Home | History | Annotate | Download | only in tpm2 
      1 // This file was extracted from the TCG Published
      2 // Trusted Platform Module Library
      3 // Part 3: Commands
      4 // Family "2.0"
      5 // Level 00 Revision 01.16
      6 // October 30, 2014
      7 
      8 #include "InternalRoutines.h"
      9 #include "Attest_spt_fp.h"
     10 #include "GetCommandAuditDigest_fp.h"
     11 //
     12 //
     13 //     Error Returns                 Meaning
     14 //
     15 //     TPM_RC_KEY                    key referenced by signHandle is not a signing key
     16 //     TPM_RC_SCHEME                 inScheme is incompatible with signHandle type; or both scheme and
     17 //                                   key's default scheme are empty; or scheme is empty while key's
     18 //                                   default scheme requires explicit input scheme (split signing); or non-
     19 //                                   empty default key scheme differs from scheme
     20 //     TPM_RC_VALUE                  digest generated for the given scheme is greater than the modulus of
     21 //                                   signHandle (for an RSA key); invalid commit status or failed to
     22 //                                   generate r value (for an ECC key)
     23 //
     24 TPM_RC
     25 TPM2_GetCommandAuditDigest(
     26    GetCommandAuditDigest_In      *in,                // IN: input parameter list
     27    GetCommandAuditDigest_Out     *out                // OUT: output parameter list
     28    )
     29 {
     30    TPM_RC                   result;
     31    TPMS_ATTEST              auditInfo;
     32 
     33 // Command Output
     34 
     35    // Filling in attest information
     36    // Common fields
     37    result = FillInAttestInfo(in->signHandle,
     38                              &in->inScheme,
     39                              &in->qualifyingData,
     40                              &auditInfo);
     41    if(result != TPM_RC_SUCCESS)
     42    {
     43        if(result == TPM_RC_KEY)
     44            return TPM_RC_KEY + RC_GetCommandAuditDigest_signHandle;
     45        else
     46            return RcSafeAddToResult(result, RC_GetCommandAuditDigest_inScheme);
     47    }
     48 
     49    // CommandAuditDigest specific fields
     50    // Attestation type
     51    auditInfo.type = TPM_ST_ATTEST_COMMAND_AUDIT;
     52 
     53    // Copy audit hash algorithm
     54    auditInfo.attested.commandAudit.digestAlg = gp.auditHashAlg;
     55 
     56    // Copy counter value
     57    auditInfo.attested.commandAudit.auditCounter = gp.auditCounter;
     58 
     59    // Copy command audit log
     60    auditInfo.attested.commandAudit.auditDigest = gr.commandAuditDigest;
     61    CommandAuditGetDigest(&auditInfo.attested.commandAudit.commandDigest);
     62 
     63    //   Sign attestation structure. A NULL signature will be returned if
     64    //   signHandle is TPM_RH_NULL. A TPM_RC_NV_UNAVAILABLE, TPM_RC_NV_RATE,
     65    //   TPM_RC_VALUE, TPM_RC_SCHEME or TPM_RC_ATTRIBUTES error may be returned at
     66    //   this point
     67    result = SignAttestInfo(in->signHandle,
     68                            &in->inScheme,
     69                            &auditInfo,
     70                            &in->qualifyingData,
     71                            &out->auditInfo,
     72                            &out->signature);
     73 
     74    if(result != TPM_RC_SUCCESS)
     75        return result;
     76 
     77 // Internal Data Update
     78 
     79    if(in->signHandle != TPM_RH_NULL)
     80    {
     81        // Reset log
     82        gr.commandAuditDigest.t.size = 0;
     83 
     84        // orderly state should be cleared because of the update in
     85        // commandAuditDigest, as well as the reporting of clock info
     86        g_clearOrderly = TRUE;
     87    }
     88 
     89    return TPM_RC_SUCCESS;
     90 }
     91