PolicySigned.c - chromiumos/third_party/tpm2 - Git at Google

 // This file was extracted from the TCG Published
 // Trusted Platform Module Library
 // Part 3: Commands
 // Family "2.0"
 // Level 00 Revision 01.16
 // October 30, 2014

 #include "InternalRoutines.h"
 #include "Policy_spt_fp.h"
 #include "PolicySigned_fp.h"
 //
 //
 //     Error Returns                     Meaning
 //
 //     TPM_RC_CPHASH                     cpHash was previously set to a different value
 //     TPM_RC_EXPIRED                    expiration indicates a time in the past or expiration is non-zero but no
 //                                       nonceTPM is present
 //     TPM_RC_HANDLE                     authObject need to have sensitive portion loaded
 //     TPM_RC_KEY                        authObject is not a signing scheme
 //     TPM_RC_NONCE                      nonceTPM is not the nonce associated with the policySession
 //     TPM_RC_SCHEME                     the signing scheme of auth is not supported by the TPM
 //     TPM_RC_SIGNATURE                  the signature is not genuine
 //     TPM_RC_SIZE                       input cpHash has wrong size
 //     TPM_RC_VALUE                      input policyID or expiration does not match the internal data in policy
 //                                       session
 //
 TPM_RC
 TPM2_PolicySigned(
    PolicySigned_In       *in,                  // IN: input parameter list
    PolicySigned_Out      *out                  // OUT: output parameter list
    )
 {
    TPM_RC                     result = TPM_RC_SUCCESS;
    SESSION                   *session;
    TPM2B_NAME                 entityName;
    TPM2B_DIGEST               authHash;
    HASH_STATE                 hashState;
    UINT32                     expiration = (in->expiration < 0)
                                            ? -(in->expiration) : in->expiration;
    UINT64                     authTimeout = 0;

 // Input Validation

    // Set up local pointers
    session = SessionGet(in->policySession);               // the session structure

    // Only do input validation if this is not a trial policy session
    if(session->attributes.isTrialPolicy == CLEAR)
    {
        if(expiration != 0)
            authTimeout = expiration * 1000 + session->startTime;

        result = PolicyParameterChecks(session, authTimeout,
                                        &in->cpHashA, &in->nonceTPM,
                                        RC_PolicySigned_nonceTPM,
                                        RC_PolicySigned_cpHashA,
                                        RC_PolicySigned_expiration);
        if(result != TPM_RC_SUCCESS)
            return result;

        // Re-compute the digest being signed
        /*(See part 3 specification)
        // The digest is computed as:
        //     aHash := hash ( nonceTPM | expiration | cpHashA | policyRef)
        // where:
        //      hash()      the hash associated with the signed auth
        //      nonceTPM    the nonceTPM value from the TPM2_StartAuthSession .
        //                  response If the authorization is not limited to this
        //                  session, the size of this value is zero.
        //      expiration time limit on authorization set by authorizing object.
        //                  This 32-bit value is set to zero if the expiration
        //                  time is not being set.
        //      cpHashA     hash of the command parameters for the command being
        //                  approved using the hash algorithm of the PSAP session.
        //                  Set to NULLauth if the authorization is not limited
        //                  to a specific command.
        //      policyRef   hash of an opaque value determined by the authorizing
        //                  object. Set to the NULLdigest if no hash is present.
        */
        // Start hash
        authHash.t.size = CryptStartHash(CryptGetSignHashAlg(&in->auth),
                                         &hashState);

        // add nonceTPM
        CryptUpdateDigest2B(&hashState, &in->nonceTPM.b);

        // add expiration
        CryptUpdateDigestInt(&hashState, sizeof(UINT32), (BYTE*) &in->expiration);

        // add cpHashA
        CryptUpdateDigest2B(&hashState, &in->cpHashA.b);

        // add policyRef
        CryptUpdateDigest2B(&hashState, &in->policyRef.b);

        // Complete digest
        CryptCompleteHash2B(&hashState, &authHash.b);

