/src/tpm2/HMAC.c

Source (jump to first uncovered line)
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "HMAC_fp.h"
//
//
//     Error Returns                     Meaning
//
//     TPM_RC_ATTRIBUTES                 key referenced by handle is not a signing key or is a restricted key
//     TPM_RC_TYPE                       key referenced by handle is not an HMAC key
//     TPM_RC_VALUE                      hashAlg is not compatible with the hash algorithm of the scheme of
//                                       the object referenced by handle
//
TPM_RC
TPM2_HMAC(
   HMAC_In           *in,                 // IN: input parameter list
   HMAC_Out          *out                 // OUT: output parameter list
   )
{
   HMAC_STATE                 hmacState;
   OBJECT                    *hmacObject;
   TPMI_ALG_HASH              hashAlg;
   TPMT_PUBLIC               *publicArea;

// Input Validation

   // Get HMAC key object and public area pointers
   hmacObject = ObjectGet(in->handle);
   publicArea = &hmacObject->publicArea;

   // Make sure that the key is an HMAC key
   if(publicArea->type != TPM_ALG_KEYEDHASH)
       return TPM_RC_TYPE + RC_HMAC_handle;

   // and that it is unrestricted
   if(publicArea->objectAttributes.restricted == SET)
       return TPM_RC_ATTRIBUTES + RC_HMAC_handle;

   // and that it is a signing key
   if(publicArea->objectAttributes.sign != SET)
       return TPM_RC_KEY + RC_HMAC_handle;

   // See if the key has a default
   if(publicArea->parameters.keyedHashDetail.scheme.scheme == TPM_ALG_NULL)
       // it doesn't so use the input value
       hashAlg = in->hashAlg;
   else
   {
       // key has a default so use it
       hashAlg
           = publicArea->parameters.keyedHashDetail.scheme.details.hmac.hashAlg;
       // and verify that the input was either the TPM_ALG_NULL or the default
       if(in->hashAlg != TPM_ALG_NULL && in->hashAlg != hashAlg)
           hashAlg = TPM_ALG_NULL;
   }
   // if we ended up without a hash algorith then return an error
   if(hashAlg == TPM_ALG_NULL)
       return TPM_RC_VALUE + RC_HMAC_hashAlg;

// Command Output

  // Start HMAC stack
  out->outHMAC.t.size = CryptStartHMAC2B(hashAlg,
                                         &hmacObject->sensitive.sensitive.bits.b,
                                         &hmacState);
  // Adding HMAC data
  CryptUpdateDigest2B(&hmacState, &in->buffer.b);

  // Complete HMAC
  CryptCompleteHMAC2B(&hmacState, &out->outHMAC.b);

   return TPM_RC_SUCCESS;
}

Coverage Report

Created: 2023-06-07 06:46

Line	Count	Source (jump to first uncovered line)
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "HMAC_fp.h"
10		//
11		//
12		// Error Returns Meaning
13		//
14		// TPM_RC_ATTRIBUTES key referenced by handle is not a signing key or is a restricted key
15		// TPM_RC_TYPE key referenced by handle is not an HMAC key
16		// TPM_RC_VALUE hashAlg is not compatible with the hash algorithm of the scheme of
17		// the object referenced by handle
18		//
19		TPM_RC
20		TPM2_HMAC(
21		HMAC_In *in, // IN: input parameter list
22		HMAC_Out *out // OUT: output parameter list
23		)
24	0	{
25	0	HMAC_STATE hmacState;
26	0	OBJECT *hmacObject;
27	0	TPMI_ALG_HASH hashAlg;
28	0	TPMT_PUBLIC *publicArea;
29
30		// Input Validation
31
32		// Get HMAC key object and public area pointers
33	0	hmacObject = ObjectGet(in->handle);
34	0	publicArea = &hmacObject->publicArea;
35
36		// Make sure that the key is an HMAC key
37	0	if(publicArea->type != TPM_ALG_KEYEDHASH)
38	0	return TPM_RC_TYPE + RC_HMAC_handle;
39
40		// and that it is unrestricted
41	0	if(publicArea->objectAttributes.restricted == SET)
42	0	return TPM_RC_ATTRIBUTES + RC_HMAC_handle;
43
44		// and that it is a signing key
45	0	if(publicArea->objectAttributes.sign != SET)
46	0	return TPM_RC_KEY + RC_HMAC_handle;
47
48		// See if the key has a default
49	0	if(publicArea->parameters.keyedHashDetail.scheme.scheme == TPM_ALG_NULL)
50		// it doesn't so use the input value
51	0	hashAlg = in->hashAlg;
52	0	else
53	0	{
54		// key has a default so use it
55	0	hashAlg
56	0	= publicArea->parameters.keyedHashDetail.scheme.details.hmac.hashAlg;
57		// and verify that the input was either the TPM_ALG_NULL or the default
58	0	if(in->hashAlg != TPM_ALG_NULL && in->hashAlg != hashAlg)
59	0	hashAlg = TPM_ALG_NULL;
60	0	}
61		// if we ended up without a hash algorith then return an error
62	0	if(hashAlg == TPM_ALG_NULL)
63	0	return TPM_RC_VALUE + RC_HMAC_hashAlg;
64
65		// Command Output
66
67		// Start HMAC stack
68	0	out->outHMAC.t.size = CryptStartHMAC2B(hashAlg,
69	0	&hmacObject->sensitive.sensitive.bits.b,
70	0	&hmacState);
71		// Adding HMAC data
72	0	CryptUpdateDigest2B(&hmacState, &in->buffer.b);
73
74		// Complete HMAC
75	0	CryptCompleteHMAC2B(&hmacState, &out->outHMAC.b);
76
77	0	return TPM_RC_SUCCESS;
78	0	}