static TPM_RESULT execute_TPM_OSAP(TPM_REQUEST *req, TPM_RESPONSE *rsp) { BYTE *ptr; UINT32 len; TPM_ENTITY_TYPE entityType; UINT32 entityValue; TPM_NONCE nonceOddOSAP; TPM_AUTHHANDLE authHandle; TPM_NONCE nonceEven; TPM_NONCE nonceEvenOSAP; TPM_RESULT res; /* unmarshal input */ ptr = req->param; len = req->paramSize; if (tpm_unmarshal_TPM_ENTITY_TYPE(&ptr, &len, &entityType) || tpm_unmarshal_UINT32(&ptr, &len, &entityValue) || tpm_unmarshal_TPM_NONCE(&ptr, &len, &nonceOddOSAP) || len != 0) return TPM_BAD_PARAMETER; /* execute command */ res = TPM_OSAP(entityType, entityValue, &nonceOddOSAP, &authHandle, &nonceEven, &nonceEvenOSAP); if (res != TPM_SUCCESS) return res; /* marshal output */ rsp->paramSize = len = 4 + 20 + 20; rsp->param = ptr = malloc(len); if (ptr == NULL || tpm_marshal_TPM_AUTHHANDLE(&ptr, &len, authHandle) || tpm_marshal_TPM_NONCE(&ptr, &len, &nonceEven) || tpm_marshal_TPM_NONCE(&ptr, &len, &nonceEvenOSAP)) { free(rsp->param); res = TPM_FAIL; } return res; }
int TPM_disk_seal(struct disk_seal_entry *dst, const void* src, size_t size) { uint32_t rc; uint32_t infoSize; TPM_PCR_INFO_LONG info; TPM_STORED_DATA12 out; TPM_AUTH_SESSION osap = TPM_AUTH_SESSION_INIT; TPM_AUTHDATA sharedsecret; TPM_AUTHDATA auth; printk("Calling TPM_disk_seal\n"); rc = TPM_OSAP(TPM_ET_KEYHANDLE, TPM_SRK_KEYHANDLE, (void*)&vtpm_globals.srk_auth, &sharedsecret, &osap); if (rc) abort(); #ifdef DEBUG_SEAL_OPS int i; printk("to-seal:"); for(i=0; i < size; i++) printk(" %02x", ((uint8_t*)src)[i]); printk("\n"); #endif memset(auth, 0, 20); info.tag = TPM_TAG_PCR_INFO_LONG; info.localityAtCreation = 1 << vtpm_globals.hw_locality; info.localityAtRelease = 1 << vtpm_globals.hw_locality; info.creationPCRSelection.sizeOfSelect = 3; info.creationPCRSelection.pcrSelect = (void*)&dst->pcr_selection; info.releasePCRSelection.sizeOfSelect = 3; info.releasePCRSelection.pcrSelect = (void*)&dst->pcr_selection; memcpy(&info.digestAtCreation, &dst->digest_at_seal, 20); memcpy(&info.digestAtRelease, &dst->digest_release, 20); infoSize = 2 + 1 + 1 + 2 + 3 + 2 + 3 + 20 + 20; //infoSize = sizeof_TPM_PCR_INFO_LONG(&info); rc = TPM_Seal(TPM_SRK_KEYHANDLE, infoSize, &info, size, src, &out, (void*)&sharedsecret, (void*)&auth, &osap); TPM_TerminateHandle(osap.AuthHandle); #ifdef DEBUG_SEAL_OPS printk("TPM_Seal rc=%d encDataSize=%d sealInfoSize=%d\n", rc, out.encDataSize, out.sealInfoLongSize); #endif if (!rc) memcpy(dst->sealed_data, out.encData, 256); #ifdef DEBUG_SEAL_OPS uint8_t buf[512]; uint8_t *start = buf; uint8_t *end = pack_TPM_STORED_DATA12(buf, &out); printk("stored_data:"); while (start != end) { printk(" %02x", *start); start++; } printk("\n"); #endif free_TPM_STORED_DATA12(&out); return rc; }