static TPM_RESULT execute_TPM_OSAP(TPM_REQUEST *req, TPM_RESPONSE *rsp)
{
BYTE *ptr;
UINT32 len;
TPM_ENTITY_TYPE entityType;
UINT32 entityValue;
TPM_NONCE nonceOddOSAP;
TPM_AUTHHANDLE authHandle;
TPM_NONCE nonceEven;
TPM_NONCE nonceEvenOSAP;
TPM_RESULT res;
/* unmarshal input */
ptr = req->param;
len = req->paramSize;
if (tpm_unmarshal_TPM_ENTITY_TYPE(&ptr, &len, &entityType)
|| tpm_unmarshal_UINT32(&ptr, &len, &entityValue)
|| tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonceOddOSAP)
|| len != 0) return TPM_BAD_PARAMETER;
/* execute command */
res = TPM_OSAP(entityType, entityValue, &nonceOddOSAP, &authHandle,
&nonceEven, &nonceEvenOSAP);
if (res != TPM_SUCCESS) return res;
/* marshal output */
rsp->paramSize = len = 4 + 20 + 20;
rsp->param = ptr = malloc(len);
if (ptr == NULL
|| tpm_marshal_TPM_AUTHHANDLE(&ptr, &len, authHandle)
|| tpm_marshal_TPM_NONCE(&ptr, &len, &nonceEven)
|| tpm_marshal_TPM_NONCE(&ptr, &len, &nonceEvenOSAP)) {
free(rsp->param);
res = TPM_FAIL;
}
return res;
}
int TPM_disk_seal(struct disk_seal_entry *dst, const void* src, size_t size)
{
uint32_t rc;
uint32_t infoSize;
TPM_PCR_INFO_LONG info;
TPM_STORED_DATA12 out;
TPM_AUTH_SESSION osap = TPM_AUTH_SESSION_INIT;
TPM_AUTHDATA sharedsecret;
TPM_AUTHDATA auth;
printk("Calling TPM_disk_seal\n");
rc = TPM_OSAP(TPM_ET_KEYHANDLE, TPM_SRK_KEYHANDLE, (void*)&vtpm_globals.srk_auth,
&sharedsecret, &osap);
if (rc) abort();
#ifdef DEBUG_SEAL_OPS
int i;
printk("to-seal:");
for(i=0; i < size; i++)
printk(" %02x", ((uint8_t*)src)[i]);
printk("\n");
#endif
memset(auth, 0, 20);
info.tag = TPM_TAG_PCR_INFO_LONG;
info.localityAtCreation = 1 << vtpm_globals.hw_locality;
info.localityAtRelease = 1 << vtpm_globals.hw_locality;
info.creationPCRSelection.sizeOfSelect = 3;
info.creationPCRSelection.pcrSelect = (void*)&dst->pcr_selection;
info.releasePCRSelection.sizeOfSelect = 3;
info.releasePCRSelection.pcrSelect = (void*)&dst->pcr_selection;
memcpy(&info.digestAtCreation, &dst->digest_at_seal, 20);
memcpy(&info.digestAtRelease, &dst->digest_release, 20);
infoSize = 2 + 1 + 1 + 2 + 3 + 2 + 3 + 20 + 20;
//infoSize = sizeof_TPM_PCR_INFO_LONG(&info);
rc = TPM_Seal(TPM_SRK_KEYHANDLE, infoSize, &info, size, src, &out,
(void*)&sharedsecret, (void*)&auth, &osap);
TPM_TerminateHandle(osap.AuthHandle);
#ifdef DEBUG_SEAL_OPS
printk("TPM_Seal rc=%d encDataSize=%d sealInfoSize=%d\n", rc, out.encDataSize, out.sealInfoLongSize);
#endif
if (!rc)
memcpy(dst->sealed_data, out.encData, 256);
#ifdef DEBUG_SEAL_OPS
uint8_t buf[512];
uint8_t *start = buf;
uint8_t *end = pack_TPM_STORED_DATA12(buf, &out);
printk("stored_data:");
while (start != end) {
printk(" %02x", *start);
start++;
}
printk("\n");
#endif
free_TPM_STORED_DATA12(&out);
return rc;
}
