/src/tpm2/VerifySignature.c

Source (jump to first uncovered line)
// This file was extracted from the TCG Published
// Trusted Platform Module Library
// Part 3: Commands
// Family "2.0"
// Level 00 Revision 01.16
// October 30, 2014

#include "InternalRoutines.h"
#include "VerifySignature_fp.h"
//
//
//     Error Returns                     Meaning
//
//     TPM_RC_ATTRIBUTES                 keyHandle does not reference a signing key
//     TPM_RC_SIGNATURE                  signature is not genuine
//     TPM_RC_SCHEME                     CryptVerifySignature()
//     TPM_RC_HANDLE                     the input handle is references an HMAC key but the private portion is
//                                       not loaded
//
TPM_RC
TPM2_VerifySignature(
   VerifySignature_In        *in,                   // IN: input parameter list
   VerifySignature_Out       *out                   // OUT: output parameter list
   )
{
   TPM_RC                     result;
   TPM2B_NAME                 name;
   OBJECT                    *signObject;
   TPMI_RH_HIERARCHY          hierarchy;

// Input Validation

   // Get sign object pointer
   signObject = ObjectGet(in->keyHandle);

   // The object to validate the signature must be a signing key.
   if(signObject->publicArea.objectAttributes.sign != SET)
       return TPM_RC_ATTRIBUTES + RC_VerifySignature_keyHandle;

   // Validate Signature. TPM_RC_SCHEME, TPM_RC_HANDLE or TPM_RC_SIGNATURE
   // error may be returned by CryptCVerifySignatrue()
   result = CryptVerifySignature(in->keyHandle, &in->digest, &in->signature);
   if(result != TPM_RC_SUCCESS)
       return RcSafeAddToResult(result, RC_VerifySignature_signature);

// Command Output

   hierarchy = ObjectGetHierarchy(in->keyHandle);
   if(   hierarchy == TPM_RH_NULL
      || signObject->publicArea.nameAlg == TPM_ALG_NULL)
   {
       // produce empty ticket if hierarchy is TPM_RH_NULL or nameAlg is
       // TPM_ALG_NULL
       out->validation.tag = TPM_ST_VERIFIED;
       out->validation.hierarchy = TPM_RH_NULL;
       out->validation.digest.t.size = 0;
   }
   else
   {
       // Get object name that verifies the signature
       name.t.size = ObjectGetName(in->keyHandle, &name.t.name);
       // Compute ticket
       TicketComputeVerified(hierarchy, &in->digest, &name, &out->validation);
   }

   return TPM_RC_SUCCESS;
}

Coverage Report

Created: 2025-08-28 06:05

Line	Count	Source (jump to first uncovered line)
1		// This file was extracted from the TCG Published
2		// Trusted Platform Module Library
3		// Part 3: Commands
4		// Family "2.0"
5		// Level 00 Revision 01.16
6		// October 30, 2014
7
8		#include "InternalRoutines.h"
9		#include "VerifySignature_fp.h"
10		//
11		//
12		// Error Returns Meaning
13		//
14		// TPM_RC_ATTRIBUTES keyHandle does not reference a signing key
15		// TPM_RC_SIGNATURE signature is not genuine
16		// TPM_RC_SCHEME CryptVerifySignature()
17		// TPM_RC_HANDLE the input handle is references an HMAC key but the private portion is
18		// not loaded
19		//
20		TPM_RC
21		TPM2_VerifySignature(
22		VerifySignature_In *in, // IN: input parameter list
23		VerifySignature_Out *out // OUT: output parameter list
24		)
25	0	{
26	0	TPM_RC result;
27	0	TPM2B_NAME name;
28	0	OBJECT *signObject;
29	0	TPMI_RH_HIERARCHY hierarchy;
30
31		// Input Validation
32
33		// Get sign object pointer
34	0	signObject = ObjectGet(in->keyHandle);
35
36		// The object to validate the signature must be a signing key.
37	0	if(signObject->publicArea.objectAttributes.sign != SET)
38	0	return TPM_RC_ATTRIBUTES + RC_VerifySignature_keyHandle;
39
40		// Validate Signature. TPM_RC_SCHEME, TPM_RC_HANDLE or TPM_RC_SIGNATURE
41		// error may be returned by CryptCVerifySignatrue()
42	0	result = CryptVerifySignature(in->keyHandle, &in->digest, &in->signature);
43	0	if(result != TPM_RC_SUCCESS)
44	0	return RcSafeAddToResult(result, RC_VerifySignature_signature);
45
46		// Command Output
47
48	0	hierarchy = ObjectGetHierarchy(in->keyHandle);
49	0	if( hierarchy == TPM_RH_NULL
50	0	\|\| signObject->publicArea.nameAlg == TPM_ALG_NULL)
51	0	{
52		// produce empty ticket if hierarchy is TPM_RH_NULL or nameAlg is
53		// TPM_ALG_NULL
54	0	out->validation.tag = TPM_ST_VERIFIED;
55	0	out->validation.hierarchy = TPM_RH_NULL;
56	0	out->validation.digest.t.size = 0;
57	0	}
58	0	else
59	0	{
60		// Get object name that verifies the signature
61	0	name.t.size = ObjectGetName(in->keyHandle, &name.t.name);
62		// Compute ticket
63	0	TicketComputeVerified(hierarchy, &in->digest, &name, &out->validation);
64	0	}
65
66	0	return TPM_RC_SUCCESS;
67	0	}