1 // This file was extracted from the TCG Published 2 // Trusted Platform Module Library 3 // Part 3: Commands 4 // Family "2.0" 5 // Level 00 Revision 01.16 6 // October 30, 2014 7 8 #include "InternalRoutines.h" 9 #include "Load_fp.h" 10 #include "Object_spt_fp.h" 11 // 12 // 13 // Error Returns Meaning 14 // 15 // TPM_RC_ASYMMETRIC storage key with different asymmetric type than parent 16 // TPM_RC_ATTRIBUTES inPulblic attributes are not allowed with selected parent 17 // TPM_RC_BINDING inPrivate and inPublic are not cryptographically bound 18 // TPM_RC_HASH incorrect hash selection for signing key 19 // TPM_RC_INTEGRITY HMAC on inPrivate was not valid 20 // TPM_RC_KDF KDF selection not allowed 21 // TPM_RC_KEY the size of the object's unique field is not consistent with the indicated 22 // size in the object's parameters 23 // TPM_RC_OBJECT_MEMORY no available object slot 24 // TPM_RC_SCHEME the signing scheme is not valid for the key 25 // TPM_RC_SENSITIVE the inPrivate did not unmarshal correctly 26 // TPM_RC_SIZE inPrivate missing, or authPolicy size for inPublic or is not valid 27 // TPM_RC_SYMMETRIC symmetric algorithm not provided when required 28 // TPM_RC_TYPE parentHandle is not a storage key, or the object to load is a storage 29 // key but its parameters do not match the parameters of the parent. 30 // TPM_RC_VALUE decryption failure 31 // 32 TPM_RC 33 TPM2_Load( 34 Load_In *in, // IN: input parameter list 35 Load_Out *out // OUT: output parameter list 36 ) 37 { 38 TPM_RC result = TPM_RC_SUCCESS; 39 TPMT_SENSITIVE sensitive; 40 TPMI_RH_HIERARCHY hierarchy; 41 OBJECT *parentObject = NULL; 42 BOOL skipChecks = FALSE; 43 44 // Input Validation 45 if(in->inPrivate.t.size == 0) 46 return TPM_RC_SIZE + RC_Load_inPrivate; 47 48 parentObject = ObjectGet(in->parentHandle); 49 // Is the object that is being used as the parent actually a parent. 50 if(!AreAttributesForParent(parentObject)) 51 return TPM_RC_TYPE + RC_Load_parentHandle; 52 53 // If the parent is fixedTPM, then the attributes of the object 54 // are either "correct by construction" or were validated 55 // when the object was imported. If they pass the integrity 56 // check, then the values are valid 57 if(parentObject->publicArea.objectAttributes.fixedTPM) 58 skipChecks = TRUE; 59 else 60 { 61 // If parent doesn't have fixedTPM SET, then this can't have 62 // fixedTPM SET. 63 if(in->inPublic.t.publicArea.objectAttributes.fixedTPM == SET) 64 return TPM_RC_ATTRIBUTES + RC_Load_inPublic; 65 66 // Perform self check on input public area. A TPM_RC_SIZE, TPM_RC_SCHEME, 67 // TPM_RC_VALUE, TPM_RC_SYMMETRIC, TPM_RC_TYPE, TPM_RC_HASH, 68 // TPM_RC_ASYMMETRIC, TPM_RC_ATTRIBUTES or TPM_RC_KDF error may be returned 69 // at this point 70 result = PublicAttributesValidation(TRUE, in->parentHandle, 71 &in->inPublic.t.publicArea); 72 if(result != TPM_RC_SUCCESS) 73 return RcSafeAddToResult(result, RC_Load_inPublic); 74 } 75 76 // Compute the name of object 77 ObjectComputeName(&in->inPublic.t.publicArea, &out->name); 78 79 // Retrieve sensitive data. PrivateToSensitive() may return TPM_RC_INTEGRITY or 80 // TPM_RC_SENSITIVE 81 // errors may be returned at this point 82 result = PrivateToSensitive(&in->inPrivate, &out->name, in->parentHandle, 83 in->inPublic.t.publicArea.nameAlg, 84 &sensitive); 85 if(result != TPM_RC_SUCCESS) 86 return RcSafeAddToResult(result, RC_Load_inPrivate); 87 88 // Internal Data Update 89 90 // Get hierarchy of parent 91 hierarchy = ObjectGetHierarchy(in->parentHandle); 92 93 // Create internal object. A lot of different errors may be returned by this 94 // loading operation as it will do several validations, including the public 95 // binding check 96 result = ObjectLoad(hierarchy, &in->inPublic.t.publicArea, &sensitive, 97 &out->name, in->parentHandle, skipChecks, 98 &out->objectHandle); 99 100 if(result != TPM_RC_SUCCESS) 101 return result; 102 103 return TPM_RC_SUCCESS; 104 } 105
