closeAudit, /* in */
+ TPM_NONCE antiReplay, /* in */
+ TPM_AUTH* privAuth, /* in, out */
+ UINT32* counterValueSize, /* out */
+ BYTE** counterValue, /* out */
+ TPM_DIGEST* auditDigest, /* out */
+ TPM_DIGEST* ordinalDigest, /* out */
+ UINT32* sigSize, /* out */
+ BYTE** sig /* out */
+ );
+
+ TSS_RESULT TCSP_SetOperatorAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_SECRET* operatorAuth /* in */
+ );
+
+ TSS_RESULT TCSP_OwnerReadInternalPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_AUTH* pOwnerAuth, /*in, out*/
+ UINT32* punPubKeySize, /* out */
+ BYTE** ppbPubKeyData /* out */
+ );
+
+ TSS_RESULT TCSP_Delegate_Manage_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_FAMILY_ID familyID, /* in */
+ TPM_FAMILY_OPERATION opFlag, /* in */
+ UINT32 opDataSize, /* in */
+ BYTE* opData, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ UINT32* retDataSize, /* out */
+ BYTE** retData /* out */
+ );
+
+ TSS_RESULT TCSP_Delegate_CreateKeyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ UINT32 publicInfoSize, /* in */
+ BYTE* publicInfo, /* in */
+ TPM_ENCAUTH* encDelAuth, /* in */
+ TPM_AUTH* keyAuth, /* in, out */
+ UINT32* blobSize, /* out */
+ BYTE** blob /* out */
+ );
+
+ TSS_RESULT TCSP_Delegate_CreateOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL increment, /* in */
+ UINT32 publicInfoSize, /* in */
+ BYTE* publicInfo, /* in */
+ TPM_ENCAUTH* encDelAuth, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ UINT32* blobSize, /* out */
+ BYTE** blob /* out */
+ );
+
+ TSS_RESULT TCSP_Delegate_LoadOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_DELEGATE_INDEX index, /* in */
+ UINT32 blobSize, /* in */
+ BYTE* blob, /* in */
+ TPM_AUTH* ownerAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_Delegate_ReadTable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32* pulFamilyTableSize, /* out */
+ BYTE** ppFamilyTable, /* out */
+ UINT32* pulDelegateTableSize, /* out */
+ BYTE** ppDelegateTable /* out */
+ );
+
+ TSS_RESULT TCSP_Delegate_UpdateVerificationCount_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 inputSize, /* in */
+ BYTE* input, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ UINT32* outputSize, /* out */
+ BYTE** output /* out */
+ );
+
+ TSS_RESULT TCSP_Delegate_VerifyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 delegateSize, /* in */
+ BYTE* delegate /* in */
+ );
+
+ TSS_RESULT TCSP_CMK_SetRestrictions_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_CMK_DELEGATE Restriction, /* in */
+ TPM_AUTH* ownerAuth /* in */
+ );
+
+ TSS_RESULT TCSP_CMK_ApproveMA_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_DIGEST migAuthorityDigest, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ TPM_HMAC* HmacMigAuthDigest /* out */
+ );
+
+ TSS_RESULT TCSP_CMK_CreateKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hWrappingKey, /* in */
+ TPM_ENCAUTH KeyUsageAuth, /* in */
+ TPM_HMAC MigAuthApproval, /* in */
+ TPM_DIGEST MigAuthorityDigest, /* in */
+ UINT32* keyDataSize, /* in, out */
+ BYTE** prgbKeyData, /* in, out */
+ TPM_AUTH* pAuth /* in, out */
+ );
+
+ TSS_RESULT TCSP_CMK_CreateTicket_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 PublicVerifyKeySize, /* in */
+ BYTE* PublicVerifyKey, /* in */
+ TPM_DIGEST SignedData, /* in */
+ UINT32 SigValueSize, /* in */
+ BYTE* SigValue, /* in */
+ TPM_AUTH* pOwnerAuth, /* in, out */
+ TPM_HMAC* SigTicket /* out */
+ );
+
+ TSS_RESULT TCSP_CMK_CreateBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TSS_MIGRATE_SCHEME migrationType, /* in */
+ UINT32 MigrationKeyAuthSize, /* in */
+ BYTE* MigrationKeyAuth, /* in */
+ TPM_DIGEST PubSourceKeyDigest, /* in */
+ UINT32 msaListSize, /* in */
+ BYTE* msaList, /* in */
+ UINT32 restrictTicketSize, /* in */
+ BYTE* restrictTicket, /* in */
+ UINT32 sigTicketSize, /* in */
+ BYTE* sigTicket, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE* encData, /* in */
+ TPM_AUTH* parentAuth, /* in, out */
+ UINT32* randomSize, /* out */
+ BYTE** random, /* out */
+ UINT32* outDataSize, /* out */
+ BYTE** outData /* out */
+ );
+
+ TSS_RESULT TCSP_CMK_ConvertMigration_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TPM_CMK_AUTH restrictTicket, /* in */
+ TPM_HMAC sigTicket, /* in */
+ UINT32 keyDataSize, /* in */
+ BYTE* prgbKeyData, /* in */
+ UINT32 msaListSize, /* in */
+ BYTE* msaList, /* in */
+ UINT32 randomSize, /* in */
+ BYTE* random, /* in */
+ TPM_AUTH* parentAuth, /* in, out */
+ UINT32* outDataSize, /* out */
+ BYTE** outData /* out */
+ );
+ TSS_RESULT TCSP_FlushSpecific_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_HANDLE hResHandle, /* in */
+ TPM_RESOURCE_TYPE resourceType /* in */
+ );
+
+ TSS_RESULT TCSP_KeyControlOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ UINT32 ulPubKeyLength, /* in */
+ BYTE* rgbPubKey, /* in */
+ UINT32 attribName, /* in */
+ TSS_BOOL attribValue, /* in */
+ TPM_AUTH* pOwnerAuth, /* in,out */
+ TSS_UUID* pUuidData /* out */
+ );
+
+ TSS_RESULT TCSP_DSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_ENTITY_TYPE entityType, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_NONCE *nonceOddDSAP, /* in */
+ UINT32 entityValueSize, /* in */
+ BYTE* entityValue, /* in */
+ TCS_AUTHHANDLE *authHandle, /* out */
+ TPM_NONCE *nonceEven, /* out */
+ TPM_NONCE *nonceEvenDSAP /* out */
+ );
+
+#endif /*_TCS_UTILS_H_ */
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd.h
new file mode 100644
index 0000000..edff8fb
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd.h
@@ -0,0 +1,177 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#ifndef _TCSD_H_
+#define _TCSD_H_
+
+#include <signal.h>
+
+#include "rpc_tcstp.h"
+
+/* Platform Class structures */
+struct platform_class
+{
+ unsigned int simpleID; /* Platform specific spec identifier */
+ unsigned int classURISize; /* Size of the classURI */
+ char *classURI; /* Specific spec. Can be NULL */
+ struct platform_class *next;
+};
+
+/* config structures */
+struct tcsd_config
+{
+ int port; /* port the TCSD will listen on */
+ unsigned int num_threads; /* max number of threads the TCSD allows simultaneously */
+ char *system_ps_dir; /* the directory the system PS file sits in */
+ char *system_ps_file; /* the name of the system PS file */
+ char *firmware_log_file;/* the name of the firmware PCR event file */
+ char *kernel_log_file; /* the name of the kernel PCR event file */
+ unsigned int kernel_pcrs; /* bitmask of PCRs the kernel controls */
+ unsigned int firmware_pcrs; /* bitmask of PCRs the firmware controls */
+ char *platform_cred; /* location of the platform credential */
+ char *conformance_cred; /* location of the conformance credential */
+ char *endorsement_cred; /* location of the endorsement credential */
+ int remote_ops[TCSD_MAX_NUM_ORDS]; /* array of ordinals executable by remote hosts */
+ unsigned int unset; /* bitmask of options which are still unset */
+ int exclusive_transport; /* allow applications to open exclusive transport sessions with
+ the TPM and enforce their exclusivity (possible DOS issue) */
+ struct platform_class *host_platform_class; /* Host platform class of this TCS System */
+ struct platform_class *all_platform_classes; /* List of platform classes
+ of this TCS System */
+ int disable_ipv4;
+ int disable_ipv6;
+ int disable_unix;
+};
+
+#define TCSD_DEFAULT_CONFIG_FILE ETC_PREFIX "/tcsd.conf"
+extern char *tcsd_config_file;
+
+#define TSS_USER_NAME "tss"
+#define TSS_GROUP_NAME "tss"
+
+#define TCSD_DEFAULT_MAX_THREADS 16
+#define TCSD_DEFAULT_SYSTEM_PS_FILE VAR_PREFIX "/lib/tpm/system.data"
+#define TCSD_DEFAULT_SYSTEM_PS_DIR VAR_PREFIX "/lib/tpm"
+#define TCSD_DEFAULT_FIRMWARE_LOG_FILE "/sys/kernel/security/tpm0/binary_bios_measurements"
+#define TCSD_DEFAULT_KERNEL_LOG_FILE "/sys/kernel/security/ima/binary_runtime_measurements"
+#define TCSD_DEFAULT_FIRMWARE_PCRS 0x00000000
+#define TCSD_DEFAULT_KERNEL_PCRS 0x00000000
+#define TCSD_DEFAULT_DISABLE_IPV4 1
+#define TCSD_DEFAULT_DISABLE_IPV6 1
+#define TCSD_DEFAULT_DISABLE_UNIX 0
+
+/* This will change when a system with more than 32 PCR's exists */
+#define TCSD_MAX_PCRS 32
+
+/* this is the 2nd param passed to the listen() system call */
+#define TCSD_MAX_SOCKETS_QUEUED 50
+#define TCSD_TXBUF_SIZE 1024
+
+/* The Available Tcs Platform Classes */
+struct tcg_platform_spec {
+ char *name;
+ TPM_PLATFORM_SPECIFIC specNo;
+ char *specURI;
+};
+
+/* The Specific URI's for the platforms specs on TCG website */
+#define TPM_PS_PC_11_URI "https://www.trustedcomputinggroup.org/groups/pc_client/TCG_PCSpecificSpecification_v1_1.pdf"
+#define TPM_PS_PC_12_URI "https://www.trustedcomputinggroup.org/specs/PCClient/TCG_PCClientImplementationforBIOS_1-20_1-00.pdf"
+#define TPM_PS_PDA_12_URI "https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf"
+#define TPM_PS_Server_12_URI "https://www.trustedcomputinggroup.org/specs/Server/TCG_Generic_Server_Specification_v1_0_rev0_8.pdf"
+#define TPM_PS_Mobile_12_URI "https://www.trustedcomputinggroup.org/specs/mobilephone/tcg-mobile-reference-architecture-1.0.pdf"
+
+/* for detecting whether an option has been set */
+#define TCSD_OPTION_PORT 0x0001
+#define TCSD_OPTION_MAX_THREADS 0x0002
+#define TCSD_OPTION_FIRMWARE_PCRS 0x0004
+#define TCSD_OPTION_KERNEL_PCRS 0x0008
+#define TCSD_OPTION_SYSTEM_PSFILE 0x0010
+#define TCSD_OPTION_KERNEL_LOGFILE 0x0020
+#define TCSD_OPTION_FIRMWARE_LOGFILE 0x0040
+#define TCSD_OPTION_PLATFORM_CRED 0x0080
+#define TCSD_OPTION_CONFORMANCE_CRED 0x0100
+#define TCSD_OPTION_ENDORSEMENT_CRED 0x0200
+#define TCSD_OPTION_REMOTE_OPS 0x0400
+#define TCSD_OPTION_EXCLUSIVE_TRANSPORT 0x0800
+#define TCSD_OPTION_HOST_PLATFORM_CLASS 0x1000
+#define TCSD_OPTION_DISABLE_IPV4 0x2000
+#define TCSD_OPTION_DISABLE_IPV6 0x4000
+#define TCSD_OPTION_DISABLE_UNIX 0x8000
+
+#define TSS_TCP_RPC_MAX_DATA_LEN 1048576
+#define TSS_TCP_RPC_BAD_PACKET_TYPE 0x10000000
+
+enum tcsd_config_option_code {
+ opt_port = 1,
+ opt_max_threads,
+ opt_system_ps_file,
+ opt_firmware_log,
+ opt_kernel_log,
+ opt_firmware_pcrs,
+ opt_kernel_pcrs,
+ opt_platform_cred,
+ opt_conformance_cred,
+ opt_endorsement_cred,
+ opt_remote_ops,
+ opt_exclusive_transport,
+ opt_host_platform_class,
+ opt_all_platform_classes,
+ opt_disable_ipv4,
+ opt_disable_ipv6,
+ opt_disable_unix,
+};
+
+struct tcsd_config_options {
+ char *name;
+ enum tcsd_config_option_code option;
+};
+
+extern struct tcsd_config tcsd_options;
+
+TSS_RESULT conf_file_init(struct tcsd_config *);
+void conf_file_final(struct tcsd_config *);
+TSS_RESULT ps_dirs_init();
+void tcsd_signal_handler(int);
+
+/* threading structures */
+struct tcsd_thread_data
+{
+ int sock;
+ UINT32 context;
+ THREAD_TYPE *thread_id;
+ char *hostname;
+ struct tcsd_comm_data comm;
+};
+
+struct tcsd_thread_mgr
+{
+ MUTEX_DECLARE(lock);
+ struct tcsd_thread_data *thread_data;
+
+ int shutdown;
+ UINT32 num_active_threads;
+ UINT32 max_threads;
+};
+
+TSS_RESULT tcsd_threads_init();
+TSS_RESULT tcsd_threads_final();
+TSS_RESULT tcsd_thread_create(int, char *);
+void *tcsd_thread_run(void *);
+void thread_signal_init();
+
+/* signal handling */
+struct sigaction tcsd_sa_int;
+struct sigaction tcsd_sa_chld;
+
+#define TCSD_UNIX_SOCKET "/run/tcsd/tcsd.socket"
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd_ops.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd_ops.h
new file mode 100644
index 0000000..82df484
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd_ops.h
@@ -0,0 +1,164 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#ifndef _TCSD_COMMANDS_H_
+#define _TCSD_COMMANDS_H_
+
+#include "tcsd_wrap.h"
+
+#define OPENCONTEXT TCSD_ORD_OPENCONTEXT
+#define CLOSECONTEXT TCSD_ORD_CLOSECONTEXT
+#define FREEMEMORY TCSD_ORD_FREEMEMORY
+#define TCSGETCAPABILITY TCSD_ORD_TCSGETCAPABILITY
+#define REGISTERKEY TCSD_ORD_REGISTERKEY
+#define UNREGISTERKEY TCSD_ORD_UNREGISTERKEY
+#define GETREGISTEREDKEYBLOB TCSD_ORD_GETREGISTEREDKEYBLOB
+#define GETREGISTEREDKEYBYPUBLICINFO TCSD_ORD_GETREGISTEREDKEYBYPUBLICINFO
+#define GETPUBKEY TCSD_ORD_GETPUBKEY
+#define LOADKEYBYBLOB TCSD_ORD_LOADKEYBYBLOB
+#define LOADKEYBYUUID TCSD_ORD_LOADKEYBYUUID
+#define CREATEWRAPKEY TCSD_ORD_CREATEWRAPKEY
+#define GETPCREVENTLOG TCSD_ORD_GETPCREVENTLOG
+#define OIAP TCSD_ORD_OIAP
+#define OSAP TCSD_ORD_OSAP
+#define TERMINATEHANDLE TCSD_ORD_TERMINATEHANDLE
+#define PCRREAD TCSD_ORD_PCRREAD
+#define PCRRESET TCSD_ORD_PCRRESET
+#define QUOTE TCSD_ORD_QUOTE
+#define SEAL TCSD_ORD_SEAL
+#define UNSEAL TCSD_ORD_UNSEAL
+#define UNBIND TCSD_ORD_UNBIND
+#define CERTIFYKEY TCSD_ORD_CERTIFYKEY
+#define SIGN TCSD_ORD_SIGN
+#define GETRANDOM TCSD_ORD_GETRANDOM
+#define STIRRANDOM TCSD_ORD_STIRRANDOM
+#define GETCAPABILITY TCSD_ORD_GETCAPABILITY
+#define READPUBEK TCSD_ORD_READPUBEK
+#define SELFTESTFULL TCSD_ORD_SELFTESTFULL
+#define CERTIFYSELFTEST TCSD_ORD_CERTIFYSELFTEST
+#define CONTINUESELFTEST TCSD_ORD_CONTINUESELFTEST
+#define GETTESTRESULT TCSD_ORD_GETTESTRESULT
+/* below this line are ordinals that probably shouldn't be allowed for non-localhosts */
+#if 0
+#define OWNERREADPUBEK TCSD_ORD_OWNERREADPUBEK
+#define GETPCREVENT TCSD_ORD_GETPCREVENT
+#define GETPCREVENTBYPCR TCSD_ORD_GETPCREVENTBYPCR
+#define GETCAPABILITYSIGNED TCSD_ORD_GETCAPABILITYSIGNED
+#define ENUMREGISTEREDKEYS TCSD_ORD_ENUMREGISTEREDKEYS
+#define ENUMREGISTEREDKEYS2 TCSD_ORD_ENUMREGISTEREDKEYS2
+#define GETREGISTEREDKEY TCSD_ORD_GETREGISTEREDKEY
+#define EXTEND TCSD_ORD_EXTEND
+#define LOGPCREVENT TCSD_ORD_LOGPCREVENT
+#define EVICTKEY TCSD_ORD_EVICTKEY
+#define DISABLEPUBEKREAD TCSD_ORD_DISABLEPUBEKREAD
+#define SETOWNERINSTALL TCSD_ORD_SETOWNERINSTALL
+#define MAKEIDENTITY TCSD_ORD_MAKEIDENTITY
+#define MAKEIDENTITY2 TCSD_ORD_MAKEIDENTITY2
+#define TAKEOWNERSHIP TCSD_ORD_TAKEOWNERSHIP
+#define CREATEENDORSEMENTKEYPAIR TCSD_ORD_CREATEENDORSEMENTKEYPAIR
+#define GETCAPABILITYOWNER TCSD_ORD_GETCAPABILITYOWNER
+#define ACTIVATETPMIDENTITY TCSD_ORD_ACTIVATETPMIDENTITY
+#define AUTHORIZEMIGRATIONKEY TCSD_ORD_AUTHORIZEMIGRATIONKEY
+#define CHANGEAUTH TCSD_ORD_CHANGEAUTH
+#define CHANGEAUTHOWNER TCSD_ORD_CHANGEAUTHOWNER
+#define CHANGEAUTHASYMSTART TCSD_ORD_CHANGEAUTHASYMSTART
+#define CHANGEAUTHASYMFINISH TCSD_ORD_CHANGEAUTHASYMFINISH
+#define DIRREAD TCSD_ORD_DIRREAD
+#define DIRWRITEAUTH TCSD_ORD_DIRWRITEAUTH
+#define CREATEMIGRATIONBLOB TCSD_ORD_CREATEMIGRATIONBLOB
+#define CONVERTMIGRATIONBLOB TCSD_ORD_CONVERTMIGRATIONBLOB
+#define OWNERSETDISABLE TCSD_ORD_OWNERSETDISABLE
+#define OWNERCLEAR TCSD_ORD_OWNERCLEAR
+#define DISABLEOWNERCLEAR TCSD_ORD_DISABLEOWNERCLEAR
+#define FORCECLEAR TCSD_ORD_FORCECLEAR
+#define DISABLEFORCECLEAR TCSD_ORD_DISABLEFORCECLEAR
+#define PHYSICALDISABLE TCSD_ORD_PHYSICALDISABLE
+#define PHYSICALENABLE TCSD_ORD_PHYSICALENABLE
+#define PHYSICALSETDEACTIVATED TCSD_ORD_PHYSICALSETDEACTIVATED
+#define SETTEMPDEACTIVATED TCSD_ORD_SETTEMPDEACTIVATED
+#define PHYSICALPRESENCE TCSD_ORD_PHYSICALPRESENCE
+#define FIELDUPGRADE TCSD_ORD_FIELDUPGRADE
+#define SETRIDIRECTION TCSD_ORD_SETRIDIRECTION
+#define CREATEMAINTENANCEARCHIVE TCSD_ORD_CREATEMAINTENANCEARCHIVE
+#define LOADMAINTENANCEARCHIVE TCSD_ORD_LOADMAINTENANCEARCHIVE
+#define KILLMAINTENANCEFEATURE TCSD_ORD_KILLMAINTENANCEFEATURE
+#define LOADMANUFECTURERMAINTENANCEPUB TCSD_ORD_LOADMANUFECTURERMAINTENANCEPUB
+#define READMANUFECTURERMAINTENANCEPUB TCSD_ORD_READMANUFECTURERMAINTENANCEPUB
+#define SETTEMPDEACTIVATED2 TCSD_ORD_SETTEMPDEACTIVATED2
+#endif
+
+/* TCSD ordinal sub-command sets */
+#define SUBOP_CONTEXT OPENCONTEXT, CLOSECONTEXT
+#define SUBOP_RANDOM STIRRANDOM, GETRANDOM
+#define SUBOP_AUTHSESS OIAP, OSAP, TERMINATEHANDLE
+#define SUBOP_LOADKEYBYUUID LOADKEYBYUUID, GETREGISTEREDKEYBLOB, FREEMEMORY
+#define SUBOP_SELFTEST SELFTESTFULL, CERTIFYSELFTEST, CONTINUESELFTEST, GETTESTRESULT
+
+/* Top level TCSD operations which can be enabled to be used by remote hosts. Each of these
+ * should have a corresponding on/off switch in the tcsd.conf file
+ */
+#define TCSD_OP_SEAL SEAL, SUBOP_LOADKEYBYUUID, SUBOP_RANDOM, SUBOP_AUTHSESS, SUBOP_CONTEXT, 0
+#define TCSD_OP_UNSEAL UNSEAL, SUBOP_LOADKEYBYUUID, SUBOP_RANDOM, SUBOP_AUTHSESS, SUBOP_CONTEXT, 0
+#define TCSD_OP_GETREGISTEREDKEYBYPUBLICINFO GETREGISTEREDKEYBYPUBLICINFO, SUBOP_CONTEXT, 0
+#define TCSD_OP_GETPUBKEY GETPUBKEY, SUBOP_RANDOM, SUBOP_AUTHSESS, SUBOP_CONTEXT, 0
+#define TCSD_OP_LOADKEY LOADKEYBYBLOB, SUBOP_LOADKEYBYUUID, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0
+#define TCSD_OP_REGISTERKEY REGISTERKEY, SUBOP_CONTEXT, SUBOP_LOADKEYBYUUID, LOADKEYBYBLOB, 0
+#define TCSD_OP_UNREGISTERKEY UNREGISTERKEY, SUBOP_CONTEXT, 0
+#define TCSD_OP_CREATEKEY CREATEWRAPKEY, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_LOADKEYBYUUID, SUBOP_RANDOM, 0
+#define TCSD_OP_SIGN SIGN, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, FREEMEMORY, 0
+#define TCSD_OP_RANDOM SUBOP_RANDOM, SUBOP_CONTEXT, FREEMEMORY, 0
+#define TCSD_OP_GETCAPABILITY GETCAPABILITY, TCSGETCAPABILITY, SUBOP_CONTEXT, FREEMEMORY, 0
+#define TCSD_OP_UNBIND UNBIND, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0
+#define TCSD_OP_QUOTE QUOTE, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0
+#define TCSD_OP_READPUBEK READPUBEK, SUBOP_CONTEXT, SUBOP_AUTHSESS, SUBOP_RANDOM, 0
+#define TCSD_OP_SELFTEST SUBOP_SELFTEST, SUBOP_CONTEXT, FREEMEMORY, 0
+
+struct tcsd_op {
+ char *name;
+ int op[];
+};
+
+struct tcsd_op tcsd_op_seal = {"seal", {TCSD_OP_SEAL}};
+struct tcsd_op tcsd_op_unseal = {"unseal", {TCSD_OP_UNSEAL}};
+struct tcsd_op tcsd_op_registerkey = {"registerkey", {TCSD_OP_REGISTERKEY}};
+struct tcsd_op tcsd_op_unregisterkey = {"unregisterkey", {TCSD_OP_UNREGISTERKEY}};
+struct tcsd_op tcsd_op_getregisteredkeybypublicinfo = {"getregisteredkeybypublicinfo", {TCSD_OP_GETREGISTEREDKEYBYPUBLICINFO}};
+struct tcsd_op tcsd_op_getpubkey = {"getpubkey", {TCSD_OP_GETPUBKEY}};
+struct tcsd_op tcsd_op_loadkey = {"loadkey", {TCSD_OP_LOADKEY}};
+struct tcsd_op tcsd_op_createkey = {"createkey", {TCSD_OP_CREATEKEY}};
+struct tcsd_op tcsd_op_sign = {"sign", {TCSD_OP_SIGN}};
+struct tcsd_op tcsd_op_random = {"random", {TCSD_OP_RANDOM}};
+struct tcsd_op tcsd_op_getcapability = {"getcapability", {TCSD_OP_GETCAPABILITY}};
+struct tcsd_op tcsd_op_unbind = {"unbind", {TCSD_OP_UNBIND}};
+struct tcsd_op tcsd_op_quote = {"quote", {TCSD_OP_QUOTE}};
+struct tcsd_op tcsd_op_readpubek = {"readpubek", {TCSD_OP_READPUBEK}};
+struct tcsd_op tcsd_op_selftest = {"selftest", {TCSD_OP_SELFTEST}};
+
+struct tcsd_op *tcsd_ops[] = {
+ &tcsd_op_seal,
+ &tcsd_op_unseal,
+ &tcsd_op_registerkey,
+ &tcsd_op_unregisterkey,
+ &tcsd_op_getregisteredkeybypublicinfo,
+ &tcsd_op_getpubkey,
+ &tcsd_op_loadkey,
+ &tcsd_op_createkey,
+ &tcsd_op_sign,
+ &tcsd_op_random,
+ &tcsd_op_getcapability,
+ &tcsd_op_unbind,
+ &tcsd_op_quote,
+ &tcsd_op_readpubek,
+ &tcsd_op_selftest,
+ NULL
+};
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd_wrap.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd_wrap.h
new file mode 100644
index 0000000..b320d74
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsd_wrap.h
@@ -0,0 +1,194 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _TCSD_WRAP_H_
+#define _TCSD_WRAP_H_
+
+#include "tcs_tsp.h"
+
+enum TCSP_PACKET_TYPE {
+ TCSD_PACKET_TYPE_BYTE,
+ TCSD_PACKET_TYPE_BOOL,
+ TCSD_PACKET_TYPE_UINT16,
+ TCSD_PACKET_TYPE_UINT32,
+ TCSD_PACKET_TYPE_PBYTE,
+ TCSD_PACKET_TYPE_KEY,
+ TCSD_PACKET_TYPE_NONCE,
+ TCSD_PACKET_TYPE_AUTH,
+ TCSD_PACKET_TYPE_DIGEST,
+ TCSD_PACKET_TYPE_UUID,
+ TCSD_PACKET_TYPE_ENCAUTH,
+ TCSD_PACKET_TYPE_VERSION,
+ /*2004-05-12 Seiji Munetoh added */
+ TCSD_PACKET_TYPE_KM_KEYINFO,
+ TCSD_PACKET_TYPE_KM_KEYINFO2,
+ TCSD_PACKET_TYPE_LOADKEY_INFO,
+ TCSD_PACKET_TYPE_PCR_EVENT,
+ TCSD_PACKET_TYPE_COUNTER_VALUE,
+ TCSD_PACKET_TYPE_UINT64,
+ TCSD_PACKET_TYPE_SECRET
+};
+
+enum TCSD_ORD {
+ TCSD_ORD_ERROR = 0,
+ /* 4.5 TCS Contest Manager */
+ TCSD_ORD_OPENCONTEXT = 1,
+ TCSD_ORD_CLOSECONTEXT = 2,
+ TCSD_ORD_FREEMEMORY = 3,
+ TCSD_ORD_TCSGETCAPABILITY = 4, /* Tcsi_GatCapability */
+ /* 4.6 TCS Key Credential Manager */
+ TCSD_ORD_REGISTERKEY = 5,
+ TCSD_ORD_UNREGISTERKEY = 6,
+ TCSD_ORD_ENUMREGISTEREDKEYS = 7,
+ TCSD_ORD_GETREGISTEREDKEY = 8,
+ TCSD_ORD_GETREGISTEREDKEYBLOB = 9,
+ TCSD_ORD_GETREGISTEREDKEYBYPUBLICINFO = 10,
+ TCSD_ORD_LOADKEYBYBLOB = 11,
+ TCSD_ORD_LOADKEYBYUUID = 12,
+ TCSD_ORD_EVICTKEY = 13,
+ TCSD_ORD_CREATEWRAPKEY = 14,
+ TCSD_ORD_GETPUBKEY = 15,
+ TCSD_ORD_MAKEIDENTITY = 16,
+ /* 4.7 TCS Event Manager */
+ TCSD_ORD_LOGPCREVENT = 17,
+ TCSD_ORD_GETPCREVENT = 18,
+ TCSD_ORD_GETPCREVENTBYPCR = 19,
+ TCSD_ORD_GETPCREVENTLOG = 20,
+ /* 4.8 TCS Audit Manager */
+ /* 4.9 TCS TPM Parametor Block Generator */
+ TCSD_ORD_SETOWNERINSTALL = 21,
+ TCSD_ORD_TAKEOWNERSHIP = 22,
+ TCSD_ORD_OIAP = 23,
+ TCSD_ORD_OSAP = 24,
+ TCSD_ORD_CHANGEAUTH = 25,
+ TCSD_ORD_CHANGEAUTHOWNER = 26,
+ TCSD_ORD_CHANGEAUTHASYMSTART = 27,
+ TCSD_ORD_CHANGEAUTHASYMFINISH = 28,
+ TCSD_ORD_TERMINATEHANDLE = 29,
+ TCSD_ORD_ACTIVATETPMIDENTITY = 30,
+
+ TCSD_ORD_EXTEND = 31,
+ TCSD_ORD_PCRREAD= 32,
+ TCSD_ORD_QUOTE = 33,
+ TCSD_ORD_DIRWRITEAUTH = 34,
+ TCSD_ORD_DIRREAD = 35,
+ TCSD_ORD_SEAL = 36,
+ TCSD_ORD_UNSEAL = 37,
+ TCSD_ORD_UNBIND = 38,
+ TCSD_ORD_CREATEMIGRATIONBLOB = 39,
+ TCSD_ORD_CONVERTMIGRATIONBLOB = 40,
+ TCSD_ORD_AUTHORIZEMIGRATIONKEY = 41,
+
+ TCSD_ORD_CERTIFYKEY = 42,
+ TCSD_ORD_SIGN = 43,
+ TCSD_ORD_GETRANDOM =44,
+ TCSD_ORD_STIRRANDOM =45,
+ TCSD_ORD_GETCAPABILITY =46, /* Tcsip_GatCapability */
+ TCSD_ORD_GETCAPABILITYSIGNED = 47,
+ TCSD_ORD_GETCAPABILITYOWNER = 48,
+
+ TCSD_ORD_CREATEENDORSEMENTKEYPAIR = 49,
+ TCSD_ORD_READPUBEK = 50,
+ TCSD_ORD_DISABLEPUBEKREAD = 51,
+ TCSD_ORD_OWNERREADPUBEK =52,
+
+ TCSD_ORD_SELFTESTFULL = 53,
+ TCSD_ORD_CERTIFYSELFTEST = 54,
+ TCSD_ORD_CONTINUESELFTEST = 55,
+ TCSD_ORD_GETTESTRESULT = 56,
+ TCSD_ORD_OWNERSETDISABLE = 57,
+ TCSD_ORD_OWNERCLEAR = 58,
+ TCSD_ORD_DISABLEOWNERCLEAR = 59,
+ TCSD_ORD_FORCECLEAR = 60,
+ TCSD_ORD_DISABLEFORCECLEAR = 61,
+ TCSD_ORD_PHYSICALDISABLE = 62,
+ TCSD_ORD_PHYSICALENABLE = 63,
+ TCSD_ORD_PHYSICALSETDEACTIVATED = 64,
+ TCSD_ORD_SETTEMPDEACTIVATED = 65,
+ TCSD_ORD_PHYSICALPRESENCE = 66,
+ TCSD_ORD_FIELDUPGRADE = 67,
+ TCSD_ORD_SETRIDIRECTION = 68,
+
+ TCSD_ORD_CREATEMAINTENANCEARCHIVE = 69,
+ TCSD_ORD_LOADMAINTENANCEARCHIVE = 70,
+ TCSD_ORD_KILLMAINTENANCEFEATURE = 71,
+ TCSD_ORD_LOADMANUFACTURERMAINTENANCEPUB = 72,
+ TCSD_ORD_READMANUFACTURERMAINTENANCEPUB = 73,
+ /* DAA */
+ TCSD_ORD_DAAJOIN = 74,
+ TCSD_ORD_DAASIGN = 75,
+ TCSD_ORD_SETCAPABILITY = 76,
+ TCSD_ORD_RESETLOCKVALUE = 77,
+
+ TCSD_ORD_PCRRESET = 78,
+ TCSD_ORD_READCOUNTER = 79,
+ TCSD_ORD_CREATECOUNTER = 80,
+ TCSD_ORD_INCREMENTCOUNTER = 81,
+ TCSD_ORD_RELEASECOUNTER = 82,
+ TCSD_ORD_RELEASECOUNTEROWNER = 83,
+ TCSD_ORD_READCURRENTTICKS = 84,
+ TCSD_ORD_TICKSTAMPBLOB = 85,
+ TCSD_ORD_GETCREDENTIAL = 86,
+ /* NV */
+ TCSD_ORD_NVDEFINEORRELEASESPACE = 87,
+ TCSD_ORD_NVWRITEVALUE = 88,
+ TCSD_ORD_NVWRITEVALUEAUTH = 89,
+ TCSD_ORD_NVREADVALUE = 90,
+ TCSD_ORD_NVREADVALUEAUTH = 91,
+
+ TCSD_ORD_ESTABLISHTRANSPORT = 92,
+ TCSD_ORD_EXECUTETRANSPORT = 93,
+ TCSD_ORD_RELEASETRANSPORTSIGNED = 94,
+ /* Audit */
+ TCSD_ORD_SETORDINALAUDITSTATUS = 95,
+ TCSD_ORD_GETAUDITDIGEST = 96,
+ TCSD_ORD_GETAUDITDIGESTSIGNED = 97,
+ TCSD_ORD_SEALX = 98,
+
+ TCSD_ORD_SETOPERATORAUTH = 99,
+ TCSD_ORD_OWNERREADINTERNALPUB = 100,
+ TCSD_ORD_ENUMREGISTEREDKEYS2 = 101,
+ TCSD_ORD_SETTEMPDEACTIVATED2 = 102,
+
+ /* Delegation */
+ TCSD_ORD_DELEGATE_MANAGE = 103,
+ TCSD_ORD_DELEGATE_CREATEKEYDELEGATION = 104,
+ TCSD_ORD_DELEGATE_CREATEOWNERDELEGATION = 105,
+ TCSD_ORD_DELEGATE_LOADOWNERDELEGATION = 106,
+ TCSD_ORD_DELEGATE_READTABLE = 107,
+ TCSD_ORD_DELEGATE_UPDATEVERIFICATIONCOUNT = 108,
+ TCSD_ORD_DELEGATE_VERIFYDELEGATION = 109,
+
+ TCSD_ORD_CREATEREVOCABLEENDORSEMENTKEYPAIR = 110,
+ TCSD_ORD_REVOKEENDORSEMENTKEYPAIR = 111,
+
+ TCSD_ORD_MAKEIDENTITY2 = 112,
+ TCSD_ORD_QUOTE2 = 113,
+
+ /* CMK */
+ TCSD_ORD_CMK_SETRESTRICTIONS = 114,
+ TCSD_ORD_CMK_APPROVEMA = 115,
+ TCSD_ORD_CMK_CREATEKEY = 116,
+ TCSD_ORD_CMK_CREATETICKET = 117,
+ TCSD_ORD_CMK_CREATEBLOB = 118,
+ TCSD_ORD_CMK_CONVERTMIGRATION = 119,
+
+ TCSD_ORD_FLUSHSPECIFIC = 120,
+ TCSD_ORD_KEYCONTROLOWNER = 121,
+ TCSD_ORD_DSAP = 122,
+
+ /* Last */
+ TCSD_LAST_ORD = 123
+};
+#define TCSD_MAX_NUM_ORDS TCSD_LAST_ORD
+
+#include "tcsd.h"
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsem.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsem.h
new file mode 100644
index 0000000..4b1f215
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsem.h
@@ -0,0 +1,62 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#ifndef _TCSEM_H_
+#define _TCSEM_H_
+
+struct ext_log_source {
+ int (*open)(void *, FILE **);
+ TSS_RESULT (*get_entries_by_pcr)(FILE *, UINT32, UINT32, UINT32 *, TSS_PCR_EVENT **);
+ TSS_RESULT (*get_entry)(FILE *, UINT32, UINT32 *, TSS_PCR_EVENT **);
+ int (*close)(FILE *);
+};
+
+struct event_wrapper {
+ TSS_PCR_EVENT event;
+ struct event_wrapper *next;
+};
+
+struct event_log {
+ MUTEX_DECLARE(lock);
+ struct ext_log_source *firmware_source;
+ struct ext_log_source *kernel_source;
+ struct event_wrapper **lists;
+};
+
+/* include the compiled-in log sources and struct references here */
+#include "imaem.h"
+#include "biosem.h"
+
+#ifdef EVLOG_SOURCE_IMA
+#define EVLOG_IMA_SOURCE &ima_source
+#else
+#define EVLOG_IMA_SOURCE NULL
+#endif
+
+#ifdef EVLOG_SOURCE_BIOS
+#define EVLOG_BIOS_SOURCE &bios_source
+#else
+#define EVLOG_BIOS_SOURCE NULL
+#endif
+
+
+TSS_RESULT event_log_init();
+TSS_RESULT event_log_final();
+TSS_RESULT copy_pcr_event(TSS_PCR_EVENT *, TSS_PCR_EVENT *);
+TSS_RESULT event_log_add(TSS_PCR_EVENT *, UINT32 *);
+TSS_PCR_EVENT *get_pcr_event(UINT32, UINT32);
+UINT32 get_num_events(UINT32);
+TSS_PCR_EVENT *concat_pcr_events(TSS_PCR_EVENT **, UINT32, TSS_PCR_EVENT *, UINT32);
+UINT32 get_pcr_event_size(TSS_PCR_EVENT *);
+void free_external_events(UINT32, TSS_PCR_EVENT *);
+
+extern struct event_log *tcs_event_log;
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcslog.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcslog.h
new file mode 100644
index 0000000..4e906fc
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcslog.h
@@ -0,0 +1,112 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#ifndef _TCSLOG_H_
+#define _TCSLOG_H_
+
+#include <stdio.h>
+#include <syslog.h>
+
+/* log to syslog -- change your syslog destination here */
+#define TSS_SYSLOG_LVL LOG_LOCAL5
+
+#ifndef __FUNCTION__
+#define __FUNCTION__ __func__
+#endif
+
+#define LogMessage(dest, priority, layer, fmt, ...) \
+ do { \
+ if (getenv("TCSD_FOREGROUND") != NULL) { \
+ fprintf(dest, "%s " fmt "\n", layer, ## __VA_ARGS__); \
+ } else { \
+ openlog(layer, LOG_NDELAY|LOG_PID, TSS_SYSLOG_LVL); \
+ syslog(priority, "TrouSerS " fmt "\n", ## __VA_ARGS__); \
+ } \
+ } while (0)
+
+/* Debug logging */
+#ifdef TSS_DEBUG
+#define LogDebug(fmt, ...) LogMessage(stdout, LOG_DEBUG, APPID, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
+#define LogDebugFn(fmt, ...) LogMessage(stdout, LOG_DEBUG, APPID, "%s:%d %s: " fmt, __FILE__, __LINE__, __FUNCTION__, ##__VA_ARGS__)
+#define LogBlob(sz,blb) LogBlobData(APPID, sz, blb)
+#define LogDebugKey(k) \
+ do { \
+ if (k.hdr.key12.tag == TPM_TAG_KEY12) \
+ LogDebugFn("Tag: %hu", k.hdr.key12.tag); \
+ else \
+ LogDebugFn("Version: %hhu.%hhu.%hhu.%hhu", \
+ k.hdr.key11.ver.major, k.hdr.key11.ver.minor, \
+ k.hdr.key11.ver.revMajor, k.hdr.key11.ver.revMinor); \
+ LogDebugFn("keyUsage: 0x%hx", k.keyUsage); \
+ LogDebugFn("keyFlags: 0x%x", k.keyFlags); \
+ LogDebugFn("authDatausage: %hhu", k.authDataUsage); \
+ LogDebugFn("pcrInfosize: %u", k.PCRInfoSize); \
+ LogDebugFn("encDataSize: %u", k.encSize); \
+ } while (0)
+#define LogDebugUnrollKey(b) \
+ do { \
+ TSS_KEY tmpkey; \
+ UINT64 offset = 0; \
+ if (!UnloadBlob_TSS_KEY(&offset, b, &tmpkey)) { \
+ LogDebugKey(tmpkey); \
+ destroy_key_refs(&tmpkey); \
+ } else { \
+ LogDebugFn("*** ERROR UNLOADING DEBUGGING KEY BLOB ***"); \
+ } \
+ } while (0)
+
+#define LogError(fmt, ...) LogMessage(stderr, LOG_ERR, APPID, "ERROR: %s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
+#define LogWarn(fmt, ...) LogMessage(stdout, LOG_WARNING, APPID, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
+#define LogInfo(fmt, ...) LogMessage(stdout, LOG_INFO, APPID, "%s:%d " fmt, __FILE__, __LINE__, ##__VA_ARGS__)
+
+/* Return Value logging */
+TSS_RESULT LogTCSERR(TSS_RESULT, char *, int);
+TSS_RESULT LogTDDLERR(TSS_RESULT, char *, int);
+void LogTPMERR(TSS_RESULT, char *, int);
+
+#define LogDebugBacktrace() \
+ do { \
+ void *bt_data[10]; \
+ backtrace_symbols_fd(&bt_data, 10, stdout); \
+ } while (0)
+
+#elif defined (TSS_TRACE)
+#include <syslog.h>
+#define LogDebug(fmt, ...)
+#define LogDebugFn(fmt, ...)
+#define LogBlob(sz,blb)
+#define LogDebugKey(s)
+#define LogDebugUnrollKey(b)
+#define LogDebugBacktrace()
+#define LogError(fmt, ...) syslog(LOG_ERR, "TSS: " fmt, ##__VA_ARGS__)
+#define LogWarn(fmt, ...) syslog(LOG_WARNING, "TSS: " fmt, ##__VA_ARGS__)
+#define LogInfo(fmt, ...) syslog(LOG_INFO, "TSS: " fmt, ##__VA_ARGS__)
+#define LogTrace() syslog(LOG_INFO, "TSS: %s", __FUNCTION__)
+/* Return Value logging */
+TSS_RESULT LogTCSERR(TSS_RESULT, char *, int);
+TSS_RESULT LogTDDLERR(TSS_RESULT, char *, int);
+void LogTPMERR(TSS_RESULT, char *, int);
+#else
+#define LogDebug(fmt, ...)
+#define LogDebugFn(fmt, ...)
+#define LogBlob(sz,blb)
+#define LogDebugKey(s)
+#define LogDebugUnrollKey(b)
+#define LogError(fmt, ...) syslog(LOG_ERR, "TSS: " fmt, ##__VA_ARGS__)
+#define LogWarn(fmt, ...) syslog(LOG_WARNING, "TSS: " fmt, ##__VA_ARGS__)
+#define LogInfo(fmt, ...) syslog(LOG_INFO, "TSS: " fmt, ##__VA_ARGS__)
+#define LogTPMERR(a,b,c)
+#define LogDebugBacktrace()
+#endif
+
+void LogBlobData(char *appid, unsigned long sizeOfBlob, unsigned char *blob);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsps.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsps.h
new file mode 100644
index 0000000..4a92d88
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tcsps.h
@@ -0,0 +1,68 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _TCSPS_H_
+#define _TCSPS_H_
+
+#include "threads.h"
+
+extern struct key_disk_cache *key_disk_cache_head;
+/* file handles for the persistent stores */
+extern int system_ps_fd;
+/* The lock that surrounds all manipulations of the disk cache */
+MUTEX_DECLARE_EXTERN(disk_cache_lock);
+
+int get_file();
+int put_file(int);
+TSS_RESULT read_data(int, void *, UINT32);
+TSS_RESULT write_data(int, void *, UINT32);
+void close_file(int);
+void ps_destroy();
+int write_key_init(int, UINT32, UINT32, UINT32);
+TSS_RESULT cache_key(UINT32, UINT16, TSS_UUID *, TSS_UUID *, UINT16, UINT32, UINT32);
+TSS_RESULT UnloadBlob_KEY_PS(UINT16 *, BYTE *, TSS_KEY *);
+TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *);
+TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *);
+TSS_RESULT psfile_get_key_by_uuid(int, TSS_UUID *, BYTE *, UINT16 *);
+TSS_RESULT psfile_get_key_by_cache_entry(int, struct key_disk_cache *, BYTE *, UINT16 *);
+TSS_RESULT psfile_get_ps_type_by_uuid(int, TSS_UUID *, UINT32 *);
+TSS_RESULT psfile_get_vendor_data(int, struct key_disk_cache *, UINT32 *, BYTE **);
+TSS_RESULT psfile_is_pub_registered(int, TCPA_STORE_PUBKEY *, TSS_BOOL *);
+TSS_RESULT psfile_get_uuid_by_pub(int, TCPA_STORE_PUBKEY *, TSS_UUID **);
+TSS_RESULT psfile_write_key(int, TSS_UUID *, TSS_UUID *, UINT32 *, BYTE *, UINT32, BYTE *, UINT16);
+TSS_RESULT psfile_remove_key(int, struct key_disk_cache *);
+TCPA_STORE_PUBKEY *psfile_get_pub_by_tpm_handle(int, TCPA_KEY_HANDLE);
+TSS_RESULT psfile_get_tpm_handle_by_pub(int, TCPA_STORE_PUBKEY *, TCPA_KEY_HANDLE *);
+TSS_RESULT psfile_get_tcs_handle_by_pub(int, TCPA_STORE_PUBKEY *, TCS_KEY_HANDLE *);
+TSS_RESULT psfile_get_parent_tcs_handle_by_pub(int, TCPA_STORE_PUBKEY *, TCS_KEY_HANDLE *);
+TCPA_STORE_PUBKEY *psfile_get_pub_by_tcs_handle(int, TCS_KEY_HANDLE);
+TSS_RESULT psfile_get_key_by_pub(int, TCPA_STORE_PUBKEY *, UINT32 *, BYTE **);
+TSS_RESULT ps_remove_key(TSS_UUID *);
+int init_disk_cache(int);
+int close_disk_cache(int);
+TSS_RESULT clean_disk_cache(int);
+
+TSS_RESULT ps_write_key(TSS_UUID *, TSS_UUID *, BYTE *, UINT32, BYTE *, UINT32);
+TSS_RESULT ps_get_key_by_uuid(TSS_UUID *, BYTE *, UINT16 *);
+TSS_RESULT ps_get_key_by_cache_entry(struct key_disk_cache *, BYTE *, UINT16 *);
+TSS_RESULT ps_get_vendor_data(struct key_disk_cache *, UINT32 *, BYTE **);
+TSS_RESULT ps_init_disk_cache();
+void ps_close_disk_cache();
+TSS_RESULT ps_get_key_by_pub(TCPA_STORE_PUBKEY *, UINT32 *, BYTE **);
+
+#ifdef TSS_BUILD_PS
+#define PS_init_disk_cache() ps_init_disk_cache()
+#define PS_close_disk_cache() ps_close_disk_cache()
+#else
+#define PS_init_disk_cache() (TSS_SUCCESS)
+#define PS_close_disk_cache()
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tddl.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tddl.h
new file mode 100644
index 0000000..cf5bb3a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tddl.h
@@ -0,0 +1,39 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2005
+ *
+ */
+
+
+#ifndef _TDDL_H_
+#define _TDDL_H_
+
+#include <threads.h>
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+struct tpm_device_node {
+ char *path;
+#define TDDL_TRANSMIT_IOCTL 1
+#define TDDL_TRANSMIT_RW 2
+ int transmit;
+ int fd;
+};
+
+#define TDDL_TXBUF_SIZE 2048
+#define TDDL_UNDEF -1
+
+TSS_RESULT Tddli_Open(void);
+
+TSS_RESULT Tddli_TransmitData(BYTE *pTransmitBuf,
+ UINT32 TransmitBufLen,
+ BYTE *pReceiveBuf,
+ UINT32 *pReceiveBufLen);
+
+TSS_RESULT Tddli_Close(void);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/threads.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/threads.h
new file mode 100644
index 0000000..3c57144
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/threads.h
@@ -0,0 +1,52 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef __THREADS_H__
+#define __THREADS_H__
+
+#ifdef HAVE_PTHREAD_H
+
+#include <pthread.h>
+
+/* mutex abstractions */
+#define MUTEX_INIT(m) pthread_mutex_init(&m, NULL)
+#define MUTEX_LOCK(m) pthread_mutex_lock(&m)
+#define MUTEX_UNLOCK(m) pthread_mutex_unlock(&m)
+#define MUTEX_DECLARE(m) pthread_mutex_t m
+#define MUTEX_DECLARE_INIT(m) pthread_mutex_t m = PTHREAD_MUTEX_INITIALIZER
+#define MUTEX_DECLARE_EXTERN(m) extern pthread_mutex_t m
+
+/* condition variable abstractions */
+#define COND_DECLARE(c) pthread_cond_t c
+#define COND_INIT(c) pthread_cond_init(&c, NULL)
+#define COND_VAR pthread_cond_t
+#define COND_WAIT(c,m) pthread_cond_wait(c,m)
+#define COND_SIGNAL(c) pthread_cond_signal(c)
+
+/* thread abstractions */
+#define THREAD_ID ((THREAD_TYPE)pthread_self())
+#define THREAD_TYPE pthread_t
+#define THREAD_JOIN pthread_join
+#define THREAD_DETACH pthread_detach
+#define THREAD_ATTR_DECLARE(a) pthread_attr_t a
+#define THREAD_ATTR_INIT(a) pthread_attr_init(&a)
+#define THREAD_ATTR_SETJOINABLE(a) pthread_attr_setdetachstate(&a, PTHREAD_CREATE_JOINABLE)
+#define THREAD_EXIT pthread_exit
+#define THREAD_CREATE(a,b,c,d) pthread_create(a,b,c,d)
+#define THREAD_SET_SIGNAL_MASK pthread_sigmask
+#define THREAD_NULL (THREAD_TYPE *)0
+
+#else
+
+#error No threading library defined! (Cannot find pthread.h)
+
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/scoped_tss_type.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/scoped_tss_type.h
new file mode 100644
index 0000000..6f33837
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/scoped_tss_type.h
@@ -0,0 +1,174 @@
+// Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Implements a simple framework for scoping TSS values.
+// Based on chrome's base/memory/scoped_ptr_malloc implementation.
+//
+// Example usage:
+// ScopedTssContext context_handle;
+// TSS_RESULT result;
+// if (!OpenAndConnectTpm(context_handle.ptr(), &result))
+// ...
+// ScopedTssKey srk(context_handle);
+// if (!LoadSrk(context_handle, srk_handle.ptr(), &result))
+// ...
+//
+// See the bottom of this file for common typedefs.
+#ifndef TROUSERS_SCOPED_TSS_TYPE_H_
+#define TROUSERS_SCOPED_TSS_TYPE_H_
+
+#ifdef __cplusplus
+
+#include <trousers/tss.h>
+#include <trousers/trousers.h> // NOLINT(build/include_alpha) - needs tss.h
+#include <vector>
+
+#include <base/logging.h>
+#include <base/notreached.h>
+
+namespace trousers {
+
+class ScopedTssContextRelease {
+ public:
+ inline void operator()(TSS_HCONTEXT unused, TSS_HCONTEXT context) const {
+ // Usually, only |context| is used, but if the ScopedTssContext is
+ // used slightly differently, it may end up with a context in |unused|.
+ // For now, treat that as a bug.
+ if (unused) {
+ NOTREACHED() << "Unexpected data in the unused argument - a misuse of "
+ "ScopedTssContext. Please report to crbug.com/821825";
+ return;
+ }
+ if (context)
+ Tspi_Context_Close(context);
+ }
+};
+
+class ScopedTssMemoryRelease {
+ public:
+ inline void operator()(TSS_HCONTEXT context, BYTE* memory) const {
+ if (!memory)
+ return;
+ if (!context) {
+ NOTREACHED() << "Leaking Trousers memory due to null context. Please "
+ "report to crbug.com/821825";
+ return;
+ }
+ Tspi_Context_FreeMemory(context, memory);
+ }
+};
+
+class ScopedTssObjectRelease {
+ public:
+ inline void operator()(TSS_HCONTEXT context, TSS_HOBJECT handle) const {
+ if (!handle)
+ return;
+ if (!context) {
+ NOTREACHED() << "Leaking Trousers handle due to null context. Please "
+ "report to crbug.com/821825";
+ return;
+ }
+ Tspi_Context_CloseObject(context, handle);
+ }
+};
+
+// Provide a basic scoped container for TSS managed objects.
+template<class TssType, class ReleaseProc = ScopedTssObjectRelease>
+class ScopedTssType {
+ public:
+ explicit ScopedTssType(TSS_HCONTEXT c = 0, TssType t = 0) :
+ context_(c),
+ type_(t) {}
+
+ ScopedTssType(const ScopedTssType &) = delete;
+ ScopedTssType &operator=(const ScopedTssType &) = delete;
+
+ explicit ScopedTssType(ScopedTssType &&other)
+ : context_(other.context_), type_(other.type_) {
+ other.context_ = 0;
+ other.type_ = 0;
+ }
+
+ ScopedTssType &operator=(ScopedTssType &&other) {
+ release_(context_, type_);
+ context_ = other.context_;
+ type_ = other.type_;
+ other.context_ = 0;
+ other.type_ = 0;
+ return *this;
+ }
+
+ virtual ~ScopedTssType() {
+ release_(context_, type_);
+ }
+
+ // Provide a means to access the value without conversion.
+ virtual TssType value() {
+ return type_;
+ }
+
+ // Allow direct referencing of the wrapped value.
+ virtual TssType* ptr() {
+ return &type_;
+ }
+
+ // Returns the assigned context.
+ virtual TSS_HCONTEXT context() {
+ return context_;
+ }
+
+ virtual TssType release() __attribute__((warn_unused_result)) {
+ TssType tmp = type_;
+ type_ = 0;
+ context_ = 0;
+ return tmp;
+ }
+
+ virtual void reset(TSS_HCONTEXT c = 0, TssType t = 0) {
+ release_(context_, type_);
+ context_ = c;
+ type_ = t;
+ }
+
+ private:
+ ReleaseProc release_;
+ TSS_HCONTEXT context_;
+ TssType type_;
+};
+
+// Wrap ScopedTssObject to allow implicit conversion only when safe.
+template<class TssType = TSS_HOBJECT,
+ class ReleaseProc = ScopedTssObjectRelease>
+class ScopedTssObject : public ScopedTssType<TssType, ReleaseProc> {
+ public:
+ // Enforce a context for scoped objects.
+ explicit ScopedTssObject(TSS_HCONTEXT c, TssType t = 0)
+ : ScopedTssType<TssType, ReleaseProc>(c, t) {}
+
+ // Allow implicit conversion to anything TSS_HOBJECT based.
+ virtual operator TssType() {
+ return this->value();
+ }
+};
+
+class ScopedTssContext
+ : public ScopedTssObject<TSS_HCONTEXT, ScopedTssContextRelease> {
+ public:
+ // Enforce a context for scoped objects.
+ explicit ScopedTssContext(TSS_HCONTEXT t = 0)
+ : ScopedTssObject<TSS_HCONTEXT,ScopedTssContextRelease>(0, t) {}
+};
+
+// Provide clear-cut typedefs for the common cases.
+typedef ScopedTssType<BYTE*, ScopedTssMemoryRelease> ScopedTssMemory;
+
+typedef ScopedTssObject<TSS_HKEY> ScopedTssKey;
+typedef ScopedTssObject<TSS_HPOLICY> ScopedTssPolicy;
+typedef ScopedTssObject<TSS_HPCRS> ScopedTssPcrs;
+typedef ScopedTssObject<TSS_HNVSTORE> ScopedTssNvStore;
+
+} // namespace trousers
+
+#endif // __cplusplus
+#endif // TROUSERS_SCOPED_TSS_TYPE_H_
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/trousers.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/trousers.h
new file mode 100644
index 0000000..3dee970
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/trousers.h
@@ -0,0 +1,311 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#ifndef _TROUSERS_H_
+#define _TROUSERS_H_
+
+#include <trousers/tss.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Utility functions offered by trousers for use in your TSS app.
+ *
+ * All functions listed here are specific to the trousers TSS and should not be
+ * used in applications that are intended to be portable.
+ *
+ */
+
+/* Blob unloading functions */
+void Trspi_UnloadBlob(UINT64 *offset, size_t size, BYTE *container, BYTE *object);
+TSS_RESULT Trspi_UnloadBlob_s(UINT64 *offset, size_t size, BYTE *container, UINT64 capacity, BYTE *object);
+void Trspi_UnloadBlob_BYTE(UINT64 *offset, BYTE *dataOut, BYTE *blob);
+TSS_RESULT Trspi_UnloadBlob_BYTE_s(UINT64 *offset, BYTE *dataOut, BYTE *blob, UINT64 capacity);
+void Trspi_UnloadBlob_BOOL(UINT64 *offset, TSS_BOOL *dataOut, BYTE *blob);
+TSS_RESULT Trspi_UnloadBlob_BOOL_s(UINT64 *offset, TSS_BOOL *dataOut, BYTE *blob, UINT64 capacity);
+void Trspi_UnloadBlob_UINT64(UINT64 *offset, UINT64 *out, BYTE *blob);
+TSS_RESULT Trspi_UnloadBlob_UINT64_s(UINT64 *offset, UINT64 *out, BYTE *blob, UINT64 capacity);
+void Trspi_UnloadBlob_UINT32(UINT64 *offset, UINT32 *out, BYTE *blob);
+TSS_RESULT Trspi_UnloadBlob_UINT32_s(UINT64 *offset, UINT32 *out, BYTE *blob, UINT64 capacity);
+void Trspi_UnloadBlob_UINT16(UINT64 *offset, UINT16 *out, BYTE *blob);
+TSS_RESULT Trspi_UnloadBlob_UINT16_s(UINT64 *offset, UINT16 *out, BYTE *blob, UINT64 capacity);
+TSS_RESULT Trspi_UnloadBlob_RSA_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_RSA_KEY_PARMS *parms);
+TSS_RESULT Trspi_UnloadBlob_RSA_KEY_PARMS_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_RSA_KEY_PARMS *parms);
+void Trspi_UnloadBlob_TSS_VERSION(UINT64 *offset, BYTE *blob, TSS_VERSION *out);
+void Trspi_UnloadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION *out);
+TSS_RESULT Trspi_UnloadBlob_PCR_INFO(UINT64 *offset, BYTE *blob, TCPA_PCR_INFO *pcr);
+TSS_RESULT Trspi_UnloadBlob_PCR_INFO_LONG(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_LONG *pcr);
+TSS_RESULT Trspi_UnloadBlob_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_SHORT *pcr);
+TSS_RESULT Trspi_UnloadBlob_PCR_INFO_SHORT_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_PCR_INFO_SHORT *pcr);
+TSS_RESULT Trspi_UnloadBlob_PCR_SELECTION(UINT64 *offset, BYTE *blob, TCPA_PCR_SELECTION *pcr);
+TSS_RESULT Trspi_UnloadBlob_PCR_SELECTION_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_PCR_SELECTION *pcr);
+TSS_RESULT Trspi_UnloadBlob_PCR_COMPOSITE(UINT64 *offset, BYTE *blob, TCPA_PCR_COMPOSITE *out);
+TSS_RESULT Trspi_UnloadBlob_STORED_DATA(UINT64 *offset, BYTE *blob, TCPA_STORED_DATA *data);
+void Trspi_UnloadBlob_KEY_FLAGS(UINT64 *offset, BYTE *blob, TCPA_KEY_FLAGS *flags);
+TSS_RESULT Trspi_UnloadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyParms);
+TSS_RESULT Trspi_UnloadBlob_KEY_PARMS_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_KEY_PARMS *keyParms);
+void Trspi_UnloadBlob_UUID(UINT64 *offset, BYTE *blob, TSS_UUID *uuid);
+TSS_RESULT Trspi_UnloadBlob_STORE_PUBKEY(UINT64 *, BYTE *, TCPA_STORE_PUBKEY *);
+TSS_RESULT Trspi_UnloadBlob_STORE_PUBKEY_s(UINT64 *, BYTE *, UINT64, TCPA_STORE_PUBKEY *);
+void Trspi_UnloadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest);
+TSS_RESULT Trspi_UnloadBlob_DIGEST_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DIGEST *digest);
+TSS_RESULT Trspi_UnloadBlob_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_PUBKEY *pubKey);
+TSS_RESULT Trspi_UnloadBlob_PUBKEY_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_PUBKEY *pubKey);
+TSS_RESULT Trspi_UnloadBlob_KEY(UINT64 *offset, BYTE *blob, TCPA_KEY *key);
+TSS_RESULT Trspi_UnloadBlob_KEY_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_KEY *key);
+TSS_RESULT Trspi_UnloadBlob_KEY12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key);
+TSS_RESULT Trspi_UnloadBlob_KEY12_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_KEY12 *key);
+TSS_RESULT Trspi_UnloadBlob_MIGRATIONKEYAUTH(UINT64 *offset, BYTE *blob, TPM_MIGRATIONKEYAUTH *migAuth);
+TSS_RESULT Trspi_UnloadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event);
+TSS_RESULT Trspi_UnloadBlob_KM_KEYINFO(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO *info);
+TSS_RESULT Trspi_UnloadBlob_KM_KEYINFO2(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO2 *info);
+TSS_RESULT Trspi_UnloadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key);
+TSS_RESULT Trspi_UnloadBlob_SYM_CA_ATTESTATION(UINT64 *offset, BYTE *blob, TCPA_SYM_CA_ATTESTATION *sym);
+TSS_RESULT Trspi_UnloadBlob_ASYM_CA_CONTENTS(UINT64 *offset, BYTE *blob, TCPA_ASYM_CA_CONTENTS *asym);
+TSS_RESULT Trspi_UnloadBlob_IDENTITY_REQ(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_REQ *req);
+TSS_RESULT Trspi_UnloadBlob_IDENTITY_PROOF(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_PROOF *proof);
+void Trspi_UnloadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr);
+void Trspi_UnloadBlob_CURRENT_TICKS(UINT64 *offset, BYTE *blob, TPM_CURRENT_TICKS *ticks);
+void Trspi_UnloadBlob_TRANSPORT_PUBLIC(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_PUBLIC *t);
+void Trspi_UnloadBlob_NONCE(UINT64 *offset, BYTE* blob, TPM_NONCE *n);
+TSS_RESULT Trspi_UnloadBlob_CERTIFY_INFO(UINT64 *offset, BYTE* blob, TPM_CERTIFY_INFO *c);
+void Trspi_UnloadBlob_TPM_FAMILY_LABEL(UINT64 *offset, BYTE *blob, TPM_FAMILY_LABEL *label);
+void Trspi_UnloadBlob_TPM_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TPM_FAMILY_TABLE_ENTRY *entry);
+void Trspi_UnloadBlob_TPM_DELEGATE_LABEL(UINT64 *offset, BYTE *blob, TPM_DELEGATE_LABEL *label);
+TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_LABEL_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATE_LABEL *label);
+void Trspi_UnloadBlob_TPM_DELEGATIONS(UINT64 *offset, BYTE *blob, TPM_DELEGATIONS *delegations);
+TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATIONS_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATIONS *delegations);
+TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(UINT64 *offset, BYTE *blob, TPM_DELEGATE_PUBLIC *pub);
+TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATE_PUBLIC *pub);
+TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_OWNER_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_OWNER_BLOB *owner);
+TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_OWNER_BLOB_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATE_OWNER_BLOB *owner);
+TSS_RESULT Trspi_UnloadBlob_TPM_DELEGATE_KEY_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_KEY_BLOB *key);
+void Trspi_UnloadBlob_TSS_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_FAMILY_TABLE_ENTRY *entry);
+TSS_RESULT Trspi_UnloadBlob_TSS_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TSS_PCR_INFO_SHORT *pcr);
+TSS_RESULT Trspi_UnloadBlob_TSS_DELEGATION_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_DELEGATION_TABLE_ENTRY *entry);
+TSS_RESULT Trspi_UnloadBlob_TSS_PLATFORM_CLASS(UINT64 *offset, BYTE *blob, TSS_PLATFORM_CLASS *platClass);
+TSS_RESULT Trspi_UnloadBlob_CAP_VERSION_INFO(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v);
+TSS_RESULT Trspi_UnloadBlob_CAP_VERSION_INFO_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_CAP_VERSION_INFO *v);
+TSS_RESULT Trspi_UnloadBlob_NV_INDEX(UINT64 *offset, BYTE *blob, TPM_NV_INDEX *v);
+TSS_RESULT Trspi_UnloadBlob_NV_INDEX_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_NV_INDEX *v);
+TSS_RESULT Trspi_UnloadBlob_NV_ATTRIBUTES(UINT64 *offset, BYTE *blob, TPM_NV_ATTRIBUTES *v);
+TSS_RESULT Trspi_UnloadBlob_NV_ATTRIBUTES_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_NV_ATTRIBUTES *v);
+TSS_RESULT Trspi_UnloadBlob_NV_DATA_PUBLIC(UINT64 *offset, BYTE *blob, TPM_NV_DATA_PUBLIC *v);
+TSS_RESULT Trspi_UnloadBlob_NV_DATA_PUBLIC_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_NV_DATA_PUBLIC *v);
+TSS_RESULT Trspi_UnloadBlob_DA_INFO(UINT64 *offset, BYTE *blob, TPM_DA_INFO *info);
+TSS_RESULT Trspi_UnloadBlob_DA_INFO_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DA_INFO *info);
+
+/* Blob loading functions */
+void Trspi_LoadBlob_BOUND_DATA(UINT64 *, TCPA_BOUND_DATA, UINT32, BYTE *);
+void Trspi_LoadBlob_CHANGEAUTH_VALIDATE(UINT64 *, BYTE *, TPM_CHANGEAUTH_VALIDATE *);
+void Trspi_LoadBlob(UINT64 *offset, size_t size, BYTE *to, BYTE *from);
+void Trspi_LoadBlob_UINT32(UINT64 *offset, UINT32 in, BYTE *blob);
+void Trspi_LoadBlob_UINT16(UINT64 *offset, UINT16 in, BYTE *blob);
+void Trspi_LoadBlob_BYTE(UINT64 *offset, BYTE data, BYTE *blob);
+void Trspi_LoadBlob_BOOL(UINT64 *offset, TSS_BOOL data, BYTE *blob);
+void Trspi_LoadBlob_RSA_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_RSA_KEY_PARMS *parms);
+void Trspi_LoadBlob_TSS_VERSION(UINT64 *offset, BYTE *blob, TSS_VERSION version);
+void Trspi_LoadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION version);
+void Trspi_LoadBlob_PCR_INFO(UINT64 *offset, BYTE *blob, TCPA_PCR_INFO *pcr);
+void Trspi_LoadBlob_PCR_INFO_LONG(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_LONG *pcr);
+void Trspi_LoadBlob_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_SHORT *pcr);
+void Trspi_LoadBlob_PCR_SELECTION(UINT64 *offset, BYTE *blob, TCPA_PCR_SELECTION *pcr);
+void Trspi_LoadBlob_STORED_DATA(UINT64 *offset, BYTE *blob, TCPA_STORED_DATA *data);
+void Trspi_LoadBlob_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_PUBKEY *pubKey);
+void Trspi_LoadBlob_KEY(UINT64 *offset, BYTE *blob, TCPA_KEY *key);
+void Trspi_LoadBlob_KEY12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key);
+void Trspi_LoadBlob_KEY_FLAGS(UINT64 *offset, BYTE *blob, TCPA_KEY_FLAGS *flags);
+void Trspi_LoadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyInfo);
+void Trspi_LoadBlob_STORE_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_STORE_PUBKEY *store);
+void Trspi_LoadBlob_UUID(UINT64 *offset, BYTE *blob, TSS_UUID uuid);
+void Trspi_LoadBlob_CERTIFY_INFO(UINT64 *offset, BYTE *blob, TCPA_CERTIFY_INFO *certify);
+void Trspi_LoadBlob_STORE_ASYMKEY(UINT64 *offset, BYTE *blob, TCPA_STORE_ASYMKEY *store);
+void Trspi_LoadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event);
+void Trspi_LoadBlob_PRIVKEY_DIGEST(UINT64 *offset, BYTE *blob, TCPA_KEY *key);
+void Trspi_LoadBlob_PRIVKEY_DIGEST12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key);
+void Trspi_LoadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key);
+void Trspi_LoadBlob_SYM_CA_ATTESTATION(UINT64 *offset, BYTE *blob, TCPA_SYM_CA_ATTESTATION *sym);
+void Trspi_LoadBlob_ASYM_CA_CONTENTS(UINT64 *offset, BYTE *blob, TCPA_ASYM_CA_CONTENTS *asym);
+void Trspi_LoadBlob_IDENTITY_REQ(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_REQ *req);
+void Trspi_LoadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr);
+void Trspi_LoadBlob_TRANSPORT_PUBLIC(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_PUBLIC *t);
+void Trspi_LoadBlob_TRANSPORT_AUTH(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_AUTH *t);
+void Trspi_LoadBlob_SIGN_INFO(UINT64 *offset, BYTE *blob, TPM_SIGN_INFO *s);
+void Trspi_LoadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest);
+void Trspi_LoadBlob_NONCE(UINT64 *offset, BYTE *blob, TPM_NONCE *n);
+void Trspi_LoadBlob_TPM_FAMILY_LABEL(UINT64 *offset, BYTE *blob, TPM_FAMILY_LABEL *label);
+void Trspi_LoadBlob_TPM_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TPM_FAMILY_TABLE_ENTRY *entry);
+void Trspi_LoadBlob_TPM_DELEGATE_LABEL(UINT64 *offset, BYTE *blob, TPM_DELEGATE_LABEL *label);
+void Trspi_LoadBlob_TPM_DELEGATIONS(UINT64 *offset, BYTE *blob, TPM_DELEGATIONS *delegations);
+void Trspi_LoadBlob_TPM_DELEGATE_PUBLIC(UINT64 *offset, BYTE *blob, TPM_DELEGATE_PUBLIC *pub);
+void Trspi_LoadBlob_TPM_DELEGATE_OWNER_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_OWNER_BLOB *owner);
+void Trspi_LoadBlob_TPM_DELEGATE_KEY_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_KEY_BLOB *key);
+void Trspi_LoadBlob_TSS_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_FAMILY_TABLE_ENTRY *entry);
+void Trspi_LoadBlob_TSS_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TSS_PCR_INFO_SHORT *pcr);
+void Trspi_LoadBlob_TSS_DELEGATION_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_DELEGATION_TABLE_ENTRY *entry);
+void Trspi_LoadBlob_MIGRATIONKEYAUTH(UINT64 *offset, BYTE *blob, TPM_MIGRATIONKEYAUTH *migAuth);
+void Trspi_LoadBlob_MSA_COMPOSITE(UINT64 *offset, BYTE *blob, TPM_MSA_COMPOSITE *msaComp);
+void Trspi_LoadBlob_CMK_AUTH(UINT64 *offset, BYTE *blob, TPM_CMK_AUTH *cmkAuth);
+void Trspi_LoadBlob_CAP_VERSION_INFO(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v);
+
+/* Cryptographic Functions */
+
+/* Hash @BufSize bytes at location @Buf using the algorithm @HashType. Currently only
+ * TSS_HASH_SHA1 is a suported type, so 20 bytes will be written to @Digest */
+TSS_RESULT Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE *Buf, BYTE *Digest);
+
+typedef struct _Trspi_HashCtx {
+ void *ctx;
+} Trspi_HashCtx;
+
+TSS_RESULT Trspi_HashInit(Trspi_HashCtx *c, UINT32 type);
+TSS_RESULT Trspi_HashUpdate(Trspi_HashCtx *c, UINT32 size, BYTE *data);
+TSS_RESULT Trspi_HashFinal(Trspi_HashCtx *c, BYTE *out_digest);
+
+/* Functions to support incremental hashing */
+TSS_RESULT Trspi_Hash_UINT16(Trspi_HashCtx *c, UINT16 i);
+TSS_RESULT Trspi_Hash_UINT32(Trspi_HashCtx *c, UINT32 i);
+TSS_RESULT Trspi_Hash_UINT64(Trspi_HashCtx *c, UINT64 i);
+TSS_RESULT Trspi_Hash_DAA_PK(Trspi_HashCtx *c, TSS_DAA_PK *pk);
+TSS_RESULT Trspi_Hash_PUBKEY(Trspi_HashCtx *c, TCPA_PUBKEY *pubKey);
+TSS_RESULT Trspi_Hash_BYTE(Trspi_HashCtx *c, BYTE data);
+TSS_RESULT Trspi_Hash_BOOL(Trspi_HashCtx *c, TSS_BOOL data);
+TSS_RESULT Trspi_Hash_RSA_KEY_PARMS(Trspi_HashCtx *c, TCPA_RSA_KEY_PARMS *parms);
+TSS_RESULT Trspi_Hash_VERSION(Trspi_HashCtx *c, TSS_VERSION *version);
+TSS_RESULT Trspi_Hash_STORED_DATA(Trspi_HashCtx *c, TCPA_STORED_DATA *data);
+TSS_RESULT Trspi_Hash_PCR_SELECTION(Trspi_HashCtx *c, TCPA_PCR_SELECTION *pcr);
+TSS_RESULT Trspi_Hash_KEY(Trspi_HashCtx *c, TCPA_KEY *key);
+TSS_RESULT Trspi_Hash_KEY12(Trspi_HashCtx *c, TPM_KEY12 *key);
+TSS_RESULT Trspi_Hash_KEY_FLAGS(Trspi_HashCtx *c, TCPA_KEY_FLAGS *flags);
+TSS_RESULT Trspi_Hash_KEY_PARMS(Trspi_HashCtx *c, TCPA_KEY_PARMS *keyInfo);
+TSS_RESULT Trspi_Hash_STORE_PUBKEY(Trspi_HashCtx *c, TCPA_STORE_PUBKEY *store);
+TSS_RESULT Trspi_Hash_UUID(Trspi_HashCtx *c, TSS_UUID uuid);
+TSS_RESULT Trspi_Hash_PCR_EVENT(Trspi_HashCtx *c, TSS_PCR_EVENT *event);
+TSS_RESULT Trspi_Hash_PRIVKEY_DIGEST(Trspi_HashCtx *c, TCPA_KEY *key);
+TSS_RESULT Trspi_Hash_PRIVKEY_DIGEST12(Trspi_HashCtx *c, TPM_KEY12 *key);
+TSS_RESULT Trspi_Hash_SYMMETRIC_KEY(Trspi_HashCtx *c, TCPA_SYMMETRIC_KEY *key);
+TSS_RESULT Trspi_Hash_IDENTITY_REQ(Trspi_HashCtx *c, TCPA_IDENTITY_REQ *req);
+TSS_RESULT Trspi_Hash_CHANGEAUTH_VALIDATE(Trspi_HashCtx *c, TPM_CHANGEAUTH_VALIDATE *caValidate);
+TSS_RESULT Trspi_Hash_SYM_CA_ATTESTATION(Trspi_HashCtx *c, TCPA_SYM_CA_ATTESTATION *sym);
+TSS_RESULT Trspi_Hash_ASYM_CA_CONTENTS(Trspi_HashCtx *c, TCPA_ASYM_CA_CONTENTS *asym);
+TSS_RESULT Trspi_Hash_BOUND_DATA(Trspi_HashCtx *c, TCPA_BOUND_DATA *bd, UINT32 payloadLength);
+TSS_RESULT Trspi_Hash_TRANSPORT_AUTH(Trspi_HashCtx *c, TPM_TRANSPORT_AUTH *a);
+TSS_RESULT Trspi_Hash_TRANSPORT_LOG_IN(Trspi_HashCtx *c, TPM_TRANSPORT_LOG_IN *l);
+TSS_RESULT Trspi_Hash_TRANSPORT_LOG_OUT(Trspi_HashCtx *c, TPM_TRANSPORT_LOG_OUT *l);
+TSS_RESULT Trspi_Hash_CURRENT_TICKS(Trspi_HashCtx *c, TPM_CURRENT_TICKS *t);
+TSS_RESULT Trspi_Hash_SIGN_INFO(Trspi_HashCtx *c, TPM_SIGN_INFO *s);
+TSS_RESULT Trspi_Hash_MSA_COMPOSITE(Trspi_HashCtx *c, TPM_MSA_COMPOSITE *m);
+#define Trspi_Hash_DIGEST(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d)
+#define Trspi_Hash_NONCE(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d)
+#define Trspi_Hash_ENCAUTH(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d)
+#define Trspi_Hash_HMAC(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d)
+#define Trspi_Hash_SECRET(c, d) Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, d)
+
+
+UINT32 Trspi_HMAC(UINT32 HashType, UINT32 SecretSize, BYTE*Secret, UINT32 BufSize, BYTE*Buf, BYTE*hmacOut);
+
+/* RSA encrypt @dataToEncryptLen bytes at location @dataToEncrypt using public key
+ * @publicKey of size @keysize. This data will be encrypted using OAEP padding in
+ * the openssl library using the OAEP padding parameter "TCPA". This will allow
+ * data encrypted with this function to be decrypted by a TPM using non-legacy keys */
+int Trspi_RSA_Encrypt(unsigned char *dataToEncrypt,
+ unsigned int dataToEncryptLen,
+ unsigned char *encryptedData,
+ unsigned int *encryptedDataLen,
+ unsigned char *publicKey,
+ unsigned int keysize);
+
+TSS_RESULT Trspi_Verify(UINT32 HashType, BYTE *pHash, UINT32 iHashLength,
+ unsigned char *pModulus, int iKeyLength,
+ BYTE *pSignature, UINT32 sig_len);
+
+int Trspi_RSA_Public_Encrypt(unsigned char *in, unsigned int inlen,
+ unsigned char *out, unsigned int *outlen,
+ unsigned char *pubkey, unsigned int pubsize,
+ unsigned int e, int padding);
+
+#define TR_RSA_PKCS1_PADDING 1
+#define TR_RSA_PKCS1_OAEP_PADDING 2
+#define TR_RSA_NO_PADDING 3
+
+#define Trspi_RSA_PKCS15_Encrypt(in,inlen,out,outlen,pubKey,pubSize) \
+ Trspi_RSA_Public_Encrypt(in,inlen,out,outlen,pubKey,pubSize,65537,TR_RSA_PKCS1_PADDING)
+
+#define Trspi_RSA_OAEP_Encrypt(in,inlen,out,outlen,pubKey,pubSize) \
+ Trspi_RSA_Public_Encrypt(in,inlen,out,outlen,pubKey,pubSize,65537, \
+ TR_RSA_PKCS1_OAEP_PADDING)
+
+#define Trspi_TPM_RSA_OAEP_Encrypt(in,inlen,out,outlen,pubKey,pubSize) \
+ Trspi_RSA_Encrypt(in,inlen,out,outlen,pubKey,pubSize)
+
+/* Symmetric Encryption */
+
+TSS_RESULT Trspi_Encrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len,
+ BYTE *out, UINT32 *out_len);
+TSS_RESULT Trspi_Decrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len,
+ BYTE *out, UINT32 *out_len);
+
+#define TR_SYM_MODE_ECB 1
+#define TR_SYM_MODE_CBC 2
+#define TR_SYM_MODE_CTR 3
+#define TR_SYM_MODE_OFB 4
+
+TSS_RESULT Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 in_len,
+ BYTE *out, UINT32 *out_len);
+TSS_RESULT Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 in_len,
+ BYTE *out, UINT32 *out_len);
+
+TSS_RESULT Trspi_MGF1(UINT32 alg, UINT32 seedLen, BYTE *seed, UINT32 outLen, BYTE *out);
+
+/* String Functions */
+
+/* Below UNICODE is in reference to the TSS type of that name, which is
+ * actually UTF-16. */
+
+/* Convert @string to a UNICODE string. On error, NULL is returned. If len
+ * is non-NULL, *len will be set to the size of the returned buffer. */
+BYTE *Trspi_Native_To_UNICODE(BYTE *string, unsigned *len);
+
+/* convert UNICODE @string to a string from the current codeset. If len
+ * is non-NULL, *len will be set to the size of the returned buffer. */
+BYTE *Trspi_UNICODE_To_Native(BYTE *string, unsigned *len);
+
+/* Error Functions */
+
+/* return a human readable string based on the result */
+char *Trspi_Error_String(TSS_RESULT);
+
+/* return a human readable error layer ( "tpm", "tddl", etc...) */
+char *Trspi_Error_Layer(TSS_RESULT);
+
+/* return just the error code bits of the result */
+TSS_RESULT Trspi_Error_Code(TSS_RESULT);
+
+#ifdef __cplusplus
+}
+#endif
+
+/* masks */
+#define TSS_KEY_SIZE_MASK 0x00000F00
+#define TSS_KEY_TYPE_MASK 0x000000F0
+#define TSS_ENCDATA_TYPE_MASK 0x0000000F
+
+/* These should be passed an TSS_FLAG parameter as to
+ * Tspi_Context_CreateObject
+ */
+#define TSS_KEY_SIZE(x) (x & TSS_KEY_SIZE_MASK)
+#define TSS_KEY_TYPE(x) (x & TSS_KEY_TYPE_MASK)
+#define TSS_ENCDATA_TYPE(x) (x & TSS_ENCDATA_TYPE_MASK)
+
+#define TSS_LOCALITY_ALL (TPM_LOC_ZERO|TPM_LOC_ONE|TPM_LOC_TWO|TPM_LOC_THREE|TPM_LOC_FOUR)
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/tss.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/tss.h
new file mode 100644
index 0000000..d0897af
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers/tss.h
@@ -0,0 +1,33 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#ifndef _TSS_H_
+#define _TSS_H_
+
+#include <stdlib.h>
+
+#include <tss/platform.h>
+#include <tss/tss_error_basics.h>
+#include <tss/tddl_error.h>
+#include <tss/tcs_typedef.h>
+#include <tss/tss_typedef.h>
+#include <tss/tss_structs.h>
+#include <tss/tcs_structs.h>
+#include <tss/tcs_error.h>
+#include <tss/tcs.h>
+#include <tss/tss_error.h>
+
+#include <tss/tddlapi_error.h>
+#include <tss/tcs_defines.h>
+#include <tss/tss_defines.h>
+#include <tss/tddli.h>
+#include <tss/tspi.h>
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers_types.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers_types.h
new file mode 100644
index 0000000..bcbc170
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/trousers_types.h
@@ -0,0 +1,132 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2005, 2007
+ *
+ */
+
+#ifndef _TROUSERS_TYPES_H_
+#define _TROUSERS_TYPES_H_
+
+#define TCPA_NONCE_SIZE sizeof(TCPA_NONCE)
+#define TCPA_DIGEST_SIZE sizeof(TCPA_DIGEST)
+#define TCPA_ENCAUTH_SIZE sizeof(TCPA_ENCAUTH)
+#define TCPA_DIRVALUE_SIZE sizeof(TCPA_DIRVALUE)
+#define TCPA_AUTHDATA_SIZE sizeof(TCPA_AUTHDATA)
+#define TPM_NONCE_SIZE TCPA_NONCE_SIZE
+#define TPM_DIGEST_SIZE TCPA_DIGEST_SIZE
+#define TPM_ENCAUTH_SIZE TCPA_ENCAUTH_SIZE
+#define TPM_DIRVALUE_SIZE TCPA_DIRVALUE_SIZE
+#define TPM_AUTHDATA_SIZE TCPA_AUTHDATA_SIZE
+
+#define TSS_FLAG_MIGRATABLE (migratable)
+#define TSS_FLAG_VOLATILE (volatileKey)
+#define TSS_FLAG_REDIRECTION (redirection)
+
+/* return codes */
+#define TCPA_E_INAPPROPRIATE_ENC TCPA_E_NEED_SELFTEST
+
+#define TSS_ERROR_LAYER(x) (x & 0x3000)
+#define TSS_ERROR_CODE(x) (x & TSS_MAX_ERROR)
+
+#ifdef TSS_DEBUG
+#define TSPERR(x) LogTSPERR(x, __FILE__, __LINE__)
+#define TCSERR(x) LogTCSERR(x, __FILE__, __LINE__)
+#define TDDLERR(x) LogTDDLERR(x, __FILE__, __LINE__)
+#elif defined (TSS_TRACE)
+#define TSPERR(x) LogTSPERR(x, __FILE__, __LINE__)
+#define TCSERR(x) LogTCSERR(x, __FILE__, __LINE__)
+#define TDDLERR(x) LogTDDLERR(x, __FILE__, __LINE__)
+#else
+#define TSPERR(x) (x | TSS_LAYER_TSP)
+#define TCSERR(x) (x | TSS_LAYER_TCS)
+#define TDDLERR(x) (x | TSS_LAYER_TDDL)
+#endif
+
+extern TSS_UUID NULL_UUID;
+extern TSS_UUID SRK_UUID;
+
+#define NULL_HOBJECT 0
+#define NULL_HCONTEXT NULL_HOBJECT
+#define NULL_HPCRS NULL_HOBJECT
+#define NULL_HENCDATA NULL_HOBJECT
+#define NULL_HKEY NULL_HOBJECT
+#define NULL_HTPM NULL_HOBJECT
+#define NULL_HHASH NULL_HOBJECT
+#define NULL_HPOLICY NULL_HOBJECT
+#define NULL_HDELFAMILY NULL_HOBJECT
+#define NULL_HMIGDATA NULL_HOBJECT
+
+#define TSS_OBJECT_TYPE_CONTEXT (0x0e)
+#define TSS_OBJECT_TYPE_TPM (0x0f)
+
+#define TSS_PS_TYPE_NO (0)
+
+/* Derived Types */
+#define TSS_MIGRATION_SCHEME TSS_MIGRATE_SCHEME
+
+// The TPM's non-volatile flags (TPM_PERMANENT_FLAGS)
+#define TSS_TPM_PF_DISABLE_BIT (1 << (TPM_PF_DISABLE - 1))
+#define TSS_TPM_PF_OWNERSHIP_BIT (1 << (TPM_PF_OWNERSHIP - 1))
+#define TSS_TPM_PF_DEACTIVATED_BIT (1 << (TPM_PF_DEACTIVATED - 1))
+#define TSS_TPM_PF_READPUBEK_BIT (1 << (TPM_PF_READPUBEK - 1))
+#define TSS_TPM_PF_DISABLEOWNERCLEAR_BIT (1 << (TPM_PF_DISABLEOWNERCLEAR - 1))
+#define TSS_TPM_PF_ALLOWMAINTENANCE_BIT (1 << (TPM_PF_ALLOWMAINTENANCE - 1))
+#define TSS_TPM_PF_PHYSICALPRESENCELIFETIMELOCK_BIT (1 << (TPM_PF_PHYSICALPRESENCELIFETIMELOCK - 1))
+#define TSS_TPM_PF_PHYSICALPRESENCEHWENABLE_BIT (1 << (TPM_PF_PHYSICALPRESENCEHWENABLE - 1))
+#define TSS_TPM_PF_PHYSICALPRESENCECMDENABLE_BIT (1 << (TPM_PF_PHYSICALPRESENCECMDENABLE - 1))
+#define TSS_TPM_PF_CEKPUSED_BIT (1 << (TPM_PF_CEKPUSED - 1))
+#define TSS_TPM_PF_TPMPOST_BIT (1 << (TPM_PF_TPMPOST - 1))
+#define TSS_TPM_PF_TPMPOSTLOCK_BIT (1 << (TPM_PF_TPMPOSTLOCK - 1))
+#define TSS_TPM_PF_FIPS_BIT (1 << (TPM_PF_FIPS - 1))
+#define TSS_TPM_PF_OPERATOR_BIT (1 << (TPM_PF_OPERATOR - 1))
+#define TSS_TPM_PF_ENABLEREVOKEEK_BIT (1 << (TPM_PF_ENABLEREVOKEEK - 1))
+#define TSS_TPM_PF_NV_LOCKED_BIT (1 << (TPM_PF_NV_LOCKED - 1))
+#define TSS_TPM_PF_READSRKPUB_BIT (1 << (TPM_PF_READSRKPUB - 1))
+#define TSS_TPM_PF_RESETESTABLISHMENTBIT_BIT (1 << (TPM_PF_RESETESTABLISHMENTBIT - 1))
+#define TSS_TPM_PF_MAINTENANCEDONE_BIT (1 << (TPM_PF_MAINTENANCEDONE - 1))
+
+// The TPM's volatile flags (TPM_STCLEAR_FLAGS)
+#define TSS_TPM_SF_DEACTIVATED_BIT (1 << (TPM_SF_DEACTIVATED - 1))
+#define TSS_TPM_SF_DISABLEFORCECLEAR_BIT (1 << (TPM_SF_DISABLEFORCECLEAR - 1))
+#define TSS_TPM_SF_PHYSICALPRESENCE_BIT (1 << (TPM_SF_PHYSICALPRESENCE - 1))
+#define TSS_TPM_SF_PHYSICALPRESENCELOCK_BIT (1 << (TPM_SF_PHYSICALPRESENCELOCK - 1))
+#define TSS_TPM_SF_GLOBALLOCK_BIT (1 << (TPM_SF_GLOBALLOCK - 1))
+
+// Trousers key formats to ease use of the different TPM_KEY structs
+typedef struct tdTSS_KEY11_HDR {
+ TPM_STRUCT_VER ver;
+} TSS_KEY11_HDR;
+
+typedef struct tdTSS_KEY12_HDR {
+ TPM_STRUCTURE_TAG tag;
+ UINT16 fill;
+} __attribute__((packed)) TSS_KEY12_HDR;
+
+typedef struct tdTSS_KEY {
+ union {
+ TSS_KEY11_HDR key11;
+ TSS_KEY12_HDR key12;
+ } hdr;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ UINT32 PCRInfoSize;
+ BYTE *PCRInfo;
+ TPM_STORE_PUBKEY pubKey;
+ UINT32 encSize;
+ BYTE *encData;
+} TSS_KEY;
+
+#if (defined (__linux) || defined (linux) || defined (SOLARIS) || defined (__GLIBC__))
+#define BSD_CONST
+#elif (defined (__OpenBSD__) || defined (__FreeBSD__))
+#define BSD_CONST const
+#endif
+
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_audit.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_audit.h
new file mode 100644
index 0000000..71bf8c4
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_audit.h
@@ -0,0 +1,16 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#ifndef _TSP_AUDIT_H_
+#define _TSP_AUDIT_H_
+
+TSS_RESULT __tspi_audit_set_ordinal_audit_status(TSS_HTPM, TSS_FLAG, TSS_FLAG, UINT32);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_delegate.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_delegate.h
new file mode 100644
index 0000000..ce93d2d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_delegate.h
@@ -0,0 +1,23 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#ifndef _TSP_DELEGATE_H_
+#define _TSP_DELEGATE_H_
+
+TSS_RESULT do_delegate_manage(TSS_HTPM hTpm, UINT32 familyID, UINT32 opFlag,
+ UINT32 opDataSize, BYTE *opData, UINT32 *outDataSize, BYTE **outData);
+TSS_RESULT create_key_delegation(TSS_HKEY, BYTE, UINT32, TSS_HPCRS, TSS_HDELFAMILY, TSS_HPOLICY);
+TSS_RESULT create_owner_delegation(TSS_HTPM, BYTE, UINT32, TSS_HPCRS, TSS_HDELFAMILY, TSS_HPOLICY);
+
+TSS_RESULT update_delfamily_object(TSS_HTPM, UINT32);
+TSS_RESULT get_delegate_index(TSS_HCONTEXT, UINT32, TPM_DELEGATE_PUBLIC *);
+TSS_RESULT __tspi_build_delegate_public_info(BYTE, TSS_HPCRS, TSS_HDELFAMILY, TSS_HPOLICY, UINT32 *, BYTE **);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_seal.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_seal.h
new file mode 100644
index 0000000..05956c1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_seal.h
@@ -0,0 +1,16 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#ifndef _TSP_SEAL_H_
+#define _TSP_SEAL_H_
+
+TSS_RESULT sealx_mask_cb(UINT32, BYTE *, UINT32, BYTE *, BYTE *, UINT32, BYTE *, BYTE *);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_tcsi_param.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_tcsi_param.h
new file mode 100644
index 0000000..bc000d4
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsp_tcsi_param.h
@@ -0,0 +1,27 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007, 2013
+ *
+ */
+
+/* Defines which environment var is responsible for setting the port to
+ * which the client will connect */
+#define PORT_ENV_VAR "TSS_TCSD_PORT"
+
+/* Defines which envionment var is responsible for setting the hostname to
+ * which the client will connect */
+#define HOSTNAME_ENV_VAR "TSS_TCSD_HOSTNAME"
+
+#define TCP_PORT_STR_MAX_LEN 6
+
+/* Prototypes for functions which retrieve tcsd hostname and port
+ * information */
+TSS_RESULT
+get_tcsd_port(char port_str[TCP_PORT_STR_MAX_LEN]);
+
+TSS_RESULT
+get_tcsd_hostname(char **host_str, unsigned *len);
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsplog.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsplog.h
new file mode 100644
index 0000000..2b636d0
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tsplog.h
@@ -0,0 +1,64 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#ifndef _TSPLOG_H_
+#define _TSPLOG_H_
+
+#include <stdio.h>
+#include <syslog.h>
+#include <stdlib.h>
+
+/* Debug logging */
+#ifdef TSS_DEBUG
+/* log to stdout */
+#define LogMessage(dest, priority, layer, fmt, ...) \
+ do { \
+ if (getenv("TSS_DEBUG_OFF") == NULL) { \
+ fprintf(dest, "%s %s %s:%d " fmt "\n", priority, layer, __FILE__, __LINE__, ## __VA_ARGS__); \
+ } \
+ } while (0)
+
+#define LogDebug(fmt, ...) LogMessage(stdout, "LOG_DEBUG", APPID, fmt, ##__VA_ARGS__)
+#define LogDebugFn(fmt, ...) LogMessage(stdout, "LOG_DEBUG", APPID, "%s: " fmt, __FUNCTION__, ##__VA_ARGS__)
+#define LogDebugData(sz,blb) LogBlobData(APPID, sz, blb)
+
+/* Error logging */
+#define LogError(fmt, ...) LogMessage(stderr, "LOG_ERR", APPID, "ERROR: " fmt, ##__VA_ARGS__)
+/* Warn logging */
+#define LogWarn(fmt, ...) LogMessage(stdout, "LOG_WARNING", APPID, "WARNING: " fmt, ##__VA_ARGS__)
+/* Info Logging */
+#define LogInfo(fmt, ...) LogMessage(stdout, "LOG_INFO", APPID, fmt, ##__VA_ARGS__)
+#define LogTrace()
+/* Return Value logging */
+extern TSS_RESULT LogTSPERR(TSS_RESULT, char *, int);
+#elif defined (TSS_TRACE)
+#include <syslog.h>
+#define LogDebug(fmt, ...)
+#define LogDebugFn(fmt, ...)
+#define LogDebugData(sz,blb)
+#define LogError(fmt, ...) syslog(LOG_ERR, "TSS: " fmt, ##__VA_ARGS__)
+#define LogWarn(fmt, ...) syslog(LOG_WARNING, "TSS: " fmt, ##__VA_ARGS__)
+#define LogInfo(fmt, ...) syslog(LOG_INFO, "TSS: " fmt, ##__VA_ARGS__)
+#define LogTrace() syslog(LOG_INFO, "TSS: %s", __FUNCTION__)
+extern TSS_RESULT LogTSPERR(TSS_RESULT, char *, int);
+#else
+#define LogDebug(fmt, ...)
+#define LogDebugFn(fmt, ...)
+#define LogDebugData(sz,blb)
+#define LogError(fmt, ...) syslog(LOG_ERR, "TSS: " fmt, ##__VA_ARGS__)
+#define LogWarn(fmt, ...) syslog(LOG_WARNING, "TSS: " fmt, ##__VA_ARGS__)
+#define LogInfo(fmt, ...) syslog(LOG_INFO, "TSS: " fmt, ##__VA_ARGS__)
+#define LogTrace()
+#endif
+
+void LogBlobData(char *appid, unsigned long sizeOfBlob, unsigned char *blob);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tspps.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tspps.h
new file mode 100644
index 0000000..00bcfae
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tspps.h
@@ -0,0 +1,59 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifndef _TSPPS_H_
+#define _TSPPS_H_
+
+#define PASSWD_BUFSIZE 4096
+
+#define TSS_USER_PS_DIR ".trousers"
+#define TSS_USER_PS_FILE "user.data"
+
+TSS_RESULT get_file(int *);
+int put_file(int);
+TSS_RESULT read_data(int, void *, UINT32);
+TSS_RESULT write_data(int, void *, UINT32);
+UINT32 psfile_get_num_keys(int);
+TSS_RESULT psfile_get_parent_uuid_by_uuid(int, TSS_UUID *, TSS_UUID *);
+TSS_RESULT psfile_remove_key_by_uuid(int, TSS_UUID *);
+TSS_RESULT psfile_get_key_by_uuid(int, TSS_UUID *, BYTE *);
+TSS_RESULT psfile_get_ps_type_by_uuid(int, TSS_UUID *, UINT32 *);
+TSS_RESULT psfile_is_pub_registered(int, TCPA_STORE_PUBKEY *, TSS_BOOL *);
+TSS_RESULT psfile_is_key_registered(int, TSS_UUID *, TSS_BOOL *);
+TSS_RESULT psfile_get_uuid_by_pub(int, UINT32, BYTE *, TSS_UUID *);
+TSS_RESULT psfile_write_key(int, TSS_UUID *, TSS_UUID *, UINT32, BYTE *, UINT16);
+TSS_RESULT psfile_get_key_by_pub(int, TSS_UUID *, UINT32, BYTE *, BYTE *);
+TSS_RESULT psfile_get_registered_keys(int, TSS_UUID *, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO **);
+TSS_RESULT psfile_get_registered_keys2(int, TSS_UUID *, TSS_UUID *, UINT32 *, TSS_KM_KEYINFO2 **);
+TSS_RESULT psfile_remove_key(int, TSS_UUID *);
+TSS_RESULT psfile_get_parent_ps_type(int, TSS_UUID *, UINT32 *);
+TSS_RESULT psfile_get_cache_entry_by_uuid(int, TSS_UUID *, struct key_disk_cache *);
+TSS_RESULT psfile_get_cache_entry_by_pub(int, UINT32, BYTE *, struct key_disk_cache *);
+void psfile_close(int);
+
+TSS_RESULT ps_remove_key(TSS_UUID *);
+TSS_RESULT ps_write_key(TSS_UUID *, TSS_UUID *, UINT32, UINT32, BYTE *);
+TSS_RESULT ps_get_key_by_uuid(TSS_HCONTEXT, TSS_UUID *, TSS_HKEY *);
+TSS_RESULT ps_init_disk_cache();
+TSS_RESULT ps_close();
+TSS_RESULT ps_get_key_by_pub(TSS_HCONTEXT, UINT32, BYTE *, TSS_HKEY *);
+TSS_RESULT ps_get_parent_uuid_by_uuid(TSS_UUID *, TSS_UUID *);
+TSS_RESULT ps_get_parent_ps_type_by_uuid(TSS_UUID *, UINT32 *);
+TSS_RESULT ps_is_key_registered(TSS_UUID *, TSS_BOOL *);
+TSS_RESULT ps_get_registered_keys(TSS_UUID *uuid, TSS_UUID *, UINT32 *size, TSS_KM_KEYINFO **);
+TSS_RESULT ps_get_registered_keys2(TSS_UUID *uuid, TSS_UUID *, UINT32 *size, TSS_KM_KEYINFO2 **);
+
+#ifdef TSS_BUILD_PS
+#define PS_close() ps_close()
+#else
+#define PS_close()
+#endif
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/compat11b.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/compat11b.h
new file mode 100644
index 0000000..28c7304
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/compat11b.h
@@ -0,0 +1,200 @@
+
+#ifndef __COMPAT11B_H__
+#define __COMPAT11B_H__
+
+#include <tss/tpm.h>
+
+#define TCPA_Vendor_Specific32 TPM_Vendor_Specific32
+#define TCPA_Vendor_Specific8 TPM_Vendor_Specific8
+
+typedef TSS_UNICODE UNICODE;
+typedef TPM_DIGEST TCPA_DIGEST;
+typedef TPM_NONCE TCPA_NONCE;
+typedef TPM_NONCE TCPA_SALT_NONCE;
+typedef TPM_PUBKEY TCPA_PUBKEY;
+typedef TPM_SECRET TCPA_SECRET;
+typedef TPM_KEY TCPA_KEY;
+typedef TPM_DIRVALUE TCPA_DIRVALUE;
+typedef TPM_COMMAND_CODE TCPA_COMMAND_CODE;
+typedef TPM_BOUND_DATA TCPA_BOUND_DATA;
+typedef TPM_STRUCT_VER TCPA_VERSION;
+typedef TPM_RESULT TCPA_RESULT;
+typedef TPM_PAYLOAD_TYPE TCPA_PAYLOAD_TYPE;
+typedef TPM_STORE_PRIVKEY TCPA_STORE_PRIVKEY;
+typedef TPM_CHOSENID_HASH TCPA_CHOSENID_HASH;
+typedef TPM_SYMMETRIC_KEY TCPA_SYMMETRIC_KEY;
+typedef TPM_PCR_INFO TCPA_PCR_INFO;
+typedef TPM_PCR_SELECTION TCPA_PCR_SELECTION;
+typedef TPM_STORED_DATA TCPA_STORED_DATA;
+typedef TPM_SEALED_DATA TCPA_SEALED_DATA;
+typedef TPM_KEY_FLAGS TCPA_KEY_FLAGS;
+typedef TPM_KEY_PARMS TCPA_KEY_PARMS;
+typedef TPM_STORE_PUBKEY TCPA_STORE_PUBKEY;
+typedef TPM_MIGRATIONKEYAUTH TCPA_MIGRATIONKEYAUTH;
+typedef TPM_RSA_KEY_PARMS TCPA_RSA_KEY_PARMS;
+typedef TPM_CERTIFY_INFO TCPA_CERTIFY_INFO;
+typedef TPM_STORE_ASYMKEY TCPA_STORE_ASYMKEY;
+typedef TPM_ENCAUTH TCPA_ENCAUTH;
+typedef TPM_PCRINDEX TCPA_PCRINDEX;
+typedef TPM_PCRVALUE TCPA_PCRVALUE;
+typedef TPM_DIRINDEX TCPA_DIRINDEX;
+typedef TPM_PROTOCOL_ID TCPA_PROTOCOL_ID;
+typedef TPM_ALGORITHM_ID TCPA_ALGORITHM_ID;
+typedef TPM_ENTITY_TYPE TCPA_ENTITY_TYPE;
+typedef TPM_CAPABILITY_AREA TCPA_CAPABILITY_AREA;
+typedef TPM_HMAC TCPA_HMAC;
+typedef TPM_MIGRATE_SCHEME TCPA_MIGRATE_SCHEME;
+typedef TPM_PHYSICAL_PRESENCE TCPA_PHYSICAL_PRESENCE;
+typedef TPM_KEY_HANDLE TCPA_KEY_HANDLE;
+typedef TPM_KEY_HANDLE_LIST TCPA_KEY_HANDLE_LIST;
+typedef TPM_PCR_COMPOSITE TCPA_PCR_COMPOSITE;
+typedef TPM_AUTH_DATA_USAGE TCPA_AUTH_DATA_USAGE;
+typedef TPM_AUTHDATA TCPA_AUTHDATA;
+typedef TPM_KEY_USAGE TCPA_KEY_USAGE;
+typedef TPM_COMPOSITE_HASH TCPA_COMPOSITE_HASH;
+typedef TPM_QUOTE_INFO TCPA_QUOTE_INFO;
+typedef TPM_TAG TCPA_TAG;
+typedef TPM_ENC_SCHEME TCPA_ENC_SCHEME;
+typedef TPM_SIG_SCHEME TCPA_SIG_SCHEME;
+typedef TPM_STARTUP_TYPE TCPA_STARTUP_TYPE;
+typedef TPM_AUTHHANDLE TCPA_AUTHHANDLE;
+typedef TPM_SYM_CA_ATTESTATION TCPA_SYM_CA_ATTESTATION;
+typedef TPM_ASYM_CA_CONTENTS TCPA_ASYM_CA_CONTENTS;
+typedef TPM_IDENTITY_REQ TCPA_IDENTITY_REQ;
+typedef TPM_IDENTITY_PROOF TCPA_IDENTITY_PROOF;
+
+// These were removed from the 1.2 TPM spec
+typedef UINT32 TCPA_ENCHANDLE;
+typedef UINT32 TCPA_EVENTTYPE;
+typedef struct tdTCPA_AUDIT_EVENT {
+ TCPA_COMMAND_CODE ordinal;
+ TCPA_RESULT returncode;
+} TCPA_AUDIT_EVENT;
+
+#define TCPA_SHA1_160_HASH_LEN TPM_SHA1_160_HASH_LEN
+#define TCPA_SHA1BASED_NONCE_LEN TPM_SHA1BASED_NONCE_LEN
+
+#define redirection TSS_KEYFLAG_REDIRECTION
+#define migratable TSS_KEYFLAG_MIGRATABLE
+#define volatileKey TSS_KEYFLAG_VOLATILEKEY
+
+#define TCPA_ET_KEYHANDLE TPM_ET_KEYHANDLE
+#define TCPA_ET_KEY TPM_ET_KEY
+#define TCPA_ET_OWNER TPM_ET_OWNER
+#define TCPA_ET_SRK TPM_ET_SRK
+#define TCPA_ET_DATA TPM_ET_DATA
+
+#define TCPA_PID_OIAP TPM_PID_OIAP
+#define TCPA_PID_OSAP TPM_PID_OSAP
+#define TCPA_PID_ADIP TPM_PID_ADIP
+#define TCPA_PID_ADCP TPM_PID_ADCP
+#define TCPA_PID_OWNER TPM_PID_OWNER
+
+#define TCPA_PT_ASYM TPM_PT_ASYM
+#define TCPA_PT_BIND TPM_PT_BIND
+#define TCPA_PT_MIGRATE TPM_PT_MIGRATE
+#define TCPA_PT_MAINT TPM_PT_MAINT
+#define TCPA_PT_SEAL TPM_PT_SEAL
+
+#define TCPA_CAP_ALG TPM_CAP_ALG
+#define TCPA_CAP_ORD TPM_CAP_ORD
+#define TCPA_CAP_PID TPM_CAP_PID
+#define TCPA_CAP_FLAG TPM_CAP_FLAG
+#define TCPA_CAP_VERSION TPM_CAP_VERSION
+#define TCPA_CAP_PROPERTY TPM_CAP_PROPERTY
+#define TCPA_CAP_KEY_HANDLE TPM_CAP_KEY_HANDLE
+#define TCPA_CAP_CHECK_LOADED TPM_CAP_CHECK_LOADED
+
+#define TCPA_ALG_RSA TPM_ALG_RSA
+#define TCPA_ALG_DES TPM_ALG_DES
+#define TCPA_ALG_3DES TPM_ALG_3DES
+#define TCPA_ALG_SHA TPM_ALG_SHA
+#define TCPA_ALG_HMAC TPM_ALG_HMAC
+#define TCPA_ALG_AES TPM_ALG_AES
+
+#define TCPA_PROTECTED_ORDINAL TPM_PROTECTED_ORDINAL
+#define TCPA_UNPROTECTED_ORDINAL TPM_UNPROTECTED_ORDINAL
+#define TCPA_CONNECTION_ORDINAL TPM_CONNECTION_ORDINAL
+
+#define TCPA_PROTECTED_COMMAND TPM_PROTECTED_COMMAND
+#define TCPA_UNPROTECTED_COMMAND TPM_UNPROTECTED_COMMAND
+#define TCPA_CONNECTION_COMMAND TPM_CONNECTION_COMMAND
+#define TCPA_VENDOR_COMMAND TPM_VENDOR_COMMAND
+
+#define TCPA_MAIN TPM_MAIN
+#define TCPA_PC TPM_PC
+#define TCPA_PDA TPM_PDA
+#define TCPA_CELL_PHONE TPM_CELL_PHONE
+
+#define TCPA_MS_MIGRATE TPM_MS_MIGRATE
+#define TCPA_MS_REWRAP TPM_MS_REWRAP
+#define TCPA_MS_MAINT TPM_MS_MAINT
+
+#define TCPA_ES_NONE TPM_ES_NONE
+#define TCPA_ES_RSAESPKCSv15 TPM_ES_RSAESPKCSv15
+#define TCPA_ES_RSAESOAEP_SHA1_MGF1 TPM_ES_RSAESOAEP_SHA1_MGF1
+
+#define TCPA_SS_NONE TPM_SS_NONE
+#define TCPA_SS_RSASSAPKCS1v15_SHA1 TPM_SS_RSASSAPKCS1v15_SHA1
+#define TCPA_SS_RSASSAPKCS1v15_DER TPM_SS_RSASSAPKCS1v15_DER
+#define TCPA_SS_RSASSAPKCS1v15_INFO TPM_SS_RSASSAPKCS1v15_INFO
+
+#define TCPA_PHYSICAL_PRESENCE_LIFETIME_LOCK TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK
+#define TCPA_PHYSICAL_PRESENCE_HW_ENABLE TPM_PHYSICAL_PRESENCE_HW_ENABLE
+#define TCPA_PHYSICAL_PRESENCE_CMD_ENABLE TPM_PHYSICAL_PRESENCE_CMD_ENABLE
+#define TCPA_PHYSICAL_PRESENCE_LOCK TPM_PHYSICAL_PRESENCE_LOCK
+#define TCPA_PHYSICAL_PRESENCE_PRESENT TPM_PHYSICAL_PRESENCE_PRESENT
+#define TCPA_PHYSICAL_PRESENCE_NOTPRESENT TPM_PHYSICAL_PRESENCE_NOTPRESENT
+
+#define TCPA_SUCCESS TPM_SUCCESS
+#define TCPA_E_BASE TPM_E_BASE
+#define TCPA_E_NON_FATAL TPM_E_NON_FATAL
+#define TCPA_E_AUTHFAIL TPM_E_AUTHFAIL
+#define TCPA_E_BAD_PARAMETER TPM_E_BAD_PARAMETER
+#define TCPA_E_BADINDEX TPM_E_BADINDEX
+#define TCPA_E_AUDITFAILURE TPM_E_AUDITFAILURE
+#define TCPA_E_CLEAR_DISABLED TPM_E_CLEAR_DISABLED
+#define TCPA_E_DEACTIVATED TPM_E_DEACTIVATED
+#define TCPA_E_DISABLED TPM_E_DISABLED
+#define TCPA_E_DISABLED_CMD TPM_E_DISABLED_CMD
+#define TCPA_E_FAIL TPM_E_FAIL
+#define TCPA_E_INACTIVE TPM_E_BAD_ORDINAL
+#define TCPA_E_INSTALL_DISABLED TPM_E_INSTALL_DISABLED
+#define TCPA_E_INVALID_KEYHANDLE TPM_E_INVALID_KEYHANDLE
+#define TCPA_E_KEYNOTFOUND TPM_E_KEYNOTFOUND
+#define TCPA_E_NEED_SELFTEST TPM_E_INAPPROPRIATE_ENC
+#define TCPA_E_MIGRATEFAIL TPM_E_MIGRATEFAIL
+#define TCPA_E_NO_PCR_INFO TPM_E_INVALID_PCR_INFO
+#define TCPA_E_NOSPACE TPM_E_NOSPACE
+#define TCPA_E_NOSRK TPM_E_NOSRK
+#define TCPA_E_NOTSEALED_BLOB TPM_E_NOTSEALED_BLOB
+#define TCPA_E_OWNER_SET TPM_E_OWNER_SET
+#define TCPA_E_RESOURCES TPM_E_RESOURCES
+#define TCPA_E_SHORTRANDOM TPM_E_SHORTRANDOM
+#define TCPA_E_SIZE TPM_E_SIZE
+#define TCPA_E_WRONGPCRVAL TPM_E_WRONGPCRVAL
+#define TCPA_E_BAD_PARAM_SIZE TPM_E_BAD_PARAM_SIZE
+#define TCPA_E_SHA_THREAD TPM_E_SHA_THREAD
+#define TCPA_E_SHA_ERROR TPM_E_SHA_ERROR
+#define TCPA_E_FAILEDSELFTEST TPM_E_FAILEDSELFTEST
+#define TCPA_E_AUTH2FAIL TPM_E_AUTH2FAIL
+#define TCPA_E_BADTAG TPM_E_BADTAG
+#define TCPA_E_IOERROR TPM_E_IOERROR
+#define TCPA_E_ENCRYPT_ERROR TPM_E_ENCRYPT_ERROR
+#define TCPA_E_DECRYPT_ERROR TPM_E_DECRYPT_ERROR
+#define TCPA_E_INVALID_AUTHHANDLE TPM_E_INVALID_AUTHHANDLE
+#define TCPA_E_NO_ENDORSEMENT TPM_E_NO_ENDORSEMENT
+#define TCPA_E_INVALID_KEYUSAGE TPM_E_INVALID_KEYUSAGE
+#define TCPA_E_WRONG_ENTITYTYPE TPM_E_WRONG_ENTITYTYPE
+#define TCPA_E_INVALID_POSTINIT TPM_E_INVALID_POSTINIT
+#define TCPA_E_INAPPROPRIATE_SIG TPM_E_INAPPROPRIATE_SIG
+#define TCPA_E_BAD_KEY_PROPERTY TPM_E_BAD_KEY_PROPERTY
+#define TCPA_E_BAD_MIGRATION TPM_E_BAD_MIGRATION
+#define TCPA_E_BAD_SCHEME TPM_E_BAD_SCHEME
+#define TCPA_E_BAD_DATASIZE TPM_E_BAD_DATASIZE
+#define TCPA_E_BAD_MODE TPM_E_BAD_MODE
+#define TCPA_E_BAD_PRESENCE TPM_E_BAD_PRESENCE
+#define TCPA_E_BAD_VERSION TPM_E_BAD_VERSION
+#define TCPA_E_RETRY TPM_E_RETRY
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/platform.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/platform.h
new file mode 100644
index 0000000..495afc7
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/platform.h
@@ -0,0 +1,46 @@
+/*++
+
+There are platform dependent and general defines.
+
+--*/
+
+#ifndef TSS_PLATFORM_H
+#define TSS_PLATFORM_H
+
+
+/* The default implementation is to use stdint.h, a part of the C99 standard.
+ * Systems that don't support this are handled on a case-by-case basis.
+ */
+
+#if !defined(WIN32)
+#include <stdint.h>
+ typedef uint8_t BYTE;
+ typedef int8_t TSS_BOOL;
+ typedef uint16_t UINT16;
+ typedef uint32_t UINT32;
+ typedef uint64_t UINT64;
+
+ typedef uint16_t TSS_UNICODE;
+ typedef void* PVOID;
+
+#elif defined(WIN32)
+#include <basetsd.h>
+ typedef unsigned char BYTE;
+ typedef signed char TSS_BOOL;
+#ifndef _BASETSD_H_
+ // basetsd.h provides definitions of UINT16, UINT32 and UINT64.
+ typedef unsigned short UINT16;
+ typedef unsigned long UINT32;
+ typedef unsigned __int64 UINT64;
+#endif
+ typedef unsigned short TSS_UNICODE;
+ typedef void* PVOID;
+#endif
+
+
+/* Include this so that applications that use names as defined in the
+ * 1.1 TSS specification can still compile
+ */
+#include <tss/compat11b.h>
+
+#endif // TSS_PLATFORM_H
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_defines.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_defines.h
new file mode 100644
index 0000000..ea0a994
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_defines.h
@@ -0,0 +1,7 @@
+
+#ifndef __TCPA_DEFINES_H__
+#define __TCPA_DEFINES_H__
+
+#warning including deprecated header file tcpa_defines.h
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_error.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_error.h
new file mode 100644
index 0000000..6391227
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_error.h
@@ -0,0 +1,7 @@
+
+#ifndef __TCPA_ERROR_H__
+#define __TCPA_ERROR_H__
+
+#warning including deprecated header file tcpa_error.h
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_struct.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_struct.h
new file mode 100644
index 0000000..8ba7db7
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_struct.h
@@ -0,0 +1,7 @@
+
+#ifndef __TCPA_STRUCT_H__
+#define __TCPA_STRUCT_H__
+
+#warning including deprecated header file tcpa_struct.h
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_typedef.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_typedef.h
new file mode 100644
index 0000000..9bcac88
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcpa_typedef.h
@@ -0,0 +1,7 @@
+
+#ifndef __TCPA_TYPEDEF_H__
+#define __TCPA_TYPEDEF_H__
+
+#warning including deprecated header file tcpa_typedef.h
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs.h
new file mode 100644
index 0000000..f2ec7f4
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs.h
@@ -0,0 +1,1129 @@
+#ifndef TCS_H
+#define TCS_H
+#include <tss/platform.h>
+#include <tss/tss_structs.h>
+#include <tss/tcs_typedef.h>
+#include <tss/tcs_defines.h>
+#include <tss/tcs_structs.h>
+#include <tss/tcs_error.h>
+#include <tss/tpm.h>
+
+#if defined __cplusplus
+extern "C" {
+#endif
+
+extern TSS_RESULT Tcsi_OpenContext
+(
+ TCS_CONTEXT_HANDLE* hContext // out
+);
+extern TSS_RESULT Tcsi_CloseContext
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsi_FreeMemory
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ BYTE* pMemory // in
+);
+extern TSS_RESULT Tcsi_GetCapability
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ UINT32* respSize, // out
+ BYTE** resp // out
+);
+extern TSS_RESULT Tcsi_RegisterKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID WrappingKeyUUID, // in
+ TSS_UUID KeyUUID, // in
+ UINT32 cKeySize, // in
+ BYTE* rgbKey, // in
+ UINT32 cVendorDataSize, // in
+ BYTE* gbVendorData // in
+);
+extern TSS_RESULT Tcsip_UnregisterKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID // in
+);
+extern TSS_RESULT Tcsip_KeyControlOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ UINT32 ulPubKeyLength, // in
+ BYTE* prgbPubKey, // in
+ UINT32 attribName, // in
+ TSS_BOOL attribValue, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TSS_UUID* pUuidData // out
+);
+extern TSS_RESULT Tcsi_EnumRegisteredKeys
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID* pKeyUUID, // in
+ UINT32* pcKeyHierarchySize, // out
+ TSS_KM_KEYINFO** ppKeyHierarchy // out
+);
+extern TSS_RESULT Tcsi_GetRegisteredKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID, // in
+ TSS_KM_KEYINFO** ppKeyInfo // out
+);
+extern TSS_RESULT Tcsi_GetRegisteredKeyBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID, // in
+ UINT32* pcKeySize, // out
+ BYTE** prgbKey // out
+);
+extern TSS_RESULT Tcsip_GetRegisteredKeyByPublicInfo
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulPublicInfoLength, // in
+ BYTE* rgbPublicInfo, // in
+ UINT32* keySize, // out
+ BYTE** keyBlob // out
+);
+extern TSS_RESULT Tcsip_LoadKeyByBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hUnwrappingKey, // in
+ UINT32 cWrappedKeyBlobSize, // in
+ BYTE* rgbWrappedKeyBlob, // in
+ TPM_AUTH* pAuth, // in, out
+ TCS_KEY_HANDLE* phKeyTCSI, // out
+ TCS_KEY_HANDLE* phKeyHMAC // out
+);
+extern TSS_RESULT Tcsip_LoadKeyByUUID
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_UUID KeyUUID, // in
+ TCS_LOADKEY_INFO* pLoadKeyInfo, // in, out
+ TCS_KEY_HANDLE* phKeyTCSI // out
+);
+extern TSS_RESULT Tcsip_EvictKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey // in
+);
+extern TSS_RESULT Tcsip_CreateWrapKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hWrappingKey, // in
+ TPM_ENCAUTH KeyUsageAuth, // in
+ TPM_ENCAUTH KeyMigrationAuth, // in
+ UINT32 keyInfoSize, // in
+ BYTE* keyInfo, // in
+ TPM_AUTH* pAuth, // in, out
+ UINT32* keyDataSize, // out
+ BYTE** keyData // out
+);
+extern TSS_RESULT Tcsip_GetPubKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ TPM_AUTH* pAuth, // in, out
+ UINT32* pcPubKeySize, // out
+ BYTE** prgbPubKey // out
+);
+extern TSS_RESULT Tcsip_MakeIdentity
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENCAUTH identityAuth, // in
+ TPM_CHOSENID_HASH IDLabel_PrivCAHash, // in
+ UINT32 idIdentityKeyInfoSize, // in
+ BYTE* idIdentityKeyInfo, // in
+ TPM_AUTH* pSrkAuth, // in, out
+ TPM_AUTH* pOwnerAuth, // in, out
+ UINT32* idIdentityKeySize, // out
+ BYTE** idIdentityKey, // out
+ UINT32* pcIdentityBindingSize, // out
+ BYTE** prgbIdentityBinding, // out
+ UINT32* pcEndorsementCredentialSize, // out
+ BYTE** prgbEndorsementCredential, // out
+ UINT32* pcPlatformCredentialSize, // out
+ BYTE** prgbPlatformCredential, // out
+ UINT32* pcConformanceCredentialSize, // out
+ BYTE** prgbConformanceCredential // out
+);
+extern TSS_RESULT Tcsip_MakeIdentity2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENCAUTH identityAuth, // in
+ TPM_CHOSENID_HASH IDLabel_PrivCAHash, // in
+ UINT32 idIdentityKeyInfoSize, // in
+ BYTE* idIdentityKeyInfo, // in
+ TPM_AUTH* pSrkAuth, // in, out
+ TPM_AUTH* pOwnerAuth, // in, out
+ UINT32* idIdentityKeySize, // out
+ BYTE** idIdentityKey, // out
+ UINT32* pcIdentityBindingSize, // out
+ BYTE** prgbIdentityBinding // out
+);
+extern TSS_RESULT Tcsi_LogPcrEvent
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_PCR_EVENT Event, // in
+ UINT32* pNumber // out
+);
+extern TSS_RESULT Tcsi_GetPcrEvent
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 PcrIndex, // in
+ UINT32* pNumber, // in, out
+ TSS_PCR_EVENT** ppEvent // out
+);
+extern TSS_RESULT Tcsi_GetPcrEventsByPcr
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 PcrIndex, // in
+ UINT32 FirstEvent, // in
+ UINT32* pEventCount, // in, out
+ TSS_PCR_EVENT** ppEvents // out
+);
+extern TSS_RESULT Tcsi_GetPcrEventLog
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* pEventCount, // out
+ TSS_PCR_EVENT** ppEvents // out
+);
+extern TSS_RESULT Tcsip_SetOwnerInstall
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL state // in
+);
+extern TSS_RESULT Tcsip_TakeOwnership
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT16 protocolID, // in
+ UINT32 encOwnerAuthSize, // in
+ BYTE* encOwnerAuth, // in
+ UINT32 encSrkAuthSize, // in
+ BYTE* encSrkAuth, // in
+ UINT32 srkKeyInfoSize, // in
+ BYTE* srkKeyInfo, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* srkKeyDataSize, // out
+ BYTE** srkKeyData // out
+);
+extern TSS_RESULT Tcsip_SetOperatorAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_SECRET operatorAuth // in
+);
+extern TSS_RESULT Tcsip_OIAP
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_AUTHHANDLE* authHandle, // out
+ TPM_NONCE* nonce0 // out
+);
+extern TSS_RESULT Tcsip_OSAP
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENTITY_TYPE entityType, // in
+ UINT32 entityValue, // in
+ TPM_NONCE nonceOddOSAP, // in
+ TCS_AUTHHANDLE* authHandle, // out
+ TPM_NONCE* nonceEven, // out
+ TPM_NONCE* nonceEvenOSAP // out
+);
+extern TSS_RESULT Tcsip_ChangeAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TPM_PROTOCOL_ID protocolID, // in
+ TPM_ENCAUTH newAuth, // in
+ TPM_ENTITY_TYPE entityType, // in
+ UINT32 encDataSize, // in
+ BYTE* encData, // in
+ TPM_AUTH* ownerAuth, // in, out
+ TPM_AUTH* entityAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_ChangeAuthOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PROTOCOL_ID protocolID, // in
+ TPM_ENCAUTH newAuth, // in
+ TPM_ENTITY_TYPE entityType, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_ChangeAuthAsymStart
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE idHandle, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 TempKeyInfoSize, // in
+ BYTE* TempKeyInfoData, // in
+ TPM_AUTH* pAuth, // in, out
+ UINT32* TempKeySize, // out
+ BYTE** TempKeyData, // out
+ UINT32* CertifyInfoSize, // out
+ BYTE** CertifyInfo, // out
+ UINT32* sigSize, // out
+ BYTE** sig, // out
+ TCS_KEY_HANDLE* ephHandle // out
+);
+extern TSS_RESULT Tcsip_ChangeAuthAsymFinish
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TCS_KEY_HANDLE ephHandle, // in
+ TPM_ENTITY_TYPE entityType, // in
+ TPM_HMAC newAuthLink, // in
+ UINT32 newAuthSize, // in
+ BYTE* encNewAuth, // in
+ UINT32 encDataSizeIn, // in
+ BYTE* encDataIn, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* encDataSizeOut, // out
+ BYTE** encDataOut, // out
+ TPM_NONCE* saltNonce, // out
+ TPM_DIGEST* changeProof // out
+);
+extern TSS_RESULT Tcsip_TerminateHandle
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_AUTHHANDLE handle // in
+);
+extern TSS_RESULT Tcsip_ActivateTPMIdentity
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE idKey, // in
+ UINT32 blobSize, // in
+ BYTE* blob, // in
+ TPM_AUTH* idKeyAuth, // in, out
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* SymmetricKeySize, // out
+ BYTE** SymmetricKey // out
+);
+extern TSS_RESULT Tcsip_EstablishTransport
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ulTransControlFlags, // in
+ TCS_KEY_HANDLE hEncKey, // in
+ UINT32 ulTransSessionInfoSize, // in
+ BYTE* rgbTransSessionInfo, // in
+ UINT32 ulSecretSize, // in
+ BYTE* rgbSecret, // in
+ TPM_AUTH* pEncKeyAuth, // in, out
+ TPM_MODIFIER_INDICATOR* pbLocality, // out
+ TCS_HANDLE* hTransSession, // out
+ UINT32* ulCurrentTicksSize, // out
+ BYTE** prgbCurrentTicks, // out
+ TPM_NONCE* pTransNonce // out
+);
+extern TSS_RESULT Tcsip_ExecuteTransport
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_COMMAND_CODE unWrappedCommandOrdinal, // in
+ UINT32 ulWrappedCmdParamInSize, // in
+ BYTE* rgbWrappedCmdParamIn, // in
+ UINT32* pulHandleListSize, // in, out
+ TCS_HANDLE** rghHandles, // in, out
+ TPM_AUTH* pWrappedCmdAuth1, // in, out
+ TPM_AUTH* pWrappedCmdAuth2, // in, out
+ TPM_AUTH* pTransAuth, // in, out
+ UINT64* punCurrentTicks, // out
+ TPM_MODIFIER_INDICATOR* pbLocality, // out
+ TPM_RESULT* pulWrappedCmdReturnCode, // out
+ UINT32* ulWrappedCmdParamOutSize, // out
+ BYTE** rgbWrappedCmdParamOut // out
+);
+extern TSS_RESULT Tcsip_ReleaseTransportSigned
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hSignatureKey, // in
+ TPM_NONCE AntiReplayNonce, // in
+ TPM_AUTH* pKeyAuth, // in, out
+ TPM_AUTH* pTransAuth, // in, out
+ TPM_MODIFIER_INDICATOR* pbLocality, // out
+ UINT32* pulCurrentTicksSize, // out
+ BYTE** prgbCurrentTicks, // out
+ UINT32* pulSignatureSize, // out
+ BYTE** prgbSignature // out
+);
+extern TSS_RESULT Tcsip_Extend
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PCRINDEX pcrNum, // in
+ TPM_DIGEST inDigest, // in
+ TPM_PCRVALUE* outDigest // out
+);
+extern TSS_RESULT Tcsip_PcrRead
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PCRINDEX pcrNum, // in
+ TPM_PCRVALUE* outDigest // out
+);
+extern TSS_RESULT Tcsip_Quote
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 pcrTargetSize, // in
+ BYTE* pcrTarget, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* pcrDataSize, // out
+ BYTE** pcrData, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_Quote2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 pcrTargetSize, // in
+ BYTE* pcrTarget, // in
+ TSS_BOOL addVersion, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* pcrDataSize, // out
+ BYTE** pcrData, // out
+ UINT32* versionInfoSize, // out
+ BYTE** versionInfo, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_DirWriteAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIRINDEX dirIndex, // in
+ TPM_DIRVALUE newContents, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_DirRead
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIRINDEX dirIndex, // in
+ TPM_DIRVALUE* dirValue // out
+);
+extern TSS_RESULT Tcsip_Seal
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_ENCAUTH encAuth, // in
+ UINT32 pcrInfoSize, // in
+ BYTE* PcrInfo, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* pubAuth, // in, out
+ UINT32* SealedDataSize, // out
+ BYTE** SealedData // out
+);
+extern TSS_RESULT Tcsip_Unseal
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 SealedDataSize, // in
+ BYTE* SealedData, // in
+ TPM_AUTH* keyAuth, // in, out
+ TPM_AUTH* dataAuth, // in, out
+ UINT32* DataSize, // out
+ BYTE** Data // out
+);
+extern TSS_RESULT Tcsip_UnBind
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_Sealx
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_ENCAUTH encAuth, // in
+ UINT32 pcrInfoSize, // in
+ BYTE* PcrInfo, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* pubAuth, // in, out
+ UINT32* SealedDataSize, // out
+ BYTE** SealedData // out
+);
+extern TSS_RESULT Tcsip_LoadKey2ByBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hUnwrappingKey, // in
+ UINT32 cWrappedKeyBlobSize, // in
+ BYTE* rgbWrappedKeyBlob, // in
+ TPM_AUTH* pAuth, // in, out
+ TCS_KEY_HANDLE* phKeyTCSI // out
+);
+extern TSS_RESULT Tcsip_CreateMigrationBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TSS_MIGRATE_SCHEME migrationType, // in
+ UINT32 MigrationKeyAuthSize, // in
+ BYTE* MigrationKeyAuth, // in
+ UINT32 encDataSize, // in
+ BYTE* encData, // in
+ TPM_AUTH* parentAuth, // in, out
+ TPM_AUTH* entityAuth, // in, out
+ UINT32* randomSize, // out
+ BYTE** random, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_ConvertMigrationBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ UINT32 randomSize, // in
+ BYTE* random, // in
+ TPM_AUTH* parentAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_AuthorizeMigrationKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_MIGRATE_SCHEME migrateScheme, // in
+ UINT32 MigrationKeySize, // in
+ BYTE* MigrationKey, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* MigrationKeyAuthSize, // out
+ BYTE** MigrationKeyAuth // out
+);
+extern TSS_RESULT Tcsip_CertifyKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE certHandle, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* certAuth, // in, out
+ TPM_AUTH* keyAuth, // in, out
+ UINT32* CertifyInfoSize, // out
+ BYTE** CertifyInfo, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_CertifyKey2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE certHandle, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_DIGEST MSAdigest, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* certAuth, // in, out
+ TPM_AUTH* keyAuth, // in, out
+ UINT32* CertifyInfoSize, // out
+ BYTE** CertifyInfo, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_Sign
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 areaToSignSize, // in
+ BYTE* areaToSign, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_GetRandom
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* bytesRequested, // in, out
+ BYTE** randomBytes // out
+);
+extern TSS_RESULT Tcsip_StirRandom
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 inDataSize, // in
+ BYTE* inData // in
+);
+extern TSS_RESULT Tcsip_GetCapability
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ UINT32* respSize, // out
+ BYTE** resp // out
+);
+extern TSS_RESULT Tcsip_GetCapabilitySigned
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ TPM_AUTH* privAuth, // in, out
+ TPM_VERSION* Version, // out
+ UINT32* respSize, // out
+ BYTE** resp, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_GetCapabilityOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TPM_VERSION* pVersion, // out
+ UINT32* pNonVolatileFlags, // out
+ UINT32* pVolatileFlags // out
+);
+extern TSS_RESULT Tcsip_CreateEndorsementKeyPair
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 endorsementKeyInfoSize, // in
+ BYTE* endorsementKeyInfo, // in
+ UINT32* endorsementKeySize, // out
+ BYTE** endorsementKey, // out
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_ReadPubek
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32* pubEndorsementKeySize, // out
+ BYTE** pubEndorsementKey, // out
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_DisablePubekRead
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_OwnerReadPubek
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* pubEndorsementKeySize, // out
+ BYTE** pubEndorsementKey // out
+);
+extern TSS_RESULT Tcsip_SelfTestFull
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_CertifySelfTest
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_ContinueSelfTest
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_GetTestResult
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_OwnerSetDisable
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL disableState, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_OwnerClear
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_DisableOwnerClear
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_ForceClear
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_DisableForceClear
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_PhysicalDisable
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_PhysicalEnable
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_PhysicalSetDeactivated
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL state // in
+);
+extern TSS_RESULT Tcsip_SetTempDeactivated
+(
+ TCS_CONTEXT_HANDLE hContext // in
+);
+extern TSS_RESULT Tcsip_SetTempDeactivated2
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* pOperatorAuth // in, out
+);
+extern TSS_RESULT Tcsip_OwnerReadInternalPub
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ UINT32* punPubKeySize, // out
+ BYTE** ppbPubKeyData // out
+);
+extern TSS_RESULT Tcsip_PhysicalPresence
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_PHYSICAL_PRESENCE fPhysicalPresence // in
+);
+extern TSS_RESULT Tcsip_FieldUpgrade
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 dataInSize, // in
+ BYTE* dataIn, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* dataOutSize, // out
+ BYTE** dataOut // out
+);
+extern TSS_RESULT Tcsip_ResetLockValue
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_FlushSpecific
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_HANDLE hResHandle, // in
+ TPM_RESOURCE_TYPE resourceType // in
+);
+extern TSS_RESULT Tcsip_SetRedirection
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ UINT32 c1, // in
+ UINT32 c2, // in
+ TPM_AUTH* privAuth // in, out
+);
+extern TSS_RESULT Tcsip_DSAP
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_ENTITY_TYPE entityType, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TPM_NONCE nonceOddDSAP, // in
+ UINT32 entityValueSize, // in
+ BYTE* entityValue, // in
+ TCS_AUTHHANDLE* authHandle, // out
+ TPM_NONCE* nonceEven, // out
+ TPM_NONCE* nonceEvenDSAP // out
+);
+extern TSS_RESULT Tcsip_Delegate_Manage
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_FAMILY_ID familyID, // in
+ TPM_FAMILY_OPERATION opFlag, // in
+ UINT32 opDataSize, // in
+ BYTE* opData, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* retDataSize, // out
+ BYTE** retData // out
+);
+extern TSS_RESULT Tcsip_Delegate_CreateKeyDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ UINT32 publicInfoSize, // in
+ BYTE* publicInfo, // in
+ TPM_ENCAUTH encDelAuth, // in
+ TPM_AUTH* keyAuth, // in, out
+ UINT32* blobSize, // out
+ BYTE** blob // out
+);
+extern TSS_RESULT Tcsip_Delegate_CreateOwnerDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL increment, // in
+ UINT32 publicInfoSize, // in
+ BYTE* publicInfo, // in
+ TPM_ENCAUTH encDelAuth, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* blobSize, // out
+ BYTE** blob // out
+);
+extern TSS_RESULT Tcsip_Delegate_LoadOwnerDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DELEGATE_INDEX index, // in
+ UINT32 blobSize, // in
+ BYTE* blob, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_Delegate_UpdateVerificationCount
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 inputSize, // in
+ BYTE* input, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outputSize, // out
+ BYTE** output // out
+);
+extern TSS_RESULT Tcsip_Delegate_VerifyDelegation
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 delegateSize, // in
+ BYTE* delegate // in
+);
+extern TSS_RESULT Tcsip_Delegate_ReadTable
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* pulFamilyTableSize, // out
+ BYTE** ppFamilyTable, // out
+ UINT32* pulDelegateTableSize, // out
+ BYTE** ppDelegateTable // out
+);
+extern TSS_RESULT Tcsip_NV_DefineOrReleaseSpace
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 cPubInfoSize, // in
+ BYTE* pPubInfo, // in
+ TPM_ENCAUTH encAuth, // in
+ TPM_AUTH* pAuth // in, out
+);
+extern TSS_RESULT Tcsip_NV_WriteValue
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToWrite, // in
+ TPM_AUTH* privAuth // in, out
+);
+extern TSS_RESULT Tcsip_NV_WriteValueAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToWrite, // in
+ TPM_AUTH* NVAuth // in, out
+);
+extern TSS_RESULT Tcsip_NV_ReadValue
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32* pulDataLength, // in, out
+ TPM_AUTH* privAuth, // in, out
+ BYTE** rgbDataRead // out
+);
+extern TSS_RESULT Tcsip_NV_ReadValueAuth
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_NV_INDEX hNVStore, // in
+ UINT32 offset, // in
+ UINT32* pulDataLength, // in, out
+ TPM_AUTH* NVAuth, // in, out
+ BYTE** rgbDataRead // out
+);
+extern TSS_RESULT Tcsip_CreateMaintenanceArchive
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_BOOL generateRandom, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* randomSize, // out
+ BYTE** random, // out
+ UINT32* archiveSize, // out
+ BYTE** archive // out
+);
+extern TSS_RESULT Tcsip_LoadMaintenanceArchive
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 dataInSize, // in
+ BYTE* dataIn, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* dataOutSize, // out
+ BYTE** dataOut // out
+);
+extern TSS_RESULT Tcsip_KillMaintenanceFeature
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_LoadManuMaintPub
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 PubKeySize, // in
+ BYTE* PubKey, // in
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_ReadManuMaintPub
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_CreateRevocableEndorsementKeyPair
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_NONCE antiReplay, // in
+ UINT32 endorsementKeyInfoSize, // in
+ BYTE* endorsementKeyInfo, // in
+ TSS_BOOL GenResetAuth, // in
+ TPM_DIGEST* EKResetAuth, // in, out
+ UINT32* endorsementKeySize, // out
+ BYTE** endorsementKey, // out
+ TPM_DIGEST* checksum // out
+);
+extern TSS_RESULT Tcsip_RevokeEndorsementKeyPair
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIGEST EKResetAuth // in
+);
+extern TSS_RESULT Tcsip_PcrReset
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 pcrTargetSize, // in
+ BYTE* pcrTarget // in
+);
+extern TSS_RESULT Tcsip_ReadCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_COUNTER_VALUE* counterValue // out
+);
+extern TSS_RESULT Tcsip_CreateCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 LabelSize, // in (=4)
+ BYTE* pLabel, // in
+ TPM_ENCAUTH CounterAuth, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TSS_COUNTER_ID* idCounter, // out
+ TPM_COUNTER_VALUE* counterValue // out
+);
+extern TSS_RESULT Tcsip_IncrementCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_AUTH* pCounterAuth, // in, out
+ TPM_COUNTER_VALUE* counterValue // out
+);
+extern TSS_RESULT Tcsip_ReleaseCounter
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_AUTH* pCounterAuth // in, out
+);
+extern TSS_RESULT Tcsip_ReleaseCounterOwner
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_COUNTER_ID idCounter, // in
+ TPM_AUTH* pOwnerAuth // in, out
+);
+extern TSS_RESULT Tcsip_ReadCurrentTicks
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32* pulCurrentTimeSize, // out
+ BYTE** prgbCurrentTime // out
+);
+extern TSS_RESULT Tcsip_TickStampBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hKey, // in
+ TPM_NONCE antiReplay, // in
+ TPM_DIGEST digestToStamp, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* pulSignatureLength, // out
+ BYTE** prgbSignature, // out
+ UINT32* pulTickCountSize, // out
+ BYTE** prgbTickCount // out
+);
+extern TSS_RESULT Tcsip_TPM_DAA_Join
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_HANDLE handle, // in
+ BYTE stage, // in
+ UINT32 inputSize0, // in
+ BYTE* inputData0, // in
+ UINT32 inputSize1, // in
+ BYTE* inputData1, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outputSize, // out
+ BYTE** outputData // out
+);
+extern TSS_RESULT Tcsip_TPM_DAA_Sign
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_HANDLE handle, // in
+ BYTE stage, // in
+ UINT32 inputSize0, // in
+ BYTE* inputData0, // in
+ UINT32 inputSize1, // in
+ BYTE* inputData1, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outputSize, // out
+ BYTE** outputData // out
+);
+extern TSS_RESULT Tcsip_MigrateKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hMaKey, // in
+ UINT32 PublicKeySize, // in
+ BYTE* PublicKey, // in
+ UINT32 inDataSize, // in
+ BYTE* inData, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_CMK_SetRestrictions
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TSS_CMK_DELEGATE Restriction, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_CMK_ApproveMA
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_DIGEST migAuthorityDigest, // in
+ TPM_AUTH* ownerAuth, // in, out
+ TPM_HMAC* HmacMigAuthDigest // out
+);
+extern TSS_RESULT Tcsip_CMK_CreateKey
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE hWrappingKey, // in
+ TPM_ENCAUTH KeyUsageAuth, // in
+ TPM_HMAC MigAuthApproval, // in
+ TPM_DIGEST MigAuthorityDigest, // in
+ UINT32* keyDataSize, // in, out
+ BYTE** prgbKeyData, // in, out
+ TPM_AUTH* pAuth // in, out
+);
+extern TSS_RESULT Tcsip_CMK_CreateTicket
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 PublicVerifyKeySize, // in
+ BYTE* PublicVerifyKey, // in
+ TPM_DIGEST SignedData, // in
+ UINT32 SigValueSize, // in
+ BYTE* SigValue, // in
+ TPM_AUTH* pOwnerAuth, // in, out
+ TPM_HMAC* SigTicket // out
+);
+extern TSS_RESULT Tcsip_CMK_CreateBlob
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TSS_MIGRATE_SCHEME migrationType, // in
+ UINT32 MigrationKeyAuthSize, // in
+ BYTE* MigrationKeyAuth, // in
+ TPM_DIGEST PubSourceKeyDigest, // in
+ UINT32 msaListSize, // in
+ BYTE* msaList, // in
+ UINT32 restrictTicketSize, // in
+ BYTE* restrictTicket, // in
+ UINT32 sigTicketSize, // in
+ BYTE* sigTicket, // in
+ UINT32 encDataSize, // in
+ BYTE* encData, // in
+ TPM_AUTH* parentAuth, // in, out
+ UINT32* randomSize, // out
+ BYTE** random, // out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_CMK_ConvertMigration
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE parentHandle, // in
+ TPM_CMK_AUTH restrictTicket, // in
+ TPM_HMAC sigTicket, // in
+ UINT32 keyDataSize, // in
+ BYTE* prgbKeyData, // in
+ UINT32 msaListSize, // in
+ BYTE* msaList, // in
+ UINT32 randomSize, // in
+ BYTE* random, // in
+ TPM_AUTH* parentAuth, // in, out
+ UINT32* outDataSize, // out
+ BYTE** outData // out
+);
+extern TSS_RESULT Tcsip_SetCapability
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TPM_CAPABILITY_AREA capArea, // in
+ UINT32 subCapSize, // in
+ BYTE* subCap, // in
+ UINT32 valueSize, // in
+ BYTE* value, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsip_GetAuditDigest
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 startOrdinal, // in
+ TPM_DIGEST* auditDigest, // out
+ UINT32* counterValueSize, // out
+ BYTE** counterValue, // out
+ TSS_BOOL* more, // out
+ UINT32* ordSize, // out
+ UINT32** ordList // out
+);
+extern TSS_RESULT Tcsip_GetAuditDigestSigned
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ TCS_KEY_HANDLE keyHandle, // in
+ TSS_BOOL closeAudit, // in
+ TPM_NONCE antiReplay, // in
+ TPM_AUTH* privAuth, // in, out
+ UINT32* counterValueSize, // out
+ BYTE** counterValue, // out
+ TPM_DIGEST* auditDigest, // out
+ TPM_DIGEST* ordinalDigest, // out
+ UINT32* sigSize, // out
+ BYTE** sig // out
+);
+extern TSS_RESULT Tcsip_SetOrdinalAuditStatus
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ordinalToAudit, // in
+ TSS_BOOL auditState, // in
+ TPM_AUTH* ownerAuth // in, out
+);
+extern TSS_RESULT Tcsi_Admin_TSS_SessionsPerLocality
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ulLocality, // in
+ UINT32 ulSessions, // in
+ TPM_AUTH* pOwnerAuth // in, out
+);
+extern TSS_RESULT Tcsi_GetCredential
+(
+ TCS_CONTEXT_HANDLE hContext, // in
+ UINT32 ulCredentialType, // in
+ UINT32 ulCredentialAccessMode, // in
+ UINT32* pulCredentialSize, // out
+ BYTE** prgbCredentialData // out
+);
+
+#if defined __cplusplus
+} // extern "C"
+#endif
+
+#endif /* TCS_H */
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_defines.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_defines.h
new file mode 100644
index 0000000..5b0d192
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_defines.h
@@ -0,0 +1,28 @@
+/*++
+
+TSS Core Service structures
+
+*/
+
+#ifndef __TCS_DEFINES_H__
+#define __TCS_DEFINES_H__
+
+#define TSS_TCSATTRIB_TRANSPORT_DEFAULT ((UINT32)(0x00000000))
+#define TSS_TCSATTRIB_TRANSPORT_EXCLUSIVE ((UINT32)(0x00000001))
+
+
+// Values for the ulCredentialType parameter to Tcsi_GetCredential
+#define TSS_TCS_CREDENTIAL_EKCERT ((UINT32)0x00000001)
+#define TSS_TCS_CREDENTIAL_TPM_CC ((UINT32)0x00000002)
+#define TSS_TCS_CREDENTIAL_PLATFORMCERT ((UINT32)0x00000003)
+
+
+// Values for the ulCredentialAccessMode parameter to Tcsi_GetCredential
+// TSS_TCS_CERT_ACCESS_AUTO triggers the default behavior.
+// Values with TSS_TCS_CERT_VENDOR_SPECIFIC_BIT set trigger
+// vendor specific behavior.
+#define TSS_TCS_CERT_ACCESS_AUTO ((UINT32)0x00000001)
+
+#define TSS_TCS_CERT_VENDOR_SPECIFIC_BIT ((UINT32)0x80000000)
+
+#endif // __TCS_DEFINES_H__
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_error.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_error.h
new file mode 100644
index 0000000..2a64c34
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_error.h
@@ -0,0 +1,56 @@
+/*++
+
+TSS Core Service error return codes
+
+--*/
+
+#ifndef __TCS_ERROR_H__
+#define __TCS_ERROR_H__
+
+
+#ifndef TSS_E_BASE
+#define TSS_E_BASE 0x00000000L
+#endif // TSS_E_BASE
+
+// The context handle supplied is invalid.
+#define TCS_E_INVALID_CONTEXTHANDLE (UINT32)(TSS_E_BASE + 0x0C1L)
+
+// The key handle supplied is invalid.
+#define TCS_E_INVALID_KEYHANDLE (UINT32)(TSS_E_BASE + 0x0C2L)
+
+// The authorization session handle supplied is invalid.
+#define TCS_E_INVALID_AUTHHANDLE (UINT32)(TSS_E_BASE + 0x0C3L)
+
+// the auth session has been closed by the TPM
+#define TCS_E_INVALID_AUTHSESSION (UINT32)(TSS_E_BASE + 0x0C4L)
+
+// the key has been unloaded
+#define TCS_E_INVALID_KEY (UINT32)(TSS_E_BASE + 0x0C5L)
+
+// Key addressed by the application key handle does not match the key addressed
+// by the given UUID.
+#define TCS_E_KEY_MISMATCH (UINT32)(TSS_E_BASE + 0x0C8L)
+
+// Key adressed by Key's UUID cannot be loaded because one of the required
+// parent keys needs authorization.
+#define TCS_E_KM_LOADFAILED (UINT32)(TSS_E_BASE + 0x0CAL)
+
+// The Key Cache Manager could not reload the key into the TPM.
+#define TCS_E_KEY_CONTEXT_RELOAD (UINT32)(TSS_E_BASE + 0x0CCL)
+
+// Bad memory index
+#define TCS_E_BAD_INDEX (UINT32)(TSS_E_BASE + 0x0CDL)
+
+
+// These TCS_E_ macros are defined by name in the TSS spec, however
+// they are defined to have the same values as the TSS_E_ equivalents.
+#define TCS_SUCCESS TSS_SUCCESS
+#define TCS_E_KEY_ALREADY_REGISTERED TSS_E_KEY_ALREADY_REGISTERED
+#define TCS_E_KEY_NOT_REGISTERED TSS_E_KEY_NOT_REGISTERED
+#define TCS_E_BAD_PARAMETER TSS_E_BAD_PARAMETER
+#define TCS_E_OUTOFMEMORY TSS_E_OUTOFMEMORY
+#define TCS_E_SIZE TSS_E_SIZE
+#define TCS_E_NOTIMPL TSS_E_NOTIMPL
+#define TCS_E_INTERNAL_ERROR TSS_E_INTERNAL_ERROR
+
+#endif // __TCS_ERROR_H__
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_structs.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_structs.h
new file mode 100644
index 0000000..30b3fb9
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_structs.h
@@ -0,0 +1,40 @@
+/*++
+
+TSS Core Service structures
+
+*/
+
+#ifndef __TCS_STRUCT_H__
+#define __TCS_STRUCT_H__
+
+#include <tss/tpm.h>
+#include <tss/tss_structs.h>
+#include <tss/tcs_typedef.h>
+
+typedef struct tdTCS_AUTH
+{
+ TCS_AUTHHANDLE AuthHandle;
+ TPM_NONCE NonceOdd; // system
+ TPM_NONCE NonceEven; // TPM
+ TSS_BOOL fContinueAuthSession;
+ TPM_AUTHDATA HMAC;
+} TCS_AUTH;
+
+// This is kept for legacy compatibility
+typedef TCS_AUTH TPM_AUTH;
+
+
+typedef struct tdTCS_LOADKEY_INFO
+{
+ TSS_UUID keyUUID;
+ TSS_UUID parentKeyUUID;
+ TPM_DIGEST paramDigest; // SHA1 digest of the TPM_LoadKey
+ // Command input parameters
+ // As defined in TPM Main Specification
+ TPM_AUTH authData; // Data regarding a valid auth
+ // Session including the
+ // HMAC digest
+} TCS_LOADKEY_INFO;
+
+#endif // __TCS_STRUCT_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_typedef.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_typedef.h
new file mode 100644
index 0000000..0c89839
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tcs_typedef.h
@@ -0,0 +1,32 @@
+/*++
+
+Global typedefs for TSS Core Service
+
+*/
+
+#ifndef __TCS_TYPEDEF_H__
+#define __TCS_TYPEDEF_H__
+
+#include <tss/tss_structs.h>
+#include <tss/tpm.h>
+
+typedef UINT32 TCS_AUTHHANDLE;
+typedef UINT32 TCS_CONTEXT_HANDLE;
+typedef UINT32 TCS_KEY_HANDLE;
+typedef UINT32 TCS_HANDLE;
+
+
+// Substitution definitions for TCS-IDL
+typedef TPM_ENCAUTH TCG_ENCAUTH;
+typedef TPM_NONCE TCG_NONCE;
+typedef TPM_ENTITY_TYPE TCG_ENTITY_TYPE;
+typedef TPM_PCRINDEX TCG_PCRINDEX;
+typedef TPM_DIGEST TCG_DIGEST;
+typedef TPM_PCRVALUE TCG_PCRVALUE;
+typedef TPM_DIRVALUE TCG_DIRVALUE;
+typedef TPM_DIRINDEX TCG_DIRINDEX;
+
+
+
+#endif // __TCS_TYPEDEF_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddl_error.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddl_error.h
new file mode 100644
index 0000000..b63ca11
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddl_error.h
@@ -0,0 +1,51 @@
+/*++
+
+TPM Device Driver Library error return codes
+
+--*/
+
+#ifndef __TDDL_ERROR_H__
+#define __TDDL_ERROR_H__
+
+#include <tss/tss_error_basics.h>
+#include <tss/tss_error.h>
+
+
+#ifndef TSS_E_BASE
+#define TSS_E_BASE 0x00000000L
+#endif // TSS_E_BASE
+
+
+//
+// specific error codes returned by the TPM device driver library
+// offset TSS_TDDL_OFFSET
+//
+#define TDDL_E_FAIL TSS_E_FAIL
+#define TDDL_E_TIMEOUT TSS_E_TIMEOUT
+
+// The connection was already established.
+#define TDDL_E_ALREADY_OPENED (UINT32)(TSS_E_BASE + 0x081L)
+
+// The device was not connected.
+#define TDDL_E_ALREADY_CLOSED (UINT32)(TSS_E_BASE + 0x082L)
+
+// The receive buffer is too small.
+#define TDDL_E_INSUFFICIENT_BUFFER (UINT32)(TSS_E_BASE + 0x083L)
+
+// The command has already completed.
+#define TDDL_E_COMMAND_COMPLETED (UINT32)(TSS_E_BASE + 0x084L)
+
+// TPM aborted processing of command.
+#define TDDL_E_COMMAND_ABORTED (UINT32)(TSS_E_BASE + 0x085L)
+
+// The request could not be performed because of an I/O device error.
+#define TDDL_E_IOERROR (UINT32)(TSS_E_BASE + 0x087L)
+
+// Unsupported TAG is requested
+#define TDDL_E_BADTAG (UINT32)(TSS_E_BASE + 0x088L)
+
+// the requested TPM component was not found
+#define TDDL_E_COMPONENT_NOT_FOUND (UINT32)(TSS_E_BASE + 0x089L)
+
+#endif // __TDDL_ERROR_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddlapi_error.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddlapi_error.h
new file mode 100644
index 0000000..f021150
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddlapi_error.h
@@ -0,0 +1,54 @@
+/*++
+
+TDDL error return codes for the TPM Device Driver Library Interface (TDDLI)
+
+--*/
+
+#ifndef __TDDLAPI_ERROR_H__
+#define __TDDLAPI_ERROR_H__
+
+
+//
+// error coding scheme for a Microsoft Windows platform -
+// refer to the TSS Specification Parts
+//
+// Values are 32 bit values layed out as follows:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// +---+-+-+-----------------------+-------+-----------------------+
+// |Lev|C|R| Facility | Layer | Code |
+// +---+-+-+-----------------------+-------+-----------------------+
+// | Platform specific coding | TSS error coding system |
+// +---+-+-+-----------------------+-------+-----------------------+
+//
+// Lev - is the Level code
+//
+// 00 - Success
+// 01 - Informational
+// 10 - Warning
+// 11 - Error
+//
+// C - is the Customer code flag (must actually be set)
+//
+// R - is a reserved bit (unused)
+//
+// Facility - is the facility code: TCPA: proposal 0x028
+//
+// Code - is the facility's status code
+//
+
+
+// no macros are used below intentionally
+// for a better error code recognition by the reader
+
+// note that the values of TPM_E_BASE and TSS_E_BASE, TSS_W_BASE and TSS_I_BASE
+// have to be adjusted for a platform other than Windows
+
+//
+// TPM specific error codes (layer nibble set to TPM layer TSS_LAYER_TPM)
+//
+
+
+#endif // __TDDLAPI_ERROR_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddli.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddli.h
new file mode 100644
index 0000000..bfd6045
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tddli.h
@@ -0,0 +1,94 @@
+/*++
+
+TPM Device Driver Library interface
+
+--*/
+
+#ifndef __TDDLI_H__
+#define __TDDLI_H__
+
+#include <tss/tss_typedef.h>
+#include <tss/tddl_error.h>
+
+#if !defined(TDDLI)
+#ifdef WIN32
+// --- This should be used on Windows platforms
+#ifdef TDDLI_EXPORTS
+#define TDDLI __declspec(dllexport)
+#else
+#define TDDLI __declspec(dllimport)
+#endif
+#else
+#define TDDLI
+#endif
+#endif /* !defined(TDDLI) */
+
+
+#define TDDL_CAP_VERSION 0x0100
+#define TDDL_CAP_VER_DRV 0x0101
+#define TDDL_CAP_VER_FW 0x0102
+#define TDDL_CAP_VER_FW_DATE 0x0103
+
+#define TDDL_CAP_PROPERTY 0x0200
+#define TDDL_CAP_PROP_MANUFACTURER 0x0201
+#define TDDL_CAP_PROP_MODULE_TYPE 0x0202
+#define TDDL_CAP_PROP_GLOBAL_STATE 0x0203
+
+
+//--------------------------------------------------------------------
+// TDDL specific helper redefinitions
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+ //establish a connection to the TPM device driver
+ TDDLI TSS_RESULT Tddli_Open(void);
+
+ //close a open connection to the TPM device driver
+ TDDLI TSS_RESULT Tddli_Close(void);
+
+ //cancels the last outstanding TPM command
+ TDDLI TSS_RESULT Tddli_Cancel(void);
+
+ // read the attributes returned by the TPM HW/FW
+ TDDLI TSS_RESULT Tddli_GetCapability(
+ UINT32 CapArea,
+ UINT32 SubCap,
+ BYTE *pCapBuf,
+ UINT32 *puntCapBufLen);
+
+ // set parameters to the TPM HW/FW
+ TDDLI TSS_RESULT Tddli_SetCapability(
+ UINT32 CapArea,
+ UINT32 SubCap,
+ BYTE *pCapBuf,
+ UINT32 puntCapBufLen);
+
+ // get status of the TPM driver and device
+ TDDLI TSS_RESULT Tddli_GetStatus(
+ UINT32 ReqStatusType,
+ UINT32 *puntStatus);
+
+ // send any data to the TPM module
+ TDDLI TSS_RESULT Tddli_TransmitData(
+ BYTE *pTransmitBuf,
+ UINT32 TransmitBufLen,
+ BYTE *pReceiveBuf,
+ UINT32 *puntReceiveBufLen);
+
+ TDDLI TSS_RESULT Tddli_SetPowerManagement(
+ TSS_BOOL SendSaveStateCommand, // in
+ UINT32 *QuerySetNewTPMPowerState); // in, out
+
+ TDDLI TSS_RESULT Tddli_PowerManagementControl(
+ TSS_BOOL SendPowerManager, // in
+ UINT32 *DriverManagesPowerStates); // out
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // __TDDLI_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm.h
new file mode 100644
index 0000000..69d3b65
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm.h
@@ -0,0 +1,1663 @@
+/*++
+ *
+ * TPM structures extracted from the TPM specification 1.2,
+ * Part 2 (Structures), rev 85.
+ *
+ * Errata:
+ *
+ * *) The individual bits of TPM_STARTUP_EFFECTS were not given names in
+ * the TPM spec so they are not defined in tpm.h.
+ *
+ * *) A few typedefs not present in the TPM 1.2 specification have been
+ * added. This was generally done when the TPM 1.2 spec defined a set of
+ * related values (either bitmasks or enumeration values) but did not
+ * define an associated type to hold these values. The typedefs have been
+ * added and structure fields that were to hold those values have been
+ * switched from generic UINT* types to the more specific types. This was
+ * done to highlight exactly where those #defined values were to be used.
+ * The types that have been added are:
+ * TPM_NV_PER_ATTRIBUTES
+ * TPM_DELEGATE_TYPE
+ *
+ * *) The layout of bitfields within a structure are compiler-dependent
+ * and the use of structure bitfields has been avoided where possible. In
+ * cases where a value is a collection of independent bits the type is
+ * given a name (typedeffed to UINT16 or UINT32 as appropriate) and masks
+ * are #defined to access the individual bits. This is not possible for
+ * TPM_VERSION_BYTE because the fields are 4-bit values. A best attempt
+ * has been made to make this compiler independent but it has only been
+ * checked on GCC and Visual C++ on little-endian machines.
+ *
+ * *) The TPM_DELEGATIONS per1 and per2 fields field are a bitmask but
+ * are defined as a UINT32 because the bitfields have different meaning
+ * based on the type of delegation blob.
+ *
+ * *) The definitions of TPM_PERMANENT_DATA, TPM_STCLEAR_DATA,
+ * TPM_STANY_DATA, and TPM_DELEGATE_TABLE_ROW are commented out. These
+ * structures are internal to the TPM and are not directly accessible by
+ * external software so this should not be a problem.
+ *
+ * *) The definitions of TPM_FAMILY_TABLE and TPM_DELEGATE_TABLE are
+ * commented out because they are variable length arrays internal to the
+ * TPM. As above they are not directly accessible by external software
+ * so this should not be a problem.
+ */
+
+#ifndef __TPM_H__
+#define __TPM_H__
+
+#ifdef __midl
+#define SIZEIS(x) [size_is(x)]
+#else
+#define SIZEIS(x)
+#endif
+
+#include <tss/platform.h>
+
+//-------------------------------------------------------------------
+// Part 2, section 2.1: Basic data types
+typedef BYTE TPM_BOOL;
+#ifndef FALSE
+#define FALSE 0x00
+#define TRUE 0x01
+#endif /* ifndef FALSE */
+
+//-------------------------------------------------------------------
+// Part 2, section 2.3: Helper Redefinitions
+// Many of the helper redefinitions appear later in this file
+// so that they are declared next to the list of valid values
+// they may hold.
+typedef BYTE TPM_LOCALITY_MODIFIER;
+typedef UINT32 TPM_COMMAND_CODE; /* 1.1b */
+typedef UINT32 TPM_COUNT_ID;
+typedef UINT32 TPM_REDIT_COMMAND;
+typedef UINT32 TPM_HANDLE;
+typedef UINT32 TPM_AUTHHANDLE;
+typedef UINT32 TPM_TRANSHANDLE;
+typedef UINT32 TPM_KEYHANDLE;
+typedef UINT32 TPM_DIRINDEX;
+typedef UINT32 TPM_PCRINDEX;
+typedef UINT32 TPM_RESULT;
+typedef UINT32 TPM_MODIFIER_INDICATOR;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 2.2.4: Vendor Specific
+#define TPM_Vendor_Specific32 0x00000400
+#define TPM_Vendor_Specific8 0x80
+
+
+//-------------------------------------------------------------------
+// Part 2, section 3: Structure Tags
+typedef UINT16 TPM_STRUCTURE_TAG;
+#define TPM_TAG_CONTEXTBLOB ((UINT16)0x0001)
+#define TPM_TAG_CONTEXT_SENSITIVE ((UINT16)0x0002)
+#define TPM_TAG_CONTEXTPOINTER ((UINT16)0x0003)
+#define TPM_TAG_CONTEXTLIST ((UINT16)0x0004)
+#define TPM_TAG_SIGNINFO ((UINT16)0x0005)
+#define TPM_TAG_PCR_INFO_LONG ((UINT16)0x0006)
+#define TPM_TAG_PERSISTENT_FLAGS ((UINT16)0x0007)
+#define TPM_TAG_VOLATILE_FLAGS ((UINT16)0x0008)
+#define TPM_TAG_PERSISTENT_DATA ((UINT16)0x0009)
+#define TPM_TAG_VOLATILE_DATA ((UINT16)0x000a)
+#define TPM_TAG_SV_DATA ((UINT16)0x000b)
+#define TPM_TAG_EK_BLOB ((UINT16)0x000c)
+#define TPM_TAG_EK_BLOB_AUTH ((UINT16)0x000d)
+#define TPM_TAG_COUNTER_VALUE ((UINT16)0x000e)
+#define TPM_TAG_TRANSPORT_INTERNAL ((UINT16)0x000f)
+#define TPM_TAG_TRANSPORT_LOG_IN ((UINT16)0x0010)
+#define TPM_TAG_TRANSPORT_LOG_OUT ((UINT16)0x0011)
+#define TPM_TAG_AUDIT_EVENT_IN ((UINT16)0x0012)
+#define TPM_TAG_AUDIT_EVENT_OUT ((UINT16)0x0013)
+#define TPM_TAG_CURRENT_TICKS ((UINT16)0x0014)
+#define TPM_TAG_KEY ((UINT16)0x0015)
+#define TPM_TAG_STORED_DATA12 ((UINT16)0x0016)
+#define TPM_TAG_NV_ATTRIBUTES ((UINT16)0x0017)
+#define TPM_TAG_NV_DATA_PUBLIC ((UINT16)0x0018)
+#define TPM_TAG_NV_DATA_SENSITIVE ((UINT16)0x0019)
+#define TPM_TAG_DELEGATIONS ((UINT16)0x001a)
+#define TPM_TAG_DELEGATE_PUBLIC ((UINT16)0x001b)
+#define TPM_TAG_DELEGATE_TABLE_ROW ((UINT16)0x001c)
+#define TPM_TAG_TRANSPORT_AUTH ((UINT16)0x001d)
+#define TPM_TAG_TRANSPORT_PUBLIC ((UINT16)0x001e)
+#define TPM_TAG_PERMANENT_FLAGS ((UINT16)0x001f)
+#define TPM_TAG_STCLEAR_FLAGS ((UINT16)0x0020)
+#define TPM_TAG_STANY_FLAGS ((UINT16)0x0021)
+#define TPM_TAG_PERMANENT_DATA ((UINT16)0x0022)
+#define TPM_TAG_STCLEAR_DATA ((UINT16)0x0023)
+#define TPM_TAG_STANY_DATA ((UINT16)0x0024)
+#define TPM_TAG_FAMILY_TABLE_ENTRY ((UINT16)0x0025)
+#define TPM_TAG_DELEGATE_SENSITIVE ((UINT16)0x0026)
+#define TPM_TAG_DELG_KEY_BLOB ((UINT16)0x0027)
+#define TPM_TAG_KEY12 ((UINT16)0x0028)
+#define TPM_TAG_CERTIFY_INFO2 ((UINT16)0x0029)
+#define TPM_TAG_DELEGATE_OWNER_BLOB ((UINT16)0x002a)
+#define TPM_TAG_EK_BLOB_ACTIVATE ((UINT16)0x002b)
+#define TPM_TAG_DAA_BLOB ((UINT16)0x002c)
+#define TPM_TAG_DAA_CONTEXT ((UINT16)0x002d)
+#define TPM_TAG_DAA_ENFORCE ((UINT16)0x002e)
+#define TPM_TAG_DAA_ISSUER ((UINT16)0x002f)
+#define TPM_TAG_CAP_VERSION_INFO ((UINT16)0x0030)
+#define TPM_TAG_DAA_SENSITIVE ((UINT16)0x0031)
+#define TPM_TAG_DAA_TPM ((UINT16)0x0032)
+#define TPM_TAG_CMK_MIGAUTH ((UINT16)0x0033)
+#define TPM_TAG_CMK_SIGTICKET ((UINT16)0x0034)
+#define TPM_TAG_CMK_MA_APPROVAL ((UINT16)0x0035)
+#define TPM_TAG_QUOTE_INFO2 ((UINT16)0x0036)
+#define TPM_TAG_DA_INFO ((UINT16)0x0037)
+#define TPM_TAG_DA_INFO_LIMITED ((UINT16)0x0038)
+#define TPM_TAG_DA_ACTION_TYPE ((UINT16)0x0039)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 4: Types
+typedef UINT32 TPM_RESOURCE_TYPE;
+#define TPM_RT_KEY ((UINT32)0x00000001)
+#define TPM_RT_AUTH ((UINT32)0x00000002)
+#define TPM_RT_HASH ((UINT32)0x00000003)
+#define TPM_RT_TRANS ((UINT32)0x00000004)
+#define TPM_RT_CONTEXT ((UINT32)0x00000005)
+#define TPM_RT_COUNTER ((UINT32)0x00000006)
+#define TPM_RT_DELEGATE ((UINT32)0x00000007)
+#define TPM_RT_DAA_TPM ((UINT32)0x00000008)
+#define TPM_RT_DAA_V0 ((UINT32)0x00000009)
+#define TPM_RT_DAA_V1 ((UINT32)0x0000000a)
+
+
+typedef BYTE TPM_PAYLOAD_TYPE; /* 1.1b */
+#define TPM_PT_ASYM ((BYTE)0x01) /* 1.1b */
+#define TPM_PT_BIND ((BYTE)0x02) /* 1.1b */
+#define TPM_PT_MIGRATE ((BYTE)0x03) /* 1.1b */
+#define TPM_PT_MAINT ((BYTE)0x04) /* 1.1b */
+#define TPM_PT_SEAL ((BYTE)0x05) /* 1.1b */
+#define TPM_PT_MIGRATE_RESTRICTED ((BYTE)0x06)
+#define TPM_PT_MIGRATE_EXTERNAL ((BYTE)0x07)
+#define TPM_PT_CMK_MIGRATE ((BYTE)0x08)
+
+
+typedef UINT16 TPM_ENTITY_TYPE; /* 1.1b */
+#define TPM_ET_KEYHANDLE ((UINT16)0x0001) /* 1.1b */
+#define TPM_ET_OWNER ((UINT16)0x0002) /* 1.1b */
+#define TPM_ET_DATA ((UINT16)0x0003) /* 1.1b */
+#define TPM_ET_SRK ((UINT16)0x0004) /* 1.1b */
+#define TPM_ET_KEY ((UINT16)0x0005) /* 1.1b */
+#define TPM_ET_REVOKE ((UINT16)0x0006)
+#define TPM_ET_DEL_OWNER_BLOB ((UINT16)0x0007)
+#define TPM_ET_DEL_ROW ((UINT16)0x0008)
+#define TPM_ET_DEL_KEY_BLOB ((UINT16)0x0009)
+#define TPM_ET_COUNTER ((UINT16)0x000a)
+#define TPM_ET_NV ((UINT16)0x000b)
+#define TPM_ET_OPERATOR ((UINT16)0x000c)
+#define TPM_ET_RESERVED_HANDLE ((UINT16)0x0040)
+
+/* The following values may be ORed into the MSB of the TPM_ENTITY_TYPE
+ * to indicate particular encryption scheme
+ */
+#define TPM_ET_XOR ((BYTE)0x00)
+#define TPM_ET_AES ((BYTE)0x06)
+
+typedef UINT32 TPM_KEY_HANDLE; /* 1.1b */
+#define TPM_KH_SRK ((UINT32)0x40000000)
+#define TPM_KH_OWNER ((UINT32)0x40000001)
+#define TPM_KH_REVOKE ((UINT32)0x40000002)
+#define TPM_KH_TRANSPORT ((UINT32)0x40000003)
+#define TPM_KH_OPERATOR ((UINT32)0x40000004)
+#define TPM_KH_ADMIN ((UINT32)0x40000005)
+#define TPM_KH_EK ((UINT32)0x40000006)
+/* 1.1b used different names, but the same values */
+#define TPM_KEYHND_SRK (TPM_KH_SRK) /* 1.1b */
+#define TPM_KEYHND_OWNER (TPM_KH_OWNER) /* 1.1b */
+
+
+typedef UINT16 TPM_STARTUP_TYPE; /* 1.1b */
+#define TPM_ST_CLEAR ((UINT16)0x0001) /* 1.1b */
+#define TPM_ST_STATE ((UINT16)0x0002) /* 1.1b */
+#define TPM_ST_DEACTIVATED ((UINT16)0x0003) /* 1.1b */
+
+
+//typedef UINT32 TPM_STARTUP_EFFECTS;
+// 32-bit mask, see spec for meaning. Names not currently defined.
+// bits 0-8 have meaning
+
+typedef UINT16 TPM_PROTOCOL_ID; /* 1.1b */
+#define TPM_PID_OIAP ((UINT16)0x0001) /* 1.1b */
+#define TPM_PID_OSAP ((UINT16)0x0002) /* 1.1b */
+#define TPM_PID_ADIP ((UINT16)0x0003) /* 1.1b */
+#define TPM_PID_ADCP ((UINT16)0x0004) /* 1.1b */
+#define TPM_PID_OWNER ((UINT16)0x0005) /* 1.1b */
+#define TPM_PID_DSAP ((UINT16)0x0006)
+#define TPM_PID_TRANSPORT ((UINT16)0x0007)
+
+
+// Note in 1.2 rev 104, DES and 3DES are eliminated
+typedef UINT32 TPM_ALGORITHM_ID; /* 1.1b */
+#define TPM_ALG_RSA ((UINT32)0x00000001) /* 1.1b */
+#define TPM_ALG_DES ((UINT32)0x00000002) /* 1.1b */
+#define TPM_ALG_3DES ((UINT32)0x00000003) /* 1.1b */
+#define TPM_ALG_SHA ((UINT32)0x00000004) /* 1.1b */
+#define TPM_ALG_HMAC ((UINT32)0x00000005) /* 1.1b */
+#define TPM_ALG_AES ((UINT32)0x00000006) /* 1.1b */
+#define TPM_ALG_AES128 (TPM_ALG_AES)
+#define TPM_ALG_MGF1 ((UINT32)0x00000007)
+#define TPM_ALG_AES192 ((UINT32)0x00000008)
+#define TPM_ALG_AES256 ((UINT32)0x00000009)
+#define TPM_ALG_XOR ((UINT32)0x0000000a)
+
+
+typedef UINT16 TPM_PHYSICAL_PRESENCE; /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_LOCK ((UINT16)0x0004) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_PRESENT ((UINT16)0x0008) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_NOTPRESENT ((UINT16)0x0010) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_CMD_ENABLE ((UINT16)0x0020) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_HW_ENABLE ((UINT16)0x0040) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ((UINT16)0x0080) /* 1.1b */
+#define TPM_PHYSICAL_PRESENCE_CMD_DISABLE ((UINT16)0x0100)
+#define TPM_PHYSICAL_PRESENCE_HW_DISABLE ((UINT16)0x0200)
+
+
+typedef UINT16 TPM_MIGRATE_SCHEME; /* 1.1b */
+#define TPM_MS_MIGRATE ((UINT16)0x0001) /* 1.1b */
+#define TPM_MS_REWRAP ((UINT16)0x0002) /* 1.1b */
+#define TPM_MS_MAINT ((UINT16)0x0003) /* 1.1b */
+#define TPM_MS_RESTRICT_MIGRATE ((UINT16)0x0004)
+#define TPM_MS_RESTRICT_APPROVE_DOUBLE ((UINT16)0x0005)
+
+
+typedef UINT16 TPM_EK_TYPE;
+#define TPM_EK_TYPE_ACTIVATE ((UINT16)0x0001)
+#define TPM_EK_TYPE_AUTH ((UINT16)0x0002)
+
+
+typedef UINT16 TPM_PLATFORM_SPECIFIC;
+#define TPM_PS_PC_11 ((UINT16)0x0001)
+#define TPM_PS_PC_12 ((UINT16)0x0002)
+#define TPM_PS_PDA_12 ((UINT16)0x0003)
+#define TPM_PS_Server_12 ((UINT16)0x0004)
+#define TPM_PS_Mobile_12 ((UINT16)0x0005)
+
+//-------------------------------------------------------------------
+// Part 2, section 5: Basic Structures
+
+typedef struct tdTPM_STRUCT_VER
+{
+ BYTE major;
+ BYTE minor;
+ BYTE revMajor;
+ BYTE revMinor;
+} TPM_STRUCT_VER;
+
+typedef struct tdTPM_VERSION_BYTE
+{
+ // This needs to be made compiler-independent.
+ int leastSigVer : 4; // least significant 4 bits
+ int mostSigVer : 4; // most significant 4 bits
+} TPM_VERSION_BYTE;
+
+typedef struct tdTPM_VERSION
+{
+ BYTE major; // Should really be a TPM_VERSION_BYTE
+ BYTE minor; // Should really be a TPM_VERSION_BYTE
+ BYTE revMajor;
+ BYTE revMinor;
+} TPM_VERSION;
+
+
+// Put this in the right place:
+// byte size definition for 160 bit SHA1 hash value
+#define TPM_SHA1_160_HASH_LEN 0x14
+#define TPM_SHA1BASED_NONCE_LEN TPM_SHA1_160_HASH_LEN
+
+typedef struct tdTPM_DIGEST
+{
+ BYTE digest[TPM_SHA1_160_HASH_LEN];
+} TPM_DIGEST;
+
+typedef TPM_DIGEST TPM_CHOSENID_HASH;
+typedef TPM_DIGEST TPM_COMPOSITE_HASH;
+typedef TPM_DIGEST TPM_DIRVALUE;
+typedef TPM_DIGEST TPM_HMAC;
+typedef TPM_DIGEST TPM_PCRVALUE;
+typedef TPM_DIGEST TPM_AUDITDIGEST;
+
+typedef struct tdTPM_NONCE /* 1.1b */
+{
+ BYTE nonce[TPM_SHA1BASED_NONCE_LEN];
+} TPM_NONCE;
+
+typedef TPM_NONCE TPM_DAA_TPM_SEED;
+typedef TPM_NONCE TPM_DAA_CONTEXT_SEED;
+
+typedef struct tdTPM_AUTHDATA /* 1.1b */
+{
+ BYTE authdata[TPM_SHA1_160_HASH_LEN];
+} TPM_AUTHDATA;
+
+typedef TPM_AUTHDATA TPM_SECRET;
+typedef TPM_AUTHDATA TPM_ENCAUTH;
+
+
+typedef struct tdTPM_KEY_HANDLE_LIST /* 1.1b */
+{
+ UINT16 loaded;
+ SIZEIS(loaded)
+ TPM_KEY_HANDLE *handle;
+} TPM_KEY_HANDLE_LIST;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.8: Key usage values
+
+typedef UINT16 TPM_KEY_USAGE; /* 1.1b */
+#define TPM_KEY_SIGNING ((UINT16)0x0010) /* 1.1b */
+#define TPM_KEY_STORAGE ((UINT16)0x0011) /* 1.1b */
+#define TPM_KEY_IDENTITY ((UINT16)0x0012) /* 1.1b */
+#define TPM_KEY_AUTHCHANGE ((UINT16)0x0013) /* 1.1b */
+#define TPM_KEY_BIND ((UINT16)0x0014) /* 1.1b */
+#define TPM_KEY_LEGACY ((UINT16)0x0015) /* 1.1b */
+#define TPM_KEY_MIGRATE ((UINT16)0x0016)
+
+typedef UINT16 TPM_SIG_SCHEME; /* 1.1b */
+#define TPM_SS_NONE ((UINT16)0x0001) /* 1.1b */
+#define TPM_SS_RSASSAPKCS1v15_SHA1 ((UINT16)0x0002) /* 1.1b */
+#define TPM_SS_RSASSAPKCS1v15_DER ((UINT16)0x0003) /* 1.1b */
+#define TPM_SS_RSASSAPKCS1v15_INFO ((UINT16)0x0004)
+
+typedef UINT16 TPM_ENC_SCHEME; /* 1.1b */
+#define TPM_ES_NONE ((UINT16)0x0001) /* 1.1b */
+#define TPM_ES_RSAESPKCSv15 ((UINT16)0x0002) /* 1.1b */
+#define TPM_ES_RSAESOAEP_SHA1_MGF1 ((UINT16)0x0003) /* 1.1b */
+#define TPM_ES_SYM_CNT ((UINT16)0x0004)
+#define TPM_ES_SYM_CTR TPM_ES_SYM_CNT
+#define TPM_ES_SYM_OFB ((UINT16)0x0005)
+#define TPM_ES_SYM_CBC_PKCS5PAD ((UINT16)0x00ff)
+
+//-------------------------------------------------------------------
+// Part 2, section 5.9: TPM_AUTH_DATA_USAGE values
+
+typedef BYTE TPM_AUTH_DATA_USAGE; /* 1.1b */
+#define TPM_AUTH_NEVER ((BYTE)0x00) /* 1.1b */
+#define TPM_AUTH_ALWAYS ((BYTE)0x01) /* 1.1b */
+#define TPM_AUTH_PRIV_USE_ONLY ((BYTE)0x11)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.10: TPM_KEY_FLAGS flags
+
+typedef UINT32 TPM_KEY_FLAGS; /* 1.1b */
+#define TPM_REDIRECTION ((UINT32)0x00000001) /* 1.1b */
+#define TPM_MIGRATABLE ((UINT32)0x00000002) /* 1.1b */
+#define TPM_VOLATILE ((UINT32)0x00000004) /* 1.1b */
+#define TPM_PCRIGNOREDONREAD ((UINT32)0x00000008)
+#define TPM_MIGRATEAUTHORITY ((UINT32)0x00000010)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.11: TPM_CHANGEAUTH_VALIDATE
+
+typedef struct tdTPM_CHANGEAUTH_VALIDATE
+{
+ TPM_SECRET newAuthSecret;
+ TPM_NONCE n1;
+} TPM_CHANGEAUTH_VALIDATE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH
+// declared after section 10 to catch declaration of TPM_PUBKEY
+
+//-------------------------------------------------------------------
+// Part 2, section 5.13: TPM_COUNTER_VALUE;
+
+typedef UINT32 TPM_ACTUAL_COUNT;
+typedef struct tdTPM_COUNTER_VALUE
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE label[4];
+ TPM_ACTUAL_COUNT counter;
+} TPM_COUNTER_VALUE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.14: TPM_SIGN_INFO structure
+
+typedef struct tdTPM_SIGN_INFO
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE fixed[4];
+ TPM_NONCE replay;
+ UINT32 dataLen;
+ SIZEIS(dataLen)
+ BYTE *data;
+} TPM_SIGN_INFO;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.15: TPM_MSA_COMPOSITE
+
+typedef struct tdTPM_MSA_COMPOSITE
+{
+ UINT32 MSAlist;
+ SIZEIS(MSAlist)
+ TPM_DIGEST *migAuthDigest;
+} TPM_MSA_COMPOSITE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.16: TPM_CMK_AUTH
+
+typedef struct tdTPM_CMK_AUTH
+{
+ TPM_DIGEST migrationAuthorityDigest;
+ TPM_DIGEST destinationKeyDigest;
+ TPM_DIGEST sourceKeyDigest;
+} TPM_CMK_AUTH;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.17: TPM_CMK_DELEGATE
+
+typedef UINT32 TPM_CMK_DELEGATE;
+#define TPM_CMK_DELEGATE_SIGNING (((UINT32)1)<<31)
+#define TPM_CMK_DELEGATE_STORAGE (((UINT32)1)<<30)
+#define TPM_CMK_DELEGATE_BIND (((UINT32)1)<<29)
+#define TPM_CMK_DELEGATE_LEGACY (((UINT32)1)<<28)
+#define TPM_CMK_DELEGATE_MIGRATE (((UINT32)1)<<27)
+
+//-------------------------------------------------------------------
+// Part 2, section 5.18: TPM_SELECT_SIZE
+
+typedef struct tdTPM_SELECT_SIZE
+{
+ BYTE major;
+ BYTE minor;
+ UINT16 reqSize;
+} TPM_SELECT_SIZE;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.19: TPM_CMK_MIGAUTH
+
+typedef struct tdTPM_CMK_MIGAUTH
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST msaDigest;
+ TPM_DIGEST pubKeyDigest;
+} TPM_CMK_MIGAUTH;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.20: TPM_CMK_SIGTICKET
+
+typedef struct tdTPM_CMK_SIGTICKET
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST verKeyDigest;
+ TPM_DIGEST signedData;
+} TPM_CMK_SIGTICKET;
+
+//-------------------------------------------------------------------
+// Part 2, section 5.21: TPM_CMK_MA_APPROVAL
+
+typedef struct tdTPM_CMK_MA_APPROVAL
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST migrationAuthorityDigest;
+} TPM_CMK_MA_APPROVAL;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 6: Command Tags
+
+typedef UINT16 TPM_TAG; /* 1.1b */
+#define TPM_TAG_RQU_COMMAND ((UINT16)0x00c1)
+#define TPM_TAG_RQU_AUTH1_COMMAND ((UINT16)0x00c2)
+#define TPM_TAG_RQU_AUTH2_COMMAND ((UINT16)0x00c3)
+#define TPM_TAG_RSP_COMMAND ((UINT16)0x00c4)
+#define TPM_TAG_RSP_AUTH1_COMMAND ((UINT16)0x00c5)
+#define TPM_TAG_RSP_AUTH2_COMMAND ((UINT16)0x00c6)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.1: TPM_PERMANENT_FLAGS
+
+typedef struct tdTPM_PERMANENT_FLAGS
+{
+ TPM_STRUCTURE_TAG tag;
+ TSS_BOOL disable;
+ TSS_BOOL ownership;
+ TSS_BOOL deactivated;
+ TSS_BOOL readPubek;
+ TSS_BOOL disableOwnerClear;
+ TSS_BOOL allowMaintenance;
+ TSS_BOOL physicalPresenceLifetimeLock;
+ TSS_BOOL physicalPresenceHWEnable;
+ TSS_BOOL physicalPresenceCMDEnable;
+ TSS_BOOL CEKPUsed;
+ TSS_BOOL TPMpost;
+ TSS_BOOL TPMpostLock;
+ TSS_BOOL FIPS;
+ TSS_BOOL Operator;
+ TSS_BOOL enableRevokeEK;
+ TSS_BOOL nvLocked;
+ TSS_BOOL readSRKPub;
+ TSS_BOOL tpmEstablished;
+ TSS_BOOL maintenanceDone;
+ TSS_BOOL disableFullDALogicInfo;
+} TPM_PERMANENT_FLAGS;
+
+#define TPM_PF_DISABLE ((UINT32)0x00000001)
+#define TPM_PF_OWNERSHIP ((UINT32)0x00000002)
+#define TPM_PF_DEACTIVATED ((UINT32)0x00000003)
+#define TPM_PF_READPUBEK ((UINT32)0x00000004)
+#define TPM_PF_DISABLEOWNERCLEAR ((UINT32)0x00000005)
+#define TPM_PF_ALLOWMAINTENANCE ((UINT32)0x00000006)
+#define TPM_PF_PHYSICALPRESENCELIFETIMELOCK ((UINT32)0x00000007)
+#define TPM_PF_PHYSICALPRESENCEHWENABLE ((UINT32)0x00000008)
+#define TPM_PF_PHYSICALPRESENCECMDENABLE ((UINT32)0x00000009)
+#define TPM_PF_CEKPUSED ((UINT32)0x0000000A)
+#define TPM_PF_TPMPOST ((UINT32)0x0000000B)
+#define TPM_PF_TPMPOSTLOCK ((UINT32)0x0000000C)
+#define TPM_PF_FIPS ((UINT32)0x0000000D)
+#define TPM_PF_OPERATOR ((UINT32)0x0000000E)
+#define TPM_PF_ENABLEREVOKEEK ((UINT32)0x0000000F)
+#define TPM_PF_NV_LOCKED ((UINT32)0x00000010)
+#define TPM_PF_READSRKPUB ((UINT32)0x00000011)
+#define TPM_PF_RESETESTABLISHMENTBIT ((UINT32)0x00000012)
+#define TPM_PF_MAINTENANCEDONE ((UINT32)0x00000013)
+#define TPM_PF_DISABLEFULLDALOGICINFO ((UINT32)0x00000014)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.2: TPM_STCLEAR_FLAGS
+
+typedef struct tdTPM_STCLEAR_FLAGS
+{
+ TPM_STRUCTURE_TAG tag;
+ TSS_BOOL deactivated;
+ TSS_BOOL disableForceClear;
+ TSS_BOOL physicalPresence;
+ TSS_BOOL physicalPresenceLock;
+ TSS_BOOL bGlobalLock;
+} TPM_STCLEAR_FLAGS;
+
+#define TPM_SF_DEACTIVATED ((UINT32)0x00000001)
+#define TPM_SF_DISABLEFORCECLEAR ((UINT32)0x00000002)
+#define TPM_SF_PHYSICALPRESENCE ((UINT32)0x00000003)
+#define TPM_SF_PHYSICALPRESENCELOCK ((UINT32)0x00000004)
+#define TPM_SF_GLOBALLOCK ((UINT32)0x00000005)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.3: TPM_STANY_FLAGS
+
+typedef struct tdTPM_STANY_FLAGS
+{
+ TPM_STRUCTURE_TAG tag;
+ TSS_BOOL postInitialise;
+ TPM_MODIFIER_INDICATOR localityModifier;
+ TSS_BOOL transportExclusive;
+ TSS_BOOL TOSPresent;
+} TPM_STANY_FLAGS;
+
+#define TPM_AF_POSTINITIALIZE ((UINT32)0x00000001)
+#define TPM_AF_LOCALITYMODIFIER ((UINT32)0x00000002)
+#define TPM_AF_TRANSPORTEXCLUSIVE ((UINT32)0x00000003)
+#define TPM_AF_TOSPRESENT ((UINT32)0x00000004)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.4: TPM_PERMANENT_DATA
+// available inside TPM only
+//
+//#define TPM_MIN_COUNTERS 4
+//#define TPM_NUM_PCR 16
+//#define TPM_MAX_NV_WRITE_NOOWNER 64
+//
+//typedef struct tdTPM_PERMANENT_DATA
+//{
+// TPM_STRUCTURE_TAG tag;
+// BYTE revMajor;
+// BYTE revMinor;
+// TPM_NONCE tpmProof;
+// TPM_NONCE ekReset;
+// TPM_SECRET ownerAuth;
+// TPM_SECRET operatorAuth;
+// TPM_DIRVALUE authDIR[1];
+// TPM_PUBKEY manuMaintPub;
+// TPM_KEY endorsementKey;
+// TPM_KEY srk;
+// TPM_KEY contextKey;
+// TPM_KEY delegateKey;
+// TPM_COUNTER_VALUE auditMonotonicCounter;
+// TPM_COUNTER_VALUE monitonicCounter[TPM_MIN_COUNTERS];
+// TPM_PCR_ATTRIBUTES pcrAttrib[TPM_NUM_PCR];
+// BYTE ordinalAuditStatus[];
+// BYTE *rngState;
+// TPM_FAMILY_TABLE familyTable;
+// TPM_DELEGATE_TABLE delegateTable;
+// UINT32 maxNVBufSize;
+// UINT32 lastFamilyID;
+// UINT32 noOwnerNVWrite;
+// TPM_CMK_DELEGATE restrictDelegate;
+// TPM_DAA_TPM_SEED tpmDAASeed;
+// TPM_NONCE daaProof;
+// TPM_NONCE daaBlobKey;
+//} TPM_PERMANENT_DATA;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.5: TPM_STCLEAR_DATA
+// available inside TPM only
+//
+//typedef struct tdTPM_STCLEAR_DATA
+//{
+// TPM_STRUCTURE_TAG tag;
+// TPM_NONCE contextNonceKey;
+// TPM_COUNT_ID countID;
+// UINT32 ownerReference;
+// TPM_BOOL disableResetLock;
+// TPM_PCRVALUE PCR[TPM_NUM_PCR];
+// UINT32 deferredPhysicalPresence;
+//} TPM_STCLEAR_DATA;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 7.5: TPM_STANY_DATA
+// available inside TPM only
+//
+//typedef struct tdTPM_STANY_DATA
+//{
+// TPM_STRUCTURE_TAG tag;
+// TPM_NONCE contextNonceSession;
+// TPM_DIGEST auditDigest;
+// TPM_CURRENT_TICKS currentTicks;
+// UINT32 contextCount;
+// UINT32 contextList[TPM_MIN_SESSION_LIST];
+// TPM_SESSION_DATA sessions[TPM_MIN_SESSIONS];
+// // The following appear in section 22.6 but not in 7.5
+// TPM_DAA_ISSUER DAA_issuerSettings;
+// TPM_DAA_TPM DAA_tpmSpecific;
+// TPM_DAA_CONTEXT DAA_session;
+// TPM_DAA_JOINDATA DAA_joinSession;
+//} TPM_STANY_DATA;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 8: PCR Structures
+
+typedef BYTE TPM_LOCALITY_SELECTION;
+#define TPM_LOC_FOUR (((UINT32)1)<<4)
+#define TPM_LOC_THREE (((UINT32)1)<<3)
+#define TPM_LOC_TWO (((UINT32)1)<<2)
+#define TPM_LOC_ONE (((UINT32)1)<<1)
+#define TPM_LOC_ZERO (((UINT32)1)<<0)
+
+typedef struct tdTPM_PCR_SELECTION /* 1.1b */
+{
+ UINT16 sizeOfSelect;
+ SIZEIS(sizeOfSelect)
+ BYTE *pcrSelect;
+} TPM_PCR_SELECTION;
+
+typedef struct tdTPM_PCR_COMPOSITE /* 1.1b */
+{
+ TPM_PCR_SELECTION select;
+ UINT32 valueSize;
+ SIZEIS(valueSize)
+ TPM_PCRVALUE *pcrValue;
+} TPM_PCR_COMPOSITE;
+
+typedef struct tdTPM_PCR_INFO /* 1.1b */
+{
+ TPM_PCR_SELECTION pcrSelection;
+ TPM_COMPOSITE_HASH digestAtRelease;
+ TPM_COMPOSITE_HASH digestAtCreation;
+} TPM_PCR_INFO;
+
+typedef struct tdTPM_PCR_INFO_LONG
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_LOCALITY_SELECTION localityAtCreation;
+ TPM_LOCALITY_SELECTION localityAtRelease;
+ TPM_PCR_SELECTION creationPCRSelection;
+ TPM_PCR_SELECTION releasePCRSelection;
+ TPM_COMPOSITE_HASH digestAtCreation;
+ TPM_COMPOSITE_HASH digestAtRelease;
+} TPM_PCR_INFO_LONG;
+
+typedef struct tdTPM_PCR_INFO_SHORT
+{
+ TPM_PCR_SELECTION pcrSelection;
+ TPM_LOCALITY_SELECTION localityAtRelease;
+ TPM_COMPOSITE_HASH digestAtRelease;
+} TPM_PCR_INFO_SHORT;
+
+typedef struct tdTPM_PCR_ATTRIBUTES
+{
+ BYTE pcrReset;
+ TPM_LOCALITY_SELECTION pcrExtendLocal;
+ TPM_LOCALITY_SELECTION pcrResetLocal;
+} TPM_PCR_ATTRIBUTES;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 9:
+
+typedef struct tdTPM_STORED_DATA /* 1.1b */
+{
+ TPM_STRUCT_VER ver;
+ UINT32 sealInfoSize;
+ SIZEIS(sealInfoSize)
+ BYTE *sealInfo;
+ UINT32 encDataSize;
+ SIZEIS(encDataSize)
+ BYTE *encData;
+} TPM_STORED_DATA;
+
+typedef struct tdTPM_STORED_DATA12
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_ENTITY_TYPE et;
+ UINT32 sealInfoSize;
+ SIZEIS(sealInfoSize)
+ BYTE *sealInfo;
+ UINT32 encDataSize;
+ SIZEIS(encDataSize)
+ BYTE *encData;
+} TPM_STORED_DATA12;
+
+typedef struct tdTPM_SEALED_DATA /* 1.1b */
+{
+ TPM_PAYLOAD_TYPE payload;
+ TPM_SECRET authData;
+ TPM_NONCE tpmProof;
+ TPM_DIGEST storedDigest;
+ UINT32 dataSize;
+ SIZEIS(dataSize)
+ BYTE *data;
+} TPM_SEALED_DATA;
+
+typedef struct tdTPM_SYMMETRIC_KEY /* 1.1b */
+{
+ TPM_ALGORITHM_ID algId;
+ TPM_ENC_SCHEME encScheme;
+ UINT16 size;
+ SIZEIS(size)
+ BYTE *data;
+} TPM_SYMMETRIC_KEY;
+
+typedef struct tdTPM_BOUND_DATA
+{
+ TPM_STRUCT_VER ver;
+ TPM_PAYLOAD_TYPE payload;
+ BYTE *payloadData; // length is implied
+} TPM_BOUND_DATA;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 10: TPM_KEY complex
+
+typedef struct tdTPM_KEY_PARMS /* 1.1b */
+{
+ TPM_ALGORITHM_ID algorithmID;
+ TPM_ENC_SCHEME encScheme;
+ TPM_SIG_SCHEME sigScheme;
+ UINT32 parmSize;
+ SIZEIS(parmSize)
+ BYTE *parms;
+} TPM_KEY_PARMS;
+
+typedef struct tdTPM_RSA_KEY_PARMS /* 1.1b */
+{
+ UINT32 keyLength;
+ UINT32 numPrimes;
+ UINT32 exponentSize;
+ SIZEIS(exponentSize)
+ BYTE *exponent;
+} TPM_RSA_KEY_PARMS;
+
+typedef struct tdTPM_SYMMETRIC_KEY_PARMS
+{
+ UINT32 keyLength;
+ UINT32 blockSize;
+ UINT32 ivSize;
+ SIZEIS(ivSize)
+ BYTE *IV;
+} TPM_SYMMETRIC_KEY_PARMS;
+
+typedef struct tdTPM_STORE_PUBKEY /* 1.1b */
+{
+ UINT32 keyLength;
+ SIZEIS(keyLength)
+ BYTE *key;
+} TPM_STORE_PUBKEY;
+
+typedef struct tdTPM_PUBKEY /* 1.1b */
+{
+ TPM_KEY_PARMS algorithmParms;
+ TPM_STORE_PUBKEY pubKey;
+} TPM_PUBKEY;
+
+typedef struct tdTPM_STORE_PRIVKEY /* 1.1b */
+{
+ UINT32 keyLength;
+ SIZEIS(keyLength)
+ BYTE *key;
+} TPM_STORE_PRIVKEY;
+
+typedef struct tdTPM_STORE_ASYMKEY /* 1.1b */
+{
+ TPM_PAYLOAD_TYPE payload;
+ TPM_SECRET usageAuth;
+ TPM_SECRET migrationAuth;
+ TPM_DIGEST pubDataDigest;
+ TPM_STORE_PRIVKEY privKey;
+} TPM_STORE_ASYMKEY;
+
+typedef struct tdTPM_KEY /* 1.1b */
+{
+ TPM_STRUCT_VER ver;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+ TPM_STORE_PUBKEY pubKey;
+ UINT32 encSize;
+ SIZEIS(encSize)
+ BYTE *encData;
+} TPM_KEY;
+
+typedef struct tdTPM_KEY12
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT16 fill;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+ TPM_STORE_PUBKEY pubKey;
+ UINT32 encSize;
+ SIZEIS(encSize)
+ BYTE *encData;
+} TPM_KEY12;
+
+typedef struct tdTPM_MIGRATE_ASYMKEY
+{
+ TPM_PAYLOAD_TYPE payload;
+ TPM_SECRET usageAuth;
+ TPM_DIGEST pubDataDigest;
+ UINT32 partPrivKeyLen;
+ SIZEIS(partPrivKeyLen)
+ BYTE *partPrivKey;
+} TPM_MIGRATE_ASYMKEY;
+
+
+typedef UINT32 TPM_KEY_CONTROL;
+#define TPM_KEY_CONTROL_OWNER_EVICT ((UINT32)0x00000001)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH
+
+typedef struct tdTPM_MIGRATIONKEYAUTH /* 1.1b */
+{
+ TPM_PUBKEY migrationKey;
+ TPM_MIGRATE_SCHEME migrationScheme;
+ TPM_DIGEST digest;
+} TPM_MIGRATIONKEYAUTH;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 11: Signed Structures
+
+typedef struct tdTPM_CERTIFY_INFO /* 1.1b */
+{
+ TPM_STRUCT_VER version;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ TPM_DIGEST pubkeyDigest;
+ TPM_NONCE data;
+ TPM_BOOL parentPCRStatus;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+} TPM_CERTIFY_INFO;
+
+typedef struct tdTPM_CERTIFY_INFO2
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE fill;
+ TPM_PAYLOAD_TYPE payloadType;
+ TPM_KEY_USAGE keyUsage;
+ TPM_KEY_FLAGS keyFlags;
+ TPM_AUTH_DATA_USAGE authDataUsage;
+ TPM_KEY_PARMS algorithmParms;
+ TPM_DIGEST pubkeyDigest;
+ TPM_NONCE data;
+ TPM_BOOL parentPCRStatus;
+ UINT32 PCRInfoSize;
+ SIZEIS(PCRInfoSize)
+ BYTE *PCRInfo;
+ UINT32 migrationAuthoritySize;
+ SIZEIS(migrationAuthoritySize)
+ BYTE *migrationAuthority;
+} TPM_CERTIFY_INFO2;
+
+typedef struct tdTPM_QUOTE_INFO /* 1.1b */
+{
+ TPM_STRUCT_VER version;
+ BYTE fixed[4];
+ TPM_COMPOSITE_HASH compositeHash; /* in 1.2 TPM spec, named digestValue */
+ TPM_NONCE externalData;
+} TPM_QUOTE_INFO;
+
+typedef struct tdTPM_QUOTE_INFO2
+{
+ TPM_STRUCTURE_TAG tag;
+ BYTE fixed[4];
+ TPM_NONCE externalData;
+ TPM_PCR_INFO_SHORT infoShort;
+} TPM_QUOTE_INFO2;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 12: Identity Structures
+
+
+typedef struct tdTPM_EK_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_EK_TYPE ekType;
+ UINT32 blobSize;
+ SIZEIS(blobSize)
+ BYTE *blob;
+} TPM_EK_BLOB;
+
+typedef struct tdTPM_EK_BLOB_ACTIVATE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_SYMMETRIC_KEY sessionKey;
+ TPM_DIGEST idDigest;
+ TPM_PCR_INFO_SHORT pcrInfo;
+} TPM_EK_BLOB_ACTIVATE;
+
+typedef struct tdTPM_EK_BLOB_AUTH
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_SECRET authValue;
+} TPM_EK_BLOB_AUTH;
+
+
+typedef struct tdTPM_IDENTITY_CONTENTS
+{
+ TPM_STRUCT_VER ver;
+ UINT32 ordinal;
+ TPM_CHOSENID_HASH labelPrivCADigest;
+ TPM_PUBKEY identityPubKey;
+} TPM_IDENTITY_CONTENTS;
+
+typedef struct tdTPM_IDENTITY_REQ /* 1.1b */
+{
+ UINT32 asymSize;
+ UINT32 symSize;
+ TPM_KEY_PARMS asymAlgorithm;
+ TPM_KEY_PARMS symAlgorithm;
+ SIZEIS(asymSize)
+ BYTE *asymBlob;
+ SIZEIS(symSize)
+ BYTE *symBlob;
+} TPM_IDENTITY_REQ;
+
+typedef struct tdTPM_IDENTITY_PROOF /* 1.1b */
+{
+ TPM_STRUCT_VER ver;
+ UINT32 labelSize;
+ UINT32 identityBindingSize;
+ UINT32 endorsementSize;
+ UINT32 platformSize;
+ UINT32 conformanceSize;
+ TPM_PUBKEY identityKey;
+ SIZEIS(labelSize)
+ BYTE *labelArea;
+ SIZEIS(identityBindingSize)
+ BYTE *identityBinding;
+ SIZEIS(endorsementSize)
+ BYTE *endorsementCredential;
+ SIZEIS(platformSize)
+ BYTE *platformCredential;
+ SIZEIS(conformanceSize)
+ BYTE *conformanceCredential;
+} TPM_IDENTITY_PROOF;
+
+typedef struct tdTPM_ASYM_CA_CONTENTS /* 1.1b */
+{
+ TPM_SYMMETRIC_KEY sessionKey;
+ TPM_DIGEST idDigest;
+} TPM_ASYM_CA_CONTENTS;
+
+typedef struct tdTPM_SYM_CA_ATTESTATION
+{
+ UINT32 credSize;
+ TPM_KEY_PARMS algorithm;
+ SIZEIS(credSize)
+ BYTE *credential;
+} TPM_SYM_CA_ATTESTATION;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 15: Tick Structures
+// Placed here out of order because definitions are used in section 13.
+
+typedef struct tdTPM_CURRENT_TICKS
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT64 currentTicks;
+ UINT16 tickRate;
+ TPM_NONCE tickNonce;
+} TPM_CURRENT_TICKS;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 13: Transport structures
+
+typedef UINT32 TPM_TRANSPORT_ATTRIBUTES;
+#define TPM_TRANSPORT_ENCRYPT ((UINT32)0x00000001)
+#define TPM_TRANSPORT_LOG ((UINT32)0x00000002)
+#define TPM_TRANSPORT_EXCLUSIVE ((UINT32)0x00000004)
+
+typedef struct tdTPM_TRANSPORT_PUBLIC
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_TRANSPORT_ATTRIBUTES transAttributes;
+ TPM_ALGORITHM_ID algId;
+ TPM_ENC_SCHEME encScheme;
+} TPM_TRANSPORT_PUBLIC;
+
+typedef struct tdTPM_TRANSPORT_INTERNAL
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_AUTHDATA authData;
+ TPM_TRANSPORT_PUBLIC transPublic;
+ TPM_TRANSHANDLE transHandle;
+ TPM_NONCE transNonceEven;
+ TPM_DIGEST transDigest;
+} TPM_TRANSPORT_INTERNAL;
+
+typedef struct tdTPM_TRANSPORT_LOG_IN
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST parameters;
+ TPM_DIGEST pubKeyHash;
+} TPM_TRANSPORT_LOG_IN;
+
+typedef struct tdTPM_TRANSPORT_LOG_OUT
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_CURRENT_TICKS currentTicks;
+ TPM_DIGEST parameters;
+ TPM_MODIFIER_INDICATOR locality;
+} TPM_TRANSPORT_LOG_OUT;
+
+typedef struct tdTPM_TRANSPORT_AUTH
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_AUTHDATA authData;
+} TPM_TRANSPORT_AUTH;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 14: Audit Structures
+
+typedef struct tdTPM_AUDIT_EVENT_IN
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST inputParms;
+ TPM_COUNTER_VALUE auditCount;
+} TPM_AUDIT_EVENT_IN;
+
+typedef struct tdTPM_AUDIT_EVENT_OUT
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_COMMAND_CODE ordinal;
+ TPM_DIGEST outputParms;
+ TPM_COUNTER_VALUE auditCount;
+ TPM_RESULT returnCode;
+} TPM_AUDIT_EVENT_OUT;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 16: Return codes
+
+#include <tss/tpm_error.h>
+
+
+//-------------------------------------------------------------------
+// Part 2, section 17: Ordinals
+
+#include <tss/tpm_ordinal.h>
+
+//-------------------------------------------------------------------
+// Part 2, section 18: Context structures
+
+typedef struct tdTPM_CONTEXT_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_RESOURCE_TYPE resourceType;
+ TPM_HANDLE handle;
+ BYTE label[16];
+ UINT32 contextCount;
+ TPM_DIGEST integrityDigest;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalData;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveData;
+} TPM_CONTEXT_BLOB;
+
+typedef struct tdTPM_CONTEXT_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NONCE contextNonce;
+ UINT32 internalSize;
+ SIZEIS(internalSize)
+ BYTE *internalData;
+} TPM_CONTEXT_SENSITIVE;
+
+//-------------------------------------------------------------------
+// Part 2, section 19: NV Structures
+
+typedef UINT32 TPM_NV_INDEX;
+#define TPM_NV_INDEX_LOCK ((UINT32)0xffffffff)
+#define TPM_NV_INDEX0 ((UINT32)0x00000000)
+#define TPM_NV_INDEX_DIR ((UINT32)0x10000001)
+#define TPM_NV_INDEX_EKCert ((UINT32)0x0000f000)
+#define TPM_NV_INDEX_TPM_CC ((UINT32)0x0000f001)
+#define TPM_NV_INDEX_PlatformCert ((UINT32)0x0000f002)
+#define TPM_NV_INDEX_Platform_CC ((UINT32)0x0000f003)
+// The following define ranges of reserved indices.
+#define TPM_NV_INDEX_TSS_BASE ((UINT32)0x00011100)
+#define TPM_NV_INDEX_PC_BASE ((UINT32)0x00011200)
+#define TPM_NV_INDEX_SERVER_BASE ((UINT32)0x00011300)
+#define TPM_NV_INDEX_MOBILE_BASE ((UINT32)0x00011400)
+#define TPM_NV_INDEX_PERIPHERAL_BASE ((UINT32)0x00011500)
+#define TPM_NV_INDEX_GROUP_RESV_BASE ((UINT32)0x00010000)
+
+
+typedef UINT32 TPM_NV_PER_ATTRIBUTES;
+#define TPM_NV_PER_READ_STCLEAR (((UINT32)1)<<31)
+#define TPM_NV_PER_AUTHREAD (((UINT32)1)<<18)
+#define TPM_NV_PER_OWNERREAD (((UINT32)1)<<17)
+#define TPM_NV_PER_PPREAD (((UINT32)1)<<16)
+#define TPM_NV_PER_GLOBALLOCK (((UINT32)1)<<15)
+#define TPM_NV_PER_WRITE_STCLEAR (((UINT32)1)<<14)
+#define TPM_NV_PER_WRITEDEFINE (((UINT32)1)<<13)
+#define TPM_NV_PER_WRITEALL (((UINT32)1)<<12)
+#define TPM_NV_PER_AUTHWRITE (((UINT32)1)<<2)
+#define TPM_NV_PER_OWNERWRITE (((UINT32)1)<<1)
+#define TPM_NV_PER_PPWRITE (((UINT32)1)<<0)
+
+typedef struct tdTPM_NV_ATTRIBUTES
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_PER_ATTRIBUTES attributes;
+} TPM_NV_ATTRIBUTES;
+
+
+typedef struct tdTPM_NV_DATA_PUBLIC
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_INDEX nvIndex;
+ TPM_PCR_INFO_SHORT pcrInfoRead;
+ TPM_PCR_INFO_SHORT pcrInfoWrite;
+ TPM_NV_ATTRIBUTES permission;
+ TPM_BOOL bReadSTClear;
+ TPM_BOOL bWriteSTClear;
+ TPM_BOOL bWriteDefine;
+ UINT32 dataSize;
+} TPM_NV_DATA_PUBLIC;
+
+
+#if 0
+// Internal to TPM:
+typedef struct tdTPM_NV_DATA_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NV_DATA_PUBLIC pubInfo;
+ TPM_AUTHDATA authValue;
+ SIZEIS(pubInfo.dataSize)
+ BYTE *data;
+} TPM_NV_DATA_SENSITIVE;
+#endif
+
+
+//-------------------------------------------------------------------
+// Part 2, section 20: Delegation
+
+//-------------------------------------------------------------------
+// Part 2, section 20.3: Owner Permissions Settings for per1 bits
+#define TPM_DELEGATE_SetOrdinalAuditStatus (((UINT32)1)<<30)
+#define TPM_DELEGATE_DirWriteAuth (((UINT32)1)<<29)
+#define TPM_DELEGATE_CMK_ApproveMA (((UINT32)1)<<28)
+#define TPM_DELEGATE_NV_WriteValue (((UINT32)1)<<27)
+#define TPM_DELEGATE_CMK_CreateTicket (((UINT32)1)<<26)
+#define TPM_DELEGATE_NV_ReadValue (((UINT32)1)<<25)
+#define TPM_DELEGATE_Delegate_LoadOwnerDelegation (((UINT32)1)<<24)
+#define TPM_DELEGATE_DAA_Join (((UINT32)1)<<23)
+#define TPM_DELEGATE_AuthorizeMigrationKey (((UINT32)1)<<22)
+#define TPM_DELEGATE_CreateMaintenanceArchive (((UINT32)1)<<21)
+#define TPM_DELEGATE_LoadMaintenanceArchive (((UINT32)1)<<20)
+#define TPM_DELEGATE_KillMaintenanceFeature (((UINT32)1)<<19)
+#define TPM_DELEGATE_OwnerReadInternalPub (((UINT32)1)<<18)
+#define TPM_DELEGATE_ResetLockValue (((UINT32)1)<<17)
+#define TPM_DELEGATE_OwnerClear (((UINT32)1)<<16)
+#define TPM_DELEGATE_DisableOwnerClear (((UINT32)1)<<15)
+#define TPM_DELEGATE_NV_DefineSpace (((UINT32)1)<<14)
+#define TPM_DELEGATE_OwnerSetDisable (((UINT32)1)<<13)
+#define TPM_DELEGATE_SetCapability (((UINT32)1)<<12)
+#define TPM_DELEGATE_MakeIdentity (((UINT32)1)<<11)
+#define TPM_DELEGATE_ActivateIdentity (((UINT32)1)<<10)
+#define TPM_DELEGATE_OwnerReadPubek (((UINT32)1)<<9)
+#define TPM_DELEGATE_DisablePubekRead (((UINT32)1)<<8)
+#define TPM_DELEGATE_SetRedirection (((UINT32)1)<<7)
+#define TPM_DELEGATE_FieldUpgrade (((UINT32)1)<<6)
+#define TPM_DELEGATE_Delegate_UpdateVerification (((UINT32)1)<<5)
+#define TPM_DELEGATE_CreateCounter (((UINT32)1)<<4)
+#define TPM_DELEGATE_ReleaseCounterOwner (((UINT32)1)<<3)
+#define TPM_DELEGATE_DelegateManage (((UINT32)1)<<2)
+#define TPM_DELEGATE_Delegate_CreateOwnerDelegation (((UINT32)1)<<1)
+#define TPM_DELEGATE_DAA_Sign (((UINT32)1)<<0)
+
+//-------------------------------------------------------------------
+// Part 2, section 20.3: Key Permissions Settings for per1 bits
+#define TPM_KEY_DELEGATE_CMK_ConvertMigration (((UINT32)1)<<28)
+#define TPM_KEY_DELEGATE_TickStampBlob (((UINT32)1)<<27)
+#define TPM_KEY_DELEGATE_ChangeAuthAsymStart (((UINT32)1)<<26)
+#define TPM_KEY_DELEGATE_ChangeAuthAsymFinish (((UINT32)1)<<25)
+#define TPM_KEY_DELEGATE_CMK_CreateKey (((UINT32)1)<<24)
+#define TPM_KEY_DELEGATE_MigrateKey (((UINT32)1)<<23)
+#define TPM_KEY_DELEGATE_LoadKey2 (((UINT32)1)<<22)
+#define TPM_KEY_DELEGATE_EstablishTransport (((UINT32)1)<<21)
+#define TPM_KEY_DELEGATE_ReleaseTransportSigned (((UINT32)1)<<20)
+#define TPM_KEY_DELEGATE_Quote2 (((UINT32)1)<<19)
+#define TPM_KEY_DELEGATE_Sealx (((UINT32)1)<<18)
+#define TPM_KEY_DELEGATE_MakeIdentity (((UINT32)1)<<17)
+#define TPM_KEY_DELEGATE_ActivateIdentity (((UINT32)1)<<16)
+#define TPM_KEY_DELEGATE_GetAuditDigestSigned (((UINT32)1)<<15)
+#define TPM_KEY_DELEGATE_Sign (((UINT32)1)<<14)
+#define TPM_KEY_DELEGATE_CertifyKey2 (((UINT32)1)<<13)
+#define TPM_KEY_DELEGATE_CertifyKey (((UINT32)1)<<12)
+#define TPM_KEY_DELEGATE_CreateWrapKey (((UINT32)1)<<11)
+#define TPM_KEY_DELEGATE_CMK_CreateBlob (((UINT32)1)<<10)
+#define TPM_KEY_DELEGATE_CreateMigrationBlob (((UINT32)1)<<9)
+#define TPM_KEY_DELEGATE_ConvertMigrationBlob (((UINT32)1)<<8)
+#define TPM_KEY_DELEGATE_CreateKeyDelegation (((UINT32)1)<<7)
+#define TPM_KEY_DELEGATE_ChangeAuth (((UINT32)1)<<6)
+#define TPM_KEY_DELEGATE_GetPubKey (((UINT32)1)<<5)
+#define TPM_KEY_DELEGATE_UnBind (((UINT32)1)<<4)
+#define TPM_KEY_DELEGATE_Quote (((UINT32)1)<<3)
+#define TPM_KEY_DELEGATE_Unseal (((UINT32)1)<<2)
+#define TPM_KEY_DELEGATE_Seal (((UINT32)1)<<1)
+#define TPM_KEY_DELEGATE_LoadKey (((UINT32)1)<<0)
+
+typedef UINT32 TPM_FAMILY_VERIFICATION;
+
+typedef UINT32 TPM_FAMILY_ID;
+
+typedef UINT32 TPM_DELEGATE_INDEX;
+
+typedef UINT32 TPM_FAMILY_OPERATION;
+#define TPM_FAMILY_CREATE ((UINT32)0x00000001)
+#define TPM_FAMILY_ENABLE ((UINT32)0x00000002)
+#define TPM_FAMILY_ADMIN ((UINT32)0x00000003)
+#define TPM_FAMILY_INVALIDATE ((UINT32)0x00000004)
+
+typedef UINT32 TPM_FAMILY_FLAGS;
+#define TPM_FAMFLAG_DELEGATE_ADMIN_LOCK (((UINT32)1)<<1)
+#define TPM_FAMFLAG_ENABLE (((UINT32)1)<<0)
+
+typedef struct tdTPM_FAMILY_LABEL
+{
+ BYTE label;
+} TPM_FAMILY_LABEL;
+
+typedef struct tdTPM_FAMILY_TABLE_ENTRY
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_FAMILY_LABEL label;
+ TPM_FAMILY_ID familyID;
+ TPM_FAMILY_VERIFICATION verificationCount;
+ TPM_FAMILY_FLAGS flags;
+} TPM_FAMILY_TABLE_ENTRY;
+
+
+#define TPM_FAMILY_TABLE_ENTRY_MIN 8
+//typedef struct tdTPM_FAMILY_TABLE
+//{
+// TPM_FAMILY_TABLE_ENTRY FamTableRow[TPM_NUM_FAMILY_TABLE_ENTRY_MIN];
+//} TPM_FAMILY_TABLE;
+
+
+typedef struct tdTPM_DELEGATE_LABEL
+{
+ BYTE label;
+} TPM_DELEGATE_LABEL;
+
+
+typedef UINT32 TPM_DELEGATE_TYPE;
+#define TPM_DEL_OWNER_BITS ((UINT32)0x00000001)
+#define TPM_DEL_KEY_BITS ((UINT32)0x00000002)
+
+typedef struct tdTPM_DELEGATIONS
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_TYPE delegateType;
+ UINT32 per1;
+ UINT32 per2;
+} TPM_DELEGATIONS;
+
+typedef struct tdTPM_DELEGATE_PUBLIC
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_LABEL label;
+ TPM_PCR_INFO_SHORT pcrInfo;
+ TPM_DELEGATIONS permissions;
+ TPM_FAMILY_ID familyID;
+ TPM_FAMILY_VERIFICATION verificationCount;
+} TPM_DELEGATE_PUBLIC;
+
+typedef struct tdTPM_DELEGATE_TABLE_ROW
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_PUBLIC pub;
+ TPM_SECRET authValue;
+} TPM_DELEGATE_TABLE_ROW;
+
+
+#define TPM_NUM_DELEGATE_TABLE_ENTRY_MIN 2
+//typedef struct tdTPM_DELEGATE_TABLE
+//{
+// TPM_DELEGATE_TABLE_ROW delRow[TPM_NUM_DELEGATE_TABLE_ENTRY_MIN];
+//} TPM_DELEGATE_TABLE;
+
+typedef struct tdTPM_DELEGATE_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_SECRET authValue;
+} TPM_DELEGATE_SENSITIVE;
+
+typedef struct tdTPM_DELEGATE_OWNER_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_PUBLIC pub;
+ TPM_DIGEST integrityDigest;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalArea;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveArea;
+} TPM_DELEGATE_OWNER_BLOB;
+
+typedef struct tdTPM_DELEGATE_KEY_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DELEGATE_PUBLIC pub;
+ TPM_DIGEST integrityDigest;
+ TPM_DIGEST pubKeyDigest;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalArea;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveArea;
+} TPM_DELEGATE_KEY_BLOB;
+
+
+//-------------------------------------------------------------------
+// Part 2, section 21.1: TPM_CAPABILITY_AREA
+
+typedef UINT32 TPM_CAPABILITY_AREA; /* 1.1b */
+#define TPM_CAP_ORD ((UINT32)0x00000001) /* 1.1b */
+#define TPM_CAP_ALG ((UINT32)0x00000002) /* 1.1b */
+#define TPM_CAP_PID ((UINT32)0x00000003) /* 1.1b */
+#define TPM_CAP_FLAG ((UINT32)0x00000004) /* 1.1b */
+#define TPM_CAP_PROPERTY ((UINT32)0x00000005) /* 1.1b */
+#define TPM_CAP_VERSION ((UINT32)0x00000006) /* 1.1b */
+#define TPM_CAP_KEY_HANDLE ((UINT32)0x00000007) /* 1.1b */
+#define TPM_CAP_CHECK_LOADED ((UINT32)0x00000008) /* 1.1b */
+#define TPM_CAP_SYM_MODE ((UINT32)0x00000009)
+#define TPM_CAP_KEY_STATUS ((UINT32)0x0000000C)
+#define TPM_CAP_NV_LIST ((UINT32)0x0000000D)
+#define TPM_CAP_MFR ((UINT32)0x00000010)
+#define TPM_CAP_NV_INDEX ((UINT32)0x00000011)
+#define TPM_CAP_TRANS_ALG ((UINT32)0x00000012)
+#define TPM_CAP_HANDLE ((UINT32)0x00000014)
+#define TPM_CAP_TRANS_ES ((UINT32)0x00000015)
+#define TPM_CAP_AUTH_ENCRYPT ((UINT32)0x00000017)
+#define TPM_CAP_SELECT_SIZE ((UINT32)0x00000018)
+#define TPM_CAP_DA_LOGIC ((UINT32)0x00000019)
+#define TPM_CAP_VERSION_VAL ((UINT32)0x0000001A)
+
+// Part 2, section 21.1: Subcap values for CAP_FLAG
+#define TPM_CAP_FLAG_PERMANENT ((UINT32)0x00000108)
+#define TPM_CAP_FLAG_VOLATILE ((UINT32)0x00000109)
+
+//-------------------------------------------------------------------
+// Part 2, section 21.2: Subcap values for CAP_PROPERTY
+
+#define TPM_CAP_PROP_PCR ((UINT32)0x00000101) /* 1.1b */
+#define TPM_CAP_PROP_DIR ((UINT32)0x00000102) /* 1.1b */
+#define TPM_CAP_PROP_MANUFACTURER ((UINT32)0x00000103) /* 1.1b */
+#define TPM_CAP_PROP_KEYS ((UINT32)0x00000104)
+#define TPM_CAP_PROP_SLOTS (TPM_CAP_PROP_KEYS)
+#define TPM_CAP_PROP_MIN_COUNTER ((UINT32)0x00000107)
+#define TPM_CAP_PROP_AUTHSESS ((UINT32)0x0000010A)
+#define TPM_CAP_PROP_TRANSSESS ((UINT32)0x0000010B)
+#define TPM_CAP_PROP_COUNTERS ((UINT32)0x0000010C)
+#define TPM_CAP_PROP_MAX_AUTHSESS ((UINT32)0x0000010D)
+#define TPM_CAP_PROP_MAX_TRANSSESS ((UINT32)0x0000010E)
+#define TPM_CAP_PROP_MAX_COUNTERS ((UINT32)0x0000010F)
+#define TPM_CAP_PROP_MAX_KEYS ((UINT32)0x00000110)
+#define TPM_CAP_PROP_OWNER ((UINT32)0x00000111)
+#define TPM_CAP_PROP_CONTEXT ((UINT32)0x00000112)
+#define TPM_CAP_PROP_MAX_CONTEXT ((UINT32)0x00000113)
+#define TPM_CAP_PROP_FAMILYROWS ((UINT32)0x00000114)
+#define TPM_CAP_PROP_TIS_TIMEOUT ((UINT32)0x00000115)
+#define TPM_CAP_PROP_STARTUP_EFFECT ((UINT32)0x00000116)
+#define TPM_CAP_PROP_DELEGATE_ROW ((UINT32)0x00000117)
+#define TPM_CAP_PROP_MAX_DAASESS ((UINT32)0x00000119)
+#define TPM_CAP_PROP_DAA_MAX TPM_CAP_PROP_MAX_DAASESS
+#define TPM_CAP_PROP_DAASESS ((UINT32)0x0000011A)
+#define TPM_CAP_PROP_SESSION_DAA TPM_CAP_PROP_DAASESS
+#define TPM_CAP_PROP_CONTEXT_DIST ((UINT32)0x0000011B)
+#define TPM_CAP_PROP_DAA_INTERRUPT ((UINT32)0x0000011C)
+#define TPM_CAP_PROP_SESSIONS ((UINT32)0x0000011D)
+#define TPM_CAP_PROP_MAX_SESSIONS ((UINT32)0x0000011E)
+#define TPM_CAP_PROP_CMK_RESTRICTION ((UINT32)0x0000011F)
+#define TPM_CAP_PROP_DURATION ((UINT32)0x00000120)
+#define TPM_CAP_PROP_ACTIVE_COUNTER ((UINT32)0x00000122)
+#define TPM_CAP_PROP_NV_AVAILABLE ((UINT32)0x00000123)
+#define TPM_CAP_PROP_INPUT_BUFFER ((UINT32)0x00000124)
+
+
+// Part 2, section 21.4: SetCapability Values
+#define TPM_SET_PERM_FLAGS ((UINT32)0x00000001)
+#define TPM_SET_PERM_DATA ((UINT32)0x00000002)
+#define TPM_SET_STCLEAR_FLAGS ((UINT32)0x00000003)
+#define TPM_SET_STCLEAR_DATA ((UINT32)0x00000004)
+#define TPM_SET_STANY_FLAGS ((UINT32)0x00000005)
+#define TPM_SET_STANY_DATA ((UINT32)0x00000006)
+#define TPM_SET_VENDOR ((UINT32)0x00000007)
+
+
+// Part 2, section 21.6: TPM_CAP_VERSION_INFO
+typedef struct tdTPM_CAP_VERSION_INFO
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_VERSION version;
+ UINT16 specLevel;
+ BYTE errataRev;
+ BYTE tpmVendorID[4];
+ UINT16 vendorSpecificSize;
+ SIZEIS(vendorSpecificSize)
+ BYTE *vendorSpecific;
+} TPM_CAP_VERSION_INFO;
+
+
+// Part 2, section 21.9: TPM_DA_STATE
+// out of order to make it available for structure definitions
+typedef BYTE TPM_DA_STATE;
+#define TPM_DA_STATE_INACTIVE (0x00)
+#define TPM_DA_STATE_ACTIVE (0x01)
+
+// Part 2, section 21.10: TPM_DA_ACTION_TYPE
+typedef struct tdTPM_DA_ACTION_TYPE
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT32 actions;
+} TPM_DA_ACTION_TYPE;
+#define TPM_DA_ACTION_TIMEOUT ((UINT32)0x00000001)
+#define TPM_DA_ACTION_DISABLE ((UINT32)0x00000002)
+#define TPM_DA_ACTION_DEACTIVATE ((UINT32)0x00000004)
+#define TPM_DA_ACTION_FAILURE_MODE ((UINT32)0x00000008)
+
+// Part 2, section 21.7: TPM_DA_INFO
+typedef struct tdTPM_DA_INFO
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DA_STATE state;
+ UINT16 currentCount;
+ UINT16 thresholdCount;
+ TPM_DA_ACTION_TYPE actionAtThreshold;
+ UINT32 actionDependValue;
+ UINT32 vendorDataSize;
+ SIZEIS(vendorDataSize)
+ BYTE *vendorData;
+} TPM_DA_INFO;
+
+// Part 2, section 21.8: TPM_DA_INFO_LIMITED
+typedef struct tdTPM_DA_INFO_LIMITED
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DA_STATE state;
+ TPM_DA_ACTION_TYPE actionAtThreshold;
+ UINT32 vendorDataSize;
+ SIZEIS(vendorDataSize)
+ BYTE *vendorData;
+} TPM_DA_INFO_LIMITED;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 22: DAA Structures
+
+#define TPM_DAA_SIZE_r0 (43)
+#define TPM_DAA_SIZE_r1 (43)
+#define TPM_DAA_SIZE_r2 (128)
+#define TPM_DAA_SIZE_r3 (168)
+#define TPM_DAA_SIZE_r4 (219)
+#define TPM_DAA_SIZE_NT (20)
+#define TPM_DAA_SIZE_v0 (128)
+#define TPM_DAA_SIZE_v1 (192)
+#define TPM_DAA_SIZE_NE (256)
+#define TPM_DAA_SIZE_w (256)
+#define TPM_DAA_SIZE_issuerModulus (256)
+#define TPM_DAA_power0 (104)
+#define TPM_DAA_power1 (1024)
+
+typedef struct tdTPM_DAA_ISSUER
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST DAA_digest_R0;
+ TPM_DIGEST DAA_digest_R1;
+ TPM_DIGEST DAA_digest_S0;
+ TPM_DIGEST DAA_digest_S1;
+ TPM_DIGEST DAA_digest_n;
+ TPM_DIGEST DAA_digest_gamma;
+ BYTE DAA_generic_q[26];
+} TPM_DAA_ISSUER;
+
+
+typedef struct tdTPM_DAA_TPM
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST DAA_digestIssuer;
+ TPM_DIGEST DAA_digest_v0;
+ TPM_DIGEST DAA_digest_v1;
+ TPM_DIGEST DAA_rekey;
+ UINT32 DAA_count;
+} TPM_DAA_TPM;
+
+typedef struct tdTPM_DAA_CONTEXT
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_DIGEST DAA_digestContext;
+ TPM_DIGEST DAA_digest;
+ TPM_DAA_CONTEXT_SEED DAA_contextSeed;
+ BYTE DAA_scratch[256];
+ BYTE DAA_stage;
+} TPM_DAA_CONTEXT;
+
+typedef struct tdTPM_DAA_JOINDATA
+{
+ BYTE DAA_join_u0[128];
+ BYTE DAA_join_u1[138];
+ TPM_DIGEST DAA_digest_n0;
+} TPM_DAA_JOINDATA;
+
+typedef struct tdTPM_DAA_BLOB
+{
+ TPM_STRUCTURE_TAG tag;
+ TPM_RESOURCE_TYPE resourceType;
+ BYTE label[16];
+ TPM_DIGEST blobIntegrity;
+ UINT32 additionalSize;
+ SIZEIS(additionalSize)
+ BYTE *additionalData;
+ UINT32 sensitiveSize;
+ SIZEIS(sensitiveSize)
+ BYTE *sensitiveData;
+} TPM_DAA_BLOB;
+
+typedef struct tdTPM_DAA_SENSITIVE
+{
+ TPM_STRUCTURE_TAG tag;
+ UINT32 internalSize;
+ SIZEIS(internalSize)
+ BYTE *internalData;
+} TPM_DAA_SENSITIVE;
+
+
+
+//-------------------------------------------------------------------
+// Part 2, section 23: Redirection
+
+// This section of the TPM spec defines exactly one value but does not
+// give it a name. The definition of TPM_SetRedirection in Part3
+// refers to exactly one name but does not give its value. We join
+// them here.
+#define TPM_REDIR_GPIO (0x00000001)
+
+
+//-------------------------------------------------------------------
+// Part 2, section 24.6: TPM_SYM_MODE
+// Deprecated by TPM 1.2 spec
+
+typedef UINT32 TPM_SYM_MODE;
+#define TPM_SYM_MODE_ECB (0x00000001)
+#define TPM_SYM_MODE_CBC (0x00000002)
+#define TPM_SYM_MODE_CFB (0x00000003)
+
+#endif // __TPM_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm_error.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm_error.h
new file mode 100644
index 0000000..ccd4af4
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm_error.h
@@ -0,0 +1,963 @@
+/*
+ * The TPM error codes extracted from the TPM main specification
+ * version 1.2 revision 85.
+ */
+
+#ifndef __TPM_ERROR_H__
+#define __TPM_ERROR_H__
+
+
+#ifndef TPM_E_BASE
+#define TPM_E_BASE ((UINT32)0)
+#endif
+
+#ifndef TPM_E_NON_FATAL
+#define TPM_E_NON_FATAL ((UINT32)0x00000800)
+#endif
+
+
+// Successful completion of the TPM operation.
+#define TPM_SUCCESS TPM_E_BASE
+
+//
+// MessageId: TPM_E_AUTHFAIL
+//
+// MessageText:
+//
+// Authentication failed
+//
+#define TPM_E_AUTHFAIL ((UINT32)(TPM_E_BASE + 0x00000001))
+
+//
+// MessageId: TPM_E_BADINDEX
+//
+// MessageText:
+//
+// The index to a PCR, DIR or other register is incorrect
+//
+#define TPM_E_BADINDEX ((UINT32)(TPM_E_BASE + 0x00000002))
+
+//
+// MessageId: TPM_E_BAD_PARAMETER
+//
+// MessageText:
+//
+// One or more parameter is bad
+//
+#define TPM_E_BAD_PARAMETER ((UINT32)(TPM_E_BASE + 0x00000003))
+
+//
+// MessageId: TPM_E_AUDITFAILURE
+//
+// MessageText:
+//
+// An operation completed successfully but the auditing of that
+// operation failed.
+//
+#define TPM_E_AUDITFAILURE ((UINT32)(TPM_E_BASE + 0x00000004))
+
+//
+// MessageId: TPM_E_CLEAR_DISABLED
+//
+// MessageText:
+//
+// The clear disable flag is set and all clear operations now require
+// physical access
+//
+#define TPM_E_CLEAR_DISABLED ((UINT32)(TPM_E_BASE + 0x00000005))
+
+//
+// MessageId: TPM_E_DEACTIVATED
+//
+// MessageText:
+//
+// The TPM is deactivated
+//
+#define TPM_E_DEACTIVATED ((UINT32)(TPM_E_BASE + 0x00000006))
+
+//
+// MessageId: TPM_E_DISABLED
+//
+// MessageText:
+//
+// The TPM is disabled
+//
+#define TPM_E_DISABLED ((UINT32)(TPM_E_BASE + 0x00000007))
+
+//
+// MessageId: TPM_E_DISABLED_CMD
+//
+// MessageText:
+//
+// The target command has been disabled
+//
+#define TPM_E_DISABLED_CMD ((UINT32)(TPM_E_BASE + 0x00000008))
+
+//
+// MessageId: TPM_E_FAIL
+//
+// MessageText:
+//
+// The operation failed
+//
+#define TPM_E_FAIL ((UINT32)(TPM_E_BASE + 0x00000009))
+
+//
+// MessageId: TPM_E_BAD_ORDINAL
+//
+// MessageText:
+//
+// The ordinal was unknown or inconsistent
+//
+#define TPM_E_BAD_ORDINAL ((UINT32)(TPM_E_BASE + 0x0000000a))
+
+//
+// MessageId: TPM_E_INSTALL_DISABLED
+//
+// MessageText:
+//
+// The ability to install an owner is disabled
+//
+#define TPM_E_INSTALL_DISABLED ((UINT32)(TPM_E_BASE + 0x0000000b))
+
+//
+// MessageId: TPM_E_INVALID_KEYHANDLE
+//
+// MessageText:
+//
+// The key handle can not be interpreted
+//
+#define TPM_E_INVALID_KEYHANDLE ((UINT32)(TPM_E_BASE + 0x0000000c))
+
+//
+// MessageId: TPM_E_KEYNOTFOUND
+//
+// MessageText:
+//
+// The key handle points to an invalid key
+//
+#define TPM_E_KEYNOTFOUND ((UINT32)(TPM_E_BASE + 0x0000000d))
+
+//
+// MessageId: TPM_E_INAPPROPRIATE_ENC
+//
+// MessageText:
+//
+// Unacceptable encryption scheme
+//
+#define TPM_E_INAPPROPRIATE_ENC ((UINT32)(TPM_E_BASE + 0x0000000e))
+
+//
+// MessageId: TPM_E_MIGRATEFAIL
+//
+// MessageText:
+//
+// Migration authorization failed
+//
+#define TPM_E_MIGRATEFAIL ((UINT32)(TPM_E_BASE + 0x0000000f))
+
+//
+// MessageId: TPM_E_INVALID_PCR_INFO
+//
+// MessageText:
+//
+// PCR information could not be interpreted
+//
+#define TPM_E_INVALID_PCR_INFO ((UINT32)(TPM_E_BASE + 0x00000010))
+
+//
+// MessageId: TPM_E_NOSPACE
+//
+// MessageText:
+//
+// No room to load key.
+//
+#define TPM_E_NOSPACE ((UINT32)(TPM_E_BASE + 0x00000011))
+
+//
+// MessageId: TPM_E_NOSRK
+//
+// MessageText:
+//
+// There is no SRK set
+//
+#define TPM_E_NOSRK ((UINT32)(TPM_E_BASE + 0x00000012))
+
+//
+// MessageId: TPM_E_NOTSEALED_BLOB
+//
+// MessageText:
+//
+// An encrypted blob is invalid or was not created by this TPM
+//
+#define TPM_E_NOTSEALED_BLOB ((UINT32)(TPM_E_BASE + 0x00000013))
+
+//
+// MessageId: TPM_E_OWNER_SET
+//
+// MessageText:
+//
+// There is already an Owner
+//
+#define TPM_E_OWNER_SET ((UINT32)(TPM_E_BASE + 0x00000014))
+
+//
+// MessageId: TPM_E_RESOURCES
+//
+// MessageText:
+//
+// The TPM has insufficient internal resources to perform the
+// requested action.
+//
+#define TPM_E_RESOURCES ((UINT32)(TPM_E_BASE + 0x00000015))
+
+//
+// MessageId: TPM_E_SHORTRANDOM
+//
+// MessageText:
+//
+// A random string was too short
+//
+#define TPM_E_SHORTRANDOM ((UINT32)(TPM_E_BASE + 0x00000016))
+
+//
+// MessageId: TPM_E_SIZE
+//
+// MessageText:
+//
+// The TPM does not have the space to perform the operation.
+//
+#define TPM_E_SIZE ((UINT32)(TPM_E_BASE + 0x00000017))
+
+//
+// MessageId: TPM_E_WRONGPCRVAL
+//
+// MessageText:
+//
+// The named PCR value does not match the current PCR value.
+//
+#define TPM_E_WRONGPCRVAL ((UINT32)(TPM_E_BASE + 0x00000018))
+
+//
+// MessageId: TPM_E_BAD_PARAM_SIZE
+//
+// MessageText:
+//
+// The paramSize argument to the command has the incorrect value
+//
+#define TPM_E_BAD_PARAM_SIZE ((UINT32)(TPM_E_BASE + 0x00000019))
+
+//
+// MessageId: TPM_E_SHA_THREAD
+//
+// MessageText:
+//
+// There is no existing SHA-1 thread.
+//
+#define TPM_E_SHA_THREAD ((UINT32)(TPM_E_BASE + 0x0000001a))
+
+//
+// MessageId: TPM_E_SHA_ERROR
+//
+// MessageText:
+//
+// The calculation is unable to proceed because the existing SHA-1
+// thread has already encountered an error.
+//
+#define TPM_E_SHA_ERROR ((UINT32)(TPM_E_BASE + 0x0000001b))
+
+//
+// MessageId: TPM_E_FAILEDSELFTEST
+//
+// MessageText:
+//
+// Self-test has failed and the TPM has shutdown.
+//
+#define TPM_E_FAILEDSELFTEST ((UINT32)(TPM_E_BASE + 0x0000001c))
+
+//
+// MessageId: TPM_E_AUTH2FAIL
+//
+// MessageText:
+//
+// The authorization for the second key in a 2 key function failed
+// authorization
+//
+#define TPM_E_AUTH2FAIL ((UINT32)(TPM_E_BASE + 0x0000001d))
+
+//
+// MessageId: TPM_E_BADTAG
+//
+// MessageText:
+//
+// The tag value sent to for a command is invalid
+//
+#define TPM_E_BADTAG ((UINT32)(TPM_E_BASE + 0x0000001e))
+
+//
+// MessageId: TPM_E_IOERROR
+//
+// MessageText:
+//
+// An IO error occurred transmitting information to the TPM
+//
+#define TPM_E_IOERROR ((UINT32)(TPM_E_BASE + 0x0000001f))
+
+//
+// MessageId: TPM_E_ENCRYPT_ERROR
+//
+// MessageText:
+//
+// The encryption process had a problem.
+//
+#define TPM_E_ENCRYPT_ERROR ((UINT32)(TPM_E_BASE + 0x00000020))
+
+//
+// MessageId: TPM_E_DECRYPT_ERROR
+//
+// MessageText:
+//
+// The decryption process did not complete.
+//
+#define TPM_E_DECRYPT_ERROR ((UINT32)(TPM_E_BASE + 0x00000021))
+
+//
+// MessageId: TPM_E_INVALID_AUTHHANDLE
+//
+// MessageText:
+//
+// An invalid handle was used.
+//
+#define TPM_E_INVALID_AUTHHANDLE ((UINT32)(TPM_E_BASE + 0x00000022))
+
+//
+// MessageId: TPM_E_NO_ENDORSEMENT
+//
+// MessageText:
+//
+// The TPM does not a EK installed
+//
+#define TPM_E_NO_ENDORSEMENT ((UINT32)(TPM_E_BASE + 0x00000023))
+
+//
+// MessageId: TPM_E_INVALID_KEYUSAGE
+//
+// MessageText:
+//
+// The usage of a key is not allowed
+//
+#define TPM_E_INVALID_KEYUSAGE ((UINT32)(TPM_E_BASE + 0x00000024))
+
+//
+// MessageId: TPM_E_WRONG_ENTITYTYPE
+//
+// MessageText:
+//
+// The submitted entity type is not allowed
+//
+#define TPM_E_WRONG_ENTITYTYPE ((UINT32)(TPM_E_BASE + 0x00000025))
+
+//
+// MessageId: TPM_E_INVALID_POSTINIT
+//
+// MessageText:
+//
+// The command was received in the wrong sequence relative to TPM_Init
+// and a subsequent TPM_Startup
+//
+#define TPM_E_INVALID_POSTINIT ((UINT32)(TPM_E_BASE + 0x00000026))
+
+//
+// MessageId: TPM_E_INAPPROPRIATE_SIG
+//
+// MessageText:
+//
+// Signed data cannot include additional DER information
+//
+#define TPM_E_INAPPROPRIATE_SIG ((UINT32)(TPM_E_BASE + 0x00000027))
+
+//
+// MessageId: TPM_E_BAD_KEY_PROPERTY
+//
+// MessageText:
+//
+// The key properties in TPM_KEY_PARMs are not supported by this TPM
+//
+#define TPM_E_BAD_KEY_PROPERTY ((UINT32)(TPM_E_BASE + 0x00000028))
+
+//
+// MessageId: TPM_E_BAD_MIGRATION
+//
+// MessageText:
+//
+// The migration properties of this key are incorrect.
+//
+#define TPM_E_BAD_MIGRATION ((UINT32)(TPM_E_BASE + 0x00000029))
+
+//
+// MessageId: TPM_E_BAD_SCHEME
+//
+// MessageText:
+//
+// The signature or encryption scheme for this key is incorrect or not
+// permitted in this situation.
+//
+#define TPM_E_BAD_SCHEME ((UINT32)(TPM_E_BASE + 0x0000002a))
+
+//
+// MessageId: TPM_E_BAD_DATASIZE
+//
+// MessageText:
+//
+// The size of the data (or blob) parameter is bad or inconsistent
+// with the referenced key
+//
+#define TPM_E_BAD_DATASIZE ((UINT32)(TPM_E_BASE + 0x0000002b))
+
+//
+// MessageId: TPM_E_BAD_MODE
+//
+// MessageText:
+//
+// A mode parameter is bad, such as capArea or subCapArea for
+// TPM_GetCapability, physicalPresence parameter for
+// TPM_PhysicalPresence, or migrationType for TPM_CreateMigrationBlob.
