1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************;
3  * Copyright (c) 2015 - 2017, Intel Corporation
4  * All rights reserved.
5  ***********************************************************************/
6 
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10 
11 #include "tss2_tpm2_types.h"
12 #include "tss2_mu.h"
13 #include "sysapi_util.h"
14 
Tss2_Sys_NV_Certify_Prepare(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT signHandle,TPMI_RH_NV_AUTH authHandle,TPMI_RH_NV_INDEX nvIndex,const TPM2B_DATA * qualifyingData,const TPMT_SIG_SCHEME * inScheme,UINT16 size,UINT16 offset)15 TSS2_RC Tss2_Sys_NV_Certify_Prepare(
16     TSS2_SYS_CONTEXT *sysContext,
17     TPMI_DH_OBJECT signHandle,
18     TPMI_RH_NV_AUTH authHandle,
19     TPMI_RH_NV_INDEX nvIndex,
20     const TPM2B_DATA *qualifyingData,
21     const TPMT_SIG_SCHEME *inScheme,
22     UINT16 size,
23     UINT16 offset)
24 {
25     _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
26     TSS2_RC rval;
27 
28     if (!ctx || !inScheme)
29         return TSS2_SYS_RC_BAD_REFERENCE;
30 
31     rval = CommonPreparePrologue(ctx, TPM2_CC_NV_Certify);
32     if (rval)
33         return rval;
34 
35     rval = Tss2_MU_UINT32_Marshal(signHandle, ctx->cmdBuffer,
36                                   ctx->maxCmdSize,
37                                   &ctx->nextData);
38     if (rval)
39         return rval;
40 
41     rval = Tss2_MU_UINT32_Marshal(authHandle, ctx->cmdBuffer,
42                                   ctx->maxCmdSize,
43                                   &ctx->nextData);
44     if (rval)
45         return rval;
46 
47     rval = Tss2_MU_UINT32_Marshal(nvIndex, ctx->cmdBuffer,
48                                   ctx->maxCmdSize,
49                                   &ctx->nextData);
50     if (rval)
51         return rval;
52 
53     if (!qualifyingData) {
54         ctx->decryptNull = 1;
55 
56         rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
57                                       ctx->maxCmdSize,
58                                       &ctx->nextData);
59     } else {
60 
61         rval = Tss2_MU_TPM2B_DATA_Marshal(qualifyingData, ctx->cmdBuffer,
62                                           ctx->maxCmdSize,
63                                           &ctx->nextData);
64     }
65 
66     if (rval)
67         return rval;
68 
69     rval = Tss2_MU_TPMT_SIG_SCHEME_Marshal(inScheme, ctx->cmdBuffer,
70                                            ctx->maxCmdSize,
71                                            &ctx->nextData);
72     if (rval)
73         return rval;
74 
75     rval = Tss2_MU_UINT16_Marshal(size, ctx->cmdBuffer,
76                                   ctx->maxCmdSize,
77                                   &ctx->nextData);
78     if (rval)
79         return rval;
80 
81     rval = Tss2_MU_UINT16_Marshal(offset, ctx->cmdBuffer,
82                                   ctx->maxCmdSize,
83                                   &ctx->nextData);
84     if (rval)
85         return rval;
86 
87     ctx->decryptAllowed = 1;
88     ctx->encryptAllowed = 1;
89     ctx->authAllowed = 1;
90 
91     return CommonPrepareEpilogue(ctx);
92 }
93 
Tss2_Sys_NV_Certify_Complete(TSS2_SYS_CONTEXT * sysContext,TPM2B_ATTEST * certifyInfo,TPMT_SIGNATURE * signature)94 TSS2_RC Tss2_Sys_NV_Certify_Complete(
95     TSS2_SYS_CONTEXT *sysContext,
96     TPM2B_ATTEST *certifyInfo,
97     TPMT_SIGNATURE *signature)
98 {
99     _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
100     TSS2_RC rval;
101 
102     if (!ctx)
103         return TSS2_SYS_RC_BAD_REFERENCE;
104 
105     rval = CommonComplete(ctx);
106     if (rval)
107         return rval;
108 
109     rval = Tss2_MU_TPM2B_ATTEST_Unmarshal(ctx->cmdBuffer,
110                                           ctx->maxCmdSize,
111                                           &ctx->nextData,
112                                           certifyInfo);
113     if (rval)
114         return rval;
115 
116     return Tss2_MU_TPMT_SIGNATURE_Unmarshal(ctx->cmdBuffer,
117                                             ctx->maxCmdSize,
118                                             &ctx->nextData,
119                                             signature);
120 }
121 
Tss2_Sys_NV_Certify(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT signHandle,TPMI_RH_NV_AUTH authHandle,TPMI_RH_NV_INDEX nvIndex,TSS2L_SYS_AUTH_COMMAND const * cmdAuthsArray,const TPM2B_DATA * qualifyingData,const TPMT_SIG_SCHEME * inScheme,UINT16 size,UINT16 offset,TPM2B_ATTEST * certifyInfo,TPMT_SIGNATURE * signature,TSS2L_SYS_AUTH_RESPONSE * rspAuthsArray)122 TSS2_RC Tss2_Sys_NV_Certify(
123     TSS2_SYS_CONTEXT *sysContext,
124     TPMI_DH_OBJECT signHandle,
125     TPMI_RH_NV_AUTH authHandle,
126     TPMI_RH_NV_INDEX nvIndex,
127     TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
128     const TPM2B_DATA *qualifyingData,
129     const TPMT_SIG_SCHEME *inScheme,
130     UINT16 size,
131     UINT16 offset,
132     TPM2B_ATTEST *certifyInfo,
133     TPMT_SIGNATURE *signature,
134     TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray)
135 {
136     _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
137     TSS2_RC rval;
138 
139     if (!inScheme)
140         return TSS2_SYS_RC_BAD_REFERENCE;
141 
142     rval = Tss2_Sys_NV_Certify_Prepare(sysContext, signHandle, authHandle,
143                                        nvIndex, qualifyingData, inScheme,
144                                        size, offset);
145     if (rval)
146         return rval;
147 
148     rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
149     if (rval)
150         return rval;
151 
152     return Tss2_Sys_NV_Certify_Complete(sysContext, certifyInfo, signature);
153 }
154