/src/ms-tpm-20-ref/TPMCmd/tpm/src/command/Object/ActivateCredential.c

Source (jump to first uncovered line)
/* Microsoft Reference Implementation for TPM 2.0
 *
 *  The copyright in this software is being made available under the BSD License,
 *  included below. This software may be subject to other third party and
 *  contributor rights, including patent rights, and no such rights are granted
 *  under this license.
 *
 *  Copyright (c) Microsoft Corporation
 *
 *  All rights reserved.
 *
 *  BSD License
 *
 *  Redistribution and use in source and binary forms, with or without modification,
 *  are permitted provided that the following conditions are met:
 *
 *  Redistributions of source code must retain the above copyright notice, this list
 *  of conditions and the following disclaimer.
 *
 *  Redistributions in binary form must reproduce the above copyright notice, this
 *  list of conditions and the following disclaimer in the documentation and/or
 *  other materials provided with the distribution.
 *
 *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
 *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 *  DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
 *  ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
 *  (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 *  LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
 *  ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 *  (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
#include "Tpm.h"
#include "ActivateCredential_fp.h"

#if CC_ActivateCredential  // Conditional expansion of this file

#  include "Object_spt_fp.h"

/*(See part 3 specification)
// Activate Credential with an object
*/
//  Return Type: TPM_RC
//      TPM_RC_ATTRIBUTES       'keyHandle' does not reference a decryption key
//      TPM_RC_ECC_POINT        'secret' is invalid (when 'keyHandle' is an ECC key)
//      TPM_RC_INSUFFICIENT     'secret' is invalid (when 'keyHandle' is an ECC key)
//      TPM_RC_INTEGRITY        'credentialBlob' fails integrity test
//      TPM_RC_NO_RESULT        'secret' is invalid (when 'keyHandle' is an ECC key)
//      TPM_RC_SIZE             'secret' size is invalid or the 'credentialBlob'
//                              does not unmarshal correctly
//      TPM_RC_TYPE             'keyHandle' does not reference an asymmetric key.
//      TPM_RC_VALUE            'secret' is invalid (when 'keyHandle' is an RSA key)
TPM_RC
TPM2_ActivateCredential(ActivateCredential_In*  in,  // IN: input parameter list
                        ActivateCredential_Out* out  // OUT: output parameter list
)
{
    TPM_RC     result = TPM_RC_SUCCESS;
    OBJECT*    object;          // decrypt key
    OBJECT*    activateObject;  // key associated with credential
    TPM2B_DATA data;            // credential data

    // Input Validation

    // Get decrypt key pointer
    object = HandleToObject(in->keyHandle);

    // Get certificated object pointer
    activateObject = HandleToObject(in->activateHandle);

    // input decrypt key must be an asymmetric, restricted decryption key
    if(!CryptIsAsymAlgorithm(object->publicArea.type)
       || !IS_ATTRIBUTE(object->publicArea.objectAttributes, TPMA_OBJECT, decrypt)
       || !IS_ATTRIBUTE(object->publicArea.objectAttributes, TPMA_OBJECT, restricted))
        return TPM_RCS_TYPE + RC_ActivateCredential_keyHandle;

    // Command output

    // Decrypt input credential data via asymmetric decryption.  A
    // TPM_RC_VALUE, TPM_RC_KEY or unmarshal errors may be returned at this
    // point
    result = CryptSecretDecrypt(object, NULL, IDENTITY_STRING, &in->secret, &data);
    if(result != TPM_RC_SUCCESS)
    {
        if(result == TPM_RC_KEY)
            return TPM_RC_FAILURE;
        return RcSafeAddToResult(result, RC_ActivateCredential_secret);
    }

    // Retrieve secret data.  A TPM_RC_INTEGRITY error or unmarshal
    // errors may be returned at this point
    result = CredentialToSecret(&in->credentialBlob.b,
                                &activateObject->name.b,
                                &data.b,
                                object,
                                &out->certInfo);
    if(result != TPM_RC_SUCCESS)
        return RcSafeAddToResult(result, RC_ActivateCredential_credentialBlob);