+//
+#define TPM_E_BAD_MODE ((UINT32)(TPM_E_BASE + 0x0000002c))
+
+//
+// MessageId: TPM_E_BAD_PRESENCE
+//
+// MessageText:
+//
+// Either the physicalPresence or physicalPresenceLock bits have the
+// wrong value
+//
+#define TPM_E_BAD_PRESENCE ((UINT32)(TPM_E_BASE + 0x0000002d))
+
+//
+// MessageId: TPM_E_BAD_VERSION
+//
+// MessageText:
+//
+// The TPM cannot perform this version of the capability
+//
+#define TPM_E_BAD_VERSION ((UINT32)(TPM_E_BASE + 0x0000002e))
+
+//
+// MessageId: TPM_E_NO_WRAP_TRANSPORT
+//
+// MessageText:
+//
+// The TPM does not allow for wrapped transport sessions
+//
+#define TPM_E_NO_WRAP_TRANSPORT ((UINT32)(TPM_E_BASE + 0x0000002f))
+
+//
+// MessageId: TPM_E_AUDITFAIL_UNSUCCESSFUL
+//
+// MessageText:
+//
+// TPM audit construction failed and the underlying command was
+// returning a failure code also
+//
+#define TPM_E_AUDITFAIL_UNSUCCESSFUL ((UINT32)(TPM_E_BASE + 0x00000030))
+
+//
+// MessageId: TPM_E_AUDITFAIL_SUCCESSFUL
+//
+// MessageText:
+//
+// TPM audit construction failed and the underlying command was
+// returning success
+//
+#define TPM_E_AUDITFAIL_SUCCESSFUL ((UINT32)(TPM_E_BASE + 0x00000031))
+
+//
+// MessageId: TPM_E_NOTRESETABLE
+//
+// MessageText:
+//
+// Attempt to reset a PCR register that does not have the resettable
+// attribute
+//
+#define TPM_E_NOTRESETABLE ((UINT32)(TPM_E_BASE + 0x00000032))
+
+//
+// MessageId: TPM_E_NOTLOCAL
+//
+// MessageText:
+//
+// Attempt to reset a PCR register that requires locality and locality
+// modifier not part of command transport
+//
+#define TPM_E_NOTLOCAL ((UINT32)(TPM_E_BASE + 0x00000033))
+
+//
+// MessageId: TPM_E_BAD_TYPE
+//
+// MessageText:
+//
+// Make identity blob not properly typed
+//
+#define TPM_E_BAD_TYPE ((UINT32)(TPM_E_BASE + 0x00000034))
+
+//
+// MessageId: TPM_E_INVALID_RESOURCE
+//
+// MessageText:
+//
+// When saving context identified resource type does not match actual
+// resource
+//
+#define TPM_E_INVALID_RESOURCE ((UINT32)(TPM_E_BASE + 0x00000035))
+
+//
+// MessageId: TPM_E_NOTFIPS
+//
+// MessageText:
+//
+// The TPM is attempting to execute a command only available when in
+// FIPS mode
+//
+#define TPM_E_NOTFIPS ((UINT32)(TPM_E_BASE + 0x00000036))
+
+//
+// MessageId: TPM_E_INVALID_FAMILY
+//
+// MessageText:
+//
+// The command is attempting to use an invalid family ID
+//
+#define TPM_E_INVALID_FAMILY ((UINT32)(TPM_E_BASE + 0x00000037))
+
+//
+// MessageId: TPM_E_NO_NV_PERMISSION
+//
+// MessageText:
+//
+// The permission to manipulate the NV storage is not available
+//
+#define TPM_E_NO_NV_PERMISSION ((UINT32)(TPM_E_BASE + 0x00000038))
+
+//
+// MessageId: TPM_E_REQUIRES_SIGN
+//
+// MessageText:
+//
+// The operation requires a signed command
+//
+#define TPM_E_REQUIRES_SIGN ((UINT32)(TPM_E_BASE + 0x00000039))
+
+//
+// MessageId: TPM_E_KEY_NOTSUPPORTED
+//
+// MessageText:
+//
+// Wrong operation to load an NV key
+//
+#define TPM_E_KEY_NOTSUPPORTED ((UINT32)(TPM_E_BASE + 0x0000003a))
+
+//
+// MessageId: TPM_E_AUTH_CONFLICT
+//
+// MessageText:
+//
+// NV_LoadKey blob requires both owner and blob authorization
+//
+#define TPM_E_AUTH_CONFLICT ((UINT32)(TPM_E_BASE + 0x0000003b))
+
+//
+// MessageId: TPM_E_AREA_LOCKED
+//
+// MessageText:
+//
+// The NV area is locked and not writable
+//
+#define TPM_E_AREA_LOCKED ((UINT32)(TPM_E_BASE + 0x0000003c))
+
+//
+// MessageId: TPM_E_BAD_LOCALITY
+//
+// MessageText:
+//
+// The locality is incorrect for the attempted operation
+//
+#define TPM_E_BAD_LOCALITY ((UINT32)(TPM_E_BASE + 0x0000003d))
+
+//
+// MessageId: TPM_E_READ_ONLY
+//
+// MessageText:
+//
+// The NV area is read only and can't be written to
+//
+#define TPM_E_READ_ONLY ((UINT32)(TPM_E_BASE + 0x0000003e))
+
+//
+// MessageId: TPM_E_PER_NOWRITE
+//
+// MessageText:
+//
+// There is no protection on the write to the NV area
+//
+#define TPM_E_PER_NOWRITE ((UINT32)(TPM_E_BASE + 0x0000003f))
+
+//
+// MessageId: TPM_E_FAMILYCOUNT
+//
+// MessageText:
+//
+// The family count value does not match
+//
+#define TPM_E_FAMILYCOUNT ((UINT32)(TPM_E_BASE + 0x00000040))
+
+//
+// MessageId: TPM_E_WRITE_LOCKED
+//
+// MessageText:
+//
+// The NV area has already been written to
+//
+#define TPM_E_WRITE_LOCKED ((UINT32)(TPM_E_BASE + 0x00000041))
+
+//
+// MessageId: TPM_E_BAD_ATTRIBUTES
+//
+// MessageText:
+//
+// The NV area attributes conflict
+//
+#define TPM_E_BAD_ATTRIBUTES ((UINT32)(TPM_E_BASE + 0x00000042))
+
+//
+// MessageId: TPM_E_INVALID_STRUCTURE
+//
+// MessageText:
+//
+// The structure tag and version are invalid or inconsistent
+//
+#define TPM_E_INVALID_STRUCTURE ((UINT32)(TPM_E_BASE + 0x00000043))
+
+//
+// MessageId: TPM_E_KEY_OWNER_CONTROL
+//
+// MessageText:
+//
+// The key is under control of the TPM Owner and can only be evicted
+// by the TPM Owner.
+//
+#define TPM_E_KEY_OWNER_CONTROL ((UINT32)(TPM_E_BASE + 0x00000044))
+
+//
+// MessageId: TPM_E_BAD_COUNTER
+//
+// MessageText:
+//
+// The counter handle is incorrect
+//
+#define TPM_E_BAD_COUNTER ((UINT32)(TPM_E_BASE + 0x00000045))
+
+//
+// MessageId: TPM_E_NOT_FULLWRITE
+//
+// MessageText:
+//
+// The write is not a complete write of the area
+//
+#define TPM_E_NOT_FULLWRITE ((UINT32)(TPM_E_BASE + 0x00000046))
+
+//
+// MessageId: TPM_E_CONTEXT_GAP
+//
+// MessageText:
+//
+// The gap between saved context counts is too large
+//
+#define TPM_E_CONTEXT_GAP ((UINT32)(TPM_E_BASE + 0x00000047))
+
+//
+// MessageId: TPM_E_MAXNVWRITES
+//
+// MessageText:
+//
+// The maximum number of NV writes without an owner has been exceeded
+//
+#define TPM_E_MAXNVWRITES ((UINT32)(TPM_E_BASE + 0x00000048))
+
+//
+// MessageId: TPM_E_NOOPERATOR
+//
+// MessageText:
+//
+// No operator AuthData value is set
+//
+#define TPM_E_NOOPERATOR ((UINT32)(TPM_E_BASE + 0x00000049))
+
+//
+// MessageId: TPM_E_RESOURCEMISSING
+//
+// MessageText:
+//
+// The resource pointed to by context is not loaded
+//
+#define TPM_E_RESOURCEMISSING ((UINT32)(TPM_E_BASE + 0x0000004a))
+
+//
+// MessageId: TPM_E_DELEGATE_LOCK
+//
+// MessageText:
+//
+// The delegate administration is locked
+//
+#define TPM_E_DELEGATE_LOCK ((UINT32)(TPM_E_BASE + 0x0000004b))
+
+//
+// MessageId: TPM_E_DELEGATE_FAMILY
+//
+// MessageText:
+//
+// Attempt to manage a family other then the delegated family
+//
+#define TPM_E_DELEGATE_FAMILY ((UINT32)(TPM_E_BASE + 0x0000004c))
+
+//
+// MessageId: TPM_E_DELEGATE_ADMIN
+//
+// MessageText:
+//
+// Delegation table management not enabled
+//
+#define TPM_E_DELEGATE_ADMIN ((UINT32)(TPM_E_BASE + 0x0000004d))
+
+//
+// MessageId: TPM_E_TRANSPORT_NOTEXCLUSIVE
+//
+// MessageText:
+//
+// There was a command executed outside of an exclusive transport session
+//
+#define TPM_E_TRANSPORT_NOTEXCLUSIVE ((UINT32)(TPM_E_BASE + 0x0000004e))
+
+//
+// MessageId: TPM_E_OWNER_CONTROL
+//
+// MessageText:
+//
+// Attempt to context save a owner evict controlled key
+//
+#define TPM_E_OWNER_CONTROL ((UINT32)(TPM_E_BASE + 0x0000004f))
+
+//
+// MessageId: TPM_E_DAA_RESOURCES
+//
+// MessageText:
+//
+// The DAA command has no resources available to execute the command
+//
+#define TPM_E_DAA_RESOURCES ((UINT32)(TPM_E_BASE + 0x00000050))
+
+//
+// MessageId: TPM_E_DAA_INPUT_DATA0
+//
+// MessageText:
+//
+// The consistency check on DAA parameter inputData0 has failed.
+//
+#define TPM_E_DAA_INPUT_DATA0 ((UINT32)(TPM_E_BASE + 0x00000051))
+
+//
+// MessageId: TPM_E_DAA_INPUT_DATA1
+//
+// MessageText:
+//
+// The consistency check on DAA parameter inputData1 has failed.
+//
+#define TPM_E_DAA_INPUT_DATA1 ((UINT32)(TPM_E_BASE + 0x00000052))
+
+//
+// MessageId: TPM_E_DAA_ISSUER_SETTINGS
+//
+// MessageText:
+//
+// The consistency check on DAA_issuerSettings has failed.
+//
+#define TPM_E_DAA_ISSUER_SETTINGS ((UINT32)(TPM_E_BASE + 0x00000053))
+
+//
+// MessageId: TPM_E_DAA_TPM_SETTINGS
+//
+// MessageText:
+//
+// The consistency check on DAA_tpmSpecific has failed.
+//
+#define TPM_E_DAA_TPM_SETTINGS ((UINT32)(TPM_E_BASE + 0x00000054))
+
+//
+// MessageId: TPM_E_DAA_STAGE
+//
+// MessageText:
+//
+// The atomic process indicated by the submitted DAA command is not
+// the expected process.
+//
+#define TPM_E_DAA_STAGE ((UINT32)(TPM_E_BASE + 0x00000055))
+
+//
+// MessageId: TPM_E_DAA_ISSUER_VALIDITY
+//
+// MessageText:
+//
+// The issuer's validity check has detected an inconsistency
+//
+#define TPM_E_DAA_ISSUER_VALIDITY ((UINT32)(TPM_E_BASE + 0x00000056))
+
+//
+// MessageId: TPM_E_DAA_WRONG_W
+//
+// MessageText:
+//
+// The consistency check on w has failed.
+//
+#define TPM_E_DAA_WRONG_W ((UINT32)(TPM_E_BASE + 0x00000057))
+
+//
+// MessageId: TPM_E_BAD_HANDLE
+//
+// MessageText:
+//
+// The handle is incorrect
+//
+#define TPM_E_BAD_HANDLE ((UINT32)(TPM_E_BASE + 0x00000058))
+
+//
+// MessageId: TPM_E_BAD_DELEGATE
+//
+// MessageText:
+//
+// Delegation is not correct
+//
+#define TPM_E_BAD_DELEGATE ((UINT32)(TPM_E_BASE + 0x00000059))
+
+//
+// MessageId: TPM_E_BADCONTEXT
+//
+// MessageText:
+//
+// The context blob is invalid
+//
+#define TPM_E_BADCONTEXT ((UINT32)(TPM_E_BASE + 0x0000005a))
+
+//
+// MessageId: TPM_E_TOOMANYCONTEXTS
+//
+// MessageText:
+//
+// Too many contexts held by the TPM
+//
+#define TPM_E_TOOMANYCONTEXTS ((UINT32)(TPM_E_BASE + 0x0000005b))
+
+//
+// MessageId: TPM_E_MA_TICKET_SIGNATURE
+//
+// MessageText:
+//
+// Migration authority signature validation failure
+//
+#define TPM_E_MA_TICKET_SIGNATURE ((UINT32)(TPM_E_BASE + 0x0000005c))
+
+//
+// MessageId: TPM_E_MA_DESTINATION
+//
+// MessageText:
+//
+// Migration destination not authenticated
+//
+#define TPM_E_MA_DESTINATION ((UINT32)(TPM_E_BASE + 0x0000005d))
+
+//
+// MessageId: TPM_E_MA_SOURCE
+//
+// MessageText:
+//
+// Migration source incorrect
+//
+#define TPM_E_MA_SOURCE ((UINT32)(TPM_E_BASE + 0x0000005e))
+
+//
+// MessageId: TPM_E_MA_AUTHORITY
+//
+// MessageText:
+//
+// Incorrect migration authority
+//
+#define TPM_E_MA_AUTHORITY ((UINT32)(TPM_E_BASE + 0x0000005f))
+
+//
+// MessageId: TPM_E_PERMANENTEK
+//
+// MessageText:
+//
+// Attempt to revoke the EK and the EK is not revocable
+//
+#define TPM_E_PERMANENTEK ((UINT32)(TPM_E_BASE + 0x00000061))
+
+//
+// MessageId: TPM_E_BAD_SIGNATURE
+//
+// MessageText:
+//
+// Bad signature of CMK ticket
+//
+#define TPM_E_BAD_SIGNATURE ((UINT32)(TPM_E_BASE + 0x00000062))
+
+//
+// MessageId: TPM_E_NOCONTEXTSPACE
+//
+// MessageText:
+//
+// There is no room in the context list for additional contexts
+//
+#define TPM_E_NOCONTEXTSPACE ((UINT32)(TPM_E_BASE + 0x00000063))
+
+
+//
+// MessageId: TPM_E_RETRY
+//
+// MessageText:
+//
+// The TPM is too busy to respond to the command immediately, but the
+// command could be resubmitted at a later time. The TPM MAY return
+// TPM_Retry for any command at any time.
+//
+#define TPM_E_RETRY ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL))
+
+//
+// MessageId: TPM_E_NEEDS_SELFTEST
+//
+// MessageText:
+//
+// SelfTestFull has not been run
+//
+#define TPM_E_NEEDS_SELFTEST ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL + 1))
+
+//
+// MessageId: TPM_E_DOING_SELFTEST
+//
+// MessageText:
+//
+// The TPM is currently executing a full selftest
+//
+#define TPM_E_DOING_SELFTEST ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL + 2))
+
+//
+// MessageId: TPM_E_DEFEND_LOCK_RUNNING
+//
+// MessageText:
+//
+// The TPM is defending against dictionary attacks and is in some
+// time-out period.
+//
+#define TPM_E_DEFEND_LOCK_RUNNING ((UINT32)(TPM_E_BASE + TPM_E_NON_FATAL + 3))
+
+#endif /* __TPM_ERROR_H__ */
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm_ordinal.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm_ordinal.h
new file mode 100644
index 0000000..9df9959
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tpm_ordinal.h
@@ -0,0 +1,151 @@
+/*
+ * TPM Ordinal definitions extracted from the TPM 1.2 specification, rev 85.
+ */
+
+#ifndef __TPM_ORDINAL_H__
+#define __TPM_ORDINAL_H__
+
+#define TPM_PROTECTED_COMMAND ((UINT32)(0x00000000))
+#define TPM_UNPROTECTED_COMMAND ((UINT32)(0x80000000))
+#define TPM_CONNECTION_COMMAND ((UINT32)(0x40000000))
+#define TPM_VENDOR_COMMAND ((UINT32)(0x20000000))
+
+#define TPM_MAIN ((UINT16)(0x0000))
+#define TPM_PC ((UINT16)(0x0001))
+#define TPM_PDA ((UINT16)(0x0002))
+#define TPM_CELL_PHONE ((UINT16)(0x0003))
+#define TPM_SERVER ((UINT16)(0x0004))
+
+#define TPM_PROTECTED_ORDINAL (TPM_MAIN | TPM_PROTECTED_COMMAND)
+#define TPM_UNPROTECTED_ORDINAL (TPM_MAIN | TPM_UNPROTECTED_COMMAND)
+#define TPM_CONNECTION_ORDINAL (TPM_MAIN | TPM_CONNECTION_COMMAND)
+
+
+#define TPM_ORD_OIAP ((UINT32)0x0000000A)
+#define TPM_ORD_OSAP ((UINT32)0x0000000B)
+#define TPM_ORD_ChangeAuth ((UINT32)0x0000000C)
+#define TPM_ORD_TakeOwnership ((UINT32)0x0000000D)
+#define TPM_ORD_ChangeAuthAsymStart ((UINT32)0x0000000E)
+#define TPM_ORD_ChangeAuthAsymFinish ((UINT32)0x0000000F)
+#define TPM_ORD_ChangeAuthOwner ((UINT32)0x00000010)
+#define TPM_ORD_DSAP ((UINT32)0x00000011)
+#define TPM_ORD_CMK_CreateTicket ((UINT32)0x00000012)
+#define TPM_ORD_CMK_CreateKey ((UINT32)0x00000013)
+#define TPM_ORD_Extend ((UINT32)0x00000014)
+#define TPM_ORD_PcrRead ((UINT32)0x00000015)
+#define TPM_ORD_Quote ((UINT32)0x00000016)
+#define TPM_ORD_Seal ((UINT32)0x00000017)
+#define TPM_ORD_Unseal ((UINT32)0x00000018)
+#define TPM_ORD_DirWriteAuth ((UINT32)0x00000019)
+#define TPM_ORD_DirRead ((UINT32)0x0000001A)
+#define TPM_ORD_CMK_CreateBlob ((UINT32)0x0000001B)
+#define TPM_ORD_CMK_SetRestrictions ((UINT32)0x0000001C)
+#define TPM_ORD_CMK_ApproveMA ((UINT32)0x0000001D)
+#define TPM_ORD_UnBind ((UINT32)0x0000001E)
+#define TPM_ORD_CreateWrapKey ((UINT32)0x0000001F)
+#define TPM_ORD_LoadKey ((UINT32)0x00000020)
+#define TPM_ORD_GetPubKey ((UINT32)0x00000021)
+#define TPM_ORD_EvictKey ((UINT32)0x00000022)
+#define TPM_ORD_KeyControlOwner ((UINT32)0x00000023)
+#define TPM_ORD_CMK_ConvertMigration ((UINT32)0x00000024)
+#define TPM_ORD_MigrateKey ((UINT32)0x00000025)
+#define TPM_ORD_CreateMigrationBlob ((UINT32)0x00000028)
+#define TPM_ORD_DAA_Join ((UINT32)0x00000029)
+#define TPM_ORD_ConvertMigrationBlob ((UINT32)0x0000002A)
+#define TPM_ORD_AuthorizeMigrationKey ((UINT32)0x0000002B)
+#define TPM_ORD_CreateMaintenanceArchive ((UINT32)0x0000002C)
+#define TPM_ORD_LoadMaintenanceArchive ((UINT32)0x0000002D)
+#define TPM_ORD_KillMaintenanceFeature ((UINT32)0x0000002E)
+#define TPM_ORD_LoadManuMaintPub ((UINT32)0x0000002F)
+#define TPM_ORD_ReadManuMaintPub ((UINT32)0x00000030)
+#define TPM_ORD_DAA_Sign ((UINT32)0x00000031)
+#define TPM_ORD_CertifyKey ((UINT32)0x00000032)
+#define TPM_ORD_CertifyKey2 ((UINT32)0x00000033)
+#define TPM_ORD_Sign ((UINT32)0x0000003C)
+#define TPM_ORD_Sealx ((UINT32)0x0000003D)
+#define TPM_ORD_Quote2 ((UINT32)0x0000003E)
+#define TPM_ORD_SetCapability ((UINT32)0x0000003F)
+#define TPM_ORD_ResetLockValue ((UINT32)0x00000040)
+#define TPM_ORD_LoadKey2 ((UINT32)0x00000041)
+#define TPM_ORD_GetRandom ((UINT32)0x00000046)
+#define TPM_ORD_StirRandom ((UINT32)0x00000047)
+#define TPM_ORD_SelfTestFull ((UINT32)0x00000050)
+#define TPM_ORD_CertifySelfTest ((UINT32)0x00000052)
+#define TPM_ORD_ContinueSelfTest ((UINT32)0x00000053)
+#define TPM_ORD_GetTestResult ((UINT32)0x00000054)
+#define TPM_ORD_Reset ((UINT32)0x0000005A)
+#define TPM_ORD_OwnerClear ((UINT32)0x0000005B)
+#define TPM_ORD_DisableOwnerClear ((UINT32)0x0000005C)
+#define TPM_ORD_ForceClear ((UINT32)0x0000005D)
+#define TPM_ORD_DisableForceClear ((UINT32)0x0000005E)
+#define TPM_ORD_GetCapabilitySigned ((UINT32)0x00000064)
+#define TPM_ORD_GetCapability ((UINT32)0x00000065)
+#define TPM_ORD_GetCapabilityOwner ((UINT32)0x00000066)
+#define TPM_ORD_OwnerSetDisable ((UINT32)0x0000006E)
+#define TPM_ORD_PhysicalEnable ((UINT32)0x0000006F)
+#define TPM_ORD_PhysicalDisable ((UINT32)0x00000070)
+#define TPM_ORD_SetOwnerInstall ((UINT32)0x00000071)
+#define TPM_ORD_PhysicalSetDeactivated ((UINT32)0x00000072)
+#define TPM_ORD_SetTempDeactivated ((UINT32)0x00000073)
+#define TPM_ORD_SetOperatorAuth ((UINT32)0x00000074)
+#define TPM_ORD_SetOwnerPointer ((UINT32)0x00000075)
+#define TPM_ORD_CreateEndorsementKeyPair ((UINT32)0x00000078)
+#define TPM_ORD_MakeIdentity ((UINT32)0x00000079)
+#define TPM_ORD_ActivateIdentity ((UINT32)0x0000007A)
+#define TPM_ORD_ReadPubek ((UINT32)0x0000007C)
+#define TPM_ORD_OwnerReadPubek ((UINT32)0x0000007D)
+#define TPM_ORD_DisablePubekRead ((UINT32)0x0000007E)
+#define TPM_ORD_CreateRevocableEK ((UINT32)0x0000007F)
+#define TPM_ORD_RevokeTrust ((UINT32)0x00000080)
+#define TPM_ORD_OwnerReadInternalPub ((UINT32)0x00000081)
+#define TPM_ORD_GetAuditEvent ((UINT32)0x00000082)
+#define TPM_ORD_GetAuditEventSigned ((UINT32)0x00000083)
+#define TPM_ORD_GetAuditDigest ((UINT32)0x00000085)
+#define TPM_ORD_GetAuditDigestSigned ((UINT32)0x00000086)
+#define TPM_ORD_GetOrdinalAuditStatus ((UINT32)0x0000008C)
+#define TPM_ORD_SetOrdinalAuditStatus ((UINT32)0x0000008D)
+#define TPM_ORD_Terminate_Handle ((UINT32)0x00000096)
+#define TPM_ORD_Init ((UINT32)0x00000097)
+#define TPM_ORD_SaveState ((UINT32)0x00000098)
+#define TPM_ORD_Startup ((UINT32)0x00000099)
+#define TPM_ORD_SetRedirection ((UINT32)0x0000009A)
+#define TPM_ORD_SHA1Start ((UINT32)0x000000A0)
+#define TPM_ORD_SHA1Update ((UINT32)0x000000A1)
+#define TPM_ORD_SHA1Complete ((UINT32)0x000000A2)
+#define TPM_ORD_SHA1CompleteExtend ((UINT32)0x000000A3)
+#define TPM_ORD_FieldUpgrade ((UINT32)0x000000AA)
+#define TPM_ORD_SaveKeyContext ((UINT32)0x000000B4)
+#define TPM_ORD_LoadKeyContext ((UINT32)0x000000B5)
+#define TPM_ORD_SaveAuthContext ((UINT32)0x000000B6)
+#define TPM_ORD_LoadAuthContext ((UINT32)0x000000B7)
+#define TPM_ORD_SaveContext ((UINT32)0x000000B8)
+#define TPM_ORD_LoadContext ((UINT32)0x000000B9)
+#define TPM_ORD_FlushSpecific ((UINT32)0x000000BA)
+#define TPM_ORD_PCR_Reset ((UINT32)0x000000C8)
+#define TPM_ORD_NV_DefineSpace ((UINT32)0x000000CC)
+#define TPM_ORD_NV_WriteValue ((UINT32)0x000000CD)
+#define TPM_ORD_NV_WriteValueAuth ((UINT32)0x000000CE)
+#define TPM_ORD_NV_ReadValue ((UINT32)0x000000CF)
+#define TPM_ORD_NV_ReadValueAuth ((UINT32)0x000000D0)
+#define TPM_ORD_Delegate_UpdateVerification ((UINT32)0x000000D1)
+#define TPM_ORD_Delegate_Manage ((UINT32)0x000000D2)
+#define TPM_ORD_Delegate_CreateKeyDelegation ((UINT32)0x000000D4)
+#define TPM_ORD_Delegate_CreateOwnerDelegation ((UINT32)0x000000D5)
+#define TPM_ORD_Delegate_VerifyDelegation ((UINT32)0x000000D6)
+#define TPM_ORD_Delegate_LoadOwnerDelegation ((UINT32)0x000000D8)
+#define TPM_ORD_Delegate_ReadTable ((UINT32)0x000000DB)
+#define TPM_ORD_CreateCounter ((UINT32)0x000000DC)
+#define TPM_ORD_IncrementCounter ((UINT32)0x000000DD)
+#define TPM_ORD_ReadCounter ((UINT32)0x000000DE)
+#define TPM_ORD_ReleaseCounter ((UINT32)0x000000DF)
+#define TPM_ORD_ReleaseCounterOwner ((UINT32)0x000000E0)
+#define TPM_ORD_EstablishTransport ((UINT32)0x000000E6)
+#define TPM_ORD_ExecuteTransport ((UINT32)0x000000E7)
+#define TPM_ORD_ReleaseTransportSigned ((UINT32)0x000000E8)
+#define TPM_ORD_GetTicks ((UINT32)0x000000F1)
+#define TPM_ORD_TickStampBlob ((UINT32)0x000000F2)
+
+#define TSC_ORD_PhysicalPresence ((UINT32)0x4000000A)
+#define TSC_ORD_ResetEstablishmentBit ((UINT32)0x4000000B)
+
+#endif // __TPM_ORDINAL_H__
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tspi.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tspi.h
new file mode 100644
index 0000000..3aa44db
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tspi.h
@@ -0,0 +1,1206 @@
+#if !defined(_TSPI_H_)
+#define _TSPI_H_
+
+#include <tss/tss_defines.h>
+#include <tss/tss_typedef.h>
+#include <tss/tss_structs.h>
+#include <tss/tss_error.h>
+#include <tss/tss_error_basics.h>
+
+#if !defined( TSPICALL )
+ #if !defined(WIN32) || defined (TSP_STATIC)
+ // Linux, or a Win32 static library
+ #define TSPICALL extern TSS_RESULT
+ #elif defined (TSPDLL_EXPORTS)
+ // Win32 DLL build
+ #define TSPICALL extern __declspec(dllexport) TSS_RESULT
+ #else
+ // Win32 DLL import
+ #define TSPICALL extern __declspec(dllimport) TSS_RESULT
+ #endif
+#endif /* TSPICALL */
+
+#if defined ( __cplusplus )
+extern "C" {
+#endif /* __cplusplus */
+
+
+// Class-independent ASN.1 conversion functions
+TSPICALL Tspi_EncodeDER_TssBlob
+(
+ UINT32 rawBlobSize, // in
+ BYTE* rawBlob, // in
+ UINT32 blobType, // in
+ UINT32* derBlobSize, // in, out
+ BYTE* derBlob // out
+);
+
+TSPICALL Tspi_DecodeBER_TssBlob
+(
+ UINT32 berBlobSize, // in
+ BYTE* berBlob, // in
+ UINT32* blobType, // out
+ UINT32* rawBlobSize, // in, out
+ BYTE* rawBlob // out
+);
+
+
+
+// Common Methods
+TSPICALL Tspi_SetAttribUint32
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32 ulAttrib // in
+);
+
+TSPICALL Tspi_GetAttribUint32
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32* pulAttrib // out
+);
+
+TSPICALL Tspi_SetAttribData
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32 ulAttribDataSize, // in
+ BYTE* rgbAttribData // in
+);
+
+TSPICALL Tspi_GetAttribData
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG attribFlag, // in
+ TSS_FLAG subFlag, // in
+ UINT32* pulAttribDataSize, // out
+ BYTE** prgbAttribData // out
+);
+
+TSPICALL Tspi_ChangeAuth
+(
+ TSS_HOBJECT hObjectToChange, // in
+ TSS_HOBJECT hParentObject, // in
+ TSS_HPOLICY hNewPolicy // in
+);
+
+TSPICALL Tspi_ChangeAuthAsym
+(
+ TSS_HOBJECT hObjectToChange, // in
+ TSS_HOBJECT hParentObject, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_HPOLICY hNewPolicy // in
+);
+
+TSPICALL Tspi_GetPolicyObject
+(
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG policyType, // in
+ TSS_HPOLICY* phPolicy // out
+);
+
+
+
+// Tspi_Context Class Definitions
+TSPICALL Tspi_Context_Create
+(
+ TSS_HCONTEXT* phContext // out
+);
+
+TSPICALL Tspi_Context_Close
+(
+ TSS_HCONTEXT hContext // in
+);
+
+TSPICALL Tspi_Context_Connect
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_UNICODE* wszDestination // in
+);
+
+TSPICALL Tspi_Context_FreeMemory
+(
+ TSS_HCONTEXT hContext, // in
+ BYTE* rgbMemory // in
+);
+
+TSPICALL Tspi_Context_GetDefaultPolicy
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HPOLICY* phPolicy // out
+);
+
+TSPICALL Tspi_Context_CreateObject
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG objectType, // in
+ TSS_FLAG initFlags, // in
+ TSS_HOBJECT* phObject // out
+);
+
+TSPICALL Tspi_Context_CloseObject
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HOBJECT hObject // in
+);
+
+TSPICALL Tspi_Context_GetCapability
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG capArea, // in
+ UINT32 ulSubCapLength, // in
+ BYTE* rgbSubCap, // in
+ UINT32* pulRespDataLength, // out
+ BYTE** prgbRespData // out
+);
+
+TSPICALL Tspi_Context_GetTpmObject
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HTPM* phTPM // out
+);
+
+TSPICALL Tspi_Context_SetTransEncryptionKey
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hKey // in
+);
+
+TSPICALL Tspi_Context_CloseSignTransport
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hSigningKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_Context_LoadKeyByBlob
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hUnwrappingKey, // in
+ UINT32 ulBlobLength, // in
+ BYTE* rgbBlobData, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_LoadKeyByUUID
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidData, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_RegisterKey
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_HKEY hKey, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidKey, // in
+ TSS_FLAG persistentStorageTypeParent, // in
+ TSS_UUID uuidParentKey // in
+);
+
+TSPICALL Tspi_Context_UnregisterKey
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidKey, // in
+ TSS_HKEY* phkey // out
+);
+
+TSPICALL Tspi_Context_GetKeyByUUID
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID uuidData, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_GetKeyByPublicInfo
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulPublicInfoLength, // in
+ BYTE* rgbPublicInfo, // in
+ TSS_HKEY* phKey // out
+);
+
+TSPICALL Tspi_Context_GetRegisteredKeysByUUID
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID* pUuidData, // in
+ UINT32* pulKeyHierarchySize, // out
+ TSS_KM_KEYINFO** ppKeyHierarchy // out
+);
+
+TSPICALL Tspi_Context_GetRegisteredKeysByUUID2
+(
+ TSS_HCONTEXT hContext, // in
+ TSS_FLAG persistentStorageType, // in
+ TSS_UUID* pUuidData, // in
+ UINT32* pulKeyHierarchySize, // out
+ TSS_KM_KEYINFO2** ppKeyHierarchy // out
+);
+
+
+// Policy class definitions
+TSPICALL Tspi_Policy_SetSecret
+(
+ TSS_HPOLICY hPolicy, // in
+ TSS_FLAG secretMode, // in
+ UINT32 ulSecretLength, // in
+ BYTE* rgbSecret // in
+);
+
+TSPICALL Tspi_Policy_FlushSecret
+(
+ TSS_HPOLICY hPolicy // in
+);
+
+TSPICALL Tspi_Policy_AssignToObject
+(
+ TSS_HPOLICY hPolicy, // in
+ TSS_HOBJECT hObject // in
+);
+
+
+
+// TPM Class Definitions
+TSPICALL Tspi_TPM_KeyControlOwner
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ UINT32 attribName, // in
+ TSS_BOOL attribValue, // in
+ TSS_UUID* pUuidData // out
+);
+
+TSPICALL Tspi_TPM_CreateEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_CreateRevocableEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ UINT32* pulEkResetDataLength, // in, out
+ BYTE** rgbEkResetData // in, out
+);
+
+TSPICALL Tspi_TPM_RevokeEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulEkResetDataLength, // in
+ BYTE* rgbEkResetData // in
+);
+
+TSPICALL Tspi_TPM_GetPubEndorsementKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_BOOL fOwnerAuthorized, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ TSS_HKEY* phEndorsementPubKey // out
+);
+
+TSPICALL Tspi_TPM_OwnerGetSRKPubKey
+(
+ TSS_HTPM hTPM, // in
+ UINT32* pulPubKeyLength, // out
+ BYTE** prgbPubKey // out
+);
+
+TSPICALL Tspi_TPM_TakeOwnership
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKeySRK, // in
+ TSS_HKEY hEndorsementPubKey // in
+);
+
+TSPICALL Tspi_TPM_ClearOwner
+(
+ TSS_HTPM hTPM, // in
+ TSS_BOOL fForcedClear // in
+);
+
+TSPICALL Tspi_TPM_CollateIdentityRequest
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKeySRK, // in
+ TSS_HKEY hCAPubKey, // in
+ UINT32 ulIdentityLabelLength, // in
+ BYTE* rgbIdentityLabelData, // in
+ TSS_HKEY hIdentityKey, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32* pulTCPAIdentityReqLength, // out
+ BYTE** prgbTCPAIdentityReq // out
+);
+
+TSPICALL Tspi_TPM_ActivateIdentity
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hIdentKey, // in
+ UINT32 ulAsymCAContentsBlobLength, // in
+ BYTE* rgbAsymCAContentsBlob, // in
+ UINT32 ulSymCAAttestationBlobLength, // in
+ BYTE* rgbSymCAAttestationBlob, // in
+ UINT32* pulCredentialLength, // out
+ BYTE** prgbCredential // out
+);
+
+TSPICALL Tspi_TPM_CreateMaintenanceArchive
+(
+ TSS_HTPM hTPM, // in
+ TSS_BOOL fGenerateRndNumber, // in
+ UINT32* pulRndNumberLength, // out
+ BYTE** prgbRndNumber, // out
+ UINT32* pulArchiveDataLength, // out
+ BYTE** prgbArchiveData // out
+);
+
+TSPICALL Tspi_TPM_KillMaintenanceFeature
+(
+ TSS_HTPM hTPM // in
+);
+
+TSPICALL Tspi_TPM_LoadMaintenancePubKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hMaintenanceKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_CheckMaintenancePubKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hMaintenanceKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_SetOperatorAuth
+(
+ TSS_HTPM hTPM, // in
+ TSS_HPOLICY hOperatorPolicy // in
+);
+
+TSPICALL Tspi_TPM_SetStatus
+(
+ TSS_HTPM hTPM, // in
+ TSS_FLAG statusFlag, // in
+ TSS_BOOL fTpmState // in
+);
+
+TSPICALL Tspi_TPM_GetStatus
+(
+ TSS_HTPM hTPM, // in
+ TSS_FLAG statusFlag, // in
+ TSS_BOOL* pfTpmState // out
+);
+
+TSPICALL Tspi_TPM_FieldUpgrade
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulDataInLength, // in
+ BYTE* rgbDataIn, // in
+ UINT32* pulDataOutLength, // out
+ BYTE** prgbDataOut // out
+);
+
+TSPICALL Tspi_TPM_GetCapability
+(
+ TSS_HTPM hTPM, // in
+ TSS_FLAG capArea, // in
+ UINT32 ulSubCapLength, // in
+ BYTE* rgbSubCap, // in
+ UINT32* pulRespDataLength, // out
+ BYTE** prgbRespData // out
+);
+
+TSPICALL Tspi_TPM_GetCapabilitySigned
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_FLAG capArea, // in
+ UINT32 ulSubCapLength, // in
+ BYTE* rgbSubCap, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ UINT32* pulRespDataLength, // out
+ BYTE** prgbRespData // out
+);
+
+TSPICALL Tspi_TPM_SelfTestFull
+(
+ TSS_HTPM hTPM // in
+);
+
+TSPICALL Tspi_TPM_CertifySelfTest
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_GetTestResult
+(
+ TSS_HTPM hTPM, // in
+ UINT32* pulTestResultLength, // out
+ BYTE** prgbTestResult // out
+);
+
+TSPICALL Tspi_TPM_GetRandom
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulRandomDataLength, // in
+ BYTE** prgbRandomData // out
+);
+
+TSPICALL Tspi_TPM_StirRandom
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulEntropyDataLength, // in
+ BYTE* rgbEntropyData // in
+);
+
+TSPICALL Tspi_TPM_GetEvent
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulEventNumber, // in
+ TSS_PCR_EVENT* pPcrEvent // out
+);
+
+TSPICALL Tspi_TPM_GetEvents
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulStartNumber, // in
+ UINT32* pulEventNumber, // in, out
+ TSS_PCR_EVENT** prgPcrEvents // out
+);
+
+TSPICALL Tspi_TPM_GetEventLog
+(
+ TSS_HTPM hTPM, // in
+ UINT32* pulEventNumber, // out
+ TSS_PCR_EVENT** prgPcrEvents // out
+);
+
+TSPICALL Tspi_TPM_Quote
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_HPCRS hPcrComposite, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_TPM_Quote2
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_BOOL fAddVersion, // in
+ TSS_HPCRS hPcrComposite, // in
+ TSS_VALIDATION* pValidationData, // in, out
+ UINT32* versionInfoSize, // out
+ BYTE** versionInfo // out
+);
+
+TSPICALL Tspi_TPM_PcrExtend
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulPcrDataLength, // in
+ BYTE* pbPcrData, // in
+ TSS_PCR_EVENT* pPcrEvent, // in
+ UINT32* pulPcrValueLength, // out
+ BYTE** prgbPcrValue // out
+);
+
+TSPICALL Tspi_TPM_PcrRead
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulPcrIndex, // in
+ UINT32* pulPcrValueLength, // out
+ BYTE** prgbPcrValue // out
+);
+
+TSPICALL Tspi_TPM_PcrReset
+(
+ TSS_HTPM hTPM, // in
+ TSS_HPCRS hPcrComposite // in
+);
+
+TSPICALL Tspi_TPM_AuthorizeMigrationTicket
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hMigrationKey, // in
+ TSS_MIGRATE_SCHEME migrationScheme, // in
+ UINT32* pulMigTicketLength, // out
+ BYTE** prgbMigTicket // out
+);
+
+TSPICALL Tspi_TPM_CMKSetRestrictions
+(
+ TSS_HTPM hTPM, // in
+ TSS_CMK_DELEGATE CmkDelegate // in
+);
+
+TSPICALL Tspi_TPM_CMKApproveMA
+(
+ TSS_HTPM hTPM, // in
+ TSS_HMIGDATA hMaAuthData // in
+);
+
+TSPICALL Tspi_TPM_CMKCreateTicket
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hVerifyKey, // in
+ TSS_HMIGDATA hSigData // in
+);
+
+TSPICALL Tspi_TPM_ReadCounter
+(
+ TSS_HTPM hTPM, // in
+ UINT32* counterValue // out
+);
+
+TSPICALL Tspi_TPM_ReadCurrentTicks
+(
+ TSS_HTPM hTPM, // in
+ TPM_CURRENT_TICKS* tickCount // out
+);
+
+TSPICALL Tspi_TPM_DirWrite
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulDirIndex, // in
+ UINT32 ulDirDataLength, // in
+ BYTE* rgbDirData // in
+);
+
+TSPICALL Tspi_TPM_DirRead
+(
+ TSS_HTPM hTPM, // in
+ UINT32 ulDirIndex, // in
+ UINT32* pulDirDataLength, // out
+ BYTE** prgbDirData // out
+);
+
+TSPICALL Tspi_TPM_Delegate_AddFamily
+(
+ TSS_HTPM hTPM, // in, must not be NULL
+ BYTE bLabel, // in
+ TSS_HDELFAMILY* phFamily // out
+);
+
+TSPICALL Tspi_TPM_Delegate_GetFamily
+(
+ TSS_HTPM hTPM, // in, must not NULL
+ UINT32 ulFamilyID, // in
+ TSS_HDELFAMILY* phFamily // out
+);
+
+TSPICALL Tspi_TPM_Delegate_InvalidateFamily
+(
+ TSS_HTPM hTPM, // in, must not be NULL
+ TSS_HDELFAMILY hFamily // in
+);
+
+TSPICALL Tspi_TPM_Delegate_CreateDelegation
+(
+ TSS_HOBJECT hObject, // in
+ BYTE bLabel, // in
+ UINT32 ulFlags, // in
+ TSS_HPCRS hPcr, // in, may be NULL
+ TSS_HDELFAMILY hFamily, // in
+ TSS_HPOLICY hDelegation // in
+);
+
+TSPICALL Tspi_TPM_Delegate_CacheOwnerDelegation
+(
+ TSS_HTPM hTPM, // in, must not be NULL
+ TSS_HPOLICY hDelegation, // in
+ UINT32 ulIndex, // in
+ UINT32 ulFlags // in
+);
+
+TSPICALL Tspi_TPM_Delegate_UpdateVerificationCount
+(
+ TSS_HTPM hTPM, // in
+ TSS_HPOLICY hDelegation // in
+);
+
+TSPICALL Tspi_TPM_Delegate_VerifyDelegation
+(
+ TSS_HPOLICY hDelegation // in
+);
+
+TSPICALL Tspi_TPM_Delegate_ReadTables
+(
+ TSS_HCONTEXT hContext, // in
+ UINT32* pulFamilyTableSize, // out
+ TSS_FAMILY_TABLE_ENTRY** ppFamilyTable, // out
+ UINT32* pulDelegateTableSize, // out
+ TSS_DELEGATION_TABLE_ENTRY** ppDelegateTable // out
+);
+
+TSPICALL Tspi_TPM_DAA_JoinInit
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ UINT32 daaCounter, // in
+ UINT32 issuerAuthPKsLength, // in
+ TSS_HKEY* issuerAuthPKs, // in
+ UINT32 issuerAuthPKSignaturesLength, // in
+ UINT32 issuerAuthPKSignaturesLength2, // in
+ BYTE** issuerAuthPKSignatures, // in
+ UINT32* capitalUprimeLength, // out
+ BYTE** capitalUprime, // out
+ TSS_DAA_IDENTITY_PROOF** identityProof, // out
+ UINT32* joinSessionLength, // out
+ BYTE** joinSession // out
+);
+
+TSPICALL Tspi_TPM_DAA_JoinCreateDaaPubKey
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ UINT32 authenticationChallengeLength, // in
+ BYTE* authenticationChallenge, // in
+ UINT32 nonceIssuerLength, // in
+ BYTE* nonceIssuer, // in
+ UINT32 attributesPlatformLength, // in
+ UINT32 attributesPlatformLength2, // in
+ BYTE** attributesPlatform, // in
+ UINT32 joinSessionLength, // in
+ BYTE* joinSession, // in
+ TSS_DAA_CREDENTIAL_REQUEST** credentialRequest // out
+);
+
+TSPICALL Tspi_TPM_DAA_JoinStoreCredential
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_DAA_CRED_ISSUER* credIssuer, // in
+ UINT32 joinSessionLength, // in
+ BYTE* joinSession // in
+);
+
+TSPICALL Tspi_TPM_DAA_Sign
+(
+ TSS_HTPM hTPM, // in
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_HDAA_ARA_KEY hARAKey, // in
+ TSS_DAA_SELECTED_ATTRIB* revealAttributes, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ TSS_HOBJECT signData, // in
+ TSS_DAA_SIGNATURE** daaSignature // out
+);
+
+TSPICALL Tspi_TPM_GetAuditDigest
+(
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hKey, // in
+ TSS_BOOL closeAudit, // in
+ UINT32* pulAuditDigestSize, // out
+ BYTE** prgbAuditDigest, // out
+ TPM_COUNTER_VALUE* pCounterValue, // out
+ TSS_VALIDATION* pValidationData, // out
+ UINT32* ordSize, // out
+ UINT32** ordList // out
+);
+
+
+// PcrComposite Class Definitions
+TSPICALL Tspi_PcrComposite_SelectPcrIndex
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex // in
+);
+
+TSPICALL Tspi_PcrComposite_SelectPcrIndexEx
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 direction // in
+);
+
+TSPICALL Tspi_PcrComposite_SetPcrValue
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex, // in
+ UINT32 ulPcrValueLength, // in
+ BYTE* rgbPcrValue // in
+);
+
+TSPICALL Tspi_PcrComposite_GetPcrValue
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 ulPcrIndex, // in
+ UINT32* pulPcrValueLength, // out
+ BYTE** prgbPcrValue // out
+);
+
+TSPICALL Tspi_PcrComposite_SetPcrLocality
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32 LocalityValue // in
+);
+
+TSPICALL Tspi_PcrComposite_GetPcrLocality
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32* pLocalityValue // out
+);
+
+TSPICALL Tspi_PcrComposite_GetCompositeHash
+(
+ TSS_HPCRS hPcrComposite, // in
+ UINT32* pLen, // in
+ BYTE** ppbHashData // out
+);
+
+
+
+// Key Class Definition
+TSPICALL Tspi_Key_LoadKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hUnwrappingKey // in
+);
+
+TSPICALL Tspi_Key_UnloadKey
+(
+ TSS_HKEY hKey // in
+);
+
+TSPICALL Tspi_Key_GetPubKey
+(
+ TSS_HKEY hKey, // in
+ UINT32* pulPubKeyLength, // out
+ BYTE** prgbPubKey // out
+);
+
+TSPICALL Tspi_Key_CertifyKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hCertifyingKey, // in
+ TSS_VALIDATION* pValidationData // in, out
+);
+
+TSPICALL Tspi_Key_CreateKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hWrappingKey, // in
+ TSS_HPCRS hPcrComposite // in, may be NULL
+);
+
+TSPICALL Tspi_Key_WrapKey
+(
+ TSS_HKEY hKey, // in
+ TSS_HKEY hWrappingKey, // in
+ TSS_HPCRS hPcrComposite // in, may be NULL
+);
+
+TSPICALL Tspi_Key_CreateMigrationBlob
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ UINT32 ulMigTicketLength, // in
+ BYTE* rgbMigTicket, // in
+ UINT32* pulRandomLength, // out
+ BYTE** prgbRandom, // out
+ UINT32* pulMigrationBlobLength, // out
+ BYTE** prgbMigrationBlob // out
+);
+
+TSPICALL Tspi_Key_ConvertMigrationBlob
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ UINT32 ulRandomLength, // in
+ BYTE* rgbRandom, // in
+ UINT32 ulMigrationBlobLength, // in
+ BYTE* rgbMigrationBlob // in
+);
+
+TSPICALL Tspi_Key_MigrateKey
+(
+ TSS_HKEY hMaKey, // in
+ TSS_HKEY hPublicKey, // in
+ TSS_HKEY hMigData // in
+);
+
+TSPICALL Tspi_Key_CMKCreateBlob
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ TSS_HMIGDATA hMigrationData, // in
+ UINT32* pulRandomLength, // out
+ BYTE** prgbRandom // out
+);
+
+TSPICALL Tspi_Key_CMKConvertMigration
+(
+ TSS_HKEY hKeyToMigrate, // in
+ TSS_HKEY hParentKey, // in
+ TSS_HMIGDATA hMigrationData, // in
+ UINT32 ulRandomLength, // in
+ BYTE* rgbRandom // in
+);
+
+
+
+// Hash Class Definition
+TSPICALL Tspi_Hash_Sign
+(
+ TSS_HHASH hHash, // in
+ TSS_HKEY hKey, // in
+ UINT32* pulSignatureLength, // out
+ BYTE** prgbSignature // out
+);
+
+TSPICALL Tspi_Hash_VerifySignature
+(
+ TSS_HHASH hHash, // in
+ TSS_HKEY hKey, // in
+ UINT32 ulSignatureLength, // in
+ BYTE* rgbSignature // in
+);
+
+TSPICALL Tspi_Hash_SetHashValue
+(
+ TSS_HHASH hHash, // in
+ UINT32 ulHashValueLength, // in
+ BYTE* rgbHashValue // in
+);
+
+TSPICALL Tspi_Hash_GetHashValue
+(
+ TSS_HHASH hHash, // in
+ UINT32* pulHashValueLength, // out
+ BYTE** prgbHashValue // out
+);
+
+TSPICALL Tspi_Hash_UpdateHashValue
+(
+ TSS_HHASH hHash, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbData // in
+);
+
+TSPICALL Tspi_Hash_TickStampBlob
+(
+ TSS_HHASH hHash, // in
+ TSS_HKEY hIdentKey, // in
+ TSS_VALIDATION* pValidationData // in
+);
+
+
+
+// EncData Class Definition
+TSPICALL Tspi_Data_Bind
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hEncKey, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToBind // in
+);
+
+TSPICALL Tspi_Data_Unbind
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hKey, // in
+ UINT32* pulUnboundDataLength, // out
+ BYTE** prgbUnboundData // out
+);
+
+TSPICALL Tspi_Data_Seal
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hEncKey, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToSeal, // in
+ TSS_HPCRS hPcrComposite // in
+);
+
+TSPICALL Tspi_Data_Unseal
+(
+ TSS_HENCDATA hEncData, // in
+ TSS_HKEY hKey, // in
+ UINT32* pulUnsealedDataLength, // out
+ BYTE** prgbUnsealedData // out
+);
+
+
+
+// NV Class Definition
+TSPICALL Tspi_NV_DefineSpace
+(
+ TSS_HNVSTORE hNVStore, // in
+ TSS_HPCRS hReadPcrComposite, // in, may be NULL
+ TSS_HPCRS hWritePcrComposite // in, may be NULL
+);
+
+TSPICALL Tspi_NV_ReleaseSpace
+(
+ TSS_HNVSTORE hNVStore // in
+);
+
+TSPICALL Tspi_NV_WriteValue
+(
+ TSS_HNVSTORE hNVStore, // in
+ UINT32 offset, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToWrite // in
+);
+
+TSPICALL Tspi_NV_ReadValue
+(
+ TSS_HNVSTORE hNVStore, // in
+ UINT32 offset, // in
+ UINT32* ulDataLength, // in, out
+ BYTE** rgbDataRead // out
+);
+
+
+// DAA Utility functions (optional, do not require a TPM or TCS)
+TSPICALL Tspi_DAA_IssuerKeyVerify
+(
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_BOOL* isCorrect // out
+);
+
+TSPICALL Tspi_DAA_Issuer_GenerateKey
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ UINT32 issuerBaseNameLength, // in
+ BYTE* issuerBaseName // in
+);
+
+TSPICALL Tspi_DAA_Issuer_InitCredential
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_HKEY issuerAuthPK, // in
+ TSS_DAA_IDENTITY_PROOF* identityProof, // in
+ UINT32 capitalUprimeLength, // in
+ BYTE* capitalUprime, // in
+ UINT32 daaCounter, // in
+ UINT32* nonceIssuerLength, // out
+ BYTE** nonceIssuer, // out
+ UINT32* authenticationChallengeLength, // out
+ BYTE** authenticationChallenge, // out
+ UINT32* joinSessionLength, // out
+ BYTE** joinSession // out
+);
+
+TSPICALL Tspi_DAA_Issuer_IssueCredential
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_DAA_CREDENTIAL_REQUEST* credentialRequest, // in
+ UINT32 issuerJoinSessionLength, // in
+ BYTE* issuerJoinSession, // in
+ TSS_DAA_CRED_ISSUER** credIssuer // out
+);
+
+TSPICALL Tspi_DAA_Verifier_Init
+(
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ UINT32* nonceVerifierLength, // out
+ BYTE** nonceVerifier, // out
+ UINT32* baseNameLength, // out
+ BYTE** baseName // out
+);
+
+TSPICALL Tspi_DAA_VerifySignature
+(
+ TSS_HDAA_CREDENTIAL hDAACredential, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_HDAA_ARA_KEY hARAKey, // in
+ TSS_HHASH hARACondition, // in
+ UINT32 attributesLength, // in
+ UINT32 attributesLength2, // in
+ BYTE** attributes, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ TSS_HOBJECT signData, // in
+ TSS_DAA_SIGNATURE* daaSignature, // in
+ TSS_BOOL* isCorrect // out
+);
+
+TSPICALL Tspi_DAA_ARA_GenerateKey
+(
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_HDAA_ARA_KEY hARAKey // in
+);
+
+TSPICALL Tspi_DAA_ARA_RevokeAnonymity
+(
+ TSS_HDAA_ARA_KEY hARAKey, // in
+ TSS_HHASH hARACondition, // in
+ TSS_HDAA_ISSUER_KEY hIssuerKey, // in
+ TSS_DAA_PSEUDONYM_ENCRYPTED* encryptedPseudonym, // in
+ TSS_DAA_PSEUDONYM_PLAIN** pseudonym // out
+);
+
+
+
+// Callback typedefs
+typedef TSS_RESULT (*Tspicb_CallbackHMACAuth)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hAuthorizedObject, // in
+ TSS_BOOL ReturnOrVerify, // in
+ UINT32 ulPendingFunction, // in
+ TSS_BOOL ContinueUse, // in
+ UINT32 ulSizeNonces, // in
+ BYTE* rgbNonceEven, // in
+ BYTE* rgbNonceOdd, // in
+ BYTE* rgbNonceEvenOSAP, // in
+ BYTE* rgbNonceOddOSAP, // in
+ UINT32 ulSizeDigestHmac, // in
+ BYTE* rgbParamDigest, // in
+ BYTE* rgbHmacData // in, out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackXorEnc)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hOSAPObject, // in
+ TSS_HOBJECT hObject, // in
+ TSS_FLAG PurposeSecret, // in
+ UINT32 ulSizeNonces, // in
+ BYTE* rgbNonceEven, // in
+ BYTE* rgbNonceOdd, // in
+ BYTE* rgbNonceEvenOSAP, // in
+ BYTE* rgbNonceOddOSAP, // in
+ UINT32 ulSizeEncAuth, // in
+ BYTE* rgbEncAuthUsage, // out
+ BYTE* rgbEncAuthMigration // out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackTakeOwnership)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hObject, // in
+ TSS_HKEY hObjectPubKey, // in
+ UINT32 ulSizeEncAuth, // in
+ BYTE* rgbEncAuth // out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackSealxMask)
+(
+ PVOID lpAppData, // in
+ TSS_HKEY hKey, // in
+ TSS_HENCDATA hEncData, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulSizeNonces, // in
+ BYTE* rgbNonceEven, // in
+ BYTE* rgbNonceOdd, // in
+ BYTE* rgbNonceEvenOSAP, // in
+ BYTE* rgbNonceOddOSAP, // in
+ UINT32 ulDataLength, // in
+ BYTE* rgbDataToMask, // in
+ BYTE* rgbMaskedData // out
+);
+
+typedef TSS_RESULT (*Tspicb_CallbackChangeAuthAsym)
+(
+ PVOID lpAppData, // in
+ TSS_HOBJECT hObject, // in
+ TSS_HKEY hObjectPubKey, // in
+ UINT32 ulSizeEncAuth, // in
+ UINT32 ulSizeAuthLink, // in
+ BYTE* rgbEncAuth, // out
+ BYTE* rgbAuthLink // out
+);
+
+typedef TSS_RESULT (*Tspicb_CollateIdentity)
+(
+ PVOID lpAppData, // in
+ UINT32 ulTCPAPlainIdentityProofLength, // in
+ BYTE* rgbTCPAPlainIdentityProof, // in
+ TSS_ALGORITHM_ID algID, // in
+ UINT32 ulSessionKeyLength, // out
+ BYTE* rgbSessionKey, // out
+ UINT32* pulTCPAIdentityProofLength, // out
+ BYTE* rgbTCPAIdentityProof // out
+);
+
+
+typedef TSS_RESULT (*Tspicb_ActivateIdentity)
+(
+ PVOID lpAppData, // in
+ UINT32 ulSessionKeyLength, // in
+ BYTE* rgbSessionKey, // in
+ UINT32 ulSymCAAttestationBlobLength, // in
+ BYTE* rgbSymCAAttestationBlob, // in
+ UINT32* pulCredentialLength, // out
+ BYTE* rgbCredential // out
+);
+
+
+typedef TSS_RESULT (*Tspicb_DAA_Sign)
+(
+ PVOID lpAppData, // in
+ TSS_HDAA_ISSUER_KEY daaPublicKey, // in
+ UINT32 gammasLength, // in
+ BYTE** gammas, // in
+ UINT32 attributesLength, // in
+ BYTE** attributes, // in
+ UINT32 randomAttributesLength, // in
+ BYTE** randomAttributes, // in
+ UINT32 attributeCommitmentsLength,// in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments, // in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitmentsProof, // in
+ TSS_DAA_PSEUDONYM_PLAIN* pseudonym, // in
+ TSS_DAA_PSEUDONYM_PLAIN* pseudonymTilde, // in
+ TSS_DAA_PSEUDONYM_ENCRYPTED* pseudonymEncrypted, // in
+ TSS_DAA_PSEUDONYM_ENCRYPTED* pseudonymEncProof, // in
+ TSS_DAA_SIGN_CALLBACK** additionalProof // out
+);
+
+typedef TSS_RESULT (*Tspicb_DAA_VerifySignature)
+(
+ PVOID lpAppData, // in
+ UINT32 challengeLength, // in
+ BYTE* challenge, // in
+ TSS_DAA_SIGN_CALLBACK* additionalProof, // in
+ TSS_HDAA_ISSUER_KEY daaPublicKey, // in
+ UINT32 gammasLength, // in
+ BYTE** gammas, // in
+ UINT32 sAttributesLength, // in
+ BYTE** sAttributes, // in
+ UINT32 attributeCommitmentsLength,// in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments, // in
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitmentsProof, // in
+ UINT32 zetaLength, // in
+ BYTE* zeta, // in
+ UINT32 sFLength, // in
+ BYTE* sF, // in
+ TSS_DAA_PSEUDONYM* pseudonym, // in
+ TSS_DAA_PSEUDONYM* pseudonymProof, // in
+ TSS_BOOL* isCorrect // out
+);
+
+
+#if defined ( __cplusplus )
+}
+#endif /* __cplusplus */
+
+
+#endif /* _TSPI_H_ */
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_defines.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_defines.h
new file mode 100644
index 0000000..a525a6a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_defines.h
@@ -0,0 +1,1288 @@
+/*++
+
+Global defines for TSS.
+
+--*/
+
+#ifndef __TSS_DEFINES_H__
+#define __TSS_DEFINES_H__
+
+#include <tss/platform.h>
+#include <tss/tpm.h>
+
+
+//////////////////////////////////////////////////////////////////////////
+// Object types:
+//////////////////////////////////////////////////////////////////////////
+
+//
+// definition of the object types that can be created via CreateObject
+//
+#define TSS_OBJECT_TYPE_POLICY (0x01) // Policy object
+#define TSS_OBJECT_TYPE_RSAKEY (0x02) // RSA-Key object
+#define TSS_OBJECT_TYPE_ENCDATA (0x03) // Encrypted data object
+#define TSS_OBJECT_TYPE_PCRS (0x04) // PCR composite object
+#define TSS_OBJECT_TYPE_HASH (0x05) // Hash object
+#define TSS_OBJECT_TYPE_DELFAMILY (0x06) // Delegation Family object
+#define TSS_OBJECT_TYPE_NV (0x07) // NV object
+#define TSS_OBJECT_TYPE_MIGDATA (0x08) // CMK Migration data object
+#define TSS_OBJECT_TYPE_DAA_CERTIFICATE (0x09) // DAA credential
+#define TSS_OBJECT_TYPE_DAA_ISSUER_KEY (0x0a) // DAA cred. issuer keypair
+#define TSS_OBJECT_TYPE_DAA_ARA_KEY (0x0b) // DAA anonymity revocation
+ // authority keypair
+
+
+//////////////////////////////////////////////////////////////////////////
+// CreateObject: Flags
+//////////////////////////////////////////////////////////////////////////
+
+
+//************************************
+// Flags for creating RSAKEY object: *
+//************************************
+
+//
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+// |x x|Auth
+// |x| Volatility
+// |x| Migration
+// |x x x x| Type
+// |x x x x| Size
+// |x x| CMK
+// |x x x| Version
+// |0 0 0 0 0 0 0 0 0| Reserved
+// |x x x x x x| Fixed Type
+//
+
+// Authorization:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Never |0 0|
+// Always |0 1|
+// Private key always |1 0|
+//
+#define TSS_KEY_NO_AUTHORIZATION (0x00000000) // no auth needed
+ // for this key
+#define TSS_KEY_AUTHORIZATION (0x00000001) // key needs auth
+ // for all ops
+#define TSS_KEY_AUTHORIZATION_PRIV_USE_ONLY (0x00000002) // key needs auth
+ // for privkey ops,
+ // noauth for pubkey
+
+//
+// Volatility
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Non Volatile |0|
+// Volatile |1|
+//
+#define TSS_KEY_NON_VOLATILE (0x00000000) // Key is non-volatile
+#define TSS_KEY_VOLATILE (0x00000004) // Key is volatile
+
+//
+// Migration
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Non Migratable |0|
+// Migratable |1|
+//
+#define TSS_KEY_NOT_MIGRATABLE (0x00000000) // key is not migratable
+#define TSS_KEY_MIGRATABLE (0x00000008) // key is migratable
+
+//
+// Usage
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Default (Legacy) |0 0 0 0|
+// Signing |0 0 0 1|
+// Storage |0 0 1 0|
+// Identity |0 0 1 1|
+// AuthChange |0 1 0 0|
+// Bind |0 1 0 1|
+// Legacy |0 1 1 0|
+//
+#define TSS_KEY_TYPE_DEFAULT (0x00000000) // indicate a default key
+ // (Legacy-Key)
+#define TSS_KEY_TYPE_SIGNING (0x00000010) // indicate a signing key
+#define TSS_KEY_TYPE_STORAGE (0x00000020) // used as storage key
+#define TSS_KEY_TYPE_IDENTITY (0x00000030) // indicate an idendity key
+#define TSS_KEY_TYPE_AUTHCHANGE (0x00000040) // indicate an ephemeral key
+#define TSS_KEY_TYPE_BIND (0x00000050) // indicate a key for TPM_Bind
+#define TSS_KEY_TYPE_LEGACY (0x00000060) // indicate a key that can
+ // perform signing and binding
+#define TSS_KEY_TYPE_MIGRATE (0x00000070) // indicate a key that can
+ // act as a CMK MA
+#define TSS_KEY_TYPE_BITMASK (0x000000F0) // mask to extract key type
+
+//
+// Key size
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// DEFAULT |0 0 0 0|
+// 512 |0 0 0 1|
+// 1024 |0 0 1 0|
+// 2048 |0 0 1 1|
+// 4096 |0 1 0 0|
+// 8192 |0 1 0 1|
+// 16384 |0 1 1 0|
+//
+#define TSS_KEY_SIZE_DEFAULT (UINT32)(0x00000000) // indicate tpm-specific size
+#define TSS_KEY_SIZE_512 (UINT32)(0x00000100) // indicate a 512-bit key
+#define TSS_KEY_SIZE_1024 (UINT32)(0x00000200) // indicate a 1024-bit key
+#define TSS_KEY_SIZE_2048 (UINT32)(0x00000300) // indicate a 2048-bit key
+#define TSS_KEY_SIZE_4096 (UINT32)(0x00000400) // indicate a 4096-bit key
+#define TSS_KEY_SIZE_8192 (UINT32)(0x00000500) // indicate a 8192-bit key
+#define TSS_KEY_SIZE_16384 (UINT32)(0x00000600) // indicate a 16384-bit key
+#define TSS_KEY_SIZE_BITMASK (UINT32)(0x00000F00) // mask to extract key size
+
+//
+// Certified Migratability
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// DEFAULT |0 0|
+// Not Certified Migratable |0 0|
+// Certified Migratable |0 1|
+//
+#define TSS_KEY_NOT_CERTIFIED_MIGRATABLE (UINT32)(0x00000000)
+#define TSS_KEY_CERTIFIED_MIGRATABLE (UINT32)(0x00001000)
+
+//
+// Specification version
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Context default |0 0 0|
+// TPM_KEY 1.1b key |0 0 1|
+// TPM_KEY12 1.2 key |0 1 0|
+//
+#define TSS_KEY_STRUCT_DEFAULT (UINT32)(0x00000000)
+#define TSS_KEY_STRUCT_KEY (UINT32)(0x00004000)
+#define TSS_KEY_STRUCT_KEY12 (UINT32)(0x00008000)
+#define TSS_KEY_STRUCT_BITMASK (UINT32)(0x0001C000)
+
+
+//
+// fixed KeyTypes (templates)
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// |0 0 0 0 0 0| Empty Key
+// |0 0 0 0 0 1| Storage Root Key
+//
+#define TSS_KEY_EMPTY_KEY (0x00000000) // no TPM key template
+ // (empty TSP key object)
+#define TSS_KEY_TSP_SRK (0x04000000) // use a TPM SRK template
+ // (TSP key object for SRK)
+#define TSS_KEY_TEMPLATE_BITMASK (0xFC000000) // bitmask to extract key
+ // template
+
+
+//*************************************
+// Flags for creating ENCDATA object: *
+//*************************************
+
+//
+// Type
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Seal |0 0 1|
+// Bind |0 1 0|
+// Legacy |0 1 1|
+//
+// ENCDATA Reserved:
+// |x x x x x x x x x x x x x x x x x x x x x x x x x x x x x|
+//
+#define TSS_ENCDATA_SEAL (0x00000001) // data for seal operation
+#define TSS_ENCDATA_BIND (0x00000002) // data for bind operation
+#define TSS_ENCDATA_LEGACY (0x00000003) // data for legacy bind operation
+
+
+//**********************************
+// Flags for creating HASH object: *
+//**********************************
+
+//
+// Algorithm
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// DEFAULT
+// |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0|
+// SHA1
+// |0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1|
+// OTHER
+// |1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1|
+//
+#define TSS_HASH_DEFAULT (0x00000000) // Default hash algorithm
+#define TSS_HASH_SHA1 (0x00000001) // SHA-1 with 20 bytes
+#define TSS_HASH_OTHER (0xFFFFFFFF) // Not-specified hash algorithm
+
+
+//************************************
+// Flags for creating POLICY object: *
+//************************************
+
+//
+// Type
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+//
+// Usage |0 0 1|
+// Migration |0 1 0|
+// Operator |0 1 1|
+//
+// POLICY Reserved:
+// |x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x|
+
+#define TSS_POLICY_USAGE (0x00000001) // usage policy object
+#define TSS_POLICY_MIGRATION (0x00000002) // migration policy object
+#define TSS_POLICY_OPERATOR (0x00000003) // migration policy object
+
+
+//******************************************
+// Flags for creating PCRComposite object: *
+//******************************************
+
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+// |x x| Struct
+// |x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x| Reserved
+//
+
+// PCRComposite Version:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// ---------------------------------------------------------------
+// TPM_PCR_DEFAULT |0 0 0|
+// TPM_PCR_INFO |0 0 1|
+// TPM_PCR_INFO_LONG |0 1 0|
+// TPM_PCR_INFO_SHORT |0 1 1|
+//
+
+#define TSS_PCRS_STRUCT_DEFAULT (0x00000000) // depends on context
+#define TSS_PCRS_STRUCT_INFO (0x00000001) // TPM_PCR_INFO
+#define TSS_PCRS_STRUCT_INFO_LONG (0x00000002) // TPM_PCR_INFO_LONG
+#define TSS_PCRS_STRUCT_INFO_SHORT (0x00000003) // TPM_PCR_INFO_SHORT
+
+
+
+//////////////////////////////////////////////////////////////////////////
+// Attribute Flags, Subflags, and Values
+//////////////////////////////////////////////////////////////////////////
+
+
+//******************
+// Context object: *
+//******************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_CONTEXT_SILENT_MODE (0x00000001)
+ // dialog display control
+#define TSS_TSPATTRIB_CONTEXT_MACHINE_NAME (0x00000002)
+ // remote machine name
+#define TSS_TSPATTRIB_CONTEXT_VERSION_MODE (0x00000003)
+ // context version
+#define TSS_TSPATTRIB_CONTEXT_TRANSPORT (0x00000004)
+ // transport control
+#define TSS_TSPATTRIB_CONTEXT_CONNECTION_VERSION (0x00000005)
+ // connection version
+#define TSS_TSPATTRIB_SECRET_HASH_MODE (0x00000006)
+ // flag indicating whether
+ // NUL is included in the
+ // hash of the password
+//
+// SubFlags for Flag TSS_TSPATTRIB_CONTEXT_TRANSPORT
+//
+#define TSS_TSPATTRIB_CONTEXTTRANS_CONTROL (0x00000008)
+#define TSS_TSPATTRIB_CONTEXTTRANS_MODE (0x00000010)
+
+//
+// Values for the TSS_TSPATTRIB_CONTEXT_SILENT_MODE attribute
+//
+#define TSS_TSPATTRIB_CONTEXT_NOT_SILENT (0x00000000) // TSP dialogs enabled
+#define TSS_TSPATTRIB_CONTEXT_SILENT (0x00000001) // TSP dialogs disabled
+
+//
+// Values for the TSS_TSPATTRIB_CONTEXT_VERSION_MODE attribute
+//
+#define TSS_TSPATTRIB_CONTEXT_VERSION_AUTO (0x00000001)
+#define TSS_TSPATTRIB_CONTEXT_VERSION_V1_1 (0x00000002)
+#define TSS_TSPATTRIB_CONTEXT_VERSION_V1_2 (0x00000003)
+
+//
+// Values for the subflag TSS_TSPATTRIB_CONTEXT_TRANS_CONTROL
+//
+#define TSS_TSPATTRIB_DISABLE_TRANSPORT (0x00000016)
+#define TSS_TSPATTRIB_ENABLE_TRANSPORT (0x00000032)
+
+//
+// Values for the subflag TSS_TSPATTRIB_CONTEXT_TRANS_MODE
+//
+#define TSS_TSPATTRIB_TRANSPORT_NO_DEFAULT_ENCRYPTION (0x00000000)
+#define TSS_TSPATTRIB_TRANSPORT_DEFAULT_ENCRYPTION (0x00000001)
+#define TSS_TSPATTRIB_TRANSPORT_AUTHENTIC_CHANNEL (0x00000002)
+#define TSS_TSPATTRIB_TRANSPORT_EXCLUSIVE (0x00000004)
+#define TSS_TSPATTRIB_TRANSPORT_STATIC_AUTH (0x00000008)
+
+//
+// Values for the TSS_TSPATTRIB_CONTEXT_CONNECTION_VERSION attribute
+//
+#define TSS_CONNECTION_VERSION_1_1 (0x00000001)
+#define TSS_CONNECTION_VERSION_1_2 (0x00000002)
+
+
+//
+// Subflags of TSS_TSPATTRIB_SECRET_HASH_MODE
+//
+#define TSS_TSPATTRIB_SECRET_HASH_MODE_POPUP (0x00000001)
+
+//
+// Values for TSS_TSPATTRIB_SECRET_HASH_MODE_POPUP subflag
+//
+#define TSS_TSPATTRIB_HASH_MODE_NOT_NULL (0x00000000)
+#define TSS_TSPATTRIB_HASH_MODE_NULL (0x00000001)
+
+
+// *************
+// TPM object: *
+// *************
+
+//
+// Attributes:
+//
+#define TSS_TSPATTRIB_TPM_CALLBACK_COLLATEIDENTITY 0x00000001
+#define TSS_TSPATTRIB_TPM_CALLBACK_ACTIVATEIDENTITY 0x00000002
+#define TSS_TSPATTRIB_TPM_ORDINAL_AUDIT_STATUS 0x00000003
+#define TSS_TSPATTRIB_TPM_CREDENTIAL 0x00001000
+
+//
+// Subflags for TSS_TSPATTRIB_TPM_ORDINAL_AUDIT_STATUS
+//
+#define TPM_CAP_PROP_TPM_CLEAR_ORDINAL_AUDIT 0x00000000
+#define TPM_CAP_PROP_TPM_SET_ORDINAL_AUDIT 0x00000001
+
+//
+// Subflags for TSS_TSPATTRIB_TPM_CREDENTIAL
+//
+#define TSS_TPMATTRIB_EKCERT 0x00000001
+#define TSS_TPMATTRIB_TPM_CC 0x00000002
+#define TSS_TPMATTRIB_PLATFORMCERT 0x00000003
+#define TSS_TPMATTRIB_PLATFORM_CC 0x00000004
+
+
+//*****************
+// Policy object: *
+//*****************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_POLICY_CALLBACK_HMAC (0x00000080)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_CALLBACK_XOR_ENC (0x00000100)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_CALLBACK_TAKEOWNERSHIP (0x00000180)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_CALLBACK_CHANGEAUTHASYM (0x00000200)
+ // enable/disable callback function
+
+#define TSS_TSPATTRIB_POLICY_SECRET_LIFETIME (0x00000280)
+ // set lifetime mode for policy secret
+
+#define TSS_TSPATTRIB_POLICY_POPUPSTRING (0x00000300)
+ // set a NULL terminated UNICODE string
+ // which is displayed in the TSP policy
+ // popup dialog
+#define TSS_TSPATTRIB_POLICY_CALLBACK_SEALX_MASK (0x00000380)
+ // enable/disable callback function
+#if 0
+/* This attribute flag is defined earlier with the context attributes.
+ * It is valid for both context and policy objects. It is copied
+ * here as a reminder to avoid collisions.
+ */
+#define TSS_TSPATTRIB_SECRET_HASH_MODE (0x00000006)
+ // flag indicating whether
+ // NUL is included in the
+ // hash of the password
+#endif
+
+
+#define TSS_TSPATTRIB_POLICY_DELEGATION_INFO (0x00000001)
+#define TSS_TSPATTRIB_POLICY_DELEGATION_PCR (0x00000002)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_POLICY_SECRET_LIFETIME
+//
+#define TSS_SECRET_LIFETIME_ALWAYS (0x00000001) // secret will not be
+ // invalidated
+#define TSS_SECRET_LIFETIME_COUNTER (0x00000002) // secret lifetime
+ // controlled by counter
+#define TSS_SECRET_LIFETIME_TIMER (0x00000003) // secret lifetime
+ // controlled by time
+#define TSS_TSPATTRIB_POLSECRET_LIFETIME_ALWAYS TSS_SECRET_LIFETIME_ALWAYS
+#define TSS_TSPATTRIB_POLSECRET_LIFETIME_COUNTER TSS_SECRET_LIFETIME_COUNTER
+#define TSS_TSPATTRIB_POLSECRET_LIFETIME_TIMER TSS_SECRET_LIFETIME_TIMER
+
+// Alternate names misspelled in the 1.1 TSS spec.
+#define TSS_TSPATTRIB_POLICYSECRET_LIFETIME_ALWAYS TSS_SECRET_LIFETIME_ALWAYS
+#define TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER TSS_SECRET_LIFETIME_COUNTER
+#define TSS_TSPATTRIB_POLICYSECRET_LIFETIME_TIMER TSS_SECRET_LIFETIME_TIMER
+
+//
+// Subflags of TSS_TSPATTRIB_POLICY_DELEGATION_INFO
+//
+#define TSS_TSPATTRIB_POLDEL_TYPE (0x00000001)
+#define TSS_TSPATTRIB_POLDEL_INDEX (0x00000002)
+#define TSS_TSPATTRIB_POLDEL_PER1 (0x00000003)
+#define TSS_TSPATTRIB_POLDEL_PER2 (0x00000004)
+#define TSS_TSPATTRIB_POLDEL_LABEL (0x00000005)
+#define TSS_TSPATTRIB_POLDEL_FAMILYID (0x00000006)
+#define TSS_TSPATTRIB_POLDEL_VERCOUNT (0x00000007)
+#define TSS_TSPATTRIB_POLDEL_OWNERBLOB (0x00000008)
+#define TSS_TSPATTRIB_POLDEL_KEYBLOB (0x00000009)
+
+//
+// Subflags of TSS_TSPATTRIB_POLICY_DELEGATION_PCR
+//
+#define TSS_TSPATTRIB_POLDELPCR_LOCALITY (0x00000001)
+#define TSS_TSPATTRIB_POLDELPCR_DIGESTATRELEASE (0x00000002)
+#define TSS_TSPATTRIB_POLDELPCR_SELECTION (0x00000003)
+
+//
+// Values for the Policy TSS_TSPATTRIB_POLDEL_TYPE attribute
+//
+#define TSS_DELEGATIONTYPE_NONE (0x00000001)
+#define TSS_DELEGATIONTYPE_OWNER (0x00000002)
+#define TSS_DELEGATIONTYPE_KEY (0x00000003)
+
+
+
+//
+// Flags used for the 'mode' parameter in Tspi_Policy_SetSecret()
+//
+#define TSS_SECRET_MODE_NONE (0x00000800) // No authorization will be
+ // processed
+#define TSS_SECRET_MODE_SHA1 (0x00001000) // Secret string will not be
+ // touched by TSP
+#define TSS_SECRET_MODE_PLAIN (0x00001800) // Secret string will be hashed
+ // using SHA1
+#define TSS_SECRET_MODE_POPUP (0x00002000) // TSS SP will ask for a secret
+#define TSS_SECRET_MODE_CALLBACK (0x00002800) // Application has to provide a
+ // call back function
+
+
+
+//******************
+// EncData object: *
+//******************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_ENCDATA_BLOB (0x00000008)
+#define TSS_TSPATTRIB_ENCDATA_PCR (0x00000010)
+#define TSS_TSPATTRIB_ENCDATA_PCR_LONG (0x00000018)
+#define TSS_TSPATTRIB_ENCDATA_SEAL (0x00000020)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_ENCDATA_BLOB
+//
+#define TSS_TSPATTRIB_ENCDATABLOB_BLOB (0x00000001) // encrypted data blob
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_ENCDATA_PCR
+//
+#define TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATCREATION (0x00000002)
+#define TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATRELEASE (0x00000003)
+#define TSS_TSPATTRIB_ENCDATAPCR_SELECTION (0x00000004)
+// support typo from 1.1 headers
+#define TSS_TSPATTRIB_ENCDATAPCR_DIGEST_RELEASE \
+ TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATRELEASE
+
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_LOCALITY_ATCREATION (0x00000005)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_LOCALITY_ATRELEASE (0x00000006)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_CREATION_SELECTION (0x00000007)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_RELEASE_SELECTION (0x00000008)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_DIGEST_ATCREATION (0x00000009)
+#define TSS_TSPATTRIB_ENCDATAPCRLONG_DIGEST_ATRELEASE (0x0000000A)
+
+
+//
+// Attribute subflags TSS_TSPATTRIB_ENCDATA_SEAL
+//
+#define TSS_TSPATTRIB_ENCDATASEAL_PROTECT_MODE (0x00000001)
+
+//
+// Attribute values for
+// TSS_TSPATTRIB_ENCDATA_SEAL/TSS_TSPATTRIB_ENCDATASEAL_PROTECT_MODE
+//
+#define TSS_TSPATTRIB_ENCDATASEAL_NOPROTECT (0x00000000)
+#define TSS_TSPATTRIB_ENCDATASEAL_PROTECT (0x00000001)
+
+// Accounting for typos in original header files
+#define TSS_TSPATTRIB_ENCDATASEAL_NO_PROTECT \
+ TSS_TSPATTRIB_ENCDATASEAL_NOPROTECT
+
+//*************
+// NV object: *
+//*************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_NV_INDEX (0x00000001)
+#define TSS_TSPATTRIB_NV_PERMISSIONS (0x00000002)
+#define TSS_TSPATTRIB_NV_STATE (0x00000003)
+#define TSS_TSPATTRIB_NV_DATASIZE (0x00000004)
+#define TSS_TSPATTRIB_NV_PCR (0x00000005)
+
+#define TSS_TSPATTRIB_NVSTATE_READSTCLEAR (0x00100000)
+#define TSS_TSPATTRIB_NVSTATE_WRITESTCLEAR (0x00200000)
+#define TSS_TSPATTRIB_NVSTATE_WRITEDEFINE (0x00300000)
+
+#define TSS_TSPATTRIB_NVPCR_READPCRSELECTION (0x01000000)
+#define TSS_TSPATTRIB_NVPCR_READDIGESTATRELEASE (0x02000000)
+#define TSS_TSPATTRIB_NVPCR_READLOCALITYATRELEASE (0x03000000)
+#define TSS_TSPATTRIB_NVPCR_WRITEPCRSELECTION (0x04000000)
+#define TSS_TSPATTRIB_NVPCR_WRITEDIGESTATRELEASE (0x05000000)
+#define TSS_TSPATTRIB_NVPCR_WRITELOCALITYATRELEASE (0x06000000)
+
+/* NV index flags
+ *
+ * From the TPM spec, Part 2, Section 19.1.
+ *
+ * 3 2 1
+ * 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ * |T|P|U|D| resvd | Purview | Index |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ */
+#define TSS_NV_TPM (0x80000000) // TPM mfr reserved bit
+#define TSS_NV_PLATFORM (0x40000000) // Platform mfr reserved bit
+#define TSS_NV_USER (0x20000000) // User reserved bit
+#define TSS_NV_DEFINED (0x10000000) // "Defined permanently" flag
+#define TSS_NV_MASK_TPM (0x80000000) // mask to extract 'T'
+#define TSS_NV_MASK_PLATFORM (0x40000000) // mask to extract 'P'
+#define TSS_NV_MASK_USER (0x20000000) // mask to extract 'U'
+#define TSS_NV_MASK_DEFINED (0x10000000) // mask to extract 'D'
+#define TSS_NV_MASK_RESERVED (0x0f000000) // mask to extract reserved bits
+#define TSS_NV_MASK_PURVIEW (0x00ff0000) // mask to extract purview byte
+#define TSS_NV_MASK_INDEX (0x0000ffff) // mask to extract index byte
+
+// This is the index of the NV storage area where the number of sessions
+// per locality is stored.
+#define TSS_NV_INDEX_SESSIONS (0x00011101)
+
+
+//******************
+// MigData object: *
+//******************
+
+//
+// Attributes
+//
+#define TSS_MIGATTRIB_MIGRATIONBLOB (0x00000010)
+#define TSS_MIGATTRIB_MIGRATIONTICKET (0x00000020)
+#define TSS_MIGATTRIB_AUTHORITY_DATA (0x00000030)
+#define TSS_MIGATTRIB_MIG_AUTH_DATA (0x00000040)
+#define TSS_MIGATTRIB_TICKET_DATA (0x00000050)
+#define TSS_MIGATTRIB_PAYLOAD_TYPE (0x00000060)
+
+//
+// Attribute subflags TSS_MIGATTRIB_MIGRATIONBLOB
+//
+#define TSS_MIGATTRIB_MIGRATION_XOR_BLOB (0x00000101)
+#define TSS_MIGATTRIB_MIGRATION_REWRAPPED_BLOB (0x00000102)
+#define TSS_MIGATTRIB_MIG_MSALIST_PUBKEY_BLOB (0x00000103)
+#define TSS_MIGATTRIB_MIG_AUTHORITY_PUBKEY_BLOB (0x00000104)
+#define TSS_MIGATTRIB_MIG_DESTINATION_PUBKEY_BLOB (0x00000105)
+#define TSS_MIGATTRIB_MIG_SOURCE_PUBKEY_BLOB (0x00000106)
+#define TSS_MIGATTRIB_MIG_REWRAPPED_BLOB TSS_MIGATTRIB_MIGRATION_REWRAPPED_BLOB
+#define TSS_MIGATTRIB_MIG_XOR_BLOB TSS_MIGATTRIB_MIGRATION_XOR_BLOB
+
+//
+// Attribute subflags TSS_MIGATTRIB_MIGRATIONTICKET
+//
+// none
+
+//
+// Attribute subflags TSS_MIGATTRIB_AUTHORITY_DATA
+//
+#define TSS_MIGATTRIB_AUTHORITY_DIGEST (0x00000301)
+#define TSS_MIGATTRIB_AUTHORITY_APPROVAL_HMAC (0x00000302)
+#define TSS_MIGATTRIB_AUTHORITY_MSALIST (0x00000303)
+
+//
+// Attribute subflags TSS_MIGATTRIB_MIG_AUTH_DATA
+//
+#define TSS_MIGATTRIB_MIG_AUTH_AUTHORITY_DIGEST (0x00000401)
+#define TSS_MIGATTRIB_MIG_AUTH_DESTINATION_DIGEST (0x00000402)
+#define TSS_MIGATTRIB_MIG_AUTH_SOURCE_DIGEST (0x00000403)
+
+//
+// Attribute subflags TSS_MIGATTRIB_TICKET_DATA
+//
+#define TSS_MIGATTRIB_TICKET_SIG_DIGEST (0x00000501)
+#define TSS_MIGATTRIB_TICKET_SIG_VALUE (0x00000502)
+#define TSS_MIGATTRIB_TICKET_SIG_TICKET (0x00000503)
+#define TSS_MIGATTRIB_TICKET_RESTRICT_TICKET (0x00000504)
+
+//
+// Attribute subflags TSS_MIGATTRIB_PAYLOAD_TYPE
+//
+#define TSS_MIGATTRIB_PT_MIGRATE_RESTRICTED (0x00000601)
+#define TSS_MIGATTRIB_PT_MIGRATE_EXTERNAL (0x00000602)
+
+
+
+
+//***************
+// Hash object: *
+//***************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_HASH_IDENTIFIER (0x00001000) // Hash algorithm identifier
+#define TSS_TSPATTRIB_ALG_IDENTIFIER (0x00002000) // ASN.1 alg identifier
+
+
+
+//***************
+// PCRs object: *
+//***************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_PCRS_INFO (0x00000001) // info
+
+//
+// Subflags for TSS_TSPATTRIB_PCRS_INFO flag
+//
+#define TSS_TSPATTRIB_PCRSINFO_PCRSTRUCT (0x00000001) // type of pcr struct
+ // TSS_PCRS_STRUCT_TYPE_XX
+
+//****************************
+// Delegation Family object: *
+//****************************
+
+//
+// Attributes
+//
+#define TSS_TSPATTRIB_DELFAMILY_STATE (0x00000001)
+#define TSS_TSPATTRIB_DELFAMILY_INFO (0x00000002)
+
+// DELFAMILY_STATE sub-attributes
+#define TSS_TSPATTRIB_DELFAMILYSTATE_LOCKED (0x00000001)
+#define TSS_TSPATTRIB_DELFAMILYSTATE_ENABLED (0x00000002)
+
+// DELFAMILY_INFO sub-attributes
+#define TSS_TSPATTRIB_DELFAMILYINFO_LABEL (0x00000003)
+#define TSS_TSPATTRIB_DELFAMILYINFO_VERCOUNT (0x00000004)
+#define TSS_TSPATTRIB_DELFAMILYINFO_FAMILYID (0x00000005)
+
+// Bitmasks for the 'ulFlags' argument to Tspi_TPM_Delegate_CreateDelegation.
+// Only one bit used for now.
+#define TSS_DELEGATE_INCREMENTVERIFICATIONCOUNT ((UINT32)1)
+
+// Bitmasks for the 'ulFlags' argument to
+// Tspi_TPM_Delegate_CacheOwnerDelegation. Only 1 bit is used for now.
+#define TSS_DELEGATE_CACHEOWNERDELEGATION_OVERWRITEEXISTING ((UINT32)1)
+
+
+
+//*************************
+// DAA Credential Object: *
+//*************************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_DAACRED_COMMIT (0x00000001)
+#define TSS_TSPATTRIB_DAACRED_ATTRIB_GAMMAS (0x00000002)
+#define TSS_TSPATTRIB_DAACRED_CREDENTIAL_BLOB (0x00000003)
+#define TSS_TSPATTRIB_DAACRED_CALLBACK_SIGN (0x00000004)
+#define TSS_TSPATTRIB_DAACRED_CALLBACK_VERIFYSIGNATURE (0x00000005)
+
+//
+// Subflags for TSS_TSPATTRIB_DAACRED_COMMIT
+//
+#define TSS_TSPATTRIB_DAACOMMIT_NUMBER (0x00000001)
+#define TSS_TSPATTRIB_DAACOMMIT_SELECTION (0x00000002)
+#define TSS_TSPATTRIB_DAACOMMIT_COMMITMENTS (0x00000003)
+
+//
+// Subflags for TSS_TSPATTRIB_DAACRED_ATTRIB_GAMMAS
+//
+#define TSS_TSPATTRIB_DAAATTRIBGAMMAS_BLOB (0xffffffff)
+
+
+
+//*************************
+// DAA Issuer Key Object: *
+//*************************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_DAAISSUERKEY_BLOB (0x00000001)
+#define TSS_TSPATTRIB_DAAISSUERKEY_PUBKEY (0x00000002)
+
+//
+// Subflags for TSS_TSPATTRIB_DAAISSUERKEY_BLOB
+//
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_PUBLIC_KEY (0x00000001)
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_SECRET_KEY (0x00000002)
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_KEYBLOB (0x00000003)
+#define TSS_TSPATTRIB_DAAISSUERKEYBLOB_PROOF (0x00000004)
+
+//
+// Subflags for TSS_TSPATTRIB_DAAISSUERKEY_PUBKEY
+//
+#define TSS_TSPATTRIB_DAAISSUERKEYPUBKEY_NUM_ATTRIBS (0x00000001)
+#define TSS_TSPATTRIB_DAAISSUERKEYPUBKEY_NUM_PLATFORM_ATTRIBS (0x00000002)
+#define TSS_TSPATTRIB_DAAISSUERKEYPUBKEY_NUM_ISSUER_ATTRIBS (0x00000003)
+
+
+
+//***************************************
+// DAA Anonymity Revocation Key Object: *
+//***************************************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_DAAARAKEY_BLOB (0x00000001)
+
+//
+// Subflags for TSS_TSPATTRIB_DAAARAKEY_BLOB
+//
+#define TSS_TSPATTRIB_DAAARAKEYBLOB_PUBLIC_KEY (0x00000001)
+#define TSS_TSPATTRIB_DAAARAKEYBLOB_SECRET_KEY (0x00000002)
+#define TSS_TSPATTRIB_DAAARAKEYBLOB_KEYBLOB (0x00000003)
+
+
+
+//
+// Structure payload flags for TSS_DAA_PSEUDONYM,
+// (TSS_DAA_PSEUDONYM.payloadFlag)
+//
+#define TSS_FLAG_DAA_PSEUDONYM_PLAIN (0x00000000)
+#define TSS_FLAG_DAA_PSEUDONYM_ENCRYPTED (0x00000001)
+
+
+//**************
+// Key Object: *
+//**************
+
+//
+// Attribute flags
+//
+#define TSS_TSPATTRIB_KEY_BLOB (0x00000040) // key info as blob data
+#define TSS_TSPATTRIB_KEY_INFO (0x00000080) // keyparam info as blob data
+#define TSS_TSPATTRIB_KEY_UUID (0x000000C0) // key UUID info as blob data
+#define TSS_TSPATTRIB_KEY_PCR (0x00000100) // composite digest value for
+ // the key
+#define TSS_TSPATTRIB_RSAKEY_INFO (0x00000140) // public key info
+#define TSS_TSPATTRIB_KEY_REGISTER (0x00000180) // register location
+#define TSS_TSPATTRIB_KEY_PCR_LONG (0x000001c0) // PCR_INFO_LONG for the key
+#define TSS_TSPATTRIB_KEY_CONTROLBIT (0x00000200) // key control flags
+#define TSS_TSPATTRIB_KEY_CMKINFO (0x00000400) // CMK info
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_BLOB
+//
+#define TSS_TSPATTRIB_KEYBLOB_BLOB (0x00000008) // key info using the
+ // key blob
+#define TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY (0x00000010) // public key info
+ // using the blob
+#define TSS_TSPATTRIB_KEYBLOB_PRIVATE_KEY (0x00000028) // encrypted private key
+ // blob
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_INFO
+//
+#define TSS_TSPATTRIB_KEYINFO_SIZE (0x00000080) // key size in bits
+#define TSS_TSPATTRIB_KEYINFO_USAGE (0x00000100) // key usage info
+#define TSS_TSPATTRIB_KEYINFO_KEYFLAGS (0x00000180) // key flags
+#define TSS_TSPATTRIB_KEYINFO_AUTHUSAGE (0x00000200) // key auth usage info
+#define TSS_TSPATTRIB_KEYINFO_ALGORITHM (0x00000280) // key algorithm ID
+#define TSS_TSPATTRIB_KEYINFO_SIGSCHEME (0x00000300) // key sig scheme
+#define TSS_TSPATTRIB_KEYINFO_ENCSCHEME (0x00000380) // key enc scheme
+#define TSS_TSPATTRIB_KEYINFO_MIGRATABLE (0x00000400) // if true then key is
+ // migratable
+#define TSS_TSPATTRIB_KEYINFO_REDIRECTED (0x00000480) // key is redirected
+#define TSS_TSPATTRIB_KEYINFO_VOLATILE (0x00000500) // if true key is
+ // volatile
+#define TSS_TSPATTRIB_KEYINFO_AUTHDATAUSAGE (0x00000580) // if true auth is
+ // required
+#define TSS_TSPATTRIB_KEYINFO_VERSION (0x00000600) // version info as TSS
+ // version struct
+#define TSS_TSPATTRIB_KEYINFO_CMK (0x00000680) // if true then key
+ // is certified
+ // migratable
+#define TSS_TSPATTRIB_KEYINFO_KEYSTRUCT (0x00000700) // type of key struct
+ // used for this key
+ // (TPM_KEY or
+ // TPM_KEY12)
+#define TSS_TSPATTRIB_KEYCONTROL_OWNEREVICT (0x00000780) // Get current status
+ // of owner evict flag
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_RSAKEY_INFO
+//
+#define TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT (0x00001000)
+#define TSS_TSPATTRIB_KEYINFO_RSA_MODULUS (0x00002000)
+#define TSS_TSPATTRIB_KEYINFO_RSA_KEYSIZE (0x00003000)
+#define TSS_TSPATTRIB_KEYINFO_RSA_PRIMES (0x00004000)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_PCR
+//
+#define TSS_TSPATTRIB_KEYPCR_DIGEST_ATCREATION (0x00008000)
+#define TSS_TSPATTRIB_KEYPCR_DIGEST_ATRELEASE (0x00010000)
+#define TSS_TSPATTRIB_KEYPCR_SELECTION (0x00018000)
+
+//
+// SubFlags for TSS_TSPATTRIB_KEY_REGISTER
+//
+#define TSS_TSPATTRIB_KEYREGISTER_USER (0x02000000)
+#define TSS_TSPATTRIB_KEYREGISTER_SYSTEM (0x04000000)
+#define TSS_TSPATTRIB_KEYREGISTER_NO (0x06000000)
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_PCR_LONG
+//
+#define TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATCREATION (0x00040000) /* UINT32 */
+#define TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATRELEASE (0x00080000) /* UINT32 */
+#define TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION (0x000C0000) /* DATA */
+#define TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION (0x00100000) /* DATA */
+#define TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION (0x00140000) /* DATA */
+#define TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE (0x00180000) /* DATA */
+
+//
+// SubFlags for Flag TSS_TSPATTRIB_KEY_CMKINFO
+//
+#define TSS_TSPATTRIB_KEYINFO_CMK_MA_APPROVAL (0x00000010)
+#define TSS_TSPATTRIB_KEYINFO_CMK_MA_DIGEST (0x00000020)
+
+
+//
+// Attribute Values
+//
+
+//
+// key size definitions
+//
+#define TSS_KEY_SIZEVAL_512BIT (0x0200)
+#define TSS_KEY_SIZEVAL_1024BIT (0x0400)
+#define TSS_KEY_SIZEVAL_2048BIT (0x0800)
+#define TSS_KEY_SIZEVAL_4096BIT (0x1000)
+#define TSS_KEY_SIZEVAL_8192BIT (0x2000)
+#define TSS_KEY_SIZEVAL_16384BIT (0x4000)
+
+//
+// key usage definitions
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_KEYUSAGE_BIND (0x00)
+#define TSS_KEYUSAGE_IDENTITY (0x01)
+#define TSS_KEYUSAGE_LEGACY (0x02)
+#define TSS_KEYUSAGE_SIGN (0x03)
+#define TSS_KEYUSAGE_STORAGE (0x04)
+#define TSS_KEYUSAGE_AUTHCHANGE (0x05)
+#define TSS_KEYUSAGE_MIGRATE (0x06)
+
+//
+// key flag definitions
+//
+#define TSS_KEYFLAG_REDIRECTION (0x00000001)
+#define TSS_KEYFLAG_MIGRATABLE (0x00000002)
+#define TSS_KEYFLAG_VOLATILEKEY (0x00000004)
+#define TSS_KEYFLAG_CERTIFIED_MIGRATABLE (0x00000008)
+
+//
+// algorithm ID definitions
+//
+// This table defines the algo id's
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_ALG_RSA (0x20)
+#define TSS_ALG_DES (0x21)
+#define TSS_ALG_3DES (0x22)
+#define TSS_ALG_SHA (0x23)
+#define TSS_ALG_HMAC (0x24)
+#define TSS_ALG_AES128 (0x25)
+#define TSS_ALG_AES192 (0x26)
+#define TSS_ALG_AES256 (0x27)
+#define TSS_ALG_XOR (0x28)
+#define TSS_ALG_MGF1 (0x29)
+
+#define TSS_ALG_AES TSS_ALG_AES128
+
+// Special values for
+// Tspi_Context_GetCapability(TSS_TSPCAP_ALG)
+// Tspi_Context_GetCapability(TSS_TCSCAP_ALG)
+#define TSS_ALG_DEFAULT (0xfe)
+#define TSS_ALG_DEFAULT_SIZE (0xff)
+
+
+//
+// key signature scheme definitions
+//
+#define TSS_SS_NONE (0x10)
+#define TSS_SS_RSASSAPKCS1V15_SHA1 (0x11)
+#define TSS_SS_RSASSAPKCS1V15_DER (0x12)
+#define TSS_SS_RSASSAPKCS1V15_INFO (0x13)
+
+//
+// key encryption scheme definitions
+//
+#define TSS_ES_NONE (0x10)
+#define TSS_ES_RSAESPKCSV15 (0x11)
+#define TSS_ES_RSAESOAEP_SHA1_MGF1 (0x12)
+#define TSS_ES_SYM_CNT (0x13)
+#define TSS_ES_SYM_OFB (0x14)
+#define TSS_ES_SYM_CBC_PKCS5PAD (0x15)
+
+
+//
+// persistent storage registration definitions
+//
+#define TSS_PS_TYPE_USER (1) // Key is registered persistantly in the user
+ // storage database.
+#define TSS_PS_TYPE_SYSTEM (2) // Key is registered persistantly in the system
+ // storage database.
+
+//
+// migration scheme definitions
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_MS_MIGRATE (0x20)
+#define TSS_MS_REWRAP (0x21)
+#define TSS_MS_MAINT (0x22)
+#define TSS_MS_RESTRICT_MIGRATE (0x23)
+#define TSS_MS_RESTRICT_APPROVE_DOUBLE (0x24)
+#define TSS_MS_RESTRICT_MIGRATE_EXTERNAL (0x25)
+
+//
+// TPM key authorization
+// Values intentionally moved away from corresponding TPM values to avoid
+// possible misuse
+//
+#define TSS_KEYAUTH_AUTH_NEVER (0x10)
+#define TSS_KEYAUTH_AUTH_ALWAYS (0x11)
+#define TSS_KEYAUTH_AUTH_PRIV_USE_ONLY (0x12)
+
+
+//
+// Flags for TPM status information (GetStatus and SetStatus)
+//
+#define TSS_TPMSTATUS_DISABLEOWNERCLEAR (0x00000001) // persistent flag
+#define TSS_TPMSTATUS_DISABLEFORCECLEAR (0x00000002) // volatile flag
+#define TSS_TPMSTATUS_DISABLED (0x00000003) // persistent flag
+#define TSS_TPMSTATUS_DEACTIVATED (0x00000004) // volatile flag
+#define TSS_TPMSTATUS_OWNERSETDISABLE (0x00000005) // persistent flag
+ // for SetStatus
+ // (disable flag)
+#define TSS_TPMSTATUS_SETOWNERINSTALL (0x00000006) // persistent flag
+ // (ownership flag)
+#define TSS_TPMSTATUS_DISABLEPUBEKREAD (0x00000007) // persistent flag
+#define TSS_TPMSTATUS_ALLOWMAINTENANCE (0x00000008) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_LIFETIMELOCK (0x00000009) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_HWENABLE (0x0000000A) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_CMDENABLE (0x0000000B) // persistent flag
+#define TSS_TPMSTATUS_PHYSPRES_LOCK (0x0000000C) // volatile flag
+#define TSS_TPMSTATUS_PHYSPRESENCE (0x0000000D) // volatile flag
+#define TSS_TPMSTATUS_PHYSICALDISABLE (0x0000000E) // persistent flag
+ // (SetStatus
+ // disable flag)
+#define TSS_TPMSTATUS_CEKP_USED (0x0000000F) // persistent flag
+#define TSS_TPMSTATUS_PHYSICALSETDEACTIVATED (0x00000010) // persistent flag
+ // (deactivated flag)
+#define TSS_TPMSTATUS_SETTEMPDEACTIVATED (0x00000011) // volatile flag
+ // (deactivated flag)
+#define TSS_TPMSTATUS_POSTINITIALISE (0x00000012) // volatile flag
+#define TSS_TPMSTATUS_TPMPOST (0x00000013) // persistent flag
+#define TSS_TPMSTATUS_TPMPOSTLOCK (0x00000014) // persistent flag
+#define TSS_TPMSTATUS_DISABLEPUBSRKREAD (0x00000016) // persistent flag
+#define TSS_TPMSTATUS_MAINTENANCEUSED (0x00000017) // persistent flag
+#define TSS_TPMSTATUS_OPERATORINSTALLED (0x00000018) // persistent flag
+#define TSS_TPMSTATUS_OPERATOR_INSTALLED (TSS_TPMSTATUS_OPERATORINSTALLED)
+#define TSS_TPMSTATUS_FIPS (0x00000019) // persistent flag
+#define TSS_TPMSTATUS_ENABLEREVOKEEK (0x0000001A) // persistent flag
+#define TSS_TPMSTATUS_ENABLE_REVOKEEK (TSS_TPMSTATUS_ENABLEREVOKEEK)
+#define TSS_TPMSTATUS_NV_LOCK (0x0000001B) // persistent flag
+#define TSS_TPMSTATUS_TPM_ESTABLISHED (0x0000001C) // persistent flag
+#define TSS_TPMSTATUS_RESETLOCK (0x0000001D) // volatile flag
+#define TSS_TPMSTATUS_DISABLE_FULL_DA_LOGIC_INFO (0x0000001D) //persistent flag
+
+
+//
+// Capability flag definitions
+//
+// TPM capabilities
+//
+#define TSS_TPMCAP_ORD (0x10)
+#define TSS_TPMCAP_ALG (0x11)
+#define TSS_TPMCAP_FLAG (0x12)
+#define TSS_TPMCAP_PROPERTY (0x13)
+#define TSS_TPMCAP_VERSION (0x14)
+#define TSS_TPMCAP_VERSION_VAL (0x15)
+#define TSS_TPMCAP_NV_LIST (0x16)
+#define TSS_TPMCAP_NV_INDEX (0x17)
+#define TSS_TPMCAP_MFR (0x18)
+#define TSS_TPMCAP_SYM_MODE (0x19)
+#define TSS_TPMCAP_HANDLE (0x1a)
+#define TSS_TPMCAP_TRANS_ES (0x1b)
+#define TSS_TPMCAP_AUTH_ENCRYPT (0x1c)
+#define TSS_TPMCAP_SET_PERM_FLAGS (0x1d) // cf. TPM_SET_PERM_FLAGS
+#define TSS_TPMCAP_SET_VENDOR (0x1e) // cf. TPM_SET_VENDOR
+#define TSS_TPMCAP_DA_LOGIC (0x1f)
+
+//
+// Sub-Capability Flags for TSS_TPMCAP_PROPERTY
+//
+#define TSS_TPMCAP_PROP_PCR (0x10)
+#define TSS_TPMCAP_PROP_DIR (0x11)
+#define TSS_TPMCAP_PROP_MANUFACTURER (0x12)
+#define TSS_TPMCAP_PROP_SLOTS (0x13)
+#define TSS_TPMCAP_PROP_KEYS TSS_TPMCAP_PROP_SLOTS
+#define TSS_TPMCAP_PROP_FAMILYROWS (0x14)
+#define TSS_TPMCAP_PROP_DELEGATEROWS (0x15)
+#define TSS_TPMCAP_PROP_OWNER (0x16)
+#define TSS_TPMCAP_PROP_MAXKEYS (0x18)
+#define TSS_TPMCAP_PROP_AUTHSESSIONS (0x19)
+#define TSS_TPMCAP_PROP_MAXAUTHSESSIONS (0x1a)
+#define TSS_TPMCAP_PROP_TRANSESSIONS (0x1b)
+#define TSS_TPMCAP_PROP_MAXTRANSESSIONS (0x1c)
+#define TSS_TPMCAP_PROP_SESSIONS (0x1d)
+#define TSS_TPMCAP_PROP_MAXSESSIONS (0x1e)
+#define TSS_TPMCAP_PROP_CONTEXTS (0x1f)
+#define TSS_TPMCAP_PROP_MAXCONTEXTS (0x20)
+#define TSS_TPMCAP_PROP_DAASESSIONS (0x21)
+#define TSS_TPMCAP_PROP_MAXDAASESSIONS (0x22)
+#define TSS_TPMCAP_PROP_DAA_INTERRUPT (0x23)
+#define TSS_TPMCAP_PROP_COUNTERS (0x24)
+#define TSS_TPMCAP_PROP_MAXCOUNTERS (0x25)
+#define TSS_TPMCAP_PROP_ACTIVECOUNTER (0x26)
+#define TSS_TPMCAP_PROP_MIN_COUNTER (0x27)
+#define TSS_TPMCAP_PROP_TISTIMEOUTS (0x28)
+#define TSS_TPMCAP_PROP_STARTUPEFFECTS (0x29)
+#define TSS_TPMCAP_PROP_MAXCONTEXTCOUNTDIST (0x2a)
+#define TSS_TPMCAP_PROP_CMKRESTRICTION (0x2b)
+#define TSS_TPMCAP_PROP_DURATION (0x2c)
+#define TSS_TPMCAP_PROP_MAXNVAVAILABLE (0x2d)
+#define TSS_TPMCAP_PROP_INPUTBUFFERSIZE (0x2e)
+#define TSS_TPMCAP_PROP_REVISION (0x2f)
+#define TSS_TPMCAP_PROP_LOCALITIES_AVAIL (0x32)
+
+//
+// Resource type flags
+// Sub-Capability Flags for TSS_TPMCAP_HANDLE
+//
+#define TSS_RT_KEY ((UINT32)0x00000010)
+#define TSS_RT_AUTH ((UINT32)0x00000020)
+#define TSS_RT_TRANS ((UINT32)0x00000030)
+#define TSS_RT_COUNTER ((UINT32)0x00000040)
+
+
+//
+// TSS Core Service Capabilities
+//
+#define TSS_TCSCAP_ALG (0x00000001)
+#define TSS_TCSCAP_VERSION (0x00000002)
+#define TSS_TCSCAP_CACHING (0x00000003)
+#define TSS_TCSCAP_PERSSTORAGE (0x00000004)
+#define TSS_TCSCAP_MANUFACTURER (0x00000005)
+#define TSS_TCSCAP_PLATFORM_CLASS (0x00000006)
+#define TSS_TCSCAP_TRANSPORT (0x00000007)
+#define TSS_TCSCAP_PLATFORM_INFO (0x00000008)
+
+//
+// Sub-Capability Flags TSS-CoreService-Capabilities
+//
+#define TSS_TCSCAP_PROP_KEYCACHE (0x00000100)
+#define TSS_TCSCAP_PROP_AUTHCACHE (0x00000101)
+#define TSS_TCSCAP_PROP_MANUFACTURER_STR (0x00000102)
+#define TSS_TCSCAP_PROP_MANUFACTURER_ID (0x00000103)
+#define TSS_TCSCAP_PLATFORM_VERSION (0x00001100)
+#define TSS_TCSCAP_PLATFORM_TYPE (0x00001101)
+#define TSS_TCSCAP_TRANS_EXCLUSIVE (0x00002100)
+#define TSS_TCSCAP_PROP_HOST_PLATFORM (0x00003001)
+#define TSS_TCSCAP_PROP_ALL_PLATFORMS (0x00003002)
+
+//
+// TSS Service Provider Capabilities
+//
+#define TSS_TSPCAP_ALG (0x00000010)
+#define TSS_TSPCAP_VERSION (0x00000011)
+#define TSS_TSPCAP_PERSSTORAGE (0x00000012)
+#define TSS_TSPCAP_MANUFACTURER (0x00000013)
+#define TSS_TSPCAP_RETURNVALUE_INFO (0x00000015)
+#define TSS_TSPCAP_PLATFORM_INFO (0x00000016)
+
+// Sub-Capability Flags for TSS_TSPCAP_MANUFACTURER
+//
+#define TSS_TSPCAP_PROP_MANUFACTURER_STR (0x00000102)
+#define TSS_TSPCAP_PROP_MANUFACTURER_ID (0x00000103)
+
+// Sub-Capability Flags for TSS_TSPCAP_PLATFORM_INFO
+//
+#define TSS_TSPCAP_PLATFORM_TYPE (0x00000201)
+#define TSS_TSPCAP_PLATFORM_VERSION (0x00000202)
+
+
+
+// Sub-Capability Flags for TSS_TSPCAP_RETURNVALUE_INFO
+//
+#define TSS_TSPCAP_PROP_RETURNVALUE_INFO (0x00000201)
+
+//
+// Event type definitions
+//
+#define TSS_EV_CODE_CERT (0x00000001)
+#define TSS_EV_CODE_NOCERT (0x00000002)
+#define TSS_EV_XML_CONFIG (0x00000003)
+#define TSS_EV_NO_ACTION (0x00000004)
+#define TSS_EV_SEPARATOR (0x00000005)
+#define TSS_EV_ACTION (0x00000006)
+#define TSS_EV_PLATFORM_SPECIFIC (0x00000007)
+
+
+//
+// TSP random number limits
+//
+#define TSS_TSPCAP_RANDOMLIMIT (0x00001000) // Errata: Missing from spec
+
+//
+// UUIDs
+//
+// Errata: This are not in the spec
+#define TSS_UUID_SRK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 1}} // Storage root key
+#define TSS_UUID_SK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 2}} // System key
+#define TSS_UUID_RK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 3}} // roaming key
+#define TSS_UUID_CRK {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 8}} // CMK roaming key
+#define TSS_UUID_USK1 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 4}} // user storage key 1
+#define TSS_UUID_USK2 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 5}} // user storage key 2
+#define TSS_UUID_USK3 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 6}} // user storage key 3
+#define TSS_UUID_USK4 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 7}} // user storage key 4
+#define TSS_UUID_USK5 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 9}} // user storage key 5
+#define TSS_UUID_USK6 {0, 0, 0, 0, 0, {0, 0, 0, 0, 0, 10}}// user storage key 6
+
+// macro to derive UUIDs for keys whose "OwnerEvict" key is set.
+#define TSS_UUID_OWNEREVICT(i) {0, 0, 0, 0, 0, {0, 0, 0, 0, 1, (i)}}
+
+
+//
+// TPM well-known secret
+//
+#define TSS_WELL_KNOWN_SECRET \
+ {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
+
+
+// Values for the "direction" parameters in the Tspi_PcrComposite_XX functions.
+#define TSS_PCRS_DIRECTION_CREATION ((UINT32)1)
+#define TSS_PCRS_DIRECTION_RELEASE ((UINT32)2)
+
+
+//
+// TSS blob version definition for ASN.1 blobs
+//
+#define TSS_BLOB_STRUCT_VERSION 0x01
+
+//
+// TSS blob type definitions for ASN.1 blobs
+//
+#define TSS_BLOB_TYPE_KEY 0x01
+#define TSS_BLOB_TYPE_PUBKEY 0x02
+#define TSS_BLOB_TYPE_MIGKEY 0x03
+#define TSS_BLOB_TYPE_SEALEDDATA 0x04
+#define TSS_BLOB_TYPE_BOUNDDATA 0x05
+#define TSS_BLOB_TYPE_MIGTICKET 0x06
+#define TSS_BLOB_TYPE_PRIVATEKEY 0x07
+#define TSS_BLOB_TYPE_PRIVATEKEY_MOD1 0x08
+#define TSS_BLOB_TYPE_RANDOM_XOR 0x09
+#define TSS_BLOB_TYPE_CERTIFY_INFO 0x0A
+#define TSS_BLOB_TYPE_KEY_1_2 0x0B
+#define TSS_BLOB_TYPE_CERTIFY_INFO_2 0x0C
+#define TSS_BLOB_TYPE_CMK_MIG_KEY 0x0D
+#define TSS_BLOB_TYPE_CMK_BYTE_STREAM 0x0E
+
+
+
+//
+// Values for TPM_CMK_DELEGATE bitmasks
+// For now these are exactly the same values as the corresponding
+// TPM_CMK_DELEGATE_* bitmasks.
+//
+#define TSS_CMK_DELEGATE_SIGNING (((UINT32)1)<<31)
+#define TSS_CMK_DELEGATE_STORAGE (((UINT32)1)<<30)
+#define TSS_CMK_DELEGATE_BIND (((UINT32)1)<<29)
+#define TSS_CMK_DELEGATE_LEGACY (((UINT32)1)<<28)
+#define TSS_CMK_DELEGATE_MIGRATE (((UINT32)1)<<27)
+
+
+//
+// Constants for DAA
+//
+#define TSS_DAA_LENGTH_N 256 // Length of the RSA Modulus (2048 bits)
+#define TSS_DAA_LENGTH_F 13 // Length of the f_i's (information encoded into the certificate, 104 bits)
+#define TSS_DAA_LENGTH_E 46 // Length of the e's (exponents, part of certificate, 386 bits)
+#define TSS_DAA_LENGTH_E_PRIME 15 // Length of the interval the e's are chosen from (120 bits)
+#define TSS_DAA_LENGTH_V 317 // Length of the v's (random value, part of certificate, 2536 bits)
+#define TSS_DAA_LENGTH_SAFETY 10 // Length of the security parameter controlling the statistical zero-knowledge property (80 bits)
+#define TSS_DAA_LENGTH_HASH TPM_SHA1_160_HASH_LEN // Length of the output of the hash function SHA-1 used for the Fiat-Shamir heuristic(160 bits)
+#define TSS_DAA_LENGTH_S 128 // Length of the split large exponent for easier computations on the TPM (1024 bits)
+#define TSS_DAA_LENGTH_GAMMA 204 // Length of the modulus 'Gamma' (1632 bits)
+#define TSS_DAA_LENGTH_RHO 26 // Length of the order 'rho' of the sub group of Z*_Gamma that is used for roggue tagging (208 bits)
+#define TSS_DAA_LENGTH_MFG1_GAMMA 214 // Length of the output of MGF1 in conjunction with the modulus Gamma (1712 bits)
+#define TSS_DAA_LENGTH_MGF1_AR 25 // Length of the output of MGF1 used for anonymity revocation (200 bits)
+
+
+#endif // __TSS_DEFINES_H__
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_error.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_error.h
new file mode 100644
index 0000000..3330a9b
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_error.h
@@ -0,0 +1,687 @@
+/*++
+
+TSS error return codes
+
+--*/
+
+#ifndef __TSS_ERROR_H__
+#define __TSS_ERROR_H__
+
+#include <tss/platform.h>
+
+//
+// error coding scheme for a Microsoft Windows platform -
+// refer to the TSS Specification Parts
+//
+// Values are 32 bit values layed out as follows:
+//
+// 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
+// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
+// +---+-+-+-----------------------+-------+-----------------------+
+// |Lev|C|R| Facility | Layer | Code |
+// +---+-+-+-----------------------+-------+-----------------------+
+// | Platform specific coding | TSS error coding system |
+// +---+-+-+-----------------------+-------+-----------------------+
+//
+// Lev - is the Level code
+//
+// 00 - Success
+// 01 - Informational
+// 10 - Warning
+// 11 - Error
+//
+// C - is the Customer code flag (must actually be set)
+//
+// R - is a reserved bit (unused)
+//
+// Facility - is the facility code: TCPA: proposal 0x028
+//
+// Code - is the facility's status code
+//
+
+//
+// definitions for the code level information
+//
+#define TSS_LEVEL_SUCCESS 0x00 // code level success
+#define TSS_LEVEL_INFO 0x40000000L // code level information
+#define TSS_LEVEL_WARNING 0x80000000L // code level warning
+#define TSS_LEVEL_ERROR 0xC0000000L // code level error
+
+//
+// some defines for the platform specific information
+//
+#define FACILITY_TSS 0x28L // facility number for TCPA return codes
+#define FACILITY_TSS_CODEPOS (FACILITY_TSS << 16) // shift the facility info to the code
+ // position
+
+#define TSS_CUSTOM_CODEFLAG 0x20000000L // bit position for the custom flag in
+ // return code
+
+//
+//
+// TSS error return codes
+//
+//
+#ifndef TSS_E_BASE
+#define TSS_E_BASE 0x00000000L
+#endif // TSS_E_BASE
+#ifndef TSS_W_BASE
+#define TSS_W_BASE 0x00000000L
+#endif // TSS_W_BASE
+#ifndef TSS_I_BASE
+#define TSS_I_BASE 0x00000000L
+#endif // TSS_I_BASE
+
+//
+// basic error return codes common to all TSS Service Provider Interface methods
+// and returned by all TSS SW stack components
+//
+
+//
+// MessageId: TSS_SUCCESS
+//
+// MessageText:
+//
+// Successful completion of the operation.
+//
+#define TSS_SUCCESS (UINT32)(0x00000000L)
+
+//
+// MessageId: TSS_E_FAIL
+//
+// MessageText:
+//
+// An internal error has been detected, but the source is unknown.
+//
+#define TSS_E_FAIL (UINT32)(TSS_E_BASE + 0x002L)
+
+//
+// MessageId: TSS_E_BAD_PARAMETER
+//
+// MessageText:
+//
+// One or more parameter is bad.
+//
+#define TSS_E_BAD_PARAMETER (UINT32)(TSS_E_BASE + 0x003L)
+
+//
+// MessageId: TSS_E_INTERNAL_ERROR
+//
+// MessageText:
+//
+// An internal SW error has been detected.
+//
+#define TSS_E_INTERNAL_ERROR (UINT32)(TSS_E_BASE + 0x004L)
+
+//
+// MessageId: TSS_E_OUTOFMEMORY
+//
+// MessageText:
+//
+// Ran out of memory.
+//
+#define TSS_E_OUTOFMEMORY (UINT32)(TSS_E_BASE + 0x005L)
+
+//
+// MessageId: TSS_E_NOTIMPL
+//
+// MessageText:
+//
+// Not implemented.
+//
+#define TSS_E_NOTIMPL (UINT32)(TSS_E_BASE + 0x006L)
+
+//
+// MessageId: TSS_E_KEY_ALREADY_REGISTERED
+//
+// MessageText:
+//
+// Key is already registered
+//
+#define TSS_E_KEY_ALREADY_REGISTERED (UINT32)(TSS_E_BASE + 0x008L)
+
+
+//
+// MessageId: TSS_E_TPM_UNEXPECTED
+//
+// MessageText:
+//
+// An unexpected TPM error has occurred.
+//
+#define TSS_E_TPM_UNEXPECTED (UINT32)(TSS_E_BASE + 0x010L)
+
+//
+// MessageId: TSS_E_COMM_FAILURE
+//
+// MessageText:
+//
+// A communications error with the TPM has been detected.
+//
+#define TSS_E_COMM_FAILURE (UINT32)(TSS_E_BASE + 0x011L)
+
+//
+// MessageId: TSS_E_TIMEOUT
+//
+// MessageText:
+//
+// The operation has timed out.
+//
+#define TSS_E_TIMEOUT (UINT32)(TSS_E_BASE + 0x012L)
+
+//
+// MessageId: TSS_E_TPM_UNSUPPORTED_FEATURE
+//
+// MessageText:
+//
+// The TPM does not support the requested feature.
+//
+#define TSS_E_TPM_UNSUPPORTED_FEATURE (UINT32)(TSS_E_BASE + 0x014L)
+
+//
+// MessageId: TSS_E_CANCELED
+//
+// MessageText:
+//
+// The action was canceled by request.
+//
+#define TSS_E_CANCELED (UINT32)(TSS_E_BASE + 0x016L)
+
+//
+// MessageId: TSS_E_PS_KEY_NOTFOUND
+//
+// MessageText:
+//
+// The key cannot be found in the persistent storage database.
+//
+#define TSS_E_PS_KEY_NOTFOUND (UINT32)(TSS_E_BASE + 0x020L)
+//
+// MessageId: TSS_E_PS_KEY_EXISTS
+//
+// MessageText:
+//
+// The key already exists in the persistent storage database.
+//
+#define TSS_E_PS_KEY_EXISTS (UINT32)(TSS_E_BASE + 0x021L)
+
+//
+// MessageId: TSS_E_PS_BAD_KEY_STATE
+//
+// MessageText:
+//
+// The key data set not valid in the persistent storage database.
+//
+#define TSS_E_PS_BAD_KEY_STATE (UINT32)(TSS_E_BASE + 0x022L)
+
+
+//
+// error codes returned by specific TSS Service Provider Interface methods
+// offset TSS_TSPI_OFFSET
+//
+
+//
+// MessageId: TSS_E_INVALID_OBJECT_TYPE
+//
+// MessageText:
+//
+// Object type not valid for this operation.
+//
+#define TSS_E_INVALID_OBJECT_TYPE (UINT32)(TSS_E_BASE + 0x101L)
+
+//
+// MessageId: TSS_E_NO_CONNECTION
+//
+// MessageText:
+//
+// Core Service connection doesn't exist.
+//
+#define TSS_E_NO_CONNECTION (UINT32)(TSS_E_BASE + 0x102L)
+
+//
+// MessageId: TSS_E_CONNECTION_FAILED
+//
+// MessageText:
+//
+// Core Service connection failed.
+//
+#define TSS_E_CONNECTION_FAILED (UINT32)(TSS_E_BASE + 0x103L)
+
+//
+// MessageId: TSS_E_CONNECTION_BROKEN
+//
+// MessageText:
+//
+// Communication with Core Service failed.
+//
+#define TSS_E_CONNECTION_BROKEN (UINT32)(TSS_E_BASE + 0x104L)
+
+//
+// MessageId: TSS_E_HASH_INVALID_ALG
+//
+// MessageText:
+//
+// Invalid hash algorithm.
+//
+#define TSS_E_HASH_INVALID_ALG (UINT32)(TSS_E_BASE + 0x105L)
+
+//
+// MessageId: TSS_E_HASH_INVALID_LENGTH
+//
+// MessageText:
+//
+// Hash length is inconsistent with hash algorithm.
+//
+#define TSS_E_HASH_INVALID_LENGTH (UINT32)(TSS_E_BASE + 0x106L)
+
+//
+// MessageId: TSS_E_HASH_NO_DATA
+//
+// MessageText:
+//
+// Hash object has no internal hash value.
+//
+#define TSS_E_HASH_NO_DATA (UINT32)(TSS_E_BASE + 0x107L)
+
+
+//
+// MessageId: TSS_E_INVALID_ATTRIB_FLAG
+//
+// MessageText:
+//
+// Flag value for attrib-functions inconsistent.
+//
+#define TSS_E_INVALID_ATTRIB_FLAG (UINT32)(TSS_E_BASE + 0x109L)
+
+//
+// MessageId: TSS_E_INVALID_ATTRIB_SUBFLAG
+//
+// MessageText:
+//
+// Subflag value for attrib-functions inconsistent.
+//
+#define TSS_E_INVALID_ATTRIB_SUBFLAG (UINT32)(TSS_E_BASE + 0x10AL)
+
+//
+// MessageId: TSS_E_INVALID_ATTRIB_DATA
+//
+// MessageText:
+//
+// Data for attrib-functions invalid.
+//
+#define TSS_E_INVALID_ATTRIB_DATA (UINT32)(TSS_E_BASE + 0x10BL)
+
+//
+// MessageId: TSS_E_INVALID_OBJECT_INITFLAG
+//
+// MessageText:
+//
+// Wrong flag information for object creation.
+//
+// The alternate spelling is supported to be compatible with a typo
+// in the 1.1b header files.
+//
+#define TSS_E_INVALID_OBJECT_INIT_FLAG (UINT32)(TSS_E_BASE + 0x10CL)
+#define TSS_E_INVALID_OBJECT_INITFLAG TSS_E_INVALID_OBJECT_INIT_FLAG
+
+//
+// MessageId: TSS_E_NO_PCRS_SET
+//
+// MessageText:
+//
+// No PCR register are selected or set.
+//
+#define TSS_E_NO_PCRS_SET (UINT32)(TSS_E_BASE + 0x10DL)
+
+//
+// MessageId: TSS_E_KEY_NOT_LOADED
+//
+// MessageText:
+//
+// The addressed key is currently not loaded.
+//
+#define TSS_E_KEY_NOT_LOADED (UINT32)(TSS_E_BASE + 0x10EL)
+
+//
+// MessageId: TSS_E_KEY_NOT_SET
+//
+// MessageText:
+//
+// No key information is currently available.
+//
+#define TSS_E_KEY_NOT_SET (UINT32)(TSS_E_BASE + 0x10FL)
+
+//
+// MessageId: TSS_E_VALIDATION_FAILED
+//
+// MessageText:
+//
+// Internal validation of data failed.
+//
+#define TSS_E_VALIDATION_FAILED (UINT32)(TSS_E_BASE + 0x110L)
+
+//
+// MessageId: TSS_E_TSP_AUTHREQUIRED
+//
+// MessageText:
+//
+// Authorization is required.
+//
+#define TSS_E_TSP_AUTHREQUIRED (UINT32)(TSS_E_BASE + 0x111L)
+
+//
+// MessageId: TSS_E_TSP_AUTH2REQUIRED
+//
+// MessageText:
+//
+// Multiple authorization is required.
+//
+#define TSS_E_TSP_AUTH2REQUIRED (UINT32)(TSS_E_BASE + 0x112L)
+
+//
+// MessageId: TSS_E_TSP_AUTHFAIL
+//
+// MessageText:
+//
+// Authorization failed.
+//
+#define TSS_E_TSP_AUTHFAIL (UINT32)(TSS_E_BASE + 0x113L)
+
+//
+// MessageId: TSS_E_TSP_AUTH2FAIL
+//
+// MessageText:
+//
+// Multiple authorization failed.
+//
+#define TSS_E_TSP_AUTH2FAIL (UINT32)(TSS_E_BASE + 0x114L)
+
+//
+// MessageId: TSS_E_KEY_NO_MIGRATION_POLICY
+//
+// MessageText:
+//
+// There's no migration policy object set for the addressed key.
+//
+#define TSS_E_KEY_NO_MIGRATION_POLICY (UINT32)(TSS_E_BASE + 0x115L)
+
+//
+// MessageId: TSS_E_POLICY_NO_SECRET
+//
+// MessageText:
+//
+// No secret information is currently available for the addressed policy object.
+//
+#define TSS_E_POLICY_NO_SECRET (UINT32)(TSS_E_BASE + 0x116L)
+
+//
+// MessageId: TSS_E_INVALID_OBJ_ACCESS
+//
+// MessageText:
+//
+// The operation failed due to an invalid object status.
+//
+#define TSS_E_INVALID_OBJ_ACCESS (UINT32)(TSS_E_BASE + 0x117L)
+
+//
+// MessageId: TSS_E_INVALID_ENCSCHEME
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_INVALID_ENCSCHEME (UINT32)(TSS_E_BASE + 0x118L)
+
+
+//
+// MessageId: TSS_E_INVALID_SIGSCHEME
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_INVALID_SIGSCHEME (UINT32)(TSS_E_BASE + 0x119L)
+
+//
+// MessageId: TSS_E_ENC_INVALID_LENGTH
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_ENC_INVALID_LENGTH (UINT32)(TSS_E_BASE + 0x120L)
+
+
+//
+// MessageId: TSS_E_ENC_NO_DATA
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_ENC_NO_DATA (UINT32)(TSS_E_BASE + 0x121L)
+
+//
+// MessageId: TSS_E_ENC_INVALID_TYPE
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_ENC_INVALID_TYPE (UINT32)(TSS_E_BASE + 0x122L)
+
+
+//
+// MessageId: TSS_E_INVALID_KEYUSAGE
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_INVALID_KEYUSAGE (UINT32)(TSS_E_BASE + 0x123L)
+
+//
+// MessageId: TSS_E_VERIFICATION_FAILED
+//
+// MessageText:
+//
+//
+//
+#define TSS_E_VERIFICATION_FAILED (UINT32)(TSS_E_BASE + 0x124L)
+
+//
+// MessageId: TSS_E_HASH_NO_IDENTIFIER
+//
+// MessageText:
+//
+// Hash algorithm identifier not set.
+//
+#define TSS_E_HASH_NO_IDENTIFIER (UINT32)(TSS_E_BASE + 0x125L)
+
+//
+// MessageId: TSS_E_INVALID_HANDLE
+//
+// MessageText:
+//
+// An invalid handle
+//
+#define TSS_E_INVALID_HANDLE (UINT32)(TSS_E_BASE + 0x126L)
+
+//
+// MessageId: TSS_E_SILENT_CONTEXT
+//
+// MessageText:
+//
+// A silent context requires user input
+//
+#define TSS_E_SILENT_CONTEXT (UINT32)(TSS_E_BASE + 0x127L)
+
+//
+// MessageId: TSS_E_EK_CHECKSUM
+//
+// MessageText:
+//
+// TSP is instructed to verify the EK checksum and it does not verify.
+//
+#define TSS_E_EK_CHECKSUM (UINT32)(TSS_E_BASE + 0x128L)
+
+
+//
+// MessageId: TSS_E_DELGATION_NOTSET
+//
+// MessageText:
+//
+// The Policy object does not have a delegation blob set.
+//
+#define TSS_E_DELEGATION_NOTSET (UINT32)(TSS_E_BASE + 0x129L)
+
+//
+// MessageId: TSS_E_DELFAMILY_NOTFOUND
+//
+// MessageText:
+//
+// The specified delegation family was not found
+//
+#define TSS_E_DELFAMILY_NOTFOUND (UINT32)(TSS_E_BASE + 0x130L)
+
+//
+// MessageId: TSS_E_DELFAMILY_ROWEXISTS
+//
+// MessageText:
+//
+// The specified delegation family table row is already in use and
+// the command flags does not allow the TSS to overwrite the existing
+// entry.
+//
+#define TSS_E_DELFAMILY_ROWEXISTS (UINT32)(TSS_E_BASE + 0x131L)
+
+//
+// MessageId: TSS_E_VERSION_MISMATCH
+//
+// MessageText:
+//
+// The specified delegation family table row is already in use and
+// the command flags does not allow the TSS to overwrite the existing
+// entry.
+//
+#define TSS_E_VERSION_MISMATCH (UINT32)(TSS_E_BASE + 0x132L)
+
+//
+// MessageId: TSS_E_DAA_AR_DECRYPTION_ERROR
+//
+// Decryption of the encrypted pseudonym has failed, due to
+// either a wrong secret key or a wrong decryption condition.
+//
+#define TSS_E_DAA_AR_DECRYPTION_ERROR (UINT32)(TSS_E_BASE + 0x133L)
+
+//
+// MessageId: TSS_E_DAA_AUTHENTICATION_ERROR
+//
+// The TPM could not be authenticated by the DAA Issuer.
+//
+#define TSS_E_DAA_AUTHENTICATION_ERROR (UINT32)(TSS_E_BASE + 0x134L)
+
+//
+// MessageId: TSS_E_DAA_CHALLENGE_RESPONSE_ERROR
+//
+// DAA Challenge response error.
+//
+#define TSS_E_DAA_CHALLENGE_RESPONSE_ERROR (UINT32)(TSS_E_BASE + 0x135L)
+
+//
+// MessageId: TSS_E_DAA_CREDENTIAL_PROOF_ERROR
+//
+// Verification of the credential TSS_DAA_CRED_ISSUER issued by
+// the DAA Issuer has failed.
+//
+#define TSS_E_DAA_CREDENTIAL_PROOF_ERROR (UINT32)(TSS_E_BASE + 0x136L)
+
+//
+// MessageId: TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR
+//
+// Verification of the platform's credential request
+// TSS_DAA_CREDENTIAL_REQUEST has failed.
+//
+#define TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR (UINT32)(TSS_E_BASE + 0x137L)
+
+//
+// MessageId: TSS_E_DAA_ISSUER_KEY_ERROR
+//
+// DAA Issuer's authentication key chain could not be verified or
+// is not correct.
+//
+#define TSS_E_DAA_ISSUER_KEY_ERROR (UINT32)(TSS_E_BASE + 0x138L)
+
+//
+// MessageId: TSS_E_DAA_PSEUDONYM_ERROR
+//
+// While verifying the pseudonym of the TPM, the private key of the
+// TPM was found on the rogue list.
+//
+#define TSS_E_DAA_PSEUDONYM_ERROR (UINT32)(TSS_E_BASE + 0x139L)
+
+//
+// MessageId: TSS_E_INVALID_RESOURCE
+//
+// Pointer to memory wrong.
+//
+#define TSS_E_INVALID_RESOURCE (UINT32)(TSS_E_BASE + 0x13AL)
+
+//
+// MessageId: TSS_E_NV_AREA_EXIST
+//
+// The NV area referenced already exists
+//
+#define TSS_E_NV_AREA_EXIST (UINT32)(TSS_E_BASE + 0x13BL)
+
+//
+// MessageId: TSS_E_NV_AREA_NOT_EXIST
+//
+// The NV area referenced doesn't exist
+//
+#define TSS_E_NV_AREA_NOT_EXIST (UINT32)(TSS_E_BASE + 0x13CL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_AUTHFAIL
+//
+// The transport session authorization failed
+//
+#define TSS_E_TSP_TRANS_AUTHFAIL (UINT32)(TSS_E_BASE + 0x13DL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_AUTHREQUIRED
+//
+// Authorization for transport is required
+//
+#define TSS_E_TSP_TRANS_AUTHREQUIRED (UINT32)(TSS_E_BASE + 0x13EL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_NOT_EXCLUSIVE
+//
+// A command was executed outside of an exclusive transport session.
+//
+#define TSS_E_TSP_TRANS_NOTEXCLUSIVE (UINT32)(TSS_E_BASE + 0x13FL)
+
+//
+// MessageId: TSS_E_TSP_TRANS_FAIL
+//
+// Generic transport protection error.
+//
+#define TSS_E_TSP_TRANS_FAIL (UINT32)(TSS_E_BASE + 0x140L)
+
+//
+// MessageId: TSS_E_TSP_TRANS_NO_PUBKEY
+//
+// A command could not be executed through a logged transport session
+// because the command used a key and the key's public key is not
+// known to the TSP.
+//
+#define TSS_E_TSP_TRANS_NO_PUBKEY (UINT32)(TSS_E_BASE + 0x141L)
+
+//
+// MessageId: TSS_E_NO_ACTIVE_COUNTER
+//
+// The TPM active counter has not been set yet.
+//
+#define TSS_E_NO_ACTIVE_COUNTER (UINT32)(TSS_E_BASE + 0x142L)
+
+
+#endif // __TSS_ERROR_H__
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_error_basics.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_error_basics.h
new file mode 100644
index 0000000..b9e965c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_error_basics.h
@@ -0,0 +1,59 @@
+/*++
+
+Basic defines for TSS error return codes
+
+--*/
+
+#ifndef __TSS_ERROR_BASICS_H__
+#define __TSS_ERROR_BASICS_H__
+
+
+//
+// definitions for the various TSS-SW layers
+//
+#ifndef TSS_LAYER_TPM
+#define TSS_LAYER_TPM 0x0000L // definition for TPM layer
+#endif // TSS_LAYER_TPM
+
+#define TSS_LAYER_TDDL 0x1000L // definition for TDDL layer
+#define TSS_LAYER_TCS 0x2000L // definition for TCS layer
+
+#ifndef TSS_LAYER_TSP
+#define TSS_LAYER_TSP 0x3000L // definition for TSP layer
+#endif // TSS_LAYER_TSP
+
+
+//
+// definitions for the start points of layer specific error codes
+//
+#ifndef TSS_COMMON_OFFSET
+#define TSS_COMMON_OFFSET 0x000L
+#endif // TSS_COMMON_OFFSET
+
+#define TSS_TDDL_OFFSET 0x080L
+#define TSS_TCSI_OFFSET 0x0C0L
+
+#ifndef TSS_TSPI_OFFSET
+#define TSS_TSPI_OFFSET 0x100L
+#endif // TSS_TSPI_OFFSET
+
+#ifndef TSS_VENDOR_OFFSET
+#define TSS_VENDOR_OFFSET 0x800L
+#endif // TSS_VENDOR_OFFSET
+
+// do not exceed TSS_MAX_ERROR for vendor specific code values:
+#ifndef TSS_MAX_ERROR
+#define TSS_MAX_ERROR 0xFFFL
+#endif // TSS_MAX_ERROR
+
+
+/* Macros for the construction and interpretation of error codes */
+#define TPM_ERROR(code) (code)
+#define TDDL_ERROR(code) ((code) ? (TSS_LAYER_TDDL | (code)) : (code))
+#define TCS_ERROR(code) ((code) ? (TSS_LAYER_TCS | (code)) : (code))
+#define TSP_ERROR(code) ((code) ? (TSS_LAYER_TSP | (code)) : (code))
+#define ERROR_LAYER(error) ((error) & 0xf000)
+#define ERROR_CODE(error) ((error) & 0x0fff)
+
+#endif // __TSS_ERROR_BASICS_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_structs.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_structs.h
new file mode 100644
index 0000000..fa4c4b3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_structs.h
@@ -0,0 +1,653 @@
+/*++
+
+TSS structures for TSS
+
+*/
+
+#ifndef __TSS_STRUCTS_H__
+#define __TSS_STRUCTS_H__
+
+#include <tss/platform.h>
+#include <tss/tss_typedef.h>
+#include <tss/tpm.h>
+
+typedef struct tdTSS_VERSION
+{
+ BYTE bMajor;
+ BYTE bMinor;
+ BYTE bRevMajor;
+ BYTE bRevMinor;
+} TSS_VERSION;
+
+typedef struct tdTSS_PCR_EVENT
+{
+ TSS_VERSION versionInfo;
+ UINT32 ulPcrIndex;
+ TSS_EVENTTYPE eventType;
+ UINT32 ulPcrValueLength;
+#ifdef __midl
+ [size_is(ulPcrValueLength)]
+#endif
+ BYTE* rgbPcrValue;
+ UINT32 ulEventLength;
+#ifdef __midl
+ [size_is(ulEventLength)]
+#endif
+ BYTE* rgbEvent;
+} TSS_PCR_EVENT;
+
+
+typedef struct tdTSS_EVENT_CERT
+{
+ TSS_VERSION versionInfo;
+ UINT32 ulCertificateHashLength;
+#ifdef __midl
+ [size_is(ulCertificateHashLength)]
+#endif
+ BYTE* rgbCertificateHash;
+ UINT32 ulEntityDigestLength;
+#ifdef __midl
+ [size_is(ulEntityDigestLength)]
+#endif
+ BYTE* rgbentityDigest;
+ TSS_BOOL fDigestChecked;
+ TSS_BOOL fDigestVerified;
+ UINT32 ulIssuerLength;
+#ifdef __midl
+ [size_is(ulIssuerLength)]
+#endif
+ BYTE* rgbIssuer;
+} TSS_EVENT_CERT;
+
+typedef struct tdTSS_UUID
+{
+ UINT32 ulTimeLow;
+ UINT16 usTimeMid;
+ UINT16 usTimeHigh;
+ BYTE bClockSeqHigh;
+ BYTE bClockSeqLow;
+ BYTE rgbNode[6];
+} TSS_UUID;
+
+typedef struct tdTSS_KM_KEYINFO
+{
+ TSS_VERSION versionInfo;
+ TSS_UUID keyUUID;
+ TSS_UUID parentKeyUUID;
+ BYTE bAuthDataUsage; // whether auth is needed to load child keys
+ TSS_BOOL fIsLoaded; // TRUE: actually loaded in TPM
+ UINT32 ulVendorDataLength; // may be 0
+#ifdef __midl
+ [size_is(ulVendorDataLength)]
+#endif
+ BYTE *rgbVendorData; // may be NULL
+} TSS_KM_KEYINFO;
+
+
+typedef struct tdTSS_KM_KEYINFO2
+{
+ TSS_VERSION versionInfo;
+ TSS_UUID keyUUID;
+ TSS_UUID parentKeyUUID;
+ BYTE bAuthDataUsage; // whether auth is needed to load child keys
+ TSS_FLAG persistentStorageType;
+ TSS_FLAG persistentStorageTypeParent;
+ TSS_BOOL fIsLoaded; // TRUE: actually loaded in TPM
+ UINT32 ulVendorDataLength; // may be 0
+#ifdef __midl
+ [size_is(ulVendorDataLength)]
+#endif
+ BYTE *rgbVendorData; // may be NULL
+} TSS_KM_KEYINFO2;
+
+
+typedef struct tdTSS_NONCE
+{
+ BYTE nonce[TPM_SHA1BASED_NONCE_LEN];
+} TSS_NONCE;
+
+
+typedef struct tdTSS_VALIDATION
+{
+ TSS_VERSION versionInfo;
+ UINT32 ulExternalDataLength;
+#ifdef __midl
+ [size_is(ulExternalDataLength)]
+#endif
+ BYTE* rgbExternalData;
+ UINT32 ulDataLength;
+#ifdef __midl
+ [size_is(ulDataLength)]
+#endif
+ BYTE* rgbData;
+ UINT32 ulValidationDataLength;
+#ifdef __midl
+ [size_is(ulValidationDataLength)]
+#endif
+ BYTE* rgbValidationData;
+} TSS_VALIDATION;
+
+
+typedef struct tdTSS_CALLBACK
+{
+ PVOID callback;
+ PVOID appData;
+ TSS_ALGORITHM_ID alg;
+} TSS_CALLBACK;
+
+
+typedef struct tdTSS_DAA_PK
+{
+ TSS_VERSION versionInfo;
+ UINT32 modulusLength;
+#ifdef __midl
+ [size_is(modulusLength)]
+#endif
+ BYTE* modulus;
+ UINT32 capitalSLength;
+#ifdef __midl
+ [size_is(capitalSLength)]
+#endif
+ BYTE* capitalS;
+ UINT32 capitalZLength;
+#ifdef __midl
+ [size_is(capitalZLength)]
+#endif
+ BYTE* capitalZ;
+ UINT32 capitalR0Length;
+#ifdef __midl
+ [size_is(capitalR0Length)]
+#endif
+ BYTE* capitalR0;
+ UINT32 capitalR1Length;
+#ifdef __midl
+ [size_is(capitalR1Length)]
+#endif
+ BYTE* capitalR1;
+ UINT32 gammaLength;
+#ifdef __midl
+ [size_is(gammaLength)]
+#endif
+ BYTE* gamma;
+ UINT32 capitalGammaLength;
+#ifdef __midl
+ [size_is(capitalGammaLength)]
+#endif
+ BYTE* capitalGamma;
+ UINT32 rhoLength;
+#ifdef __midl
+ [size_is(rhoLength)]
+#endif
+ BYTE* rho;
+ UINT32 capitalYLength; // Length of first dimenstion
+ UINT32 capitalYLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(capitalYLength,capitalYLength2)]
+#endif
+ BYTE** capitalY;
+ UINT32 capitalYPlatformLength;
+ UINT32 issuerBaseNameLength;
+#ifdef __midl
+ [size_is(issuerBaseName)]
+#endif
+ BYTE* issuerBaseName;
+ UINT32 numPlatformAttributes;
+ UINT32 numIssuerAttributes;
+} TSS_DAA_PK;
+
+typedef struct tdTSS_DAA_PK_PROOF
+{
+ TSS_VERSION versionInfo;
+ UINT32 challengeLength;
+#ifdef __midl
+ [size_is(challengeLength)]
+#endif
+ BYTE* challenge;
+ UINT32 responseLength; // Length of first dimension
+ UINT32 responseLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(responseLength,responseLength2)]
+#endif
+ BYTE** response;
+} TSS_DAA_PK_PROOF;
+
+typedef struct tdTSS_DAA_SK
+{
+ TSS_VERSION versionInfo;
+ UINT32 productPQprimeLength;
+#ifdef __midl
+ [size_is(productPQprimeLength)]
+#endif
+ BYTE* productPQprime;
+} TSS_DAA_SK;
+
+
+typedef struct tdTSS_DAA_KEY_PAIR
+{
+ TSS_VERSION versionInfo;
+ TSS_DAA_SK secretKey;
+ TSS_DAA_PK publicKey;
+} TSS_DAA_KEY_PAIR;
+
+typedef struct tdTSS_DAA_AR_PK
+{
+ TSS_VERSION versionInfo;
+ UINT32 etaLength;
+#ifdef __midl
+ [size_is(etaLength)]
+#endif
+ BYTE* eta;
+ UINT32 lambda1Length;
+#ifdef __midl
+ [size_is(lambda1Length)]
+#endif
+ BYTE* lambda1;
+ UINT32 lambda2Length;
+#ifdef __midl
+ [size_is(lambda2Length)]
+#endif
+ BYTE* lambda2;
+ UINT32 lambda3Length;
+#ifdef __midl
+ [size_is(lambda3Length)]
+#endif
+ BYTE* lambda3;
+} TSS_DAA_AR_PK;
+
+typedef struct tdTSS_DAA_AR_SK
+{
+ TSS_VERSION versionInfo;
+ UINT32 x0Length;
+#ifdef __midl
+ [size_is(x0Length)]
+#endif
+ BYTE* x0;
+ UINT32 x1Length;
+#ifdef __midl
+ [size_is(x1Length)]
+#endif
+ BYTE* x1;
+ UINT32 x2Length;
+#ifdef __midl
+ [size_is(x2Length)]
+#endif
+ BYTE* x2;
+ UINT32 x3Length;
+#ifdef __midl
+ [size_is(x3Length)]
+#endif
+ BYTE* x3;
+ UINT32 x4Length;
+#ifdef __midl
+ [size_is(x4Length)]
+#endif
+ BYTE* x4;
+ UINT32 x5Length;
+#ifdef __midl
+ [size_is(x5Length)]
+#endif
+ BYTE* x5;
+} TSS_DAA_AR_SK;
+
+typedef struct tdTSS_DAA_AR_KEY_PAIR
+{
+ TSS_VERSION versionInfo;
+ TSS_DAA_AR_SK secretKey;
+ TSS_DAA_AR_PK publicKey;
+} TSS_DAA_AR_KEY_PAIR;
+
+typedef struct tdTSS_DAA_CRED_ISSUER
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalALength;
+#ifdef __midl
+ [size_is(capitalALength)]
+#endif
+ BYTE* capitalA;
+ UINT32 eLength;
+#ifdef __midl
+ [size_is(eLength)]
+#endif
+ BYTE* e;
+ UINT32 vPrimePrimeLength;
+#ifdef __midl
+ [size_is(vPrimePrimeLength)]
+#endif
+ BYTE* vPrimePrime;
+ UINT32 attributesIssuerLength; // Length of first dimension
+ UINT32 attributesIssuerLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(attributesIssuerLength,attributesIssuerLength2)]
+#endif
+ BYTE** attributesIssuer;
+ UINT32 cPrimeLength;
+#ifdef __midl
+ [size_is(cPrimeLength)]
+#endif
+ BYTE* cPrime;
+ UINT32 sELength;
+#ifdef __midl
+ [size_is(sELength)]
+#endif
+ BYTE* sE;
+} TSS_DAA_CRED_ISSUER;
+
+typedef struct tdTSS_DAA_CREDENTIAL
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalALength;
+#ifdef __midl
+ [size_is(capitalALength)]
+#endif
+ BYTE* capitalA;
+ UINT32 exponentLength;
+#ifdef __midl
+ [size_is(exponentLength)]
+#endif
+ BYTE* exponent;
+ UINT32 vBar0Length;
+#ifdef __midl
+ [size_is(vBar0Length)]
+#endif
+ BYTE* vBar0;
+ UINT32 vBar1Length;
+#ifdef __midl
+ [size_is(vBar1Length)]
+#endif
+ BYTE* vBar1;
+ UINT32 attributesLength; // Length of first dimension
+ UINT32 attributesLength2; // Length of second dimension
+#ifdef __midl
+ [size_is(attributesLength,attributesLength2)]
+#endif
+ BYTE** attributes;
+ TSS_DAA_PK issuerPK;
+ UINT32 tpmSpecificEncLength;
+#ifdef __midl
+ [size_is(tpmSpecificEncLength)]
+#endif
+ BYTE* tpmSpecificEnc;
+ UINT32 daaCounter;
+} TSS_DAA_CREDENTIAL;
+
+typedef struct tdTSS_DAA_ATTRIB_COMMIT
+{
+ TSS_VERSION versionInfo;
+ UINT32 betaLength;
+#ifdef __midl
+ [size_is(betaLength)]
+#endif
+ BYTE* beta;
+ UINT32 sMuLength;
+#ifdef __midl
+ [size_is(sMuLength)]
+#endif
+ BYTE* sMu;
+} TSS_DAA_ATTRIB_COMMIT;
+
+typedef struct tdTSS_DAA_CREDENTIAL_REQUEST
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalULength;
+#ifdef __midl
+ [size_is(capitalULength)]
+#endif
+ BYTE* capitalU;
+ UINT32 capitalNiLength;
+#ifdef __midl
+ [size_is(capitalNiLength)]
+#endif
+ BYTE* capitalNi;
+ UINT32 authenticationProofLength;
+#ifdef __midl
+ [size_is(authenticationProofLength)]
+#endif
+ BYTE* authenticationProof;
+ UINT32 challengeLength;
+#ifdef __midl
+ [size_is(challengeLength)]
+#endif
+ BYTE* challenge;
+ UINT32 nonceTpmLength;
+#ifdef __midl
+ [size_is(nonceTpmLength)]
+#endif
+ BYTE* nonceTpm;
+ UINT32 noncePlatformLength;
+#ifdef __midl
+ [size_is(noncePlatformLength)]
+#endif
+ BYTE* noncePlatform;
+ UINT32 sF0Length;
+#ifdef __midl
+ [size_is(sF0Length)]
+#endif
+ BYTE* sF0;
+ UINT32 sF1Length;
+#ifdef __midl
+ [size_is(sF1Length)]
+#endif
+ BYTE* sF1;
+ UINT32 sVprimeLength;
+#ifdef __midl
+ [size_is(sVprimeLength)]
+#endif
+ BYTE* sVprime;
+ UINT32 sVtildePrimeLength;
+#ifdef __midl
+ [size_is(sVtildePrimeLength)]
+#endif
+ BYTE* sVtildePrime;
+ UINT32 sALength; // Length of first dimension
+ UINT32 sALength2; // Length of second dimension
+#ifdef __midl
+ [size_is(sALength,sALength2)]
+#endif
+ BYTE** sA;
+ UINT32 attributeCommitmentsLength;
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments;
+} TSS_DAA_CREDENTIAL_REQUEST;
+
+typedef struct tdTSS_DAA_SELECTED_ATTRIB
+{
+ TSS_VERSION versionInfo;
+ UINT32 indicesListLength;
+#ifdef __midl
+ [size_is(indicesListLength)]
+#endif
+ TSS_BOOL* indicesList;
+} TSS_DAA_SELECTED_ATTRIB;
+
+typedef struct tdTSS_DAA_PSEUDONYM
+{
+ TSS_VERSION versionInfo;
+ TSS_FLAG payloadFlag;
+ UINT32 payloadLength;
+#ifdef __midl
+ [size_is(payloadLength)]
+#endif
+ BYTE* payload;
+} TSS_DAA_PSEUDONYM;
+
+typedef struct tdTSS_DAA_PSEUDONYM_PLAIN
+{
+ TSS_VERSION versionInfo;
+ UINT32 capitalNvLength;
+#ifdef __midl
+ [size_is(capitalNvLength)]
+#endif
+ BYTE* capitalNv;
+} TSS_DAA_PSEUDONYM_PLAIN;
+
+typedef struct tdTSS_DAA_PSEUDONYM_ENCRYPTED
+{
+ TSS_VERSION versionInfo;
+ UINT32 delta1Length;
+#ifdef __midl
+ [size_is(delta1Length)]
+#endif
+ BYTE* delta1;
+ UINT32 delta2Length;
+#ifdef __midl
+ [size_is(delta2Length)]
+#endif
+ BYTE* delta2;
+ UINT32 delta3Length;
+#ifdef __midl
+ [size_is(delta3Length)]
+#endif
+ BYTE* delta3;
+ UINT32 delta4Length;
+#ifdef __midl
+ [size_is(delta4Length)]
+#endif
+ BYTE* delta4;
+ UINT32 sTauLength;
+#ifdef __midl
+ [size_is(sTauLength)]
+#endif
+ BYTE* sTau;
+} TSS_DAA_PSEUDONYM_ENCRYPTED;
+
+typedef struct tdTSS_DAA_SIGN_CALLBACK
+{
+ TSS_VERSION versionInfo;
+ TSS_HHASH challenge;
+ TSS_FLAG payloadFlag;
+ UINT32 payloadLength;
+#ifdef __midl
+ [size_is(payloadLength)]
+#endif
+ BYTE* payload;
+} TSS_DAA_SIGN_CALLBACK;
+
+typedef struct tdTSS_DAA_SIGNATURE
+{
+ TSS_VERSION versionInfo;
+ UINT32 zetaLength;
+#ifdef __midl
+ [size_is(zetaLength)]
+#endif
+ BYTE* zeta;
+ UINT32 capitalTLength;
+#ifdef __midl
+ [size_is(capitalTLength)]
+#endif
+ BYTE* capitalT;
+ UINT32 challengeLength;
+#ifdef __midl
+ [size_is(challengeLength)]
+#endif
+ BYTE* challenge;
+ UINT32 nonceTpmLength;
+#ifdef __midl
+ [size_is(nonceTpmLength)]
+#endif
+ BYTE* nonceTpm;
+ UINT32 sVLength;
+#ifdef __midl
+ [size_is(sVLength)]
+#endif
+ BYTE* sV;
+ UINT32 sF0Length;
+#ifdef __midl
+ [size_is(sF0Length)]
+#endif
+ BYTE* sF0;
+ UINT32 sF1Length;
+#ifdef __midl
+ [size_is(sF1Length)]
+#endif
+ BYTE* sF1;
+ UINT32 sELength;
+#ifdef __midl
+ [size_is(sELength)]
+#endif
+ BYTE* sE;
+ UINT32 sALength; // Length of first dimension
+ UINT32 sALength2; // Length of second dimension
+#ifdef __midl
+ [size_is(sALength,sALength2)]
+#endif
+ BYTE** sA;
+ UINT32 attributeCommitmentsLength;
+#ifdef __midl
+ [size_is(attributeCommitmentsLength)]
+#endif
+ TSS_DAA_ATTRIB_COMMIT* attributeCommitments;
+ TSS_DAA_PSEUDONYM signedPseudonym;
+ TSS_DAA_SIGN_CALLBACK callbackResult;
+} TSS_DAA_SIGNATURE;
+
+typedef struct tdTSS_DAA_IDENTITY_PROOF
+{
+ TSS_VERSION versionInfo;
+ UINT32 endorsementLength;
+#ifdef __midl
+ [size_is(endorsementLength)]
+#endif
+ BYTE* endorsementCredential;
+ UINT32 platformLength;
+#ifdef __midl
+ [size_is(platformLength)]
+#endif
+ BYTE* platform;
+ UINT32 conformanceLength;
+#ifdef __midl
+ [size_is(conformanceLength)]
+#endif
+ BYTE* conformance;
+} TSS_DAA_IDENTITY_PROOF;
+
+
+////////////////////////////////////////////////////////////////////
+
+typedef UINT32 TSS_FAMILY_ID;
+typedef BYTE TSS_DELEGATION_LABEL;
+// Values are TSS_DELEGATIONTYPE_KEY or TSS_DELEGATIONTYPE_OWNER
+typedef UINT32 TSS_DELEGATION_TYPE;
+
+typedef struct tdTSS_PCR_INFO_SHORT
+{
+ UINT32 sizeOfSelect;
+#ifdef __midl
+ [size_is(sizeOfSelect)]
+#endif
+ BYTE *selection;
+ BYTE localityAtRelease;
+ UINT32 sizeOfDigestAtRelease;
+#ifdef __midl
+ [size_is(sizeOfDigestAtRelease)]
+#endif
+ BYTE *digestAtRelease;
+} TSS_PCR_INFO_SHORT;
+
+typedef struct tdTSS_FAMILY_TABLE_ENTRY
+{
+ TSS_FAMILY_ID familyID;
+ TSS_DELEGATION_LABEL label;
+ UINT32 verificationCount;
+ TSS_BOOL enabled;
+ TSS_BOOL locked;
+} TSS_FAMILY_TABLE_ENTRY;
+
+typedef struct tdTSS_DELEGATION_TABLE_ENTRY
+{
+ UINT32 tableIndex;
+ TSS_DELEGATION_LABEL label;
+ TSS_PCR_INFO_SHORT pcrInfo;
+ UINT32 per1;
+ UINT32 per2;
+ TSS_FAMILY_ID familyID;
+ UINT32 verificationCount;
+} TSS_DELEGATION_TABLE_ENTRY;
+
+typedef struct tdTSS_PLATFORM_CLASS
+{
+ UINT32 platformClassSimpleIdentifier;
+ UINT32 platformClassURISize;
+ BYTE* pPlatformClassURI;
+} TSS_PLATFORM_CLASS;
+
+#endif // __TSS_STRUCTS_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_typedef.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_typedef.h
new file mode 100644
index 0000000..c23ef09
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/include/tss/tss_typedef.h
@@ -0,0 +1,48 @@
+/*++
+
+Global typedefs for TSS
+
+*/
+
+#ifndef __TSS_TYPEDEF_H__
+#define __TSS_TYPEDEF_H__
+
+#include <tss/platform.h>
+
+//--------------------------------------------------------------------
+// definitions for TSS Service Provider (TSP)
+//
+typedef UINT32 TSS_HANDLE;
+
+typedef UINT32 TSS_FLAG; // object attributes
+typedef UINT32 TSS_RESULT; // the return code from a TSS function
+
+typedef UINT32 TSS_HOBJECT; // basic object handle
+typedef TSS_HOBJECT TSS_HCONTEXT; // context object handle
+typedef TSS_HOBJECT TSS_HPOLICY; // policy object handle
+typedef TSS_HOBJECT TSS_HTPM; // TPM object handle
+typedef TSS_HOBJECT TSS_HKEY; // key object handle
+typedef TSS_HOBJECT TSS_HENCDATA; // encrypted data object handle
+typedef TSS_HOBJECT TSS_HPCRS; // PCR composite object handle
+typedef TSS_HOBJECT TSS_HHASH; // hash object handle
+typedef TSS_HOBJECT TSS_HNVSTORE; // NV storage object handle
+typedef TSS_HOBJECT TSS_HMIGDATA; // migration data utility obj handle
+typedef TSS_HOBJECT TSS_HDELFAMILY; // delegation family object handle
+typedef TSS_HOBJECT TSS_HDAA_CREDENTIAL; // daa credential
+typedef TSS_HOBJECT TSS_HDAA_ISSUER_KEY; // daa credential issuer keypair
+typedef TSS_HOBJECT TSS_HDAA_ARA_KEY; // daa anonymity revocation
+ // authority keypair
+
+typedef UINT32 TSS_EVENTTYPE;
+typedef UINT16 TSS_MIGRATE_SCHEME;
+typedef UINT32 TSS_ALGORITHM_ID;
+typedef UINT32 TSS_KEY_USAGE_ID;
+typedef UINT16 TSS_KEY_ENC_SCHEME;
+typedef UINT16 TSS_KEY_SIG_SCHEME;
+typedef BYTE TSS_KEY_AUTH_DATA_USAGE;
+typedef UINT32 TSS_CMK_DELEGATE;
+typedef UINT32 TSS_NV_INDEX;
+typedef UINT32 TSS_COUNTER_ID;
+
+#endif // __TSS_TYPEDEF_H__
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/crypto/openssl/crypto.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/crypto/openssl/crypto.c
new file mode 100644
index 0000000..ac42541
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/crypto/openssl/crypto.c
@@ -0,0 +1,71 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include <openssl/evp.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcslog.h"
+
+/*
+ * Hopefully this will make the code clearer since
+ * OpenSSL returns 1 on success
+ */
+#define EVP_SUCCESS 1
+
+TSS_RESULT
+Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest)
+{
+ EVP_MD_CTX *md_ctx;
+ unsigned int result_size;
+ int rv;
+
+ md_ctx = EVP_MD_CTX_create();
+
+ switch (HashType) {
+ case TSS_HASH_SHA1:
+ rv = EVP_DigestInit(md_ctx, EVP_sha1());
+ break;
+ default:
+ rv = TCSERR(TSS_E_BAD_PARAMETER);
+ goto out;
+ break;
+ }
+
+ if (rv != EVP_SUCCESS) {
+ rv = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto out;
+ }
+
+ rv = EVP_DigestUpdate(md_ctx, Buf, BufSize);
+ if (rv != EVP_SUCCESS) {
+ rv = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto out;
+ }
+
+ result_size = EVP_MD_CTX_size(md_ctx);
+ rv = EVP_DigestFinal(md_ctx, Digest, &result_size);
+ if (rv != EVP_SUCCESS) {
+ rv = TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+ rv = TSS_SUCCESS;
+
+out:
+ EVP_MD_CTX_destroy(md_ctx);
+ return rv;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/log.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/log.c
new file mode 100644
index 0000000..3ad4884
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/log.c
@@ -0,0 +1,108 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+#include <syslog.h>
+
+#include "trousers/tss.h"
+#include "tcslog.h"
+
+#ifdef TSS_DEBUG
+
+/*
+ * LogBlobData()
+ *
+ * Log a blob's data to the debugging stream
+ *
+ * szDescriptor - The APPID tag found in the caller's environment at build time
+ * sizeOfBlob - The size of the data to log
+ * blob - the data to log
+ *
+ */
+
+void
+LogBlobData(char *szDescriptor, unsigned long sizeOfBlob, unsigned char *blob)
+{
+ char temp[64];
+ unsigned int i;
+
+
+ if (getenv("TCSD_FOREGROUND") == NULL)
+ openlog(szDescriptor, LOG_NDELAY|LOG_PID, TSS_SYSLOG_LVL);
+ memset(temp, 0, sizeof(temp));
+
+ for (i = 0; (unsigned long)i < sizeOfBlob; i++) {
+ if ((i > 0) && ((i % 16) == 0)) {
+ if (getenv("TCSD_FOREGROUND") != NULL)
+ fprintf(stdout, "%s %s\n", szDescriptor, temp);
+ else
+ syslog(LOG_DEBUG, "%s", temp);
+ memset(temp, 0, sizeof(temp));
+ }
+ snprintf(&temp[(i%16)*3], 4, "%.2X ", blob[i]);
+ }
+
+ if (i == sizeOfBlob) {
+ if (getenv("TCSD_FOREGROUND") != NULL)
+ fprintf(stdout, "%s %s\n", szDescriptor, temp);
+ else
+ syslog(LOG_DEBUG, "%s", temp);
+ }
+}
+
+void
+LogTPMERR(TSS_RESULT result, char *file, int line)
+{
+ if (getenv("TSS_DEBUG_OFF") == NULL)
+ fprintf(stderr, "%s %s %s:%d: 0x%x\n", "LOG_RETERR", "TPM", file, line, result);
+}
+
+TSS_RESULT
+LogTDDLERR(TSS_RESULT result, char *file, int line)
+{
+ if (getenv("TSS_DEBUG_OFF") == NULL)
+ fprintf(stderr, "%s %s %s:%d: 0x%x\n", "LOG_RETERR", APPID, file, line, result);
+
+ return (result | TSS_LAYER_TDDL);
+}
+
+TSS_RESULT
+LogTCSERR(TSS_RESULT result, char *file, int line)
+{
+ if (getenv("TSS_DEBUG_OFF") == NULL)
+ fprintf(stderr, "%s %s %s:%d: 0x%x\n", "LOG_RETERR", APPID, file, line, result);
+
+ return (result | TSS_LAYER_TCS);
+}
+
+#elif defined (TSS_TRACE)
+void
+LogTPMERR(TSS_RESULT result, char *file, int line)
+{
+ LogInfo("%s %s %s:%d: 0x%x\n", "LOG_RETERR", "TPM", file, line, result);
+}
+
+TSS_RESULT
+LogTDDLERR(TSS_RESULT result, char *file, int line)
+{
+ LogInfo("%s %s %s:%d: 0x%x\n", "LOG_RETERR", APPID, file, line, result);
+ return (result | TSS_LAYER_TDDL);
+}
+
+TSS_RESULT
+LogTCSERR(TSS_RESULT result, char *file, int line)
+{
+ LogInfo("%s %s %s:%d: 0x%x\n", "LOG_RETERR", APPID, file, line, result);
+ return (result | TSS_LAYER_TCS);
+}
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/ps/ps_utils.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/ps/ps_utils.c
new file mode 100644
index 0000000..35ac89f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/ps/ps_utils.c
@@ -0,0 +1,530 @@
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#if defined(HAVE_BYTEORDER_H)
+#include <sys/byteorder.h>
+#elif defined(HTOLE_DEFINED)
+#include <endian.h>
+#define LE_16 htole16
+#define LE_32 htole32
+#define LE_64 htole64
+#else
+#define LE_16(x) (x)
+#define LE_32(x) (x)
+#define LE_64(x) (x)
+#endif
+#include <fcntl.h>
+#include <string.h>
+#include <limits.h>
+#include <assert.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_int_literals.h"
+#include "tcsps.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcslog.h"
+
+struct key_disk_cache *key_disk_cache_head = NULL;
+
+
+TSS_RESULT
+read_data(int fd, void *data, UINT32 size)
+{
+ int rc;
+
+ rc = read(fd, data, size);
+ if (rc == -1) {
+ LogError("read of %d bytes: %s", size, strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if ((unsigned)rc != size) {
+ LogError("read of %d bytes (only %d read)", size, rc);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+
+TSS_RESULT
+write_data(int fd, void *data, UINT32 size)
+{
+ int rc;
+
+ rc = write(fd, data, size);
+ if (rc == -1) {
+ LogError("write of %d bytes: %s", size, strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if ((unsigned)rc != size) {
+ LogError("write of %d bytes (only %d written)", size, rc);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+/*
+ * called by write_key_init to find the next available location in the PS file to
+ * write a new key to.
+ */
+int
+find_write_offset(UINT32 pub_data_size, UINT32 blob_size, UINT32 vendor_data_size)
+{
+ struct key_disk_cache *tmp;
+ unsigned int offset;
+
+ MUTEX_LOCK(disk_cache_lock);
+
+ tmp = key_disk_cache_head;
+ while (tmp) {
+ /* if we find a deleted key of the right size, return its offset */
+ if (!(tmp->flags & CACHE_FLAG_VALID) &&
+ tmp->pub_data_size == pub_data_size &&
+ tmp->blob_size == blob_size &&
+ tmp->vendor_data_size == vendor_data_size) {
+ offset = tmp->offset;
+ MUTEX_UNLOCK(disk_cache_lock);
+ return offset;
+ }
+ tmp = tmp->next;
+ }
+
+ MUTEX_UNLOCK(disk_cache_lock);
+
+ /* no correctly sized holes */
+ return -1;
+}
+
+/*
+ * move the file pointer to the point where the next key can be written and return
+ * that offset
+ */
+int
+write_key_init(int fd, UINT32 pub_data_size, UINT32 blob_size, UINT32 vendor_data_size)
+{
+ UINT32 num_keys;
+ BYTE version;
+ int rc, offset;
+
+ /* seek to the PS version */
+ rc = lseek(fd, TSSPS_VERSION_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return -1;
+ }
+
+ /* go to NUM_KEYS */
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return -1;
+ }
+
+ /* read the number of keys */
+ rc = read(fd, &num_keys, sizeof(UINT32));
+ num_keys = LE_32(num_keys);
+ if (rc == -1) {
+ LogError("read of %zd bytes: %s", sizeof(UINT32), strerror(errno));
+ return -1;
+ } else if (rc == 0) {
+ /* This is the first key being written */
+ num_keys = 1;
+ version = 1;
+
+ /* seek to the PS version */
+ rc = lseek(fd, TSSPS_VERSION_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return -1;
+ }
+
+ /* write out the version info byte */
+ if ((rc = write_data(fd, &version, sizeof(BYTE)))) {
+ LogError("%s", __FUNCTION__);
+ return rc;
+ }
+
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return -1;
+ }
+
+ num_keys = LE_32(num_keys);
+ if ((rc = write_data(fd, &num_keys, sizeof(UINT32)))) {
+ LogError("%s", __FUNCTION__);
+ return rc;
+ }
+
+ /* return the offset */
+ return (TSSPS_NUM_KEYS_OFFSET + sizeof(UINT32));
+ }
+
+ /* if there is a hole in the file we can write to, find it */
+ offset = find_write_offset(pub_data_size, blob_size, vendor_data_size);
+
+ if (offset != -1) {
+ /* we found a hole, seek to it and don't increment the # of keys on disk */
+ rc = lseek(fd, offset, SEEK_SET);
+ } else {
+ /* we didn't find a hole, increment the number of keys on disk and seek
+ * to the end of the file
+ */
+ num_keys++;
+
+ /* go to the beginning */
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return -1;
+ }
+ num_keys = LE_32(num_keys);
+ if ((rc = write_data(fd, &num_keys, sizeof(UINT32)))) {
+ LogError("%s", __FUNCTION__);
+ return rc;
+ }
+
+ rc = lseek(fd, 0, SEEK_END);
+ }
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return -1;
+ }
+
+ /* lseek returns the number of bytes of offset from the beginning of the file */
+ return rc;
+}
+
+/*
+ * add a new cache entry for a written key
+ */
+TSS_RESULT
+cache_key(UINT32 offset, UINT16 flags,
+ TSS_UUID *uuid, TSS_UUID *parent_uuid,
+ UINT16 pub_data_size, UINT32 blob_size,
+ UINT32 vendor_data_size)
+{
+ struct key_disk_cache *tmp;
+
+ MUTEX_LOCK(disk_cache_lock);
+
+ tmp = key_disk_cache_head;
+
+ for (; tmp; tmp = tmp->next) {
+ /* reuse an invalidated key cache entry */
+ if (!(tmp->flags & CACHE_FLAG_VALID))
+ goto fill_cache_entry;
+ }
+
+ tmp = malloc(sizeof(struct key_disk_cache));
+ if (tmp == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct key_disk_cache));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ tmp->next = key_disk_cache_head;
+ key_disk_cache_head = tmp;
+
+fill_cache_entry:
+ tmp->offset = offset;
+#ifdef TSS_DEBUG
+ if (offset == 0)
+ LogDebug("Storing key with file offset==0!!!");
+#endif
+ tmp->flags = flags;
+ tmp->blob_size = blob_size;
+ tmp->pub_data_size = pub_data_size;
+ tmp->vendor_data_size = vendor_data_size;
+ memcpy(&tmp->uuid, uuid, sizeof(TSS_UUID));
+ memcpy(&tmp->parent_uuid, parent_uuid, sizeof(TSS_UUID));
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+}
+
+/*
+ * read into the PS file and return the number of keys
+ */
+int
+get_num_keys_in_file(int fd)
+{
+ UINT32 num_keys;
+ int rc;
+
+ /* go to the number of keys */
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return 0;
+ }
+
+ rc = read(fd, &num_keys, sizeof(UINT32));
+ if (rc < 0) {
+ LogError("read of %zd bytes: %s", sizeof(UINT32), strerror(errno));
+ return 0;
+ } else if ((unsigned)rc < sizeof(UINT32)) {
+ num_keys = 0;
+ }
+ num_keys = LE_32(num_keys);
+
+ return num_keys;
+}
+
+/*
+ * count the number of valid keys in the cache
+ */
+int
+get_num_keys()
+{
+ int num_keys = 0;
+ struct key_disk_cache *tmp;
+
+ MUTEX_LOCK(disk_cache_lock);
+
+ tmp = key_disk_cache_head;
+
+ for (; tmp; tmp = tmp->next) {
+ if (tmp->flags & CACHE_FLAG_VALID)
+ num_keys++;
+ }
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return num_keys;
+}
+
+/*
+ * disk store format:
+ *
+ * TrouSerS 0.2.0 and before:
+ * Version 0: cached?
+ * [UINT32 num_keys_on_disk]
+ * [TSS_UUID uuid0 ] yes
+ * [TSS_UUID uuid_parent0 ] yes
+ * [UINT16 pub_data_size0 ] yes
+ * [UINT16 blob_size0 ] yes
+ * [UINT16 cache_flags0 ] yes
+ * [BYTE[] pub_data0 ]
+ * [BYTE[] blob0 ]
+ * [...]
+ *
+ * TrouSerS 0.2.1+
+ * Version 1: cached?
+ * [BYTE PS version = '\1']
+ * [UINT32 num_keys_on_disk ]
+ * [TSS_UUID uuid0 ] yes
+ * [TSS_UUID uuid_parent0 ] yes
+ * [UINT16 pub_data_size0 ] yes
+ * [UINT16 blob_size0 ] yes
+ * [UINT32 vendor_data_size0] yes
+ * [UINT16 cache_flags0 ] yes
+ * [BYTE[] pub_data0 ]
+ * [BYTE[] blob0 ]
+ * [BYTE[] vendor_data0 ]
+ * [...]
+ *
+ */
+/*
+ * read the PS file pointed to by fd and create a cache based on it
+ */
+int
+init_disk_cache(int fd)
+{
+ UINT32 num_keys = get_num_keys_in_file(fd);
+ UINT16 i;
+ UINT64 tmp_offset;
+ int rc = 0, offset;
+ struct key_disk_cache *tmp, *prev = NULL;
+ BYTE srk_blob[2048];
+ TSS_KEY srk_key;
+#ifdef TSS_DEBUG
+ int valid_keys = 0;
+#endif
+
+ MUTEX_LOCK(disk_cache_lock);
+
+ if (num_keys == 0) {
+ key_disk_cache_head = NULL;
+ MUTEX_UNLOCK(disk_cache_lock);
+ return 0;
+ } else {
+ key_disk_cache_head = tmp = calloc(1, sizeof(struct key_disk_cache));
+ if (tmp == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct key_disk_cache));
+ rc = -1;
+ goto err_exit;
+ }
+ }
+
+ /* make sure the file pointer is where we expect, just after the number
+ * of keys on disk at the head of the file
+ */
+ offset = lseek(fd, TSSPS_KEYS_OFFSET, SEEK_SET);
+ if (offset == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ rc = -1;
+ goto err_exit;
+ }
+
+ for (i=0; i<num_keys; i++) {
+ offset = lseek(fd, 0, SEEK_CUR);
+ if (offset == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ rc = -1;
+ goto err_exit;
+ }
+ tmp->offset = offset;
+#ifdef TSS_DEBUG
+ if (offset == 0)
+ LogDebug("Storing key with file offset==0!!!");
+#endif
+ /* read UUID */
+ if ((rc = read_data(fd, (void *)&tmp->uuid, sizeof(TSS_UUID)))) {
+ LogError("%s", __FUNCTION__);
+ goto err_exit;
+ }
+
+ /* read parent UUID */
+ if ((rc = read_data(fd, (void *)&tmp->parent_uuid, sizeof(TSS_UUID)))) {
+ LogError("%s", __FUNCTION__);
+ goto err_exit;
+ }
+
+ /* pub data size */
+ if ((rc = read_data(fd, &tmp->pub_data_size, sizeof(UINT16)))) {
+ LogError("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp->pub_data_size = LE_16(tmp->pub_data_size);
+
+ DBG_ASSERT(tmp->pub_data_size <= 2048 && tmp->pub_data_size > 0);
+
+ /* blob size */
+ if ((rc = read_data(fd, &tmp->blob_size, sizeof(UINT16)))) {
+ LogError("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp->blob_size = LE_16(tmp->blob_size);
+ DBG_ASSERT(tmp->blob_size <= 4096 && tmp->blob_size > 0);
+
+ /* vendor data size */
+ if ((rc = read_data(fd, &tmp->vendor_data_size, sizeof(UINT32)))) {
+ LogError("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp->vendor_data_size = LE_32(tmp->vendor_data_size);
+
+ /* cache flags */
+ if ((rc = read_data(fd, &tmp->flags, sizeof(UINT16)))) {
+ LogError("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp->flags = LE_16(tmp->flags);
+
+#ifdef TSS_DEBUG
+ if (tmp->flags & CACHE_FLAG_VALID)
+ valid_keys++;
+#endif
+ /* fast forward over the pub key */
+ offset = lseek(fd, tmp->pub_data_size, SEEK_CUR);
+ if (offset == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ rc = -1;
+ goto err_exit;
+ }
+
+ /* if this is the SRK, load it into memory, since its already loaded in
+ * the chip */
+ if (!memcmp(&SRK_UUID, &tmp->uuid, sizeof(TSS_UUID))) {
+ /* read SRK blob from disk */
+ if ((rc = read_data(fd, srk_blob, tmp->blob_size))) {
+ LogError("%s", __FUNCTION__);
+ goto err_exit;
+ }
+
+ tmp_offset = 0;
+ if ((rc = UnloadBlob_TSS_KEY(&tmp_offset, srk_blob, &srk_key)))
+ goto err_exit;
+ /* add to the mem cache */
+ if ((rc = mc_add_entry_init(SRK_TPM_HANDLE, SRK_TPM_HANDLE, &srk_key,
+ &SRK_UUID))) {
+ LogError("Error adding SRK to mem cache.");
+ destroy_key_refs(&srk_key);
+ goto err_exit;
+ }
+ destroy_key_refs(&srk_key);
+ } else {
+ /* fast forward over the blob */
+ offset = lseek(fd, tmp->blob_size, SEEK_CUR);
+ if (offset == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ rc = -1;
+ goto err_exit;
+ }
+
+ /* fast forward over the vendor data */
+ offset = lseek(fd, tmp->vendor_data_size, SEEK_CUR);
+ if (offset == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ rc = -1;
+ goto err_exit;
+ }
+ }
+
+ tmp->next = calloc(1, sizeof(struct key_disk_cache));
+ if (tmp->next == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct key_disk_cache));
+ rc = -1;
+ goto err_exit;
+ }
+ prev = tmp;
+ tmp = tmp->next;
+ }
+
+ /* delete the dangling, unfilled cache entry */
+ free(tmp);
+ prev->next = NULL;
+ rc = 0;
+ LogDebug("%s: found %d valid key(s) on disk.\n", __FUNCTION__, valid_keys);
+
+err_exit:
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+}
+
+int
+close_disk_cache(int fd)
+{
+ struct key_disk_cache *tmp, *tmp_next;
+
+ if (key_disk_cache_head == NULL)
+ return 0;
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ do {
+ tmp_next = tmp->next;
+ free(tmp);
+ tmp = tmp_next;
+ } while (tmp);
+
+ MUTEX_UNLOCK(disk_cache_lock);
+
+ return 0;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/ps/tcsps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/ps/tcsps.c
new file mode 100644
index 0000000..0d55608
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/ps/tcsps.c
@@ -0,0 +1,784 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/file.h>
+#include <sys/stat.h>
+#if defined (HAVE_BYTEORDER_H)
+#include <sys/byteorder.h>
+#elif defined (HTOLE_DEFINED)
+#include <endian.h>
+#define LE_16 htole16
+#define LE_32 htole32
+#define LE_64 htole64
+#else
+#define LE_16(x) (x)
+#define LE_32(x) (x)
+#define LE_64(x) (x)
+#endif
+#include <assert.h>
+#include <fcntl.h>
+#include <limits.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcsps.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+int system_ps_fd = -1;
+MUTEX_DECLARE(disk_cache_lock);
+
+static struct flock fl;
+
+int
+get_file()
+{
+ int rc;
+ /* check the global file handle first. If it exists, lock it and return */
+ if (system_ps_fd != -1) {
+ int rc = 0;
+
+ fl.l_type = F_WRLCK;
+ if ((rc = fcntl(system_ps_fd, F_SETLKW, &fl))) {
+ LogError("failed to get system PS lock: %s", strerror(errno));
+ return -1;
+ }
+
+ return system_ps_fd;
+ }
+
+ /* open and lock the file */
+ system_ps_fd = open(tcsd_options.system_ps_file, O_CREAT|O_RDWR, 0600);
+ if (system_ps_fd < 0) {
+ LogError("system PS: open() of %s failed: %s",
+ tcsd_options.system_ps_file, strerror(errno));
+ return -1;
+ }
+
+ fl.l_type = F_WRLCK;
+ if ((rc = fcntl(system_ps_fd, F_SETLKW, &fl))) {
+ LogError("failed to get system PS lock of file %s: %s",
+ tcsd_options.system_ps_file, strerror(errno));
+ return -1;
+ }
+
+ return system_ps_fd;
+}
+
+int
+put_file(int fd)
+{
+ int rc = 0;
+ /* release the file lock */
+
+ fl.l_type = F_UNLCK;
+ if ((rc = fcntl(fd, F_SETLKW, &fl))) {
+ LogError("failed to unlock system PS file: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ return rc;
+}
+
+void
+close_file(int fd)
+{
+ close(fd);
+ system_ps_fd = -1;
+}
+
+TSS_RESULT
+psfile_get_parent_uuid_by_uuid(int fd, TSS_UUID *uuid, TSS_UUID *ret_uuid)
+{
+ int rc;
+ UINT32 file_offset = 0;
+ struct key_disk_cache *tmp;
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ while (tmp) {
+ if (memcmp(uuid, &tmp->uuid, sizeof(TSS_UUID)) || !(tmp->flags & CACHE_FLAG_VALID)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ /* jump to the location of the parent uuid */
+ file_offset = TSSPS_PARENT_UUID_OFFSET(tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return -1;
+ }
+
+ if ((rc = read_data(fd, ret_uuid, sizeof(TSS_UUID)))) {
+ LogError("%s", __FUNCTION__);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+ }
+ MUTEX_UNLOCK(disk_cache_lock);
+ /* key not found */
+ return -2;
+}
+
+/*
+ * return a key blob from PS given a uuid
+ */
+TSS_RESULT
+psfile_get_key_by_uuid(int fd, TSS_UUID *uuid, BYTE *ret_buffer, UINT16 *ret_buffer_size)
+{
+ int rc;
+ UINT32 file_offset = 0;
+ struct key_disk_cache *tmp;
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ while (tmp) {
+ if (memcmp(uuid, &tmp->uuid, sizeof(TSS_UUID)) || !(tmp->flags & CACHE_FLAG_VALID)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ /* jump to the location of the key blob */
+ file_offset = TSSPS_BLOB_DATA_OFFSET(tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* we found the key; file ptr is pointing at the blob */
+ if (*ret_buffer_size < tmp->blob_size) {
+ /* not enough room */
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ if ((rc = read_data(fd, ret_buffer, tmp->blob_size))) {
+ LogError("%s", __FUNCTION__);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+ *ret_buffer_size = tmp->blob_size;
+ LogDebugUnrollKey(ret_buffer);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+ }
+ MUTEX_UNLOCK(disk_cache_lock);
+ /* key not found */
+ return TCSERR(TSS_E_FAIL);
+}
+
+/*
+ * return a key blob from PS given its cache entry. The disk cache must be
+ * locked by the caller.
+ */
+TSS_RESULT
+psfile_get_key_by_cache_entry(int fd, struct key_disk_cache *c, BYTE *ret_buffer,
+ UINT16 *ret_buffer_size)
+{
+ int rc;
+ UINT32 file_offset = 0;
+
+ /* jump to the location of the key blob */
+ file_offset = TSSPS_BLOB_DATA_OFFSET(c);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* we found the key; file ptr is pointing at the blob */
+ if (*ret_buffer_size < c->blob_size) {
+ /* not enough room */
+ LogError("%s: Buf size too small. Needed %d bytes, passed %d", __FUNCTION__,
+ c->blob_size, *ret_buffer_size);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if ((rc = read_data(fd, ret_buffer, c->blob_size))) {
+ LogError("%s: error reading %d bytes", __FUNCTION__, c->blob_size);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ *ret_buffer_size = c->blob_size;
+
+ return TSS_SUCCESS;
+}
+
+/*
+ * return the vendor data from PS given its cache entry. The disk cache must be
+ * locked by the caller.
+ */
+TSS_RESULT
+psfile_get_vendor_data(int fd, struct key_disk_cache *c, UINT32 *size, BYTE **data)
+{
+ int rc;
+ UINT32 file_offset;
+
+ /* jump to the location of the data */
+ file_offset = TSSPS_VENDOR_DATA_OFFSET(c);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if ((*data = malloc(c->vendor_data_size)) == NULL) {
+ LogError("malloc of %u bytes failed", c->vendor_data_size);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((rc = read_data(fd, *data, c->vendor_data_size))) {
+ LogError("%s: error reading %u bytes", __FUNCTION__, c->vendor_data_size);
+ free(*data);
+ *data = NULL;
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ *size = c->vendor_data_size;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_get_ps_type_by_uuid(int fd, TSS_UUID *uuid, UINT32 *ret_ps_type)
+{
+ struct key_disk_cache *tmp;
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ while (tmp) {
+ if (memcmp(uuid, &tmp->uuid, sizeof(TSS_UUID)) ||
+ !(tmp->flags & CACHE_FLAG_VALID)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ if (tmp->flags & CACHE_FLAG_PARENT_PS_SYSTEM) {
+ *ret_ps_type = TSS_PS_TYPE_SYSTEM;
+ goto done;
+ } else
+ break;
+ }
+
+ *ret_ps_type = TSS_PS_TYPE_USER;
+done:
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_is_pub_registered(int fd, TCPA_STORE_PUBKEY *pub, TSS_BOOL *is_reg)
+{
+ int rc;
+ UINT32 file_offset = 0;
+ struct key_disk_cache *tmp;
+ char tmp_buffer[2048];
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ while (tmp) {
+ /* if the key is of the wrong size or is invalid, try the next one */
+ if (pub->keyLength != tmp->pub_data_size || !(tmp->flags & CACHE_FLAG_VALID)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ /* we have a valid key with the same key size as the one we're looking for.
+ * grab the pub key data off disk and compare it. */
+
+ /* jump to the location of the public key */
+ file_offset = TSSPS_PUB_DATA_OFFSET(tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ DBG_ASSERT(tmp->pub_data_size < 2048);
+
+ /* read in the key */
+ if ((rc = read_data(fd, tmp_buffer, tmp->pub_data_size))) {
+ LogError("%s", __FUNCTION__);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+
+ /* do the compare */
+ if (memcmp(tmp_buffer, pub->key, tmp->pub_data_size)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ /* the key matches, copy the uuid out */
+ *is_reg = TRUE;
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+ }
+ MUTEX_UNLOCK(disk_cache_lock);
+ /* key not found */
+ *is_reg = FALSE;
+ return TSS_SUCCESS;
+}
+
+
+TSS_RESULT
+psfile_get_uuid_by_pub(int fd, TCPA_STORE_PUBKEY *pub, TSS_UUID **ret_uuid)
+{
+ int rc;
+ UINT32 file_offset = 0;
+ struct key_disk_cache *tmp;
+ char tmp_buffer[2048];
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ while (tmp) {
+ /* if the key is of the wrong size or is invalid, try the next one */
+ if (pub->keyLength != tmp->pub_data_size || !(tmp->flags & CACHE_FLAG_VALID)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ /* we have a valid key with the same key size as the one we're looking for.
+ * grab the pub key data off disk and compare it. */
+
+ /* jump to the location of the public key */
+ file_offset = TSSPS_PUB_DATA_OFFSET(tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ DBG_ASSERT(tmp->pub_data_size < 2048);
+
+ if (tmp->pub_data_size > sizeof(tmp_buffer)) {
+ LogError("Source buffer size too big! Size: %d",
+ tmp->pub_data_size);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ /* read in the key */
+ if ((rc = read_data(fd, tmp_buffer, tmp->pub_data_size))) {
+ LogError("%s", __FUNCTION__);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+
+ /* do the compare */
+ if (memcmp(tmp_buffer, pub->key, tmp->pub_data_size)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ *ret_uuid = (TSS_UUID *)malloc(sizeof(TSS_UUID));
+ if (*ret_uuid == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_UUID));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ /* the key matches, copy the uuid out */
+ memcpy(*ret_uuid, &tmp->uuid, sizeof(TSS_UUID));
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+ }
+ MUTEX_UNLOCK(disk_cache_lock);
+ /* key not found */
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+}
+
+TSS_RESULT
+psfile_get_key_by_pub(int fd, TCPA_STORE_PUBKEY *pub, UINT32 *size, BYTE **ret_key)
+{
+ int rc;
+ UINT32 file_offset = 0;
+ struct key_disk_cache *tmp;
+ BYTE tmp_buffer[4096];
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ while (tmp) {
+ /* if the key is of the wrong size or is invalid, try the next one */
+ if (pub->keyLength != tmp->pub_data_size || !(tmp->flags & CACHE_FLAG_VALID)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ /* we have a valid key with the same key size as the one we're looking for.
+ * grab the pub key data off disk and compare it. */
+
+ /* jump to the location of the public key */
+ file_offset = TSSPS_PUB_DATA_OFFSET(tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ DBG_ASSERT(tmp->pub_data_size < 2048);
+ if (tmp->pub_data_size > sizeof(tmp_buffer)) {
+ LogError("Source buffer size too big! Size: %d",
+ tmp->pub_data_size);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* read in the key */
+ if ((rc = read_data(fd, tmp_buffer, tmp->pub_data_size))) {
+ LogError("%s", __FUNCTION__);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+
+ /* do the compare */
+ if (memcmp(tmp_buffer, pub->key, tmp->pub_data_size)) {
+ tmp = tmp->next;
+ continue;
+ }
+
+ /* jump to the location of the key blob */
+ file_offset = TSSPS_BLOB_DATA_OFFSET(tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ DBG_ASSERT(tmp->blob_size < 4096);
+ if (tmp->blob_size > sizeof(tmp_buffer)) {
+ LogError("Blob size greater than 4096! Size: %d",
+ tmp->blob_size);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* read in the key blob */
+ if ((rc = read_data(fd, tmp_buffer, tmp->blob_size))) {
+ LogError("%s", __FUNCTION__);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+
+ *ret_key = malloc(tmp->blob_size);
+ if (*ret_key == NULL) {
+ LogError("malloc of %d bytes failed.", tmp->blob_size);
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ memcpy(*ret_key, tmp_buffer, tmp->blob_size);
+ *size = tmp->blob_size;
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+ MUTEX_UNLOCK(disk_cache_lock);
+ /* key not found */
+ return -2;
+}
+
+/*
+ * disk store format:
+ *
+ * TrouSerS 0.2.0 and before:
+ * Version 0: cached?
+ * [UINT32 num_keys_on_disk]
+ * [TSS_UUID uuid0 ] yes
+ * [TSS_UUID uuid_parent0 ] yes
+ * [UINT16 pub_data_size0 ] yes
+ * [UINT16 blob_size0 ] yes
+ * [UINT16 cache_flags0 ] yes
+ * [BYTE[] pub_data0 ]
+ * [BYTE[] blob0 ]
+ * [...]
+ *
+ * TrouSerS 0.2.1+
+ * Version 1: cached?
+ * [BYTE PS version = '\1']
+ * [UINT32 num_keys_on_disk ]
+ * [TSS_UUID uuid0 ] yes
+ * [TSS_UUID uuid_parent0 ] yes
+ * [UINT16 pub_data_size0 ] yes
+ * [UINT16 blob_size0 ] yes
+ * [UINT32 vendor_data_size0] yes
+ * [UINT16 cache_flags0 ] yes
+ * [BYTE[] pub_data0 ]
+ * [BYTE[] blob0 ]
+ * [BYTE[] vendor_data0 ]
+ * [...]
+ *
+ */
+TSS_RESULT
+psfile_write_key(int fd,
+ TSS_UUID *uuid,
+ TSS_UUID *parent_uuid,
+ UINT32 *parent_ps,
+ BYTE *vendor_data,
+ UINT32 vendor_size,
+ BYTE *key_blob,
+ UINT16 key_blob_size)
+{
+ TSS_KEY key;
+ UINT16 pub_key_size, cache_flags = CACHE_FLAG_VALID;
+ UINT64 offset;
+ int rc = 0;
+
+ /* leaving the cache flag for parent ps type as 0 implies TSS_PS_TYPE_USER */
+ if (*parent_ps == TSS_PS_TYPE_SYSTEM)
+ cache_flags |= CACHE_FLAG_PARENT_PS_SYSTEM;
+
+ /* Unload the blob to get the public key */
+ offset = 0;
+ if ((rc = UnloadBlob_TSS_KEY(&offset, key_blob, &key)))
+ return rc;
+
+ pub_key_size = key.pubKey.keyLength;
+
+ if ((rc = write_key_init(fd, pub_key_size, key_blob_size, vendor_size)) < 0)
+ goto done;
+
+ /* offset now holds the number of bytes from the beginning of the file
+ * the key will be stored at
+ */
+ offset = rc;
+
+#ifdef TSS_DEBUG
+ if (offset == 0)
+ LogDebug("ERROR: key being written with offset 0!!");
+#endif
+
+ /* [TSS_UUID uuid0 ] yes */
+ if ((rc = write_data(fd, (void *)uuid, sizeof(TSS_UUID)))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [TSS_UUID uuid_parent0 ] yes */
+ if ((rc = write_data(fd, (void *)parent_uuid, sizeof(TSS_UUID)))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [UINT16 pub_data_size0 ] yes */
+ pub_key_size = LE_16(pub_key_size);
+ if ((rc = write_data(fd, &pub_key_size, sizeof(UINT16)))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+ /* Swap it back for later */
+ pub_key_size = LE_16(pub_key_size);
+
+ /* [UINT16 blob_size0 ] yes */
+ key_blob_size = LE_16(key_blob_size);
+ if ((rc = write_data(fd, &key_blob_size, sizeof(UINT16)))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+ /* Swap it back for later */
+ key_blob_size = LE_16(key_blob_size);
+
+ /* [UINT32 vendor_data_size0 ] yes */
+ vendor_size = LE_32(vendor_size);
+ if ((rc = write_data(fd, &vendor_size, sizeof(UINT32)))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+ /* Swap it back for later */
+ vendor_size = LE_32(vendor_size);
+
+ /* [UINT16 cache_flags0 ] yes */
+ cache_flags = LE_16(cache_flags);
+ if ((rc = write_data(fd, &cache_flags, sizeof(UINT16)))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+ /* Swap it back for later */
+ cache_flags = LE_16(cache_flags);
+
+ /* [BYTE[] pub_data0 ] no */
+ if ((rc = write_data(fd, (void *)key.pubKey.key, pub_key_size))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [BYTE[] blob0 ] no */
+ if ((rc = write_data(fd, (void *)key_blob, key_blob_size))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [BYTE[] vendor_data0 ] no */
+ if (vendor_size > 0) {
+ if ((rc = write_data(fd, (void *)vendor_data, vendor_size))) {
+ LogError("%s", __FUNCTION__);
+ goto done;
+ }
+ }
+
+ if ((rc = cache_key((UINT32)offset, cache_flags, uuid, parent_uuid, pub_key_size,
+ key_blob_size, vendor_size)))
+ goto done;
+done:
+ destroy_key_refs(&key);
+
+ return rc;
+}
+
+TSS_RESULT
+psfile_remove_key(int fd, struct key_disk_cache *c)
+{
+ TSS_RESULT result;
+ UINT32 head_offset = 0, tail_offset, num_keys;
+ BYTE buf[4096];
+ struct stat stat_buf;
+ int rc, size = 0;
+
+ if ((rc = fstat(fd, &stat_buf)) != 0) {
+ LogError("fstat: %s", strerror(errno));
+ return TSS_E_INTERNAL_ERROR;
+ }
+
+ /* head_offset is the offset the beginning of the key */
+ head_offset = TSSPS_UUID_OFFSET(c);
+
+ /* tail_offset is the offset the beginning of the next key */
+ tail_offset = TSSPS_VENDOR_DATA_OFFSET(c) + c->vendor_data_size;
+
+ rc = lseek(fd, tail_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* read in from tail, write out to head to fill the gap */
+ while ((rc = read(fd, buf, sizeof(buf))) > 0) {
+ size = rc;
+ tail_offset += size;
+
+ /* set the file pointer to where we want to write */
+ rc = lseek(fd, head_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* write the data */
+ if ((result = write_data(fd, (void *)buf, size))) {
+ LogError("%s", __FUNCTION__);
+ return result;
+ }
+ head_offset += size;
+
+ /* set the file pointer to where we want to read in the next
+ * loop */
+ rc = lseek(fd, tail_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (rc < 0) {
+ LogError("read: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* set the file pointer to where we want to write */
+ rc = lseek(fd, head_offset, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* head_offset now contains a pointer to where we want to truncate the
+ * file. Zero out the old tail end of the file and truncate it. */
+
+ memset(buf, 0, sizeof(buf));
+
+ /* Zero out the old tail end of the file */
+ if ((result = write_data(fd, (void *)buf, tail_offset - head_offset))) {
+ LogError("%s", __FUNCTION__);
+ return result;
+ }
+
+ if ((rc = ftruncate(fd, head_offset)) < 0) {
+ LogError("ftruncate: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* we succeeded in removing a key from the disk. Decrement the number
+ * of keys in the file */
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ rc = read(fd, &num_keys, sizeof(UINT32));
+ num_keys = LE_32(num_keys);
+ if (rc != sizeof(UINT32)) {
+ LogError("read of %zd bytes: %s", sizeof(UINT32), strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t) - 1)) {
+ LogError("lseek: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* decrement, then write back out to disk */
+ num_keys--;
+
+ num_keys = LE_32(num_keys);
+ if ((result = write_data(fd, (void *)&num_keys, sizeof(UINT32)))) {
+ LogError("%s", __FUNCTION__);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc.c
new file mode 100644
index 0000000..19545c3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc.c
@@ -0,0 +1,634 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+#if (defined (__OpenBSD__) || defined (__FreeBSD__))
+#include <sys/types.h>
+#include <sys/socket.h>
+#endif
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "rpc_tcstp_tcs.h"
+
+
+/* Lock is not static because we need to reference it in the auth manager */
+MUTEX_DECLARE_INIT(tcsp_lock);
+
+
+void
+LoadBlob_Auth_Special(UINT64 *offset, BYTE *blob, TPM_AUTH *auth)
+{
+ LoadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, auth->NonceEven.nonce);
+ LoadBlob_BOOL(offset, auth->fContinueAuthSession, blob);
+ LoadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, (BYTE *)&auth->HMAC);
+}
+
+void
+UnloadBlob_Auth_Special(UINT64 *offset, BYTE *blob, TPM_AUTH *auth)
+{
+ UnloadBlob_UINT32(offset, &auth->AuthHandle, blob);
+ UnloadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, auth->NonceOdd.nonce);
+ UnloadBlob_BOOL(offset, &auth->fContinueAuthSession, blob);
+ UnloadBlob(offset, TCPA_SHA1BASED_NONCE_LEN, blob, (BYTE *)&auth->HMAC);
+}
+
+int
+recv_from_socket(int sock, void *buffer, int size)
+{
+ int recv_size = 0, recv_total = 0;
+
+ while (recv_total < size) {
+ errno = 0;
+ if ((recv_size = recv(sock, buffer+recv_total, size-recv_total, 0)) <= 0) {
+ if (recv_size < 0) {
+ if (errno == EINTR)
+ continue;
+ LogError("Socket receive connection error: %s.", strerror(errno));
+ } else {
+ LogDebug("Socket connection closed.");
+ }
+
+ return -1;
+ }
+ recv_total += recv_size;
+ }
+
+ return recv_total;
+}
+
+int
+send_to_socket(int sock, void *buffer, int size)
+{
+ int send_size = 0, send_total = 0;
+
+ while (send_total < size) {
+ if ((send_size = send(sock, buffer+send_total, size-send_total, 0)) < 0) {
+ LogError("Socket send connection error: %s.", strerror(errno));
+ return -1;
+ }
+ send_total += send_size;
+ }
+
+ return send_total;
+}
+
+
+void
+initData(struct tcsd_comm_data *comm, int parm_count)
+{
+ /* min packet size should be the size of the header */
+ memset(&comm->hdr, 0, sizeof(struct tcsd_packet_hdr));
+ comm->hdr.packet_size = sizeof(struct tcsd_packet_hdr);
+ if (parm_count > 0) {
+ comm->hdr.type_offset = sizeof(struct tcsd_packet_hdr);
+ comm->hdr.parm_offset = comm->hdr.type_offset +
+ (sizeof(TCSD_PACKET_TYPE) * parm_count);
+ comm->hdr.packet_size = comm->hdr.parm_offset;
+ }
+
+ memset(comm->buf, 0, comm->buf_size);
+}
+
+int
+loadData(UINT64 *offset, TCSD_PACKET_TYPE data_type, void *data, int data_size, BYTE *blob)
+{
+ switch (data_type) {
+ case TCSD_PACKET_TYPE_BYTE:
+ LoadBlob_BYTE(offset, *((BYTE *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_BOOL:
+ LoadBlob_BOOL(offset, *((TSS_BOOL *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_UINT16:
+ LoadBlob_UINT16(offset, *((UINT16 *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_UINT32:
+ LoadBlob_UINT32(offset, *((UINT32 *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_UINT64:
+ LoadBlob_UINT64(offset, *((UINT64 *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_PBYTE:
+ LoadBlob(offset, data_size, blob, data);
+ break;
+ case TCSD_PACKET_TYPE_NONCE:
+ LoadBlob(offset, sizeof(TCPA_NONCE), blob, ((TCPA_NONCE *)data)->nonce);
+ break;
+ case TCSD_PACKET_TYPE_DIGEST:
+ LoadBlob(offset, sizeof(TCPA_DIGEST), blob, ((TCPA_DIGEST *)data)->digest);
+ break;
+ case TCSD_PACKET_TYPE_AUTH:
+ LoadBlob_Auth_Special(offset, blob, ((TPM_AUTH *)data));
+ break;
+#ifdef TSS_BUILD_PS
+ case TCSD_PACKET_TYPE_UUID:
+ LoadBlob_UUID(offset, blob, *((TSS_UUID *)data));
+ break;
+ case TCSD_PACKET_TYPE_KM_KEYINFO:
+ LoadBlob_KM_KEYINFO(offset, blob, ((TSS_KM_KEYINFO *)data));
+ break;
+ case TCSD_PACKET_TYPE_KM_KEYINFO2:
+ LoadBlob_KM_KEYINFO2(offset, blob, ((TSS_KM_KEYINFO2 *)data));
+ break;
+ case TCSD_PACKET_TYPE_LOADKEY_INFO:
+ LoadBlob_LOADKEY_INFO(offset, blob, ((TCS_LOADKEY_INFO *)data));
+ break;
+#endif
+ case TCSD_PACKET_TYPE_ENCAUTH:
+ LoadBlob(offset, sizeof(TCPA_ENCAUTH), blob,
+ ((TCPA_ENCAUTH *)data)->authdata);
+ break;
+ case TCSD_PACKET_TYPE_VERSION:
+ LoadBlob_VERSION(offset, blob, ((TPM_VERSION *)data));
+ break;
+#ifdef TSS_BUILD_PCR_EVENTS
+ case TCSD_PACKET_TYPE_PCR_EVENT:
+ LoadBlob_PCR_EVENT(offset, blob, ((TSS_PCR_EVENT *)data));
+ break;
+#endif
+ case TCSD_PACKET_TYPE_SECRET:
+ LoadBlob(offset, sizeof(TCPA_SECRET), blob,
+ ((TCPA_SECRET *)data)->authdata);
+ break;
+ default:
+ LogError("TCSD packet type unknown! (0x%x)", data_type & 0xff);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+
+int
+setData(TCSD_PACKET_TYPE dataType,
+ unsigned int index,
+ void *theData,
+ int theDataSize,
+ struct tcsd_comm_data *comm)
+{
+ UINT64 old_offset, offset;
+ TSS_RESULT result;
+ TCSD_PACKET_TYPE *type;
+
+ /* Calculate the size of the area needed (use NULL for blob address) */
+ offset = 0;
+ if ((result = loadData(&offset, dataType, theData, theDataSize, NULL)) != TSS_SUCCESS)
+ return result;
+
+ if ((comm->hdr.packet_size + offset) > comm->buf_size) {
+ /* reallocate the buffer */
+ BYTE *buffer;
+ int buffer_size = comm->hdr.packet_size + offset;
+
+ LogDebug("Increasing communication buffer to %d bytes.", buffer_size);
+ buffer = realloc(comm->buf, buffer_size);
+ if (buffer == NULL) {
+ LogError("realloc of %d bytes failed.", buffer_size);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ comm->buf_size = buffer_size;
+ comm->buf = buffer;
+ }
+
+ offset = old_offset = comm->hdr.parm_offset + comm->hdr.parm_size;
+ if ((result = loadData(&offset, dataType, theData, theDataSize, comm->buf)) != TSS_SUCCESS)
+ return result;
+ type = (TCSD_PACKET_TYPE *)(comm->buf + comm->hdr.type_offset) + index;
+ *type = dataType;
+ comm->hdr.type_size += sizeof(TCSD_PACKET_TYPE);
+ comm->hdr.parm_size += (offset - old_offset);
+
+ comm->hdr.packet_size = offset;
+ comm->hdr.num_parms++;
+
+ return TSS_SUCCESS;
+}
+
+UINT32
+getData(TCSD_PACKET_TYPE dataType,
+ unsigned int index,
+ void *theData,
+ int theDataSize,
+ struct tcsd_comm_data *comm)
+{
+ UINT64 old_offset, offset;
+ TCSD_PACKET_TYPE *type;
+
+ if ((comm->hdr.type_offset + index) > comm->buf_size)
+ return TSS_TCP_RPC_BAD_PACKET_TYPE;
+
+ type = (comm->buf + comm->hdr.type_offset) + index;
+
+ if ((UINT32)index >= comm->hdr.num_parms || dataType != *type) {
+ LogDebug("Data type of TCS packet element %d doesn't match.", index);
+ return TSS_TCP_RPC_BAD_PACKET_TYPE;
+ }
+ old_offset = offset = comm->hdr.parm_offset;
+ switch (dataType) {
+ case TCSD_PACKET_TYPE_BYTE:
+ if (old_offset + sizeof(BYTE) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob_BYTE(&offset, (BYTE *) (theData), comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_BOOL:
+ if (old_offset + sizeof(TSS_BOOL) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob_BOOL(&offset, (TSS_BOOL *) (theData), comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_UINT16:
+ if (old_offset + sizeof(UINT16) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob_UINT16(&offset, (UINT16 *) (theData), comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_UINT32:
+ if (old_offset + sizeof(UINT32) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob_UINT32(&offset, (UINT32 *) (theData), comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_PBYTE:
+ if (old_offset + theDataSize > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob(&offset, theDataSize, comm->buf, theData);
+ break;
+ case TCSD_PACKET_TYPE_NONCE:
+ if (old_offset + sizeof(TPM_NONCE) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob(&offset, sizeof(TCPA_NONCE), comm->buf,
+ ((TCPA_NONCE *) (theData))->nonce);
+ break;
+ case TCSD_PACKET_TYPE_DIGEST:
+ if (old_offset + sizeof(TPM_DIGEST) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob(&offset, sizeof(TCPA_DIGEST), comm->buf,
+ ((TCPA_DIGEST *) (theData))->digest);
+ break;
+ case TCSD_PACKET_TYPE_AUTH:
+ if ((old_offset + sizeof(TCS_AUTHHANDLE)
+ + sizeof(TPM_BOOL)
+ + (2 * sizeof(TPM_NONCE))) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob_Auth_Special(&offset, comm->buf, ((TPM_AUTH *) theData));
+ break;
+ case TCSD_PACKET_TYPE_ENCAUTH:
+ if (old_offset + sizeof(TPM_ENCAUTH) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob(&offset, sizeof(TCPA_ENCAUTH), comm->buf,
+ ((TCPA_ENCAUTH *) theData)->authdata);
+ break;
+ case TCSD_PACKET_TYPE_VERSION:
+ if (old_offset + sizeof(TPM_VERSION) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob_VERSION(&offset, comm->buf, ((TPM_VERSION *) theData));
+ break;
+#ifdef TSS_BUILD_PS
+ case TCSD_PACKET_TYPE_KM_KEYINFO:
+ UnloadBlob_KM_KEYINFO(&old_offset, comm->buf, NULL);
+
+ if (old_offset > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ old_offset = offset;
+ UnloadBlob_KM_KEYINFO(&offset, comm->buf, ((TSS_KM_KEYINFO *)theData));
+ break;
+ case TCSD_PACKET_TYPE_LOADKEY_INFO:
+ UnloadBlob_LOADKEY_INFO(&old_offset, comm->buf, NULL);
+
+ if (old_offset > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ old_offset = offset;
+ UnloadBlob_LOADKEY_INFO(&offset, comm->buf, ((TCS_LOADKEY_INFO *)theData));
+ break;
+ case TCSD_PACKET_TYPE_UUID:
+ if (old_offset + sizeof(TSS_UUID) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob_UUID(&offset, comm->buf, (TSS_UUID *) theData);
+ break;
+#endif
+#ifdef TSS_BUILD_PCR_EVENTS
+ case TCSD_PACKET_TYPE_PCR_EVENT:
+ {
+ TSS_RESULT result;
+
+ (void)UnloadBlob_PCR_EVENT(&old_offset, comm->buf, NULL);
+
+ if (old_offset > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ old_offset = offset;
+ if ((result = UnloadBlob_PCR_EVENT(&offset, comm->buf,
+ ((TSS_PCR_EVENT *)theData))))
+ return result;
+ break;
+ }
+#endif
+ case TCSD_PACKET_TYPE_SECRET:
+ if (old_offset + sizeof(TPM_SECRET) > comm->hdr.packet_size)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ UnloadBlob(&offset, sizeof(TCPA_SECRET), comm->buf,
+ ((TCPA_SECRET *) theData)->authdata);
+ break;
+ default:
+ LogError("TCSD packet type unknown! (0x%x)", dataType & 0xff);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ comm->hdr.parm_offset = offset;
+ comm->hdr.parm_size -= (offset - old_offset);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Error(struct tcsd_thread_data *data)
+{
+ LogError("%s reached.", __FUNCTION__);
+
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = TCSERR(TSS_E_FAIL);
+
+ return TSS_SUCCESS;
+
+}
+
+/* Dispatch */
+typedef struct tdDispatchTable {
+ TSS_RESULT (*Func) (struct tcsd_thread_data *);
+ const char *name;
+} DispatchTable;
+
+DispatchTable tcs_func_table[TCSD_MAX_NUM_ORDS] = {
+ {tcs_wrap_Error,"Error"}, /* 0 */
+ {tcs_wrap_OpenContext,"OpenContext"},
+ {tcs_wrap_CloseContext,"CloseContext"},
+ {tcs_wrap_Error,"Error"},
+ {tcs_wrap_TCSGetCapability,"TCSGetCapability"},
+ {tcs_wrap_RegisterKey,"RegisterKey"}, /* 5 */
+ {tcs_wrap_UnregisterKey,"UnregisterKey"},
+ {tcs_wrap_EnumRegisteredKeys,"EnumRegisteredKeys"},
+ {tcs_wrap_Error,"Error"},
+ {tcs_wrap_GetRegisteredKeyBlob,"GetRegisteredKeyBlob"},
+ {tcs_wrap_GetRegisteredKeyByPublicInfo,"GetRegisteredKeyByPublicInfo"}, /* 10 */
+ {tcs_wrap_LoadKeyByBlob,"LoadKeyByBlob"},
+ {tcs_wrap_LoadKeyByUUID,"LoadKeyByUUID"},
+ {tcs_wrap_EvictKey,"EvictKey"},
+ {tcs_wrap_CreateWrapKey,"CreateWrapKey"},
+ {tcs_wrap_GetPubkey,"GetPubkey"}, /* 15 */
+ {tcs_wrap_MakeIdentity,"MakeIdentity"},
+ {tcs_wrap_LogPcrEvent,"LogPcrEvent"},
+ {tcs_wrap_GetPcrEvent,"GetPcrEvent"},
+ {tcs_wrap_GetPcrEventsByPcr,"GetPcrEventsByPcr"},
+ {tcs_wrap_GetPcrEventLog,"GetPcrEventLog"}, /* 20 */
+ {tcs_wrap_SetOwnerInstall,"SetOwnerInstall"},
+ {tcs_wrap_TakeOwnership,"TakeOwnership"},
+ {tcs_wrap_OIAP,"OIAP"},
+ {tcs_wrap_OSAP,"OSAP"},
+ {tcs_wrap_ChangeAuth,"ChangeAuth"}, /* 25 */
+ {tcs_wrap_ChangeAuthOwner,"ChangeAuthOwner"},
+ {tcs_wrap_Error,"Error"},
+ {tcs_wrap_Error,"Error"},
+ {tcs_wrap_TerminateHandle,"TerminateHandle"},
+ {tcs_wrap_ActivateIdentity,"ActivateIdentity"}, /* 30 */
+ {tcs_wrap_Extend,"Extend"},
+ {tcs_wrap_PcrRead,"PcrRead"},
+ {tcs_wrap_Quote,"Quote"},
+ {tcs_wrap_DirWriteAuth,"DirWriteAuth"},
+ {tcs_wrap_DirRead,"DirRead"}, /* 35 */
+ {tcs_wrap_Seal,"Seal"},
+ {tcs_wrap_UnSeal,"UnSeal"},
+ {tcs_wrap_UnBind,"UnBind"},
+ {tcs_wrap_CreateMigrationBlob,"CreateMigrationBlob"},
+ {tcs_wrap_ConvertMigrationBlob,"ConvertMigrationBlob"}, /* 40 */
+ {tcs_wrap_AuthorizeMigrationKey,"AuthorizeMigrationKey"},
+ {tcs_wrap_CertifyKey,"CertifyKey"},
+ {tcs_wrap_Sign,"Sign"},
+ {tcs_wrap_GetRandom,"GetRandom"},
+ {tcs_wrap_StirRandom,"StirRandom"}, /* 45 */
+ {tcs_wrap_GetCapability,"GetCapability"},
+ {tcs_wrap_Error,"Error"},
+ {tcs_wrap_GetCapabilityOwner,"GetCapabilityOwner"},
+ {tcs_wrap_CreateEndorsementKeyPair,"CreateEndorsementKeyPair"},
+ {tcs_wrap_ReadPubek,"ReadPubek"}, /* 50 */
+ {tcs_wrap_DisablePubekRead,"DisablePubekRead"},
+ {tcs_wrap_OwnerReadPubek,"OwnerReadPubek"},
+ {tcs_wrap_SelfTestFull,"SelfTestFull"},
+ {tcs_wrap_CertifySelfTest,"CertifySelfTest"},
+ {tcs_wrap_Error,"Error"}, /* 55 */
+ {tcs_wrap_GetTestResult,"GetTestResult"},
+ {tcs_wrap_OwnerSetDisable,"OwnerSetDisable"},
+ {tcs_wrap_OwnerClear,"OwnerClear"},
+ {tcs_wrap_DisableOwnerClear,"DisableOwnerClear"},
+ {tcs_wrap_ForceClear,"ForceClear"}, /* 60 */
+ {tcs_wrap_DisableForceClear,"DisableForceClear"},
+ {tcs_wrap_PhysicalDisable,"PhysicalDisable"},
+ {tcs_wrap_PhysicalEnable,"PhysicalEnable"},
+ {tcs_wrap_PhysicalSetDeactivated,"PhysicalSetDeactivated"},
+ {tcs_wrap_SetTempDeactivated,"SetTempDeactivated"}, /* 65 */
+ {tcs_wrap_PhysicalPresence,"PhysicalPresence"},
+ {tcs_wrap_FieldUpgrade,"FieldUpgrade"},
+ {tcs_wrap_Error,"Error"},
+ {tcs_wrap_CreateMaintenanceArchive,"CreateMaintenanceArchive"},
+ {tcs_wrap_LoadMaintenanceArchive,"LoadMaintenanceArchive"}, /* 70 */
+ {tcs_wrap_KillMaintenanceFeature,"KillMaintenanceFeature"},
+ {tcs_wrap_LoadManuMaintPub,"LoadManuMaintPub"},
+ {tcs_wrap_ReadManuMaintPub,"ReadManuMaintPub"},
+ {tcs_wrap_DaaJoin,"DaaJoin"},
+ {tcs_wrap_DaaSign,"DaaSign"}, /* 75 */
+ {tcs_wrap_SetCapability,"SetCapability"},
+ {tcs_wrap_ResetLockValue,"ResetLockValue"},
+ {tcs_wrap_PcrReset,"PcrReset"},
+ {tcs_wrap_ReadCounter,"ReadCounter"},
+ {tcs_wrap_CreateCounter,"CreateCounter"}, /* 80 */
+ {tcs_wrap_IncrementCounter,"IncrementCounter"},
+ {tcs_wrap_ReleaseCounter,"ReleaseCounter"},
+ {tcs_wrap_ReleaseCounterOwner,"ReleaseCounterOwner"},
+ {tcs_wrap_ReadCurrentTicks,"ReadCurrentTicks"},
+ {tcs_wrap_TickStampBlob,"TicksStampBlob"}, /* 85 */
+ {tcs_wrap_GetCredential,"GetCredential"},
+ {tcs_wrap_NV_DefineOrReleaseSpace,"NVDefineOrReleaseSpace"},
+ {tcs_wrap_NV_WriteValue,"NVWriteValue"},
+ {tcs_wrap_NV_WriteValueAuth,"NVWriteValueAuth"},
+ {tcs_wrap_NV_ReadValue,"NVReadValue"}, /* 90 */
+ {tcs_wrap_NV_ReadValueAuth,"NVReadValueAuth"},
+ {tcs_wrap_EstablishTransport,"EstablishTransport"},
+ {tcs_wrap_ExecuteTransport,"ExecuteTransport"},
+ {tcs_wrap_ReleaseTransportSigned,"ReleaseTransportSigned"},
+ {tcs_wrap_SetOrdinalAuditStatus,"SetOrdinalAuditStatus"}, /* 95 */
+ {tcs_wrap_GetAuditDigest,"GetAuditDigest"},
+ {tcs_wrap_GetAuditDigestSigned,"GetAuditDigestSigned"},
+ {tcs_wrap_Sealx,"Sealx"},
+ {tcs_wrap_SetOperatorAuth,"SetOperatorAuth"},
+ {tcs_wrap_OwnerReadInternalPub,"OwnerReadInternalPub"}, /* 100 */
+ {tcs_wrap_EnumRegisteredKeys2,"EnumRegisteredKeys2"},
+ {tcs_wrap_SetTempDeactivated2,"SetTempDeactivated2"},
+ {tcs_wrap_Delegate_Manage,"Delegate_Manage"},
+ {tcs_wrap_Delegate_CreateKeyDelegation,"Delegate_CreateKeyDelegation"},
+ {tcs_wrap_Delegate_CreateOwnerDelegation,"Delegate_CreateOwnerDelegation"}, /* 105 */
+ {tcs_wrap_Delegate_LoadOwnerDelegation,"Delegate_LoadOwnerDelegation"},
+ {tcs_wrap_Delegate_ReadTable,"Delegate_ReadTable"},
+ {tcs_wrap_Delegate_UpdateVerificationCount,"Delegate_UpdateVerificationCount"},
+ {tcs_wrap_Delegate_VerifyDelegation,"Delegate_VerifyDelegation"},
+ {tcs_wrap_CreateRevocableEndorsementKeyPair,"CreateRevocableEndorsementKeyPair"}, /* 110 */
+ {tcs_wrap_RevokeEndorsementKeyPair,"RevokeEndorsementKeyPair"},
+ {tcs_wrap_Error,"Error - was MakeIdentity2"},
+ {tcs_wrap_Quote2,"Quote2"},
+ {tcs_wrap_CMK_SetRestrictions,"CMK_SetRestrictions"},
+ {tcs_wrap_CMK_ApproveMA,"CMK_ApproveMA"}, /* 115 */
+ {tcs_wrap_CMK_CreateKey,"CMK_CreateKey"},
+ {tcs_wrap_CMK_CreateTicket,"CMK_CreateTicket"},
+ {tcs_wrap_CMK_CreateBlob,"CMK_CreateBlob"},
+ {tcs_wrap_CMK_ConvertMigration,"CMK_ConvertMigration"},
+ {tcs_wrap_FlushSpecific,"FlushSpecific"}, /* 120 */
+ {tcs_wrap_KeyControlOwner, "KeyControlOwner"},
+ {tcs_wrap_DSAP, "DSAP"}
+};
+
+int
+access_control(struct tcsd_thread_data *thread_data)
+{
+ int i = 0;
+ int is_localhost;
+ struct sockaddr_storage sas;
+ struct sockaddr *sa;
+ socklen_t sas_len = sizeof(sas);
+
+ if (!getpeername(thread_data->sock, (struct sockaddr *)&sas, &sas_len)) {
+ LogError("Error retrieving local socket address: %s", strerror(errno));
+ return 1;
+ }
+
+ sa = (struct sockaddr *)&sas;
+
+ is_localhost = 0;
+ // Check if it's localhost for both inet protocols
+ if (sa->sa_family == AF_INET) {
+ struct sockaddr_in *sa_in = (struct sockaddr_in *)sa;
+ uint32_t nloopaddr = htonl(INADDR_LOOPBACK);
+ if (memcmp(&sa_in->sin_addr.s_addr, &nloopaddr,
+ sizeof(struct sockaddr_in)) == 0) {
+ is_localhost = 1;
+ }
+ } else if (sa->sa_family == AF_INET6) {
+ struct sockaddr_in6 *sa_in6 = (struct sockaddr_in6 *)sa;
+ if (memcmp(&sa_in6->sin6_addr.s6_addr, &in6addr_loopback,
+ sizeof(struct sockaddr_in6)) == 0) {
+ is_localhost = 1;
+ }
+ } else if (sa->sa_family == AF_UNIX) {
+ is_localhost = 1;
+ }
+
+ /* if the request comes from localhost, or is in the accepted ops list,
+ * approve it */
+ if (is_localhost) {
+ return 0;
+ } else {
+ while (tcsd_options.remote_ops[i]) {
+ if ((UINT32)tcsd_options.remote_ops[i] == thread_data->comm.hdr.u.ordinal) {
+ LogInfo("Accepted %s operation from %s",
+ tcs_func_table[thread_data->comm.hdr.u.ordinal].name,
+ thread_data->hostname);
+ return 0;
+ }
+ i++;
+ }
+ }
+
+ return 1;
+}
+
+TSS_RESULT
+dispatchCommand(struct tcsd_thread_data *data)
+{
+ UINT64 offset;
+ TSS_RESULT result;
+
+ /* First, check the ordinal bounds */
+ if (data->comm.hdr.u.ordinal >= TCSD_MAX_NUM_ORDS) {
+ LogError("Illegal TCSD Ordinal");
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ LogDebug("Dispatching ordinal %u (%s)", data->comm.hdr.u.ordinal,
+ tcs_func_table[data->comm.hdr.u.ordinal].name);
+ /* We only need to check access_control if there are remote operations that are defined
+ * in the config file, which means we allow remote connections */
+ if (tcsd_options.remote_ops[0] && access_control(data)) {
+ LogWarn("Denied %s operation from %s",
+ tcs_func_table[data->comm.hdr.u.ordinal].name, data->hostname);
+
+ /* set platform header */
+ memset(&data->comm.hdr, 0, sizeof(data->comm.hdr));
+ data->comm.hdr.packet_size = sizeof(struct tcsd_packet_hdr);
+ data->comm.hdr.u.result = TCSERR(TSS_E_FAIL);
+
+ /* set the comm buffer */
+ memset(data->comm.buf, 0, data->comm.buf_size);
+ offset = 0;
+ LoadBlob_UINT32(&offset, data->comm.hdr.packet_size, data->comm.buf);
+ LoadBlob_UINT32(&offset, data->comm.hdr.u.result, data->comm.buf);
+
+ return TSS_SUCCESS;
+ }
+
+ /* Now, dispatch */
+ if ((result = tcs_func_table[data->comm.hdr.u.ordinal].Func(data)) == TSS_SUCCESS) {
+ /* set the comm buffer */
+ offset = 0;
+ LoadBlob_UINT32(&offset, data->comm.hdr.packet_size, data->comm.buf);
+ LoadBlob_UINT32(&offset, data->comm.hdr.u.result, data->comm.buf);
+ LoadBlob_UINT32(&offset, data->comm.hdr.num_parms, data->comm.buf);
+ LoadBlob_UINT32(&offset, data->comm.hdr.type_size, data->comm.buf);
+ LoadBlob_UINT32(&offset, data->comm.hdr.type_offset, data->comm.buf);
+ LoadBlob_UINT32(&offset, data->comm.hdr.parm_size, data->comm.buf);
+ LoadBlob_UINT32(&offset, data->comm.hdr.parm_offset, data->comm.buf);
+ }
+
+ return result;
+
+}
+
+TSS_RESULT
+getTCSDPacket(struct tcsd_thread_data *data)
+{
+ if (data->comm.hdr.packet_size !=
+ (UINT32)(data->comm.hdr.parm_offset + data->comm.hdr.parm_size)) {
+ LogError("Invalid packet received by TCSD");
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* dispatch the command to the TCS */
+ return dispatchCommand(data);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_admin.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_admin.c
new file mode 100644
index 0000000..0e07ee9
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_admin.c
@@ -0,0 +1,503 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_PhysicalSetDeactivated(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_BOOL state;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_BOOL, 1, &state, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_PhysicalSetDeactivated_Internal(hContext, state);
+
+ MUTEX_UNLOCK(tcsp_lock);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_DisableOwnerClear(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TPM_AUTH auth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DisableOwnerClear_Internal(hContext, &auth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ForceClear(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ForceClear_Internal(hContext);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_DisableForceClear(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DisableForceClear_Internal(hContext);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_PhysicalEnable(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_PhysicalEnable_Internal(hContext);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_SetOwnerInstall(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_BOOL state;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_BOOL, 1, &state, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_SetOwnerInstall_Internal(hContext, state);
+
+ MUTEX_UNLOCK(tcsp_lock);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_OwnerSetDisable(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_BOOL disableState;
+ TPM_AUTH ownerAuth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_BOOL, 1, &disableState, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_OwnerSetDisable_Internal(hContext, disableState, &ownerAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_PhysicalDisable(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_PhysicalDisable_Internal(hContext);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_PhysicalPresence(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TCPA_PHYSICAL_PRESENCE phyPresFlags;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT16, 1, &phyPresFlags, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_PhysicalPresence_Internal(hContext, phyPresFlags);
+
+ MUTEX_UNLOCK(tcsp_lock);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_SetTempDeactivated(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_SetTempDeactivated_Internal(hContext);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+tcs_wrap_SetTempDeactivated2(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_AUTH operatorAuth, nullAuth, *pAuth;
+ TSS_RESULT result;
+
+ memset(&operatorAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &operatorAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (memcmp(&nullAuth, &operatorAuth, sizeof(TPM_AUTH)))
+ pAuth = &operatorAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_SetTempDeactivated2_Internal(hContext, pAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ResetLockValue(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_AUTH ownerAuth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ResetLockValue_Internal(hContext, &ownerAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_FlushSpecific(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_HANDLE hResHandle;
+ TPM_RESOURCE_TYPE resourceType;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hResHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &resourceType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_FlushSpecific_Internal(hContext, hResHandle, resourceType);
+
+ MUTEX_UNLOCK(tcsp_lock);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_FieldUpgrade(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ UINT32 dataInSize;
+ BYTE* dataIn;
+ UINT32 dataOutSize;
+ BYTE* dataOut = NULL;
+ TPM_AUTH ownerAuth;
+ TPM_AUTH* pOwnerAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &dataInSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ dataIn = (BYTE *)malloc(dataInSize);
+ if (dataIn == NULL) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, dataIn, dataInSize, &data->comm)) {
+ free(dataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) {
+ pOwnerAuth = NULL;
+ } else {
+ pOwnerAuth = &ownerAuth;
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_FieldUpgrade_Internal(hContext, dataInSize, dataIn, &dataOutSize,
+ &dataOut, pOwnerAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(dataIn);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &dataOutSize, 0, &data->comm)) {
+ free(dataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, dataOut, dataOutSize, &data->comm)) {
+ free(dataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(dataOut);
+
+ if (pOwnerAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 2, pOwnerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ data->comm.hdr.u.result = TSS_SUCCESS;
+ return TSS_SUCCESS;
+ }
+
+done: free(dataOut);
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_aik.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_aik.c
new file mode 100644
index 0000000..08b2948
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_aik.c
@@ -0,0 +1,294 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_MakeIdentity(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_ENCAUTH identityAuth;
+ TCPA_CHOSENID_HASH privCAHash;
+ UINT32 idKeyInfoSize;
+ BYTE *idKeyInfo = NULL;
+
+ TPM_AUTH auth1, auth2;
+ TPM_AUTH *pSRKAuth, *pOwnerAuth;
+
+ UINT32 idKeySize;
+ BYTE *idKey = NULL;
+ UINT32 pcIDBindSize;
+ BYTE *prgbIDBind = NULL;
+ UINT32 pcECSize;
+ BYTE *prgbEC = NULL;
+ UINT32 pcPlatCredSize;
+ BYTE *prgbPlatCred = NULL;
+ UINT32 pcConfCredSize;
+ BYTE *prgbConfCred = NULL;
+ TSS_RESULT result;
+
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 1, &identityAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &privCAHash, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &idKeyInfoSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ idKeyInfo = (BYTE *) calloc(1, idKeyInfoSize);
+ if (idKeyInfo == NULL) {
+ LogError("malloc of %d bytes failed.", idKeyInfoSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, idKeyInfo, idKeyInfoSize, &data->comm)) {
+ free(idKeyInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 5, &auth1, 0, &data->comm)) {
+ free(idKeyInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 6, &auth2, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) {
+ pOwnerAuth = &auth1;
+ pSRKAuth = NULL;
+ } else if (result) {
+ free(idKeyInfo);
+ return result;
+ } else {
+ pOwnerAuth = &auth2;
+ pSRKAuth = &auth1;
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_MakeIdentity_Internal(hContext, identityAuth, privCAHash,
+ idKeyInfoSize, idKeyInfo, pSRKAuth,
+ pOwnerAuth, &idKeySize, &idKey,
+ &pcIDBindSize, &prgbIDBind, &pcECSize,
+ &prgbEC, &pcPlatCredSize, &prgbPlatCred,
+ &pcConfCredSize, &prgbConfCred);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(idKeyInfo);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 12);
+ if (pSRKAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pSRKAuth, 0, &data->comm))
+ goto internal_error;
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &idKeySize, 0, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, idKey, idKeySize, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcIDBindSize, 0, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbIDBind, pcIDBindSize, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcECSize, 0, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbEC, pcECSize, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcPlatCredSize, 0, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbPlatCred, pcPlatCredSize, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcConfCredSize, 0, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbConfCred, pcConfCredSize, &data->comm))
+ goto internal_error;
+
+ free(idKey);
+ free(prgbIDBind);
+ free(prgbEC);
+ free(prgbPlatCred);
+ free(prgbConfCred);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+
+internal_error:
+ free(idKey);
+ free(prgbIDBind);
+ free(prgbEC);
+ free(prgbPlatCred);
+ free(prgbConfCred);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+}
+
+TSS_RESULT
+tcs_wrap_ActivateIdentity(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE idKeyHandle;
+ TPM_AUTH *pIdKeyAuth = NULL, *pOwnerAuth = NULL, auth1, auth2;
+ UINT32 SymmetricKeySize, blobSize;
+ BYTE *SymmetricKey, *blob;
+ TSS_RESULT result;
+ UINT32 i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idKeyHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &blobSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((blob = malloc(blobSize)) == NULL)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, blob, blobSize, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &auth1, 0, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 5, &auth2, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pOwnerAuth = &auth1;
+ else if (result) {
+ free(blob);
+ return result;
+ } else {
+ pIdKeyAuth = &auth1;
+ pOwnerAuth = &auth2;
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ActivateTPMIdentity_Internal(hContext, idKeyHandle, blobSize,
+ blob, pIdKeyAuth, pOwnerAuth,
+ &SymmetricKeySize,
+ &SymmetricKey);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(blob);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 4);
+ if (pIdKeyAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pIdKeyAuth, 0, &data->comm)) {
+ free(SymmetricKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) {
+ free(SymmetricKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &SymmetricKeySize, 0, &data->comm)) {
+ free(SymmetricKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, SymmetricKey, SymmetricKeySize, &data->comm)) {
+ free(SymmetricKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(SymmetricKey);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+tcs_wrap_GetCredential(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 CredType;
+ UINT32 CredAccessMode;
+ UINT32 CredSize;
+ BYTE *CredData = NULL;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &CredType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &CredAccessMode, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ result = TCS_GetCredential_Internal(hContext, CredType, CredAccessMode,
+ &CredSize, &CredData);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &CredSize, 0, &data->comm))
+ goto internal_error;
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, CredData, CredSize, &data->comm))
+ goto internal_error;
+
+ free(CredData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+
+internal_error:
+ free(CredData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+}
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_audit.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_audit.c
new file mode 100644
index 0000000..4682d63
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_audit.c
@@ -0,0 +1,239 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_SetOrdinalAuditStatus(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_AUTH ownerAuth;
+ UINT32 ulOrdinal;
+ TSS_BOOL bAuditState;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &ulOrdinal, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_BOOL, 2, &bAuditState, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_SetOrdinalAuditStatus_Internal(hContext, &ownerAuth, ulOrdinal, bAuditState);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetAuditDigest(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 startOrdinal;
+ TPM_DIGEST auditDigest;
+ UINT32 counterValueSize;
+ BYTE *counterValue;
+ TSS_BOOL more;
+ UINT32 ordSize;
+ UINT32 *ordList;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &startOrdinal, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_GetAuditDigest_Internal(hContext, startOrdinal, &auditDigest, &counterValueSize, &counterValue,
+ &more, &ordSize, &ordList);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 6);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &auditDigest, 0, &data->comm)) {
+ free(counterValue);
+ free(ordList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &counterValueSize, 0, &data->comm)) {
+ free(counterValue);
+ free(ordList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, counterValue, counterValueSize, &data->comm)) {
+ free(counterValue);
+ free(ordList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(counterValue);
+ if (setData(TCSD_PACKET_TYPE_BOOL, 3, &more, 0, &data->comm)) {
+ free(ordList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 4, &ordSize, 0, &data->comm)) {
+ free(ordList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 5, ordList, ordSize * sizeof(UINT32), &data->comm)) {
+ free(ordList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(ordList);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetAuditDigestSigned(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE keyHandle;
+ TSS_BOOL closeAudit;
+ TPM_NONCE antiReplay;
+ TPM_AUTH privAuth, nullAuth, *pAuth;
+ UINT32 counterValueSize;
+ BYTE *counterValue;
+ TPM_DIGEST auditDigest;
+ TPM_DIGEST ordinalDigest;
+ UINT32 sigSize;
+ BYTE *sig;
+ TSS_RESULT result;
+ int i;
+
+ memset(&privAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &keyHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_BOOL, 2, &closeAudit, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 3, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &privAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (memcmp(&nullAuth, &privAuth, sizeof(TPM_AUTH)))
+ pAuth = &privAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_GetAuditDigestSigned_Internal(hContext, keyHandle, closeAudit, antiReplay,
+ pAuth, &counterValueSize, &counterValue,
+ &auditDigest, &ordinalDigest,
+ &sigSize, &sig);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 7);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(counterValue);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &counterValueSize, 0, &data->comm)) {
+ free(counterValue);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, counterValue, counterValueSize, &data->comm)) {
+ free(counterValue);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(counterValue);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, i++, &auditDigest, 0, &data->comm)) {
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_DIGEST, i++, &ordinalDigest, 0, &data->comm)) {
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) {
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) {
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(sig);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_auth.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_auth.c
new file mode 100644
index 0000000..3307928
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_auth.c
@@ -0,0 +1,119 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_OIAP(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_AUTHHANDLE authHandle;
+ TCPA_NONCE n0;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = auth_mgr_oiap(hContext, &authHandle, &n0);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &authHandle, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_NONCE, 1, &n0, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_OSAP(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_ENTITY_TYPE entityType;
+ UINT32 entityValue;
+ TCPA_NONCE nonceOddOSAP;
+
+ TCS_AUTHHANDLE authHandle;
+ TCPA_NONCE nonceEven;
+ TCPA_NONCE nonceEvenOSAP;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT16, 1, &entityType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &entityValue, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 3, &nonceOddOSAP, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = auth_mgr_osap(hContext, entityType, entityValue, nonceOddOSAP,
+ &authHandle, &nonceEven, &nonceEvenOSAP);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &authHandle, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_NONCE, 1, &nonceEven, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_NONCE, 2, &nonceEvenOSAP, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_bind.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_bind.c
new file mode 100644
index 0000000..19bc527
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_bind.c
@@ -0,0 +1,108 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_UnBind(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE keyHandle;
+ UINT32 inDataSize;
+ BYTE *inData;
+
+ TPM_AUTH privAuth;
+ TPM_AUTH *pPrivAuth;
+
+ UINT32 outDataSize;
+ BYTE *outData;
+ TSS_RESULT result;
+
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &keyHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ inData = calloc(1, inDataSize);
+ if (inData == NULL) {
+ LogError("malloc of %u bytes failed.", inDataSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) {
+ free(inData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 4, &privAuth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pPrivAuth = NULL;
+ else if (result) {
+ free(inData);
+ return result;
+ } else
+ pPrivAuth = &privAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_UnBind_Internal(hContext, keyHandle, inDataSize, inData,
+ pPrivAuth, &outDataSize, &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(inData);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pPrivAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_caps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_caps.c
new file mode 100644
index 0000000..10d66fc
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_caps.c
@@ -0,0 +1,84 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_TCSGetCapability(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_CAPABILITY_AREA capArea;
+ UINT32 subCapSize;
+ BYTE *subCap;
+ UINT32 respSize;
+ BYTE *resp;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ subCap = calloc(1, subCapSize);
+ if (subCap == NULL) {
+ LogError("malloc of %u bytes failed.", subCapSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &data->comm)) {
+ free(subCap);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = TCS_GetCapability_Internal(hContext, capArea, subCapSize, subCap,
+ &respSize, &resp);
+ free(subCap);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &respSize, 0, &data->comm)) {
+ free(resp);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, resp, respSize, &data->comm)) {
+ free(resp);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(resp);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_caps_tpm.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_caps_tpm.c
new file mode 100644
index 0000000..46116e2
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_caps_tpm.c
@@ -0,0 +1,229 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_GetCapability(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_CAPABILITY_AREA capArea;
+ UINT32 subCapSize;
+ BYTE *subCap;
+ UINT32 respSize;
+ BYTE *resp;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ldd context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (subCapSize == 0)
+ subCap = NULL;
+ else {
+ subCap = calloc(1, subCapSize);
+ if (subCap == NULL) {
+ LogError("malloc of %u bytes failed.", subCapSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &data->comm)) {
+ free(subCap);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_GetCapability_Internal(hContext, capArea, subCapSize, subCap, &respSize,
+ &resp);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(subCap);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &respSize, 0, &data->comm)) {
+ free(resp);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, resp, respSize, &data->comm)) {
+ free(resp);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(resp);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetCapabilityOwner(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_AUTH ownerAuth;
+ TCPA_VERSION version;
+ UINT32 nonVol;
+ UINT32 vol;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_GetCapabilityOwner_Internal(hContext, &ownerAuth, &version, &nonVol, &vol);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 4);
+ if (setData(TCSD_PACKET_TYPE_VERSION, 0, &version, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &nonVol, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &vol, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_SetCapability(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_CAPABILITY_AREA capArea;
+ UINT32 subCapSize;
+ BYTE *subCap;
+ UINT32 valueSize;
+ BYTE *value;
+ TSS_RESULT result;
+ TPM_AUTH ownerAuth, *pOwnerAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (subCapSize == 0)
+ subCap = NULL;
+ else {
+ subCap = calloc(1, subCapSize);
+ if (subCap == NULL) {
+ LogError("malloc of %u bytes failed.", subCapSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &data->comm)) {
+ free(subCap);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &valueSize, 0, &data->comm)) {
+ free(subCap);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (valueSize == 0)
+ value = NULL;
+ else {
+ value = calloc(1, valueSize);
+ if (value == NULL) {
+ free(subCap);
+ LogError("malloc of %u bytes failed.", valueSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, value, valueSize, &data->comm)) {
+ free(subCap);
+ free(value);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 6, &ownerAuth, 0, &data->comm))
+ pOwnerAuth = NULL;
+ else
+ pOwnerAuth = &ownerAuth;
+
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_SetCapability_Internal(hContext, capArea, subCapSize, subCap, valueSize,
+ value, pOwnerAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(subCap);
+ free(value);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (pOwnerAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pOwnerAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_certify.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_certify.c
new file mode 100644
index 0000000..905c84f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_certify.c
@@ -0,0 +1,123 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_CertifyKey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE certHandle, keyHandle;
+ TPM_AUTH *pCertAuth = NULL, *pKeyAuth = NULL, certAuth, keyAuth, nullAuth;
+ UINT32 CertifyInfoSize, outDataSize;
+ BYTE *CertifyInfo, *outData;
+ TCPA_NONCE antiReplay;
+ TSS_RESULT result;
+ UINT32 i;
+
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+ memset(&certAuth, 0, sizeof(TPM_AUTH));
+ memset(&keyAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &certHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &keyHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 3, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &certAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 5, &keyAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (memcmp(&nullAuth, &certAuth, sizeof(TPM_AUTH)))
+ pCertAuth = &certAuth;
+
+ if (memcmp(&nullAuth, &keyAuth, sizeof(TPM_AUTH)))
+ pKeyAuth = &keyAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CertifyKey_Internal(hContext, certHandle, keyHandle, antiReplay, pCertAuth,
+ pKeyAuth, &CertifyInfoSize, &CertifyInfo, &outDataSize,
+ &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 6);
+ if (pCertAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pCertAuth, 0, &data->comm)) {
+ free(CertifyInfo);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (pKeyAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pKeyAuth, 0, &data->comm)) {
+ free(CertifyInfo);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &CertifyInfoSize, 0, &data->comm)) {
+ free(CertifyInfo);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, CertifyInfo, CertifyInfoSize, &data->comm)) {
+ free(CertifyInfo);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(CertifyInfo);
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_changeauth.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_changeauth.c
new file mode 100644
index 0000000..08a0934
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_changeauth.c
@@ -0,0 +1,164 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_ChangeAuth(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE parentHandle;
+ TCPA_PROTOCOL_ID protocolID;
+ TCPA_ENCAUTH newAuth;
+ TCPA_ENTITY_TYPE entityType;
+ UINT32 encDataSize;
+ BYTE *encData;
+
+ TPM_AUTH ownerAuth;
+ TPM_AUTH entityAuth;
+
+ UINT32 outDataSize;
+ BYTE *outData;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT16, 2, &protocolID, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &newAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT16, 4, &entityType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 5, &encDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ encData = calloc(1, encDataSize);
+ if (encData == NULL) {
+ LogError("malloc of %d bytes failed.", encDataSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 6, encData, encDataSize, &data->comm)) {
+ free(encData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 7, &ownerAuth, 0, &data->comm)) {
+ free(encData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 8, &entityAuth, 0, &data->comm)) {
+ free(encData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ChangeAuth_Internal(hContext, parentHandle, protocolID, newAuth, entityType,
+ encDataSize, encData, &ownerAuth, &entityAuth,
+ &outDataSize, &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(encData);
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 4);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, &entityAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &outDataSize, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 3, outData, outDataSize, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ChangeAuthOwner(struct tcsd_thread_data *data)
+{
+
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_PROTOCOL_ID protocolID;
+ TCPA_ENCAUTH newAuth;
+ TCPA_ENTITY_TYPE entityType;
+
+ TPM_AUTH ownerAuth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT16, 1, &protocolID, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 2, &newAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT16, 3, &entityType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ChangeAuthOwner_Internal(hContext, protocolID, newAuth, entityType,
+ &ownerAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_cmk.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_cmk.c
new file mode 100644
index 0000000..e2a0142
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_cmk.c
@@ -0,0 +1,635 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_CMK_SetRestrictions(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_CMK_DELEGATE restriction;
+ TPM_AUTH ownerAuth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &restriction, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CMK_SetRestrictions_Internal(hContext, restriction, &ownerAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CMK_ApproveMA(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_DIGEST migAuthorityDigest;
+ TPM_AUTH ownerAuth;
+ TPM_HMAC migAuthorityApproval;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 1, &migAuthorityDigest, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CMK_ApproveMA_Internal(hContext, migAuthorityDigest, &ownerAuth,
+ &migAuthorityApproval);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 1, &migAuthorityApproval, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CMK_CreateKey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TPM_ENCAUTH keyUsageAuth;
+ TPM_HMAC migAuthorityApproval;
+ TPM_DIGEST migAuthorityDigest;
+ UINT32 keyDataSize;
+ BYTE *keyData;
+ TPM_AUTH parentAuth, nullAuth, *pAuth;
+ TSS_RESULT result;
+
+ memset(&parentAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 2, &keyUsageAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &migAuthorityApproval, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 4, &migAuthorityDigest, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 5, &keyDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ keyData = malloc(keyDataSize);
+ if (keyData == NULL) {
+ LogError("malloc of %u bytes failed.", keyDataSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 6, keyData, keyDataSize, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 7, &parentAuth, 0, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &parentAuth, sizeof(TPM_AUTH)))
+ pAuth = &parentAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CMK_CreateKey_Internal(hContext, hKey, keyUsageAuth, migAuthorityApproval,
+ migAuthorityDigest, &keyDataSize, &keyData, pAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &keyDataSize, 0, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, keyData, keyDataSize, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(keyData);
+
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 2, pAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CMK_CreateTicket(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 publicVerifyKeySize;
+ BYTE *publicVerifyKey;
+ TPM_DIGEST signedData;
+ UINT32 sigValueSize;
+ BYTE *sigValue;
+ TPM_AUTH ownerAuth;
+ TPM_HMAC sigTicket;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &publicVerifyKeySize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ publicVerifyKey = malloc(publicVerifyKeySize);
+ if (publicVerifyKey == NULL) {
+ LogError("malloc of %u bytes failed.", publicVerifyKeySize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, publicVerifyKey, publicVerifyKeySize, &data->comm)) {
+ free(publicVerifyKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &signedData, 0, &data->comm)) {
+ free(publicVerifyKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &sigValueSize, 0, &data->comm)) {
+ free(publicVerifyKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ sigValue = malloc(sigValueSize);
+ if (sigValue == NULL) {
+ LogError("malloc of %u bytes failed.", sigValueSize);
+ free(publicVerifyKey);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, sigValue, sigValueSize, &data->comm)) {
+ free(publicVerifyKey);
+ free(sigValue);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 6, &ownerAuth, 0, &data->comm)) {
+ free(publicVerifyKey);
+ free(sigValue);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CMK_CreateTicket_Internal(hContext, publicVerifyKeySize, publicVerifyKey,
+ signedData, sigValueSize, sigValue, &ownerAuth, &sigTicket);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(publicVerifyKey);
+ free(sigValue);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 1, &sigTicket, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CMK_CreateBlob(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ UINT16 migrationType;
+ UINT32 migKeyAuthSize;
+ BYTE *migKeyAuth;
+ TPM_DIGEST pubSourceKeyDigest;
+ UINT32 msaListSize, restrictTicketSize, sigTicketSize, encDataSize;
+ BYTE *msaList, *restrictTicket, *sigTicket, *encData;
+ TPM_AUTH parentAuth, nullAuth, *pAuth;
+ UINT32 randomSize, outDataSize;
+ BYTE *random, *outData;
+ TSS_RESULT result;
+ int i;
+
+ memset(&parentAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT16, 2, &migrationType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &migKeyAuthSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ migKeyAuth = malloc(migKeyAuthSize);
+ if (migKeyAuth == NULL) {
+ LogError("malloc of %u bytes failed.", migKeyAuthSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, migKeyAuth, migKeyAuthSize, &data->comm)) {
+ free(migKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 5, &pubSourceKeyDigest, 0, &data->comm)) {
+ free(migKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 6, &msaListSize, 0, &data->comm)) {
+ free(migKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ msaList = malloc(msaListSize);
+ if (msaList == NULL) {
+ LogError("malloc of %u bytes failed.", msaListSize);
+ free(migKeyAuth);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 7, msaList, msaListSize, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 8, &restrictTicketSize, 0, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ restrictTicket = malloc(restrictTicketSize);
+ if (restrictTicket == NULL) {
+ LogError("malloc of %u bytes failed.", restrictTicketSize);
+ free(migKeyAuth);
+ free(msaList);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 9, restrictTicket, restrictTicketSize, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 10, &sigTicketSize, 0, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ sigTicket = malloc(sigTicketSize);
+ if (sigTicket == NULL) {
+ LogError("malloc of %u bytes failed.", sigTicketSize);
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 11, sigTicket, sigTicketSize, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ free(sigTicket);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 12, &encDataSize, 0, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ free(sigTicket);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ encData = malloc(encDataSize);
+ if (encData == NULL) {
+ LogError("malloc of %u bytes failed.", encDataSize);
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ free(sigTicket);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 13, encData, encDataSize, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ free(sigTicket);
+ free(encData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 14, &parentAuth, 0, &data->comm)) {
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ free(sigTicket);
+ free(encData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &parentAuth, sizeof(TPM_AUTH)))
+ pAuth = &parentAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CMK_CreateBlob_Internal(hContext, hKey, migrationType, migKeyAuthSize,
+ migKeyAuth, pubSourceKeyDigest, msaListSize, msaList, restrictTicketSize,
+ restrictTicket, sigTicketSize, sigTicket, encDataSize, encData, pAuth,
+ &randomSize, &random, &outDataSize, &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(migKeyAuth);
+ free(msaList);
+ free(restrictTicket);
+ free(sigTicket);
+ free(encData);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 5);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &randomSize, 0, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, random, randomSize, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(random);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CMK_ConvertMigration(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TPM_CMK_AUTH restrictTicket;
+ TPM_HMAC sigTicket;
+ UINT32 keyDataSize, msaListSize, randomSize;
+ BYTE *keyData, *msaList, *random;
+ TPM_AUTH parentAuth, nullAuth, *pAuth;
+ UINT32 outDataSize;
+ BYTE *outData;
+ TSS_RESULT result;
+ int i;
+
+ memset(&parentAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, &restrictTicket, sizeof(restrictTicket), &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &sigTicket, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &keyDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ keyData = malloc(keyDataSize);
+ if (keyData == NULL) {
+ LogError("malloc of %u bytes failed.", keyDataSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, keyData, keyDataSize, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 6, &msaListSize, 0, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ msaList = malloc(msaListSize);
+ if (msaList == NULL) {
+ LogError("malloc of %u bytes failed.", msaListSize);
+ free(keyData);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 7, msaList, msaListSize, &data->comm)) {
+ free(keyData);
+ free(msaList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 8, &randomSize, 0, &data->comm)) {
+ free(keyData);
+ free(msaList);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ random = malloc(randomSize);
+ if (random == NULL) {
+ LogError("malloc of %u bytes failed.", randomSize);
+ free(keyData);
+ free(msaList);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 9, random, randomSize, &data->comm)) {
+ free(keyData);
+ free(msaList);
+ free(random);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 10, &parentAuth, 0, &data->comm)) {
+ free(keyData);
+ free(msaList);
+ free(random);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &parentAuth, sizeof(TPM_AUTH)))
+ pAuth = &parentAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CMK_ConvertMigration_Internal(hContext, hKey, restrictTicket, sigTicket,
+ keyDataSize, keyData, msaListSize, msaList, randomSize, random,
+ pAuth, &outDataSize, &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(keyData);
+ free(msaList);
+ free(random);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_context.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_context.c
new file mode 100644
index 0000000..1fb0896
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_context.c
@@ -0,0 +1,83 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_OpenContext(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ UINT32 tpm_version = tpm_metrics.version.minor;
+
+ LogDebugFn("thread %ld", THREAD_ID);
+
+ result = TCS_OpenContext_Internal(&hContext);
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &tpm_version, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ /* Set the context in the thread's object. Later, if something goes wrong
+ * and the connection can't be closed cleanly, we'll still have a reference
+ * to what resources need to be freed. */
+ data->context = hContext;
+
+ LogDebug("New context is 0x%x", hContext);
+ } else
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CloseContext(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ result = TCS_CloseContext_Internal(hContext);
+
+ /* This will signal the thread that the connection has been closed cleanly */
+ if (result == TSS_SUCCESS)
+ data->context = NULL_TCS_HANDLE;
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_counter.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_counter.c
new file mode 100644
index 0000000..42e4d21
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_counter.c
@@ -0,0 +1,246 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_ReadCounter(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_COUNTER_ID idCounter;
+ TPM_COUNTER_VALUE counterValue;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ReadCounter_Internal(hContext, idCounter, &counterValue);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_COUNTER_VALUE, 0, &counterValue, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CreateCounter(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_COUNTER_ID idCounter;
+ TPM_COUNTER_VALUE counterValue;
+ TPM_AUTH auth;
+ TPM_ENCAUTH encauth;
+ UINT32 LabelSize;
+ BYTE *pLabel = NULL;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &LabelSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((pLabel = calloc(1, LabelSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", LabelSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, &pLabel, LabelSize, &data->comm)) {
+ free(pLabel);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &encauth, 0, &data->comm)) {
+ free(pLabel);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm)) {
+ free(pLabel);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CreateCounter_Internal(hContext, LabelSize, pLabel, encauth, &auth,
+ &idCounter, &counterValue);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(pLabel);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_COUNTER_VALUE, 2, &counterValue, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_IncrementCounter(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_COUNTER_ID idCounter;
+ TPM_COUNTER_VALUE counterValue;
+ TPM_AUTH auth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_IncrementCounter_Internal(hContext, idCounter, &auth, &counterValue);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_COUNTER_VALUE, 1, &counterValue, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ReleaseCounter(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_COUNTER_ID idCounter;
+ TPM_AUTH auth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ReleaseCounter_Internal(hContext, idCounter, &auth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ReleaseCounterOwner(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_COUNTER_ID idCounter;
+ TPM_AUTH auth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &idCounter, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ReleaseCounterOwner_Internal(hContext, idCounter, &auth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_daa.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_daa.c
new file mode 100644
index 0000000..d2fc8d3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_daa.c
@@ -0,0 +1,244 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_DaaJoin(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_HANDLE hDAA;
+ BYTE stage;
+ UINT32 inputSize0, inputSize1, outputSize, i;
+ BYTE *inputData0 = NULL, *inputData1 = NULL,*outputData;
+ TSS_RESULT result;
+ TPM_AUTH ownerAuth, *pOwnerAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hDAA, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ LogDebugFn("thread %ld hDAA %x", THREAD_ID, hDAA);
+
+ if (getData(TCSD_PACKET_TYPE_BYTE, 2, &stage, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ LogDebug("getData 2 (stage=%d)", (int)stage);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &inputSize0, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ LogDebug("getData 3 inputSize0=%d", inputSize0);
+
+ inputData0 = calloc(1, inputSize0);
+ if (inputData0 == NULL) {
+ LogError("malloc of %d bytes failed.", inputSize0);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ LogDebug("getData 4 inputData0");
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, inputData0, inputSize0, &data->comm)) {
+ free(inputData0);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ LogDebug("getData 5");
+ if (getData(TCSD_PACKET_TYPE_UINT32, 5, &inputSize1, 0, &data->comm)) {
+ free( inputData0);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ LogDebug("getData 5 inputSize1=%d", inputSize1);
+
+ if( inputSize1 > 0) {
+ inputData1 = calloc(1, inputSize1);
+ if (inputData1 == NULL) {
+ LogError("malloc of %d bytes failed.", inputSize1);
+ free( inputData0);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ LogDebug("getData 6 inputData1");
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 6, inputData1, inputSize1, &data->comm)) {
+ free(inputData0);
+ free(inputData1);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ LogDebug("getData 7");
+ if (getData(TCSD_PACKET_TYPE_AUTH, 7, &ownerAuth, 0, &data->comm)) {
+ pOwnerAuth = NULL;
+ } else {
+ pOwnerAuth = &ownerAuth;
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DaaJoin_internal(hContext, hDAA, stage, inputSize0, inputData0, inputSize1,
+ inputData1, pOwnerAuth, &outputSize, &outputData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(inputData0);
+ if( inputData1 != NULL) free(inputData1);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if ( pOwnerAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) {
+ free(outputData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outputSize, 0, &data->comm)) {
+ free(outputData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outputData, outputSize, &data->comm)) {
+ free(outputData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outputData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_DaaSign(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_HANDLE hDAA;
+ BYTE stage;
+ UINT32 inputSize0, inputSize1, outputSize, i;
+ BYTE *inputData0 = NULL, *inputData1 = NULL,*outputData;
+ TSS_RESULT result;
+ TPM_AUTH ownerAuth, *pOwnerAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hDAA, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ LogDebugFn("thread %ld hDAA %x", THREAD_ID, hDAA);
+
+ if (getData(TCSD_PACKET_TYPE_BYTE, 2, &stage, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ LogDebugFn("getData 2 (stage=%d)", (int)stage);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &inputSize0, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ LogDebug("getData 3 inputSize0=%d", inputSize0);
+
+ inputData0 = calloc(1, inputSize0);
+ if (inputData0 == NULL) {
+ LogError("malloc of %d bytes failed.", inputSize0);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ LogDebug("getData 4 inputData0");
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, inputData0, inputSize0, &data->comm)) {
+ free(inputData0);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ LogDebug("getData 5");
+ if (getData(TCSD_PACKET_TYPE_UINT32, 5, &inputSize1, 0, &data->comm)) {
+ free( inputData0);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ LogDebug("getData 5 inputSize1=%d", inputSize1);
+
+ if( inputSize1 > 0) {
+ inputData1 = calloc(1, inputSize1);
+ if (inputData1 == NULL) {
+ LogError("malloc of %d bytes failed.", inputSize1);
+ free( inputData0);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ LogDebug("getData 6 inputData1");
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 6, inputData1, inputSize1, &data->comm)) {
+ free(inputData0);
+ free(inputData1);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ LogDebug("getData 7");
+ if (getData(TCSD_PACKET_TYPE_AUTH, 7, &ownerAuth, 0, &data->comm)) {
+ pOwnerAuth = NULL;
+ } else {
+ pOwnerAuth = &ownerAuth;
+ }
+
+ LogDebugFn("-> TCSP_DaaSign_internal");
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DaaSign_internal(hContext, hDAA, stage, inputSize0, inputData0, inputSize1,
+ inputData1, pOwnerAuth, &outputSize, &outputData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ LogDebugFn("<- TCSP_DaaSign_internal");
+
+ free(inputData0);
+ if( inputData1 != NULL) free(inputData1);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if ( pOwnerAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &data->comm)) {
+ free(outputData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outputSize, 0, &data->comm)) {
+ free(outputData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outputData, outputSize, &data->comm)) {
+ free(outputData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outputData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_delegate.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_delegate.c
new file mode 100644
index 0000000..62d6591
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_delegate.c
@@ -0,0 +1,614 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_Delegate_Manage(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_FAMILY_ID familyId;
+ TPM_FAMILY_OPERATION opFlag;
+ UINT32 opDataSize;
+ BYTE *opData;
+ TPM_AUTH ownerAuth, nullAuth, *pAuth;
+ UINT32 retDataSize;
+ BYTE *retData;
+ TSS_RESULT result;
+ int i;
+
+ memset(&ownerAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &familyId, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &opFlag, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &opDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ opData = malloc(opDataSize);
+ if (opData == NULL) {
+ LogError("malloc of %u bytes failed.", opDataSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, opData, opDataSize, &data->comm)) {
+ free(opData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 5, &ownerAuth, 0, &data->comm)) {
+ free(opData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH)))
+ pAuth = &ownerAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Delegate_Manage_Internal(hContext, familyId, opFlag,
+ opDataSize, opData, pAuth, &retDataSize, &retData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(opData);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(retData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &retDataSize, 0, &data->comm)) {
+ free(retData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, retData, retDataSize, &data->comm)) {
+ free(retData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(retData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Delegate_CreateKeyDelegation(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ UINT32 publicInfoSize;
+ BYTE *publicInfo;
+ TPM_ENCAUTH encDelAuth;
+ TPM_AUTH keyAuth, nullAuth, *pAuth;
+ UINT32 blobSize;
+ BYTE *blob;
+ TSS_RESULT result;
+ int i;
+
+ memset(&keyAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &publicInfoSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ publicInfo = malloc(publicInfoSize);
+ if (publicInfo == NULL) {
+ LogError("malloc of %u bytes failed.", publicInfoSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, publicInfo, publicInfoSize, &data->comm)) {
+ free(publicInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 4, &encDelAuth, 0, &data->comm)) {
+ free(publicInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 5, &keyAuth, 0, &data->comm)) {
+ free(publicInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &keyAuth, sizeof(TPM_AUTH)))
+ pAuth = &keyAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Delegate_CreateKeyDelegation_Internal(hContext, hKey,
+ publicInfoSize, publicInfo, &encDelAuth, pAuth, &blobSize, &blob);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(publicInfo);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &blobSize, 0, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, blob, blobSize, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(blob);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Delegate_CreateOwnerDelegation(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_BOOL increment;
+ UINT32 publicInfoSize;
+ BYTE *publicInfo;
+ TPM_ENCAUTH encDelAuth;
+ TPM_AUTH ownerAuth, nullAuth, *pAuth;
+ UINT32 blobSize;
+ BYTE *blob;
+ TSS_RESULT result;
+ int i;
+
+ memset(&ownerAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_BOOL, 1, &increment, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &publicInfoSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ publicInfo = malloc(publicInfoSize);
+ if (publicInfo == NULL) {
+ LogError("malloc of %u bytes failed.", publicInfoSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, publicInfo, publicInfoSize, &data->comm)) {
+ free(publicInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 4, &encDelAuth, 0, &data->comm)) {
+ free(publicInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 5, &ownerAuth, 0, &data->comm)) {
+ free(publicInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH)))
+ pAuth = &ownerAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Delegate_CreateOwnerDelegation_Internal(hContext, increment,
+ publicInfoSize, publicInfo, &encDelAuth, pAuth, &blobSize, &blob);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(publicInfo);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &blobSize, 0, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, blob, blobSize, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(blob);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Delegate_LoadOwnerDelegation(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_DELEGATE_INDEX index;
+ UINT32 blobSize;
+ BYTE *blob;
+ TPM_AUTH ownerAuth, nullAuth, *pAuth;
+ TSS_RESULT result;
+
+ memset(&ownerAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &index, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &blobSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ blob = malloc(blobSize);
+ if (blob == NULL) {
+ LogError("malloc of %u bytes failed.", blobSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, blob, blobSize, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm)) {
+ free(blob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH)))
+ pAuth = &ownerAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Delegate_LoadOwnerDelegation_Internal(hContext, index, blobSize, blob,
+ pAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(blob);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Delegate_ReadTable(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 familyTableSize;
+ BYTE *familyTable;
+ UINT32 delegateTableSize;
+ BYTE *delegateTable;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Delegate_ReadTable_Internal(hContext, &familyTableSize, &familyTable,
+ &delegateTableSize, &delegateTable);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 4);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &familyTableSize, 0, &data->comm)) {
+ free(familyTable);
+ free(delegateTable);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, familyTable, familyTableSize, &data->comm)) {
+ free(familyTable);
+ free(delegateTable);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(familyTable);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &delegateTableSize, 0, &data->comm)) {
+ free(delegateTable);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 3, delegateTable, delegateTableSize, &data->comm)) {
+ free(delegateTable);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(delegateTable);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Delegate_UpdateVerificationCount(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 inputSize;
+ BYTE *input;
+ TPM_AUTH ownerAuth, nullAuth, *pAuth;
+ UINT32 outputSize;
+ BYTE *output;
+ TSS_RESULT result;
+ int i;
+
+ memset(&ownerAuth, 0, sizeof(TPM_AUTH));
+ memset(&nullAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &inputSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ input = malloc(inputSize);
+ if (input == NULL) {
+ LogError("malloc of %u bytes failed.", inputSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, input, inputSize, &data->comm)) {
+ free(input);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) {
+ free(input);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (memcmp(&nullAuth, &ownerAuth, sizeof(TPM_AUTH)))
+ pAuth = &ownerAuth;
+ else
+ pAuth = NULL;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Delegate_UpdateVerificationCount_Internal(hContext, inputSize, input,
+ pAuth, &outputSize, &output);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(input);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(output);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outputSize, 0, &data->comm)) {
+ free(output);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, output, outputSize, &data->comm)) {
+ free(output);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(output);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Delegate_VerifyDelegation(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 delegateSize;
+ BYTE *delegate;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &delegateSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ delegate = malloc(delegateSize);
+ if (delegate == NULL) {
+ LogError("malloc of %u bytes failed.", delegateSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, delegate, delegateSize, &data->comm)) {
+ free(delegate);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Delegate_VerifyDelegation_Internal(hContext, delegateSize, delegate);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(delegate);
+done:
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_DSAP(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT16 entityType;
+ TCS_KEY_HANDLE keyHandle;
+ TPM_NONCE nonceOddDSAP, nonceEven, nonceEvenDSAP;
+ UINT32 entityValueSize;
+ BYTE *entityValue;
+ TCS_AUTHHANDLE authHandle;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT16, 1, &entityType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &keyHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 3, &nonceOddDSAP, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &entityValueSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ entityValue = malloc(entityValueSize);
+ if (entityValue == NULL) {
+ LogError("malloc of %u bytes failed.", entityValueSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, entityValue, entityValueSize, &data->comm)) {
+ free(entityValue);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DSAP_Internal(hContext, entityType, keyHandle, &nonceOddDSAP, entityValueSize,
+ entityValue, &authHandle, &nonceEven, &nonceEvenDSAP);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(entityValue);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &authHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_NONCE, 1, &nonceEven, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_NONCE, 2, &nonceEvenDSAP, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_dir.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_dir.c
new file mode 100644
index 0000000..ad47a8d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_dir.c
@@ -0,0 +1,109 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_DirWriteAuth(struct tcsd_thread_data *data)
+{
+ TSS_RESULT result;
+ TSS_HCONTEXT hContext;
+ TCPA_DIRINDEX dirIndex;
+ TCPA_DIGEST dirDigest;
+ TPM_AUTH auth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &dirIndex, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &dirDigest, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 3, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DirWriteAuth_Internal(hContext, dirIndex, dirDigest, &auth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_DirRead(struct tcsd_thread_data *data)
+{
+ TSS_RESULT result;
+ TSS_HCONTEXT hContext;
+ TCPA_DIRINDEX dirIndex;
+ TCPA_DIRVALUE dirValue;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &dirIndex, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DirRead_Internal(hContext, dirIndex, &dirValue);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &dirValue, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_ek.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_ek.c
new file mode 100644
index 0000000..71429fc
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_ek.c
@@ -0,0 +1,339 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_CreateEndorsementKeyPair(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_NONCE antiReplay;
+ UINT32 eKPtrSize;
+ BYTE *eKPtr;
+ UINT32 eKSize;
+ BYTE* eK;
+ TCPA_DIGEST checksum;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ eKPtr = calloc(1, eKPtrSize);
+ if (eKPtr == NULL) {
+ LogError("malloc of %u bytes failed.", eKPtrSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) {
+ free(eKPtr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CreateEndorsementKeyPair_Internal(hContext, antiReplay, eKPtrSize, eKPtr,
+ &eKSize, &eK, &checksum);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(eKPtr);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eKSize, 0, &data->comm)) {
+ free(eK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, eK, eKSize, &data->comm)) {
+ free(eK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(eK);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ReadPubek(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_NONCE antiReplay;
+ UINT32 pubEKSize;
+ BYTE *pubEK;
+ TCPA_DIGEST checksum;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ReadPubek_Internal(hContext, antiReplay, &pubEKSize, &pubEK, &checksum);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pubEKSize, 0, &data->comm)) {
+ free(pubEK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, pubEK, pubEKSize, &data->comm)) {
+ free(pubEK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(pubEK);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &checksum, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_OwnerReadPubek(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 pubEKSize;
+ BYTE *pubEK;
+ TSS_RESULT result;
+ TPM_AUTH auth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_OwnerReadPubek_Internal(hContext, &auth, &pubEKSize, &pubEK);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) {
+ free(pubEK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &pubEKSize, 0, &data->comm)) {
+ free(pubEK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, pubEK, pubEKSize, &data->comm)) {
+ free(pubEK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(pubEK);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_DisablePubekRead(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TPM_AUTH auth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_DisablePubekRead_Internal(hContext, &auth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+tcs_wrap_CreateRevocableEndorsementKeyPair(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_NONCE antiReplay;
+ UINT32 eKPtrSize;
+ BYTE *eKPtr;
+ TSS_BOOL genResetAuth;
+ TPM_DIGEST eKResetAuth;
+ UINT32 eKSize;
+ BYTE* eK;
+ TPM_DIGEST checksum;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &eKPtrSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ eKPtr = calloc(1, eKPtrSize);
+ if (eKPtr == NULL) {
+ LogError("malloc of %d bytes failed.", eKPtrSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, eKPtr, eKPtrSize, &data->comm)) {
+ free(eKPtr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_BOOL, 4, &genResetAuth, 0, &data->comm)) {
+ free(eKPtr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 5, &eKResetAuth, 0, &data->comm)) {
+ free(eKPtr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CreateRevocableEndorsementKeyPair_Internal(hContext, antiReplay,
+ eKPtrSize, eKPtr, genResetAuth, &eKResetAuth, &eKSize, &eK, &checksum);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(eKPtr);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 4);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &eKResetAuth, 0, &data->comm)) {
+ free(eK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &eKSize, 0, &data->comm)) {
+ free(eK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, eK, eKSize, &data->comm)) {
+ free(eK);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(eK);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 3, &checksum, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_RevokeEndorsementKeyPair(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_DIGEST eKResetAuth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 1, &eKResetAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_RevokeEndorsementKeyPair_Internal(hContext, eKResetAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+done:
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_evlog.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_evlog.c
new file mode 100644
index 0000000..a6b656a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_evlog.c
@@ -0,0 +1,294 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_GetPcrEvent(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_PCR_EVENT *pEvent = NULL;
+ TSS_RESULT result;
+ UINT32 pcrIndex, number;
+ BYTE lengthOnly;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &number, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_BYTE, 3, &lengthOnly, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (lengthOnly)
+ result = TCS_GetPcrEvent_Internal(hContext, pcrIndex, &number, NULL);
+ else
+ result = TCS_GetPcrEvent_Internal(hContext, pcrIndex, &number, &pEvent);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &number, 0, &data->comm)) {
+ if (lengthOnly == FALSE)
+ free_external_events(1, pEvent);
+ free(pEvent);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (lengthOnly == FALSE) {
+ if (setData(TCSD_PACKET_TYPE_PCR_EVENT, 1, pEvent, 0, &data->comm)) {
+ free_external_events(1, pEvent);
+ free(pEvent);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free_external_events(1, pEvent);
+ free(pEvent);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+
+TSS_RESULT
+tcs_wrap_GetPcrEventsByPcr(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_PCR_EVENT *ppEvents = NULL;
+ TSS_RESULT result;
+ UINT32 firstEvent, eventCount, totalSize, pcrIndex, i, j;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &firstEvent, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &eventCount, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = TCS_GetPcrEventsByPcr_Internal(hContext, pcrIndex, firstEvent, &eventCount, &ppEvents);
+
+ if (result == TSS_SUCCESS) {
+ /* XXX totalSize not used */
+ for (i = 0, totalSize = 0; i < eventCount; i++)
+ totalSize += get_pcr_event_size(&(ppEvents[i]));
+
+ initData(&data->comm, eventCount + 1);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eventCount, 0, &data->comm)) {
+ free_external_events(eventCount, ppEvents);
+ free(ppEvents);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ i = 1;
+ for (j = 0; j < eventCount; j++) {
+ if (setData(TCSD_PACKET_TYPE_PCR_EVENT, i++, &(ppEvents[j]), 0, &data->comm)) {
+ free_external_events(eventCount, ppEvents);
+ free(ppEvents);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ free_external_events(eventCount, ppEvents);
+ free(ppEvents);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetPcrEventLog(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_PCR_EVENT *ppEvents;
+ TSS_RESULT result;
+ UINT32 eventCount, totalSize, i, j;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ result = TCS_GetPcrEventLog_Internal(hContext, &eventCount, &ppEvents);
+
+ if (result == TSS_SUCCESS) {
+ for (i = 0, totalSize = 0; i < eventCount; i++)
+ totalSize += get_pcr_event_size(&(ppEvents[i]));
+
+ initData(&data->comm, eventCount + 1);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &eventCount, 0, &data->comm)) {
+ free_external_events(eventCount, ppEvents);
+ free(ppEvents);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ i = 1;
+ for (j = 0; j < eventCount; j++) {
+ if (setData(TCSD_PACKET_TYPE_PCR_EVENT, i++, &(ppEvents[j]), 0, &data->comm)) {
+ free_external_events(eventCount, ppEvents);
+ free(ppEvents);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ free_external_events(eventCount, ppEvents);
+ free(ppEvents);
+ } else
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_LogPcrEvent(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_PCR_EVENT event;
+ TSS_RESULT result;
+ UINT32 number;
+
+ /* Receive */
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_PCR_EVENT , 1, &event, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = TCS_LogPcrEvent_Internal(hContext, event, &number);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &number, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+void
+LoadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event)
+{
+ LoadBlob_VERSION(offset, blob, (TPM_VERSION *)&(event->versionInfo));
+ LoadBlob_UINT32(offset, event->ulPcrIndex, blob);
+ LoadBlob_UINT32(offset, event->eventType, blob);
+
+ LoadBlob_UINT32(offset, event->ulPcrValueLength, blob);
+ if (event->ulPcrValueLength > 0)
+ LoadBlob(offset, event->ulPcrValueLength, blob, event->rgbPcrValue);
+
+ LoadBlob_UINT32(offset, event->ulEventLength, blob);
+ if (event->ulEventLength > 0)
+ LoadBlob(offset, event->ulEventLength, blob, event->rgbEvent);
+
+}
+
+TSS_RESULT
+UnloadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event)
+{
+ if (!event) {
+ UINT32 ulPcrValueLength, ulEventLength;
+
+ UnloadBlob_VERSION(offset, blob, NULL);
+ UnloadBlob_UINT32(offset, NULL, blob);
+ UnloadBlob_UINT32(offset, NULL, blob);
+
+ UnloadBlob_UINT32(offset, &ulPcrValueLength, blob);
+ (*offset) += ulPcrValueLength;
+
+ UnloadBlob_UINT32(offset, &ulEventLength, blob);
+ (*offset) += ulEventLength;
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_VERSION(offset, blob, (TPM_VERSION *)&(event->versionInfo));
+ UnloadBlob_UINT32(offset, &event->ulPcrIndex, blob);
+ UnloadBlob_UINT32(offset, &event->eventType, blob);
+
+ UnloadBlob_UINT32(offset, &event->ulPcrValueLength, blob);
+ if (event->ulPcrValueLength > 0) {
+ event->rgbPcrValue = malloc(event->ulPcrValueLength);
+ if (event->rgbPcrValue == NULL) {
+ LogError("malloc of %u bytes failed.", event->ulPcrValueLength);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(offset, event->ulPcrValueLength, blob, event->rgbPcrValue);
+ } else {
+ event->rgbPcrValue = NULL;
+ }
+
+ UnloadBlob_UINT32(offset, &event->ulEventLength, blob);
+ if (event->ulEventLength > 0) {
+ event->rgbEvent = malloc(event->ulEventLength);
+ if (event->rgbEvent == NULL) {
+ LogError("malloc of %u bytes failed.", event->ulEventLength);
+ free(event->rgbPcrValue);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(offset, event->ulEventLength, blob, event->rgbEvent);
+ } else {
+ event->rgbEvent = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_key.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_key.c
new file mode 100644
index 0000000..144da83
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_key.c
@@ -0,0 +1,500 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_EvictKey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = key_mgr_evict(hContext, hKey);
+
+ MUTEX_UNLOCK(tcsp_lock);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetPubkey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TPM_AUTH auth;
+ TPM_AUTH *pAuth;
+ UINT32 pubKeySize;
+ BYTE *pubKey;
+ TSS_RESULT result;
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 2, &auth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pAuth = NULL;
+ else if (result)
+ return result;
+ else
+ pAuth = &auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_GetPubKey_Internal(hContext, hKey, pAuth, &pubKeySize, &pubKey);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth != NULL)
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(pubKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pubKeySize, 0, &data->comm)) {
+ free(pubKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, pubKey, pubKeySize, &data->comm)) {
+ free(pubKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(pubKey);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_TerminateHandle(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_AUTHHANDLE authHandle;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &authHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_TerminateHandle_Internal(hContext, authHandle);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_LoadKeyByBlob(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hUnwrappingKey;
+ UINT32 cWrappedKeyBlob;
+ BYTE *rgbWrappedKeyBlob;
+
+ TPM_AUTH auth;
+
+ TCS_KEY_HANDLE phKeyTCSI;
+ TCS_KEY_HANDLE phKeyHMAC;
+
+ TPM_AUTH *pAuth;
+ TSS_RESULT result;
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hUnwrappingKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &cWrappedKeyBlob, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbWrappedKeyBlob = calloc(1, cWrappedKeyBlob);
+ if (rgbWrappedKeyBlob == NULL) {
+ LogError("malloc of %d bytes failed.", cWrappedKeyBlob);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbWrappedKeyBlob, cWrappedKeyBlob, &data->comm)) {
+ free(rgbWrappedKeyBlob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pAuth = NULL;
+ else if (result) {
+ free(rgbWrappedKeyBlob);
+ return result;
+ } else
+ pAuth = &auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = key_mgr_load_by_blob(hContext, hUnwrappingKey, cWrappedKeyBlob, rgbWrappedKeyBlob,
+ pAuth, &phKeyTCSI, &phKeyHMAC);
+
+ if (!result)
+ result = ctx_mark_key_loaded(hContext, phKeyTCSI);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(rgbWrappedKeyBlob);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyTCSI, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyHMAC, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+tcs_wrap_LoadKey2ByBlob(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hUnwrappingKey;
+ UINT32 cWrappedKeyBlob;
+ BYTE *rgbWrappedKeyBlob;
+ TPM_AUTH auth;
+ TCS_KEY_HANDLE phKeyTCSI;
+ TPM_AUTH *pAuth;
+ TSS_RESULT result;
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hUnwrappingKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &cWrappedKeyBlob, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbWrappedKeyBlob = calloc(1, cWrappedKeyBlob);
+ if (rgbWrappedKeyBlob == NULL) {
+ LogError("malloc of %d bytes failed.", cWrappedKeyBlob);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbWrappedKeyBlob, cWrappedKeyBlob, &data->comm)) {
+ free(rgbWrappedKeyBlob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pAuth = NULL;
+ else if (result) {
+ free(rgbWrappedKeyBlob);
+ return result;
+ } else
+ pAuth = &auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = key_mgr_load_by_blob(hContext, hUnwrappingKey, cWrappedKeyBlob, rgbWrappedKeyBlob,
+ pAuth, &phKeyTCSI, NULL);
+
+ if (!result)
+ result = ctx_mark_key_loaded(hContext, phKeyTCSI);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(rgbWrappedKeyBlob);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 2);
+ if (pAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &phKeyTCSI, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+#endif
+
+TSS_RESULT
+tcs_wrap_CreateWrapKey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hWrappingKey;
+ TCPA_ENCAUTH KeyUsageAuth;
+ TCPA_ENCAUTH KeyMigrationAuth;
+ UINT32 keyInfoSize;
+ BYTE *keyInfo;
+
+ TPM_AUTH *pAuth, auth;
+
+ UINT32 keyDataSize;
+ BYTE *keyData;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hWrappingKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 2, &KeyUsageAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &KeyMigrationAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &keyInfoSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ keyInfo = calloc(1, keyInfoSize);
+ if (keyInfo == NULL) {
+ LogError("malloc of %d bytes failed.", keyInfoSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, keyInfo, keyInfoSize, &data->comm)) {
+ free(keyInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 6, &auth, 0, &data->comm))
+ pAuth = NULL;
+ else
+ pAuth = &auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CreateWrapKey_Internal(hContext, hWrappingKey, KeyUsageAuth, KeyMigrationAuth,
+ keyInfoSize, keyInfo, &keyDataSize, &keyData, pAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(keyInfo);
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &keyDataSize, 0, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, keyData, keyDataSize, &data->comm)) {
+ free(keyData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(keyData);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 2, pAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+tcs_wrap_OwnerReadInternalPub(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TPM_AUTH ownerAuth;
+ UINT32 pubKeySize;
+ BYTE *pubKeyData;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_OwnerReadInternalPub_Internal(hContext, hKey, &ownerAuth, &pubKeySize, &pubKeyData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &pubKeySize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, pubKeyData, pubKeySize, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_KeyControlOwner(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ UINT32 ulPublicKeyLength;
+ BYTE* rgbPublicKey = NULL;
+ UINT32 attribName;
+ TSS_BOOL attribValue;
+ TPM_AUTH ownerAuth;
+ TSS_UUID uuidData;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &ulPublicKeyLength, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbPublicKey = (BYTE *) malloc(ulPublicKeyLength);
+ if (rgbPublicKey == NULL) {
+ LogError("malloc of %u bytes failed.", ulPublicKeyLength);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbPublicKey, ulPublicKeyLength, &data->comm)) {
+ free(rgbPublicKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &attribName, 0, &data->comm)) {
+ free(rgbPublicKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_BOOL, 5, &attribValue, 0, &data->comm)) {
+ free(rgbPublicKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 6, &ownerAuth, 0, &data->comm)) {
+ free(rgbPublicKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_KeyControlOwner_Internal(hContext, hKey, ulPublicKeyLength, rgbPublicKey,
+ attribName, attribValue, &ownerAuth, &uuidData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ free(rgbPublicKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UUID, 1, &uuidData, 0, &data->comm)) {
+ free(rgbPublicKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ free(rgbPublicKey);
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+
+}
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_maint.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_maint.c
new file mode 100644
index 0000000..f000cb1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_maint.c
@@ -0,0 +1,298 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_KillMaintenanceFeature(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TPM_AUTH ownerAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_KillMaintenanceFeature_Internal(hContext, &ownerAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CreateMaintenanceArchive(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TPM_AUTH ownerAuth;
+ TSS_BOOL generateRandom;
+ UINT32 randomSize, archiveSize;
+ BYTE *random, *archive;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_BOOL, 1, &generateRandom, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, &ownerAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CreateMaintenanceArchive_Internal(hContext, generateRandom, &ownerAuth,
+ &randomSize, &random, &archiveSize,
+ &archive);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 5);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ free(random);
+ free(archive);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &randomSize, 0, &data->comm)) {
+ free(random);
+ free(archive);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, random, randomSize, &data->comm)) {
+ free(random);
+ free(archive);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 3, &archiveSize, 0, &data->comm)) {
+ free(random);
+ free(archive);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 4, archive, archiveSize, &data->comm)) {
+ free(random);
+ free(archive);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ free(random);
+ free(archive);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_LoadMaintenanceArchive(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TPM_AUTH ownerAuth;
+ UINT32 dataInSize, dataOutSize;
+ BYTE *dataIn, *dataOut;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &dataInSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ dataIn = (BYTE *)malloc(dataInSize);
+ if (dataIn == NULL) {
+ LogError("malloc of %d bytes failed.", dataInSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, dataIn, dataInSize, &data->comm)) {
+ free(dataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 3, &ownerAuth, 0, &data->comm)) {
+ free(dataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_LoadMaintenanceArchive_Internal(hContext, dataInSize, dataIn, &ownerAuth,
+ &dataOutSize, &dataOut);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(dataIn);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ free(dataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &dataOutSize, 0, &data->comm)) {
+ free(dataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, dataOut, dataOutSize, &data->comm)) {
+ free(dataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ free(dataOut);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_LoadManuMaintPub(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ UINT32 pubKeySize;
+ BYTE *pubKey;
+ TCPA_NONCE antiReplay;
+ TCPA_DIGEST checksum;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &pubKeySize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ pubKey = (BYTE *)malloc(pubKeySize);
+ if (pubKey == NULL) {
+ LogError("malloc of %d bytes failed.", pubKeySize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, pubKey, pubKeySize, &data->comm)) {
+ free(pubKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_LoadManuMaintPub_Internal(hContext, antiReplay, pubKeySize, pubKey,
+ &checksum);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(pubKey);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &checksum, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ReadManuMaintPub(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TCPA_NONCE antiReplay;
+ TCPA_DIGEST checksum;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_NONCE, 1, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ReadManuMaintPub_Internal(hContext, antiReplay, &checksum);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &checksum, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_migration.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_migration.c
new file mode 100644
index 0000000..a08d99d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_migration.c
@@ -0,0 +1,330 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_CreateMigrationBlob(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TCS_KEY_HANDLE parentHandle;
+ TSS_MIGRATE_SCHEME migrationType;
+ UINT32 MigrationKeyAuthSize, encDataSize, randomSize, outDataSize;
+ BYTE *MigrationKeyAuth, *encData, *random, *outData;
+ TPM_AUTH auth1, auth2, *pParentAuth, *pEntityAuth;
+ UINT32 i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT16, 2, &migrationType, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &MigrationKeyAuthSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MigrationKeyAuth = (BYTE *)malloc(MigrationKeyAuthSize);
+ if (MigrationKeyAuth == NULL) {
+ LogError("malloc of %d bytes failed.", MigrationKeyAuthSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, MigrationKeyAuth, MigrationKeyAuthSize, &data->comm)) {
+ free(MigrationKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 5, &encDataSize, 0, &data->comm)) {
+ free(MigrationKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ encData = (BYTE *)malloc(encDataSize);
+ if (encData == NULL) {
+ free(MigrationKeyAuth);
+ LogError("malloc of %d bytes failed.", encDataSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 6, encData, encDataSize, &data->comm)) {
+ free(MigrationKeyAuth);
+ free(encData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 7, &auth1, 0, &data->comm)) {
+ free(MigrationKeyAuth);
+ free(encData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 8, &auth2, 0, &data->comm)) {
+ /* If loading the 2nd auth fails, the first one was entity auth */
+ pParentAuth = NULL;
+ pEntityAuth = &auth1;
+ } else {
+ /* If loading the 2nd auth succeeds, the first one was parent auth */
+ pParentAuth = &auth1;
+ pEntityAuth = &auth2;
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CreateMigrationBlob_Internal(hContext, parentHandle, migrationType,
+ MigrationKeyAuthSize, MigrationKeyAuth,
+ encDataSize, encData, pParentAuth, pEntityAuth,
+ &randomSize, &random, &outDataSize, &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(MigrationKeyAuth);
+ free(encData);
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 6);
+ if (pParentAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pEntityAuth, 0, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &randomSize, 0, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (randomSize > 0) {
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, random, randomSize, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) {
+ free(random);
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ free(random);
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ConvertMigrationBlob(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TCS_KEY_HANDLE parentHandle;
+ UINT32 outDataSize, randomSize, inDataSize;
+ BYTE *outData, *random, *inData;
+ TPM_AUTH parentAuth, *pParentAuth;
+ UINT32 i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ inData = (BYTE *)malloc(inDataSize);
+ if (inData == NULL) {
+ LogError("malloc of %d bytes failed.", inDataSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) {
+ free(inData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &randomSize, 0, &data->comm)) {
+ free(inData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ random = (BYTE *)malloc(randomSize);
+ if (random == NULL) {
+ free(inData);
+ LogError("malloc of %d bytes failed.", randomSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, random, randomSize, &data->comm)) {
+ free(inData);
+ free(random);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 6, &parentAuth, 0, &data->comm))
+ pParentAuth = NULL;
+ else
+ pParentAuth = &parentAuth;
+
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ConvertMigrationBlob_Internal(hContext, parentHandle, inDataSize, inData,
+ randomSize, random, pParentAuth, &outDataSize,
+ &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(inData);
+ free(random);
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pParentAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pParentAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &outDataSize, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, outData, outDataSize, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_AuthorizeMigrationKey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TSS_MIGRATE_SCHEME migrateScheme;
+ UINT32 MigrationKeySize, MigrationKeyAuthSize;
+ BYTE *MigrationKey, *MigrationKeyAuth;
+ TPM_AUTH ownerAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT16, 1, &migrateScheme, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &MigrationKeySize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MigrationKey = (BYTE *)malloc(MigrationKeySize);
+ if (MigrationKey == NULL) {
+ LogError("malloc of %d bytes failed.", MigrationKeySize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, MigrationKey, MigrationKeySize, &data->comm)) {
+ free(MigrationKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &ownerAuth, 0, &data->comm)) {
+ free(MigrationKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_AuthorizeMigrationKey_Internal(hContext, migrateScheme, MigrationKeySize,
+ MigrationKey, &ownerAuth,
+ &MigrationKeyAuthSize, &MigrationKeyAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(MigrationKey);
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ free(MigrationKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &MigrationKeyAuthSize, 0, &data->comm)) {
+ free(MigrationKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, MigrationKeyAuth, MigrationKeyAuthSize,
+ &data->comm)) {
+ free(MigrationKeyAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ free(MigrationKeyAuth);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_nv.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_nv.c
new file mode 100644
index 0000000..a54fb48
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_nv.c
@@ -0,0 +1,345 @@
+/*
+ * The Initial Developer of the Original Code is Intel Corporation.
