1 // This file was extracted from the TCG Published 2 // Trusted Platform Module Library 3 // Part 3: Commands 4 // Family "2.0" 5 // Level 00 Revision 01.16 6 // October 30, 2014 7 8 #include "InternalRoutines.h" 9 #include "Attest_spt_fp.h" 10 #include "GetSessionAuditDigest_fp.h" 11 // 12 // 13 // Error Returns Meaning 14 // 15 // TPM_RC_KEY key referenced by signHandle is not a signing key 16 // TPM_RC_SCHEME inScheme is incompatible with signHandle type; or both scheme and 17 // key's default scheme are empty; or scheme is empty while key's 18 // default scheme requires explicit input scheme (split signing); or non- 19 // empty default key scheme differs from scheme 20 // TPM_RC_TYPE sessionHandle does not reference an audit session 21 // TPM_RC_VALUE digest generated for the given scheme is greater than the modulus of 22 // signHandle (for an RSA key); invalid commit status or failed to 23 // generate r value (for an ECC key) 24 // 25 TPM_RC 26 TPM2_GetSessionAuditDigest( 27 GetSessionAuditDigest_In *in, // IN: input parameter list 28 GetSessionAuditDigest_Out *out // OUT: output parameter list 29 ) 30 { 31 TPM_RC result; 32 SESSION *session; 33 TPMS_ATTEST auditInfo; 34 35 // Input Validation 36 37 // SessionAuditDigest specific input validation 38 // Get session pointer 39 session = SessionGet(in->sessionHandle); 40 41 // session must be an audit session 42 if(session->attributes.isAudit == CLEAR) 43 return TPM_RC_TYPE + RC_GetSessionAuditDigest_sessionHandle; 44 45 // Command Output 46 47 // Filling in attest information 48 // Common fields 49 result = FillInAttestInfo(in->signHandle, 50 &in->inScheme, 51 &in->qualifyingData, 52 &auditInfo); 53 if(result != TPM_RC_SUCCESS) 54 { 55 if(result == TPM_RC_KEY) 56 return TPM_RC_KEY + RC_GetSessionAuditDigest_signHandle; 57 else 58 return RcSafeAddToResult(result, RC_GetSessionAuditDigest_inScheme); 59 } 60 61 // SessionAuditDigest specific fields 62 // Attestation type 63 auditInfo.type = TPM_ST_ATTEST_SESSION_AUDIT; 64 65 // Copy digest 66 auditInfo.attested.sessionAudit.sessionDigest = session->u2.auditDigest; 67 68 // Exclusive audit session 69 if(g_exclusiveAuditSession == in->sessionHandle) 70 auditInfo.attested.sessionAudit.exclusiveSession = TRUE; 71 else 72 auditInfo.attested.sessionAudit.exclusiveSession = FALSE; 73 74 // Sign attestation structure. A NULL signature will be returned if 75 // signHandle is TPM_RH_NULL. A TPM_RC_NV_UNAVAILABLE, TPM_RC_NV_RATE, 76 // TPM_RC_VALUE, TPM_RC_SCHEME or TPM_RC_ATTRIBUTES error may be returned at 77 // this point 78 result = SignAttestInfo(in->signHandle, 79 &in->inScheme, 80 &auditInfo, 81 &in->qualifyingData, 82 &out->auditInfo, 83 &out->signature); 84 if(result != TPM_RC_SUCCESS) 85 return result; 86 87 // orderly state should be cleared because of the reporting of clock info 88 // if signing happens 89 if(in->signHandle != TPM_RH_NULL) 90 g_clearOrderly = TRUE; 91 92 return TPM_RC_SUCCESS; 93 } 94