Thanks! -- Rajiv Andrade Security Development IBM Linux Technology Center
On Tue, 14 Feb 2012, Roberto Sassu wrote: > Hi Rajiv > > ok, i will implement the multiplexing directly in the function > TCSP_LoadKeyByUUID_Internal(). I will send the new patch tomorrow. > > Regards > > Roberto Sassu > > > On 02/14/2012 04:04 PM, Rajiv Andrade wrote: > > Thanks for the patch Roberto, comments below: > > > > On Wed, 07 Dec 2011, Roberto Sassu wrote: > > > >> This function has been added to support loading keys by UUID for the > >> TPM v1.2. > >> > >> Signed-off-by: Roberto Sassu<[email protected]> > >> --- > >> src/include/tcs_utils.h | 7 ++++++ > >> src/tcs/tcs_key_mem_cache.c | 10 ++++++++- > >> src/tcs/tcs_ps.c | 5 +++- > >> src/tcs/tcsi_ps.c | 47 > >> +++++++++++++++++++++++++++++++----------- > >> 4 files changed, 54 insertions(+), 15 deletions(-) > >> > >> diff --git a/src/include/tcs_utils.h b/src/include/tcs_utils.h > >> index 71cf3f7..43a7786 100644 > >> --- a/src/include/tcs_utils.h > >> +++ b/src/include/tcs_utils.h > >> @@ -278,6 +278,7 @@ TSS_RESULT load_key_init(TPM_COMMAND_CODE, > >> TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, U > >> TSS_RESULT load_key_final(TCS_CONTEXT_HANDLE, TCS_KEY_HANDLE, > >> TCS_KEY_HANDLE *, BYTE *, TPM_KEY_HANDLE); > >> TSS_RESULT > >> LoadKeyByBlob_Internal(UINT32,TCS_CONTEXT_HANDLE,TCS_KEY_HANDLE,UINT32,BYTE > >> *,TPM_AUTH *, > >> TCS_KEY_HANDLE *,TCS_KEY_HANDLE *); > >> +TSS_RESULT LoadKeyByUUID_Internal(UINT32 ord,TCS_CONTEXT_HANDLE,TSS_UUID > >> *,TCS_LOADKEY_INFO *,TCS_KEY_HANDLE *); > >> TSS_RESULT TSC_PhysicalPresence_Internal(UINT16 physPres); > >> TSS_RESULT TCSP_FlushSpecific_Common(UINT32, TPM_RESOURCE_TYPE); > >> > >> @@ -378,6 +379,12 @@ TSS_RESULT TCSP_FlushSpecific_Common(UINT32, > >> TPM_RESOURCE_TYPE); > >> TCS_KEY_HANDLE * phKeyTCSI > >> /* out */ > >> ); > >> > >> + TSS_RESULT TCSP_LoadKey2ByUUID_Internal(TCS_CONTEXT_HANDLE hContext, > >> /* in */ > >> + TSS_UUID *KeyUUID, /* in */ > >> + TCS_LOADKEY_INFO * > >> pLoadKeyInfo, /* in, out */ > >> + TCS_KEY_HANDLE * phKeyTCSI > >> /* out */ > >> + ); > >> + > >> TSS_RESULT TCSP_EvictKey_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ > >> TCS_KEY_HANDLE hKey /* in */ > >> ); > >> diff --git a/src/tcs/tcs_key_mem_cache.c b/src/tcs/tcs_key_mem_cache.c > >> index a44278e..e9d875c 100644 > >> --- a/src/tcs/tcs_key_mem_cache.c > >> +++ b/src/tcs/tcs_key_mem_cache.c > >> @@ -1043,7 +1043,15 @@ LoadKeyShim(TCS_CONTEXT_HANDLE hContext, > >> TCPA_STORE_PUBKEY *pubKey, > >> if ((result = ps_get_uuid_by_pub(pubKey,&uuid))) > >> return result; > >> > >> - if ((result = TCSP_LoadKeyByUUID_Internal(hContext, uuid, > >> NULL,&tcsKeyHandle))) { > >> + if (TPM_VERSION_IS(1,2)) > >> + result = TCSP_LoadKey2ByUUID_Internal(hContext, uuid, > >> + NULL, > >> + &tcsKeyHandle); > >> + else > >> + result = TCSP_LoadKeyByUUID_Internal(hContext, uuid, > >> + NULL, > >> + &tcsKeyHandle); > >> + if (result) { > >> free(uuid); > >> return result; > >> } > >> diff --git a/src/tcs/tcs_ps.c b/src/tcs/tcs_ps.c > >> index cd3d0c3..3918024 100644 > >> --- a/src/tcs/tcs_ps.c > >> +++ b/src/tcs/tcs_ps.c > >> @@ -164,7 +164,10 @@ key_mgr_load_by_uuid(TCS_CONTEXT_HANDLE hContext, > >> > >> MUTEX_LOCK(mem_cache_lock); > >> > >> - result = TCSP_LoadKeyByUUID_Internal(hContext, uuid, pInfo, phKeyTCSI); > >> + if (TPM_VERSION_IS(1,2)) > >> + result = TCSP_LoadKey2ByUUID_Internal(hContext, uuid, pInfo, > >> phKeyTCSI); > >> + else > >> + result = TCSP_LoadKeyByUUID_Internal(hContext, uuid, pInfo, > >> phKeyTCSI); > >> > >> LogDebug("Key %s loaded by UUID w/ TCS handle: 0x%x", > >> result ? "NOT" : "successfully", result ? 0 : *phKeyTCSI); > >> diff --git a/src/tcs/tcsi_ps.c b/src/tcs/tcsi_ps.c > >> index e1fd4f3..b922be0 100644 > >> --- a/src/tcs/tcsi_ps.c > >> +++ b/src/tcs/tcsi_ps.c > >> @@ -500,6 +500,27 @@ TCSP_LoadKeyByUUID_Internal(TCS_CONTEXT_HANDLE > >> hContext, /* in */ > >> TCS_LOADKEY_INFO * pLoadKeyInfo, /* in, out */ > >> TCS_KEY_HANDLE * phKeyTCSI) /* out */ > >> { > >> + return LoadKeyByUUID_Internal(TPM_ORD_LoadKey, hContext, KeyUUID, > >> + pLoadKeyInfo, phKeyTCSI); > >> +} > >> + > >> +TSS_RESULT > >> +TCSP_LoadKey2ByUUID_Internal(TCS_CONTEXT_HANDLE hContext, /* in */ > >> + TSS_UUID *KeyUUID, /* in */ > >> + TCS_LOADKEY_INFO * pLoadKeyInfo, /* in, out */ > >> + TCS_KEY_HANDLE * phKeyTCSI) /* out */ > >> +{ > >> + return LoadKeyByUUID_Internal(TPM_ORD_LoadKey2, hContext, KeyUUID, > >> + pLoadKeyInfo, phKeyTCSI); > >> +} > >> + > >> +TSS_RESULT > >> +LoadKeyByUUID_Internal(UINT32 ord, /* The ordinal to use, LoadKey or > >> LoadKey2 */ > >> + TCS_CONTEXT_HANDLE hContext, /* in */ > >> + TSS_UUID *KeyUUID, /* in */ > >> + TCS_LOADKEY_INFO * pLoadKeyInfo, /* in, out */ > >> + TCS_KEY_HANDLE * phKeyTCSI) /* out */ > >> +{ > >> UINT32 keyslot = 0, keySize; > >> TSS_RESULT result; > >> TSS_UUID parentUuid; > >> @@ -525,10 +546,10 @@ TCSP_LoadKeyByUUID_Internal(TCS_CONTEXT_HANDLE > >> hContext, /* in */ > >> &keyslot)) > >> return TCSERR(TCS_E_KM_LOADFAILED); > >> > >> - return TCSP_LoadKeyByBlob_Internal(hContext, parentTCSKeyHandle, > >> - blobSize, keyBlob, > >> - &pLoadKeyInfo->authData, > >> - phKeyTCSI,&keyslot); > >> + return