diff options
| author | Grant Likely <grant.likely@secretlab.ca> | 2011-02-13 01:53:34 -0500 |
|---|---|---|
| committer | Grant Likely <grant.likely@secretlab.ca> | 2011-02-13 01:53:34 -0500 |
| commit | c170093d31bd4e3bc51881cc0f123beeca7872c9 (patch) | |
| tree | d93cd280d525dd339f33be010c75b7fd0bacd690 /security/keys/trusted_defined.c | |
| parent | 557218e2d662574bc58d840fe116c7fd8d57aed8 (diff) | |
| parent | 78bba987bc025a7263248501b453476e77b93331 (diff) | |
Merge branch 'devicetree/merge' into spi/merge
Diffstat (limited to 'security/keys/trusted_defined.c')
| -rw-r--r-- | security/keys/trusted_defined.c | 51 |
1 files changed, 28 insertions, 23 deletions
diff --git a/security/keys/trusted_defined.c b/security/keys/trusted_defined.c index 975e9f29a52c..2836c6dc18a3 100644 --- a/security/keys/trusted_defined.c +++ b/security/keys/trusted_defined.c | |||
| @@ -101,11 +101,13 @@ static int TSS_rawhmac(unsigned char *digest, const unsigned char *key, | |||
| 101 | if (dlen == 0) | 101 | if (dlen == 0) |
| 102 | break; | 102 | break; |
| 103 | data = va_arg(argp, unsigned char *); | 103 | data = va_arg(argp, unsigned char *); |
| 104 | if (data == NULL) | 104 | if (data == NULL) { |
| 105 | return -EINVAL; | 105 | ret = -EINVAL; |
| 106 | break; | ||
| 107 | } | ||
| 106 | ret = crypto_shash_update(&sdesc->shash, data, dlen); | 108 | ret = crypto_shash_update(&sdesc->shash, data, dlen); |
| 107 | if (ret < 0) | 109 | if (ret < 0) |
| 108 | goto out; | 110 | break; |
| 109 | } | 111 | } |
| 110 | va_end(argp); | 112 | va_end(argp); |
| 111 | if (!ret) | 113 | if (!ret) |
| @@ -146,14 +148,17 @@ static int TSS_authhmac(unsigned char *digest, const unsigned char *key, | |||
| 146 | if (dlen == 0) | 148 | if (dlen == 0) |
| 147 | break; | 149 | break; |
| 148 | data = va_arg(argp, unsigned char *); | 150 | data = va_arg(argp, unsigned char *); |
| 149 | ret = crypto_shash_update(&sdesc->shash, data, dlen); | 151 | if (!data) { |
| 150 | if (ret < 0) { | 152 | ret = -EINVAL; |
| 151 | va_end(argp); | 153 | break; |
| 152 | goto out; | ||
| 153 | } | 154 | } |
| 155 | ret = crypto_shash_update(&sdesc->shash, data, dlen); | ||
| 156 | if (ret < 0) | ||
| 157 | break; | ||
| 154 | } | 158 | } |
| 155 | va_end(argp); | 159 | va_end(argp); |
| 156 | ret = crypto_shash_final(&sdesc->shash, paramdigest); | 160 | if (!ret) |
| 161 | ret = crypto_shash_final(&sdesc->shash, paramdigest); | ||
| 157 | if (!ret) | 162 | if (!ret) |
| 158 | ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE, | 163 | ret = TSS_rawhmac(digest, key, keylen, SHA1_DIGEST_SIZE, |
| 159 | paramdigest, TPM_NONCE_SIZE, h1, | 164 | paramdigest, TPM_NONCE_SIZE, h1, |
| @@ -222,13 +227,12 @@ static int TSS_checkhmac1(unsigned char *buffer, | |||
| 222 | break; | 227 | break; |
| 223 | dpos = va_arg(argp, unsigned int); | 228 | dpos = va_arg(argp, unsigned int); |
| 224 | ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen); | 229 | ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen); |
| 225 | if (ret < 0) { | 230 | if (ret < 0) |
| 226 | va_end(argp); | 231 | break; |
| 227 | goto out; | ||
| 228 | } | ||
| 229 | } | 232 | } |
| 230 | va_end(argp); | 233 | va_end(argp); |
| 231 | ret = crypto_shash_final(&sdesc->shash, paramdigest); | 234 | if (!ret) |
| 235 | ret = crypto_shash_final(&sdesc->shash, paramdigest); | ||
| 232 | if (ret < 0) | 236 | if (ret < 0) |
| 233 | goto out; | 237 | goto out; |
| 234 | 238 | ||
| @@ -316,13 +320,12 @@ static int TSS_checkhmac2(unsigned char *buffer, | |||
| 316 | break; | 320 | break; |
