1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************;
3 * Copyright (c) 2015 - 2017, Intel Corporation
4 * All rights reserved.
5 ***********************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include "tss2_tpm2_types.h"
12 #include "tss2_mu.h"
13 #include "sysapi_util.h"
14
Tss2_Sys_Sign_Prepare(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT keyHandle,const TPM2B_DIGEST * digest,const TPMT_SIG_SCHEME * inScheme,const TPMT_TK_HASHCHECK * validation)15 TSS2_RC Tss2_Sys_Sign_Prepare(
16 TSS2_SYS_CONTEXT *sysContext,
17 TPMI_DH_OBJECT keyHandle,
18 const TPM2B_DIGEST *digest,
19 const TPMT_SIG_SCHEME *inScheme,
20 const TPMT_TK_HASHCHECK *validation)
21 {
22 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
23 TSS2_RC rval;
24
25 if (!ctx || !inScheme || !validation)
26 return TSS2_SYS_RC_BAD_REFERENCE;
27
28 rval = CommonPreparePrologue(ctx, TPM2_CC_Sign);
29 if (rval)
30 return rval;
31
32 rval = Tss2_MU_UINT32_Marshal(keyHandle, ctx->cmdBuffer,
33 ctx->maxCmdSize,
34 &ctx->nextData);
35 if (rval)
36 return rval;
37
38 if (!digest) {
39 ctx->decryptNull = 1;
40
41 rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
42 ctx->maxCmdSize,
43 &ctx->nextData);
44 } else {
45
46 rval = Tss2_MU_TPM2B_DIGEST_Marshal(digest, ctx->cmdBuffer,
47 ctx->maxCmdSize,
48 &ctx->nextData);
49 }
50
51 if (rval)
52 return rval;
53
54 rval = Tss2_MU_TPMT_SIG_SCHEME_Marshal(inScheme, ctx->cmdBuffer,
55 ctx->maxCmdSize,
56 &ctx->nextData);
57 if (rval)
58 return rval;
59
60 rval = Tss2_MU_TPMT_TK_HASHCHECK_Marshal(validation, ctx->cmdBuffer,
61 ctx->maxCmdSize,
62 &ctx->nextData);
63 if (rval)
64 return rval;
65
66 ctx->decryptAllowed = 1;
67 ctx->encryptAllowed = 0;
68 ctx->authAllowed = 1;
69
70 return CommonPrepareEpilogue(ctx);
71 }
72
Tss2_Sys_Sign_Complete(TSS2_SYS_CONTEXT * sysContext,TPMT_SIGNATURE * signature)73 TSS2_RC Tss2_Sys_Sign_Complete(
74 TSS2_SYS_CONTEXT *sysContext,
75 TPMT_SIGNATURE *signature)
76 {
77 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
78 TSS2_RC rval;
79
80 if (!ctx)
81 return TSS2_SYS_RC_BAD_REFERENCE;
82
83 rval = CommonComplete(ctx);
84 if (rval)
85 return rval;
86
87 return Tss2_MU_TPMT_SIGNATURE_Unmarshal(ctx->cmdBuffer,
88 ctx->maxCmdSize,
89 &ctx->nextData, signature);
90 }
91
Tss2_Sys_Sign(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT keyHandle,TSS2L_SYS_AUTH_COMMAND const * cmdAuthsArray,const TPM2B_DIGEST * digest,const TPMT_SIG_SCHEME * inScheme,const TPMT_TK_HASHCHECK * validation,TPMT_SIGNATURE * signature,TSS2L_SYS_AUTH_RESPONSE * rspAuthsArray)92 TSS2_RC Tss2_Sys_Sign(
93 TSS2_SYS_CONTEXT *sysContext,
94 TPMI_DH_OBJECT keyHandle,
95 TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
96 const TPM2B_DIGEST *digest,
97 const TPMT_SIG_SCHEME *inScheme,
98 const TPMT_TK_HASHCHECK *validation,
99 TPMT_SIGNATURE *signature,
100 TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray)
101 {
102 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
103 TSS2_RC rval;
104
105 if (!inScheme || !validation)
106 return TSS2_SYS_RC_BAD_REFERENCE;
107
108 rval = Tss2_Sys_Sign_Prepare(sysContext, keyHandle, digest, inScheme, validation);
109 if (rval)
110 return rval;
111
112 rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
113 if (rval)
114 return rval;
115
116 return Tss2_Sys_Sign_Complete(sysContext, signature);
117 }
118