Blame - VerifySignature.c - platform/external/tpm2

blob: 670b9d5ac30d810430775701822adfa645219a2b [file] [log] [blame]

Vadim Bendebury	5679752	2015-05-20 10:32:25 -0700	[diff] [blame]	1	// This file was extracted from the TCG Published
				2	// Trusted Platform Module Library
				3	// Part 3: Commands
				4	// Family "2.0"
				5	// Level 00 Revision 01.16
				6	// October 30, 2014
				7
				8	#include "InternalRoutines.h"
				9	#include "VerifySignature_fp.h"
				10	//
				11	//
				12	// Error Returns Meaning
				13	//
				14	// TPM_RC_ATTRIBUTES keyHandle does not reference a signing key
				15	// TPM_RC_SIGNATURE signature is not genuine
				16	// TPM_RC_SCHEME CryptVerifySignature()
				17	// TPM_RC_HANDLE the input handle is references an HMAC key but the private portion is
				18	// not loaded
				19	//
				20	TPM_RC
				21	TPM2_VerifySignature(
				22	VerifySignature_In *in, // IN: input parameter list
				23	VerifySignature_Out *out // OUT: output parameter list
				24	)
				25	{
				26	TPM_RC result;
				27	TPM2B_NAME name;
				28	OBJECT *signObject;
				29	TPMI_RH_HIERARCHY hierarchy;
				30
				31	// Input Validation
				32
				33	// Get sign object pointer
				34	signObject = ObjectGet(in->keyHandle);
				35
				36	// The object to validate the signature must be a signing key.
				37	if(signObject->publicArea.objectAttributes.sign != SET)
				38	return TPM_RC_ATTRIBUTES + RC_VerifySignature_keyHandle;
				39
				40	// Validate Signature. TPM_RC_SCHEME, TPM_RC_HANDLE or TPM_RC_SIGNATURE
				41	// error may be returned by CryptCVerifySignatrue()
				42	result = CryptVerifySignature(in->keyHandle, &in->digest, &in->signature);
				43	if(result != TPM_RC_SUCCESS)
				44	return RcSafeAddToResult(result, RC_VerifySignature_signature);
				45
				46	// Command Output
				47
				48	hierarchy = ObjectGetHierarchy(in->keyHandle);
				49	if( hierarchy == TPM_RH_NULL
				50	\|\| signObject->publicArea.nameAlg == TPM_ALG_NULL)
				51	{
				52	// produce empty ticket if hierarchy is TPM_RH_NULL or nameAlg is
				53	// TPM_ALG_NULL
				54	out->validation.tag = TPM_ST_VERIFIED;
				55	out->validation.hierarchy = TPM_RH_NULL;
				56	out->validation.digest.t.size = 0;
				57	}
				58	else
				59	{
				60	// Get object name that verifies the signature
ChromeOS Developer	e85c65b	2015-07-10 10:12:43 -0700	[diff] [blame]	61	name.t.size = ObjectGetName(in->keyHandle, &name.t.name);
Vadim Bendebury	5679752	2015-05-20 10:32:25 -0700	[diff] [blame]	62	// Compute ticket
				63	TicketComputeVerified(hierarchy, &in->digest, &name, &out->validation);
				64	}
				65
				66	return TPM_RC_SUCCESS;
				67	}