    return TPM_RC_SUCCESS;
}

#endif  // CC_ActivateCredential

Line	Count	Source (jump to first uncovered line)
1		/* Microsoft Reference Implementation for TPM 2.0
2		*
3		* The copyright in this software is being made available under the BSD License,
4		* included below. This software may be subject to other third party and
5		* contributor rights, including patent rights, and no such rights are granted
6		* under this license.
7		*
8		* Copyright (c) Microsoft Corporation
9		*
10		* All rights reserved.
11		*
12		* BSD License
13		*
14		* Redistribution and use in source and binary forms, with or without modification,
15		* are permitted provided that the following conditions are met:
16		*
17		* Redistributions of source code must retain the above copyright notice, this list
18		* of conditions and the following disclaimer.
19		*
20		* Redistributions in binary form must reproduce the above copyright notice, this
21		* list of conditions and the following disclaimer in the documentation and/or
22		* other materials provided with the distribution.
23		*
24		* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ""AS IS""
25		* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
27		* DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
28		* ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
29		* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
30		* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
31		* ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32		* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
33		* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34		*/
35		#include "Tpm.h"
36		#include "ActivateCredential_fp.h"
37
38		#if CC_ActivateCredential // Conditional expansion of this file
39
40		# include "Object_spt_fp.h"
41
42		/*(See part 3 specification)
43		// Activate Credential with an object
44		*/
45		// Return Type: TPM_RC
46		// TPM_RC_ATTRIBUTES 'keyHandle' does not reference a decryption key
47		// TPM_RC_ECC_POINT 'secret' is invalid (when 'keyHandle' is an ECC key)
48		// TPM_RC_INSUFFICIENT 'secret' is invalid (when 'keyHandle' is an ECC key)
49		// TPM_RC_INTEGRITY 'credentialBlob' fails integrity test
50		// TPM_RC_NO_RESULT 'secret' is invalid (when 'keyHandle' is an ECC key)
51		// TPM_RC_SIZE 'secret' size is invalid or the 'credentialBlob'
52		// does not unmarshal correctly
53		// TPM_RC_TYPE 'keyHandle' does not reference an asymmetric key.
54		// TPM_RC_VALUE 'secret' is invalid (when 'keyHandle' is an RSA key)
55		TPM_RC
56		TPM2_ActivateCredential(ActivateCredential_In* in, // IN: input parameter list
57		ActivateCredential_Out* out // OUT: output parameter list
58		)
59	0	{
60	0	TPM_RC result = TPM_RC_SUCCESS;
61	0	OBJECT* object; // decrypt key
62	0	OBJECT* activateObject; // key associated with credential
63	0	TPM2B_DATA data; // credential data
64
65		// Input Validation
66
67		// Get decrypt key pointer
68	0	object = HandleToObject(in->keyHandle);
69
70		// Get certificated object pointer
71	0	activateObject = HandleToObject(in->activateHandle);
72
73		// input decrypt key must be an asymmetric, restricted decryption key
74	0	if(!CryptIsAsymAlgorithm(object->publicArea.type)
75	0	\|\| !IS_ATTRIBUTE(object->publicArea.objectAttributes, TPMA_OBJECT, decrypt)
76	0	\|\| !IS_ATTRIBUTE(object->publicArea.objectAttributes, TPMA_OBJECT, restricted))
77	0	return TPM_RCS_TYPE + RC_ActivateCredential_keyHandle;
78
79		// Command output
80
81		// Decrypt input credential data via asymmetric decryption. A
82		// TPM_RC_VALUE, TPM_RC_KEY or unmarshal errors may be returned at this
83		// point
84	0	result = CryptSecretDecrypt(object, NULL, IDENTITY_STRING, &in->secret, &data);
85	0	if(result != TPM_RC_SUCCESS)
86	0	{
87	0	if(result == TPM_RC_KEY)
88	0	return TPM_RC_FAILURE;
89	0	return RcSafeAddToResult(result, RC_ActivateCredential_secret);
90	0	}
91
92		// Retrieve secret data. A TPM_RC_INTEGRITY error or unmarshal
93		// errors may be returned at this point
94	0	result = CredentialToSecret(&in->credentialBlob.b,
95	0	&activateObject->name.b,
96	0	&data.b,
97	0	object,
98	0	&out->certInfo);
99	0	if(result != TPM_RC_SUCCESS)
100	0	return RcSafeAddToResult(result, RC_ActivateCredential_credentialBlob);
101
102	0	return TPM_RC_SUCCESS;
103	0	}
104
105		#endif // CC_ActivateCredential

Coverage Report

Created: 2024-10-04 06:14