/src/tpm2/ObjectChangeAuth.c

Source (jump to first uncovered line)
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "ObjectChangeAuth_fp.h"
#include "Object_spt_fp.h"
//
//
//     Error Returns               Meaning
//
//     TPM_RC_SIZE                 newAuth is larger than the size of the digest of the Name algorithm of
//                                 objectHandle
//     TPM_RC_TYPE                 the key referenced by parentHandle is not the parent of the object
//                                 referenced by objectHandle; or objectHandle is a sequence object.
//
TPM_RC
TPM2_ObjectChangeAuth(
   ObjectChangeAuth_In    *in,                // IN: input parameter list
   ObjectChangeAuth_Out   *out                // OUT: output parameter list
   )
{
   TPMT_SENSITIVE          sensitive;

   OBJECT                 *object;
   TPM2B_NAME              objectQN, QNCompare;
   TPM2B_NAME              parentQN;

// Input Validation

   // Get object pointer
   object = ObjectGet(in->objectHandle);

   // Can not change auth on sequence object
   if(ObjectIsSequence(object))
       return TPM_RC_TYPE + RC_ObjectChangeAuth_objectHandle;

   // Make sure that the auth value is consistent with the nameAlg
   if( MemoryRemoveTrailingZeros(&in->newAuth)
           > CryptGetHashDigestSize(object->publicArea.nameAlg))
       return TPM_RC_SIZE + RC_ObjectChangeAuth_newAuth;

   // Check parent for object
   // parent handle must be the parent of object handle. In this
   // implementation we verify this by checking the QN of object. Other
   // implementation may choose different method to verify this attribute.
   ObjectGetQualifiedName(in->parentHandle, &parentQN);
   ObjectComputeQualifiedName(&parentQN, object->publicArea.nameAlg,
                              &object->name, &QNCompare);

   ObjectGetQualifiedName(in->objectHandle, &objectQN);
   if(!Memory2BEqual(&objectQN.b, &QNCompare.b))
       return TPM_RC_TYPE + RC_ObjectChangeAuth_parentHandle;

// Command Output

   // Copy internal sensitive area
   sensitive = object->sensitive;
   // Copy authValue
   sensitive.authValue = in->newAuth;

   // Prepare output private data from sensitive
   SensitiveToPrivate(&sensitive, &object->name, in->parentHandle,
                      object->publicArea.nameAlg,
                       &out->outPrivate);

   return TPM_RC_SUCCESS;
}

Coverage Report

Created: 2025-08-03 06:30

Line	Count	Source (jump to first uncovered line)
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "ObjectChangeAuth_fp.h"
10		#include "Object_spt_fp.h"
11		//
12		//
13		// Error Returns Meaning
14		//
15		// TPM_RC_SIZE newAuth is larger than the size of the digest of the Name algorithm of
16		// objectHandle
17		// TPM_RC_TYPE the key referenced by parentHandle is not the parent of the object
18		// referenced by objectHandle; or objectHandle is a sequence object.
19		//
20		TPM_RC
21		TPM2_ObjectChangeAuth(
22		ObjectChangeAuth_In *in, // IN: input parameter list
23		ObjectChangeAuth_Out *out // OUT: output parameter list
24		)
25	0	{
26	0	TPMT_SENSITIVE sensitive;
27
28	0	OBJECT *object;
29	0	TPM2B_NAME objectQN, QNCompare;
30	0	TPM2B_NAME parentQN;
31
32		// Input Validation
33
34		// Get object pointer
35	0	object = ObjectGet(in->objectHandle);
36
37		// Can not change auth on sequence object
38	0	if(ObjectIsSequence(object))
39	0	return TPM_RC_TYPE + RC_ObjectChangeAuth_objectHandle;
40
41		// Make sure that the auth value is consistent with the nameAlg
42	0	if( MemoryRemoveTrailingZeros(&in->newAuth)
43	0	> CryptGetHashDigestSize(object->publicArea.nameAlg))
44	0	return TPM_RC_SIZE + RC_ObjectChangeAuth_newAuth;
45
46		// Check parent for object
47		// parent handle must be the parent of object handle. In this
48		// implementation we verify this by checking the QN of object. Other
49		// implementation may choose different method to verify this attribute.
50	0	ObjectGetQualifiedName(in->parentHandle, &parentQN);
51	0	ObjectComputeQualifiedName(&parentQN, object->publicArea.nameAlg,
52	0	&object->name, &QNCompare);
53
54	0	ObjectGetQualifiedName(in->objectHandle, &objectQN);
55	0	if(!Memory2BEqual(&objectQN.b, &QNCompare.b))
56	0	return TPM_RC_TYPE + RC_ObjectChangeAuth_parentHandle;
57
58		// Command Output
59
60		// Copy internal sensitive area
61	0	sensitive = object->sensitive;
62		// Copy authValue
63	0	sensitive.authValue = in->newAuth;
64
65		// Prepare output private data from sensitive
66	0	SensitiveToPrivate(&sensitive, &object->name, in->parentHandle,
67	0	object->publicArea.nameAlg,
68	0	&out->outPrivate);
69
70	0	return TPM_RC_SUCCESS;
71	0	}