+ * Portions created by Intel Corporation are Copyright (C) 2007 Intel Corporation.
+ * All Rights Reserved.
+ * trousers - An open source TCG Software Stack
+ *
+ * Author: [email protected] [email protected]
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_NV_DefineOrReleaseSpace(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 cPubInfoSize;
+ BYTE *pubInfo = NULL;
+ TSS_RESULT result;
+ TPM_ENCAUTH encAuth;
+ TPM_AUTH Auth, *pAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &cPubInfoSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ pubInfo = calloc(1, cPubInfoSize);
+ if (pubInfo == NULL) {
+ LogError("malloc of %u bytes failed.", cPubInfoSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, pubInfo, cPubInfoSize, &data->comm)) {
+ free(pubInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, 3, &encAuth, 0, &data->comm)) {
+ free(pubInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &Auth, 0, &data->comm))
+ pAuth = NULL;
+ else
+ pAuth = &Auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_NV_DefineOrReleaseSpace_Internal(hContext,
+ cPubInfoSize, pubInfo, encAuth, pAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(pubInfo);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if ( pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_NV_WriteValue(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_NV_INDEX hNVStore;
+ UINT32 offset,ulDataLength;
+ BYTE *rgbDataToWrite = NULL;
+ TSS_RESULT result;
+ TPM_AUTH Auth, *pAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbDataToWrite = calloc(1, ulDataLength);
+ if (rgbDataToWrite == NULL) {
+ LogError("malloc of %u bytes failed.", ulDataLength);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbDataToWrite, ulDataLength, &data->comm)) {
+ free(rgbDataToWrite);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 5, &Auth, 0, &data->comm))
+ pAuth = NULL;
+ else
+ pAuth = &Auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_NV_WriteValue_Internal(hContext, hNVStore,
+ offset, ulDataLength, rgbDataToWrite, pAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(rgbDataToWrite);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_NV_WriteValueAuth(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_NV_INDEX hNVStore;
+ UINT32 offset,ulDataLength;
+ BYTE *rgbDataToWrite = NULL;
+ TSS_RESULT result;
+ TPM_AUTH Auth, *pAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbDataToWrite = calloc(1, ulDataLength);
+ if (rgbDataToWrite == NULL) {
+ LogError("malloc of %u bytes failed.", ulDataLength);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbDataToWrite, ulDataLength, &data->comm)) {
+ free(rgbDataToWrite);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 5, &Auth, 0, &data->comm)) {
+ free(rgbDataToWrite);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+ pAuth = &Auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_NV_WriteValueAuth_Internal(hContext, hNVStore,
+ offset, ulDataLength, rgbDataToWrite, pAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(rgbDataToWrite);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if ( pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_NV_ReadValue(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_NV_INDEX hNVStore;
+ UINT32 offset,ulDataLength, i;
+ BYTE *rgbDataRead = NULL;
+ TSS_RESULT result;
+ TPM_AUTH Auth, *pAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &Auth, 0, &data->comm))
+ pAuth = NULL;
+ else
+ pAuth = &Auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_NV_ReadValue_Internal(hContext, hNVStore,
+ offset, &ulDataLength, pAuth, &rgbDataRead);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if ( pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(rgbDataRead);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulDataLength, 0, &data->comm)) {
+ free(rgbDataRead);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbDataRead, ulDataLength, &data->comm)) {
+ free(rgbDataRead);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(rgbDataRead);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_NV_ReadValueAuth(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_NV_INDEX hNVStore;
+ UINT32 offset,ulDataLength, i;
+ BYTE *rgbDataRead = NULL;
+ TSS_RESULT result;
+ TPM_AUTH NVAuth, *pNVAuth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hNVStore, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &offset, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulDataLength, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &NVAuth, 0, &data->comm)) {
+ pNVAuth = NULL;
+ } else {
+ pNVAuth = &NVAuth;
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_NV_ReadValueAuth_Internal(hContext, hNVStore,
+ offset, &ulDataLength, pNVAuth, &rgbDataRead);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if ( pNVAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pNVAuth, 0, &data->comm)) {
+ free(rgbDataRead);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulDataLength, 0, &data->comm)) {
+ free(rgbDataRead);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbDataRead, ulDataLength, &data->comm)) {
+ free(rgbDataRead);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(rgbDataRead);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_oper.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_oper.c
new file mode 100644
index 0000000..56d982f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_oper.c
@@ -0,0 +1,60 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_SetOperatorAuth(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCPA_SECRET operatorAuth;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_SECRET, 1, &operatorAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_SetOperatorAuth_Internal(hContext, &operatorAuth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+done:
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_own.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_own.c
new file mode 100644
index 0000000..5c3e62c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_own.c
@@ -0,0 +1,176 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_TakeOwnership(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT16 protocolID;
+ UINT32 encOwnerAuthSize;
+ BYTE *encOwnerAuth;
+ UINT32 encSrkAuthSize;
+ BYTE *encSrkAuth;
+ UINT32 srkInfoSize;
+ BYTE *srkInfo;
+ TPM_AUTH ownerAuth;
+
+ UINT32 srkKeySize;
+ BYTE *srkKey;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT16, 1, &protocolID, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &encOwnerAuthSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ encOwnerAuth = calloc(1, encOwnerAuthSize);
+ if (encOwnerAuth == NULL) {
+ LogError("malloc of %d bytes failed.", encOwnerAuthSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, encOwnerAuth, encOwnerAuthSize, &data->comm)) {
+ free(encOwnerAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, &encSrkAuthSize, 0, &data->comm)) {
+ free(encOwnerAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ encSrkAuth = calloc(1, encSrkAuthSize);
+ if (encSrkAuth == NULL) {
+ LogError("malloc of %d bytes failed.", encSrkAuthSize);
+ free(encOwnerAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, encSrkAuth, encSrkAuthSize, &data->comm)) {
+ free(encOwnerAuth);
+ free(encSrkAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, 6, &srkInfoSize, 0, &data->comm)) {
+ free(encOwnerAuth);
+ free(encSrkAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ srkInfo = calloc(1, srkInfoSize);
+ if (srkInfo == NULL) {
+ LogError("malloc of %d bytes failed.", srkInfoSize);
+ free(encOwnerAuth);
+ free(encSrkAuth);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 7, srkInfo, srkInfoSize, &data->comm)) {
+ free(encOwnerAuth);
+ free(encSrkAuth);
+ free(srkInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 8, &ownerAuth, 0, &data->comm)) {
+ free(encOwnerAuth);
+ free(encSrkAuth);
+ free(srkInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_TakeOwnership_Internal(hContext, protocolID, encOwnerAuthSize, encOwnerAuth,
+ encSrkAuthSize, encSrkAuth, srkInfoSize, srkInfo,
+ &ownerAuth, &srkKeySize, &srkKey);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(encOwnerAuth);
+ free(encSrkAuth);
+ free(srkInfo);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &ownerAuth, 0, &data->comm)) {
+ free(srkKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &srkKeySize, 0, &data->comm)) {
+ free(srkKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, srkKey, srkKeySize, &data->comm)) {
+ free(srkKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(srkKey);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_OwnerClear(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ TPM_AUTH auth;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, &auth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_OwnerClear_Internal(hContext, &auth);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &auth, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_pcr_extend.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_pcr_extend.c
new file mode 100644
index 0000000..0bd1140
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_pcr_extend.c
@@ -0,0 +1,148 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_Extend(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 pcrIndex;
+ TCPA_DIGEST inDigest;
+ TSS_RESULT result;
+ TCPA_DIGEST outDigest;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 2, &inDigest, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Extend_Internal(hContext, pcrIndex, inDigest, &outDigest);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &outDigest, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_PcrRead(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 pcrIndex;
+ TCPA_DIGEST digest;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrIndex, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_PcrRead_Internal(hContext, pcrIndex, &digest);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 0, &digest, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_PcrReset(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 pcrDataSizeIn;
+ BYTE *pcrDataIn;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &pcrDataSizeIn, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ pcrDataIn = (BYTE *)malloc(pcrDataSizeIn);
+ if (pcrDataIn == NULL) {
+ LogError("malloc of %u bytes failed.", pcrDataSizeIn);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, pcrDataIn, pcrDataSizeIn, &data->comm)) {
+ free(pcrDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_PcrReset_Internal(hContext, pcrDataSizeIn, pcrDataIn);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(pcrDataIn);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_ps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_ps.c
new file mode 100644
index 0000000..46b07ef
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_ps.c
@@ -0,0 +1,531 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_RegisterKey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_UUID WrappingKeyUUID;
+ TSS_UUID KeyUUID;
+ UINT32 cKeySize;
+ BYTE *rgbKey;
+ UINT32 cVendorData;
+ BYTE *gbVendorData;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UUID, 1, &WrappingKeyUUID, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UUID, 2, &KeyUUID, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &cKeySize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbKey = calloc(1, cKeySize);
+ if (rgbKey == NULL) {
+ LogError("malloc of %d bytes failed.", cKeySize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbKey, cKeySize, &data->comm)) {
+ free(rgbKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, 5, &cVendorData, 0, &data->comm)) {
+ free(rgbKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (cVendorData == 0)
+ gbVendorData = NULL;
+ else {
+ gbVendorData = calloc(1, cVendorData);
+ if (gbVendorData == NULL) {
+ LogError("malloc of %d bytes failed.", cVendorData);
+ free(rgbKey);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 6, gbVendorData, cVendorData, &data->comm)) {
+ free(rgbKey);
+ free(gbVendorData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ result = TCS_RegisterKey_Internal(hContext, &WrappingKeyUUID, &KeyUUID,
+ cKeySize, rgbKey, cVendorData,
+ gbVendorData);
+ free(rgbKey);
+ free(gbVendorData);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_UnregisterKey(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_UUID uuid;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UUID, 1, &uuid, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = TCS_UnregisterKey_Internal(hContext, uuid);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetRegisteredKeyBlob(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_UUID uuid;
+ UINT32 pcKeySize;
+ BYTE *prgbKey;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UUID, 1, &uuid, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = TCS_GetRegisteredKeyBlob_Internal(hContext, &uuid, &pcKeySize,
+ &prgbKey);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pcKeySize, 0, &data->comm)) {
+ free(prgbKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, prgbKey, pcKeySize, &data->comm)) {
+ free(prgbKey);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(prgbKey);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_LoadKeyByUUID(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_UUID uuid;
+ TCS_LOADKEY_INFO info, *pInfo;
+ TCS_KEY_HANDLE phKeyTCSI;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UUID, 1, &uuid, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = getData(TCSD_PACKET_TYPE_LOADKEY_INFO, 2, &info, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pInfo = NULL;
+ else if (result)
+ return result;
+ else
+ pInfo = &info;
+
+ result = key_mgr_load_by_uuid(hContext, &uuid, pInfo, &phKeyTCSI);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &phKeyTCSI, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (pInfo != NULL) {
+ if (setData(TCSD_PACKET_TYPE_LOADKEY_INFO, 1, pInfo, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ } else {
+ if (result == TCSERR(TCS_E_KM_LOADFAILED) && pInfo != NULL) {
+ initData(&data->comm, 1);
+ if (setData(TCSD_PACKET_TYPE_LOADKEY_INFO, 0, pInfo, 0, &data->comm)) {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ }
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_EnumRegisteredKeys(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_UUID uuid, *pUuid;
+ UINT32 cKeyHierarchySize;
+ TSS_KM_KEYINFO *pKeyHierarchy;
+ unsigned int i, j;
+ TSS_RESULT result;
+
+ /* Receive */
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ result = getData(TCSD_PACKET_TYPE_UUID , 1, &uuid, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pUuid = NULL;
+ else if (result)
+ return result;
+ else
+ pUuid = &uuid;
+
+ result = TCS_EnumRegisteredKeys_Internal(
+ hContext,
+ pUuid,
+ &cKeyHierarchySize,
+ &pKeyHierarchy);
+
+ if (result == TSS_SUCCESS) {
+ i=0;
+ initData(&data->comm, cKeyHierarchySize + 1);
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &cKeyHierarchySize, 0, &data->comm)) {
+ free(pKeyHierarchy);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ for (j = 0; j < cKeyHierarchySize; j++) {
+ if (setData(TCSD_PACKET_TYPE_KM_KEYINFO, i++, &pKeyHierarchy[j], 0, &data->comm)) {
+ free(pKeyHierarchy);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ free(pKeyHierarchy);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_EnumRegisteredKeys2(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_UUID uuid, *pUuid;
+ UINT32 cKeyHierarchySize;
+ TSS_KM_KEYINFO2 *pKeyHierarchy;
+ unsigned int i, j;
+ TSS_RESULT result;
+
+ /* Receive */
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ result = getData(TCSD_PACKET_TYPE_UUID , 1, &uuid, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pUuid = NULL;
+ else if (result)
+ return result;
+ else
+ pUuid = &uuid;
+
+ result = TCS_EnumRegisteredKeys_Internal2(
+ hContext,
+ pUuid,
+ &cKeyHierarchySize,
+ &pKeyHierarchy);
+
+ if (result == TSS_SUCCESS) {
+ i=0;
+ initData(&data->comm, cKeyHierarchySize + 1);
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &cKeyHierarchySize, 0, &data->comm)) {
+ free(pKeyHierarchy);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ for (j = 0; j < cKeyHierarchySize; j++) {
+ if (setData(TCSD_PACKET_TYPE_KM_KEYINFO2, i++, &pKeyHierarchy[j], 0, &data->comm)) {
+ free(pKeyHierarchy);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ free(pKeyHierarchy);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetRegisteredKeyByPublicInfo(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ UINT32 algId, ulPublicInfoLength, keySize;
+ BYTE *rgbPublicInfo, *keyBlob;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &algId, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &ulPublicInfoLength, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbPublicInfo = (BYTE *)calloc(1, ulPublicInfoLength);
+ if (rgbPublicInfo == NULL) {
+ LogError("malloc of %d bytes failed.", ulPublicInfoLength);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, rgbPublicInfo, ulPublicInfoLength, &data->comm)) {
+ free(rgbPublicInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = TCSP_GetRegisteredKeyByPublicInfo_Internal(hContext, algId,
+ ulPublicInfoLength, rgbPublicInfo, &keySize, &keyBlob);
+
+ free(rgbPublicInfo);
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &keySize, 0, &data->comm)) {
+ free(keyBlob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, keyBlob, keySize, &data->comm)) {
+ free(keyBlob);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(keyBlob);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+void
+LoadBlob_LOADKEY_INFO(UINT64 *offset, BYTE *blob, TCS_LOADKEY_INFO *info)
+{
+ LoadBlob_UUID(offset, blob, info->keyUUID);
+ LoadBlob_UUID(offset, blob, info->parentKeyUUID);
+ LoadBlob(offset, TCPA_DIGEST_SIZE, blob, info->paramDigest.digest);
+ LoadBlob_UINT32(offset, info->authData.AuthHandle, blob);
+ LoadBlob(offset, TCPA_NONCE_SIZE, blob, info->authData.NonceOdd.nonce);
+ LoadBlob(offset, TCPA_NONCE_SIZE, blob, info->authData.NonceEven.nonce);
+ LoadBlob_BOOL(offset, info->authData.fContinueAuthSession, blob);
+ LoadBlob(offset, TCPA_AUTHDATA_SIZE, blob, (BYTE *)&info->authData.HMAC);
+}
+
+void
+UnloadBlob_LOADKEY_INFO(UINT64 *offset, BYTE *blob, TCS_LOADKEY_INFO *info)
+{
+ if (!info) {
+ UnloadBlob_UUID(offset, blob, NULL);
+ UnloadBlob_UUID(offset, blob, NULL);
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, NULL);
+ UnloadBlob_UINT32(offset, NULL, blob);
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, NULL);
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, NULL);
+ UnloadBlob_BOOL(offset, NULL, blob);
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, NULL);
+
+ return;
+ }
+
+ UnloadBlob_UUID(offset, blob, &info->keyUUID);
+ UnloadBlob_UUID(offset, blob, &info->parentKeyUUID);
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, info->paramDigest.digest);
+ UnloadBlob_UINT32(offset, &info->authData.AuthHandle, blob);
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, (BYTE *)&info->authData.NonceOdd.nonce);
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, (BYTE *)&info->authData.NonceEven.nonce);
+ UnloadBlob_BOOL(offset, &info->authData.fContinueAuthSession, blob);
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, (BYTE *)&info->authData.HMAC);
+}
+
+void
+LoadBlob_UUID(UINT64 *offset, BYTE * blob, TSS_UUID uuid)
+{
+ LoadBlob_UINT32(offset, uuid.ulTimeLow, blob);
+ LoadBlob_UINT16(offset, uuid.usTimeMid, blob);
+ LoadBlob_UINT16(offset, uuid.usTimeHigh, blob);
+ LoadBlob_BYTE(offset, uuid.bClockSeqHigh, blob);
+ LoadBlob_BYTE(offset, uuid.bClockSeqLow, blob);
+ LoadBlob(offset, 6, blob, uuid.rgbNode);
+}
+
+void
+UnloadBlob_UUID(UINT64 *offset, BYTE * blob, TSS_UUID *uuid)
+{
+ if (!uuid) {
+ UnloadBlob_UINT32(offset, NULL, blob);
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob_BYTE(offset, NULL, blob);
+ UnloadBlob_BYTE(offset, NULL, blob);
+ UnloadBlob(offset, 6, blob, NULL);
+
+ return;
+ }
+
+ memset(uuid, 0, sizeof(TSS_UUID));
+ UnloadBlob_UINT32(offset, &uuid->ulTimeLow, blob);
+ UnloadBlob_UINT16(offset, &uuid->usTimeMid, blob);
+ UnloadBlob_UINT16(offset, &uuid->usTimeHigh, blob);
+ UnloadBlob_BYTE(offset, &uuid->bClockSeqHigh, blob);
+ UnloadBlob_BYTE(offset, &uuid->bClockSeqLow, blob);
+ UnloadBlob(offset, 6, blob, uuid->rgbNode);
+}
+
+void
+LoadBlob_KM_KEYINFO(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO *info)
+{
+ LoadBlob_VERSION(offset, blob, (TPM_VERSION *)&(info->versionInfo));
+ LoadBlob_UUID(offset, blob, info->keyUUID);
+ LoadBlob_UUID(offset, blob, info->parentKeyUUID);
+ LoadBlob_BYTE(offset, info->bAuthDataUsage, blob);
+ LoadBlob_BOOL(offset, info->fIsLoaded, blob);
+ LoadBlob_UINT32(offset, info->ulVendorDataLength, blob);
+ LoadBlob(offset, info->ulVendorDataLength, blob, info->rgbVendorData);
+}
+
+void
+LoadBlob_KM_KEYINFO2(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO2 *info)
+{
+ LoadBlob_VERSION(offset, blob, (TPM_VERSION *)&(info->versionInfo));
+ LoadBlob_UUID(offset, blob, info->keyUUID);
+ LoadBlob_UUID(offset, blob, info->parentKeyUUID);
+ LoadBlob_BYTE(offset, info->bAuthDataUsage, blob);
+ /* Load the infos of the blob regarding the new data type TSS_KM_KEYINFO2 */
+ LoadBlob_UINT32(offset,info->persistentStorageType,blob);
+ LoadBlob_UINT32(offset, info->persistentStorageTypeParent,blob);
+
+ LoadBlob_BOOL(offset, info->fIsLoaded, blob);
+ LoadBlob_UINT32(offset, info->ulVendorDataLength, blob);
+ LoadBlob(offset, info->ulVendorDataLength, blob, info->rgbVendorData);
+}
+
+void
+UnloadBlob_KM_KEYINFO(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO *info)
+{
+ if (!info) {
+ UINT32 ulVendorDataLength;
+
+ UnloadBlob_VERSION(offset, blob, NULL);
+ UnloadBlob_UUID(offset, blob, NULL);
+ UnloadBlob_UUID(offset, blob, NULL);
+ UnloadBlob_BYTE(offset, blob, NULL);
+ UnloadBlob_BOOL(offset, NULL, blob);
+ UnloadBlob_UINT32(offset, &ulVendorDataLength, blob);
+
+ (*offset) += ulVendorDataLength;
+
+ return;
+ }
+
+ UnloadBlob_VERSION(offset, blob, (TPM_VERSION *)&(info->versionInfo));
+ UnloadBlob_UUID(offset, blob, &info->keyUUID);
+ UnloadBlob_UUID(offset, blob, &info->parentKeyUUID);
+ UnloadBlob_BYTE(offset, &info->bAuthDataUsage, blob);
+ UnloadBlob_BOOL(offset, &info->fIsLoaded, blob);
+ UnloadBlob_UINT32(offset, &info->ulVendorDataLength, blob);
+ UnloadBlob(offset, info->ulVendorDataLength, info->rgbVendorData, blob);
+}
+
+#if 0
+void
+UnloadBlob_KM_KEYINFO2(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO2 *info)
+{
+ UnloadBlob_VERSION(offset, blob, (TCPA_VERSION *)&(info->versionInfo));
+ UnloadBlob_UUID(offset, blob, &info->keyUUID);
+ UnloadBlob_UUID(offset, blob, &info->parentKeyUUID);
+ UnloadBlob_BYTE(offset, blob, &info->bAuthDataUsage);
+
+ /* Extract the infos of the blob regarding the new data type TSS_KM_KEYINFO2 */
+ UnloadBlob_UINT32(offset, &info->persistentStorageType, blob);
+ UnloadBlob_UINT32(offset, &info->persistentStorageTypeParent, blob);
+
+ UnloadBlob_BOOL(offset, &info->fIsLoaded, blob);
+ UnloadBlob_UINT32(offset, &info->ulVendorDataLength, blob);
+ UnloadBlob(offset, info->ulVendorDataLength, info->rgbVendorData, blob);
+}
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_quote.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_quote.c
new file mode 100644
index 0000000..d0762aa
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_quote.c
@@ -0,0 +1,129 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_Quote(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TCPA_NONCE antiReplay;
+ UINT32 pcrDataSizeIn;
+ BYTE *pcrDataIn;
+
+ TPM_AUTH privAuth;
+ TPM_AUTH *pPrivAuth;
+
+ UINT32 pcrDataSizeOut;
+ BYTE *pcrDataOut;
+ UINT32 sigSize;
+ BYTE *sig;
+ TSS_RESULT result;
+
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 2, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &pcrDataSizeIn, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ pcrDataIn = (BYTE *)calloc(1, pcrDataSizeIn);
+ if (pcrDataIn == NULL) {
+ LogError("malloc of %d bytes failed.", pcrDataSizeIn);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, pcrDataIn, pcrDataSizeIn, &data->comm)) {
+ free(pcrDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 5, &privAuth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pPrivAuth = NULL;
+ else if (result) {
+ free(pcrDataIn);
+ return result;
+ } else
+ pPrivAuth = &privAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Quote_Internal(hContext, hKey, antiReplay, pcrDataSizeIn, pcrDataIn,
+ pPrivAuth, &pcrDataSizeOut, &pcrDataOut, &sigSize, &sig);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(pcrDataIn);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 5);
+ if (pPrivAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) {
+ free(pcrDataOut);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcrDataSizeOut, 0, &data->comm)) {
+ free(pcrDataOut);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, pcrDataOut, pcrDataSizeOut, &data->comm)) {
+ free(pcrDataOut);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) {
+ free(pcrDataOut);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) {
+ free(pcrDataOut);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ free(pcrDataOut);
+ free(sig);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_quote2.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_quote2.c
new file mode 100644
index 0000000..a875883
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_quote2.c
@@ -0,0 +1,166 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_Quote2(struct tcsd_thread_data *data)
+{
+ /* Data to be forwarded to the next level */
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TCPA_NONCE antiReplay;
+ UINT32 pcrDataSizeIn;
+ BYTE *pcrDataIn;
+ TSS_BOOL addVersion;
+ TPM_AUTH privAuth; /* in/out */
+ TPM_AUTH *pPrivAuth;
+
+ UINT32 pcrDataSizeOut;
+ BYTE *pcrDataOut;
+
+ UINT32 versionInfoSize;
+ BYTE * versionInfo;
+
+ UINT32 sigSize;
+ BYTE *sig;
+ TSS_RESULT result;
+
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 2, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &pcrDataSizeIn, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ pcrDataIn = (BYTE *)calloc(1, pcrDataSizeIn);
+ if (pcrDataIn == NULL) {
+ LogError("malloc of %u bytes failed.", pcrDataSizeIn);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, pcrDataIn, pcrDataSizeIn, &data->comm)) {
+ free(pcrDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_BOOL,5,&addVersion, 0, &data->comm)) {
+ free(pcrDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ result = getData(TCSD_PACKET_TYPE_AUTH, 6, &privAuth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pPrivAuth = NULL;
+ else if (result) {
+ free(pcrDataIn);
+ return result;
+ } else
+ pPrivAuth = &privAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Quote2_Internal(hContext, hKey, antiReplay, pcrDataSizeIn, pcrDataIn,
+ addVersion,pPrivAuth, &pcrDataSizeOut, &pcrDataOut, &versionInfoSize,
+ &versionInfo,&sigSize, &sig);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(pcrDataIn);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+
+ initData(&data->comm,7); /* Add versionInfoSize and versionInfo */
+ if (pPrivAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) {
+ free(pcrDataOut);
+ /* It's a null pointer when addVersion == FALSE */
+ if (addVersion)
+ free(versionInfo);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pcrDataSizeOut, 0, &data->comm)) {
+ free(pcrDataOut);
+ if (addVersion)
+ free(versionInfo);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, pcrDataOut, pcrDataSizeOut, &data->comm)) {
+ free(pcrDataOut);
+ if (addVersion)
+ free(versionInfo);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &versionInfoSize, 0, &data->comm)) {
+ free(pcrDataOut);
+ free(versionInfo);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (versionInfoSize > 0){
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, versionInfo, versionInfoSize, &data->comm)) {
+ free(pcrDataOut);
+ free(versionInfo);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) {
+ free(pcrDataOut);
+ if (addVersion)
+ free(versionInfo);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) {
+ free(pcrDataOut);
+ if (addVersion)
+ free(versionInfo);
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ free(pcrDataOut);
+ if (versionInfoSize >0)
+ free(versionInfo);
+ free(sig);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_random.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_random.c
new file mode 100644
index 0000000..1664716
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_random.c
@@ -0,0 +1,113 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_GetRandom(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 bytesRequested;
+ BYTE *randomBytes = NULL;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &bytesRequested, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_GetRandom_Internal(hContext, &bytesRequested, &randomBytes);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &bytesRequested, 0, &data->comm)) {
+ free(randomBytes);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, randomBytes, bytesRequested, &data->comm)) {
+ free(randomBytes);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(randomBytes);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_StirRandom(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 inDataSize;
+ BYTE *inData;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &inDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ inData = calloc(1, inDataSize);
+ if (inData == NULL) {
+ LogError("malloc of %d bytes failed.", inDataSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, inData, inDataSize, &data->comm)) {
+ free(inData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_StirRandom_Internal(hContext, inDataSize, inData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(inData);
+done:
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_seal.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_seal.c
new file mode 100644
index 0000000..d7ff087
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_seal.c
@@ -0,0 +1,257 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_common_Seal(UINT32 sealOrdinal,
+ struct tcsd_thread_data *data)
+{
+ TSS_RESULT result;
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE keyHandle;
+ TCPA_ENCAUTH KeyUsageAuth;
+ UINT32 PCRInfoSize, inDataSize;
+ BYTE *PCRInfo = NULL, *inData = NULL;
+ TPM_AUTH emptyAuth, pubAuth, *pAuth;
+ UINT32 outDataSize;
+ BYTE *outData;
+
+ int i = 0;
+
+ memset(&emptyAuth, 0, sizeof(TPM_AUTH));
+ memset(&pubAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &keyHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_ENCAUTH, i++, &KeyUsageAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &PCRInfoSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (PCRInfoSize > 0) {
+ PCRInfo = calloc(1, PCRInfoSize);
+ if (PCRInfo == NULL) {
+ LogError("malloc of %u bytes failed.", PCRInfoSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, PCRInfo, PCRInfoSize, &data->comm)) {
+ free(PCRInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &inDataSize, 0, &data->comm)) {
+ free(PCRInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (inDataSize > 0) {
+ inData = calloc(1, inDataSize);
+ if (inData == NULL) {
+ LogError("malloc of %u bytes failed.", inDataSize);
+ free(PCRInfo);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, inData, inDataSize, &data->comm)) {
+ free(inData);
+ free(PCRInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, i++, &pubAuth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pAuth = NULL;
+ else if (result) {
+ free(inData);
+ free(PCRInfo);
+ return result;
+ } else
+ pAuth = &pubAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Seal_Internal(sealOrdinal, hContext, keyHandle, KeyUsageAuth, PCRInfoSize,
+ PCRInfo, inDataSize, inData, pAuth, &outDataSize, &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(inData);
+ free(PCRInfo);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (pAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &outDataSize, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, outData, outDataSize, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_Seal(struct tcsd_thread_data *data)
+{
+ return tcs_common_Seal(TPM_ORD_Seal, data);
+}
+
+#ifdef TSS_BUILD_SEALX
+TSS_RESULT
+tcs_wrap_Sealx(struct tcsd_thread_data *data)
+{
+ return tcs_common_Seal(TPM_ORD_Sealx, data);
+}
+#endif
+
+TSS_RESULT
+tcs_wrap_UnSeal(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE parentHandle;
+ UINT32 inDataSize;
+ BYTE *inData;
+
+ TPM_AUTH parentAuth, dataAuth, emptyAuth;
+ TPM_AUTH *pParentAuth, *pDataAuth;
+
+ UINT32 outDataSize;
+ BYTE *outData;
+ TSS_RESULT result;
+
+ memset(&emptyAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ inData = calloc(1, inDataSize);
+ if (inData == NULL) {
+ LogError("malloc of %d bytes failed.", inDataSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &data->comm)) {
+ free(inData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 4, &parentAuth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pParentAuth = NULL;
+ else if (result) {
+ free(inData);
+ return result;
+ } else
+ pParentAuth = &parentAuth;
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 5, &dataAuth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE) {
+ pDataAuth = pParentAuth;
+ pParentAuth = NULL;
+ } else if (result) {
+ free(inData);
+ return result;
+ } else
+ pDataAuth = &dataAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Unseal_Internal(hContext, parentHandle, inDataSize, inData, pParentAuth,
+ pDataAuth, &outDataSize, &outData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(inData);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 4);
+ if (pParentAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pParentAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &emptyAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, &dataAuth, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &outDataSize, 0, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 3, outData, outDataSize, &data->comm)) {
+ free(outData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(outData);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_selftest.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_selftest.c
new file mode 100644
index 0000000..ee353c8
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_selftest.c
@@ -0,0 +1,157 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_SelfTestFull(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_SelfTestFull_Internal(hContext);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ initData(&data->comm, 0);
+ data->comm.hdr.u.result = result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_CertifySelfTest(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ UINT32 sigSize;
+ BYTE *sigData = NULL;
+ TCS_KEY_HANDLE hKey;
+ TCPA_NONCE antiReplay;
+ TPM_AUTH privAuth;
+ TPM_AUTH *pPrivAuth;
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 2, &antiReplay, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = getData(TCSD_PACKET_TYPE_AUTH, 3, &privAuth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pPrivAuth = NULL;
+ else if (result)
+ return result;
+ else
+ pPrivAuth = &privAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_CertifySelfTest_Internal(hContext, hKey, antiReplay, pPrivAuth, &sigSize,
+ &sigData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ i = 0;
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 3);
+ if (pPrivAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pPrivAuth, 0, &data->comm)) {
+ free(sigData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) {
+ free(sigData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sigData, sigSize, &data->comm)) {
+ free(sigData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(sigData);
+ } else
+done: initData(&data->comm, 0);
+
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_GetTestResult(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TSS_RESULT result;
+ UINT32 resultDataSize;
+ BYTE *resultData = NULL;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_GetTestResult_Internal(hContext, &resultDataSize, &resultData);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &resultDataSize, 0, &data->comm)) {
+ free(resultData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, resultData, resultDataSize, &data->comm)) {
+ free(resultData);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(resultData);
+ } else
+ initData(&data->comm, 0);
+
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_sign.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_sign.c
new file mode 100644
index 0000000..0bfdcee
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_sign.c
@@ -0,0 +1,109 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_Sign(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ UINT32 areaToSignSize;
+ BYTE *areaToSign;
+
+ TPM_AUTH auth;
+ TPM_AUTH *pAuth;
+
+ UINT32 sigSize;
+ BYTE *sig;
+ TSS_RESULT result;
+
+ int i;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &areaToSignSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ areaToSign = calloc(1, areaToSignSize);
+ if (areaToSign == NULL) {
+ LogError("malloc of %d bytes failed.", areaToSignSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, areaToSign, areaToSignSize, &data->comm)) {
+ free(areaToSign);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ result = getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm);
+ if (result == TSS_TCP_RPC_BAD_PACKET_TYPE)
+ pAuth = NULL;
+ else if (result) {
+ free(areaToSign);
+ return result;
+ } else
+ pAuth = &auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_Sign_Internal(hContext, hKey, areaToSignSize, areaToSign, pAuth, &sigSize,
+ &sig);
+
+ MUTEX_UNLOCK(tcsp_lock);
+ free(areaToSign);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 3);
+ if (pAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, &auth, 0, &data->comm)) {
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) {
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) {
+ free(sig);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(sig);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_tick.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_tick.c
new file mode 100644
index 0000000..98a140f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_tick.c
@@ -0,0 +1,141 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_ReadCurrentTicks(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ UINT32 pulCurrentTime;
+ BYTE *prgbCurrentTime;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ReadCurrentTicks_Internal(hContext, &pulCurrentTime, &prgbCurrentTime);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 2);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &pulCurrentTime, 0, &data->comm)) {
+ free(prgbCurrentTime);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 1, prgbCurrentTime, pulCurrentTime,
+ &data->comm)) {
+ free(prgbCurrentTime);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(prgbCurrentTime);
+ } else
+ initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_TickStampBlob(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hKey;
+ TPM_AUTH auth, *pAuth;
+ TPM_NONCE nonce;
+ TPM_DIGEST digest;
+ UINT32 sigSize, tcSize, i;
+ BYTE *sig, *tc;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 2, &nonce, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 3, &digest, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &auth, 0, &data->comm))
+ pAuth = NULL;
+ else
+ pAuth = &auth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_TickStampBlob_Internal(hContext, hKey, &nonce, &digest, pAuth, &sigSize, &sig,
+ &tcSize, &tc);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 5);
+ i = 0;
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(sig);
+ free(tc);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &sigSize, 0, &data->comm)) {
+ free(sig);
+ free(tc);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, sig, sigSize, &data->comm)) {
+ free(sig);
+ free(tc);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &tcSize, 0, &data->comm)) {
+ free(sig);
+ free(tc);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, tc, tcSize, &data->comm)) {
+ free(sig);
+ free(tc);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_transport.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_transport.c
new file mode 100644
index 0000000..d943d24
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/rpc/tcstp/rpc_transport.c
@@ -0,0 +1,406 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <string.h>
+#include <netdb.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_utils.h"
+#include "rpc_tcstp_tcs.h"
+
+
+TSS_RESULT
+tcs_wrap_EstablishTransport(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hEncKey, hTransSession;
+ UINT32 ulTransControlFlags, ulTransSessionInfoSize, ulSecretSize, ulCurrentTicks, i;
+ BYTE *rgbTransSessionInfo, *rgbSecret, *prgbCurrentTicks;
+ TPM_MODIFIER_INDICATOR pbLocality;
+ TPM_AUTH pEncKeyAuth, *pAuth;
+ TPM_NONCE pTransNonce;
+ TSS_RESULT result;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &ulTransControlFlags, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, &hEncKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 3, &ulTransSessionInfoSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbTransSessionInfo = malloc(ulTransSessionInfoSize);
+ if (rgbTransSessionInfo == NULL) {
+ LogError("malloc of %u bytes failed.", ulTransSessionInfoSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 4, rgbTransSessionInfo, ulTransSessionInfoSize,
+ &data->comm)) {
+ free(rgbTransSessionInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 5, &ulSecretSize, 0, &data->comm)) {
+ free(rgbTransSessionInfo);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ rgbSecret = malloc(ulSecretSize);
+ if (rgbSecret == NULL) {
+ free(rgbTransSessionInfo);
+ LogError("malloc of %u bytes failed.", ulSecretSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 6, rgbSecret, ulSecretSize, &data->comm)) {
+ free(rgbTransSessionInfo);
+ free(rgbSecret);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 7, &pEncKeyAuth, 0, &data->comm))
+ pAuth = NULL;
+ else
+ pAuth = &pEncKeyAuth;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_EstablishTransport_Internal(hContext, ulTransControlFlags, hEncKey,
+ ulTransSessionInfoSize, rgbTransSessionInfo,
+ ulSecretSize, rgbSecret, pAuth, &pbLocality,
+ &hTransSession, &ulCurrentTicks,
+ &prgbCurrentTicks, &pTransNonce);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(rgbSecret);
+ free(rgbTransSessionInfo);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 6);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &hTransSession, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulCurrentTicks, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, prgbCurrentTicks, ulCurrentTicks,
+ &data->comm)) {
+ free(prgbCurrentTicks);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(prgbCurrentTicks);
+ if (setData(TCSD_PACKET_TYPE_NONCE, i++, &pTransNonce, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ExecuteTransport(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TPM_COMMAND_CODE unWrappedCommandOrdinal;
+ TCS_HANDLE *rghHandles = NULL, handles[2];
+ UINT32 ulWrappedCmdDataInSize, pulHandleListSize, ulWrappedCmdDataOutSize, i = 0;
+ BYTE *rgbWrappedCmdDataIn, *rgbWrappedCmdDataOut;
+ TPM_MODIFIER_INDICATOR pbLocality;
+ TPM_AUTH pWrappedCmdAuth1, pWrappedCmdAuth2, pTransAuth, *pAuth1, *pAuth2, null_auth;
+ UINT64 punCurrentTicks;
+ TSS_RESULT result, pulWrappedCmdReturnCode;
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &unWrappedCommandOrdinal, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataInSize, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rgbWrappedCmdDataIn = malloc(ulWrappedCmdDataInSize);
+ if (rgbWrappedCmdDataIn == NULL) {
+ LogError("malloc of %u bytes failed", ulWrappedCmdDataInSize);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataIn, ulWrappedCmdDataInSize,
+ &data->comm)) {
+ free(rgbWrappedCmdDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) {
+ free(rgbWrappedCmdDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (pulHandleListSize > 2) {
+ free(rgbWrappedCmdDataIn);
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if (pulHandleListSize) {
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, handles,
+ pulHandleListSize * sizeof(UINT32), &data->comm)) {
+ free(rgbWrappedCmdDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ rghHandles = handles;
+
+ memset(&null_auth, 0, sizeof(TPM_AUTH));
+ memset(&pWrappedCmdAuth1, 0, sizeof(TPM_AUTH));
+ memset(&pWrappedCmdAuth2, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth1, 0, &data->comm)) {
+ free(rgbWrappedCmdDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pWrappedCmdAuth2, 0, &data->comm)) {
+ free(rgbWrappedCmdDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) {
+ free(rgbWrappedCmdDataIn);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (!memcmp(&pWrappedCmdAuth1, &null_auth, sizeof(TPM_AUTH)))
+ pAuth1 = NULL;
+ else
+ pAuth1 = &pWrappedCmdAuth1;
+
+ if (!memcmp(&pWrappedCmdAuth2, &null_auth, sizeof(TPM_AUTH)))
+ pAuth2 = NULL;
+ else
+ pAuth2 = &pWrappedCmdAuth2;
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ExecuteTransport_Internal(hContext, unWrappedCommandOrdinal,
+ ulWrappedCmdDataInSize, rgbWrappedCmdDataIn,
+ &pulHandleListSize, &rghHandles, pAuth1, pAuth2,
+ &pTransAuth, &punCurrentTicks, &pbLocality,
+ &pulWrappedCmdReturnCode, &ulWrappedCmdDataOutSize,
+ &rgbWrappedCmdDataOut);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ free(rgbWrappedCmdDataIn);
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ initData(&data->comm, 10);
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulHandleListSize, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (pulHandleListSize) {
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rghHandles,
+ pulHandleListSize * sizeof(UINT32), &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (pAuth1) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth1, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (pAuth2) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pAuth2, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, &null_auth, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, &pTransAuth, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT64, i++, &punCurrentTicks, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pbLocality, 0, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &pulWrappedCmdReturnCode, 0,
+ &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &ulWrappedCmdDataOutSize, 0,
+ &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (ulWrappedCmdDataOutSize) {
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, rgbWrappedCmdDataOut,
+ ulWrappedCmdDataOutSize, &data->comm)) {
+ free(rgbWrappedCmdDataOut);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ free(rgbWrappedCmdDataOut);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcs_wrap_ReleaseTransportSigned(struct tcsd_thread_data *data)
+{
+ TCS_CONTEXT_HANDLE hContext;
+ TCS_KEY_HANDLE hSignatureKey;
+ TPM_NONCE AntiReplayNonce;
+ UINT32 pulCurrentTicks, pulSignatureSize;
+ BYTE *prgbCurrentTicks, *prgbSignature;
+ TPM_MODIFIER_INDICATOR pbLocality;
+ TPM_AUTH pKeyAuth, pTransAuth, *pAuth, null_auth;
+ TSS_RESULT result;
+
+ memset(&null_auth, 0, sizeof(TPM_AUTH));
+ memset(&pKeyAuth, 0, sizeof(TPM_AUTH));
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, &hContext, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebugFn("thread %ld context %x", THREAD_ID, hContext);
+
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, &hSignatureKey, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 2, &AntiReplayNonce, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 3, &pKeyAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (!memcmp(&null_auth, &pKeyAuth, sizeof(TPM_AUTH)))
+ pAuth = NULL;
+ else
+ pAuth = &pKeyAuth;
+
+ if (getData(TCSD_PACKET_TYPE_AUTH, 4, &pTransAuth, 0, &data->comm))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+
+ MUTEX_LOCK(tcsp_lock);
+
+ result = TCSP_ReleaseTransportSigned_Internal(hContext, hSignatureKey, &AntiReplayNonce,
+ pAuth, &pTransAuth, &pbLocality,
+ &pulCurrentTicks, &prgbCurrentTicks,
+ &pulSignatureSize, &prgbSignature);
+
+ MUTEX_UNLOCK(tcsp_lock);
+
+ if (result == TSS_SUCCESS) {
+ initData(&data->comm, 7);
+ if (pAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, pAuth, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 0, &null_auth, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, &pTransAuth, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &pbLocality, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_UINT32, 3, &pulCurrentTicks, 0, &data->comm)) {
+ free(prgbCurrentTicks);
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 4, prgbCurrentTicks, pulCurrentTicks,
+ &data->comm)) {
+ free(prgbCurrentTicks);
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(prgbCurrentTicks);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 5, &pulSignatureSize, 0, &data->comm)) {
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 6, prgbSignature, pulSignatureSize,
+ &data->comm)) {
+ free(prgbSignature);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ free(prgbSignature);
+ } else
+done: initData(&data->comm, 0);
+
+ data->comm.hdr.u.result = result;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_aik.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_aik.c
new file mode 100644
index 0000000..3c4c928
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_aik.c
@@ -0,0 +1,147 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcs_aik.h"
+
+void
+LoadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key)
+{
+ LoadBlob_UINT32(offset, key->algId, blob);
+ LoadBlob_UINT16(offset, key->encScheme, blob);
+ LoadBlob_UINT16(offset, key->size, blob);
+
+ if (key->size > 0) {
+ LoadBlob(offset, key->size, blob, key->data);
+ } else {
+ key->data = NULL;
+ }
+}
+
+TSS_RESULT
+UnloadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key)
+{
+ if (!key) {
+ UINT16 size;
+
+ UnloadBlob_UINT32(offset, NULL, blob);
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob_UINT16(offset, &size, blob);
+
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_UINT32(offset, &key->algId, blob);
+ UnloadBlob_UINT16(offset, &key->encScheme, blob);
+ UnloadBlob_UINT16(offset, &key->size, blob);
+
+ if (key->size > 0) {
+ key->data = (BYTE *)malloc(key->size);
+ if (key->data == NULL) {
+ LogError("malloc of %hu bytes failed.", key->size);
+ key->size = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, key->size, blob, key->data);
+ } else {
+ key->data = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+get_credential(UINT32 type, UINT32 *size, BYTE **cred)
+{
+ int rc, fd;
+ char *path = NULL;
+ void *file = NULL;
+ struct stat stat_buf;
+ size_t file_size;
+
+ switch (type) {
+ case TSS_TCS_CREDENTIAL_PLATFORMCERT:
+ path = tcsd_options.platform_cred;
+ break;
+ case TSS_TCS_CREDENTIAL_TPM_CC:
+ path = tcsd_options.conformance_cred;
+ break;
+ case TSS_TCS_CREDENTIAL_EKCERT:
+ path = tcsd_options.endorsement_cred;
+ break;
+ default:
+ LogDebugFn("Bad credential type");
+ break;
+ }
+
+ if (path == NULL)
+ goto done;
+
+ if ((fd = open(path, O_RDONLY)) < 0) {
+ LogError("open(%s): %s", path, strerror(errno));
+ goto done;
+ }
+
+ if ((rc = fstat(fd, &stat_buf)) == -1) {
+ LogError("Error stating credential: %s: %s", path, strerror(errno));
+ close(fd);
+ goto done;
+ }
+
+ file_size = (size_t)stat_buf.st_size;
+
+ LogDebugFn("%s, (%zd bytes)", path, file_size);
+
+ file = mmap(0, file_size, PROT_READ, MAP_PRIVATE, fd, 0);
+ if (file == MAP_FAILED) {
+ LogError("Error reading credential: %s: %s", path, strerror(errno));
+ close(fd);
+ goto done;
+ }
+ close(fd);
+
+ if ((*cred = malloc(file_size)) == NULL) {
+ LogError("malloc of %zd bytes failed.", file_size);
+ munmap(file, file_size);
+ goto done;
+ }
+
+ memcpy(*cred, file, file_size);
+ *size = file_size;
+ munmap(file, file_size);
+
+ return;
+done:
+ *cred = NULL;
+ *size = 0;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_auth_mgr.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_auth_mgr.c
new file mode 100644
index 0000000..4c7f47a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_auth_mgr.c
@@ -0,0 +1,590 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <limits.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "auth_mgr.h"
+#include "req_mgr.h"
+
+
+MUTEX_DECLARE_EXTERN(tcsp_lock);
+
+/* Note: The after taking the auth_mgr_lock in any of the functions below, the
+ * mem_cache_lock cannot be taken without risking a deadlock. So, the auth_mgr
+ * functions must be "self-contained" wrt locking */
+
+/* no locking done in init since its called by only a single thread */
+TSS_RESULT
+auth_mgr_init()
+{
+ memset(&auth_mgr, 0, sizeof(struct _auth_mgr));
+
+ auth_mgr.max_auth_sessions = tpm_metrics.num_auths;
+
+ auth_mgr.overflow = calloc(TSS_DEFAULT_OVERFLOW_AUTHS, sizeof(COND_VAR *));
+ if (auth_mgr.overflow == NULL) {
+ LogError("malloc of %zd bytes failed",
+ (TSS_DEFAULT_OVERFLOW_AUTHS * sizeof(COND_VAR *)));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ auth_mgr.overflow_size = TSS_DEFAULT_OVERFLOW_AUTHS;
+
+ auth_mgr.auth_mapper = calloc(TSS_DEFAULT_AUTH_TABLE_SIZE, sizeof(struct auth_map));
+ if (auth_mgr.auth_mapper == NULL) {
+ LogError("malloc of %zd bytes failed",
+ (TSS_DEFAULT_AUTH_TABLE_SIZE * sizeof(struct auth_map)));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ auth_mgr.auth_mapper_size = TSS_DEFAULT_AUTH_TABLE_SIZE;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+auth_mgr_final()
+{
+ UINT32 i;
+
+ /* wake up any sleeping threads, so they can be joined */
+ for (i = 0; i < auth_mgr.overflow_size; i++) {
+ if (auth_mgr.overflow[i] != NULL)
+ COND_SIGNAL(auth_mgr.overflow[i]);
+ }
+
+ free(auth_mgr.overflow);
+ free(auth_mgr.auth_mapper);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+auth_mgr_save_ctx(TCS_CONTEXT_HANDLE hContext)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT32 i;
+
+ for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
+ if (auth_mgr.auth_mapper[i].full == TRUE &&
+ auth_mgr.auth_mapper[i].swap == NULL &&
+ auth_mgr.auth_mapper[i].tcs_ctx != hContext) {
+ LogDebug("Calling TPM_SaveAuthContext for TCS CTX %x. Swapping out: TCS %x "
+ "TPM %x", hContext, auth_mgr.auth_mapper[i].tcs_ctx,
+ auth_mgr.auth_mapper[i].tpm_handle);
+
+ if ((result = TPM_SaveAuthContext(auth_mgr.auth_mapper[i].tpm_handle,
+ &auth_mgr.auth_mapper[i].swap_size,
+ &auth_mgr.auth_mapper[i].swap))) {
+ LogDebug("TPM_SaveAuthContext failed: 0x%x", result);
+ return result;
+ }
+ break;
+ }
+ }
+
+ return result;
+}
+
+/* if there's a TCS context waiting to get auth, wake it up or swap it in */
+void
+auth_mgr_swap_in()
+{
+ if (auth_mgr.overflow[auth_mgr.of_tail] != NULL) {
+ LogDebug("waking up thread %lddd, auth slot has opened", THREAD_ID);
+ /* wake up the next sleeping thread in order and increment tail */
+ COND_SIGNAL(auth_mgr.overflow[auth_mgr.of_tail]);
+ auth_mgr.overflow[auth_mgr.of_tail] = NULL;
+ auth_mgr.of_tail = (auth_mgr.of_tail + 1) % auth_mgr.overflow_size;
+ } else {
+ /* else nobody needs to be swapped in, so continue */
+ LogDebug("no threads need to be signaled.");
+ }
+}
+
+/* we need to swap out an auth context or add a waiting context to the overflow queue */
+TSS_RESULT
+auth_mgr_swap_out(TCS_CONTEXT_HANDLE hContext)
+{
+ COND_VAR *cond;
+
+ /* If the TPM can do swapping and it succeeds, return, else cond wait below */
+ if (tpm_metrics.authctx_swap && !auth_mgr_save_ctx(hContext))
+ return TSS_SUCCESS;
+
+ if ((cond = ctx_get_cond_var(hContext)) == NULL) {
+ LogError("Auth swap variable not found for TCS context 0x%x", hContext);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* Test whether we are the last awake thread. If we are, we can't go to sleep
+ * since then there'd be no worker thread to wake the others up. This situation
+ * can arise when we're on a busy system who's TPM doesn't support auth ctx
+ * swapping.
+ */
+ if (auth_mgr.sleeping_threads == (tcsd_options.num_threads - 1)) {
+ LogError("auth mgr failing: too many threads already waiting");
+ LogTPMERR(TCPA_E_RESOURCES, __FILE__, __LINE__);
+ return TCPA_E_RESOURCES;
+ }
+
+ if (auth_mgr.overflow[auth_mgr.of_head] == NULL) {
+ auth_mgr.overflow[auth_mgr.of_head] = cond;
+ auth_mgr.of_head = (auth_mgr.of_head + 1) % auth_mgr.overflow_size;
+ /* go to sleep */
+ LogDebug("thread %lddd going to sleep until auth slot opens", THREAD_ID);
+ auth_mgr.sleeping_threads++;
+ COND_WAIT(cond, &tcsp_lock);
+ auth_mgr.sleeping_threads--;
+ } else if (auth_mgr.overflow_size + TSS_DEFAULT_OVERFLOW_AUTHS < UINT_MAX) {
+ COND_VAR **tmp = auth_mgr.overflow;
+
+ LogDebugFn("Table of sleeping threads is full (%hu), growing to %hu entries",
+ auth_mgr.sleeping_threads,
+ auth_mgr.overflow_size + TSS_DEFAULT_OVERFLOW_AUTHS);
+
+ auth_mgr.overflow = calloc(auth_mgr.overflow_size + TSS_DEFAULT_OVERFLOW_AUTHS,
+ sizeof(COND_VAR *));
+ if (auth_mgr.overflow == NULL) {
+ LogDebugFn("malloc of %zd bytes failed",
+ (auth_mgr.overflow_size + TSS_DEFAULT_OVERFLOW_AUTHS) *
+ sizeof(COND_VAR *));
+ auth_mgr.overflow = tmp;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ auth_mgr.overflow_size += TSS_DEFAULT_OVERFLOW_AUTHS;
+
+ LogDebugFn("Success.");
+ memcpy(auth_mgr.overflow, tmp, auth_mgr.sleeping_threads * sizeof(COND_VAR *));
+ free(tmp);
+
+ /* XXX This could temporarily wake threads up out of order */
+ auth_mgr.of_head = auth_mgr.sleeping_threads;
+ auth_mgr.of_tail = 0;
+ auth_mgr.overflow[auth_mgr.of_head] = cond;
+ auth_mgr.of_head = (auth_mgr.of_head + 1) % auth_mgr.overflow_size;
+ LogDebug("thread %lddd going to sleep until auth slot opens", THREAD_ID);
+ auth_mgr.sleeping_threads++;
+ COND_WAIT(cond, &tcsp_lock);
+ auth_mgr.sleeping_threads--;
+ } else {
+ LogError("Auth table overflow is full (%u entries), some will fail.",
+ auth_mgr.overflow_size);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+/* close all auth contexts associated with this TCS_CONTEXT_HANDLE */
+TSS_RESULT
+auth_mgr_close_context(TCS_CONTEXT_HANDLE tcs_handle)
+{
+ UINT32 i;
+ TSS_RESULT result;
+
+ for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
+ if (auth_mgr.auth_mapper[i].full == TRUE &&
+ auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
+ if (auth_mgr.auth_mapper[i].swap) {
+ /* This context is swapped out of the TPM, so we can just free the
+ * blob */
+ free(auth_mgr.auth_mapper[i].swap);
+ auth_mgr.auth_mapper[i].swap = NULL;
+ auth_mgr.auth_mapper[i].swap_size = 0;
+ } else {
+ result = TCSP_FlushSpecific_Common(auth_mgr.auth_mapper[i].tpm_handle,
+ TPM_RT_AUTH);
+
+ /* Ok, probably dealing with a 1.1 TPM */
+ if (result == TPM_E_BAD_ORDINAL)
+ result = internal_TerminateHandle(
+ auth_mgr.auth_mapper[i].tpm_handle);
+
+ if (result == TCPA_E_INVALID_AUTHHANDLE) {
+ LogDebug("Tried to close an invalid auth handle: %x",
+ auth_mgr.auth_mapper[i].tpm_handle);
+ } else if (result != TCPA_SUCCESS) {
+ LogDebug("TPM_TerminateHandle returned %d", result);
+ }
+ }
+ /* clear the slot */
+ auth_mgr.open_auth_sessions--;
+ auth_mgr.auth_mapper[i].full = FALSE;
+ auth_mgr.auth_mapper[i].tpm_handle = 0;
+ auth_mgr.auth_mapper[i].tcs_ctx = 0;
+ LogDebug("released auth for TCS %x TPM %x", tcs_handle,
+ auth_mgr.auth_mapper[i].tpm_handle);
+
+ auth_mgr_swap_in();
+ }
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+auth_mgr_release_auth(TPM_AUTH *auth0, TPM_AUTH *auth1, TCS_CONTEXT_HANDLE tcs_handle)
+{
+ if (auth0)
+ auth_mgr_release_auth_handle(auth0->AuthHandle, tcs_handle,
+ auth0->fContinueAuthSession);
+
+ if (auth1)
+ auth_mgr_release_auth_handle(auth1->AuthHandle, tcs_handle,
+ auth1->fContinueAuthSession);
+}
+
+/* unload the auth ctx associated with this auth handle */
+TSS_RESULT
+auth_mgr_release_auth_handle(TCS_AUTHHANDLE tpm_auth_handle, TCS_CONTEXT_HANDLE tcs_handle,
+ TSS_BOOL cont)
+{
+ UINT32 i;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
+ if (auth_mgr.auth_mapper[i].full == TRUE &&
+ auth_mgr.auth_mapper[i].tpm_handle == tpm_auth_handle &&
+ auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
+ if (!cont) {
+ /*
+ * This function should not be necessary, but
+ * if the main operation resulted in an error,
+ * the TPM may still hold the auth handle
+ * and it must be freed. Most of the time
+ * this call will result in TPM_E_INVALID_AUTHHANDLE
+ * error which can be ignored.
+ */
+ result = TCSP_FlushSpecific_Common(
+ auth_mgr.auth_mapper[i].tpm_handle,
+ TPM_RT_AUTH);
+
+ /* Ok, probably dealing with a 1.1 TPM */
+ if (result == TPM_E_BAD_ORDINAL)
+ result = internal_TerminateHandle(
+ auth_mgr.auth_mapper[i].tpm_handle);
+
+ if (result == TCPA_E_INVALID_AUTHHANDLE) {
+ LogDebug("Tried to close an invalid auth handle: %x",
+ auth_mgr.auth_mapper[i].tpm_handle);
+ } else if (result != TCPA_SUCCESS) {
+ LogDebug("TPM_TerminateHandle returned %d", result);
+ }
+
+ if (result == TPM_SUCCESS) {
+ LogDebug("released auth for TCS %x TPM %x",
+ auth_mgr.auth_mapper[i].tcs_ctx, tpm_auth_handle);
+ }
+ /*
+ * Mark it as released, the "cont" flag indicates
+ * that it is no longer needed.
+ */
+ auth_mgr.open_auth_sessions--;
+ auth_mgr.auth_mapper[i].full = FALSE;
+ auth_mgr.auth_mapper[i].tpm_handle = 0;
+ auth_mgr.auth_mapper[i].tcs_ctx = 0;
+ auth_mgr_swap_in();
+ }
+ /* If the cont flag is TRUE, we have to keep the handle */
+ }
+ }
+
+ return result;
+}
+
+TSS_RESULT
+auth_mgr_check(TCS_CONTEXT_HANDLE tcsContext, TPM_AUTHHANDLE *tpm_auth_handle)
+{
+ UINT32 i;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
+ if (auth_mgr.auth_mapper[i].full == TRUE &&
+ auth_mgr.auth_mapper[i].tpm_handle == *tpm_auth_handle &&
+ auth_mgr.auth_mapper[i].tcs_ctx == tcsContext) {
+ /* We have a record of this session, now swap it into the TPM if need be. */
+ if (auth_mgr.auth_mapper[i].swap) {
+ LogDebugFn("TPM_LoadAuthContext for TCS %x TPM %x", tcsContext,
+ auth_mgr.auth_mapper[i].tpm_handle);
+
+ result = TPM_LoadAuthContext(auth_mgr.auth_mapper[i].swap_size,
+ auth_mgr.auth_mapper[i].swap,
+ tpm_auth_handle);
+ if (result == TSS_SUCCESS) {
+ free(auth_mgr.auth_mapper[i].swap);
+ auth_mgr.auth_mapper[i].swap = NULL;
+ auth_mgr.auth_mapper[i].swap_size = 0;
+
+ LogDebugFn("TPM_LoadAuthContext succeeded. Old TPM: %x, New"
+ " TPM: %x", auth_mgr.auth_mapper[i].tpm_handle,
+ *tpm_auth_handle);
+
+ auth_mgr.auth_mapper[i].tpm_handle = *tpm_auth_handle;
+ } else if (result == TPM_E_RESOURCES) {
+ if ((result = auth_mgr_swap_out(tcsContext))) {
+ LogDebugFn("TPM_LoadAuthContext failed with TPM_E_R"
+ "ESOURCES and swapping out failed, retur"
+ "ning error");
+ return result;
+ }
+
+ LogDebugFn("Retrying TPM_LoadAuthContext after swap"
+ " out...");
+ result =
+ TPM_LoadAuthContext(auth_mgr.auth_mapper[i].swap_size,
+ auth_mgr.auth_mapper[i].swap,
+ tpm_auth_handle);
+ free(auth_mgr.auth_mapper[i].swap);
+ auth_mgr.auth_mapper[i].swap = NULL;
+ auth_mgr.auth_mapper[i].swap_size = 0;
+ } else {
+ LogDebug("TPM_LoadAuthContext failed: 0x%x.", result);
+ }
+ }
+
+ return result;
+ }
+ }
+
+ LogDebugFn("Can't find auth for TCS handle %x, should be %x", tcsContext, *tpm_auth_handle);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+}
+
+TSS_RESULT
+auth_mgr_add(TCS_CONTEXT_HANDLE tcsContext, TCS_AUTHHANDLE tpm_auth_handle)
+{
+ struct auth_map *tmp = auth_mgr.auth_mapper;
+ UINT32 i;
+
+ for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
+ if (auth_mgr.auth_mapper[i].full == FALSE) {
+ auth_mgr.auth_mapper[i].tpm_handle = tpm_auth_handle;
+ auth_mgr.auth_mapper[i].tcs_ctx = tcsContext;
+ auth_mgr.auth_mapper[i].full = TRUE;
+ auth_mgr.open_auth_sessions++;
+ LogDebug("added auth for TCS %x TPM %x", tcsContext, tpm_auth_handle);
+
+ return TSS_SUCCESS;
+ }
+ }
+
+
+ LogDebugFn("Thread %ld growing the auth table to %u entries", THREAD_ID,
+ auth_mgr.auth_mapper_size + TSS_DEFAULT_AUTH_TABLE_SIZE);
+
+ auth_mgr.auth_mapper = calloc(auth_mgr.auth_mapper_size +
+ TSS_DEFAULT_AUTH_TABLE_SIZE, sizeof(struct auth_map));
+ if (auth_mgr.auth_mapper == NULL) {
+ auth_mgr.auth_mapper = tmp;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ } else {
+ memcpy(auth_mgr.auth_mapper, tmp,
+ auth_mgr.auth_mapper_size * sizeof(struct auth_map));
+ auth_mgr.auth_mapper_size += TSS_DEFAULT_AUTH_TABLE_SIZE;
+ LogDebugFn("Success.");
+ return TSS_SUCCESS;
+ }
+}
+
+/* A thread wants a new OIAP or OSAP session with the TPM. Returning TRUE indicates that we should
+ * allow it to open the session, FALSE to indicate that the request should be queued or have
+ * another thread's session swapped out to make room for it.
+ */
+TSS_BOOL
+auth_mgr_req_new(TCS_CONTEXT_HANDLE hContext)
+{
+ UINT32 i, opened = 0;
+
+ for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
+ if (auth_mgr.auth_mapper[i].full == TRUE &&
+ auth_mgr.auth_mapper[i].tcs_ctx == hContext) {
+ opened++;
+ }
+ }
+
+ /* If this TSP has already opened its max open auth handles, deny another open */
+ if (opened >= MAX(2, (UINT32)auth_mgr.max_auth_sessions/2)) {
+ LogDebug("Max opened auth handles already opened.");
+ return FALSE;
+ }
+
+ /* if we have one opened already and there's a slot available, ok */
+ if (opened && ((auth_mgr.max_auth_sessions - auth_mgr.open_auth_sessions) >= 1))
+ return TRUE;
+
+ /* we don't already have one open and there are at least 2 slots left */
+ if ((auth_mgr.max_auth_sessions - auth_mgr.open_auth_sessions) >= 2)
+ return TRUE;
+
+ LogDebug("Request for new auth handle denied by TCS. (%d opened sessions)", opened);
+
+ return FALSE;
+}
+
+TSS_RESULT
+auth_mgr_oiap(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_AUTHHANDLE *authHandle, /* out */
+ TCPA_NONCE *nonce0) /* out */
+{
+ TSS_RESULT result;
+
+ /* are the maximum number of auth sessions open? */
+ if (auth_mgr_req_new(hContext) == FALSE) {
+ if ((result = auth_mgr_swap_out(hContext)))
+ goto done;
+ }
+
+ if ((result = TCSP_OIAP_Internal(hContext, authHandle, nonce0)))
+ goto done;
+
+ /* success, add an entry to the table */
+ result = auth_mgr_add(hContext, *authHandle);
+done:
+ return result;
+}
+
+TSS_RESULT
+auth_mgr_osap(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 entityValue, /* in */
+ TCPA_NONCE nonceOddOSAP, /* in */
+ TCS_AUTHHANDLE *authHandle, /* out */
+ TCPA_NONCE *nonceEven, /* out */
+ TCPA_NONCE *nonceEvenOSAP) /* out */
+{
+ TSS_RESULT result;
+ UINT32 newEntValue = 0;
+
+ /* if ET is not KEYHANDLE or KEY, newEntValue is a don't care */
+ if (entityType == TCPA_ET_KEYHANDLE || entityType == TCPA_ET_KEY) {
+ if (ensureKeyIsLoaded(hContext, entityValue, &newEntValue))
+ return TCSERR(TSS_E_FAIL);
+ } else {
+ newEntValue = entityValue;
+ }
+
+ /* are the maximum number of auth sessions open? */
+ if (auth_mgr_req_new(hContext) == FALSE) {
+ if ((result = auth_mgr_swap_out(hContext)))
+ goto done;
+ }
+
+ if ((result = TCSP_OSAP_Internal(hContext, entityType, newEntValue, nonceOddOSAP,
+ authHandle, nonceEven, nonceEvenOSAP)))
+ goto done;
+
+ /* success, add an entry to the table */
+ result = auth_mgr_add(hContext, *authHandle);
+done:
+ return result;
+}
+
+/* This function is only called directly from the TSP, we use other internal routines to free
+ * our handles. */
+TSS_RESULT
+TCSP_TerminateHandle_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_AUTHHANDLE handle) /* in */
+{
+ TSS_RESULT result;
+
+ LogDebug("Entering TCSI_TerminateHandle");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &handle)))
+ return result;
+
+ result = auth_mgr_release_auth_handle(handle, hContext, TRUE);
+
+ LogResult("Terminate Handle", result);
+ return result;
+}
+
+TSS_RESULT
+TPM_SaveAuthContext(TPM_AUTHHANDLE handle, UINT32 *size, BYTE **blob)
+{
+ UINT64 offset;
+ UINT32 trash, bsize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ offset = 10;
+ LoadBlob_UINT32(&offset, handle, txBlob);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset, TPM_ORD_SaveAuthContext, txBlob);
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, &trash);
+
+ LogDebug("total packet size received from TPM: %u", trash);
+
+ if (!result) {
+ offset = 10;
+ UnloadBlob_UINT32(&offset, &bsize, txBlob);
+
+ LogDebug("Reported blob size from TPM: %u", bsize);
+
+ *blob = malloc(bsize);
+ if (*blob == NULL) {
+ LogError("malloc of %u bytes failed.", bsize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset, bsize, txBlob, *blob);
+ *size = bsize;
+ }
+
+ return result;
+}
+
+TSS_RESULT
+TPM_LoadAuthContext(UINT32 size, BYTE *blob, TPM_AUTHHANDLE *handle)
+{
+ UINT64 offset;
+ UINT32 trash;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Loading %u byte auth blob back into TPM", size);
+
+ offset = 10;
+ LoadBlob_UINT32(&offset, size, NULL);
+ LoadBlob(&offset, size, NULL, blob);
+ if (offset > TSS_TPM_TXBLOB_SIZE) {
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+ offset = 10;
+ LoadBlob_UINT32(&offset, size, txBlob);
+ LoadBlob(&offset, size, txBlob, blob);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset, TPM_ORD_LoadAuthContext, txBlob);
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, &trash);
+
+ if (!result) {
+ offset = 10;
+ UnloadBlob_UINT32(&offset, handle, txBlob);
+ }
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_caps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_caps.c
new file mode 100644
index 0000000..c4cff7c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_caps.c
@@ -0,0 +1,195 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tddl.h"
+#include "req_mgr.h"
+
+
+TSS_RESULT
+get_current_version(TPM_VERSION *version)
+{
+ TCPA_CAPABILITY_AREA capArea = TPM_CAP_VERSION_VAL;
+ UINT32 respSize;
+ BYTE *resp;
+ TSS_RESULT result;
+ UINT64 offset;
+
+ /* try the 1.2 way first */
+ result = TCSP_GetCapability_Internal(InternalContext, capArea, 0, NULL, &respSize, &resp);
+ if (result == TSS_SUCCESS) {
+ offset = sizeof(UINT16); // XXX hack
+ UnloadBlob_VERSION(&offset, resp, version);
+ free(resp);
+ } else if (result == TCPA_E_BAD_MODE) {
+ /* if the TPM doesn't understand VERSION_VAL, try the 1.1 way */
+ capArea = TCPA_CAP_VERSION;
+ result = TCSP_GetCapability_Internal(InternalContext, capArea, 0, NULL, &respSize,
+ &resp);
+ if (result == TSS_SUCCESS) {
+ offset = 0;
+ UnloadBlob_VERSION(&offset, resp, version);
+ free(resp);
+ }
+ }
+
+ return result;
+}
+
+TSS_RESULT
+get_cap_uint32(TCPA_CAPABILITY_AREA capArea, BYTE *subCap, UINT32 subCapSize, UINT32 *v)
+{
+ UINT32 respSize;
+ BYTE *resp;
+ TSS_RESULT result;
+ UINT64 offset;
+
+ result = TCSP_GetCapability_Internal(InternalContext, capArea, subCapSize, subCap,
+ &respSize, &resp);
+ if (!result) {
+ offset = 0;
+ switch (respSize) {
+ case 1:
+ UnloadBlob_BYTE(&offset, (BYTE *)v, resp);
+ break;
+ case sizeof(UINT16):
+ UnloadBlob_UINT16(&offset, (UINT16 *)v, resp);
+ break;
+ case sizeof(UINT32):
+ UnloadBlob_UINT32(&offset, v, resp);
+ break;
+ default:
+ LogDebug("TCSP_GetCapability_Internal returned"
+ " %u bytes", respSize);
+ result = TCSERR(TSS_E_FAIL);
+ break;
+ }
+ free(resp);
+ }
+
+ return result;
+}
+
+
+TSS_RESULT
+get_max_auths(UINT32 *auths)
+{
+ TCS_AUTHHANDLE handles[TSS_MAX_AUTHS_CAP];
+ TCPA_NONCE nonce;
+ UINT32 subCap;
+ TSS_RESULT result;
+ int i;
+
+ if (TPM_VERSION_IS(1,2)) {
+ UINT32ToArray(TPM_CAP_PROP_MAX_AUTHSESS, (BYTE *)(&subCap));
+ result = get_cap_uint32(TPM_CAP_PROPERTY, (BYTE *)&subCap, sizeof(subCap), auths);
+ } else if (TPM_VERSION_IS(1,1)) {
+ /* open auth sessions until we get a failure */
+ for (i = 0; i < TSS_MAX_AUTHS_CAP; i++) {
+ result = TCSP_OIAP_Internal(InternalContext, &(handles[i]), &nonce);
+ if (result != TSS_SUCCESS) {
+ /* this is not off by one since we're 0 indexed */
+ *auths = i;
+ break;
+ }
+ }
+
+ if (i == TSS_MAX_AUTHS_CAP)
+ *auths = TSS_MAX_AUTHS_CAP;
+
+ /* close the auth sessions */
+ for (i = 0; (UINT32)i < *auths; i++) {
+ internal_TerminateHandle(handles[i]);
+ }
+ } else {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ *auths = 0;
+ }
+
+ if (*auths < 2) {
+ LogError("%s reported only %u auth available!", __FUNCTION__, *auths);
+ LogError("Your TPM must be reset before the TCSD can be started.");
+ } else {
+ LogDebug("get_max_auths reports %u auth contexts found", *auths);
+ result = TSS_SUCCESS;
+ }
+
+ return result;
+}
+
+/* This is only called from init paths, so printing an error message is
+ * appropriate if something goes wrong */
+TSS_RESULT
+get_tpm_metrics(struct tpm_properties *p)
+{
+ TSS_RESULT result;
+ UINT32 subCap, rv = 0;
+
+ if ((result = get_current_version(&p->version)))
+ goto err;
+
+ UINT32ToArray(TPM_ORD_SaveKeyContext, (BYTE *)&subCap);
+ if ((result = get_cap_uint32(TCPA_CAP_ORD, (BYTE *)&subCap, sizeof(UINT32), &rv)))
+ goto err;
+ p->keyctx_swap = rv ? TRUE : FALSE;
+
+ rv = 0;
+ UINT32ToArray(TPM_ORD_SaveAuthContext, (BYTE *)&subCap);
+ if ((result = get_cap_uint32(TCPA_CAP_ORD, (BYTE *)&subCap, sizeof(UINT32), &rv)))
+ goto err;
+ p->authctx_swap = rv ? TRUE : FALSE;
+
+ UINT32ToArray(TPM_CAP_PROP_PCR, (BYTE *)&subCap);
+ if ((result = get_cap_uint32(TCPA_CAP_PROPERTY, (BYTE *)&subCap, sizeof(UINT32),
+ &p->num_pcrs)))
+ goto err;
+
+ UINT32ToArray(TPM_CAP_PROP_DIR, (BYTE *)&subCap);
+ if ((result = get_cap_uint32(TCPA_CAP_PROPERTY, (BYTE *)&subCap, sizeof(UINT32),
+ &p->num_dirs)))
+ goto err;
+
+ UINT32ToArray(TPM_CAP_PROP_SLOTS, (BYTE *)&subCap);
+ if ((result = get_cap_uint32(TCPA_CAP_PROPERTY, (BYTE *)&subCap, sizeof(UINT32),
+ &p->num_keys)))
+ goto err;
+
+ UINT32ToArray(TPM_CAP_PROP_MANUFACTURER, (BYTE *)&subCap);
+ if ((result = get_cap_uint32(TCPA_CAP_PROPERTY, (BYTE *)&subCap, sizeof(UINT32),
+ (UINT32 *)&p->manufacturer)))
+ goto err;
+
+ result = get_max_auths(&(p->num_auths));
+
+err:
+ if (result)
+ LogError("TCS GetCapability failed with result = 0x%x", result);
+
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_context.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_context.c
new file mode 100644
index 0000000..f716ad3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_context.c
@@ -0,0 +1,321 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_context.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+unsigned long nextContextHandle = 0xA0000000;
+struct tcs_context *tcs_context_table = NULL;
+
+MUTEX_DECLARE_INIT(tcs_ctx_lock);
+
+TCS_CONTEXT_HANDLE getNextHandle();
+struct tcs_context *create_tcs_context();
+struct tcs_context *get_context(TCS_CONTEXT_HANDLE);
+struct tcs_context *get_previous_context(TCS_CONTEXT_HANDLE);
+
+TSS_BOOL initContextHandle = 1;
+
+TCS_CONTEXT_HANDLE
+getNextHandle()
+{
+ UINT32 tempRand;
+ time_t currentTime;
+
+ if (initContextHandle) {
+ currentTime = time(NULL);
+ srand(currentTime);
+ tempRand = rand();
+ tempRand = tempRand << 16;
+ tempRand &= 0x00FF0000;
+ nextContextHandle |= tempRand;
+ initContextHandle = 0;
+ }
+ currentTime = time(NULL);
+ srand(currentTime + 1);
+ tempRand = rand();
+ tempRand = tempRand << 8;
+ tempRand &= 0x0000FF00;
+ if (nextContextHandle == 0)
+ return getNextHandle();
+ else
+ return ((nextContextHandle++) | tempRand);
+}
+
+struct tcs_context *
+create_tcs_context()
+{
+ struct tcs_context *ret = (struct tcs_context *)calloc(1, sizeof(struct tcs_context));
+
+ if (ret != NULL) {
+ while (1) {
+ ret->handle = getNextHandle();
+ if (!get_context(ret->handle))
+ break;
+ LogInfo("getNextHandle() produced duplicate handle, retrying.");
+ }
+ COND_INIT(ret->cond);
+ }
+ return ret;
+}
+
+struct tcs_context *
+get_context(TCS_CONTEXT_HANDLE handle)
+{
+ struct tcs_context *index;
+ index = tcs_context_table;
+ while (index) {
+ if (index->handle == handle)
+ break;
+ index = index->next;
+ }
+
+ return index;
+}
+
+struct tcs_context *
+get_previous_context(TCS_CONTEXT_HANDLE handle)
+{
+ struct tcs_context *index;
+ index = tcs_context_table;
+ while (index) {
+ if (index->next) {
+ if (index->next->handle == handle)
+ return index;
+ }
+ index = index->next;
+ }
+
+ return 0;
+}
+
+void
+destroy_context(TCS_CONTEXT_HANDLE handle)
+{
+ struct tcs_context *toKill;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ if (tcs_context_table && tcs_context_table->handle == handle) {
+ /* this means that toKill is the first one */
+ toKill = tcs_context_table;
+ tcs_context_table = tcs_context_table->next;
+ } else {
+ struct tcs_context *previous;
+
+ previous = get_previous_context(handle);
+ if (!previous) {
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return;
+ }
+ toKill = previous->next;
+ previous->next = toKill->next;
+ }
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ CTX_ref_count_keys(toKill);
+
+#ifdef TSS_BUILD_TRANSPORT
+ /* Free existing transport session if necessary */
+ if (toKill != NULL && toKill->transHandle)
+ TCSP_FlushSpecific_Common(toKill->transHandle, TPM_RT_TRANS);
+#endif
+
+ free(toKill);
+}
+
+TCS_CONTEXT_HANDLE
+make_context()
+{
+ struct tcs_context *index;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ index = tcs_context_table;
+
+ if (!index) {
+ tcs_context_table = create_tcs_context();
+ if (tcs_context_table == NULL) {
+ LogError("Malloc Failure.");
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return 0;
+ }
+ index = tcs_context_table;
+ } else {
+ while (index->next) {
+ index = index->next;
+ }
+ index->next = create_tcs_context();
+ if (index->next == NULL) {
+ LogError("Malloc Failure.");
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return 0;
+ }
+ index = index->next;
+ }
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ return index->handle;
+}
+
+
+TSS_RESULT
+ctx_verify_context(TCS_CONTEXT_HANDLE tcsContext)
+{
+ struct tcs_context *c;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ c = get_context(tcsContext);
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ if (c == NULL) {
+ LogDebug("Fail: Context %x not found", tcsContext);
+ return TCSERR(TCS_E_INVALID_CONTEXTHANDLE);
+ }
+
+ return TSS_SUCCESS;
+}
+
+
+COND_VAR *
+ctx_get_cond_var(TCS_CONTEXT_HANDLE tcs_handle)
+{
+ struct tcs_context *c;
+ COND_VAR *ret = NULL;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ c = get_context(tcs_handle);
+
+ if (c != NULL)
+ ret = &c->cond;
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ return ret;
+}
+
+/* the only transport flag at the TCS level is whether the session is exclusive or not. If the app
+ * is requesting an exclusive transport session, check that no other exclusive sessions exist and
+ * if not, flag this context as being the one. If so, return internal error. */
+TSS_RESULT
+ctx_req_exclusive_transport(TCS_CONTEXT_HANDLE tcsContext)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tcs_context *tmp, *self = NULL;
+
+ /* If the daemon is configured to ignore apps that want an exclusive transport, just
+ * return */
+ if (!tcsd_options.exclusive_transport)
+ return result;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ tmp = tcs_context_table;
+ while (tmp) {
+ if (tmp->flags & TSS_CONTEXT_FLAG_TRANSPORT_EXCLUSIVE) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ if (tmp->handle == tcsContext)
+ self = tmp;
+
+ tmp = tmp->next;
+ }
+
+ if (self)
+ self->flags |= TSS_CONTEXT_FLAG_TRANSPORT_EXCLUSIVE;
+ else
+ result = TCSERR(TCS_E_INVALID_CONTEXTHANDLE);
+done:
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ return result;
+}
+
+TSS_RESULT
+ctx_set_transport_enabled(TCS_CONTEXT_HANDLE tcsContext, UINT32 hTransHandle)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tcs_context *tmp, *self = NULL;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ tmp = tcs_context_table;
+ while (tmp) {
+ if (tmp->handle == tcsContext) {
+ self = tmp;
+ break;
+ }
+
+ tmp = tmp->next;
+ }
+
+ if (self) {
+ self->flags |= TSS_CONTEXT_FLAG_TRANSPORT_ENABLED;
+ self->transHandle = hTransHandle;
+ } else
+ result = TCSERR(TCS_E_INVALID_CONTEXTHANDLE);
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ return result;
+}
+
+TSS_RESULT
+ctx_set_transport_disabled(TCS_CONTEXT_HANDLE tcsContext, TCS_HANDLE *transHandle)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tcs_context *tmp, *self = NULL;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ tmp = tcs_context_table;
+ while (tmp) {
+ if (tmp->handle == tcsContext) {
+ self = tmp;
+ break;
+ }
+
+ tmp = tmp->next;
+ }
+
+ if (self) {
+ if (!transHandle || *transHandle == self->transHandle) {
+ self->transHandle = 0;
+ self->flags &= ~TSS_CONTEXT_FLAG_TRANSPORT_ENABLED;
+ }
+ } else
+ result = TCSERR(TCS_E_INVALID_CONTEXTHANDLE);
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_context_key.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_context_key.c
new file mode 100644
index 0000000..938ad90
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_context_key.c
@@ -0,0 +1,162 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_context.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+
+MUTEX_DECLARE_EXTERN(tcs_ctx_lock);
+
+/* runs through the list of all keys loaded by context c and decrements
+ * their ref count by 1, then free's their structures.
+ */
+void
+ctx_ref_count_keys(struct tcs_context *c)
+{
+ struct keys_loaded *cur, *prev;
+
+ if (c == NULL)
+ return;
+
+ cur = prev = c->keys;
+
+ while (cur != NULL) {
+ key_mgr_dec_ref_count(cur->key_handle);
+ cur = cur->next;
+ free(prev);
+ prev = cur;
+ }
+}
+/* Traverse loaded keys list and if matching key handle is found return TRUE else return FALSE
+ */
+TSS_BOOL
+ctx_has_key_loaded(TCS_CONTEXT_HANDLE ctx_handle, TCS_KEY_HANDLE key_handle)
+{
+ struct tcs_context *c;
+ struct keys_loaded *k = NULL;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ c = get_context(ctx_handle);
+ if (c == NULL) {
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return FALSE;
+ }
+ k = c->keys;
+ while (k != NULL) {
+ if (k->key_handle == key_handle) {
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return TRUE;
+ }
+ k = k->next;
+ }
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return FALSE;
+}
+
+/* Traverse loaded keys list and if matching key handle is found remove it */
+TSS_RESULT
+ctx_remove_key_loaded(TCS_CONTEXT_HANDLE ctx_handle, TCS_KEY_HANDLE key_handle)
+{
+ struct tcs_context *c;
+ struct keys_loaded *cur, *prev;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ c = get_context(ctx_handle);
+ if (c == NULL) {
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return TCSERR(TCS_E_INVALID_CONTEXTHANDLE);
+ }
+
+ for (prev = cur = c->keys; cur; prev = cur, cur = cur->next) {
+ if (cur->key_handle == key_handle) {
+ if (cur == c->keys)
+ c->keys = cur->next;
+ else
+ prev->next = cur->next;
+
+ free(cur);
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return TCS_SUCCESS;
+ }
+ }
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return TCSERR(TCS_E_INVALID_KEY);
+}
+
+/* make a new entry in the per-context list of loaded keys. If the list already
+ * contains a pointer to the key in memory, just return success.
+ */
+TSS_RESULT
+ctx_mark_key_loaded(TCS_CONTEXT_HANDLE ctx_handle, TCS_KEY_HANDLE key_handle)
+{
+ struct tcs_context *c;
+ struct keys_loaded *k = NULL, *new;
+ TSS_RESULT result;
+
+ MUTEX_LOCK(tcs_ctx_lock);
+
+ c = get_context(ctx_handle);
+
+ if (c != NULL) {
+ k = c->keys;
+ while (k != NULL) {
+ if (k->key_handle == key_handle) {
+ /* we've previously created a pointer to key_handle in the global
+ * list of loaded keys and incremented that key's reference count,
+ * so there's no need to do anything.
+ */
+ result = TSS_SUCCESS;
+ break;
+ }
+
+ k = k->next;
+ }
+ } else {
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ /* if we have no record of this key being loaded by this context, create a new
+ * entry and increment the key's reference count in the global list.
+ */
+ if (k == NULL) {
+ new = calloc(1, sizeof(struct keys_loaded));
+ if (new == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct keys_loaded));
+ MUTEX_UNLOCK(tcs_ctx_lock);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ new->key_handle = key_handle;
+ new->next = c->keys;
+ c->keys = new;
+ result = key_mgr_inc_ref_count(new->key_handle);
+ }
+
+ MUTEX_UNLOCK(tcs_ctx_lock);
+
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_counter.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_counter.c
new file mode 100644
index 0000000..f212ac6
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_counter.c
@@ -0,0 +1,54 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+
+
+void
+UnloadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr)
+{
+ if (!ctr) {
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob(offset, 4, blob, NULL);
+ UnloadBlob_UINT32(offset, NULL, blob);
+ return;
+ }
+
+ UnloadBlob_UINT16(offset, &ctr->tag, blob);
+ UnloadBlob(offset, 4, blob, (BYTE *)&ctr->label);
+ UnloadBlob_UINT32(offset, &ctr->counter, blob);
+}
+
+void
+LoadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr)
+{
+ LoadBlob_UINT16(offset, ctr->tag, blob);
+ LoadBlob(offset, 4, blob, (BYTE *)&ctr->label);
+ LoadBlob_UINT32(offset, ctr->counter, blob);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_da_reset.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_da_reset.c
new file mode 100644
index 0000000..0b754ae
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_da_reset.c
@@ -0,0 +1,42 @@
+// Copyright 2021 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "tcs_da_reset.h"
+
+#include <tss/tpm.h>
+
+#include "libhwsec-foundation/tpm_error/handle_auth_failure.h"
+#include "libhwsec-foundation/tpm_error/tpm_error_data.h"
+#include "tcslog.h"
+
+enum { MAX_HISTORY_SIZE = 32 };
+
+static __thread struct TpmErrorData command_history_entries[MAX_HISTORY_SIZE] =
+ {};
+
+static __thread int command_history_size = 0;
+
+void recordFailedCommandHistory(UINT32 ordinal, UINT32 response) {
+ if (response == TPM_SUCCESS) {
+ return;
+ }
+ if (command_history_size == MAX_HISTORY_SIZE) {
+ LogWarn("History size limit reached; dropping (ordinal: %d, "
+ "response: %d)",
+ ordinal, response);
+ return;
+ }
+ command_history_entries[command_history_size].command = ordinal;
+ command_history_entries[command_history_size].response = response;
+ ++command_history_size;
+}
+
+void handleAuthFailures() {
+ int i;
+ for (i = 0; i < command_history_size; ++i) {
+ HandleAuthFailure(&command_history_entries[i]);
+ }
+}
+
+void clearCommandHistory() { command_history_size = 0; }
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog.c
new file mode 100644
index 0000000..f854e4e
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog.c
@@ -0,0 +1,223 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <limits.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcslog.h"
+#include "tcsem.h"
+
+
+struct event_log *tcs_event_log = NULL;
+
+TSS_RESULT
+event_log_init()
+{
+ if (tcs_event_log != NULL)
+ return TSS_SUCCESS;
+
+ tcs_event_log = calloc(1, sizeof(struct event_log));
+ if (tcs_event_log == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct event_log));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ MUTEX_INIT(tcs_event_log->lock);
+
+ /* allocate as many event lists as there are PCR's */
+ tcs_event_log->lists = calloc(tpm_metrics.num_pcrs, sizeof(struct event_wrapper *));
+ if (tcs_event_log->lists == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ tpm_metrics.num_pcrs * sizeof(struct event_wrapper *));
+ free(tcs_event_log);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ /* assign external event log sources here */
+ //tcs_event_log->firmware_source = EVLOG_IMA_SOURCE;
+ tcs_event_log->firmware_source = EVLOG_BIOS_SOURCE;
+ tcs_event_log->kernel_source = EVLOG_IMA_SOURCE;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+event_log_final()
+{
+ struct event_wrapper *cur, *next;
+ UINT32 i;
+
+ MUTEX_LOCK(tcs_event_log->lock);
+
+ for (i = 0; i < tpm_metrics.num_pcrs; i++) {
+ cur = tcs_event_log->lists[i];
+ while (cur != NULL) {
+ next = cur->next;
+ free(cur->event.rgbPcrValue);
+ free(cur->event.rgbEvent);
+ free(cur);
+ cur = next;
+ }
+ }
+
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ free(tcs_event_log->lists);
+ free(tcs_event_log);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+copy_pcr_event(TSS_PCR_EVENT *dest, TSS_PCR_EVENT *source)
+{
+ memcpy(dest, source, sizeof(TSS_PCR_EVENT));
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+event_log_add(TSS_PCR_EVENT *event, UINT32 *pNumber)
+{
+ struct event_wrapper *new, *tmp;
+ TSS_RESULT result;
+ UINT32 i;
+
+ MUTEX_LOCK(tcs_event_log->lock);
+
+ new = calloc(1, sizeof(struct event_wrapper));
+ if (new == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct event_wrapper));
+ MUTEX_UNLOCK(tcs_event_log->lock);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = copy_pcr_event(&(new->event), event))) {
+ free(new);
+ MUTEX_UNLOCK(tcs_event_log->lock);
+ return result;
+ }
+
+ /* go to the end of the list to add the element, so that they're in order */
+ i = 0;
+ if (tcs_event_log->lists[event->ulPcrIndex] == NULL) {
+ tcs_event_log->lists[event->ulPcrIndex] = new;
+ } else {
+ i++;
+ tmp = tcs_event_log->lists[event->ulPcrIndex];
+ while (tmp->next != NULL) {
+ i++;
+ tmp = tmp->next;
+ }
+ tmp->next = new;
+ }
+
+ *pNumber = ++i;
+
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ return TSS_SUCCESS;
+}
+
+TSS_PCR_EVENT *
+get_pcr_event(UINT32 pcrIndex, UINT32 eventNumber)
+{
+ struct event_wrapper *tmp;
+ UINT32 counter = 0;
+
+ MUTEX_LOCK(tcs_event_log->lock);
+
+ tmp = tcs_event_log->lists[pcrIndex];
+ for (; tmp; tmp = tmp->next) {
+ if (counter == eventNumber) {
+ break;
+ }
+ counter++;
+ }
+
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ return (tmp ? &(tmp->event) : NULL);
+}
+
+/* the lock should be held before calling this function */
+UINT32
+get_num_events(UINT32 pcrIndex)
+{
+ struct event_wrapper *tmp;
+ UINT32 counter = 0;
+
+ tmp = tcs_event_log->lists[pcrIndex];
+ for (; tmp; tmp = tmp->next) {
+ counter++;
+ }
+
+ return counter;
+}
+
+TSS_PCR_EVENT *
+concat_pcr_events(TSS_PCR_EVENT **list_so_far, UINT32 list_size, TSS_PCR_EVENT *addition,
+ UINT32 addition_size)
+{
+ TSS_PCR_EVENT *ret;
+
+ ret = realloc(*list_so_far, (list_size + addition_size) * sizeof(TSS_PCR_EVENT));
+ if (ret == NULL) {
+ LogError("malloc of %zd bytes failed",
+ (list_size + addition_size) * sizeof(TSS_PCR_EVENT));
+ return ret;
+ }
+
+ memcpy(&ret[list_size], addition, addition_size * sizeof(TSS_PCR_EVENT));
+ return ret;
+}
+
+/* XXX make this a macro */
+UINT32
+get_pcr_event_size(TSS_PCR_EVENT *e)
+{
+ return (sizeof(TSS_PCR_EVENT) + e->ulEventLength + e->ulPcrValueLength);
+}
+
+void
+free_external_events(UINT32 eventCount, TSS_PCR_EVENT *ppEvents)
+{
+ UINT32 j;
+
+ if (!ppEvents)
+ return;
+
+ for (j = 0; j < eventCount; j++) {
+ /* This is a fairly heinous hack, but PCR event logs can get really large
+ * and without it, there is a real potential to exhaust memory by leaks.
+ * The PCR event logs that we pull out of securityfs have had their
+ * rgbPcrValue and rgbEvent pointers malloc'd dynamically as the
+ * securityfs log was parsed. The other event log lists that are
+ * maintained by the TCSD don't need to have this data free'd, since that
+ * will happen at shutdown time only. So, for each PCR index that's
+ * read from securityfs, we need to free its pointers after that data has
+ * been set in the packet to send back to the TSP. */
+ if ((tcsd_options.kernel_pcrs & (1 << ppEvents[j].ulPcrIndex)) ||
+ (tcsd_options.firmware_pcrs & (1 << ppEvents[j].ulPcrIndex))) {
+ free(ppEvents[j].rgbPcrValue);
+ free(ppEvents[j].rgbEvent);
+ }
+ }
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog_biosem.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog_biosem.c
new file mode 100644
index 0000000..5731ae5
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog_biosem.c
@@ -0,0 +1,298 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+/*
+ * biosem.c
+ *
+ * Routines for handling PCR events from the TCG Compliant BIOS
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <limits.h>
+#include <unistd.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tcsem.h"
+
+#ifdef EVLOG_SOURCE_BIOS
+
+struct ext_log_source bios_source = {
+ bios_open,
+ bios_get_entries_by_pcr,
+ bios_get_entry,
+ bios_close
+};
+
+int
+bios_open(void *source, FILE **handle)
+{
+ FILE *fd;
+
+ if ((fd = fopen((char *)source, "r")) == NULL ) {
+ LogError("Error opening BIOS Eventlog file %s: %s", (char *)source,
+ strerror(errno));
+ return -1;
+ }
+
+ *handle = fd;
+
+ return 0;
+}
+
+TSS_RESULT
+bios_get_entries_by_pcr(FILE *handle, UINT32 pcr_index, UINT32 first,
+ UINT32 *count, TSS_PCR_EVENT **events)
+{
+ char page[BIOS_READ_SIZE];
+ int error_path = 1;
+ UINT32 seen_indices = 0, copied_events = 0, i;
+ struct event_wrapper *list = calloc(1, sizeof(struct event_wrapper));
+ struct event_wrapper *cur = list;
+ TSS_RESULT result = TSS_E_INTERNAL_ERROR;
+ TCG_PCClientPCREventStruc *event = NULL;
+ int num=0;
+
+ if (list == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct event_wrapper));
+ return TSS_E_OUTOFMEMORY;
+ }
+
+ if (*count == 0) {
+ result = TSS_SUCCESS;
+ goto free_list;
+ }
+
+ while (1) {
+ /* read event header from the file */
+ if ((fread(page, 32, 1, handle)) <= 0) {
+ goto copy_events;
+ }
+
+ event = (TCG_PCClientPCREventStruc *)page;
+
+ /* if the index is the one we're looking for, grab the entry */
+ if (pcr_index == event->pcrIndex) {
+ if (seen_indices >= first) {
+ /* grab this entry */
+ cur->event.rgbPcrValue = malloc(20);
+ if (cur->event.rgbPcrValue == NULL) {
+ LogError("malloc of %d bytes failed.", 20);
+ result = TSS_E_OUTOFMEMORY;
+ goto free_list;
+ }
+
+ cur->event.ulPcrIndex = pcr_index;
+ cur->event.eventType = event->eventType;
+ cur->event.ulPcrValueLength = 20;
+
+ /* copy the SHA1 XXX endianess ignored */
+ memcpy(cur->event.rgbPcrValue, event->digest, 20);
+
+ /* copy the event name XXX endianess ignored */
+ cur->event.ulEventLength = event->eventDataSize;
+
+ if (event->eventDataSize>0) {
+ cur->event.rgbEvent = malloc(event->eventDataSize);
+ if (cur->event.rgbEvent == NULL) {
+ LogError("malloc of %d bytes failed.",
+ event->eventDataSize);
+ free(cur->event.rgbPcrValue);
+ result = TSS_E_OUTOFMEMORY;
+ goto free_list;
+ }
+ if ((fread(cur->event.rgbEvent,
+ event->eventDataSize, 1, handle)) <= 0) {
+ LogError("read from event source failed: %s",
+ strerror(errno));
+ goto free_list;
+ }
+ } else {
+ cur->event.rgbEvent = NULL;
+ }
+
+ copied_events++;
+ if (copied_events == *count)
+ goto copy_events;
+
+ cur->next = calloc(1, sizeof(struct event_wrapper));
+ if (cur->next == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct event_wrapper));
+ result = TSS_E_OUTOFMEMORY;
+ goto free_list;
+ }
+ cur = cur->next;
+ } else {
+ /* skip */
+ if (event->eventDataSize > 0)
+ fseek(handle,event->eventDataSize,SEEK_CUR);
+ }
+ seen_indices++;
+ } else {
+ if (event->eventDataSize > 0)
+ fseek(handle,event->eventDataSize,SEEK_CUR);
+ }
+ num++;
+ }
+
+copy_events:
+
+ /* we've copied all the events we need to from this PCR, now
+ * copy them all into one contiguous memory block
+ */
+ *events = calloc(copied_events, sizeof(TSS_PCR_EVENT));
+ if (*events == NULL) {
+ LogError("malloc of %zd bytes failed.", copied_events * sizeof(TSS_PCR_EVENT));
+ result = TSS_E_OUTOFMEMORY;
+ goto free_list;
+ }
+
+ cur = list;
+ for (i = 0; i < copied_events; i++) {
+ memcpy(&((*events)[i]), &(cur->event), sizeof(TSS_PCR_EVENT));
+ cur = cur->next;
+ }
+
+ *count = copied_events;
+ /* assume we're in an error path until we get here */
+ error_path = 0;
+ result = TSS_SUCCESS;
+
+free_list:
+ cur = list->next;
+ while (cur != NULL) {
+ if (error_path) {
+ free(cur->event.rgbEvent);
+ free(cur->event.rgbPcrValue);
+ }
+ free(list);
+ list = cur;
+ cur = list->next;
+ }
+ free(list);
+ return result;
+}
+
+TSS_RESULT
+bios_get_entry(FILE *handle, UINT32 pcr_index, UINT32 *num, TSS_PCR_EVENT **ppEvent)
+{
+ char page[BIOS_READ_SIZE];
+ UINT32 seen_indices = 0;
+ TSS_RESULT result = TSS_E_INTERNAL_ERROR;
+ TSS_PCR_EVENT *e = NULL;
+ TCG_PCClientPCREventStruc *event = NULL;
+
+ while (1) {
+ /* read event header from the file */
+ if ((fread(page, 32, 1, handle)) == 0) {
+ goto done;
+ }
+
+ event = (TCG_PCClientPCREventStruc *)page;
+
+ if (pcr_index == event->pcrIndex) {
+ if (ppEvent && !*ppEvent && seen_indices == *num) {
+ *ppEvent = calloc(1, sizeof(TSS_PCR_EVENT));
+ if (*ppEvent == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(TSS_PCR_EVENT));
+ return TSS_E_INTERNAL_ERROR;
+ }
+
+ e = *ppEvent;
+
+ e->rgbPcrValue = malloc(20);
+ if (e->rgbPcrValue == NULL) {
+ LogError("malloc of %d bytes failed.", 20);
+ free(e);
+ e = NULL;
+ break;
+ }
+
+ e->ulPcrIndex = pcr_index;
+ e->eventType = event->eventType;
+ e->ulPcrValueLength = 20;
+
+ /* copy the SHA1 XXX endianess ignored */
+ memcpy(e->rgbPcrValue, event->digest, 20);
+
+ e->ulEventLength = event->eventDataSize;
+
+ if (event->eventDataSize>0) {
+ e->rgbEvent = malloc(e->ulEventLength);
+ if (e->rgbEvent == NULL) {
+ LogError("malloc of %d bytes failed.",
+ e->ulEventLength);
+ free(e->rgbPcrValue);
+ free(e);
+ e = NULL;
+ break;
+ }
+ if ((fread(e->rgbEvent,
+ event->eventDataSize,
+ 1, handle)) <= 0) {
+ LogError("read from event source failed: %s",
+ strerror(errno));
+ return result;
+ }
+ } else {
+ e->rgbEvent = NULL;
+ }
+ result = TSS_SUCCESS;
+
+ break;
+ } else {
+ /* skip */
+ if (event->eventDataSize > 0) {
+ fseek(handle,event->eventDataSize,SEEK_CUR);
+ }
+ }
+ seen_indices++;
+ } else {
+ /* skip */
+ if (event->eventDataSize > 0) {
+ fseek(handle,event->eventDataSize,SEEK_CUR);
+ }
+ }
+ }
+
+done:
+ if (!ppEvent) {
+ *num = seen_indices;
+ result = TSS_SUCCESS;
+ } else if (e == NULL)
+ *ppEvent = NULL;
+
+ return result;
+}
+
+int
+bios_close(FILE *handle)
+{
+ fclose(handle);
+
+ return 0;
+}
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog_imaem.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog_imaem.c
new file mode 100644
index 0000000..d158330
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_evlog_imaem.c
@@ -0,0 +1,358 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+/*
+ * imaem.c
+ *
+ * Routines for handling PCR events from the Integrity Measurement
+ * Architecture.
+ *
+ * The external event source format used by IMA:
+ *
+ * 4 bytes PCR Index (bin)
+ * 20 bytes SHA1 template (bin)
+ * 4 bytes template name_len
+ * 1-255 bytes template name
+ * 20 bytes SHA1 IMA(bin)
+ * 4 bytes IMA name len
+ * 1-255 bytes eventname
+ * 1 byte separator = '\0'
+ *
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <limits.h>
+#include <unistd.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tcsem.h"
+
+#ifdef EVLOG_SOURCE_IMA
+
+#define EVLOG_FILENAME_MAXSIZE 255
+
+struct ext_log_source ima_source = {
+ ima_open,
+ ima_get_entries_by_pcr,
+ ima_get_entry,
+ ima_close
+};
+
+int
+ima_open(void *source, FILE **handle)
+{
+ FILE *fd;
+
+ if ((fd = fopen((char *)source, "r")) == NULL) {
+ LogError("Error opening PCR log file %s: %s",
+ (char *)source, strerror(errno));
+ return -1;
+ }
+
+ *handle = fd;
+ return 0;
+}
+
+TSS_RESULT
+ima_get_entries_by_pcr(FILE *handle, UINT32 pcr_index, UINT32 first,
+ UINT32 *count, TSS_PCR_EVENT **events)
+{
+ int pcr_value;
+ char page[IMA_READ_SIZE];
+ int error_path = 1, ptr = 0;
+ UINT32 copied_events = 0, i;
+ struct event_wrapper *list, *cur;
+ TSS_RESULT result = TCSERR(TSS_E_INTERNAL_ERROR);
+ FILE *fp = (FILE *) handle;
+ uint len;
+ char name[EVLOG_FILENAME_MAXSIZE];
+
+ if (!fp) {
+ LogError("File handle is NULL!\n");
+ return 1;
+ }
+
+ if (*count == 0)
+ return TSS_SUCCESS;
+
+ list = calloc(1, sizeof(struct event_wrapper));
+ if (list == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct event_wrapper));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ cur = list;
+
+ rewind(fp);
+
+ while (fread(page, 24, 1, fp)) {
+ /* copy the initial 4 bytes (PCR index) XXX endianess ignored */
+ ptr = 0;
+ memcpy(&pcr_value, &page[ptr], sizeof(int));
+ cur->event.ulPcrIndex = pcr_value;
+ ptr += sizeof(int);
+
+ /* grab this entry */
+ cur->event.ulPcrValueLength = 20;
+ cur->event.rgbPcrValue = malloc(cur->event.ulPcrValueLength);
+ if (cur->event.rgbPcrValue == NULL) {
+ LogError("malloc of %d bytes failed.", 20);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto free_list;
+ }
+
+ /* copy the template SHA1 XXX endianess ignored */
+ memcpy(cur->event.rgbPcrValue, &page[ptr],
+ cur->event.ulPcrValueLength);
+
+/* Get the template name size, template name */
+{
+ char digest[20];
+
+ if (fread(&len, 1, sizeof(len), fp) != (sizeof(len))) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto free_list;
+ }
+ if (len > EVLOG_FILENAME_MAXSIZE) {
+ LogError("Event log file name too big! Max size is %d", EVLOG_FILENAME_MAXSIZE);
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto free_list;
+ }
+ memset(name, 0, EVLOG_FILENAME_MAXSIZE);
+ if (fread(name, 1, len, fp) != len) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto free_list;
+ }
+ if (fread(digest, 1, sizeof digest, fp) != (sizeof(digest))) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto free_list;
+ }
+}
+ /* Get the template data namelen and data */
+ if (fread(&cur->event.ulEventLength, 1, sizeof(int), fp) != sizeof(int)) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto free_list;
+ }
+ cur->event.rgbEvent = malloc(cur->event.ulEventLength + 1);
+ if (cur->event.rgbEvent == NULL) {
+ free(cur->event.rgbPcrValue);
+ LogError("malloc of %u bytes failed.",
+ cur->event.ulEventLength);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto free_list;
+ }
+ memset(cur->event.rgbEvent, 0, cur->event.ulEventLength);
+ if (fread(cur->event.rgbEvent, 1, cur->event.ulEventLength, fp) != cur->event.ulEventLength) {
+ free(cur->event.rgbPcrValue);
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto free_list;
+ }
+
+ copied_events++;
+
+ if (copied_events == *count)
+ goto copy_events;
+
+ cur->next = calloc(1, sizeof(struct event_wrapper));
+ if (cur->next == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct event_wrapper));
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto free_list;
+ }
+ cur = cur->next;
+ }
+
+copy_events:
+ /* we've copied all the events we need to from this PCR, now
+ * copy them all into one contiguous memory block
+ */
+ *events = calloc(copied_events, sizeof(TSS_PCR_EVENT));
+ if (*events == NULL) {
+ LogError("malloc of %zd bytes failed.", copied_events * sizeof(TSS_PCR_EVENT));
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto free_list;
+ }
+
+ cur = list;
+ for (i = 0; i < copied_events; i++) {
+ memcpy(&((*events)[i]), &(cur->event), sizeof(TSS_PCR_EVENT));
+ cur = cur->next;
+ }
+
+ *count = copied_events;
+ /* assume we're in an error path until we get here */
+ error_path = 0;
+ result = TSS_SUCCESS;
+
+free_list:
+ cur = list->next;
+ while (cur != NULL) {
+ if (error_path) {
+ free(cur->event.rgbEvent);
+ free(cur->event.rgbPcrValue);
+ }
+ free(list);
+ list = cur;
+ cur = list->next;
+ }
+ free(list);
+ return result;
+}
+
+TSS_RESULT
+ima_get_entry(FILE *handle, UINT32 pcr_index, UINT32 *num, TSS_PCR_EVENT **ppEvent)
+{
+ int pcr_value, ptr = 0;
+ uint len;
+ char page[IMA_READ_SIZE];
+ UINT32 seen_indices = 0;
+ TSS_RESULT result = TCSERR(TSS_E_INTERNAL_ERROR);
+ TSS_PCR_EVENT *event = NULL;
+ FILE *fp = (FILE *) handle;
+ char name[EVLOG_FILENAME_MAXSIZE];
+
+ rewind(fp);
+ while (fread(page, 24, 1, fp)) {
+ /* copy the initial 4 bytes (PCR index) XXX endianess ignored */
+ ptr = 0;
+ memcpy(&pcr_value, &page[ptr], sizeof(int));
+
+ if (pcr_index == (UINT32)pcr_value) {
+ ptr += sizeof(int);
+ /* This is the case where we're looking for a specific event number in a
+ * specific PCR index. When we've reached the correct event, malloc
+ * space for it, copy it in, then break out of the while loop */
+ if (ppEvent && seen_indices == *num) {
+ /* grab this entry */
+ event = calloc(1, sizeof(TSS_PCR_EVENT));
+ event->ulPcrIndex = pcr_value;
+ event->rgbPcrValue = NULL;
+ event->rgbEvent = NULL;
+ event->ulPcrValueLength = 20;
+ event->rgbPcrValue = malloc(event->ulPcrValueLength);
+ if (event->rgbPcrValue == NULL) {
+ LogError("malloc of %d bytes failed.", 20);
+ free(event);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ /* copy the template SHA1 XXX endianess ignored */
+ memcpy(event->rgbPcrValue, &page[ptr],
+ event->ulPcrValueLength);
+
+ /* Get the template name size, template name */
+ {
+ char digest[20];
+
+ if (fread(&len, 1, sizeof(len), fp) != sizeof(len)) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (len > EVLOG_FILENAME_MAXSIZE) {
+ LogError("Event log file name too big! Max size is %d", EVLOG_FILENAME_MAXSIZE);
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ memset(name, 0, EVLOG_FILENAME_MAXSIZE);
+ if (fread(name, 1, len, fp) != len) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (fread(digest, 1, sizeof(digest), fp) != sizeof(digest)) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+ /* Get the template data namelen and data */
+ if (fread(&event->ulEventLength, 1, sizeof(int), fp) != sizeof(int)) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ event->rgbEvent = malloc(event->ulEventLength + 1);
+ if (event->rgbEvent == NULL) {
+ LogError("malloc of %u bytes failed.",
+ event->ulEventLength);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memset(event->rgbEvent, 0, event->ulEventLength + 1);
+ if (fread(event->rgbEvent, 1, event->ulEventLength, fp) != event->ulEventLength ) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *ppEvent = event;
+ result = TSS_SUCCESS;
+ break;
+ }
+ }
+ if (fread(&len, 1, sizeof(len), fp) != sizeof(len)) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ fseek(fp, len + 20, SEEK_CUR);
+ if (fread(&len, 1, sizeof(len), fp) != sizeof(len)) {
+ LogError("Failed to read event log file");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ fseek(fp, len, SEEK_CUR);
+ seen_indices++;
+ }
+done:
+ if (result != TSS_SUCCESS) {
+ if (event != NULL) {
+ free(event->rgbPcrValue);
+ free(event->rgbEvent);
+ }
+ free(event);
+ event = NULL;
+ }
+
+ if (ppEvent == NULL)
+ *num = seen_indices;
+
+ return result;
+}
+
+int
+ima_close(FILE *handle)
+{
+ fclose((FILE *)handle);
+
+ return 0;
+}
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key.c
new file mode 100644
index 0000000..835fc50
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key.c
@@ -0,0 +1,609 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "req_mgr.h"
+#include "tcs_tsp.h"
+#include "tcslog.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+
+#define KEY_PARMS_SIZE 100
+
+struct key_mem_cache *key_mem_cache_head = NULL;
+
+TSS_UUID NULL_UUID = { 0, 0, 0, 0, 0, { 0, 0, 0, 0, 0, 0 } };
+
+
+TSS_RESULT
+add_cache_entry(TCS_CONTEXT_HANDLE hContext,
+ BYTE* blob,
+ TCS_KEY_HANDLE hParent,
+ TPM_KEY_HANDLE hSlot,
+ TCS_KEY_HANDLE* new)
+{
+ UINT64 offset;
+ TSS_RESULT result;
+ TCS_KEY_HANDLE tcsHandle;
+ TSS_KEY key, *pKey;
+
+ if (!blob) {
+ pKey = NULL;
+ } else {
+ offset = 0;
+ if ((result = UnloadBlob_TSS_KEY(&offset, blob, &key)))
+ return result;
+
+ // If the key requires auth data, then the key cannot be used.
+ TSS_BOOL can_cache = !key.authDataUsage;
+
+ // Try to get it from cache.
+ tcsHandle = mc_get_handle_by_pub(&key.pubKey, hParent);
+ if (tcsHandle != NULL_TCS_HANDLE) {
+ // Cache hit.
+ if (can_cache) {
+ mc_set_slot_by_handle(tcsHandle, hSlot);
+ *new = tcsHandle;
+ goto done;
+ } else {
+ // Can't use the cache.
+ // Remove the existing cache so we don't have too many entries
+ // stuck in cache.
+ mc_remove_entry(tcsHandle);
+ tcsHandle = NULL_TCS_HANDLE;
+ }
+ }
+ // Key not found in cache or can't use cache.
+ pKey = &key;
+ }
+
+ LogDebugFn("No existing key handle for this key, creating new one...");
+ /* Get a new TCS Key Handle */
+ tcsHandle = getNextTcsKeyHandle();
+ LogDebugFn("calling mc_add_entry, TCS handle: 0x%x, TPM handle 0x%x", tcsHandle, hSlot);
+
+ if ((result = mc_add_entry(tcsHandle, hSlot, pKey)))
+ goto done;
+
+ LogDebugFn("ctx_mark_key_loaded");
+ if (ctx_mark_key_loaded(hContext, tcsHandle)) {
+ LogError("Error marking key as loaded");
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ if ((result = mc_set_parent_by_handle(tcsHandle, hParent))) {
+ LogError("mc_set_parent_by_handle failed.");
+ goto done;
+ }
+
+ *new = tcsHandle;
+done:
+ if (blob)
+ destroy_key_refs(&key);
+ return result;
+}
+
+/* Check that the context has this key loaded and return the associated slot. Do not search PS if
+ * the key is not found */
+TSS_RESULT
+get_slot_lite(TCS_CONTEXT_HANDLE hContext, TCS_KEY_HANDLE hKey, TPM_KEY_HANDLE *out)
+{
+ if (ctx_has_key_loaded(hContext, hKey)) {
+ if ((*out = mc_get_slot_by_handle(hKey)) == NULL_TPM_HANDLE)
+ return TCSERR(TCS_E_INVALID_KEY);
+
+ return TSS_SUCCESS;
+ }
+
+ return TCSERR(TCS_E_INVALID_KEY);
+}
+
+/* XXX Can get_slot be merged with ensureKeyIsLoaded? */
+
+/* Given a handle, get_slot searches the mem cache for a mapping to a TPM handle. If there is no
+ * mapping, it looks up the pub key of the handle and attempts to load it by finding its pub key
+ * in the persistent store. If that's not found, return error. */
+TSS_RESULT
+get_slot(TCS_CONTEXT_HANDLE hContext, TCS_KEY_HANDLE hKey, TPM_KEY_HANDLE *out)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_STORE_PUBKEY *pub = NULL;
+ TPM_KEY_HANDLE slot;
+
+ LogDebugFn("calling mc_get_slot_by_handle");
+ if ((slot = mc_get_slot_by_handle(hKey)) == NULL_TPM_HANDLE) {
+ LogDebugFn("calling mc_get_pub_by_slot");
+ if ((pub = mc_get_pub_by_slot(hKey)) == NULL)
+ return TCSERR(TCS_E_KM_LOADFAILED);
+
+ LogDebugFn("calling LoadKeyShim");
+ /* Otherwise, try to load it using the shim */
+ result = LoadKeyShim(hContext, pub, NULL, &slot);
+ }
+
+ if (!result)
+ *out = slot;
+
+ return result;
+}
+
+/* load_key_init is the common entry point for all load key requests to the TCSD. These can come in
+ * as straight load or load2 requests, or through a transport session.
+ *
+ * We'll always attempt to load the key if
+ * A) It requires auth (load should fail if auth is bad, even when its already been loaded by
+ * another thread)
+ * B) Its in a transport session (the key blob is encrypted)
+ *
+ * Otherwise if the key is already loaded by another thread and it doesn't require auth, then we
+ * will just set *load_key to FALSE, telling the caller that there's no need to send anything to
+ * the TPM.
+ */
+TSS_RESULT
+load_key_init(TPM_COMMAND_CODE ord,
+ TCS_CONTEXT_HANDLE hContext,
+ TCS_KEY_HANDLE parent_handle,
+ UINT32 blob_size,
+ BYTE* blob,
+ TSS_BOOL encrypted,
+ TPM_AUTH* auth,
+ TSS_BOOL* load_key,
+ UINT64* out_len,
+ BYTE* out,
+ TCS_KEY_HANDLE* handle,
+ TPM_KEY_HANDLE* slot)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ TSS_KEY key;
+ UINT64 offset;
+ TPM_KEY_HANDLE tpm_slot;
+ TCS_KEY_HANDLE tcs_handle;
+ TSS_BOOL canLoad;
+
+
+ if (!encrypted) {
+ offset = 0;
+ memset(&key, 0, sizeof(TSS_KEY));
+ if ((result = UnloadBlob_TSS_KEY(&offset, blob, &key)))
+ return result;
+ }
+
+ if (!auth && !encrypted) {
+ LogDebugFn("Checking if LoadKeyByBlob can be avoided by using existing key");
+
+ if ((tcs_handle = mc_get_handle_by_pub(&key.pubKey, parent_handle))) {
+ LogDebugFn("tcs key handle exists");
+
+ tpm_slot = mc_get_slot_by_handle(tcs_handle);
+ if (tpm_slot && (isKeyLoaded(tpm_slot) == TRUE)) {
+ LogDebugFn("Don't need to reload this key.");
+ *handle = tcs_handle;
+ *slot = tpm_slot;
+ *load_key = FALSE;
+ goto done;
+ }
+ }
+ }
+ *load_key = TRUE;
+
+ LogDebugFn("calling canILoadThisKey");
+ if (!encrypted) {
+ if ((result = canILoadThisKey(&(key.algorithmParms), &canLoad)))
+ goto error;
+
+ if (canLoad == FALSE) {
+ LogDebugFn("calling evictFirstKey");
+ /* Evict a key that isn't the parent */
+ if ((result = evictFirstKey(parent_handle)))
+ goto error;
+ }
+ }
+
+error:
+ if (!encrypted)
+ destroy_key_refs(&key);
+done:
+ return result;
+}
+
+TSS_RESULT
+load_key_final(TCS_CONTEXT_HANDLE hContext,
+ TCS_KEY_HANDLE parent_handle,
+ TCS_KEY_HANDLE* tcs_handle,
+ BYTE* blob,
+ TPM_KEY_HANDLE slot)
+{
+ if (*tcs_handle == NULL_TCS_HANDLE)
+ return add_cache_entry(hContext, blob, parent_handle, slot, tcs_handle);
+ else
+ return mc_set_slot_by_handle(*tcs_handle, slot);
+}
+
+TSS_RESULT
+canILoadThisKey(TCPA_KEY_PARMS *parms, TSS_BOOL *b)
+{
+ UINT16 subCapLength;
+ UINT64 offset;
+ BYTE subCap[KEY_PARMS_SIZE];
+ TCPA_RESULT result;
+ UINT32 respDataLength;
+ BYTE *respData;
+
+ offset = 0;
+ LoadBlob_KEY_PARMS(&offset, NULL, parms);
+ if (offset > KEY_PARMS_SIZE) {
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+ offset = 0;
+ LoadBlob_KEY_PARMS(&offset, subCap, parms);
+ subCapLength = offset;
+
+ if ((result = TCSP_GetCapability_Internal(InternalContext, TCPA_CAP_CHECK_LOADED,
+ subCapLength, subCap, &respDataLength,
+ &respData))) {
+ *b = FALSE;
+ LogDebugFn("NO");
+ return result;
+ }
+
+ *b = respData[0];
+ free(respData);
+ LogDebugFn("%s", *b ? "YES" : "NO");
+
+ return TSS_SUCCESS;
+}
+
+TCPA_RESULT
+internal_EvictByKeySlot(TCPA_KEY_HANDLE slot)
+{
+ TCPA_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Evict Key");
+
+#ifdef TSS_BUILD_TSS12
+ if (TPM_VERSION_IS(1,2)) {
+ LogDebugFn("Evicting key using FlushSpecific for TPM 1.2");
+
+ return TCSP_FlushSpecific_Common(slot, TPM_RT_KEY);
+ }
+#endif
+
+ offset = 10;
+ LoadBlob_UINT32(&offset, slot, txBlob);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset, TPM_ORD_EvictKey, txBlob);
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ LogResult("Evict Key", result);
+ return result;
+}
+
+TSS_RESULT
+clearUnknownKeys(TCS_CONTEXT_HANDLE hContext, UINT32 *cleared)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ TCPA_KEY_HANDLE_LIST keyList = { 0, NULL };
+ int i;
+ BYTE *respData = NULL;
+ UINT32 respDataSize = 0, count = 0;
+ TCPA_CAPABILITY_AREA capArea = -1;
+ UINT64 offset = 0;
+ TSS_BOOL found = FALSE;
+ struct key_mem_cache *tmp;
+
+ capArea = TCPA_CAP_KEY_HANDLE;
+
+ if ((result = TCSP_GetCapability_Internal(hContext, capArea, 0, NULL, &respDataSize,
+ &respData)))
+ return result;
+
+ if ((result = UnloadBlob_KEY_HANDLE_LIST(&offset, respData, &keyList)))
+ goto done;
+
+#ifdef TSS_DEBUG
+ LogDebug("Loaded TPM key handles:");
+ for (i = 0; i < keyList.loaded; i++) {
+ LogDebugFn("%d: %x", i, keyList.handle[i]);
+ }
+
+ LogDebug("Loaded TCSD key handles:");
+ i=0;
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("%d: 0x%x -> 0x%x", i++, tmp->tpm_handle,
+ tmp->tcs_handle);
+ }
+#endif
+
+ for (i = 0; i < keyList.loaded; i++) {
+ /* as long as we're only called from evictFirstKey(), we don't
+ * need to lock here */
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ if (tmp->tpm_handle == keyList.handle[i]) {
+ found = TRUE;
+ break;
+ }
+ }
+ if (found)
+ found = FALSE;
+ else {
+ if ((result = internal_EvictByKeySlot(keyList.handle[i])))
+ goto done;
+ else
+ count++;
+ }
+ }
+
+ *cleared = count;
+done:
+ free(keyList.handle);
+ free(respData);
+
+ return TSS_SUCCESS;
+}
+
+#if 0
+TCPA_RESULT
+clearKeysFromChip(TCS_CONTEXT_HANDLE hContext)
+{
+ TCPA_RESULT result;
+ TCPA_KEY_HANDLE_LIST keyList;
+ UINT32 i;
+ BYTE *respData = 0;
+ UINT32 respDataSize = 0;
+ TCPA_CAPABILITY_AREA capArea = -1;
+ UINT64 offset = 0;
+
+ capArea = TCPA_CAP_KEY_HANDLE;
+
+ if ((result = TCSP_GetCapability_Internal(hContext, capArea, 0, NULL,
+ &respDataSize, &respData)))
+ return result;
+
+ if ((result = UnloadBlob_KEY_HANDLE_LIST(&offset, respData, &keyList)))
+ return result;
+ for (i = 0; i < keyList.loaded; i++) {
+ if (keyList.handle[i] == SRK_TPM_HANDLE || /*can't evict SRK */
+ keyList.handle[i] == EK_TPM_HANDLE) /*can't evict EK */
+ continue;
+ if ((result = internal_EvictByKeySlot(keyList.handle[i])))
+ return result;
+ }
+ return TSS_SUCCESS;
+}
+#endif
+
+void
+LoadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyInfo)
+{
+ LoadBlob_UINT32(offset, keyInfo->algorithmID, blob);
+ LoadBlob_UINT16(offset, keyInfo->encScheme, blob);
+ LoadBlob_UINT16(offset, keyInfo->sigScheme, blob);
+ LoadBlob_UINT32(offset, keyInfo->parmSize, blob);
+ LoadBlob(offset, keyInfo->parmSize, blob, keyInfo->parms);
+}
+
+TSS_RESULT
+UnloadBlob_STORE_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_STORE_PUBKEY *store)
+{
+ if (!store) {
+ UINT32 keyLength;
+
+ UnloadBlob_UINT32(offset, &keyLength, blob);
+
+ if (keyLength > 0)
+ UnloadBlob(offset, keyLength, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_UINT32(offset, &store->keyLength, blob);
+
+ if (store->keyLength == 0) {
+ store->key = NULL;
+ LogWarn("Unloading a public key of size 0!");
+ } else {
+ store->key = (BYTE *)malloc(store->keyLength);
+ if (store->key == NULL) {
+ LogError("malloc of %u bytes failed.", store->keyLength);
+ store->keyLength = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(offset, store->keyLength, blob, store->key);
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+LoadBlob_STORE_PUBKEY(UINT64 *offset, BYTE * blob, TCPA_STORE_PUBKEY * store)
+{
+ LoadBlob_UINT32(offset, store->keyLength, blob);
+ LoadBlob(offset, store->keyLength, blob, store->key);
+}
+
+TSS_RESULT
+UnloadBlob_TSS_KEY(UINT64 *offset, BYTE *blob, TSS_KEY *key)
+{
+ TSS_RESULT rc;
+
+ if (!key) {
+ UINT32 size;
+
+ /* TPM_KEY's ver and TPM_KEY12's tag/file are
+ the same size, so... */
+ UnloadBlob_VERSION(offset, blob, NULL);
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob_KEY_FLAGS(offset, blob, NULL);
+ UnloadBlob_BOOL(offset, NULL, blob);
+ if ((rc = UnloadBlob_KEY_PARMS(offset, blob, NULL)))
+ return rc;
+ UnloadBlob_UINT32(offset, &size, blob);
+
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ if ((rc = UnloadBlob_STORE_PUBKEY(offset, blob, NULL)))
+ return rc;
+
+ UnloadBlob_UINT32(offset, &size, blob);
+
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if (key->hdr.key12.tag == TPM_TAG_KEY12) {
+ UnloadBlob_UINT16(offset, &key->hdr.key12.tag, blob);
+ UnloadBlob_UINT16(offset, &key->hdr.key12.fill, blob);
+ } else
+ UnloadBlob_TCPA_VERSION(offset, blob, &key->hdr.key11.ver);
+ UnloadBlob_UINT16(offset, &key->keyUsage, blob);
+ UnloadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ UnloadBlob_BOOL(offset, (TSS_BOOL *)&key->authDataUsage, blob);
+ if ((rc = UnloadBlob_KEY_PARMS(offset, blob, &key->algorithmParms)))
+ return rc;
+ UnloadBlob_UINT32(offset, &key->PCRInfoSize, blob);
+
+ if (key->PCRInfoSize == 0)
+ key->PCRInfo = NULL;
+ else {
+ key->PCRInfo = malloc(key->PCRInfoSize);
+ if (key->PCRInfo == NULL) {
+ LogError("malloc of %u bytes failed.", key->PCRInfoSize);
+ key->PCRInfoSize = 0;
+ free(key->algorithmParms.parms);
+ key->algorithmParms.parms = NULL;
+ key->algorithmParms.parmSize = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+ }
+
+ if ((rc = UnloadBlob_STORE_PUBKEY(offset, blob, &key->pubKey))) {
+ free(key->PCRInfo);
+ key->PCRInfo = NULL;
+ key->PCRInfoSize = 0;
+ free(key->algorithmParms.parms);
+ key->algorithmParms.parms = NULL;
+ key->algorithmParms.parmSize = 0;
+ return rc;
+ }
+ UnloadBlob_UINT32(offset, &key->encSize, blob);
+
+ if (key->encSize == 0)
+ key->encData = NULL;
+ else {
+ key->encData = (BYTE *)malloc(key->encSize);
+ if (key->encData == NULL) {
+ LogError("malloc of %d bytes failed.", key->encSize);
+ key->encSize = 0;
+ free(key->algorithmParms.parms);
+ key->algorithmParms.parms = NULL;
+ key->algorithmParms.parmSize = 0;
+ free(key->PCRInfo);
+ key->PCRInfo = NULL;
+ key->PCRInfoSize = 0;
+ free(key->pubKey.key);
+ key->pubKey.key = NULL;
+ key->pubKey.keyLength = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, key->encSize, blob, key->encData);
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+LoadBlob_TSS_KEY(UINT64 *offset, BYTE * blob, TSS_KEY * key)
+{
+ if (key->hdr.key12.tag == TPM_TAG_KEY12) {
+ LoadBlob_UINT16(offset, key->hdr.key12.tag, blob);
+ LoadBlob_UINT16(offset, key->hdr.key12.fill, blob);
+ } else
+ LoadBlob_TCPA_VERSION(offset, blob, &key->hdr.key11.ver);
+ LoadBlob_UINT16(offset, key->keyUsage, blob);
+ LoadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ LoadBlob_BOOL(offset, key->authDataUsage, blob);
+ LoadBlob_KEY_PARMS(offset, blob, &key->algorithmParms);
+ LoadBlob_UINT32(offset, key->PCRInfoSize, blob);
+ LoadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+ LoadBlob_STORE_PUBKEY(offset, blob, &key->pubKey);
+ LoadBlob_UINT32(offset, key->encSize, blob);
+ LoadBlob(offset, key->encSize, blob, key->encData);
+}
+
+void
+LoadBlob_PUBKEY(UINT64 *offset, BYTE * blob, TCPA_PUBKEY * key)
+{
+ LoadBlob_KEY_PARMS(offset, blob, &(key->algorithmParms));
+ LoadBlob_STORE_PUBKEY(offset, blob, &(key->pubKey));
+}
+
+TSS_RESULT
+UnloadBlob_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_PUBKEY *key)
+{
+ TSS_RESULT rc;
+
+ if (!key) {
+ if ((rc = UnloadBlob_KEY_PARMS(offset, blob, NULL)))
+ return rc;
+ return UnloadBlob_STORE_PUBKEY(offset, blob, NULL);
+ }
+
+ if ((rc = UnloadBlob_KEY_PARMS(offset, blob, &key->algorithmParms)))
+ return rc;
+ if ((rc = UnloadBlob_STORE_PUBKEY(offset, blob, &key->pubKey))) {
+ free(key->algorithmParms.parms);
+ key->algorithmParms.parms = NULL;
+ key->algorithmParms.parmSize = 0;
+ }
+
+ return rc;
+}
+
+void
+LoadBlob_KEY_FLAGS(UINT64 *offset, BYTE * blob, TCPA_KEY_FLAGS * flags)
+{
+ LoadBlob_UINT32(offset, *flags, blob);
+}
+
+void
+destroy_key_refs(TSS_KEY *key)
+{
+ free(key->algorithmParms.parms);
+ key->algorithmParms.parms = NULL;
+ key->algorithmParms.parmSize = 0;
+
+ free(key->pubKey.key);
+ key->pubKey.key = NULL;
+ key->pubKey.keyLength = 0;
+
+ free(key->encData);
+ key->encData = NULL;
+ key->encSize = 0;
+
+ free(key->PCRInfo);
+ key->PCRInfo = NULL;
+ key->PCRInfoSize = 0;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key_mem_cache.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key_mem_cache.c
new file mode 100644
index 0000000..39ef88a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key_mem_cache.c
@@ -0,0 +1,1084 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+
+#include "tcs_key_ps.h"
+
+/*
+ * mem_cache_lock will be responsible for protecting the key_mem_cache_head list. This is a
+ * TCSD global linked list of all keys which have been loaded into the TPM at some time.
+ */
+MUTEX_DECLARE_INIT(mem_cache_lock);
+
+/*
+ * tcs_keyhandle_lock is only used to make TCS keyhandle generation atomic for all TCSD
+ * threads.
+ */
+static MUTEX_DECLARE_INIT(tcs_keyhandle_lock);
+
+/*
+ * timestamp_lock is only used to make TCS key timestamp generation atomic for all TCSD
+ * threads.
+ */
+static MUTEX_DECLARE_INIT(timestamp_lock);
+
+TCS_KEY_HANDLE
+getNextTcsKeyHandle()
+{
+ static TCS_KEY_HANDLE NextTcsKeyHandle = 0x22330000;
+ TCS_KEY_HANDLE ret;
+
+ MUTEX_LOCK(tcs_keyhandle_lock);
+
+ do {
+ ret = NextTcsKeyHandle++;
+ } while (NextTcsKeyHandle == SRK_TPM_HANDLE || NextTcsKeyHandle == NULL_TCS_HANDLE);
+
+ MUTEX_UNLOCK(tcs_keyhandle_lock);
+
+ return ret;
+}
+
+UINT32
+getNextTimeStamp()
+{
+ static UINT32 time_stamp = 1;
+ UINT32 ret;
+
+ MUTEX_LOCK(timestamp_lock);
+ ret = time_stamp++;
+ MUTEX_UNLOCK(timestamp_lock);
+
+ return ret;
+}
+
+/* only called from load key paths, so no locking */
+TCPA_STORE_PUBKEY *
+mc_get_pub_by_slot(TCPA_KEY_HANDLE tpm_handle)
+{
+ struct key_mem_cache *tmp;
+ TCPA_STORE_PUBKEY *ret;
+
+ if (tpm_handle == NULL_TPM_HANDLE)
+ return NULL;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x",
+ tmp->tcs_handle);
+ if (tmp->tpm_handle == tpm_handle) {
+ ret = tmp->blob ? &tmp->blob->pubKey : NULL;
+ return ret;
+ }
+ }
+ LogDebugFn("returning NULL TCPA_STORE_PUBKEY");
+ return NULL;
+}
+
+/* only called from load key paths, so no locking */
+TCPA_STORE_PUBKEY *
+mc_get_pub_by_handle(TCS_KEY_HANDLE tcs_handle)
+{
+ struct key_mem_cache *tmp;
+ TCPA_STORE_PUBKEY *ret;
+
+ LogDebugFn("looking for 0x%x", tcs_handle);
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x",
+ tmp->tcs_handle);
+ if (tmp->tcs_handle == tcs_handle) {
+ ret = tmp->blob ? &tmp->blob->pubKey : NULL;
+ return ret;
+ }
+ }
+
+ LogDebugFn("returning NULL TCPA_STORE_PUBKEY");
+ return NULL;
+}
+
+/* only called from load key paths, so no locking */
+TSS_RESULT
+mc_set_parent_by_handle(TCS_KEY_HANDLE tcs_handle, TCS_KEY_HANDLE p_tcs_handle)
+{
+ struct key_mem_cache *tmp, *parent;
+
+ /* find parent */
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebug("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tcs_handle == p_tcs_handle) {
+ parent = tmp;
+ break;
+ }
+ }
+
+ /* didn't find parent */
+ if (tmp == NULL)
+ goto done;
+
+ /* set parent blob in child */
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ if (tmp->tcs_handle == tcs_handle) {
+ tmp->parent = parent;
+ return TSS_SUCCESS;
+ }
+ }
+done:
+ return TCSERR(TSS_E_FAIL);
+}
+
+TCPA_RESULT
+ensureKeyIsLoaded(TCS_CONTEXT_HANDLE hContext, TCS_KEY_HANDLE keyHandle, TCPA_KEY_HANDLE * keySlot)
+{
+ TCPA_RESULT result = TSS_SUCCESS;
+ TCPA_STORE_PUBKEY *myPub;
+
+ LogDebugFn("0x%x", keyHandle);
+
+ if (!ctx_has_key_loaded(hContext, keyHandle))
+ return TCSERR(TCS_E_INVALID_KEY);
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ *keySlot = mc_get_slot_by_handle(keyHandle);
+ LogDebug("keySlot is %08X", *keySlot);
+ if (*keySlot == NULL_TPM_HANDLE || isKeyLoaded(*keySlot) == FALSE) {
+ LogDebug("calling mc_get_pub_by_handle");
+ if ((myPub = mc_get_pub_by_handle(keyHandle)) == NULL) {
+ LogDebug("Failed to find pub by handle");
+ result = TCSERR(TCS_E_KM_LOADFAILED);
+ goto done;
+ }
+
+ LogDebugFn("calling LoadKeyShim");
+ if ((result = LoadKeyShim(hContext, myPub, NULL, keySlot))) {
+ LogDebug("Failed shim");
+ goto done;
+ }
+
+ if (*keySlot == NULL_TPM_HANDLE) {
+ LogDebug("Key slot is still invalid after ensureKeyIsLoaded");
+ result = TCSERR(TCS_E_KM_LOADFAILED);
+ goto done;
+ }
+ }
+ mc_update_time_stamp(*keySlot);
+
+done:
+ MUTEX_UNLOCK(mem_cache_lock);
+ LogDebugFn("Exit");
+ return result;
+}
+
+
+/* only called from load key paths, so no locking */
+TSS_UUID *
+mc_get_uuid_by_pub(TCPA_STORE_PUBKEY *pub)
+{
+ TSS_UUID *ret;
+ struct key_mem_cache *tmp;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->blob &&
+ tmp->blob->pubKey.keyLength == pub->keyLength &&
+ !memcmp(tmp->blob->pubKey.key, pub->key, pub->keyLength)) {
+ ret = &tmp->uuid;
+ return ret;
+ }
+ }
+
+ return NULL;
+}
+
+TSS_RESULT
+mc_get_handles_by_uuid(TSS_UUID *uuid, TCS_KEY_HANDLE *tcsHandle, TCPA_KEY_HANDLE *slot)
+{
+ struct key_mem_cache *tmp;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ if (!memcmp(&tmp->uuid, uuid, sizeof(TSS_UUID))) {
+ *tcsHandle = tmp->tcs_handle;
+ *slot = tmp->tpm_handle;
+ return TSS_SUCCESS;
+ }
+ }
+
+ return TCSERR(TSS_E_FAIL);
+}
+
+TCS_KEY_HANDLE
+mc_get_handle_by_encdata(BYTE *encData)
+{
+ struct key_mem_cache *tmp;
+ TCS_KEY_HANDLE ret;
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (!tmp->blob || tmp->blob->encSize == 0)
+ continue;
+ if (!memcmp(tmp->blob->encData, encData, tmp->blob->encSize)) {
+ ret = tmp->tcs_handle;
+ MUTEX_UNLOCK(mem_cache_lock);
+ return ret;
+ }
+ }
+ MUTEX_UNLOCK(mem_cache_lock);
+ return 0;
+}
+
+TSS_RESULT
+mc_update_encdata(BYTE *encData, BYTE *newEncData)
+{
+ struct key_mem_cache *tmp;
+ BYTE *tmp_enc_data;
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (!tmp->blob || tmp->blob->encSize == 0)
+ continue;
+ if (!memcmp(tmp->blob->encData, encData, tmp->blob->encSize)) {
+ tmp_enc_data = (BYTE *)malloc(tmp->blob->encSize);
+ if (tmp_enc_data == NULL) {
+ LogError("malloc of %u bytes failed.", tmp->blob->encSize);
+ MUTEX_UNLOCK(mem_cache_lock);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ memcpy(tmp_enc_data, newEncData, tmp->blob->encSize);
+ free(tmp->blob->encData);
+ tmp->blob->encData = tmp_enc_data;
+ MUTEX_UNLOCK(mem_cache_lock);
+ return TSS_SUCCESS;
+ }
+ }
+ MUTEX_UNLOCK(mem_cache_lock);
+ LogError("Couldn't find requested encdata in mem cache");
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+}
+
+/*
+ * only called from load key paths and the init (single thread time) path,
+ * so no locking
+ */
+TSS_RESULT
+mc_add_entry(TCS_KEY_HANDLE tcs_handle,
+ TCPA_KEY_HANDLE tpm_handle,
+ TSS_KEY *key_blob)
+{
+ struct key_mem_cache *entry, *tmp;
+
+ /* Make sure the cache doesn't already have an entry for this key */
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tcs_handle == tmp->tcs_handle) {
+ return TSS_SUCCESS;
+ }
+ }
+
+ /* Not found - we need to create a new entry */
+ entry = (struct key_mem_cache *)calloc(1, sizeof(struct key_mem_cache));
+ if (entry == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct key_mem_cache));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ entry->tcs_handle = tcs_handle;
+ if (tpm_handle != NULL_TPM_HANDLE)
+ entry->time_stamp = getNextTimeStamp();
+
+ entry->tpm_handle = tpm_handle;
+
+ if (!key_blob)
+ goto add;
+
+ /* allocate space for the blob */
+ entry->blob = calloc(1, sizeof(TSS_KEY));
+ if (entry->blob == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_KEY));
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(entry->blob, key_blob, sizeof(TSS_KEY));
+
+ /* allocate space for the key parameters if necessary */
+ if (key_blob->algorithmParms.parmSize) {
+ BYTE *tmp_parms = (BYTE *)malloc(key_blob->algorithmParms.parmSize);
+ if (tmp_parms == NULL) {
+ LogError("malloc of %u bytes failed.", key_blob->algorithmParms.parmSize);
+ free(entry->blob);
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(tmp_parms, key_blob->algorithmParms.parms, key_blob->algorithmParms.parmSize);
+ entry->blob->algorithmParms.parms = tmp_parms;
+ }
+ entry->blob->algorithmParms.parmSize = key_blob->algorithmParms.parmSize;
+
+ /* allocate space for the public key */
+ if (key_blob->pubKey.keyLength > 0) {
+ entry->blob->pubKey.key = (BYTE *)malloc(key_blob->pubKey.keyLength);
+ if (entry->blob->pubKey.key == NULL) {
+ LogError("malloc of %u bytes failed.", key_blob->pubKey.keyLength);
+ free(entry->blob->algorithmParms.parms);
+ free(entry->blob);
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(entry->blob->pubKey.key, key_blob->pubKey.key, key_blob->pubKey.keyLength);
+ }
+ entry->blob->pubKey.keyLength = key_blob->pubKey.keyLength;
+
+ /* allocate space for the PCR info */
+ if (key_blob->PCRInfoSize > 0) {
+ entry->blob->PCRInfo = (BYTE *)malloc(key_blob->PCRInfoSize);
+ if (entry->blob->PCRInfo == NULL) {
+ LogError("malloc of %u bytes failed.", key_blob->PCRInfoSize);
+ free(entry->blob->pubKey.key);
+ free(entry->blob->algorithmParms.parms);
+ free(entry->blob);
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(entry->blob->PCRInfo, key_blob->PCRInfo, key_blob->PCRInfoSize);
+ }
+ entry->blob->PCRInfoSize = key_blob->PCRInfoSize;
+
+ /* allocate space for the encData if necessary */
+ if (key_blob->encSize > 0) {
+ entry->blob->encData = (BYTE *)malloc(key_blob->encSize);
+ if (entry->blob->encData == NULL) {
+ LogError("malloc of %u bytes failed.", key_blob->encSize);
+ free(entry->blob->PCRInfo);
+ free(entry->blob->pubKey.key);
+ free(entry->blob->algorithmParms.parms);
+ free(entry->blob);
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(entry->blob->encData, key_blob->encData, key_blob->encSize);
+ }
+ entry->blob->encSize = key_blob->encSize;
+add:
+ /* add to the front of the list */
+ entry->next = key_mem_cache_head;
+ if (key_mem_cache_head) {
+ /* set the reference count to 0 initially for all keys not being the SRK. Up
+ * the call chain, a reference to this mem cache entry will be set in the
+ * context object of the calling context and this reference count will be
+ * incremented there. */
+ entry->ref_cnt = 0;
+
+ key_mem_cache_head->prev = entry;
+ } else {
+ /* if we are the SRK, initially set the reference count to 1, so that it is
+ * always seen as loaded in the TPM. */
+ entry->ref_cnt = 1;
+ }
+ key_mem_cache_head = entry;
+
+ return TSS_SUCCESS;
+}
+
+/* caller must lock the mem cache before calling! */
+TSS_RESULT
+mc_remove_entry(TCS_KEY_HANDLE tcs_handle)
+{
+ struct key_mem_cache *cur;
+
+ for (cur = key_mem_cache_head; cur; cur = cur->next) {
+ if (cur->tcs_handle == tcs_handle) {
+ if (cur->blob) {
+ destroy_key_refs(cur->blob);
+ free(cur->blob);
+ }
+
+ if (cur->prev != NULL)
+ cur->prev->next = cur->next;
+ if (cur->next != NULL)
+ cur->next->prev = cur->prev;
+
+ if (cur == key_mem_cache_head)
+ key_mem_cache_head = cur->next;
+ free(cur);
+
+ return TSS_SUCCESS;
+ }
+ }
+
+ return TCSERR(TSS_E_FAIL);
+}
+
+TSS_RESULT
+mc_add_entry_init(TCS_KEY_HANDLE tcs_handle,
+ TCPA_KEY_HANDLE tpm_handle,
+ TSS_KEY *key_blob,
+ TSS_UUID *uuid)
+{
+ struct key_mem_cache *entry, *tmp;
+
+ /* Make sure the cache doesn't already have an entry for this key */
+ MUTEX_LOCK(mem_cache_lock);
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ if (tcs_handle == tmp->tcs_handle) {
+ mc_remove_entry(tcs_handle);
+ }
+ }
+ MUTEX_UNLOCK(mem_cache_lock);
+
+ /* Not found - we need to create a new entry */
+ entry = (struct key_mem_cache *)calloc(1, sizeof(struct key_mem_cache));
+ if (entry == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct key_mem_cache));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ entry->tcs_handle = tcs_handle;
+ if (tpm_handle != NULL_TPM_HANDLE)
+ entry->time_stamp = getNextTimeStamp();
+
+ entry->tpm_handle = tpm_handle;
+
+ if (key_blob) {
+ /* allocate space for the blob */
+ entry->blob = malloc(sizeof(TSS_KEY));
+ if (entry->blob == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_KEY));
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ memcpy(entry->blob, key_blob, sizeof(TSS_KEY));
+
+ /* allocate space for the key parameters if necessary */
+ if (key_blob->algorithmParms.parmSize) {
+ BYTE *tmp_parms = (BYTE *)malloc(key_blob->algorithmParms.parmSize);
+ if (tmp_parms == NULL) {
+ LogError("malloc of %u bytes failed.",
+ key_blob->algorithmParms.parmSize);
+ free(entry->blob);
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(tmp_parms, key_blob->algorithmParms.parms,
+ key_blob->algorithmParms.parmSize);
+ entry->blob->algorithmParms.parms = tmp_parms;
+ }
+
+ /* allocate space for the public key */
+ entry->blob->pubKey.key = (BYTE *)malloc(key_blob->pubKey.keyLength);
+ if (entry->blob->pubKey.key == NULL) {
+ LogError("malloc of %u bytes failed.", key_blob->pubKey.keyLength);
+ free(entry->blob);
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(entry->blob->pubKey.key, key_blob->pubKey.key, key_blob->pubKey.keyLength);
+
+ /* allocate space for the encData if necessary */
+ if (key_blob->encSize != 0) {
+ entry->blob->encData = (BYTE *)malloc(key_blob->encSize);
+ if (entry->blob->encData == NULL) {
+ LogError("malloc of %u bytes failed.", key_blob->encSize);
+ free(entry->blob->pubKey.key);
+ free(entry->blob);
+ free(entry);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(entry->blob->encData, key_blob->encData, key_blob->encSize);
+ }
+ entry->blob->encSize = key_blob->encSize;
+ }
+
+ memcpy(&entry->uuid, uuid, sizeof(TSS_UUID));
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ entry->next = key_mem_cache_head;
+ if (key_mem_cache_head)
+ key_mem_cache_head->prev = entry;
+
+ entry->ref_cnt = 1;
+ key_mem_cache_head = entry;
+ MUTEX_UNLOCK(mem_cache_lock);
+
+ return TSS_SUCCESS;
+}
+
+/* only called from evict key paths, so no locking */
+TSS_RESULT
+mc_set_slot_by_slot(TCPA_KEY_HANDLE old_handle, TCPA_KEY_HANDLE new_handle)
+{
+ struct key_mem_cache *tmp;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ if (tmp->tpm_handle == old_handle) {
+ LogDebugFn("Set TCS key 0x%x, old TPM handle: 0x%x "
+ "new TPM handle: 0x%x", tmp->tcs_handle,
+ old_handle, new_handle);
+ if (new_handle == NULL_TPM_HANDLE)
+ tmp->time_stamp = 0;
+ else
+ tmp->time_stamp = getNextTimeStamp();
+ tmp->tpm_handle = new_handle;
+ return TSS_SUCCESS;
+ }
+ }
+
+ return TCSERR(TSS_E_FAIL);
+}
+
+/* only called from load key paths, so no locking */
+TSS_RESULT
+mc_set_slot_by_handle(TCS_KEY_HANDLE tcs_handle, TCPA_KEY_HANDLE tpm_handle)
+{
+ struct key_mem_cache *tmp;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebug("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tcs_handle == tcs_handle) {
+ if (tpm_handle == NULL_TPM_HANDLE)
+ tmp->time_stamp = 0;
+ else
+ tmp->time_stamp = getNextTimeStamp();
+ tmp->tpm_handle = tpm_handle;
+ return TSS_SUCCESS;
+ }
+ }
+
+ return TCSERR(TSS_E_FAIL);
+}
+
+/* the beginnings of a key manager start here ;-) */
+
+TSS_RESULT
+key_mgr_evict(TCS_CONTEXT_HANDLE hContext, TCS_KEY_HANDLE hKey)
+{
+ TSS_RESULT result = TCS_SUCCESS;
+
+ if ((result = ctx_remove_key_loaded(hContext, hKey)))
+ return result;
+
+ if ((result = key_mgr_dec_ref_count(hKey)))
+ return result;
+
+ key_mgr_ref_count();
+
+ return result;
+}
+
+TSS_RESULT
+key_mgr_load_by_blob(TCS_CONTEXT_HANDLE hContext, TCS_KEY_HANDLE hUnwrappingKey,
+ UINT32 cWrappedKeyBlob, BYTE *rgbWrappedKeyBlob,
+ TPM_AUTH *pAuth, TCS_KEY_HANDLE *phKeyTCSI, TCS_KEY_HANDLE *phKeyHMAC)
+{
+ TSS_RESULT result;
+
+ /* Check that auth for the parent key is loaded outside the mem_cache_lock. We have to do
+ * this here because if the TPM can't process this request right now, the thread could be
+ * put to sleep while holding the mem_cache_lock, which would result in a deadlock */
+ if (pAuth) {
+ if ((result = auth_mgr_check(hContext, &pAuth->AuthHandle)))
+ return result;
+ }
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ if (TPM_VERSION_IS(1,2)) {
+ result = TCSP_LoadKey2ByBlob_Internal(hContext, hUnwrappingKey, cWrappedKeyBlob,
+ rgbWrappedKeyBlob, pAuth, phKeyTCSI);
+ } else {
+ result = TCSP_LoadKeyByBlob_Internal(hContext, hUnwrappingKey, cWrappedKeyBlob,
+ rgbWrappedKeyBlob, pAuth, phKeyTCSI,
+ phKeyHMAC);
+ }
+
+ MUTEX_UNLOCK(mem_cache_lock);
+
+ return result;
+}
+
+/* create a reference to one key. This is called from the key_mgr_load_*
+ * functions only, so no locking is done.
+ */
+TSS_RESULT
+key_mgr_inc_ref_count(TCS_KEY_HANDLE key_handle)
+{
+ struct key_mem_cache *cur;
+
+ for (cur = key_mem_cache_head; cur; cur = cur->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", cur->tcs_handle);
+ if (cur->tcs_handle == key_handle) {
+ cur->ref_cnt++;
+ return TSS_SUCCESS;
+ }
+ }
+
+ return TCSERR(TSS_E_FAIL);
+}
+
+/* de-reference one key. This is called by the context routines, so
+ * locking is necessary.
+ */
+TSS_RESULT
+key_mgr_dec_ref_count(TCS_KEY_HANDLE key_handle)
+{
+ struct key_mem_cache *cur;
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ for (cur = key_mem_cache_head; cur; cur = cur->next) {
+ if (cur->tcs_handle == key_handle) {
+ cur->ref_cnt--;
+ LogDebugFn("decrementing ref cnt for key 0x%x",
+ key_handle);
+ MUTEX_UNLOCK(mem_cache_lock);
+ return TSS_SUCCESS;
+ }
+ }
+
+ MUTEX_UNLOCK(mem_cache_lock);
+ return TCSERR(TSS_E_FAIL);
+}
+
+/* run through the global list and free any keys with reference counts of 0 */
+void
+key_mgr_ref_count()
+{
+ struct key_mem_cache *tmp, *cur;
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ for (cur = key_mem_cache_head; cur;) {
+ if (cur->ref_cnt == 0) {
+ if (cur->tpm_handle != NULL_TPM_HANDLE) {
+ LogDebugFn("Key 0x%x being freed from TPM", cur->tpm_handle);
+ internal_EvictByKeySlot(cur->tpm_handle);
+ }
+ LogDebugFn("Key 0x%x being freed", cur->tcs_handle);
+ if (cur->blob) {
+ destroy_key_refs(cur->blob);
+ free(cur->blob);
+ }
+ if (cur->prev != NULL)
+ cur->prev->next = cur->next;
+ if (cur->next != NULL)
+ cur->next->prev = cur->prev;
+
+ tmp = cur;
+ if (cur == key_mem_cache_head)
+ key_mem_cache_head = cur->next;
+ cur = cur->next;
+ free(tmp);
+ } else {
+ cur = cur->next;
+ }
+ }
+
+ MUTEX_UNLOCK(mem_cache_lock);
+}
+
+/* only called from load key paths, so no locking */
+TCPA_KEY_HANDLE
+mc_get_slot_by_handle(TCS_KEY_HANDLE tcs_handle)
+{
+ struct key_mem_cache *tmp;
+ TCS_KEY_HANDLE ret;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tcs_handle == tcs_handle) {
+ ret = tmp->tpm_handle;
+ return ret;
+ }
+ }
+
+ LogDebugFn("returning NULL_TPM_HANDLE");
+ return NULL_TPM_HANDLE;
+}
+
+/* called from functions outside the load key path */
+TCPA_KEY_HANDLE
+mc_get_slot_by_handle_lock(TCS_KEY_HANDLE tcs_handle)
+{
+ struct key_mem_cache *tmp;
+ TCS_KEY_HANDLE ret;
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tcs_handle == tcs_handle) {
+ ret = tmp->tpm_handle;
+ MUTEX_UNLOCK(mem_cache_lock);
+ return ret;
+ }
+ }
+
+ MUTEX_UNLOCK(mem_cache_lock);
+ LogDebugFn("returning NULL_TPM_HANDLE");
+ return NULL_TPM_HANDLE;
+}
+
+/* only called from load key paths, so no locking */
+TCPA_KEY_HANDLE
+mc_get_slot_by_pub(TCPA_STORE_PUBKEY *pub)
+{
+ struct key_mem_cache *tmp;
+ TCPA_KEY_HANDLE ret;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->blob &&
+ !memcmp(tmp->blob->pubKey.key, pub->key, pub->keyLength)) {
+ ret = tmp->tpm_handle;
+ return ret;
+ }
+ }
+
+ LogDebugFn("returning NULL_TPM_HANDLE");
+ return NULL_TPM_HANDLE;
+}
+
+/* Check the mem cache for a key with public key pub. If a parent TCS key handle
+ * is passed in, make sure the parent of the key find matches it, else return
+ * key not found */
+/* only called from load key paths, so no locking */
+TCS_KEY_HANDLE
+mc_get_handle_by_pub(TCPA_STORE_PUBKEY *pub, TCS_KEY_HANDLE parent)
+{
+ struct key_mem_cache *tmp;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->blob &&
+ pub->keyLength == tmp->blob->pubKey.keyLength &&
+ !memcmp(tmp->blob->pubKey.key, pub->key, pub->keyLength)) {
+ if (parent) {
+ if (!tmp->parent)
+ continue;
+ if (parent == tmp->parent->tcs_handle)
+ return tmp->tcs_handle;
+ } else
+ return tmp->tcs_handle;
+ }
+ }
+
+ LogDebugFn("returning NULL_TCS_HANDLE");
+ return NULL_TCS_HANDLE;
+}
+
+/* only called from load key paths, so no locking */
+TCPA_STORE_PUBKEY *
+mc_get_parent_pub_by_pub(TCPA_STORE_PUBKEY *pub)
+{
+ struct key_mem_cache *tmp;
+ TCPA_STORE_PUBKEY *ret = NULL;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tcs_handle == TPM_KEYHND_SRK) {
+ LogDebugFn("skipping the SRK");
+ continue;
+ }
+ if (tmp->blob &&
+ !memcmp(tmp->blob->pubKey.key, pub->key, pub->keyLength)) {
+ if (tmp->parent && tmp->parent->blob) {
+ ret = &tmp->parent->blob->pubKey;
+ LogDebugFn("Success");
+ } else {
+ LogError("parent pointer not set in key mem cache object w/ TCS "
+ "handle: 0x%x", tmp->tcs_handle);
+ }
+ return ret;
+ }
+ }
+
+ LogDebugFn("returning NULL TCPA_STORE_PUBKEY");
+ return NULL;
+}
+
+/* only called from load key paths, so no locking */
+TSS_RESULT
+mc_get_blob_by_pub(TCPA_STORE_PUBKEY *pub, TSS_KEY **ret_key)
+{
+ struct key_mem_cache *tmp;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->blob &&
+ !memcmp(tmp->blob->pubKey.key, pub->key, pub->keyLength)) {
+ *ret_key = tmp->blob;
+ return TSS_SUCCESS;
+ }
+ }
+
+ LogDebugFn("returning TSS_E_FAIL");
+ return TCSERR(TSS_E_FAIL);
+}
+
+/* only called from load key paths, so no locking */
+TCS_KEY_HANDLE
+mc_get_handle_by_slot(TCPA_KEY_HANDLE tpm_handle)
+{
+ struct key_mem_cache *tmp;
+ TCS_KEY_HANDLE ret;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tpm_handle == tpm_handle) {
+ ret = tmp->tcs_handle;
+ return ret;
+ }
+ }
+
+ return NULL_TCS_HANDLE;
+}
+
+/* only called from load key paths, so no locking */
+TSS_RESULT
+mc_update_time_stamp(TCPA_KEY_HANDLE tpm_handle)
+{
+ struct key_mem_cache *tmp;
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tpm_handle == tpm_handle) {
+ tmp->time_stamp = getNextTimeStamp();
+ return TSS_SUCCESS;
+ }
+ }
+
+ return TCSERR(TSS_E_FAIL);
+}
+
+/* Right now this evicts the LRU key assuming it's not the parent */
+TSS_RESULT
+evictFirstKey(TCS_KEY_HANDLE parent_tcs_handle)
+{
+ struct key_mem_cache *tmp;
+ TCS_KEY_HANDLE tpm_handle_to_evict = NULL_TPM_HANDLE;
+ UINT32 smallestTimeStamp = ~(0U); /* largest */
+ TSS_RESULT result;
+ UINT32 count;
+
+ /* First, see if there are any known keys worth evicting */
+ if ((result = clearUnknownKeys(InternalContext, &count)))
+ return result;
+
+ if (count > 0) {
+ LogDebugFn("Evicted %u unknown keys", count);
+ return TSS_SUCCESS;
+ }
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ if (tmp->tpm_handle != NULL_TPM_HANDLE && /* not already evicted */
+ tmp->tpm_handle != SRK_TPM_HANDLE && /* not the srk */
+ tmp->tcs_handle != parent_tcs_handle && /* not my parent */
+ tmp->time_stamp < smallestTimeStamp) { /* is the smallest time
+ stamp so far */
+ tpm_handle_to_evict = tmp->tpm_handle;
+ smallestTimeStamp = tmp->time_stamp;
+ }
+ }
+
+ if (tpm_handle_to_evict != NULL_TCS_HANDLE) {
+ result = internal_EvictByKeySlot(tpm_handle_to_evict);
+ if (result == TPM_E_KEYNOTFOUND ||
+ result == TPM_E_INVALID_KEYHANDLE) {
+ LogWarn("Evict: Key not found.");
+ } else if (result) {
+ return result;
+ }
+
+ LogDebugFn("Evicted key w/ TPM handle 0x%x", tpm_handle_to_evict);
+ result = mc_set_slot_by_slot(tpm_handle_to_evict, NULL_TPM_HANDLE);
+ } else
+ return TSS_SUCCESS;
+
+ return result;
+}
+
+TSS_BOOL
+isKeyLoaded(TCPA_KEY_HANDLE keySlot)
+{
+ UINT64 offset;
+ UINT32 i;
+ TCPA_KEY_HANDLE_LIST keyList;
+ UINT32 respSize;
+ BYTE *resp;
+ TSS_RESULT result;
+
+ if (keySlot == SRK_TPM_HANDLE) {
+ return TRUE;
+ }
+
+ if ((result = TCSP_GetCapability_Internal(InternalContext, TCPA_CAP_KEY_HANDLE, 0, NULL,
+ &respSize, &resp)))
+ goto not_loaded;
+
+ offset = 0;
+ UnloadBlob_KEY_HANDLE_LIST(&offset, resp, &keyList);
+ free(resp);
+ for (i = 0; i < keyList.loaded; i++) {
+ LogDebugFn("loaded TPM key handle: 0x%x", keyList.handle[i]);
+ if (keyList.handle[i] == keySlot) {
+ free(keyList.handle);
+ return TRUE;
+ }
+ }
+
+ free(keyList.handle);
+
+not_loaded:
+ LogDebugFn("Key is not loaded, changing slot");
+ mc_set_slot_by_slot(keySlot, NULL_TPM_HANDLE);
+ return FALSE;
+}
+
+/* all calls to LoadKeyShim are inside locks */
+TSS_RESULT
+LoadKeyShim(TCS_CONTEXT_HANDLE hContext, TCPA_STORE_PUBKEY *pubKey,
+ TSS_UUID *parentUuid, TCPA_KEY_HANDLE *slotOut)
+{
+ /* Disable reloading; on some TPMs this drives up DA counters. */
+ return TCSERR(TCS_E_KM_LOADFAILED);
+}
+
+TSS_RESULT
+owner_evict_init()
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ TCPA_KEY_HANDLE_LIST keyList = { 0, NULL };
+ BYTE *respData = NULL, ownerEvictCtr = 0;
+ UINT32 respDataSize = 0, i;
+ UINT64 offset = 0;
+
+ /* If we're a 1.1 TPM, we can exit immediately since only 1.2+ supports owner evict */
+ if (TPM_VERSION_IS(1,1))
+ return TSS_SUCCESS;
+
+ if ((result = TCSP_GetCapability_Internal(InternalContext, TPM_CAP_KEY_HANDLE, 0, NULL,
+ &respDataSize, &respData)))
+ return result;
+
+ if ((result = UnloadBlob_KEY_HANDLE_LIST(&offset, respData, &keyList))) {
+ free(respData);
+ return result;
+ }
+
+ free(respData);
+ for (i = 0; i < keyList.loaded; i++) {
+ UINT64 offset = 0;
+ UINT32 keyHandle;
+
+ LoadBlob_UINT32(&offset, keyList.handle[i], (BYTE *)&keyHandle);
+ /* get the ownerEvict flag for this key handle */
+ result = TCSP_GetCapability_Internal(InternalContext, TPM_CAP_KEY_STATUS,
+ sizeof(UINT32), (BYTE *)&keyHandle,
+ &respDataSize, &respData);
+ /* special case, invalid keys are automatically evicted later */
+ if (result == TPM_E_INVALID_KEYHANDLE) {
+ result = TSS_SUCCESS;
+ continue;
+ }
+
+ if (result != TSS_SUCCESS) {
+ free(keyList.handle);
+ return result;
+ }
+
+ if (*(TPM_BOOL *)respData == TRUE) {
+ TSS_UUID uuid = TSS_UUID_OWNEREVICT(ownerEvictCtr);
+
+ LogDebugFn("Found an owner evict key, assigned uuid %hhu", ownerEvictCtr);
+ if ((result = mc_add_entry_init(getNextTcsKeyHandle(), keyList.handle[i],
+ NULL, &uuid))) {
+ free(keyList.handle);
+ return result;
+ }
+ ownerEvictCtr++;
+ }
+ }
+
+ return result;
+}
+
+/* find next lowest OWNEREVICT uuid */
+TSS_RESULT
+mc_find_next_ownerevict_uuid(TSS_UUID *uuid)
+{
+ TCS_KEY_HANDLE tmpKey;
+ TCPA_KEY_HANDLE tmpSlot;
+ UINT16 seed = 0;
+ TSS_RESULT result = TCSERR(TSS_E_FAIL);
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ for (seed = 0; seed <= 255; seed++) {
+ TSS_UUID tmpUuid = TSS_UUID_OWNEREVICT(seed);
+
+ /* if UUID is found, continue on, trying the next UUID */
+ if (!mc_get_handles_by_uuid(&tmpUuid, &tmpKey, &tmpSlot))
+ continue;
+
+ /* UUID is not found, so its the first one available */
+ memcpy(uuid, &tmpUuid, sizeof(TSS_UUID));
+ result = TSS_SUCCESS;
+ break;
+ }
+
+ MUTEX_UNLOCK(mem_cache_lock);
+ return result;
+}
+
+TSS_RESULT
+mc_set_uuid(TCS_KEY_HANDLE tcs_handle, TSS_UUID *uuid)
+{
+ struct key_mem_cache *tmp;
+ TSS_RESULT result = TCSERR(TSS_E_FAIL);
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ LogDebugFn("looking for 0x%x", tcs_handle);
+
+ for (tmp = key_mem_cache_head; tmp; tmp = tmp->next) {
+ LogDebugFn("TCSD mem_cached handle: 0x%x", tmp->tcs_handle);
+ if (tmp->tcs_handle == tcs_handle) {
+ LogDebugFn("Handle found, re-setting UUID");
+ memcpy(&tmp->uuid, uuid, sizeof(TSS_UUID));
+ result = TSS_SUCCESS;
+ break;
+ }
+ }
+ MUTEX_UNLOCK(mem_cache_lock);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key_ps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key_ps.c
new file mode 100644
index 0000000..0ea28c1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_key_ps.c
@@ -0,0 +1,367 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+
+
+TSS_RESULT
+ps_init_disk_cache(void)
+{
+ int fd;
+ TSS_RESULT rc;
+
+ MUTEX_INIT(disk_cache_lock);
+
+ if ((fd = get_file()) < 0)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if ((rc = init_disk_cache(fd)))
+ return rc;
+
+ /* this is temporary, to clear out a PS file from trousers
+ * versions before 0.2.1 */
+ if ((rc = clean_disk_cache(fd)))
+ return rc;
+
+ put_file(fd);
+ return TSS_SUCCESS;
+}
+
+void
+ps_close_disk_cache(void)
+{
+ int fd;
+
+ if ((fd = get_file()) < 0) {
+ LogError("get_file() failed while trying to close disk cache.");
+ return;
+ }
+
+ close_disk_cache(fd);
+
+ put_file(fd);
+}
+
+TSS_BOOL
+ps_is_key_registered(TCPA_STORE_PUBKEY *pub)
+{
+ TSS_UUID *uuid;
+ int fd;
+ TSS_RESULT rc;
+ TSS_BOOL is_reg = FALSE;
+
+ if ((fd = get_file()) < 0)
+ return FALSE;
+
+ if ((rc = psfile_get_uuid_by_pub(fd, pub, &uuid))) {
+ put_file(fd);
+ return FALSE;
+ }
+
+ put_file(fd);
+
+ if ((isUUIDRegistered(uuid, &is_reg)))
+ is_reg = FALSE;
+
+ free(uuid);
+ return is_reg;
+}
+
+TSS_RESULT
+getParentUUIDByUUID(TSS_UUID *uuid, TSS_UUID *ret_uuid)
+{
+ struct key_disk_cache *disk_tmp;
+
+ /* check the registered key disk cache */
+ MUTEX_LOCK(disk_cache_lock);
+
+ for (disk_tmp = key_disk_cache_head; disk_tmp; disk_tmp = disk_tmp->next) {
+ if ((disk_tmp->flags & CACHE_FLAG_VALID) &&
+ !memcmp(&disk_tmp->uuid, uuid, sizeof(TSS_UUID))) {
+ memcpy(ret_uuid, &disk_tmp->parent_uuid, sizeof(TSS_UUID));
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+ }
+ }
+ MUTEX_UNLOCK(disk_cache_lock);
+
+ return TCSERR(TSS_E_FAIL);
+}
+
+TSS_RESULT
+isUUIDRegistered(TSS_UUID *uuid, TSS_BOOL *is_reg)
+{
+ struct key_disk_cache *disk_tmp;
+
+ /* check the registered key disk cache */
+ MUTEX_LOCK(disk_cache_lock);
+
+ for (disk_tmp = key_disk_cache_head; disk_tmp; disk_tmp = disk_tmp->next) {
+ if ((disk_tmp->flags & CACHE_FLAG_VALID) &&
+ !memcmp(&disk_tmp->uuid, uuid, sizeof(TSS_UUID))) {
+ *is_reg = TRUE;
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+ }
+ }
+ MUTEX_UNLOCK(disk_cache_lock);
+ *is_reg = FALSE;
+
+ return TSS_SUCCESS;
+}
+
+void
+disk_cache_shift(struct key_disk_cache *c)
+{
+ UINT32 key_size, offset;
+ struct key_disk_cache *tmp = key_disk_cache_head;
+
+ /* offset is the end of the key location in the file */
+ offset = TSSPS_VENDOR_DATA_OFFSET(c) + c->vendor_data_size;
+ /* key_size is the size of the key entry on disk */
+ key_size = offset - TSSPS_UUID_OFFSET(c);
+
+ /* for each disk cache entry, if the data for that entry is at an
+ * offset greater than the key beign removed, then the entry needs to
+ * be decremented by the size of key's disk footprint (the key_size
+ * variable) */
+ while (tmp) {
+ if (tmp->offset >= offset) {
+ tmp->offset -= key_size;
+ }
+
+ tmp = tmp->next;
+ }
+}
+
+TSS_RESULT
+ps_remove_key(TSS_UUID *uuid)
+{
+ struct key_disk_cache *tmp, *prev = NULL;
+ TSS_RESULT rc;
+ int fd = -1;
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ for (; tmp; prev = tmp, tmp = tmp->next) {
+ if ((tmp->flags & CACHE_FLAG_VALID) &&
+ !memcmp(uuid, &tmp->uuid, sizeof(TSS_UUID))) {
+ if ((fd = get_file()) < 0) {
+ rc = TCSERR(TSS_E_INTERNAL_ERROR);
+ break;
+ }
+
+ rc = psfile_remove_key(fd, tmp);
+
+ put_file(fd);
+
+ /* if moving the file contents around succeeded, then
+ * change the offsets of the keys in the cache in
+ * mem_cache_shift() and remove the key from the
+ * cache. */
+ if (!rc) {
+ disk_cache_shift(tmp);
+ if (prev) {
+ prev->next = tmp->next;
+ } else {
+ key_disk_cache_head = tmp->next;
+ }
+ free(tmp);
+ } else {
+ LogError("Error removing registered key.");
+ }
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+ }
+
+ MUTEX_UNLOCK(disk_cache_lock);
+
+ return TCSERR(TCSERR(TSS_E_PS_KEY_NOTFOUND));
+}
+
+/*
+ * temporary function to clean out blanked keys from a PS file from
+ * trousers 0.2.0 and before
+ */
+TSS_RESULT
+clean_disk_cache(int fd)
+{
+ struct key_disk_cache *tmp, *prev = NULL;
+ TSS_RESULT rc;
+
+ MUTEX_LOCK(disk_cache_lock);
+ tmp = key_disk_cache_head;
+
+ for (; tmp; prev = tmp, tmp = tmp->next) {
+ if (!(tmp->flags & CACHE_FLAG_VALID)) {
+ rc = psfile_remove_key(fd, tmp);
+
+ /* if moving the file contents around succeeded, then
+ * change the offsets of the keys in the cache in
+ * mem_cache_shift() and remove the key from the
+ * cache. */
+ if (!rc) {
+ disk_cache_shift(tmp);
+ if (prev) {
+ prev->next = tmp->next;
+ }
+ free(tmp);
+ } else {
+ LogError("Error removing blank key.");
+ }
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return rc;
+ }
+ }
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+ps_get_key_by_uuid(TSS_UUID *uuid, BYTE *blob, UINT16 *blob_size)
+{
+ int fd = -1;
+ TSS_RESULT rc = TSS_SUCCESS;
+
+ if ((fd = get_file()) < 0)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rc = psfile_get_key_by_uuid(fd, uuid, blob, blob_size);
+
+ put_file(fd);
+ return rc;
+}
+
+TSS_RESULT
+ps_get_key_by_cache_entry(struct key_disk_cache *c, BYTE *blob, UINT16 *blob_size)
+{
+ int fd = -1;
+ TSS_RESULT rc = TSS_SUCCESS;
+
+ if ((fd = get_file()) < 0)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rc = psfile_get_key_by_cache_entry(fd, c, blob, blob_size);
+
+ put_file(fd);
+ return rc;
+}
+
+TSS_RESULT
+ps_get_vendor_data(struct key_disk_cache *c, UINT32 *size, BYTE **data)
+{
+ int fd = -1;
+ TSS_RESULT rc;
+
+ if ((fd = get_file()) < 0)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ rc = psfile_get_vendor_data(fd, c, size, data);
+
+ put_file(fd);
+ return rc;
+}
+
+TSS_RESULT
+ps_is_pub_registered(TCPA_STORE_PUBKEY *key)
+{
+ int fd = -1;
+ TSS_BOOL answer;
+
+ if ((fd = get_file()) < 0)
+ return FALSE;
+
+ if (psfile_is_pub_registered(fd, key, &answer)) {
+ put_file(fd);
+ return FALSE;
+ }
+
+ put_file(fd);
+ return answer;
+}
+
+TSS_RESULT
+ps_get_uuid_by_pub(TCPA_STORE_PUBKEY *pub, TSS_UUID **uuid)
+{
+ int fd = -1;
+ TSS_RESULT ret;
+
+ if ((fd = get_file()) < 0)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ ret = psfile_get_uuid_by_pub(fd, pub, uuid);
+
+ put_file(fd);
+ return ret;
+}
+
+TSS_RESULT
+ps_get_key_by_pub(TCPA_STORE_PUBKEY *pub, UINT32 *size, BYTE **key)
+{
+ int fd = -1;
+ TSS_RESULT ret;
+
+ if ((fd = get_file()) < 0)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ ret = psfile_get_key_by_pub(fd, pub, size, key);
+
+ put_file(fd);
+ return ret;
+}
+
+TSS_RESULT
+ps_write_key(TSS_UUID *uuid, TSS_UUID *parent_uuid, BYTE *vendor_data,
+ UINT32 vendor_size, BYTE *blob, UINT32 blob_size)
+{
+ int fd = -1;
+ TSS_RESULT rc;
+ UINT32 parent_ps;
+ UINT16 short_blob_size = (UINT16)blob_size;
+
+ if ((fd = get_file()) < 0)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ /* this case needed for PS file init. if the key file doesn't yet exist, the
+ * psfile_get_parent_ps_type_by_uuid() call would fail. */
+ if (!memcmp(parent_uuid, &NULL_UUID, sizeof(TSS_UUID))) {
+ parent_ps = TSS_PS_TYPE_SYSTEM;
+ } else {
+ if ((rc = psfile_get_ps_type_by_uuid(fd, parent_uuid, &parent_ps)))
+ return rc;
+ }
+
+ rc = psfile_write_key(fd, uuid, parent_uuid, &parent_ps, vendor_data,
+ vendor_size, blob, short_blob_size);
+
+ put_file(fd);
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_migration.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_migration.c
new file mode 100644
index 0000000..f653737
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_migration.c
@@ -0,0 +1,51 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+UnloadBlob_MIGRATIONKEYAUTH(UINT64 *offset, BYTE *blob, TCPA_MIGRATIONKEYAUTH *mkAuth)
+{
+ TSS_RESULT result;
+
+ if (!mkAuth) {
+ if ((result = UnloadBlob_PUBKEY(offset, blob, NULL)))
+ return result;
+
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob(offset, 20, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = UnloadBlob_PUBKEY(offset, blob, &mkAuth->migrationKey)))
+ return result;
+
+ UnloadBlob_UINT16(offset, &mkAuth->migrationScheme, blob);
+ UnloadBlob(offset, 20, blob, mkAuth->digest.digest);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_pbg.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_pbg.c
new file mode 100644
index 0000000..89e478f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_pbg.c
@@ -0,0 +1,2235 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+
+
+#define TSS_TPM_RSP_BLOB_AUTH_LEN (sizeof(TPM_NONCE) + sizeof(TPM_DIGEST) + sizeof(TPM_BOOL))
+
+TSS_RESULT
+tpm_rsp_parse(TPM_COMMAND_CODE ordinal, BYTE *b, UINT32 len, ...)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 offset1, offset2;
+ va_list ap;
+
+ DBG_ASSERT(ordinal);
+ DBG_ASSERT(b);
+
+ va_start(ap, len);
+
+ switch (ordinal) {
+ case TPM_ORD_ExecuteTransport:
+ {
+ UINT32 *val1 = va_arg(ap, UINT32 *);
+ UINT32 *val2 = va_arg(ap, UINT32 *);
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (auth1 && auth2) {
+ offset1 = offset2 = len - (2 * TSS_TPM_RSP_BLOB_AUTH_LEN);
+ UnloadBlob_Auth(&offset1, b, auth1);
+ UnloadBlob_Auth(&offset1, b, auth2);
+ } else if (auth1) {
+ offset1 = offset2 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ } else if (auth2) {
+ offset1 = offset2 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth2);
+ } else
+ offset2 = len;
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ if (val1)
+ UnloadBlob_UINT32(&offset1, val1, b);
+ if (val2)
+ UnloadBlob_UINT32(&offset1, val2, b);
+
+ *len1 = offset2 - offset1;
+ if (*len1) {
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len1, b, *blob1);
+ } else
+ *blob1 = NULL;
+
+ break;
+ }
+#ifdef TSS_BUILD_TICK
+ /* TPM BLOB: TPM_CURRENT_TICKS, UINT32, BLOB, optional AUTH */
+ case TPM_ORD_TickStampBlob:
+ {
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ UINT32 *len2 = va_arg(ap, UINT32 *);
+ BYTE **blob2 = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!len1 || !blob1 || !len2 || !blob2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ }
+
+ offset1 = offset2 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_CURRENT_TICKS(&offset2, b, NULL);
+ *len1 = (UINT32)offset2 - offset1;
+
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset1, *len1, b, *blob1);
+ UnloadBlob_UINT32(&offset1, len2, b);
+
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ LogError("malloc of %u bytes failed", *len2);
+ free(*blob1);
+ *blob1 = NULL;
+ *len1 = 0;
+ *len2 = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len2, b, *blob2);
+
+ break;
+ }
+#endif
+#ifdef TSS_BUILD_QUOTE
+ /* TPM BLOB: TPM_PCR_COMPOSITE, UINT32, BLOB, 1 optional AUTH
+ * return UINT32*, BYTE**, UINT32*, BYTE**, 1 optional AUTH */
+ case TPM_ORD_Quote:
+ {
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ UINT32 *len2 = va_arg(ap, UINT32 *);
+ BYTE **blob2 = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!len1 || !blob1 || !len2 || !blob2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ }
+
+ offset1 = offset2 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_PCR_COMPOSITE(&offset2, b, NULL);
+ *len1 = offset2 - offset1;
+
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len1, b, *blob1);
+ UnloadBlob_UINT32(&offset1, len2, b);
+
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ LogError("malloc of %u bytes failed", *len2);
+ free(*blob1);
+ *blob1 = NULL;
+ *len1 = 0;
+ *len2 = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len2, b, *blob2);
+
+ break;
+ }
+#endif
+#ifdef TSS_BUILD_TSS12
+ /* TPM BLOB: TPM_PCR_INFO_SHORT, (UINT32, BLOB,) UINT32, BLOB, 1 optional AUTH */
+ case TPM_ORD_Quote2:
+ {
+ UINT32 *len1 = va_arg(ap, UINT32 *); /* pcrDataSizeOut */
+ BYTE **blob1 = va_arg(ap, BYTE **); /* pcrDataOut */
+ TSS_BOOL *addVersion = va_arg(ap, TSS_BOOL *); /* addVersion */
+ UINT32 *len2 = va_arg(ap, UINT32 *); /* versionInfoSize */
+ BYTE **blob2 = va_arg(ap, BYTE **); /* versionInfo */
+ UINT32 *len3 = va_arg(ap, UINT32 *); /* sigSize */
+ BYTE **blob3 = va_arg(ap, BYTE **); /* sig */
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *); /* privAuth */
+ va_end(ap);
+
+ if (!len1 || !blob1 || !len2 || !blob2 || !len3 || !blob3 || !addVersion) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ }
+
+ offset1 = offset2 = TSS_TPM_TXBLOB_HDR_LEN;
+ /* Adjust the offset to take the TPM_PCR_INFO_SHORT size:
+ * need to allocate this size into blob1
+ */
+ UnloadBlob_PCR_INFO_SHORT(&offset2, b, NULL);
+
+ /* Get the size of the TSS_TPM_INFO_SHORT
+ * and copy it into blob1 */
+ *len1 = offset2 - offset1;
+ LogDebugFn("QUOTE2 Core: PCR_INFO_SHORT is %u size", *len1);
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len1, b, *blob1); /* TPM_PCR_INFO_SHORT */
+
+ UnloadBlob_UINT32(&offset1, len2,b); /* versionInfoSize */
+ LogDebugFn("QUOTE2 Core: versionInfoSize=%u", *len2);
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ LogError("malloc of %u bytes failed", *len2);
+ free(*blob1);
+ *blob1 = NULL;
+ *len1 = 0;
+ *len2 = 0;
+ *len3 = 0;
+ *blob3 = NULL;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len2, b, *blob2);
+
+ /* Take the sigSize */
+ UnloadBlob_UINT32(&offset1, len3, b);
+ LogDebugFn("QUOTE2 Core: sigSize=%u", *len3);
+ /* sig */
+ if ((*blob3 = malloc(*len3)) == NULL) {
+ LogError("malloc of %u bytes failed", *len3);
+ free(*blob1);
+ *blob1 = NULL;
+ if (*len2 > 0){
+ free(*blob2);
+ *blob2 = NULL;
+ }
+ *len1 = 0;
+ *len2 = 0;
+ *len3 = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len3, b, *blob3);
+ break;
+ }
+#endif
+ /* TPM BLOB: TPM_CERTIFY_INFO, UINT32, BLOB, 2 optional AUTHs
+ * return UINT32*, BYTE**, UINT32*, BYTE**, 2 optional AUTHs */
+ case TPM_ORD_CertifyKey:
+ {
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ UINT32 *len2 = va_arg(ap, UINT32 *);
+ BYTE **blob2 = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!len1 || !blob1 || !len2 || !blob2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1 && auth2) {
+ offset1 = len - (2 * TSS_TPM_RSP_BLOB_AUTH_LEN);
+ UnloadBlob_Auth(&offset1, b, auth1);
+ UnloadBlob_Auth(&offset1, b, auth2);
+ } else if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ } else if (auth2) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth2);
+ }
+
+ offset1 = offset2 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_CERTIFY_INFO(&offset2, b, NULL);
+ *len1 = offset2 - offset1;
+
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len1, b, *blob1);
+ UnloadBlob_UINT32(&offset1, len2, b);
+
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ LogError("malloc of %u bytes failed", *len2);
+ free(*blob1);
+ *blob1 = NULL;
+ *len1 = 0;
+ *len2 = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len2, b, *blob2);
+
+ break;
+ }
+#ifdef TSS_BUILD_AUDIT
+ /* TPM_BLOB: TPM_COUNTER_VALUE, DIGEST, DIGEST, UINT32, BLOB, optional AUTH
+ * return: UINT32*, BYTE**, DIGEST*, DIGEST*, UINT32*, BYTE**, optional AUTH */
+ case TPM_ORD_GetAuditDigestSigned:
+ {
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ TPM_DIGEST *digest1 = va_arg(ap, TPM_DIGEST *);
+ TPM_DIGEST *digest2 = va_arg(ap, TPM_DIGEST *);
+ UINT32 *len2 = va_arg(ap, UINT32 *);
+ BYTE **blob2 = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!digest1 || !digest2 || !len1 || !blob1 || !len2 || !blob2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ offset1 = offset2 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_COUNTER_VALUE(&offset2, b, NULL);
+ *len1 = offset2 - offset1;
+
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len1, b, *blob1);
+
+ UnloadBlob_DIGEST(&offset1, b, digest1);
+ UnloadBlob_DIGEST(&offset1, b, digest2);
+ UnloadBlob_UINT32(&offset1, len2, b);
+
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ LogError("malloc of %u bytes failed", *len2);
+ free(*blob1);
+ *blob1 = NULL;
+ *len1 = 0;
+ *len2 = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len2, b, *blob2);
+
+ if (auth1)
+ UnloadBlob_Auth(&offset1, b, auth1);
+
+ break;
+ }
+ /* TPM_BLOB: TPM_COUNTER_VALUE, DIGEST, BOOL, UINT32, BLOB
+ * return: DIGEST*, UINT32*, BYTE**, BOOL, UINT32*, BYTE** */
+ case TPM_ORD_GetAuditDigest:
+ {
+ TPM_DIGEST *digest1 = va_arg(ap, TPM_DIGEST *);
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ TSS_BOOL *bool1 = va_arg(ap, TSS_BOOL *);
+ UINT32 *len2 = va_arg(ap, UINT32 *);
+ BYTE **blob2 = va_arg(ap, BYTE **);
+ va_end(ap);
+
+ if (!digest1 || !len1 || !blob1 || !len2 || !blob2 || !bool1) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ offset1 = offset2 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_COUNTER_VALUE(&offset2, b, NULL);
+ *len1 = offset2 - offset1;
+
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len1, b, *blob1);
+
+ UnloadBlob_DIGEST(&offset1, b, digest1);
+ UnloadBlob_BOOL(&offset1, bool1, b);
+ UnloadBlob_UINT32(&offset1, len2, b);
+
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ LogError("malloc of %u bytes failed", *len2);
+ free(*blob1);
+ *blob1 = NULL;
+ *len1 = 0;
+ *len2 = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset1, *len2, b, *blob2);
+
+ break;
+ }
+#endif
+#ifdef TSS_BUILD_COUNTER
+ /* optional UINT32, TPM_COUNTER_VALUE, optional AUTH */
+ case TPM_ORD_ReadCounter:
+ case TPM_ORD_CreateCounter:
+ case TPM_ORD_IncrementCounter:
+ {
+ UINT32 *val1 = va_arg(ap, UINT32 *);
+ TPM_COUNTER_VALUE *ctr = va_arg(ap, TPM_COUNTER_VALUE *);
+ TPM_AUTH * auth1 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!ctr) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ if (val1)
+ UnloadBlob_UINT32(&offset1, val1, b);
+ UnloadBlob_COUNTER_VALUE(&offset1, b, ctr);
+
+ break;
+ }
+#endif
+ /* TPM BLOB: UINT32, BLOB, UINT32, BLOB, optional AUTH, optional AUTH */
+ case TPM_ORD_CreateMaintenanceArchive:
+ case TPM_ORD_CreateMigrationBlob:
+ case TPM_ORD_Delegate_ReadTable:
+ case TPM_ORD_CMK_CreateBlob:
+ {
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ UINT32 *len2 = va_arg(ap, UINT32 *);
+ BYTE **blob2 = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!len1 || !blob1 || !len2 || !blob2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1 && auth2) {
+ offset1 = len - (2 * TSS_TPM_RSP_BLOB_AUTH_LEN);
+ UnloadBlob_Auth(&offset1, b, auth1);
+ UnloadBlob_Auth(&offset1, b, auth2);
+ } else if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ } else if (auth2) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth2);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT32(&offset1, len1, b);
+ if ((*blob1 = malloc(*len1)) == NULL) {
+ LogError("malloc of %u bytes failed", *len1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset1, *len1, b, *blob1);
+
+ UnloadBlob_UINT32(&offset1, len2, b);
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ free(*blob1);
+ LogError("malloc of %u bytes failed", *len2);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset1, *len2, b, *blob2);
+
+ break;
+ }
+ /* TPM BLOB: BLOB, optional AUTH, AUTH
+ * return: UINT32 *, BYTE **, optional AUTH, AUTH */
+ case TPM_ORD_ActivateIdentity:
+ {
+ UINT32 *len1 = va_arg(ap, UINT32 *);
+ BYTE **blob1 = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!len1 || !blob1 || !auth2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1) {
+ offset1 = offset2 = len - (2 * TSS_TPM_RSP_BLOB_AUTH_LEN);
+ UnloadBlob_Auth(&offset1, b, auth1);
+ UnloadBlob_Auth(&offset1, b, auth2);
+ } else {
+ offset1 = offset2 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth2);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ offset2 -= TSS_TPM_TXBLOB_HDR_LEN;
+ if ((*blob1 = malloc(offset2)) == NULL) {
+ LogError("malloc of %zd bytes failed", (size_t)offset2);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ *len1 = offset2;
+ UnloadBlob(&offset1, *len1, b, *blob1);
+
+ break;
+ }
+ /* TPM BLOB: TPM_KEY, UINT32, BLOB, optional AUTH, AUTH
+ * return: UINT32 *, BYTE **, UINT32 *, BYTE **, optional AUTH, AUTH */
+ case TPM_ORD_MakeIdentity:
+ {
+ UINT32 *len1, *len2;
+ BYTE **blob1, **blob2;
+ TPM_AUTH *auth1, *auth2;
+
+ len1 = va_arg(ap, UINT32 *);
+ blob1 = va_arg(ap, BYTE **);
+ len2 = va_arg(ap, UINT32 *);
+ blob2 = va_arg(ap, BYTE **);
+ auth1 = va_arg(ap, TPM_AUTH *);
+ auth2 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!len1 || !blob1 || !len2 || !blob2 || !auth2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ offset1 = offset2 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_TSS_KEY(&offset1, b, NULL);
+ offset1 -= TSS_TPM_TXBLOB_HDR_LEN;
+
+ if ((*blob1 = malloc(offset1)) == NULL) {
+ LogError("malloc of %zd bytes failed", (size_t)offset1);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ *len1 = offset1;
+
+ UnloadBlob(&offset2, offset1, b, *blob1);
+
+ /* offset2 points to the stuff after the key */
+ UnloadBlob_UINT32(&offset2, len2, b);
+
+ if ((*blob2 = malloc(*len2)) == NULL) {
+ free(*blob1);
+ LogError("malloc of %u bytes failed", *len2);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset2, *len2, b, *blob2);
+
+ if (auth1)
+ UnloadBlob_Auth(&offset2, b, auth1);
+ UnloadBlob_Auth(&offset2, b, auth2);
+
+ break;
+ }
+ /* 1 TPM_VERSION, 2 UINT32s, 1 optional AUTH */
+ case TPM_ORD_GetCapabilityOwner:
+ {
+ TPM_VERSION *ver1 = va_arg(ap, TPM_VERSION *);
+ UINT32 *data1 = va_arg(ap, UINT32 *);
+ UINT32 *data2 = va_arg(ap, UINT32 *);
+ TPM_AUTH *auth = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!data1 || !data2 || !ver1) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_VERSION(&offset1, b, ver1);
+ UnloadBlob_UINT32(&offset1, data1, b);
+ UnloadBlob_UINT32(&offset1, data2, b);
+ break;
+ }
+ /* TPM BLOB: 1 UINT32, 1 BLOB, 2 optional AUTHs
+ * return: UINT32 *, BYTE**, 2 optional AUTHs */
+ case TPM_ORD_Sign:
+ case TPM_ORD_GetTestResult:
+ case TPM_ORD_CertifySelfTest:
+ case TPM_ORD_Unseal:
+ case TPM_ORD_GetRandom:
+ case TPM_ORD_DAA_Join:
+ case TPM_ORD_DAA_Sign:
+ case TPM_ORD_ChangeAuth:
+ case TPM_ORD_GetCapability:
+ case TPM_ORD_LoadMaintenanceArchive:
+ case TPM_ORD_ConvertMigrationBlob:
+ case TPM_ORD_NV_ReadValue:
+ case TPM_ORD_NV_ReadValueAuth:
+ case TPM_ORD_Delegate_Manage:
+ case TPM_ORD_Delegate_CreateKeyDelegation:
+ case TPM_ORD_Delegate_CreateOwnerDelegation:
+ case TPM_ORD_Delegate_UpdateVerification:
+ case TPM_ORD_CMK_ConvertMigration:
+ {
+ UINT32 *data_len = va_arg(ap, UINT32 *);
+ BYTE **data = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!data || !data_len) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1 && auth2) {
+ offset1 = len - (2 * TSS_TPM_RSP_BLOB_AUTH_LEN);
+ UnloadBlob_Auth(&offset1, b, auth1);
+ UnloadBlob_Auth(&offset1, b, auth2);
+ } else if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ } else if (auth2) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth2);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT32(&offset1, data_len, b);
+ if ((*data = malloc(*data_len)) == NULL) {
+ LogError("malloc of %u bytes failed", *data_len);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset1, *data_len, b, *data);
+ break;
+ }
+ /* TPM BLOB: 1 UINT32, 1 BLOB, 1 optional AUTH
+ * return: UINT32 *, BYTE**, 1 optional AUTH*/
+ case TPM_ORD_UnBind:
+ {
+ UINT32 *data_len = va_arg(ap, UINT32 *);
+ BYTE **data = va_arg(ap, BYTE **);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!data || !data_len) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth1) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth1);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT32(&offset1, data_len, b);
+ if ((*data = malloc(*data_len)) == NULL) {
+ LogError("malloc of %u bytes failed", *data_len);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset1, *data_len, b, *data);
+ break;
+ }
+ /* TPM BLOB: 1 BLOB, 1 optional AUTH
+ * return: UINT32 *, BYTE**, 1 optional AUTH*/
+ case TPM_ORD_GetTicks:
+ case TPM_ORD_Seal:
+ case TPM_ORD_Sealx:
+ case TPM_ORD_FieldUpgrade:
+ case TPM_ORD_CreateWrapKey:
+ case TPM_ORD_GetPubKey:
+ case TPM_ORD_OwnerReadPubek:
+ case TPM_ORD_OwnerReadInternalPub:
+ case TPM_ORD_AuthorizeMigrationKey:
+ case TPM_ORD_TakeOwnership:
+ case TPM_ORD_CMK_CreateKey:
+ {
+ UINT32 *data_len = va_arg(ap, UINT32 *);
+ BYTE **data = va_arg(ap, BYTE **);
+ TPM_AUTH *auth = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!data || !data_len) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* remove the auth data from the back end of the data */
+ if (auth) {
+ offset1 = offset2 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth);
+ } else
+ offset2 = len;
+
+ /* everything after the header is returned as the blob */
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ offset2 -= offset1;
+ if ((*data = malloc((size_t)offset2)) == NULL) {
+ LogError("malloc of %zd bytes failed", (size_t)offset2);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((offset1 + offset2) > TSS_TPM_TXBLOB_SIZE)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ memcpy(*data, &b[offset1], offset2);
+ *data_len = offset2;
+ break;
+ }
+ /* TPM BLOB: TPM_PUBKEY, optional DIGEST */
+ case TPM_ORD_CreateEndorsementKeyPair:
+ case TPM_ORD_ReadPubek:
+ {
+ UINT32 *data_len = va_arg(ap, UINT32 *);
+ BYTE **data = va_arg(ap, BYTE **);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ va_end(ap);
+
+ if (!data || !data_len) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (digest1) {
+ offset1 = offset2 = len - TPM_DIGEST_SIZE;
+ memcpy(digest1, &b[offset2], TPM_DIGEST_SIZE);
+
+ if ((offset2 + TPM_DIGEST_SIZE) > TSS_TPM_TXBLOB_SIZE)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ offset2 = len;
+
+ if (offset2 > TSS_TPM_TXBLOB_SIZE)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ offset2 -= offset1;
+ if ((*data = malloc((size_t)offset2)) == NULL) {
+ LogError("malloc of %zd bytes failed", (size_t)offset2);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset1, offset2, b, *data);
+ *data_len = offset2;
+ break;
+ }
+#ifdef TSS_BUILD_TSS12
+ /* TPM BLOB: BLOB, DIGEST, DIGEST
+ * return: UINT32 *, BYTE**, DIGEST, DIGEST */
+ case TPM_ORD_CreateRevocableEK:
+ {
+ UINT32 *data_len = va_arg(ap, UINT32 *);
+ BYTE **data = va_arg(ap, BYTE **);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ BYTE *digest2 = va_arg(ap, BYTE *);
+ va_end(ap);
+
+ if (!data || !data_len || !digest1 || !digest2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (len > TSS_TPM_TXBLOB_SIZE)
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ offset2 = len - TPM_DIGEST_SIZE;
+ memcpy(digest2, &b[offset2], TPM_DIGEST_SIZE);
+
+ offset2 -= TPM_DIGEST_SIZE;
+ memcpy(digest1, &b[offset2], TPM_DIGEST_SIZE);
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ offset2 -= offset1;
+ if ((*data = malloc((size_t)offset2)) == NULL) {
+ LogError("malloc of %zd bytes failed", (size_t)offset2);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(&offset1, offset2, b, *data);
+ *data_len = offset2;
+ break;
+ }
+#endif
+ /* 1 UINT32, 1 optional AUTH */
+ case TPM_ORD_LoadKey:
+ case TPM_ORD_LoadKey2:
+ {
+ UINT32 *handle;
+ TPM_AUTH *auth;
+
+ handle = va_arg(ap, UINT32 *);
+ auth = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!handle) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (auth) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT32(&offset1, handle, b);
+ break;
+ }
+ /* 1 optional UINT32, 1 20 byte value */
+ case TPM_ORD_DirRead:
+ case TPM_ORD_OIAP:
+ case TPM_ORD_LoadManuMaintPub:
+ case TPM_ORD_ReadManuMaintPub:
+ case TPM_ORD_Extend:
+ case TPM_ORD_PcrRead:
+ {
+ UINT32 *handle = va_arg(ap, UINT32 *);
+ BYTE *nonce = va_arg(ap, BYTE *);
+ va_end(ap);
+
+ if (!nonce) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ if (handle)
+ UnloadBlob_UINT32(&offset1, handle, b);
+ UnloadBlob(&offset1, TPM_NONCE_SIZE, b, nonce);
+ break;
+ }
+ /* 1 UINT32, 2 20 byte values */
+ case TPM_ORD_OSAP:
+ case TPM_ORD_DSAP:
+ {
+ UINT32 *handle = va_arg(ap, UINT32 *);
+ BYTE *nonce1 = va_arg(ap, BYTE *);
+ BYTE *nonce2 = va_arg(ap, BYTE *);
+ va_end(ap);
+
+ if (!handle || !nonce1 || !nonce2) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT32(&offset1, handle, b);
+ UnloadBlob(&offset1, TPM_NONCE_SIZE, b, nonce1);
+ UnloadBlob(&offset1, TPM_NONCE_SIZE, b, nonce2);
+ break;
+ }
+#ifdef TSS_BUILD_CMK
+ /* 1 20 byte value, 1 optional AUTH */
+ case TPM_ORD_CMK_ApproveMA:
+ case TPM_ORD_CMK_CreateTicket:
+ {
+ BYTE *hmac1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (!hmac1) {
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ offset1 = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob(&offset1, TPM_SHA1_160_HASH_LEN, b, hmac1);
+ if (auth) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth);
+ }
+ break;
+ }
+#endif
+ /* 1 optional AUTH */
+ case TPM_ORD_DisablePubekRead:
+ case TPM_ORD_DirWriteAuth:
+ case TPM_ORD_ReleaseCounter:
+ case TPM_ORD_ReleaseCounterOwner:
+ case TPM_ORD_ChangeAuthOwner:
+ case TPM_ORD_SetCapability:
+ case TPM_ORD_SetOrdinalAuditStatus:
+ case TPM_ORD_ResetLockValue:
+ case TPM_ORD_SetRedirection:
+ case TPM_ORD_DisableOwnerClear:
+ case TPM_ORD_OwnerSetDisable:
+ case TPM_ORD_SetTempDeactivated:
+ case TPM_ORD_KillMaintenanceFeature:
+ case TPM_ORD_NV_DefineSpace:
+ case TPM_ORD_NV_WriteValue:
+ case TPM_ORD_NV_WriteValueAuth:
+ case TPM_ORD_OwnerClear:
+ case TPM_ORD_Delegate_LoadOwnerDelegation:
+ case TPM_ORD_CMK_SetRestrictions:
+ case TPM_ORD_FlushSpecific:
+ case TPM_ORD_KeyControlOwner:
+ {
+ TPM_AUTH *auth = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ if (auth) {
+ offset1 = len - TSS_TPM_RSP_BLOB_AUTH_LEN;
+ UnloadBlob_Auth(&offset1, b, auth);
+ }
+ break;
+ }
+ default:
+ LogError("Unknown ordinal: 0x%x", ordinal);
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ va_end(ap);
+ break;
+ }
+
+ return result;
+}
+
+TSS_RESULT
+tpm_rqu_build(TPM_COMMAND_CODE ordinal, UINT64 *outOffset, BYTE *out_blob, ...)