        // Validate Signature. A TPM_RC_SCHEME, TPM_RC_HANDLE or TPM_RC_SIGNATURE
        // error may be returned at this point
        result = CryptVerifySignature(in->authObject, &authHash, &in->auth);
        if(result != TPM_RC_SUCCESS)
            return RcSafeAddToResult(result, RC_PolicySigned_auth);
    }
 // Internal Data Update
    // Need the Name of the signing entity
    entityName.t.size = EntityGetName(in->authObject, &entityName.t.name);

    // Update policy with input policyRef and name of auth key
    // These values are updated even if the session is a trial session
    PolicyContextUpdate(TPM_CC_PolicySigned, &entityName, &in->policyRef,
                        &in->cpHashA, authTimeout, session);

 // Command Output

    // Create ticket and timeout buffer if in->expiration < 0 and this is not
    // a trial session.
    // NOTE: PolicyParameterChecks() makes sure that nonceTPM is present
    // when expiration is non-zero.
    if(   in->expiration < 0
       && session->attributes.isTrialPolicy == CLEAR
      )
    {
        // Generate timeout buffer. The format of output timeout buffer is
        // TPM-specific.
        // Note: can't do a direct copy because the output buffer is a byte
        // array and it may not be aligned to accept a 64-bit value. The method
        // used has the side-effect of making the returned value a big-endian,
        // 64-bit value that is byte aligned.
        out->timeout.t.size = sizeof(UINT64);
        UINT64_TO_BYTE_ARRAY(authTimeout, out->timeout.t.buffer);

        // Compute policy ticket
        TicketComputeAuth(TPM_ST_AUTH_SIGNED, EntityGetHierarchy(in->authObject),
                          authTimeout, &in->cpHashA, &in->policyRef, &entityName,
                          &out->policyTicket);
    }
    else
    {
        // Generate a null ticket.
        // timeout buffer is null
        out->timeout.t.size = 0;

        // auth ticket is null
        out->policyTicket.tag = TPM_ST_AUTH_SIGNED;
        out->policyTicket.hierarchy = TPM_RH_NULL;
        out->policyTicket.digest.t.size = 0;
    }

    return TPM_RC_SUCCESS;
 }
	// This file was extracted from the TCG Published
	// Trusted Platform Module Library
	// Part 3: Commands
	// Family "2.0"
	// Level 00 Revision 01.16
	// October 30, 2014

	#include "InternalRoutines.h"
	#include "Policy_spt_fp.h"
	#include "PolicySigned_fp.h"
	//
	//
	// Error Returns Meaning
	//
	// TPM_RC_CPHASH cpHash was previously set to a different value
	// TPM_RC_EXPIRED expiration indicates a time in the past or expiration is non-zero but no
	// nonceTPM is present
	// TPM_RC_HANDLE authObject need to have sensitive portion loaded
	// TPM_RC_KEY authObject is not a signing scheme
	// TPM_RC_NONCE nonceTPM is not the nonce associated with the policySession
	// TPM_RC_SCHEME the signing scheme of auth is not supported by the TPM
	// TPM_RC_SIGNATURE the signature is not genuine
	// TPM_RC_SIZE input cpHash has wrong size
	// TPM_RC_VALUE input policyID or expiration does not match the internal data in policy
	// session
	//
	TPM_RC
	TPM2_PolicySigned(
	PolicySigned_In *in, // IN: input parameter list
	PolicySigned_Out *out // OUT: output parameter list
	)
	{
	TPM_RC result = TPM_RC_SUCCESS;
	SESSION *session;
	TPM2B_NAME entityName;
	TPM2B_DIGEST authHash;
	HASH_STATE hashState;
	UINT32 expiration = (in->expiration < 0)
	? -(in->expiration) : in->expiration;
	UINT64 authTimeout = 0;

	// Input Validation

	// Set up local pointers
	session = SessionGet(in->policySession); // the session structure

