1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /***********************************************************************;
3  * Copyright (c) 2015 - 2017, Intel Corporation
4  * All rights reserved.
5  ***********************************************************************/
6 
7 #ifdef HAVE_CONFIG_H
8 #include <config.h>
9 #endif
10 
11 #include "tss2_tpm2_types.h"
12 #include "tss2_mu.h"
13 #include "sysapi_util.h"
14 
Tss2_Sys_CertifyCreation_Prepare(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT signHandle,TPMI_DH_OBJECT objectHandle,const TPM2B_DATA * qualifyingData,const TPM2B_DIGEST * creationHash,const TPMT_SIG_SCHEME * inScheme,const TPMT_TK_CREATION * creationTicket)15 TSS2_RC Tss2_Sys_CertifyCreation_Prepare(
16     TSS2_SYS_CONTEXT *sysContext,
17     TPMI_DH_OBJECT signHandle,
18     TPMI_DH_OBJECT objectHandle,
19     const TPM2B_DATA *qualifyingData,
20     const TPM2B_DIGEST *creationHash,
21     const TPMT_SIG_SCHEME *inScheme,
22     const TPMT_TK_CREATION *creationTicket)
23 {
24     _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
25     TSS2_RC rval;
26 
27     if (!ctx || !inScheme || !creationTicket)
28         return TSS2_SYS_RC_BAD_REFERENCE;
29 
30     rval = CommonPreparePrologue(ctx, TPM2_CC_CertifyCreation);
31     if (rval)
32         return rval;
33 
34     rval = Tss2_MU_UINT32_Marshal(signHandle, ctx->cmdBuffer,
35                                   ctx->maxCmdSize,
36                                   &ctx->nextData);
37     if (rval)
38         return rval;
39 
40     rval = Tss2_MU_UINT32_Marshal(objectHandle, ctx->cmdBuffer,
41                                   ctx->maxCmdSize,
42                                   &ctx->nextData);
43     if (rval)
44         return rval;
45 
46     if (!qualifyingData) {
47         ctx->decryptNull = 1;
48 
49         rval = Tss2_MU_UINT16_Marshal(0, ctx->cmdBuffer,
50                                       ctx->maxCmdSize,
51                                       &ctx->nextData);
52     } else {
53 
54         rval = Tss2_MU_TPM2B_DATA_Marshal(qualifyingData, ctx->cmdBuffer,
55                                           ctx->maxCmdSize,
56                                           &ctx->nextData);
57     }
58 
59     if (rval)
60         return rval;
61 
62     rval =  Tss2_MU_TPM2B_DIGEST_Marshal(creationHash, ctx->cmdBuffer,
63                                          ctx->maxCmdSize,
64                                          &ctx->nextData);
65     if (rval)
66         return rval;
67 
68     rval = Tss2_MU_TPMT_SIG_SCHEME_Marshal(inScheme, ctx->cmdBuffer,
69                                            ctx->maxCmdSize,
70                                            &ctx->nextData);
71     if (rval)
72         return rval;
73 
74     rval = Tss2_MU_TPMT_TK_CREATION_Marshal(creationTicket, ctx->cmdBuffer,
75                                             ctx->maxCmdSize,
76                                             &ctx->nextData);
77     if (rval)
78         return rval;
79 
80     ctx->decryptAllowed = 1;
81     ctx->encryptAllowed = 1;
82     ctx->authAllowed = 1;
83 
84     return CommonPrepareEpilogue(ctx);
85 }
86 
Tss2_Sys_CertifyCreation_Complete(TSS2_SYS_CONTEXT * sysContext,TPM2B_ATTEST * certifyInfo,TPMT_SIGNATURE * signature)87 TSS2_RC Tss2_Sys_CertifyCreation_Complete(
88     TSS2_SYS_CONTEXT *sysContext,
89     TPM2B_ATTEST *certifyInfo,
90     TPMT_SIGNATURE *signature)
91 {
92     _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
93     TSS2_RC rval;
94 
95     if (!ctx)
96         return TSS2_SYS_RC_BAD_REFERENCE;
97 
98     rval = CommonComplete(ctx);
99     if (rval)
100         return rval;
101 
102     rval = Tss2_MU_TPM2B_ATTEST_Unmarshal(ctx->cmdBuffer,
103                                           ctx->maxCmdSize,
104                                           &ctx->nextData,
105                                           certifyInfo);
106     if (rval)
107         return rval;
108 
109     return Tss2_MU_TPMT_SIGNATURE_Unmarshal(ctx->cmdBuffer,
110                                             ctx->maxCmdSize,
111                                             &ctx->nextData,
112                                             signature);
113 }
114 
Tss2_Sys_CertifyCreation(TSS2_SYS_CONTEXT * sysContext,TPMI_DH_OBJECT signHandle,TPMI_DH_OBJECT objectHandle,TSS2L_SYS_AUTH_COMMAND const * cmdAuthsArray,const TPM2B_DATA * qualifyingData,const TPM2B_DIGEST * creationHash,const TPMT_SIG_SCHEME * inScheme,const TPMT_TK_CREATION * creationTicket,TPM2B_ATTEST * certifyInfo,TPMT_SIGNATURE * signature,TSS2L_SYS_AUTH_RESPONSE * rspAuthsArray)115 TSS2_RC Tss2_Sys_CertifyCreation(
116     TSS2_SYS_CONTEXT *sysContext,
117     TPMI_DH_OBJECT signHandle,
118     TPMI_DH_OBJECT objectHandle,
119     TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
120     const TPM2B_DATA *qualifyingData,
121     const TPM2B_DIGEST *creationHash,
122     const TPMT_SIG_SCHEME *inScheme,
123     const TPMT_TK_CREATION *creationTicket,
124     TPM2B_ATTEST *certifyInfo,
125     TPMT_SIGNATURE *signature,
126     TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray)
127 {
128     _TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
129     TSS2_RC rval;
130 
131     if( inScheme == NULL  || creationTicket == NULL  )
132         return TSS2_SYS_RC_BAD_REFERENCE;
133 
134     rval = Tss2_Sys_CertifyCreation_Prepare(sysContext, signHandle, objectHandle,
135                                             qualifyingData, creationHash,
136                                             inScheme, creationTicket);
137     if (rval)
138         return rval;
139 
140     rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
141     if (rval)
142         return rval;
143 
144     return Tss2_Sys_CertifyCreation_Complete(sysContext, certifyInfo, signature);
145 }
146