+{
+ va_list ap;
+ TSS_RESULT result;
+ va_start(ap, out_blob);
+ result = tpm_rqu_build_internal(ordinal, outOffset,out_blob, ap);
+ va_end(ap);
+ return result;
+}
+
+TSS_RESULT
+tpm_rqu_build_checked(TPM_COMMAND_CODE ordinal, UINT64 *outOffset, UINT64 maxOffset, BYTE *out_blob, ...)
+{
+ va_list ap;
+ TSS_RESULT result;
+ UINT64 tempOffset = *outOffset;
+
+ va_start(ap, out_blob);
+ result = tpm_rqu_build_internal(ordinal, &tempOffset, NULL, ap);
+ va_end(ap);
+ if (result)
+ {
+ return result;
+ }
+
+ if (tempOffset > maxOffset)
+ {
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ va_start(ap, out_blob);
+ result = tpm_rqu_build_internal(ordinal, outOffset, out_blob, ap);
+ va_end(ap);
+
+ if (tempOffset != *outOffset)
+ {
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+/* XXX optimize these cases by always passing in lengths for blobs, no more "20 byte values" */
+TSS_RESULT
+tpm_rqu_build_internal(TPM_COMMAND_CODE ordinal, UINT64 *outOffset, BYTE *out_blob, va_list ap)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 blob_size;
+
+ DBG_ASSERT(ordinal);
+ DBG_ASSERT(outOffset);
+ /* |out_blob| could be set to NULL in order to calculate the output size, */
+ /* so don't make assertion to its value. */
+
+ switch (ordinal) {
+#ifdef TSS_BUILD_DELEGATION
+ /* 1 UINT16, 1 UINT32, 1 20 bytes value, 1 UINT32, 1 BLOB */
+ case TPM_ORD_DSAP:
+ {
+ UINT16 val1 = va_arg(ap, int);
+ UINT32 handle1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+
+ if (!digest1 || !in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT16(outOffset, val1, out_blob);
+ LoadBlob_UINT32(outOffset, handle1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 1 BOOL, 1 UINT32, 1 BLOB, 1 20 byte value, 1 AUTH */
+ case TPM_ORD_Delegate_CreateOwnerDelegation:
+ {
+ TSS_BOOL bool1 = va_arg(ap, int);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!in_len1 || !in_blob1 || !digest1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_BOOL(outOffset, bool1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 2 UINT32's, 1 BLOB, 1 20 byte value, 1 AUTH */
+ case TPM_ORD_Delegate_CreateKeyDelegation:
+ {
+ UINT32 keyslot1 = va_arg(ap, UINT32);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!keyslot1 || !in_len1 || !in_blob1 || !digest1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keyslot1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+#ifdef TSS_BUILD_TRANSPORT
+ /* 3 UINT32's, 1 BLOB, 2 AUTHs */
+ case TPM_ORD_ExecuteTransport:
+ {
+ UINT32 ord1 = va_arg(ap, UINT32);
+ UINT32 *keyslot1 = va_arg(ap, UINT32 *);
+ UINT32 *keyslot2 = va_arg(ap, UINT32 *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ if (keyslot1)
+ LoadBlob_UINT32(outOffset, *keyslot1, out_blob);
+ if (keyslot2)
+ LoadBlob_UINT32(outOffset, *keyslot2, out_blob);
+ //LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ if (in_blob1)
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+
+ if (auth1 && auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ord1, out_blob);
+ } else if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ord1, out_blob);
+ } else if (auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ord1, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ord1, out_blob);
+ }
+
+ break;
+ }
+#endif
+ /* 1 UINT32, 1 UINT16, 1 BLOB, 1 UINT32, 1 BLOB, 1 options AUTH, 1 AUTH */
+ case TPM_ORD_CreateMigrationBlob:
+ {
+ UINT32 keyslot1 = va_arg(ap, UINT32);
+ UINT16 type1 = va_arg(ap, int);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+
+ if (!in_blob1 || !in_blob2 || !auth2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keyslot1, out_blob);
+ LoadBlob_UINT16(outOffset, type1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 UINT32, 1 UINT16, 1 20 byte value, 1 UINT16, 1 UINT32, 1 BLOB, 2 AUTHs */
+ case TPM_ORD_ChangeAuth:
+ {
+ UINT32 keyslot1 = va_arg(ap, UINT32);
+ UINT16 proto1 = va_arg(ap, int);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT16 entity1 = va_arg(ap, int);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+
+ if (!digest1 || !in_blob1 || !auth1 || !auth2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keyslot1, out_blob);
+ LoadBlob_UINT16(outOffset, proto1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_UINT16(outOffset, entity1, out_blob);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 2 DIGEST/ENCAUTH's, 1 UINT32, 1 BLOB, 1 optional AUTH, 1 AUTH */
+ case TPM_ORD_MakeIdentity:
+ {
+ BYTE *dig1, *dig2, *blob1;
+ UINT32 len1;
+ TPM_AUTH *auth1, *auth2;
+
+ dig1 = va_arg(ap, BYTE *);
+ dig2 = va_arg(ap, BYTE *);
+ len1 = va_arg(ap, UINT32);
+ blob1 = va_arg(ap, BYTE *);
+ auth1 = va_arg(ap, TPM_AUTH *);
+ auth2 = va_arg(ap, TPM_AUTH *);
+
+ if (!dig1 || !dig2 || !blob1 || !auth2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, dig1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, dig2);
+ LoadBlob(outOffset, len1, out_blob, blob1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+#if (TSS_BUILD_NV || TSS_BUILD_DELEGATION)
+ /* 3 UINT32's, 1 BLOB, 1 optional AUTH */
+ case TPM_ORD_NV_WriteValue:
+ case TPM_ORD_NV_WriteValueAuth:
+ case TPM_ORD_Delegate_Manage:
+ {
+ UINT32 i = va_arg(ap, UINT32);
+ UINT32 j = va_arg(ap, UINT32);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, i, out_blob);
+ LoadBlob_UINT32(outOffset, j, out_blob);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+#endif
+ /* 3 UINT32's, 1 optional AUTH */
+ case TPM_ORD_NV_ReadValue:
+ case TPM_ORD_NV_ReadValueAuth:
+ case TPM_ORD_SetRedirection:
+ {
+ UINT32 i = va_arg(ap, UINT32);
+ UINT32 j = va_arg(ap, UINT32);
+ UINT32 k = va_arg(ap, UINT32);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, i, out_blob);
+ LoadBlob_UINT32(outOffset, j, out_blob);
+ LoadBlob_UINT32(outOffset, k, out_blob);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 20 byte value, 1 UINT32, 1 BLOB */
+ case TPM_ORD_CreateEndorsementKeyPair:
+ {
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+
+ if (!digest1 || !in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#ifdef TSS_BUILD_TSS12
+ /* 1 20 byte value, 1 UINT32, 1 BLOB, 1 BOOL, 1 20 byte value */
+ case TPM_ORD_CreateRevocableEK:
+ {
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TSS_BOOL in_bool1 = va_arg(ap, int);
+ BYTE *digest2 = va_arg(ap, BYTE *);
+
+ if (!digest1 || !in_blob1 || !digest2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_BOOL(outOffset, in_bool1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest2);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 1 20 byte value */
+ case TPM_ORD_RevokeTrust:
+ {
+ BYTE *digest1 = va_arg(ap, BYTE *);
+
+ if (!digest1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+#ifdef TSS_BUILD_COUNTER
+ /* 1 20 byte value, 1 UINT32, 1 BLOB, 1 AUTH */
+ case TPM_ORD_CreateCounter:
+ {
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!digest1 || !in_blob1 || !auth1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+#ifdef TSS_BUILD_DAA
+ /* 1 UINT32, 1 BYTE, 1 UINT32, 1 BLOB, 1 UINT32, 1 BLOB, 1 AUTH */
+ case TPM_ORD_DAA_Sign:
+ case TPM_ORD_DAA_Join:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ BYTE stage1 = va_arg(ap, int);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !in_blob1 || !auth1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob_BOOL(outOffset, stage1, out_blob);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+ /* 2 UINT32's, 1 BLOB, 1 UINT32, 1 BLOB, 1 optional AUTH */
+ case TPM_ORD_ConvertMigrationBlob:
+ case TPM_ORD_SetCapability:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !in_blob1 || !in_blob2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 2 UINT32's, 1 20 byte value, 2 optional AUTHs */
+ case TPM_ORD_CertifyKey:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ UINT32 keySlot2 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !keySlot2 || !digest1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob_UINT32(outOffset, keySlot2, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ if (auth1 && auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ordinal, out_blob);
+ } else if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else if (auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 2 UINT32's, 1 BLOB, 1 optional AUTH */
+ case TPM_ORD_Delegate_LoadOwnerDelegation:
+ case TPM_ORD_GetCapability:
+ case TPM_ORD_UnBind:
+ case TPM_ORD_Sign:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (in_len1 && !in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ if (in_len1)
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 UINT32, 1 20 byte value, 1 UINT32, 1 optional BLOB, 1 UINT32, 1 BLOB, 1 AUTH */
+ case TPM_ORD_Seal:
+ case TPM_ORD_Sealx:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ blob_size = in_len1 + in_len2 + TPM_DIGEST_SIZE + sizeof(TPM_AUTH);
+ if (blob_size > TSS_TPM_TXBLOB_SIZE) {
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ LogError("Oversized input when building ordinal 0x%x", ordinal);
+ break;
+ }
+
+ if (!keySlot1 || !in_blob2 || !auth1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 2 UINT32's, 1 BLOB, 1 optional AUTH, 1 AUTH */
+ case TPM_ORD_ActivateIdentity:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !in_blob1 || !auth2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 UINT32, 1 20-byte blob, 1 BLOB, 1 optional AUTH */
+ case TPM_ORD_Quote:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !digest1 || !in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#ifdef TSS_BUILD_TSS12
+ /* 1 UINT32, 1 20-byte blob, 1 BLOB, 1 BOOL, 1 optional AUTH */
+ case TPM_ORD_Quote2:
+ {
+ /* Input vars */
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TSS_BOOL* addVersion = va_arg(ap,TSS_BOOL *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !digest1 || !in_blob1 || !addVersion) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+
+ /* Load the addVersion Bool */
+ LoadBlob_BOOL(outOffset,*addVersion,out_blob);
+
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+ /* 1 UINT32, 2 20-byte blobs, 1 BLOB, 1 optional AUTH */
+ case TPM_ORD_CreateWrapKey:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ BYTE *digest2 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !digest1 || !digest2 || !in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest2);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 2 BLOBs, 1 optional AUTH */
+ case TPM_ORD_NV_DefineSpace:
+ case TPM_ORD_LoadManuMaintPub:
+ {
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!in_blob1 || !in_blob2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+#ifdef TSS_BUILD_TICK
+ /* 1 UINT32, 2 20-byte blobs, 1 optional AUTH */
+ case TPM_ORD_TickStampBlob:
+ {
+ UINT32 keySlot1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ BYTE *digest2 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!keySlot1 || !digest1 || !digest2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keySlot1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest2);
+
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+ /* 1 BLOB */
+ case TPM_ORD_ReadManuMaintPub:
+ case TPM_ORD_ReadPubek:
+ case TPM_ORD_PCR_Reset:
+ case TPM_ORD_SetOperatorAuth:
+ {
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+
+ if (!in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 1 UINT32, 1 BLOB, 2 optional AUTHs */
+ case TPM_ORD_LoadKey:
+ case TPM_ORD_LoadKey2:
+ case TPM_ORD_DirWriteAuth:
+ case TPM_ORD_CertifySelfTest:
+ case TPM_ORD_Unseal:
+ case TPM_ORD_Extend:
+ case TPM_ORD_StirRandom:
+ case TPM_ORD_LoadMaintenanceArchive: /* XXX */
+ case TPM_ORD_Delegate_UpdateVerification:
+ case TPM_ORD_Delegate_VerifyDelegation:
+ {
+ UINT32 val1 = va_arg(ap, UINT32);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+
+ if (in_len1 && !in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, val1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ if (auth1 && auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ordinal, out_blob);
+ } else if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else if (auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 BLOB, 2 optional AUTHs */
+ case TPM_ORD_FieldUpgrade:
+ {
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ TPM_AUTH *auth2 = va_arg(ap, TPM_AUTH *);
+
+ if (in_len1 && !in_blob1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ if (auth1 && auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, *outOffset, ordinal, out_blob);
+ } else if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else if (auth2) {
+ LoadBlob_Auth(outOffset, out_blob, auth2);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 UINT16, 1 BLOB, 1 AUTH */
+ case TPM_ORD_AuthorizeMigrationKey:
+ {
+ UINT16 scheme1 = va_arg(ap, int);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!in_blob1 || !auth1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT16(outOffset, scheme1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 1 UINT16, 1 UINT32, 1 BLOB, 1 UINT32, 2 BLOBs, 1 AUTH */
+ case TPM_ORD_TakeOwnership:
+ {
+ UINT16 scheme1 = va_arg(ap, int);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ UINT32 in_len3 = va_arg(ap, UINT32);
+ BYTE *in_blob3 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!in_blob1 || !in_blob2 || !in_blob3 || !auth1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT16(outOffset, scheme1, out_blob);
+ LoadBlob_UINT32(outOffset, in_len1, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ LoadBlob(outOffset, in_len3, out_blob, in_blob3);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#ifdef TSS_BUILD_AUDIT
+ /* 1 UINT32, 1 BOOL, 1 20 byte value, 1 optional AUTH */
+ case TPM_ORD_GetAuditDigestSigned:
+ {
+ UINT32 keyslot1 = va_arg(ap, UINT32);
+ TSS_BOOL bool1 = va_arg(ap, int);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!digest1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, keyslot1, out_blob);
+ LoadBlob_BOOL(outOffset, bool1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+#endif
+ /* 1 UINT16, 1 UINT32, 1 20 byte value */
+ case TPM_ORD_OSAP:
+ {
+ UINT16 type1 = va_arg(ap, int);
+ UINT32 value1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+
+ if (!digest1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT16(outOffset, type1, out_blob);
+ LoadBlob_UINT32(outOffset, value1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 1 UINT16, 1 20 byte value, 1 UINT16, 1 AUTH */
+ case TPM_ORD_ChangeAuthOwner:
+ {
+ UINT16 type1 = va_arg(ap, int);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT16 type2 = va_arg(ap, int);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!digest1 || !auth1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT16(outOffset, type1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_UINT16(outOffset, type2, out_blob);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#ifdef TSS_BUILD_AUDIT
+ /* 1 UINT32, 1 BOOL, 1 AUTH */
+ case TPM_ORD_SetOrdinalAuditStatus:
+ {
+ UINT32 ord1 = va_arg(ap, UINT32);
+ TSS_BOOL bool1 = va_arg(ap, int);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!auth1) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, ord1, out_blob);
+ LoadBlob_BOOL(outOffset, bool1, out_blob);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+ /* 1 BOOL, 1 optional AUTH */
+ case TPM_ORD_OwnerSetDisable:
+ case TPM_ORD_PhysicalSetDeactivated:
+ case TPM_ORD_CreateMaintenanceArchive:
+ case TPM_ORD_SetOwnerInstall:
+ {
+ TSS_BOOL bool1 = va_arg(ap, int);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_BOOL(outOffset, bool1, out_blob);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 optional AUTH */
+ case TPM_ORD_OwnerClear:
+ case TPM_ORD_DisablePubekRead:
+ case TPM_ORD_GetCapabilityOwner:
+ case TPM_ORD_ResetLockValue:
+ case TPM_ORD_DisableOwnerClear:
+ case TPM_ORD_SetTempDeactivated:
+ case TPM_ORD_OIAP:
+ case TPM_ORD_OwnerReadPubek:
+ case TPM_ORD_SelfTestFull:
+ case TPM_ORD_GetTicks:
+ case TPM_ORD_GetTestResult:
+ case TPM_ORD_KillMaintenanceFeature:
+ case TPM_ORD_Delegate_ReadTable:
+ case TPM_ORD_PhysicalEnable:
+ case TPM_ORD_DisableForceClear:
+ case TPM_ORD_ForceClear:
+ {
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 UINT32, 1 optional AUTH */
+ case TPM_ORD_OwnerReadInternalPub:
+ case TPM_ORD_GetPubKey:
+ case TPM_ORD_ReleaseCounterOwner:
+ case TPM_ORD_ReleaseCounter:
+ case TPM_ORD_IncrementCounter:
+ case TPM_ORD_PcrRead:
+ case TPM_ORD_DirRead:
+ case TPM_ORD_ReadCounter:
+ case TPM_ORD_Terminate_Handle:
+ case TPM_ORD_GetAuditDigest:
+ case TPM_ORD_GetRandom:
+ case TPM_ORD_CMK_SetRestrictions:
+ {
+ UINT32 i = va_arg(ap, UINT32);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, i, out_blob);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+#ifdef TSS_BUILD_CMK
+ /* 1 20 byte value, 1 optional AUTH */
+ case TPM_ORD_CMK_ApproveMA:
+ {
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+#endif
+ /* 1 UINT16 only */
+ case TSC_ORD_PhysicalPresence:
+ {
+ UINT16 i = va_arg(ap, int);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT16(outOffset, i, out_blob);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#ifdef TSS_BUILD_CMK
+ /* 1 UINT32, 1 20 byte value, 1 BLOB, 2 20 byte values, 1 optional AUTH */
+ case TPM_ORD_CMK_CreateKey:
+ {
+ UINT32 key1 = va_arg(ap, UINT32);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ BYTE *digest2 = va_arg(ap, BYTE *);
+ BYTE *digest3 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!digest1 || !in_blob1 || !digest2 || !digest3) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, key1, out_blob);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest2);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest3);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 BLOB, 1 20 byte value, 1 UINT32, 1 BLOB, 1 optional AUTH */
+ case TPM_ORD_CMK_CreateTicket:
+ {
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!digest1 || !in_blob1 || !in_blob2) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 UINT32, 1 UINT16, 1 BLOB, 1 20 byte value, 4 x (1 UINT32, 1 BLOB), 1 optional AUTH */
+ case TPM_ORD_CMK_CreateBlob:
+ {
+ UINT32 in_key1 = va_arg(ap, UINT32);
+ UINT16 i = va_arg(ap, int);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ UINT32 in_len3 = va_arg(ap, UINT32);
+ BYTE *in_blob3 = va_arg(ap, BYTE *);
+ UINT32 in_len4 = va_arg(ap, UINT32);
+ BYTE *in_blob4 = va_arg(ap, BYTE *);
+ UINT32 in_len5 = va_arg(ap, UINT32);
+ BYTE *in_blob5 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!digest1 || !in_blob1 || !in_blob2 || !in_blob3 || !in_blob4 || !in_blob5) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, in_key1, out_blob);
+ LoadBlob_UINT16(outOffset, i, out_blob);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ LoadBlob_UINT32(outOffset, in_len3, out_blob);
+ LoadBlob(outOffset, in_len3, out_blob, in_blob3);
+ LoadBlob_UINT32(outOffset, in_len4, out_blob);
+ LoadBlob(outOffset, in_len4, out_blob, in_blob4);
+ LoadBlob_UINT32(outOffset, in_len5, out_blob);
+ LoadBlob(outOffset, in_len5, out_blob, in_blob5);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+ /* 1 UINT32, 1 60 byte value, 1 20 byte value, 1 BLOB, 2 x (1 UINT32, 1 BLOB),
+ * 1 optional AUTH */
+ case TPM_ORD_CMK_ConvertMigration:
+ {
+ UINT32 key1 = va_arg(ap, UINT32);
+ BYTE *cmkauth1 = va_arg(ap, BYTE *);
+ BYTE *digest1 = va_arg(ap, BYTE *);
+ UINT32 in_len1 = va_arg(ap, UINT32);
+ BYTE *in_blob1 = va_arg(ap, BYTE *);
+ UINT32 in_len2 = va_arg(ap, UINT32);
+ BYTE *in_blob2 = va_arg(ap, BYTE *);
+ UINT32 in_len3 = va_arg(ap, UINT32);
+ BYTE *in_blob3 = va_arg(ap, BYTE *);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+
+ if (!cmkauth1 || !digest1 || !in_blob1 || !in_blob2 || !in_blob3) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ LogError("Internal error for ordinal 0x%x", ordinal);
+ break;
+ }
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, key1, out_blob);
+ LoadBlob(outOffset, 3 * TPM_SHA1_160_HASH_LEN, out_blob, cmkauth1);
+ LoadBlob(outOffset, TPM_SHA1_160_HASH_LEN, out_blob, digest1);
+ LoadBlob(outOffset, in_len1, out_blob, in_blob1);
+ LoadBlob_UINT32(outOffset, in_len2, out_blob);
+ LoadBlob(outOffset, in_len2, out_blob, in_blob2);
+ LoadBlob_UINT32(outOffset, in_len3, out_blob);
+ LoadBlob(outOffset, in_len3, out_blob, in_blob3);
+ if (auth1) {
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+ }
+
+ break;
+ }
+#endif
+#ifdef TSS_BUILD_TSS12
+ case TPM_ORD_FlushSpecific:
+ {
+ UINT32 val1 = va_arg(ap, UINT32);
+ UINT32 val2 = va_arg(ap, UINT32);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, val1, out_blob);
+ LoadBlob_UINT32(outOffset, val2, out_blob);
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+ /* 1 UINT32, 1 BLOB, 1 UINT32, 1 BOOL, 1 AUTH */
+ case TPM_ORD_KeyControlOwner:
+ {
+ UINT32 i = va_arg(ap, UINT32);
+ UINT32 len1 = va_arg(ap, UINT32);
+ BYTE *blob1 = va_arg(ap, BYTE *);
+ UINT32 j = va_arg(ap, UINT32);
+ TSS_BOOL bool1 = va_arg(ap, int);
+ TPM_AUTH *auth1 = va_arg(ap, TPM_AUTH *);
+ va_end(ap);
+
+ *outOffset += TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(outOffset, i, out_blob);
+ LoadBlob(outOffset, len1, out_blob, blob1);
+ LoadBlob_UINT32(outOffset, j, out_blob);
+ LoadBlob_BOOL(outOffset, bool1, out_blob);
+ LoadBlob_Auth(outOffset, out_blob, auth1);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, *outOffset, ordinal, out_blob);
+
+ break;
+ }
+#endif
+ default:
+ LogError("Unknown ordinal: 0x%x", ordinal);
+ break;
+ }
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_ps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_ps.c
new file mode 100644
index 0000000..cd3d0c3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_ps.c
@@ -0,0 +1,176 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tddl.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+get_vendor_data(struct key_disk_cache *d, UINT32 *size, BYTE **data)
+{
+ if (d->vendor_data_size == 0) {
+ *size = 0;
+ *data = NULL;
+
+ return TSS_SUCCESS;
+ }
+
+ return ps_get_vendor_data(d, size, data);
+}
+
+TSS_RESULT
+fill_key_info(struct key_disk_cache *d, struct key_mem_cache *m, TSS_KM_KEYINFO *key_info)
+{
+ BYTE tmp_blob[2048];
+ UINT16 tmp_blob_size = 2048;
+ TSS_KEY tmp_key;
+ UINT64 offset;
+ TSS_RESULT result;
+
+ if (m == NULL) {
+ key_info->fIsLoaded = FALSE;
+
+ /* read key from disk */
+ if ((result = ps_get_key_by_cache_entry(d, (BYTE *)&tmp_blob, &tmp_blob_size)))
+ return result;
+
+ offset = 0;
+ /* XXX add a real context handle here */
+ if ((result = UnloadBlob_TSS_KEY(&offset, tmp_blob, &tmp_key)))
+ return result;
+
+ if (tmp_key.hdr.key12.tag == TPM_TAG_KEY12) {
+ key_info->versionInfo.bMajor = TSS_SPEC_MAJOR;
+ key_info->versionInfo.bMinor = TSS_SPEC_MINOR;
+ key_info->versionInfo.bRevMajor = 0;
+ key_info->versionInfo.bRevMajor = 0;
+ } else
+ memcpy(&key_info->versionInfo, &tmp_key.hdr.key11.ver, sizeof(TSS_VERSION));
+ memcpy(&key_info->bAuthDataUsage, &tmp_key.authDataUsage,
+ sizeof(TCPA_AUTH_DATA_USAGE));
+ destroy_key_refs(&tmp_key);
+ } else {
+ if (m->tpm_handle == NULL_TPM_HANDLE)
+ key_info->fIsLoaded = FALSE;
+ else
+ key_info->fIsLoaded = TRUE;
+
+ if (m->blob->hdr.key12.tag == TPM_TAG_KEY12) {
+ key_info->versionInfo.bMajor = TSS_SPEC_MAJOR;
+ key_info->versionInfo.bMinor = TSS_SPEC_MINOR;
+ key_info->versionInfo.bRevMajor = 0;
+ key_info->versionInfo.bRevMajor = 0;
+ } else
+ memcpy(&key_info->versionInfo, &m->blob->hdr.key11.ver, sizeof(TSS_VERSION));
+ memcpy(&key_info->bAuthDataUsage, &m->blob->authDataUsage,
+ sizeof(TCPA_AUTH_DATA_USAGE));
+ }
+
+ memcpy(&key_info->keyUUID, &d->uuid, sizeof(TSS_UUID));
+ memcpy(&key_info->parentKeyUUID, &d->parent_uuid, sizeof(TSS_UUID));
+
+ return get_vendor_data(d, &key_info->ulVendorDataLength, &key_info->rgbVendorData);
+}
+
+TSS_RESULT
+fill_key_info2(struct key_disk_cache *d, struct key_mem_cache *m, TSS_KM_KEYINFO2 *key_info)
+{
+ BYTE tmp_blob[2048];
+ UINT16 tmp_blob_size = 2048;
+ TSS_KEY tmp_key;
+ UINT64 offset;
+ TSS_RESULT result;
+
+ if (m == NULL) {
+ key_info->fIsLoaded = FALSE;
+
+ /* read key from disk */
+ if ((result = ps_get_key_by_cache_entry(d, (BYTE *)&tmp_blob, &tmp_blob_size)))
+ return result;
+
+ offset = 0;
+ /* XXX add a real context handle here */
+ if ((result = UnloadBlob_TSS_KEY(&offset, tmp_blob, &tmp_key)))
+ return result;
+
+ if (tmp_key.hdr.key12.tag == TPM_TAG_KEY12) {
+ key_info->versionInfo.bMajor = TSS_SPEC_MAJOR;
+ key_info->versionInfo.bMinor = TSS_SPEC_MINOR;
+ key_info->versionInfo.bRevMajor = 0;
+ key_info->versionInfo.bRevMajor = 0;
+ } else
+ memcpy(&key_info->versionInfo, &tmp_key.hdr.key11.ver, sizeof(TSS_VERSION));
+ memcpy(&key_info->bAuthDataUsage, &tmp_key.authDataUsage,
+ sizeof(TCPA_AUTH_DATA_USAGE));
+ destroy_key_refs(&tmp_key);
+ } else {
+ if (m->tpm_handle == NULL_TPM_HANDLE)
+ key_info->fIsLoaded = FALSE;
+ else
+ key_info->fIsLoaded = TRUE;
+
+ if (m->blob->hdr.key12.tag == TPM_TAG_KEY12) {
+ key_info->versionInfo.bMajor = TSS_SPEC_MAJOR;
+ key_info->versionInfo.bMinor = TSS_SPEC_MINOR;
+ key_info->versionInfo.bRevMajor = 0;
+ key_info->versionInfo.bRevMajor = 0;
+ } else
+ memcpy(&key_info->versionInfo, &m->blob->hdr.key11.ver, sizeof(TSS_VERSION));
+ memcpy(&key_info->bAuthDataUsage, &m->blob->authDataUsage,
+ sizeof(TCPA_AUTH_DATA_USAGE));
+ }
+
+ memcpy(&key_info->keyUUID, &d->uuid, sizeof(TSS_UUID));
+ memcpy(&key_info->parentKeyUUID, &d->parent_uuid, sizeof(TSS_UUID));
+
+ /* Fill the two new TSS_KM_KEYINFO2 fields here */
+ key_info->persistentStorageTypeParent = d->flags & CACHE_FLAG_PARENT_PS_SYSTEM ?
+ TSS_PS_TYPE_SYSTEM : TSS_PS_TYPE_USER;
+ key_info->persistentStorageType = TSS_PS_TYPE_SYSTEM;
+
+ return get_vendor_data(d, &key_info->ulVendorDataLength, &key_info->rgbVendorData);
+}
+
+TSS_RESULT
+key_mgr_load_by_uuid(TCS_CONTEXT_HANDLE hContext,
+ TSS_UUID *uuid,
+ TCS_LOADKEY_INFO *pInfo,
+ TCS_KEY_HANDLE *phKeyTCSI)
+{
+ TSS_RESULT result;
+
+ MUTEX_LOCK(mem_cache_lock);
+
+ result = TCSP_LoadKeyByUUID_Internal(hContext, uuid, pInfo, phKeyTCSI);
+
+ LogDebug("Key %s loaded by UUID w/ TCS handle: 0x%x",
+ result ? "NOT" : "successfully", result ? 0 : *phKeyTCSI);
+
+ MUTEX_UNLOCK(mem_cache_lock);
+
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_quote.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_quote.c
new file mode 100644
index 0000000..0c84687
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_quote.c
@@ -0,0 +1,101 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tddl.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+UnloadBlob_PCR_SELECTION(UINT64 *offset, BYTE *blob, TCPA_PCR_SELECTION *pcr)
+{
+ if (!pcr) {
+ UINT16 size;
+
+ UnloadBlob_UINT16(offset, &size, blob);
+
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_UINT16(offset, &pcr->sizeOfSelect, blob);
+ pcr->pcrSelect = malloc(pcr->sizeOfSelect);
+ if (pcr->pcrSelect == NULL) {
+ LogError("malloc of %hu bytes failed.", pcr->sizeOfSelect);
+ pcr->sizeOfSelect = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, pcr->sizeOfSelect, blob, pcr->pcrSelect);
+
+ return TSS_SUCCESS;
+}
+
+void
+LoadBlob_PCR_SELECTION(UINT64 *offset, BYTE * blob, TCPA_PCR_SELECTION pcr)
+{
+ LoadBlob_UINT16(offset, pcr.sizeOfSelect, blob);
+ LoadBlob(offset, pcr.sizeOfSelect, blob, pcr.pcrSelect);
+}
+
+TSS_RESULT
+UnloadBlob_PCR_COMPOSITE(UINT64 *offset, BYTE *blob, TCPA_PCR_COMPOSITE *out)
+{
+ TSS_RESULT rc;
+
+ if (!out) {
+ UINT32 size;
+
+ if ((rc = UnloadBlob_PCR_SELECTION(offset, blob, NULL)))
+ return rc;
+
+ UnloadBlob_UINT32(offset, &size, blob);
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((rc = UnloadBlob_PCR_SELECTION(offset, blob, &out->select)))
+ return rc;
+
+ UnloadBlob_UINT32(offset, &out->valueSize, blob);
+ out->pcrValue = malloc(out->valueSize);
+ if (out->pcrValue == NULL) {
+ LogError("malloc of %u bytes failed.", out->valueSize);
+ out->valueSize = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, out->valueSize, blob, (BYTE *) out->pcrValue);
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_quote2.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_quote2.c
new file mode 100644
index 0000000..aa7ba51
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_quote2.c
@@ -0,0 +1,72 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tddl.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+UnloadBlob_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_SHORT *pcrInfoOut)
+{
+ TSS_RESULT result;
+ BYTE locAtRelease;
+ TPM_DIGEST digest;
+
+ LogDebugFn("UnloadBlob_PCR_INFO_SHORT.");
+ /* Only adjust the offset until the end of this data type */
+ if (!pcrInfoOut) {
+ if ((result = UnloadBlob_PCR_SELECTION(offset, blob, NULL)))
+ return result;
+ /* What should go to &pcrInfoOut->localityAtRelease */
+ UnloadBlob_BYTE(offset, NULL, blob);
+ /* What should go to &pcrInfoOut->digestAtRelease */
+ UnloadBlob_DIGEST(offset, blob, NULL);
+ return TSS_SUCCESS;
+ }
+
+ /* Normal retrieve or TPM_PCR_INFO_SHORT (not used yet, kept for
+ * integrity purposes.
+ * TPM_PCR_SELECTION pcrSelection
+ * TPM_LOCALITY_SELECTION localityAtRelease
+ * TPM_COMPOSITE_HASH digestAtRelease
+ * */
+ if ((result = UnloadBlob_PCR_SELECTION(offset, blob, &pcrInfoOut->pcrSelection)))
+ return result;
+
+ UnloadBlob_BYTE(offset, &locAtRelease, blob);
+ pcrInfoOut->localityAtRelease = locAtRelease;
+ UnloadBlob_DIGEST(offset, blob, &digest);
+ pcrInfoOut->digestAtRelease = digest;
+
+ return TSS_SUCCESS;
+}
+
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_req_mgr.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_req_mgr.c
new file mode 100644
index 0000000..701cedb
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_req_mgr.c
@@ -0,0 +1,83 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <signal.h>
+#include <string.h>
+#include <errno.h>
+#include <unistd.h>
+
+#include "trousers/tss.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tddl.h"
+#include "req_mgr.h"
+#include "tcslog.h"
+
+static struct tpm_req_mgr *trm;
+
+#ifdef TSS_DEBUG
+#define TSS_TPM_DEBUG
+#endif
+
+TSS_RESULT
+req_mgr_submit_req(BYTE *blob)
+{
+ TSS_RESULT result;
+ BYTE loc_buf[TSS_TPM_TXBLOB_SIZE];
+ UINT32 size = TSS_TPM_TXBLOB_SIZE;
+ UINT32 retry = TSS_REQ_MGR_MAX_RETRIES;
+
+ MUTEX_LOCK(trm->queue_lock);
+
+#ifdef TSS_TPM_DEBUG
+ LogBlobData("To TPM:", Decode_UINT32(&blob[2]), blob);
+#endif
+
+ do {
+ result = Tddli_TransmitData(blob, Decode_UINT32(&blob[2]), loc_buf, &size);
+ } while (!result && (Decode_UINT32(&loc_buf[6]) == TCPA_E_RETRY) && --retry);
+
+ if (!result)
+ memcpy(blob, loc_buf, Decode_UINT32(&loc_buf[2]));
+
+#ifdef TSS_TPM_DEBUG
+ LogBlobData("From TPM:", size, loc_buf);
+#endif
+
+ MUTEX_UNLOCK(trm->queue_lock);
+
+ return result;
+}
+
+TSS_RESULT
+req_mgr_init()
+{
+ if ((trm = calloc(1, sizeof(struct tpm_req_mgr))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tpm_req_mgr));
+ return TSS_E_OUTOFMEMORY;
+ }
+
+ MUTEX_INIT(trm->queue_lock);
+
+ return Tddli_Open();
+}
+
+TSS_RESULT
+req_mgr_final()
+{
+ free(trm);
+
+ return Tddli_Close();
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_seal.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_seal.c
new file mode 100644
index 0000000..e021948
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_seal.c
@@ -0,0 +1,84 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcslog.h"
+
+
+TSS_RESULT
+UnloadBlob_STORED_DATA(UINT64 *offset, BYTE *blob, TCPA_STORED_DATA *data)
+{
+ if (!data) {
+ UINT32 size;
+
+ UnloadBlob_VERSION(offset, blob, NULL);
+
+ UnloadBlob_UINT32(offset, &size, blob);
+
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ UnloadBlob_UINT32(offset, &size, blob);
+
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_VERSION(offset, blob, (TPM_VERSION *)&data->ver);
+
+ UnloadBlob_UINT32(offset, &data->sealInfoSize, blob);
+
+ if (data->sealInfoSize > 0) {
+ data->sealInfo = (BYTE *)calloc(1, data->sealInfoSize);
+ if (data->sealInfo == NULL) {
+ LogError("malloc of %u bytes failed.", data->sealInfoSize);
+ data->sealInfoSize = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, data->sealInfoSize, blob, data->sealInfo);
+ } else {
+ data->sealInfo = NULL;
+ }
+
+ UnloadBlob_UINT32(offset, &data->encDataSize, blob);
+
+ if (data->encDataSize > 0) {
+ data->encData = (BYTE *)calloc(1, data->encDataSize);
+ if (data->encData == NULL) {
+ LogError("malloc of %u bytes failed.", data->encDataSize);
+ data->encDataSize = 0;
+ free(data->sealInfo);
+ data->sealInfo = NULL;
+ data->sealInfoSize = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, data->encDataSize, blob, data->encData);
+ } else {
+ data->encData = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_utils.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_utils.c
new file mode 100644
index 0000000..bcb1685
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcs_utils.c
@@ -0,0 +1,532 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+
+
+TCS_CONTEXT_HANDLE InternalContext = 0x30000000;
+TSS_UUID SRK_UUID = TSS_UUID_SRK;
+
+
+void
+LogData(char *string, UINT32 data)
+{
+#if 0
+ /* commenting out temporarily, logs getting too chatty */
+ LogDebug("%s %08x", string, data);
+#endif
+}
+
+void
+LogResult(char *string, TCPA_RESULT result)
+{
+#if 0
+ /* commenting out temporarily, logs getting too chatty */
+ LogDebug("Leaving %s with result 0x%08x", string, result);
+#endif
+}
+
+UINT16
+Decode_UINT16(BYTE * in)
+{
+ UINT16 temp = 0;
+ temp = (in[1] & 0xFF);
+ temp |= (in[0] << 8);
+ return temp;
+}
+
+void
+UINT64ToArray(UINT64 i, BYTE * out)
+{
+ out[0] = (BYTE) ((i >> 56) & 0xFF);
+ out[1] = (BYTE) ((i >> 48) & 0xFF);
+ out[2] = (BYTE) ((i >> 40) & 0xFF);
+ out[3] = (BYTE) ((i >> 32) & 0xFF);
+ out[4] = (BYTE) ((i >> 24) & 0xFF);
+ out[5] = (BYTE) ((i >> 16) & 0xFF);
+ out[6] = (BYTE) ((i >> 8) & 0xFF);
+ out[7] = (BYTE) (i & 0xFF);
+}
+
+void
+UINT32ToArray(UINT32 i, BYTE * out)
+{
+ out[0] = (BYTE) ((i >> 24) & 0xFF);
+ out[1] = (BYTE) ((i >> 16) & 0xFF);
+ out[2] = (BYTE) ((i >> 8) & 0xFF);
+ out[3] = (BYTE) (i & 0xFF);
+}
+
+void
+UINT16ToArray(UINT16 i, BYTE * out)
+{
+ out[0] = (BYTE) ((i >> 8) & 0xFF);
+ out[1] = (BYTE) (i & 0xFF);
+}
+
+UINT32
+Decode_UINT32(BYTE * y)
+{
+ UINT32 x = 0;
+
+ x = y[0];
+ x = ((x << 8) | (y[1] & 0xFF));
+ x = ((x << 8) | (y[2] & 0xFF));
+ x = ((x << 8) | (y[3] & 0xFF));
+
+ return x;
+}
+
+UINT64
+Decode_UINT64(BYTE *y)
+{
+ UINT64 x = 0;
+
+ x = y[0];
+ x = ((x << 8) | (y[1] & 0xFF));
+ x = ((x << 8) | (y[2] & 0xFF));
+ x = ((x << 8) | (y[3] & 0xFF));
+ x = ((x << 8) | (y[4] & 0xFF));
+ x = ((x << 8) | (y[5] & 0xFF));
+ x = ((x << 8) | (y[6] & 0xFF));
+ x = ((x << 8) | (y[7] & 0xFF));
+
+ return x;
+}
+
+void
+LoadBlob_UINT64(UINT64 *offset, UINT64 in, BYTE * blob)
+{
+ if (blob)
+ UINT64ToArray(in, &blob[*offset]);
+ *offset += sizeof(UINT64);
+}
+
+void
+LoadBlob_UINT32(UINT64 *offset, UINT32 in, BYTE * blob)
+{
+ if (blob)
+ UINT32ToArray(in, &blob[*offset]);
+ *offset += sizeof(UINT32);
+}
+
+void
+LoadBlob_UINT16(UINT64 *offset, UINT16 in, BYTE * blob)
+{
+ if (blob)
+ UINT16ToArray(in, &blob[*offset]);
+ *offset += sizeof(UINT16);
+}
+
+void
+UnloadBlob_UINT64(UINT64 *offset, UINT64 * out, BYTE * blob)
+{
+ if (out)
+ *out = Decode_UINT64(&blob[*offset]);
+ *offset += sizeof(UINT64);
+}
+
+void
+UnloadBlob_UINT32(UINT64 *offset, UINT32 * out, BYTE * blob)
+{
+ if (out)
+ *out = Decode_UINT32(&blob[*offset]);
+ *offset += sizeof(UINT32);
+}
+
+void
+UnloadBlob_UINT16(UINT64 *offset, UINT16 * out, BYTE * blob)
+{
+ if (out)
+ *out = Decode_UINT16(&blob[*offset]);
+ *offset += sizeof(UINT16);
+}
+
+void
+LoadBlob_BYTE(UINT64 *offset, BYTE data, BYTE * blob)
+{
+ if (blob)
+ blob[*offset] = data;
+ (*offset)++;
+}
+
+void
+UnloadBlob_BYTE(UINT64 *offset, BYTE * dataOut, BYTE * blob)
+{
+ if (dataOut)
+ *dataOut = blob[*offset];
+ (*offset)++;
+}
+
+void
+LoadBlob_BOOL(UINT64 *offset, TSS_BOOL data, BYTE * blob)
+{
+ if (blob)
+ blob[*offset] = data;
+ (*offset)++;
+}
+
+void
+UnloadBlob_BOOL(UINT64 *offset, TSS_BOOL *dataOut, BYTE * blob)
+{
+ if (dataOut)
+ *dataOut = blob[*offset];
+ (*offset)++;
+}
+
+void
+LoadBlob(UINT64 *offset, UINT32 size, BYTE *container, BYTE *object)
+{
+ if (container)
+ memcpy(&container[*offset], object, size);
+ (*offset) += (UINT64) size;
+}
+
+void
+UnloadBlob(UINT64 *offset, UINT32 size, BYTE *container, BYTE *object)
+{
+ if (object)
+ memcpy(object, &container[*offset], size);
+ (*offset) += (UINT64) size;
+}
+
+void
+LoadBlob_Header(UINT16 tag, UINT32 paramSize, UINT32 ordinal, BYTE * blob)
+{
+ if (blob) {
+ UINT16ToArray(tag, &blob[0]);
+ LogData("Header Tag:", tag);
+ UINT32ToArray(paramSize, &blob[2]);
+ LogData("Header ParamSize:", paramSize);
+ UINT32ToArray(ordinal, &blob[6]);
+ LogData("Header Ordinal:", ordinal);
+ }
+#if 0
+ LogInfo("Blob's TPM Ordinal: 0x%x", ordinal);
+#endif
+}
+
+#ifdef TSS_DEBUG
+TSS_RESULT
+LogUnloadBlob_Header(BYTE * blob, UINT32 * size, char *file, int line)
+{
+ TSS_RESULT result;
+
+ UINT16 temp = Decode_UINT16(blob);
+ LogData("UnloadBlob_Tag:", (temp));
+ *size = Decode_UINT32(&blob[2]);
+ LogData("UnloadBlob_Header, size:", *size);
+ LogData("UnloadBlob_Header, returnCode:", Decode_UINT32(&blob[6]));
+
+ if ((result = Decode_UINT32(&blob[6]))) {
+ LogTPMERR(result, file, line);
+ }
+
+ return result;
+}
+#else
+TSS_RESULT
+UnloadBlob_Header(BYTE * blob, UINT32 * size)
+{
+ UINT16 temp = Decode_UINT16(blob);
+ LogData("UnloadBlob_Tag:", (temp));
+ *size = Decode_UINT32(&blob[2]);
+ LogData("UnloadBlob_Header, size:", *size);
+ LogData("UnloadBlob_Header, returnCode:", Decode_UINT32(&blob[6]));
+ return Decode_UINT32(&blob[6]);
+}
+#endif
+
+void
+LoadBlob_Auth(UINT64 *offset, BYTE * blob, TPM_AUTH * auth)
+{
+ LoadBlob_UINT32(offset, auth->AuthHandle, blob);
+ LoadBlob(offset, TCPA_NONCE_SIZE, blob, auth->NonceOdd.nonce);
+ LoadBlob_BOOL(offset, auth->fContinueAuthSession, blob);
+ LoadBlob(offset, TCPA_AUTHDATA_SIZE, blob, (BYTE *)&auth->HMAC);
+}
+
+void
+UnloadBlob_Auth(UINT64 *offset, BYTE * blob, TPM_AUTH * auth)
+{
+ if (!auth) {
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, NULL);
+ UnloadBlob_BOOL(offset, NULL, blob);
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, NULL);
+
+ return;
+ }
+
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, auth->NonceEven.nonce);
+ UnloadBlob_BOOL(offset, &auth->fContinueAuthSession, blob);
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, (BYTE *)&auth->HMAC);
+}
+
+void
+UnloadBlob_VERSION(UINT64 *offset, BYTE *blob, TPM_VERSION *out)
+{
+ if (!out) {
+ *offset += (sizeof(BYTE) * 4);
+ return;
+ }
+
+ UnloadBlob_BYTE(offset, &out->major, blob);
+ UnloadBlob_BYTE(offset, &out->minor, blob);
+ UnloadBlob_BYTE(offset, &out->revMajor, blob);
+ UnloadBlob_BYTE(offset, &out->revMinor, blob);
+}
+
+void
+LoadBlob_VERSION(UINT64 *offset, BYTE *blob, TPM_VERSION *ver)
+{
+ LoadBlob_BYTE(offset, ver->major, blob);
+ LoadBlob_BYTE(offset, ver->minor, blob);
+ LoadBlob_BYTE(offset, ver->revMajor, blob);
+ LoadBlob_BYTE(offset, ver->revMinor, blob);
+}
+
+void
+UnloadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION *out)
+{
+ if (!out) {
+ *offset += (sizeof(BYTE) * 4);
+ return;
+ }
+
+ UnloadBlob_BYTE(offset, &out->major, blob);
+ UnloadBlob_BYTE(offset, &out->minor, blob);
+ UnloadBlob_BYTE(offset, &out->revMajor, blob);
+ UnloadBlob_BYTE(offset, &out->revMinor, blob);
+}
+
+void
+LoadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION *ver)
+{
+ LoadBlob_BYTE(offset, ver->major, blob);
+ LoadBlob_BYTE(offset, ver->minor, blob);
+ LoadBlob_BYTE(offset, ver->revMajor, blob);
+ LoadBlob_BYTE(offset, ver->revMinor, blob);
+}
+
+TSS_RESULT
+UnloadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyParms)
+{
+ if (!keyParms) {
+ UINT32 parmSize;
+
+ UnloadBlob_UINT32(offset, NULL, blob);
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob_UINT32(offset, &parmSize, blob);
+
+ if (parmSize > 0)
+ UnloadBlob(offset, parmSize, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_UINT32(offset, &keyParms->algorithmID, blob);
+ UnloadBlob_UINT16(offset, &keyParms->encScheme, blob);
+ UnloadBlob_UINT16(offset, &keyParms->sigScheme, blob);
+ UnloadBlob_UINT32(offset, &keyParms->parmSize, blob);
+
+ if (keyParms->parmSize == 0)
+ keyParms->parms = NULL;
+ else {
+ keyParms->parms = malloc(keyParms->parmSize);
+ if (keyParms->parms == NULL) {
+ LogError("malloc of %u bytes failed.", keyParms->parmSize);
+ keyParms->parmSize = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ UnloadBlob(offset, keyParms->parmSize, blob, keyParms->parms);
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+UnloadBlob_KEY_FLAGS(UINT64 *offset, BYTE *blob, TCPA_KEY_FLAGS *flags)
+{
+ if (!flags) {
+ UnloadBlob_UINT32(offset, NULL, blob);
+
+ return;
+ }
+
+ UnloadBlob_UINT32(offset, flags, blob);
+}
+
+TSS_RESULT
+UnloadBlob_CERTIFY_INFO(UINT64 *offset, BYTE *blob, TCPA_CERTIFY_INFO *certify)
+{
+ TSS_RESULT rc;
+
+ if (!certify) {
+ TPM_VERSION version;
+ UINT32 size;
+
+ UnloadBlob_VERSION(offset, blob, &version);
+ UnloadBlob_UINT16(offset, NULL, blob);
+ UnloadBlob_KEY_FLAGS(offset, blob, NULL);
+ UnloadBlob_BOOL(offset, NULL, blob);
+
+ if ((rc = UnloadBlob_KEY_PARMS(offset, blob, NULL)))
+ return rc;
+
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, NULL);
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, NULL);
+ UnloadBlob_BOOL(offset, NULL, blob);
+ UnloadBlob_UINT32(offset, &size, blob);
+
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+
+ if (Decode_UINT16((BYTE *) &version) == TPM_TAG_CERTIFY_INFO2){
+ /* This is a TPM_CERTIFY_INFO2 structure. */
+ /* Read migrationAuthority. */
+ UnloadBlob_UINT32(offset, &size, blob);
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+ }
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_VERSION(offset, blob, (TPM_VERSION *)&certify->version);
+ UnloadBlob_UINT16(offset, &certify->keyUsage, blob);
+ UnloadBlob_KEY_FLAGS(offset, blob, &certify->keyFlags);
+ UnloadBlob_BOOL(offset, (TSS_BOOL *)&certify->authDataUsage, blob);
+
+ if ((rc = UnloadBlob_KEY_PARMS(offset, blob, &certify->algorithmParms)))
+ return rc;
+
+ UnloadBlob(offset, TCPA_DIGEST_SIZE, blob, certify->pubkeyDigest.digest);
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, certify->data.nonce);
+ UnloadBlob_BOOL(offset, (TSS_BOOL *)&certify->parentPCRStatus, blob);
+ UnloadBlob_UINT32(offset, &certify->PCRInfoSize, blob);
+
+ if (certify->PCRInfoSize > 0) {
+ certify->PCRInfo = (BYTE *)malloc(certify->PCRInfoSize);
+ if (certify->PCRInfo == NULL) {
+ LogError("malloc of %u bytes failed.", certify->PCRInfoSize);
+ certify->PCRInfoSize = 0;
+ free(certify->algorithmParms.parms);
+ certify->algorithmParms.parms = NULL;
+ certify->algorithmParms.parmSize = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(offset, certify->PCRInfoSize, blob, certify->PCRInfo);
+ } else {
+ certify->PCRInfo = NULL;
+ }
+
+ if (Decode_UINT16((BYTE *) &certify->version) == TPM_TAG_CERTIFY_INFO2){
+ /* This is a TPM_CERTIFY_INFO2 structure. */
+ /* Read migrationAuthority. */
+ UINT32 size;
+ UnloadBlob_UINT32(offset, &size, blob);
+ if (size > 0)
+ UnloadBlob(offset, size, blob, NULL);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+UnloadBlob_KEY_HANDLE_LIST(UINT64 *offset, BYTE *blob, TCPA_KEY_HANDLE_LIST *list)
+{
+ UINT16 i;
+
+ if (!list) {
+ UINT16 size;
+
+ UnloadBlob_UINT16(offset, &size, blob);
+
+ *offset += (size * sizeof(UINT32));
+
+ return TSS_SUCCESS;
+ }
+
+ UnloadBlob_UINT16(offset, &list->loaded, blob);
+ if (list->loaded == 0) {
+ list->handle = NULL;
+ return TSS_SUCCESS;
+ }
+
+ list->handle = malloc(list->loaded * sizeof (UINT32));
+ if (list->handle == NULL) {
+ LogError("malloc of %zd bytes failed.", list->loaded * sizeof (UINT32));
+ list->loaded = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ for (i = 0; i < list->loaded; i++)
+ UnloadBlob_UINT32(offset, &list->handle[i], blob);
+
+ return TSS_SUCCESS;
+}
+
+void
+LoadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest)
+{
+ LoadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, digest->digest);
+}
+
+void
+UnloadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest)
+{
+ UnloadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, digest->digest);
+}
+
+void
+LoadBlob_NONCE(UINT64 *offset, BYTE *blob, TPM_NONCE *nonce)
+{
+ LoadBlob(offset, TCPA_NONCE_SIZE, blob, nonce->nonce);
+}
+
+void
+UnloadBlob_NONCE(UINT64 *offset, BYTE *blob, TPM_NONCE *nonce)
+{
+ UnloadBlob(offset, TCPA_NONCE_SIZE, blob, nonce->nonce);
+}
+
+void
+LoadBlob_AUTHDATA(UINT64 *offset, BYTE *blob, TPM_AUTHDATA *authdata)
+{
+ LoadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, authdata->authdata);
+}
+
+void
+UnloadBlob_AUTHDATA(UINT64 *offset, BYTE *blob, TPM_AUTHDATA *authdata)
+{
+ UnloadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, authdata->authdata);
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_admin.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_admin.c
new file mode 100644
index 0000000..790a7ff
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_admin.c
@@ -0,0 +1,520 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+TCSP_SetOwnerInstall_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL state) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering SetOwnerInstall");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SetOwnerInstall, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, state, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("SetOwnerInstall", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_OwnerSetDisable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL disableState, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_OwnerSetDisable, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, disableState,
+ ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_OwnerSetDisable, txBlob, paramSize, ownerAuth);
+ }
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_DisableOwnerClear_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering DisableownerClear");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DisableOwnerClear, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_DisableOwnerClear, txBlob, paramSize, ownerAuth);
+ }
+ LogResult("DisableOwnerClear", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ForceClear_Internal(TCS_CONTEXT_HANDLE hContext) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Force Clear");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ForceClear, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("Force Clear", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_DisableForceClear_Internal(TCS_CONTEXT_HANDLE hContext) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Disable Force Clear");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DisableForceClear, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("Disable Force Clear", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_PhysicalPresence_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PHYSICAL_PRESENCE fPhysicalPresence) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result = TCSERR(TSS_E_NOTIMPL);
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+ char runlevel;
+
+ runlevel = platform_get_runlevel();
+
+ if (runlevel != 's' && runlevel != 'S' && runlevel != '1') {
+ LogInfo("Physical Presence command denied: Must be in single"
+ " user mode.");
+ return TCSERR(TSS_E_NOTIMPL);
+ }
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build(TSC_ORD_PhysicalPresence, &offset, txBlob, fPhysicalPresence)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ return UnloadBlob_Header(txBlob, ¶mSize);
+}
+
+TSS_RESULT
+TCSP_PhysicalDisable_Internal(TCS_CONTEXT_HANDLE hContext) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Physical Disable");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_PhysicalDisable, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("Physical Disable", result);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_PhysicalEnable_Internal(TCS_CONTEXT_HANDLE hContext) /* in */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Physical Enable");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_PhysicalEnable, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("Physical Enable", result);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_PhysicalSetDeactivated_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL state) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Physical Set Deactivated");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_PhysicalSetDeactivated, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, state, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("PhysicalSetDeactivated", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_SetTempDeactivated_Internal(TCS_CONTEXT_HANDLE hContext) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Set Temp Deactivated");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SetTempDeactivated, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("SetTempDeactivated", result);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+TCSP_SetTempDeactivated2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * operatorAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Set Temp Deactivated2");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (operatorAuth) {
+ if ((result = auth_mgr_check(hContext, &operatorAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SetTempDeactivated, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, operatorAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_SetTempDeactivated, txBlob, paramSize,
+ operatorAuth);
+ }
+
+ LogResult("SetTempDeactivated2", result);
+
+done:
+ auth_mgr_release_auth(operatorAuth, NULL, hContext);
+
+ return result;
+}
+#endif
+
+TSS_RESULT
+TCSP_FieldUpgrade_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 dataInSize, /* in */
+ BYTE * dataIn, /* in */
+ UINT32 * dataOutSize, /* out */
+ BYTE ** dataOut, /* out */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Field Upgrade");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (ownerAuth) {
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_FieldUpgrade, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, dataInSize, dataIn,
+ ownerAuth, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_FieldUpgrade, txBlob, paramSize, dataOutSize,
+ dataOut, ownerAuth);
+ }
+ LogResult("Field Upgrade", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_SetRedirection_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 c1, /* in */
+ UINT32 c2, /* in */
+ TPM_AUTH * privAuth) /* in, out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Set Redirection");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (privAuth != NULL) {
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot))) {
+ result = TCSERR(TSS_E_FAIL);
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SetRedirection, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, c1, c2,
+ privAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_SetRedirection, txBlob, paramSize, privAuth);
+ }
+ LogResult("Set Redirection", result);
+done:
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+TCSP_ResetLockValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ResetLockValue, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, ownerAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ResetLockValue, txBlob, paramSize, ownerAuth);
+ }
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_FlushSpecific_Common(UINT32 tpmResHandle, TPM_RESOURCE_TYPE resourceType)
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_FlushSpecific, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, tpmResHandle,
+ resourceType)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_FlushSpecific, txBlob, paramSize, NULL);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_FlushSpecific_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_HANDLE hResHandle, /* in */
+ TPM_RESOURCE_TYPE resourceType) /* in */
+{
+ UINT32 tpmResHandle;
+ TSS_RESULT result;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ switch (resourceType) {
+ case TPM_RT_KEY:
+ if ((result = get_slot_lite(hContext, hResHandle, &tpmResHandle)))
+ return result;
+
+ if ((result = ctx_remove_key_loaded(hContext, hResHandle)))
+ return result;
+
+ if ((result = key_mgr_dec_ref_count(hResHandle)))
+ return result;
+ break;
+ case TPM_RT_AUTH:
+ if ((result = auth_mgr_check(hContext, &hResHandle)))
+ return result;
+
+ auth_mgr_release_auth_handle(hResHandle, hContext, FALSE);
+ /* fall through */
+ case TPM_RT_TRANS:
+ case TPM_RT_DAA_TPM:
+ tpmResHandle = hResHandle;
+ break;
+ case TPM_RT_CONTEXT:
+ result = TCSERR(TSS_E_NOTIMPL);
+ goto done;
+ default:
+ LogDebugFn("Unknown resource type: 0x%x", resourceType);
+ goto done;
+ }
+
+ result = TCSP_FlushSpecific_Common(tpmResHandle, resourceType);
+
+done:
+ return result;
+}
+#endif
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_aik.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_aik.c
new file mode 100644
index 0000000..d49ec50
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_aik.c
@@ -0,0 +1,227 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+#include "tcs_aik.h"
+
+
+TSS_RESULT
+TCSP_MakeIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_ENCAUTH identityAuth, /* in */
+ TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
+ UINT32 idKeyInfoSize, /* in */
+ BYTE * idKeyInfo, /* in */
+ TPM_AUTH * pSrkAuth, /* in, out */
+ TPM_AUTH * pOwnerAuth, /* in, out */
+ UINT32 * idKeySize, /* out */
+ BYTE ** idKey, /* out */
+ UINT32 * pcIdentityBindingSize, /* out */
+ BYTE ** prgbIdentityBinding, /* out */
+ UINT32 * pcEndorsementCredentialSize, /* out */
+ BYTE ** prgbEndorsementCredential, /* out */
+ UINT32 * pcPlatformCredentialSize, /* out */
+ BYTE ** prgbPlatformCredential, /* out */
+ UINT32 * pcConformanceCredentialSize, /* out */
+ BYTE ** prgbConformanceCredential) /* out */
+{
+ UINT64 offset;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (pSrkAuth != NULL) {
+ LogDebug("SRK Auth Used");
+ if ((result = auth_mgr_check(hContext, &pSrkAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No SRK Auth");
+ }
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ goto done;
+
+ offset = 0;
+ if ((result = tpm_rqu_build_checked(TPM_ORD_MakeIdentity, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, identityAuth.authdata,
+ IDLabel_PrivCAHash.digest, idKeyInfoSize, idKeyInfo, pSrkAuth,
+ pOwnerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ if ((result = tpm_rsp_parse(TPM_ORD_MakeIdentity, txBlob, paramSize, idKeySize,
+ idKey, pcIdentityBindingSize, prgbIdentityBinding,
+ pSrkAuth, pOwnerAuth)))
+ goto done;
+
+ /* If an error occurs, these will return NULL */
+ get_credential(TSS_TCS_CREDENTIAL_PLATFORMCERT, pcPlatformCredentialSize,
+ prgbPlatformCredential);
+ get_credential(TSS_TCS_CREDENTIAL_TPM_CC, pcConformanceCredentialSize,
+ prgbConformanceCredential);
+ get_credential(TSS_TCS_CREDENTIAL_EKCERT, pcEndorsementCredentialSize,
+ prgbEndorsementCredential);
+ }
+ LogResult("Make Identity", result);
+done:
+ auth_mgr_release_auth(pSrkAuth, pOwnerAuth, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ActivateTPMIdentity_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE idKey, /* in */
+ UINT32 blobSize, /* in */
+ BYTE * blob, /* in */
+ TPM_AUTH * idKeyAuth, /* in, out */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * SymmetricKeySize, /* out */
+ BYTE ** SymmetricKey) /* out */
+{
+ UINT64 offset;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT32 keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("TCSP_ActivateTPMIdentity");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (idKeyAuth != NULL) {
+ if ((result = auth_mgr_check(hContext, &idKeyAuth->AuthHandle)))
+ goto done;
+ }
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = ensureKeyIsLoaded(hContext, idKey, &keySlot)))
+ goto done;
+
+ offset = 0;
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ActivateIdentity, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, blobSize,
+ blob, idKeyAuth, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ if ((result = tpm_rsp_parse(TPM_ORD_ActivateIdentity, txBlob, paramSize,
+ SymmetricKeySize, SymmetricKey, idKeyAuth, ownerAuth)))
+ goto done;
+ }
+
+done:
+ auth_mgr_release_auth(idKeyAuth, ownerAuth, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCS_GetCredential_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 ulCredentialType, /* in */
+ UINT32 ulCredentialAccessMode, /* in */
+ UINT32 * pulCredentialSize, /* out */
+ BYTE ** prgbCredentialData) /* out */
+{
+ TSS_RESULT result;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((ulCredentialType != TSS_TCS_CREDENTIAL_EKCERT) &&
+ (ulCredentialType != TSS_TCS_CREDENTIAL_TPM_CC) &&
+ (ulCredentialType != TSS_TCS_CREDENTIAL_PLATFORMCERT)) {
+ LogError("GetCredential - Unsupported Credential Type");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if (ulCredentialAccessMode == TSS_TCS_CERT_ACCESS_AUTO) {
+ get_credential(ulCredentialType, pulCredentialSize, prgbCredentialData);
+ } else {
+ LogError("GetCredential - Unsupported Credential Access Mode");
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCSP_MakeIdentity2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_ENCAUTH identityAuth, /* in */
+ TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
+ UINT32 idKeyInfoSize, /* in */
+ BYTE * idKeyInfo, /* in */
+ TPM_AUTH * pSrkAuth, /* in, out */
+ TPM_AUTH * pOwnerAuth, /* in, out */
+ UINT32 * idKeySize, /* out */
+ BYTE ** idKey, /* out */
+ UINT32 * pcIdentityBindingSize, /* out */
+ BYTE ** prgbIdentityBinding) /* out */
+{
+ UINT64 offset;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (pSrkAuth) {
+ if ((result = auth_mgr_check(hContext, &pSrkAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ goto done;
+
+ offset = 0;
+ if ((result = tpm_rqu_build_checked(TPM_ORD_MakeIdentity, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, identityAuth.authdata,
+ IDLabel_PrivCAHash.digest, idKeyInfoSize, idKeyInfo, pSrkAuth,
+ pOwnerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ if ((result = tpm_rsp_parse(TPM_ORD_MakeIdentity, txBlob, paramSize, idKeySize,
+ idKey, pcIdentityBindingSize, prgbIdentityBinding,
+ pSrkAuth, pOwnerAuth)))
+ goto done;
+ }
+ LogResult("Make Identity", result);
+done:
+ auth_mgr_release_auth(pSrkAuth, pOwnerAuth, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_audit.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_audit.c
new file mode 100644
index 0000000..eebe94f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_audit.c
@@ -0,0 +1,159 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_utils.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+
+TSS_RESULT
+TCSP_SetOrdinalAuditStatus_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH *ownerAuth, /* in/out */
+ UINT32 ulOrdinal, /* in */
+ TSS_BOOL bAuditState) /* in */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SetOrdinalAuditStatus, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, ulOrdinal,
+ bAuditState, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ offset = 10;
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_SetOrdinalAuditStatus, txBlob, paramSize, ownerAuth);
+ }
+
+ LogResult("SetOrdinalAuditStatus", result);
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_GetAuditDigest_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 startOrdinal, /* in */
+ TPM_DIGEST *auditDigest, /* out */
+ UINT32 *counterValueSize, /* out */
+ BYTE **counterValue, /* out */
+ TSS_BOOL *more, /* out */
+ UINT32 *ordSize, /* out */
+ UINT32 **ordList) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetAuditDigest, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, startOrdinal, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ if ((result = tpm_rsp_parse(TPM_ORD_GetAuditDigest, txBlob, paramSize, auditDigest,
+ counterValueSize, counterValue, more, ordSize,
+ ordList)))
+ goto done;
+
+ /* ordSize is returned from the TPM as the number of bytes in ordList
+ so ordSize needs to be converted to comply with the TSS spec which
+ returns the number of ordinals contained in ordList */
+ *ordSize = *ordSize / sizeof(UINT32);
+ }
+
+ LogResult("GetAuditDigest", result);
+
+done:
+ return result;
+}
+
+TSS_RESULT
+TCSP_GetAuditDigestSigned_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TSS_BOOL closeAudit, /* in */
+ TPM_NONCE antiReplay, /* in */
+ TPM_AUTH *privAuth, /* in/out */
+ UINT32 *counterValueSize, /* out */
+ BYTE **counterValue, /* out */
+ TPM_DIGEST *auditDigest, /* out */
+ TPM_DIGEST *ordinalDigest, /* out */
+ UINT32 *sigSize, /* out */
+ BYTE **sig) /* out */
+{
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keySlot;
+ UINT64 offset = 0;//, old_offset;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (privAuth != NULL)
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ return result;
+
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetAuditDigestSigned, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot,
+ closeAudit, antiReplay.nonce, privAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_GetAuditDigestSigned, txBlob, paramSize,
+ counterValueSize, counterValue, auditDigest, ordinalDigest,
+ sigSize, sig, privAuth);
+ }
+
+ LogResult("GetAuditDigestSigned", result);
+
+done:
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_auth.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_auth.c
new file mode 100644
index 0000000..a62ee71
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_auth.c
@@ -0,0 +1,111 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_OIAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_AUTHHANDLE *authHandle, /* out */
+ TCPA_NONCE *nonce0) /* out */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering TCSI_OIAP");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_OIAP, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_OIAP, txBlob, paramSize, authHandle, nonce0->nonce);
+ }
+
+ LogResult("OIAP", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_OSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 entityValue, /* in */
+ TCPA_NONCE nonceOddOSAP, /* in */
+ TCS_AUTHHANDLE * authHandle, /* out */
+ TCPA_NONCE * nonceEven, /* out */
+ TCPA_NONCE * nonceEvenOSAP) /* out */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering OSAP");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_OSAP, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, entityType, entityValue,
+ nonceOddOSAP.nonce)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_OSAP, txBlob, paramSize, authHandle,
+ nonceEven->nonce, nonceEvenOSAP->nonce);
+ }
+ LogResult("OSAP", result);
+
+ return result;
+}
+
+TSS_RESULT
+internal_TerminateHandle(TCS_AUTHHANDLE handle)
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Terminate_Handle, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, handle, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ return UnloadBlob_Header(txBlob, ¶mSize);
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_bind.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_bind.c
new file mode 100644
index 0000000..412711c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_bind.c
@@ -0,0 +1,78 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_UnBind_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ UINT32 paramSize;
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering TCSI_UnBind");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (privAuth != NULL) {
+ LogDebug("Auth Used");
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+
+ LogDebugFn("calling ensureKeyIsLoaded for TCS handle 0x%x", keyHandle);
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_UnBind, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, inDataSize, inData,
+ privAuth, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_UnBind, txBlob, paramSize, outDataSize, outData,
+ privAuth, NULL);
+ }
+
+done:
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_caps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_caps.c
new file mode 100644
index 0000000..2d7684f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_caps.c
@@ -0,0 +1,269 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+extern struct tcsd_config tcsd_options;
+
+TSS_RESULT
+internal_TCSGetCap(TCS_CONTEXT_HANDLE hContext,
+ TCPA_CAPABILITY_AREA capArea,
+ UINT32 subCap,
+ UINT32 * respSize, BYTE ** resp)
+{
+ UINT32 u32value = 0;
+ UINT64 offset;
+ TPM_VERSION tcsVersion = INTERNAL_CAP_VERSION;
+ struct tcsd_config *config = &tcsd_options;
+ struct platform_class *platClass;
+ TSS_BOOL bValue = FALSE;
+
+ LogDebug("Checking Software Cap of TCS");
+ switch (capArea) {
+ case TSS_TCSCAP_ALG:
+ LogDebug("TSS_TCSCAP_ALG");
+
+ switch (subCap) {
+ case TSS_ALG_RSA:
+ *respSize = sizeof(TSS_BOOL);
+ bValue = INTERNAL_CAP_TCS_ALG_RSA;
+ break;
+ case TSS_ALG_DES:
+ *respSize = sizeof(TSS_BOOL);
+ bValue = INTERNAL_CAP_TCS_ALG_DES;
+ break;
+ case TSS_ALG_3DES:
+ *respSize = sizeof(TSS_BOOL);
+ bValue = INTERNAL_CAP_TCS_ALG_3DES;
+ break;
+ case TSS_ALG_SHA:
+ *respSize = sizeof(TSS_BOOL);
+ bValue = INTERNAL_CAP_TCS_ALG_SHA;
+ break;
+ case TSS_ALG_AES:
+ *respSize = sizeof(TSS_BOOL);
+ bValue = INTERNAL_CAP_TCS_ALG_AES;
+ break;
+ case TSS_ALG_HMAC:
+ *respSize = sizeof(TSS_BOOL);
+ bValue = INTERNAL_CAP_TCS_ALG_HMAC;
+ break;
+ case TSS_ALG_DEFAULT:
+ *respSize = sizeof(UINT32);
+ u32value = INTERNAL_CAP_TCS_ALG_DEFAULT;
+ break;
+ case TSS_ALG_DEFAULT_SIZE:
+ *respSize = sizeof(UINT32);
+ u32value = INTERNAL_CAP_TCS_ALG_DEFAULT_SIZE;
+ break;
+ default:
+ *respSize = 0;
+ LogDebugFn("Bad subcap");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if ((*resp = malloc(*respSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", *respSize);
+ *respSize = 0;
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ offset = 0;
+ if (*respSize == sizeof(TSS_BOOL))
+ *(TSS_BOOL *)(*resp) = bValue;
+ else
+ *(UINT32 *)(*resp) = u32value;
+ break;
+ case TSS_TCSCAP_VERSION:
+ LogDebug("TSS_TCSCAP_VERSION");
+ if ((*resp = calloc(1, sizeof(TSS_VERSION))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_VERSION));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ offset = 0;
+ LoadBlob_VERSION(&offset, *resp, &tcsVersion);
+ *respSize = sizeof(TSS_VERSION);
+ break;
+ case TSS_TCSCAP_PERSSTORAGE:
+ LogDebug("TSS_TCSCAP_PERSSTORAGE");
+ if ((*resp = malloc(sizeof(TSS_BOOL))) == NULL) {
+ LogError("malloc of %zd byte failed.", sizeof(TSS_BOOL));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ *(TSS_BOOL *)(*resp) = INTERNAL_CAP_TCS_PERSSTORAGE;
+ *respSize = sizeof(TSS_BOOL);
+ break;
+ case TSS_TCSCAP_CACHING:
+ LogDebug("TSS_TCSCAP_CACHING");
+
+ if (subCap == TSS_TCSCAP_PROP_KEYCACHE)
+ bValue = INTERNAL_CAP_TCS_CACHING_KEYCACHE;
+ else if (subCap == TSS_TCSCAP_PROP_AUTHCACHE)
+ bValue = INTERNAL_CAP_TCS_CACHING_AUTHCACHE;
+ else {
+ LogDebugFn("Bad subcap");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if ((*resp = malloc(sizeof(TSS_BOOL))) == NULL) {
+ LogError("malloc of %zd byte failed.", sizeof(TSS_BOOL));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ *respSize = sizeof(TSS_BOOL);
+ *(TSS_BOOL *)(*resp) = bValue;
+ break;
+ case TSS_TCSCAP_MANUFACTURER:
+ if (subCap == TSS_TCSCAP_PROP_MANUFACTURER_ID) {
+ if ((*resp = malloc(sizeof(UINT32))) == NULL) {
+ LogError("malloc of %zd byte failed.", sizeof(UINT32));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ *(UINT32 *)(*resp) = INTERNAL_CAP_MANUFACTURER_ID;
+ *respSize = sizeof(UINT32);
+ } else if (subCap == TSS_TCSCAP_PROP_MANUFACTURER_STR) {
+ BYTE str[] = INTERNAL_CAP_MANUFACTURER_STR;
+
+ if ((*resp = malloc(INTERNAL_CAP_MANUFACTURER_STR_LEN)) == NULL) {
+ LogError("malloc of %d bytes failed.",
+ INTERNAL_CAP_MANUFACTURER_STR_LEN);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(*resp, str, INTERNAL_CAP_MANUFACTURER_STR_LEN);
+ *respSize = INTERNAL_CAP_MANUFACTURER_STR_LEN;
+ } else {
+ LogDebugFn("Bad subcap");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+ break;
+ case TSS_TCSCAP_TRANSPORT:
+ /* A zero value here means the TSP is asking whether we support transport sessions
+ * at all */
+ if (subCap == TSS_TCSCAP_TRANS_EXCLUSIVE || subCap == 0) {
+ *respSize = sizeof(TSS_BOOL);
+ if ((*resp = malloc(sizeof(TSS_BOOL))) == NULL) {
+ LogError("malloc of %zd byte failed.", sizeof(TSS_BOOL));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (subCap == TSS_TCSCAP_TRANS_EXCLUSIVE)
+ *(TSS_BOOL *)(*resp) = config->exclusive_transport ? TRUE : FALSE;
+ else
+ *(TSS_BOOL *)(*resp) = TRUE;
+ } else {
+ LogDebugFn("Bad subcap");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+ break;
+ case TSS_TCSCAP_PLATFORM_CLASS:
+ LogDebug("TSS_TCSCAP_PLATFORM_CLASS");
+
+ switch (subCap) {
+ case TSS_TCSCAP_PROP_HOST_PLATFORM:
+ /* Return the TSS_PLATFORM_CLASS */
+ LogDebugFn("TSS_TCSCAP_PROP_HOST_PLATFORM");
+ platClass = config->host_platform_class;
+ /* Computes the size of host platform structure */
+ *respSize = (2 * sizeof(UINT32)) + platClass->classURISize;
+ *resp = malloc(*respSize);
+ if (*resp == NULL) {
+ LogError("malloc of %u bytes failed.", *respSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memset(*resp, 0, *respSize);
+ offset = 0;
+ LoadBlob_UINT32(&offset, platClass->simpleID, *resp);
+ LoadBlob_UINT32(&offset, platClass->classURISize, *resp);
+ memcpy(&(*resp)[offset], platClass->classURI, platClass->classURISize);
+ LogBlob(*respSize, *resp);
+ break;
+ case TSS_TCSCAP_PROP_ALL_PLATFORMS:
+ /* Return an array of TSS_PLATFORM_CLASSes, when existent */
+ LogDebugFn("TSS_TCSCAP_PROP_ALL_PLATFORMS");
+ *respSize = 0;
+ *resp = NULL;
+ if ((platClass = config->all_platform_classes) != NULL) {
+ /* Computes the size of all Platform Structures */
+ while (platClass != NULL) {
+ *respSize += (2 * sizeof(UINT32)) + platClass->classURISize;
+ platClass = platClass->next;
+ }
+ *resp = malloc(*respSize);
+ if (*resp == NULL) {
+ LogError("malloc of %u bytes failed.", *respSize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memset(*resp, 0, *respSize);
+ offset = 0;
+ /* Concatenates all the structures on the BYTE * resp */
+ platClass = config->all_platform_classes;
+ while (platClass != NULL){
+ LoadBlob_UINT32(&offset, platClass->simpleID, *resp);
+ LoadBlob_UINT32(&offset, platClass->classURISize, *resp);
+ memcpy(&(*resp)[offset], platClass->classURI,
+ platClass->classURISize);
+ offset += platClass->classURISize;
+ platClass = platClass->next;
+ }
+ LogBlob(*respSize, *resp);
+ }
+ break;
+ default:
+ LogDebugFn("Bad subcap");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+ break;
+ default:
+ LogDebugFn("Bad cap area");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_GetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp /* out */
+ )
+{
+ TSS_RESULT result;
+ UINT32 ulSubCap;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (subCapSize == sizeof(UINT32))
+ ulSubCap = *(UINT32 *)subCap;
+ else if (subCapSize == 0)
+ ulSubCap = 0;
+ else
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ return internal_TCSGetCap(hContext, capArea, ulSubCap, respSize, resp);
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_caps_tpm.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_caps_tpm.c
new file mode 100644
index 0000000..b15b091
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_caps_tpm.c
@@ -0,0 +1,136 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_GetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Get Cap");
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetCapability, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, capArea, subCapSize,
+ subCap, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_GetCapability, txBlob, paramSize, respSize, resp,
+ NULL, NULL);
+ }
+ LogResult("Get Cap", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_GetCapabilityOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * pOwnerAuth, /* in / out */
+ TCPA_VERSION * pVersion, /* out */
+ UINT32 * pNonVolatileFlags, /* out */
+ UINT32 * pVolatileFlags) /* out */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Getcap owner");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetCapabilityOwner, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, pOwnerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_GetCapabilityOwner, txBlob, paramSize, pVersion,
+ pNonVolatileFlags, pVolatileFlags, pOwnerAuth);
+ }
+
+ LogResult("GetCapowner", result);
+done:
+ auth_mgr_release_auth(pOwnerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_SetCapability_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 valueSize, /* in */
+ BYTE * value, /* in */
+ TPM_AUTH * pOwnerAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((pOwnerAuth != NULL) &&
+ (result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SetCapability, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, capArea, subCapSize,
+ subCap, valueSize, value, pOwnerAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_SetCapability, txBlob, paramSize, pOwnerAuth);
+ }
+
+done:
+ auth_mgr_release_auth(pOwnerAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_certify.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_certify.c
new file mode 100644
index 0000000..b3994d3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_certify.c
@@ -0,0 +1,90 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_CertifyKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE certHandle, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TPM_AUTH * certAuth, /* in, out */
+ TPM_AUTH * keyAuth, /* in, out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE certKeySlot, keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Certify Key");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (certAuth != NULL) {
+ LogDebug("Auth Used for Cert signing key");
+ if ((result = auth_mgr_check(hContext, &certAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth used for Cert signing key");
+ }
+
+ if (keyAuth != NULL) {
+ LogDebug("Auth Used for Key being signed");
+ if ((result = auth_mgr_check(hContext, &keyAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth used for Key being signed");
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, certHandle, &certKeySlot)))
+ goto done;
+
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CertifyKey, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, certKeySlot, keySlot,
+ antiReplay.nonce, certAuth, keyAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CertifyKey, txBlob, paramSize, CertifyInfoSize,
+ CertifyInfo, outDataSize, outData, certAuth, keyAuth);
+ }
+ LogResult("Certify Key", result);
+done:
+ auth_mgr_release_auth(certAuth, keyAuth, hContext);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_changeauth.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_changeauth.c
new file mode 100644
index 0000000..cccbf80
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_changeauth.c
@@ -0,0 +1,374 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_ChangeAuth_Internal(TCS_CONTEXT_HANDLE contextHandle, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE *encData, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ TPM_AUTH *entityAuth, /* in, out */
+ UINT32 *outDataSize, /* out */
+ BYTE **outData /* out */
+ )
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keySlot;
+ TCS_KEY_HANDLE tcsKeyHandleToEvict;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Changeauth");
+ if ((result = ctx_verify_context(contextHandle)))
+ goto done;
+
+ if ((result = auth_mgr_check(contextHandle, &ownerAuth->AuthHandle)))
+ goto done;
+ if ((result = auth_mgr_check(contextHandle, &entityAuth->AuthHandle)))
+ goto done;
+
+ if ((result = ensureKeyIsLoaded(contextHandle, parentHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ChangeAuth, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, protocolID,
+ newAuth.authdata, entityType, encDataSize, encData, ownerAuth,
+ entityAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ChangeAuth, txBlob, paramSize, outDataSize, outData,
+ ownerAuth, entityAuth);
+
+ /* if the malloc above failed, terminate the 2 new auth handles and exit */
+ if (result)
+ goto done;
+
+ /*
+ * Check if ET is a key. If it is, we need to
+ * 1 - Evict the key if loaded
+ * 2 - update the mem cache entry
+ */
+ if (entityType == TCPA_ET_KEYHANDLE || entityType == TCPA_ET_KEY) {
+ LogDebug("entity type is a key. Check if mem cache needs updating...");
+ tcsKeyHandleToEvict = mc_get_handle_by_encdata(encData);
+ LogDebug("tcsKeyHandle being evicted is %.8X", tcsKeyHandleToEvict);
+ /*--- If it was found in knowledge, replace it */
+ if (tcsKeyHandleToEvict != 0) {
+ internal_EvictByKeySlot(keySlot);
+ mc_update_encdata(encData, *outData);
+ }
+
+ }
+ }
+ LogResult("ChangeAuth", result);
+done:
+ auth_mgr_release_auth(ownerAuth, entityAuth, contextHandle);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ChangeAuthOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ )
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering ChangeAuthOwner");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ChangeAuthOwner, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, protocolID,
+ newAuth.authdata, entityType, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ChangeAuthOwner, txBlob, paramSize, ownerAuth);
+ }
+
+ LogResult("ChangeAuthOwner", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ChangeAuthAsymStart_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE idHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 KeySizeIn, /* in */
+ BYTE * KeyDataIn, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ UINT32 * KeySizeOut, /* out */
+ BYTE ** KeyDataOut, /* out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig, /* out */
+ TCS_KEY_HANDLE * ephHandle /* out */
+ )
+{
+#if 0
+#warning Locking trouble in evictFirstKey
+ UINT64 offset;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ UINT32 keySlot;
+ TCPA_CERTIFY_INFO certifyInfo;
+ TSS_KEY tempKey;
+ UINT32 tempSize;
+ TCPA_KEY_PARMS keyParmsContainer;
+ TSS_BOOL canLoad;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering ChangeAuthAsymStart");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (pAuth != NULL) {
+ LogDebug("Auth Command");
+ if ((result = auth_mgr_check(hContext, pAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, idHandle, &keySlot)))
+ goto done;
+
+ LogDebug("Checking for room to load the eph key");
+ offset = 0;
+ if ((result = UnloadBlob_KEY_PARMS(&offset, KeyDataIn, &keyParmsContainer)))
+ goto done;
+
+ /* if we can't load the key, evict keys until we can */
+ if ((result = canILoadThisKey(&keyParmsContainer, &canLoad)))
+ goto done;
+
+ while (canLoad == FALSE) {
+ /* Evict a key that isn't the parent */
+ if ((result = evictFirstKey(idHandle)))
+ goto done;
+
+ if ((result = canILoadThisKey(&keyParmsContainer, &canLoad)))
+ goto done;
+ }
+
+ offset = 10;
+ LoadBlob_UINT32(&offset, keySlot, txBlob);
+ LoadBlob(&offset, TCPA_NONCE_SIZE, txBlob, antiReplay.nonce);
+/* LoadBlob_KEY_PARMS( &offset, txBlob, &tempKeyParms ); */
+/* LoadBlob_UINT32( &offset, KeySizeIn, txBlob ); */
+ LoadBlob(&offset, KeySizeIn, txBlob, KeyDataIn);
+
+ if (pAuth != NULL) {
+ LoadBlob_Auth(&offset, txBlob, pAuth);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, offset,
+ TPM_ORD_ChangeAuthAsymStart, txBlob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset,
+ TPM_ORD_ChangeAuthAsymStart, txBlob);
+ }
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ offset = 10;
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (result == 0) {
+ UnloadBlob_CERTIFY_INFO(&offset, txBlob, &certifyInfo);
+ *CertifyInfoSize = offset - 10;
+ *CertifyInfo = malloc(*CertifyInfoSize);
+ if (*CertifyInfo == NULL) {
+ LogError("malloc of %u bytes failed.", *CertifyInfoSize);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*CertifyInfo, &txBlob[offset - *CertifyInfoSize],
+ *CertifyInfoSize);
+ UnloadBlob_UINT32(&offset, sigSize, txBlob);
+ *sig = malloc(*sigSize);
+ if (*sig == NULL) {
+ LogError("malloc of %u bytes failed.", *sigSize);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ UnloadBlob(&offset, *sigSize, txBlob, *sig);
+ UnloadBlob_UINT32(&offset, ephHandle, txBlob);
+ tempSize = offset;
+ UnloadBlob_TSS_KEY(&offset, txBlob, &tempKey);
+ *KeySizeOut = offset - tempSize;
+ *KeyDataOut = malloc(*KeySizeOut);
+ if (*KeyDataOut == NULL) {
+ LogError("malloc of %u bytes failed.", *KeySizeOut);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*KeyDataOut, &txBlob[offset - *KeySizeOut], *KeySizeOut);
+ if (pAuth != NULL)
+ UnloadBlob_Auth(&offset, txBlob, pAuth);
+ }
+
+ LogResult("ChangeAuthAsymStart", result);
+done:
+ auth_mgr_release_auth(pAuth, NULL, hContext);
+ return result;
+#else
+ return TCSERR(TSS_E_NOTIMPL);
+#endif
+}
+
+TSS_RESULT
+TCSP_ChangeAuthAsymFinish_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCS_KEY_HANDLE ephHandle, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TCPA_HMAC newAuthLink, /* in */
+ UINT32 newAuthSize, /* in */
+ BYTE * encNewAuth, /* in */
+ UINT32 encDataSizeIn, /* in */
+ BYTE * encDataIn, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * encDataSizeOut, /* out */
+ BYTE ** encDataOut, /* out */
+ TCPA_SALT_NONCE * saltNonce, /* out */
+ TCPA_DIGEST * changeProof /* out */
+ )
+{
+#if 0
+ UINT64 offset;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ UINT32 keySlot;
+#if 0
+ TCPA_CERTIFY_INFO certifyInfo;
+ TSS_KEY tempKey;
+ UINT32 tempSize;
+ TSS_UUID *uuidKeyToEvict;
+#endif
+ TCS_KEY_HANDLE tcsKeyHandleToEvict;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering ChangeAuthAsymFinish");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (ownerAuth != NULL) {
+ LogDebug("Auth used");
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+ if ((result = ensureKeyIsLoaded(hContext, parentHandle, &keySlot)))
+ goto done;
+
+ offset = 10;
+ LoadBlob_UINT32(&offset, keySlot, txBlob);
+ LoadBlob_UINT32(&offset, ephHandle, txBlob);
+ LoadBlob_UINT16(&offset, entityType, txBlob);
+ LoadBlob(&offset, 20, txBlob, newAuthLink.digest);
+ LoadBlob_UINT32(&offset, newAuthSize, txBlob);
+ LoadBlob(&offset, newAuthSize, txBlob, encNewAuth);
+ LoadBlob_UINT32(&offset, encDataSizeIn, txBlob);
+ LoadBlob(&offset, encDataSizeIn, txBlob, encDataIn);
+
+ if (ownerAuth != NULL) {
+ LoadBlob_Auth(&offset, txBlob, ownerAuth);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, offset,
+ TPM_ORD_ChangeAuthAsymFinish, txBlob);
+ } else {
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset,
+ TPM_ORD_ChangeAuthAsymFinish, txBlob);
+ }
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ offset = 10;
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ UnloadBlob_UINT32(&offset, encDataSizeOut, txBlob);
+ *encDataOut = calloc(1, *encDataSizeOut);
+ if (*encDataOut == NULL) {
+ LogError("malloc of %u bytes failed.", *encDataSizeOut);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ UnloadBlob(&offset, *encDataSizeOut, txBlob, *encDataOut);
+ UnloadBlob(&offset, 20, txBlob, saltNonce->nonce);
+ UnloadBlob(&offset, 20, txBlob, changeProof->digest);
+ if (ownerAuth != NULL)
+ UnloadBlob_Auth(&offset, txBlob, ownerAuth);
+
+ /* Check if ET is a key. If it is, we need to
+ * 1 - Evict the key if loaded
+ * 2 - update the mem cache entry
+ */
+ if (entityType == TCPA_ET_KEYHANDLE ||
+ entityType == TCPA_ET_KEY) {
+ tcsKeyHandleToEvict = mc_get_handle_by_encdata(encDataIn);
+ /* If it was found in mem cache, replace it */
+ if (tcsKeyHandleToEvict != 0) {
+ key_mgr_evict(hContext, tcsKeyHandleToEvict);
+ mc_update_encdata(encDataIn, *encDataOut);
+ }
+ }
+ }
+
+ LogResult("ChangeAuthAsymFinish", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+#else
+ return TCSERR(TSS_E_NOTIMPL);
+#endif
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_cmk.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_cmk.c
new file mode 100644
index 0000000..ca93363
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_cmk.c
@@ -0,0 +1,326 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_utils.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+
+TSS_RESULT
+TCSP_CMK_SetRestrictions_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_CMK_DELEGATE Restriction, /* in */
+ TPM_AUTH* ownerAuth) /* in */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CMK_SetRestrictions, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ Restriction, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CMK_SetRestrictions, txBlob, paramSize,
+ ownerAuth);
+ }
+
+ LogResult("CMK_SetRestrictions", result);
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_CMK_ApproveMA_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_DIGEST migAuthorityDigest, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ TPM_HMAC* HmacMigAuthDigest) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CMK_ApproveMA, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ &migAuthorityDigest, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CMK_ApproveMA, txBlob, paramSize,
+ HmacMigAuthDigest, ownerAuth);
+ }
+
+ LogResult("CMK_SetRestrictions", result);
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_CMK_CreateKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hWrappingKey, /* in */
+ TPM_ENCAUTH KeyUsageAuth, /* in */
+ TPM_HMAC MigAuthApproval, /* in */
+ TPM_DIGEST MigAuthorityDigest, /* in */
+ UINT32* keyDataSize, /* in, out */
+ BYTE** prgbKeyData, /* in, out */
+ TPM_AUTH* pAuth) /* in, out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ UINT32 parentSlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext))) {
+ free(*prgbKeyData);
+ return result;
+ }
+
+ if ((result = get_slot(hContext, hWrappingKey, &parentSlot))) {
+ free(*prgbKeyData);
+ return result;
+ }
+
+ if (pAuth) {
+ if ((result = auth_mgr_check(hContext, &pAuth->AuthHandle))) {
+ free(*prgbKeyData);
+ return result;
+ }
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CMK_CreateKey, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ parentSlot, &KeyUsageAuth, *keyDataSize, *prgbKeyData,
+ &MigAuthApproval, &MigAuthorityDigest, pAuth))) {
+ free(*prgbKeyData);
+ goto done;
+ }
+ free(*prgbKeyData);
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CMK_CreateKey, txBlob, paramSize,
+ keyDataSize, prgbKeyData, pAuth);
+ }
+
+ LogResult("CMK_SetRestrictions", result);
+
+done:
+ auth_mgr_release_auth(pAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_CMK_CreateTicket_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 PublicVerifyKeySize, /* in */
+ BYTE* PublicVerifyKey, /* in */
+ TPM_DIGEST SignedData, /* in */
+ UINT32 SigValueSize, /* in */
+ BYTE* SigValue, /* in */
+ TPM_AUTH* pOwnerAuth, /* in, out */
+ TPM_HMAC* SigTicket) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CMK_CreateTicket, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ PublicVerifyKeySize, PublicVerifyKey, &SignedData,
+ SigValueSize, SigValue, pOwnerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CMK_CreateTicket, txBlob, paramSize,
+ SigTicket, pOwnerAuth);
+ }
+
+ LogResult("CMK_SetRestrictions", result);
+
+done:
+ auth_mgr_release_auth(pOwnerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_CMK_CreateBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TSS_MIGRATE_SCHEME migrationType, /* in */
+ UINT32 MigrationKeyAuthSize, /* in */
+ BYTE* MigrationKeyAuth, /* in */
+ TPM_DIGEST PubSourceKeyDigest, /* in */
+ UINT32 msaListSize, /* in */
+ BYTE* msaList, /* in */
+ UINT32 restrictTicketSize, /* in */
+ BYTE* restrictTicket, /* in */
+ UINT32 sigTicketSize, /* in */
+ BYTE* sigTicket, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE* encData, /* in */
+ TPM_AUTH* parentAuth, /* in, out */
+ UINT32* randomSize, /* out */
+ BYTE** random, /* out */
+ UINT32* outDataSize, /* out */
+ BYTE** outData) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ UINT32 parentSlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = get_slot(hContext, parentHandle, &parentSlot)))
+ return result;
+
+ if (parentAuth) {
+ if ((result = auth_mgr_check(hContext, &parentAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CMK_CreateBlob, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ parentSlot, migrationType, MigrationKeyAuthSize,
+ MigrationKeyAuth, &PubSourceKeyDigest, msaListSize, msaList,
+ restrictTicketSize, restrictTicket, sigTicketSize, sigTicket,
+ encDataSize, encData, parentAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CMK_CreateBlob, txBlob, paramSize,
+ randomSize, random, outDataSize, outData, parentAuth, NULL);
+ }
+
+ LogResult("CMK_SetRestrictions", result);
+
+done:
+ auth_mgr_release_auth(parentAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_CMK_ConvertMigration_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TPM_CMK_AUTH restrictTicket, /* in */
+ TPM_HMAC sigTicket, /* in */
+ UINT32 keyDataSize, /* in */
+ BYTE* prgbKeyData, /* in */
+ UINT32 msaListSize, /* in */
+ BYTE* msaList, /* in */
+ UINT32 randomSize, /* in */
+ BYTE* random, /* in */
+ TPM_AUTH* parentAuth, /* in, out */
+ UINT32* outDataSize, /* out */
+ BYTE** outData) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ UINT32 parentSlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = get_slot(hContext, parentHandle, &parentSlot)))
+ return result;
+
+ if (parentAuth) {
+ if ((result = auth_mgr_check(hContext, &parentAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CMK_ConvertMigration, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ parentSlot, &restrictTicket, &sigTicket,
+ keyDataSize, prgbKeyData, msaListSize, msaList,
+ randomSize, random, parentAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CMK_ConvertMigration, txBlob, paramSize,
+ outDataSize, outData, parentAuth, NULL);
+ }
+
+ LogResult("CMK_SetRestrictions", result);
+
+done:
+ auth_mgr_release_auth(parentAuth, NULL, hContext);
+
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_context.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_context.c
new file mode 100644
index 0000000..d6fe606
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_context.c
@@ -0,0 +1,62 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+
+
+TSS_RESULT
+TCS_OpenContext_Internal(TCS_CONTEXT_HANDLE * hContext) /* out */
+{
+ *hContext = make_context();
+ if (*hContext == 0)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_CloseContext_Internal(TCS_CONTEXT_HANDLE hContext) /* in */
+{
+ TSS_RESULT result;
+
+ LogDebug("Closing context %.8X", hContext);
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ destroy_context(hContext);
+
+ /* close all auth handles associated with hContext */
+ auth_mgr_close_context(hContext);
+
+ KEY_MGR_ref_count();
+
+ LogDebug("Context %.8X closed", hContext);
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_FreeMemory_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ BYTE *pMemory) /* in */
+{
+ free(pMemory);
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_counter.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_counter.c
new file mode 100644
index 0000000..b5a8a82
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_counter.c
@@ -0,0 +1,212 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+
+
+TSS_RESULT
+TCSP_ReadCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_COUNTER_VALUE* counterValue)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ReadCounter, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, idCounter, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto out;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("TPM_ReadCounter failed: rc=0x%x", result);
+ goto out;
+ }
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ReadCounter, txBlob, paramSize, NULL, counterValue,
+ NULL);
+ }
+
+out:
+ return result;
+}
+
+TSS_RESULT
+TCSP_CreateCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ UINT32 LabelSize,
+ BYTE* pLabel,
+ TPM_ENCAUTH CounterAuth,
+ TPM_AUTH* pOwnerAuth,
+ TSS_COUNTER_ID* idCounter,
+ TPM_COUNTER_VALUE* counterValue)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if (LabelSize != 4) {
+ LogDebugFn("BAD_PARAMETER: LabelSize != 4");
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CreateCounter, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, CounterAuth.authdata,
+ LabelSize, pLabel, pOwnerAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto out;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("TPM_CreateCounter failed: rc=0x%x", result);
+ goto out;
+ }
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CreateCounter, txBlob, paramSize, idCounter,
+ counterValue, pOwnerAuth);
+ }
+
+out:
+ return result;
+}
+
+TSS_RESULT
+TCSP_IncrementCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_AUTH* pCounterAuth,
+ TPM_COUNTER_VALUE* counterValue)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &pCounterAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_IncrementCounter, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, idCounter,
+ pCounterAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto out;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto out;
+ }
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_IncrementCounter, txBlob, paramSize, NULL,
+ counterValue, pCounterAuth);
+ }
+out:
+ return result;
+}
+
+TSS_RESULT
+TCSP_ReleaseCounter_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_AUTH* pCounterAuth)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &pCounterAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ReleaseCounter, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, idCounter,
+ pCounterAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto out;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto out;
+ }
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ReleaseCounter, txBlob, paramSize, pCounterAuth);
+ }
+out:
+ return result;
+}
+
+TSS_RESULT
+TCSP_ReleaseCounterOwner_Internal(TCS_CONTEXT_HANDLE hContext,
+ TSS_COUNTER_ID idCounter,
+ TPM_AUTH* pOwnerAuth)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ReleaseCounterOwner, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, idCounter,
+ pOwnerAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto out;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto out;
+ }
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ReleaseCounterOwner, txBlob, paramSize, pOwnerAuth);
+ }
+out:
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_daa.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_daa.c
new file mode 100644
index 0000000..8f66360
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_daa.c
@@ -0,0 +1,192 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_DaaJoin_internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_HANDLE handle, /* in */
+ BYTE stage, /* in */
+ UINT32 inputSize0, /* in */
+ BYTE *inputData0, /* in */
+ UINT32 inputSize1, /* in */
+ BYTE *inputData1, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 *outputSize, /* out */
+ BYTE **outputData) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ( (result = ctx_verify_context(hContext)) != TSS_SUCCESS)
+ return result;
+ if( (result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)) != TSS_SUCCESS)
+ goto done;
+
+#if 0
+ offset = 10;
+ LoadBlob_UINT32( &offset, handle, txBlob);
+ LogDebug("load BYTE: stage: %x", stage);
+ LoadBlob( &offset, sizeof(BYTE), txBlob, &stage);
+
+ LogDebug("load UNIT32: inputSize0: %x (oldOffset=%" PRIu64 ")", inputSize0, offset);
+ LoadBlob_UINT32(&offset, inputSize0, txBlob);
+ LogDebug("load Data: inputData0: %X (oldOffset=%" PRIu64 ")", (int)inputData0, offset);
+ LoadBlob(&offset, inputSize0, txBlob, inputData0);
+ LogDebug("load UINT32: inputSize1:%x (oldOffset=%" PRIu64 ")", inputSize1, offset);
+ LoadBlob_UINT32(&offset, inputSize1, txBlob);
+ if( inputSize1>0) {
+ LogDebug("load Data: inputData1: %X (oldOffset=%" PRIu64 ")", (int)inputData1, offset);
+ LoadBlob(&offset, inputSize1, txBlob, inputData1);
+ }
+ LogDebug("load Auth: ownerAuth: %X (oldOffset=%" PRIu64 ")", (int)ownerAuth, offset);
+ LoadBlob_Auth(&offset, txBlob, ownerAuth);
+
+ LogDebug("load Header: ordinal: %X (oldOffset=%" PRIu64 ")", TPM_ORD_DAA_Join, offset);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, offset, TPM_ORD_DAA_Join, txBlob);
+#else
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DAA_Join, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, handle, stage, inputSize0,
+ inputData0, inputSize1, inputData1, ownerAuth)))
+ goto done;
+#endif
+
+ LogDebug("req_mgr_submit_req (oldOffset=%" PRIu64 ")", offset);
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogDebug("UnloadBlob (paramSize=%d) result=%d", paramSize, result);
+ if (!result) {
+#if 0
+ offset = 10;
+ UnloadBlob_UINT32( &offset, outputSize, txBlob);
+ LogDebug("Unload outputSize=%d", *outputSize);
+ *outputData = malloc(*outputSize);
+ if( *outputData == NULL) {
+ LogError("malloc of %u bytes failed.", *outputSize);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ LogDebug("Unload outputData");
+ UnloadBlob( &offset, *outputSize, txBlob, *outputData);
+ LogDebug("Unload Auth");
+ UnloadBlob_Auth(&offset, txBlob, ownerAuth);
+#else
+ result = tpm_rsp_parse(TPM_ORD_DAA_Join, txBlob, paramSize, outputSize, outputData,
+ ownerAuth);
+#endif
+ }
+done:
+ LogDebug("Leaving DaaJoin with result:%d", result);
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT TCSP_DaaSign_internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_HANDLE handle, /* in */
+ BYTE stage, /* in */
+ UINT32 inputSize0, /* in */
+ BYTE *inputData0, /* in */
+ UINT32 inputSize1, /* in */
+ BYTE *inputData1, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 *outputSize, /* out */
+ BYTE **outputData) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ( (result = ctx_verify_context(hContext)) != TSS_SUCCESS)
+ return result;
+
+ if( (result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)) != TSS_SUCCESS)
+ goto done;
+
+#if 0
+ offset = 10;
+ LoadBlob_UINT32( &offset, handle, txBlob);
+ LogDebug("load BYTE: stage: %x", stage);
+ LoadBlob( &offset, sizeof(BYTE), txBlob, &stage);
+
+ LogDebug("load UNIT32: inputSize0: %x (oldOffset=%" PRIu64 ")", inputSize0, offset);
+ LoadBlob_UINT32(&offset, inputSize0, txBlob);
+ LogDebug("load Data: inputData0: %X (oldOffset=%" PRIu64 ")", (int)inputData0, offset);
+ LoadBlob(&offset, inputSize0, txBlob, inputData0);
+ LogDebug("load UINT32: inputSize1:%x (oldOffset=%" PRIu64 ")", inputSize1, offset);
+ LoadBlob_UINT32(&offset, inputSize1, txBlob);
+ if( inputSize1>0) {
+ LogDebug("load Data: inputData1: %X (oldOffset=%" PRIu64 ")", (int)inputData1, offset);
+ LoadBlob(&offset, inputSize1, txBlob, inputData1);
+ }
+ LogDebug("load Auth: ownerAuth: %X (oldOffset=%" PRIu64 ")", (int)ownerAuth, offset);
+ LoadBlob_Auth(&offset, txBlob, ownerAuth);
+
+ LogDebug("load Header: ordinal: %X (oldOffset=%" PRIu64 ")", TPM_ORD_DAA_Sign, offset);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, offset, TPM_ORD_DAA_Sign, txBlob);
+#else
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DAA_Sign, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, handle, stage, inputSize0,
+ inputData0, inputSize1, inputData1, ownerAuth)))
+ goto done;
+#endif
+
+ LogDebug("req_mgr_submit_req (oldOffset=%" PRIu64 ")", offset);
+ if ((result = req_mgr_submit_req(txBlob))) goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogDebug("UnloadBlob (paramSize=%d) result=%d", paramSize, result);
+ if (!result) {
+#if 0
+ offset = 10;
+ UnloadBlob_UINT32( &offset, outputSize, txBlob);
+ LogDebug("Unload outputSize=%d", *outputSize);
+ *outputData = malloc(*outputSize);
+ if( *outputData == NULL) {
+ LogError("malloc of %u bytes failed.", *outputSize);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ LogDebug("Unload outputData");
+ UnloadBlob(&offset, *outputSize, txBlob, *outputData);
+ LogDebug("Unload Auth");
+ UnloadBlob_Auth(&offset, txBlob, ownerAuth);
+#else
+ result = tpm_rsp_parse(TPM_ORD_DAA_Sign, txBlob, paramSize, outputSize, outputData,
+ ownerAuth);
+#endif
+ }
+done:
+ LogDebug("Leaving DaaSign with result:%d", result);
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_delegate.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_delegate.c
new file mode 100644
index 0000000..f45a5d1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_delegate.c
@@ -0,0 +1,367 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_utils.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+
+TSS_RESULT
+TCSP_Delegate_Manage_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_FAMILY_ID familyID, /* in */
+ TPM_FAMILY_OPERATION opFlag, /* in */
+ UINT32 opDataSize, /* in */
+ BYTE *opData, /* in */
+ TPM_AUTH *ownerAuth, /* in/out */
+ UINT32 *retDataSize, /* out */
+ BYTE **retData) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (ownerAuth) {
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Delegate_Manage, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, familyID, opFlag,
+ opDataSize, opData, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Delegate_Manage, txBlob, paramSize, retDataSize,
+ retData, ownerAuth, NULL);
+ }
+
+ LogResult("Delegate_Manage", result);
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_Delegate_CreateKeyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ UINT32 publicInfoSize, /* in */
+ BYTE *publicInfo, /* in */
+ TPM_ENCAUTH *encDelAuth, /* in */
+ TPM_AUTH *keyAuth, /* in, out */
+ UINT32 *blobSize, /* out */
+ BYTE **blob) /* out */
+{
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keySlot;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (keyAuth) {
+ if ((result = auth_mgr_check(hContext, &keyAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, hKey, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Delegate_CreateKeyDelegation, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot,
+ publicInfoSize, publicInfo, encDelAuth, keyAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Delegate_CreateKeyDelegation, txBlob, paramSize,
+ blobSize, blob, keyAuth, NULL);
+ }
+
+ LogResult("Delegate_CreateKeyDelegation", result);
+
+done:
+ auth_mgr_release_auth(keyAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_Delegate_CreateOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL increment, /* in */
+ UINT32 publicInfoSize, /* in */
+ BYTE *publicInfo, /* in */
+ TPM_ENCAUTH *encDelAuth, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ UINT32 *blobSize, /* out */
+ BYTE **blob) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (ownerAuth) {
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Delegate_CreateOwnerDelegation, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ increment, publicInfoSize, publicInfo, encDelAuth, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Delegate_CreateOwnerDelegation, txBlob, paramSize,
+ blobSize, blob, ownerAuth, NULL);
+ }
+
+ LogResult("Delegate_CreateOwnerDelegation", result);
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_Delegate_LoadOwnerDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_DELEGATE_INDEX index, /* in */
+ UINT32 blobSize, /* in */
+ BYTE *blob, /* in */
+ TPM_AUTH *ownerAuth) /* in, out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (ownerAuth) {
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Delegate_LoadOwnerDelegation, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, index,
+ blobSize, blob, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Delegate_LoadOwnerDelegation, txBlob, paramSize,
+ ownerAuth);
+ }
+
+ LogResult("Delegate_LoadOwnerDelegation", result);
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_Delegate_ReadTable_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 *familyTableSize, /* out */
+ BYTE **familyTable, /* out */
+ UINT32 *delegateTableSize, /* out */
+ BYTE **delegateTable) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Delegate_ReadTable, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Delegate_ReadTable, txBlob, paramSize,
+ familyTableSize, familyTable, delegateTableSize,
+ delegateTable, NULL, NULL);
+ }
+
+ LogResult("Delegate_ReadTable", result);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_Delegate_UpdateVerificationCount_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 inputSize, /* in */
+ BYTE *input, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ UINT32 *outputSize, /* out */
+ BYTE **output) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (ownerAuth) {
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Delegate_UpdateVerification, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, inputSize,
+ inputSize, input, ownerAuth, NULL)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Delegate_UpdateVerification, txBlob, paramSize,
+ outputSize, output, ownerAuth, NULL);
+ }
+
+ LogResult("Delegate_UpdateVerificationCount", result);
+
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_Delegate_VerifyDelegation_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 delegateSize, /* in */
+ BYTE *delegate) /* in */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Delegate_VerifyDelegation, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ delegateSize, delegateSize, delegate, NULL, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ LogResult("Delegate_VerifyDelegation", result);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_DSAP_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_ENTITY_TYPE entityType, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TPM_NONCE *nonceOddDSAP, /* in */
+ UINT32 entityValueSize, /* in */
+ BYTE *entityValue, /* in */
+ TCS_AUTHHANDLE *authHandle, /* out */
+ TPM_NONCE *nonceEven, /* out */
+ TPM_NONCE *nonceEvenDSAP) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TPM_KEY_HANDLE tpmKeyHandle = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (entityType != TPM_ET_DEL_OWNER_BLOB &&
+ ensureKeyIsLoaded(hContext, keyHandle, &tpmKeyHandle))
+ return TCSERR(TSS_E_KEY_NOT_LOADED);
+
+ /* are the maximum number of auth sessions open? */
+ if (auth_mgr_req_new(hContext) == FALSE) {
+ if ((result = auth_mgr_swap_out(hContext)))
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DSAP, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, entityType, tpmKeyHandle,
+ nonceOddDSAP, entityValueSize, entityValue)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ if ((result = tpm_rsp_parse(TPM_ORD_DSAP, txBlob, paramSize, authHandle,
+ nonceEven->nonce, nonceEvenDSAP->nonce)))
+ goto done;
+
+ /* success, add an entry to the table */
+ result = auth_mgr_add(hContext, *authHandle);
+ }
+done:
+ LogResult("DSAP", result);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_dir.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_dir.c
new file mode 100644
index 0000000..a754b9a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_dir.c
@@ -0,0 +1,103 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+TCSP_DirWriteAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_DIRINDEX dirIndex, /* in */
+ TCPA_DIRVALUE newContents, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering dirwriteauth");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if (dirIndex > tpm_metrics.num_dirs) {
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DirWriteAuth, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, dirIndex,
+ TPM_DIGEST_SIZE, newContents.digest, ownerAuth, NULL)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_DirWriteAuth, txBlob, paramSize, ownerAuth);
+ }
+ LogResult("DirWriteAuth", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_DirRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_DIRINDEX dirIndex, /* in */
+ TCPA_DIRVALUE * dirValue) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering DirRead");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (dirValue == NULL)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if (dirIndex > tpm_metrics.num_dirs)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DirRead, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, dirIndex, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_DirRead, txBlob, paramSize, NULL, dirValue->digest);
+ }
+ LogResult("DirRead", result);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_ek.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_ek.c
new file mode 100644
index 0000000..11f6f9d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_ek.c
@@ -0,0 +1,226 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+TCSP_CreateEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 endorsementKeyInfoSize, /* in */
+ BYTE * endorsementKeyInfo, /* in */
+ UINT32 * endorsementKeySize, /* out */
+ BYTE ** endorsementKey, /* out */
+ TCPA_DIGEST * checksum) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CreateEndorsementKeyPair, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ antiReplay.nonce, endorsementKeyInfoSize,
+ endorsementKeyInfo)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CreateEndorsementKeyPair, txBlob, paramSize,
+ endorsementKeySize, endorsementKey, checksum->digest);
+ }
+ LogDebug("Leaving CreateEKPair with result: 0x%x", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 * pubEndorsementKeySize, /* out */
+ BYTE ** pubEndorsementKey, /* out */
+ TCPA_DIGEST * checksum) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ReadPubek, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, TPM_NONCE_SIZE,
+ antiReplay.nonce)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ReadPubek, txBlob, paramSize, pubEndorsementKeySize,
+ pubEndorsementKey, checksum->digest);
+ }
+ LogDebugFn("result: 0x%x", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_DisablePubekRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("DisablePubekRead");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_DisablePubekRead, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_DisablePubekRead, txBlob, paramSize, ownerAuth);
+ }
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_OwnerReadPubek_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * pubEndorsementKeySize, /* out */
+ BYTE ** pubEndorsementKey) /* out */
+{
+ UINT32 paramSize;
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering OwnerReadPubek");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_OwnerReadPubek, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_OwnerReadPubek, txBlob, paramSize,
+ pubEndorsementKeySize, pubEndorsementKey, ownerAuth);
+ }
+ LogResult("Owner Read Pubek", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_CreateRevocableEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_NONCE antiReplay, /* in */
+ UINT32 endorsementKeyInfoSize, /* in */
+ BYTE * endorsementKeyInfo, /* in */
+ TSS_BOOL genResetAuth, /* in */
+ TPM_DIGEST * eKResetAuth, /* in, out */
+ UINT32 * endorsementKeySize, /* out */
+ BYTE ** endorsementKey, /* out */
+ TPM_DIGEST * checksum) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CreateRevocableEK, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ antiReplay.nonce, endorsementKeyInfoSize,
+ endorsementKeyInfo, genResetAuth, eKResetAuth->digest)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CreateRevocableEK, txBlob, paramSize,
+ endorsementKeySize, endorsementKey, checksum->digest,
+ eKResetAuth->digest);
+ }
+
+ LogDebug("Leaving CreateRevocableEKPair with result: 0x%x", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_RevokeEndorsementKeyPair_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_DIGEST EKResetAuth) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_RevokeTrust, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, EKResetAuth.digest)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ LogDebug("Leaving RevokeEKPair with result: 0x%x", result);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_evlog.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_evlog.c
new file mode 100644
index 0000000..0aff2bd
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_evlog.c
@@ -0,0 +1,395 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <limits.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcslog.h"
+#include "tcsem.h"
+
+
+TSS_RESULT
+TCS_LogPcrEvent_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_PCR_EVENT Event, /* in */
+ UINT32 *pNumber) /* out */
+{
+ TSS_RESULT result;
+
+ if((result = ctx_verify_context(hContext)))
+ return result;
+
+ if(Event.ulPcrIndex >= tpm_metrics.num_pcrs)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if (tcsd_options.kernel_pcrs & (1 << Event.ulPcrIndex)) {
+ LogInfo("PCR %d is configured to be kernel controlled. Event logging denied.",
+ Event.ulPcrIndex);
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ if (tcsd_options.firmware_pcrs & (1 << Event.ulPcrIndex)) {
+ LogInfo("PCR %d is configured to be firmware controlled. Event logging denied.",
+ Event.ulPcrIndex);
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ return event_log_add(&Event, pNumber);
+}
+
+/* This routine will handle creating the TSS_PCR_EVENT structures from log
+ * data produced by an external source. The external source in mind here
+ * is the log of PCR extends done by the kernel from beneath the TSS
+ * (via direct calls to the device driver).
+ */
+TSS_RESULT
+TCS_GetExternalPcrEvent(UINT32 PcrIndex, /* in */
+ UINT32 *pNumber, /* in, out */
+ TSS_PCR_EVENT **ppEvent) /* out */
+{
+ FILE *log_handle;
+ char *source;
+
+ if (tcsd_options.kernel_pcrs & (1 << PcrIndex)) {
+ source = tcsd_options.kernel_log_file;
+
+ if (tcs_event_log->kernel_source != NULL) {
+ if (tcs_event_log->kernel_source->open((void *)source,
+ (FILE **) &log_handle))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (tcs_event_log->kernel_source->get_entry(log_handle, PcrIndex,
+ pNumber, ppEvent)) {
+ tcs_event_log->kernel_source->close(log_handle);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ tcs_event_log->kernel_source->close(log_handle);
+ } else {
+ LogError("No source for externel kernel events was compiled in, but "
+ "the tcsd is configured to use one! (see %s)",
+ tcsd_config_file);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else if (tcsd_options.firmware_pcrs & (1 << PcrIndex)) {
+ source = tcsd_options.firmware_log_file;
+
+ if (tcs_event_log->firmware_source != NULL) {
+ if (tcs_event_log->firmware_source->open((void *)source, &log_handle))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (tcs_event_log->firmware_source->get_entry(log_handle, PcrIndex,
+ pNumber, ppEvent)) {
+ tcs_event_log->firmware_source->close(log_handle);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ tcs_event_log->firmware_source->close(log_handle);
+ } else {
+ LogError("No source for externel firmware events was compiled in, but "
+ "the tcsd is configured to use one! (see %s)",
+ tcsd_config_file);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else {
+ LogError("PCR index %d not flagged as kernel or firmware controlled.", PcrIndex);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_GetPcrEvent_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 PcrIndex, /* in */
+ UINT32 *pNumber, /* in, out */
+ TSS_PCR_EVENT **ppEvent) /* out */
+{
+ TSS_RESULT result;
+ TSS_PCR_EVENT *event;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if(PcrIndex >= tpm_metrics.num_pcrs)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ /* if this is a kernel or firmware controlled PCR, call an external routine */
+ if ((tcsd_options.kernel_pcrs & (1 << PcrIndex)) ||
+ (tcsd_options.firmware_pcrs & (1 << PcrIndex))) {
+ MUTEX_LOCK(tcs_event_log->lock);
+ result = TCS_GetExternalPcrEvent(PcrIndex, pNumber, ppEvent);
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ return result;
+ }
+
+ if (ppEvent == NULL) {
+ MUTEX_LOCK(tcs_event_log->lock);
+
+ *pNumber = get_num_events(PcrIndex);
+
+ MUTEX_UNLOCK(tcs_event_log->lock);
+ } else {
+ *ppEvent = calloc(1, sizeof(TSS_PCR_EVENT));
+ if (*ppEvent == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_PCR_EVENT));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ event = get_pcr_event(PcrIndex, *pNumber);
+ if (event == NULL) {
+ free(*ppEvent);
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if ((result = copy_pcr_event(*ppEvent, event))) {
+ free(*ppEvent);
+ return result;
+ }
+ }
+
+ return TSS_SUCCESS;
+}
+
+/* This routine will handle creating the TSS_PCR_EVENT structures from log
+ * data produced by an external source. The external source in mind here
+ * is the log of PCR extends done by the kernel from beneath the TSS
+ * (via direct calls to the device driver).
+ */
+TSS_RESULT
+TCS_GetExternalPcrEventsByPcr(UINT32 PcrIndex, /* in */
+ UINT32 FirstEvent, /* in */
+ UINT32 *pEventCount, /* in, out */
+ TSS_PCR_EVENT **ppEvents) /* out */
+{
+ FILE *log_handle;
+ char *source;
+
+ if (tcsd_options.kernel_pcrs & (1 << PcrIndex)) {
+ source = tcsd_options.kernel_log_file;
+
+ if (tcs_event_log->kernel_source != NULL) {
+ if (tcs_event_log->kernel_source->open((void *)source, &log_handle))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (tcs_event_log->kernel_source->get_entries_by_pcr(log_handle, PcrIndex,
+ FirstEvent, pEventCount, ppEvents)) {
+ tcs_event_log->kernel_source->close(log_handle);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ tcs_event_log->kernel_source->close(log_handle);
+ } else {
+ LogError("No source for externel kernel events was compiled in, but "
+ "the tcsd is configured to use one! (see %s)",
+ tcsd_config_file);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else if (tcsd_options.firmware_pcrs & (1 << PcrIndex)) {
+ source = tcsd_options.firmware_log_file;
+
+ if (tcs_event_log->firmware_source != NULL) {
+ if (tcs_event_log->firmware_source->open((void *)source, &log_handle))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+
+ if (tcs_event_log->firmware_source->get_entries_by_pcr(log_handle, PcrIndex,
+ FirstEvent, pEventCount, ppEvents)) {
+ tcs_event_log->firmware_source->close(log_handle);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ tcs_event_log->firmware_source->close(log_handle);
+ } else {
+ LogError("No source for externel firmware events was compiled in, but "
+ "the tcsd is configured to use one! (see %s)",
+ tcsd_config_file);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else {
+ LogError("PCR index %d not flagged as kernel or firmware controlled.", PcrIndex);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_GetPcrEventsByPcr_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 PcrIndex, /* in */
+ UINT32 FirstEvent, /* in */
+ UINT32 *pEventCount, /* in, out */
+ TSS_PCR_EVENT **ppEvents) /* out */
+{
+ UINT32 lastEventNumber, i, eventIndex;
+ TSS_RESULT result;
+ struct event_wrapper *tmp;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (PcrIndex >= tpm_metrics.num_pcrs)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if (*pEventCount == 0) {
+ *ppEvents = NULL;
+ return TSS_SUCCESS;
+ }
+
+ /* if this is a kernel or firmware controlled PCR, call an external routine */
+ if ((tcsd_options.kernel_pcrs & (1 << PcrIndex)) ||
+ (tcsd_options.firmware_pcrs & (1 << PcrIndex))) {
+ MUTEX_LOCK(tcs_event_log->lock);
+ result = TCS_GetExternalPcrEventsByPcr(PcrIndex, FirstEvent,
+ pEventCount, ppEvents);
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ return result;
+ }
+
+ MUTEX_LOCK(tcs_event_log->lock);
+
+ lastEventNumber = get_num_events(PcrIndex);
+
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ /* if pEventCount is larger than the number of events to return, just return less.
+ * *pEventCount will be set to the number returned below. First, check for overflow.
+ */
+ if ((FirstEvent + *pEventCount) >= FirstEvent &&
+ (FirstEvent + *pEventCount) >= *pEventCount)
+ lastEventNumber = MIN(lastEventNumber, FirstEvent + *pEventCount);
+
+ if (FirstEvent > lastEventNumber)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if (lastEventNumber == 0) {
+ *pEventCount = 0;
+ *ppEvents = NULL;
+ return TSS_SUCCESS;
+ }
+
+ /* FirstEvent is 0 indexed see TSS 1.1b spec section 4.7.2.2.3. That means that
+ * the following calculation is not off by one. :-)
+ */
+ *ppEvents = calloc((lastEventNumber - FirstEvent), sizeof(TSS_PCR_EVENT));
+ if (*ppEvents == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(TSS_PCR_EVENT) * (lastEventNumber - FirstEvent));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ MUTEX_LOCK(tcs_event_log->lock);
+
+ tmp = tcs_event_log->lists[PcrIndex];
+
+ /* move through the list until we get to the first event requested */
+ for (i = 0; i < FirstEvent; i++)
+ tmp = tmp->next;
+
+ /* copy events from the first requested to the last requested */
+ for (eventIndex = 0; i < lastEventNumber; eventIndex++, i++) {
+ copy_pcr_event(&((*ppEvents)[eventIndex]), &(tmp->event));
+ tmp = tmp->next;
+ }
+
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ *pEventCount = eventIndex;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_GetPcrEventLog_Internal(TCS_CONTEXT_HANDLE hContext,/* in */
+ UINT32 *pEventCount, /* out */
+ TSS_PCR_EVENT **ppEvents) /* out */
+{
+ TSS_RESULT result;
+ UINT32 i, j, event_count, aggregate_count = 0;
+ struct event_wrapper *tmp;
+ TSS_PCR_EVENT *event_list = NULL, *aggregate_list = NULL;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ MUTEX_LOCK(tcs_event_log->lock);
+
+ /* for each PCR index, if its externally controlled, get the total number of events
+ * externally, else copy the events from the TCSD list. Then tack that list onto a
+ * comprehensive list to returned. */
+ for (i = 0; i < tpm_metrics.num_pcrs; i++) {
+ if ((tcsd_options.kernel_pcrs & (1 << i)) ||
+ (tcsd_options.firmware_pcrs & (1 << i))) {
+ /* A kernel or firmware controlled PCR event list */
+ event_count = UINT_MAX;
+ if ((result = TCS_GetExternalPcrEventsByPcr(i, 0, &event_count,
+ &event_list))) {
+ LogDebug("Getting External event list for PCR %u failed", i);
+ free(aggregate_list);
+ goto error;
+ }
+ LogDebug("Retrieved %u events from PCR %u (external)", event_count, i);
+ } else {
+ /* A TCSD controlled PCR event list */
+ event_count = get_num_events(i);
+
+ if (event_count == 0)
+ continue;
+
+ if ((event_list = calloc(event_count, sizeof(TSS_PCR_EVENT))) == NULL) {
+ LogError("malloc of %zd bytes failed",
+ event_count * sizeof(TSS_PCR_EVENT));
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ free(aggregate_list);
+ goto error;
+ }
+
+ tmp = tcs_event_log->lists[i];
+ for (j = 0; j < event_count; j++) {
+ copy_pcr_event(&event_list[j], &(tmp->event));
+ tmp = tmp->next;
+ }
+ }
+
+ if (event_count == 0)
+ continue;
+
+ /* Tack the list onto the aggregate_list */
+ aggregate_list = concat_pcr_events(&aggregate_list, aggregate_count, event_list,
+ event_count);
+ if (aggregate_list == NULL) {
+ free(event_list);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto error;
+ }
+ aggregate_count += event_count;
+ free(event_list);
+ }
+
+ *ppEvents = aggregate_list;
+ *pEventCount = aggregate_count;
+ result = TSS_SUCCESS;
+error:
+ MUTEX_UNLOCK(tcs_event_log->lock);
+
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_key.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_key.c
new file mode 100644
index 0000000..7d7a26a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_key.c
@@ -0,0 +1,391 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+
+
+TSS_RESULT
+TCSP_LoadKeyByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hUnwrappingKey, /* in */
+ UINT32 cWrappedKeyBlobSize, /* in */
+ BYTE * rgbWrappedKeyBlob, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI, /* out */
+ TCS_KEY_HANDLE * phKeyHMAC) /* out */
+{
+ return LoadKeyByBlob_Internal(TPM_ORD_LoadKey, hContext, hUnwrappingKey,
+ cWrappedKeyBlobSize, rgbWrappedKeyBlob, pAuth, phKeyTCSI,
+ phKeyHMAC);
+}
+
+TSS_RESULT
+TCSP_LoadKey2ByBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hUnwrappingKey, /* in */
+ UINT32 cWrappedKeyBlobSize, /* in */
+ BYTE * rgbWrappedKeyBlob, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI) /* out */
+{
+ return LoadKeyByBlob_Internal(TPM_ORD_LoadKey2, hContext, hUnwrappingKey,
+ cWrappedKeyBlobSize, rgbWrappedKeyBlob, pAuth, phKeyTCSI,
+ NULL);
+}
+
+TSS_RESULT
+LoadKeyByBlob_Internal(UINT32 ord, /* The ordinal to use, LoadKey or LoadKey2 */
+ TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hUnwrappingKey, /* in */
+ UINT32 cWrappedKeyBlobSize, /* in */
+ BYTE * rgbWrappedKeyBlob, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI, /* out */
+ TCS_KEY_HANDLE * phKeyHMAC) /* out */
+{
+ UINT64 offset;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ TPM_KEY_HANDLE parentSlot, newSlot;
+ TCS_KEY_HANDLE newHandle = NULL_TCS_HANDLE;
+ TSS_BOOL canLoad;
+ TSS_KEY key;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ LogDebugFn("Enter");
+ LogDebugUnrollKey(rgbWrappedKeyBlob);
+
+ if ((result = get_slot(hContext, hUnwrappingKey, &parentSlot)))
+ return result;
+
+ offset = 0;
+ memset(&key, 0, sizeof(TSS_KEY));
+ if ((result = UnloadBlob_TSS_KEY(&offset, rgbWrappedKeyBlob, &key)))
+ return result;
+
+ if (!pAuth) {
+ LogDebugFn("Checking if LoadKeyByBlob can be avoided by using existing key");
+
+ if ((newHandle = mc_get_handle_by_pub(&key.pubKey, hUnwrappingKey))) {
+ LogDebugFn("tcs key handle exists");
+
+ newSlot = mc_get_slot_by_handle(newHandle);
+ if (newSlot && (isKeyLoaded(newSlot) == TRUE)) {
+ LogDebugFn("Don't need to reload this key.");
+ *phKeyTCSI = newHandle;
+ if (phKeyHMAC)
+ *phKeyHMAC = newSlot;
+ return TSS_SUCCESS;
+ }
+ }
+ }
+
+ LogDebugFn("calling canILoadThisKey");
+ if ((result = canILoadThisKey(&(key.algorithmParms), &canLoad)))
+ goto error;
+
+ while (canLoad == FALSE) {
+ LogDebugFn("calling evictFirstKey");
+ /* Evict a key that isn't the parent */
+ if ((result = evictFirstKey(hUnwrappingKey)))
+ goto error;
+ LogDebugFn("calling canILoadThisKey again");
+ if ((result = canILoadThisKey(&(key.algorithmParms), &canLoad)))
+ goto error;
+ }
+
+ offset = 0;
+ if ((result = tpm_rqu_build(ord, &offset, txBlob, parentSlot, cWrappedKeyBlobSize,
+ rgbWrappedKeyBlob, pAuth, NULL)))
+ goto error;
+
+ LogDebugFn("Submitting request to the TPM");
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto error;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto error;
+ }
+
+ if ((result = tpm_rsp_parse(ord, txBlob, paramSize, &newSlot, pAuth)))
+ goto error;
+
+ if ((result = load_key_final(hContext, hUnwrappingKey, &newHandle, rgbWrappedKeyBlob,
+ newSlot)))
+ goto error;
+
+ /* Setup the outHandles */
+ *phKeyTCSI = newHandle;
+ if (phKeyHMAC)
+ *phKeyHMAC = newSlot;
+
+ LogDebugFn("Key handles for loadKeyByBlob slot:%.8X tcshandle:%.8X", newSlot, newHandle);
+error:
+ auth_mgr_release_auth(pAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_EvictKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey) /* in */
+{
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE tpm_handle;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ tpm_handle = mc_get_slot_by_handle(hKey);
+ if (tpm_handle == NULL_TPM_HANDLE)
+ return TSS_SUCCESS; /*let's call this success if the key is already evicted */
+
+ if ((result = internal_EvictByKeySlot(tpm_handle)))
+ return result;
+
+ result = mc_set_slot_by_slot(tpm_handle, NULL_TPM_HANDLE);
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_CreateWrapKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hWrappingKey, /* in */
+ TCPA_ENCAUTH KeyUsageAuth, /* in */
+ TCPA_ENCAUTH KeyMigrationAuth, /* in */
+ UINT32 keyInfoSize, /* in */
+ BYTE * keyInfo, /* in */
+ UINT32 * keyDataSize, /* out */
+ BYTE ** keyData, /* out */
+ TPM_AUTH * pAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE parentSlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Create Wrap Key");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (pAuth) {
+ if ((result = auth_mgr_check(hContext, &pAuth->AuthHandle)))
+ goto done;
+ }
+
+ /* Since hWrappingKey must already be loaded, we can fail immediately if
+ * mc_get_slot_by_handle_lock() fails.*/
+ parentSlot = mc_get_slot_by_handle_lock(hWrappingKey);
+ if (parentSlot == NULL_TPM_HANDLE) {
+ result = TCSERR(TSS_E_FAIL);
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CreateWrapKey, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, parentSlot,
+ KeyUsageAuth.authdata, KeyMigrationAuth.authdata, keyInfoSize,
+ keyInfo, pAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CreateWrapKey, txBlob, paramSize, keyDataSize,
+ keyData, pAuth);
+ }
+ LogResult("Create Wrap Key", result);
+
+done:
+ auth_mgr_release_auth(pAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_GetPubKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ UINT32 * pcPubKeySize, /* out */
+ BYTE ** prgbPubKey) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Get pub key");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (pAuth != NULL) {
+ LogDebug("Auth Used");
+ if ((result = auth_mgr_check(hContext, &pAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+
+ if (ensureKeyIsLoaded(hContext, hKey, &keySlot)) {
+ result = TCSERR(TCS_E_KM_LOADFAILED);
+ goto done;
+ }
+
+ LogDebug("GetPubKey: handle: 0x%x, slot: 0x%x", hKey, keySlot);
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetPubKey, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, pAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ offset = 10;
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_GetPubKey, txBlob, paramSize, pcPubKeySize,
+ prgbPubKey, pAuth);
+ }
+ LogResult("Get Public Key", result);
+done:
+ auth_mgr_release_auth(pAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_OwnerReadInternalPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_AUTH * pOwnerAuth, /* in, out */
+ UINT32 * punPubKeySize, /* out */
+ BYTE ** ppbPubKeyData) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering OwnerReadInternalPub");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ LogDebug("OwnerReadInternalPub: handle: 0x%x", hKey);
+ if (hKey != TPM_KH_SRK && hKey != TPM_KH_EK) {
+ result = TCSERR(TSS_E_FAIL);
+ LogDebug("OwnerReadInternalPub - Unsupported Key Handle");
+ goto done;
+ }
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_OwnerReadInternalPub, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, hKey,
+ pOwnerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_OwnerReadInternalPub, txBlob, paramSize,
+ punPubKeySize, ppbPubKeyData, pOwnerAuth);
+ }
+ LogResult("OwnerReadInternalPub", result);
+done:
+ auth_mgr_release_auth(pOwnerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_KeyControlOwner_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hTcsKey, /* in */
+ UINT32 ulPubKeyLength, /* in */
+ BYTE* rgbPubKey, /* in */
+ UINT32 attribName, /* in */
+ TSS_BOOL attribValue, /* in */
+ TPM_AUTH* pOwnerAuth, /* in,out */
+ TSS_UUID* pUuidData) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TPM_KEY_HANDLE hTpmKey;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ((result = ctx_verify_context(hContext))) {
+ LogDebug("Invalid TSS Context");
+ goto done;
+ }
+
+ if ((result = get_slot_lite(hContext, hTcsKey, &hTpmKey))) {
+ LogDebug("Can't get TPM Keyhandle for TCS key 0x%x", hTcsKey);
+ goto done;
+ }
+ LogDebugFn("TCS hKey=0x%x, TPM hKey=0x%x", hTcsKey, hTpmKey);
+
+ if ((result = auth_mgr_check(hContext, &pOwnerAuth->AuthHandle))) {
+ LogDebug("Owner Authentication failed");
+ goto done;
+ }
+
+ if ((result = mc_find_next_ownerevict_uuid(pUuidData))) {
+ LogDebugFn("mc_find_next_ownerevict_uuid failed: rc=0x%x", result);
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_KeyControlOwner, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, hTpmKey,
+ ulPubKeyLength, rgbPubKey, attribName, attribValue,
+ pOwnerAuth))) {
+ LogDebugFn("rqu build failed");
+ goto done;
+ }
+
+ if ((result = req_mgr_submit_req(txBlob))) {
+ LogDebugFn("Request submission failed");
+ goto done;
+ }
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto done;
+ }
+
+ if ((result = tpm_rsp_parse(TPM_ORD_KeyControlOwner, txBlob, paramSize, pOwnerAuth))) {
+ LogDebugFn("tpm_rsp_parse failed: rc=0x%x", result);
+ goto done;
+ }
+
+ if ((result = mc_set_uuid(hTcsKey, pUuidData))){
+ LogDebugFn("mc_set_uuid failed: rc=0x%x", result);
+ goto done;
+ }
+
+ LogResult("KeyControlOwner", result);
+done:
+ auth_mgr_release_auth(pOwnerAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_maint.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_maint.c
new file mode 100644
index 0000000..e213e22
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_maint.c
@@ -0,0 +1,197 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+TCSP_CreateMaintenanceArchive_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_BOOL generateRandom, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * randomSize, /* out */
+ BYTE ** random, /* out */
+ UINT32 * archiveSize, /* out */
+ BYTE ** archive) /* out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Create Main Archive");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CreateMaintenanceArchive, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ generateRandom, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CreateMaintenanceArchive, txBlob, paramSize,
+ randomSize, random, archiveSize, archive, ownerAuth);
+ }
+ LogResult("Create Main Archive", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_LoadMaintenanceArchive_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 dataInSize, /* in */
+ BYTE * dataIn, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * dataOutSize, /* out */
+ BYTE ** dataOut) /* out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Load Maint Archive");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_LoadMaintenanceArchive, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, dataInSize,
+ dataInSize, dataIn, ownerAuth, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_LoadMaintenanceArchive, txBlob, paramSize,
+ dataOutSize, dataOut, ownerAuth, NULL);
+ }
+ LogResult("Load Maint Archive", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_KillMaintenanceFeature_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_KillMaintenanceFeature, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, ownerAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_KillMaintenanceFeature, txBlob, paramSize,
+ ownerAuth);
+ }
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_LoadManuMaintPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 PubKeySize, /* in */
+ BYTE * PubKey, /* in */
+ TCPA_DIGEST * checksum) /* out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Load Manu Maint Pub");
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_LoadManuMaintPub, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, TPM_NONCE_SIZE,
+ antiReplay.nonce, PubKeySize, PubKey, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_LoadManuMaintPub, txBlob, paramSize, NULL,
+ checksum->digest);
+ }
+ LogResult("Load Manu Maint Pub", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ReadManuMaintPub_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TCPA_DIGEST * checksum) /* out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Read Manu Maint Pub");
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ReadManuMaintPub, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, TPM_NONCE_SIZE,
+ antiReplay.nonce)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ReadManuMaintPub, txBlob, paramSize, NULL,
+ checksum->digest);
+ }
+ LogResult("Read Manu Maint Pub", result);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_migration.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_migration.c
new file mode 100644
index 0000000..975097e
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_migration.c
@@ -0,0 +1,217 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+TCSP_CreateMigrationBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TSS_MIGRATE_SCHEME migrationType, /* in */
+ UINT32 MigrationKeyAuthSize, /* in */
+ BYTE * MigrationKeyAuth, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE * encData, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ TPM_AUTH * entityAuth, /* in, out */
+ UINT32 * randomSize, /* out */
+ BYTE ** random, /* out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keyHandle;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering TPM_CreateMigrationBlob");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (parentAuth != NULL) {
+ if ((result = auth_mgr_check(hContext, &parentAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = auth_mgr_check(hContext, &entityAuth->AuthHandle)))
+ goto done;
+
+ if ((result = ensureKeyIsLoaded(hContext, parentHandle, &keyHandle)))
+ goto done;
+
+ switch (migrationType) {
+ case TSS_MS_MIGRATE:
+ migrationType = TCPA_MS_MIGRATE;
+ break;
+ case TSS_MS_REWRAP:
+ migrationType = TCPA_MS_REWRAP;
+ break;
+ case TSS_MS_MAINT:
+ migrationType = TCPA_MS_MAINT;
+ break;
+ default:
+ /* Let the TPM return an error */
+ break;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CreateMigrationBlob, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keyHandle,
+ migrationType, MigrationKeyAuthSize, MigrationKeyAuth,
+ encDataSize, encData, parentAuth, entityAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (result == TSS_SUCCESS) {
+ result = tpm_rsp_parse(TPM_ORD_CreateMigrationBlob, txBlob, paramSize, randomSize,
+ random, outDataSize, outData, parentAuth, entityAuth);
+ }
+ LogResult("TPM_CreateMigrationBlob", result);
+
+done:
+ auth_mgr_release_auth(entityAuth, parentAuth, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ConvertMigrationBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ UINT32 randomSize, /* in */
+ BYTE * random, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("ConvertMigBlob");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (parentAuth != NULL) {
+ LogDebug("Auth Used");
+ if ((result = auth_mgr_check(hContext, &parentAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+ if ((result = ensureKeyIsLoaded(hContext, parentHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ConvertMigrationBlob, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot,
+ inDataSize, inData, randomSize, random, parentAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ offset = 10;
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_ConvertMigrationBlob, txBlob, paramSize, outDataSize,
+ outData, parentAuth, NULL);
+ }
+ LogResult("***Leaving ConvertMigrationBlob with result ", result);
+done:
+ auth_mgr_release_auth(parentAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_AuthorizeMigrationKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_MIGRATE_SCHEME migrateScheme, /* in */
+ UINT32 MigrationKeySize, /* in */
+ BYTE * MigrationKey, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * MigrationKeyAuthSize, /* out */
+ BYTE ** MigrationKeyAuth) /* out */
+{
+
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ //TCPA_MIGRATIONKEYAUTH container;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("TCSP_AuthorizeMigrationKey");
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ switch (migrateScheme) {
+ case TSS_MS_MIGRATE:
+ migrateScheme = TCPA_MS_MIGRATE;
+ break;
+ case TSS_MS_REWRAP:
+ migrateScheme = TCPA_MS_REWRAP;
+ break;
+ case TSS_MS_MAINT:
+ migrateScheme = TCPA_MS_MAINT;
+ break;
+#ifdef TSS_BUILD_CMK
+ case TSS_MS_RESTRICT_MIGRATE:
+ migrateScheme = TPM_MS_RESTRICT_MIGRATE;
+ break;
+
+ case TSS_MS_RESTRICT_APPROVE_DOUBLE:
+ migrateScheme = TPM_MS_RESTRICT_APPROVE_DOUBLE;
+ break;
+#endif
+ default:
+ /* Let the TPM return an error */
+ break;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_AuthorizeMigrationKey, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, migrateScheme,
+ MigrationKeySize, MigrationKey, ownerAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_AuthorizeMigrationKey, txBlob, paramSize,
+ MigrationKeyAuthSize, MigrationKeyAuth, ownerAuth);
+ }
+ LogDebugFn("TPM_AuthorizeMigrationKey result: 0x%x", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_nv.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_nv.c
new file mode 100644
index 0000000..b5a8401
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_nv.c
@@ -0,0 +1,227 @@
+
+/*
+ * The Initial Developer of the Original Code is Intel Corporation.
+ * Portions created by Intel Corporation are Copyright (C) 2007 Intel Corporation.
+ * All Rights Reserved.
+ * trousers - An open source TCG Software Stack
+ *
+ * Author: [email protected] [email protected]
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+TCSP_NV_DefineOrReleaseSpace_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 cPubInfoSize, /* in */
+ BYTE* pPubInfo, /* in */
+ TPM_ENCAUTH encAuth, /* in */
+ TPM_AUTH* pAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (pAuth) {
+ if ((result = auth_mgr_check(hContext, &pAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_NV_DefineSpace, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, cPubInfoSize, pPubInfo,
+ TPM_ENCAUTH_SIZE, encAuth.authdata, pAuth)))
+ return result;
+
+ LogDebug("req_mgr_submit_req (oldOffset=%" PRIu64 ")", offset);
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogDebug("UnloadBlob (paramSize=%u) result=%u", paramSize, result);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_NV_DefineSpace, txBlob, paramSize, pAuth);
+ }
+done:
+ LogDebug("Leaving DefineSpace with result:%u", result);
+ auth_mgr_release_auth(pAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_NV_WriteValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 ulDataLength, /* in */
+ BYTE * rgbDataToWrite, /* in */
+ TPM_AUTH * privAuth) /* in, out */
+{
+ UINT64 off_set = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ( (result = ctx_verify_context(hContext)))
+ return result;
+ if (privAuth) {
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_NV_WriteValue, &off_set, TSS_TPM_TXBLOB_SIZE, txBlob, hNVStore, offset,
+ ulDataLength, rgbDataToWrite, privAuth)))
+ return result;
+
+ LogDebug("req_mgr_submit_req (oldOffset=%" PRIu64 ")", off_set);
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogDebug("UnloadBlob (paramSize=%u) result=%u", paramSize, result);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_NV_WriteValue, txBlob, paramSize, privAuth);
+ }
+done:
+ LogDebug("Leaving NVWriteValue with result:%u", result);
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_NV_WriteValueAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 ulDataLength, /* in */
+ BYTE * rgbDataToWrite, /* in */
+ TPM_AUTH * NVAuth) /* in, out */
+{
+ UINT64 off_set = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+ if ((result = auth_mgr_check(hContext, &NVAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_NV_WriteValueAuth, &off_set, TSS_TPM_TXBLOB_SIZE, txBlob, hNVStore, offset,
+ ulDataLength, rgbDataToWrite, NVAuth)))
+ return result;
+
+ LogDebug("req_mgr_submit_req (oldOffset=%" PRIu64 ")", off_set);
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogDebug("UnloadBlob (paramSize=%u) result=%u", paramSize, result);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_NV_WriteValueAuth, txBlob, paramSize, NVAuth);
+ }
+done:
+ LogDebug("Leaving NVWriteValueAuth with result:%u", result);
+ auth_mgr_release_auth(NVAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_NV_ReadValue_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 * pulDataLength, /* in, out */
+ TPM_AUTH * privAuth, /* in, out */
+ BYTE ** rgbDataRead) /* out */
+{
+ UINT64 off_set = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (privAuth) {
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_NV_ReadValue, &off_set, TSS_TPM_TXBLOB_SIZE, txBlob, hNVStore, offset,
+ *pulDataLength, privAuth)))
+ return result;
+
+ LogDebug("req_mgr_submit_req (oldOffset=%" PRIu64 ")", off_set);
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogDebug("UnloadBlob (paramSize=%u) result=%u", paramSize, result);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_NV_ReadValue, txBlob, paramSize, pulDataLength,
+ rgbDataRead, privAuth, NULL);
+ }
+done:
+ LogDebug("Leaving NVReadValue with result:%u", result);
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_NV_ReadValueAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 * pulDataLength, /* in, out */
+ TPM_AUTH * NVAuth, /* in, out */
+ BYTE ** rgbDataRead) /* out */
+{
+ UINT64 off_set = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+ if ((NVAuth != NULL) && (result = auth_mgr_check(hContext, &NVAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_NV_ReadValueAuth, &off_set, TSS_TPM_TXBLOB_SIZE, txBlob, hNVStore, offset,
+ *pulDataLength, NVAuth)))
+ return result;
+
+ LogDebug("req_mgr_submit_req (oldOffset=%" PRIu64 ")", off_set);
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogDebug("UnloadBlob (paramSize=%u) result=%u", paramSize, result);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_NV_ReadValueAuth, txBlob, paramSize, pulDataLength,
+ rgbDataRead, NVAuth, NULL);
+ }
+done:
+ LogDebug("Leaving NVReadValueAuth with result:%u", result);
+ auth_mgr_release_auth(NVAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_oper.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_oper.c
new file mode 100644
index 0000000..7f0434c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_oper.c
@@ -0,0 +1,49 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_utils.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+
+TSS_RESULT
+TCSP_SetOperatorAuth_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_SECRET *operatorAuth) /* in */
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebugFn("Enter");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SetOperatorAuth, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, TPM_AUTHDATA_SIZE,
+ operatorAuth->authdata)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ LogResult("SetOperatorAuth", result);
+done:
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_own.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_own.c
new file mode 100644
index 0000000..6b4a2d1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_own.c
@@ -0,0 +1,188 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+
+#define FAKE_PUBKEY_SIZE 256
+#define FAKE_SRK_SIZE 1024
+
+TSS_RESULT
+TCSP_TakeOwnership_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT16 protocolID, /* in */
+ UINT32 encOwnerAuthSize, /* in */
+ BYTE * encOwnerAuth, /* in */
+ UINT32 encSrkAuthSize, /* in */
+ BYTE * encSrkAuth, /* in */
+ UINT32 srkInfoSize, /*in */
+ BYTE * srkInfo, /*in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * srkKeySize, /*out */
+ BYTE ** srkKey) /*out */
+{
+ UINT64 offset;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TSS_KEY srkKeyContainer;
+ BYTE fake_pubkey[FAKE_PUBKEY_SIZE] = { 0, };
+ BYTE fake_srk[FAKE_SRK_SIZE] = { 0, };
+ BYTE oldAuthDataUsage;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ /* Check on the Atmel Bug Patch */
+ offset = 0;
+ UnloadBlob_TSS_KEY(&offset, srkInfo, &srkKeyContainer);
+ oldAuthDataUsage = srkKeyContainer.authDataUsage;
+ LogDebug("auth data usage is %.2X", oldAuthDataUsage);
+
+ offset = 0;
+ if ((result = tpm_rqu_build_checked(TPM_ORD_TakeOwnership, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, protocolID,
+ encOwnerAuthSize, encOwnerAuth, encSrkAuthSize, encSrkAuth,
+ srkInfoSize, srkInfo, ownerAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ if ((result = tpm_rsp_parse(TPM_ORD_TakeOwnership, txBlob, paramSize, srkKeySize,
+ srkKey, ownerAuth)))
+ goto done;
+
+ offset = 0;
+ if ((result = UnloadBlob_TSS_KEY(&offset, *srkKey, &srkKeyContainer))) {
+ *srkKeySize = 0;
+ free(*srkKey);
+ goto done;
+ }
+
+ if (srkKeyContainer.authDataUsage != oldAuthDataUsage) {
+ LogDebug("AuthDataUsage was changed by TPM. Atmel Bug. Fixing it in PS");
+ srkKeyContainer.authDataUsage = oldAuthDataUsage;
+ }
+
+#ifdef TSS_BUILD_PS
+ {
+ BYTE *save;
+
+ /* Once the key file is created, it stays forever. There could be
+ * migratable keys in the hierarchy that are still useful to someone.
+ */
+ result = ps_remove_key(&SRK_UUID);
+ if (result != TSS_SUCCESS && result != TCSERR(TSS_E_PS_KEY_NOTFOUND)) {
+ destroy_key_refs(&srkKeyContainer);
+ LogError("Error removing SRK from key file.");
+ *srkKeySize = 0;
+ free(*srkKey);
+ goto done;
+ }
+
+ /* Set the SRK pubkey to all 0's before writing the SRK to disk, this is for
+ * privacy reasons as outlined in the TSS spec */
+ save = srkKeyContainer.pubKey.key;
+ if (srkKeyContainer.pubKey.keyLength > FAKE_PUBKEY_SIZE) {
+ destroy_key_refs(&srkKeyContainer);
+ *srkKeySize = 0;
+ free(*srkKey);
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ srkKeyContainer.pubKey.key = fake_pubkey;
+ offset = 0;
+ LoadBlob_TSS_KEY(&offset, NULL, &srkKeyContainer);
+ if (offset > FAKE_SRK_SIZE) {
+ destroy_key_refs(&srkKeyContainer);
+ *srkKeySize = 0;
+ free(*srkKey);
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ offset = 0;
+ LoadBlob_TSS_KEY(&offset, fake_srk, &srkKeyContainer);
+
+ if ((result = ps_write_key(&SRK_UUID, &NULL_UUID, NULL, 0, fake_srk,
+ offset))) {
+ destroy_key_refs(&srkKeyContainer);
+ LogError("Error writing SRK to disk");
+ *srkKeySize = 0;
+ free(*srkKey);
+ goto done;
+ }
+
+ srkKeyContainer.pubKey.key = save;
+ }
+#endif
+ if ((result = mc_add_entry_init(SRK_TPM_HANDLE, SRK_TPM_HANDLE, &srkKeyContainer,
+ &SRK_UUID))) {
+ destroy_key_refs(&srkKeyContainer);
+ LogError("Error creating SRK mem cache entry");
+ *srkKeySize = 0;
+ free(*srkKey);
+ }
+ destroy_key_refs(&srkKeyContainer);
+ }
+ LogResult("TakeOwnership", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_OwnerClear_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering OwnerClear");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &ownerAuth->AuthHandle)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_OwnerClear, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, ownerAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_OwnerClear, txBlob, paramSize, ownerAuth);
+ }
+ LogResult("Ownerclear", result);
+done:
+ auth_mgr_release_auth(ownerAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_pcr.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_pcr.c
new file mode 100644
index 0000000..0f8fa29
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_pcr.c
@@ -0,0 +1,134 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ * (C) Christian Kummer 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_Extend_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PCRINDEX pcrNum, /* in */
+ TCPA_DIGEST inDigest, /* in */
+ TCPA_PCRVALUE * outDigest) /* out */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Extend");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ /* PCRs are numbered 0 - (NUM_PCRS - 1), thus the >= */
+ if (pcrNum >= tpm_metrics.num_pcrs)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if (tcsd_options.kernel_pcrs & (1 << pcrNum)) {
+ LogInfo("PCR %d is configured to be kernel controlled. Extend request denied.",
+ pcrNum);
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ if (tcsd_options.firmware_pcrs & (1 << pcrNum)) {
+ LogInfo("PCR %d is configured to be firmware controlled. Extend request denied.",
+ pcrNum);
+ return TCSERR(TSS_E_FAIL);
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Extend, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, pcrNum, TPM_DIGEST_SIZE,
+ inDigest.digest, NULL, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Extend, txBlob, paramSize, NULL, outDigest->digest);
+ }
+ LogResult("Extend", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_PcrRead_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCPA_PCRINDEX pcrNum, /* in */
+ TCPA_PCRVALUE * outDigest) /* out */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering PCRRead");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ /* PCRs are numbered 0 - (NUM_PCRS - 1), thus the >= */
+ if (pcrNum >= tpm_metrics.num_pcrs)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_PcrRead, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, pcrNum, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_PcrRead, txBlob, paramSize, NULL, outDigest->digest);
+ }
+ LogResult("PCR Read", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_PcrReset_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn) /* in */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering PCRReset");
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_PCR_Reset, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, pcrDataSizeIn, pcrDataIn)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("PCR Reset", result);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_ps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_ps.c
new file mode 100644
index 0000000..a438afc
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_ps.c
@@ -0,0 +1,646 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+
+#define KEY_INFO_SIZE 1000
+
+TSS_RESULT
+TCS_RegisterKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *WrappingKeyUUID, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ UINT32 cKeySize, /* in */
+ BYTE * rgbKey, /* in */
+ UINT32 cVendorData, /* in */
+ BYTE * gbVendorData) /* in */
+{
+ TSS_RESULT result;
+ TSS_BOOL is_reg;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ /* Check if key is already regisitered */
+ if (isUUIDRegistered(KeyUUID, &is_reg) != TSS_SUCCESS) {
+ LogError("Failed checking if UUID is registered.");
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (is_reg == TRUE || TSS_UUID_IS_OWNEREVICT(KeyUUID)) {
+ LogDebug("UUID is already registered");
+ return TCSERR(TSS_E_KEY_ALREADY_REGISTERED);
+ }
+
+ LogDebugUnrollKey(rgbKey);
+
+ /* Go ahead and store it in system persistant storage */
+ if ((result = ps_write_key(KeyUUID, WrappingKeyUUID, gbVendorData, cVendorData, rgbKey,
+ cKeySize))) {
+ LogError("Error writing key to file");
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_UnregisterKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID KeyUUID) /* in */
+{
+ TSS_RESULT result;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ return ps_remove_key(&KeyUUID);
+}
+
+TSS_RESULT
+TCS_EnumRegisteredKeys_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID * pKeyUUID, /* in */
+ UINT32 * pcKeyHierarchySize, /* out */
+ TSS_KM_KEYINFO ** ppKeyHierarchy) /* out */
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT32 count = 0, i;
+ TSS_KM_KEYINFO *ret = NULL;
+ TSS_UUID tmp_uuid;
+ struct key_disk_cache *disk_ptr, *tmp_ptrs[MAX_KEY_CHILDREN];
+ struct key_mem_cache *mem_ptr;
+ TSS_BOOL is_reg = FALSE;
+
+ LogDebug("Enum Reg Keys");
+
+ if (pcKeyHierarchySize == NULL || ppKeyHierarchy == NULL)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (pKeyUUID != NULL) {
+ /* First have to verify the key is registered */
+ if ((result = isUUIDRegistered(pKeyUUID, &is_reg)))
+ return result;
+
+ if (is_reg == FALSE) {
+ /* This return code is not listed as possible in the TSS 1.1 spec,
+ * but it makes more sense than just TCS_SUCCESS or TSS_E_FAIL */
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+ }
+ }
+
+ /* this entire operation needs to be atomic wrt registered keys. We must
+ * lock the mem cache as well to test if a given key is loaded. */
+ MUTEX_LOCK(disk_cache_lock);
+ MUTEX_LOCK(mem_cache_lock);
+
+ /* return an array of all registered keys if pKeyUUID == NULL */
+ if (pKeyUUID == NULL) {
+ /* determine the number of registered keys */
+ for (disk_ptr = key_disk_cache_head; disk_ptr; disk_ptr = disk_ptr->next) {
+ if (disk_ptr->flags & CACHE_FLAG_VALID)
+ count++;
+ }
+
+ /* malloc a structure for each of them */
+ if (count != 0) {
+ ret = calloc(count, sizeof(TSS_KM_KEYINFO));
+ if (ret == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ (count * sizeof(TSS_KM_KEYINFO)));
+ count = 0;
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else {
+ goto done;
+ }
+
+ /* fill out the structure for each key */
+ i = 0;
+ for (disk_ptr = key_disk_cache_head; disk_ptr; disk_ptr = disk_ptr->next) {
+ if (disk_ptr->flags & CACHE_FLAG_VALID) {
+ /* look for a mem cache entry to check if its loaded */
+ for (mem_ptr = key_mem_cache_head; mem_ptr; mem_ptr = mem_ptr->next) {
+ if (!memcmp(&mem_ptr->uuid, &disk_ptr->uuid, sizeof(TSS_UUID))) {
+ if ((result = fill_key_info(disk_ptr, mem_ptr, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ break;
+ }
+ }
+ /* if there is no mem cache entry for this key, go ahead and call
+ * fill_key_info(), it will pull everything from disk */
+ if (mem_ptr == NULL) {
+ if ((result = fill_key_info(disk_ptr, NULL, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ }
+ i++;
+ }
+ }
+ } else {
+ /* return a chain of a key and its parents up to the SRK */
+ /* determine the number of keys in the chain */
+ memcpy(&tmp_uuid, pKeyUUID, sizeof(TSS_UUID));
+ disk_ptr = key_disk_cache_head;
+ while (disk_ptr != NULL && count < MAX_KEY_CHILDREN)
+ {
+ if (disk_ptr->flags & CACHE_FLAG_VALID &&
+ !memcmp(&disk_ptr->uuid, &tmp_uuid, sizeof(TSS_UUID)))
+ {
+ /* increment count, then search for the parent */
+ count++;
+ /* save a pointer to this cache entry */
+ tmp_ptrs[count - 1] = disk_ptr;
+ /* if the parent of this key is NULL, we're at the root of the tree */
+ if (!memcmp(&disk_ptr->parent_uuid, &NULL_UUID, sizeof(TSS_UUID)))
+ break;
+ /* overwrite tmp_uuid with the parent, which we will now search for */
+ memcpy(&tmp_uuid, &disk_ptr->parent_uuid, sizeof(TSS_UUID));
+ disk_ptr = key_disk_cache_head;
+ continue;
+ }
+ disk_ptr = disk_ptr->next;
+ }
+ /* when we reach this point, we have an array of TSS_UUID's that leads from the
+ * requested key up to the SRK*/
+
+ /* malloc a structure for each of them */
+ if (count != 0) {
+ ret = calloc(count, sizeof(TSS_KM_KEYINFO));
+ if (ret == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ (count * sizeof(TSS_KM_KEYINFO)));
+ count = 0;
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else {
+ goto done;
+ }
+
+ for (i = 0; i < count; i++) {
+ /* look for a mem cache entry to check if its loaded */
+ for (mem_ptr = key_mem_cache_head; mem_ptr; mem_ptr = mem_ptr->next) {
+ if (!memcmp(&mem_ptr->uuid, &tmp_ptrs[i]->uuid, sizeof(TSS_UUID))) {
+ if ((result = fill_key_info(tmp_ptrs[i], mem_ptr, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ break;
+ }
+ }
+ /* if there is no mem cache entry for this key, go ahead and call
+ * fill_key_info(), it will pull everything from disk */
+ if (mem_ptr == NULL) {
+ if ((result = fill_key_info(tmp_ptrs[i], NULL, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ }
+ }
+ }
+done:
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ MUTEX_UNLOCK(mem_cache_lock);
+
+ *ppKeyHierarchy = ret;
+ *pcKeyHierarchySize = count;
+
+ return result;
+}
+
+TSS_RESULT
+TCS_EnumRegisteredKeys_Internal2(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID * pKeyUUID, /* in */
+ UINT32 * pcKeyHierarchySize, /* out */
+ TSS_KM_KEYINFO2 ** ppKeyHierarchy) /* out */
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT32 count = 0, i;
+ TSS_KM_KEYINFO2 *ret = NULL;
+ TSS_UUID tmp_uuid;
+ struct key_disk_cache *disk_ptr, *tmp_ptrs[MAX_KEY_CHILDREN];
+ struct key_mem_cache *mem_ptr;
+ TSS_BOOL is_reg = FALSE;
+
+ LogDebug("Enum Reg Keys2");
+
+ if (pcKeyHierarchySize == NULL || ppKeyHierarchy == NULL)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (pKeyUUID != NULL) {
+ /* First have to verify the key is registered */
+ if ((result = isUUIDRegistered(pKeyUUID, &is_reg)))
+ return result;
+
+ if (is_reg == FALSE) {
+ /* This return code is not listed as possible in the TSS 1.1 spec,
+ * but it makes more sense than just TCS_SUCCESS or TSS_E_FAIL */
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+ }
+ }
+
+ /* this entire operation needs to be atomic wrt registered keys. We must
+ * lock the mem cache as well to test if a given key is loaded. */
+ MUTEX_LOCK(disk_cache_lock);
+ MUTEX_LOCK(mem_cache_lock);
+
+ /* return an array of all registered keys if pKeyUUID == NULL */
+ if (pKeyUUID == NULL) {
+ /* determine the number of registered keys */
+ for (disk_ptr = key_disk_cache_head; disk_ptr; disk_ptr = disk_ptr->next) {
+ if (disk_ptr->flags & CACHE_FLAG_VALID)
+ count++;
+ }
+
+ /* malloc a structure for each of them */
+ if (count != 0) {
+ ret = calloc(count, sizeof(TSS_KM_KEYINFO2));
+ if (ret == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ (count * sizeof(TSS_KM_KEYINFO2)));
+ count = 0;
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else {
+ goto done;
+ }
+
+ /* fill out the structure for each key */
+ i = 0;
+ for (disk_ptr = key_disk_cache_head; disk_ptr; disk_ptr = disk_ptr->next) {
+ if (disk_ptr->flags & CACHE_FLAG_VALID) {
+ /* look for a mem cache entry to check if its loaded */
+ for (mem_ptr = key_mem_cache_head; mem_ptr; mem_ptr = mem_ptr->next) {
+ if (!memcmp(&mem_ptr->uuid, &disk_ptr->uuid, sizeof(TSS_UUID))) {
+ if ((result = fill_key_info2(disk_ptr, mem_ptr, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ break;
+ }
+ }
+ /* if there is no mem cache entry for this key, go ahead and call
+ * fill_key_info2(), it will pull everything from disk */
+ if (mem_ptr == NULL) {
+ if ((result = fill_key_info2(disk_ptr, NULL, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ }
+ i++;
+ }
+ }
+ } else {
+ /* return a chain of a key and its parents up to the SRK */
+ /* determine the number of keys in the chain */
+ memcpy(&tmp_uuid, pKeyUUID, sizeof(TSS_UUID));
+ disk_ptr = key_disk_cache_head;
+ while (disk_ptr != NULL && count < MAX_KEY_CHILDREN)
+ {
+ if (disk_ptr->flags & CACHE_FLAG_VALID &&
+ !memcmp(&disk_ptr->uuid, &tmp_uuid, sizeof(TSS_UUID)))
+ {
+ /* increment count, then search for the parent */
+ count++;
+ /* save a pointer to this cache entry */
+ tmp_ptrs[count - 1] = disk_ptr;
+ /* if the parent of this key is NULL, we're at the root of the tree */
+ if (!memcmp(&disk_ptr->parent_uuid, &NULL_UUID, sizeof(TSS_UUID)))
+ break;
+ /* overwrite tmp_uuid with the parent, which we will now search for */
+ memcpy(&tmp_uuid, &disk_ptr->parent_uuid, sizeof(TSS_UUID));
+ disk_ptr = key_disk_cache_head;
+ continue;
+ }
+ disk_ptr = disk_ptr->next;
+ }
+ /* when we reach this point, we have an array of TSS_UUID's that leads from the
+ * requested key up to the SRK*/
+
+ /* malloc a structure for each of them */
+ if (count != 0) {
+ ret = calloc(count, sizeof(TSS_KM_KEYINFO2));
+ if (ret == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ (count * sizeof(TSS_KM_KEYINFO2)));
+ count = 0;
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else {
+ goto done;
+ }
+
+ for (i = 0; i < count; i++) {
+ /* look for a mem cache entry to check if its loaded */
+ for (mem_ptr = key_mem_cache_head; mem_ptr; mem_ptr = mem_ptr->next) {
+ if (!memcmp(&mem_ptr->uuid, &tmp_ptrs[i]->uuid, sizeof(TSS_UUID))) {
+ if ((result = fill_key_info2(tmp_ptrs[i], mem_ptr, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ break;
+ }
+ }
+ /* if there is no mem cache entry for this key, go ahead and call
+ * fill_key_info(), it will pull everything from disk */
+ if (mem_ptr == NULL) {
+ if ((result = fill_key_info2(tmp_ptrs[i], NULL, &ret[i]))) {
+ free(ret);
+ ret = NULL;
+ count = 0;
+ goto done;
+ }
+ }
+ }
+ }
+done:
+
+ MUTEX_UNLOCK(disk_cache_lock);
+ MUTEX_UNLOCK(mem_cache_lock);
+
+ *ppKeyHierarchy = ret;
+ *pcKeyHierarchySize = count;
+
+ return result;
+}
+
+TSS_RESULT
+TCS_GetRegisteredKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ TSS_KM_KEYINFO ** ppKeyInfo) /* out */
+{
+ TSS_RESULT result;
+ UINT64 offset;
+ BYTE tcpaKeyBlob[1024];
+ TSS_KEY tcpaKey;
+ UINT16 keySize = sizeof (tcpaKeyBlob);
+ TSS_UUID parentUUID;
+
+ /* This should be set in case we return before the malloc */
+ *ppKeyInfo = NULL;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = ps_get_key_by_uuid(KeyUUID, tcpaKeyBlob, &keySize))) {
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+ }
+
+ if ((result = getParentUUIDByUUID(KeyUUID, &parentUUID)))
+ return TCSERR(TSS_E_FAIL);
+
+ *ppKeyInfo = malloc(sizeof(TSS_KM_KEYINFO));
+ if (*ppKeyInfo == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_KM_KEYINFO));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ offset = 0;
+ UnloadBlob_TSS_KEY(&offset, tcpaKeyBlob, &tcpaKey);
+
+ (*ppKeyInfo)->bAuthDataUsage = tcpaKey.authDataUsage;
+
+ (*ppKeyInfo)->fIsLoaded = FALSE;
+
+ if (tcpaKey.hdr.key12.tag == TPM_TAG_KEY12) {
+ (*ppKeyInfo)->versionInfo.bMajor = TSS_SPEC_MAJOR;
+ (*ppKeyInfo)->versionInfo.bMinor = TSS_SPEC_MINOR;
+ (*ppKeyInfo)->versionInfo.bRevMajor = 0;
+ (*ppKeyInfo)->versionInfo.bRevMinor = 0;
+ } else {
+ (*ppKeyInfo)->versionInfo.bMajor = tcpaKey.hdr.key11.ver.major;
+ (*ppKeyInfo)->versionInfo.bMinor = tcpaKey.hdr.key11.ver.minor;
+ (*ppKeyInfo)->versionInfo.bRevMajor = tcpaKey.hdr.key11.ver.revMajor;
+ (*ppKeyInfo)->versionInfo.bRevMinor = tcpaKey.hdr.key11.ver.revMinor;
+ }
+
+ memcpy(&((*ppKeyInfo)->keyUUID), KeyUUID, sizeof(TSS_UUID));
+
+ (*ppKeyInfo)->ulVendorDataLength = 0;
+ (*ppKeyInfo)->rgbVendorData = 0;
+
+ memcpy(&((*ppKeyInfo)->parentKeyUUID), &parentUUID, sizeof(TSS_UUID));
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCS_GetRegisteredKeyBlob_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ UINT32 * pcKeySize, /* out */
+ BYTE ** prgbKey) /* out */
+{
+ UINT16 keySize;
+ BYTE buffer[4096];
+ TSS_RESULT result;
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ keySize = sizeof(buffer);
+ if ((result = ps_get_key_by_uuid(KeyUUID, buffer, &keySize)))
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+
+ *prgbKey = calloc(1, keySize);
+ if (*prgbKey == NULL) {
+ LogError("malloc of %d bytes failed.", keySize);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ } else {
+ memcpy(*prgbKey, buffer, keySize);
+ }
+ *pcKeySize = keySize;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+TCSP_LoadKeyByUUID_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TSS_UUID *KeyUUID, /* in */
+ TCS_LOADKEY_INFO * pLoadKeyInfo, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI) /* out */
+{
+ UINT32 keyslot = 0, keySize;
+ UINT32 ordinal;
+ TSS_RESULT result;
+ TSS_UUID parentUuid;
+ BYTE keyBlob[0x1000];
+ UINT16 blobSize = sizeof(keyBlob);
+ UINT64 offset;
+ TCS_KEY_HANDLE parentTCSKeyHandle;
+
+ if (TPM_VERSION_IS(1,2))
+ ordinal = TPM_ORD_LoadKey2;
+ else
+ ordinal = TPM_ORD_LoadKey;
+
+ LogDebugFn("Enter: uuid: 0x%lx auth? 0x%x ***********", (unsigned long)KeyUUID,
+ pLoadKeyInfo == NULL ? 0xdeadbeef : pLoadKeyInfo->authData.AuthHandle);
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ memset(&parentUuid, 0, sizeof(TSS_UUID));
+
+ if (pLoadKeyInfo &&
+ memcmp(&pLoadKeyInfo->parentKeyUUID, &parentUuid, sizeof(TSS_UUID))) {
+ if (ps_get_key_by_uuid(&pLoadKeyInfo->keyUUID, keyBlob, &blobSize))
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+
+ if (mc_get_handles_by_uuid(&pLoadKeyInfo->parentKeyUUID, &parentTCSKeyHandle,
+ &keyslot))
+ return TCSERR(TCS_E_KM_LOADFAILED);
+
+ return LoadKeyByBlob_Internal(ordinal, hContext, parentTCSKeyHandle,
+ blobSize, keyBlob,
+ &pLoadKeyInfo->authData,
+ phKeyTCSI, &keyslot);
+ }
+
+ /* if KeyUUID is already loaded, increment the ref count and return */
+ if (mc_get_handles_by_uuid(KeyUUID, phKeyTCSI, &keyslot) == TSS_SUCCESS) {
+ if (keyslot) {
+ if (ctx_mark_key_loaded(hContext, *phKeyTCSI)) {
+ LogError("Error marking key as loaded");
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ return TSS_SUCCESS;
+ }
+ }
+ /*********************************************************************
+ * The first thing to do in this func is setup all the info and make sure
+ * that we get it all from either the keyfile or the keyCache
+ * also, it's important to return if the key is already loaded
+ ***********************************************************************/
+ LogDebugFn("calling ps_get_key_by_uuid");
+ if (ps_get_key_by_uuid(KeyUUID, keyBlob, &blobSize))
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+ /* convert UINT16 to UIN32 */
+ keySize = blobSize;
+
+ LogDebugFn("calling getParentUUIDByUUID");
+ /*--- Get my parent's UUID. Since My key is registered, my parent should be as well. */
+ if ((result = getParentUUIDByUUID(KeyUUID, &parentUuid)))
+ return TCSERR(TCS_E_KM_LOADFAILED);
+
+ if ((result = TCSP_LoadKeyByUUID_Internal(hContext, &parentUuid,
+ pLoadKeyInfo, &parentTCSKeyHandle)))
+ return result;
+
+ LogDebugFn("calling LoadKeyByBlob_Internal");
+ /*******************************************************
+ * If no errors have happend up till now, then the parent is loaded and ready for use.
+ * The parent's TCS Handle should be in parentTCSKeyHandle.
+ ******************************************************/
+ if ((result = LoadKeyByBlob_Internal(ordinal, hContext, parentTCSKeyHandle,
+ keySize, keyBlob,
+ NULL,
+ phKeyTCSI, &keyslot))) {
+ LogDebugFn("LoadKeyByBlob_Internal returned 0x%x", result);
+ if (result == TCPA_E_AUTHFAIL && pLoadKeyInfo) {
+ BYTE blob[KEY_INFO_SIZE];
+
+ /* set up a load key info struct */
+ memcpy(&pLoadKeyInfo->parentKeyUUID, &parentUuid, sizeof(TSS_UUID));
+ memcpy(&pLoadKeyInfo->keyUUID, KeyUUID, sizeof(TSS_UUID));
+
+ /* calculate the paramDigest */
+ offset = 0;
+ LoadBlob_UINT32(&offset, ordinal, NULL);
+ LoadBlob(&offset, keySize, NULL, keyBlob);
+ if (offset > KEY_INFO_SIZE) {
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+ offset = 0;
+ LoadBlob_UINT32(&offset, ordinal, blob);
+ LoadBlob(&offset, keySize, blob, keyBlob);
+ if (Hash(TSS_HASH_SHA1, offset, blob,
+ (BYTE *)&pLoadKeyInfo->paramDigest.digest))
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+
+ result = TCSERR(TCS_E_KM_LOADFAILED);
+ }
+ }
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_GetRegisteredKeyByPublicInfo_Internal(TCS_CONTEXT_HANDLE tcsContext, /* in */
+ TCPA_ALGORITHM_ID algID, /* in */
+ UINT32 ulPublicInfoLength, /* in */
+ BYTE * rgbPublicInfo, /* in */
+ UINT32 * keySize, /* out */
+ BYTE ** keyBlob) /* out */
+{
+ TCPA_STORE_PUBKEY pubKey;
+ TSS_RESULT result = TCSERR(TSS_E_FAIL);
+
+ pubKey.key = NULL;
+
+ if ((result = ctx_verify_context(tcsContext)))
+ return result;
+
+ if (algID == TCPA_ALG_RSA) {
+ /*--- Convert Public info to a structure */
+ pubKey.keyLength = ulPublicInfoLength;
+ pubKey.key = malloc(pubKey.keyLength);
+ if (pubKey.key == NULL) {
+ LogError("malloc of %d bytes failed.", pubKey.keyLength);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ memcpy(pubKey.key, rgbPublicInfo, pubKey.keyLength);
+
+ if ((result = ps_get_key_by_pub(&pubKey, keySize, keyBlob))) {
+ LogDebug("Public key data not found in PS");
+ free(pubKey.key);
+ return TCSERR(TSS_E_PS_KEY_NOTFOUND);
+ }
+ }
+ free(pubKey.key);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_quote.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_quote.c
new file mode 100644
index 0000000..6399bf8
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_quote.c
@@ -0,0 +1,81 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_Quote_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * pcrDataSizeOut, /* out */
+ BYTE ** pcrDataOut, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ UINT32 keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering quote");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (privAuth != NULL) {
+ LogDebug("Auth Used");
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Quote, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, antiReplay.nonce,
+ pcrDataSizeIn, pcrDataIn, privAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Quote, txBlob, paramSize, pcrDataSizeOut, pcrDataOut,
+ sigSize, sig, privAuth);
+ }
+ LogResult("Quote", result);
+done:
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_quote2.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_quote2.c
new file mode 100644
index 0000000..6972618
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_quote2.c
@@ -0,0 +1,86 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_Quote2_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn, /* in */
+ TSS_BOOL addVersion, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * pcrDataSizeOut, /* out */
+ BYTE ** pcrDataOut, /* out */
+ UINT32 * versionInfoSize, /* out */
+ BYTE ** versionInfo, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ UINT32 keySlot;
+
+ /* Command packet to be sent to the TPM */
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering quote2");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (privAuth != NULL) {
+ LogDebug("Auth Used");
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Quote2, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, antiReplay.nonce,
+ pcrDataSizeIn, pcrDataIn, &addVersion, privAuth)))
+ goto done;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Quote2, txBlob, paramSize, pcrDataSizeOut,
+ pcrDataOut, &addVersion, versionInfoSize, versionInfo,
+ sigSize, sig, privAuth);
+ }
+ LogResult("Quote2", result);
+done:
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_random.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_random.c
new file mode 100644
index 0000000..0c6952d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_random.c
@@ -0,0 +1,147 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+/*
+ * Get a random number generated by the TPM. Most (all?) TPMs return a maximum number of random
+ * bytes that's less than the max allowed to be returned at the TSP level, which is 4K bytes.
+ * According to the TPM compliance work posted here: http://www.prosec.rub.de/tpmcompliance.html,
+ * some TPMs return as little as 132 bytes per query, which would require about 30 loops to get 4K.
+ * We'll be extremely conservative here and loop 50 times, since it won't affect performance on
+ * TPMs that return more bytes.
+ */
+TSS_RESULT
+TCSP_GetRandom_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 * bytesRequested, /* in, out */
+ BYTE ** randomBytes) /* out */
+{
+ UINT64 offset;
+ TSS_RESULT result;
+ UINT32 paramSize, totalReturned = 0, bytesReturned, retries = 50;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE], *rnd_tmp = NULL, *rnd_tmp2 = NULL;
+
+ LogDebugFn("%u bytes", *bytesRequested);
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ do {
+ offset = 0;
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetRandom, &offset, TSS_TPM_TXBLOB_SIZE, txBlob,
+ *bytesRequested - totalReturned, NULL)))
+ break;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ break;;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+#if 0
+ offset = 10;
+ UnloadBlob_UINT32(&offset, &bytesReturned, txBlob);
+
+ LogDebugFn("received %u bytes from the TPM", bytesReturned);
+
+ rnd_tmp = realloc(rnd_tmp, totalReturned + bytesReturned);
+ if (rnd_tmp == NULL) {
+ LogError("malloc of %u bytes failed.", bytesReturned);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ UnloadBlob(&offset, bytesReturned, txBlob, &rnd_tmp[totalReturned]);
+#else
+ /* XXX */
+ if ((result = tpm_rsp_parse(TPM_ORD_GetRandom, txBlob, paramSize,
+ &bytesReturned, &rnd_tmp, NULL, NULL)))
+ break;
+
+ rnd_tmp2 = realloc(*randomBytes, totalReturned + bytesReturned);
+ if (rnd_tmp2 == NULL) {
+ free(rnd_tmp);
+ rnd_tmp = NULL;
+ LogError("malloc of %u bytes failed.", bytesReturned);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ break;
+ }
+ *randomBytes = rnd_tmp2;
+ memcpy(*randomBytes + totalReturned, rnd_tmp, bytesReturned);
+ free(rnd_tmp);
+ rnd_tmp = NULL;
+#endif
+ totalReturned += bytesReturned;
+ } else {
+ free(rnd_tmp);
+ return result;
+ }
+ } while (totalReturned < *bytesRequested && retries--);
+
+ if (totalReturned != *bytesRequested) {
+ LogDebugFn("Only %u random bytes recieved from TPM.", totalReturned);
+ free(rnd_tmp);
+ result = TCSERR(TSS_E_FAIL);
+#if 0
+ } else
+ *randomBytes = rnd_tmp;
+#else
+ }
+#endif
+
+ return result;
+}
+
+TSS_RESULT
+TCSP_StirRandom_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering stir random");
+
+ if (inDataSize > 255) {
+ LogDebugFn("inData is too large! (%u bytes)", inDataSize);
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_StirRandom, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, inDataSize, inDataSize,
+ inData, NULL, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("Stir random", result);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_seal.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_seal.c
new file mode 100644
index 0000000..5a5ba0f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_seal.c
@@ -0,0 +1,149 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+TSS_RESULT
+TCSP_Seal_Internal(UINT32 sealOrdinal, /* in */
+ TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_ENCAUTH encAuth, /* in */
+ UINT32 pcrInfoSize, /* in */
+ BYTE * PcrInfo, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * pubAuth, /* in, out */
+ UINT32 * SealedDataSize, /* out */
+ BYTE ** SealedData) /* out */
+{
+ UINT64 offset = 0;
+ TSS_RESULT result;
+ UINT32 paramSize;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Seal");
+ if (!pubAuth)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if ((result = auth_mgr_check(hContext, &pubAuth->AuthHandle)))
+ goto done;
+
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ /* XXX What's this check for? */
+ if (keySlot == 0) {
+ result = TCSERR(TSS_E_FAIL);
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build(sealOrdinal, &offset, txBlob, keySlot, encAuth.authdata,
+ pcrInfoSize, PcrInfo, inDataSize, inData, pubAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ offset = 10;
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(sealOrdinal, txBlob, paramSize, SealedDataSize,
+ SealedData, pubAuth);
+ }
+ LogResult("Seal", result);
+done:
+ auth_mgr_release_auth(pubAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_Unseal_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ UINT32 SealedDataSize, /* in */
+ BYTE * SealedData, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ TPM_AUTH * dataAuth, /* in, out */
+ UINT32 * DataSize, /* out */
+ BYTE ** Data) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Unseal");
+
+ if (dataAuth == NULL)
+ return TCSERR(TSS_E_BAD_PARAMETER);
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (parentAuth != NULL) {
+ LogDebug("Auth used");
+ if ((result = auth_mgr_check(hContext, &parentAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+
+ if ((result = auth_mgr_check(hContext, &dataAuth->AuthHandle)))
+ goto done;
+
+ if ((result = ensureKeyIsLoaded(hContext, parentHandle, &keySlot)))
+ goto done;
+
+ /* XXX What's this check for? */
+ if (keySlot == 0) {
+ result = TCSERR(TSS_E_FAIL);
+ goto done;
+ }
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Unseal, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, SealedDataSize,
+ SealedData, parentAuth, dataAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ offset = 10;
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Unseal, txBlob, paramSize, DataSize, Data,
+ parentAuth, dataAuth);
+ }
+ LogResult("Unseal", result);
+done:
+ auth_mgr_release_auth(parentAuth, dataAuth, hContext);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_selftest.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_selftest.c
new file mode 100644
index 0000000..882ba57
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_selftest.c
@@ -0,0 +1,129 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_SelfTestFull_Internal(TCS_CONTEXT_HANDLE hContext) /* in */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Self Test Full");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_SelfTestFull, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ LogResult("Self Test Full", result);
+ return result;
+}
+
+TSS_RESULT
+TCSP_CertifySelfTest_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Certify Self Test");
+
+ if ((result = ctx_verify_context(hContext)))
+ goto done;
+
+ if (privAuth != NULL) {
+ LogDebug("Auth Used");
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_CertifySelfTest, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot,
+ TPM_NONCE_SIZE, antiReplay.nonce, privAuth, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_CertifySelfTest, txBlob, paramSize, sigSize, sig,
+ privAuth, NULL);
+ }
+ LogResult("Certify Self Test", result);
+done:
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_GetTestResult_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Get Test Result");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetTestResult, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ return result;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_GetTestResult, txBlob, paramSize, outDataSize,
+ outData, NULL, NULL);
+ }
+ LogResult("Get Test Result", result);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_sign.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_sign.c
new file mode 100644
index 0000000..45bb33d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_sign.c
@@ -0,0 +1,78 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcsps.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "req_mgr.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+
+
+TSS_RESULT
+TCSP_Sign_Internal(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 areaToSignSize, /* in */
+ BYTE * areaToSign, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig /* out */
+ )
+{
+ UINT64 offset = 0;
+ UINT32 paramSize;
+ TSS_RESULT result;
+ TCPA_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ LogDebug("Entering Sign");
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (privAuth != NULL) {
+ LogDebug("Auth Used");
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ } else {
+ LogDebug("No Auth");
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, keyHandle, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_Sign, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, areaToSignSize,
+ areaToSign, privAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_Sign, txBlob, paramSize, sigSize, sig, privAuth,
+ NULL);
+ }
+ LogResult("sign", result);
+done:
+ auth_mgr_release_auth(privAuth, NULL, hContext);
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_tick.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_tick.c
new file mode 100644
index 0000000..0ec303b
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_tick.c
@@ -0,0 +1,119 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+
+
+TSS_RESULT
+TCSP_ReadCurrentTicks_Internal(TCS_CONTEXT_HANDLE hContext,
+ UINT32* pulCurrentTime,
+ BYTE** prgbCurrentTime)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_GetTicks, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, NULL)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ result = UnloadBlob_Header(txBlob, ¶mSize);
+ if (!result)
+ result = tpm_rsp_parse(TPM_ORD_GetTicks, txBlob, paramSize, pulCurrentTime,
+ prgbCurrentTime, NULL);
+
+done:
+ return result;
+}
+
+TSS_RESULT
+TCSP_TickStampBlob_Internal(TCS_CONTEXT_HANDLE hContext,
+ TCS_KEY_HANDLE hKey,
+ TPM_NONCE* antiReplay,
+ TPM_DIGEST* digestToStamp,
+ TPM_AUTH* privAuth,
+ UINT32* pulSignatureLength,
+ BYTE** prgbSignature,
+ UINT32* pulTickCountLength,
+ BYTE** prgbTickCount)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset = 0;
+ TPM_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (privAuth) {
+ if ((result = auth_mgr_check(hContext, &privAuth->AuthHandle)))
+ goto done;
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, hKey, &keySlot)))
+ goto done;
+
+ if ((result = tpm_rqu_build_checked(TPM_ORD_TickStampBlob, &offset, TSS_TPM_TXBLOB_SIZE, txBlob, keySlot, antiReplay,
+ digestToStamp, privAuth)))
+ return result;
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto done;
+ }
+
+ if (!result) {
+ result = tpm_rsp_parse(TPM_ORD_TickStampBlob, txBlob, paramSize, pulTickCountLength,
+ prgbTickCount, pulSignatureLength, prgbSignature, privAuth);
+ }
+done:
+ return result;
+}
+
+void
+UnloadBlob_CURRENT_TICKS(UINT64 *offset, BYTE *b, TPM_CURRENT_TICKS *t)
+{
+ if (!t) {
+ UnloadBlob_UINT16(offset, NULL, b);
+ UnloadBlob_UINT64(offset, NULL, b);
+ UnloadBlob_UINT16(offset, NULL, b);
+ UnloadBlob(offset, sizeof(TPM_NONCE), b, NULL);
+
+ return;
+ }
+
+ UnloadBlob_UINT16(offset, &t->tag, b);
+ UnloadBlob_UINT64(offset, &t->currentTicks, b);
+ UnloadBlob_UINT16(offset, &t->tickRate, b);
+ UnloadBlob(offset, sizeof(TPM_NONCE), b, (BYTE *)&t->tickNonce);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_transport.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_transport.c
new file mode 100644
index 0000000..5764fb0
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcs/tcsi_transport.c
@@ -0,0 +1,551 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsps.h"
+#include "req_mgr.h"
+
+
+TSS_RESULT
+TCSP_EstablishTransport_Internal(TCS_CONTEXT_HANDLE hContext,
+ UINT32 ulTransControlFlags,
+ TCS_KEY_HANDLE hEncKey,
+ UINT32 ulTransSessionInfoSize,
+ BYTE* rgbTransSessionInfo,
+ UINT32 ulSecretSize,
+ BYTE* rgbSecret,
+ TPM_AUTH* pEncKeyAuth,
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ TCS_HANDLE* hTransSession,
+ UINT32* ulCurrentTicks,
+ BYTE** prgbCurrentTicks,
+ TPM_NONCE* pTransNonce)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset;
+ TPM_KEY_HANDLE keySlot = TPM_KH_TRANSPORT;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (ulTransControlFlags == TSS_TCSATTRIB_TRANSPORT_EXCLUSIVE) {
+ if ((result = ctx_req_exclusive_transport(hContext)))
+ return result;
+ }
+
+ if (pEncKeyAuth) {
+ if ((result = auth_mgr_check(hContext, &pEncKeyAuth->AuthHandle)))
+ return result;
+ }
+
+ /* if hEncKey is set to TPM_KH_TRANSPORT, that's the signal to the TPM that this will be
+ * an unencrypted transport session, so we don't need to check that its loaded */
+ if (hEncKey != TPM_KH_TRANSPORT) {
+ if ((result = ensureKeyIsLoaded(hContext, hEncKey, &keySlot)))
+ return result;
+ }
+
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(&offset, keySlot, NULL);
+ LoadBlob(&offset, ulTransSessionInfoSize, NULL, rgbTransSessionInfo);
+ LoadBlob_UINT32(&offset, ulSecretSize, NULL);
+ LoadBlob(&offset, ulSecretSize, NULL, rgbSecret);
+ if (pEncKeyAuth) {
+ LoadBlob_Auth(&offset, NULL, pEncKeyAuth);
+ }
+ if (offset > TSS_TPM_TXBLOB_SIZE) {
+ return TCSERR(TSS_E_BAD_PARAMETER);
+ }
+
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(&offset, keySlot, txBlob);
+ LoadBlob(&offset, ulTransSessionInfoSize, txBlob, rgbTransSessionInfo);
+ LoadBlob_UINT32(&offset, ulSecretSize, txBlob);
+ LoadBlob(&offset, ulSecretSize, txBlob, rgbSecret);
+ if (pEncKeyAuth) {
+ LoadBlob_Auth(&offset, txBlob, pEncKeyAuth);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, offset, TPM_ORD_EstablishTransport,
+ txBlob);
+ } else
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset, TPM_ORD_EstablishTransport, txBlob);
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto done;
+ }
+
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT32(&offset, hTransSession, txBlob);
+ UnloadBlob_UINT32(&offset, pbLocality, txBlob);
+
+ *ulCurrentTicks = sizeof(TPM_STRUCTURE_TAG)
+ + sizeof(UINT64)
+ + sizeof(UINT16)
+ + sizeof(TPM_NONCE);
+
+ *prgbCurrentTicks = malloc(*ulCurrentTicks);
+ if (*prgbCurrentTicks == NULL) {
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ UnloadBlob(&offset, *ulCurrentTicks, txBlob, *prgbCurrentTicks);
+ UnloadBlob(&offset, sizeof(TPM_NONCE), txBlob, (BYTE *)pTransNonce);
+ if (pEncKeyAuth)
+ UnloadBlob_Auth(&offset, txBlob, pEncKeyAuth);
+
+ ctx_set_transport_enabled(hContext, *hTransSession);
+done:
+ auth_mgr_release_auth(pEncKeyAuth, NULL, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ExecuteTransport_Internal(TCS_CONTEXT_HANDLE hContext,
+ TPM_COMMAND_CODE unWrappedCommandOrdinal,
+ UINT32 ulWrappedCmdParamInSize,
+ BYTE* rgbWrappedCmdParamIn,
+ UINT32* pulHandleListSize, /* in, out */
+ TCS_HANDLE** rghHandles, /* in, out */
+ TPM_AUTH* pWrappedCmdAuth1, /* in, out */
+ TPM_AUTH* pWrappedCmdAuth2, /* in, out */
+ TPM_AUTH* pTransAuth, /* in, out */
+ UINT64* punCurrentTicks,
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ TPM_RESULT* pulWrappedCmdReturnCode,
+ UINT32* ulWrappedCmdParamOutSize,
+ BYTE** rgbWrappedCmdParamOut)
+{
+ TSS_RESULT result;
+ UINT32 paramSize, wrappedSize, val1 = 0, val2 = 0, *pVal1 = NULL, *pVal2 = NULL;
+ TCS_HANDLE handle1 = 0, handle2 = 0;
+ UINT64 offset, wrappedOffset = 0, tmpOffset;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+
+ if (*pulHandleListSize > 2) {
+ LogDebugFn("************ EXPAND KEYSLOT SIZE *********");
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (pWrappedCmdAuth1)
+ if ((result = auth_mgr_check(hContext, &pWrappedCmdAuth1->AuthHandle)))
+ goto done;
+
+ if (pWrappedCmdAuth2)
+ if ((result = auth_mgr_check(hContext, &pWrappedCmdAuth2->AuthHandle)))
+ goto done;
+
+ switch (unWrappedCommandOrdinal) {
+ /* If the command is FlushSpecific, we get handle that needs to be freed, but we don't know
+ * what type it is. */
+ case TPM_ORD_FlushSpecific:
+ if (*pulHandleListSize == 0) { /* invalid */
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+
+ /* If this is a transport handle, remove the context's reference to the session */
+ ctx_set_transport_disabled(hContext, rghHandles[0]);
+
+ /* Is it a key? If so, jump to the get_slot_lite and key management calls below */
+ if (ctx_has_key_loaded(hContext, *rghHandles[0]))
+ goto map_key_handles;
+
+ /* fall through */
+ case TPM_ORD_Terminate_Handle:
+ if (!auth_mgr_check(hContext, rghHandles[0]))
+ auth_mgr_release_auth_handle(*rghHandles[0], hContext, FALSE);
+
+ /* If the handle is an auth handle or any other kind of handle, there's no
+ * mapping done in the TCS, so pass its value straight to the TPM and jump over
+ * the switch statement below where we assume FLushSpecific is being done on a
+ * key */
+ handle1 = val1 = *rghHandles[0];
+ pVal1 = &val1;
+
+ goto build_command;
+ default:
+ break;
+ }
+
+map_key_handles:
+ if (*pulHandleListSize == 2) {
+ handle2 = (*rghHandles)[1];
+
+ if ((result = get_slot_lite(hContext, handle2, &val2))) {
+ *pulHandleListSize = 0;
+ goto done;
+ }
+
+ pVal2 = &val2;
+ }
+
+ if (*pulHandleListSize >= 1) {
+ handle1 = *rghHandles[0];
+
+ *pulHandleListSize = 0;
+
+ if ((result = get_slot_lite(hContext, handle1, &val1)))
+ goto done;
+
+ pVal1 = &val1;
+ }
+
+ switch (unWrappedCommandOrdinal) {
+ case TPM_ORD_EvictKey:
+ case TPM_ORD_FlushSpecific:
+ {
+ if ((result = ctx_remove_key_loaded(hContext, handle1)))
+ goto done;
+
+ if ((result = key_mgr_dec_ref_count(handle1)))
+ goto done;
+
+ /* we can't call key_mgr_ref_cnt() here since it calls TPM_EvictKey directly */
+ mc_set_slot_by_handle(handle1, NULL_TPM_HANDLE);
+ break;
+ }
+ case TPM_ORD_OIAP:
+ {
+ /* are the maximum number of auth sessions open? */
+ if (auth_mgr_req_new(hContext) == FALSE) {
+ if ((result = auth_mgr_swap_out(hContext)))
+ goto done;
+ }
+
+ break;
+ }
+ case TPM_ORD_OSAP:
+ {
+ UINT16 entityType;
+ UINT32 entityValue, newEntValue;
+
+ /* are the maximum number of auth sessions open? */
+ if (auth_mgr_req_new(hContext) == FALSE) {
+ if ((result = auth_mgr_swap_out(hContext)))
+ goto done;
+ }
+
+ offset = 0;
+ UnloadBlob_UINT16(&offset, &entityType, rgbWrappedCmdParamIn);
+ UnloadBlob_UINT32(&offset, &entityValue, rgbWrappedCmdParamIn);
+
+ if (entityType == TCPA_ET_KEYHANDLE || entityType == TCPA_ET_KEY) {
+ if (ensureKeyIsLoaded(hContext, entityValue, &newEntValue))
+ return TCSERR(TSS_E_KEY_NOT_LOADED);
+
+ /* OSAP is never encrypted in a transport session, so changing
+ * rgbWrappedCmdParamIn is ok here */
+ offset = sizeof(UINT16);
+ LoadBlob_UINT32(&offset, newEntValue, rgbWrappedCmdParamIn);
+ }
+
+ break;
+ }
+ case TPM_ORD_DSAP:
+ {
+ UINT16 entityType;
+ UINT32 keyHandle, tpmKeyHandle;
+
+ /* are the maximum number of auth sessions open? */
+ if (auth_mgr_req_new(hContext) == FALSE) {
+ if ((result = auth_mgr_swap_out(hContext)))
+ goto done;
+ }
+
+ offset = 0;
+ UnloadBlob_UINT16(&offset, &entityType, rgbWrappedCmdParamIn);
+ UnloadBlob_UINT32(&offset, &keyHandle, rgbWrappedCmdParamIn);
+
+ if (ensureKeyIsLoaded(hContext, keyHandle, &tpmKeyHandle)) {
+ result = TCSERR(TSS_E_KEY_NOT_LOADED);
+ goto done;
+ }
+
+ /* DSAP's only encrypted paramter is entityValue, so replacing keyHandle inside
+ * rgbWrappedCmdParamIn is ok */
+ offset = sizeof(UINT16);
+ LoadBlob_UINT32(&offset, tpmKeyHandle, rgbWrappedCmdParamIn);
+ }
+ default:
+ break;
+ }
+
+build_command:
+ if ((result = tpm_rqu_build_checked(TPM_ORD_ExecuteTransport, &wrappedOffset, TSS_TPM_TXBLOB_SIZE,
+ &txBlob[TSS_TXBLOB_WRAPPEDCMD_OFFSET], unWrappedCommandOrdinal,
+ pVal1, pVal2, ulWrappedCmdParamInSize, rgbWrappedCmdParamIn,
+ pWrappedCmdAuth1, pWrappedCmdAuth2)))
+ goto done;
+
+ /* The blob we'll load here looks like this:
+ *
+ * |TAGet|LENet|ORDet|wrappedCmdSize|wrappedCmd|AUTHet|
+ *
+ * wrappedCmd looks like this:
+ *
+ * |TAGw|LENw|ORDw|HANDLESw|DATAw|AUTH1w|AUTH2w|
+ *
+ * w = wrapped command info
+ * et = execute transport command info
+ *
+ * Note that the wrapped command was loaded into the blob by the tpm_rqu_build call
+ * above.
+ *
+ */
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ /* Load wrapped command size: |wrappedCmdSize| */
+ tmpOffset = offset;
+ LoadBlob_UINT32(&tmpOffset, wrappedOffset, NULL);
+ if (tmpOffset > TSS_TPM_TXBLOB_SIZE) {
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ LoadBlob_UINT32(&offset, wrappedOffset, txBlob);
+
+ /* offset + wrappedOffset is the position of the execute transport auth struct */
+ offset += wrappedOffset;
+
+ if (pTransAuth) {
+ /* Load the auth for the execute transport command: |AUTHet| */
+ tmpOffset = offset;
+ LoadBlob_Auth(&tmpOffset, NULL, pTransAuth);
+ if (tmpOffset > TSS_TPM_TXBLOB_SIZE) {
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ LoadBlob_Auth(&offset, txBlob, pTransAuth);
+ /* Load the outer header: |TAGet|LENet|ORDet| */
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, offset, TPM_ORD_ExecuteTransport,
+ txBlob);
+ } else {
+ /* Load the outer header: |TAGet|LENet|ORDet| */
+ LoadBlob_Header(TPM_TAG_RQU_COMMAND, offset, TPM_ORD_ExecuteTransport, txBlob);
+ }
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ /* Unload the Execute Transport (outer) header */
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto done;
+ }
+
+ /* The response from the TPM looks like this:
+ *
+ * |TAGet|LENet|RCet|currentTicks|locality|wrappedRspSize|wrappedRsp|AUTHet|
+ *
+ * and wrappedRsp looks like:
+ *
+ * |TAGw|LENw|RCw|HANDLESw|DATAw|AUTH1w|AUTH2w|
+ */
+
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT64(&offset, punCurrentTicks, txBlob);
+ UnloadBlob_UINT32(&offset, pbLocality, txBlob);
+
+ /* Unload the wrapped response size: |wrappedRspSize| */
+ UnloadBlob_UINT32(&offset, &wrappedSize, txBlob);
+
+ /* We've parsed right up to wrappedRsp, so save off this offset for later */
+ wrappedOffset = offset;
+
+ /* The current offset + the response size will be the offset of |AUTHet| */
+ offset += wrappedSize;
+ if (pTransAuth)
+ UnloadBlob_Auth(&offset, txBlob, pTransAuth);
+
+ /* Now parse through the returned response @ wrappedOffset */
+ if ((result = UnloadBlob_Header(&txBlob[wrappedOffset], ¶mSize))) {
+ LogDebugFn("Wrapped command (Ordinal 0x%x) failed: rc=0x%x",
+ unWrappedCommandOrdinal, result);
+
+ /* This is the result of the wrapped command. If its not success, return its value
+ * in the pulWrappedCmdReturnCode variable and return indicating that the execute
+ * transport command was successful */
+ *pulWrappedCmdReturnCode = result;
+ *ulWrappedCmdParamOutSize = 0;
+ *rgbWrappedCmdParamOut = NULL;
+ auth_mgr_release_auth(pWrappedCmdAuth1, pWrappedCmdAuth2, hContext);
+
+ return TSS_SUCCESS;
+ }
+
+ *pulWrappedCmdReturnCode = TSS_SUCCESS;
+
+ pVal1 = pVal2 = NULL;
+ switch (unWrappedCommandOrdinal) {
+ /* The commands below have 1 outgoing handle */
+ case TPM_ORD_LoadKey2:
+ pVal1 = &val1;
+ break;
+ default:
+ break;
+ }
+
+ result = tpm_rsp_parse(TPM_ORD_ExecuteTransport, &txBlob[wrappedOffset], paramSize,
+ pVal1, pVal2, ulWrappedCmdParamOutSize, rgbWrappedCmdParamOut,
+ pWrappedCmdAuth1, pWrappedCmdAuth2);
+
+ offset = 0;
+ switch (unWrappedCommandOrdinal) {
+ case TPM_ORD_LoadKey2:
+ {
+ TCS_KEY_HANDLE tcs_handle = NULL_TCS_HANDLE;
+
+ if ((result = load_key_final(hContext, handle1, &tcs_handle, NULL, val1)))
+ goto done;
+
+ *rghHandles[0] = tcs_handle;
+ *pulHandleListSize = 1;
+ break;
+ }
+ case TPM_ORD_DSAP:
+ case TPM_ORD_OSAP:
+ case TPM_ORD_OIAP:
+ {
+ UINT32 handle;
+
+ UnloadBlob_UINT32(&offset, &handle, *rgbWrappedCmdParamOut);
+ result = auth_mgr_add(hContext, handle);
+ break;
+ }
+ default:
+ break;
+ }
+
+done:
+ auth_mgr_release_auth(pWrappedCmdAuth1, pWrappedCmdAuth2, hContext);
+ return result;
+}
+
+TSS_RESULT
+TCSP_ReleaseTransportSigned_Internal(TCS_CONTEXT_HANDLE hContext,
+ TCS_KEY_HANDLE hSignatureKey,
+ TPM_NONCE* AntiReplayNonce,
+ TPM_AUTH* pKeyAuth, /* in, out */
+ TPM_AUTH* pTransAuth, /* in, out */
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ UINT32* pulCurrentTicksSize,
+ BYTE** prgbCurrentTicks,
+ UINT32* pulSignatureSize,
+ BYTE** prgbSignature)
+{
+ TSS_RESULT result;
+ UINT32 paramSize;
+ UINT64 offset;
+ TPM_KEY_HANDLE keySlot;
+ BYTE txBlob[TSS_TPM_TXBLOB_SIZE];
+
+ if ((result = ctx_verify_context(hContext)))
+ return result;
+
+ if (pKeyAuth) {
+ if ((result = auth_mgr_check(hContext, &pKeyAuth->AuthHandle)))
+ return result;
+ }
+
+ if ((result = ensureKeyIsLoaded(hContext, hSignatureKey, &keySlot)))
+ return result;
+
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(&offset, keySlot, NULL);
+ LoadBlob(&offset, sizeof(TPM_NONCE), NULL, (BYTE *)AntiReplayNonce);
+ if (pKeyAuth) {
+ LoadBlob_Auth(&offset, NULL, pKeyAuth);
+ LoadBlob_Auth(&offset, NULL, pTransAuth);
+ } else {
+ LoadBlob_Auth(&offset, NULL, pTransAuth);
+ }
+ if (offset > TSS_TPM_TXBLOB_SIZE) {
+ result = TCSERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ LoadBlob_UINT32(&offset, keySlot, txBlob);
+ LoadBlob(&offset, sizeof(TPM_NONCE), txBlob, (BYTE *)AntiReplayNonce);
+ if (pKeyAuth) {
+ LoadBlob_Auth(&offset, txBlob, pKeyAuth);
+ LoadBlob_Auth(&offset, txBlob, pTransAuth);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH2_COMMAND, offset, TPM_ORD_ReleaseTransportSigned,
+ txBlob);
+ } else {
+ LoadBlob_Auth(&offset, txBlob, pTransAuth);
+ LoadBlob_Header(TPM_TAG_RQU_AUTH1_COMMAND, offset, TPM_ORD_ReleaseTransportSigned,
+ txBlob);
+ }
+
+ if ((result = req_mgr_submit_req(txBlob)))
+ goto done;
+
+ if ((result = UnloadBlob_Header(txBlob, ¶mSize))) {
+ LogDebugFn("UnloadBlob_Header failed: rc=0x%x", result);
+ goto done;
+ }
+
+ /* unconditionally disable our accounting of the session */
+ ctx_set_transport_disabled(hContext, NULL);
+
+ offset = TSS_TPM_TXBLOB_HDR_LEN;
+ UnloadBlob_UINT32(&offset, pbLocality, txBlob);
+
+ *pulCurrentTicksSize = sizeof(TPM_STRUCTURE_TAG)
+ + sizeof(UINT64)
+ + sizeof(UINT16)
+ + sizeof(TPM_NONCE);
+
+ *prgbCurrentTicks = malloc(*pulCurrentTicksSize);
+ if (*prgbCurrentTicks == NULL) {
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ UnloadBlob(&offset, *pulCurrentTicksSize, txBlob, *prgbCurrentTicks);
+ UnloadBlob_UINT32(&offset, pulSignatureSize, txBlob);
+
+ *prgbSignature = malloc(*pulSignatureSize);
+ if (*prgbSignature == NULL) {
+ free(*prgbCurrentTicks);
+ result = TCSERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ UnloadBlob(&offset, *pulSignatureSize, txBlob, *prgbSignature);
+
+ if (pKeyAuth)
+ UnloadBlob_Auth(&offset, txBlob, pKeyAuth);
+ UnloadBlob_Auth(&offset, txBlob, pTransAuth);
+
+done:
+ auth_mgr_release_auth(pKeyAuth, NULL, hContext);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/platform.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/platform.c
new file mode 100644
index 0000000..a46cc34
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/platform.c
@@ -0,0 +1,135 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2005
+ *
+ */
+
+
+#if (defined (__FreeBSD__) || defined (__OpenBSD__))
+#include <sys/param.h>
+#include <sys/sysctl.h>
+#include <err.h>
+#elif (defined (__linux) || defined (linux) || defined(__GLIBC__))
+#include <utmp.h>
+#elif (defined (SOLARIS))
+#include <utmpx.h>
+#endif
+
+#include <sys/time.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcsps.h"
+#include "tcslog.h"
+
+
+#if (defined (__linux) || defined (linux) || defined(__GLIBC__))
+MUTEX_DECLARE_INIT(utmp_lock);
+
+char
+platform_get_runlevel()
+{
+ char runlevel;
+ struct utmp ut, save, *next = NULL;
+ struct timeval tv;
+ int flag = 0, counter = 0;
+
+ MUTEX_LOCK(utmp_lock);
+
+ memset(&ut, 0, sizeof(struct utmp));
+ memset(&save, 0, sizeof(struct utmp));
+ memset(&tv, 0, sizeof(struct timeval));
+
+ ut.ut_type = RUN_LVL;
+
+ setutent();
+ next = getutid(&ut);
+
+ while (next != NULL) {
+ if (next->ut_tv.tv_sec > tv.tv_sec) {
+ memcpy(&save, next, sizeof(*next));
+ flag = 1;
+ } else if (next->ut_tv.tv_sec == tv.tv_sec) {
+ if (next->ut_tv.tv_usec > tv.tv_usec) {
+ memcpy(&save, next, sizeof(*next));
+ flag = 1;
+ }
+ }
+
+ counter++;
+ next = getutid(&ut);
+ }
+
+ if (flag) {
+ //printf("prev_runlevel=%c, runlevel=%c\n", save.ut_pid / 256, save.ut_pid % 256);
+ runlevel = save.ut_pid % 256;
+ } else {
+ //printf("unknown\n");
+ runlevel = 'u';
+ }
+
+ MUTEX_UNLOCK(utmp_lock);
+
+ return runlevel;
+}
+#elif (defined (__FreeBSD__) || defined (__OpenBSD__))
+
+char
+platform_get_runlevel()
+{
+ int mib[2], rlevel = -1;
+ size_t len;
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_SECURELVL;
+
+ len = sizeof(rlevel);
+ if (sysctl(mib,2,&rlevel,&len, NULL,0) == -1) {
+ err(1,"Could not get runlevel");
+ return 'u';
+ }
+#if defined (__OpenBSD__)
+ if (rlevel == 0)
+#else
+ if (rlevel == -1)
+#endif
+ return 's';
+
+ return rlevel + '0';
+}
+#elif (defined (SOLARIS))
+
+MUTEX_DECLARE_INIT(utmp_lock);
+char
+platform_get_runlevel()
+{
+ char runlevel;
+ struct utmpx ut, *utp = NULL;
+
+ MUTEX_LOCK(utmp_lock);
+
+ memset(&ut, 0, sizeof(ut));
+ ut.ut_type = RUN_LVL;
+
+ setutxent();
+ utp = getutxid(&ut);
+ if (utp->ut_type == RUN_LVL &&
+ sscanf(utp->ut_line, "run-level %c", &runlevel) != 1)
+ runlevel = 'u';
+ endutxent();
+
+ MUTEX_UNLOCK(utmp_lock);
+
+ return runlevel;
+}
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/svrside.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/svrside.c
new file mode 100644
index 0000000..1b18b5f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/svrside.c
@@ -0,0 +1,673 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/resource.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <netdb.h>
+#include <pwd.h>
+#if (defined (__OpenBSD__) || defined (__FreeBSD__))
+#include <netinet/in.h>
+#endif
+#include <arpa/inet.h>
+#include <errno.h>
+#include <getopt.h>
+#include <sys/select.h>
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcs_int_literals.h"
+#include "capabilities.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsps.h"
+#include "tcsd.h"
+#include "req_mgr.h"
+
+#include "libhwsec-foundation/tpm_error/handle_auth_failure.h"
+#include "libhwsec-foundation/tpm_error/tpm_error_data.h"
+
+struct tcsd_config tcsd_options;
+struct tpm_properties tpm_metrics;
+static volatile int hup = 0, term = 0;
+extern char *optarg;
+char *tcsd_config_file = NULL;
+
+struct srv_sock_info {
+ int sd;
+ int domain; // AF_INET, AF_INET6, or AF_UNIX
+ socklen_t addr_len;
+};
+#define MAX_IP_PROTO 3
+#define INVALID_ADDR_STR "<Invalid client address>"
+
+static void close_server_socks(struct srv_sock_info *socks_info)
+{
+ int i, rv;
+
+ for (i=0; i < MAX_IP_PROTO; i++) {
+ if (socks_info[i].sd != -1) {
+ do {
+ rv = close(socks_info[i].sd);
+ if (rv == -1 && errno != EINTR) {
+ LogError("Error closing server socket descriptor - %s",
+ strerror(errno));
+ continue;
+ }
+ } while (rv == -1 && errno == EINTR);
+ }
+ }
+}
+
+static void
+tcsd_shutdown(struct srv_sock_info socks_info[])
+{
+ close_server_socks(socks_info);
+ /* order is important here:
+ * allow all threads to complete their current request */
+ tcsd_threads_final();
+ PS_close_disk_cache();
+ auth_mgr_final();
+ (void)req_mgr_final();
+ conf_file_final(&tcsd_options);
+ EVENT_LOG_final();
+}
+
+static void
+tcsd_signal_term(int signal)
+{
+ term = 1;
+}
+
+void
+tcsd_signal_hup(int signal)
+{
+ hup = 1;
+}
+
+static TSS_RESULT
+signals_init(void)
+{
+ int rc;
+ sigset_t sigmask;
+ struct sigaction sa;
+
+ sigemptyset(&sigmask);
+ if ((rc = sigaddset(&sigmask, SIGTERM))) {
+ LogError("sigaddset: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if ((rc = sigaddset(&sigmask, SIGHUP))) {
+ LogError("sigaddset: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if ((rc = THREAD_SET_SIGNAL_MASK(SIG_UNBLOCK, &sigmask, NULL))) {
+ LogError("Setting thread signal mask: %s", strerror(rc));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ sa.sa_flags = 0;
+ sigemptyset(&sa.sa_mask);
+ sa.sa_handler = tcsd_signal_term;
+ if ((rc = sigaction(SIGTERM, &sa, NULL))) {
+ LogError("signal SIGTERM not registered: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ sa.sa_handler = tcsd_signal_hup;
+ if ((rc = sigaction(SIGHUP, &sa, NULL))) {
+ LogError("signal SIGHUP not registered: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+static TSS_RESULT
+tcsd_startup(void)
+{
+ TSS_RESULT result;
+
+#ifdef TSS_DEBUG
+ /* Set stdout to be unbuffered to match stderr and interleave output correctly */
+ setvbuf(stdout, (char *)NULL, _IONBF, 0);
+#endif
+
+ if ((result = signals_init()))
+ return result;
+
+ if ((result = conf_file_init(&tcsd_options)))
+ return result;
+
+ if ((result = tcsd_threads_init())) {
+ conf_file_final(&tcsd_options);
+ return result;
+ }
+
+ if ((result = req_mgr_init())) {
+ conf_file_final(&tcsd_options);
+ return result;
+ }
+
+ if ((result = ps_dirs_init())) {
+ conf_file_final(&tcsd_options);
+ (void)req_mgr_final();
+ return result;
+ }
+
+ result = PS_init_disk_cache();
+ if (result != TSS_SUCCESS) {
+ conf_file_final(&tcsd_options);
+ (void)req_mgr_final();
+ return result;
+ }
+
+ if ((result = get_tpm_metrics(&tpm_metrics))) {
+ conf_file_final(&tcsd_options);
+ PS_close_disk_cache();
+ (void)req_mgr_final();
+ return result;
+ }
+
+ /* must happen after get_tpm_metrics() */
+ if ((result = auth_mgr_init())) {
+ conf_file_final(&tcsd_options);
+ PS_close_disk_cache();
+ (void)req_mgr_final();
+ return result;
+ }
+
+ result = EVENT_LOG_init();
+ if (result != TSS_SUCCESS) {
+ auth_mgr_final();
+ conf_file_final(&tcsd_options);
+ PS_close_disk_cache();
+ (void)req_mgr_final();
+ return result;
+ }
+
+ result = owner_evict_init();
+ if (result != TSS_SUCCESS) {
+ auth_mgr_final();
+ conf_file_final(&tcsd_options);
+ PS_close_disk_cache();
+ (void)req_mgr_final();
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+
+void
+usage(void)
+{
+ fprintf(stderr, "\tusage: tcsd [-f] [-e] [-c <config file> [-h]\n\n");
+ fprintf(stderr, "\t-f|--foreground\trun in the foreground. Logging goes to stderr "
+ "instead of syslog.\n");
+ fprintf(stderr, "\t-e| attempts to connect to software TPMs over TCP\n");
+ fprintf(stderr, "\t-c|--config\tpath to configuration file\n");
+ fprintf(stderr, "\t-h|--help\tdisplay this help message\n");
+ fprintf(stderr, "\n");
+}
+
+static TSS_RESULT
+reload_config(void)
+{
+ TSS_RESULT result;
+ hup = 0;
+
+ // FIXME: reload the config - work in progress
+ result = TSS_SUCCESS;
+
+ return result;
+}
+
+int setup_ipv4_socket(struct srv_sock_info ssi[])
+{
+ struct sockaddr_in serv_addr;
+ int sd, opt;
+
+ ssi->sd = -1;
+
+ // Initialization of IPv4 socket.
+ sd = socket(AF_INET, SOCK_STREAM, 0);
+ if (sd < 0) {
+ LogWarn("Failed IPv4 socket: %s", strerror(errno));
+ goto err;
+ }
+
+ memset(&serv_addr, 0, sizeof (serv_addr));
+ serv_addr.sin_family = AF_INET;
+ serv_addr.sin_port = htons(tcsd_options.port);
+
+ /* If no remote_ops are defined, restrict connections to localhost
+ * only at the socket. */
+ if (tcsd_options.remote_ops[0] == 0)
+ serv_addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+ else
+ serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+
+ opt = 1;
+ setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
+ if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) {
+ LogWarn("Failed IPv4 bind: %s", strerror(errno));
+ goto err;
+ }
+
+ if (listen(sd, TCSD_MAX_SOCKETS_QUEUED) < 0) {
+ LogWarn("Failed IPv4 listen: %s", strerror(errno));
+ goto err;
+ }
+
+ ssi->domain = AF_INET;
+ ssi->sd = sd;
+ ssi->addr_len = sizeof(serv_addr);
+
+ return 0;
+
+ err:
+ if (sd != -1)
+ close(sd);
+
+ return -1;
+}
+
+int setup_ipv6_socket(struct srv_sock_info *ssi)
+{
+ struct sockaddr_in6 serv6_addr;
+ int sd6, opt;
+
+ ssi->sd = -1;
+
+ sd6 = socket(AF_INET6, SOCK_STREAM, 0);
+ if (sd6 < 0) {
+ LogWarn("Failed IPv6 socket: %s", strerror(errno));
+ goto err;
+ }
+
+ memset(&serv6_addr, 0, sizeof (serv6_addr));
+ serv6_addr.sin6_family = AF_INET6;
+ serv6_addr.sin6_port = htons(tcsd_options.port);
+
+ /* If no remote_ops are defined, restrict connections to localhost
+ * only at the socket. */
+ if (tcsd_options.remote_ops[0] == 0)
+ serv6_addr.sin6_addr = in6addr_loopback;
+ else
+ serv6_addr.sin6_addr = in6addr_any;
+
+#ifdef __linux__
+ /* Linux, by default, allows one socket to be used by both IP stacks
+ * This option disables that behavior, so you must have one socket for
+ * each IP protocol. */
+ opt = 1;
+ if(setsockopt(sd6, IPPROTO_IPV6, IPV6_V6ONLY, &opt, sizeof(opt)) == -1) {
+ LogWarn("Could not set IPv6 socket option properly.\n");
+ goto err;
+ }
+#endif
+
+ opt = 1;
+ setsockopt(sd6, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
+ if (bind(sd6, (struct sockaddr *) &serv6_addr, sizeof (serv6_addr)) < 0) {
+ LogWarn("Failed IPv6 bind: %s", strerror(errno));
+ goto err;
+ }
+
+ if (listen(sd6, TCSD_MAX_SOCKETS_QUEUED) < 0) {
+ LogWarn("Failed IPv6 listen: %s", strerror(errno));
+ goto err;
+ }
+
+ ssi->domain = AF_INET6;
+ ssi->sd = sd6;
+ ssi->addr_len = sizeof(serv6_addr);
+
+ return 0;
+
+ err:
+ if (sd6 != -1)
+ close(sd6);
+
+ return -1;
+}
+
+int setup_unix_socket(struct srv_sock_info *ssi, struct passwd* pwd)
+{
+ struct sockaddr_un serv_addr;
+ int sd, opt;
+
+ ssi->sd = -1;
+ sd = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (sd < 0) {
+ LogWarn("Failed unix socket: %s", strerror(errno));
+ goto err;
+ }
+
+ memset(&serv_addr, 0, sizeof (serv_addr));
+ serv_addr.sun_family = AF_UNIX;
+ strcpy(serv_addr.sun_path, TCSD_UNIX_SOCKET);
+ unlink(serv_addr.sun_path);
+
+ opt = 1;
+ setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
+ if (bind(sd, (struct sockaddr *) &serv_addr, sizeof (serv_addr)) < 0) {
+ LogWarn("Failed unix bind: %s - %s", serv_addr.sun_path, strerror(errno));
+ goto err;
+ }
+
+ if (chmod(serv_addr.sun_path, 0660) < 0) {
+ LogWarn("Failed unix chmod: %s - %s", serv_addr.sun_path, strerror(errno));
+ goto err;
+ }
+
+ if (pwd && chown(serv_addr.sun_path, pwd->pw_uid, pwd->pw_gid) < 0) {
+ LogWarn("Failed unix chown: %s - %s", serv_addr.sun_path, strerror(errno));
+ goto err;
+ }
+
+ if (listen(sd, TCSD_MAX_SOCKETS_QUEUED) < 0) {
+ LogWarn("Failed unix listen: %s - %s", serv_addr.sun_path, strerror(errno));
+ goto err;
+ }
+ ssi->domain = AF_UNIX;
+ ssi->sd = sd;
+ ssi->addr_len = sizeof(serv_addr);
+
+ return 0;
+
+ err:
+ if (sd != -1)
+ close(sd);
+
+ return -1;
+}
+
+int setup_server_sockets(struct srv_sock_info ssi[], struct passwd* pwd)
+{
+ int i;
+
+ for (i=0; i < MAX_IP_PROTO; i++) {
+ ssi[i].sd = -1;
+ }
+
+ i = 0;
+ // Only enqueue sockets successfully bound or that weren't disabled.
+ if (tcsd_options.disable_ipv4) {
+ LogWarn("IPv4 support disabled by configuration option");
+ } else {
+ if (setup_ipv4_socket(&ssi[i]) == 0)
+ i++;
+ }
+
+ if (tcsd_options.disable_ipv6) {
+ LogWarn("IPv6 support disabled by configuration option");
+ } else {
+ if (setup_ipv6_socket(&ssi[i]) == 0)
+ i++;
+ }
+
+ if (tcsd_options.disable_unix) {
+ LogWarn("Unix support disabled by configuration option");
+ } else {
+ if (setup_unix_socket(&ssi[i], pwd) == 0)
+ i++;
+ }
+
+ // It's only a failure if all sockets are unavailable.
+ for (i=0; i < MAX_IP_PROTO; i++) {
+ if (ssi[i].sd != -1)
+ return 0;
+ }
+
+ return -1;
+}
+
+char *fetch_hostname(struct sockaddr_storage *client_addr, socklen_t socklen)
+{
+ char buf[NI_MAXHOST];
+
+ if (client_addr->ss_family == AF_UNIX)
+ return strdup("localhost");
+ if (getnameinfo((struct sockaddr *)client_addr, socklen, buf,
+ sizeof(buf), NULL, 0, 0) != 0) {
+ LogWarn("Could not retrieve client address info");
+ return NULL;
+ } else {
+ return strdup(buf);
+ }
+}
+
+void prepare_for_select(struct srv_sock_info *socks_info, int *num_fds,
+ fd_set *rdfd_set, int *nfds)
+{
+ int i;
+
+ FD_ZERO(rdfd_set);
+ *num_fds = 0;
+ *nfds = 0;
+ // Filter out socket descriptors in the queue that
+ // has the -1 value.
+ for (i=0; i < MAX_IP_PROTO; i++) {
+ if (socks_info[i].sd == -1)
+ break;
+
+ FD_SET(socks_info[i].sd, rdfd_set);
+ (*num_fds)++;
+ if (*nfds < socks_info[i].sd) // grab highest sd for select call
+ *nfds = socks_info[i].sd;
+ }
+}
+
+void setupAuthFailureLogging() {
+ const char current_path[] = "/var/log/tcsd/auth_failure.log";
+ const char previous_path[] = "/var/log/tcsd/auth_failure.previous";
+ const char permanent_path[] = "/var/log/tcsd/auth_failure.permanent";
+ // Check if there is log in |current_path| and move the log to
+ // |previous_path|.
+ size_t auth_failure_hash = 0;
+ if (CheckAuthFailureHistory(current_path, previous_path,
+ &auth_failure_hash)) {
+ LogWarn("Found auth failure in the last life cycle. (0x%x)",
+ auth_failure_hash);
+ } else {
+ char error_msg[256];
+ if (FetchAuthFailureError(error_msg, sizeof(error_msg))) {
+ LogError("error checking AuthFailure history: %s",
+ error_msg);
+ }
+ }
+ // Set the log file path to |current_path| and |permanent_path|.
+ InitializeAuthFailureLogging(current_path, permanent_path);
+}
+
+int
+main(int argc, char **argv)
+{
+ TSS_RESULT result;
+ int newsd, c, rv, option_index = 0;
+ int i;
+ socklen_t client_len;
+ char *hostname = NULL;
+ fd_set rdfd_set;
+ int num_fds = 0;
+ int nfds = 0;
+ int stor_errno;
+ sigset_t sigmask, termmask, oldsigmask;
+ struct sockaddr_storage client_addr;
+ struct srv_sock_info socks_info[MAX_IP_PROTO];
+ struct passwd *pwd = NULL;
+ struct option long_options[] = {
+ {"help", 0, NULL, 'h'},
+ {"foreground", 0, NULL, 'f'},
+ {"config", 1, NULL, 'c'},
+ {0, 0, 0, 0}
+ };
+
+ unsetenv("TCSD_USE_TCP_DEVICE");
+ while ((c = getopt_long(argc, argv, "fhec:", long_options, &option_index)) != -1) {
+ switch (c) {
+ case 'f':
+ setenv("TCSD_FOREGROUND", "1", 1);
+ break;
+ case 'c':
+ tcsd_config_file = optarg;
+ break;
+ case 'e':
+ setenv("TCSD_USE_TCP_DEVICE", "1", 1);
+ break;
+ case 'h':
+ /* fall through */
+ default:
+ usage();
+ return -1;
+ break;
+ }
+ }
+
+ if (!tcsd_config_file)
+ tcsd_config_file = TCSD_DEFAULT_CONFIG_FILE;
+
+ if ((result = tcsd_startup()))
+ return (int)result;
+
+#ifdef NOUSERCHECK
+ LogWarn("will not switch user or check for file permissions. "
+ "(Compiled with --disable-usercheck)");
+#else
+#ifndef SOLARIS
+ pwd = getpwnam(TSS_USER_NAME);
+ if (pwd == NULL) {
+ if (errno == 0) {
+ LogError("User \"%s\" not found, please add this user"
+ " manually.", TSS_USER_NAME);
+ } else {
+ LogError("getpwnam(%s): %s", TSS_USER_NAME, strerror(errno));
+ }
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+#endif
+#endif
+
+ if (pwd && (setgid(pwd->pw_gid) == -1)) {
+ LogError("setgid: %s", strerror(errno));
+ return -1;
+ }
+
+ if (pwd && (setuid(pwd->pw_uid) == -1)) {
+ LogError("setuid: %s", strerror(errno));
+ return -1;
+ }
+
+ if (setup_server_sockets(socks_info, pwd) == -1) {
+ LogError("Could not create sockets to listen to connections. Aborting...");
+ return -1;
+ }
+
+ if (getenv("TCSD_FOREGROUND") == NULL) {
+ if (daemon(0, 0) == -1) {
+ perror("daemon");
+ tcsd_shutdown(socks_info);
+ return -1;
+ }
+ }
+
+ LogInfo("%s: TCSD up and running.", PACKAGE_STRING);
+
+ sigemptyset(&sigmask);
+ sigaddset(&sigmask, SIGTERM);
+ sigaddset(&sigmask, SIGHUP);
+
+ sigemptyset(&termmask);
+ sigaddset(&termmask, SIGTERM);
+
+ setupAuthFailureLogging();
+
+ do {
+ prepare_for_select(socks_info, &num_fds, &rdfd_set, &nfds);
+ // Sanity check
+ if (num_fds == 0) {
+ LogError("No server sockets available to listen connections. Aborting...");
+ return -1;
+ }
+
+ // Block TERM and HUP signals to prevent race condition
+ if (sigprocmask(SIG_BLOCK, &sigmask, &oldsigmask) == -1) {
+ LogError("Error setting interrupt mask before accept");
+ }
+
+ // TERM and HUP are blocked here, so its safe to test flags.
+ if (hup) {
+ // Config reading can be slow, so unmask SIGTERM.
+ if (sigprocmask(SIG_UNBLOCK, &termmask, NULL) == -1) {
+ LogError("Error unblocking SIGTERM before config reload");
+ }
+ if (reload_config() != TSS_SUCCESS)
+ LogError("Failed reloading config");
+ if (sigprocmask(SIG_BLOCK, &termmask, NULL) == -1) {
+ LogError("Error blocking SIGTERM after config reload");
+ }
+ }
+ if (term)
+ break;
+
+ // Select IPv4 and IPv6 socket descriptors with appropriate sigmask.
+ LogDebug("Waiting for connections");
+ rv = pselect(nfds+1, &rdfd_set, NULL, NULL, NULL, &oldsigmask);
+ stor_errno = errno; // original mask must be set ASAP, so store errno.
+ if (sigprocmask(SIG_SETMASK, &oldsigmask, NULL) == -1) {
+ LogError("Error reseting signal mask to the original configuration.");
+ }
+ if (rv == -1) {
+ if (stor_errno != EINTR) {
+ LogError("Error monitoring server socket descriptors.");
+ return -1;
+ }
+ continue;
+ }
+
+ for (i=0; i < num_fds; i++) { // accept connections from all IP versions (with valid sd)
+ if (!FD_ISSET(socks_info[i].sd, &rdfd_set)) {
+ continue;
+ }
+ client_len = socks_info[i].addr_len;
+ newsd = accept(socks_info[i].sd, (struct sockaddr *) &client_addr, &client_len);
+ if (newsd < 0) {
+ if (errno != EINTR)
+ LogError("Failed accept: %s", strerror(errno));
+ continue;
+ }
+ LogDebug("accepted socket %i", newsd);
+
+ hostname = fetch_hostname(&client_addr, client_len);
+ if (hostname == NULL)
+ hostname=INVALID_ADDR_STR;
+
+ tcsd_thread_create(newsd, hostname);
+ hostname = NULL;
+ } // for (i=0; i < MAX_IP_PROTO; i++)
+ } while (term ==0);
+
+ /* To close correctly, we must receive a SIGTERM */
+ tcsd_shutdown(socks_info);
+ return 0;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/tcsd_conf.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/tcsd_conf.c
new file mode 100644
index 0000000..01fd178
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/tcsd_conf.c
@@ -0,0 +1,913 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdio.h>
+#include <pwd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <ctype.h>
+#include <string.h>
+#include <strings.h>
+#include <errno.h>
+#include <grp.h>
+#include <stdlib.h>
+
+#ifdef SOLARIS
+#include <libscf.h>
+#endif
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcsps.h"
+#include "tcslog.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcsd_ops.h"
+
+
+struct tcsd_config_options options_list[] = {
+ {"port", opt_port},
+ {"num_threads", opt_max_threads},
+ {"system_ps_file", opt_system_ps_file},
+ {"firmware_log_file", opt_firmware_log},
+ {"firmware_pcrs", opt_firmware_pcrs},
+ {"kernel_log_file", opt_kernel_log},
+ {"kernel_pcrs", opt_kernel_pcrs},
+ {"platform_cred", opt_platform_cred},
+ {"conformance_cred", opt_conformance_cred},
+ {"endorsement_cred", opt_endorsement_cred},
+ {"remote_ops", opt_remote_ops},
+ {"enforce_exclusive_transport", opt_exclusive_transport},
+ {"host_platform_class", opt_host_platform_class},
+ {"all_platform_classes", opt_all_platform_classes},
+ {"disable_ipv4", opt_disable_ipv4},
+ {"disable_ipv6", opt_disable_ipv6},
+ {"disable_unix", opt_disable_unix},
+ {NULL, 0}
+};
+
+struct tcg_platform_spec tcg_platform_specs[] = {
+ {"PC_11", TPM_PS_PC_11, TPM_PS_PC_11_URI},
+ {"PC_12", TPM_PS_PC_12, TPM_PS_PC_12_URI},
+ {"PDA_12", TPM_PS_PDA_12, TPM_PS_PDA_12_URI},
+ {"SERVER_12", TPM_PS_Server_12, TPM_PS_Server_12_URI},
+ {"MOBILE_12", TPM_PS_Mobile_12, TPM_PS_Mobile_12_URI},
+ {NULL, 0, 0}
+};
+
+
+void
+init_tcsd_config(struct tcsd_config *conf)
+{
+ conf->port = -1;
+ conf->num_threads = -1;
+ conf->system_ps_file = NULL;
+ conf->system_ps_dir = NULL;
+ conf->firmware_log_file = NULL;
+ conf->firmware_pcrs = 0;
+ conf->kernel_log_file = NULL;
+ conf->kernel_pcrs = 0;
+ conf->platform_cred = NULL;
+ conf->conformance_cred = NULL;
+ conf->endorsement_cred = NULL;
+ memset(conf->remote_ops, 0, sizeof(conf->remote_ops));
+ conf->unset = 0xffffffff;
+ conf->exclusive_transport = 0;
+ conf->host_platform_class = NULL;
+ conf->all_platform_classes = NULL;
+ conf->disable_ipv4 = 1;
+ conf->disable_ipv6 = 1;
+ conf->disable_unix = 0;
+}
+
+TSS_RESULT
+platform_class_list_append(struct tcsd_config *conf, char *specName, TSS_BOOL is_main)
+{
+ int i;
+ struct platform_class *tmp, *new_class;
+
+ LogDebugFn("platform_class_list_append start:");
+ for (i = 0; tcg_platform_specs[i].name; i++) {
+ if (!strncasecmp(specName, tcg_platform_specs[i].name,
+ strlen(tcg_platform_specs[i].name))) {
+ /* Allocate the new structure */
+ new_class = malloc(sizeof(struct platform_class));
+ if (new_class == NULL) {
+ LogError("malloc of %zd bytes failed",
+ sizeof(struct platform_class));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ new_class->simpleID = tcg_platform_specs[i].specNo;
+ new_class->classURISize = strlen(tcg_platform_specs[i].specURI) + 1;
+ new_class->classURI = malloc(new_class->classURISize);
+ if (new_class->classURI == NULL) {
+ LogError("malloc of %u bytes failed", new_class->classURISize);
+ free(new_class);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ memcpy(new_class->classURI, tcg_platform_specs[i].specURI,
+ new_class->classURISize);
+
+ /* Append to the start of the list */
+ if (is_main) {
+ tmp = conf->host_platform_class;
+ conf->host_platform_class = new_class;
+ } else {
+ tmp = conf->all_platform_classes;
+ conf->all_platform_classes = new_class;
+ }
+ new_class->next = tmp;
+
+ LogDebugFn("Platform Class Added.");
+ return TSS_SUCCESS;
+ }
+ }
+
+ LogError("TCG Specification not supported: \"%s\"", specName);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+}
+
+void
+config_set_defaults(struct tcsd_config *conf)
+{
+ /* give all unset options their default values */
+ if (conf->unset & TCSD_OPTION_PORT)
+ conf->port = TCSD_DEFAULT_PORT;
+
+ if (conf->unset & TCSD_OPTION_MAX_THREADS)
+ conf->num_threads = TCSD_DEFAULT_MAX_THREADS;
+
+ if (conf->unset & TCSD_OPTION_FIRMWARE_PCRS)
+ conf->firmware_pcrs = TCSD_DEFAULT_FIRMWARE_PCRS;
+
+ if (conf->unset & TCSD_OPTION_KERNEL_PCRS)
+ conf->kernel_pcrs = TCSD_DEFAULT_KERNEL_PCRS;
+
+ /* these are strdup'd so we know we can free them at shutdown time */
+ if (conf->unset & TCSD_OPTION_SYSTEM_PSFILE) {
+ conf->system_ps_file = strdup(TCSD_DEFAULT_SYSTEM_PS_FILE);
+ conf->system_ps_dir = strdup(TCSD_DEFAULT_SYSTEM_PS_DIR);
+ }
+
+ if (conf->unset & TCSD_OPTION_FIRMWARE_LOGFILE)
+ conf->firmware_log_file = strdup(TCSD_DEFAULT_FIRMWARE_LOG_FILE);
+
+ if (conf->unset & TCSD_OPTION_KERNEL_LOGFILE)
+ conf->kernel_log_file = strdup(TCSD_DEFAULT_KERNEL_LOG_FILE);
+
+ if (conf->unset & TCSD_OPTION_HOST_PLATFORM_CLASS)
+ platform_class_list_append(conf, "PC_12", TRUE);
+
+ if (conf->unset & TCSD_OPTION_DISABLE_IPV4)
+ conf->disable_ipv4 = TCSD_DEFAULT_DISABLE_IPV4;
+
+ if (conf->unset & TCSD_OPTION_DISABLE_IPV6)
+ conf->disable_ipv6 = TCSD_DEFAULT_DISABLE_IPV6;
+
+ if (conf->unset & TCSD_OPTION_DISABLE_UNIX)
+ conf->disable_unix = TCSD_DEFAULT_DISABLE_UNIX;
+}
+
+int
+get_config_option(char *ptr, char **arg)
+{
+ int i;
+
+ for (i = 0; options_list[i].name; i++) {
+ if (!strncasecmp(ptr, options_list[i].name, strlen(options_list[i].name))) {
+ /* move ptr past our recognized token */
+ ptr += strlen(options_list[i].name);
+
+ /* try to move ptr to the start of the option's argument */
+ while (*ptr == '=' || *ptr == ' ' || *ptr == '\t')
+ ptr++;
+
+ *arg = ptr;
+ return options_list[i].option;
+ }
+ }
+ /* on error we'll print the whole line to the log */
+ *arg = ptr;
+ return 0;
+}
+
+/* copy a file path from a string into a newly malloc'd string */
+int
+get_file_path(char *ptr, char **dest)
+{
+ char tmp_buf[1024];
+ int i = 0;
+
+ while (isalpha(*ptr) || isdigit(*ptr) ||
+ *ptr == '/' || *ptr == '.' || *ptr == '#' || *ptr == '_' || *ptr == '-')
+ {
+ tmp_buf[i] = *ptr;
+ ptr++;
+ i++;
+ }
+
+ /* move through whitespace after the path */
+ while (*ptr == ' ' || *ptr == '\t')
+ ptr++;
+
+ /* if we're not at a comment or EOL, there's junk */
+ if (*ptr != '#' && *ptr != '\n') {
+ *dest = ptr;
+ return 1;
+ }
+
+ /* too short a path */
+ if (i == 0)
+ return -1;
+
+ tmp_buf[i] = '\0';
+ *dest = strdup(tmp_buf);
+ if (*dest == NULL) {
+ LogError("malloc of %zd bytes failed", strlen(tmp_buf));
+ }
+
+ return 0;
+}
+
+/* add an op ordinal, checking for duplicates along the way */
+void
+tcsd_add_op(int *remote_ops, int *op)
+{
+ int i = 0, j;
+
+ while (op[i] != 0) {
+ j = 0;
+ while (remote_ops[j] != 0) {
+ if (remote_ops[j] == op[i]) {
+ break;
+ }
+ j++;
+ }
+ remote_ops[j] = op[i];
+ i++;
+ }
+}
+
+int
+tcsd_set_remote_op(struct tcsd_config *conf, char *op_name)
+{
+ int i = 0;
+
+ while(tcsd_ops[i]) {
+ if (!strcasecmp(tcsd_ops[i]->name, op_name)) {
+ /* match found */
+ tcsd_add_op(conf->remote_ops, tcsd_ops[i]->op);
+ return 0;
+ }
+ i++;
+ }
+
+ /* fail, op not found */
+ return 1;
+}
+
+TSS_RESULT
+read_conf_line(char *buf, int line_num, struct tcsd_config *conf)
+{
+ char *ptr = buf, *tmp_ptr = NULL, *arg, *comma;
+ int option, tmp_int;
+ TSS_RESULT result;
+
+ if (ptr == NULL || *ptr == '\0' || *ptr == '#' || *ptr == '\n')
+ return TSS_SUCCESS;
+
+ /* read through whitespace */
+ while (*ptr == ' ' || *ptr == '\t')
+ ptr++;
+
+ /* ignore comments */
+ if (*ptr == '#')
+ return TSS_SUCCESS;
+
+ option = get_config_option(ptr, &arg);
+
+ switch (option) {
+ case opt_port:
+ tmp_int = atoi(arg);
+ if (tmp_int < 0 || tmp_int > 65535) {
+ LogError("Config option \"port\" out of range. %s:%d: \"%d\"",
+ tcsd_config_file, line_num, tmp_int);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ conf->port = tmp_int;
+ conf->unset &= ~TCSD_OPTION_PORT;
+ }
+ break;
+ case opt_max_threads:
+ tmp_int = atoi(arg);
+ if (tmp_int <= 0) {
+ LogError("Config option \"num_threads\" out of range. %s:%d: \"%d\"",
+ tcsd_config_file, line_num, tmp_int);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ conf->num_threads = tmp_int;
+ conf->unset &= ~TCSD_OPTION_MAX_THREADS;
+ }
+ break;
+ case opt_firmware_pcrs:
+ conf->unset &= ~TCSD_OPTION_FIRMWARE_PCRS;
+ while (1) {
+ comma = rindex(arg, ',');
+
+ if (comma == NULL) {
+ if (!isdigit(*arg))
+ break;
+
+ comma = arg;
+ tmp_int = atoi(comma);
+ if (tmp_int >= 0 && tmp_int < TCSD_MAX_PCRS)
+ conf->firmware_pcrs |= (1 << tmp_int);
+ else
+ LogError("Config option \"firmware_pcrs\" is out of range."
+ "%s:%d: \"%d\"", tcsd_config_file, line_num,
+ tmp_int);
+ break;
+ }
+
+ *comma++ = '\0';
+ tmp_int = atoi(comma);
+ if (tmp_int >= 0 && tmp_int < TCSD_MAX_PCRS)
+ conf->firmware_pcrs |= (1 << tmp_int);
+ else
+ LogError("Config option \"firmware_pcrs\" is out of range. "
+ "%s:%d: \"%d\"", tcsd_config_file, line_num, tmp_int);
+ }
+ break;
+ case opt_kernel_pcrs:
+ conf->unset &= ~TCSD_OPTION_KERNEL_PCRS;
+ while (1) {
+ comma = rindex(arg, ',');
+
+ if (comma == NULL) {
+ if (!isdigit(*arg))
+ break;
+
+ comma = arg;
+ tmp_int = atoi(comma);
+ if (tmp_int >= 0 && tmp_int < TCSD_MAX_PCRS)
+ conf->kernel_pcrs |= (1 << tmp_int);
+ else
+ LogError("Config option \"kernel_pcrs\" is out of range. "
+ "%s:%d: \"%d\"", tcsd_config_file, line_num,
+ tmp_int);
+ break;
+ }
+
+ *comma++ = '\0';
+ tmp_int = atoi(comma);
+ if (tmp_int >= 0 && tmp_int < TCSD_MAX_PCRS)
+ conf->kernel_pcrs |= (1 << tmp_int);
+ else
+ LogError("Config option \"kernel_pcrs\" is out of range. "
+ "%s:%d: \"%d\"", tcsd_config_file, line_num, tmp_int);
+ }
+ break;
+ case opt_system_ps_file:
+ if (*arg != '/') {
+ LogError("Config option \"system_ps_dir\" must be an absolute path name. "
+ "%s:%d: \"%s\"", tcsd_config_file, line_num, arg);
+ } else {
+ char *dir_ptr;
+ int rc;
+
+ if ((rc = get_file_path(arg, &tmp_ptr)) < 0) {
+ LogError("Config option \"system_ps_file\" is invalid."
+ " %s:%d: \"%s\"", tcsd_config_file, line_num, arg);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if (rc > 0) {
+ LogError("Config option \"system_ps_file\" is invalid. %s:%d:"
+ " \"%s\"", tcsd_config_file, line_num, tmp_ptr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (tmp_ptr == NULL)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ if (conf->system_ps_file)
+ free(conf->system_ps_file);
+ if (conf->system_ps_dir)
+ free(conf->system_ps_dir);
+
+ /* break out the system ps directory from the file path */
+ dir_ptr = rindex(tmp_ptr, '/');
+ *dir_ptr = '\0';
+ if (strlen(tmp_ptr) == 0)
+ conf->system_ps_dir = strdup("/");
+ else
+ conf->system_ps_dir = strdup(tmp_ptr);
+
+ if (conf->system_ps_dir == NULL) {
+ LogError("malloc failed.");
+ free(tmp_ptr);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ *dir_ptr = '/';
+ conf->system_ps_file = tmp_ptr;
+ conf->unset &= ~TCSD_OPTION_SYSTEM_PSFILE;
+ }
+ break;
+ case opt_kernel_log:
+ if (*arg != '/') {
+ LogError("Config option \"kernel_log\" must be an absolute path name."
+ " %s:%d: \"%s\"", tcsd_config_file, line_num, arg);
+ } else {
+ int rc;
+
+ if ((rc = get_file_path(arg, &tmp_ptr)) < 0) {
+ LogError("Config option \"kernel_log\" is invalid. %s:%d: \"%s\"",
+ tcsd_config_file, line_num, arg);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if (rc > 0) {
+ LogError("Config option \"kernel_log\" is invalid. %s:%d: \"%s\"",
+ tcsd_config_file, line_num, tmp_ptr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (tmp_ptr == NULL)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ if (conf->kernel_log_file)
+ free(conf->kernel_log_file);
+
+ conf->kernel_log_file = tmp_ptr;
+ conf->unset &= ~TCSD_OPTION_KERNEL_LOGFILE;
+ }
+ break;
+ case opt_firmware_log:
+ if (*arg != '/') {
+ LogError("Config option \"firmware_log\" must be an absolute path name."
