1 /* Microsoft Reference Implementation for TPM 2.0
2 *
3 * The copyright in this software is being made available under the BSD License,
4 * included below. This software may be subject to other third party and
5 * contributor rights, including patent rights, and no such rights are granted
6 * under this license.
7 *
8 * Copyright (c) Microsoft Corporation
9 *
10 * All rights reserved.
11 *
12 * BSD License
13 *
14 * Redistribution and use in source and binary forms, with or without modification,
15 * are permitted provided that the following conditions are met:
16 *
17 * Redistributions of source code must retain the above copyright notice, this list
18 * of conditions and the following disclaimer.
19 *
20 * Redistributions in binary form must reproduce the above copyright notice, this
21 * list of conditions and the following disclaimer in the documentation and/or
22 * other materials provided with the distribution.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
27 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
28 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
29 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
30 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
31 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */
35 #include "Tpm.h"
36 #include "VerifySignature_fp.h"
37
38 #if CC_VerifySignature // Conditional expansion of this file
39
40 /*(See part 3 specification)
41 // This command uses loaded key to validate an asymmetric signature on a message
42 // with the message digest passed to the TPM.
43 */
44 // Return Type: TPM_RC
45 // TPM_RC_ATTRIBUTES 'keyHandle' does not reference a signing key
46 // TPM_RC_SIGNATURE signature is not genuine
47 // TPM_RC_SCHEME CryptValidateSignature()
48 // TPM_RC_HANDLE the input handle is references an HMAC key but
49 // the private portion is not loaded
50 TPM_RC
TPM2_VerifySignature(VerifySignature_In * in,VerifySignature_Out * out)51 TPM2_VerifySignature(
52 VerifySignature_In *in, // IN: input parameter list
53 VerifySignature_Out *out // OUT: output parameter list
54 )
55 {
56 TPM_RC result;
57 OBJECT *signObject = HandleToObject(in->keyHandle);
58 TPMI_RH_HIERARCHY hierarchy;
59
60 // Input Validation
61 // The object to validate the signature must be a signing key.
62 if(!IS_ATTRIBUTE(signObject->publicArea.objectAttributes, TPMA_OBJECT, sign))
63 return TPM_RCS_ATTRIBUTES + RC_VerifySignature_keyHandle;
64
65 // Validate Signature. TPM_RC_SCHEME, TPM_RC_HANDLE or TPM_RC_SIGNATURE
66 // error may be returned by CryptCVerifySignatrue()
67 result = CryptValidateSignature(in->keyHandle, &in->digest, &in->signature);
68 if(result != TPM_RC_SUCCESS)
69 return RcSafeAddToResult(result, RC_VerifySignature_signature);
70
71 // Command Output
72
73 hierarchy = GetHierarchy(in->keyHandle);
74 if(hierarchy == TPM_RH_NULL
75 || signObject->publicArea.nameAlg == TPM_ALG_NULL)
76 {
77 // produce empty ticket if hierarchy is TPM_RH_NULL or nameAlg is
78 // ALG_NULL
79 out->validation.tag = TPM_ST_VERIFIED;
80 out->validation.hierarchy = TPM_RH_NULL;
81 out->validation.digest.t.size = 0;
82 }
83 else
84 {
85 // Compute ticket
86 TicketComputeVerified(hierarchy, &in->digest, &signObject->name,
87 &out->validation);
88 }
89
90 return TPM_RC_SUCCESS;
91 }
92
93 #endif // CC_VerifySignature