/src/tpm2-tss/src/tss2-sys/api/Tss2_Sys_CertifyX509.c

Source
/* SPDX-License-Identifier: BSD-2-Clause */
/***********************************************************************;
 * Copyright (c) 2020, Intel Corporation
 * All rights reserved.
 ***********************************************************************/

#ifdef HAVE_CONFIG_H
#include "config.h" // IWYU pragma: keep
#endif

#include "sysapi_util.h"     // for _TSS2_SYS_CONTEXT_BLOB, syscontext_cast
#include "tss2_common.h"     // for TSS2_RC, TSS2_SYS_RC_BAD_REFERENCE, TSS...
#include "tss2_mu.h"         // for Tss2_MU_UINT32_Marshal, Tss2_MU_TPM2B_D...
#include "tss2_sys.h"        // for TSS2_SYS_CONTEXT, TSS2L_SYS_AUTH_COMMAND
#include "tss2_tpm2_types.h" // for TPM2B_MAX_BUFFER, TPMI_DH_OBJECT, TPM2B...

TSS2_RC
Tss2_Sys_CertifyX509_Prepare(TSS2_SYS_CONTEXT       *sysContext,
                             TPMI_DH_OBJECT          objectHandle,
                             TPMI_DH_OBJECT          signHandle,
                             const TPM2B_DATA       *reserved,
                             const TPMT_SIG_SCHEME  *inScheme,
                             const TPM2B_MAX_BUFFER *partialCertificate) {
    TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
    TSS2_RC                rval;

    if (!ctx || !reserved || !inScheme || !partialCertificate)
        return TSS2_SYS_RC_BAD_REFERENCE;

    /* reserved has to be an empty buffer */
    if (reserved->size > 0)
        return TSS2_SYS_RC_BAD_VALUE;

    rval = CommonPreparePrologue(ctx, TPM2_CC_CertifyX509);
    if (rval)
        return rval;

    rval = Tss2_MU_UINT32_Marshal(objectHandle, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData);
    if (rval)
        return rval;

    rval = Tss2_MU_UINT32_Marshal(signHandle, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData);
    if (rval)
        return rval;

    rval = Tss2_MU_TPM2B_DATA_Marshal(reserved, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData);
    if (rval)
        return rval;

    rval = Tss2_MU_TPMT_SIG_SCHEME_Marshal(inScheme, ctx->cmdBuffer, ctx->maxCmdSize,
                                           &ctx->nextData);
    if (rval)
        return rval;

    rval = Tss2_MU_TPM2B_MAX_BUFFER_Marshal(partialCertificate, ctx->cmdBuffer, ctx->maxCmdSize,
                                            &ctx->nextData);
    if (rval)
        return rval;

    ctx->decryptAllowed = 1;
    ctx->encryptAllowed = 1;
    ctx->authAllowed = 1;

    return CommonPrepareEpilogue(ctx);
}

TSS2_RC
Tss2_Sys_CertifyX509_Complete(TSS2_SYS_CONTEXT *sysContext,
                              TPM2B_MAX_BUFFER *addedToCertificate,
                              TPM2B_DIGEST     *tbsDigest,
                              TPMT_SIGNATURE   *signature) {
    TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
    TSS2_RC                rval;

    if (!ctx)
        return TSS2_SYS_RC_BAD_REFERENCE;

    rval = CommonComplete(ctx);
    if (rval)
        return rval;

    rval = Tss2_MU_TPM2B_MAX_BUFFER_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData,
                                              addedToCertificate);
    if (rval)
        return rval;

    rval = Tss2_MU_TPM2B_DIGEST_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData,
                                          tbsDigest);
    if (rval)
        return rval;

    return Tss2_MU_TPMT_SIGNATURE_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData,
                                            signature);
}

TSS2_RC
Tss2_Sys_CertifyX509(TSS2_SYS_CONTEXT             *sysContext,
                     TPMI_DH_OBJECT                objectHandle,
                     TPMI_DH_OBJECT                signHandle,
                     TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
                     const TPM2B_DATA             *reserved,
                     const TPMT_SIG_SCHEME        *inScheme,
                     const TPM2B_MAX_BUFFER       *partialCertificate,
                     TPM2B_MAX_BUFFER             *addedToCertificate,
                     TPM2B_DIGEST                 *tbsDigest,
                     TPMT_SIGNATURE               *signature,
                     TSS2L_SYS_AUTH_RESPONSE      *rspAuthsArray) {
    TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
    TSS2_RC                rval;

    rval = Tss2_Sys_CertifyX509_Prepare(sysContext, objectHandle, signHandle, reserved, inScheme,
                                        partialCertificate);
    if (rval)
        return rval;

    rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
    if (rval)
        return rval;

    return Tss2_Sys_CertifyX509_Complete(sysContext, addedToCertificate, tbsDigest, signature);
}