+ " %s:%d: \"%s\"", tcsd_config_file, line_num, arg);
+ } else {
+ int rc;
+
+ if ((rc = get_file_path(arg, &tmp_ptr)) < 0) {
+ LogError("Config option \"firmware_log\" is invalid. %s:%d: \"%s\"",
+ tcsd_config_file, line_num, arg);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if (rc > 0) {
+ LogError("Config option \"firmware_log\" is invalid. %s:%d: \"%s\"",
+ tcsd_config_file, line_num, tmp_ptr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (tmp_ptr == NULL)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ if (conf->firmware_log_file)
+ free(conf->firmware_log_file);
+
+ conf->firmware_log_file = tmp_ptr;
+ conf->unset &= ~TCSD_OPTION_FIRMWARE_LOGFILE;
+ }
+ break;
+ case opt_platform_cred:
+ if (*arg != '/') {
+ LogError("Config option \"platform_cred\" must be an absolute path name. "
+ "%s:%d: \"%s\"", tcsd_config_file, line_num, arg);
+ } else {
+ int rc;
+
+ if ((rc = get_file_path(arg, &tmp_ptr)) < 0) {
+ LogError("Config option \"platform_cred\" is invalid. %s:%d: "
+ "\"%s\"", tcsd_config_file, line_num, arg);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if (rc > 0) {
+ LogError("Config option \"platform_cred\" is invalid. %s:%d: "
+ "\"%s\"", tcsd_config_file, line_num, tmp_ptr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (tmp_ptr == NULL)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ if (conf->platform_cred)
+ free(conf->platform_cred);
+
+ conf->platform_cred = tmp_ptr;
+ conf->unset &= ~TCSD_OPTION_PLATFORM_CRED;
+ }
+ break;
+ case opt_conformance_cred:
+ if (*arg != '/') {
+ LogError("Config option \"conformance_cred\" must be an absolute path name."
+ " %s:%d: \"%s\"", tcsd_config_file, line_num, arg);
+ } else {
+ int rc;
+
+ if ((rc = get_file_path(arg, &tmp_ptr)) < 0) {
+ LogError("Config option \"conformance_cred\" is invalid. %s:%d: "
+ "\"%s\"", tcsd_config_file, line_num, arg);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if (rc > 0) {
+ LogError("Config option \"conformance_cred\" is invalid. %s:%d: "
+ "\"%s\"", tcsd_config_file, line_num, tmp_ptr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (tmp_ptr == NULL)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ if (conf->conformance_cred)
+ free(conf->conformance_cred);
+
+ conf->conformance_cred = tmp_ptr;
+ conf->unset &= ~TCSD_OPTION_CONFORMANCE_CRED;
+ }
+ break;
+ case opt_endorsement_cred:
+ if (*arg != '/') {
+ LogError("Config option \"endorsement_cred\" must be an absolute path name."
+ " %s:%d: \"%s\"", tcsd_config_file, line_num, arg);
+ } else {
+ int rc;
+
+ if ((rc = get_file_path(arg, &tmp_ptr)) < 0) {
+ LogError("Config option \"endorsement_cred\" is invalid. %s:%d: "
+ "\"%s\"", tcsd_config_file, line_num, arg);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if (rc > 0) {
+ LogError("Config option \"endorsement_cred\" is invalid. %s:%d: "
+ "\"%s\"", tcsd_config_file, line_num, tmp_ptr);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (tmp_ptr == NULL)
+ return TCSERR(TSS_E_OUTOFMEMORY);
+
+ if (conf->endorsement_cred)
+ free(conf->endorsement_cred);
+
+ conf->endorsement_cred = tmp_ptr;
+ conf->unset &= ~TCSD_OPTION_ENDORSEMENT_CRED;
+ }
+ break;
+ case opt_remote_ops:
+ conf->unset &= ~TCSD_OPTION_REMOTE_OPS;
+ comma = rindex(arg, '\n');
+ *comma = '\0';
+ while (1) {
+ comma = rindex(arg, ',');
+
+ if (comma == NULL) {
+ comma = arg;
+
+ if (comma != NULL) {
+ if (tcsd_set_remote_op(conf, comma)) {
+ LogError("Config option \"remote_ops\" is invalid. "
+ "%s:%d: \"%s\"", tcsd_config_file,
+ line_num, comma);
+ }
+ }
+ break;
+ }
+
+ *comma++ = '\0';
+ if (tcsd_set_remote_op(conf, comma)) {
+ LogError("Config option \"remote_ops\" is invalid. "
+ "%s:%d: \"%s\"", tcsd_config_file, line_num, comma);
+ }
+ }
+ break;
+ case opt_exclusive_transport:
+ tmp_int = atoi(arg);
+ if (tmp_int < 0 || tmp_int > 1) {
+ LogError("Config option \"enforce_exclusive_transport\" out of range."
+ " %s:%d: \"%d\"", tcsd_config_file, line_num, tmp_int);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ conf->exclusive_transport = tmp_int;
+ conf->unset &= ~TCSD_OPTION_EXCLUSIVE_TRANSPORT;
+ }
+ break;
+ case opt_host_platform_class:
+ /* append the host class on the list */
+ conf->unset &= ~TCSD_OPTION_HOST_PLATFORM_CLASS;
+ comma = rindex(arg,'\n');
+ *comma = '\0';
+
+ comma = rindex(arg,',');
+ /* At least one comma: error - more than one host class defined */
+ if (comma != NULL) {
+ LogError("Config option \"host_platform_class\" error: more than one "
+ "defined. %s:%d: \"%s\"", tcsd_config_file, line_num, comma);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ comma = arg;
+ /* Add the platform class on the list */
+ if ((result = platform_class_list_append(conf, comma, TRUE))){
+ LogError("Config option \"host_platform_class\" invalid. "
+ "%s:%d: \"%s\"", tcsd_config_file, line_num, comma);
+ return result;
+ }
+ }
+ break;
+ case opt_all_platform_classes:
+ /* append each of the comma separated values on the list */
+ comma = rindex(arg, '\n');
+ *comma = '\0';
+ while (1) {
+ comma = rindex(arg, ',');
+
+ if (comma == NULL) {
+ comma = arg;
+
+ if (comma != NULL) {
+ /* Add the platform class on the list */
+ if ((result = platform_class_list_append(conf, comma,
+ FALSE))) {
+ LogError("Config option \"all_platform_class\" "
+ "invalid. %s:%d: \"%s\"", tcsd_config_file,
+ line_num, comma);
+ return result;
+ }
+ }
+ break;
+ }
+ *comma++ = '\0';
+ /* Add the platform class on the list */
+ if ((result = platform_class_list_append(conf, comma, FALSE))) {
+ LogError("Config option \"all_platform_class\" invalid. "
+ "%s:%d: \"%s\"", tcsd_config_file, line_num, comma);
+ return result;
+ }
+ }
+ break;
+ case opt_disable_ipv4:
+ tmp_int = atoi(arg);
+ if (tmp_int < 0 || tmp_int > 1) {
+ LogError("Config option \"disable_ipv4\" out of range."
+ " %s:%d: \"%d\"", tcsd_config_file, line_num, tmp_int);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ conf->disable_ipv4 = tmp_int;
+ conf->unset &= ~TCSD_OPTION_DISABLE_IPV4;
+ }
+
+ break;
+ case opt_disable_ipv6:
+ tmp_int = atoi(arg);
+ if (tmp_int < 0 || tmp_int > 1) {
+ LogError("Config option \"disable_ipv6\" out of range."
+ " %s:%d: \"%d\"", tcsd_config_file, line_num, tmp_int);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ conf->disable_ipv6 = tmp_int;
+ conf->unset &= ~TCSD_OPTION_DISABLE_IPV6;
+ }
+ break;
+ case opt_disable_unix:
+ tmp_int = atoi(arg);
+ if (tmp_int < 0 || tmp_int > 1) {
+ LogError("Config option \"disable_unix\" out of range."
+ " %s:%d: \"%d\"", tcsd_config_file, line_num, tmp_int);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ conf->disable_unix = tmp_int;
+ conf->unset &= ~TCSD_OPTION_DISABLE_UNIX;
+ }
+ break;
+ default:
+ /* bail out on any unknown option */
+ LogError("Unknown config option %s:%d \"%s\"!", tcsd_config_file, line_num, arg);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+read_conf_file(FILE *f, struct tcsd_config *conf)
+{
+ int line_num = 0;
+ char buf[1024];
+
+ while (fgets(buf, 1024, f)) {
+ line_num++;
+ if (read_conf_line(buf, line_num, conf))
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+free_platform_lists(struct platform_class *list)
+{
+ struct platform_class *tmp;
+
+ while (list != NULL){
+ if (list->classURISize > 0)
+ free(list->classURI);
+ tmp = list->next;
+ free(list);
+ list = tmp;
+ }
+}
+
+void
+conf_file_final(struct tcsd_config *conf)
+{
+ free(conf->system_ps_file);
+ free(conf->system_ps_dir);
+ free(conf->kernel_log_file);
+ free(conf->firmware_log_file);
+ free(conf->platform_cred);
+ free(conf->conformance_cred);
+ free(conf->endorsement_cred);
+ free_platform_lists(conf->host_platform_class);
+ free_platform_lists(conf->all_platform_classes);
+}
+
+#ifdef SOLARIS
+static int
+get_smf_prop(const char *var, boolean_t def_val)
+{
+ scf_simple_prop_t *prop;
+ uint8_t *val;
+ boolean_t res = def_val;
+ prop = scf_simple_prop_get(NULL, "svc:/application/security/tcsd:default",
+ "config", var);
+ if (prop) {
+ if ((val = scf_simple_prop_next_boolean(prop)) != NULL)
+ res = (*val == 0) ? B_FALSE : B_TRUE;
+ scf_simple_prop_free(prop);
+ }
+ if (prop == NULL || val == NULL) {
+ syslog(LOG_ALERT, "no value for config/%s (%s). "
+ "Using default \"%s\"", var, scf_strerror(scf_error()),
+ def_val ? "true" : "false");
+ }
+ return (res);
+}
+#endif
+
+TSS_RESULT
+conf_file_init(struct tcsd_config *conf)
+{
+ FILE *f = NULL;
+ struct stat stat_buf;
+#ifndef SOLARIS
+ struct group *grp;
+ struct passwd *pw;
+ mode_t mode = (S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
+#endif /* SOLARIS */
+ TSS_RESULT result;
+
+ init_tcsd_config(conf);
+
+#ifdef SOLARIS
+ /*
+ * Solaris runs as Rajiv Andrade <[email protected].:sys but with reduced privileges
+ * so we don't need to create a new user/group and also so
+ * we can have auditing support. The permissions on
+ * the tcsd configuration file are not checked on Solaris.
+ */
+#endif
+ /* look for a config file, create if it doesn't exist */
+ if (stat(tcsd_config_file, &stat_buf) == -1) {
+ if (errno == ENOENT) {
+ /* no config file? use defaults */
+ config_set_defaults(conf);
+ LogInfo("Config file %s not found, using defaults.", tcsd_config_file);
+ return TSS_SUCCESS;
+ } else {
+ LogError("stat(%s): %s", tcsd_config_file, strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+#ifndef NOUSERCHECK
+#ifndef SOLARIS
+ /* find the gid that owns the conf file */
+ errno = 0;
+ grp = getgrnam(TSS_GROUP_NAME);
+ if (grp == NULL) {
+ if (errno == 0) {
+ LogError("Group \"%s\" not found, please add this group"
+ " manually.", TSS_GROUP_NAME);
+ } else {
+ LogError("getgrnam(%s): %s", TSS_GROUP_NAME, strerror(errno));
+ }
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ errno = 0;
+ pw = getpwnam(TSS_USER_NAME);
+ if (pw == NULL) {
+ if (errno == 0) {
+ LogError("User \"%s\" not found, please add this user"
+ " manually.", TSS_USER_NAME);
+ } else {
+ LogError("getpwnam(%s): %s", TSS_USER_NAME, strerror(errno));
+ }
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* make sure user/group TSS owns the conf file */
+ if (pw->pw_uid != stat_buf.st_uid || grp->gr_gid != stat_buf.st_gid) {
+ LogError("TCSD config file (%s) must be user/group %s/%s", tcsd_config_file,
+ TSS_USER_NAME, TSS_GROUP_NAME);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* Chrome OS:
+ * Config files for Chrome OS is shipped with the images, and contains
+ * no sensitive information, and protected by rootfs verification from
+ * alteration. It should be okay to open the read access to all others
+ * too.
+ * Otherwise, with SELinux, tcsd will require special privileges to
+ * override POSIX permission bits to read configuration file.
+ */
+ /* make sure only the tss user can manipulate the config file */
+ if (((stat_buf.st_mode & 0777) | mode ) != mode) {
+ LogError("TCSD config file (%s) should not be writable by non-tss user.",
+ tcsd_config_file);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+#endif /* SOLARIS */
+#endif /* NOUSERCHECK */
+
+ if ((f = fopen(tcsd_config_file, "r")) == NULL) {
+ LogError("fopen(%s): %s", tcsd_config_file, strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = read_conf_file(f, conf);
+ fclose(f);
+
+ /* fill out any uninitialized options */
+ config_set_defaults(conf);
+
+#ifdef SOLARIS
+ /*
+ * The SMF value for "local_only" overrides the config file and
+ * disables all remote operations.
+ */
+if (get_smf_prop("local_only", B_TRUE)) {
+ (void) memset(conf->remote_ops, 0, sizeof(conf->remote_ops));
+ conf->unset |= TCSD_OPTION_REMOTE_OPS;
+
+ }
+#endif
+ return result;
+}
+
+TSS_RESULT
+ps_dirs_init()
+{
+ struct stat stat_buf;
+ mode_t mode = S_IRWXU; /* 0700 */
+
+ /* query the key storage directory to make sure it exists and is of the right mode */
+ if (stat(tcsd_options.system_ps_dir, &stat_buf) == -1) {
+ if (errno == ENOENT) {
+ /* The dir DNE, create it with mode drwxrwxrwt */
+ if (mkdir(tcsd_options.system_ps_dir, mode) == -1) {
+ LogError("mkdir(%s) failed: %s. If you'd like to use %s to "
+ "store your system persistent data, please"
+ " create it. Otherwise, change the location"
+ " in your tcsd config file.",
+ tcsd_options.system_ps_dir, strerror(errno),
+ tcsd_options.system_ps_dir);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else {
+ LogError("stat failed: %s", strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ /* stat should not fail now */
+ if (stat(tcsd_options.system_ps_dir, &stat_buf) == -1) {
+ LogError("stat %s failed: %s", tcsd_options.system_ps_dir, strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* tcsd_options.system_ps_dir should be a directory with mode equal to mode */
+ if (!S_ISDIR(stat_buf.st_mode)) {
+ LogError("PS dir %s is not a directory! Exiting.", tcsd_options.system_ps_dir);
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ } else if (((stat_buf.st_mode & 0777) ^ mode) != 0) {
+ /* This path is likely to be hit since open &'s mode with ~umask */
+ LogInfo("resetting mode of %s from %o to: %o", tcsd_options.system_ps_dir,
+ (unsigned int) stat_buf.st_mode, (unsigned int) mode);
+ if (chmod(tcsd_options.system_ps_dir, mode) == -1) {
+ LogError("chmod(%s) failed: %s", tcsd_options.system_ps_dir,
+ strerror(errno));
+ return TCSERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/tcsd_threads.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/tcsd_threads.c
new file mode 100644
index 0000000..eabc5f8
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tcsd/tcsd_threads.c
@@ -0,0 +1,366 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <syslog.h>
+#include <errno.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_da_reset.h"
+#include "tcs_int_literals.h"
+#include "tcs_tsp.h"
+#include "tcs_utils.h"
+#include "tcsd_wrap.h"
+#include "tcsd.h"
+#include "tcslog.h"
+#include "rpc_tcstp_tcs.h"
+
+struct tcsd_thread_mgr *tm = NULL;
+
+TSS_RESULT
+tcsd_threads_final()
+{
+ int rc;
+ UINT32 i;
+
+ MUTEX_LOCK(tm->lock);
+
+ tm->shutdown = 1;
+
+ MUTEX_UNLOCK(tm->lock);
+
+ /* wait for all currently running threads to exit */
+ for (i = 0; i < tm->max_threads; i++) {
+ if (tm->thread_data[i].thread_id != THREAD_NULL) {
+ if ((rc = THREAD_JOIN(*(tm->thread_data[i].thread_id), NULL))) {
+ LogError("Thread join failed: error: %d", rc);
+ }
+ }
+ }
+
+ free(tm->thread_data);
+ free(tm);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+tcsd_threads_init(void)
+{
+ /* allocate the thread mgmt structure */
+ tm = calloc(1, sizeof(struct tcsd_thread_mgr));
+ if (tm == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tcsd_thread_mgr));
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+ /* initialize mutex */
+ MUTEX_INIT(tm->lock);
+
+ /* set the max threads variable from config */
+ tm->max_threads = tcsd_options.num_threads;
+
+ /* allocate each thread's data structure */
+ tm->thread_data = calloc(tcsd_options.num_threads, sizeof(struct tcsd_thread_data));
+ if (tm->thread_data == NULL) {
+ LogError("malloc of %zu bytes failed.",
+ tcsd_options.num_threads * sizeof(struct tcsd_thread_data));
+ free(tm);
+ return TCSERR(TSS_E_OUTOFMEMORY);
+ }
+
+ return TSS_SUCCESS;
+}
+
+
+TSS_RESULT
+tcsd_thread_create(int socket, char *hostname)
+{
+ UINT32 thread_num = ~0U;
+ int rc = TCS_SUCCESS;
+#ifndef TCSD_SINGLE_THREAD_DEBUG
+ THREAD_ATTR_DECLARE(tcsd_thread_attr);
+
+ /* init the thread attribute */
+ if ((rc = THREAD_ATTR_INIT(tcsd_thread_attr))) {
+ LogError("Initializing thread attribute failed: error=%d: %s", rc, strerror(rc));
+ rc = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto out;
+ }
+ /* make all threads joinable */
+ if ((rc = THREAD_ATTR_SETJOINABLE(tcsd_thread_attr))) {
+ LogError("Making thread attribute joinable failed: error=%d: %s", rc, strerror(rc));
+ rc = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto out;
+ }
+
+ MUTEX_LOCK(tm->lock);
+#endif
+ if (tm->num_active_threads == tm->max_threads) {
+ if (hostname != NULL) {
+ LogError("max number of connections reached (%d), new connection"
+ " from %s refused.", tm->max_threads, hostname);
+ } else {
+ LogError("max number of connections reached (%d), new connection"
+ " refused.", tm->max_threads);
+ }
+ rc = TCSERR(TSS_E_CONNECTION_FAILED);
+#ifndef TCSD_SINGLE_THREAD_DEBUG
+ goto out_unlock;
+#else
+ goto out;
+#endif
+ }
+
+ /* search for an open slot to store the thread data in */
+ for (thread_num = 0; thread_num < tm->max_threads; thread_num++) {
+ if (tm->thread_data[thread_num].thread_id == THREAD_NULL)
+ break;
+ }
+
+ DBG_ASSERT(thread_num != tm->max_threads);
+
+ tm->thread_data[thread_num].sock = socket;
+ tm->thread_data[thread_num].context = NULL_TCS_HANDLE;
+ if (hostname != NULL)
+ tm->thread_data[thread_num].hostname = hostname;
+
+#ifdef TCSD_SINGLE_THREAD_DEBUG
+ (void)tcsd_thread_run((void *)(&(tm->thread_data[thread_num])));
+#else
+ tm->thread_data[thread_num].thread_id = calloc(1, sizeof(THREAD_TYPE));
+ if (tm->thread_data[thread_num].thread_id == NULL) {
+ rc = TCSERR(TSS_E_OUTOFMEMORY);
+ LogError("malloc of %zd bytes failed.", sizeof(THREAD_TYPE));
+ goto out_unlock;
+ }
+
+ if ((rc = THREAD_CREATE(tm->thread_data[thread_num].thread_id,
+ &tcsd_thread_attr,
+ tcsd_thread_run,
+ (void *)(&(tm->thread_data[thread_num]))))) {
+ LogError("Thread create failed: %d", rc);
+ rc = TCSERR(TSS_E_INTERNAL_ERROR);
+ free(tm->thread_data[thread_num].thread_id);
+ tm->thread_data[thread_num].thread_id = THREAD_NULL;
+ goto out_unlock;
+ }
+
+ tm->num_active_threads++;
+
+out_unlock:
+ MUTEX_UNLOCK(tm->lock);
+#endif
+out:
+ /* cleanup in case of error */
+ if (rc != TCS_SUCCESS) {
+ if (hostname != NULL) {
+ if (thread_num != ~0U) {
+ tm->thread_data[thread_num].hostname = NULL;
+ }
+ free(hostname);
+ }
+ close(socket);
+ }
+ return rc;
+}
+
+/* Since we don't want any of the worker threads to catch any signals, we must mask off any
+ * potential signals here after creating the threads. If any of the created threads catch a signal,
+ * they'd eventually call join on themselves, causing a deadlock.
+ */
+void
+thread_signal_init()
+{
+ sigset_t thread_sigmask;
+ int rc;
+
+ if ((rc = sigfillset(&thread_sigmask))) {
+ LogError("sigfillset failed: error=%d: %s", rc, strerror(rc));
+ LogError("worker thread %ld is exiting prematurely", THREAD_ID);
+ THREAD_EXIT(NULL);
+ }
+
+ if ((rc = THREAD_SET_SIGNAL_MASK(SIG_BLOCK, &thread_sigmask, NULL))) {
+ LogError("Setting thread sigmask failed: error=%d: %s", rc, strerror(rc));
+ LogError("worker thread %ld is exiting prematurely", THREAD_ID);
+ THREAD_EXIT(NULL);
+ }
+}
+
+void *
+tcsd_thread_run(void *v)
+{
+ struct tcsd_thread_data *data = (struct tcsd_thread_data *)v;
+ BYTE *buffer;
+ int recd_so_far, empty_space, total_recv_size, recv_chunk_size, send_size;
+ TSS_RESULT result;
+ UINT64 offset;
+#ifndef TCSD_SINGLE_THREAD_DEBUG
+ int rc;
+
+ thread_signal_init();
+#endif
+
+ data->comm.buf_size = TCSD_INIT_TXBUF_SIZE;
+ data->comm.buf = calloc(1, data->comm.buf_size);
+ while (data->comm.buf) {
+ /* get the packet header to get the size of the incoming packet */
+ if (recv_from_socket(data->sock, data->comm.buf,
+ sizeof(struct tcsd_packet_hdr)) < 0)
+ break;
+
+ recd_so_far = sizeof(struct tcsd_packet_hdr);
+
+ /* check the packet size */
+ total_recv_size = Decode_UINT32(data->comm.buf);
+ if (total_recv_size < (int)sizeof(struct tcsd_packet_hdr)) {
+ LogError("Packet to receive from socket %d is too small (%d bytes)",
+ data->sock, total_recv_size);
+ break;
+ }
+
+ LogDebug("total_recv_size %d, buf_size %u, recd_so_far %d", total_recv_size,
+ data->comm.buf_size, recd_so_far);
+
+ empty_space = data->comm.buf_size - recd_so_far;
+
+ /* instead of blindly allocating recv_size bytes off the bat, stage the realloc
+ * and wait for the data to come in over the socket. This protects against
+ * trivially asking tcsd to alloc 2GB */
+ while (total_recv_size > (int) data->comm.buf_size) {
+ BYTE *new_buffer;
+ int new_bufsize;
+
+ if ((int)data->comm.buf_size + TCSD_INCR_TXBUF_SIZE < total_recv_size) {
+ new_bufsize = data->comm.buf_size + TCSD_INCR_TXBUF_SIZE;
+ recv_chunk_size = empty_space + TCSD_INCR_TXBUF_SIZE;
+ } else {
+ new_bufsize = total_recv_size;
+ recv_chunk_size = total_recv_size - recd_so_far;
+ }
+
+ LogDebug("Increasing communication buffer to %d bytes.", new_bufsize);
+ new_buffer = realloc(data->comm.buf, new_bufsize);
+ if (new_buffer == NULL) {
+ LogError("realloc of %d bytes failed.", new_bufsize);
+ data->comm.buf = NULL;
+ goto no_mem_error;
+ }
+
+ data->comm.buf_size = new_bufsize;
+ data->comm.buf = new_buffer;
+ buffer = data->comm.buf + recd_so_far;
+
+ LogDebug("recv_chunk_size %d recd_so_far %d", recv_chunk_size, recd_so_far);
+ if (recv_from_socket(data->sock, buffer, recv_chunk_size) < 0) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto error;
+ }
+
+ recd_so_far += recv_chunk_size;
+ empty_space = 0;
+ }
+
+ if (recd_so_far < total_recv_size) {
+ buffer = data->comm.buf + recd_so_far;
+ recv_chunk_size = total_recv_size - recd_so_far;
+
+ LogDebug("recv_chunk_size %d recd_so_far %d", recv_chunk_size, recd_so_far);
+
+ if (recv_from_socket(data->sock, buffer, recv_chunk_size) < 0) {
+ result = TCSERR(TSS_E_INTERNAL_ERROR);
+ goto error;
+ }
+ }
+ LogDebug("Rx'd packet");
+
+ /* create a platform version of the tcsd header */
+ offset = 0;
+ UnloadBlob_UINT32(&offset, &data->comm.hdr.packet_size, data->comm.buf);
+ UnloadBlob_UINT32(&offset, &data->comm.hdr.u.result, data->comm.buf);
+ UnloadBlob_UINT32(&offset, &data->comm.hdr.num_parms, data->comm.buf);
+ UnloadBlob_UINT32(&offset, &data->comm.hdr.type_size, data->comm.buf);
+ UnloadBlob_UINT32(&offset, &data->comm.hdr.type_offset, data->comm.buf);
+ UnloadBlob_UINT32(&offset, &data->comm.hdr.parm_size, data->comm.buf);
+ UnloadBlob_UINT32(&offset, &data->comm.hdr.parm_offset, data->comm.buf);
+ result = getTCSDPacket(data);
+ handleAuthFailures();
+ clearCommandHistory();
+
+error:
+ if (result) {
+ /* something internal to the TCSD went wrong in preparing the packet
+ * to return to the TSP. Use our already allocated buffer to return a
+ * TSS_E_INTERNAL_ERROR return code to the TSP. In the non-error path,
+ * these LoadBlob's are done in getTCSDPacket().
+ */
+ /* set everything to zero, fill in what is non-zero */
+ memset(data->comm.buf, 0, data->comm.buf_size);
+ offset = 0;
+ /* load packet size */
+ LoadBlob_UINT32(&offset, sizeof(struct tcsd_packet_hdr), data->comm.buf);
+ /* load result */
+ LoadBlob_UINT32(&offset, result, data->comm.buf);
+ }
+ send_size = Decode_UINT32(data->comm.buf);
+ LogDebug("Sending 0x%X bytes back", send_size);
+ send_size = send_to_socket(data->sock, data->comm.buf, send_size);
+ if (send_size < 0)
+ break;
+
+ /* check for shutdown */
+ if (tm->shutdown) {
+ LogDebug("Thread %ld exiting via shutdown signal!", THREAD_ID);
+ break;
+ }
+ }
+no_mem_error:
+ LogDebug("Thread exiting.");
+ /* Closing connection to TSP */
+ close(data->sock);
+ data->sock = -1;
+ free(data->comm.buf);
+ data->comm.buf = NULL;
+ data->comm.buf_size = -1;
+ /* If the connection was not shut down cleanly, free TCS resources here */
+ if (data->context != NULL_TCS_HANDLE) {
+ TCS_CloseContext_Internal(data->context);
+ data->context = NULL_TCS_HANDLE;
+ }
+ if(data->hostname != NULL) {
+ free(data->hostname);
+ data->hostname = NULL;
+ }
+
+#ifndef TCSD_SINGLE_THREAD_DEBUG
+ pthread_mutex_lock(&(tm->lock));
+ tm->num_active_threads--;
+ /* if we're not in shutdown mode, then nobody is waiting to join this thread, so
+ * detach it so that its resources are free at pthread_exit() time. */
+ if (!tm->shutdown) {
+ if ((rc = pthread_detach(*(data->thread_id)))) {
+ LogError("pthread_detach failed (errno %d)."
+ " Resources may not be properly released.", rc);
+ }
+ }
+ free(data->thread_id);
+ data->thread_id = THREAD_NULL;
+ pthread_mutex_unlock(&(tm->lock));
+ pthread_exit(NULL);
+#endif
+ return NULL;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tddl/tddl.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tddl/tddl.c
new file mode 100644
index 0000000..628dd80
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tddl/tddl.c
@@ -0,0 +1,335 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2005
+ *
+ */
+
+
+#include <unistd.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <sys/ioctl.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "linux/tpm.h"
+#include "metrics/c_metrics_library.h"
+#include "tcs_da_reset.h"
+#include "tcs_utils.h"
+#include "tcslog.h"
+#include "tddl.h"
+
+struct tpm_device_node tpm_device_nodes[] = {
+ {"/dev/tpm0", TDDL_UNDEF, TDDL_UNDEF},
+ {"/udev/tpm0", TDDL_UNDEF, TDDL_UNDEF},
+ {"/dev/tpm", TDDL_UNDEF, TDDL_UNDEF},
+ {NULL, 0, 0}
+};
+
+struct tpm_device_node *opened_device = NULL;
+
+BYTE txBuffer[TDDL_TXBUF_SIZE];
+TSS_BOOL use_in_socket = FALSE;
+struct tcsd_config *_tcsd_options = NULL;
+int retry_count = 2;
+
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <netinet/in.h>
+#include <sys/types.h>
+#include <netdb.h>
+#include <fcntl.h>
+
+
+int
+open_device()
+{
+ int i = 0, fd = -1, tcp_device_port;
+ char *tcp_device_hostname = NULL;
+ char *un_socket_device_path = NULL;
+ char *tcp_device_port_string = NULL;
+ char *retry_count_string = NULL;
+
+ if ((retry_count_string = getenv("TCSD_TPM_RW_RETRY_COUNT")) != NULL) {
+ errno = 0;
+ retry_count = strtol(retry_count_string, NULL, 10);
+ if (errno != 0) {
+ LogWarn("Failed to parse TCSD_TPM_RW_RETRY_COUNT, "
+ "strtol: (%d) %s", errno, strerror(errno));
+ retry_count = 2;
+ }
+ }
+
+ if (getenv("TCSD_USE_TCP_DEVICE")) {
+ if ((tcp_device_hostname = getenv("TCSD_TCP_DEVICE_HOSTNAME")) == NULL)
+ tcp_device_hostname = "localhost";
+ if ((un_socket_device_path = getenv("TCSD_UN_SOCKET_DEVICE_PATH")) == NULL)
+ un_socket_device_path = "/var/run/tpm/tpmd_socket:0";
+ if ((tcp_device_port_string = getenv("TCSD_TCP_DEVICE_PORT")) != NULL)
+ tcp_device_port = atoi(tcp_device_port_string);
+ else
+ tcp_device_port = 6545;
+
+
+ fd = socket(AF_INET, SOCK_STREAM, 0);
+ if (fd > 0) {
+ struct hostent *host = gethostbyname(tcp_device_hostname);
+ if (host != NULL) {
+ struct sockaddr_in addr;
+ memset(&addr, 0x0, sizeof(addr));
+ addr.sin_family = host->h_addrtype;
+ addr.sin_port = htons(tcp_device_port);
+ memcpy(&addr.sin_addr,
+ host->h_addr,
+ host->h_length);
+ if (connect(fd, (struct sockaddr *)&addr,
+ sizeof(addr)) < 0) {
+ close(fd);
+ fd = -1;
+ } else
+ use_in_socket = TRUE;
+ } else {
+ close (fd);
+ fd = -1;
+ }
+ }
+
+ if (fd < 0) {
+ struct sockaddr_un addr;
+
+ fd = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (fd >= 0) {
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, un_socket_device_path,
+ sizeof(addr.sun_path));
+ if (connect(fd, (void *)&addr, sizeof(addr)) < 0) {
+ close(fd);
+ fd = -1;
+ }
+ }
+ }
+ }
+
+ if (fd < 0) {
+ /* tpm_device_paths is filled out in tddl.h */
+ for (i = 0; tpm_device_nodes[i].path != NULL; i++) {
+ errno = 0;
+ if ((fd = open(tpm_device_nodes[i].path, O_RDWR)) >= 0)
+ break;
+ }
+ }
+
+ if (fd > 0) {
+ opened_device = &(tpm_device_nodes[i]);
+ tpm_device_nodes[i].fd = fd;
+ }
+ return fd;
+}
+
+TSS_RESULT
+Tddli_Open()
+{
+ int rc;
+
+ if (opened_device != NULL) {
+ LogDebug("attempted to re-open the TPM driver!");
+ return TDDLERR(TDDL_E_ALREADY_OPENED);
+ }
+
+ rc = open_device();
+ if (rc < 0) {
+ LogError("Could not find a device to open!");
+ if (errno == ENOENT) {
+ /* File DNE */
+ return TDDLERR(TDDL_E_COMPONENT_NOT_FOUND);
+ }
+
+ return TDDLERR(TDDL_E_FAIL);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Tddli_Close()
+{
+ if (opened_device == NULL) {
+ LogDebug("attempted to re-close the TPM driver!");
+ return TDDLERR(TDDL_E_ALREADY_CLOSED);
+ }
+
+ close(opened_device->fd);
+ opened_device->fd = TDDL_UNDEF;
+ opened_device = NULL;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Tddli_TransmitData(BYTE * pTransmitBuf, UINT32 TransmitBufLen, BYTE * pReceiveBuf,
+ UINT32 * pReceiveBufLen)
+{
+ int i, sizeResult;
+ UINT16 request_tag;
+
+ /* The command ordinal to be sent as well as the code returned from TPM.
+ */
+ UINT32 ordinal;
+ UINT32 result;
+
+ static CMetricsLibrary metrics_library_handle = NULL;
+ TSS_BOOL is_auth;
+
+ if (TransmitBufLen > TDDL_TXBUF_SIZE) {
+ LogError("buffer size handed to TDDL is too large! (%u bytes)", TransmitBufLen);
+ return TDDLERR(TDDL_E_FAIL);
+ }
+
+ memcpy(txBuffer, pTransmitBuf, TransmitBufLen);
+ LogDebug("Calling write to driver");
+ /* Low-level intercept of errors returned by the TPM for
+ * statistical purposes.
+ */
+ request_tag = Decode_UINT16(txBuffer);
+ is_auth = (request_tag == 0xc2) || (request_tag == 0xc3);
+ ordinal = Decode_UINT32(txBuffer + 6);
+
+ if (use_in_socket) {
+ Tddli_Close();
+ if (Tddli_Open())
+ return TDDLERR(TDDL_E_IOERROR);
+ }
+
+ switch (opened_device->transmit) {
+ case TDDL_UNDEF:
+ /* fall through */
+ case TDDL_TRANSMIT_IOCTL:
+ errno = 0;
+ if ((sizeResult = ioctl(opened_device->fd, TPMIOC_TRANSMIT, txBuffer)) != -1) {
+ opened_device->transmit = TDDL_TRANSMIT_IOCTL;
+ break;
+ }
+ LogWarn("ioctl: (%d) %s", errno, strerror(errno));
+ LogInfo("Falling back to Read/Write device support.");
+ /* fall through */
+ case TDDL_TRANSMIT_RW:
+ i = 0;
+ while ((sizeResult = write(opened_device->fd,
+ txBuffer,
+ TransmitBufLen)) < 0 &&
+ i++ < retry_count) {
+ LogWarn("write to device %s failed, retrying (%d): %s",
+ opened_device->path,
+ i,
+ strerror(errno));
+ }
+ if (sizeResult == (int)TransmitBufLen) {
+ opened_device->transmit = TDDL_TRANSMIT_RW;
+ i = 0;
+ while ((sizeResult = read(opened_device->fd, txBuffer,
+ TDDL_TXBUF_SIZE)) < 0 &&
+ i++ < retry_count) {
+ LogWarn("read from device %s failed, retrying (%d): %s",
+ opened_device->path, i, strerror(errno));
+ }
+ break;
+ } else {
+ if (sizeResult == -1) {
+ LogError("write to device %s failed: %s",
+ opened_device->path,
+ strerror(errno));
+ } else {
+ LogError("wrote %d bytes to %s (tried "
+ "to write %d)", sizeResult,
+ opened_device->path,
+ TransmitBufLen);
+ }
+ }
+ /* fall through */
+ default:
+ return TDDLERR(TDDL_E_IOERROR);
+ }
+
+ if (sizeResult < 0) {
+ LogError("read from device %s failed: %s", opened_device->path, strerror(errno));
+ return TDDLERR(TDDL_E_IOERROR);
+ } else if (sizeResult == 0) {
+ LogError("Zero bytes read from device %s", opened_device->path);
+ return TDDLERR(TDDL_E_IOERROR);
+ }
+
+ if ((unsigned)sizeResult > *pReceiveBufLen) {
+ LogError("read %d bytes from device %s, (only room for %d)", sizeResult,
+ opened_device->path, *pReceiveBufLen);
+ return TDDLERR(TDDL_E_INSUFFICIENT_BUFFER);
+ }
+
+ *pReceiveBufLen = sizeResult;
+
+ memcpy(pReceiveBuf, txBuffer, *pReceiveBufLen);
+ /* TPM returned a valid response packet into txBuffer. Extract result
+ * code and ship stats.
+ */
+ result = Decode_UINT32(pReceiveBuf + 6);
+ if (metrics_library_handle == NULL)
+ metrics_library_handle = CMetricsLibraryNew();
+ if (metrics_library_handle != NULL) {
+ CMetricsLibrarySendSparseToUMA(metrics_library_handle,
+ "Platform.TPM.ErrorCode",
+ result);
+ if (is_auth)
+ CMetricsLibrarySendSparseToUMA(
+ metrics_library_handle,
+ "Platform.TPM.AuthErrorCode",
+ result);
+ }
+
+ recordFailedCommandHistory(ordinal, result);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Tddli_GetStatus(UINT32 ReqStatusType, UINT32 *pStatus)
+{
+ return TDDLERR(TSS_E_NOTIMPL);
+}
+
+TSS_RESULT
+Tddli_SetCapability(UINT32 CapArea, UINT32 SubCap,
+ BYTE *pSetCapBuf, UINT32 SetCapBufLen)
+{
+ return TDDLERR(TSS_E_NOTIMPL);
+}
+
+TSS_RESULT
+Tddli_GetCapability(UINT32 CapArea, UINT32 SubCap,
+ BYTE *pCapBuf, UINT32 *pCapBufLen)
+{
+ return TDDLERR(TSS_E_NOTIMPL);
+}
+
+TSS_RESULT Tddli_Cancel(void)
+{
+ int rc;
+
+ if (opened_device->transmit == TDDL_TRANSMIT_IOCTL) {
+ if ((rc = ioctl(opened_device->fd, TPMIOC_CANCEL, NULL)) == -1) {
+ LogError("ioctl: (%d) %s", errno, strerror(errno));
+ return TDDLERR(TDDL_E_FAIL);
+ } else if (rc == -EIO) {
+ /* The driver timed out while trying to tell the chip to cancel */
+ return TDDLERR(TDDL_E_COMMAND_COMPLETED);
+ }
+
+ return TSS_SUCCESS;
+ } else {
+ return TDDLERR(TSS_E_NOTIMPL);
+ }
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/hash.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/hash.c
new file mode 100644
index 0000000..f2a1f0e
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/hash.c
@@ -0,0 +1,221 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+/*
+ * hash.c - openssl TSS crypto routines
+ *
+ * Kent Yoder <[email protected]>
+ *
+ */
+
+#include <string.h>
+
+#include <openssl/opensslv.h>
+#include <openssl/rsa.h> // for some reason the MGF1 prototype is in here
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/err.h>
+#include <openssl/sha.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "tsplog.h"
+
+#ifdef TSS_DEBUG
+#define DEBUG_print_openssl_errors() \
+ do { \
+ ERR_load_crypto_strings(); \
+ ERR_print_errors_fp(stderr); \
+ } while (0)
+#else
+#define DEBUG_print_openssl_errors()
+#endif
+
+#if (OPENSSL_VERSION_NUMBER >= 0x0090800FL)
+#define OpenSSL_MGF1(m,mlen,s,slen,md) PKCS1_MGF1(m,mlen,s,slen,md)
+#else
+int MGF1(unsigned char *, long, const unsigned char *, long);
+#define OpenSSL_MGF1(m,mlen,s,slen,md) MGF1(m,mlen,s,slen)
+#endif
+
+/*
+ * Hopefully this will make the code clearer since
+ * OpenSSL returns 1 on success
+ */
+#define EVP_SUCCESS 1
+
+TSS_RESULT
+Trspi_Hash(UINT32 HashType, UINT32 BufSize, BYTE* Buf, BYTE* Digest)
+{
+ EVP_MD_CTX *md_ctx;
+ unsigned int result_size;
+ int rv;
+
+ md_ctx = EVP_MD_CTX_create();
+
+ switch (HashType) {
+ case TSS_HASH_SHA1:
+ rv = EVP_DigestInit(md_ctx, EVP_sha1());
+ break;
+ default:
+ rv = TSPERR(TSS_E_BAD_PARAMETER);
+ goto out;
+ break;
+ }
+
+ if (rv != EVP_SUCCESS) {
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err;
+ }
+
+ rv = EVP_DigestUpdate(md_ctx, Buf, BufSize);
+ if (rv != EVP_SUCCESS) {
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err;
+ }
+
+ result_size = EVP_MD_CTX_size(md_ctx);
+ rv = EVP_DigestFinal(md_ctx, Digest, &result_size);
+ if (rv != EVP_SUCCESS) {
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err;
+ } else
+ rv = TSS_SUCCESS;
+
+ goto out;
+
+err:
+ DEBUG_print_openssl_errors();
+out:
+ EVP_MD_CTX_destroy(md_ctx);
+ return rv;
+}
+
+TSS_RESULT
+Trspi_HashInit(Trspi_HashCtx *ctx, UINT32 HashType)
+{
+ int rv;
+ EVP_MD *md;
+
+ switch (HashType) {
+ case TSS_HASH_SHA1:
+ md = (EVP_MD *)EVP_sha1();
+ break;
+ default:
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ break;
+ }
+
+ if ((ctx->ctx = EVP_MD_CTX_create()) == NULL)
+ return TSPERR(TSS_E_OUTOFMEMORY);
+
+ rv = EVP_DigestInit((EVP_MD_CTX *)ctx->ctx, (const EVP_MD *)md);
+
+ if (rv != EVP_SUCCESS) {
+ DEBUG_print_openssl_errors();
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_HashUpdate(Trspi_HashCtx *ctx, UINT32 size, BYTE *data)
+{
+ int rv;
+
+ if (ctx == NULL || ctx->ctx == NULL)
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ if (data == NULL && size)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+
+ if (!size)
+ return TSS_SUCCESS;
+
+ rv = EVP_DigestUpdate(ctx->ctx, data, size);
+ if (rv != EVP_SUCCESS) {
+ DEBUG_print_openssl_errors();
+ free(ctx->ctx);
+ ctx->ctx = NULL;
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_HashFinal(Trspi_HashCtx *ctx, BYTE *digest)
+{
+ int rv;
+ UINT32 result_size;
+
+ if (ctx == NULL || ctx->ctx == NULL)
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result_size = EVP_MD_CTX_size((EVP_MD_CTX *)ctx->ctx);
+ rv = EVP_DigestFinal(ctx->ctx, digest, &result_size);
+ if (rv != EVP_SUCCESS)
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ free(ctx->ctx);
+ ctx->ctx = NULL;
+
+ return TSS_SUCCESS;
+}
+
+UINT32
+Trspi_HMAC(UINT32 HashType, UINT32 SecretSize, BYTE* Secret, UINT32 BufSize, BYTE* Buf, BYTE* hmacOut)
+{
+ /*HMAC_CTX hmac_ctx;*/
+ const EVP_MD *md;
+ unsigned int len;
+ int rv = TSS_SUCCESS;
+
+ switch (HashType) {
+ case TSS_HASH_SHA1:
+ md = EVP_sha1();
+ break;
+ default:
+ rv = TSPERR(TSS_E_BAD_PARAMETER);
+ goto out;
+ break;
+ }
+
+ len = EVP_MD_size(md);
+
+ HMAC(md, Secret, SecretSize, Buf, BufSize, hmacOut, &len);
+out:
+ return rv;
+}
+
+TSS_RESULT
+Trspi_MGF1(UINT32 alg, UINT32 seedLen, BYTE *seed, UINT32 outLen, BYTE *out)
+{
+ const EVP_MD *md;
+ long olen = outLen, slen = seedLen;
+ int rv = TSS_SUCCESS;
+
+ switch (alg) {
+ case TSS_HASH_SHA1:
+ md = EVP_sha1();
+ break;
+ default:
+ rv = TSPERR(TSS_E_BAD_PARAMETER);
+ goto out;
+ break;
+ }
+
+ rv = OpenSSL_MGF1(out, olen, seed, slen, md);
+out:
+ return rv;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/rsa.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/rsa.c
new file mode 100644
index 0000000..2b1205f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/rsa.c
@@ -0,0 +1,312 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+/*
+ * rsa.c - openssl TSS crypto routines
+ *
+ * Kent Yoder <[email protected]>
+ *
+ */
+
+#include <string.h>
+
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/sha.h>
+#include <openssl/rsa.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "tsplog.h"
+
+#ifdef TSS_DEBUG
+#define DEBUG_print_openssl_errors() \
+ do { \
+ ERR_load_crypto_strings(); \
+ ERR_print_errors_fp(stderr); \
+ } while (0)
+#else
+#define DEBUG_print_openssl_errors()
+#endif
+
+#if OPENSSL_VERSION_NUMBER < 0x10100001L
+static int
+RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
+{
+ if (n != NULL) {
+ BN_free(r->n);
+ r->n = n;
+ }
+ if (e != NULL) {
+ BN_free(r->e);
+ r->e = e;
+ }
+ if (d != NULL) {
+ BN_free(r->d);
+ r->d = d;
+ }
+ return 1;
+}
+#endif
+
+/*
+ * Hopefully this will make the code clearer since
+ * OpenSSL returns 1 on success
+ */
+#define EVP_SUCCESS 1
+
+/* XXX int set to unsigned int values */
+int
+Trspi_RSA_Encrypt(unsigned char *dataToEncrypt, /* in */
+ unsigned int dataToEncryptLen, /* in */
+ unsigned char *encryptedData, /* out */
+ unsigned int *encryptedDataLen, /* out */
+ unsigned char *publicKey,
+ unsigned int keysize)
+{
+ int rv;
+ unsigned char exp[] = { 0x01, 0x00, 0x01 }; /* 65537 hex */
+ unsigned char oaepPad[] = "TCPA";
+ int oaepPadLen = 4;
+ RSA *rsa = RSA_new();
+ BYTE encodedData[256];
+ int encodedDataLen;
+ BIGNUM *rsa_n = NULL, *rsa_e = NULL;
+
+ if (rsa == NULL) {
+ rv = TSPERR(TSS_E_OUTOFMEMORY);
+ goto err;
+ }
+
+ /* set the public key value in the OpenSSL object */
+ rsa_n = BN_bin2bn(publicKey, keysize, NULL);
+ /* set the public exponent */
+ rsa_e = BN_bin2bn(exp, sizeof(exp), NULL);
+
+ if (rsa_n == NULL || rsa_e == NULL) {
+ rv = TSPERR(TSS_E_OUTOFMEMORY);
+ BN_free(rsa_n);
+ BN_free(rsa_e);
+ goto err;
+ }
+ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) {
+ rv = TSPERR(TSS_E_FAIL);
+ BN_free(rsa_n);
+ BN_free(rsa_e);
+ goto err;
+ }
+
+ /* padding constraint for PKCS#1 OAEP padding */
+ if ((int)dataToEncryptLen >= (RSA_size(rsa) - ((2 * SHA_DIGEST_LENGTH) + 1))) {
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err;
+ }
+
+ encodedDataLen = MIN(RSA_size(rsa), 256);
+
+ /* perform our OAEP padding here with custom padding parameter */
+ rv = RSA_padding_add_PKCS1_OAEP(encodedData, encodedDataLen, dataToEncrypt,
+ dataToEncryptLen, oaepPad, oaepPadLen);
+ if (rv != EVP_SUCCESS) {
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err;
+ }
+
+ /* call OpenSSL with no additional padding */
+ rv = RSA_public_encrypt(encodedDataLen, encodedData,
+ encryptedData, rsa, RSA_NO_PADDING);
+ if (rv == -1) {
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err;
+ }
+
+ /* RSA_public_encrypt returns the size of the encrypted data */
+ *encryptedDataLen = rv;
+ rv = TSS_SUCCESS;
+ goto out;
+
+err:
+ DEBUG_print_openssl_errors();
+out:
+ if (rsa)
+ RSA_free(rsa);
+ return rv;
+}
+
+TSS_RESULT
+Trspi_Verify(UINT32 HashType, BYTE *pHash, UINT32 iHashLength,
+ unsigned char *pModulus, int iKeyLength,
+ BYTE *pSignature, UINT32 sig_len)
+{
+ int rv, nid;
+ unsigned char exp[] = { 0x01, 0x00, 0x01 }; /* The default public exponent for the TPM */
+ unsigned char buf[256];
+ RSA *rsa = RSA_new();
+ BIGNUM *rsa_n = NULL, *rsa_e = NULL;
+
+ if (rsa == NULL) {
+ rv = TSPERR(TSS_E_OUTOFMEMORY);
+ goto err;
+ }
+
+ /* We assume we're verifying data from a TPM, so there are only
+ * two options, SHA1 data and PKCSv1.5 encoded signature data.
+ */
+ switch (HashType) {
+ case TSS_HASH_SHA1:
+ nid = NID_sha1;
+ break;
+ case TSS_HASH_OTHER:
+ nid = NID_undef;
+ break;
+ default:
+ rv = TSPERR(TSS_E_BAD_PARAMETER);
+ goto out;
+ break;
+ }
+
+ /* set the public key value in the OpenSSL object */
+ rsa_n = BN_bin2bn(pModulus, iKeyLength, NULL);
+ /* set the public exponent */
+ rsa_e = BN_bin2bn(exp, sizeof(exp), NULL);
+
+ if (rsa_n == NULL || rsa_e == NULL) {
+ rv = TSPERR(TSS_E_OUTOFMEMORY);
+ BN_free(rsa_n);
+ BN_free(rsa_e);
+ goto err;
+ }
+ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) {
+ rv = TSPERR(TSS_E_FAIL);
+ BN_free(rsa_n);
+ BN_free(rsa_e);
+ goto err;
+ }
+
+ /* if we don't know the structure of the data we're verifying, do a public decrypt
+ * and compare manually. If we know we're looking for a SHA1 hash, allow OpenSSL
+ * to do the work for us.
+ */
+ if (nid == NID_undef) {
+ rv = RSA_public_decrypt(sig_len, pSignature, buf, rsa, RSA_PKCS1_PADDING);
+ if ((UINT32)rv != iHashLength) {
+ rv = TSPERR(TSS_E_FAIL);
+ goto out;
+ } else if (memcmp(pHash, buf, iHashLength)) {
+ rv = TSPERR(TSS_E_FAIL);
+ goto out;
+ }
+ } else {
+ if ((rv = RSA_verify(nid, pHash, iHashLength, pSignature, sig_len, rsa)) == 0) {
+ rv = TSPERR(TSS_E_FAIL);
+ goto out;
+ }
+ }
+
+ rv = TSS_SUCCESS;
+ goto out;
+
+err:
+ DEBUG_print_openssl_errors();
+out:
+ if (rsa)
+ RSA_free(rsa);
+ return rv;
+}
+
+int
+Trspi_RSA_Public_Encrypt(unsigned char *in, unsigned int inlen,
+ unsigned char *out, unsigned int *outlen,
+ unsigned char *pubkey, unsigned int pubsize,
+ unsigned int e, int padding)
+{
+ int rv, e_size = 3;
+ unsigned char exp[] = { 0x01, 0x00, 0x01 };
+ RSA *rsa = RSA_new();
+ BIGNUM *rsa_n = NULL, *rsa_e = NULL;
+
+ if (rsa == NULL) {
+ rv = TSPERR(TSS_E_OUTOFMEMORY);
+ goto err;
+ }
+
+ switch (e) {
+ case 0:
+ /* fall through */
+ case 65537:
+ break;
+ case 17:
+ exp[0] = 17;
+ e_size = 1;
+ break;
+ case 3:
+ exp[0] = 3;
+ e_size = 1;
+ break;
+ default:
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto out;
+ break;
+ }
+
+ switch (padding) {
+ case TR_RSA_PKCS1_OAEP_PADDING:
+ padding = RSA_PKCS1_OAEP_PADDING;
+ break;
+ case TR_RSA_PKCS1_PADDING:
+ padding = RSA_PKCS1_PADDING;
+ break;
+ case TR_RSA_NO_PADDING:
+ padding = RSA_NO_PADDING;
+ break;
+ default:
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto out;
+ break;
+ }
+
+ /* set the public key value in the OpenSSL object */
+ rsa_n = BN_bin2bn(pubkey, pubsize, NULL);
+ /* set the public exponent */
+ rsa_e = BN_bin2bn(exp, e_size, NULL);
+
+ if (rsa_n == NULL || rsa_e == NULL) {
+ rv = TSPERR(TSS_E_OUTOFMEMORY);
+ BN_free(rsa_n);
+ BN_free(rsa_e);
+ goto err;
+ }
+ if (!RSA_set0_key(rsa, rsa_n, rsa_e, NULL)) {
+ rv = TSPERR(TSS_E_FAIL);
+ BN_free(rsa_n);
+ BN_free(rsa_e);
+ goto err;
+ }
+
+ rv = RSA_public_encrypt(inlen, in, out, rsa, padding);
+ if (rv == -1) {
+ rv = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err;
+ }
+
+ /* RSA_public_encrypt returns the size of the encrypted data */
+ *outlen = rv;
+ rv = TSS_SUCCESS;
+ goto out;
+
+err:
+ DEBUG_print_openssl_errors();
+out:
+ if (rsa)
+ RSA_free(rsa);
+ return rv;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/symmetric.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/symmetric.c
new file mode 100644
index 0000000..3101d51
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/crypto/openssl/symmetric.c
@@ -0,0 +1,387 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+/*
+ * symmetric.c - openssl TSS crypto routines
+ *
+ * Kent Yoder <[email protected]>
+ *
+ */
+
+#include <limits.h>
+#include <string.h>
+
+#include <openssl/evp.h>
+#include <openssl/err.h>
+#include <openssl/rand.h>
+#include <limits.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "tsplog.h"
+
+
+#ifdef TSS_DEBUG
+#define DEBUG_print_openssl_errors() \
+ do { \
+ ERR_load_crypto_strings(); \
+ ERR_print_errors_fp(stderr); \
+ } while (0)
+#else
+#define DEBUG_print_openssl_errors()
+#endif
+
+/*
+ * Hopefully this will make the code clearer since
+ * OpenSSL returns 1 on success
+ */
+#define EVP_SUCCESS 1
+
+TSS_RESULT
+Trspi_Encrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out,
+ UINT32 *out_len)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ EVP_CIPHER_CTX *ctx = NULL;
+ UINT32 tmp;
+
+ switch (alg) {
+ case TSS_ALG_AES:
+ break;
+ default:
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ break;
+ }
+
+ ctx = EVP_CIPHER_CTX_new();
+
+ if (!EVP_EncryptInit(ctx, EVP_aes_256_ecb(), key, NULL)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if (*out_len < in_len + EVP_CIPHER_CTX_block_size(ctx) - 1) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ if (!EVP_EncryptUpdate(ctx, out, (int *)out_len, in, in_len)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if (!EVP_EncryptFinal(ctx, out + *out_len, (int *)&tmp)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+ *out_len += tmp;
+done:
+ EVP_CIPHER_CTX_free(ctx);
+ return result;
+}
+
+TSS_RESULT
+Trspi_Decrypt_ECB(UINT16 alg, BYTE *key, BYTE *in, UINT32 in_len, BYTE *out,
+ UINT32 *out_len)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ EVP_CIPHER_CTX *ctx = NULL;
+ UINT32 tmp;
+
+ switch (alg) {
+ case TSS_ALG_AES:
+ break;
+ default:
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ break;
+ }
+
+ ctx = EVP_CIPHER_CTX_new();
+
+ if (!EVP_DecryptInit(ctx, EVP_aes_256_ecb(), key, NULL)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if (!EVP_DecryptUpdate(ctx, out, (int *)out_len, in, in_len)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if (!EVP_DecryptFinal(ctx, out + *out_len, (int *)&tmp)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+ *out_len += tmp;
+done:
+ EVP_CIPHER_CTX_free(ctx);
+ return result;
+}
+
+EVP_CIPHER *
+get_openssl_cipher(UINT16 alg, UINT16 mode)
+{
+ EVP_CIPHER *cipher = NULL;
+
+ switch (alg) {
+ case TSS_ALG_AES:
+ case TCPA_ALG_AES:
+ switch (mode) {
+ case TPM_ES_NONE:
+ case TSS_ES_NONE:
+ case TPM_ES_SYM_CBC_PKCS5PAD:
+ LogDebug("XXX Make sure this is really PKCS5 padded");
+ case TR_SYM_MODE_CBC:
+ cipher = (EVP_CIPHER *)EVP_aes_128_cbc();
+ break;
+ case TPM_ES_SYM_OFB:
+ cipher = (EVP_CIPHER *)EVP_aes_128_ofb();
+ break;
+ case TPM_ES_SYM_CNT:
+ LogDebug("XXX AES128 in CTR mode unsupp by openssl EVP");
+ default:
+ LogDebug("Invalid mode in doing symmetric encryption");
+ break;
+ }
+ break;
+ case TSS_ALG_DES:
+ case TCPA_ALG_DES:
+ switch (mode) {
+ case TPM_ES_NONE:
+ case TSS_ES_NONE:
+ case TPM_ES_SYM_CBC_PKCS5PAD:
+ LogDebug("XXX Make sure this is really PKCS5 padded");
+ case TR_SYM_MODE_CBC:
+ cipher = (EVP_CIPHER *)EVP_des_cbc();
+ break;
+ case TPM_ES_SYM_OFB:
+ cipher = (EVP_CIPHER *)EVP_des_ofb();
+ break;
+ case TPM_ES_SYM_CNT:
+ LogDebug("XXX DES in CTR mode unsupp by openssl EVP");
+ default:
+ LogDebug("Invalid mode in doing symmetric encryption");
+ break;
+ }
+ break;
+ case TSS_ALG_3DES:
+ case TCPA_ALG_3DES:
+ switch (mode) {
+ case TPM_ES_NONE:
+ case TSS_ES_NONE:
+ case TPM_ES_SYM_CBC_PKCS5PAD:
+ LogDebug("XXX Make sure this is really PKCS5 padded");
+ case TR_SYM_MODE_CBC:
+ cipher = (EVP_CIPHER *)EVP_des_ede3_cbc();
+ break;
+ case TPM_ES_SYM_OFB:
+ cipher = (EVP_CIPHER *)EVP_des_ede3_ofb();
+ break;
+ case TPM_ES_SYM_CNT:
+ LogDebug("XXX 3DES in CTR mode unsupp by openssl EVP");
+ default:
+ LogDebug("Invalid mode in doing symmetric encryption");
+ break;
+ }
+ break;
+ case TPM_ALG_AES192:
+ case TSS_ALG_AES192:
+ switch (mode) {
+ case TPM_ES_NONE:
+ case TSS_ES_NONE:
+ case TPM_ES_SYM_CBC_PKCS5PAD:
+ LogDebug("XXX Make sure this is really PKCS5 padded");
+ case TR_SYM_MODE_CBC:
+ cipher = (EVP_CIPHER *)EVP_aes_192_cbc();
+ break;
+ case TPM_ES_SYM_OFB:
+ cipher = (EVP_CIPHER *)EVP_aes_192_ofb();
+ break;
+ case TPM_ES_SYM_CNT:
+ LogDebug("XXX AES192 in CTR mode unsupp by openssl EVP");
+ default:
+ LogDebug("Invalid mode in doing symmetric encryption");
+ break;
+ }
+ break;
+ case TPM_ALG_AES256:
+ case TSS_ALG_AES256:
+ switch (mode) {
+ case TPM_ES_NONE:
+ case TSS_ES_NONE:
+ case TPM_ES_SYM_CBC_PKCS5PAD:
+ LogDebug("XXX Make sure this is really PKCS5 padded");
+ case TR_SYM_MODE_CBC:
+ cipher = (EVP_CIPHER *)EVP_aes_256_cbc();
+ break;
+ case TPM_ES_SYM_OFB:
+ cipher = (EVP_CIPHER *)EVP_aes_256_ofb();
+ break;
+ case TPM_ES_SYM_CNT:
+ LogDebug("XXX AES256 in CTR mode unsupp by openssl EVP");
+ default:
+ LogDebug("Invalid mode in doing symmetric encryption");
+ break;
+ }
+ break;
+ default:
+ LogDebug("Invalid algorithm in doing symmetric encryption");
+ break;
+ }
+
+ return cipher;
+}
+
+TSS_RESULT
+Trspi_SymEncrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 in_len, BYTE *out,
+ UINT32 *out_len)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ EVP_CIPHER_CTX *ctx = NULL;
+ EVP_CIPHER *cipher;
+ BYTE *def_iv = NULL, *outiv_ptr;
+ UINT32 tmp;
+ int iv_len, outiv_len;
+
+ if (*out_len > INT_MAX)
+ outiv_len = INT_MAX;
+ else
+ outiv_len = *(int *)out_len;
+
+ if ((cipher = get_openssl_cipher(alg, mode)) == NULL)
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ ctx = EVP_CIPHER_CTX_new();
+
+ /* If the iv passed in is NULL, create a new random iv and prepend it to the ciphertext */
+ iv_len = EVP_CIPHER_iv_length(cipher);
+ if (iv == NULL) {
+ def_iv = malloc(iv_len);
+ if (def_iv == NULL) {
+ LogError("malloc of %d bytes failed.", iv_len);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ RAND_bytes(def_iv, iv_len);
+
+ memcpy(out, def_iv, iv_len);
+ outiv_ptr = &out[iv_len];
+ outiv_len -= iv_len;
+ } else {
+ def_iv = iv;
+ outiv_ptr = out;
+ }
+
+ if (!EVP_EncryptInit(ctx, (const EVP_CIPHER *)cipher, key, def_iv)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if ((UINT32)outiv_len < in_len + (EVP_CIPHER_CTX_block_size(ctx) * 2) - 1) {
+ LogDebug("Not enough space to do symmetric encryption");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ if (!EVP_EncryptUpdate(ctx, outiv_ptr, &outiv_len, in, in_len)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if (!EVP_EncryptFinal(ctx, outiv_ptr + outiv_len, (int *)&tmp)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ outiv_len += tmp;
+ *out_len = outiv_len;
+done:
+ if (def_iv != iv) {
+ *out_len += iv_len;
+ free(def_iv);
+ }
+ EVP_CIPHER_CTX_free(ctx);
+ return result;
+}
+
+TSS_RESULT
+Trspi_SymDecrypt(UINT16 alg, UINT16 mode, BYTE *key, BYTE *iv, BYTE *in, UINT32 in_len, BYTE *out,
+ UINT32 *out_len)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ EVP_CIPHER_CTX *ctx = NULL;
+ EVP_CIPHER *cipher;
+ BYTE *def_iv = NULL, *iniv_ptr;
+ UINT32 tmp;
+ int iv_len, iniv_len;
+
+ if (in_len > INT_MAX)
+ return TSS_E_BAD_PARAMETER;
+
+ if ((cipher = get_openssl_cipher(alg, mode)) == NULL)
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ ctx = EVP_CIPHER_CTX_new();
+
+ /* If the iv is NULL, assume that its prepended to the ciphertext */
+ if (iv == NULL) {
+ iv_len = EVP_CIPHER_iv_length(cipher);
+ def_iv = malloc(iv_len);
+ if (def_iv == NULL) {
+ LogError("malloc of %d bytes failed.", iv_len);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ memcpy(def_iv, in, iv_len);
+ iniv_ptr = &in[iv_len];
+ iniv_len = in_len - iv_len;
+ } else {
+ def_iv = iv;
+ iniv_ptr = in;
+ iniv_len = in_len;
+ }
+
+ if (!EVP_DecryptInit(ctx, cipher, key, def_iv)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if (!EVP_DecryptUpdate(ctx, out, (int *)out_len, iniv_ptr, iniv_len)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ if (!EVP_DecryptFinal(ctx, out + *out_len, (int *)&tmp)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ DEBUG_print_openssl_errors();
+ goto done;
+ }
+
+ *out_len += tmp;
+done:
+ if (def_iv != iv)
+ free(def_iv);
+ EVP_CIPHER_CTX_free(ctx);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/trousers.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/trousers.c
new file mode 100644
index 0000000..10e57f8
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/trspi/trousers.c
@@ -0,0 +1,3841 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <stddef.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/mman.h>
+#include <langinfo.h>
+#include <iconv.h>
+#include <wchar.h>
+#include <errno.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+#include "tcs_tsp.h"
+
+void
+Trspi_UnloadBlob_NONCE(UINT64 *offset, BYTE *blob, TPM_NONCE *n)
+{
+ if (!n) {
+ (*offset) += TPM_SHA1_160_HASH_LEN;
+ return;
+ }
+
+ Trspi_UnloadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, n->nonce);
+}
+
+void
+Trspi_LoadBlob_NONCE(UINT64 *offset, BYTE *blob, TPM_NONCE *n)
+{
+ Trspi_LoadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, n->nonce);
+}
+
+void
+Trspi_LoadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest)
+{
+ Trspi_LoadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, digest->digest);
+}
+
+void
+Trspi_UnloadBlob_DIGEST(UINT64 *offset, BYTE *blob, TPM_DIGEST *digest)
+{
+ if (!digest) {
+ (*offset) += TPM_SHA1_160_HASH_LEN;
+ return;
+ }
+
+ Trspi_UnloadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, digest->digest);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_DIGEST_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DIGEST *digest)
+{
+ if (!digest) {
+ (*offset) += TPM_SHA1_160_HASH_LEN;
+ if (*offset > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ return TSS_SUCCESS;
+ }
+
+ return Trspi_UnloadBlob_s(offset, TPM_SHA1_160_HASH_LEN, blob, capacity, digest->digest);
+}
+
+void
+Trspi_LoadBlob_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_PUBKEY *pubKey)
+{
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &pubKey->algorithmParms);
+ Trspi_LoadBlob_STORE_PUBKEY(offset, blob, &pubKey->pubKey);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_PUBKEY *pubKey)
+{
+ TSS_RESULT result;
+
+ if (!pubKey) {
+ (void)Trspi_UnloadBlob_KEY_PARMS(offset, blob, NULL);
+ (void)Trspi_UnloadBlob_STORE_PUBKEY(offset, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ pubKey->pubKey.key = NULL;
+ pubKey->algorithmParms.parms = NULL;
+ if ((result = Trspi_UnloadBlob_KEY_PARMS(offset, blob, &pubKey->algorithmParms)))
+ return result;
+
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY(offset, blob, &pubKey->pubKey))) {
+ free(pubKey->pubKey.key);
+ free(pubKey->algorithmParms.parms);
+ pubKey->pubKey.key = NULL;
+ pubKey->pubKey.keyLength = 0;
+ pubKey->algorithmParms.parms = NULL;
+ pubKey->algorithmParms.parmSize = 0;
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PUBKEY_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_PUBKEY *pubKey)
+{
+ TSS_RESULT result;
+
+ if (!pubKey) {
+ if((result = Trspi_UnloadBlob_KEY_PARMS_s(offset, blob, capacity, NULL)))
+ return result;
+ if((result = Trspi_UnloadBlob_STORE_PUBKEY_s(offset, blob, capacity, NULL)))
+ return result;
+ return TSS_SUCCESS;
+ }
+
+ pubKey->pubKey.key = NULL;
+ pubKey->algorithmParms.parms = NULL;
+ if ((result = Trspi_UnloadBlob_KEY_PARMS_s(offset, blob, capacity, &pubKey->algorithmParms)))
+ return result;
+
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY_s(offset, blob, capacity, &pubKey->pubKey))) {
+ free(pubKey->pubKey.key);
+ free(pubKey->algorithmParms.parms);
+ pubKey->pubKey.key = NULL;
+ pubKey->pubKey.keyLength = 0;
+ pubKey->algorithmParms.parms = NULL;
+ pubKey->algorithmParms.parmSize = 0;
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob(UINT64 *offset, size_t size, BYTE *to, BYTE *from)
+{
+ if (size == 0)
+ return;
+
+ if (to)
+ memcpy(&to[(*offset)], from, size);
+ (*offset) += size;
+}
+
+void
+Trspi_UnloadBlob(UINT64 *offset, size_t size, BYTE *from, BYTE *to)
+{
+ if (size <= 0)
+ return;
+
+ if (to)
+ memcpy(to, &from[*offset], size);
+ (*offset) += size;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_s(UINT64 *offset, size_t size, BYTE *from, UINT64 capacity, BYTE *to)
+{
+ if (size == 0)
+ return TSS_SUCCESS;
+ if (*offset + size > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ if (to)
+ memcpy(to, &from[*offset], size);
+ (*offset) += size;
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_BYTE(UINT64 *offset, BYTE data, BYTE *blob)
+{
+ if (blob)
+ blob[*offset] = data;
+ (*offset)++;
+}
+
+void
+Trspi_UnloadBlob_BYTE(UINT64 *offset, BYTE *dataOut, BYTE *blob)
+{
+ if (dataOut)
+ *dataOut = blob[*offset];
+ (*offset)++;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_BYTE_s(UINT64 *offset, BYTE *dataOut, BYTE *blob, UINT64 capacity)
+{
+ if (*offset + 1 > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ if (dataOut)
+ *dataOut = blob[*offset];
+ (*offset)++;
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_BOOL(UINT64 *offset, TSS_BOOL data, BYTE *blob)
+{
+ if (blob)
+ blob[*offset] = (BYTE) data;
+ (*offset)++;
+}
+
+void
+Trspi_UnloadBlob_BOOL(UINT64 *offset, TSS_BOOL *dataOut, BYTE *blob)
+{
+ if (dataOut)
+ *dataOut = blob[*offset];
+ (*offset)++;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_BOOL_s(UINT64 *offset, TSS_BOOL *dataOut, BYTE *blob, UINT64 capacity)
+{
+ if (*offset + 1 > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ if (dataOut)
+ *dataOut = blob[*offset];
+ (*offset)++;
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_UINT64(UINT64 *offset, UINT64 in, BYTE *blob)
+{
+ if (blob)
+ UINT64ToArray(in, &blob[*offset]);
+ (*offset) += sizeof(UINT64);
+}
+
+void
+Trspi_LoadBlob_UINT32(UINT64 *offset, UINT32 in, BYTE *blob)
+{
+ if (blob)
+ UINT32ToArray(in, &blob[*offset]);
+ (*offset) += sizeof(UINT32);
+}
+
+void
+Trspi_LoadBlob_UINT16(UINT64 *offset, UINT16 in, BYTE *blob)
+{
+ if (blob)
+ UINT16ToArray(in, &blob[*offset]);
+ (*offset) += sizeof(UINT16);
+}
+
+void
+Trspi_UnloadBlob_UINT64(UINT64 *offset, UINT64 *out, BYTE *blob)
+{
+ if (out)
+ *out = Decode_UINT64(&blob[*offset]);
+ (*offset) += sizeof(UINT64);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_UINT64_s(UINT64 *offset, UINT64 *out, BYTE *blob, UINT64 capacity)
+{
+ if (*offset + sizeof(UINT64) > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ if (out)
+ *out = Decode_UINT64(&blob[*offset]);
+ (*offset) += sizeof(UINT64);
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_UnloadBlob_UINT32(UINT64 *offset, UINT32 *out, BYTE *blob)
+{
+ if (out)
+ *out = Decode_UINT32(&blob[*offset]);
+ (*offset) += sizeof(UINT32);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_UINT32_s(UINT64 *offset, UINT32 *out, BYTE *blob, UINT64 capacity)
+{
+ if (*offset + sizeof(UINT32) > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ if (out)
+ *out = Decode_UINT32(&blob[*offset]);
+ (*offset) += sizeof(UINT32);
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_UnloadBlob_UINT16(UINT64 *offset, UINT16 *out, BYTE *blob)
+{
+ if (out)
+ *out = Decode_UINT16(&blob[*offset]);
+ (*offset) += sizeof(UINT16);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_UINT16_s(UINT64 *offset, UINT16 *out, BYTE *blob, UINT64 capacity)
+{
+ if (*offset + sizeof(UINT16) > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ if (out)
+ *out = Decode_UINT16(&blob[*offset]);
+ (*offset) += sizeof(UINT16);
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_RSA_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_RSA_KEY_PARMS *parms)
+{
+ Trspi_LoadBlob_UINT32(offset, parms->keyLength, blob);
+ Trspi_LoadBlob_UINT32(offset, parms->numPrimes, blob);
+ Trspi_LoadBlob_UINT32(offset, parms->exponentSize, blob);
+
+ if (parms->exponentSize > 0)
+ Trspi_LoadBlob(offset, parms->exponentSize, blob, parms->exponent);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_RSA_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_RSA_KEY_PARMS *parms)
+{
+ if (!parms) {
+ UINT32 exponentSize;
+
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &exponentSize, blob);
+
+ (*offset) += exponentSize;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &parms->keyLength, blob);
+ Trspi_UnloadBlob_UINT32(offset, &parms->numPrimes, blob);
+ Trspi_UnloadBlob_UINT32(offset, &parms->exponentSize, blob);
+
+ if (parms->exponentSize > 0) {
+ parms->exponent = malloc(parms->exponentSize);
+ if (parms->exponent == NULL) {
+ LogError("malloc of %"PRIu32" bytes failed.", parms->exponentSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, parms->exponentSize, blob, parms->exponent);
+ } else {
+ parms->exponent = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_RSA_KEY_PARMS_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_RSA_KEY_PARMS *parms)
+{
+ TSS_RESULT result;
+ if (!parms) {
+ UINT32 exponentSize;
+
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &exponentSize, blob, capacity)))
+ return result;
+
+ if (*offset + exponentSize > capacity) {
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ (*offset) += exponentSize;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &parms->keyLength, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &parms->numPrimes, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &parms->exponentSize, blob, capacity)))
+ return result;
+
+ if (*offset + parms->exponentSize > capacity) {
+ parms->exponent = NULL;
+ parms->exponentSize = 0;
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if (parms->exponentSize > 0) {
+ parms->exponent = malloc(parms->exponentSize);
+ if (parms->exponent == NULL) {
+ LogError("malloc of %"PRIu32" bytes failed.", parms->exponentSize);
+ parms->exponentSize = 0;
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ if ((result = Trspi_UnloadBlob_s(offset, parms->exponentSize, blob, capacity, parms->exponent))) {
+ free(parms->exponent);
+ parms->exponent = NULL;
+ parms->exponentSize = 0;
+ return result;
+ }
+ } else {
+ parms->exponent = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_UnloadBlob_TSS_VERSION(UINT64 *offset, BYTE *blob, TSS_VERSION *out)
+{
+ if (!out) {
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_BYTE(offset, &out->bMajor, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->bMinor, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->bRevMajor, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->bRevMinor, blob);
+}
+
+void
+Trspi_LoadBlob_TSS_VERSION(UINT64 *offset, BYTE *blob, TSS_VERSION version)
+{
+ Trspi_LoadBlob_BYTE(offset, version.bMajor, blob);
+ Trspi_LoadBlob_BYTE(offset, version.bMinor, blob);
+ Trspi_LoadBlob_BYTE(offset, version.bRevMajor, blob);
+ Trspi_LoadBlob_BYTE(offset, version.bRevMinor, blob);
+}
+
+void
+Trspi_UnloadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION *out)
+{
+ if (!out) {
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_BYTE(offset, &out->major, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->minor, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->revMajor, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->revMinor, blob);
+}
+
+void
+Trspi_LoadBlob_TCPA_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION version)
+{
+ Trspi_LoadBlob_BYTE(offset, version.major, blob);
+ Trspi_LoadBlob_BYTE(offset, version.minor, blob);
+ Trspi_LoadBlob_BYTE(offset, version.revMajor, blob);
+ Trspi_LoadBlob_BYTE(offset, version.revMinor, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_INFO(UINT64 *offset, BYTE *blob, TCPA_PCR_INFO *pcr)
+{
+ TSS_RESULT result;
+
+ if (!pcr) {
+ (void)Trspi_UnloadBlob_PCR_SELECTION(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_PCR_SELECTION(offset, blob, &pcr->pcrSelection)))
+ return result;
+ Trspi_UnloadBlob_DIGEST(offset, blob, &pcr->digestAtRelease);
+ Trspi_UnloadBlob_DIGEST(offset, blob, &pcr->digestAtCreation);
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_PCR_INFO(UINT64 *offset, BYTE *blob, TCPA_PCR_INFO *pcr)
+{
+ Trspi_LoadBlob_PCR_SELECTION(offset, blob, &pcr->pcrSelection);
+ Trspi_LoadBlob_DIGEST(offset, blob, &pcr->digestAtRelease);
+ Trspi_LoadBlob_DIGEST(offset, blob, &pcr->digestAtCreation);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_INFO_LONG(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_LONG *pcr)
+{
+ TSS_RESULT result;
+
+ if (!pcr) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_PCR_SELECTION(offset, blob, NULL);
+ Trspi_UnloadBlob_PCR_SELECTION(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &pcr->tag, blob);
+ Trspi_UnloadBlob_BYTE(offset, &pcr->localityAtCreation, blob);
+ Trspi_UnloadBlob_BYTE(offset, &pcr->localityAtRelease, blob);
+ if ((result = Trspi_UnloadBlob_PCR_SELECTION(offset, blob, &pcr->creationPCRSelection)))
+ return result;
+ if ((result = Trspi_UnloadBlob_PCR_SELECTION(offset, blob, &pcr->releasePCRSelection)))
+ return result;
+ Trspi_UnloadBlob_DIGEST(offset, blob, &pcr->digestAtCreation);
+ Trspi_UnloadBlob_DIGEST(offset, blob, &pcr->digestAtRelease);
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_PCR_INFO_LONG(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_LONG *pcr)
+{
+ Trspi_LoadBlob_UINT16(offset, pcr->tag, blob);
+ Trspi_LoadBlob_BYTE(offset, pcr->localityAtCreation, blob);
+ Trspi_LoadBlob_BYTE(offset, pcr->localityAtRelease, blob);
+ Trspi_LoadBlob_PCR_SELECTION(offset, blob, &pcr->creationPCRSelection);
+ Trspi_LoadBlob_PCR_SELECTION(offset, blob, &pcr->releasePCRSelection);
+ Trspi_LoadBlob_DIGEST(offset, blob, &pcr->digestAtCreation);
+ Trspi_LoadBlob_DIGEST(offset, blob, &pcr->digestAtRelease);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_SHORT *pcr)
+{
+ TSS_RESULT result;
+
+ if (!pcr) {
+ Trspi_UnloadBlob_PCR_SELECTION(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_PCR_SELECTION(offset, blob, &pcr->pcrSelection)))
+ return result;
+ Trspi_UnloadBlob_BYTE(offset, &pcr->localityAtRelease, blob);
+ Trspi_UnloadBlob_DIGEST(offset, blob, &pcr->digestAtRelease);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_INFO_SHORT_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_PCR_INFO_SHORT *pcr)
+{
+ TSS_RESULT result;
+
+ if (!pcr) {
+ if ((result = Trspi_UnloadBlob_PCR_SELECTION_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_DIGEST_s(offset, blob, capacity, NULL)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_PCR_SELECTION_s(offset, blob, capacity, &pcr->pcrSelection)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &pcr->localityAtRelease, blob, capacity))) {
+ free(pcr->pcrSelection.pcrSelect);
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_DIGEST_s(offset, blob, capacity, &pcr->digestAtRelease))) {
+ free(pcr->pcrSelection.pcrSelect);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TPM_PCR_INFO_SHORT *pcr)
+{
+ Trspi_LoadBlob_PCR_SELECTION(offset, blob, &pcr->pcrSelection);
+ Trspi_LoadBlob_BYTE(offset, pcr->localityAtRelease, blob);
+ Trspi_LoadBlob_DIGEST(offset, blob, &pcr->digestAtRelease);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_SELECTION(UINT64 *offset, BYTE *blob, TCPA_PCR_SELECTION *pcr)
+{
+ if (!pcr) {
+ UINT16 sizeOfSelect;
+
+ Trspi_UnloadBlob_UINT16(offset, &sizeOfSelect, blob);
+ Trspi_UnloadBlob(offset, sizeOfSelect, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &pcr->sizeOfSelect, blob);
+
+ if (pcr->sizeOfSelect > 0) {
+ pcr->pcrSelect = calloc(1, pcr->sizeOfSelect);
+ if (pcr->pcrSelect == NULL) {
+ LogError("malloc of %u bytes failed.", pcr->sizeOfSelect);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ Trspi_UnloadBlob(offset, pcr->sizeOfSelect, blob, pcr->pcrSelect);
+ } else {
+ pcr->pcrSelect = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_SELECTION_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_PCR_SELECTION *pcr)
+{
+ TSS_RESULT result;
+
+ if (!pcr) {
+ UINT16 sizeOfSelect;
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &sizeOfSelect, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, sizeOfSelect, blob, capacity, NULL)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &pcr->sizeOfSelect, blob, capacity)))
+ return result;
+
+ if (pcr->sizeOfSelect > 0) {
+ if (*offset + pcr->sizeOfSelect > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+
+ pcr->pcrSelect = calloc(1, pcr->sizeOfSelect);
+ if (pcr->pcrSelect == NULL) {
+ LogError("malloc of %u bytes failed.", pcr->sizeOfSelect);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = Trspi_UnloadBlob_s(offset, pcr->sizeOfSelect, blob, capacity, pcr->pcrSelect))) {
+ free(pcr->pcrSelect);
+ return result;
+ }
+ } else {
+ pcr->pcrSelect = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_PCR_SELECTION(UINT64 *offset, BYTE *blob, TCPA_PCR_SELECTION *pcr)
+{
+ UINT16 i;
+
+ Trspi_LoadBlob_UINT16(offset, pcr->sizeOfSelect, blob);
+ for (i = 0; i < pcr->sizeOfSelect; i++)
+ Trspi_LoadBlob_BYTE(offset, pcr->pcrSelect[i], blob);
+}
+
+void
+Trspi_LoadBlob_KEY12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key)
+{
+ Trspi_LoadBlob_UINT16(offset, key->tag, blob);
+ Trspi_LoadBlob_UINT16(offset, key->fill, blob);
+ Trspi_LoadBlob_UINT16(offset, key->keyUsage, blob);
+ Trspi_LoadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_LoadBlob_BYTE(offset, key->authDataUsage, blob);
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &key->algorithmParms);
+ Trspi_LoadBlob_UINT32(offset, key->PCRInfoSize, blob);
+ Trspi_LoadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+ Trspi_LoadBlob_STORE_PUBKEY(offset, blob, &key->pubKey);
+ Trspi_LoadBlob_UINT32(offset, key->encSize, blob);
+ Trspi_LoadBlob(offset, key->encSize, blob, key->encData);
+}
+
+void
+Trspi_LoadBlob_KEY(UINT64 *offset, BYTE *blob, TCPA_KEY *key)
+{
+ Trspi_LoadBlob_TCPA_VERSION(offset, blob, key->ver);
+ Trspi_LoadBlob_UINT16(offset, key->keyUsage, blob);
+ Trspi_LoadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_LoadBlob_BYTE(offset, key->authDataUsage, blob);
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &key->algorithmParms);
+ Trspi_LoadBlob_UINT32(offset, key->PCRInfoSize, blob);
+ Trspi_LoadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+ Trspi_LoadBlob_STORE_PUBKEY(offset, blob, &key->pubKey);
+ Trspi_LoadBlob_UINT32(offset, key->encSize, blob);
+ Trspi_LoadBlob(offset, key->encSize, blob, key->encData);
+}
+
+void
+Trspi_LoadBlob_KEY_FLAGS(UINT64 *offset, BYTE *blob, TCPA_KEY_FLAGS *flags)
+{
+ Trspi_LoadBlob_UINT32(offset, *flags, blob);
+}
+
+void
+Trspi_UnloadBlob_KEY_FLAGS(UINT64 *offset, BYTE *blob, TCPA_KEY_FLAGS *flags)
+{
+ Trspi_UnloadBlob_UINT32(offset, flags, blob);
+}
+
+void
+Trspi_LoadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyInfo)
+{
+ Trspi_LoadBlob_UINT32(offset, keyInfo->algorithmID, blob);
+ Trspi_LoadBlob_UINT16(offset, keyInfo->encScheme, blob);
+ Trspi_LoadBlob_UINT16(offset, keyInfo->sigScheme, blob);
+ Trspi_LoadBlob_UINT32(offset, keyInfo->parmSize, blob);
+
+ if (keyInfo->parmSize > 0)
+ Trspi_LoadBlob(offset, keyInfo->parmSize, blob, keyInfo->parms);
+}
+
+void
+Trspi_LoadBlob_STORE_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_STORE_PUBKEY *store)
+{
+ Trspi_LoadBlob_UINT32(offset, store->keyLength, blob);
+ Trspi_LoadBlob(offset, store->keyLength, blob, store->key);
+}
+
+void
+Trspi_LoadBlob_UUID(UINT64 *offset, BYTE *blob, TSS_UUID uuid)
+{
+ Trspi_LoadBlob_UINT32(offset, uuid.ulTimeLow, blob);
+ Trspi_LoadBlob_UINT16(offset, uuid.usTimeMid, blob);
+ Trspi_LoadBlob_UINT16(offset, uuid.usTimeHigh, blob);
+ Trspi_LoadBlob_BYTE(offset, uuid.bClockSeqHigh, blob);
+ Trspi_LoadBlob_BYTE(offset, uuid.bClockSeqLow, blob);
+ Trspi_LoadBlob(offset, 6, blob, uuid.rgbNode);
+}
+
+void
+Trspi_UnloadBlob_UUID(UINT64 *offset, BYTE *blob, TSS_UUID *uuid)
+{
+ if (!uuid) {
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob(offset, 6, blob, NULL);
+
+ return;
+ }
+
+ memset(uuid, 0, sizeof(TSS_UUID));
+ Trspi_UnloadBlob_UINT32(offset, &uuid->ulTimeLow, blob);
+ Trspi_UnloadBlob_UINT16(offset, &uuid->usTimeMid, blob);
+ Trspi_UnloadBlob_UINT16(offset, &uuid->usTimeHigh, blob);
+ Trspi_UnloadBlob_BYTE(offset, &uuid->bClockSeqHigh, blob);
+ Trspi_UnloadBlob_BYTE(offset, &uuid->bClockSeqLow, blob);
+ Trspi_UnloadBlob(offset, 6, blob, uuid->rgbNode);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KEY_PARMS(UINT64 *offset, BYTE *blob, TCPA_KEY_PARMS *keyParms)
+{
+ if (!keyParms) {
+ UINT32 parmSize;
+
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &parmSize, blob);
+
+ (*offset) += parmSize;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &keyParms->algorithmID, blob);
+ Trspi_UnloadBlob_UINT16(offset, &keyParms->encScheme, blob);
+ Trspi_UnloadBlob_UINT16(offset, &keyParms->sigScheme, blob);
+ Trspi_UnloadBlob_UINT32(offset, &keyParms->parmSize, blob);
+
+ if (keyParms->parmSize > 0) {
+ keyParms->parms = malloc(keyParms->parmSize);
+ if (keyParms->parms == NULL) {
+ LogError("malloc of %u bytes failed.", keyParms->parmSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, keyParms->parmSize, blob, keyParms->parms);
+ } else {
+ keyParms->parms = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KEY_PARMS_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_KEY_PARMS *keyParms)
+{
+ TSS_RESULT result;
+ if (!keyParms) {
+ UINT32 parmSize;
+
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &parmSize, blob, capacity)))
+ return result;
+
+ if (*offset + parmSize > capacity) {
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ (*offset) += parmSize;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &keyParms->algorithmID, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &keyParms->encScheme, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &keyParms->sigScheme, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &keyParms->parmSize, blob, capacity)))
+ return result;
+
+ if (*offset + keyParms->parmSize > capacity) {
+ keyParms->parms = NULL;
+ keyParms->parmSize = 0;
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if (keyParms->parmSize > 0) {
+ keyParms->parms = malloc(keyParms->parmSize);
+ if (keyParms->parms == NULL) {
+ LogError("malloc of %"PRIu32" bytes failed.", keyParms->parmSize);
+ keyParms->parmSize = 0;
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ if ((result = Trspi_UnloadBlob_s(offset, keyParms->parmSize, blob, capacity, keyParms->parms))) {
+ free(keyParms->parms);
+ keyParms->parms = NULL;
+ keyParms->parmSize = 0;
+ return result;
+ }
+ } else {
+ keyParms->parms = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KEY12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key)
+{
+ TSS_RESULT result;
+
+ if (!key) {
+ UINT32 PCRInfoSize, encSize;
+
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_KEY_PARMS(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &PCRInfoSize, blob);
+ Trspi_UnloadBlob(offset, PCRInfoSize, blob, NULL);
+ Trspi_UnloadBlob_STORE_PUBKEY(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &encSize, blob);
+ Trspi_UnloadBlob(offset, encSize, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &key->tag, blob);
+ Trspi_UnloadBlob_UINT16(offset, &key->fill, blob);
+ Trspi_UnloadBlob_UINT16(offset, &key->keyUsage, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_UnloadBlob_BYTE(offset, &key->authDataUsage, blob);
+ if ((result = Trspi_UnloadBlob_KEY_PARMS(offset, (BYTE *) blob, &key->algorithmParms)))
+ return result;
+ Trspi_UnloadBlob_UINT32(offset, &key->PCRInfoSize, blob);
+
+ if (key->PCRInfoSize > 0) {
+ key->PCRInfo = malloc(key->PCRInfoSize);
+ if (key->PCRInfo == NULL) {
+ LogError("malloc of %d bytes failed.", key->PCRInfoSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+ } else {
+ key->PCRInfo = NULL;
+ }
+
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY(offset, blob, &key->pubKey)))
+ return result;
+ Trspi_UnloadBlob_UINT32(offset, &key->encSize, blob);
+
+ if (key->encSize > 0) {
+ key->encData = malloc(key->encSize);
+ if (key->encData == NULL) {
+ LogError("malloc of %d bytes failed.", key->encSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, key->encSize, blob, key->encData);
+ } else {
+ key->encData = NULL;
+ }
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KEY12_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_KEY12 *key)
+{
+ TSS_RESULT result;
+
+ if(offsetof(TSS_KEY, algorithmParms) > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+
+ if (!key) {
+ UINT32 PCRInfoSize, encSize;
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ if ((result = Trspi_UnloadBlob_KEY_PARMS_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &PCRInfoSize, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, PCRInfoSize, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &encSize, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, encSize, blob, capacity, NULL)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &key->tag, blob);
+ Trspi_UnloadBlob_UINT16(offset, &key->fill, blob);
+ Trspi_UnloadBlob_UINT16(offset, &key->keyUsage, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_UnloadBlob_BYTE(offset, &key->authDataUsage, blob);
+ if ((result = Trspi_UnloadBlob_KEY_PARMS_s(offset, (BYTE *) blob, capacity, &key->algorithmParms)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &key->PCRInfoSize, blob, capacity)))
+ return result;
+ if (key->PCRInfoSize > 0) {
+ key->PCRInfo = malloc(key->PCRInfoSize);
+ if (key->PCRInfo == NULL) {
+ LogError("malloc of %d bytes failed.", key->PCRInfoSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ if ((result = Trspi_UnloadBlob_s(offset, key->PCRInfoSize, blob, capacity, key->PCRInfo)))
+ goto error0;
+ } else {
+ key->PCRInfo = NULL;
+ }
+
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY_s(offset, blob, capacity, &key->pubKey)))
+ goto error0;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &key->encSize, blob, capacity)))
+ goto error0;
+ if (key->encSize > 0) {
+ key->encData = malloc(key->encSize);
+ if (key->encData == NULL) {
+ LogError("malloc of %d bytes failed.", key->encSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error0;
+ }
+ if ((result = Trspi_UnloadBlob_s(offset, key->encSize, blob, capacity, key->encData)))
+ goto error1;
+ } else {
+ key->encData = NULL;
+ }
+ return TSS_SUCCESS;
+
+error1:
+ if(key->encData != NULL)
+ free(key->encData);
+error0:
+ if(key->PCRInfo != NULL)
+ free(key->PCRInfo);
+ return result;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KEY(UINT64 *offset, BYTE *blob, TCPA_KEY *key)
+{
+ TSS_RESULT result;
+
+ if (!key) {
+ UINT32 PCRInfoSize, encSize;
+
+ Trspi_UnloadBlob_TCPA_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_KEY_PARMS(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &PCRInfoSize, blob);
+ Trspi_UnloadBlob(offset, PCRInfoSize, blob, NULL);
+ Trspi_UnloadBlob_STORE_PUBKEY(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &encSize, blob);
+ Trspi_UnloadBlob(offset, encSize, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_TCPA_VERSION(offset, blob, &key->ver);
+ Trspi_UnloadBlob_UINT16(offset, &key->keyUsage, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_UnloadBlob_BYTE(offset, &key->authDataUsage, blob);
+ if ((result = Trspi_UnloadBlob_KEY_PARMS(offset, (BYTE *) blob, &key->algorithmParms)))
+ return result;
+ Trspi_UnloadBlob_UINT32(offset, &key->PCRInfoSize, blob);
+
+ if (key->PCRInfoSize > 0) {
+ key->PCRInfo = malloc(key->PCRInfoSize);
+ if (key->PCRInfo == NULL) {
+ LogError("malloc of %d bytes failed.", key->PCRInfoSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+ } else {
+ key->PCRInfo = NULL;
+ }
+
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY(offset, blob, &key->pubKey)))
+ return result;
+ Trspi_UnloadBlob_UINT32(offset, &key->encSize, blob);
+
+ if (key->encSize > 0) {
+ key->encData = malloc(key->encSize);
+ if (key->encData == NULL) {
+ LogError("malloc of %d bytes failed.", key->encSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, key->encSize, blob, key->encData);
+ } else {
+ key->encData = NULL;
+ }
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KEY_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_KEY *key)
+{
+ TSS_RESULT result;
+
+ if(offsetof(TSS_KEY, algorithmParms) > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+
+ if (!key) {
+ UINT32 PCRInfoSize, encSize;
+
+ Trspi_UnloadBlob_TCPA_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ if ((result = Trspi_UnloadBlob_KEY_PARMS_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &PCRInfoSize, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, PCRInfoSize, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &encSize, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, encSize, blob, capacity, NULL)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_TCPA_VERSION(offset, blob, &key->ver);
+ Trspi_UnloadBlob_UINT16(offset, &key->keyUsage, blob);
+ Trspi_UnloadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_UnloadBlob_BYTE(offset, &key->authDataUsage, blob);
+ if ((result = Trspi_UnloadBlob_KEY_PARMS_s(offset, (BYTE *) blob, capacity, &key->algorithmParms)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &key->PCRInfoSize, blob, capacity)))
+ return result;
+ if (key->PCRInfoSize > 0) {
+ key->PCRInfo = malloc(key->PCRInfoSize);
+ if (key->PCRInfo == NULL) {
+ LogError("malloc of %d bytes failed.", key->PCRInfoSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ if ((result = Trspi_UnloadBlob_s(offset, key->PCRInfoSize, blob, capacity, key->PCRInfo)))
+ goto error0;
+ } else {
+ key->PCRInfo = NULL;
+ }
+
+ if ((result = Trspi_UnloadBlob_STORE_PUBKEY_s(offset, blob, capacity, &key->pubKey)))
+ goto error0;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &key->encSize, blob, capacity)))
+ goto error0;
+ if (key->encSize > 0) {
+ key->encData = malloc(key->encSize);
+ if (key->encData == NULL) {
+ LogError("malloc of %d bytes failed.", key->encSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error0;
+ }
+ if ((result = Trspi_UnloadBlob_s(offset, key->encSize, blob, capacity, key->encData)))
+ goto error1;
+ } else {
+ key->encData = NULL;
+ }
+ return TSS_SUCCESS;
+
+error1:
+ if(key->encData != NULL)
+ free(key->encData);
+error0:
+ if(key->PCRInfo != NULL)
+ free(key->PCRInfo);
+ return result;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_STORE_PUBKEY(UINT64 *offset, BYTE *blob, TCPA_STORE_PUBKEY *store)
+{
+ if (!store) {
+ UINT32 keyLength;
+
+ Trspi_UnloadBlob_UINT32(offset, &keyLength, blob);
+ Trspi_UnloadBlob(offset, keyLength, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &store->keyLength, blob);
+
+ if (store->keyLength > 0) {
+ store->key = malloc(store->keyLength);
+ if (store->key == NULL) {
+ LogError("malloc of %d bytes failed.", store->keyLength);
+ store->keyLength = 0;
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, store->keyLength, blob, store->key);
+ } else {
+ store->key = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_STORE_PUBKEY_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_STORE_PUBKEY *store)
+{
+ TSS_RESULT result;
+ if (!store) {
+ UINT32 keyLength;
+
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &keyLength, blob, capacity)))
+ return result;
+
+ if (*offset + keyLength > capacity) {
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ (*offset) += keyLength;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &store->keyLength, blob, capacity)))
+ return result;
+
+ if (*offset + store->keyLength > capacity) {
+ store->key = NULL;
+ store->keyLength = 0;
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ if (store->keyLength > 0) {
+ store->key = malloc(store->keyLength);
+ if (store->key == NULL) {
+ LogError("malloc of %"PRIu32" bytes failed.", store->keyLength);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ if ((result = Trspi_UnloadBlob_s(offset, store->keyLength, blob, capacity, store->key))) {
+ free(store->key);
+ store->key = NULL;
+ store->keyLength = 0;
+ return result;
+ }
+ } else {
+ store->key = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_UnloadBlob_VERSION(UINT64 *offset, BYTE *blob, TCPA_VERSION *out)
+{
+ if (!out) {
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_BYTE(offset, &out->major, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->minor, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->revMajor, blob);
+ Trspi_UnloadBlob_BYTE(offset, &out->revMinor, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_VERSION_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TCPA_VERSION *out)
+{
+ TSS_RESULT result;
+
+ if (!out) {
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &out->major, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &out->minor, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &out->revMajor, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &out->revMinor, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KM_KEYINFO(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO *info)
+{
+ if (!info) {
+ UINT32 ulVendorDataLength;
+
+ Trspi_UnloadBlob_TSS_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UUID(offset, blob, NULL);
+ Trspi_UnloadBlob_UUID(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BOOL(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &ulVendorDataLength, blob);
+
+ (*offset) += ulVendorDataLength;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_TSS_VERSION(offset, blob, &info->versionInfo);
+ Trspi_UnloadBlob_UUID(offset, blob, &info->keyUUID);
+ Trspi_UnloadBlob_UUID(offset, blob, &info->parentKeyUUID);
+ Trspi_UnloadBlob_BYTE(offset, &info->bAuthDataUsage, blob);
+ Trspi_UnloadBlob_BOOL(offset, &info->fIsLoaded, blob);
+ Trspi_UnloadBlob_UINT32(offset, &info->ulVendorDataLength, blob);
+ if (info->ulVendorDataLength > 0){
+ /* allocate space for vendor data */
+ info->rgbVendorData = malloc(info->ulVendorDataLength);
+ if (info->rgbVendorData == NULL) {
+ LogError("malloc of %u bytes failed.", info->ulVendorDataLength);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ Trspi_UnloadBlob(offset, info->ulVendorDataLength, blob, info->rgbVendorData);
+ } else
+ info->rgbVendorData = NULL;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_KM_KEYINFO2(UINT64 *offset, BYTE *blob, TSS_KM_KEYINFO2 *info)
+{
+ if (!info) {
+ UINT32 ulVendorDataLength;
+
+ Trspi_UnloadBlob_TSS_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UUID(offset, blob, NULL);
+ Trspi_UnloadBlob_UUID(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_BOOL(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &ulVendorDataLength, blob);
+
+ (*offset) += ulVendorDataLength;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_TSS_VERSION(offset, blob, &info->versionInfo);
+ Trspi_UnloadBlob_UUID(offset, blob, &info->keyUUID);
+ Trspi_UnloadBlob_UUID(offset, blob, &info->parentKeyUUID);
+ Trspi_UnloadBlob_BYTE(offset, &info->bAuthDataUsage, blob);
+ /* Takes data regarding the new 2 fields of TSS_KM_KEYINFO2 */
+ Trspi_UnloadBlob_UINT32(offset, &info->persistentStorageType, blob);
+ Trspi_UnloadBlob_UINT32(offset, &info->persistentStorageTypeParent, blob);
+ Trspi_UnloadBlob_BOOL(offset, &info->fIsLoaded, blob);
+ Trspi_UnloadBlob_UINT32(offset, &info->ulVendorDataLength, blob);
+ if (info->ulVendorDataLength > 0) {
+ /* allocate space for vendor data */
+ info->rgbVendorData = malloc(info->ulVendorDataLength);
+ if (info->rgbVendorData == NULL) {
+ LogError("malloc of %u bytes failed.", info->ulVendorDataLength);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ Trspi_UnloadBlob(offset, info->ulVendorDataLength, blob, info->rgbVendorData);
+ } else
+ info->rgbVendorData = NULL;
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event)
+{
+ Trspi_LoadBlob_TCPA_VERSION(offset, blob, *(TCPA_VERSION *)(&event->versionInfo));
+ Trspi_LoadBlob_UINT32(offset, event->ulPcrIndex, blob);
+ Trspi_LoadBlob_UINT32(offset, event->eventType, blob);
+
+ Trspi_LoadBlob_UINT32(offset, event->ulPcrValueLength, blob);
+ if (event->ulPcrValueLength > 0)
+ Trspi_LoadBlob(offset, event->ulPcrValueLength, blob, event->rgbPcrValue);
+
+ Trspi_LoadBlob_UINT32(offset, event->ulEventLength, blob);
+ if (event->ulEventLength > 0)
+ Trspi_LoadBlob(offset, event->ulEventLength, blob, event->rgbEvent);
+
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_EVENT(UINT64 *offset, BYTE *blob, TSS_PCR_EVENT *event)
+{
+ if (!event) {
+ UINT32 ulPcrValueLength, ulEventLength;
+
+ Trspi_UnloadBlob_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ Trspi_UnloadBlob_UINT32(offset, &ulPcrValueLength, blob);
+ (*offset) += ulPcrValueLength;
+
+ Trspi_UnloadBlob_UINT32(offset, &ulEventLength, blob);
+ (*offset) += ulEventLength;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_VERSION(offset, blob, (TCPA_VERSION *)&(event->versionInfo));
+ Trspi_UnloadBlob_UINT32(offset, &event->ulPcrIndex, blob);
+ Trspi_UnloadBlob_UINT32(offset, &event->eventType, blob);
+
+ Trspi_UnloadBlob_UINT32(offset, &event->ulPcrValueLength, blob);
+ if (event->ulPcrValueLength > 0) {
+ event->rgbPcrValue = malloc(event->ulPcrValueLength);
+ if (event->rgbPcrValue == NULL) {
+ LogError("malloc of %u bytes failed.", event->ulPcrValueLength);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ Trspi_UnloadBlob(offset, event->ulPcrValueLength, blob, event->rgbPcrValue);
+ } else {
+ event->rgbPcrValue = NULL;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &event->ulEventLength, blob);
+ if (event->ulEventLength > 0) {
+ event->rgbEvent = malloc(event->ulEventLength);
+ if (event->rgbEvent == NULL) {
+ LogError("malloc of %d bytes failed.", event->ulEventLength);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ Trspi_UnloadBlob(offset, event->ulEventLength, blob, event->rgbEvent);
+ } else {
+ event->rgbEvent = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+/* loads a blob with the info needed to hash when creating the private key area
+ * of a TPM_KEY(12) from an external source
+ */
+void
+Trspi_LoadBlob_PRIVKEY_DIGEST12(UINT64 *offset, BYTE *blob, TPM_KEY12 *key)
+{
+ Trspi_LoadBlob_UINT16(offset, key->tag, blob);
+ Trspi_LoadBlob_UINT16(offset, key->fill, blob);
+ Trspi_LoadBlob_UINT16(offset, key->keyUsage, blob);
+ Trspi_LoadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_LoadBlob_BYTE(offset, key->authDataUsage, blob);
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &key->algorithmParms);
+
+ Trspi_LoadBlob_UINT32(offset, key->PCRInfoSize, blob);
+ /* exclude pcrInfo when PCRInfoSize is 0 as spec'd in TPM 1.1b spec p.71 */
+ if (key->PCRInfoSize != 0)
+ Trspi_LoadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+
+ Trspi_LoadBlob_STORE_PUBKEY(offset, blob, &key->pubKey);
+ /* exclude encSize, encData as spec'd in TPM 1.1b spec p.71 */
+}
+
+void
+Trspi_LoadBlob_PRIVKEY_DIGEST(UINT64 *offset, BYTE *blob, TCPA_KEY *key)
+{
+ Trspi_LoadBlob_TCPA_VERSION(offset, blob, key->ver);
+ Trspi_LoadBlob_UINT16(offset, key->keyUsage, blob);
+ Trspi_LoadBlob_KEY_FLAGS(offset, blob, &key->keyFlags);
+ Trspi_LoadBlob_BYTE(offset, key->authDataUsage, blob);
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &key->algorithmParms);
+
+ Trspi_LoadBlob_UINT32(offset, key->PCRInfoSize, blob);
+ /* exclude pcrInfo when PCRInfoSize is 0 as spec'd in TPM 1.1b spec p.71 */
+ if (key->PCRInfoSize != 0)
+ Trspi_LoadBlob(offset, key->PCRInfoSize, blob, key->PCRInfo);
+
+ Trspi_LoadBlob_STORE_PUBKEY(offset, blob, &key->pubKey);
+ /* exclude encSize, encData as spec'd in TPM 1.1b spec p.71 */
+}
+
+void
+Trspi_LoadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key)
+{
+ Trspi_LoadBlob_UINT32(offset, key->algId, blob);
+ Trspi_LoadBlob_UINT16(offset, key->encScheme, blob);
+ Trspi_LoadBlob_UINT16(offset, key->size, blob);
+
+ if (key->size > 0)
+ Trspi_LoadBlob(offset, key->size, blob, key->data);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_SYMMETRIC_KEY(UINT64 *offset, BYTE *blob, TCPA_SYMMETRIC_KEY *key)
+{
+ if (!key) {
+ UINT16 size;
+
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, &size, blob);
+ (*offset) += size;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &key->algId, blob);
+ Trspi_UnloadBlob_UINT16(offset, &key->encScheme, blob);
+ Trspi_UnloadBlob_UINT16(offset, &key->size, blob);
+
+ if (key->size > 0) {
+ key->data = malloc(key->size);
+ if (key->data == NULL) {
+ key->size = 0;
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, key->size, blob, key->data);
+ } else {
+ key->data = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_IDENTITY_REQ(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_REQ *req)
+{
+ Trspi_LoadBlob_UINT32(offset, req->asymSize, blob);
+ Trspi_LoadBlob_UINT32(offset, req->symSize, blob);
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &req->asymAlgorithm);
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &req->symAlgorithm);
+ Trspi_LoadBlob(offset, req->asymSize, blob, req->asymBlob);
+ Trspi_LoadBlob(offset, req->symSize, blob, req->symBlob);
+}
+
+void
+Trspi_LoadBlob_CHANGEAUTH_VALIDATE(UINT64 *offset, BYTE *blob, TPM_CHANGEAUTH_VALIDATE *caValidate)
+{
+ Trspi_LoadBlob(offset, TCPA_SHA1_160_HASH_LEN, blob, caValidate->newAuthSecret.authdata);
+ Trspi_LoadBlob(offset, TCPA_SHA1_160_HASH_LEN, blob, caValidate->n1.nonce);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_IDENTITY_REQ(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_REQ *req)
+{
+ TSS_RESULT result;
+
+ if (!req) {
+ UINT32 asymSize, symSize;
+
+ Trspi_UnloadBlob_UINT32(offset, &asymSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &symSize, blob);
+ (void)Trspi_UnloadBlob_KEY_PARMS(offset, blob, NULL);
+ (void)Trspi_UnloadBlob_KEY_PARMS(offset, blob, NULL);
+
+ (*offset) += asymSize;
+ (*offset) += symSize;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &req->asymSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &req->symSize, blob);
+ req->asymAlgorithm.parms = NULL;
+ if ((result = Trspi_UnloadBlob_KEY_PARMS(offset, blob, &req->asymAlgorithm)))
+ return result;
+ if ((Trspi_UnloadBlob_KEY_PARMS(offset, blob, &req->symAlgorithm))) {
+ free(req->asymAlgorithm.parms);
+ req->asymAlgorithm.parmSize = 0;
+ return result;
+ }
+
+ if (req->asymSize > 0) {
+ req->asymBlob = malloc(req->asymSize);
+ if (req->asymBlob == NULL) {
+ req->asymSize = 0;
+ req->asymAlgorithm.parmSize = 0;
+ free(req->asymAlgorithm.parms);
+ req->symAlgorithm.parmSize = 0;
+ free(req->symAlgorithm.parms);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, req->asymSize, blob, req->asymBlob);
+ } else {
+ req->asymBlob = NULL;
+ }
+
+ if (req->symSize > 0) {
+ req->symBlob = malloc(req->symSize);
+ if (req->symBlob == NULL) {
+ req->symSize = 0;
+ req->asymSize = 0;
+ free(req->asymBlob);
+ req->asymBlob = NULL;
+ req->asymAlgorithm.parmSize = 0;
+ free(req->asymAlgorithm.parms);
+ req->symAlgorithm.parmSize = 0;
+ free(req->symAlgorithm.parms);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, req->symSize, blob, req->symBlob);
+ } else {
+ req->symBlob = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_IDENTITY_PROOF(UINT64 *offset, BYTE *blob, TCPA_IDENTITY_PROOF *proof)
+{
+ TSS_RESULT result;
+
+ if (!proof) {
+ UINT32 labelSize, identityBindingSize, endorsementSize, platformSize;
+ UINT32 conformanceSize;
+
+ Trspi_UnloadBlob_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &labelSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &identityBindingSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &endorsementSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &platformSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &conformanceSize, blob);
+
+ (void)Trspi_UnloadBlob_PUBKEY(offset, blob, NULL);
+
+ (*offset) += labelSize;
+ (*offset) += identityBindingSize;
+ (*offset) += endorsementSize;
+ (*offset) += platformSize;
+ (*offset) += conformanceSize;
+
+ return TSS_SUCCESS;
+ }
+
+ /* helps when an error occurs */
+ memset(proof, 0, sizeof(TCPA_IDENTITY_PROOF));
+
+ Trspi_UnloadBlob_VERSION(offset, blob, (TCPA_VERSION *)&proof->ver);
+ Trspi_UnloadBlob_UINT32(offset, &proof->labelSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &proof->identityBindingSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &proof->endorsementSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &proof->platformSize, blob);
+ Trspi_UnloadBlob_UINT32(offset, &proof->conformanceSize, blob);
+
+ proof->identityKey.pubKey.key = NULL;
+ proof->identityKey.algorithmParms.parms = NULL;
+ if ((result = Trspi_UnloadBlob_PUBKEY(offset, blob,
+ &proof->identityKey))) {
+ proof->labelSize = 0;
+ proof->identityBindingSize = 0;
+ proof->endorsementSize = 0;
+ proof->platformSize = 0;
+ proof->conformanceSize = 0;
+ return result;
+ }
+
+ proof->labelArea = NULL;
+ proof->identityBinding = NULL;
+ proof->endorsementCredential = NULL;
+ proof->platformCredential = NULL;
+ proof->conformanceCredential = NULL;
+
+ if (proof->labelSize > 0) {
+ proof->labelArea = malloc(proof->labelSize);
+ if (proof->labelArea == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error;
+ }
+ Trspi_UnloadBlob(offset, proof->labelSize, blob, proof->labelArea);
+ } else {
+ proof->labelArea = NULL;
+ }
+
+ if (proof->identityBindingSize > 0) {
+ proof->identityBinding = malloc(proof->identityBindingSize);
+ if (proof->identityBinding == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error;
+ }
+ Trspi_UnloadBlob(offset, proof->identityBindingSize, blob,
+ proof->identityBinding);
+ } else {
+ proof->identityBinding = NULL;
+ }
+
+ if (proof->endorsementSize > 0) {
+ proof->endorsementCredential = malloc(proof->endorsementSize);
+ if (proof->endorsementCredential == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error;
+ }
+ Trspi_UnloadBlob(offset, proof->endorsementSize, blob,
+ proof->endorsementCredential);
+ } else {
+ proof->endorsementCredential = NULL;
+ }
+
+ if (proof->platformSize > 0) {
+ proof->platformCredential = malloc(proof->platformSize);
+ if (proof->platformCredential == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error;
+ }
+ Trspi_UnloadBlob(offset, proof->platformSize, blob,
+ proof->platformCredential);
+ } else {
+ proof->platformCredential = NULL;
+ }
+
+ if (proof->conformanceSize > 0) {
+ proof->conformanceCredential = malloc(proof->conformanceSize);
+ if (proof->conformanceCredential == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error;
+ }
+ Trspi_UnloadBlob(offset, proof->conformanceSize, blob,
+ proof->conformanceCredential);
+ } else {
+ proof->conformanceCredential = NULL;
+ }
+
+ return TSS_SUCCESS;
+error:
+ proof->labelSize = 0;
+ proof->identityBindingSize = 0;
+ proof->endorsementSize = 0;
+ proof->platformSize = 0;
+ proof->conformanceSize = 0;
+ free(proof->labelArea);
+ proof->labelArea = NULL;
+ free(proof->identityBinding);
+ proof->identityBinding = NULL;
+ free(proof->endorsementCredential);
+ proof->endorsementCredential = NULL;
+ free(proof->platformCredential);
+ proof->platformCredential = NULL;
+ free(proof->conformanceCredential);
+ proof->conformanceCredential = NULL;
+ /* free identityKey */
+ free(proof->identityKey.pubKey.key);
+ free(proof->identityKey.algorithmParms.parms);
+ proof->identityKey.pubKey.key = NULL;
+ proof->identityKey.pubKey.keyLength = 0;
+ proof->identityKey.algorithmParms.parms = NULL;
+ proof->identityKey.algorithmParms.parmSize = 0;
+
+ return result;
+}
+
+void
+Trspi_LoadBlob_SYM_CA_ATTESTATION(UINT64 *offset, BYTE *blob, TCPA_SYM_CA_ATTESTATION *sym)
+{
+ Trspi_LoadBlob_UINT32(offset, sym->credSize, blob);
+ Trspi_LoadBlob_KEY_PARMS(offset, blob, &sym->algorithm);
+ Trspi_LoadBlob(offset, sym->credSize, blob, sym->credential);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_SYM_CA_ATTESTATION(UINT64 *offset, BYTE *blob, TCPA_SYM_CA_ATTESTATION *sym)
+{
+ TSS_RESULT result;
+
+ if (!sym) {
+ UINT32 credSize;
+
+ Trspi_UnloadBlob_UINT32(offset, &credSize, blob);
+ (void)Trspi_UnloadBlob_KEY_PARMS(offset, blob, NULL);
+
+ (*offset) += credSize;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &sym->credSize, blob);
+ sym->algorithm.parms = NULL;
+ if ((result = Trspi_UnloadBlob_KEY_PARMS(offset, blob, &sym->algorithm))) {
+ sym->credSize = 0;
+ return result;
+ }
+
+ if (sym->credSize > 0) {
+ if ((sym->credential = malloc(sym->credSize)) == NULL) {
+ free(sym->algorithm.parms);
+ sym->algorithm.parmSize = 0;
+ sym->credSize = 0;
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, sym->credSize, blob, sym->credential);
+ } else {
+ sym->credential = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_ASYM_CA_CONTENTS(UINT64 *offset, BYTE *blob, TCPA_ASYM_CA_CONTENTS *asym)
+{
+ Trspi_LoadBlob_SYMMETRIC_KEY(offset, blob, &asym->sessionKey);
+ Trspi_LoadBlob(offset, TCPA_SHA1_160_HASH_LEN, blob,
+ (BYTE *)&asym->idDigest);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_ASYM_CA_CONTENTS(UINT64 *offset, BYTE *blob, TCPA_ASYM_CA_CONTENTS *asym)
+{
+ TSS_RESULT result;
+
+ if (!asym) {
+ (void)Trspi_UnloadBlob_SYMMETRIC_KEY(offset, blob, NULL);
+ Trspi_UnloadBlob(offset, TCPA_SHA1_160_HASH_LEN, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_SYMMETRIC_KEY(offset, blob, &asym->sessionKey)))
+ return result;
+
+ Trspi_UnloadBlob(offset, TCPA_SHA1_160_HASH_LEN, blob, (BYTE *)&asym->idDigest);
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_BOUND_DATA(UINT64 *offset, TCPA_BOUND_DATA bd, UINT32 payloadLength, BYTE *blob)
+{
+ Trspi_LoadBlob_TCPA_VERSION(offset, blob, bd.ver);
+ Trspi_LoadBlob(offset, 1, blob, &bd.payload);
+ Trspi_LoadBlob(offset, payloadLength, blob, bd.payloadData);
+}
+
+/* function to mimic strerror with TSS error codes */
+char *
+Trspi_Error_String(TSS_RESULT r)
+{
+ /* Check the return code to see if it is common to all layers.
+ * If so, return it.
+ */
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_SUCCESS: return "Success";
+ default:
+ break;
+ }
+
+ /* The return code is either unknown, or specific to a layer */
+ if (TSS_ERROR_LAYER(r) == TSS_LAYER_TPM) {
+ switch (TSS_ERROR_CODE(r)) {
+ case TPM_E_AUTHFAIL: return "Authentication failed";
+ case TPM_E_BAD_PARAMETER: return "Bad Parameter";
+ case TPM_E_BADINDEX: return "Bad memory index";
+ case TPM_E_AUDITFAILURE: return "Audit failure";
+ case TPM_E_CLEAR_DISABLED: return "Clear has been disabled";
+ case TPM_E_DEACTIVATED: return "TPM is deactivated";
+ case TPM_E_DISABLED: return "TPM is disabled";
+ case TPM_E_FAIL: return "Operation failed";
+ case TPM_E_BAD_ORDINAL: return "Ordinal was unknown or inconsistent";
+ case TPM_E_INSTALL_DISABLED: return "Owner install disabled";
+ case TPM_E_INVALID_KEYHANDLE: return "Invalid keyhandle";
+ case TPM_E_KEYNOTFOUND: return "Key not found";
+ case TPM_E_INAPPROPRIATE_ENC: return "Bad encryption scheme";
+ case TPM_E_MIGRATEFAIL: return "Migration authorization failed";
+ case TPM_E_INVALID_PCR_INFO: return "PCR information uninterpretable";
+ case TPM_E_NOSPACE: return "No space to load key";
+ case TPM_E_NOSRK: return "No SRK";
+ case TPM_E_NOTSEALED_BLOB: return "Encrypted blob invalid";
+ case TPM_E_OWNER_SET: return "Owner already set";
+ case TPM_E_RESOURCES: return "Insufficient TPM resources";
+ case TPM_E_SHORTRANDOM: return "Random string too short";
+ case TPM_E_SIZE: return "TPM out of space";
+ case TPM_E_WRONGPCRVAL: return "Wrong PCR value";
+ case TPM_E_BAD_PARAM_SIZE: return "Bad input size";
+ case TPM_E_SHA_THREAD: return "No existing SHA-1 thread";
+ case TPM_E_SHA_ERROR: return "SHA-1 error";
+ case TPM_E_FAILEDSELFTEST: return "Self-test failed, TPM shutdown";
+ case TPM_E_AUTH2FAIL: return "Second authorization session failed";
+ case TPM_E_BADTAG: return "Invalid tag";
+ case TPM_E_IOERROR: return "I/O error";
+ case TPM_E_ENCRYPT_ERROR: return "Encryption error";
+ case TPM_E_DECRYPT_ERROR: return "Decryption error";
+ case TPM_E_INVALID_AUTHHANDLE: return "Invalid authorization handle";
+ case TPM_E_NO_ENDORSEMENT: return "No EK";
+ case TPM_E_INVALID_KEYUSAGE: return "Invalid key usage";
+ case TPM_E_WRONG_ENTITYTYPE: return "Invalid entity type";
+ case TPM_E_INVALID_POSTINIT: return "Invalid POST init sequence";
+ case TPM_E_INAPPROPRIATE_SIG: return "Invalid signature format";
+ case TPM_E_BAD_KEY_PROPERTY: return "Unsupported key parameters";
+ case TPM_E_BAD_MIGRATION: return "Invalid migration properties";
+ case TPM_E_BAD_SCHEME: return "Invalid signature or encryption scheme";
+ case TPM_E_BAD_DATASIZE: return "Invalid data size";
+ case TPM_E_BAD_MODE: return "Bad mode parameter";
+ case TPM_E_BAD_PRESENCE: return "Bad physical presence value";
+ case TPM_E_BAD_VERSION: return "Invalid version";
+ case TPM_E_NO_WRAP_TRANSPORT: return "TPM does not allow for wrapped transport sessions";
+ case TPM_E_AUDITFAIL_UNSUCCESSFUL: return "TPM audit construction failed and the underlying command was returning a failure code also";
+ case TPM_E_AUDITFAIL_SUCCESSFUL: return "TPM audit construction failed and the underlying command was returning success";
+ case TPM_E_NOTRESETABLE: return "Attempt to reset a PCR register that does not have the resettable attribute";
+ case TPM_E_NOTLOCAL: return "Attempt to reset a PCR register that requires locality and locality modifier not part of command transport";
+ case TPM_E_BAD_TYPE: return "Make identity blob not properly typed";
+ case TPM_E_INVALID_RESOURCE: return "When saving context identified resource type does not match actual resource";
+ case TPM_E_NOTFIPS: return "TPM is attempting to execute a command only available when in FIPS mode";
+ case TPM_E_INVALID_FAMILY: return "Command is attempting to use an invalid family ID";
+ case TPM_E_NO_NV_PERMISSION: return "Permission to manipulate the NV storage is not available";
+ case TPM_E_REQUIRES_SIGN: return "Operation requires a signed command";
+ case TPM_E_KEY_NOTSUPPORTED: return "Wrong operation to load an NV key";
+ case TPM_E_AUTH_CONFLICT: return "NV_LoadKey blob requires both owner and blob authorization";
+ case TPM_E_AREA_LOCKED: return "NV area is locked and not writable";
+ case TPM_E_BAD_LOCALITY: return "Locality is incorrect for attempted operation";
+ case TPM_E_READ_ONLY: return "NV area is read only and can't be written to";
+ case TPM_E_PER_NOWRITE: return "There is no protection on write to NV area";
+ case TPM_E_FAMILYCOUNT: return "Family count value does not match";
+ case TPM_E_WRITE_LOCKED: return "NV area has already been written to";
+ case TPM_E_BAD_ATTRIBUTES: return "NV area attributes conflict";
+ case TPM_E_INVALID_STRUCTURE: return "Structure tag and version are invalid or inconsistent";
+ case TPM_E_KEY_OWNER_CONTROL: return "Key is under control of TPM Owner and can only be evicted by TPM Owner";
+ case TPM_E_BAD_COUNTER: return "Counter handle is incorrect";
+ case TPM_E_NOT_FULLWRITE: return "Write is not a complete write of area";
+ case TPM_E_CONTEXT_GAP: return "Gap between saved context counts is too large";
+ case TPM_E_MAXNVWRITES: return "Maximum number of NV writes without an owner has been exceeded";
+ case TPM_E_NOOPERATOR: return "No operator AuthData value is set";
+ case TPM_E_RESOURCEMISSING: return "Resource pointed to by context is not loaded";
+ case TPM_E_DELEGATE_LOCK: return "Delegate administration is locked";
+ case TPM_E_DELEGATE_FAMILY: return "Attempt to manage a family other then delegated family";
+ case TPM_E_DELEGATE_ADMIN: return "Delegation table management not enabled";
+ case TPM_E_TRANSPORT_NOTEXCLUSIVE: return "A command was executed outside of an exclusive transport session";
+ case TPM_E_OWNER_CONTROL: return "Attempt to context save an owner evict-controlled key";
+ case TPM_E_DAA_RESOURCES: return "DAA command has no resources available to execute command";
+ case TPM_E_DAA_INPUT_DATA0: return "Consistency check on DAA parameter inputData0 has failed";
+ case TPM_E_DAA_INPUT_DATA1: return "Consistency check on DAA parameter inputData1 has failed";
+ case TPM_E_DAA_ISSUER_SETTINGS: return "Consistency check on DAA_issuerSettings has failed";
+ case TPM_E_DAA_TPM_SETTINGS: return "Consistency check on DAA_tpmSpecific has failed";
+ case TPM_E_DAA_STAGE: return "Atomic process indicated by submitted DAA command is not expected process";
+ case TPM_E_DAA_ISSUER_VALIDITY: return "Issuer's validity check has detected an inconsistency";
+ case TPM_E_DAA_WRONG_W: return "Consistency check on w has failed";
+ case TPM_E_BAD_HANDLE: return "Handle is incorrect";
+ case TPM_E_BAD_DELEGATE: return "Delegation is not correct";
+ case TPM_E_BADCONTEXT: return "Context blob is invalid";
+ case TPM_E_TOOMANYCONTEXTS: return "Too many contexts held by TPM";
+ case TPM_E_MA_TICKET_SIGNATURE: return "Migration authority signature validation failure";
+ case TPM_E_MA_DESTINATION: return "Migration destination not authenticated";
+ case TPM_E_MA_SOURCE: return "Migration source incorrect";
+ case TPM_E_MA_AUTHORITY: return "Incorrect migration authority";
+ case TPM_E_PERMANENTEK: return "Attempt to revoke EK but EK is not revocable";
+ case TPM_E_BAD_SIGNATURE: return "Bad signature of CMK ticket";
+ case TPM_E_NOCONTEXTSPACE: return "No room in context list for additional contexts";
+ case TPM_E_RETRY: return "TPM busy: Retry command at a later time";
+ case TPM_E_NEEDS_SELFTEST: return "SelfTestFull has not been run";
+ case TPM_E_DOING_SELFTEST: return "TPM is currently executing a full selftest";
+ case TPM_E_DEFEND_LOCK_RUNNING: return "TPM is defending against dictionary attacks and is in some time-out period";
+ case TPM_E_DISABLED_CMD: return "The TPM target command has been disabled";
+ default: return "Unknown error";
+ }
+ } else if (TSS_ERROR_LAYER(r) == TSS_LAYER_TDDL) {
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_E_FAIL: return "General failure";
+ case TSS_E_BAD_PARAMETER: return "Bad parameter";
+ case TSS_E_INTERNAL_ERROR: return "Internal software error";
+ case TSS_E_NOTIMPL: return "Not implemented";
+ case TSS_E_PS_KEY_NOTFOUND: return "Key not found in persistent storage";
+ case TSS_E_KEY_ALREADY_REGISTERED: return "UUID already registered";
+ case TSS_E_CANCELED: return "The action was cancelled by request";
+ case TSS_E_TIMEOUT: return "The operation has timed out";
+ case TSS_E_OUTOFMEMORY: return "Out of memory";
+ case TSS_E_TPM_UNEXPECTED: return "Unexpected TPM output";
+ case TSS_E_COMM_FAILURE: return "Communication failure";
+ case TSS_E_TPM_UNSUPPORTED_FEATURE: return "Unsupported feature";
+ case TDDL_E_COMPONENT_NOT_FOUND: return "Connection to TPM device failed";
+ case TDDL_E_ALREADY_OPENED: return "Device already opened";
+ case TDDL_E_BADTAG: return "Invalid or unsupported capability";
+ case TDDL_E_INSUFFICIENT_BUFFER: return "Receive buffer too small";
+ case TDDL_E_COMMAND_COMPLETED: return "Command has already completed";
+ case TDDL_E_COMMAND_ABORTED: return "TPM aborted processing of command";
+ case TDDL_E_ALREADY_CLOSED: return "Device driver already closed";
+ case TDDL_E_IOERROR: return "I/O error";
+ default: return "Unknown";
+ }
+ } else if (TSS_ERROR_LAYER(r) == TSS_LAYER_TCS) {
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_E_FAIL: return "General failure";
+ case TSS_E_BAD_PARAMETER: return "Bad parameter";
+ case TSS_E_INTERNAL_ERROR: return "Internal software error";
+ case TSS_E_NOTIMPL: return "Not implemented";
+ case TSS_E_PS_KEY_NOTFOUND: return "Key not found in persistent storage";
+ case TSS_E_KEY_ALREADY_REGISTERED: return "UUID already registered";
+ case TSS_E_CANCELED: return "The action was cancelled by request";
+ case TSS_E_TIMEOUT: return "The operation has timed out";
+ case TSS_E_OUTOFMEMORY: return "Out of memory";
+ case TSS_E_TPM_UNEXPECTED: return "Unexpected TPM output";
+ case TSS_E_COMM_FAILURE: return "Communication failure";
+ case TSS_E_TPM_UNSUPPORTED_FEATURE: return "Unsupported feature";
+ case TCS_E_KEY_MISMATCH: return "UUID does not match key handle";
+ case TCS_E_KM_LOADFAILED: return "Key load failed: parent key requires authorization";
+ case TCS_E_KEY_CONTEXT_RELOAD: return "Reload of key context failed";
+ case TCS_E_BAD_INDEX: return "Bad memory index";
+ case TCS_E_INVALID_CONTEXTHANDLE: return "Invalid context handle";
+ case TCS_E_INVALID_KEYHANDLE: return "Invalid key handle";
+ case TCS_E_INVALID_AUTHHANDLE: return "Invalid authorization session handle";
+ case TCS_E_INVALID_AUTHSESSION: return "Authorization session has been closed by TPM";
+ case TCS_E_INVALID_KEY: return "Invalid key";
+ default: return "Unknown";
+ }
+ } else {
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_E_FAIL: return "General failure";
+ case TSS_E_BAD_PARAMETER: return "Bad parameter";
+ case TSS_E_INTERNAL_ERROR: return "Internal software error";
+ case TSS_E_NOTIMPL: return "Not implemented";
+ case TSS_E_PS_KEY_NOTFOUND: return "Key not found in persistent storage";
+ case TSS_E_KEY_ALREADY_REGISTERED: return "UUID already registered";
+ case TSS_E_CANCELED: return "The action was cancelled by request";
+ case TSS_E_TIMEOUT: return "The operation has timed out";
+ case TSS_E_OUTOFMEMORY: return "Out of memory";
+ case TSS_E_TPM_UNEXPECTED: return "Unexpected TPM output";
+ case TSS_E_COMM_FAILURE: return "Communication failure";
+ case TSS_E_TPM_UNSUPPORTED_FEATURE: return "Unsupported feature";
+ case TSS_E_INVALID_OBJECT_TYPE: return "Object type not valid for this operation";
+ case TSS_E_INVALID_OBJECT_INITFLAG: return "Wrong flag information for object creation";
+ case TSS_E_INVALID_HANDLE: return "Invalid handle";
+ case TSS_E_NO_CONNECTION: return "Core service connection doesn't exist";
+ case TSS_E_CONNECTION_FAILED: return "Core service connection failed";
+ case TSS_E_CONNECTION_BROKEN: return "Communication with core services failed";
+ case TSS_E_HASH_INVALID_ALG: return "Invalid hash algorithm";
+ case TSS_E_HASH_INVALID_LENGTH: return "Hash length is inconsistent with algorithm";
+ case TSS_E_HASH_NO_DATA: return "Hash object has no internal hash value";
+ case TSS_E_SILENT_CONTEXT: return "A silent context requires user input";
+ case TSS_E_INVALID_ATTRIB_FLAG: return "Flag value for attrib-functions inconsistent";
+ case TSS_E_INVALID_ATTRIB_SUBFLAG: return "Sub-flag value for attrib-functions inconsistent";
+ case TSS_E_INVALID_ATTRIB_DATA: return "Data for attrib-functions invalid";
+ case TSS_E_NO_PCRS_SET: return "No PCR registers are selected or set";
+ case TSS_E_KEY_NOT_LOADED: return "The addressed key is not currently loaded";
+ case TSS_E_KEY_NOT_SET: return "No key informatio is currently available";
+ case TSS_E_VALIDATION_FAILED: return "Internal validation of data failed";
+ case TSS_E_TSP_AUTHREQUIRED: return "Authorization is required";
+ case TSS_E_TSP_AUTH2REQUIRED: return "Multiple authorizations are required";
+ case TSS_E_TSP_AUTHFAIL: return "Authorization failed";
+ case TSS_E_TSP_AUTH2FAIL: return "Multiple authorization failed";
+ case TSS_E_KEY_NO_MIGRATION_POLICY: return "Addressed key has no migration policy";
+ case TSS_E_POLICY_NO_SECRET: return "No secret information available for the address policy";
+ case TSS_E_INVALID_OBJ_ACCESS: return "Accessed object is in an inconsistent state";
+ case TSS_E_INVALID_ENCSCHEME: return "Invalid encryption scheme";
+ case TSS_E_INVALID_SIGSCHEME: return "Invalid signature scheme";
+ case TSS_E_ENC_INVALID_LENGTH: return "Invalid length for encrypted data object";
+ case TSS_E_ENC_NO_DATA: return "Encrypted data object contains no data";
+ case TSS_E_ENC_INVALID_TYPE: return "Invalid type for encrypted data object";
+ case TSS_E_INVALID_KEYUSAGE: return "Invalid usage of key";
+ case TSS_E_VERIFICATION_FAILED: return "Internal validation of data failed";
+ case TSS_E_HASH_NO_IDENTIFIER: return "Hash algorithm identifier not set";
+ case TSS_E_NV_AREA_EXIST: return "NVRAM area already exists";
+ case TSS_E_NV_AREA_NOT_EXIST: return "NVRAM area does not exist";
+ default: return "Unknown";
+ }
+ }
+}
+
+char *
+Trspi_Error_Layer(TSS_RESULT r)
+{
+ switch (TSS_ERROR_LAYER(r)) {
+ case TSS_LAYER_TPM: return "tpm";
+ case TSS_LAYER_TDDL: return "tddl";
+ case TSS_LAYER_TCS: return "tcs";
+ case TSS_LAYER_TSP: return "tsp";
+ default: return "unknown";
+ }
+}
+
+TSS_RESULT
+Trspi_Error_Code(TSS_RESULT r)
+{
+ return TSS_ERROR_CODE(r);
+}
+
+static int
+hacky_strlen(char *codeset, BYTE *string)
+{
+ BYTE *ptr = string;
+ int len = 0;
+
+ if (strcmp("UTF-16", codeset) == 0) {
+ while (!(ptr[0] == '\0' && ptr[1] == '\0')) {
+ len += 2;
+ ptr += 2;
+ }
+ } else if (strcmp("UTF-32", codeset) == 0) {
+ while (!(ptr[0] == '\0' && ptr[1] == '\0' &&
+ ptr[2] == '\0' && ptr[3] == '\0')) {
+ len += 4;
+ ptr += 4;
+ }
+ } else {
+ /* default to 8bit chars */
+ while (*ptr++ != '\0') {
+ len++;
+ }
+ }
+
+ return len;
+}
+
+static inline int
+char_width(char *codeset)
+{
+ if (strcmp("UTF-16", codeset) == 0) {
+ return 2;
+ } else if (strcmp("UTF-32", codeset) == 0) {
+ return 4;
+ }
+
+ return 1;
+}
+
+#define MAX_BUF_SIZE 4096
+
+BYTE *
+Trspi_Native_To_UNICODE(BYTE *string, unsigned *size)
+{
+ char *ret, *outbuf, tmpbuf[MAX_BUF_SIZE] = { 0, };
+ BSD_CONST char *ptr;
+ unsigned len = 0, tmplen;
+ iconv_t cd = 0;
+ size_t rc, outbytesleft, inbytesleft;
+
+ if (string == NULL)
+ goto alloc_string;
+
+ if ((cd = iconv_open("UTF-16LE", nl_langinfo(CODESET))) == (iconv_t)-1) {
+ LogDebug("iconv_open: %s", strerror(errno));
+ return NULL;
+ }
+
+ if ((tmplen = hacky_strlen(nl_langinfo(CODESET), string)) == 0) {
+ LogDebug("hacky_strlen returned 0");
+ goto alloc_string;
+ }
+
+ do {
+ len++;
+ outbytesleft = len;
+ inbytesleft = tmplen;
+ outbuf = tmpbuf;
+ ptr = (char *)string;
+ errno = 0;
+
+ rc = iconv(cd, (BSD_CONST char **)&ptr, &inbytesleft, &outbuf, &outbytesleft);
+ } while (rc == (size_t)-1 && errno == E2BIG);
+
+ if (len > MAX_BUF_SIZE) {
+ LogDebug("string too long.");
+ iconv_close(cd);
+ return NULL;
+ }
+
+alloc_string:
+ /* add terminating bytes of the correct width */
+ len += char_width("UTF-16");
+ if ((ret = calloc(1, len)) == NULL) {
+ LogDebug("malloc of %u bytes failed.", len);
+ iconv_close(cd);
+ return NULL;
+ }
+
+ memcpy(ret, &tmpbuf, len);
+ if (size)
+ *size = len;
+
+ if (cd)
+ iconv_close(cd);
+
+ return (BYTE *)ret;
+
+}
+
+BYTE *
+Trspi_UNICODE_To_Native(BYTE *string, unsigned *size)
+{
+ char *ret, *outbuf, tmpbuf[MAX_BUF_SIZE] = { 0, };
+ BSD_CONST char *ptr;
+ unsigned len = 0, tmplen;
+ iconv_t cd;
+ size_t rc, outbytesleft, inbytesleft;
+
+ if (string == NULL) {
+ if (size)
+ *size = 0;
+ return NULL;
+ }
+
+ if ((cd = iconv_open(nl_langinfo(CODESET), "UTF-16LE")) == (iconv_t)-1) {
+ LogDebug("iconv_open: %s", strerror(errno));
+ return NULL;
+ }
+
+ if ((tmplen = hacky_strlen("UTF-16", string)) == 0) {
+ LogDebug("hacky_strlen returned 0");
+ iconv_close(cd);
+ return 0;
+ }
+
+ do {
+ len++;
+ outbytesleft = len;
+ inbytesleft = tmplen;
+ outbuf = tmpbuf;
+ ptr = (char *)string;
+ errno = 0;
+
+ rc = iconv(cd, (BSD_CONST char **)&ptr, &inbytesleft, &outbuf, &outbytesleft);
+ } while (rc == (size_t)-1 && errno == E2BIG);
+
+ /* add terminating bytes of the correct width */
+ len += char_width(nl_langinfo(CODESET));
+ if (len > MAX_BUF_SIZE) {
+ LogDebug("string too long.");
+ iconv_close(cd);
+ return NULL;
+ }
+
+ if ((ret = calloc(1, len)) == NULL) {
+ LogDebug("malloc of %d bytes failed.", len);
+ iconv_close(cd);
+ return NULL;
+ }
+
+ memcpy(ret, &tmpbuf, len);
+ if (size)
+ *size = len;
+ iconv_close(cd);
+
+ return (BYTE *)ret;
+}
+
+/* Functions to support incremental hashing */
+TSS_RESULT
+Trspi_Hash_UINT16(Trspi_HashCtx *c, UINT16 i)
+{
+ BYTE bytes[sizeof(UINT16)];
+
+ UINT16ToArray(i, bytes);
+ return Trspi_HashUpdate(c, sizeof(UINT16), bytes);
+}
+
+TSS_RESULT
+Trspi_Hash_UINT32(Trspi_HashCtx *c, UINT32 i)
+{
+ BYTE bytes[sizeof(UINT32)];
+
+ UINT32ToArray(i, bytes);
+ return Trspi_HashUpdate(c, sizeof(UINT32), bytes);
+}
+
+TSS_RESULT
+Trspi_Hash_UINT64(Trspi_HashCtx *c, UINT64 i)
+{
+ BYTE bytes[sizeof(UINT64)];
+
+ UINT64ToArray(i, bytes);
+ return Trspi_HashUpdate(c, sizeof(UINT64), bytes);
+}
+
+TSS_RESULT
+Trspi_Hash_BYTE(Trspi_HashCtx *c, BYTE data)
+{
+ return Trspi_HashUpdate(c, sizeof(BYTE), &data);
+}
+
+TSS_RESULT
+Trspi_Hash_BOOL(Trspi_HashCtx *c, TSS_BOOL data)
+{
+ return Trspi_HashUpdate(c, (UINT32)sizeof(TSS_BOOL), (BYTE *)&data);
+}
+
+TSS_RESULT
+Trspi_Hash_VERSION(Trspi_HashCtx *c, TSS_VERSION *version)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_BYTE(c, version->bMajor);
+ result |= Trspi_Hash_BYTE(c, version->bMinor);
+ result |= Trspi_Hash_BYTE(c, version->bRevMajor);
+ result |= Trspi_Hash_BYTE(c, version->bRevMinor);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_DAA_PK(Trspi_HashCtx *c, TSS_DAA_PK *pk)
+{
+ UINT32 i;
+ TSS_RESULT result;
+
+ result = Trspi_Hash_VERSION(c, &pk->versionInfo);
+
+ result |= Trspi_Hash_UINT32(c, pk->modulusLength);
+ result |= Trspi_HashUpdate(c, pk->modulusLength, pk->modulus);
+
+ result |= Trspi_Hash_UINT32(c, pk->capitalSLength);
+ result |= Trspi_HashUpdate(c, pk->capitalSLength, pk->capitalS);
+
+ result |= Trspi_Hash_UINT32(c, pk->capitalZLength);
+ result |= Trspi_HashUpdate(c, pk->capitalZLength, pk->capitalZ);
+
+ result |= Trspi_Hash_UINT32(c, pk->capitalR0Length);
+ result |= Trspi_HashUpdate(c, pk->capitalR0Length, pk->capitalR0);
+
+ result |= Trspi_Hash_UINT32(c, pk->capitalR1Length);
+ result |= Trspi_HashUpdate(c, pk->capitalR1Length, pk->capitalR1);
+
+ result |= Trspi_Hash_UINT32(c, pk->gammaLength);
+ result |= Trspi_HashUpdate(c, pk->gammaLength, pk->gamma);
+
+ result |= Trspi_Hash_UINT32(c, pk->capitalGammaLength);
+ result |= Trspi_HashUpdate(c, pk->capitalGammaLength, pk->capitalGamma);
+
+ result |= Trspi_Hash_UINT32(c, pk->rhoLength);
+ result |= Trspi_HashUpdate(c, pk->rhoLength, pk->rho);
+
+ for (i = 0; i < pk->capitalYLength; i++)
+ result |= Trspi_HashUpdate(c, pk->capitalYLength2, pk->capitalY[i]);
+
+ result |= Trspi_Hash_UINT32(c, pk->capitalYPlatformLength);
+
+ result |= Trspi_Hash_UINT32(c, pk->issuerBaseNameLength);
+ result |= Trspi_HashUpdate(c, pk->issuerBaseNameLength, pk->issuerBaseName);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_RSA_KEY_PARMS(Trspi_HashCtx *c, TCPA_RSA_KEY_PARMS *parms)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, parms->keyLength);
+ result |= Trspi_Hash_UINT32(c, parms->numPrimes);
+ result |= Trspi_Hash_UINT32(c, parms->exponentSize);
+
+ if (parms->exponentSize > 0)
+ result |= Trspi_HashUpdate(c, parms->exponentSize, parms->exponent);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_STORE_PUBKEY(Trspi_HashCtx *c, TCPA_STORE_PUBKEY *store)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, store->keyLength);
+ result |= Trspi_HashUpdate(c, store->keyLength, store->key);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_KEY_PARMS(Trspi_HashCtx *c, TCPA_KEY_PARMS *keyInfo)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, keyInfo->algorithmID);
+ result |= Trspi_Hash_UINT16(c, keyInfo->encScheme);
+ result |= Trspi_Hash_UINT16(c, keyInfo->sigScheme);
+ result |= Trspi_Hash_UINT32(c, keyInfo->parmSize);
+
+ if (keyInfo->parmSize > 0)
+ result |= Trspi_HashUpdate(c, keyInfo->parmSize, keyInfo->parms);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_PUBKEY(Trspi_HashCtx *c, TCPA_PUBKEY *pubKey)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_KEY_PARMS(c, &pubKey->algorithmParms);
+ result |= Trspi_Hash_STORE_PUBKEY(c, &pubKey->pubKey);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_STORED_DATA(Trspi_HashCtx *c, TCPA_STORED_DATA *data)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_VERSION(c, (TSS_VERSION *)&data->ver);
+ result |= Trspi_Hash_UINT32(c, data->sealInfoSize);
+ result |= Trspi_HashUpdate(c, data->sealInfoSize, data->sealInfo);
+ result |= Trspi_Hash_UINT32(c, data->encDataSize);
+ result |= Trspi_HashUpdate(c, data->encDataSize, data->encData);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_PCR_SELECTION(Trspi_HashCtx *c, TCPA_PCR_SELECTION *pcr)
+{
+ TSS_RESULT result;
+ UINT16 i;
+
+ result = Trspi_Hash_UINT16(c, pcr->sizeOfSelect);
+
+ for (i = 0; i < pcr->sizeOfSelect; i++)
+ result |= Trspi_Hash_BYTE(c, pcr->pcrSelect[i]);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_KEY_FLAGS(Trspi_HashCtx *c, TCPA_KEY_FLAGS *flags)
+{
+ return Trspi_Hash_UINT32(c, *flags);
+}
+
+TSS_RESULT
+Trspi_Hash_KEY12(Trspi_HashCtx *c, TPM_KEY12 *key)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT16(c, key->tag);
+ result |= Trspi_Hash_UINT16(c, key->fill);
+ result |= Trspi_Hash_UINT16(c, key->keyUsage);
+ result |= Trspi_Hash_KEY_FLAGS(c, &key->keyFlags);
+ result |= Trspi_Hash_BYTE(c, key->authDataUsage);
+ result |= Trspi_Hash_KEY_PARMS(c, &key->algorithmParms);
+ result |= Trspi_Hash_UINT32(c, key->PCRInfoSize);
+ result |= Trspi_HashUpdate(c, key->PCRInfoSize, key->PCRInfo);
+ result |= Trspi_Hash_STORE_PUBKEY(c, &key->pubKey);
+ result |= Trspi_Hash_UINT32(c, key->encSize);
+ result |= Trspi_HashUpdate(c, key->encSize, key->encData);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_KEY(Trspi_HashCtx *c, TCPA_KEY *key)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_VERSION(c, (TSS_VERSION *)&key->ver);
+ result |= Trspi_Hash_UINT16(c, key->keyUsage);
+ result |= Trspi_Hash_KEY_FLAGS(c, &key->keyFlags);
+ result |= Trspi_Hash_BYTE(c, key->authDataUsage);
+ result |= Trspi_Hash_KEY_PARMS(c, &key->algorithmParms);
+ result |= Trspi_Hash_UINT32(c, key->PCRInfoSize);
+ result |= Trspi_HashUpdate(c, key->PCRInfoSize, key->PCRInfo);
+ result |= Trspi_Hash_STORE_PUBKEY(c, &key->pubKey);
+ result |= Trspi_Hash_UINT32(c, key->encSize);
+ result |= Trspi_HashUpdate(c, key->encSize, key->encData);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_UUID(Trspi_HashCtx *c, TSS_UUID uuid)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, uuid.ulTimeLow);
+ result |= Trspi_Hash_UINT16(c, uuid.usTimeMid);
+ result |= Trspi_Hash_UINT16(c, uuid.usTimeHigh);
+ result |= Trspi_Hash_BYTE(c, uuid.bClockSeqHigh);
+ result |= Trspi_Hash_BYTE(c, uuid.bClockSeqLow);
+ result |= Trspi_HashUpdate(c, sizeof(uuid.rgbNode), uuid.rgbNode);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_PCR_EVENT(Trspi_HashCtx *c, TSS_PCR_EVENT *event)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_VERSION(c, &event->versionInfo);
+ result |= Trspi_Hash_UINT32(c, event->ulPcrIndex);
+ result |= Trspi_Hash_UINT32(c, event->eventType);
+
+ Trspi_Hash_UINT32(c, event->ulPcrValueLength);
+ if (event->ulPcrValueLength > 0)
+ result |= Trspi_HashUpdate(c, event->ulPcrValueLength, event->rgbPcrValue);
+
+ result |= Trspi_Hash_UINT32(c, event->ulEventLength);
+ if (event->ulEventLength > 0)
+ result |= Trspi_HashUpdate(c, event->ulEventLength, event->rgbEvent);
+
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_PRIVKEY_DIGEST12(Trspi_HashCtx *c, TPM_KEY12 *key)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT16(c, key->tag);
+ result |= Trspi_Hash_UINT16(c, key->fill);
+ result |= Trspi_Hash_UINT16(c, key->keyUsage);
+ result |= Trspi_Hash_KEY_FLAGS(c, &key->keyFlags);
+ result |= Trspi_Hash_BYTE(c, key->authDataUsage);
+ result |= Trspi_Hash_KEY_PARMS(c, &key->algorithmParms);
+
+ result |= Trspi_Hash_UINT32(c, key->PCRInfoSize);
+ /* exclude pcrInfo when PCRInfoSize is 0 as spec'd in TPM 1.1b spec p.71 */
+ if (key->PCRInfoSize != 0)
+ result |= Trspi_HashUpdate(c, key->PCRInfoSize, key->PCRInfo);
+
+ Trspi_Hash_STORE_PUBKEY(c, &key->pubKey);
+ /* exclude encSize, encData as spec'd in TPM 1.1b spec p.71 */
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_PRIVKEY_DIGEST(Trspi_HashCtx *c, TCPA_KEY *key)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_VERSION(c, (TSS_VERSION *)&key->ver);
+ result |= Trspi_Hash_UINT16(c, key->keyUsage);
+ result |= Trspi_Hash_KEY_FLAGS(c, &key->keyFlags);
+ result |= Trspi_Hash_BYTE(c, key->authDataUsage);
+ result |= Trspi_Hash_KEY_PARMS(c, &key->algorithmParms);
+
+ result |= Trspi_Hash_UINT32(c, key->PCRInfoSize);
+ /* exclude pcrInfo when PCRInfoSize is 0 as spec'd in TPM 1.1b spec p.71 */
+ if (key->PCRInfoSize != 0)
+ result |= Trspi_HashUpdate(c, key->PCRInfoSize, key->PCRInfo);
+
+ Trspi_Hash_STORE_PUBKEY(c, &key->pubKey);
+ /* exclude encSize, encData as spec'd in TPM 1.1b spec p.71 */
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_SYMMETRIC_KEY(Trspi_HashCtx *c, TCPA_SYMMETRIC_KEY *key)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, key->algId);
+ result |= Trspi_Hash_UINT16(c, key->encScheme);
+ result |= Trspi_Hash_UINT16(c, key->size);
+
+ if (key->size > 0)
+ result |= Trspi_HashUpdate(c, key->size, key->data);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_IDENTITY_REQ(Trspi_HashCtx *c, TCPA_IDENTITY_REQ *req)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, req->asymSize);
+ result |= Trspi_Hash_UINT32(c, req->symSize);
+ result |= Trspi_Hash_KEY_PARMS(c, &req->asymAlgorithm);
+ result |= Trspi_Hash_KEY_PARMS(c, &req->symAlgorithm);
+ result |= Trspi_HashUpdate(c, req->asymSize, req->asymBlob);
+ result |= Trspi_HashUpdate(c, req->symSize, req->symBlob);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_CHANGEAUTH_VALIDATE(Trspi_HashCtx *c, TPM_CHANGEAUTH_VALIDATE *caValidate)
+{
+ TSS_RESULT result;
+
+ result = Trspi_HashUpdate(c, TCPA_SHA1_160_HASH_LEN, caValidate->newAuthSecret.authdata);
+ result |= Trspi_HashUpdate(c, TCPA_SHA1_160_HASH_LEN, caValidate->n1.nonce);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_SYM_CA_ATTESTATION(Trspi_HashCtx *c, TCPA_SYM_CA_ATTESTATION *sym)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, sym->credSize);
+ result |= Trspi_Hash_KEY_PARMS(c, &sym->algorithm);
+ result |= Trspi_HashUpdate(c, sym->credSize, sym->credential);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_ASYM_CA_CONTENTS(Trspi_HashCtx *c, TCPA_ASYM_CA_CONTENTS *asym)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_SYMMETRIC_KEY(c, &asym->sessionKey);
+ result |= Trspi_HashUpdate(c, TCPA_SHA1_160_HASH_LEN, (BYTE *)&asym->idDigest);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_BOUND_DATA(Trspi_HashCtx *c, TCPA_BOUND_DATA *bd, UINT32 payloadLength)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_VERSION(c, (TSS_VERSION *)&bd->ver);
+ result |= Trspi_Hash_BYTE(c, bd->payload);
+ result |= Trspi_HashUpdate(c, payloadLength, bd->payloadData);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_TRANSPORT_AUTH(Trspi_HashCtx *c, TPM_TRANSPORT_AUTH *a)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT16(c, a->tag);
+ result |= Trspi_HashUpdate(c, TPM_SHA1_160_HASH_LEN, a->authData.authdata);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_TRANSPORT_LOG_IN(Trspi_HashCtx *c, TPM_TRANSPORT_LOG_IN *l)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT16(c, l->tag);
+ result |= Trspi_Hash_DIGEST(c, l->parameters.digest);
+ result |= Trspi_Hash_DIGEST(c, l->pubKeyHash.digest);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_TRANSPORT_LOG_OUT(Trspi_HashCtx *c, TPM_TRANSPORT_LOG_OUT *l)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT16(c, l->tag);
+ result |= Trspi_Hash_CURRENT_TICKS(c, &l->currentTicks);
+ result |= Trspi_Hash_DIGEST(c, l->parameters.digest);
+ result |= Trspi_Hash_UINT32(c, l->locality);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_CURRENT_TICKS(Trspi_HashCtx *c, TPM_CURRENT_TICKS *t)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT16(c, t->tag);
+ result |= Trspi_Hash_UINT64(c, t->currentTicks);
+ result |= Trspi_Hash_UINT16(c, t->tickRate);
+ result |= Trspi_Hash_NONCE(c, t->tickNonce.nonce);
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_Hash_SIGN_INFO(Trspi_HashCtx *c, TPM_SIGN_INFO *s)
+{
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT16(c, s->tag);
+ result |= Trspi_HashUpdate(c, 4, s->fixed);
+ result |= Trspi_Hash_NONCE(c, s->replay.nonce);
+ result |= Trspi_Hash_UINT32(c, s->dataLen);
+ result |= Trspi_HashUpdate(c, s->dataLen, s->data);
+
+ return result;
+}
+
+void
+Trspi_UnloadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr)
+{
+ if (!ctr) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ /* '4' is hard-coded in the spec */
+ Trspi_UnloadBlob(offset, 4, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &ctr->tag, blob);
+ /* '4' is hard-coded in the spec */
+ Trspi_UnloadBlob(offset, 4, blob, (BYTE *)&ctr->label);
+ Trspi_UnloadBlob_UINT32(offset, &ctr->counter, blob);
+}
+
+void
+Trspi_LoadBlob_COUNTER_VALUE(UINT64 *offset, BYTE *blob, TPM_COUNTER_VALUE *ctr)
+{
+ Trspi_LoadBlob_UINT16(offset, ctr->tag, blob);
+ Trspi_LoadBlob(offset, 4, blob, (BYTE *)&ctr->label);
+ Trspi_LoadBlob_UINT32(offset, ctr->counter, blob);
+}
+
+void
+Trspi_UnloadBlob_CURRENT_TICKS(UINT64 *offset, BYTE *blob, TPM_CURRENT_TICKS *ticks)
+{
+ if (!ticks) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT64(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob(offset, sizeof(TPM_NONCE), blob, NULL);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &ticks->tag, blob);
+ Trspi_UnloadBlob_UINT64(offset, &ticks->currentTicks, blob);
+ Trspi_UnloadBlob_UINT16(offset, &ticks->tickRate, blob);
+ Trspi_UnloadBlob(offset, sizeof(TPM_NONCE), blob, (BYTE *)&ticks->tickNonce);
+}
+
+void
+Trspi_UnloadBlob_TRANSPORT_PUBLIC(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_PUBLIC *t)
+{
+ Trspi_UnloadBlob_UINT16(offset, &t->tag, blob);
+ Trspi_UnloadBlob_UINT32(offset, &t->transAttributes, blob);
+ Trspi_UnloadBlob_UINT32(offset, &t->algId, blob);
+ Trspi_UnloadBlob_UINT16(offset, &t->encScheme, blob);
+}
+
+void
+Trspi_LoadBlob_TRANSPORT_PUBLIC(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_PUBLIC *t)
+{
+ Trspi_LoadBlob_UINT16(offset, t->tag, blob);
+ Trspi_LoadBlob_UINT32(offset, t->transAttributes, blob);
+ Trspi_LoadBlob_UINT32(offset, t->algId, blob);
+ Trspi_LoadBlob_UINT16(offset, t->encScheme, blob);
+}
+
+void
+Trspi_LoadBlob_TRANSPORT_AUTH(UINT64 *offset, BYTE *blob, TPM_TRANSPORT_AUTH *t)
+{
+ Trspi_LoadBlob_UINT16(offset, t->tag, blob);
+ Trspi_LoadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, t->authData.authdata);
+}
+
+void
+Trspi_LoadBlob_SIGN_INFO(UINT64 *offset, BYTE *blob, TPM_SIGN_INFO *s)
+{
+ Trspi_LoadBlob_UINT16(offset, s->tag, blob);
+ Trspi_LoadBlob(offset, 4, blob, s->fixed);
+ Trspi_LoadBlob(offset, TPM_SHA1_160_HASH_LEN, blob, s->replay.nonce);
+ Trspi_LoadBlob_UINT32(offset, s->dataLen, blob);
+ Trspi_LoadBlob(offset, s->dataLen, blob, s->data);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_CERTIFY_INFO(UINT64 *offset, BYTE *blob, TPM_CERTIFY_INFO *c)
+{
+ TSS_RESULT result;
+
+ if (!c) {
+ UINT32 pcrInfoSize;
+
+ Trspi_UnloadBlob_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_KEY_PARMS(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+ Trspi_UnloadBlob_NONCE(offset, blob, NULL);
+ Trspi_UnloadBlob_BOOL(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &pcrInfoSize, blob);
+
+ (*offset) += pcrInfoSize;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_VERSION(offset, blob, &c->version);
+ Trspi_UnloadBlob_UINT16(offset, &c->keyUsage, blob);
+ Trspi_UnloadBlob_UINT32(offset, &c->keyFlags, blob);
+ Trspi_UnloadBlob_BYTE(offset, &c->authDataUsage, blob);
+ if ((result = Trspi_UnloadBlob_KEY_PARMS(offset, blob, &c->algorithmParms)))
+ return result;
+ Trspi_UnloadBlob_DIGEST(offset, blob, &c->pubkeyDigest);
+ Trspi_UnloadBlob_NONCE(offset, blob, &c->data);
+ Trspi_UnloadBlob_BOOL(offset, (TSS_BOOL *)&c->parentPCRStatus, blob);
+ Trspi_UnloadBlob_UINT32(offset, &c->PCRInfoSize, blob);
+ if (c->PCRInfoSize != 0) {
+ c->PCRInfo = malloc(sizeof(TPM_PCR_INFO));
+ if (c->PCRInfo == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TPM_PCR_INFO));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ } else {
+ c->PCRInfo = NULL;
+ }
+ Trspi_UnloadBlob_PCR_INFO(offset, blob, (TPM_PCR_INFO *)c->PCRInfo);
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_UnloadBlob_TPM_FAMILY_LABEL(UINT64 *offset, BYTE *blob, TPM_FAMILY_LABEL *label)
+{
+ if (!label) {
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_BYTE(offset, &label->label, blob);
+}
+
+void
+Trspi_LoadBlob_TPM_FAMILY_LABEL(UINT64 *offset, BYTE *blob, TPM_FAMILY_LABEL *label)
+{
+ Trspi_LoadBlob_BYTE(offset, label->label, blob);
+}
+
+void
+Trspi_UnloadBlob_TPM_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TPM_FAMILY_TABLE_ENTRY *entry)
+{
+ if (!entry) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_TPM_FAMILY_LABEL(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &entry->tag, blob);
+ Trspi_UnloadBlob_TPM_FAMILY_LABEL(offset, blob, &entry->label);
+ Trspi_UnloadBlob_UINT32(offset, &entry->familyID, blob);
+ Trspi_UnloadBlob_UINT32(offset, &entry->verificationCount, blob);
+ Trspi_UnloadBlob_UINT32(offset, &entry->flags, blob);
+}
+
+void
+Trspi_LoadBlob_TPM_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TPM_FAMILY_TABLE_ENTRY *entry)
+{
+ Trspi_LoadBlob_UINT16(offset, entry->tag, blob);
+ Trspi_LoadBlob_TPM_FAMILY_LABEL(offset, blob, &entry->label);
+ Trspi_LoadBlob_UINT32(offset, entry->familyID, blob);
+ Trspi_LoadBlob_UINT32(offset, entry->verificationCount, blob);
+ Trspi_LoadBlob_UINT32(offset, entry->flags, blob);
+}
+
+void
+Trspi_UnloadBlob_TPM_DELEGATE_LABEL(UINT64 *offset, BYTE *blob, TPM_DELEGATE_LABEL *label)
+{
+ if (!label) {
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_BYTE(offset, &label->label, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TPM_DELEGATE_LABEL_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATE_LABEL *label)
+{
+ BYTE *internal_label = NULL;
+
+ if (label)
+ internal_label = &label->label;
+
+ return Trspi_UnloadBlob_BYTE_s(offset, internal_label, blob, capacity);
+}
+
+void
+Trspi_LoadBlob_TPM_DELEGATE_LABEL(UINT64 *offset, BYTE *blob, TPM_DELEGATE_LABEL *label)
+{
+ Trspi_LoadBlob_BYTE(offset, label->label, blob);
+}
+
+void
+Trspi_UnloadBlob_TPM_DELEGATIONS(UINT64 *offset, BYTE *blob, TPM_DELEGATIONS *delegations)
+{
+ if (!delegations) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &delegations->tag, blob);
+ Trspi_UnloadBlob_UINT32(offset, &delegations->delegateType, blob);
+ Trspi_UnloadBlob_UINT32(offset, &delegations->per1, blob);
+ Trspi_UnloadBlob_UINT32(offset, &delegations->per2, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TPM_DELEGATIONS_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATIONS *delegations)
+{
+ TSS_RESULT result;
+
+ if (!delegations) {
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &delegations->tag, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &delegations->delegateType, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &delegations->per1, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &delegations->per2, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_TPM_DELEGATIONS(UINT64 *offset, BYTE *blob, TPM_DELEGATIONS *delegations)
+{
+ Trspi_LoadBlob_UINT16(offset, delegations->tag, blob);
+ Trspi_LoadBlob_UINT32(offset, delegations->delegateType, blob);
+ Trspi_LoadBlob_UINT32(offset, delegations->per1, blob);
+ Trspi_LoadBlob_UINT32(offset, delegations->per2, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(UINT64 *offset, BYTE *blob, TPM_DELEGATE_PUBLIC *pub)
+{
+ TSS_RESULT result;
+
+ if (!pub) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_TPM_DELEGATE_LABEL(offset, blob, NULL);
+ (void)Trspi_UnloadBlob_PCR_INFO_SHORT(offset, blob, NULL);
+ Trspi_UnloadBlob_TPM_DELEGATIONS(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &pub->tag, blob);
+ Trspi_UnloadBlob_TPM_DELEGATE_LABEL(offset, blob, &pub->label);
+ if ((result = Trspi_UnloadBlob_PCR_INFO_SHORT(offset, blob, &pub->pcrInfo)))
+ return result;
+ Trspi_UnloadBlob_TPM_DELEGATIONS(offset, blob, &pub->permissions);
+ Trspi_UnloadBlob_UINT32(offset, &pub->familyID, blob);
+ Trspi_UnloadBlob_UINT32(offset, &pub->verificationCount, blob);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATE_PUBLIC *pub)
+{
+ TSS_RESULT result;
+
+ if (!pub) {
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_LABEL_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_PCR_INFO_SHORT_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATIONS_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &pub->tag, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_LABEL_s(offset, blob, capacity, &pub->label)))
+ return result;
+ if ((result = Trspi_UnloadBlob_PCR_INFO_SHORT_s(offset, blob, capacity, &pub->pcrInfo)))
+ return result;
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATIONS_s(offset, blob, capacity, &pub->permissions))) {
+ free(pub->pcrInfo.pcrSelection.pcrSelect);
+ pub->pcrInfo.pcrSelection.sizeOfSelect = 0;
+ pub->pcrInfo.pcrSelection.pcrSelect = NULL;
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &pub->familyID, blob, capacity))) {
+ free(pub->pcrInfo.pcrSelection.pcrSelect);
+ pub->pcrInfo.pcrSelection.sizeOfSelect = 0;
+ pub->pcrInfo.pcrSelection.pcrSelect = NULL;
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &pub->verificationCount, blob, capacity))) {
+ free(pub->pcrInfo.pcrSelection.pcrSelect);
+ pub->pcrInfo.pcrSelection.sizeOfSelect = 0;
+ pub->pcrInfo.pcrSelection.pcrSelect = NULL;
+ return result;
+ }
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_TPM_DELEGATE_PUBLIC(UINT64 *offset, BYTE *blob, TPM_DELEGATE_PUBLIC *pub)
+{
+ Trspi_LoadBlob_UINT16(offset, pub->tag, blob);
+ Trspi_LoadBlob_TPM_DELEGATE_LABEL(offset, blob, &pub->label);
+ Trspi_LoadBlob_PCR_INFO_SHORT(offset, blob, &pub->pcrInfo);
+ Trspi_LoadBlob_TPM_DELEGATIONS(offset, blob, &pub->permissions);
+ Trspi_LoadBlob_UINT32(offset, pub->familyID, blob);
+ Trspi_LoadBlob_UINT32(offset, pub->verificationCount, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TPM_DELEGATE_OWNER_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_OWNER_BLOB *owner)
+{
+ TSS_RESULT result;
+
+ if (!owner) {
+ UINT32 additionalSize, sensitiveSize;
+
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ (void)Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &additionalSize, blob);
+ (void)Trspi_UnloadBlob(offset, additionalSize, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &sensitiveSize, blob);
+ (void)Trspi_UnloadBlob(offset, sensitiveSize, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &owner->tag, blob);
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(offset, blob, &owner->pub)))
+ return result;
+ Trspi_UnloadBlob_DIGEST(offset, blob, &owner->integrityDigest);
+ Trspi_UnloadBlob_UINT32(offset, &owner->additionalSize, blob);
+ if (owner->additionalSize > 0) {
+ owner->additionalArea = malloc(owner->additionalSize);
+ if (owner->additionalArea == NULL) {
+ LogError("malloc of %u bytes failed.", owner->additionalSize);
+ free(owner->pub.pcrInfo.pcrSelection.pcrSelect);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, owner->additionalSize, blob, owner->additionalArea);
+ }
+ Trspi_UnloadBlob_UINT32(offset, &owner->sensitiveSize, blob);
+ if (owner->sensitiveSize > 0) {
+ owner->sensitiveArea = malloc(owner->sensitiveSize);
+ if (owner->sensitiveArea == NULL) {
+ LogError("malloc of %u bytes failed.", owner->sensitiveSize);
+ free(owner->pub.pcrInfo.pcrSelection.pcrSelect);
+ free(owner->additionalArea);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, owner->sensitiveSize, blob, owner->sensitiveArea);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TPM_DELEGATE_OWNER_BLOB_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DELEGATE_OWNER_BLOB *owner)
+{
+ TSS_RESULT result;
+
+ if (!owner) {
+ UINT32 additionalSize, sensitiveSize;
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_DIGEST_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &additionalSize, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, additionalSize, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &sensitiveSize, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, sensitiveSize, blob, capacity, NULL)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &owner->tag, blob, capacity)))
+ goto error0;
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC_s(offset, blob, capacity, &owner->pub)))
+ goto error0;
+ if ((result = Trspi_UnloadBlob_DIGEST_s(offset, blob, capacity, &owner->integrityDigest)))
+ goto error1;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &owner->additionalSize, blob, capacity)))
+ goto error1;
+
+ if (*offset + owner->additionalSize > capacity) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto error1;
+ }
+
+ if (owner->additionalSize > 0) {
+ owner->additionalArea = malloc(owner->additionalSize);
+ if (owner->additionalArea == NULL) {
+ LogError("malloc of %u bytes failed.", owner->additionalSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error2;
+ }
+
+ if ((result = Trspi_UnloadBlob_s(offset, owner->additionalSize, blob, capacity, owner->additionalArea)))
+ goto error2;
+ } else {
+ owner->additionalArea = NULL;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &owner->sensitiveSize, blob, capacity)))
+ goto error2;
+
+ if (*offset + owner->sensitiveSize > capacity) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto error2;
+ }
+
+ if (owner->sensitiveSize > 0) {
+ owner->sensitiveArea = malloc(owner->sensitiveSize);
+ if (owner->sensitiveArea == NULL) {
+ LogError("malloc of %u bytes failed.", owner->sensitiveSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto error3;
+ }
+
+ if ((result = Trspi_UnloadBlob_s(offset, owner->sensitiveSize, blob, capacity, owner->sensitiveArea)))
+ goto error3;
+ } else {
+ owner->sensitiveArea = NULL;
+ }
+
+ return TSS_SUCCESS;
+
+error3:
+ free(owner->sensitiveArea);
+ owner->sensitiveArea = NULL;
+ owner->sensitiveSize = 0;
+
+error2:
+ free(owner->additionalArea);
+ owner->additionalArea = NULL;
+ owner->additionalSize = 0;
+
+error1:
+ free(owner->pub.pcrInfo.pcrSelection.pcrSelect);
+ owner->pub.pcrInfo.pcrSelection.pcrSelect = NULL;
+ owner->pub.pcrInfo.pcrSelection.sizeOfSelect = 0;
+
+error0:
+ return result;
+}
+
+void
+Trspi_LoadBlob_TPM_DELEGATE_OWNER_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_OWNER_BLOB *owner)
+{
+ Trspi_LoadBlob_UINT16(offset, owner->tag, blob);
+ Trspi_LoadBlob_TPM_DELEGATE_PUBLIC(offset, blob, &owner->pub);
+ Trspi_LoadBlob_DIGEST(offset, blob, &owner->integrityDigest);
+ Trspi_LoadBlob_UINT32(offset, owner->additionalSize, blob);
+ Trspi_LoadBlob(offset, owner->additionalSize, blob, owner->additionalArea);
+ Trspi_LoadBlob_UINT32(offset, owner->sensitiveSize, blob);
+ Trspi_LoadBlob(offset, owner->sensitiveSize, blob, owner->sensitiveArea);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TPM_DELEGATE_KEY_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_KEY_BLOB *key)
+{
+ TSS_RESULT result;
+
+ if (!key) {
+ UINT32 additionalSize, sensitiveSize;
+
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ (void)Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &additionalSize, blob);
+ (void)Trspi_UnloadBlob(offset, additionalSize, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &sensitiveSize, blob);
+ (void)Trspi_UnloadBlob(offset, sensitiveSize, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &key->tag, blob);
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_PUBLIC(offset, blob, &key->pub)))
+ return result;
+ Trspi_UnloadBlob_DIGEST(offset, blob, &key->integrityDigest);
+ Trspi_UnloadBlob_DIGEST(offset, blob, &key->pubKeyDigest);
+ Trspi_UnloadBlob_UINT32(offset, &key->additionalSize, blob);
+ if (key->additionalSize > 0) {
+ key->additionalArea = malloc(key->additionalSize);
+ if (key->additionalArea == NULL) {
+ LogError("malloc of %u bytes failed.", key->additionalSize);
+ free(key->pub.pcrInfo.pcrSelection.pcrSelect);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, key->additionalSize, blob, key->additionalArea);
+ }
+ Trspi_UnloadBlob_UINT32(offset, &key->sensitiveSize, blob);
+ if (key->sensitiveSize > 0) {
+ key->sensitiveArea = malloc(key->sensitiveSize);
+ if (key->sensitiveArea == NULL) {
+ LogError("malloc of %u bytes failed.", key->sensitiveSize);
+ free(key->pub.pcrInfo.pcrSelection.pcrSelect);
+ free(key->additionalArea);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, key->sensitiveSize, blob, key->sensitiveArea);
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_TPM_DELEGATE_KEY_BLOB(UINT64 *offset, BYTE *blob, TPM_DELEGATE_KEY_BLOB *key)
+{
+ Trspi_LoadBlob_UINT16(offset, key->tag, blob);
+ Trspi_LoadBlob_TPM_DELEGATE_PUBLIC(offset, blob, &key->pub);
+ Trspi_LoadBlob_DIGEST(offset, blob, &key->integrityDigest);
+ Trspi_LoadBlob_DIGEST(offset, blob, &key->pubKeyDigest);
+ Trspi_LoadBlob_UINT32(offset, key->additionalSize, blob);
+ Trspi_LoadBlob(offset, key->additionalSize, blob, key->additionalArea);
+ Trspi_LoadBlob_UINT32(offset, key->sensitiveSize, blob);
+ Trspi_LoadBlob(offset, key->sensitiveSize, blob, key->sensitiveArea);
+}
+
+void
+Trspi_UnloadBlob_TSS_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_FAMILY_TABLE_ENTRY *entry)
+{
+ if (!entry) {
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_BOOL(offset, NULL, blob);
+ Trspi_UnloadBlob_BOOL(offset, NULL, blob);
+
+ return;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &entry->familyID, blob);
+ Trspi_UnloadBlob_BYTE(offset, &entry->label, blob);
+ Trspi_UnloadBlob_UINT32(offset, &entry->verificationCount, blob);
+ Trspi_UnloadBlob_BOOL(offset, &entry->enabled, blob);
+ Trspi_UnloadBlob_BOOL(offset, &entry->locked, blob);
+}
+
+void
+Trspi_LoadBlob_TSS_FAMILY_TABLE_ENTRY(UINT64 *offset, BYTE *blob, TSS_FAMILY_TABLE_ENTRY *entry)
+{
+ Trspi_LoadBlob_UINT32(offset, entry->familyID, blob);
+ Trspi_LoadBlob_BYTE(offset, entry->label, blob);
+ Trspi_LoadBlob_UINT32(offset, entry->verificationCount, blob);
+ Trspi_LoadBlob_BOOL(offset, entry->enabled, blob);
+ Trspi_LoadBlob_BOOL(offset, entry->locked, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TSS_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TSS_PCR_INFO_SHORT *pcr)
+{
+ if (!pcr) {
+ UINT32 sizeOfSelect, sizeOfDigestAtRelease;
+
+ Trspi_UnloadBlob_UINT32(offset, &sizeOfSelect, blob);
+ (void)Trspi_UnloadBlob(offset, sizeOfSelect, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &sizeOfDigestAtRelease, blob);
+ (void)Trspi_UnloadBlob(offset, sizeOfDigestAtRelease, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &pcr->sizeOfSelect, blob);
+ if (pcr->sizeOfSelect > 0) {
+ pcr->selection = malloc(pcr->sizeOfSelect);
+ if (pcr->selection == NULL) {
+ LogError("malloc of %u bytes failed.", pcr->sizeOfSelect);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, pcr->sizeOfSelect, blob, pcr->selection);
+ } else {
+ pcr->selection = NULL;
+ }
+ Trspi_UnloadBlob_BYTE(offset, &pcr->localityAtRelease, blob);
+ Trspi_UnloadBlob_UINT32(offset, &pcr->sizeOfDigestAtRelease, blob);
+ if (pcr->sizeOfDigestAtRelease > 0) {
+ pcr->digestAtRelease = malloc(pcr->sizeOfDigestAtRelease);
+ if (pcr->digestAtRelease == NULL) {
+ LogError("malloc of %u bytes failed.", pcr->sizeOfDigestAtRelease);
+ free(pcr->selection);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, pcr->sizeOfDigestAtRelease, blob, pcr->digestAtRelease);
+ } else {
+ pcr->digestAtRelease = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_TSS_PCR_INFO_SHORT(UINT64 *offset, BYTE *blob, TSS_PCR_INFO_SHORT *pcr)
+{
+ Trspi_LoadBlob_UINT32(offset, pcr->sizeOfSelect, blob);
+ Trspi_LoadBlob(offset, pcr->sizeOfSelect, blob, pcr->selection);
+ Trspi_LoadBlob_BYTE(offset, pcr->localityAtRelease, blob);
+ Trspi_LoadBlob_UINT32(offset, pcr->sizeOfDigestAtRelease, blob);
+ Trspi_LoadBlob(offset, pcr->sizeOfDigestAtRelease, blob, pcr->digestAtRelease);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TSS_DELEGATION_TABLE_ENTRY(UINT64 *offset, BYTE *blob,
+ TSS_DELEGATION_TABLE_ENTRY *entry)
+{
+ TSS_RESULT result;
+
+ if (!entry) {
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ (void)Trspi_UnloadBlob_TSS_PCR_INFO_SHORT(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, &entry->tableIndex, blob);
+ Trspi_UnloadBlob_BYTE(offset, &entry->label, blob);
+ if ((result = Trspi_UnloadBlob_TSS_PCR_INFO_SHORT(offset, blob, &entry->pcrInfo)))
+ return result;
+ Trspi_UnloadBlob_UINT32(offset, &entry->per1, blob);
+ Trspi_UnloadBlob_UINT32(offset, &entry->per2, blob);
+ Trspi_UnloadBlob_UINT32(offset, &entry->familyID, blob);
+ Trspi_UnloadBlob_UINT32(offset, &entry->verificationCount, blob);
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_TSS_DELEGATION_TABLE_ENTRY(UINT64 *offset, BYTE *blob,
+ TSS_DELEGATION_TABLE_ENTRY *entry)
+{
+ Trspi_LoadBlob_UINT32(offset, entry->tableIndex, blob);
+ Trspi_LoadBlob_BYTE(offset, entry->label, blob);
+ Trspi_LoadBlob_TSS_PCR_INFO_SHORT(offset, blob, &entry->pcrInfo);
+ Trspi_LoadBlob_UINT32(offset, entry->per1, blob);
+ Trspi_LoadBlob_UINT32(offset, entry->per2, blob);
+ Trspi_LoadBlob_UINT32(offset, entry->familyID, blob);
+ Trspi_LoadBlob_UINT32(offset, entry->verificationCount, blob);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_PCR_COMPOSITE(UINT64 *offset, BYTE *blob, TCPA_PCR_COMPOSITE *out)
+{
+ TSS_RESULT result;
+
+ if (!out) {
+ UINT32 valueSize;
+
+ Trspi_UnloadBlob_PCR_SELECTION(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT32(offset, &valueSize, blob);
+ Trspi_UnloadBlob(offset, valueSize, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_PCR_SELECTION(offset, blob, &out->select)))
+ return result;
+
+ Trspi_UnloadBlob_UINT32(offset, &out->valueSize, blob);
+ out->pcrValue = malloc(out->valueSize);
+ if (out->pcrValue == NULL) {
+ LogError("malloc of %u bytes failed.", out->valueSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, out->valueSize, blob, (BYTE *)out->pcrValue);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_MIGRATIONKEYAUTH(UINT64 *offset, BYTE *blob, TPM_MIGRATIONKEYAUTH *migAuth)
+{
+ TSS_RESULT result;
+
+ if (!migAuth) {
+ (void)Trspi_UnloadBlob_PUBKEY(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_DIGEST(offset, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_PUBKEY(offset, blob, &migAuth->migrationKey)))
+ return result;
+
+ Trspi_UnloadBlob_UINT16(offset, &migAuth->migrationScheme, blob);
+ Trspi_UnloadBlob_DIGEST(offset, blob, &migAuth->digest);
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_MIGRATIONKEYAUTH(UINT64 *offset, BYTE *blob, TPM_MIGRATIONKEYAUTH *migAuth)
+{
+ Trspi_LoadBlob_PUBKEY(offset, blob, &migAuth->migrationKey);
+ Trspi_LoadBlob_UINT16(offset, migAuth->migrationScheme, blob);
+ Trspi_LoadBlob_DIGEST(offset, blob, &migAuth->digest);
+}
+
+void
+Trspi_LoadBlob_MSA_COMPOSITE(UINT64 *offset, BYTE *blob, TPM_MSA_COMPOSITE *msaComp)
+{
+ UINT32 i;
+
+ Trspi_LoadBlob_UINT32(offset, msaComp->MSAlist, blob);
+ for (i = 0; i < msaComp->MSAlist; i++)
+ Trspi_LoadBlob_DIGEST(offset, blob, &msaComp->migAuthDigest[i]);
+}
+
+void
+Trspi_LoadBlob_CMK_AUTH(UINT64 *offset, BYTE *blob, TPM_CMK_AUTH *cmkAuth)
+{
+ Trspi_LoadBlob_DIGEST(offset, blob, &cmkAuth->migrationAuthorityDigest);
+ Trspi_LoadBlob_DIGEST(offset, blob, &cmkAuth->destinationKeyDigest);
+ Trspi_LoadBlob_DIGEST(offset, blob, &cmkAuth->sourceKeyDigest);
+}
+
+TSS_RESULT
+Trspi_Hash_MSA_COMPOSITE(Trspi_HashCtx *c, TPM_MSA_COMPOSITE *m)
+{
+ UINT32 i;
+ TPM_DIGEST *digest;
+ TSS_RESULT result;
+
+ result = Trspi_Hash_UINT32(c, m->MSAlist);
+ digest = m->migAuthDigest;
+ for (i = 0; i < m->MSAlist; i++) {
+ result |= Trspi_Hash_DIGEST(c, digest->digest);
+ digest++;
+ }
+
+ return result;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_TSS_PLATFORM_CLASS(UINT64 *offset, BYTE *blob, TSS_PLATFORM_CLASS *platClass)
+{
+ if (!platClass){
+ UINT32 classURISize;
+
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &classURISize, blob);
+ Trspi_UnloadBlob(offset, classURISize, blob, NULL);
+
+ return TSS_SUCCESS;
+ }
+ Trspi_UnloadBlob_UINT32(offset, &platClass->platformClassSimpleIdentifier, blob);
+ Trspi_UnloadBlob_UINT32(offset, &platClass->platformClassURISize, blob);
+
+ platClass->pPlatformClassURI = malloc(platClass->platformClassURISize);
+ if (platClass->pPlatformClassURI == NULL) {
+ LogError("malloc of %u bytes failed.", platClass->platformClassURISize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ Trspi_UnloadBlob(offset, platClass->platformClassURISize, blob,
+ (BYTE *)platClass->pPlatformClassURI);
+
+ return TSS_SUCCESS;
+}
+
+void
+Trspi_LoadBlob_CAP_VERSION_INFO(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v)
+{
+ Trspi_LoadBlob_UINT16(offset, v->tag, blob);
+ Trspi_LoadBlob_TCPA_VERSION(offset, blob, *(TCPA_VERSION *)(&v->version));
+ Trspi_LoadBlob_UINT16(offset, v->specLevel, blob);
+ Trspi_LoadBlob_BYTE(offset, v->errataRev, blob);
+ Trspi_LoadBlob(offset, sizeof(v->tpmVendorID), blob, v->tpmVendorID);
+ Trspi_LoadBlob_UINT16(offset, v->vendorSpecificSize, blob);
+ Trspi_LoadBlob(offset, v->vendorSpecificSize, blob, v->vendorSpecific);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_CAP_VERSION_INFO(UINT64 *offset, BYTE *blob, TPM_CAP_VERSION_INFO *v)
+{
+ if (!v) {
+ UINT16 vendorSpecificSize;
+
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_VERSION(offset, blob, NULL);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob(offset, 4, blob, NULL);
+ Trspi_UnloadBlob_UINT16(offset, &vendorSpecificSize, blob);
+
+ (*offset) += vendorSpecificSize;
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &v->tag, blob);
+ Trspi_UnloadBlob_VERSION(offset, blob, (TCPA_VERSION *)&v->version);
+ Trspi_UnloadBlob_UINT16(offset, &v->specLevel, blob);
+ Trspi_UnloadBlob_BYTE(offset, &v->errataRev, blob);
+ Trspi_UnloadBlob(offset, sizeof(v->tpmVendorID), blob, v->tpmVendorID);
+ Trspi_UnloadBlob_UINT16(offset, &v->vendorSpecificSize, blob);
+
+ if (v->vendorSpecificSize > 0) {
+ if ((v->vendorSpecific = malloc(v->vendorSpecificSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", v->vendorSpecificSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ Trspi_UnloadBlob(offset, v->vendorSpecificSize, blob, v->vendorSpecific);
+ } else {
+ v->vendorSpecific = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_CAP_VERSION_INFO_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_CAP_VERSION_INFO *v)
+{
+ TSS_RESULT result;
+
+ if (!v) {
+ UINT16 vendorSpecificSize;
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_VERSION_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, 4, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &vendorSpecificSize, blob, capacity)))
+ return result;
+
+ (*offset) += vendorSpecificSize;
+ if (*offset > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &v->tag, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_VERSION_s(offset, blob, capacity, (TCPA_VERSION *)&v->version)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &v->specLevel, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &v->errataRev, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_s(offset, sizeof(v->tpmVendorID), blob, capacity, v->tpmVendorID)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &v->vendorSpecificSize, blob, capacity)))
+ return result;
+
+ if (v->vendorSpecificSize > 0) {
+ if ((v->vendorSpecific = malloc(v->vendorSpecificSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", v->vendorSpecificSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = Trspi_UnloadBlob_s(offset, v->vendorSpecificSize, blob, capacity, v->vendorSpecific))) {
+ free(v->vendorSpecific);
+ return result;
+ }
+ } else {
+ v->vendorSpecific = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_NV_INDEX(UINT64 *offset, BYTE *blob, TPM_NV_INDEX *v)
+{
+ if (!v) {
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT32(offset, v, blob);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_NV_INDEX_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_NV_INDEX *v)
+{
+ if (!v) {
+ return Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity);
+ }
+
+ return Trspi_UnloadBlob_UINT32_s(offset, v, blob, capacity);
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_NV_ATTRIBUTES(UINT64 *offset, BYTE *blob, TPM_NV_ATTRIBUTES *v)
+{
+ if (!v) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &v->tag, blob);
+ Trspi_UnloadBlob_UINT32(offset, &v->attributes, blob);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_NV_ATTRIBUTES_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_NV_ATTRIBUTES *v)
+{
+ TSS_RESULT result;
+
+ if (!v) {
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &v->tag, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &v->attributes, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_NV_DATA_PUBLIC(UINT64 *offset, BYTE *blob, TPM_NV_DATA_PUBLIC *v)
+{
+ if (!v) {
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_NV_INDEX(offset, blob, NULL);
+ Trspi_UnloadBlob_PCR_INFO_SHORT(offset, blob, NULL);
+ Trspi_UnloadBlob_PCR_INFO_SHORT(offset, blob, NULL);
+ Trspi_UnloadBlob_NV_ATTRIBUTES(offset, blob, NULL);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &v->tag, blob);
+ Trspi_UnloadBlob_NV_INDEX(offset, blob, &v->nvIndex);
+ Trspi_UnloadBlob_PCR_INFO_SHORT(offset, blob, &v->pcrInfoRead);
+ Trspi_UnloadBlob_PCR_INFO_SHORT(offset, blob, &v->pcrInfoWrite);
+ Trspi_UnloadBlob_NV_ATTRIBUTES(offset, blob, &v->permission);
+ Trspi_UnloadBlob_BYTE(offset, &v->bReadSTClear, blob);
+ Trspi_UnloadBlob_BYTE(offset, &v->bWriteSTClear, blob);
+ Trspi_UnloadBlob_BYTE(offset, &v->bWriteDefine, blob);
+ Trspi_UnloadBlob_UINT32(offset, &v->dataSize, blob);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_NV_DATA_PUBLIC_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_NV_DATA_PUBLIC *v)
+{
+ TSS_RESULT result;
+
+ if (!v) {
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_NV_INDEX_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_PCR_INFO_SHORT_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_PCR_INFO_SHORT_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_NV_ATTRIBUTES_s(offset, blob, capacity, NULL)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &v->tag, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_NV_INDEX_s(offset, blob, capacity, &v->nvIndex)))
+ return result;
+ if ((result = Trspi_UnloadBlob_PCR_INFO_SHORT_s(offset, blob, capacity, &v->pcrInfoRead)))
+ return result;
+ if ((result = Trspi_UnloadBlob_PCR_INFO_SHORT_s(offset, blob, capacity, &v->pcrInfoWrite))) {
+ free(v->pcrInfoRead.pcrSelection.pcrSelect);
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_NV_ATTRIBUTES_s(offset, blob, capacity, &v->permission))) {
+ free(v->pcrInfoRead.pcrSelection.pcrSelect);
+ free(v->pcrInfoWrite.pcrSelection.pcrSelect);
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &v->bReadSTClear, blob, capacity))) {
+ free(v->pcrInfoRead.pcrSelection.pcrSelect);
+ free(v->pcrInfoWrite.pcrSelection.pcrSelect);
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &v->bWriteSTClear, blob, capacity))) {
+ free(v->pcrInfoRead.pcrSelection.pcrSelect);
+ free(v->pcrInfoWrite.pcrSelection.pcrSelect);
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &v->bWriteDefine, blob, capacity))) {
+ free(v->pcrInfoRead.pcrSelection.pcrSelect);
+ free(v->pcrInfoWrite.pcrSelection.pcrSelect);
+ return result;
+ }
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &v->dataSize, blob, capacity))) {
+ free(v->pcrInfoRead.pcrSelection.pcrSelect);
+ free(v->pcrInfoWrite.pcrSelection.pcrSelect);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_DA_INFO(UINT64 *offset, BYTE *blob, TPM_DA_INFO *info) {
+ if (!info) {
+ UINT32 vendorDataSize = 0;
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_BYTE(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT16(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, NULL, blob);
+ Trspi_UnloadBlob_UINT32(offset, &vendorDataSize, blob);
+ (*offset) += vendorDataSize;
+ return TSS_SUCCESS;
+ }
+
+ Trspi_UnloadBlob_UINT16(offset, &info->tag, blob);
+ Trspi_UnloadBlob_BYTE(offset, &info->state, blob);
+ Trspi_UnloadBlob_UINT16(offset, &info->currentCount, blob);
+ Trspi_UnloadBlob_UINT16(offset, &info->thresholdCount, blob);
+ Trspi_UnloadBlob_UINT16(offset, &info->actionAtThreshold.tag, blob);
+ Trspi_UnloadBlob_UINT32(offset, &info->actionAtThreshold.actions, blob);
+ Trspi_UnloadBlob_UINT32(offset, &info->actionDependValue, blob);
+ Trspi_UnloadBlob_UINT32(offset, &info->vendorDataSize, blob);
+ if (info->vendorDataSize > 0) {
+ if ((info->vendorData = malloc(info->vendorDataSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", info->vendorDataSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ Trspi_UnloadBlob(offset, info->vendorDataSize, blob, info->vendorData);
+ } else {
+ info->vendorData = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+Trspi_UnloadBlob_DA_INFO_s(UINT64 *offset, BYTE *blob, UINT64 capacity, TPM_DA_INFO *info) {
+ TSS_RESULT result;
+
+ if (!info) {
+ UINT32 vendorDataSize = 0;
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, NULL, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &vendorDataSize, blob, capacity)))
+ return result;
+
+ (*offset) += vendorDataSize;
+ if (*offset > capacity)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+
+ return TSS_SUCCESS;
+ }
+
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &info->tag, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_BYTE_s(offset, &info->state, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &info->currentCount, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &info->thresholdCount, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT16_s(offset, &info->actionAtThreshold.tag, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &info->actionAtThreshold.actions, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &info->actionDependValue, blob, capacity)))
+ return result;
+ if ((result = Trspi_UnloadBlob_UINT32_s(offset, &info->vendorDataSize, blob, capacity)))
+ return result;
+ if (info->vendorDataSize > 0) {
+ if ((info->vendorData = malloc(info->vendorDataSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", info->vendorDataSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = Trspi_UnloadBlob_s(offset, info->vendorDataSize, blob, capacity, info->vendorData))) {
+ free(info->vendorData);
+ return result;
+ }
+ } else {
+ info->vendorData = NULL;
+ }
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi.c
new file mode 100644
index 0000000..b86b2c1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi.c
@@ -0,0 +1,237 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <bi.h>
+
+#include "tcslog.h"
+
+#undef INLINE_DECL
+#define INLINE_DECL
+
+/***********************************************************************************
+ CONSTANT
+*************************************************************************************/
+
+bi_t bi_0;
+bi_t bi_1;
+bi_t bi_2;
+
+/***********************************************************************************
+ WORK VARIABLE
+*************************************************************************************/
+
+// Buffer to load bi from a file . A static field is used, this should not be
+// refere in any SPI calls.
+#define BUFFER_SIZE 10000
+static char buffer[BUFFER_SIZE]; // used for loading bi
+
+#define SAFETY_PARAM 80
+
+// keep the list of allocated memory, usually used for the format functions
+list_ptr allocs = NULL;
+
+/***********************************************************************************
+ DUMP LIB
+*************************************************************************************/
+
+// !! to use only for debugging
+// do not used it in the same call, as a static buffer is used
+char *dump_byte_array(int len, unsigned char *array) {
+ int i, j=0;
+ char c, str[3];
+
+ for( i=0; i<len; i++) {
+ c = array[i];
+ sprintf( str, "%02X", (int)(c & 0xFF));
+ buffer[j] = str[0];
+ buffer[j+1] = str[1];
+ j+=2;
+ }
+ buffer[j] = 0;
+ return buffer;
+}
+
+/* convert <strings> and return it into a byte array <result> of length <length> */
+unsigned char *retrieve_byte_array( int *len, const char *strings) {
+ int index_str = 0, index_result = 0;
+ int str_len = strlen( strings);
+ char read_buffer[3];
+ int c;
+ unsigned char *result;
+
+ read_buffer[2]=0;
+ *len = ( str_len >> 1);
+ #ifdef BI_DEBUG
+ printf("[%s]\n", strings);
+ printf("[retrieve_byte_array] strlen=%d len=%d\n", str_len, *len);
+ #endif
+ result = (unsigned char *)malloc( *len+1);
+ if( result == NULL) {
+ LogError("malloc of %d bytes failed", *len+1);
+ return NULL;
+ }
+ if( (str_len & 1) ==1) {
+ // impair => 1 12 23 -> 01 12 23
+ read_buffer[0]='0';
+ read_buffer[1]=strings[index_str++];
+ sscanf( read_buffer, "%2X", &c);
+ #ifdef BI_DEBUG
+ printf("[c'=%2X|%s]", (int)(c & 0xFF), read_buffer);
+ #endif
+ result[index_result++] = c&0xFF;
+ (*len)++;
+ }
+ while( index_str < str_len) {
+ read_buffer[0] = strings[ index_str++];
+ read_buffer[1] = strings[ index_str++];
+ sscanf( read_buffer, "%02X", &c);
+ #ifdef BI_DEBUG
+ printf("[c'=%2X|%s]", (int)(c & 0xFF), read_buffer);
+ #endif
+ result[index_result++] = c&0xFF;
+ }
+ return result;
+}
+
+/* create a <big integer> array */
+INLINE_DECL void bi_new_array( bi_array array, const int length) {
+ int i=0;
+
+ bi_new_array2( array, length);
+ if( array->array == NULL) return;
+ for( i = 0; i< length; i++) {
+ array->array[i] = bi_new_ptr();
+ }
+}
+
+/* create a <big integer> array */
+INLINE_DECL void bi_new_array2( bi_array array, const int length) {
+ array->length = length;
+ array->array = (bi_ptr *)malloc( sizeof(bi_ptr) * length);
+ if( array->array == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(bi_ptr)*length);
+ return;
+ }
+}
+
+/* free resources allocated to the big integer <i> */
+INLINE_DECL void bi_free_array(bi_array array) {
+ int length = array->length;
+ int i=0;
+
+ for( i = 0; i< length; i++) {
+ bi_free_ptr( array->array[i]);
+ }
+ free( array->array);
+}
+
+/* copy length pointers from the array <src, offset_src> to array <dest, offset_dest> */
+INLINE_DECL void bi_copy_array(bi_array_ptr src,
+ int offset_src,
+ bi_array_ptr dest,
+ int offset_dest,
+ int length) {
+ int i=0;
+
+ for( i = 0; i< length; i++) {
+ dest->array[ offset_dest + i] = src->array[ offset_src + i];
+ }
+}
+
+/* debug function -> dump a field of type bi_array */
+void dump_bi_array( char *field, const bi_array_ptr array) {
+ int i;
+
+ for( i=0; i<array->length; i++) {
+ printf("%s->array[%d] = %s\n", field, i, bi_2_hex_char(array->array[i]));
+ }
+}
+
+/***********************************************************************************
+ SAFE RANDOM
+*************************************************************************************/
+
+/* Returns a random number in the range of [0,element-1] */
+bi_ptr compute_random_number( bi_ptr result, const bi_ptr element) {
+ bi_urandom( result, bi_length( element) + SAFETY_PARAM);
+ bi_mod( result, result, element);
+ return result;
+}
+
+/***********************************************************************************
+ SAVE / LOAD
+*************************************************************************************/
+
+/* load an big integer from an open file handler */
+void bi_load( bi_ptr bi, FILE *file) {
+ int i=0;
+ char c;
+
+ fgets( buffer, BUFFER_SIZE, file);
+ do {
+ c = buffer[i];
+ i++;
+ } while( c != 0 && c != ' ');
+ buffer[i-1] = 0;
+ bi_set_as_hex( bi, buffer);
+}
+
+/* load an big integer array from an open file handler */
+void bi_load_array( bi_array_ptr array, FILE *file) {
+ int i, j = 0, length;
+ char c;
+
+ fgets( buffer, BUFFER_SIZE, file);
+ do {
+ c = buffer[ j];
+ j++;
+ } while( c != 0 && c != ' ');
+ buffer[ j -1] = 0;
+ sscanf( buffer, "%d", &length);
+ bi_new_array( array, length);
+ for( i=0; i<array->length; i++) {
+ bi_load( array->array[i], file);
+ }
+}
+
+/* save an big integer to an open file handler */
+void bi_save( const bi_ptr bi, const char *name, FILE *file) {
+ fprintf( file, "%s # %s [%ld]\n", bi_2_hex_char( bi), name, bi_nbin_size( bi));
+}
+
+/* save an big integer array to an open file handler */
+void bi_save_array( const bi_array_ptr array, const char *name, FILE *file) {
+ int i;
+ char new_name[100];
+
+ fprintf(file, "%d # %s.length\n", array->length, name);
+ for( i=0; i<array->length; i++) {
+ sprintf( new_name, "%s[%d]", name, i);
+ bi_save( array->array[i], new_name, file);
+ }
+}
+
+/* convert <bi> to a byte array of length result, the beginning of */
+/* this buffer is feel with '0' if needed */
+void bi_2_byte_array( unsigned char *result, int length, bi_ptr bi) {
+ int i, result_length;
+
+ bi_2_nbin1( &result_length, buffer, bi);
+ int delta = length - result_length;
+ #ifdef BI_DEBUG
+ fprintf( stderr, "[bi_2_byte_array] result_length=%d length=%d\n", result_length, length);
+ #endif
+ if( delta < 0) {
+ LogError( "[bi_2_byte_array] asked length:%d found:%d\n", length, result_length);
+ return;
+ }
+ for( i=0; i<delta; i++) result[i] = 0;
+ for( ; i<length; i++) result[ i] = buffer[ i - delta];
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi_gmp.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi_gmp.c
new file mode 100644
index 0000000..f03bf4c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi_gmp.c
@@ -0,0 +1,261 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifdef BI_GMP
+
+#include <time.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <bi.h>
+
+#undef INLINE_DECL
+#define INLINE_DECL
+
+gmp_randstate_t state;
+
+/*
+ reps controls how many tests should be done in mpz_probable_prime_p:
+ 5 to 10 are reasonable number
+*/
+static int reps = 20;
+
+static int initialized = 0;
+void * (*bi_alloc)(size_t size);
+
+/***********************************************************************************
+ BITS OPERATION
+*************************************************************************************/
+
+// for conversion from and to byte[] see mpz_export and mpz_import
+
+/* return the size of a network byte order representation of <i> */
+long bi_nbin_size(const bi_ptr i) {
+ int word_size = 1; // 1 byte per word
+ int numb = 8 * word_size - 0;
+ int count = (mpz_sizeinbase ( i, 2) + numb-1) / numb;
+
+ return count * word_size;
+}
+
+/* return a BYTE * - in network byte order - and update the length <length> */
+unsigned char *bi_2_nbin( int *length, const bi_ptr i) {
+ unsigned char *buffer = (unsigned char *)bi_alloc( bi_nbin_size( i));
+
+ if( buffer == NULL) return NULL;
+ mpz_export(buffer, length, 1, 1, 1, 0, i);
+ return buffer;
+}
+
+/* return a BYTE * - in network byte order - and update the length <length> */
+/* different from bi_2_nbin: you should reserve enough memory for the storage */
+void bi_2_nbin1( int *length, unsigned char *buffer, const bi_ptr i) {
+ mpz_export(buffer, length, 1, 1, 1, 0, i);
+}
+
+/* return a bi_ptr that correspond to the big endian encoded BYTE array of length <n_length> */
+INLINE_DECL bi_ptr bi_set_as_nbin( const unsigned long length, const unsigned char *buffer) {
+ bi_ptr ret = bi_new_ptr();
+
+ if( ret == NULL) return NULL;
+ mpz_import( ret, length, 1, 1, 1, 0, buffer);
+ return ret;
+}
+
+
+/***********************************************************************************
+ BASIC MATH OPERATION
+*************************************************************************************/
+
+/* multiple-exponentiation */
+/* <result> := mod( Multi( <g>i, <e>i), number of byte <m>) with 0 <= i <= <n> */
+bi_ptr bi_multi_mod_exp( bi_ptr result,
+ const int n,
+ const bi_t g[],
+ const long e[],
+ const int m) {
+ mpz_t temp, bi_m;
+ int i;
+
+ mpz_init( temp);
+ mpz_init( bi_m);
+ mpz_set_si( bi_m, m);
+ // result := (g[0] ^ e[0]) mod m
+ mpz_powm_ui( result, g[0], e[0], bi_m);
+ for( i=1; i<n; i++) {
+ // temp := (g[i] ^ e[i]) mod bi_m
+ mpz_powm_ui( temp, g[i], e[i], bi_m);
+ // result := result * temp
+ mpz_mul( result, result, temp);
+ }
+ mpz_mod_ui( result, result, m);
+ mpz_clear( bi_m);
+ mpz_clear( temp);
+ return result;
+}
+
+/***********************************************************************************
+ NUMBER THEORIE OPERATION
+*************************************************************************************/
+/* generate prime number of <length> bits */
+INLINE_DECL bi_ptr bi_generate_prime( bi_ptr result, const long length) {
+ do {
+ mpz_urandomb( result, state, length); // i := random( length)
+ bi_setbit( result, 0);
+ bi_setbit( result, length - 1);
+ bi_setbit( result, length - 2);
+ mpz_nextprime( result, result); // i := nextPrime( i)
+ } while( mpz_sizeinbase( result, 2) != (unsigned long)length &&
+ bi_is_probable_prime( result) );
+ return result;
+}
+
+/* generate a safe prime number of <length> bits */
+/* by safe we mean a prime p so that (p-1)/2 is also prime */
+INLINE_DECL bi_ptr bi_generate_safe_prime( bi_ptr result, long length) {
+ mpz_t temp;
+
+ mpz_init(temp);
+ do {
+ bi_generate_prime( result, length);
+ mpz_sub_ui( temp, result, 1); // temp := result - 1
+ mpz_div_2exp( temp, temp, 1); // temp := temp / 2
+ } while( mpz_probab_prime_p( temp, 10) == 0);
+#ifdef BI_DEBUG
+ printf("GENERATE SAFE PRIME DONE");fflush(stdout);
+#endif
+ mpz_clear( temp);
+ return result;
+}
+
+/* return true if <i> is a probably prime */
+INLINE_DECL int bi_is_probable_prime( bi_ptr i) {
+ /*
+ This function does some trial divisions and after some Miller-Rabin probabilistic
+ primality tests. The second parameter controls how many tests should be done,
+ 5 to 10 are reasonable number
+ */
+ return mpz_probab_prime_p( i, reps)>=1 ? 1 : 0;
+}
+
+/* return in <result> the greatest common divisor of <a> and <b> */
+/* <result> := gcd( <a>, <b>) */
+INLINE_DECL bi_ptr bi_gcd( bi_ptr result, bi_ptr a, bi_ptr b) {
+ // result := gcd( a, b)
+ mpz_gcd( result, a, b);
+ return result;
+}
+
+
+/***********************************************************************************
+ INIT/RELEASE LIBRARY
+*************************************************************************************/
+
+/* bi_alloc_p allocation function used only for exporting a bi struct, so for bi_2_nbin
+if define as NULL, a stdlib malloc() will be used */
+void bi_init( void * (*bi_alloc_p)(size_t size)) {
+ time_t start;
+ unsigned long seed;
+ FILE *f;
+#ifdef INTERACTIVE
+ int c, i;
+#endif
+
+ if( initialized == 1) return;
+ if( bi_alloc_p == NULL) bi_alloc = &malloc;
+ else bi_alloc = bi_alloc_p;
+ mpz_init( bi_0);
+ mpz_set_ui( bi_0, 0);
+ mpz_init( bi_1);
+ mpz_set_ui( bi_1, 1);
+ mpz_init( bi_2);
+ mpz_set_ui( bi_2, 2);
+ allocs = list_new();
+ if( allocs == NULL) {
+ LogError("malloc of list failed");
+ return;
+ }
+#ifdef BI_DEBUG
+ printf("bi_init() -> gmp lib\n");
+#endif
+ time( &start);
+ // first try /dev/random, the most secure random generator
+ f = fopen("/dev/random", "r");
+ // in case of failure, but les secure :(
+ if( f== NULL) f = fopen("/dev/urandom", "r");
+ if( f != NULL) {
+ fread( &seed, sizeof(unsigned long int), 1, f);
+ fclose(f);
+ }
+#ifdef INTERACTIVE
+ else {
+ printf("! devices /dev/random and /dev/urandom not found\n");
+ printf("type some characters to generate a random seed (follow by enter)\n");
+ fflush(stdout);
+ i=0;
+ while( (c = fgetc(stdin)) != 10) {
+ time_t temps;
+ time( &temps);
+ seed += temps +( c << i);
+ i++;
+ }
+ time_t temps;
+ time( &temps);
+ seed += temps;
+#ifdef BI_DEBUG
+ printf("temps=%lx\n", temps - start);
+#endif // BI_DEBUG
+ seed = (long)( temps * start);
+ }
+#endif // INTERACTIVE
+#ifdef BI_DEBUG
+ printf("seed=%lx\n", seed);
+#endif
+ gmp_randinit_default( state);
+ gmp_randseed_ui( state, seed);
+ initialized = 1;
+}
+
+void bi_release(void) {
+ if( initialized) {
+ bi_flush_memory();
+ bi_free( bi_0);
+ bi_free( bi_1);
+ bi_free( bi_2);
+ initialized = 0;
+ }
+}
+void bi_flush_memory(void) {
+ node_t *current;
+ list_ptr list = allocs;
+
+ if( list->head == NULL) return; // list is empty
+ else {
+ current = list->head; // go to first node
+ do {
+ LogDebug("[flush memory] free %lx\n", current->obj);
+ free( current->obj);
+ current = current->next; // traverse through the list
+ } while(current != NULL); // until current node is NULL
+ }
+ list_freeall( allocs);
+ allocs = list_new();
+ if( allocs == NULL) {
+ LogError("malloc of list failed");
+ return;
+ }
+}
+
+
+int bi_is_initialized(void) {
+ return initialized;
+}
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi_openssl.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi_openssl.c
new file mode 100644
index 0000000..50ef030
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/bi_openssl.c
@@ -0,0 +1,181 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#ifdef BI_OPENSSL
+
+#define INSIDE_LIB
+
+#include <time.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+#include <bi.h>
+
+#include "tcslog.h"
+
+#undef INLINE_DECL
+#define INLINE_DECL
+
+#include <string.h>
+#include <openssl/rand.h>
+
+BN_CTX *context;
+static int initialized = 0;
+
+void * (*bi_alloc)(size_t size);
+
+/* return true if <i> is a probably prime */
+INLINE_DECL int bi_is_probable_prime( const bi_ptr i) {
+ /*
+ * start tests using some small prime numbers. Continue by performing a Miller-Rabin
+ * probabilistic primality test with checks iterations, and with some iterations that
+ * yields a false positive rate of at most 2^-80 for random input.
+ * return:
+ * 0 if the number is composite
+ * 1 if it is prime with an error probability of less than 0.25^checks, and on error.
+ */
+ return BN_is_prime_fasttest( i, BN_prime_checks, NULL, context, NULL, 1);
+}
+
+/* <result> := ( <g> ^ <e> ) mod <m> */
+INLINE_DECL bi_ptr bi_mod_exp_si( bi_ptr result, const bi_ptr g, const bi_ptr e, const long m) {
+ bi_t bi_tmp;
+
+ bi_new( bi_tmp);
+ BN_set_word( bi_tmp, m);
+#ifdef BI_DEBUG
+ printf("[bi_mod_exp] (g=%s ^ e=%s) mod=%s\n",
+ BN_bn2dec( g),
+ BN_bn2dec( e),
+ BN_bn2dec( bi_tmp));
+#endif
+ BN_mod_exp( result, g, e, bi_tmp, context); // result := (g ^ e) mod bi_tmp9
+#ifdef BI_DEBUG
+ printf("[bi_mod_exp] res=%s\n", BN_bn2dec( result));
+#endif
+ bi_free( bi_tmp);
+ return result;
+}
+
+/* multiple-exponentiation */
+/* <result> := mod( Multi( <g>i, <e>i), number of byte <m>) with 0 <= i <= <n> */
+bi_ptr bi_multi_mod_exp( bi_ptr result,
+ const int n,
+ const bi_t g[],
+ const long e[],
+ const int m
+) {
+ BIGNUM *temp = BN_new();
+ BIGNUM *bi_m = BN_new();
+ BIGNUM *bi_e = BN_new();
+ int i;
+
+ BN_set_word( bi_m, m);
+ BN_set_word( bi_e, e[0]);
+ // result := (g[0] ^ e[0]) mod bi_m
+ BN_mod_exp( result, g[0], bi_e, bi_m, context);
+ for( i=1; i<n; i++) {
+ BN_set_word( bi_e, e[i]);
+ // temp := (g[i] ^ e[i]) mod bi_m
+ BN_mod_exp( temp, g[i], bi_e, bi_m, context);
+ // result := result * temp
+ BN_mul( result, result, temp, context);
+ }
+ BN_mod( result, result, bi_m, context);
+ BN_free(bi_e);
+ BN_free(bi_m);
+ BN_free(temp);
+ return result;
+}
+
+
+/***********************************************************************************
+ INIT/RELEASE LIBRARY
+************************************************************************************/
+
+/* bi_alloc_p allocation function used only for exporting a bi struct,
+so for bi_2_nbin? for example. if define as NULL, a stdlib malloc() will be used
+*/
+void bi_init( void * (*bi_alloc_p)(size_t size)) {
+ if( initialized == 1) return;
+ if( bi_alloc_p == NULL) bi_alloc = &malloc;
+ else bi_alloc = bi_alloc_p;
+ bi_new( bi_0);
+ bi_set_as_si( bi_1, 0);
+ bi_new( bi_1);
+ bi_set_as_si( bi_1, 1);
+ bi_new( bi_2);
+ bi_set_as_si( bi_2, 2);
+ allocs = list_new();
+ if( allocs == NULL) {
+ LogError("malloc of list failed");
+ return;
+ }
+ LogDebug("bi_init() -> openssl lib\n");
+ LogDebug("bi_init() -> seed status = %d\n", RAND_status());
+ context = BN_CTX_new();
+ if( RAND_status() != 1) {
+ LogError("! PRNG has not been seeded with enough data\n");
+#ifdef INTERACTIVE
+ printf("type some characters to regenerate a random seed\n");
+ fflush(stdout);
+ int c, i=0, seed;
+ char str[2] = "a";
+ while( RAND_status() !=1 ) {
+ c = fgetc(stdin);
+ time_t temps;
+ time( &temps);
+ seed += temps +( c << i);
+ i++;
+ str[0]=c;
+ RAND_seed( str, 1);
+ }
+#endif
+ }
+ initialized = 1;
+}
+
+void bi_release(void) {
+ if( initialized) {
+ bi_flush_memory();
+ bi_free( bi_0);
+ bi_free( bi_1);
+ bi_free( bi_2);
+ BN_CTX_free( context);
+ initialized = 0;
+ }
+}
+
+void bi_flush_memory(void) {
+ node_t *current;
+ list_ptr list = allocs;
+
+ if( list->head == NULL) return; // list is empty
+ else {
+ current = list->head; // go to first node
+ do {
+ LogDebug("[flush memory] free %lx\n", (long)current->obj);
+ free( current->obj);
+ current = current->next; // traverse through the list
+ } while(current != NULL); // until current node is NULL
+ }
+ list_freeall( allocs);
+ allocs = list_new();
+ if( allocs == NULL) {
+ LogError("malloc of list failed");
+ return;
+ }
+}
+
+int bi_is_initialized(void) {
+ return initialized;
+}
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/test/multi_exp.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/test/multi_exp.c
new file mode 100644
index 0000000..2ff80fc
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/test/multi_exp.c
@@ -0,0 +1,29 @@
+#include <stdio.h>
+
+#include <bi.h>
+
+// use standard C definition to avoid .h
+int test_exp_multi(void) {
+ bi_t result;
+ bi_t g[3];
+ unsigned long e[3];
+
+ bi_new( result);
+ bi_new( g[0]);
+ bi_new( g[1]);
+ bi_new( g[2]);
+ // result = (2^2 * 5^4 * 7^7) mod 56 -> should give 28
+ bi_set_as_dec( g[0], "2");
+ bi_set_as_dec( g[1], "5");
+ bi_set_as_dec( g[2], "7");
+ e[0] = 2L;
+ e[1] = 4L;
+ e[2] = 7L;
+ bi_multi_mod_exp( result, 3, g, e, 56);
+ printf("multi-exponentiation <result>=%s\n", bi_2_dec_char(result));
+ bi_free( g[0]);
+ bi_free( g[1]);
+ bi_free( g[2]);
+ bi_free( result);
+ return 0;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/test/test.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/test/test.c
new file mode 100644
index 0000000..4cc3a7f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/big_integer/test/test.c
@@ -0,0 +1,296 @@
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+
+#include <bi.h>
+
+/* for the logging system used by TSS */
+setenv("TCSD_FOREGROUND", "1", 1);
+
+ /*
+ * standard bit length extension to obtain a uniformly distributed number
+ * [0,element]
+ */
+int test_exp_multi(void);
+
+void foo (bi_t result, const bi_ptr param, unsigned long n) {
+ unsigned long i;
+
+ bi_set( result, param);
+ bi_mul_si( result, result, n);
+ for (i = 1; i < n; i++) bi_add_si( result, result, i*7);
+}
+
+void *my_malloc(size_t size) {
+ void *ret = malloc( size);
+
+ printf("my_malloc() -> %ld\n", (long)ret);
+ return ret;
+}
+
+ /**
+ * Returns a random number in the range of [0,element-1].
