1 // This file was extracted from the TCG Published
2 // Trusted Platform Module Library
3 // Part 3: Commands
4 // Family "2.0"
5 // Level 00 Revision 01.16
6 // October 30, 2014
7
8 #include "InternalRoutines.h"
9 #include "ObjectChangeAuth_fp.h"
10 #include "Object_spt_fp.h"
11 //
12 //
13 // Error Returns Meaning
14 //
15 // TPM_RC_SIZE newAuth is larger than the size of the digest of the Name algorithm of
16 // objectHandle
17 // TPM_RC_TYPE the key referenced by parentHandle is not the parent of the object
18 // referenced by objectHandle; or objectHandle is a sequence object.
19 //
20 TPM_RC
TPM2_ObjectChangeAuth(ObjectChangeAuth_In * in,ObjectChangeAuth_Out * out)21 TPM2_ObjectChangeAuth(
22 ObjectChangeAuth_In *in, // IN: input parameter list
23 ObjectChangeAuth_Out *out // OUT: output parameter list
24 )
25 {
26 TPMT_SENSITIVE sensitive;
27
28 OBJECT *object;
29 TPM2B_NAME objectQN, QNCompare;
30 TPM2B_NAME parentQN;
31
32 // Input Validation
33
34 // Get object pointer
35 object = ObjectGet(in->objectHandle);
36
37 // Can not change auth on sequence object
38 if(ObjectIsSequence(object))
39 return TPM_RC_TYPE + RC_ObjectChangeAuth_objectHandle;
40
41 // Make sure that the auth value is consistent with the nameAlg
42 if( MemoryRemoveTrailingZeros(&in->newAuth)
43 > CryptGetHashDigestSize(object->publicArea.nameAlg))
44 return TPM_RC_SIZE + RC_ObjectChangeAuth_newAuth;
45
46 // Check parent for object
47 // parent handle must be the parent of object handle. In this
48 // implementation we verify this by checking the QN of object. Other
49 // implementation may choose different method to verify this attribute.
50 ObjectGetQualifiedName(in->parentHandle, &parentQN);
51 ObjectComputeQualifiedName(&parentQN, object->publicArea.nameAlg,
52 &object->name, &QNCompare);
53
54 ObjectGetQualifiedName(in->objectHandle, &objectQN);
55 if(!Memory2BEqual(&objectQN.b, &QNCompare.b))
56 return TPM_RC_TYPE + RC_ObjectChangeAuth_parentHandle;
57
58 // Command Output
59
60 // Copy internal sensitive area
61 sensitive = object->sensitive;
62 // Copy authValue
63 sensitive.authValue = in->newAuth;
64
65 // Prepare output private data from sensitive
66 SensitiveToPrivate(&sensitive, &object->name, in->parentHandle,
67 object->publicArea.nameAlg,
68 &out->outPrivate);
69
70 return TPM_RC_SUCCESS;
71 }
72