LoadKeyByBlob_Internal(ord, hContext, parentTCSKeyHandle, > >> + blobSize, keyBlob, > >> + &pLoadKeyInfo->authData, > >> + phKeyTCSI,&keyslot); > >> } > >> > > > > It seems you followed the TCSP_LoadKey{2}ByBlob_Internal rationale, > > which is good, but we should really multiplex the 1.1 and 1.2 ordinals > > in the functions that handles it before sending to the TPM, and that's > > not the case for TCSP_LoadKeyByUUID_Internal, not to mention that > > TCSP_LoadKey2ByUUID isn't defined in the TSS spec. I'd just call > > TPM_VERSION_IS(1,2) > > here and multiplex between TCSP_LoadKeyByBlob_Internal or > > TCSP_LoadKey2ByBlob_Internal, > > without the need to add another 1.1/1.2 multiplexing layer. > > > >> /* if KeyUUID is already loaded, increment the ref count and return */ > >> @@ -557,20 +578,20 @@ TCSP_LoadKeyByUUID_Internal(TCS_CONTEXT_HANDLE > >> hContext, /* in */ > >> if ((result = getParentUUIDByUUID(KeyUUID,&parentUuid))) > >> return TCSERR(TCS_E_KM_LOADFAILED); > >> > >> - if ((result = TCSP_LoadKeyByUUID_Internal(hContext,&parentUuid, > >> - > >> pLoadKeyInfo,&parentTCSKeyHandle))) > >> + if ((result = LoadKeyByUUID_Internal(ord, hContext,&parentUuid, > >> + pLoadKeyInfo,&parentTCSKeyHandle))) > >> return result; > >> > >> - LogDebugFn("calling TCSP_LoadKeyByBlob_Internal"); > >> + LogDebugFn("calling LoadKeyByBlob_Internal"); > >> /******************************************************* > >> * If no errors have happend up till now, then the parent is loaded and > >> ready for use. > >> * The parent's TCS Handle should be in parentTCSKeyHandle. > >> ******************************************************/ > >> - if ((result = TCSP_LoadKeyByBlob_Internal(hContext, parentTCSKeyHandle, > >> - keySize, keyBlob, > >> - NULL, > >> - phKeyTCSI,&keyslot))) { > >> - LogDebugFn("TCSP_LoadKeyByBlob_Internal returned 0x%x", result); > >> + if ((result = LoadKeyByBlob_Internal(ord, hContext, parentTCSKeyHandle, > >> + keySize, keyBlob, > >> + NULL, > >> + phKeyTCSI,&keyslot))) { > >> + LogDebugFn("LoadKeyByBlob_Internal returned 0x%x", result); > >> if (result == TCPA_E_AUTHFAIL&& pLoadKeyInfo) { > >> BYTE blob[1000]; > >> > >> @@ -580,7 +601,7 @@ TCSP_LoadKeyByUUID_Internal(TCS_CONTEXT_HANDLE > >> hContext, /* in */ > >> > >> /* calculate the paramDigest */ > >> offset = 0; > >> - LoadBlob_UINT32(&offset, TPM_ORD_LoadKey, blob); > >> + LoadBlob_UINT32(&offset, ord, blob); > > > > TPM_VERSION_IS(1,2) here too. > > > >> LoadBlob(&offset, keySize, blob, keyBlob); > >> if (Hash(TSS_HASH_SHA1, offset, blob, > >> (BYTE *)&pLoadKeyInfo->paramDigest.digest)) > >> -- > >> 1.7.6.4 > >> > > > > > > > ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