+ *
+ * @param element
+ * the upper limit
+ * @param random
+ * the secure random source
+ * @return the random number
+ */
+void computeRandomNumber(bi_t res, const bi_ptr element) {
+ int length = 80 + bi_length( res); // give the length
+ bi_urandom( res, length); // res = random( of length);
+ int element_length = bi_length( element);
+ bi_mod_si( res, res, element_length); // res = res mod <number byte of element>
+}
+
+int main (int argc, char **argv) {
+ bi_t bi_tmp, bi_tmp1, bi_tmp2, bi_tmp3, bi_tmp4, bi_tmp5, bi_tmp6;
+ bi_t r;
+ bi_t n;
+ int i;
+ unsigned char result1[5];
+ int len;
+ char *byte_array;
+ FILE *file;
+ unsigned char ret[] = { (unsigned char)1, 0, (unsigned char)254 };
+ int length;
+ unsigned char *buffer;
+ unsigned char byte;
+ bi_ptr nn;
+
+ bi_init( &my_malloc);
+ printf("test(%s,%s)\n", __DATE__, __TIME__);
+ #ifdef BI_GMP
+ printf("using BMP\n");
+ #endif
+ #ifdef BI_OPENSSL
+ printf("using OPENSSL\n");
+ #endif
+
+ bi_new( bi_tmp);
+ bi_new( bi_tmp1);
+ bi_new( bi_tmp2);
+ bi_new( bi_tmp3);
+ bi_new( bi_tmp4);
+ bi_new( bi_tmp5);
+ bi_new( bi_tmp6);
+ bi_new( n);
+ bi_new( r);
+ bi_set_as_hex( n, "75E8F38669C531EB78C7ACD62CCDEFFB5E5BE15E2AA55B3AD28B1A35F6E937097CE09A49C689AC335FBA669205CEF209275CFF273F8F81C5B864E5029EECDFA0743BC15D6E4D2C2CB0DED2DC7119A7E0D61669D417BB3B12BA1D10FD40326A49CA6C9E77F8585F25D8C897D9C73284152E103582C018C964F02ADDBA56CB1161A949AAE2847ADE8BC1152716C8B4AF37A87011C2569F646FD3EDA83099048B9525A6401C47A372F3EA43C91066AD5851AE11DEF1EAC7108FFB06AD94D0B849C339A5E8793C4C054456D3D22D30ACCCF7EF33EF7A7D65799E7908D95B0538A9EFC91BF104CE5008D79625394DB1E5883B2F202B95320BBD868BF65C996FC0DFC5");
+ bi_set_as_hex( r, "35A624E6607CFD37162C6052547450B2267ECC749F10CDAEB5C294491321EEB47CA0229F423ADCEF3FA7806F5C4DB3C3445D8E7039EBC457149A1343BECF3B1078385C06EE74351A476BE0D5203633C81F7B8D68548DB763F0C096B20615B6016C180291EF32CC064A173BB22F6B46B3240ACC0B50D8338757FA28D5B0313BC4201CD2B35472842E71994C8FCA557B08004B2495304D13A93D796134BB8078E2EE371707DE5809D72474A7CCE1F865ECD8876105D3DB9AFA9426052D0120C755C60F56A0C0F30FAED2053CEB3129FAB6F57F6E209A8E7B2A559D734B339E19E1F2A147BC94DB2FF491CB5ACCEEEED7F2EA75AFF7CAD33E1E420A09135D9C5C1F");
+ DUMP_BI( n);
+ DUMP_BI( r);
+ printf("big number n=n*r\n");
+ bi_mul( n, n, r);
+ DUMP_BI( n);
+ bi_set_as_hex( r, "D7E7028DA181DADAC29C95143C865702453465115AFA7576AADF1E57DD84DA7FF4C8F66530D1E9D1AB69BC12342B89FA0A9755F9F4EE1DA445D50016CEF50622ED905CC9B987FCC7910CAA841641814C1994BC442A15CB05FE5C145626F1454E90435FBC6A529856EF29BDBCBFCB62FB69EDBD11DC33357667867278E1679EABCDBEEA02E9A6911804DF47ACA6B2D63A31E258AD542D71A8178A5E072F5E221EADBB10E16D5533AE427101FF94C5967575FABCD18305C5F15C103CEA1A8ACD01898E88426EDA7C0DF58AA48435808A840F6EEE1D7205D33F356E20FE0D4136B401BF386F11869C3CE4A808B96435694748EF3706F58756548A71E4CF4D2BE157");
+ bi_mod( n, n, r);
+ printf("mod big number n=n mod r\n");
+ DUMP_BI( n);
+ if( bi_get_si( bi_set_as_si( n, 13)) != 13) {
+ printf("!!! bi_set_as_si 13(%s) = 13\n", bi_2_dec_char( n ));
+ exit(-1);
+ }
+ if( bi_get_si( bi_set_as_si( n, -13)) != -13) {
+ printf("!!! bi_set_as_si -13(%s) = -13\n", bi_2_dec_char( n ));
+ exit(-1);
+ }
+ if( bi_get_si( bi_inc(bi_set_as_si( n, 13))) != 14) {
+ puts("!!! bi_inc 13++ = 14\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_dec(bi_set_as_si( n, 13))) != 12) {
+ puts("!!! bi_dec 13-- = 12\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_setbit(bi_set_as_si( n, 0), 10)) != 1024) {
+ puts("!!! bi_setbit set[10] = 1024\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_mod_si(bi_tmp, bi_set_as_si( n, 12), 10)) != 2) {
+ puts("!!! bi_mod_si 12 mod 10 = 2\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_mul_si(bi_tmp, bi_set_as_si( n, 12), 10)) != 120) {
+ puts("!!! bi_mul_si 12 * 10 = 120\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_mul(bi_tmp, bi_set_as_si( n, 12), bi_set_as_si( bi_tmp1, 10))) != 120) {
+ puts("!!! bi_mul_si 12 * 10 = 120\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_mod_exp_si(bi_tmp, bi_set_as_si( bi_tmp1, 4), bi_2, 10)) != 6) {
+ puts("!!! bi_mod_exp_si 4 ^ 2 mod 10 = 6\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_mod_exp(bi_tmp, bi_set_as_si( bi_tmp1, 4), bi_2, bi_set_as_si( bi_tmp2, 10))) != 6) {
+ puts("!!! bi_mod_exp 4 ^ 2 mod 10 = 6\n");
+ exit(-1);
+ }
+ if( bi_get_si( bi_mod(bi_tmp, bi_set_as_si( n, 12), bi_set_as_si(bi_tmp1, 10))) != 2) { printf("!!! bi_mod 12 mod 10 = 2 [%s]\n",bi_2_dec_char( bi_tmp)); exit(-1); }
+ if( bi_get_si( bi_mod(bi_tmp, bi_set_as_si( n, -12), bi_set_as_si(bi_tmp1, 10))) != 8) { printf("!!! bi_mod -12 mod 10 = 8 [%s]\n",bi_2_dec_char( bi_tmp)); exit(-1); }
+ if( bi_get_si( bi_mod(bi_tmp, bi_set_as_si( n, -27), bi_set_as_si(bi_tmp1, 10))) != 3) { printf("!!! bi_mod -27 mod 10 = 3 [%s]\n",bi_2_dec_char( bi_tmp)); exit(-1); }
+ bi_set_as_si(n, 0x12345678);
+ bi_2_byte_array( result1, 5, n);
+ if( result1[0] != 0x00 || result1[1] != 0x12 || result1[2] != 0x34 || result1[3] != 0x56 || result1[4] != 0x78 ) {
+ printf("!!! bi_2_byte_array[0x123456578] [0]=%x [1]=%x [2]=%x [3]=%x [4]=%x \n", result1[0], result1[1], result1[2], result1[3], result1[4]);
+ exit( -1);
+ }
+ byte_array = retrieve_byte_array( &len, "12345");
+ printf("test dump_byte_array len=%d \n", len);
+ printf("test dump_byte_array(\"12345\")=%s\n", dump_byte_array( len, byte_array));
+ free( byte_array);
+ byte_array = retrieve_byte_array( &len, "12345678");
+ printf("test dump_byte_array len=%d \n", len);
+ printf("test dump_byte_array(\"12345678\")=%s\n", dump_byte_array( len, byte_array));
+
+ // test save end load of bi_t and bi_array
+ /////////////////////////////////////////////////////////////////////////////////////
+ bi_array result;
+ bi_new_array( result, 2);
+ bi_set_as_si( bi_tmp, 6);
+ bi_set_as_si( result->array[0], 314159);
+ bi_set_as_si( result->array[1], 123456789);
+ file = fopen("/tmp/test.todel", "w");
+ bi_save_array( result, "result", file);
+ bi_save( bi_tmp, "bi_tmp", file);
+ fclose( file);
+ bi_set_as_si( result->array[0], 0);
+ bi_set_as_si( result->array[1], 0);
+ bi_set_as_si( bi_tmp, 0);
+ file = fopen("/tmp/test.todel", "r");
+ bi_load_array( result, file);
+ bi_load( bi_tmp, file);
+ fclose( file);
+ if( bi_get_si( result->array[0]) != 314159) { puts("!!! save/load array[0] = 314159\n"); exit(-1); }
+ if( bi_get_si( result->array[1]) != 123456789) { puts("!!! save/load array[1] = 123456789\n"); exit(-1); }
+ if( bi_get_si( bi_tmp) != 6) { puts("!!! save/load bi_tmp = 6\n"); exit(-1); }
+
+ // conversion from bi_t 2 big endian BYTE*
+ /////////////////////////////////////////////////////////////////////////////////////
+ bi_set_as_si( n, 254+(1 << 16));
+ buffer = bi_2_nbin( &length, n);
+ printf("value 2 convert=%s length=%ld\n", bi_2_hex_char( n), bi_nbin_size( n));
+ for( i=0; i<length; i++) {
+ byte = (unsigned char)(buffer[i] & 0xFF);
+ if( byte != ret[i]) { printf("\n!!! bi_2_nbin[%d] %x = %x\n", i, byte, ret[i]); exit(-1); }
+ printf("[buffer[%d]=%x]", i, (int)(byte));
+ }
+ printf("\n");
+ nn = bi_set_as_nbin( length, buffer);
+ if( bi_equals_si( nn, 254+(1 << 16) ) == 0) {
+ printf("\n!!! bi_set_as_nbin %s = %x\n", bi_2_hex_char( nn), 254+(1 << 16));
+ exit(-1);
+ }
+ if( !bi_equals( bi_sub_si( bi_tmp, bi_set_as_si( bi_tmp1, 9), 1),
+ bi_mod( bi_tmp2,
+ bi_mul( bi_tmp3, bi_set_as_si(bi_tmp4, 6),
+ bi_set_as_si( bi_tmp5, 3)),
+ bi_set_as_si( bi_tmp6, 10)))) {
+ puts("!!! 9-1 == (6*3) mod 10\n");
+ printf("!!! tmp(8) = %s tmp1(9)=%s tmp2(8)=%s tmp3(6*3)=%s tmp4(6)=%s\
+ tmp5(3)=%s tmp6(10)=%s\n",
+ bi_2_dec_char(bi_tmp),
+ bi_2_dec_char(bi_tmp1),
+ bi_2_dec_char(bi_tmp2),
+ bi_2_dec_char(bi_tmp3),
+ bi_2_dec_char(bi_tmp4),
+ bi_2_dec_char(bi_tmp5),
+ bi_2_dec_char(bi_tmp6));
+ exit(-1);
+ puts("!!! 9-1 == (6*3) mod 10\n"); exit(-1);
+ }
+ bi_set_as_si(n, 1);
+ bi_shift_left(n, n, 10);
+ printf("1 << 10 = %s\n", bi_2_dec_char( n));
+ bi_set_as_si(n, 1);
+ printf("(1 << 10) >> 5 = %s\n", bi_2_dec_char( bi_shift_right(bi_tmp, bi_shift_left(bi_tmp1, n, 10), 5)));
+ bi_set_as_si(n, 1);
+ printf("[* (1 << 10) >> 5 *] = (2^10) / (2^5) -> %s\n", bi_2_dec_char( bi_shift_right( bi_tmp, ( bi_shift_left( bi_tmp1, n, 10)), 5)));
+ bi_set_as_si( n, 10);
+ printf(" (2^10) = %s\n", bi_2_dec_char( bi_mod_exp_si( bi_tmp, bi_2, n, 2000)));
+ printf(" (1<<5) = %s\n", bi_2_dec_char( bi_shift_left( bi_tmp, bi_set_as_si( bi_tmp1, 1), 5)));
+ printf(" 1024 / 500 = %s\n", bi_2_dec_char( bi_div( bi_tmp, bi_set_as_si( bi_tmp1, 1024), bi_set_as_si( bi_tmp2, 500))));
+ printf(" 1024 / 500 = %s\n", bi_2_dec_char( bi_div_si( bi_tmp, bi_set_as_si( bi_tmp1, 1024), 500)));
+ printf(" (1 << 10) >> 5 = [* (2^10) / (2^5) *] -> %s\n", bi_2_dec_char( bi_div( bi_tmp1,
+ bi_mod_exp_si( bi_tmp2, bi_2, bi_set_as_si( bi_tmp3, 10), 2000),
+ bi_mod_exp_si( bi_tmp4, bi_2, bi_set_as_si( bi_tmp5, 5), 2000) )));
+
+ printf("(1 << 10) >> 5 = (2^10) / (1<<5) -> %d\n", bi_equals( bi_shift_right( bi_tmp, ( bi_shift_left( bi_tmp1, bi_1, 10)), 5),
+ bi_div( bi_tmp2,
+ bi_mod_exp_si( bi_tmp3, bi_2, bi_set_as_si( bi_tmp4, 10), 2000),
+ bi_mod_exp_si( bi_tmp5, bi_2, bi_set_as_si( bi_tmp6, 5), 2000))));
+ printf("( 45 ^ -5 ) %% 10 == ( 1 / ( (45 ^ 5) %% 10) ) %% 10\n");
+ bi_set_as_si( bi_tmp, 45);
+ bi_set_as_si( bi_tmp1, 5);
+ // bi_negate( bi_tmp1);
+ bi_set_as_si( bi_tmp2, 10);
+ bi_mod_exp( bi_tmp3, bi_tmp, bi_tmp1, bi_tmp2);
+ bi_set_as_si( bi_tmp1, 5);
+ bi_mod_exp( bi_tmp4, bi_tmp, bi_tmp1, bi_tmp2);
+ printf("\t( 45 ^ -5 ) %% 10 = %s\n", bi_2_dec_char( bi_tmp3));
+ printf("\t( 1 / ( (45 ^ 5) %% 10) ) %% 10 = %s\n", bi_2_dec_char( bi_tmp4));
+ if( bi_equals( bi_tmp3, bi_tmp4) == 0) {
+ printf("!!! error !\n");
+ exit( -1);
+ }
+ for( i=0; i<5; i++) {
+ bi_generate_prime( bi_tmp, 1024);
+ printf("bi=%s\n", bi_2_hex_char( bi_tmp));
+ printf("bi.length=%ld \n", bi_length( bi_tmp));
+ if( bi_length( bi_tmp) != 1024) { puts("!!! length(random(1024)) != 1024\n"); exit(-1); }
+ }
+ bi_set_as_si(n, 0);
+ bi_setbit( n, 10);
+ printf("setbit(10) = %s\n", bi_2_dec_char( n));
+ bi_set_as_dec(n, "123456");
+ foo( r, n, 20L);
+ printf("TEST:%s\n", bi_2_dec_char( r));
+ bi_urandom( n, 1024);
+ bi_urandom( r, 1024);
+ computeRandomNumber( r, n);
+ printf("r:%s n:%s\n", bi_2_hex_char( r), bi_2_hex_char( n));
+ bi_generate_prime( r, 1024);
+ printf("prime:%s\nIs probable prime:%d\n", bi_2_hex_char( r), bi_is_probable_prime( r));
+ int error = bi_invert_mod( r, r, n);
+ printf("Invert mod return:%d\nInvert(r):%s\n", error, bi_2_hex_char( r));
+ bi_negate( r);
+ printf("negate(r):%s\n", bi_2_hex_char( r));
+ bi_generate_safe_prime( r, 128);
+ bi_sub_si( n, r, 1); // n= r - 1
+ bi_shift_right( n, n, 1); // n = n / 2
+ printf("safe prime(r):%s probable_prime:%d\n", bi_2_hex_char( r), bi_is_probable_prime( r));
+ printf("safe prime( (r-1)/2):%s probable_prime:%d\n", bi_2_hex_char( n), bi_is_probable_prime( n));
+ test_exp_multi();
+ bi_free( r);
+ bi_free( n);
+
+ bi_set_as_si( result->array[0], 1);
+ printf("result-> 1<<20:%s\n", bi_2_dec_char( bi_shift_left( result->array[0], result->array[0], 20)));
+ bi_set_as_si( result->array[1], 1);
+ printf("result1-> 1<<10:%s\n", bi_2_dec_char( bi_shift_right( result->array[1], result->array[0], 10)));
+ // copy arrays
+ bi_array new_result; bi_new_array2( new_result, 4);
+ bi_new_array2( new_result, 4);
+ bi_copy_array( result, 0, new_result, 0, 2);
+ bi_copy_array( result, 0, new_result, 2, 2);
+ for( i = 0; i<4; i++) {
+ printf("new_result[%d]-> [even-> 1<<20] [odd-> 1<<10] :%s\n", i, bi_2_dec_char( new_result->array[i]));
+ }
+
+ bi_free( bi_tmp);
+ bi_free( bi_tmp1);
+ bi_free( bi_tmp2);
+ bi_free( bi_tmp3);
+ bi_free( bi_tmp4);
+ bi_free( bi_tmp5);
+ bi_free( bi_tmp6);
+ bi_release();
+ printf("THE END [%s,%s]\n", __DATE__, __TIME__);
+ fflush(stdout);
+ return 0;
+
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_anonymityrevocation/csencryption_result.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_anonymityrevocation/csencryption_result.c
new file mode 100644
index 0000000..9750e7e
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_anonymityrevocation/csencryption_result.c
@@ -0,0 +1,211 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include "daa_parameter.h"
+#include "daa_structs.h"
+#include "anonymity_revocation.h"
+#include "verifier.h"
+#include "tsplog.h"
+
+CS_ENCRYPTION_RESULT *create_CS_ENCRYPTION_RESULT(
+ bi_ptr c1,
+ bi_ptr c2,
+ bi_ptr c3,
+ bi_ptr c4
+) {
+ CS_ENCRYPTION_RESULT *result =
+ (CS_ENCRYPTION_RESULT *)malloc( sizeof(CS_ENCRYPTION_RESULT));
+
+ if (result == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(CS_ENCRYPTION_RESULT));
+ return NULL;
+ }
+ result->c1 = c1;
+ result->c2 = c2;
+ result->c3 = c3;
+ result->c4 = c4;
+ return result;
+}
+
+CS_ENCRYPTION_RESULT_RANDOMNESS *create_CS_ENCRYPTION_RESULT_RANDOMNESS(
+ CS_ENCRYPTION_RESULT *cs_encryption_result,
+ bi_ptr randomness
+) {
+ CS_ENCRYPTION_RESULT_RANDOMNESS *result =
+ (CS_ENCRYPTION_RESULT_RANDOMNESS *)
+ malloc(sizeof(CS_ENCRYPTION_RESULT_RANDOMNESS));
+
+ if (result == NULL) {
+ LogError("malloc of %d bytes failed",
+ sizeof(CS_ENCRYPTION_RESULT_RANDOMNESS));
+ return NULL;
+ }
+ result->randomness = randomness;
+ result->result = cs_encryption_result;
+ return result;
+}
+
+bi_ptr compute_u( const EVP_MD *digest,
+ const bi_ptr c1,
+ const bi_ptr c2,
+ const bi_ptr c3,
+ const BYTE *condition,
+ const int conditionLength
+) {
+ BYTE *buffer, *bytes;
+ int c1_size = bi_nbin_size( c1);
+ int c2_size = bi_nbin_size( c2);
+ int c3_size = bi_nbin_size( c3);
+ int index = 0;
+ int length;
+ bi_ptr value;
+ int bufferLength = c1_size + c2_size + c3_size + conditionLength;
+
+ buffer = (BYTE *)malloc( bufferLength);
+ if (buffer == NULL) {
+ LogError("malloc of %d bytes failed", bufferLength);
+ return NULL;
+ }
+ bi_2_byte_array( &buffer[index], c1_size, c1);
+ index += c1_size;
+ bi_2_byte_array( &buffer[index], c2_size, c2);
+ index += c2_size;
+ bi_2_byte_array( &buffer[index], c3_size, c3);
+ index += c3_size;
+ memcpy( &buffer[index], condition, conditionLength);
+ index += conditionLength;
+ length = DAA_PARAM_LENGTH_MFG1_ANONYMITY_REVOCATION / 8; // 25 /8
+ bytes = compute_bytes( bufferLength, buffer, length, digest);
+ if( bytes == NULL) return NULL;
+ value = bi_set_as_nbin( length, bytes);
+ free( bytes);
+ free( buffer);
+ return value;
+}
+
+CS_ENCRYPTION_RESULT_RANDOMNESS* internal_compute_encryption_proof(
+ const bi_ptr msg,
+ const bi_ptr delta1,
+ const bi_ptr delta2,
+ const bi_ptr delta3,
+ const bi_ptr randomness,
+ const CS_PUBLIC_KEY *key,
+ const struct tdTSS_DAA_PK_internal *daa_key,
+ const BYTE *condition,
+ const int conditionLength,
+ const EVP_MD *digest
+) {
+ bi_ptr modulus = daa_key->modulus;
+ bi_ptr gamma = daa_key->gamma;
+ bi_ptr c1 = bi_new_ptr( );
+ bi_ptr c2 = bi_new_ptr( );
+ bi_ptr c3 = bi_new_ptr( );
+ bi_ptr c4;
+ bi_ptr exp;
+ bi_t bi_tmp;
+ bi_t bi_tmp1;
+
+ bi_new( bi_tmp);
+ bi_new( bi_tmp1);
+ if( bi_cmp( msg, modulus) >= 0) {
+ LogError("IllegalArgument: msg to big for key size");
+ bi_free_ptr( c1);
+ bi_free_ptr( c2);
+ bi_free_ptr( c3);
+ bi_free( bi_tmp);
+ bi_free( bi_tmp1);
+ return NULL;
+ }
+ bi_mod_exp( c1, gamma, randomness, modulus);
+ bi_mod_exp( c2, key->eta, randomness, modulus);
+ // c3=msg * (key->lambda3 ^ randomness) % mopdulus)
+ bi_mul( c3, msg, bi_mod_exp( bi_tmp, key->lambda3, randomness, modulus));
+ bi_mod( c3, c3, modulus); // c3 = c3 % modulus
+ if( delta1 != NULL) {
+ if( !( delta2!=NULL && delta3!=NULL)) {
+ LogError("Illegal Arguments: delta2==NULL or delta3==NULL");
+ bi_free_ptr( c1);
+ bi_free_ptr( c2);
+ bi_free_ptr( c3);
+ bi_free( bi_tmp);
+ bi_free( bi_tmp1);
+ return NULL;
+ }
+ exp = compute_u( digest, delta1, delta2, delta3, condition, conditionLength);
+ } else {
+ if( !( delta2==NULL && delta3==NULL)) {
+ LogError("Illegal Arguments: delta2!=NULL or delta3!=NULL");
+ bi_free_ptr( c1);
+ bi_free_ptr( c2);
+ bi_free_ptr( c3);
+ bi_free( bi_tmp);
+ bi_free( bi_tmp1);
+ return NULL;
+ }
+ exp = compute_u( digest, c1, c2, c3, condition, conditionLength);
+ }
+ // exp = exp * randomness
+ bi_mul( exp, exp, randomness);
+ // exp = exp % daa_key->rho
+ bi_mod( exp, exp, daa_key->rho);
+ // bi_tmp = (key->lambda1 ^ randomness) % modulus
+ bi_mod_exp( bi_tmp, key->lambda1, randomness, modulus);
+ // bi_tmp1 = (key->lambda2 ^ exp) % modulus
+ bi_mod_exp( bi_tmp1, key->lambda2, exp, modulus);
+ c4 = bi_new_ptr();
+ // c4 = bi_tmp * bi_tmp1
+ bi_mul( c4, bi_tmp, bi_tmp1);
+ // c4 = c4 % modulus
+ bi_mod( c4, c4, modulus);
+ bi_free_ptr( exp);
+ bi_free( bi_tmp1);
+ bi_free( bi_tmp);
+ return create_CS_ENCRYPTION_RESULT_RANDOMNESS(
+ create_CS_ENCRYPTION_RESULT( c1, c2, c3, c4),
+ randomness);
+}
+
+/*
+Cramer-Shoup EncryptionProof
+from com.ibm.zurich.tcg.daa.anonymityrevocation.CSEncryptionProof
+ */
+CS_ENCRYPTION_RESULT_RANDOMNESS *compute_ecryption_proof(
+ const bi_ptr msg,
+ const bi_ptr delta1,
+ const bi_ptr delta2,
+ const bi_ptr delta3,
+ const bi_ptr randomness,
+ const CS_PUBLIC_KEY *key,
+ const struct tdTSS_DAA_PK_internal *daa_key,
+ const BYTE *condition,
+ const int conditionLength,
+ const EVP_MD *digest
+) {
+ if( delta1 == NULL || delta2 == NULL || delta3 == NULL) {
+ LogError("Illegal Argument: deltas (delta1:%ld delta2:%ld delta3:%ld)",
+ (long)delta1, (long)delta2, (long)delta3);
+ return NULL;
+ }
+ if( bi_cmp( randomness, daa_key->rho) >=0 || bi_cmp_si( randomness, 0) < 0) {
+ LogError("randomness >= rho || randomness < 0 \n\trandomness:%s\n\trho:%s\n",
+ bi_2_dec_char( randomness), bi_2_dec_char( daa_key->rho));
+ return NULL;
+ }
+ return internal_compute_encryption_proof( msg,
+ delta1,
+ delta2,
+ delta3,
+ randomness,
+ key,
+ daa_key,
+ condition,
+ conditionLength,
+ digest);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_debug.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_debug.c
new file mode 100644
index 0000000..d39273b
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_debug.c
@@ -0,0 +1,294 @@
+
+
+/********************************************************************************************
+* KEY PAIR WITH PROOF
+********************************************************************************************/
+
+int
+save_KEY_PAIR_WITH_PROOF(FILE *file,
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof)
+{
+ save_DAA_PK_internal( file, key_pair_with_proof->pk);
+ save_DAA_PRIVATE_KEY( file, key_pair_with_proof->private_key);
+ save_DAA_PK_PROOF_internal( file, key_pair_with_proof->proof);
+
+ return 0;
+}
+
+KEY_PAIR_WITH_PROOF_internal *
+load_KEY_PAIR_WITH_PROOF(FILE *file)
+{
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof =
+ (KEY_PAIR_WITH_PROOF_internal *)malloc(sizeof(KEY_PAIR_WITH_PROOF_internal));
+
+ key_pair_with_proof->pk = load_DAA_PK_internal(file);
+ key_pair_with_proof->private_key = load_DAA_PRIVATE_KEY(file);
+ key_pair_with_proof->proof = load_DAA_PK_PROOF_internal(file);
+
+ return key_pair_with_proof;
+}
+
+int
+save_DAA_PK_internal(FILE *file, const TSS_DAA_PK_internal *pk_internal)
+{
+ char *buffer;
+
+ LogDebug("-> save_DAA_PK_internal");
+
+ BI_SAVE( pk_internal->modulus, file);
+ BI_SAVE( pk_internal->capitalS, file);
+ BI_SAVE( pk_internal->capitalZ, file);
+ BI_SAVE( pk_internal->capitalR0, file);
+ BI_SAVE( pk_internal->capitalR1, file);
+ BI_SAVE( pk_internal->gamma, file);
+ BI_SAVE( pk_internal->capitalGamma, file);
+ BI_SAVE( pk_internal->rho, file);
+ BI_SAVE_ARRAY( pk_internal->capitalRReceiver, file);
+ BI_SAVE_ARRAY( pk_internal->capitalRIssuer, file);
+ fprintf( file, "%d\n", pk_internal->issuerBaseNameLength);
+ buffer = (char *)malloc( pk_internal->issuerBaseNameLength + 1);
+ memcpy( buffer, pk_internal->issuerBaseName, pk_internal->issuerBaseNameLength);
+ buffer[ pk_internal->issuerBaseNameLength] = 0;
+ fprintf( file, "%s\n", buffer);
+ free( buffer);
+
+ LogDebug("<- save_DAA_PK_internal");
+
+ return 0;
+}
+
+TSS_DAA_PK_internal *
+load_DAA_PK_internal(FILE *file)
+{
+ TSS_DAA_PK_internal *pk_internal =
+ (TSS_DAA_PK_internal *)malloc(sizeof(TSS_DAA_PK_internal));
+ char *read_buffer;
+
+ pk_internal->modulus = bi_new_ptr();
+ BI_LOAD( pk_internal->modulus, file);
+ pk_internal->capitalS = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalS, file);
+ pk_internal->capitalZ = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalZ, file);
+ pk_internal->capitalR0 = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalR0, file);
+ pk_internal->capitalR1 = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalR1, file);
+ pk_internal->gamma = bi_new_ptr();
+ BI_LOAD( pk_internal->gamma, file);
+ pk_internal->capitalGamma = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalGamma, file);
+ pk_internal->rho = bi_new_ptr();
+ BI_LOAD( pk_internal->rho, file);
+ pk_internal->capitalRReceiver = ALLOC_BI_ARRAY();
+ BI_LOAD_ARRAY( pk_internal->capitalRReceiver, file);
+ pk_internal->capitalRIssuer = ALLOC_BI_ARRAY();
+ BI_LOAD_ARRAY( pk_internal->capitalRIssuer, file);
+ pk_internal->capitalY = ALLOC_BI_ARRAY();
+ populate_capitalY( pk_internal);
+ pk_internal->issuerBaseNameLength = read_int( file);
+ read_buffer = read_str( file);
+ pk_internal->issuerBaseName = malloc( pk_internal->issuerBaseNameLength);
+ memcpy( pk_internal->issuerBaseName, read_buffer, pk_internal->issuerBaseNameLength);
+ compute_capitalSprime( pk_internal);
+ return pk_internal;
+}
+
+int
+save_DAA_PK_PROOF_internal(FILE *file, TSS_DAA_PK_PROOF_internal *proof)
+{
+ int i;
+
+#ifdef DAA_DEBUG
+ printf("save_DAA_PK_PROOF_internal");
+#endif
+ fprintf(file, "%d # %s.length\n", proof->length_challenge, "challenge");
+ fprintf(file, "%s\n", dump_byte_array( proof->length_challenge,
+ proof->challenge));
+ fprintf(file, "%d # %s.length\n", proof->length_response, "response");
+ for (i = 0; i < proof->length_response; i++) {
+ BI_SAVE_ARRAY( proof->response[i], file);
+ }
+
+ return 0;
+}
+
+/* load <proof> using <filename> */
+/* allocation of: */
+/* proof->challenge (BYTE*) */
+/* response (bi_array_ptr) */
+TSS_DAA_PK_PROOF_internal *
+load_DAA_PK_PROOF_internal(FILE *file)
+{
+ TSS_DAA_PK_PROOF_internal *proof =
+ (TSS_DAA_PK_PROOF_internal *)malloc(sizeof(TSS_DAA_PK_PROOF_internal));
+ char *read_buffer;
+ int i;
+
+#ifdef DAA_DEBUG
+ printf("load_DAA_PK_PROOF_internal");
+#endif
+ proof->length_challenge = read_int( file);
+ read_buffer = read_str( file);
+ proof->challenge = retrieve_byte_array( &(proof->length_challenge),read_buffer);
+ proof->length_response = read_int( file);
+ proof->response = (bi_array_ptr *)malloc( sizeof(bi_array_ptr) * proof->length_response);
+ for (i = 0; i < proof->length_response; i++) {
+ proof->response[i] = ALLOC_BI_ARRAY();
+ BI_LOAD_ARRAY( proof->response[i], file);
+ }
+ return proof;
+}
+
+TSS_DAA_CRED_ISSUER *
+load_TSS_DAA_CRED_ISSUER(FILE *file)
+{
+ TSS_DAA_CRED_ISSUER *credential =
+ (TSS_DAA_CRED_ISSUER *)malloc(sizeof(TSS_DAA_CRED_ISSUER));
+ char *read_buffer;
+ int i, len;
+
+ init_tss_version( credential);
+ credential->capitalALength = read_int( file);
+ read_buffer = read_str( file);
+ credential->capitalA = retrieve_byte_array( &(credential->capitalALength),
+ read_buffer);
+ credential->eLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->e = retrieve_byte_array( &(credential->eLength),read_buffer);
+ credential->vPrimePrimeLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->vPrimePrime = retrieve_byte_array(&(credential->vPrimePrimeLength),
+ read_buffer);
+ // attributes issuer
+ credential->attributesIssuerLength = read_int( file);
+ credential->attributesIssuer = malloc(credential->attributesIssuerLength*sizeof(BYTE*));
+ for( i=0; i < (int)credential->attributesIssuerLength; i++) {
+ credential->attributesIssuer[i] = retrieve_byte_array( &len, read_buffer);
+ }
+ credential->cPrimeLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->cPrime = retrieve_byte_array( &(credential->cPrimeLength),read_buffer);
+ credential->sELength = read_int( file);
+ read_buffer = read_str( file);
+ credential->sE = retrieve_byte_array( &(credential->sELength),read_buffer);
+ return credential;
+}
+
+int
+save_TSS_DAA_CRED_ISSUER(FILE *file, TSS_DAA_CRED_ISSUER *credential)
+{
+ int i;
+
+ fprintf(file, "%d # %s.length\n", credential->capitalALength, "capitalA");
+ fprintf(file, "%s\n", dump_byte_array( credential->capitalALength,
+ credential->capitalA));
+ fprintf(file, "%d # %s.length\n", credential->eLength, "e");
+ fprintf(file, "%s\n", dump_byte_array( credential->eLength,
+ credential->e));
+ fprintf(file, "%d # %s.length\n", credential->vPrimePrimeLength, "vPrimePrime");
+ fprintf(file, "%s\n", dump_byte_array( credential->vPrimePrimeLength,
+ credential->vPrimePrime));
+ fprintf(file, "%d # %s\n", credential->attributesIssuerLength, "attributesIssuerLength");
+ for( i=0; i < (int)credential->attributesIssuerLength; i++) {
+ fprintf(file, "%s\n", dump_byte_array( DAA_PARAM_SIZE_F_I / 8,
+ credential->attributesIssuer[i]));
+
+ }
+ fprintf(file, "%d # %s.length\n", credential->cPrimeLength, "cPrime");
+ fprintf(file, "%s\n", dump_byte_array( credential->cPrimeLength,
+ credential->cPrime));
+ fprintf(file, "%d # %s.length\n", credential->sELength, "sE");
+ fprintf(file, "%s\n", dump_byte_array( credential->sELength,
+ credential->sE));
+ return 0;
+}
+
+TSS_DAA_CREDENTIAL *
+load_TSS_DAA_CREDENTIAL(FILE *file)
+{
+ TSS_DAA_CREDENTIAL *credential =
+ (TSS_DAA_CREDENTIAL *)malloc(sizeof(TSS_DAA_CREDENTIAL));
+ char *read_buffer;
+ int i, len;
+ TSS_DAA_PK_internal *pk_internal;
+ TSS_DAA_PK *pk;
+
+ init_tss_version( credential);
+ credential->capitalALength = read_int( file);
+ read_buffer = read_str( file);
+ credential->capitalA = retrieve_byte_array( &(credential->capitalALength),
+ read_buffer);
+ credential->exponentLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->exponent = retrieve_byte_array( &(credential->exponentLength),
+ read_buffer);
+ credential->vBar0Length = read_int( file);
+ read_buffer = read_str( file);
+ credential->vBar0 = retrieve_byte_array(&(credential->vBar0Length),
+ read_buffer);
+ credential->vBar1Length = read_int( file);
+ read_buffer = read_str( file);
+ credential->vBar1 = retrieve_byte_array(&(credential->vBar1Length),
+ read_buffer);
+ // attributes issuer
+ credential->attributesLength = read_int( file);
+ printf("attributesLength=%d\n", credential->attributesLength);
+ credential->attributes = malloc(credential->attributesLength * sizeof( BYTE *));
+ for( i=0; i < (int)credential->attributesLength; i++) {
+ read_buffer = read_str( file);
+ credential->attributes[i] = retrieve_byte_array( &len, read_buffer);
+ if( len != DAA_PARAM_SIZE_F_I / 8) {
+ LogError("Error when parsing attributes");
+ LogError("\tattribute length:%d", len);
+ LogError("\texpected length:%d", DAA_PARAM_SIZE_F_I / 8);
+ return NULL;
+ }
+ }
+ pk_internal = load_DAA_PK_internal( file);
+ pk = i_2_e_TSS_DAA_PK( pk_internal, &normal_malloc, (TSS_HOBJECT)NULL);
+ memcpy( &(credential->issuerPK), pk, sizeof(TSS_DAA_PK));
+ free( pk);
+ free_TSS_DAA_PK_internal( pk_internal);
+ credential->tpmSpecificEncLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->tpmSpecificEnc = retrieve_byte_array( &(credential->tpmSpecificEncLength),
+ read_buffer);
+ credential->daaCounter = read_int( file);
+ return credential;
+}
+
+int
+save_TSS_DAA_CREDENTIAL(FILE *file,
+ TSS_DAA_CREDENTIAL *credential)
+{
+ int i;
+ TSS_DAA_PK_internal *pk_internal;
+
+ fprintf(file, "%d # %s.length\n", credential->capitalALength, "capitalA");
+ fprintf(file, "%s\n", dump_byte_array( credential->capitalALength,
+ credential->capitalA));
+ fprintf(file, "%d # %s.length\n", credential->exponentLength, "exponent");
+ fprintf(file, "%s\n", dump_byte_array( credential->exponentLength,
+ credential->exponent));
+ fprintf(file, "%d # %s.length\n", credential->vBar0Length, "vBar0");
+ fprintf(file, "%s\n", dump_byte_array( credential->vBar0Length,
+ credential->vBar0));
+ fprintf(file, "%d # %s.length\n", credential->vBar1Length, "vBar1");
+ fprintf(file, "%s\n", dump_byte_array( credential->vBar1Length,
+ credential->vBar1));
+ fprintf(file, "%d # %s\n", credential->attributesLength, "attributesLength");
+ for( i=0; i < (int)credential->attributesLength; i++) {
+ fprintf(file, "%s\n", dump_byte_array( DAA_PARAM_SIZE_F_I / 8,
+ credential->attributes[i]));
+ }
+ pk_internal = e_2_i_TSS_DAA_PK( &(credential->issuerPK) );
+ save_DAA_PK_internal( file, pk_internal);
+ free_TSS_DAA_PK_internal( pk_internal);
+ fprintf(file, "%d # %s.length\n", credential->tpmSpecificEncLength, "tpmSpecificEnc");
+ fprintf(file, "%s\n", dump_byte_array( credential->tpmSpecificEncLength,
+ credential->tpmSpecificEnc));
+ fprintf(file, "%d # daaCounter\n", credential->daaCounter);
+ return 0;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_debug.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_debug.h
new file mode 100644
index 0000000..368dd3d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_debug.h
@@ -0,0 +1,66 @@
+
+/********************************************************************************************
+ * KEY PAIR WITH PROOF
+ ********************************************************************************************/
+
+typedef struct tdKEY_PAIR_WITH_PROOF_internal {
+ TSS_DAA_PK_internal *pk;
+ DAA_PRIVATE_KEY_internal *private_key;
+ TSS_DAA_PK_PROOF_internal *proof;
+} KEY_PAIR_WITH_PROOF_internal;
+
+int save_KEY_PAIR_WITH_PROOF(
+ FILE *file,
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof
+);
+
+KEY_PAIR_WITH_PROOF_internal *load_KEY_PAIR_WITH_PROOF(
+ FILE *file
+);
+
+TSS_DAA_KEY_PAIR *get_TSS_DAA_KEY_PAIR(
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT param_alloc
+);
+
+
+int save_DAA_PK_internal(
+ FILE *file,
+ const TSS_DAA_PK_internal *pk_internal
+);
+
+TSS_DAA_PK_internal *load_DAA_PK_internal(
+ FILE *file
+);
+
+int save_DAA_PRIVATE_KEY(
+ FILE *file,
+ const DAA_PRIVATE_KEY_internal *private_key
+);
+
+DAA_PRIVATE_KEY_internal *load_DAA_PRIVATE_KEY(
+ FILE *file
+);
+
+int save_DAA_PK_PROOF_internal(
+ FILE *file,
+ TSS_DAA_PK_PROOF_internal *pk_internal
+);
+
+TSS_DAA_PK_PROOF_internal *load_DAA_PK_PROOF_internal(
+ FILE *file
+);
+
+TSS_DAA_CRED_ISSUER *load_TSS_DAA_CRED_ISSUER( FILE *file);
+
+int save_TSS_DAA_CRED_ISSUER( FILE *file, TSS_DAA_CRED_ISSUER *credential);
+
+TSS_DAA_CREDENTIAL *load_TSS_DAA_CREDENTIAL( FILE *file);
+
+int save_TSS_DAA_CREDENTIAL(
+ FILE *file,
+ TSS_DAA_CREDENTIAL *credential
+);
+
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issue_credential.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issue_credential.c
new file mode 100644
index 0000000..4d07b08
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issue_credential.c
@@ -0,0 +1,793 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+// for message digest
+#include <openssl/evp.h>
+
+#include <stdlib.h>
+#include "daa_structs.h"
+#include "daa_parameter.h"
+#include "trousers/tss.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include <trousers/trousers.h>
+#include <spi_utils.h>
+#include <obj.h>
+#include "tsplog.h"
+#include "tss/tcs.h"
+#include "platform.h"
+// to include compute_zeta
+#include "verifier.h"
+
+// from UBigInteger (computePrime)
+// remark: the type bi_t (bi_ptr) can not used a certaintity for probable_prime
+// as used in UbigInteger. (certaintity: DAA_PARAM_SAFETY)
+void compute_prime( bi_ptr e, int length, int interval) {
+ do {
+ bi_urandom( e, interval - 1);
+ bi_setbit( e, length - 1);
+ } while( bi_is_probable_prime( e) == 0);
+}
+
+/*
+ code derived from verifyAuthenticity (IssuerTransaction.java)
+*/
+TSS_RESULT verify_authentificity(TSS_DAA_CREDENTIAL_REQUEST *credentialRequest,
+ TSS_DAA_JOIN_ISSUER_SESSION *joinSession) {
+ EVP_MD_CTX *mdctx;
+ BYTE *modulus_N0_bytes;
+ BYTE *digest_n0;
+ BYTE *contextHash;
+ BYTE *capitalUPrime_bytes;
+ BYTE *hash;
+ UINT32 digest_n0Length, contextHashLength, hashLength, daaCount;
+ bi_ptr capitalUPrime =NULL;
+ bi_ptr modulus_N0 = NULL;
+ TSS_RESULT result = TSS_SUCCESS;
+ char *buffer;
+
+ modulus_N0 = bi_new_ptr();
+ buffer = BN_bn2hex( ((RSA *)joinSession->issuerAuthPK)->n);
+ if( buffer == NULL) {
+ LogError("malloc of hexadecimal representation failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set_as_hex( modulus_N0, buffer);
+ // in TPM, N0 is hashed by hashing the scratch (256 bytes) so it must
+ // be formatted according to the scratch size (TPM_DAA_SIZE_issuerModulus)
+ modulus_N0_bytes = (BYTE *)malloc( TPM_DAA_SIZE_issuerModulus);
+ if (modulus_N0_bytes == NULL) {
+ LogError("malloc of %d bytes failed", TPM_DAA_SIZE_issuerModulus);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_byte_array( modulus_N0_bytes, TPM_DAA_SIZE_issuerModulus, modulus_N0);
+ bi_free_ptr( modulus_N0);
+
+ if( TPM_DAA_SIZE_issuerModulus * 8 != DAA_PARAM_KEY_SIZE) {
+ LogError("TPM_DAA_SIZE_issuerModulus * 8 (%d) != DAA_PARAM_KEY_SIZE(%d)",
+ TPM_DAA_SIZE_issuerModulus*8, DAA_PARAM_KEY_SIZE);
+ return TSS_E_INTERNAL_ERROR;
+ }
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ // digestN0 = hash( modulus_N0) see Appendix B of spec. and TPM join stage 7 and 8
+ EVP_DigestUpdate(mdctx, modulus_N0_bytes, TPM_DAA_SIZE_issuerModulus);
+ digest_n0Length = EVP_MD_CTX_size(mdctx);
+ digest_n0 = (BYTE *)malloc( digest_n0Length);
+ if (digest_n0 == NULL) {
+ LogError("malloc of %d bytes failed", digest_n0Length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ EVP_DigestFinal(mdctx, digest_n0, NULL);
+
+ // test if credentialRequest->authenticationProof =
+ // H( H( U, daaCount, H(n0), joinSession->nonceEncrypted))
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ // enlarge capitalU to 256 (TPM_DAA_SIZE_issuerModulus)
+ // allocation
+ capitalUPrime = bi_set_as_nbin( joinSession->capitalUprimeLength, joinSession->capitalUprime);
+ capitalUPrime_bytes = (BYTE *)malloc( TPM_DAA_SIZE_issuerModulus);
+ if (capitalUPrime_bytes == NULL) {
+ LogError("malloc of %d bytes failed", TPM_DAA_SIZE_issuerModulus);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_byte_array( capitalUPrime_bytes, TPM_DAA_SIZE_issuerModulus, capitalUPrime);
+ EVP_DigestUpdate(mdctx, capitalUPrime_bytes, TPM_DAA_SIZE_issuerModulus);
+ bi_free_ptr( capitalUPrime);
+ daaCount = htonl( joinSession->daaCounter);
+ EVP_DigestUpdate(mdctx, &daaCount, sizeof(UINT32));
+ EVP_DigestUpdate(mdctx, digest_n0, digest_n0Length);
+ contextHashLength = EVP_MD_CTX_size(mdctx);
+ contextHash = (BYTE *)malloc( contextHashLength);
+ if (contextHash == NULL) {
+ LogError("malloc of %d bytes failed", contextHashLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ EVP_DigestFinal(mdctx, contextHash, NULL);
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ LogDebug("PK(0).n=%s", dump_byte_array( TPM_DAA_SIZE_issuerModulus, modulus_N0_bytes));
+ LogDebug("digestN0h=%s", dump_byte_array( digest_n0Length, digest_n0));
+ LogDebug("UPrime=%s", dump_byte_array( TPM_DAA_SIZE_issuerModulus, capitalUPrime_bytes));
+ LogDebug("daaCount=%4x", daaCount);
+
+ LogDebug("contextHash[%d]=%s", contextHashLength, dump_byte_array( contextHashLength, contextHash));
+ EVP_DigestUpdate(mdctx, contextHash, contextHashLength);
+ EVP_DigestUpdate(mdctx, joinSession->nonceEncrypted, joinSession->nonceEncryptedLength);
+ hashLength = EVP_MD_CTX_size(mdctx);
+ hash = (BYTE *)malloc( hashLength);
+ if (hash == NULL) {
+ LogError("malloc of %d bytes failed", hashLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ EVP_DigestFinal(mdctx, hash, NULL);
+ if( credentialRequest->authenticationProofLength != hashLength ||
+ memcmp( credentialRequest->authenticationProof, hash, hashLength) != 0) {
+ LogError("Verification of authenticationProof failed - Step 2.b");
+ LogError("credentialRequest->authenticationProof[%d]=%s",
+ credentialRequest->authenticationProofLength,
+ dump_byte_array( credentialRequest->authenticationProofLength,
+ credentialRequest->authenticationProof));
+ LogError("internal cByte[%d]=%s",
+ hashLength,
+ dump_byte_array( hashLength, hash));
+ result = TSS_E_DAA_AUTHENTICATION_ERROR;
+ goto close;
+ } else
+ LogDebug("verify_authenticity Done:%s",
+ dump_byte_array( hashLength, hash));
+close:
+ EVP_MD_CTX_destroy(mdctx);
+ free( contextHash);
+ free( digest_n0);
+ free( capitalUPrime_bytes);
+ free( hash);
+ return result;
+}
+
+TSS_RESULT
+compute_join_challenge_issuer( TSS_DAA_PK_internal *pk_intern,
+ bi_ptr v_prime_prime,
+ bi_ptr capitalA,
+ bi_ptr capital_Atilde,
+ UINT32 nonceReceiverLength,
+ BYTE *nonceReceiver,
+ UINT32 *c_primeLength,
+ BYTE **c_prime) { // out allocation
+ EVP_MD_CTX *mdctx;
+ BYTE *encoded_pk;
+ BYTE *byte_array;
+ UINT32 encoded_pkLength;
+
+ byte_array = (BYTE *)malloc( DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE / 8); // allocation
+ if (byte_array == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE / 8);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ encoded_pk = encoded_DAA_PK_internal( &encoded_pkLength, pk_intern);
+ EVP_DigestUpdate(mdctx, encoded_pk, encoded_pkLength);
+ LogDebug( "issuerPk: %s", dump_byte_array( encoded_pkLength, encoded_pk));
+ bi_2_byte_array( byte_array, DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE / 8, v_prime_prime);
+ EVP_DigestUpdate(mdctx, byte_array, DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE / 8);
+ LogDebug( "vPrimePrime: %s",
+ dump_byte_array( DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE / 8, byte_array));
+ free( byte_array);
+ // allocation
+ byte_array = (BYTE *)malloc( DAA_PARAM_SIZE_RSA_MODULUS / 8);
+ if (byte_array == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_SIZE_RSA_MODULUS / 8);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ bi_2_byte_array( byte_array, DAA_PARAM_SIZE_RSA_MODULUS / 8, capitalA);
+ EVP_DigestUpdate(mdctx, byte_array, DAA_PARAM_SIZE_RSA_MODULUS / 8);
+ LogDebug( "capitalA: %s", dump_byte_array( DAA_PARAM_SIZE_RSA_MODULUS / 8, byte_array));
+ bi_2_byte_array( byte_array, DAA_PARAM_SIZE_RSA_MODULUS / 8, capital_Atilde);
+ EVP_DigestUpdate(mdctx, byte_array, DAA_PARAM_SIZE_RSA_MODULUS / 8);
+ LogDebug( "capital_Atilde: %s",
+ dump_byte_array( DAA_PARAM_SIZE_RSA_MODULUS / 8, byte_array));
+ EVP_DigestUpdate(mdctx, nonceReceiver, nonceReceiverLength);
+ LogDebug( "nonceReceiver: %s",
+ dump_byte_array( nonceReceiverLength, nonceReceiver));
+ *c_primeLength = EVP_MD_CTX_size(mdctx);
+ *c_prime = (BYTE *)malloc( *c_primeLength);
+ if (*c_prime == NULL) {
+ LogError("malloc of %d bytes failed", *c_primeLength);
+ free( byte_array);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ LogDebug( "c_prime: %s", dump_byte_array( *c_primeLength, *c_prime));
+ EVP_DigestFinal(mdctx, *c_prime, NULL);
+ EVP_MD_CTX_destroy(mdctx);
+ free( byte_array);
+ return TSS_SUCCESS;
+}
+
+// inspired by computeCredentialProof (IssuerTransaction.java)
+TSS_RESULT
+compute_credential_proof( TSS_DAA_PK_internal *pk_intern,
+ bi_ptr capital_A,
+ bi_ptr fraction_A,
+ bi_ptr eInverse,
+ bi_ptr v_prime_prime,
+ bi_ptr productPQprime,
+ UINT32 noncePlatformLength,
+ BYTE *noncePlatform,
+ bi_ptr *c_prime, // out
+ bi_ptr *s_e // out
+) {
+ bi_ptr random_E = bi_new_ptr();
+ bi_ptr capital_Atilde = bi_new_ptr();
+ BYTE *c_prime_bytes;
+ UINT32 c_primeLength;
+
+ bi_urandom( random_E, bi_length( productPQprime) + DAA_PARAM_SAFETY_MARGIN * 8);
+ bi_mod( random_E, random_E, productPQprime);
+ bi_inc( random_E);
+ bi_mod_exp( capital_Atilde, fraction_A, random_E, pk_intern->modulus);
+ compute_join_challenge_issuer( pk_intern,
+ v_prime_prime,
+ capital_A,
+ capital_Atilde,
+ noncePlatformLength,
+ noncePlatform,
+ &c_primeLength,
+ &c_prime_bytes); // allocation
+ *c_prime = bi_set_as_nbin( c_primeLength, c_prime_bytes); // allocation
+ *s_e = bi_new_ptr();
+ bi_mul( *s_e, *c_prime, eInverse);
+ bi_mod( *s_e, *s_e, productPQprime);
+ bi_sub( *s_e, random_E, *s_e);
+ bi_mod( *s_e, *s_e, productPQprime);
+ bi_free_ptr( capital_Atilde);
+ bi_free_ptr( random_E);
+ free( c_prime_bytes);
+ return TSS_SUCCESS;
+}
+
+// from IssuerTransaction.java (joinStep2)
+// stacks: TCGApplication.java (retrieveDAACredential) -> Issuer.java(issueCredential)
+TSPICALL Tspi_DAA_IssueCredential_internal
+(
+ TSS_HDAA hDAA, // in
+ UINT32 attributesIssuerLength, // in
+ BYTE** attributesIssuer, // in
+ TSS_DAA_CREDENTIAL_REQUEST credentialRequest, // in
+ TSS_DAA_JOIN_ISSUER_SESSION joinSession, // in
+ TSS_DAA_CRED_ISSUER* credIssuer // out
+) {
+ TSS_RESULT result = TSS_SUCCESS;
+ TCS_CONTEXT_HANDLE tcsContext;
+ bi_ptr capitalU_hat_prime = NULL;
+ bi_ptr tmp1;
+ bi_ptr tmp2;
+ bi_ptr sa_i;
+ bi_ptr capitalU_prime = NULL;
+ bi_ptr c = NULL;
+ bi_ptr n = NULL;
+ bi_ptr sf0 = NULL;
+ bi_ptr sf1 = NULL;
+ bi_ptr sv_prime = NULL;
+ bi_ptr capitalR0 = NULL;
+ bi_ptr capitalR1 = NULL;
+ bi_ptr capitalS = NULL;
+ bi_ptr capitalU = NULL;
+ bi_ptr capitalU_hat = NULL;
+ bi_ptr capitalN_hat_i = NULL;
+ bi_ptr exp = NULL;
+ bi_ptr product_attr_receiver = NULL;
+ bi_ptr product_attr_issuer = NULL;
+ bi_ptr sv_tilde_prime = NULL;
+ bi_ptr capital_ni = NULL;
+ bi_ptr v_hat = NULL;
+ bi_ptr fraction_A = NULL;
+ bi_ptr capitalA = NULL;
+ bi_ptr e = NULL;
+ bi_ptr eInverse = NULL;
+ bi_ptr v_prime_prime = NULL;
+ bi_ptr c_prime = NULL;
+ bi_ptr s_e = NULL;
+ bi_ptr zeta = NULL;
+ TSS_DAA_PK *daa_pk_extern;
+ TSS_DAA_PK_internal *pk_intern;
+ TSS_DAA_PRIVATE_KEY *private_key;
+ UINT32 i, chLength, challengeLength, length, interval;
+ EVP_MD_CTX *mdctx;
+ BYTE *ch = NULL, *challenge = NULL;
+
+ tmp1 = bi_new_ptr();
+ tmp2 = bi_new_ptr();
+ if( tmp1 == NULL || tmp2 == NULL) {
+ LogError("malloc of BI <%s> failed", "tmp1, tmp2");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ if( (result = obj_daa_get_tsp_context( hDAA, &tcsContext)) != TSS_SUCCESS) goto close;
+ // 1 TODO Check the TPM rogue list
+
+ // 2 verify the authentication proof of the TPM
+ result = verify_authentificity(&credentialRequest, &joinSession);
+ if( result != TSS_SUCCESS) goto close;
+ daa_pk_extern = (TSS_DAA_PK *)(((TSS_DAA_KEY_PAIR *)joinSession.issuerKeyPair)->public_key);
+ pk_intern = e_2_i_TSS_DAA_PK( daa_pk_extern);
+ n = bi_set_as_nbin( daa_pk_extern->modulusLength,
+ daa_pk_extern->modulus); // allocation
+ if( n == NULL) {
+ LogError("malloc of BI <%s> failed", "n");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capitalR0 = bi_set_as_nbin( daa_pk_extern->capitalR0Length,
+ daa_pk_extern->capitalR0); // allocation
+ if( capitalR0 == NULL) {
+ LogError("malloc of BI <%s> failed", "capitalR0");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capitalR1 = bi_set_as_nbin( daa_pk_extern->capitalR1Length,
+ daa_pk_extern->capitalR1); // allocation
+ if( capitalR1 == NULL) {
+ LogError("malloc of BI <%s> failed", "capitalR1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capitalS = bi_set_as_nbin( daa_pk_extern->capitalSLength,
+ daa_pk_extern->capitalS); // allocation
+ if( capitalS == NULL) {
+ LogError("malloc of BI <%s> failed", "capitalS");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capitalU = bi_set_as_nbin( credentialRequest.capitalULength,
+ credentialRequest.capitalU); // allocation
+ if( capitalU == NULL) {
+ LogError("malloc of BI <%s> failed", "capitalU");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ sv_tilde_prime = bi_set_as_nbin( credentialRequest.sVtildePrimeLength,
+ credentialRequest.sVtildePrime); // allocation
+ if( sv_tilde_prime == NULL) {
+ LogError("malloc of BI <%s> failed", "sv_tilde_prime");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capital_ni = bi_set_as_nbin( credentialRequest.capitalNiLength,
+ credentialRequest.capitalNi); // allocation
+ if( capital_ni == NULL) {
+ LogError("malloc of BI <%s> failed", "capital_ni");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // 3 Verify the correctness proof of the credential request
+ // 3.a TODO commitments
+
+ // 3.b
+ capitalU_prime = bi_set_as_nbin( joinSession.capitalUprimeLength,
+ joinSession.capitalUprime); // allocation
+ if( capitalU_prime == NULL) {
+ LogError("malloc of BI <%s> failed", "capitalU_prime");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ sf0 = bi_set_as_nbin( credentialRequest.sF0Length,
+ credentialRequest.sF0); // allocation
+ if( sf0 == NULL) {
+ LogError("malloc of BI <%s> failed", "sf0");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ sf1 = bi_set_as_nbin( credentialRequest.sF1Length,
+ credentialRequest.sF1); // allocation
+ if( sf1 == NULL) {
+ LogError("malloc of BI <%s> failed", "sf1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ sv_prime = bi_set_as_nbin( credentialRequest.sVprimeLength,
+ credentialRequest.sVprime); // allocation
+ if( sv_prime == NULL) {
+ LogError("malloc of BI <%s> failed", "sv_prime");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ c = bi_set_as_nbin( credentialRequest.challengeLength,
+ credentialRequest.challenge); // allocation
+ if( c == NULL) {
+ LogError("malloc of BI <%s> failed", "c");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capitalU_hat_prime = bi_new_ptr();// allocation
+ if( capitalU_hat_prime == NULL) {
+ LogError("malloc of BI <%s> failed", "c");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // capitalU_hat_prime = capitalU_prime ~% n
+ bi_invert_mod( capitalU_hat_prime, capitalU_prime, n);
+ // capitalU_hat_prime = ( capitalU_hat_prime ^ c ) % n
+ bi_mod_exp( capitalU_hat_prime, capitalU_hat_prime, c, n);
+ // capitalU_hat_prime = ( capitalU_hat_prime * ( capitalR0 ^ sf0)) % n
+ bi_mod_exp( tmp1, capitalR0, sf0, n);
+ bi_mul( capitalU_hat_prime, capitalU_hat_prime, tmp1);
+ bi_mod( capitalU_hat_prime, capitalU_hat_prime, n);
+ // capitalU_hat_prime = ( capitalU_hat_prime * ( capitalR1 ^ sf1)) % n
+ bi_mod_exp( tmp1, capitalR1, sf1, n);
+ bi_mul( capitalU_hat_prime, capitalU_hat_prime, tmp1);
+ bi_mod( capitalU_hat_prime, capitalU_hat_prime, n);
+ // capitalU_hat_prime = ( capitalU_hat_prime * ( capitalS ^ sv_prime)) % n
+ bi_mod_exp( tmp1, capitalS, sv_prime, n);
+ bi_mul( capitalU_hat_prime, capitalU_hat_prime, tmp1);
+ bi_mod( capitalU_hat_prime, capitalU_hat_prime, n);
+ // verify blinded encoded attributes of the Receiver
+ product_attr_receiver = bi_new_ptr();
+ bi_set( product_attr_receiver, bi_1);
+ length = ( DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES + 7) / 8;
+ for( i=0; i<credentialRequest.sALength; i++) {
+ sa_i = bi_set_as_nbin( length, credentialRequest.sA[i]); // allocation
+ if( sa_i == NULL) {
+ LogError("malloc of BI <%s> failed", "sa_i");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( tmp1, pk_intern->capitalRReceiver->array[i], sa_i, n);
+ bi_mul( product_attr_receiver, product_attr_receiver, tmp1);
+ bi_mod( product_attr_receiver, product_attr_receiver, n);
+ bi_free_ptr( sa_i);
+ }
+ // tmp1 = ( 1 / capitalU ) % n
+ bi_invert_mod( tmp1, capitalU, n);
+ capitalU_hat = bi_new_ptr();
+ if( capitalU_hat == NULL) {
+ LogError("malloc of BI <%s> failed", "capitalU_hat");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mul( capitalU_hat, capitalU_prime, tmp1);
+ // capitalU_hat = capitalU_prime / capitalU
+ bi_mod( capitalU_hat, capitalU_hat, n);
+ // capital_Uhat = ( (capital_Uhat ^ c ) % n
+ bi_mod_exp( capitalU_hat, capitalU_hat, c, n);
+ // capital_Uhat = ( capital_Uhat * ( capitalS ^ sv_tilde_prime) % n ) % n
+ bi_mod_exp( tmp1, pk_intern->capitalS, sv_tilde_prime, n);
+ bi_mul( capitalU_hat, capitalU_hat, tmp1);
+ bi_mod( capitalU_hat, capitalU_hat, n);
+ bi_mul( capitalU_hat, capitalU_hat, product_attr_receiver);
+ bi_mod( capitalU_hat, capitalU_hat, n);
+ // capital_Nhat_i = (( capital_Ni ~% pk_intern->capitalGamma ) ^ c ) % pk_intern->capitalGamma
+ capitalN_hat_i = bi_new_ptr();
+ bi_invert_mod( capitalN_hat_i, capital_ni, pk_intern->capitalGamma);
+ bi_mod_exp( capitalN_hat_i, capitalN_hat_i, c, pk_intern->capitalGamma);
+ // exp = sf1 << (DAA_PARAM_SIZE_F_I) + sf0
+ exp = bi_new_ptr();
+ if( exp == NULL) {
+ LogError("malloc of BI <%s> failed", "exp");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_shift_left( exp, sf1, DAA_PARAM_SIZE_F_I);
+ bi_add( exp, exp, sf0);
+ zeta = compute_zeta( pk_intern->issuerBaseNameLength,
+ pk_intern->issuerBaseName,
+ pk_intern);
+ // capital_Nhat_i = ( capital_Nhat_i *
+ // ( ( issuer.zeta ^ exp) % pk->capitalGamma) ) % pk->capitalGamma
+ bi_mod_exp( tmp1, zeta, exp, pk_intern->capitalGamma);
+ bi_mul( capitalN_hat_i, capitalN_hat_i, tmp1);
+ bi_mod( capitalN_hat_i, capitalN_hat_i, pk_intern->capitalGamma);
+
+ LogDebug("calculation Uhat: capitalS:%s\n", bi_2_hex_char( pk_intern->capitalS));
+ LogDebug("calculation Uhat: sv_tilde_prime:%s\n", bi_2_hex_char( sv_tilde_prime));
+ LogDebug("calculation Uhat: n:%s\n", bi_2_hex_char( n));
+ LogDebug("calculation Uhat: product_attributes:%s\n", bi_2_hex_char( product_attr_receiver));
+ LogDebug("calculation NhatI: zeta:%s\n", bi_2_hex_char( zeta));
+ LogDebug("calculation NhatI: exp:%s\n", bi_2_hex_char( exp));
+ LogDebug("calculation NhatI: capitalGamma:%s\n", bi_2_hex_char( pk_intern->capitalGamma));
+ // calculate challenge
+ result = compute_join_challenge_host(hDAA,
+ pk_intern,
+ capitalU,
+ capitalU_prime,
+ capitalU_hat,
+ capitalU_hat_prime,
+ capital_ni,
+ capitalN_hat_i,
+ 0, // TODO: commitmentsProofLength
+ NULL, // TODO: commits
+ joinSession.nonceIssuerLength,
+ joinSession.nonceIssuer,
+ &chLength, // out
+ &ch); // out allocation
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("JoinChallengeHost: %s", dump_byte_array( chLength, ch));
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ EVP_DigestUpdate(mdctx, ch, chLength);
+ challengeLength = EVP_MD_CTX_size(mdctx);
+ challenge = (BYTE *)malloc( challengeLength);
+ if( challenge == NULL) {
+ LogError("malloc of %d bytes failed", challengeLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ EVP_DigestUpdate(mdctx, credentialRequest.nonceTpm, credentialRequest.nonceTpmLength);
+ EVP_DigestFinal(mdctx, challenge, NULL);
+ // checks
+ if( credentialRequest.challengeLength != challengeLength ||
+ memcmp( credentialRequest.challenge, challenge, challengeLength)!=0) {
+ LogError("Verification of c failed - Step 3.f.i");
+ LogError("credentialRequest.challenge[%d]=%s",
+ credentialRequest.challengeLength,
+ dump_byte_array( credentialRequest.challengeLength,
+ credentialRequest.challenge));
+ LogError("challenge[%d]=%s",
+ challengeLength,
+ dump_byte_array( challengeLength, challenge));
+ result = TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR;
+ goto close;
+ }
+ // + 1 because the result of ( rA(43 bits) + c(20 bits) * a(13 bits)) can
+ // shift 1 bit above the normal size (43 bits)
+ length = DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES + 1;
+ if( bi_length( sf0) > (long)length) {
+ LogError( "Verification of sF0 failed - Step 3.f.ii");
+ LogError("\tsf0 bits length: %d expected maximum length:%d\n",
+ (int)bi_length( sf0), (int)length);
+ result = TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR;
+ goto close;
+ }
+ if( bi_length( sf1) > (long)length) {
+ LogError( "Verification of sF1 failed - Step 3.f.ii");
+ LogError("\tsf1 length: %d expected maximum length:%d\n",
+ (int)bi_length( sf1), (int)length);
+ result = TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR;
+ goto close;
+ }
+ // blinded attributes
+ length = DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES;
+ for( i=0; i<credentialRequest.sALength; i++) {
+ sa_i = bi_set_as_nbin( ( length + 7) / 8, credentialRequest.sA[i]); // allocation
+ if( sa_i == NULL) {
+ LogError("malloc of BI <%s> failed", "sa_i");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ if( bi_length( sa_i) > (long)length) {
+ LogError("Verification of sA[%d] failed - Step 3.f.ii", i);
+ LogError("sA.length=%d length=%d", (int)bi_length( sa_i), length);
+ result = TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR;
+ goto close;
+ }
+ bi_free_ptr( sa_i);
+ if( result != TSS_SUCCESS) goto close;
+ }
+ length = DAA_PARAM_SIZE_RSA_MODULUS + 2 * DAA_PARAM_SAFETY_MARGIN +
+ DAA_PARAM_SIZE_MESSAGE_DIGEST;
+ if( bi_length( sv_prime) > (int)length) {
+ LogError("Verification of sVprime failed - Step 3.f.iii\n");
+ LogError("\tsv_prime bits length: %d expected maximum length:%d\n",
+ (int)bi_length( sv_prime), (int)length);
+ result = TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR;
+ goto close;
+ }
+ if( bi_nbin_size( sv_tilde_prime) > (int)length) {
+ LogError("Verification of sVtildePrime failed - Step 3.f.iii");
+ LogError("\tsv_tilde_prime bits length: %d expected maximum length:%d\n",
+ (int)bi_length( sv_tilde_prime), (int)length);
+ result = TSS_E_DAA_CREDENTIAL_REQUEST_PROOF_ERROR;
+ goto close;
+ }
+ // compute credential
+ v_hat = bi_new_ptr();
+ if( v_hat == NULL) {
+ LogError("malloc of BI <%s> failed", "v_hat");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_urandom( v_hat, DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE - 1);
+ length = DAA_PARAM_SIZE_EXPONENT_CERTIFICATE;
+ interval = DAA_PARAM_SIZE_INTERVAL_EXPONENT_CERTIFICATE;
+ e = bi_new_ptr();
+ if( e == NULL) {
+ LogError("malloc of BI <%s> failed", "e");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ compute_prime( e, length, interval);
+
+ // v'' = ( 1 << DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE) + v_hat
+ v_prime_prime = bi_new_ptr();
+ bi_shift_left( tmp1, bi_1, DAA_PARAM_SIZE_RND_VALUE_CERTIFICATE - 1);
+ bi_add( v_prime_prime, tmp1, v_hat);
+
+ // fraction_A = (( pk->capitalS ^ v``) % n) * capitalU
+ fraction_A = bi_new_ptr();
+ if( fraction_A == NULL) {
+ LogError("malloc of BI <%s> failed", "fraction_A");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( fraction_A, pk_intern->capitalS, v_prime_prime, n);
+ bi_mul( fraction_A, fraction_A, capitalU);
+ bi_mod( fraction_A, fraction_A, n);
+
+ // encode attributes
+ bi_free_ptr( tmp1);
+ product_attr_issuer = bi_new_ptr();
+ if( product_attr_issuer == NULL) {
+ LogError("malloc of BI <%s> failed", "product_attr_issuer");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( product_attr_issuer, bi_1);
+ for( i=0; i< attributesIssuerLength; i++) {
+ tmp1 = bi_set_as_nbin( DAA_PARAM_SIZE_F_I / 8, attributesIssuer[i]); // allocation
+ bi_mod_exp( tmp2, pk_intern->capitalRIssuer->array[i], tmp1, n);
+ bi_mul( product_attr_issuer, product_attr_issuer, tmp2);
+ bi_mod( product_attr_issuer, product_attr_issuer, n);
+ bi_free_ptr( tmp1);
+ }
+ tmp1 = bi_new_ptr();
+ if( tmp1 == NULL) {
+ LogError("malloc of BI <%s> failed", "tmp1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mul( fraction_A, fraction_A, product_attr_issuer);
+ bi_mod( fraction_A, fraction_A, n);
+
+ bi_invert_mod( fraction_A, fraction_A, n);
+ bi_mul( fraction_A, fraction_A, pk_intern->capitalZ);
+ bi_mod( fraction_A, fraction_A, n);
+
+ private_key = (TSS_DAA_PRIVATE_KEY *)
+ (((TSS_DAA_KEY_PAIR *)joinSession.issuerKeyPair)->private_key);
+ bi_free_ptr( tmp2);
+ tmp2 = bi_set_as_nbin( private_key->productPQprimeLength,
+ private_key->productPQprime); // allocation
+ if( tmp2 == NULL) {
+ LogError("malloc of BI <%s> failed", "tmp2");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ eInverse = bi_new_ptr();
+ if( eInverse == NULL) {
+ LogError("malloc of BI <%s> failed", "eInverse");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_invert_mod( eInverse, e, tmp2);
+ capitalA = bi_new_ptr();
+ if( capitalA == NULL) {
+ LogError("malloc of BI <%s> failed", "capitalA");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug("fraction_A[%ld]=%s", bi_nbin_size( fraction_A), bi_2_hex_char( fraction_A));
+ LogDebug("eInverse[%ld]=%s", bi_nbin_size( eInverse), bi_2_hex_char( eInverse));
+ LogDebug("productPQprime[%ld]=%s", bi_nbin_size( tmp2), bi_2_hex_char( tmp2));
+ LogDebug("eInverse[%ld]=%s", bi_nbin_size( eInverse), bi_2_hex_char( eInverse));
+ LogDebug("e[%ld]=%s", bi_nbin_size( e), bi_2_hex_char( e));
+ LogDebug("n[%ld]=%s", bi_nbin_size( n), bi_2_hex_char( n));
+ bi_mod_exp( capitalA, fraction_A, eInverse, n);
+
+ compute_credential_proof( pk_intern,
+ capitalA,
+ fraction_A,
+ eInverse,
+ v_prime_prime,
+ tmp2, // productPQprime
+ credentialRequest.noncePlatformLength,
+ credentialRequest.noncePlatform,
+ &c_prime, // out: allocation
+ &s_e); // out: allocation
+ // populate credIssuer (TSS_DAA_CRED_ISSUER *)
+ credIssuer->capitalA = calloc_tspi( tcsContext, bi_nbin_size( capitalA));
+ if( credIssuer->capitalA == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( capitalA));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credIssuer->capitalALength), credIssuer->capitalA, capitalA);
+ credIssuer->e = calloc_tspi( tcsContext, bi_nbin_size( e));
+ if( credIssuer->e == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( e));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credIssuer->eLength), credIssuer->e, e);
+ credIssuer->vPrimePrime = calloc_tspi( tcsContext, bi_nbin_size( v_prime_prime));
+ if( credIssuer->vPrimePrime == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( v_prime_prime));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credIssuer->vPrimePrimeLength), credIssuer->vPrimePrime, v_prime_prime);
+ // attributes issuer
+ credIssuer->attributesIssuerLength = attributesIssuerLength;
+ credIssuer->attributesIssuer = calloc_tspi( tcsContext,
+ attributesIssuerLength * sizeof( BYTE *));
+ if( credIssuer->attributesIssuer == NULL) {
+ LogError("malloc of %d bytes failed", attributesIssuerLength * sizeof( BYTE *));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( i=0; i< attributesIssuerLength; i++) {
+ credIssuer->attributesIssuer[i] = calloc_tspi( tcsContext, DAA_PARAM_SIZE_F_I / 8);
+ if( credIssuer->attributesIssuer[i] == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_SIZE_F_I / 8);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ memcpy( credIssuer->attributesIssuer[i], attributesIssuer[i], DAA_PARAM_SIZE_F_I / 8);
+ }
+ credIssuer->cPrime = calloc_tspi( tcsContext, bi_nbin_size( c_prime));
+ if( credIssuer->cPrime == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( c_prime));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credIssuer->cPrimeLength), credIssuer->cPrime, c_prime);
+ credIssuer->sE = calloc_tspi( tcsContext, bi_nbin_size( s_e));
+ if( credIssuer->sE == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( s_e));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credIssuer->sELength), credIssuer->sE, s_e);
+
+close:
+ EVP_MD_CTX_destroy(mdctx);
+ //free_TSS_DAA_PK( daa_pk_extern);
+ if( ch != NULL) free( ch);
+ if( challenge != NULL) free( challenge);
+ FREE_BI( tmp1);
+ FREE_BI( tmp2);
+ FREE_BI( s_e);
+ FREE_BI( c_prime);
+ FREE_BI( capitalA);
+ FREE_BI( v_prime_prime);
+ FREE_BI( eInverse);
+ FREE_BI( e);
+ FREE_BI( fraction_A);
+ FREE_BI( v_hat);
+ FREE_BI( capital_ni);
+ FREE_BI( sv_tilde_prime);
+ FREE_BI( product_attr_receiver);
+ FREE_BI( product_attr_issuer);
+ FREE_BI( capitalU_hat_prime);
+ FREE_BI( capitalU_prime);
+ FREE_BI( sv_prime);
+ FREE_BI( exp);
+ FREE_BI( capitalN_hat_i);
+ FREE_BI( capitalU_hat);
+ FREE_BI( capitalU);
+ FREE_BI( capitalS);
+ FREE_BI( capitalR1);
+ FREE_BI( capitalR0);
+ FREE_BI( sf1);
+ FREE_BI( sf0);
+ FREE_BI( n);
+ FREE_BI( c);
+ FREE_BI( zeta);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issuer_init.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issuer_init.c
new file mode 100644
index 0000000..788bb8d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issuer_init.c
@@ -0,0 +1,142 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+// for message digest
+#include <openssl/evp.h>
+
+#include <stdlib.h>
+#include "daa_structs.h"
+#include "daa_parameter.h"
+#include "trousers/tss.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include <trousers/trousers.h>
+#include <spi_utils.h>
+#include <obj.h>
+#include "tsplog.h"
+#include "tss/tcs.h"
+
+/*
+Verifies if the key is a valid endorsement key of a TPM. (TPM is good)
+return 0 if correct
+ */
+int verify_ek_and_daaCounter(
+ UINT32 endorsementLength,
+ BYTE *endorsementCredential,
+ UINT32 daaCounter
+) {
+ // TODO
+ return 0;
+}
+
+
+TSS_RESULT Tspi_DAA_IssueInit_internal(
+ TSS_HDAA hDAA, // in
+ TSS_HKEY issuerAuthPK, // in
+ TSS_HKEY issuerKeyPair, // in (TSS_DAA_KEY_PAIR *)
+ TSS_DAA_IDENTITY_PROOF identityProof, // in
+ UINT32 capitalUprimeLength, // in
+ BYTE* capitalUprime, // in
+ UINT32 daaCounter, // in
+ UINT32* nonceIssuerLength, // out
+ BYTE** nonceIssuer, // out
+ UINT32* authenticationChallengeLength, // out
+ BYTE** authenticationChallenge, // out
+ TSS_DAA_JOIN_ISSUER_SESSION* joinSession // out
+) {
+ TCS_CONTEXT_HANDLE tcsContext;
+ TSS_RESULT result;
+ BYTE *ne, *buffer;
+ bi_t random;
+ int length_ne;
+
+ if( (result = obj_daa_get_tsp_context( hDAA, &tcsContext)) != TSS_SUCCESS)
+ return result;
+ // 1 & 2 : verify EK (and associated credentials) of the platform
+ if( verify_ek_and_daaCounter( identityProof.endorsementLength,
+ identityProof.endorsementCredential, daaCounter) != 0) {
+ LogError("EK verification failed");
+ return TSS_E_INTERNAL_ERROR;
+ }
+
+ // 3 : choose a random nonce for the platform (ni)
+ bi_new( random);
+ bi_urandom( random, DAA_PARAM_LENGTH_MESSAGE_DIGEST * 8);
+ buffer = bi_2_nbin( nonceIssuerLength, random);
+ if( buffer == NULL) {
+ LogError("malloc of %d bytes failed", *nonceIssuerLength);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ *nonceIssuer = convert_alloc( tcsContext, *nonceIssuerLength, buffer);
+ if (*nonceIssuer == NULL) {
+ LogError("malloc of %d bytes failed", *nonceIssuerLength);
+ free( buffer);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ LogDebug("nonce Issuer[%d:%d]:%s", DAA_PARAM_LENGTH_MESSAGE_DIGEST,
+ *nonceIssuerLength,
+ dump_byte_array( *nonceIssuerLength , *nonceIssuer));
+
+ // 4 : choose a random nonce ne and encrypt it under EK
+ bi_urandom( random, DAA_PARAM_LENGTH_MESSAGE_DIGEST * 8);
+ ne = convert_alloc( tcsContext, length_ne, bi_2_nbin( &length_ne, random));
+ if (ne == NULL) {
+ LogError("malloc of %d bytes failed", length_ne);
+ free( buffer);
+ free( nonceIssuer);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ bi_free( random);
+ *authenticationChallenge = (BYTE *)calloc_tspi( tcsContext, 256); // 256: RSA size
+ if (*authenticationChallenge == NULL) {
+ LogError("malloc of %d bytes failed", 256);
+ free( buffer);
+ free( nonceIssuer);
+ free( ne);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ result = Trspi_RSA_Encrypt(
+ ne, // message to encrypt
+ length_ne, // length message to encrypt
+ *authenticationChallenge, // destination
+ authenticationChallengeLength, // length destination
+ identityProof.endorsementCredential, // public key
+ identityProof.endorsementLength); // public key size
+ if( result != TSS_SUCCESS) {
+ LogError("Can not encrypt the Authentication Challenge");
+ free( buffer);
+ free( nonceIssuer);
+ free( ne);
+ return TSS_E_INTERNAL_ERROR;
+ }
+ LogDebug("authenticationChallenge[%d:%d]:%s", DAA_PARAM_LENGTH_MESSAGE_DIGEST,
+ *authenticationChallengeLength,
+ dump_byte_array( *authenticationChallengeLength , *authenticationChallenge));
+
+ // 5 : save PK, PKDAA, (p', q'), U', daaCounter, ni, ne in joinSession
+ // EK is not a member of joinSession but is already saved in identityProof
+ joinSession->issuerAuthPK = issuerAuthPK;
+ joinSession->issuerKeyPair = issuerKeyPair;
+ memcpy( &(joinSession->identityProof), &identityProof, sizeof(TSS_DAA_IDENTITY_PROOF));
+ joinSession->capitalUprimeLength = capitalUprimeLength;
+ joinSession->capitalUprime = capitalUprime;
+ joinSession->daaCounter = daaCounter;
+ joinSession->nonceIssuerLength = *nonceIssuerLength;
+ joinSession->nonceIssuer = *nonceIssuer;
+ joinSession->nonceEncryptedLength = length_ne;
+ joinSession->nonceEncrypted = ne;
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issuer_setup.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issuer_setup.c
new file mode 100644
index 0000000..44e3679
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/issuer_setup.c
@@ -0,0 +1,166 @@
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include "obj.h"
+// #include "tcslog.h"
+#include "bi.h"
+#include "daa_parameter.h"
+#include "issuer.h"
+
+static char *DEFAULT_FILENAME = "issuer.txt";
+static char *DEFAULT_ISSUER = "IBM-Issuer";
+
+static const int DEFAULT_ISSUER_ATTRIBUTES = 2; // A1 A2
+static const int DEFAULT_RECEIVER_ATTRIBUTES = 3; // A3 A4 A5
+
+int print_usage(char *cmd) {
+ fprintf(stderr, "usage: %s\n", cmd);
+ fprintf(stderr, " \t-npa,\t--nb_platform_attr\tnumber of attributes that the\
+ Platform can choose and which will not be visible to the Issuer (default: %d)\n",
+ DEFAULT_ISSUER_ATTRIBUTES);
+ fprintf(stderr, " \t-nia,\t--nb_issuer_attr\tnumber of attributes that the issuer\
+ can choose and which will be visible to both the Platform and the Issuer(default: %d)\n",
+ DEFAULT_RECEIVER_ATTRIBUTES);
+ fprintf(stderr, " \t-if,\t--issuer_file\tthe file that will contain all key pair\
+ and proof to be used by the issuer (default: %s)\n",
+ DEFAULT_FILENAME);
+ fprintf(stderr, " \t-i,\t--issuer\tissuer identity (default: %s)\n",
+ DEFAULT_ISSUER);
+ return -1;
+}
+
+int main(int argc, char *argv[]) {
+ int nb_platform_attr = DEFAULT_ISSUER_ATTRIBUTES;
+ int nb_issuer_attr = DEFAULT_RECEIVER_ATTRIBUTES;
+ char *filename = DEFAULT_FILENAME;
+ char *issuer = DEFAULT_ISSUER;
+ int i;
+ char *param;
+ TSS_HCONTEXT hContext;
+ TSS_DAA_KEY_PAIR *key_pair;
+ TSS_DAA_PK_PROOF *public_keyproof;
+ TSS_RESULT result;
+ TSS_HDAA hDAA;
+ TSS_DAA_PK_PROOF_internal *public_keyproof_internal;
+ TSS_DAA_PK_internal *pk;
+ TSS_DAA_PRIVATE_KEY *private_key;
+ DAA_PRIVATE_KEY_internal *private_key_internal;
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof;
+
+ printf("Issuer Setup (%s:%s,%s)\n", argv[0], __DATE__, __TIME__);
+ i = 1;
+ while( i < argc) {
+ param = argv[ i];
+ if ( strcmp( param, "-if") == 0 || strcmp( param, "--issuer_file")) {
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ filename = argv[i];
+ } else if( strcmp( param, "-npa") == 0 || strcmp( param, "--nb_platform_attr")) {
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ nb_platform_attr = atoi( argv[i]);
+ } else if( strcmp( param, "-nia") == 0 || strcmp( param, "--nb_issuer_attr")) {
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ nb_issuer_attr = atoi(argv[i]);
+ } else if( strcmp( param, "-i") == 0 || strcmp( param, "--issuer")) {
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ issuer = argv[i];
+ } else {
+ fprintf(stderr, "%s:unrecognized option `%s'\n", argv[0], param);
+ return print_usage( argv[0]);
+ }
+ i++;
+ }
+ bi_init( NULL);
+ // Create Context
+ printf("Create Context\n");
+ result = Tspi_Context_Create( &hContext );
+ if ( result != TSS_SUCCESS )
+ {
+ fprintf( stderr, "Tspi_Context_Create %d\n", result );
+ exit( result );
+ }
+
+ // Connect to Context
+ printf("Connect to the context\n");
+ result = Tspi_Context_Connect( hContext, NULL );
+ if ( result != TSS_SUCCESS )
+ {
+ fprintf( stderr, "Tspi_Context_Connect error:%d\n", result );
+ Tspi_Context_FreeMemory( hContext, NULL );
+ Tspi_Context_Close( hContext );
+ exit( result );
+ }
+ //Create Object
+ result = obj_daa_add( hContext, &hDAA);
+ if (result != TSS_SUCCESS) {
+ goto close;
+ }
+ result = Tspi_DAA_IssueSetup(
+ hDAA, // in
+ strlen( issuer), // in
+ (BYTE *)issuer, // in
+ nb_platform_attr, // in
+ nb_issuer_attr, // in
+ (TSS_HKEY *)&key_pair, // out
+ &public_keyproof); // out
+ if( result != TSS_SUCCESS) goto close;
+
+ // TSS_DAA_KEY_PAIR_internal *key_pair_internal = DAA_KEY_PAIR_2_internal( key_pair);
+ public_keyproof_internal = e_2_i_TSS_DAA_PK_PROOF( public_keyproof);
+ pk = e_2_i_TSS_DAA_PK( key_pair->public_key);
+ private_key = key_pair->private_key;
+ private_key_internal = e_2_i_TSS_DAA_PRIVATE_KEY( private_key);
+ key_pair_with_proof =
+ (KEY_PAIR_WITH_PROOF_internal *)malloc( sizeof(KEY_PAIR_WITH_PROOF_internal));
+ if( key_pair_with_proof == NULL) {
+ fprintf("malloc of %d bytes failed", sizeof(KEY_PAIR_WITH_PROOF_internal));
+ goto close;
+ }
+ key_pair_with_proof->pk = pk;
+ key_pair_with_proof->private_key = private_key_internal;
+ key_pair_with_proof->proof = public_keyproof_internal;
+
+ printf("Saving key pair with proof -> \'%s\'", filename);
+ FILE *file = fopen( filename, "w");
+ if( file == NULL) {
+ fprintf( stderr, "%s: Error when saving \'%s\': %s\n",
+ argv[0],
+ filename,
+ strerror( errno));
+ return -1;
+ }
+ if( save_KEY_PAIR_WITH_PROOF( file, key_pair_with_proof) != 0) {
+ fprintf( stderr, "%s: Error when saving \'%s\': %s\n",
+ argv[0],
+ filename,
+ strerror( errno));
+ return -1;
+ }
+ fclose( file);
+ printf("\nDone.\n");
+close:
+ obj_daa_remove( hDAA, hContext);
+ printf("Closing the context\n");
+ Tspi_Context_FreeMemory( hContext, NULL );
+ Tspi_Context_Close( hContext );
+ bi_release();
+ printf("Result: %d", result);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/key_correctness_proof.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/key_correctness_proof.c
new file mode 100644
index 0000000..d82f2d1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/key_correctness_proof.c
@@ -0,0 +1,516 @@
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+// for little-big endian conversion
+#include <arpa/inet.h>
+// for message digest
+#include <openssl/evp.h>
+
+#include "bi.h"
+
+#include "daa_parameter.h"
+#include "list.h"
+#include "daa_structs.h"
+
+#include "issuer.h"
+
+//standard bit length extension to obtain a uniformly distributed number [0,element]
+static const int SAFETY_PARAM = 80;
+
+static bi_array_ptr get_generators( const TSS_DAA_PK_internal *pk) {
+ bi_array_ptr result = ALLOC_BI_ARRAY();
+ int i;
+
+ bi_new_array( result, 3 + pk->capitalY->length );
+ for(i = 0; i<result->length; i++) {
+ result->array[i] = pk->capitalS;
+ }
+ return result;
+}
+
+static bi_array_ptr get_verifiable_numbers( const TSS_DAA_PK_internal *pk) {
+ bi_array_ptr result = ALLOC_BI_ARRAY();
+ int i;
+
+ bi_new_array( result, 3 + pk->capitalY->length);
+ result->array[0] = pk->capitalZ;
+ result->array[1] = pk->capitalR0;
+ result->array[2] = pk->capitalR1;
+ // CAPITAL Y ( capitalRReceiver + capitalRIssuer)
+ for( i=0; i<pk->capitalY ->length; i++)
+ result->array[ 3+i] = pk->capitalY->array[i];
+ return result;
+}
+
+/* computes an array of random numbers in the range of [1,element] */
+void compute_random_numbers( bi_array_ptr result, int quantity, const bi_ptr element) {
+ int i=0;
+
+ for( i=0; i<quantity; i++) {
+ compute_random_number( result->array[i], element);
+ bi_inc( result->array[i]); // array[i]++
+ }
+}
+
+int test_bit( int pos, BYTE* array, int length) {
+ return (((int)array[ length - (pos / 8) - 1]) & (1 << (pos % 8))) != 0;
+}
+
+void toByteArray( BYTE *result, int length, bi_ptr bi, char *logMsg) {
+ LogDebug("-> toByteArray <%d> %s",(int)bi, logMsg);
+ LogDebug("lenghts <%d|%d>",length, (int)bi_nbin_size(bi));
+ bi_2_byte_array( result, length, bi);
+ LogDebug("<- toByteArray result=%s [<%d|%d>] ",
+ dump_byte_array( length, result),
+ length,
+ (int)bi_nbin_size(bi));
+}
+
+/*
+Compute the message digest used in the proof. (from DAA_Param, the digest
+algorithm is RSA, but this is not available in openssl, the successor of RSA is SHA1
+*/
+TSS_RESULT
+generateMessageDigest(BYTE *md_value,
+ int *md_len,
+ const TSS_DAA_PK_internal *pk,
+ bi_array_ptr *commitments,
+ const int commitments_size
+) {
+ EVP_MD_CTX *mdctx;
+ const EVP_MD *md;
+ int i, j;
+ int length = DAA_PARAM_SIZE_RSA_MODULUS / 8;
+ BYTE *array;
+
+ // 10000 to be sure, and this memory will be released quite quickly
+ array = (BYTE *)malloc( 10000);
+ if (array == NULL) {
+ LogError("malloc of %d bytes failed", 10000);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ OpenSSL_add_all_digests();
+ md = EVP_get_digestbyname( DAA_PARAM_MESSAGE_DIGEST_ALGORITHM);
+ EVP_MD_CTX_create(mdctx);
+ EVP_DigestInit_ex(mdctx, md, NULL);
+#ifdef DAA_DEBUG
+ fprintf(stderr, "modulus=%s\n", bi_2_hex_char( pk->modulus));
+#endif
+ toByteArray( array, length, pk->modulus,
+ "!! [generateMessageDigest modulus] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ toByteArray( array, length, pk->capitalS,
+ "!! [generateMessageDigest capitalS] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ // add capitalZ, capitalR0, capitalR1, capitalY
+ LogDebug("capitalZ capitalR0 capitalY");
+ toByteArray( array, length, pk->capitalZ,
+ "!! [generateMessageDigest capitalZ] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ toByteArray( array, length, pk->capitalR0,
+ "!! [generateMessageDigest capitalR0] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ toByteArray( array, length, pk->capitalR1,
+ "!! [generateMessageDigest capitalR1] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ // CAPITAL Y ( capitalRReceiver )
+ LogDebug("capitalRReceiver");
+ for( i=0; i<pk->capitalRReceiver->length; i++) {
+ toByteArray( array, length, pk->capitalRReceiver->array[i],
+ "!![generateMessageDigest capitalRReceiver] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ }
+ LogDebug("capitalRIssuer");
+ // CAPITAL Y ( capitalRIssuer)
+ for( i=0; i<pk->capitalRIssuer->length; i++) {
+ toByteArray( array, length, pk->capitalRIssuer->array[i],
+ "!![generateMessageDigest capitalRReceiver] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ }
+ LogDebug("commitments");
+ for( i=0; i<commitments_size; i++) {
+ for( j=0; j<commitments[i]->length; j++) {
+ toByteArray( array, length, commitments[i]->array[j],
+ "!! [generateMessageDigest commitments] current_size=%d length=%d\n");
+ EVP_DigestUpdate(mdctx, array , length);
+ }
+ }
+ EVP_DigestFinal_ex(mdctx, md_value, md_len);
+ EVP_MD_CTX_destroy(mdctx);
+ free( array);
+ return TSS_SUCCESS;
+}
+
+int is_range_correct( bi_ptr b, bi_ptr range) {
+ return bi_cmp( b, range) < 0 && bi_cmp( b, bi_0) >= 0;
+}
+
+/*
+Verifies if the parameters Z,R0,R1,RReceiver and RIssuer of the public key
+were correctly computed.
+pk: the public key, which one wants to verfy.
+*/
+TSS_RESULT
+is_pk_correct( TSS_DAA_PK_internal *public_key,
+ TSS_DAA_PK_PROOF_internal *proof,
+ int *isCorrect
+) {
+ int bit_size_message_digest = DAA_PARAM_SIZE_MESSAGE_DIGEST;
+ bi_ptr n = public_key->modulus;
+ int num_of_variables;
+ int i,j;
+ TSS_RESULT result = TSS_SUCCESS;
+ BYTE verifiable_challenge[EVP_MAX_MD_SIZE];
+ int length_challenge;
+ bi_array_ptr verifiable_numbers;
+ bi_array_ptr *verification_commitments = NULL;
+ bi_array_ptr generators = NULL;
+ bi_t tmp;
+ bi_t tmp1;
+#ifdef DAA_DEBUG
+ FILE *f;
+ bi_array_ptr *commitments;
+#endif
+
+ bi_new( tmp);
+ bi_new( tmp1);
+ *isCorrect = 0;
+#ifdef DAA_DEBUG
+ f=fopen("/tmp/commits", "r");
+ commitments = (bi_array_ptr *)malloc( sizeof(bi_array_ptr) * num_of_variables);
+ if (commitments == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(bi_array_ptr) * num_of_variables);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( i=0; i<num_of_variables; i++) {
+ commitments[i] = ALLOC_BI_ARRAY();
+ BI_LOAD_ARRAY( commitments[i], f);
+ }
+ fclose(f);
+ DUMP_BI( n);
+#endif
+ LogDebug("STEP 1 ( Tspi_DAA_IssuerKeyVerification spec.)");
+ if( !bi_is_probable_prime( public_key->capitalGamma)) {
+ LogError( "pk->capitalGamma not prime\ncapitalGamma=\n%s",
+ bi_2_hex_char( public_key->capitalGamma));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( !bi_is_probable_prime( public_key->rho)) {
+ LogError( "pk->rho not prime\nrho=\n%s",
+ bi_2_hex_char( public_key->rho));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ // (capitalGamma - 1) % rho should be equal to 0
+ if( !bi_equals( bi_mod( tmp1, bi_sub( tmp1, public_key->capitalGamma, bi_1),
+ public_key->rho),
+ bi_0)) {
+ LogError( "(capitalGamma - 1) %% rho != 0\nActual value:\n%s",
+ bi_2_hex_char( tmp1));
+ result = TSS_E_BAD_PARAMETER;
+ }
+ // (gamma ^ rho) % capitalGamma should be equals to 1
+ if ( !bi_equals( bi_mod_exp( tmp1, public_key->gamma,
+ public_key->rho,
+ public_key->capitalGamma),
+ bi_1) ) {
+ LogError( "(gamma ^ rho) %% capitalGamma != 1\nActual value:\n%s",
+ bi_2_hex_char( tmp1));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ // (gamma ^ rho) % capitalGamma should be equal to 1
+ if ( !bi_equals( bi_mod_exp( tmp1,
+ public_key->gamma,
+ public_key->rho,
+ public_key->capitalGamma),
+ bi_1) ) {
+ LogError( "(gamma ^ rho) %% capitalGamma != 1\nActual value:\n%s",
+ bi_2_hex_char( tmp1));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ LogDebug("STEP 2 check whether all public key parameters have the required length");
+ if( bi_nbin_size( n) != DAA_PARAM_SIZE_RSA_MODULUS / 8) {
+ LogError( "size( n)[%ld] != DAA_PARAM_SIZE_RSA_MODULUS[%d]",
+ bi_nbin_size( n),
+ DAA_PARAM_SIZE_RSA_MODULUS / 8);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( bi_cmp( n, bi_shift_left( tmp1, bi_1, DAA_PARAM_SIZE_RSA_MODULUS))
+ >= 0) {
+ LogError( "n[%ld] != DAA_PARAM_SIZE_RSA_MODULUS[%d]",
+ bi_nbin_size( n),
+ DAA_PARAM_SIZE_RSA_MODULUS);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( bi_cmp( n, bi_shift_left( tmp1, bi_1, DAA_PARAM_SIZE_RSA_MODULUS - 1 ))
+ <= 0) {
+ LogError( "n[%ld] != DAA_PARAM_SIZE_RSA_MODULUS[%d]",
+ bi_nbin_size( n),
+ DAA_PARAM_SIZE_RSA_MODULUS);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ // rho
+ if( bi_nbin_size( public_key->rho) * 8 != DAA_PARAM_SIZE_RHO) {
+ LogError( "size( rho)[%ld] != DAA_PARAM_SIZE_RHO[%d]",
+ bi_nbin_size( public_key->rho) * 8,
+ DAA_PARAM_SIZE_RHO);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ // Gamma
+ if( bi_nbin_size( public_key->capitalGamma) * 8 != DAA_PARAM_SIZE_MODULUS_GAMMA) {
+ LogError( "size( rho)[%ld] != DAA_PARAM_SIZE_MODULUS_GAMMA[%d]",
+ bi_nbin_size( public_key->capitalGamma) * 8,
+ DAA_PARAM_SIZE_MODULUS_GAMMA);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( is_range_correct( public_key->capitalS, n) == 0) {
+ LogError( "range not correct( pk->capitalS)\ncapitalS=\n%s\nn=\n%s",
+ bi_2_hex_char( public_key->capitalS),
+ bi_2_hex_char( n));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( is_range_correct( public_key->capitalZ, n) == 0) {
+ LogError( "range not correct( pk->capitalZ)\ncapitalZ=\n%s\nn=\n%s",
+ bi_2_hex_char( public_key->capitalZ),
+ bi_2_hex_char( n));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( is_range_correct( public_key->capitalR0, n) == 0) {
+ LogError( "range not correct( pk->capitalR0)\ncapitalR0=\n%s\nn=\n%s",
+ bi_2_hex_char( public_key->capitalR0),
+ bi_2_hex_char( n));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( is_range_correct( public_key->capitalR1, n) == 0) {
+ LogError( "range not correct( pk->capitalR1)\ncapitalR1=\n%s\nn=\n%s",
+ bi_2_hex_char( public_key->capitalR1),
+ bi_2_hex_char( n));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ for( i=0; i<public_key->capitalY->length; i++) {
+ if( is_range_correct( public_key->capitalY->array[i], n) == 0) {
+ LogError( "range not correct(pk->capitalY[%d])\ncapitalY[%d]=\n%s\nn=\n%s",
+ i, i,
+ bi_2_hex_char( public_key->capitalY->array[i]),
+ bi_2_hex_char( n));
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ }
+ LogDebug("STEP 3 - compute verification commitments");
+ // only the array is allocated, but all refs are pointing to public_key numbers
+ generators = get_generators( public_key);
+ verifiable_numbers = get_verifiable_numbers( public_key);
+ num_of_variables = verifiable_numbers->length;
+ verification_commitments = (bi_array_ptr *)malloc( sizeof(bi_array_ptr)*num_of_variables);
+ if (verification_commitments == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(bi_array_ptr)*num_of_variables);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( i = 0; i<num_of_variables; i++) {
+ verification_commitments[i] = ALLOC_BI_ARRAY();
+ bi_new_array( verification_commitments[i], bit_size_message_digest);
+ for( j = 0; j<bit_size_message_digest; j++) {
+#ifdef DAA_DEBUG
+ printf( "[# i=%d j=%d test_bit:%d]",
+ i, j, test_bit( j, proof->challenge, proof->length_challenge));
+#endif
+ bi_mod_exp( verification_commitments[i]->array[j],
+ generators->array[i],
+ proof->response[i]->array[j], n);
+ if( test_bit( j, proof->challenge, proof->length_challenge)) {
+ bi_mul( verification_commitments[i]->array[j],
+ verification_commitments[i]->array[j],
+ verifiable_numbers->array[i]);
+#ifdef DAA_DEBUG
+ DUMP_BI( verification_commitments[i]->array[j]);
+#endif
+ bi_mod( verification_commitments[i]->array[j],
+ verification_commitments[i]->array[j],
+ n);
+ }
+#ifdef DAA_DEBUG
+ if( commitments != NULL &&
+ bi_equals( verification_commitments[i]->array[j],
+ commitments[i]->array[j]) ==0) {
+ LogError( "!! ERROR i=%d j=%d\n", i, j);
+ DUMP_BI( commitments[i]->array[j]);
+ DUMP_BI( verification_commitments[i]->array[j]);
+ DUMP_BI( generators->array[i]);
+ DUMP_BI( proof->response[i]->array[j]);
+ DUMP_BI( verifiable_numbers->array[i]);
+ }
+ printf( "o"); fflush( stdout);
+#endif
+ }
+ }
+ // STEP 3 - d
+ generateMessageDigest( verifiable_challenge,
+ &length_challenge,
+ public_key,
+ verification_commitments,
+ num_of_variables);
+ LogDebug("verifiable challenge=%s",
+ dump_byte_array( length_challenge, verifiable_challenge));
+ LogDebug(" challenge=%s",
+ dump_byte_array( proof->length_challenge, proof->challenge));
+ if( length_challenge != proof->length_challenge) {
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ for( i=0; i<length_challenge; i++) {
+ if( verifiable_challenge[i] != proof->challenge[i]) {
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ }
+ *isCorrect = ( memcmp( verifiable_challenge, proof->challenge, length_challenge) == 0);
+close:
+ if( verification_commitments != NULL) {
+ for( i = 0; i<num_of_variables; i++) {
+ bi_free_array( verification_commitments[i]);
+ }
+ free( verification_commitments);
+ }
+ if( generators != NULL) free( generators);
+ bi_free( tmp1);
+ bi_free( tmp);
+ return result;
+}
+
+
+TSS_DAA_PK_PROOF_internal *generate_proof(const bi_ptr product_PQ_prime,
+ const TSS_DAA_PK_internal *public_key,
+ const bi_ptr xz,
+ const bi_ptr x0,
+ const bi_ptr x1,
+ bi_array_ptr x
+) {
+ int i, j;
+ bi_array_ptr generators = get_generators( public_key);
+ bi_ptr n = public_key->modulus;
+ int num_of_variables;
+ int bit_size_message_digest = DAA_PARAM_SIZE_MESSAGE_DIGEST;
+ bi_array_ptr *xTildes = NULL;
+ BYTE *challenge_param;
+
+ bi_array_ptr exponents = ALLOC_BI_ARRAY();
+ bi_new_array2( exponents, 3 + x->length);
+ exponents->array[0] = xz; exponents->array[1] = x0; exponents->array[2] = x1;
+ bi_copy_array( x, 0, exponents, 3, x->length);
+ num_of_variables = exponents->length;
+ LogDebug("Step a - choose random numbers");
+ LogDebug("\nchoose random numbers\n");
+ xTildes = (bi_array_ptr *)malloc( sizeof(bi_array_ptr) * num_of_variables);
+ if (xTildes == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(bi_array_ptr) * num_of_variables);
+ return NULL;
+ }
+ for( i=0; i<num_of_variables; i++) {
+#ifdef DAA_DEBUG
+ printf("*");
+ fflush(stdout);
+#endif
+ xTildes[i] = ALLOC_BI_ARRAY();
+ bi_new_array( xTildes[i], bit_size_message_digest);
+ compute_random_numbers( xTildes[i], bit_size_message_digest, product_PQ_prime);
+ }
+ // Compute commitments
+ LogDebug("\ncompute commitments");
+ bi_array_ptr *commitments =
+ (bi_array_ptr *)malloc( sizeof(bi_array_ptr) * num_of_variables);
+ if (commitments == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(bi_array_ptr) * num_of_variables);
+ return NULL;
+ }
+ for( i=0; i<num_of_variables; i++) {
+ commitments[i] = ALLOC_BI_ARRAY();
+ bi_new_array( commitments[i], bit_size_message_digest);
+ for( j=0; j<bit_size_message_digest; j++) {
+#ifdef DAA_DEBUG
+ printf("#");
+ fflush(stdout);
+#endif
+ bi_mod_exp( commitments[i]->array[j],
+ generators->array[i],
+ xTildes[i]->array[j],
+ n);
+ }
+ }
+#ifdef DAA_DEBUG
+ FILE *f=fopen("/tmp/commits", "w");
+ for( i=0; i<num_of_variables; i++) {
+ BI_SAVE_ARRAY( commitments[i], f);
+ }
+ fclose(f);
+#endif
+ LogDebug("Step b: compute challenge (message digest)");
+ BYTE challenge[EVP_MAX_MD_SIZE];
+ int length_challenge;
+ generateMessageDigest( challenge,
+ &length_challenge,
+ public_key,
+ commitments,
+ num_of_variables);
+ // STEP c - compute response
+ LogDebug("Step c: compute response\n");
+ bi_array_ptr *response = (bi_array_ptr *)malloc( sizeof(bi_array_ptr) * num_of_variables);
+ if (response == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(bi_array_ptr) * num_of_variables);
+ return NULL;
+ }
+ for( i=0; i<num_of_variables; i++) {
+ response[i] = ALLOC_BI_ARRAY();
+ bi_new_array( response[i], bit_size_message_digest);
+ for( j=0; j<bit_size_message_digest; j++) {
+ if( test_bit( j, challenge, length_challenge)) {
+ bi_sub( response[i]->array[j],
+ xTildes[i]->array[j],
+ exponents->array[i]);
+ } else {
+ bi_set( response[i]->array[j],
+ xTildes[i]->array[j]);
+ }
+ bi_mod( response[i]->array[j], response[i]->array[j], product_PQ_prime);
+#ifdef DAA_DEBUG
+ printf("#");
+ fflush(stdout);
+#endif
+ }
+ }
+ challenge_param = (BYTE *)malloc( length_challenge);
+ if (challenge_param == NULL) {
+ LogError("malloc of %d bytes failed", length_challenge);
+ return NULL;
+ }
+ memcpy( challenge_param, challenge, length_challenge);
+
+ return create_DAA_PK_PROOF( challenge_param,
+ length_challenge,
+ response,
+ num_of_variables);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/key_verification.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/key_verification.c
new file mode 100644
index 0000000..d7584f0
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/key_verification.c
@@ -0,0 +1,147 @@
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+#include <trousers/tss.h>
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include "obj.h"
+#include "issuer.h"
+
+static char *DEFAULT_FILENAME = "issuer.txt";
+
+//static TSS_HCONTEXT _hContext;
+
+static void *intern_alloc( size_t size, TSS_HOBJECT param_alloc) {
+ // void *ret = calloc_tspi( , size);
+ void *ret = malloc( size);
+ LogDebug("[intern_alloc (%d)] -> %d", (int)size, (int)ret);
+ return ret;
+}
+
+void isCorrect( TSS_HDAA hDAA,
+ TSS_DAA_PK_internal *pk_internal,
+ TSS_DAA_PK_PROOF_internal *proof_internal)
+{
+ TSS_BOOL isCorrect;
+ TSS_RESULT result;
+ TSS_DAA_PK *pk;
+ TSS_DAA_PK_PROOF *pk_proof;
+
+ pk = i_2_e_TSS_DAA_PK( pk_internal, &intern_alloc, (TSS_HOBJECT)NULL);
+ pk_proof = i_2_e_TSS_DAA_PK_PROOF( proof_internal,
+ &intern_alloc,
+ (TSS_HOBJECT)NULL);
+ result = Tspi_DAA_IssuerKeyVerification( hDAA,
+ (TSS_HKEY)pk,
+ pk_proof,
+ &isCorrect);
+ if ( result != TSS_SUCCESS ) {
+ fprintf( stderr, "Tspi_DAA_IssuerKeyVerification error: %d\n", result );
+ }
+ free_TSS_DAA_PK( pk);
+ printf("isCorrect=%d\n", isCorrect);
+}
+
+int print_usage(char *cmd) {
+ fprintf(stderr, "usage: %s\n", cmd);
+ fprintf(stderr, "\t-if,\t--issuer_file\tthe file that will contain\
+ all key pair and proof to be used by the issuer (default: %s)\n", DEFAULT_FILENAME);
+ return -1;
+}
+
+int main(int argc, char *argv[]) {
+ char *filename = DEFAULT_FILENAME;
+ int i=1;
+ char *param;
+ TSS_RESULT result;
+ TSS_HCONTEXT hContext;
+ TSS_HDAA hDAA;
+ FILE *file;
+
+// foreground = 1; // for debug
+ printf("Key Verification (%s:%s,%s)\n", argv[0], __DATE__, __TIME__);
+ while( i < argc) {
+ param = argv[ i];
+ if( strcmp( param, "-if") == 0 || strcmp( param, "--issuer_file")) {
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ filename = argv[i];
+ } else {
+ fprintf(stderr, "%s:unrecognized option `%s'\n", argv[0], param);
+ return print_usage( argv[0]);
+ }
+ i++;
+ }
+ bi_init( NULL);
+ printf("Loading issuer info (keypair & proof) -> \'%s\'", filename);
+ file = fopen( filename, "r");
+ if( file == NULL) {
+ fprintf( stderr,
+ "%s: Error when opening \'%s\': %s\n",
+ argv[0],
+ filename,
+ strerror( errno));
+ return -1;
+ }
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof = load_KEY_PAIR_WITH_PROOF( file);
+ if( key_pair_with_proof == NULL) {
+ fprintf( stderr,
+ "%s: Error when reading \'%s\': %s\n",
+ argv[0],
+ filename,
+ strerror( errno));
+ return -1;
+ }
+ fclose( file);
+
+ // Create Context
+ printf("\nCreate Context\n");
+ result = Tspi_Context_Create( &hContext );
+ if ( result != TSS_SUCCESS )
+ {
+ fprintf( stderr, "Tspi_Context_Create %d\n", result );
+ exit( result );
+ }
+
+ // Connect to Context
+ printf("\nConnect to the context\n");
+ result = Tspi_Context_Connect( hContext, NULL );
+ if ( result != TSS_SUCCESS )
+ {
+ fprintf( stderr, "Tspi_Context_Connect error:%d\n", result );
+ Tspi_Context_FreeMemory( hContext, NULL );
+ Tspi_Context_Close( hContext );
+ exit( result );
+ }
+
+ //TODO save key in the persistent store
+ // result = ps_write_key( fd, )
+
+ //Create Object
+ result = obj_daa_add( hContext, &hDAA);
+ if (result != TSS_SUCCESS) {
+ LogError("Tspi_Context_CreateObject:%d", result);
+ Tspi_Context_Close(hContext);
+ LogError("issuer_setup: %s", err_string(result));
+ exit(result);
+ }
+
+ // TSS_HDAA, TSS_HKEY, TSS_DAA_PK_PROOF, TSS_BOOL*
+ isCorrect( hDAA, key_pair_with_proof->pk, key_pair_with_proof->proof);
+ obj_daa_remove( hDAA, hContext);
+ printf("\nClosing the context\n");
+ Tspi_Context_FreeMemory( hContext, NULL );
+ Tspi_Context_Close( hContext );
+ exit( 0 );
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/keypair_generator.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/keypair_generator.c
new file mode 100644
index 0000000..9a67254
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/keypair_generator.c
@@ -0,0 +1,397 @@
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+
+#include "bi.h"
+#include "list.h"
+#include "daa_structs.h"
+#include "daa_parameter.h"
+#include "issuer.h"
+
+static const int ELEMENT = 0;
+static const int EXPONENT = 1;
+
+extern void prime_init();
+extern void compute_safe_prime(bi_ptr result, int bit_length, int prime_certainty);
+
+bi_ptr
+compute_random_number_star( bi_ptr result, const bi_ptr element)
+{
+ bi_t bi_tmp;
+
+ bi_new(bi_tmp);
+ do {
+ compute_random_number(result, element);
+ } while (!bi_equals_si(bi_gcd(bi_tmp, result, element), 1));
+
+ bi_free(bi_tmp);
+
+ return result;
+}
+
+/* Compute a generator of the group of quadratic residue modulo n. The
+ * generator will not be part of the subgroup of size 2.
+ * n: modulus */
+void
+compute_generator_quadratic_residue(bi_t qr, bi_t n)
+{
+ bi_t bi_tmp, bi_tmp1;
+
+ bi_new(bi_tmp);
+ bi_new(bi_tmp1);
+
+ do {
+ compute_random_number(qr, n);
+ // qr = (qr ^ bi_2) % n
+ bi_mod_exp(qr, qr, bi_2, n);
+ } while (bi_cmp_si(qr, 1) == 0 ||
+ bi_cmp_si(bi_gcd(bi_tmp, n, bi_sub_si(bi_tmp1, qr, 1)), 1) != 0);
+
+ bi_free(bi_tmp);
+ bi_free(bi_tmp1);
+}
+
+void
+compute_group_element(bi_ptr result[],
+ bi_ptr generator,
+ bi_ptr product_PQprime,
+ bi_ptr n)
+{
+ bi_t bi_tmp;
+
+ bi_new(bi_tmp);
+ compute_random_number(bi_tmp, product_PQprime);
+
+ // bi_tmp++
+ bi_inc(bi_tmp);
+
+ // result[ELEMENT] := (generator ^ bi_tmp) mod n
+ bi_mod_exp(result[ELEMENT], generator, bi_tmp, n);
+ bi_set(result[EXPONENT], bi_tmp);
+ bi_free(bi_tmp);
+}
+
+
+TSS_RESULT
+generate_key_pair(UINT32 num_attributes_issuer,
+ UINT32 num_attributes_receiver,
+ UINT32 base_nameLength,
+ BYTE* base_name,
+ KEY_PAIR_WITH_PROOF_internal** key_pair_with_proof)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ int length_mod = DAA_PARAM_SIZE_RSA_MODULUS;
+ int length;
+ int i;
+ TSS_DAA_PK_internal *public_key = NULL;
+ BYTE *buffer = NULL;
+ bi_ptr pPrime = NULL;
+ bi_ptr qPrime = NULL;
+ bi_ptr n = NULL;
+ bi_ptr p = NULL;
+ bi_ptr q = NULL;
+ bi_ptr capital_s = NULL;
+ bi_ptr capital_z = NULL;
+ bi_ptr product_PQprime = NULL;
+ bi_ptr pair[2] = {NULL, NULL};
+ bi_ptr xz = NULL;
+ bi_ptr capital_r0 = NULL;
+ bi_ptr x0 = NULL;
+ bi_ptr capital_r1 = NULL;
+ bi_ptr x1 = NULL;
+ bi_array_ptr x = NULL;
+ bi_array_ptr capital_r = NULL;
+ bi_array_ptr capitalRReceiver = NULL;
+ bi_array_ptr capitalRIssuer = NULL;
+ bi_ptr gamma = NULL;
+ bi_ptr capital_gamma = NULL;
+ bi_ptr rho = NULL;
+ bi_ptr r = NULL;
+ bi_ptr rho_double = NULL;
+ bi_t bi_tmp, bi_tmp1, bi_tmp2;
+
+ bi_new(bi_tmp);
+ bi_new(bi_tmp1);
+ bi_new(bi_tmp2);
+ *key_pair_with_proof = NULL;
+
+ // STEP 1
+ LogDebug("Step 1 of 8 - compute modulus n (please wait: long process)\n");
+
+ // FUTURE USAGE if( IS_DEBUG==0)
+ prime_init();
+ p = bi_new_ptr();
+ q = bi_new_ptr();
+ n = bi_new_ptr();
+
+ do {
+ // FUTURE USAGE
+ /* compute_safe_prime( p, length_mod / 2);
+ do {
+ compute_safe_prime( q,
+ length_mod - (length_mod >> 1));
+ } while( bi_cmp( p, q) ==0);
+ } else */
+ {
+ bi_generate_safe_prime(p, length_mod / 2);
+ bi_generate_safe_prime(q, length_mod - (length_mod / 2));
+ LogDebug(".");
+ }
+ // n = p*q
+ bi_mul(n, p, q);
+ } while(bi_length(n) != length_mod);
+
+ pPrime = bi_new_ptr();
+ bi_sub(pPrime, p, bi_1);
+
+ // pPrime = (p - 1) >> 1
+ bi_shift_right(pPrime, pPrime, 1);
+ qPrime = bi_new_ptr();
+ bi_sub(qPrime, q, bi_1);
+
+ // qPrime = (q - 1) >> 1
+ bi_shift_right( qPrime, qPrime, 1);
+ if (bi_is_probable_prime(pPrime) == 0) {
+ LogError("!! pPrime not a prime number: %s", bi_2_hex_char(pPrime));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto close;
+ }
+ if (bi_is_probable_prime(qPrime) == 0) {
+ LogError("!! qPrime not a prime number: %s", bi_2_hex_char(qPrime));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto close;
+ }
+ LogDebug("p=%s", bi_2_hex_char(p));
+ LogDebug("q=%s", bi_2_hex_char(q));
+ LogDebug("n=%s", bi_2_hex_char(n));
+
+ // STEP 2
+ LogDebug("Step 2 - choose random generator of QR_n");
+ capital_s = bi_new_ptr();
+ compute_generator_quadratic_residue(capital_s, n);
+ LogDebug("capital_s=%s", bi_2_hex_char(capital_s));
+
+ // STEP 3 & 4
+ LogDebug("Step 3 & 4 - compute group elements");
+ product_PQprime = bi_new_ptr();
+ bi_mul( product_PQprime, pPrime, qPrime);
+ pair[ELEMENT] = bi_new_ptr();
+ pair[EXPONENT] = bi_new_ptr();
+
+ LogDebug("product_PQprime=%s [%ld]", bi_2_hex_char(product_PQprime),
+ bi_nbin_size(product_PQprime));
+
+ compute_group_element(pair, capital_s, product_PQprime, n);
+ capital_z = bi_new_ptr();
+ bi_set(capital_z, pair[ELEMENT]);
+ xz = bi_new_ptr();
+ bi_set(xz, pair[EXPONENT]);
+
+ // attributes bases
+ compute_group_element(pair, capital_s, product_PQprime, n);
+ capital_r0 = bi_new_ptr();
+ bi_set(capital_r0, pair[ELEMENT]);
+ x0 = bi_new_ptr();
+ bi_set(x0, pair[EXPONENT]);
+
+ compute_group_element(pair, capital_s, product_PQprime, n);
+ capital_r1 = bi_new_ptr();
+ bi_set(capital_r1, pair[ELEMENT]);
+ x1 = bi_new_ptr();
+ bi_set(x1, pair[EXPONENT]);
+
+ // additional attribute bases
+ length = num_attributes_issuer + num_attributes_receiver;
+ x = ALLOC_BI_ARRAY();
+ bi_new_array(x, length);
+ capital_r = ALLOC_BI_ARRAY();
+ bi_new_array(capital_r, length);
+
+ for (i = 0; i < length; i++) {
+ compute_group_element(pair, capital_s, product_PQprime, n);
+ bi_set(capital_r->array[i], pair[ELEMENT]);
+ bi_set(x->array[i], pair[EXPONENT]);
+ }
+
+ // split capitalR into Receiver and Issuer part
+ capitalRReceiver = ALLOC_BI_ARRAY();
+ bi_new_array2(capitalRReceiver, num_attributes_receiver);
+ for (i = 0; i < num_attributes_receiver; i++)
+ capitalRReceiver->array[i] = capital_r->array[i];
+ capitalRIssuer = ALLOC_BI_ARRAY();
+ bi_new_array2(capitalRIssuer, num_attributes_issuer);
+ for (i = 0; i < num_attributes_issuer; i++)
+ capitalRIssuer->array[i] = capital_r->array[i + num_attributes_receiver];
+
+ // STEP 6a
+ LogDebug("Step 6");
+ gamma = bi_new_ptr();
+ capital_gamma = bi_new_ptr();
+ rho = bi_new_ptr();
+ r = bi_new_ptr();
+ rho_double = bi_new_ptr();
+
+ bi_generate_prime(rho, DAA_PARAM_SIZE_RHO);
+ if (bi_length(rho) != DAA_PARAM_SIZE_RHO) {
+ LogError("rho bit length=%ld", bi_length(rho));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto close;
+ }
+
+ do {
+ length = DAA_PARAM_SIZE_MODULUS_GAMMA - DAA_PARAM_SIZE_RHO;
+ do {
+ bi_urandom(r, length);
+ } while(bi_length(r) != length || bi_equals_si(bi_mod(bi_tmp, r, rho), 0));
+
+ // rho is not a dividor of r
+ bi_mul( capital_gamma, rho, r);
+ // capital_gamma ++
+ bi_inc( capital_gamma);
+#ifdef DAA_DEBUG
+ if (bi_length(capital_gamma) != DAA_PARAM_SIZE_MODULUS_GAMMA) {
+ printf("|"); fflush(stdout);
+ } else {
+ printf("."); fflush(stdout);
+ }
+#endif
+ } while (bi_length(capital_gamma) != DAA_PARAM_SIZE_MODULUS_GAMMA ||
+ bi_is_probable_prime(capital_gamma) == 0 );
+
+ // STEP 6b
+ if (bi_equals(bi_sub_si(bi_tmp, capital_gamma, 1),
+ bi_mod(bi_tmp1, bi_mul(bi_tmp2, rho, r), n)) == 0) {
+ LogWarn("capital_gamma-1 != (rho * r) mod n tmp=%s tmp1=%s",
+ bi_2_hex_char(bi_tmp), bi_2_hex_char(bi_tmp1));
+ }
+
+ if (bi_equals(bi_div(bi_tmp, bi_sub_si(bi_tmp1, capital_gamma, 1), rho), r ) == 0) {
+ LogWarn("( capital_gamma - 1)/rho != r");
+ }
+
+ LogDebug("capital_gamma=%s\n", bi_2_hex_char(capital_gamma));
+ do {
+ compute_random_number_star(gamma, capital_gamma);
+ // gamma = (gamma ^ r) mod capital_gamma
+ bi_mod_exp(gamma, gamma, r, capital_gamma);
+ } while (bi_equals(gamma, bi_1));
+ // STEP 7
+ buffer = (BYTE *)malloc(base_nameLength);
+ if (buffer == NULL) {
+ LogError("malloc of %u bytes failed", base_nameLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ memcpy(buffer, base_name, base_nameLength);
+ // all fields are linked to the struct with direct reference
+ public_key = create_DAA_PK(n, capital_s, capital_z, capital_r0, capital_r1, gamma,
+ capital_gamma, rho, capitalRReceiver, capitalRIssuer,
+ base_nameLength, buffer);
+
+ // STEP 8
+ // TODO dynamically load DAAKeyCorrectnessProof
+ LogDebug("Step 8: generate proof (please wait: long process)");
+ TSS_DAA_PK_PROOF_internal *correctness_proof = generate_proof(product_PQprime, public_key,
+ xz, x0, x1, x);
+ if (correctness_proof == NULL) {
+ LogError("creation of correctness_proof failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+
+ *key_pair_with_proof = (KEY_PAIR_WITH_PROOF_internal *)
+ malloc(sizeof(KEY_PAIR_WITH_PROOF_internal));
+ if (*key_pair_with_proof == NULL) {
+ LogError("malloc of %zd bytes failed", sizeof(KEY_PAIR_WITH_PROOF_internal));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+
+ (*key_pair_with_proof)->pk = public_key;
+ (*key_pair_with_proof)->proof = correctness_proof;
+ // all fields are linked to the struct with direct reference
+ (*key_pair_with_proof)->private_key = create_TSS_DAA_PRIVATE_KEY(pPrime, qPrime);
+close:
+ if (result != TSS_SUCCESS) {
+ // remove everything, even numbers that should be stored in a struct
+ FREE_BI(pPrime); // kept if no error
+ FREE_BI(qPrime); // kept if no error
+ FREE_BI(n); // kept if no error
+ // FREE_BI( p);
+ // FREE_BI( q);
+ FREE_BI(capital_s); // kept if no error
+ FREE_BI(capital_z); // kept if no error
+ // FREE_BI(product_PQprime);
+ // FREE_BI(pair[ELEMENT]);
+ // FREE_BI(pair[EXPONENT]);
+ // FREE_BI(xz);
+ FREE_BI(capital_r0); // kept if no error
+ // FREE_BI(x0);
+ FREE_BI(capital_r1); // kept if no error
+ // FREE_BI( x1);
+ // bi_array_ptr x = NULL;
+ // bi_array_ptr capital_r = NULL;
+ // bi_array_ptr capitalRReceiver = NULL;
+ // bi_array_ptr capitalRIssuer = NULL;
+ FREE_BI( gamma); // kept if no error
+ FREE_BI( capital_gamma); // kept if no error
+ FREE_BI( rho); // kept if no error
+ // FREE_BI( r);
+ // FREE_BI( rho_double);
+ if (buffer!=NULL)
+ free(buffer);
+
+ if (public_key != NULL)
+ free(public_key);
+
+ if (*key_pair_with_proof != NULL)
+ free(*key_pair_with_proof);
+ }
+ /*
+ Fields kept by structures
+ TSS_DAA_PK: n
+ capital_s
+ capital_z
+ capital_r0
+ capital_r1
+ gamma
+ capital_gamma
+ rho
+ capitalRReceiver
+ capitalRIssuer
+ base_nameLength
+ buffer
+ TSS_DAA_PRIVATE_KEY:
+ pPrime
+ qPrime
+ */
+ bi_free(bi_tmp);
+ bi_free(bi_tmp1);
+ bi_free(bi_tmp2);
+ FREE_BI(p);
+ FREE_BI(q);
+ FREE_BI(product_PQprime);
+ FREE_BI(pair[ELEMENT]);
+ FREE_BI(pair[EXPONENT]);
+ FREE_BI(xz);
+ FREE_BI(x0);
+ FREE_BI(x0);
+ // bi_array_ptr x = NULL;
+ // bi_array_ptr capital_r = NULL;
+ // bi_array_ptr capitalRReceiver = NULL;
+ // bi_array_ptr capitalRIssuer = NULL;
+ FREE_BI(r);
+ FREE_BI(rho_double);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/prime_gen.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/prime_gen.c
new file mode 100644
index 0000000..27c4026
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_issuer/prime_gen.c
@@ -0,0 +1,327 @@
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2005
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "bi.h"
+#include "list.h"
+#include "tsplog.h"
+
+static unsigned long *primes;
+static int primes_length;
+
+/* Generates a random number of bit_length bit length. The first two bits and the last bit of this
+ * number are always set, therefore the number is odd and >= (2^(bit_length-1)+2^(bit_length-2)+1)
+ *
+ * bit_length: The length of the number to be generated, in bits
+ * return: a random number of bitLength bit length with first and last bits set
+ */
+void
+random_odd_bi(bi_ptr bi, int bit_length)
+{
+ if (bit_length > 0) {
+ bi_urandom(bi, bit_length);
+ //bi_generate_prime(bi, bit_length);
+ bi_setbit(bi, 0);
+ bi_setbit(bi, bit_length - 1);
+ bi_setbit(bi, bit_length - 2);
+ }
+}
+
+/* This method generates small prime numbers up to a specified bounds using the Sieve of
+ * Eratosthenes algorithm.
+ *
+ * prime_bound: the upper bound for the primes to be generated
+ * starting_prime: the first prime in the list of primes that is returned
+ * return: list of primes up to the specified bound. Each prime is of type bi_ptr
+ */
+void
+generate_small_primes(int prime_bound, int starting_prime)
+{
+ list_ptr res;
+ int length;
+ int *is_primes;
+ int i;
+ int k;
+ int prime;
+ node_t *current;
+
+ primes_length = 0;
+ res = list_new();
+ if (allocs == NULL) {
+ LogError("malloc of list failed");
+ return;
+ }
+ if ((prime_bound <= 1) || (starting_prime > prime_bound))
+ return;
+
+ if (starting_prime <= 2) {
+ starting_prime = 2;
+ list_add(res, bi_2);
+ }
+ length = (prime_bound - 1) >> 1; // length = (prime_bound -1) / 2;
+ is_primes = (int *)malloc(sizeof(int)*length);
+ if (is_primes == NULL) {
+ LogError("malloc of %zd bytes failed", sizeof(int) * length);
+ return;
+ }
+
+ for (i = 0; i < length; i++)
+ is_primes[i] = 1;
+
+ for (i = 0; i < length; i++) {
+ if (is_primes[i] == 1) {
+ prime = 2 * i + 3;
+ for (k = i + prime; k < length; k+= prime)
+ is_primes[k] = 0;
+
+ if (prime >= starting_prime) {
+ list_add(res, (void *)prime);
+ primes_length++;
+ }
+ }
+ }
+ // converti the list to a table
+ current = res->head; // go to first node
+ primes = (unsigned long *)malloc(sizeof(unsigned long) * primes_length);
+ if (primes == NULL) {
+ LogError("malloc of %d bytes failed",
+ sizeof(unsigned long)*primes_length);
+ return;
+ }
+
+ i = 0;
+ while (current != NULL) {
+ primes[i++] = (unsigned long)current->obj;
+ current = current->next; // traverse through the list
+ }
+
+ free(is_primes);
+ list_freeall(res);
+}
+
+void
+prime_init()
+{
+ generate_small_primes(16384, 3);
+}
+
+/* Test whether the provided pDash or p = 2*pDash + 1 are divisible by any of the small primes
+ * saved in the listOfSmallPrimes. A limit for the largest prime to be tested against can be
+ * specified, but it will be ignored if it exeeds the number of precalculated primes.
+ *
+ * p_dash: the number to be tested (p_dash)
+ * prime_bound: the limit for the small primes to be tested against.
+ */
+static int
+test_small_prime_factors(const bi_ptr p_dash, const unsigned long prime_bound)
+{
+ int sievePassed = 1;
+ unsigned long r;
+ unsigned long small_prime;
+ bi_t temp; bi_new(temp);
+
+ small_prime = 1;
+ int i = 0;
+ while (i < primes_length && small_prime < prime_bound ) {
+ small_prime = primes[i++];
+ // r = p_dash % small_prime
+ bi_mod_si(temp, p_dash, small_prime);
+ r = bi_get_si(temp);
+ // test if pDash = 0 (mod smallPrime)
+ if (r == 0) {
+ sievePassed = 0;
+ break;
+ }
+ // test if p = 0 (mod smallPrime) (or r == smallPrime - r - 1)
+ if (r == (small_prime - r - 1)) {
+ sievePassed = 0;
+ break;
+ }
+ }
+ bi_free(temp);
+
+ return sievePassed;
+}
+
+/* Tests if a is a Miller-Rabin witness for n
+ *
+ * a: number which is supposed to be the witness
+ * n: number to be tested against
+ * return: true if a is Miller-Rabin witness for n, false otherwise
+ */
+int
+is_miller_rabin_witness(const bi_ptr a, const bi_ptr n)
+{
+ bi_t n_1;
+ bi_t temp;
+ bi_t _2_power_t;
+ bi_t u;
+ bi_t x0;
+ bi_t x1;
+ int t = -1;
+ int i;
+
+ bi_new(n_1);
+ bi_new(temp);
+ bi_new(_2_power_t);
+ bi_new(u);
+
+ // n1 = n - 1
+ bi_sub_si(n_1, n, 1);
+
+ // test if n-1 = 2^t*u with t >= 1 && u even
+ do {
+ t++;
+ // _2_power_t = bi_1 << t ( == 2 ^ t)
+ bi_shift_left(_2_power_t, bi_1, t);
+ // u = n_1 / (2 ^ t)
+ bi_div(u, n_1, _2_power_t);
+ } while (bi_equals_si(bi_mod(temp, u, bi_2), 0));
+
+ bi_new(x0);
+ bi_new(x1);
+
+ // x1 = (a ^ u ) % n
+ bi_mod_exp(x1, a, u, n);
+
+ // finished to use u, _2_power_t and temp
+ bi_free(u);
+ bi_free(_2_power_t);
+ bi_free(temp);
+ for (i = 0; i < t; i++) {
+ bi_set(x0, x1);
+
+ // x1 = (x0 ^ 2) % n
+ bi_mod_exp(x1, x0, bi_2, n);
+ if (bi_equals_si(x1, 1) && !bi_equals_si(x0, 1) && !bi_equals(x0, n_1) != 0) {
+ bi_free(x0);
+ bi_free(x1);
+ bi_free(n_1);
+ return 1;
+ }
+ }
+
+ bi_free(x0);
+ bi_free(x1);
+ bi_free(n_1);
+
+ if (!bi_equals(x1, bi_1))
+ return 1;
+
+ return 0;
+}
+
+bi_ptr
+compute_trivial_safe_prime(bi_ptr result, int bit_length)
+{
+ LogDebugFn("Enter");
+ do {
+ bi_generate_prime(result, bit_length-1);
+ bi_shift_left(result, result, 1); // result := result << 1
+ bi_add_si(result, result, 1); // result := result -1
+ if (getenv("TSS_DEBUG_OFF") == NULL) {
+ printf(".");
+ fflush(stdout);
+ }
+ } while (bi_is_probable_prime(result)==0);
+
+ return result;
+}
+
+/* The main method to compute a random safe prime of the specified bit length.
+ * IMPORTANT: The computer prime will have two first bits and the last bit set to 1 !!
+ * i.e. > (2^(bitLength-1)+2^(bitLength-2)+1). This is done to be sure that if two primes of
+ * bitLength n are multiplied, the result will have the bitLenght of 2*n exactly This
+ * implementation uses the algorithm proposed by Ronald Cramer and Victor Shoup in "Signature
+ * Schemes Based on the strong RSA Assumption" May 9, 2000.
+ *
+ * bitLength: the bit length of the safe prime to be computed.
+ * return: a number which is considered to be safe prime
+ */
+bi_ptr
+compute_safe_prime(bi_ptr p, int bit_length)
+{
+ bi_ptr p_dash;
+ bi_ptr temp_p;
+ bi_ptr p_minus_1;
+ int stop;
+ unsigned long prime_bound;
+
+ LogDebug("compute Safe Prime: length: %d bits\n", bit_length);
+
+ p_dash = bi_new_ptr();
+ temp_p = bi_new_ptr();
+ p_minus_1 = bi_new_ptr();
+
+ /* some heuristic checks to limit the number of small primes to check against and the
+ * number of Miller-Rabin primality tests at the end */
+ if (bit_length <= 256) {
+ prime_bound = 768;
+ } else if (bit_length <= 512) {
+ prime_bound = 3072;
+ } else if (bit_length <= 768) {
+ prime_bound = 6144;
+ } else if (bit_length <= 1024) {
+ prime_bound = 1024;
+ } else {
+ prime_bound = 16384;
+ }
+
+ do {
+ stop = 0;
+ /* p_dash = generated random with basic bit settings (odd) */
+ random_odd_bi(p_dash, bit_length - 1);
+
+ if (test_small_prime_factors(p_dash, prime_bound) == 0) {
+ LogDebugFn("1");
+ continue;
+ }
+ /* test if p_dash or p are divisible by some small primes */
+ if (is_miller_rabin_witness(bi_2, p_dash)) {
+ LogDebugFn("2");
+ continue;
+ }
+ /* test if 2^(pDash) = +1/-1 (mod p)
+ * bi can not handle negative operation, we compare to (p-1) instead of -1
+ * calculate p = 2*pDash+1 -> (pDash << 1) + 1
+ */
+ bi_shift_left(p, p_dash, 1);
+ bi_add(p, p, bi_1);
+
+ // p_minus_1:= p - 1
+ bi_sub(p_minus_1, p, bi_1);
+
+ // temp_p := ( 2 ^ p_dash ) mod p
+ bi_mod_exp(temp_p, bi_2, p_dash, p);
+ if (!bi_equals_si(temp_p, 1) && !bi_equals(temp_p, p_minus_1) ) {
+ LogDebugFn("3");
+ continue;
+ }
+
+ // test if pDash or p are divisible by some small primes
+ if (is_miller_rabin_witness(bi_2, p_dash)) {
+ LogDebugFn("4");
+ continue;
+ }
+ // test the library dependent probable_prime
+ if (bi_is_probable_prime(p_dash))
+ stop = 1;
+ } while (stop == 0);
+
+ bi_free(p_minus_1);
+ bi_free(temp_p);
+ bi_free(p_dash);
+
+ LogDebug("found Safe Prime: %s bits", bi_2_hex_char(p));
+
+ return p;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_parameter.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_parameter.c
new file mode 100644
index 0000000..58f240f
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_parameter.c
@@ -0,0 +1,184 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include "daa_parameter.h"
+
+setenv("TCSD_FOREGROUND", "1", 1);
+
+static EVP_MD *digest = NULL;
+
+extern EVP_MD *DAA_PARAM_get_message_digest(void) {
+ if( digest == NULL) {
+ OpenSSL_add_all_digests();
+ digest = EVP_get_digestbyname( DAA_PARAM_MESSAGE_DIGEST_ALGORITHM);
+ }
+ return digest;
+}
+
+// from common.c (ltp-tss)
+char *err_string(TSS_RESULT r)
+{
+ /* Check the return code to see if it is common to all layers.
+ * If so, return it.
+ */
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_SUCCESS: return "TSS_SUCCESS";
+ default:
+ break;
+ }
+
+ /* The return code is either unknown, or specific to a layer */
+ if (TSS_ERROR_LAYER(r) == TSS_LAYER_TPM) {
+ switch (TSS_ERROR_CODE(r)) {
+ case TCPA_E_AUTHFAIL: return "TCPA_E_AUTHFAIL";
+ case TCPA_E_BADINDEX: return "TCPA_E_BADINDEX";
+ case TCPA_E_AUDITFAILURE: return "TCPA_E_AUDITFAILURE";
+ case TCPA_E_CLEAR_DISABLED: return "TCPA_E_CLEAR_DISABLED";
+ case TCPA_E_DEACTIVATED: return "TCPA_E_DEACTIVATED";
+ case TCPA_E_DISABLED: return "TCPA_E_DISABLED";
+ case TCPA_E_DISABLED_CMD: return "TCPA_E_DISABLED_CMD";
+ case TCPA_E_FAIL: return "TCPA_E_FAIL";
+ case TCPA_E_INACTIVE: return "TCPA_E_INACTIVE";
+ case TCPA_E_INSTALL_DISABLED: return "TCPA_E_INSTALL_DISABLED";
+ case TCPA_E_INVALID_KEYHANDLE: return "TCPA_E_INVALID_KEYHANDLE";
+ case TCPA_E_KEYNOTFOUND: return "TCPA_E_KEYNOTFOUND";
+ case TCPA_E_NEED_SELFTEST: return "TCPA_E_NEED_SELFTEST";
+ case TCPA_E_MIGRATEFAIL: return "TCPA_E_MIGRATEFAIL";
+ case TCPA_E_NO_PCR_INFO: return "TCPA_E_NO_PCR_INFO";
+ case TCPA_E_NOSPACE: return "TCPA_E_NOSPACE";
+ case TCPA_E_NOSRK: return "TCPA_E_NOSRK";
+ case TCPA_E_NOTSEALED_BLOB: return "TCPA_E_NOTSEALED_BLOB";
+ case TCPA_E_OWNER_SET: return "TCPA_E_OWNER_SET";
+ case TCPA_E_RESOURCES: return "TCPA_E_RESOURCES";
+ case TCPA_E_SHORTRANDOM: return "TCPA_E_SHORTRANDOM";
+ case TCPA_E_SIZE: return "TCPA_E_SIZE";
+ case TCPA_E_WRONGPCRVAL: return "TCPA_E_WRONGPCRVAL";
+ case TCPA_E_BAD_PARAM_SIZE: return "TCPA_E_BAD_PARAM_SIZE";
+ case TCPA_E_SHA_THREAD: return "TCPA_E_SHA_THREAD";
+ case TCPA_E_SHA_ERROR: return "TCPA_E_SHA_ERROR";
+ case TCPA_E_FAILEDSELFTEST: return "TCPA_E_FAILEDSELFTEST";
+ case TCPA_E_AUTH2FAIL: return "TCPA_E_AUTH2FAIL";
+ case TCPA_E_BADTAG: return "TCPA_E_BADTAG";
+ case TCPA_E_IOERROR: return "TCPA_E_IOERROR";
+ case TCPA_E_ENCRYPT_ERROR: return "TCPA_E_ENCRYPT_ERROR";
+ case TCPA_E_DECRYPT_ERROR: return "TCPA_E_DECRYPT_ERROR";
+ case TCPA_E_INVALID_AUTHHANDLE: return "TCPA_E_INVALID_AUTHHANDLE";
+ case TCPA_E_NO_ENDORSEMENT: return "TCPA_E_NO_ENDORSEMENT";
+ case TCPA_E_INVALID_KEYUSAGE: return "TCPA_E_INVALID_KEYUSAGE";
+ case TCPA_E_WRONG_ENTITYTYPE: return "TCPA_E_WRONG_ENTITYTYPE";
+ case TCPA_E_INVALID_POSTINIT: return "TCPA_E_INVALID_POSTINIT";
+ case TCPA_E_INAPPROPRIATE_SIG: return "TCPA_E_INAPPROPRIATE_SIG";
+ case TCPA_E_BAD_KEY_PROPERTY: return "TCPA_E_BAD_KEY_PROPERTY";
+ case TCPA_E_BAD_MIGRATION: return "TCPA_E_BAD_MIGRATION";
+ case TCPA_E_BAD_SCHEME: return "TCPA_E_BAD_SCHEME";
+ case TCPA_E_BAD_DATASIZE: return "TCPA_E_BAD_DATASIZE";
+ case TCPA_E_BAD_MODE: return "TCPA_E_BAD_MODE";
+ case TCPA_E_BAD_PRESENCE: return "TCPA_E_BAD_PRESENCE";
+ case TCPA_E_BAD_VERSION: return "TCPA_E_BAD_VERSION";
+ case TCPA_E_RETRY: return "TCPA_E_RETRY";
+ default: return "UNKNOWN TPM ERROR";
+ }
+ } else if (TSS_ERROR_LAYER(r) == TSS_LAYER_TDDL) {
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_E_FAIL: return "TSS_E_FAIL";
+ case TSS_E_BAD_PARAMETER: return "TSS_E_BAD_PARAMETER";
+ case TSS_E_INTERNAL_ERROR: return "TSS_E_INTERNAL_ERROR";
+ case TSS_E_NOTIMPL: return "TSS_E_NOTIMPL";
+ case TSS_E_PS_KEY_NOTFOUND: return "TSS_E_PS_KEY_NOTFOUND";
+ case TSS_E_KEY_ALREADY_REGISTERED: return "TSS_E_KEY_ALREADY_REGISTERED";
+ case TSS_E_CANCELED: return "TSS_E_CANCELED";
+ case TSS_E_TIMEOUT: return "TSS_E_TIMEOUT";
+ case TSS_E_OUTOFMEMORY: return "TSS_E_OUTOFMEMORY";
+ case TSS_E_TPM_UNEXPECTED: return "TSS_E_TPM_UNEXPECTED";
+ case TSS_E_COMM_FAILURE: return "TSS_E_COMM_FAILURE";
+ case TSS_E_TPM_UNSUPPORTED_FEATURE: return "TSS_E_TPM_UNSUPPORTED_FEATURE";
+ case TDDL_E_COMPONENT_NOT_FOUND: return "TDDL_E_COMPONENT_NOT_FOUND";
+ case TDDL_E_ALREADY_OPENED: return "TDDL_E_ALREADY_OPENED";
+ case TDDL_E_BADTAG: return "TDDL_E_BADTAG";
+ case TDDL_E_INSUFFICIENT_BUFFER: return "TDDL_E_INSUFFICIENT_BUFFER";
+ case TDDL_E_COMMAND_COMPLETED: return "TDDL_E_COMMAND_COMPLETED";
+ case TDDL_E_ALREADY_CLOSED: return "TDDL_E_ALREADY_CLOSED";
+ case TDDL_E_IOERROR: return "TDDL_E_IOERROR";
+ default: return "UNKNOWN TDDL ERROR";
+ }
+ } else if (TSS_ERROR_LAYER(r) == TSS_LAYER_TCS) {
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_E_FAIL: return "TSS_E_FAIL";
+ case TSS_E_BAD_PARAMETER: return "TSS_E_BAD_PARAMETER";
+ case TSS_E_INTERNAL_ERROR: return "TSS_E_INTERNAL_ERROR";
+ case TSS_E_NOTIMPL: return "TSS_E_NOTIMPL";
+ case TSS_E_PS_KEY_NOTFOUND: return "TSS_E_PS_KEY_NOTFOUND";
+ case TSS_E_KEY_ALREADY_REGISTERED: return "TSS_E_KEY_ALREADY_REGISTERED";
+ case TSS_E_CANCELED: return "TSS_E_CANCELED";
+ case TSS_E_TIMEOUT: return "TSS_E_TIMEOUT";
+ case TSS_E_OUTOFMEMORY: return "TSS_E_OUTOFMEMORY";
+ case TSS_E_TPM_UNEXPECTED: return "TSS_E_TPM_UNEXPECTED";
+ case TSS_E_COMM_FAILURE: return "TSS_E_COMM_FAILURE";
+ case TSS_E_TPM_UNSUPPORTED_FEATURE: return "TSS_E_TPM_UNSUPPORTED_FEATURE";
+ case TCS_E_KEY_MISMATCH: return "TCS_E_KEY_MISMATCH";
+ case TCS_E_KM_LOADFAILED: return "TCS_E_KM_LOADFAILED";
+ case TCS_E_KEY_CONTEXT_RELOAD: return "TCS_E_KEY_CONTEXT_RELOAD";
+ case TCS_E_INVALID_CONTEXTHANDLE: return "TCS_E_INVALID_CONTEXTHANDLE";
+ case TCS_E_INVALID_KEYHANDLE: return "TCS_E_INVALID_KEYHANDLE";
+ case TCS_E_INVALID_AUTHHANDLE: return "TCS_E_INVALID_AUTHHANDLE";
+ case TCS_E_INVALID_AUTHSESSION: return "TCS_E_INVALID_AUTHSESSION";
+ case TCS_E_INVALID_KEY: return "TCS_E_INVALID_KEY";
+ default: return "UNKNOWN TCS ERROR";
+ }
+ } else {
+ switch (TSS_ERROR_CODE(r)) {
+ case TSS_E_FAIL: return "TSS_E_FAIL";
+ case TSS_E_BAD_PARAMETER: return "TSS_E_BAD_PARAMETER";
+ case TSS_E_INTERNAL_ERROR: return "TSS_E_INTERNAL_ERROR";
+ case TSS_E_NOTIMPL: return "TSS_E_NOTIMPL";
+ case TSS_E_PS_KEY_NOTFOUND: return "TSS_E_PS_KEY_NOTFOUND";
+ case TSS_E_KEY_ALREADY_REGISTERED: return "TSS_E_KEY_ALREADY_REGISTERED";
+ case TSS_E_CANCELED: return "TSS_E_CANCELED";
+ case TSS_E_TIMEOUT: return "TSS_E_TIMEOUT";
+ case TSS_E_OUTOFMEMORY: return "TSS_E_OUTOFMEMORY";
+ case TSS_E_TPM_UNEXPECTED: return "TSS_E_TPM_UNEXPECTED";
+ case TSS_E_COMM_FAILURE: return "TSS_E_COMM_FAILURE";
+ case TSS_E_TPM_UNSUPPORTED_FEATURE: return "TSS_E_TPM_UNSUPPORTED_FEATURE";
+ case TSS_E_INVALID_OBJECT_TYPE: return "TSS_E_INVALID_OBJECT_TYPE";
+ case TSS_E_INVALID_OBJECT_INITFLAG: return "TSS_E_INVALID_OBJECT_INITFLAG";
+ case TSS_E_INVALID_HANDLE: return "TSS_E_INVALID_HANDLE";
+ case TSS_E_NO_CONNECTION: return "TSS_E_NO_CONNECTION";
+ case TSS_E_CONNECTION_FAILED: return "TSS_E_CONNECTION_FAILED";
+ case TSS_E_CONNECTION_BROKEN: return "TSS_E_CONNECTION_BROKEN";
+ case TSS_E_HASH_INVALID_ALG: return "TSS_E_HASH_INVALID_ALG";
+ case TSS_E_HASH_INVALID_LENGTH: return "TSS_E_HASH_INVALID_LENGTH";
+ case TSS_E_HASH_NO_DATA: return "TSS_E_HASH_NO_DATA";
+ case TSS_E_SILENT_CONTEXT: return "TSS_E_SILENT_CONTEXT";
+ case TSS_E_INVALID_ATTRIB_FLAG: return "TSS_E_INVALID_ATTRIB_FLAG";
+ case TSS_E_INVALID_ATTRIB_SUBFLAG: return "TSS_E_INVALID_ATTRIB_SUBFLAG";
+ case TSS_E_INVALID_ATTRIB_DATA: return "TSS_E_INVALID_ATTRIB_DATA";
+ case TSS_E_NO_PCRS_SET: return "TSS_E_NO_PCRS_SET";
+ case TSS_E_KEY_NOT_LOADED: return "TSS_E_KEY_NOT_LOADED";
+ case TSS_E_KEY_NOT_SET: return "TSS_E_KEY_NOT_SET";
+ case TSS_E_VALIDATION_FAILED: return "TSS_E_VALIDATION_FAILED";
+ case TSS_E_TSP_AUTHREQUIRED: return "TSS_E_TSP_AUTHREQUIRED";
+ case TSS_E_TSP_AUTH2REQUIRED: return "TSS_E_TSP_AUTH2REQUIRED";
+ case TSS_E_TSP_AUTHFAIL: return "TSS_E_TSP_AUTHFAIL";
+ case TSS_E_TSP_AUTH2FAIL: return "TSS_E_TSP_AUTH2FAIL";
+ case TSS_E_KEY_NO_MIGRATION_POLICY: return "TSS_E_KEY_NO_MIGRATION_POLICY";
+ case TSS_E_POLICY_NO_SECRET: return "TSS_E_POLICY_NO_SECRET";
+ case TSS_E_INVALID_OBJ_ACCESS: return "TSS_E_INVALID_OBJ_ACCESS";
+ case TSS_E_INVALID_ENCSCHEME: return "TSS_E_INVALID_ENCSCHEME";
+ case TSS_E_INVALID_SIGSCHEME: return "TSS_E_INVALID_SIGSCHEME";
+ case TSS_E_ENC_INVALID_LENGTH: return "TSS_E_ENC_INVALID_LENGTH";
+ case TSS_E_ENC_NO_DATA: return "TSS_E_ENC_NO_DATA";
+ case TSS_E_ENC_INVALID_TYPE: return "TSS_E_ENC_INVALID_TYPE";
+ case TSS_E_INVALID_KEYUSAGE: return "TSS_E_INVALID_KEYUSAGE";
+ case TSS_E_VERIFICATION_FAILED: return "TSS_E_VERIFICATION_FAILED";
+ case TSS_E_HASH_NO_IDENTIFIER: return "TSS_E_HASH_NO_IDENTIFIER";
+ default: return "UNKNOWN TSS ERROR";
+ }
+ }
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/platform.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/platform.c
new file mode 100644
index 0000000..f550d49
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/platform.c
@@ -0,0 +1,2649 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+// for message digest
+#include <openssl/evp.h>
+#include <openssl/hmac.h>
+#include <openssl/err.h>
+#include <openssl/rsa.h>
+#include <openssl/sha.h>
+
+#include <stdlib.h>
+
+#include "daa_structs.h"
+#include "daa_parameter.h"
+#include "trousers/tss.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include <trousers/trousers.h>
+#include <spi_utils.h>
+#include <obj.h>
+#include "tsplog.h"
+#include "tss/tcs.h"
+#include "platform.h"
+#include "issuer.h"
+#include "verifier.h"
+
+#define EVP_SUCCESS 1
+
+TSS_RESULT
+Tcsip_TPM_DAA_Join(TCS_CONTEXT_HANDLE tcsContext, // in
+ TSS_HDAA hDAA, // in
+ BYTE stage, // in
+ UINT32 inputSize0, // in
+ BYTE* inputData0, // in
+ UINT32 inputSize1, // in
+ BYTE* inputData1, // in
+ TPM_AUTH* ownerAuth, // in/out
+ UINT32* outputSize, // out
+ BYTE** outputData // out
+) {
+ TSS_RESULT result;
+ TSS_HPOLICY hPolicy;
+ TCPA_DIGEST digest;
+ UINT16 offset = 0;
+ BYTE hashblob[10000];
+ TPM_HANDLE hTPM;
+ TPM_HANDLE join_session;
+ // TPM_HANDLE hTPM;
+
+ if( (result = obj_daa_get_handle_tpm( hDAA, &hTPM)) != TSS_SUCCESS)
+ return result;
+ if( (result = obj_daa_get_session_handle( hDAA, &join_session)) != TSS_SUCCESS)
+ return result;
+ LogDebug("Tcsip_TPM_DAA_Join(tcsContext=%x,hDAA=%x,join_session=%x, hTPM=%x stage=%d)",
+ tcsContext,
+ hDAA,
+ join_session,
+ hTPM,
+ stage);
+
+ LogDebug("obj_tpm_get_policy(hTPM=%X)", hTPM);
+ if( (result = obj_tpm_get_policy( hTPM, &hPolicy)) != TSS_SUCCESS)
+ return result;
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Join, hashblob)");
+ // hash TPM_COMMAND_CODE
+ Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Join, hashblob);
+ LogDebug("Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest)");
+ // hash stage
+ Trspi_LoadBlob_BYTE(&offset, stage, hashblob);
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, 0, hashblob)");
+ // hash inputSize0
+ Trspi_LoadBlob_UINT32(&offset, inputSize0, hashblob);
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, inputSize0:%d", inputSize0);
+ // hash inputData0
+ Trspi_LoadBlob( &offset, inputSize0, hashblob, inputData0);
+ // hash inputSize1
+ Trspi_LoadBlob_UINT32(&offset, inputSize1, hashblob);
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, inputSize1:%d", inputSize1);
+ // hash inputData1
+ Trspi_LoadBlob( &offset, inputSize1, hashblob, inputData1);
+ Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest);
+
+ if ((result = secret_PerformAuth_OIAP(hTPM, TPM_ORD_DAA_Join,
+ hPolicy, &digest,
+ ownerAuth)) != TSS_SUCCESS) return result;
+ LogDebug("secret_PerformAuth_OIAP(hTPM, TPM_ORD_DAA_Join ret=%d", result);
+ LogDebug("TCSP_DAAJoin(%x,%x,stage=%x,%x,%x,%x,%x,%x)\n",
+ tcsContext,
+ hTPM,
+ stage,
+ inputSize0,
+ (int)inputData0,
+ inputSize1,
+ (int)inputData1,
+ (int)&ownerAuth);
+ /* step of the following call:
+ TCSP_DAAJoin tcsd_api/calltcsapi.c (define in spi_utils.h)
+ TCSP_DAAJoin_TP tcsd_api/tcstp.c (define in trctp.h)
+ */
+ result = TCSP_DaaJoin( tcsContext,
+ join_session,
+ stage,
+ inputSize0, inputData0,
+ inputSize1, inputData1,
+ ownerAuth,
+ outputSize, outputData);
+ if( result != TSS_SUCCESS) return result;
+
+ offset = 0;
+ Trspi_LoadBlob_UINT32(&offset, result, hashblob);
+ Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Join, hashblob);
+ Trspi_LoadBlob_UINT32(&offset, *outputSize, hashblob);
+ Trspi_LoadBlob(&offset, *outputSize, hashblob, *outputData);
+ LogDebug("TCSP_DAAJoin stage=%d outputSize=%d outputData=%x RESULT=%d",
+ (int)stage, (int)*outputSize, (int)outputData, (int)result);
+ Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest);
+ if( (result = obj_policy_validate_auth_oiap( hPolicy, &digest, ownerAuth))) {
+ LogError("obj_policy_validate_auth=%d", result);
+ }
+ return result;
+}
+
+TSS_RESULT Tcsip_TPM_DAA_Sign( TCS_CONTEXT_HANDLE hContext, // in
+ TPM_HANDLE handle, // in
+ BYTE stage, // in
+ UINT32 inputSize0, // in
+ BYTE* inputData0, // in
+ UINT32 inputSize1, // in
+ BYTE* inputData1, // in
+ TPM_AUTH* ownerAuth, // in, out
+ UINT32* outputSize, // out
+ BYTE** outputData // out
+) {
+ TSS_RESULT result;
+ TSS_HPOLICY hPolicy;
+ TCPA_DIGEST digest;
+ UINT16 offset = 0;
+ BYTE hashblob[1000];
+ TPM_HANDLE hTPM;
+ TPM_HANDLE session_handle;
+ TSS_HDAA hDAA = (TSS_HDAA)handle;
+ // TPM_HANDLE hTPM;
+
+ if( (result = obj_daa_get_handle_tpm( hDAA, &hTPM)) != TSS_SUCCESS)
+ return result;
+ if( (result = obj_daa_get_session_handle( hDAA, &session_handle)) != TSS_SUCCESS)
+ return result;
+ LogDebug("Tcsip_TPM_DAA_Sign(tcsContext=%x,hDAA=%x,sign_session=%x, hTPM=%x stage=%d)",
+ hContext,
+ hDAA,
+ session_handle,
+ hTPM,
+ stage);
+
+ LogDebug("obj_tpm_get_policy(hTPM=%X)", hTPM);
+ if( (result = obj_tpm_get_policy( hTPM, &hPolicy)) != TSS_SUCCESS)
+ return result;
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Sign, hashblob)");
+ // hash TPM_COMMAND_CODE
+ Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Sign, hashblob);
+ LogDebug("Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest)");
+ // hash stage
+ Trspi_LoadBlob_BYTE(&offset, stage, hashblob);
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, 0, hashblob)");
+ // hash inputSize0
+ Trspi_LoadBlob_UINT32(&offset, inputSize0, hashblob);
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, inputSize0:%d", inputSize0);
+ // hash inputData0
+ Trspi_LoadBlob( &offset, inputSize0, hashblob, inputData0);
+ // hash inputSize1
+ Trspi_LoadBlob_UINT32(&offset, inputSize1, hashblob);
+ LogDebug("Trspi_LoadBlob_UINT32(&offset, inputSize1:%d", inputSize1);
+ // hash inputData1
+ Trspi_LoadBlob( &offset, inputSize1, hashblob, inputData1);
+ Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest);
+
+ if ((result = secret_PerformAuth_OIAP(hTPM, TPM_ORD_DAA_Join,
+ hPolicy, &digest,
+ ownerAuth)) != TSS_SUCCESS) return result;
+ LogDebug("secret_PerformAuth_OIAP(hTPM, TPM_ORD_DAA_Join ret=%d", result);
+ LogDebug("TCSP_DAASign(%x,%x,stage=%x,%x,%x,%x,%x,%x)",
+ hContext,
+ hTPM,
+ stage,
+ inputSize0,(int)inputData0,
+ inputSize1,(int)inputData1,
+ (int)&ownerAuth);
+ /* step of the following call:
+ TCSP_DAASign tcsd_api/calltcsapi.c (define in spi_utils.h)
+ TCSP_DAASign_TP tcsd_api/tcstp.c (define in trctp.h)
+ */
+ result = TCSP_DaaSign( hContext,
+ session_handle,
+ stage,
+ inputSize0, inputData0,
+ inputSize1, inputData1,
+ ownerAuth,
+ outputSize, outputData);
+ if( result != TSS_SUCCESS) return result;
+
+ offset = 0;
+ Trspi_LoadBlob_UINT32(&offset, result, hashblob);
+ Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Sign, hashblob);
+ Trspi_LoadBlob_UINT32(&offset, *outputSize, hashblob);
+ Trspi_LoadBlob(&offset, *outputSize, hashblob, *outputData);
+ LogDebug("TCSP_DAASign stage=%d outputSize=%d outputData=%x RESULT=%d",
+ (int)stage, (int)*outputSize, (int)outputData, (int)result);
+ Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest);
+ if( (result = obj_policy_validate_auth_oiap( hPolicy, &digest, ownerAuth)))
+ {
+ LogError("obj_policy_validate_auth=%d", result);
+ }
+ return result;
+}
+
+/**
+ Only used for the logging
+*/
+static TSS_RESULT
+Tcsip_TPM_DAA_Join_encapsulate(TCS_CONTEXT_HANDLE tcsContext, // in
+ TSS_HDAA hDAA, // in
+ BYTE stage, // in
+ UINT32 inputSize0, // in
+ BYTE* inputData0, // in
+ UINT32 inputSize1, // in
+ BYTE* inputData1, // in
+ TPM_AUTH* ownerAuth, // in/out
+ UINT32* outputSize, // out
+ BYTE** outputData // out
+) {
+ TSS_RESULT result;
+
+ LogDebug("Tcsip_DAA_Join(TCS_CONTEXT=%X,TSS_HDAA=%X,stage=%d,\
+ inputSize0=%u,inputData0=%s\ninputSize1=%u,inputData1=%s,ownerAuth=%X)",
+ tcsContext, hDAA, stage,
+ inputSize0, dump_byte_array(inputSize0, inputData0),
+ inputSize1,dump_byte_array(inputSize1, inputData1),
+ (int)ownerAuth);
+ result = Tcsip_TPM_DAA_Join(
+ tcsContext, // in
+ hDAA, // in
+ stage, // in
+ inputSize0, // in
+ inputData0, // in
+ inputSize1, // in
+ inputData1, // in
+ ownerAuth, // in/out
+ outputSize, // out
+ outputData // out
+ );
+ LogDebug("Tcsip_DAA_Join(stage=%d,outputSize=%u outputData=%s ownerAuth=%X) result=%d",
+ (int)stage, *outputSize, dump_byte_array( *outputSize, *outputData), (int)ownerAuth, result);
+ return result;
+}
+
+#if 0
+/* from TSS.java */
+/* openssl RSA (struct rsa_st) could manage RSA Key */
+TSS_RESULT
+Tspi_TPM_DAA_JoinInit_internal( TSS_HDAA hDAA,
+ TSS_HTPM hTPM,
+ int daa_counter,
+ TSS_DAA_PK *issuer_pk,
+ int issuer_authentication_PKLengh,
+ RSA **issuer_authentication_PK,
+ int issuer_authentication_PK_signaturesLength,
+ BYTE **issuer_authentication_PK_signatures,
+ int *capital_UprimeLength,
+ BYTE **capital_Uprime,
+ TSS_DAA_IDENTITY_PROOF *identity_proof,
+ TSS_DAA_JOIN_SESSION *join_session)
+{
+ // Optional: verification of the PKDAA and issuer settings (authen. by the RSA Public Key chain)
+ TSS_RESULT result;
+ TCS_CONTEXT_HANDLE tcsContext;
+ TPM_AUTH ownerAuth;
+ int i, modulus_length, outputSize, length, length1;
+ UINT32 return_join_session;
+ BYTE *outputData, *issuer_settings_bytes;
+ BYTE *buffer_modulus;
+ TPM_DAA_ISSUER *issuer_settings;
+ char buffer[1000], buffer1[1000];
+ TSS_DAA_PK_internal *pk_internal = e_2_i_TSS_DAA_PK( issuer_pk);
+ bi_ptr issuer_authentication_PK_i = NULL;
+
+ if( (result = obj_tpm_is_connected( hTPM, &tcsContext)) != TSS_SUCCESS)
+ return result;
+ obj_daa_set_handle_tpm( hDAA, hTPM);
+
+ // stages 0-2 explained in the diagram "Keys of DAA Issuer"
+ // issuer_authentication_PKLengh should be converted to Network Based integer
+ i = htonl(issuer_authentication_PKLengh);
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 0,
+ sizeof(int), (BYTE *)(&i),
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) { goto close;}
+ // set the sessionHandle to the returned value
+ return_join_session = ntohl( *((UINT32 *)outputData));
+ free( outputData);
+ obj_daa_set_session_handle( hDAA, return_join_session);
+
+ LogDebug("done join 0 settings join_session:%x\n", return_join_session);
+ modulus_length = DAA_PARAM_SIZE_RSA_MODULUS / 8;
+ buffer_modulus = malloc(modulus_length);
+ if (buffer_modulus == NULL) {
+ LogError("malloc of %d bytes failed", modulus_length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ issuer_authentication_PK_i = bi_new_ptr();
+ for(i =0; i< issuer_authentication_PKLengh; i++) {
+ bi_set_as_BIGNUM( issuer_authentication_PK_i, issuer_authentication_PK[i]->n);
+ bi_2_byte_array( buffer_modulus,
+ modulus_length,
+ issuer_authentication_PK_i);
+ if ( i==0) {
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 1,
+ modulus_length, buffer_modulus,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) {
+ free( buffer_modulus);
+ goto close;
+ }
+ } else {
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 1,
+ modulus_length, buffer_modulus,
+ DAA_PARAM_KEY_SIZE / 8, issuer_authentication_PK_signatures[i -1],
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) {
+ free( buffer_modulus);
+ goto close;
+ }
+ }
+ }
+ free( buffer_modulus);
+ LogDebug("done join 1-%d\n", issuer_authentication_PKLengh);
+ // define issuer_settings
+ issuer_settings = convert2issuer_settings( pk_internal);
+ issuer_settings_bytes = issuer_2_byte_array( issuer_settings, &length);
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 2,
+ length, issuer_settings_bytes,
+ modulus_length,
+ issuer_authentication_PK_signatures[issuer_authentication_PKLengh-1],
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) { goto close;}
+ LogDebug("done join 2\n");
+ i = htonl( daa_counter);
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 3,
+ sizeof(UINT32), (BYTE *)(&i),
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) { goto close;}
+ LogDebug("done join 3\n");
+ // reserved another buffer for storing Big Integer
+ bi_2_nbin1( &length, buffer, pk_internal->capitalR0);
+ bi_2_nbin1( &length1, buffer1, pk_internal->modulus);
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 4,
+ length, buffer,
+ length1, buffer1,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) { goto close;}
+ LogDebug("done join 4\n");
+ bi_2_nbin1( &length, buffer, pk_internal->capitalR1);
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 5,
+ length, buffer,
+ length1, buffer1,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) { goto close;}
+ LogDebug("done join 5\n");
+ bi_2_nbin1( &length, buffer, pk_internal->capitalS);
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 6,
+ length, buffer,
+ length1, buffer1,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) { goto close;}
+ LogDebug("done join 6\n");
+ bi_2_nbin1( &length, buffer, pk_internal->capitalSprime);
+ // define Uprime
+ result = Tcsip_TPM_DAA_Join_encapsulate(
+ tcsContext, hDAA,
+ 7,
+ length, buffer,
+ length1, buffer1,
+ &ownerAuth, &outputSize, &outputData);
+ // 5 : save PKDAA, U, daaCount and sessionHandle in joinSession
+ join_session->issuerPk = (TSS_HKEY)issuer_pk;
+ if( result == TSS_SUCCESS) {
+ *capital_UprimeLength = outputSize;
+ *capital_Uprime = convert_alloc( tcsContext, outputSize, outputData);
+ if (*capital_Uprime == NULL) {
+ LogError("malloc of %d bytes failed", outputSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ join_session->capitalUPrime = copy_alloc( tcsContext,
+ *capital_UprimeLength,
+ *capital_Uprime);
+ if (join_session->capitalUPrime == NULL) {
+ LogError("malloc of %d bytes failed", *capital_UprimeLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ join_session->capitalUPrimeLength = *capital_UprimeLength;
+ }
+ join_session->sessionHandle = return_join_session;
+ // get the endorsement Key (public part)
+ result = get_public_EK(
+ hTPM, // in
+ &( identity_proof->endorsementLength),
+ &( identity_proof->endorsementCredential)
+ );
+
+close:
+ FREE_BI( issuer_authentication_PK_i);
+ LogDebug("result = %d", result);
+ LogDebug("outputSize=%d", outputSize);
+ LogDebug("outputData=%s", dump_byte_array( outputSize, outputData));
+ return result;
+}
+#else
+TSS_RESULT
+Tspi_TPM_DAA_JoinInit_internal(TSS_HTPM hTPM,
+ TSS_HDAA_ISSUER_KEY hIssuerKey
+ UINT32 daa_counter,
+ UINT32 issuerAuthPKsLength,
+ TSS_HKEY* issuerAuthPKs,
+ UINT32 issuerAuthPKSignaturesLength,
+ UINT32 issuerAuthPKSignaturesLength2,
+ BYTE** issuerAuthPKSignatures,
+ UINT32* capitalUprimeLength,
+ BYTE** capitalUprime,
+ TSS_DAA_IDENTITY_PROOF** identity_proof,
+ UINT32* joinSessionLength,
+ BYTE** joinSession)
+{
+ // Optional: verification of the PKDAA and issuer settings (authen. by the RSA Public Key chain)
+ TSS_RESULT result;
+ TSS_HCONTEXT tspContext;
+ TPM_AUTH ownerAuth;
+ int length, length1;
+ UINT32 i, modulus_length, outputSize, buf_len;
+ BYTE *outputData, *issuer_settings_bytes;
+ BYTE *modulus, stage, *buf;
+ //TPM_DAA_ISSUER *issuer_settings;
+ //char buffer[1000], buffer1[1000];
+ //TSS_DAA_PK_internal *pk_internal = e_2_i_TSS_DAA_PK(issuer_pk);
+ bi_ptr issuerAuthPK = NULL;
+ TPM_HANDLE daaHandle;
+ Trspi_HashCtx hashCtx;
+ TPM_DIGEST digest;
+ TSS_DAA_IDENTITY_PROOF daaIdentityProof;
+
+ if ((result = obj_tpm_is_connected(hTPM, &tspContext)))
+ return result;
+
+ if ((result = obj_daaissuerkey_get_daa_handle(hIssuerKey, &daaHandle)))
+ return result;
+
+ stage = 0;
+ inputSize0 = (UINT32)sizeof(UINT32);
+ inputData0 = issuerAuthPKsLength;
+ inputSize1 = 0;
+ inputData1 = NULL;
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_DAA_Join);
+ result |= Trspi_Hash_BYTE(&hashCtx, stage);
+ result |= Trspi_Hash_UINT32(&hashCtx, inputSize0);
+ result |= Trspi_HashUpdate(&hashCtx, inputSize0, inputData0);
+ result |= Trspi_Hash_UINT32(&hashCtx, inputSize1);
+ result |= Trspi_HashUpdate(&hashCtx, inputSize1, inputData1);
+ if ((result |= Trspi_HashFinal(&hashCtx, digest.digest)))
+ return result;
+
+ // stages 0-2 explained in the diagram "Keys of DAA Issuer"
+ if ((result = TCS_API(tspContext)->DaaJoin(tspContext, daaHandle, stage, inputSize1,
+ inputData0, inputSize1, inputData1, &ownerAuth,
+ &outputSize, &outputData)))
+ goto close;
+
+ if (outputSize != sizeof(UINT32)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto close;
+ }
+
+ // set the sessionHandle to the returned value
+ Trspi_UnloadBlob_UINT32(&offset, &daaHandle, outputData);
+ free(outputData);
+ if ((result = obj_daaissuerkey_set_daa_handle(hIssuerKey, daaHandle)))
+ goto close;
+
+ LogDebug("done join 0 settings join_session:%x", daaHandle);
+
+ modulus_length = DAA_PARAM_SIZE_RSA_MODULUS / 8;
+ if ((buffer_modulus = malloc(modulus_length)) == NULL) {
+ LogError("malloc of %d bytes failed", modulus_length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+
+ stage = 1;
+ for (i = 0; i < issuerAuthPKsLength; i++) {
+ if ((result = obj_rsakey_get_modulus(issuerAuthPKs[i], &modulus_length, &modulus)))
+ goto close;
+
+ outputData = NULL;
+ if (i==0) {
+ result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage,
+ modulus_length, modulus, 0, NULL,
+ &ownerAuth, &outputSize,
+ &outputData);
+ } else {
+ result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage,
+ modulus_length, modulus,
+ issuerAuthPKSignaturesLength2,
+ issuerAuthPKSignatures[i - 1],
+ &ownerAuth, &outputSize,
+ &outputData);
+ }
+
+ free(outputData);
+ free_tspi(tspContext, modulus);
+ if (result != TSS_SUCCESS) {
+ LogDebugFn("Stage 1 iteration %u failed", i);
+ goto close;
+ }
+ }
+
+ LogDebug("done join 1-%d\n", issuer_authentication_PKLengh);
+
+ stage = 2;
+ // define issuer_settings
+#if 0
+ issuer_settings = convert2issuer_settings(pk_internal);
+ issuer_settings_bytes = issuer_2_byte_array(issuer_settings, &length);
+#else
+ if ((result = obj_daaissuerkey_get_daa_issuer(hIssuerKey, &issuer_length, &issuer)))
+ goto close;
+
+ if ((result = obj_daaissuerkey_get_modulus(hIssuerKey, &modulus_length, &modulus))) {
+ free_tspi(tspContext, issuer);
+ goto close;
+ }
+#endif
+ if ((result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage, issuer_length,
+ issuer, issuerAuthPKSignaturesLength2,
+ issuerAuthPKSignatures[i - 1], &ownerAuth,
+ &outputSize, &outputData))) {
+ free_tspi(tspContext, issuer);
+ free_tspi(tspContext, modulus);
+ goto close;
+ }
+ free_tspi(tspContext, issuer);
+
+ LogDebug("done join 2\n");
+
+ stage = 3;
+ if ((result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage, sizeof(UINT32),
+ (BYTE *)(&daa_counter), 0, NULL, &ownerAuth,
+ &outputSize, &outputData)))
+ goto close;
+
+ LogDebug("done join 3\n");
+
+ stage = 4;
+#if 0
+ // reserved another buffer for storing Big Integer
+ bi_2_nbin1( &length, buffer, pk_internal->capitalR0);
+ bi_2_nbin1( &length1, buffer1, pk_internal->modulus);
+#else
+ if ((result = obj_daaissuerkey_get_capitalR0(hIssuerKey, &buf_len, &buf)))
+ return result;
+#endif
+ if ((result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage, buf_len, buf,
+ modulus_length, modulus, &ownerAuth,
+ &outputSize, &outputData))) {
+ free_tspi(tspContext, buf);
+ free_tspi(tspContext, modulus);
+ goto close;
+ }
+ free_tspi(tspContext, buf);
+
+ LogDebug("done join 4\n");
+
+ stage = 5;
+#if 0
+ bi_2_nbin1( &length, buffer, pk_internal->capitalR1);
+#else
+ if ((result = obj_daaissuerkey_get_capitalR1(hIssuerKey, &buf_len, &buf)))
+ return result;
+#endif
+ if ((result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage, buf_len,
+ buf, modulus_length, modulus, &ownerAuth,
+ &outputSize, &outputData))) {
+ free_tspi(tspContext, buf);
+ free_tspi(tspContext, modulus);
+ goto close;
+ }
+ free_tspi(tspContext, buf);
+
+ LogDebug("done join 5\n");
+
+ stage = 6;
+#if 0
+ bi_2_nbin1( &length, buffer, pk_internal->capitalS);
+#else
+ if ((result = obj_daaissuerkey_get_capitalS(hIssuerKey, &buf_len, &buf)))
+ return result;
+#endif
+ if ((result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage, buf_len, buf,
+ modulus_length, modulus, &ownerAuth,
+ &outputSize, &outputData))) {
+ free_tspi(tspContext, buf);
+ free_tspi(tspContext, modulus);
+ goto close;
+ }
+ free_tspi(tspContext, buf);
+
+ LogDebug("done join 6\n");
+
+ stage = 7;
+#if 0
+ bi_2_nbin1( &length, buffer, pk_internal->capitalSprime);
+#else
+ if ((result = obj_daaissuerkey_get_capitalSprime(hIssuerKey, &buf_len, &buf)))
+ return result;
+#endif
+ // define Uprime
+ if ((result = Tcsip_TPM_DAA_Join_encapsulate(tspContext, daaHandle, stage, buf_len, buf,
+ modulus_length, modulus, &ownerAuth,
+ &outputSize, &outputData))) {
+ free_tspi(tspContext, buf);
+ free_tspi(tspContext, modulus);
+ goto close;
+ }
+ free_tspi(tspContext, buf);
+
+#if 0
+ // 5 : save PKDAA, U, daaCount and sessionHandle in joinSession
+ join_session->issuerPk = (TSS_HKEY)issuer_pk;
+ if( result == TSS_SUCCESS) {
+ *capital_UprimeLength = outputSize;
+ *capital_Uprime = convert_alloc( tspContext, outputSize, outputData);
+ if (*capital_Uprime == NULL) {
+ LogError("malloc of %d bytes failed", outputSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ join_session->capitalUPrime = copy_alloc( tspContext,
+ *capital_UprimeLength,
+ *capital_Uprime);
+ if (join_session->capitalUPrime == NULL) {
+ LogError("malloc of %d bytes failed", *capital_UprimeLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ join_session->capitalUPrimeLength = *capital_UprimeLength;
+ }
+ join_session->sessionHandle = return_join_session;
+ // get the endorsement Key (public part)
+ result = get_public_EK(
+ hTPM, // in
+ &( identity_proof->endorsementLength),
+ &( identity_proof->endorsementCredential)
+ );
+#else
+ /* fill out the identity proof struct */
+ if ((result = TCS_API(obj->tspContext)->GetTPMCapability(obj->tspContext, TPM_CAP_VERSION,
+ 0, NULL, &buf_len, &buf)))
+ goto close;
+
+ offset = 0;
+ Trspi_UnloadBlob_VERSION(&offset, buf, &daaIdentityProof.versionInfo);
+ free_tspi(tspContext, buf);
+
+#error set all 3 credentials in the daaIdentityProof struct here
+
+ /* set the U data */
+ if ((result = __tspi_add_mem_entry(tspContext, outputData)))
+ goto close;
+ *capitalUPrime = outputData;
+ *capitalUPrimeLength = outputSize;
+
+ /* return the TSS specific stuff */
+#endif
+
+close:
+ FREE_BI( issuer_authentication_PK_i);
+ LogDebug("result = %d", result);
+ LogDebug("outputSize=%d", outputSize);
+ LogDebug("outputData=%s", dump_byte_array( outputSize, outputData));
+ return result;
+}
+#endif
+
+
+/* allocation:
+ endorsementKey as BYTE *
+*/
+TSS_RESULT
+get_public_EK(TSS_HTPM hTPM,
+ UINT32 *endorsementKeyLength,
+ BYTE **endorsementKey
+
+) {
+ TSS_RESULT result;
+ TSS_HKEY hEk;
+ TSS_HPOLICY hTpmPolicy;
+ UINT32 uiAttrSize;
+ BYTE *pAttr;
+
+ if( (result = obj_tpm_get_policy( hTPM, &hTpmPolicy)) != TSS_SUCCESS) {
+ LogError("can not retrieve policy from the TPM handler");
+ goto out_close;
+ }
+
+ if( (result = Tspi_TPM_GetPubEndorsementKey(hTPM, TRUE, NULL, &hEk)) != TSS_SUCCESS) {
+ LogError("can not retrieve the Public endorsed Key");
+ goto out_close;
+ }
+
+ result = Tspi_GetAttribData(
+ hEk,
+ TSS_TSPATTRIB_KEY_INFO,
+ TSS_TSPATTRIB_KEYINFO_VERSION,
+ &uiAttrSize,
+ &pAttr);
+
+ if (result != TSS_SUCCESS) goto out_close;
+ LogDebug("keyinfo:%s", dump_byte_array( uiAttrSize, pAttr));
+
+ result = Tspi_GetAttribData(
+ hEk,
+ TSS_TSPATTRIB_KEY_BLOB,
+ TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY,
+ endorsementKeyLength,
+ endorsementKey);
+
+ LogDebug("Public Endorsement Key:%s",
+ dump_byte_array( *endorsementKeyLength, *endorsementKey));
+out_close:
+ return result;
+}
+
+// from TSS.java (479)
+TSS_RESULT
+compute_join_challenge_host(TSS_HDAA hDAA,
+ TSS_DAA_PK_internal *pk_internal,
+ bi_ptr capitalU,
+ bi_ptr capital_Uprime,
+ bi_ptr capital_utilde,
+ bi_ptr capital_utilde_prime,
+ bi_ptr capital_ni,
+ bi_ptr capital_ni_tilde,
+ UINT32 commitments_proofLength,
+ TSS_DAA_ATTRIB_COMMIT_internal *
+ commitments_proof,
+ UINT32 nonceIssuerLength,
+ BYTE* nonceIssuer,
+ UINT32 *resultLength,
+ BYTE **result) {
+ EVP_MD_CTX *mdctx;
+ BYTE *encoded_pk = NULL, *buffer;
+ UINT32 encoded_pkLength;
+ int rv, length;
+
+ buffer = (BYTE *)malloc( 10000); // to be sure, and it will be free quickly
+ if (buffer == NULL) {
+ LogError("malloc of %d bytes failed", 10000);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ mdctx = EVP_MD_CTX_create();
+ rv = EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ if (rv != EVP_SUCCESS) goto err;
+ // allocation
+ encoded_pk = encoded_DAA_PK_internal( &encoded_pkLength, pk_internal);
+ LogDebug("encoded issuerPk[%d]: %s",
+ encoded_pkLength,
+ dump_byte_array( encoded_pkLength, encoded_pk));
+ rv = EVP_DigestUpdate(mdctx, encoded_pk, encoded_pkLength);
+ if (rv != EVP_SUCCESS) goto err;
+ // capitalU
+ length = DAA_PARAM_SIZE_RSA_MODULUS / 8;
+ bi_2_byte_array( buffer, length, capitalU);
+ LogDebug("capitalU[%ld]: %s",
+ bi_nbin_size(capitalU) ,
+ dump_byte_array( length, buffer));
+ rv = EVP_DigestUpdate(mdctx, buffer, length);
+ if (rv != EVP_SUCCESS) goto err;
+ // capital UPrime
+ bi_2_byte_array( buffer, length, capital_Uprime);
+ LogDebug("capitalUPrime[%d]: %s",
+ length,
+ dump_byte_array( length, buffer));
+ rv = EVP_DigestUpdate(mdctx, buffer, length);
+ if (rv != EVP_SUCCESS) goto err;
+ // capital Utilde
+ bi_2_byte_array( buffer, length, capital_utilde);
+ LogDebug("capitalUTilde[%d]: %s",
+ length,
+ dump_byte_array( length, buffer));
+ rv = EVP_DigestUpdate(mdctx, buffer, length);
+ if (rv != EVP_SUCCESS) goto err;
+ // capital UtildePrime
+ bi_2_byte_array( buffer, length, capital_utilde_prime);
+ LogDebug("capital_utilde_prime[%d]: %s",
+ length,
+ dump_byte_array( length, buffer));
+ rv = EVP_DigestUpdate(mdctx, buffer, length);
+ if (rv != EVP_SUCCESS) goto err;
+ //capital_ni
+ length = DAA_PARAM_SIZE_MODULUS_GAMMA / 8;
+ bi_2_byte_array( buffer, length, capital_ni);
+ LogDebug("capital_ni[%d]: %s",
+ length,
+ dump_byte_array( length, buffer));
+ rv = EVP_DigestUpdate(mdctx, buffer, length);
+ if (rv != EVP_SUCCESS) goto err;
+ //capital_ni_tilde
+ bi_2_byte_array( buffer, length, capital_ni_tilde);
+ LogDebug("capital_ni_tilde[%d]: %s",
+ length,
+ dump_byte_array( length, buffer));
+ rv = EVP_DigestUpdate(mdctx, buffer, length);
+ if (rv != EVP_SUCCESS) goto err;
+ // TODO: commitments
+ LogDebug("nonceIssuer[%d]: %s",
+ nonceIssuerLength,
+ dump_byte_array( nonceIssuerLength, nonceIssuer));
+ rv = EVP_DigestUpdate(mdctx, nonceIssuer, nonceIssuerLength);
+ if (rv != EVP_SUCCESS) goto err;
+ *resultLength = EVP_MD_CTX_size(mdctx);
+ *result = (BYTE *)malloc( *resultLength);
+ if (*result == NULL) {
+ LogError("malloc of %d bytes failed", *resultLength);
+ free( buffer);
+ free( encoded_pk);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ rv = EVP_DigestFinal(mdctx, *result, NULL);
+ if (rv != EVP_SUCCESS) goto err;
+ EVP_MD_CTX_destroy(mdctx);
+ free( buffer);
+ free( encoded_pk);
+ return TSS_SUCCESS;
+err:
+ EVP_MD_CTX_destroy(mdctx);
+ free( buffer);
+ free( encoded_pk);
+ DEBUG_print_openssl_errors();
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+}
+
+/*
+This is the second out of 3 functions to execute in order to receive a DAA Credential. It
+computes the credential request for the DAA Issuer, which also includes the Platforms & DAA
+public key and the attributes that were chosen by the Platform, and which are not visible to \
+the DAA Issuer. The Platform can commit to the attribute values it has chosen.
+Code influenced by TSS.java (TssDaaCredentialRequest)
+*/
+TSPICALL
+Tspi_TPM_DAA_JoinCreateDaaPubKey_internal(
+ TSS_HDAA hDAA, // in
+ TSS_HTPM hTPM, // in
+ UINT32 authenticationChallengeLength, // in
+ BYTE* authenticationChallenge, // in
+ UINT32 nonceIssuerLength, // in
+ BYTE* nonceIssuer, // in
+ UINT32 attributesPlatformLength, // in
+ BYTE** attributesPlatform, // in
+ TSS_DAA_JOIN_SESSION* joinSession, // in, out
+ TSS_DAA_CREDENTIAL_REQUEST* credentialRequest // out
+) {
+ TSS_RESULT result;
+ TCS_CONTEXT_HANDLE tcsContext;
+ TPM_AUTH ownerAuth;
+ bi_ptr tmp1 = bi_new_ptr();
+ bi_ptr tmp2 = bi_new_ptr();
+ bi_ptr capital_utilde = bi_new_ptr();
+ bi_ptr v_tilde_prime = bi_new_ptr();
+ bi_ptr rv_tilde_prime = bi_new_ptr();
+ bi_ptr capitalU = bi_new_ptr();
+ bi_ptr product_attributes = bi_new_ptr();
+ bi_ptr capital_ni = NULL;
+ bi_ptr capital_utilde_prime = NULL;
+ bi_ptr capital_ni_tilde = NULL;
+ bi_ptr n = NULL;
+ bi_ptr attributePlatform = NULL;
+ bi_ptr c = NULL;
+ bi_ptr zeta = NULL;
+ bi_ptr capital_Uprime = NULL;
+ bi_ptr sv_tilde_prime = NULL;
+ bi_ptr s_f0 = NULL;
+ bi_ptr s_f1 = NULL;
+ bi_ptr sv_prime = NULL;
+ bi_ptr sv_prime1 = NULL;
+ bi_ptr sv_prime2 = NULL;
+ bi_array_ptr ra = NULL;
+ bi_array_ptr sa = NULL;
+ TSS_DAA_PK* pk_extern = (TSS_DAA_PK *)joinSession->issuerPk;
+ TSS_DAA_PK_internal* pk_internal = e_2_i_TSS_DAA_PK( pk_extern);
+ UINT32 i, outputSize, authentication_proofLength, nonce_tpmLength;
+ UINT32 capitalSprime_byte_arrayLength, size_bits, length, chLength, c_byteLength;
+ UINT32 internal_cbyteLength, noncePlatformLength;
+ BYTE *outputData, *authentication_proof, *capitalSprime_byte_array = NULL, *buffer;
+ BYTE *ch = NULL;
+ BYTE *c_byte, *noncePlatform, *nonce_tpm;
+ BYTE *internal_cbyte = NULL;
+ EVP_MD_CTX *mdctx;
+
+ if( tmp1 == NULL || tmp2 == NULL || capital_utilde == NULL ||
+ v_tilde_prime == NULL || rv_tilde_prime == NULL ||
+ capitalU == NULL || product_attributes == NULL) {
+ LogError("malloc of bi(s) failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ if( pk_internal == NULL) {
+ LogError("malloc of pk_internal failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ if( (result = obj_tpm_is_connected( hTPM, &tcsContext)) != TSS_SUCCESS) {
+ goto close;
+ }
+ obj_daa_set_handle_tpm( hDAA, hTPM);
+ // allocation
+ n = bi_set_as_nbin( pk_extern->modulusLength, pk_extern->modulus);
+ if( n == NULL) {
+ LogError("malloc of %d bytes failed", pk_extern->modulusLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // allocation
+ capitalSprime_byte_array = bi_2_nbin( &capitalSprime_byte_arrayLength,
+ pk_internal->capitalSprime);
+ if( capitalSprime_byte_array == NULL) {
+ LogError("malloc of %d bytes failed", capitalSprime_byte_arrayLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // compute second part of the credential request
+ // encode plateform attributes (the one visible only by the receiver)
+ bi_set( product_attributes, bi_1);
+ for( i=0; i<attributesPlatformLength; i++) {
+ attributePlatform = bi_set_as_nbin( DAA_PARAM_SIZE_F_I / 8,
+ attributesPlatform[i]); // allocation
+ if( attributePlatform == NULL) {
+ LogError("malloc of bi <%s> failed", "attributePlatform");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // bi_tmp1 = ( capitalRReceiver[i] ^ attributesPlatform ) % n
+ bi_mod_exp( tmp1, pk_internal->capitalRReceiver->array[i], attributePlatform, n);
+ // bi_tmp1 = bi_tmp1 * product_attributes
+ bi_mul( tmp1, tmp1, product_attributes);
+ // product_attributes = bi_tmp1 % n
+ bi_mod( product_attributes, tmp1, n);
+ bi_free_ptr( attributePlatform);
+ }
+ bi_urandom( v_tilde_prime, DAA_PARAM_SIZE_RSA_MODULUS +
+ DAA_PARAM_SAFETY_MARGIN);
+ // tmp1 = capitalUPrime * capitalS
+ bi_free_ptr( tmp1);
+ tmp1 = bi_set_as_nbin( joinSession->capitalUPrimeLength,
+ joinSession->capitalUPrime); // allocation
+ if( tmp1 == NULL) {
+ LogError("malloc of %d bytes failed", joinSession->capitalUPrimeLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // U = ( U' * ( ( pk->S ^ v~' ) % n) ) % n
+ // tmp2 = ( pk->S ^ v~') % n
+ bi_mod_exp( tmp2, pk_internal->capitalS, v_tilde_prime, n);
+ // U = tmp1( U') * tmp2
+ bi_mul( capitalU, tmp1, tmp2);
+ bi_mod( capitalU, capitalU, n);
+ // U = ( U * product_attributes ) % n
+ bi_mul( capitalU, capitalU, product_attributes);
+ bi_mod( capitalU, capitalU, n);
+ // 2 : call the TPM to compute authentication proof with U'
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 8,
+ authenticationChallengeLength, authenticationChallenge,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 8");
+ authentication_proof = calloc_tspi( tcsContext, outputSize);
+ if( authentication_proof == NULL) {
+ LogError("malloc of %d bytes failed", outputSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ memcpy( authentication_proof, outputData, outputSize);
+ free( outputData);
+ authentication_proofLength = outputSize;
+
+ // 3 : call the TPM to compute U' (first part of correctness proof of the credential
+ // request
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 9,
+ pk_extern->capitalR0Length, pk_extern->capitalR0,
+ pk_extern->modulusLength, pk_extern->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 9: capitalR0");
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 10,
+ pk_extern->capitalR1Length, pk_extern->capitalR1,
+ pk_extern->modulusLength, pk_extern->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 10: capitalR1");
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 11,
+ pk_extern->capitalSLength, pk_extern->capitalS,
+ pk_extern->modulusLength, pk_extern->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 11: capitalS");
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 12,
+ capitalSprime_byte_arrayLength, capitalSprime_byte_array,
+ pk_extern->modulusLength, pk_extern->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 12: capitalUTildePrime");
+ capital_utilde_prime = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( capital_utilde_prime == NULL) {
+ LogError("malloc of %d bytes failed", outputSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ // 4 compute pseudonym with respect to the DAA Issuer
+ // allocation
+ zeta = compute_zeta( pk_internal->issuerBaseNameLength,
+ pk_internal->issuerBaseName,
+ pk_internal);
+ if( zeta == NULL) {
+ LogError("malloc of bi <%s> failed", "zeta");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ buffer = (BYTE *)malloc( TPM_DAA_SIZE_w);
+ if( buffer == NULL) {
+ LogError("malloc of %d bytes failed", TPM_DAA_SIZE_w);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug("zeta[%ld] = %s", bi_nbin_size( zeta), bi_2_hex_char( zeta));
+ bi_2_byte_array( buffer, TPM_DAA_SIZE_w, zeta);
+ LogDebug("zeta[%d] = %s", TPM_DAA_SIZE_w, dump_byte_array( TPM_DAA_SIZE_w, buffer));
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 13,
+ pk_extern->capitalGammaLength, pk_extern->capitalGamma,
+ TPM_DAA_SIZE_w, buffer, // zeta
+ &ownerAuth, &outputSize, &outputData);
+ free( buffer);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 13: capitalGamma / zeta");
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 14,
+ pk_extern->capitalGammaLength, pk_extern->capitalGamma,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 14: capitalGamma");
+ capital_ni = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( capital_ni == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_ni");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 15,
+ pk_extern->capitalGammaLength, pk_extern->capitalGamma,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 15: capitalGamma");
+ capital_ni_tilde = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( capital_ni_tilde == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_ni_tilde");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+
+ // 5 : compute the second part of the correctness proof of the credential request
+ // (with attributes not visible to issuer)
+ // randomize/blind attributesReceiver
+ size_bits = DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES;
+ bi_set( product_attributes, bi_1);
+ ra = (bi_array_ptr)malloc( sizeof( struct _bi_array));
+ if( ra == NULL) {
+ LogError("malloc of %d bytes failed", sizeof( struct _bi_array));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_new_array( ra, attributesPlatformLength);
+ if( ra->array == NULL) {
+ LogError("malloc of bi_array <%s> failed", "ra");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( i=0; i < attributesPlatformLength; i++) {
+ bi_urandom( ra->array[i], size_bits);
+ LogDebug("ra[i]=%s size=%d", bi_2_hex_char( ra->array[i]), size_bits);
+ // product_attributes=(((capitalYplatform ^ ra[i]) % n)*<product_attributes-1>)%n
+ bi_mod_exp( tmp1, pk_internal->capitalRReceiver->array[i], ra->array[i], n);
+ bi_mul( tmp1, tmp1, product_attributes);
+ bi_mod( product_attributes, tmp1, n);
+ }
+ size_bits = DAA_PARAM_SIZE_F_I+2*DAA_PARAM_SAFETY_MARGIN+DAA_PARAM_SIZE_MESSAGE_DIGEST;
+ bi_urandom( rv_tilde_prime, size_bits);
+ // capital_utilde = ( capitalS ^ rv_tilde_prime) % n
+ bi_mod_exp( capital_utilde, pk_internal->capitalS, rv_tilde_prime, n);
+ // capital_utilde = capital_utilde * product_attributes
+ bi_mul( capital_utilde, capital_utilde, product_attributes);
+ // capital_utilde = capital_utilde % n
+ bi_mod( capital_utilde, capital_utilde, n);
+ // 5e
+ capital_Uprime = bi_set_as_nbin( joinSession->capitalUPrimeLength,
+ joinSession->capitalUPrime); // allocation
+ if( capital_Uprime == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_Uprime");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug("calculation UTilde: capitalS:%s\n", bi_2_hex_char( pk_internal->capitalS));
+ LogDebug("calculation UTilde: rv_tilde_prime:%s\n", bi_2_hex_char( rv_tilde_prime));
+ LogDebug("calculation UTilde: n:%s\n", bi_2_hex_char( n));
+ LogDebug("calculation UTilde: product_attributes:%s\n", bi_2_hex_char( product_attributes));
+ LogDebug("calculation NItilde: ntilde:%s\n", bi_2_hex_char( capital_ni_tilde));
+
+ result = compute_join_challenge_host(
+ hDAA,
+ pk_internal,
+ capitalU,
+ capital_Uprime,
+ capital_utilde,
+ capital_utilde_prime,
+ capital_ni,
+ capital_ni_tilde,
+ 0, // TODO commitmentProofLength
+ NULL, // TODO commitment
+ nonceIssuerLength,
+ nonceIssuer,
+ &chLength, // out
+ &ch // out allocation
+ );
+ if( result != TSS_SUCCESS) goto close;
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 16,
+ chLength, ch,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ nonce_tpm = outputData;
+ nonce_tpmLength = outputSize;
+ LogDebug("Done Join 16: compute_join_challenge_host return nonce_tpm:%s",
+ dump_byte_array(nonce_tpmLength, nonce_tpm));
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 17,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ s_f0 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( s_f0 == NULL) {
+ LogError("malloc of <bi> %s failed", "s_f0");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug("Done Join 17: return sF0:%s", dump_byte_array(outputSize, outputData) );
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 18,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ s_f1 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( s_f1 == NULL) {
+ LogError("malloc of <bi> %s failed", "s_f1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug("Done Join 18: return sF1:%s", dump_byte_array(outputSize, outputData) );
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 19,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 19: return sv_prime1");
+ sv_prime1 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( sv_prime1 == NULL) {
+ LogError("malloc of <bi> %s failed", "sv_prime1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 20,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 20: return cByte");
+ c_byte = (BYTE *)calloc_tspi( tcsContext, outputSize);
+ if( c_byte == NULL) {
+ LogError("malloc of %d bytes failed", outputSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ memcpy( c_byte, outputData, outputSize);
+ free( outputData);
+ c_byteLength = outputSize;
+ c = bi_set_as_nbin( c_byteLength, c_byte); // allocation
+ if( c == NULL) {
+ LogError("malloc of <bi> %s failed", "c");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+
+ // verify computation of c by TPM
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ EVP_DigestUpdate(mdctx, ch, chLength);
+ EVP_DigestUpdate(mdctx, nonce_tpm, nonce_tpmLength);
+ nonce_tpm = convert_alloc( tcsContext, nonce_tpmLength, nonce_tpm); // allocation
+ if( nonce_tpm == NULL) {
+ LogError("malloc of %d bytes failed", nonce_tpmLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ internal_cbyteLength = EVP_MD_CTX_size(mdctx);
+ internal_cbyte = (BYTE *)malloc( internal_cbyteLength);
+ if( internal_cbyte == NULL) {
+ LogError("malloc of %d bytes failed", internal_cbyteLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ EVP_DigestFinal(mdctx, internal_cbyte, NULL);
+ if( c_byteLength != internal_cbyteLength ||
+ memcmp( c_byte, internal_cbyte, c_byteLength) != 0) {
+ LogError( "Computation of c in TPM DAA Join command is incorrect. Affected stages: 16,20\n");
+ LogError( "\t c_byte[%d] %s",
+ c_byteLength,
+ dump_byte_array( c_byteLength, c_byte));
+ LogError( "\tc_internal_byte[%d] %s",
+ internal_cbyteLength,
+ dump_byte_array( internal_cbyteLength, internal_cbyte));
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+
+ // 5m) blind attributesReceiver
+ sa = (bi_array_ptr)malloc( sizeof( struct _bi_array));
+ if( sa == NULL) {
+ LogError("malloc of %d bytes failed", sizeof( struct _bi_array));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_new_array( sa, attributesPlatformLength);
+ for( i=0; i < attributesPlatformLength; i++) {
+ attributePlatform = bi_set_as_nbin( DAA_PARAM_SIZE_F_I / 8,
+ attributesPlatform[i]); // allocation
+ if( attributePlatform == NULL) {
+ LogError("malloc of <bi> %s failed", "attributePlatform");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug("calculating sa[%d]: raLength=%ld cLength=%ld attributesPlatformLength=%ld\n",
+ i, bi_nbin_size( ra->array[i]), bi_nbin_size( c), bi_nbin_size( attributePlatform));
+ bi_add( sa->array[i], ra->array[i], bi_mul( tmp1, c, attributePlatform));
+ bi_free_ptr( attributePlatform);
+ }
+ attributePlatform = NULL;
+ // 5o) Commitments
+ // TODO
+
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 21,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 21: return sv_prime2");
+ sv_prime2 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( sv_prime2 == NULL) {
+ LogError("malloc of <bi> %s failed", "sv_prime2");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ sv_prime = bi_new_ptr();
+ if( sv_prime == NULL) {
+ LogError("malloc of <bi> %s failed", "sv_prime");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // sv_prime = sv_prime2 << DAA_PARAM_SIZE_SPLIT_EXPONENT
+ bi_shift_left( sv_prime, sv_prime2, DAA_PARAM_SIZE_SPLIT_EXPONENT);
+ // sv_prime = sv_prime + sv_prime1
+ bi_add( sv_prime, sv_prime, sv_prime1);
+
+ sv_tilde_prime = bi_new_ptr();
+ // tmp1 = c * v_tilde_prime
+ bi_mul( tmp1, c, v_tilde_prime);
+ // sv_tilde_prime = rv_tilde_prime + tmp1
+ bi_add( sv_tilde_prime, rv_tilde_prime, tmp1);
+
+ // step 6) - choose nonce
+ bi_urandom( tmp1, DAA_PARAM_SAFETY_MARGIN * 8);
+ noncePlatform = (BYTE *)calloc_tspi( tcsContext, DAA_PARAM_SAFETY_MARGIN);
+ if( noncePlatform == NULL) {
+ LogError("malloc of <bi> %s failed", "noncePlatform");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &noncePlatformLength, noncePlatform, tmp1);
+
+ LogDebug("challenge:%s", dump_byte_array( c_byteLength, c_byte));
+ LogDebug("sF0 [%ld]:%s", bi_length( s_f0), bi_2_hex_char( s_f0));
+ LogDebug("sF1 [%ld]:%s", bi_length( s_f1), bi_2_hex_char( s_f1));
+ LogDebug("sv_prime [%ld]:%s", bi_length( sv_prime), bi_2_hex_char( sv_prime));
+ LogDebug("sv_tilde_prime [%ld]:%s", bi_length( sv_tilde_prime), bi_2_hex_char( sv_tilde_prime));
+ // update joinSession
+ joinSession->capitalU = calloc_tspi( tcsContext, bi_nbin_size( capitalU));
+ if( joinSession->capitalU == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( capitalU));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(joinSession->capitalULength),
+ joinSession->capitalU,
+ capitalU);
+ joinSession->attributesPlatformLength = attributesPlatformLength;
+ joinSession->attributesPlatform = calloc_tspi( tcsContext, sizeof(BYTE *));
+ for( i=0; i<joinSession->attributesPlatformLength; i++) {
+ joinSession->attributesPlatform[i] =
+ calloc_tspi( tcsContext,DAA_PARAM_SIZE_F_I / 8);
+ memcpy( joinSession->attributesPlatform[i],
+ attributesPlatform[i],
+ DAA_PARAM_SIZE_F_I / 8);
+ }
+ joinSession->noncePlatform = noncePlatform;
+ joinSession->noncePlatformLength = noncePlatformLength;
+ joinSession->vTildePrime = calloc_tspi( tcsContext, bi_nbin_size( v_tilde_prime));
+ if( joinSession->vTildePrime == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( v_tilde_prime));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(joinSession->vTildePrimeLength),
+ joinSession->vTildePrime,
+ v_tilde_prime);
+ // update credentialRequest
+ credentialRequest->capitalU = calloc_tspi( tcsContext, bi_nbin_size( capitalU));
+ if( credentialRequest->capitalU == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( capitalU));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credentialRequest->capitalULength),
+ credentialRequest->capitalU,
+ capitalU);
+ credentialRequest->capitalNi = calloc_tspi( tcsContext, bi_nbin_size( capital_ni));
+ if( credentialRequest->capitalNi == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( capital_ni));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credentialRequest->capitalNiLength),
+ credentialRequest->capitalNi,
+ capital_ni);
+ credentialRequest->authenticationProofLength = authentication_proofLength;
+ credentialRequest->authenticationProof = authentication_proof;
+ credentialRequest->challenge = c_byte;
+ credentialRequest->challengeLength = c_byteLength;
+ credentialRequest->nonceTpm = nonce_tpm;
+ credentialRequest->nonceTpmLength = nonce_tpmLength;
+ credentialRequest->noncePlatform = noncePlatform;
+ credentialRequest->noncePlatformLength = DAA_PARAM_SAFETY_MARGIN;
+ credentialRequest->sF0 = calloc_tspi( tcsContext, bi_nbin_size( s_f0));
+ if( credentialRequest->sF0 == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( s_f0));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credentialRequest->sF0Length), credentialRequest->sF0, s_f0);
+ credentialRequest->sF1 = calloc_tspi( tcsContext, bi_nbin_size( s_f1));
+ if( credentialRequest->sF1 == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( s_f1));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credentialRequest->sF1Length), credentialRequest->sF1, s_f1);
+ credentialRequest->sVprime = calloc_tspi( tcsContext, bi_nbin_size( sv_prime));
+ if( credentialRequest->sVprime == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( sv_prime));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credentialRequest->sVprimeLength),
+ credentialRequest->sVprime,
+ sv_prime);
+ credentialRequest->sVtildePrime = calloc_tspi( tcsContext, bi_nbin_size( sv_tilde_prime));
+ if( credentialRequest->sVtildePrime == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( sv_tilde_prime));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(credentialRequest->sVtildePrimeLength),
+ credentialRequest->sVtildePrime,
+ sv_tilde_prime);
+ length = (DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES + 7) / 8;
+ LogDebug("SA length=%d", sa->length);
+ credentialRequest->sA = calloc_tspi( tcsContext, sizeof( BYTE *) * sa->length);
+ if( credentialRequest->sA == NULL) {
+ LogError("malloc of %d bytes failed", sizeof( BYTE *) * sa->length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+
+ for( i=0; i<(UINT32)sa->length; i++) {
+ LogDebug("sa[%d].size=%d", i, (int)bi_nbin_size( sa->array[i]));
+ credentialRequest->sA[i] = calloc_tspi( tcsContext, length);
+ if( credentialRequest->sA[i] == NULL) {
+ LogError("malloc of %d bytes failed", length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // size used only as repository
+ bi_2_byte_array( credentialRequest->sA[i], length, sa->array[i]);
+ }
+ credentialRequest->sALength = sa->length;
+close:
+ EVP_MD_CTX_destroy(mdctx);
+ if( capitalSprime_byte_array!=NULL) free( capitalSprime_byte_array);
+ if( ch!=NULL) free( ch);
+ if( internal_cbyte != NULL) free( internal_cbyte);
+ bi_free_ptr( rv_tilde_prime);
+ bi_free_ptr( v_tilde_prime);
+ bi_free_ptr( capital_utilde);
+ bi_free_ptr( tmp1);
+ bi_free_ptr( tmp2);
+ bi_free_ptr( capitalU);
+ if( ra != NULL) {
+ bi_free_array( ra);
+ free( ra);
+ }
+ if( sa != NULL) {
+ bi_free_array( sa);
+ free( sa);
+ }
+ FREE_BI( capital_ni);
+ FREE_BI( capital_utilde_prime);
+ FREE_BI( capital_ni_tilde);
+ FREE_BI( n);
+ FREE_BI( attributePlatform);
+ FREE_BI( c);
+ FREE_BI( zeta);
+ FREE_BI( capital_Uprime);
+ FREE_BI( sv_tilde_prime);
+ FREE_BI( s_f0);
+ FREE_BI( s_f1);
+ FREE_BI( sv_prime);
+ FREE_BI( sv_prime1);
+ FREE_BI( sv_prime2);
+ FREE_BI( product_attributes);
+ free_TSS_DAA_PK_internal( pk_internal);
+ return result;
+}
+
+/*
+Code influenced by TSS.java (joinStoreCredential)
+*/
+TSPICALL Tspi_TPM_DAA_JoinStoreCredential_internal
+(
+ TSS_HDAA hDAA, // in
+ TSS_HTPM hTPM, // in
+ TSS_DAA_CRED_ISSUER credIssuer, // in
+ TSS_DAA_JOIN_SESSION joinSession, // in
+ TSS_HKEY* hDaaCredential // out
+) {
+ TCS_CONTEXT_HANDLE tcsContext;
+ TPM_AUTH ownerAuth;
+ bi_ptr tmp1 = bi_new_ptr();
+ bi_ptr tmp2 = bi_new_ptr();
+ bi_ptr n = NULL;
+ bi_ptr e = NULL;
+ bi_ptr fraction_A = NULL;
+ bi_ptr v_prime_prime = NULL;
+ bi_ptr capital_U = NULL;
+ bi_ptr product_attributes = NULL;
+ bi_ptr capital_Atilde = NULL;
+ bi_ptr s_e = NULL;
+ bi_ptr c_prime = NULL;
+ bi_ptr capital_A = NULL;
+ bi_ptr product = NULL;
+ bi_ptr v_tilde_prime = NULL;
+ bi_ptr v_prime_prime0 = NULL;
+ bi_ptr v_prime_prime1 = NULL;
+ TSS_DAA_PK *daa_pk_extern;
+ TSS_DAA_PK_internal *pk_intern = NULL;
+ TSS_DAA_CREDENTIAL *daaCredential;
+ bi_array_ptr attributes_issuer;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT32 i;
+ UINT32 c_byteLength, v0Length, v1Length, tpm_specificLength;
+ BYTE *c_byte = NULL;
+ BYTE *v0 = NULL;
+ BYTE *v1 = NULL;
+ BYTE *tpm_specific = NULL;
+
+ if( tmp1 == NULL || tmp2 == NULL) {
+ LogError("malloc of bi(s) failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ if( (result = obj_tpm_is_connected( hTPM, &tcsContext)) != TSS_SUCCESS) return result;
+ obj_daa_set_handle_tpm( hDAA, hTPM);
+
+ LogDebug("Converting issuer public");
+ daa_pk_extern = (TSS_DAA_PK *)joinSession.issuerPk;
+ pk_intern = e_2_i_TSS_DAA_PK( daa_pk_extern);
+ if( pk_intern == NULL) {
+ LogError("malloc of pk_intern failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ n = bi_new_ptr();
+ if( n == NULL) {
+ LogError("malloc of bi <%s> failed", "n");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( n, pk_intern->modulus);
+ attributes_issuer = (bi_array_ptr)malloc( sizeof( struct _bi_array));
+ if( attributes_issuer == NULL) {
+ LogError("malloc of %d bytes failed", sizeof( struct _bi_array));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_new_array( attributes_issuer, credIssuer.attributesIssuerLength);
+ if( attributes_issuer->array == NULL) {
+ LogError("malloc of bi_array <%s> failed", "attributes_issuer->array");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( i=0; i < credIssuer.attributesIssuerLength; i++) {
+ // allocation
+ attributes_issuer->array[i] = bi_set_as_nbin( DAA_PARAM_SIZE_F_I / 8,
+ credIssuer.attributesIssuer[i]);
+ if( attributes_issuer->array[i] == NULL) {
+ LogError("malloc of bi <attributes_issuer->array[%d]> failed", i);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ }
+ LogDebug("verify credential of issuer ( part 1)");
+ e = bi_set_as_nbin( credIssuer.eLength, credIssuer.e); // allocation
+ if( e == NULL) {
+ LogError("malloc of bi <%s> failed", "e");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( tmp1, bi_0);
+ bi_setbit( tmp1, DAA_PARAM_SIZE_EXPONENT_CERTIFICATE - 1);
+ bi_set( tmp2, bi_0);
+ bi_setbit( tmp1, DAA_PARAM_SIZE_INTERVAL_EXPONENT_CERTIFICATE - 1);
+ bi_add( tmp1, tmp1, tmp2);
+ if( bi_is_probable_prime( e) == 0 ||
+ bi_length(e) < DAA_PARAM_SIZE_EXPONENT_CERTIFICATE ||
+ bi_cmp( e, tmp1) > 0) {
+ LogError("Verification e failed - Step 1.a");
+ LogError("\tPrime(e):%d", bi_is_probable_prime( e));
+ LogError("\tbit_length(e):%ld", bi_length(e));
+ LogError("\te > (2^(l_e) + 2^(l_prime_e)):%d", bi_cmp( e, tmp1));
+ result = TSS_E_DAA_CREDENTIAL_PROOF_ERROR;
+ goto close;
+ }
+ LogDebug("verify credential of issuer (part 2) with proof");
+ fraction_A = bi_new_ptr();
+ if( fraction_A == NULL) {
+ LogError("malloc of bi <%s> failed", "fraction_A");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ v_prime_prime = bi_set_as_nbin( credIssuer.vPrimePrimeLength,
+ credIssuer.vPrimePrime); // allocation
+ if( v_prime_prime == NULL) {
+ LogError("malloc of bi <%s> failed", "v_prime_prime");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capital_U = bi_set_as_nbin( joinSession.capitalULength,
+ joinSession.capitalU); // allocation
+ if( capital_U == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_U");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( fraction_A, pk_intern->capitalS, v_prime_prime, n);
+ bi_mul( fraction_A, fraction_A, capital_U);
+ bi_mod( fraction_A, fraction_A, n);
+ LogDebug("encode attributes");
+ product_attributes = bi_new_ptr();
+ bi_set( product_attributes, bi_1);
+ for( i=0; i<(UINT32)attributes_issuer->length; i++) {
+ bi_mod_exp( tmp1, pk_intern->capitalRIssuer->array[i],
+ attributes_issuer->array[i], n);
+ bi_mul( product_attributes, tmp1, product_attributes);
+ bi_mod( product_attributes, product_attributes, n);
+ }
+ bi_mul( fraction_A, fraction_A, product_attributes);
+ bi_mod( fraction_A, fraction_A, n);
+ capital_Atilde = bi_new_ptr();
+ if( capital_Atilde == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_Atilde");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_invert_mod( capital_Atilde, fraction_A, n);
+ bi_mul( capital_Atilde, capital_Atilde, pk_intern->capitalZ);
+ bi_mod( capital_Atilde, capital_Atilde, n);
+ s_e = bi_set_as_nbin( credIssuer.sELength, credIssuer.sE); // allocation
+ if( s_e == NULL) {
+ LogError("malloc of bi <%s> failed", "s_e");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( capital_Atilde, capital_Atilde, s_e, n);
+ c_prime = bi_set_as_nbin( credIssuer.cPrimeLength, credIssuer.cPrime); // allocation
+ if( c_prime == NULL) {
+ LogError("malloc of bi <%s> failed", "c_prime");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capital_A = bi_set_as_nbin( credIssuer.capitalALength, credIssuer.capitalA); // allocation
+ if( capital_A == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_A");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( tmp1, capital_A, c_prime, n);
+ bi_mul( capital_Atilde, capital_Atilde, tmp1);
+ bi_mod( capital_Atilde, capital_Atilde, n);
+
+ result = compute_join_challenge_issuer( pk_intern,
+ v_prime_prime,
+ capital_A,
+ capital_Atilde,
+ joinSession.noncePlatformLength,
+ joinSession.noncePlatform,
+ &c_byteLength,
+ &c_byte); // out allocation
+ if( result != TSS_SUCCESS) goto close;
+ if( credIssuer.cPrimeLength != c_byteLength ||
+ memcmp( credIssuer.cPrime, c_byte, c_byteLength)!=0) {
+ LogError("Verification of c failed - Step 1.c.i");
+ LogError("credentialRequest.cPrime[%d]=%s",
+ credIssuer.cPrimeLength,
+ dump_byte_array( credIssuer.cPrimeLength, credIssuer.cPrime) );
+ LogError("challenge[%d]=%s",
+ c_byteLength,
+ dump_byte_array( c_byteLength, c_byte) );
+ result = TSS_E_DAA_CREDENTIAL_PROOF_ERROR;
+ goto close;
+ }
+ product = bi_new_ptr();
+ if( product == NULL) {
+ LogError("malloc of bi <%s> failed", "product");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( product, capital_A, e, n);
+ bi_mul( product, product, fraction_A);
+ bi_mod( product, product, n);
+ if( bi_equals( pk_intern->capitalZ, product) == 0) {
+ LogError("Verification of A failed - Step 1.c.ii");
+ LogError("\tcapitalZ=%s", bi_2_hex_char( pk_intern->capitalZ));
+ LogError("\tproduct=%s", bi_2_hex_char( product));
+ result = TSS_E_DAA_CREDENTIAL_PROOF_ERROR;
+ goto close;
+ }
+ v_tilde_prime = bi_set_as_nbin( joinSession.vTildePrimeLength,
+ joinSession.vTildePrime); // allocation
+ bi_add( v_prime_prime, v_prime_prime, v_tilde_prime);
+ bi_shift_left( tmp1, bi_1, DAA_PARAM_SIZE_SPLIT_EXPONENT);
+ v_prime_prime0 = bi_new_ptr();
+ if( v_prime_prime0 == NULL) {
+ LogError("malloc of bi <%s> failed", "v_prime_prime0");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod( v_prime_prime0, v_prime_prime, tmp1);
+ v_prime_prime1 = bi_new_ptr();
+ if( v_prime_prime1 == NULL) {
+ LogError("malloc of bi <%s> failed", "v_prime_prime1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_shift_right( v_prime_prime1, v_prime_prime, DAA_PARAM_SIZE_SPLIT_EXPONENT);
+ free( c_byte);
+ c_byte = (BYTE *)malloc( TPM_DAA_SIZE_v0);
+ if( c_byte == NULL) {
+ LogError("malloc of %d bytes failed", TPM_DAA_SIZE_v0);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_byte_array( c_byte, TPM_DAA_SIZE_v0, v_prime_prime0);
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 22,
+ TPM_DAA_SIZE_v0, c_byte,
+ 0, NULL,
+ &ownerAuth, &v0Length, &v0);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 22: return v0");
+ free( c_byte);
+ c_byte = (BYTE *)malloc( TPM_DAA_SIZE_v1);
+ if( c_byte == NULL) {
+ LogError("malloc of %d bytes failed", TPM_DAA_SIZE_v1);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_byte_array( c_byte, TPM_DAA_SIZE_v1, v_prime_prime1);
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 23,
+ TPM_DAA_SIZE_v1, c_byte,
+ 0, NULL,
+ &ownerAuth, &v1Length, &v1);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug("Done Join 23: return v1");
+ result = Tcsip_TPM_DAA_Join_encapsulate( tcsContext, hDAA,
+ 24,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &tpm_specificLength, &tpm_specific);
+ if( result != TSS_SUCCESS) goto close;
+
+ daaCredential = (TSS_DAA_CREDENTIAL *)hDaaCredential;
+ daaCredential->capitalA = calloc_tspi( tcsContext, bi_nbin_size( capital_A));
+ if( daaCredential->capitalA == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( capital_A));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaCredential->capitalALength), daaCredential->capitalA, capital_A);
+ daaCredential->exponent = calloc_tspi( tcsContext, bi_nbin_size( e));
+ if( daaCredential->exponent == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( e));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaCredential->exponentLength), daaCredential->exponent, e);
+ daaCredential->vBar0 = calloc_tspi( tcsContext, v0Length);
+ if( daaCredential->vBar0 == NULL) {
+ LogError("malloc of %d bytes failed", v0Length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ daaCredential->vBar0Length = v0Length;
+ memcpy( daaCredential->vBar0, v0, v0Length);
+ LogDebug("vBar0[%d]=%s",
+ daaCredential->vBar0Length,
+ dump_byte_array( daaCredential->vBar0Length, daaCredential->vBar0));
+ daaCredential->vBar1 = calloc_tspi( tcsContext, v1Length);
+ if( daaCredential->vBar1 == NULL) {
+ LogError("malloc of %d bytes failed", v1Length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ daaCredential->vBar1Length = v1Length;
+ memcpy( daaCredential->vBar1, v1, v1Length);
+ LogDebug("vBar1[%d]=%s",
+ daaCredential->vBar1Length,
+ dump_byte_array( daaCredential->vBar1Length, daaCredential->vBar1));
+ //TODO remove
+ LogDebug("[BUSS] joinSession.attributesPlatformLength=%d",
+ joinSession.attributesPlatformLength);
+ LogDebug("[BUSS] credIssuer.attributesIssuerLength=%d",
+ credIssuer.attributesIssuerLength);
+ daaCredential->attributesLength = joinSession.attributesPlatformLength +
+ credIssuer.attributesIssuerLength;
+ daaCredential->attributes = (BYTE **)calloc_tspi( tcsContext,
+ sizeof(BYTE *) * daaCredential->attributesLength);
+ if( daaCredential->attributes == NULL) {
+ LogError("malloc of %d bytes failed",
+ sizeof(BYTE *) * daaCredential->attributesLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( i=0; i < joinSession.attributesPlatformLength; i++) {
+ daaCredential->attributes[i] = calloc_tspi( tcsContext, DAA_PARAM_SIZE_F_I / 8);
+ if( daaCredential->attributes[i] == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_SIZE_F_I / 8);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug("allocation attributes[%d]=%lx", i, (long)daaCredential->attributes[i]);
+ memcpy( daaCredential->attributes[i],
+ joinSession.attributesPlatform[i],
+ DAA_PARAM_SIZE_F_I / 8);
+ }
+ for( i=0; i < credIssuer.attributesIssuerLength; i++) {
+ daaCredential->attributes[i+joinSession.attributesPlatformLength] =
+ calloc_tspi( tcsContext, DAA_PARAM_SIZE_F_I / 8);
+ if( daaCredential->attributes[i+joinSession.attributesPlatformLength] == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_SIZE_F_I / 8);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ memcpy( daaCredential->attributes[i+joinSession.attributesPlatformLength],
+ credIssuer.attributesIssuer[i], DAA_PARAM_SIZE_F_I / 8);
+ }
+ memcpy( &(daaCredential->issuerPK), daa_pk_extern, sizeof( TSS_DAA_PK));
+ daaCredential->tpmSpecificEnc = calloc_tspi( tcsContext, tpm_specificLength);
+ if( daaCredential->tpmSpecificEnc == NULL) {
+ LogError("malloc of %d bytes failed", tpm_specificLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ daaCredential->tpmSpecificEncLength = tpm_specificLength;
+ memcpy( daaCredential->tpmSpecificEnc, tpm_specific, tpm_specificLength);
+ // TODO store in TSS this TSS_DAA_CREDENTIAL_REQUEST
+ *hDaaCredential = (TSS_HKEY)daaCredential;
+close:
+ if( v0 != NULL) free( v0);
+ if( v1 != NULL) free( v1);
+ if( tpm_specific != NULL) free( tpm_specific);
+ if( c_byte != NULL) free( c_byte);
+ bi_free_ptr( tmp2);
+ bi_free_ptr( tmp1);
+ if( attributes_issuer != NULL) {
+ bi_free_array( attributes_issuer);
+ free( attributes_issuer);
+ }
+ FREE_BI( v_prime_prime1);
+ FREE_BI( v_prime_prime0);
+ FREE_BI( v_tilde_prime);
+ FREE_BI( product);
+ FREE_BI( capital_A);
+ FREE_BI( c_prime);
+ FREE_BI( s_e);
+ FREE_BI( capital_Atilde);
+ FREE_BI( product_attributes);
+ FREE_BI( capital_U);
+ FREE_BI( v_prime_prime);
+ FREE_BI( fraction_A);
+ FREE_BI( e);
+ FREE_BI( n);
+ if( pk_intern!=NULL) free_TSS_DAA_PK_internal( pk_intern);
+ return result;
+}
+
+static void add_splitet( bi_ptr result, bi_ptr a, bi_ptr b) {
+ bi_shift_left( result, bi_1, DAA_PARAM_SIZE_SPLIT_EXPONENT);
+ bi_mul( result, result, b);
+ bi_add( result, result, a);
+}
+
+/* code influenced by TSS.java (signStep) */
+TSS_RESULT Tspi_TPM_DAA_Sign_internal
+(
+ TSS_HDAA hDAA, // in
+ TSS_HTPM hTPM, // in
+ TSS_HKEY hDaaCredential, // in
+ TSS_DAA_SELECTED_ATTRIB revealAttributes, // in
+ UINT32 verifierBaseNameLength, // in
+ BYTE* verifierBaseName, // in
+ UINT32 verifierNonceLength, // in
+ BYTE* verifierNonce, // in
+ TSS_DAA_SIGN_DATA signData, // in
+ TSS_DAA_SIGNATURE* daaSignature // out
+)
+{
+ TCS_CONTEXT_HANDLE tcsContext;
+ TSS_DAA_CREDENTIAL *daaCredential;
+ TPM_DAA_ISSUER *tpm_daa_issuer;
+ TPM_AUTH ownerAuth;
+ TSS_RESULT result = TSS_SUCCESS;
+ TSS_DAA_PK *pk;
+ TSS_DAA_PK_internal *pk_intern;
+ int i;
+ bi_ptr tmp1 = bi_new_ptr(), tmp2;
+ bi_ptr n = NULL;
+ bi_ptr capital_gamma = NULL;
+ bi_ptr gamma = NULL;
+ bi_ptr zeta = NULL;
+ bi_ptr r = NULL;
+ bi_ptr t_tilde_T = NULL;
+ bi_ptr capital_Nv = NULL;
+ bi_ptr capital_N_tilde_v = NULL;
+ bi_ptr w = NULL;
+ bi_ptr capital_T = NULL;
+ bi_ptr r_E = NULL;
+ bi_ptr r_V = NULL;
+ bi_ptr capital_T_tilde = NULL;
+ bi_ptr capital_A = NULL;
+ bi_array_ptr capital_R;
+ bi_ptr product_R = NULL;
+ bi_array_ptr r_A = NULL;
+ bi_array_ptr s_A = NULL;
+ bi_ptr c = NULL;
+ bi_ptr sF0 = NULL;
+ bi_ptr sF1 = NULL;
+ bi_ptr sV1 = NULL;
+ bi_ptr sV2 = NULL;
+ bi_ptr e = NULL;
+ bi_ptr s_E = NULL;
+ bi_ptr s_V = NULL;
+ CS_ENCRYPTION_RESULT_RANDOMNESS *encryption_result_rand = NULL;
+ BYTE *issuer_settings = NULL, *outputData, byte;
+ BYTE *buffer = NULL, *ch = NULL, *nonce_tpm = NULL, *c_bytes = NULL;
+ UINT32 issuer_settingsLength, outputSize, length, size_bits, chLength;
+ UINT32 nonce_tpmLength;
+ UINT32 c_bytesLength, return_sign_session;
+ // for anonymity revocation
+ CS_ENCRYPTION_RESULT *encryption_result = NULL;
+ CS_ENCRYPTION_RESULT *encryption_result_tilde = NULL;
+ TSS_DAA_PSEUDONYM *signature_pseudonym;
+ TSS_DAA_PSEUDONYM_PLAIN *pseudonym_plain = NULL;
+ TSS_DAA_PSEUDONYM_PLAIN *pseudonym_plain_tilde = NULL;
+ TSS_DAA_ATTRIB_COMMIT *signed_commitments;
+
+ if( (result = obj_tpm_is_connected( hTPM, &tcsContext)) != TSS_SUCCESS)
+ return result;
+ if( tmp1 == NULL) {
+ LogError("malloc of bi <%s> failed", "tmp1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ obj_daa_set_handle_tpm( hDAA, hTPM);
+ // TODO retrieve the daaCredential from the persistence storage
+ daaCredential = (TSS_DAA_CREDENTIAL *)hDaaCredential;
+ pk = (TSS_DAA_PK *)&(daaCredential->issuerPK);
+ pk_intern = e_2_i_TSS_DAA_PK( pk);
+ if( pk_intern == NULL) {
+ LogError("malloc of <%s> failed", "pk_intern");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ tpm_daa_issuer = convert2issuer_settings( pk_intern);
+ if( daaCredential->attributesLength == 0 ||
+ daaCredential->attributesLength != revealAttributes.indicesListLength) {
+ LogDebug("Problem with the reveal attribs: attributes length:%d reveal length:%d",
+ daaCredential->attributesLength, revealAttributes.indicesListLength);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ if( verifierNonce == NULL ||
+ verifierNonceLength != DAA_PARAM_LENGTH_MESSAGE_DIGEST) {
+ LogDebug("Problem with the nonce verifier: nonce verifier length:%d",
+ verifierNonceLength);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ n = bi_new_ptr();
+ if( n == NULL) {
+ LogError("malloc of bi <%s> failed", "n");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( n, pk_intern->modulus);
+ capital_gamma = bi_new_ptr();
+ if( capital_gamma == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_gamma");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( capital_gamma, pk_intern->capitalGamma);
+ gamma = bi_new_ptr();
+ if( gamma == NULL) {
+ LogError("malloc of bi <%s> failed", "gamma");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( gamma, pk_intern->gamma);
+ if( verifierBaseNameLength == 0 || verifierBaseName == NULL) {
+ r = bi_new_ptr();
+ compute_random_number( r, capital_gamma);
+ zeta = project_into_group_gamma( r, pk_intern); // allocation
+ if( zeta == NULL) {
+ LogError("malloc of bi <%s> failed", "zeta");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ } else {
+ zeta = compute_zeta( verifierBaseNameLength, verifierBaseName, pk_intern);
+ if( zeta == NULL) {
+ LogError("malloc of bi <%s> failed", "zeta");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ }
+ issuer_settings = issuer_2_byte_array( tpm_daa_issuer,
+ &issuer_settingsLength); // allocation
+ if( issuer_settings == NULL) {
+ LogError("malloc of %d bytes failed", issuer_settingsLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ LogDebug( "Issuer Settings:[%s]",
+ dump_byte_array(issuer_settingsLength, issuer_settings) );
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 0,
+ issuer_settingsLength, issuer_settings,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ // set the sessionHandle to the returned value
+ return_sign_session = ntohl( *((UINT32 *)outputData));
+ obj_daa_set_session_handle( hDAA, return_sign_session);
+ free( outputData);
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 1,
+ daaCredential->tpmSpecificEncLength, daaCredential->tpmSpecificEnc,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ free( outputData);
+ LogDebug( "done Sign 1 - TPM specific");
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 2,
+ pk->capitalR0Length, pk->capitalR0,
+ pk->modulusLength, pk->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ free( outputData);
+ LogDebug( "done Sign 2 - capitalR0");
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 3,
+ pk->capitalR1Length, pk->capitalR1,
+ pk->modulusLength, pk->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ free( outputData);
+ LogDebug( "done Sign 3 - capitalR1");
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 4,
+ pk->capitalSLength, pk->capitalS,
+ pk->modulusLength, pk->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ if( outputSize > 0 && outputData != NULL) free( outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 4 - capitalS");
+ buffer = bi_2_nbin( &length, pk_intern->capitalSprime); // allocation
+ if( buffer == NULL) {
+ LogError("malloc of %d bytes failed", length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 5,
+ length, buffer,
+ pk->modulusLength, pk->modulus,
+ &ownerAuth, &outputSize, &outputData);
+ free( buffer);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 5 - capitalSPrime. Return t_tilde_T");
+ t_tilde_T = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( t_tilde_T == NULL) {
+ LogError("malloc of bi <%s> failed", "t_tilde_T");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ // first precomputation until here possible (verifier independent)
+ length = TPM_DAA_SIZE_w;
+ buffer = (BYTE *)malloc( length);
+ if( buffer == NULL) {
+ LogError("malloc of %d bytes failed", length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_byte_array( buffer, length, zeta);
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 6,
+ pk->capitalGammaLength, pk->capitalGamma,
+ length, buffer,
+ &ownerAuth, &outputSize, &outputData);
+ free( buffer);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 6 - capitalGamma & zeta");
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 7,
+ pk->capitalGammaLength, pk->capitalGamma,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 7 - capitalGamma. Return capital_Nv");
+ capital_Nv = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( capital_Nv == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_Nv");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ // TODO Step 6 a.b - anonymity revocation
+
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 8,
+ pk->capitalGammaLength, pk->capitalGamma,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 8 - capitalGamma. Return capital_N_tilde_v");
+ capital_N_tilde_v = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( capital_N_tilde_v == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_N_tilde_v");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ // TODO Step 6 c,d - anonymity revocation
+
+ // Second precomputation until here possible (verifier dependent)
+ size_bits = DAA_PARAM_SIZE_RSA_MODULUS + DAA_PARAM_SAFETY_MARGIN;
+ w = bi_new_ptr();
+ if( w == NULL) {
+ LogError("malloc of bi <%s> failed", "w");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_urandom( w, size_bits);
+ capital_A = bi_set_as_nbin( daaCredential->capitalALength,
+ daaCredential->capitalA); // allocation
+ if( capital_A == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_A");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capital_T = bi_new_ptr();
+ if( capital_T == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_T");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( tmp1, pk_intern->capitalS, w, n);
+ bi_mul( capital_T, capital_A, tmp1);
+ bi_mod( capital_T, capital_T, n);
+ size_bits = DAA_PARAM_SIZE_INTERVAL_EXPONENT_CERTIFICATE +
+ DAA_PARAM_SAFETY_MARGIN + DAA_PARAM_SIZE_MESSAGE_DIGEST;
+ r_E = bi_new_ptr();
+ if( r_E == NULL) {
+ LogError("malloc of bi <%s> failed", "r_E");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_urandom( r_E, size_bits);
+ size_bits = DAA_PARAM_SIZE_EXPONENT_CERTIFICATE + DAA_PARAM_SIZE_RSA_MODULUS +
+ 2 * DAA_PARAM_SAFETY_MARGIN + DAA_PARAM_SIZE_MESSAGE_DIGEST + 1;
+ r_V = bi_new_ptr();
+ if( r_V == NULL) {
+ LogError("malloc of bi <%s> failed", "r_V");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_urandom( r_V, size_bits);
+ capital_T_tilde = bi_new_ptr();
+ if( capital_T_tilde == NULL) {
+ LogError("malloc of bi <%s> failed", "capital_T_tilde");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mod_exp( tmp1, capital_T, r_E, n);
+ bi_mul( capital_T_tilde, t_tilde_T, tmp1);
+ bi_mod( capital_T_tilde, capital_T_tilde, n);
+
+ bi_mod_exp( tmp1, pk_intern->capitalS, r_V, n);
+ bi_mul( capital_T_tilde, capital_T_tilde, tmp1);
+ bi_mod( capital_T_tilde, capital_T_tilde, n);
+
+ // attributes extension
+ size_bits = DAA_PARAM_SIZE_F_I +
+ DAA_PARAM_SAFETY_MARGIN +
+ DAA_PARAM_SIZE_MESSAGE_DIGEST;
+ capital_R = pk_intern->capitalY;
+ r_A = (bi_array_ptr)malloc( sizeof( struct _bi_array));
+ if( r_A == NULL) {
+ LogError("malloc of %d bytes failed", sizeof( struct _bi_array));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_new_array2( r_A, revealAttributes.indicesListLength);
+ product_R = bi_new_ptr();
+ if( product_R == NULL) {
+ LogError("malloc of bi <%s> failed", "product_R");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( product_R, bi_1);
+ for( i=0; i<(int)revealAttributes.indicesListLength; i++) {
+ if( revealAttributes.indicesList[i] == 0) {
+ // only non selected
+ r_A->array[i] = bi_new_ptr();
+ if( r_A->array[i] == NULL) {
+ LogError("malloc of bi <%s> failed", "r_A->array[i]");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_urandom( r_A->array[i] , size_bits);
+ bi_mod_exp( tmp1, capital_R->array[i], r_A->array[i], n);
+ bi_mul( product_R, product_R, tmp1);
+ bi_mod( product_R, product_R, n);
+ } else r_A->array[i] = NULL;
+ }
+ bi_mul( capital_T_tilde, capital_T_tilde, product_R);
+ bi_mod( capital_T_tilde, capital_T_tilde, n);
+ //TODO Step 8 - Commitments
+ // compute commitment to attributes not revealed to the verifier
+
+ //TODO Step 9 - callback functions
+
+ // only when revocation not enabled
+ pseudonym_plain = (TSS_DAA_PSEUDONYM_PLAIN *)calloc_tspi( tcsContext,
+ sizeof(TSS_DAA_PSEUDONYM_PLAIN));
+ if( pseudonym_plain == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(TSS_DAA_PSEUDONYM_PLAIN));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ init_tss_version( pseudonym_plain);
+ pseudonym_plain->capitalNv = calloc_tspi( tcsContext,
+ bi_nbin_size( capital_Nv));
+ if( pseudonym_plain->capitalNv == NULL) {
+ LogError("malloc of bi <%s> failed", "pseudonym_plain->capitalNv");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(pseudonym_plain->capitalNvLength),
+ pseudonym_plain->capitalNv,
+ capital_Nv);
+ pseudonym_plain_tilde = (TSS_DAA_PSEUDONYM_PLAIN *)
+ calloc_tspi( tcsContext,sizeof(TSS_DAA_PSEUDONYM_PLAIN));
+ if( pseudonym_plain_tilde == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(TSS_DAA_PSEUDONYM_PLAIN));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ init_tss_version( pseudonym_plain_tilde);
+ pseudonym_plain_tilde->capitalNv = calloc_tspi( tcsContext,
+ bi_nbin_size( capital_N_tilde_v));
+ if( pseudonym_plain_tilde->capitalNv == NULL) {
+ LogError("malloc of bi <%s> failed", "pseudonym_plain_tilde->capitalNv");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(pseudonym_plain_tilde->capitalNvLength),
+ pseudonym_plain_tilde->capitalNv,
+ capital_N_tilde_v);
+
+ // Step 10 - compute challenge
+ ch = compute_sign_challenge_host(
+ &chLength,
+ DAA_PARAM_get_message_digest(),
+ pk_intern,
+ verifierNonceLength,
+ verifierNonce,
+ 0, // int selected_attributes2commitLength,
+ NULL, // TSS_DAA_SELECTED_ATTRIB **selected_attributes2commit,
+ 0, // int is_anonymity_revocation_enabled,
+ zeta,
+ capital_T,
+ capital_T_tilde,
+ 0, // int attribute_commitmentsLength,
+ NULL, // TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitments,
+ NULL, // TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitment_proofs,
+ capital_Nv,
+ capital_N_tilde_v,
+ NULL, // CS_PUBLIC_KEY *anonymity_revocator_pk,
+ NULL, // CS_ENCRYPTION_RESULT *encryption_result_rand,
+ NULL //CS_ENCRYPTION_RESULT *encryption_result_proof)
+ );
+ if( ch == NULL) {
+ LogError("malloc in compute_sign_challenge_host failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ result = Tcsip_TPM_DAA_Sign( tcsContext, hDAA,
+ 9,
+ chLength, ch,
+ 0, NULL,
+ &ownerAuth, &nonce_tpmLength, &nonce_tpm);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 9 - compute sign challenge host. Return nonce_tpm");
+ byte = (BYTE)signData.payloadFlag; // 0 -> payload contains a handle to an AIK
+ // 1 -> payload contains a hashed message
+ result = Tcsip_TPM_DAA_Sign( tcsContext, hDAA,
+ 10,
+ sizeof(BYTE), &byte,
+ signData.payloadLength, signData.payload,
+ &ownerAuth, &c_bytesLength, &c_bytes);
+ LogDebug("calculation of c: ch[%d]%s", chLength, dump_byte_array( chLength, ch));
+ LogDebug("calculation of c: nonce_tpm[%d]%s",
+ nonce_tpmLength,
+ dump_byte_array( nonce_tpmLength, nonce_tpm));
+ LogDebug("calculation of c: sign_data.payloadFlag[%d]%x",
+ 1,
+ (int)signData.payloadFlag);
+ LogDebug("calculation of c: signdata.payload[%d]%s",
+ signData.payloadLength,
+ dump_byte_array( signData.payloadLength, signData.payload));
+
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 10 - compute signData.payload.");
+ LogDebug(" Return c_bytes[%d]%s",
+ c_bytesLength,
+ dump_byte_array( c_bytesLength, c_bytes));
+ c = bi_set_as_nbin( c_bytesLength, c_bytes); // allocation
+ if( c == NULL) {
+ LogError("malloc of bi <%s> failed", "c");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 11,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS)goto close;
+ LogDebug( "done Sign 11. Return sF0");
+ sF0 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( sF0 == NULL) {
+ LogError("malloc of bi <%s> failed", "sF0");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 12,
+ 0, NULL,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 12. Return sF1");
+ sF1 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( sF1 == NULL) {
+ LogError("malloc of bi <%s> failed", "sF1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 13,
+ daaCredential->vBar0Length, daaCredential->vBar0,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 13. Return sV1");
+ sV1 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( sV1 == NULL) {
+ LogError("malloc of bi <%s> failed", "sV1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 14,
+ daaCredential->vBar0Length, daaCredential->vBar0,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ free( outputData);
+ LogDebug( "done Sign 14.");
+ result = Tcsip_TPM_DAA_Sign(
+ tcsContext, hDAA,
+ 15,
+ daaCredential->vBar1Length, daaCredential->vBar1,
+ 0, NULL,
+ &ownerAuth, &outputSize, &outputData);
+ if( result != TSS_SUCCESS) goto close;
+ LogDebug( "done Sign 15. Return sV2");
+ sV2 = bi_set_as_nbin( outputSize, outputData); // allocation
+ if( sV2 == NULL) {
+ LogError("malloc of bi <%s> failed", "sV2");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ free( outputData);
+ // allocation
+ e = bi_set_as_nbin( daaCredential->exponentLength, daaCredential->exponent);
+ if( e == NULL) {
+ LogError("malloc of bi <%s> failed", "e");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // s_e = r_E + ( c * ( e - ( 1 << (sizeExponentCertificate -1))))
+ s_E = bi_new_ptr();
+ if( s_E == NULL) {
+ LogError("malloc of bi <%s> failed", "s_E");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_shift_left( tmp1, bi_1, DAA_PARAM_SIZE_EXPONENT_CERTIFICATE - 1);
+ bi_sub( tmp1, e, tmp1);
+ bi_mul( tmp1, c, tmp1);
+ bi_add( s_E, r_E, tmp1);
+ s_V = bi_new_ptr();
+ if( s_V == NULL) {
+ LogError("malloc of bi <%s> failed", "s_V");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ add_splitet( s_V, sV1, sV2);
+ bi_add( s_V, s_V, r_V);
+ bi_mul( tmp1, c, w);
+ bi_mul( tmp1, tmp1, e);
+ bi_sub( s_V, s_V, tmp1);
+ // attributes extension
+ // TODO verify the size of each selected attributes
+ s_A = (bi_array_ptr)malloc( sizeof( struct _bi_array));
+ if( s_A == NULL) {
+ LogError("malloc of bi_array <%s> failed", "s_A");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_new_array2( s_A, revealAttributes.indicesListLength);
+ if( s_A->array == NULL) {
+ LogError("malloc of bi_array <%s> failed", "s_A");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( i=0; i<(int)revealAttributes.indicesListLength; i++) {
+ if( revealAttributes.indicesList[i] == 0) {
+ s_A->array[i] = bi_new_ptr();
+ if( s_A->array[i] == NULL) {
+ LogError("malloc of bi <%s> failed", "s_A->array[i]");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ tmp2 = bi_set_as_nbin( DAA_PARAM_SIZE_F_I / 8,
+ daaCredential->attributes[i]); // allocation
+ if( tmp2 == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_SIZE_F_I / 8);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_mul( tmp1, c, tmp2);
+ // TODEL
+ LogDebug("daaCredential->attributes[i]=%ld", bi_nbin_size( tmp2));
+ LogDebug("r_A:%ld", bi_nbin_size( r_A->array[i]));
+ LogDebug("c:%ld", bi_nbin_size( c));
+ LogDebug("c*daaCredential->attributes[i]=%ld", bi_nbin_size( tmp1));
+ // END TODEL
+ bi_add( s_A->array[i], r_A->array[i], tmp1);
+ bi_free_ptr( tmp2);
+ } else s_A->array[i] = NULL;
+ }
+
+ // Compose result structure
+
+ // DAASignaturePseudonym TODO: implement anonymity revocation
+ // if ( !revocation_enabled)
+ signature_pseudonym = pseudonym_plain;
+
+ // populate the signature (TSS_DAA_SIGNATURE)
+ daaSignature->zeta = (BYTE *)calloc_tspi( tcsContext, bi_nbin_size( zeta));
+ if (daaSignature->zeta == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( zeta));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaSignature->zetaLength), daaSignature->zeta, zeta);
+ daaSignature->capitalT = (BYTE *)calloc_tspi( tcsContext, bi_nbin_size( capital_T));
+ if (daaSignature->capitalT == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( capital_T));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaSignature->capitalTLength), daaSignature->capitalT, capital_T);
+ daaSignature->challenge = (BYTE *)calloc_tspi( tcsContext, c_bytesLength);
+ if (daaSignature->challenge == NULL) {
+ LogError("malloc of %d bytes failed", c_bytesLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ daaSignature->challengeLength = c_bytesLength;
+ memcpy( daaSignature->challenge, c_bytes, c_bytesLength);
+ daaSignature->nonceTpm = (BYTE *)calloc_tspi( tcsContext, nonce_tpmLength);
+ if (daaSignature->nonceTpm == NULL) {
+ LogError("malloc of %d bytes failed", nonce_tpmLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ daaSignature->nonceTpmLength = nonce_tpmLength;
+ memcpy( daaSignature->nonceTpm, nonce_tpm, nonce_tpmLength);
+ daaSignature->sV = (BYTE *)calloc_tspi( tcsContext, bi_nbin_size( s_V));
+ if (daaSignature->sV == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( s_V));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaSignature->sVLength), daaSignature->sV, s_V);
+ daaSignature->sF0 = (BYTE *)calloc_tspi( tcsContext, bi_nbin_size( sF0));
+ if (daaSignature->sF0 == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( sF0));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaSignature->sF0Length), daaSignature->sF0, sF0);
+ daaSignature->sF1 = (BYTE *)calloc_tspi( tcsContext, bi_nbin_size( sF1));
+ if (daaSignature->sF1 == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( sF1));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaSignature->sF1Length), daaSignature->sF1, sF1);
+ daaSignature->sE = (BYTE *)calloc_tspi( tcsContext, bi_nbin_size( s_E));
+ if (daaSignature->sE == NULL) {
+ LogError("malloc of %ld bytes failed", bi_nbin_size( s_E));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_2_nbin1( &(daaSignature->sELength), daaSignature->sE, s_E);
+ daaSignature->sALength = revealAttributes.indicesListLength;
+ daaSignature->sA = (BYTE **)calloc_tspi(
+ tcsContext,
+ sizeof(BYTE *)*revealAttributes.indicesListLength);
+ if (daaSignature->sA == NULL) {
+ LogError("malloc of %d bytes failed",
+ sizeof(BYTE *)*revealAttributes.indicesListLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ length = (DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES + 7) / 8;
+ for( i=0; i<(int)revealAttributes.indicesListLength; i++) {
+ daaSignature->sA[i] = calloc_tspi( tcsContext, length);
+ if (daaSignature->sA[i] == NULL) {
+ LogError("malloc of %d bytes failed", length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ if( s_A->array[i] == NULL)
+ bi_2_byte_array( daaSignature->sA[i], length, bi_0);
+ else {
+ bi_2_byte_array( daaSignature->sA[i], length, s_A->array[i]);
+ LogDebug("size big_integer s_A[i] = %ld size daaSignature->sA[i]=%d",
+ bi_nbin_size( s_A->array[i]), length);
+ }
+ }
+ daaSignature->attributeCommitmentsLength = 0;
+ daaSignature->signedPseudonym = signature_pseudonym;
+close:
+ bi_free_ptr( tmp1);
+ if( c_bytes != NULL) free( c_bytes);
+ if( ch != NULL) free( ch);
+ if( nonce_tpm != NULL) free( nonce_tpm);
+ if( encryption_result !=NULL) free( encryption_result);
+ if( encryption_result_tilde !=NULL) free( encryption_result_tilde);
+ if( issuer_settings != NULL) free( issuer_settings);
+ if( r_A != NULL) {
+ for( i=0; i<(int)revealAttributes.indicesListLength; i++)
+ if( r_A->array[i] != NULL) bi_free_ptr( r_A->array[i]);
+ free( r_A);
+ }
+ FREE_BI( s_V);
+ FREE_BI( s_E);
+ FREE_BI( e);
+ FREE_BI( sV2);
+ FREE_BI( sV1);
+ FREE_BI( sF1);
+ FREE_BI( sF0);
+ FREE_BI( c);
+ FREE_BI( product_R);
+ FREE_BI( capital_A);
+ FREE_BI( capital_T_tilde);
+ FREE_BI( r_V);
+ FREE_BI( r_E);
+ FREE_BI( capital_T);
+ FREE_BI( w);
+ FREE_BI( capital_N_tilde_v);
+ FREE_BI( capital_Nv);
+ FREE_BI( t_tilde_T);
+ FREE_BI( n);
+ FREE_BI( capital_gamma);
+ FREE_BI( gamma);
+ FREE_BI( zeta);
+ FREE_BI( r);
+ free_TSS_DAA_PK_internal( pk_intern);
+ free_TPM_DAA_ISSUER( tpm_daa_issuer);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/test.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/test.c
new file mode 100644
index 0000000..04fdd38
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/test.c
@@ -0,0 +1,142 @@
+
+#include <stdlib.h>
+#include <string.h>
+#include <trousers/tss.h>
+#include <trousers/trousers.h>
+#include "spi_internal_types.h"
+#include <spi_utils.h>
+#include <obj.h>
+#include "tsplog.h"
+#include "daa_parameter.h"
+
+setenv("TCSD_FOREGROUND", "1", 1);
+
+// simulating Tspi_TPM_DAA_JoinInit (spi_daa.c)
+TSS_RESULT Tspi_DAA_Join(TSS_HTPM hTPM, int stage, UINT32 inputSize0, BYTE *inputData0, UINT32 inputSize1, BYTE *inputData1, UINT32 *outputSize, BYTE **outputData) {
+ TSS_RESULT result;
+ TCS_CONTEXT_HANDLE tcsContext;
+ TSS_HCONTEXT tspContext;
+ TSS_HPOLICY hPolicy;
+ TCPA_DIGEST digest;
+ TPM_AUTH ownerAuth;
+ UINT16 offset = 0;
+ BYTE hashblob[1000];
+
+ printf("[%s:%d] obj_tpm_is_connected(hTPM)\n", __FILE__, __LINE__);
+ if( (result = obj_tpm_is_connected( hTPM, &tcsContext)) != TSS_SUCCESS) return result;
+ printf("[%s:%d] obj_tpm_get_tsp_context(hTPM)\n", __FILE__, __LINE__);
+ if( (result = obj_tpm_get_tsp_context( hTPM, &tspContext)) != TSS_SUCCESS) return result;
+ printf("[%s:%d] obj_tpm_get_policy(hTPM)\n", __FILE__, __LINE__);
+ if( (result = obj_tpm_get_policy( hTPM, &hPolicy)) != TSS_SUCCESS) return result;
+
+ printf("[%s:%d] Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Join, hashblob)\n", __FILE__, __LINE__);
+ Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Join, hashblob); // hash TPM_COMMAND_CODE
+ printf("[%s:%d] Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest)\n",__FILE__, __LINE__);
+ Trspi_LoadBlob_BYTE(&offset, stage, hashblob); // hash stage
+ printf("[%s:%d] Trspi_LoadBlob_UINT32(&offset, 0, hashblob)\n",__FILE__, __LINE__);
+ //TODO old 4
+ Trspi_LoadBlob_UINT32(&offset, inputSize0, hashblob); // hash inputSize0
+ printf("[%s:%d] Trspi_LoadBlob_UINT32(&offset, 0, hashblob)\n",__FILE__, __LINE__);
+ Trspi_LoadBlob( &offset, inputSize0, hashblob, inputData0); // hash inputData0
+ //TODO old 1
+ Trspi_LoadBlob_UINT32(&offset, inputSize1, hashblob); // hash inputSize1
+ printf("[%s:%d] Trspi_LoadBlob_UINT32(&offset, 0, hashblob)\n",__FILE__, __LINE__);
+ Trspi_LoadBlob( &offset, inputSize1, hashblob, inputData1); // hash inputData1
+ Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest);
+
+ if ((result = secret_PerformAuth_OIAP(hTPM, TPM_ORD_DAA_Join,
+ hPolicy, &digest,
+ &ownerAuth)) != TSS_SUCCESS) return result;
+ printf("[%s:%d] secret_PerformAuth_OIAP(hTPM, TPM_ORD_DAA_Join ret=%d\n",__FILE__, __LINE__, result);
+ // out
+
+ /* step of the following call:
+ TCSP_DAAJoin tcsd_api/calltcsapi.c (define in spi_utils.h)
+ TCSP_DAAJoin_TP tcsd_api/tcstp.c (define in trctp.h)
+ */
+
+ printf("[%s:%d] TCSP_DAAJoin(%x,%x,%x,%x,%x,%x,%x)\n",__FILE__, __LINE__,
+ (int)hTPM, 0, inputSize0,(int)inputData0,inputSize1,(int)inputData1,(int)&ownerAuth);
+ if ( (result = TCSP_DaaJoin( tcsContext, hTPM, 0, inputSize0, inputData0, inputSize1, inputData1, &ownerAuth, outputSize, outputData)) != TSS_SUCCESS)
+ return result;
+
+ offset = 0;
+ Trspi_LoadBlob_UINT32(&offset, result, hashblob);
+ Trspi_LoadBlob_UINT32(&offset, TPM_ORD_DAA_Join, hashblob);
+ Trspi_LoadBlob_UINT32(&offset, *outputSize, hashblob);
+ Trspi_LoadBlob(&offset, *outputSize, hashblob, *outputData);
+ Trspi_Hash(TSS_HASH_SHA1, offset, hashblob, digest.digest);
+ if( (result = obj_policy_validate_auth_oiap( hPolicy, &digest, &ownerAuth)))
+ {
+ printf("[%s:%d] obj_policy_validate_auth=%d\n",__FILE__, __LINE__, result);
+ }
+ return result;
+}
+
+
+int main(int argc, char *argv[])
+{
+ TSS_HCONTEXT hContext;
+ TSS_RESULT result;
+ TSS_HTPM hTPM;
+ TSS_HPOLICY hPolicy;
+
+ // Create Context
+ printf("Create Context\n");
+ result = Tspi_Context_Create( &hContext );
+ if ( result != TSS_SUCCESS )
+ {
+ fprintf( stderr, "Tspi_Context_Create %d\n", result );
+ exit( result );
+ }
+
+ // Connect to Context
+ printf("\nConnect to the context\n");
+ result = Tspi_Context_Connect( hContext, NULL );
+ if ( result != TSS_SUCCESS ) goto out_close;
+
+ if( (result = Tspi_Context_GetTpmObject( hContext, &hTPM)) != TSS_SUCCESS)
+ goto out_close;
+
+ // Get the correct policy using the TPM ownership PASSWD
+ char *szTpmPasswd = "OWN_PWD";
+ if( (result = Tspi_GetPolicyObject( hTPM, TSS_POLICY_USAGE, &hPolicy)) != TSS_SUCCESS)
+ goto out_close;
+ //BUSS
+ if( (result = Tspi_Policy_SetSecret( hPolicy, TSS_SECRET_MODE_PLAIN, strlen( szTpmPasswd), szTpmPasswd)) != TSS_SUCCESS)
+ goto out_close;
+ printf("Tspi_Policy_SetSecret hPolicy received;%d\n", hPolicy);
+
+ //BUSS
+ // in
+ //int modulus_length = DAA_PARAM_SIZE_MODULUS_GAMMA / 8;
+ UINT32 inputSize0 = sizeof(int);
+ UINT32 inputSize1 = 0;
+ UINT32 outputSize = 0;
+ int ia_length = 7;
+ BYTE *inputData0 = (BYTE *)(&ia_length);//= (BYTE *)malloc( inputSize0)
+ BYTE *inputData1 = NULL;
+ BYTE *outputData = NULL;
+
+ if( (result = Tspi_DAA_Join(hTPM, 0, inputSize0, inputData0, inputSize1, inputData1, &outputSize, &outputData)) != TSS_SUCCESS) goto out_close;
+
+ goto out;
+out_close:
+ printf( "Tspi Error:%d - %s\n", result, err_string( result) );
+
+out:
+ printf("ouputSize=%d\n", outputSize);
+ if( outputData != NULL) {
+ int i;
+ printf("outputData(hex )=[\n");
+ for( i=0; i<(int)outputSize; i++) printf("%x ", outputData[i]);
+ printf("\n]");
+ printf("outputData(ascii)=[\n");
+ for( i=0; i<(int)outputSize; i++) printf("%c ", outputData[i]);
+ printf("\n]");
+ }
+ Tspi_Context_FreeMemory( hContext, NULL );
+ Tspi_Context_Close( hContext );
+ printf("[%s:%d] THE END\n",__FILE__, __LINE__);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/test_join.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/test_join.c
new file mode 100644
index 0000000..18edd64
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_platform/test_join.c
@@ -0,0 +1,505 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#include "daa_structs.h"
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include "obj.h"
+#include "tsplog.h"
+#include "daa_parameter.h"
+#include "verifier.h"
+#include "platform.h"
+
+// for RSA Key
+#include <openssl/rsa.h>
+
+#define DEFAULT_FILENAME "issuer.txt"
+#define DEFAULT_CREDENTIAL_FILENAME "credential.txt"
+#define DEFAULT_DAACOUNTER 0x01020304
+#define DEFAULT_OWN_PASSWD "OWN_PWD"
+
+// from IssuerFactory
+static const int DEFAULT_KEY_CHAIN_LENGTH = 3;
+
+typedef struct tdIssuer {
+ // use on Tspi calls
+ TSS_DAA_PK *pk_extern;
+ TSS_DAA_KEY_PAIR *key_pair_extern;
+
+ // used internally
+ int length_key_chain;
+ RSA **key_chain;
+ TSS_DAA_PK_internal *pk;
+ DAA_PRIVATE_KEY_internal *private_key;
+ TSS_DAA_PK_PROOF_internal *pk_proof;
+ //RSA **auth_key_pairs;
+ BYTE **pk_signatures;
+ bi_ptr zeta;
+} Issuer;
+
+void *alloc( UINT32 length, TCS_CONTEXT_HANDLE tcsContext) {
+ void *result = calloc_tspi( tcsContext, length);
+ LogDebug("allocate tspi memory:%d", (int)result);
+ return result;
+}
+
+/**
+Used by RSA_generate_key
+From RSA_generate_key documentation:
+-> callback(2, n, cb_arg) is called when n-th randomly generated prime is rejected
+-> callback(3, 0, cb_arg) is called when p is found with p-1 more or less prime to e
+-> callback(3, 1, cb_arg) repeatedly called for prime q
+*/
+void callback(int step, int number, void *arg) {
+#ifdef DAA_DEBUG
+ putc( '.', stdout); fflush( stdout);
+#endif
+}
+
+int sign( BYTE *buffer_2_sign,
+ int len_buffer_2_sign,
+ RSA *rsa,
+ BYTE *signature,
+ int *len_signature
+) {
+ EVP_MD_CTX *ctx;
+ int len_message = EVP_MD_size( EVP_sha1()), current_len_message;
+ BYTE *message = (BYTE *)malloc( len_message);
+ int ret;
+
+ ctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(ctx, EVP_sha1(), NULL);
+ EVP_DigestUpdate(ctx, buffer_2_sign, len_buffer_2_sign);
+ EVP_DigestFinal_ex(ctx, message, ¤t_len_message);
+ LogDebug("Sign rsa-> with message (length=%d)", current_len_message);
+// int RSA_sign(int type, unsigned char *m, unsigned int m_len,
+// unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+ ret = RSA_sign( NID_sha1, message, current_len_message, signature, len_signature, rsa);
+ if( ret == 0) {
+ LogError("Error in RSA_sign: %s", ERR_error_string( ERR_get_error(), NULL));
+ }
+ LogDebug("Sign rsa-> signature (length=%d)", *len_signature );
+ EVP_MD_CTX_destroy(ctx);
+ free( message);
+ return ret;
+}
+
+/* Compute key chain. */
+static int init_key_chain(int length_key_chain, Issuer *issuer) {
+ BYTE *signature;
+ int i, len_sign, ret;
+ BYTE *modulus;
+ BYTE *message;
+ // generate RSA key of length DAA_PARAM_KEY_SIZE with exponent
+ // 65537 (java.security.spec.RSAKeyGenParameterSpec.F4)
+ unsigned long e = 65537;
+ RSA *rsa;
+ bi_ptr bi;
+ EVP_MD_CTX *ctx;
+ int len_message = EVP_MD_size( EVP_sha1());
+ int current_len_message;
+
+ EVP_MD_CTX_create(ctx);
+ message = (BYTE *)malloc(len_message);
+ if( length_key_chain < 1) {
+ free( message);
+ return -1;
+ }
+ issuer->length_key_chain = length_key_chain;
+ issuer->key_chain = (RSA **)malloc(sizeof(RSA *) * length_key_chain);
+ issuer->pk_signatures = (BYTE **)malloc(sizeof(BYTE *) * length_key_chain);
+ for(i = 0; i<length_key_chain; i++) {
+ rsa = RSA_generate_key( DAA_PARAM_KEY_SIZE, e, &callback, NULL);
+ if( (BN_num_bits(rsa->n) + 7) / 8 != (DAA_PARAM_KEY_SIZE + 7) / 8) {
+ LogError("BN_num_bits(rsa->n) + 7) / 8 != (DAA_PARAM_KEY_SIZE + 7) / 8)");
+ return -1;
+ }
+ issuer->key_chain[i] = rsa;
+ if( i > 0) {
+ signature = (BYTE *)malloc( RSA_size(rsa));
+ modulus = (BYTE *)malloc( DAA_PARAM_KEY_SIZE / 8);
+ // signature algorithm from Issuer.java - "SHA1withRSA"
+ // sign the modulus (n) of the RSA key with the previous RSA key (chain)
+ // sign rsa(i)->n with auth_key_pairs[i-1]
+ LogDebug("modulus=%s\n", dump_byte_array(256, modulus));
+ LogDebug("signature=%s\n", dump_byte_array(256, signature));
+ bi = bi_new_ptr();
+ bi_set_as_hex( bi, BN_bn2hex( rsa->n));
+ bi_2_byte_array( modulus, DAA_PARAM_KEY_SIZE / 8, bi);
+ LogDebug("bi=%s", bi_2_hex_char( bi));
+ bi_free_ptr( bi);
+ EVP_DigestInit_ex(ctx, EVP_sha1(), NULL);
+ EVP_DigestUpdate(ctx, modulus, DAA_PARAM_KEY_SIZE / 8);
+ EVP_DigestFinal_ex(ctx, message, ¤t_len_message);
+ ret = RSA_sign( NID_sha1, message, current_len_message,
+ signature, &len_sign, issuer->key_chain[i-1]);
+ if( ret == 0) {
+ LogError("Error in RSA_sign: %s",
+ ERR_error_string( ERR_get_error(), NULL));
+ }
+ LogDebug("Sign rsa->n (length=%d) with signature (length=%d,\
+ truelength=%d message_len=%d) ret = %d ERROR?=%s",
+ RSA_size(rsa),
+ DAA_PARAM_KEY_SIZE / 8,
+ len_sign,
+ current_len_message,
+ ret,
+ ERR_error_string( ERR_get_error(),
+ NULL) );
+ LogDebug("message=%s\n", dump_byte_array(256, message));
+ LogDebug("signature=%s\n",dump_byte_array(256, signature));
+ issuer->pk_signatures[i-1] = signature;
+ }
+ }
+ free( message);
+ EVP_MD_CTX_destroy(ctx);
+ return 0;
+}
+
+Issuer* initIssuer(int length_key_chain, char *filename, char *exec, TSS_HCONTEXT hContext) {
+ FILE *file;
+ EVP_MD_CTX *mdctx;
+ Issuer *issuer = (Issuer *)malloc(sizeof( Issuer));
+ TPM_DAA_ISSUER *tpm_daa_issuer;
+ bi_ptr modulus_N0;
+ int len_issuer_settings, len_signature;
+ BYTE *modulus_N0_bytes;
+ BYTE *digest_n0;
+ BYTE *issuer_settings_byte_array;
+ BYTE *sign_data;
+ BYTE *signature;
+ RSA *private_nn;
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof;
+
+ LogDebug("Loading issuer info (keypair & proof) -> \'%s\'", filename);
+ file = fopen( filename, "r");
+ if( file == NULL) {
+ fprintf( stderr, "%s: Error when opening \'%s\': %s\n",
+ exec,
+ filename,
+ strerror( errno));
+ free( issuer);
+ return NULL;
+ }
+ key_pair_with_proof = load_KEY_PAIR_WITH_PROOF( file);
+ if( key_pair_with_proof == NULL) {
+ LogError( "Error when reading \'%s\': %s\n", filename, strerror( errno));
+ free( issuer);
+ return NULL;
+ }
+ fclose( file);
+ issuer->pk = key_pair_with_proof->pk;
+ issuer->pk_extern = i_2_e_TSS_DAA_PK( issuer->pk, &alloc, hContext);
+ issuer->key_pair_extern = (TSS_DAA_KEY_PAIR *)malloc( sizeof(TSS_DAA_KEY_PAIR));
+ init_tss_version( issuer->key_pair_extern);
+ issuer->key_pair_extern->public_key = issuer->pk_extern;
+ issuer->key_pair_extern->private_key = i_2_e_TSS_DAA_PRIVATE_KEY(
+ key_pair_with_proof->private_key,
+ &alloc, hContext);
+ issuer->pk_proof = key_pair_with_proof->proof;
+ issuer->private_key = key_pair_with_proof->private_key;
+ init_key_chain( length_key_chain, issuer);
+ issuer->zeta = compute_zeta( issuer->pk->issuerBaseNameLength,
+ issuer->pk->issuerBaseName, issuer->pk);
+ // sign "issuer settings"
+ modulus_N0 = bi_new_ptr();
+ bi_set_as_hex( modulus_N0, BN_bn2hex( issuer->key_chain[0]->n));
+ // in TPM, N0 is hashed by hashing the scratch (256 bytes) so it must
+ // be formatted according to the scratch size (TPM_DAA_SIZE_issuerModulus)
+ modulus_N0_bytes = (BYTE *)malloc( TPM_DAA_SIZE_issuerModulus);
+ bi_2_byte_array( modulus_N0_bytes, TPM_DAA_SIZE_issuerModulus, modulus_N0);
+ bi_free_ptr( modulus_N0);
+
+ if( TPM_DAA_SIZE_issuerModulus * 8 != DAA_PARAM_KEY_SIZE) {
+ LogError("TPM_DAA_SIZE_issuerModulus * 8 (%d) != DAA_PARAM_KEY_SIZE(%d)",
+ TPM_DAA_SIZE_issuerModulus*8,
+ DAA_PARAM_KEY_SIZE);
+ free( issuer);
+ return NULL;
+ }
+
+ EVP_MD_CTX_create(mdctx);
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ // digestN0 = hash( modulus_N0)
+ EVP_DigestUpdate(mdctx, modulus_N0_bytes, TPM_DAA_SIZE_issuerModulus);
+ digest_n0 = (BYTE *)EVP_MD_CTX_create();
+ EVP_DigestFinal_ex(mdctx, digest_n0, NULL);
+ tpm_daa_issuer = convert2issuer_settings( issuer->pk);
+ issuer_settings_byte_array = issuer_2_byte_array( tpm_daa_issuer, &len_issuer_settings);
+ // data to sign: concatenation of digest_n0 and issuer_settings_byte_array
+ sign_data = (BYTE *)malloc( EVP_MD_CTX_size(mdctx) + len_issuer_settings);
+ memcpy( sign_data, digest_n0, EVP_MD_CTX_size(mdctx));
+ memcpy( &sign_data[EVP_MD_CTX_size(mdctx)],
+ issuer_settings_byte_array,
+ len_issuer_settings);
+ free( issuer_settings_byte_array);
+ // sign digest of TPM compatible Issuer key (sign_data)
+ private_nn = issuer->key_chain[issuer->length_key_chain - 1];
+ signature = (BYTE *)malloc( RSA_size(private_nn));
+ if ( sign( sign_data, EVP_MD_CTX_size(mdctx) + len_issuer_settings,
+ private_nn,
+ signature,
+ &len_signature) ==0) {
+ LogError("Can not sign digest of TPM compatible Issuer key");
+ goto close;
+ }
+ issuer->pk_signatures[ issuer->length_key_chain - 1] = signature;
+ LogDebug("Set last signature sign[%d] = %s",
+ issuer->length_key_chain - 1,
+ dump_byte_array(EVP_MD_size( EVP_sha1()),
+ signature));
+ // TODO sign the complete public key of TPM compatible Issuer key
+/* EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ EVP_DigestUpdate(mdctx, digest_n0, EVP_MD_CTX_size(mdctx));
+ pk_encoded = encoded_DAA_PK_internal( &pk_encodedLength, issuer->pk);
+ EVP_DigestUpdate(mdctx, pk_encoded, pk_encodedLength);
+ EVP_DigestFinal(mdctx, , NULL);
+ signature = (BYTE *)malloc( EVP_MD_size( EVP_sha1()));
+ if (sign( sign_data, EVP_MD_CTX_size(mdctx) + len_issuer_settings,
+ private_nn, signature, &len_signature) !=0) goto close;
+*/
+close:
+ EVP_MD_CTX_destroy(mdctx);
+ free( digest_n0);
+ free( sign_data);
+ return issuer;
+}
+
+int print_usage(char *exec) {
+ fprintf(stderr, "usage: %s\n", exec);
+ fprintf(stderr, "\t-if,\t--issuer_file\n\t\tthe file that will contain all key\
+pair and proof to be used by the issuer\n\t\t (default: %s)\n",
+ DEFAULT_FILENAME);
+ fprintf(stderr, "\t-dc,\t--daa_counter\n\t\tdaa counter (default: %d)\n",
+ DEFAULT_DAACOUNTER);
+ fprintf(stderr,
+ "\t-pw,\t--passwd\n\t\ttpm owner password (default: %s)\n",
+ DEFAULT_OWN_PASSWD);
+ return -1;
+}
+
+int main(int argc, char *argv[]) {
+ TSS_HCONTEXT hContext;
+ TSS_RESULT result;
+ TSS_HTPM hTPM;
+ TSS_HPOLICY hPolicy;
+ int i, length;
+ char *param, *filename = DEFAULT_FILENAME;
+ char *credential_filename = DEFAULT_CREDENTIAL_FILENAME;
+ UINT32 daaCounter = DEFAULT_DAACOUNTER;
+ UINT32 capital_UPrimeLength;
+ BYTE *capitalUPrime;
+ TSS_DAA_IDENTITY_PROOF identityProof;
+ TSS_DAA_JOIN_SESSION joinSession;
+ TSS_DAA_JOIN_ISSUER_SESSION join_issuer_session;
+ TSS_DAA_CREDENTIAL_REQUEST credentialRequest;
+ TSS_DAA_CRED_ISSUER credIssuer;
+ TSS_HDAA hDAA;
+ Issuer* issuer;
+ char *szTpmPasswd = DEFAULT_OWN_PASSWD;
+ UINT32 endorsementKeyLength;
+ BYTE *endorsementKey;
+ UINT32 nonceIssuerLength;
+ BYTE *nonceIssuer;
+ UINT32 authenticationChallengeLength;
+ BYTE *authenticationChallenge;
+ bi_array_ptr capital_receiver;
+ BYTE **attributesPlatform;
+ UINT32 attributesPlatformLength;
+ BYTE **attributesIssuer;
+ UINT32 attributesIssuerLength;
+ bi_t random;
+ FILE *file;
+
+ init_tss_version( &identityProof);
+ init_tss_version( &joinSession);
+ init_tss_version( &join_issuer_session);
+ init_tss_version( &credentialRequest);
+ init_tss_version( &credIssuer);
+ i = 1;
+ while( i < argc) {
+ param = argv[ i];
+ if ( strcmp( param, "-if") == 0 || strcmp( param, "--issuer_file") == 0) {
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ filename = argv[i];
+ } else if( strcmp( param, "-dc") == 0 || strcmp( param, "--daa_counter") == 0){
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ daaCounter = atoi(argv[i]);
+ } else if( strcmp( param, "-pw") == 0 || strcmp( param, "--passwd") == 0){
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ szTpmPasswd = argv[i];
+ } else {
+ fprintf(stderr, "\n%s:unrecognized option <%s>\n", argv[0], param);
+ return print_usage( argv[0]);
+ }
+ i++;
+ }
+ bi_init( NULL);
+
+ // Create Context
+ LogDebug("Create Context");
+ result = Tspi_Context_Create( &hContext );
+ if ( result != TSS_SUCCESS )
+ {
+ LogError( "Tspi_Context_Create %d\n", result );
+ goto out;
+ }
+ // Connect to Context
+ result = Tspi_Context_Connect( hContext, NULL );
+ if ( result != TSS_SUCCESS) goto out_close;
+ printf("\nConnect to the context: %X\n", hContext);
+
+ if( (result = Tspi_Context_GetTpmObject( hContext, &hTPM)) != TSS_SUCCESS)
+ goto out_close;
+ // Get the correct policy using the TPM ownership PASSWD
+ if( (result = Tspi_GetPolicyObject( hTPM,
+ TSS_POLICY_USAGE,
+ &hPolicy)) != TSS_SUCCESS)
+ goto out_close;
+ if( (result = Tspi_Policy_SetSecret( hPolicy,
+ TSS_SECRET_MODE_PLAIN,
+ strlen( szTpmPasswd),
+ szTpmPasswd)) != TSS_SUCCESS)
+ goto out_close;
+ LogDebug("Tspi_Policy_SetSecret hPolicy received;%d\n", hPolicy);
+
+ //Create Object
+ result = obj_daa_add( hContext, &hDAA);
+ if (result != TSS_SUCCESS) {
+ LogError("Tspi_Context_CreateObject:%d\n", result);
+ Tspi_Context_Close(hContext);
+ LogError("%s: %s\n", argv[0], err_string(result));
+ exit(result);
+ }
+ LogDebug("created DAA object:%X", hDAA);
+ issuer = initIssuer( DEFAULT_KEY_CHAIN_LENGTH, filename, argv[0], hContext);
+ if( issuer == NULL) goto out_close;
+
+ // generate receiver attributes and issuer attributes (random)
+ attributesPlatformLength = issuer->pk->capitalRReceiver->length;
+ attributesPlatform = (BYTE **)malloc( attributesPlatformLength * sizeof(BYTE *));
+ bi_new( random);
+ for( i=0; i<(int)attributesPlatformLength; i++) {
+ bi_urandom( random, DAA_PARAM_SIZE_F_I);
+ attributesPlatform[i] = bi_2_nbin( &length, random);
+ if( attributesPlatform[i] == NULL) {
+ LogError("malloc of %d bytes failed", length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto out_close;
+ }
+ }
+ attributesIssuerLength = issuer->pk->capitalRIssuer->length;
+ attributesIssuer = (BYTE **)malloc( attributesIssuerLength * sizeof(BYTE *));
+ for( i=0; i<(int)attributesIssuerLength; i++) {
+ bi_urandom( random, DAA_PARAM_SIZE_F_I);
+ attributesIssuer[i] = bi_2_nbin( &length, random);
+ if( attributesIssuer[i] == NULL) {
+ LogError("malloc of %d bytes failed", length);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto out_close;
+ }
+ }
+ bi_free(random);
+ LogDebug("Generated attributes (Platform=%d,Issuer=%d)",
+ attributesPlatformLength, attributesIssuerLength);
+
+ result = Tspi_TPM_DAA_JoinInit(
+ hDAA, // in
+ hTPM, // in
+ daaCounter, // in
+ (TSS_HKEY)issuer->pk_extern, // in
+ issuer->length_key_chain, // in
+ (TSS_HKEY *)issuer->key_chain, // in
+ issuer->length_key_chain, // in
+ issuer->pk_signatures, // in
+ &capital_UPrimeLength, // out
+ &capitalUPrime, // out
+ &identityProof, // out
+ &joinSession // out
+ );
+ if( result != TSS_SUCCESS) goto out_close;
+
+ result = Tspi_DAA_IssueInit(
+ hDAA, // in
+ (TSS_HKEY)issuer->key_chain[0], // in
+ (TSS_HKEY)issuer->key_pair_extern, // in
+ identityProof, // in
+ capital_UPrimeLength, // in
+ capitalUPrime, // in
+ daaCounter, // in
+ &nonceIssuerLength, // out
+ &nonceIssuer, // out
+ &authenticationChallengeLength, // out
+ &authenticationChallenge, // out
+ &join_issuer_session // out
+ );
+ if( result != TSS_SUCCESS) goto out_close;
+
+ result = Tspi_TPM_DAA_JoinCreateDaaPubKey(
+ hDAA, // in
+ hTPM, // in
+ authenticationChallengeLength, // in
+ authenticationChallenge, // in
+ nonceIssuerLength, // in
+ nonceIssuer, // in
+ attributesPlatformLength, // in
+ attributesPlatform, // in
+ &joinSession, // in & out
+ &credentialRequest // out
+ );
+ if( result != TSS_SUCCESS) goto out_close;
+
+ result = Tspi_DAA_IssueCredential(
+ hDAA, // in
+ attributesIssuerLength, // in
+ attributesIssuer, // in
+ credentialRequest, // in
+ join_issuer_session, // in
+ &credIssuer // out
+ );
+
+ result = Tspi_TPM_DAA_JoinStoreCredential(
+ hDAA, // in
+ hTPM, // in
+ credIssuer, // in
+ joinSession, // in
+ (TSS_HKEY*)&credentialRequest // out
+ );
+ if( result != TSS_SUCCESS) goto out_close;
+
+ printf("Saving credential: %s ", credential_filename);
+ file = fopen( credential_filename, "w");
+ if( save_TSS_DAA_CREDENTIAL( file, &credentialRequest) != 0) {
+ LogError( "[test_join]: Error when saving \'%s\': %s",
+ credential_filename,
+ strerror( errno));
+ result = TSS_E_FAIL;
+ goto out_close;
+ }
+ fclose( file);
+ printf("Done\n");
+
+out_close:
+ Tspi_Context_FreeMemory( hContext, NULL );
+ Tspi_Context_Close( hContext );
+out:
+ bi_release();
+ LogDebug("THE END result=%d:%s",result, err_string( result) );;
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_structs.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_structs.c
new file mode 100644
index 0000000..5bab820
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_structs.c
@@ -0,0 +1,1317 @@
+
+/*
+* Licensed Materials - Property of IBM
+*
+* trousers - An open source TCG Software Stack
+*
+* (C) Copyright International Business Machines Corp. 2006
+*
+*/
+
+/*
+This file implements Helper functions for converting / creating and freeing
+internal representation of TSS_DAA structures.