Line	Count	Source
1		/* SPDX-License-Identifier: BSD-2-Clause */
2		/***********************************************************************;
3		* Copyright (c) 2020, Intel Corporation
4		* All rights reserved.
5		***********************************************************************/
6
7		#ifdef HAVE_CONFIG_H
8		#include "config.h" // IWYU pragma: keep
9		#endif
10
11		#include "sysapi_util.h" // for _TSS2_SYS_CONTEXT_BLOB, syscontext_cast
12		#include "tss2_common.h" // for TSS2_RC, TSS2_SYS_RC_BAD_REFERENCE, TSS...
13		#include "tss2_mu.h" // for Tss2_MU_UINT32_Marshal, Tss2_MU_TPM2B_D...
14		#include "tss2_sys.h" // for TSS2_SYS_CONTEXT, TSS2L_SYS_AUTH_COMMAND
15		#include "tss2_tpm2_types.h" // for TPM2B_MAX_BUFFER, TPMI_DH_OBJECT, TPM2B...
16
17		TSS2_RC
18		Tss2_Sys_CertifyX509_Prepare(TSS2_SYS_CONTEXT *sysContext,
19		TPMI_DH_OBJECT objectHandle,
20		TPMI_DH_OBJECT signHandle,
21		const TPM2B_DATA *reserved,
22		const TPMT_SIG_SCHEME *inScheme,
23	0	const TPM2B_MAX_BUFFER *partialCertificate) {
24	0	TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
25	0	TSS2_RC rval;
26
27	0	if (!ctx \|\| !reserved \|\| !inScheme \|\| !partialCertificate)
28	0	return TSS2_SYS_RC_BAD_REFERENCE;
29
30		/* reserved has to be an empty buffer */
31	0	if (reserved->size > 0)
32	0	return TSS2_SYS_RC_BAD_VALUE;
33
34	0	rval = CommonPreparePrologue(ctx, TPM2_CC_CertifyX509);
35	0	if (rval)
36	0	return rval;
37
38	0	rval = Tss2_MU_UINT32_Marshal(objectHandle, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData);
39	0	if (rval)
40	0	return rval;
41
42	0	rval = Tss2_MU_UINT32_Marshal(signHandle, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData);
43	0	if (rval)
44	0	return rval;
45
46	0	rval = Tss2_MU_TPM2B_DATA_Marshal(reserved, ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData);
47	0	if (rval)
48	0	return rval;
49
50	0	rval = Tss2_MU_TPMT_SIG_SCHEME_Marshal(inScheme, ctx->cmdBuffer, ctx->maxCmdSize,
51	0	&ctx->nextData);
52	0	if (rval)
53	0	return rval;
54
55	0	rval = Tss2_MU_TPM2B_MAX_BUFFER_Marshal(partialCertificate, ctx->cmdBuffer, ctx->maxCmdSize,
56	0	&ctx->nextData);
57	0	if (rval)
58	0	return rval;
59
60	0	ctx->decryptAllowed = 1;
61	0	ctx->encryptAllowed = 1;
62	0	ctx->authAllowed = 1;
63
64	0	return CommonPrepareEpilogue(ctx);
65	0	}
66
67		TSS2_RC
68		Tss2_Sys_CertifyX509_Complete(TSS2_SYS_CONTEXT *sysContext,
69		TPM2B_MAX_BUFFER *addedToCertificate,
70		TPM2B_DIGEST *tbsDigest,
71	0	TPMT_SIGNATURE *signature) {
72	0	TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
73	0	TSS2_RC rval;
74
75	0	if (!ctx)
76	0	return TSS2_SYS_RC_BAD_REFERENCE;
77
78	0	rval = CommonComplete(ctx);
79	0	if (rval)
80	0	return rval;
81
82	0	rval = Tss2_MU_TPM2B_MAX_BUFFER_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData,
83	0	addedToCertificate);
84	0	if (rval)
85	0	return rval;
86
87	0	rval = Tss2_MU_TPM2B_DIGEST_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData,
88	0	tbsDigest);
89	0	if (rval)
90	0	return rval;
91
92	0	return Tss2_MU_TPMT_SIGNATURE_Unmarshal(ctx->cmdBuffer, ctx->maxCmdSize, &ctx->nextData,
93	0	signature);
94	0	}
95
96		TSS2_RC
97		Tss2_Sys_CertifyX509(TSS2_SYS_CONTEXT *sysContext,
98		TPMI_DH_OBJECT objectHandle,
99		TPMI_DH_OBJECT signHandle,
100		TSS2L_SYS_AUTH_COMMAND const *cmdAuthsArray,
101		const TPM2B_DATA *reserved,
102		const TPMT_SIG_SCHEME *inScheme,
103		const TPM2B_MAX_BUFFER *partialCertificate,
104		TPM2B_MAX_BUFFER *addedToCertificate,
105		TPM2B_DIGEST *tbsDigest,
106		TPMT_SIGNATURE *signature,
107	0	TSS2L_SYS_AUTH_RESPONSE *rspAuthsArray) {
108	0	TSS2_SYS_CONTEXT_BLOB *ctx = syscontext_cast(sysContext);
109	0	TSS2_RC rval;
110
111	0	rval = Tss2_Sys_CertifyX509_Prepare(sysContext, objectHandle, signHandle, reserved, inScheme,
112	0	partialCertificate);
113	0	if (rval)
114	0	return rval;
115
116	0	rval = CommonOneCall(ctx, cmdAuthsArray, rspAuthsArray);
117	0	if (rval)
118	0	return rval;
119
120	0	return Tss2_Sys_CertifyX509_Complete(sysContext, addedToCertificate, tbsDigest, signature);
121	0	}

Coverage Report

Created: 2026-03-31 07:07