	// Only do input validation if this is not a trial policy session
	if(session->attributes.isTrialPolicy == CLEAR)
	{
	if(expiration != 0)
	authTimeout = expiration * 1000 + session->startTime;

	result = PolicyParameterChecks(session, authTimeout,
	&in->cpHashA, &in->nonceTPM,
	RC_PolicySigned_nonceTPM,
	RC_PolicySigned_cpHashA,
	RC_PolicySigned_expiration);
	if(result != TPM_RC_SUCCESS)
	return result;

	// Re-compute the digest being signed
	/*(See part 3 specification)
	// The digest is computed as:
	// aHash := hash ( nonceTPM \| expiration \| cpHashA \| policyRef)
	// where:
	// hash() the hash associated with the signed auth
	// nonceTPM the nonceTPM value from the TPM2_StartAuthSession .
	// response If the authorization is not limited to this
	// session, the size of this value is zero.
	// expiration time limit on authorization set by authorizing object.
	// This 32-bit value is set to zero if the expiration
	// time is not being set.
	// cpHashA hash of the command parameters for the command being
	// approved using the hash algorithm of the PSAP session.
	// Set to NULLauth if the authorization is not limited
	// to a specific command.
	// policyRef hash of an opaque value determined by the authorizing
	// object. Set to the NULLdigest if no hash is present.
	*/
	// Start hash
	authHash.t.size = CryptStartHash(CryptGetSignHashAlg(&in->auth),
	&hashState);

	// add nonceTPM
	CryptUpdateDigest2B(&hashState, &in->nonceTPM.b);

	// add expiration
	CryptUpdateDigestInt(&hashState, sizeof(UINT32), (BYTE*) &in->expiration);

	// add cpHashA
	CryptUpdateDigest2B(&hashState, &in->cpHashA.b);

	// add policyRef
	CryptUpdateDigest2B(&hashState, &in->policyRef.b);

	// Complete digest
	CryptCompleteHash2B(&hashState, &authHash.b);

	// Validate Signature. A TPM_RC_SCHEME, TPM_RC_HANDLE or TPM_RC_SIGNATURE
	// error may be returned at this point
	result = CryptVerifySignature(in->authObject, &authHash, &in->auth);
	if(result != TPM_RC_SUCCESS)
	return RcSafeAddToResult(result, RC_PolicySigned_auth);
	}
	// Internal Data Update
	// Need the Name of the signing entity
	entityName.t.size = EntityGetName(in->authObject, &entityName.t.name);

	// Update policy with input policyRef and name of auth key
	// These values are updated even if the session is a trial session
	PolicyContextUpdate(TPM_CC_PolicySigned, &entityName, &in->policyRef,
	&in->cpHashA, authTimeout, session);

	// Command Output

	// Create ticket and timeout buffer if in->expiration < 0 and this is not
	// a trial session.
	// NOTE: PolicyParameterChecks() makes sure that nonceTPM is present
	// when expiration is non-zero.
	if( in->expiration < 0
	&& session->attributes.isTrialPolicy == CLEAR
	)
	{
	// Generate timeout buffer. The format of output timeout buffer is
	// TPM-specific.
	// Note: can't do a direct copy because the output buffer is a byte
	// array and it may not be aligned to accept a 64-bit value. The method
	// used has the side-effect of making the returned value a big-endian,
	// 64-bit value that is byte aligned.
	out->timeout.t.size = sizeof(UINT64);
	UINT64_TO_BYTE_ARRAY(authTimeout, out->timeout.t.buffer);

	// Compute policy ticket
	TicketComputeAuth(TPM_ST_AUTH_SIGNED, EntityGetHierarchy(in->authObject),
	authTimeout, &in->cpHashA, &in->policyRef, &entityName,
	&out->policyTicket);
	}
	else
	{
	// Generate a null ticket.
	// timeout buffer is null
	out->timeout.t.size = 0;

	// auth ticket is null
	out->policyTicket.tag = TPM_ST_AUTH_SIGNED;
	out->policyTicket.hierarchy = TPM_RH_NULL;
	out->policyTicket.digest.t.size = 0;
	}

	return TPM_RC_SUCCESS;
	}