+An external representation is the one define in tss_structs.h.
+An internal representation is using bi_t or bi_ptr for representing big numbers.
+Naming convention: for each structures we can have:
+init_(<STRUCT>, struct *) : initialize the version field
+create_<STRUCT> : init all fields
+free_<STRUCT> : free all fields
+e_2_i_<STRUCT> : convertor from External representation to internal
+i_2_e_<STRUCT> : convertor from Internal to External. This call use a given memory
+allocation function, to allow
+for example to use calloc_tspi, or a "normal" malloc.
+*/
+#include <stdio.h>
+#include <strings.h>
+#include <errno.h>
+#include <strings.h>
+
+#include "daa_parameter.h"
+#include "daa_structs.h"
+#include "tcslog.h"
+
+#define DUMP_DAA_PK_FIELD( field) \
+do { \
+ printf("%s=", #field); \
+ dump_field( pk->field##Length, pk->field); \
+ puts(""); \
+} while(0);
+
+#if 0
+#define STORE_DAA_PK_BI1( field, bi) \
+do { \
+ store_bi( &pk->field##Length, &pk->field, bi); \
+} while(0);
+
+#define STORE_DAA_PK_BI( field, daa_alloc, param_alloc) \
+do { \
+ store_bi( &pk->field##Length,\
+ &pk->field,\
+ pk_internal->field,\
+ daa_alloc,\
+ param_alloc); \
+} while(0);
+
+// used only to read a structure from a file, so only as helping function
+// for TCG application
+static char buffer[1000];
+#endif
+BYTE *convert_alloc( TCS_CONTEXT_HANDLE tcsContext, UINT32 length, BYTE *source) {
+ BYTE *result = calloc_tspi( tcsContext, length);
+
+ if( result == NULL) return NULL;
+ memcpy( result, source, length);
+ free( source);
+ return result;
+}
+
+BYTE *copy_alloc( TCS_CONTEXT_HANDLE tcsContext, UINT32 length, BYTE *source) {
+ BYTE *result = calloc_tspi( tcsContext, length);
+
+ if( result == NULL) return NULL;
+ memcpy( result, source, length);
+ return result;
+}
+
+static void *normal_malloc( size_t size, TSS_HOBJECT object) {
+ void *ret = malloc( size);
+ return ret;
+}
+
+/* store a bi to a buffer and update the length in big endian format */
+void store_bi( UINT32 *length,
+ BYTE **buffer,
+ const bi_ptr i,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT object
+) {
+ int size;
+
+ *buffer = (BYTE *)daa_alloc( bi_length( i), object);
+ bi_2_nbin1( &size, *buffer, i);
+ *length = size;
+ LogDebug( "[store_bi] host_length:%d network_length:%d[address:%d]\n",
+ size,
+ (int)*length,
+ (int)*buffer);
+}
+
+bi_ptr get_bi( const unsigned long n_length, const BYTE *buffer) {
+ unsigned long length;
+
+ length = n_length;
+ LogDebug( "[get_bi] %d [address:%d -> |%2x|%2x| ]\n",
+ (int)length,
+ (int)buffer,
+ (int)(buffer[0] &0xFF),
+ (int)(buffer[1]&0xFF));
+ return bi_set_as_nbin( length, buffer);
+}
+
+/* length is in network format: big indian */
+void dump_field( int length, BYTE *buffer) {
+ int i;
+
+ for( i=0; i< length; i++) {
+ BYTE byte = (BYTE)(buffer[i] & 0xFF);
+ printf("%02X", byte);
+ }
+}
+
+#if 0
+/* !: do not keep the return buffer */
+char *read_str(FILE *file) {
+ int i;
+ char c;
+
+ fgets( buffer, 1000, file);
+ i=0;
+ while( buffer[i] =='\n' || buffer[i]=='\r' || buffer[i]==' ') i++;
+ do {
+ c = buffer[ i++];
+ } while( c != 0 && c != ' ' && c!='\n' && c!='\r' && c!='#');
+ buffer[ i -1] = 0;
+ return buffer;
+}
+
+/**
+ *
+ * @param file
+ * @return
+ */
+int read_int( FILE *file) {
+ int i, ret;
+ char c;
+
+ fgets( buffer, 1000, file);
+ i=0;
+ while( buffer[i] =='\n' || buffer[i]=='\r' || buffer[i]==' ') i++;
+ do {
+ c = buffer[ i++];
+ } while( c != 0 && c != ' ' && c!='\n' && c!='\r' && c!='#');
+ buffer[ i -1] = 0;
+ sscanf( buffer, "%d", &ret);
+ return ret;
+}
+#endif
+/********************************************************************************************
+* TSS_DAA_SELECTED_ATTRIB
+* this struct is used internally and externally, only a call to
+internal_2_DAA_SELECTED_ATTRIB
+* and DAA_SELECTED_ATTRIB_2_internal will change the struct to be internal or
+external
+********************************************************************************************/
+
+void i_2_e_TSS_DAA_SELECTED_ATTRIB(
+ TSS_DAA_SELECTED_ATTRIB *selected_attrib
+) {
+}
+
+void e_2_i_TSS_DAA_SELECTED_ATTRIB(
+ TSS_DAA_SELECTED_ATTRIB *selected_attrib
+) {
+}
+
+/* work ONLY with internal format
+important: TSS_BOOL is of type int_8_t, so a char, if the size is bigger, we
+will maybe need
+to transform each part to big indian ? or maybe each part is false if equal to
+0, true otherwise.
+*/
+BYTE *to_bytes_TSS_DAA_SELECTED_ATTRIB_internal(
+ int *result_length,
+ TSS_DAA_SELECTED_ATTRIB *selected_attrib
+) {
+ BYTE *result;
+ int index = 0;
+ unsigned int length = selected_attrib->indicesListLength;
+
+ *result_length = sizeof(unsigned int) +
+ (selected_attrib->indicesListLength * sizeof(TSS_BOOL));
+ result = (BYTE *)malloc( *result_length);
+ memcpy( &result[index], &length, sizeof(UINT32));
+ index+=sizeof(UINT32);
+ memcpy( &result[index], selected_attrib->indicesList,
+ sizeof(TSS_BOOL) * selected_attrib->indicesListLength);
+ return result;
+}
+
+/*
+create a TSS_DAA_SELECTED_ATTRIB of length <length> with given selected attributes.
+example of selections of the second and third attributes upon 5:
+create_TSS_DAA_SELECTED_ATTRIB( &selected_attrib, 5, 0, 1, 1, 0, 0);
+*/
+void create_TSS_DAA_SELECTED_ATTRIB( TSS_DAA_SELECTED_ATTRIB *attrib, int length, ...) {
+ va_list ap;
+ int i, select;
+
+ attrib->indicesListLength = length;
+ attrib->indicesList = (TSS_BOOL *)malloc( length * sizeof( TSS_BOOL));
+ va_start (ap, length);
+ for( i=0; i<length; i++) {
+ select = va_arg( ap, int) != 0;
+ attrib->indicesList[i] = select;
+ }
+ va_end (ap);
+}
+
+
+/******************************************************************************************
+* TSS_DAA_SIGN_DATA
+* this struct is used internally and externally, only a call to internal_2_DAA_SIGN_DATA
+* DAA_SIGN_DATA_2_internal will change the struct to be internal or external
+*******************************************************************************************/
+
+void i_2_e_TSS_DAA_SIGN_DATA( TSS_DAA_SIGN_DATA *sign_data) {
+}
+
+void e_2_i_TSS_DAA_SIGN( TSS_DAA_SIGN_DATA *sign_data) {
+}
+
+/********************************************************************************************
+* TSS_DAA_ATTRIB_COMMIT
+********************************************************************************************/
+
+TSS_DAA_ATTRIB_COMMIT_internal *create_TSS_DAA_ATTRIB_COMMIT( bi_ptr beta, bi_ptr sMu) {
+ TSS_DAA_ATTRIB_COMMIT_internal *result =
+ (TSS_DAA_ATTRIB_COMMIT_internal *)malloc( sizeof(TSS_DAA_ATTRIB_COMMIT_internal));
+
+ result->beta = beta;
+ result->sMu = sMu;
+ return result;
+}
+
+
+/********************************************************************************************
+* TSS_DAA_PSEUDONYM_PLAIN
+********************************************************************************************/
+
+TSS_DAA_PSEUDONYM_PLAIN_internal *
+create_TSS_DAA_PSEUDONYM_PLAIN(bi_ptr nV)
+{
+ TSS_DAA_PSEUDONYM_PLAIN_internal *result = (TSS_DAA_PSEUDONYM_PLAIN_internal *)
+ malloc(sizeof(TSS_DAA_PSEUDONYM_PLAIN_internal));
+
+ result->nV = nV;
+ return result;
+}
+
+/********************************************************************************************
+* DAA PRIVATE KEY
+********************************************************************************************/
+/*
+* allocate: ret->p_prime
+* ret->q_prime
+* ret->productPQprime
+*/
+DAA_PRIVATE_KEY_internal *
+create_TSS_DAA_PRIVATE_KEY(bi_ptr pPrime, bi_ptr qPrime)
+{
+ DAA_PRIVATE_KEY_internal *private_key =
+ (DAA_PRIVATE_KEY_internal *)malloc( sizeof( DAA_PRIVATE_KEY_internal));
+
+ private_key->p_prime = bi_new_ptr(); bi_set( private_key->p_prime, pPrime);
+ private_key->q_prime = bi_new_ptr(); bi_set( private_key->q_prime, qPrime);
+ private_key->productPQprime = bi_new_ptr();
+ bi_mul( private_key->productPQprime, pPrime, qPrime);
+ return private_key;
+}
+
+#if 0
+int
+save_DAA_PRIVATE_KEY(FILE *file, const DAA_PRIVATE_KEY_internal *private_key)
+{
+ BI_SAVE( private_key->p_prime , file);
+ BI_SAVE( private_key->q_prime , file);
+ BI_SAVE( private_key->productPQprime, file);
+ return 0;
+}
+
+DAA_PRIVATE_KEY_internal *
+load_DAA_PRIVATE_KEY(FILE *file)
+{
+ DAA_PRIVATE_KEY_internal *private_key =
+ (DAA_PRIVATE_KEY_internal *)malloc( sizeof(DAA_PRIVATE_KEY_internal));
+
+ private_key->p_prime = bi_new_ptr();
+ BI_LOAD( private_key->p_prime, file);
+ private_key->q_prime = bi_new_ptr();
+ BI_LOAD( private_key->q_prime, file);
+ private_key->productPQprime = bi_new_ptr();
+ BI_LOAD( private_key->productPQprime, file);
+ return private_key;
+}
+#endif
+DAA_PRIVATE_KEY_internal *e_2_i_TSS_DAA_PRIVATE_KEY(TSS_DAA_PRIVATE_KEY *private_key) {
+ DAA_PRIVATE_KEY_internal *private_key_internal;
+
+ LogDebug("-> e_2_i_TSS_DAA_PRIVATE_KEY");
+ private_key_internal =
+ (DAA_PRIVATE_KEY_internal *)malloc( sizeof(DAA_PRIVATE_KEY_internal));
+ private_key_internal->p_prime = get_bi( private_key->p_primeLength, private_key->p_prime);
+ private_key_internal->q_prime = get_bi( private_key->q_primeLength, private_key->q_prime);
+ private_key_internal->productPQprime =
+ get_bi( private_key->productPQprimeLength, private_key->productPQprime);
+ LogDebug("<- e_2_i_TSS_DAA_PRIVATE_KEY");
+ return private_key_internal;
+}
+
+TSS_DAA_PRIVATE_KEY *
+i_2_e_TSS_DAA_PRIVATE_KEY(DAA_PRIVATE_KEY_internal *private_key_internal,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT param_alloc)
+{
+ TSS_DAA_PRIVATE_KEY *result;
+
+ LogDebug("-> i_2_e_TSS_DAA_PRIVATE_KEY");
+ result = (TSS_DAA_PRIVATE_KEY *)daa_alloc( sizeof(TSS_DAA_PRIVATE_KEY), param_alloc);
+ init_tss_version( result);
+ store_bi( &(result->p_primeLength),
+ &(result->p_prime),
+ private_key_internal->p_prime,
+ daa_alloc,
+ param_alloc);
+ store_bi( &(result->q_primeLength),
+ &(result->q_prime),
+ private_key_internal->q_prime,
+ daa_alloc,
+ param_alloc);
+ store_bi( &(result->productPQprimeLength),
+ &(result->productPQprime),
+ private_key_internal->productPQprime,
+ daa_alloc,
+ param_alloc);
+ LogDebug("<- i_2_e_TSS_DAA_PRIVATE_KEY");
+ return result;
+}
+
+/********************************************************************************************
+* KEY PAIR WITH PROOF
+********************************************************************************************/
+
+#if 0
+
+/* moved to daa_debug.c */
+
+int
+save_KEY_PAIR_WITH_PROOF(FILE *file,
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof)
+{
+ save_DAA_PK_internal( file, key_pair_with_proof->pk);
+ save_DAA_PRIVATE_KEY( file, key_pair_with_proof->private_key);
+ save_DAA_PK_PROOF_internal( file, key_pair_with_proof->proof);
+
+ return 0;
+}
+
+KEY_PAIR_WITH_PROOF_internal *
+load_KEY_PAIR_WITH_PROOF(FILE *file)
+{
+ KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof =
+ (KEY_PAIR_WITH_PROOF_internal *)malloc(sizeof(KEY_PAIR_WITH_PROOF_internal));
+
+ key_pair_with_proof->pk = load_DAA_PK_internal(file);
+ key_pair_with_proof->private_key = load_DAA_PRIVATE_KEY(file);
+ key_pair_with_proof->proof = load_DAA_PK_PROOF_internal(file);
+
+ return key_pair_with_proof;
+}
+
+#endif
+/* allocated using instrumented daa_alloc */
+TSS_DAA_KEY_PAIR *get_TSS_DAA_KEY_PAIR(KEY_PAIR_WITH_PROOF_internal *key_pair_with_proof,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT object),
+ TSS_HOBJECT param_alloc)
+{
+ TSS_DAA_KEY_PAIR *result;
+
+ LogDebug("-> i_2_e_KEY_PAIR_WITH_PROOF");
+
+ result = (TSS_DAA_KEY_PAIR *)daa_alloc(sizeof(TSS_DAA_KEY_PAIR), param_alloc);
+ init_tss_version(result);
+ result->private_key = i_2_e_TSS_DAA_PRIVATE_KEY(key_pair_with_proof->private_key,
+ daa_alloc, param_alloc);
+ result->public_key = i_2_e_TSS_DAA_PK( key_pair_with_proof->pk, daa_alloc, param_alloc);
+
+ LogDebug("<- i_2_e_KEY_PAIR_WITH_PROOF");
+
+ return result;
+}
+
+
+/********************************************************************************************
+* TSS_DAA_PK
+********************************************************************************************/
+
+/* pk_internal->capitalY must be alocated using ALLOC_BI_ARRAY() */
+void
+populate_capitalY(TSS_DAA_PK_internal *pk_internal)
+{
+ int i;
+
+ bi_new_array(pk_internal->capitalY,
+ pk_internal->capitalRReceiver->length + pk_internal->capitalRIssuer->length);
+
+ // CAPITAL Y ( capitalRReceiver )
+ for (i = 0; i < pk_internal->capitalRReceiver->length; i++)
+ pk_internal->capitalY->array[i] = pk_internal->capitalRReceiver->array[i];
+ // CAPITAL Y ( capitalRIssuer)
+ for (i = 0; i < pk_internal->capitalRIssuer->length; i++)
+ pk_internal->capitalY->array[pk_internal->capitalRReceiver->length+i] =
+ pk_internal->capitalRIssuer->array[i];
+}
+
+void
+compute_capitalSprime(TSS_DAA_PK_internal *pk_internal)
+{
+ bi_t bi_tmp;
+
+ bi_new(bi_tmp);
+ pk_internal->capitalSprime = bi_new_ptr();
+ bi_shift_left( bi_tmp, bi_1, DAA_PARAM_SIZE_SPLIT_EXPONENT);
+ bi_mod_exp(pk_internal->capitalSprime, pk_internal->capitalS, bi_tmp, pk_internal->modulus);
+ bi_free( bi_tmp);
+}
+
+/*
+* create anf feel a TSS_DAA_PK_internal structures
+* ! this function keep pointer on all parameters
+*/
+TSS_DAA_PK_internal *
+create_DAA_PK(const bi_ptr modulus,
+ const bi_ptr capitalS,
+ const bi_ptr capitalZ,
+ const bi_ptr capitalR0,
+ const bi_ptr capitalR1,
+ const bi_ptr gamma,
+ const bi_ptr capitalGamma,
+ const bi_ptr rho,
+ const bi_array_ptr capitalRReceiver,
+ const bi_array_ptr capitalRIssuer,
+ const int issuerBaseNameLength,
+ BYTE * const issuerBaseName)
+{
+ TSS_DAA_PK_internal *pk_internal;
+
+ LogDebug("-> create_DAA_PK");
+ pk_internal = (TSS_DAA_PK_internal *)malloc(sizeof(TSS_DAA_PK_internal));
+ pk_internal->modulus = modulus;
+ pk_internal->capitalS = capitalS;
+ pk_internal->capitalZ = capitalZ;
+ pk_internal->capitalR0 = capitalR0;
+ pk_internal->capitalR1 = capitalR1;
+ pk_internal->gamma = gamma;
+ pk_internal->capitalGamma = capitalGamma;
+ pk_internal->rho = rho;
+ pk_internal->capitalRReceiver = capitalRReceiver;
+ pk_internal->capitalRIssuer = capitalRIssuer;
+ pk_internal->capitalY = ALLOC_BI_ARRAY();
+ populate_capitalY( pk_internal);
+ pk_internal->issuerBaseNameLength = issuerBaseNameLength;
+ pk_internal->issuerBaseName = issuerBaseName;
+ compute_capitalSprime( pk_internal);
+
+ LogDebug("<- create_DAA_PK");
+
+ return pk_internal;
+}
+
+#if 0
+
+/* moved to daa_debug.c */
+
+int
+save_DAA_PK_internal(FILE *file, const TSS_DAA_PK_internal *pk_internal)
+{
+ char *buffer;
+
+ LogDebug("-> save_DAA_PK_internal");
+
+ BI_SAVE( pk_internal->modulus, file);
+ BI_SAVE( pk_internal->capitalS, file);
+ BI_SAVE( pk_internal->capitalZ, file);
+ BI_SAVE( pk_internal->capitalR0, file);
+ BI_SAVE( pk_internal->capitalR1, file);
+ BI_SAVE( pk_internal->gamma, file);
+ BI_SAVE( pk_internal->capitalGamma, file);
+ BI_SAVE( pk_internal->rho, file);
+ BI_SAVE_ARRAY( pk_internal->capitalRReceiver, file);
+ BI_SAVE_ARRAY( pk_internal->capitalRIssuer, file);
+ fprintf( file, "%d\n", pk_internal->issuerBaseNameLength);
+ buffer = (char *)malloc( pk_internal->issuerBaseNameLength + 1);
+ memcpy( buffer, pk_internal->issuerBaseName, pk_internal->issuerBaseNameLength);
+ buffer[ pk_internal->issuerBaseNameLength] = 0;
+ fprintf( file, "%s\n", buffer);
+ free( buffer);
+
+ LogDebug("<- save_DAA_PK_internal");
+
+ return 0;
+}
+
+TSS_DAA_PK_internal *
+load_DAA_PK_internal(FILE *file)
+{
+ TSS_DAA_PK_internal *pk_internal =
+ (TSS_DAA_PK_internal *)malloc(sizeof(TSS_DAA_PK_internal));
+ char *read_buffer;
+
+ pk_internal->modulus = bi_new_ptr();
+ BI_LOAD( pk_internal->modulus, file);
+ pk_internal->capitalS = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalS, file);
+ pk_internal->capitalZ = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalZ, file);
+ pk_internal->capitalR0 = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalR0, file);
+ pk_internal->capitalR1 = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalR1, file);
+ pk_internal->gamma = bi_new_ptr();
+ BI_LOAD( pk_internal->gamma, file);
+ pk_internal->capitalGamma = bi_new_ptr();
+ BI_LOAD( pk_internal->capitalGamma, file);
+ pk_internal->rho = bi_new_ptr();
+ BI_LOAD( pk_internal->rho, file);
+ pk_internal->capitalRReceiver = ALLOC_BI_ARRAY();
+ BI_LOAD_ARRAY( pk_internal->capitalRReceiver, file);
+ pk_internal->capitalRIssuer = ALLOC_BI_ARRAY();
+ BI_LOAD_ARRAY( pk_internal->capitalRIssuer, file);
+ pk_internal->capitalY = ALLOC_BI_ARRAY();
+ populate_capitalY( pk_internal);
+ pk_internal->issuerBaseNameLength = read_int( file);
+ read_buffer = read_str( file);
+ pk_internal->issuerBaseName = malloc( pk_internal->issuerBaseNameLength);
+ memcpy( pk_internal->issuerBaseName, read_buffer, pk_internal->issuerBaseNameLength);
+ compute_capitalSprime( pk_internal);
+ return pk_internal;
+}
+
+#endif
+void
+dump_DAA_PK_internal(char *name, TSS_DAA_PK_internal *pk_internal)
+{
+ LogDebug("Dump TSS_DAA_PK_internal:%s\n", name);
+
+ DUMP_BI( pk_internal->modulus);
+ DUMP_BI( pk_internal->capitalS);
+ DUMP_BI( pk_internal->capitalZ);
+ DUMP_BI( pk_internal->capitalR0);
+ DUMP_BI( pk_internal->capitalR1);
+ DUMP_BI( pk_internal->gamma);
+ DUMP_BI( pk_internal->capitalGamma);
+ DUMP_BI( pk_internal->rho);
+ DUMP_BI_ARRAY( pk_internal->capitalRReceiver);
+ DUMP_BI_ARRAY( pk_internal->capitalRIssuer);
+
+ LogDebug("issuerBaseName = %s\n", pk_internal->issuerBaseName);
+ LogDebug("End Dump TSS_DAA_PK_internal:%s\n", name);
+}
+
+/*
+* Encode the DAA_PK like java.security.Key#getEncoded
+*/
+BYTE *
+encoded_DAA_PK_internal(int *result_length, const TSS_DAA_PK_internal *pk)
+{
+ int length_issuer_base_name = pk->issuerBaseNameLength;
+ int total_length = DAA_PARAM_TSS_VERSION_LENGTH +
+ 5 * ((DAA_PARAM_SIZE_RSA_MODULUS / 8)+ sizeof(int)) +
+ 2 * ((DAA_PARAM_SIZE_MODULUS_GAMMA / 8)+sizeof(int)) +
+ 1 * ((DAA_PARAM_SIZE_RHO / 8)+sizeof(int)) +
+ pk->capitalY->length*(((DAA_PARAM_SIZE_RSA_MODULUS / 8)+sizeof(int)))
+ + length_issuer_base_name;
+ BYTE *result = (BYTE *)malloc(total_length);
+ int i, index = 0, length, big_indian_length;
+
+ if (result == NULL)
+ return NULL;
+
+ LogDebug("total_length=%d", total_length);
+ for (index = 0; index < DAA_PARAM_TSS_VERSION_LENGTH; index++)
+ result[index] = DAA_PARAM_TSS_VERSION[index];
+ // n, capitalS, capitalZ, capitalR0, capitalR1
+ length = DAA_PARAM_SIZE_RSA_MODULUS / 8;
+ big_indian_length = length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->modulus);
+ index += length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->capitalS);
+ index += length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->capitalZ);
+ index += length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->capitalR0);
+ index += length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->capitalR1);
+ index += length;
+ // gamma, capitalGamma
+ length = DAA_PARAM_SIZE_MODULUS_GAMMA / 8;
+ big_indian_length = length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->gamma);
+ index += length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->capitalGamma);
+ index += length;
+ // rho
+ length = DAA_PARAM_SIZE_RHO / 8;
+ big_indian_length = length;
+ memcpy(&result[index], &big_indian_length, sizeof(int));
+ index += sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->rho);
+ index += length;
+ // capitalY
+ length = DAA_PARAM_SIZE_RSA_MODULUS / 8;
+ big_indian_length = length;
+
+ for( i=0; i<pk->capitalY->length; i++) {
+ memcpy( &result[index], &big_indian_length, sizeof(int));
+ index+=sizeof(int);
+ bi_2_byte_array( &result[index], length, pk->capitalY->array[i]);
+ index+=length;
+ }
+ // basename
+ memcpy( &result[index], pk->issuerBaseName, length_issuer_base_name);
+ index+=length_issuer_base_name;
+ *result_length = index;
+
+ LogDebug("return length=%d", index);
+
+ return result;
+}
+
+/* create anf feel a TSS_DAA_PK structures */
+TSS_DAA_PK *
+i_2_e_TSS_DAA_PK(TSS_DAA_PK_internal *pk_internal,
+ void *(*daa_alloc)(size_t size, TSS_HOBJECT param_alloc),
+ TSS_HOBJECT param_alloc)
+{
+ int i;
+ int capitalYLength;
+ int capitalYLength2;
+ TSS_DAA_PK *pk;
+
+ LogDebug("-> i_2_e_TSS_DAA_PK");
+ pk = (TSS_DAA_PK *)daa_alloc( sizeof(TSS_DAA_PK), param_alloc);
+ init_tss_version( pk);
+ if (pk == NULL) {
+ LogError("Can not allocate the TSS_DAA_PK structure");
+ return NULL;
+ }
+ STORE_DAA_PK_BI( modulus, daa_alloc, param_alloc);
+ STORE_DAA_PK_BI( capitalS, daa_alloc, param_alloc);
+ STORE_DAA_PK_BI( capitalZ, daa_alloc, param_alloc);
+ STORE_DAA_PK_BI( capitalR0, daa_alloc, param_alloc);
+ STORE_DAA_PK_BI( capitalR1, daa_alloc, param_alloc);
+ STORE_DAA_PK_BI( gamma, daa_alloc, param_alloc);
+ STORE_DAA_PK_BI( capitalGamma, daa_alloc, param_alloc);
+ STORE_DAA_PK_BI( rho, daa_alloc, param_alloc);
+ capitalYLength = pk_internal->capitalY->length;
+ capitalYLength2 = bi_nbin_size( pk_internal->capitalY->array[0]);
+ LogDebug("[capitalYLength=%d capitalYLength2=%d total size=%d]\n",
+ capitalYLength, capitalYLength2, sizeof(BYTE) * capitalYLength *
+ capitalYLength2);
+ pk->capitalY = (BYTE **) daa_alloc( sizeof(BYTE *) * capitalYLength, param_alloc );
+ for (i = 0; i < capitalYLength; i++) {
+ if( bi_nbin_size( pk_internal->capitalY->array[i]) != capitalYLength2) {
+ // LOG ERROR
+ LogError("Error during feel operation of capitalY (index=%d capitalYLength"
+ "2=%d, currentSize=%d)\n", i, capitalYLength2,
+ (int)bi_nbin_size(pk_internal->capitalY->array[i]));
+ }
+ BYTE *buffer = (BYTE*) daa_alloc( sizeof(BYTE) * capitalYLength2, param_alloc);
+ bi_2_byte_array( buffer, capitalYLength2, pk_internal->capitalY->array[i]);
+ // bi_2_nbin1( &checkSize, buffer, pk_internal->capitalY->array[i]);
+ pk->capitalY[i] = buffer;
+ LogDebug( "[i=%d currentsize=%d buffer[%d]=[%2x|%2x]\n",
+ i,
+ (int)bi_nbin_size( pk_internal->capitalY->array[i]),
+ (int)pk->capitalY[i],
+ (int)pk->capitalY[i][0],
+ (int)pk->capitalY[i][1]);
+ }
+ pk->capitalYLength = capitalYLength;
+ pk->capitalYLength2 = capitalYLength2;
+ pk->capitalYPlatformLength = pk_internal->capitalRReceiver->length;
+ LogDebug("issuer= len=%d", pk_internal->issuerBaseNameLength);
+ pk->issuerBaseNameLength = pk_internal->issuerBaseNameLength;
+ pk->issuerBaseName = (BYTE *)daa_alloc(pk_internal->issuerBaseNameLength, param_alloc);
+ memcpy( pk->issuerBaseName,
+ pk_internal->issuerBaseName,
+ pk_internal->issuerBaseNameLength);
+ LogDebug("i_2_e_TSS_DAA_PK extern_issuer=%s intern_issuer=%s\n",
+ pk->issuerBaseName,
+ pk_internal->issuerBaseName);
+ LogDebug("<- i_2_e_TSS_DAA_PK");
+ return pk;
+}
+
+/**/
+TSS_DAA_PK_internal *
+e_2_i_TSS_DAA_PK( TSS_DAA_PK *pk)
+{
+ TSS_DAA_PK_internal *pk_internal =
+ (TSS_DAA_PK_internal *)malloc(sizeof(TSS_DAA_PK_internal));
+ unsigned long capitalYLength, capitalYLength2, capitalYPlatformLength;
+ UINT32 i;
+ int issuer_length;
+
+ // pk_internal->modulus = GET_DAA_PK_BI( modulus);
+ pk_internal->modulus = get_bi(pk->modulusLength, pk->modulus);
+ pk_internal->capitalS = get_bi(pk->capitalSLength, pk->capitalS);
+ pk_internal->capitalZ = get_bi(pk->capitalZLength, pk->capitalZ);
+ pk_internal->capitalR0 = get_bi(pk->capitalR0Length, pk->capitalR0);
+ pk_internal->capitalR1 = get_bi(pk->capitalR1Length, pk->capitalR1);
+ pk_internal->gamma = get_bi(pk->gammaLength, pk->gamma);
+ pk_internal->capitalGamma = get_bi(pk->capitalGammaLength, pk->capitalGamma);
+ pk_internal->rho = get_bi(pk->rhoLength, pk->rho);
+ capitalYLength = pk->capitalYLength;
+ capitalYLength2= pk->capitalYLength2;
+ capitalYPlatformLength = pk->capitalYPlatformLength;
+ LogDebug( "capitalYLength:%ld capitalYLength2:%ld capitalYPlatformLength:%ld\n",
+ capitalYLength, capitalYLength2, capitalYPlatformLength);
+
+ pk_internal->capitalRReceiver = ALLOC_BI_ARRAY();
+ bi_new_array2(pk_internal->capitalRReceiver, capitalYPlatformLength);
+ for (i = 0; i < capitalYPlatformLength; i++) {
+ LogDebug( "i=%d\n", i);
+ pk_internal->capitalRReceiver->array[i] =
+ get_bi(pk->capitalYLength2, pk->capitalY[i]);
+ }
+ pk_internal->capitalRIssuer = ALLOC_BI_ARRAY();
+ bi_new_array2( pk_internal->capitalRIssuer, capitalYLength -
+ capitalYPlatformLength);
+ for( ; i<capitalYLength; i++) {
+ pk_internal->capitalRIssuer->array[ i - capitalYPlatformLength] =
+ get_bi( pk->capitalYLength2, pk->capitalY[i]);
+ }
+ pk_internal->capitalY = ALLOC_BI_ARRAY();
+ populate_capitalY( pk_internal);
+ issuer_length = pk->issuerBaseNameLength;
+ pk_internal->issuerBaseNameLength = issuer_length;
+ LogDebug( "issuer_length=%d\n", issuer_length);
+ pk_internal->issuerBaseName = (BYTE *)malloc( issuer_length);
+ memcpy( pk_internal->issuerBaseName, pk->issuerBaseName, issuer_length);
+ LogDebug("e_2_i_TSS_DAA_PK extern_issuer=%s intern_issuer=%s\n",
+ pk->issuerBaseName,
+ pk_internal->issuerBaseName);
+ compute_capitalSprime( pk_internal); // allocation
+ return pk_internal;
+}
+
+void
+free_TSS_DAA_PK_internal(TSS_DAA_PK_internal *pk_internal)
+{
+ bi_free_ptr( pk_internal->capitalSprime);
+ free( pk_internal->issuerBaseName);
+ free( pk_internal->capitalY);
+ bi_free_array( pk_internal->capitalRIssuer);
+ bi_free_array( pk_internal->capitalRReceiver);
+ bi_free_ptr( pk_internal->rho);
+ bi_free_ptr( pk_internal->capitalGamma);
+ bi_free_ptr( pk_internal->gamma);
+ bi_free_ptr( pk_internal->capitalR1);
+ bi_free_ptr( pk_internal->capitalR0);
+ bi_free_ptr( pk_internal->capitalZ);
+ bi_free_ptr( pk_internal->capitalS);
+ bi_free_ptr( pk_internal->modulus);
+ free( pk_internal);
+}
+
+/* free a TSS_DAA_PK structures */
+void
+free_TSS_DAA_PK(TSS_DAA_PK *pk)
+{
+ int i;
+
+ LogDebug("-> free_TSS_DAA_PK");
+ free( pk->modulus);
+ free( pk->capitalS);
+ free( pk->capitalZ);
+ free( pk->capitalR0);
+ free( pk->capitalR1);
+ free( pk->gamma);
+ free( pk->capitalGamma);
+ free( pk->rho);
+ for( i=0; i<(int)pk->capitalYLength; i++) {
+ free( pk->capitalY[i]);
+ }
+ free( pk->capitalY);
+ free( pk->issuerBaseName);
+ free( pk);
+ LogDebug("<- free_TSS_DAA_PK");
+
+}
+
+TPM_DAA_ISSUER *
+convert2issuer_settings(TSS_DAA_PK_internal *pk_internal)
+{
+ TPM_DAA_ISSUER *result = (TPM_DAA_ISSUER *)malloc(sizeof(TPM_DAA_ISSUER));
+ EVP_MD_CTX *mdctx;
+ UINT32 length;
+ BYTE *array = (BYTE*)malloc((DAA_PARAM_SIZE_RSA_MODULUS+7)/8);
+
+ LogDebug("convert2issuer_settings");
+ EVP_MD_CTX_create(mdctx);
+ // TAG
+ result->tag = htons( TPM_TAG_DAA_ISSUER);
+ // capitalR0
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ bi_2_byte_array( array,
+ length = (bi_length( pk_internal->capitalR0)+7)/8,
+ pk_internal->capitalR0);
+ LogDebug("capitalR0 length=%d", length);
+ EVP_DigestUpdate(mdctx, array, length);
+ EVP_DigestFinal_ex(mdctx, (BYTE *)&(result->DAA_digest_R0), NULL);
+ // capitalR1
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ bi_2_byte_array( array,
+ length = (bi_length( pk_internal->capitalR1)+7)/8,
+ pk_internal->capitalR1);
+ LogDebug("capitalR1 length=%d", length);
+ EVP_DigestUpdate(mdctx, array, length);
+ EVP_DigestFinal_ex(mdctx, (BYTE *)&(result->DAA_digest_R1), NULL);
+ // capitalS (S0)
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ bi_2_byte_array( array,
+ length = (bi_length( pk_internal->capitalS)+7)/8,
+ pk_internal->capitalS);
+ LogDebug("capitalS length=%d", length);
+ EVP_DigestUpdate(mdctx, array, length);
+ EVP_DigestFinal_ex(mdctx, (BYTE *)&(result->DAA_digest_S0), NULL);
+ // capitalSprime (S1)
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ bi_2_byte_array( array,
+ length = (bi_length( pk_internal->capitalSprime)+7)/8,
+ pk_internal->capitalSprime);
+ LogDebug("capitalSprime length=%d", length);
+ EVP_DigestUpdate(mdctx, array, length);
+ EVP_DigestFinal_ex(mdctx, (BYTE *)&(result->DAA_digest_S1), NULL);
+ // modulus (n)
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ bi_2_byte_array( array,
+ length = (bi_length( pk_internal->modulus)+7)/8,
+ pk_internal->modulus);
+ LogDebug("modulus length=%d", length);
+ EVP_DigestUpdate(mdctx, array, length);
+ EVP_DigestFinal_ex(mdctx, (BYTE *)&(result->DAA_digest_n), NULL);
+ // modulus (n)
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ bi_2_byte_array( array,
+ length = (bi_length( pk_internal->capitalGamma)+7)/8,
+ pk_internal->capitalGamma);
+ LogDebug("capitalGamma length=%d", length);
+ EVP_DigestUpdate(mdctx, array, length);
+ free(array);
+ EVP_DigestFinal_ex(mdctx, (BYTE *)&(result->DAA_digest_gamma), NULL);
+ EVP_MD_CTX_destroy(mdctx);
+ // rho
+ bi_2_byte_array( (BYTE *)&(result->DAA_generic_q), 26, pk_internal->rho);
+ return result;
+}
+
+BYTE *
+issuer_2_byte_array(TPM_DAA_ISSUER *tpm_daa_issuer, int *length)
+{
+ UINT32 size = sizeof(UINT16) + ( 6 * TPM_SHA1_160_HASH_LEN) + 26;
+ BYTE * result = (BYTE *)malloc( sizeof(BYTE)*size);
+ UINT32 i = 0;
+
+ memcpy( &result[i], &(tpm_daa_issuer->tag), sizeof(UINT16));
+ i+=sizeof(UINT16);
+ memcpy( &result[i], &(tpm_daa_issuer->DAA_digest_R0), TPM_SHA1_160_HASH_LEN);
+ i+=TPM_SHA1_160_HASH_LEN;
+ memcpy( &result[i], &(tpm_daa_issuer->DAA_digest_R1), TPM_SHA1_160_HASH_LEN);
+ i+=TPM_SHA1_160_HASH_LEN;
+ memcpy( &result[i], &(tpm_daa_issuer->DAA_digest_S0), TPM_SHA1_160_HASH_LEN);
+ i+=TPM_SHA1_160_HASH_LEN;
+ memcpy( &result[i], &(tpm_daa_issuer->DAA_digest_S1), TPM_SHA1_160_HASH_LEN);
+ i+=TPM_SHA1_160_HASH_LEN;
+ memcpy( &result[i], &(tpm_daa_issuer->DAA_digest_n), TPM_SHA1_160_HASH_LEN);
+ i+=TPM_SHA1_160_HASH_LEN;
+ memcpy( &result[i], &(tpm_daa_issuer->DAA_digest_gamma), TPM_SHA1_160_HASH_LEN);
+ i+=TPM_SHA1_160_HASH_LEN;
+ memcpy( &result[i], &(tpm_daa_issuer->DAA_generic_q), 26);
+ *length = size;
+ return result;
+}
+
+/********************************************************************************************
+* TSS_DAA_PK_PROOF
+********************************************************************************************/
+
+/*
+* this function keep references on:
+* - challenge (BYTE *)
+* - response (bi_array_ptr *)
+*/
+TSS_DAA_PK_PROOF_internal *
+create_DAA_PK_PROOF(BYTE* const challenge,
+ const int length_challenge,
+ bi_array_ptr *response,
+ const int length_response)
+{
+ TSS_DAA_PK_PROOF_internal *pk_proof;
+
+#ifdef DAA_DEBUG
+ printf("create_DAA_PK_PROOF_internal\n");
+#endif
+ pk_proof = (TSS_DAA_PK_PROOF_internal *)malloc( sizeof(TSS_DAA_PK_PROOF_internal));
+ pk_proof->challenge = challenge;
+ pk_proof->length_challenge = length_challenge;
+ pk_proof->response = response;
+ pk_proof->length_response = length_response;
+ return pk_proof;
+}
+
+#if 0
+int
+save_DAA_PK_PROOF_internal(FILE *file, TSS_DAA_PK_PROOF_internal *proof)
+{
+ int i;
+
+#ifdef DAA_DEBUG
+ printf("save_DAA_PK_PROOF_internal");
+#endif
+ fprintf(file, "%d # %s.length\n", proof->length_challenge, "challenge");
+ fprintf(file, "%s\n", dump_byte_array( proof->length_challenge,
+ proof->challenge));
+ fprintf(file, "%d # %s.length\n", proof->length_response, "response");
+ for (i = 0; i < proof->length_response; i++) {
+ BI_SAVE_ARRAY( proof->response[i], file);
+ }
+
+ return 0;
+}
+
+/* load <proof> using <filename> */
+/* allocation of: */
+/* proof->challenge (BYTE*) */
+/* response (bi_array_ptr) */
+TSS_DAA_PK_PROOF_internal *
+load_DAA_PK_PROOF_internal(FILE *file)
+{
+ TSS_DAA_PK_PROOF_internal *proof =
+ (TSS_DAA_PK_PROOF_internal *)malloc(sizeof(TSS_DAA_PK_PROOF_internal));
+ char *read_buffer;
+ int i;
+
+#ifdef DAA_DEBUG
+ printf("load_DAA_PK_PROOF_internal");
+#endif
+ proof->length_challenge = read_int( file);
+ read_buffer = read_str( file);
+ proof->challenge = retrieve_byte_array( &(proof->length_challenge),read_buffer);
+ proof->length_response = read_int( file);
+ proof->response = (bi_array_ptr *)malloc( sizeof(bi_array_ptr) * proof->length_response);
+ for (i = 0; i < proof->length_response; i++) {
+ proof->response[i] = ALLOC_BI_ARRAY();
+ BI_LOAD_ARRAY( proof->response[i], file);
+ }
+ return proof;
+}
+#endif
+
+TSS_DAA_PK_PROOF *
+i_2_e_TSS_DAA_PK_PROOF(TSS_DAA_PK_PROOF_internal*pk_internal_proof,
+ void * (*daa_alloc)(size_t size, TSS_HOBJECT param),
+ TSS_HOBJECT param_alloc)
+{
+ TSS_DAA_PK_PROOF *pk_proof =
+ (TSS_DAA_PK_PROOF *)daa_alloc( sizeof(TSS_DAA_PK_PROOF), param_alloc);
+ int i, j;
+ int length_response2;
+ int length_response3;
+
+ init_tss_version( pk_proof);
+ // CHALLENGE
+ pk_proof->challengeLength = pk_internal_proof->length_challenge;
+ pk_proof->challenge = (BYTE *)daa_alloc( pk_internal_proof->length_challenge,
+ param_alloc);
+ memcpy( pk_proof->challenge, pk_internal_proof->challenge,
+ pk_internal_proof->length_challenge);
+ // RESPONSES
+ pk_proof->responseLength = pk_internal_proof->length_response;
+ length_response2 = pk_internal_proof->response[0]->length;
+ pk_proof->responseLength2 = length_response2;
+ length_response3 = bi_nbin_size(
+ pk_internal_proof->response[0]->array[0]);
+ if( length_response3 & 1) length_response3++; // length_response3 should be paire
+ pk_proof->responseLength3 = length_response3;
+ pk_proof->response = (BYTE ***)daa_alloc( sizeof(BYTE **) *
+ pk_internal_proof->length_response, param_alloc);
+ for(i = 0; i < pk_internal_proof->length_response; i++) {
+ pk_proof->response[i] = (BYTE **)daa_alloc( sizeof(BYTE *) * length_response2,
+ param_alloc);
+ for( j = 0; j < length_response2; j++) {
+ (pk_proof->response[i])[j] = (BYTE *)malloc(
+ sizeof(BYTE) * length_response3);
+ bi_2_byte_array( pk_proof->response[i][j],
+ length_response3,
+ pk_internal_proof->response[i]->array[j]);
+ }
+ }
+ return pk_proof;
+}
+
+TSS_DAA_PK_PROOF_internal *
+e_2_i_TSS_DAA_PK_PROOF(TSS_DAA_PK_PROOF *pk_proof)
+{
+ int i, j, response_length2;
+ TSS_DAA_PK_PROOF_internal *pk_proof_internal =
+ (TSS_DAA_PK_PROOF_internal *)malloc( sizeof( TSS_DAA_PK_PROOF_internal));
+
+ // CHALLENGE
+ pk_proof_internal->length_challenge = pk_proof->challengeLength;
+#ifdef DAA_DEBUG
+ fprintf(stderr, "issuer_length=%d\n", pk_proof_internal->length_challenge);
+#endif
+ pk_proof_internal->challenge = (BYTE *)malloc( pk_proof_internal->length_challenge);
+ memcpy( pk_proof_internal->challenge,
+ pk_proof->challenge,
+ pk_proof_internal->length_challenge);
+ // RESPONSES
+ pk_proof_internal->length_response = pk_proof->responseLength;
+ response_length2 = pk_proof->responseLength2;
+ pk_proof_internal->response =
+ (bi_array_ptr *)malloc( sizeof(bi_array_ptr) *
+ pk_proof_internal->length_response);
+ for(i = 0; i<pk_proof_internal->length_response; i++) {
+ pk_proof_internal->response[i] = ALLOC_BI_ARRAY();
+ bi_new_array2( pk_proof_internal->response[i], response_length2);
+ for( j = 0; j < response_length2; j++) {
+ pk_proof_internal->response[i]->array[j] =
+ get_bi( pk_proof->responseLength3, pk_proof->response[i][j]);
+ }
+ }
+ return pk_proof_internal;
+}
+
+
+/********************************************************************************************
+* TSS_DAA_JOIN_ISSUER_SESSION
+********************************************************************************************/
+
+TSS_DAA_JOIN_ISSUER_SESSION_internal *
+create(TSS_DAA_PK_PROOF_internal *issuerKeyPair,
+ TPM_DAA_ISSUER *issuerAuthKey,
+ TSS_DAA_IDENTITY_PROOF *identityProof,
+ bi_ptr capitalUprime,
+ int daaCounter,
+ int nonceIssuerLength,
+ BYTE *nonceIssuer,
+ int nonceEncryptedLength,
+ BYTE *nonceEncrypted)
+{
+ TSS_DAA_JOIN_ISSUER_SESSION_internal *result =
+ (TSS_DAA_JOIN_ISSUER_SESSION_internal *)malloc(
+ sizeof(TSS_DAA_JOIN_ISSUER_SESSION_internal));
+
+ result->issuerAuthKey = issuerAuthKey;
+ result->issuerKeyPair = issuerKeyPair;
+ result->identityProof = identityProof;
+ result->capitalUprime = capitalUprime;
+ result->daaCounter = daaCounter;
+ result->nonceIssuerLength = nonceIssuerLength;
+ result->nonceIssuer = nonceIssuer;
+ result->nonceEncryptedLength = nonceEncryptedLength;
+ result->nonceEncrypted = nonceEncrypted;
+ return result;
+}
+
+
+/********************************************************************************************
+ * TSS_DAA_SIGNATURE
+ ********************************************************************************************/
+
+TSS_DAA_SIGNATURE_internal*
+e_2_i_TSS_DAA_SIGNATURE(TSS_DAA_SIGNATURE* signature)
+{
+ TSS_DAA_SIGNATURE_internal *signature_intern =
+ (TSS_DAA_SIGNATURE_internal *)malloc( sizeof( TSS_DAA_SIGNATURE_internal));
+ int i, length;
+
+ signature_intern->zeta = bi_set_as_nbin( signature->zetaLength, signature->zeta);
+ signature_intern->capitalT = bi_set_as_nbin( signature->capitalTLength,
+ signature->capitalT);
+ signature_intern->challenge_length = signature->challengeLength;
+ signature_intern->challenge = (BYTE *)malloc( signature->challengeLength);
+ memcpy( signature_intern->challenge,
+ signature->challenge,
+ signature->challengeLength);
+ signature_intern->nonce_tpm_length = signature->nonceTpmLength;
+ signature_intern->nonce_tpm = (BYTE *)malloc( signature->nonceTpmLength);
+ memcpy( signature_intern->nonce_tpm, signature->nonceTpm, signature->nonceTpmLength);
+ signature_intern->sV = bi_set_as_nbin( signature->sVLength, signature->sV);
+ signature_intern->sF0 = bi_set_as_nbin( signature->sF0Length, signature->sF0);
+ signature_intern->sF1 = bi_set_as_nbin( signature->sF1Length, signature->sF1);
+ signature_intern->sE = bi_set_as_nbin( signature->sELength, signature->sE);
+ signature_intern->sA = (bi_array_ptr)malloc( sizeof( bi_array));
+ bi_new_array2( signature_intern->sA, signature->sALength);
+ length = ( DAA_PARAM_SIZE_RANDOMIZED_ATTRIBUTES + 7) / 8;
+ for (i = 0; i < (int)signature->sALength; i++) {
+ signature_intern->sA->array[i] = bi_set_as_nbin( length, signature->sA[i]);
+ }
+
+ return signature_intern;
+}
+
+void
+free_TSS_DAA_SIGNATURE_internal(TSS_DAA_SIGNATURE_internal *signature)
+{
+ bi_free_array( signature->sA);
+ bi_free_ptr( signature->sE);
+ bi_free_ptr( signature->sF1);
+ bi_free_ptr( signature->sF0);
+ bi_free_ptr( signature->sV);
+ free( signature->nonce_tpm);
+ free( signature->challenge);
+ bi_free_ptr( signature->capitalT);
+ bi_free_ptr( signature->zeta);
+ free( signature);
+}
+
+#if 0
+/********************************************************************************************
+ TSS_DAA_CRED_ISSUER
+********************************************************************************************/
+
+TSS_DAA_CRED_ISSUER *
+load_TSS_DAA_CRED_ISSUER(FILE *file)
+{
+ TSS_DAA_CRED_ISSUER *credential =
+ (TSS_DAA_CRED_ISSUER *)malloc(sizeof(TSS_DAA_CRED_ISSUER));
+ char *read_buffer;
+ int i, len;
+
+ init_tss_version( credential);
+ credential->capitalALength = read_int( file);
+ read_buffer = read_str( file);
+ credential->capitalA = retrieve_byte_array( &(credential->capitalALength),
+ read_buffer);
+ credential->eLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->e = retrieve_byte_array( &(credential->eLength),read_buffer);
+ credential->vPrimePrimeLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->vPrimePrime = retrieve_byte_array(&(credential->vPrimePrimeLength),
+ read_buffer);
+ // attributes issuer
+ credential->attributesIssuerLength = read_int( file);
+ credential->attributesIssuer = malloc(credential->attributesIssuerLength*sizeof(BYTE*));
+ for( i=0; i < (int)credential->attributesIssuerLength; i++) {
+ credential->attributesIssuer[i] = retrieve_byte_array( &len, read_buffer);
+ }
+ credential->cPrimeLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->cPrime = retrieve_byte_array( &(credential->cPrimeLength),read_buffer);
+ credential->sELength = read_int( file);
+ read_buffer = read_str( file);
+ credential->sE = retrieve_byte_array( &(credential->sELength),read_buffer);
+ return credential;
+}
+
+int
+save_TSS_DAA_CRED_ISSUER(FILE *file, TSS_DAA_CRED_ISSUER *credential)
+{
+ int i;
+
+ fprintf(file, "%d # %s.length\n", credential->capitalALength, "capitalA");
+ fprintf(file, "%s\n", dump_byte_array( credential->capitalALength,
+ credential->capitalA));
+ fprintf(file, "%d # %s.length\n", credential->eLength, "e");
+ fprintf(file, "%s\n", dump_byte_array( credential->eLength,
+ credential->e));
+ fprintf(file, "%d # %s.length\n", credential->vPrimePrimeLength, "vPrimePrime");
+ fprintf(file, "%s\n", dump_byte_array( credential->vPrimePrimeLength,
+ credential->vPrimePrime));
+ fprintf(file, "%d # %s\n", credential->attributesIssuerLength, "attributesIssuerLength");
+ for( i=0; i < (int)credential->attributesIssuerLength; i++) {
+ fprintf(file, "%s\n", dump_byte_array( DAA_PARAM_SIZE_F_I / 8,
+ credential->attributesIssuer[i]));
+
+ }
+ fprintf(file, "%d # %s.length\n", credential->cPrimeLength, "cPrime");
+ fprintf(file, "%s\n", dump_byte_array( credential->cPrimeLength,
+ credential->cPrime));
+ fprintf(file, "%d # %s.length\n", credential->sELength, "sE");
+ fprintf(file, "%s\n", dump_byte_array( credential->sELength,
+ credential->sE));
+ return 0;
+}
+
+
+/********************************************************************************************
+ TSS_DAA_CREDENTIAL
+********************************************************************************************/
+
+TSS_DAA_CREDENTIAL *
+load_TSS_DAA_CREDENTIAL(FILE *file)
+{
+ TSS_DAA_CREDENTIAL *credential =
+ (TSS_DAA_CREDENTIAL *)malloc(sizeof(TSS_DAA_CREDENTIAL));
+ char *read_buffer;
+ int i, len;
+ TSS_DAA_PK_internal *pk_internal;
+ TSS_DAA_PK *pk;
+
+ init_tss_version( credential);
+ credential->capitalALength = read_int( file);
+ read_buffer = read_str( file);
+ credential->capitalA = retrieve_byte_array( &(credential->capitalALength),
+ read_buffer);
+ credential->exponentLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->exponent = retrieve_byte_array( &(credential->exponentLength),
+ read_buffer);
+ credential->vBar0Length = read_int( file);
+ read_buffer = read_str( file);
+ credential->vBar0 = retrieve_byte_array(&(credential->vBar0Length),
+ read_buffer);
+ credential->vBar1Length = read_int( file);
+ read_buffer = read_str( file);
+ credential->vBar1 = retrieve_byte_array(&(credential->vBar1Length),
+ read_buffer);
+ // attributes issuer
+ credential->attributesLength = read_int( file);
+ printf("attributesLength=%d\n", credential->attributesLength);
+ credential->attributes = malloc(credential->attributesLength * sizeof( BYTE *));
+ for( i=0; i < (int)credential->attributesLength; i++) {
+ read_buffer = read_str( file);
+ credential->attributes[i] = retrieve_byte_array( &len, read_buffer);
+ if( len != DAA_PARAM_SIZE_F_I / 8) {
+ LogError("Error when parsing attributes");
+ LogError("\tattribute length:%d", len);
+ LogError("\texpected length:%d", DAA_PARAM_SIZE_F_I / 8);
+ return NULL;
+ }
+ }
+ pk_internal = load_DAA_PK_internal( file);
+ pk = i_2_e_TSS_DAA_PK( pk_internal, &normal_malloc, (TSS_HOBJECT)NULL);
+ memcpy( &(credential->issuerPK), pk, sizeof(TSS_DAA_PK));
+ free( pk);
+ free_TSS_DAA_PK_internal( pk_internal);
+ credential->tpmSpecificEncLength = read_int( file);
+ read_buffer = read_str( file);
+ credential->tpmSpecificEnc = retrieve_byte_array( &(credential->tpmSpecificEncLength),
+ read_buffer);
+ credential->daaCounter = read_int( file);
+ return credential;
+}
+
+int
+save_TSS_DAA_CREDENTIAL(FILE *file,
+ TSS_DAA_CREDENTIAL *credential)
+{
+ int i;
+ TSS_DAA_PK_internal *pk_internal;
+
+ fprintf(file, "%d # %s.length\n", credential->capitalALength, "capitalA");
+ fprintf(file, "%s\n", dump_byte_array( credential->capitalALength,
+ credential->capitalA));
+ fprintf(file, "%d # %s.length\n", credential->exponentLength, "exponent");
+ fprintf(file, "%s\n", dump_byte_array( credential->exponentLength,
+ credential->exponent));
+ fprintf(file, "%d # %s.length\n", credential->vBar0Length, "vBar0");
+ fprintf(file, "%s\n", dump_byte_array( credential->vBar0Length,
+ credential->vBar0));
+ fprintf(file, "%d # %s.length\n", credential->vBar1Length, "vBar1");
+ fprintf(file, "%s\n", dump_byte_array( credential->vBar1Length,
+ credential->vBar1));
+ fprintf(file, "%d # %s\n", credential->attributesLength, "attributesLength");
+ for( i=0; i < (int)credential->attributesLength; i++) {
+ fprintf(file, "%s\n", dump_byte_array( DAA_PARAM_SIZE_F_I / 8,
+ credential->attributes[i]));
+ }
+ pk_internal = e_2_i_TSS_DAA_PK( &(credential->issuerPK) );
+ save_DAA_PK_internal( file, pk_internal);
+ free_TSS_DAA_PK_internal( pk_internal);
+ fprintf(file, "%d # %s.length\n", credential->tpmSpecificEncLength, "tpmSpecificEnc");
+ fprintf(file, "%s\n", dump_byte_array( credential->tpmSpecificEncLength,
+ credential->tpmSpecificEnc));
+ fprintf(file, "%d # daaCounter\n", credential->daaCounter);
+ return 0;
+}
+#endif
+/********************************************************************************************
+ TPM_DAA_ISSUER
+********************************************************************************************/
+
+void
+free_TPM_DAA_ISSUER(TPM_DAA_ISSUER *tpm_daa_issuer)
+{
+ free(tpm_daa_issuer);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_verifier/verifier.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_verifier/verifier.c
new file mode 100644
index 0000000..ad7cef1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_verifier/verifier.c
@@ -0,0 +1,57 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "bi.h"
+#include "daa_parameter.h"
+#include "trousers/tss.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include <trousers/trousers.h>
+#include <obj.h>
+#include "tsplog.h"
+#include "tss/tcs.h"
+#include "platform.h"
+
+#include "verifier.h"
+
+TSPICALL Tspi_DAA_VerifyInit_internal
+(
+ TSS_HDAA hDAA, // in
+ UINT32* nonceVerifierLength, // out
+ BYTE** nonceVerifier, // out
+ UINT32 baseNameLength, // out
+ BYTE ** baseName // out
+) {
+ TSS_RESULT result = TSS_SUCCESS;
+ TCS_CONTEXT_HANDLE tcsContext;
+ bi_ptr nounce = NULL;
+
+ //TODO how to setup the baseName & baseNameLength
+ if( (result = obj_daa_get_tsp_context( hDAA, &tcsContext)) != TSS_SUCCESS)
+ goto close;
+ *nonceVerifierLength = DAA_PARAM_LENGTH_MESSAGE_DIGEST;
+ *nonceVerifier = calloc_tspi( tcsContext, DAA_PARAM_LENGTH_MESSAGE_DIGEST);
+ if (*nonceVerifier == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_LENGTH_MESSAGE_DIGEST);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ nounce = bi_new_ptr();
+ bi_urandom( nounce, DAA_PARAM_LENGTH_MESSAGE_DIGEST * 8);
+ bi_2_byte_array( *nonceVerifier, DAA_PARAM_LENGTH_MESSAGE_DIGEST, nounce);
+close:
+ FREE_BI( nounce);
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_verifier/verifier_transaction.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_verifier/verifier_transaction.c
new file mode 100644
index 0000000..bb24f26
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/daa_verifier/verifier_transaction.c
@@ -0,0 +1,875 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+// for message digest
+#include <openssl/evp.h>
+
+#include "daa_structs.h"
+#include "daa_parameter.h"
+#include "trousers/tss.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include <trousers/trousers.h>
+#include <spi_utils.h>
+#include <obj.h>
+#include "tsplog.h"
+#include "tss/tcs.h"
+#include "verifier.h"
+
+#include "trousers/tss.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+
+#include "anonymity_revocation.h"
+
+DAA_VERIFIER_TRANSACTION *create_verifier_transaction( int length, char *base_name) {
+ DAA_VERIFIER_TRANSACTION *verifier_transaction =
+ malloc(sizeof(DAA_VERIFIER_TRANSACTION));
+
+ if (verifier_transaction == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(DAA_VERIFIER_TRANSACTION));
+ return NULL;
+ }
+ verifier_transaction->baseName = base_name;
+ verifier_transaction->baseName_length = length;
+ OpenSSL_add_all_digests();
+ verifier_transaction->digest = DAA_PARAM_get_message_digest();
+ return verifier_transaction;
+}
+
+static int verifyNonce( BYTE *nonce_verifier, int length) {
+ //TODO check nonce_verifier with the current transaction nonce
+ return 1;
+}
+
+BYTE *compute_bytes( int seedLength, BYTE *seed, int length, const EVP_MD *digest) {
+ EVP_MD_CTX *mdctx;
+ int N;
+ BYTE *hash;
+ BYTE *result;
+ int i, big_indian_i, len_hash;
+
+ result = (BYTE *)malloc( length);
+ if (result == NULL) {
+ LogError("malloc of %d bytes failed", length);
+ return NULL;
+ }
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, digest, NULL);
+ len_hash = EVP_MD_size(digest);
+ N = length / len_hash;
+ hash = (BYTE *)malloc( len_hash);
+ if (hash == NULL) {
+ LogError("malloc of %d bytes failed", len_hash);
+ return NULL;
+ }
+ for( i=0; i<N; i++) {
+ EVP_DigestUpdate(mdctx, seed, seedLength);
+ big_indian_i = htonl( i);
+ EVP_DigestUpdate(mdctx, &big_indian_i, sizeof( int));
+ EVP_DigestFinal_ex(mdctx, &result[ i * len_hash], NULL);
+ EVP_DigestInit_ex(mdctx, digest, NULL);
+ }
+ // fill up the rest of the array (i=N)
+ EVP_DigestUpdate(mdctx, seed, seedLength);
+ big_indian_i = htonl( i);
+ EVP_DigestUpdate(mdctx, &big_indian_i, sizeof( int));
+ EVP_DigestFinal(mdctx, hash, NULL);
+ // copy the rest: base_nameLength % len_hash bytes
+ memcpy( &result[ i * len_hash], hash, length - N * len_hash);
+ free( hash);
+ EVP_MD_CTX_destroy(mdctx);
+ return result;
+}
+
+/* from DAAUtil */
+bi_ptr project_into_group_gamma( bi_ptr base, TSS_DAA_PK_internal *issuer_pk) {
+ bi_t exponent; bi_new( exponent);
+ bi_ptr capital_gamma = issuer_pk->capitalGamma;
+ bi_ptr rho = issuer_pk->rho;
+ bi_ptr zeta = bi_new_ptr();
+
+ if( capital_gamma == NULL ||
+ rho == NULL ||
+ zeta == NULL) return NULL;
+ // exponent = capital_gamma - 1
+ bi_sub( exponent, capital_gamma, bi_1);
+ // exponent = exponent / rho
+ bi_div( exponent, exponent, rho);
+ // zeta = ( base ^ exponent) % capital_gamma
+ LogDebug("project_into_group_gamma: rho [%ld]:%s",
+ bi_nbin_size( rho), bi_2_hex_char( rho));
+ LogDebug("project_into_group_gamma: base[%ld]:%s",
+ bi_nbin_size( base), bi_2_hex_char( base));
+ LogDebug("project_into_group_gamma: exponent [%ld]:%s",
+ bi_nbin_size( exponent), bi_2_hex_char( exponent));
+ LogDebug("project_into_group_gamma: capitalGamma[%ld]:%s",
+ bi_nbin_size( capital_gamma),
+ bi_2_hex_char( capital_gamma));
+ bi_mod_exp( zeta, base, exponent, capital_gamma);
+ LogDebug("project_into_group_gamma: result:%s", bi_2_hex_char( zeta));
+ bi_free( exponent);
+ return zeta;
+}
+
+bi_ptr compute_zeta( int nameLength, unsigned char *name, TSS_DAA_PK_internal *issuer_pk) {
+ BYTE *bytes;
+ bi_ptr base;
+ bi_ptr result;
+
+ LogDebug("compute_zeta: %d [%s] pk:%x", nameLength, name, (int)issuer_pk);
+ bytes = compute_bytes( nameLength,
+ name,
+ DAA_PARAM_LENGTH_MFG1_GAMMA,
+ DAA_PARAM_get_message_digest());
+ if( bytes == NULL) return NULL;
+ base = bi_set_as_nbin( DAA_PARAM_LENGTH_MFG1_GAMMA, bytes);
+ if( base == NULL) return NULL;
+ LogDebug("base: %ld [%s]", bi_nbin_size( base), bi_2_hex_char( base));
+ result = project_into_group_gamma( base, issuer_pk);
+ if( result == NULL) return NULL;
+ bi_free_ptr( base);
+ free( bytes);
+ LogDebug("return zeta:%s\n", bi_2_hex_char( result));
+ return result;
+}
+
+bi_ptr compute_parameterized_gamma(int k, TSS_DAA_PK_internal *issuer_pk) {
+ int length;
+ int hashLength = bi_nbin_size( issuer_pk->gamma) + sizeof(int);
+ BYTE *hash;
+ int big_indian_k = htonl( k);
+ BYTE *bytes;
+ bi_ptr value, result;
+
+ hash = (BYTE *)malloc( hashLength);
+ if (hash == NULL) {
+ LogError("malloc of %d bytes failed", hashLength);
+ return NULL;
+ }
+ // hash[0-3] = big_indian(k)
+ memcpy( hash, &big_indian_k, sizeof(int));
+ // hash[4-end] = issuer_pk->gamma
+ bi_2_nbin1( &length, &hash[sizeof(int)], issuer_pk->gamma);
+ // allocation
+ bytes = compute_bytes( hashLength, hash,
+ DAA_PARAM_LENGTH_MFG1_GAMMA,
+ DAA_PARAM_get_message_digest());
+ if( bytes == NULL) return NULL;
+ // allocation
+ value = bi_set_as_nbin( DAA_PARAM_LENGTH_MFG1_GAMMA, bytes);
+ if( value == NULL) return NULL;
+ result = project_into_group_gamma( value, issuer_pk); // allocation
+ if (result == NULL) {
+ LogError("malloc of %d bytes failed", hashLength);
+ return NULL;
+ }
+ bi_free_ptr( value);
+ free( bytes);
+ return result;
+}
+
+inline bi_ptr apply_challenge( bi_ptr value, bi_ptr delta, bi_ptr c, bi_ptr capital_gamma) {
+ bi_ptr delta_tilde = bi_new_ptr();
+ bi_t c_negate;
+
+ if( delta_tilde == NULL) return NULL;
+ bi_new( c_negate);
+ bi_set( c_negate, c);
+ bi_negate( c_negate);
+ // delta_tilde = ( delta ^ (-c)) % capital_gamma
+ bi_mod_exp( delta_tilde, delta, c_negate, capital_gamma);
+ bi_free( c_negate);
+ // delta_tilde = (delta_tilde * value) % capital_gamma
+ return bi_mod( delta_tilde, bi_mul( delta_tilde, delta_tilde, value), capital_gamma);
+}
+
+DAA_VERIFIER_TRANSACTION *createTransaction(int baseName_length, BYTE* baseName) {
+ DAA_VERIFIER_TRANSACTION *result =
+ (DAA_VERIFIER_TRANSACTION *)malloc( sizeof(DAA_VERIFIER_TRANSACTION));
+
+ if (result == NULL) {
+ LogError("malloc of %d bytes failed", sizeof(DAA_VERIFIER_TRANSACTION));
+ return NULL;
+ }
+ result->baseName = baseName;
+ result->baseName_length = baseName_length;
+ return result;
+}
+
+void update( EVP_MD_CTX *mdctx, char *name, bi_ptr integer, int bitLength) {
+ int length = bitLength / 8;
+ BYTE buffer[length];
+
+ bi_2_byte_array( buffer, length, integer);
+ LogDebug("[update] %s:%s", name, dump_byte_array( length, buffer));
+ EVP_DigestUpdate(mdctx, buffer, length);
+}
+
+BYTE *compute_sign_challenge_host(
+ int *result_length,
+ EVP_MD *digest,
+ TSS_DAA_PK_internal *issuer_pk,
+ int nonce_verifierLength,
+ BYTE *nonce_verifier,
+ int selected_attributes2commitLength,
+ TSS_DAA_SELECTED_ATTRIB **selected_attributes2commit,
+ int is_anonymity_revocation_enabled,
+ bi_ptr zeta,
+ bi_ptr capital_t,
+ bi_ptr capital_tilde,
+ int attribute_commitmentsLength,
+ TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitments,
+ TSS_DAA_ATTRIB_COMMIT_internal **attribute_commitment_proofs,
+ bi_ptr capital_nv,
+ bi_ptr capital_tilde_v,
+ CS_PUBLIC_KEY *anonymity_revocator_pk,
+ CS_ENCRYPTION_RESULT *encryption_result_rand,
+ CS_ENCRYPTION_RESULT *encryption_result_proof
+) {
+ EVP_MD_CTX *mdctx;
+ int i, length;
+ unsigned int big_indian;
+ BYTE *buffer;
+ int length_gamma_modulus;
+ BYTE *buffer1;
+
+ LogDebug("issuer_pk basename[%d]:%s",
+ issuer_pk->issuerBaseNameLength,
+ dump_byte_array( issuer_pk->issuerBaseNameLength,
+ issuer_pk->issuerBaseName));
+ LogDebug("nonce_verifier[%d]:%s",
+ nonce_verifierLength,
+ dump_byte_array( nonce_verifierLength, nonce_verifier));
+ LogDebug("selected_attributes2commitLength:%d", selected_attributes2commitLength);
+ LogDebug("is_anonymity_revocation_enabled:%d", is_anonymity_revocation_enabled);
+ LogDebug("zeta[%ld]:%s", bi_nbin_size( zeta), bi_2_hex_char( zeta));
+ LogDebug("capital_t[%ld]:%s", bi_nbin_size( capital_t), bi_2_hex_char( capital_t));
+ LogDebug("capital_tilde[%ld]:%s",
+ bi_nbin_size( capital_tilde),
+ bi_2_hex_char( capital_tilde));
+ LogDebug("attribute_commitmentsLength:%d", attribute_commitmentsLength);
+ LogDebug("attribute_commitments:%d", (int)attribute_commitments);
+ LogDebug("attribute_commitment_proofs:%d", (int)attribute_commitment_proofs);
+ LogDebug("capital_nv[%ld]:%s", bi_nbin_size( capital_nv), bi_2_hex_char( capital_nv));
+ LogDebug("capital_tilde_v[%ld]:%s",
+ bi_nbin_size( capital_tilde_v),
+ bi_2_hex_char( capital_tilde_v));
+ LogDebug("anonymity_revocator_pk:%d", (int)anonymity_revocator_pk);
+ LogDebug("encryption_result_rand:%d", (int)encryption_result_rand);
+ LogDebug("encryption_result_proof:%d", (int)encryption_result_proof);
+
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, digest, NULL);
+ // update with encoded PK
+ buffer = encoded_DAA_PK_internal( &length, issuer_pk);
+ if( buffer == NULL) return NULL;
+ LogDebug("encoded issuer_pk[%d]:%s", length, dump_byte_array( length, buffer));
+ EVP_DigestUpdate(mdctx, buffer , length);
+ free( buffer);
+ // nonce verifier
+ EVP_DigestUpdate(mdctx, nonce_verifier , nonce_verifierLength);
+ // length Commitments
+ big_indian = attribute_commitmentsLength;
+ EVP_DigestUpdate(mdctx, &big_indian, sizeof(int));
+ // Anonymity enabled
+ big_indian = is_anonymity_revocation_enabled;
+ EVP_DigestUpdate(mdctx, &big_indian, sizeof(int));
+
+ update( mdctx, "zeta", zeta, DAA_PARAM_SIZE_MODULUS_GAMMA);
+ update( mdctx, "capitalT", capital_t, DAA_PARAM_SIZE_RSA_MODULUS);
+ update( mdctx, "capitalTTilde", capital_tilde, DAA_PARAM_SIZE_RSA_MODULUS);
+
+ length_gamma_modulus = DAA_PARAM_SIZE_MODULUS_GAMMA / 8;
+ buffer = (BYTE *)malloc( length_gamma_modulus);// allocation
+ if (buffer == NULL) {
+ LogError("malloc of %d bytes failed", length_gamma_modulus);
+ return NULL;
+ }
+ if( selected_attributes2commitLength > 0) {
+ for( i=0; i<selected_attributes2commitLength; i++) {
+ buffer1 = to_bytes_TSS_DAA_SELECTED_ATTRIB_internal(
+ &length,
+ selected_attributes2commit[i]);
+ EVP_DigestUpdate(mdctx, buffer1, length);
+ free( buffer1);
+ bi_2_byte_array( buffer,
+ length_gamma_modulus,
+ attribute_commitments[i]->beta);
+ EVP_DigestUpdate(mdctx,
+ buffer,
+ length_gamma_modulus);
+ bi_2_byte_array( buffer,
+ length_gamma_modulus,
+ attribute_commitment_proofs[i]->beta);
+ EVP_DigestUpdate(mdctx,
+ buffer,
+ length_gamma_modulus);
+ }
+ }
+ if( !is_anonymity_revocation_enabled) {
+ // Nv, N~v
+ bi_2_byte_array( buffer, length_gamma_modulus, capital_nv);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, capital_tilde_v);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ } else {
+ bi_2_byte_array( buffer, length_gamma_modulus, anonymity_revocator_pk->eta);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, anonymity_revocator_pk->lambda1);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, anonymity_revocator_pk->lambda2);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, anonymity_revocator_pk->lambda3);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_rand->c1);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_rand->c2);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_rand->c3);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_rand->c4);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_proof->c1);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_proof->c2);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_proof->c3);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ bi_2_byte_array( buffer, length_gamma_modulus, encryption_result_proof->c4);
+ EVP_DigestUpdate(mdctx, buffer, length_gamma_modulus);
+ }
+ free(buffer);
+ buffer = (BYTE *)malloc(EVP_MD_size(digest)); // allocation
+ if (buffer == NULL) {
+ LogError("malloc of %d bytes failed", EVP_MD_size(digest));
+ return NULL;
+ }
+ EVP_DigestFinal_ex(mdctx, buffer, result_length);
+ EVP_MD_CTX_destroy(mdctx);
+ LogDebug("compute_sign_challenge_host[%d]:%s",
+ *result_length,
+ dump_byte_array( *result_length, buffer));
+ return buffer;
+}
+
+inline int is_element_gamma( bi_ptr capital_nv, TSS_DAA_PK_internal *issuer_pk) {
+ bi_ptr tmp1 = bi_new_ptr();
+ int result;
+
+ // ( ( capital_nv ^ issuer_pk->rho ) % issuer_pk->capitalGamma ) == 1
+ result = bi_equals( bi_mod_exp( tmp1,
+ capital_nv,
+ issuer_pk->rho,
+ issuer_pk->capitalGamma),
+ bi_1);
+ bi_free_ptr( tmp1);
+ return result;
+}
+
+/* implementation derived from isValid (VerifierTransaction.java) */
+TSPICALL Tspi_DAA_VerifySignature_internal
+( TSS_HDAA hDAA, // in
+ TSS_DAA_SIGNATURE signature_ext, // in
+ TSS_HKEY hPubKeyIssuer, // in
+ TSS_DAA_SIGN_DATA sign_data, // in
+ UINT32 attributesLength, // in
+ BYTE **attributes, // in
+ UINT32 nonce_verifierLength, // out
+ BYTE *nonce_verifier, // out
+ UINT32 base_nameLength, // out
+ BYTE *base_name, // out
+ TSS_BOOL *isCorrect // out
+) {
+ int i, j;
+ DAA_VERIFIER_TRANSACTION *verifier_transaction = NULL;
+ TSS_DAA_ATTRIB_COMMIT *commitments;
+ TSS_DAA_PK_internal *issuer_pk;
+ TSS_DAA_SIGNATURE_internal *signature = NULL;
+ bi_ptr tmp1;
+ bi_array_ptr sA;
+ bi_ptr n = NULL;
+ bi_ptr c = NULL;
+ bi_ptr capital_gamma = NULL;
+ bi_ptr zeta_2_verify = NULL;
+ bi_ptr capital_z = NULL;
+ bi_array_ptr capital_R = NULL;
+ bi_ptr product_r = NULL;
+ bi_ptr exp = NULL;
+ bi_ptr capital_THat = NULL;
+ bi_ptr beta_tilde = NULL;
+ bi_ptr gamma_i = NULL;
+ bi_ptr capital_nv = NULL;
+ bi_ptr capital_ntilde_v = NULL;
+ bi_ptr pseudonym_projected = NULL;
+ bi_ptr s_tau = NULL;
+ bi_ptr delta_tilde1 = NULL;
+ bi_ptr delta_tilde2 = NULL;
+ bi_ptr delta_tilde3 = NULL;
+ bi_ptr delta_tilde4 = NULL;
+ bi_ptr attribute_i;
+ TSS_DAA_PSEUDONYM_PLAIN *pseudonym_plain;
+ CS_ENCRYPTION_RESULT *pseudonym_enc = NULL;
+ CS_ENCRYPTION_RESULT *pseudonym_encryption_proof = NULL;
+ TSS_DAA_PSEUDONYM_ENCRYPTED_internal *sig_pseudonym_encrypted = NULL;
+ CS_ENCRYPTION_RESULT_RANDOMNESS *result_random = NULL;
+ CS_ENCRYPTION_RESULT *encryption_result = NULL;
+ TSS_DAA_ATTRIB_COMMIT_internal **commitment_proofs = NULL;
+ TCS_CONTEXT_HANDLE tcsContext;
+ TSS_RESULT result = TSS_SUCCESS;
+ EVP_MD_CTX *mdctx;
+ int length_ch, len_hash, bits;
+ BYTE *ch = NULL, *hash = NULL;
+ TSS_BOOL *indices;
+
+ tmp1 = bi_new_ptr();
+ if( tmp1 == NULL) {
+ LogError("malloc of BI <%s> failed", "tmp1");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ *isCorrect = FALSE;
+ if( (result = obj_daa_get_tsp_context( hDAA, &tcsContext)) != TSS_SUCCESS)
+ goto close;
+ // allocation of issuer_pk
+ issuer_pk = e_2_i_TSS_DAA_PK( (TSS_DAA_PK *)hPubKeyIssuer);
+ if( issuer_pk == NULL) {
+ LogError("malloc of TSS_DAA_PK_internal failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // allocation of signature
+ signature = e_2_i_TSS_DAA_SIGNATURE( &signature_ext);
+ if( signature == NULL) {
+ LogError("malloc of TSS_DAA_SIGNATURE_internal failed");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ commitments = signature_ext.attributeCommitments;
+ // TODO verify consistency of sig.getSA() with selectedAttributes,..
+ sA = signature->sA;
+ if( sA->length != (int)attributesLength) {
+ LogError("Verifier Error: lengths of attributes and sA must be equal");
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ for ( i = 0; i < (int)attributesLength; i++) {
+ if ( (attributes[i] == NULL && bi_equals( sA->array[i], bi_0)) ||
+ (attributes[i] != NULL && !bi_equals( sA->array[i], bi_0))) {
+ LogError( "Verifier Error: illegal argument content in attributes\
+ and sA[%d]", i);
+ result = TSS_E_BAD_PARAMETER;
+ goto close;
+ }
+ }
+ // TODO: implement verify nonce
+ if ( verifyNonce(nonce_verifier, nonce_verifierLength) == 0) {
+ LogError("Verifier Error: nonce invalid");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ n = issuer_pk->modulus;
+ c = bi_set_as_nbin( signature->challenge_length, signature->challenge);
+ capital_gamma = issuer_pk->capitalGamma;
+ if( base_name != NULL) { // isRandomBaseName
+ zeta_2_verify = compute_zeta( base_nameLength, base_name, issuer_pk);
+ if( bi_equals( signature->zeta, zeta_2_verify) == 0) {
+ LogError("Verifier Error: Verification of zeta failed - Step 1");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ }
+ LogDebug( "step 2");
+ capital_z = issuer_pk->capitalZ;
+ capital_R = issuer_pk->capitalY;
+ product_r = bi_new_ptr();
+ if( product_r == NULL) {
+ LogError("malloc of BI <%s> failed", "product_r");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( product_r, bi_1); // product_r = 1
+ for( i=0; i<(int)attributesLength; i++) {
+ if( attributes[i] != NULL) {
+ // allocation
+ attribute_i = bi_set_as_nbin( DAA_PARAM_SIZE_F_I / 8, attributes[i]);
+ if( attribute_i == NULL) {
+ LogError("malloc of %d bytes failed", DAA_PARAM_SIZE_F_I / 8);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // tmp1 = (capital_R[i] ^ attributes[i]) mod n
+ bi_mod_exp( tmp1, capital_R->array[i], attribute_i, n);
+ // product_r = product_r * tmp1
+ bi_mul( product_r, product_r, tmp1);
+ // product_r = product_r mod n
+ bi_mod( product_r, product_r, n);
+ bi_free_ptr( attribute_i);
+ }
+ }
+ exp = bi_new_ptr();
+ if( exp == NULL) {
+ LogError("malloc of BI <%s> failed", "product_r");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capital_THat = bi_new_ptr();
+ // tmp1 = product_r invmod n
+ bi_invert_mod( tmp1, product_r, n);
+ // capital_THat = capital_z * tmp1
+ bi_mul( capital_THat, capital_z, tmp1);
+ // capital_THat = capital_THat % n
+ bi_mod( capital_THat, capital_THat, n);
+ // capital_THat = (capital_THat ^ (-c)) mod n = ( 1 / (capital_That ^ c) ) % n
+ bi_mod_exp( capital_THat, capital_THat, c, n);
+ bi_invert_mod( capital_THat, capital_THat, n);
+ // tmp1 = c << (SizeExponentCertificate - 1)
+ bi_shift_left( tmp1, c, DAA_PARAM_SIZE_EXPONENT_CERTIFICATE - 1);
+ // exp = signature->sE + tmp1
+ bi_add( exp, signature->sE, tmp1);
+ // tmp1 = (signature->capitalT ^ exp) mod n
+ bi_mod_exp( tmp1, signature->capitalT, exp, n);
+ // capital_THat = ( capital_THat * tmp1 ) % n
+ bi_mul( capital_THat, capital_THat, tmp1);
+ bi_mod( capital_THat, capital_THat, n);
+ // tmp1=( issuer_pk->capitalR0 ^ signature->sF0) % n
+ bi_mod_exp( tmp1, issuer_pk->capitalR0, signature->sF0, n);
+ // capital_THat = ( capital_THat * tmp1 ) % n
+ bi_mul( capital_THat, capital_THat, tmp1);
+ bi_mod( capital_THat, capital_THat, n);
+ // tmp1=( issuer_pk->capitalR1 ^ signature->sF1) % n
+ bi_mod_exp( tmp1, issuer_pk->capitalR1, signature->sF1, n);
+ // capital_THat = ( capital_THat * tmp1 ) % n
+ bi_mul( capital_THat, capital_THat, tmp1);
+ bi_mod( capital_THat, capital_THat, n);
+ // tmp1=( issuer_pk->capitalS ^ signature->sV) % n
+ bi_mod_exp( tmp1, issuer_pk->capitalS, signature->sV, n);
+ // capital_THat = ( capital_THat * tmp1 ) % n
+ bi_mul( capital_THat, capital_THat, tmp1);
+ bi_mod( capital_THat, capital_THat, n);
+
+ bi_set( product_r, bi_1); // product_r = 1
+ for( i=0; i<(int)attributesLength; i++) {
+ if( attributes[i] == NULL) {
+ // tmp1=(capital_R->array[i] ^ sA->array[i]) % n
+ bi_mod_exp( tmp1, capital_R->array[i], sA->array[i], n);
+ // product_r = ( product_r * tmp1 ) % n
+ bi_mul( product_r, product_r, tmp1);
+ bi_mod( product_r, product_r, n);
+ }
+ }
+ // capital_THat = (capital_THat * product_r) % n
+ bi_mod( capital_THat, bi_mul( tmp1, capital_THat, product_r), n);
+ LogDebug("Step 3 - Commitments");
+
+ //TODO when enabling the commitment feature, verifier_transaction should be set
+ #ifdef ANONYMITY_REVOCATION
+ if( verifier_transaction != NULL &&
+ verifier_transaction->selected_attributes2commitLength > 0) {
+ commitment_proofs = (TSS_DAA_ATTRIB_COMMIT_internal **)
+ malloc(verifier_transaction->selected_attributes2commitLength *
+ sizeof(TSS_DAA_ATTRIB_COMMIT_internal*));
+ if (commitment_proofs == NULL) {
+ LogError("malloc of %d bytes failed",
+ verifier_transaction->selected_attributes2commitLength *
+ sizeof(TSS_DAA_ATTRIB_COMMIT_internal*));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ for( j=0; j<verifier_transaction->selected_attributes2commitLength; j++) {
+ if( bi_cmp( commitments[j].sMu, issuer_pk->rho) >= 0 ||
+ bi_cmp_si( commitments[j].sMu, 0) < 0) {
+ LogError("sMu >= rho || sMu < 0");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ beta_tilde = bi_new_ptr();
+ if( beta_tilde == NULL) {
+ LogError("malloc of BI <%s> failed", "beta_tilde");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_set( tmp1, c);
+ bi_negate( tmp1);
+ // beta_tilde=(commitments[j]->beta ^ (-c)) % capitalGamma
+ bi_mod_exp( beta_tilde, commitments[j]->beta, tmp1, capital_gamma);
+ // tmp1=(issuer_pk->gamma ^ commitments[j]->sMu) % capital_gamma
+ bi_mod_exp( tmp1, issuer_pk->gamma, commitments[j]->sMu, capital_gamma);
+ // beta_tilde=beta_tilde * tmp1
+ bi_mul( beta_tilde, beta_tilde, tmp1);
+ // beta_tilde=beta_tilde % capital_gamma
+ bi_mod( beta_tilde, beta_tilde, capital_gamma);
+ indices = (verifier_transaction->selected_attributes2commit[j])->
+ indicesList;
+ if( verifier_transaction->selected_attributes2commit[j]->
+ indicesListLength != (UINT32)(issuer_pk->capitalY->length) ) {
+ LogError("indicesList of selected_attribs[%d] (%d) \
+and issuer_pk are not consistent (%d)\n",
+ j,
+ verifier_transaction->selected_attributes2commit[j]->
+ indicesListLength,
+ issuer_pk->capitalY->length);
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ for( i=0; i<issuer_pk->capitalY->length; i++) {
+ if( indices[i]) {
+ gamma_i = compute_parameterized_gamma( i, issuer_pk);
+ if( gamma_i == NULL) {
+ LogError("malloc of BI <%s> failed", "gamma_i");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ // tmp1=(gamma_i ^ sA[j]) % capital_gamma
+ bi_mod_exp( tmp1, gamma_i, sA->array[i], capital_gamma);
+ // beta_tilde=beta_tilde * tmp1
+ bi_mul( beta_tilde, beta_tilde, tmp1);
+ // beta_tilde=beta_tilde % capital_gamma
+ bi_mod( beta_tilde, beta_tilde, capital_gamma);
+ }
+ }
+ commitment_proofs[j] = create_TSS_DAA_ATTRIB_COMMIT( beta_tilde, NULL);
+ }
+ }
+ #endif
+ LogDebug("Step 4 - Pseudonym");
+ capital_nv = bi_new_ptr();
+ if( capital_nv == NULL) {
+ LogError("malloc of BI <%s> failed", "capital_nv");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ capital_ntilde_v = bi_new_ptr();
+ if( capital_ntilde_v == NULL) {
+ LogError("malloc of BI <%s> failed", "capital_ntilde_v");
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ bi_shift_left( tmp1, signature->sF1, DAA_PARAM_SIZE_F_I);
+ bi_add( exp, signature->sF0, tmp1);
+ pseudonym_projected = bi_new_ptr();
+ // pseudonym_projected = (signature->zeta ^ exp) % capital_gamma
+ bi_mod_exp( pseudonym_projected, signature->zeta, exp, capital_gamma);
+ pseudonym_enc = NULL;
+ pseudonym_encryption_proof = NULL;
+ //TODO when enabling the commitment feature, verifier_transaction should be set
+ if( verifier_transaction == NULL ||
+ verifier_transaction->is_anonymity_revocation_enabled ==0) {
+ // anonymity revocation not enabled
+ pseudonym_plain = (TSS_DAA_PSEUDONYM_PLAIN *)signature_ext.signedPseudonym;
+ capital_nv = bi_set_as_nbin( pseudonym_plain->capitalNvLength,
+ pseudonym_plain->capitalNv);
+//TODO
+ // capital_ntilde_v = ( capital_nv ^ ( - c) ) % capital_gamma
+ // = ( 1 / (capital_nv ^ c) % capital_gamma) % capital_gamma
+ bi_mod_exp( tmp1, capital_nv, c, capital_gamma);
+ bi_invert_mod( capital_ntilde_v, tmp1, capital_gamma);
+ // capital_ntilde_v = ( capital_ntilde_v * pseudonym_projected ) % capital_gamma
+ bi_mul(capital_ntilde_v, capital_ntilde_v, pseudonym_projected);
+ bi_mod( capital_ntilde_v, capital_ntilde_v, capital_gamma);
+ } else {
+#ifdef ANONYMITY_REVOCATION
+ // anonymity revocation enabled
+ sig_pseudonym_encrypted = (TSS_DAA_PSEUDONYM_ENCRYPTED_internal *)pseudonym;
+ s_tau = sig_pseudonym_encrypted->sTau;
+ pseudonym_enc = sig_pseudonym_encrypted->cs_enc_result;
+ // Note: It verifies if s_tau <= rho
+ result_random = compute_ecryption_proof(
+ pseudonym_projected,
+ pseudonym_enc->c1,
+ pseudonym_enc->c2,
+ pseudonym_enc->c3,
+ s_tau,
+ verifier_transaction->anonymity_revocator_pk, issuer_pk,
+ verifier_transaction->anonymity_revocation_condition,
+ verifier_transaction->anonymity_revocation_condition_length,
+ DAA_PARAM_get_message_digest() );
+ encryption_result = result_random->result;
+ delta_tilde1 = apply_challenge( encryption_result->c1,
+ pseudonym_enc->c1,
+ c,
+ capital_gamma);
+ delta_tilde2 = apply_challenge( encryption_result->c2,
+ pseudonym_enc->c2,
+ c,
+ capital_gamma);
+ delta_tilde3 = apply_challenge( encryption_result->c3,
+ pseudonym_enc->c3,
+ c,
+ capital_gamma);
+ delta_tilde4 = apply_challenge( encryption_result->c4,
+ pseudonym_enc->c4,
+ c,
+ capital_gamma);
+ pseudonym_encryption_proof = create_CS_ENCRYPTION_RESULT( delta_tilde1,
+ delta_tilde2,
+ delta_tilde3,
+ delta_tilde4);
+#endif
+ }
+
+ // TODO: Step 5 - Callback
+ LogDebug("Step 5 - Callback");
+
+ LogDebug("Step 6 - Hash");
+ ch = compute_sign_challenge_host(
+ &length_ch,
+ DAA_PARAM_get_message_digest(),
+ issuer_pk,
+ nonce_verifierLength,
+ nonce_verifier,
+ 0, // verifier_transaction->selected_attributes2commitLength,
+ NULL, //verifier_transaction->selected_attributes2commit,
+ 0, // verifier_transaction->is_anonymity_revocation_enabled,
+ signature->zeta,
+ signature->capitalT,
+ capital_THat,
+ 0, //signature_ext.attributeCommitmentsLength,
+ NULL, // signature_ext.attributeCommitments,
+ commitment_proofs,
+ capital_nv,
+ capital_ntilde_v,
+ NULL, // verifier_transaction->anonymity_revocator_pk,
+ pseudonym_enc,
+ pseudonym_encryption_proof);
+ LogDebug("calculation of c: ch[%d]%s", length_ch, dump_byte_array( length_ch, ch));
+ LogDebug("calculation of c: nonce_tpm[%d]%s",
+ signature->nonce_tpm_length,
+ dump_byte_array( signature->nonce_tpm_length, signature->nonce_tpm));
+ LogDebug("calculation of c: sign_data.payloadFlag[%d]%x", 1, sign_data.payloadFlag);
+ LogDebug("calculation of c: signdata.payload[%d]%s",
+ sign_data.payloadLength,
+ dump_byte_array( sign_data.payloadLength, sign_data.payload));
+ mdctx = EVP_MD_CTX_create();
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ EVP_DigestUpdate(mdctx, ch, length_ch);
+ EVP_DigestUpdate(mdctx, signature->nonce_tpm, signature->nonce_tpm_length);
+ len_hash = EVP_MD_size( DAA_PARAM_get_message_digest());
+ hash = (BYTE *)malloc( len_hash);// allocation
+ if (hash == NULL) {
+ LogError("malloc of %d bytes failed", len_hash);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ EVP_DigestFinal_ex(mdctx, hash, NULL);
+ EVP_DigestInit_ex(mdctx, DAA_PARAM_get_message_digest(), NULL);
+ EVP_DigestUpdate(mdctx, hash, EVP_MD_size( DAA_PARAM_get_message_digest()));
+ EVP_DigestUpdate(mdctx, &sign_data.payloadFlag, 1);
+ EVP_DigestUpdate(mdctx, sign_data.payload, sign_data.payloadLength);
+ len_hash = EVP_MD_size( DAA_PARAM_get_message_digest());
+ free( hash);
+ hash = (BYTE *)malloc( len_hash);// allocation
+ if (hash == NULL) {
+ LogError("malloc of %d bytes failed", len_hash);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto close;
+ }
+ EVP_DigestFinal(mdctx, hash, NULL);
+
+ if( signature->challenge_length != len_hash ||
+ memcmp( signature->challenge, hash, len_hash) != 0) {
+ LogError( "Verification of c failed - Step 6.c.i");
+ LogError(" - challenge[%d] : %s",
+ signature->challenge_length,
+ dump_byte_array( signature->challenge_length, signature->challenge));
+ LogError(" - hash[%d] : %s",
+ len_hash,
+ dump_byte_array( len_hash, hash));
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ if( verifier_transaction == NULL ||
+ !verifier_transaction->is_anonymity_revocation_enabled) {
+ // Nv element <gamma> ?
+ if( !is_element_gamma( capital_nv, issuer_pk) ) {
+ LogError( "Verification of Nv failed - Step 4.b.i");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ } else {
+ // are delta1-4 element <gamma> ?
+ if( !( is_element_gamma( pseudonym_enc->c1, issuer_pk) &&
+ is_element_gamma( pseudonym_enc->c2, issuer_pk) &&
+ is_element_gamma( pseudonym_enc->c3, issuer_pk) &&
+ is_element_gamma( pseudonym_enc->c4, issuer_pk))) {
+ LogError( "Verification of delta1-4 failed - Step 4.c.i");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ }
+ // zeta element <gamma>
+ if( !is_element_gamma( signature->zeta, issuer_pk)) {
+ LogError( "Verification of zeta failed - Step 4.b/c.i");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ bits = DAA_PARAM_SIZE_F_I + DAA_PARAM_SAFETY_MARGIN +
+ DAA_PARAM_SIZE_MESSAGE_DIGEST + 1;
+ if( bi_length( signature->sF0) > bits) {
+ LogError("Verification of sF0 failed - Step 6.c.ii");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ if( bi_length( signature->sF1) > bits) {
+ LogError("Verification of sF1 failed - Step 6.c.ii");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ // attributes extension
+ for( i=0; i<sA->length; i++) {
+ if( sA->array[i] != NULL && bi_length(sA->array[i]) > bits) {
+ LogError( "Verification of sA[%d] failed - Step 6.c.ii", i);
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ }
+ bits = DAA_PARAM_SIZE_INTERVAL_EXPONENT_CERTIFICATE +
+ DAA_PARAM_SAFETY_MARGIN + DAA_PARAM_SIZE_MESSAGE_DIGEST + 1;
+ if( bi_length( signature->sE) > bits) {
+ LogError("Verification of sE failed - Step 6.c.iii");
+ result = TSS_E_INTERNAL_ERROR;
+ goto close;
+ }
+ // step 4
+ // TODO: implement revocation list
+ *isCorrect = TRUE;
+close:
+ EVP_MD_CTX_destroy(mdctx);
+ bi_free_ptr( tmp1);
+ if( ch != NULL) free( ch);
+ if( hash != NULL) free( hash);
+ free_TSS_DAA_PK_internal( issuer_pk);
+ free_TSS_DAA_SIGNATURE_internal( signature);
+ // n not allocated, refere to issuer_pk->modulus
+ FREE_BI( c);
+ // capital_gamma not allocated, refere to issuer_pk->capitalGamma
+ FREE_BI( zeta_2_verify);
+ // capital_z not allocated, refere to issuer_pk->capitalZ
+ // capital_R not allocated, refere to issuer_pk->capitalY
+ FREE_BI( product_r);
+ FREE_BI( exp);
+ FREE_BI( capital_THat);
+ // beta_tilde kept on TSS_DAA_ATTRIB_COMMIT
+ FREE_BI( gamma_i);
+ FREE_BI( capital_nv);
+ FREE_BI( capital_ntilde_v);
+ FREE_BI( pseudonym_projected);
+ FREE_BI( s_tau);
+ // delta_tilde1 kept on CS_ENCRYPTION_RESULT
+ // delta_tilde2 kept on CS_ENCRYPTION_RESULT
+ // delta_tilde3 kept on CS_ENCRYPTION_RESULT
+ // delta_tilde4 kept on CS_ENCRYPTION_RESULT
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/test_sign.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/test_sign.c
new file mode 100644
index 0000000..816e9b3
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/test_sign.c
@@ -0,0 +1,241 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+
+#include "daa_structs.h"
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "spi_internal_types.h"
+#include "spi_utils.h"
+#include "obj.h"
+#include "tsplog.h"
+#include "daa_parameter.h"
+#include "verifier.h"
+#include "platform.h"
+
+// for RSA Key
+#include <openssl/rsa.h>
+
+#define DEFAULT_CREDENTIAL_FILENAME "credential.txt"
+#define DEFAULT_OWN_PASSWD "OWN_PWD"
+
+int print_usage(char *exec) {
+ fprintf(stderr, "usage: %s\n", exec);
+ fprintf(stderr,
+ "\t-m,\t--message\n\t\tif define, the data is signed using this message\n\
+\t\totherwise an AIK will be generated and used\n");
+ fprintf(stderr,
+ "\t-pw,\t--passwd\n\t\ttpm owner password (default: %s)\n",
+ DEFAULT_OWN_PASSWD);
+ fprintf(stderr,
+ "\t-cr,\t--credential\n\t\tcredential filename (default: %s)\n",
+ DEFAULT_CREDENTIAL_FILENAME);
+ return -1;
+}
+
+int main(int argc, char *argv[]) {
+ TSS_HCONTEXT hContext;
+ TSS_RESULT result;
+ TSS_HTPM hTPM;
+ TSS_HPOLICY hPolicy;
+ char *credential_filename = DEFAULT_CREDENTIAL_FILENAME;
+ UINT32 nonceVerifierLength;
+ BYTE *nonceVerifier;
+ TSS_HDAA hDAA;
+ TSS_DAA_CREDENTIAL *hDaaCredential;
+ TSS_DAA_SIGN_DATA signData;
+ TSS_DAA_SIGNATURE daaSignature;
+ TSS_DAA_SELECTED_ATTRIB revealAttributes;
+ char *szTpmPasswd = DEFAULT_OWN_PASSWD;
+ char *message = NULL;
+ BYTE **attributes = NULL;
+ FILE *file;
+ char *param;
+ int i, length, rv;
+ bi_ptr random = NULL;
+ TSS_BOOL isCorrect;
+ EVP_MD_CTX *mdctx;
+ TSS_HKEY hKEY;
+
+ init_tss_version( &signData);
+ init_tss_version( &daaSignature);
+ init_tss_version( &revealAttributes);
+ i = 1;
+ while( i < argc) {
+ param = argv[ i];
+ if ( strcmp( param, "-m") == 0 || strcmp( param, "--message") == 0) {
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ message = argv[i];
+ } else if( strcmp( param, "-cr") == 0 || strcmp( param, "--credential") == 0){
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ credential_filename = argv[i];
+ } else if( strcmp( param, "-pw") == 0 || strcmp( param, "--passwd") == 0){
+ i++;
+ if( i == argc) return print_usage( argv[0]);
+ szTpmPasswd = argv[i];
+ } else {
+ fprintf(stderr, "%s:unrecognized option `%s'\n", argv[0], param);
+ return print_usage( argv[0]);
+ }
+ i++;
+ }
+ bi_init( NULL);
+ printf("Loading credential: %s ", credential_filename);
+ file = fopen( credential_filename, "r");
+ if( (hDaaCredential = load_TSS_DAA_CREDENTIAL( file)) == 0) {
+ LogError( "[test_join]: Error when loading \'%s\': %s\n",
+ credential_filename,
+ strerror( errno));
+ result = TSS_E_FAIL;
+ goto out_close;
+ }
+ fclose( file);
+ printf("Done\n");
+
+ // Create Context
+ LogDebug("Create Context");
+ result = Tspi_Context_Create( &hContext );
+ if ( result != TSS_SUCCESS )
+ {
+ LogError( "Tspi_Context_Create %d\n", result );
+ goto out;
+ }
+ // Connect to Context
+ result = Tspi_Context_Connect( hContext, NULL );
+ if ( result != TSS_SUCCESS) goto out_close;
+ printf("\nConnect to the context: %X\n", hContext);
+
+ if( (result = Tspi_Context_GetTpmObject( hContext, &hTPM)) != TSS_SUCCESS)
+ goto out_close;
+ // Get the correct policy using the TPM ownership PASSWD
+ if( (result = Tspi_GetPolicyObject( hTPM, TSS_POLICY_USAGE, &hPolicy)) != TSS_SUCCESS)
+ goto out_close;
+ if( (result = Tspi_Policy_SetSecret( hPolicy,
+ TSS_SECRET_MODE_PLAIN,
+ strlen( szTpmPasswd),
+ szTpmPasswd)) != TSS_SUCCESS)
+ goto out_close;
+ LogDebug("Tspi_Policy_SetSecret hPolicy received;%d", hPolicy);
+
+ //Create Object
+ result = obj_daa_add( hContext, &hDAA);
+ if (result != TSS_SUCCESS) {
+ LogError("Tspi_Context_CreateObject:%d", result);
+ Tspi_Context_Close(hContext);
+ LogError("%s: %s", argv[0], err_string(result));
+ exit(result);
+ }
+ LogDebug("created DAA object:%X", hDAA);
+
+ // TODO: verifier base name ??
+ result = Tspi_DAA_VerifyInit(
+ hDAA, // in
+ &nonceVerifierLength, // out
+ &nonceVerifier, // out
+ 0, //baseNameLength, // out
+ NULL //baseName // out
+ );
+ if (result != TSS_SUCCESS) goto out_close;
+ LogDebug("Verify Init return nonceVerifier [%s]",
+ dump_byte_array( nonceVerifierLength, nonceVerifier));
+
+ create_TSS_DAA_SELECTED_ATTRIB( &revealAttributes, 5, 0, 1, 1, 0, 0);
+
+ mdctx = EVP_MD_CTX_create();
+
+ // create the TSS_DAA_SIGN_DATA struct
+ // .selector: 0 -> payload contains a handle to an AIK
+ // 1 -> payload contains a hashed message
+ if( message != NULL) {
+ signData.selector = TSS_FLAG_DAA_SIGN_MESSAGE_HASH;
+ signData.payloadFlag = TSS_FLAG_DAA_SIGN_MESSAGE_HASH;
+ EVP_DigestInit(mdctx, DAA_PARAM_get_message_digest());
+ EVP_DigestUpdate(mdctx, (BYTE *)message, strlen( message));
+ signData.payloadLength = EVP_MD_CTX_size(mdctx);
+ signData.payload = (BYTE *)EVP_MD_CTX_create();
+ EVP_DigestFinal(mdctx, signData.payload, NULL);
+ } else {
+ signData.selector = TSS_FLAG_DAA_SIGN_IDENTITY_KEY;
+ result = Tspi_Context_CreateObject(
+ hContext, // in
+ TSS_OBJECT_TYPE_RSAKEY, // in
+ TSS_KEY_SIZE_2048, // in
+ &hKEY // out
+ );
+ if( result != TSS_SUCCESS) goto out_close;
+
+ }
+
+ result = Tspi_TPM_DAA_Sign(
+ hDAA, // in
+ hTPM, // in
+ (TSS_HKEY)hDaaCredential, // in
+ revealAttributes, // in
+ 0, // verifierBaseNameLength, // in
+ NULL, // verifierBaseName, // in
+ nonceVerifierLength, // in
+ nonceVerifier, // in
+ signData, // in
+ &daaSignature // out
+ );
+ if (result != TSS_SUCCESS) goto out_close;
+ LogDebug("TPM_DAA_Sign return daaSignature [%s]",
+ dump_byte_array( nonceVerifierLength, nonceVerifier));
+
+ // generate attributes list but without copying the not revealed ones
+ attributes = malloc( sizeof(BYTE *) * hDaaCredential->attributesLength);
+ for( i=0; i < (int)(hDaaCredential->attributesLength); i++) {
+ if( revealAttributes.indicesList[i]) {
+ attributes[i] = (BYTE *)malloc( DAA_PARAM_SIZE_F_I / 8);
+ memcpy( attributes[i],
+ hDaaCredential->attributes[i],
+ DAA_PARAM_SIZE_F_I / 8);
+ } else {
+ attributes[i] = NULL;
+ }
+ }
+
+ result = Tspi_DAA_VerifySignature(
+ hDAA, // in
+ daaSignature, // in
+ (TSS_HKEY)&(hDaaCredential->issuerPK), // in
+ signData, // in
+ hDaaCredential->attributesLength, // in
+ attributes, // in
+ nonceVerifierLength, // in
+ nonceVerifier, // in
+ 0, //baseNameLength, //in
+ NULL, // in
+ &isCorrect // out
+ );
+ printf("Signature correct:%s\n", ( isCorrect ? "yes" : "no"));
+
+out_close:
+ EVP_MD_CTX_destroy(mdctx);
+ if( attributes != NULL) {
+ for( i=0; i<(int)hDaaCredential->attributesLength; i++) {
+ if( attributes[i] != NULL) free( attributes[i]);
+ }
+ free( attributes);
+ }
+ if( random != NULL) bi_free_ptr( random);
+ Tspi_Context_FreeMemory( hContext, NULL );
+ Tspi_Context_Close( hContext );
+out:
+ bi_release();
+ LogDebug("THE END result=%d:%s",result, err_string( result) );;
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/utils/list.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/utils/list.c
new file mode 100644
index 0000000..634129b
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/daa/utils/list.c
@@ -0,0 +1,66 @@
+
+/*
+* Licensed Materials - Property of IBM
+*
+* trousers - An open source TCG Software Stack
+*
+* (C) Copyright International Business Machines Corp. 2006
+*
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <list.h>
+
+#include "tsplog.h"
+
+list_ptr list_new( void) {
+ list_ptr list = (list_ptr)malloc( sizeof( list_struct));
+
+ if( list == NULL) return NULL;
+ list->head = NULL;
+ return list;
+}
+
+void list_add(list_ptr list, void *obj) {
+ list->current = (node_t *) malloc (sizeof(struct _list_t));
+ if (list->current == NULL) {
+ LogError("[list_add] malloc of %d bytes failed", sizeof(struct _list_t));
+ return;
+ }
+ if( list->head == NULL) {
+ list->head = list->current;
+ } else
+ list->previous->next = list->current;
+ list->current->obj = obj;
+ list->current->next = NULL;
+ list->previous = list->current;
+}
+
+void list_dump(list_ptr list) {
+ node_t *current;
+
+ if( list->head == NULL) // if head has not been altered
+ puts("no data"); // list is empty
+ else {
+ current = list->head; // go to first node
+ do {
+ printf("%d\n", (int)current->obj); // print value at current node
+ current = current->next; // traverse through the list
+ } while(current != NULL); // until current node is NULL
+ }
+}
+
+void list_freeall(list_ptr list) {
+ node_t *current = list->head; // go to first node
+ node_t *next;
+
+ if( list->head != NULL) {
+ current = list->head; // go to first node
+ do {
+ next = current->next;
+ free(current);
+ current = next;
+ } while(current != NULL); // until current node is NULL
+ }
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/callbacks.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/callbacks.c
new file mode 100644
index 0000000..86570fc
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/callbacks.c
@@ -0,0 +1,163 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <gtk/gtk.h>
+#include <string.h>
+
+#undef TRUE
+#undef FALSE
+
+#include "callbacks.h"
+#include "interface.h"
+#include "support.h"
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "tsplog.h"
+
+
+/* Callbacks for the simple password dialog */
+
+void
+on_inputdialog1_destroy(GtkObject *object, struct userdata *user_data)
+{
+ gtk_widget_destroy(user_data->window);
+ gtk_main_quit();
+}
+
+
+void
+on_dialog1_close(GtkDialog *dialog, struct userdata *user_data)
+{
+ gtk_widget_destroy(user_data->window);
+ gtk_main_quit();
+}
+
+
+void
+on_cancelbutton1_clicked(GtkButton *button, struct userdata *user_data)
+{
+ LogDebugFn();
+ gtk_widget_destroy(user_data->window);
+ user_data->string_len = 0;
+ gtk_main_quit();
+}
+
+
+void
+on_okbutton1_clicked(GtkButton *button, struct userdata *user_data)
+{
+ const gchar *entry_text = gtk_entry_get_text (GTK_ENTRY(user_data->entry));
+
+ LogDebugFn();
+ user_data->string = (char *)Trspi_Native_To_UNICODE((BYTE *)entry_text,
+ &user_data->string_len);
+ gtk_widget_destroy(user_data->window);
+
+ gtk_main_quit();
+}
+
+
+gboolean
+enter_event(GtkWidget *widget, struct userdata *user_data)
+{
+ const gchar *entry_text = gtk_entry_get_text (GTK_ENTRY(user_data->entry));
+
+ LogDebugFn();
+ user_data->string = (char *)Trspi_Native_To_UNICODE((BYTE *)entry_text,
+ &user_data->string_len);
+ gtk_widget_destroy(user_data->window);
+
+ gtk_main_quit();
+ return TRUE;
+}
+
+
+/* Callbacks for the new password dialog */
+void
+on_entryPassword_activate(GtkEntry *entry, struct userdata *user_data)
+{
+ const gchar *entryPass_text = gtk_entry_get_text (GTK_ENTRY(user_data->entryPass));
+ const gchar *entryConf_text = gtk_entry_get_text (GTK_ENTRY(user_data->entryConf));
+ int len = strlen(entryConf_text);
+
+ if (strlen(entryConf_text) == strlen(entryPass_text)) {
+ if (!memcmp(entryPass_text, entryConf_text, len)) {
+ user_data->string = (char *)Trspi_Native_To_UNICODE((BYTE *)entryConf_text,
+ &user_data->string_len);
+ gtk_widget_destroy(user_data->window);
+ gtk_main_quit();
+
+ LogDebugFn("string len ptr: %p, value = %u", &user_data->string_len,
+ user_data->string_len);
+ return;
+ }
+ }
+
+ gtk_widget_grab_focus(user_data->entryConf);
+}
+
+void
+on_entryConfirm_activate(GtkEntry *entry, struct userdata *user_data)
+{
+ const gchar *entryPass_text = gtk_entry_get_text (GTK_ENTRY(user_data->entryPass));
+ const gchar *entryConf_text = gtk_entry_get_text (GTK_ENTRY(user_data->entryConf));
+ unsigned len = strlen(entryConf_text);
+
+ if (strlen(entryConf_text) == strlen(entryPass_text)) {
+ if (!memcmp(entryPass_text, entryConf_text, len)) {
+ user_data->string = (char *)Trspi_Native_To_UNICODE((BYTE *)entryConf_text,
+ &user_data->string_len);
+ gtk_widget_destroy(user_data->window);
+ gtk_main_quit();
+
+ LogDebugFn("string len ptr: %p, value = %u", &user_data->string_len,
+ user_data->string_len);
+ return;
+ }
+ }
+
+ gtk_widget_grab_focus(user_data->entryPass);
+}
+
+void
+on_cancelbutton2_clicked(GtkButton *button, struct userdata *user_data)
+{
+ LogDebugFn();
+ gtk_widget_destroy(user_data->window);
+ user_data->string_len = 0;
+ gtk_main_quit();
+}
+
+void
+on_okbutton2_clicked(GtkButton *button, struct userdata *user_data)
+{
+ const gchar *entryPass_text = gtk_entry_get_text (GTK_ENTRY(user_data->entryPass));
+ const gchar *entryConf_text = gtk_entry_get_text (GTK_ENTRY(user_data->entryConf));
+ unsigned len = strlen(entryConf_text);
+
+ if (strlen(entryConf_text) == strlen(entryPass_text)) {
+ if (!memcmp(entryPass_text, entryConf_text, len)) {
+ user_data->string = (char *)Trspi_Native_To_UNICODE((BYTE *)entryConf_text,
+ &user_data->string_len);
+ gtk_widget_destroy(user_data->window);
+ gtk_main_quit();
+
+ LogDebugFn("string len ptr: %p, value = %u", &user_data->string_len,
+ user_data->string_len);
+ return;
+ }
+ }
+
+ gtk_widget_grab_focus(user_data->entryPass);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/callbacks.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/callbacks.h
new file mode 100644
index 0000000..1fca617
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/callbacks.h
@@ -0,0 +1,58 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _CALLBACKS_H_
+#define _CALLBACKS_H_
+
+#include <gtk/gtk.h>
+
+#include "interface.h"
+
+/* Callbacks for the simple text imput dialog */
+
+void
+on_dialog1_close (GtkDialog *dialog,
+ struct userdata *user_data);
+
+void
+on_cancelbutton1_clicked (GtkButton *button,
+ struct userdata *user_data);
+
+void
+on_okbutton1_clicked (GtkButton *button,
+ struct userdata *user_data);
+
+gboolean
+enter_event (GtkWidget *widget,
+ struct userdata *user_data);
+
+void
+on_inputdialog1_destroy (GtkObject *object,
+ struct userdata *user_data);
+
+/* Callbacks for the new password dialog */
+
+void
+on_entryPassword_activate (GtkEntry *entry,
+ struct userdata *user_data);
+
+void
+on_entryConfirm_activate (GtkEntry *entry,
+ struct userdata *user_data);
+
+void
+on_cancelbutton2_clicked (GtkButton *button,
+ struct userdata *user_data);
+
+void
+on_okbutton2_clicked (GtkButton *button,
+ struct userdata *user_data);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/interface.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/interface.c
new file mode 100644
index 0000000..c295beb
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/interface.c
@@ -0,0 +1,299 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2005
+ *
+ */
+
+/*
+ * DO NOT EDIT THIS FILE - it is generated by Glade.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+
+#include <gdk/gdkkeysyms.h>
+#include <gtk/gtk.h>
+
+#include "callbacks.h"
+#include "interface.h"
+#include "support.h"
+
+#define GLADE_HOOKUP_OBJECT(component,widget,name) \
+ g_object_set_data_full (G_OBJECT (component), name, \
+ gtk_widget_ref (widget), (GDestroyNotify) gtk_widget_unref)
+
+#define GLADE_HOOKUP_OBJECT_NO_REF(component,widget,name) \
+ g_object_set_data (G_OBJECT (component), name, widget)
+
+GtkWidget*
+create_password_dialog (struct userdata *ud, char *message)
+{
+ GtkWidget *dialog1;
+ GtkWidget *dialog_vbox1;
+ GtkWidget *vbox1;
+ GtkWidget *entry;
+ GtkWidget *alignment1;
+ GtkWidget *table2;
+ GtkWidget *label1;
+ GtkWidget *alignment2;
+ GtkWidget *table1;
+ GtkWidget *dialog_action_area1;
+ GtkWidget *cancelbutton1;
+ GtkWidget *okbutton1;
+ GtkTooltips *tooltips;
+
+ tooltips = gtk_tooltips_new ();
+
+ dialog1 = gtk_dialog_new ();
+ gtk_widget_set_size_request (dialog1, 300, 150);
+ //gtk_tooltips_set_tip (tooltips, dialog1, _("This is a box for entering dialogue"), NULL);
+ gtk_window_set_title (GTK_WINDOW (dialog1), _("TSS Password"));
+ //gtk_window_set_title (GTK_WINDOW (dialog1), message);
+ gtk_window_set_position (GTK_WINDOW (dialog1), GTK_WIN_POS_CENTER);
+ gtk_window_set_default_size (GTK_WINDOW (dialog1), 300, 150);
+
+ dialog_vbox1 = GTK_DIALOG (dialog1)->vbox;
+ gtk_widget_show (dialog_vbox1);
+
+ vbox1 = gtk_vbox_new (TRUE, 0);
+ gtk_widget_show (vbox1);
+ gtk_box_pack_start (GTK_BOX (dialog_vbox1), vbox1, TRUE, TRUE, 0);
+
+ alignment1 = gtk_alignment_new (0.5, 0.5, 1, 1);
+ gtk_widget_show (alignment1);
+ gtk_box_pack_start (GTK_BOX (vbox1), alignment1, FALSE, FALSE, 0);
+
+ table2 = gtk_table_new (3, 3, FALSE);
+ gtk_widget_show (table2);
+ gtk_container_add (GTK_CONTAINER (alignment1), table2);
+
+ //label1 = gtk_label_new (_("Please enter a password, or not."));
+ label1 = gtk_label_new (message);
+ gtk_widget_show (label1);
+ gtk_table_attach (GTK_TABLE (table2), label1, 1, 2, 1, 2,
+ (GtkAttachOptions) (GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ gtk_label_set_justify (GTK_LABEL (label1), GTK_JUSTIFY_LEFT);
+ gtk_misc_set_alignment (GTK_MISC (label1), 0, 0.5);
+
+ alignment2 = gtk_alignment_new (0.5, 0.5, 1, 1);
+ gtk_widget_show (alignment2);
+ gtk_box_pack_start (GTK_BOX (vbox1), alignment2, TRUE, TRUE, 0);
+
+ table1 = gtk_table_new (2, 3, FALSE);
+ gtk_widget_show (table1);
+ gtk_container_add (GTK_CONTAINER (alignment2), table1);
+
+ entry = gtk_entry_new ();
+ gtk_widget_show (entry);
+ gtk_table_attach (GTK_TABLE (table1), entry, 1, 2, 0, 1,
+ (GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ //gtk_tooltips_set_tip (tooltips, entry, _("This is where you enter the characters of your password, using the computer input device of your choice."), NULL);
+ gtk_entry_set_max_length (GTK_ENTRY (entry), 255);
+ gtk_entry_set_visibility (GTK_ENTRY (entry), FALSE);
+
+ dialog_action_area1 = GTK_DIALOG (dialog1)->action_area;
+ gtk_widget_show (dialog_action_area1);
+ gtk_button_box_set_layout (GTK_BUTTON_BOX (dialog_action_area1), GTK_BUTTONBOX_END);
+
+ cancelbutton1 = gtk_button_new_from_stock ("gtk-cancel");
+ gtk_widget_show (cancelbutton1);
+ gtk_dialog_add_action_widget (GTK_DIALOG (dialog1), cancelbutton1, GTK_RESPONSE_CANCEL);
+ GTK_WIDGET_SET_FLAGS (cancelbutton1, GTK_CAN_DEFAULT);
+ //gtk_tooltips_set_tip (tooltips, cancelbutton1, _("Depress this button in order to indicate that you would like to cancel the submitting of authorization data at this time."), NULL);
+
+ okbutton1 = gtk_button_new_from_stock ("gtk-ok");
+ gtk_widget_show (okbutton1);
+ gtk_dialog_add_action_widget (GTK_DIALOG (dialog1), okbutton1, GTK_RESPONSE_OK);
+ GTK_WIDGET_SET_FLAGS (okbutton1, GTK_CAN_DEFAULT);
+ //gtk_tooltips_set_tip (tooltips, okbutton1, _("Depress this button in order to indicate that you have completed the entry of your authorization data."), NULL);
+
+ /* We need to pass the window in to destroy it */
+ ud->window = dialog1;
+ /* Here we need a pointer to the entry to grab the text out of it */
+ ud->entry = entry;
+
+ g_signal_connect ((gpointer) dialog1, "close",
+ G_CALLBACK (on_dialog1_close),
+ ud);
+
+ g_signal_connect ((gpointer) dialog1, "destroy",
+ G_CALLBACK (on_inputdialog1_destroy),
+ ud);
+
+ g_signal_connect ((gpointer) entry, "activate",
+ G_CALLBACK (enter_event),
+ ud);
+
+ g_signal_connect ((gpointer) cancelbutton1, "clicked",
+ G_CALLBACK (on_cancelbutton1_clicked),
+ ud);
+
+ g_signal_connect ((gpointer) okbutton1, "clicked",
+ G_CALLBACK (on_okbutton1_clicked),
+ ud);
+
+ /* Store pointers to all widgets, for use by lookup_widget(). */
+ GLADE_HOOKUP_OBJECT_NO_REF (dialog1, dialog1, "dialog1");
+ GLADE_HOOKUP_OBJECT_NO_REF (dialog1, dialog_vbox1, "dialog_vbox1");
+ GLADE_HOOKUP_OBJECT (dialog1, vbox1, "vbox1");
+ GLADE_HOOKUP_OBJECT (dialog1, alignment1, "alignment1");
+ GLADE_HOOKUP_OBJECT (dialog1, table2, "table2");
+ GLADE_HOOKUP_OBJECT (dialog1, label1, "label1");
+ GLADE_HOOKUP_OBJECT (dialog1, alignment2, "alignment2");
+ GLADE_HOOKUP_OBJECT (dialog1, table1, "table1");
+ GLADE_HOOKUP_OBJECT (dialog1, entry, "entry");
+ GLADE_HOOKUP_OBJECT_NO_REF (dialog1, dialog_action_area1, "dialog_action_area1");
+ GLADE_HOOKUP_OBJECT (dialog1, cancelbutton1, "cancelbutton1");
+ GLADE_HOOKUP_OBJECT (dialog1, okbutton1, "okbutton1");
+ GLADE_HOOKUP_OBJECT_NO_REF (dialog1, tooltips, "tooltips");
+
+ return dialog1;
+}
+
+GtkWidget*
+create_new_password_dialog (struct userdata *ud, char *message)
+{
+ GtkWidget *dialog1;
+ GtkWidget *dialog_vbox1;
+ GtkWidget *vbox1;
+ GtkWidget *table2;
+ GtkWidget *label7;
+ GtkWidget *table1;
+ GtkWidget *label5;
+ GtkWidget *label6;
+ GtkWidget *entryPassword;
+ GtkWidget *entryConfirm;
+ GtkWidget *dialog_action_area1;
+ GtkWidget *cancelbutton2;
+ GtkWidget *okbutton2;
+
+ dialog1 = gtk_dialog_new ();
+ gtk_widget_set_size_request (dialog1, 300, 150);
+ gtk_window_set_title (GTK_WINDOW (dialog1), "TSS Password");
+ //gtk_window_set_title (GTK_WINDOW (dialog1), message);
+
+ dialog_vbox1 = GTK_DIALOG (dialog1)->vbox;
+ gtk_widget_show (dialog_vbox1);
+
+ vbox1 = gtk_vbox_new (FALSE, 0);
+ gtk_widget_show (vbox1);
+ gtk_box_pack_start (GTK_BOX (dialog_vbox1), vbox1, TRUE, TRUE, 0);
+
+ table2 = gtk_table_new (3, 3, FALSE);
+ gtk_widget_show (table2);
+ gtk_box_pack_start (GTK_BOX (vbox1), table2, TRUE, TRUE, 0);
+
+ //label7 = gtk_label_new (_("Please enter a new password below."));
+ label7 = gtk_label_new (message);
+ gtk_widget_show (label7);
+ gtk_table_attach (GTK_TABLE (table2), label7, 1, 2, 1, 2,
+ (GtkAttachOptions) (GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ gtk_label_set_justify (GTK_LABEL (label7), GTK_JUSTIFY_LEFT);
+ gtk_misc_set_alignment (GTK_MISC (label7), 0, 0.5);
+
+ table1 = gtk_table_new (5, 5, FALSE);
+ gtk_widget_show (table1);
+ gtk_box_pack_start (GTK_BOX (vbox1), table1, TRUE, TRUE, 0);
+
+ label5 = gtk_label_new (_("Password:"));
+ gtk_widget_show (label5);
+ gtk_table_attach (GTK_TABLE (table1), label5, 1, 2, 1, 2,
+ (GtkAttachOptions) (GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ gtk_label_set_justify (GTK_LABEL (label5), GTK_JUSTIFY_LEFT);
+ gtk_misc_set_alignment (GTK_MISC (label5), 0, 0.5);
+
+ label6 = gtk_label_new (_("Confirm:"));
+ gtk_widget_show (label6);
+ gtk_table_attach (GTK_TABLE (table1), label6, 1, 2, 3, 4,
+ (GtkAttachOptions) (GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ gtk_label_set_justify (GTK_LABEL (label6), GTK_JUSTIFY_LEFT);
+ gtk_misc_set_alignment (GTK_MISC (label6), 0, 0.5);
+
+ entryPassword = gtk_entry_new ();
+ gtk_widget_show (entryPassword);
+ gtk_table_attach (GTK_TABLE (table1), entryPassword, 3, 4, 1, 2,
+ (GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ gtk_entry_set_max_length (GTK_ENTRY (entryPassword), 255);
+ gtk_entry_set_visibility (GTK_ENTRY (entryPassword), FALSE);
+
+ entryConfirm = gtk_entry_new ();
+ gtk_widget_show (entryConfirm);
+ gtk_table_attach (GTK_TABLE (table1), entryConfirm, 3, 4, 3, 4,
+ (GtkAttachOptions) (GTK_EXPAND | GTK_FILL),
+ (GtkAttachOptions) (0), 0, 0);
+ gtk_entry_set_max_length (GTK_ENTRY (entryConfirm), 255);
+ gtk_entry_set_visibility (GTK_ENTRY (entryConfirm), FALSE);
+
+ dialog_action_area1 = GTK_DIALOG (dialog1)->action_area;
+ gtk_widget_show (dialog_action_area1);
+ gtk_button_box_set_layout (GTK_BUTTON_BOX (dialog_action_area1), GTK_BUTTONBOX_END);
+
+ cancelbutton2 = gtk_button_new_from_stock ("gtk-cancel");
+ gtk_widget_show (cancelbutton2);
+ gtk_dialog_add_action_widget (GTK_DIALOG (dialog1), cancelbutton2, GTK_RESPONSE_CANCEL);
+ GTK_WIDGET_SET_FLAGS (cancelbutton2, GTK_CAN_DEFAULT);
+
+ okbutton2 = gtk_button_new_from_stock ("gtk-ok");
+ gtk_widget_show (okbutton2);
+ gtk_dialog_add_action_widget (GTK_DIALOG (dialog1), okbutton2, GTK_RESPONSE_OK);
+ GTK_WIDGET_SET_FLAGS (okbutton2, GTK_CAN_DEFAULT);
+
+ /* We need to pass the window in to destroy it */
+ ud->window = dialog1;
+ /* Here we need a pointer to the entries to grab text out of them */
+ ud->entryPass = entryPassword;
+ ud->entryConf = entryConfirm;
+
+ g_signal_connect ((gpointer) dialog1, "destroy",
+ G_CALLBACK (on_inputdialog1_destroy),
+ ud);
+
+ g_signal_connect ((gpointer) entryPassword, "activate",
+ G_CALLBACK (on_entryPassword_activate),
+ ud);
+ g_signal_connect ((gpointer) entryConfirm, "activate",
+ G_CALLBACK (on_entryConfirm_activate),
+ ud);
+ g_signal_connect ((gpointer) cancelbutton2, "clicked",
+ G_CALLBACK (on_cancelbutton2_clicked),
+ ud);
+ g_signal_connect ((gpointer) okbutton2, "clicked",
+ G_CALLBACK (on_okbutton2_clicked),
+ ud);
+
+ /* Store pointers to all widgets, for use by lookup_widget(). */
+ GLADE_HOOKUP_OBJECT_NO_REF (dialog1, dialog1, "dialog1");
+ GLADE_HOOKUP_OBJECT_NO_REF (dialog1, dialog_vbox1, "dialog_vbox1");
+ GLADE_HOOKUP_OBJECT (dialog1, vbox1, "vbox1");
+ GLADE_HOOKUP_OBJECT (dialog1, table2, "table2");
+ GLADE_HOOKUP_OBJECT (dialog1, label7, "label7");
+ GLADE_HOOKUP_OBJECT (dialog1, table1, "table1");
+ GLADE_HOOKUP_OBJECT (dialog1, label5, "label5");
+ GLADE_HOOKUP_OBJECT (dialog1, label6, "label6");
+ GLADE_HOOKUP_OBJECT (dialog1, entryPassword, "entryPassword");
+ GLADE_HOOKUP_OBJECT (dialog1, entryConfirm, "entryConfirm");
+ GLADE_HOOKUP_OBJECT_NO_REF (dialog1, dialog_action_area1, "dialog_action_area1");
+ GLADE_HOOKUP_OBJECT (dialog1, cancelbutton2, "cancelbutton2");
+ GLADE_HOOKUP_OBJECT (dialog1, okbutton2, "okbutton2");
+
+ return dialog1;
+}
+
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/interface.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/interface.h
new file mode 100644
index 0000000..9950fe7
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/interface.h
@@ -0,0 +1,30 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+/*
+ * DO NOT EDIT THIS FILE - it is generated by Glade.
+ */
+
+#ifndef _INTERFACE_H_
+#define _INTERFACE_H_
+
+struct userdata {
+ char *string;
+ unsigned string_len;
+ GtkWidget *window;
+ GtkWidget *entry;
+ GtkWidget *entryPass;
+ GtkWidget *entryConf;
+};
+
+GtkWidget* create_password_dialog (struct userdata *, char *);
+GtkWidget* create_new_password_dialog (struct userdata *, char *);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/main.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/main.c
new file mode 100644
index 0000000..7d76995
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/main.c
@@ -0,0 +1,117 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+/*
+ * Initial main.c file generated by Glade. Edit as required.
+ * Glade will not overwrite this file.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <sys/types.h>
+#include <string.h>
+
+#include <gtk/gtk.h>
+
+#undef TRUE
+#undef FALSE
+
+#include "trousers/tss.h"
+#include "tsplog.h"
+
+#include "interface.h"
+#include "support.h"
+
+/*
+ * DisplayPINWindow()
+ *
+ * Popup the dialog to collect an existing password.
+ *
+ * string - buffer that the password will be passed back to caller in
+ * popup - UTF-8 string to be displayed in the title bar of the dialog box
+ *
+ */
+TSS_RESULT
+DisplayPINWindow(BYTE *string, UINT32 *string_len, BYTE *popup)
+{
+ GtkWidget *dialog1;
+ struct userdata ud;
+
+ ud.string_len = 0;
+
+#ifdef ENABLE_NLS
+ bindtextdomain (GETTEXT_PACKAGE, PACKAGE_LOCALE_DIR);
+ bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
+ textdomain (GETTEXT_PACKAGE);
+#endif
+
+ gtk_set_locale();
+ gtk_init_check((int *)NULL, (char ***)NULL);
+
+ LogDebug("address of string_len: %p", &ud.string_len);
+ dialog1 = create_password_dialog(&ud, (char *)popup);
+ gtk_widget_show(dialog1);
+
+ gtk_main();
+
+ if (ud.string_len) {
+ memcpy(string, ud.string, ud.string_len);
+ __tspi_memset(ud.string, 0, ud.string_len);
+ free(ud.string);
+ }
+ *string_len = ud.string_len;
+
+ return TSS_SUCCESS;
+}
+
+/*
+ * DisplayNewPINWindow()
+ *
+ * Popup the dialog to collect a new password.
+ *
+ * string - buffer that the password will be passed back to caller in
+ * popup - UTF-8 string to be displayed in the title bar of the dialog box
+ *
+ */
+TSS_RESULT
+DisplayNewPINWindow(BYTE *string, UINT32 *string_len, BYTE *popup)
+{
+ GtkWidget *dialog1;
+ struct userdata ud;
+
+ ud.string_len = 0;
+
+#ifdef ENABLE_NLS
+ bindtextdomain (GETTEXT_PACKAGE, PACKAGE_LOCALE_DIR);
+ bind_textdomain_codeset (GETTEXT_PACKAGE, "UTF-8");
+ textdomain (GETTEXT_PACKAGE);
+#endif
+
+ gtk_set_locale();
+ gtk_init_check((int *)NULL, (char ***)NULL);
+
+ LogDebug("address of string_len: %p", &ud.string_len);
+ dialog1 = create_new_password_dialog(&ud, (char *)popup);
+ gtk_widget_show(dialog1);
+
+ gtk_main();
+
+ if (ud.string_len) {
+ memcpy(string, ud.string, ud.string_len);
+ __tspi_memset(ud.string, 0, ud.string_len);
+ free(ud.string);
+ }
+ *string_len = ud.string_len;
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/support.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/support.c
new file mode 100644
index 0000000..6ce3870
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/support.c
@@ -0,0 +1,157 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+/*
+ * DO NOT EDIT THIS FILE - it is generated by Glade.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdio.h>
+
+#include <gtk/gtk.h>
+
+#include "trousers/tss.h"
+#include "tsplog.h"
+
+#include "support.h"
+
+GtkWidget*
+lookup_widget (GtkWidget *widget,
+ const gchar *widget_name)
+{
+ GtkWidget *parent, *found_widget;
+
+ for (;;)
+ {
+ if (GTK_IS_MENU (widget))
+ parent = gtk_menu_get_attach_widget (GTK_MENU (widget));
+ else
+ parent = widget->parent;
+ if (!parent)
+ parent = (GtkWidget*) g_object_get_data (G_OBJECT (widget), "GladeParentKey");
+ if (parent == NULL)
+ break;
+ widget = parent;
+ }
+
+ found_widget = (GtkWidget*) g_object_get_data (G_OBJECT (widget),
+ widget_name);
+ if (!found_widget)
+ g_warning ("Widget not found: %s", widget_name);
+ return found_widget;
+}
+
+static GList *pixmaps_directories = NULL;
+
+/* Use this function to set the directory containing installed pixmaps. */
+void
+__tspi_add_pixmap_directory (const gchar *directory)
+{
+ pixmaps_directories = g_list_prepend (pixmaps_directories,
+ g_strdup (directory));
+}
+
+/* This is an internally used function to find pixmap files. */
+static gchar*
+find_pixmap_file (const gchar *filename)
+{
+ GList *elem;
+
+ /* We step through each of the pixmaps directory to find it. */
+ elem = pixmaps_directories;
+ while (elem)
+ {
+ gchar *pathname = g_strdup_printf ("%s%s%s", (gchar*)elem->data,
+ G_DIR_SEPARATOR_S, filename);
+ if (g_file_test (pathname, G_FILE_TEST_EXISTS))
+ return pathname;
+ g_free (pathname);
+ elem = elem->next;
+ }
+ return NULL;
+}
+
+/* This is an internally used function to create pixmaps. */
+GtkWidget*
+create_pixmap (GtkWidget *widget,
+ const gchar *filename)
+{
+ gchar *pathname = NULL;
+ GtkWidget *pixmap;
+
+ if (!filename || !filename[0])
+ return gtk_image_new ();
+
+ pathname = find_pixmap_file (filename);
+
+ if (!pathname)
+ {
+ g_warning (_("Couldn't find pixmap file: %s"), filename);
+ return gtk_image_new ();
+ }
+
+ pixmap = gtk_image_new_from_file (pathname);
+ g_free (pathname);
+ return pixmap;
+}
+
+/* This is an internally used function to create pixmaps. */
+GdkPixbuf*
+create_pixbuf (const gchar *filename)
+{
+ gchar *pathname = NULL;
+ GdkPixbuf *pixbuf;
+ GError *error = NULL;
+
+ if (!filename || !filename[0])
+ return NULL;
+
+ pathname = find_pixmap_file (filename);
+
+ if (!pathname)
+ {
+ g_warning (_("Couldn't find pixmap file: %s"), filename);
+ return NULL;
+ }
+
+ pixbuf = gdk_pixbuf_new_from_file (pathname, &error);
+ if (!pixbuf)
+ {
+ LogError ("Failed to load pixbuf file: %s: %s\n",
+ pathname, error->message);
+ g_error_free (error);
+ }
+ g_free (pathname);
+ return pixbuf;
+}
+
+/* This is used to set ATK action descriptions. */
+void
+glade_set_atk_action_description (AtkAction *action,
+ const gchar *action_name,
+ const gchar *description)
+{
+ gint n_actions, i;
+
+ n_actions = atk_action_get_n_actions (action);
+ for (i = 0; i < n_actions; i++)
+ {
+ if (!strcmp (atk_action_get_name (action, i), action_name))
+ atk_action_set_description (action, i, description);
+ }
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/support.h b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/support.h
new file mode 100644
index 0000000..3b8186a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/gtk/support.h
@@ -0,0 +1,81 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+#ifndef _SUPPORT_H_
+#define _SUPPOR_H_
+
+/*
+ * DO NOT EDIT THIS FILE - it is generated by Glade.
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <gtk/gtk.h>
+
+/*
+ * Standard gettext macros.
+ */
+#ifdef ENABLE_NLS
+# include <libintl.h>
+# undef _
+# define _(String) dgettext (PACKAGE, String)
+# ifdef gettext_noop
+# define N_(String) gettext_noop (String)
+# else
+# define N_(String) (String)
+# endif
+#else
+# define textdomain(String) (String)
+# define gettext(String) (String)
+# define dgettext(Domain,Message) (Message)
+# define dcgettext(Domain,Message,Type) (Message)
+# define bindtextdomain(Domain,Directory) (Domain)
+# define _(String) (String)
+# define N_(String) (String)
+#endif
+
+
+/*
+ * Public Functions.
+ */
+
+/*
+ * This function returns a widget in a component created by Glade.
+ * Call it with the toplevel widget in the component (i.e. a window/dialog),
+ * or alternatively any widget in the component, and the name of the widget
+ * you want returned.
+ */
+GtkWidget* lookup_widget (GtkWidget *widget,
+ const gchar *widget_name);
+
+
+/* Use this function to set the directory containing installed pixmaps. */
+void __tspi_add_pixmap_directory (const gchar *directory);
+
+
+/*
+ * Private Functions.
+ */
+
+/* This is used to create the pixmaps used in the interface. */
+GtkWidget* create_pixmap (GtkWidget *widget,
+ const gchar *filename);
+
+/* This is used to create the pixbufs used in the interface. */
+GdkPixbuf* create_pixbuf (const gchar *filename);
+
+/* This is used to set ATK action descriptions. */
+void glade_set_atk_action_description (AtkAction *action,
+ const gchar *action_name,
+ const gchar *description);
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/log.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/log.c
new file mode 100644
index 0000000..f09ef54
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/log.c
@@ -0,0 +1,71 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2005
+ *
+ */
+
+
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "spi_utils.h"
+#include "tsplog.h"
+
+#ifdef TSS_DEBUG
+
+/*
+ * LogBlobData()
+ *
+ * Log a blob's data to the debugging stream
+ *
+ * szDescriptor - The APPID tag found in the caller's environment at build time
+ * sizeOfBlob - The size of the data to log
+ * blob - the data to log
+ *
+ */
+
+
+void
+LogBlobData(char *szDescriptor, unsigned long sizeOfBlob, unsigned char *blob)
+{
+ char temp[64];
+ int i;
+
+ if (getenv("TSS_DEBUG_OFF"))
+ return;
+
+ __tspi_memset(temp, 0, sizeof(temp));
+
+ for (i = 0; (unsigned long)i < sizeOfBlob; i++) {
+ if ((i > 0) && ((i % 16) == 0)) {
+ fprintf(stdout, "%s\n", temp);
+ __tspi_memset(temp, 0, sizeof(temp));
+ }
+ snprintf(&temp[(i%16)*3], 4, "%.2X ", blob[i]);
+ }
+ fprintf(stdout, "%s\n", temp);
+}
+
+TSS_RESULT
+LogTSPERR(TSS_RESULT result, char *file, int line)
+{
+ if (getenv("TSS_DEBUG_OFF") == NULL)
+ fprintf(stderr, "%s %s %s:%d: 0x%x\n", "LOG_RETERR", APPID, file, line, result);
+
+ return (result | TSS_LAYER_TSP);
+}
+
+#elif defined (TSS_TRACE)
+TSS_RESULT
+LogTSPERR(TSS_RESULT result, char *file, int line)
+{
+ LogInfo("%s %s %s:%d: 0x%x\n", "LOG_RETERR", APPID, file, line, result);
+ return (result | TSS_LAYER_TSP);
+}
+
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj.c
new file mode 100644
index 0000000..c434d9a
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj.c
@@ -0,0 +1,297 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "tsplog.h"
+#include "obj.h"
+
+UINT32 nextObjectHandle = 0xC0000000;
+
+MUTEX_DECLARE_INIT(handle_lock);
+
+TPM_LIST_DECLARE;
+CONTEXT_LIST_DECLARE;
+HASH_LIST_DECLARE;
+PCRS_LIST_DECLARE;
+POLICY_LIST_DECLARE;
+RSAKEY_LIST_DECLARE;
+ENCDATA_LIST_DECLARE;
+DAACRED_LIST_DECLARE;
+DAAARAKEY_LIST_DECLARE;
+DAAISSUERKEY_LIST_DECLARE;
+NVSTORE_LIST_DECLARE;
+DELFAMILY_LIST_DECLARE;
+MIGDATA_LIST_DECLARE;
+
+static void
+tspi_list_init(struct obj_list *list)
+{
+ list->head = NULL;
+ MUTEX_INIT(list->lock);
+}
+
+void
+__tspi_obj_list_init()
+{
+ TPM_LIST_INIT();
+ CONTEXT_LIST_INIT();
+ HASH_LIST_INIT();
+ PCRS_LIST_INIT();
+ POLICY_LIST_INIT();
+ RSAKEY_LIST_INIT();
+ ENCDATA_LIST_INIT();
+ DAACRED_LIST_INIT();
+ DAAARAKEY_LIST_INIT();
+ DAAISSUERKEY_LIST_INIT();
+ NVSTORE_LIST_INIT();
+ DELFAMILY_LIST_INIT();
+ MIGDATA_LIST_INIT();
+}
+
+TSS_HOBJECT
+obj_get_next_handle()
+{
+ MUTEX_LOCK(handle_lock);
+
+ /* return any object handle except NULL_HOBJECT */
+ do {
+ nextObjectHandle++;
+ } while (nextObjectHandle == NULL_HOBJECT);
+
+ MUTEX_UNLOCK(handle_lock);
+
+ return nextObjectHandle;
+}
+
+/* search through the provided list for an object with handle matching
+ * @handle. If found, return a pointer to the object with the list
+ * locked, else return NULL. To release the lock, caller should
+ * call obj_list_put() after manipulating the object.
+ */
+struct tsp_object *
+obj_list_get_obj(struct obj_list *list, UINT32 handle)
+{
+ struct tsp_object *obj;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ if (obj->handle == handle)
+ break;
+ }
+
+ if (obj == NULL)
+ MUTEX_UNLOCK(list->lock);
+
+ return obj;
+}
+
+/* search through the provided list for an object with TSP context
+ * matching @tspContext. If found, return a pointer to the object
+ * with the list locked, else return NULL. To release the lock,
+ * caller should call obj_list_put() after manipulating the object.
+ */
+struct tsp_object *
+obj_list_get_tspcontext(struct obj_list *list, UINT32 tspContext)
+{
+ struct tsp_object *obj;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ if (obj->tspContext == tspContext)
+ break;
+ }
+
+ return obj;
+}
+
+/* release a list whose handle was returned by obj_list_get_obj() */
+void
+obj_list_put(struct obj_list *list)
+{
+ MUTEX_UNLOCK(list->lock);
+}
+
+TSS_RESULT
+obj_list_add(struct obj_list *list, UINT32 tsp_context, TSS_FLAG flags, void *data,
+ TSS_HOBJECT *phObject)
+{
+ struct tsp_object *new_obj, *tmp;
+
+ new_obj = calloc(1, sizeof(struct tsp_object));
+ if (new_obj == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tsp_object));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ new_obj->handle = obj_get_next_handle();
+ new_obj->flags = flags;
+ new_obj->data = data;
+
+ if (list == &context_list)
+ new_obj->tspContext = new_obj->handle;
+ else
+ new_obj->tspContext = tsp_context;
+
+ MUTEX_LOCK(list->lock);
+
+ if (list->head == NULL) {
+ list->head = new_obj;
+ } else {
+ tmp = list->head;
+ list->head = new_obj;
+ new_obj->next = tmp;
+ }
+
+ MUTEX_UNLOCK(list->lock);
+
+ *phObject = new_obj->handle;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_list_remove(struct obj_list *list, void (*freeFcn)(void *), TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj, *prev = NULL;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; prev = obj, obj = obj->next) {
+ if (obj->handle == hObject) {
+ /* validate tspContext */
+ if (obj->tspContext != tspContext)
+ break;
+
+ (*freeFcn)(obj->data);
+
+ if (prev)
+ prev->next = obj->next;
+ else
+ list->head = obj->next;
+ free(obj);
+
+ MUTEX_UNLOCK(list->lock);
+ return TSS_SUCCESS;
+ }
+ }
+
+ MUTEX_UNLOCK(list->lock);
+
+ return TSPERR(TSS_E_INVALID_HANDLE);
+}
+
+/* a generic routine for removing all members of a list who's tsp context
+ * matches @tspContext */
+void
+obj_list_close(struct obj_list *list, void (*freeFcn)(void *), TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *index;
+ struct tsp_object *next = NULL;
+ struct tsp_object *toKill;
+ struct tsp_object *prev = NULL;
+
+ MUTEX_LOCK(list->lock);
+
+ for (index = list->head; index; ) {
+ next = index->next;
+ if (index->tspContext == tspContext) {
+ toKill = index;
+ if (prev == NULL) {
+ list->head = toKill->next;
+ } else {
+ prev->next = toKill->next;
+ }
+
+ (*freeFcn)(toKill->data);
+ free(toKill);
+
+ index = next;
+ } else {
+ prev = index;
+ index = next;
+ }
+ }
+
+ MUTEX_UNLOCK(list->lock);
+}
+
+void
+obj_close_context(TSS_HCONTEXT tspContext)
+{
+ TPM_LIST_CLOSE(tspContext);
+ CONTEXT_LIST_CLOSE(tspContext);
+ HASH_LIST_CLOSE(tspContext);
+ PCRS_LIST_CLOSE(tspContext);
+ POLICY_LIST_CLOSE(tspContext);
+ RSAKEY_LIST_CLOSE(tspContext);
+ ENCDATA_LIST_CLOSE(tspContext);
+ DAACRED_LIST_CLOSE(tspContext);
+ DAAARAKEY_LIST_CLOSE(tspContext);
+ DAAISSUERKEY_LIST_CLOSE(tspContext);
+ NVSTORE_LIST_CLOSE(tspContext);
+ DELFAMILY_LIST_CLOSE(tspContext);
+ MIGDATA_LIST_CLOSE(tspContext);
+}
+
+/* When a policy object is closed, all references to it must be removed. This function
+ * calls the object specific routines for each working object type to remove all refs to the
+ * policy */
+void
+obj_lists_remove_policy_refs(TSS_HPOLICY hPolicy, TSS_HCONTEXT tspContext)
+{
+ obj_rsakey_remove_policy_refs(hPolicy, tspContext);
+ obj_encdata_remove_policy_refs(hPolicy, tspContext);
+ obj_tpm_remove_policy_refs(hPolicy, tspContext);
+}
+
+/* search all key lists (right now only RSA keys exist) looking for a TCS key handle, when
+ * found, return the hash of its TPM_STORE_PUBKEY structure */
+TSS_RESULT
+obj_tcskey_get_pubkeyhash(TCS_KEY_HANDLE hKey, BYTE *pubKeyHash)
+{
+ struct tsp_object *obj;
+ struct obj_list *list = &rsakey_list;
+ struct tr_rsakey_obj *rsakey = NULL;
+ TSS_RESULT result = TSS_SUCCESS;
+ Trspi_HashCtx hashCtx;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->tcsHandle == hKey)
+ break;
+ }
+
+ if (obj == NULL || rsakey == NULL) {
+ MUTEX_UNLOCK(list->lock);
+ return TSPERR(TSS_E_KEY_NOT_LOADED);
+ }
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_STORE_PUBKEY(&hashCtx, &rsakey->key.pubKey);
+ if ((result |= Trspi_HashFinal(&hashCtx, pubKeyHash)))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+
+ MUTEX_UNLOCK(list->lock);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_context.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_context.c
new file mode 100644
index 0000000..7bbd869
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_context.c
@@ -0,0 +1,1525 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "tcs_tsp.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+#include "tsp_tcsi_param.h"
+
+TSS_RESULT
+obj_context_add(TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_context_obj *context = calloc(1, sizeof(struct tr_context_obj));
+
+ if (context == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tr_context_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+#ifndef TSS_NO_GUI
+ context->silentMode = TSS_TSPATTRIB_CONTEXT_NOT_SILENT;
+#else
+ context->silentMode = TSS_TSPATTRIB_CONTEXT_SILENT;
+#endif
+ if ((result = get_tcsd_hostname((char **)&context->machineName,
+ &context->machineNameLength)) != TSS_SUCCESS) {
+ free(context);
+ return result;
+ }
+
+ LogDebug("Hostname to be used by the context is %s.", context->machineName);
+
+ context->hashMode = TSS_TSPATTRIB_HASH_MODE_NOT_NULL;
+ context->connection_policy = TSS_TSPATTRIB_CONTEXT_VERSION_V1_1;
+
+ if ((result = obj_list_add(&context_list, NULL_HCONTEXT, 0, context, phObject))) {
+ free(context->machineName);
+ free(context);
+ return result;
+ }
+
+ /* Add the default policy */
+ if ((result = obj_policy_add(*phObject, TSS_POLICY_USAGE, &context->policy))) {
+ obj_list_remove(&context_list, &__tspi_obj_context_free, *phObject, *phObject);
+ return result;
+ }
+
+ context->tcs_api = &tcs_normal_api;
+
+ return TSS_SUCCESS;
+}
+
+struct tcs_api_table *
+obj_context_get_tcs_api(TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+ struct tcs_api_table *t;
+
+ /* If the object cannot be found with the given handle, return a safe value, the normal TCS
+ * API pointer. Since the handle is bad, the RPC_ function will barf in looking up the
+ * corresponding TCS context handle and an invalid handle error will be returned. */
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return &tcs_normal_api;
+
+ context = (struct tr_context_obj *)obj->data;
+
+ /* Return the current API set we're using, either the normal API, or the transport encrypted
+ * API. The context->tcs_api variable is switched back and forth between the two sets by
+ * the obj_context_transport_set_control function through a set attrib. */
+ t = context->tcs_api;
+
+ obj_list_put(&context_list);
+
+ return t;
+}
+
+void
+__tspi_obj_context_free(void *data)
+{
+ struct tr_context_obj *context = (struct tr_context_obj *)data;
+
+ free(context->machineName);
+ free(context);
+}
+
+TSS_BOOL
+obj_is_context(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&context_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&context_list);
+ }
+
+ return answer;
+}
+
+/* Clean up transport session if necessary. */
+void
+obj_context_close(TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return;
+
+ context = (struct tr_context_obj *)obj->data;
+
+#ifdef TSS_BUILD_TRANSPORT
+ if (context->transAuth.AuthHandle) {
+ RPC_FlushSpecific(tspContext, context->transAuth.AuthHandle, TPM_RT_TRANS);
+
+ __tspi_memset(&context->transPub, 0, sizeof(TPM_TRANSPORT_PUBLIC));
+ __tspi_memset(&context->transMod, 0, sizeof(TPM_MODIFIER_INDICATOR));
+ __tspi_memset(&context->transSecret, 0, sizeof(TPM_TRANSPORT_AUTH));
+ __tspi_memset(&context->transAuth, 0, sizeof(TPM_AUTH));
+ __tspi_memset(&context->transLogIn, 0, sizeof(TPM_TRANSPORT_LOG_IN));
+ __tspi_memset(&context->transLogOut, 0, sizeof(TPM_TRANSPORT_LOG_OUT));
+ __tspi_memset(&context->transLogDigest, 0, sizeof(TPM_DIGEST));
+ }
+#endif
+
+ obj_list_put(&context_list);
+}
+
+TSS_RESULT
+obj_context_get_policy(TSS_HCONTEXT tspContext, UINT32 policyType, TSS_HPOLICY *phPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ *phPolicy = context->policy;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_context_get_machine_name(TSS_HCONTEXT tspContext, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+ TSS_RESULT result;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ if (context->machineNameLength == 0) {
+ *data = NULL;
+ *size = 0;
+ LogDebug("context->machineName is NULL.");
+ } else {
+ /*
+ * Don't use calloc_tspi because this memory is
+ * not freed using "free_tspi"
+ */
+ *data = calloc(1, context->machineNameLength);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.",
+ context->machineNameLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = context->machineNameLength;
+ LogDebug("context->machineName: %s.", context->machineName);
+ memcpy(*data, context->machineName, *size);
+ }
+
+ result = TSS_SUCCESS;
+
+done:
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+/* This function converts the machine name to a TSS_UNICODE string before
+ * returning it, as Tspi_GetAttribData would like. We could do the conversion
+ * in Tspi_GetAttribData, but we don't have access to the TSP context there */
+TSS_RESULT
+obj_context_get_machine_name_attrib(TSS_HCONTEXT tspContext, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+ BYTE *utf_string;
+ UINT32 utf_size;
+ TSS_RESULT result;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ if (context->machineNameLength == 0) {
+ *data = NULL;
+ *size = 0;
+ } else {
+ utf_size = context->machineNameLength;
+ utf_string = Trspi_Native_To_UNICODE(context->machineName,
+ &utf_size);
+ if (utf_string == NULL) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *data = calloc_tspi(obj->tspContext, utf_size);
+ if (*data == NULL) {
+ free(utf_string);
+ LogError("malloc of %u bytes failed.", utf_size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = utf_size;
+ memcpy(*data, utf_string, utf_size);
+ free(utf_string);
+ }
+
+ result = TSS_SUCCESS;
+
+done:
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_context_set_machine_name(TSS_HCONTEXT tspContext, BYTE *name, UINT32 len)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ free(context->machineName);
+ context->machineName = name;
+ context->machineNameLength = len;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_context_is_silent(TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+ TSS_BOOL silent = FALSE;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return FALSE;
+
+ context = (struct tr_context_obj *)obj->data;
+ if (context->silentMode == TSS_TSPATTRIB_CONTEXT_SILENT)
+ silent = TRUE;
+
+ obj_list_put(&context_list);
+
+ return silent;
+}
+
+TSS_RESULT
+obj_context_get_mode(TSS_HCONTEXT tspContext, UINT32 *mode)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+ *mode = context->silentMode;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_context_set_mode(TSS_HCONTEXT tspContext, UINT32 mode)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+ context->silentMode = mode;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+/* search the list of all policies bound to context @tspContext. If
+ * one is found of type popup, return TRUE, else return FALSE. */
+TSS_BOOL
+obj_context_has_popups(TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ struct obj_list *list = &policy_list;
+ TSS_BOOL ret = FALSE;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ if (obj->tspContext == tspContext) {
+ policy = (struct tr_policy_obj *)obj->data;
+ if (policy->SecretMode == TSS_SECRET_MODE_POPUP)
+ ret = TRUE;
+ break;
+ }
+ }
+
+ MUTEX_UNLOCK(list->lock);
+
+ return ret;
+}
+
+TSS_RESULT
+obj_context_get_hash_mode(TSS_HCONTEXT tspContext, UINT32 *mode)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+ *mode = context->hashMode;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_context_set_hash_mode(TSS_HCONTEXT tspContext, UINT32 mode)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ switch (mode) {
+ case TSS_TSPATTRIB_HASH_MODE_NULL:
+ case TSS_TSPATTRIB_HASH_MODE_NOT_NULL:
+ break;
+ default:
+ return TSPERR(TSS_E_INVALID_ATTRIB_DATA);
+ }
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+ context->hashMode = mode;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_context_get_connection_version(TSS_HCONTEXT tspContext, UINT32 *version)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ *version = context->current_connection;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_context_set_connection_policy(TSS_HCONTEXT tspContext, UINT32 policy)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ switch (policy) {
+ case TSS_TSPATTRIB_CONTEXT_VERSION_V1_1:
+ case TSS_TSPATTRIB_CONTEXT_VERSION_V1_2:
+ case TSS_TSPATTRIB_CONTEXT_VERSION_AUTO:
+ break;
+ default:
+ return TSPERR(TSS_E_INVALID_ATTRIB_DATA);
+ }
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ context->connection_policy = policy;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+#ifdef TSS_BUILD_TRANSPORT
+TSS_RESULT
+obj_context_set_transport_key(TSS_HCONTEXT tspContext, TSS_HKEY hKey)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ context->transKey = hKey;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_context_transport_get_mode(TSS_HCONTEXT tspContext, UINT32 value, UINT32 *out)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ switch (value) {
+ case TSS_TSPATTRIB_TRANSPORT_NO_DEFAULT_ENCRYPTION:
+ *out = context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT ?
+ FALSE : TRUE;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_DEFAULT_ENCRYPTION:
+ *out = context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT ?
+ TRUE : FALSE;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_AUTHENTIC_CHANNEL:
+ *out = context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC ?
+ TRUE : FALSE;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_EXCLUSIVE:
+ *out = context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_EXCLUSIVE ?
+ TRUE : FALSE;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_STATIC_AUTH:
+ *out = context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_STATIC_AUTH ?
+ TRUE : FALSE;
+ break;
+ default:
+ LogError("Invalid attribute subflag: 0x%x", value);
+ result = TSPERR(TSS_E_INVALID_ATTRIB_SUBFLAG);
+ break;
+ }
+
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_context_transport_get_control(TSS_HCONTEXT tspContext, UINT32 value, UINT32 *out)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ switch (value) {
+ case TSS_TSPATTRIB_DISABLE_TRANSPORT:
+ *out = context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED ? FALSE : TRUE;
+ break;
+ case TSS_TSPATTRIB_ENABLE_TRANSPORT:
+ *out = context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED ? TRUE : FALSE;
+ break;
+ default:
+ LogError("Invalid attribute subflag: 0x%x", value);
+ result = TSPERR(TSS_E_INVALID_ATTRIB_SUBFLAG);
+ break;
+ }
+
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_context_transport_set_control(TSS_HCONTEXT tspContext, UINT32 value)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ switch (value) {
+ case TSS_TSPATTRIB_ENABLE_TRANSPORT:
+ context->flags |= TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED;
+ context->tcs_api = &tcs_transport_api;
+ break;
+ case TSS_TSPATTRIB_DISABLE_TRANSPORT:
+ context->flags &= ~TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED;
+ context->tcs_api = &tcs_normal_api;
+ break;
+ default:
+ LogError("Invalid attribute subflag: 0x%x", value);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ break;
+ }
+
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_context_transport_set_mode(TSS_HCONTEXT tspContext, UINT32 value)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ switch (value) {
+ case TSS_TSPATTRIB_TRANSPORT_NO_DEFAULT_ENCRYPTION:
+ context->flags &= ~TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_DEFAULT_ENCRYPTION:
+ context->flags |= TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_AUTHENTIC_CHANNEL:
+ context->flags |= TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_EXCLUSIVE:
+ context->flags |= TSS_CONTEXT_FLAGS_TRANSPORT_EXCLUSIVE;
+ break;
+ case TSS_TSPATTRIB_TRANSPORT_STATIC_AUTH:
+ context->flags |= TSS_CONTEXT_FLAGS_TRANSPORT_STATIC_AUTH;
+ break;
+ default:
+ LogError("Invalid attribute subflag: 0x%x", value);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ break;
+ }
+
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+#if 0
+TSS_RESULT
+get_trans_props(TSS_HCONTEXT tspContext, UINT32 *alg, UINT16 *enc)
+{
+ TSS_RESULT result;
+ UINT32 algs[] = { TPM_ALG_MGF1, TPM_ALG_AES128, 0 }, a = 0;
+ UINT16 encs[] = { TPM_ES_SYM_OFB, TPM_ES_SYM_CNT, TPM_ES_SYM_CBC_PKCS5PAD, 0 }, e = 0;
+ BYTE *respData;
+ UINT32 respLen, tcsSubCap32;
+ UINT16 tcsSubCap16;
+
+ if (*alg)
+ goto check_es;
+
+ for (a = 0; algs[a]; a++) {
+ tcsSubCap32 = endian32(algs[a]);
+
+ if ((result = RPC_GetTPMCapability(tspContext, TPM_CAP_TRANS_ALG, sizeof(UINT32),
+ (BYTE *)&tcsSubCap32, &respLen, &respData)))
+ return result;
+
+ if (*(TSS_BOOL *)respData == TRUE) {
+ free(respData);
+ break;
+ }
+ free(respData);
+ }
+
+ if (!algs[a]) {
+ LogError("TPM reports no usable sym algorithms for transport session");
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+check_es:
+ if (*enc || algs[a] == TPM_ALG_MGF1)
+ goto done;
+
+ for (e = 0; encs[e]; e++) {
+ tcsSubCap16 = endian16(encs[e]);
+
+ if ((result = RPC_GetTPMCapability(tspContext, TPM_CAP_TRANS_ES, sizeof(UINT16),
+ (BYTE *)&tcsSubCap16, &respLen, &respData)))
+ return result;
+
+ if (*(TSS_BOOL *)respData == TRUE) {
+ free(respData);
+ break;
+ }
+ free(respData);
+ }
+
+ if (!encs[e]) {
+ LogError("TPM reports no usable sym modes for transport session");
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ *alg = algs[a];
+ *enc = encs[e];
+done:
+ return TSS_SUCCESS;
+}
+#endif
+
+/* called before each TCSP_ExecuteTransport call */
+TSS_RESULT
+obj_context_transport_init(TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ /* return immediately if we're not in a transport session */
+ if (!(context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ /* if the session is not yet established, setup and call EstablishTransport */
+ if (!(context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_ESTABLISHED)) {
+ if ((result = obj_context_transport_establish(tspContext, context)))
+ goto done;
+ }
+
+ context->flags |= TSS_CONTEXT_FLAGS_TRANSPORT_ESTABLISHED;
+
+ result = TSS_SUCCESS;
+done:
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_context_transport_establish(TSS_HCONTEXT tspContext, struct tr_context_obj *context)
+{
+ TSS_RESULT result;
+ UINT32 tickLen, secretLen, transPubLen, exclusive = TSS_TCSATTRIB_TRANSPORT_DEFAULT;
+ BYTE *ticks, *secret;
+ UINT64 offset;
+ Trspi_HashCtx hashCtx;
+ TPM_DIGEST digest;
+ TSS_HPOLICY hTransKeyPolicy;
+ TPM_AUTH auth, *pAuth, *pTransAuth;
+ TCS_KEY_HANDLE tcsTransKey;
+ TSS_BOOL usesAuth = FALSE;
+ UINT32 encKeyLen;
+ BYTE encKey[256];
+ BYTE transPubBlob[sizeof(TPM_TRANSPORT_PUBLIC)];
+ BYTE transAuthBlob[sizeof(TPM_TRANSPORT_AUTH)];
+
+
+ context->transPub.tag = TPM_TAG_TRANSPORT_PUBLIC;
+ context->transSecret.tag = TPM_TAG_TRANSPORT_AUTH;
+
+ if ((result = get_local_random(tspContext, FALSE, TPM_SHA1_160_HASH_LEN,
+ (BYTE **)context->transSecret.authData.authdata)))
+ return result;
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_STATIC_AUTH)
+ context->transKey = TPM_KH_TRANSPORT;
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC)
+ context->transPub.transAttributes |= TPM_TRANSPORT_LOG;
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_EXCLUSIVE) {
+ context->transPub.transAttributes |= TPM_TRANSPORT_EXCLUSIVE;
+ exclusive = TSS_TCSATTRIB_TRANSPORT_EXCLUSIVE;
+ }
+
+ /* XXX implement AES128+CTR (Winbond, Infineon), then AES256+CTR (Atmel) */
+ context->transPub.algId = TPM_ALG_MGF1;
+ context->transPub.encScheme = TPM_ES_NONE;
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT) {
+ context->transPub.transAttributes |= TPM_TRANSPORT_ENCRYPT;
+
+ if (context->transKey == TPM_KH_TRANSPORT) {
+ LogError("No transport key handle has been set yet. Use "
+ "Tspi_Context_SetTransEncryptionKey to set this handle");
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (context->transKey == TPM_KH_TRANSPORT) {
+ secret = context->transSecret.authData.authdata;
+ secretLen = TPM_SHA1_160_HASH_LEN;
+ } else {
+ offset = 0;
+ Trspi_LoadBlob_TRANSPORT_AUTH(&offset, transAuthBlob, &context->transSecret);
+ secretLen = offset;
+
+ /* encrypt the sym key with the wrapping RSA key */
+ encKeyLen = sizeof(encKey);
+ if ((result = __tspi_rsa_encrypt(context->transKey, secretLen, transAuthBlob, &encKeyLen,
+ encKey)))
+ return result;
+
+ secret = encKey;
+ secretLen = encKeyLen;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_TRANSPORT_PUBLIC(&offset, transPubBlob, &context->transPub);
+ transPubLen = offset;
+
+ if (context->transKey != TPM_KH_TRANSPORT) {
+ if ((result = obj_rsakey_get_tcs_handle(context->transKey, &tcsTransKey)))
+ return result;
+
+ if ((result = obj_rsakey_get_policy(context->transKey, TSS_POLICY_USAGE,
+ &hTransKeyPolicy, &usesAuth)))
+ return result;
+
+ if (!usesAuth) {
+ LogError("Key used to establish a transport session must use auth");
+ return TSPERR(TSS_E_TSP_TRANS_AUTHREQUIRED);
+ }
+ } else
+ tcsTransKey = TPM_KH_TRANSPORT;
+
+ /* If logging is on, do TPM commands spec rev106 step 8.a */
+ __tspi_memset(context->transLogDigest.digest, 0, sizeof(TPM_DIGEST));
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC) {
+ context->transLogIn.tag = TPM_TAG_TRANSPORT_LOG_IN;
+
+ /* step 8.a, i */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_EstablishTransport);
+ result |= Trspi_HashUpdate(&hashCtx, transPubLen, transPubBlob);
+ result |= Trspi_Hash_UINT32(&hashCtx, secretLen);
+ result |= Trspi_HashUpdate(&hashCtx, secretLen, secret);
+ if ((result |= Trspi_HashFinal(&hashCtx, context->transLogIn.parameters.digest)))
+ return result;
+
+ /* step 8.a, ii */
+ __tspi_memset(context->transLogIn.pubKeyHash.digest, 0, sizeof(TPM_DIGEST));
+
+ /* step 8.a, iii */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_DIGEST(&hashCtx, context->transLogDigest.digest);
+ result |= Trspi_Hash_TRANSPORT_LOG_IN(&hashCtx, &context->transLogIn);
+ if ((result |= Trspi_HashFinal(&hashCtx, context->transLogDigest.digest)))
+ return result;
+ }
+
+ if (usesAuth) {
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_EstablishTransport);
+ result |= Trspi_HashUpdate(&hashCtx, (UINT32)offset, (BYTE *)transPubBlob);
+ result |= Trspi_Hash_UINT32(&hashCtx, secretLen);
+ result |= Trspi_HashUpdate(&hashCtx, secretLen, secret);
+ if ((result |= Trspi_HashFinal(&hashCtx, (BYTE *)&digest)))
+ return result;
+
+ /* open OIAP session with continueAuthSession = TRUE */
+ if ((result = secret_PerformAuth_OIAP(context->transKey, TPM_ORD_EstablishTransport,
+ hTransKeyPolicy, TRUE, &digest, &auth)))
+ return result;
+
+ pAuth = &auth;
+ } else
+ pAuth = NULL;
+
+ result = RPC_EstablishTransport(tspContext, exclusive, tcsTransKey, transPubLen,
+ transPubBlob, secretLen, secret, pAuth, &context->transMod,
+ &context->transAuth.AuthHandle, &tickLen, &ticks,
+ &context->transAuth.NonceEven);
+ if (result) {
+ LogError("Establish Transport command failed: %s", Trspi_Error_String(result));
+ return result;
+ }
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, result);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_EstablishTransport);
+ result |= Trspi_Hash_UINT32(&hashCtx, context->transMod);
+ result |= Trspi_HashUpdate(&hashCtx, tickLen, ticks);
+ result |= Trspi_Hash_NONCE(&hashCtx, context->transAuth.NonceEven.nonce);
+ if ((result |= Trspi_HashFinal(&hashCtx, digest.digest)))
+ return result;
+
+ if (usesAuth) {
+ if ((result = obj_policy_validate_auth_oiap(hTransKeyPolicy, &digest, pAuth)))
+ return result;
+ }
+
+ /* step 8.b iii */
+ offset = 0;
+ Trspi_UnloadBlob_CURRENT_TICKS(&offset, ticks, &context->transLogOut.currentTicks);
+ free(ticks);
+
+ /* If logging is on, do TPM commands spec rev106 step 8.b */
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC) {
+ context->transLogOut.tag = TPM_TAG_TRANSPORT_LOG_OUT;
+
+ /* step 8.b i */
+ memcpy(context->transLogOut.parameters.digest, digest.digest, sizeof(TPM_DIGEST));
+
+ /* step 8.b ii */
+ context->transLogOut.locality = context->transMod;
+
+ /* step 8.b iii was done above */
+ /* step 8.b iv */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_DIGEST(&hashCtx, context->transLogDigest.digest);
+ result |= Trspi_Hash_TRANSPORT_LOG_OUT(&hashCtx, &context->transLogOut);
+ if ((result |= Trspi_HashFinal(&hashCtx, context->transLogDigest.digest)))
+ return result;
+ }
+
+ LogDebug("Transport session established successfully");
+
+ pTransAuth = &context->transAuth;
+ pTransAuth->fContinueAuthSession = TRUE;
+ if ((result = get_local_random(tspContext, FALSE, sizeof(TPM_NONCE),
+ (BYTE **)pTransAuth->NonceOdd.nonce))) {
+ LogError("Failed creating random nonce");
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+do_transport_decryption(TPM_TRANSPORT_PUBLIC *transPub,
+ TPM_AUTH *pTransAuth,
+ BYTE *secret,
+ UINT32 inLen,
+ BYTE *in,
+ UINT32 *outLen,
+ BYTE **out)
+{
+ TSS_RESULT result;
+ UINT32 i, decLen;
+ UINT32 seedLen, ivLen;
+ BYTE *dec;
+ BYTE seed[(2 * sizeof(TPM_NONCE)) + strlen("out") + TPM_SHA1_160_HASH_LEN];
+
+ /* allocate the most data anyone below might need */
+ decLen = inLen;//((inLen / TSS_MAX_SYM_BLOCK_SIZE) + 1) * TSS_MAX_SYM_BLOCK_SIZE;
+ if ((dec = malloc(decLen)) == NULL) {
+ LogError("malloc of %u bytes failed", decLen);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ /* set the common 3 initial values of 'seed', which is used to generate either the IV or
+ * mask */
+ memcpy(seed, pTransAuth->NonceEven.nonce, sizeof(TPM_NONCE));
+ memcpy(&seed[sizeof(TPM_NONCE)], pTransAuth->NonceOdd.nonce, sizeof(TPM_NONCE));
+ memcpy(&seed[2 * sizeof(TPM_NONCE)], "out", strlen("out"));
+
+ switch (transPub->algId) {
+ case TPM_ALG_MGF1:
+ {
+ decLen = inLen;
+ seedLen = sizeof(seed);
+
+ /* add the secret data to the seed for MGF1 */
+ memcpy(&seed[2 * sizeof(TPM_NONCE) + strlen("out")], secret, TPM_SHA1_160_HASH_LEN);
+
+ if ((result = Trspi_MGF1(TSS_HASH_SHA1, seedLen, seed, decLen, dec))) {
+ free(dec);
+ return result;
+ }
+
+ for (i = 0; i < inLen; i++)
+ dec[i] ^= in[i];
+ break;
+ }
+ case TPM_ALG_AES128:
+ {
+ BYTE iv[TSS_MAX_SYM_BLOCK_SIZE];
+
+ ivLen = TSS_MAX_SYM_BLOCK_SIZE;
+ seedLen = (2 * sizeof(TPM_NONCE)) + strlen("out");
+
+ if ((result = Trspi_MGF1(TSS_HASH_SHA1, seedLen, seed, ivLen, iv))) {
+ free(dec);
+ return result;
+ }
+
+ /* use the secret data as the key for AES */
+ if ((result = Trspi_SymEncrypt(transPub->algId, transPub->encScheme, secret, iv, in,
+ inLen, dec, &decLen))) {
+ free(dec);
+ return result;
+ }
+
+ break;
+ }
+ default:
+ LogDebug("Unknown algorithm for encrypted transport session: 0x%x",
+ transPub->algId);
+ free(dec);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ *out = dec;
+ *outLen = decLen;
+
+ return result;
+}
+
+TSS_RESULT
+do_transport_encryption(TPM_TRANSPORT_PUBLIC *transPub,
+ TPM_AUTH *pTransAuth,
+ BYTE *secret,
+ UINT32 inLen,
+ BYTE *in,
+ UINT32 *outLen,
+ BYTE **out)
+{
+ TSS_RESULT result;
+ UINT32 i, encLen;
+ UINT32 seedLen, ivLen;
+ BYTE *enc;
+ BYTE seed[(2 * sizeof(TPM_NONCE)) + strlen("in") + TPM_SHA1_160_HASH_LEN];
+
+ /* allocate the most data anyone below might need */
+ encLen = ((inLen / TSS_MAX_SYM_BLOCK_SIZE) + 1) * TSS_MAX_SYM_BLOCK_SIZE;
+ if ((enc = malloc(encLen)) == NULL) {
+ LogError("malloc of %u bytes failed", encLen);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ /* set the common 3 initial values of 'seed', which is used to generate either the IV or
+ * mask */
+ memcpy(seed, pTransAuth->NonceEven.nonce, sizeof(TPM_NONCE));
+ memcpy(&seed[sizeof(TPM_NONCE)], pTransAuth->NonceOdd.nonce, sizeof(TPM_NONCE));
+ memcpy(&seed[2 * sizeof(TPM_NONCE)], "in", strlen("in"));
+
+ switch (transPub->algId) {
+ case TPM_ALG_MGF1:
+ {
+ encLen = inLen;
+ seedLen = sizeof(seed);
+
+ /* add the secret data to the seed for MGF1 */
+ memcpy(&seed[2 * sizeof(TPM_NONCE) + strlen("in")], secret, TPM_SHA1_160_HASH_LEN);
+
+ if ((result = Trspi_MGF1(TSS_HASH_SHA1, seedLen, seed, encLen, enc))) {
+ free(enc);
+ return result;
+ }
+
+ for (i = 0; i < inLen; i++)
+ enc[i] ^= in[i];
+ break;
+ }
+ case TPM_ALG_AES128:
+ {
+ BYTE iv[TSS_MAX_SYM_BLOCK_SIZE];
+
+ ivLen = TSS_MAX_SYM_BLOCK_SIZE;
+ seedLen = (2 * sizeof(TPM_NONCE)) + strlen("in");
+
+ if ((result = Trspi_MGF1(TSS_HASH_SHA1, seedLen, seed, ivLen, iv))) {
+ free(enc);
+ return result;
+ }
+
+ /* use the secret data as the key for AES */
+ if ((result = Trspi_SymEncrypt(transPub->algId, transPub->encScheme, secret, iv, in,
+ inLen, enc, &encLen))) {
+ free(enc);
+ return result;
+ }
+
+ break;
+ }
+ default:
+ LogDebug("Unknown algorithm for encrypted transport session: 0x%x",
+ transPub->algId);
+ free(enc);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ *out = enc;
+ *outLen = encLen;
+
+ return result;
+}
+
+TSS_RESULT
+obj_context_transport_execute(TSS_HCONTEXT tspContext,
+ TPM_COMMAND_CODE ordinal,
+ UINT32 ulDataLen,
+ BYTE* rgbData,
+ TPM_DIGEST* pubKeyHash,
+ UINT32* handlesLen,
+ TCS_HANDLE** handles,
+ TPM_AUTH* pAuth1,
+ TPM_AUTH* pAuth2,
+ UINT32* outLen,
+ BYTE** out)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+ UINT32 encLen, ulWrappedDataLen = 0;
+ BYTE *pEnc = NULL, *rgbWrappedData = NULL;
+ TPM_RESULT tpmResult;
+ Trspi_HashCtx hashCtx;
+ TPM_DIGEST etDigest, wDigest;
+ TPM_AUTH *pTransAuth;
+ UINT64 currentTicks;
+ TSS_BOOL free_enc = FALSE;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ pTransAuth = &context->transAuth;
+
+ /* TPM Commands spec rev106 step 6 */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, ordinal);
+
+ switch (ordinal) {
+ case TPM_ORD_OSAP:
+ case TPM_ORD_OIAP:
+ break;
+ default:
+ result |= Trspi_HashUpdate(&hashCtx, ulDataLen, rgbData);
+ break;
+ }
+
+ if ((result |= Trspi_HashFinal(&hashCtx, wDigest.digest)))
+ goto done;
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC) {
+ /* TPM Commands spec rev106 step 10.b */
+ memcpy(context->transLogIn.parameters.digest, wDigest.digest, sizeof(TPM_DIGEST));
+ /* TPM Commands spec rev106 step 10.c, d or e, calculated by the caller */
+ if (pubKeyHash)
+ memcpy(context->transLogIn.pubKeyHash.digest, pubKeyHash->digest,
+ sizeof(TPM_DIGEST));
+ else
+ __tspi_memset(context->transLogIn.pubKeyHash.digest, 0, sizeof(TPM_DIGEST));
+
+ /* TPM Commands spec rev106 step 10.f */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_DIGEST(&hashCtx, context->transLogDigest.digest);
+ result |= Trspi_Hash_TRANSPORT_LOG_IN(&hashCtx, &context->transLogIn);
+ if ((result |= Trspi_HashFinal(&hashCtx, context->transLogDigest.digest)))
+ goto done;
+ }
+
+ /* TPM Commands spec rev106 step 7.a */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_ExecuteTransport);
+ result |= Trspi_Hash_UINT32(&hashCtx, ulDataLen + TSS_TPM_TXBLOB_HDR_LEN
+ + (*handlesLen * sizeof(UINT32))
+ + (pAuth1 ? TPM_AUTH_RQU_SIZE : 0)
+ + (pAuth2 ? TPM_AUTH_RQU_SIZE : 0));
+ result |= Trspi_HashUpdate(&hashCtx, TPM_SHA1_160_HASH_LEN, wDigest.digest);
+ if ((result |= Trspi_HashFinal(&hashCtx, etDigest.digest)))
+ goto done;
+
+ /* encrypt the data if necessary */
+ if (ulDataLen && context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT) {
+ switch (ordinal) {
+ case TPM_ORD_OSAP:
+ case TPM_ORD_OIAP:
+ encLen = ulDataLen;
+ pEnc = rgbData;
+ break;
+ case TPM_ORD_DSAP:
+ {
+ UINT64 offset;
+ UINT32 tmpLen, entityValueLen;
+ BYTE *tmpEnc, *entityValuePtr;
+
+ /* DSAP is a special case where only entityValue is encrypted. So, we'll
+ * parse through rgbData until we get to entityValue, encrypt it, alloc
+ * new space for rgbData (since it could be up to a block length larger
+ * than it came in) and copy the unencrypted data and the encrypted
+ * entityValue to the new block, setting pEnc and encLen to new values. */
+
+ offset = (2 * sizeof(UINT32)) + sizeof(TPM_NONCE);
+ Trspi_UnloadBlob_UINT32(&offset, &entityValueLen, rgbData);
+
+ entityValuePtr = &rgbData[offset];
+ if ((result = do_transport_encryption(&context->transPub, pTransAuth,
+ context->transSecret.authData.authdata,
+ entityValueLen, entityValuePtr, &tmpLen,
+ &tmpEnc)))
+ goto done;
+
+ /* offset is the amount of data before the block we encrypted and tmpLen is
+ * the size of the encrypted data */
+ encLen = offset + tmpLen;
+ if ((pEnc = malloc(encLen)) == NULL) {
+ LogError("malloc of %u bytes failed.", encLen);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(pEnc, rgbData, offset);
+ memcpy(&pEnc[offset], tmpEnc, tmpLen);
+ free(tmpEnc);
+
+ free_enc = TRUE;
+ break;
+ }
+ default:
+ if ((result = do_transport_encryption(&context->transPub, pTransAuth,
+ context->transSecret.authData.authdata,
+ ulDataLen, rgbData, &encLen, &pEnc)))
+ goto done;
+
+ free_enc = TRUE;
+ break;
+ }
+ } else {
+ encLen = ulDataLen;
+ pEnc = rgbData;
+ }
+
+ /* TPM Commands spec rev106 step 7.b */
+ HMAC_Auth(context->transSecret.authData.authdata, etDigest.digest, pTransAuth);
+
+ if ((result = RPC_ExecuteTransport(tspContext, ordinal, encLen, pEnc, handlesLen, handles,
+ pAuth1, pAuth2, pTransAuth, ¤tTicks,
+ &context->transMod, &tpmResult, &ulWrappedDataLen,
+ &rgbWrappedData))) {
+ LogDebugFn("Execute Transport failed: %s", Trspi_Error_String(result));
+ goto done;
+ }
+
+ if (tpmResult) {
+ LogDebug("Wrapped command ordinal 0x%x failed with result: 0x%x", ordinal,
+ tpmResult);
+ result = tpmResult;
+ goto done;
+ }
+
+ /* decrypt the returned wrapped data if necessary */
+ if (ulWrappedDataLen && context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_DEFAULT_ENCRYPT) {
+ switch (ordinal) {
+ case TPM_ORD_OSAP:
+ case TPM_ORD_OIAP:
+ case TPM_ORD_DSAP:
+ *outLen = ulWrappedDataLen;
+ *out = rgbWrappedData;
+ break;
+ default:
+ if ((result = do_transport_decryption(&context->transPub, pTransAuth,
+ context->transSecret.authData.authdata,
+ ulWrappedDataLen, rgbWrappedData, outLen,
+ out)))
+ goto done;
+
+ free(rgbWrappedData);
+ }
+ } else {
+ if (outLen) {
+ *outLen = ulWrappedDataLen;
+ *out = rgbWrappedData;
+ }
+ }
+
+ /* TPM Commands spec rev106 step 14 */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, tpmResult);
+ result |= Trspi_Hash_UINT32(&hashCtx, ordinal);
+
+ switch (ordinal) {
+ case TPM_ORD_OSAP:
+ case TPM_ORD_OIAP:
+ break;
+ default:
+ if (outLen)
+ result |= Trspi_HashUpdate(&hashCtx, *outLen, *out);
+ break;
+ }
+
+ if ((result |= Trspi_HashFinal(&hashCtx, wDigest.digest)))
+ goto done;
+
+ /* TPM Commands spec rev106 step 15 */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, result);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_ExecuteTransport);
+ result |= Trspi_Hash_UINT64(&hashCtx, currentTicks);
+ result |= Trspi_Hash_UINT32(&hashCtx, context->transMod);
+ result |= Trspi_Hash_UINT32(&hashCtx, (outLen ? *outLen : 0)
+ + TSS_TPM_TXBLOB_HDR_LEN
+ + (*handlesLen * sizeof(UINT32))
+ + (pAuth1 ? TPM_AUTH_RSP_SIZE : 0)
+ + (pAuth2 ? TPM_AUTH_RSP_SIZE : 0));
+ result |= Trspi_HashUpdate(&hashCtx, TPM_SHA1_160_HASH_LEN, wDigest.digest);
+ if ((result |= Trspi_HashFinal(&hashCtx, etDigest.digest)))
+ goto done;
+
+ if (validateReturnAuth(context->transSecret.authData.authdata, etDigest.digest,
+ pTransAuth)) {
+ result = TSPERR(TSS_E_TSP_TRANS_AUTHFAIL);
+ goto done;
+ }
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC) {
+ context->transLogOut.currentTicks.currentTicks = currentTicks;
+
+ /* TPM Commands spec rev106 step 16.b */
+ memcpy(context->transLogOut.parameters.digest, wDigest.digest, sizeof(TPM_DIGEST));
+ /* TPM Commands spec rev106 step 16.c done above */
+ /* TPM Commands spec rev106 step 16.d */
+ context->transLogOut.locality = context->transMod;
+
+ /* TPM Commands spec rev106 step 16.d */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_DIGEST(&hashCtx, context->transLogDigest.digest);
+ result |= Trspi_Hash_TRANSPORT_LOG_OUT(&hashCtx, &context->transLogOut);
+ if ((result |= Trspi_HashFinal(&hashCtx, context->transLogDigest.digest)))
+ goto done;
+ }
+
+ /* Refresh nonceOdd for continued transport auth session */
+ if ((result = get_local_random(tspContext, FALSE, sizeof(TPM_NONCE),
+ (BYTE **)pTransAuth->NonceOdd.nonce))) {
+ LogError("Failed creating random nonce");
+ }
+
+done:
+ if (free_enc)
+ free(pEnc);
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+/* called to close a transport session */
+TSS_RESULT
+obj_context_transport_close(TSS_HCONTEXT tspContext,
+ TSS_HKEY hKey,
+ TSS_HPOLICY hPolicy,
+ TSS_BOOL usesAuth,
+ TPM_SIGN_INFO* signInfo,
+ UINT32* sigLen,
+ BYTE** sig)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+ Trspi_HashCtx hashCtx;
+ TPM_DIGEST digest;
+ TPM_AUTH auth, *pAuth;
+ TCS_KEY_HANDLE tcsKey;
+ BYTE *ticks = NULL;
+ UINT32 tickLen;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ /* return immediately if we're not in a transport session */
+ if (!(context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_ENABLED)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ if ((result = obj_rsakey_get_tcs_handle(hKey, &tcsKey)))
+ goto done;
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_ReleaseTransportSigned);
+ result |= Trspi_Hash_NONCE(&hashCtx, signInfo->replay.nonce);
+ if ((result |= Trspi_HashFinal(&hashCtx, (BYTE *)&digest)))
+ goto done;
+
+ if (usesAuth) {
+ if ((result = secret_PerformAuth_OIAP(hKey, TPM_ORD_ReleaseTransportSigned,
+ hPolicy, FALSE, &digest, &auth)))
+ goto done;
+
+ pAuth = &auth;
+ } else
+ pAuth = NULL;
+
+ /* continue the auth session established in obj_context_transport_establish */
+ HMAC_Auth(context->transSecret.authData.authdata, digest.digest, &context->transAuth);
+
+ if ((result = RPC_ReleaseTransportSigned(tspContext, tcsKey, &signInfo->replay, pAuth,
+ &context->transAuth,
+ &context->transLogOut.locality, &tickLen, &ticks,
+ sigLen, sig)))
+ goto done;
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, result);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_ReleaseTransportSigned);
+ result |= Trspi_Hash_UINT32(&hashCtx, context->transLogOut.locality);
+ result |= Trspi_HashUpdate(&hashCtx, tickLen, ticks);
+ result |= Trspi_Hash_UINT32(&hashCtx, *sigLen);
+ result |= Trspi_HashUpdate(&hashCtx, *sigLen, *sig);
+ if ((result |= Trspi_HashFinal(&hashCtx, (BYTE *)&digest)))
+ goto done_disabled;
+
+ /* validate the return data using the key's auth */
+ if (pAuth) {
+ if ((result = obj_policy_validate_auth_oiap(hPolicy, &digest, pAuth)))
+ goto done_disabled;
+ }
+
+ /* validate again using the transport session's auth */
+ if ((result = validateReturnAuth(context->transSecret.authData.authdata, digest.digest,
+ &context->transAuth))) {
+ result = TSPERR(TSS_E_TSP_TRANS_AUTHFAIL);
+ goto done_disabled;
+ }
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TRANSPORT_AUTHENTIC) {
+ UINT64 offset;
+
+ /* TPM Commands Spec step 6.b */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_UINT32(&hashCtx, TPM_ORD_ReleaseTransportSigned);
+ result |= Trspi_Hash_NONCE(&hashCtx, signInfo->replay.nonce);
+ if ((result |= Trspi_HashFinal(&hashCtx, context->transLogOut.parameters.digest)))
+ goto done_disabled;
+
+ /* TPM Commands Spec step 6.c */
+ offset = 0;
+ Trspi_UnloadBlob_CURRENT_TICKS(&offset, ticks, &context->transLogOut.currentTicks);
+ free(ticks);
+
+ /* TPM Commands Spec step 6.d was set above */
+ /* TPM Commands Spec step 6.e */
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_DIGEST(&hashCtx, context->transLogDigest.digest);
+ result |= Trspi_Hash_TRANSPORT_LOG_OUT(&hashCtx, &context->transLogOut);
+ if ((result |= Trspi_HashFinal(&hashCtx, context->transLogDigest.digest)))
+ goto done_disabled;
+ }
+
+ if ((signInfo->data = malloc(sizeof(TPM_DIGEST))) == NULL) {
+ LogError("malloc %zd bytes failed.", sizeof(TPM_DIGEST));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done_disabled;
+ }
+ memcpy(signInfo->data, context->transLogDigest.digest, sizeof(TPM_DIGEST));
+ signInfo->dataLen = sizeof(TPM_DIGEST);
+
+ /* destroy all transport session info, except the key handle */
+ __tspi_memset(&context->transPub, 0, sizeof(TPM_TRANSPORT_PUBLIC));
+ __tspi_memset(&context->transMod, 0, sizeof(TPM_MODIFIER_INDICATOR));
+ __tspi_memset(&context->transSecret, 0, sizeof(TPM_TRANSPORT_AUTH));
+ __tspi_memset(&context->transAuth, 0, sizeof(TPM_AUTH));
+ __tspi_memset(&context->transLogIn, 0, sizeof(TPM_TRANSPORT_LOG_IN));
+ __tspi_memset(&context->transLogOut, 0, sizeof(TPM_TRANSPORT_LOG_OUT));
+ __tspi_memset(&context->transLogDigest, 0, sizeof(TPM_DIGEST));
+
+done_disabled:
+ context->flags &= ~TSS_CONTEXT_FLAGS_TRANSPORT_ESTABLISHED;
+done:
+ obj_list_put(&context_list);
+
+ return result;
+}
+#endif
+
+/* XXX change 0,1,2 to #defines */
+TSS_RESULT
+obj_context_set_tpm_version(TSS_HCONTEXT tspContext, UINT32 ver)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ switch (ver) {
+ case 1:
+ context->flags &= ~TSS_CONTEXT_FLAGS_TPM_VERSION_MASK;
+ context->flags |= TSS_CONTEXT_FLAGS_TPM_VERSION_1;
+ break;
+ case 2:
+ context->flags &= ~TSS_CONTEXT_FLAGS_TPM_VERSION_MASK;
+ context->flags |= TSS_CONTEXT_FLAGS_TPM_VERSION_2;
+ break;
+ default:
+ LogError("Invalid TPM version set: %u", ver);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ break;
+ }
+
+ obj_list_put(&context_list);
+
+ return result;
+}
+
+/* XXX change 0,1,2 to #defines */
+TSS_RESULT
+obj_context_get_tpm_version(TSS_HCONTEXT tspContext, UINT32 *ver)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ if (context->flags & TSS_CONTEXT_FLAGS_TPM_VERSION_1)
+ *ver = 1;
+ else if (context->flags & TSS_CONTEXT_FLAGS_TPM_VERSION_2)
+ *ver = 2;
+ else
+ *ver = 0;
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_context_get_loadkey_ordinal(TSS_HCONTEXT tspContext, TPM_COMMAND_CODE *ordinal)
+{
+ struct tsp_object *obj;
+ struct tr_context_obj *context;
+
+ if ((obj = obj_list_get_obj(&context_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ context = (struct tr_context_obj *)obj->data;
+
+ switch (context->flags & TSS_CONTEXT_FLAGS_TPM_VERSION_MASK) {
+ case TSS_CONTEXT_FLAGS_TPM_VERSION_2:
+ *ordinal = TPM_ORD_LoadKey2;
+ break;
+ default:
+ LogDebugFn("No TPM version set!");
+ /* fall through */
+ case TSS_CONTEXT_FLAGS_TPM_VERSION_1:
+ *ordinal = TPM_ORD_LoadKey;
+ break;
+ }
+
+ obj_list_put(&context_list);
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_daa.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_daa.c
new file mode 100644
index 0000000..a073633
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_daa.c
@@ -0,0 +1,151 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+/*
+ * adds a new daa object to the daa list with TSP context tspContext
+ */
+TSS_RESULT
+obj_daa_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_daa_obj *daa = calloc(1, sizeof(struct tr_daa_obj));
+
+ if (daa == NULL) {
+ LogError("malloc of %d bytes failed.", sizeof(struct tr_daa_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = obj_list_add(&daa_list, tspContext, 0, daa, phObject))) {
+ free(daa);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+daa_free(void *data)
+{
+ struct tr_daa_obj *daa = (struct tr_daa_obj *)data;
+
+ /* free all pointers in the tr_daa_obj object here */
+ free(daa);
+}
+
+/*
+ * remove DAA object hObject from the DAA list
+ */
+TSS_RESULT
+obj_daa_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&daa_list, &daa_free, hObject, tspContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_daa(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&daa_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&daa_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_daa_get_tsp_context(TSS_HDAA hDaa, TSS_HCONTEXT *tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&daa_list, hDaa)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&daa_list);
+
+ return TSS_SUCCESS;
+}
+
+static TSS_RESULT
+obj_daa_get_and_lock_data(TSS_HDAA hDaa, struct tr_daa_obj **daa)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&daa_list, hDaa)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+ *daa = obj->data;
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_daa_get_handle_tpm(TSS_HDAA hDAA, TPM_HANDLE *hTPM) {
+ struct tr_daa_obj *daa_struct;
+ TSS_RESULT result;
+
+ if( (result = obj_daa_get_and_lock_data( hDAA, &daa_struct)) != TSS_SUCCESS) return result;
+ *hTPM = daa_struct->tpm_handle;
+ obj_list_put(&daa_list);
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_daa_set_handle_tpm(TSS_HDAA hDAA, TPM_HANDLE hTPM) {
+ struct tr_daa_obj *daa_struct;
+ TSS_RESULT result;
+
+ if( (result = obj_daa_get_and_lock_data( hDAA, &daa_struct)) != TSS_SUCCESS) return result;
+ daa_struct->tpm_handle = hTPM;
+ obj_list_put(&daa_list);
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_daa_get_session_handle(TSS_HDAA hDAA, UINT32 *session_handle) {
+ struct tr_daa_obj *daa_struct;
+ TSS_RESULT result;
+
+ if( (result = obj_daa_get_and_lock_data( hDAA, &daa_struct)) != TSS_SUCCESS) return result;
+ *session_handle = daa_struct->session_handle;
+ obj_list_put(&daa_list);
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_daa_set_session_handle(TSS_HDAA hDAA, UINT32 session_handle) {
+ struct tr_daa_obj *daa_struct;
+ TSS_RESULT result;
+
+ if( (result = obj_daa_get_and_lock_data( hDAA, &daa_struct)) != TSS_SUCCESS) return result;
+ daa_struct->session_handle = session_handle;
+ obj_list_put(&daa_list);
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_delfamily.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_delfamily.c
new file mode 100644
index 0000000..a2fed27
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_delfamily.c
@@ -0,0 +1,363 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+#include "tsp_delegate.h"
+
+void
+delfamily_free(void *data)
+{
+ struct tr_delfamily_obj *delfamily = (struct tr_delfamily_obj *)data;
+
+ free(delfamily);
+}
+
+TSS_BOOL
+obj_is_delfamily(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&delfamily_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&delfamily_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_delfamily_add(TSS_HCONTEXT hContext, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_delfamily_obj *delfamily = calloc(1, sizeof(struct tr_delfamily_obj));
+
+ if (delfamily == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct tr_delfamily_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = obj_list_add(&delfamily_list, hContext, 0, delfamily, phObject))) {
+ free(delfamily);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_remove(TSS_HDELFAMILY hFamily, TSS_HOBJECT hObject)
+{
+ TSS_HCONTEXT hContext;
+ TSS_RESULT result;
+
+ if (obj_is_tpm(hObject)) {
+ if ((result = obj_tpm_get_tsp_context((TSS_HTPM)hObject, &hContext)))
+ return result;
+ } else
+ hContext = (TSS_HCONTEXT)hObject;
+
+ if ((result = obj_list_remove(&delfamily_list, &delfamily_free, hFamily, hContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+void
+obj_delfamily_find_by_familyid(TSS_HOBJECT hObject, UINT32 familyID, TSS_HDELFAMILY *hFamily)
+{
+ TSS_HCONTEXT hContext;
+ struct tsp_object *obj;
+ struct obj_list *list = &delfamily_list;
+ struct tr_delfamily_obj *delfamily;
+
+ pthread_mutex_lock(&list->lock);
+
+ *hFamily = NULL_HDELFAMILY;
+
+ if (obj_is_tpm(hObject)) {
+ if (obj_tpm_get_tsp_context((TSS_HTPM)hObject, &hContext)) {
+ pthread_mutex_unlock(&list->lock);
+ return;
+ }
+ } else
+ hContext = (TSS_HCONTEXT)hObject;
+
+ for (obj = list->head; obj; obj = obj->next) {
+ if (obj->tspContext != hContext)
+ continue;
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+ if (delfamily->familyID == familyID) {
+ *hFamily = obj->handle;
+ break;
+ }
+ }
+
+ pthread_mutex_unlock(&list->lock);
+}
+
+TSS_RESULT
+obj_delfamily_get_tsp_context(TSS_HDELFAMILY hFamily, TSS_HCONTEXT *hContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *hContext = obj->tspContext;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_set_locked(TSS_HDELFAMILY hFamily, TSS_BOOL state, TSS_BOOL setInTpm)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+ TSS_HTPM hTpm;
+ UINT32 opDataSize;
+ BYTE opData[8];
+ UINT32 outDataSize;
+ BYTE *outData = NULL;
+ UINT64 offset;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ if (setInTpm) {
+ if ((result = obj_tpm_get(obj->tspContext, &hTpm)))
+ goto done;
+
+ offset = 0;
+ Trspi_LoadBlob_BOOL(&offset, state, opData);
+ opDataSize = offset;
+ if ((result = do_delegate_manage(hTpm, delfamily->familyID, TPM_FAMILY_ADMIN,
+ opDataSize, opData, &outDataSize, &outData)))
+ goto done;
+ }
+
+ if (state)
+ delfamily->stateFlags |= TSS_DELFAMILY_FLAGS_STATE_LOCKED;
+ else
+ delfamily->stateFlags &= ~TSS_DELFAMILY_FLAGS_STATE_LOCKED;
+
+done:
+ obj_list_put(&delfamily_list);
+
+ free(outData);
+
+ return result;
+}
+
+TSS_RESULT
+obj_delfamily_get_locked(TSS_HDELFAMILY hFamily, TSS_BOOL *state)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ *state = (delfamily->stateFlags & TSS_DELFAMILY_FLAGS_STATE_LOCKED) ? TRUE : FALSE;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_set_enabled(TSS_HDELFAMILY hFamily, TSS_BOOL state, TSS_BOOL setInTpm)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+ TSS_HTPM hTpm;
+ UINT32 opDataSize;
+ BYTE opData[8];
+ UINT32 outDataSize;
+ BYTE *outData = NULL;
+ UINT64 offset;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ if (setInTpm) {
+ if ((result = obj_tpm_get(obj->tspContext, &hTpm)))
+ goto done;
+
+ offset = 0;
+ Trspi_LoadBlob_BOOL(&offset, state, opData);
+ opDataSize = offset;
+ if ((result = do_delegate_manage(hTpm, delfamily->familyID, TPM_FAMILY_ENABLE,
+ opDataSize, opData, &outDataSize, &outData)))
+ goto done;
+ }
+
+ if (state)
+ delfamily->stateFlags |= TSS_DELFAMILY_FLAGS_STATE_ENABLED;
+ else
+ delfamily->stateFlags &= ~TSS_DELFAMILY_FLAGS_STATE_ENABLED;
+
+done:
+ obj_list_put(&delfamily_list);
+
+ free(outData);
+
+ return result;
+}
+
+TSS_RESULT
+obj_delfamily_get_enabled(TSS_HDELFAMILY hFamily, TSS_BOOL *state)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ *state = (delfamily->stateFlags & TSS_DELFAMILY_FLAGS_STATE_ENABLED) ? TRUE : FALSE;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_set_vercount(TSS_HDELFAMILY hFamily, UINT32 verCount)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ delfamily->verCount = verCount;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_get_vercount(TSS_HDELFAMILY hFamily, UINT32 *verCount)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ *verCount = delfamily->verCount;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_set_familyid(TSS_HDELFAMILY hFamily, UINT32 familyID)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ delfamily->familyID = familyID;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_get_familyid(TSS_HDELFAMILY hFamily, UINT32 *familyID)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ *familyID = delfamily->familyID;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_set_label(TSS_HDELFAMILY hFamily, BYTE label)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ delfamily->label = label;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_delfamily_get_label(TSS_HDELFAMILY hFamily, BYTE *label)
+{
+ struct tsp_object *obj;
+ struct tr_delfamily_obj *delfamily;
+
+ if ((obj = obj_list_get_obj(&delfamily_list, hFamily)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ delfamily = (struct tr_delfamily_obj *)obj->data;
+
+ *label = delfamily->label;
+
+ obj_list_put(&delfamily_list);
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_encdata.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_encdata.c
new file mode 100644
index 0000000..c14062c
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_encdata.c
@@ -0,0 +1,490 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+TSS_RESULT
+obj_encdata_add(TSS_HCONTEXT tspContext, UINT32 type, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_encdata_obj *encdata = calloc(1, sizeof(struct tr_encdata_obj));
+
+ if (encdata == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct tr_encdata_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ /* add usage policy */
+ if ((result = obj_context_get_policy(tspContext, TSS_POLICY_USAGE,
+ &encdata->usagePolicy))) {
+ free(encdata);
+ return result;
+ }
+
+ encdata->type = type;
+
+ if ((result = obj_list_add(&encdata_list, tspContext, 0, encdata, phObject))) {
+ free(encdata);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_encdata(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&encdata_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&encdata_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_encdata_get_tsp_context(TSS_HENCDATA hEncdata, TSS_HCONTEXT *tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncdata)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&encdata_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_encdata_get_policy(TSS_HENCDATA hEncData, UINT32 policyType, TSS_HPOLICY *phPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ *phPolicy = encdata->usagePolicy;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_encdata_set_policy(TSS_HENCDATA hEncData, TSS_HPOLICY hPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ UINT32 policyType;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((result = obj_policy_get_type(hPolicy, &policyType)))
+ return result;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ encdata->usagePolicy = hPolicy;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_encdata_get_data(TSS_HENCDATA hEncData, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ if (encdata->encryptedDataLength == 0) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ } else {
+ *data = calloc_tspi(obj->tspContext, encdata->encryptedDataLength);
+ if (*data == NULL) {
+ LogError("malloc of %d bytes failed.",
+ encdata->encryptedDataLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = encdata->encryptedDataLength;
+ memcpy(*data, encdata->encryptedData, *size);
+ }
+
+done:
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_encdata_get_pcr_digest(TSS_HENCDATA hEncData,
+ TSS_FLAG pcrInfoType,
+ TSS_FLAG dir,
+ UINT32 *size,
+ BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_DIGEST *digest;
+ UINT64 offset;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ if (pcrInfoType != encdata->pcrInfoType) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ switch (pcrInfoType) {
+ case TSS_PCRS_STRUCT_INFO:
+ if (dir == TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATCREATION)
+ digest = &encdata->pcrInfo.info11.digestAtCreation;
+ else if (dir == TSS_TSPATTRIB_ENCDATAPCR_DIGEST_ATRELEASE)
+ digest = &encdata->pcrInfo.info11.digestAtRelease;
+ else {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ if (dir == TSS_TSPATTRIB_ENCDATAPCRLONG_DIGEST_ATCREATION)
+ digest = &encdata->pcrInfo.infolong.digestAtCreation;
+ else if (dir == TSS_TSPATTRIB_ENCDATAPCRLONG_DIGEST_ATRELEASE)
+ digest = &encdata->pcrInfo.infolong.digestAtRelease;
+ else {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ *size = sizeof(TPM_DIGEST);
+
+ if ((*data = calloc_tspi(obj->tspContext, *size)) == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ *size = 0;
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_DIGEST(&offset, *data, digest);
+done:
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_encdata_get_pcr_locality(TSS_HENCDATA hEncData, TSS_FLAG dir, UINT32 *locality)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ if (encdata->pcrInfoType == TSS_PCRS_STRUCT_INFO_LONG) {
+ if (dir == TSS_TSPATTRIB_ENCDATAPCRLONG_LOCALITY_ATCREATION)
+ *locality = encdata->pcrInfo.infolong.localityAtCreation;
+ else if (dir == TSS_TSPATTRIB_ENCDATAPCRLONG_LOCALITY_ATRELEASE)
+ *locality = encdata->pcrInfo.infolong.localityAtRelease;
+ else
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_encdata_get_pcr_selection(TSS_HENCDATA hEncData,
+ TSS_FLAG pcrInfoType,
+ TSS_FLAG dir,
+ UINT32 *size,
+ BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_SELECTION *selection = NULL;
+ UINT64 offset;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ if (pcrInfoType != encdata->pcrInfoType) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ switch (pcrInfoType) {
+ case TSS_PCRS_STRUCT_INFO:
+ if (dir == TSS_TSPATTRIB_ENCDATAPCR_SELECTION)
+ selection = &encdata->pcrInfo.info11.pcrSelection;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ if (dir == TSS_TSPATTRIB_ENCDATAPCRLONG_CREATION_SELECTION)
+ selection = &encdata->pcrInfo.infolong.creationPCRSelection;
+ else if (dir == TSS_TSPATTRIB_ENCDATAPCRLONG_RELEASE_SELECTION)
+ selection = &encdata->pcrInfo.infolong.releasePCRSelection;
+ else {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ if (selection == NULL) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ *size = sizeof(UINT16) + selection->sizeOfSelect;
+
+ if ((*data = calloc_tspi(obj->tspContext, *size)) == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ *size = 0;
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_SELECTION(&offset, *data, selection);
+done:
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_encdata_set_pcr_info(TSS_HENCDATA hEncData, UINT32 pcrInfoType, BYTE *info_blob)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 offset = 0;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ switch (pcrInfoType) {
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ result = Trspi_UnloadBlob_PCR_INFO_LONG(&offset, info_blob,
+ &encdata->pcrInfo.infolong);
+ break;
+ case TSS_PCRS_STRUCT_INFO:
+ result = Trspi_UnloadBlob_PCR_INFO(&offset, info_blob,
+ &encdata->pcrInfo.info11);
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ encdata->pcrInfoType = pcrInfoType;
+
+ /* XXX are we using this anywhere? */
+ obj->flags |= TSS_OBJ_FLAG_PCRS;
+done:
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_encdata_set_data(TSS_HENCDATA hEncData, UINT32 size, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ free(encdata->encryptedData);
+ encdata->encryptedData = NULL;
+ encdata->encryptedDataLength = 0;
+
+ if (size > 0) {
+ if ((encdata->encryptedData = malloc(size)) == NULL) {
+ LogError("malloc of %u bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ encdata->encryptedDataLength = size;
+ memcpy(encdata->encryptedData, data, size);
+ }
+
+done:
+ obj_list_put(&encdata_list);
+
+ return result;
+}
+
+void
+encdata_free(void *data)
+{
+ struct tr_encdata_obj *encdata = (struct tr_encdata_obj *)data;
+
+ free(encdata->encryptedData);
+
+ switch (encdata->pcrInfoType) {
+ case TSS_PCRS_STRUCT_INFO:
+ free(encdata->pcrInfo.info11.pcrSelection.pcrSelect);
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ free(encdata->pcrInfo.infolong.creationPCRSelection.pcrSelect);
+ free(encdata->pcrInfo.infolong.releasePCRSelection.pcrSelect);
+ break;
+ default:
+ /* no PCR data was set */
+ break;
+ }
+
+ free(encdata);
+}
+
+/* remove an individual encdata object from the encdata list with handle
+ * equal to hObject */
+TSS_RESULT
+obj_encdata_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&encdata_list, &encdata_free, hObject, tspContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+void
+obj_encdata_remove_policy_refs(TSS_HPOLICY hPolicy, TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj;
+ struct obj_list *list = &encdata_list;
+ struct tr_encdata_obj *encdata;
+
+ pthread_mutex_lock(&list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ if (obj->tspContext != tspContext)
+ continue;
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+ if (encdata->usagePolicy == hPolicy)
+ encdata->usagePolicy = NULL_HPOLICY;
+ }
+
+ pthread_mutex_unlock(&list->lock);
+}
+
+#ifdef TSS_BUILD_SEALX
+TSS_RESULT
+obj_encdata_set_seal_protect_mode(TSS_HENCDATA hEncData, UINT32 protectMode)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ encdata->protectMode = protectMode;
+
+ obj_list_put(&encdata_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_encdata_get_seal_protect_mode(TSS_HENCDATA hEncData, UINT32 *protectMode)
+{
+ struct tsp_object *obj;
+ struct tr_encdata_obj *encdata;
+
+ if ((obj = obj_list_get_obj(&encdata_list, hEncData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ encdata = (struct tr_encdata_obj *)obj->data;
+
+ *protectMode = encdata->protectMode;
+
+ obj_list_put(&encdata_list);
+
+ return TSS_SUCCESS;
+}
+#endif
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_hash.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_hash.c
new file mode 100644
index 0000000..0925a81
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_hash.c
@@ -0,0 +1,227 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+TSS_RESULT
+obj_hash_add(TSS_HCONTEXT tspContext, UINT32 type, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_hash_obj *hash = calloc(1, sizeof(struct tr_hash_obj));
+
+ if (hash == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct tr_hash_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((type == TSS_HASH_SHA1) ||
+ (type == TSS_HASH_DEFAULT)) {
+ hash->type = TSS_HASH_SHA1;
+ hash->hashSize = 20;
+ } else if (type == TSS_HASH_OTHER) {
+ hash->type = TSS_HASH_OTHER;
+ hash->hashSize = 0;
+ }
+
+ if ((result = obj_list_add(&hash_list, tspContext, 0, hash, phObject))) {
+ free(hash);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_hash(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&hash_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&hash_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_hash_get_tsp_context(TSS_HHASH hHash, TSS_HCONTEXT *tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&hash_list, hHash)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&hash_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_hash_set_value(TSS_HHASH hHash, UINT32 size, BYTE *value)
+{
+ struct tsp_object *obj;
+ struct tr_hash_obj *hash;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&hash_list, hHash)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ hash = (struct tr_hash_obj *)obj->data;
+
+ if (hash->type != TSS_HASH_OTHER &&
+ size != TCPA_SHA1_160_HASH_LEN) {
+ result = TSPERR(TSS_E_HASH_INVALID_LENGTH);
+ goto done;
+ }
+
+ free(hash->hashData);
+
+ if ((hash->hashData = calloc(1, size)) == NULL) {
+ LogError("malloc of %d bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ hash->hashSize = size;
+ memcpy(hash->hashData, value, size);
+
+done:
+ obj_list_put(&hash_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_hash_get_value(TSS_HHASH hHash, UINT32 *size, BYTE **value)
+{
+ struct tsp_object *obj;
+ struct tr_hash_obj *hash;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&hash_list, hHash)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ hash = (struct tr_hash_obj *)obj->data;
+
+ if (hash->hashData == NULL) {
+ result = TSPERR(TSS_E_HASH_NO_DATA);
+ goto done;
+ }
+
+ if ((*value = calloc_tspi(obj->tspContext, hash->hashSize)) == NULL) {
+ LogError("malloc of %d bytes failed.", hash->hashSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = hash->hashSize;
+ memcpy(*value, hash->hashData, *size);
+
+done:
+ obj_list_put(&hash_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_hash_update_value(TSS_HHASH hHash, UINT32 size, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_hash_obj *hash;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&hash_list, hHash)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ hash = (struct tr_hash_obj *)obj->data;
+
+ if (hash->type != TSS_HASH_SHA1 &&
+ hash->type != TSS_HASH_DEFAULT) {
+ result = TSPERR(TSS_E_FAIL);
+ goto done;
+ }
+
+ if (hash->hashUpdateBuffer == NULL) {
+ hash->hashUpdateBuffer = calloc(1, size);
+ if (hash->hashUpdateBuffer == NULL) {
+ LogError("malloc of %u bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else {
+ hash->hashUpdateBuffer = realloc(hash->hashUpdateBuffer,
+ size + hash->hashUpdateSize);
+
+ if (hash->hashUpdateBuffer == NULL) {
+ LogError("malloc of %u bytes failed.", size + hash->hashUpdateSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ }
+
+ memcpy(&hash->hashUpdateBuffer[hash->hashUpdateSize], data, size);
+ hash->hashUpdateSize += size;
+
+ if (hash->hashData == NULL) {
+ hash->hashData = calloc(1, TCPA_SHA1_160_HASH_LEN);
+ if (hash->hashData == NULL) {
+ LogError("malloc of %d bytes failed.", TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ }
+
+ result = Trspi_Hash(TSS_HASH_SHA1, hash->hashUpdateSize, hash->hashUpdateBuffer,
+ hash->hashData);
+
+done:
+ obj_list_put(&hash_list);
+
+ return result;
+}
+
+void
+__tspi_hash_free(void *data)
+{
+ struct tr_hash_obj *hash = (struct tr_hash_obj *)data;
+
+ free(hash->hashData);
+ free(hash->hashUpdateBuffer);
+ free(hash);
+}
+
+/*
+ * remove hash object hObject from the list
+ */
+TSS_RESULT
+obj_hash_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&hash_list, &__tspi_hash_free, hObject, tspContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_migdata.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_migdata.c
new file mode 100644
index 0000000..aee4cba
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_migdata.c
@@ -0,0 +1,1124 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+
+void
+migdata_free(void *data)
+{
+ struct tr_migdata_obj *migdata = (struct tr_migdata_obj *)data;
+
+ free(migdata);
+}
+
+TSS_BOOL
+obj_is_migdata(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&migdata_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&migdata_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_migdata_add(TSS_HCONTEXT hContext, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_migdata_obj *migdata = calloc(1, sizeof(struct tr_migdata_obj));
+
+ if (migdata == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tr_migdata_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = obj_list_add(&migdata_list, hContext, 0, migdata, phObject))) {
+ free(migdata);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_migdata_remove(TSS_HMIGDATA hMigData, TSS_HCONTEXT hContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&migdata_list, &migdata_free, hMigData, hContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_migdata_get_tsp_context(TSS_HMIGDATA hMigData, TSS_HCONTEXT *hContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *hContext = obj->tspContext;
+
+ obj_list_put(&migdata_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_migdata_set_migrationblob(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 blobSize, BYTE *blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_MIG_MSALIST_PUBKEY_BLOB:
+ result = obj_migdata_set_msa_pubkey(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_MIG_AUTHORITY_PUBKEY_BLOB:
+ result = obj_migdata_set_ma_pubkey(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_MIG_DESTINATION_PUBKEY_BLOB:
+ result = obj_migdata_set_dest_pubkey(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_MIG_SOURCE_PUBKEY_BLOB:
+ result = obj_migdata_set_src_pubkey(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_migrationblob(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 *blobSize, BYTE **blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_MIG_XOR_BLOB:
+ result = obj_migdata_get_blob(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_authoritydata(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 blobSize, BYTE *blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_AUTHORITY_DIGEST:
+ result = obj_migdata_set_msa_digest(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_AUTHORITY_APPROVAL_HMAC:
+ result = obj_migdata_set_msa_hmac(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_AUTHORITY_MSALIST:
+ result = obj_migdata_set_msa_list(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_authoritydata(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 *blobSize, BYTE **blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_AUTHORITY_DIGEST:
+ result = obj_migdata_get_msa_digest(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_AUTHORITY_APPROVAL_HMAC:
+ result = obj_migdata_get_msa_hmac(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_AUTHORITY_MSALIST:
+ result = obj_migdata_get_msa_list(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_migauthdata(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 blobSize, BYTE *blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_MIG_AUTH_AUTHORITY_DIGEST:
+ result = obj_migdata_set_ma_digest(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_MIG_AUTH_DESTINATION_DIGEST:
+ result = obj_migdata_set_dest_digest(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_MIG_AUTH_SOURCE_DIGEST:
+ result = obj_migdata_set_src_digest(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_migauthdata(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 *blobSize, BYTE **blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_MIG_AUTH_AUTHORITY_DIGEST:
+ result = obj_migdata_get_ma_digest(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_MIG_AUTH_DESTINATION_DIGEST:
+ result = obj_migdata_get_dest_digest(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_MIG_AUTH_SOURCE_DIGEST:
+ result = obj_migdata_get_src_digest(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_ticketdata(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 blobSize, BYTE *blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_TICKET_SIG_DIGEST:
+ result = obj_migdata_set_sig_data(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_TICKET_SIG_VALUE:
+ result = obj_migdata_set_sig_value(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_TICKET_SIG_TICKET:
+ result = obj_migdata_set_sig_ticket(hMigData, blobSize, blob);
+ break;
+ case TSS_MIGATTRIB_TICKET_RESTRICT_TICKET:
+ result = obj_migdata_set_cmk_auth(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_ticketdata(TSS_HMIGDATA hMigData, UINT32 whichOne, UINT32 *blobSize, BYTE **blob)
+{
+ TSS_RESULT result;
+
+ switch (whichOne) {
+ case TSS_MIGATTRIB_TICKET_SIG_TICKET:
+ result = obj_migdata_get_sig_ticket(hMigData, blobSize, blob);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_ticket_blob(TSS_HMIGDATA hMigData, UINT32 migTicketSize, BYTE *migTicket)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ migdata->migTicketSize = 0;
+ free(migdata->migTicket);
+ if ((migdata->migTicket = malloc(migTicketSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", migTicketSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(migdata->migTicket, migTicket, migTicketSize);
+ migdata->migTicketSize = migTicketSize;
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_ticket_blob(TSS_HMIGDATA hMigData, UINT32 *migTicketSize, BYTE **migTicket)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*migTicket = calloc_tspi(obj->tspContext, migdata->migTicketSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", migdata->migTicketSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*migTicket, migdata->migTicket, migdata->migTicketSize);
+ *migTicketSize = migdata->migTicketSize;
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_msa_list(TSS_HMIGDATA hMigData, UINT32 msaListSize, BYTE *msaList)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ UINT32 i, count, size;
+ TPM_DIGEST *digest;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ count = msaListSize / sizeof(digest->digest);
+ size = count * sizeof(*digest);
+
+ migdata->msaList.MSAlist = 0;
+ free(migdata->msaList.migAuthDigest);
+ if ((migdata->msaList.migAuthDigest = malloc(size)) == NULL) {
+ LogError("malloc of %u bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ digest = migdata->msaList.migAuthDigest;
+ for (i = 0; i < count; i++) {
+ memcpy(digest->digest, msaList, sizeof(digest->digest));
+ msaList += sizeof(digest->digest);
+ digest++;
+ }
+ migdata->msaList.MSAlist = count;
+
+ result = obj_migdata_calc_msa_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_msa_list(TSS_HMIGDATA hMigData, UINT32 *size, BYTE **msaList)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ UINT32 i;
+ TPM_DIGEST *digest;
+ BYTE *tmpMsaList;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ *size = migdata->msaList.MSAlist * sizeof(migdata->msaList.migAuthDigest->digest);
+ if ((*msaList = calloc_tspi(obj->tspContext, *size)) == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ tmpMsaList = *msaList;
+ digest = migdata->msaList.migAuthDigest;
+ for (i = 0; i < migdata->msaList.MSAlist; i++) {
+ memcpy(tmpMsaList, digest->digest, sizeof(digest->digest));
+ tmpMsaList += sizeof(digest->digest);
+ digest++;
+ }
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_msa_pubkey(TSS_HMIGDATA hMigData, UINT32 blobSize, BYTE *pubKeyBlob)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ UINT32 size;
+ TPM_DIGEST msaDigest;
+ TPM_DIGEST *digest;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((result = obj_migdata_calc_pubkey_digest(blobSize, pubKeyBlob, &msaDigest)))
+ goto done;
+
+ size = (migdata->msaList.MSAlist + 1) * sizeof(*digest);
+ if ((migdata->msaList.migAuthDigest = realloc(migdata->msaList.migAuthDigest, size)) == NULL) {
+ LogError("malloc of %u bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ digest = migdata->msaList.migAuthDigest + migdata->msaList.MSAlist;
+ *digest = msaDigest;
+ migdata->msaList.MSAlist++;
+
+ result = obj_migdata_calc_msa_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_msa_digest(TSS_HMIGDATA hMigData, UINT32 digestSize, BYTE *digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (digestSize != sizeof(migdata->msaDigest.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->msaDigest.digest, digest, sizeof(migdata->msaDigest.digest));
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_msa_digest(TSS_HMIGDATA hMigData, UINT32 *digestSize, BYTE **digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*digest = calloc_tspi(obj->tspContext, sizeof(migdata->msaDigest.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(migdata->msaDigest.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*digest, migdata->msaDigest.digest, sizeof(migdata->msaDigest.digest));
+ *digestSize = sizeof(migdata->msaDigest.digest);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_msa_list_blob(TSS_HMIGDATA hMigData, UINT32 *blobSize, BYTE **msaListBlob)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ UINT64 offset;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ offset = 0;
+ Trspi_LoadBlob_MSA_COMPOSITE(&offset, NULL, &migdata->msaList);
+
+ *blobSize = offset;
+ if ((*msaListBlob = calloc_tspi(obj->tspContext, *blobSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", *blobSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ offset = 0;
+ Trspi_LoadBlob_MSA_COMPOSITE(&offset, *msaListBlob, &migdata->msaList);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_msa_hmac(TSS_HMIGDATA hMigData, UINT32 hmacSize, BYTE *hmac)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (hmacSize != sizeof(migdata->msaHmac.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->msaHmac.digest, hmac, sizeof(migdata->msaHmac.digest));
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_msa_hmac(TSS_HMIGDATA hMigData, UINT32 *hmacSize, BYTE **hmac)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*hmac = calloc_tspi(obj->tspContext, sizeof(migdata->msaHmac.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(migdata->msaHmac.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*hmac, migdata->msaHmac.digest, sizeof(migdata->msaHmac.digest));
+ *hmacSize = sizeof(migdata->msaHmac.digest);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_ma_pubkey(TSS_HMIGDATA hMigData, UINT32 blobSize, BYTE *pubKeyBlob)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TPM_DIGEST pubKeyDigest;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((result = obj_migdata_calc_pubkey_digest(blobSize, pubKeyBlob, &pubKeyDigest)))
+ goto done;
+
+ migdata->maDigest = pubKeyDigest;
+
+ obj_migdata_calc_sig_data_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_ma_digest(TSS_HMIGDATA hMigData, UINT32 digestSize, BYTE *digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (digestSize != sizeof(migdata->maDigest.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->maDigest.digest, digest, sizeof(migdata->maDigest.digest));
+
+ obj_migdata_calc_sig_data_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_ma_digest(TSS_HMIGDATA hMigData, UINT32 *digestSize, BYTE **digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*digest = calloc_tspi(obj->tspContext, sizeof(migdata->maDigest.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(migdata->maDigest.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*digest, migdata->maDigest.digest, sizeof(migdata->maDigest.digest));
+ *digestSize = sizeof(migdata->maDigest.digest);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_dest_pubkey(TSS_HMIGDATA hMigData, UINT32 blobSize, BYTE *pubKeyBlob)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TPM_DIGEST pubKeyDigest;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((result = obj_migdata_calc_pubkey_digest(blobSize, pubKeyBlob, &pubKeyDigest)))
+ goto done;
+
+ migdata->destDigest = pubKeyDigest;
+
+ obj_migdata_calc_sig_data_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_dest_digest(TSS_HMIGDATA hMigData, UINT32 digestSize, BYTE *digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (digestSize != sizeof(migdata->destDigest.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->destDigest.digest, digest, sizeof(migdata->destDigest.digest));
+
+ obj_migdata_calc_sig_data_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_dest_digest(TSS_HMIGDATA hMigData, UINT32 *digestSize, BYTE **digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*digest = calloc_tspi(obj->tspContext, sizeof(migdata->destDigest.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(migdata->destDigest.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*digest, migdata->destDigest.digest, sizeof(migdata->destDigest.digest));
+ *digestSize = sizeof(migdata->destDigest.digest);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_src_pubkey(TSS_HMIGDATA hMigData, UINT32 blobSize, BYTE *pubKeyBlob)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TPM_DIGEST pubKeyDigest;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((result = obj_migdata_calc_pubkey_digest(blobSize, pubKeyBlob, &pubKeyDigest)))
+ goto done;
+
+ migdata->srcDigest = pubKeyDigest;
+
+ obj_migdata_calc_sig_data_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_src_digest(TSS_HMIGDATA hMigData, UINT32 digestSize, BYTE *digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (digestSize != sizeof(migdata->srcDigest.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->srcDigest.digest, digest, sizeof(migdata->srcDigest.digest));
+
+ obj_migdata_calc_sig_data_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_src_digest(TSS_HMIGDATA hMigData, UINT32 *digestSize, BYTE **digest)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*digest = calloc_tspi(obj->tspContext, sizeof(migdata->srcDigest.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(migdata->srcDigest.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*digest, migdata->srcDigest.digest, sizeof(migdata->srcDigest.digest));
+ *digestSize = sizeof(migdata->srcDigest.digest);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_cmk_auth(TSS_HMIGDATA hMigData, UINT32 digestsSize, BYTE *digests)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (digestsSize != (sizeof(migdata->maDigest.digest) +
+ sizeof(migdata->destDigest.digest) +
+ sizeof(migdata->srcDigest.digest))) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->maDigest.digest, digests, sizeof(migdata->maDigest.digest));
+ digests += sizeof(migdata->maDigest.digest);
+ memcpy(migdata->destDigest.digest, digests, sizeof(migdata->destDigest.digest));
+ digests += sizeof(migdata->destDigest.digest);
+ memcpy(migdata->srcDigest.digest, digests, sizeof(migdata->srcDigest.digest));
+
+ obj_migdata_calc_sig_data_digest(migdata);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_cmk_auth(TSS_HMIGDATA hMigData, TPM_CMK_AUTH *cmkAuth)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ cmkAuth->migrationAuthorityDigest = migdata->maDigest;
+ cmkAuth->destinationKeyDigest = migdata->destDigest;
+ cmkAuth->sourceKeyDigest = migdata->srcDigest;
+
+ obj_list_put(&migdata_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_migdata_get_cmk_auth_blob(TSS_HMIGDATA hMigData, UINT32 *blobSize, BYTE **cmkAuthBlob)
+{
+ struct tsp_object *obj;
+ TPM_CMK_AUTH cmkAuth;
+ UINT64 offset;
+ TSS_RESULT result;
+
+ if ((result = obj_migdata_get_cmk_auth(hMigData, &cmkAuth)))
+ return result;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ offset = 0;
+ Trspi_LoadBlob_CMK_AUTH(&offset, NULL, &cmkAuth);
+
+ *blobSize = offset;
+ if ((*cmkAuthBlob = calloc_tspi(obj->tspContext, *blobSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", *blobSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ offset = 0;
+ Trspi_LoadBlob_CMK_AUTH(&offset, *cmkAuthBlob, &cmkAuth);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_sig_data(TSS_HMIGDATA hMigData, UINT32 sigDataSize, BYTE *sigData)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (sigDataSize != sizeof(migdata->sigData.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->sigData.digest, sigData, sizeof(migdata->sigData.digest));
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_sig_data(TSS_HMIGDATA hMigData, UINT32 *sigDataSize, BYTE **sigData)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*sigData = calloc_tspi(obj->tspContext, sizeof(migdata->sigData.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(migdata->sigData.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*sigData, migdata->sigData.digest, sizeof(migdata->sigData.digest));
+ *sigDataSize = sizeof(migdata->sigData.digest);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_sig_value(TSS_HMIGDATA hMigData, UINT32 sigValueSize, BYTE *sigValue)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ migdata->sigValueSize = 0;
+ free(migdata->sigValue);
+ if ((migdata->sigValue = malloc(sigValueSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", sigValueSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(migdata->sigValue, sigValue, sigValueSize);
+ migdata->sigValueSize = sigValueSize;
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_sig_value(TSS_HMIGDATA hMigData, UINT32 *sigValueSize, BYTE **sigValue)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*sigValue = calloc_tspi(obj->tspContext, migdata->sigValueSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", migdata->sigValueSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*sigValue, migdata->sigValue, migdata->sigValueSize);
+ *sigValueSize = migdata->sigValueSize;
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_sig_ticket(TSS_HMIGDATA hMigData, UINT32 sigTicketSize, BYTE *sigTicket)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if (sigTicketSize != sizeof(migdata->sigTicket.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(migdata->sigTicket.digest, sigTicket, sizeof(migdata->sigTicket.digest));
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_sig_ticket(TSS_HMIGDATA hMigData, UINT32 *sigTicketSize, BYTE **sigTicket)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*sigTicket = calloc_tspi(obj->tspContext, sizeof(migdata->sigTicket.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(migdata->sigTicket.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*sigTicket, migdata->sigTicket.digest, sizeof(migdata->sigTicket.digest));
+ *sigTicketSize = sizeof(migdata->sigTicket.digest);
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_set_blob(TSS_HMIGDATA hMigData, UINT32 blobSize, BYTE *blob)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ migdata->blobSize = 0;
+ free(migdata->blob);
+ if ((migdata->blob = malloc(blobSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", blobSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(migdata->blob, blob, blobSize);
+ migdata->blobSize = blobSize;
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_get_blob(TSS_HMIGDATA hMigData, UINT32 *blobSize, BYTE **blob)
+{
+ struct tsp_object *obj;
+ struct tr_migdata_obj *migdata;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&migdata_list, hMigData)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ migdata = (struct tr_migdata_obj *)obj->data;
+
+ if ((*blob = calloc_tspi(obj->tspContext, migdata->blobSize)) == NULL) {
+ LogError("malloc of %u bytes failed.", migdata->blobSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*blob, migdata->blob, migdata->blobSize);
+ *blobSize = migdata->blobSize;
+
+done:
+ obj_list_put(&migdata_list);
+
+ return result;
+}
+
+
+TSS_RESULT
+obj_migdata_calc_pubkey_digest(UINT32 blobSize, BYTE *blob, TPM_DIGEST *digest)
+{
+ Trspi_HashCtx hashCtx;
+ TSS_RESULT result;
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_HashUpdate(&hashCtx, blobSize, blob);
+ result |= Trspi_HashFinal(&hashCtx, digest->digest);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_calc_msa_digest(struct tr_migdata_obj *migdata)
+{
+ Trspi_HashCtx hashCtx;
+ TSS_RESULT result;
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_MSA_COMPOSITE(&hashCtx, &migdata->msaList);
+ result |= Trspi_HashFinal(&hashCtx, migdata->msaDigest.digest);
+
+ return result;
+}
+
+TSS_RESULT
+obj_migdata_calc_sig_data_digest(struct tr_migdata_obj *migdata)
+{
+ Trspi_HashCtx hashCtx;
+ TSS_RESULT result;
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_DIGEST(&hashCtx, migdata->maDigest.digest);
+ result |= Trspi_Hash_DIGEST(&hashCtx, migdata->destDigest.digest);
+ result |= Trspi_Hash_DIGEST(&hashCtx, migdata->srcDigest.digest);
+ result |= Trspi_HashFinal(&hashCtx, migdata->sigData.digest);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_nv.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_nv.c
new file mode 100644
index 0000000..9d394f2
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_nv.c
@@ -0,0 +1,732 @@
+/*
+ * The Initial Developer of the Original Code is Intel Corporation.
+ * Portions created by Intel Corporation are Copyright (C) 2007 Intel Corporation.
+ * All Rights Reserved.