| 317 | dpos = va_arg(argp, unsigned int); | 321 | dpos = va_arg(argp, unsigned int); |
| 318 | ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen); | 322 | ret = crypto_shash_update(&sdesc->shash, buffer + dpos, dlen); |
| 319 | if (ret < 0) { | 323 | if (ret < 0) |
| 320 | va_end(argp); | 324 | break; |
| 321 | goto out; | ||
| 322 | } | ||
| 323 | } | 325 | } |
| 324 | va_end(argp); | 326 | va_end(argp); |
| 325 | ret = crypto_shash_final(&sdesc->shash, paramdigest); | 327 | if (!ret) |
| 328 | ret = crypto_shash_final(&sdesc->shash, paramdigest); | ||
| 326 | if (ret < 0) | 329 | if (ret < 0) |
| 327 | goto out; | 330 | goto out; |
| 328 | 331 | ||
| @@ -511,7 +514,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
| 511 | /* get session for sealing key */ | 514 | /* get session for sealing key */ |
| 512 | ret = osap(tb, &sess, keyauth, keytype, keyhandle); | 515 | ret = osap(tb, &sess, keyauth, keytype, keyhandle); |
| 513 | if (ret < 0) | 516 | if (ret < 0) |
| 514 | return ret; | 517 | goto out; |
| 515 | dump_sess(&sess); | 518 | dump_sess(&sess); |
| 516 | 519 | ||
| 517 | /* calculate encrypted authorization value */ | 520 | /* calculate encrypted authorization value */ |
| @@ -519,11 +522,11 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
| 519 | memcpy(td->xorwork + SHA1_DIGEST_SIZE, sess.enonce, SHA1_DIGEST_SIZE); | 522 | memcpy(td->xorwork + SHA1_DIGEST_SIZE, sess.enonce, SHA1_DIGEST_SIZE); |
| 520 | ret = TSS_sha1(td->xorwork, SHA1_DIGEST_SIZE * 2, td->xorhash); | 523 | ret = TSS_sha1(td->xorwork, SHA1_DIGEST_SIZE * 2, td->xorhash); |
| 521 | if (ret < 0) | 524 | if (ret < 0) |
| 522 | return ret; | 525 | goto out; |
| 523 | 526 | ||
| 524 | ret = tpm_get_random(tb, td->nonceodd, TPM_NONCE_SIZE); | 527 | ret = tpm_get_random(tb, td->nonceodd, TPM_NONCE_SIZE); |
| 525 | if (ret < 0) | 528 | if (ret < 0) |
| 526 | return ret; | 529 | goto out; |
| 527 | ordinal = htonl(TPM_ORD_SEAL); | 530 | ordinal = htonl(TPM_ORD_SEAL); |
| 528 | datsize = htonl(datalen); | 531 | datsize = htonl(datalen); |
| 529 | pcrsize = htonl(pcrinfosize); | 532 | pcrsize = htonl(pcrinfosize); |
| @@ -552,7 +555,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
| 552 | &datsize, datalen, data, 0, 0); | 555 | &datsize, datalen, data, 0, 0); |
| 553 | } | 556 | } |
| 554 | if (ret < 0) | 557 | if (ret < 0) |
| 555 | return ret; | 558 | goto out; |
| 556 | 559 | ||
| 557 | /* build and send the TPM request packet */ | 560 | /* build and send the TPM request packet */ |
| 558 | INIT_BUF(tb); | 561 | INIT_BUF(tb); |
| @@ -572,7 +575,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
| 572 | 575 | ||
| 573 | ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE); | 576 | ret = trusted_tpm_send(TPM_ANY_NUM, tb->data, MAX_BUF_SIZE); |
| 574 | if (ret < 0) | 577 | if (ret < 0) |
| 575 | return ret; | 578 | goto out; |
| 576 | 579 | ||
| 577 | /* calculate the size of the returned Blob */ | 580 | /* calculate the size of the returned Blob */ |
| 578 | sealinfosize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t)); | 581 | sealinfosize = LOAD32(tb->data, TPM_DATA_OFFSET + sizeof(uint32_t)); |
| @@ -591,6 +594,8 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, | |||
| 591 | memcpy(blob, tb->data + TPM_DATA_OFFSET, storedsize); | 594 | memcpy(blob, tb->data + TPM_DATA_OFFSET, storedsize); |
| 592 | *bloblen = storedsize; | 595 | *bloblen = storedsize; |
| 593 | } | 596 | } |
| 597 | out: | ||
| 598 | kfree(td); | ||
| 594 | return ret; | 599 | return ret; |
| 595 | } | 600 | } |
| 596 | 601 | ||