1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************;
3 * Copyright (c) 2015 - 2017, Intel Corporation
4 * All rights reserved.
5 ***********************************************************************/
6
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10
11 #include "tss2_tpm2_types.h"
12 #include "tss2_mu.h"
13 #include "sysapi_util.h"
14
Tss2_Sys_Certify_Prepare(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT objectHandle,TPMI_DH_OBJECT signHandle,const TPM2B_DATA * qualifyingData,const TPMT_SIG_SCHEME * inScheme)15 TSS2_RC Tss2_Sys_Certify_Prepare(
16 TSS2_SYS_CONTEXT *sysContext,
17 TPMI_DH_OBJECT objectHandle,
18 TPMI_DH_OBJECT signHandle,
19 const TPM2B_DATA *qualifyingData,
20 const TPMT_SIG_SCHEME *inScheme)
21 {
22 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
23 TSS2_RC rval;
24
25 if (!ctx || !inScheme)
26 return TSS2_SYS_RC_BAD_REFERENCE;
27
28 rval = CommonPreparePrologue(ctx, TPM2_CC_Certify);
29 if (rval)
30 return rval;
31
32 rval = Tss2_MU_UINT32_Marshal(objectHandle, ctx->cmdBuffer,
33 ctx->maxCmdSize,
34 &ctx->nextData);
35 if (rval)
36 return rval;
37
38 rval = Tss2_MU_UINT32_Marshal(signHandle, ctx->cmdBuffer,
39 ctx->maxCmdSize,
40 &ctx->nextData);
41 if (rval)
42 return rval;
43
44 if (!qualifyingData) {
45 ctx->decryptNull = 1;
46
47 rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
48 ctx->maxCmdSize,
49 &ctx->nextData);
50 } else {
51
52 rval = Tss2_MU_TPM2B_DATA_Marshal(qualifyingData, ctx->cmdBuffer,
53 ctx->maxCmdSize,
54 &ctx->nextData);
55 }
56 if (rval)
57 return rval;
58
59 rval = Tss2_MU_TPMT_SIG_SCHEME_Marshal(inScheme, ctx->cmdBuffer,
60 ctx->maxCmdSize,
61 &ctx->nextData);
62 if (rval)
63 return rval;
64
65 ctx->decryptAllowed = 1;
66 ctx->encryptAllowed = 1;
67 ctx->authAllowed = 1;
68
69 return CommonPrepareEpilogue(ctx);
70 }
71
Tss2_Sys_Certify_Complete(TSS2_SYS_CONTEXT * sysContext,TPM2B_ATTEST * certifyInfo,TPMT_SIGNATURE * signature)72 TSS2_RC Tss2_Sys_Certify_Complete(
73 TSS2_SYS_CONTEXT *sysContext,
74 TPM2B_ATTEST *certifyInfo,
75 TPMT_SIGNATURE *signature)
76 {
77 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
78 TSS2_RC rval;
79
80 if (!ctx)
81 return TSS2_SYS_RC_BAD_REFERENCE;
82
83 rval = CommonComplete(ctx);
84 if (rval)
85 return rval;
86
87 rval = Tss2_MU_TPM2B_ATTEST_Unmarshal(ctx->cmdBuffer,
88 ctx->maxCmdSize,
89 &ctx->nextData,
90 certifyInfo);
91 if (rval)
92 return rval;
93
94 return Tss2_MU_TPMT_SIGNATURE_Unmarshal(ctx->cmdBuffer,
95 ctx->maxCmdSize,
96 &ctx->nextData,
97 signature);
98 }
99
Tss2_Sys_Certify(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT objectHandle,TPMI_DH_OBJECT signHandle,TSS2L_SYS_AUTH_COMMAND const * cmdAuthsArray,const TPM2B_DATA * qualifyingData,const TPMT_SIG_SCHEME * inScheme,TPM2B_ATTEST * certifyInfo,TPMT_SIGNATURE * signature,TSS2L_SYS_AUTH_RESPONSE * rspAuthsArray)100 TSS2_RC Tss2_Sys_Certify(
101 TSS2_SYS_CONTEXT *sysContext,
102 TPMI_DH_OBJECT objectHandle,
103 TPMI_DH_OBJECT signHandle,
104 TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
105 const TPM2B_DATA *qualifyingData,
106 const TPMT_SIG_SCHEME *inScheme,
107 TPM2B_ATTEST *certifyInfo,
108 TPMT_SIGNATURE *signature,
109 TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray)
110 {
111 TSS2_RC rval;
112 _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
113
114 if (!inScheme)
115 return TSS2_SYS_RC_BAD_REFERENCE;
116
117 rval = Tss2_Sys_Certify_Prepare(sysContext, objectHandle, signHandle,
118 qualifyingData, inScheme);
119 if (rval)
120 return rval;
121
122 rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
123 if (rval)
124 return rval;
125
126 return Tss2_Sys_Certify_Complete(sysContext, certifyInfo, signature);
127 }
128