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * Author: [email protected] [email protected]
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+TSS_RESULT
+obj_nvstore_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_nvstore_obj *nvstore = calloc(1, sizeof(struct tr_nvstore_obj));
+
+ if (nvstore == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct tr_nvstore_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = obj_list_add(&nvstore_list, tspContext, 0, nvstore, phObject))) {
+ free(nvstore);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_nvstore(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&nvstore_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&nvstore_list);
+ }
+
+ return answer;
+}
+
+void
+nvstore_free(void *data)
+{
+ struct tr_nvstore_obj *nvstore = (struct tr_nvstore_obj *)data;
+
+ free(nvstore);
+}
+
+TSS_RESULT
+obj_nvstore_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&nvstore_list, &nvstore_free, hObject, tspContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_nvstore_get_tsp_context(TSS_HNVSTORE hNvstore, TSS_HCONTEXT * tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&nvstore_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_nvstore_set_index(TSS_HNVSTORE hNvstore, UINT32 index)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ TSS_RESULT result=TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ nvstore->nvIndex = index;
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_index(TSS_HNVSTORE hNvstore, UINT32 * index)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ TSS_RESULT result=TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ *index = nvstore->nvIndex;
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_set_datasize(TSS_HNVSTORE hNvstore, UINT32 datasize)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ TSS_RESULT result=TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ nvstore->dataSize= datasize;
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_datasize(TSS_HNVSTORE hNvstore, UINT32 * datasize)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ TSS_RESULT result=TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ *datasize = nvstore->dataSize;
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_set_permission(TSS_HNVSTORE hNvstore, UINT32 permission)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ TSS_RESULT result=TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ nvstore->permission.attributes= permission;
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_permission_from_tpm(TSS_HNVSTORE hNvstore, UINT32 * permission)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE] = {0};
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ UINT16 pcrwrite_sizeOfSelect;
+ TPM_NV_ATTRIBUTES nv_attributes_value;
+ TSS_HCONTEXT tspContext;
+ TSS_RESULT result;
+
+ if((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ if ((result = obj_nvstore_get_tsp_context(hNvstore, &tspContext)))
+ return result;
+
+ offset = 0;
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+ pcrwrite_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+
+ offset = offset + sizeof(UINT16) + pcrwrite_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+
+ nv_attributes_value.attributes = Decode_UINT32(nv_data_public
+ + offset + sizeof(TPM_STRUCTURE_TAG));
+ *permission = nv_attributes_value.attributes;
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_permission(TSS_HNVSTORE hNvstore, UINT32 * permission)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ TSS_RESULT result=TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ *permission = nvstore->permission.attributes;
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_set_policy(TSS_HNVSTORE hNvstore, TSS_HPOLICY hPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ UINT32 policyType;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((result = obj_policy_get_type(hPolicy, &policyType)))
+ return result;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ nvstore->policy = hPolicy;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_policy(TSS_HNVSTORE hNvstore, UINT32 policyType, TSS_HPOLICY *phPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_nvstore_obj *nvstore;
+ TSS_RESULT result=TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ *phPolicy = nvstore->policy;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&nvstore_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_datapublic(TSS_HNVSTORE hNvstore, UINT32 *size, BYTE *nv_data_public)
+{
+ struct tsp_object *obj;
+ TSS_HCONTEXT hContext;
+ TSS_HTPM hTpm;
+ TSS_RESULT result;
+ struct tr_nvstore_obj *nvstore;
+ UINT32 uiResultLen;
+ BYTE *pResult;
+ UINT32 i;
+ TPM_BOOL defined_index = FALSE;
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ hContext = obj->tspContext;
+ nvstore = (struct tr_nvstore_obj *)obj->data;
+
+ if ((result = obj_tpm_get(hContext, &hTpm)))
+ goto out;
+
+ if ((result = Tspi_TPM_GetCapability(hTpm, TSS_TPMCAP_NV_LIST, 0,
+ NULL, &uiResultLen, &pResult))) {
+ goto out;
+ }
+
+ for (i = 0; i < uiResultLen/sizeof(UINT32); i++) {
+ if (nvstore->nvIndex == Decode_UINT32(pResult + i * sizeof(UINT32))) {
+ defined_index = TRUE;
+ break;
+ }
+ }
+
+ free_tspi(hContext, pResult);
+
+ if (!defined_index) {
+ result = TSPERR(TPM_E_BADINDEX);
+ goto out;
+ }
+
+ if ((result = Tspi_TPM_GetCapability(hTpm, TSS_TPMCAP_NV_INDEX,
+ sizeof(UINT32), (BYTE *)(&(nvstore->nvIndex)),
+ &uiResultLen, &pResult))) {
+ LogDebug("get the index capability error");
+ goto out;
+ }
+
+ if (uiResultLen > *size) {
+ free_tspi(hContext, pResult);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto out;
+ }
+ *size = uiResultLen;
+ memcpy(nv_data_public, pResult, uiResultLen);
+ free_tspi(hContext, pResult);
+
+out:
+ obj_list_put(&nvstore_list);
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_readdigestatrelease(TSS_HNVSTORE hNvstore, UINT32 *size, BYTE **data)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ TSS_HCONTEXT tspContext;
+ TSS_RESULT result;
+
+ if((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ if ((result = obj_nvstore_get_tsp_context(hNvstore, &tspContext)))
+ return result;
+
+ *size = sizeof(TPM_COMPOSITE_HASH);
+ *data = calloc_tspi(tspContext, *size);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ return result;
+ }
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect + sizeof(TPM_LOCALITY_SELECTION);
+ memcpy(*data, nv_data_public + offset, sizeof(TPM_COMPOSITE_HASH));
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_readpcrselection(TSS_HNVSTORE hNvstore, UINT32 *size, BYTE **data)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ TSS_HCONTEXT tspContext;
+ TSS_RESULT result;
+
+ if((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ if ((result = obj_nvstore_get_tsp_context(hNvstore, &tspContext)))
+ return result;
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+
+ *size = sizeof(UINT16) + pcrread_sizeOfSelect;
+ *data = calloc_tspi(tspContext, *size);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ return result;
+ }
+
+ memcpy(*data, nv_data_public + offset, *size);
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_writedigestatrelease(TSS_HNVSTORE hNvstore, UINT32 *size, BYTE **data)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ TSS_HCONTEXT tspContext;
+ TSS_RESULT result;
+
+ if ((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ if ((result = obj_nvstore_get_tsp_context(hNvstore, &tspContext)))
+ return result;
+
+ *size = sizeof(TPM_COMPOSITE_HASH);
+ *data = calloc_tspi(tspContext, *size);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ return result;
+ }
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+
+ Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect + sizeof(TPM_LOCALITY_SELECTION);
+ memcpy(*data, nv_data_public + offset, sizeof(TPM_COMPOSITE_HASH));
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_writepcrselection(TSS_HNVSTORE hNvstore, UINT32 *size, BYTE **data)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ UINT16 pcrwrite_sizeOfSelect;
+ TSS_HCONTEXT tspContext;
+ TSS_RESULT result;
+
+ if((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ if ((result = obj_nvstore_get_tsp_context(hNvstore, &tspContext)))
+ return result;
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+ pcrwrite_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+
+ *size = sizeof(UINT16) + pcrwrite_sizeOfSelect;
+ *data = calloc_tspi(tspContext, *size);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ return result;
+ }
+
+ memcpy(*data, nv_data_public + offset, *size);
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_state_readstclear(TSS_HNVSTORE hNvstore, UINT32 * readstclear)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ UINT16 pcrwrite_sizeOfSelect;
+ TPM_BOOL value;
+ TSS_RESULT result;
+
+ if ((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+
+ pcrwrite_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrwrite_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH)
+ + sizeof(TPM_NV_ATTRIBUTES);
+
+ value = *((TPM_BOOL *)(nv_data_public + offset));
+
+ *readstclear = value;
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_state_writedefine(TSS_HNVSTORE hNvstore, UINT32 * writedefine)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ UINT16 pcrwrite_sizeOfSelect;
+ TPM_BOOL value;
+ TSS_RESULT result;
+
+ if ((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+
+ pcrwrite_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrwrite_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH)
+ + sizeof(TPM_NV_ATTRIBUTES)
+ + sizeof(TPM_BOOL)
+ + sizeof(TPM_BOOL);
+
+ value = *((TPM_BOOL *)(nv_data_public + offset));
+
+ *writedefine = value;
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_state_writestclear(TSS_HNVSTORE hNvstore, UINT32 * writestclear)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ UINT16 pcrwrite_sizeOfSelect;
+ TPM_BOOL value;
+ TSS_RESULT result;
+
+ if ((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+
+ pcrwrite_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrwrite_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH)
+ + sizeof(TPM_NV_ATTRIBUTES)
+ + sizeof(TPM_BOOL);
+
+ value = *((TPM_BOOL *)(nv_data_public + offset));
+ *writestclear = value;
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_readlocalityatrelease(TSS_HNVSTORE hNvstore, UINT32 * readlocalityatrelease)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ TPM_LOCALITY_SELECTION locality_value;
+ TSS_RESULT result;
+
+ if ((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect;
+ locality_value = *((TPM_LOCALITY_SELECTION *)(nv_data_public + offset));
+ *readlocalityatrelease = locality_value;
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_get_writelocalityatrelease(TSS_HNVSTORE hNvstore, UINT32 * writelocalityatrelease)
+{
+ BYTE nv_data_public[MAX_PUBLIC_DATA_SIZE];
+ UINT32 data_public_size = MAX_PUBLIC_DATA_SIZE;
+ UINT32 offset;
+ UINT16 pcrread_sizeOfSelect;
+ UINT16 pcrwrite_sizeOfSelect;
+ TPM_LOCALITY_SELECTION locality_value;
+ TSS_RESULT result;
+
+ if ((result = obj_nvstore_get_datapublic(hNvstore, &data_public_size, nv_data_public)))
+ return result;
+
+ offset = sizeof(TPM_STRUCTURE_TAG)+ sizeof(TPM_NV_INDEX);
+ pcrread_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrread_sizeOfSelect
+ + sizeof(TPM_LOCALITY_SELECTION)
+ + sizeof(TPM_COMPOSITE_HASH);
+ pcrwrite_sizeOfSelect = Decode_UINT16(nv_data_public + offset);
+ offset = offset + sizeof(UINT16) + pcrwrite_sizeOfSelect;
+
+ locality_value = *((TPM_LOCALITY_SELECTION *)(nv_data_public + offset));
+ *writelocalityatrelease = locality_value;
+
+ return result;
+}
+
+TSS_RESULT
+obj_nvstore_create_pcrshortinfo(TSS_HNVSTORE hNvstore,
+ TSS_HPCRS hPcrComposite,
+ UINT32 *size,
+ BYTE **data)
+{
+ struct tsp_object *obj;
+ BYTE pdata[MAX_PUBLIC_DATA_SIZE];
+ UINT32 dataLen;
+ UINT64 offset;
+ TSS_HCONTEXT tspContext;
+ TSS_RESULT result = TSS_SUCCESS;
+ BYTE* ppbHashData;
+ UINT32 i;
+ BYTE digAtRelease[TPM_SHA1_160_HASH_LEN] = { 0, };
+ UINT32 tmp_locAtRelease;
+ TPM_LOCALITY_SELECTION locAtRelease = TPM_LOC_ZERO | TPM_LOC_ONE
+ | TPM_LOC_TWO | TPM_LOC_THREE| TPM_LOC_FOUR;
+ BYTE tmp_pcr_select[3] = {0, 0, 0};
+ TCPA_PCR_SELECTION pcrSelect = { 3, tmp_pcr_select};
+
+ if ((obj = obj_list_get_obj(&nvstore_list, hNvstore)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tspContext = obj->tspContext;
+
+ if (hPcrComposite) {
+ if ((result = obj_pcrs_get_selection(hPcrComposite, &dataLen, pdata))) {
+ LogDebug("get_selection error from hReadPcrComposite");
+ goto out;
+ }
+
+ /* the index should not >= 24, so the sizeofselect should not be >3*/
+ if (dataLen - sizeof(UINT16) > 3) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto out;
+ }
+ offset = 0;
+ Trspi_UnloadBlob_PCR_SELECTION(&offset, pdata, &pcrSelect);
+
+ if (pcrSelect.sizeOfSelect != 0) {
+ if ((result = obj_pcrs_get_digest_at_release(hPcrComposite,
+ &dataLen, &ppbHashData))) {
+ LogDebug("get_composite error from hReadPcrComposite");
+ goto out;
+ }
+ memcpy(digAtRelease, ppbHashData, dataLen);
+ free_tspi(tspContext, ppbHashData);
+ } else {
+ pcrSelect.sizeOfSelect = 3;
+ pcrSelect.pcrSelect = tmp_pcr_select;
+ }
+
+ if (pcrSelect.sizeOfSelect < 3) {
+ for (i = 0; i < pcrSelect.sizeOfSelect; i++) {
+ tmp_pcr_select[i] = pcrSelect.pcrSelect[i];
+ }
+ pcrSelect.sizeOfSelect = 3;
+ pcrSelect.pcrSelect = tmp_pcr_select;
+ }
+
+ if ((result = obj_pcrs_get_locality(hPcrComposite, &tmp_locAtRelease)))
+ goto out;
+ locAtRelease = (TPM_LOCALITY_SELECTION)(tmp_locAtRelease & TSS_LOCALITY_MASK);
+ }
+
+ *size = sizeof(UINT16) + 3 + sizeof(TPM_LOCALITY_SELECTION) + TPM_SHA1_160_HASH_LEN;
+ *data = calloc_tspi(tspContext, *size);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto out;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_SELECTION(&offset, *data, &pcrSelect);
+ Trspi_LoadBlob_BYTE(&offset, locAtRelease, *data);
+ Trspi_LoadBlob(&offset, TPM_SHA1_160_HASH_LEN, *data, digAtRelease);
+
+out:
+ obj_list_put(&nvstore_list);
+ return result;
+}
+
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_pcrs.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_pcrs.c
new file mode 100644
index 0000000..4430300
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_pcrs.c
@@ -0,0 +1,906 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+
+TSS_RESULT
+obj_pcrs_add(TSS_HCONTEXT tspContext, UINT32 type, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ UINT32 ver;
+ struct tr_pcrs_obj *pcrs;
+
+ if ((pcrs = calloc(1, sizeof(struct tr_pcrs_obj))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tr_pcrs_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (type == TSS_PCRS_STRUCT_DEFAULT) {
+ if ((result = obj_context_get_connection_version(tspContext, &ver))) {
+ free(pcrs);
+ return result;
+ }
+
+ switch (ver) {
+ case TSS_TSPATTRIB_CONTEXT_VERSION_V1_2:
+ pcrs->type = TSS_PCRS_STRUCT_INFO_LONG;
+ pcrs->info.infolong.localityAtRelease = TSS_LOCALITY_ALL;
+ break;
+ case TSS_TSPATTRIB_CONTEXT_VERSION_V1_1:
+ /* fall through */
+ default:
+ pcrs->type = TSS_PCRS_STRUCT_INFO;
+ break;
+ }
+ } else
+ pcrs->type = type;
+
+ if ((result = obj_list_add(&pcrs_list, tspContext, 0, pcrs, phObject))) {
+ free(pcrs);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+pcrs_free(void *data)
+{
+ struct tr_pcrs_obj *pcrs = (struct tr_pcrs_obj *)data;
+
+ switch (pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ free(pcrs->info.info11.pcrSelection.pcrSelect);
+ free(pcrs->pcrs);
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ free(pcrs->info.infoshort.pcrSelection.pcrSelect);
+ free(pcrs->pcrs);
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ free(pcrs->info.infolong.creationPCRSelection.pcrSelect);
+ free(pcrs->info.infolong.releasePCRSelection.pcrSelect);
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ break;
+ }
+
+ free(pcrs);
+}
+
+TSS_RESULT
+obj_pcrs_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&pcrs_list, &pcrs_free, hObject, tspContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_pcrs(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&pcrs_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&pcrs_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_pcrs_get_tsp_context(TSS_HPCRS hPcrs, TSS_HCONTEXT *tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&pcrs_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_pcrs_get_type(TSS_HPCRS hPcrs, UINT32 *type)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ *type = pcrs->type;
+
+ obj_list_put(&pcrs_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_pcrs_get_selection(TSS_HPCRS hPcrs, UINT32 *size, BYTE *out)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_SELECTION *tmp;
+ UINT64 offset = 0;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch (pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ tmp = &pcrs->info.info11.pcrSelection;
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ tmp = &pcrs->info.infoshort.pcrSelection;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ tmp = &pcrs->info.infolong.creationPCRSelection;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ Trspi_LoadBlob_PCR_SELECTION(&offset, out, tmp);
+ *size = offset;
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_set_values(TSS_HPCRS hPcrs, TPM_PCR_COMPOSITE *pcrComp)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_SELECTION *select = &(pcrComp->select);
+ UINT16 i, val_idx = 0;
+
+ for (i = 0; i < select->sizeOfSelect * 8; i++) {
+ if (select->pcrSelect[i / 8] & (1 << (i % 8))) {
+ if ((result = obj_pcrs_set_value(hPcrs, i, TCPA_SHA1_160_HASH_LEN,
+ (BYTE *)&pcrComp->pcrValue[val_idx])))
+ return result;
+
+ val_idx++;
+ }
+ }
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_set_value(TSS_HPCRS hPcrs, UINT32 idx, UINT32 size, BYTE *value)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_SELECTION *select;
+ TPM_COMPOSITE_HASH *compHash;
+ UINT16 bytes_to_hold = (idx / 8) + 1;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ bytes_to_hold = (bytes_to_hold < 2) ? 2 : bytes_to_hold;
+ select = &pcrs->info.info11.pcrSelection;
+ compHash = &pcrs->info.info11.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ bytes_to_hold = (bytes_to_hold < 3) ? 3 : bytes_to_hold;
+ select = &pcrs->info.infoshort.pcrSelection;
+ compHash = &pcrs->info.infoshort.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ bytes_to_hold = (bytes_to_hold < 3) ? 3 : bytes_to_hold;
+ select = &pcrs->info.infolong.releasePCRSelection;
+ compHash = &pcrs->info.infolong.digestAtRelease;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ break;
+ }
+
+ /* allocate the selection structure */
+ if (select->pcrSelect == NULL) {
+ if ((select->pcrSelect = malloc(bytes_to_hold)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ select->sizeOfSelect = bytes_to_hold;
+ __tspi_memset(select->pcrSelect, 0, bytes_to_hold);
+
+ /* allocate the pcr array */
+ if ((pcrs->pcrs = malloc(bytes_to_hold * 8 *
+ TCPA_SHA1_160_HASH_LEN)) == NULL) {
+ LogError("malloc of %d bytes failed.",
+ bytes_to_hold * 8 * TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else if (select->sizeOfSelect < bytes_to_hold) {
+ if ((select->pcrSelect = realloc(select->pcrSelect, bytes_to_hold)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ /* set the newly allocated bytes to 0 */
+ __tspi_memset(&select->pcrSelect[select->sizeOfSelect], 0,
+ bytes_to_hold - select->sizeOfSelect);
+ select->sizeOfSelect = bytes_to_hold;
+
+ /* realloc the pcrs array */
+ if ((pcrs->pcrs = realloc(pcrs->pcrs, bytes_to_hold * 8 *
+ sizeof(TPM_PCRVALUE))) == NULL) {
+ LogError("malloc of %d bytes failed.",
+ bytes_to_hold * 8 * TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ }
+
+ /* set the bit in the selection structure */
+ select->pcrSelect[idx / 8] |= (1 << (idx % 8));
+
+ /* set the value in the pcrs array */
+ memcpy(&(pcrs->pcrs[idx]), value, size);
+
+ result = pcrs_calc_composite(select, pcrs->pcrs, compHash);
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_get_value(TSS_HPCRS hPcrs, UINT32 idx, UINT32 *size, BYTE **value)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_SELECTION *select;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ select = &pcrs->info.info11.pcrSelection;
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ select = &pcrs->info.infoshort.pcrSelection;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ select = &pcrs->info.infolong.creationPCRSelection;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ break;
+ }
+
+ if (select->sizeOfSelect < (idx / 8) + 1) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+
+ if ((*value = calloc_tspi(obj->tspContext, TCPA_SHA1_160_HASH_LEN)) == NULL) {
+ LogError("malloc of %d bytes failed.", TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ *size = TCPA_SHA1_160_HASH_LEN;
+ memcpy(*value, &pcrs->pcrs[idx], TCPA_SHA1_160_HASH_LEN);
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_get_digest_at_release(TSS_HPCRS hPcrs, UINT32 *size, BYTE **out)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ BYTE *digest;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ digest = (BYTE *)&pcrs->info.infoshort.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ digest = (BYTE *)&pcrs->info.infolong.digestAtRelease;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ break;
+ }
+
+ if ((*out = calloc_tspi(obj->tspContext, sizeof(TPM_COMPOSITE_HASH))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TPM_COMPOSITE_HASH));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*out, digest, sizeof(TPM_COMPOSITE_HASH));
+ *size = sizeof(TPM_COMPOSITE_HASH);
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_select_index(TSS_HPCRS hPcrs, UINT32 idx)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_SELECTION *select;
+ UINT16 bytes_to_hold = (idx / 8) + 1;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ bytes_to_hold = (bytes_to_hold < 2) ? 2 : bytes_to_hold;
+ select = &pcrs->info.info11.pcrSelection;
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ break;
+ }
+
+ /* allocate the selection structure */
+ if (select->pcrSelect == NULL) {
+ if ((select->pcrSelect = malloc(bytes_to_hold)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ select->sizeOfSelect = bytes_to_hold;
+ __tspi_memset(select->pcrSelect, 0, bytes_to_hold);
+
+ /* alloc the pcrs array */
+ if ((pcrs->pcrs = malloc(bytes_to_hold * 8 * TCPA_SHA1_160_HASH_LEN)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold * 8 *
+ TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else if (select->sizeOfSelect < bytes_to_hold) {
+ if ((select->pcrSelect = realloc(select->pcrSelect, bytes_to_hold)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ /* set the newly allocated bytes to 0 */
+ __tspi_memset(&select->pcrSelect[select->sizeOfSelect], 0,
+ bytes_to_hold - select->sizeOfSelect);
+ select->sizeOfSelect = bytes_to_hold;
+
+ /* realloc the pcrs array */
+ if ((pcrs->pcrs = realloc(pcrs->pcrs,
+ bytes_to_hold * 8 * TCPA_SHA1_160_HASH_LEN)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold * 8 *
+ TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ }
+
+ /* set the bit in the selection structure */
+ select->pcrSelect[idx / 8] |= (1 << (idx % 8));
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_select_index_ex(TSS_HPCRS hPcrs, UINT32 dir, UINT32 idx)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_SELECTION *select;
+ UINT16 bytes_to_hold = (idx / 8) + 1;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ if (dir == TSS_PCRS_DIRECTION_CREATION) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+ bytes_to_hold = (bytes_to_hold < 3) ? 3 : bytes_to_hold;
+ select = &pcrs->info.infoshort.pcrSelection;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ bytes_to_hold = (bytes_to_hold < 3) ? 3 : bytes_to_hold;
+ if (dir == TSS_PCRS_DIRECTION_CREATION)
+ select = &pcrs->info.infolong.creationPCRSelection;
+ else
+ select = &pcrs->info.infolong.releasePCRSelection;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ break;
+ }
+
+ /* allocate the selection structure */
+ if (select->pcrSelect == NULL) {
+ if ((select->pcrSelect = malloc(bytes_to_hold)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ select->sizeOfSelect = bytes_to_hold;
+ __tspi_memset(select->pcrSelect, 0, bytes_to_hold);
+
+ /* alloc the pcrs array */
+ if ((pcrs->pcrs = malloc(bytes_to_hold * 8 * TCPA_SHA1_160_HASH_LEN)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold * 8 *
+ TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ } else if (select->sizeOfSelect < bytes_to_hold) {
+ if ((select->pcrSelect = realloc(select->pcrSelect, bytes_to_hold)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ /* set the newly allocated bytes to 0 */
+ __tspi_memset(&select->pcrSelect[select->sizeOfSelect], 0,
+ bytes_to_hold - select->sizeOfSelect);
+ select->sizeOfSelect = bytes_to_hold;
+
+ /* realloc the pcrs array */
+ if ((pcrs->pcrs = realloc(pcrs->pcrs,
+ bytes_to_hold * 8 * TCPA_SHA1_160_HASH_LEN)) == NULL) {
+ LogError("malloc of %d bytes failed.", bytes_to_hold * 8 *
+ TCPA_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ }
+
+ /* set the bit in the selection structure */
+ select->pcrSelect[idx / 8] |= (1 << (idx % 8));
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_create_info_type(TSS_HPCRS hPcrs, UINT32 *type, UINT32 *size, BYTE **info)
+{
+ TSS_RESULT result;
+
+ /* If type equals 0, then we create the structure
+ based on how the object was created */
+ if (*type == 0) {
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+ *type = pcrs->type;
+
+ obj_list_put(&pcrs_list);
+ }
+
+ switch (*type) {
+ case TSS_PCRS_STRUCT_INFO:
+ result = obj_pcrs_create_info(hPcrs, size, info);
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ result = obj_pcrs_create_info_long(hPcrs, size, info);
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ result = obj_pcrs_create_info_short(hPcrs, size, info);
+ break;
+ default:
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+/* Create a PCR info struct based on the hPcrs object */
+TSS_RESULT
+obj_pcrs_create_info(TSS_HPCRS hPcrs, UINT32 *size, BYTE **info)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_INFO info11;
+ UINT64 offset;
+ UINT32 ret_size;
+ BYTE *ret;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ /* Set everything that is not assigned to be all zeroes */
+ __tspi_memset(&info11, 0, sizeof(info11));
+
+ switch (pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ info11 = pcrs->info.info11;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ info11.pcrSelection = pcrs->info.infolong.releasePCRSelection;
+ info11.digestAtRelease = pcrs->info.infolong.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ info11.pcrSelection = pcrs->info.infoshort.pcrSelection;
+ info11.digestAtRelease = pcrs->info.infoshort.digestAtRelease;
+ break;
+ default:
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_INFO(&offset, NULL, &info11);
+ ret_size = offset;
+
+ if ((ret = calloc(1, ret_size)) == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ LogDebug("malloc of %u bytes failed.", ret_size);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_INFO(&offset, ret, &info11);
+
+ *info = ret;
+ *size = ret_size;
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_create_info_long(TSS_HPCRS hPcrs, UINT32 *size, BYTE **info)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_INFO_LONG infolong;
+ BYTE dummyBits[3] = { 0, 0, 0 };
+ TPM_PCR_SELECTION dummySelection = { 3, dummyBits };
+ UINT64 offset;
+ UINT32 ret_size;
+ BYTE *ret;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ /* Set everything that is not assigned to be all zeroes */
+ __tspi_memset(&infolong, 0, sizeof(infolong));
+
+ infolong.tag = TPM_TAG_PCR_INFO_LONG;
+ /* localityAtCreation and creationPCRSelection certainly do not need to be set here, but
+ * some chips such as Winbond do not ignore them on input, so we must give them dummy
+ * "good" values */
+ infolong.localityAtCreation = TPM_LOC_ZERO;
+ infolong.creationPCRSelection = dummySelection;
+ switch (pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ infolong.localityAtRelease = TSS_LOCALITY_ALL;
+ infolong.releasePCRSelection = pcrs->info.info11.pcrSelection;
+ infolong.digestAtRelease = pcrs->info.info11.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ infolong.localityAtRelease = pcrs->info.infolong.localityAtRelease;
+ infolong.releasePCRSelection = pcrs->info.infolong.releasePCRSelection;
+ infolong.digestAtRelease = pcrs->info.infolong.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ infolong.localityAtRelease = pcrs->info.infoshort.localityAtRelease;
+ infolong.releasePCRSelection = pcrs->info.infoshort.pcrSelection;
+ infolong.digestAtRelease = pcrs->info.infoshort.digestAtRelease;
+ break;
+ default:
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_INFO_LONG(&offset, NULL, &infolong);
+ ret_size = offset;
+
+ if ((ret = calloc(1, ret_size)) == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ LogDebug("malloc of %u bytes failed.", ret_size);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_INFO_LONG(&offset, ret, &infolong);
+
+ *info = ret;
+ *size = ret_size;
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_create_info_short(TSS_HPCRS hPcrs, UINT32 *size, BYTE **info)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_PCR_INFO_SHORT infoshort;
+ BYTE select[] = { 0, 0, 0 };
+ UINT64 offset;
+ UINT32 ret_size;
+ BYTE *ret;
+
+ /* Set everything that is not assigned to be all zeroes */
+ __tspi_memset(&infoshort, 0, sizeof(infoshort));
+
+ if (hPcrs != NULL_HPCRS) {
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch (pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ infoshort.pcrSelection = pcrs->info.info11.pcrSelection;
+ infoshort.localityAtRelease = TSS_LOCALITY_ALL;
+ infoshort.digestAtRelease = pcrs->info.info11.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ infoshort.pcrSelection = pcrs->info.infolong.releasePCRSelection;
+ infoshort.localityAtRelease = pcrs->info.infolong.localityAtRelease;
+ infoshort.digestAtRelease = pcrs->info.infolong.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ infoshort = pcrs->info.infoshort;
+ break;
+ default:
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ } else {
+ infoshort.pcrSelection.sizeOfSelect = sizeof(select);
+ infoshort.pcrSelection.pcrSelect = select;
+ infoshort.localityAtRelease = TSS_LOCALITY_ALL;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_INFO_SHORT(&offset, NULL, &infoshort);
+ ret_size = offset;
+
+ if ((ret = calloc(1, ret_size)) == NULL) {
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ LogDebug("malloc of %u bytes failed.", ret_size);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_INFO_SHORT(&offset, ret, &infoshort);
+
+ *info = ret;
+ *size = ret_size;
+
+done:
+ if (hPcrs != NULL_HPCRS)
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_get_locality(TSS_HPCRS hPcrs, UINT32 *out)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ BYTE *locality;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ locality = &pcrs->info.infoshort.localityAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ locality = &pcrs->info.infolong.localityAtRelease;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *out = (UINT32)*locality;
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_set_locality(TSS_HPCRS hPcrs, UINT32 locality)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ BYTE *loc;
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ loc = &pcrs->info.infoshort.localityAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ loc = &pcrs->info.infolong.localityAtRelease;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *loc = locality;
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_pcrs_set_digest_at_release(TSS_HPCRS hPcrs, TPM_COMPOSITE_HASH digest)
+{
+ struct tsp_object *obj;
+ struct tr_pcrs_obj *pcrs;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_COMPOSITE_HASH *dig;
+
+ LogDebugFn("######## Digest to be set on TSS object:");
+ LogDebugData(TCPA_SHA1_160_HASH_LEN, digest.digest);
+
+ if ((obj = obj_list_get_obj(&pcrs_list, hPcrs)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ pcrs = (struct tr_pcrs_obj *)obj->data;
+
+ switch(pcrs->type) {
+ case TSS_PCRS_STRUCT_INFO:
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ case TSS_PCRS_STRUCT_INFO_SHORT:
+ dig = &pcrs->info.infoshort.digestAtRelease;
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ dig = &pcrs->info.infolong.digestAtRelease;
+ break;
+ default:
+ LogDebugFn("Undefined type of PCRs object");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ /* Copy the digest information */
+ memcpy(dig->digest,&digest.digest,TPM_SHA1_160_HASH_LEN);
+
+ LogDebugFn("######## Digest SET on TSS object:");
+ LogDebugData(TCPA_SHA1_160_HASH_LEN,pcrs->info.infoshort.digestAtRelease.digest);
+
+done:
+ obj_list_put(&pcrs_list);
+
+ return result;
+}
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_policy.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_policy.c
new file mode 100644
index 0000000..19c4b22
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_policy.c
@@ -0,0 +1,1667 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+#include "tsp_delegate.h"
+#include "authsess.h"
+
+
+TSS_RESULT
+obj_policy_add(TSS_HCONTEXT tsp_context, UINT32 type, TSS_HOBJECT *phObject)
+{
+ struct tr_policy_obj *policy;
+ TSS_RESULT result;
+
+ if ((policy = calloc(1, sizeof(struct tr_policy_obj))) == NULL) {
+ LogError("malloc of %zd bytes failed", sizeof(struct tr_policy_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ policy->type = type;
+#ifndef TSS_SPEC_COMPLIANCE
+ policy->SecretMode = TSS_SECRET_MODE_NONE;
+#else
+ policy->SecretMode = TSS_SECRET_MODE_POPUP;
+#endif
+ /* The policy object will inherit this attribute from the context */
+ if ((result = obj_context_get_hash_mode(tsp_context, &policy->hashMode))) {
+ free(policy);
+ return result;
+ }
+ policy->SecretLifetime = TSS_TSPATTRIB_POLICYSECRET_LIFETIME_ALWAYS;
+#ifdef TSS_BUILD_DELEGATION
+ policy->delegationType = TSS_DELEGATIONTYPE_NONE;
+#endif
+
+ if ((result = obj_list_add(&policy_list, tsp_context, 0, policy, phObject))) {
+ free(policy);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+void
+__tspi_policy_free(void *data)
+{
+ struct tr_policy_obj *policy = (struct tr_policy_obj *)data;
+
+ free(policy->popupString);
+#ifdef TSS_BUILD_DELEGATION
+ free(policy->delegationBlob);
+#endif
+ free(policy);
+}
+
+TSS_RESULT
+obj_policy_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&policy_list, &__tspi_policy_free, hObject, tspContext)))
+ return result;
+
+ obj_lists_remove_policy_refs(hObject, tspContext);
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_policy(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&policy_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&policy_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_policy_get_type(TSS_HPOLICY hPolicy, UINT32 *type)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+ *type = policy->type;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_set_type(TSS_HPOLICY hPolicy, UINT32 type)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+ policy->type = type;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_get_tsp_context(TSS_HPOLICY hPolicy, TSS_HCONTEXT *tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_do_hmac(TSS_HPOLICY hPolicy, TSS_HOBJECT hAuthorizedObject,
+ TSS_BOOL returnOrVerify, UINT32 ulPendingFunction,
+ TSS_BOOL continueUse, UINT32 ulSizeNonces,
+ BYTE *rgbNonceEven, BYTE *rgbNonceOdd,
+ BYTE *rgbNonceEvenOSAP, BYTE *rgbNonceOddOSAP,
+ UINT32 ulSizeDigestHmac, BYTE *rgbParamDigest,
+ BYTE *rgbHmacData)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ result = policy->Tspicb_CallbackHMACAuth(
+ policy->hmacAppData, hAuthorizedObject,
+ returnOrVerify,
+ ulPendingFunction,
+ continueUse,
+ ulSizeNonces,
+ rgbNonceEven,
+ rgbNonceOdd,
+ rgbNonceEvenOSAP, rgbNonceOddOSAP, ulSizeDigestHmac,
+ rgbParamDigest,
+ rgbHmacData);
+
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_secret(TSS_HPOLICY hPolicy, TSS_BOOL ctx, TCPA_SECRET *secret)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+ TCPA_SECRET null_secret;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ __tspi_memset(&null_secret, 0, sizeof(TCPA_SECRET));
+
+ switch (policy->SecretMode) {
+ case TSS_SECRET_MODE_POPUP:
+ /* if the secret is still NULL, grab it using the GUI */
+ if (policy->SecretSet == FALSE) {
+ if ((result = popup_GetSecret(ctx,
+ policy->hashMode,
+ policy->popupString,
+ policy->Secret)))
+ break;
+ }
+ policy->SecretSet = TRUE;
+ /* fall through */
+ case TSS_SECRET_MODE_PLAIN:
+ case TSS_SECRET_MODE_SHA1:
+ if (policy->SecretSet == FALSE) {
+ result = TSPERR(TSS_E_POLICY_NO_SECRET);
+ break;
+ }
+
+ memcpy(secret, policy->Secret, sizeof(TCPA_SECRET));
+ break;
+ case TSS_SECRET_MODE_NONE:
+ memcpy(secret, &null_secret, sizeof(TCPA_SECRET));
+ break;
+ default:
+ result = TSPERR(TSS_E_POLICY_NO_SECRET);
+ break;
+ }
+#ifdef TSS_DEBUG
+ if (!result) {
+ LogDebug("Got a secret:");
+ LogDebugData(20, (BYTE *)secret);
+ }
+#endif
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_flush_secret(TSS_HPOLICY hPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ __tspi_memset(&policy->Secret, 0, policy->SecretSize);
+ policy->SecretSet = FALSE;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_set_secret_object(TSS_HPOLICY hPolicy, TSS_FLAG mode, UINT32 size,
+ TCPA_DIGEST *digest, TSS_BOOL set)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ /* if this is going to be a callback policy, the
+ * callbacks need to already be set. (See TSS 1.1b
+ * spec pg. 62). */
+ if (mode == TSS_SECRET_MODE_CALLBACK) {
+ if (policy->Tspicb_CallbackHMACAuth == NULL) {
+ result = TSPERR(TSS_E_FAIL);
+ goto done;
+ }
+ }
+
+ if (policy->SecretLifetime == TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER) {
+ policy->SecretCounter = policy->SecretTimeStamp;
+ } else if (policy->SecretLifetime == TSS_TSPATTRIB_POLICYSECRET_LIFETIME_TIMER) {
+ time_t t = time(NULL);
+ if (t == ((time_t)-1)) {
+ LogError("time failed: %s", strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ policy->SecretTimeStamp = t;
+ }
+
+ memcpy(policy->Secret, digest, size);
+ policy->SecretMode = mode;
+ policy->SecretSize = size;
+ policy->SecretSet = set;
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_is_secret_set(TSS_HPOLICY hPolicy, TSS_BOOL *secretSet)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ *secretSet = policy->SecretSet;
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+
+TSS_RESULT
+obj_policy_set_secret(TSS_HPOLICY hPolicy, TSS_FLAG mode, UINT32 size, BYTE *data)
+{
+ TCPA_DIGEST digest;
+ UINT32 secret_size = 0;
+ TSS_BOOL secret_set = TRUE;
+ TSS_RESULT result;
+
+ __tspi_memset(&digest.digest, 0, sizeof(TCPA_DIGEST));
+
+ switch (mode) {
+ case TSS_SECRET_MODE_PLAIN:
+ if ((result = Trspi_Hash(TSS_HASH_SHA1, size, data,
+ (BYTE *)&digest.digest)))
+ return result;
+ secret_size = TCPA_SHA1_160_HASH_LEN;
+ break;
+ case TSS_SECRET_MODE_SHA1:
+ if (size != TCPA_SHA1_160_HASH_LEN)
+ return TSPERR(TSS_E_BAD_PARAMETER);
+
+ memcpy(&digest.digest, data, size);
+ secret_size = TCPA_SHA1_160_HASH_LEN;
+ break;
+ case TSS_SECRET_MODE_POPUP:
+ case TSS_SECRET_MODE_NONE:
+ secret_set = FALSE;
+ case TSS_SECRET_MODE_CALLBACK:
+ break;
+ default:
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ return obj_policy_set_secret_object(hPolicy, mode, secret_size,
+ &digest, secret_set);
+}
+
+TSS_RESULT
+obj_policy_get_cb11(TSS_HPOLICY hPolicy, TSS_FLAG type, UINT32 *cb)
+{
+#ifndef __LP64__
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ switch (type) {
+ case TSS_TSPATTRIB_POLICY_CALLBACK_HMAC:
+ *cb = (UINT32)policy->Tspicb_CallbackHMACAuth;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_XOR_ENC:
+ *cb = (UINT32)policy->Tspicb_CallbackXorEnc;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_TAKEOWNERSHIP:
+ *cb = (UINT32)policy->Tspicb_CallbackTakeOwnership;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_CHANGEAUTHASYM:
+ *cb = (UINT32)policy->Tspicb_CallbackChangeAuthAsym;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+
+ obj_list_put(&policy_list);
+
+ return result;
+#else
+ return TSPERR(TSS_E_FAIL);
+#endif
+}
+
+TSS_RESULT
+obj_policy_set_cb11(TSS_HPOLICY hPolicy, TSS_FLAG type, TSS_FLAG app_data, UINT32 cb)
+{
+#ifndef __LP64__
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ switch (type) {
+ case TSS_TSPATTRIB_POLICY_CALLBACK_HMAC:
+ policy->Tspicb_CallbackHMACAuth = (PVOID)cb;
+ policy->hmacAppData = (PVOID)app_data;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_XOR_ENC:
+ policy->Tspicb_CallbackXorEnc = (PVOID)cb;
+ policy->xorAppData = (PVOID)app_data;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_TAKEOWNERSHIP:
+ policy->Tspicb_CallbackTakeOwnership = (PVOID)cb;
+ policy->takeownerAppData = (PVOID)app_data;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_CHANGEAUTHASYM:
+ policy->Tspicb_CallbackChangeAuthAsym = (PVOID)cb;
+ policy->changeauthAppData = (PVOID)app_data;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+
+ obj_list_put(&policy_list);
+
+ return result;
+#else
+ return TSPERR(TSS_E_FAIL);
+#endif
+}
+
+TSS_RESULT
+obj_policy_set_cb12(TSS_HPOLICY hPolicy, TSS_FLAG flag, BYTE *in)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+ TSS_CALLBACK *cb = (TSS_CALLBACK *)in;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ switch (flag) {
+ case TSS_TSPATTRIB_POLICY_CALLBACK_HMAC:
+ if (!cb) {
+ policy->Tspicb_CallbackHMACAuth = NULL;
+ break;
+ }
+
+ policy->Tspicb_CallbackHMACAuth =
+ (TSS_RESULT (*)(PVOID, TSS_HOBJECT, TSS_BOOL,
+ UINT32, TSS_BOOL, UINT32, BYTE *, BYTE *,
+ BYTE *, BYTE *, UINT32, BYTE *, BYTE *))
+ cb->callback;
+ policy->hmacAppData = cb->appData;
+ policy->hmacAlg = cb->alg;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_XOR_ENC:
+ if (!cb) {
+ policy->Tspicb_CallbackXorEnc = NULL;
+ break;
+ }
+
+ policy->Tspicb_CallbackXorEnc =
+ (TSS_RESULT (*)(PVOID, TSS_HOBJECT,
+ TSS_HOBJECT, TSS_FLAG, UINT32, BYTE *, BYTE *,
+ BYTE *, BYTE *, UINT32, BYTE *, BYTE *))
+ cb->callback;
+ policy->xorAppData = cb->appData;
+ policy->xorAlg = cb->alg;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_TAKEOWNERSHIP:
+ if (!cb) {
+ policy->Tspicb_CallbackTakeOwnership = NULL;
+ break;
+ }
+
+ policy->Tspicb_CallbackTakeOwnership =
+ (TSS_RESULT (*)(PVOID, TSS_HOBJECT, TSS_HKEY,
+ UINT32, BYTE *))cb->callback;
+ policy->takeownerAppData = cb->appData;
+ policy->takeownerAlg = cb->alg;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_CHANGEAUTHASYM:
+ if (!cb) {
+ policy->Tspicb_CallbackChangeAuthAsym = NULL;
+ break;
+ }
+
+ policy->Tspicb_CallbackChangeAuthAsym =
+ (TSS_RESULT (*)(PVOID, TSS_HOBJECT, TSS_HKEY,
+ UINT32, UINT32, BYTE *, BYTE *))cb->callback;
+ policy->changeauthAppData = cb->appData;
+ policy->changeauthAlg = cb->alg;
+ break;
+#ifdef TSS_BUILD_SEALX
+ case TSS_TSPATTRIB_POLICY_CALLBACK_SEALX_MASK:
+ if (!cb) {
+ policy->Tspicb_CallbackSealxMask = NULL;
+ policy->sealxAppData = NULL;
+ policy->sealxAlg = 0;
+ break;
+ }
+
+ policy->Tspicb_CallbackSealxMask =
+ (TSS_RESULT (*)(PVOID, TSS_HKEY, TSS_HENCDATA,
+ TSS_ALGORITHM_ID, UINT32, BYTE *, BYTE *, BYTE *, BYTE *,
+ UINT32, BYTE *, BYTE *))cb->callback;
+ policy->sealxAppData = cb->appData;
+ policy->sealxAlg = cb->alg;
+ break;
+#endif
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_cb12(TSS_HPOLICY hPolicy, TSS_FLAG flag, UINT32 *size, BYTE **out)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+ TSS_CALLBACK *cb;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if ((cb = calloc_tspi(obj->tspContext, sizeof(TSS_CALLBACK))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_CALLBACK));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ switch (flag) {
+ case TSS_TSPATTRIB_POLICY_CALLBACK_HMAC:
+ cb->callback = policy->Tspicb_CallbackHMACAuth;
+ cb->appData = policy->hmacAppData;
+ cb->alg = policy->hmacAlg;
+ *size = sizeof(TSS_CALLBACK);
+ *out = (BYTE *)cb;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_XOR_ENC:
+ cb->callback = policy->Tspicb_CallbackXorEnc;
+ cb->appData = policy->xorAppData;
+ cb->alg = policy->xorAlg;
+ *size = sizeof(TSS_CALLBACK);
+ *out = (BYTE *)cb;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_TAKEOWNERSHIP:
+ cb->callback = policy->Tspicb_CallbackTakeOwnership;
+ cb->appData = policy->takeownerAppData;
+ cb->alg = policy->takeownerAlg;
+ *size = sizeof(TSS_CALLBACK);
+ *out = (BYTE *)cb;
+ break;
+ case TSS_TSPATTRIB_POLICY_CALLBACK_CHANGEAUTHASYM:
+ cb->callback = policy->Tspicb_CallbackChangeAuthAsym;
+ cb->appData = policy->changeauthAppData;
+ cb->alg = policy->changeauthAlg;
+ *size = sizeof(TSS_CALLBACK);
+ *out = (BYTE *)cb;
+ break;
+#ifdef TSS_BUILD_SEALX
+ case TSS_TSPATTRIB_POLICY_CALLBACK_SEALX_MASK:
+ cb->callback = policy->Tspicb_CallbackSealxMask;
+ cb->appData = policy->sealxAppData;
+ cb->alg = policy->sealxAlg;
+ *size = sizeof(TSS_CALLBACK);
+ *out = (BYTE *)cb;
+ break;
+#endif
+ default:
+ free_tspi(obj->tspContext, cb);
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_lifetime(TSS_HPOLICY hPolicy, UINT32 *lifetime)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+ *lifetime = policy->SecretLifetime;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_set_lifetime(TSS_HPOLICY hPolicy, UINT32 type, UINT32 value)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+ time_t t;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ switch (type) {
+ case TSS_TSPATTRIB_POLICYSECRET_LIFETIME_ALWAYS:
+ policy->SecretCounter = 0;
+ policy->SecretLifetime = TSS_TSPATTRIB_POLICYSECRET_LIFETIME_ALWAYS;
+ policy->SecretTimeStamp = 0;
+ break;
+ case TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER:
+ /* Both SecretCounter and SecretTimeStamp will receive value. Every time the
+ * policy is used, SecretCounter will be decremented. Each time SetSecret is
+ * called, SecretCounter will get the value stored in SecretTimeStamp */
+ policy->SecretCounter = value;
+ policy->SecretLifetime = TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER;
+ policy->SecretTimeStamp = value;
+ break;
+ case TSS_TSPATTRIB_POLICYSECRET_LIFETIME_TIMER:
+ t = time(NULL);
+ if (t == ((time_t)-1)) {
+ LogError("time failed: %s", strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ break;
+ }
+
+ /* For mode time, we'll use the SecretCounter variable to hold the number
+ * of seconds we're valid and the SecretTimeStamp var to record the current
+ * timestamp. This should protect against overflows. */
+ policy->SecretCounter = value;
+ policy->SecretLifetime = TSS_TSPATTRIB_POLICYSECRET_LIFETIME_TIMER;
+ policy->SecretTimeStamp = t;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ break;
+ }
+
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_mode(TSS_HPOLICY hPolicy, UINT32 *mode)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+ *mode = policy->SecretMode;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_get_counter(TSS_HPOLICY hPolicy, UINT32 *counter)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->SecretLifetime == TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER)
+ *counter = policy->SecretCounter;
+ else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_dec_counter(TSS_HPOLICY hPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ /* Only decrement if SecretCounter > 0, otherwise it could loop and become valid again */
+ if (policy->SecretLifetime == TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER &&
+ policy->SecretCounter > 0) {
+ policy->SecretCounter--;
+ }
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+/* return a unicode string to the Tspi_GetAttribData function */
+TSS_RESULT
+obj_policy_get_string(TSS_HPOLICY hPolicy, UINT32 *size, BYTE **data)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ BYTE *utf_string;
+ UINT32 utf_size;
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ *size = policy->popupStringLength;
+ if (policy->popupStringLength == 0) {
+ *data = NULL;
+ } else {
+ utf_size = policy->popupStringLength;
+ utf_string = Trspi_Native_To_UNICODE(policy->popupString,
+ &utf_size);
+ if (utf_string == NULL) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *data = calloc_tspi(obj->tspContext, utf_size);
+ if (*data == NULL) {
+ free(utf_string);
+ LogError("malloc of %d bytes failed.", utf_size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ *size = utf_size;
+ memcpy(*data, utf_string, utf_size);
+ free(utf_string);
+ }
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_set_string(TSS_HPOLICY hPolicy, UINT32 size, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ free(policy->popupString);
+ policy->popupString = data;
+ policy->popupStringLength = size;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_get_secs_until_expired(TSS_HPOLICY hPolicy, UINT32 *secs)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ int seconds_elapsed;
+ time_t t;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->SecretLifetime != TSS_TSPATTRIB_POLICYSECRET_LIFETIME_TIMER) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ if ((t = time(NULL)) == ((time_t)-1)) {
+ LogError("time failed: %s", strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ /* curtime - SecretTimeStamp is the number of seconds elapsed since we started the timer.
+ * SecretCounter is the number of seconds the secret is valid. If
+ * seconds_elspased > SecretCounter, we've expired. */
+ seconds_elapsed = t - policy->SecretTimeStamp;
+ if ((UINT32)seconds_elapsed >= policy->SecretCounter) {
+ *secs = 0;
+ } else {
+ *secs = policy->SecretCounter - seconds_elapsed;
+ }
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+policy_has_expired(struct tr_policy_obj *policy, TSS_BOOL *answer)
+{
+ switch (policy->SecretLifetime) {
+ case TSS_TSPATTRIB_POLICYSECRET_LIFETIME_ALWAYS:
+ *answer = FALSE;
+ break;
+ case TSS_TSPATTRIB_POLICYSECRET_LIFETIME_COUNTER:
+ *answer = (policy->SecretCounter == 0 ? TRUE : FALSE);
+ break;
+ case TSS_TSPATTRIB_POLICYSECRET_LIFETIME_TIMER:
+ {
+ int seconds_elapsed;
+ time_t t = time(NULL);
+
+ if (t == ((time_t)-1)) {
+ LogError("time failed: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ /* curtime - SecretTimer is the number of seconds elapsed since we
+ * started the timer. SecretCounter is the number of seconds the
+ * secret is valid. If seconds_elspased > SecretCounter, we've
+ * expired.
+ */
+ seconds_elapsed = t - policy->SecretTimeStamp;
+ *answer = ((UINT32)seconds_elapsed >= policy->SecretCounter ? TRUE : FALSE);
+ break;
+ }
+ default:
+ LogError("policy has an undefined secret lifetime!");
+ return TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_has_expired(TSS_HPOLICY hPolicy, TSS_BOOL *answer)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ result = policy_has_expired(policy, answer);
+
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_xsap_params(TSS_HPOLICY hPolicy,
+ TPM_COMMAND_CODE command,
+ TPM_ENTITY_TYPE *et,
+ UINT32 *entity_value_size,
+ BYTE **entity_value,
+ BYTE *secret,
+ TSS_CALLBACK *cb_xor,
+ TSS_CALLBACK *cb_hmac,
+ TSS_CALLBACK *cb_sealx,
+ UINT32 *mode,
+ TSS_BOOL new_secret)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result;
+ TSS_BOOL answer = FALSE;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if ((result = policy_has_expired(policy, &answer)))
+ goto done;
+
+ if (answer) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+#ifdef TSS_BUILD_DELEGATION
+ /* if the delegation index or blob is set, check to see if the command is delegated, if so,
+ * return the blob or index as the secret data */
+ if (command && (policy->delegationType != TSS_DELEGATIONTYPE_NONE)) {
+ if (policy->delegationBlob) {
+ if ((*entity_value = malloc(policy->delegationBlobLength)) == NULL) {
+ LogError("malloc of %u bytes failed.",
+ policy->delegationBlobLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ memcpy(*entity_value, policy->delegationBlob, policy->delegationBlobLength);
+ *entity_value_size = policy->delegationBlobLength;
+ if (policy->delegationType == TSS_DELEGATIONTYPE_OWNER)
+ *et = TPM_ET_DEL_OWNER_BLOB;
+ else
+ *et = TPM_ET_DEL_KEY_BLOB;
+ } else {
+ if ((*entity_value = malloc(sizeof(UINT32))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(UINT32));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ *(UINT32 *)entity_value = policy->delegationIndex;
+ *entity_value_size = sizeof(UINT32);
+ *et = TPM_ET_DEL_ROW;
+ }
+ }
+#endif
+ /* Either this is a policy set to mode callback, in which case both xor and hmac addresses
+ * must be set, or this is an encrypted data object's policy, where its mode is independent
+ * of whether a sealx callback is set */
+ if (policy->SecretMode == TSS_SECRET_MODE_CALLBACK && cb_xor && cb_hmac) {
+ if ((policy->Tspicb_CallbackXorEnc && !policy->Tspicb_CallbackHMACAuth) ||
+ (!policy->Tspicb_CallbackXorEnc && policy->Tspicb_CallbackHMACAuth)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ cb_xor->callback = policy->Tspicb_CallbackXorEnc;
+ cb_xor->appData = policy->xorAppData;
+ cb_xor->alg = policy->xorAlg;
+
+ cb_hmac->callback = policy->Tspicb_CallbackHMACAuth;
+ cb_hmac->appData = policy->hmacAppData;
+ cb_hmac->alg = policy->hmacAlg;
+#ifdef TSS_BUILD_SEALX
+ } else if (cb_sealx && policy->Tspicb_CallbackSealxMask) {
+ cb_sealx->callback = policy->Tspicb_CallbackSealxMask;
+ cb_sealx->appData = policy->sealxAppData;
+ cb_sealx->alg = policy->sealxAlg;
+#endif
+ }
+
+ if ((policy->SecretMode == TSS_SECRET_MODE_POPUP) &&
+ (policy->SecretSet == FALSE)) {
+ if ((result = popup_GetSecret(new_secret,
+ policy->hashMode,
+ policy->popupString,
+ policy->Secret)))
+ goto done;
+ policy->SecretSet = TRUE;
+ }
+ memcpy(secret, policy->Secret, TPM_SHA1_160_HASH_LEN);
+ *mode = policy->SecretMode;
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_do_xor(TSS_HPOLICY hPolicy,
+ TSS_HOBJECT hOSAPObject, TSS_HOBJECT hObject,
+ TSS_FLAG PurposeSecret, UINT32 ulSizeNonces,
+ BYTE *rgbNonceEven, BYTE *rgbNonceOdd,
+ BYTE *rgbNonceEvenOSAP, BYTE *rgbNonceOddOSAP,
+ UINT32 ulSizeEncAuth, BYTE *rgbEncAuthUsage,
+ BYTE *rgbEncAuthMigration)
+{
+ TSS_RESULT result;
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ result = policy->Tspicb_CallbackXorEnc(policy->xorAppData,
+ hOSAPObject, hObject,
+ PurposeSecret, ulSizeNonces,
+ rgbNonceEven, rgbNonceOdd,
+ rgbNonceEvenOSAP, rgbNonceOddOSAP,
+ ulSizeEncAuth,
+ rgbEncAuthUsage, rgbEncAuthMigration);
+
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_do_takeowner(TSS_HPOLICY hPolicy,
+ TSS_HOBJECT hObject, TSS_HKEY hObjectPubKey,
+ UINT32 ulSizeEncAuth, BYTE *rgbEncAuth)
+{
+ TSS_RESULT result;
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ result = policy->Tspicb_CallbackTakeOwnership(
+ policy->takeownerAppData,
+ hObject, hObjectPubKey, ulSizeEncAuth,
+ rgbEncAuth);
+
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_hash_mode(TSS_HPOLICY hPolicy, UINT32 *mode)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+ *mode = policy->hashMode;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_set_hash_mode(TSS_HPOLICY hPolicy, UINT32 mode)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ switch (mode) {
+ case TSS_TSPATTRIB_HASH_MODE_NULL:
+ case TSS_TSPATTRIB_HASH_MODE_NOT_NULL:
+ break;
+ default:
+ return TSPERR(TSS_E_INVALID_ATTRIB_DATA);
+ }
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+ policy->hashMode = mode;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+#ifdef TSS_BUILD_DELEGATION
+TSS_RESULT
+obj_policy_set_delegation_type(TSS_HPOLICY hPolicy, UINT32 type)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ switch (type) {
+ case TSS_DELEGATIONTYPE_NONE:
+ obj_policy_clear_delegation(policy);
+ break;
+ case TSS_DELEGATIONTYPE_OWNER:
+ case TSS_DELEGATIONTYPE_KEY:
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+ break;
+ }
+
+ policy->delegationType = type;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+
+TSS_RESULT
+obj_policy_get_delegation_type(TSS_HPOLICY hPolicy, UINT32 *type)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ *type = policy->delegationType;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_policy_set_delegation_index(TSS_HPOLICY hPolicy, UINT32 index)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if ((result = get_delegate_index(obj->tspContext, index, &public)))
+ goto done;
+
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+
+ obj_policy_clear_delegation(policy);
+ switch (public.permissions.delegateType) {
+ case TPM_DEL_OWNER_BITS:
+ policy->delegationType = TSS_DELEGATIONTYPE_OWNER;
+ break;
+ case TPM_DEL_KEY_BITS:
+ policy->delegationType = TSS_DELEGATIONTYPE_KEY;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ policy->delegationIndex = index;
+ policy->delegationIndexSet = TRUE;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_index(TSS_HPOLICY hPolicy, UINT32 *index)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (!policy->delegationIndexSet) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ *index = policy->delegationIndex;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT obj_policy_set_delegation_per1(TSS_HPOLICY hPolicy, UINT32 per1)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ policy->delegationPer1 = per1;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT obj_policy_get_delegation_per1(TSS_HPOLICY hPolicy, UINT32 *per1)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ *per1 = public.permissions.per1;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ *per1 = policy->delegationPer1;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT obj_policy_set_delegation_per2(TSS_HPOLICY hPolicy, UINT32 per2)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ policy->delegationPer2 = per2;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT obj_policy_get_delegation_per2(TSS_HPOLICY hPolicy, UINT32 *per2)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ *per2 = public.permissions.per2;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ *per2 = policy->delegationPer2;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_set_delegation_blob(TSS_HPOLICY hPolicy, UINT32 type, UINT32 blobLength, BYTE *blob)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ UINT16 tag;
+ UINT64 offset;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ obj_policy_clear_delegation(policy);
+
+ if (blobLength == 0) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_UnloadBlob_UINT16(&offset, &tag, blob);
+ switch (tag) {
+ case TPM_TAG_DELEGATE_OWNER_BLOB:
+ if (type && (type != TSS_DELEGATIONTYPE_OWNER)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ policy->delegationType = TSS_DELEGATIONTYPE_OWNER;
+ break;
+ case TPM_TAG_DELG_KEY_BLOB:
+ if (type && (type != TSS_DELEGATIONTYPE_KEY)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ policy->delegationType = TSS_DELEGATIONTYPE_KEY;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+
+ if ((policy->delegationBlob = malloc(blobLength)) == NULL) {
+ LogError("malloc of %u bytes failed.", blobLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ policy->delegationBlobLength = blobLength;
+ memcpy(policy->delegationBlob, blob, blobLength);
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_blob(TSS_HPOLICY hPolicy, UINT32 type, UINT32 *blobLength, BYTE **blob)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationBlobLength == 0) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ if (type && (type != policy->delegationType)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+
+ if ((*blob = calloc_tspi(obj->tspContext, policy->delegationBlobLength)) == NULL) {
+ LogError("malloc of %u bytes failed.", policy->delegationBlobLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ memcpy(*blob, policy->delegationBlob, policy->delegationBlobLength);
+ *blobLength = policy->delegationBlobLength;
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_label(TSS_HPOLICY hPolicy, BYTE *label)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ *label = public.label.label;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_familyid(TSS_HPOLICY hPolicy, UINT32 *familyID)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ *familyID = public.familyID;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_vercount(TSS_HPOLICY hPolicy, UINT32 *verCount)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ *verCount = public.verificationCount;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_pcr_locality(TSS_HPOLICY hPolicy, UINT32 *locality)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ *locality = public.pcrInfo.localityAtRelease;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_pcr_digest(TSS_HPOLICY hPolicy, UINT32 *digestLength, BYTE **digest)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ *digest = calloc_tspi(obj->tspContext, TPM_SHA1_160_HASH_LEN);
+ if (*digest == NULL) {
+ LogError("malloc of %u bytes failed.", TPM_SHA1_160_HASH_LEN);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*digest, &public.pcrInfo.digestAtRelease.digest, TPM_SHA1_160_HASH_LEN);
+ *digestLength = TPM_SHA1_160_HASH_LEN;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_get_delegation_pcr_selection(TSS_HPOLICY hPolicy, UINT32 *selectionLength,
+ BYTE **selection)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+ TPM_DELEGATE_PUBLIC public;
+ UINT64 offset;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet || policy->delegationBlob) {
+ if ((result = obj_policy_get_delegate_public(obj, &public)))
+ goto done;
+ offset = 0;
+ Trspi_LoadBlob_PCR_SELECTION(&offset, NULL, &public.pcrInfo.pcrSelection);
+ *selection = calloc_tspi(obj->tspContext, offset);
+ if (*selection == NULL) {
+ LogError("malloc of %u bytes failed.", (UINT32)offset);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ offset = 0;
+ Trspi_LoadBlob_PCR_SELECTION(&offset, *selection, &public.pcrInfo.pcrSelection);
+ *selectionLength = offset;
+ free(public.pcrInfo.pcrSelection.pcrSelect);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+done:
+ obj_list_put(&policy_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_policy_is_delegation_index_set(TSS_HPOLICY hPolicy, TSS_BOOL *indexSet)
+{
+ struct tsp_object *obj;
+ struct tr_policy_obj *policy;
+
+ if ((obj = obj_list_get_obj(&policy_list, hPolicy)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ *indexSet = policy->delegationIndexSet;
+
+ obj_list_put(&policy_list);
+
+ return TSS_SUCCESS;
+}
+
+void
+obj_policy_clear_delegation(struct tr_policy_obj *policy)
+{
+ free(policy->delegationBlob);
+ policy->delegationType = TSS_DELEGATIONTYPE_NONE;
+ policy->delegationPer1 = 0;
+ policy->delegationPer2 = 0;
+ policy->delegationIndexSet = FALSE;
+ policy->delegationIndex = 0;
+ policy->delegationBlobLength = 0;
+ policy->delegationBlob = NULL;
+}
+
+TSS_RESULT
+obj_policy_get_delegate_public(struct tsp_object *obj, TPM_DELEGATE_PUBLIC *public)
+{
+ struct tr_policy_obj *policy;
+ UINT16 tag;
+ TPM_DELEGATE_OWNER_BLOB ownerBlob;
+ TPM_DELEGATE_KEY_BLOB keyBlob;
+ UINT64 offset;
+ TSS_RESULT result;
+
+ policy = (struct tr_policy_obj *)obj->data;
+
+ if (policy->delegationIndexSet) {
+ if ((result = get_delegate_index(obj->tspContext, policy->delegationIndex,
+ public)))
+ return result;
+ } else if (policy->delegationBlob) {
+ offset = 0;
+ Trspi_UnloadBlob_UINT16(&offset, &tag, policy->delegationBlob);
+
+ offset = 0;
+ switch (tag) {
+ case TPM_TAG_DELEGATE_OWNER_BLOB:
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_OWNER_BLOB(&offset,
+ policy->delegationBlob,
+ &ownerBlob)))
+ return result;
+ *public = ownerBlob.pub;
+ free(ownerBlob.additionalArea);
+ free(ownerBlob.sensitiveArea);
+ break;
+ case TPM_TAG_DELG_KEY_BLOB:
+ if ((result = Trspi_UnloadBlob_TPM_DELEGATE_KEY_BLOB(&offset,
+ policy->delegationBlob,
+ &keyBlob)))
+ return result;
+ *public = keyBlob.pub;
+ free(keyBlob.additionalArea);
+ free(keyBlob.sensitiveArea);
+ break;
+ default:
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ } else
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ return TSS_SUCCESS;
+}
+#endif
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_rsakey.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_rsakey.c
new file mode 100644
index 0000000..1b51e6b
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_rsakey.c
@@ -0,0 +1,2138 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <inttypes.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+TSS_RESULT
+obj_rsakey_add(TSS_HCONTEXT tspContext, TSS_FLAG initFlags, TSS_HOBJECT *phObject)
+{
+ UINT64 offset;
+ TSS_RESULT result;
+ TCPA_RSA_KEY_PARMS rsaKeyParms;
+ TSS_FLAG flags = 0;
+ struct tr_rsakey_obj *rsakey = calloc(1, sizeof(struct tr_rsakey_obj));
+ TPM_STRUCT_VER ver = { 1, 1, 0, 0 }; // Must be 1.1.0.0 for 1.2 TPMs
+ UINT32 ctx_ver;
+
+ if (rsakey == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tr_rsakey_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if ((result = obj_context_get_policy(tspContext, TSS_POLICY_USAGE, &rsakey->usagePolicy))) {
+ free(rsakey);
+ return result;
+ }
+
+ if ((initFlags & TSS_KEY_STRUCT_BITMASK) == TSS_KEY_STRUCT_DEFAULT) {
+ /* Its not set, go with the context's default */
+ if ((result = obj_context_get_connection_version(tspContext, &ctx_ver))) {
+ free(rsakey);
+ return result;
+ }
+
+ switch (ctx_ver) {
+ case TSS_TSPATTRIB_CONTEXT_VERSION_V1_2:
+ initFlags |= TSS_KEY_STRUCT_KEY12;
+ break;
+ case TSS_TSPATTRIB_CONTEXT_VERSION_V1_1:
+ /* fall through */
+ default:
+ initFlags |= TSS_KEY_STRUCT_KEY;
+ break;
+ }
+ }
+
+ offset = 0;
+ switch (initFlags & TSS_KEY_STRUCT_BITMASK) {
+ case TSS_KEY_STRUCT_KEY:
+ rsakey->key.hdr.key11.ver = ver;
+ rsakey->type = TSS_KEY_STRUCT_KEY;
+ rsakey->pcrInfoType = TSS_PCRS_STRUCT_INFO;
+ rsakey->key.keyFlags = 0;
+ break;
+ case TSS_KEY_STRUCT_KEY12:
+ rsakey->key.hdr.key12.tag = TPM_TAG_KEY12;
+ rsakey->key.hdr.key12.fill = 0;
+ rsakey->type = TSS_KEY_STRUCT_KEY12;
+ rsakey->pcrInfoType = TSS_PCRS_STRUCT_INFO_LONG;
+ rsakey->key.keyFlags = TPM_PCRIGNOREDONREAD;
+ break;
+ default:
+ free(rsakey);
+ return TSPERR(TSS_E_INVALID_OBJECT_INITFLAG);
+ break;
+ }
+
+ if (initFlags == TSS_KEY_EMPTY_KEY)
+ goto add_key;
+
+ __tspi_memset(&rsaKeyParms, 0, sizeof(TCPA_RSA_KEY_PARMS));
+
+ rsakey->key.algorithmParms.algorithmID = TCPA_ALG_RSA;
+ rsakey->key.algorithmParms.parmSize = sizeof(TCPA_RSA_KEY_PARMS);
+
+ rsakey->key.algorithmParms.parms = calloc(1, sizeof(TCPA_RSA_KEY_PARMS));
+ if (rsakey->key.algorithmParms.parms == NULL) {
+ LogError("calloc of %u bytes failed.", rsakey->key.algorithmParms.parmSize);
+ free(rsakey);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ rsaKeyParms.exponentSize = 0;
+ rsaKeyParms.numPrimes = 2;
+
+ rsakey->key.pubKey.keyLength = 0;
+ rsakey->key.encSize = 0;
+ rsakey->key.PCRInfoSize = 0;
+
+ /* End of all the default stuff */
+
+ if (initFlags & TSS_KEY_VOLATILE)
+ rsakey->key.keyFlags |= TPM_VOLATILE;
+ if (initFlags & TSS_KEY_MIGRATABLE)
+ rsakey->key.keyFlags |= TPM_MIGRATABLE;
+ if (initFlags & TSS_KEY_AUTHORIZATION) {
+ rsakey->key.authDataUsage = TPM_AUTH_ALWAYS;
+ flags |= TSS_OBJ_FLAG_USAGEAUTH;
+ }
+
+#ifdef TSS_BUILD_CMK
+ if (initFlags & TSS_KEY_CERTIFIED_MIGRATABLE) {
+ if (rsakey->type == TSS_KEY_STRUCT_KEY) {
+ free(rsakey);
+ return TSPERR(TSS_E_BAD_PARAMETER);
+ }
+ rsakey->key.keyFlags |= TPM_MIGRATEAUTHORITY;
+ }
+#endif
+
+ /* set the key length */
+ if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_512) {
+ rsaKeyParms.keyLength = 512;
+ } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_1024) {
+ rsaKeyParms.keyLength = 1024;
+ } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_2048) {
+ rsaKeyParms.keyLength = 2048;
+ } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_4096) {
+ rsaKeyParms.keyLength = 4096;
+ } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_8192) {
+ rsaKeyParms.keyLength = 8192;
+ } else if ((initFlags & TSS_KEY_SIZE_MASK) == TSS_KEY_SIZE_16384) {
+ rsaKeyParms.keyLength = 16384;
+ }
+
+ /* assign encryption and signature schemes */
+ if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_SIGNING) {
+ rsakey->key.keyUsage = TPM_KEY_SIGNING;
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_NONE;
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
+ } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_BIND) {
+ rsakey->key.keyUsage = TPM_KEY_BIND;
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE;
+ } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_LEGACY) {
+ rsakey->key.keyUsage = TPM_KEY_LEGACY;
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
+ } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_STORAGE) {
+ rsakey->key.keyUsage = TPM_KEY_STORAGE;
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE;
+ } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_IDENTITY) {
+ rsakey->key.keyUsage = TPM_KEY_IDENTITY;
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_NONE;
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
+ } else if ((initFlags & TSS_KEY_TYPE_MASK) == TSS_KEY_TYPE_AUTHCHANGE) {
+ rsakey->key.keyUsage = TPM_KEY_AUTHCHANGE;
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE;
+ }
+
+ /* Load the RSA key parms into the blob in the TCPA_KEY_PARMS pointer.
+ * If the exponent is left NULL, the parmSize variable will change
+ * here */
+ offset = 0;
+ Trspi_LoadBlob_RSA_KEY_PARMS(&offset, rsakey->key.algorithmParms.parms, &rsaKeyParms);
+ rsakey->key.algorithmParms.parmSize = offset;
+
+add_key:
+ if ((result = obj_list_add(&rsakey_list, tspContext, flags, rsakey, phObject))) {
+ free(rsakey->key.algorithmParms.parms);
+ free(rsakey);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+/* Add a new rsakey to the list when its pulled from user PS */
+TSS_RESULT
+obj_rsakey_add_by_key(TSS_HCONTEXT tspContext, TSS_UUID *uuid, BYTE *key, TSS_FLAG flags,
+ TSS_HKEY *phKey)
+{
+ TSS_RESULT result;
+ UINT64 offset;
+ struct tr_rsakey_obj *rsakey = calloc(1, sizeof(struct tr_rsakey_obj));
+
+ if (rsakey == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct tr_rsakey_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ memcpy(&rsakey->uuid, uuid, sizeof(TSS_UUID));
+
+ offset = 0;
+ if ((result = UnloadBlob_TSS_KEY(&offset, key, &rsakey->key))) {
+ free(rsakey);
+ return result;
+ }
+ if (rsakey->key.hdr.key12.tag == TPM_TAG_KEY12)
+ rsakey->type = TSS_KEY_STRUCT_KEY12;
+ else
+ rsakey->type = TSS_KEY_STRUCT_KEY;
+
+ flags |= TSS_OBJ_FLAG_KEY_SET;
+ if (rsakey->key.authDataUsage)
+ flags |= TSS_OBJ_FLAG_USAGEAUTH;
+
+ if ((result = obj_context_get_policy(tspContext, TSS_POLICY_USAGE, &rsakey->usagePolicy))) {
+ free(rsakey);
+ return result;
+ }
+
+ if ((result = obj_list_add(&rsakey_list, tspContext, flags, rsakey, phKey))) {
+ free_key_refs(&rsakey->key);
+ free(rsakey);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_rsakey(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&rsakey_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&rsakey_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_rsakey_set_flags(TSS_HKEY hKey, UINT32 flags)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ rsakey->key.keyFlags = flags;
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_size(TSS_HKEY hKey, UINT32 len)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ rsakey->key.pubKey.keyLength = len/8;
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_key_parms(TSS_HKEY hKey, TCPA_KEY_PARMS *parms)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ free(rsakey->key.algorithmParms.parms);
+
+ memcpy(&rsakey->key.algorithmParms, parms, sizeof(TCPA_KEY_PARMS));
+
+ if (parms->parmSize > 0) {
+ if ((rsakey->key.algorithmParms.parms =
+ malloc(parms->parmSize)) == NULL) {
+ LogError("calloc of %d bytes failed.", parms->parmSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ memcpy(rsakey->key.algorithmParms.parms, parms->parms,
+ parms->parmSize);
+ } else {
+ rsakey->key.algorithmParms.parms = NULL;
+ }
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_policy(TSS_HKEY hKey, TSS_HPOLICY hPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ UINT32 policyType;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((result = obj_policy_get_type(hPolicy, &policyType)))
+ return result;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ rsakey->usagePolicy = hPolicy;
+ break;
+ case TSS_POLICY_MIGRATION:
+ rsakey->migPolicy = hPolicy;
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_pstype(TSS_HKEY hKey, UINT32 type)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ switch (type) {
+ case TSS_PS_TYPE_USER:
+ obj->flags |= TSS_OBJ_FLAG_USER_PS;
+ obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
+ break;
+ case TSS_PS_TYPE_SYSTEM:
+ obj->flags |= TSS_OBJ_FLAG_SYSTEM_PS;
+ obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
+ break;
+ case TSS_PS_TYPE_NO:
+ default:
+ obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
+ obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
+ break;
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+/* WARN: Nobody should call this function directly except for the
+ * Get/Set Attrib functions. The TCPA_KEY structure wants values
+ * for keyUsage to be TPM_KEY_* values, and this function translates
+ * to TSS_KEYUSAGE_* values for passing to an app. */
+TSS_RESULT
+obj_rsakey_get_usage(TSS_HKEY hKey, UINT32 *usage)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ switch (rsakey->key.keyUsage) {
+ case TPM_KEY_SIGNING:
+ *usage = TSS_KEYUSAGE_SIGN;
+ break;
+ case TPM_KEY_BIND:
+ *usage = TSS_KEYUSAGE_BIND;
+ break;
+ case TPM_KEY_LEGACY:
+ *usage = TSS_KEYUSAGE_LEGACY;
+ break;
+ case TPM_KEY_AUTHCHANGE:
+ *usage = TSS_KEYUSAGE_AUTHCHANGE;
+ break;
+ case TPM_KEY_IDENTITY:
+ *usage = TSS_KEYUSAGE_IDENTITY;
+ break;
+ case TPM_KEY_STORAGE:
+ *usage = TSS_KEYUSAGE_STORAGE;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_DATA);
+ break;
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+/* WARN: Nobody should call this function directly except for the
+ * Get/Set Attrib functions. The TCPA_KEY structure wants values
+ * for keyUsage to be TPM_KEY_* values, and this function translates
+ * to TSS_KEYUSAGE_* values for passing to an app. */
+TSS_RESULT
+obj_rsakey_set_usage(TSS_HKEY hKey, UINT32 usage)
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ switch (usage) {
+ case TSS_KEYUSAGE_SIGN:
+ rsakey->key.keyUsage = TPM_KEY_SIGNING;
+ break;
+ case TSS_KEYUSAGE_BIND:
+ rsakey->key.keyUsage = TPM_KEY_BIND;
+ break;
+ case TSS_KEYUSAGE_LEGACY:
+ rsakey->key.keyUsage = TPM_KEY_LEGACY;
+ break;
+ case TSS_KEYUSAGE_AUTHCHANGE:
+ rsakey->key.keyUsage = TPM_KEY_AUTHCHANGE;
+ break;
+ case TSS_KEYUSAGE_IDENTITY:
+ rsakey->key.keyUsage = TPM_KEY_IDENTITY;
+ break;
+ case TSS_KEYUSAGE_STORAGE:
+ rsakey->key.keyUsage = TPM_KEY_STORAGE;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_DATA);
+ break;
+ }
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_migratable(TSS_HKEY hKey, UINT32 mig)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (mig)
+ rsakey->key.keyFlags |= TPM_MIGRATABLE;
+ else
+ rsakey->key.keyFlags &= (~TPM_MIGRATABLE);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_redirected(TSS_HKEY hKey, UINT32 redir)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (redir)
+ rsakey->key.keyFlags |= TPM_REDIRECTION;
+ else
+ rsakey->key.keyFlags &= (~TPM_REDIRECTION);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_volatile(TSS_HKEY hKey, UINT32 vol)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (vol)
+ rsakey->key.keyFlags |= TPM_VOLATILE;
+ else
+ rsakey->key.keyFlags &= (~TPM_VOLATILE);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_authdata_usage(TSS_HKEY hKey, UINT32 *usage)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ *usage = (UINT32)rsakey->key.authDataUsage ? TRUE : FALSE;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_set_authdata_usage(TSS_HKEY hKey, UINT32 usage)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ rsakey->key.authDataUsage = (BYTE)usage;
+ if (usage)
+ obj->flags |= TSS_OBJ_FLAG_USAGEAUTH;
+ else
+ obj->flags &= ~TSS_OBJ_FLAG_USAGEAUTH;
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_alg(TSS_HKEY hKey, UINT32 *alg)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ switch (rsakey->key.algorithmParms.algorithmID) {
+ case TCPA_ALG_RSA:
+ *alg = TSS_ALG_RSA;
+ break;
+ default:
+ *alg = rsakey->key.algorithmParms.algorithmID;
+ break;
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_set_alg(TSS_HKEY hKey, UINT32 alg)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ switch (alg) {
+ case TSS_ALG_RSA:
+ rsakey->key.algorithmParms.algorithmID = TCPA_ALG_RSA;
+ break;
+ default:
+ rsakey->key.algorithmParms.algorithmID = alg;
+ break;
+ }
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_es(TSS_HKEY hKey, UINT32 *es)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* translate TPM numbers to TSS numbers */
+ switch (rsakey->key.algorithmParms.encScheme) {
+ case TCPA_ES_NONE:
+ *es = TSS_ES_NONE;
+ break;
+ case TCPA_ES_RSAESPKCSv15:
+ *es = TSS_ES_RSAESPKCSV15;
+ break;
+ case TCPA_ES_RSAESOAEP_SHA1_MGF1:
+ *es = TSS_ES_RSAESOAEP_SHA1_MGF1;
+ break;
+ default:
+ *es = rsakey->key.algorithmParms.encScheme;
+ break;
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_set_es(TSS_HKEY hKey, UINT32 es)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* translate TSS numbers to TPM numbers */
+ switch (es) {
+ case TSS_ES_NONE:
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_NONE;
+ break;
+ case TSS_ES_RSAESPKCSV15:
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESPKCSv15;
+ break;
+ case TSS_ES_RSAESOAEP_SHA1_MGF1:
+ rsakey->key.algorithmParms.encScheme = TCPA_ES_RSAESOAEP_SHA1_MGF1;
+ break;
+ default:
+ rsakey->key.algorithmParms.encScheme = es;
+ break;
+ }
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_ss(TSS_HKEY hKey, UINT32 *ss)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* translate TPM numbers to TSS numbers */
+ switch (rsakey->key.algorithmParms.sigScheme) {
+ case TCPA_SS_NONE:
+ *ss = TSS_SS_NONE;
+ break;
+ case TCPA_SS_RSASSAPKCS1v15_SHA1:
+ *ss = TSS_SS_RSASSAPKCS1V15_SHA1;
+ break;
+ case TCPA_SS_RSASSAPKCS1v15_DER:
+ *ss = TSS_SS_RSASSAPKCS1V15_DER;
+ break;
+ case TCPA_SS_RSASSAPKCS1v15_INFO:
+ *ss = TSS_SS_RSASSAPKCS1V15_INFO;
+ break;
+ default:
+ *ss = rsakey->key.algorithmParms.sigScheme;
+ break;
+ }
+
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_set_ss(TSS_HKEY hKey, UINT32 ss)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* translate TSS numbers to TPM numbers */
+ switch (ss) {
+ case TSS_SS_NONE:
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_NONE;
+ break;
+ case TSS_SS_RSASSAPKCS1V15_SHA1:
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_SHA1;
+ break;
+ case TSS_SS_RSASSAPKCS1V15_DER:
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_DER;
+ break;
+ case TSS_SS_RSASSAPKCS1V15_INFO:
+ rsakey->key.algorithmParms.sigScheme = TCPA_SS_RSASSAPKCS1v15_INFO;
+ break;
+ default:
+ rsakey->key.algorithmParms.sigScheme = ss;
+ break;
+ }
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_num_primes(TSS_HKEY hKey, UINT32 num)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ UINT32ToArray(num, &rsakey->key.algorithmParms.parms[4]);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_num_primes(TSS_HKEY hKey, UINT32 *num)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TCPA_RSA_KEY_PARMS *parms;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ parms = (TCPA_RSA_KEY_PARMS *)rsakey->key.algorithmParms.parms;
+ *num = endian32(parms->numPrimes);
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_get_flags(TSS_HKEY hKey, UINT32 *flags)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ *flags = rsakey->key.keyFlags;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_get_size(TSS_HKEY hKey, UINT32 *len)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ switch (rsakey->key.pubKey.keyLength) {
+ case 512/8:
+ *len = TSS_KEY_SIZEVAL_512BIT;
+ break;
+ case 1024/8:
+ *len = TSS_KEY_SIZEVAL_1024BIT;
+ break;
+ case 2048/8:
+ *len = TSS_KEY_SIZEVAL_2048BIT;
+ break;
+ default:
+ *len = rsakey->key.pubKey.keyLength * 8;
+ break;
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_get_pstype(TSS_HKEY hKey, UINT32 *type)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_SYSTEM_PS)
+ *type = TSS_PS_TYPE_SYSTEM;
+ else if (obj->flags & TSS_OBJ_FLAG_USER_PS)
+ *type = TSS_PS_TYPE_USER;
+ else
+ *type = TSS_PS_TYPE_NO;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_rsakey_is_migratable(TSS_HKEY hKey)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_BOOL answer = FALSE;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return answer;
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->key.keyFlags & TPM_MIGRATABLE)
+ answer = TRUE;
+
+ obj_list_put(&rsakey_list);
+
+ return answer;
+}
+
+TSS_BOOL
+obj_rsakey_is_redirected(TSS_HKEY hKey)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_BOOL answer = FALSE;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return answer;
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->key.keyFlags & TPM_REDIRECTION)
+ answer = TRUE;
+
+ obj_list_put(&rsakey_list);
+
+ return answer;
+}
+
+TSS_BOOL
+obj_rsakey_is_volatile(TSS_HKEY hKey)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_BOOL answer = FALSE;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return answer;
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->key.keyFlags & TPM_VOLATILE)
+ answer = TRUE;
+
+ obj_list_put(&rsakey_list);
+
+ return answer;
+}
+
+TSS_RESULT
+obj_rsakey_get_tsp_context(TSS_HKEY hKey, TSS_HCONTEXT *tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_get_policies(TSS_HKEY hKey, TSS_HPOLICY *usage, TSS_HPOLICY *mig, TSS_BOOL *auth)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ *mig = rsakey->migPolicy;
+ *usage = rsakey->usagePolicy;
+ *auth = rsakey->key.authDataUsage ? TRUE : FALSE;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_get_policy(TSS_HKEY hKey, UINT32 policyType,
+ TSS_HPOLICY *phPolicy, TSS_BOOL *auth)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ *phPolicy = rsakey->usagePolicy;
+ if (auth != NULL) {
+ if (obj->flags & TSS_OBJ_FLAG_USAGEAUTH)
+ *auth = TRUE;
+ else
+ *auth = FALSE;
+ }
+ break;
+ case TSS_POLICY_MIGRATION:
+ if (!rsakey->migPolicy) {
+ result = TSPERR(TSS_E_KEY_NO_MIGRATION_POLICY);
+ break;
+ }
+
+ *phPolicy = rsakey->migPolicy;
+ if (auth != NULL) {
+ if (obj->flags & TSS_OBJ_FLAG_MIGAUTH)
+ *auth = TRUE;
+ else
+ *auth = FALSE;
+ }
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 offset;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ offset = 0;
+ LoadBlob_TSS_KEY(&offset, NULL, &rsakey->key);
+
+ *data = calloc_tspi(obj->tspContext, offset);
+ if (*data == NULL) {
+ LogError("malloc of %" PRIu64 " bytes failed.", offset);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ LoadBlob_TSS_KEY(&offset, *data, &rsakey->key);
+ *size = offset;
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_priv_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ *data = calloc_tspi(obj->tspContext, rsakey->key.encSize);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", rsakey->key.encSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = rsakey->key.encSize;
+ memcpy(*data, rsakey->key.encData, rsakey->key.encSize);
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_modulus(TSS_HKEY hKey, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* if this key object represents the SRK and the public key
+ * data here is all 0's, then we shouldn't return it, we
+ * should return TSS_E_BAD_PARAMETER. This is part of protecting
+ * the SRK public key. */
+ if (rsakey->tcsHandle == TPM_KEYHND_SRK) {
+ BYTE zeroBlob[2048] = { 0, };
+
+ if (!memcmp(rsakey->key.pubKey.key, zeroBlob, rsakey->key.pubKey.keyLength)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ }
+
+ *data = calloc_tspi(obj->tspContext, rsakey->key.pubKey.keyLength);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", rsakey->key.pubKey.keyLength);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = rsakey->key.pubKey.keyLength;
+ memcpy(*data, rsakey->key.pubKey.key, rsakey->key.pubKey.keyLength);
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_modulus(TSS_HKEY hKey, UINT32 size, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ BYTE *free_ptr;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ free_ptr = rsakey->key.pubKey.key;
+
+ rsakey->key.pubKey.key = malloc(size);
+ if (rsakey->key.pubKey.key == NULL) {
+ rsakey->key.pubKey.key = free_ptr; // restore
+ LogError("malloc of %u bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ free(free_ptr);
+ rsakey->key.pubKey.keyLength = size;
+ memcpy(rsakey->key.pubKey.key, data, size);
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_pub_blob(TSS_HKEY hKey, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 offset;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* if this key object represents the SRK and the public key
+ * data here is all 0's, then we shouldn't return it, we
+ * should return TSS_E_BAD_PARAMETER. This is part of protecting
+ * the SRK public key. */
+ if (rsakey->tcsHandle == TPM_KEYHND_SRK) {
+ BYTE zeroBlob[2048] = { 0, };
+
+ if (!memcmp(rsakey->key.pubKey.key, zeroBlob, rsakey->key.pubKey.keyLength)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_KEY_PARMS(&offset, NULL, &rsakey->key.algorithmParms);
+ Trspi_LoadBlob_STORE_PUBKEY(&offset, NULL, &rsakey->key.pubKey);
+
+ *data = calloc_tspi(obj->tspContext, offset);
+ if (*data == NULL) {
+ LogError("malloc of %" PRIu64 " bytes failed.", offset);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_KEY_PARMS(&offset, *data, &rsakey->key.algorithmParms);
+ Trspi_LoadBlob_STORE_PUBKEY(&offset, *data, &rsakey->key.pubKey);
+ *size = offset;
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_version(TSS_HKEY hKey, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 offset;
+ TPM_STRUCT_VER ver = {1, 2, 0, 0}, *pVer;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (rsakey->key.hdr.key12.tag == TPM_TAG_KEY12)
+ pVer = &ver;
+ else
+ pVer = &rsakey->key.hdr.key11.ver;
+
+ offset = 0;
+ Trspi_LoadBlob_TCPA_VERSION(&offset, NULL, *pVer);
+
+ *data = calloc_tspi(obj->tspContext, offset);
+ if (*data == NULL) {
+ LogError("malloc of %" PRIu64 " bytes failed.", offset);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_TCPA_VERSION(&offset, *data, *pVer);
+ *size = offset;
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_exponent(TSS_HKEY hKey, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ TCPA_RSA_KEY_PARMS *parms;
+ BYTE default_exp[3] = { 0x1, 0x0, 0x1 };
+ UINT32 offset;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ parms = (TCPA_RSA_KEY_PARMS *)rsakey->key.algorithmParms.parms;
+ offset = parms->exponentSize;
+
+ /* see TPM 1.1b spec pg. 51. If exponentSize is 0, we're using the
+ * default exponent of 2^16 + 1. */
+ if (offset == 0) {
+ offset = 3;
+ *data = calloc_tspi(obj->tspContext, offset);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", offset);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = offset;
+ memcpy(*data, default_exp, offset);
+ } else {
+ *data = calloc_tspi(obj->tspContext, offset);
+ if (*data == NULL) {
+ LogError("malloc of %u bytes failed.", offset);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ *size = offset;
+ memcpy(*data, parms->exponent, offset);
+ }
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_exponent(TSS_HKEY hKey, UINT32 size, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ TCPA_RSA_KEY_PARMS *parms;
+ BYTE *free_ptr;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ parms = (TCPA_RSA_KEY_PARMS *)rsakey->key.algorithmParms.parms;
+
+ free_ptr = parms->exponent;
+
+ parms->exponent = malloc(size);
+ if (parms->exponent == NULL) {
+ parms->exponent = free_ptr; // restore
+ LogError("malloc of %u bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ free(free_ptr);
+ parms->exponentSize = size;
+ memcpy(parms->exponent, data, size);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_uuid(TSS_HKEY hKey, UINT32 *size, BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 offset;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ offset = 0;
+ Trspi_LoadBlob_UUID(&offset, NULL, rsakey->uuid);
+
+ *data = calloc_tspi(obj->tspContext, offset);
+ if (*data == NULL) {
+ LogError("malloc of %" PRIu64 " bytes failed.", offset);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_UUID(&offset, *data, rsakey->uuid);
+ *size = offset;
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_uuid(TSS_HKEY hKey, TSS_FLAG ps_type, TSS_UUID *uuid)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ memcpy(&rsakey->uuid, uuid, sizeof(TSS_UUID));
+
+ switch (ps_type) {
+ case TSS_PS_TYPE_SYSTEM:
+ obj->flags |= TSS_OBJ_FLAG_SYSTEM_PS;
+ obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
+ break;
+ case TSS_PS_TYPE_USER:
+ obj->flags |= TSS_OBJ_FLAG_USER_PS;
+ obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
+ break;
+ case TSS_PS_TYPE_NO:
+ default:
+ obj->flags &= ~TSS_OBJ_FLAG_USER_PS;
+ obj->flags &= ~TSS_OBJ_FLAG_SYSTEM_PS;
+ break;
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_set_tcs_handle(TSS_HKEY hKey, TCS_KEY_HANDLE tcsHandle)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ rsakey->tcsHandle = tcsHandle;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_get_tcs_handle(TSS_HKEY hKey, TCS_KEY_HANDLE *tcsHandle)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->tcsHandle)
+ *tcsHandle = rsakey->tcsHandle;
+ else
+ result = TSPERR(TSS_E_KEY_NOT_LOADED);
+
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_tcpakey(TSS_HKEY hKey, UINT32 size, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ UINT64 offset;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ free_key_refs(&rsakey->key);
+
+ offset = 0;
+ if ((result = UnloadBlob_TSS_KEY(&offset, data, &rsakey->key)))
+ goto done;
+ if (rsakey->key.hdr.key12.tag == TPM_TAG_KEY12)
+ rsakey->type = TSS_KEY_STRUCT_KEY12;
+ else
+ rsakey->type = TSS_KEY_STRUCT_KEY;
+
+ if (rsakey->key.authDataUsage)
+ obj->flags |= TSS_OBJ_FLAG_USAGEAUTH;
+ else
+ obj->flags &= ~TSS_OBJ_FLAG_USAGEAUTH;
+
+ if (rsakey->key.PCRInfoSize && rsakey->key.PCRInfo) {
+ offset = 0;
+ if (rsakey->type == TSS_KEY_STRUCT_KEY12) {
+ if ((result = Trspi_UnloadBlob_PCR_INFO_LONG(&offset, rsakey->key.PCRInfo,
+ &rsakey->pcrInfo.infolong)))
+ goto done;
+ } else {
+ if ((result = Trspi_UnloadBlob_PCR_INFO(&offset, rsakey->key.PCRInfo,
+ &rsakey->pcrInfo.info11)))
+ goto done;
+ }
+ }
+
+ obj->flags |= TSS_OBJ_FLAG_KEY_SET;
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_pcr_digest(TSS_HKEY hKey,
+ TSS_FLAG pcrInfoType,
+ TSS_FLAG dir,
+ UINT32 *size,
+ BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ TPM_DIGEST *digest = NULL;
+ UINT64 offset;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (pcrInfoType != rsakey->pcrInfoType) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ switch (pcrInfoType) {
+ case TSS_PCRS_STRUCT_INFO:
+ if (dir == TSS_TSPATTRIB_KEYPCR_DIGEST_ATCREATION)
+ digest = &rsakey->pcrInfo.info11.digestAtCreation;
+ else if (dir == TSS_TSPATTRIB_KEYPCR_DIGEST_ATRELEASE)
+ digest = &rsakey->pcrInfo.info11.digestAtRelease;
+ else {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ if (dir == TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATCREATION)
+ digest = &rsakey->pcrInfo.infolong.digestAtCreation;
+ else if (dir == TSS_TSPATTRIB_KEYPCRLONG_DIGEST_ATRELEASE)
+ digest = &rsakey->pcrInfo.infolong.digestAtRelease;
+ else {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ break;
+ default:
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *size = sizeof(TPM_DIGEST);
+
+ if ((*data = calloc_tspi(obj->tspContext, *size)) == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ *size = 0;
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_DIGEST(&offset, *data, digest);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+
+TSS_RESULT
+obj_rsakey_get_pcr_locality(TSS_HKEY hKey, TSS_FLAG dir, UINT32 *locality)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (rsakey->pcrInfoType == TSS_PCRS_STRUCT_INFO_LONG) {
+ if (dir == TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATCREATION)
+ *locality = rsakey->pcrInfo.infolong.localityAtCreation;
+ else if (dir == TSS_TSPATTRIB_KEYPCRLONG_LOCALITY_ATRELEASE)
+ *locality = rsakey->pcrInfo.infolong.localityAtRelease;
+ else
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ } else
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_pcr_selection(TSS_HKEY hKey,
+ UINT32 pcrInfoType,
+ TSS_FLAG dir,
+ UINT32 *size,
+ BYTE **data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT64 offset;
+ TPM_PCR_SELECTION *selection = NULL;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (pcrInfoType != rsakey->pcrInfoType) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ switch (pcrInfoType) {
+ case TSS_PCRS_STRUCT_INFO:
+ if (dir == TSS_TSPATTRIB_KEYPCR_SELECTION)
+ selection = &rsakey->pcrInfo.info11.pcrSelection;
+ else {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ break;
+ case TSS_PCRS_STRUCT_INFO_LONG:
+ if (dir == TSS_TSPATTRIB_KEYPCRLONG_CREATION_SELECTION)
+ selection = &rsakey->pcrInfo.infolong.creationPCRSelection;
+ else if (dir == TSS_TSPATTRIB_KEYPCRLONG_RELEASE_SELECTION)
+ selection = &rsakey->pcrInfo.infolong.releasePCRSelection;
+ else {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ break;
+ default:
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *size = sizeof(UINT16) + selection->sizeOfSelect;
+
+ if ((*data = calloc_tspi(obj->tspContext, *size)) == NULL) {
+ LogError("malloc of %u bytes failed.", *size);
+ *size = 0;
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ offset = 0;
+ Trspi_LoadBlob_PCR_SELECTION(&offset, *data, selection);
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+rsakey_set_pubkey(struct tr_rsakey_obj *rsakey, BYTE *pubkey)
+{
+ TSS_RESULT result;
+ UINT64 offset = 0;
+ TPM_PUBKEY pub;
+
+ if ((result = Trspi_UnloadBlob_PUBKEY(&offset, pubkey, &pub)))
+ return result;
+
+ free(rsakey->key.pubKey.key);
+ free(rsakey->key.algorithmParms.parms);
+
+ memcpy(&rsakey->key.pubKey, &pub.pubKey, sizeof(TPM_STORE_PUBKEY));
+ memcpy(&rsakey->key.algorithmParms, &pub.algorithmParms, sizeof(TPM_KEY_PARMS));
+
+ return TSS_SUCCESS;
+}
+
+/* Expect a TPM_PUBKEY as is explained in the portable data section of the spec */
+TSS_RESULT
+obj_rsakey_set_pubkey(TSS_HKEY hKey, UINT32 force, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (!force && (obj->flags & TSS_OBJ_FLAG_KEY_SET)) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ result = rsakey_set_pubkey(rsakey, data);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_srk_pubkey(BYTE *pubkey)
+{
+ struct tsp_object *obj;
+ struct obj_list *list = &rsakey_list;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* we found the SRK, set this data as its public key */
+ if (rsakey->tcsHandle == TPM_KEYHND_SRK) {
+ result = rsakey_set_pubkey(rsakey, pubkey);
+ MUTEX_UNLOCK(list->lock);
+ return result;
+ }
+ }
+
+ MUTEX_UNLOCK(list->lock);
+
+ return TSPERR(TSS_E_INVALID_HANDLE);
+}
+
+TSS_RESULT
+obj_rsakey_set_privkey(TSS_HKEY hKey, UINT32 force, UINT32 size, BYTE *data)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ void *to_free;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (!force && (obj->flags & TSS_OBJ_FLAG_KEY_SET)) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ to_free = rsakey->key.encData;
+
+ rsakey->key.encData = calloc(1, size);
+ if (rsakey->key.encData == NULL) {
+ rsakey->key.encData = to_free; // restore
+ LogError("malloc of %u bytes failed.", size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ free(to_free);
+ rsakey->key.encSize = size;
+ memcpy(rsakey->key.encData, data, size);
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_pcr_data(TSS_HKEY hKey, TSS_HPCRS hPcrComposite)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT32 pcrType, pcrSize;
+ BYTE *pcrInfo;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ /* passing in a pcrType of TSS_PCRS_STRUCT_DEFAULT will tell the pcr routine to create
+ * a structure matching the type of the hPcrComposite object */
+ pcrType = TSS_PCRS_STRUCT_DEFAULT;
+ if ((result = obj_pcrs_create_info_type(hPcrComposite, &pcrType, &pcrSize, &pcrInfo)))
+ goto done;
+
+ rsakey->key.PCRInfo = pcrInfo;
+ rsakey->key.PCRInfoSize = pcrSize;
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+void
+__tspi_rsakey_free(void *data)
+{
+ struct tr_rsakey_obj *rsakey = (struct tr_rsakey_obj *)data;
+
+ free(rsakey->key.algorithmParms.parms);
+ free(rsakey->key.encData);
+ free(rsakey->key.PCRInfo);
+ free(rsakey->key.pubKey.key);
+ free(rsakey);
+}
+
+/* Remove an individual rsakey object from the rsakey list with handle
+ * equal to hObject. Clean up the TSP's key handle table. */
+TSS_RESULT
+obj_rsakey_remove(TSS_HOBJECT hObject, TSS_HCONTEXT tspContext)
+{
+ TSS_RESULT result;
+
+ if ((result = obj_list_remove(&rsakey_list, &__tspi_rsakey_free, hObject, tspContext)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_get_by_pub(UINT32 pub_size, BYTE *pub, TSS_HKEY *hKey)
+{
+ struct obj_list *list = &rsakey_list;
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (rsakey->key.pubKey.keyLength == pub_size &&
+ !memcmp(&rsakey->key.pubKey.key, pub, pub_size)) {
+ *hKey = obj->handle;
+ goto done;
+ }
+ }
+
+ *hKey = 0;
+done:
+ MUTEX_UNLOCK(list->lock);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_by_uuid(TSS_UUID *uuid, TSS_HKEY *hKey)
+{
+ struct obj_list *list = &rsakey_list;
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (!memcmp(&rsakey->uuid, uuid, sizeof(TSS_UUID))) {
+ *hKey = obj->handle;
+ goto done;
+ }
+ }
+
+ result = TSPERR(TSS_E_PS_KEY_NOTFOUND);
+done:
+ MUTEX_UNLOCK(list->lock);
+
+ return result;
+}
+
+void
+obj_rsakey_remove_policy_refs(TSS_HPOLICY hPolicy, TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj;
+ struct obj_list *list = &rsakey_list;
+ struct tr_rsakey_obj *rsakey;
+
+ MUTEX_LOCK(list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ if (obj->tspContext != tspContext)
+ continue;
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->usagePolicy == hPolicy)
+ rsakey->usagePolicy = NULL_HPOLICY;
+
+ if (rsakey->migPolicy == hPolicy)
+ rsakey->migPolicy = NULL_HPOLICY;
+ }
+
+ MUTEX_UNLOCK(list->lock);
+}
+
+#if 0
+TSS_RESULT
+obj_rsakey_get_transport_attribs(TSS_HKEY hKey, TCS_KEY_HANDLE *hTCSKey, TPM_DIGEST *pubDigest)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result;
+ Trspi_HashCtx hashCtx;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ *hTCSKey = rsakey->tcsHandle;
+
+ result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
+ result |= Trspi_Hash_STORE_PUBKEY(&hashCtx, &rsakey->key.pubKey);
+ result |= Trspi_HashFinal(&hashCtx, pubDigest->digest);
+
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_CMK
+TSS_BOOL
+obj_rsakey_is_cmk(TSS_HKEY hKey)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_BOOL answer = FALSE;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return answer;
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->type != TSS_KEY_STRUCT_KEY) {
+ if (rsakey->key.keyFlags & TPM_MIGRATEAUTHORITY)
+ answer = TRUE;
+ }
+
+ obj_list_put(&rsakey_list);
+
+ return answer;
+}
+
+TSS_RESULT
+obj_rsakey_set_cmk(TSS_HKEY hKey, UINT32 cmk)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ if (obj->flags & TSS_OBJ_FLAG_KEY_SET) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ if (rsakey->type == TSS_KEY_STRUCT_KEY) {
+ result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
+ goto done;
+ }
+
+ if (cmk)
+ rsakey->key.keyFlags |= TPM_MIGRATEAUTHORITY;
+ else
+ rsakey->key.keyFlags &= (~TPM_MIGRATEAUTHORITY);
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_msa_approval(TSS_HKEY hKey, UINT32 blobSize, BYTE *blob)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (blobSize != sizeof(rsakey->msaApproval.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(rsakey->msaApproval.digest, blob, sizeof(rsakey->msaApproval.digest));
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_msa_approval(TSS_HKEY hKey, UINT32 *blobSize, BYTE **blob)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if ((*blob = calloc_tspi(obj->tspContext, sizeof(rsakey->msaApproval.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(rsakey->msaApproval.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*blob, rsakey->msaApproval.digest, sizeof(rsakey->msaApproval.digest));
+ *blobSize = sizeof(rsakey->msaApproval.digest);
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_set_msa_digest(TSS_HKEY hKey, UINT32 blobSize, BYTE *blob)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (blobSize != sizeof(rsakey->msaDigest.digest)) {
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ goto done;
+ }
+ memcpy(rsakey->msaDigest.digest, blob, sizeof(rsakey->msaDigest.digest));
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_rsakey_get_msa_digest(TSS_HKEY hKey, UINT32 *blobSize, BYTE **blob)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if ((*blob = calloc_tspi(obj->tspContext, sizeof(rsakey->msaDigest.digest))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(rsakey->msaDigest.digest));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(*blob, rsakey->msaDigest.digest, sizeof(rsakey->msaDigest.digest));
+ *blobSize = sizeof(rsakey->msaDigest.digest);
+
+done:
+ obj_list_put(&rsakey_list);
+
+ return result;
+}
+#endif
+
+TSS_RESULT
+obj_rsakey_get_ownerevict(TSS_HKEY hKey, UINT32 *value)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+ *value = rsakey->flags & TSS_RSAKEY_FLAG_OWNEREVICT;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_rsakey_set_ownerevict(TSS_HKEY hKey, TSS_BOOL value)
+{
+ struct tsp_object *obj;
+ struct tr_rsakey_obj *rsakey;
+
+ if ((obj = obj_list_get_obj(&rsakey_list, hKey)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ rsakey = (struct tr_rsakey_obj *)obj->data;
+
+ if (value)
+ rsakey->flags |= TSS_RSAKEY_FLAG_OWNEREVICT;
+ else
+ rsakey->flags &= ~TSS_RSAKEY_FLAG_OWNEREVICT;
+
+ obj_list_put(&rsakey_list);
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_tpm.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_tpm.c
new file mode 100644
index 0000000..586b875
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/obj_tpm.c
@@ -0,0 +1,531 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2005, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "obj.h"
+
+void
+tpm_free(void *data)
+{
+ struct tr_tpm_obj *tpm = (struct tr_tpm_obj *)data;
+
+ free(tpm);
+}
+
+TSS_RESULT
+obj_tpm_add(TSS_HCONTEXT tspContext, TSS_HOBJECT *phObject)
+{
+ TSS_RESULT result;
+ struct tr_tpm_obj *tpm = calloc(1, sizeof(struct tr_tpm_obj));
+
+ if (tpm == NULL) {
+ LogError("malloc of %zd bytes failed.",
+ sizeof(struct tr_tpm_obj));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ /* add usage policy */
+ if ((result = obj_policy_add(tspContext, TSS_POLICY_USAGE,
+ &tpm->policy))) {
+ free(tpm);
+ return result;
+ }
+
+ /* initialize the default ctr_id to inactive until we query the TPM */
+ tpm->ctr_id = 0xffffffff;
+
+ if ((result = obj_list_add(&tpm_list, tspContext, 0, tpm, phObject))) {
+ free(tpm);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_BOOL
+obj_is_tpm(TSS_HOBJECT hObject)
+{
+ TSS_BOOL answer = FALSE;
+
+ if ((obj_list_get_obj(&tpm_list, hObject))) {
+ answer = TRUE;
+ obj_list_put(&tpm_list);
+ }
+
+ return answer;
+}
+
+TSS_RESULT
+obj_tpm_set_policy(TSS_HTPM hTpm, TSS_HPOLICY hPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ UINT32 policyType;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((result = obj_policy_get_type(hPolicy, &policyType)))
+ return result;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ tpm->policy = hPolicy;
+ break;
+#ifdef TSS_BUILD_TSS12
+ case TSS_POLICY_OPERATOR:
+ tpm->operatorPolicy = hPolicy;
+ break;
+#endif
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&tpm_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_tpm_get_policy(TSS_HTPM hTpm, UINT32 policyType, TSS_HPOLICY *phPolicy)
+{
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ switch (policyType) {
+ case TSS_POLICY_USAGE:
+ *phPolicy = tpm->policy;
+ break;
+#ifdef TSS_BUILD_TSS12
+ case TSS_POLICY_OPERATOR:
+ *phPolicy = tpm->operatorPolicy;
+ break;
+#endif
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ }
+
+ obj_list_put(&tpm_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_tpm_get_tsp_context(TSS_HTPM hTpm, TSS_HCONTEXT *tspContext)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *tspContext = obj->tspContext;
+
+ obj_list_put(&tpm_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_tpm_get(TSS_HCONTEXT tspContext, TSS_HTPM *phTpm)
+{
+ struct tsp_object *obj;
+
+ if ((obj = obj_list_get_tspcontext(&tpm_list, tspContext)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ *phTpm = obj->handle;
+
+ obj_list_put(&tpm_list);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+obj_tpm_get_cb11(TSS_HTPM hTpm, TSS_FLAG type, UINT32 *cb)
+{
+#ifndef __LP64__
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ switch (type) {
+ case TSS_TSPATTRIB_TPM_CALLBACK_COLLATEIDENTITY:
+ *cb = (UINT32)tpm->Tspicb_CollateIdentity;
+ break;
+ case TSS_TSPATTRIB_TPM_CALLBACK_ACTIVATEIDENTITY:
+ *cb = (UINT32)tpm->Tspicb_ActivateIdentity;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+
+ obj_list_put(&tpm_list);
+
+ return result;
+#else
+ return TSPERR(TSS_E_FAIL);
+#endif
+}
+
+TSS_RESULT
+obj_tpm_set_cb11(TSS_HTPM hTpm, TSS_FLAG type, TSS_FLAG app_data, UINT32 cb)
+{
+#ifndef __LP64__
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ switch (type) {
+ case TSS_TSPATTRIB_TPM_CALLBACK_COLLATEIDENTITY:
+ tpm->Tspicb_CollateIdentity = (PVOID)cb;
+ tpm->collateAppData = (PVOID)app_data;
+ break;
+ case TSS_TSPATTRIB_TPM_CALLBACK_ACTIVATEIDENTITY:
+ tpm->Tspicb_ActivateIdentity = (PVOID)cb;
+ tpm->activateAppData = (PVOID)app_data;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+
+ obj_list_put(&tpm_list);
+
+ return result;
+#else
+ return TSPERR(TSS_E_FAIL);
+#endif
+}
+
+TSS_RESULT
+obj_tpm_set_cred(TSS_HTPM hTpm, TSS_FLAG type, UINT32 CredSize, BYTE *CredData)
+{
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ switch (type) {
+ case TSS_TPMATTRIB_EKCERT:
+ if ((tpm->EndorsementCred = malloc(CredSize)) == NULL) {
+ LogError("malloc of %u bytes failed", CredSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(tpm->EndorsementCred, CredData, CredSize);
+ tpm->EndorsementCredSize = CredSize;
+ break;
+ case TSS_TPMATTRIB_TPM_CC:
+ if ((tpm->ConformanceCred = malloc(CredSize)) == NULL) {
+ LogError("malloc of %u bytes failed", CredSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(tpm->ConformanceCred, CredData, CredSize);
+ tpm->ConformanceCredSize = CredSize;
+ break;
+ case TSS_TPMATTRIB_PLATFORMCERT:
+ if ((tpm->PlatformCred = malloc(CredSize)) == NULL) {
+ LogError("malloc of %u bytes failed", CredSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(tpm->PlatformCred, CredData, CredSize);
+ tpm->PlatformCredSize = CredSize;
+ break;
+ case TSS_TPMATTRIB_PLATFORM_CC:
+ if ((tpm->PlatformConfCred = malloc(CredSize)) == NULL) {
+ LogError("malloc of %u bytes failed", CredSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ memcpy(tpm->PlatformConfCred, CredData, CredSize);
+ tpm->PlatformConfCredSize = CredSize;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+done:
+ obj_list_put(&tpm_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_tpm_get_cred(TSS_HTPM hTpm, TSS_FLAG type, UINT32 *CredSize, BYTE **CredData)
+{
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ /* get the size of data we need to allocate */
+ switch (type) {
+ case TSS_TPMATTRIB_EKCERT:
+ *CredSize = tpm->EndorsementCredSize;
+ break;
+ case TSS_TPMATTRIB_TPM_CC:
+ *CredSize = tpm->ConformanceCredSize;
+ break;
+ case TSS_TPMATTRIB_PLATFORMCERT:
+ *CredSize = tpm->PlatformCredSize;
+ break;
+ case TSS_TPMATTRIB_PLATFORM_CC:
+ *CredSize = tpm->PlatformConfCredSize;
+ break;
+ default:
+ LogError("Credential type is unknown");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ if (*CredSize == 0) {
+ *CredData = NULL;
+ goto done;
+ }
+
+ if ((*CredData = calloc_tspi(obj->tspContext, *CredSize)) == NULL) {
+ *CredSize = 0;
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ switch (type) {
+ case TSS_TPMATTRIB_EKCERT:
+ memcpy(*CredData, tpm->EndorsementCred, *CredSize);
+ break;
+ case TSS_TPMATTRIB_TPM_CC:
+ memcpy(*CredData, tpm->ConformanceCred, *CredSize);
+ break;
+ case TSS_TPMATTRIB_PLATFORMCERT:
+ memcpy(*CredData, tpm->PlatformCred, *CredSize);
+ break;
+ case TSS_TPMATTRIB_PLATFORM_CC:
+ memcpy(*CredData, tpm->PlatformConfCred, *CredSize);
+ break;
+ default:
+ result = TSPERR(TSS_E_BAD_PARAMETER);
+ *CredSize = 0;
+ free(*CredData);
+ *CredData = NULL;
+ break;
+ }
+
+done:
+ obj_list_put(&tpm_list);
+ return result;
+}
+
+TSS_RESULT
+obj_tpm_set_cb12(TSS_HTPM hTpm, TSS_FLAG flag, BYTE *in)
+{
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+ TSS_CALLBACK *cb = (TSS_CALLBACK *)in;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ switch (flag) {
+ case TSS_TSPATTRIB_TPM_CALLBACK_COLLATEIDENTITY:
+ if (!cb) {
+ tpm->Tspicb_CollateIdentity = NULL;
+ break;
+ }
+
+ tpm->Tspicb_CollateIdentity = (TSS_RESULT (*)(PVOID,
+ UINT32, BYTE *, TSS_ALGORITHM_ID, UINT32 *,
+ BYTE *, UINT32 *, BYTE *))cb->callback;
+ tpm->collateAppData = cb->appData;
+ tpm->collateAlg = cb->alg;
+ break;
+ case TSS_TSPATTRIB_TPM_CALLBACK_ACTIVATEIDENTITY:
+ if (!cb) {
+ tpm->Tspicb_ActivateIdentity = NULL;
+ break;
+ }
+
+ tpm->Tspicb_ActivateIdentity = (TSS_RESULT (*)(PVOID,
+ UINT32, BYTE *, UINT32, BYTE *, UINT32 *,
+ BYTE *))cb->callback;
+ tpm->activateAppData = cb->appData;
+ tpm->activateAlg = cb->alg;
+ break;
+ default:
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+
+ obj_list_put(&tpm_list);
+
+ return result;
+}
+
+TSS_RESULT
+obj_tpm_get_cb12(TSS_HTPM hTpm, TSS_FLAG flag, UINT32 *size, BYTE **out)
+{
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+ TSS_CALLBACK *cb;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTpm)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ if ((cb = calloc_tspi(obj->tspContext, sizeof(TSS_CALLBACK))) == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(TSS_CALLBACK));
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+
+ switch (flag) {
+ case TSS_TSPATTRIB_TPM_CALLBACK_COLLATEIDENTITY:
+ cb->callback = tpm->Tspicb_CollateIdentity;
+ cb->appData = tpm->collateAppData;
+ cb->alg = tpm->collateAlg;
+ *size = sizeof(TSS_CALLBACK);
+ *out = (BYTE *)cb;
+ break;
+ case TSS_TSPATTRIB_TPM_CALLBACK_ACTIVATEIDENTITY:
+ cb->callback = tpm->Tspicb_ActivateIdentity;
+ cb->appData = tpm->activateAppData;
+ cb->alg = tpm->activateAlg;
+ *size = sizeof(TSS_CALLBACK);
+ *out = (BYTE *)cb;
+ break;
+ default:
+ free_tspi(obj->tspContext, cb);
+ result = TSPERR(TSS_E_INVALID_ATTRIB_FLAG);
+ break;
+ }
+done:
+ obj_list_put(&tpm_list);
+
+ return result;
+}
+
+void
+obj_tpm_remove_policy_refs(TSS_HPOLICY hPolicy, TSS_HCONTEXT tspContext)
+{
+ struct tsp_object *obj;
+ struct obj_list *list = &tpm_list;
+ struct tr_tpm_obj *tpm;
+
+ pthread_mutex_lock(&list->lock);
+
+ for (obj = list->head; obj; obj = obj->next) {
+ if (obj->tspContext != tspContext)
+ continue;
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+ if (tpm->policy == hPolicy)
+ tpm->policy = NULL_HPOLICY;
+#ifdef TSS_BUILD_TSS12
+ if (tpm->operatorPolicy == hPolicy)
+ tpm->operatorPolicy = NULL_HPOLICY;
+#endif
+ }
+
+ pthread_mutex_unlock(&list->lock);
+}
+
+#ifdef TSS_BUILD_COUNTER
+TSS_RESULT
+obj_tpm_get_current_counter(TSS_HTPM hTPM, TSS_COUNTER_ID *ctr_id)
+{
+ struct tsp_object *obj;
+ struct tr_tpm_obj *tpm;
+ TSS_RESULT result = TSS_SUCCESS;
+ UINT32 respLen, subCap = endian32(TPM_CAP_PROP_ACTIVE_COUNTER);
+ BYTE *resp;
+
+ if ((obj = obj_list_get_obj(&tpm_list, hTPM)) == NULL)
+ return TSPERR(TSS_E_INVALID_HANDLE);
+
+ tpm = (struct tr_tpm_obj *)obj->data;
+
+ if (tpm->ctr_id != 0xffffffff) {
+ *ctr_id = tpm->ctr_id;
+ goto done;
+ }
+
+ /* No counter has yet been associated with the TPM object, so let the TPM object lock
+ * protect us here and get a counter ID */
+ if ((result = TCS_API(obj->tspContext)->GetTPMCapability(obj->tspContext, TPM_CAP_PROPERTY,
+ sizeof(UINT32), (BYTE *)&subCap,
+ &respLen, &resp)))
+ goto done;
+
+ if (respLen != sizeof(UINT32)) {
+ LogDebug("TPM GetCap response size isn't sizeof(UINT32)!");
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ memcpy(&tpm->ctr_id, resp, respLen);
+ free(resp);
+
+ if (tpm->ctr_id == 0xffffffff) {
+ result = TSPERR(TSS_E_NO_ACTIVE_COUNTER);
+ goto done;
+ }
+ *ctr_id = tpm->ctr_id;
+done:
+ obj_list_put(&tpm_list);
+
+ return result;
+}
+#endif
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/ps/ps_utils.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/ps/ps_utils.c
new file mode 100644
index 0000000..aac40a1
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/ps/ps_utils.c
@@ -0,0 +1,57 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2006
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "spi_utils.h"
+#include "tspps.h"
+#include "tsplog.h"
+
+inline TSS_RESULT
+read_data(int fd, void *data, UINT32 size)
+{
+ int rc;
+
+ rc = read(fd, data, size);
+ if (rc == -1) {
+ LogError("read of %d bytes: %s", size, strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ } else if ((unsigned)rc != size) {
+ LogError("read of %d bytes (only %d read)", size, rc);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+inline TSS_RESULT
+write_data(int fd, void *data, UINT32 size)
+{
+ int rc;
+
+ rc = write(fd, data, size);
+ if (rc == -1) {
+ LogError("write of %d bytes: %s", size, strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ } else if ((unsigned)rc != size) {
+ LogError("write of %d bytes (only %d written)", size, rc);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/ps/tspps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/ps/tspps.c
new file mode 100644
index 0000000..c6f9c3d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/ps/tspps.c
@@ -0,0 +1,1298 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <errno.h>
+#include <pwd.h>
+#include <sys/types.h>
+#include <sys/file.h>
+#include <sys/stat.h>
+#include <assert.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <netdb.h>
+#if defined (HAVE_BYTEORDER_H)
+#include <sys/byteorder.h>
+#elif defined(HTOLE_DEFINED)
+#include <endian.h>
+#define LE_16 htole16
+#define LE_32 htole32
+#define LE_64 htole64
+#else
+#define LE_16(x) (x)
+#define LE_32(x) (x)
+#define LE_64(x) (x)
+#endif
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "tcs_tsp.h"
+#include "spi_utils.h"
+#include "tspps.h"
+#include "tsplog.h"
+
+static int user_ps_fd = -1;
+static MUTEX_DECLARE_INIT(user_ps_lock);
+#if (defined (__FreeBSD__) || defined (__OpenBSD__))
+static MUTEX_DECLARE_INIT(user_ps_path);
+#endif
+static struct flock fl;
+
+
+/*
+ * Determine the default path to the persistent storage file and create it if it doesn't exist.
+ */
+TSS_RESULT
+get_user_ps_path(char **file)
+{
+ TSS_RESULT result;
+ char *file_name = NULL, *home_dir = NULL;
+ struct passwd *pwp;
+#if (defined (__linux) || defined (linux) || defined(__GLIBC__))
+ struct passwd pw;
+#endif
+ struct stat stat_buf;
+ char buf[PASSWD_BUFSIZE];
+ uid_t euid;
+ int rc;
+
+ if ((file_name = getenv("TSS_USER_PS_FILE"))) {
+ *file = strdup(file_name);
+ return (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY);
+ }
+#if (defined (__FreeBSD__) || defined (__OpenBSD__))
+ MUTEX_LOCK(user_ps_path);
+#endif
+
+ euid = geteuid();
+
+#if defined (SOLARIS)
+ /*
+ * Solaris keeps user PS in a local directory instead of
+ * in the user's home directory, which may be shared
+ * by multiple systems.
+ *
+ * The directory path on Solaris is /var/tpm/userps/[EUID]/
+ */
+ rc = snprintf(buf, sizeof (buf), "%s/%d", TSS_USER_PS_DIR, euid);
+#else
+ setpwent();
+ while (1) {
+#if (defined (__linux) || defined (linux) || defined(__GLIBC__))
+ rc = getpwent_r(&pw, buf, PASSWD_BUFSIZE, &pwp);
+ if (rc) {
+ LogDebugFn("USER PS: Error getting path to home directory: getpwent_r: %s",
+ strerror(rc));
+ endpwent();
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+#elif (defined (__FreeBSD__) || defined (__OpenBSD__))
+ if ((pwp = getpwent()) == NULL) {
+ LogDebugFn("USER PS: Error getting path to home directory: getpwent: %s",
+ strerror(rc));
+ endpwent();
+ MUTEX_UNLOCK(user_ps_path);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+#endif
+ if (euid == pwp->pw_uid) {
+ home_dir = strdup(pwp->pw_dir);
+ break;
+ }
+ }
+ endpwent();
+
+ if (!home_dir)
+ return TSPERR(TSS_E_OUTOFMEMORY);
+
+ /* Tack on TSS_USER_PS_DIR and see if it exists */
+ rc = snprintf(buf, sizeof (buf), "%s/%s", home_dir, TSS_USER_PS_DIR);
+#endif /* SOLARIS */
+ if (rc == sizeof (buf)) {
+ LogDebugFn("USER PS: Path to file too long! (> %d bytes)", PASSWD_BUFSIZE);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ errno = 0;
+ if ((rc = stat(buf, &stat_buf)) == -1) {
+ if (errno == ENOENT) {
+ errno = 0;
+ /* Create the user's ps directory if it is not there. */
+ if ((rc = mkdir(buf, 0700)) == -1) {
+ LogDebugFn("USER PS: Error creating dir: %s: %s", buf,
+ strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ } else {
+ LogDebugFn("USER PS: Error stating dir: %s: %s", buf, strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+
+ /* Directory exists or has been created, return the path to the file */
+#if defined (SOLARIS)
+ rc = snprintf(buf, sizeof (buf), "%s/%d/%s", TSS_USER_PS_DIR, euid,
+ TSS_USER_PS_FILE);
+#else
+ rc = snprintf(buf, sizeof (buf), "%s/%s/%s", home_dir, TSS_USER_PS_DIR,
+ TSS_USER_PS_FILE);
+#endif
+ if (rc == sizeof (buf)) {
+ LogDebugFn("USER PS: Path to file too long! (> %zd bytes)", sizeof (buf));
+ } else
+ *file = strdup(buf);
+
+ result = (*file) ? TSS_SUCCESS : TSPERR(TSS_E_OUTOFMEMORY);
+done:
+ free(home_dir);
+ return result;
+}
+
+TSS_RESULT
+get_file(int *fd)
+{
+ TSS_RESULT result;
+ int rc = 0;
+ char *file_name = NULL;
+
+ MUTEX_LOCK(user_ps_lock);
+
+ /* check the global file handle first. If it exists, lock it and return */
+ if (user_ps_fd != -1) {
+ fl.l_type = F_WRLCK;
+ if ((rc = fcntl(user_ps_fd, F_SETLKW, &fl))) {
+ LogDebug("USER PS: failed to lock file: %s", strerror(errno));
+ MUTEX_UNLOCK(user_ps_lock);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ *fd = user_ps_fd;
+ return TSS_SUCCESS;
+ }
+
+ /* open and lock the file */
+ if ((result = get_user_ps_path(&file_name))) {
+ LogDebugFn("USER PS: error getting file path");
+ MUTEX_UNLOCK(user_ps_lock);
+ return result;
+ }
+
+ user_ps_fd = open(file_name, O_CREAT|O_RDWR, 0600);
+ if (user_ps_fd < 0) {
+ LogDebug("USER PS: open of %s failed: %s", file_name, strerror(errno));
+ free(file_name);
+ MUTEX_UNLOCK(user_ps_lock);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ fl.l_type = F_WRLCK;
+ if ((rc = fcntl(user_ps_fd, F_SETLKW, &fl))) {
+ LogDebug("USER PS: failed to get lock of %s: %s", file_name, strerror(errno));
+ free(file_name);
+ close(user_ps_fd);
+ user_ps_fd = -1;
+ MUTEX_UNLOCK(user_ps_lock);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ *fd = user_ps_fd;
+ free(file_name);
+ return TSS_SUCCESS;
+}
+
+int
+put_file(int fd)
+{
+ int rc = 0;
+
+ fsync(fd);
+
+ /* release the file lock */
+ fl.l_type = F_UNLCK;
+ if ((rc = fcntl(fd, F_SETLKW, &fl))) {
+ LogDebug("USER PS: failed to unlock file: %s", strerror(errno));
+ rc = -1;
+ }
+
+ MUTEX_UNLOCK(user_ps_lock);
+ return rc;
+}
+
+void
+psfile_close(int fd)
+{
+ close(fd);
+ user_ps_fd = -1;
+ MUTEX_UNLOCK(user_ps_lock);
+}
+
+TSS_RESULT
+psfile_is_key_registered(int fd, TSS_UUID *uuid, TSS_BOOL *answer)
+{
+ TSS_RESULT result;
+ struct key_disk_cache tmp;
+
+ if ((result = psfile_get_cache_entry_by_uuid(fd, uuid, &tmp)) == TSS_SUCCESS)
+ *answer = TRUE;
+ else if (result == (TSS_E_PS_KEY_NOTFOUND | TSS_LAYER_TSP))
+ *answer = FALSE;
+ else
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_get_parent_uuid_by_uuid(int fd, TSS_UUID *uuid, TSS_UUID *ret_uuid)
+{
+ TSS_RESULT result;
+ struct key_disk_cache tmp;
+
+ if ((result = psfile_get_cache_entry_by_uuid(fd, uuid, &tmp)))
+ return result;
+
+ memcpy(ret_uuid, &tmp.parent_uuid, sizeof(TSS_UUID));
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_get_parent_ps_type(int fd, TSS_UUID *uuid, UINT32 *type)
+{
+ TSS_RESULT result;
+ struct key_disk_cache tmp;
+
+ if ((result = psfile_get_cache_entry_by_uuid(fd, uuid, &tmp)))
+ return result;
+
+ if (tmp.flags & CACHE_FLAG_PARENT_PS_SYSTEM)
+ *type = TSS_PS_TYPE_SYSTEM;
+ else
+ *type = TSS_PS_TYPE_USER;
+
+ return TSS_SUCCESS;
+}
+
+/*
+ * return a key struct from PS given a uuid
+ */
+TSS_RESULT
+psfile_get_key_by_uuid(int fd, TSS_UUID *uuid, BYTE *key)
+{
+ int rc;
+ TSS_RESULT result;
+ off_t file_offset;
+ struct key_disk_cache tmp;
+ BYTE buf[4096];
+
+ if ((result = psfile_get_cache_entry_by_uuid(fd, uuid, &tmp)))
+ return result;
+
+ /* jump to the location of the key blob */
+ file_offset = TSSPS_BLOB_DATA_OFFSET(&tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebugFn("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (tmp.blob_size > 4096) {
+ LogError("Blob size greater than 4096! Size: %d",
+ tmp.blob_size);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ if ((rc = read_data(fd, buf, tmp.blob_size))) {
+ LogDebugFn("Blob read from disk failed.");
+ return rc;
+ }
+
+ memcpy(key, buf, tmp.blob_size);
+ return TSS_SUCCESS;
+}
+
+/*
+ * return a key struct from PS given a public key
+ */
+TSS_RESULT
+psfile_get_key_by_pub(int fd, TSS_UUID *uuid, UINT32 pub_size, BYTE *pub, BYTE *key)
+{
+ int rc;
+ TSS_RESULT result;
+ off_t file_offset;
+ struct key_disk_cache tmp;
+ BYTE buf[4096];
+
+ if ((result = psfile_get_cache_entry_by_pub(fd, pub_size, pub, &tmp)))
+ return result;
+
+ /* jump to the location of the key blob */
+ file_offset = TSSPS_BLOB_DATA_OFFSET(&tmp);
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebugFn("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (tmp.blob_size > 4096) {
+ LogError("Blob size greater than 4096! Size: %d",
+ tmp.blob_size);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if ((result = read_data(fd, buf, tmp.blob_size))) {
+ LogDebugFn("Blob read from disk failed.");
+ return result;
+ }
+
+ memcpy(key, buf, tmp.blob_size);
+ memcpy(uuid, &tmp.uuid, sizeof(TSS_UUID));
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_get_uuid_by_pub(int fd, UINT32 pub_size, BYTE *pub, TSS_UUID *uuid)
+{
+ TSS_RESULT result;
+ struct key_disk_cache tmp;
+
+ if ((result = psfile_get_cache_entry_by_pub(fd, pub_size, pub, &tmp)))
+ return result;
+
+ memcpy(uuid, &tmp.uuid, sizeof(TSS_UUID));
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_change_num_keys(int fd, BYTE increment)
+{
+ int rc;
+ TSS_RESULT result;
+ UINT32 num_keys;
+
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ rc = read(fd, &num_keys, sizeof(UINT32));
+ if (rc != sizeof(UINT32)) {
+ LogDebug("read of %zd bytes: %s", sizeof(UINT32), strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ num_keys = LE_32(num_keys);
+
+ if (increment)
+ num_keys++;
+ else
+ num_keys--;
+
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ num_keys = LE_32(num_keys);
+ if ((result = write_data(fd, (void *)&num_keys, sizeof(UINT32)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+/* Write the initial header (number of keys and PS version) to initialize a new file */
+TSS_RESULT
+psfile_write_key_header(int fd)
+{
+ int rc;
+ TSS_RESULT result;
+ UINT32 i;
+
+ rc = lseek(fd, TSSPS_VERSION_OFFSET, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ i = TSSPS_VERSION;
+ if ((result = write_data(fd, &i, sizeof(BYTE)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ i = 0;
+ if ((result = write_data(fd, &i, sizeof(UINT32)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ return TSS_SUCCESS;
+}
+
+/*
+ * disk store format:
+ *
+ * TrouSerS 0.2.1+
+ * Version 1: cached?
+ * [BYTE PS version = '\1']
+ * [UINT32 num_keys_on_disk ]
+ * [TSS_UUID uuid0 ] yes
+ * [TSS_UUID uuid_parent0 ] yes
+ * [UINT16 pub_data_size0 ] yes
+ * [UINT16 blob_size0 ] yes
+ * [UINT32 vendor_data_size0] yes
+ * [UINT16 cache_flags0 ] yes
+ * [BYTE[] pub_data0 ]
+ * [BYTE[] blob0 ]
+ * [BYTE[] vendor_data0 ]
+ * [...]
+ *
+ */
+TSS_RESULT
+psfile_write_key(int fd,
+ TSS_UUID *uuid,
+ TSS_UUID *parent_uuid,
+ UINT32 parent_ps,
+ BYTE *key_blob,
+ UINT16 key_blob_size)
+{
+ TSS_RESULT result;
+ TSS_KEY key;
+ UINT32 zero = 0;
+ UINT64 offset;
+ UINT16 pub_key_size, cache_flags = 0;
+ struct stat stat_buf;
+ int rc, file_offset;
+
+ /* leaving the cache flag for parent ps type as 0 implies TSS_PS_TYPE_USER */
+ if (parent_ps == TSS_PS_TYPE_SYSTEM)
+ cache_flags |= CACHE_FLAG_PARENT_PS_SYSTEM;
+
+ if ((rc = fstat(fd, &stat_buf)) == -1) {
+ LogDebugFn("stat failed: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ file_offset = stat_buf.st_size;
+
+ if (file_offset < (int)TSSPS_KEYS_OFFSET) {
+ if ((result = psfile_write_key_header(fd)))
+ return result;
+ file_offset = TSSPS_KEYS_OFFSET;
+ }
+
+ rc = lseek(fd, file_offset, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* Unload the blob to get the public key */
+ offset = 0;
+ if ((result = UnloadBlob_TSS_KEY(&offset, key_blob, &key)))
+ return result;
+
+ pub_key_size = key.pubKey.keyLength;
+
+ /* [TSS_UUID uuid0 ] yes */
+ if ((result = write_data(fd, (void *)uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [TSS_UUID uuid_parent0 ] yes */
+ if ((result = write_data(fd, (void *)parent_uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [UINT16 pub_data_size0 ] yes */
+ pub_key_size = LE_16(pub_key_size);
+ if ((result = write_data(fd, &pub_key_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+ pub_key_size = LE_16(pub_key_size);
+
+ /* [UINT16 blob_size0 ] yes */
+ key_blob_size = LE_16(key_blob_size);
+ if ((result = write_data(fd, &key_blob_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+ key_blob_size = LE_16(key_blob_size);
+
+ /* [UINT32 vendor_data_size0 ] yes */
+ if ((result = write_data(fd, &zero, sizeof(UINT32)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [UINT16 cache_flags0 ] yes */
+ cache_flags = LE_16(cache_flags);
+ if ((result = write_data(fd, &cache_flags, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+ cache_flags = LE_16(cache_flags);
+
+ /* [BYTE[] pub_data0 ] no */
+ if ((result = write_data(fd, (void *)key.pubKey.key, pub_key_size))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+
+ /* [BYTE[] blob0 ] no */
+ if ((result = write_data(fd, (void *)key_blob, key_blob_size))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+
+ if ((result = psfile_change_num_keys(fd, TSS_PSFILE_INCREMENT_NUM_KEYS))) {
+ LogDebug("%s", __FUNCTION__);
+ goto done;
+ }
+
+done:
+ free_key_refs(&key);
+ return result;
+}
+
+TSS_RESULT
+psfile_remove_key(int fd, TSS_UUID *uuid)
+{
+ TSS_RESULT result;
+ UINT32 head_offset = 0, tail_offset;
+ int rc, size = 0;
+ struct key_disk_cache c;
+ BYTE buf[4096];
+
+ if ((result = psfile_get_cache_entry_by_uuid(fd, uuid, &c)))
+ return result;
+
+ /* head_offset is the offset the beginning of the key */
+ head_offset = TSSPS_UUID_OFFSET(&c);
+
+ /* tail_offset is the offset the beginning of the next key */
+ tail_offset = TSSPS_VENDOR_DATA_OFFSET(&c) + c.vendor_data_size;
+
+ rc = lseek(fd, tail_offset, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* read in from tail, write out to head to fill the gap */
+ while ((rc = read(fd, buf, sizeof(buf))) > 0) {
+ size = rc;
+ tail_offset += size;
+
+ /* set the file pointer to where we want to write */
+ rc = lseek(fd, head_offset, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* write the data */
+ if ((result = write_data(fd, (void *)buf, size))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ head_offset += size;
+
+ /* set the file pointer to where we want to read in the next
+ * loop */
+ rc = lseek(fd, tail_offset, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ if (rc < 0) {
+ LogDebug("read: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* set the file pointer to where we want to write */
+ rc = lseek(fd, head_offset, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* head_offset now contains a pointer to where we want to truncate the
+ * file. Zero out the old tail end of the file and truncate it. */
+
+ __tspi_memset(buf, 0, sizeof(buf));
+
+ /* Zero out the old tail end of the file */
+ if ((result = write_data(fd, (void *)buf, tail_offset - head_offset))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ if ((rc = ftruncate(fd, head_offset)) < 0) {
+ LogDebug("ftruncate: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* we succeeded in removing a key from the disk. Decrement the number
+ * of keys in the file */
+ if ((result = psfile_change_num_keys(fd, TSS_PSFILE_DECREMENT_NUM_KEYS)))
+ return result;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_get_all_cache_entries(int fd, UINT32 *size, struct key_disk_cache **c)
+{
+ UINT32 i, num_keys = psfile_get_num_keys(fd);
+ int offset;
+ TSS_RESULT result;
+ struct key_disk_cache *tmp = NULL;
+
+ if (num_keys == 0) {
+ *size = 0;
+ *c = NULL;
+ return TSS_SUCCESS;
+ }
+
+ /* make sure the file pointer is where we expect, just after the number
+ * of keys on disk at the head of the file
+ */
+ offset = lseek(fd, TSSPS_KEYS_OFFSET, SEEK_SET);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if ((tmp = malloc(num_keys * sizeof(struct key_disk_cache))) == NULL) {
+ LogDebug("malloc of %zu bytes failed.", num_keys * sizeof(struct key_disk_cache));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ for (i = 0; i < num_keys; i++) {
+ offset = lseek(fd, 0, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err_exit;
+ }
+ tmp[i].offset = offset;
+
+ /* read UUID */
+ if ((result = read_data(fd, &tmp[i].uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto err_exit;
+ }
+
+ /* read parent UUID */
+ if ((result = read_data(fd, &tmp[i].parent_uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto err_exit;
+ }
+
+ /* pub data size */
+ if ((result = read_data(fd, &tmp[i].pub_data_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp[i].pub_data_size = LE_16(tmp[i].pub_data_size);
+
+ DBG_ASSERT(tmp[i].pub_data_size <= 2048);
+
+ /* blob size */
+ if ((result = read_data(fd, &tmp[i].blob_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp[i].blob_size = LE_16(tmp[i].blob_size);
+
+ DBG_ASSERT(tmp[i].blob_size <= 4096);
+
+ /* vendor data size */
+ if ((result = read_data(fd, &tmp[i].vendor_data_size, sizeof(UINT32)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp[i].vendor_data_size = LE_32(tmp[i].vendor_data_size);
+
+ /* cache flags */
+ if ((result = read_data(fd, &tmp[i].flags, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ goto err_exit;
+ }
+ tmp[i].flags = LE_16(tmp[i].flags);
+
+ /* fast forward over the pub key */
+ offset = lseek(fd, tmp[i].pub_data_size, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err_exit;
+ }
+
+ /* fast forward over the blob */
+ offset = lseek(fd, tmp[i].blob_size, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto err_exit;
+ }
+
+ /* ignore vendor data for user ps */
+ }
+
+ *size = num_keys;
+ *c = tmp;
+
+ return TSS_SUCCESS;
+
+err_exit:
+ free(tmp);
+ return result;
+}
+
+TSS_RESULT
+copy_key_info(int fd, TSS_KM_KEYINFO *ki, struct key_disk_cache *c)
+{
+ TSS_KEY key;
+ BYTE blob[4096];
+ UINT64 offset;
+ TSS_RESULT result;
+ off_t off;
+
+ /* Set the file pointer to the offset that the key blob is at */
+ off = lseek(fd, TSSPS_BLOB_DATA_OFFSET(c), SEEK_SET);
+ if (off == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* Read in the key blob */
+ if ((result = read_data(fd, (void *)blob, c->blob_size))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ /* Expand the blob into a useable form */
+ offset = 0;
+ if ((result = UnloadBlob_TSS_KEY(&offset, blob, &key)))
+ return result;
+
+ if (key.hdr.key12.tag == TPM_TAG_KEY12) {
+ ki->versionInfo.bMajor = TSS_SPEC_MAJOR;
+ ki->versionInfo.bMinor = TSS_SPEC_MINOR;
+ ki->versionInfo.bRevMajor = 0;
+ ki->versionInfo.bRevMinor = 0;
+ } else
+ memcpy(&ki->versionInfo, &key.hdr.key11.ver, sizeof(TSS_VERSION));
+ memcpy(&ki->keyUUID, &c->uuid, sizeof(TSS_UUID));
+ memcpy(&ki->parentKeyUUID, &c->parent_uuid, sizeof(TSS_UUID));
+ ki->bAuthDataUsage = key.authDataUsage;
+
+ free_key_refs(&key);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+copy_key_info2(int fd, TSS_KM_KEYINFO2 *ki, struct key_disk_cache *c)
+{
+ TSS_KEY key;
+ BYTE blob[4096];
+ UINT64 offset;
+ TSS_RESULT result;
+ off_t off;
+
+ /* Set the file pointer to the offset that the key blob is at */
+ off = lseek(fd, TSSPS_BLOB_DATA_OFFSET(c), SEEK_SET);
+ if (off == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* Read in the key blob */
+ if ((result = read_data(fd, (void *)blob, c->blob_size))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ /* Expand the blob into a useable form */
+ offset = 0;
+ if ((result = UnloadBlob_TSS_KEY(&offset, blob, &key)))
+ return result;
+
+ if (key.hdr.key12.tag == TPM_TAG_KEY12) {
+ ki->versionInfo.bMajor = TSS_SPEC_MAJOR;
+ ki->versionInfo.bMinor = TSS_SPEC_MINOR;
+ ki->versionInfo.bRevMajor = 0;
+ ki->versionInfo.bRevMinor = 0;
+ } else
+ memcpy(&ki->versionInfo, &key.hdr.key11.ver, sizeof(TSS_VERSION));
+ memcpy(&ki->keyUUID, &c->uuid, sizeof(TSS_UUID));
+ memcpy(&ki->parentKeyUUID, &c->parent_uuid, sizeof(TSS_UUID));
+
+ /* CHECK: fill the two new fields of TSS_KM_KEYINFO2 */
+ ki->persistentStorageType = TSS_PS_TYPE_USER;
+ ki->persistentStorageTypeParent = c->flags & CACHE_FLAG_PARENT_PS_SYSTEM ?
+ TSS_PS_TYPE_SYSTEM : TSS_PS_TYPE_USER;
+
+ ki->bAuthDataUsage = key.authDataUsage;
+
+ free_key_refs(&key);
+
+ return TSS_SUCCESS;
+}
+
+
+TSS_RESULT
+psfile_get_registered_keys(int fd,
+ TSS_UUID *uuid,
+ TSS_UUID *tcs_uuid,
+ UINT32 *size,
+ TSS_KM_KEYINFO **keys)
+{
+ TSS_RESULT result;
+ struct key_disk_cache *cache_entries;
+ UINT32 cache_size, i, j;
+ TSS_KM_KEYINFO *keyinfos = NULL;
+ TSS_UUID *find_uuid;
+
+ if ((result = psfile_get_all_cache_entries(fd, &cache_size, &cache_entries)))
+ return result;
+
+ if (cache_size == 0) {
+ if (uuid)
+ return TSPERR(TSS_E_PS_KEY_NOTFOUND);
+ else {
+ *size = 0;
+ *keys = NULL;
+ return TSS_SUCCESS;
+ }
+ }
+
+ if (uuid) {
+ find_uuid = uuid;
+ j = 0;
+
+restart_search:
+ /* Search for the requested UUID. When found, allocate new space for it, copy
+ * it in, then change the uuid to be searched for it its parent and start over. */
+ for (i = 0; i < cache_size; i++) {
+ if (!memcmp(&cache_entries[i].uuid, find_uuid, sizeof(TSS_UUID))) {
+ if (!(keyinfos = realloc(keyinfos,
+ (j+1) * sizeof(TSS_KM_KEYINFO)))) {
+ free(cache_entries);
+ free(keyinfos);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ __tspi_memset(&keyinfos[j], 0, sizeof(TSS_KM_KEYINFO));
+
+ if ((result = copy_key_info(fd, &keyinfos[j], &cache_entries[i]))) {
+ free(cache_entries);
+ free(keyinfos);
+ return result;
+ }
+
+ find_uuid = &keyinfos[j].parentKeyUUID;
+ j++;
+ goto restart_search;
+ }
+ }
+
+ /* Searching for keys in the user PS will always lead us up to some key in the
+ * system PS. Return that key's uuid so that the upper layers can call down to TCS
+ * to search for it. */
+ memcpy(tcs_uuid, find_uuid, sizeof(TSS_UUID));
+
+ *size = j;
+ } else {
+ if ((keyinfos = calloc(cache_size, sizeof(TSS_KM_KEYINFO))) == NULL) {
+ LogDebug("malloc of %zu bytes failed.",
+ cache_size * sizeof(TSS_KM_KEYINFO));
+ free(cache_entries);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ for (i = 0; i < cache_size; i++) {
+ if ((result = copy_key_info(fd, &keyinfos[i], &cache_entries[i]))) {
+ free(cache_entries);
+ free(keyinfos);
+ return result;
+ }
+ }
+
+ *size = cache_size;
+ }
+
+ free(cache_entries);
+
+ *keys = keyinfos;
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+psfile_get_registered_keys2(int fd,
+ TSS_UUID *uuid,
+ TSS_UUID *tcs_uuid,
+ UINT32 *size,
+ TSS_KM_KEYINFO2 **keys)
+{
+ TSS_RESULT result;
+ struct key_disk_cache *cache_entries;
+ UINT32 cache_size, i, j;
+ TSS_KM_KEYINFO2 *keyinfos = NULL;
+ TSS_UUID *find_uuid;
+
+ if ((result = psfile_get_all_cache_entries(fd, &cache_size, &cache_entries)))
+ return result;
+
+ if (cache_size == 0) {
+ if (uuid)
+ return TSPERR(TSS_E_PS_KEY_NOTFOUND);
+ else {
+ *size = 0;
+ *keys = NULL;
+ return TSS_SUCCESS;
+ }
+ }
+
+ if (uuid) {
+ find_uuid = uuid;
+ j = 0;
+
+ restart_search:
+ /* Search for the requested UUID. When found, allocate new space for it, copy
+ * it in, then change the uuid to be searched for it its parent and start over. */
+ for (i = 0; i < cache_size; i++) {
+ /*Return 0 if normal finish*/
+ if (!memcmp(&cache_entries[i].uuid, find_uuid, sizeof(TSS_UUID))) {
+ if (!(keyinfos = realloc(keyinfos,
+ (j+1) * sizeof(TSS_KM_KEYINFO2)))) {
+ free(cache_entries);
+ free(keyinfos);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ /* Here the key UUID is found and needs to be copied for the array*/
+ /* Initializes the keyinfos with 0's*/
+ __tspi_memset(&keyinfos[j], 0, sizeof(TSS_KM_KEYINFO2));
+
+ if ((result = copy_key_info2(fd, &keyinfos[j], &cache_entries[i]))) {
+ free(cache_entries);
+ free(keyinfos);
+ return result;
+ }
+
+ find_uuid = &keyinfos[j].parentKeyUUID;
+ j++;
+ goto restart_search;
+ }
+ }
+
+ /* Searching for keys in the user PS will always lead us up to some key in the
+ * system PS. Return that key's uuid so that the upper layers can call down to TCS
+ * to search for it. */
+ memcpy(tcs_uuid, find_uuid, sizeof(TSS_UUID));
+
+ *size = j;
+ } else {
+ if ((keyinfos = calloc(cache_size, sizeof(TSS_KM_KEYINFO2))) == NULL) {
+ LogDebug("malloc of %zu bytes failed.",
+ cache_size * sizeof(TSS_KM_KEYINFO2));
+ free(cache_entries);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ for (i = 0; i < cache_size; i++) {
+ if ((result = copy_key_info2(fd, &keyinfos[i], &cache_entries[i]))) {
+ free(cache_entries);
+ free(keyinfos);
+ return result;
+ }
+ }
+
+ *size = cache_size;
+ }
+
+ free(cache_entries);
+
+ *keys = keyinfos;
+
+ return TSS_SUCCESS;
+}
+
+/*
+ * read into the PS file and return the number of keys
+ */
+UINT32
+psfile_get_num_keys(int fd)
+{
+ UINT32 num_keys;
+ int rc;
+
+ /* go to the number of keys */
+ rc = lseek(fd, TSSPS_NUM_KEYS_OFFSET, SEEK_SET);
+ if (rc == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return 0;
+ }
+
+ rc = read(fd, &num_keys, sizeof(UINT32));
+ if (rc < 0) {
+ LogDebug("read of %zd bytes: %s", sizeof(UINT32), strerror(errno));
+ return 0;
+ } else if ((unsigned)rc < sizeof(UINT32)) {
+ num_keys = 0;
+ }
+
+ /* The system PS file is written in little-endian */
+ num_keys = LE_32(num_keys);
+ return num_keys;
+}
+
+/*
+ * disk store format:
+ *
+ * TrouSerS 0.2.1+
+ * Version 1: cached?
+ * [BYTE PS version = '\1']
+ * [UINT32 num_keys_on_disk ]
+ * [TSS_UUID uuid0 ] yes
+ * [TSS_UUID uuid_parent0 ] yes
+ * [UINT16 pub_data_size0 ] yes
+ * [UINT16 blob_size0 ] yes
+ * [UINT32 vendor_data_size0] yes
+ * [UINT16 cache_flags0 ] yes
+ * [BYTE[] pub_data0 ]
+ * [BYTE[] blob0 ]
+ * [BYTE[] vendor_data0 ]
+ * [...]
+ *
+ */
+TSS_RESULT
+psfile_get_cache_entry_by_uuid(int fd, TSS_UUID *uuid, struct key_disk_cache *c)
+{
+ UINT32 i, num_keys = psfile_get_num_keys(fd);
+ int offset;
+ TSS_RESULT result;
+ BYTE found = 0;
+
+ if (num_keys == 0)
+ return TSPERR(TSS_E_PS_KEY_NOTFOUND);
+
+ /* make sure the file pointer is where we expect, just after the number
+ * of keys on disk at the head of the file
+ */
+ offset = lseek(fd, TSSPS_KEYS_OFFSET, SEEK_SET);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ for (i = 0; i < num_keys && !found; i++) {
+ offset = lseek(fd, 0, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ c->offset = offset;
+
+ /* read UUID */
+ if ((result = read_data(fd, (void *)&c->uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ if (!memcmp(&c->uuid, uuid, sizeof(TSS_UUID))) {
+ found = 1;
+
+ /* read parent UUID */
+ if ((result = read_data(fd, (void *)&c->parent_uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ } else {
+ /* fast forward over the parent UUID */
+ offset = lseek(fd, sizeof(TSS_UUID), SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ /* pub data size */
+ if ((result = read_data(fd, &c->pub_data_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ c->pub_data_size = LE_16(c->pub_data_size);
+ DBG_ASSERT(c->pub_data_size <= 2048 && c->pub_data_size > 0);
+
+ /* blob size */
+ if ((result = read_data(fd, &c->blob_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ c->blob_size = LE_16(c->blob_size);
+ DBG_ASSERT(c->blob_size <= 4096 && c->blob_size > 0);
+
+ /* vendor data size */
+ if ((result = read_data(fd, &c->vendor_data_size, sizeof(UINT32)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ c->vendor_data_size = LE_32(c->vendor_data_size);
+
+ /* cache flags */
+ if ((result = read_data(fd, &c->flags, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ c->flags = LE_16(c->flags);
+
+ /* fast forward over the pub key */
+ offset = lseek(fd, c->pub_data_size, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* fast forward over the blob */
+ offset = lseek(fd, c->blob_size, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* ignore vendor data in user ps */
+ }
+
+ return found ? TSS_SUCCESS : TSPERR(TSS_E_PS_KEY_NOTFOUND);
+}
+
+TSS_RESULT
+psfile_get_cache_entry_by_pub(int fd, UINT32 pub_size, BYTE *pub, struct key_disk_cache *c)
+{
+ BYTE blob[2048];
+ UINT32 i, num_keys = psfile_get_num_keys(fd);
+ int offset;
+ TSS_RESULT result;
+
+ if (num_keys == 0)
+ return TSPERR(TSS_E_PS_KEY_NOTFOUND);
+
+ /* make sure the file pointer is where we expect, just after the number
+ * of keys on disk at the head of the file
+ */
+ offset = lseek(fd, TSSPS_KEYS_OFFSET, SEEK_SET);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ for (i = 0; i < num_keys; i++) {
+ offset = lseek(fd, 0, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ c->offset = offset;
+
+ /* read UUID */
+ if ((result = read_data(fd, (void *)&c->uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ /* read parent UUID */
+ if ((result = read_data(fd, (void *)&c->parent_uuid, sizeof(TSS_UUID)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ /* pub data size */
+ if ((result = read_data(fd, &c->pub_data_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ c->pub_data_size = LE_16(c->pub_data_size);
+ DBG_ASSERT(c->pub_data_size <= 2048 && c->pub_data_size > 0);
+
+ /* blob size */
+ if ((result = read_data(fd, &c->blob_size, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ c->blob_size = LE_16(c->blob_size);
+ DBG_ASSERT(c->blob_size <= 4096 && c->blob_size > 0);
+
+ /* vendor data size */
+ if ((result = read_data(fd, &c->vendor_data_size, sizeof(UINT32)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ c->vendor_data_size = LE_32(c->vendor_data_size);
+
+ /* cache flags */
+ if ((result = read_data(fd, &c->flags, sizeof(UINT16)))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+ c->flags = LE_16(c->flags);
+
+ if (c->pub_data_size == pub_size) {
+ /* read in the pub key */
+ if ((result = read_data(fd, blob, c->pub_data_size))) {
+ LogDebug("%s", __FUNCTION__);
+ return result;
+ }
+
+ if (!memcmp(blob, pub, pub_size))
+ break;
+ }
+
+ /* fast forward over the blob */
+ offset = lseek(fd, c->blob_size, SEEK_CUR);
+ if (offset == ((off_t)-1)) {
+ LogDebug("lseek: %s", strerror(errno));
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ /* ignore vendor data */
+ }
+
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/hosttable.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/hosttable.c
new file mode 100644
index 0000000..2e80c36
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/hosttable.c
@@ -0,0 +1,185 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004
+ *
+ */
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "obj.h"
+
+static struct host_table *ht = NULL;
+
+TSS_RESULT
+host_table_init()
+{
+ ht = calloc(1, sizeof(struct host_table));
+ if (ht == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct host_table));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ MUTEX_INIT(ht->lock);
+
+ return TSS_SUCCESS;
+}
+
+#ifdef SOLARIS
+#pragma init(_init)
+void _init(void)
+#else
+static void __attribute__ ((constructor)) my_init(void)
+#endif
+{
+ host_table_init();
+ __tspi_obj_list_init();
+}
+
+void
+host_table_final()
+{
+ struct host_table_entry *hte, *next = NULL;
+
+ MUTEX_LOCK(ht->lock);
+
+ for (hte = ht->entries; hte; hte = next) {
+ if (hte)
+ next = hte->next;
+ if (hte->hostname)
+ free(hte->hostname);
+ if (hte->comm.buf)
+ free(hte->comm.buf);
+ free(hte);
+ }
+
+ MUTEX_UNLOCK(ht->lock);
+
+ free(ht);
+ ht = NULL;
+}
+
+#ifdef SOLARIS
+#pragma fini(_fini)
+void _fini(void)
+#else
+static void __attribute__ ((destructor)) my_fini(void)
+#endif
+{
+ host_table_final();
+}
+
+TSS_RESULT
+__tspi_add_table_entry(TSS_HCONTEXT tspContext, BYTE *host, int type, struct host_table_entry **ret)
+{
+ struct host_table_entry *entry, *tmp;
+
+ entry = calloc(1, sizeof(struct host_table_entry));
+ if (entry == NULL) {
+ LogError("malloc of %zd bytes failed.", sizeof(struct host_table_entry));
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ entry->tspContext = tspContext;
+ entry->hostname = host;
+ entry->type = type;
+ entry->comm.buf_size = TCSD_INIT_TXBUF_SIZE;
+ entry->comm.buf = calloc(1, entry->comm.buf_size);
+ if (entry->comm.buf == NULL) {
+ LogError("malloc of %u bytes failed.", entry->comm.buf_size);
+ free(entry);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+ MUTEX_INIT(entry->lock);
+
+ MUTEX_LOCK(ht->lock);
+
+ for (tmp = ht->entries; tmp; tmp = tmp->next) {
+ if (tmp->tspContext == tspContext) {
+ LogError("Tspi_Context_Connect attempted on an already connected context!");
+ MUTEX_UNLOCK(ht->lock);
+ free(entry->hostname);
+ free(entry->comm.buf);
+ free(entry);
+ return TSPERR(TSS_E_CONNECTION_FAILED);
+ }
+ }
+
+ if( ht->entries == NULL ) {
+ ht->entries = entry;
+ } else {
+ for (tmp = ht->entries; tmp->next; tmp = tmp->next)
+ ;
+ tmp->next = entry;
+ }
+ MUTEX_UNLOCK(ht->lock);
+
+ *ret = entry;
+
+ return TSS_SUCCESS;
+}
+
+void
+remove_table_entry(TSS_HCONTEXT tspContext)
+{
+ struct host_table_entry *hte, *prev = NULL;
+
+ MUTEX_LOCK(ht->lock);
+
+ for (hte = ht->entries; hte; prev = hte, hte = hte->next) {
+ if (hte->tspContext == tspContext) {
+ if (prev != NULL)
+ prev->next = hte->next;
+ else
+ ht->entries = hte->next;
+ if (hte->hostname)
+ free(hte->hostname);
+ free(hte->comm.buf);
+ free(hte);
+ break;
+ }
+ }
+
+ MUTEX_UNLOCK(ht->lock);
+}
+
+struct host_table_entry *
+get_table_entry(TSS_HCONTEXT tspContext)
+{
+ struct host_table_entry *index = NULL;
+
+ /* Avoid shutdown race in wpa_supplicant */
+ if (ht == NULL)
+ return NULL;
+
+ MUTEX_LOCK(ht->lock);
+
+ for (index = ht->entries; index; index = index->next) {
+ if (index->tspContext == tspContext)
+ break;
+ }
+
+ if (index)
+ MUTEX_LOCK(index->lock);
+
+ MUTEX_UNLOCK(ht->lock);
+
+ return index;
+}
+
+void
+put_table_entry(struct host_table_entry *entry)
+{
+ if (entry)
+ MUTEX_UNLOCK(entry->lock);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcs_api.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcs_api.c
new file mode 100644
index 0000000..3ae2659
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcs_api.c
@@ -0,0 +1,3379 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004, 2007
+ *
+ */
+
+
+#include <stdlib.h>
+#include <syslog.h>
+#include <unistd.h>
+
+#include "trousers/tss.h"
+#include "trousers_types.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "hosttable.h"
+#include "tsplog.h"
+#include "rpc_tcstp_tsp.h"
+#include "obj_context.h"
+
+
+TSS_RESULT
+RPC_Error(TSS_HCONTEXT tspContext, ...)
+{
+ LogDebugFn("Context: 0x%x", tspContext);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+}
+
+TSS_RESULT
+RPC_OpenContext(TSS_HCONTEXT tspContext, BYTE *hostname, int type)
+{
+ TSS_RESULT result;
+ TCS_CONTEXT_HANDLE tcsContext;
+ struct host_table_entry *entry;
+ UINT32 tpm_version;
+
+ /* __tspi_add_table_entry() will make sure an entry doesn't already exist for this tsp context */
+ if ((result = __tspi_add_table_entry(tspContext, hostname, type, &entry)))
+ return result;
+
+ switch (type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ if ((result = RPC_OpenContext_TP(entry, &tpm_version, &tcsContext)))
+ remove_table_entry(tspContext);
+ else {
+ entry->tcsContext = tcsContext;
+ if (obj_context_set_tpm_version(tspContext, tpm_version)) {
+ remove_table_entry(tspContext);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ return result;
+ default:
+ break;
+ }
+
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+}
+
+TSS_RESULT RPC_GetRegisteredKeyByPublicInfo(TSS_HCONTEXT tspContext,
+ TCPA_ALGORITHM_ID algID, /* in */
+ UINT32 ulPublicInfoLength, /* in */
+ BYTE * rgbPublicInfo, /* in */
+ UINT32 * keySize, BYTE ** keyBlob)
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetRegisteredKeyByPublicInfo_TP(entry, algID,
+ ulPublicInfoLength,
+ rgbPublicInfo, keySize,
+ keyBlob);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_CloseContext(TSS_HCONTEXT tspContext) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ if ((result = RPC_CloseContext_TP(entry)) == TSS_SUCCESS) {
+ close(entry->socket);
+ remove_table_entry(tspContext);
+ }
+ break;
+ default:
+ break;
+ }
+
+ if (result != TSS_SUCCESS)
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_FreeMemory(TSS_HCONTEXT tspContext, /* in */
+ BYTE * pMemory) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_FreeMemory_TP(entry, pMemory);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_LogPcrEvent(TSS_HCONTEXT tspContext, /* in */
+ TSS_PCR_EVENT Event, /* in */
+ UINT32 * pNumber) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_LogPcrEvent_TP(entry, Event, pNumber);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetPcrEvent(TSS_HCONTEXT tspContext, /* in */
+ UINT32 PcrIndex, /* in */
+ UINT32 * pNumber, /* in, out */
+ TSS_PCR_EVENT ** ppEvent) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result =
+ RPC_GetPcrEvent_TP(entry, PcrIndex, pNumber, ppEvent);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetPcrEventsByPcr(TSS_HCONTEXT tspContext, /* in */
+ UINT32 PcrIndex, /* in */
+ UINT32 FirstEvent, /* in */
+ UINT32 * pEventCount, /* in,out */
+ TSS_PCR_EVENT ** ppEvents) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetPcrEventsByPcr_TP(entry, PcrIndex, FirstEvent,
+ pEventCount, ppEvents);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetPcrEventLog(TSS_HCONTEXT tspContext, /* in */
+ UINT32 * pEventCount, /* out */
+ TSS_PCR_EVENT ** ppEvents) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetPcrEventLog_TP(entry, pEventCount, ppEvents);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_RegisterKey(TSS_HCONTEXT tspContext, /* in */
+ TSS_UUID WrappingKeyUUID, /* in */
+ TSS_UUID KeyUUID, /* in */
+ UINT32 cKeySize, /* in */
+ BYTE * rgbKey, /* in */
+ UINT32 cVendorData, /* in */
+ BYTE * gbVendorData) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_RegisterKey_TP(entry, WrappingKeyUUID, KeyUUID, cKeySize,
+ rgbKey, cVendorData, gbVendorData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_UnregisterKey(TSS_HCONTEXT tspContext, /* in */
+ TSS_UUID KeyUUID) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_UnregisterKey_TP(entry, KeyUUID);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_EnumRegisteredKeys(TSS_HCONTEXT tspContext, /* in */
+ TSS_UUID * pKeyUUID, /* in */
+ UINT32 * pcKeyHierarchySize, /* out */
+ TSS_KM_KEYINFO ** ppKeyHierarchy) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_EnumRegisteredKeys_TP(entry, pKeyUUID, pcKeyHierarchySize,
+ ppKeyHierarchy);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_EnumRegisteredKeys2(TSS_HCONTEXT tspContext, /* in */
+ TSS_UUID * pKeyUUID, /* in */
+ UINT32 * pcKeyHierarchySize, /* out */
+ TSS_KM_KEYINFO2 ** ppKeyHierarchy) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_EnumRegisteredKeys2_TP(entry, pKeyUUID, pcKeyHierarchySize,
+ ppKeyHierarchy);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+
+TSS_RESULT RPC_GetRegisteredKey(TSS_HCONTEXT tspContext, /* in */
+ TSS_UUID KeyUUID, /* in */
+ TSS_KM_KEYINFO ** ppKeyInfo) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetRegisteredKey_TP(entry, KeyUUID, ppKeyInfo);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetRegisteredKeyBlob(TSS_HCONTEXT tspContext, /* in */
+ TSS_UUID KeyUUID, /* in */
+ UINT32 * pcKeySize, /* out */
+ BYTE ** prgbKey) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetRegisteredKeyBlob_TP(entry, KeyUUID, pcKeySize, prgbKey);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_LoadKeyByBlob(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE hUnwrappingKey, /* in */
+ UINT32 cWrappedKeyBlobSize, /* in */
+ BYTE * rgbWrappedKeyBlob, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI, /* out */
+ TCS_KEY_HANDLE * phKeyHMAC) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_LoadKeyByBlob_TP(entry, hUnwrappingKey, cWrappedKeyBlobSize,
+ rgbWrappedKeyBlob, pAuth, phKeyTCSI,
+ phKeyHMAC);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_LoadKeyByUUID(TSS_HCONTEXT tspContext, /* in */
+ TSS_UUID KeyUUID, /* in */
+ TCS_LOADKEY_INFO * pLoadKeyInfo, /* in, out */
+ TCS_KEY_HANDLE * phKeyTCSI) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_LoadKeyByUUID_TP(entry, KeyUUID, pLoadKeyInfo, phKeyTCSI);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_EvictKey(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE hKey) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_EvictKey_TP(entry, hKey);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_CreateWrapKey(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE hWrappingKey, /* in */
+ TCPA_ENCAUTH *KeyUsageAuth, /* in */
+ TCPA_ENCAUTH *KeyMigrationAuth, /* in */
+ UINT32 keyInfoSize, /* in */
+ BYTE * keyInfo, /* in */
+ UINT32 * keyDataSize, /* out */
+ BYTE ** keyData, /* out */
+ TPM_AUTH * pAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CreateWrapKey_TP(entry, hWrappingKey, KeyUsageAuth,
+ KeyMigrationAuth, keyInfoSize, keyInfo,
+ keyDataSize, keyData, pAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetPubKey(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ UINT32 * pcPubKeySize, /* out */
+ BYTE ** prgbPubKey) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetPubKey_TP(entry, hKey, pAuth, pcPubKeySize, prgbPubKey);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_MakeIdentity(TSS_HCONTEXT tspContext, /* in */
+ TCPA_ENCAUTH identityAuth, /* in */
+ TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
+ UINT32 idKeyInfoSize, /* in */
+ BYTE * idKeyInfo, /* in */
+ TPM_AUTH * pSrkAuth, /* in, out */
+ TPM_AUTH * pOwnerAuth, /* in, out */
+ UINT32 * idKeySize, /* out */
+ BYTE ** idKey, /* out */
+ UINT32 * pcIdentityBindingSize, /* out */
+ BYTE ** prgbIdentityBinding, /* out */
+ UINT32 * pcEndorsementCredentialSize, /* out */
+ BYTE ** prgbEndorsementCredential, /* out */
+ UINT32 * pcPlatformCredentialSize, /* out */
+ BYTE ** prgbPlatformCredential, /* out */
+ UINT32 * pcConformanceCredentialSize, /* out */
+ BYTE ** prgbConformanceCredential) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_MakeIdentity_TP(entry, identityAuth,
+ IDLabel_PrivCAHash, idKeyInfoSize, idKeyInfo,
+ pSrkAuth, pOwnerAuth, idKeySize, idKey,
+ pcIdentityBindingSize, prgbIdentityBinding,
+ pcEndorsementCredentialSize,
+ prgbEndorsementCredential,
+ pcPlatformCredentialSize,
+ prgbPlatformCredential,
+ pcConformanceCredentialSize,
+ prgbConformanceCredential);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_GetCredential(TSS_HCONTEXT tspContext, /* in */
+ UINT32 ulCredentialType, /* in */
+ UINT32 ulCredentialAccessMode, /* in */
+ UINT32 * pulCredentialSize, /* out */
+ BYTE ** prgbCredentialData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetCredential_TP(entry, ulCredentialType,
+ ulCredentialAccessMode, pulCredentialSize,
+ prgbCredentialData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+TSS_RESULT RPC_SetOwnerInstall(TSS_HCONTEXT tspContext, /* in */
+ TSS_BOOL state) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_SetOwnerInstall_TP(entry, state);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_TakeOwnership(TSS_HCONTEXT tspContext, /* in */
+ UINT16 protocolID, /* in */
+ UINT32 encOwnerAuthSize, /* in */
+ BYTE * encOwnerAuth, /* in */
+ UINT32 encSrkAuthSize, /* in */
+ BYTE * encSrkAuth, /* in */
+ UINT32 srkInfoSize, /* in */
+ BYTE * srkInfo, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * srkKeySize,
+ BYTE ** srkKey)
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_TakeOwnership_TP(entry, protocolID,
+ encOwnerAuthSize, encOwnerAuth,
+ encSrkAuthSize, encSrkAuth, srkInfoSize,
+ srkInfo, ownerAuth, srkKeySize, srkKey);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_OIAP(TSS_HCONTEXT tspContext, /* in */
+ TCS_AUTHHANDLE * authHandle, /* out */
+ TCPA_NONCE * nonce0) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_OIAP_TP(entry, authHandle, nonce0);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_OSAP(TSS_HCONTEXT tspContext, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 entityValue, /* in */
+ TPM_NONCE *nonceOddOSAP, /* in */
+ TCS_AUTHHANDLE * authHandle, /* out */
+ TCPA_NONCE * nonceEven, /* out */
+ TCPA_NONCE * nonceEvenOSAP) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_OSAP_TP(entry, entityType, entityValue, nonceOddOSAP,
+ authHandle, nonceEven, nonceEvenOSAP);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ChangeAuth(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH *newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE * encData, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ TPM_AUTH * entityAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ChangeAuth_TP(entry, parentHandle, protocolID, newAuth,
+ entityType, encDataSize, encData, ownerAuth,
+ entityAuth, outDataSize, outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ChangeAuthOwner(TSS_HCONTEXT tspContext, /* in */
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH *newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ChangeAuthOwner_TP(entry, protocolID, newAuth, entityType,
+ ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ChangeAuthAsymStart(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE idHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 KeySizeIn, /* in */
+ BYTE * KeyDataIn, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ UINT32 * KeySizeOut, /* out */
+ BYTE ** KeyDataOut, /* out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig, /* out */
+ TCS_KEY_HANDLE * ephHandle) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ChangeAuthAsymStart_TP(entry, idHandle, antiReplay,
+ KeySizeIn, KeyDataIn, pAuth,
+ KeySizeOut, KeyDataOut,
+ CertifyInfoSize, CertifyInfo, sigSize,
+ sig, ephHandle);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ChangeAuthAsymFinish(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCS_KEY_HANDLE ephHandle, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TCPA_HMAC newAuthLink, /* in */
+ UINT32 newAuthSize, /* in */
+ BYTE * encNewAuth, /* in */
+ UINT32 encDataSizeIn, /* in */
+ BYTE * encDataIn, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * encDataSizeOut, /* out */
+ BYTE ** encDataOut, /* out */
+ TCPA_SALT_NONCE * saltNonce, /* out */
+ TCPA_DIGEST * changeProof) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ChangeAuthAsymFinish_TP(entry, parentHandle, ephHandle,
+ entityType, newAuthLink,
+ newAuthSize, encNewAuth,
+ encDataSizeIn, encDataIn, ownerAuth,
+ encDataSizeOut, encDataOut, saltNonce,
+ changeProof);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_TerminateHandle(TSS_HCONTEXT tspContext, /* in */
+ TCS_AUTHHANDLE handle) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_TerminateHandle_TP(entry, handle);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ActivateTPMIdentity(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE idKey, /* in */
+ UINT32 blobSize, /* in */
+ BYTE * blob, /* in */
+ TPM_AUTH * idKeyAuth, /* in, out */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * SymmetricKeySize, /* out */
+ BYTE ** SymmetricKey) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ActivateTPMIdentity_TP(entry, idKey, blobSize, blob, idKeyAuth,
+ ownerAuth, SymmetricKeySize,
+ SymmetricKey);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_Extend(TSS_HCONTEXT tspContext, /* in */
+ TCPA_PCRINDEX pcrNum, /* in */
+ TCPA_DIGEST inDigest, /* in */
+ TCPA_PCRVALUE * outDigest) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Extend_TP(entry, pcrNum, inDigest, outDigest);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_PcrRead(TSS_HCONTEXT tspContext, /* in */
+ TCPA_PCRINDEX pcrNum, /* in */
+ TCPA_PCRVALUE * outDigest) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_PcrRead_TP(entry, pcrNum, outDigest);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_PcrReset(TSS_HCONTEXT tspContext, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_PcrReset_TP(entry, pcrDataSizeIn, pcrDataIn);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+
+TSS_RESULT RPC_Quote(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE *antiReplay, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * pcrDataSizeOut, /* out */
+ BYTE ** pcrDataOut, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Quote_TP(entry, keyHandle, antiReplay, pcrDataSizeIn,
+ pcrDataIn, privAuth, pcrDataSizeOut, pcrDataOut,
+ sigSize, sig);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_Quote2(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE *antiReplay, /* in */
+ UINT32 pcrDataSizeIn, /* in */
+ BYTE * pcrDataIn, /* in */
+ TSS_BOOL addVersion, /* in */
+ TPM_AUTH * privAuth, /* in,out */
+ UINT32 * pcrDataSizeOut, /* out */
+ BYTE ** pcrDataOut, /* out */
+ UINT32 * versionInfoSize, /* out */
+ BYTE ** versionInfo, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Quote2_TP(entry, keyHandle, antiReplay, pcrDataSizeIn, pcrDataIn,
+ addVersion,privAuth, pcrDataSizeOut, pcrDataOut,
+ versionInfoSize, versionInfo,sigSize, sig);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+TSS_RESULT RPC_DirWriteAuth(TSS_HCONTEXT tspContext, /* in */
+ TCPA_DIRINDEX dirIndex, /* in */
+ TCPA_DIRVALUE *newContents, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DirWriteAuth_TP(entry, dirIndex, newContents, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_DirRead(TSS_HCONTEXT tspContext, /* in */
+ TCPA_DIRINDEX dirIndex, /* in */
+ TCPA_DIRVALUE * dirValue) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DirRead_TP(entry, dirIndex, dirValue);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_Seal(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_ENCAUTH *encAuth, /* in */
+ UINT32 pcrInfoSize, /* in */
+ BYTE * PcrInfo, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * pubAuth, /* in, out */
+ UINT32 * SealedDataSize, /* out */
+ BYTE ** SealedData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Seal_TP(entry, keyHandle, encAuth, pcrInfoSize, PcrInfo,
+ inDataSize, inData, pubAuth, SealedDataSize,
+ SealedData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_SEALX
+TSS_RESULT RPC_Sealx(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_ENCAUTH *encAuth, /* in */
+ UINT32 pcrInfoSize, /* in */
+ BYTE * PcrInfo, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * pubAuth, /* in, out */
+ UINT32 * SealedDataSize, /* out */
+ BYTE ** SealedData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Sealx_TP(entry, keyHandle, encAuth, pcrInfoSize, PcrInfo,
+ inDataSize, inData, pubAuth, SealedDataSize,
+ SealedData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+TSS_RESULT RPC_Unseal(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ UINT32 SealedDataSize, /* in */
+ BYTE * SealedData, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ TPM_AUTH * dataAuth, /* in, out */
+ UINT32 * DataSize, /* out */
+ BYTE ** Data) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Unseal_TP(entry, parentHandle, SealedDataSize, SealedData,
+ parentAuth, dataAuth, DataSize, Data);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_UnBind(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_UnBind_TP(entry, keyHandle, inDataSize, inData, privAuth,
+ outDataSize, outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_CreateMigrationBlob(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCPA_MIGRATE_SCHEME migrationType, /* in */
+ UINT32 MigrationKeyAuthSize, /* in */
+ BYTE * MigrationKeyAuth, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE * encData, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ TPM_AUTH * entityAuth, /* in, out */
+ UINT32 * randomSize, /* out */
+ BYTE ** random, /* out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CreateMigrationBlob_TP(entry, parentHandle,
+ migrationType, MigrationKeyAuthSize,
+ MigrationKeyAuth, encDataSize, encData,
+ parentAuth, entityAuth, randomSize,
+ random, outDataSize, outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ConvertMigrationBlob(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE parentHandle, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ UINT32 randomSize, /* in */
+ BYTE * random, /* in */
+ TPM_AUTH * parentAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ConvertMigrationBlob_TP(entry, parentHandle,
+ inDataSize, inData, randomSize,
+ random, parentAuth, outDataSize,
+ outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_AuthorizeMigrationKey(TSS_HCONTEXT tspContext, /* in */
+ TCPA_MIGRATE_SCHEME migrateScheme, /* in */
+ UINT32 MigrationKeySize, /* in */
+ BYTE * MigrationKey, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * MigrationKeyAuthSize, /* out */
+ BYTE ** MigrationKeyAuth) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_AuthorizeMigrationKey_TP(entry, migrateScheme,
+ MigrationKeySize, MigrationKey,
+ ownerAuth, MigrationKeyAuthSize,
+ MigrationKeyAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_CertifyKey(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE certHandle, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TPM_NONCE * antiReplay, /* in */
+ TPM_AUTH * certAuth, /* in, out */
+ TPM_AUTH * keyAuth, /* in, out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CertifyKey_TP(entry, certHandle, keyHandle, antiReplay,
+ certAuth, keyAuth, CertifyInfoSize, CertifyInfo,
+ outDataSize, outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_Sign(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 areaToSignSize, /* in */
+ BYTE * areaToSign, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Sign_TP(entry, keyHandle, areaToSignSize, areaToSign, privAuth,
+ sigSize, sig);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetRandom(TSS_HCONTEXT tspContext, /* in */
+ UINT32 bytesRequested, /* in */
+ BYTE ** randomBytes) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetRandom_TP(entry, bytesRequested, randomBytes);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_StirRandom(TSS_HCONTEXT tspContext, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_StirRandom_TP(entry, inDataSize, inData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetTPMCapability(TSS_HCONTEXT tspContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetTPMCapability_TP(entry, capArea, subCapSize, subCap,
+ respSize, resp);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_SetCapability(TSS_HCONTEXT tspContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 valueSize, /* in */
+ BYTE * value, /* in */
+ TPM_AUTH *ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_SetCapability_TP(entry, capArea, subCapSize, subCap,
+ valueSize, value, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetCapability(TSS_HCONTEXT tspContext, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetCapability_TP(entry, capArea, subCapSize, subCap, respSize,
+ resp);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetCapabilitySigned(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ TCPA_VERSION * Version, /* out */
+ UINT32 * respSize, /* out */
+ BYTE ** resp, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetCapabilitySigned_TP(entry, keyHandle, antiReplay, capArea,
+ subCapSize, subCap, privAuth, Version,
+ respSize, resp, sigSize, sig);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetCapabilityOwner(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH * pOwnerAuth, /* out */
+ TCPA_VERSION * pVersion, /* out */
+ UINT32 * pNonVolatileFlags, /* out */
+ UINT32 * pVolatileFlags) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetCapabilityOwner_TP(entry, pOwnerAuth, pVersion,
+ pNonVolatileFlags, pVolatileFlags);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_CreateEndorsementKeyPair(TSS_HCONTEXT tspContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 endorsementKeyInfoSize, /* in */
+ BYTE * endorsementKeyInfo, /* in */
+ UINT32 * endorsementKeySize, /* out */
+ BYTE ** endorsementKey, /* out */
+ TCPA_DIGEST * checksum) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CreateEndorsementKeyPair_TP(entry, antiReplay,
+ endorsementKeyInfoSize,
+ endorsementKeyInfo,
+ endorsementKeySize,
+ endorsementKey, checksum);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ReadPubek(TSS_HCONTEXT tspContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 * pubEndorsementKeySize, /* out */
+ BYTE ** pubEndorsementKey, /* out */
+ TCPA_DIGEST * checksum) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ReadPubek_TP(entry, antiReplay, pubEndorsementKeySize,
+ pubEndorsementKey, checksum);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_DisablePubekRead(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DisablePubekRead_TP(entry, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_OwnerReadPubek(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * pubEndorsementKeySize, /* out */
+ BYTE ** pubEndorsementKey) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_OwnerReadPubek_TP(entry, ownerAuth, pubEndorsementKeySize,
+ pubEndorsementKey);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_CreateRevocableEndorsementKeyPair(TSS_HCONTEXT tspContext, /* in */
+ TPM_NONCE antiReplay, /* in */
+ UINT32 endorsementKeyInfoSize,/* in */
+ BYTE * endorsementKeyInfo, /* in */
+ TSS_BOOL genResetAuth, /* in */
+ TPM_DIGEST * eKResetAuth, /* in, out */
+ UINT32 * endorsementKeySize, /* out */
+ BYTE ** endorsementKey, /* out */
+ TPM_DIGEST * checksum) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CreateRevocableEndorsementKeyPair_TP(entry, antiReplay,
+ endorsementKeyInfoSize,
+ endorsementKeyInfo,
+ genResetAuth,
+ eKResetAuth,
+ endorsementKeySize,
+ endorsementKey, checksum);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_RevokeEndorsementKeyPair(TSS_HCONTEXT tspContext, /* in */
+ TPM_DIGEST *EKResetAuth) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_RevokeEndorsementKeyPair_TP(entry, EKResetAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+TSS_RESULT RPC_SelfTestFull(TSS_HCONTEXT tspContext) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_SelfTestFull_TP(entry);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_CertifySelfTest(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CertifySelfTest_TP(entry, keyHandle, antiReplay, privAuth,
+ sigSize, sig);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_GetTestResult(TSS_HCONTEXT tspContext, /* in */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetTestResult_TP(entry, outDataSize, outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_OwnerSetDisable(TSS_HCONTEXT tspContext, /* in */
+ TSS_BOOL disableState, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_OwnerSetDisable_TP(entry, disableState, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_ResetLockValue(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ResetLockValue_TP(entry, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+TSS_RESULT RPC_OwnerClear(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_OwnerClear_TP(entry, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_DisableOwnerClear(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DisableOwnerClear_TP(entry, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ForceClear(TSS_HCONTEXT tspContext) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ForceClear_TP(entry);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_DisableForceClear(TSS_HCONTEXT tspContext) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DisableForceClear_TP(entry);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_PhysicalDisable(TSS_HCONTEXT tspContext) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_PhysicalDisable_TP(entry);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_PhysicalEnable(TSS_HCONTEXT tspContext) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_PhysicalEnable_TP(entry);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_PhysicalSetDeactivated(TSS_HCONTEXT tspContext, /* in */
+ TSS_BOOL state) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_PhysicalSetDeactivated_TP(entry, state);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_PhysicalPresence(TSS_HCONTEXT tspContext, /* in */
+ TCPA_PHYSICAL_PRESENCE fPhysicalPresence) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_PhysicalPresence_TP(entry, fPhysicalPresence);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_SetTempDeactivated(TSS_HCONTEXT tspContext) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_SetTempDeactivated_TP(entry);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT RPC_SetTempDeactivated2(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH *operatorAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_SetTempDeactivated2_TP(entry, operatorAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+TSS_RESULT RPC_FieldUpgrade(TSS_HCONTEXT tspContext, /* in */
+ UINT32 dataInSize, /* in */
+ BYTE * dataIn, /* in */
+ UINT32 * dataOutSize, /* out */
+ BYTE ** dataOut, /* out */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_FieldUpgrade_TP(entry, dataInSize, dataIn,
+ dataOutSize, dataOut,
+ ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_SetRedirection(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 c1, /* in */
+ UINT32 c2, /* in */
+ TPM_AUTH * privAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = (UINT32) TSPERR(TSS_E_INTERNAL_ERROR);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_CreateMaintenanceArchive(TSS_HCONTEXT tspContext, /* in */
+ TSS_BOOL generateRandom, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * randomSize, /* out */
+ BYTE ** random, /* out */
+ UINT32 * archiveSize, /* out */
+ BYTE ** archive) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CreateMaintenanceArchive_TP(entry, generateRandom, ownerAuth,
+ randomSize, random, archiveSize,
+ archive);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_LoadMaintenanceArchive(TSS_HCONTEXT tspContext, /* in */
+ UINT32 dataInSize, /* in */
+ BYTE * dataIn, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * dataOutSize, /* out */
+ BYTE ** dataOut) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_LoadMaintenanceArchive_TP(entry, dataInSize, dataIn, ownerAuth,
+ dataOutSize, dataOut);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_KillMaintenanceFeature(TSS_HCONTEXT tspContext, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_KillMaintenanceFeature_TP(entry, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_LoadManuMaintPub(TSS_HCONTEXT tspContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 PubKeySize, /* in */
+ BYTE * PubKey, /* in */
+ TCPA_DIGEST * checksum) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_LoadManuMaintPub_TP(entry, antiReplay, PubKeySize, PubKey,
+ checksum);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT RPC_ReadManuMaintPub(TSS_HCONTEXT tspContext, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TCPA_DIGEST * checksum) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ReadManuMaintPub_TP(entry, antiReplay, checksum);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#ifdef TSS_BUILD_DAA
+TSS_RESULT
+RPC_DaaJoin(TSS_HCONTEXT tspContext, /* in */
+ TPM_HANDLE daa_session, /* in */
+ BYTE stage, /* in */
+ UINT32 inputSize0, /* in */
+ BYTE* inputData0, /* in */
+ UINT32 inputSize1, /* in */
+ BYTE* inputData1, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ UINT32* outputSize, /* out */
+ BYTE** outputData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DaaJoin_TP(entry, daa_session, stage, inputSize0, inputData0,
+ inputSize1, inputData1, ownerAuth, outputSize,
+ outputData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+
+}
+
+TSS_RESULT
+RPC_DaaSign(TSS_HCONTEXT tspContext, /* in */
+ TPM_HANDLE daa_session, /* in */
+ BYTE stage, /* in */
+ UINT32 inputSize0, /* in */
+ BYTE* inputData0, /* in */
+ UINT32 inputSize1, /* in */
+ BYTE* inputData1, /* in */
+ TPM_AUTH* ownerAuth, /* in, out */
+ UINT32* outputSize, /* out */
+ BYTE** outputData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DaaSign_TP(entry, daa_session, stage, inputSize0, inputData0,
+ inputSize1, inputData1, ownerAuth, outputSize,
+ outputData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_COUNTER
+TSS_RESULT
+RPC_ReadCounter(TSS_HCONTEXT tspContext, /* in */
+ TSS_COUNTER_ID idCounter, /* in */
+ TPM_COUNTER_VALUE* counterValue) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ReadCounter_TP(entry, idCounter, counterValue);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_CreateCounter(TSS_HCONTEXT tspContext, /* in */
+ UINT32 LabelSize, /* in (=4) */
+ BYTE* pLabel, /* in */
+ TPM_ENCAUTH CounterAuth, /* in */
+ TPM_AUTH* pOwnerAuth, /* in, out */
+ TSS_COUNTER_ID* idCounter, /* out */
+ TPM_COUNTER_VALUE* counterValue) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CreateCounter_TP(entry, LabelSize, pLabel, CounterAuth,
+ pOwnerAuth, idCounter, counterValue);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_IncrementCounter(TSS_HCONTEXT tspContext, /* in */
+ TSS_COUNTER_ID idCounter, /* in */
+ TPM_AUTH* pCounterAuth, /* in, out */
+ TPM_COUNTER_VALUE* counterValue) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_IncrementCounter_TP(entry, idCounter, pCounterAuth,
+ counterValue);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_ReleaseCounter(TSS_HCONTEXT tspContext, /* in */
+ TSS_COUNTER_ID idCounter, /* in */
+ TPM_AUTH* pCounterAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ReleaseCounter_TP(entry, idCounter, pCounterAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_ReleaseCounterOwner(TSS_HCONTEXT tspContext, /* in */
+ TSS_COUNTER_ID idCounter, /* in */
+ TPM_AUTH* pOwnerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ReleaseCounterOwner_TP(entry, idCounter, pOwnerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_TICK
+TSS_RESULT
+RPC_ReadCurrentTicks(TSS_HCONTEXT tspContext, /* in */
+ UINT32* pulCurrentTime, /* out */
+ BYTE** prgbCurrentTime) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ReadCurrentTicks_TP(entry, pulCurrentTime, prgbCurrentTime);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_TickStampBlob(TSS_HCONTEXT tspContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_NONCE* antiReplay, /* in */
+ TPM_DIGEST* digestToStamp, /* in */
+ TPM_AUTH* privAuth, /* in, out */
+ UINT32* pulSignatureLength, /* out */
+ BYTE** prgbSignature, /* out */
+ UINT32* pulTickCountLength, /* out */
+ BYTE** prgbTickCount) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_TickStampBlob_TP(entry, hKey, antiReplay, digestToStamp,
+ privAuth, pulSignatureLength,
+ prgbSignature, pulTickCountLength,
+ prgbTickCount);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_TRANSPORT
+TSS_RESULT
+RPC_EstablishTransport(TSS_HCONTEXT tspContext,
+ UINT32 ulTransControlFlags,
+ TCS_KEY_HANDLE hEncKey,
+ UINT32 ulTransSessionInfoSize,
+ BYTE* rgbTransSessionInfo,
+ UINT32 ulSecretSize,
+ BYTE* rgbSecret,
+ TPM_AUTH* pEncKeyAuth, /* in, out */
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ TCS_HANDLE* hTransSession,
+ UINT32* ulCurrentTicksSize,
+ BYTE** prgbCurrentTicks,
+ TPM_NONCE* pTransNonce)
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_EstablishTransport_TP(entry, ulTransControlFlags, hEncKey,
+ ulTransSessionInfoSize,
+ rgbTransSessionInfo, ulSecretSize,
+ rgbSecret, pEncKeyAuth, pbLocality,
+ hTransSession, ulCurrentTicksSize,
+ prgbCurrentTicks, pTransNonce);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+
+TSS_RESULT
+RPC_ExecuteTransport(TSS_HCONTEXT tspContext,
+ TPM_COMMAND_CODE unWrappedCommandOrdinal,
+ UINT32 ulWrappedCmdParamInSize,
+ BYTE* rgbWrappedCmdParamIn,
+ UINT32* pulHandleListSize, /* in, out */
+ TCS_HANDLE** rghHandles, /* in, out */
+ TPM_AUTH* pWrappedCmdAuth1, /* in, out */
+ TPM_AUTH* pWrappedCmdAuth2, /* in, out */
+ TPM_AUTH* pTransAuth, /* in, out */
+ UINT64* punCurrentTicks,
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ TPM_RESULT* pulWrappedCmdReturnCode,
+ UINT32* ulWrappedCmdParamOutSize,
+ BYTE** rgbWrappedCmdParamOut)
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ExecuteTransport_TP(entry, unWrappedCommandOrdinal,
+ ulWrappedCmdParamInSize,
+ rgbWrappedCmdParamIn, pulHandleListSize,
+ rghHandles, pWrappedCmdAuth1,
+ pWrappedCmdAuth2, pTransAuth,
+ punCurrentTicks, pbLocality,
+ pulWrappedCmdReturnCode,
+ ulWrappedCmdParamOutSize,
+ rgbWrappedCmdParamOut);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_ReleaseTransportSigned(TSS_HCONTEXT tspContext,
+ TCS_KEY_HANDLE hSignatureKey,
+ TPM_NONCE* AntiReplayNonce,
+ TPM_AUTH* pKeyAuth, /* in, out */
+ TPM_AUTH* pTransAuth, /* in, out */
+ TPM_MODIFIER_INDICATOR* pbLocality,
+ UINT32* pulCurrentTicksSize,
+ BYTE** prgbCurrentTicks,
+ UINT32* pulSignatureSize,
+ BYTE** prgbSignature)
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(tspContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_ReleaseTransportSigned_TP(entry, hSignatureKey,
+ AntiReplayNonce, pKeyAuth,
+ pTransAuth, pbLocality,
+ pulCurrentTicksSize,
+ prgbCurrentTicks, pulSignatureSize,
+ prgbSignature);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_NV
+TSS_RESULT
+RPC_NV_DefineOrReleaseSpace(TSS_HCONTEXT hContext, /* in */
+ UINT32 cPubInfoSize, /* in */
+ BYTE* pPubInfo, /* in */
+ TCPA_ENCAUTH encAuth, /* in */
+ TPM_AUTH* pAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_NV_DefineOrReleaseSpace_TP(entry, cPubInfoSize, pPubInfo,
+ encAuth, pAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_NV_WriteValue(TSS_HCONTEXT hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 ulDataLength, /* in */
+ BYTE* rgbDataToWrite, /* in */
+ TPM_AUTH* privAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_NV_WriteValue_TP(entry, hNVStore, offset, ulDataLength,
+ rgbDataToWrite, privAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+
+TSS_RESULT
+RPC_NV_WriteValueAuth(TSS_HCONTEXT hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32 ulDataLength, /* in */
+ BYTE* rgbDataToWrite, /* in */
+ TPM_AUTH* NVAuth) /* in, out */
+{
+
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_NV_WriteValueAuth_TP(entry, hNVStore, offset, ulDataLength,
+ rgbDataToWrite, NVAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+
+TSS_RESULT
+RPC_NV_ReadValue(TSS_HCONTEXT hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32* pulDataLength, /* in, out */
+ TPM_AUTH* privAuth, /* in, out */
+ BYTE** rgbDataRead) /* out */
+{
+
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_NV_ReadValue_TP(entry, hNVStore, offset, pulDataLength,
+ privAuth, rgbDataRead);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_NV_ReadValueAuth(TSS_HCONTEXT hContext, /* in */
+ TSS_NV_INDEX hNVStore, /* in */
+ UINT32 offset, /* in */
+ UINT32* pulDataLength, /* in, out */
+ TPM_AUTH* NVAuth, /* in, out */
+ BYTE** rgbDataRead) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_NV_ReadValueAuth_TP(entry, hNVStore, offset, pulDataLength,
+ NVAuth, rgbDataRead);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_AUDIT
+TSS_RESULT
+RPC_SetOrdinalAuditStatus(TSS_HCONTEXT hContext, /* in */
+ TPM_AUTH *ownerAuth, /* in/out */
+ UINT32 ulOrdinal, /* in */
+ TSS_BOOL bAuditState) /* in */
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_SetOrdinalAuditStatus_TP(entry, ownerAuth, ulOrdinal,
+ bAuditState);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_GetAuditDigest(TSS_HCONTEXT hContext, /* in */
+ UINT32 startOrdinal, /* in */
+ TPM_DIGEST *auditDigest, /* out */
+ UINT32 *counterValueSize, /* out */
+ BYTE **counterValue, /* out */
+ TSS_BOOL *more, /* out */
+ UINT32 *ordSize, /* out */
+ UINT32 **ordList) /* out */
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetAuditDigest_TP(entry, startOrdinal, auditDigest,
+ counterValueSize, counterValue, more,
+ ordSize, ordList);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_GetAuditDigestSigned(TSS_HCONTEXT hContext, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TSS_BOOL closeAudit, /* in */
+ TPM_NONCE *antiReplay, /* in */
+ TPM_AUTH *privAuth, /* in/out */
+ UINT32 *counterValueSize, /* out */
+ BYTE **counterValue, /* out */
+ TPM_DIGEST *auditDigest, /* out */
+ TPM_DIGEST *ordinalDigest, /* out */
+ UINT32 *sigSize, /* out */
+ BYTE **sig) /* out */
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_GetAuditDigestSigned_TP(entry, keyHandle, closeAudit,
+ antiReplay, privAuth,
+ counterValueSize, counterValue,
+ auditDigest, ordinalDigest,
+ sigSize, sig);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+RPC_SetOperatorAuth(TSS_HCONTEXT hContext, /* in */
+ TCPA_SECRET *operatorAuth) /* in */
+{
+ TSS_RESULT result = TSS_SUCCESS;
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_SetOperatorAuth_TP(entry, operatorAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_OwnerReadInternalPub(TSS_HCONTEXT hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ TPM_AUTH* pOwnerAuth, /* in, out */
+ UINT32* punPubKeySize, /* out */
+ BYTE** ppbPubKeyData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_OwnerReadInternalPub_TP(entry, hKey, pOwnerAuth, punPubKeySize,
+ ppbPubKeyData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_DELEGATION
+TSS_RESULT
+RPC_Delegate_Manage(TSS_HCONTEXT hContext, /* in */
+ TPM_FAMILY_ID familyID, /* in */
+ TPM_FAMILY_OPERATION opFlag, /* in */
+ UINT32 opDataSize, /* in */
+ BYTE *opData, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ UINT32 *retDataSize, /* out */
+ BYTE **retData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Delegate_Manage_TP(entry, familyID, opFlag, opDataSize, opData,
+ ownerAuth, retDataSize, retData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_Delegate_CreateKeyDelegation(TSS_HCONTEXT hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ UINT32 publicInfoSize, /* in */
+ BYTE *publicInfo, /* in */
+ TPM_ENCAUTH *encDelAuth, /* in */
+ TPM_AUTH *keyAuth, /* in, out */
+ UINT32 *blobSize, /* out */
+ BYTE **blob) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Delegate_CreateKeyDelegation_TP(entry, hKey, publicInfoSize,
+ publicInfo, encDelAuth,
+ keyAuth, blobSize, blob);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_Delegate_CreateOwnerDelegation(TSS_HCONTEXT hContext, /* in */
+ TSS_BOOL increment, /* in */
+ UINT32 publicInfoSize, /* in */
+ BYTE *publicInfo, /* in */
+ TPM_ENCAUTH *encDelAuth, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ UINT32 *blobSize, /* out */
+ BYTE **blob) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Delegate_CreateOwnerDelegation_TP(entry, increment,
+ publicInfoSize, publicInfo,
+ encDelAuth, ownerAuth,
+ blobSize, blob);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_Delegate_LoadOwnerDelegation(TSS_HCONTEXT hContext, /* in */
+ TPM_DELEGATE_INDEX index, /* in */
+ UINT32 blobSize, /* in */
+ BYTE *blob, /* in */
+ TPM_AUTH *ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Delegate_LoadOwnerDelegation_TP(entry, index, blobSize, blob,
+ ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_Delegate_ReadTable(TSS_HCONTEXT hContext, /* in */
+ UINT32 *familyTableSize, /* out */
+ BYTE **familyTable, /* out */
+ UINT32 *delegateTableSize, /* out */
+ BYTE **delegateTable) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Delegate_ReadTable_TP(entry, familyTableSize, familyTable,
+ delegateTableSize, delegateTable);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_Delegate_UpdateVerificationCount(TSS_HCONTEXT hContext, /* in */
+ UINT32 inputSize, /* in */
+ BYTE *input, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ UINT32 *outputSize, /* out */
+ BYTE **output) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Delegate_UpdateVerificationCount_TP(entry, inputSize, input,
+ ownerAuth, outputSize,
+ output);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_Delegate_VerifyDelegation(TSS_HCONTEXT hContext, /* in */
+ UINT32 delegateSize, /* in */
+ BYTE *delegate) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_Delegate_VerifyDelegation_TP(entry, delegateSize, delegate);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_DSAP(TSS_HCONTEXT hContext, /* in */
+ TPM_ENTITY_TYPE entityType, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TPM_NONCE *nonceOddDSAP, /* in */
+ UINT32 entityValueSize, /* in */
+ BYTE * entityValue, /* in */
+ TCS_AUTHHANDLE *authHandle, /* out */
+ TPM_NONCE *nonceEven, /* out */
+ TPM_NONCE *nonceEvenDSAP) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_DSAP_TP(entry, entityType, keyHandle, nonceOddDSAP,
+ entityValueSize, entityValue, authHandle, nonceEven,
+ nonceEvenDSAP);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+#endif
+
+#ifdef TSS_BUILD_CMK
+TSS_RESULT
+RPC_CMK_SetRestrictions(TSS_HCONTEXT hContext, /* in */
+ TSS_CMK_DELEGATE restriction, /* in */
+ TPM_AUTH *ownerAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CMK_SetRestrictions_TP(entry, restriction, ownerAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_CMK_ApproveMA(TSS_HCONTEXT hContext, /* in */
+ TPM_DIGEST migAuthorityDigest, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ TPM_HMAC *migAuthorityApproval) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CMK_ApproveMA_TP(entry, migAuthorityDigest, ownerAuth,
+ migAuthorityApproval);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_CMK_CreateKey(TSS_HCONTEXT hContext, /* in */
+ TCS_KEY_HANDLE hWrappingKey, /* in */
+ TPM_ENCAUTH *keyUsageAuth, /* in */
+ TPM_HMAC *migAuthorityApproval, /* in */
+ TPM_DIGEST *migAuthorityDigest, /* in */
+ UINT32 *keyDataSize, /* in, out */
+ BYTE **keyData, /* in, out */
+ TPM_AUTH *pAuth) /* in, out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CMK_CreateKey_TP(entry, hWrappingKey, keyUsageAuth,
+ migAuthorityApproval, migAuthorityDigest, keyDataSize,
+ keyData, pAuth);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_CMK_CreateTicket(TSS_HCONTEXT hContext, /* in */
+ UINT32 publicVerifyKeySize, /* in */
+ BYTE *publicVerifyKey, /* in */
+ TPM_DIGEST signedData, /* in */
+ UINT32 sigValueSize, /* in */
+ BYTE *sigValue, /* in */
+ TPM_AUTH *ownerAuth, /* in, out */
+ TPM_HMAC *sigTicket) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CMK_CreateTicket_TP(entry, publicVerifyKeySize,
+ publicVerifyKey, signedData, sigValueSize, sigValue,
+ ownerAuth, sigTicket);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_CMK_CreateBlob(TSS_HCONTEXT hContext, /* in */
+ TCS_KEY_HANDLE hParentKey, /* in */
+ TSS_MIGRATE_SCHEME migrationType, /* in */
+ UINT32 migKeyAuthSize, /* in */
+ BYTE *migKeyAuth, /* in */
+ TPM_DIGEST pubSourceKeyDigest, /* in */
+ UINT32 msaListSize, /* in */
+ BYTE *msaList, /* in */
+ UINT32 restrictTicketSize, /* in */
+ BYTE *restrictTicket, /* in */
+ UINT32 sigTicketSize, /* in */
+ BYTE *sigTicket, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE *encData, /* in */
+ TPM_AUTH *pAuth, /* in, out */
+ UINT32 *randomSize, /* out */
+ BYTE **random, /* out */
+ UINT32 *outDataSize, /* out */
+ BYTE **outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CMK_CreateBlob_TP(entry, hParentKey, migrationType,
+ migKeyAuthSize, migKeyAuth, pubSourceKeyDigest,
+ msaListSize, msaList, restrictTicketSize, restrictTicket,
+ sigTicketSize, sigTicket, encDataSize, encData, pAuth,
+ randomSize, random, outDataSize, outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_CMK_ConvertMigration(TSS_HCONTEXT hContext, /* in */
+ TCS_KEY_HANDLE hParentHandle, /* in */
+ TPM_CMK_AUTH restrictTicket, /* in */
+ TPM_HMAC sigTicket, /* in */
+ UINT32 keyDataSize, /* in */
+ BYTE *keyData, /* in */
+ UINT32 msaListSize, /* in */
+ BYTE *msaList, /* in */
+ UINT32 randomSize, /* in */
+ BYTE *random, /* in */
+ TPM_AUTH *pAuth, /* in, out */
+ UINT32 *outDataSize, /* out */
+ BYTE **outData) /* out */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_CMK_ConvertMigration_TP(entry, hParentHandle, restrictTicket,
+ sigTicket, keyDataSize, keyData, msaListSize, msaList,
+ randomSize, random, pAuth, outDataSize, outData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+RPC_FlushSpecific(TSS_HCONTEXT hContext, /* in */
+ TCS_HANDLE hResHandle, /* in */
+ TPM_RESOURCE_TYPE resourceType) /* in */
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_FlushSpecific_TP(entry, hResHandle, resourceType);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+
+TSS_RESULT
+RPC_KeyControlOwner(TCS_CONTEXT_HANDLE hContext, /* in */
+ TCS_KEY_HANDLE hKey, /* in */
+ UINT32 ulPublicInfoLength, /* in */
+ BYTE* rgbPublicInfo, /* in */
+ UINT32 attribName, /* in */
+ TSS_BOOL attribValue, /* in */
+ TPM_AUTH* pOwnerAuth, /* in, out */
+ TSS_UUID* pUuidData) /* out */
+
+{
+ TSS_RESULT result = (TSS_E_INTERNAL_ERROR | TSS_LAYER_TSP);
+ struct host_table_entry *entry = get_table_entry(hContext);
+
+ if (entry == NULL)
+ return TSPERR(TSS_E_NO_CONNECTION);
+
+ switch (entry->type) {
+ case CONNECTION_TYPE_TCP_PERSISTANT:
+ result = RPC_KeyControlOwner_TP(entry, hKey,
+ ulPublicInfoLength,
+ rgbPublicInfo,
+ attribName,
+ attribValue,
+ pOwnerAuth,
+ pUuidData);
+ break;
+ default:
+ break;
+ }
+
+ put_table_entry(entry);
+
+ return result;
+}
+#endif
+
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/fuzzed_rpc.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/fuzzed_rpc.c
new file mode 100644
index 0000000..bc347d7
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/fuzzed_rpc.c
@@ -0,0 +1,112 @@
+// Copyright 2021 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// This file replaces `rpc.c` when fuzzing is enabled.
+// The replaced `getData()` fucntion provides fuzzed data for upper layers of
+// the trousers client. In the trousers client, data come from the tcsd will be
+// parsed by `getData()`, so injecting `getData()` is a way to provide fuzzed
+// tcsd data. An instinct alternative is to inject `recv_from_socket` instead,
+// but we choose `getData()` because `getData()` provides structured data, which
+// allows the fuzzer getting a higher coverage faster.
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+
+#include "libhwsec-foundation/fuzzed_trousers_utils.h"
+
+
+void
+initData(struct tcsd_comm_data *comm, int parm_count)
+{
+ /* min packet size should be the size of the header */
+ __tspi_memset(&comm->hdr, 0, sizeof(struct tcsd_packet_hdr));
+ comm->hdr.packet_size = sizeof(struct tcsd_packet_hdr);
+ comm->hdr.type_offset = sizeof(struct tcsd_packet_hdr);
+ comm->hdr.parm_offset = comm->hdr.type_offset + (sizeof(TCSD_PACKET_TYPE) * parm_count);
+ comm->hdr.packet_size = comm->hdr.parm_offset;
+
+ __tspi_memset(comm->buf, 0, comm->buf_size);
+}
+
+int
+setData(TCSD_PACKET_TYPE dataType,
+ int index,
+ void *theData,
+ int theDataSize,
+ struct tcsd_comm_data *comm)
+{
+ return TSS_SUCCESS;
+}
+
+UINT32
+getData(TCSD_PACKET_TYPE dataType,
+ int index,
+ void *theData,
+ int theDataSize,
+ struct tcsd_comm_data *comm)
+{
+ TSS_RESULT result;
+
+ switch (dataType) {
+ case TCSD_PACKET_TYPE_BYTE:
+ *(BYTE *)theData = FuzzedTrousersConsumeByte();
+ break;
+ case TCSD_PACKET_TYPE_BOOL:
+ *(TSS_BOOL *)theData = FuzzedTrousersConsumeBool();
+ break;
+ case TCSD_PACKET_TYPE_UINT16:
+ *(UINT16 *)theData = FuzzedTrousersConsumeUint16();
+ break;
+ case TCSD_PACKET_TYPE_UINT32:
+ *(UINT32 *)theData = FuzzedTrousersConsumeUint32();
+ break;
+ case TCSD_PACKET_TYPE_UINT64:
+ *(UINT64 *)theData = FuzzedTrousersConsumeUint64();
+ break;
+ case TCSD_PACKET_TYPE_PBYTE:
+ FuzzedTrousersConsumeBytes(theDataSize, theData);
+ break;
+ case TCSD_PACKET_TYPE_NONCE:
+ if (theData) {
+ FuzzedTrousersConsumeBytes(TPM_SHA1_160_HASH_LEN, ((TPM_NONCE *)theData)->nonce);
+ }
+ break;
+ case TCSD_PACKET_TYPE_DIGEST:
+ FuzzedTrousersConsumeBytes(sizeof(TCPA_DIGEST), ((TCPA_DIGEST *)theData)->digest);
+ break;
+ case TCSD_PACKET_TYPE_AUTH:
+ case TCSD_PACKET_TYPE_UUID:
+ case TCSD_PACKET_TYPE_ENCAUTH:
+ case TCSD_PACKET_TYPE_VERSION:
+ case TCSD_PACKET_TYPE_KM_KEYINFO:
+ case TCSD_PACKET_TYPE_KM_KEYINFO2:
+#ifdef TSS_BUILD_PS
+ case TCSD_PACKET_TYPE_LOADKEY_INFO:
+#endif
+ case TCSD_PACKET_TYPE_PCR_EVENT:
+ case TCSD_PACKET_TYPE_COUNTER_VALUE:
+ case TCSD_PACKET_TYPE_SECRET:
+ // TODO(domen): Support these data types.
+ LogError("fuzzer unsupported data type (%d) in TCSD packet", dataType);
+ return -1;
+ default:
+ LogError("unknown data type (%d) in TCSD packet!", dataType);
+ return -1;
+ }
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+sendTCSDPacket(struct host_table_entry *hte)
+{
+ // TODO(domen): Make it possible to return an error.
+ hte->comm.hdr.u.result = 0;
+ return TSS_SUCCESS;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc.c
new file mode 100644
index 0000000..102950d
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc.c
@@ -0,0 +1,564 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <sys/un.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <assert.h>
+#include <limits.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+#include "tsp_tcsi_param.h"
+
+
+void
+initData(struct tcsd_comm_data *comm, int parm_count)
+{
+ /* min packet size should be the size of the header */
+ __tspi_memset(&comm->hdr, 0, sizeof(struct tcsd_packet_hdr));
+ comm->hdr.packet_size = sizeof(struct tcsd_packet_hdr);
+ comm->hdr.type_offset = sizeof(struct tcsd_packet_hdr);
+ comm->hdr.parm_offset = comm->hdr.type_offset + (sizeof(TCSD_PACKET_TYPE) * parm_count);
+ comm->hdr.packet_size = comm->hdr.parm_offset;
+
+ __tspi_memset(comm->buf, 0, comm->buf_size);
+}
+
+int
+loadData(UINT64 *offset, TCSD_PACKET_TYPE data_type, void *data, int data_size, BYTE *blob)
+{
+ switch (data_type) {
+ case TCSD_PACKET_TYPE_BYTE:
+ Trspi_LoadBlob_BYTE(offset, *((BYTE *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_BOOL:
+ Trspi_LoadBlob_BOOL(offset, *((TSS_BOOL *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_UINT16:
+ Trspi_LoadBlob_UINT16(offset, *((UINT16 *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_UINT32:
+ Trspi_LoadBlob_UINT32(offset, *((UINT32 *) (data)), blob);
+ break;
+ case TCSD_PACKET_TYPE_PBYTE:
+ Trspi_LoadBlob(offset, data_size, blob, (BYTE *)data);
+ break;
+ case TCSD_PACKET_TYPE_NONCE:
+ Trspi_LoadBlob(offset, 20, blob, ((TCPA_NONCE *)data)->nonce);
+ break;
+ case TCSD_PACKET_TYPE_DIGEST:
+ Trspi_LoadBlob(offset, 20, blob, ((TCPA_DIGEST *)data)->digest);
+ break;
+ case TCSD_PACKET_TYPE_AUTH:
+ LoadBlob_AUTH(offset, blob, ((TPM_AUTH *)data));
+ break;
+ case TCSD_PACKET_TYPE_UUID:
+ Trspi_LoadBlob_UUID(offset, blob, *((TSS_UUID *)data));
+ break;
+ case TCSD_PACKET_TYPE_ENCAUTH:
+ Trspi_LoadBlob(offset, 20, blob, ((TCPA_ENCAUTH *)data)->authdata);
+ break;
+ case TCSD_PACKET_TYPE_VERSION:
+ Trspi_LoadBlob_TCPA_VERSION(offset, blob, *((TCPA_VERSION *)data));
+ break;
+#ifdef TSS_BUILD_PS
+ case TCSD_PACKET_TYPE_LOADKEY_INFO:
+ LoadBlob_LOADKEY_INFO(offset, blob, ((TCS_LOADKEY_INFO *)data));
+ break;
+#endif
+ case TCSD_PACKET_TYPE_PCR_EVENT:
+ Trspi_LoadBlob_PCR_EVENT(offset, blob, ((TSS_PCR_EVENT *)data));
+ break;
+ case TCSD_PACKET_TYPE_COUNTER_VALUE:
+ Trspi_LoadBlob_COUNTER_VALUE(offset, blob, ((TPM_COUNTER_VALUE *)data));
+ break;
+ case TCSD_PACKET_TYPE_SECRET:
+ Trspi_LoadBlob(offset, 20, blob, ((TCPA_SECRET *)data)->authdata);
+ break;
+ default:
+ LogError("TCSD packet type unknown! (0x%x)", data_type & 0xff);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return TSS_SUCCESS;
+}
+
+int
+setData(TCSD_PACKET_TYPE dataType,
+ int index,
+ void *theData,
+ int theDataSize,
+ struct tcsd_comm_data *comm)
+{
+ UINT64 old_offset, offset;
+ TSS_RESULT result;
+ TCSD_PACKET_TYPE *type;
+
+ /* Calculate the size of the area needed (use NULL for blob address) */
+ offset = 0;
+ if ((result = loadData(&offset, dataType, theData, theDataSize, NULL)))
+ return result;
+ if ((comm->hdr.packet_size + offset) > TSS_TPM_TXBLOB_SIZE) {
+ LogError("Too much data to be transmitted!");
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ if ((comm->hdr.packet_size + offset) > comm->buf_size) {
+ /* reallocate the buffer */
+ BYTE *buffer;
+ int buffer_size = comm->hdr.packet_size + offset;
+
+ LogDebug("Increasing communication buffer to %d bytes.", buffer_size);
+ buffer = realloc(comm->buf, buffer_size);
+ if (buffer == NULL) {
+ LogError("realloc of %d bytes failed.", buffer_size);
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ comm->buf_size = buffer_size;
+ comm->buf = buffer;
+ }
+
+ offset = old_offset = comm->hdr.parm_offset + comm->hdr.parm_size;
+ if ((result = loadData(&offset, dataType, theData, theDataSize, comm->buf)))
+ return result;
+ type = (TCSD_PACKET_TYPE *)(comm->buf + comm->hdr.type_offset) + index;
+ *type = dataType;
+ comm->hdr.type_size += sizeof(TCSD_PACKET_TYPE);
+ comm->hdr.parm_size += (offset - old_offset);
+
+ comm->hdr.packet_size = offset;
+ comm->hdr.num_parms++;
+
+ return TSS_SUCCESS;
+}
+
+UINT32
+getData(TCSD_PACKET_TYPE dataType,
+ int index,
+ void *theData,
+ int theDataSize,
+ struct tcsd_comm_data *comm)
+{
+ TSS_RESULT result;
+ UINT64 old_offset, offset;
+ TCSD_PACKET_TYPE *type = (TCSD_PACKET_TYPE *)(comm->buf + comm->hdr.type_offset) + index;
+
+ if ((UINT32)index >= comm->hdr.num_parms || dataType != *type) {
+ LogDebug("Data type of TCS packet element %d doesn't match.", index);
+ return TSS_TCP_RPC_BAD_PACKET_TYPE;
+ }
+ old_offset = offset = comm->hdr.parm_offset;
+ switch (dataType) {
+ case TCSD_PACKET_TYPE_BYTE:
+ Trspi_UnloadBlob_BYTE(&offset, (BYTE *)theData, comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_BOOL:
+ Trspi_UnloadBlob_BOOL(&offset, (TSS_BOOL *)theData, comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_UINT16:
+ Trspi_UnloadBlob_UINT16(&offset, (UINT16 *)theData, comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_UINT32:
+ Trspi_UnloadBlob_UINT32(&offset, (UINT32 *)theData, comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_UINT64:
+ Trspi_UnloadBlob_UINT64(&offset, (UINT64 *)theData, comm->buf);
+ break;
+ case TCSD_PACKET_TYPE_PBYTE:
+ Trspi_UnloadBlob(&offset, theDataSize, comm->buf, (BYTE *)theData);
+ break;
+ case TCSD_PACKET_TYPE_NONCE:
+ Trspi_UnloadBlob_NONCE(&offset, comm->buf, (TPM_NONCE *)theData);
+ break;
+ case TCSD_PACKET_TYPE_DIGEST:
+ Trspi_UnloadBlob(&offset, sizeof(TCPA_DIGEST), comm->buf,
+ ((TCPA_DIGEST *)theData)->digest);
+ break;
+ case TCSD_PACKET_TYPE_AUTH:
+ UnloadBlob_AUTH(&offset, comm->buf, ((TPM_AUTH *)theData));
+ break;
+ case TCSD_PACKET_TYPE_UUID:
+ Trspi_UnloadBlob_UUID(&offset, comm->buf, ((TSS_UUID *)theData));
+ break;
+ case TCSD_PACKET_TYPE_ENCAUTH:
+ Trspi_UnloadBlob(&offset, sizeof(TCPA_ENCAUTH), comm->buf,
+ ((TCPA_ENCAUTH *)theData)->authdata);
+ break;
+ case TCSD_PACKET_TYPE_VERSION:
+ Trspi_UnloadBlob_TCPA_VERSION(&offset, comm->buf,
+ ((TCPA_VERSION *)theData));
+ break;
+ case TCSD_PACKET_TYPE_KM_KEYINFO:
+ if ((result = Trspi_UnloadBlob_KM_KEYINFO(&offset, comm->buf,
+ ((TSS_KM_KEYINFO *)theData))))
+ return result;
+ break;
+ case TCSD_PACKET_TYPE_KM_KEYINFO2:
+ if ((result = Trspi_UnloadBlob_KM_KEYINFO2(&offset, comm->buf,
+ ((TSS_KM_KEYINFO2 *)theData))))
+ return result;
+ break;
+#ifdef TSS_BUILD_PS
+ case TCSD_PACKET_TYPE_LOADKEY_INFO:
+ UnloadBlob_LOADKEY_INFO(&offset, comm->buf, ((TCS_LOADKEY_INFO *)theData));
+ break;
+#endif
+ case TCSD_PACKET_TYPE_PCR_EVENT:
+ if ((result = Trspi_UnloadBlob_PCR_EVENT(&offset, comm->buf,
+ ((TSS_PCR_EVENT *)theData))))
+ return result;
+ break;
+ case TCSD_PACKET_TYPE_COUNTER_VALUE:
+ Trspi_UnloadBlob_COUNTER_VALUE(&offset, comm->buf,
+ ((TPM_COUNTER_VALUE *)theData));
+ break;
+ case TCSD_PACKET_TYPE_SECRET:
+ Trspi_UnloadBlob(&offset, sizeof(TCPA_SECRET), comm->buf,
+ ((TCPA_SECRET *)theData)->authdata);
+ break;
+ default:
+ LogError("unknown data type (%d) in TCSD packet!", dataType);
+ return -1;
+ }
+ comm->hdr.parm_offset = offset;
+ comm->hdr.parm_size -= (offset - old_offset);
+
+ return TSS_SUCCESS;
+}
+
+TSS_RESULT
+sendTCSDPacket(struct host_table_entry *hte)
+{
+ TSS_RESULT rc;
+ UINT64 offset = 0;
+
+#ifdef MOCK_TPM
+ /*
+ * If there's no real TPM just return failure right away. The rest
+ * of the system will deal with it.
+ */
+ return TSPERR(TSS_E_COMM_FAILURE);
+#endif
+
+ Trspi_LoadBlob_UINT32(&offset, hte->comm.hdr.packet_size, hte->comm.buf);
+ Trspi_LoadBlob_UINT32(&offset, hte->comm.hdr.u.ordinal, hte->comm.buf);
+ Trspi_LoadBlob_UINT32(&offset, hte->comm.hdr.num_parms, hte->comm.buf);
+ Trspi_LoadBlob_UINT32(&offset, hte->comm.hdr.type_size, hte->comm.buf);
+ Trspi_LoadBlob_UINT32(&offset, hte->comm.hdr.type_offset, hte->comm.buf);
+ Trspi_LoadBlob_UINT32(&offset, hte->comm.hdr.parm_size, hte->comm.buf);
+ Trspi_LoadBlob_UINT32(&offset, hte->comm.hdr.parm_offset, hte->comm.buf);
+
+#if 0
+ /* --- Send it */
+ printBuffer(hte->comm.buf, hte->comm.hdr.packet_size);
+ LogInfo("Sending Packet with TCSD ordinal 0x%X", hte->comm.hdr.u.ordinal);
+#endif
+ /* if the ordinal is open context, there are some host table entry
+ * manipulations that must be done, so call _init
+ */
+ if (hte->comm.hdr.u.ordinal == TCSD_ORD_OPENCONTEXT) {
+ if ((rc = send_init(hte))) {
+ LogError("Failed to send packet");
+ return rc;
+ }
+ } else {
+ if ((rc = tcs_sendit(hte))) {
+ LogError("Failed to send packet");
+ return rc;
+ }
+ }
+
+ /* create a platform version of the tcsd header */
+ offset = 0;
+ Trspi_UnloadBlob_UINT32(&offset, &hte->comm.hdr.packet_size, hte->comm.buf);
+ Trspi_UnloadBlob_UINT32(&offset, &hte->comm.hdr.u.result, hte->comm.buf);
+ Trspi_UnloadBlob_UINT32(&offset, &hte->comm.hdr.num_parms, hte->comm.buf);
+ Trspi_UnloadBlob_UINT32(&offset, &hte->comm.hdr.type_size, hte->comm.buf);
+ Trspi_UnloadBlob_UINT32(&offset, &hte->comm.hdr.type_offset, hte->comm.buf);
+ Trspi_UnloadBlob_UINT32(&offset, &hte->comm.hdr.parm_size, hte->comm.buf);
+ Trspi_UnloadBlob_UINT32(&offset, &hte->comm.hdr.parm_offset, hte->comm.buf);
+
+ return TSS_SUCCESS;
+}
+
+int
+recv_from_socket(int sock, void *buffer, int size)
+{
+ int recv_size = 0, recv_total = 0;
+
+ while (recv_total < size) {
+ errno = 0;
+ if ((recv_size = recv(sock, buffer+recv_total, size-recv_total, 0)) <= 0) {
+ if (recv_size < 0) {
+ if (errno == EINTR)
+ continue;
+ LogError("Socket receive connection error: %s.", strerror(errno));
+ } else {
+ LogDebug("Socket connection closed.");
+ }
+
+ return -1;
+ }
+ recv_total += recv_size;
+ }
+
+ return recv_total;
+}
+
+int
+send_to_socket(int sock, void *buffer, int size)
+{
+ int send_size = 0, send_total = 0;
+
+ while (send_total < size) {
+ if ((send_size = send(sock, buffer+send_total, size-send_total, 0)) < 0) {
+ LogError("Socket send connection error: %s.", strerror(errno));
+ return -1;
+ }
+ send_total += send_size;
+ }
+
+ return send_total;
+}
+
+TSS_RESULT
+send_init(struct host_table_entry *hte)
+{
+ int sd = -1;
+ int recv_size;
+ BYTE *buffer;
+ TSS_RESULT result;
+
+ result = get_socket(hte, &sd);
+ if (result != TSS_SUCCESS)
+ goto err_exit;
+
+ if (send_to_socket(sd, hte->comm.buf, hte->comm.hdr.packet_size) < 0) {
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+
+ buffer = hte->comm.buf;
+ recv_size = sizeof(struct tcsd_packet_hdr);
+ if (recv_from_socket(sd, buffer, recv_size) < 0) {
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+ buffer += sizeof(struct tcsd_packet_hdr); /* increment the receive buffer pointer */
+
+ /* check the packet size */
+ recv_size = Decode_UINT32(hte->comm.buf);
+ if (recv_size < (int)sizeof(struct tcsd_packet_hdr)) {
+ LogError("Packet to receive from socket %d is too small (%d bytes)",
+ sd, recv_size);
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+
+ if (recv_size > (int) hte->comm.buf_size ) {
+ BYTE *new_buffer;
+
+ LogDebug("Increasing communication buffer to %d bytes.", recv_size);
+ new_buffer = realloc(hte->comm.buf, recv_size);
+ if (new_buffer == NULL) {
+ LogError("realloc of %d bytes failed.", recv_size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto err_exit;
+ }
+ buffer = new_buffer + sizeof(struct tcsd_packet_hdr);
+ hte->comm.buf_size = recv_size;
+ hte->comm.buf = new_buffer;
+ }
+
+ /* get the rest of the packet */
+ recv_size -= sizeof(struct tcsd_packet_hdr); /* already received the header */
+ if (recv_from_socket(sd, buffer, recv_size) < 0) {
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+
+ hte->socket = sd;
+
+ return TSS_SUCCESS;
+
+err_exit:
+ if (sd != -1)
+ close(sd);
+ return result;
+}
+
+TSS_RESULT
+tcs_sendit(struct host_table_entry *hte)
+{
+ int recv_size;
+ BYTE *buffer;
+ TSS_RESULT result;
+
+ if (send_to_socket(hte->socket, hte->comm.buf, hte->comm.hdr.packet_size) < 0) {
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+
+ buffer = hte->comm.buf;
+ recv_size = sizeof(struct tcsd_packet_hdr);
+ if ((recv_size = recv_from_socket(hte->socket, buffer, recv_size)) < 0) {
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+ buffer += recv_size; /* increment the receive buffer pointer */
+
+ /* check the packet size */
+ recv_size = Decode_UINT32(hte->comm.buf);
+ if (recv_size < (int)sizeof(struct tcsd_packet_hdr)) {
+ LogError("Packet to receive from socket %d is too small (%d bytes)",
+ hte->socket, recv_size);
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+
+ if (recv_size > (int) hte->comm.buf_size ) {
+ BYTE *new_buffer;
+
+ LogDebug("Increasing communication buffer to %d bytes.", recv_size);
+ new_buffer = realloc(hte->comm.buf, recv_size);
+ if (new_buffer == NULL) {
+ LogError("realloc of %d bytes failed.", recv_size);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto err_exit;
+ }
+ buffer = new_buffer + sizeof(struct tcsd_packet_hdr);
+ hte->comm.buf_size = recv_size;
+ hte->comm.buf = new_buffer;
+ }
+
+ /* get the rest of the packet */
+ recv_size -= sizeof(struct tcsd_packet_hdr); /* already received the header */
+ if ((recv_size = recv_from_socket(hte->socket, buffer, recv_size)) < 0) {
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto err_exit;
+ }
+
+ return TSS_SUCCESS;
+
+err_exit:
+ return result;
+}
+
+TSS_RESULT
+get_unix_socket(int *sd)
+{
+ int tmp_sd;
+ struct sockaddr_un addr;
+
+ tmp_sd = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (tmp_sd == -1) {
+ LogWarn("Failed unix socket: %s", strerror(errno));
+ goto err_exit;
+ }
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ strcpy(addr.sun_path, TCSD_UNIX_SOCKET);
+
+ if (connect(tmp_sd, (struct sockaddr*)&addr, sizeof(addr)) == -1) {
+ LogWarn("Failed unix connect: %s - %s", addr.sun_path, strerror(errno));
+ goto err_exit;
+ }
+
+ *sd = tmp_sd;
+ return TSS_SUCCESS;
+
+err_exit:
+ if (tmp_sd != -1)
+ close(tmp_sd);
+ return TSPERR(TSS_E_CONNECTION_FAILED);
+}
+
+/* TODO: Future work - remove socket creation/manipulation from RPC-specific file */
+TSS_RESULT
+get_socket(struct host_table_entry *hte, int *sd)
+{
+ char port_str[TCP_PORT_STR_MAX_LEN]; // To accomodate string 65535
+ struct addrinfo hints, *p, *res=NULL;
+ int rv;
+ TSS_RESULT result = TSS_SUCCESS;
+
+ if (strcmp((char*)hte->hostname, TSS_LOCALHOST_STRING) == 0) {
+ // If a unix socket is enabled, use it.
+ if (get_unix_socket(sd) == TSS_SUCCESS) {
+ goto exit;
+ }
+ }
+ __tspi_memset(&hints, 0, sizeof(hints));
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_flags = AI_NUMERICSERV;
+
+ __tspi_memset(&port_str, 0, sizeof(port_str));
+
+ if (get_tcsd_port(port_str) != TSS_SUCCESS) {
+ LogError("Could not retrieve TCP port information.");
+ goto exit;
+ }
+
+ LogDebug("Retrieving address information from host: %s", (char *)hte->hostname);
+ rv = getaddrinfo((char *)hte->hostname, port_str,
+ &hints, &res);
+ if (rv != 0) {
+ LogError("hostname %s does not resolve to a valid address.", hte->hostname);
+ result = TSPERR(TSS_E_CONNECTION_FAILED);
+ res = NULL;
+ goto exit;
+ }
+
+ LogWarn("Got a list of valid IPs");
+
+ for (p = res; p != NULL; p = p->ai_next) {
+
+ *sd = socket(p->ai_family, SOCK_STREAM, 0);
+ if (*sd == -1)
+ continue;
+
+ if (connect(*sd, p->ai_addr, p->ai_addrlen) != -1)
+ break; // Got a connection
+
+ LogWarn("Could not connect to machine: %s", (char*)hte->hostname);
+
+ close(*sd);
+ *sd = -1;
+ }
+
+ if (p == NULL) {
+ LogError("Could not connect to any machine in the list.");
+ result = TSPERR(TSS_E_COMM_FAILURE);
+ goto exit;
+ }
+
+exit:
+ if (res != NULL)
+ freeaddrinfo(res);
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_admin.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_admin.c
new file mode 100644
index 0000000..2134df4
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_admin.c
@@ -0,0 +1,417 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_SetOwnerInstall_TP(struct host_table_entry *hte,
+ TSS_BOOL state) /* in */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_SETOWNERINSTALL;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_BOOL, 1, &state, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+TSS_RESULT
+RPC_DisableOwnerClear_TP(struct host_table_entry *hte,
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_DISABLEOWNERCLEAR;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS ){
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_ForceClear_TP(struct host_table_entry *hte)
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 1);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_FORCECLEAR;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+TSS_RESULT
+RPC_DisableForceClear_TP(struct host_table_entry *hte)
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 1);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_DISABLEFORCECLEAR;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+TSS_RESULT
+RPC_PhysicalDisable_TP(struct host_table_entry *hte)
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 1);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_PHYSICALDISABLE;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+TSS_RESULT
+RPC_PhysicalEnable_TP(struct host_table_entry *hte)
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 1);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_PHYSICALENABLE;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+TSS_RESULT
+RPC_OwnerSetDisable_TP(struct host_table_entry *hte,
+ TSS_BOOL disableState, /* in */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 3);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_OWNERSETDISABLE;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_BOOL, 1, &disableState, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 2, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_PhysicalSetDeactivated_TP(struct host_table_entry *hte,
+ TSS_BOOL state) /* in */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_PHYSICALSETDEACTIVATED;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_BOOL, 1, &state, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+TSS_RESULT
+RPC_PhysicalPresence_TP(struct host_table_entry *hte,
+ TCPA_PHYSICAL_PRESENCE fPhysicalPresence) /* in */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_PHYSICALPRESENCE;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT16, 1, &fPhysicalPresence, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+TSS_RESULT
+RPC_SetTempDeactivated_TP(struct host_table_entry *hte)
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 1);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_SETTEMPDEACTIVATED;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+RPC_SetTempDeactivated2_TP(struct host_table_entry *hte,
+ TPM_AUTH *operatorAuth) /* in/out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_SETTEMPDEACTIVATED2;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (operatorAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, operatorAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ TPM_AUTH nullAuth;
+
+ __tspi_memset(&nullAuth, 0, sizeof(TPM_AUTH));
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, &nullAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (operatorAuth) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, operatorAuth, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+ return result;
+}
+#endif
+
+TSS_RESULT
+RPC_FieldUpgrade_TP(struct host_table_entry *hte,
+ UINT32 dataInSize, /* in */
+ BYTE * dataIn, /* in */
+ UINT32 * dataOutSize, /* out */
+ BYTE ** dataOut, /* out */
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 4);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_FIELDUPGRADE;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &dataInSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 2, dataIn, dataInSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ if (ownerAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 3, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, dataOutSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ *dataOut = (BYTE *) malloc(*dataOutSize);
+ if (*dataOut == NULL)
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 1, *dataOut, *dataOutSize, &hte->comm)) {
+ free(*dataOut);
+ *dataOut = NULL;
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ if (ownerAuth) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 2, ownerAuth, 0, &hte->comm)) {
+ free(*dataOut);
+ *dataOut = NULL;
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_SetRedirection_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 c1, /* in */
+ UINT32 c2, /* in */
+ TPM_AUTH * privAuth) /* in, out */
+{
+ return TSPERR(TSS_E_NOTIMPL);
+
+}
+
+#ifdef TSS_BUILD_TSS12
+TSS_RESULT
+RPC_ResetLockValue_TP(struct host_table_entry *hte,
+ TPM_AUTH * ownerAuth) /* in, out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_RESETLOCKVALUE;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_FlushSpecific_TP(struct host_table_entry *hte,
+ TCS_HANDLE hResHandle, /* in */
+ TPM_RESOURCE_TYPE resourceType) /* in */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 3);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_FLUSHSPECIFIC;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &hResHandle, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &resourceType, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ return result;
+}
+#endif
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_aik.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_aik.c
new file mode 100644
index 0000000..cdbd7db
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_aik.c
@@ -0,0 +1,306 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_MakeIdentity_TP(struct host_table_entry *hte,
+ TCPA_ENCAUTH identityAuth, /* in */
+ TCPA_CHOSENID_HASH IDLabel_PrivCAHash, /* in */
+ UINT32 idKeyInfoSize, /* in */
+ BYTE * idKeyInfo, /* in */
+ TPM_AUTH * pSrkAuth, /* in, out */
+ TPM_AUTH * pOwnerAuth, /* in, out */
+ UINT32 * idKeySize, /* out */
+ BYTE ** idKey, /* out */
+ UINT32 * pcIdentityBindingSize, /* out */
+ BYTE ** prgbIdentityBinding, /* out */
+ UINT32 * pcEndorsementCredentialSize, /* out */
+ BYTE ** prgbEndorsementCredential, /* out */
+ UINT32 * pcPlatformCredentialSize, /* out */
+ BYTE ** prgbPlatformCredential, /* out */
+ UINT32 * pcConformanceCredentialSize, /* out */
+ BYTE ** prgbConformanceCredential) /* out */
+{
+ TSS_RESULT result;
+ int i;
+
+ initData(&hte->comm, 7);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_MAKEIDENTITY;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ *idKey = NULL;
+ *prgbIdentityBinding = NULL;
+ *prgbEndorsementCredential = NULL;
+ *prgbPlatformCredential = NULL;
+ *prgbConformanceCredential = NULL;
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_ENCAUTH, 1, &identityAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_DIGEST, 2, &IDLabel_PrivCAHash, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 3, &idKeyInfoSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 4, idKeyInfo, idKeyInfoSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ i = 5;
+ if (pSrkAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pSrkAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ i = 0;
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ if (pSrkAuth) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, pSrkAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, pOwnerAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, idKeySize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *idKey = (BYTE *) malloc(*idKeySize);
+ if (*idKey == NULL) {
+ LogError("malloc of %u bytes failed.", *idKeySize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *idKey, *idKeySize, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcIdentityBindingSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *prgbIdentityBinding = (BYTE *) malloc(*pcIdentityBindingSize);
+ if (*prgbIdentityBinding == NULL) {
+ LogError("malloc of %u bytes failed.", *pcIdentityBindingSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbIdentityBinding, *pcIdentityBindingSize, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcEndorsementCredentialSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *prgbEndorsementCredential = (BYTE *) malloc(*pcEndorsementCredentialSize);
+ if (*prgbEndorsementCredential == NULL) {
+ LogError("malloc of %u bytes failed.", *pcEndorsementCredentialSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbEndorsementCredential, *pcEndorsementCredentialSize, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcPlatformCredentialSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *prgbPlatformCredential = (BYTE *) malloc(*pcPlatformCredentialSize);
+ if (*prgbPlatformCredential == NULL) {
+ LogError("malloc of %u bytes failed.", *pcPlatformCredentialSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbPlatformCredential, *pcPlatformCredentialSize, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, pcConformanceCredentialSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *prgbConformanceCredential = (BYTE *) malloc(*pcConformanceCredentialSize);
+ if (*prgbConformanceCredential == NULL) {
+ LogError("malloc of %u bytes failed.", *pcConformanceCredentialSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *prgbConformanceCredential, *pcConformanceCredentialSize, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+done:
+ if (result) {
+ free(*idKey);
+ *idKey = NULL;
+ free(*prgbIdentityBinding);
+ *prgbIdentityBinding = NULL;
+ free(*prgbEndorsementCredential);
+ *prgbEndorsementCredential = NULL;
+ free(*prgbPlatformCredential);
+ *prgbPlatformCredential = NULL;
+ free(*prgbConformanceCredential);
+ *prgbConformanceCredential = NULL;
+ }
+ return result;
+}
+
+TSS_RESULT
+RPC_GetCredential_TP(struct host_table_entry *hte,
+ UINT32 ulCredentialType, /* in */
+ UINT32 ulCredentialAccessMode, /* in */
+ UINT32 * pulCredentialSize, /* out */
+ BYTE ** prgbCredentialData) /* out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 3);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_GETCREDENTIAL;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &ulCredentialType, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &ulCredentialAccessMode, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, pulCredentialSize, 0, &hte->comm)) {
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ *prgbCredentialData = (BYTE *) malloc(*pulCredentialSize);
+ if (*prgbCredentialData == NULL) {
+ LogError("malloc of %u bytes failed.", *pulCredentialSize);
+ return TSPERR(TSS_E_OUTOFMEMORY);
+ }
+
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 1, *prgbCredentialData,
+ *pulCredentialSize, &hte->comm)) {
+ free(*prgbCredentialData);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+ return result;
+}
+
+TSS_RESULT
+RPC_ActivateTPMIdentity_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE idKey, /* in */
+ UINT32 blobSize, /* in */
+ BYTE * blob, /* in */
+ TPM_AUTH * idKeyAuth, /* in, out */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * SymmetricKeySize, /* out */
+ BYTE ** SymmetricKey) /* out */
+{
+ TSS_RESULT result;
+ int i = 0;
+
+ initData(&hte->comm, 6);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_ACTIVATETPMIDENTITY;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ *SymmetricKey = NULL;
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &idKey, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, i++, &blobSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, i++, blob, blobSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ if (idKeyAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, idKeyAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (setData(TCSD_PACKET_TYPE_AUTH, i++, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ if (idKeyAuth) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, idKeyAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, ownerAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, SymmetricKeySize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *SymmetricKey = malloc(*SymmetricKeySize);
+ if (*SymmetricKey == NULL) {
+ LogError("malloc of %u bytes failed.", *SymmetricKeySize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *SymmetricKey, *SymmetricKeySize, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+done:
+ if (result) {
+ free(*SymmetricKey);
+ *SymmetricKey = NULL;
+ }
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_audit.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_audit.c
new file mode 100644
index 0000000..5b828f4
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_audit.c
@@ -0,0 +1,241 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2007
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_SetOrdinalAuditStatus_TP(struct host_table_entry *hte,
+ TPM_AUTH *ownerAuth, /* in/out */
+ UINT32 ulOrdinal, /* in */
+ TSS_BOOL bAuditState) /* in */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 4);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_SETORDINALAUDITSTATUS;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &ulOrdinal, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_BOOL, 2, &bAuditState, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 3, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_GetAuditDigest_TP(struct host_table_entry *hte,
+ UINT32 startOrdinal, /* in */
+ TPM_DIGEST *auditDigest, /* out */
+ UINT32 *counterValueSize, /* out */
+ BYTE **counterValue, /* out */
+ TSS_BOOL *more, /* out */
+ UINT32 *ordSize, /* out */
+ UINT32 **ordList) /* out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_GETAUDITDIGEST;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &startOrdinal, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_DIGEST, 0, auditDigest, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, counterValueSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ *counterValue = (BYTE *)malloc(*counterValueSize);
+ if (*counterValue == NULL) {
+ LogError("malloc of %u bytes failed.", *counterValueSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 2, *counterValue, *counterValueSize, &hte->comm)) {
+ free(*counterValue);
+ *counterValue = NULL;
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_BOOL, 3, more, 0, &hte->comm)) {
+ free(*counterValue);
+ *counterValue = NULL;
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, 4, ordSize, 0, &hte->comm)) {
+ free(*counterValue);
+ *counterValue = NULL;
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ *ordList = (UINT32 *)malloc(*ordSize * sizeof(UINT32));
+ if (*ordList == NULL) {
+ LogError("malloc of %u bytes failed.", *ordSize);
+ free(*counterValue);
+ *counterValue = NULL;
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 5, *ordList, *ordSize * sizeof(UINT32), &hte->comm)) {
+ free(*counterValue);
+ *counterValue = NULL;
+ free(*ordList);
+ *ordList = NULL;
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+
+done:
+ return result;
+}
+
+TSS_RESULT
+RPC_GetAuditDigestSigned_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TSS_BOOL closeAudit, /* in */
+ TPM_NONCE *antiReplay, /* in */
+ TPM_AUTH *privAuth, /* in/out */
+ UINT32 *counterValueSize, /* out */
+ BYTE **counterValue, /* out */
+ TPM_DIGEST *auditDigest, /* out */
+ TPM_DIGEST *ordinalDigest, /* out */
+ UINT32 *sigSize, /* out */
+ BYTE **sig) /* out */
+{
+ TSS_RESULT result;
+ TPM_AUTH null_auth;
+ int i;
+
+ initData(&hte->comm, 5);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_GETAUDITDIGESTSIGNED;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ __tspi_memset(&null_auth, 0, sizeof(TPM_AUTH));
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &keyHandle, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_BOOL, 2, &closeAudit, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_NONCE, 3, antiReplay, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (privAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 4, privAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ else {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 4, &null_auth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ if (privAuth) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, privAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, counterValueSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ *counterValue = (BYTE *)malloc(*counterValueSize);
+ if (*counterValue == NULL) {
+ LogError("malloc of %u bytes failed.", *counterValueSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *counterValue, *counterValueSize, &hte->comm)) {
+ free(*counterValue);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_DIGEST, i++, auditDigest, 0, &hte->comm)) {
+ free(*counterValue);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_DIGEST, i++, ordinalDigest, 0, &hte->comm)) {
+ free(*counterValue);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, sigSize, 0, &hte->comm)) {
+ free(*counterValue);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ *sig = (BYTE *)malloc(*sigSize);
+ if (*sig == NULL) {
+ LogError("malloc of %u bytes failed.", *sigSize);
+ free(*counterValue);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *sig, *sigSize, &hte->comm)) {
+ free(*counterValue);
+ free(*sig);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+
+done:
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_auth.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_auth.c
new file mode 100644
index 0000000..266d485
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_auth.c
@@ -0,0 +1,96 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_OIAP_TP(struct host_table_entry *hte,
+ TCS_AUTHHANDLE * authHandle, /* out */
+ TCPA_NONCE * nonce0 /* out */
+ ) {
+ TSS_RESULT result;
+
+ initData(&hte->comm, 1);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_OIAP;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, authHandle, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 1, nonce0, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_OSAP_TP(struct host_table_entry *hte,
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 entityValue, /* in */
+ TCPA_NONCE * nonceOddOSAP, /* in */
+ TCS_AUTHHANDLE * authHandle, /* out */
+ TCPA_NONCE * nonceEven, /* out */
+ TCPA_NONCE * nonceEvenOSAP /* out */
+ ) {
+ TSS_RESULT result;
+
+ initData(&hte->comm, 4);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_OSAP;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT16, 1, &entityType, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &entityValue, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_NONCE, 3, nonceOddOSAP, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, authHandle, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 1, nonceEven, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_NONCE, 2, nonceEvenOSAP, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_bind.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_bind.c
new file mode 100644
index 0000000..d933117
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_bind.c
@@ -0,0 +1,94 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_UnBind_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE keyHandle, /* in */
+ UINT32 inDataSize, /* in */
+ BYTE * inData, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ ) {
+ TSS_RESULT result;
+ int i;
+
+ initData(&hte->comm, 5);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_UNBIND;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ *outData = NULL;
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &keyHandle, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &inDataSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 3, inData, inDataSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ if (privAuth != NULL) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 4, privAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ if (privAuth != NULL) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, privAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, outDataSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *outData = (BYTE *) malloc(*outDataSize);
+ if (*outData == NULL) {
+ LogError("malloc of %u bytes failed.", *outDataSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *outData, *outDataSize, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+done:
+ if (result) {
+ free(*outData);
+ *outData = NULL;
+ }
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_caps.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_caps.c
new file mode 100644
index 0000000..b626c55
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_caps.c
@@ -0,0 +1,76 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_GetCapability_TP(struct host_table_entry *hte,
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp) /* out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 4);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_TCSGETCAPABILITY;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, respSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *resp = (BYTE *) calloc_tspi(hte->tspContext, *respSize);
+ if (*resp == NULL) {
+ LogError("malloc of %u bytes failed.", *respSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 1, *resp, *respSize, &hte->comm)) {
+ free_tspi(hte->tspContext, *resp);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+done:
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_caps_tpm.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_caps_tpm.c
new file mode 100644
index 0000000..107c706
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_caps_tpm.c
@@ -0,0 +1,179 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_GetTPMCapability_TP(struct host_table_entry *hte,
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 * respSize, /* out */
+ BYTE ** resp) /* out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 4);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_GETCAPABILITY;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ *resp = NULL;
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_UINT32, 0, respSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *resp = (BYTE *) malloc(*respSize);
+ if (*resp == NULL) {
+ LogError("malloc of %u bytes failed.", *respSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 1, *resp, *respSize, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+done:
+ if (result) {
+ free(*resp);
+ *resp = NULL;
+ }
+ return result;
+}
+
+TSS_RESULT
+RPC_GetCapabilitySigned_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ TPM_AUTH * privAuth, /* in, out */
+ TCPA_VERSION * Version, /* out */
+ UINT32 * respSize, /* out */
+ BYTE ** resp, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig) /* out */
+{
+ return TSPERR(TSS_E_NOTIMPL);
+}
+
+TSS_RESULT
+RPC_GetCapabilityOwner_TP(struct host_table_entry *hte,
+ TPM_AUTH * pOwnerAuth, /* out */
+ TCPA_VERSION * pVersion, /* out */
+ UINT32 * pNonVolatileFlags, /* out */
+ UINT32 * pVolatileFlags) /* out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 2);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_GETCAPABILITYOWNER;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 1, pOwnerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_VERSION, 0, pVersion, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 1, pNonVolatileFlags, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, pVolatileFlags, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (getData(TCSD_PACKET_TYPE_AUTH, 3, pOwnerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_SetCapability_TP(struct host_table_entry *hte,
+ TCPA_CAPABILITY_AREA capArea, /* in */
+ UINT32 subCapSize, /* in */
+ BYTE * subCap, /* in */
+ UINT32 valueSize, /* in */
+ BYTE * value, /* in */
+ TPM_AUTH * pOwnerAuth) /* in, out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 7);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_SETCAPABILITY;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &capArea, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &subCapSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 3, subCap, subCapSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 4, &valueSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 5, value, valueSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (pOwnerAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 6, pOwnerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, pOwnerAuth, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_certify.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_certify.c
new file mode 100644
index 0000000..3c9a0c8
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_certify.c
@@ -0,0 +1,131 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_CertifyKey_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE certHandle, /* in */
+ TCS_KEY_HANDLE keyHandle, /* in */
+ TPM_NONCE * antiReplay, /* in */
+ TPM_AUTH * certAuth, /* in, out */
+ TPM_AUTH * keyAuth, /* in, out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData /* out */
+ ) {
+ TSS_RESULT result;
+ TPM_AUTH null_auth;
+ int i;
+
+ initData(&hte->comm, 6);
+ __tspi_memset(&null_auth, 0, sizeof(TPM_AUTH));
+
+ hte->comm.hdr.u.ordinal = TCSD_ORD_CERTIFYKEY;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &certHandle, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 2, &keyHandle, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_NONCE, 3, antiReplay, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (certAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 4, certAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 4, &null_auth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ if (keyAuth) {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 5, keyAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ } else {
+ if (setData(TCSD_PACKET_TYPE_AUTH, 5, &null_auth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ i = 0;
+ if (certAuth) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, certAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+ if (keyAuth) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, i++, keyAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, CertifyInfoSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *CertifyInfo = (BYTE *) malloc(*CertifyInfoSize);
+ if (*CertifyInfo == NULL) {
+ LogError("malloc of %u bytes failed.", *CertifyInfoSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *CertifyInfo, *CertifyInfoSize, &hte->comm)) {
+ free(*CertifyInfo);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, i++, outDataSize, 0, &hte->comm)) {
+ free(*CertifyInfo);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *outData = (BYTE *) malloc(*outDataSize);
+ if (*outData == NULL) {
+ LogError("malloc of %u bytes failed.", *outDataSize);
+ free(*CertifyInfo);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, i++, *outData, *outDataSize, &hte->comm)) {
+ free(*CertifyInfo);
+ free(*outData);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ }
+
+done:
+ return result;
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_changeauth.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_changeauth.c
new file mode 100644
index 0000000..b4c3d87
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_changeauth.c
@@ -0,0 +1,173 @@
+
+/*
+ * Licensed Materials - Property of IBM
+ *
+ * trousers - An open source TCG Software Stack
+ *
+ * (C) Copyright International Business Machines Corp. 2004-2006
+ *
+ */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+
+#include "trousers/tss.h"
+#include "trousers/trousers.h"
+#include "trousers_types.h"
+#include "spi_utils.h"
+#include "capabilities.h"
+#include "tsplog.h"
+#include "hosttable.h"
+#include "tcsd_wrap.h"
+#include "obj.h"
+#include "rpc_tcstp_tsp.h"
+
+
+TSS_RESULT
+RPC_ChangeAuth_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH *newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ UINT32 encDataSize, /* in */
+ BYTE * encData, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ TPM_AUTH * entityAuth, /* in, out */
+ UINT32 * outDataSize, /* out */
+ BYTE ** outData) /* out */
+{
+ TSS_RESULT result;
+
+ initData(&hte->comm, 9);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_CHANGEAUTH;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 1, &parentHandle, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT16, 2, &protocolID, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_ENCAUTH, 3, newAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT16, 4, &entityType, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT32, 5, &encDataSize, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_PBYTE, 6, encData, encDataSize, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 7, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 8, entityAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_AUTH, 1, entityAuth, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_UINT32, 2, outDataSize, 0, &hte->comm)) {
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ goto done;
+ }
+
+ *outData = (BYTE *) malloc(*outDataSize);
+ if (*outData == NULL) {
+ LogError("malloc of %u bytes failed.", *outDataSize);
+ result = TSPERR(TSS_E_OUTOFMEMORY);
+ goto done;
+ }
+ if (getData(TCSD_PACKET_TYPE_PBYTE, 3, *outData, *outDataSize, &hte->comm)) {
+ free(*outData);
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+ }
+
+done:
+ return result;
+}
+
+TSS_RESULT
+RPC_ChangeAuthOwner_TP(struct host_table_entry *hte,
+ TCPA_PROTOCOL_ID protocolID, /* in */
+ TCPA_ENCAUTH *newAuth, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TPM_AUTH * ownerAuth /* in, out */
+ ) {
+ TSS_RESULT result;
+
+ initData(&hte->comm, 5);
+ hte->comm.hdr.u.ordinal = TCSD_ORD_CHANGEAUTHOWNER;
+ LogDebugFn("TCS Context: 0x%x", hte->tcsContext);
+
+ if (setData(TCSD_PACKET_TYPE_UINT32, 0, &hte->tcsContext, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT16, 1, &protocolID, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_ENCAUTH, 2, newAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_UINT16, 3, &entityType, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+ if (setData(TCSD_PACKET_TYPE_AUTH, 4, ownerAuth, 0, &hte->comm))
+ return TSPERR(TSS_E_INTERNAL_ERROR);
+
+ result = sendTCSDPacket(hte);
+
+ if (result == TSS_SUCCESS)
+ result = hte->comm.hdr.u.result;
+
+ if (hte->comm.hdr.u.result == TSS_SUCCESS) {
+ if (getData(TCSD_PACKET_TYPE_AUTH, 0, ownerAuth, 0, &hte->comm))
+ result = TSPERR(TSS_E_INTERNAL_ERROR);
+ }
+
+ return result;
+}
+
+TSS_RESULT
+RPC_ChangeAuthAsymStart_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE idHandle, /* in */
+ TCPA_NONCE antiReplay, /* in */
+ UINT32 KeySizeIn, /* in */
+ BYTE * KeyDataIn, /* in */
+ TPM_AUTH * pAuth, /* in, out */
+ UINT32 * KeySizeOut, /* out */
+ BYTE ** KeyDataOut, /* out */
+ UINT32 * CertifyInfoSize, /* out */
+ BYTE ** CertifyInfo, /* out */
+ UINT32 * sigSize, /* out */
+ BYTE ** sig, /* out */
+ TCS_KEY_HANDLE * ephHandle /* out */
+ ) {
+ return TSPERR(TSS_E_NOTIMPL);
+}
+
+TSS_RESULT
+RPC_ChangeAuthAsymFinish_TP(struct host_table_entry *hte,
+ TCS_KEY_HANDLE parentHandle, /* in */
+ TCS_KEY_HANDLE ephHandle, /* in */
+ TCPA_ENTITY_TYPE entityType, /* in */
+ TCPA_HMAC newAuthLink, /* in */
+ UINT32 newAuthSize, /* in */
+ BYTE * encNewAuth, /* in */
+ UINT32 encDataSizeIn, /* in */
+ BYTE * encDataIn, /* in */
+ TPM_AUTH * ownerAuth, /* in, out */
+ UINT32 * encDataSizeOut, /* out */
+ BYTE ** encDataOut, /* out */
+ TCPA_SALT_NONCE * saltNonce, /* out */
+ TCPA_DIGEST * changeProof /* out */
+ ) {
+ return TSPERR(TSS_E_NOTIMPL);
+}
diff --git a/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_cmk.c b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_cmk.c
new file mode 100644
index 0000000..0f3b7e2
--- /dev/null
+++ b/chroot/build/arm-generic/tmp/portage/app-crypt/trousers-0.3.3-r121/work/trousers-0.3.3/src/tspi/rpc/tcstp/rpc_cmk.c
@@ -0,0 +1,430 @@
