1 // This file was extracted from the TCG Published 2 // Trusted Platform Module Library 3 // Part 3: Commands 4 // Family "2.0" 5 // Level 00 Revision 01.16 6 // October 30, 2014 7 8 #include "InternalRoutines.h" 9 #include "Attest_spt_fp.h" 10 #include "GetCommandAuditDigest_fp.h" 11 // 12 // 13 // Error Returns Meaning 14 // 15 // TPM_RC_KEY key referenced by signHandle is not a signing key 16 // TPM_RC_SCHEME inScheme is incompatible with signHandle type; or both scheme and 17 // key's default scheme are empty; or scheme is empty while key's 18 // default scheme requires explicit input scheme (split signing); or non- 19 // empty default key scheme differs from scheme 20 // TPM_RC_VALUE digest generated for the given scheme is greater than the modulus of 21 // signHandle (for an RSA key); invalid commit status or failed to 22 // generate r value (for an ECC key) 23 // 24 TPM_RC 25 TPM2_GetCommandAuditDigest( 26 GetCommandAuditDigest_In *in, // IN: input parameter list 27 GetCommandAuditDigest_Out *out // OUT: output parameter list 28 ) 29 { 30 TPM_RC result; 31 TPMS_ATTEST auditInfo; 32 33 // Command Output 34 35 // Filling in attest information 36 // Common fields 37 result = FillInAttestInfo(in->signHandle, 38 &in->inScheme, 39 &in->qualifyingData, 40 &auditInfo); 41 if(result != TPM_RC_SUCCESS) 42 { 43 if(result == TPM_RC_KEY) 44 return TPM_RC_KEY + RC_GetCommandAuditDigest_signHandle; 45 else 46 return RcSafeAddToResult(result, RC_GetCommandAuditDigest_inScheme); 47 } 48 49 // CommandAuditDigest specific fields 50 // Attestation type 51 auditInfo.type = TPM_ST_ATTEST_COMMAND_AUDIT; 52 53 // Copy audit hash algorithm 54 auditInfo.attested.commandAudit.digestAlg = gp.auditHashAlg; 55 56 // Copy counter value 57 auditInfo.attested.commandAudit.auditCounter = gp.auditCounter; 58 59 // Copy command audit log 60 auditInfo.attested.commandAudit.auditDigest = gr.commandAuditDigest; 61 CommandAuditGetDigest(&auditInfo.attested.commandAudit.commandDigest); 62 63 // Sign attestation structure. A NULL signature will be returned if 64 // signHandle is TPM_RH_NULL. A TPM_RC_NV_UNAVAILABLE, TPM_RC_NV_RATE, 65 // TPM_RC_VALUE, TPM_RC_SCHEME or TPM_RC_ATTRIBUTES error may be returned at 66 // this point 67 result = SignAttestInfo(in->signHandle, 68 &in->inScheme, 69 &auditInfo, 70 &in->qualifyingData, 71 &out->auditInfo, 72 &out->signature); 73 74 if(result != TPM_RC_SUCCESS) 75 return result; 76 77 // Internal Data Update 78 79 if(in->signHandle != TPM_RH_NULL) 80 { 81 // Reset log 82 gr.commandAuditDigest.t.size = 0; 83 84 // orderly state should be cleared because of the update in 85 // commandAuditDigest, as well as the reporting of clock info 86 g_clearOrderly = TRUE; 87 } 88 89 return TPM_RC_SUCCESS; 90 } 91