1 // This file was extracted from the TCG Published
2 // Trusted Platform Module Library
3 // Part 3: Commands
4 // Family "2.0"
5 // Level 00 Revision 01.16
6 // October 30, 2014
7 
8 #include "InternalRoutines.h"
9 #include "Attest_spt_fp.h"
10 #include "GetCommandAuditDigest_fp.h"
11 //
12 //
13 //     Error Returns                 Meaning
14 //
15 //     TPM_RC_KEY                    key referenced by signHandle is not a signing key
16 //     TPM_RC_SCHEME                 inScheme is incompatible with signHandle type; or both scheme and
17 //                                   key's default scheme are empty; or scheme is empty while key's
18 //                                   default scheme requires explicit input scheme (split signing); or non-
19 //                                   empty default key scheme differs from scheme
20 //     TPM_RC_VALUE                  digest generated for the given scheme is greater than the modulus of
21 //                                   signHandle (for an RSA key); invalid commit status or failed to
22 //                                   generate r value (for an ECC key)
23 //
24 TPM_RC
TPM2_GetCommandAuditDigest(GetCommandAuditDigest_In * in,GetCommandAuditDigest_Out * out)25 TPM2_GetCommandAuditDigest(
26    GetCommandAuditDigest_In      *in,                // IN: input parameter list
27    GetCommandAuditDigest_Out     *out                // OUT: output parameter list
28    )
29 {
30    TPM_RC                   result;
31    TPMS_ATTEST              auditInfo;
32 
33 // Command Output
34 
35    // Filling in attest information
36    // Common fields
37    result = FillInAttestInfo(in->signHandle,
38                              &in->inScheme,
39                              &in->qualifyingData,
40                              &auditInfo);
41    if(result != TPM_RC_SUCCESS)
42    {
43        if(result == TPM_RC_KEY)
44            return TPM_RC_KEY + RC_GetCommandAuditDigest_signHandle;
45        else
46            return RcSafeAddToResult(result, RC_GetCommandAuditDigest_inScheme);
47    }
48 
49    // CommandAuditDigest specific fields
50    // Attestation type
51    auditInfo.type = TPM_ST_ATTEST_COMMAND_AUDIT;
52 
53    // Copy audit hash algorithm
54    auditInfo.attested.commandAudit.digestAlg = gp.auditHashAlg;
55 
56    // Copy counter value
57    auditInfo.attested.commandAudit.auditCounter = gp.auditCounter;
58 
59    // Copy command audit log
60    auditInfo.attested.commandAudit.auditDigest = gr.commandAuditDigest;
61    CommandAuditGetDigest(&auditInfo.attested.commandAudit.commandDigest);
62 
63    //   Sign attestation structure. A NULL signature will be returned if
64    //   signHandle is TPM_RH_NULL. A TPM_RC_NV_UNAVAILABLE, TPM_RC_NV_RATE,
65    //   TPM_RC_VALUE, TPM_RC_SCHEME or TPM_RC_ATTRIBUTES error may be returned at
66    //   this point
67    result = SignAttestInfo(in->signHandle,
68                            &in->inScheme,
69                            &auditInfo,
70                            &in->qualifyingData,
71                            &out->auditInfo,
72                            &out->signature);
73 
74    if(result != TPM_RC_SUCCESS)
75        return result;
76 
77 // Internal Data Update
78 
79    if(in->signHandle != TPM_RH_NULL)
80    {
81        // Reset log
82        gr.commandAuditDigest.t.size = 0;
83 
84        // orderly state should be cleared because of the update in
85        // commandAuditDigest, as well as the reporting of clock info
86        g_clearOrderly = TRUE;
87    }
88 
89    return TPM_RC_SUCCESS;
90 }
91